protected byte[] SendAndRecieveLdapAp(LdapServer ldapServer, byte[] gssApiToken, KerberosConstValue.GSSToken gssToken)
{
SocketTransportConfig transportConfig = new SocketTransportConfig();
transportConfig.RemoteIpAddress = System.Net.IPAddress.Parse(ldapServer.IPAddress);
transportConfig.RemoteIpPort = ldapServer.LdapPort;
transportConfig.BufferSize = 8192;
transportConfig.Type = StackTransportType.Tcp;
transportConfig.Role = Role.Client;
AdtsLdapClient ldapClient = new AdtsLdapClient(AdtsLdapVersion.V3, transportConfig);
ldapClient.Connect();
string gss = (gssToken == KerberosConstValue.GSSToken.GSSSPNG) ? "GSS-SPNEGO" : "GSSAPI";
AdtsBindRequestPacket bindRequest = ldapClient.CreateSaslBindRequest(gss, gssApiToken);
ldapClient.SendPacket(bindRequest);
AdtsLdapPacket response = ldapClient.ExpectPacket(KerberosConstValue.TIMEOUT_DEFAULT);
BaseTestSite.Assert.IsNotNull(response, "Ldap response should not be null");
BaseTestSite.Assert.IsInstanceOfType(response, typeof(AdtsBindResponsePacket), "Ldap response should be a bind response.");
AdtsBindResponsePacket bindResponse = (AdtsBindResponsePacket)response;
//Response code is 14, Sasl Bind In Progress, need future investigate
byte[] repToken = ((BindResponse)bindResponse.GetInnerRequestOrResponse()).serverSaslCreds.ByteArrayValue;
return(repToken);
}
/// <summary>
/// Set up the TCP/UDP transport connection with KDC.
/// </summary>
/// <param name="localPort">The server port</param>
/// <param name="transportType">Whether the transport is TCP or UDP transport.</param>
/// <param name="ipType">Ip Version</param>
/// <param name="transportSize">The buffer size of transport stack. </param>
/// <exception cref="System.ArgumentException">Thrown when the transportType is neither TCP nor UDP.</exception>
public void Start(ushort localPort, KileConnectionType transportType, KileIpType ipType, int transportSize)
{
SocketTransportConfig transportConfig = new SocketTransportConfig();
transportConfig.Role = Role.Server;
transportConfig.MaxConnections = ConstValue.MAX_CONNECTIONS;
transportConfig.BufferSize = transportSize;
if (ipType == KileIpType.Ipv4)
{
transportConfig.LocalIpAddress = IPAddress.Any;
}
else
{
transportConfig.LocalIpAddress = IPAddress.IPv6Any;
}
transportConfig.LocalIpPort = localPort;
if (transportType == KileConnectionType.TCP)
{
transportConfig.Type = StackTransportType.Tcp;
}
else if (transportType == KileConnectionType.UDP)
{
transportConfig.Type = StackTransportType.Udp;
}
else
{
throw new ArgumentException("ConnectionType can only be TCP or UDP.");
}
decoder = new KileDecoder(contextList, transportType);
transport = new TransportStack(transportConfig, decoder.DecodePacketCallback);
transport.Start();
}
/// <summary>
/// Starts the server to listen on specified port.
/// </summary>
public void Start()
{
if (transportStack == null)
{
SocketTransportConfig transportConfig = new SocketTransportConfig();
transportConfig.LocalIpAddress = IPAddress.Any;
transportConfig.LocalIpPort = this.listenPort;
transportConfig.Role = Role.Server;
transportConfig.BufferSize = DefaultBufferSize;
transportConfig.MaxConnections = int.MaxValue;
transportConfig.Type = isTcp ? StackTransportType.Tcp : StackTransportType.Udp;
this.transportStack = new TransportStack(transportConfig, decoder.DecodeLdapPacketCallBack);
}
this.transportStack.Start();
}
/// <summary>
/// Set up the TCP/UDP transport connection with KDC.
/// </summary>
/// <param name="kdcAddress">The IP address of the KDC.</param>
/// <param name="kdcPort">The port of the KDC.</param>
/// <param name="transportType">Whether the transport is TCP or UDP transport.</param>
/// <exception cref="System.ArgumentException">Thrown when the connection type is neither TCP nor UDP</exception>
public void Connect(string kdcAddress, int kdcPort, KileConnectionType transportType)
{
SocketTransportConfig transportConfig = new SocketTransportConfig();
transportConfig.Role = Role.Client;
transportConfig.MaxConnections = 1;
transportConfig.BufferSize = transportBufferSize;
transportConfig.RemoteIpPort = kdcPort;
transportConfig.RemoteIpAddress = IPAddress.Parse(kdcAddress);
// For UDP bind
if (transportConfig.RemoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork)
{
transportConfig.LocalIpAddress = IPAddress.Any;
}
else if (transportConfig.RemoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetworkV6)
{
transportConfig.LocalIpAddress = IPAddress.IPv6Any;
}
if (transportType == KileConnectionType.TCP)
{
transportConfig.Type = StackTransportType.Tcp;
}
else if (transportType == KileConnectionType.UDP)
{
transportConfig.Type = StackTransportType.Udp;
}
else
{
throw new ArgumentException("ConnectionType can only be TCP or UDP.");
}
kdcTransport = new TransportStack(transportConfig, decoder.DecodePacketCallback);
if (transportType == KileConnectionType.TCP)
{
kdcTransport.Connect();
}
else
{
kdcTransport.Start();
}
context.TransportType = transportType;
}
/// <summary>
/// Set up the TCP/UDP transport connection with KDC.
/// </summary>
/// <exception cref="System.ArgumentException">Thrown when the connection type is neither TCP nor UDP</exception>
public virtual void Connect()
{
SocketTransportConfig transportConfig = new SocketTransportConfig();
transportConfig.Role = Role.Client;
transportConfig.MaxConnections = 1;
transportConfig.BufferSize = KerberosConstValue.TRANSPORT_BUFFER_SIZE;
transportConfig.RemoteIpPort = kdcPort;
transportConfig.RemoteIpAddress = IPAddress.Parse(kdcAddress);
// For UDP bind
if (transportConfig.RemoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork)
{
transportConfig.LocalIpAddress = IPAddress.Any;
}
else if (transportConfig.RemoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetworkV6)
{
transportConfig.LocalIpAddress = IPAddress.IPv6Any;
}
if (transportType == TransportType.TCP)
{
transportConfig.Type = StackTransportType.Tcp;
}
else if (transportType == TransportType.UDP)
{
transportConfig.Type = StackTransportType.Udp;
}
else
{
throw new ArgumentException("ConnectionType can only be TCP or UDP.");
}
kdcTransport = new TransportStack(transportConfig, DecodePacketCallback);
if (transportType == TransportType.TCP)
{
kdcTransport.Connect();
}
else
{
kdcTransport.Start();
}
}
public void LDAP_AD_DS_Add_Constraints_ComputerObject()
{
BaseTestSite.Assume.IsTrue(EnvironmentConfig.ServerVer >= ServerVersion.Win2012, "Server OS version should be not less than Windows Server 2012");
#region Connect and bind to server
SocketTransportConfig transportConfig = new SocketTransportConfig();
transportConfig.RemoteIpAddress = IPAddress.Parse(AD_LDAPModelAdapter.Instance(Site).PDCIPAddress);
transportConfig.RemoteIpPort = int.Parse(AD_LDAPModelAdapter.Instance(Site).ADDSPortNum, CultureInfo.InvariantCulture);
transportConfig.BufferSize = AD_LDAPModelAdapter.Instance(Site).transportBufferSize;
transportConfig.Type = StackTransportType.Tcp;
transportConfig.Role = Role.Client;
AdtsLdapClient ldapClientStack = new AdtsLdapClient(AdtsLdapVersion.V3, transportConfig);
ldapClientStack.Connect();
//The user do not have RIGHT_DS_CREATE_CHILD access rights
String userName = AD_LDAPModelAdapter.Instance(Site).testUser7Name;
String password = AD_LDAPModelAdapter.Instance(Site).testUser7Pwd;
String netbiosDomain = AD_LDAPModelAdapter.Instance(Site).PrimaryDomainNetBiosName;
TimeSpan timeout = AD_LDAPModelAdapter.Instance(Site).timeout;
//Using SSL binding
//Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.AccountCredential transportCredential = new Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.AccountCredential(
// Site.Properties["FullDomainName"], userName, password);
//Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.ClientSecurityContextAttribute contextAttributes = Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.ClientSecurityContextAttribute.Connection;
//Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.SspiClientSecurityContext securityContext = new Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.SspiClientSecurityContext(
// Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.SecurityPackageType.Kerberos,
// transportCredential,
// "LDAP/" + Site.Properties["ServerComputerName"],
// contextAttributes,
// Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.SecurityTargetDataRepresentation.SecurityNetworkDrep);
//securityContext.Initialize(null);
//AdtsBindRequestPacket bindRequest = ldapClientStack.CreateSaslBindRequest(securityContext, false);
AdtsBindRequestPacket bindRequest = ldapClientStack.CreateSimpleBindRequest(userName, password, netbiosDomain);
//send bind request
ldapClientStack.SendPacket(bindRequest);
AdtsLdapPacket response = ldapClientStack.ExpectPacket(timeout);
AdtsBindResponsePacket bindResponse = (AdtsBindResponsePacket)response;
//check the connectiong between client and server
Site.Assert.AreEqual <long>(
LDAPResult_resultCode.success,
(long)((BindResponse)bindResponse.GetInnerRequestOrResponse()).resultCode.Value,
"Bind response result should be LDAPResult_resultCode.success.");
#endregion
#region Add a Computer Object
string computerName = "testAddConstraints";
string computerObjectDN = "CN=" + computerName + ",CN=Computers," + AD_LDAPModelAdapter.Instance(Site).rootDomainNC;
KeyValuePair <string, string[]>[] attrs = new KeyValuePair <string, string[]> [5];
attrs[0] = new KeyValuePair <string, string[]>("objectClass", new string[] { "computer" });
attrs[1] = new KeyValuePair <string, string[]>("dNSHostName", new string[] { computerName + "." + AD_LDAPModelAdapter.Instance(Site).PrimaryDomainDnsName });
attrs[2] = new KeyValuePair <string, string[]>("servicePrincipalName", new string[] { "host/" + computerName + "." + AD_LDAPModelAdapter.Instance(Site).PrimaryDomainDnsName, "host/" + computerName });
attrs[3] = new KeyValuePair <string, string[]>("sAMAccountName", new string[] { computerName + "$" });
//attrs[4] = new KeyValuePair<string, string[]>("userAccountControl", new string[]{ "4098" });
//If the account is created with UF_ACCOUNTDISABLE set in userAccountControl, unicodePwd is not required.
//attrs[5] = new KeyValuePair<string, string[]>("unicodePwd", new string[] { "Password01!" });
AdtsAddRequestPacket addRequest = ldapClientStack.CreateAddRequest(computerObjectDN, attrs);
ldapClientStack.SendPacket(addRequest);
response = ldapClientStack.ExpectPacket(timeout);
AdtsAddResponsePacket addResponse = (AdtsAddResponsePacket)response;
string ldapErrorCode = Enum.GetName(typeof(ResultCode), ((Microsoft.Protocols.TestTools.StackSdk.ActiveDirectory.Adts.Asn1CodecV3.AddResponse)
addResponse.GetInnerRequestOrResponse()).resultCode.Value).ToString();
//BaseTestSite.Assert.AreEqual<string>(
// "some error code",
// ldapErrorCode,
// @"");
#endregion
#region Unbind and Disconnect
AdtsUnbindRequestPacket unbindRequest = ldapClientStack.CreateUnbindRequest();
ldapClientStack.SendPacket(unbindRequest);
ldapClientStack.Disconnect();
ldapClientStack = null;
#endregion
}
/// <summary>
/// Connects to server.
/// </summary>
/// <param name="config">Transport configurations.</param>
/// <exception cref="InvalidOperationException">
/// thrown when TransportConifg is null!
/// </exception>
/// <exception cref="NotSupportedException">
/// thrown when TransportConfig is not SocketTransportConfig,
/// ADTS-LDAP supports socket transport only!
/// </exception>
/// <exception cref="NotSupportedException">
/// thrown when Type of TransportConfig is not TCP/UDP.
/// Only TCP and UDP are supported for StackTransportType
/// </exception>
public virtual void Connect()
{
if (this.config == null)
{
throw new InvalidOperationException("TransportConfig is null!");
}
SocketTransportConfig socketConfig = this.config as SocketTransportConfig;
if (socketConfig == null)
{
throw new NotSupportedException("ADTS-LDAP supports socket transport only!");
}
// initialize IsTcp.
if (socketConfig.Type == StackTransportType.Tcp)
{
this.isTcp = true;
}
else if (socketConfig.Type == StackTransportType.Udp)
{
this.isTcp = false;
}
else
{
throw new NotSupportedException("Only TCP and UDP are supported for StackTransportType");
}
// initialize context.
if (this.context == null)
{
IPEndPoint remoteAddress = new IPEndPoint(socketConfig.RemoteIpAddress, socketConfig.RemoteIpPort);
this.context = new AdtsLdapContext(ldapVersion, remoteAddress);
}
// initialize decorder.
if (this.decoder == null)
{
this.decoder = new AdtsLdapClientDecoder(this);
}
// initialize transport stack.
if (this.transportStack == null)
{
this.transportStack = new TransportStack(config, this.decoder.DecodeLdapPacketCallBack);
}
#region Transport Connect
// TCP and UDP differs here. Connect method cannot be used for UDP connections.
if (this.isTcp)
{
this.transportStack.Connect();
}
else
{
this.transportStack.Start();
}
#endregion
}
