protected bool SetPrimaryGroupId(DatastoreObject targetObject, object targetObjectIdentifier, int groupId, bool skipMetaUpdate)
{
if (!targetObject.IsAccount)
{
throw new DirectoryObjectOperationException(Resources.ObjectNotAccountMessage, targetObjectIdentifier);
}
// TODO: Validator.ValidateRid
// TODO: Test if the rid exists?
using (var transaction = this.context.BeginTransaction())
{
this.dataTableCursor.BeginEditForUpdate();
bool hasChanged = targetObject.SetAttribute<int>(CommonDirectoryAttributes.PrimaryGroupId, groupId);
this.CommitAttributeUpdate(targetObject, CommonDirectoryAttributes.PrimaryGroupId, transaction, hasChanged, skipMetaUpdate);
return hasChanged;
}
}
public IEnumerable<DSAccount> GetAccounts(byte[] bootKey)
{
var pek = this.GetSecretDecryptor(bootKey);
// TODO: Use a more suitable index?
string samAccountTypeIndex = this.context.Schema.FindIndexName(CommonDirectoryAttributes.SamAccountType);
this.dataTableCursor.CurrentIndex = samAccountTypeIndex;
// Find all objects with the right sAMAccountType that are writable and not deleted:
// TODO: Lock cursor?
while (this.dataTableCursor.MoveNext())
{
var obj = new DatastoreObject(this.dataTableCursor, this.context);
// TODO: This probably does not work on RODCs:
if(obj.IsDeleted || !obj.IsWritable || !obj.IsAccount)
{
continue;
}
yield return new DSAccount(obj, pek);
}
}
protected void CommitAttributeUpdate(DatastoreObject obj, string attributeName, IsamTransaction transaction, bool hasChanged, bool skipMetaUpdate)
{
if (hasChanged)
{
if (!skipMetaUpdate)
{
// Increment the current USN
long currentUsn = ++this.context.DomainController.HighestCommittedUsn;
DateTime now = DateTime.Now;
obj.UpdateAttributeMeta(attributeName, currentUsn, now);
}
this.dataTableCursor.AcceptChanges();
transaction.Commit();
}
else
{
// No changes have been made to the object
this.dataTableCursor.RejectChanges();
transaction.Abort();
}
}
protected bool AddSidHistory(DatastoreObject targetObject, object targetObjectIdentifier, SecurityIdentifier[] sidHistory, bool skipMetaUpdate)
{
if (!targetObject.IsSecurityPrincipal)
{
throw new DirectoryObjectOperationException(Resources.ObjectNotSecurityPrincipalMessage, targetObjectIdentifier);
}
using (var transaction = this.context.BeginTransaction())
{
this.dataTableCursor.BeginEditForUpdate();
bool hasChanged = targetObject.AddAttribute(CommonDirectoryAttributes.SIDHistory, sidHistory);
this.CommitAttributeUpdate(targetObject, CommonDirectoryAttributes.SIDHistory, transaction, hasChanged, skipMetaUpdate);
return hasChanged;
}
}
/// <summary>
///
/// </summary>
/// <param name="samAccountName"></param>
/// <exception cref="DirectoryObjectNotFoundException"></exception>
public DatastoreObject FindObject(string samAccountName)
{
string samAccountNameIndex = this.context.Schema.FindIndexName(CommonDirectoryAttributes.SAMAccountName);
this.dataTableCursor.CurrentIndex = samAccountNameIndex;
this.dataTableCursor.FindRecords(MatchCriteria.EqualTo, Key.Compose(samAccountName));
// Find first object with the right sAMAccountName, that is writable and not deleted:
while (this.dataTableCursor.MoveNext())
{
var currentObject = new DatastoreObject(this.dataTableCursor, this.context);
if (currentObject.IsWritable && !currentObject.IsDeleted)
{
return currentObject;
}
}
// If the code execution comes here, we have not found any object matching the criteria.
throw new DirectoryObjectNotFoundException(samAccountName);
}
public IEnumerable<DirectoryObject> FindObjectsByCategory(string className, bool includeDeleted = false)
{
// Find all objects with the right objectCategory
string objectCategoryIndex = this.context.Schema.FindIndexName(CommonDirectoryAttributes.ObjectCategory);
this.dataTableCursor.CurrentIndex = objectCategoryIndex;
int classId = this.context.Schema.FindClassId(className);
this.dataTableCursor.FindRecords(MatchCriteria.EqualTo, Key.Compose(classId));
// TODO: Lock cursor?
while (this.dataTableCursor.MoveNext())
{
var obj = new DatastoreObject(this.dataTableCursor, this.context);
// Optionally skip deleted objects
if (!includeDeleted && obj.IsDeleted)
{
continue;
}
yield return obj;
}
}
protected DSAccount GetAccount(DatastoreObject foundObject, object objectIdentifier, byte[] bootKey)
{
if (!foundObject.IsAccount)
{
throw new DirectoryObjectOperationException(Resources.ObjectNotSecurityPrincipalMessage, objectIdentifier);
}
var pek = GetSecretDecryptor(bootKey);
return new DSAccount(foundObject, pek);
}