attributes

package
v2.6.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 27, 2024 License: MIT Imports: 6 Imported by: 0

Documentation

Overview

Package attributes contains the definitions of the attributes that can be used. Most definitions are based on the RFC 4519 (https://tools.ietf.org/html/rfc4519). Custom implementations are provided for attributes that are not defined in the RFC, but common for Microsoft Active Directory.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Attribute

type Attribute struct {
	// Alias is the alias of the attribute
	Alias string
	// LDAPDisplayName is the LDAP display name of the attribute
	LDAPDisplayName string
	// PrettyName is the pretty name of the attribute (CamelCase)
	PrettyName string
	// Type is the type of the attribute defined in RFC 4517
	Type Type
}

Attribute is an LDAP attribute

func AccountExpires

func AccountExpires() Attribute

func Any

func Any() Attribute

Any returns an attribute that matches any attribute

func BadPasswordCount

func BadPasswordCount() Attribute

func BadPasswordTime

func BadPasswordTime() Attribute

func CommonName

func CommonName() Attribute

func Company

func Company() Attribute

func CountryCode

func CountryCode() Attribute

func CountryName

func CountryName() Attribute

func CountryNumber

func CountryNumber() Attribute

func DNSHostname

func DNSHostname() Attribute

func Department

func Department() Attribute

func DepartmentNumber

func DepartmentNumber() Attribute

func Description

func Description() Attribute

func DisplayName

func DisplayName() Attribute

func DistinguishedName

func DistinguishedName() Attribute

func Division

func Division() Attribute

func EmployeeID

func EmployeeID() Attribute

func GivenName

func GivenName() Attribute

func GlobalExtension1

func GlobalExtension1() Attribute

func GlobalExtension10

func GlobalExtension10() Attribute

func GlobalExtension11

func GlobalExtension11() Attribute

func GlobalExtension12

func GlobalExtension12() Attribute

func GlobalExtension13

func GlobalExtension13() Attribute

func GlobalExtension14

func GlobalExtension14() Attribute

func GlobalExtension15

func GlobalExtension15() Attribute

func GlobalExtension16

func GlobalExtension16() Attribute

func GlobalExtension17

func GlobalExtension17() Attribute

func GlobalExtension18

func GlobalExtension18() Attribute

func GlobalExtension19

func GlobalExtension19() Attribute

func GlobalExtension2

func GlobalExtension2() Attribute

func GlobalExtension20

func GlobalExtension20() Attribute

func GlobalExtension21

func GlobalExtension21() Attribute

func GlobalExtension22

func GlobalExtension22() Attribute

func GlobalExtension23

func GlobalExtension23() Attribute

func GlobalExtension24

func GlobalExtension24() Attribute

func GlobalExtension25

func GlobalExtension25() Attribute

func GlobalExtension26

func GlobalExtension26() Attribute

func GlobalExtension27

func GlobalExtension27() Attribute

func GlobalExtension28

func GlobalExtension28() Attribute

func GlobalExtension29

func GlobalExtension29() Attribute

func GlobalExtension3

func GlobalExtension3() Attribute

func GlobalExtension30

func GlobalExtension30() Attribute

func GlobalExtension4

func GlobalExtension4() Attribute

func GlobalExtension5

func GlobalExtension5() Attribute

func GlobalExtension6

func GlobalExtension6() Attribute

func GlobalExtension7

func GlobalExtension7() Attribute

func GlobalExtension8

func GlobalExtension8() Attribute

func GlobalExtension9

func GlobalExtension9() Attribute

func GroupType

func GroupType() Attribute

func LastLogonTimestamp

func LastLogonTimestamp() Attribute

func Location

func Location() Attribute

func Lookup

func Lookup(in string) *Attribute

Lookup returns the attribute that matches the given LDAP name, pretty name or alias

func Mail

func Mail() Attribute

func MemberOf

func MemberOf() Attribute

func Members

func Members() Attribute

func MsRadiusFramedIPAddress

func MsRadiusFramedIPAddress() Attribute

func Name

func Name() Attribute

func ObjectCategory

func ObjectCategory() Attribute

func ObjectClass

func ObjectClass() Attribute

func ObjectGUID

func ObjectGUID() Attribute

func ObjectSID

func ObjectSID() Attribute

func PasswordLastSet

func PasswordLastSet() Attribute

func PostalCode

func PostalCode() Attribute

func Raw

func Raw(LDAPName, prettyName string, attrType Type) Attribute

Raw returns an attribute that matches the given LDAP name

func SamAccountName

func SamAccountName() Attribute

func SamAccountType

func SamAccountType() Attribute

func StreetAddress

func StreetAddress() Attribute

func Surname

func Surname() Attribute

func UnicodePassword

func UnicodePassword() Attribute

func UserAccountControl

func UserAccountControl() Attribute

func UserCertificate

func UserCertificate() Attribute

func UserPrincipalName

func UserPrincipalName() Attribute

func WhenChanged

func WhenChanged() Attribute

func WhenCreated

func WhenCreated() Attribute

func (Attribute) Parse

func (a Attribute) Parse(values []string, attrMap *Map)

Parse parses a value and stores it in a map of attributes

func (Attribute) Register

func (a Attribute) Register() Attribute

Register registers an attribute in the registry

func (Attribute) String

func (a Attribute) String() string

String returns the string representation of an attribute (first its pretty name, then its LDAP display name)

type Attributes

type Attributes []Attribute

Attributes is a slice of attributes

func LookupMany

func LookupMany(strict bool, in ...string) (list Attributes)

LookupMany returns a list of attributes that match the given LDAP names, pretty names or aliases (for "*"" it returns all attributes)

func (*Attributes) Append

func (a *Attributes) Append(attrs ...Attribute)

Append appends attributes to the slice only if they are not already present

func (Attributes) Sort

func (a Attributes) Sort()

Sort sorts the attributes by their string representation

func (Attributes) ToAttributeList

func (a Attributes) ToAttributeList() (list []string)

ToAttributeList returns a list of attributes as strings

type FlagSAMAccountType

type FlagSAMAccountType uint32

FlagSAMAccountType is a representation of the SAMAccountType attribute

const (
	SAM_ACCOUNT_TYPE_DOMAIN_OBJECT             FlagSAMAccountType = 0x00000000
	SAM_ACCOUNT_TYPE_GROUP_OBJECT              FlagSAMAccountType = 0x10000000
	SAM_ACCOUNT_TYPE_NON_SECURITY_GROUP_OBJECT FlagSAMAccountType = 0x10000001
	SAM_ACCOUNT_TYPE_ALIAS_OBJECT              FlagSAMAccountType = 0x20000000
	SAM_ACCOUNT_TYPE_NON_SECURITY_ALIAS_OBJECT FlagSAMAccountType = 0x20000001
	SAM_ACCOUNT_TYPE_USER_OBJECT               FlagSAMAccountType = 0x30000000
	SAM_ACCOUNT_TYPE_NORMAL_USER_ACCOUNT       FlagSAMAccountType = 0x30000000
	SAM_ACCOUNT_TYPE_MACHINE_ACCOUNT           FlagSAMAccountType = 0x30000001
	SAM_ACCOUNT_TYPE_TRUST_ACCOUNT             FlagSAMAccountType = 0x30000002
	SAM_ACCOUNT_TYPE_APP_BASIC_GROUP           FlagSAMAccountType = 0x40000000
	SAM_ACCOUNT_TYPE_APP_QUERY_GROUP           FlagSAMAccountType = 0x40000001
	SAM_ACCOUNT_TYPE_ACCOUNT_TYPE_MAX          FlagSAMAccountType = 0x7FFFFFFF
)

sAMaccountName implementation corresponding to: [https://docs.microsoft.com/en-us/windows/win32/adschema/a-samaccounttype].

func (FlagSAMAccountType) Eval

func (v FlagSAMAccountType) Eval() []string

Eval evaluates a binary flag of a SAM account type

type FlagsetGroupType

type FlagsetGroupType uint32

FlagsetGroupType is a binary flagset of group types (multi-valued)

const (
	GROUP_TYPE_CREATED_BY_SYSTEM FlagsetGroupType = 0x00000001           // Specifies a group that is created by the system.
	GROUP_TYPE_GLOBAL            FlagsetGroupType = 0x00000002           // Specifies a group with global scope.
	GROUP_TYPE_LOCAL             FlagsetGroupType = 0x00000004           // Specifies a group with domain local scope.
	GROUP_TYPE_UNIVERSAL         FlagsetGroupType = 0x00000008           // Specifies a group with universal scope.
	GROUP_TYPE_APP_BASIC         FlagsetGroupType = 0x00000010           // Specifies an APP_BASIC group for Windows Server Authorization Manager.
	GROUP_TYPE_APP_QUERY         FlagsetGroupType = 0x00000020           // Specifies an APP_QUERY group for Windows Server Authorization Manager.
	GROUP_TYPE_SECURITY          FlagsetGroupType = 0x80000000           // Specifies a security group. If this flag is not set, then the group is a distribution group.
	GROUP_TYPE_DISTRIBUTION      FlagsetGroupType = ^GROUP_TYPE_SECURITY // Specifies a distribution group. If this flag is not set, then the group is a security group.
)

https://docs.microsoft.com/en-us/windows/win32/adschema/a-grouptype

func (FlagsetGroupType) Eval

func (v FlagsetGroupType) Eval() (types []string)

Eval evaluates a binary flagset of group types

type FlagsetUserAccountControl

type FlagsetUserAccountControl uint32

FlagsetUserAccountControl is a set of flags for the userAccountControl attribute (multi-valued).

const (
	USER_ACCOUNT_CONTROL_LOGON_SCRIPT                           FlagsetUserAccountControl = 0x00000001 // The logon script is executed.
	USER_ACCOUNT_CONTROL_ACCOUNT_DISABLE                        FlagsetUserAccountControl = 0x00000002 // The user account is disabled.
	USER_ACCOUNT_CONTROL_HOMEDIR_REQUIRED                       FlagsetUserAccountControl = 0x00000008 // The home directory is required.
	USER_ACCOUNT_CONTROL_LOCKOUT                                FlagsetUserAccountControl = 0x00000010 // The account is currently locked out.
	USER_ACCOUNT_CONTROL_PASSWORD_NOTREQD                       FlagsetUserAccountControl = 0x00000020 // No password is required.
	USER_ACCOUNT_CONTROL_PASSWORD_CANT_CHANGE                   FlagsetUserAccountControl = 0x00000040 // The user cannot change the password.
	USER_ACCOUNT_CONTROL_ENCRYPTED_TEXT_PASSWORD_ALLOWED        FlagsetUserAccountControl = 0x00000080 // The user can send an encrypted password.
	USER_ACCOUNT_CONTROL_TEMP_DUPLICATE_ACCOUNT                 FlagsetUserAccountControl = 0x00000100 // This is an account for users whose primary account is in another domain. This account provides user access to this domain, but not to any domain that trusts this domain. Also known as a local user account.
	USER_ACCOUNT_CONTROL_NORMAL_ACCOUNT                         FlagsetUserAccountControl = 0x00000200 // This is a default account type that represents a typical user.
	USER_ACCOUNT_CONTROL_INTERDOMAIN_TRUST_ACCOUNT              FlagsetUserAccountControl = 0x00000800 // This is a permit to trust account for a system domain that trusts other domains.
	USER_ACCOUNT_CONTROL_WORKSTATION_TRUST_ACCOUNT              FlagsetUserAccountControl = 0x00001000 // This is a computer account for a computer that is a member of this domain.
	USER_ACCOUNT_CONTROL_SERVER_TRUST_ACCOUNT                   FlagsetUserAccountControl = 0x00002000 // This is a computer account for a system backup domain controller that is a member of this domain.
	USER_ACCOUNT_CONTROL_DONT_EXPIRE_PASSWD                     FlagsetUserAccountControl = 0x00010000 // The password for this account will never expire.
	USER_ACCOUNT_CONTROL_MNS_LOGON_ACCOUNT                      FlagsetUserAccountControl = 0x00020000 // This is an MNS logon account.
	USER_ACCOUNT_CONTROL_SMARTCARD_REQUIRED                     FlagsetUserAccountControl = 0x00040000 // The user must log on using a smart card.
	USER_ACCOUNT_CONTROL_TRUSTED_FOR_DELEGATION                 FlagsetUserAccountControl = 0x00080000 // The service account (user or computer account), under which a service runs, is trusted for Kerberos delegation. Any such service can impersonate a client requesting the service.
	USER_ACCOUNT_CONTROL_NOT_DELEGATED                          FlagsetUserAccountControl = 0x00100000 // The security context of the user will not be delegated to a service even if the service account is set as trusted for Kerberos delegation.
	USER_ACCOUNT_CONTROL_USE_DES_KEY_ONLY                       FlagsetUserAccountControl = 0x00200000 // Restrict this principal to use only Data Encryption Standard (DES) encryption types for keys.
	USER_ACCOUNT_CONTROL_DONT_REQUIRE_PREAUTH                   FlagsetUserAccountControl = 0x00400000 // This account does not require Kerberos pre-authentication for logon.
	USER_ACCOUNT_CONTROL_PASSWORD_EXPIRED                       FlagsetUserAccountControl = 0x00800000 // The user password has expired. This flag is created by the system using data from the Pwd-Last-Set attribute and the domain policy.
	USER_ACCOUNT_CONTROL_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION FlagsetUserAccountControl = 0x01000000 // The account is enabled for delegation. This is a security-sensitive setting; accounts with this option enabled should be strictly controlled. This setting enables a service running under the account to assume a client identity and authenticate as that user to other remote servers on the network.
)

userAccountControl implemented corresponding to: [https://docs.microsoft.com/en-us/windows/win32/adschema/a-useraccountcontrol].

func (FlagsetUserAccountControl) Eval

func (v FlagsetUserAccountControl) Eval() (controls []string)

Eval returns a list of strings representing the flags set in the userAccountControl attribute.

type Map

type Map map[Attribute]any

Map is a map of attributes to values

func (Map) Keys

func (attrMap Map) Keys() (keys Attributes)

Keys returns the keys of a map of attributes

func (*Map) ParseBool

func (attrMap *Map) ParseBool(a Attribute, values []string)

ParseBool parses a boolean value

func (*Map) ParseDecimal

func (attrMap *Map) ParseDecimal(a Attribute, values []string)

ParseDecimal parses a decimal value

func (*Map) ParseGroupType

func (attrMap *Map) ParseGroupType(a Attribute, values []string)

ParseGroupType parses a group type value

func (*Map) ParseIPv4Address

func (attrMap *Map) ParseIPv4Address(a Attribute, values []string)

ParseIPv4Address parses an IPv4 address value

func (*Map) ParseInt

func (attrMap *Map) ParseInt(a Attribute, values []string)

ParseInt parses an integer value

func (*Map) ParseSAMAccountType

func (attrMap *Map) ParseSAMAccountType(a Attribute, values []string)

ParseSAMAccountName parses a SAM account name (SAN) value

func (*Map) ParseTime

func (attrMap *Map) ParseTime(a Attribute, values []string)

ParseTime parses a time value

func (*Map) ParseUserAccountControl

func (attrMap *Map) ParseUserAccountControl(a Attribute, values []string)

ParseUserAccountControl parses a user account control (AUC) value

type Maps

type Maps []Map

Maps is a slice of maps of attributes to values

type MatchingRule

type MatchingRule string

MatchingRule is used to define an LDAP matching rule bit mask

const (
	LDAP_MATCHING_RULE_BIT_AND         MatchingRule = "1.2.840.113556.1.4.803"  // Consult [https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/6dd1d7b4-2b2f-4e55-b164-7047c4c5bb00] for reference.
	LDAP_MATCHING_RULE_BIT_OR          MatchingRule = "1.2.840.113556.1.4.804"  // Consult [https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/4e5b2424-642a-40da-acb1-9fff381b46e4] for reference.
	LDAP_MATCHING_RULE_IN_CHAIN        MatchingRule = "1.2.840.113556.1.4.1941" // Consult [https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/1e889adc-b503-4423-8985-c28d5c7d4887] for reference.
	LDAP_MATCHING_RULE_TRANSITIVE_EVAL MatchingRule = "1.2.840.113556.1.4.1941" // Consult [https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/1e889adc-b503-4423-8985-c28d5c7d4887] for reference.
	LDAP_MATCHING_RULE_DN_WITH_DATA    MatchingRule = "1.2.840.113556.1.4.2253" // Consult [https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/e5bfc285-05b9-494e-a123-c5c4341c450e] for reference.
)

LDAP Matching Rules (extensibleMatch), please, consult: [https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/4e638665-f466-4597-93c4-12f2ebfabab5].

type Type

type Type string

Type represents the type of an attribute

const (
	TypeBool               Type = "Bool"
	TypeDecimal            Type = "Decimal"
	TypeGroupType          Type = "GroupType"
	TypeHexString          Type = "HexString"
	TypeInt                Type = "Int"
	TypeIPv4Address        Type = "IPv4Address"
	TypeRaw                Type = "TypeRaw"
	TypeSAMaccountType     Type = "SAMaccountType"
	TypeString             Type = "String"
	TypeStringSlice        Type = "StringSlice"
	TypeTime               Type = "Time"
	TypeUserAccountControl Type = "UserAccountControl"
)

Possible values for the Type attribute

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL