private void btnMembersAddWindowsUsersAndGroups_Click(object sender, EventArgs e) { try { this.HourGlass(true); ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, this.applicationGroup.Application.Store.Storage.Mode == NetSqlAzManMode.Developer); /*Application.DoEvents();*/ if (res != null) { foreach (ADObject o in res) { if (!this.MembersToRemove.Remove(o.Sid) && !this.FindMember(this.applicationGroup.GetApplicationGroupMembers(), o.Sid) && !this.FindMember(this.MembersToAdd, o.Sid)) { WhereDefined wd = WhereDefined.LDAP; if (!o.ADSPath.StartsWith("LDAP")) { wd = WhereDefined.Local; } this.MembersToAdd.Add(new GenericMember(o.Name, new SqlAzManSID(o.Sid), wd)); this.modified = true; } } this.RefreshApplicationGroupProperties(); } this.HourGlass(false); } catch (Exception ex) { this.HourGlass(false); MessageBox.Show(ex.Message); } }
/// <summary> /// Executes the LDAP query. /// </summary> /// <param name="testLDapQuery">The test L dap query.</param> /// <returns></returns> public SearchResultCollection ExecuteLDAPQuery(string testLDapQuery) { if (this.groupType != GroupType.LDapQuery) { throw new InvalidOperationException("Method not supported for Basic Groups"); } if (!String.IsNullOrEmpty(testLDapQuery.Trim())) { string rootdse = DirectoryServicesUtils.GetRootDSEPart(testLDapQuery); string ldapquery = DirectoryServicesUtils.GetLDAPQueryPart(testLDapQuery); string query = String.Empty; if (rootdse == null) { query = String.Format("(&(!(objectClass=computer))(&(|(objectClass=user)(objectClass=group)))({0}))", ldapquery); } else { query = String.Format("[RootDSE:{0}](&(!(objectClass=computer))(&(|(objectClass=user)(objectClass=group)))({1}))", rootdse, ldapquery); } return(DirectoryServices.DirectoryServicesUtils.ExecuteLDAPQuery(query)); } else { return(null); } }
/// <summary> /// Gets the owner info. /// </summary> /// <param name="displayName">Display name of the Owner.</param> /// <returns></returns> public MemberType GetOwnerInfo(out string displayName) { if (System.Security.Principal.WindowsIdentity.GetCurrent().User.Value == this.owner.StringValue) { displayName = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).Name; return(MemberType.WindowsNTUser); } if (this.ownerSidWhereDefined == WhereDefined.Database) { try { displayName = this.item.Application.GetDBUser(this.owner).UserName; } catch (SqlAzManException) { displayName = this.owner.StringValue; } return(MemberType.DatabaseUser); } bool isAGroup; bool isLocal; DirectoryServicesUtils.GetMemberInfo(this.owner.StringValue, out displayName, out isAGroup, out isLocal); if (this.item.Application.Store.Storage.Mode == NetSqlAzManMode.Administrator && isLocal) { displayName = this.owner.StringValue; return(MemberType.AnonymousSID); } return(isAGroup ? MemberType.WindowsNTGroup : MemberType.WindowsNTUser); }
/// <summary> /// Updates the specified authorization type. /// </summary> /// <param name="owner">The owner Sid.</param> /// <param name="sid">The member Sid.</param> /// <param name="sidWhereDefined">The object owner where defined.</param> /// <param name="authorizationType">Type of the authorization.</param> /// <param name="validFrom">The valid from.</param> /// <param name="validTo">The valid to.</param> public void Update(IAzManSid owner, IAzManSid sid, WhereDefined sidWhereDefined, AuthorizationType authorizationType, DateTime?validFrom, DateTime?validTo) { if (this.owner.StringValue != owner.StringValue || this.sid.StringValue != sid.StringValue || this.sidWhereDefined != sidWhereDefined || this.authorizationType != authorizationType || this.validFrom != validFrom || this.validTo != validTo) { //DateTime range check if (validFrom.HasValue && validTo.HasValue) { if (validFrom.Value > validTo.Value) { throw new InvalidOperationException("ValidFrom cannot be greater then ValidTo if supplied."); } } SqlAzManSID oldOwner = new SqlAzManSID(this.owner.StringValue, this.ownerSidWhereDefined == WhereDefined.Database); SqlAzManSID oldSid = new SqlAzManSID(this.sid.StringValue, this.sidWhereDefined == WhereDefined.Database); WhereDefined oldOwnerSidWhereDefined = this.ownerSidWhereDefined; WhereDefined oldSidWhereDefined = this.SidWhereDefined; AuthorizationType oldAuthorizationType = this.AuthorizationType; DateTime? oldValidFrom = this.validFrom; DateTime? oldValidTo = this.validTo; string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(owner.StringValue, out memberName, out isLocal); WhereDefined ownerSidWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP; this.db.AuthorizationUpdate(this.item.ItemId, owner.BinaryValue, (byte)ownerSidWhereDefined, sid.BinaryValue, (byte)sidWhereDefined, (byte)authorizationType, (validFrom.HasValue ? validFrom.Value : new DateTime?()), (validTo.HasValue ? validTo.Value : new DateTime?()), this.authorizationId, this.item.Application.ApplicationId); this.owner = new SqlAzManSID(owner.BinaryValue); this.ownerSidWhereDefined = ownerSidWhereDefined; this.sid = sid; this.sidWhereDefined = sidWhereDefined; this.authorizationType = authorizationType; this.validFrom = validFrom; this.validTo = validTo; this.raiseAuthorizationUpdated(this, oldOwner, oldOwnerSidWhereDefined, oldSid, oldSidWhereDefined, oldAuthorizationType, oldValidFrom, oldValidTo); } }
private void btnBrowseWindowsUser_Click(object sender, EventArgs e) { string userName = String.Empty; try { this.rbWindowsUser.Checked = true; ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, false, true, false); /*Application.DoEvents();*/ if (res != null) { if (res.Length > 1) { this.ShowError(Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg20"), Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg10")); } if (res.Length == 1) { userName = res[0].UPN; this.wid = new WindowsIdentity(userName); this.txtWindowsUser.Text = userName; this.dbuser = null; } } } catch (Exception ex) { this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg10")); } finally { this.FormValidate(); } }
/// <summary> /// Gets the member info. /// </summary> /// <param name="displayName">Display name of the member.</param> /// <returns></returns> public MemberType GetMemberInfo(out string displayName) { switch (this.SidWhereDefined) { case WhereDefined.Store: displayName = this.item.Application.Store.GetStoreGroup(this.sid).Name; return(MemberType.StoreGroup); case WhereDefined.Application: displayName = this.item.Application.GetApplicationGroup(this.sid).Name; return(MemberType.ApplicationGroup); case WhereDefined.LDAP: bool isAnLdapGroup; bool isLocal; DirectoryServicesUtils.GetMemberInfo(this.sid.StringValue, out displayName, out isAnLdapGroup, out isLocal); if (this.sid.StringValue.Equals(displayName)) { return(MemberType.AnonymousSID); } return(isAnLdapGroup ? MemberType.WindowsNTGroup : MemberType.WindowsNTUser); case WhereDefined.Local: if (this.item.Application.Store.Storage.Mode == NetSqlAzManMode.Administrator) { break; } bool isALocalGroup; bool isLocal2; DirectoryServicesUtils.GetMemberInfo(this.sid.StringValue, out displayName, out isALocalGroup, out isLocal2); if (this.sid.StringValue.Equals(displayName)) { return(MemberType.AnonymousSID); } return(isALocalGroup ? MemberType.WindowsNTGroup : MemberType.WindowsNTUser); case WhereDefined.Database: try { displayName = this.item.Application.GetDBUser(this.sid).UserName; if (displayName == this.sid.StringValue) { displayName = this.item.Application.Store.GetDBUser(this.sid).UserName; } if (displayName == this.sid.StringValue) { displayName = this.item.Application.Store.Storage.GetDBUser(this.sid).UserName; } } catch (SqlAzManException) { displayName = this.sid.StringValue; } return(MemberType.DatabaseUser); } displayName = this.sid.StringValue; return(MemberType.AnonymousSID); }
private List <string> ObtainUserGroups(string sSystemUserName) { string sServerName = String.Empty; string sUserName = String.Empty; List <string> oNetGroups = new List <string>(); DirectoryServicesUtils.ParseAccountName(sSystemUserName, out sServerName, out sUserName); oNetGroups.AddRange(ObtainFullUserGroupName(sServerName, sUserName)); // Domain user groups oNetGroups.AddRange(ObtainFullUserGroupName(Environment.MachineName, sSystemUserName)); // Local user groups return(oNetGroups); }
private void btnAddWindowsUsersAndGroups_Click(object sender, EventArgs e) { try { this.HourGlass(true); ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, this.item.Application.Store.Storage.Mode == NetSqlAzManMode.Developer); /*Application.DoEvents();*/ if (res != null) { List <DataRow> rowsAdded = new List <DataRow>(); foreach (ADObject o in res) { WhereDefined wd = WhereDefined.LDAP; if (!o.ADSPath.StartsWith("LDAP")) { wd = WhereDefined.Local; } string displayName; bool isAGroup; bool isLocal; DirectoryServicesUtils.GetMemberInfo(o.Sid, out displayName, out isAGroup, out isLocal); GenericMember gm = new GenericMember(new SqlAzManSID(o.Sid), wd, AuthorizationType.Neutral, null, null); gm.Name = displayName; rowsAdded.Add(this.AddLDapDataRow(gm, isAGroup)); this.modified = true; } this.SelectDataGridViewRows(rowsAdded); } this.btnApply.Enabled = this.modified; //Adjust columns Width foreach (DataGridViewColumn dgvc in this.dgAuthorizations.Columns) { dgvc.Width = dgvc.GetPreferredWidth(DataGridViewAutoSizeColumnMode.AllCells, true); } this.HourGlass(false); } catch (Exception ex) { this.HourGlass(false); this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("frmItemAuthorizations_Msg10")); } finally { this.btnApply.Enabled = this.modified; } }
/// <summary> /// Updates the L dap query. /// </summary> /// <param name="newLdapQuery">The new ldap query.</param> public void UpdateLDapQuery(string newLdapQuery) { if (this.lDapQuery != newLdapQuery) { if (DirectoryServicesUtils.TestLDAPQuery(newLdapQuery)) { string oldLDapQuery = this.lDapQuery; this.db.StoreGroupUpdate(this.store.StoreId, this.SID.BinaryValue, this.name, this.description, newLdapQuery, (byte)this.groupType, this.storeGroupId); this.lDapQuery = newLdapQuery; this.raiseStoreGroupLDAPQueryUpdated(this, oldLDapQuery); } else { throw new ArgumentException("LDAP Query syntax error or unavailable Domain.", "newLdapQuery"); } } }
public frmImportFromAzMan() { InitializeComponent(); try { string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(this.currentOwnerSid.StringValue, out memberName, out isLocal); if (!isLocal) { this.currentOwnerSidWhereDefined = WhereDefined.LDAP; } else { this.currentOwnerSidWhereDefined = WhereDefined.Local; } } catch { this.currentOwnerSidWhereDefined = WhereDefined.LDAP; } }
private void btnNonMembersAddWindowsUsersAndGroup_Click(object sender, EventArgs e) { this.HourGlass(true); ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, this.storeGroup.Store.Storage.Mode == NetSqlAzManMode.Developer); if (res != null) { foreach (ADObject o in res) { if (!this.NonMembersToRemove.Remove(o.Sid) && !this.FindMember(this.storeGroup.GetStoreGroupNonMembers(), new SqlAzManSID(o.Sid)) && !this.FindMember(this.NonMembersToAdd, new SqlAzManSID(o.Sid))) { WhereDefined wd = WhereDefined.LDAP; if (!o.ADSPath.StartsWith("LDAP")) { wd = WhereDefined.Local; } this.NonMembersToAdd.Add(new GenericMember(o.Name, new SqlAzManSID(o.Sid), wd)); this.modified = true; } } this.RefreshStoreGroupProperties(); } this.HourGlass(false); }
public frmItemAuthorizations() { InitializeComponent(); string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(this.currentOwnerSid.StringValue, out memberName, out isLocal); this.currentOwnerSidWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP; this.dtAuthorizations = new DataTable(); DataColumn dcAuthorizationId = new DataColumn("AuthorizationID", typeof(int)); dcAuthorizationId.AutoIncrement = true; dcAuthorizationId.AutoIncrementSeed = -1; dcAuthorizationId.AutoIncrementStep = -1; dcAuthorizationId.AllowDBNull = false; dcAuthorizationId.Unique = true; DataColumn dcMemberTypeEnum = new DataColumn("MemberTypeEnum", typeof(MemberType)); DataColumn dcMemberType = new DataColumn("MemberType", typeof(Bitmap)); DataColumn dcOwner = new DataColumn("Owner", typeof(string)); DataColumn dcOwnerSid = new DataColumn("OwnerSID", typeof(string)); DataColumn dcName = new DataColumn("Name", typeof(string)); DataColumn dcObjectSid = new DataColumn("ObjectSID", typeof(string)); DataColumn dcWhereDefined = new DataColumn("WhereDefined", typeof(string)); DataColumn dcWhereDefinedEnum = new DataColumn("WhereDefinedEnum", typeof(WhereDefined)); DataColumn dcAuthorizationType = new DataColumn("AuthorizationType", typeof(Bitmap)); DataColumn dcAuthorizationTypeEnum = new DataColumn("AuthorizationTypeEnum", typeof(AuthorizationType)); DataColumn dcValidFrom = new DataColumn("ValidFrom", typeof(DateTime)); dcValidFrom.AllowDBNull = true; DataColumn dcValidTo = new DataColumn("ValidTo", typeof(DateTime)); dcValidTo.AllowDBNull = true; dcMemberType.Caption = Globalization.MultilanguageResource.GetString("DGColumn_10"); dcOwner.Caption = Globalization.MultilanguageResource.GetString("DGColumn_20"); dcOwnerSid.Caption = Globalization.MultilanguageResource.GetString("DGColumn_30"); dcName.Caption = Globalization.MultilanguageResource.GetString("DGColumn_40"); dcObjectSid.Caption = Globalization.MultilanguageResource.GetString("DGColumn_50"); dcWhereDefined.Caption = Globalization.MultilanguageResource.GetString("DGColumn_60"); dcAuthorizationType.Caption = Globalization.MultilanguageResource.GetString("DGColumn_70"); dcValidFrom.Caption = Globalization.MultilanguageResource.GetString("DGColumn_80"); dcValidTo.Caption = Globalization.MultilanguageResource.GetString("DGColumn_90"); this.dtAuthorizations.Columns.AddRange( new DataColumn[] { dcAuthorizationId, dcMemberType, dcName, dcAuthorizationType, dcWhereDefined, dcOwner, dcOwnerSid, dcValidFrom, dcValidTo, dcObjectSid, dcAuthorizationTypeEnum, dcWhereDefinedEnum, dcMemberTypeEnum, }); this.modified = false; }
private void ImportFromAzMan(string azManStorePath, string netSqlAzManStoreName) { Microsoft.Interop.Security.AzRoles.AzAuthorizationStore azstore = null; try { this.SetMessage(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg50")); this.storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted); string storeDescription = String.Format(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg60") + " ({0}) - {1}", azManStorePath, DateTime.Now.ToString()); IAzManStore store = this.storage.CreateStore(netSqlAzManStoreName, storeDescription); azstore = new AzAuthorizationStoreClass(); this.SetMessage(String.Format(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg70") + " '{0}'", azManStorePath)); azstore.Initialize(2, azManStorePath, null); #region Store Groups //Store Groups foreach (IAzApplicationGroup azStoreGroup in azstore.ApplicationGroups) { //Store Groups Definition this.SetMessage(String.Format("Store Group: '{0}'", azStoreGroup.Name)); if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC) { //Basic store.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), azStoreGroup.Name, azStoreGroup.Description, String.Empty, GroupType.Basic); } else if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_LDAP_QUERY) { //LDap store.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), azStoreGroup.Name, azStoreGroup.Description, azStoreGroup.LdapQuery, GroupType.LDapQuery); } } //Store Groups Members foreach (IAzApplicationGroup azStoreGroup in azstore.ApplicationGroups) { if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC) { //Basic IAzManStoreGroup storeGroup = store.GetStoreGroup(azStoreGroup.Name); //Store Group Members - Members Store Group this.SetMessage(String.Format("Store Group: '{0}' Members", storeGroup.Name)); object[] azStoreGroupMembers = azStoreGroup.AppMembers as object[]; if (azStoreGroupMembers != null) { foreach (string azStoreGroupMember in azStoreGroupMembers) { IAzManStoreGroup member = store.GetStoreGroup(azStoreGroupMember); storeGroup.CreateStoreGroupMember(member.SID, WhereDefined.Store, true); } } //Store Group Non-Members - Non-Members Store Group this.SetMessage(String.Format("Store Group: '{0}' Non-Members", storeGroup.Name)); object[] azStoreGroupNonMembers = azStoreGroup.AppNonMembers as object[]; if (azStoreGroupNonMembers != null) { foreach (string azStoreGroupNonMember in azStoreGroupNonMembers) { IAzManStoreGroup nonMember = store.GetStoreGroup(azStoreGroupNonMember); storeGroup.CreateStoreGroupMember(nonMember.SID, WhereDefined.Store, false); } } //Store Group Members - Windows NT Account this.SetMessage(String.Format("Store Group: '{0}' Windows account Members", storeGroup.Name)); object[] azStoreGroupWindowsMembers = azStoreGroup.Members as object[]; if (azStoreGroupWindowsMembers != null) { foreach (string azStoreWindowsMember in azStoreGroupWindowsMembers) { IAzManSid sid = new SqlAzManSID(azStoreWindowsMember); string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal); storeGroup.CreateStoreGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, true); } } //Store Group NonMembers - Windows NT Account this.SetMessage(String.Format("Store Group: '{0}' Windows account Non-Members", storeGroup.Name)); object[] azStoreGroupWindowsNonMembers = azStoreGroup.NonMembers as object[]; if (azStoreGroupWindowsNonMembers != null) { foreach (string azStoreWindowsNonMember in azStoreGroupWindowsNonMembers) { IAzManSid sid = new SqlAzManSID(azStoreWindowsNonMember); string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal); storeGroup.CreateStoreGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, false); } } } } #endregion Store Groups #region Applications //Applications foreach (IAzApplication azApplication in azstore.Applications) { this.SetMessage(String.Format("Application: '{0}'", azApplication.Name)); IAzManApplication application = store.CreateApplication(azApplication.Name, azApplication.Description); #region Application Groups //Store Groups foreach (IAzApplicationGroup azApplicationGroup in azApplication.ApplicationGroups) { //Application Groups Definition this.SetMessage(String.Format("Application Group: '{0}'", azApplicationGroup.Name)); if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC) { //Basic application.CreateApplicationGroup(SqlAzManSID.NewSqlAzManSid(), azApplicationGroup.Name, azApplicationGroup.Description, String.Empty, GroupType.Basic); } else if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_LDAP_QUERY) { //LDap application.CreateApplicationGroup(SqlAzManSID.NewSqlAzManSid(), azApplicationGroup.Name, azApplicationGroup.Description, azApplicationGroup.LdapQuery, GroupType.LDapQuery); } } //Application Groups Members foreach (IAzApplicationGroup azApplicationGroup in azApplication.ApplicationGroups) { if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC) { //Basic IAzManApplicationGroup applicationGroup = application.GetApplicationGroup(azApplicationGroup.Name); //Application Group Members - Members Group this.SetMessage(String.Format("Application Group: '{0}' Members", applicationGroup.Name)); object[] azStoreGroupMembers = azApplicationGroup.AppMembers as object[]; if (azStoreGroupMembers != null) { foreach (string azGroupMember in azStoreGroupMembers) { IAzManStoreGroup storemember; try { storemember = store.GetStoreGroup(azGroupMember); } catch (SqlAzManException) { storemember = null; } IAzManApplicationGroup appmember; try { appmember = application.GetApplicationGroup(azGroupMember); } catch (SqlAzManException) { appmember = null; } if (storemember != null) { applicationGroup.CreateApplicationGroupMember(storemember.SID, WhereDefined.Store, true); } else { applicationGroup.CreateApplicationGroupMember(appmember.SID, WhereDefined.Application, true); } } } //Application Group Non-Members - Non-Members Group this.SetMessage(String.Format("Application Group: '{0}' Non-Members", applicationGroup.Name)); object[] azStoreGroupNonMembers = azApplicationGroup.AppNonMembers as object[]; if (azStoreGroupNonMembers != null) { foreach (string azGroupNonMember in azStoreGroupNonMembers) { IAzManStoreGroup storenonMember; try { storenonMember = store.GetStoreGroup(azGroupNonMember); } catch (SqlAzManException) { storenonMember = null; } IAzManApplicationGroup appnonMember; try { appnonMember = application.GetApplicationGroup(azGroupNonMember); } catch (SqlAzManException) { appnonMember = null; } if (storenonMember != null) { applicationGroup.CreateApplicationGroupMember(storenonMember.SID, WhereDefined.Store, false); } else { applicationGroup.CreateApplicationGroupMember(appnonMember.SID, WhereDefined.Application, false); } } } //Application Group Members - Windows NT Account this.SetMessage(String.Format("Application Group: '{0}' Windows account Members", applicationGroup.Name)); object[] azApplicationGroupWindowsMembers = azApplicationGroup.Members as object[]; if (azApplicationGroupWindowsMembers != null) { foreach (string azApplicationWindowsMember in azApplicationGroupWindowsMembers) { IAzManSid sid = new SqlAzManSID(azApplicationWindowsMember); string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal); applicationGroup.CreateApplicationGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, true); } } //Application Group NonMembers - Windows NT Account this.SetMessage(String.Format("Application Group: '{0}' Windows account Non-Members", applicationGroup.Name)); object[] azApplicationGroupWindowsNonMembers = azApplicationGroup.NonMembers as object[]; if (azApplicationGroupWindowsNonMembers != null) { foreach (string azApplicationWindowsNonMember in azApplicationGroupWindowsNonMembers) { IAzManSid sid = new SqlAzManSID(azApplicationWindowsNonMember); string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal); applicationGroup.CreateApplicationGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, false); } } } } #endregion Application Groups //Without Scopes IAzTasks tasks = azApplication.Tasks as IAzTasks; if (tasks != null) { foreach (IAzTask azTask in tasks) { if (azTask.IsRoleDefinition == 1) { this.SetMessage(String.Format("Role: '{0}'", azTask.Name)); IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Role); } else { this.SetMessage(String.Format("Task: '{0}'", azTask.Name)); IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Task); } } } IAzOperations operations = azApplication.Operations as IAzOperations; if (operations != null) { foreach (IAzOperation azOperation in operations) { this.SetMessage(String.Format("Operation: '{0}'", azOperation.Name)); application.CreateItem(azOperation.Name, azOperation.Description, ItemType.Operation); } } //Build Item Hierarchy if (tasks != null) { foreach (IAzTask azTask in tasks) { this.SetMessage(String.Format("Task: '{0}'", azTask.Name)); this.SetHirearchy(null, azApplication, azTask.Name, application); } } //Scopes foreach (IAzScope azScope in azApplication.Scopes) { azApplication.OpenScope(azScope.Name, null); IAzTasks tasksOfScope = azScope.Tasks as IAzTasks; if (tasksOfScope != null) { foreach (IAzTask azTask in tasksOfScope) { if (azTask.IsRoleDefinition == 1) { this.SetMessage(String.Format("Role: '{0}'", azTask.Name)); IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Role); } else { this.SetMessage(String.Format("Task: '{0}'", azTask.Name)); IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Task); } } } //Build Item Hierarchy if (tasksOfScope != null) { foreach (IAzTask azTask in tasksOfScope) { this.SetMessage(String.Format("Task: '{0}'", azTask.Name)); this.SetHirearchy(azScope, azApplication, azTask.Name, application); } } } //Authorizations on Roles without Scopes AuthorizationType defaultAuthorization = AuthorizationType.AllowWithDelegation; IAzRoles azRoles = azApplication.Roles; foreach (IAzRole azRole in azRoles) { IAzManItem item; try { item = application.GetItem(azRole.Name); } catch (SqlAzManException) { item = null; } if (item == null) { item = application.CreateItem(azRole.Name, azRole.Description, ItemType.Role); } //Store & Application Groups Authorizations foreach (string member in (object[])azRole.AppMembers) { IAzManStoreGroup storeGroup; try { storeGroup = application.Store.GetStoreGroup(member); } catch (SqlAzManException) { storeGroup = null; } IAzManApplicationGroup applicationGroup; try { applicationGroup = application.GetApplicationGroup(member); } catch (SqlAzManException) { applicationGroup = null; } if (storeGroup != null) { item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, storeGroup.SID, WhereDefined.Store, defaultAuthorization, null, null); } else if (applicationGroup != null) { item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, applicationGroup.SID, WhereDefined.Application, defaultAuthorization, null, null); } } //Windows Users & Groups Authorizations foreach (string sSid in (object[])azRole.Members) { IAzManSid sid = new SqlAzManSID(sSid); string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal); item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, defaultAuthorization, null, null); } } //Authorizations on Roles with Scopes foreach (IAzScope azScope in azApplication.Scopes) { IAzRoles azRolesWithScopes = azScope.Roles; foreach (IAzRole azRole in azRolesWithScopes) { IAzManItem item; try { item = application.GetItem(azRole.Name); } catch (SqlAzManException) { item = null; } if (item == null) { item = application.CreateItem(azRole.Name, azRole.Description, ItemType.Role); } //Store & Application Groups Authorizations foreach (string member in (object[])azRole.AppMembers) { IAzManStoreGroup storeGroup; try { storeGroup = application.Store.GetStoreGroup(member); } catch (SqlAzManException) { storeGroup = null; } IAzManApplicationGroup applicationGroup; try { applicationGroup = application.GetApplicationGroup(member); } catch (SqlAzManException) { applicationGroup = null; } if (storeGroup != null) { item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, storeGroup.SID, WhereDefined.Store, defaultAuthorization, null, null); } else if (applicationGroup != null) { item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, applicationGroup.SID, WhereDefined.Application, defaultAuthorization, null, null); } } //Windows Users & Groups Authorizations foreach (string sSid in (object[])azRole.Members) { IAzManSid sid = new SqlAzManSID(sSid); string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal); item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, defaultAuthorization, null, null); } } } //try //{ // azstore.CloseApplication(azApplication.Name, 0); //} //catch //{ // //PorkAround: COM Is a mistery //} } #endregion Applications this.SetMessage(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg80")); if (storage.TransactionInProgress) { storage.CommitTransaction(); } } catch { if (storage.TransactionInProgress) { this.SetMessage(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg90")); storage.RollBackTransaction(); } throw; } finally { if (azstore != null) { this.SetMessage(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg100")); System.Runtime.InteropServices.Marshal.ReleaseComObject(azstore); azstore = null; } this.SetMessage(Globalization.MultilanguageResource.GetString("Done_Msg10")); } }