private static GetGroups ( System.DirectoryServices.AccountManagement.UserPrincipal user ) : List |
||
user | System.DirectoryServices.AccountManagement.UserPrincipal | |
Résultat | List |
public void SyncToLocalUser() { m_logger.Debug("SyncToLocalUser()"); using (UserPrincipal user = CreateOrGetUserPrincipal(UserInfo)) { // Force password and fullname match (redundant if we just created, but oh well) SyncUserPrincipalInfo(user, UserInfo); try { List <SecurityIdentifier> ignoredSids = new List <SecurityIdentifier>(new SecurityIdentifier[] { new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null), // "Authenticated Users" new SecurityIdentifier("S-1-1-0"), // "Everyone" }); // First remove from any local groups they aren't supposed to be in m_logger.Debug("Checking for groups to remove."); List <GroupPrincipal> localGroups = LocalAccount.GetGroups(user); foreach (GroupPrincipal group in localGroups) { m_logger.DebugFormat("Remove {0}?", group.Name); // Skip ignored sids if (!ignoredSids.Contains(group.Sid)) { GroupInformation gi = new GroupInformation() { Name = group.Name, SID = group.Sid, Description = group.Description }; if (!UserInfo.InGroup(gi)) { m_logger.DebugFormat("Removing user {0} from group {1}", user.Name, group.Name); RemoveUserFromGroup(user, group); } } group.Dispose(); } // Now add to any they aren't already in that they should be m_logger.Debug("Checking for groups to add"); foreach (GroupInformation groupInfo in UserInfo.Groups) { m_logger.DebugFormat("Add {0}?", groupInfo.Name); if (!IsUserInGroup(user, groupInfo)) { using (GroupPrincipal group = CreateOrGetGroupPrincipal(groupInfo)) { m_logger.DebugFormat("Adding user {0} to group {1}", user.Name, group.Name); AddUserToGroup(user, group); } } } } catch (Exception e) { throw new GroupSyncException(e); } } m_logger.Debug("End SyncToLocalUser()"); }
// Load userInfo.Username's group list and populate userInfo.Groups accordingly public static void SyncLocalGroupsToUserInfo(UserInformation userInfo) { ILog logger = LogManager.GetLogger("LocalAccount.SyncLocalGroupsToUserInfo"); try { SecurityIdentifier EveryoneSid = new SecurityIdentifier("S-1-1-0"); SecurityIdentifier AuthenticatedUsersSid = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null); if (LocalAccount.UserExists(userInfo.Username)) { using (UserPrincipal user = LocalAccount.GetUserPrincipal(userInfo.Username)) { foreach (GroupPrincipal group in LocalAccount.GetGroups(user)) { // Skip "Authenticated Users" and "Everyone" as these are generated if (group.Sid == EveryoneSid || group.Sid == AuthenticatedUsersSid) { continue; } userInfo.AddGroup(new GroupInformation() { Name = group.Name, Description = group.Description, SID = group.Sid }); } } } } catch (Exception e) { logger.ErrorFormat("Unexpected error while syncing local groups, skipping rest: {0}", e); } }
public void SyncToLocalUser() { m_logger.Debug("SyncToLocalUser()"); using (UserPrincipal user = CreateOrGetUserPrincipal(UserInfo)) { // Force password and fullname match (redundant if we just created, but oh well) SyncUserPrincipalInfo(UserInfo); try { List <SecurityIdentifier> ignoredSids = new List <SecurityIdentifier>(new SecurityIdentifier[] { new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null), // "Authenticated Users" new SecurityIdentifier("S-1-1-0"), // "Everyone" }); // First remove from any local groups they aren't supposed to be in m_logger.Debug("Checking for groups to remove."); List <GroupPrincipal> localGroups = LocalAccount.GetGroups(user); foreach (GroupPrincipal group in localGroups) { m_logger.DebugFormat("Remove {0}?", group.Name); // Skip ignored sids if (!ignoredSids.Contains(group.Sid)) { GroupInformation gi = new GroupInformation() { Name = group.Name, SID = group.Sid, Description = group.Description }; if (!UserInfo.InGroup(gi)) { m_logger.DebugFormat("Removing user {0} from group {1}", user.Name, group.Name); RemoveUserFromGroup(user, group); } } group.Dispose(); } // Now add to any they aren't already in that they should be m_logger.Debug("Checking for groups to add"); foreach (GroupInformation groupInfo in UserInfo.Groups) { m_logger.DebugFormat("Add {0}?", groupInfo.Name); if (!IsUserInGroup(user, groupInfo)) { using (GroupPrincipal group = CreateOrGetGroupPrincipal(groupInfo)) { m_logger.DebugFormat("Adding user {0} to group {1}", user.Name, group.Name); AddUserToGroup(user, group); } } } } catch (Exception e) { throw new GroupSyncException(e); } } //set ntuser.dat permissions if (!String.IsNullOrEmpty(UserInfo.usri4_profile) && !UserInfo.Description.Contains("pgSMB")) { Abstractions.WindowsApi.pInvokes.structenums.OSVERSIONINFOW verinfo = Abstractions.WindowsApi.pInvokes.VersionsInfo(); if (verinfo.dwMajorVersion == 0) { m_logger.WarnFormat("SyncToLocalUser: VersionsInfo() failed. I'm unable to detect OS beyond Windows 8.0"); verinfo.dwBuildNumber = Environment.OSVersion.Version.Build; verinfo.dwMajorVersion = Environment.OSVersion.Version.Major; verinfo.dwMinorVersion = Environment.OSVersion.Version.Minor; verinfo.dwPlatformId = Environment.OSVersion.Version.Build; } string ProfileExtension = (Environment.OSVersion.Version.Major == 6) ? (verinfo.dwMinorVersion > 3) /*greater than 8.1*/ ? ".V5" : ".V2" : ""; if (Connect2share(UserInfo.usri4_profile + ProfileExtension, UserInfo.Username, UserInfo.Password, 3, false)) { if (File.Exists(UserInfo.usri4_profile + ProfileExtension + "\\NTUSER.DAT")) { SetACL(UserInfo, ProfileExtension); Connect2share(UserInfo.usri4_profile + ProfileExtension, null, null, 0, true); } else { Connect2share(UserInfo.usri4_profile + ProfileExtension, null, null, 0, true); } } } m_logger.Debug("End SyncToLocalUser()"); }