private void ShowDsPickerDialog(object ADObjects)
{
string distinguishedName = string.Empty;
string domainName = _securityDescriptor.GetDCInfo(null);
distinguishedName = System.DirectoryServices.SDSUtils.DomainNameToDN(domainName);
// show picker
string sLdapPath = string.Format("LDAP://{0}/{1}", domainName, distinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
System.DirectoryServices.Misc.DsPicker dsPickerDlg = new System.DirectoryServices.Misc.DsPicker();
dsPickerDlg.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_USERS_OR_GROUPS,
sProtocol,
sServer,
sDCs,
true);
if (dsPickerDlg.waitForm != null && dsPickerDlg.waitForm.bIsInterrupted)
{
return;
}
if (dsPickerDlg.ShowDialog(this) == DialogResult.OK)
{
if (dsPickerDlg.ADobjectsArray != null && dsPickerDlg.ADobjectsArray.Length != 0)
{
ADObjects = dsPickerDlg.ADobjectsArray;
}
}
}
private void btnAdd_Click(object sender, EventArgs e)
{
//AdvancedPermissionsControlDlg advancedPermissionsControlDlg = new AdvancedPermissionsControlDlg(_securityDescriptor, _ObjectPath);
//advancedPermissionsControlDlg.ShowDialog(this);
//return;
string distinguishedName = string.Empty;
string domainName = _securityDescriptor.GetDCInfo(null);
distinguishedName = System.DirectoryServices.SDSUtils.DomainNameToDN(domainName);
// show picker
string sLdapPath = string.Format("LDAP://{0}/{1}", domainName, distinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
System.DirectoryServices.Misc.DsPicker dsPickerDlg = new System.DirectoryServices.Misc.DsPicker();
dsPickerDlg.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_USERS_OR_GROUPS,
sProtocol,
sServer,
sDCs,
true);
if (dsPickerDlg.waitForm != null && dsPickerDlg.waitForm.bIsInterrupted)
{
return;
}
if (dsPickerDlg.ShowDialog(this) == DialogResult.OK)
{
if (dsPickerDlg.ADobjectsArray != null && dsPickerDlg.ADobjectsArray.Length != 0)
{
foreach (System.DirectoryServices.Misc.ADObject ado in dsPickerDlg.ADobjectsArray)
{
byte[] sObjectSid = ado.de.Properties["objectSid"].Value as byte[];
string sAMAccountName = ado.de.Properties["sAMAccountName"].Value as string;
string sSID = _securityDescriptor.ConvetByteSidToStringSid(sObjectSid);
//Need to set the permission check list in the permission set
LwAccessControlEntry Ace = new LwAccessControlEntry();
Ace.SID = sSID;
Ace.Username = sAMAccountName;
Ace.AceType = 0;
Ace.AceFlags = 0;
Ace.AccessMask = Convert.ToInt64(LwAccessMask.ACCESS_MASK.Special_Permissions).ToString();
bool bIsEntryFound = false;
List <LwAccessControlEntry> acelist = null;
foreach (ListViewItem item in lvGroupOrUserNames.Items)
{
if (item.Text.Contains(sAMAccountName))
{
acelist = item.Tag as List <LwAccessControlEntry>;
foreach (LwAccessControlEntry aceEntry in acelist)
{
if (aceEntry.AceType == 0)
{
aceEntry.AccessMask = Ace.AccessMask;
item.Tag = acelist;
item.Selected = true;
}
}
}
}
if (!bIsEntryFound)
{
ListViewItem lvItem = new ListViewItem(sAMAccountName);
acelist = new List <LwAccessControlEntry>();
acelist.Add(Ace);
lvItem.Tag = acelist; //Need to initialize the DaclInfo for the object
lvGroupOrUserNames.Items.Add(lvItem);
lvGroupOrUserNames.Items[lvGroupOrUserNames.Items.Count - 1].Selected = true;
}
_addedObjects.Add(sAMAccountName, acelist);
}
}
}
}
/// <summary>
/// Populate the DsPicker model dialog
/// Gets the selected group and add it to the list, removed from the RemovedGroups list if it is exists
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void Addbutton_Click(object sender, EventArgs e)
{
// show picker
string sLdapPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, _dirnode.DistinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
System.DirectoryServices.Misc.DsPicker f = new System.DirectoryServices.Misc.DsPicker();
f.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_GROUPS, sProtocol, sServer, sDCs, true);
if (f.waitForm != null && f.waitForm.bIsInterrupted)
{
return;
}
if (f.ShowDialog(this) == DialogResult.OK)
{
if (f.ADobjectsArray != null && f.ADobjectsArray.Length != 0)
{
foreach (System.DirectoryServices.Misc.ADObject ado in f.ADobjectsArray)
{
bool bIsObjectExists = false;
string sDN = ado.de.Properties["distinguishedName"].Value as string;
string[] slvItem = UserGroupUtils.splitDn(sDN);
ListViewItem lvItem = new ListViewItem(slvItem);
if (IsItemExists(sDN))
{
string sMsg =
"The object " +
slvItem[0] +
" is already in the list \nand cannot be added a second time";
container.ShowError(sMsg);
bIsObjectExists = true;
}
if (!bIsObjectExists)
{
string sLDAPPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, sDN);
DirectoryEntry entry = new DirectoryEntry(sLDAPPath, _dirnode.LdapContext.UserName, _dirnode.LdapContext.Password);
if (entry == null)
{
return;
}
lvItem.ImageIndex = MemOfPages.GetIndexForADObject(entry);
MemoflistView.Items.Add(lvItem);
lvItem.Tag = sDN;
if (!slvItem[0].Equals("Domain Users", StringComparison.InvariantCultureIgnoreCase))
{
MemofDnList.Add(sDN);
AddedGroups.Add(sDN);
foreach (string str in RemovedGroups)
{
if (str.Equals(sDN, StringComparison.InvariantCultureIgnoreCase))
{
RemovedGroups.Remove(sDN);
break;
}
}
}
memListchanged = true;
}
}
}
}
else
{
memListchanged = false;
}
UpdateApplyButton();
}
/// <summary>
/// Shows the AddUserToGroup dialog with the all groups and users
/// AddUsertoGroup.MEMBERS_PAGE parameter will tell the tree to show both Group and User
/// On Apply will adds new entry to the "members" attribute for the selected "group"
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void Addbutton_Click(object sender, EventArgs e)
{
// show picker
string sLdapPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, _dirnode.DistinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
string groupScope = GetgroupType();
System.DirectoryServices.Misc.DsPicker f = new System.DirectoryServices.Misc.DsPicker(groupScope);
f.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_ONLY_DOMAIN_USERS_OR_GROUPS, sProtocol, sServer, sDCs, true);
if (f.waitForm != null && f.waitForm.bIsInterrupted)
{
return;
}
if (f.ShowDialog(this) == DialogResult.OK)
{
if (f.ADobjectsArray != null && f.ADobjectsArray.Length != 0)
{
foreach (System.DirectoryServices.Misc.ADObject ado in f.ADobjectsArray)
{
bool bIsObjectExists = false;
string sDN = ado.de.Properties["distinguishedName"].Value as string;
string[] slvItem = UserGroupUtils.splitDn(sDN);
if (IsItemExists(sDN))
{
string sMsg =
"The object " +
slvItem[0] +
" is already in the list \nand cannot be added a second time";
container.ShowError(sMsg);
bIsObjectExists = true;
}
if (sDN.Equals(_dirnode.DistinguishedName))
{
container.ShowError("A group cannot be made a member of itself.");
continue;
}
if (!bIsObjectExists)
{
ListViewItem lvItem = new ListViewItem(slvItem);
lvItem.ImageIndex = MemOfPages.GetIndexForADObject(ado.de);
MemoflistView.Items.Add(lvItem);
lvItem.Tag = sDN;
bool found = false;
foreach (string str in ModifiedObjects)
{
if (str.Equals(sDN, StringComparison.InvariantCultureIgnoreCase))
{
found = true;
break;
}
}
//do not add duplicate objects
if (!found)
{
ModifiedObjects.Add(sDN.ToLower());
}
memListchanged = true;
}
}
}
}
else
{
memListchanged = false;
}
UpdateApplyButton();
}
private void ShowDsPickerDialog(object ADObjects)
{
string distinguishedName = string.Empty;
string domainName = _securityDescriptor.GetDCInfo(null);
distinguishedName = System.DirectoryServices.SDSUtils.DomainNameToDN(domainName);
// show picker
string sLdapPath = string.Format("LDAP://{0}/{1}", domainName, distinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
System.DirectoryServices.Misc.DsPicker dsPickerDlg = new System.DirectoryServices.Misc.DsPicker();
dsPickerDlg.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_USERS_OR_GROUPS,
sProtocol,
sServer,
sDCs,
true);
if (dsPickerDlg.waitForm != null && dsPickerDlg.waitForm.bIsInterrupted)
{
return;
}
if (dsPickerDlg.ShowDialog(this) == DialogResult.OK)
{
if (dsPickerDlg.ADobjectsArray != null && dsPickerDlg.ADobjectsArray.Length != 0) {
ADObjects = dsPickerDlg.ADobjectsArray;
}
}
}
/// <summary>
/// Populate the AddUsertoGroup model dialog
/// AddUsertoGroup.MEMOF_PAGE is parameter which filter only the groups
/// Gets the selected group and add it to the list, removed from the RemovedGroups list if it is exists
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void Addbutton_Click(object sender, EventArgs e)
{
// show picker
string sLdapPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, _dirnode.DistinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
System.DirectoryServices.Misc.DsPicker f = new System.DirectoryServices.Misc.DsPicker();
f.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_GROUPS, sProtocol, sServer, sDCs, true);
if (f.waitForm != null && f.waitForm.bIsInterrupted)
{
return;
}
if (f.ShowDialog(this) == DialogResult.OK)
{
if (f.ADobjectsArray != null && f.ADobjectsArray.Length != 0)
{
foreach (System.DirectoryServices.Misc.ADObject ado in f.ADobjectsArray)
{
bool bIsObjectExists = false;
string sDN = ado.de.Properties["distinguishedName"].Value as string;
string[] slvItem = UserGroupUtils.splitDn(sDN);
if (IsItemExists(sDN))
{
string sMsg =
"The object " +
slvItem[0] +
" is already in the list \nand cannot be added a second time";
container.ShowError(sMsg);
bIsObjectExists = true;
}
if (!bIsObjectExists)
{
string sLDAPPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, sDN);
DirectoryEntry entry = new DirectoryEntry(sLDAPPath, _dirnode.LdapContext.UserName, _dirnode.LdapContext.Password);
if (entry == null)
{
return;
}
ListViewItem lvItem = new ListViewItem(slvItem);
lvItem.ImageIndex = MemOfPages.GetIndexForADObject(entry);
MemoflistView.Items.Add(lvItem);
lvItem.Tag = sDN;
if (!slvItem[0].Equals("Domain Users", StringComparison.InvariantCultureIgnoreCase))
{
MemofDnList.Add(sDN);
AddedGroups.Add(sDN);
foreach (string str in RemovedGroups)
{
if (str.Equals(sDN, StringComparison.InvariantCultureIgnoreCase))
{
}
// Remove the selected group from the list, if it is exists
RemovedGroups.Remove(sDN);
break;
}
}
memListchanged = true;
}
}
}
}
else
{
memListchanged = false;
}
UpdateApplyButton();
}
private void btnAdd_Click(object sender, EventArgs e)
{
//AdvancedPermissionsControlDlg advancedPermissionsControlDlg = new AdvancedPermissionsControlDlg(_securityDescriptor, _ObjectPath);
//advancedPermissionsControlDlg.ShowDialog(this);
//return;
string distinguishedName = string.Empty;
string domainName = _securityDescriptor.GetDCInfo(null);
distinguishedName = System.DirectoryServices.SDSUtils.DomainNameToDN(domainName);
// show picker
string sLdapPath = string.Format("LDAP://{0}/{1}", domainName, distinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
System.DirectoryServices.Misc.DsPicker dsPickerDlg = new System.DirectoryServices.Misc.DsPicker();
dsPickerDlg.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_USERS_OR_GROUPS,
sProtocol,
sServer,
sDCs,
true);
if (dsPickerDlg.waitForm != null && dsPickerDlg.waitForm.bIsInterrupted)
{
return;
}
if (dsPickerDlg.ShowDialog(this) == DialogResult.OK)
{
if (dsPickerDlg.ADobjectsArray != null && dsPickerDlg.ADobjectsArray.Length != 0)
{
foreach (System.DirectoryServices.Misc.ADObject ado in dsPickerDlg.ADobjectsArray)
{
byte[] sObjectSid = ado.de.Properties["objectSid"].Value as byte[];
string sAMAccountName = ado.de.Properties["sAMAccountName"].Value as string;
string sSID = _securityDescriptor.ConvetByteSidToStringSid(sObjectSid);
//Need to set the permission check list in the permission set
LwAccessControlEntry Ace = new LwAccessControlEntry();
Ace.SID = sSID;
Ace.Username = sAMAccountName;
Ace.AceType = 0;
Ace.AceFlags = 0;
Ace.AccessMask = Convert.ToInt64(LwAccessMask.ACCESS_MASK.Special_Permissions).ToString();
bool bIsEntryFound = false;
List<LwAccessControlEntry> acelist = null;
foreach (ListViewItem item in lvGroupOrUserNames.Items)
{
if (item.Text.Contains(sAMAccountName))
{
acelist = item.Tag as List<LwAccessControlEntry>;
foreach (LwAccessControlEntry aceEntry in acelist)
{
if (aceEntry.AceType == 0) {
aceEntry.AccessMask = Ace.AccessMask;
item.Tag = acelist;
item.Selected = true;
}
}
}
}
if (!bIsEntryFound)
{
ListViewItem lvItem = new ListViewItem(sAMAccountName);
acelist = new List<LwAccessControlEntry>();
acelist.Add(Ace);
lvItem.Tag = acelist; //Need to initialize the DaclInfo for the object
lvGroupOrUserNames.Items.Add(lvItem);
lvGroupOrUserNames.Items[lvGroupOrUserNames.Items.Count - 1].Selected = true;
}
_addedObjects.Add(sAMAccountName, acelist);
}
}
}
}
/// <summary>
/// Shows the AddUserToGroup dialog with the all groups and users
/// AddUsertoGroup.MEMBERS_PAGE parameter will tell the tree to show both Group and User
/// On Apply will adds new entry to the "members" attribute for the selected "group"
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void Addbutton_Click(object sender, EventArgs e)
{
// show picker
string sLdapPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, _dirnode.DistinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
string groupScope = GetgroupType();
System.DirectoryServices.Misc.DsPicker f = new System.DirectoryServices.Misc.DsPicker(groupScope);
f.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_ONLY_DOMAIN_USERS_OR_GROUPS, sProtocol, sServer, sDCs, true);
if (f.waitForm != null && f.waitForm.bIsInterrupted)
{
return;
}
if (f.ShowDialog(this) == DialogResult.OK)
{
if (f.ADobjectsArray != null && f.ADobjectsArray.Length != 0)
{
foreach (System.DirectoryServices.Misc.ADObject ado in f.ADobjectsArray)
{
bool bIsObjectExists = false;
string sDN = ado.de.Properties["distinguishedName"].Value as string;
string[] slvItem = UserGroupUtils.splitDn(sDN);
if (IsItemExists(sDN))
{
string sMsg =
"The object " +
slvItem[0] +
" is already in the list \nand cannot be added a second time";
container.ShowError(sMsg);
bIsObjectExists = true;
}
if (sDN.Equals(_dirnode.DistinguishedName))
{
container.ShowError("A group cannot be made a member of itself.");
continue;
}
if (!bIsObjectExists)
{
ListViewItem lvItem = new ListViewItem(slvItem);
lvItem.ImageIndex = MemOfPages.GetIndexForADObject(ado.de);
MemoflistView.Items.Add(lvItem);
lvItem.Tag = sDN;
bool found = false;
foreach (string str in ModifiedObjects)
{
if (str.Equals(sDN, StringComparison.InvariantCultureIgnoreCase))
{
found = true;
break;
}
}
//do not add duplicate objects
if (!found)
{
ModifiedObjects.Add(sDN.ToLower());
}
memListchanged = true;
}
}
}
}
else
{
memListchanged = false;
}
UpdateApplyButton();
}
/// <summary>
/// Event raises when we click on any contextmenu item
/// And then performs the specified action
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
public void cm_OnMenuClick(object sender, EventArgs e)
{
// assure that the sender is a MenuItem
MenuItem mi = sender as MenuItem;
//Help
if (mi != null && mi.Text.Equals("Help"))
{
ProcessStartInfo psi = new ProcessStartInfo();
psi.UseShellExecute = true;
psi.FileName = CommonResources.GetString("LAC_Help");
psi.Verb = "open";
psi.WindowStyle = ProcessWindowStyle.Normal;
Process.Start(psi);
return;
}
ADUCDirectoryNode dirnode = mi.Tag as ADUCDirectoryNode;
if (dirnode == null && lvChildNodes.SelectedItems.Count == 1)
{
return;
}
int ret = -1;
if (dirnode != null)
{
string[] attrs = { null };
List<LdapEntry> ldapEntries = null;
ret = dirnode.LdapContext.ListChildEntriesSynchronous(
dirnode.DistinguishedName,
Likewise.LMC.LDAP.Interop.LdapAPI.LDAPSCOPE.ONE_LEVEL,
"(objectClass=*)",
attrs,
false,
out ldapEntries);
if (ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_NO_SUCH_OBJECT)
{
return;
}
}
//Refresh the dirnode (redo a ldap query at the current dirnode)
if (mi != null && mi.Text.Equals("Refresh"))
{
if (dirnode != null)
{
dirnode.Refresh();
if (dirnode.Nodes.Count == 0)
{
return;
}
dirnode.IsModified = true;
base.treeNode = dirnode;
}
}
//Add New User
if (mi != null && mi.Text.Equals("User"))
{
if (dirnode != null)
{
AddNewUser(dirnode);
}
}
//Add new computer
if (mi != null && mi.Text.Equals("Computer"))
{
if (dirnode != null)
{
AddNewComputer(dirnode, null);
}
}
//Add new group
if (mi != null && mi.Text.Equals("Group"))
{
if (dirnode != null)
{
AddNewGroup(dirnode);
}
}
//Add new OU
if (mi != null && mi.Text.Equals("Organizational Unit"))
{
if (dirnode != null)
{
AddNewOU(dirnode);
}
}
//Add a generic Object
if (mi != null && mi.Text.Equals("Other"))
{
if (dirnode != null)
{
AddNewObject(dirnode);
}
}
//Delete an object (user, computer, group and OU
if (mi != null && mi.Text.Equals("Delete"))
{
LACTreeNode parentNode = null;
ret = -1;
DialogResult dlg = container.ShowMessage(
"Are you sure you want to delete this object(s)?",
MessageBoxButtons.YesNo,
MessageBoxIcon.Exclamation);
if (dlg == DialogResult.Yes)
{
if (mi.Tag != null)
{
parentNode = dirnode.Parent == null ? treeNode as ADUCDirectoryNode : dirnode.Parent as ADUCDirectoryNode;
ret = DODeleteADObjects(dirnode);
}
else
{
parentNode = (LACTreeNode)treeNode;
foreach (ListViewItem item in lvChildNodes.SelectedItems)
{
ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode;
if (dn != null)
{
ret = DODeleteADObjects(dn);
if (ret != 0)
{
break;
}
}
}
}
if (ret == 0)
{
int length = CommonResources.GetString("Caption_Console").Length + 24;
string msgToDisplay = "Object(s) is deleted!";
if (length > msgToDisplay.Length)
{
msgToDisplay = msgToDisplay.PadRight(length - msgToDisplay.Length, '�');
}
container.ShowError(msgToDisplay);
if ((parentNode != null) && (parentNode is ADUCDirectoryNode))
{
ADUCPlugin plugin = treeNode.Plugin as ADUCPlugin;
ADUCDirectoryNode parentdirnode = parentNode as ADUCDirectoryNode;
parentdirnode.Refresh();
parentdirnode.IsModified = true;
base.treeNode = parentdirnode;
}
}
}
}
//Copy ...
if (mi != null && mi.Text.Equals("Copy..."))
{
if (dirnode != null)
{
string obj_type = dirnode.ObjectClass;
if (obj_type.Equals("top", StringComparison.InvariantCultureIgnoreCase) ||
obj_type.Equals("user", StringComparison.InvariantCultureIgnoreCase))
{
string sText = "Copy Object - User";
DirectoryContext dirContext = dirnode.LdapContext;
try
{
//first obtain the current userAccountControl value
DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName));
int userCtrlInt = Convert.ToInt32(de.Properties["userAccountControl"].Value.ToString());
long pwdLastSet = Convert.ToInt64(de.Properties["pwdLastSet"].Value.ToString());
string copyfrom = "Copy from: " + de.Properties["name"].Value.ToString();
bool bAcountDisable = false, bNeverExpiresPwd = false, bMustChangePwd = false, bUserCannotChange = false;
string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlInt, 2);
if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 10] == '1'
&& pwdLastSet == 0)
{
bMustChangePwd = true;
}
if (userCtrlBinStr.Length >= 17 && userCtrlBinStr[userCtrlBinStr.Length - 17] == '1')
{
bNeverExpiresPwd = true;
bMustChangePwd = false;
}
if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 7] == '1'
&& pwdLastSet != 0)
{
bUserCannotChange = true;
}
if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
{
bAcountDisable = true;
}
ADUserAddDlg f = new ADUserAddDlg(base.container, this, sText, treeNode as ADUCDirectoryNode, bAcountDisable, bNeverExpiresPwd, bMustChangePwd, bUserCannotChange, copyfrom);
f.ShowDialog(this);
//the user information is gather in f.userInfo before "finish" button is clicked
if (f.userInfo.commit == true)
{
Hashtable htUserInfo = new Hashtable();
if (f.userInfo.fName != "")
{
htUserInfo.Add("givenName", f.userInfo.fName);
}
if (f.userInfo.initials != "")
{
htUserInfo.Add("initials", f.userInfo.initials);
}
if (f.userInfo.lName != "")
{
htUserInfo.Add("sn", f.userInfo.lName);
}
if (f.userInfo.fullName != "")
{
htUserInfo.Add("cn", f.userInfo.fullName);
htUserInfo.Add("displayName", f.userInfo.fullName);
htUserInfo.Add("name", f.userInfo.fullName);
}
if (f.userInfo.logonName != "")
{
htUserInfo.Add("userPrincipalName", f.userInfo.logonName);
}
if (f.userInfo.userPrelogonname != "")
{
htUserInfo.Add("sAMAccountName", f.userInfo.userPrelogonname);
}
//use logon name to set "sAMAaccountname"
AddNewObj_User(treeNode as ADUCDirectoryNode, htUserInfo, false, f.userInfo.passWord, f.userInfo.bAcountDisable, f.userInfo.bNeverExpiresPwd, f.userInfo.bMustChangePwd, f.userInfo.bCannotChangePwd);
}
}
catch (Exception ex)
{
Logger.LogException("ADUCPage.cm_OnMenuClick", ex);
}
}
}
}
//Move...
if (mi != null && mi.Text.Equals("Move..."))
{
DoMoveObjectWork(dirnode);
}
//Rename
if (mi != null && mi.Text.Equals("Rename"))
{
if (dirnode != null)
{
DirectoryContext dirContext = dirnode.LdapContext;
string obj_type = dirnode.ObjectClass;
if (obj_type.Equals("top", StringComparison.InvariantCultureIgnoreCase) ||
obj_type.Equals("user", StringComparison.InvariantCultureIgnoreCase))
{
LACTreeNode parentnode = dirnode.Parent == null ? treeNode as LACTreeNode : dirnode.Parent as LACTreeNode;
ADUCDirectoryNode parentdirnode = parentnode as ADUCDirectoryNode;
ADRenameUserDlg f = new ADRenameUserDlg(dirnode, parentdirnode.DistinguishedName);
f.ShowDialog(this);
if (f.renameUserInfo.commit == true)
{
string basedn = dirnode.DistinguishedName;
string newdn = f.renameUserInfo.fullName;
newdn = string.Concat(CN_PREFIX, newdn);
ret = dirContext.RenameSynchronous(basedn, newdn, null);
if (ret == 0)
{
Hashtable htUserInfo = new Hashtable();
if (f.renameUserInfo.fName != "")
{
htUserInfo.Add("givenName", f.renameUserInfo.fName);
}
if (f.renameUserInfo.initials != "")
{
htUserInfo.Add("initials", f.renameUserInfo.initials);
}
if (f.renameUserInfo.lName != "")
{
htUserInfo.Add("sn", f.renameUserInfo.lName);
}
if (f.renameUserInfo.displayName != "")
{
htUserInfo.Add("displayName", f.renameUserInfo.displayName);
}
if (f.renameUserInfo.logonName != "")
{
htUserInfo.Add("userPrincipalName", f.renameUserInfo.logonName);
}
if (f.renameUserInfo.userPrelogonname != "")
{
htUserInfo.Add("sAMAccountName", f.renameUserInfo.userPrelogonname);
}
string cn = string.Empty;
string smamAccount = string.Empty;
List<LDAPMod> userinfo = new List<LDAPMod>();
foreach (string key in htUserInfo.Keys)
{
string[] objectClass_values = new string[] { htUserInfo[key].ToString(), null };
LDAPMod ldapMod_Info =
new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, key, objectClass_values);
userinfo.Add(ldapMod_Info);
}
LDAPMod[] renameinfo = new LDAPMod[userinfo.Count];
userinfo.CopyTo(renameinfo);
string dn = string.Concat(newdn, DN_SEPARATOR);
string ou = parentdirnode.DistinguishedName;
dn = string.Concat(dn, ou);
ret = dirContext.ModifySynchronous(dn, renameinfo);
if (ret == 0)
{
int length = CommonResources.GetString("Caption_Console").Length + 24;
string msgToDisplay = "Object is renamed!";
if (length > msgToDisplay.Length)
{
msgToDisplay = msgToDisplay.PadRight(length - msgToDisplay.Length, '�');
}
container.ShowMessage(msgToDisplay);
}
else
{
container.ShowError(ErrorCodes.LDAPString(ret));
return;
}
}
else
{
container.ShowError(ErrorCodes.LDAPString(ret));
return;
}
if (parentdirnode != null)
{
parentdirnode.Refresh();
parentdirnode.IsModified = true;
base.treeNode = parentdirnode;
}
}
}
else
{
ADRenameDlg f = new ADRenameDlg(base.container, this, dirnode.Text, dirnode.ObjectClass);
f.ShowDialog(this);
//OK clicked
if (f.rename != null)
{
//the following portion of code uses openldap "ldap_rename_s"
string basedn = dirnode.DistinguishedName;
LACTreeNode parentnode = dirnode.Parent == null ? treeNode as LACTreeNode : dirnode.Parent as LACTreeNode;
ADUCDirectoryNode parentdirnode = parentnode as ADUCDirectoryNode;
string newdn = f.rename;
//rename an object
if (obj_type.Equals("organizationalUnit", StringComparison.InvariantCultureIgnoreCase))
{
newdn = string.Concat(OU_PREFIX, newdn);
}
else
{
newdn = string.Concat(CN_PREFIX, newdn); //Renaming any object(user, group, computer, container etc...)
}
ret = dirContext.RenameSynchronous(basedn, newdn, null);
if (ret == 0)
{
int length = CommonResources.GetString("Caption_Console").Length + 24;
string msgToDisplay = "Object is renamed!";
if (length > msgToDisplay.Length)
{
msgToDisplay = msgToDisplay.PadRight(length - msgToDisplay.Length, '�');
}
container.ShowMessage(msgToDisplay);
}
else
{
container.ShowError(ErrorCodes.LDAPString(ret));
return;
}
if (parentdirnode != null)
{
parentdirnode.Refresh();
parentdirnode.IsModified = true;
base.treeNode = parentdirnode;
}
}
}//if f.name == null, there is no rename performed
}
}
//in Computer Or user
if (mi != null && mi.Text.Equals("Disable Account"))
{
ret = -1;
ADUCDirectoryNode parentNode = null;
if (mi.Tag != null)
{
parentNode = dirnode.Parent == null ? treeNode as ADUCDirectoryNode : dirnode.Parent as ADUCDirectoryNode;
string obj_type = dirnode.ObjectClass;
DialogResult dlg =
MessageBox.Show(this, "Are you sure you want to disable this account?",
CommonResources.GetString("Caption_Console"), MessageBoxButtons.YesNo,
MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2);
if (dlg == DialogResult.Yes)
{
if (obj_type.Equals("user", StringComparison.InvariantCultureIgnoreCase))
{
dlg = DialogResult.Yes;
}
if (obj_type.Equals("computer", StringComparison.InvariantCultureIgnoreCase))
{
dlg = MessageBox.Show(this, "Disabling the computer account " + dirnode.Text + " prevents users on that computer from logging on to this domain\n " +
"Do you want to disable this computer account?",
CommonResources.GetString("Caption_Console"), MessageBoxButtons.YesNo,
MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2);
}
if (dlg == DialogResult.Yes || dlg == DialogResult.OK)
{
ret = DoDisableADObjects(dirnode);
}
if (ret == 0)
{
MessageBox.Show(this, string.Format("Object {0} has been disabled.", dirnode.Text),
CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK,
MessageBoxIcon.Information);
}
}
}
else
{
bool bAlertMsg = true;
parentNode = treeNode as ADUCDirectoryNode;
foreach (ListViewItem item in lvChildNodes.SelectedItems)
{
ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode;
if (dn != null)
{
if (!dn.IsDisabled)
{
bAlertMsg = false;
break;
}
}
}
if (bAlertMsg)
{
MessageBox.Show(this, "All of the selected objects are disabled",
CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK,
MessageBoxIcon.Information);
return;
}
foreach (ListViewItem item in lvChildNodes.SelectedItems)
{
ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode;
if (dn != null)
{
ret = DoDisableADObjects(dn);
if (ret != 0)
{
return;
}
}
}
if (ret == 0)
{
MessageBox.Show(this, string.Format("All of the selected objects have been disabled."),
CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK,
MessageBoxIcon.Information);
}
}
if (ret == 0)
{
if (parentNode != null)
{
parentNode.Refresh();
parentNode.IsModified = true;
base.treeNode = parentNode;
}
}
else if (ret != -1)
{
string sMsg = ErrorCodes.LDAPString(ret);
container.ShowMessage(sMsg);
}
}
//Enable Account
if (mi != null && mi.Text.Equals("Enable Account"))
{
ret = -1;
ADUCDirectoryNode parentNode = null;
if (mi.Tag != null)
{
parentNode = dirnode.Parent == null ? treeNode as ADUCDirectoryNode : dirnode.Parent as ADUCDirectoryNode;
DialogResult dlg =
MessageBox.Show(this, "Are you sure you want to enable this account?",
CommonResources.GetString("Caption_Console"), MessageBoxButtons.YesNo,
MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2);
if (dlg == DialogResult.Yes)
{
ret = DoEnableAccount(dirnode);
if (ret == 0)
{
MessageBox.Show(this, string.Format("Object {0} has been enabled.", dirnode.Text),
CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK,
MessageBoxIcon.Information);
}
}
}
else
{
bool bAlertMsg = true;
parentNode = treeNode as ADUCDirectoryNode;
foreach (ListViewItem item in lvChildNodes.SelectedItems)
{
ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode;
if (dn != null)
{
if (dn.IsDisabled)
{
bAlertMsg = false;
break;
}
}
}
if (bAlertMsg)
{
MessageBox.Show(this, "All of the selected objects are enabled",
CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK,
MessageBoxIcon.Information);
return;
}
foreach (ListViewItem item in lvChildNodes.SelectedItems)
{
ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode;
if (dn != null)
{
ret = DoEnableAccount(dn);
if (ret != 0)
{
return;
}
}
}
if (ret == 0)
{
MessageBox.Show(this, string.Format("All of the selected objects have been enabled."),
CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK,
MessageBoxIcon.Information);
}
}
if (ret == 0)
{
if (parentNode != null)
{
parentNode.Refresh();
parentNode.IsModified = true;
base.treeNode = parentNode;
}
}
else if (ret == -2)
{
string sMsg = string.Format("Windows cannot enable object {0} becuase\n" +
"Unanle to update the password. The value provided for the new passoword does not meeth\n" +
"length, complexity, or history requirement of the domain", dirnode.Text);
MessageBox.Show(this, sMsg, CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else if (ret != -1)
{
string sMsg = ErrorCodes.LDAPString(ret);
container.ShowMessage(sMsg);
}
}
//in User only
if (mi != null && mi.Text.Equals("Reset Password"))
{
if (dirnode != null)
{
DirectoryContext dirContext = dirnode.LdapContext;
//first obtain the current userAccountControl value
DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName));
int userCtrlInt = int.Parse(de.Properties["userAccountControl"].Value.ToString());
int useraccountCtr_decimalVal = 512;
bool bNeverExpiresPwd = false;
ret = 0;
string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlInt, 2);
if ((userCtrlBinStr.Length >= 17 && userCtrlBinStr[userCtrlBinStr.Length - 17] == '1') ||
(userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 7] == '1'))
{
bNeverExpiresPwd = true;
}
ResetPassword f = new ResetPassword(base.container, this, bNeverExpiresPwd, dirnode.Text);
if (f.ShowDialog(this) == DialogResult.OK)
{
//first, change the password
//first obtain the current userAccountControl value
//DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName));
string username = de.Properties["sAMAccountName"].Value.ToString();
if (String.IsNullOrEmpty(f.passwordinfo.password))
{
return;
}
bool retValue = false;
try
{
ADUCPlugin plugin = pi as ADUCPlugin;
Hostinfo hn = ctx as Hostinfo;
retValue = !Convert.ToBoolean(LUGAPI.NetChangePassword(hn.domainName, username, f.passwordinfo.password));
}
catch (Exception)
{
retValue = false;
}
List<LDAPMod> attrlist = new List<LDAPMod>();
//second, we need to set up to make sure that user shall change his password next time he logs in.
if (f.passwordinfo.MustChangePwNextLogon && !bNeverExpiresPwd && retValue)
{
//int userCtrlInt = (int)de.Properties["msDS-User-Account-Control-Computed"].Value;
//userCtrlInt = Convert.ToInt32(de.Properties["userAccountControl"].Value.ToString());
if (userCtrlInt != 546)
{
string newUserCtrl_val = Convert.ToString(useraccountCtr_decimalVal + 8388608);
string[] userControl_values = { newUserCtrl_val, null };
LDAPMod userControl_Info =
new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "userAccountControl", userControl_values);
attrlist.Add(userControl_Info);
}
string[] pwdLastSet_values = { "0", null };
LDAPMod pwdLastSet_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "pwdLastSet", pwdLastSet_values);
attrlist.Add(pwdLastSet_attr);
}
if (attrlist.Count != 0)
{
LDAPMod[] attrinfo = new LDAPMod[attrlist.Count];
attrlist.CopyTo(attrinfo);
ret = dirnode.LdapContext.ModifySynchronous(dirnode.DistinguishedName, attrinfo);
}
if (retValue && ret == 0)
{
int length = CommonResources.GetString("Caption_Console").Length + 28;
string msgToDisplay = "Password has been reset successfully.";
if (length > msgToDisplay.Length)
{
msgToDisplay = msgToDisplay.PadRight(length - msgToDisplay.Length, '�');
}
container.ShowMessage(msgToDisplay);
return;
}
else
{
container.ShowError("Failed to reset password.");
return;
}
}
else
{
return;
}
}
}
//Add to Group
if (mi != null && mi.Text.Equals("Add to Group"))
{
if (dirnode == null)
{
dirnode = lvChildNodes.SelectedItems[0].Tag as ADUCDirectoryNode;
}
string sLdapPath = string.Format("LDAP://{0}/{1}", dirnode.LdapContext.DomainName, dirnode.DistinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
System.DirectoryServices.Misc.DsPicker f = new System.DirectoryServices.Misc.DsPicker();
f.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_GROUPS, sProtocol, sServer, sDCs, false);
if (f.waitForm != null && f.waitForm.bIsInterrupted)
{
return;
}
if (f.ShowDialog(this) == DialogResult.OK)
{
List<ListViewItem> itemlist = new List<ListViewItem>();
ADUCDirectoryNode parentNode = null;
string sDN = f.ADobjectsArray[0].de.Properties["distinguishedName"].Value as string;
if (mi.Tag != null)
{
parentNode = dirnode.Parent == null ? treeNode as ADUCDirectoryNode : dirnode.Parent as ADUCDirectoryNode;
ret = DoAddtoGroup(dirnode, sDN, true, f.ADobjectsArray[0].Name, ref itemlist);
if (ret == 0)
{
container.ShowMessage("The Add to Group operation was successfully completed");
}
}
else
{
parentNode = treeNode as ADUCDirectoryNode;
foreach (ListViewItem item in lvChildNodes.SelectedItems)
{
ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode;
if (dn != null)
{
ret = DoAddtoGroup(dn, sDN, false,null, ref itemlist);
}
}
if (itemlist != null && itemlist.Count != 0)
{
ADAddtoGroupErrorEditor errorDailog = new ADAddtoGroupErrorEditor(itemlist);
errorDailog.ShowDialog(this);
}
else if (ret == 0)
{
container.ShowMessage("The Add to Group operation was successfully completed");
}
}
if (ret != 0 && ret != -1)
{
string sMsg = ErrorCodes.LDAPString(ret);
container.ShowError(sMsg);
return;
}
}
}
//Reset Computer Account
if (mi != null && mi.Text.Equals("Reset Account"))
{
DirectoryContext dirContext = dirnode.LdapContext;
DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName));
int iPrimaryGroupID = Convert.ToInt32(de.Properties["primaryGroupID"].Value.ToString());
// string DCResetacc = de.Properties["cn"].Value.ToString() + "$";
if (iPrimaryGroupID == 516)
{
string sMsg = string.Format(
"Server {0} is a domain controller.You cannot reset " +
"the password on this object.",
dirnode.Text);
MessageBox.Show(sMsg);
return;
}
if (dirnode != null)
{
DialogResult dlg =
MessageBox.Show(this, "Are you sure you want to reset this computer account?",
CommonResources.GetString("Caption_Console"), MessageBoxButtons.YesNo,
MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2);
if (dlg == DialogResult.Yes)
{
string computername = de.Properties["sAMAccountName"].Value.ToString();
//It will give the DistinguishedName for the computer is nothing but getting 'cn' attribute
string compResetpawd = de.Properties["cn"].Value.ToString() + "$"; //dirnode.DistinguishedName.Split(',')[0].Substring(3) + "$";
try
{
ADUCPlugin plugin = pi as ADUCPlugin;
Hostinfo hn = ctx as Hostinfo;
bool retValue = !Convert.ToBoolean(LUGAPI.NetChangePassword(hn.domainName, computername, compResetpawd));
if (retValue)
{
string sMsg = string.Format(
"Account {0} was successfully reset.",
dirnode.Text);
container.ShowMessage(sMsg);
return;
}
else
{
string sMsg = string.Format(
"Resetting account for {0} was unsuccessful.",
dirnode.Text);
container.ShowMessage(sMsg);
return;
}
}
catch (Exception ex)
{
string sMsg = string.Format(
"Resetting account for {0} was unsuccessful. Becuase {1}",
dirnode.Text,
ex.Message);
container.ShowError(sMsg);
Logger.LogException("ADUCPage", ex);
return;
}
}
}
}
//Refreshing the Aduc page after performing any of the aduc functionalities
RefreshPluginPage();
//Properties...
if (mi != null && mi.Text.Equals("Properties"))
{
if (lvChildNodes.SelectedItems.Count > 1)
{
ADUCPlugin plugin = treeNode.Plugin as ADUCPlugin;
ADUCDirectoryNode dnNode = treeNode as ADUCDirectoryNode;
List<object> dirnodes = new List<object>();
bool bIsuserType = false;
bool bIsgroupType = false;
bool bIsOUType = false;
bool bIsOthers = false;
ADObjectType = string.Empty;
foreach (ListViewItem item in lvChildNodes.SelectedItems)
{
ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode;
if (dn != null)
{
if (dn.ObjectClass.Trim().Equals("user", StringComparison.InvariantCultureIgnoreCase))
{
bIsuserType = true;
}
else if (dn.ObjectClass.Trim().Equals("group", StringComparison.InvariantCultureIgnoreCase))
{
bIsgroupType = true;
}
else if (dn.ObjectClass.Trim().Equals("organizationalUnit", StringComparison.InvariantCultureIgnoreCase))
{
bIsOUType = true;
}
else
{
bIsOthers = true;
ADObjectType = string.Empty;
}
dirnodes.Add(dn);
}
}
if (bIsgroupType && !bIsOthers && !bIsuserType && !bIsOUType)
{
ADObjectType = "group";
}
else if (bIsuserType && !bIsOthers && !bIsgroupType && !bIsOUType)
{
ADObjectType = "user";
}
else if (bIsOUType && !bIsOthers && !bIsuserType && !bIsgroupType)
{
ADObjectType = "organizationalUnit";
}
MultiItemPropertiesDlg propertiesDlg = new MultiItemPropertiesDlg(base.container, this, base.pi as ADUCPlugin, dirnodes);
propertiesDlg.SetData(plugin.HostInfo.creds, plugin.HostInfo.hostName, "", dnNode, dnNode.LdapContext.SchemaCache);
propertiesDlg.Show();
}
else
{
DoPropertyPagesWork(dirnode);
}
}
}
