private void DoLDAPDirectoryInit()
{
int num;
string str = "";
if (this.name != null)
{
if (this.contextType != ContextType.ApplicationDirectory)
{
str = this.name;
}
else
{
string str1 = this.serverProperties.dnsHostName;
string str2 = ":";
if ((ContextOptions.SecureSocketLayer & this.options) > 0)
{
num = this.serverProperties.portSSL;
}
else
{
num = this.serverProperties.portLDAP;
}
str = string.Concat(str1, str2, num);
}
str = string.Concat(str, "/");
}
AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(this.options);
using (DirectoryEntry directoryEntry = new DirectoryEntry(string.Concat("LDAP://", str, this.container), this.username, this.password, authTypes))
{
try
{
if (this.serverProperties.portSSL > 0)
{
directoryEntry.Options.PasswordPort = this.serverProperties.portSSL;
}
StoreCtx storeCtx = this.CreateContextFromDirectoryEntry(directoryEntry);
this.queryCtx = storeCtx;
this.userCtx = storeCtx;
this.groupCtx = storeCtx;
this.computerCtx = storeCtx;
this.connectedServer = ADUtils.GetServerName(directoryEntry);
}
catch (COMException cOMException1)
{
COMException cOMException = cOMException1;
throw ExceptionHelper.GetExceptionFromCOMException(cOMException);
}
catch (Exception exception)
{
throw;
}
}
}
protected override void LoadDomainInfo()
{
this.dnsHostName = ADUtils.GetServerName(this.ctxBase);
this.domainFlatName = this.userSuppliedServerName;
this.forestDnsName = this.userSuppliedServerName;
this.domainDnsName = this.userSuppliedServerName;
using (DirectoryEntry directoryEntry = new DirectoryEntry(string.Concat("LDAP://", this.userSuppliedServerName, "/rootDse"), "", "", AuthenticationTypes.Anonymous))
{
string item = (string)this.ctxBase.Properties["distinguishedName"][0];
int length = -1;
foreach (string str in directoryEntry.Properties["namingContexts"])
{
if (str.Length <= length || !item.EndsWith(str, StringComparison.OrdinalIgnoreCase))
{
continue;
}
length = str.Length;
this.contextBasePartitionDN = str;
}
}
UnsafeNativeMethods.Pathname pathname = new UnsafeNativeMethods.Pathname();
UnsafeNativeMethods.IADsPathname aDsPathname = (UnsafeNativeMethods.IADsPathname)pathname;
aDsPathname.Set(this.ctxBase.Path, 1);
try
{
this.userSuppliedServerName = aDsPathname.Retrieve(9);
}
catch (COMException cOMException1)
{
COMException cOMException = cOMException1;
if (cOMException.ErrorCode != -2147463168)
{
throw;
}
else
{
this.userSuppliedServerName = "";
}
}
}
private void DoLDAPDirectoryInitNoContainer()
{
byte[] USERS_CONTAINER_GUID = new byte[] { 0xa9, 0xd1, 0xca, 0x15, 0x76, 0x88, 0x11, 0xd1, 0xad, 0xed, 0x00, 0xc0, 0x4f, 0xd8, 0xd5, 0xcd };
byte[] COMPUTERS_CONTAINER_GUID = new byte[] { 0xaa, 0x31, 0x28, 0x25, 0x76, 0x88, 0x11, 0xd1, 0xad, 0xed, 0x00, 0xc0, 0x4f, 0xd8, 0xd5, 0xcd };
// The StoreCtxs that will be used in the PrincipalContext, and their associated DirectoryEntry objects.
DirectoryEntry deUserGroupOrg = null;
DirectoryEntry deComputer = null;
DirectoryEntry deBase = null;
ADStoreCtx storeCtxUserGroupOrg = null;
ADStoreCtx storeCtxComputer = null;
ADStoreCtx storeCtxBase = null;
GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "Entering DoLDAPDirectoryInitNoContainer");
//
// Build a DirectoryEntry that represents the root of the domain.
//
// Use the RootDSE to find the default naming context
DirectoryEntry deRootDse = null;
string adsPathBase;
// use the servername if they gave us one, else let ADSI figure it out
string serverName = "";
if (_name != null)
{
serverName = _name + "/";
}
GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: serverName is " + serverName);
// use the options they specified
AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(_options);
GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: authTypes is " + authTypes.ToString());
try
{
deRootDse = new DirectoryEntry("LDAP://" + serverName + "rootDse", _username, _password, authTypes);
// This will also detect if the server is down or nonexistent
string domainNC = (string)deRootDse.Properties["defaultNamingContext"][0];
adsPathBase = "LDAP://" + serverName + domainNC;
GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: domainNC is " + domainNC);
GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: adsPathBase is " + adsPathBase);
}
finally
{
// Don't allow the DE to leak
deRootDse?.Dispose();
}
try
{
// Build a DE for the root of the domain using the retrieved naming context
deBase = new DirectoryEntry(adsPathBase, _username, _password, authTypes);
// Set the password port to the ssl port read off of the rootDSE. Without this
// password change/set won't work when we connect without SSL and ADAM is running
// on non-standard port numbers. We have already verified directory connectivity at this point
// so this should always succeed.
if (_serverProperties.portSSL > 0)
{
deBase.Options.PasswordPort = _serverProperties.portSSL;
}
//
// Use the wellKnownObjects attribute to determine the default location
// for users and computers.
//
string adsPathUserGroupOrg = null;
string adsPathComputer = null;
PropertyValueCollection wellKnownObjectValues = deBase.Properties["wellKnownObjects"];
foreach (UnsafeNativeMethods.IADsDNWithBinary value in wellKnownObjectValues)
{
if (Utils.AreBytesEqual(USERS_CONTAINER_GUID, (byte[])value.BinaryValue))
{
Debug.Assert(adsPathUserGroupOrg == null);
adsPathUserGroupOrg = "LDAP://" + serverName + value.DNString;
GlobalDebug.WriteLineIf(
GlobalDebug.Info,
"PrincipalContext",
"DoLDAPDirectoryInitNoContainer: found USER, adsPathUserGroupOrg is " + adsPathUserGroupOrg);
}
// Is it the computer container?
if (Utils.AreBytesEqual(COMPUTERS_CONTAINER_GUID, (byte[])value.BinaryValue))
{
Debug.Assert(adsPathComputer == null);
adsPathComputer = "LDAP://" + serverName + value.DNString;
GlobalDebug.WriteLineIf(
GlobalDebug.Info,
"PrincipalContext",
"DoLDAPDirectoryInitNoContainer: found COMPUTER, adsPathComputer is " + adsPathComputer);
}
}
if ((adsPathUserGroupOrg == null) || (adsPathComputer == null))
{
// Something's wrong with the domain, it's not exposing the proper
// well-known object fields.
throw new PrincipalOperationException(SR.ContextNoWellKnownObjects);
}
//
// Build DEs for the Users and Computers containers.
// The Users container will also be used as the default for Groups.
// The reason there are different contexts for groups, users and computers is so that
// when a principal is created it will go into the appropriate default container. This is so users don't
// by default create principals in the root of their directory. When a search happens the base context is used so that
// the whole directory will be covered.
//
deUserGroupOrg = new DirectoryEntry(adsPathUserGroupOrg, _username, _password, authTypes);
deComputer = new DirectoryEntry(adsPathComputer, _username, _password, authTypes);
StoreCtx userStore = CreateContextFromDirectoryEntry(deUserGroupOrg);
_userCtx = userStore;
_groupCtx = userStore;
deUserGroupOrg = null; // since we handed off ownership to the StoreCtx
_computerCtx = CreateContextFromDirectoryEntry(deComputer);
deComputer = null;
_queryCtx = CreateContextFromDirectoryEntry(deBase);
_connectedServer = ADUtils.GetServerName(deBase);
deBase = null;
}
catch (Exception e)
{
GlobalDebug.WriteLineIf(GlobalDebug.Error,
"PrincipalContext",
"DoLDAPDirectoryInitNoContainer: caught exception of type "
+ e.GetType().ToString() +
" and message " + e.Message);
// Cleanup on failure. Once a DE has been successfully handed off to a ADStoreCtx,
// that ADStoreCtx will handle Dispose()'ing it
deUserGroupOrg?.Dispose();
deComputer?.Dispose();
deBase?.Dispose();
storeCtxUserGroupOrg?.Dispose();
storeCtxComputer?.Dispose();
storeCtxBase?.Dispose();
throw;
}
}
private void DoLDAPDirectoryInit()
{
// use the servername if they gave us one, else let ADSI figure it out
string serverName = "";
if (_name != null)
{
if (_contextType == ContextType.ApplicationDirectory)
{
serverName = _serverProperties.dnsHostName + ":" +
((ContextOptions.SecureSocketLayer & _options) > 0 ? _serverProperties.portSSL : _serverProperties.portLDAP);
}
else
{
serverName = _name;
}
serverName += "/";
}
GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInit: serverName is " + serverName);
// use the options they specified
AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(_options);
GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInit: authTypes is " + authTypes.ToString());
DirectoryEntry de = new DirectoryEntry("LDAP://" + serverName + _container, _username, _password, authTypes);
try
{
// Set the password port to the ssl port read off of the rootDSE. Without this
// password change/set won't work when we connect without SSL and ADAM is running
// on non-standard port numbers. We have already verified directory connectivity at this point
// so this should always succeed.
if (_serverProperties.portSSL > 0)
{
de.Options.PasswordPort = _serverProperties.portSSL;
}
StoreCtx storeCtx = CreateContextFromDirectoryEntry(de);
_queryCtx = storeCtx;
_userCtx = storeCtx;
_groupCtx = storeCtx;
_computerCtx = storeCtx;
_connectedServer = ADUtils.GetServerName(de);
de = null;
}
catch (System.Runtime.InteropServices.COMException e)
{
throw ExceptionHelper.GetExceptionFromCOMException(e);
}
catch (Exception e)
{
GlobalDebug.WriteLineIf(GlobalDebug.Error, "PrincipalContext",
"DoLDAPDirectoryInit: caught exception of type "
+ e.GetType().ToString() +
" and message " + e.Message);
throw;
}
finally
{
// Cleanup the DE on failure
de?.Dispose();
}
}
// Must be called inside of lock(domainInfoLock)
protected override void LoadDomainInfo()
{
GlobalDebug.WriteLineIf(GlobalDebug.Info, "ADStoreCtx", "LoadComputerInfo");
Debug.Assert(this.ctxBase != null);
//
// DNS Domain Name
//
this.dnsHostName = ADUtils.GetServerName(this.ctxBase);
// Treat the user supplied server name as the domain and forest name...
this.domainFlatName = userSuppliedServerName;
this.forestDnsName = userSuppliedServerName;
this.domainDnsName = userSuppliedServerName;
//
// Find the partition in which the supplied ctxBase belongs by comparing it with the list of partitions hosted by this
// LDS (ADAM) instance.
//
using (DirectoryEntry rootDse = new DirectoryEntry("LDAP://" + this.userSuppliedServerName + "/rootDse", "", "", AuthenticationTypes.Anonymous))
{
string ctxBaseDN = (string)this.ctxBase.Properties["distinguishedName"][0];
int maxMatchLength = -1;
foreach (string partitionDN in rootDse.Properties["namingContexts"])
{
if ((partitionDN.Length > maxMatchLength) && ctxBaseDN.EndsWith(partitionDN, StringComparison.OrdinalIgnoreCase))
{
maxMatchLength = partitionDN.Length;
this.contextBasePartitionDN = partitionDN;
}
}
}
//
// User supplied name
//
UnsafeNativeMethods.Pathname pathCracker = new UnsafeNativeMethods.Pathname();
UnsafeNativeMethods.IADsPathname pathName = (UnsafeNativeMethods.IADsPathname)pathCracker;
pathName.Set(this.ctxBase.Path, 1 /* ADS_SETTYPE_FULL */);
try
{
this.userSuppliedServerName = pathName.Retrieve(9 /*ADS_FORMAT_SERVER */);
GlobalDebug.WriteLineIf(GlobalDebug.Info, "ADStoreCtx", "LoadComputerInfo: using user-supplied name {0}", this.userSuppliedServerName);
}
catch (COMException e)
{
if (((uint)e.ErrorCode) == ((uint)0x80005000)) // E_ADS_BAD_PATHNAME
{
// Serverless path
GlobalDebug.WriteLineIf(GlobalDebug.Info, "ADStoreCtx", "LoadComputerInfo: using empty string as user-supplied name");
this.userSuppliedServerName = "";
}
else
{
GlobalDebug.WriteLineIf(GlobalDebug.Error,
"ADStoreCtx",
"LoadComputerInfo: caught COMException {0} {1} looking for user-supplied name",
e.ErrorCode,
e.Message);
throw;
}
}
}
private void DoLDAPDirectoryInitNoContainer()
{
string str = null;
string str1 = null;
byte[] numArray = new byte[] { 169, 209, 202, 21, 118, 136, 17, 209, 173, 237, 0, 192, 79, 216, 213, 205 };
byte[] numArray1 = numArray;
byte[] numArray2 = new byte[] { 170, 49, 40, 37, 118, 136, 17, 209, 173, 237, 0, 192, 79, 216, 213, 205 };
byte[] numArray3 = numArray2;
DirectoryEntry directoryEntry = null;
DirectoryEntry directoryEntry1 = null;
DirectoryEntry directoryEntry2 = null;
ADStoreCtx aDStoreCtx = null;
ADStoreCtx aDStoreCtx1 = null;
ADStoreCtx aDStoreCtx2 = null;
DirectoryEntry directoryEntry3 = null;
string str2 = "";
if (this.name != null)
{
str2 = string.Concat(this.name, "/");
}
AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(this.options);
using (directoryEntry3)
{
directoryEntry3 = new DirectoryEntry(string.Concat("LDAP://", str2, "rootDse"), this.username, this.password, authTypes);
string item = (string)directoryEntry3.Properties["defaultNamingContext"][0];
str = string.Concat("LDAP://", str2, item);
}
try
{
directoryEntry2 = new DirectoryEntry(str, this.username, this.password, authTypes);
if (this.serverProperties.portSSL > 0)
{
directoryEntry2.Options.PasswordPort = this.serverProperties.portSSL;
}
string str3 = null;
PropertyValueCollection propertyValueCollection = directoryEntry2.Properties["wellKnownObjects"];
foreach (UnsafeNativeMethods.IADsDNWithBinary aDsDNWithBinary in propertyValueCollection)
{
if (Utils.AreBytesEqual(numArray1, (byte[])aDsDNWithBinary.BinaryValue))
{
str3 = string.Concat("LDAP://", str2, aDsDNWithBinary.DNString);
}
if (!Utils.AreBytesEqual(numArray3, (byte[])aDsDNWithBinary.BinaryValue))
{
continue;
}
str1 = string.Concat("LDAP://", str2, aDsDNWithBinary.DNString);
}
if (str3 == null || str1 == null)
{
throw new PrincipalOperationException(StringResources.ContextNoWellKnownObjects);
}
else
{
directoryEntry = new DirectoryEntry(str3, this.username, this.password, authTypes);
directoryEntry1 = new DirectoryEntry(str1, this.username, this.password, authTypes);
StoreCtx storeCtx = this.CreateContextFromDirectoryEntry(directoryEntry);
this.userCtx = storeCtx;
this.groupCtx = storeCtx;
directoryEntry = null;
this.computerCtx = this.CreateContextFromDirectoryEntry(directoryEntry1);
directoryEntry1 = null;
this.queryCtx = this.CreateContextFromDirectoryEntry(directoryEntry2);
this.connectedServer = ADUtils.GetServerName(directoryEntry2);
directoryEntry2 = null;
}
}
catch (Exception exception)
{
if (directoryEntry != null)
{
directoryEntry.Dispose();
}
if (directoryEntry1 != null)
{
directoryEntry1.Dispose();
}
if (directoryEntry2 != null)
{
directoryEntry2.Dispose();
}
if (aDStoreCtx != null)
{
aDStoreCtx.Dispose();
}
if (aDStoreCtx1 != null)
{
aDStoreCtx1.Dispose();
}
if (aDStoreCtx2 != null)
{
aDStoreCtx2.Dispose();
}
throw;
}
}
