dadevel/ldeep-trust-discover.sh

## ldeep-trust-discover.sh
#!/usr/bin/env bash
set -euo pipefail

# usage: ldeep-trust-discover child.corp.com -u user -p passw0rd

discover() {
    if [[ ! -e "./trust-$1.json" ]]; then
        echo "discovering $1" >&2
        ldeep ldap -s ldaps://"$1" "${@:2}" trusts -v > "./trust-$1.json" 2> /dev/null || \
            ldeep ldap -s ldap://"$1" "${@:2}" trusts -v > "./trust-$1.json"  2> /dev/null || {
                echo "error: failed to query $1"
                return 1
            }
        jq -r '.[].trustPartner' "./trust-$1.json" | while read -r partner; do
            discover "${partner}" "${@:2}"
        done
    fi
    declare domain
    for path in ./trust-*.json; do
        domain="${path#./trust-}"
        domain="${domain%.json}"
        jq -r --arg domain "${domain}" '.[]|[$domain,.trustPartner,.trustDirection,.trustAttributes,.trustType]|@tsv' "${path}"
    done
}

discover "$1" -d "$1" "${@:2}" | sort -Vu | cat <(echo -e 'source\tdestination\tdirection\tattributes\ttype') - | column -ts $'\t'
	#!/usr/bin/env bash
	set -euo pipefail

	# usage: ldeep-trust-discover child.corp.com -u user -p passw0rd

	discover() {
	if [[ ! -e "./trust-$1.json" ]]; then
	echo "discovering $1" >&2
	ldeep ldap -s ldaps://"$1" "${@:2}" trusts -v > "./trust-$1.json" 2> /dev/null \|\| \
	ldeep ldap -s ldap://"$1" "${@:2}" trusts -v > "./trust-$1.json" 2> /dev/null \|\| {
	echo "error: failed to query $1"
	return 1
	}
	jq -r '.[].trustPartner' "./trust-$1.json" \| while read -r partner; do
	discover "${partner}" "${@:2}"
	done
	fi
	declare domain
	for path in ./trust-*.json; do
	domain="${path#./trust-}"
	domain="${domain%.json}"
	jq -r --arg domain "${domain}" '.[]\|[$domain,.trustPartner,.trustDirection,.trustAttributes,.trustType]\|@tsv' "${path}"
	done
	}

	discover "$1" -d "$1" "${@:2}" \| sort -Vu \| cat <(echo -e 'source\tdestination\tdirection\tattributes\ttype') - \| column -ts $'\t'