/// <summary> /// Get users within a group. /// </summary> /// <param name="group">Group to test.</param> /// <param name="recursive">Recursively search children.</param> /// <returns>Collection of users of group.</returns> public IEnumerable <Principal> GetUsersForGroup(string group, bool recursive = true) { // Loop to re-attempt. for (int attempt = 0; attempt < this.Config.MaxAttempts; attempt++) { // Get new principal context. var context = this.GetPrincipalContext(attempt); try { // Get group object. var groupPrincipal = GroupPrincipal.FindByIdentity(context, this.Config.IdentityType, group); // If group doesn't exist, return empty list. if (groupPrincipal == null) { return(Enumerable.Empty <Principal>()); } // Get and process results. var users = new List <Principal>(); var principalResults = groupPrincipal.GetMembers(recursive); foreach (Principal user in principalResults) { if (user != null) { // Add valid user object to results. users.Add(user); } } return(users); } catch (Exception ex) { // If it is a server down exception, catch it. Otherwise, rethrow. if (ex is PrincipalServerDownException || ex is ActiveDirectoryServerDownException) { // Determine IP of connected server and record failure if known. IPAddress serverIP = null; if (IPAddress.TryParse(context.ConnectedServer, out serverIP)) { this.Dns.RecordFailure(this.Config.Server, serverIP); } } else { throw; } } } // If we've reached this point, number of loop attempts have been exhausted because of caught PrincipalServerDownExceptions. Throw exception. var pe = new PrincipalServerDownException(this.Config.Server); throw pe; }
/// <summary> /// Find all users whose e-mail address matches the given string. /// </summary> /// <param name="email">E-mail address (full or partial) to match.</param> /// <param name="pageIndex">Zero-based index of page to return, or null for all results.</param> /// <param name="pageSize">Number of items per page to return, or null for all results.</param> /// <param name="sortOrder">Sort order for results, or null to sort by configuration IdentityType.</param> /// <returns>Collection of all users.</returns> public IEnumerable <Principal> FindUsersByEmail(string email, int?pageIndex = null, int?pageSize = null, Nullable <IdentityType> sortOrder = null) { // Ensure search criteria was specified. if (String.IsNullOrWhiteSpace(email)) { throw new ArgumentException("Invalid search criteria specified."); } // Loop to re-attempt. for (int attempt = 0; attempt < this.Config.MaxAttempts; attempt++) { // Get new principal context. var context = this.GetPrincipalContext(attempt); try { // Get user principal. var userPrincipal = new UserPrincipal(context); // Set user principal to search. Pad with asterisks. userPrincipal.EmailAddress = "*" + email + "*"; return(this.GetAllPrincipals(userPrincipal, pageIndex, pageSize, sortOrder)); } catch (Exception ex) { // If it is a server down exception, catch it. Otherwise, rethrow. if (ex is PrincipalServerDownException || ex is ActiveDirectoryServerDownException) { // Determine IP of connected server and record failure if known. IPAddress serverIP = null; if (IPAddress.TryParse(context.ConnectedServer, out serverIP)) { this.Dns.RecordFailure(this.Config.Server, serverIP); } } else { throw; } } } // If we've reached this point, number of loop attempts have been exhausted because of caught PrincipalServerDownExceptions. Throw exception. var pe = new PrincipalServerDownException(this.Config.Server); throw pe; }
/// <summary> /// Validate that user is authorized. /// </summary> /// <param name="username">Username to check.</param> /// <param name="password">Password to check.</param> /// <returns>True/false if user can be validated.</returns> public bool ValidateUser(string username, string password) { // Loop to re-attempt. for (int attempt = 0; attempt < this.Config.MaxAttempts; attempt++) { // Get new principal context. var context = this.GetPrincipalContext(attempt); try { // Get group. var validCredentials = context.ValidateCredentials(username, password); return(validCredentials); } catch (Exception ex) { // If it is a server down exception, catch it. Otherwise, rethrow. if (ex is PrincipalServerDownException || ex is ActiveDirectoryServerDownException) { // Determine IP of connected server and record failure if known. IPAddress serverIP = null; if (IPAddress.TryParse(context.ConnectedServer, out serverIP)) { this.Dns.RecordFailure(this.Config.Server, serverIP); } } else { throw; } } } // If we've reached this point, number of loop attempts have been exhausted because of caught PrincipalServerDownExceptions. Throw exception. var pe = new PrincipalServerDownException(this.Config.Server); throw pe; }
/// <summary> /// Get all groups. /// </summary> /// <param name="pageIndex">Zero-based index of page to return, or null for all results.</param> /// <param name="pageSize">Number of items per page to return, or null for all results.</param> /// <param name="sortOrder">Sort order for results, or null to sort by configuration IdentityType.</param> /// <returns>Collection of all groups.</returns> public IEnumerable <Principal> GetAllGroups(int?pageIndex = null, int?pageSize = null, IdentityType?sortOrder = null) { // Loop to re-attempt. for (int attempt = 0; attempt < this.Config.MaxAttempts; attempt++) { // Get new principal context. var context = this.GetPrincipalContext(attempt); try { // Get group principal. var groupPrincipal = new GroupPrincipal(context); return(this.GetAllPrincipals(groupPrincipal, pageIndex, pageSize, sortOrder)); } catch (Exception ex) { // If it is a server down exception, catch it. Otherwise, rethrow. if (ex is PrincipalServerDownException || ex is ActiveDirectoryServerDownException) { // Determine IP of connected server and record failure if known. IPAddress serverIP = null; if (IPAddress.TryParse(context.ConnectedServer, out serverIP)) { this.Dns.RecordFailure(this.Config.Server, serverIP); } } else { throw; } } } // If we've reached this point, number of loop attempts have been exhausted because of caught PrincipalServerDownExceptions. Throw exception. var pe = new PrincipalServerDownException(this.Config.Server); throw pe; }
/// <summary> /// Load the listed group. /// </summary> /// <param name="group">Group to load.</param> /// <returns>Object representing group or null if doesn't exist.</returns> public GroupPrincipal GetGroup(string group) { // Loop to re-attempt. for (int attempt = 0; attempt < this.Config.MaxAttempts; attempt++) { // Get new principal context. var context = this.GetPrincipalContext(attempt); try { // Get group. var groupPrincipal = GroupPrincipal.FindByIdentity(context, this.Config.IdentityType, group); return(groupPrincipal); } catch (Exception ex) { // If it is a server down exception, catch it. Otherwise, rethrow. if (ex is PrincipalServerDownException || ex is ActiveDirectoryServerDownException) { // Determine IP of connected server and record failure if known. IPAddress serverIP = null; if (IPAddress.TryParse(context.ConnectedServer, out serverIP)) { this.Dns.RecordFailure(this.Config.Server, serverIP); } } else { throw; } } } // If we've reached this point, number of loop attempts have been exhausted because of caught PrincipalServerDownExceptions. Throw exception. var pe = new PrincipalServerDownException(this.Config.Server); throw pe; }
/// <summary> /// Get list of groups for this user is a member. /// </summary> /// <param name="username">Username to check.</param> /// <param name="recursive">Recursive search for groups.</param> /// <returns>Collection of groups for which this user is a member.</returns> public IEnumerable <Principal> GetGroupsForUser(string username, bool recursive = true) { // Loop to re-attempt. for (int attempt = 0; attempt < this.Config.MaxAttempts; attempt++) { // Get new principal context. var context = this.GetPrincipalContext(attempt); try { // Get user object. var userPrincipal = UserPrincipal.FindByIdentity(context, this.Config.IdentityType, username); // If user doesn't exist, return empty list. if (userPrincipal == null) { return(Enumerable.Empty <Principal>()); } // Get and process results. var groups = new List <Principal>(); PrincipalSearchResult <Principal> principalResults; // Depending on values, perform direct or recursive search. if (recursive) { principalResults = userPrincipal.GetAuthorizationGroups(); } else { principalResults = userPrincipal.GetGroups(); } // Use group enumerator to loop because of issues with errors on sometimes-returned invalid SIDs. // See: http://social.msdn.microsoft.com/Forums/en/csharpgeneral/thread/9dd81553-3539-4281-addd-3eb75e6e4d5d var groupEnum = principalResults.GetEnumerator(); while (groupEnum.MoveNext()) { Principal group = null; try { group = groupEnum.Current; if (group != null) { // Add group object to results. groups.Add(group); } } catch (PrincipalOperationException) { continue; } } return(groups); } catch (Exception ex) { // If it is a server down exception, catch it. Otherwise, rethrow. if (ex is PrincipalServerDownException || ex is ActiveDirectoryServerDownException) { // Determine IP of connected server and record failure if known. IPAddress serverIP = null; if (IPAddress.TryParse(context.ConnectedServer, out serverIP)) { this.Dns.RecordFailure(this.Config.Server, serverIP); } } else { throw; } } } // If we've reached this point, number of loop attempts have been exhausted because of caught PrincipalServerDownExceptions. Throw exception. var pe = new PrincipalServerDownException(this.Config.Server); throw pe; }