-
Notifications
You must be signed in to change notification settings - Fork 106
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SchannelAuthenticationEnabled #828
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did have a couple small questions about re-enabling the tests, but I approved anyway based on the assumption that the updated tests are working well. If not, we should put the skips back in to ensure build stability.
Otherwise, everything here looks great!
@@ -2426,8 +2426,7 @@ func FetchADCSPrereqs(db graph.Database) (impact.PathAggregator, []*graph.Node, | |||
} | |||
} | |||
|
|||
func TestADCSESC10a(t *testing.T) { //*** | |||
t.Skip("3 Disabling test to allow engineers to continue submitting PRs and not have significant errors BED-4747") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you feel confident that this test will pass reliably on test runs? The skip was recently added in #822 as this test was identified as one that would fail intermittently. Based on your changes it looks like there was significant work done here, but I just wanted to double check.
@@ -2990,8 +2989,7 @@ func TestADCSESC13(t *testing.T) { //*** | |||
}) | |||
} | |||
|
|||
func TestADCSESC10b(t *testing.T) { //*** | |||
t.Skip("5 Disabling test to allow engineers to continue submitting PRs and not have significant errors BED-4747") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you feel confident that this test will pass reliably on test runs? The skip was recently added in #822 as this test was identified as one that would fail intermittently. Based on your changes it looks like there was significant work done here, but I just wanted to double check.
Description
Add new CertTemplate property schannelauthenticationenabled.
Motivation and Context
Not all EKUs that enable Kerberos auth enable Schannel auth. Therefore a property for Schannel auth.
This PR addresses: BP-610
How Has This Been Tested?
By uploading this dataset: 20240902031837_BloodHound.zip
You should see a bunch of ESC6b/ESC10 edges:
The CertTemplate nodes of the composition of graphs for the above edges all have schannelauthenticationenabled = true.
Screenshots (optional):
Types of changes
Checklist: