private void btnAddWindowsUsersAndGroups_Click(object sender, EventArgs e)
{
try
{
ADObject[] res = ((List <ADObject>) this.Session["selectedADObjects"]).ToArray();
this.Session["selectedADObjects"] = null;
if (res != null)
{
List <DataRow> rowsAdded = new List <DataRow>();
foreach (ADObject o in res)
{
WhereDefined wd = WhereDefined.LDAP;
if (!o.ADSPath.StartsWith("LDAP"))
{
wd = WhereDefined.Local;
}
string displayName = String.Empty;
bool isAGroup = false;
bool isLocal = false;
GenericMember gm = null;
DirectoryServicesWebUtils.GetMemberInfo(o.Sid, out displayName, out isAGroup, out isLocal);
gm = new GenericMember(new SqlAzManSID(o.Sid), wd, AuthorizationType.Neutral, null, null);
gm.Name = displayName;
rowsAdded.Add(this.AddLDapDataRow(gm, isAGroup));
this.modified = true;
}
}
this.saveSessionVariables();
this.bindGridView();
}
catch (Exception ex)
{
this.ShowError(ex.Message);
}
}
protected void Page_Load(object sender, EventArgs e)
{
string ldapQuery = HttpUtility.HtmlDecode(this.Request["LDAPQuery"]);
try
{
try
{
this.searchResultCollection = DirectoryServicesWebUtils.ExecuteLDAPQuery(ldapQuery);
}
catch (System.Runtime.InteropServices.COMException cex)
{
//http://brennan.offwhite.net/blog/2005/07/22/firefox-authentication-with-ntlm/
this.ShowError("NTLM Authentication failed.\r\nIf you are using a browser like FireFox type 'about:config' in the url and add to the 'network.negotiate-auth.trusted-uris' the <IIS-Server-Name>.\r\nFinally Close and re-open your browser.\r\n\r\nError:\r\n" + cex.Message);
}
this.Text = String.Format("LDap Query Result: {0}", Utility.QuoteJScriptString(ldapQuery, false));
this.Title = this.Text;
this.Description = this.Text;
string nowaitpanel = this.Request["nowaitpanel"];
if (String.IsNullOrEmpty(nowaitpanel))
{
if (!Page.IsPostBack)
{
this.showWaitPanelNow(this.pnlWait, this.LDAPQueryResultPanel);
this.RegisterEndClientScript("window.location='" + this.Request.RawUrl + "&nowaitpanel=true'");
}
}
else if (nowaitpanel == "true")
{
this.LDAPQueryResultPanel.Visible = true;
this.pnlWait.Visible = false;
if (!Page.IsPostBack)
{
this.RefreshActiveDirectoryObjectsList();
}
}
}
catch (Exception ex)
{
this.ShowError(ex.Message);
}
}
protected void Page_Init(object sender, EventArgs e)
{
this.setImage("NetSqlAzMan_32x32.gif");
this.setOkHandler(new EventHandler(this.btnOk_Click));
this.currentOwnerSid = new SqlAzManSID(this.Request.LogonUserIdentity.User);
try
{
string memberName;
bool isLocal;
DirectoryServicesWebUtils.GetMemberInfo(this.currentOwnerSid.StringValue, out memberName, out isLocal);
if (!isLocal)
{
this.currentOwnerSidWhereDefined = WhereDefined.LDAP;
}
else
{
this.currentOwnerSidWhereDefined = WhereDefined.Local;
}
}
catch
{
this.currentOwnerSidWhereDefined = WhereDefined.LDAP;
}
}
private void ImportFromAzMan(string azManStorePath, string netSqlAzManStoreName)
{
Microsoft.Interop.Security.AzRoles.AzAuthorizationStore azstore = null;
string tempFileName = Path.Combine(Environment.GetEnvironmentVariable("temp", EnvironmentVariableTarget.Machine), String.Format("AzMan{0}.xml", Guid.NewGuid()));
try
{
this.storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
string storeDescription = String.Format("Store imported from AzMan Store:" + " ({0}) - {1}", azManStorePath, DateTime.Now.ToString());
IAzManStore store = this.storage.CreateStore(netSqlAzManStoreName, storeDescription);
azstore = new AzAuthorizationStoreClass();
if (this.rbtStoreFile.Checked)
{
this.FileUpload1.SaveAs(tempFileName);
azManStorePath = String.Format("msxml://{0}", tempFileName);
}
azstore.Initialize(2, azManStorePath, null);
#region Store Groups
//Store Groups
foreach (IAzApplicationGroup azStoreGroup in azstore.ApplicationGroups)
{
//Store Groups Definition
if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
{
//Basic
store.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), azStoreGroup.Name, azStoreGroup.Description, String.Empty, GroupType.Basic);
}
else if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_LDAP_QUERY)
{
//LDap
store.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), azStoreGroup.Name, azStoreGroup.Description, azStoreGroup.LdapQuery, GroupType.LDapQuery);
}
}
//Store Groups Members
foreach (IAzApplicationGroup azStoreGroup in azstore.ApplicationGroups)
{
if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
{
//Basic
IAzManStoreGroup storeGroup = store.GetStoreGroup(azStoreGroup.Name);
//Store Group Members - Members Store Group
object[] azStoreGroupMembers = azStoreGroup.AppMembers as object[];
if (azStoreGroupMembers != null)
{
foreach (string azStoreGroupMember in azStoreGroupMembers)
{
IAzManStoreGroup member = store.GetStoreGroup(azStoreGroupMember);
storeGroup.CreateStoreGroupMember(member.SID, WhereDefined.Store, true);
}
}
//Store Group Non-Members - Non-Members Store Group
object[] azStoreGroupNonMembers = azStoreGroup.AppNonMembers as object[];
if (azStoreGroupNonMembers != null)
{
foreach (string azStoreGroupNonMember in azStoreGroupNonMembers)
{
IAzManStoreGroup nonMember = store.GetStoreGroup(azStoreGroupNonMember);
storeGroup.CreateStoreGroupMember(nonMember.SID, WhereDefined.Store, false);
}
}
//Store Group Members - Windows NT Account
object[] azStoreGroupWindowsMembers = azStoreGroup.Members as object[];
if (azStoreGroupWindowsMembers != null)
{
foreach (string azStoreWindowsMember in azStoreGroupWindowsMembers)
{
IAzManSid sid = new SqlAzManSID(azStoreWindowsMember);
string memberName;
bool isLocal;
DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
storeGroup.CreateStoreGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, true);
}
}
//Store Group NonMembers - Windows NT Account
object[] azStoreGroupWindowsNonMembers = azStoreGroup.NonMembers as object[];
if (azStoreGroupWindowsNonMembers != null)
{
foreach (string azStoreWindowsNonMember in azStoreGroupWindowsNonMembers)
{
IAzManSid sid = new SqlAzManSID(azStoreWindowsNonMember);
string memberName;
bool isLocal;
DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
storeGroup.CreateStoreGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, false);
}
}
}
}
#endregion Store Groups
#region Applications
//Applications
foreach (IAzApplication azApplication in azstore.Applications)
{
IAzManApplication application = store.CreateApplication(azApplication.Name, azApplication.Description);
#region Application Groups
//Store Groups
foreach (IAzApplicationGroup azApplicationGroup in azApplication.ApplicationGroups)
{
//Application Groups Definition
if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
{
//Basic
application.CreateApplicationGroup(SqlAzManSID.NewSqlAzManSid(), azApplicationGroup.Name, azApplicationGroup.Description, String.Empty, GroupType.Basic);
}
else if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_LDAP_QUERY)
{
//LDap
application.CreateApplicationGroup(SqlAzManSID.NewSqlAzManSid(), azApplicationGroup.Name, azApplicationGroup.Description, azApplicationGroup.LdapQuery, GroupType.LDapQuery);
}
}
//Application Groups Members
foreach (IAzApplicationGroup azApplicationGroup in azApplication.ApplicationGroups)
{
if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
{
//Basic
IAzManApplicationGroup applicationGroup = application.GetApplicationGroup(azApplicationGroup.Name);
//Application Group Members - Members Group
object[] azStoreGroupMembers = azApplicationGroup.AppMembers as object[];
if (azStoreGroupMembers != null)
{
foreach (string azGroupMember in azStoreGroupMembers)
{
IAzManStoreGroup storemember;
try
{
storemember = store.GetStoreGroup(azGroupMember);
}
catch (SqlAzManException)
{
storemember = null;
}
IAzManApplicationGroup appmember;
try
{
appmember = application.GetApplicationGroup(azGroupMember);
}
catch (SqlAzManException)
{
appmember = null;
}
if (storemember != null)
{
applicationGroup.CreateApplicationGroupMember(storemember.SID, WhereDefined.Store, true);
}
else
{
applicationGroup.CreateApplicationGroupMember(appmember.SID, WhereDefined.Application, true);
}
}
}
//Application Group Non-Members - Non-Members Group
object[] azStoreGroupNonMembers = azApplicationGroup.AppNonMembers as object[];
if (azStoreGroupNonMembers != null)
{
foreach (string azGroupNonMember in azStoreGroupNonMembers)
{
IAzManStoreGroup storenonMember;
try
{
storenonMember = store.GetStoreGroup(azGroupNonMember);
}
catch (SqlAzManException)
{
storenonMember = null;
}
IAzManApplicationGroup appnonMember;
try
{
appnonMember = application.GetApplicationGroup(azGroupNonMember);
}
catch (SqlAzManException)
{
appnonMember = null;
}
if (storenonMember != null)
{
applicationGroup.CreateApplicationGroupMember(storenonMember.SID, WhereDefined.Store, false);
}
else
{
applicationGroup.CreateApplicationGroupMember(appnonMember.SID, WhereDefined.Application, false);
}
}
}
//Application Group Members - Windows NT Account
object[] azApplicationGroupWindowsMembers = azApplicationGroup.Members as object[];
if (azApplicationGroupWindowsMembers != null)
{
foreach (string azApplicationWindowsMember in azApplicationGroupWindowsMembers)
{
IAzManSid sid = new SqlAzManSID(azApplicationWindowsMember);
string memberName;
bool isLocal;
DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
applicationGroup.CreateApplicationGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, true);
}
}
//Application Group NonMembers - Windows NT Account
object[] azApplicationGroupWindowsNonMembers = azApplicationGroup.NonMembers as object[];
if (azApplicationGroupWindowsNonMembers != null)
{
foreach (string azApplicationWindowsNonMember in azApplicationGroupWindowsNonMembers)
{
IAzManSid sid = new SqlAzManSID(azApplicationWindowsNonMember);
string memberName;
bool isLocal;
DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
applicationGroup.CreateApplicationGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, false);
}
}
}
}
#endregion Application Groups
//Without Scopes
IAzTasks tasks = azApplication.Tasks as IAzTasks;
if (tasks != null)
{
foreach (IAzTask azTask in tasks)
{
if (azTask.IsRoleDefinition == 1)
{
IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Role);
}
else
{
IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Task);
}
}
}
IAzOperations operations = azApplication.Operations as IAzOperations;
if (operations != null)
{
foreach (IAzOperation azOperation in operations)
{
application.CreateItem(azOperation.Name, azOperation.Description, ItemType.Operation);
}
}
//Build Item Hierarchy
if (tasks != null)
{
foreach (IAzTask azTask in tasks)
{
this.SetHirearchy(null, azApplication, azTask.Name, application);
}
}
//Scopes
foreach (IAzScope azScope in azApplication.Scopes)
{
azApplication.OpenScope(azScope.Name, null);
IAzTasks tasksOfScope = azScope.Tasks as IAzTasks;
if (tasksOfScope != null)
{
foreach (IAzTask azTask in tasksOfScope)
{
if (azTask.IsRoleDefinition == 1)
{
IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Role);
}
else
{
IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Task);
}
}
}
//Build Item Hierarchy
if (tasksOfScope != null)
{
foreach (IAzTask azTask in tasksOfScope)
{
this.SetHirearchy(azScope, azApplication, azTask.Name, application);
}
}
}
//Authorizations on Roles without Scopes
AuthorizationType defaultAuthorization = AuthorizationType.AllowWithDelegation;
IAzRoles azRoles = azApplication.Roles;
foreach (IAzRole azRole in azRoles)
{
IAzManItem item;
try
{
item = application.GetItem(azRole.Name);
}
catch (SqlAzManException)
{
item = null;
}
if (item == null)
{
item = application.CreateItem(azRole.Name, azRole.Description, ItemType.Role);
}
//Store & Application Groups Authorizations
foreach (string member in (object[])azRole.AppMembers)
{
IAzManStoreGroup storeGroup;
try
{
storeGroup = application.Store.GetStoreGroup(member);
}
catch (SqlAzManException)
{
storeGroup = null;
}
IAzManApplicationGroup applicationGroup;
try
{
applicationGroup = application.GetApplicationGroup(member);
}
catch (SqlAzManException)
{
applicationGroup = null;
}
if (storeGroup != null)
{
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, storeGroup.SID, WhereDefined.Store, defaultAuthorization, null, null);
}
else if (applicationGroup != null)
{
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, applicationGroup.SID, WhereDefined.Application, defaultAuthorization, null, null);
}
}
//Windows Users & Groups Authorizations
foreach (string sSid in (object[])azRole.Members)
{
IAzManSid sid = new SqlAzManSID(sSid);
string memberName;
bool isLocal;
DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, defaultAuthorization, null, null);
}
}
//Authorizations on Roles with Scopes
foreach (IAzScope azScope in azApplication.Scopes)
{
IAzRoles azRolesWithScopes = azScope.Roles;
foreach (IAzRole azRole in azRolesWithScopes)
{
IAzManItem item;
try
{
item = application.GetItem(azRole.Name);
}
catch (SqlAzManException)
{
item = null;
}
if (item == null)
{
item = application.CreateItem(azRole.Name, azRole.Description, ItemType.Role);
}
//Store & Application Groups Authorizations
foreach (string member in (object[])azRole.AppMembers)
{
IAzManStoreGroup storeGroup;
try
{
storeGroup = application.Store.GetStoreGroup(member);
}
catch (SqlAzManException)
{
storeGroup = null;
}
IAzManApplicationGroup applicationGroup;
try
{
applicationGroup = application.GetApplicationGroup(member);
}
catch (SqlAzManException)
{
applicationGroup = null;
}
if (storeGroup != null)
{
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, storeGroup.SID, WhereDefined.Store, defaultAuthorization, null, null);
}
else if (applicationGroup != null)
{
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, applicationGroup.SID, WhereDefined.Application, defaultAuthorization, null, null);
}
}
//Windows Users & Groups Authorizations
foreach (string sSid in (object[])azRole.Members)
{
IAzManSid sid = new SqlAzManSID(sSid);
string memberName;
bool isLocal;
DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, defaultAuthorization, null, null);
}
}
}
//try
//{
// azstore.CloseApplication(azApplication.Name, 0);
//}
//catch
//{
// //PorkAround: COM Is a mistery
//}
}
#endregion Applications
if (storage.TransactionInProgress)
{
storage.CommitTransaction();
}
}
catch
{
if (storage.TransactionInProgress)
{
storage.RollBackTransaction();
}
throw;
}
finally
{
if (azstore != null)
{
System.Runtime.InteropServices.Marshal.ReleaseComObject(azstore);
File.Delete(tempFileName);
azstore = null;
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
this.item = this.Session["selectedObject"] as IAzManItem;
this.menuItem = Request["MenuItem"];
this.Text = "Item Authorizations";
this.Description = this.Text;
this.Title = this.Text;
this.currentOwnerName = this.Request.LogonUserIdentity.Name;
this.currentOwnerSid = new SqlAzManSID(this.Request.LogonUserIdentity.User.Value);
//this.showWaitPanelOnSubmit(this.pnlWait, this.pnlXXX);
if (!this.Page.IsPostBack)
{
string memberName;
bool isLocal;
DirectoryServicesWebUtils.GetMemberInfo(this.currentOwnerSid.StringValue, out memberName, out isLocal);
this.currentOwnerSidWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP;
this.saveSessionVariables();
this.loadSessionVariables();
this.dtAuthorizations = new DataTable();
DataColumn dcAuthorizationId = new DataColumn("AuthorizationID", typeof(int));
dcAuthorizationId.AutoIncrement = true;
dcAuthorizationId.AutoIncrementSeed = -1;
dcAuthorizationId.AutoIncrementStep = -1;
dcAuthorizationId.AllowDBNull = false;
dcAuthorizationId.Unique = true;
DataColumn dcAttributesLink = new DataColumn("AttributesLink", typeof(string));
DataColumn dcMemberTypeEnum = new DataColumn("MemberTypeEnum", typeof(MemberType));
DataColumn dcMemberType = new DataColumn("MemberType", typeof(string));
DataColumn dcOwner = new DataColumn("Owner", typeof(string));
DataColumn dcOwnerSid = new DataColumn("OwnerSID", typeof(string));
DataColumn dcName = new DataColumn("Name", typeof(string));
DataColumn dcObjectSid = new DataColumn("ObjectSID", typeof(string));
DataColumn dcWhereDefined = new DataColumn("WhereDefined", typeof(string));
DataColumn dcWhereDefinedEnum = new DataColumn("WhereDefinedEnum", typeof(WhereDefined));
DataColumn dcAuthorizationType = new DataColumn("AuthorizationType", typeof(string));
DataColumn dcAuthorizationTypeEnum = new DataColumn("AuthorizationTypeEnum", typeof(AuthorizationType));
DataColumn dcValidFrom = new DataColumn("ValidFrom", typeof(DateTime));
dcValidFrom.AllowDBNull = true;
DataColumn dcValidTo = new DataColumn("ValidTo", typeof(DateTime));
dcValidTo.AllowDBNull = true;
dcMemberType.Caption = "Member Type";
dcOwner.Caption = "Owner";
dcOwnerSid.Caption = "Owner SID";
dcName.Caption = "Name";
dcObjectSid.Caption = "Object SID";
dcWhereDefined.Caption = "Where Defined";
dcAuthorizationType.Caption = "Authorization Type";
dcValidFrom.Caption = "Valid From";
dcValidTo.Caption = "Valid To";
this.dtAuthorizations.Columns.AddRange(
new DataColumn[]
{
dcAuthorizationId,
dcMemberType,
dcName,
dcAuthorizationType,
dcWhereDefined,
dcOwner,
dcOwnerSid,
dcValidFrom,
dcValidTo,
dcObjectSid,
dcAuthorizationTypeEnum,
dcWhereDefinedEnum,
dcMemberTypeEnum,
dcAttributesLink
});
foreach (DataColumn dc in this.dtAuthorizations.Columns)
{
dc.AllowDBNull = true;
}
dcMemberType.AllowDBNull = false;
dcAuthorizationType.AllowDBNull = false;
this.modified = false;
this.btnAddStoreGroups.Enabled = this.item.Application.Store.HasStoreGroups();
this.btnAddApplicationGroups.Enabled = this.item.Application.HasApplicationGroups();
//Prepare DataGridView
this.dgAuthorizations.DataSource = this.dtAuthorizations;
this.dgAuthorizations.DataBind();
this.RenderItemAuthorizations();
this.Text += " - " + this.item.Name;
this.saveSessionVariables();
this.bindGridView();
}
else
{
this.loadSessionVariables();
if (this.Session["selectedStoreGroups"] != null)
{
this.btnAddStoreGroups_Click(this, EventArgs.Empty);
}
if (this.Session["selectedApplicationGroups"] != null)
{
this.btnAddApplicationGroups_Click(this, EventArgs.Empty);
}
if (this.Session["selectedDBUsers"] != null)
{
this.btnAddDBUsers_Click(this, EventArgs.Empty);
}
if (this.Session["selectedADObjects"] != null)
{
this.btnAddWindowsUsersAndGroups_Click(this, EventArgs.Empty);
}
}
}
