public static byte CheckSettings(LDAPSupportSettings settings, LDAPUserImporter importer) { if (!settings.EnableLdapAuthentication) { return(OPERATION_OK); } string password; try { password = new UnicodeEncoding().GetString(InstanceCrypto.Decrypt(settings.PasswordBytes)); } catch { password = string.Empty; } try { if (settings.Authentication) { CheckCredentials(settings.Login, password, settings.Server, settings.PortNumber); } if (!CheckServerAndPort(settings.Server, settings.PortNumber, settings.Authentication, settings.Login, password)) { return(WRONG_SERVER_OR_PORT); } } catch (DirectoryServicesCOMException) { return(CREDENTIALS_NOT_VALID); } catch (COMException) { return(WRONG_SERVER_OR_PORT); } if (!CheckUserDN(settings.UserDN, settings.Server, settings.PortNumber, settings.Authentication, settings.Login, password)) { return(WRONG_USER_DN); } try { importer.AllDomainUsers = GetUsersByAttributes(settings); } catch (ArgumentException) { _log.ErrorFormat("Incorrect filter. userFilter = {0}", settings.UserFilter); return(INCORRECT_LDAP_FILTER); } if (importer.AllDomainUsers == null || importer.AllDomainUsers.Count == 0) { _log.ErrorFormat("Any user is not found. userDN = {0}", settings.UserDN); return(USERS_NOT_FOUND); } if (!CheckLoginAttribute(importer.AllDomainUsers[0], settings.LoginAttribute)) { return(WRONG_LOGIN_ATTRIBUTE); } if (settings.GroupMembership) { if (!CheckGroupDNAndGroupName(settings.GroupDN, settings.GroupName, settings.Server, settings.PortNumber, settings.Authentication, settings.Login, password)) { return(WRONG_GROUP_DN_OR_GROUP_NAME); } importer.DomainGroups = GetGroupsByParameter(settings); if (importer.DomainGroups == null || importer.DomainGroups.Count == 0) { return(GROUPS_NOT_FOUND); } if (!CheckGroupAttribute(importer.DomainGroups[0], settings.GroupAttribute)) { return(WRONG_GROUP_ATTRIBUTE); } if (!CheckUserAttribute(importer.AllDomainUsers[0], settings.UserAttribute)) { return(WRONG_USER_ATTRIBUTE); } } return(OPERATION_OK); }
public static bool TryLdapAuth(string login, string password) { if (!SetupInfo.IsVisibleSettings(ManagementType.LdapSettings.ToString())) { return false; } var settings = SettingsManager.Instance.LoadSettings<LDAPSupportSettings>(TenantProvider.CurrentTenantID); if (!settings.EnableLdapAuthentication) { return false; } try { var importer = new LDAPUserImporter(); try { ADDomain.CheckCredentials(login, password, settings.Server, settings.PortNumber); } catch (Exception) { return false; } var sid = importer.GetSidOfCurrentUser(login, settings); if (sid == null) { return false; } importer.GetDiscoveredGroupsByAttributes(settings); var userInfo = CoreContext.UserManager.GetUserBySid( "l" + sid); if (userInfo == ASC.Core.Users.Constants.LostUser) { userInfo = CoreContext.UserManager.GetUserBySid(sid); if (userInfo == ASC.Core.Users.Constants.LostUser) { userInfo = importer.GetDiscoveredUser(settings, sid); if (userInfo == ASC.Core.Users.Constants.LostUser) { return false; } try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); if (TenantStatisticsProvider.GetUsersCount() < TenantExtra.GetTenantQuota().ActiveUsers) { userInfo = UserManagerWrapper.AddUser(userInfo, UserManagerWrapper.GeneratePassword(), true, false); } else { userInfo = UserManagerWrapper.AddUser(userInfo, UserManagerWrapper.GeneratePassword(), true, false, true); } importer.AddUserIntoGroups(userInfo, settings); importer.AddUserInCacheGroups(userInfo); } finally { SecurityContext.Logout(); } } } else { if (importer.GetDiscoveredUser(settings, sid) == ASC.Core.Users.Constants.LostUser) { return false; } userInfo.Sid = sid; try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); if (TenantStatisticsProvider.GetUsersCount() < TenantExtra.GetTenantQuota().ActiveUsers) { userInfo = UserManagerWrapper.AddUser(userInfo, UserManagerWrapper.GeneratePassword(), true, false); } else { userInfo = UserManagerWrapper.AddUser(userInfo, UserManagerWrapper.GeneratePassword(), true, false, true); } } finally { SecurityContext.Logout(); } } var cookiesKey = SecurityContext.AuthenticateMe(userInfo.ID); CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey); return true; } catch (Exception e) { ADDomain.LogError(e.Message); return false; } }
public abstract byte CheckSettings(LDAPSupportSettings settings, LDAPUserImporter importer, bool acceptCertificate = false);
public static byte CheckSettings(LDAPSupportSettings settings, LDAPUserImporter importer) { if (!settings.EnableLdapAuthentication) { return OPERATION_OK; } string password; try { password = new UnicodeEncoding().GetString(InstanceCrypto.Decrypt(settings.PasswordBytes)); } catch { password = string.Empty; } try { if (settings.Authentication) { CheckCredentials(settings.Login, password, settings.Server, settings.PortNumber); } if (!CheckServerAndPort(settings.Server, settings.PortNumber, settings.Authentication, settings.Login, password)) { return WRONG_SERVER_OR_PORT; } } catch (DirectoryServicesCOMException) { return CREDENTIALS_NOT_VALID; } catch (COMException) { return WRONG_SERVER_OR_PORT; } if (!CheckUserDN(settings.UserDN, settings.Server, settings.PortNumber, settings.Authentication, settings.Login, password)) { return WRONG_USER_DN; } try { importer.AllDomainUsers = GetUsersByAttributes(settings); } catch (ArgumentException) { _log.ErrorFormat("Incorrect filter. userFilter = {0}", settings.UserFilter); return INCORRECT_LDAP_FILTER; } if (importer.AllDomainUsers == null || importer.AllDomainUsers.Count == 0) { _log.ErrorFormat("Any user is not found. userDN = {0}", settings.UserDN); return USERS_NOT_FOUND; } if (!CheckLoginAttribute(importer.AllDomainUsers[0], settings.LoginAttribute)) { return WRONG_LOGIN_ATTRIBUTE; } if (settings.GroupMembership) { if (!CheckGroupDNAndGroupName(settings.GroupDN, settings.GroupName, settings.Server, settings.PortNumber, settings.Authentication, settings.Login, password)) { return WRONG_GROUP_DN_OR_GROUP_NAME; } importer.DomainGroups = GetGroupsByParameter(settings); if (importer.DomainGroups == null || importer.DomainGroups.Count == 0) { return GROUPS_NOT_FOUND; } if (!CheckGroupAttribute(importer.DomainGroups[0], settings.GroupAttribute)) { return WRONG_GROUP_ATTRIBUTE; } if (!CheckUserAttribute(importer.AllDomainUsers[0], settings.UserAttribute)) { return WRONG_USER_ATTRIBUTE; } } return OPERATION_OK; }