Ejemplo n.º 1
0
        private void DoLDAPDirectoryInit()
        {
            int    num;
            string str = "";

            if (this.name != null)
            {
                if (this.contextType != ContextType.ApplicationDirectory)
                {
                    str = this.name;
                }
                else
                {
                    string str1 = this.serverProperties.dnsHostName;
                    string str2 = ":";
                    if ((ContextOptions.SecureSocketLayer & this.options) > 0)
                    {
                        num = this.serverProperties.portSSL;
                    }
                    else
                    {
                        num = this.serverProperties.portLDAP;
                    }
                    str = string.Concat(str1, str2, num);
                }
                str = string.Concat(str, "/");
            }
            AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(this.options);

            using (DirectoryEntry directoryEntry = new DirectoryEntry(string.Concat("LDAP://", str, this.container), this.username, this.password, authTypes))
            {
                try
                {
                    if (this.serverProperties.portSSL > 0)
                    {
                        directoryEntry.Options.PasswordPort = this.serverProperties.portSSL;
                    }
                    StoreCtx storeCtx = this.CreateContextFromDirectoryEntry(directoryEntry);
                    this.queryCtx        = storeCtx;
                    this.userCtx         = storeCtx;
                    this.groupCtx        = storeCtx;
                    this.computerCtx     = storeCtx;
                    this.connectedServer = ADUtils.GetServerName(directoryEntry);
                }
                catch (COMException cOMException1)
                {
                    COMException cOMException = cOMException1;
                    throw ExceptionHelper.GetExceptionFromCOMException(cOMException);
                }
                catch (Exception exception)
                {
                    throw;
                }
            }
        }
Ejemplo n.º 2
0
 protected override void LoadDomainInfo()
 {
     this.dnsHostName    = ADUtils.GetServerName(this.ctxBase);
     this.domainFlatName = this.userSuppliedServerName;
     this.forestDnsName  = this.userSuppliedServerName;
     this.domainDnsName  = this.userSuppliedServerName;
     using (DirectoryEntry directoryEntry = new DirectoryEntry(string.Concat("LDAP://", this.userSuppliedServerName, "/rootDse"), "", "", AuthenticationTypes.Anonymous))
     {
         string item   = (string)this.ctxBase.Properties["distinguishedName"][0];
         int    length = -1;
         foreach (string str in directoryEntry.Properties["namingContexts"])
         {
             if (str.Length <= length || !item.EndsWith(str, StringComparison.OrdinalIgnoreCase))
             {
                 continue;
             }
             length = str.Length;
             this.contextBasePartitionDN = str;
         }
     }
     UnsafeNativeMethods.Pathname     pathname    = new UnsafeNativeMethods.Pathname();
     UnsafeNativeMethods.IADsPathname aDsPathname = (UnsafeNativeMethods.IADsPathname)pathname;
     aDsPathname.Set(this.ctxBase.Path, 1);
     try
     {
         this.userSuppliedServerName = aDsPathname.Retrieve(9);
     }
     catch (COMException cOMException1)
     {
         COMException cOMException = cOMException1;
         if (cOMException.ErrorCode != -2147463168)
         {
             throw;
         }
         else
         {
             this.userSuppliedServerName = "";
         }
     }
 }
Ejemplo n.º 3
0
        private void DoLDAPDirectoryInitNoContainer()
        {
            byte[] USERS_CONTAINER_GUID     = new byte[] { 0xa9, 0xd1, 0xca, 0x15, 0x76, 0x88, 0x11, 0xd1, 0xad, 0xed, 0x00, 0xc0, 0x4f, 0xd8, 0xd5, 0xcd };
            byte[] COMPUTERS_CONTAINER_GUID = new byte[] { 0xaa, 0x31, 0x28, 0x25, 0x76, 0x88, 0x11, 0xd1, 0xad, 0xed, 0x00, 0xc0, 0x4f, 0xd8, 0xd5, 0xcd };

            // The StoreCtxs that will be used in the PrincipalContext, and their associated DirectoryEntry objects.
            DirectoryEntry deUserGroupOrg = null;
            DirectoryEntry deComputer     = null;
            DirectoryEntry deBase         = null;

            ADStoreCtx storeCtxUserGroupOrg = null;
            ADStoreCtx storeCtxComputer     = null;
            ADStoreCtx storeCtxBase         = null;

            GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "Entering DoLDAPDirectoryInitNoContainer");

            //
            // Build a DirectoryEntry that represents the root of the domain.
            //

            // Use the RootDSE to find the default naming context
            DirectoryEntry deRootDse = null;
            string         adsPathBase;

            // use the servername if they gave us one, else let ADSI figure it out
            string serverName = "";

            if (_name != null)
            {
                serverName = _name + "/";
            }

            GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: serverName is " + serverName);

            // use the options they specified
            AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(_options);

            GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: authTypes is " + authTypes.ToString());

            try
            {
                deRootDse = new DirectoryEntry("LDAP://" + serverName + "rootDse", _username, _password, authTypes);

                // This will also detect if the server is down or nonexistent
                string domainNC = (string)deRootDse.Properties["defaultNamingContext"][0];
                adsPathBase = "LDAP://" + serverName + domainNC;

                GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: domainNC is " + domainNC);
                GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: adsPathBase is " + adsPathBase);
            }
            finally
            {
                // Don't allow the DE to leak
                deRootDse?.Dispose();
            }

            try
            {
                // Build a DE for the root of the domain using the retrieved naming context
                deBase = new DirectoryEntry(adsPathBase, _username, _password, authTypes);

                // Set the password port to the ssl port read off of the rootDSE.  Without this
                // password change/set won't work when we connect without SSL and ADAM is running
                // on non-standard port numbers.  We have already verified directory connectivity at this point
                // so this should always succeed.
                if (_serverProperties.portSSL > 0)
                {
                    deBase.Options.PasswordPort = _serverProperties.portSSL;
                }

                //
                // Use the wellKnownObjects attribute to determine the default location
                // for users and computers.
                //
                string adsPathUserGroupOrg = null;
                string adsPathComputer     = null;

                PropertyValueCollection wellKnownObjectValues = deBase.Properties["wellKnownObjects"];

                foreach (UnsafeNativeMethods.IADsDNWithBinary value in wellKnownObjectValues)
                {
                    if (Utils.AreBytesEqual(USERS_CONTAINER_GUID, (byte[])value.BinaryValue))
                    {
                        Debug.Assert(adsPathUserGroupOrg == null);
                        adsPathUserGroupOrg = "LDAP://" + serverName + value.DNString;

                        GlobalDebug.WriteLineIf(
                            GlobalDebug.Info,
                            "PrincipalContext",
                            "DoLDAPDirectoryInitNoContainer: found USER, adsPathUserGroupOrg is " + adsPathUserGroupOrg);
                    }

                    // Is it the computer container?
                    if (Utils.AreBytesEqual(COMPUTERS_CONTAINER_GUID, (byte[])value.BinaryValue))
                    {
                        Debug.Assert(adsPathComputer == null);
                        adsPathComputer = "LDAP://" + serverName + value.DNString;

                        GlobalDebug.WriteLineIf(
                            GlobalDebug.Info,
                            "PrincipalContext",
                            "DoLDAPDirectoryInitNoContainer: found COMPUTER, adsPathComputer is " + adsPathComputer);
                    }
                }

                if ((adsPathUserGroupOrg == null) || (adsPathComputer == null))
                {
                    // Something's wrong with the domain, it's not exposing the proper
                    // well-known object fields.
                    throw new PrincipalOperationException(SR.ContextNoWellKnownObjects);
                }

                //
                // Build DEs for the Users and Computers containers.
                // The Users container will also be used as the default for Groups.
                // The reason there are different contexts for groups, users and computers is so that
                // when a principal is created it will go into the appropriate default container.  This is so users don't
                // by default create principals in the root of their directory.  When a search happens the base context is used so that
                // the whole directory will be covered.
                //
                deUserGroupOrg = new DirectoryEntry(adsPathUserGroupOrg, _username, _password, authTypes);
                deComputer     = new DirectoryEntry(adsPathComputer, _username, _password, authTypes);

                StoreCtx userStore = CreateContextFromDirectoryEntry(deUserGroupOrg);

                _userCtx       = userStore;
                _groupCtx      = userStore;
                deUserGroupOrg = null;  // since we handed off ownership to the StoreCtx

                _computerCtx = CreateContextFromDirectoryEntry(deComputer);

                deComputer = null;

                _queryCtx = CreateContextFromDirectoryEntry(deBase);

                _connectedServer = ADUtils.GetServerName(deBase);

                deBase = null;
            }
            catch (Exception e)
            {
                GlobalDebug.WriteLineIf(GlobalDebug.Error,
                                        "PrincipalContext",
                                        "DoLDAPDirectoryInitNoContainer: caught exception of type "
                                        + e.GetType().ToString() +
                                        " and message " + e.Message);

                // Cleanup on failure.  Once a DE has been successfully handed off to a ADStoreCtx,
                // that ADStoreCtx will handle Dispose()'ing it
                deUserGroupOrg?.Dispose();
                deComputer?.Dispose();
                deBase?.Dispose();
                storeCtxUserGroupOrg?.Dispose();
                storeCtxComputer?.Dispose();
                storeCtxBase?.Dispose();

                throw;
            }
        }
Ejemplo n.º 4
0
        private void DoLDAPDirectoryInit()
        {
            // use the servername if they gave us one, else let ADSI figure it out
            string serverName = "";

            if (_name != null)
            {
                if (_contextType == ContextType.ApplicationDirectory)
                {
                    serverName = _serverProperties.dnsHostName + ":" +
                                 ((ContextOptions.SecureSocketLayer & _options) > 0 ? _serverProperties.portSSL : _serverProperties.portLDAP);
                }
                else
                {
                    serverName = _name;
                }

                serverName += "/";
            }

            GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInit: serverName is " + serverName);

            // use the options they specified
            AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(_options);

            GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInit: authTypes is " + authTypes.ToString());

            DirectoryEntry de = new DirectoryEntry("LDAP://" + serverName + _container, _username, _password, authTypes);

            try
            {
                // Set the password port to the ssl port read off of the rootDSE.  Without this
                // password change/set won't work when we connect without SSL and ADAM is running
                // on non-standard port numbers.  We have already verified directory connectivity at this point
                // so this should always succeed.
                if (_serverProperties.portSSL > 0)
                {
                    de.Options.PasswordPort = _serverProperties.portSSL;
                }

                StoreCtx storeCtx = CreateContextFromDirectoryEntry(de);

                _queryCtx    = storeCtx;
                _userCtx     = storeCtx;
                _groupCtx    = storeCtx;
                _computerCtx = storeCtx;

                _connectedServer = ADUtils.GetServerName(de);
                de = null;
            }
            catch (System.Runtime.InteropServices.COMException e)
            {
                throw ExceptionHelper.GetExceptionFromCOMException(e);
            }
            catch (Exception e)
            {
                GlobalDebug.WriteLineIf(GlobalDebug.Error, "PrincipalContext",
                                        "DoLDAPDirectoryInit: caught exception of type "
                                        + e.GetType().ToString() +
                                        " and message " + e.Message);

                throw;
            }
            finally
            {
                // Cleanup the DE on failure
                de?.Dispose();
            }
        }
Ejemplo n.º 5
0
        // Must be called inside of lock(domainInfoLock)
        protected override void LoadDomainInfo()
        {
            GlobalDebug.WriteLineIf(GlobalDebug.Info, "ADStoreCtx", "LoadComputerInfo");

            Debug.Assert(this.ctxBase != null);

            //
            // DNS Domain Name
            //
            this.dnsHostName = ADUtils.GetServerName(this.ctxBase);
            // Treat the user supplied server name as the domain and forest name...
            this.domainFlatName = userSuppliedServerName;
            this.forestDnsName  = userSuppliedServerName;
            this.domainDnsName  = userSuppliedServerName;

            //
            // Find the partition in which the supplied ctxBase belongs by comparing it with the list of partitions hosted by this
            // LDS (ADAM) instance.
            //
            using (DirectoryEntry rootDse = new DirectoryEntry("LDAP://" + this.userSuppliedServerName + "/rootDse", "", "", AuthenticationTypes.Anonymous))
            {
                string ctxBaseDN      = (string)this.ctxBase.Properties["distinguishedName"][0];
                int    maxMatchLength = -1;
                foreach (string partitionDN in rootDse.Properties["namingContexts"])
                {
                    if ((partitionDN.Length > maxMatchLength) && ctxBaseDN.EndsWith(partitionDN, StringComparison.OrdinalIgnoreCase))
                    {
                        maxMatchLength = partitionDN.Length;
                        this.contextBasePartitionDN = partitionDN;
                    }
                }
            }

            //
            // User supplied name
            //
            UnsafeNativeMethods.Pathname     pathCracker = new UnsafeNativeMethods.Pathname();
            UnsafeNativeMethods.IADsPathname pathName    = (UnsafeNativeMethods.IADsPathname)pathCracker;

            pathName.Set(this.ctxBase.Path, 1 /* ADS_SETTYPE_FULL */);

            try
            {
                this.userSuppliedServerName = pathName.Retrieve(9 /*ADS_FORMAT_SERVER */);
                GlobalDebug.WriteLineIf(GlobalDebug.Info, "ADStoreCtx", "LoadComputerInfo: using user-supplied name {0}", this.userSuppliedServerName);
            }
            catch (COMException e)
            {
                if (((uint)e.ErrorCode) == ((uint)0x80005000))  // E_ADS_BAD_PATHNAME
                {
                    // Serverless path
                    GlobalDebug.WriteLineIf(GlobalDebug.Info, "ADStoreCtx", "LoadComputerInfo: using empty string as user-supplied name");
                    this.userSuppliedServerName = "";
                }
                else
                {
                    GlobalDebug.WriteLineIf(GlobalDebug.Error,
                                            "ADStoreCtx",
                                            "LoadComputerInfo: caught COMException {0} {1} looking for user-supplied name",
                                            e.ErrorCode,
                                            e.Message);

                    throw;
                }
            }
        }
Ejemplo n.º 6
0
        private void DoLDAPDirectoryInitNoContainer()
        {
            string str  = null;
            string str1 = null;

            byte[]         numArray        = new byte[] { 169, 209, 202, 21, 118, 136, 17, 209, 173, 237, 0, 192, 79, 216, 213, 205 };
            byte[]         numArray1       = numArray;
            byte[]         numArray2       = new byte[] { 170, 49, 40, 37, 118, 136, 17, 209, 173, 237, 0, 192, 79, 216, 213, 205 };
            byte[]         numArray3       = numArray2;
            DirectoryEntry directoryEntry  = null;
            DirectoryEntry directoryEntry1 = null;
            DirectoryEntry directoryEntry2 = null;
            ADStoreCtx     aDStoreCtx      = null;
            ADStoreCtx     aDStoreCtx1     = null;
            ADStoreCtx     aDStoreCtx2     = null;
            DirectoryEntry directoryEntry3 = null;
            string         str2            = "";

            if (this.name != null)
            {
                str2 = string.Concat(this.name, "/");
            }
            AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(this.options);

            using (directoryEntry3)
            {
                directoryEntry3 = new DirectoryEntry(string.Concat("LDAP://", str2, "rootDse"), this.username, this.password, authTypes);
                string item = (string)directoryEntry3.Properties["defaultNamingContext"][0];
                str = string.Concat("LDAP://", str2, item);
            }
            try
            {
                directoryEntry2 = new DirectoryEntry(str, this.username, this.password, authTypes);
                if (this.serverProperties.portSSL > 0)
                {
                    directoryEntry2.Options.PasswordPort = this.serverProperties.portSSL;
                }
                string str3 = null;
                PropertyValueCollection propertyValueCollection = directoryEntry2.Properties["wellKnownObjects"];
                foreach (UnsafeNativeMethods.IADsDNWithBinary aDsDNWithBinary in propertyValueCollection)
                {
                    if (Utils.AreBytesEqual(numArray1, (byte[])aDsDNWithBinary.BinaryValue))
                    {
                        str3 = string.Concat("LDAP://", str2, aDsDNWithBinary.DNString);
                    }
                    if (!Utils.AreBytesEqual(numArray3, (byte[])aDsDNWithBinary.BinaryValue))
                    {
                        continue;
                    }
                    str1 = string.Concat("LDAP://", str2, aDsDNWithBinary.DNString);
                }
                if (str3 == null || str1 == null)
                {
                    throw new PrincipalOperationException(StringResources.ContextNoWellKnownObjects);
                }
                else
                {
                    directoryEntry  = new DirectoryEntry(str3, this.username, this.password, authTypes);
                    directoryEntry1 = new DirectoryEntry(str1, this.username, this.password, authTypes);
                    StoreCtx storeCtx = this.CreateContextFromDirectoryEntry(directoryEntry);
                    this.userCtx         = storeCtx;
                    this.groupCtx        = storeCtx;
                    directoryEntry       = null;
                    this.computerCtx     = this.CreateContextFromDirectoryEntry(directoryEntry1);
                    directoryEntry1      = null;
                    this.queryCtx        = this.CreateContextFromDirectoryEntry(directoryEntry2);
                    this.connectedServer = ADUtils.GetServerName(directoryEntry2);
                    directoryEntry2      = null;
                }
            }
            catch (Exception exception)
            {
                if (directoryEntry != null)
                {
                    directoryEntry.Dispose();
                }
                if (directoryEntry1 != null)
                {
                    directoryEntry1.Dispose();
                }
                if (directoryEntry2 != null)
                {
                    directoryEntry2.Dispose();
                }
                if (aDStoreCtx != null)
                {
                    aDStoreCtx.Dispose();
                }
                if (aDStoreCtx1 != null)
                {
                    aDStoreCtx1.Dispose();
                }
                if (aDStoreCtx2 != null)
                {
                    aDStoreCtx2.Dispose();
                }
                throw;
            }
        }