/// <summary> /// GetADFSAccounts method implmentation /// </summary> private static bool GetADFSAccounts(ref SIDsParametersRecord rec) { RegistryVersion reg = new RegistryVersion(); ADFSAdminPolicies pol = new ADFSAdminPolicies(); try { rec.ADFSAccountSID = GetADFSAccountSID(); rec.ADFSAccountName = GetADFSAccountName(); rec.ADFSServiceAccountSID = GetADFSServiceSID(); rec.ADFSServiceAccountName = GetADFSServiceName(); if (!reg.IsWindows2012R2) { rec.ADFSAdministrationGroupName = GetADFSAdminsGroupName(ref pol); rec.ADFSAdministrationGroupSID = GetADFSAdminsGroupSID(rec.ADFSAdministrationGroupName); rec.ADFSDelegateServiceAdministrationAllowed = pol.DelegateServiceAdministrationAllowed; rec.ADFSLocalAdminServiceAdministrationAllowed = pol.LocalAdminsServiceAdministrationAllowed; rec.ADFSSystemServiceAdministrationAllowed = pol.SystemServiceAdministrationAllowed; } else { rec.ADFSAdministrationGroupName = string.Empty; rec.ADFSAdministrationGroupSID = string.Empty; rec.ADFSDelegateServiceAdministrationAllowed = false; rec.ADFSLocalAdminServiceAdministrationAllowed = true; rec.ADFSSystemServiceAdministrationAllowed = true; } return(true); } catch (Exception) { return(false); } }
/// <summary> /// GetADFSAccounts method implmentation /// </summary> private static bool GetADFSAccounts(ref SIDsParametersRecord rec) { RegistryVersion reg = new RegistryVersion(); ADFSAdminPolicies pol = new ADFSAdminPolicies(); try { rec.ADFSAccountSID = GetADFSAccountSID(); rec.ADFSAccountName = GetADFSAccountName(); rec.ADFSServiceAccountSID = GetADFSServiceSID(); rec.ADFSServiceAccountName = GetADFSServiceName(); if (!reg.IsWindows2012R2) { rec.ADFSAdministrationGroupName = GetADFSAdminsGroupName(ref pol); rec.ADFSAdministrationGroupSID = GetADFSAdminsGroupSID(rec.ADFSAdministrationGroupName); rec.ADFSDelegateServiceAdministrationAllowed = pol.DelegateServiceAdministrationAllowed; rec.ADFSLocalAdminServiceAdministrationAllowed = pol.LocalAdminsServiceAdministrationAllowed; rec.ADFSSystemServiceAdministrationAllowed = pol.SystemServiceAdministrationAllowed; } else { rec.ADFSAdministrationGroupName = string.Empty; rec.ADFSAdministrationGroupSID = string.Empty; rec.ADFSDelegateServiceAdministrationAllowed = false; rec.ADFSLocalAdminServiceAdministrationAllowed = true; rec.ADFSSystemServiceAdministrationAllowed = true; } return(true); } catch (Exception ex) { Log.WriteEntry("Error loading SIDs informations : \r" + ex.Message, EventLogEntryType.Error, 666); return(false); } }
/// <summary> /// GetADFSServiceAdministrationProperties method implmentation /// </summary> private static string GetADFSServiceAdministrationProperties(ref ADFSAdminPolicies tuple) { Runspace SPRunSpace = null; PowerShell SPPowerShell = null; string grpname = string.Empty; try { RunspaceConfiguration SPRunConfig = RunspaceConfiguration.Create(); SPRunSpace = RunspaceFactory.CreateRunspace(SPRunConfig); SPPowerShell = PowerShell.Create(); SPPowerShell.Runspace = SPRunSpace; SPRunSpace.Open(); Pipeline pipeline = SPRunSpace.CreatePipeline(); Command exportcmd = new Command("Get-AdfsProperties | Select-Object -Property DelegateServiceAdministration, AllowSystemServiceAdministration, AllowLocalAdminsServiceAdministration", true); pipeline.Commands.Add(exportcmd); Collection <PSObject> PSOutput = pipeline.Invoke(); foreach (var result in PSOutput) { object objgrpname = result.Properties["DelegateServiceAdministration"].Value; if (objgrpname != null) { grpname = objgrpname.ToString(); } else { grpname = string.Empty; } bool sysok = Convert.ToBoolean(result.Properties["AllowSystemServiceAdministration"].Value); bool admok = Convert.ToBoolean(result.Properties["AllowLocalAdminsServiceAdministration"].Value); tuple.DelegateServiceAdministrationAllowed = (!string.IsNullOrEmpty(grpname)); tuple.SystemServiceAdministrationAllowed = sysok; tuple.LocalAdminsServiceAdministrationAllowed = admok; return(grpname.ToLower()); } } catch (Exception) { grpname = string.Empty; } finally { if (SPRunSpace != null) { SPRunSpace.Close(); } if (SPPowerShell != null) { SPPowerShell.Dispose(); } } return(grpname); }
/// <summary> /// GetADFSAdminsGroupName() method implmentation /// </summary> private static string GetADFSAdminsGroupName(ref ADFSAdminPolicies tuple) { try { return(GetADFSDelegateServiceAdministration(ref tuple)); } catch (Exception) { return(string.Empty); } }
/// <summary> /// GetADFSAdminsGroupName() method implmentation /// </summary> private static string GetADFSAdminsGroupName(ref ADFSAdminPolicies tuple) { try { return(GetADFSServiceAdministrationProperties(ref tuple)); } catch (Exception ex) { Log.WriteEntry("Error loading ADFS Administration Group Name : \r" + ex.Message, EventLogEntryType.Error, 666); return(string.Empty); } }