public void GetMatchingTargetsForComputer(string targetDomain)
{
ISecurityPrincipal trustee = directory.GetPrincipal($"{targetDomain}\\user1");
IComputer computer1 = directory.GetComputer($"{targetDomain}\\PC1");
IComputer computer2 = directory.GetComputer($"{targetDomain}\\PC2");
IGroup group1 = directory.GetGroup($"{targetDomain}\\G-DL-PC1");
IGroup group2 = directory.GetGroup($"{targetDomain}\\G-DL-PC2");
var namingContext = directory.TranslateName(targetDomain + "\\", Interop.DsNameFormat.Nt4Name, Interop.DsNameFormat.DistinguishedName);
var t1 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, $"OU=Computers,OU=LAPS Testing,{namingContext}", trustee);
var t2 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, $"OU=LAPS Testing,{namingContext}", trustee);
var t3 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, $"{namingContext}", trustee);
var t4 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, $"OU=JIT Groups,OU=LAPS Testing,{namingContext}", trustee);
var t5 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, computer1, trustee);
var t6 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, computer2, trustee);
var t7 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, group1, trustee);
var t8 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, group2, trustee);
var options = SetupOptions(t1, t2, t3, t4, t5, t6, t7, t8);
builder = new AuthorizationInformationBuilder(options, directory, logger, powershell, cache, targetDataProvider, authorizationContextProvider);
CollectionAssert.AreEquivalent(new[] { t1, t2, t3, t5, t7 }, builder.GetMatchingTargetsForComputer(computer1));
}
public void ValidateTargetSortOrder()
{
ISecurityPrincipal trustee = directory.GetPrincipal("IDMDEV1\\user1");
IComputer computer1 = directory.GetComputer("IDMDEV1\\PC1");
var t1 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, "OU=LAPS Testing,DC=IDMDEV1,DC=LOCAL", trustee);
var t2 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, "DC=IDMDEV1,DC=LOCAL", trustee);
var t3 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, "OU=Computers,OU=LAPS Testing,DC=IDMDEV1,DC=LOCAL", trustee);
var t4 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, "OU=JIT Groups,OU=LAPS Testing,DC=IDMDEV1,DC=LOCAL", trustee);
var options = SetupOptions(t1, t2, t3, t4);
builder = new AuthorizationInformationBuilder(options, directory, logger, powershell, cache, targetDataProvider, authorizationContextProvider);
CollectionAssert.AreEqual(new[] { t3, t1, t2 }, builder.GetMatchingTargetsForComputer(computer1));
}
