public static void OutputDomainFindingInfoToConsoleForDomainOnMachine(string machine, string domain)
{
OutputToConsole(0, "Outputting domain networking information for domain {0} retrieved from {1}", domain, string.IsNullOrEmpty(machine) ? "localhost" : machine);
try
{
var dci = NativeWrapped.GetDc(domain, DsFlag.DS_RETURN_DNS_NAME | DsFlag.DS_ONLY_LDAP_NEEDED, machine);
OutputToConsole(1, "Results from DsGetDcName:");
OutputToConsole(2, "{0}:\t{1}", "ClientSiteName", dci.ClientSiteName);
OutputToConsole(2, "{0}:\t{1}", "DcSiteName", dci.DcSiteName);
OutputToConsole(2, "{0}:\t{1}", "DnsForestName", dci.DnsForestName);
OutputToConsole(2, "{0}:\t{1}", "DomainControllerAddress", dci.DomainControllerAddress);
OutputToConsole(2, "{0}:\t{1}", "DomainControllerAddressType", dci.DomainControllerAddressType);
OutputToConsole(2, "{0}:\t{1}", "DomainControllerName", dci.DomainControllerName);
OutputToConsole(2, "{0}:\t{1}", "DomainGuid", dci.DomainGuid);
OutputToConsole(2, "{0}:\t{1}", "DomainName", dci.DomainName);
OutputToConsole(2, "{0}:\t{1}", "Flags", string.Join(", ", GetFlagsFromEnum <DsReturnFlags>(dci.Flags)));
OutputNetworkResolutionInformationToConsole(2, dci.DomainControllerAddress);
OutputToConsole(1, "Results from DsGetDcNext for {0}:", dci.DomainName);
//Note: The following won't get results from RoDCs
var dcs = NativeWrapped.EnumerateDCs(dci.DomainName, DsFlag.None);
foreach (var dc in dcs)
{
OutputNetworkResolutionInformationToConsole(2, dc);
}
}
catch (Exception ex)
{
OutputToConsole(0, "Error outputting domain information for {0} retrieved from {2}:\t{1}", domain, ex, string.IsNullOrEmpty(machine) ? "localhost" : machine);
}
}
//SSL
private bool Validate(string userName, string password, string domainName, out string serverNameUsed)
{
//Reference port numbers = https://technet.microsoft.com/en-us/library/dd772723(v=ws.10).aspx
int LdapSSLPort = 636;
int LdapGcSSLPort = 3269;
foreach (var dc in NativeWrapped.EnumerateDCs(domainName, DsFlag.DS_ONLY_LDAP_NEEDED))
{
if (TryConnect(dc, LdapSSLPort))
{
serverNameUsed = dc;
try
{
return(Validate(userName, password, domainName, dc, ContextOptions.SecureSocketLayer | ContextOptions.SimpleBind));
}
catch (Exception ex)
{
//Logging.Error(typeof(ADValidation), "Failed validating credentials for {0} on {1}:\t{2}", username, dc, ex);
Console.WriteLine("Failed validating credentials for {0} on {1}:\t{2}", userName, dc, ex);
try
{
return(Validate(userName, password, domainName, dc, LdapSSLPort));
}
catch (Exception ex2)
{
//Logging.Error(typeof(ADValidation), "Failed manually validating credentials for {0} on {1}:\t{2}", username, dc, ex2);
Console.WriteLine("Failed manually validating credentials for {0} on {1}:\t{2}", userName, dc, ex2);
}
}
}
else if (TryConnect(dc, LdapGcSSLPort))
{
serverNameUsed = dc;
//You could roll your own validator using LDAPConnection for this if you wanted and as I have done for a fallback on
//the above where the ldap options set for the session within the .NET library can cause credential validation to fail,
//but the ValidateCredentials method is hard coded to the other port
try
{
//LDap
return(Validate(userName, password, domainName, dc, LdapGcSSLPort));
}
catch (Exception ex2)
{
//Logging.Error(typeof(ADValidation), "Failed manually validating credentials for {0} on {1}:\t{2}", username, dc, ex2);
Console.WriteLine("Failed manually validating credentials for {0} on {1}:\t{2}", userName, dc, ex2);
}
}
}
serverNameUsed = null;
return(false);// string.Format("User {0} is not authenticated", userName);
}