laps_rs/
lib.rs

1#![cfg(windows)]
2
3//! Library for the retrieval of [LAPS](https://learn.microsoft.com/en-us/windows-server/identity/laps/laps-overview) passwords
4//!
5//! Central for that are the two structs [`AdConnection`] and [`AdConnectionAsync`] which hold a connection to the Active Directory and implement `try_search()`
6//!
7//! # Usage
8//!
9//! In `Cargo.toml`:
10//!
11//! ```toml
12//! [dependencies.laps_rs]
13//! version = "0.1.0"
14//! ```
15//!
16//! # Example
17//!
18//! Both examples perform a search for `"computername"`
19//!
20//! ## Synchronous search
21//!
22//! ```rust,no_run
23//! # use std::error::Error;
24//! use laps_rs::{AdSettings, AdConnection, LdapProtocol, Scope};
25//!
26//! # fn main() -> Result<(), Box<dyn Error>> {
27//!let settings = AdSettings::new(
28//!    "dc.test.internal",
29//!    636,
30//!    LdapProtocol::Secure,
31//!    "OU=path,OU=to,OU=computers,DC=test,DC=internal",
32//!    Scope::Subtree,
33//!);
34//!let mut con: AdConnection = settings.connect()?;
35//!let password = con.try_search("computername", &settings)?;
36//!println!("{password:?}");
37//! # Ok(())
38//! # }
39//! ```
40//!
41//! See also [`AdConnection::try_search()`]
42//!
43//! ## Asynchronous search
44//!
45//! ```rust,no_run
46//! # use std::error::Error;
47//! use laps_rs::{AdSettings, AdConnectionAsync, LdapProtocol, Scope};
48//!
49//!# async fn example() -> Result<(), Box<dyn Error>> {
50//!let settings = AdSettings::new(
51//!    "dc.test.internal",
52//!    636,
53//!    LdapProtocol::Secure,
54//!    "OU=path,OU=to,OU=computers,DC=test,DC=internal",
55//!    Scope::Subtree,
56//!);
57//!let mut con: AdConnectionAsync = settings
58//!    .connect_async()
59//!    .await?;
60//!let password = con
61//!    .try_search("computername", &settings)
62//!    .await?;
63//!println!("{password:?}");
64//! # Ok(())
65//! # }
66//! ```
67//!
68//! See also [`AdConnectionAsync::try_search()`]
69//!
70//! # Quirks
71//!
72//! Since it can be the case that both encrypted and unencrypted LAPS data exists for the same
73//! computer [`process_ldap_search_result()`] will prefer the encrypted information in case of
74//! an identical password expiration.
75//!
76//! In any other case the password with the longer expiration will be returned.
77
78mod decryption;
79mod error;
80mod helpers;
81mod ldap;
82mod types;
83
84pub use error::*;
85pub use ldap::{lookup_laps_info, lookup_laps_info_async, process_ldap_search_result};
86pub use ldap3::Scope;
87pub use types::*;