public override void CreateRole(string roleName)
{
GroupPrincipal newGroup = new GroupPrincipal(GetPrincipalContext(), roleName);
newGroup.IsSecurityGroup = true;
newGroup.Description = roleName;
newGroup.Save();
}
/// <summary>
/// Agrega un grupo dados su nombre y descripción
/// </summary>
/// <param name="nombre">Nombre del grupo</param>
/// <param name="descripción">Descripción del grupo</param>
public void AgregarGrupo(string nombre, string descripción)
{
GroupPrincipal nuevoGrupo = new GroupPrincipal(_dominio);
nuevoGrupo.Name = nombre;
nuevoGrupo.Description = descripción;
nuevoGrupo.Save();
nuevoGrupo.Dispose();
}
/// <summary>
/// Creates a new group in Active Directory
/// </summary>
/// <param name="sOU">The OU location you want to save your new Group</param>
/// <param name="sGroupName">The name of the new group</param>
/// <param name="sDescription">The description of the new group</param>
/// <param name="oGroupScope">The scope of the new group</param>
/// <param name="bSecurityGroup">True is you want this group to be a security group, false if you want this as a distribution group</param>
/// <returns>Retruns the GroupPrincipal object</returns>
public GroupPrincipal CreateNewGroup(string sOU, string sGroupName, string sDescription, GroupScope oGroupScope, bool bSecurityGroup)
{
PrincipalContext oPrincipalContext = GetPrincipalContext(sOU);
GroupPrincipal oGroupPrincipal = new GroupPrincipal(oPrincipalContext, sGroupName);
oGroupPrincipal.Description = sDescription;
oGroupPrincipal.GroupScope = oGroupScope;
oGroupPrincipal.IsSecurityGroup = bSecurityGroup;
oGroupPrincipal.Save();
return oGroupPrincipal;
}
public void AddUserToGroup(GroupPrincipal group, UserPrincipal user)
{
//now add user to "Users" group so it displays in Control Panel
try
{
group.Members.Add(user);
group.Save();
BatchState.State = UserProcessState.WIN_GROUP_OK;
}
catch (Exception)
{
BatchState.State = UserProcessState.WIN_GROUP_ERROR;
throw;
}
}
public static void createGroups(string domain, string ou, int numOfGroups)
{
ContextType contextType = ContextType.Domain;
using (PrincipalContext ctx = new PrincipalContext(contextType, domain, ou))
{
for (int i = 0; i < numOfGroups; i++)
{
try
{
GroupPrincipal groupPrincipal = new GroupPrincipal(ctx);
groupPrincipal.Name = SampleData.GetSampleValueRandom(SampleData.Accounts);
groupPrincipal.DisplayName = groupPrincipal.Name;
groupPrincipal.Save();
}
catch (Exception ex)
{
Errors.Log(ex);
}
}
}
}
private void RemoveUserFromGroup(UserPrincipal user, GroupPrincipal group)
{
group.Members.Remove(user);
group.Save();
}
private void AddUserToGroup(UserPrincipal user, GroupPrincipal group)
{
group.Members.Add(user);
group.Save();
}
private GroupPrincipal CreateOrGetGroupPrincipal(GroupInformation groupInfo)
{
GroupPrincipal group = null;
// If we have a SID, use that, otherwise name
group = GetGroupPrincipal(groupInfo.Name);
if (group == null)
{
// We create the GroupPrincipal, but https://connect.microsoft.com/VisualStudio/feedback/details/525688/invalidoperationexception-with-groupprincipal-and-sam-principalcontext-for-setting-any-property-always
// prevents us from then setting stuff on it.. so we then have to locate its relative DE
// and modify *that* instead. Oi.
using (group = new GroupPrincipal(m_machinePrincipal))
{
group.Name = groupInfo.Name;
group.Save();
using (DirectoryEntry newGroupDe = m_sam.Children.Add(groupInfo.Name, "Group"))
{
if (!string.IsNullOrEmpty(groupInfo.Description))
{
newGroupDe.Properties["Description"].Value = groupInfo.Description;
newGroupDe.CommitChanges();
}
}
// We have to re-fetch to get changes made via underlying DE
return GetGroupPrincipal(group.Name);
}
}
return group;
}
/// <summary>
/// Creates a new security group
/// </summary>
/// <param name="oupath"></param>
/// <param name="groupname"></param>
/// <param name="description"></param>
/// <param name="isSecurityGroup"></param>
/// <param name="isUniversal"></param>
public void Create(string oupath, string groupname, string description, bool isSecurityGroup, bool isUniversal)
{
PrincipalContext pc = null;
GroupPrincipal gp = null;
try
{
// Remove all whitespaces
groupname = groupname.Replace(" ", string.Empty);
this.logger.Debug("Attempting to create new group named " + groupname + " on path " + oupath);
pc = new PrincipalContext(ContextType.Domain, this.domainController, oupath, this.username, this.password);
gp = GroupPrincipal.FindByIdentity(pc, IdentityType.Name, groupname);
if (gp == null)
{
this.logger.Debug("Group " + groupname + " does not exist... so we can continue...");
gp = new GroupPrincipal(pc, groupname);
gp.IsSecurityGroup = isSecurityGroup;
gp.GroupScope = isUniversal ? GroupScope.Universal : GroupScope.Global;
gp.Save();
this.logger.Info("Successfully created new group " + groupname);
}
else
throw new Exception("Group " + groupname + " already exists. Please delete this group before continuing.");
}
catch (Exception ex)
{
this.logger.Error("Error creating new group " + groupname, ex);
throw;
}
finally
{
if (gp != null)
gp.Dispose();
if (pc != null)
pc.Dispose();
}
}
/// <summary>
/// Creates a new group
/// </summary>
/// <param name="groupName">The name of the new group</param>
/// <param name="isUserGroup">If true (default), the new group will be made a subgroup of Domain Users</param>
/// <returns></returns>
public GroupPrincipal CreateGroup(string groupName, Boolean isUserGroup=true)
{
GroupPrincipal g = new GroupPrincipal(_GlobalContext, groupName);
g.Save();
//Add new group as a subgroup of Domain Users
//if (isUserGroup)
//{
// GroupPrincipal users = GetOrCreate("Domain Users");
// users.Members.Add(g);
// users.Save();
//}
return g;
}
public SecurityGroup Create(string parentOU, SecurityGroup group)
{
PrincipalContext ctx = null;
GroupPrincipal grp = null;
try
{
log.DebugFormat("Creating a new group {0}", group.Name);
if (string.IsNullOrEmpty(parentOU))
throw new MissingFieldException("Create", "parentOU");
if (string.IsNullOrEmpty(group.Name))
throw new MissingFieldException("SecurityGroup", "Name");
if (string.IsNullOrEmpty(group.SamAccountName))
throw new MissingFieldException("SecurityGroup", "SamAccountName");
if (group.SamAccountName.Length > 19)
throw new ArgumentOutOfRangeException(group.SamAccountName);
ctx = new PrincipalContext(ContextType.Domain, _domainController, parentOU, _username, _password);
grp = new GroupPrincipal(ctx, group.SamAccountName);
grp.Name = group.Name;
grp.IsSecurityGroup = true;
if (!string.IsNullOrEmpty(group.Description))
grp.Description = group.Description;
if (!string.IsNullOrEmpty(group.DisplayName))
grp.DisplayName = group.DisplayName;
grp.Save();
log.DebugFormat("Successfully created new group {0}", group.Name);
// Update the values
group.DistinguishedName = grp.DistinguishedName;
group.ObjectGUID = (Guid)grp.Guid;
return group;
}
catch (Exception ex)
{
log.ErrorFormat("Error creating new group {0}. Exception: {1}", group.Name, ex.ToString());
throw;
}
finally
{
if (grp != null)
grp.Dispose();
if (ctx != null)
ctx.Dispose();
}
}
/// <summary>
/// Elimina un usuario de un grupo
/// </summary>
/// <param name="usuario">Usuario que se quiere eliminar del grupo</param>
/// <param name="grupo">Grupo del que se desea eliminar el usuario</param>
public void EliminarUsuarioDeGrupo(UserPrincipal usuario, GroupPrincipal grupo)
{
if (grupo.Members.Contains(usuario))
{
grupo.Members.Remove(usuario);
grupo.Save();
}
}
/// <summary>
/// Edita la información de un grupo
/// </summary>
/// <param name="grupo">Grupo que se quiere editar</param>
/// <param name="descripción">Nueva descripción</param>
public void EditarGrupo(GroupPrincipal grupo, string descripción)
{
grupo.Description = descripción;
grupo.Save();
}
/// <summary>
/// Agrega un usuario a un grupo
/// </summary>
/// <param name="usuario">Usuario que se quiere agregar</param>
/// <param name="grupo">Grupo al que se quiere agregar</param>
public void AgregarUsuarioAGrupo(UserPrincipal usuario, GroupPrincipal grupo)
{
if (!grupo.Members.Contains(usuario))
{
grupo.Members.Add(usuario);
grupo.Save();
}
}
/// <summary>
/// Add AD Group
/// </summary>
/// <param name="groupInfo">CreateGroupRequest</param>
/// <returns>ResponseMessage</returns>
public ResponseMessage AddGroup( RequestGroupCreate groupInfo )
{
ResponseMessage status = new ResponseMessage();
status.IsSuccessful = false;
status.Message = string.Empty;
Session stat = ValidateSession( groupInfo.DomainInfo.SessionKey );
if ( stat.IsAuthenticated == true )
{
PrincipalContext principalContext = null;
string uri = FixADURI( groupInfo.DomainInfo.ADHost , groupInfo.DomainInfo.ContainerPath );
if ( string.IsNullOrWhiteSpace( uri ) )
{
status.Message = status.Message = "AD Host is not allowed to be empty, kindly provide the AD Host";
return status;
}
bool isAllowWite = CheckWriteOermission( uri , groupInfo.DomainInfo.BindingUserName , groupInfo.DomainInfo.BindingUserPassword );
try
{
GroupPrincipal group = FindADGroup( groupInfo.GroupName , groupInfo.DomainInfo );
if ( group != null )
{
status.Message = @"There is a existing group with the provided name, kindly choose another name";
return status;
}
else
{
principalContext = new PrincipalContext( ContextType.Domain , groupInfo.DomainInfo.DomainName , groupInfo.DomainInfo.ContainerPath , groupInfo.DomainInfo.BindingUserName , groupInfo.DomainInfo.BindingUserPassword );
group = new GroupPrincipal( principalContext , groupInfo.GroupName );
group.DisplayName = groupInfo.DisplayName;
group.Description = groupInfo.Description;
group.GroupScope = groupInfo.OGroupScope;
group.IsSecurityGroup = groupInfo.IsSecurityGroup;
group.Save();
status.Message = @"Group has been added successfully ";
status.IsSuccessful = true;
return status;
}
}
catch ( Exception ex )
{
status.Message = status.Message = "error has accured while adding the desgnated group" + ex;
return status;
}
}
else
{
status.Message = "Kindly authenticate first";
return status;
}
}
/// <summary>
/// Creates a new group in the specified location where the name, displayName, and
/// SamAccountName are the value of the name parameter.
/// </summary>
/// <param name="name">The new group's name, display name and SamAccountName.</param>
/// <param name="location">The OU's distinguishedName where the new group should created.</param>
/// <param name="description">The description of the new group.</param>
/// <param name="scope">The GroupScope of the new group.</param>
/// <param name="isSecurityGroup">A boolean designating the new group as a security group or not.</param>
/// <returns>The GroupPrincipal object of the new group..</returns>
public static GroupPrincipal CreateGroup(string name, string location, string description, GroupScope scope, bool isSecurityGroup)
{
GroupPrincipal newGroup = new GroupPrincipal(GetPrincipalContext(location), name);
newGroup.GroupScope = scope;
newGroup.IsSecurityGroup = isSecurityGroup;
newGroup.Name = name;
newGroup.DisplayName = name;
newGroup.Description = description;
newGroup.Save();
return newGroup;
}
