Ejemplo n.º 1
0
        public static void BuildExtendedRightsDict()
        {
            _logger.Debug("Building an Extended Rights List");
            string extendedRightsDn = "CN=Extended-Rights," + Searcher.LdapInfo.ConfigDN;

            var rightsResult = Searcher.GetResultEntries(new LDAPSearchString
            {
                DN               = extendedRightsDn,
                Filter           = "(rightsGuid=*)",
                ReturnAttributes = new string[] { "rightsGuid", "cn" },
                Scope            = SearchScope.Subtree,
                //UseGlobalCatalog = true
            }).ToList();

            foreach (var rights in rightsResult)
            {
                //Ignore duplicated rightsGuid DNS-Host-Name-Attributes & Validated-DNS-Host-Name: "72e39547-7b18-11d1-adef-00c04fd8d5cd"
                string rightsGuid = rights.Attributes["rightsGuid"][0].ToString().ToLower();

                if (rightsGuid == "72e39547-7b18-11d1-adef-00c04fd8d5cd")
                {
                    continue;
                }

                ExtendedRightsList.Add(rightsGuid, rights.Attributes["cn"][0].ToString());
            }
            ExtendedRightsList.Add("72e39547-7b18-11d1-adef-00c04fd8d5cd", "DNS-Host-Name-Attributes & Validated-DNS-Host-Name");
            ExtendedRightsList.Add("aa4e1a6d-550d-4e05-8c35-4afcb917a9fe", "ms-TPM-OwnerInformation");
            ExtendedRightsList.Add("00000000-0000-0000-0000-000000000000", "All");
        }
Ejemplo n.º 2
0
        //It does not work well with Task
        public static string ResolveRightsGuid(string rightsGuid, bool isExtendedRights = true)
        {
            if (isExtendedRights)
            {
                if (ExtendedRightsList.ContainsKey(rightsGuid.ToLower()))
                {
                    return(ExtendedRightsList[rightsGuid.ToLower()]);
                }
                //ms-TPM-OwnerInformation:aa4e1a6d-550d-4e05-8c35-4afcb917a9fe (this is a schema attribute...)
                else
                {
                    _logger.Warn($"{rightsGuid} is extended rights but cannot be resolved");
                    return(rightsGuid);
                }
            }
            else
            {
                if (SchemaList.ContainsKey(rightsGuid.ToLower()))
                {
                    return(SchemaList[rightsGuid.ToLower()]);
                }
                else
                {
                    _logger.Warn($"{rightsGuid} is a schema attribute but cannot be resolved");
                    return(rightsGuid);
                }
            }

            //string partition = isExtendedRights ? "CN=Extended-Rights,CN=Configuration," : "CN=Schema,CN=Configuration,";
            //string partition = "CN=Schema,CN=Configuration,";

            //No SPACE near "="
            //From The .Net Developer Guide to Directory Services Programming Searching for Binary Data

            //resolve schema attributes / extended rights
            //string searchFilter = isExtendedRights ? @"(rightsGuid=" + rightsGuid + @")" :
            //    @"(schemaIDGUID=" + BuildFilterOctetString(new Guid(rightsGuid).ToByteArray()) + @")";
        }