private string BuildPathFromDN(string dn) { string userSuppliedServerName = this.storeCtx.UserSuppliedServerName; if (this.pathCracker == null) { lock (this.pathLock) { if (this.pathCracker == null) { UnsafeNativeMethods.Pathname pathname = new UnsafeNativeMethods.Pathname(); this.pathCracker = (UnsafeNativeMethods.IADsPathname)pathname; this.pathCracker.EscapedMode = 2; } } } this.pathCracker.Set(dn, 4); string str = this.pathCracker.Retrieve(7); if (userSuppliedServerName.Length <= 0) { return(string.Concat("LDAP://", str)); } else { return(string.Concat("LDAP://", this.storeCtx.UserSuppliedServerName, "/", str)); } }
private string BuildPathFromDN(string dn) { string userSuppliedServername = _storeCtx.UserSuppliedServerName; UnsafeNativeMethods.Pathname pathCracker = new UnsafeNativeMethods.Pathname(); UnsafeNativeMethods.IADsPathname pathName = (UnsafeNativeMethods.IADsPathname)pathCracker; pathName.EscapedMode = 2 /* ADS_ESCAPEDMODE_ON */; pathName.Set(dn, 4 /* ADS_SETTYPE_DN */); string escapedDn = pathName.Retrieve(7 /* ADS_FORMAT_X500_DN */); if (userSuppliedServername.Length > 0) { return("LDAP://" + _storeCtx.UserSuppliedServerName + "/" + escapedDn); } else { return("LDAP://" + escapedDn); } }
private string BuildPathFromDN(string dn) { string userSuppliedServerName = this.storeCtx.UserSuppliedServerName; UnsafeNativeMethods.Pathname pathname = new UnsafeNativeMethods.Pathname(); UnsafeNativeMethods.IADsPathname aDsPathname = (UnsafeNativeMethods.IADsPathname)pathname; aDsPathname.EscapedMode = 2; aDsPathname.Set(dn, 4); string str = aDsPathname.Retrieve(7); if (userSuppliedServerName.Length <= 0) { return(string.Concat("LDAP://", str)); } else { return(string.Concat("LDAP://", this.storeCtx.UserSuppliedServerName, "/", str)); } }
protected override void LoadDomainInfo() { this.dnsHostName = ADUtils.GetServerName(this.ctxBase); this.domainFlatName = this.userSuppliedServerName; this.forestDnsName = this.userSuppliedServerName; this.domainDnsName = this.userSuppliedServerName; using (DirectoryEntry directoryEntry = new DirectoryEntry(string.Concat("LDAP://", this.userSuppliedServerName, "/rootDse"), "", "", AuthenticationTypes.Anonymous)) { string item = (string)this.ctxBase.Properties["distinguishedName"][0]; int length = -1; foreach (string str in directoryEntry.Properties["namingContexts"]) { if (str.Length <= length || !item.EndsWith(str, StringComparison.OrdinalIgnoreCase)) { continue; } length = str.Length; this.contextBasePartitionDN = str; } } UnsafeNativeMethods.Pathname pathname = new UnsafeNativeMethods.Pathname(); UnsafeNativeMethods.IADsPathname aDsPathname = (UnsafeNativeMethods.IADsPathname)pathname; aDsPathname.Set(this.ctxBase.Path, 1); try { this.userSuppliedServerName = aDsPathname.Retrieve(9); } catch (COMException cOMException1) { COMException cOMException = cOMException1; if (cOMException.ErrorCode != -2147463168) { throw; } else { this.userSuppliedServerName = ""; } } }
private string BuildPathFromDN(string dn) { string userSuppliedServername = _storeCtx.UserSuppliedServerName; if (null == _pathCracker) { lock (_pathLock) { if (null == _pathCracker) { UnsafeNativeMethods.Pathname pathNameObj = new UnsafeNativeMethods.Pathname(); _pathCracker = (UnsafeNativeMethods.IADsPathname)pathNameObj; _pathCracker.EscapedMode = 2 /* ADS_ESCAPEDMODE_ON */; } } } _pathCracker.Set(dn, 4 /* ADS_SETTYPE_DN */); string escapedDn = _pathCracker.Retrieve(7 /* ADS_FORMAT_X500_DN */); if (userSuppliedServername.Length > 0) return "LDAP://" + _storeCtx.UserSuppliedServerName + "/" + escapedDn; else return "LDAP://" + escapedDn; }
private bool MoveNextLocal() { bool needToRetry; do { needToRetry = false; bool f = _membersEnumerator.MoveNext(); if (f) // got a value { GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMMembersSet", "MoveNextLocal: got a value from the enumerator"); UnsafeNativeMethods.IADs nativeMember = (UnsafeNativeMethods.IADs)_membersEnumerator.Current; // If we encountered a group member corresponding to a fake principal such as // NT AUTHORITY/NETWORK SERVICE, construct and prepare to return the fake principal. byte[] sid = (byte[])nativeMember.Get("objectSid"); SidType sidType = Utils.ClassifySID(sid); if (sidType == SidType.FakeObject) { GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMMembersSet", "MoveNextLocal: fake principal, sid={0}", Utils.ByteArrayToString(sid)); _currentFakePrincipal = _storeCtx.ConstructFakePrincipalFromSID(sid); _current = null; _currentForeign = null; if (_foreignResultSet != null) { _foreignResultSet.Dispose(); } _foreignResultSet = null; return(true); } // We do this, rather than using the DirectoryEntry constructor that takes a native IADs object, // is so the credentials get transferred to the new DirectoryEntry. If we just use the native // object constructor, the native object will have the right credentials, but the DirectoryEntry // will have default (null) credentials, which it'll use anytime it needs to use credentials. DirectoryEntry de = SDSUtils.BuildDirectoryEntry( _storeCtx.Credentials, _storeCtx.AuthTypes); if (sidType == SidType.RealObjectFakeDomain) { // Transform the "WinNT://BUILTIN/foo" path to "WinNT://machineName/foo" string builtinADsPath = nativeMember.ADsPath; UnsafeNativeMethods.Pathname pathCracker = new UnsafeNativeMethods.Pathname(); UnsafeNativeMethods.IADsPathname pathName = (UnsafeNativeMethods.IADsPathname)pathCracker; pathName.Set(builtinADsPath, 1 /* ADS_SETTYPE_FULL */); // Build the "WinNT://" portion of the new path StringBuilder adsPath = new StringBuilder(); adsPath.Append("WinNT://"); //adsPath.Append(pathName.Retrieve(9 /*ADS_FORMAT_SERVER */)); // Build the "WinNT://machineName/" portion of the new path adsPath.Append(_storeCtx.MachineUserSuppliedName); adsPath.Append('/'); // Build the "WinNT://machineName/foo" portion of the new path int cElements = pathName.GetNumElements(); Debug.Assert(cElements >= 2); // "WinNT://BUILTIN/foo" == 2 elements // Note that the ADSI WinNT provider indexes them backwards, e.g., in // "WinNT://BUILTIN/A/B", BUILTIN == 2, A == 1, B == 0. for (int i = cElements - 2; i >= 0; i--) { adsPath.Append(pathName.GetElement(i)); adsPath.Append('/'); } adsPath.Remove(adsPath.Length - 1, 1); // remove the trailing "/" de.Path = adsPath.ToString(); GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMMembersSet", "MoveNextLocal: fake domain: {0} --> {1}", builtinADsPath, adsPath); } else { Debug.Assert(sidType == SidType.RealObject); de.Path = nativeMember.ADsPath; GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMMembersSet", "MoveNextLocal: real domain {0}", de.Path); } // Debug.Assert(Utils.AreBytesEqual(sid, (byte[]) de.Properties["objectSid"].Value)); if (IsLocalMember(sid)) { // If we're processing recursively, and the member is a group, // we don't return it but instead treat it as something to recursively // visit (expand) later. if (!_recursive || !SAMUtils.IsOfObjectClass(de, "Group")) { GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMMembersSet", "MoveNextLocal: setting current to {0}", de.Path); // Not recursive, or not a group. Return the principal. _current = de; _currentFakePrincipal = null; _currentForeign = null; if (_foreignResultSet != null) { _foreignResultSet.Dispose(); } _foreignResultSet = null; return(true); } else { GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMMembersSet", "MoveNextLocal: adding {0} to groupsToVisit", de.Path); // Save off for later, if we haven't done so already. if (!_groupsVisited.Contains(de.Path) && !_groupsToVisit.Contains(de.Path)) { _groupsToVisit.Add(de.Path); } needToRetry = true; continue; } } else { // It's a foreign principal (e..g, an AD user or group). // Save it off for later. GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMMembersSet", "MoveNextLocal: adding {0} to foreignMembers", de.Path); _foreignMembers.Add(de); needToRetry = true; continue; } } else { // We reached the end of this group's membership. // If we're supposed to be recursively expanding, we need to expand // any remaining non-foreign groups we earlier visited. if (_recursive) { GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMMembersSet", "MoveNextLocal: recursive processing, groupsToVisit={0}", _groupsToVisit.Count); if (_groupsToVisit.Count > 0) { // Pull off the next group to visit string groupPath = _groupsToVisit[0]; GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMMembersSet", "MoveNextLocal: recursively processing {0}", groupPath); _groupsToVisit.RemoveAt(0); _groupsVisited.Add(groupPath); // Set up for the next round of enumeration DirectoryEntry de = SDSUtils.BuildDirectoryEntry( groupPath, _storeCtx.Credentials, _storeCtx.AuthTypes); _group = (UnsafeNativeMethods.IADsGroup)de.NativeObject; UnsafeNativeMethods.IADsMembers iADsMembers = _group.Members(); _membersEnumerator = ((IEnumerable)iADsMembers).GetEnumerator(); // and go on to the first member of this new group needToRetry = true; continue; } } } }while (needToRetry); return(false); }
// Must be called inside of lock(domainInfoLock) protected override void LoadDomainInfo() { GlobalDebug.WriteLineIf(GlobalDebug.Info, "ADStoreCtx", "LoadComputerInfo"); Debug.Assert(this.ctxBase != null); // // DNS Domain Name // this.dnsHostName = ADUtils.GetServerName(this.ctxBase); // Treat the user supplied server name as the domain and forest name... this.domainFlatName = userSuppliedServerName; this.forestDnsName = userSuppliedServerName; this.domainDnsName = userSuppliedServerName; // // Find the partition in which the supplied ctxBase belongs by comparing it with the list of partitions hosted by this // LDS (ADAM) instance. // using (DirectoryEntry rootDse = new DirectoryEntry("LDAP://" + this.userSuppliedServerName + "/rootDse", "", "", AuthenticationTypes.Anonymous)) { string ctxBaseDN = (string)this.ctxBase.Properties["distinguishedName"][0]; int maxMatchLength = -1; foreach (string partitionDN in rootDse.Properties["namingContexts"]) { if ((partitionDN.Length > maxMatchLength) && ctxBaseDN.EndsWith(partitionDN, StringComparison.OrdinalIgnoreCase)) { maxMatchLength = partitionDN.Length; this.contextBasePartitionDN = partitionDN; } } } // // User supplied name // UnsafeNativeMethods.Pathname pathCracker = new UnsafeNativeMethods.Pathname(); UnsafeNativeMethods.IADsPathname pathName = (UnsafeNativeMethods.IADsPathname)pathCracker; pathName.Set(this.ctxBase.Path, 1 /* ADS_SETTYPE_FULL */); try { this.userSuppliedServerName = pathName.Retrieve(9 /*ADS_FORMAT_SERVER */); GlobalDebug.WriteLineIf(GlobalDebug.Info, "ADStoreCtx", "LoadComputerInfo: using user-supplied name {0}", this.userSuppliedServerName); } catch (COMException e) { if (((uint)e.ErrorCode) == ((uint)0x80005000)) // E_ADS_BAD_PATHNAME { // Serverless path GlobalDebug.WriteLineIf(GlobalDebug.Info, "ADStoreCtx", "LoadComputerInfo: using empty string as user-supplied name"); this.userSuppliedServerName = ""; } else { GlobalDebug.WriteLineIf(GlobalDebug.Error, "ADStoreCtx", "LoadComputerInfo: caught COMException {0} {1} looking for user-supplied name", e.ErrorCode, e.Message); throw; } } }
private bool MoveNextLocal() { bool flag; do { flag = false; bool flag1 = this.membersEnumerator.MoveNext(); if (!flag1) { if (!this.recursive || this.groupsToVisit.Count <= 0) { continue; } string item = this.groupsToVisit[0]; this.groupsToVisit.RemoveAt(0); this.groupsVisited.Add(item); DirectoryEntry directoryEntry = SDSUtils.BuildDirectoryEntry(item, this.storeCtx.Credentials, this.storeCtx.AuthTypes); this.@group = (UnsafeNativeMethods.IADsGroup)directoryEntry.NativeObject; UnsafeNativeMethods.IADsMembers aDsMember = [email protected](); this.membersEnumerator = ((IEnumerable)aDsMember).GetEnumerator(); flag = true; } else { UnsafeNativeMethods.IADs current = (UnsafeNativeMethods.IADs) this.membersEnumerator.Current; byte[] numArray = (byte[])current.Get("objectSid"); SidType sidType = Utils.ClassifySID(numArray); if (sidType != SidType.FakeObject) { DirectoryEntry aDsPath = SDSUtils.BuildDirectoryEntry(this.storeCtx.Credentials, this.storeCtx.AuthTypes); if (sidType != SidType.RealObjectFakeDomain) { aDsPath.Path = current.ADsPath; } else { string str = current.ADsPath; UnsafeNativeMethods.Pathname pathname = new UnsafeNativeMethods.Pathname(); UnsafeNativeMethods.IADsPathname aDsPathname = (UnsafeNativeMethods.IADsPathname)pathname; aDsPathname.Set(str, 1); StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append("WinNT://"); stringBuilder.Append(this.storeCtx.MachineUserSuppliedName); stringBuilder.Append("/"); int numElements = aDsPathname.GetNumElements(); for (int i = numElements - 2; i >= 0; i--) { stringBuilder.Append(aDsPathname.GetElement(i)); stringBuilder.Append("/"); } stringBuilder.Remove(stringBuilder.Length - 1, 1); aDsPath.Path = stringBuilder.ToString(); } if (!this.IsLocalMember(numArray)) { this.foreignMembers.Add(aDsPath); flag = true; } else { if (!this.recursive || !SAMUtils.IsOfObjectClass(aDsPath, "Group")) { this.current = aDsPath; this.currentFakePrincipal = null; this.currentForeign = null; if (this.foreignResultSet != null) { this.foreignResultSet.Dispose(); } this.foreignResultSet = null; return(true); } else { if (!this.groupsVisited.Contains(aDsPath.Path) && !this.groupsToVisit.Contains(aDsPath.Path)) { this.groupsToVisit.Add(aDsPath.Path); } flag = true; } } } else { this.currentFakePrincipal = this.storeCtx.ConstructFakePrincipalFromSID(numArray); this.current = null; this.currentForeign = null; if (this.foreignResultSet != null) { this.foreignResultSet.Dispose(); } this.foreignResultSet = null; return(true); } } }while (flag); return(false); }
private string BuildPathFromDN(string dn) { string userSuppliedServerName = this.storeCtx.UserSuppliedServerName; if (this.pathCracker == null) { lock (this.pathLock) { if (this.pathCracker == null) { UnsafeNativeMethods.Pathname pathname = new UnsafeNativeMethods.Pathname(); this.pathCracker = (UnsafeNativeMethods.IADsPathname)pathname; this.pathCracker.EscapedMode = 2; } } } this.pathCracker.Set(dn, 4); string str = this.pathCracker.Retrieve(7); if (userSuppliedServerName.Length <= 0) { return string.Concat("LDAP://", str); } else { return string.Concat("LDAP://", this.storeCtx.UserSuppliedServerName, "/", str); } }