public static UserInfo GetUniqueFirstNameLastName(UserInfo userInfo, PrincipalContext root)
{
//Search if there are already users with same first and last name
var up = new UserPrincipal(root)
{
Surname = string.Format("*{0}*", userInfo.LastName),
GivenName = string.Format("*{0}*", userInfo.FirstName)
};
var safeFirstName = RemoveChars(userInfo.FirstName);
var safeLastName = RemoveChars(userInfo.LastName);
var ps = new PrincipalSearcher(up);
var srcCount = ps.FindAll().Count();
var firstNameLast = string.Format("{0} {1}", safeFirstName, safeLastName);
if (srcCount < 1)
{
userInfo.SamName = firstNameLast;
if (firstNameLast.Length > 20)
{
userInfo.SamName = firstNameLast.Substring(0, 20);
}
}
else
{
var firstNameLastNameCount = string.Format("{0} {1}{2}", safeFirstName, safeLastName, srcCount);
if (firstNameLastNameCount.Length > 20)
{
var byHowMuch = firstNameLastNameCount.Length - 20;
firstNameLast = firstNameLast.Substring(0, firstNameLast.Length - byHowMuch);
userInfo.SamName = string.Format("{0}{1}", firstNameLast, srcCount);
}
else
{
userInfo.SamName = firstNameLastNameCount;
}
userInfo.LastName = string.Format("{0}{1}", userInfo.LastName, srcCount);
}
return userInfo;
}
public AccountStatus CreateNewLdapAccount(UserInfo userInfo, out string errorText, bool pswdPolicyChk = false)
{
errorText = string.Empty;
if (LdapHelper.LdapAccountExists(userInfo, RootPrincipal))
{
return AccountStatus.AccountAlreadyExists;
}
try
{
userInfo.FirstName = LdapHelper.EscapeChars(userInfo.FirstName);
userInfo.LastName = LdapHelper.EscapeChars(userInfo.LastName);
var preNewUserInfo = LdapHelper.GetUniqueFirstNameLastName(userInfo, RootPrincipal);
var newUser = new UserPrincipal(RootPrincipal)
{
SamAccountName = preNewUserInfo.SamName,
DisplayName = String.Format("{0} {1}", preNewUserInfo.FirstName, preNewUserInfo.LastName),
Surname = preNewUserInfo.LastName,
GivenName = preNewUserInfo.FirstName,
UserPrincipalName = preNewUserInfo.Email,
EmailAddress = preNewUserInfo.Email,
};
if (!String.IsNullOrEmpty(userInfo.Password))
{
newUser.Enabled = true;
newUser.PasswordNeverExpires = true;
newUser.SetPassword(userInfo.Password);
}
else
{
newUser.ExpirePasswordNow();
}
newUser.Save();
return AccountStatus.NewAccount;
}
catch (Exception ex)
{
errorText = String.Format("Exception creating LDAP account for {0} with exception {1}", userInfo.Email, ex.Message);
return AccountStatus.AccountCreationFailed;
}
}
public void Ldap_Tests_CreateNewAccount()
{
var oldUserInfo = new UserInfo
{
Email = "*****@*****.**",
FirstName = "00003",
LastName = "00003",
Password = "******"
};
var newUserInfo = new UserInfo
{
Email = "*****@*****.**",
FirstName = "00017",
LastName = "00017",
Password = "******"
};
_ldapAuthentication.UpdateLdapAccount(oldUserInfo, newUserInfo);
}
public bool VerifyUserCredentials(UserInfo userInfo, string password)
{
var isValidUser = _rootPrincipal.ValidateCredentials(userInfo.Email, password);
return isValidUser;
}
public string UpdateLdapAccount(UserInfo oldUserInfo, UserInfo newUserInfo)
{
var user = LdapHelper.GetLdapUser(oldUserInfo, RootPrincipal);
try
{
if (user != null)
{
var preNewUserInfo = newUserInfo;
preNewUserInfo.SamName = user.SamAccountName;
if (newUserInfo.FirstName.ToLower() != user.GivenName.ToLower() || newUserInfo.LastName.ToLower() != user.Surname.ToLower())
{
preNewUserInfo = LdapHelper.GetUniqueFirstNameLastName(newUserInfo, RootPrincipal);
}
using (DirectoryEntry entry = (DirectoryEntry) user.GetUnderlyingObject())
{
entry.InvokeSet("sAMAccountName", preNewUserInfo.SamName);
entry.InvokeSet("sn", preNewUserInfo.LastName);
entry.InvokeSet("givenName", preNewUserInfo.FirstName);
entry.InvokeSet("userPrincipalName", preNewUserInfo.Email);
if (!String.IsNullOrEmpty(newUserInfo.Password))
{
entry.Invoke("SetPassword", new object[] { newUserInfo.Password });
}
entry.InvokeSet("displayName", preNewUserInfo.SamName);
entry.InvokeSet("mail", preNewUserInfo.Email);
entry.CommitChanges();
entry.Rename("CN=" + preNewUserInfo.SamName);
entry.CommitChanges();
}
//user.SamAccountName = preNewUserInfo.SamName;
//user.DisplayName = String.Format("{0} {1}", preNewUserInfo.FirstName, newUserInfo.LastName);
//user.Surname = preNewUserInfo.LastName;
//user.GivenName = preNewUserInfo.FirstName;
//user.UserPrincipalName = preNewUserInfo.Email;
//user.EmailAddress = preNewUserInfo.Email;
//if (!String.IsNullOrEmpty(newUserInfo.Password))
//{
// user.Enabled = true;
// user.PasswordNeverExpires = true;
// user.SetPassword(newUserInfo.Password);
//}
//user.Save();
return string.Empty;
}
return string.Empty;
}
catch (Exception ex)
{
var error = String.Format("Exception updating email address for {0} to {1} - {2}", oldUserInfo.Email, newUserInfo.Email, ex.Message);
return error;
}
}
public string SetLdapAccountPassword(UserInfo userInfo, string passWord)
{
var user = LdapHelper.GetLdapUser(userInfo, RootPrincipal);
try
{
if (user != null)
{
user.Enabled = true;
user.PasswordNeverExpires = true;
user.SetPassword(passWord);
user.Save();
return string.Empty;
}
return string.Empty;
}
catch (Exception ex)
{
var error = String.Format("Exception setting password for {0} with exception {1}", userInfo.Email, ex.Message);
return error;
}
}
public void RemoveLdapAccount(UserInfo userInfo)
{
var user = LdapHelper.GetLdapUser(userInfo, RootPrincipal);
if (user != null)
{
user.Delete();
}
}
public bool IsUserExists(UserInfo userInfo)
{
var user = LdapHelper.GetLdapUser(userInfo, RootPrincipal);
return user != null;
}
public UserPrincipal GetUser(UserInfo userInfo)
{
var user = LdapHelper.GetLdapUser(userInfo, RootPrincipal);
return user;
}
public static bool LdapAccountExists(UserInfo userInfo, PrincipalContext root)
{
var user = GetLdapUser(userInfo, root);
return user != null;
}
public static UserPrincipal GetLdapUser(UserInfo userInfo, PrincipalContext root)
{
var user = UserPrincipal.FindByIdentity(root, IdentityType.UserPrincipalName, userInfo.Email);
return user;
}
