attributes

package
v2.6.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2024 License: MIT Imports: 6 Imported by: 0

Documentation

Overview

Package attributes contains the definitions of the attributes that can be used. Most definitions are based on the RFC 4519 (https://tools.ietf.org/html/rfc4519). Custom implementations are provided for attributes that are not defined in the RFC, but common for Microsoft Active Directory.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Attribute 

type Attribute struct {
	// Alias is the alias of the attribute
	Alias string
	// LDAPDisplayName is the LDAP display name of the attribute
	LDAPDisplayName string
	// PrettyName is the pretty name of the attribute (CamelCase)
	PrettyName string
	// Type is the type of the attribute defined in RFC 4517
	Type Type
}

Attribute is an LDAP attribute

func AccountExpires 

func AccountExpires() Attribute

func Any 

func Any() Attribute

Any returns an attribute that matches any attribute

func BadPasswordCount 

func BadPasswordCount() Attribute

func BadPasswordTime 

func BadPasswordTime() Attribute

func CommonName 

func CommonName() Attribute

func Company 

func Company() Attribute

func CountryCode 

func CountryCode() Attribute

func CountryName 

func CountryName() Attribute

func CountryNumber 

func CountryNumber() Attribute

func DNSHostname 

func DNSHostname() Attribute

func Department 

func Department() Attribute

func DepartmentNumber 

func DepartmentNumber() Attribute

func Description 

func Description() Attribute

func DisplayName 

func DisplayName() Attribute

func DistinguishedName 

func DistinguishedName() Attribute

func Division 

func Division() Attribute

func EmployeeID 

func EmployeeID() Attribute

func GivenName 

func GivenName() Attribute

func GlobalExtension1 

func GlobalExtension1() Attribute

func GlobalExtension10 

func GlobalExtension10() Attribute

func GlobalExtension11 

func GlobalExtension11() Attribute

func GlobalExtension12 

func GlobalExtension12() Attribute

func GlobalExtension13 

func GlobalExtension13() Attribute

func GlobalExtension14 

func GlobalExtension14() Attribute

func GlobalExtension15 

func GlobalExtension15() Attribute

func GlobalExtension16 

func GlobalExtension16() Attribute

func GlobalExtension17 

func GlobalExtension17() Attribute

func GlobalExtension18 

func GlobalExtension18() Attribute

func GlobalExtension19 

func GlobalExtension19() Attribute

func GlobalExtension2 

func GlobalExtension2() Attribute

func GlobalExtension20 

func GlobalExtension20() Attribute

func GlobalExtension21 

func GlobalExtension21() Attribute

func GlobalExtension22 

func GlobalExtension22() Attribute

func GlobalExtension23 

func GlobalExtension23() Attribute

func GlobalExtension24 

func GlobalExtension24() Attribute

func GlobalExtension25 

func GlobalExtension25() Attribute

func GlobalExtension26 

func GlobalExtension26() Attribute

func GlobalExtension27 

func GlobalExtension27() Attribute

func GlobalExtension28 

func GlobalExtension28() Attribute

func GlobalExtension29 

func GlobalExtension29() Attribute

func GlobalExtension3 

func GlobalExtension3() Attribute

func GlobalExtension30 

func GlobalExtension30() Attribute

func GlobalExtension4 

func GlobalExtension4() Attribute

func GlobalExtension5 

func GlobalExtension5() Attribute

func GlobalExtension6 

func GlobalExtension6() Attribute

func GlobalExtension7 

func GlobalExtension7() Attribute

func GlobalExtension8 

func GlobalExtension8() Attribute

func GlobalExtension9 

func GlobalExtension9() Attribute

func GroupType 

func GroupType() Attribute

func LastLogonTimestamp 

func LastLogonTimestamp() Attribute

func Location 

func Location() Attribute

func Lookup 

func Lookup(in string) *Attribute

Lookup returns the attribute that matches the given LDAP name, pretty name or alias

func Mail 

func Mail() Attribute

func MemberOf 

func MemberOf() Attribute

func Members 

func Members() Attribute

func MsRadiusFramedIPAddress 

func MsRadiusFramedIPAddress() Attribute

func Name 

func Name() Attribute

func ObjectCategory 

func ObjectCategory() Attribute

func ObjectClass 

func ObjectClass() Attribute

func ObjectGUID 

func ObjectGUID() Attribute

func ObjectSID 

func ObjectSID() Attribute

func PasswordLastSet 

func PasswordLastSet() Attribute

func PostalCode 

func PostalCode() Attribute

func Raw 

func Raw(LDAPName, prettyName string, attrType Type) Attribute

Raw returns an attribute that matches the given LDAP name

func SamAccountName 

func SamAccountName() Attribute

func SamAccountType 

func SamAccountType() Attribute

func StreetAddress 

func StreetAddress() Attribute

func Surname 

func Surname() Attribute

func UnicodePassword 

func UnicodePassword() Attribute

func UserAccountControl 

func UserAccountControl() Attribute

func UserCertificate 

func UserCertificate() Attribute

func UserPrincipalName 

func UserPrincipalName() Attribute

func WhenChanged 

func WhenChanged() Attribute

func WhenCreated 

func WhenCreated() Attribute

func (Attribute) Parse 

func (a Attribute) Parse(values []string, attrMap *Map)

Parse parses a value and stores it in a map of attributes

func (Attribute) Register 

func (a Attribute) Register() Attribute

Register registers an attribute in the registry

func (Attribute) String 

func (a Attribute) String() string

String returns the string representation of an attribute (first its pretty name, then its LDAP display name)

type Attributes 

type Attributes []Attribute

Attributes is a slice of attributes

func LookupMany 

func LookupMany(strict bool, in ...string) (list Attributes)

LookupMany returns a list of attributes that match the given LDAP names, pretty names or aliases (for "*"" it returns all attributes)

func (*Attributes) Append 

func (a *Attributes) Append(attrs ...Attribute)

Append appends attributes to the slice only if they are not already present

func (Attributes) Sort 

func (a Attributes) Sort()

Sort sorts the attributes by their string representation

func (Attributes) ToAttributeList 

func (a Attributes) ToAttributeList() (list []string)

ToAttributeList returns a list of attributes as strings

type FlagSAMAccountType 

type FlagSAMAccountType uint32

FlagSAMAccountType is a representation of the SAMAccountType attribute 

const (
	SAM_ACCOUNT_TYPE_DOMAIN_OBJECT             FlagSAMAccountType = 0x00000000
	SAM_ACCOUNT_TYPE_GROUP_OBJECT              FlagSAMAccountType = 0x10000000
	SAM_ACCOUNT_TYPE_NON_SECURITY_GROUP_OBJECT FlagSAMAccountType = 0x10000001
	SAM_ACCOUNT_TYPE_ALIAS_OBJECT              FlagSAMAccountType = 0x20000000
	SAM_ACCOUNT_TYPE_NON_SECURITY_ALIAS_OBJECT FlagSAMAccountType = 0x20000001
	SAM_ACCOUNT_TYPE_USER_OBJECT               FlagSAMAccountType = 0x30000000
	SAM_ACCOUNT_TYPE_NORMAL_USER_ACCOUNT       FlagSAMAccountType = 0x30000000
	SAM_ACCOUNT_TYPE_MACHINE_ACCOUNT           FlagSAMAccountType = 0x30000001
	SAM_ACCOUNT_TYPE_TRUST_ACCOUNT             FlagSAMAccountType = 0x30000002
	SAM_ACCOUNT_TYPE_APP_BASIC_GROUP           FlagSAMAccountType = 0x40000000
	SAM_ACCOUNT_TYPE_APP_QUERY_GROUP           FlagSAMAccountType = 0x40000001
	SAM_ACCOUNT_TYPE_ACCOUNT_TYPE_MAX          FlagSAMAccountType = 0x7FFFFFFF
)

sAMaccountName implementation corresponding to: [https://docs.microsoft.com/en-us/windows/win32/adschema/a-samaccounttype].

func (FlagSAMAccountType) Eval 

func (v FlagSAMAccountType) Eval() []string

Eval evaluates a binary flag of a SAM account type

type FlagsetGroupType 

type FlagsetGroupType uint32

FlagsetGroupType is a binary flagset of group types (multi-valued) 

const (
	GROUP_TYPE_CREATED_BY_SYSTEM FlagsetGroupType = 0x00000001           // Specifies a group that is created by the system.
	GROUP_TYPE_GLOBAL            FlagsetGroupType = 0x00000002           // Specifies a group with global scope.
	GROUP_TYPE_LOCAL             FlagsetGroupType = 0x00000004           // Specifies a group with domain local scope.
	GROUP_TYPE_UNIVERSAL         FlagsetGroupType = 0x00000008           // Specifies a group with universal scope.
	GROUP_TYPE_APP_BASIC         FlagsetGroupType = 0x00000010           // Specifies an APP_BASIC group for Windows Server Authorization Manager.
	GROUP_TYPE_APP_QUERY         FlagsetGroupType = 0x00000020           // Specifies an APP_QUERY group for Windows Server Authorization Manager.
	GROUP_TYPE_SECURITY          FlagsetGroupType = 0x80000000           // Specifies a security group. If this flag is not set, then the group is a distribution group.
	GROUP_TYPE_DISTRIBUTION      FlagsetGroupType = ^GROUP_TYPE_SECURITY // Specifies a distribution group. If this flag is not set, then the group is a security group.
)

https://docs.microsoft.com/en-us/windows/win32/adschema/a-grouptype

func (FlagsetGroupType) Eval 

func (v FlagsetGroupType) Eval() (types []string)

Eval evaluates a binary flagset of group types

type FlagsetUserAccountControl 

type FlagsetUserAccountControl uint32

FlagsetUserAccountControl is a set of flags for the userAccountControl attribute (multi-valued). 

const (
	USER_ACCOUNT_CONTROL_LOGON_SCRIPT                           FlagsetUserAccountControl = 0x00000001 // The logon script is executed.
	USER_ACCOUNT_CONTROL_ACCOUNT_DISABLE                        FlagsetUserAccountControl = 0x00000002 // The user account is disabled.
	USER_ACCOUNT_CONTROL_HOMEDIR_REQUIRED                       FlagsetUserAccountControl = 0x00000008 // The home directory is required.
	USER_ACCOUNT_CONTROL_LOCKOUT                                FlagsetUserAccountControl = 0x00000010 // The account is currently locked out.
	USER_ACCOUNT_CONTROL_PASSWORD_NOTREQD                       FlagsetUserAccountControl = 0x00000020 // No password is required.
	USER_ACCOUNT_CONTROL_PASSWORD_CANT_CHANGE                   FlagsetUserAccountControl = 0x00000040 // The user cannot change the password.
	USER_ACCOUNT_CONTROL_ENCRYPTED_TEXT_PASSWORD_ALLOWED        FlagsetUserAccountControl = 0x00000080 // The user can send an encrypted password.
	USER_ACCOUNT_CONTROL_TEMP_DUPLICATE_ACCOUNT                 FlagsetUserAccountControl = 0x00000100 // This is an account for users whose primary account is in another domain. This account provides user access to this domain, but not to any domain that trusts this domain. Also known as a local user account.
	USER_ACCOUNT_CONTROL_NORMAL_ACCOUNT                         FlagsetUserAccountControl = 0x00000200 // This is a default account type that represents a typical user.
	USER_ACCOUNT_CONTROL_INTERDOMAIN_TRUST_ACCOUNT              FlagsetUserAccountControl = 0x00000800 // This is a permit to trust account for a system domain that trusts other domains.
	USER_ACCOUNT_CONTROL_WORKSTATION_TRUST_ACCOUNT              FlagsetUserAccountControl = 0x00001000 // This is a computer account for a computer that is a member of this domain.
	USER_ACCOUNT_CONTROL_SERVER_TRUST_ACCOUNT                   FlagsetUserAccountControl = 0x00002000 // This is a computer account for a system backup domain controller that is a member of this domain.
	USER_ACCOUNT_CONTROL_DONT_EXPIRE_PASSWD                     FlagsetUserAccountControl = 0x00010000 // The password for this account will never expire.
	USER_ACCOUNT_CONTROL_MNS_LOGON_ACCOUNT                      FlagsetUserAccountControl = 0x00020000 // This is an MNS logon account.
	USER_ACCOUNT_CONTROL_SMARTCARD_REQUIRED                     FlagsetUserAccountControl = 0x00040000 // The user must log on using a smart card.
	USER_ACCOUNT_CONTROL_TRUSTED_FOR_DELEGATION                 FlagsetUserAccountControl = 0x00080000 // The service account (user or computer account), under which a service runs, is trusted for Kerberos delegation. Any such service can impersonate a client requesting the service.
	USER_ACCOUNT_CONTROL_NOT_DELEGATED                          FlagsetUserAccountControl = 0x00100000 // The security context of the user will not be delegated to a service even if the service account is set as trusted for Kerberos delegation.
	USER_ACCOUNT_CONTROL_USE_DES_KEY_ONLY                       FlagsetUserAccountControl = 0x00200000 // Restrict this principal to use only Data Encryption Standard (DES) encryption types for keys.
	USER_ACCOUNT_CONTROL_DONT_REQUIRE_PREAUTH                   FlagsetUserAccountControl = 0x00400000 // This account does not require Kerberos pre-authentication for logon.
	USER_ACCOUNT_CONTROL_PASSWORD_EXPIRED                       FlagsetUserAccountControl = 0x00800000 // The user password has expired. This flag is created by the system using data from the Pwd-Last-Set attribute and the domain policy.
	USER_ACCOUNT_CONTROL_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION FlagsetUserAccountControl = 0x01000000 // The account is enabled for delegation. This is a security-sensitive setting; accounts with this option enabled should be strictly controlled. This setting enables a service running under the account to assume a client identity and authenticate as that user to other remote servers on the network.
)

userAccountControl implemented corresponding to: [https://docs.microsoft.com/en-us/windows/win32/adschema/a-useraccountcontrol].

func (FlagsetUserAccountControl) Eval 

func (v FlagsetUserAccountControl) Eval() (controls []string)

Eval returns a list of strings representing the flags set in the userAccountControl attribute.

type Map 

type Map map[Attribute]any

Map is a map of attributes to values

func (Map) Keys 

func (attrMap Map) Keys() (keys Attributes)

Keys returns the keys of a map of attributes

func (*Map) ParseBool 

func (attrMap *Map) ParseBool(a Attribute, values []string)

ParseBool parses a boolean value

func (*Map) ParseDecimal 

func (attrMap *Map) ParseDecimal(a Attribute, values []string)

ParseDecimal parses a decimal value

func (*Map) ParseGroupType 

func (attrMap *Map) ParseGroupType(a Attribute, values []string)

ParseGroupType parses a group type value

func (*Map) ParseIPv4Address 

func (attrMap *Map) ParseIPv4Address(a Attribute, values []string)

ParseIPv4Address parses an IPv4 address value

func (*Map) ParseInt 

func (attrMap *Map) ParseInt(a Attribute, values []string)

ParseInt parses an integer value

func (*Map) ParseSAMAccountType 

func (attrMap *Map) ParseSAMAccountType(a Attribute, values []string)

ParseSAMAccountName parses a SAM account name (SAN) value

func (*Map) ParseTime 

func (attrMap *Map) ParseTime(a Attribute, values []string)

ParseTime parses a time value

func (*Map) ParseUserAccountControl 

func (attrMap *Map) ParseUserAccountControl(a Attribute, values []string)

ParseUserAccountControl parses a user account control (AUC) value

type Maps 

type Maps []Map

Maps is a slice of maps of attributes to values

type MatchingRule 

type MatchingRule string

MatchingRule is used to define an LDAP matching rule bit mask 

const (
	LDAP_MATCHING_RULE_BIT_AND         MatchingRule = "1.2.840.113556.1.4.803"  // Consult [https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/6dd1d7b4-2b2f-4e55-b164-7047c4c5bb00] for reference.
	LDAP_MATCHING_RULE_BIT_OR          MatchingRule = "1.2.840.113556.1.4.804"  // Consult [https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/4e5b2424-642a-40da-acb1-9fff381b46e4] for reference.
	LDAP_MATCHING_RULE_IN_CHAIN        MatchingRule = "1.2.840.113556.1.4.1941" // Consult [https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/1e889adc-b503-4423-8985-c28d5c7d4887] for reference.
	LDAP_MATCHING_RULE_TRANSITIVE_EVAL MatchingRule = "1.2.840.113556.1.4.1941" // Consult [https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/1e889adc-b503-4423-8985-c28d5c7d4887] for reference.
	LDAP_MATCHING_RULE_DN_WITH_DATA    MatchingRule = "1.2.840.113556.1.4.2253" // Consult [https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/e5bfc285-05b9-494e-a123-c5c4341c450e] for reference.
)

LDAP Matching Rules (extensibleMatch), please, consult: [https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/4e638665-f466-4597-93c4-12f2ebfabab5].

type Type 

type Type string

Type represents the type of an attribute 

const (
	TypeBool               Type = "Bool"
	TypeDecimal            Type = "Decimal"
	TypeGroupType          Type = "GroupType"
	TypeHexString          Type = "HexString"
	TypeInt                Type = "Int"
	TypeIPv4Address        Type = "IPv4Address"
	TypeRaw                Type = "TypeRaw"
	TypeSAMaccountType     Type = "SAMaccountType"
	TypeString             Type = "String"
	TypeStringSlice        Type = "StringSlice"
	TypeTime               Type = "Time"
	TypeUserAccountControl Type = "UserAccountControl"
)

Possible values for the Type attribute

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.