/// <summary>
/// to update ldap contexts , If proxy user is not having permission then grant permission
/// </summary>
/// <param name="ldapUrl">ldap url</param>
/// <param name="LdapAdminDN">ldap admin dn</param>
/// <param name="LdapAdminPwd">ldap admin password</param>
private void UpdateLdapContexts(string ldapUrl, string LdapAdminDN, string LdapAdminPwd)
{
// for context , see if this proxy user has the rights or not in the search context (modified or unmodified)
LdapWebUtility ldapUtility = new LdapWebUtility(ldapUrl, LdapAdminDN, LdapAdminPwd);
// connect
log.Debug("context updation Connecting to {0}", ldapUrl);
ldapUtility.Connect();
foreach (string context in SearchContexts)
{
if ((context != null) && (context.Length > 0))
{
if (!ldapUtility.ValidateSearchContext(context))
{
log.Debug("Invalid context entered :{0}", context);
throw new Exception(string.Format("Invalid context entered: {0}", context));
}
}
log.Debug("Granting Read Rights to {0} on {1}", proxy, context);
try
{
ldapUtility.GrantReadRights(proxy, context);
}
catch (Exception ex)
{
log.Debug("Some exception in granting read access to this proxy user (DN may exist already) {0} {1}", context, proxy);
}
}
ldapUtility.Disconnect();
}
/// <summary>
/// Update the ldap settings
/// </summary>
/// <param name="LdapAdminDN">ldap admin DN</param>
/// <param name="LdapAdminPwd">ldap admin password</param>
/// <param name="FieldToUpdate">which field is to update in config file</param>
/// <param name="IsMaster">Is it master server</param>
private void UpdateLdapSettings(string LdapAdminDN, string LdapAdminPwd, string FieldToUpdate, bool IsMaster)
{
if (FieldToUpdate.Equals("LDAPURI"))
{
UriBuilder newUri = new UriBuilder();
newUri.Host = host;
newUri.Scheme = scheme;
Uri newldapUrl = new Uri(newUri.ToString());
string ldapUrl = newldapUrl.ToString();
log.Debug("into condition ldapuri modification, ldapurl is {0} and going to create an instance of ldaputility", ldapUrl);
LdapWebUtility ldapUtility = new LdapWebUtility(ldapUrl, LdapAdminDN, LdapAdminPwd);
if (ldapUtility.Secure)
{
string certfile = Path.Combine(storePath, "RootCert.cer");
if (Execute("../../../../bin/get-root-certificate", "{0} {1} {2} {3} get {4}",
ldapUtility.Host, ldapUtility.Port, LdapAdminDN, LdapAdminPwd, certfile) != 0)
{
//Failed , getting certificate and install
log.Debug("Failed : getting certificate for {0}", ldapUtility.Host);
throw new Exception(string.Format("Failed to get certificate."));
}
if (Execute("/usr/bin/mono", "/usr/lib/mono/1.0/certmgr.exe -add -c Trust {0}",
certfile) != 0)
{
//Failed , getting certificate and install
log.Debug("Failed : Installing certificate for {0}", ldapUtility.Host);
throw new Exception(string.Format("Failed to save certificate."));
}
}
log.Debug("Connecting to {0}", ldapUrl);
try
{
ldapUtility.Connect();
}
catch (Exception ex)
{
log.Debug("Ldap connect failed to server URL {0} ", ldapUrl);
throw new Exception(string.Format("Ldap connect failed to server URL {0} ", ldapUrl));
}
// get the directory type.
log.Debug("Querying for directory type...");
LdapDirectoryType directoryType = ldapUtility.QueryDirectoryType();
log.Debug(" {0}", directoryType);
ldapUtility.Disconnect();
if (directoryType.Equals(LdapDirectoryType.Unknown))
{
throw new Exception(string.Format("Unable to determine directory type for {0}", ldapUtility.Host));
}
// now check connecting with this proxy
ldapUtility = new LdapWebUtility(ldapUrl, proxy, password);
try
{
ldapUtility.Connect();
}
catch (Exception ex)
{
log.Debug("Ldap connect failed to server URL {0} with proxy user {1} ", ldapUrl, proxy);
throw new Exception(string.Format("Ldap connect failed to server URL {0} with proxy user {1} ", ldapUrl, proxy));
}
ldapUtility.Disconnect();
}
else
{
// ldap IP and SSL status has not changed , other fields (context, proxyDN, proxypwd) might have changed
UriBuilder newUri = new UriBuilder();
newUri.Host = host;
newUri.Scheme = scheme;
Uri newldapUrl = new Uri(newUri.ToString());
string ldapUrl = newldapUrl.ToString();
LdapWebUtility ldapUtility = new LdapWebUtility(ldapUrl, LdapAdminDN, LdapAdminPwd);
// connect
ldapUtility.Connect();
if (FieldToUpdate.Equals("PROXYDN"))
{
LdapDirectoryType directoryType = ldapUtility.QueryDirectoryType();
// proxy DN has changed , so either create user or change the password.
if (password == null || password == "")
{
ProxyUser proxyDetails = new ProxyUser();
ProxyPassword = proxyDetails.Password;
}
if (ldapUtility.CreateUser(proxy, password))
{
// successful, proxy user is created
log.Debug("New user created with DN = {0} ", proxy);
}
settingChangeMap |= ChangeMap.searchContexts;
}
else if (FieldToUpdate.Equals("PROXYPWD"))
{
if (password == null || password == "")
{
ProxyUser proxyDetails = new ProxyUser();
password = proxyDetails.Password;
}
ldapUtility.ChangePassword(proxy, password);
}
else
{
UpdateLdapContexts(ldapUrl, LdapAdminDN, LdapAdminPwd);
}
ldapUtility.Disconnect();
}
}