private bool ADReplicationSitePostCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
if (ADFactory <T> .DirectoryOperation.Update == operation || operation == ADFactory <T> .DirectoryOperation.Create)
{
try
{
this.CreateSiteChildObjects(operation, instance, parameters, directoryObj);
}
catch (Exception exception3)
{
Exception exception = exception3;
if (operation == ADFactory <T> .DirectoryOperation.Create && (exception as ADException != null || exception as ADInvalidOperationException != null || exception as ADIdentityResolutionException != null || exception as UnauthorizedAccessException != null || exception as ArgumentException != null))
{
try
{
this.RemoveADReplicationSite(directoryObj);
}
catch (Exception exception2)
{
Exception exception1 = exception2;
DebugLogger.LogWarning(this._debugCategory, string.Format("ADReplicationSiteFactory: Unable to delete the Site {0}. Deletion failed with error {1}.", directoryObj.DistinguishedName, exception1.Message));
}
}
throw;
}
return(false);
}
else
{
return(false);
}
}
private bool ADReplicationSiteRemovePreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
if (ADFactory <T> .DirectoryOperation.Delete == operation)
{
ADObjectFactory <ADObject> aDObjectFactory = new ADObjectFactory <ADObject>();
aDObjectFactory.SetCmdletSessionInfo(base.CmdletSessionInfo);
IADOPathNode aDOPathNode = ADOPathUtil.CreateFilterClause(ADOperator.Eq, "objectClass", "server");
int? nullable = null;
int? nullable1 = null;
IEnumerable <ADObject> extendedObjectFromFilter = aDObjectFactory.GetExtendedObjectFromFilter(aDOPathNode, directoryObj.DistinguishedName, ADSearchScope.Subtree, null, nullable, nullable1, false);
IEnumerator <ADObject> enumerator = extendedObjectFromFilter.GetEnumerator();
using (enumerator)
{
if (enumerator.MoveNext())
{
//TODO: Review: URGENT!! : enumerator.Current;
object[] distinguishedName = new object[1];
distinguishedName[0] = directoryObj.DistinguishedName;
throw new ADException(string.Format(CultureInfo.CurrentCulture, StringResources.ServerContainerNotEmpty, distinguishedName));
}
}
return(false);
}
else
{
return(false);
}
}
private bool ADResourcePropertyPreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
if (operation == ADFactory <T> .DirectoryOperation.Create || ADFactory <T> .DirectoryOperation.Update == operation)
{
bool flag = true;
ADObject aDObject = null;
StringBuilder stringBuilder = new StringBuilder();
flag = flag & ADResourcePropertyFactory <T> .VerifyResourcePropertyValueType(directoryObj, base.CmdletSessionInfo, out aDObject, stringBuilder);
if (aDObject != null && aDObject.Contains("ValueType"))
{
ADClaimValueType?value = (ADClaimValueType?)(aDObject["ValueType"].Value as ADClaimValueType?);
flag = flag & ADCBACUtil.VerifyAndSetPossibleValues(directoryObj, value.Value, stringBuilder);
}
flag = flag & ADResourcePropertyFactory <T> .VerifySharesPossibleValueWithAndPossibleValueExclusiveness(directoryObj, operation, stringBuilder);
flag = flag & ADResourcePropertyFactory <T> .VerifyIsSuggestedValuePresentAttribute(directoryObj, stringBuilder, aDObject);
flag = flag & ADResourcePropertyFactory <T> .VerifySharesValuesWith(directoryObj, stringBuilder, aDObject, base.CmdletSessionInfo);
if (flag)
{
return(false);
}
else
{
stringBuilder.AppendLine(StringResources.CTParameterValidationFailure);
throw new ADException(stringBuilder.ToString());
}
}
else
{
return(false);
}
}
private bool ADReplicationSiteLinkBridgePreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
string parentPath = ADPathModule.GetParentPath(directoryObj.DistinguishedName, null, ADPathFormat.X500);
if ((!directoryObj.Contains("siteLinkList") || directoryObj["siteLinkList"].Count <= 1) && operation == ADFactory <T> .DirectoryOperation.Create)
{
object[] objArray = new object[4];
objArray[0] = "SiteLinkBridge";
objArray[1] = 2;
objArray[2] = "SiteLinks";
objArray[3] = "SiteLinksIncluded";
throw new ADException(string.Format(CultureInfo.CurrentCulture, StringResources.ADInvalidAttributeValueCount, objArray));
}
else
{
if (directoryObj.Contains("siteLinkList") && directoryObj["siteLinkList"].Count > 0)
{
foreach (string item in directoryObj["siteLinkList"])
{
string str = ADPathModule.GetParentPath(item, null, ADPathFormat.X500);
if (string.Compare(str, parentPath, StringComparison.OrdinalIgnoreCase) == 0)
{
continue;
}
object[] distinguishedName = new object[2];
distinguishedName[0] = item;
distinguishedName[1] = directoryObj.DistinguishedName;
throw new ADException(string.Format(CultureInfo.CurrentCulture, StringResources.SiteLinkAndSiteLinkBridgeDoNotShareSameTransportType, distinguishedName));
}
}
return(false);
}
}
private bool ADServiceAccountPreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
if (string.CompareOrdinal(directoryObj.ObjectClass, "msDS-ManagedServiceAccount") != 0)
{
ADAccountFactory <T> .UseComputerPasswordGeneration = false;
}
return(false);
}
private bool ADGroupPreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
if (operation != ADFactory <T> .DirectoryOperation.Create || instance != null || parameters.Contains("GroupCategory"))
{
return(false);
}
else
{
directoryObj["groupType"].Value = (int)directoryObj["groupType"].Value | -2147483648;
return(true);
}
}
private bool ADReplicationSitePreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
if (ADFactory <T> .DirectoryOperation.Update == operation || operation == ADFactory <T> .DirectoryOperation.Create)
{
MappingTable <AttributeConverterEntry> item = ADNtdsSiteSettingFactory <ADNtdsSiteSetting> .AttributeTable[base.ConnectedStore];
MappingTable <AttributeConverterEntry> mappingTable = ADReplicationSiteFactory <T> .AttributeTable[base.ConnectedStore];
ADTopologyUtil.RemoveChildObjectAttributes(directoryObj, mappingTable, item);
return(true);
}
else
{
return(false);
}
}
public AD()
{
//初始化ASP.NET内置对象
Response = System.Web.HttpContext.Current.Response;
Request = System.Web.HttpContext.Current.Request;
Server = System.Web.HttpContext.Current.Server;
Session = System.Web.HttpContext.Current.Session;
Application = System.Web.HttpContext.Current.Application;
DBHelper = SQLHelperFactory.CreateSQLHelper();
tools = ToolsFactory.CreateTools();
MyAD = ADFactory.CreateAD();
Mychannel = AD_Position_ChannelFactory.CreateAD_Position_Channel();
Myposition = ADPositionFactory.CreateADPosition();
supplier = new Supplier();
}
private bool ADCentralAccessRulePreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
if (ADFactory <T> .DirectoryOperation.Update == operation)
{
if (directoryObj.ModifiedProperties.Contains("msAuthz-EffectiveSecurityPolicy") || directoryObj.RemovedProperties.Contains("msAuthz-EffectiveSecurityPolicy") || directoryObj.AddedProperties.Contains("msAuthz-EffectiveSecurityPolicy"))
{
string str = ADPathModule.MakePath(base.CmdletSessionInfo.ADRootDSE.ConfigurationNamingContext, "CN=Central Access Rules,CN=Claims Configuration,CN=Services,", ADPathFormat.X500);
string attributeValueFromObjectName = AttributeConverters.GetAttributeValueFromObjectName <ADCentralAccessRuleFactory <ADCentralAccessRule>, ADCentralAccessRule>(directoryObj.DistinguishedName, str, "CurrentAcl", "PreviousAcl", base.CmdletSessionInfo) as string;
directoryObj["msAuthz-LastEffectiveSecurityPolicy"].Value = attributeValueFromObjectName;
}
return(true);
}
else
{
return(false);
}
}
private bool ADClaimTypePreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
bool classes = true;
StringBuilder stringBuilder = new StringBuilder();
if (operation == ADFactory <T> .DirectoryOperation.Create || ADFactory <T> .DirectoryOperation.Update == operation)
{
bool switchParameterBooleanValue = parameters.GetSwitchParameterBooleanValue("SourceTransformPolicy");
if (switchParameterBooleanValue)
{
directoryObj.SetValue("msDS-ClaimSourceType", "TransformPolicy");
directoryObj.ForceRemove("msDS-ClaimAttributeSource");
directoryObj.ForceRemove("msDS-ClaimSource");
}
classes = classes & ADClaimTypeFactory <T> .VerifyClaimSourceAndAttributeExclusiveness(directoryObj, stringBuilder, operation);
classes = classes & ADClaimTypeFactory <T> .VerifyClaimSourceAndPossibleValueExclusiveness(directoryObj, stringBuilder);
classes = classes & ADClaimTypeFactory <T> .SetAndValidateClaimSourceType(directoryObj, stringBuilder);
classes = classes & ADClaimTypeFactory <T> .VerifyRestrictValues(directoryObj, stringBuilder, base.CmdletSessionInfo, operation);
if (directoryObj.Contains("msDS-ClaimValueType"))
{
ADClaimValueType num = (ADClaimValueType)((long)Convert.ToInt32(directoryObj["msDS-ClaimValueType"].Value, CultureInfo.InvariantCulture));
classes = classes & ADCBACUtil.VerifyAndSetPossibleValues(directoryObj, num, stringBuilder);
}
classes = classes & ADClaimTypeFactory <T> .VerifyAppliesToClasses(directoryObj, stringBuilder, base.CmdletSessionInfo);
if (classes)
{
return(false);
}
else
{
stringBuilder.AppendLine(StringResources.CTParameterValidationFailure);
throw new ADException(stringBuilder.ToString());
}
}
else
{
return(false);
}
}
private bool ADObjectPostCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
bool hasValue;
if (operation != ADFactory <T> .DirectoryOperation.Create || !base.PropertyHasChange(ADObjectFactory <T> .ADObjectPropertyMap.ProtectedFromDeletion.PropertyName, instance, parameters, operation))
{
if (operation != ADFactory <T> .DirectoryOperation.Create || !ProtectedFromDeletionUtil.ShouldProtectByDefault(directoryObj.ObjectClass))
{
return(false);
}
else
{
return(ProtectedFromDeletionUtil.ProtectFromAccidentalDeletion(directoryObj, base.CmdletSessionInfo));
}
}
else
{
bool?singleValueProperty = base.GetSingleValueProperty <bool?>(ADObjectFactory <T> .ADObjectPropertyMap.ProtectedFromDeletion.PropertyName, instance, parameters, operation);
if (singleValueProperty.HasValue)
{
bool?nullable = singleValueProperty;
if (!nullable.GetValueOrDefault())
{
hasValue = false;
}
else
{
hasValue = nullable.HasValue;
}
if (!hasValue)
{
return(ProtectedFromDeletionUtil.UnprotectFromAccidentalDeletion(directoryObj, base.CmdletSessionInfo));
}
else
{
return(ProtectedFromDeletionUtil.ProtectFromAccidentalDeletion(directoryObj, base.CmdletSessionInfo));
}
}
else
{
return(false);
}
}
}
private bool ADCentralAccessPolicyPreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
if (operation == ADFactory <T> .DirectoryOperation.Create)
{
IntPtr zero = IntPtr.Zero;
int num = UnsafeNativeMethods.GenerateNewCAPID(out zero);
if (num != 0 || !(IntPtr.Zero != zero))
{
throw new ADException(StringResources.CAPIDCreationFailure);
}
else
{
SecurityIdentifier securityIdentifier = new SecurityIdentifier(zero);
UnsafeNativeMethods.LocalFree(zero);
directoryObj["msAuthz-CentralAccessPolicyID"].Value = securityIdentifier;
return(false);
}
}
else
{
return(false);
}
}
private bool ADReplicationSiteLinkPreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
if (operation == ADFactory <T> .DirectoryOperation.Create)
{
if (!directoryObj.Contains("siteList") || directoryObj["siteList"].Count <= 1)
{
object[] objArray = new object[4];
objArray[0] = "SiteLink";
objArray[1] = 2;
objArray[2] = "Sites";
objArray[3] = "SitesIncluded";
throw new ADException(string.Format(CultureInfo.CurrentCulture, StringResources.ADInvalidAttributeValueCount, objArray));
}
else
{
return(false);
}
}
else
{
return(false);
}
}
private void CreateSiteChildObjects(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
AttributeConverterEntry attributeConverterEntry = null;
bool flag = ADFactory <T> .DirectoryOperation.Create == operation;
MappingTable <AttributeConverterEntry> item = ADNtdsSiteSettingFactory <ADNtdsSiteSetting> .AttributeTable[base.ConnectedStore];
MappingTable <AttributeConverterEntry> mappingTable = ADReplicationSiteFactory <T> .AttributeTable[base.ConnectedStore];
IDictionary <string, ADPropertyValueCollection> strs = new Dictionary <string, ADPropertyValueCollection>();
if (instance != null)
{
foreach (string propertyName in instance.PropertyNames)
{
if (flag && instance[propertyName].Value == null || mappingTable.TryGetValue(propertyName, out attributeConverterEntry) || !item.TryGetValue(propertyName, out attributeConverterEntry))
{
continue;
}
strs.Add(propertyName, instance[propertyName]);
}
}
IDictionary <string, ADPropertyValueCollection> aDPVCDictionary = parameters.GetADPVCDictionary();
foreach (string key in aDPVCDictionary.Keys)
{
if (mappingTable.TryGetValue(key, out attributeConverterEntry) || !item.TryGetValue(key, out attributeConverterEntry))
{
continue;
}
if (!strs.ContainsKey(key))
{
strs.Add(key, aDPVCDictionary[key]);
}
else
{
strs[key] = aDPVCDictionary[key];
}
}
string str = ADPathModule.MakePath(directoryObj.DistinguishedName, "CN=NTDS Site Settings,", ADPathFormat.X500);
ADNtdsSiteSettingFactory <ADNtdsSiteSetting> aDNtdsSiteSettingFactory = new ADNtdsSiteSettingFactory <ADNtdsSiteSetting>();
aDNtdsSiteSettingFactory.SetCmdletSessionInfo(base.CmdletSessionInfo);
ADObject directoryObjectFromIdentity = null;
if (!flag)
{
try
{
ADNtdsSiteSetting aDNtdsSiteSetting = new ADNtdsSiteSetting(str);
directoryObjectFromIdentity = aDNtdsSiteSettingFactory.GetDirectoryObjectFromIdentity(aDNtdsSiteSetting, directoryObj.DistinguishedName);
}
catch (ADIdentityNotFoundException aDIdentityNotFoundException)
{
DebugLogger.LogInfo(this._debugCategory, string.Format("ADReplicationSiteFactory: Ntds-Site-Setting object not found for the site {0}, while updating the properties of the ntds-site-settings", directoryObj.DistinguishedName));
}
}
if (directoryObjectFromIdentity == null)
{
flag = true;
directoryObjectFromIdentity = new ADObject(str, aDNtdsSiteSettingFactory.StructuralObjectClass);
}
foreach (string key1 in strs.Keys)
{
if (!item.TryGetValue(key1, out attributeConverterEntry) || !attributeConverterEntry.IsDirectoryConverterDefined)
{
continue;
}
attributeConverterEntry.InvokeToDirectoryConverter(strs[key1], directoryObjectFromIdentity, base.CmdletSessionInfo);
}
using (ADActiveObject aDActiveObject = new ADActiveObject(base.CmdletSessionInfo.ADSessionInfo, directoryObjectFromIdentity))
{
if (!flag)
{
aDActiveObject.Update();
}
else
{
aDActiveObject.Create();
}
}
if (operation == ADFactory <T> .DirectoryOperation.Create)
{
this.CreateServerContainer(directoryObj.DistinguishedName);
}
}
private bool ADDomainPreCommitFSRoutine(ADFactory <T> .DirectoryOperation operation, T instance, ADParameterSet parameters, ADObject directoryObj)
{
bool flag = false;
if (operation == ADFactory <T> .DirectoryOperation.Update && base.PropertyHasChange(ADDomainFactory <T> .ADDomainPropertyMap.DomainMode.PropertyName, instance, parameters, operation))
{
ADDomainMode?singleValueProperty = base.GetSingleValueProperty <ADDomainMode?>(ADDomainFactory <T> .ADDomainPropertyMap.DomainMode.PropertyName, instance, parameters, operation);
if (singleValueProperty.HasValue)
{
ADDomainMode value = singleValueProperty.Value;
switch (value)
{
case ADDomainMode.Windows2000Domain:
{
Win32Exception win32Exception = new Win32Exception(50);
throw new NotSupportedException(win32Exception.Message);
}
case ADDomainMode.Windows2003InterimDomain:
{
if (base.CmdletSessionInfo.ADRootDSE.DomainFunctionality == ADDomainMode.Windows2000Domain && ADDomainFactory <T> .GetNTMixedDomainMode(base.CmdletSessionInfo) == 1)
{
break;
}
directoryObj["ntMixedDomain"].Value = 1;
flag = true;
break;
}
case ADDomainMode.Windows2003Domain:
{
bool flag1 = false;
if (base.CmdletSessionInfo.ADRootDSE.DomainFunctionality != ADDomainMode.Windows2000Domain)
{
if (base.CmdletSessionInfo.ADRootDSE.DomainFunctionality == ADDomainMode.Windows2003InterimDomain)
{
flag1 = true;
}
}
else
{
if (ADDomainFactory <T> .GetNTMixedDomainMode(base.CmdletSessionInfo) != 0)
{
flag1 = true;
}
}
if (!flag1)
{
break;
}
ADDomainFactory <T> .UpdateNTMixedDomainMode(base.CmdletSessionInfo, 0);
break;
}
}
}
else
{
return(flag);
}
}
return(flag);
}
private string ADType = "AzureAD"; // We can get this in constructor as parameter , or we can query tenent service for the same.
public DirectoryController(IGraphService graphService)
{
this.graphService = graphService != null ? graphService : ADFactory.GetIAM(ADType);
}
private static bool VerifySharesPossibleValueWithAndPossibleValueExclusiveness(ADObject directoryObj, ADFactory <T> .DirectoryOperation operation, StringBuilder errorBuffer)
{
bool flag;
bool flag1 = false;
if (directoryObj.ModifiedProperties.Contains("msDS-ClaimSharesPossibleValuesWith"))
{
flag = true;
}
else
{
flag = directoryObj.AddedProperties.Contains("msDS-ClaimSharesPossibleValuesWith");
}
bool flag2 = flag;
bool flag3 = directoryObj.InternalProperties.Contains("SuggestedValues");
if (directoryObj.Contains("msDS-ClaimSharesPossibleValuesWith") && directoryObj.Contains("msDS-ClaimPossibleValues"))
{
if (operation != ADFactory <T> .DirectoryOperation.Create)
{
if (!flag2 || !flag3)
{
if (!flag2)
{
if (flag3)
{
directoryObj.ForceRemove("msDS-ClaimSharesPossibleValuesWith");
}
}
else
{
directoryObj.ForceRemove("msDS-ClaimPossibleValues");
}
}
else
{
flag1 = true;
errorBuffer.AppendLine(StringResources.CTBothPossibleValuesShareValueWarning);
}
}
else
{
flag1 = true;
errorBuffer.AppendLine(StringResources.CTBothPossibleValuesShareValueWarning);
}
}
return(!flag1);
}
private static bool VerifyRestrictValues(ADObject directoryObj, StringBuilder errorBuffer, CmdletSessionInfo cmdletSessionInfo, ADFactory <T> .DirectoryOperation operation)
{
bool flag;
bool value;
bool value1;
bool flag1 = false;
if (directoryObj.ModifiedProperties.Contains("msDS-ClaimIsValueSpaceRestricted"))
{
flag = true;
}
else
{
flag = directoryObj.AddedProperties.Contains("msDS-ClaimIsValueSpaceRestricted");
}
bool flag2 = flag;
if (!directoryObj.Contains("msDS-ClaimPossibleValues"))
{
value = false;
}
else
{
value = directoryObj["msDS-ClaimPossibleValues"].Value != null;
}
bool flag3 = value;
if (!directoryObj.InternalProperties.Contains("SuggestedValues"))
{
value1 = false;
}
else
{
value1 = directoryObj.InternalProperties["SuggestedValues"].Value != null;
}
bool flag4 = value1;
if (operation == ADFactory <T> .DirectoryOperation.Create && !directoryObj.Contains("msDS-ClaimIsValueSpaceRestricted"))
{
directoryObj.SetValue("msDS-ClaimIsValueSpaceRestricted", flag4);
}
if (operation == ADFactory <T> .DirectoryOperation.Update && !flag2)
{
if (!flag3)
{
directoryObj.SetValue("msDS-ClaimIsValueSpaceRestricted", false);
}
if (flag4 && !flag3)
{
directoryObj.SetValue("msDS-ClaimIsValueSpaceRestricted", true);
}
}
if (!flag4 && !flag3 && directoryObj.Contains("msDS-ClaimIsValueSpaceRestricted") && (bool)directoryObj["msDS-ClaimIsValueSpaceRestricted"].Value)
{
flag1 = true;
errorBuffer.AppendLine(StringResources.ClaimTypeRestrictValueError);
}
return(!flag1);
}
private static bool VerifyClaimSourceAndAttributeExclusiveness(ADObject directoryObj, StringBuilder errorBuffer, ADFactory <T> .DirectoryOperation operation)
{
bool flag;
bool flag1;
bool flag2 = false;
if (directoryObj.ModifiedProperties.Contains("msDS-ClaimSource"))
{
flag = true;
}
else
{
flag = directoryObj.AddedProperties.Contains("msDS-ClaimSource");
}
bool flag3 = flag;
if (directoryObj.ModifiedProperties.Contains("msDS-ClaimAttributeSource"))
{
flag1 = true;
}
else
{
flag1 = directoryObj.AddedProperties.Contains("msDS-ClaimAttributeSource");
}
bool flag4 = flag1;
if (directoryObj.Contains("msDS-ClaimSource") && directoryObj.Contains("msDS-ClaimAttributeSource"))
{
if (operation != ADFactory <T> .DirectoryOperation.Create)
{
if (!flag3 || !flag4)
{
if (!flag3)
{
if (flag4)
{
directoryObj.ForceRemove("msDS-ClaimSource");
}
}
else
{
directoryObj.ForceRemove("msDS-ClaimAttributeSource");
}
}
else
{
flag2 = true;
errorBuffer.AppendLine(StringResources.SPCTBothSourceWarning);
}
}
else
{
flag2 = true;
errorBuffer.AppendLine(StringResources.SPCTBothSourceWarning);
}
}
return(!flag2);
}
