Skip to content

Instantly share code, notes, and snippets.

@riverar

riverar/Cargo.toml

Last active December 29, 2023 00:48
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save riverar/23d0f44b6e84b72bbef86989d8d6f243 to your computer and use it in GitHub Desktop.
Save riverar/23d0f44b6e84b72bbef86989d8d6f243 to your computer and use it in GitHub Desktop.
Download ZIP
ADCS Templates
Raw
Cargo.toml
[package]
name = "app"
version = "0.0.0"
edition = "2021"
publish = false
[dependencies.windows]
version = "0.52.0"
features = [
"Win32_Foundation",
"Win32_System_Com",
"Win32_Security_Cryptography_Certificates",
"Win32_System_Ole",
"Win32_System_Variant",
]
Raw
main.rs
use windows::{
core::BSTR,
Win32::{
Foundation::VARIANT_BOOL,
Security::Cryptography::Certificates::{
CX509EnrollmentPolicyActiveDirectory, ContextUser, IX509EnrollmentPolicyServer,
LoadOptionReload, TemplatePropCommonName, X509AuthKerberos,
},
System::Com::{
CoCreateInstance, CoInitializeEx, CLSCTX_INPROC_SERVER, COINIT_MULTITHREADED,
},
},
};
fn main() -> windows::core::Result<()> {
unsafe {
CoInitializeEx(None, COINIT_MULTITHREADED)?;
let policy: IX509EnrollmentPolicyServer = CoCreateInstance(
&CX509EnrollmentPolicyActiveDirectory,
None,
CLSCTX_INPROC_SERVER,
)?;
policy.Initialize(
&BSTR::from("ldap://dc01.my.forest"),
None,
X509AuthKerberos,
VARIANT_BOOL(0),
ContextUser,
)?;
policy.SetCredential(0, X509AuthKerberos, None, None)?;
policy.LoadPolicy(LoadOptionReload)?;
let templates = policy.GetTemplates()?;
let count = templates.Count()?;
debug_assert!(count > 0);
for i in 0..count {
let template = templates.get_ItemByIndex(i)?;
let variant = template.get_Property(TemplatePropCommonName)?;
dbg!(&variant.Anonymous.Anonymous.Anonymous.bstrVal);
}
}
Ok(())
}
Raw
output.txt
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: Administrator,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: ClientAuth,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: EFS,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: CAExchange,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: CEPEncryption,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: CodeSigning,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: Machine,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: CrossCA,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: DirectoryEmailReplication,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: DomainController,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: DomainControllerAuthentication,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: EFSRecovery,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: EnrollmentAgent,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: MachineEnrollmentAgent,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: EnrollmentAgentOffline,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: ExchangeUserSignature,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: ExchangeUser,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: IPSECIntermediateOnline,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: IPSECIntermediateOffline,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: KerberosAuthentication,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: KeyRecoveryAgent,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: OCSPResponseSigning,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: RASAndIASServer,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: CA,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: OfflineRouter,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: SmartcardLogon,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: SmartcardUser,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: SubCA,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: CTLSigning,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: User,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: UserSignature,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: WebServer,
}
[src\main.rs:39] &variant.Anonymous.Anonymous.Anonymous.bstrVal = ManuallyDrop {
value: Workstation,
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment