public TrustType GetTrustTypeObject(Claim claim)
{
TrustType result;
if (!IsTrustTypeAnObject(claim))
{
result = new TrustType();
var parts = claim.Type.Split(".");
if (parts.Length > 0)
{
result.Attribute = parts[0];
}
if (parts.Length > 1)
{
result.Group = parts[1];
}
if (parts.Length > 2)
{
result.Protocol = parts[2];
}
}
else
{
result = JsonConvert.DeserializeObject <TrustType>(claim.Type);
}
return(result);
}
internal TrustRelationshipInformation(DirectoryContext context, string source, TrustObject obj)
{
// security context
this.context = context;
// source
this.source = source;
// target
this.target = (obj.DnsDomainName == null ? obj.NetbiosDomainName : obj.DnsDomainName);
// direction
if ((obj.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_OUTBOUND) != 0 &&
(obj.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_INBOUND) != 0)
{
direction = TrustDirection.Bidirectional;
}
else if ((obj.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_OUTBOUND) != 0)
{
direction = TrustDirection.Outbound;
}
else if ((obj.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_INBOUND) != 0)
{
direction = TrustDirection.Inbound;
}
// type
this.type = obj.TrustType;
}
public TrustRelationshipInformation(string sourcename, string targetname, TrustType trusttype, TrustDirection trustdirection)
{
this.sourcename = sourcename;
this.targetname = targetname;
this.trusttype = trusttype;
this.trustdirection = trustdirection;
}
internal ForestTrustRelationshipInformation(DirectoryContext context, string source, DS_DOMAIN_TRUSTS unmanagedTrust, TrustType type)
{
string tmpDNSName = null;
string tmpNetBIOSName = null;
// security context
this.context = context;
// source
this.source = source;
// target
if (unmanagedTrust.DnsDomainName != (IntPtr)0)
tmpDNSName = Marshal.PtrToStringUni(unmanagedTrust.DnsDomainName);
if (unmanagedTrust.NetbiosDomainName != (IntPtr)0)
tmpNetBIOSName = Marshal.PtrToStringUni(unmanagedTrust.NetbiosDomainName);
this.target = (tmpDNSName == null ? tmpNetBIOSName : tmpDNSName);
// direction
if ((unmanagedTrust.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_OUTBOUND) != 0 &&
(unmanagedTrust.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_INBOUND) != 0)
direction = TrustDirection.Bidirectional;
else if ((unmanagedTrust.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_OUTBOUND) != 0)
direction = TrustDirection.Outbound;
else if ((unmanagedTrust.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_INBOUND) != 0)
direction = TrustDirection.Inbound;
// type
this.type = type;
}
public TrustRelationshipInformation(string sourcename, string targetname, TrustType trusttype, TrustDirection trustdirection)
{
this.sourcename = sourcename;
this.targetname = targetname;
this.trusttype = trusttype;
this.trustdirection = trustdirection;
}
internal ForestTrustRelationshipInformation(DirectoryContext context, string source, DS_DOMAIN_TRUSTS unmanagedTrust, TrustType type)
{
string str;
this.topLevelNames = new TopLevelNameCollection();
this.excludedNames = new StringCollection();
this.domainInfo = new ForestTrustDomainInfoCollection();
this.binaryData = new ArrayList();
this.excludedNameTime = new Hashtable();
this.binaryDataTime = new ArrayList();
string stringUni = null;
string stringUni1 = null;
this.context = context;
this.source = source;
if (unmanagedTrust.DnsDomainName != (IntPtr)0)
{
stringUni = Marshal.PtrToStringUni(unmanagedTrust.DnsDomainName);
}
if (unmanagedTrust.NetbiosDomainName != (IntPtr)0)
{
stringUni1 = Marshal.PtrToStringUni(unmanagedTrust.NetbiosDomainName);
}
ForestTrustRelationshipInformation forestTrustRelationshipInformation = this;
if (stringUni == null)
{
str = stringUni1;
}
else
{
str = stringUni;
}
forestTrustRelationshipInformation.target = str;
if ((unmanagedTrust.Flags & 2) == 0 || (unmanagedTrust.Flags & 32) == 0)
{
if ((unmanagedTrust.Flags & 2) == 0)
{
if ((unmanagedTrust.Flags & 32) != 0)
{
this.direction = TrustDirection.Inbound;
}
}
else
{
this.direction = TrustDirection.Outbound;
}
}
else
{
this.direction = TrustDirection.Bidirectional;
}
this.type = type;
}
// creates an XRD obj that contains an authority resolution service endpoint with the given URI
public static XRD createAuthRoot(string uri)
{
XRD xrd = new XRD();
// construct an authority resolution service
Service srv = new Service();
TrustType tt = new TrustType(); // default trust type
string authMediaType = Tags.CONTENT_TYPE_XRDS + ";" + tt.getParameterPair();
srv.addMediaType(authMediaType, SEPElement.MATCH_ATTR_CONTENT, false);
srv.addType(Tags.SERVICE_AUTH_RES);
srv.addURI(uri);
// add it to the XRD
xrd.addService(srv);
return xrd;
}
internal TrustRelationshipInformation(DirectoryContext context, string source, TrustObject obj)
{
string netbiosDomainName;
this.context = context;
this.source = source;
TrustRelationshipInformation trustRelationshipInformation = this;
if (obj.DnsDomainName == null)
{
netbiosDomainName = obj.NetbiosDomainName;
}
else
{
netbiosDomainName = obj.DnsDomainName;
}
trustRelationshipInformation.target = netbiosDomainName;
if ((obj.Flags & 2) == 0 || (obj.Flags & 32) == 0)
{
if ((obj.Flags & 2) == 0)
{
if ((obj.Flags & 32) != 0)
{
this.direction = TrustDirection.Inbound;
}
}
else
{
this.direction = TrustDirection.Outbound;
}
}
else
{
this.direction = TrustDirection.Bidirectional;
}
this.type = obj.TrustType;
}
/// <summary>
/// Trust constructor.
/// </summary>
/// <param name="fqn">Fully qualified domain name.</param>
/// <param name="trust">Domain trust, source of the domain information.</param>
public WindowsDomainImpl(string fqn, TrustRelationshipInformation trust)
{
_fqn = fqn;
_trustDirection = trust.TrustDirection;
_trustType = trust.TrustType;
}
internal ForestTrustRelationshipInformation(DirectoryContext context, string source, DS_DOMAIN_TRUSTS unmanagedTrust, TrustType type)
{
string tmpDNSName = null;
string tmpNetBIOSName = null;
// security context
this.context = context;
// source
this.source = source;
// target
if (unmanagedTrust.DnsDomainName != (IntPtr)0)
{
tmpDNSName = Marshal.PtrToStringUni(unmanagedTrust.DnsDomainName);
}
if (unmanagedTrust.NetbiosDomainName != (IntPtr)0)
{
tmpNetBIOSName = Marshal.PtrToStringUni(unmanagedTrust.NetbiosDomainName);
}
this.target = (tmpDNSName == null ? tmpNetBIOSName : tmpDNSName);
// direction
if ((unmanagedTrust.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_OUTBOUND) != 0 &&
(unmanagedTrust.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_INBOUND) != 0)
{
direction = TrustDirection.Bidirectional;
}
else if ((unmanagedTrust.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_OUTBOUND) != 0)
{
direction = TrustDirection.Outbound;
}
else if ((unmanagedTrust.Flags & (int)DS_DOMAINTRUST_FLAG.DS_DOMAIN_DIRECT_INBOUND) != 0)
{
direction = TrustDirection.Inbound;
}
// type
this.type = type;
}
internal ForestTrustRelationshipInformation(DirectoryContext context, string source, DS_DOMAIN_TRUSTS unmanagedTrust, TrustType type)
{
string str;
this.topLevelNames = new TopLevelNameCollection();
this.excludedNames = new StringCollection();
this.domainInfo = new ForestTrustDomainInfoCollection();
this.binaryData = new ArrayList();
this.excludedNameTime = new Hashtable();
this.binaryDataTime = new ArrayList();
string stringUni = null;
string stringUni1 = null;
this.context = context;
this.source = source;
if (unmanagedTrust.DnsDomainName != (IntPtr)0)
{
stringUni = Marshal.PtrToStringUni(unmanagedTrust.DnsDomainName);
}
if (unmanagedTrust.NetbiosDomainName != (IntPtr)0)
{
stringUni1 = Marshal.PtrToStringUni(unmanagedTrust.NetbiosDomainName);
}
ForestTrustRelationshipInformation forestTrustRelationshipInformation = this;
if (stringUni == null)
{
str = stringUni1;
}
else
{
str = stringUni;
}
forestTrustRelationshipInformation.target = str;
if ((unmanagedTrust.Flags & 2) == 0 || (unmanagedTrust.Flags & 32) == 0)
{
if ((unmanagedTrust.Flags & 2) == 0)
{
if ((unmanagedTrust.Flags & 32) != 0)
{
this.direction = TrustDirection.Inbound;
}
}
else
{
this.direction = TrustDirection.Outbound;
}
}
else
{
this.direction = TrustDirection.Bidirectional;
}
this.type = type;
}
public TrustRelationshipInformationCollection GetAllTrustRelationships()
{
if (trustCollection == null)
{
try
{
DirectoryEntry rootDse = new DirectoryEntry(string.Format("LDAP://{0}/RootDSE", dName), dc.UserName, dc.Password);
string defaultName = rootDse.DirContext.DefaultNamingContext;
if (defaultName == null || defaultName == "")
{
trustCollection = null;
return(trustCollection);
}
DirectoryEntry sys = new DirectoryEntry(string.Format("LDAP://{0}/CN=System,{1}", SDSUtils.DNToDomainName(defaultName), defaultName), dc.UserName, dc.Password);
DirectorySearcher ds = new DirectorySearcher(sys);
ds.Filter = "(objectClass=trustedDomain)";
ds.SearchScope = SearchScope.Subtree;
SearchResultCollection src = ds.FindAll();
if (src != null && src.Count > 0)
{
trustCollection = new TrustRelationshipInformationCollection();
foreach (SearchResult sr in src)
{
string sProtocol, sServer, sCNs, sDCs;
SDSUtils.CrackPath(sr.Path, out sProtocol, out sServer, out sCNs, out sDCs);
/*Console.WriteLine("sProtocol " + sProtocol);
* Console.WriteLine("sServer " + sServer);
* Console.WriteLine("sCNs " + sCNs);
* Console.WriteLine("sDCs " + sDCs);*/
string sourcename, targetname;
TrustDirection trustdirection;
TrustType trusttype = TrustType.Unknown;
DirectoryEntry trustEntry = new DirectoryEntry(sr.Path, dc.UserName, dc.Password);
int trustdir = (int)trustEntry.Properties["trustDirection"].Value;
string trustDn = trustEntry.Properties["distinguishedName"].Value.ToString();
string[] splits = trustDn.Split(',');
trustDn = splits[0].Substring(3);
int trustattr = (int)trustEntry.Properties["trustAttributes"].Value;
int trusttp = (int)trustEntry.Properties["trustType"].Value;
//Note:the following implementation of how to determine the TrustType is still under investigation
if (trusttp == (int)ADTrustType.TYPE_UPLEVEL) //windows 2003 trust
{
switch (trustattr)
{
case 0:
trusttype = TrustType.External; //this trust is non-transitive
break;
case 1: //ATTRIBUTES_NON_TRANSITIVE
break;
case 2: //ATTRIBUTES_UPLEVEL_ONLY
break;
case 4: //ATTRIBUTES_QUARANTINED_DOMAIN
trusttype = TrustType.External;
break;
case 8: //ATTRIBUTES_FOREST_TRANSITIVE
trusttype = TrustType.Forest; //and this trust is transitive
break;
case 16: //ATTRIBUTES_CROSS_ORGANIZATION
trusttype = TrustType.CrossLink;
break;
case 32: //ATTRIBUTES_WITHIN_FOREST
if (trustDn.ToLower().Contains(dName.ToLower()))
{
trusttype = TrustType.ParentChild;
}
else
{
trusttype = TrustType.External; //this trust is non-transitive
}
break;
case 64: //ATTRIBUTES_TREAT_AS_EXTERNAL
trusttype = TrustType.External;
break;
default:
trusttype = TrustType.Unknown;
break;
}
}
else if (trusttp == (int)ADTrustType.TYPE_MIT)
{
trusttype = TrustType.Kerberos;
}
switch (trustdir)
{
case 1:
trustdirection = TrustDirection.Inbound;
sourcename = dName;
targetname = trustDn;
break;
case 2:
trustdirection = TrustDirection.Outbound;
sourcename = trustDn;
targetname = dName;
break;
case 3:
trustdirection = TrustDirection.Bidirectional;
sourcename = dName;
targetname = trustDn;
break;
default:
trustdirection = TrustDirection.Disabled;
sourcename = targetname = "";
break;
}
TrustRelationshipInformation trustinfo = new TrustRelationshipInformation(sourcename, targetname, trusttype, trustdirection);
trustCollection.Add(trustinfo);
}
}
}
catch
{
return(null);
}
}
return(trustCollection);
}
internal TrustRelationshipInformation(DirectoryContext context, string source, TrustObject obj)
{
string netbiosDomainName;
this.context = context;
this.source = source;
TrustRelationshipInformation trustRelationshipInformation = this;
if (obj.DnsDomainName == null)
{
netbiosDomainName = obj.NetbiosDomainName;
}
else
{
netbiosDomainName = obj.DnsDomainName;
}
trustRelationshipInformation.target = netbiosDomainName;
if ((obj.Flags & 2) == 0 || (obj.Flags & 32) == 0)
{
if ((obj.Flags & 2) == 0)
{
if ((obj.Flags & 32) != 0)
{
this.direction = TrustDirection.Inbound;
}
}
else
{
this.direction = TrustDirection.Outbound;
}
}
else
{
this.direction = TrustDirection.Bidirectional;
}
this.type = obj.TrustType;
}
/// <summary>
/// Trust constructor.
/// </summary>
/// <param name="fqn">Fully qualified domain name.</param>
/// <param name="trust">Domain trust, source of the domain information.</param>
public WindowsDomainImpl(string fqn, TrustRelationshipInformation trust)
{
_fqn = fqn;
_trustDirection = trust.TrustDirection;
_trustType = trust.TrustType;
}
public string ToCSV()
{
return(String.Format("{0},{1},{2},{3},{4}", SourceDomain, TargetDomain, TrustDirection.ToString(), TrustType.ToString(), "True"));
}
internal ForestTrustRelationshipInformation(DirectoryContext context, string source, DS_DOMAIN_TRUSTS unmanagedTrust, TrustType type)
{
string str = null;
string str2 = null;
base.context = context;
base.source = source;
if (unmanagedTrust.DnsDomainName != IntPtr.Zero)
{
str = Marshal.PtrToStringUni(unmanagedTrust.DnsDomainName);
}
if (unmanagedTrust.NetbiosDomainName != IntPtr.Zero)
{
str2 = Marshal.PtrToStringUni(unmanagedTrust.NetbiosDomainName);
}
base.target = (str == null) ? str2 : str;
if (((unmanagedTrust.Flags & 2) != 0) && ((unmanagedTrust.Flags & 0x20) != 0))
{
base.direction = TrustDirection.Bidirectional;
}
else if ((unmanagedTrust.Flags & 2) != 0)
{
base.direction = TrustDirection.Outbound;
}
else if ((unmanagedTrust.Flags & 0x20) != 0)
{
base.direction = TrustDirection.Inbound;
}
base.type = type;
}
