def enum_machine(self, machine_data): #print('Got machine object!') machine = Machine.from_adcomp(machine_data) machine.ad_id = self.ad_id self.session.add(machine) self.session.commit() self.session.refresh(machine) for spn in getattr(machine, 'allowedtodelegateto', []): con = MachineConstrainedDelegation() con.spn = spn con.targetaccount = LDAPEnumeratorManager.spn_to_account(spn) machine.allowedtodelegateto.append(con) self.session.commit() membership_attr = { 'dn': str(machine.dn), 'cn': str(machine.cn), 'guid': str(machine.objectGUID), 'sid': str(machine.objectSid), 'type': 'machine' } self.member_ctr += 1 job = LDAPAgentJob(LDAPAgentCommand.MEMBERSHIPS, membership_attr) self.agent_in_q.put(job) self.sd_ctr += 1 job = LDAPAgentJob(LDAPAgentCommand.SDS, { 'dn': machine.dn, 'obj_type': 'machine' }) self.agent_in_q.put(job) del machine
async def get_all_machines(self): try: async for machine_data, err in self.ldap.get_all_machines(): if err is not None: raise err machine = Machine.from_adcomp(machine_data) delegations = [] allowedtoact = [] if machine_data.allowedtoactonbehalfofotheridentity is not None: try: sd = SECURITY_DESCRIPTOR.from_bytes(machine_data.allowedtoactonbehalfofotheridentity) if sd.Dacl is not None: for ace in sd.Dacl.aces: aa = MachineAllowedToAct() aa.machine_sid = machine.objectSid aa.target_sid = str(ace.Sid) allowedtoact.append(aa) except Exception as e: logger.debug('Error parsing allowedtoact SD! %s Reason: %s' % (machine.sAMAccountName, e)) if machine_data.allowedtodelegateto is not None: for delegate_data in machine_data.allowedtodelegateto: delegations.append(MachineConstrainedDelegation.from_spn_str(delegate_data)) await self.agent_out_q.put((LDAPAgentCommand.MACHINE, {'machine' : machine, 'delegations' : delegations, 'allowedtoact' : allowedtoact})) except: await self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc()))) finally: await self.agent_out_q.put((LDAPAgentCommand.MACHINES_FINISHED, None))
async def get_all_machines(self): try: async for machine_data in self.ldap.get_all_machine_objects(): machine = Machine.from_adcomp(machine_data) await self.agent_out_q.coro_put( (LDAPAgentCommand.MACHINE, machine)) except: await self.agent_out_q.coro_put( (LDAPAgentCommand.EXCEPTION, str(traceback.format_exc()))) finally: await self.agent_out_q.coro_put( (LDAPAgentCommand.MACHINES_FINISHED, None))
async def get_all_machines(self): try: async for machine_data, err in self.ldap.get_all_machines(): if err is not None: raise err machine = Machine.from_adcomp(machine_data) delegations = [] if machine_data.allowedtodelegateto is not None: for delegate_data in machine_data.allowedtodelegateto: delegations.append(MachineConstrainedDelegation.from_spn_str(delegate_data)) await self.agent_out_q.put((LDAPAgentCommand.MACHINE, {'machine' : machine, 'delegations' : delegations})) except: await self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc()))) finally: await self.agent_out_q.put((LDAPAgentCommand.MACHINES_FINISHED, None))
def get_all_machines(self): for machine in self.ldap.get_all_machine_objects(): yield (machine, Machine.from_adcomp(machine))