public override void ProcessDelete(String cacheId, PluginConnectorBaseDeployPackage package, Dictionary <String, Object> config, List <PluginConnectorBaseDeployPackageMapping> fieldMapping)
{
if (!CheckInputConfig(config, true, Log))
{
return;
}
try
{
LocalWindows lWin = new LocalWindows(config["server"].ToString(), config["username"].ToString(), config["password"].ToString());
try
{
lWin.Bind();
}
catch (Exception ex)
{
Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on connect to Windows '" + config["server"].ToString() + "': " + ex.Message, "");
lWin = null;
return;
}
String login = package.login;
String container = package.container;
if (login == "")
{
Log2(this, PluginLogType.Error, package.entityId, package.identityId, "IAM Login not found in properties list", "");
return;
}
if (container == "")
{
container = "IAMUsers";
}
DirectoryEntry user = lWin.FindUser(package.login);
if (user == null)
{
Log2(this, PluginLogType.Warning, package.entityId, package.identityId, "User not found", "");
return;
}
user.Parent.Children.Remove(user);
NotityDeletedUser(this, package.entityId, package.identityId);
if (package.password != "")
{
Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User updated with password", "");
}
else
{
Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User updated without password", "");
}
}
catch (Exception ex)
{
Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on process deploy: " + ex.Message, "");
}
}
public override void ProcessDeploy(String cacheId, PluginConnectorBaseDeployPackage package, Dictionary <String, Object> config, List <PluginConnectorBaseDeployPackageMapping> fieldMapping)
{
if (!CheckInputConfig(config, true, Log))
{
return;
}
StringBuilder logText = new StringBuilder();
try
{
WindowsPrincipal pricipal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
logText.AppendLine("Current user: "******"Has administrative right: " + pricipal.IsInRole(WindowsBuiltInRole.Administrator));
}
catch { }
try
{
if (package.login.Length > 20)
{
throw new Exception("Maximum size of login name reached, this method support up to 20 characters.");
}
LocalWindows lWin = new LocalWindows(config["server"].ToString(), config["username"].ToString(), config["password"].ToString());
try
{
lWin.Bind();
}
catch (Exception ex)
{
Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on connect to Windows '" + config["server"].ToString() + "': " + ex.Message + (ex.InnerException != null ? ex.InnerException.Message : ""), "");
lWin = null;
return;
}
logText.AppendLine("Successfully connected on " + config["server"].ToString());
String login = package.login;
if (login == "")
{
Log2(this, PluginLogType.Error, package.entityId, package.identityId, "IAM Login not found in properties list", "");
return;
}
logText.AppendLine("Trying to find user '" + package.login + "'...");
DirectoryEntry user = lWin.FindUser(package.login);
if (user == null)
{
logText.AppendLine("User not found, creating...");
//Usuário não encontrado, cria
if (package.password == "")
{
package.password = IAM.Password.RandomPassword.Generate(16);
Log2(this, PluginLogType.Warning, package.entityId, package.identityId, "User not found in AD and IAM Password not found in properties list, creating a random password (" + package.password + ")", "");
}
//Primeira senha define uma randômica de 20 caracteres para passar o sistema de complexidade e não apresentar erro
//nos próximos passos será tentato trocar a senha
lWin.AddUser(package.login, IAM.Password.RandomPassword.Generate(20));
user = lWin.FindUser(package.login);
Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User added", "");
}
else
{
logText.AppendLine("User founded");
}
logText.AppendLine("User path: " + user.Path);
try
{
UserFlags ctrl = (UserFlags)user.InvokeGet("userFlags");
//Limpa as flags que serão verificadas por este sistema
if ((ctrl & UserFlags.ACCOUNTDISABLE) == UserFlags.ACCOUNTDISABLE)
{
ctrl -= UserFlags.ACCOUNTDISABLE;
}
if ((package.locked) || (package.temp_locked))
{
ctrl = (UserFlags)((Int32)ctrl + UserFlags.ACCOUNTDISABLE);
}
logText.AppendLine("Setting user flags...");
user.Invoke("Put", new object[] { "UserFlags", (Int32)ctrl });
user.CommitChanges();
}
catch (Exception ex)
{
logText.AppendLine("Error applying user flags: " + ex.Message);
user = lWin.FindUser(package.login);
}
try
{
logText.AppendLine("Setting user password...");
if (!String.IsNullOrWhiteSpace(package.password))
{
user.Invoke("SetPassword", new Object[] { package.password });
}
user.CommitChanges();
}
catch (Exception ex)
{
String sPs = "";
try
{
PasswordStrength ps = CheckPasswordStrength(package.password, package.fullName.fullName);
sPs += "Length = " + package.password.Length + Environment.NewLine;
sPs += "Contains Uppercase? " + ps.HasUpperCase + Environment.NewLine;
sPs += "Contains Lowercase? " + ps.HasLowerCase + Environment.NewLine;
sPs += "Contains Symbol? " + ps.HasSymbol + Environment.NewLine;
sPs += "Contains Number? " + ps.HasDigit + Environment.NewLine;
sPs += "Contains part of the name/username? " + ps.HasNamePart + Environment.NewLine;
}
catch { }
Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on set user password, check the password complexity rules", ex.Message + (ex.InnerException != null ? " " + ex.InnerException.Message : "") + Environment.NewLine + sPs);
return;
}
try
{
logText.AppendLine("Setting user access...");
//Executa as ações do RBAC
if ((package.pluginAction != null) && (package.pluginAction.Count > 0))
{
foreach (PluginConnectorBaseDeployPackageAction act in package.pluginAction)
{
try
{
switch (act.actionKey.ToLower())
{
case "group":
if (act.actionType == PluginActionType.Add)
{
String grpCN = lWin.FindOrCreateGroup(act.actionValue);
if (lWin.AddUserToGroup(user.Name, grpCN))
{
Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User added in group " + act.actionValue + " by role " + act.roleName, "");
}
}
else if (act.actionType == PluginActionType.Remove)
{
String grpCN = lWin.FindOrCreateGroup(act.actionValue);
if (lWin.RemoveUserFromGroup(user.Name, grpCN))
{
Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User removed from group " + act.actionValue + " by role " + act.roleName, "");
}
}
break;
default:
Log2(this, PluginLogType.Warning, package.entityId, package.identityId, "Action not recognized: " + act.actionKey, "");
break;
}
}
catch (Exception ex)
{
Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on execute action (" + act.actionKey + "): " + ex.Message, "");
}
}
}
}
finally
{
user.Close();
}
NotityChangeUser(this, package.entityId);
if (package.password != "")
{
Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User updated with password", "");
}
else
{
Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User updated without password", "");
}
}
catch (Exception ex)
{
logText.AppendLine("Error: " + ex.Message);
if (ex.InnerException != null)
{
logText.AppendLine(ex.InnerException.Message);
}
logText.AppendLine("");
logText.AppendLine("");
logText.AppendLine("");
logText.AppendLine("### Package details");
String debugInfo = JSON.Serialize2(new { package = package, fieldMapping = fieldMapping });
if (package.password != "")
{
debugInfo = debugInfo.Replace(package.password, "Replaced for user security");
}
logText.AppendLine(debugInfo);
Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on process deploy: " + ex.Message, logText.ToString());
logText = null;
}
}
