public void GetMatchingTargetsForComputer(string targetDomain) { ISecurityPrincipal trustee = directory.GetPrincipal($"{targetDomain}\\user1"); IComputer computer1 = directory.GetComputer($"{targetDomain}\\PC1"); IComputer computer2 = directory.GetComputer($"{targetDomain}\\PC2"); IGroup group1 = directory.GetGroup($"{targetDomain}\\G-DL-PC1"); IGroup group2 = directory.GetGroup($"{targetDomain}\\G-DL-PC2"); var namingContext = directory.TranslateName(targetDomain + "\\", Interop.DsNameFormat.Nt4Name, Interop.DsNameFormat.DistinguishedName); var t1 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, $"OU=Computers,OU=LAPS Testing,{namingContext}", trustee); var t2 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, $"OU=LAPS Testing,{namingContext}", trustee); var t3 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, $"{namingContext}", trustee); var t4 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, $"OU=JIT Groups,OU=LAPS Testing,{namingContext}", trustee); var t5 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, computer1, trustee); var t6 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, computer2, trustee); var t7 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, group1, trustee); var t8 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, group2, trustee); var options = SetupOptions(t1, t2, t3, t4, t5, t6, t7, t8); builder = new AuthorizationInformationBuilder(options, directory, logger, powershell, cache, targetDataProvider, authorizationContextProvider); CollectionAssert.AreEquivalent(new[] { t1, t2, t3, t5, t7 }, builder.GetMatchingTargetsForComputer(computer1)); }
public void ValidateTargetSortOrder() { ISecurityPrincipal trustee = directory.GetPrincipal("IDMDEV1\\user1"); IComputer computer1 = directory.GetComputer("IDMDEV1\\PC1"); var t1 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, "OU=LAPS Testing,DC=IDMDEV1,DC=LOCAL", trustee); var t2 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, "DC=IDMDEV1,DC=LOCAL", trustee); var t3 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, "OU=Computers,OU=LAPS Testing,DC=IDMDEV1,DC=LOCAL", trustee); var t4 = CreateTarget(AccessMask.LocalAdminPassword, AccessMask.None, "OU=JIT Groups,OU=LAPS Testing,DC=IDMDEV1,DC=LOCAL", trustee); var options = SetupOptions(t1, t2, t3, t4); builder = new AuthorizationInformationBuilder(options, directory, logger, powershell, cache, targetDataProvider, authorizationContextProvider); CollectionAssert.AreEqual(new[] { t3, t1, t2 }, builder.GetMatchingTargetsForComputer(computer1)); }