Further NTDS improvements

[Schamper]

Move some methods around, and clean up how we retrieve the root domain.

[Copilot]

Pull request overview

This PR refactors parts of the NTDS ESE parser to centralize “root domain / DSA / DMD / PEK” access on Database, adds parsing for hiddentable database flags, and introduces a couple of relationship helper methods on NTDS object types.

Changes:

• Introduce DatabaseFlags + Database.flags and assert AD LDS (ADAM) flag presence in the PEK test.
• Move “root domain / DSA / DMD” retrieval to Database and update call sites to use db.dmd() / db.pek.
• Add convenience relationship helpers (Server.computer(), NTDSDSA.domain(), NTDSDSA.features()) and rename NTDS.root_domain() to NTDS.domain().

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 6 comments.

Show a summary per file

File	Description
tests/ese/ntds/test_pek.py	Adds an assertion that AD LDS databases expose the ADAM database flag.
dissect/database/ese/ntds/util.py	Adds DatabaseFlags enum and updates PEK decryption helpers to use db.pek.
dissect/database/ese/ntds/schema.py	Switches schema loading to use db.dmd() instead of db.data.dmd().
dissect/database/ese/ntds/objects/server.py	Adds Server.computer() link helper (serverReference).
dissect/database/ese/ntds/objects/ntdsdsa.py	Adds NTDSDSA.domain() and NTDSDSA.features() link helpers.
dissect/database/ese/ntds/ntds.py	Exposes NTDS.domain() (renamed from root_domain) and moves pek property earlier.
dissect/database/ese/ntds/database.py	Centralizes hiddentable access on Database, adds flags, dsa, dmd, dc, domain, and updates PEK derivation logic accordingly.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[codspeed-hq]

Merging this PR will not alter performance

✅ 6 untouched benchmarks

---

_{Comparing improve-ntds (1f94c16) with main (ca61f5a)}

[codecov]

Codecov Report

❌ Patch coverage is 0% with 83 lines in your changes missing coverage. Please review.
✅ Project coverage is 0.00%. Comparing base (ca61f5a) to head (1f94c16).

Files with missing lines	Patch %	Lines
dissect/database/ese/ntds/database.py	0.00%	47 Missing ⚠️
dissect/database/ese/ntds/util.py	0.00%	16 Missing ⚠️
dissect/database/ese/ntds/objects/ntdsdsa.py	0.00%	6 Missing ⚠️
dissect/database/ese/ntds/ntds.py	0.00%	5 Missing ⚠️
dissect/database/ese/ntds/query.py	0.00%	4 Missing ⚠️
dissect/database/ese/ntds/objects/server.py	0.00%	3 Missing ⚠️
dissect/database/ese/ntds/schema.py	0.00%	2 Missing ⚠️

Additional details and impacted files

@@          Coverage Diff          @@
##            main     #43   +/-   ##
=====================================
  Coverage   0.00%   0.00%           
=====================================
  Files        150     150           
  Lines       4186    4216   +30     
=====================================
- Misses      4186    4216   +30     

Flag	Coverage Δ
unittests	0.00% <0.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.