Add test coverage for LdapConnectionPool excluded domains; fix previe…

…w feature use on LdapUtils

src/CommonLib/LdapUtils.cs

@@ -972,7 +972,7 @@ await GetForest(domainName) is (true, var forestName) &&
                     await GetDomainSidFromDomainName(forestName) is (true, var forestDomainSid)) {
                     forestSidToName.TryAdd(forestDomainSid, forestName);
                     if (!grouped.ContainsKey(forestDomainSid)) {
-                        grouped[forestDomainSid] = [];
+                        grouped[forestDomainSid] = new();
                     }
 
                     foreach (var k in domainSid) {

test/unit/LdapConnectionPoolTest.cs

@@ -0,0 +1,45 @@
+using System.Reflection;
+using System.Threading.Tasks;
+using Microsoft.Extensions.Logging;
+using Moq;
+using SharpHoundCommonLib;
+using Xunit;
+
+public class LdapConnectionPoolTest
+{
+    private static void AddExclusionDomain(string identifier) {
+        var excludedDomainsField = typeof(LdapConnectionPool)
+            .GetField("_excludedDomains", BindingFlags.Static | BindingFlags.NonPublic);
+
+        var excludedDomains = (ConcurrentHashSet)excludedDomainsField.GetValue(null);
+
+        excludedDomains.Add(identifier);
+    }
+
+    [Fact]
+    public async Task LdapConnectionPool_ExcludedDomains_ShouldExitEarly()
+    {
+        var mockLogger = new Mock<ILogger>();
+        var ldapConfig = new LdapConfig();
+        var connectionPool = new ConnectionPoolManager(ldapConfig, mockLogger.Object);
+
+        AddExclusionDomain("excludedDomain.com");
+        var connectAttempt = await connectionPool.TestDomainConnection("excludedDomain.com", false);
+
+        Assert.False(connectAttempt.Success);
+        Assert.Contains("excluded for connection attempt", connectAttempt.Message);
+    }
+
+    [Fact]
+    public async Task LdapConnectionPool_ExcludedDomains_NonExcludedShouldntExit()
+    {
+        var mockLogger = new Mock<ILogger>();
+        var ldapConfig = new LdapConfig();
+        var connectionPool = new ConnectionPoolManager(ldapConfig, mockLogger.Object);
+
+        AddExclusionDomain("excludedDomain.com");
+        var connectAttempt = await connectionPool.TestDomainConnection("perfectlyValidDomain.com", false);
+
+        Assert.DoesNotContain("excluded for connection attempt", connectAttempt.Message);
+    }
+}