utils

func CreateRbcdAce ¶

func CreateRbcdAce(sid *sid.SID, index int) ace.AccessControlEntry

CreateRbcdAce creates an ACE for Ressource-Based Constrained Delegation Returns the ACE and nil if successful, nil and error otherwise

func DNExists ¶

func DNExists(ldapSession *ldap.Session, distinguishedName string) bool

DNExists checks if a distinguished name exists in LDAP Returns true if the distinguished name exists, false otherwise

func FindTarget ¶

func FindTarget(ldapSession *ldap.Session, distinguishedName string, sAMAccountName string) (string, error)

FindTarget searches for a target based on either a distinguished name or a sAMAccountName Returns the target's distinguished name and an error if it exists

func LookupSID ¶

func LookupSID(ldapSession *ldap.Session, sid string) (string, error)

LookupSID looks up a SID in LDAP and returns the corresponding object's distinguished name Returns the distinguished name and nil if found, empty string and error otherwise

func SIDFromValue ¶

func SIDFromValue(ldapSession *ldap.Session, value string) (*sid.SID, error)

SIDFromValue looks up a value in LDAP and returns the corresponding SID Returns the SID and nil if found, empty string and error otherwise

func SPNExists ¶

func SPNExists(ldapSession *ldap.Session, servicePrincipalName string) (bool, error)

SPNExists checks if a service principal name exists by querying LDAP.

Parameters:

ldapSession (*ldap.Session): The LDAP session to use for querying
servicePrincipalName (string): The service principal name to check

Returns:

bool: True if the SPN exists, false otherwise
error: An error if the operation fails, nil otherwise

func UpdateNTSecurityDescriptorDACL ¶

func UpdateNTSecurityDescriptorDACL(ldapSession *ldap.Session, rawNTSecurityDescriptor []byte, addValues []string, removeValues []string, debug bool) ([]byte, error)

UpdateNTSecurityDescriptorDACL updates an existing NTSecurityDescriptor with a new SID Returns the updated NTSecurityDescriptor and nil if successful, nil and error otherwise