[Samba] Lookup sid with libsmbclient (invoked from c# on mono)
Rowland penny
rpenny at samba.org
Mon Oct 12 13:46:31 UTC 2020
On 12/10/2020 14:09, Vincent Le Toux wrote:
> I'm trying to port PingCastle (which is an AD audit tool -
> https://www.pingcastle.com/download) from Windows to Linux.
> The program being written in c#, I've no other solution than calling
> native libraries.
> (the mono framework is missing critical components)
>
> It uses SMB / LDAP / RPC calls to collect its information.
> Here is the current state:
> LDAP: openldap with simplebind (no benefit yet of winbind) => OK
> RPC: smbclient for finding a DC, work in progress to resolve SID
> (found in security descriptors) => WIP
> SMB: not tested yet => WIP
>
> Right now, I'm stuck at resolving SID and I'm looking for a practical
> solution.
>
Are you trying to get the domain SID ? This is obtainable via ldap
(unfortunately only easily readable using ldbsearch):
ldbsearch -H ldap://dc01 -b "DC=samdom,DC=example,DC=com" -s base objectSid
Where 'DC=samdom,DC=example,DC=com' is the defaultNamingContex
Rowland
More information about the samba
mailing list