private bool ShowDialog(IViewAware owner, DsopScopeInitInfo scope, string targetServer, out List <SecurityIdentifier> sids)
{
sids = null;
var results = NativeMethods.ShowObjectPickerDialog(owner.GetHandle(), targetServer, DsopDialogInitializationOptions.DSOP_FLAG_MULTISELECT, scope, "objectClass", "objectSid");
if (results == null)
{
return(false);
}
sids = new List <SecurityIdentifier>();
foreach (var result in results)
{
byte[] sidraw = result?.Attributes["objectSid"] as byte[];
if (sidraw != null)
{
sids.Add(new SecurityIdentifier(sidraw, 0));
}
}
return(true);
}
public bool GetUsers(IViewAware owner, string targetServer, out List <SecurityIdentifier> sid)
{
DsopScopeInitInfo scope = new DsopScopeInitInfo
{
Filter = new DsFilterFlags
{
UpLevel =
{
BothModeFilter = DsopObjectFilterFlags.DSOP_FILTER_USERS
}
},
ScopeType = DsopScopeTypeFlags.DSOP_SCOPE_TYPE_ENTERPRISE_DOMAIN | DsopScopeTypeFlags.DSOP_SCOPE_TYPE_USER_ENTERED_UPLEVEL_SCOPE | DsopScopeTypeFlags.DSOP_SCOPE_TYPE_EXTERNAL_UPLEVEL_DOMAIN,
InitInfo = DsopScopeInitInfoFlags.DSOP_SCOPE_FLAG_DEFAULT_FILTER_USERS | DsopScopeInitInfoFlags.DSOP_SCOPE_FLAG_STARTING_SCOPE
};
return(this.ShowDialog(owner, scope, targetServer, out sid));
}
private bool ShowDialog(IViewAware owner, DsopScopeInitInfo scope, string targetServer, out SecurityIdentifier sid)
{
sid = null;
DsopResult result = NativeMethods.ShowObjectPickerDialog(owner.GetHandle(), targetServer, DsopDialogInitializationOptions.DSOP_NONE, scope, "objectClass", "objectSid").FirstOrDefault();
byte[] sidraw = result?.Attributes["objectSid"] as byte[];
if (sidraw == null)
{
return(false);
}
sid = new SecurityIdentifier(sidraw, 0);
return(true);
}
public bool GetUserOrGroups(IViewAware owner, string targetServer, out List <SecurityIdentifier> sids)
{
DsopScopeInitInfo scope = new DsopScopeInitInfo
{
Filter = new DsFilterFlags
{
UpLevel =
{
BothModeFilter = DsopObjectFilterFlags.DSOP_FILTER_DOMAIN_LOCAL_GROUPS_SE | DsopObjectFilterFlags.DSOP_FILTER_GLOBAL_GROUPS_SE | DsopObjectFilterFlags.DSOP_FILTER_UNIVERSAL_GROUPS_SE | DsopObjectFilterFlags.DSOP_FILTER_USERS | DsopObjectFilterFlags.DSOP_FILTER_WELL_KNOWN_PRINCIPALS | DsopObjectFilterFlags.DSOP_FILTER_SERVICE_ACCOUNTS | DsopObjectFilterFlags.DSOP_FILTER_BUILTIN_GROUPS
}
},
ScopeType = DsopScopeTypeFlags.DSOP_SCOPE_TYPE_ENTERPRISE_DOMAIN | DsopScopeTypeFlags.DSOP_SCOPE_TYPE_USER_ENTERED_UPLEVEL_SCOPE | DsopScopeTypeFlags.DSOP_SCOPE_TYPE_EXTERNAL_UPLEVEL_DOMAIN,
InitInfo = DsopScopeInitInfoFlags.DSOP_SCOPE_FLAG_DEFAULT_FILTER_GROUPS | DsopScopeInitInfoFlags.DSOP_SCOPE_FLAG_DEFAULT_FILTER_USERS | DsopScopeInitInfoFlags.DSOP_SCOPE_FLAG_STARTING_SCOPE,
};
return(this.ShowDialog(owner, scope, targetServer, out sids));
}
public async Task AddAllowedPrincipal()
{
try
{
ExternalDialogWindow w = new ExternalDialogWindow();
w.Title = "Select forest";
var vm = new SelectForestViewModel();
w.DataContext = vm;
w.SaveButtonName = "Next...";
w.SaveButtonIsDefault = true;
vm.AvailableForests = new List <string>();
var domain = Domain.GetCurrentDomain();
vm.AvailableForests.Add(domain.Forest.Name);
vm.SelectedForest = domain.Forest.Name;
foreach (var trust in domain.Forest.GetAllTrustRelationships().OfType <TrustRelationshipInformation>())
{
if (trust.TrustDirection == TrustDirection.Inbound || trust.TrustDirection == TrustDirection.Bidirectional)
{
vm.AvailableForests.Add(trust.TargetName);
}
}
w.Owner = this.GetWindow();
if (!w.ShowDialog() ?? false)
{
return;
}
DsopScopeInitInfo scope = new DsopScopeInitInfo();
scope.Filter = new DsFilterFlags();
scope.Filter.UpLevel.BothModeFilter = DsopObjectFilterFlags.DSOP_FILTER_DOMAIN_LOCAL_GROUPS_SE | DsopObjectFilterFlags.DSOP_FILTER_GLOBAL_GROUPS_SE | DsopObjectFilterFlags.DSOP_FILTER_UNIVERSAL_GROUPS_SE | DsopObjectFilterFlags.DSOP_FILTER_USERS | DsopObjectFilterFlags.DSOP_FILTER_WELL_KNOWN_PRINCIPALS;
scope.ScopeType = DsopScopeTypeFlags.DSOP_SCOPE_TYPE_ENTERPRISE_DOMAIN | DsopScopeTypeFlags.DSOP_SCOPE_TYPE_USER_ENTERED_UPLEVEL_SCOPE | DsopScopeTypeFlags.DSOP_SCOPE_TYPE_EXTERNAL_UPLEVEL_DOMAIN;
scope.InitInfo = DsopScopeInitInfoFlags.DSOP_SCOPE_FLAG_DEFAULT_FILTER_GROUPS | DsopScopeInitInfoFlags.DSOP_SCOPE_FLAG_STARTING_SCOPE;
string target = vm.SelectedForest == domain.Forest.Name ? null : vm.SelectedForest;
var result = NativeMethods.ShowObjectPickerDialog(this.GetHandle(), target, scope, "objectClass", "objectSid").FirstOrDefault();
if (result != null)
{
byte[] sidraw = result.Attributes["objectSid"] as byte[];
if (sidraw == null)
{
return;
}
SecurityIdentifierViewModel sidvm = new SecurityIdentifierViewModel();
var sid = new SecurityIdentifier(sidraw, 0);
sidvm.Sid = sid.ToString();
if (this.model.AllowedPrincipals.Any(t => string.Equals(t, sidvm.Sid, StringComparison.OrdinalIgnoreCase)))
{
return;
}
sidvm.DisplayName = this.GetSidDisplayName(sid);
this.model.AllowedPrincipals.Add(sidvm.Sid);
this.AllowedPrincipals.Add(sidvm);
}
}
catch (Exception ex)
{
this.logger.LogError(EventIDs.UIGenericError, ex, "Select group error");
await this.dialogCoordinator.ShowMessageAsync(this, "Error", $"An error occurred when processing the request\r\n{ex.Message}");
}
}
