1
Vote

code parses the DN to obtain a domain name but does not use it

description

My use case is odd, but not uncommon. My machine is not joined to the domain in which I am scanning ACLs for.
 
I use runas /netonly /user:domain\user cmd
this gets me a command prompt with creds to do the scans.
 
the static method parseCommandLine properly parses the DN to get my domain name. _targetDomain and places it in DistinguishedName.DomainName
 
While the static method private static int getAcls(DistinguishedName targetDn) takes in the DistinguishedName class, which has the DN and domain names, it passes only the DN string to ActiveDirectoryAcls() constructor. This leaves the private property _targetDomain un-populated.
 
When calling the constructor public WLdapSearchRequest(string connectionPoint, int portNumber, string searchRoot, string filter, SearchScope scope, string[] attributeList)
 
this leaves connectionPoint as a string.Empty, causing the dclocator service on the client to fall back to the machines domain. With a non-domain joined machine, this fails. I suspect the testing all was done on domain joined machines.
 
by passing the DistinguishedName object to the ActiveDirectoryAcls constructor, you can make the dn and domain name available .
 
By adding this line to the constructor, we allow the the proper connection.
 
        this._targetDomain = targetDistinguishedName.DomainName.ToString();

comments

kenbrumf wrote Aug 17, 2012 at 1:22 PM

Thank you for the very clear description and the obvious time and effort you put into this. I wish I could be more responsive, but I'm swamped with some other deadlines right now. Let me look into this over the next few weeks.

wrote Feb 14, 2013 at 8:29 PM