[Samba] Lookup sid with libsmbclient (invoked from c# on mono)
Vincent Le Toux
vincent.letoux at gmail.com
Mon Oct 12 13:51:42 UTC 2020
Not only the domain SID, but a LOT of SID ...
Basically I'm using it to analyze the ntsecuritdescriptor attribute (and
not only it)
Le lun. 12 oct. 2020 à 15:47, Rowland penny via samba <samba at lists.samba.org>
a écrit :
> On 12/10/2020 14:09, Vincent Le Toux wrote:
> > I'm trying to port PingCastle (which is an AD audit tool -
> > https://www.pingcastle.com/download) from Windows to Linux.
> > The program being written in c#, I've no other solution than calling
> > native libraries.
> > (the mono framework is missing critical components)
> > It uses SMB / LDAP / RPC calls to collect its information.
> > Here is the current state:
> > LDAP: openldap with simplebind (no benefit yet of winbind) => OK
> > RPC: smbclient for finding a DC, work in progress to resolve SID
> > (found in security descriptors) => WIP
> > SMB: not tested yet => WIP
> > Right now, I'm stuck at resolving SID and I'm looking for a practical
> > solution.
> Are you trying to get the domain SID ? This is obtainable via ldap
> (unfortunately only easily readable using ldbsearch):
> ldbsearch -H ldap://dc01 -b "DC=samdom,DC=example,DC=com" -s base objectSid
> Where 'DC=samdom,DC=example,DC=com' is the defaultNamingContex
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba