Inheritance: IDisposable
Beispiel #1
0
        private void MoveADObjectIfNecessary(DirectoryEntry entry, SyncTree entrySyncTree, Node node, string newPath)
        {
            if (!_config.AllowMove)
            {
                return;
            }

            // ebben a synctree-ben van
            var oldSyncTree = entrySyncTree;

            // ebben a synctree-ben kell lennie
            var newSyncTree = GetSyncTreeContainingPortalPath(newPath);

            // itt már csak azonos szerveren történő moveolás lehetséges (különböző szerverre történő moveolás feljebb történik)
            // a sync tartományok esetleg különbözhetnek
            var assumedPortalParentPath = oldSyncTree.GetPortalParentPath(entry.Path);
            var portalParentPath        = RepositoryPath.GetParentPath(newPath);

            // változott a path, moveolni kell
            if (assumedPortalParentPath != portalParentPath)
            {
                var parentEntryName = newSyncTree.GetADPath(portalParentPath);
                using (DirectoryEntry parentEntry = newSyncTree.ConnectToObject(parentEntryName))
                {
                    entry.MoveTo(parentEntry);
                }
            }
        }
Beispiel #2
0
        private void MoveADObjectIfNecessary(DirectoryEntry entry, SyncTree entrySyncTree, Node node, string newPath)
        {
            if (!_config.AllowMove)
                return;

            // ebben a synctree-ben van
            var oldSyncTree = entrySyncTree;

            // ebben a synctree-ben kell lennie
            var newSyncTree = GetSyncTreeContainingPortalPath(newPath);

            // itt már csak azonos szerveren történő moveolás lehetséges (különböző szerverre történő moveolás feljebb történik)
            // a sync tartományok esetleg különbözhetnek
            var assumedPortalParentPath = oldSyncTree.GetPortalParentPath(entry.Path);
            var portalParentPath = RepositoryPath.GetParentPath(newPath);

            // változott a path, moveolni kell
            if (assumedPortalParentPath != portalParentPath)
            {
                var parentEntryName = newSyncTree.GetADPath(portalParentPath);
                using (DirectoryEntry parentEntry = newSyncTree.ConnectToObject(parentEntryName))
                {
                    entry.MoveTo(parentEntry);
                }
            }
        }
Beispiel #3
0
        /// <summary>
        /// Gets portal info for given LDAP path. If resulting SyncInfo object's SyncTreeFound is false, no other properties are filled.
        /// </summary>
        /// <param name="ldapPath">The LDAP path of the object, ie. CN=MyGroup,OU=MyOrg,DC=Nativ,DC=local</param>
        /// <returns></returns>
        public SyncInfo GetSyncInfo(string ldapPath)
        {
            SyncInfo result = new SyncInfo();

            SyncTree syncTree = null;

            foreach (SyncTree sTree in _syncTrees)
            {
                if (sTree.ContainsADPath(ldapPath))
                {
                    syncTree = sTree;
                }
            }

            if (syncTree == null)
            {
                return(result);
            }

            result.SyncTreeFound       = true;
            result.SyncTreeADPath      = syncTree.ADPath;
            result.SyncTreePortalPath  = syncTree.PortalPath;
            result.SyncTreeADIPAddress = syncTree.IPAddress;
            result.TargetPortalPath    = syncTree.GetPortalPath(ldapPath);
            result.PortalNodeExists    = string.IsNullOrEmpty(result.TargetPortalPath) ? false : Node.Exists(result.TargetPortalPath);
            var parentPath = syncTree.GetPortalParentPath(ldapPath);

            result.PortalParentExists = string.IsNullOrEmpty(parentPath) ? false : Node.Exists(parentPath);

            return(result);
        }
Beispiel #4
0
        private void UpdatePortalFolderProperties(DirectoryEntry entry, Node node, SyncTree syncTree)
        {
            AdLog.LogObjects("Updating portal folder properties", entry.Path, node.Path);

            node.Name = Common.GetADObjectName(entry.Name);
            // node.Save() nem kell, később mentődik
        }
Beispiel #5
0
        private void UpdatePortalDomainProperties(DirectoryEntry entry, Node node, SyncTree syncTree)
        {
            AdLog.LogObjects("Updating portal domain properties", entry.Path, node.Path);

            node.Name = GetADDomainName(entry);
            // node.Save() nem kell, később mentődik
        }
Beispiel #6
0
        private void CreateADUser(SyncTree syncTree, string parentADPath, User user, string passwd)
        {
            using (DirectoryEntry parentObj = syncTree.ConnectToObject(parentADPath))
            {
                var prefix   = Common.GetADObjectPrefix(ADObjectType.User);
                var userName = user.Name.MaximizeLength(_config.ADNameMaxLength);
                using (DirectoryEntry newObj = parentObj.Children.Add(String.Concat(prefix, userName), "user"))
                {
                    newObj.Properties["userAccountControl"].Value = ADAccountOptions.UF_NORMAL_ACCOUNT | ADAccountOptions.UF_DONT_EXPIRE_PASSWD;

                    // user actions

                    var enabled = ((!_createdUsersDisabled) && (user.Enabled));

                    Common.UpdateADUserCustomProperties(newObj, user, _propertyMappings, enabled, _config.ADsAMAccountNameMaxLength, _config.SyncEnabledState, _config.SyncUserName);

                    newObj.CommitChanges();

                    // set password
                    if (passwd != null)
                    {
                        Common.SetPassword(newObj, passwd);
                    }

                    Common.SetPortalObjectGuid(newObj, user, _config.GuidProp);
                }
            }
        }
Beispiel #7
0
        // returns synchronized portal nodes
        private IEnumerable <Node> GetAllPortalObjects(ADObjectType objType, SyncTree syncTree)
        {
            var typeText = string.Empty;

            if (objType == ADObjectType.AllContainers)
            {
                typeText = string.Concat(
                    "(TypeIs:", Common.GetNodeType(ADObjectType.OrgUnit).Name,
                    " OR TypeIs:", Common.GetNodeType(ADObjectType.Container).Name,
                    " OR TypeIs:", Common.GetNodeType(ADObjectType.Domain).Name, ")");
            }
            else
            {
                typeText = string.Concat("TypeIs:", Common.GetNodeType(objType).Name);
            }

            var startPath = string.Concat('"', syncTree.PortalPath.TrimEnd(new char[] { '/' }), '"');
            var queryText = string.Concat(typeText, " AND InTree:", startPath);

            var settings = new QuerySettings {
                EnableAutofilters = false, EnableLifespanFilter = false
            };
            var query  = ContentQuery.CreateQuery(queryText, settings);
            var result = query.Execute();

            return(result.Nodes);
        }
Beispiel #8
0
 private void DeletePortalUsers(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Deleting portal users", syncTree.ADPath, syncTree.PortalPath);
     DeleteObjectsFromAD(syncTree,
                         ADObjectType.User,
                         syncTree.AllADUsers,
                         DeletePortalUser);
 }
Beispiel #9
0
 private void DeletePortalGroups(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Deleting portal groups", syncTree.ADPath, syncTree.PortalPath);
     DeleteObjectsFromAD(syncTree,
                         ADObjectType.Group,
                         syncTree.AllADGroups,
                         DeletePortalGroup);
 }
Beispiel #10
0
 private void DeletePortalContainers(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Deleting portal containers (domains, orgunits, containers)", syncTree.ADPath, syncTree.PortalPath);
     DeleteObjectsFromAD(syncTree,
                         ADObjectType.AllContainers,
                         syncTree.AllADContainers,
                         DeletePortalContainer);
 }
Beispiel #11
0
 private void SyncContainersFromAD(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Syncing containers (domains, orgunits, containers)", syncTree.ADPath, syncTree.PortalPath);
     SyncObjectsFromAD(syncTree,
                       ADObjectType.AllContainers,
                       syncTree.AllADContainers,
                       CreateNewPortalContainer,
                       UpdatePortalContainerProperties);
 }
Beispiel #12
0
 private void SyncUsersFromAD(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Syncing users", syncTree.ADPath, syncTree.PortalPath);
     SyncObjectsFromAD(syncTree,
                       ADObjectType.User,
                       syncTree.AllADUsers,
                       CreateNewPortalUser,
                       UpdatePortalUserProperties);
 }
Beispiel #13
0
 private void SyncGroupsFromAD(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Syncing groups", syncTree.ADPath, syncTree.PortalPath);
     SyncObjectsFromAD(syncTree,
                       ADObjectType.Group,
                       syncTree.AllADGroups,
                       CreateNewPortalGroup,
                       UpdatePortalGroupProperties);
 }
Beispiel #14
0
        // sync objects from AD to portal
        private void SyncObjectsFromAD(SyncTree syncTree,
                                       ADObjectType objType,
                                       SearchResultCollection allADObjects,
                                       Action <DirectoryEntry, string, Guid, SyncTree> CreateNewObject,
                                       Action <DirectoryEntry, Node, SyncTree> UpdateProperties)
        {
            foreach (SearchResult result in allADObjects)
            {
                try
                {
                    string nodeADpath = result.Path;

                    if (syncTree.IsADPathExcluded(nodeADpath))
                    {
                        continue;
                    }

                    AdLog.LogOuterADObject("Syncing", result.Path);

                    var guid = Common.GetADResultGuid(result, _config.GuidProp);

                    if (!guid.HasValue)
                    {
                        // no AD guid present for object
                        AdLog.LogErrorADObject("No AD GUID present", result.Path);
                        continue;
                    }

                    // új objektumok (ou, user, group) felvétele, átmozgatások
                    // - ha létezik az adott guid-ú objektum -> path ellenőrzés, átmozgatás
                    // - ha nem létezik, létrehozás

                    string nodePortalParentPath = syncTree.GetPortalParentPath(nodeADpath);
                    if (!Node.Exists(nodePortalParentPath))
                    {
                        // adpath: OU=OtherOrg,OU=ExampleOrg,DC=Nativ,DC=local
                        // portalParentPath: "/Root/IMS/NATIV/ExampleOrg"
                        EnsurePortalPath(syncTree, syncTree.GetADParentObjectPath(result.Path), RepositoryPath.GetParentPath(nodePortalParentPath));
                    }

                    SyncOneADObject(result, null,
                                    (Guid)guid,
                                    objType,
                                    nodePortalParentPath,
                                    CreateNewObject,
                                    UpdateProperties,
                                    syncTree);
                }
                catch (Exception ex)
                {
                    // syncing of one object of the current tree failed
                    AdLog.LogException(ex);
                }
            }
        }
Beispiel #15
0
 private void CreateADContainer(SyncTree syncTree, string parentADPath, Node node)
 {
     using (DirectoryEntry parentObj = syncTree.ConnectToObject(parentADPath))
     {
         var prefix = Common.GetADObjectPrefix(ADObjectType.Container);
         using (DirectoryEntry newObj = parentObj.Children.Add(String.Concat(prefix, node.Name), "container"))
         {
             newObj.CommitChanges();
             Common.SetPortalObjectGuid(newObj, node, _config.GuidProp);
         }
     }
 }
Beispiel #16
0
        // gets members of an AD group and returns the corresponding list of <Guid, ADObjectType> objects
        private Dictionary <Guid, ADGroupMember> GetADGroupMembers(DirectoryEntry group, SyncTree syncTree)
        {
            var members     = new Dictionary <Guid, ADGroupMember>();
            var memberCount = group.Properties["member"].Count;

            AdLog.LogADObject(string.Format("Group contains {0} member(s).", memberCount), group.Path);
            for (int i = 0; i < memberCount; i++)
            {
                string sMemberDN = group.Properties["member"][i].ToString();

                var objSyncTree = GetSyncTreeForObject(sMemberDN);
                if (objSyncTree == null)
                {
                    AdLog.LogWarning(string.Format("AD group contains an object that is not contained in any of the synctrees, group's synctree will be used to retrieve the object (group: {0}, object: {1})", group.Path, sMemberDN));
                    objSyncTree = syncTree;
                }

                using (DirectoryEntry oADMember = objSyncTree.ConnectToObject(sMemberDN))
                {
                    if (oADMember != null)
                    {
                        var guid = Common.GetADObjectGuid(oADMember, _config.GuidProp);
                        if (guid != null)
                        {
                            var userNameProp  = oADMember.Properties[_config.UserNameProp];
                            var userNameValue = userNameProp == null ? null : userNameProp.Value;
                            if (userNameValue == null)
                            {
                                AdLog.LogError(string.Format("Property {0} of AD group member \"{1}\" is missing or value is null", _config.UserNameProp, sMemberDN));
                                continue;
                            }

                            members.Add(
                                ((Guid)guid),
                                new ADGroupMember()
                            {
                                objType        = Common.GetADObjectType(oADMember, _config.NovellSupport),
                                Path           = oADMember.Path,
                                SamAccountName = userNameValue.ToString()
                            });
                        }
                    }
                    else
                    {
                        AdLog.LogWarning(string.Format("AD group member could not be retrieved (group: {0}, object: {1})", group.Path, sMemberDN));
                    }
                }
            }
            return(members);
        }
Beispiel #17
0
 private void CreateADGroup(SyncTree syncTree, string parentADPath, Node node)
 {
     using (DirectoryEntry parentObj = syncTree.ConnectToObject(parentADPath))
     {
         var prefix = Common.GetADObjectPrefix(ADObjectType.Group);
         using (DirectoryEntry newObj = parentObj.Children.Add(String.Concat(prefix, node.Name), "group"))
         {
             newObj.Properties["sAMAccountName"].Value = node.Name.MaximizeLength(_config.ADsAMAccountNameMaxLength);
             newObj.Properties["groupType"].Value      = ADGroupOptions.GlobalSecurityGroup;
             newObj.CommitChanges();
             Common.SetPortalObjectGuid(newObj, node, _config.GuidProp);
         }
     }
 }
Beispiel #18
0
        private void UpdateADContainerProperties(DirectoryEntry entry, SyncTree entrySyncTree, Node node, string newPath, string passwd)
        {
            if (Common.GetADObjectType(node.NodeType) == ADObjectType.Group)
            {
                UpdateADGroupCustomProperies(entry, node);
                entry.CommitChanges();
            }
            Common.RenameADObjectIfNecessary(entry, node, _config.ADNameMaxLength, _config.AllowRename);

            // move object
            this.MoveADObjectIfNecessary(entry, entrySyncTree, node, newPath);

            Common.UpdateLastSync(node, null);
        }
Beispiel #19
0
        public bool IsSyncedObject(string nodePath, out SyncTree syncTree)
        {
            var parentPath = RepositoryPath.GetParentPath(nodePath);

            // get containing synctree
            syncTree = GetSyncTreeContainingPortalPath(parentPath);

            // not synced object
            if (syncTree == null)
            {
                return(false);
            }

            return(true);
        }
Beispiel #20
0
        private void UpdatePortalUserProperties(DirectoryEntry entry, Node node, SyncTree syncTree)
        {
            AdLog.LogObjects("Updating portal user properties", entry.Path, node.Path);

            var user = (IUser)node;

            if (_config.SyncEnabledState)
            {
                user.Enabled = !Common.IsAccountDisabled(entry, _config.NovellSupport);
            }

            Common.UpdatePortalUserCustomProperties(entry, node, _propertyMappings, _config.SyncUserName);

            // node.Save() nem kell, később mentődik
        }
Beispiel #21
0
        private void CreateNewPortalDomain(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
        {
            try
            {
                AdLog.LogADObject(string.Format("New portal domain - creating under {0}", parentPath), entry.Path);
                Domain newNode = new Domain(Node.LoadNode(parentPath));

                UpdatePortalDomainProperties(entry, newNode, syncTree);

                Common.UpdateLastSync(newNode, guid);
                //newNode.Save();  - update lastsync already saves node
            }
            catch (Exception ex)
            {
                AdLog.LogException(ex);
            }
        }
Beispiel #22
0
 // domain, orgunit, container (folder)
 private void CreateNewPortalContainer(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
 {
     switch (Common.GetADObjectType(entry, _config.NovellSupport))
     {
         case ADObjectType.Organization:
         case ADObjectType.OrgUnit:
             CreateNewPortalOrgUnit(entry, parentPath, (Guid)guid, syncTree);
             break;
         case ADObjectType.Container:
             CreateNewPortalFolder(entry, parentPath, (Guid)guid, syncTree);
             break;
         case ADObjectType.Domain:
             CreateNewPortalDomain(entry, parentPath, (Guid)guid, syncTree);
             break;
         default:
             AdLog.LogErrorADObject("Unsupported AD object!", entry.Path);
             break;
     }
 }
Beispiel #23
0
        /* ==================================================================================== portal -> AD : Main algorithms */
        private void UpdateADUserProperties(DirectoryEntry entry, SyncTree entrySyncTree, Node node, string newPath, string passwd)
        {
            var user = (User)node;

            var enabled = user.Enabled;
            Common.UpdateADUserCustomProperties(entry, user, _propertyMappings, enabled, _config.ADsAMAccountNameMaxLength, _config.SyncEnabledState, _config.SyncUserName);

            entry.CommitChanges();

            Common.RenameADObjectIfNecessary(entry, node, _config.ADNameMaxLength, _config.AllowRename);

            // move object
            this.MoveADObjectIfNecessary(entry, entrySyncTree, node, newPath);

            // set password
            if (passwd != null)
                Common.SetPassword(entry, passwd);

            Common.UpdateLastSync(node, null);
        }
Beispiel #24
0
        // delete portal objects that have no corresponding synchronized objects in AD
        private void DeleteObjectsFromAD(SyncTree syncTree,
                                         ADObjectType objType,
                                         SearchResultCollection allADObjects,
                                         Action <Node> DeletePortalObject)
        {
            try
            {
                AdLog.LogOuter("Querying all portal objects...");
                var portalNodes = GetAllPortalObjects(objType, syncTree);
                AdLog.LogOuter("Checking if portal objects exist under synchronized path in AD...");
                foreach (Node node in portalNodes)
                {
                    try
                    {
                        // check if object exists under synchronized path in AD
                        var guid = Common.GetPortalObjectGuid(node);
                        if ((!guid.HasValue) || (!ADObjectPathSynced((Guid)guid, allADObjects, node)))
                        {
                            if (!guid.HasValue)
                            {
                                AdLog.Log(string.Format("No guid set for portal object: {0} ", node.Path));
                            }

                            // deleted from AD or not under synchronized path any more
                            DeletePortalObject(node);
                        }
                    }
                    catch (Exception ex)
                    {
                        AdLog.LogException(ex);
                    }
                }
            }
            catch (Exception ex)
            {
                AdLog.LogException(ex);
            }
        }
Beispiel #25
0
        private void MoveADObjectIfNecessary(DirectoryEntry entry, SyncTree entrySyncTree, Node node, string newPath)
        {
            if (!_config.AllowMove)
            {
                return;
            }

            var oldSyncTree = entrySyncTree;

            var newSyncTree = GetSyncTreeContainingPortalPath(newPath);

            var assumedPortalParentPath = oldSyncTree.GetPortalParentPath(entry.Path);
            var portalParentPath        = RepositoryPath.GetParentPath(newPath);

            if (assumedPortalParentPath != portalParentPath)
            {
                var parentEntryName = newSyncTree.GetADPath(portalParentPath);
                using (DirectoryEntry parentEntry = newSyncTree.ConnectToObject(parentEntryName))
                {
                    entry.MoveTo(parentEntry);
                }
            }
        }
Beispiel #26
0
        /* ==================================================================================== portal -> AD : Main algorithms */
        private void UpdateADUserProperties(DirectoryEntry entry, SyncTree entrySyncTree, Node node, string newPath, string passwd)
        {
            var user = (User)node;

            var enabled = user.Enabled;

            Common.UpdateADUserCustomProperties(entry, user, _propertyMappings, enabled, _config.ADsAMAccountNameMaxLength, _config.SyncEnabledState, _config.SyncUserName);

            entry.CommitChanges();

            Common.RenameADObjectIfNecessary(entry, node, _config.ADNameMaxLength, _config.AllowRename);

            // move object
            this.MoveADObjectIfNecessary(entry, entrySyncTree, node, newPath);

            // set password
            if (passwd != null)
            {
                Common.SetPassword(entry, passwd);
            }

            Common.UpdateLastSync(node, null);
        }
Beispiel #27
0
        // adpath: OU=OtherOrg,OU=ExampleOrg,DC=Nativ,DC=local
        // portalParentPath: "/Root/IMS/Nativ.Local/ExampleOrg"
        private void EnsurePortalPath(SyncTree syncTree, string ADPath, string portalParentPath)
        {
            // portalParentPath does not exist
            if (!Node.Exists(portalParentPath))
            {
                // get parent AD object
                string ADparentPath = syncTree.GetADParentObjectPath(ADPath);
                // ensurepath
                EnsurePortalPath(syncTree, ADparentPath, RepositoryPath.GetParentPath(portalParentPath));
            }

            // portalParentPath exists, so AD object should be synchronized here
            // domain, container, orgunit
            using (DirectoryEntry entry = syncTree.ConnectToObject(ADPath))
            {
                var guid = Common.GetADObjectGuid(entry, _config.GuidProp);
                if (!guid.HasValue)
                {
                    return;
                }

                SyncOneADObject(null, entry, (Guid)guid, ADObjectType.AllContainers, portalParentPath, CreateNewPortalContainer, UpdatePortalContainerProperties, syncTree);
            }
        }
Beispiel #28
0
 private void DeletePortalUsers(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Deleting portal users", syncTree.ADPath, syncTree.PortalPath);
     DeleteObjectsFromAD(syncTree,
         ADObjectType.User,
         syncTree.AllADUsers,
         DeletePortalUser);
 }
Beispiel #29
0
 private void SyncUsersFromAD(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Syncing users", syncTree.ADPath, syncTree.PortalPath);
     SyncObjectsFromAD(syncTree,
         ADObjectType.User,
         syncTree.AllADUsers,
         CreateNewPortalUser,
         UpdatePortalUserProperties);
 }
Beispiel #30
0
        // delete portal objects that have no corresponding synchronized objects in AD
        private void DeleteObjectsFromAD(SyncTree syncTree,
            ADObjectType objType,
            SearchResultCollection allADObjects,
            Action<Node> DeletePortalObject)
        {
            try
            {
                AdLog.LogOuter("Querying all portal objects...");
                var portalNodes = GetAllPortalObjects(objType, syncTree);
                AdLog.LogOuter("Checking if portal objects exist under synchronized path in AD...");
                foreach (Node node in portalNodes)
                {
                    try
                    {
                        // check if object exists under synchronized path in AD
                        var guid = Common.GetPortalObjectGuid(node);
                        if ((!guid.HasValue) || (!ADObjectPathSynced((Guid)guid, allADObjects, node)))
                        {
                            if (!guid.HasValue)
                                AdLog.Log(string.Format("No guid set for portal object: {0} ", node.Path));

                            // deleted from AD or not under synchronized path any more
                            DeletePortalObject(node);
                        }
                    }
                    catch (Exception ex)
                    {
                        AdLog.LogException(ex);
                    }
                }
            }
            catch (Exception ex)
            {
                AdLog.LogException(ex);
            }
        }
Beispiel #31
0
        // domain, orgunit, container (folder)
        private void UpdatePortalContainerProperties(DirectoryEntry entry, Node node, SyncTree syncTree)
        {
            switch (Common.GetADObjectType(entry, _config.NovellSupport))
            {
            case ADObjectType.OrgUnit:
                UpdatePortalOrgUnitProperties(entry, node, syncTree);
                break;

            case ADObjectType.Container:
                UpdatePortalFolderProperties(entry, node, syncTree);
                break;

            case ADObjectType.Domain:
                UpdatePortalDomainProperties(entry, node, syncTree);
                break;
            }
        }
Beispiel #32
0
        private void UpdatePortalGroupProperties(DirectoryEntry entry, Node node, SyncTree syncTree)
        {
            AdLog.LogObjects("Updating portal group properties", entry.Path, node.Path);

            node.Name = Common.GetADObjectName(entry.Name);

            // set members
            var group         = (Group)node;
            var portalMembers = group.Members;

            var adMembers     = GetADGroupMembers(entry, syncTree);
            var removeMembers = new List <Node>();

            // add new members:
            foreach (Guid guid in adMembers.Keys)
            {
                try
                {
                    //bool validResult;

                    //Node portalNode = GetNodeByGuid(guid, adMembers[guid].objType, out validResult);
                    //string adPath = adMembers[guid].Path;

                    //var portalNodePath = syncTree.GetPortalPath(adPath);
                    //portalNodePath = portalNodePath.Substring(0, portalNodePath.LastIndexOf('/'));
                    //portalNodePath = RepositoryPath.Combine(portalNodePath, adMembers[guid].SamAccountName);
                    //Node portalNode = Node.Load<Node>(portalNodePath);

                    Node   portalNode = null;
                    string guidStr    = guid.ToString();

                    if (_useOnTheFlyMemberQuery)
                    {
                        portalNode = Common.GetPortalObjectByGuid(guid);
                    }
                    else
                    {
                        switch (adMembers[guid].objType)
                        {
                        case ADObjectType.User:
                            portalNode = (_portalUsers.ContainsKey(guidStr)) ? Node.LoadNode(_portalUsers[guidStr]) : null;
                            break;

                        case ADObjectType.Group:
                            portalNode = (_portalGroups.ContainsKey(guidStr)) ? Node.LoadNode(_portalGroups[guidStr]) : null;
                            break;

                        default:
                            break;
                        }
                    }

                    if (portalNode != null)
                    {
                        if (!portalMembers.Any(n => n.Id == portalNode.Id))
                        {
                            switch (adMembers[guid].objType)
                            {
                            case ADObjectType.Group:
                                group.AddMember((IGroup)portalNode);
                                break;

                            case ADObjectType.User:
                                group.AddMember((IUser)portalNode);
                                break;

                            default:
                                // log: AD group membere se nem user, se nem group
                                AdLog.LogErrorObjects("Member is neither a user nor a group", adMembers[guid].Path, portalNode.Path);
                                break;
                            }
                        }
                    }
                    else
                    {
                        // log: a group a portálon nem létező user-t tartalmaz
                        // a synctree-k elvileg tartalmazzák, mert a GetADGroupMembers csak synctree által tartalmazott objektumokat ad vissza
                        AdLog.LogErrorADObject("Member does not exist in portal", adMembers[guid].Path);
                    }
                }
                catch
                {
                    AdLog.LogErrorADObject("Could not add member to group", adMembers[guid].Path);
                }
            }

            // remove old members
            // add nodes of portal group members to removeMembers list,
            // that have no corresponding AD objects in AD group
            foreach (Node member in portalMembers)
            {
                string guidStr = member["SyncGuid"] as string;
                if (guidStr != null)
                {
                    if (!adMembers.Keys.Contains(new Guid(guidStr)))
                    {
                        removeMembers.Add(member);
                    }
                }
                else
                {
                    // log: a portál csoport szinkronizálatlan objektumot is tartalmaz
                    AdLog.LogError(string.Format("Portal group contains unsynchronized object (group: {0}, object: {1}", group.Path, member.Path));
                }
            }

            // remove members from portal group
            foreach (Node member in removeMembers)
            {
                var portalUser = member as IUser;
                if (portalUser != null)
                {
                    group.RemoveMember(portalUser);
                }
                else
                {
                    var portalGroup = member as IGroup;
                    if (portalGroup != null)
                    {
                        group.RemoveMember(portalGroup);
                    }
                }
            }
            // node.Save() nem kell, később mentődik
        }
Beispiel #33
0
        // returns synchronized portal nodes
        private IEnumerable<Node> GetAllPortalObjects(ADObjectType objType, SyncTree syncTree)
        {
            var typeText = string.Empty;
            if (objType == ADObjectType.AllContainers)
            {
                typeText = string.Concat(
                    "(TypeIs:", Common.GetNodeType(ADObjectType.OrgUnit).Name, 
                    " OR TypeIs:", Common.GetNodeType(ADObjectType.Container).Name, 
                    " OR TypeIs:", Common.GetNodeType(ADObjectType.Domain).Name, ")");
            }
            else
            {
                typeText = string.Concat("TypeIs:", Common.GetNodeType(objType).Name);
            }

            var startPath = string.Concat('"', syncTree.PortalPath.TrimEnd(new char[] { '/' }), '"');
            var queryText = string.Concat(typeText, " AND InTree:", startPath);

            var settings = new QuerySettings {EnableAutofilters = false, EnableLifespanFilter = false};
            var query = ContentQuery.CreateQuery(queryText, settings);
            var result = query.Execute();
            return result.Nodes;
        }
Beispiel #34
0
        private void UpdatePortalGroupProperties(DirectoryEntry entry, Node node, SyncTree syncTree)
        {
            AdLog.LogObjects("Updating portal group properties", entry.Path, node.Path);

            node.Name = Common.GetADObjectName(entry.Name);

            // set members
            var group = (Group)node;
            var portalMembers = group.Members;

            var adMembers = GetADGroupMembers(entry, syncTree);
            var removeMembers = new List<Node>();

            // add new members: 
            foreach (Guid guid in adMembers.Keys)
            {
                try
                {
                    //bool validResult;

                    //Node portalNode = GetNodeByGuid(guid, adMembers[guid].objType, out validResult);
                    //string adPath = adMembers[guid].Path;

                    //var portalNodePath = syncTree.GetPortalPath(adPath);
                    //portalNodePath = portalNodePath.Substring(0, portalNodePath.LastIndexOf('/'));
                    //portalNodePath = RepositoryPath.Combine(portalNodePath, adMembers[guid].SamAccountName);
                    //Node portalNode = Node.Load<Node>(portalNodePath);

                    Node portalNode = null;
                    string guidStr = guid.ToString();

                    if (_useOnTheFlyMemberQuery)
                    {
                        portalNode = Common.GetPortalObjectByGuid(guid);
                    }
                    else
                    {
                        switch (adMembers[guid].objType)
                        {
                            case ADObjectType.User:
                                portalNode = (_portalUsers.ContainsKey(guidStr)) ? Node.LoadNode(_portalUsers[guidStr]) : null;
                                break;
                            case ADObjectType.Group:
                                portalNode = (_portalGroups.ContainsKey(guidStr)) ? Node.LoadNode(_portalGroups[guidStr]) : null;
                                break;
                            default:
                                break;
                        }
                    }

                    if (portalNode != null)
                    {
                        if (!portalMembers.Any(n => n.Id == portalNode.Id))
                        {
                            switch (adMembers[guid].objType)
                            {
                                case ADObjectType.Group:
                                    group.AddMember((IGroup)portalNode);
                                    break;
                                case ADObjectType.User:
                                    group.AddMember((IUser)portalNode);
                                    break;
                                default:
                                    // log: AD group membere se nem user, se nem group
                                    AdLog.LogErrorObjects("Member is neither a user nor a group", adMembers[guid].Path, portalNode.Path);
                                    break;
                            }
                        }
                    }
                    else
                    {
                        // log: a group a portálon nem létező user-t tartalmaz
                        // a synctree-k elvileg tartalmazzák, mert a GetADGroupMembers csak synctree által tartalmazott objektumokat ad vissza
                        AdLog.LogErrorADObject("Member does not exist in portal", adMembers[guid].Path);
                    }
                }
                catch
                {
                    AdLog.LogErrorADObject("Could not add member to group", adMembers[guid].Path);
                }
            }

            // remove old members
            // add nodes of portal group members to removeMembers list, 
            // that have no corresponding AD objects in AD group
            foreach (Node member in portalMembers)
            {
                string guidStr = member["SyncGuid"] as string;
                if (guidStr != null)
                {
                    if (!adMembers.Keys.Contains(new Guid(guidStr)))
                        removeMembers.Add(member);
                }
                else
                {
                    // log: a portál csoport szinkronizálatlan objektumot is tartalmaz
                    AdLog.LogError(string.Format("Portal group contains unsynchronized object (group: {0}, object: {1}", group.Path, member.Path));
                }
            }

            // remove members from portal group
            foreach (Node member in removeMembers)
            {
                var portalUser = member as IUser;
                if (portalUser != null)
                    group.RemoveMember(portalUser);
                else
                {
                    var portalGroup = member as IGroup;
                    if (portalGroup != null)
                        group.RemoveMember(portalGroup);
                }
            }
            // node.Save() nem kell, később mentődik
        }
Beispiel #35
0
 private void CreateADContainer(SyncTree syncTree, string parentADPath, Node node)
 {
     using (DirectoryEntry parentObj = syncTree.ConnectToObject(parentADPath))
     {
         var prefix = Common.GetADObjectPrefix(ADObjectType.Container);
         using (DirectoryEntry newObj = parentObj.Children.Add(String.Concat(prefix, node.Name), "container"))
         {
             newObj.CommitChanges();
             Common.SetPortalObjectGuid(newObj, node, _config.GuidProp);
         }
     }
 }
Beispiel #36
0
 private void CreateADGroup(SyncTree syncTree, string parentADPath, Node node)
 {
     using (DirectoryEntry parentObj = syncTree.ConnectToObject(parentADPath))
     {
         var prefix = Common.GetADObjectPrefix(ADObjectType.Group);
         using (DirectoryEntry newObj = parentObj.Children.Add(String.Concat(prefix, node.Name), "group"))
         {
             // a members.clear után nem engedné létrehozni constraint miatt
             //UpdateADGroupCustomProperies(newObj, node);
             newObj.Properties["sAMAccountName"].Value = node.Name.MaximizeLength(_config.ADsAMAccountNameMaxLength);
             newObj.Properties["groupType"].Value = ADGroupOptions.GlobalSecurityGroup;
             newObj.CommitChanges();
             Common.SetPortalObjectGuid(newObj, node, _config.GuidProp);
         }
     }
 }
Beispiel #37
0
        private void CreateADUser(SyncTree syncTree, string parentADPath, User user, string passwd)
        {
            using (DirectoryEntry parentObj = syncTree.ConnectToObject(parentADPath))
            {
                var prefix = Common.GetADObjectPrefix(ADObjectType.User);
                var userName = user.Name.MaximizeLength(_config.ADNameMaxLength);
                using (DirectoryEntry newObj = parentObj.Children.Add(String.Concat(prefix, userName), "user"))
                {
                    newObj.Properties["userAccountControl"].Value = ADAccountOptions.UF_NORMAL_ACCOUNT | ADAccountOptions.UF_DONT_EXPIRE_PASSWD;

                    // user actions

                    // user enabled/disabled: akkor enabled, ha a user maga enabled és globálisan nincs letiltva az enabled állapot konfigban
                    var enabled = ((!_createdUsersDisabled) && (user.Enabled));

                    Common.UpdateADUserCustomProperties(newObj, user, _propertyMappings, enabled, _config.ADsAMAccountNameMaxLength, _config.SyncEnabledState, _config.SyncUserName);

                    newObj.CommitChanges();

                    //if (doNotExpirePassword)
                    //{
                    //    oNewADUser.Properties["userAccountControl"].Value = ADAccountOptions.UF_NORMAL_ACCOUNT | ADAccountOptions.UF_DONT_EXPIRE_PASSWD;
                    //}
                    //else
                    //{
                    //    oNewADUser.Properties["userAccountControl"].Value = ADAccountOptions.UF_NORMAL_ACCOUNT;
                    //}
                    
                    // set password
                    if (passwd != null)
                        Common.SetPassword(newObj, passwd);

                    Common.SetPortalObjectGuid(newObj, user, _config.GuidProp);
                }
            }
        }
Beispiel #38
0
 private void UpdateADContainerProperties(DirectoryEntry entry, SyncTree entrySyncTree, Node node, string newPath, string passwd)
 {
     if (Common.GetADObjectType(node.NodeType) == ADObjectType.Group)
     {
         UpdateADGroupCustomProperies(entry, node);
         entry.CommitChanges();
     }
     Common.RenameADObjectIfNecessary(entry, node, _config.ADNameMaxLength, _config.AllowRename);
     
     // move object
     this.MoveADObjectIfNecessary(entry, entrySyncTree, node, newPath);
     
     Common.UpdateLastSync(node, null);
 }
Beispiel #39
0
        // domain, orgunit, container (folder)
        private void CreateNewPortalContainer(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
        {
            switch (Common.GetADObjectType(entry, _config.NovellSupport))
            {
            case ADObjectType.Organization:
            case ADObjectType.OrgUnit:
                CreateNewPortalOrgUnit(entry, parentPath, (Guid)guid, syncTree);
                break;

            case ADObjectType.Container:
                CreateNewPortalFolder(entry, parentPath, (Guid)guid, syncTree);
                break;

            case ADObjectType.Domain:
                CreateNewPortalDomain(entry, parentPath, (Guid)guid, syncTree);
                break;

            default:
                AdLog.LogErrorADObject("Unsupported AD object!", entry.Path);
                break;
            }
        }
Beispiel #40
0
        private void SyncSingleObjectFromAD(string ldapPath)
        {
            SyncTree       syncTree = null;
            DirectoryEntry entry    = null;

            foreach (SyncTree sTree in _syncTrees)
            {
                if (sTree.ContainsADPath(ldapPath))
                {
                    entry    = sTree.ConnectToObject(ldapPath);
                    syncTree = sTree;
                }
            }

            if (syncTree == null)
            {
                AdLog.LogErrorADObject("Configured SyncTree could not be found for this path", ldapPath);
                return;
            }

            string nodePortalParentPath = syncTree.GetPortalParentPath(ldapPath);

            if (!Node.Exists(nodePortalParentPath))
            {
                AdLog.LogErrorADObject(string.Format("Portal parent path ({0}) does not exist", nodePortalParentPath), ldapPath);
                return;
            }

            if (entry == null)
            {
                AdLog.LogErrorADObject("AD Entry is not found", ldapPath);
                return;
            }

            var guid = Common.GetADObjectGuid(entry, _config.GuidProp);

            if (!guid.HasValue)
            {
                AdLog.LogErrorADObject("AD Entry guid cannot be retrieved", ldapPath);
                return;
            }

            var adObjectType = Common.GetADObjectType(entry, false);
            Action <DirectoryEntry, string, Guid, SyncTree> CreateNewObject  = null;
            Action <DirectoryEntry, Node, SyncTree>         UpdateProperties = null;

            switch (adObjectType)
            {
            case ADObjectType.User:
                CreateNewObject  = CreateNewPortalUser;
                UpdateProperties = UpdatePortalUserProperties;
                break;

            case ADObjectType.Group:
                CreateNewObject  = CreateNewPortalGroup;
                UpdateProperties = UpdatePortalGroupProperties;
                break;

            case ADObjectType.Container:
            case ADObjectType.Organization:
            case ADObjectType.OrgUnit:
                CreateNewObject  = CreateNewPortalContainer;
                UpdateProperties = UpdatePortalContainerProperties;
                break;

            default:
                AdLog.LogErrorADObject("Syncing of this type is not supported.", ldapPath);
                return;
            }

            // check if node already exists:
            var node = Common.GetPortalObjectByGuid(guid.Value);

            if (node == null)
            {
                if (!Node.Exists(nodePortalParentPath))
                {
                    EnsurePortalPath(syncTree, syncTree.GetADParentObjectPath(ldapPath), RepositoryPath.GetParentPath(nodePortalParentPath));
                }

                CreateNewObject(entry, nodePortalParentPath, guid.Value, syncTree);
            }
            else
            {
                if (RepositoryPath.GetParentPath(node.Path) != nodePortalParentPath)
                {
                    Node.Move(node.Path, nodePortalParentPath);

                    // reload node for further processing (set properties)
                    node = Node.LoadNode(node.Id);
                }

                UpdateProperties(entry, node, syncTree);
                Common.UpdateLastSync(node, null);
            }
        }
Beispiel #41
0
 private void DeletePortalContainers(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Deleting portal containers (domains, orgunits, containers)", syncTree.ADPath, syncTree.PortalPath);
     DeleteObjectsFromAD(syncTree,
         ADObjectType.AllContainers,
         syncTree.AllADContainers,
         DeletePortalContainer);
 }
Beispiel #42
0
        /* ==================================================================================== AD -> portal : Main algorithms */
        // sync one object
        // két helyről hívhatjuk:
        // - SyncObjectsFromAD --> innen SearchResult objektumot kapunk
        // - SyncObjectsFromAD/EnsurePath --> innen Entryt kapunk
        //      - utóbbiból helyes működésnél csak létre kell hozni új objektumot, de ha már létezik az objektum, akkor
        //        moveoljuk, ne keletkezzen két azonos GUID-ú objektum a portálon
        private void SyncOneADObject(SearchResult result, DirectoryEntry ADentry,
                                     Guid guid,
                                     ADObjectType objType,
                                     string nodePortalParentPath,
                                     Action <DirectoryEntry, string, Guid, SyncTree> CreateNewObject,
                                     Action <DirectoryEntry, Node, SyncTree> UpdateProperties,
                                     SyncTree syncTree)
        {
            //bool validResult;
            //var node = GetNodeByGuid(guid, objType, out validResult);
            Node   node    = null;
            string guidStr = guid.ToString();

            switch (objType)
            {
            case ADObjectType.AllContainers:
                node = (_portalContainers.ContainsKey(guidStr)) ? Node.LoadNode(_portalContainers[guidStr]) : null;
                break;

            case ADObjectType.User:
                node = (_portalUsers.ContainsKey(guidStr)) ? Node.LoadNode(_portalUsers[guidStr]) : null;
                break;

            case ADObjectType.Group:
                node = (_portalGroups.ContainsKey(guidStr)) ? Node.LoadNode(_portalGroups[guidStr]) : null;
                break;

            default:
                break;
            }
            if (node != null)
            {
                // existing portal object
                try
                {
                    bool isNodeSynced = false;

                    // check path, move object if necessary
                    if (RepositoryPath.GetParentPath(node.Path) != nodePortalParentPath)
                    {
                        AdLog.LogADObject(string.Format("Moving object from {0} to {1}", node.Path, nodePortalParentPath), result.Path);
                        Node.Move(node.Path, nodePortalParentPath);

                        // reload node for further processing (set properties)
                        node         = Node.LoadNode(node.Id);
                        isNodeSynced = true;
                    }

                    if (ADentry != null)
                    {
                        // ensurepath-ból jön, mindenképp szinkronizáljuk
                        UpdateProperties(ADentry, node, syncTree);
                        AdLog.LogADObject(String.Format("Saving synced portal object: {0}", node.Path), ADentry.Path);
                        Common.UpdateLastSync(node, null);
                        //node.Save(); - update lastsync already saves node
                    }
                    else
                    {
                        // syncobjectsből jövünk, csak resultunk van (entrynk nincs)

                        // set properties and lastsync date - csak akkor szinkronizálunk, ha lastmod > x
                        // (ha az objektum át lett mozgatva, a lastmod is változik AD-ben)
                        if (_config.AlwaysSyncObjects || Common.IsPortalObjectInvalid(node, result, _config.NovellSupport))
                        {
                            using (var entry = result.GetDirectoryEntry())
                            {
                                UpdateProperties(entry, node, syncTree);
                                isNodeSynced = true;
                            }
                        }

                        if (isNodeSynced)
                        {
                            AdLog.LogADObject(String.Format("Saving synced portal object: {0}", node.Path), result.Path);
                            Common.UpdateLastSync(node, null);
                            //node.Save(); - update lastsync already saves node
                        }
                    }
                }
                catch (Exception ex)
                {
                    AdLog.LogException(ex);
                    // log: adott objektum szinkronizálása nem sikerült
                    if (result != null)
                    {
                        AdLog.LogErrorADObject("Syncing of AD object not successful.", result.Path);
                    }
                }
            }
            else
            {
                if (ADentry != null)
                {
                    // ensurepath-ból jövünk
                    CreateNewObject(ADentry, nodePortalParentPath, guid, syncTree);
                }
                else
                {
                    // syncobjectsből jövünk, csak resultunk van
                    // new portal object
                    using (var entry = result.GetDirectoryEntry())
                    {
                        CreateNewObject(entry, nodePortalParentPath, guid, syncTree);
                    }
                }
            }
        }
Beispiel #43
0
 // returns synchronized portal nodes
 private IEnumerable <Node> GetAllPortalObjects(ADObjectType objType, SyncTree syncTree)
 {
     return(GetAllPortalObjectsByADObjectTypeAndPath(objType, syncTree.PortalPath.TrimEnd('/')));
 }
Beispiel #44
0
        // gets members of an AD group and returns the corresponding list of <Guid, ADObjectType> objects
        private Dictionary<Guid, ADGroupMember> GetADGroupMembers(DirectoryEntry group, SyncTree syncTree)
        {
            var members = new Dictionary<Guid, ADGroupMember>();
            var memberCount = group.Properties["member"].Count;
            AdLog.LogADObject(string.Format("Group contains {0} member(s).", memberCount), group.Path);
            for (int i = 0; i < memberCount; i++)
            {
                string sMemberDN = group.Properties["member"][i].ToString();

                var objSyncTree = GetSyncTreeForObject(sMemberDN);
                if (objSyncTree == null)
                {
                    AdLog.LogWarning(string.Format("AD group contains an object that is not contained in any of the synctrees, group's synctree will be used to retrieve the object (group: {0}, object: {1})", group.Path, sMemberDN));
                    objSyncTree = syncTree;
                }

                using (DirectoryEntry oADMember = objSyncTree.ConnectToObject(sMemberDN))
                {
                    if (oADMember != null)
                    {
                        var guid = Common.GetADObjectGuid(oADMember, _config.GuidProp);
                        if (guid != null)
                        {
                            var userNameProp = oADMember.Properties[_config.UserNameProp];
                            var userNameValue = userNameProp == null ? null : userNameProp.Value;
                            if (userNameValue == null)
                            {
                                AdLog.LogError(string.Format("Property {0} of AD group member \"{1}\" is missing or value is null", _config.UserNameProp, sMemberDN));
                                continue;
                            }

                            members.Add(
                                ((Guid) guid),
                                new ADGroupMember()
                                    {
                                        objType = Common.GetADObjectType(oADMember, _config.NovellSupport),
                                        Path = oADMember.Path,
                                        SamAccountName = userNameValue.ToString()
                                    });
                        }
                    }
                    else
                    {
                        AdLog.LogWarning(string.Format("AD group member could not be retrieved (group: {0}, object: {1})", group.Path, sMemberDN));
                    }
                }
            }
            return members;
        }
Beispiel #45
0
        private void CreateNewPortalOrgUnit(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
        {
            try
            {
                AdLog.LogADObject(string.Format("New portal orgunit - creating under {0}", parentPath), entry.Path);
                OrganizationalUnit newOu = new OrganizationalUnit(Node.LoadNode(parentPath));

                UpdatePortalOrgUnitProperties(entry, newOu, syncTree);

                Common.UpdateLastSync(newOu, guid);
                //newOu.Save(); - update lastsync already saves node

                if (_portalContainers != null)
                {
                    if (!_portalContainers.ContainsKey(guid.ToString()))
                        _portalContainers.Add(guid.ToString(), newOu.Id);
                }
            }
            catch (Exception ex)
            {
                AdLog.LogException(ex);
            }
        }
Beispiel #46
0
        // adpath: OU=OtherOrg,OU=ExampleOrg,DC=Nativ,DC=local
        // portalParentPath: "/Root/IMS/Nativ.Local/ExampleOrg"
        private void EnsurePortalPath(SyncTree syncTree, string ADPath, string portalParentPath)
        {
            // portalParentPath does not exist
            if (!Node.Exists(portalParentPath))
            {
                // get parent AD object
                string ADparentPath = syncTree.GetADParentObjectPath(ADPath);
                // ensurepath
                EnsurePortalPath(syncTree, ADparentPath, RepositoryPath.GetParentPath(portalParentPath));
            }

            // portalParentPath exists, so AD object should be synchronized here
            // domain, container, orgunit
            using (DirectoryEntry entry = syncTree.ConnectToObject(ADPath))
            {
                var guid = Common.GetADObjectGuid(entry, _config.GuidProp);
                if (!guid.HasValue)
                    return;

                SyncOneADObject(null, entry, (Guid)guid, ADObjectType.AllContainers, portalParentPath, CreateNewPortalContainer, UpdatePortalContainerProperties, syncTree);
            }
        }
Beispiel #47
0
        private void CreateNewPortalUser(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
        {
            try
            {
                AdLog.LogADObject(string.Format("New portal user - creating under {0}", parentPath), entry.Path);
                var newUser = new User(Node.LoadNode(parentPath), _config.UserType);

                // user actions
                UpdatePortalUserProperties(entry, newUser, syncTree);

                Common.UpdateLastSync(newUser, guid);
                //newUser.Save(); - update lastsync already saves node

                if (_portalUsers != null)
                {
                    if (!_portalUsers.ContainsKey(guid.ToString()))
                        _portalUsers.Add(guid.ToString(), newUser.Id);
                }
            }
            catch (Exception ex)
            {
                AdLog.LogException(ex);
            }
        }
Beispiel #48
0
        /* ==================================================================================== AD -> portal : Main algorithms */
        // sync one object
        // két helyről hívhatjuk:
        // - SyncObjectsFromAD --> innen SearchResult objektumot kapunk
        // - SyncObjectsFromAD/EnsurePath --> innen Entryt kapunk
        //      - utóbbiból helyes működésnél csak létre kell hozni új objektumot, de ha már létezik az objektum, akkor
        //        moveoljuk, ne keletkezzen két azonos GUID-ú objektum a portálon
        private void SyncOneADObject(SearchResult result, DirectoryEntry ADentry,
            Guid guid,
            ADObjectType objType,
            string nodePortalParentPath,
            Action<DirectoryEntry, string, Guid, SyncTree> CreateNewObject,
            Action<DirectoryEntry, Node, SyncTree> UpdateProperties,
            SyncTree syncTree)
        {
            //bool validResult;
            //var node = GetNodeByGuid(guid, objType, out validResult);
            Node node = null;
            string guidStr = guid.ToString();
            switch (objType)
            {
                case ADObjectType.AllContainers:
                    node = (_portalContainers.ContainsKey(guidStr)) ? Node.LoadNode(_portalContainers[guidStr]) : null;
                    break;
                case ADObjectType.User:
                    node = (_portalUsers.ContainsKey(guidStr)) ? Node.LoadNode(_portalUsers[guidStr]) : null;
                    break;
                case ADObjectType.Group:
                    node = (_portalGroups.ContainsKey(guidStr)) ? Node.LoadNode(_portalGroups[guidStr]) : null;
                    break;
                default:
                    break;
            }
            if (node != null)
            {
                // existing portal object
                try
                {
                    bool isNodeSynced = false;

                    // check path, move object if necessary
                    if (RepositoryPath.GetParentPath(node.Path) != nodePortalParentPath)
                    {
                        AdLog.LogADObject(string.Format("Moving object from {0} to {1}", node.Path, nodePortalParentPath), result.Path);
                        Node.Move(node.Path, nodePortalParentPath);

                        // reload node for further processing (set properties)
                        node = Node.LoadNode(node.Id);
                        isNodeSynced = true;
                    }

                    if (ADentry != null)
                    {
                        // ensurepath-ból jön, mindenképp szinkronizáljuk
                        UpdateProperties(ADentry, node, syncTree);
                        AdLog.LogADObject(String.Format("Saving synced portal object: {0}", node.Path), ADentry.Path);
                        Common.UpdateLastSync(node, null);
                        //node.Save(); - update lastsync already saves node
                    }
                    else
                    {
                        // syncobjectsből jövünk, csak resultunk van (entrynk nincs)

                        // set properties and lastsync date - csak akkor szinkronizálunk, ha lastmod > x 
                        // (ha az objektum át lett mozgatva, a lastmod is változik AD-ben)
                        if (_config.AlwaysSyncObjects || Common.IsPortalObjectInvalid(node, result, _config.NovellSupport))
                        {
                            using (var entry = result.GetDirectoryEntry())
                            {
                                UpdateProperties(entry, node, syncTree);
                                isNodeSynced = true;
                            }
                        }

                        if (isNodeSynced)
                        {
                            AdLog.LogADObject(String.Format("Saving synced portal object: {0}", node.Path), result.Path);
                            Common.UpdateLastSync(node, null);
                            //node.Save(); - update lastsync already saves node
                        }
                    }
                }
                catch (Exception ex)
                {
                    AdLog.LogException(ex);
                    // log: adott objektum szinkronizálása nem sikerült
                    if (result != null)
                        AdLog.LogErrorADObject("Syncing of AD object not successful.", result.Path);
                }
            }
            else
            {
                if (ADentry != null)
                {
                    // ensurepath-ból jövünk
                    CreateNewObject(ADentry, nodePortalParentPath, guid, syncTree);
                }
                else
                {
                    // syncobjectsből jövünk, csak resultunk van
                    // new portal object
                    using (var entry = result.GetDirectoryEntry())
                    {
                        CreateNewObject(entry, nodePortalParentPath, guid, syncTree);
                    }
                }
            }
        }
Beispiel #49
0
        private void CreateNewPortalGroup(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
        {
            try
            {
                AdLog.LogADObject(string.Format("New portal group - creating under {0}", parentPath), entry.Path);
                var newGroup = new Group(Node.LoadNode(parentPath));

                UpdatePortalGroupProperties(entry, newGroup, syncTree);

                Common.UpdateLastSync(newGroup, guid);
                //newGroup.Save(); - update lastsync already saves node

                if (_portalGroups != null)
                {
                    if (!_portalGroups.ContainsKey(guid.ToString()))
                        _portalGroups.Add(guid.ToString(), newGroup.Id);
                }
            }
            catch (Exception ex)
            {
                AdLog.LogException(ex);
            }
        }
Beispiel #50
0
        // sync objects from AD to portal
        private void SyncObjectsFromAD(SyncTree syncTree,
            ADObjectType objType,
            SearchResultCollection allADObjects,
            Action<DirectoryEntry, string, Guid, SyncTree> CreateNewObject,
            Action<DirectoryEntry, Node, SyncTree> UpdateProperties)
        {
            foreach (SearchResult result in allADObjects)
            {
                try
                {
                    string nodeADpath = result.Path;

                    if (syncTree.IsADPathExcluded(nodeADpath))
                        continue;

                    AdLog.LogOuterADObject("Syncing", result.Path);

                    var guid = Common.GetADResultGuid(result, _config.GuidProp);

                    if (!guid.HasValue)
                    {
                        // no AD guid present for object
                        AdLog.LogErrorADObject("No AD GUID present", result.Path);
                        continue;
                    }

                    // új objektumok (ou, user, group) felvétele, átmozgatások
                    // - ha létezik az adott guid-ú objektum -> path ellenőrzés, átmozgatás
                    // - ha nem létezik, létrehozás

                    string nodePortalParentPath = syncTree.GetPortalParentPath(nodeADpath);
                    if (!Node.Exists(nodePortalParentPath))
                    {
                        // adpath: OU=OtherOrg,OU=ExampleOrg,DC=Nativ,DC=local
                        // portalParentPath: "/Root/IMS/NATIV/ExampleOrg"
                        EnsurePortalPath(syncTree, syncTree.GetADParentObjectPath(result.Path), RepositoryPath.GetParentPath(nodePortalParentPath));
                    }

                    SyncOneADObject(result, null,
                        (Guid)guid,
                        objType,
                        nodePortalParentPath,
                        CreateNewObject,
                        UpdateProperties,
                        syncTree);
                }
                catch (Exception ex)
                {
                    // syncing of one object of the current tree failed
                    AdLog.LogException(ex);
                }
            }
        }
Beispiel #51
0
 // domain, orgunit, container (folder)
 private void UpdatePortalContainerProperties(DirectoryEntry entry, Node node, SyncTree syncTree)
 {
     switch (Common.GetADObjectType(entry, _config.NovellSupport))
     {
         case ADObjectType.OrgUnit:
             UpdatePortalOrgUnitProperties(entry, node, syncTree);
             break;
         case ADObjectType.Container:
             UpdatePortalFolderProperties(entry, node, syncTree);
             break;
         case ADObjectType.Domain:
             UpdatePortalDomainProperties(entry, node, syncTree);
             break;
     }
 }
Beispiel #52
0
 private void SyncContainersFromAD(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Syncing containers (domains, orgunits, containers)", syncTree.ADPath, syncTree.PortalPath);
     SyncObjectsFromAD(syncTree,
         ADObjectType.AllContainers,
         syncTree.AllADContainers,
         CreateNewPortalContainer,
         UpdatePortalContainerProperties);
 }
Beispiel #53
0
        private void UpdatePortalDomainProperties(DirectoryEntry entry, Node node, SyncTree syncTree)
        {
            AdLog.LogObjects("Updating portal domain properties", entry.Path, node.Path);

            node.Name = GetADDomainName(entry);
            // node.Save() nem kell, később mentődik
        }
Beispiel #54
0
 private void SyncGroupsFromAD(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Syncing groups", syncTree.ADPath, syncTree.PortalPath);
     SyncObjectsFromAD(syncTree,
         ADObjectType.Group,
         syncTree.AllADGroups,
         CreateNewPortalGroup,
         UpdatePortalGroupProperties);
 }
Beispiel #55
0
        private void UpdatePortalFolderProperties(DirectoryEntry entry, Node node, SyncTree syncTree)
        {
            AdLog.LogObjects("Updating portal folder properties", entry.Path, node.Path);

            node.Name = Common.GetADObjectName(entry.Name);
            // node.Save() nem kell, később mentődik
        }
Beispiel #56
0
 private void DeletePortalGroups(SyncTree syncTree)
 {
     AdLog.LogMainActivity("Deleting portal groups", syncTree.ADPath, syncTree.PortalPath);
     DeleteObjectsFromAD(syncTree,
         ADObjectType.Group,
         syncTree.AllADGroups,
         DeletePortalGroup);
 }
Beispiel #57
0
        private void UpdatePortalUserProperties(DirectoryEntry entry, Node node, SyncTree syncTree)
        {
            AdLog.LogObjects("Updating portal user properties", entry.Path, node.Path);

            var user = (IUser)node;

            if (_config.SyncEnabledState)
                user.Enabled = !Common.IsAccountDisabled(entry, _config.NovellSupport);

            Common.UpdatePortalUserCustomProperties(entry, node, _propertyMappings, _config.SyncUserName);

            // node.Save() nem kell, később mentődik
        }
Beispiel #58
0
        private void CreateNewPortalFolder(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
        {
            try
            {
                AdLog.LogADObject(string.Format("New portal folder - creating under {0}", parentPath), entry.Path);
                //Folder newNode = new Folder(Node.LoadNode(parentPath));
                //Node newNode = new GenericContent(Node.LoadNode(parentPath), "ADFolder");
                var newNode = new ADFolder(Node.LoadNode(parentPath));

                UpdatePortalFolderProperties(entry, newNode, syncTree);

                Common.UpdateLastSync(newNode, guid);
                //newNode.Save();  - update lastsync already saves node

                if (!_portalContainers.ContainsKey(guid.ToString()))
                    _portalContainers.Add(guid.ToString(), newNode.Id);
            }
            catch (Exception ex)
            {
                AdLog.LogException(ex);
            }
        }
Beispiel #59
0
        private void CreateNewPortalDomain(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
        {
            try
            {
                AdLog.LogADObject(string.Format("New portal domain - creating under {0}", parentPath), entry.Path);
                Domain newNode = new Domain(Node.LoadNode(parentPath));

                UpdatePortalDomainProperties(entry, newNode, syncTree);

                Common.UpdateLastSync(newNode, guid);
                //newNode.Save();  - update lastsync already saves node
            }
            catch (Exception ex)
            {
                AdLog.LogException(ex);
            }
        }