public static void DeleteGroup(string identity) { Console.WriteLine($"Deleting Group [{identity}]"); DirectoryServices.DeleteGroup(identity); GroupPrincipalObject gpo = DirectoryServices.GetGroup(identity, false, false, false); Assert.That(gpo, Is.Null); }
public void Core_GroupNotFound() { // Get Group That Does Not Exist String groupName = $"testgroup_{Utility.GenerateToken( 8 )}"; String groupDistinguishedName = $"CN={groupName},{workspaceName}"; Console.WriteLine($"Getting Group [{groupName}] Which Should Not Exist."); GroupPrincipalObject group = DirectoryServices.GetGroup(groupName, true, true, true); Assert.That(group, Is.Null); Console.WriteLine($"Getting Group Principal [{groupName}] Which Should Not Exist."); GroupPrincipal gp = DirectoryServices.GetGroupPrincipal(groupDistinguishedName); Assert.That(gp, Is.Null); }
public void Core_GroupManagementTestSuccess() { // Add User To Group UserPrincipal user = Utility.CreateUser(workspaceName); UserPrincipalObject upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false); int beforeCount = upo.Groups.Count; Console.WriteLine($"Adding User [{user.Name}] To Group [{group.Name}]."); DirectoryServices.AddUserToGroup(user.DistinguishedName, group.DistinguishedName); upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false); int afterCount = upo.Groups.Count; Assert.That(afterCount, Is.EqualTo(beforeCount + 1)); // Remove User From Group beforeCount = afterCount; Console.WriteLine($"Removing User [{user.Name}] From Group [{group.Name}]."); DirectoryServices.RemoveUserFromGroup(user.DistinguishedName, group.DistinguishedName); upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false); afterCount = upo.Groups.Count; Assert.That(afterCount, Is.EqualTo(beforeCount - 1)); // Delete User Utility.DeleteUser(user.DistinguishedName); // Add Group To Group GroupPrincipal newGroup = Utility.CreateGroup(workspaceName); GroupPrincipalObject gpo = DirectoryServices.GetGroup(newGroup.DistinguishedName, true, false, false); beforeCount = gpo.Groups.Count; Console.WriteLine($"Adding Group [{newGroup.Name}] To Group [{group.Name}]."); DirectoryServices.AddGroupToGroup(newGroup.DistinguishedName, group.DistinguishedName); gpo = DirectoryServices.GetGroup(newGroup.DistinguishedName, true, false, false); afterCount = gpo.Groups.Count; Assert.That(afterCount, Is.EqualTo(beforeCount + 1)); // Remove Group From Group beforeCount = afterCount; Console.WriteLine($"Removing Group [{newGroup.Name}] From Group [{group.Name}]."); DirectoryServices.RemoveGroupFromGroup(newGroup.DistinguishedName, group.DistinguishedName); gpo = DirectoryServices.GetGroup(newGroup.DistinguishedName, true, false, false); afterCount = gpo.Groups.Count; Assert.That(afterCount, Is.EqualTo(beforeCount - 1)); // Delete Groups Utility.DeleteGroup(newGroup.DistinguishedName); }
private object GetActiveDirectoryObject(AdObject obj) { switch (obj.Type) { case AdObjectType.User: AdUser user = (AdUser)obj; UserPrincipalObject upo = null; upo = DirectoryServices.GetUser(user.Identity, config.ReturnGroupMembership, config.ReturnAccessRules, config.ReturnObjectProperties); if (upo == null) { throw new AdException($"User [{user.Identity}] Was Not Found.", AdStatusType.DoesNotExist); } return(upo); case AdObjectType.Group: AdGroup group = (AdGroup)obj; GroupPrincipalObject gpo = null; gpo = DirectoryServices.GetGroup(group.Identity, config.ReturnGroupMembership, config.ReturnAccessRules, config.ReturnObjectProperties); if (gpo == null) { throw new AdException($"Group [{group.Identity}] Was Not Found.", AdStatusType.DoesNotExist); } return(gpo); case AdObjectType.OrganizationalUnit: AdOrganizationalUnit ou = (AdOrganizationalUnit)obj; OrganizationalUnitObject ouo = null; ouo = DirectoryServices.GetOrganizationalUnit(ou.Identity, config.ReturnAccessRules, config.ReturnObjectProperties); if (ouo == null) { throw new AdException($"Organizational Unit [{ou.Identity}] Was Not Found.", AdStatusType.DoesNotExist); } return(ouo); default: throw new AdException("Action [" + config.Action + "] Not Implemented For Type [" + obj.Type + "]", AdStatusType.NotSupported); } }
public void Handler_GroupManagementTestsSuccess() { Dictionary <string, string> parameters = new Dictionary <string, string>(); // Users UserPrincipal user = Utility.CreateUser(workspaceName); UserPrincipalObject upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false); int initialCount = upo.Groups.Count; // Add User To Group Console.WriteLine($"Adding User [{user.Name}] To Group [{targetGroup.Name}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("identity", user.DistinguishedName); parameters.Add("memberof", targetGroup.DistinguishedName); ActiveDirectoryHandlerResults result = Utility.CallPlan("AddUserToGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.Groups.Count, Is.EqualTo(initialCount + 1)); // Remove User From Group Console.WriteLine($"Removing User [{user.Name}] From Group [{targetGroup.Name}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("identity", user.DistinguishedName); parameters.Add("memberof", targetGroup.DistinguishedName); result = Utility.CallPlan("RemoveUserFromGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.Groups.Count, Is.EqualTo(initialCount)); Utility.DeleteUser(user.DistinguishedName); // Groups GroupPrincipal group = Utility.CreateGroup(workspaceName); GroupPrincipalObject gpo = DirectoryServices.GetGroup(group.DistinguishedName, true, false, false); initialCount = gpo.Groups.Count; // Add Group To Group Console.WriteLine($"Adding Group [{group.Name}] To Group [{targetGroup.Name}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("identity", group.DistinguishedName); parameters.Add("memberof", targetGroup.DistinguishedName); result = Utility.CallPlan("AddGroupToGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.Groups.Count, Is.EqualTo(initialCount + 1)); // Remove Group From Group Console.WriteLine($"Removing Group [{group.Name}] From Group [{targetGroup.Name}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("identity", group.DistinguishedName); parameters.Add("memberof", targetGroup.DistinguishedName); result = Utility.CallPlan("RemoveGroupFromGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.Groups.Count, Is.EqualTo(initialCount)); Utility.DeleteGroup(group.DistinguishedName); }
public void Core_GroupTestSuccess() { // Get Group By Distinguished Name Console.WriteLine($"Getting Group By DisginguishedName : [{group.DistinguishedName}]"); GroupPrincipalObject gpo = DirectoryServices.GetGroup(group.DistinguishedName, true, true, true); Assert.That(gpo.DistinguishedName, Is.EqualTo(group.DistinguishedName)); String groupName = gpo.Name; String groupSamAccountName = gpo.SamAccountName; Guid? groupGuid = gpo.Guid; String groupSid = gpo.Sid; // Get Group By Name Console.WriteLine($"Getting Group By Name: [{groupName}]"); gpo = DirectoryServices.GetGroup(groupName, true, true, true); Assert.That(gpo.Name, Is.EqualTo(groupName)); // Get Group By SamAccountName Console.WriteLine($"Getting Group By SamAccountName : [{groupSamAccountName}]"); gpo = DirectoryServices.GetGroup(groupSamAccountName, true, true, true); Assert.That(gpo.SamAccountName, Is.EqualTo(groupSamAccountName)); // Get Group By Guid Console.WriteLine($"Getting Group By Guid : [{groupGuid}]"); gpo = DirectoryServices.GetGroup(groupGuid.ToString(), true, true, true); Assert.That(gpo.Guid, Is.EqualTo(groupGuid)); // Get Group By Sid Console.WriteLine($"Getting Group By Sid : [{groupSid}]"); gpo = DirectoryServices.GetGroup(groupSid, true, true, true); Assert.That(gpo.Sid, Is.EqualTo(groupSid)); // Modify Group Console.WriteLine($"Modifying Group : [{groupName}]"); GroupPrincipal gp = DirectoryServices.GetGroupPrincipal(groupName); gp.DisplayName = "Unit Test Group"; gp.Description = "Unit Test Description"; DirectoryServices.SaveGroup(gp); gpo = DirectoryServices.GetGroup(groupName, false, false, false); Assert.That(gpo.DisplayName, Is.EqualTo("Unit Test Group")); Assert.That(gpo.Description, Is.EqualTo("Unit Test Description")); // Create AccessUser For AccessRule Tests (Below) UserPrincipal accessRuleUser = Utility.CreateUser(workspaceName); int ruleCount = DirectoryServices.GetAccessRules(group).Count; // Add Access Rule To Group Console.WriteLine($"Adding AccessRule For User [{accessRuleUser.Name}] To Group [{group.Name}]."); DirectoryServices.AddAccessRule(group, accessRuleUser, ActiveDirectoryRights.GenericRead, System.Security.AccessControl.AccessControlType.Allow, ActiveDirectorySecurityInheritance.None); int newRuleCount = DirectoryServices.GetAccessRules(group).Count; Assert.That(newRuleCount, Is.GreaterThan(ruleCount)); // Removing Access Rule From Group Console.WriteLine($"Removing AccessRule For User [{accessRuleUser.Name}] From Group [{group.Name}]."); DirectoryServices.DeleteAccessRule(group, accessRuleUser, ActiveDirectoryRights.GenericRead, System.Security.AccessControl.AccessControlType.Allow, ActiveDirectorySecurityInheritance.None); newRuleCount = DirectoryServices.GetAccessRules(group).Count; Assert.That(newRuleCount, Is.EqualTo(ruleCount)); // Seting Access Rule From Group Console.WriteLine($"Setting AccessRule For User [{accessRuleUser.Name}] On Group [{group.Name}]."); DirectoryServices.SetAccessRule(group, accessRuleUser, ActiveDirectoryRights.GenericRead, System.Security.AccessControl.AccessControlType.Allow, ActiveDirectorySecurityInheritance.None); newRuleCount = DirectoryServices.GetAccessRules(group).Count; Assert.That(newRuleCount, Is.GreaterThan(ruleCount)); // Purge Access Rule From Group Console.WriteLine($"Purging AccessRules For User [{accessRuleUser.Name}] From Group [{group.Name}]."); DirectoryServices.PurgeAccessRules(group, accessRuleUser); newRuleCount = DirectoryServices.GetAccessRules(group).Count; Assert.That(newRuleCount, Is.EqualTo(ruleCount)); // Delete AccessRule User Utility.DeleteUser(accessRuleUser.DistinguishedName); }