public ActiveDirectoryHandlerResults SetAccessRuleOnGroup(string identity, string principal, string type, string rights)
{
string planName = config.Plans.Group.SetAccessRule;
AdAccessRule rule = CreateAccessRule(principal, type, rights);
StartPlanEnvelope pe = GetPlanEnvelope(identity, rule);
return(CallPlan(planName, pe));
}
public ActiveDirectoryHandlerResults RemoveAccessRuleFromOrgUnit(string identity, string principal, string type, string rights, string domain = null, string principaldomain = null, string inheritance = null)
{
string planName = config.Plans.OrganizationalUnit.RemoveAccessRule;
AdAccessRule rule = CreateAccessRule(BuildIdentity(principaldomain, principal), type, rights, inheritance);
StartPlanEnvelope pe = GetPlanEnvelope(BuildIdentity(domain, identity), rule);
return(CallPlan(planName, pe));
}
public ActiveDirectoryHandlerResults PurgeAccessRulesOnGroup(string identity, string principal)
{
string planName = config.Plans.Group.PurgeAccessRules;
AdAccessRule rule = CreateAccessRule(principal, null, null);
StartPlanEnvelope pe = GetPlanEnvelope(identity, rule);
return(CallPlan(planName, pe));
}
public ActiveDirectoryHandlerResults PurgeAccessRulesOnOrgUnit(string identity, string principal, string domain = null, string principaldomain = null)
{
string planName = config.Plans.OrganizationalUnit.PurgeAccessRules;
AdAccessRule rule = CreateAccessRule(BuildIdentity(principaldomain, principal), null, null, null);
StartPlanEnvelope pe = GetPlanEnvelope(BuildIdentity(domain, identity), rule);
return(CallPlan(planName, pe));
}
public ActiveDirectoryHandlerResults SetAccessRuleOnComputer(string identity, string principal, string type, string rights, string domain = null, string principaldomain = null, string inheritance = null)
{
string planName = config.Plans.Computer.SetAccessRule;
AdAccessRule rule = CreateAccessRule(BuildIdentity(principaldomain, principal), type, rights, inheritance);
StartPlanEnvelope pe = GetPlanEnvelope(BuildIdentity(domain, identity), rule);
return(CallPlan(planName, pe));
}
public ActiveDirectoryHandlerResults RemoveAccessRuleFromOrgUnit(string identity, string principal, string type, string rights)
{
string planName = config.Plans.OrganizationalUnit.RemoveAccessRule;
AdAccessRule rule = CreateAccessRule(principal, type, rights);
StartPlanEnvelope pe = GetPlanEnvelope(identity, rule);
return(CallPlan(planName, pe));
}
// Manipulating Access Rules
private StartPlanEnvelope GetPlanEnvelope(string identity, AdAccessRule rule)
{
StartPlanEnvelope pe = GetPlanEnvelope(identity);
if (rule != null)
{
if (!string.IsNullOrWhiteSpace(rule.Identity))
{
pe.DynamicParameters.Add(@"ruleidentity", rule.Identity);
}
pe.DynamicParameters.Add(@"ruletype", rule.Type.ToString());
pe.DynamicParameters.Add(@"rulerights", rule.Rights.ToString());
}
return(pe);
}
private AdAccessRule CreateAccessRule(string principal, string type, string rights)
{
AdAccessRule rule = new AdAccessRule()
{
Identity = principal
};
if (!String.IsNullOrWhiteSpace(type))
{
rule.Type = (AccessControlType)Enum.Parse(typeof(AccessControlType), type);
}
if (!String.IsNullOrWhiteSpace(rights))
{
rule.Rights = (ActiveDirectoryRights)Enum.Parse(typeof(ActiveDirectoryRights), rights);
}
return(rule);
}
