public LdapUser(LdapAttributeSet attributeSet)
: base(attributeSet)
{
Cn = attributeSet.GetAttribute("cn")?.StringValue;
if (attributeSet.ContainsKey("mail"))
{
Mail = attributeSet.GetAttribute("mail")?.StringValue;
}
}
public User Login(string userName, string password)
{
User user = new User();
using (var cn = new Novell.Directory.Ldap.LdapConnection())
{
cn.Connect(config.Path, config.Port);
try
{
cn.Bind(config.UserDomainName + "\\" + userName, password);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
Console.WriteLine("Failed login attempt for user " + userName);
user = null;
return(user);
}
string filter = "sAMAccountname=" + userName;
string baseStr = "OU=BLS,DC=blacklanternsecurity,DC=com";
LdapSearchResults result = (LdapSearchResults)cn.Search(baseStr, LdapConnection.ScopeSub, filter, null, false);
LdapEntry entry = null;
try
{
entry = result.First();
}
catch (LdapException e)
{
Console.WriteLine("Error: " + e.LdapErrorMessage);
}
LdapAttributeSet attributeSet = entry.GetAttributeSet();
user.DisplayName = attributeSet.GetAttribute("displayName").StringValue;
user.GivenName = attributeSet.GetAttribute("givenName").StringValue;
user.UserName = userName;
return(user);
}
}
protected LdapEntryBase(LdapAttributeSet attributeSet)
{
ObjectClass = attributeSet.GetAttribute("objectClass")?.StringValueArray;
if (attributeSet.ContainsKey("distinguishedName"))
{
Dn = attributeSet.GetAttribute("distinguishedName")?.StringValue;
}
else if (attributeSet.ContainsKey("dn"))
{
Dn = attributeSet.GetAttribute("dn")?.StringValue;
}
else
{
throw new DistinguishedNameNotInAttributeSetException();
}
}
private Models.LdapEntry CreateEntryFromAttributes(string distinguishedName, LdapAttributeSet attributeSet)
{
return(new Models.LdapEntry
{
ObjectSid = attributeSet.GetAttribute("objectSid")?.StringValue,
ObjectGuid = attributeSet.GetAttribute("objectGUID")?.StringValue,
ObjectCategory = attributeSet.GetAttribute("objectCategory")?.StringValue,
ObjectClass = attributeSet.GetAttribute("objectClass")?.StringValue,
CommonName = attributeSet.GetAttribute("cn")?.StringValue,
Name = attributeSet.GetAttribute("name")?.StringValue,
DistinguishedName = attributeSet.GetAttribute("distinguishedName")?.StringValue ?? distinguishedName,
SamAccountName = attributeSet.GetAttribute("sAMAccountName")?.StringValue,
SamAccountType = int.Parse(attributeSet.GetAttribute("sAMAccountType")?.StringValue ?? "0"),
});
}
public static void AssertSameAs(this LdapAttributeSet expectedAttributeSet, LdapAttributeSet actualAttributeSet, List <string> excludeAttributes)
{
Assert.Equal(expectedAttributeSet.Count, actualAttributeSet.Count);
foreach (LdapAttribute expectedAttribute in expectedAttributeSet)
{
if (excludeAttributes.Contains(expectedAttribute.Name))
{
continue;
}
var actualAttribute = actualAttributeSet.GetAttribute(expectedAttribute.Name);
actualAttribute.ByteValues.Should().BeEquivalentTo(expectedAttribute.ByteValues);
}
}
public static Task <bool> LoginAsync(string username, string password)
{
CancellationTokenSource cts = new CancellationTokenSource();
CancellationToken cancellationToken = cts.Token;
LdapConnection conn = null;
return(Task.Factory.StartNew(() => {
conn = new LdapConnection();
conn.Connect(Host, Port);
if (!string.IsNullOrEmpty(username))
{
try
{
conn.Bind(dn, pa);
}
catch (Exception e)
{
conn.Disconnect();
return false;
}
string searchBase = filter;
int searchScope = LdapConnection.ScopeSub;
string searchFilter = "uid=" + username.Trim();
LdapSearchQueue queue = conn.Search(searchBase,
searchScope,
searchFilter,
null,
false,
(LdapSearchQueue)null,
(LdapSearchConstraints)null);
LdapMessage message;
while ((message = queue.GetResponse()) != null)
{
try
{
string msg = message.ToString();
LdapEntry entry = ((LdapSearchResult)message).Entry;
LdapAttributeSet attributeSet = entry.GetAttributeSet();
System.Collections.IEnumerator ienum = attributeSet.GetEnumerator();
LdapAttribute cn = attributeSet.GetAttribute("cn");
string idUser = cn.StringValue;
try
{
conn.Bind("cn=" + idUser + "," + filter, password);
}
catch (Exception e)
{
conn.Disconnect();
return false;
}
conn.Disconnect();
return true;
}
catch (Exception e)
{
conn.Disconnect();
return false;
}
}
}
return false;
}, cancellationToken));
}
public static Task <bool> ModifyAsync(string oldUsername, string username, string password, string nombre, string apellido, string email)
{
CancellationTokenSource cts = new CancellationTokenSource();
CancellationToken cancellationToken = cts.Token;
LdapConnection conn = null;
return(Task.Factory.StartNew(() => {
conn = new LdapConnection();
conn.Connect(Host, Port);
if (!string.IsNullOrEmpty(username))
{
try
{
conn.Bind(dn, pa);
}
catch (Exception e)
{
conn.Disconnect();
return false;
}
string searchBase = filter;
int searchScope = LdapConnection.ScopeSub;
string searchFilter = "uid=" + username.Trim();
LdapSearchQueue queue = conn.Search(searchBase,
searchScope,
searchFilter,
null,
false,
(LdapSearchQueue)null,
(LdapSearchConstraints)null);
LdapMessage message;
while ((message = queue.GetResponse()) != null)
{
try
{
string msg = message.ToString();
LdapEntry entry = ((LdapSearchResult)message).Entry;
LdapAttributeSet attributeSet = entry.GetAttributeSet();
System.Collections.IEnumerator ienum = attributeSet.GetEnumerator();
LdapAttribute cn = attributeSet.GetAttribute("cn");
string idUser = cn.StringValue;
try
{
conn.Delete("cn=" + idUser + "," + filter);
LdapAttributeSet ldapAttributeSet = new LdapAttributeSet();
ldapAttributeSet.Add(new LdapAttribute("cn", nombre + " " + apellido));
ldapAttributeSet.Add(new LdapAttribute("sn", username));
ldapAttributeSet.Add(new LdapAttribute("homeDirectory", "/home/users/" + username));
ldapAttributeSet.Add(new LdapAttribute("objectClass", new string[] { "inetOrgPerson", "posixAccount", "top" }));
ldapAttributeSet.Add(new LdapAttribute("uid", username));
ldapAttributeSet.Add(new LdapAttribute("givenName", nombre));
ldapAttributeSet.Add(new LdapAttribute("uidNumber", "1000"));
ldapAttributeSet.Add(new LdapAttribute("gidNumber", "500"));
ldapAttributeSet.Add(new LdapAttribute("mail", email));
ldapAttributeSet.Add(new LdapAttribute("userPassword", password));
LdapEntry ldapEntry = new LdapEntry("cn=" + nombre + " " + apellido + "," + filter, ldapAttributeSet);
conn.Add(ldapEntry);
}
catch (Exception e)
{
conn.Disconnect();
return false;
}
conn.Disconnect();
return true;
}
catch (Exception e)
{
conn.Disconnect();
return false;
}
}
}
return false;
}, cancellationToken));
}
public LdapLogin(LdapConfiguration config, string username, string password)
{
this.TimeoutSeconds = config.TimeoutSeconds;
using (var cn = new LdapConnection())
{
// connect
try
{
string server = string.IsNullOrWhiteSpace(config.Server) ? config.Domain : config.Server;
cn.Connect(server, config.Port);
// bind with an username and password
// this how you can verify the password of an user
cn.Bind(config.BindUser, config.BindPassword);
string searchBase = config.SearchBase;
string searchFilter = string.Empty;
if (username.Contains("@"))
{
searchFilter = $"(userPrincipalName=" + username + ")";
}
else
{
searchFilter = $"(samaccountname=" + username + ")";
}
string[] attrs = new string[] { "cn", "userPrincipalName", "givenname", "samaccountname",
"displayname", "givenName", "sn", "objectSid", "memberOf" };
try
{
ILdapSearchResults results = cn.Search(config.SearchBase, LdapConnection.ScopeSub,
searchFilter, attrs, false);
string[] groups = null;
while (results.HasMore())
{
LdapEntry nextEntry = null;
try
{
nextEntry = results.Next();
}
catch
{
continue;
}
// Get the attribute set of the entry
LdapAttributeSet attributeSet = nextEntry.GetAttributeSet();
this.CN = attributeSet.GetAttribute("cn")?.StringValue;
this.ID = attributeSet.GetAttribute("objectSid")?.StringValue;
this.GivenName = attributeSet.GetAttribute("givenname")?.StringValue;
this.Surname = attributeSet.GetAttribute("sn")?.StringValue;
this.Name = attributeSet.GetAttribute("displayname")?.StringValue;
groups = attributeSet.GetAttribute("memberOf")?.StringValueArray;
if (groups != null)
{
foreach (string group in groups)
{
if (group.Equals(config.AdminGroupDN, StringComparison.OrdinalIgnoreCase))
{
this.IsAdmin = true;
}
if (group.Equals(config.UserGroupDN, StringComparison.OrdinalIgnoreCase))
{
this.IsUser = true;
}
}
}
}
cn.Bind(this.CN, password);
this.IsAuthenticated = true;
cn.Disconnect();
}
catch
{
this.IsAuthenticated = false;
return;
}
}
catch
{
this.IsAuthenticated = false;
}
}
}
public LdapOrganization(LdapAttributeSet attributeSet)
: base(attributeSet)
{
Ou = attributeSet.GetAttribute("ou")?.StringValue;
}
private LdapUser CreateUserFromAttributes(string distinguishedName, LdapAttributeSet attributeSet)
{
var ldapUser = new LdapUser
{
ObjectSid = attributeSet.GetAttribute("objectSid")?.StringValue,
ObjectGuid = attributeSet.GetAttribute("objectGUID")?.StringValue,
ObjectCategory = attributeSet.GetAttribute("objectCategory")?.StringValue,
ObjectClass = attributeSet.GetAttribute("objectClass")?.StringValue,
IsDomainAdmin = attributeSet.GetAttribute("memberOf") != null && attributeSet.GetAttribute("memberOf").StringValueArray.Contains("CN=Domain Admins," + this._ldapSettings.SearchBase),
MemberOf = attributeSet.GetAttribute("memberOf")?.StringValueArray,
CommonName = attributeSet.GetAttribute("cn")?.StringValue,
UserName = attributeSet.GetAttribute("name")?.StringValue,
SamAccountName = attributeSet.GetAttribute("sAMAccountName")?.StringValue,
UserPrincipalName = attributeSet.GetAttribute("userPrincipalName")?.StringValue,
Name = attributeSet.GetAttribute("name")?.StringValue,
DistinguishedName = attributeSet.GetAttribute("distinguishedName")?.StringValue ?? distinguishedName,
DisplayName = attributeSet.GetAttribute("displayName")?.StringValue,
FirstName = attributeSet.GetAttribute("givenName")?.StringValue,
LastName = attributeSet.GetAttribute("sn")?.StringValue,
Description = attributeSet.GetAttribute("description")?.StringValue,
Phone = attributeSet.GetAttribute("telephoneNumber")?.StringValue,
EmailAddress = attributeSet.GetAttribute("mail")?.StringValue,
Address = new LdapAddress
{
Street = attributeSet.GetAttribute("streetAddress")?.StringValue,
City = attributeSet.GetAttribute("l")?.StringValue,
PostalCode = attributeSet.GetAttribute("postalCode")?.StringValue,
StateName = attributeSet.GetAttribute("st")?.StringValue,
CountryName = attributeSet.GetAttribute("co")?.StringValue,
CountryCode = attributeSet.GetAttribute("c")?.StringValue
},
SamAccountType = int.Parse(attributeSet.GetAttribute("sAMAccountType")?.StringValue ?? "0")
};
return(ldapUser);
}