public void TestSync( )
{
DBHelper.Init(Settings.Default.ConnectionString);
DBHelper.ExecuteNonQuery("Test_DeleteAllData");
IList <ADPrincipal> pl = GetPrincipalList( );
ADSyncHelper.SyncAdToSqlServer(pl, Settings.Default.ConnectionString, "TestAD");
IAuthorizationManager manager = Afcas.GetAuthorizationManager( );
using (new ObjectCacheScope( )) {
Assert.AreEqual(5, manager.GetPrincipalList( ).Count);
//removal from sql side should not matter
manager.RemovePrincipal("p1");
ADSyncHelper.SyncAdToSqlServer(pl, Settings.Default.ConnectionString, "TestAD");
Assert.AreEqual(5, manager.GetPrincipalList( ).Count);
}
using (new ObjectCacheScope( )) {
//removal from ad side
ADPrincipal p1 = pl[0];
pl.RemoveAt(0);
ADSyncHelper.SyncAdToSqlServer(pl, Settings.Default.ConnectionString, "TestAD");
IList <Principal> dbpl = manager.GetPrincipalList( );
Assert.AreEqual(4, dbpl.Count);
Assert.That(!IsInList(p1.Name, dbpl));
Assert.That(!manager.IsMemberOf("g1", "p1"));
}
}
private bool GetADGroupMemberProcessCSRoutine()
{
this._partitionPath = this._cmdletParameters["Partition"] as string;
this._identityADGroup = this._cmdletParameters["Identity"] as ADGroup;
this._isRecursive = this._cmdletParameters.GetSwitchParameterBooleanValue("Recursive");
base.SetPipelinedSessionInfo(this._identityADGroup.SessionInfo);
CmdletSessionInfo cmdletSessionInfo = base.GetCmdletSessionInfo();
ADGroupFactory <ADGroup> aDGroupFactory = new ADGroupFactory <ADGroup>();
aDGroupFactory.SetCmdletSessionInfo(cmdletSessionInfo);
this.ValidateParameters();
ADObject directoryObjectFromIdentity = aDGroupFactory.GetDirectoryObjectFromIdentity(this._identityADGroup, cmdletSessionInfo.DefaultPartitionPath);
using (ADAccountManagement aDAccountManagement = new ADAccountManagement(cmdletSessionInfo.ADSessionInfo))
{
ADPrincipal[] groupMembers = aDAccountManagement.GetGroupMembers(cmdletSessionInfo.DefaultPartitionPath, directoryObjectFromIdentity.DistinguishedName, this._isRecursive);
ADPrincipal[] aDPrincipalArray = groupMembers;
for (int i = 0; i < (int)aDPrincipalArray.Length; i++)
{
ADPrincipal aDPrincipal = aDPrincipalArray[i];
base.WriteObject(aDPrincipal);
}
}
return(true);
}
private bool SetADPrincipalGroupMembershipProcessCSRoutine()
{
if (this._cmdletParameters.Contains("Identity"))
{
ADPrincipal item = this._cmdletParameters["Identity"] as ADPrincipal;
this.SetPipelinedSessionInfo(item.SessionInfo);
CmdletSessionInfo cmdletSessionInfo = base.GetCmdletSessionInfo();
this._factory.SetCmdletSessionInfo(cmdletSessionInfo);
base.ValidateParameters();
this.ValidateMemberOfParameter();
try
{
ADPrincipal extendedObjectFromIdentity = this._factory.GetExtendedObjectFromIdentity(item, cmdletSessionInfo.DefaultPartitionPath);
this._validExtendedPrincipalList.Add(extendedObjectFromIdentity);
}
catch (ADIdentityNotFoundException aDIdentityNotFoundException1)
{
ADIdentityNotFoundException aDIdentityNotFoundException = aDIdentityNotFoundException1;
base.ThrowTerminatingError(ADUtilities.GetErrorRecord(aDIdentityNotFoundException, "SetADPrincipalGroupMembership:ProcessRecordOverride", item));
}
return(true);
}
else
{
object[] objArray = new object[1];
objArray[0] = "Identity";
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, StringResources.ParameterRequired, objArray));
}
}
public static void SyncAdToSqlServer(IList <ADPrincipal> pl, string connectionString, string dbSourceName)
{
Dictionary <string, ADPrincipal> pdic = new Dictionary <string, ADPrincipal>(pl.Count);
for (int ii = 0; ii < pl.Count; ii++)
{
ADPrincipal pr = pl[ii];
pdic[pr.ADPath] = pr;
}
DBHelper.Init(connectionString);
using (TransactionScope scope = DBHelper.GetRequiredTransactionScope( )) {
DBHelper.ExecuteNonQuery("Sync_ClearSyncData", dbSourceName, EdgeSource.Principal);
// update principals
for (int ii = 0; ii < pl.Count; ii++)
{
ADPrincipal pr = pl[ii];
DBHelper.ExecuteNonQuery("Sync_AddPrincipalToSyncList",
new Guid(pr.Id),
pr.PrincipalType,
pr.Name,
pr.Email,
pr.DisplayName,
pr.Description,
dbSourceName);
}
DBHelper.ExecuteNonQuery("Sync_SyncPrincipal", dbSourceName);
// update memberships
for (int ii = 0; ii < pl.Count; ii++)
{
ADPrincipal pr = pl[ii];
for (int jj = 0; jj < pr.GroupPaths.Length; jj++)
{
string path = pr.GroupPaths[jj];
ADPrincipal gr;
if (!pdic.TryGetValue(path, out gr))
{
// this group is out of scope from the path list
continue;
}
DBHelper.ExecuteNonQuery("Sync_AddEdgeToSyncList", pr.Name, gr.Name, EdgeSource.Principal);
}
}
DBHelper.ExecuteNonQuery("Sync_SyncEdge", 0, EdgeSource.Principal, dbSourceName);
scope.Complete( );
}
}
private static IList <ADPrincipal> GetPrincipalList( )
{
ADPrincipal p1 = new ADPrincipal(Guid.NewGuid( ).ToString( ),
"p1",
"cn=p1,dc=test,dc=com",
PrincipalType.User,
"*****@*****.**",
"p1 disp name",
"p1 desc",
new[] { "cn=g1,dc=test,dc=com", "cn=g2,dc=test,dc=com" });
ADPrincipal p2 = new ADPrincipal(Guid.NewGuid( ).ToString( ),
"p2",
"cn=p2,dc=test,dc=com",
PrincipalType.User,
"*****@*****.**",
"p2 disp name",
"p2 desc",
new[] { "cn=g1,dc=test,dc=com" });
ADPrincipal p3 = new ADPrincipal(Guid.NewGuid( ).ToString( ),
"p3",
"cn=p3,dc=test,dc=com",
PrincipalType.User,
"*****@*****.**",
"p3 disp name",
"p3 desc",
new[] { "cn=g2,dc=test,dc=com" });
ADPrincipal g1 = new ADPrincipal(Guid.NewGuid( ).ToString( ),
"g1",
"cn=g1,dc=test,dc=com",
PrincipalType.User,
"*****@*****.**",
"g1 disp name",
"g1 desc",
new[] { "cn=g2,dc=test,dc=com" });
ADPrincipal g2 = new ADPrincipal(Guid.NewGuid( ).ToString( ),
"g2",
"cn=g2,dc=test,dc=com",
PrincipalType.User,
"*****@*****.**",
"g2 disp name",
"g2 desc",
new string[] { });
return(new List <ADPrincipal>(new[] { p1, p2, p3, g1, g2 }));
}
internal override IADOPathNode IdentitySearchConverter(object identity)
{
if (identity != null)
{
if ((int)this.IdentityLdapAttributes.Length <= 0)
{
return(null);
}
else
{
SecurityIdentifier securityIdentifier = identity as SecurityIdentifier;
if (securityIdentifier == null)
{
IADOPathNode aDOPathNode = base.IdentitySearchConverter(identity);
ADPrincipal aDPrincipal = identity as ADPrincipal;
if (aDPrincipal == null)
{
return(aDOPathNode);
}
else
{
List <IADOPathNode> aDOPathNodes = new List <IADOPathNode>();
if (aDPrincipal.SamAccountName != null)
{
aDOPathNodes.Add(ADOPathUtil.CreateFilterClause(ADOperator.Eq, "sAMAccountName", aDPrincipal.SamAccountName));
}
if (aDPrincipal.SID != null)
{
aDOPathNodes.Add(ADOPathUtil.CreateFilterClause(ADOperator.Eq, "objectSid", aDPrincipal.SID));
}
aDOPathNodes.Add(aDOPathNode);
return(ADOPathUtil.CreateAndClause(aDOPathNodes.ToArray()));
}
}
else
{
byte[] numArray = new byte[securityIdentifier.BinaryLength];
securityIdentifier.GetBinaryForm(numArray, 0);
return(ADOPathUtil.CreateFilterClause(ADOperator.Eq, "objectSid", numArray));
}
}
}
else
{
throw new ArgumentNullException("identity");
}
}
private void ValidateSubjectsAndAddToList()
{
object item = this._cmdletParameters["Subjects"];
ADPrincipal[] aDPrincipalArray = item as ADPrincipal[];
if (aDPrincipalArray == null)
{
ADPrincipal aDPrincipal = item as ADPrincipal;
if (aDPrincipal != null)
{
ADPrincipal[] aDPrincipalArray1 = new ADPrincipal[1];
aDPrincipalArray1[0] = aDPrincipal;
aDPrincipalArray = aDPrincipalArray1;
}
}
ADPrincipalFactory <ADPrincipal> aDPrincipalFactory = new ADPrincipalFactory <ADPrincipal>();
if (aDPrincipalArray[0].IsSearchResult)
{
this.SetPipelinedSessionInfo(aDPrincipalArray[0].SessionInfo);
}
CmdletSessionInfo cmdletSessionInfo = base.GetCmdletSessionInfo();
aDPrincipalFactory.SetCmdletSessionInfo(cmdletSessionInfo);
if (aDPrincipalArray != null)
{
new Hashtable();
ADPrincipal[] aDPrincipalArray2 = aDPrincipalArray;
for (int i = 0; i < (int)aDPrincipalArray2.Length; i++)
{
ADPrincipal aDPrincipal1 = aDPrincipalArray2[i];
try
{
ADObject directoryObjectFromIdentity = aDPrincipalFactory.GetDirectoryObjectFromIdentity(aDPrincipal1, cmdletSessionInfo.DefaultPartitionPath);
this._appliesToDNList.Add(directoryObjectFromIdentity.DistinguishedName);
}
catch (ADIdentityNotFoundException aDIdentityNotFoundException1)
{
ADIdentityNotFoundException aDIdentityNotFoundException = aDIdentityNotFoundException1;
DebugLogger.LogError("SetADFineGrainedPasswordPolicySubject", aDIdentityNotFoundException.ToString());
base.ThrowTerminatingError(ADUtilities.GetErrorRecord(aDIdentityNotFoundException, "SetADFineGrainedPasswordPolicySubject:ValidateSubjectsAndAddToList", aDPrincipal1));
}
}
}
}
private bool GetGroupMembershipProcessCSRoutine()
{
this._partitionPath = this._cmdletParameters["Partition"] as string;
this._identityADPrincipal = this._cmdletParameters["Identity"] as ADPrincipal;
base.SetPipelinedSessionInfo(this._identityADPrincipal.SessionInfo);
CmdletSessionInfo cmdletSessionInfo = base.GetCmdletSessionInfo();
ADPrincipalFactory <ADPrincipal> aDPrincipalFactory = new ADPrincipalFactory <ADPrincipal>();
aDPrincipalFactory.SetCmdletSessionInfo(cmdletSessionInfo);
this.ValidateParameters();
ADObject directoryObjectFromIdentity = aDPrincipalFactory.GetDirectoryObjectFromIdentity(this._identityADPrincipal, cmdletSessionInfo.DefaultPartitionPath);
using (ADAccountManagement aDAccountManagement = new ADAccountManagement(cmdletSessionInfo.ADSessionInfo))
{
if (!string.IsNullOrEmpty(this._resourceContextServer) && string.IsNullOrEmpty(this._resourceContextPartition))
{
ADSessionInfo aDSessionInfo = cmdletSessionInfo.ADSessionInfo.Copy();
aDSessionInfo.Server = this._resourceContextServer;
using (ADObjectSearcher aDObjectSearcher = new ADObjectSearcher(aDSessionInfo))
{
ADRootDSE rootDSE = aDObjectSearcher.GetRootDSE();
if (rootDSE.DefaultNamingContext != null)
{
this._resourceContextPartition = rootDSE.DefaultNamingContext;
}
else
{
object[] objArray = new object[1];
objArray[0] = "ResourceContextPartition";
base.ThrowTerminatingError(new ErrorRecord(new ArgumentException(string.Format(CultureInfo.CurrentCulture, StringResources.ParameterRequired, objArray)), "1", ErrorCategory.InvalidArgument, null));
}
}
}
ADGroup[] principalGroupMembership = aDAccountManagement.GetPrincipalGroupMembership(cmdletSessionInfo.DefaultPartitionPath, directoryObjectFromIdentity.DistinguishedName, this._resourceContextServer, this._resourceContextPartition);
ADGroup[] aDGroupArray = principalGroupMembership;
for (int i = 0; i < (int)aDGroupArray.Length; i++)
{
ADGroup aDGroup = aDGroupArray[i];
base.WriteObject(aDGroup);
}
}
return(true);
}
internal static ADObjectSearcher SamAccountNameIdentityResolver(object identityObject, string searchBase, CmdletSessionInfo cmdletSessionInfo, out bool useSearchFilter)
{
useSearchFilter = true;
if (identityObject != null)
{
ADPrincipal aDPrincipal = identityObject as ADPrincipal;
if (aDPrincipal == null || aDPrincipal.SamAccountName == null)
{
return(null);
}
else
{
ADObjectSearcher aDObjectSearcher = SearchUtility.BuildSearcher(cmdletSessionInfo.ADSessionInfo, searchBase, ADSearchScope.Subtree);
aDObjectSearcher.Filter = ADOPathUtil.CreateFilterClause(ADOperator.Eq, "sAMAccountName", aDPrincipal.SamAccountName);
return(aDObjectSearcher);
}
}
else
{
throw new ArgumentNullException("identityObject");
}
}
internal static ADObjectSearcher SidIdentityResolver(object identityObject, string searchBase, CmdletSessionInfo cmdletSessionInfo, out bool useSearchFilter)
{
useSearchFilter = true;
if (identityObject != null)
{
SecurityIdentifier securityIdentifier = null;
string str = identityObject as string;
if (string.IsNullOrEmpty(str) || !Utils.TryParseSid(str, out securityIdentifier))
{
securityIdentifier = identityObject as SecurityIdentifier;
if (securityIdentifier == null)
{
ADPrincipal aDPrincipal = identityObject as ADPrincipal;
if (aDPrincipal == null || !(aDPrincipal.SID != null))
{
return(null);
}
else
{
return(IdentityResolverMethods.BuildSidBaseSearcher(aDPrincipal.SID, searchBase, cmdletSessionInfo));
}
}
else
{
return(IdentityResolverMethods.BuildSidBaseSearcher(securityIdentifier, searchBase, cmdletSessionInfo));
}
}
else
{
return(IdentityResolverMethods.BuildSidBaseSearcher(securityIdentifier, searchBase, cmdletSessionInfo));
}
}
else
{
throw new ArgumentNullException("identityObject");
}
}
private void ValidateMembersParameter()
{
bool flag;
if (!this._isMembersValidated)
{
object item = this._cmdletParameters["Members"];
ADPrincipal[] aDPrincipalArray = item as ADPrincipal[];
if (aDPrincipalArray == null)
{
ADPrincipal aDPrincipal = item as ADPrincipal;
if (aDPrincipal != null)
{
ADPrincipal[] aDPrincipalArray1 = new ADPrincipal[1];
aDPrincipalArray1[0] = aDPrincipal;
aDPrincipalArray = aDPrincipalArray1;
}
}
if (aDPrincipalArray != null)
{
List <string> strs = new List <string>();
Hashtable hashtables = new Hashtable();
ADPrincipalFactory <ADPrincipal> aDPrincipalFactory = new ADPrincipalFactory <ADPrincipal>();
CmdletSessionInfo cmdletSessionInfo = base.GetCmdletSessionInfo();
aDPrincipalFactory.SetCmdletSessionInfo(cmdletSessionInfo);
if (cmdletSessionInfo.ConnectedADServerType != ADServerType.ADDS)
{
flag = false;
}
else
{
flag = this._operationType == SetADGroupMemberOperationType.RemoveGroupMember;
}
bool flag1 = flag;
Dictionary <SecurityIdentifier, string> securityIdentifiers = new Dictionary <SecurityIdentifier, string>();
IADOPathNode aDOPathNode = null;
SecurityIdentifier value = null;
if (flag1)
{
ADGroup aDGroup = (ADGroup)this._cmdletParameters["Identity"];
if (!aDGroup.IsSearchResult)
{
ADObject directoryObjectFromIdentity = aDPrincipalFactory.GetDirectoryObjectFromIdentity(aDGroup, cmdletSessionInfo.DefaultPartitionPath);
value = (SecurityIdentifier)directoryObjectFromIdentity["objectSid"].Value;
}
else
{
value = aDGroup.SID;
}
}
ADPrincipal[] aDPrincipalArray2 = aDPrincipalArray;
for (int i = 0; i < (int)aDPrincipalArray2.Length; i++)
{
ADPrincipal aDPrincipal1 = aDPrincipalArray2[i];
SecurityIdentifier sID = null;
string distinguishedName = null;
try
{
if (!aDPrincipal1.IsSearchResult)
{
ADObject aDObject = aDPrincipalFactory.GetDirectoryObjectFromIdentity(aDPrincipal1, cmdletSessionInfo.DefaultPartitionPath);
sID = (SecurityIdentifier)aDObject["objectSid"].Value;
distinguishedName = (string)aDObject["distinguishedName"].Value;
}
else
{
sID = aDPrincipal1.SID;
distinguishedName = aDPrincipal1.DistinguishedName;
}
if (distinguishedName != null)
{
if (sID == null)
{
object[] objArray = new object[2];
objArray[0] = "objectSid";
objArray[1] = distinguishedName;
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, StringResources.AttributeNotFoundOnObject, objArray));
}
}
else
{
object[] identifyingString = new object[2];
identifyingString[0] = "distinguishedName";
identifyingString[1] = aDPrincipal1.IdentifyingString;
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, StringResources.AttributeNotFoundOnObject, identifyingString));
}
}
catch (ADIdentityNotFoundException aDIdentityNotFoundException1)
{
ADIdentityNotFoundException aDIdentityNotFoundException = aDIdentityNotFoundException1;
DebugLogger.LogError("SetADGroupMember", aDIdentityNotFoundException.ToString());
base.ThrowTerminatingError(new ErrorRecord(aDIdentityNotFoundException, "SetADGroupMember.ValidateMembersParameter", ErrorCategory.ObjectNotFound, aDPrincipal1));
}
catch (ArgumentException argumentException1)
{
ArgumentException argumentException = argumentException1;
DebugLogger.LogError("SetADGroupMember", argumentException.ToString());
base.ThrowTerminatingError(new ErrorRecord(argumentException, "SetADGroupMember.ValidateMembersParameter", ErrorCategory.ReadError, aDPrincipal1));
}
if (!flag1 || value.IsEqualDomainSid(sID))
{
strs.Add(Utils.ConvertSIDToStringizedSid(sID));
}
else
{
IADOPathNode aDOPathNode1 = ADOPathUtil.CreateFilterClause(ADOperator.Eq, "objectSid", sID);
if (aDOPathNode != null)
{
IADOPathNode[] aDOPathNodeArray = new IADOPathNode[2];
aDOPathNodeArray[0] = aDOPathNode;
aDOPathNodeArray[1] = aDOPathNode1;
aDOPathNode = ADOPathUtil.CreateOrClause(aDOPathNodeArray);
}
else
{
aDOPathNode = aDOPathNode1;
}
securityIdentifiers.Add(sID, distinguishedName);
}
}
if (aDOPathNode != null)
{
using (ADObjectSearcher aDObjectSearcher = new ADObjectSearcher(this.GetSessionInfo()))
{
IADOPathNode aDOPathNode2 = ADOPathUtil.CreateFilterClause(ADOperator.Eq, "objectClass", "foreignSecurityPrincipal");
aDObjectSearcher.SearchRoot = this.GetRootDSE().DefaultNamingContext;
IADOPathNode[] aDOPathNodeArray1 = new IADOPathNode[2];
aDOPathNodeArray1[0] = aDOPathNode2;
aDOPathNodeArray1[1] = aDOPathNode;
aDObjectSearcher.Filter = ADOPathUtil.CreateAndClause(aDOPathNodeArray1);
aDObjectSearcher.Properties.Add("objectSid");
foreach (ADObject aDObject1 in aDObjectSearcher.FindAll())
{
SecurityIdentifier securityIdentifier = (SecurityIdentifier)aDObject1["objectSid"].Value;
if (!securityIdentifiers.ContainsKey(securityIdentifier))
{
continue;
}
strs.Add(Utils.ConvertSIDToStringizedSid(securityIdentifier));
securityIdentifiers.Remove(securityIdentifier);
}
foreach (string str in securityIdentifiers.Values)
{
strs.Add(str);
}
}
}
if (this._operationType != SetADGroupMemberOperationType.AddGroupMember)
{
if (this._operationType == SetADGroupMemberOperationType.RemoveGroupMember)
{
hashtables.Add(PropertyModifyOp.Remove.ToString(), strs.ToArray());
}
}
else
{
hashtables.Add(PropertyModifyOp.Add.ToString(), strs.ToArray());
}
this._cmdletParameters.RemoveParameter("Members");
this._cmdletParameters["Members"] = new ADMultivalueHashtableParameter <string>(hashtables);
this._isMembersValidated = true;
}
return;
}
else
{
return;
}
}
static void Main(string[] args)
{
var myProcess = new ADPrincipal();
myProcess.Process();
}
private bool SetADDCPrpBeginCSRoutine()
{
SecurityIdentifier value;
ADPrincipal[] item = null;
if (base.ParameterSetName != "AllowedPRP")
{
if (base.ParameterSetName == "DeniedPRP")
{
item = this._cmdletParameters["DeniedList"] as ADPrincipal[];
}
}
else
{
item = this._cmdletParameters["AllowedList"] as ADPrincipal[];
}
if (item != null)
{
List <string> strs = new List <string>();
ADPrincipalFactory <ADPrincipal> aDPrincipalFactory = new ADPrincipalFactory <ADPrincipal>();
ADPrincipal[] aDPrincipalArray = item;
for (int i = 0; i < (int)aDPrincipalArray.Length; i++)
{
ADPrincipal aDPrincipal = aDPrincipalArray[i];
base.SetPipelinedSessionInfo(aDPrincipal.SessionInfo);
CmdletSessionInfo cmdletSessionInfo = base.GetCmdletSessionInfo();
aDPrincipalFactory.SetCmdletSessionInfo(cmdletSessionInfo);
try
{
if (!aDPrincipal.IsSearchResult)
{
ADObject directoryObjectFromIdentity = aDPrincipalFactory.GetDirectoryObjectFromIdentity(aDPrincipal, cmdletSessionInfo.DefaultPartitionPath);
value = (SecurityIdentifier)directoryObjectFromIdentity["objectSid"].Value;
}
else
{
value = aDPrincipal.SID;
}
if (value != null)
{
string stringizedSid = Utils.ConvertSIDToStringizedSid(value);
strs.Add(stringizedSid);
}
else
{
object[] distinguishedName = new object[2];
distinguishedName[0] = "objectSid";
distinguishedName[1] = aDPrincipal.DistinguishedName;
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, StringResources.AttributeNotFoundOnObject, distinguishedName));
}
}
catch (ADIdentityNotFoundException aDIdentityNotFoundException1)
{
ADIdentityNotFoundException aDIdentityNotFoundException = aDIdentityNotFoundException1;
DebugLogger.LogError("SetADDCPasswordReplicationPolicy", aDIdentityNotFoundException.ToString());
base.ThrowTerminatingError(new ErrorRecord(aDIdentityNotFoundException, "SetADDCPasswordReplicationPolicy:BeginProcessing", ErrorCategory.ReadError, aDPrincipal));
}
catch (ArgumentException argumentException1)
{
ArgumentException argumentException = argumentException1;
DebugLogger.LogError("SetADDCPasswordReplicationPolicy", argumentException.ToString());
base.ThrowTerminatingError(new ErrorRecord(argumentException, "SetADDCPasswordReplicationPolicy:BeginProcessing", ErrorCategory.ReadError, aDPrincipal));
}
}
this._principalsToAddOrRemove = new Hashtable();
if (base.ParameterSetName != "AllowedPRP")
{
if (base.ParameterSetName == "DeniedPRP")
{
this._principalsToAddOrRemove.Add("msDS-NeverRevealGroup", strs.ToArray());
}
}
else
{
this._principalsToAddOrRemove.Add("msDS-RevealOnDemandGroup", strs.ToArray());
}
}
return(true);
}
