Closed brightghost closed 5 years ago
So after reading through your detailed question (which thank you btw) I think at least from the way I designed it which maybe I missed something that the password won't even be generated if you can't connect to Active Directory. The one instance I could see this being an issue is if the machine is bound but is acting like it isn't bound. Upon testing this though you are unable to pull any information from AD in this state which means the program would stop during the connection to AD in the ADTools.
I've been thinking about this flow as well. Our situation is that a machine randomly connects to one of a handful of DCs, some are read-only. So in our case, it would be best if passwords weren't changed locally unless it's confirmed that the new password and expiry date have successfully been written to AD. Checking if the machine is bound in this case would not be sufficient.
@patriciaho I'm thinking what we need to do then is maybe add the ability to specify the domain controller to connect to if possible that way you can make sure the record is writable.
Please try the new version that will write the password first to Active Directory before writing it locally. Let me know if this resolves this issue.
I believe this has been resolved but if it hasn't please let me know!
I've been taking a look at this project, and I'm not sure if the error handling is adequate for such a sensitive operation. For example, what will be the result if the password update is attempted but the Computer AD object is not writable? It looks like this block at PWChange:22 where the real work takes place:
As I read it,
local_admin_change.changePassword()
is called before any attempt is made to verify the AD Computer object can be written to, which only takes place in the call toad_tools(computer_record: computer_record, tool: "Set Password", password: password, new_ad_exp_date: new_ad_exp_date)
. The message logged in thecatch
block suggests the operation would be aborted in case of an exception, but if the Computer record can't be updated, won't this in fact leave you with a new password on the local admin, which is not recorded anywhere?I'm not particularly familiar with Swift, so apologies if there's something to the flow control I'm missing here. Or is this check performed earlier in another function? I see you can potentially exit(1) at ADTools:31 , but it seems this will just verify a record was found, not that it's writable.