public GraphObjectReference ExportData(List <string> UsersToInvestigate)
        {
            ADDomainInfo         domainInfo      = null;
            RelationFactory      relationFactory = null;
            GraphObjectReference objectReference = null;

            DisplayAdvancement("Getting domain information (" + Server + ")");
            using (ADWebService adws = new ADWebService(Server, Port, Credential))
            {
                domainInfo = GetDomainInformation(adws);
                Storage.Initialize(domainInfo);
                Trace.WriteLine("Creating new relation factory");
                relationFactory = new RelationFactory(Storage, domainInfo, Credential);
                DisplayAdvancement("Exporting objects from Active Directory");
                objectReference = new GraphObjectReference(domainInfo);
                ExportReportData(adws, domainInfo, relationFactory, Storage, objectReference, UsersToInvestigate);
            }
            DisplayAdvancement("Inserting relations between nodes in the database");
            Trace.WriteLine("Inserting relations on hold");
            Storage.InsertRelationOnHold();
            Trace.WriteLine("Add trusted domains");
            AddTrustedDomains(Storage);
            Trace.WriteLine("Done");
            DisplayAdvancement("Export completed");
            DisplayAdvancement("Doing the analysis");
            return(objectReference);
        }
        int AnalyzeMissingObjets(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, LiveDataStorage Storage)
        {
            int num = 0;

            while (true)
            {
                List <string> cns = Storage.GetCNToInvestigate();
                if (cns.Count > 0)
                {
                    num += cns.Count;
                    ExportCNData(adws, domainInfo, relationFactory, cns);
                }
                List <string> sids = Storage.GetSIDToInvestigate();
                if (sids.Count > 0)
                {
                    num += sids.Count;
                    ExportSIDData(adws, domainInfo, relationFactory, sids);
                }
                List <int> primaryGroupId = Storage.GetPrimaryGroupIDToInvestigate();
                if (primaryGroupId.Count > 0)
                {
                    num += primaryGroupId.Count;
                    ExportPrimaryGroupData(adws, domainInfo, relationFactory, primaryGroupId);
                }
                if (cns.Count == 0 && sids.Count == 0 && primaryGroupId.Count == 0)
                {
                    return(num);
                }
            }
        }
        private void ExportReportData(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, List <string> UsersToInvestigate)
        {
            List <string> sids = new List <string> {
                "S-1-5-32-548",
                "S-1-5-32-544",
                domainInfo.DomainSid.Value + "-512",
                domainInfo.DomainSid.Value + "-519",
                domainInfo.DomainSid.Value + "-518",
                domainInfo.DomainSid.Value + "-500",
                "S-1-5-32-551",
                domainInfo.DomainSid.Value + "-517",
                "S-1-5-32-569",
                domainInfo.DomainSid.Value + "-516",
                domainInfo.DomainSid.Value + "-498",
                domainInfo.DomainSid.Value + "-520",
                "S-1-5-32-557",
                domainInfo.DomainSid.Value + "-502",
                "S-1-5-32-556",
                "S-1-5-32-554",
                "S-1-5-32-550",
                domainInfo.DomainSid.Value,
                domainInfo.DomainSid.Value + "-521",
                "S-1-5-32-549",
            };
            ADItem aditem = null;

            foreach (string sid in sids)
            {
                aditem = Search(adws, domainInfo, sid);
                if (aditem != null)
                {
                    relationFactory.AnalyzeADObject(aditem);
                }
                else
                {
                    Trace.WriteLine("Unable to find the user: "******"Unable to find the user: " + user);
                }
            }

            AnalyzeMissingObjets(adws, domainInfo, relationFactory);
            relationFactory.InsertFiles();
            AnalyzeMissingObjets(adws, domainInfo, relationFactory);
        }
        private void ExportSIDData(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, List <string> sids)
        {
            WorkOnReturnedObjectByADWS callback =
                (ADItem aditem) =>
            {
                relationFactory.AnalyzeADObject(aditem);
            };

            foreach (string sid in sids)
            {
                adws.Enumerate(domainInfo.DefaultNamingContext,
                               "(objectSid=" + ADConnection.EncodeSidToString(sid) + ")",
                               properties, callback);
            }
        }
        private void ExportCNData(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, List <string> cns)
        {
            WorkOnReturnedObjectByADWS callback =
                (ADItem aditem) =>
            {
                relationFactory.AnalyzeADObject(aditem);
            };

            foreach (string cn in cns)
            {
                adws.Enumerate(domainInfo.DefaultNamingContext,
                               "(distinguishedName=" + ADConnection.EscapeLDAP(cn) + ")",
                               properties, callback);
            }
        }
        private void ExportReportData(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, LiveDataStorage storage, GraphObjectReference objectReference, List <string> UsersToInvestigate)
        {
            ADItem aditem = null;

            foreach (var typology in objectReference.Objects.Keys)
            {
                var toDelete = new List <GraphSingleObject>();
                foreach (var obj in objectReference.Objects[typology])
                {
                    DisplayAdvancement("Working on " + obj.Description);
                    aditem = Search(adws, domainInfo, obj.Name);
                    if (aditem != null)
                    {
                        relationFactory.AnalyzeADObject(aditem);
                    }
                    else
                    {
                        Trace.WriteLine("Unable to find the user: "******"Working on " + user);
                aditem = Search(adws, domainInfo, user);
                if (aditem != null)
                {
                    objectReference.Objects[Data.CompromiseGraphDataTypology.UserDefined].Add(new GraphSingleObject(user, user));
                    relationFactory.AnalyzeADObject(aditem);
                }
                else
                {
                    Trace.WriteLine("Unable to find the user: " + user);
                }
            }

            AnalyzeMissingObjets(adws, domainInfo, relationFactory, storage);
            relationFactory.InsertFiles();
            AnalyzeMissingObjets(adws, domainInfo, relationFactory, storage);
        }
        public void ExportData(List <string> UsersToInvestigate)
        {
            ADDomainInfo    domainInfo      = null;
            RelationFactory relationFactory = null;

            DisplayAdvancement("Getting domain informations");
            using (ADWebService adws = new ADWebService(Server, Port, Credential))
            {
                domainInfo = GetDomainInformation(adws);
                Storage.Initialize(domainInfo);
                Trace.WriteLine("Creating new relation factory");
                relationFactory = new RelationFactory(Storage, domainInfo, Credential);
                DisplayAdvancement("Exporting objects from Active Directory");
                ExportReportData(adws, domainInfo, relationFactory, UsersToInvestigate);
            }
            DisplayAdvancement("Inserting relations between nodes in the database");
            Trace.WriteLine("Inserting relations on hold");
            Storage.InsertRelationOnHold(domainInfo.DnsHostName);
            Trace.WriteLine("Done");
            DisplayAdvancement("Export completed");
        }
        private void ExportPrimaryGroupData(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, List <int> primaryGroupIDs)
        {
            WorkOnReturnedObjectByADWS callback =
                (ADItem aditem) =>
            {
                relationFactory.AnalyzeADObject(aditem);
            };

            foreach (int id in primaryGroupIDs)
            {
                adws.Enumerate(domainInfo.DefaultNamingContext,
                               "(primaryGroupID=" + id + ")",
                               properties, callback);
            }
        }