From 21855df4afafbcf1b95a81e47f54d4da6781dbe8 Mon Sep 17 00:00:00 2001 From: Cuong Manh Le Date: Tue, 12 Aug 2025 16:48:10 +0700 Subject: [PATCH] fix: correct Windows API constants to fix domain join detection The function was incorrectly identifying domain-joined status due to wrong constant values, potentially causing false negatives for domain-joined machines. --- nameservers_windows.go | 54 ++++++++++++++++++++---------------------- 1 file changed, 26 insertions(+), 28 deletions(-) diff --git a/nameservers_windows.go b/nameservers_windows.go index eb4f2b5..7b16e8e 100644 --- a/nameservers_windows.go +++ b/nameservers_windows.go @@ -23,20 +23,17 @@ import ( ) const ( - maxDNSAdapterRetries = 5 - retryDelayDNSAdapter = 1 * time.Second - defaultDNSAdapterTimeout = 10 * time.Second - minDNSServers = 1 // Minimum number of DNS servers we want to find - NetSetupUnknown uint32 = 0 - NetSetupWorkgroup uint32 = 1 - NetSetupDomain uint32 = 2 - NetSetupCloudDomain uint32 = 3 - DS_FORCE_REDISCOVERY = 0x00000001 - DS_DIRECTORY_SERVICE_REQUIRED = 0x00000010 - DS_BACKGROUND_ONLY = 0x00000100 - DS_IP_REQUIRED = 0x00000200 - DS_IS_DNS_NAME = 0x00020000 - DS_RETURN_DNS_NAME = 0x40000000 + maxDNSAdapterRetries = 5 + retryDelayDNSAdapter = 1 * time.Second + defaultDNSAdapterTimeout = 10 * time.Second + minDNSServers = 1 // Minimum number of DNS servers we want to find + + DS_FORCE_REDISCOVERY = 0x00000001 + DS_DIRECTORY_SERVICE_REQUIRED = 0x00000010 + DS_BACKGROUND_ONLY = 0x00000100 + DS_IP_REQUIRED = 0x00000200 + DS_IS_DNS_NAME = 0x00020000 + DS_RETURN_DNS_NAME = 0x40000000 ) type DomainControllerInfo struct { @@ -158,7 +155,7 @@ func getDNSServers(ctx context.Context) ([]string, error) { 0, // DomainGuid - not needed 0, // SiteName - not needed uintptr(flags), // Flags - uintptr(unsafe.Pointer(&info))) // DomainControllerInfo - output + uintptr(unsafe.Pointer(&info))) // DomainControllerInfo - output if ret != 0 { switch ret { @@ -343,27 +340,28 @@ func checkDomainJoined() bool { var domain *uint16 var status uint32 - err := windows.NetGetJoinInformation(nil, &domain, &status) - if err != nil { - Log(context.Background(), logger.Debug(), - "Failed to get domain join status: %v", err) + if err := windows.NetGetJoinInformation(nil, &domain, &status); err != nil { + Log(context.Background(), logger.Debug(), "Failed to get domain join status: %v", err) return false } defer windows.NetApiBufferFree((*byte)(unsafe.Pointer(domain))) + // NETSETUP_JOIN_STATUS constants from Microsoft Windows API + // See: https://learn.microsoft.com/en-us/windows/win32/api/lmjoin/ne-lmjoin-netsetup_join_status + // + // NetSetupUnknownStatus uint32 = 0 // The status is unknown + // NetSetupUnjoined uint32 = 1 // The computer is not joined to a domain or workgroup + // NetSetupWorkgroupName uint32 = 2 // The computer is joined to a workgroup + // NetSetupDomainName uint32 = 3 // The computer is joined to a domain + // + // We only care about NetSetupDomainName. domainName := windows.UTF16PtrToString(domain) Log(context.Background(), logger.Debug(), - "Domain join status: domain=%s status=%d (Unknown=0, Workgroup=1, Domain=2, CloudDomain=3)", + "Domain join status: domain=%s status=%d (UnknownStatus=0, Unjoined=1, WorkgroupName=2, DomainName=3)", domainName, status) - // Consider domain or cloud domain as domain-joined - isDomain := status == NetSetupDomain || status == NetSetupCloudDomain - Log(context.Background(), logger.Debug(), - "Is domain joined? status=%d, traditional=%v, cloud=%v, result=%v", - status, - status == NetSetupDomain, - status == NetSetupCloudDomain, - isDomain) + isDomain := status == syscall.NetSetupDomainName + Log(context.Background(), logger.Debug(), "Is domain joined? status=%d, result=%v", status, isDomain) return isDomain }