public bool UserExistsInGroup(LDAPObject domainGroup, string memberString, string groupAttribute)
{
try
{
if (domainGroup == null ||
string.IsNullOrEmpty(memberString) ||
string.IsNullOrEmpty(groupAttribute))
{
return(false);
}
var members = domainGroup.GetValues(groupAttribute);
if (members == null)
{
return(false);
}
if (members.Any(member => memberString.Equals(member, StringComparison.InvariantCultureIgnoreCase)))
{
return(true);
}
}
catch (Exception e)
{
Log.ErrorFormat("Wrong Group Attribute parameters: {0}. {1}", groupAttribute, e);
}
return(false);
}
public List <string> GetGroupAttribute(LDAPObject domainGroup, string groupAttribute)
{
try
{
return(domainGroup.GetValues(groupAttribute));
}
catch (Exception e)
{
Log.ErrorFormat("Wrong Group Attribute parameters: {0}. {1}", groupAttribute, e);
}
return(null);
}
protected bool CheckGroupAttribute(LDAPObject group, string groupAttr)
{
try
{
group.InvokeGet(groupAttr);
}
catch (Exception e)
{
log.ErrorFormat("Wrong Group Attribute parameter: {0}. {1}", groupAttr, e);
return(false);
}
return(true);
}
public bool UserExistsInGroup(LDAPSupportSettings settings, LDAPObject domainGroup, string memberString, string groupAttribute)
{
try
{
if (domainGroup == null ||
string.IsNullOrEmpty(memberString) ||
string.IsNullOrEmpty(groupAttribute))
{
return(false);
}
if (domainGroup.Sid.EndsWith("-513"))
{
// Domain Users found
var ldapUsers = GetUsersFromPrimaryGroup(settings, "513");
if (ldapUsers == null)
{
return(false);
}
if (ldapUsers.Any(ldapUser => ldapUser.DistinguishedName.Equals(memberString, StringComparison.InvariantCultureIgnoreCase)))
{
return(true);
}
}
else
{
var members = domainGroup.GetValues(groupAttribute);
if (members == null)
{
return(false);
}
if (members.Any(member => memberString.Equals(member, StringComparison.InvariantCultureIgnoreCase)))
{
return(true);
}
}
}
catch (Exception e)
{
Log.ErrorFormat("Wrong Group Attribute parameters: {0}. {1}", groupAttribute, e);
}
return(false);
}
public string GetUserAttribute(LDAPObject user, string userAttribute)
{
try
{
var member = user.InvokeGet(userAttribute);
if (member != null)
{
return(member.ToString());
}
}
catch (Exception e)
{
Log.ErrorFormat("Wrong User Attribute parameters: {0}. {1}", userAttribute, e);
}
return(null);
}
protected bool CheckUserAttribute(LDAPObject user, string userAttr)
{
try
{
var userAttribute = user.InvokeGet(userAttr);
if (userAttribute == null || string.IsNullOrWhiteSpace(userAttribute.ToString()))
{
log.ErrorFormat("Wrong Group Attribute parameter: {0}", userAttr);
return(false);
}
}
catch (Exception e)
{
log.ErrorFormat("Wrong Group Attribute parameter: {0}. {1}", userAttr, e);
return(false);
}
return(true);
}
protected bool CheckGroupNameAttribute(LDAPObject group, string groupAttr)
{
try
{
var groupNameAttribute = group.GetValues(groupAttr);
if (groupNameAttribute == null)
{
log.ErrorFormat("Wrong Group Name Attribute parameter: {0}", groupAttr);
return(false);
}
}
catch (Exception e)
{
log.ErrorFormat("Wrong Group Attribute parameter: {0}. {1}", groupAttr, e);
return(false);
}
return(true);
}
/// <summary>
/// Creates a new role with the given name
/// </summary>
/// <param name="roleName">The new role name</param>
/// <param name="ownerDN">The group owner distinguished name</param>
/// <param name="token">The cancellation token for the operation</param>
/// <returns>The new object if it was created successfully</returns>
public async Task <LDAPObject> CreateRoleAsync(string roleName, string ownerDN, CancellationToken token)
{
try
{
var newRole = new LDAPObject
{
DistinguishedName = "cn=" + roleName + "," + _session.CurrentScope.Domain,
Domain = _session.CurrentScope.Domain,
Attributes = new List <LDAPAttribute>()
};
newRole.Attributes.Add(new LDAPAttribute {
Description = "cn", Values = new List <string>()
{
roleName
}
});
newRole.Attributes.Add(new LDAPAttribute {
Description = "member", Values = new List <string>()
{
ownerDN
}
});
newRole.Attributes.Add(new LDAPAttribute {
Description = "objectClass", Values = new List <string>()
{
"groupOfNames"
}
});
var res = await _session.TryAdd(newRole, token);
if (res != null && res.WasSuccessful)
{
return(res.Objects.FirstOrDefault());
}
}
catch
{
}
return(null);
}
protected bool CheckLoginAttribute(LDAPObject user, string loginAttribute)
{
string memberUser = null;
try
{
var member = user.InvokeGet(loginAttribute);
memberUser = member != null?member.ToString() : null;
if (string.IsNullOrWhiteSpace(memberUser))
{
log.ErrorFormat("Wrong Login Attribute parameter: {0}", memberUser);
return(false);
}
}
catch (Exception e)
{
log.ErrorFormat("Wrong Login Attribute parameter: memberUser = {0}. {1}", memberUser, e);
return(false);
}
return(true);
}
public bool UserExistsInGroup(LDAPObject domainGroup, string memberString, string groupAttribute)
{
try
{
var members = domainGroup.GetValues(groupAttribute);
if (memberString != null)
{
foreach (var member in members)
{
if (memberString.Equals(member, StringComparison.InvariantCultureIgnoreCase))
{
return(true);
}
}
}
}
catch (Exception e)
{
log.ErrorFormat("Wrong Group Attribute parameters: {0}. {1}", groupAttribute, e);
}
return(false);
}
/// <summary>
/// Creates a new group with the given name
/// </summary>
/// <param name="groupName">The new group name</param>
/// <param name="token">The cancellation token for the operation</param>
/// <returns>The new object if it was created successfully</returns>
public async Task <LDAPObject> CreateGroupAsync(string groupName, CancellationToken token)
{
try
{
var newRole = new LDAPObject
{
DistinguishedName = "ou=" + groupName + "," + _session.CurrentScope.Domain,
Domain = _session.CurrentScope.Domain,
Attributes = new List <LDAPAttribute>()
};
newRole.Attributes.Add(new LDAPAttribute {
Description = "ou", Values = new List <string>()
{
groupName
}
});
newRole.Attributes.Add(new LDAPAttribute {
Description = "objectClass", Values = new List <string>()
{
"organizationalUnit"
}
});
var res = await _session.TryAdd(newRole, token);
if (res != null && res.WasSuccessful)
{
return(res.Objects.FirstOrDefault());
}
}
catch
{
}
return(null);
}
/// <summary>
/// Constructor from existing user object
/// </summary>
/// <param name="userObj">The LDAPObject for the user</param>
public LDAPUser(LDAPObject userObj)
{
_wrappedObj = userObj;
// Use builders for string manipulation
var nameBuilder = new StringBuilder();
var domainBuilder = new StringBuilder();
// Parse the distinguished name
foreach (var subStr in userObj.DistinguishedName.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
{
var tokens = subStr.Split(new char[] { '=' }, StringSplitOptions.RemoveEmptyEntries);
if (tokens.Length == 2)
{
switch (tokens[0].ToLowerInvariant())
{
case "cn":
nameBuilder.Append(tokens[1]);
break;
case "dc":
if (domainBuilder.Length > 0)
{
domainBuilder.Append(".");
}
domainBuilder.Append(tokens[1]);
break;
default:
break;
}
}
}
Name = nameBuilder.ToString();
Domain = domainBuilder.ToString();
}
/// <summary>
/// Default constructor
/// </summary>
public LDAPUser()
{
_wrappedObj = null;
}