Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SchannelAuthenticationEnabled #828

Merged
merged 2 commits into from
Sep 19, 2024
Merged

SchannelAuthenticationEnabled #828

merged 2 commits into from
Sep 19, 2024

Conversation

JonasBK
Copy link
Collaborator

@JonasBK JonasBK commented Sep 3, 2024
edited
Loading

Description

Add new CertTemplate property schannelauthenticationenabled.

Motivation and Context

Not all EKUs that enable Kerberos auth enable Schannel auth. Therefore a property for Schannel auth.
This PR addresses: BP-610

How Has This Been Tested?

By uploading this dataset: 20240902031837_BloodHound.zip

You should see a bunch of ESC6b/ESC10 edges:
image

The CertTemplate nodes of the composition of graphs for the above edges all have schannelauthenticationenabled = true.
image

Screenshots (optional):

Types of changes

  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

@JonasBK JonasBK added the enhancement New feature or request label Sep 3, 2024
@irshadaj irshadaj added the external This pull request is from an external contributor label Sep 11, 2024
@JonasBK JonasBK enabled auto-merge (squash) September 13, 2024 19:44
juggernot325
juggernot325 approved these changes Sep 19, 2024
View reviewed changes
Copy link
Contributor

@juggernot325 juggernot325 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did have a couple small questions about re-enabling the tests, but I approved anyway based on the assumption that the updated tests are working well. If not, we should put the skips back in to ensure build stability.

Otherwise, everything here looks great!

cmd/api/src/analysis/ad/adcs_integration_test.go
@@ -2426,8 +2426,7 @@ func FetchADCSPrereqs(db graph.Database) (impact.PathAggregator, []*graph.Node,
}
}

func TestADCSESC10a(t *testing.T) { //***
t.Skip("3 Disabling test to allow engineers to continue submitting PRs and not have significant errors BED-4747")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you feel confident that this test will pass reliably on test runs? The skip was recently added in #822 as this test was identified as one that would fail intermittently. Based on your changes it looks like there was significant work done here, but I just wanted to double check.

cmd/api/src/analysis/ad/adcs_integration_test.go
@@ -2990,8 +2989,7 @@ func TestADCSESC13(t *testing.T) { //***
})
}

func TestADCSESC10b(t *testing.T) { //***
t.Skip("5 Disabling test to allow engineers to continue submitting PRs and not have significant errors BED-4747")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you feel confident that this test will pass reliably on test runs? The skip was recently added in #822 as this test was identified as one that would fail intermittently. Based on your changes it looks like there was significant work done here, but I just wanted to double check.

@JonasBK JonasBK merged commit 3ecd743 into main Sep 19, 2024
4 checks passed
@JonasBK JonasBK deleted the bp610-schannelauth branch September 19, 2024 14:33
@github-actions github-actions bot locked and limited conversation to collaborators Sep 19, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@juggernot325 juggernot325 juggernot325 approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request external This pull request is from an external contributor
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@JonasBK @juggernot325 @irshadaj