static void AddPrefixTableEntry(ref SCHEMA_PREFIX_TABLE t, byte[] s)
{
PrefixTableEntry[] nt = new PrefixTableEntry[t.PrefixCount + 1];
Array.Copy(t.pPrefixEntry, nt, t.PrefixCount);
// Find a prefix index that's not in use.
Random rnd = new Random();
uint idx = 0;
bool found = false;
while (!found)
{
found = true;
idx = (uint)rnd.Next(0, 65535);
for (int i = 0; i < t.PrefixCount; ++i)
{
if (idx == t.pPrefixEntry[i].ndx)
{
found = false;
break;
}
}
}
nt[nt.Length + 1] = new PrefixTableEntry();
nt[nt.Length + 1].ndx = idx;
nt[nt.Length + 1].prefix.length = (uint)s.Length;
nt[nt.Length + 1].prefix.elements = s;
t.PrefixCount++;
t.pPrefixEntry = nt;
}
public void DRSR_DRSVerifyNames_Verify_Dsnames()
{
DrsrTestChecker.Check();
// Init the data.
EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];
uint ret = 0;
ret = drsTestClient.DrsBind(
srv,
EnvironmentConfig.User.ParentDomainAdmin,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
);
BaseTestSite.Assert.AreEqual <uint>(0, ret,
"IDL_DRSBind: Checking return value - got: {0}, expect: {1}, return value should always be 0 with a success bind to DC",
ret, 0);
// Create a DSNAME
string dn = server.Site.DN;
DSNAME dsSite = ldapAdapter.GetDsName(server, dn).Value;
// Prefix table
SCHEMA_PREFIX_TABLE prefixTable = OIDUtility.CreatePrefixTable();
// Create the attribute block. Here we go to RDN attribute.
string rdnAttrId = DRSConstants.RDN_OID;
uint attrTyp = OIDUtility.MakeAttid(prefixTable, rdnAttrId);
ATTRVAL attrVal = DrsuapiClient.CreateATTRVAL(null);
ATTRVALBLOCK attrValBlock = DrsuapiClient.CreateATTRVALBLOCK(new ATTRVAL[] { attrVal });
ATTR attr = DrsuapiClient.CreateATTR(attrTyp, attrValBlock);
ATTRBLOCK attrBlock = DrsuapiClient.CreateATTRBLOCK(new ATTR[] { attr });
// Actual RPC call.
ret = drsTestClient.DrsVerifyNames(
srv,
dwInVersion_Values.V1,
DRS_MSG_VERIFYREQ_V1_dwFlags_Values.DRS_VERIFY_DSNAMES,
new DSNAME[] { dsSite },
new string[] { dn },
attrBlock,
prefixTable
);
BaseTestSite.Assert.AreEqual <uint>(0, ret,
"IDL_DRSVerifyNames: Checking return value - got: {0}, expect: {1}, return value should always be 0",
ret, 0);
// Unbind
ret = drsTestClient.DrsUnbind(srv);
BaseTestSite.Assert.AreEqual <uint>(0, ret,
"IDL_DRSUnbind: Checking return value - got: {0}, expect: {1}, return value should always be 0",
ret, 0);
}
/// <summary>
/// If the attribute is one of
///
/// currentValue, dBCSPwd, initialAuthIncoming, initialAuthOutgoing,
/// lmPwdHistory, ntPwdHistory, priorValue, supplementalCredentials,
/// trustAuthIncoming, trustAuthOutgoing, unicodePwd
///
/// this function will return true
/// </summary>
/// <param name="attrType">the attribute type</param>
/// <param name="prefixTable">the prefix table from the server</param>
/// <returns></returns>
bool IsSecretAttribute(DsServer dc, uint attrType, SCHEMA_PREFIX_TABLE prefixTable, out string displayName)
{
HashSet <string> secretAttrs = new HashSet <string>(new string[] {
"currentValue", "dBCSPwd", "initialAuthIncoming", "initialAuthOutgoing",
"lmPwdHistory", "ntPwdHistory", "priorValue", "supplementalCredentials",
"trustAuthIncoming", "trustAuthOutgoing", "unicodePwd"
});
displayName = GetLdapDisplayName(dc, attrType, prefixTable);
return(secretAttrs.Contains(displayName));
}
public static uint MakeAttid(SCHEMA_PREFIX_TABLE t, string o)
{
string lastValueString;
uint lastValue, lowerWord;
byte[] binaryOID, oidPrefix;
uint attr;
uint pos = 0;
string[] ss = o.Split('.');
lastValueString = ss[ss.Length - 1];
lastValue = Convert.ToUInt32(lastValueString);
binaryOID = ToBinaryOID(o);
if (lastValue < 128)
{
oidPrefix = SubBinary(binaryOID, 0, binaryOID.Length - 1);
}
else
{
oidPrefix = SubBinary(binaryOID, 0, binaryOID.Length - 2);
}
bool fToAdd = true;
for (uint i = 0; i < t.PrefixCount; ++i)
{
if (DrsrHelper.IsByteArrayEqual(t.pPrefixEntry[i].prefix.elements, oidPrefix))
{
fToAdd = false;
pos = i;
break;
}
}
if (fToAdd)
{
pos = (uint)t.PrefixCount;
AddPrefixTableEntry(ref t, oidPrefix);
}
lowerWord = lastValue % 16384;
if (lastValue >= 16384)
{
lowerWord += 32768;
}
uint upperWord = t.pPrefixEntry[pos].ndx;
attr = upperWord * 65536 + lowerWord;
return(attr);
}
public static uint attrTyp(DsServer dc, string attrName)
{
RootDSE rootDse = LdapUtility.GetRootDSE(dc);
SCHEMA_PREFIX_TABLE prefixTable = OIDUtility.CreatePrefixTable();
string attrOid = GetAttributeValueInString(
dc,
rootDse.schemaNamingContext,
"attributeID",
"(lDAPDisplayName=" + attrName + ")",
System.DirectoryServices.Protocols.SearchScope.OneLevel
);
uint attrTyp = OIDUtility.MakeAttid(prefixTable, attrOid);
return(attrTyp);
}
// Helper functions
string GetLdapDisplayName(DsServer dc, uint attrType, SCHEMA_PREFIX_TABLE prefixTable)
{
// translate the attrType to OID
string oid = OIDUtility.OidFromAttrid(prefixTable, attrType);
// get the lDAPDisplayName of the attribute
// schema nc
string schemaNc = LdapUtility.GetDnFromNcType(dc, NamingContext.SchemaNC);
return(ldapAdapter.GetAttributeValueInString(
dc,
schemaNc,
"lDAPDisplayName",
"(attributeID=" + oid + ")",
SearchScope.OneLevel
));
}
public static SCHEMA_PREFIX_TABLE CreatePrefixTable()
{
List <PrefixTableEntry> entries = new List <PrefixTableEntry>();
entries.Add(MakePrefixTableEntry("\x55\x4", 0));
entries.Add(MakePrefixTableEntry("\x55\x6", 1));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x14\x01\x02", 2));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x14\x01\x03", 3));
entries.Add(MakePrefixTableEntry("\x60\x86\x48\x01\x65\x02\x02\x01", 4));
entries.Add(MakePrefixTableEntry("\x60\x86\x48\x01\x65\x02\x02\x03", 5));
entries.Add(MakePrefixTableEntry("\x60\x86\x48\x01\x65\x02\x01\x05", 6));
entries.Add(MakePrefixTableEntry("\x60\x86\x48\x01\x65\x02\x01\x04", 7));
entries.Add(MakePrefixTableEntry("\x55\x5", 8));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x14\x01\x04", 9));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x14\x01\x05", 10));
entries.Add(MakePrefixTableEntry("\x09\x92\x26\x89\x93\xF2\x2C\x64", 19));
entries.Add(MakePrefixTableEntry("\x60\x86\x48\x01\x86\xF8\x42\x03", 20));
entries.Add(MakePrefixTableEntry("\x09\x92\x26\x89\x93\xF2\x2C\x64\x01", 21));
entries.Add(MakePrefixTableEntry("\x60\x86\x48\x01\x86\xF8\x42\x03\x01", 22));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x14\x01\x05\xB6\x58", 23));
entries.Add(MakePrefixTableEntry("\x55\x15", 24));
entries.Add(MakePrefixTableEntry("\x55\x12", 25));
entries.Add(MakePrefixTableEntry("\x55\x14", 26));
entries.Add(MakePrefixTableEntry("\x2B\x06\x01\x04\x01\x8B\x3A\x65\x77", 27));
entries.Add(MakePrefixTableEntry("\x60\x86\x48\x01\x86\xF8\x42\x03\x02", 28));
entries.Add(MakePrefixTableEntry("\x2B\x06\x01\x04\x01\x81\x7A\x01", 29));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x0D\x01\x09", 30));
entries.Add(MakePrefixTableEntry("\x09\x92\x26\x89\x93\xF2\x2C\x64\x04", 31));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x14\x01\x06\x17", 32));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x14\x01\x06\x12\x01", 33));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x14\x01\x06\x12\x02", 34));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x14\x01\x06\x0D\x03", 35));
entries.Add(MakePrefixTableEntry("\x2A\x86\x48\x86\xF7\x14\x01\x06\x0D\x04", 36));
entries.Add(MakePrefixTableEntry("\x2B\x06\x01\x01\x01\x01", 37));
entries.Add(MakePrefixTableEntry("\x2B\x06\x01\x01\x01\x02", 38));
SCHEMA_PREFIX_TABLE table = new SCHEMA_PREFIX_TABLE();
table.PrefixCount = (uint)entries.Count;
table.pPrefixEntry = entries.ToArray();
return(table);
}
public static string OidFromAttrid(SCHEMA_PREFIX_TABLE t, uint attr)
{
uint upperWord, lowerWord;
byte[] binaryOID = null;
upperWord = attr / 65536;
lowerWord = attr % 65536;
for (int i = 0; i < t.PrefixCount; ++i)
{
if (t.pPrefixEntry[i].ndx == upperWord)
{
if (lowerWord < 128)
{
binaryOID = CatBinary(t.pPrefixEntry[i].prefix.elements, (byte)lowerWord);
}
else
{
if (lowerWord >= 32768)
{
lowerWord -= 32768;
}
binaryOID = CatBinary(t.pPrefixEntry[i].prefix.elements, (byte)(((lowerWord / 128) % 128) + 128));
binaryOID = CatBinary(binaryOID, (byte)(lowerWord % 128));
}
}
}
if (binaryOID == null)
{
return(null);
}
return(ToStringOID(binaryOID));
}
public void DRSR_DRSVerifyNames_Verify_SAM_Account_Names()
{
DrsrTestChecker.Check();
// Init the data.
EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];
DsUser user = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];
uint ret = 0;
ret = drsTestClient.DrsBind(
srv,
EnvironmentConfig.User.ParentDomainAdmin,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSBind: should return 0 with a success bind to DC");
// Create a DSNAME with only SAMAccountName.
string userDn = ldapAdapter.GetUserDn(server, user);
string sAMAccountName = (string)ldapAdapter.GetAttributeValue(server, userDn, "sAMAccountName");
DSNAME dsUser = DrsuapiClient.CreateDsName(sAMAccountName, Guid.Empty, null);
// Prefix table
SCHEMA_PREFIX_TABLE prefixTable = OIDUtility.CreatePrefixTable();
// Create the attribute block. Here we go to RDN attribute.
string rdnAttrId = DRSConstants.RDN_OID;
uint attrTyp = OIDUtility.MakeAttid(prefixTable, rdnAttrId);
ATTRVAL attrVal = DrsuapiClient.CreateATTRVAL(null);
ATTRVALBLOCK attrValBlock = DrsuapiClient.CreateATTRVALBLOCK(new ATTRVAL[] { attrVal });
ATTR attr = DrsuapiClient.CreateATTR(attrTyp, attrValBlock);
ATTRBLOCK attrBlock = DrsuapiClient.CreateATTRBLOCK(new ATTR[] { attr });
// Actual RPC call.
ret = drsTestClient.DrsVerifyNames(
srv,
dwInVersion_Values.V1,
DRS_MSG_VERIFYREQ_V1_dwFlags_Values.DRS_VERIFY_SAM_ACCOUNT_NAMES,
new DSNAME[] { dsUser },
new string[] { userDn },
attrBlock,
prefixTable
);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSVerifyNames: return value should be 0"
);
// Unbind
ret = drsTestClient.DrsUnbind(srv);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSUnbind: return value should be 0");
}
public static ATTRVAL ATTRVALFromValue(DsServer dc, string v, string attrSyntax, SCHEMA_PREFIX_TABLE prefixTable)
{
ATTRVAL attrVal = new ATTRVAL();
switch (attrSyntax)
{
case "2.2.5.8": // Boolean
{
attrVal.valLen = 4;
attrVal.pVal = new byte[4];
if (v == "TRUE")
{
attrVal.pVal[0] = 1;
}
else
{
attrVal.pVal[0] = 0;
}
break;
}
case "2.5.5.9": // Enumeration, Integer
{
attrVal.valLen = 4;
int intValue = Convert.ToInt32(v);
attrVal.pVal = BitConverter.GetBytes(intValue);
break;
}
case "2.5.5.16": // LargeInteger
{
attrVal.valLen = 8;
long intValue = Convert.ToInt64(v);
attrVal.pVal = BitConverter.GetBytes(intValue);
break;
}
case "2.5.5.13": // Object (Presentation-Address)
{
System.Text.UnicodeEncoding utf16 = new System.Text.UnicodeEncoding();
byte[] data = utf16.GetBytes(v);
attrVal.valLen = (uint)data.Length + 4;
attrVal.pVal = new byte[attrVal.valLen];
byte[] intBytes = BitConverter.GetBytes(attrVal.valLen);
Array.Copy(intBytes, 0, attrVal.pVal, 0, intBytes.Length);
Array.Copy(data, 0, attrVal.pVal, intBytes.Length, data.Length);
break;
}
case "2.5.5.4": // String (Teletex)
case "2.5.5.5": // String (IA5), String (Printable)
case "2.5.5.6": // String (Numeric)
case "2.5.5.10": // Object (Replica-Link), string (Octet)
{
attrVal.pVal = ToBinary(v);
attrVal.valLen = (uint)attrVal.pVal.Length;
break;
}
case "2.5.5.2": // String (Object-Identifier)
{
if (v is string && v.Contains(".") == false)
{
// Look in the Schema NC for the object class and it's governsID.
RootDSE rootDse = LdapUtility.GetRootDSE(dc);
string schemaNc = rootDse.schemaNamingContext;
v = LdapUtility.GetAttributeValueInString(
dc,
schemaNc,
"governsId",
"(&(objectClass=classSchema)(lDAPDisplayName=" + v + "))",
System.DirectoryServices.Protocols.SearchScope.Subtree);
}
attrVal.valLen = 4;
uint attid = MakeAttid(prefixTable, v);
attrVal.pVal = BitConverter.GetBytes(attid);
break;
}
case "2.5.5.12": // String (Unicode)
{
System.Text.UnicodeEncoding utf16 = new System.Text.UnicodeEncoding();
attrVal.pVal = utf16.GetBytes(v);
attrVal.valLen = (uint)attrVal.pVal.Length;
break;
}
case "2.5.5.11": // String (UTC-Time), String (Generalized-Time)
{
DateTime t;
string timePattern = "yyyyMMddHHmmss.'0Z'";
DateTime.TryParseExact(
v,
timePattern,
null,
System.Globalization.DateTimeStyles.None,
out t);
DateTime dsTime = new DateTime(1601, 1, 1, 0, 0, 0);
TimeSpan diff = t - dsTime;
attrVal.valLen = 8;
attrVal.pVal = BitConverter.GetBytes((ulong)diff.TotalSeconds);
break;
}
case "2.5.5.1": // Object (DS-DN)
{
DSNAME dsName = ParseObjectDsDn(v);
attrVal.pVal = TypeMarshal.ToBytes <DSNAME>(dsName);
attrVal.valLen = (uint)attrVal.pVal.Length;
}
break;
case "2.5.5.14": // Object (DN-String), Object (Access-Point)
{
string pattern = @"S:([0-9a-fA-F]+):(.*):(.*)";
Regex r = new Regex(pattern);
Match m = r.Match(v);
uint char_count = (uint)Convert.ToInt32(m.Groups[1].Value, 16);
SYNTAX_ADDRESS sa = new SYNTAX_ADDRESS();
sa.dataLen = (2 * char_count) + 4;
System.Text.UnicodeEncoding utf16 = new System.Text.UnicodeEncoding();
sa.byteVal = utf16.GetBytes(m.Groups[2].Value);
byte[] saBin = TypeMarshal.ToBytes <SYNTAX_ADDRESS>(sa);
DSNAME dsdn = ParseObjectDsDn(m.Groups[3].Value);
byte[] dsdnBin = TypeMarshal.ToBytes <DSNAME>(dsdn);
// Add padding
uint p = 4 - dsdn.structLen % 4;
if (p == 4)
{
p = 0;
}
byte[] padding = new byte[p];
attrVal.pVal = new byte[dsdnBin.Length + p + saBin.Length];
Array.Copy(dsdnBin, attrVal.pVal, dsdnBin.Length);
Array.Copy(saBin, 0, attrVal.pVal, dsdnBin.Length + p, saBin.Length);
attrVal.valLen = (uint)attrVal.pVal.Length;
}
break;
case "2.5.5.7": // Object (DN-Binary), Object (OR-Name)
{
string pattern = @"B:([0-9a-fA-F]+):([0-9a-fA-F]+):(.*)";
Regex r = new Regex(pattern);
Match m = r.Match(v);
uint char_count = (uint)Convert.ToInt32(m.Groups[1].Value, 16);
SYNTAX_ADDRESS sa = new SYNTAX_ADDRESS();
sa.dataLen = char_count;
sa.byteVal = FromBinaryString(m.Groups[2].Value);
byte[] saBin = TypeMarshal.ToBytes <SYNTAX_ADDRESS>(sa);
DSNAME dsdn = ParseObjectDsDn(m.Groups[3].Value);
byte[] dsdnBin = TypeMarshal.ToBytes <DSNAME>(dsdn);
// Add padding
uint p = 4 - dsdn.structLen % 4;
if (p == 4)
{
p = 0;
}
byte[] padding = new byte[p];
attrVal.pVal = new byte[dsdnBin.Length + p + saBin.Length];
Array.Copy(dsdnBin, attrVal.pVal, dsdnBin.Length);
Array.Copy(saBin, 0, attrVal.pVal, dsdnBin.Length + p, saBin.Length);
attrVal.valLen = (uint)attrVal.pVal.Length;
}
break;
case "2.5.5.15": // String (NT-Sec-Desc)
case "2.5.5.17": // String (SID)
{
attrVal.pVal = FromBinaryString(v);
attrVal.valLen = (uint)attrVal.pVal.Length;
}
break;
default:
break;
}
return(attrVal);
}