Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Additional AD properties #782

Merged
merged 6 commits into from
Aug 26, 2024
Merged

Additional AD properties #782

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
8bbb908
feat: new AD attributes
JonasBK Jul 11, 2024
ff9c657
feat: hygiene saved queries
JonasBK Jul 11, 2024
f005249
Merge branch 'main' into add-props
JonasBK Aug 7, 2024
1d3c297
more AD props
JonasBK Aug 8, 2024
479b859
Update commonSearches.tsx
JonasBK Aug 12, 2024
a2d51c8
Merge branch 'main' into add-props
JonasBK Aug 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cmd/ui/src/utils.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ import { isLink, isNode } from 'src/ducks/graph/utils';
import { Glyph } from 'src/rendering/programs/node.glyphs';
import { store } from 'src/store';

const IGNORE_401_LOGOUT = ['/api/v2/login', '/api/v2/logout', '/api/v2/features']
const IGNORE_401_LOGOUT = ['/api/v2/login', '/api/v2/logout', '/api/v2/features'];

export const getDatesInRange = (startDate: Date, endDate: Date) => {
const date = new Date(startDate.getTime());
Expand Down
178 changes: 177 additions & 1 deletion packages/cue/bh/ad/ad.cue
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -574,6 +574,160 @@ ObjectGUID: types.#StringEnum & {
representation: "objectguid"
}

ExpirePasswordsOnSmartCardOnlyAccounts: types.#StringEnum & {
symbol: "ExpirePasswordsOnSmartCardOnlyAccounts"
schema: "ad"
name: "Expire Passwords on Smart Card only Accounts"
representation: "expirepasswordsonsmartcardonlyaccounts"
}

MachineAccountQuota: types.#StringEnum & {
symbol: "MachineAccountQuota"
schema: "ad"
name: "Machine Account Quota"
representation: "machineaccountquota"
}

SupportedKerberosEncryptionTypes: types.#StringEnum & {
symbol: "SupportedKerberosEncryptionTypes"
schema: "ad"
name: "Supported Kerberos Encryption Types"
representation: "supportedencryptiontypes"
}

TGTDelegationEnabled: types.#StringEnum & {
symbol: "TGTDelegationEnabled"
schema: "ad"
name: "TGT Delegation Enabled"
representation: "tgtdelegationenabled"
}

PasswordStoredUsingReversibleEncryption: types.#StringEnum & {
symbol: "PasswordStoredUsingReversibleEncryption"
schema: "ad"
name: "Password Stored Using Reversible Encryption"
representation: "encryptedtextpwdallowed"
}

SmartcardRequired: types.#StringEnum & {
symbol: "SmartcardRequired"
schema: "ad"
name: "Smartcard Required"
representation: "smartcardrequired"
}

UseDESKeyOnly: types.#StringEnum & {
symbol: "UseDESKeyOnly"
schema: "ad"
name: "Use DES Key Only"
representation: "usedeskeyonly"
}

LogonScriptEnabled: types.#StringEnum & {
symbol: "LogonScriptEnabled"
schema: "ad"
name: "Logon Script Enabled"
representation: "logonscriptenabled"
}

LockedOut: types.#StringEnum & {
symbol: "LockedOut"
schema: "ad"
name: "Locked Out"
representation: "lockedout"
}

UserCannotChangePassword: types.#StringEnum & {
symbol: "UserCannotChangePassword"
schema: "ad"
name: "User Cannot Change Password"
representation: "passwordcantchange"
}

PasswordExpired: types.#StringEnum & {
symbol: "PasswordExpired"
schema: "ad"
name: "Password Expired"
representation: "passwordexpired"
}

DSHeuristics: types.#StringEnum & {
symbol: "DSHeuristics"
schema: "ad"
name: "DSHeuristics"
representation: "dsheuristics"
}

UserAccountControl: types.#StringEnum & {
symbol: "UserAccountControl"
schema: "ad"
name: "User Account Control"
representation: "useraccountcontrol"
}

TrustAttributes: types.#StringEnum & {
symbol: "TrustAttributes"
schema: "ad"
name: "Trust Attributes"
representation: "trustattributes"
}

LockoutDuration: types.#StringEnum & {
symbol: "LockoutDuration"
schema: "ad"
name: "Lockout Duration"
representation: "lockoutduration"
}

LockoutObservationWindow: types.#StringEnum & {
symbol: "LockoutObservationWindow"
schema: "ad"
name: "Lockout Observation Window"
representation: "lockoutobservationwindow"
}

MaxPwdAge: types.#StringEnum & {
symbol: "MaxPwdAge"
schema: "ad"
name: "Maximum Password Age"
representation: "maxpwdage"
}

MinPwdAge: types.#StringEnum & {
symbol: "MinPwdAge"
schema: "ad"
name: "Minimum Password Age"
representation: "minpwdage"
}

LockoutThreshold: types.#StringEnum & {
symbol: "LockoutThreshold"
schema: "ad"
name: "Lockout Threshold"
representation: "lockoutthreshold"
}

PwdHistoryLength: types.#StringEnum & {
symbol: "PwdHistoryLength"
schema: "ad"
name: "Password History Length"
representation: "pwdhistorylength"
}

PwdProperties: types.#StringEnum & {
symbol: "PwdProperties"
schema: "ad"
name: "Password Properties"
representation: "pwdproperties"
}

MinPwdLength: types.#StringEnum & {
symbol: "MinPwdLength"
schema: "ad"
name: "Minimum password length"
representation: "minpwdlength"
}

Properties: [
AdminCount,
CASecurityCollected,
Expand Down Expand Up @@ -652,7 +806,29 @@ Properties: [
CertificatePolicy,
CertTemplateOID,
GroupLinkID,
ObjectGUID
ObjectGUID,
ExpirePasswordsOnSmartCardOnlyAccounts,
MachineAccountQuota,
SupportedKerberosEncryptionTypes,
TGTDelegationEnabled,
PasswordStoredUsingReversibleEncryption,
SmartcardRequired,
UseDESKeyOnly,
LogonScriptEnabled,
LockedOut,
UserCannotChangePassword,
PasswordExpired,
DSHeuristics,
UserAccountControl,
TrustAttributes,
MinPwdLength,
PwdProperties,
PwdHistoryLength,
LockoutThreshold,
MinPwdAge,
MaxPwdAge,
LockoutDuration,
LockoutObservationWindow
]

// Kinds
Expand Down
20 changes: 12 additions & 8 deletions packages/go/ein/ad.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -303,10 +303,12 @@ func ParseDomainTrusts(domain Domain) ParsedDomainTrustData {
},
IngestibleRel{
RelProps: map[string]any{
"isacl": false,
"sidfiltering": trust.SidFilteringEnabled,
"trusttype": trust.TrustType,
"transitive": trust.IsTransitive},
"isacl": false,
"sidfiltering": trust.SidFilteringEnabled,
"tgtdelegationenabled": trust.TGTDelegationEnabled,
"trustattributes": trust.TrustAttributes,
"trusttype": trust.TrustType,
"transitive": trust.IsTransitive},
RelType: ad.TrustedBy,
},
))
Expand All @@ -324,10 +326,12 @@ func ParseDomainTrusts(domain Domain) ParsedDomainTrustData {
},
IngestibleRel{
RelProps: map[string]any{
"isacl": false,
"sidfiltering": trust.SidFilteringEnabled,
"trusttype": trust.TrustType,
"transitive": trust.IsTransitive},
"isacl": false,
"sidfiltering": trust.SidFilteringEnabled,
"tgtdelegationenabled": trust.TGTDelegationEnabled,
"trustattributes": trust.TrustAttributes,
"trusttype": trust.TrustType,
"transitive": trust.IsTransitive},
RelType: ad.TrustedBy,
},
))
Expand Down
14 changes: 8 additions & 6 deletions packages/go/ein/incoming_models.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,12 +201,14 @@ type Container struct {
}

type Trust struct {
TargetDomainSid string
IsTransitive bool
TrustDirection string
TrustType string
SidFilteringEnabled bool
TargetDomainName string
TargetDomainSid string
IsTransitive bool
TrustDirection string
TrustType string
SidFilteringEnabled bool
TargetDomainName string
TGTDelegationEnabled bool
TrustAttributes string
}

type GPLink struct {
Expand Down
Loading
Loading