static DSNAME ParseObjectDsDn(string object_dn)
{
string pattern = @"<GUID=([a-fA-F0-9\-]+)>;(<SID=([a-fA-F0-9]+)>;)?(.*)";
Regex r = new Regex(pattern);
Match m = r.Match(object_dn);
Guid guid = Guid.Empty;
string guidStr = m.Groups[1].Value;
if (guidStr.Contains("-"))
{
guid = new Guid(guidStr);
}
else
{
byte[] guidBinary = FromBinaryString(m.Groups[1].Value);
guid = new Guid(guidBinary);
}
string dn = m.Groups[4].Value;
DSNAME dsName = DrsuapiClient.CreateDsName(dn, guid, null);
string sidStr = m.Groups[3].Value;
if (sidStr.Length > 0)
{
byte[] sidBinary = FromBinaryString(sidStr);
SecurityIdentifier secId = new SecurityIdentifier(sidBinary, 0);
dsName.SidLen = (uint)secId.BinaryLength;
// Sid.Data is always 28 bytes long
Array.Copy(sidBinary, dsName.Sid.Data, sidBinary.Length);
}
return(dsName);
}
string DomainNetBIOSNameFromDomain(DsServer dc, DSNAME domainNc)
{
return(((string)GetAttributeValue(
dc,
LdapUtility.ConvertUshortArrayToString(domainNc.StringName),
"name")).ToUpper());
}
static int CompareDsNames(DSNAME a, DSNAME b)
{
string na = LdapUtility.ConvertUshortArrayToString(a.StringName);
string nb = LdapUtility.ConvertUshortArrayToString(b.StringName);
return(na.CompareTo(nb));
}
string GetCanonicalName(DsServer dc, DSNAME obj, bool extended)
{
string result;
string dn = LdapUtility.ConvertUshortArrayToString(obj.StringName);
//if (GetObjectNC(dc, obj).Guid == obj.Guid)
if (RetrieveDCSuffixFromDn(dn) == dn)
{
return(DomainDNSNameFromDomain(dc, obj));
}
DSNAME parentObj = GetDsName(dc, GetParentObjectDn(dn)).Value;
result = GetCanonicalName(dc, parentObj, false);
if (extended == true)
{
result = result + "\n";
}
else
{
result = result + "/";
}
string name = (string)GetAttributeValue(dc, dn, "name");
result = result + name;
return(result);
}
/// <summary>
/// get the DSName of the specified NC.
/// </summary>
/// <param name="domain">Domain that contains the NC.</param>
/// <param name="ncType">The naming context type.</param>
/// <returns>The DSName of the specified NC. Null if the NC is not existed.</returns>
public static DSNAME GetNamingContextDSName(DsDomain domain, NamingContext ncType)
{
DSNAME ncDsName = new DSNAME();
if (ncType == NamingContext.ConfigNC)
{
ncDsName = domain.ConfigNC;
}
else if (ncType == NamingContext.SchemaNC)
{
ncDsName = domain.SchemaNC;
}
else if (ncType == NamingContext.DomainNC)
{
if (domain is AddsDomain)
{
ncDsName = ((AddsDomain)domain).DomainNC;
}
}
else
{
if (domain is AdldsDomain)
{
ncDsName = ((AdldsDomain)domain).AppNCs[0];
}
}
return(ncDsName);
}
public DSNAME GetObjectNC(DsServer dc, DSNAME obj)
{
RootDSE rootDse = LdapUtility.GetRootDSE(dc);
string dn = LdapUtility.ConvertUshortArrayToString(obj.StringName);
string ncDn = "";
// there might be spaces between each RDN of the dn.
dn = TrimDn(dn);
// default first
if (rootDse.defaultNamingContext != null)
{
// AD LDS doesn't have default NC
if (dn.Contains(rootDse.defaultNamingContext))
{
ncDn = rootDse.defaultNamingContext;
}
}
if (dn.Contains(rootDse.configurationNamingContext))
{
ncDn = rootDse.configurationNamingContext;
}
if (dn.Contains(rootDse.schemaNamingContext))
{
ncDn = rootDse.schemaNamingContext;
}
return(LdapUtility.CreateDSNameForObject(dc, ncDn));
}
// <summary>
// the function is used to create a DrsUpdateRef request
// </summary>
public DRS_MSG_UPDREFS CreateRequestForDrsUpdateRef(
EnvironmentConfig.Machine machine,
DsServer dest,
DRS_OPTIONS options,
NamingContext nc = NamingContext.ConfigNC)
{
string nc_name = null;
Guid nc_guid = Guid.Empty;
string nc_sid = null;
DSNAME nc_obj;
switch (nc)
{
case NamingContext.ConfigNC:
nc_obj = dest.Domain.ConfigNC;
break;
case NamingContext.SchemaNC:
nc_obj = dest.Domain.SchemaNC;
break;
case NamingContext.AppNC:
if (EnvironmentConfig.TestDS)
{
nc_obj = ((AddsDomain)dest.Domain).OtherNCs[0];
}
else
{
nc_obj = ((AdldsDomain)dest.Domain).AppNCs[0];
}
break;
case NamingContext.DomainNC:
if (!EnvironmentConfig.TestDS)
{
nc_obj = new DSNAME();
}
nc_obj = ((AddsDomain)dest.Domain).DomainNC;
break;
default:
nc_obj = new DSNAME();
break;
}
nc_name = LdapUtility.ConvertUshortArrayToString(nc_obj.StringName);
nc_guid = nc_obj.Guid;
nc_sid = convertSidToString(nc_obj.Sid);
DRS_MSG_UPDREFS?req = DRSClient.CreateUpdateRefsRequest(
nc_name,
nc_guid,
nc_sid,
dest.DsaNetworkAddress,
dest.NtdsDsaObjectGuid,
options);
return((DRS_MSG_UPDREFS)req);
}
private void DRSReplicaSync_Invalid_Input_4(DrsReplicaSync_Versions dwInVersion)
{
uint ret = drsTestClient.DrsBind(
EnvironmentConfig.Machine.WritableDC1,
EnvironmentConfig.User.ParentDomainAdmin,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);
/* comments from TD */
/*
* if (DRS_SYNC_BYNAME in options and msgIn.pszDsaSrc = null)
* or (not DRS_SYNC_BYNAME in options and msgIn.uuidDsaSrc = null)
* or (not DRS_SYNC_BYNAME in options and msgIn.uuidDsaSrc = NULLGUID) then
* return ERROR_DS_DRA_INVALID_PARAMETER
* endif
*/
/* Create request message */
DRS_MSG_REPSYNC msgIn = new DRS_MSG_REPSYNC();
// NC
DsServer srv = (DsServer)EnvironmentConfig.MachineStore[EnvironmentConfig.Machine.WritableDC1];
RootDSE rootDse = LdapUtility.GetRootDSE(srv);
DSNAME ncDsname = LdapUtility.CreateDSNameForObject(srv, rootDse.configurationNamingContext);
switch (dwInVersion)
{
case DrsReplicaSync_Versions.V1:
msgIn = drsTestClient.CreateDrsReplicaSyncV1Request();
/* Setting param #1 */
msgIn.V1.ulOptions = 0;
/* Setting param #2 */
msgIn.V1.uuidDsaSrc = Guid.Empty;
msgIn.V1.pNC = ncDsname;
break;
case DrsReplicaSync_Versions.V2:
msgIn = drsTestClient.CreateDrsReplicaSyncV2Request();
/* Setting param #1 */
msgIn.V2.ulOptions = 0;
/* Setting param #2 */
msgIn.V2.uuidDsaSrc = Guid.Empty;
msgIn.V2.pNC = ncDsname;
break;
default:
BaseTestSite.Assert.Fail("The version {0} is not supported.", dwInVersion);
break;
}
/* Issue the request */
ret = drsTestClient.DRSClient.DrsReplicaSync(
EnvironmentConfig.DrsContextStore[EnvironmentConfig.Machine.WritableDC1],
(uint)dwInVersion,
msgIn);
BaseTestSite.Assert.AreEqual <uint>(
(uint)Win32ErrorCode_32.ERROR_DS_DRA_INVALID_PARAMETER,
ret,
"DrsReplicaSync: return code mismatch."
);
}
public void DRSR_DRSGetNCChanges_Access_Denied()
{
DrsrTestChecker.Check();
uint ret = drsTestClient.DrsBind(
EnvironmentConfig.Machine.WritableDC1,
EnvironmentConfig.User.ParentDomainUser,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
| DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_GETCHGREPLY_V6);
/* comments from TD */
/*
* if IsGetNCChangesPermissionGranted(msgIn) == FALSE then
* return ERROR_DRA_ACCESS_DENIED
* endif
*
*/
/* comments from likezh */
/*
* IsGetNCChangesPermissionGranted(msgIn) == FALSE
*/
//throw new NotImplementedException();
/* Create request message */
DRS_MSG_GETCHGREQ msgIn = drsTestClient.CreateDrsGetNcChangesV8Request();
uint dwInVersion = 8;
uint?dwOutVersion = 0;
DRS_MSG_GETCHGREPLY?reply;
/* Setting param #1 */
/*msgIn.V8.pNC = DefaultNC()*/
// NC
DsServer srv = (DsServer)EnvironmentConfig.MachineStore[EnvironmentConfig.Machine.WritableDC1];
RootDSE rootDse = LdapUtility.GetRootDSE(srv);
DSNAME ncDsname = LdapUtility.CreateDSNameForObject(srv, rootDse.configurationNamingContext);
msgIn.V8.pNC = ncDsname;
if (EnvironmentConfig.TestDS == false)
{
// ADAM requires a DSA GUID
msgIn.V8.uuidDsaObjDest = srv.NtdsDsaObjectGuid;
}
/* Issue the request */
ret = drsTestClient.DRSClient.DrsGetNcChanges(
EnvironmentConfig.DrsContextStore[EnvironmentConfig.Machine.WritableDC1],
dwInVersion,
msgIn,
out dwOutVersion,
out reply);
BaseTestSite.Assert.AreEqual <uint>(
(uint)Win32ErrorCode_32.ERROR_DS_DRA_ACCESS_DENIED,
ret,
"DrsGetNcChanges: return code mismatch."
);
}
public void DRSR_DRSGetObjectExistence_Access_Denied()
{
DrsrTestChecker.Check();
uint ret = drsTestClient.DrsBind(
EnvironmentConfig.Machine.WritableDC1,
EnvironmentConfig.User.ParentDomainUser,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);
/* comments from TD */
/*
* if not AccessCheckCAR(nc, DS-Replication-Get-Changes) then
* return ERROR_DS_DRA_ACCESS_DENIED
* endif
*
*/
/* comments from likezh */
/*
* !AccessCheckCAR(nc, DS-Replication-Get-Changes)
*/
//throw new NotImplementedException();
/* Create request message */
DRS_MSG_EXISTREQ msgIn = drsTestClient.CreateDrsGetObjectExistenceV1Request();
// NC
DsServer srv = (DsServer)EnvironmentConfig.MachineStore[EnvironmentConfig.Machine.WritableDC1];
RootDSE rootDse = LdapUtility.GetRootDSE(srv);
DSNAME ncDsname = LdapUtility.CreateDSNameForObject(srv, rootDse.defaultNamingContext);
msgIn.V1.pNC = ncDsname;
// This API will check the guidStart first to validate the input, so
// to go thru that we set the guidStart to any guid.
msgIn.V1.guidStart = DRSConstants.DrsRpcInterfaceGuid;
uint dwInVersion = 1;
uint?dwOutVersion = 0;
DRS_MSG_EXISTREPLY?reply;
/* Issue the request */
ret = drsTestClient.DRSClient.DrsGetObjectExistence(
EnvironmentConfig.DrsContextStore[EnvironmentConfig.Machine.WritableDC1],
dwInVersion,
msgIn,
out dwOutVersion,
out reply);
BaseTestSite.Assert.AreEqual <uint>(
(uint)Win32ErrorCode_32.ERROR_DS_DRA_ACCESS_DENIED,
ret,
"DrsGetObjectExistence: return code mismatch."
);
}
public void DRSR_DRSVerifyNames_Verify_Dsnames()
{
DrsrTestChecker.Check();
// Init the data.
EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];
uint ret = 0;
ret = drsTestClient.DrsBind(
srv,
EnvironmentConfig.User.ParentDomainAdmin,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
);
BaseTestSite.Assert.AreEqual <uint>(0, ret,
"IDL_DRSBind: Checking return value - got: {0}, expect: {1}, return value should always be 0 with a success bind to DC",
ret, 0);
// Create a DSNAME
string dn = server.Site.DN;
DSNAME dsSite = ldapAdapter.GetDsName(server, dn).Value;
// Prefix table
SCHEMA_PREFIX_TABLE prefixTable = OIDUtility.CreatePrefixTable();
// Create the attribute block. Here we go to RDN attribute.
string rdnAttrId = DRSConstants.RDN_OID;
uint attrTyp = OIDUtility.MakeAttid(prefixTable, rdnAttrId);
ATTRVAL attrVal = DrsuapiClient.CreateATTRVAL(null);
ATTRVALBLOCK attrValBlock = DrsuapiClient.CreateATTRVALBLOCK(new ATTRVAL[] { attrVal });
ATTR attr = DrsuapiClient.CreateATTR(attrTyp, attrValBlock);
ATTRBLOCK attrBlock = DrsuapiClient.CreateATTRBLOCK(new ATTR[] { attr });
// Actual RPC call.
ret = drsTestClient.DrsVerifyNames(
srv,
dwInVersion_Values.V1,
DRS_MSG_VERIFYREQ_V1_dwFlags_Values.DRS_VERIFY_DSNAMES,
new DSNAME[] { dsSite },
new string[] { dn },
attrBlock,
prefixTable
);
BaseTestSite.Assert.AreEqual <uint>(0, ret,
"IDL_DRSVerifyNames: Checking return value - got: {0}, expect: {1}, return value should always be 0",
ret, 0);
// Unbind
ret = drsTestClient.DrsUnbind(srv);
BaseTestSite.Assert.AreEqual <uint>(0, ret,
"IDL_DRSUnbind: Checking return value - got: {0}, expect: {1}, return value should always be 0",
ret, 0);
}
public void DRSR_DRSReplicaSync_Invalid_Input_2()
{
DrsrTestChecker.Check();
uint ret = drsTestClient.DrsBind(
EnvironmentConfig.Machine.WritableDC1,
EnvironmentConfig.User.ParentDomainAdmin,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);
/* comments from TD */
/*
* options := msgIn.ulOptions
* if msgIn.pNC = null
* or (not DRS_SYNC_ALL in options
* and msgIn.uuidDsaSrc = null
* and msgIn.pszDsaSrc = null) then
* return ERROR_DS_DRA_INVALID_PARAMETER
* endif
*
*/
/* Create request message */
DRS_MSG_REPSYNC msgIn = drsTestClient.CreateDrsReplicaSyncV1Request();
uint dwInVersion = 1;
/* Setting param #1 */
/*msgIn.V1.ulOptions = 0*/
msgIn.V1.ulOptions = 0;
/* Setting param #2 */
/*msgIn.V1.uuidDsaSrc = Guid.Empty*/
msgIn.V1.uuidDsaSrc = Guid.Empty;
/* Setting param #3 */
/*msgIn.V1.pszDsaSrc = null*/
msgIn.V1.pszDsaSrc = null;
// NC
DsServer srv = (DsServer)EnvironmentConfig.MachineStore[EnvironmentConfig.Machine.WritableDC1];
RootDSE rootDse = LdapUtility.GetRootDSE(srv);
DSNAME ncDsname = LdapUtility.CreateDSNameForObject(srv, rootDse.configurationNamingContext);
msgIn.V1.pNC = ncDsname;
/* Issue the request */
ret = drsTestClient.DRSClient.DrsReplicaSync(
EnvironmentConfig.DrsContextStore[EnvironmentConfig.Machine.WritableDC1],
dwInVersion,
msgIn);
BaseTestSite.Assert.AreEqual <uint>(
(uint)Win32ErrorCode_32.ERROR_DS_DRA_INVALID_PARAMETER,
ret,
"DrsReplicaSync: return code mismatch."
);
}
public void DRSR_DRSReplicaSync_No_Replica()
{
DrsrTestChecker.Check();
uint ret = drsTestClient.DrsBind(
EnvironmentConfig.Machine.WritableDC1,
EnvironmentConfig.User.ParentDomainAdmin,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);
/* comments from TD */
/*
* rf := select all v in nc!repsFrom
* where DRS_SYNC_ALL in options
* or (DRS_SYNC_BYNAME in options
* and v.naDsa = msgIn.pszDsaSrc)
* or (not DRS_SYNC_BYNAME in options
* and v.uuidDsa = msgIn.uuidDsaSrc)
* if rf = null then
* return ERROR_DS_DRA_NO_REPLICA
* endif
*
*/
/* Create request message */
DRS_MSG_REPSYNC msgIn = drsTestClient.CreateDrsReplicaSyncV1Request();
uint dwInVersion = 1;
/* Setting param #1 */
/*msgIn.V1.pszDsaSrc = "InvalidDsaSrc"*/
msgIn.V1.pszDsaSrc = "InvalidDsaSrc";
/* Setting param #2 */
/*msgIn.V1.ulOptions = (uint)DRS_OPTIONS.DRS_SYNC_BYNAME*/
msgIn.V1.ulOptions = (uint)DRS_OPTIONS.DRS_SYNC_BYNAME;
// NC
DsServer srv = (DsServer)EnvironmentConfig.MachineStore[EnvironmentConfig.Machine.WritableDC1];
RootDSE rootDse = LdapUtility.GetRootDSE(srv);
DSNAME ncDsname = LdapUtility.CreateDSNameForObject(srv, rootDse.defaultNamingContext);
msgIn.V1.pNC = ncDsname;
/* Issue the request */
ret = drsTestClient.DRSClient.DrsReplicaSync(
EnvironmentConfig.DrsContextStore[EnvironmentConfig.Machine.WritableDC1],
dwInVersion,
msgIn);
BaseTestSite.Assert.AreEqual <uint>(
(uint)Win32ErrorCode_32.ERROR_DS_DRA_NO_REPLICA,
ret,
"DrsReplicaSync: return code mismatch."
);
}
DSNAME?DescendantObject(DsServer dc, string ancestor, string rdns)
{
string dn = rdns + ancestor;
DSNAME ds = LdapUtility.CreateDSNameForObject(dc, dn);
if (ds.StringName == null)
{
return(null);
}
return(ds);
}
DSNAME[] LookupSPN(DsServer dc, uint flags, string name)
{
DSNAME[] rt = null;
Guid? dcGuid = null;
string[] spnMappings = null;
string mappedSpn = null;
RootDSE rootDse = LdapUtility.GetRootDSE(dc);
rt = LookupAttr(dc, flags, "servicePrincipalName", name);
if (rt != null)
{
return(rt);
}
string dsService = "CN=Directory Service,CN=Windows NT,CN=Services," + rootDse.configurationNamingContext;
spnMappings = LdapUtility.GetAttributeValuesString(dc, dsService + rootDse.configurationNamingContext, "sPNMappings");
if (spnMappings != null)
{
mappedSpn = MapSPN(name, spnMappings);
if (mappedSpn != null)
{
rt = LookupAttr(dc, flags, "servicePrincipalName", mappedSpn);
if (rt != null)
{
return(rt);
}
}
}
if (GetServiceClassFromSPN(name) == DrsrUtility.DRSUAPI_RPC_INTERFACE_UUID.ToString().ToUpper() &&
GetServiceNameFromSPN(name) == DomainNameFromDN(rootDse.defaultNamingContext))
{
dcGuid = new Guid(GetInstanceNameFromSPN(name));
if (dcGuid != null)
{
string objDn = LdapUtility.GetObjectDnByGuid(dc, rootDse.configurationNamingContext, dcGuid.Value);
if (objDn != null)
{
objDn = GetParentObjectDn(objDn);
if (objDn != null)
{
string srvRef = (string)GetAttributeValue(dc, objDn, "serverReference");
rt = new DSNAME[] { GetDsName(dc, srvRef).Value };
}
}
}
}
return(rt);
}
public DSNAME[] GetMemberships(
DsServer dc,
DSNAME names,
REVERSE_MEMBERSHIP_OPERATION_TYPE operationType,
DSNAME?limitingDomain)
{
string baseDn = LdapUtility.ConvertUshortArrayToString(
((AddsDomain)dc.Domain).DomainNC.StringName
);
string name = LdapUtility.ConvertUshortArrayToString(names.StringName);
List <DSNAME> results = new List <DSNAME>();
// GroupMembersTransitive
if (operationType == REVERSE_MEMBERSHIP_OPERATION_TYPE.GroupMembersTransitive)
{
return(GetGroupMembersTransitive(dc, names));
}
// Get the primary group first
DSNAME primaryGroup = LdapUtility.GetPrimaryGroup(dc, name, baseDn).Value;
uint groupType = (uint)Convert.ToInt32(
(string)LdapUtility.GetAttributeValue(
dc,
LdapUtility.ConvertUshortArrayToString(primaryGroup.StringName),
"groupType")
);
if (FilterGroupOperationType(operationType, groupType))
{
// Valid primary group
results.Add(primaryGroup);
}
string[] memberOfs = LdapUtility.GetAttributeValuesString(dc, name, "memberOf");
foreach (string grpName in memberOfs)
{
// Get groupType and filter using the filters
groupType = (uint)Convert.ToInt32(
LdapUtility.GetAttributeValue(dc, grpName, "groupType")
);
if (!FilterGroupOperationType(operationType, groupType))
{
continue;
}
results.Add(LdapUtility.CreateDSNameForObject(dc, grpName));
}
return(results.ToArray());
}
public void DRSR_DRSGetMemberships_Get_Global_Groups_Non_Transitive()
{
DrsrTestChecker.Check();
// Init the data.
EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];
DsUser user = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];
uint ret = 0;
ret = drsTestClient.DrsBind(
srv,
EnvironmentConfig.User.ParentDomainAdmin,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSBind: should return 0 with a success bind to DC");
DSNAME dsUser = ldapAdapter.GetDsName(
server,
ldapAdapter.GetUserDn(
server,
user
)
).Value;
ret = drsTestClient.DrsGetMemberships(
srv,
dwInVersion_Values.V1,
dsUser,
false,
REVERSE_MEMBERSHIP_OPERATION_TYPE.RevMembGlobalGroupsNonTransitive,
((AddsDomain)(server.Domain)).DomainNC);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSGetMemberships: return value should be 0");
// Unbind
ret = drsTestClient.DrsUnbind(srv);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSUnbind: return value should be 0");
}
public void DRSR_DRSGetMemberships_Get_Group_Members_Transitive()
{
DrsrTestChecker.Check();
// Init the data.
EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];
DsUser user = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];
uint ret = 0;
ret = drsTestClient.DrsBind(
srv,
EnvironmentConfig.User.ParentDomainAdmin,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSBind: should return 0 with a success bind to DC");
string groupDn = "CN=Domain Users,CN=Users," + DrsrHelper.GetDNFromFQDN(ADCommonServerAdapter.Instance(Site).PrimaryDomainDnsName);
DSNAME dsGroup = LdapUtility.CreateDSNameForObject(
server,
groupDn
);
ret = drsTestClient.DrsGetMemberships(
srv,
dwInVersion_Values.V1,
dsGroup,
false,
REVERSE_MEMBERSHIP_OPERATION_TYPE.GroupMembersTransitive,
null);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSGetMemberships: return value should be 0");
// Unbind
ret = drsTestClient.DrsUnbind(srv);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSUnbind: return value should be 0");
}
DirectoryAttribute GetAttrVals(
DsServer dc,
DSNAME o,
string attrName,
bool includeDeletedLinks = false)
{
SearchResultEntryCollection results = null;
ResultCode re = Search(
dc,
LdapUtility.ConvertUshortArrayToString(o.StringName),
"(objectClass=*)",
System.DirectoryServices.Protocols.SearchScope.Base,
new string[] { attrName },
out results);
if (re == ResultCode.Success)
{
return(results[0].Attributes[attrName]);
}
return(null);
}
private void DRSReplicaSync_Access_Denied(DrsReplicaSync_Versions dwInVersion)
{
uint ret = drsTestClient.DrsBind(
EnvironmentConfig.Machine.WritableDC1,
EnvironmentConfig.User.ParentDomainUser,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE);
/* comments from TD */
/*
* if AccessCheckCAR(nc, DS-Replication-Synchronize) then
* return ERROR_DS_DRA_ACCESS_DENIED
* endif
*/
/* comments from likezh */
/*
* !AccessCheckCAR(nc, DS-Replication-Synchronize)
*/
//throw new NotImplementedException();
/* Create request message */
DRS_MSG_REPSYNC msgIn = new DRS_MSG_REPSYNC();
// NC
DsServer srv = (DsServer)EnvironmentConfig.MachineStore[EnvironmentConfig.Machine.WritableDC1];
RootDSE rootDse = LdapUtility.GetRootDSE(srv);
DSNAME ncDsname = LdapUtility.CreateDSNameForObject(srv, rootDse.defaultNamingContext);
switch (dwInVersion)
{
case DrsReplicaSync_Versions.V1:
msgIn = drsTestClient.CreateDrsReplicaSyncV1Request();
msgIn.V1.pNC = ncDsname;
// This API will check the uuidDsaSrc first to validate the input, so
// to go thru that we set the uuidDsaSrc to any guid.
msgIn.V1.uuidDsaSrc = DRSConstants.DrsRpcInterfaceGuid;
break;
case DrsReplicaSync_Versions.V2:
msgIn = drsTestClient.CreateDrsReplicaSyncV2Request();
msgIn.V2.pNC = ncDsname;
// This API will check the uuidDsaSrc first to validate the input, so
// to go thru that we set the uuidDsaSrc to any guid.
msgIn.V2.uuidDsaSrc = DRSConstants.DrsRpcInterfaceGuid;
break;
default:
BaseTestSite.Assert.Fail("The version {0} is not supported.", dwInVersion);
break;
}
/* Issue the request */
ret = drsTestClient.DRSClient.DrsReplicaSync(
EnvironmentConfig.DrsContextStore[EnvironmentConfig.Machine.WritableDC1],
(uint)dwInVersion,
msgIn);
BaseTestSite.Assert.AreEqual <uint>(
(uint)Win32ErrorCode_32.ERROR_DS_DRA_ACCESS_DENIED,
ret,
"DrsReplicaSync: return code mismatch."
);
}
/// <summary>
/// load all infos
/// </summary>
/// <param name="site">PTD test site</param>
public static void Initialize(ITestSite site)
{
if (site == null)
{
throw new ApplicationException("TestSite could not be NULL.");
}
//only initialize once
if (dataLoaded)
{
if (!init_succeed)
{
site.Assert.Fail("EnvironmentConfig init failed in previous cases");
}
return;
}
//try
//{
testSite = site;
ldapAd = site.GetAdapter <ILdapAdapter>();
ldapAd.Site = site;
testDS = bool.Parse(site.Properties["MS_DRSR.TestDS"]);
funcLv = (Microsoft.Protocols.TestTools.StackSdk.ActiveDirectory.Drsr.DrsrDomainFunctionLevel)(ADCommonServerAdapter.Instance(testSite).DomainFunctionLevel);
UseKerberos = bool.Parse(site.Properties["MS_DRSR.UseKerberos"]);
UseNativeRpcLib = bool.Parse(site.Properties["MS_DRSR.UseNativeRpcLib"]);
//create normal user account if it does not exist yet
string serverName = ADCommonServerAdapter.Instance(testSite).PDCNetbiosName;
string serverPort = ADCommonServerAdapter.Instance(testSite).ADDSPortNum;
string domainNC = "DC=" + ADCommonServerAdapter.Instance(testSite).PrimaryDomainDnsName.Replace(".", ",DC=");
string parentDN = string.Format("CN=Users,{0}", domainNC);
string userDN = string.Format("CN={0},CN=Users,{1}", DomainUserName, domainNC);
string userPassword = ADCommonServerAdapter.Instance(testSite).DomainUserPassword;
if (!Utilities.IsObjectExist(userDN, serverName, serverPort))
{
Utilities.NewUser(serverName, serverPort, parentDN, DomainUserName, userPassword);
}
//please do all object intialization in this call following example
InitUserObjects();
InitDomainObjects();
InitMachineObjects();
FinishUserObjects();
//load DS AppNC late due to rootDSE search issue
if (testDS && !string.IsNullOrEmpty(AppNCDistinguishedName))
{
((AddsDomain)DomainStore[DomainEnum.PrimaryDomain]).OtherNCs = new DSNAME[1];
((AddsDomain)DomainStore[DomainEnum.PrimaryDomain]).OtherNCs[0] = ldapAd.GetDsName((DsServer)MachineStore[Machine.WritableDC1], AppNCDistinguishedName).Value;
}
MainDC = (AddsServer)EnvironmentConfig.MachineStore[Machine.MainDC];
DsServer s1 = (DsServer)EnvironmentConfig.MachineStore[Machine.WritableDC1];
transport_obj = ldapAd.GetDsName(
s1,
"cn=ip,cn=inter-site transports,cn=sites,"
+ LdapUtility.ConvertUshortArrayToString(s1.Domain.ConfigNC.StringName)
).Value;
DsUser dcAccount = new DsUser();
dcAccount.Domain = s1.Domain;
dcAccount.Username = s1.NetbiosName + "$";
dcAccount.Password = ADCommonServerAdapter.Instance(testSite).PDCPassword;
UserStore.Add(User.MainDCAccount, dcAccount);
//not always need dc2
if (EnvironmentConfig.MachineStore.ContainsKey(Machine.WritableDC2))
{
DsServer s2 = (DsServer)EnvironmentConfig.MachineStore[Machine.WritableDC2];
DsUser dcAccount2 = new DsUser();
dcAccount2.Domain = s2.Domain;
dcAccount2.Username = s2.NetbiosName + "$";
dcAccount2.Password = ADCommonServerAdapter.Instance(testSite).SDCPassword;
UserStore.Add(User.WritableDC2Account, dcAccount2);
}
if (EnvironmentConfig.MachineStore.ContainsKey(Machine.RODC))
{
DsServer rodc = (DsServer)EnvironmentConfig.MachineStore[Machine.RODC];
DsUser rodcAccount = new DsUser();
rodcAccount.Domain = rodc.Domain;
rodcAccount.Username = rodc.NetbiosName + "$";
rodcAccount.Password = ADCommonServerAdapter.Instance(testSite).RODCPassword;
UserStore.Add(User.RODCMachineAccount, rodcAccount);
}
//}
//catch (Exception e)
//{
// init_succeed = false;
// site.Assert.Fail("data initialization failed due to exception:" + e.InnerException == null ? e.Message : e.InnerException.Message);
//}
//alwasy only init once
dataLoaded = true;
}
string[] ConstructOutput(DsServer dc, DSNAME obj, uint formatDesired)
{
string dn = LdapUtility.ConvertUshortArrayToString(obj.StringName);
if (dn == null)
{
return(null);
}
string value = null;
switch (formatDesired)
{
case (uint)DS_NAME_FORMAT.DS_FQDN_1779_NAME:
value = (string)GetAttributeValue(dc, dn, "distinguishedName");
break;
case (uint)DS_NAME_FORMAT.DS_NT4_ACCOUNT_NAME:
value = DomainNetBIOSNameFromDomain(dc, GetObjectNC(dc, obj)) + "\\" +
(string)GetAttributeValue(dc, dn, "sAMAccountName");
break;
case (uint)DS_NAME_FORMAT.DS_USER_PRINCIPAL_NAME:
value = (string)GetAttributeValue(dc, dn, "userPrincipalName");
break;
case (uint)DS_NAME_FORMAT.DS_CANONICAL_NAME:
value = GetCanonicalName(dc, obj, false);
break;
case (uint)DS_NAME_FORMAT.DS_UNIQUE_ID_NAME:
// curly-braced form.
value = "{"
+ (new Guid((byte[])GetAttributeValue(dc, dn, "objectGuid"))).ToString()
+ "}";
break;
case (uint)DS_NAME_FORMAT.DS_DISPLAY_NAME:
value = (string)GetAttributeValue(dc, dn, "displayName");
break;
case (uint)DS_NAME_FORMAT.DS_SERVICE_PRINCIPAL_NAME:
return(LdapUtility.GetAttributeValuesString(dc, dn, "servicePrincipalName"));
case (uint)DS_NAME_FORMAT.DS_CANONICAL_NAME_EX:
value = GetCanonicalName(dc, obj, true);
break;
case (uint)formatDesired_Values.DS_STRING_SID_NAME:
value = LdapUtility.GetObjectStringSid(dc, dn);
break;
case (uint)formatDesired_Values.DS_USER_PRINCIPAL_NAME_FOR_LOGON:
{
string upn = (string)GetAttributeValue(dc, dn, "userPrincipalName");
if (upn != null)
{
value = upn;
}
else
{
value = (string)GetAttributeValue(dc, dn, "sAMAccountName") + "@"
+ DomainNetBIOSNameFromDomain(dc, GetObjectNC(dc, obj));
}
}
break;
default:
break;
}
if (value != null)
{
return new string[] { value }
}
;
return(null);
}
DS_NAME_RESULT_ITEMW LookupFPO(bool fCanonicalEx, DSNAME obj, DS_NAME_RESULT_ITEMW result)
{
throw new NotImplementedException();
}
public static ATTRVAL ATTRVALFromValue(DsServer dc, string v, string attrSyntax, SCHEMA_PREFIX_TABLE prefixTable)
{
ATTRVAL attrVal = new ATTRVAL();
switch (attrSyntax)
{
case "2.2.5.8": // Boolean
{
attrVal.valLen = 4;
attrVal.pVal = new byte[4];
if (v == "TRUE")
{
attrVal.pVal[0] = 1;
}
else
{
attrVal.pVal[0] = 0;
}
break;
}
case "2.5.5.9": // Enumeration, Integer
{
attrVal.valLen = 4;
int intValue = Convert.ToInt32(v);
attrVal.pVal = BitConverter.GetBytes(intValue);
break;
}
case "2.5.5.16": // LargeInteger
{
attrVal.valLen = 8;
long intValue = Convert.ToInt64(v);
attrVal.pVal = BitConverter.GetBytes(intValue);
break;
}
case "2.5.5.13": // Object (Presentation-Address)
{
System.Text.UnicodeEncoding utf16 = new System.Text.UnicodeEncoding();
byte[] data = utf16.GetBytes(v);
attrVal.valLen = (uint)data.Length + 4;
attrVal.pVal = new byte[attrVal.valLen];
byte[] intBytes = BitConverter.GetBytes(attrVal.valLen);
Array.Copy(intBytes, 0, attrVal.pVal, 0, intBytes.Length);
Array.Copy(data, 0, attrVal.pVal, intBytes.Length, data.Length);
break;
}
case "2.5.5.4": // String (Teletex)
case "2.5.5.5": // String (IA5), String (Printable)
case "2.5.5.6": // String (Numeric)
case "2.5.5.10": // Object (Replica-Link), string (Octet)
{
attrVal.pVal = ToBinary(v);
attrVal.valLen = (uint)attrVal.pVal.Length;
break;
}
case "2.5.5.2": // String (Object-Identifier)
{
if (v is string && v.Contains(".") == false)
{
// Look in the Schema NC for the object class and it's governsID.
RootDSE rootDse = LdapUtility.GetRootDSE(dc);
string schemaNc = rootDse.schemaNamingContext;
v = LdapUtility.GetAttributeValueInString(
dc,
schemaNc,
"governsId",
"(&(objectClass=classSchema)(lDAPDisplayName=" + v + "))",
System.DirectoryServices.Protocols.SearchScope.Subtree);
}
attrVal.valLen = 4;
uint attid = MakeAttid(prefixTable, v);
attrVal.pVal = BitConverter.GetBytes(attid);
break;
}
case "2.5.5.12": // String (Unicode)
{
System.Text.UnicodeEncoding utf16 = new System.Text.UnicodeEncoding();
attrVal.pVal = utf16.GetBytes(v);
attrVal.valLen = (uint)attrVal.pVal.Length;
break;
}
case "2.5.5.11": // String (UTC-Time), String (Generalized-Time)
{
DateTime t;
string timePattern = "yyyyMMddHHmmss.'0Z'";
DateTime.TryParseExact(
v,
timePattern,
null,
System.Globalization.DateTimeStyles.None,
out t);
DateTime dsTime = new DateTime(1601, 1, 1, 0, 0, 0);
TimeSpan diff = t - dsTime;
attrVal.valLen = 8;
attrVal.pVal = BitConverter.GetBytes((ulong)diff.TotalSeconds);
break;
}
case "2.5.5.1": // Object (DS-DN)
{
DSNAME dsName = ParseObjectDsDn(v);
attrVal.pVal = TypeMarshal.ToBytes <DSNAME>(dsName);
attrVal.valLen = (uint)attrVal.pVal.Length;
}
break;
case "2.5.5.14": // Object (DN-String), Object (Access-Point)
{
string pattern = @"S:([0-9a-fA-F]+):(.*):(.*)";
Regex r = new Regex(pattern);
Match m = r.Match(v);
uint char_count = (uint)Convert.ToInt32(m.Groups[1].Value, 16);
SYNTAX_ADDRESS sa = new SYNTAX_ADDRESS();
sa.dataLen = (2 * char_count) + 4;
System.Text.UnicodeEncoding utf16 = new System.Text.UnicodeEncoding();
sa.byteVal = utf16.GetBytes(m.Groups[2].Value);
byte[] saBin = TypeMarshal.ToBytes <SYNTAX_ADDRESS>(sa);
DSNAME dsdn = ParseObjectDsDn(m.Groups[3].Value);
byte[] dsdnBin = TypeMarshal.ToBytes <DSNAME>(dsdn);
// Add padding
uint p = 4 - dsdn.structLen % 4;
if (p == 4)
{
p = 0;
}
byte[] padding = new byte[p];
attrVal.pVal = new byte[dsdnBin.Length + p + saBin.Length];
Array.Copy(dsdnBin, attrVal.pVal, dsdnBin.Length);
Array.Copy(saBin, 0, attrVal.pVal, dsdnBin.Length + p, saBin.Length);
attrVal.valLen = (uint)attrVal.pVal.Length;
}
break;
case "2.5.5.7": // Object (DN-Binary), Object (OR-Name)
{
string pattern = @"B:([0-9a-fA-F]+):([0-9a-fA-F]+):(.*)";
Regex r = new Regex(pattern);
Match m = r.Match(v);
uint char_count = (uint)Convert.ToInt32(m.Groups[1].Value, 16);
SYNTAX_ADDRESS sa = new SYNTAX_ADDRESS();
sa.dataLen = char_count;
sa.byteVal = FromBinaryString(m.Groups[2].Value);
byte[] saBin = TypeMarshal.ToBytes <SYNTAX_ADDRESS>(sa);
DSNAME dsdn = ParseObjectDsDn(m.Groups[3].Value);
byte[] dsdnBin = TypeMarshal.ToBytes <DSNAME>(dsdn);
// Add padding
uint p = 4 - dsdn.structLen % 4;
if (p == 4)
{
p = 0;
}
byte[] padding = new byte[p];
attrVal.pVal = new byte[dsdnBin.Length + p + saBin.Length];
Array.Copy(dsdnBin, attrVal.pVal, dsdnBin.Length);
Array.Copy(saBin, 0, attrVal.pVal, dsdnBin.Length + p, saBin.Length);
attrVal.valLen = (uint)attrVal.pVal.Length;
}
break;
case "2.5.5.15": // String (NT-Sec-Desc)
case "2.5.5.17": // String (SID)
{
attrVal.pVal = FromBinaryString(v);
attrVal.valLen = (uint)attrVal.pVal.Length;
}
break;
default:
break;
}
return(attrVal);
}
public DSNAME[] GetGroupMembersTransitive(
DsServer dc,
DSNAME name)
{
string baseDn = LdapUtility.ConvertUshortArrayToString(
((AddsDomain)dc.Domain).DomainNC.StringName
);
List <DSNAME> names = new List <DSNAME>();
// primary groups
uint pgId = 0;
for (int i = 0; i < 4; ++i)
{
pgId <<= 8;
pgId += name.Sid.Data[name.SidLen - i - 1];
}
SearchResultEntryCollection results = null;
DirectoryControlCollection cc = new DirectoryControlCollection();
cc.Add(new SearchOptionsControl(SearchOption.DomainScope));
ResultCode r = ControlledSearch(
dc,
baseDn,
"(primaryGroupId=" + pgId.ToString() + ")",
System.DirectoryServices.Protocols.SearchScope.Subtree,
null,
cc,
out results);
if (r == ResultCode.Success)
{
foreach (SearchResultEntry e in results)
{
string obj = e.DistinguishedName;
names.Add(LdapUtility.CreateDSNameForObject(dc, obj));
}
}
string[] members = LdapUtility.GetAttributeValuesString(
dc,
LdapUtility.ConvertUshortArrayToString(name.StringName),
"member");
if (members != null)
{
foreach (string m in members)
{
names.Add(LdapUtility.CreateDSNameForObject(dc, m));
}
}
if (names.Count > 0)
{
List <DSNAME> tn = new List <DSNAME>();
foreach (DSNAME n in names)
{
// Recursively find all members of the member.
DSNAME[] ns = GetGroupMembersTransitive(dc, n);
if (ns != null)
{
tn.AddRange(ns);
}
}
if (tn.Count > 0)
{
names.AddRange(tn);
}
// Remove duplicates
Comparison <DSNAME> cmp = new Comparison <DSNAME>(CompareDsNames);
names.Sort(cmp);
int i = 0;
while (i < names.Count - 1)
{
string na = LdapUtility.ConvertUshortArrayToString(names[i].StringName);
string nb = LdapUtility.ConvertUshortArrayToString(names[i + 1].StringName);
if (na == nb)
{
names.RemoveAt(i);
}
else
{
++i;
}
}
return(names.ToArray());
}
return(null);
}
public void DRSR_DRSVerifyNames_Verify_SAM_Account_Names()
{
DrsrTestChecker.Check();
// Init the data.
EnvironmentConfig.Machine srv = EnvironmentConfig.Machine.WritableDC1;
DsServer server = (DsServer)EnvironmentConfig.MachineStore[srv];
DsUser user = EnvironmentConfig.UserStore[EnvironmentConfig.User.ParentDomainAdmin];
uint ret = 0;
ret = drsTestClient.DrsBind(
srv,
EnvironmentConfig.User.ParentDomainAdmin,
DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE
);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSBind: should return 0 with a success bind to DC");
// Create a DSNAME with only SAMAccountName.
string userDn = ldapAdapter.GetUserDn(server, user);
string sAMAccountName = (string)ldapAdapter.GetAttributeValue(server, userDn, "sAMAccountName");
DSNAME dsUser = DrsuapiClient.CreateDsName(sAMAccountName, Guid.Empty, null);
// Prefix table
SCHEMA_PREFIX_TABLE prefixTable = OIDUtility.CreatePrefixTable();
// Create the attribute block. Here we go to RDN attribute.
string rdnAttrId = DRSConstants.RDN_OID;
uint attrTyp = OIDUtility.MakeAttid(prefixTable, rdnAttrId);
ATTRVAL attrVal = DrsuapiClient.CreateATTRVAL(null);
ATTRVALBLOCK attrValBlock = DrsuapiClient.CreateATTRVALBLOCK(new ATTRVAL[] { attrVal });
ATTR attr = DrsuapiClient.CreateATTR(attrTyp, attrValBlock);
ATTRBLOCK attrBlock = DrsuapiClient.CreateATTRBLOCK(new ATTR[] { attr });
// Actual RPC call.
ret = drsTestClient.DrsVerifyNames(
srv,
dwInVersion_Values.V1,
DRS_MSG_VERIFYREQ_V1_dwFlags_Values.DRS_VERIFY_SAM_ACCOUNT_NAMES,
new DSNAME[] { dsUser },
new string[] { userDn },
attrBlock,
prefixTable
);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSVerifyNames: return value should be 0"
);
// Unbind
ret = drsTestClient.DrsUnbind(srv);
BaseTestSite.Assert.AreEqual <uint>(
0,
ret,
"IDL_DRSUnbind: return value should be 0");
}
string DomainDNSNameFromDomain(DsServer dc, DSNAME domainNc)
{
// Looks like this method also returns NetBIOS name
// return DomainNetBIOSNameFromDomain(dc, domainNc);
return(DrsrHelper.GetFQDNFromDN(LdapUtility.ConvertUshortArrayToString(domainNc.StringName)));
}
public DS_NAME_RESULT_ITEMW LookupNames(
DsServer dc,
uint flags,
uint formatOffered,
uint formatDesired,
string name)
{
DS_NAME_RESULT_ITEMW result = new DS_NAME_RESULT_ITEMW();
string referredDomain = "";
// Unknown name
if (formatOffered == (uint)DS_NAME_FORMAT.DS_UNKNOWN_NAME)
{
return(LookupUnknownName(dc, flags, formatDesired, name));
}
DSNAME[] rt = null;
string domainName = null;
switch (formatOffered)
{
case (uint)DS_NAME_FORMAT.DS_UNKNOWN_NAME:
return(LookupUnknownName(dc, flags, formatDesired, name));
case (uint)DS_NAME_FORMAT.DS_FQDN_1779_NAME:
{
rt = LookupAttr(dc, flags, "distinguishedName", name);
if (EnvironmentConfig.TestDS)
{
DSNAME?dcDsname = GetDsName(dc, RetrieveDCSuffixFromDn(name));
if (dcDsname != null)
{
domainName = DomainDNSNameFromDomain(dc, dcDsname.Value);
}
}
}
break;
case (uint)DS_NAME_FORMAT.DS_NT4_ACCOUNT_NAME:
{
rt = LookupAttr(dc, flags, "sAMAccountName", LdapUtility.UserNameFromNT4AccountName(name));
if (EnvironmentConfig.TestDS)
{
domainName = LdapUtility.DomainNameFromNT4AccountName(name);
}
}
break;
case (uint)DS_NAME_FORMAT.DS_USER_PRINCIPAL_NAME:
{
rt = LookupUPNAndAltSecID(dc, flags, false, name);
if (EnvironmentConfig.TestDS)
{
domainName = DomainNameFromUPN(name);
}
}
break;
case (uint)DS_NAME_FORMAT.DS_CANONICAL_NAME:
{
DSNAME?v = LookupCanonicalName(dc, name);
if (v != null)
{
rt = new DSNAME[] { v.Value }
}
;
else
{
rt = null;
}
if (EnvironmentConfig.TestDS)
{
domainName = DomainNameFromCanonicalName(name);
}
}
break;
case (uint)DS_NAME_FORMAT.DS_UNIQUE_ID_NAME:
{
RootDSE rootDse = LdapUtility.GetRootDSE(dc);
// The GUID is in the curly braced form, so we need
// to remove the braces first.
if (!name.Contains("{") && name.Contains("}"))
{
rt = null;
break;
}
string guidStr = name.Substring(1, name.Length - 2);
Guid guid = new Guid(guidStr);
string dn = null;
dn = LdapUtility.GetObjectDnByGuid(dc, rootDse.rootDomainNamingContext, guid);
if (dn == null)
{
dn = LdapUtility.GetObjectDnByGuid(dc, rootDse.configurationNamingContext, guid);
}
if (dn == null)
{
dn = LdapUtility.GetObjectDnByGuid(dc, rootDse.schemaNamingContext, guid);
}
if (dn == null)
{
break;
}
rt = new DSNAME[] { LdapUtility.CreateDSNameForObject(dc, dn) };
}
break;
case (uint)DS_NAME_FORMAT.DS_DISPLAY_NAME:
{
rt = LookupAttr(dc, flags, "displayName", name);
}
break;
case (uint)DS_NAME_FORMAT.DS_SERVICE_PRINCIPAL_NAME:
{
rt = LookupSPN(dc, flags, name);
if (EnvironmentConfig.TestDS)
{
domainName = GetServiceNameFromSPN(name);
}
}
break;
case (uint)DS_NAME_FORMAT.DS_SID_OR_SID_HISTORY_NAME:
case (uint)formatOffered_Values.DS_STRING_SID_NAME:
{
rt = LookupSID(dc, flags, SidFromStringSid(name));
if (EnvironmentConfig.TestDS)
{
domainName = DomainNameFromSid(dc, DomainSidFromSid(SidFromStringSid(name)));
}
}
break;
case (uint)DS_NAME_FORMAT.DS_CANONICAL_NAME_EX:
{
DSNAME?v = LookupCanonicalName(dc, CanonicalNameFromCanonicalNameEx(name));
if (v == null)
{
rt = null;
}
else
{
rt = new DSNAME[] { v.Value }
};
if (EnvironmentConfig.TestDS)
{
domainName = DomainNameFromCanonicalName(name);
}
}
break;
case (uint)formatOffered_Values.DS_NT4_ACCOUNT_NAME_SANS_DOMAIN:
case (uint)formatOffered_Values.DS_NT4_ACCOUNT_NAME_SANS_DOMAIN_EX:
{
rt = LookupAttr(dc, flags, "sAMAccountName", name);
}
break;
case (uint)formatOffered_Values.DS_ALT_SECURITY_IDENTITIES_NAME:
{
rt = LookupAttr(dc, flags, "altSecurityIdentities", name);
}
break;
case (uint)formatOffered_Values.DS_USER_PRINCIPAL_NAME_AND_ALTSECID:
{
rt = LookupUPNAndAltSecID(dc, flags, true, name);
if (EnvironmentConfig.TestDS)
{
domainName = DomainNameFromUPN(name);
}
}
break;
default:
rt = null;
break;
}
if (rt == null && domainName != null)
{
result.status = DS_NAME_ERROR.DS_NAME_ERROR_DOMAIN_ONLY;
if (formatOffered == (uint)DS_NAME_FORMAT.DS_NT4_ACCOUNT_NAME ||
formatOffered == (uint)DS_NAME_FORMAT.DS_USER_PRINCIPAL_NAME ||
formatOffered == (uint)DS_NAME_FORMAT.DS_SERVICE_PRINCIPAL_NAME ||
formatOffered == (uint)DS_NAME_FORMAT.DS_SID_OR_SID_HISTORY_NAME ||
formatOffered == (uint)formatOffered_Values.DS_STRING_SID_NAME ||
formatOffered == (uint)formatOffered_Values.DS_USER_PRINCIPAL_NAME_AND_ALTSECID)
{
if (TrustInfo.IsDomainNameInTrustedForest(dc, domainName, ref referredDomain))
{
result.pDomain = referredDomain;
if ((flags & (uint)DRS_MSG_CRACKREQ_FLAGS.DS_NAME_FLAG_TRUST_REFERRAL) > 0)
{
result.status = DS_NAME_ERROR.DS_NAME_ERROR_TRUST_REFERRAL;
}
else
{
result.status = DS_NAME_ERROR.DS_NAME_ERROR_DOMAIN_ONLY;
}
}
}
return(result);
}
if (rt == null)
{
result.status = DS_NAME_ERROR.DS_NAME_ERROR_NOT_FOUND;
return(result);
}
if (rt.Length > 1)
{
result.status = DS_NAME_ERROR.DS_NAME_ERROR_NOT_UNIQUE;
return(result);
}
DSNAME obj = rt[0];
if (formatOffered == (uint)formatOffered_Values.DS_NT4_ACCOUNT_NAME_SANS_DOMAIN_EX)
{
string uacStr = (string)GetAttributeValue(
dc,
LdapUtility.ConvertUshortArrayToString(obj.StringName),
"userAccountControl");
uint uac = Convert.ToUInt32(uacStr);
const uint ADS_UF_ACCOUNTDISABLE = 0x0002;
const uint ADS_UF_TEMP_DUPLICATE_ACCOUNT = 0x0100;
if ((uac & (ADS_UF_ACCOUNTDISABLE | ADS_UF_TEMP_DUPLICATE_ACCOUNT)) > 0)
{
result.status = DS_NAME_ERROR.DS_NAME_ERROR_NOT_FOUND;
return(result);
}
}
string[] names = ConstructOutput(dc, obj, formatDesired);
if ((names == null) &&
(obj.SidLen != 0) &&
((flags & (uint)DRS_MSG_CRACKREQ_FLAGS.DS_NAME_FLAG_PRIVATE_RESOLVE_FPOS) > 0))
{
if (formatDesired == (uint)DS_NAME_FORMAT.DS_NT4_ACCOUNT_NAME ||
formatDesired == (uint)DS_NAME_FORMAT.DS_DISPLAY_NAME ||
formatDesired == (uint)DS_NAME_FORMAT.DS_CANONICAL_NAME ||
formatDesired == (uint)DS_NAME_FORMAT.DS_CANONICAL_NAME_EX ||
formatDesired == (uint)DS_NAME_FORMAT.DS_USER_PRINCIPAL_NAME ||
formatDesired == (uint)formatDesired_Values.DS_USER_PRINCIPAL_NAME_FOR_LOGON ||
formatDesired == (uint)DS_NAME_FORMAT.DS_SERVICE_PRINCIPAL_NAME)
{
bool fCanonicalEx = false;
if (formatDesired == (uint)DS_NAME_FORMAT.DS_CANONICAL_NAME_EX)
{
fCanonicalEx = true;
}
result = LookupFPO(fCanonicalEx, obj, result);
return(result);
}
}
if (names == null)
{
if (formatDesired == (uint)DS_NAME_FORMAT.DS_SID_OR_SID_HISTORY_NAME ||
formatDesired == (uint)DS_NAME_FORMAT.DS_UNKNOWN_NAME)
{
result.status = DS_NAME_ERROR.DS_NAME_ERROR_RESOLVING;
}
else
{
result.status = DS_NAME_ERROR.DS_NAME_ERROR_NO_MAPPING;
}
return(result);
}
if (names.Length > 1)
{
result.status = DS_NAME_ERROR.DS_NAME_ERROR_NOT_UNIQUE;
return(result);
}
result.pName = names[0];
if (EnvironmentConfig.TestDS)
{
string objDn = LdapUtility.ConvertUshortArrayToString(obj.StringName);
DSNAME?dcDsname = GetDsName(dc, RetrieveDCSuffixFromDn(objDn));
string domainDn = "";
if (dcDsname != null)
{
domainDn = DomainDNSNameFromDomain(dc, dcDsname.Value);
}
result.pDomain = domainDn;
}
else
{
result.pDomain = "";
}
result.status = DS_NAME_ERROR.DS_NAME_NO_ERROR;
return(result);
}
