private ModifyRequest AddAttributeModifications(ExSearchResultEntry entry, SortedList <string, DirectoryAttribute> attributes, ModifyRequest modificationRequest)
{
DirectoryAttributeModification directoryAttributeModification = null;
foreach (KeyValuePair <string, DirectoryAttribute> keyValuePair in attributes)
{
directoryAttributeModification = new DirectoryAttributeModification();
directoryAttributeModification.Name = keyValuePair.Key;
directoryAttributeModification.Operation = DirectoryAttributeOperation.Replace;
foreach (object obj in keyValuePair.Value)
{
if (obj is byte[])
{
directoryAttributeModification.Add((byte[])obj);
}
else
{
directoryAttributeModification.Add((string)obj);
}
if (ExTraceGlobals.SynchronizationJobTracer.IsTraceEnabled(TraceType.DebugTrace))
{
this.TraceAttributeValue(keyValuePair.Value);
}
}
modificationRequest.Modifications.Add(directoryAttributeModification);
}
directoryAttributeModification = new DirectoryAttributeModification();
directoryAttributeModification.Name = "msExchEdgeSyncSourceGuid";
directoryAttributeModification.Operation = DirectoryAttributeOperation.Replace;
directoryAttributeModification.Add((byte[])entry.Attributes["objectGUID"][0]);
modificationRequest.Modifications.Add(directoryAttributeModification);
return(modificationRequest);
}
public virtual void SetAttributeValues(Guid objectGuid, IEnumerable <KeyValuePair <string, object> > attributes)
{
if (this.connection == null)
{
throw new InvalidOperationException("AD connection has not been initialized");
}
ModifyRequest modifyRequest = new ModifyRequest();
modifyRequest.DistinguishedName = EhfADAdapter.CreateDNForObjectGuid(objectGuid);
foreach (KeyValuePair <string, object> keyValuePair in attributes)
{
DirectoryAttributeModification directoryAttributeModification = new DirectoryAttributeModification();
directoryAttributeModification.Operation = DirectoryAttributeOperation.Replace;
directoryAttributeModification.Name = keyValuePair.Key;
if (keyValuePair.Value != null)
{
string text = keyValuePair.Value as string;
if (text != null)
{
directoryAttributeModification.Add(text);
}
else
{
byte[] array = keyValuePair.Value as byte[];
if (array == null)
{
throw new ArgumentException("Value of the attribute should be of type String or Byte[]", "attributesAndValues");
}
directoryAttributeModification.Add(array);
}
}
modifyRequest.Modifications.Add(directoryAttributeModification);
}
this.connection.SendRequest(modifyRequest);
}
public override void UpdateModifyRequestForTarget(TenantRelocationSyncTranslator translator, DirectoryAttribute sourceValue, ref DirectoryAttributeModification mod)
{
object[] values = sourceValue.GetValues(typeof(T));
foreach (object obj in values)
{
Guid guid = this.GetGuid(obj);
if (guid.Equals(EmailAddressPolicy.PolicyGuid) || Guid.Empty.Equals(guid))
{
if (this.IsString)
{
mod.Add((string)obj);
}
else
{
mod.Add((byte[])obj);
}
}
else
{
DistinguishedNameMapItem distinguishedNameMapItem = translator.Mappings.LookupByCorrelationGuid(guid);
if (distinguishedNameMapItem == null)
{
this.AddValue(mod, guid);
}
else
{
this.AddValue(mod, distinguishedNameMapItem.TargetDN.ObjectGuid);
}
}
}
mod.Name = sourceValue.Name;
mod.Operation = DirectoryAttributeOperation.Replace;
}
private void AddValue(DirectoryAttributeModification mod, Guid v)
{
if (this.IsString)
{
mod.Add(v.ToString());
return;
}
mod.Add(v.ToByteArray());
}
protected void SetAttribute(DirectoryAttributeModificationCollection modifications, string name, string property, string value)
{
if (!Changes.ContainsKey(property))
{
return;
}
DirectoryAttributeModification m = new DirectoryAttributeModification();
m.Add(value);
m.Name = name;
switch (Changes[property])
{
case ChangeType.Add:
m.Operation = DirectoryAttributeOperation.Add;
break;
case ChangeType.Remove:
m.Operation = DirectoryAttributeOperation.Delete;
break;
case ChangeType.Modify:
m.Operation = DirectoryAttributeOperation.Replace;
break;
}
modifications.Add(m);
}
public void UpdateListAttribute(string key, string attributeName, string value, DirectoryAttributeOperation operation)
{
using (LdapConnection conn = GetConnection())
{
SearchResultEntry entry = Load(key, conn);
if (entry == null)
{
return;
}
DirectoryAttributeModification mod = new DirectoryAttributeModification();
mod.Name = attributeName;
mod.Operation = DirectoryAttributeOperation.Replace;
mod.AddRange(entry.Attributes[attributeName].GetValues(typeof(string)));
if (operation == DirectoryAttributeOperation.Add)
{
mod.Add(value);
}
else
{
for (int i = 0; i < mod.Count; i++)
{
if (mod[i].ToString().Equals(value, StringComparison.InvariantCultureIgnoreCase))
{
mod.RemoveAt(i);
break;
}
}
}
ModifyRequest mr = new ModifyRequest(key, mod);
conn.SendRequest(mr);
}
}
internal DirectoryResponse SetBacklinkAttribute(string linkedDN, string backLinkDN, string attributeName)
{
var linked = GetObjectByDn(linkedDN, attributeName);
IEnumerable <string> values = new List <string>();
if (linked.Properties.TryGetValue(attributeName, out var _values))
{
values = _values as IEnumerable <string>;
}
if (!values.Contains(backLinkDN))
{
var modifyMemebrOfRequest = new ModifyRequest();
modifyMemebrOfRequest.DistinguishedName = linkedDN;
var memberMod = new DirectoryAttributeModification();
memberMod.Name = attributeName;
memberMod.Operation = DirectoryAttributeOperation.Add;
memberMod.Add(backLinkDN);
modifyMemebrOfRequest.Modifications.Add(memberMod);
return(Connect().SendRequest(modifyMemebrOfRequest));
}
return(null);
}
public void ChangePassword(
string userDN,
string oldPassword,
string newPassword
)
{
DirectoryAttributeModification deleteMod =
new DirectoryAttributeModification();
deleteMod.Name = "unicodePwd";
deleteMod.Add(GetPasswordData(oldPassword));
deleteMod.Operation = DirectoryAttributeOperation.Delete;
DirectoryAttributeModification addMod =
new DirectoryAttributeModification();
addMod.Name = "unicodePwd";
addMod.Add(GetPasswordData(newPassword));
addMod.Operation = DirectoryAttributeOperation.Add;
ModifyRequest request = new ModifyRequest(
userDN,
deleteMod,
addMod
);
DirectoryResponse response = _connection.SendRequest(request);
}
public virtual void SetAttributeValues(Guid objectGuid, IEnumerable <KeyValuePair <string, List <byte[]> > > attributes)
{
if (this.connection == null)
{
throw new InvalidOperationException("AD connection has not been initialized");
}
ModifyRequest modifyRequest = new ModifyRequest();
modifyRequest.DistinguishedName = EhfADAdapter.CreateDNForObjectGuid(objectGuid);
foreach (KeyValuePair <string, List <byte[]> > keyValuePair in attributes)
{
DirectoryAttributeModification directoryAttributeModification = new DirectoryAttributeModification();
directoryAttributeModification.Operation = DirectoryAttributeOperation.Replace;
directoryAttributeModification.Name = keyValuePair.Key;
if (keyValuePair.Value != null && keyValuePair.Value.Count > 0)
{
foreach (byte[] value in keyValuePair.Value)
{
directoryAttributeModification.Add(value);
}
}
modifyRequest.Modifications.Add(directoryAttributeModification);
}
this.connection.SendRequest(modifyRequest);
}
public static void AddModificationIfDataChanged <T>(
this ICollection <DirectoryAttributeModification> modifications,
string attributeName,
T updatedEntity,
T oldEntity,
Func <T, string> getValueFunc = null)
where T : class
{
var updatedValue = GetValueAsNullIfEmpty(updatedEntity, getValueFunc);
var oldValue = GetValueAsNullIfEmpty(oldEntity, getValueFunc);
if (updatedValue == oldValue)
{
return;
}
var hasOldValue = !string.IsNullOrEmpty(oldValue);
var hasUpdatedValue = !string.IsNullOrEmpty(updatedValue);
var modification = new DirectoryAttributeModification {
Name = attributeName
};
if (hasUpdatedValue)
{
modification.Operation = DirectoryAttributeOperation.Replace;
modification.Add(updatedValue);
}
else if (hasOldValue)
{
modification.Operation = DirectoryAttributeOperation.Delete;
}
modifications.Add(modification);
}
private void SetPassword(string username, string newPassword)
{
var distinguishedName = string.Format(@"CN={0},{1}", username, _config.DistinguishedName);
Logger.Info("Setting password for user: \"{0}\"", username);
Logger.Info("Distinguished name: \"{0}\"", distinguishedName);
// the 'unicodePWD' attribute is used to handle pwd handling requests
const string attribute = "unicodePwd";
if (!String.IsNullOrEmpty(newPassword))
{
// do we have a pwd to set -> set pwd
var directoryAttributeModificationReplace = new DirectoryAttributeModification
{
Name = attribute,
Operation = DirectoryAttributeOperation.Replace
};
directoryAttributeModificationReplace.Add(BuildBytePwd(newPassword));
var damList = new[] { directoryAttributeModificationReplace };
var modifyRequest = new ModifyRequest(distinguishedName, damList);
// Should we utilize pwd history on the pwd reset?
var value = BerConverter.Encode("{i}", new object[] { 0x1 });
var pwdHistory = new DirectoryControl(LdapServerPolicyHintsOid, value, false, true);
modifyRequest.Controls.Add(pwdHistory);
var response = _connection.SendRequest(modifyRequest);
// TODO: handle bad response.
}
}
private DirectoryAttributeModification CreateMod(AttributeInfo attribute, object value, DirectoryAttributeOperation operation)
{
var attributeMod = new DirectoryAttributeModification();
attributeMod.Name = attribute.Name;
attributeMod.Operation = operation;
if (value == null)
{
return(attributeMod);
}
value = new AttributeValueConverter().TryConvert(attribute, value); //NormalizeAttributeValue(attributeName, value);
var isEnumerable = !(value is byte[]) && value.GetType().IsEnumerableType();
if (isEnumerable)
{
var en = value as IEnumerable;
foreach (var o in en)
{
if (o is string strValue1)
{
attributeMod.Add(strValue1);
}
else if (o is byte[] strByte1)
{
attributeMod.Add(strByte1);
}
}
}
else
{
if (value is string strValue)
{
attributeMod.Add(strValue);
}
else if (value is byte[] strByte)
{
attributeMod.Add(strByte);
}
}
return(attributeMod);
}
/// <summary>
/// Sets the value of the attribute.
/// </summary>
/// <param name="attribute">The name of the attribute.</param>
/// <param name="value">The value.</param>
/// <param name="format">The format of the <paramref name="value"/>.</param>
public IDirectoryAttributes Set(string attribute, DateTime value, string format = ExtensionMethods.LdapFormat)
{
var modification = new DirectoryAttributeModification {
Name = attribute, Operation = DirectoryAttributeOperation.Replace
};
modification.Add(format == null ? value.ToFileTime().ToString() : value.FormatLdapDateTime(format));
return(AddModification(modification));
}
/// <summary>
/// Sets the value of the attribute.
/// </summary>
/// <param name="attribute">The name of the attribute.</param>
/// <param name="value">The value.</param>
public IDirectoryAttributes Set(string attribute, bool value)
{
var modification = new DirectoryAttributeModification {
Name = attribute, Operation = DirectoryAttributeOperation.Replace
};
modification.Add(value ? "TRUE" : "FALSE");
return(AddModification(modification));
}
public override DirectoryAttributeModification GetDirectoryAttributeModification(object instance)
{
var modification = new DirectoryAttributeModification
{
Name = AttributeName,
Operation = DirectoryAttributeOperation.Replace
};
#if NET35
if (_isX5092)
{
var value = (IEnumerable <X509Certificate2>)GetValueForDirectory(instance);
if (value != null)
{
foreach (var b in value)
{
modification.Add(b.GetRawCertData());
}
}
}
else
{
var value = (IEnumerable <X509Certificate>)GetValueForDirectory(instance);
if (value != null)
{
foreach (var b in value)
{
modification.Add(b.GetRawCertData());
}
}
}
#else
var value = (IEnumerable <X509Certificate>)GetValueForDirectory(instance);
if (value != null)
{
foreach (var b in value)
{
modification.Add(b.GetRawCertData());
}
}
#endif
return(modification);
}
public bool SetUserAttribute(string uname, string attribute, string value)
{
string userDN = this.GetUserDN(uname);
try
{
DirectoryAttributeModification mod = new DirectoryAttributeModification
{
Name = attribute,
Operation = DirectoryAttributeOperation.Replace
};
mod.Add(value);
ModifyRequest req = new ModifyRequest(userDN);
req.Modifications.Add(mod);
m_conn.SendRequest(req);
}
catch (Exception e)
{
m_logger.FatalFormat("can't add attribute:{0} because of error:{1}", attribute, e.Message);
return(false);
}
if (attribute.ToLower().Equals("sambapwdlastset"))
{
Dictionary <string, List <string> > SearchResult = GetUserAttribValue(userDN, "(objectClass=*)", SearchScope.Subtree, new string[] { "shadowMax", "sambaPwdMustChange" });
if (SearchResult.ContainsKey("shadowmax") && SearchResult.ContainsKey("sambapwdmustchange"))
{
int shadowMax = 0;
try
{
shadowMax = Convert.ToInt32(SearchResult["shadowmax"].First());
}
catch (Exception e)
{
m_logger.FatalFormat("SetUserAttribute: Unable to convert return from GetUserAttribValue to int {0}", e.Message);
return(false);
}
if (shadowMax > 0)
{
TimeMethod time = TimeMethod.methods[Methods.Timestamps];
string t = time.time(new TimeSpan(shadowMax, 0, 0, 0));
if (!t.Equals("0"))
{
if (!SetUserAttribute(uname, "sambaPwdMustChange", t))
{
return(false);
}
}
}
}
}
return(true);
}
public override DirectoryAttributeModification GetDirectoryAttributeModification(object instance)
{
var modification = new DirectoryAttributeModification
{
Name = AttributeName,
Operation = DirectoryAttributeOperation.Replace
};
var value = GetValueForDirectory(instance);
if (value != null)
{
if (value is byte[])
{
modification.Add(value as byte[]);
}
else if (value is string)
{
modification.Add(value as string);
}
else if (value is IEnumerable <byte[]> )
{
foreach (var o in value as IEnumerable <byte[]> )
{
modification.Add(o);
}
}
else if (value is IEnumerable <string> )
{
foreach (var o in value as IEnumerable <string> )
{
modification.Add(o);
}
}
else
{
throw new MappingException(string.Format("Unsupported value '{0}' for property '{1}' on '{2}'", value, PropertyName, typeof(T).FullName));
}
}
return(modification);
}
public static ModifyRequest GetModifyPasswordRequest(ILdapUser user, string newPassword)
{
var modifyUserPassword = new DirectoryAttributeModification
{
Operation = DirectoryAttributeOperation.Replace,
Name = "userPassword"
};
modifyUserPassword.Add(newPassword);
return(new ModifyRequest(user.GetUserDn(), modifyUserPassword));
}
private bool HandleSupportedSharedConfigurationsProperty(TenantRelocationSyncObject obj, ModifyRequest modRequest, UpdateData mData, TenantRelocationSyncData syncData, ITopologyConfigurationSession targetPartitionSession)
{
if (!TenantRelocationConfigImpl.GetConfig <bool>("TranslateSupportedSharedConfigurations"))
{
return(false);
}
DirectoryAttributeModification directoryAttributeModification = null;
MultiValuedProperty <ADObjectId> multiValuedProperty = (MultiValuedProperty <ADObjectId>)obj[OrganizationSchema.SupportedSharedConfigurations];
MultiValuedProperty <ADObjectId> multiValuedProperty2;
if (multiValuedProperty != null && multiValuedProperty.Count > 0)
{
OrganizationId organizationId = syncData.Source.OrganizationId;
Exception ex;
OrganizationId organizationId2 = SharedConfiguration.FindMostRecentSharedConfigurationInPartition(organizationId, syncData.Target.PartitionId, out ex);
if (ex != null)
{
throw ex;
}
directoryAttributeModification = this.GetDirectoryAttributeModification(DirectoryAttributeOperation.Add);
directoryAttributeModification.Add(organizationId2.ConfigurationUnit.DistinguishedName);
modRequest.Modifications.Add(directoryAttributeModification);
}
else if (this.TryGetSupportedSharedConfigurations(targetPartitionSession, modRequest.DistinguishedName, syncData, out multiValuedProperty2) && multiValuedProperty2 != null && multiValuedProperty2.Count > 0)
{
directoryAttributeModification = this.GetDirectoryAttributeModification(DirectoryAttributeOperation.Delete);
foreach (ADObjectId adobjectId in multiValuedProperty2)
{
directoryAttributeModification.Add(adobjectId.DistinguishedName);
}
modRequest.Modifications.Add(directoryAttributeModification);
}
if (directoryAttributeModification != null)
{
ExTraceGlobals.TenantRelocationTracer.TraceDebug <string, DirectoryAttributeOperation>((long)this.GetHashCode(), "GenerateModifyRequestLinkMetaDataHandler: add item: attribute {0}, op:{1}", directoryAttributeModification.Name, directoryAttributeModification.Operation);
return(true);
}
return(false);
}
public override void SetLease(LeaseToken newLeaseToken)
{
string stringForm = newLeaseToken.StringForm;
ModifyRequest modifyRequest = new ModifyRequest();
modifyRequest.DistinguishedName = this.serverDistinguishedName;
DirectoryAttributeModification directoryAttributeModification = new DirectoryAttributeModification();
directoryAttributeModification.Operation = DirectoryAttributeOperation.Replace;
directoryAttributeModification.Name = "msExchEdgeSyncLease";
directoryAttributeModification.Add(stringForm);
modifyRequest.Modifications.Add(directoryAttributeModification);
this.SendRequest(modifyRequest);
}
public void WriteSourceGuid(string absolutePath, byte[] guidValue)
{
DirectoryAttributeModification directoryAttributeModification = new DirectoryAttributeModification();
directoryAttributeModification.Name = "msExchEdgeSyncSourceGuid";
directoryAttributeModification.Operation = DirectoryAttributeOperation.Replace;
directoryAttributeModification.Add(guidValue);
ModifyRequest request = new ModifyRequest(absolutePath, new DirectoryAttributeModification[]
{
directoryAttributeModification
});
this.SendRequest(request);
}
public override DirectoryAttributeModification GetDirectoryAttributeModification(object instance)
{
var modification = new DirectoryAttributeModification
{
Name = AttributeName,
Operation = DirectoryAttributeOperation.Replace
};
var value = (byte[])GetValueForDirectory(instance);
if (value != null)
{
modification.Add(value);
}
return(modification);
}
public override DirectoryAttributeModification GetDirectoryAttributeModification(object instance)
{
var modification = new DirectoryAttributeModification
{
Name = AttributeName,
Operation = DirectoryAttributeOperation.Replace
};
var value = (string)GetValueForDirectory(instance);
if (!string.IsNullOrEmpty(value))
{
modification.Add(value);
}
return(modification);
}
public void ModifyPasswordRequest()
{
ModifyRequest req = LdapRequestBuilder.GetModifyPasswordRequest(_testUser, "new pwd");
Assert.AreEqual(UserDn, req.DistinguishedName);
var attributeModification = new DirectoryAttributeModification
{
Operation = DirectoryAttributeOperation.Replace,
Name = "userPassword",
};
attributeModification.Add("new pwd");
CollectionAssert.AreEqual(req.Modifications[0], attributeModification);
}
public void SetUserAttribute(string uname, string attribute, string value)
{
string userDN = this.GetUserDN(uname);
DirectoryAttributeModification mod = new DirectoryAttributeModification
{
Name = attribute,
Operation = DirectoryAttributeOperation.Replace
};
mod.Add(value);
ModifyRequest req = new ModifyRequest(userDN);
req.Modifications.Add(mod);
m_conn.SendRequest(req);
}
public void ModifyRequest()
{
ModifyRequest req = LdapRequestBuilder.GetModifyRequest(_testUser, DirectoryAttributeOperation.Replace,
"description",
"Test Description 2");
Assert.AreEqual(UserDn, req.DistinguishedName);
var attributeModification = new DirectoryAttributeModification
{
Operation = DirectoryAttributeOperation.Replace,
Name = "description",
};
attributeModification.Add("Test Description 2");
CollectionAssert.AreEqual(req.Modifications[0], attributeModification);
}
public void WriteSecurityDescriptorDacl(string absolutePath, ActiveDirectorySecurity acl)
{
DirectoryAttributeModification directoryAttributeModification = new DirectoryAttributeModification();
directoryAttributeModification.Name = "nTSecurityDescriptor";
directoryAttributeModification.Operation = DirectoryAttributeOperation.Replace;
directoryAttributeModification.Add(acl.GetSecurityDescriptorBinaryForm());
this.SendRequest(new ModifyRequest(absolutePath, new DirectoryAttributeModification[]
{
directoryAttributeModification
})
{
Controls =
{
new SecurityDescriptorFlagControl(System.DirectoryServices.Protocols.SecurityMasks.Dacl)
}
});
}
public void AppendAttrValue(string attrName, string value)
{
CheckForDeletion();
string propName = attrName.ToLowerInvariant();
DirectoryAttributeModification dam;
if (_changes.ContainsKey(propName))
{
dam = _changes[propName];
if (this.ConflictMode == ConflictModes.Error && dam.Operation != DirectoryAttributeOperation.Add)
{
throw new IncompatibleMutationException(
String.Format("Can't process a request to {0} and append on attr {1} - indeterminate results",
dam.Operation, propName));
}
else
{
logger.Info("Request on attr {0} is {1}, but appending value {2} anyway",
propName, dam.Operation, value);
if (dam.Contains(""))
{
logger.Info("Removing empty-replacement value on {0}", propName);
dam.Remove("");
}
if (!dam.Contains(value))
{
dam.Add(value);
}
}
}
else
{
dam = new DirectoryAttributeModification();
dam.Name = propName;
dam.Operation = DirectoryAttributeOperation.Add;
dam.Add(value);
_changes[propName] = dam;
}
}
public override DirectoryAttributeModification GetDirectoryAttributeModification(object instance)
{
var modification = new DirectoryAttributeModification
{
Name = AttributeName,
Operation = DirectoryAttributeOperation.Replace
};
var value = (IEnumerable <X509Certificate>)GetValueForDirectory(instance);
if (value != null)
{
foreach (var c in value)
{
modification.Add(c.GetRawCertData());
}
}
return(modification);
}
public override DirectoryAttributeModification GetDirectoryAttributeModification(object instance)
{
var modification = new DirectoryAttributeModification
{
Name = AttributeName,
Operation = DirectoryAttributeOperation.Replace
};
var value = (IEnumerable <byte[]>)GetValueForDirectory(instance);
if (value != null)
{
foreach (var b in value)
{
modification.Add(b);
}
}
return(modification);
}