sdl

package
v2.10.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 2, 2025 License: MIT Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var AccessRightsMap = map[string]int{
	"RIGHT_DS_CREATE_CHILD":   0x00000001,
	"RIGHT_DS_DELETE_CHILD":   0x00000002,
	"RIGHT_DS_LIST_CONTENTS":  0x00000004,
	"RIGHT_DS_SELF":           0x00000008,
	"RIGHT_DS_READ_PROPERTY":  0x00000010,
	"RIGHT_DS_WRITE_PROPERTY": 0x00000020,
	"RIGHT_DS_DELETE_TREE":    0x00000040,
	"RIGHT_DS_LIST_OBJECT":    0x00000080,
	"RIGHT_DS_CONTROL_ACCESS": 0x00000100,
	"RIGHT_DELETE":            0x00010000,
	"RIGHT_READ_CONTROL":      0x00020000,
	"RIGHT_WRITE_DACL":        0x00040000,
	"RIGHT_WRITE_OWNER":       0x00080000,
	"GENERIC_ALL":             0x000F01FF,
	"GENERIC_WRITE":           0x00020028,
	"GENERIC_READ":            0x00020094,
	"GENERIC_EXECUTE":         0x00020004,
}
View Source 
var AceFlagsMap = map[string]int{
	"CONTAINER_INHERIT_ACE":      0x02,
	"FAILED_ACCESS_ACE_FLAG":     0x80,
	"INHERIT_ONLY_ACE":           0x08,
	"INHERITED_ACE":              0x10,
	"NO_PROPAGATE_INHERIT_ACE":   0x04,
	"OBJECT_INHERIT_ACE":         0x01,
	"SUCCESSFUL_ACCESS_ACE_FLAG": 0x40,
}
View Source 
var AceTypeMap = map[int]string{
	0x00: "ACCESS_ALLOWED_ACE_TYPE",
	0x01: "ACCESS_DENIED_ACE_TYPE",
	0x02: "SYSTEM_AUDIT_ACE_TYPE",
	0x03: "SYSTEM_ALARM_ACE_TYPE",
	0x04: "ACCESS_ALLOWED_COMPOUND_ACE_TYPE",
	0x05: "ACCESS_ALLOWED_OBJECT_ACE_TYPE",
	0x06: "ACCESS_DENIED_OBJECT_ACE_TYPE",
	0x07: "SYSTEM_AUDIT_OBJECT_ACE_TYPE",
	0x08: "SYSTEM_ALARM_OBJECT_ACE_TYPE",
	0x09: "ACCESS_ALLOWED_CALLBACK_ACE_TYPE",
	0x0A: "ACCESS_DENIED_CALLBACK_ACE_TYPE",
	0x0B: "ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE",
	0x0C: "ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE",
	0x0D: "SYSTEM_AUDIT_CALLBACK_ACE_TYPE",
	0x0E: "SYSTEM_ALARM_CALLBACK_ACE_TYPE",
	0x0F: "SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE",
	0x10: "SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE",
	0x11: "SYSTEM_MANDATORY_LABEL_ACE_TYPE",
	0x12: "SYSTEM_RESOURCE_ATTRIBUTE_ACE_TYPE",
	0x13: "SYSTEM_SCOPED_POLICY_ID_ACE_TYPE",
}
View Source 
var AttributeGuids = map[string]string{}/* 1556 elements not displayed */
View Source 
var ClassGuids = map[string]string{}/* 286 elements not displayed */
View Source 
var ExtendedGuids = map[string]string{
	"ee914b82-0a98-11d1-adbb-00c04fd8d5cd": "Abandon-Replication",
	"440820ad-65b4-11d1-a3da-0000f875ae0d": "Add-GUID",
	"1abd7cf8-0a99-11d1-adbb-00c04fd8d5cd": "Allocate-Rids",
	"68b1d179-0d15-4d4f-ab71-46152e79a7bc": "Allowed-To-Authenticate",
	"edacfd8f-ffb3-11d1-b41d-00a0c968f939": "Apply-Group-Policy",
	"0e10c968-78fb-11d2-90d4-00c04f79dc55": "Certificate-Enrollment",
	"a05b8cc2-17bc-4802-a710-e7c15ab866a2": "Certificate-AutoEnrollment",
	"014bf69c-7b3b-11d1-85f6-08002be74fab": "Change-Domain-Master",
	"cc17b1fb-33d9-11d2-97d4-00c04fd8d5cd": "Change-Infrastructure-Master",
	"bae50096-4752-11d1-9052-00c04fc2d4cf": "Change-PDC",
	"d58d5f36-0a98-11d1-adbb-00c04fd8d5cd": "Change-Rid-Master",
	"e12b56b6-0a95-11d1-adbb-00c04fd8d5cd": "Change-Schema-Master",
	"e2a36dc9-ae17-47c3-b58b-be34c55ba633": "Create-Inbound-Forest-Trust",
	"fec364e0-0a98-11d1-adbb-00c04fd8d5cd": "Do-Garbage-Collection",
	"ab721a52-1e2f-11d0-9819-00aa0040529b": "Domain-Administer-Server",
	"69ae6200-7f46-11d2-b9ad-00c04f79f805": "DS-Check-Stale-Phantoms",
	"2f16c4a5-b98e-432c-952a-cb388ba33f2e": "DS-Execute-Intentions-Script",
	"9923a32a-3607-11d2-b9be-0000f87a36b2": "DS-Install-Replica",
	"4ecc03fe-ffc0-4947-b630-eb672a8a9dbc": "DS-Query-Self-Quota",
	"1131f6aa-9c07-11d1-f79f-00c04fc2dcd2": "DS-Replication-Get-Changes",
	"1131f6ad-9c07-11d1-f79f-00c04fc2dcd2": "DS-Replication-Get-Changes-All",
	"89e95b76-444d-4c62-991a-0facbeda640c": "DS-Replication-Get-Changes-In-Filtered-Set",
	"1131f6ac-9c07-11d1-f79f-00c04fc2dcd2": "DS-Replication-Manage-Topology",
	"f98340fb-7c5b-4cdb-a00b-2ebdfa115a96": "DS-Replication-Monitor-Topology",
	"1131f6ab-9c07-11d1-f79f-00c04fc2dcd2": "DS-Replication-Synchronize",
	"05c74c5e-4deb-43b4-bd9f-86664c2a7fd5": "Enable-Per-User-Reversibly-Encrypted-Password",
	"b7b1b3de-ab09-4242-9e30-9980e5d322f7": "Generate-RSoP-Logging",
	"b7b1b3dd-ab09-4242-9e30-9980e5d322f7": "Generate-RSoP-Planning",
	"7c0e2a7c-a419-48e4-a995-10180aad54dd": "Manage-Optional-Features",
	"ba33815a-4f93-4c76-87f3-57574bff8109": "Migrate-SID-History",
	"b4e60130-df3f-11d1-9c86-006008764d0e": "msmq-Open-Connector",
	"06bd3201-df3e-11d1-9c86-006008764d0e": "msmq-Peek",
	"4b6e08c3-df3c-11d1-9c86-006008764d0e": "msmq-Peek-computer-Journal",
	"4b6e08c1-df3c-11d1-9c86-006008764d0e": "msmq-Peek-Dead-Letter",
	"06bd3200-df3e-11d1-9c86-006008764d0e": "msmq-Receive",
	"4b6e08c2-df3c-11d1-9c86-006008764d0e": "msmq-Receive-computer-Journal",
	"4b6e08c0-df3c-11d1-9c86-006008764d0e": "msmq-Receive-Dead-Letter",
	"06bd3203-df3e-11d1-9c86-006008764d0e": "msmq-Receive-journal",
	"06bd3202-df3e-11d1-9c86-006008764d0e": "msmq-Send",
	"a1990816-4298-11d1-ade2-00c04fd8d5cd": "Open-Address-Book",
	"1131f6ae-9c07-11d1-f79f-00c04fc2dcd2": "Read-Only-Replication-Secret-Synchronization",
	"45ec5156-db7e-47bb-b53f-dbeb2d03c40f": "Reanimate-Tombstones",
	"0bc1554e-0a99-11d1-adbb-00c04fd8d5cd": "Recalculate-Hierarchy",
	"62dd28a8-7f46-11d2-b9ad-00c04f79f805": "Recalculate-Security-Inheritance",
	"ab721a56-1e2f-11d0-9819-00aa0040529b": "Receive-As",
	"9432c620-033c-4db7-8b58-14ef6d0bf477": "Refresh-Group-Cache",
	"1a60ea8d-58a6-4b20-bcdc-fb71eb8a9ff8": "Reload-SSL-Certificate",
	"7726b9d5-a4b4-4288-a6b2-dce952e80a7f": "Run-Protect_Admin_Groups-Task",
	"91d67418-0135-4acc-8d79-c08e857cfbec": "SAM-Enumerate-Entire-Domain",
	"ab721a54-1e2f-11d0-9819-00aa0040529b": "Send-As",
	"ab721a55-1e2f-11d0-9819-00aa0040529b": "Send-To",
	"ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501": "Unexpire-Password",
	"280f369c-67c7-438e-ae98-1d46f3c6f541": "Update-Password-Not-Required-Bit",
	"be2bb760-7f46-11d2-b9ad-00c04f79f805": "Update-Schema-Cache",
	"ab721a53-1e2f-11d0-9819-00aa0040529b": "User-Change-Password",
	"00299570-246d-11d0-a768-00aa006e0529": "User-Force-Change-Password",
	"3e0f7e18-2c7a-4c10-ba82-4d926db99a3e": "DS-Clone-Domain-Controller",
	"084c93a2-620d-4879-a836-f0ae47de0e89": "DS-Read-Partition-Secrets",
	"94825a8d-b171-4116-8146-1e34d8f54401": "DS-Write-Partition-Secrets",
	"4125c71f-7fac-4ff0-bcb7-f09a41325286": "DS-Set-Owner",
	"88a9933e-e5c8-4f2a-9dd7-2527416b8092": "DS-Bypass-Quota",
	"9b026da6-0d3c-465c-8bee-5199d7165cba": "DS-Validated-Write-Computer",
}
View Source 
var InheritedObjectTypeMap = map[int]string{
	0x00000000: "",
	0x00000001: "ACE_OBJECT_TYPE_PRESENT",
	0x00000002: "ACE_INHERITED_OBJECT_TYPE_PRESENT",
}
View Source 
var ObjectTypeMap = map[int]string{
	0x00000100: "ADS_RIGHT_DS_CONTROL_ACCESS",
	0x00000001: "ADS_RIGHT_DS_CREATE_CHILD",
	0x00000002: "ADS_RIGHT_DS_DELETE_CHILD",
	0x00000010: "ADS_RIGHT_DS_READ_PROP",
	0x00000020: "ADS_RIGHT_DS_WRITE_PROP",
	0x00000008: "ADS_RIGHT_DS_SELF",
}
View Source 
var PropertySetGuids = map[string]string{
	"c7407360-20bf-11d0-a768-00aa006e0529": "Domain password & lockout policies",
	"59ba2f42-79a2-11d0-9020-00c04fc2d3cf": "General information",
	"4c164200-20c0-11d0-a768-00aa006e0529": "Account restrictions",
	"5f202010-79a5-11d0-9020-00c04fc2d4cf": "Logon information",
	"bc0ac240-79a9-11d0-9020-00c04fc2d4cf": "Group membership",
	"e45795b2-9455-11d1-aebd-0000f80367c1": "Phone and mail options",
	"77b5b886-944a-11d1-aebd-0000f80367c1": "Personal information",
	"e45795b3-9455-11d1-aebd-0000f80367c1": "Web information",
	"e48d0154-bcf8-11d1-8702-00c04fb96050": "Public information",
	"037088f8-0ae1-11d2-b422-00a0c968f939": "Remote access information",
	"b8119fd0-04f6-4762-ab7a-4986c76b3f9a": "Other domain parameters",
	"72e39547-7b18-11d1-adef-00c04fd8d5cd": "DNS Hostname attributes",
	"ffa6f046-ca4b-4feb-b40d-04dfee722543": "MS-TS-GatewayAccess",
	"91e647de-d96f-4b70-9557-d63ff4f3ccd8": "Private Information",
	"5805bc62-bdc9-4428-a5e2-856a0f4c185e": "Terminal server license server",
}
View Source 
var ValidatedWriteGuids = map[string]string{
	"bf9679c0-0de6-11d0-a285-00aa003049e2": "Self-Membership",
	"72e39547-7b18-11d1-adef-00c04fd8d5cd": "Validated-DNS-Host-Name",
	"80863791-dbe9-4eb8-837e-7f0ab55d9ac7": "Validated-MS-DS-Additional-DNS-Host-Name",
	"d31a8757-2447-4545-8081-3bb610cacbf2": "Validated-MS-DS-Behavior-Version",
	"f3a64788-5306-11d1-a9c5-0000f80367c1": "Validated-SPN",
}

Functions

func AceFlagsToText 

func AceFlagsToText(flagsStr string, guidStr string) string

func AceMaskToText 

func AceMaskToText(mask int, guid string) ([]string, int)

At the moment this is an experimental & testing accuracy of the parser is hard. There are probably some bugs, bug they can be solved in the future :-)

Types

type ACCESS_ALLOWED_ACE 

type ACCESS_ALLOWED_ACE struct {
	BASIC_ACE
}

Specific definitions

type ACCESS_ALLOWED_OBJECT_ACE 

type ACCESS_ALLOWED_OBJECT_ACE struct {
	OBJECT_ACE
}

type ACCESS_DENIED_ACE 

type ACCESS_DENIED_ACE struct {
	BASIC_ACE
}

type ACCESS_DENIED_OBJECT_ACE 

type ACCESS_DENIED_OBJECT_ACE struct {
	OBJECT_ACE
}

type ACEHEADER 

type ACEHEADER struct {
	ACEType      string
	ACEFlags     string
	AceSizeBytes string
}

ACE Header

func (*ACEHEADER) Encode 

func (ah *ACEHEADER) Encode() string

type ACEInt 

type ACEInt interface {
	GetHeader() *ACEHEADER
	GetMask() int
	GetSID() string
	SetHeader(*ACEHEADER)
	SetMask(int)
	SetSID(string) error
	Parse(string)
	Encode() string
}

ACE Interface

type ACL 

type ACL struct {
	Header *ACLHEADER
	Aces   []ACEInt
}

ACL

func (*ACL) Encode 

func (acl *ACL) Encode() string

func (*ACL) Parse 

func (acl *ACL) Parse(aclStr string)

type ACLHEADER 

type ACLHEADER struct {
	ACLRevision  string
	Sbz1         string
	ACLSizeBytes string
	ACECount     string
	Sbz2         string
}

ACL Header

func (*ACLHEADER) Encode 

func (aclheader *ACLHEADER) Encode() string

type BASIC_ACE 

type BASIC_ACE struct {
	Header *ACEHEADER
	Mask   string
	SID    string
}

Basic ACE (embedded in more advanced types)

func (*BASIC_ACE) Encode 

func (ace *BASIC_ACE) Encode() string

func (*BASIC_ACE) GetHeader 

func (ace *BASIC_ACE) GetHeader() *ACEHEADER

func (*BASIC_ACE) GetMask 

func (ace *BASIC_ACE) GetMask() int

func (*BASIC_ACE) GetSID 

func (ace *BASIC_ACE) GetSID() string

func (*BASIC_ACE) Parse 

func (ace *BASIC_ACE) Parse(rawACE string)

func (*BASIC_ACE) SetHeader 

func (ace *BASIC_ACE) SetHeader(header *ACEHEADER)

func (*BASIC_ACE) SetMask 

func (ace *BASIC_ACE) SetMask(mask int)

func (*BASIC_ACE) SetSID 

func (ace *BASIC_ACE) SetSID(sid string) error
type HEADER struct {
	Revision    string
	Sbz1        string
	Control     string
	OffsetOwner string
	OffsetGroup string
	OffsetSacl  string
	OffsetDacl  string
}

SD HEADER

func NewHeader 

func NewHeader(sdStr string) *HEADER

func (*HEADER) Encode 

func (header *HEADER) Encode() string

type NOTIMPL_ACE 

type NOTIMPL_ACE struct {
	BASIC_ACE
	// contains filtered or unexported fields
}

Placeholder type for ACES that were not implemented They should be kept "as-is" when parsing

func (*NOTIMPL_ACE) Encode 

func (ace *NOTIMPL_ACE) Encode() string

func (*NOTIMPL_ACE) Parse 

func (ace *NOTIMPL_ACE) Parse(rawACE string)

type OBJECT_ACE 

type OBJECT_ACE struct {
	BASIC_ACE
	Flags               string
	ObjectType          string
	InheritedObjectType string
}

Object ACE (base type embedded in more advanced types)

func (*OBJECT_ACE) Encode 

func (ace *OBJECT_ACE) Encode() string

func (*OBJECT_ACE) GetObjectAndInheritedType 

func (ace *OBJECT_ACE) GetObjectAndInheritedType() (objectTypeGUID string, inheritedObjectTypeGUID string)

func (*OBJECT_ACE) Parse 

func (ace *OBJECT_ACE) Parse(rawACE string)

type SecurityDescriptor 

type SecurityDescriptor struct {
	Header *HEADER
	SACL   *ACL
	DACL   *ACL
	Owner  string
	Group  string
}

SecurityDescriptor

func NewSD 

func NewSD(sdStr string) *SecurityDescriptor

func (*SecurityDescriptor) Encode 

func (sd *SecurityDescriptor) Encode() string

func (*SecurityDescriptor) GetControl 

func (sd *SecurityDescriptor) GetControl() int

func (*SecurityDescriptor) SetControl 

func (sd *SecurityDescriptor) SetControl(control int)

func (*SecurityDescriptor) SetDaclACES 

func (sd *SecurityDescriptor) SetDaclACES(aces []ACEInt)

func (*SecurityDescriptor) SetOwnerAndGroup 

func (sd *SecurityDescriptor) SetOwnerAndGroup(ownerSID string, groupSID string)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.