Re-added Foreign-Security-Principal type and fixed InheritsSecurity, …

…sigh
lkarlslund · Jan 22, 2024 · 89325b8 · 89325b8
1 parent cfe2e91
commit 89325b8
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 0 deletions.
diff --git a/modules/engine/objecttype.go b/modules/engine/objecttype.go
@@ -38,6 +38,7 @@ var (
 	ObjectTypeCertificateTemplate        = NewObjectType("CertificateTemplate", "PKI-Certificate-Template")
 	ObjectTypePKIEnrollmentService       = NewObjectType("PKIEnrollmentService", "PKI-Enrollment-Service")
 	ObjectTypeCertificationAuthority     = NewObjectType("CertificationAuthority", "Certification-Authority")
+	ObjectTypeForeignSecurityPrincipal   = NewObjectType("ForeignSecurityPrincipal", "Foreign-Security-Principal")
 	ObjectTypeService                    = NewObjectType("Service", "Service").SetDefault(Last, false)
 	ObjectTypeExecutable                 = NewObjectType("Executable", "Executable").SetDefault(Last, false)
 	ObjectTypeDirectory                  = NewObjectType("Directory", "Directory").SetDefault(Last, false)

diff --git a/modules/integrations/activedirectory/analyze/analyze-ad.go b/modules/integrations/activedirectory/analyze/analyze-ad.go
@@ -162,6 +162,9 @@ func init() {
 
 	Loader.AddProcessor(func(ao *engine.Objects) {
 		ao.Iterate(func(o *engine.Object) bool {
+			if o.Type() == engine.ObjectTypeForeignSecurityPrincipal {
+				return true
+			}
 			if sd, err := o.SecurityDescriptor(); err == nil && sd.Control&engine.CONTROLFLAG_DACL_PROTECTED == 0 {
 				if parentobject, found := ao.DistinguishedParent(o); found {
 					parentobject.EdgeTo(o, EdgeInheritsSecurity)