Skip to content

Parse dnsNode objects to assign IP addresses to computers #51

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Tw1sm merged 4 commits into from
Jan 14, 2026
Merged

Parse dnsNode objects to assign IP addresses to computers #51

Tw1sm merged 4 commits into from
Jan 14, 2026

Conversation

@martanne
Copy link

@martanne martanne commented Jan 6, 2026

I'm working on an OpenGraph collector and want to create hybrid edges to computer objects where the only information I have is the host's IP address.

Parse A, AAAA and PTR DNS records of dnsNode objects and store the discovered IP addresses in a new property of the corresponding computer object.

The matching of host names to computer objects uses the same logic as the session support, i.e. the comparison is primarily based on the dNSHostName with a fallback to the samaccountname.

Expects the dnsRecord attribute to be formatted as a list of base64 encoded values. I will follow up with corresponding patches to pyldapsearch and the TrustedSec ldapsearch BOF.

Besides the DNS nodes, the domain object and the corresponding computer objects also need to be available. This should give you an example data set:

pyldapsearch -base-dn 'CN=MicrosoftDNS,DC=DomainDnsZones,DC=ludus,DC=domain' 'ludus.domain/domainuser:password' '(objectclass=dnsnode)'
pyldapsearch 'ludus.domain/domainuser:password' '(objectclass=domain)'
pyldapsearch 'ludus.domain/domainuser:password' '(objectclass=computer)'

@martanne
Parse dnsNode objects to assign IP addresses to computers
3518d08 
Parse A, AAAA and PTR DNS records of dnsNode objects and store the
discovered IP addresses in a new property of the corresponding computer
object.

The matching of host names to computer objects uses the same logic as
the session support, i.e. the comparison is primarly based on the
dNSHostName with a fallback to the samaccountname.

Expects the dnsRecord attribute to be formatted as a list of base64
encoded values.
This was referenced Jan 6, 2026
Merged
Open
@Tw1sm
Copy link
Collaborator

Tw1sm commented Jan 14, 2026

Looking forward to seeing the OpenGrah collector 👀

@Tw1sm Tw1sm merged commit 99a1564 into coffeegist:main Jan 14, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@martanne @Tw1sm