/// <summary> /// GetDirectoryEntryForUPN() method implmentation /// </summary> internal static DirectoryEntry GetDirectoryEntryForUser(ADDSHost host, string account, string password, string upn, bool usessl) { string root = "LDAP://"; DirectoryEntry entry = null; string dom = host.GetForestForUser(upn); if (usessl) { entry = new DirectoryEntry(root + dom + ":636"); } else { entry = new DirectoryEntry(root + dom); } if (!string.IsNullOrEmpty(account)) { entry.Username = account; } if (!string.IsNullOrEmpty(password)) { entry.Password = password; } return(entry); }
/// <summary> /// Update method implmentation /// </summary> public void Update(PSHost host) { ManagementAdminService.Initialize(true); MFAConfig cfg = ManagementAdminService.ADFSManager.Config; ADDSHost adds = cfg.Hosts.ActiveDirectoryHost; cfg.IsDirty = IsDirty; adds.Account = Account; adds.Password = adds.Password; adds.DomainAddress = adds.DomainAddress; adds.keyAttribute = KeyAttribute; adds.mailAttribute = MailAttribute; adds.methodAttribute = MethodAttribute; adds.notifcheckdateattribute = NotifCheckDateAttribute; adds.notifcreatedateAttribute = NotifCreateDateAttribute; adds.notifvalidityAttribute = NotifValidityAttribute; adds.phoneAttribute = PhoneAttribute; adds.totpAttribute = TOTPAttribute; adds.totpEnabledAttribute = TOTPEnabledAttribute; ManagementAdminService.ADFSManager.WriteConfiguration(host); using (MailSlotClient mailslot = new MailSlotClient()) { mailslot.SendNotification(0xAA); } }
/// <summary> /// GetDomainForUser method implmentation /// </summary> internal static string GetSAMAccountForUser(ADDSHost host, string username) { string result = string.Empty; switch (ClaimsUtilities.IdentityClaimTag) { case MFASecurityClaimTag.Upn: string foresttofind = username.Substring(username.IndexOf('@') + 1); if (!string.IsNullOrEmpty(foresttofind)) { return(GetNetBiosName(host, username)); } else { return(null); } case MFASecurityClaimTag.WindowsAccountName: string ntlmdomain = username.Substring(0, username.IndexOf('\\')); if (!string.IsNullOrEmpty(ntlmdomain)) { return(username); } else { return(null); } } return(result); }
/// <summary> /// Update method implmentation /// </summary> public void Update(PSHost host) { ManagementService.Initialize(host, true); MFAConfig cfg = ManagementService.Config; ADDSHost adds = cfg.Hosts.ActiveDirectoryHost; cfg.IsDirty = IsDirty; adds.Account = Account; adds.Password = adds.Password; adds.DomainAddress = adds.DomainAddress; if (!ManagementService.CheckRepositoryAttribute(KeyAttribute, 1)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", KeyAttribute)); } adds.keyAttribute = KeyAttribute; if (!ManagementService.CheckRepositoryAttribute(MailAttribute, 1)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", MailAttribute)); } adds.mailAttribute = MailAttribute; if (!ManagementService.CheckRepositoryAttribute(MethodAttribute, 1)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", MethodAttribute)); } adds.methodAttribute = MethodAttribute; if (!ManagementService.CheckRepositoryAttribute(NotifCheckDateAttribute, 1)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", NotifCheckDateAttribute)); } adds.notifcheckdateattribute = NotifCheckDateAttribute; if (!ManagementService.CheckRepositoryAttribute(NotifCreateDateAttribute, 1)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", NotifCreateDateAttribute)); } adds.notifcreatedateAttribute = NotifCreateDateAttribute; if (!ManagementService.CheckRepositoryAttribute(NotifValidityAttribute, 1)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", NotifValidityAttribute)); } adds.notifvalidityAttribute = NotifValidityAttribute; if (!ManagementService.CheckRepositoryAttribute(PhoneAttribute, 1)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", PhoneAttribute)); } adds.phoneAttribute = PhoneAttribute; if (!ManagementService.CheckRepositoryAttribute(TOTPAttribute, 1)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", TOTPAttribute)); } adds.totpAttribute = TOTPAttribute; if (!ManagementService.CheckRepositoryAttribute(TOTPEnabledAttribute, 1)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", TOTPEnabledAttribute)); } adds.totpEnabledAttribute = TOTPEnabledAttribute; ManagementService.ADFSManager.WriteConfiguration(host); }
/// <summary> /// GetForestForUser method implementation /// </summary> internal static string GetForestForUser(ADDSHost host, string username) { string result = string.Empty; switch (ClaimsUtilities.IdentityClaimTag) { case MFASecurityClaimTag.Upn: string foresttofind = username.Substring(username.IndexOf('@') + 1); result = foresttofind; foreach (ADDSHostForest f in Forests) { if (f.IsRoot) // By default Any root domain, subdomain, toplevelname on default forest { result = f.ForestDNS; } else // trusted forests { if (f.ForestDNS.ToLower().Equals(foresttofind.ToLower())) // root domain { result = f.ForestDNS; break; } if (foresttofind.ToLower().EndsWith("." + f.ForestDNS.ToLower())) // subdomain { result = f.ForestDNS; break; } foreach (string s in f.TopLevelNames) // toplevelnames { if (s.ToLower().Equals(foresttofind.ToLower())) { result = f.ForestDNS; break; } } } } break; case MFASecurityClaimTag.WindowsAccountName: string ntlmdomain = username.Substring(0, username.IndexOf('\\')); DirectoryContext ctx = null; if (string.IsNullOrEmpty(host.Account) && string.IsNullOrEmpty(host.Password)) { ctx = new DirectoryContext(DirectoryContextType.Domain, ntlmdomain); } else { ctx = new DirectoryContext(DirectoryContextType.Domain, ntlmdomain, host.Account, host.Password); } result = Domain.GetDomain(ctx).Forest.RootDomain.Name; break; } return(result); }
/// <summary> /// GetDirectoryEntry() method implmentation /// </summary> internal static DirectoryEntry GetDirectoryEntry(ADDSHost host, SearchResult sr, bool usessl) { DirectoryEntry entry = sr.GetDirectoryEntry(); entry.Path = sr.Path; // Take SearchResult path if (!string.IsNullOrEmpty(host.Account)) { entry.Username = host.Account; } if (!string.IsNullOrEmpty(host.Password)) { entry.Password = host.Password; } return(entry); }
/// <summary> /// Update method implmentation /// </summary> public void Update(PSHost host) { ManagementService.Initialize(host, true); MFAConfig cfg = ManagementService.Config; ADDSHost adds = cfg.Hosts.ActiveDirectoryHost; cfg.IsDirty = IsDirty; if (!ManagementService.CheckADDSAttribute(DomainAddress, Account, Password, KeyAttribute, true)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", KeyAttribute)); } if (!ManagementService.CheckADDSAttribute(DomainAddress, Account, Password, MailAttribute, true)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", MailAttribute)); } if (!ManagementService.CheckADDSAttribute(DomainAddress, Account, Password, PhoneAttribute, true)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", PhoneAttribute)); } if (!ManagementService.CheckADDSAttribute(DomainAddress, Account, Password, MethodAttribute, false)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", MethodAttribute)); } if (!ManagementService.CheckADDSAttribute(DomainAddress, Account, Password, OverrideMethodAttribute, false)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", OverrideMethodAttribute)); } if (!ManagementService.CheckADDSAttribute(DomainAddress, Account, Password, PinAttribute, false)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", PinAttribute)); } if (!ManagementService.CheckADDSAttribute(DomainAddress, Account, Password, EnabledAttribute, false)) { throw new ArgumentException(string.Format("Attribute {0} not found in forest schema !", EnabledAttribute)); } adds.Account = Account; adds.Password = Password; adds.DomainAddress = DomainAddress; adds.keyAttribute = KeyAttribute; adds.mailAttribute = MailAttribute; adds.phoneAttribute = PhoneAttribute; adds.methodAttribute = MethodAttribute; adds.overridemethodAttribute = OverrideMethodAttribute; PinAttribute = adds.pinattribute; adds.totpEnabledAttribute = EnabledAttribute; adds.MaxRows = MaxRows; ManagementService.ADFSManager.WriteConfiguration(host); }
/// <summary> /// Update method implmentation /// </summary> public void Load(PSHost host) { ManagementService.Initialize(host, true); MFAConfig cfg = ManagementService.Config; ADDSHost adds = cfg.Hosts.ActiveDirectoryHost; IsDirty = cfg.IsDirty; Account = adds.Account; Password = adds.Password; DomainAddress = adds.DomainAddress; KeyAttribute = adds.keyAttribute; MailAttribute = adds.mailAttribute; PhoneAttribute = adds.phoneAttribute; MethodAttribute = adds.methodAttribute; OverrideMethodAttribute = adds.overridemethodAttribute; EnabledAttribute = adds.totpEnabledAttribute; }
/// <summary> /// Update method implmentation /// </summary> public void Load(PSHost host) { ManagementService.Initialize(host, true); MFAConfig cfg = ManagementService.Config; ADDSHost adds = cfg.Hosts.ActiveDirectoryHost; IsDirty = cfg.IsDirty; Account = adds.Account; Password = adds.Password; DomainAddress = adds.DomainAddress; KeyAttribute = adds.keyAttribute; MailAttribute = adds.mailAttribute; MethodAttribute = adds.methodAttribute; NotifCheckDateAttribute = adds.notifcheckdateattribute; NotifCreateDateAttribute = adds.notifcreatedateAttribute; NotifValidityAttribute = adds.notifvalidityAttribute; PhoneAttribute = adds.phoneAttribute; TOTPAttribute = adds.totpAttribute; TOTPEnabledAttribute = adds.totpEnabledAttribute; }
/// <summary> /// GetDirectoryEntry() method implmentation /// </summary> internal static DirectoryEntry GetDirectoryEntry(ADDSHost host, string path, bool usessl) { string root = "LDAP://"; DirectoryEntry entry = null; if (!string.IsNullOrEmpty(host.DomainName)) { if (usessl) { entry = new DirectoryEntry(root + host.DomainName + ":636"); } else { entry = new DirectoryEntry(root + host.DomainName); } } else { Domain dom = Domain.GetComputerDomain(); if (usessl) { entry = new DirectoryEntry(root + dom.Name + ":636"); } else { entry = new DirectoryEntry(root + dom.Name); } } entry.Path = path; if (!string.IsNullOrEmpty(host.Account)) { entry.Username = host.Account; } if (!string.IsNullOrEmpty(host.Password)) { entry.Password = host.Password; } return(entry); }
/// <summary> /// GetNetBiosName method /// </summary> private static string GetNetBiosName(ADDSHost host, string username) { try { using (DirectoryEntry rootdir = ADDSUtils.GetDirectoryEntryForUser(host, host.Account, host.Password, username)) { string qryldap = "(&(objectCategory=user)(objectClass=user)(userPrincipalName=" + username + ")(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"; using (DirectorySearcher dsusr = new DirectorySearcher(rootdir, qryldap)) { dsusr.PropertiesToLoad.Clear(); dsusr.PropertiesToLoad.Add("objectGUID"); dsusr.PropertiesToLoad.Add("msDS-PrincipalName"); dsusr.ReferralChasing = ReferralChasingOption.All; SearchResult sr = dsusr.FindOne(); if (sr != null) { using (DirectoryEntry DirEntry = ADDSUtils.GetDirectoryEntry(host, sr)) { if (DirEntry.Properties["objectGUID"].Value != null) { return(sr.Properties["msDS-PrincipalName"][0].ToString()); } else { return(null); } }; } } } } catch (Exception ex) { DataLog.WriteEntry(ex.Message, System.Diagnostics.EventLogEntryType.Error, 5000); throw new Exception(ex.Message); } return(null); }
/// <summary> /// GetDirectoryEntryForUPN() method implmentation /// </summary> internal static DirectoryEntry GetDirectoryEntryForUser(ADDSHost host, string upn) { string root = "LDAP://"; DirectoryEntry entry = null; if (!string.IsNullOrEmpty(host.DomainName)) { if (_usessl) { entry = new DirectoryEntry(root + host.DomainName + ":636"); } else { entry = new DirectoryEntry(root + host.DomainName); } } else { string dom = ADDSUtils.GetForestForUser(host, upn); if (_usessl) { entry = new DirectoryEntry(root + dom + ":636"); } else { entry = new DirectoryEntry(root + dom); } } if (!string.IsNullOrEmpty(host.Account)) { entry.Username = host.Account; } if (!string.IsNullOrEmpty(host.Password)) { entry.Password = host.Password; } return(entry); }
/// <summary> /// GetDirectoryEntry() method implmentation /// </summary> internal static DirectoryEntry GetDirectoryEntry(ADDSHost host, ADDSHostForest forest, bool usessl) { string root = "LDAP://"; DirectoryEntry entry = null; if (!string.IsNullOrEmpty(host.DomainName)) { if (usessl) { entry = new DirectoryEntry(root + host.DomainName + ":636"); } else { entry = new DirectoryEntry(root + host.DomainName); } } else { if (usessl) { entry = new DirectoryEntry(root + forest.ForestDNS + ":636"); } else { entry = new DirectoryEntry(root + forest.ForestDNS); } } if (!string.IsNullOrEmpty(host.Account)) { entry.Username = host.Account; } if (!string.IsNullOrEmpty(host.Password)) { entry.Password = host.Password; } return(entry); }
/// <summary> /// DoImport() method implmentation /// </summary> public override bool DoImport() { char sep = Path.DirectorySeparatorChar; string filename = Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles) + sep + "MFA" + sep + "adimport-" + DateTime.Now.ToFileTime().ToString() + ".log"; TraceListener listen = InitializeTrace(filename); try { ADDSHost adht = Config.Hosts.ActiveDirectoryHost; if (string.IsNullOrEmpty(Parameters.DomainName)) { Parameters.DomainName = adht.DomainName; } if (string.IsNullOrEmpty(Parameters.UserName)) { Parameters.UserName = adht.Account; } if (string.IsNullOrEmpty(Parameters.Password)) { Parameters.Password = adht.Password; } DataRepositoryService client = null; switch (Config.StoreMode) { case DataRepositoryKind.ADDS: client = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow); break; case DataRepositoryKind.SQL: client = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow); break; case DataRepositoryKind.Custom: client = CustomDataRepositoryActivator.CreateInstance(Config.Hosts.CustomStoreHost, Config.DeliveryWindow); break; } Trace.WriteLine(""); Trace.WriteLine(string.Format("Importing for AD : {0}", Parameters.LDAPPath)); Trace.Indent(); Trace.WriteLine("Query users from AD"); MFAUserList lst = client.ImportMFAUsers(Parameters, DisableAll); Trace.WriteLine(string.Format("Query returns {0} user(s) from AD", lst.Count.ToString())); DataRepositoryService client2 = null; switch (Config.StoreMode) { case DataRepositoryKind.ADDS: Trace.WriteLine(""); Trace.WriteLine("Importing ADDS Mode"); Trace.Indent(); client2 = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow); break; case DataRepositoryKind.SQL: Trace.WriteLine(""); Trace.WriteLine("Importing SQL Mode"); Trace.Indent(); client2 = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow); break; case DataRepositoryKind.Custom: Trace.WriteLine(""); Trace.WriteLine("Importing Custom Store Mode"); Trace.Indent(); client2 = CustomDataRepositoryActivator.CreateInstance(Config.Hosts.CustomStoreHost, Config.DeliveryWindow); break; } client2.OnKeyDataEvent += KeyDataEvent; foreach (MFAUser reg in lst) { try { MFAUser ext = client2.GetMFAUser(reg.UPN); if (ext == null) { reg.PIN = Convert.ToInt32(Config.DefaultPin); reg.PreferredMethod = Config.DefaultProviderMethod; } else { if (this.Parameters.Method != PreferredMethod.None) { reg.PreferredMethod = this.Parameters.Method; } else { reg.PreferredMethod = ext.PreferredMethod; } } if (reg.PIN <= 0) { reg.PIN = Convert.ToInt32(Config.DefaultPin); } if (!Utilities.ValidateEmail(reg.MailAddress, (Config.MailProvider.Enabled && Config.MailProvider.IsRequired))) { throw new Exception(string.Format("invalid mail address for user : {0}", reg.UPN)); } if (!Utilities.ValidatePhoneNumber(reg.PhoneNumber, (Config.ExternalProvider.Enabled && Config.ExternalProvider.IsRequired))) { throw new Exception(string.Format("invalid phone number for user : {0}", reg.UPN)); } client2.AddMFAUser(reg, ForceNewKey, true); Trace.TraceInformation(string.Format("User {0} Imported in MFA", reg.UPN)); if (!string.IsNullOrEmpty(reg.MailAddress)) { if (SendEmail) { string qrcode = KeysManager.EncodedKey(reg.UPN); CultureInfo info = null; try { info = CultureInfo.CurrentUICulture; } catch { info = new CultureInfo(Config.DefaultCountryCode); } MailUtilities.SendKeyByEmail(reg.MailAddress, reg.UPN, qrcode, Config.MailProvider, Config, info); Trace.TraceInformation(string.Format("Sending Sensitive mail for User {0}", reg.UPN)); } } } catch (Exception ex) { ErrorsCount++; Trace.TraceError("Error importing User {0} : {1}", reg.UPN, ex.Message); } finally { RecordsCount++; } } Trace.Unindent(); Trace.WriteLine(""); Trace.WriteLine(string.Format("Imported {0} User(s) from AD Source", RecordsCount)); } catch (Exception ex) { Trace.Unindent(); Trace.TraceError(string.Format("Error importing from AD : {0}", ex.Message)); Log.WriteEntry(string.Format("Error importing from AD : {0}", ex.Message), EventLogEntryType.Error, 20000); return(false); } finally { Trace.Unindent(); FinalizeTrace(listen); } return(true); }
/// <summary> /// DoCleanUp() method implmentation /// </summary> public bool DoCleanUp() { char sep = Path.DirectorySeparatorChar; string filename = Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles) + sep + "MFA" + sep + "adcleanup-" + DateTime.Now.ToFileTime().ToString() + ".log"; TraceListener listen = InitializeTrace(filename); try { ADDSHost adht = Config.Hosts.ActiveDirectoryHost; if (string.IsNullOrEmpty(Parameters.DomainName)) { Parameters.DomainName = adht.DomainName; } if (string.IsNullOrEmpty(Parameters.UserName)) { Parameters.UserName = adht.Account; } if (string.IsNullOrEmpty(Parameters.Password)) { Parameters.Password = adht.Password; } DataRepositoryService client = null; switch (Config.StoreMode) { case DataRepositoryKind.ADDS: client = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow); break; case DataRepositoryKind.SQL: client = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow); break; case DataRepositoryKind.Custom: client = CustomDataRepositoryActivator.CreateInstance(Config.Hosts.CustomStoreHost, Config.DeliveryWindow); break; } Trace.WriteLine(""); Trace.WriteLine("Clean Up from AD"); Trace.Indent(); Trace.WriteLine("Query deleted users from AD"); List <string> lst = client.CleanMFAUsers(Parameters); Trace.WriteLine(string.Format("Query returns {0} deleted user(s) from AD", lst.Count.ToString())); DataRepositoryService client2 = null; switch (Config.StoreMode) { case DataRepositoryKind.ADDS: Trace.WriteLine(""); Trace.WriteLine("Clean Up ADDS Mode"); Trace.Indent(); client2 = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow); break; case DataRepositoryKind.SQL: Trace.WriteLine(""); Trace.WriteLine("Clean Up SQL Mode"); Trace.Indent(); client2 = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow); break; case DataRepositoryKind.Custom: Trace.WriteLine(""); Trace.WriteLine("Clean Up Custom Store Mode"); Trace.Indent(); client2 = CustomDataRepositoryActivator.CreateInstance(Config.Hosts.CustomStoreHost, Config.DeliveryWindow); break; } client2.OnKeyDataEvent += KeyDataEvent; foreach (string del in lst) { MFAUser reg = client2.GetMFAUser(del); if (reg != null) { try { if (reg.UPN.ToLower().Equals(del.ToLower())) { client2.DeleteMFAUser(reg); Trace.TraceInformation(string.Format("User {0} Removed from MFA", reg.UPN)); RecordsCount++; } } catch (Exception ex) { ErrorsCount++; Trace.TraceError("Error Cleaning User {0} from MFA : {1}", reg.UPN, ex.Message); } } } Trace.Unindent(); Trace.WriteLine(""); Trace.WriteLine(string.Format("Cleaned {0} Deleted MFA User(s) from AD Source", RecordsCount)); } catch (Exception ex) { Trace.Unindent(); Trace.TraceError(string.Format("Error Cleaning Up from AD : {0}", ex.Message)); Log.WriteEntry(string.Format("Error Cleaning Up from AD : {0}", ex.Message), EventLogEntryType.Error, 20000); return(false); } finally { Trace.Unindent(); FinalizeTrace(listen); } return(true); }
/// <summary> /// DoImport() method implmentation /// </summary> public override bool DoImport() { char sep = Path.DirectorySeparatorChar; string filename = Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles) + sep + "MFA" + sep + "adimport-" + DateTime.Now.ToFileTime().ToString() + ".log"; TraceListener listen = InitializeTrace(filename); try { ADDSHost adht = Config.Hosts.ActiveDirectoryHost; if (string.IsNullOrEmpty(DomainName)) { DomainName = adht.DomainName; } if (string.IsNullOrEmpty(UserName)) { UserName = adht.Account; } if (string.IsNullOrEmpty(Password)) { Password = adht.Password; } DataRepositoryService client = null; switch (Config.StoreMode) { case DataRepositoryKind.ADDS: client = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow); break; case DataRepositoryKind.SQL: client = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow); break; case DataRepositoryKind.Custom: client = CustomDataRepositoryActivator.CreateInstance(Config.Hosts.CustomStoreHost, Config.DeliveryWindow); break; } Trace.WriteLine(""); Trace.WriteLine(string.Format("Importing for AD : {0}", LDAPPath)); Trace.Indent(); Trace.WriteLine("Querying users from AD"); MFAUserList lst = client.ImportMFAUsers(DomainName, UserName, Password, LDAPPath, CreatedSince, ModifiedSince, MailAttribute, PhoneAttribute, Method, Config.Hosts.ActiveDirectoryHost.UseSSL, DisableAll); Trace.WriteLine(string.Format("Querying return {0} users from AD", lst.Count.ToString())); DataRepositoryService client2 = null; switch (Config.StoreMode) { case DataRepositoryKind.ADDS: Trace.WriteLine(""); Trace.WriteLine("Importing ADDS Mode"); Trace.Indent(); client2 = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow); break; case DataRepositoryKind.SQL: Trace.WriteLine(""); Trace.WriteLine("Importing SQL Mode"); Trace.Indent(); client2 = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow); break; case DataRepositoryKind.Custom: Trace.WriteLine(""); Trace.WriteLine("Importing Custom Store Mode"); Trace.Indent(); client2 = CustomDataRepositoryActivator.CreateInstance(Config.Hosts.CustomStoreHost, Config.DeliveryWindow); break; } client2.OnKeyDataEvent += KeyDataEvent; foreach (MFAUser reg in lst) { Trace.TraceInformation(string.Format("Importing user {0} from AD", reg.UPN)); try { MFAUser ext = client2.GetMFAUser(reg.UPN); if (ext == null) { reg.PIN = Config.DefaultPin; client2.AddMFAUser(reg, ForceNewKey, false); Trace.TraceInformation(string.Format("User {0} Imported in MFA", reg.UPN)); if (!string.IsNullOrEmpty(reg.MailAddress)) { if (SendEmail) { string qrcode = KeysManager.EncodedKey(reg.UPN); CultureInfo info = null; try { info = CultureInfo.CurrentUICulture; } catch { info = new CultureInfo(Config.DefaultCountryCode); } MailUtilities.SendKeyByEmail(reg.MailAddress, reg.UPN, qrcode, Config.MailProvider, Config, info); Trace.TraceInformation(string.Format("Sending Sensitive mail for User {0} Imported in MFA", reg.UPN)); } } RecordsCount++; } } catch (Exception ex) { ErrorsCount++; Trace.TraceError("Error importing Record N° {0} \r\r {1}", (RecordsCount + 1).ToString(), ex.Message); } } } catch (Exception ex) { Trace.TraceError(string.Format("Error importing from AD \r\r {0}", ex.Message)); return(false); } finally { Trace.Unindent(); FinalizeTrace(listen); } return(true); }
/// <summary> /// DoImport() method implmentation /// </summary> public override bool DoImport() { string filename = Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles) + "\\MFA\\adimport-" + DateTime.Now.ToFileTime().ToString() + ".log"; TraceListener listen = InitializeTrace(filename); try { ADDSHost adht = Config.Hosts.ActiveDirectoryHost; if (string.IsNullOrEmpty(DomainName)) { DomainName = adht.DomainName; } if (string.IsNullOrEmpty(UserName)) { UserName = adht.Account; } if (string.IsNullOrEmpty(Password)) { Password = adht.Password; } DataRepositoryService client = new ADDSDataRepositoryService(adht, Config.DeliveryWindow); Trace.WriteLine(""); Trace.WriteLine(string.Format("Importing for AD : {0}", LDAPPath)); Trace.Indent(); Trace.WriteLine("Querying users from AD"); RegistrationList lst = client.GetImportUserRegistrations(DomainName, UserName, Password, LDAPPath, CreatedSince, ModifiedSince, MailAttribute, PhoneAttribute, Method, DisableAll); Trace.WriteLine(string.Format("Querying return {0} users from AD", lst.Count.ToString())); DataRepositoryService client2 = null; if (Config.UseActiveDirectory) { Trace.WriteLine(""); Trace.WriteLine("Importing ADDS Mode"); Trace.Indent(); client2 = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow); } else { Trace.WriteLine(""); Trace.WriteLine("Importing SQL Mode"); Trace.Indent(); client2 = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow); } client2.OnKeyDataEvent += KeyDataEvent; foreach (Registration reg in lst) { Trace.TraceInformation(string.Format("Importing user {0} from AD", reg.UPN)); try { reg.PIN = Config.DefaultPin; client2.AddUserRegistration(reg, ForceNewKey, true); Trace.TraceInformation(string.Format("User {0} Imported in MFA", reg.UPN)); } catch (Exception ex) { ErrorsCount++; Trace.TraceError("Error importing Record N° {0} \r\r {1}", (RecordsCount + 1).ToString(), ex.Message); } finally { RecordsCount++; } } } catch (Exception ex) { Trace.TraceError(string.Format("Error importing from AD \r\r {0}", ex.Message)); return(false); } finally { Trace.Unindent(); FinalizeTrace(listen); } return(true); }
internal WebAuthNPublicKeySerialization(ADDSHost host = null) { _host = host; }