public bool TryLoadLDAPUsers()
{
try
{
if (!Settings.EnableLdapAuthentication)
{
return(false);
}
if (!LdapHelper.IsConnected)
{
LdapHelper.Connect();
}
var users = LdapHelper.GetUsers();
foreach (var user in users)
{
if (string.IsNullOrEmpty(user.Sid))
{
AllSkipedDomainUsers.Add(user, LdapSettingsStatus.WrongSidAttribute);
continue;
}
if (!CheckLoginAttribute(user, Settings.LoginAttribute))
{
AllSkipedDomainUsers.Add(user, LdapSettingsStatus.WrongLoginAttribute);
continue;
}
if (!Settings.GroupMembership)
{
AllDomainUsers.Add(user);
continue;
}
if (!Settings.UserAttribute.Equals(LdapConstants.RfcLDAPAttributes.DN,
StringComparison.InvariantCultureIgnoreCase) && !CheckUserAttribute(user, Settings.UserAttribute))
{
AllSkipedDomainUsers.Add(user, LdapSettingsStatus.WrongUserAttribute);
continue;
}
AllDomainUsers.Add(user);
}
if (AllDomainUsers.Any())
{
PrimaryGroupId = AllDomainUsers.First().GetValue(LdapConstants.ADSchemaAttributes.PRIMARY_GROUP_ID) as string;
}
return(AllDomainUsers.Any() || !users.Any());
}
catch (ArgumentException)
{
_log.ErrorFormat("TryLoadLDAPUsers(): Incorrect filter. userFilter = {0}", Settings.UserFilter);
}
return(false);
}
public List <Tuple <UserInfo, LdapObject> > FindLdapUsers(string login)
{
var listResults = new List <Tuple <UserInfo, LdapObject> >();
var ldapLogin = LdapLogin.ParseLogin(login);
if (ldapLogin == null)
{
return(listResults);
}
if (!LdapHelper.IsConnected)
{
LdapHelper.Connect();
}
var exps = new List <Expression> {
Expression.Equal(Settings.LoginAttribute, ldapLogin.Username)
};
if (!ldapLogin.Username.Equals(login) && ldapLogin.ToString().Equals(login))
{
exps.Add(Expression.Equal(Settings.LoginAttribute, login));
}
string email = null;
if (!string.IsNullOrEmpty(Settings.MailAttribute) && !string.IsNullOrEmpty(ldapLogin.Domain) && login.Contains("@"))
{
email = ldapLogin.ToString();
exps.Add(Expression.Equal(Settings.MailAttribute, email));
}
var searchTerm = exps.Count > 1 ? Criteria.Any(exps.ToArray()).ToString() : exps.First().ToString();
var users = LdapHelper.GetUsers(searchTerm, !string.IsNullOrEmpty(email) ? -1 : 1)
.Where(user => user != null)
.ToLookup(lu =>
{
var ui = Constants.LostUser;
try
{
if (string.IsNullOrEmpty(_ldapDomain))
{
_ldapDomain = LdapUtils.DistinguishedNameToDomain(lu.DistinguishedName);
}
ui = lu.ToUserInfo(this, _log);
}
catch (Exception ex)
{
_log.ErrorFormat("FindLdapUser->ToUserInfo() failed. Error: {0}", ex.ToString());
}
return(Tuple.Create(ui, lu));
});
if (!users.Any())
{
return(listResults);
}
foreach (var user in users)
{
var ui = user.Key.Item1;
if (ui.Equals(Constants.LostUser))
{
continue;
}
var ul = user.Key.Item2;
var ldapLoginAttribute = ul.GetValue(Settings.LoginAttribute) as string;
if (string.IsNullOrEmpty(ldapLoginAttribute))
{
_log.WarnFormat("LDAP: DN: '{0}' Login Attribute '{1}' is empty", ul.DistinguishedName, Settings.LoginAttribute);
continue;
}
if (ldapLoginAttribute.Equals(login))
{
listResults.Add(user.Key);
continue;
}
if (!string.IsNullOrEmpty(email))
{
if (ui.Email.Equals(email, StringComparison.InvariantCultureIgnoreCase))
{
listResults.Add(user.Key);
continue;
}
}
if (LdapUtils.IsLoginAccepted(ldapLogin, ui, LDAPDomain))
{
listResults.Add(user.Key);
}
}
return(listResults);
}
