netwrix
diff --git a/‎ADWS/ADConnection.cs
Lines changed: 4 additions & 0 deletions b/‎ADWS/ADConnection.cs
Lines changed: 4 additions & 0 deletions
diff --git a/‎ADWS/ADItem.cs
Lines changed: 26 additions & 0 deletions b/‎ADWS/ADItem.cs
Lines changed: 26 additions & 0 deletions
diff --git a/‎ADWS/ADWSConnection.cs
Lines changed: 7 additions & 2 deletions b/‎ADWS/ADWSConnection.cs
Lines changed: 7 additions & 2 deletions
diff --git a/‎ADWS/ADWebService.cs
Lines changed: 5 additions & 1 deletion b/‎ADWS/ADWebService.cs
Lines changed: 5 additions & 1 deletion
diff --git a/‎ADWS/IADConnection.cs
Lines changed: 2 additions & 0 deletions b/‎ADWS/IADConnection.cs
Lines changed: 2 additions & 0 deletions
diff --git a/‎ADWS/LDAPConnection.cs
Lines changed: 38 additions & 3 deletions b/‎ADWS/LDAPConnection.cs
Lines changed: 38 additions & 3 deletions
diff --git a/‎ADWS/LinuxConnection.cs
Lines changed: 7 additions & 1 deletion b/‎ADWS/LinuxConnection.cs
Lines changed: 7 additions & 1 deletion
diff --git a/‎ADWS/LinuxFileConnection.cs
Lines changed: 7 additions & 0 deletions b/‎ADWS/LinuxFileConnection.cs
Lines changed: 7 additions & 0 deletions
diff --git a/‎ADWS/WindowsFileConnection.cs
Lines changed: 29 additions & 9 deletions b/‎ADWS/WindowsFileConnection.cs
Lines changed: 29 additions & 9 deletions
@@ -53,6 +53,7 @@ public static string EncodeSidToString(string sid)
         {
             try
             {
+                Trace.WriteLine("Encoding sid: " + sid);
                 var realsid = new System.Security.Principal.SecurityIdentifier(sid);
                 var bytesid = new byte[realsid.BinaryLength];
                 realsid.GetBinaryForm(bytesid, 0);
@@ -71,5 +72,8 @@ public static string EncodeSidToString(string sid)
 
         public abstract IFileConnection FileConnection {get;}
 
+
+
+        public abstract void ThreadInitialization();
     }
 }
@@ -131,6 +131,8 @@ static ADItem()
         public string AttributeID { get; set; }
         [ADAttributeAttribute("cACertificate", ADAttributeValueKind.CertificateStore)]
         public X509Certificate2Collection CACertificate { get; set; }
+        [ADAttributeAttribute("certificateTemplates", ADAttributeValueKind.StringArrayValue)]
+        public string[] CertificateTemplates { get; set; }
         [ADAttributeAttribute("description", ADAttributeValueKind.StringValue)]
         public string Description { get; set; }
         [ADAttributeAttribute("displayName", ADAttributeValueKind.StringValue)]
@@ -171,8 +173,12 @@ static ADItem()
         public ActiveDirectorySecurity msDSAllowedToActOnBehalfOfOtherIdentity { get; set; }
         [ADAttributeAttribute("msDS-AllowedToDelegateTo", ADAttributeValueKind.StringArrayValue)]
         public string[] msDSAllowedToDelegateTo { get; set; }
+        [ADAttributeAttribute("mS-DS-CreatorSID", ADAttributeValueKind.SIDValue)]
+        public SecurityIdentifier msDSCreatorSID { get; set; }
         [ADAttributeAttribute("msDS-EnabledFeature", ADAttributeValueKind.StringArrayValue)]
         public string[] msDSEnabledFeature { get; set; }
+        [ADAttributeAttribute("msDS-IntId", ADAttributeValueKind.IntValue)]
+        public int msDSIntId { get; set; }
         [ADAttributeAttribute("msDS-SupportedEncryptionTypes", ADAttributeValueKind.IntValue)]
         public int msDSSupportedEncryptionTypes { get; set; }
         [ADAttributeAttribute("msDS-MinimumPasswordAge", ADAttributeValueKind.LongValue)]
@@ -203,6 +209,18 @@ static ADItem()
         public string[] msDSNeverRevealGroup { get; set; }
         [ADAttributeAttribute("msDS-TrustForestTrustInfo", ADAttributeValueKind.ForestInfoValue)]
         public List<HealthCheckTrustDomainInfoData> msDSTrustForestTrustInfo { get; set; }
+        [ADAttributeAttribute("msPKI-Certificate-Name-Flag", ADAttributeValueKind.IntValue)]
+        public int msPKICertificateNameFlag { get; set; }
+        [ADAttributeAttribute("msPKI-Cert-Template-OID", ADAttributeValueKind.StringValue)]
+        public string msPKICertTemplateOID { get; set; }
+        [ADAttributeAttribute("msPKI-Enrollment-Flag", ADAttributeValueKind.IntValue)]
+        public int msPKIEnrollmentFlag { get; set; }
+        [ADAttributeAttribute("msPKI-Private-Key-Flag", ADAttributeValueKind.IntValue)]
+        public int msPKIPrivateKeyFlag { get; set; }
+        [ADAttributeAttribute("msPKI-RA-Application-Policies", ADAttributeValueKind.StringValue)]
+        public string msPKIRAApplicationPolicies { get; set; }
+        [ADAttributeAttribute("msPKI-Template-Schema-Version", ADAttributeValueKind.IntValue)]
+        public int msPKITemplateSchemaVersion { get; set; }
         [ADAttributeAttribute("msiFileList", ADAttributeValueKind.StringArrayValue)]
         public string[] msiFileList { get; set; }
         [ADAttributeAttribute("name", ADAttributeValueKind.StringValue)]
@@ -217,6 +235,12 @@ static ADItem()
         public int ObjectVersion { get; set; }
         [ADAttributeAttribute("operatingSystem", ADAttributeValueKind.StringValue)]
         public string OperatingSystem { get; set; }
+        [ADAttributeAttribute("operatingSystemVersion", ADAttributeValueKind.StringValue)]
+        public string OperatingSystemVersion { get; set; }
+        [ADAttributeAttribute("pKIExtendedKeyUsage", ADAttributeValueKind.StringArrayValue)]
+        public string[] pKIExtendedKeyUsage { get; set; }
+        [ADAttributeAttribute("possSuperiors", ADAttributeValueKind.StringArrayValue)]
+        public string[] possSuperiors { get; set; }
         [ADAttributeAttribute("primaryGroupID", ADAttributeValueKind.IntValue)]
         public int PrimaryGroupID { get; set; }
         [ADAttributeAttribute("pwdLastSet", ADAttributeValueKind.DateValue)]
@@ -239,6 +263,8 @@ static ADItem()
         public string SiteObject { get; set; }
         [ADAttributeAttribute("siteObjectBL", ADAttributeValueKind.StringArrayValue)]
         public string[] SiteObjectBL { get; set; }
+        [ADAttributeAttribute("subClassOf", ADAttributeValueKind.StringValue)]
+        public string subClassOf { get; set; }
         [ADAttributeAttribute("trustAttributes", ADAttributeValueKind.IntValue)]
         public int TrustAttributes { get; set; }
         [ADAttributeAttribute("trustDirection", ADAttributeValueKind.IntValue)]
 
@@ -351,7 +351,7 @@ private void EnumerateInternalWithADWS(string distinguishedName, string filter,
 				Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "]Getting Enumerate page " + pagenum);
 				Pull pull = new Pull();
 				pull.EnumerationContext = enumerateResponse.EnumerationContext;
-				pull.MaxElements = "500";
+                pull.MaxElements = LDAPConnection.PageSize.ToString();
 				if (nTSecurityDescriptor || DomainScope)
 				{
 
@@ -451,11 +451,16 @@ public override IFileConnection FileConnection
             get
             {
                 if (fileConnection == null)
-                    fileConnection = new WindowsFileConnection(this.Credential);
+                    fileConnection = new WindowsFileConnection(this.Credential, Server);
                 return fileConnection;
             }
         }
 
+        public override void ThreadInitialization()
+        {
+            FileConnection.ThreadInitialization();
+        }
+
         void CleanConnection<TChannel>(ClientBase<TChannel> c) where TChannel : class
         {
             if (c != null)
 
@@ -330,6 +330,11 @@ public IFileConnection FileConnection
             }
         }
 
+        public void ThreadInitialization()
+        {
+            connection.ThreadInitialization();
+        }
+
         #region IDispose
         public void Dispose()
         {
@@ -370,6 +375,5 @@ protected virtual void Dispose(bool disposing)
             Dispose(false);
         }
         #endregion IDispose
-
     }
 }
@@ -14,5 +14,7 @@ public interface IADConnection
 
         IFileConnection FileConnection { get; }
 
+        void ThreadInitialization();
+
     }
 }
@@ -21,6 +21,7 @@ public LDAPConnection(string server, int port, NetworkCredential credential)
             Port = port;
             Credential = credential;
         }
+        public static int PageSize = 500;
 
         public override void Enumerate(string distinguishedName, string filter, string[] properties, WorkOnReturnedObjectByADWS callback, string scope)
         {
@@ -49,7 +50,7 @@ private void EnumerateInternalWithLDAP(string distinguishedName, string filter,
                 DirectorySearcher clsDS = new DirectorySearcher(entry);
                 clsDS.SearchRoot = entry;
                 clsDS.Filter = filter;
-                clsDS.PageSize = 500;
+                clsDS.PageSize = PageSize;
                 switch (scope)
                 {
                     case "OneLevel":
@@ -77,8 +78,37 @@ private void EnumerateInternalWithLDAP(string distinguishedName, string filter,
                     }
                 }
                 Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "]Calling FindAll");
-                foreach (SearchResult sr in clsDS.FindAll())
+                var iterator = clsDS.FindAll().GetEnumerator();
+                while(true)
                 {
+                    try
+                    {
+                        if (!iterator.MoveNext())
+                            break;
+                    }
+                    catch (DirectoryServicesCOMException ex)
+                    {
+                        if (ex.ErrorCode == -2147024662 && ex.ExtendedError == 234)
+                        {
+                            Console.ForegroundColor = ConsoleColor.Yellow;
+                            Console.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] Warning: received \"Calling GetNextRow can potentially return more results\"");
+                            Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] Warning: received \"Calling GetNextRow can potentially return more results\"");
+                            Console.ResetColor();
+                            if (!iterator.MoveNext())
+                            {
+                                Console.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] No more results");
+                                Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] No more results");
+                                break;
+                            }
+                            Console.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] More results found");
+                            Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] More results found");
+                        }
+                        else
+                        {
+                            throw;
+                        }
+                    }
+                    var sr = (SearchResult) iterator.Current;
                     ADItem aditem = null;
                     try
                     {
@@ -229,9 +259,14 @@ public override IFileConnection FileConnection
             get
             {
                 if (fileConnection == null)
-                    fileConnection = new WindowsFileConnection(this.Credential);
+                    fileConnection = new WindowsFileConnection(this.Credential, Server);
                 return fileConnection;
             }
         }
+
+        public override void ThreadInitialization()
+        {
+            FileConnection.ThreadInitialization();
+        }
     }
 }
@@ -181,10 +181,11 @@ protected override ADDomainInfo GetDomainInfoInternal()
                         Trace.WriteLine(control);
                     }
                 }
-                Trace.WriteLine("supportedLDAPVersion: ");
+                Trace.WriteLine("namingContexts: ");
                 info.NamingContexts = new List<string>();
                 foreach (var nc in GetValues(result, "namingContexts"))
                 {
+                    Trace.WriteLine(nc);
                     info.NamingContexts.Add(nc);
                 }
                 return info;
@@ -412,6 +413,11 @@ public LDAPException(int code)
             }
         }
 
+
+        public override void ThreadInitialization()
+        {
+            
+        }
     }
 
 
 
@@ -338,6 +338,10 @@ static private void SetString(IntPtr dest, string str, int maxLen)
             Marshal.Copy(buffer, 0, dest, buffer.Length);
         }
 
+        public void ThreadInitialization()
+        {
+        }
+
         #region pinvoke
         internal const string SmbLibrary = "libPingCastlesmb";
 
@@ -463,6 +467,8 @@ protected virtual void Dispose(bool disposing)
             Dispose(false);
         }
         #endregion IDispose
+
+
     }
 
     internal class LinuxFileStream : Stream
@@ -478,6 +484,7 @@ public override int Read(byte[] buffer, int offset, int count)
             IntPtr mem = Marshal.AllocHGlobal(count);
             var result = smbc_read(descriptor, mem, count);
             Marshal.Copy(mem, buffer, offset, count);
+            Marshal.FreeHGlobal(mem);
             return result;
         }
 
 
@@ -26,6 +26,8 @@ public interface IFileConnection : IDisposable
         string PathCombine(string path1, string path2);
         List<string> GetAllSubDirectories(string path);
         List<string> GetAllSubFiles(string path);
+
+        void ThreadInitialization();
     }
 
     internal class WindowsFileConnection : IFileConnection
@@ -78,11 +80,11 @@ public bool DirectoryExists(string path)
         WindowsIdentity identity;
         WindowsImpersonationContext context;
 
-        public WindowsFileConnection(NetworkCredential credential)
+        public WindowsFileConnection(NetworkCredential credential, string server)
         {
             if (credential != null)
             {
-                identity = GetWindowsIdentityForUser(credential);
+                identity = GetWindowsIdentityForUser(credential, server);
                 context = identity.Impersonate();
             }
         }
@@ -101,25 +103,36 @@ private void Unmount()
         [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
         private static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
 
+        [DllImport("kernel32.dll", SetLastError = true)]
+        private static extern bool CloseHandle(IntPtr hObject);
+
         // logon types
         const int LOGON32_LOGON_NEW_CREDENTIALS = 9;
 
         // logon providers
         const int LOGON32_PROVIDER_DEFAULT = 0;
 
-        public static WindowsIdentity GetWindowsIdentityForUser(NetworkCredential credential, string optionalRemoteserver = null)
+        public static WindowsIdentity GetWindowsIdentityForUser(NetworkCredential credential, string remoteserver)
         {
             IntPtr token = IntPtr.Zero;
-            string domain = credential.Domain;
-            if (String.IsNullOrEmpty(domain))
-                domain = optionalRemoteserver;
-            Trace.WriteLine("Preparing to login with login = " + credential.UserName + " domain = " + domain);
-            bool isSuccess = LogonUser(credential.UserName, (credential.UserName.Contains("@") ? null : domain), credential.Password, LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_DEFAULT, ref token);
+            Trace.WriteLine("Preparing to login with login = " + credential.UserName + " remoteserver = " + remoteserver);
+            var szDomain = credential.Domain;
+            if (string.IsNullOrEmpty(szDomain))
+            {
+                if (!credential.UserName.Contains("@"))
+                {
+                    szDomain = remoteserver;
+                }
+            }
+
+            bool isSuccess = LogonUser(credential.UserName, szDomain, credential.Password, LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_DEFAULT, ref token);
             if (!isSuccess)
             {
                 throw new Win32Exception();
             }
-            return new WindowsIdentity(token);
+            var output = new WindowsIdentity(token);
+            CloseHandle(token);
+            return output;
         }
 
         #region IDispose
@@ -201,5 +214,12 @@ public List<string> GetAllSubFiles(string path)
         {
             return new List<string>(Directory.GetFiles(path, "*.*", SearchOption.AllDirectories));
         }
+
+
+        public void ThreadInitialization()
+        {
+            if (identity != null)
+                identity.Impersonate();
+        }
     }
 }
Original file line number	Diff line number	Diff line change
`@@ -53,6 +53,7 @@ public static string EncodeSidToString(string sid)`
`53`	`53`	`{`
`54`	`54`	`try`
`55`	`55`	`{`
	`56`	`+ Trace.WriteLine("Encoding sid: " + sid);`
`56`	`57`	`var realsid = new System.Security.Principal.SecurityIdentifier(sid);`
`57`	`58`	`var bytesid = new byte[realsid.BinaryLength];`
`58`	`59`	`realsid.GetBinaryForm(bytesid, 0);`
`@@ -71,5 +72,8 @@ public static string EncodeSidToString(string sid)`
`71`	`72`
`72`	`73`	`public abstract IFileConnection FileConnection {get;}`
`73`	`74`
	`75`	`+`
	`76`	`+`
	`77`	`+ public abstract void ThreadInitialization();`
`74`	`78`	`}`
`75`	`79`	`}`
Original file line number	Diff line number	Diff line change
`@@ -351,7 +351,7 @@ private void EnumerateInternalWithADWS(string distinguishedName, string filter,`
`351`	`351`	`Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "]Getting Enumerate page " + pagenum);`
`352`	`352`	`Pull pull = new Pull();`
`353`	`353`	`pull.EnumerationContext = enumerateResponse.EnumerationContext;`
`354`		`- pull.MaxElements = "500";`
	`354`	`+ pull.MaxElements = LDAPConnection.PageSize.ToString();`
`355`	`355`	`if (nTSecurityDescriptor \|\| DomainScope)`
`356`	`356`	`{`
`357`	`357`
`@@ -451,11 +451,16 @@ public override IFileConnection FileConnection`
`451`	`451`	`get`
`452`	`452`	`{`
`453`	`453`	`if (fileConnection == null)`
`454`		`- fileConnection = new WindowsFileConnection(this.Credential);`
	`454`	`+ fileConnection = new WindowsFileConnection(this.Credential, Server);`
`455`	`455`	`return fileConnection;`
`456`	`456`	`}`
`457`	`457`	`}`
`458`	`458`
	`459`	`+ public override void ThreadInitialization()`
	`460`	`+ {`
	`461`	`+ FileConnection.ThreadInitialization();`
	`462`	`+ }`
	`463`	`+`
`459`	`464`	`void CleanConnection<TChannel>(ClientBase<TChannel> c) where TChannel : class`
`460`	`465`	`{`
`461`	`466`	`if (c != null)`
Original file line number	Diff line number	Diff line change
`@@ -330,6 +330,11 @@ public IFileConnection FileConnection`
`330`	`330`	`}`
`331`	`331`	`}`
`332`	`332`
	`333`	`+ public void ThreadInitialization()`
	`334`	`+ {`
	`335`	`+ connection.ThreadInitialization();`
	`336`	`+ }`
	`337`	`+`
`333`	`338`	`#region IDispose`
`334`	`339`	`public void Dispose()`
`335`	`340`	`{`
`@@ -370,6 +375,5 @@ protected virtual void Dispose(bool disposing)`
`370`	`375`	`Dispose(false);`
`371`	`376`	`}`
`372`	`377`	`#endregion IDispose`
`373`		`-`
`374`	`378`	`}`
`375`	`379`	`}`
Original file line number	Diff line number	Diff line change
`@@ -14,5 +14,7 @@ public interface IADConnection`
`14`	`14`
`15`	`15`	`IFileConnection FileConnection { get; }`
`16`	`16`
	`17`	`+ void ThreadInitialization();`
	`18`	`+`
`17`	`19`	`}`
`18`	`20`	`}`
Original file line number	Diff line number	Diff line change
`@@ -181,10 +181,11 @@ protected override ADDomainInfo GetDomainInfoInternal()`
`181`	`181`	`Trace.WriteLine(control);`
`182`	`182`	`}`
`183`	`183`	`}`
`184`		`- Trace.WriteLine("supportedLDAPVersion: ");`
	`184`	`+ Trace.WriteLine("namingContexts: ");`
`185`	`185`	`info.NamingContexts = new List<string>();`
`186`	`186`	`foreach (var nc in GetValues(result, "namingContexts"))`
`187`	`187`	`{`
	`188`	`+ Trace.WriteLine(nc);`
`188`	`189`	`info.NamingContexts.Add(nc);`
`189`	`190`	`}`
`190`	`191`	`return info;`
`@@ -412,6 +413,11 @@ public LDAPException(int code)`
`412`	`413`	`}`
`413`	`414`	`}`
`414`	`415`
	`416`	`+`
	`417`	`+ public override void ThreadInitialization()`
	`418`	`+ {`
	`419`	`+`
	`420`	`+ }`
`415`	`421`	`}`
`416`	`422`
`417`	`423`
Original file line number	Diff line number	Diff line change
`@@ -338,6 +338,10 @@ static private void SetString(IntPtr dest, string str, int maxLen)`
`338`	`338`	`Marshal.Copy(buffer, 0, dest, buffer.Length);`
`339`	`339`	`}`
`340`	`340`
	`341`	`+ public void ThreadInitialization()`
	`342`	`+ {`
	`343`	`+ }`
	`344`	`+`
`341`	`345`	`#region pinvoke`
`342`	`346`	`internal const string SmbLibrary = "libPingCastlesmb";`
`343`	`347`
`@@ -463,6 +467,8 @@ protected virtual void Dispose(bool disposing)`
`463`	`467`	`Dispose(false);`
`464`	`468`	`}`
`465`	`469`	`#endregion IDispose`
	`470`	`+`
	`471`	`+`
`466`	`472`	`}`
`467`	`473`
`468`	`474`	`internal class LinuxFileStream : Stream`
`@@ -478,6 +484,7 @@ public override int Read(byte[] buffer, int offset, int count)`
`478`	`484`	`IntPtr mem = Marshal.AllocHGlobal(count);`
`479`	`485`	`var result = smbc_read(descriptor, mem, count);`
`480`	`486`	`Marshal.Copy(mem, buffer, offset, count);`
	`487`	`+ Marshal.FreeHGlobal(mem);`
`481`	`488`	`return result;`
`482`	`489`	`}`
`483`	`490`