public static void DeleteUser(string identity)
{
Console.WriteLine($"Deleting User [{identity}]");
DirectoryServices.DeleteUser(identity);
UserPrincipalObject upo = DirectoryServices.GetUser(identity, false, false, false);
Assert.That(upo, Is.Null);
}
public void Core_UserNotFound()
{
// Get User That Does Not Exist
String userName = $"testuser_{Utility.GenerateToken( 8 )}";
String userDistinguishedName = $"CN={userName},{workspaceName}";
Console.WriteLine($"Getting User [{userName}] Which Should Not Exist.");
UserPrincipalObject user = DirectoryServices.GetUser(userName, true, true, true);
Assert.That(user, Is.Null);
Console.WriteLine($"Getting User Principal [{userName}] Which Should Not Exist.");
UserPrincipal up = DirectoryServices.GetUserPrincipal(userDistinguishedName);
Assert.That(up, Is.Null);
}
public void Core_GroupManagementTestSuccess()
{
// Add User To Group
UserPrincipal user = Utility.CreateUser(workspaceName);
UserPrincipalObject upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false);
int beforeCount = upo.Groups.Count;
Console.WriteLine($"Adding User [{user.Name}] To Group [{group.Name}].");
DirectoryServices.AddUserToGroup(user.DistinguishedName, group.DistinguishedName);
upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false);
int afterCount = upo.Groups.Count;
Assert.That(afterCount, Is.EqualTo(beforeCount + 1));
// Remove User From Group
beforeCount = afterCount;
Console.WriteLine($"Removing User [{user.Name}] From Group [{group.Name}].");
DirectoryServices.RemoveUserFromGroup(user.DistinguishedName, group.DistinguishedName);
upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false);
afterCount = upo.Groups.Count;
Assert.That(afterCount, Is.EqualTo(beforeCount - 1));
// Delete User
Utility.DeleteUser(user.DistinguishedName);
// Add Group To Group
GroupPrincipal newGroup = Utility.CreateGroup(workspaceName);
GroupPrincipalObject gpo = DirectoryServices.GetGroup(newGroup.DistinguishedName, true, false, false);
beforeCount = gpo.Groups.Count;
Console.WriteLine($"Adding Group [{newGroup.Name}] To Group [{group.Name}].");
DirectoryServices.AddGroupToGroup(newGroup.DistinguishedName, group.DistinguishedName);
gpo = DirectoryServices.GetGroup(newGroup.DistinguishedName, true, false, false);
afterCount = gpo.Groups.Count;
Assert.That(afterCount, Is.EqualTo(beforeCount + 1));
// Remove Group From Group
beforeCount = afterCount;
Console.WriteLine($"Removing Group [{newGroup.Name}] From Group [{group.Name}].");
DirectoryServices.RemoveGroupFromGroup(newGroup.DistinguishedName, group.DistinguishedName);
gpo = DirectoryServices.GetGroup(newGroup.DistinguishedName, true, false, false);
afterCount = gpo.Groups.Count;
Assert.That(afterCount, Is.EqualTo(beforeCount - 1));
// Delete Groups
Utility.DeleteGroup(newGroup.DistinguishedName);
}
private object GetActiveDirectoryObject(AdObject obj)
{
switch (obj.Type)
{
case AdObjectType.User:
AdUser user = (AdUser)obj;
UserPrincipalObject upo = null;
upo = DirectoryServices.GetUser(user.Identity, config.ReturnGroupMembership, config.ReturnAccessRules, config.ReturnObjectProperties);
if (upo == null)
{
throw new AdException($"User [{user.Identity}] Was Not Found.", AdStatusType.DoesNotExist);
}
return(upo);
case AdObjectType.Group:
AdGroup group = (AdGroup)obj;
GroupPrincipalObject gpo = null;
gpo = DirectoryServices.GetGroup(group.Identity, config.ReturnGroupMembership, config.ReturnAccessRules, config.ReturnObjectProperties);
if (gpo == null)
{
throw new AdException($"Group [{group.Identity}] Was Not Found.", AdStatusType.DoesNotExist);
}
return(gpo);
case AdObjectType.OrganizationalUnit:
AdOrganizationalUnit ou = (AdOrganizationalUnit)obj;
OrganizationalUnitObject ouo = null;
ouo = DirectoryServices.GetOrganizationalUnit(ou.Identity, config.ReturnAccessRules, config.ReturnObjectProperties);
if (ouo == null)
{
throw new AdException($"Organizational Unit [{ou.Identity}] Was Not Found.", AdStatusType.DoesNotExist);
}
return(ouo);
default:
throw new AdException("Action [" + config.Action + "] Not Implemented For Type [" + obj.Type + "]", AdStatusType.NotSupported);
}
}
public void Core_UserTestSuccess()
{
// Get User By Distinguished Name
Console.WriteLine($"Getting User By DisginguishedName : [{user.DistinguishedName}]");
UserPrincipalObject upo = DirectoryServices.GetUser(user.DistinguishedName, true, true, true);
Assert.That(upo.DistinguishedName, Is.EqualTo(user.DistinguishedName));
String userName = upo.Name;
String userPrincipalName = upo.UserPrincipalName;
String userSamAccountName = upo.SamAccountName;
Guid? userGuid = upo.Guid;
String userSid = upo.Sid;
// Get User By Name
Console.WriteLine($"Getting User By Name: [{userName}]");
upo = DirectoryServices.GetUser(userName, true, true, true);
Assert.That(upo.Name, Is.EqualTo(userName));
// Get User By UserPrincipalName
Console.WriteLine($"Getting User By UserPrincipalName: [{userPrincipalName}]");
upo = DirectoryServices.GetUser(userPrincipalName, true, true, true);
Assert.That(upo.UserPrincipalName, Is.EqualTo(userPrincipalName));
// Get User By SamAccountName
Console.WriteLine($"Getting User By SamAccountName : [{userSamAccountName}]");
upo = DirectoryServices.GetUser(userSamAccountName, true, true, true);
Assert.That(upo.SamAccountName, Is.EqualTo(userSamAccountName));
// Get User By Guid
Console.WriteLine($"Getting User By Guid : [{userGuid}]");
upo = DirectoryServices.GetUser(userGuid.ToString(), true, true, true);
Assert.That(upo.Guid, Is.EqualTo(userGuid));
// Get User By Sid
Console.WriteLine($"Getting User By Sid : [{userSid}]");
upo = DirectoryServices.GetUser(userSid, true, true, true);
Assert.That(upo.Sid, Is.EqualTo(userSid));
// Modify User
Console.WriteLine($"Modifying User : [{userName}]");
UserPrincipal up = DirectoryServices.GetUserPrincipal(userName);
up.DisplayName = "Guy Michael Waguespack";
up.GivenName = "Guy";
up.MiddleName = "Michael";
up.Surname = "Waguespack";
DirectoryServices.SaveUser(up);
upo = DirectoryServices.GetUser(userName, false, false, false);
Assert.That(upo.DisplayName, Is.EqualTo("Guy Michael Waguespack"));
Assert.That(upo.GivenName, Is.EqualTo("Guy"));
Assert.That(upo.MiddleName, Is.EqualTo("Michael"));
Assert.That(upo.Surname, Is.EqualTo("Waguespack"));
// Create AccessUser For AccessRule Tests (Below)
UserPrincipal accessRuleUser = Utility.CreateUser(workspaceName);
int ruleCount = DirectoryServices.GetAccessRules(user).Count;
// Add Access Rule To User
Console.WriteLine($"Adding AccessRule For User [{accessRuleUser.Name}] To User [{user.Name}].");
DirectoryServices.AddAccessRule(user, accessRuleUser, ActiveDirectoryRights.GenericRead, System.Security.AccessControl.AccessControlType.Allow, ActiveDirectorySecurityInheritance.None);
int newRuleCount = DirectoryServices.GetAccessRules(user).Count;
Assert.That(newRuleCount, Is.GreaterThan(ruleCount));
// Removing Access Rule From User
Console.WriteLine($"Removing AccessRule For User [{accessRuleUser.Name}] From User [{user.Name}].");
DirectoryServices.DeleteAccessRule(user, accessRuleUser, ActiveDirectoryRights.GenericRead, System.Security.AccessControl.AccessControlType.Allow, ActiveDirectorySecurityInheritance.None);
newRuleCount = DirectoryServices.GetAccessRules(user).Count;
Assert.That(newRuleCount, Is.EqualTo(ruleCount));
// Seting Access Rule From User
Console.WriteLine($"Setting AccessRule For User [{accessRuleUser.Name}] On User [{user.Name}].");
DirectoryServices.SetAccessRule(user, accessRuleUser, ActiveDirectoryRights.GenericRead, System.Security.AccessControl.AccessControlType.Allow, ActiveDirectorySecurityInheritance.None);
newRuleCount = DirectoryServices.GetAccessRules(user).Count;
Assert.That(newRuleCount, Is.GreaterThan(ruleCount));
// Purge Access Rule From User
Console.WriteLine($"Purging AccessRules For User [{accessRuleUser.Name}] From User [{user.Name}].");
DirectoryServices.PurgeAccessRules(user, accessRuleUser);
newRuleCount = DirectoryServices.GetAccessRules(user).Count;
Assert.That(newRuleCount, Is.EqualTo(ruleCount));
// Delete AccessRule User
Utility.DeleteUser(accessRuleUser.DistinguishedName);
}
public void Handler_GroupManagementTestsSuccess()
{
Dictionary <string, string> parameters = new Dictionary <string, string>();
// Users
UserPrincipal user = Utility.CreateUser(workspaceName);
UserPrincipalObject upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false);
int initialCount = upo.Groups.Count;
// Add User To Group
Console.WriteLine($"Adding User [{user.Name}] To Group [{targetGroup.Name}]");
parameters.Clear();
parameters.Add("returngroupmembership", "true");
parameters.Add("identity", user.DistinguishedName);
parameters.Add("memberof", targetGroup.DistinguishedName);
ActiveDirectoryHandlerResults result = Utility.CallPlan("AddUserToGroup", parameters);
Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success));
Assert.That(result.Results[0].User.Groups.Count, Is.EqualTo(initialCount + 1));
// Remove User From Group
Console.WriteLine($"Removing User [{user.Name}] From Group [{targetGroup.Name}]");
parameters.Clear();
parameters.Add("returngroupmembership", "true");
parameters.Add("identity", user.DistinguishedName);
parameters.Add("memberof", targetGroup.DistinguishedName);
result = Utility.CallPlan("RemoveUserFromGroup", parameters);
Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success));
Assert.That(result.Results[0].User.Groups.Count, Is.EqualTo(initialCount));
Utility.DeleteUser(user.DistinguishedName);
// Groups
GroupPrincipal group = Utility.CreateGroup(workspaceName);
GroupPrincipalObject gpo = DirectoryServices.GetGroup(group.DistinguishedName, true, false, false);
initialCount = gpo.Groups.Count;
// Add Group To Group
Console.WriteLine($"Adding Group [{group.Name}] To Group [{targetGroup.Name}]");
parameters.Clear();
parameters.Add("returngroupmembership", "true");
parameters.Add("identity", group.DistinguishedName);
parameters.Add("memberof", targetGroup.DistinguishedName);
result = Utility.CallPlan("AddGroupToGroup", parameters);
Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success));
Assert.That(result.Results[0].Group.Groups.Count, Is.EqualTo(initialCount + 1));
// Remove Group From Group
Console.WriteLine($"Removing Group [{group.Name}] From Group [{targetGroup.Name}]");
parameters.Clear();
parameters.Add("returngroupmembership", "true");
parameters.Add("identity", group.DistinguishedName);
parameters.Add("memberof", targetGroup.DistinguishedName);
result = Utility.CallPlan("RemoveGroupFromGroup", parameters);
Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success));
Assert.That(result.Results[0].Group.Groups.Count, Is.EqualTo(initialCount));
Utility.DeleteGroup(group.DistinguishedName);
}
