private void SetPassword(string username, string newPassword)
{
var distinguishedName = string.Format(@"CN={0},{1}", username, _config.DistinguishedName);
Logger.Info("Setting password for user: \"{0}\"", username);
Logger.Info("Distinguished name: \"{0}\"", distinguishedName);
// the 'unicodePWD' attribute is used to handle pwd handling requests
const string attribute = "unicodePwd";
if (!String.IsNullOrEmpty(newPassword))
{
// do we have a pwd to set -> set pwd
var directoryAttributeModificationReplace = new DirectoryAttributeModification
{
Name = attribute,
Operation = DirectoryAttributeOperation.Replace
};
directoryAttributeModificationReplace.Add(BuildBytePwd(newPassword));
var damList = new[] { directoryAttributeModificationReplace };
var modifyRequest = new ModifyRequest(distinguishedName, damList);
// Should we utilize pwd history on the pwd reset?
var value = BerConverter.Encode("{i}", new object[] { 0x1 });
var pwdHistory = new DirectoryControl(LdapServerPolicyHintsOid, value, false, true);
modifyRequest.Controls.Add(pwdHistory);
var response = _connection.SendRequest(modifyRequest);
// TODO: handle bad response.
}
}
protected void StatsCookie()
{
if (QueryInfo.ExecStatsQuery)
{
if (QueryInfo.RootDse)
{
GlobalEventHandler.RaiseErrorOccured("Retreiving statistics from a rootDSE query cannot be done", true);
}
else if (QueryInfo.MustGetSingleObjectPath)
{
GlobalEventHandler.RaiseErrorOccured(String.Format("Switched to single object path base query {0}\t-> retreiving staistics doesn't make sense", Environment.NewLine), true);
}
else
{
RetreiveStatistics = QueryInfo.ExecStatsQuery;
byte[] controlvalue = BerConverter.Encode("{i}", new object[] { 0x1 });
controlvalue = null;
Request.Controls.Add(new DirectoryControl(STATISTCS_CONTROL_OID, controlvalue, false, true));
}
}
}
public void PageCookie(int pageSize)
{
FirstPagingRun = true;
LastPageSize = pageSize;
byte[] cvalue = BerConverter.Encode("{io}", new object[] { pageSize, PagingCookie });
DirectoryControl dcpage = new DirectoryControl("1.2.840.113556.1.4.319", cvalue, true, true);
if (PagingCookie != null)
{
PageControl = new PageResultRequestControl(PagingCookie);
}
else if (Scope != SearchScope.Base)
{
PageControl = new PageResultRequestControl(pageSize);
}
if (PageControl != null)
{
PageCount = 0;
Request.Controls.Add(PageControl);
DoPaging = true;
}
}
public byte[] Encode(int type)
{
switch (type)
{
case 3:
{
LDAPBindResponse protocolOp = (LDAPBindResponse)this.ProtocolOp;
return(BerConverter.Encode("{it{eooto}}", this.MessageID, 0x61, protocolOp.ResultCode, protocolOp.MatchedDN, protocolOp.DiagnosticMessage, 0x87, protocolOp.ServerSaslCreds));
}
case 4:
{
LDAPSearchResEntry protocolOp = (LDAPSearchResEntry)this.ProtocolOp;
return(BerConverter.Encode("{it{sto}}", this.MessageID, 0x64, protocolOp.ObjectDN, 0x30, protocolOp.Attributes));
}
case 5:
{
LDAPSearchResDone protocolOp = (LDAPSearchResDone)this.ProtocolOp;
return(BerConverter.Encode("{it{eoo}}", this.MessageID, 0x65, protocolOp.ResultCode, protocolOp.MatchedDN, protocolOp.ErrorMessage));
}
}
return(null);
}
public void Encode_Objects_ReturnsExpected(string format, object[] values, byte[] expected)
{
var actual = BerConverter.Encode(format, values);
_testOutputHelper.WriteLine($"expected: [{string.Join(',', expected)}]");
_testOutputHelper.WriteLine($"actual: [{string.Join(',', actual)}]");
Assert.Equal(expected, actual);
}
public void Encode_Invalid_ThrowsArgumentException(string format, object[] values)
{
try
{
AssertExtensions.Throws <ArgumentException>(null, () => BerConverter.Encode(format, values));
}
catch (System.Exception ex)
{
Console.WriteLine(ex.GetType().Name + ":" + ex.Message);
}
}
public void Encode_Decode_Should_Returns_Expected(string printFormat, string scanFormat, object[] values,
string[] platforms = null)
{
if (platforms != null && !platforms.Any(_ => RuntimeInformation.IsOSPlatform(OSPlatform.Create(_))))
{
return;
}
var encoded = BerConverter.Encode(printFormat, values);
_testOutputHelper.WriteLine($"encoded: [{string.Join(',', encoded)}]");
var decoded = BerConverter.Decode(scanFormat, encoded);
Assert.Equal(values, decoded);
}
public byte[] Encode()
{
return(BerConverter.Encode("{iX}", this.MessageID, this.ProtocolOp));
}
public override byte[] GetValue()
{
object[] objArray = new object[1];
objArray[0] = this._inputDN;
return(BerConverter.Encode("{s}", objArray));
}
public byte[] Encode()
{
return(BerConverter.Encode("t{eoo}", 0x65, this.ResultCode, this.MatchedDN, this.ErrorMessage));;
}
public byte[] Encode()
{
return(BerConverter.Encode("t{stX}", new object[] { 0x64, this.ObjectDN, 0x30, this.Attributes }));
}
public void Encode_NullFormat_ThrowsArgumentNullException()
{
AssertExtensions.Throws <ArgumentNullException>("format", () => BerConverter.Encode(null, new object[0]));
}
public void Encode_InvalidFormat_ThrowsBerConversionException(string format)
{
Assert.Throws <BerConversionException>(() => BerConverter.Encode(format, new object[0]));
}
public byte[] Encode(LDAPSearchResEntry search)
{
return(BerConverter.Encode("{it{stX}}", this.MessageID, 0x64, search.ObjectDN, 0x30, search.Attributes));
}
public void Encode_NullFormat_ThrowsArgumentNullException()
{
Assert.Throws <ArgumentNullException>("format", () => BerConverter.Encode(null));
}
public byte[] Encode(Object[] Segment)
{
return(BerConverter.Encode("t{s{V}}", 0x64, this.ObjectDN, Segment));
}
public byte[] Encode(LDAPSearchResDone resdone)
{
return(BerConverter.Encode("{it{eoo}}", this.MessageID, 0x65, resdone.ResultCode, resdone.MatchedDN, resdone.ErrorMessage));
}
/// <summary>
/// LDAP でパスワードを変更する。
/// </summary>
/// <param name="accountDN">アカウントの DN</param>
/// <param name="oldPasswd">現在のパスワード</param>
/// <param name="newPasswd">変更後のパスワード</param>
/// <param name="ldapServer">LDAP サーバーのホスト名または IP アドレス</param>
/// <param name="isTls">LDAPS にする場合 true。LDAP のままにする場合 false。</param>
public static void ChangePassword(string accountDN, string oldPasswd, string newPasswd, string ldapServer, bool isTls)
{
if (accountDN == null || oldPasswd == null || newPasswd == null || ldapServer == null)
{
throw new ArgumentNullException();
}
if (accountDN.Length < 1 || oldPasswd.Length < 1 || newPasswd.Length < 1 || ldapServer.Length < 1)
{
throw new ArgumentException();
}
ldapServer = ServerPortSpecify(ldapServer, isTls);
LdapConnection ldapConnection = new LdapConnection(ldapServer)
{
Credential = new NetworkCredential(accountDN, oldPasswd),
AuthType = AuthType.Basic,
Timeout = new TimeSpan(0, 0, 10)
};
ldapConnection.SessionOptions.ProtocolVersion = 3;
ldapConnection.SessionOptions.SecureSocketLayer = isTls;
// https://tools.ietf.org/html/rfc3062
var ber = BerConverter.Encode("{tststs}",
LDAP_TAG_EXOP_MODIFY_PASSWD_ID, accountDN,
LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, oldPasswd,
LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, newPasswd);
var modifyPasswdRequest = new ExtendedRequest(LDAP_EXOP_MODIFY_PASSWD, ber);
try
{
// 認証したいユーザーでバインドする
ldapConnection.Bind();
// パスワード変更要求を送信
var modifyPasswdResponse = (ExtendedResponse)ldapConnection.SendRequest(modifyPasswdRequest);
// 応答が「成功」か確認
if (modifyPasswdResponse.ResultCode != ResultCode.Success)
{
throw new Exception("Could not change password. ("
+ Enum.GetName(typeof(ResultCode), modifyPasswdResponse.ResultCode) + ")");
}
}
finally
{
if (ldapConnection != null)
{
try
{
ldapConnection.Dispose();
}
catch (Exception e)
{
System.Diagnostics.Debug.WriteLine(e);
}
}
}
}
public void Encode_Invalid_ThrowsArgumentException(string format, object[] values)
{
AssertExtensions.Throws <ArgumentException>(null, () => BerConverter.Encode(format, values));
}
public byte[] Encode()
{
return(BerConverter.Encode("{st{v}}", this.Type, 0x31, this.Vals));
}
public void Encode_Objects_ReturnsExpected(string format, object[] values, byte[] expected)
{
AssertExtensions.Equal(expected, BerConverter.Encode(format, values));
}
static void DoBerEncoding()
{
try
{
bool boolValue = true;
int intValue = 5;
byte[] binaryValue = new byte[] { 0x00, 0x01, 0x02, 0x03 };
string strValue = "abcdef";
string[] strValues = { "abc", "def", "xyzw" };
byte[][] binaryValues =
{
new byte[] { 0x00, 0x01, 0x02, 0x03 },
new byte[] { 0x04, 0x05, 0x06, 0x07 },
new byte[] { 0x08, 0x09,0x0A },
new byte[] { 0x0B, 0x0C }
};
Console.WriteLine("\r\nBer encoding objects...");
byte[] berEncodedValue = BerConverter.Encode("{bios{v}{V}}",
new object[] {
boolValue,
intValue,
binaryValue,
strValue,
strValues,
binaryValues
});
Console.WriteLine("\r\nBer decoding the byte array...");
object[] decodedObjects = BerConverter.Decode("{biOavV}",
berEncodedValue);
Console.WriteLine("\r\nThe decoded objects are:");
foreach (object o in decodedObjects)
{
if (o is byte[])
{
Console.WriteLine(ByteArrayToStringInHex((byte[])o));
}
else if (o is byte[][])
{
byte[][] byteArrays = (byte[][])o;
for (int i = 0; i < byteArrays.Length; i++)
{
Console.Write(ByteArrayToStringInHex(byteArrays[i])
+ " - ");
}
Console.WriteLine();
}
else if (o is string[])
{
string[] strArray = (string[])o;
for (int i = 0; i < strArray.Length; i++)
{
Console.Write(strArray[i] + " - ");
}
Console.WriteLine();
}
else
{
Console.WriteLine(o);
}
}
}
catch (BerConversionException e)
{
Console.WriteLine("BerConversionException:" + e.Message);
}
catch (ArgumentException e)
{
Console.WriteLine("ArgumentException:" + e.Message);
}
}
public override byte[] GetValue()
{
_directoryControlValue = BerConverter.Encode("{s}", new object[] { AttributeName });
return(base.GetValue());
}
internal byte[] GetValue()
{
return(BerConverter.Encode("{ibb}", (int)this.ChangeTypes, this.ChangesOnly, this.ReturnEntryChangeNotificationControls));
}