Add CRUD methods to ldap #2097
Open
Add CRUD methods to ldap #2097
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
|
So great :D!! |
13 tasks
Contributor
|
Nice one 🎉 |
13 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Until now for all modification operations ldap3 must be used, due to the lack of CRUD methods in ldap (yeah R=read exists, but w/e).
This is now supported!
The implementation is very close to the syntax of the corresponding ldap3 calls in order to be a drop-in-place. Therefore, all existing calls should be able to be replaced by simply switching to impackets ldap. Keep in mind that ldap3 returns
Falsetogether with populatingconnection.last_error, while impackets implementation raises an error. Therefore, error handling must be adjusted. If there are issues (now or in the future) where impackets ldap does not behave similar to ldap3 please hit me up.Subsequently, all existing ldap3 adaptations inside of impacket and NetExec can gradually be replaced by impackets ldap implementation.
Example of adding, modifying and deleting a computer object from NetExec:
Note that i have not tested the
modify_dn()function because i had no proper use-case (at least that worked). Since it is pretty simple, i don't think i have messed it up.