internal DirectoryEntry(object adsObject, bool useCache, string username, string password, AuthenticationTypes authenticationType)
{
this.adsObject = adsObject as UnsafeNativeMethods.IAds;
if (this.adsObject == null)
{
throw new ArgumentException(Res.GetString(Res.DSDoesNotImplementIADs));
}
// GetInfo is not needed here. ADSI executes an implicit GetInfo when GetEx
// is called on the PropertyValueCollection. 0x800704BC error might be returned
// on some WinNT entries, when iterating through 'Users' group members.
// if (forceBind)
// this.adsObject.GetInfo();
path = this.adsObject.ADsPath;
this.useCache = useCache;
this.authenticationType = authenticationType;
if (username != null && password != null)
{
this.credentials = new NetworkCredential(username, password);
}
if (!useCache)
{
CommitChanges();
}
}
private void Unbind()
{
if (adsObject != null)
{
System.Runtime.InteropServices.Marshal.ReleaseComObject(adsObject);
}
adsObject = null;
browseGranted = false;
writeGranted = false;
}
internal DirectoryEntry(object adsObject, bool useCache, string username, string password, AuthenticationTypes authenticationType, bool AdsObjIsExternal)
{
_adsObject = adsObject as UnsafeNativeMethods.IAds;
if (_adsObject == null)
{
throw new ArgumentException(SR.DSDoesNotImplementIADs);
}
// GetInfo is not needed here. ADSI executes an implicit GetInfo when GetEx
// is called on the PropertyValueCollection. 0x800704BC error might be returned
// on some WinNT entries, when iterating through 'Users' group members.
// if (forceBind)
// this.adsObject.GetInfo();
_path = _adsObject.ADsPath;
_useCache = useCache;
_authenticationType = authenticationType;
_credentials = new NetworkCredential(username, password);
if (username == null)
{
_userNameIsNull = true;
}
if (password == null)
{
_passwordIsNull = true;
}
if (!useCache)
{
CommitChanges();
}
_options = new DirectoryEntryConfiguration(this);
// We are starting from an already bound connection so make sure the options are set properly.
// If this is an externallly managed com object then we don't want to change it's current behavior
if (!AdsObjIsExternal)
{
InitADsObjectOptions();
}
}
/// <include file='doc\DirectoryEntry.uex' path='docs/doc[@for="DirectoryEntry.MoveTo1"]/*' />
/// <devdoc>
/// <para>Moves this entry to the given parent, and gives it a new name.</para>
/// </devdoc>
public void MoveTo(DirectoryEntry newParent, string newName)
{
if (!(newParent.AdsObject is UnsafeNativeMethods.IAdsContainer))
{
throw new InvalidOperationException(Res.GetString(Res.DSNotAContainer, newParent.Path));
}
object newEntry = newParent.ContainerObject.MoveHere(Path, newName);
if (Bound)
{
System.Runtime.InteropServices.Marshal.ReleaseComObject(adsObject); // release old handle
}
this.adsObject = (UnsafeNativeMethods.IAds)newEntry;
path = this.adsObject.ADsPath;
if (!useCache)
{
CommitChanges();
}
else
{
RefreshCache(); // in ADSI cache is lost after moving
}
}
internal void Bind(bool throwIfFail)
{
//Cannot rebind after the object has been disposed, since finalization has been suppressed.
if (_disposed)
throw new ObjectDisposedException(GetType().Name);
if (_adsObject == null)
{
string pathToUse = Path;
if (pathToUse == null || pathToUse.Length == 0)
{
// get the default naming context. This should be the default root for the search.
DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE", true, null, null, AuthenticationTypes.Secure);
//SECREVIEW: Looking at the root of the DS will demand browse permissions
// on "*" or "LDAP://RootDSE".
string defaultNamingContext = (string)rootDSE.Properties["defaultNamingContext"][0];
rootDSE.Dispose();
pathToUse = "LDAP://" + defaultNamingContext;
}
// Ensure we've got a thread model set, else CoInitialize() won't have been called.
if (Thread.CurrentThread.GetApartmentState() == ApartmentState.Unknown)
Thread.CurrentThread.SetApartmentState(ApartmentState.MTA);
Guid g = new Guid("00000000-0000-0000-c000-000000000046"); // IID_IUnknown
object value = null;
int hr = UnsafeNativeMethods.ADsOpenObject(pathToUse, GetUsername(), GetPassword(), (int)_authenticationType, ref g, out value);
if (hr != 0)
{
if (throwIfFail)
throw COMExceptionHelper.CreateFormattedComException(hr);
}
else
{
_adsObject = (UnsafeNativeMethods.IAds)value;
}
InitADsObjectOptions();
}
}
internal DirectoryEntry(object adsObject, bool useCache, string username, string password, AuthenticationTypes authenticationType, bool AdsObjIsExternal)
{
_adsObject = adsObject as UnsafeNativeMethods.IAds;
if (_adsObject == null)
throw new ArgumentException(Res.GetString(Res.DSDoesNotImplementIADs));
// GetInfo is not needed here. ADSI executes an implicit GetInfo when GetEx
// is called on the PropertyValueCollection. 0x800704BC error might be returned
// on some WinNT entries, when iterating through 'Users' group members.
// if (forceBind)
// this.adsObject.GetInfo();
_path = _adsObject.ADsPath;
_useCache = useCache;
_authenticationType = authenticationType;
_credentials = new NetworkCredential(username, password);
if (username == null)
_userNameIsNull = true;
if (password == null)
_passwordIsNull = true;
if (!useCache)
CommitChanges();
_options = new DirectoryEntryConfiguration(this);
// We are starting from an already bound connection so make sure the options are set properly.
// If this is an externallly managed com object then we don't want to change it's current behavior
if (!AdsObjIsExternal)
{
InitADsObjectOptions();
}
}
private void Unbind()
{
if (_adsObject != null)
System.Runtime.InteropServices.Marshal.ReleaseComObject(_adsObject);
_adsObject = null;
// we need to release that properties table.
_propertyCollection = null;
// need to refresh the objectSecurity property
_objectSecurityInitialized = false;
_objectSecurityModified = false;
}
/// <include file='doc\DirectoryEntry.uex' path='docs/doc[@for="DirectoryEntry.MoveTo1"]/*' />
/// <devdoc>
/// <para>Moves this entry to the given parent, and gives it a new name.</para>
/// </devdoc>
public void MoveTo(DirectoryEntry newParent, string newName)
{
object newEntry = null;
if (!(newParent.AdsObject is UnsafeNativeMethods.IAdsContainer))
throw new InvalidOperationException(Res.GetString(Res.DSNotAContainer, newParent.Path));
try
{
if (AdsObject.ADsPath.StartsWith("WinNT:", StringComparison.Ordinal))
{
// get the ADsPath instead of using Path as ADsPath for the case that "WinNT://computername" is passed in while we need "WinNT://domain/computer"
string childPath = AdsObject.ADsPath;
string parentPath = newParent.AdsObject.ADsPath;
// we know ADsPath does not end with object type qualifier like ",computer" so it is fine to compare with whole newparent's adspath
// for the case that child has different components from newparent in the aspects other than case, we don't do any processing, just let ADSI decide in case future adsi change
if (System.DirectoryServices.ActiveDirectory.Utils.Compare(childPath, 0, parentPath.Length, parentPath, 0, parentPath.Length) == 0)
{
uint compareFlags = System.DirectoryServices.ActiveDirectory.Utils.NORM_IGNORENONSPACE |
System.DirectoryServices.ActiveDirectory.Utils.NORM_IGNOREKANATYPE |
System.DirectoryServices.ActiveDirectory.Utils.NORM_IGNOREWIDTH |
System.DirectoryServices.ActiveDirectory.Utils.SORT_STRINGSORT;
// work around the ADSI case sensitive
if (System.DirectoryServices.ActiveDirectory.Utils.Compare(childPath, 0, parentPath.Length, parentPath, 0, parentPath.Length, compareFlags) != 0)
{
childPath = parentPath + childPath.Substring(parentPath.Length);
}
}
newEntry = newParent.ContainerObject.MoveHere(childPath, newName);
}
else
{
newEntry = newParent.ContainerObject.MoveHere(Path, newName);
}
}
catch (COMException e)
{
throw COMExceptionHelper.CreateFormattedComException(e);
}
if (Bound)
System.Runtime.InteropServices.Marshal.ReleaseComObject(_adsObject); // release old handle
_adsObject = (UnsafeNativeMethods.IAds)newEntry;
_path = _adsObject.ADsPath;
// Reset the options on the ADSI object since there were lost when the new object was created.
InitADsObjectOptions();
if (!_useCache)
CommitChanges();
else
RefreshCache(); // in ADSI cache is lost after moving
}
private SearchResultCollection FindAll(bool findMoreThanOne)
{
//if it is not of valid searching type, then throw an exception
if (SearchRoot == null)
{
Version adsVersion = GetAdsVersion();
throw new InvalidOperationException(Res.GetString(Res.DSVersion, adsVersion.ToString()));
}
DirectoryEntry clonedRoot = null;
if (assertDefaultNamingContext == null)
{
clonedRoot = SearchRoot.CloneBrowsable();
}
else
{
//SECREVIEW: If the SearchRoot was created by this object
// it is safe to assert its browse permission to get
// the inner IAds.
DirectoryServicesPermission dsPermission = new DirectoryServicesPermission(
DirectoryServicesPermissionAccess.Browse, assertDefaultNamingContext);
dsPermission.Assert();
try {
clonedRoot = SearchRoot.CloneBrowsable();
}
finally {
DirectoryServicesPermission.RevertAssert();
}
}
UnsafeNativeMethods.IAds adsObject = clonedRoot.AdsObject;
if (!(adsObject is UnsafeNativeMethods.IDirectorySearch))
{
throw new NotSupportedException(Res.GetString(Res.DSSearchUnsupported, SearchRoot.Path));
}
UnsafeNativeMethods.IDirectorySearch adsSearch = (UnsafeNativeMethods.IDirectorySearch)adsObject;
SetSearchPreferences(adsSearch, findMoreThanOne);
string[] properties = null;
if (PropertiesToLoad.Count > 0)
{
if (!PropertiesToLoad.Contains("ADsPath"))
{
// if we don't get this property, we won't be able to return a list of DirectoryEntry objects!
PropertiesToLoad.Add("ADsPath");
}
properties = new string[PropertiesToLoad.Count];
PropertiesToLoad.CopyTo(properties, 0);
}
IntPtr resultsHandle;
if (properties != null)
{
adsSearch.ExecuteSearch(Filter, properties, properties.Length, out resultsHandle);
}
else
{
adsSearch.ExecuteSearch(Filter, null, -1, out resultsHandle);
properties = new string[0];
}
SearchResultCollection result = new SearchResultCollection(clonedRoot, resultsHandle, properties, Filter);
return(result);
}
private void Bind(bool throwIfFail)
{
//Cannot rebind after the object has been disposed, since finalization has been suppressed.
if (this.disposed)
{
throw new ObjectDisposedException(GetType().Name);
}
if (Path != null && Path.Length != 0)
{
//SECREVIEW: Need to demand permission event if adsObject is not null
// this entry might be the result of a search, need to verify
// if the user has permission to browse the object first.
if (!browseGranted)
{
DirectoryServicesPermission permission = new DirectoryServicesPermission(DirectoryServicesPermissionAccess.Browse, Path);
permission.Demand();
browseGranted = true;
}
}
if (adsObject == null)
{
string pathToUse = Path;
if (pathToUse == null || pathToUse.Length == 0)
{
// get the default naming context. This should be the default root for the search.
DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");
//SECREVIEW: Looking at the root of the DS will demand browse permissions
// on "*" or "LDAP://RootDSE".
string defaultNamingContext = (string)rootDSE.Properties["defaultNamingContext"][0];
rootDSE.Dispose();
pathToUse = "LDAP://" + defaultNamingContext;
if (!browseGranted)
{
DirectoryServicesPermission permission = new DirectoryServicesPermission(DirectoryServicesPermissionAccess.Browse, pathToUse);
permission.Demand();
browseGranted = true;
}
}
// Ensure we've got a thread model set, else CoInitialize() won't have been called.
if (Thread.CurrentThread.ApartmentState == ApartmentState.Unknown)
{
Thread.CurrentThread.ApartmentState = ApartmentState.MTA;
}
Guid g = new Guid("00000000-0000-0000-c000-000000000046"); // IID_IUnknown
object value = null;
int hr = UnsafeNativeMethods.ADsOpenObject(pathToUse, Username, Password, (int)authenticationType, ref g, out value);
if (hr != 0)
{
if (throwIfFail)
{
throw CreateFormattedComException(hr);
}
}
else
{
adsObject = (UnsafeNativeMethods.IAds)value;
}
}
}
