async def get_all_effective_memberships(self): try: async for res in self.ldap.get_all_tokengroups(): s = JackDawTokenGroup() s.cn = res['cn'] s.dn = res['dn'] s.guid = res['guid'] s.sid = res['sid'] s.member_sid = res['token'] s.is_user = True if res['type'] == 'user' else False s.is_group = True if res['type'] == 'group' else False s.is_machine = True if res['type'] == 'computer' else False await self.agent_out_q.coro_put((LDAPAgentCommand.MEMBERSHIP, s)) except: await self.agent_out_q.coro_put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc()))) finally: await self.agent_out_q.coro_put((LDAPAgentCommand.MEMBERSHIPS_FINISHED, None))
def get_effective_memberships(self, membership_attr): try: for sid in self.ldap.get_tokengroups(membership_attr['dn']): s = JackDawTokenGroup() s.cn = membership_attr['cn'] s.dn = membership_attr['dn'] s.guid = membership_attr['guid'] s.sid = membership_attr['sid'] s.member_sid = sid s.is_user = True if membership_attr['type'] == 'user' else False s.is_group = True if membership_attr['type'] == 'group' else False s.is_machine = True if membership_attr['type'] == 'machine' else False self.agent_out_q.put((LDAPAgentCommand.MEMBERSHIP, s)) except Exception as e: self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc()))) finally: self.agent_out_q.put((LDAPAgentCommand.MEMBERSHIPS_FINISHED, None))
async def get_all_effective_memberships(self): try: async for res, err in self.ldap.get_all_tokengroups(): if err is not None: raise err s = JackDawTokenGroup() s.cn = res['cn'] s.dn = res['dn'] s.guid = res['guid'] s.sid = res['sid'] s.member_sid = res['token'] s.objtype = res['type'] await self.agent_out_q.put((LDAPAgentCommand.MEMBERSHIP, s)) except: await self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc()))) finally: await self.agent_out_q.put((LDAPAgentCommand.MEMBERSHIPS_FINISHED, None))
async def stop_memberships_collection(self, member_p):
member_p.disable = True
try:
self.token_file.close()
cnt = 0
with gzip.GzipFile(self.token_file_path, 'r') as f:
for line in tqdm(f, desc='Uploading memberships to DB', total=self.member_finish_ctr):
sd = JackDawTokenGroup.from_json(line.strip())
self.session.add(sd)
cnt += 1
if cnt % 10000 == 0:
self.session.commit()
self.session.commit()
os.remove(self.token_file_path)
except Exception as e:
logger.exception('Error while uploading memberships from file to DB')
async def get_effective_memberships(self, data): try: if data is None: await self.agent_out_q.put((LDAPAgentCommand.MEMBERSHIPS_FINISHED, None)) return async for res, err in self.ldap.get_tokengroups(data['dn']): if err is not None: raise err s = JackDawTokenGroup() s.guid = data['guid'] s.sid = data['sid'] s.member_sid = res s.object_type = data['object_type'] await self.agent_out_q.put((LDAPAgentCommand.MEMBERSHIP, s)) except: await self.agent_out_q.put((LDAPAgentCommand.EXCEPTION, str(traceback.format_exc()))) finally: await self.agent_out_q.put((LDAPAgentCommand.MEMBERSHIP_FINISHED, None))
def get_user_effective_memberships(self, user): for sid in self.ldap.get_tokengroups(user.dn): s = JackDawTokenGroup() s.cn = str(user.cn) s.dn = str(user.dn) if isinstance(user, JackDawADUser): s.guid = str(user.objectGUID) s.sid = str(user.objectSid) s.member_sid = sid s.is_user = True elif isinstance(user, JackDawADMachine): s.guid = str(user.objectGUID) s.sid = str(user.objectSid) s.member_sid = sid s.is_machine = True elif isinstance(user, JackDawADGroup): s.guid = str(user.guid) s.sid = str(user.sid) s.member_sid = sid s.is_group = True yield s
