public override LDAPObject GetDomain(LDAPSupportSettings settings)
{
try
{
string password;
var type = AuthenticationTypes.ReadonlyServer | AuthenticationTypes.Secure;
try
{
password = new UnicodeEncoding().GetString(InstanceCrypto.Decrypt(settings.PasswordBytes));
}
catch (Exception)
{
password = string.Empty;
}
if (settings.PortNumber == Constants.SSL_LDAP_PORT)
{
type |= AuthenticationTypes.SecureSocketsLayer;
}
var entry = settings.Authentication
? new DirectoryEntry(settings.Server + ":" + settings.PortNumber, settings.Login, password,
type)
: new DirectoryEntry(settings.Server + ":" + settings.PortNumber);
return(LDAPObjectFactory.CreateObject(entry));
}
catch (Exception e)
{
Log.WarnFormat("Can't get current domain. May be current user has not needed permissions. {0}", e);
return(null);
}
}
private List <LDAPObject> SearchInternal(string root, string criteria, SearchScope scope,
LDAPSupportSettings settings)
{
_log.InfoFormat("ADDomain.Search(root: \"{0}\", criteria: \"{1}\", scope: {2})",
root, criteria, scope);
var entries = Search(root, criteria, scope, settings) ?? new List <DirectoryEntry>(0);
return(LDAPObjectFactory.CreateObjects(entries));
}
public List <LDAPObject> Search(string login, string password, string server, int portNumber,
int scope, bool startTls, string searchFilter = null,
string disnguishedName = null, string[] attributes = null)
{
if (portNumber != LdapConnection.DEFAULT_PORT && portNumber != LdapConnection.DEFAULT_SSL_PORT)
{
throw new SystemException("Wrong port");
}
if (server.StartsWith("LDAP://"))
{
server = server.Substring("LDAP://".Length);
}
var entries = new List <LdapEntry>();
var ldapConnection = new LdapConnection();
if (startTls || portNumber == LdapConnection.DEFAULT_SSL_PORT)
{
ldapConnection.UserDefinedServerCertValidationDelegate += ServerCertValidationHandler;
}
ldapConnection.Connect(server, portNumber);
if (portNumber == LdapConnection.DEFAULT_SSL_PORT)
{
ldapConnection.SecureSocketLayer = true;
}
if (startTls) // does not call stopTLS because it does not work
{
ldapConnection.startTLS();
}
ldapConnection.Bind(LdapConnection.Ldap_V3, login, password);
if (startTls)
{
var errorMessage = ServerCertValidate();
// error in ServerCertValidationHandler
if (!string.IsNullOrEmpty(errorMessage))
{
ldapConnection.Disconnect();
throw new Exception(errorMessage);
}
}
// certificate confirmation requested
if ((startTls && _certificateConfirmRequest != null &&
_certificateConfirmRequest.Requested && !_certificateConfirmRequest.Approved))
{
_log.Debug("LDAP certificate confirmation requested.");
ldapConnection.Disconnect();
var exception = new NovellLdapTlsCertificateRequestedException
{
CertificateConfirmRequest = _certificateConfirmRequest
};
throw exception;
}
if (searchFilter == null)
{
ldapConnection.Disconnect();
return(null);
}
if (attributes == null)
{
var ldapUniqueIdAttribute = ConfigurationManager.AppSettings["ldap.unique.id"];
if (ldapUniqueIdAttribute == null)
{
attributes = new[]
{
"*", Constants.RfcLDAPAttributes.ENTRY_DN, Constants.RfcLDAPAttributes.ENTRY_UUID,
Constants.RfcLDAPAttributes.NS_UNIQUE_ID, Constants.RfcLDAPAttributes.GUID
};
}
else
{
attributes = new[] { "*", ldapUniqueIdAttribute };
}
}
var ldapSearchConstraints = new LdapSearchConstraints
{
MaxResults = int.MaxValue,
HopLimit = 0
};
var ldapSearchResults = ldapConnection.Search(disnguishedName,
scope, searchFilter, attributes, false, ldapSearchConstraints);
while (ldapSearchResults.hasMore())
{
LdapEntry nextEntry;
try
{
nextEntry = ldapSearchResults.next();
}
catch (LdapException)
{
continue;
}
if (nextEntry != null)
{
entries.Add(nextEntry);
}
}
var result = LDAPObjectFactory.CreateObjects(entries);
ldapConnection.Disconnect();
return(result);
}
