void AddDataToInvestigate(string mapping, MappingType type)
{
// avoid dealing with files
if (String.IsNullOrEmpty(mapping) || mapping.StartsWith("\\\\"))
{
Trace.WriteLine("Ignoring addition of mapping " + mapping + "type = " + type);
return;
}
switch (type)
{
case MappingType.Name:
if (!KnownCN.Contains(mapping))
{
if (!CNToInvestigate.Contains(mapping))
{
CNToInvestigate.Add(mapping);
}
}
break;
case MappingType.Sid:
if (mapping.StartsWith("S-1-5-32-") || mapping.StartsWith(databaseInformation["DomainSid"]))
{
if (!KnownSID.Contains(mapping))
{
if (!SIDToInvestigate.Contains(mapping))
{
SIDToInvestigate.Add(mapping);
}
}
}
break;
}
}
void AddDataToInvestigate(string mapping, MappingType type)
{
// avoid dealing with files
if (string.IsNullOrEmpty(mapping))
{
Trace.WriteLine("Ignoring addition of mapping " + mapping + "type = " + type);
return;
}
else
{
switch (type)
{
case MappingType.DistinguishedName:
if (!nodesByDN.ContainsKey(mapping.ToLowerInvariant()))
{
if (!CNToInvestigate.Contains(mapping.ToLowerInvariant()))
{
CNToInvestigate.Add(mapping.ToLowerInvariant());
}
}
break;
case MappingType.Sid:
if (mapping.StartsWith("S-1-5-32-", StringComparison.InvariantCultureIgnoreCase) || mapping.StartsWith(databaseInformation["DomainSid"]))
{
if (!nodesBySID.ContainsKey(mapping.ToLowerInvariant()))
{
if (!SIDToInvestigate.Contains(mapping.ToUpperInvariant()))
{
SIDToInvestigate.Add(mapping.ToUpperInvariant());
}
}
}
break;
case MappingType.FileName:
if (mapping.StartsWith("\\\\"))
{
if (!nodesByFilename.ContainsKey(mapping.ToLowerInvariant()))
{
if (!FilesToInvestigate.Contains(mapping.ToLowerInvariant()))
{
FilesToInvestigate.Add(mapping.ToLowerInvariant());
}
}
}
break;
case MappingType.GPODirectory:
if (mapping.StartsWith("\\\\"))
{
if (!nodesGPOByFilename.ContainsKey(mapping.ToLowerInvariant()))
{
if (!GPOToInvestigate.Contains(mapping.ToLowerInvariant()))
{
GPOToInvestigate.Add(mapping.ToLowerInvariant());
}
}
}
break;
}
}
}
int CreateNode(Node node)
{
//locking is important because this function can be called by threads (analysing GPO, ...)
lock (nodes)
{
Trace.WriteLine("Inserting node " + index + " name=" + node.Name + " sid=" + node.Sid + " shortname=" + node.Shortname);
// defensive programming checks
if (!string.IsNullOrEmpty(node.Dn) && nodesByDN.ContainsKey(node.Dn.ToLowerInvariant()))
{
Trace.WriteLine("DN already present");
return(nodesByDN[node.Dn.ToLowerInvariant()].Id);
}
if (!string.IsNullOrEmpty(node.Sid) && nodesBySID.ContainsKey(node.Sid.ToLowerInvariant()))
{
Trace.WriteLine("SID already present");
return(nodesBySID[node.Sid.ToLowerInvariant()].Id);
}
if (!string.IsNullOrEmpty(node.FileName) && node.Type != "gpodirectory" && (nodesByFilename.ContainsKey(node.FileName.ToLowerInvariant())))
{
Trace.WriteLine("FileName already present");
return(nodesByFilename[node.FileName.ToLowerInvariant()].Id);
}
if (!string.IsNullOrEmpty(node.FileName) && node.Type == "gpodirectory" && (nodesGPOByFilename.ContainsKey(node.FileName.ToLowerInvariant())))
{
Trace.WriteLine("FileName already present");
return(nodesGPOByFilename[node.FileName.ToLowerInvariant()].Id);
}
// inserting the node
node.Id = index;
nodes.Add(index, node);
if (!string.IsNullOrEmpty(node.FileName))
{
if (node.FileName.StartsWith("\\\\"))
{
if (node.Type != "gpodirectory")
{
nodesByFilename.Add(node.FileName.ToLowerInvariant(), node);
if (FilesToInvestigate.Contains(node.FileName.ToLowerInvariant()))
{
FilesToInvestigate.Remove(node.FileName.ToLowerInvariant());
}
}
else
{
nodesGPOByFilename.Add(node.FileName.ToLowerInvariant(), node);
if (GPOToInvestigate.Contains(node.FileName.ToLowerInvariant()))
{
GPOToInvestigate.Remove(node.FileName.ToLowerInvariant());
}
}
}
}
if (!string.IsNullOrEmpty(node.Dn))
{
nodesByDN.Add(node.Dn.ToLowerInvariant(), node);
if (CNToInvestigate.Contains(node.Dn.ToLowerInvariant()))
{
CNToInvestigate.Remove(node.Dn.ToLowerInvariant());
}
}
if (!string.IsNullOrEmpty(node.Sid))
{
nodesBySID.Add(node.Sid.ToLowerInvariant(), node);
if (SIDToInvestigate.Contains(node.Sid.ToUpperInvariant()))
{
SIDToInvestigate.Remove(node.Sid.ToUpperInvariant());
}
// handle primary group id
if (node.Type == "group")
{
if (node.Sid.StartsWith("S-1-5-21-"))
{
var part = node.Sid.Split('-');
int PGId = int.Parse(part[part.Length - 1]);
if (!KnownPGId.Contains(PGId) && !PGIdToInvestigate.Contains(PGId))
{
PGIdToInvestigate.Add(PGId);
}
}
}
}
return(index++);
}
}
public int InsertNode(string shortname, string objectclass, string name, string sid, ADItem adItem)
{
if (String.Equals(objectclass, "unknown", StringComparison.OrdinalIgnoreCase))
{
if (name.Contains(",CN=ForeignSecurityPrincipals,DC="))
{
objectclass = "foreignsecurityprincipal";
sid = name.Substring(3, name.IndexOf(',') - 3);
}
}
// reentrance from previous if
if (String.Equals(objectclass, "foreignsecurityprincipal", StringComparison.OrdinalIgnoreCase))
{
// avoid CREATOR OWNER (used for dynamic permissions)
if (String.Equals(sid, "S-1-3-0", StringComparison.OrdinalIgnoreCase))
{
return(-1);
}
if (String.Equals(sid, "S-1-5-18", StringComparison.OrdinalIgnoreCase))
{
return(-1);
}
string referencedDomain = null;
string ntaccount = NativeMethods.ConvertSIDToName(sid, serverForSIDResolution, out referencedDomain);
if (ntaccount == shortname)
{
if (String.IsNullOrEmpty(referencedDomain))
{
ntaccount = shortname;
}
else
{
ntaccount = referencedDomain + "\\" + shortname;
}
}
shortname = ntaccount;
name = sid;
adItem = null;
}
Node node = new Node();
node.Shortname = shortname;
node.Type = objectclass;
node.Dn = name;
node.Sid = sid;
node.ADItem = adItem;
//12345
lock (nodes)
{
Trace.WriteLine("Inserting node " + index + " name=" + node.Name + " sid=" + node.Sid + " shortname=" + node.Shortname);
node.Id = index;
nodes.Add(index, node);
if (!string.IsNullOrEmpty(name))
{
if (name.StartsWith("\\\\"))
{
KnownFiles.Add(name);
if (FilesToInvestigate.Contains(name))
{
FilesToInvestigate.Remove(name);
}
}
else
{
KnownCN.Add(name);
if (CNToInvestigate.Contains(name))
{
CNToInvestigate.Remove(name);
}
}
}
if (!String.IsNullOrEmpty(sid))
{
KnownSID.Add(sid);
if (SIDToInvestigate.Contains(sid))
{
SIDToInvestigate.Remove(sid);
}
// handle primary group id
if (objectclass == "group")
{
if (sid.StartsWith("S-1-5-21-"))
{
var part = sid.Split('-');
int PGId = int.Parse(part[part.Length - 1]);
if (!KnownPGId.Contains(PGId) && !PGIdToInvestigate.Contains(PGId))
{
PGIdToInvestigate.Add(PGId);
}
}
}
}
return(index++);
}
}