internal static async Task <LdapTypeEnum> LookupSidType(string sid) { if (CommonPrincipal.GetCommonSid(sid, out var principal)) { return(principal.Type); } if (Cache.Instance.GetSidType(sid, out var type)) { return(type); } if (Options.Instance.DomainController != null) { type = await LookupSidTypeLdap(sid); } else { type = LookupSidTypeAPI(sid); } Cache.Instance.Add(sid, type); return(type); }
/// <summary> /// Prepends a common sid with the domain prefix, or just returns the sid back /// </summary> /// <param name="sid"></param> /// <param name="domain"></param> /// <returns>Prepended SID or same sid</returns> internal static string ConvertCommonSid(string sid, string domain) { if (CommonPrincipal.GetCommonSid(sid, out _)) { if (sid == "S-1-5-9") { var forest = GetForestName(domain); OutputTasks.SeenCommonPrincipals.TryAdd(forest, sid); return($"{forest}-{sid}".ToUpper()); } var nDomain = NormalizeDomainName(domain); OutputTasks.SeenCommonPrincipals.TryAdd(nDomain, sid); return($"{nDomain}-{sid}"); } return(sid); }
/// <summary> /// Extension method to determine the type of a SearchResultEntry. /// Requires objectsid, samaccounttype, objectclass /// </summary> /// <param name="searchResultEntry"></param> /// <returns></returns> public static LdapTypeEnum GetLdapType(this SearchResultEntry searchResultEntry) { var objectSid = searchResultEntry.GetSid(); if (CommonPrincipal.GetCommonSid(objectSid, out var commonPrincipal)) { return(commonPrincipal.Type); } var objectType = LdapTypeEnum.Unknown; var samAccountType = searchResultEntry.GetProperty("samaccounttype"); //Its not a common principal. Lets use properties to figure out what it actually is if (samAccountType != null) { if (samAccountType == "805306370") { return(LdapTypeEnum.Unknown); } objectType = Helpers.SamAccountTypeToType(samAccountType); } else { var objectClasses = searchResultEntry.GetPropertyAsArray("objectClass"); if (objectClasses == null) { objectType = LdapTypeEnum.Unknown; } else if (objectClasses.Contains("groupPolicyContainer")) { objectType = LdapTypeEnum.GPO; } else if (objectClasses.Contains("organizationalUnit")) { objectType = LdapTypeEnum.OU; } else if (objectClasses.Contains("domain")) { objectType = LdapTypeEnum.Domain; } } return(objectType); }
/// <summary> /// Does some common checks on a SID, and attempts to find the type of the object /// </summary> /// <param name="sid"></param> /// <param name="domain"></param> /// <returns></returns> internal static async Task <(string finalSid, LdapTypeEnum type)> ResolveSidAndGetType(string sid, string domain) { if (sid.Contains("0ACNF")) { return(null, LdapTypeEnum.Unknown); } if (CommonPrincipal.GetCommonSid(sid, out var commonPrincipal)) { var newSid = Helpers.ConvertCommonSid(sid, domain); return(newSid, commonPrincipal.Type); } if (Cache.Instance.GetSidType(sid, out var type)) { return(sid, type); } type = await LookupSidType(sid, domain); Cache.Instance.Add(sid, type); return(sid, type); }