public static LdapSearchResponse GetDomainInfo(string server, string domain, NetworkCredential credential) { string rootNc = "DC=" + domain.Replace(".", ",DC="); LdapSearchResponse pingrep = new LdapSearchResponse(); LdapConnection ldapconn = new LdapConnection(server); ldapconn.Bind(credential); SearchRequest sr = new SearchRequest(rootNc, "(objectClass=*)", SearchScope.Base); SearchResponse sp = ldapconn.SendRequest(sr) as SearchResponse; if (sp.ResultCode != ResultCode.Success) { throw new AutoDetectionException(string.Format("Cannot get information of domain: {0} from server {1}.", domain, server)); } var attributes = sp.Entries[0].Attributes; // Domain GUID byte[] rawguid = attributes["objectGuid"][0] as byte[]; pingrep.DomainGuid = (new Guid(rawguid)).ToString().ToUpper(); // Domain SID byte[] rawsid = attributes["objectSid"][0] as byte[]; pingrep.DomainSid = (new System.Security.Principal.SecurityIdentifier(rawsid, 0)).ToString().ToUpper(); ldapconn.Dispose(); return(pingrep); }
public static LdapSearchResponse LdapPing(string server) { LdapSearchResponse pingrep = new LdapSearchResponse(); LdapConnection ldapconn = new LdapConnection(server); SearchRequest sr = new SearchRequest("", "(objectClass=*)", SearchScope.Base); SearchResponse sp = ldapconn.SendRequest(sr) as SearchResponse; if (sp.ResultCode != ResultCode.Success) { throw new AutoDetectionException("Ldap Ping failed: {0}, Result Code: {1}", server, sp.ResultCode); } var attributes = sp.Entries[0].Attributes; pingrep.DomainFunctionality = attributes.GetRootDseValue("domainfunctionality"); pingrep.SupportedSaslMechanisms = attributes.GetRootDseValues("supportedSASLMechanisms"); ldapconn.Dispose(); return(pingrep); }
public bool RunDetection() { // Get Driver Information ptfcfg.EndpointNetbiosName = System.Environment.MachineName.ToUpper(); var epHostEntry = Utility.GetHost(ptfcfg.EndpointNetbiosName); ptfcfg.EndpointIPAddress = epHostEntry.GetIpAddress(); ptfcfg.NrpcSutSubnet = Utility.GetSubnetAddress(epHostEntry.GetAddress()); // Check PDC DetectorUtil.WriteLog("Verify PDC - Begin", true, LogStyle.Default); var pdcHostEntry = Utility.GetHost(ptfcfg.Dc1NetBiosName); if (pdcHostEntry == null) { throw new AutoDetectionException(string.Format("Cannot find {0}.", ptfcfg.Dc1NetBiosName)); } ptfcfg.Dc1IpAddress = pdcHostEntry.GetIpAddress(); ptfcfg.Dc1NetBiosName = pdcHostEntry.GetNetbiosName().ToUpper(); ptfcfg.LsatSutName = ptfcfg.Dc1NetBiosName; // Check ADLDS Port int ldsport; if (int.TryParse(ptfcfg.AdldsPort, out ldsport) && Utility.LdapPingHost(pdcHostEntry, ldsport)) { DetectorUtil.WriteLog( string.Format("Verify ADLDS Port:{0} - Done", ptfcfg.AdldsPort), true, LogStyle.Default); } else { DetectorUtil.WriteLog( string.Format("Verify ADLDS Port:{0} - Failed", ptfcfg.AdldsPort), true, LogStyle.Default); ptfcfg.AdldsPort = ""; ptfcfg.ClientUserName = "******"; } ptfcfg.LdsAppNc = "CN=ApplicationNamingContext," + String.Join(",", ptfcfg.PrimaryDomainDnsName.Split('.').Select(s => "DC=" + s)); LdapSearchResponse pdcPingRep = null; try { pdcPingRep = Utility.LdapPing(ptfcfg.Dc1NetBiosName); } catch (Exception e) { DetectorUtil.WriteLog("Error: " + e.Message); DetectorUtil.WriteLog("Verify PDC - Failed", true, LogStyle.StepFailed); goto CheckSDC; } var d = Utility.GetDomainInfo(ptfcfg.Dc1NetBiosName, ptfcfg.PrimaryDomainDnsName, new System.Net.NetworkCredential( ptfcfg.DomainAdminName, SharedPassword, ptfcfg.PrimaryDomainDnsName)); ptfcfg.PrimaryDomainServerGuid = d.DomainGuid; ptfcfg.PrimaryDomainSid = d.DomainSid; ptfcfg.PrimaryDomainNetBiosName = Utility.GetDomainNetbiosName(ptfcfg.PrimaryDomainDnsName); ptfcfg.ReplicaDirName = String.Format(@"\\{0}\SYSVOL\{0}\scripts", ptfcfg.PrimaryDomainDnsName); ptfcfg.DomainFunctionLevel = pdcPingRep.DomainFunctionality; string mechanisms = ""; foreach (var s in pdcPingRep.SupportedSaslMechanisms) { mechanisms += string.Format("{0}; ", s); } DetectorUtil.WriteLog("Check PDC Supported SASL Mechanisms: " + mechanisms, true, LogStyle.Default); ptfcfg.PdcSupportedSaslMechanisms = mechanisms; if (!pdcPingRep.IsSupported("GSSAPI")) { throw new AutoDetectionException("ERROR: GSSAPI is not supported."); } if (!pdcPingRep.IsSupported("GSS-SPNEGO")) { throw new AutoDetectionException("ERROR: GSS-SPNEGO is not supported."); } DetectorUtil.WriteLog("Verify PDC - Done", true, LogStyle.StepPassed); CheckSDC: // Check SDC DetectorUtil.WriteLog("Verify SDC - Begin", true, LogStyle.Default); var sdcHostEntry = Utility.GetHost(ptfcfg.Dc2NetbiosName); if (sdcHostEntry == null || !Utility.LdapPingHost(sdcHostEntry)) { DetectorUtil.WriteLog(string.Format("Secondary DC {0} is not found.", ptfcfg.Dc2NetbiosName), true, LogStyle.Default); SdcExists = false; ptfcfg.Dc2IpAddress = ""; ptfcfg.Dc2NetbiosName = ""; DetectorUtil.WriteLog("Verify SDC - Failed", true, LogStyle.StepNotFound); } else { SdcExists = true; ptfcfg.Dc2IpAddress = sdcHostEntry.GetIpAddress(); ptfcfg.Dc2NetbiosName = sdcHostEntry.GetNetbiosName().ToUpper(); DetectorUtil.WriteLog("Verify SDC - Done", true, LogStyle.StepPassed); } // Check RODC DetectorUtil.WriteLog("Verify RODC - Begin", true, LogStyle.Default); var rodcHostEntry = Utility.GetHost(ptfcfg.RodcNetbiosName); if (rodcHostEntry == null || !Utility.LdapPingHost(rodcHostEntry)) { DetectorUtil.WriteLog(string.Format("Read Only DC {0} is not found.", ptfcfg.RodcNetbiosName), true, LogStyle.Default); RodcExists = false; ptfcfg.RodcIpAddress = ""; ptfcfg.RodcNetbiosName = ""; DetectorUtil.WriteLog("Verify RODC - Failed", true, LogStyle.StepNotFound); } else { RodcExists = true; ptfcfg.RodcIpAddress = rodcHostEntry.GetIpAddress(); ptfcfg.RodcNetbiosName = rodcHostEntry.GetNetbiosName().ToUpper(); DetectorUtil.WriteLog("Verify RODC - Done", true, LogStyle.StepPassed); } // Check DM DetectorUtil.WriteLog("Verify DM - Begin", true, LogStyle.Default); var dmHostEntry = Utility.GetHost(ptfcfg.DmNetbiosName); if (dmHostEntry == null) { DetectorUtil.WriteLog(string.Format("Domain Member {0} is not found.", ptfcfg.DmNetbiosName), true, LogStyle.Default); DmExists = false; ptfcfg.DmIpAddress = ""; ptfcfg.DmNetbiosName = ""; DetectorUtil.WriteLog("Verify DM - Failed", true, LogStyle.StepNotFound); } else { DmExists = true; ptfcfg.DmIpAddress = dmHostEntry.GetIpAddress(); ptfcfg.DmNetbiosName = dmHostEntry.GetNetbiosName().ToUpper(); DetectorUtil.WriteLog("Verify DM - Done", true, LogStyle.StepPassed); } // Check ChildDomain DetectorUtil.WriteLog("Verify Child Domain - Begin", true, LogStyle.Default); CdcExists = false; try { if (!string.IsNullOrWhiteSpace(ptfcfg.ChildDomainDnsName)) { DirectoryContext domainContext = new DirectoryContext(DirectoryContextType.Domain, ptfcfg.ChildDomainDnsName); var domain = System.DirectoryServices.ActiveDirectory.Domain.GetDomain(domainContext); var cdc = domain.FindDomainController(); var cdcHostEntry = Utility.GetHost(cdc.Name); ptfcfg.CdcIpAddress = cdcHostEntry.GetIpAddress(); ptfcfg.CdcNetbiosName = cdcHostEntry.GetNetbiosName().ToUpper(); ptfcfg.ChildDomainNetBiosName = Utility.GetDomainNetbiosName(ptfcfg.ChildDomainDnsName); CdcExists = true; } } catch (Exception) { CdcExists = false; } if (CdcExists) { DetectorUtil.WriteLog("Verify Child Domain - Done", true, LogStyle.StepPassed); } else { ptfcfg.ChildDomainDnsName = ""; ptfcfg.CdcIpAddress = ""; ptfcfg.CdcNetbiosName = ""; DetectorUtil.WriteLog("Verify Child Domain - Failed", true, LogStyle.StepNotFound); } // Check Trust DetectorUtil.WriteLog("Verify Trust Domain - Begin", true, LogStyle.Default); TdcExists = false; try { if (!string.IsNullOrWhiteSpace(ptfcfg.TrustDomainDnsName)) { DirectoryContext domainContext = new DirectoryContext(DirectoryContextType.Domain, ptfcfg.TrustDomainDnsName); var domain = System.DirectoryServices.ActiveDirectory.Domain.GetDomain(domainContext); var tdc = domain.FindDomainController(); var tdcHostEntry = Utility.GetHost(tdc.Name); ptfcfg.TdcIpAddress = tdcHostEntry.GetIpAddress(); ptfcfg.TdcNetbiosName = tdcHostEntry.GetNetbiosName().ToUpper(); ptfcfg.TrustDomainNetBiosName = Utility.GetDomainNetbiosName(ptfcfg.TrustDomainDnsName); TdcExists = true; } } catch (Exception) { TdcExists = false; } if (TdcExists) { DetectorUtil.WriteLog("Verify Trust Domain - Done", true, LogStyle.StepPassed); } else { ptfcfg.TrustDomainDnsName = ""; ptfcfg.TdcNetbiosName = ""; ptfcfg.TdcIpAddress = ""; DetectorUtil.WriteLog("Verify Trust Domain - Not Found", true, LogStyle.StepNotFound); } // Check User Accounts DetectorUtil.WriteLog("Verify User Accounts - Begin", true, LogStyle.Default); DetectorUtil.WriteLog( string.Format("Verify {0}\\{1} Password: {2} on {3}", ptfcfg.PrimaryDomainDnsName, ptfcfg.DomainAdminName, ptfcfg.DomainUserPassword, ptfcfg.Dc1NetBiosName), true, LogStyle.Default); Utility.LdapBind(ptfcfg.Dc1NetBiosName, new System.Net.NetworkCredential(ptfcfg.DomainAdminName, SharedPassword, ptfcfg.PrimaryDomainDnsName)); ptfcfg.DomainUserPassword = SharedPassword; DetectorUtil.WriteLog( string.Format("Verify {0}\\{1} Password: {2} on {3}", ptfcfg.PrimaryDomainDnsName, ptfcfg.ClientUserName, ptfcfg.DomainUserPassword, ptfcfg.Dc1NetBiosName), true, LogStyle.Default); Utility.LdapBind(ptfcfg.Dc1NetBiosName, new System.Net.NetworkCredential(ptfcfg.ClientUserName, SharedPassword, ptfcfg.PrimaryDomainDnsName)); ptfcfg.ClientUserPassword = SharedPassword; if (CdcExists) { DetectorUtil.WriteLog( string.Format("Verify {0}\\{1} Password: {2} on {3}", ptfcfg.ChildDomainDnsName, ptfcfg.DomainAdminName, ptfcfg.DomainUserPassword, ptfcfg.CdcNetbiosName), true, LogStyle.Default); Utility.LdapBind(ptfcfg.CdcNetbiosName, new System.Net.NetworkCredential(ptfcfg.DomainAdminName, ptfcfg.DomainUserPassword, ptfcfg.ChildDomainDnsName)); } if (TdcExists) { DetectorUtil.WriteLog( string.Format("Verify {0}\\{1} Password: {2} on {3}", ptfcfg.TrustDomainDnsName, ptfcfg.DomainAdminName, ptfcfg.DomainUserPassword, ptfcfg.TdcNetbiosName), true, LogStyle.Default); Utility.LdapBind(ptfcfg.TdcNetbiosName, new System.Net.NetworkCredential(ptfcfg.DomainAdminName, ptfcfg.DomainUserPassword, ptfcfg.TrustDomainDnsName)); } DetectorUtil.WriteLog("Verify User Accounts - Done", true, LogStyle.StepPassed); // Check Machine Accounts DetectorUtil.WriteLog("Verify machine accounts - Begin.", true, LogStyle.Default); // PDC if (VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.Dc1NetBiosName, ptfcfg.Dc1Password)) { ptfcfg.Dc1PasswordVerified = true; } else if (ptfcfg.Dc1Password != SharedPassword && VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.Dc1NetBiosName, SharedPassword)) { ptfcfg.Dc1PasswordVerified = true; ptfcfg.Dc1Password = SharedPassword; } else { ptfcfg.Dc1PasswordVerified = false; } //SDC ptfcfg.Dc2PasswordVerified = false; if (SdcExists) { if (VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.Dc2NetbiosName, ptfcfg.Dc2Password)) { ptfcfg.Dc2PasswordVerified = true; } else if (ptfcfg.Dc2Password != SharedPassword && VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.Dc2NetbiosName, SharedPassword)) { ptfcfg.Dc1PasswordVerified = true; ptfcfg.Dc2Password = SharedPassword; } } //RODC ptfcfg.RodcPasswordVerified = false; if (RodcExists) { if (VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.RodcNetbiosName, ptfcfg.RodcPassword)) { ptfcfg.RodcPasswordVerified = true; } else if (ptfcfg.RodcPassword != SharedPassword && VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.RodcNetbiosName, SharedPassword)) { ptfcfg.RodcPasswordVerified = true; ptfcfg.RodcPassword = SharedPassword; } } //DM ptfcfg.DmPasswordVerified = false; if (DmExists) { if (VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.DmNetbiosName, ptfcfg.DmPassword)) { ptfcfg.DmPasswordVerified = true; } else if (ptfcfg.DmPassword != SharedPassword && VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.DmNetbiosName, SharedPassword)) { ptfcfg.DmPasswordVerified = true; ptfcfg.DmPassword = SharedPassword; } } //Endpoint if (VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.EndpointNetbiosName, ptfcfg.EndpointPassword)) { ptfcfg.EndpointPasswordVerified = true; } else if (ptfcfg.EndpointPassword != SharedPassword && VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.EndpointNetbiosName, SharedPassword)) { ptfcfg.EndpointPasswordVerified = true; ptfcfg.EndpointPassword = SharedPassword; } else { ptfcfg.EndpointPasswordVerified = false; } DetectorUtil.WriteLog("Verify machine accounts - Done.", true, LogStyle.StepPassed); int functionLevel; int.TryParse(ptfcfg.DomainFunctionLevel, out functionLevel); // Get TD Path string installDir = @"C:\MicrosoftProtocolTests\ADFamily\Server-Endpoint\" + Utility.GetInstalledTestSuiteVersion(); StringBuilder tddocs = new StringBuilder(); tddocs.AppendFormat(@"{0}\Data\Common-TD-XML\MS-ADA1\*,", installDir); tddocs.AppendFormat(@"{0}\Data\Common-TD-XML\MS-ADA2\*,", installDir); tddocs.AppendFormat(@"{0}\Data\Common-TD-XML\MS-ADA3\*,", installDir); tddocs.AppendFormat(@"{0}\Data\Common-TD-XML\MS-ADSC\*,", installDir); if (functionLevel <= 5) { tddocs.AppendFormat(@"{0}\Data\Win8-TD-XML\MS-ADSC\*,", installDir); tddocs.AppendFormat(@"{0}\Data\Win8-TD-XML\MS-ADA2\*", installDir); } else { tddocs.AppendFormat(@"{0}\Data\WinBlue-TD-XML\MS-ADSC\*,", installDir); tddocs.AppendFormat(@"{0}\Data\WinBlue-TD-XML\MS-ADA2\*", installDir); } ptfcfg.SchemaTdPath = tddocs.ToString(); StringBuilder ldstddocs = new StringBuilder(); ldstddocs.AppendFormat(@"{0}\Data\Common-TD-XML\MS-ADLS\*,", installDir); if (functionLevel <= 5) { ldstddocs.AppendFormat(@"{0}\Data\Win8-TD-XML\MS-ADLS\*", installDir); } else { ldstddocs.AppendFormat(@"{0}\Data\WinBlue-TD-XML\MS-ADLS\*", installDir); } ptfcfg.SchemaLdsTdPath = ldstddocs.ToString(); ptfcfg.SchemaOpenXmlPath = String.Format(@"{0}\Data\Win2016-TD-XML\DS\*", installDir); ptfcfg.SchemaLdsOpenXmlPath = String.Format(@"{0}\Data\Win2016-TD-XML\LDS\*", installDir); return(true); }