internal virtual ErrorRecord ConstructErrorRecord(Exception e)
{
object obj;
IADErrorTarget aDErrorTarget = this as IADErrorTarget;
IHasErrorCode hasErrorCode = e as IHasErrorCode;
string str = "ActiveDirectoryCmdlet:";
if (hasErrorCode == null)
{
if (e != null)
{
str = string.Concat(str, e.GetType().ToString());
}
}
else
{
int errorCode = hasErrorCode.ErrorCode;
str = string.Concat("ActiveDirectoryServer:", errorCode.ToString());
}
Exception exception = e;
string str1 = str;
if (aDErrorTarget != null)
{
obj = aDErrorTarget.CurrentIdentity(e);
}
else
{
obj = null;
}
return(ADUtilities.GetErrorRecord(exception, str1, obj));
}
private bool SetADPrincipalGroupMembershipProcessCSRoutine()
{
if (this._cmdletParameters.Contains("Identity"))
{
ADPrincipal item = this._cmdletParameters["Identity"] as ADPrincipal;
this.SetPipelinedSessionInfo(item.SessionInfo);
CmdletSessionInfo cmdletSessionInfo = base.GetCmdletSessionInfo();
this._factory.SetCmdletSessionInfo(cmdletSessionInfo);
base.ValidateParameters();
this.ValidateMemberOfParameter();
try
{
ADPrincipal extendedObjectFromIdentity = this._factory.GetExtendedObjectFromIdentity(item, cmdletSessionInfo.DefaultPartitionPath);
this._validExtendedPrincipalList.Add(extendedObjectFromIdentity);
}
catch (ADIdentityNotFoundException aDIdentityNotFoundException1)
{
ADIdentityNotFoundException aDIdentityNotFoundException = aDIdentityNotFoundException1;
base.ThrowTerminatingError(ADUtilities.GetErrorRecord(aDIdentityNotFoundException, "SetADPrincipalGroupMembership:ProcessRecordOverride", item));
}
return(true);
}
else
{
object[] objArray = new object[1];
objArray[0] = "Identity";
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, StringResources.ParameterRequired, objArray));
}
}
private void bgWorker_DoWork(object sender, DoWorkEventArgs e)
{
if (_showAmLbl)
{
var user = ADUtilities.FindUser(IdentityType.SamAccountName, _userSamAccount, _domainController, _adminUser, _adminPass);
ADUtilities.AddUserToGroup(user, _groupDN, _domainController, _adminUser, _adminPass, true);
}
else
{
ADUtilities.AddUserToGroup(_domain, _domainController, _adminUser, _adminPass, _groupDN, _userSamAccount, true);
}
}
private void ValidateSubjectsAndAddToList()
{
object item = this._cmdletParameters["Subjects"];
ADPrincipal[] aDPrincipalArray = item as ADPrincipal[];
if (aDPrincipalArray == null)
{
ADPrincipal aDPrincipal = item as ADPrincipal;
if (aDPrincipal != null)
{
ADPrincipal[] aDPrincipalArray1 = new ADPrincipal[1];
aDPrincipalArray1[0] = aDPrincipal;
aDPrincipalArray = aDPrincipalArray1;
}
}
ADPrincipalFactory <ADPrincipal> aDPrincipalFactory = new ADPrincipalFactory <ADPrincipal>();
if (aDPrincipalArray[0].IsSearchResult)
{
this.SetPipelinedSessionInfo(aDPrincipalArray[0].SessionInfo);
}
CmdletSessionInfo cmdletSessionInfo = base.GetCmdletSessionInfo();
aDPrincipalFactory.SetCmdletSessionInfo(cmdletSessionInfo);
if (aDPrincipalArray != null)
{
new Hashtable();
ADPrincipal[] aDPrincipalArray2 = aDPrincipalArray;
for (int i = 0; i < (int)aDPrincipalArray2.Length; i++)
{
ADPrincipal aDPrincipal1 = aDPrincipalArray2[i];
try
{
ADObject directoryObjectFromIdentity = aDPrincipalFactory.GetDirectoryObjectFromIdentity(aDPrincipal1, cmdletSessionInfo.DefaultPartitionPath);
this._appliesToDNList.Add(directoryObjectFromIdentity.DistinguishedName);
}
catch (ADIdentityNotFoundException aDIdentityNotFoundException1)
{
ADIdentityNotFoundException aDIdentityNotFoundException = aDIdentityNotFoundException1;
DebugLogger.LogError("SetADFineGrainedPasswordPolicySubject", aDIdentityNotFoundException.ToString());
base.ThrowTerminatingError(ADUtilities.GetErrorRecord(aDIdentityNotFoundException, "SetADFineGrainedPasswordPolicySubject:ValidateSubjectsAndAddToList", aDPrincipal1));
}
}
}
}
private bool MoveADDirectoryServerProcessCSRoutine()
{
this._identityDSObj = this._cmdletParameters["Identity"] as ADDirectoryServer;
base.SetPipelinedSessionInfo(this._identityDSObj.SessionInfo);
CmdletSessionInfo cmdletSessionInfo = this.GetCmdletSessionInfo();
ADDirectoryServerFactory <ADDirectoryServer> aDDirectoryServerFactory = new ADDirectoryServerFactory <ADDirectoryServer>();
aDDirectoryServerFactory.SetCmdletSessionInfo(cmdletSessionInfo);
ADObject directoryObjectFromIdentity = aDDirectoryServerFactory.GetDirectoryObjectFromIdentity(this._identityDSObj, cmdletSessionInfo.DefaultPartitionPath);
string str = string.Concat("CN=Servers,", this._siteDirObj.DistinguishedName);
ADObjectSearcher aDObjectSearcher = SearchUtility.BuildSearcher(cmdletSessionInfo.ADSessionInfo, str, ADSearchScope.Base);
using (aDObjectSearcher)
{
aDObjectSearcher.Filter = ADOPathUtil.CreateFilterClause(ADOperator.Like, "objectClass", "*");
ADObject aDObject = aDObjectSearcher.FindOne();
if (aDObject == null)
{
base.ThrowTerminatingError(ADUtilities.GetErrorRecord(new ADIdentityNotFoundException(string.Format(CultureInfo.CurrentCulture, StringResources.ObjectNotFound, new object[0])), "MoveADDirectoryServer:ProcessRecord", str));
}
StringBuilder stringBuilder = new StringBuilder("Move-ADObject -identity $args[0] -Partition $args[1] -TargetPath $args[2] ");
try
{
object[] configurationNamingContext = new object[3];
configurationNamingContext[0] = directoryObjectFromIdentity;
configurationNamingContext[1] = cmdletSessionInfo.ADRootDSE.ConfigurationNamingContext;
configurationNamingContext[2] = aDObject.DistinguishedName;
base.InvokeCommand.InvokeScript(stringBuilder.ToString(), false, PipelineResultTypes.Output, null, configurationNamingContext);
}
catch (RuntimeException runtimeException1)
{
RuntimeException runtimeException = runtimeException1;
object[] distinguishedName = new object[3];
distinguishedName[0] = directoryObjectFromIdentity.DistinguishedName;
distinguishedName[1] = this._siteDirObj.DistinguishedName;
distinguishedName[2] = runtimeException.Message;
string str1 = string.Format(CultureInfo.CurrentCulture, "Failed moving the directory server: {0} to new site: {1}. Error: {2}", distinguishedName);
DebugLogger.LogError("MoveADDirectoryServer", str1);
base.WriteError(new ErrorRecord(runtimeException, "0", ErrorCategory.WriteError, this._identityDSObj));
}
}
return(true);
}
private bool GetADRootDSEBeginCSRoutine()
{
bool flag;
Collection <string> strs = new Collection <string>();
string[] item = this._cmdletParameters["Properties"] as string[];
strs.Add("*");
if (item != null)
{
for (int i = 0; i < (int)item.Length; i++)
{
strs.Add(item[i]);
}
}
ADObjectSearcher aDObjectSearcher = null;
using (aDObjectSearcher)
{
try
{
aDObjectSearcher = new ADObjectSearcher(this.GetSessionInfo());
ADRootDSE rootDSE = aDObjectSearcher.GetRootDSE(strs);
rootDSE.SessionInfo = base.GetCmdletSessionInfo().ADSessionInfo;
base.WriteObject(rootDSE);
flag = true;
}
catch (ADException aDException1)
{
ADException aDException = aDException1;
base.WriteError(ADUtilities.GetErrorRecord(aDException, "GetADRootDSE:BeginProcessing:ADError", null));
flag = false;
}
catch (AuthenticationException authenticationException1)
{
AuthenticationException authenticationException = authenticationException1;
base.WriteError(ADUtilities.GetErrorRecord(authenticationException, "GetADRootDSE:BeginProcessing:InvalidCredentials", null));
flag = false;
}
}
return(flag);
}
protected bool SetSessionKey()
{
bool bRez = true;
if (HttpContext.Current.Session[Constants.SessionID] == null)
{
using (Nostralogia2._1.SMParamKeeper.SMParamKeeperServClient serv = new Nostralogia2._1.SMParamKeeper.SMParamKeeperServClient())
{
PassGenerator passgen = new PassGenerator();
passgen.Numbers = true;
passgen.NumberSymbols = Constants.LengthSalt;
passgen.SmallLetters = true;
passgen.CapitalsLetters = true;
passgen.SpecialSymbols = true;
passgen.Generate();
String salt = passgen.Pass;
HttpContext.Current.Session[Constants.SessionSalt] = salt;
passgen.NumberSymbols = Constants.LengthPassphrase;
passgen.Generate();
String pass = passgen.Pass;
HttpContext.Current.Session[Constants.SessionPass] = pass;
DateTime dt = DateTime.Now.AddHours(24);
try
{
serv.SetSessionKey(ADUtilities.GetSessionGUID(), salt, pass, String.Format("{0}-{1}-{2}", dt.Year, dt.Month, dt.Day));
}
catch (Exception ex)
{
bRez = false;
FormatAndLogMessage("SetSessionKey", ex.Message);
}
}
}
return(bRez);
}
protected internal virtual void WritePropertiesToOutput(O inputIdentity, ADEntity constructedIdentityObject)
{
bool flag = false;
if (constructedIdentityObject == null)
{
DebugLogger.LogInfo("ADGetPropertiesCmdletBase", string.Format("Identity: {0} not found", inputIdentity));
}
else
{
CmdletSessionInfo cmdletSessionInfo = this.GetCmdletSessionInfo();
ADPropertyValueCollection item = constructedIdentityObject[this.SourceProperty];
RO rO = Activator.CreateInstance <RO>();
if (item == null)
{
DebugLogger.LogInfo("ADGetPropertiesCmdletBase", string.Format("Could not find property: {0} for identity: {1}", this.SourceProperty, inputIdentity));
return;
}
else
{
List <IADOPathNode> aDOPathNodes = new List <IADOPathNode>(this._pageSize);
foreach (string str in item)
{
try
{
string str1 = this.ExtractIdentityInfoFromSourcePropertyValue(str, out flag);
if (str1 != null)
{
rO.Identity = str1;
if (!flag)
{
RO extendedObjectFromIdentity = this._returnObjectFactory.GetExtendedObjectFromIdentity(rO, cmdletSessionInfo.DefaultPartitionPath);
base.WriteObject(extendedObjectFromIdentity);
}
else
{
IADOPathNode aDOPathNode = ADOPathUtil.CreateFilterClause(ADOperator.Eq, "distinguishedName", Utils.EscapeDNForFilter(str1));
aDOPathNodes.Add(aDOPathNode);
if (aDOPathNodes.Count >= this._pageSize)
{
this.WriteObjectsInBatch(aDOPathNodes);
aDOPathNodes.Clear();
}
}
}
else
{
DebugLogger.LogInfo("ADGetPropertiesCmdletBase", string.Format("ExtractIdentityInfoFromSourcePropertyValue returned NULL for propertyValue: {0} - skipping this value", str));
}
}
catch (ADIdentityNotFoundException aDIdentityNotFoundException1)
{
ADIdentityNotFoundException aDIdentityNotFoundException = aDIdentityNotFoundException1;
base.WriteError(ADUtilities.GetErrorRecord(aDIdentityNotFoundException, "ADGetPropertiesCmdletBase:WritePropertiesToOutput", str));
}
}
if (aDOPathNodes.Count > 0)
{
this.WriteObjectsInBatch(aDOPathNodes);
aDOPathNodes.Clear();
return;
}
}
}
}
public string Authenticate(AuthenticateModel authData)
{
string ret = "";
if (string.IsNullOrEmpty(authData.username) || string.IsNullOrEmpty(authData.password))
{
return(string.Format("The {0} can not be empty", string.IsNullOrEmpty(authData.username)?"user name":"password"));
}
Tenant tn = null;
if (!string.IsNullOrEmpty(authData.tenant))
{
tn = dbCtx.Tenants.SingleOrDefault(t => t.Name.ToLower().Equals(authData.tenant.ToLower()));
if (tn == null) // nonexisting tenant name provided
{
return(string.Format("Tenant {0} not found", authData.tenant));
}
}
// in this example application, we do not use the full ActiveDirectory identity features.
// That, plus synchronizing the users in Izenda configuration DB and in the
// authorization application DB, allows just to validate the user against the Active Directory.
// In case you dont want to synchronize the users and/or not using the authorization DB
// while still want to use the Active Directory - you need to implement
// the full - featured identity mechanizm with ActiveDirectory support.
//
// So, here we just validate the active directory user if we set to use the active directory.
ADUser adUser = null;
ADConfig adCfg = Utilities.ADSettings();
if (adCfg.UseActiveDirectory)
{
adUser = ADUtilities.ValidateADUser(authData.username, authData.password, adCfg);
}
if (adCfg.UseActiveDirectory && !adUser.IsValid)
{
return(string.Format("The user {0} is invalid or not found in the Active Directory.\nError:{1}", authData.username, adUser.Reserved));
}
// Check if the user exists in the authentication database.
// For the Active Directory, we still will verify this too, even in case the user is valid on A.D.
int?tnId = null;
if (tn != null)
{
tnId = tn.Id;
}
AspNetUser user = dbCtx.AspNetUsers.SingleOrDefault(
u => u.UserName.ToLower().Equals(authData.username.ToLower()) &&
u.TenantId == tnId);
// Tip.
// At this point, if the AD user exists/valid (adUser.IsValid == true), it is possible to automatically
// create the AD user in Izenda DB, if you'd like to. You can implement something like the following:
// if ((adCfg.UseActiveDirectory && adUser.IsValid) && user == null) {
// user = (cast/retrieve to the AspNetUser)CreateUser(new CreateUserBindingModel { FirstName = "", LastName = "", Tenant = authData.tenant, Password = authData.password, IsAdmin = false });
// }
// See the article "Few aspects of Active Directory authentication" at Izenda Confluence board for details
// as of now, we expect the A.D. user to exist in the database.
if (user == null)
{
return(string.Format("User {0} not found {1}", authData.username, tn == null ? "":"for the tenant " + tn.Name));
}
if (!VerifyPassword(authData.password, user))
{
return("The password is incorrect");
}
// our sample (custom authenticacion) database does not have the user status flag.
// we will use Izenda to find out if the user is active or not.
string adminToken = IzendaTokenAuthorization.GetIzendaAdminToken();
Task <IzendaBoundary.Models.UserDetail> getUser = IzendaUtilities.GetIzendaUserByTenantAndName(user.UserName, tn == null?null:tn.Name, adminToken);
IzendaBoundary.Models.UserDetail userDetails = getUser.Result;
if (userDetails == null)
{
return(string.Format("The user {0} not found in [Izenda database]. Contact your administrator please", user.UserName));
}
else if (!userDetails.Active)
{
return(string.Format("The user {0} was found but it is not active. Contact your administrator please", user.UserName));
}
return(ret);
}
public String GetAverageDate(HistoricalEvent hevent)
{
DateTime dt = ADUtilities.GetAverageDate(hevent);
return(String.Format("{0}/{1}/{2}", dt.Day, dt.Month, dt.Year));
}
