Example #1
0
        internal override bool IsLockedOut(AuthenticablePrincipal p)
        {
            Debug.Assert(p.fakePrincipal == false);

            Debug.Assert(p.unpersisted == false);

            DirectoryEntry de = (DirectoryEntry)p.UnderlyingObject;

            Debug.Assert(de != null);

            try
            {
                de.RefreshCache();
                return((bool)de.InvokeGet("IsAccountLocked"));
            }
            catch (System.Reflection.TargetInvocationException e)
            {
                if (e.InnerException is System.Runtime.InteropServices.COMException)
                {
                    throw (ExceptionHelper.GetExceptionFromCOMException((System.Runtime.InteropServices.COMException)e.InnerException));
                }
                throw;
            }
        }
Example #2
0
        static internal void WriteAttribute <T>(string dePath, string attribute, T value, NetCred credentials, AuthenticationTypes authTypes)
        {
            Debug.Assert(attribute != null && attribute.Length > 0);

            // Ideally, we'd just like to set the property in the principal's DirectoryEntry and write
            // the changes to the store.  However, there might be other changes in the DirectoryEntry,
            // and we don't want to write all of them to the store.  So we must make
            // a fresh DirectoryEntry and write using that.

            DirectoryEntry copyOfDe = null;

            try
            {
                copyOfDe = SDSUtils.BuildDirectoryEntry(dePath, credentials, authTypes);

                Debug.Assert(copyOfDe != null);

                // So we don't do a implicit GetInfo() and retrieve every attribute
                copyOfDe.RefreshCache(new string[] { attribute });

                copyOfDe.Properties[attribute].Value = value;
                copyOfDe.CommitChanges();
            }
            catch (System.Runtime.InteropServices.COMException e)
            {
                // ADSI threw an exception trying to write the change
                throw ExceptionHelper.GetExceptionFromCOMException(e);
            }
            finally
            {
                if (copyOfDe != null)
                {
                    copyOfDe.Dispose();
                }
            }
        }
Example #3
0
        public void Save(PrincipalContext context)
        {
            GlobalDebug.WriteLineIf(GlobalDebug.Info, "Principal", "Entering Save(Context)");

            // Make sure we're not disposed or deleted.
            CheckDisposedOrDeleted();

            // Make sure we're not a fake principal
            CheckFakePrincipal();

            // We must have a PrincipalContext to save into.  This should always be the case, unless we're unpersisted
            // and they never set a PrincipalContext.
            if (context == null)
            {
                Debug.Assert(this.unpersisted == true);
                throw new InvalidOperationException(SR.NullArguments);
            }

            if (context.ContextType == ContextType.Machine || _ctx.ContextType == ContextType.Machine)
            {
                throw new InvalidOperationException(SR.SaveToNotSupportedAgainstMachineStore);
            }

            // If the user is trying to save to the same context we are already set to then just save the changes
            if (context == _ctx)
            {
                Save();
                return;
            }

            // If we already have a context set on this object then make sure the new
            // context is of the same type.
            if (context.ContextType != _ctx.ContextType)
            {
                Debug.Assert(this.unpersisted == true);
                throw new InvalidOperationException(SR.SaveToMustHaveSamecontextType);
            }

            StoreCtx originalStoreCtx = GetStoreCtxToUse();

            _ctx = context;

            // Call the appropriate operation depending on whether this is an insert or update
            StoreCtx newStoreCtx = GetStoreCtxToUse();

            Debug.Assert(newStoreCtx != null);      // since we know this.ctx isn't null
            Debug.Assert(originalStoreCtx != null); // since we know this.ctx isn't null

            if (this.unpersisted)
            {
                // We have an unpersisted principal so we just want to create a principal in the new store.
                GlobalDebug.WriteLineIf(GlobalDebug.Info, "Principal", "Save(context): inserting new principal of type {0} using {1}", this.GetType(), newStoreCtx.GetType());
                Debug.Assert(newStoreCtx == _ctx.ContextForType(this.GetType()));
                newStoreCtx.Insert(this);
                this.unpersisted = false;  // once we persist, we're no longer in the unpersisted state
            }
            else
            {
                // We have a principal that already exists.  We need to move it to the new store.
                GlobalDebug.WriteLineIf(GlobalDebug.Info, "Principal", "Save(context): Moving principal of type {0} using {1}", this.GetType(), newStoreCtx.GetType());

                // we are now saving to a new store so this principal is unpersisted.
                this.unpersisted = true;

                // If the user has modified the name save away the current name so
                // if the move succeeds and the update fails we will move the item back to the original
                // store with the original name.
                bool   nameModified = _nameChanged == LoadState.Changed;
                string previousName = null;

                if (nameModified)
                {
                    string newName = _name;
                    _ctx.QueryCtx.Load(this, PropertyNames.PrincipalName);
                    previousName = _name;
                    this.Name    = newName;
                }

                newStoreCtx.Move(originalStoreCtx, this);

                try
                {
                    this.unpersisted = false;  // once we persist, we're no longer in the unpersisted state

                    newStoreCtx.Update(this);
                }
                catch (System.SystemException e)
                {
                    try
                    {
                        GlobalDebug.WriteLineIf(GlobalDebug.Error, "Principal", "Save(context):,  Update Failed (attempting to move back) Exception {0} ", e.Message);

                        if (nameModified)
                        {
                            this.Name = previousName;
                        }

                        originalStoreCtx.Move(newStoreCtx, this);

                        GlobalDebug.WriteLineIf(GlobalDebug.Info, "Principal", "Move back succeeded");
                    }
                    catch (System.SystemException deleteFail)
                    {
                        // The move back failed.  Just continue we will throw the original exception below.
                        GlobalDebug.WriteLineIf(GlobalDebug.Error, "Principal", "Save(context):,  Move back Failed {0} ", deleteFail.Message);
                    }

                    if (e is System.Runtime.InteropServices.COMException)
                    {
                        throw ExceptionHelper.GetExceptionFromCOMException((System.Runtime.InteropServices.COMException)e);
                    }
                    else
                    {
                        throw;
                    }
                }
            }

            _ctx.QueryCtx = newStoreCtx;  // so Updates go to the right StoreCtx
        }
Example #4
0
        private bool BindSam(string target, string userName, string password)
        {
            string adsPath = $"WinNT://{_serverName},computer";
            Guid   g       = new Guid("fd8256d0-fd15-11ce-abc4-02608c9e7553"); // IID_IUnknown
            object value   = null;
            // always attempt secure auth..
            int    authenticationType = 1;
            object unmanagedResult    = null;

            try
            {
                if (Thread.CurrentThread.GetApartmentState() == ApartmentState.Unknown)
                {
                    Thread.CurrentThread.SetApartmentState(ApartmentState.MTA);
                }
                // We need the credentials to be in the form <machine>\\<user>
                // if they just passed user then append the machine name here.
                if (null != userName)
                {
                    int index = userName.IndexOf('\\');
                    if (index == -1)
                    {
                        userName = _serverName + "\\" + userName;
                    }
                }

                int hr = UnsafeNativeMethods.ADsOpenObject(adsPath, userName, password, (int)authenticationType, ref g, out value);

                if (hr != 0)
                {
                    if (hr == unchecked ((int)(ExceptionHelper.ERROR_HRESULT_LOGON_FAILURE)))
                    {
                        // This is the invalid credetials case.  We want to return false
                        // instead of throwing an exception
                        return(false);
                    }
                    else
                    {
                        throw ExceptionHelper.GetExceptionFromErrorCode(hr);
                    }
                }

                unmanagedResult = ((UnsafeNativeMethods.IADs)value).Get("name");
            }
            catch (System.Runtime.InteropServices.COMException e)
            {
                if (e.ErrorCode == unchecked ((int)(ExceptionHelper.ERROR_HRESULT_LOGON_FAILURE)))
                {
                    return(false);
                }
                else
                {
                    throw ExceptionHelper.GetExceptionFromCOMException(e);
                }
            }
            finally
            {
                if (value != null)
                {
                    System.Runtime.InteropServices.Marshal.ReleaseComObject(value);
                }
            }

            return(true);
        }
Example #5
0
        private void DoLDAPDirectoryInit()
        {
            // use the servername if they gave us one, else let ADSI figure it out
            string serverName = "";

            if (_name != null)
            {
                if (_contextType == ContextType.ApplicationDirectory)
                {
                    serverName = _serverProperties.dnsHostName + ":" +
                                 ((ContextOptions.SecureSocketLayer & _options) > 0 ? _serverProperties.portSSL : _serverProperties.portLDAP);
                }
                else
                {
                    serverName = _name;
                }

                serverName += "/";
            }

            GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInit: serverName is " + serverName);

            // use the options they specified
            AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(_options);

            GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInit: authTypes is " + authTypes.ToString());

            DirectoryEntry de = new DirectoryEntry("LDAP://" + serverName + _container, _username, _password, authTypes);

            try
            {
                // Set the password port to the ssl port read off of the rootDSE.  Without this
                // password change/set won't work when we connect without SSL and ADAM is running
                // on non-standard port numbers.  We have already verified directory connectivity at this point
                // so this should always succeed.
                if (_serverProperties.portSSL > 0)
                {
                    de.Options.PasswordPort = _serverProperties.portSSL;
                }

                StoreCtx storeCtx = CreateContextFromDirectoryEntry(de);

                _queryCtx    = storeCtx;
                _userCtx     = storeCtx;
                _groupCtx    = storeCtx;
                _computerCtx = storeCtx;

                _connectedServer = ADUtils.GetServerName(de);
                de = null;
            }
            catch (System.Runtime.InteropServices.COMException e)
            {
                throw ExceptionHelper.GetExceptionFromCOMException(e);
            }
            catch (Exception e)
            {
                GlobalDebug.WriteLineIf(GlobalDebug.Error, "PrincipalContext",
                                        "DoLDAPDirectoryInit: caught exception of type "
                                        + e.GetType().ToString() +
                                        " and message " + e.Message);

                throw;
            }
            finally
            {
                // Cleanup the DE on failure
                de?.Dispose();
            }
        }
        private bool BindSam(string target, string userName, string password)
        {
            bool          flag;
            StringBuilder stringBuilder = new StringBuilder();

            stringBuilder.Append("WinNT://");
            stringBuilder.Append(this.serverName);
            stringBuilder.Append(",computer");
            Guid   guid = new Guid("fd8256d0-fd15-11ce-abc4-02608c9e7553");
            object obj  = null;
            int    num  = 1;

            try
            {
                try
                {
                    if (Thread.CurrentThread.GetApartmentState() == ApartmentState.Unknown)
                    {
                        Thread.CurrentThread.SetApartmentState(ApartmentState.MTA);
                    }
                    if (userName != null)
                    {
                        int num1 = userName.IndexOf("\\", StringComparison.Ordinal);
                        if (num1 == -1)
                        {
                            userName = string.Concat(this.serverName, "\\", userName);
                        }
                    }
                    int num2 = UnsafeNativeMethods.ADsOpenObject(stringBuilder.ToString(), userName, password, num, out guid, out obj);
                    if (num2 == 0)
                    {
                        ((UnsafeNativeMethods.IADs)obj).Get("name");
                    }
                    else
                    {
                        if (num2 != ExceptionHelper.ERROR_HRESULT_LOGON_FAILURE)
                        {
                            throw ExceptionHelper.GetExceptionFromErrorCode(num2);
                        }
                        else
                        {
                            flag = false;
                            return(flag);
                        }
                    }
                }
                catch (COMException cOMException1)
                {
                    COMException cOMException = cOMException1;
                    if (cOMException.ErrorCode != ExceptionHelper.ERROR_HRESULT_LOGON_FAILURE)
                    {
                        throw ExceptionHelper.GetExceptionFromCOMException(cOMException);
                    }
                    else
                    {
                        flag = false;
                        return(flag);
                    }
                }
                return(true);
            }
            finally
            {
                if (obj != null)
                {
                    Marshal.ReleaseComObject(obj);
                }
            }
            return(flag);
        }
Example #7
0
        private List <string> PopulatAuxObjectList(string auxClassName)
        {
            string        value;
            List <string> strs;
            string        userName;
            string        password;
            string        str;
            string        password1;

            try
            {
                string str1 = string.Concat("LDAP://", this.userSuppliedServerName, "/rootDSE");
                if (this.credentials == null)
                {
                    userName = null;
                }
                else
                {
                    userName = this.credentials.UserName;
                }
                if (this.credentials == null)
                {
                    password = null;
                }
                else
                {
                    password = this.credentials.Password;
                }
                using (DirectoryEntry directoryEntry = new DirectoryEntry(str1, userName, password, this.authTypes))
                {
                    if (directoryEntry.Properties["schemaNamingContext"].Count != 0)
                    {
                        value = (string)directoryEntry.Properties["schemaNamingContext"].Value;
                    }
                    else
                    {
                        throw new PrincipalOperationException(StringResources.ADAMStoreUnableToPopulateSchemaList);
                    }
                }
                string str2 = string.Concat("LDAP://", this.userSuppliedServerName, "/", value);
                if (this.credentials == null)
                {
                    str = null;
                }
                else
                {
                    str = this.credentials.UserName;
                }
                if (this.credentials == null)
                {
                    password1 = null;
                }
                else
                {
                    password1 = this.credentials.Password;
                }
                using (DirectoryEntry directoryEntry1 = new DirectoryEntry(str2, str, password1, this.authTypes))
                {
                    using (DirectorySearcher directorySearcher = new DirectorySearcher(directoryEntry1))
                    {
                        directorySearcher.Filter = string.Concat("(&(objectClass=classSchema)(systemAuxiliaryClass=", auxClassName, "))");
                        directorySearcher.PropertiesToLoad.Add("ldapDisplayName");
                        List <string>          strs1 = new List <string>();
                        SearchResultCollection searchResultCollections = directorySearcher.FindAll();
                        using (searchResultCollections)
                        {
                            foreach (SearchResult searchResult in searchResultCollections)
                            {
                                if (searchResult.Properties["ldapDisplayName"] != null)
                                {
                                    strs1.Add(searchResult.Properties["ldapDisplayName"][0].ToString());
                                }
                                else
                                {
                                    throw new PrincipalOperationException(StringResources.ADAMStoreUnableToPopulateSchemaList);
                                }
                            }
                        }
                        strs1.Add(auxClassName);
                        strs = strs1;
                    }
                }
            }
            catch (COMException cOMException1)
            {
                COMException cOMException = cOMException1;
                throw ExceptionHelper.GetExceptionFromCOMException(cOMException);
            }
            return(strs);
        }
Example #8
0
 public void Save(PrincipalContext context)
 {
     this.CheckDisposedOrDeleted();
     this.CheckFakePrincipal();
     if (context.ContextType == ContextType.Machine || this.ctx.ContextType == ContextType.Machine)
     {
         throw new InvalidOperationException(StringResources.SaveToNotSupportedAgainstMachineStore);
     }
     else
     {
         if (context != null)
         {
             if (context != this.ctx)
             {
                 if (context.ContextType == this.ctx.ContextType)
                 {
                     StoreCtx storeCtxToUse = this.GetStoreCtxToUse();
                     this.ctx = context;
                     StoreCtx storeCtx = this.GetStoreCtxToUse();
                     if (!this.unpersisted)
                     {
                         this.unpersisted = true;
                         bool   flag = this.nameChanged == LoadState.Changed;
                         string str  = null;
                         if (flag)
                         {
                             string str1 = this.name;
                             this.ctx.QueryCtx.Load(this, "Principal.Name");
                             str       = this.name;
                             this.Name = str1;
                         }
                         storeCtx.Move(storeCtxToUse, this);
                         try
                         {
                             this.unpersisted = false;
                             storeCtx.Update(this);
                         }
                         catch (SystemException systemException2)
                         {
                             SystemException systemException = systemException2;
                             try
                             {
                                 if (flag)
                                 {
                                     this.Name = str;
                                 }
                                 storeCtxToUse.Move(storeCtx, this);
                             }
                             catch (SystemException systemException1)
                             {
                             }
                             if (systemException as COMException == null)
                             {
                                 throw systemException;
                             }
                             else
                             {
                                 throw ExceptionHelper.GetExceptionFromCOMException((COMException)systemException);
                             }
                         }
                     }
                     else
                     {
                         storeCtx.Insert(this);
                         this.unpersisted = false;
                     }
                     this.ctx.QueryCtx = storeCtx;
                     return;
                 }
                 else
                 {
                     throw new InvalidOperationException(StringResources.SaveToMustHaveSamecontextType);
                 }
             }
             else
             {
                 this.Save();
                 return;
             }
         }
         else
         {
             throw new InvalidOperationException(StringResources.NullArguments);
         }
     }
 }