/// <summary>
/// This method removes an existing AD group
/// </summary>
/// <param name="group_identity"></param>
/// <returns></returns>
public MSActorReturnMessageModel RemoveADGroup(string group_identity)
{
UtilityController util = new UtilityController();
try
{
using (PowerShell powershell = PowerShell.Create())
{
PSCommand command = new PSCommand();
command.AddCommand("Remove-ADGroup");
command.AddParameter("identity", group_identity);
command.AddParameter("confirm", false);
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
MSActorReturnMessageModel successMessage = new MSActorReturnMessageModel(SuccessCode, "");
return(successMessage);
}
}
catch (Exception e)
{
if (!e.Message.Contains(cantFindObjectError))
{
return(util.ReportError(e));
}
return(util.ReportHiddenError(e));
}
}
public MSActorReturnMessageModel NewDirectory(string computername, string path)
{
try
{
MSActorReturnMessageModel successMessage = new MSActorReturnMessageModel(SuccessCode, "");
PSSessionOption option = new PSSessionOption();
using (PowerShell powershell = PowerShell.Create())
{
string url = String.Format("http://{0}:5985/wsman", computername);
Uri uri = new Uri(url);
WSManConnectionInfo conn = new WSManConnectionInfo(uri);
using (Runspace runspace = RunspaceFactory.CreateRunspace(conn))
{
powershell.Runspace = runspace;
runspace.Open();
PSCommand command = new PSCommand();
command.AddCommand("New-Item");
command.AddParameter("ItemType", "directory");
command.AddParameter("Path", path);
powershell.Commands = command;
Collection <PSObject> returns = powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
if (powershell.Streams.Error[0].Exception.Message == String.Format("Item with specified name {0} already exists.", path))
{
return(successMessage);
}
else
{
throw powershell.Streams.Error[0].Exception;
}
}
powershell.Streams.ClearStreams();
return(successMessage);
}
}
}
catch (Exception e)
{
return(util.ReportError(e));
}
}
/// <summary>
/// ...
/// </summary>
/// <param name="employeeid"></param>
/// <param name="samaccountname"></param>
/// <param name="ipphone"></param>
/// <returns></returns>
public MSActorReturnMessageModel SetIPPhone(string employeeid, string samaccountname, string ipphone)
{
UtilityController util = new UtilityController();
try
{
string dName;
PSObject user = util.getADUser(employeeid, samaccountname);
if (user == null)
{
throw new Exception("User was not found.");
}
Debug.WriteLine(user);
dName = user.Properties["DistinguishedName"].Value.ToString();
using (PowerShell powershell = PowerShell.Create())
{
PSCommand command = new PSCommand();
command.AddCommand("Get-ADUser");
command.AddParameter("Identity", dName);
command.AddCommand("Set-ADUser");
if (ipphone != null)
{
Hashtable ipPhoneHash = new Hashtable
{
{ "ipPhone", ipphone }
};
command.AddParameter("replace", ipPhoneHash);
}
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
MSActorReturnMessageModel successMessage = new MSActorReturnMessageModel(SuccessCode, "");
return(successMessage);
}
}
catch (Exception e)
{
return(util.ReportError(e));
}
}
/// <summary>
/// Delete entry for user
/// </summary>
/// <param name="employeeid"></param>
/// <param name="samaccountname"></param>
/// <returns></returns>
public MSActorReturnMessageModel RemoveADObject(string employeeid, string samaccountname)
{
UtilityController util = new UtilityController();
MSActorReturnMessageModel successMessage = new MSActorReturnMessageModel(SuccessCode, "");
try
{
string dName;
PSObject user = util.getADUser(employeeid, samaccountname);
if (user == null)
{
return(successMessage);
}
Debug.WriteLine(user);
dName = user.Properties["DistinguishedName"].Value.ToString();
using (PowerShell powershell = PowerShell.Create())
{
PSCommand command = new PSCommand();
command.AddCommand("Get-ADUser");
command.AddParameter("Identity", dName);
command.AddCommand("Get-ADObject");
command.AddCommand("Remove-ADObject");
command.AddParameter("confirm", false);
command.AddParameter("recursive");
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
return(successMessage);
}
}
catch (Exception e)
{
if (!e.Message.Contains(cantFindObjectError))
{
return(util.ReportError(e));
}
return(util.ReportHiddenError(e));
}
}
public MSActorReturnMessageModel NewADUser([FromBody] ADUserModel newUser)
{
try {
ADController control = new ADController();
return(control.NewADUserDriver(newUser));
}catch (Exception e)
{
return(util.ReportError(e));
}
}
/// <summary>
/// ...
/// </summary>
/// <param name="employeeid"></param>
/// <param name="searchbase"></param>
/// <param name="old_samaccountname"></param>
/// <param name="new_samaccountname"></param>
/// <param name="userprincipalname"></param>
/// <returns></returns>
public MSActorReturnMessageModel ChangeUsername(string employeeid, string old_samaccountname, string new_samaccountname, string userprincipalname)
{
UtilityController util = new UtilityController();
try
{
// debugging:
// $user = Get-ADUser -Filter "employeeid -eq '9999998'" -SearchBase 'OU=Accounts,DC=spudev,DC=corp' -Properties cn,displayname,givenname,initials
// $userDN =$($user.DistinguishedName)
// Set - ADUser - identity $userDN - sAMAccountName ‘wclinton’ -UserPrincipalName ‘wclinton @spudev.corp’ -ErrorVariable Err
string dName;
PSObject user = util.getADUser(employeeid, old_samaccountname);
if (user == null)
{
throw new Exception("User was not found.");
}
Debug.WriteLine(user);
dName = user.Properties["DistinguishedName"].Value.ToString();
using (PowerShell powershell = PowerShell.Create())
{
PSCommand command = new PSCommand();
command.AddCommand("Get-ADUser");
command.AddParameter("Identity", dName);
command.AddCommand("Set-Variable");
command.AddParameter("Name", "user");
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
command = new PSCommand();
command.AddScript("$($user.DistinguishedName)");
command.AddCommand("Set-Variable");
command.AddParameter("Name", "userDN");
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
command = new PSCommand();
command.AddScript(String.Format("Set-ADUser -Identity $userDN -sAMAccountName {0} -UserPrincipalName {1} -ErrorVariable Err", new_samaccountname, userprincipalname));
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
command = new PSCommand();
command.AddScript(String.Format("Rename-ADObject -Identity $userDN -NewName {0}", new_samaccountname));
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
MSActorReturnMessageModel successMessage = new MSActorReturnMessageModel(SuccessCode, "");
return(successMessage);
}
}
catch (Exception e)
{
return(util.ReportError(e));
}
}
/// <summary>
/// Set password
/// </summary>
/// <param name="employeeid"></param>
/// <param name="samaccountname"></param>
/// <param name="accountpassword"></param>
/// <param name="changepasswordatlogon"></param>
/// <returns></returns>
public MSActorReturnMessageModel SetPassword(string employeeid, string samaccountname, string accountpassword, string changepasswordatlogon)
{
MSActorReturnMessageModel errorMessage;
UtilityController util = new UtilityController();
try
{
PSSessionOption option = new PSSessionOption();
using (PowerShell powershell = PowerShell.Create())
{
// Try without the runspace stuff first
//Runspace runspace = RunspaceFactory.CreateRunspace();
//powershell.Runspace = runspace;
//runspace.Open();
PSObject user = util.getADUser(employeeid, samaccountname);
if (user == null)
{
throw new Exception("User was not found.");
}
PSCommand command = new PSCommand();
command.AddCommand("ConvertTo-SecureString");
command.AddParameter("String", accountpassword);
command.AddParameter("AsPlainText");
command.AddParameter("Force");
powershell.Commands = command;
Collection <PSObject> pwd = powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
if (pwd.Count != 1)
{
// This may not be reached anymore
throw new Exception("Unexpected return from creating password secure string.");
}
command = new PSCommand();
command.AddCommand("Set-ADAccountPassword");
command.AddParameter("Identity", user);
command.AddParameter("NewPassword", pwd[0]);
command.AddParameter("Reset");
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
command = new PSCommand();
command.AddCommand("Set-AdUser");
command.AddParameter("Identity", user);
command.AddParameter("ChangePasswordAtLogon", Boolean.Parse(changepasswordatlogon));
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
MSActorReturnMessageModel successMessage = new MSActorReturnMessageModel(SuccessCode, "");
return(successMessage);
}
}
catch (Exception e)
{
return(util.ReportError(e));
}
}
/// <summary>
/// This method creates a new AD group
/// </summary>
/// <param name="group_name"></param>
/// <param name="group_description"></param>
/// <param name="group_info"></param>
/// <param name="group_ad_path"></param>
/// <param name="group_category"></param>
/// <param name="group_scope"></param>
/// <returns></returns>
public MSActorReturnMessageModel NewADGroup(string group_name, string group_description, string group_info,
string group_ad_path, string group_category, string group_scope, string samaccountname)
{
UtilityController util = new UtilityController();
try
{
using (PowerShell powershell = PowerShell.Create())
{
PSCommand command;
if (group_category == "distribution")
{
// First we need Exchange to enable the distribution group
ExchangeController control = new ExchangeController();
MSActorReturnMessageModel msg = control.EnableDistributionGroup(group_name, group_ad_path, group_description, group_info);
if (msg.code == "CMP")
{
// Then we follow up setting some attributes that Exchange's cmdlet won't set
string distinguishedName = "CN=" + group_name + "," + group_ad_path;
bool setADGroupComplete = false;
int count = 0;
string objectNotFoundMessage = "Directory object not found";
while (setADGroupComplete == false && count < 3)
{
try
{
command = new PSCommand();
command.AddCommand("Set-ADGroup");
command.AddParameter("identity", distinguishedName);
if (group_description != "")
{
command.AddParameter("description", group_description);
}
command.AddParameter("displayname", group_name);
if (group_info != "")
{
Hashtable attrHash = new Hashtable
{
{ "info", group_info }
};
command.AddParameter("Add", attrHash);
}
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
if (powershell.Streams.Error[0].Exception.Message.Contains(objectNotFoundMessage))
{
System.Threading.Thread.Sleep(1000);
}
else
{
throw powershell.Streams.Error[0].Exception;
}
}
else
{
setADGroupComplete = true;
}
count++;
}
catch (Exception e)
{
if (e.Message.Contains(objectNotFoundMessage))
{
System.Threading.Thread.Sleep(1000);
count++;
}
else
{
throw e;
}
}
}
if (count == 3)
{
throw new Exception("Retry count exceeded. May indicate distribution group creation issue");
}
else
{
return(new MSActorReturnMessageModel(SuccessCode, ""));
}
}
else
{
return(msg);
}
}
command = new PSCommand();
command.AddCommand("New-ADGroup");
command.AddParameter("name", group_name);
if (group_description != "")
{
command.AddParameter("description", group_description);
}
command.AddParameter("groupcategory", group_category);
command.AddParameter("displayname", group_name);
command.AddParameter("path", group_ad_path);
command.AddParameter("groupscope", group_scope);
if (group_info != "")
{
Hashtable attrHash = new Hashtable
{
{ "info", group_info }
};
command.AddParameter("OtherAttributes", attrHash);
}
command.AddParameter("samaccountname", samaccountname);
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
MSActorReturnMessageModel successMessage = new MSActorReturnMessageModel(SuccessCode, "");
return(successMessage);
}
}
catch (Exception e)
{
if (!e.Message.Contains(groupExistsError))
{
return(util.ReportError(e));
}
return(util.ReportHiddenError(e));
}
}
/// <summary>
/// This is a driver method to be called from the MSActorController. it creates a new user in AD, and returns
/// the status message of the request.
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public MSActorReturnMessageModel NewADUserDriver(ADUserModel user)
{
// Project P0975: Update retry delays from 1 second to 3 seconds, attempting to
// reduce error reports from delays in creating user accounts
try
{
using (PowerShell powershell = PowerShell.Create())
{
//Password nonsense to follow
PSCommand command = new PSCommand();
command.AddCommand("ConvertTo-SecureString");
command.AddParameter("AsPlainText");
command.AddParameter("String", user.accountPassword);
command.AddParameter("Force");
powershell.Commands = command;
Collection <PSObject> passHashCollection = powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
PSObject toPass = passHashCollection.First(); //this is the password wrapped in a psobject
command = new PSCommand();
command.AddCommand("new-aduser");
command.AddParameter("name", user.name); //Name used to be emplid, but has since been changed
command.AddParameter("accountpassword", toPass);
command.AddParameter("changepasswordatlogon", user.changepasswordatlogon);
command.AddParameter("city", user.city);
//command.AddParameter("country", user.country);
command.AddParameter("department", user.department);
command.AddParameter("description", user.description);
command.AddParameter("displayname", user.displayname);
command.AddParameter("employeeid", user.employeeid);
command.AddParameter("enabled", user.enabled);
command.AddParameter("givenname", user.givenname);
command.AddParameter("officephone", user.officephone);
command.AddParameter("initials", user.initials);
command.AddParameter("office", user.office);
command.AddParameter("postalcode", user.postalcode);
command.AddParameter("samaccountname", user.samaccountname);
command.AddParameter("state", user.state);
command.AddParameter("streetaddress", user.streetaddress);
command.AddParameter("surname", user.surname);
command.AddParameter("Title", user.title);
command.AddParameter("type", user.type);
command.AddParameter("userprincipalname", user.userprincipalname);
command.AddParameter("path", user.path);
if (user.ipphone != null)
{
Hashtable attrHash = new Hashtable
{
{ "ipPhone", user.ipphone }
};
command.AddParameter("OtherAttributes", attrHash);
}
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
bool adFinished = false;
int count = 0;
String objectNotFoundMessage = "Cannot find an object with identity";
while (adFinished == false && count < 6)
{
try
{
command = new PSCommand();
command.AddCommand("get-aduser");
command.AddParameter("identity", user.samaccountname);
powershell.Commands = command;
Collection <PSObject> check = powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
if (powershell.Streams.Error[0].Exception.Message.Contains(objectNotFoundMessage))
{
System.Threading.Thread.Sleep(3000);
}
else
{
throw powershell.Streams.Error[0].Exception;
}
}
powershell.Streams.ClearStreams();
if (check.FirstOrDefault() != null)
{
adFinished = true;
}
count++;
}
catch (Exception e)
{
if (e.Message.Contains(objectNotFoundMessage))
{
System.Threading.Thread.Sleep(3000);
count++;
}
else
{
throw e;
}
}
}
if (count == 6)
{
throw new Exception("Retry count exceeded. May indicate account creation issue");
}
}
MSActorReturnMessageModel successMessage = new MSActorReturnMessageModel(SuccessCode, "");
return(successMessage);
}
catch (Exception e)
{
if (!e.Message.Contains(accountExistsError))
{
return(util.ReportError(e));
}
return(util.ReportHiddenError(e));
}
}
public MSActorReturnMessageModel EnableMailbox(string database, string alias, string emailaddresses)
{
MSActorReturnMessageModel successMessage = new MSActorReturnMessageModel(SuccessCode, "");
try
{
PSSessionOption option = new PSSessionOption();
using (PowerShell powershell = PowerShell.Create())
{
using (Runspace runspace = RunspaceFactory.CreateRunspace())
{
runspace.Open();
powershell.Runspace = runspace;
ConnectToExchange(powershell, runspace);
PSCommand command = new PSCommand();
command.AddCommand("Enable-Mailbox");
command.AddParameter("identity", alias);
command.AddParameter("database", database);
command.AddParameter("alias", alias);
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
// Check if the mailbox exists and is the way we want it
using (PowerShell powershell1 = PowerShell.Create())
{
powershell1.Runspace = runspace;
command = new PSCommand();
command.AddCommand("Get-Mailbox");
command.AddParameter("Identity", alias);
powershell1.Commands = command;
Collection <PSObject> mailboxes = powershell1.Invoke();
if (powershell1.Streams.Error.Count > 0)
{
// If the mailbox is not found, fall through and throw the other exception.
// Otherwise something is probably really wrong and throw this exception instead.
RemoteException ex1 = powershell1.Streams.Error[0].Exception as RemoteException;
if (!ex1.SerializedRemoteException.TypeNames.Contains("Microsoft.Exchange.Configuration.Tasks.ManagementObjectNotFoundException"))
{
throw powershell1.Streams.Error[0].Exception;
}
}
Mailbox mailbox = mailboxes.FirstOrDefault()?.BaseObject as Mailbox;
if (mailbox != null &&
mailbox.Database.Name == database &&
mailbox.Alias == alias &&
mailbox.EmailAddresses.Contains(ProxyAddress.Parse("SMTP", emailaddresses))
)
{
return(successMessage);
}
else
{
throw powershell.Streams.Error[0].Exception;
}
}
}
powershell.Streams.ClearStreams();
command = new PSCommand();
command.AddCommand("set-mailbox");
command.AddParameter("identity", alias);
command.AddParameter("emailaddresses", emailaddresses);
powershell.Commands = command;
powershell.Invoke();
if (powershell.Streams.Error.Count > 0)
{
throw powershell.Streams.Error[0].Exception;
}
powershell.Streams.ClearStreams();
return(successMessage);
}
}
}
catch (Exception e)
{
return(util.ReportError(e));
}
}