Esempio n. 1
0
        public static int GetIndexForADObject(System.DirectoryServices.DirectoryEntry de)
        {
            try
            {
                object[] asProp = de.Properties["objectClass"].Value as object[];
                // poke these in a list for easier reference
                List <string> liClasses = new List <string>();
                foreach (string s in asProp)
                {
                    liClasses.Add(s);
                }
                if (liClasses.Contains("user") || liClasses.Contains("computer"))
                {
                    string usercontrol    = de.Properties["userAccountControl"].Value.ToString();
                    int    userControl    = Convert.ToInt32(usercontrol);
                    string userCtrlBinStr = UserGroupUtils.DecimalToBase(userControl, 2);
                    if (userCtrlBinStr.Length >= 2)
                    {
                        if (liClasses.Contains("computer"))
                        {
                            if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
                            {
                                return((int)ADUCDirectoryNode.GetNodeType("Computer"));
                            }
                            else
                            {
                                return((int)ADUCDirectoryNode.GetNodeType("computer"));
                            }
                        }
                        if (liClasses.Contains("user"))
                        {
                            if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
                            {
                                return((int)ADUCDirectoryNode.GetNodeType("disabledUser"));
                            }
                            else
                            {
                                return((int)ADUCDirectoryNode.GetNodeType("user"));
                            }
                        }
                    }
                }
                else if (liClasses.Contains("group") || liClasses.Contains("foreignSecurityPrincipal"))
                {
                    return((int)ADUCDirectoryNode.GetNodeType("group"));
                }
            }

            catch
            {
                return((int)ADUCDirectoryNode.GetNodeType("group"));
            }

            return((int)ADUCDirectoryNode.GetNodeType("group"));
        }
Esempio n. 2
0
        /// <summary>
        /// Queries and fills the ldap message for the selected group
        /// Gets the attribute list from AD for group schema attribute.
        /// search for the attributes description, cn or name and displays them in a controls
        /// </summary>
        /// <param name="ce"></param>
        /// <param name="servername"></param>
        /// <param name="name"></param>
        /// <param name="dirnode"></param>
        public void SetData(CredentialEntry ce, string servername, string name, ADUCDirectoryNode dirnode)
        {
            try
            {
                this.dirnode = dirnode;
                this.plugin  = dirnode.Plugin as ADUCPlugin;
                DirectoryContext dirContext = dirnode.LdapContext;
                Logonname    = "";
                PreLogonname = "";

                //first obtain the current userAccountControl value
                DirectoryEntry de          = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName));
                int            userCtrlInt = Convert.ToInt32(de.Properties["userAccountControl"].Value.ToString());
                long           pwdLastSet  = Convert.ToInt64(de.Properties["pwdLastSet"].Value.ToString());
                sUserWorkStations = de.Properties["userWorkstations"].Value as string;

                if (de.Properties["userPrincipalName"].Value != null)
                {
                    Logonname     = de.Properties["userPrincipalName"].Value as string;
                    Logonname     = Logonname.IndexOf('@') >= 0 ? Logonname.Substring(0, Logonname.IndexOf('@')) : Logonname;
                    txtlogon.Text = Logonname;
                }

                txtpreLogonname.Text = de.Properties["sAMAccountName"].Value as string;
                PreLogonname         = txtpreLogonname.Text.Trim();

                txtDomian.Text = dirContext.DomainName.Substring(0, dirContext.DomainName.IndexOf('.')).ToUpper() + @"\";
                cbDomain.Items.Add(string.Concat("@", dirContext.DomainName.ToUpper()));
                cbDomain.SelectedIndex = 0;

                double accountExpires = Convert.ToInt64(de.Properties["accountExpires"].Value);

                if (accountExpires == 9223372036854775807)
                {
                    rbNever.Checked = true;
                }
                else
                {
                    rbEndOf.Checked = true;
                    ConvertFromUnixTimestamp(accountExpires);
                }
                try
                {
                    string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlInt, 2);

                    if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 10] == '1')
                    {
                        bMustChangePwd = true;
                    }
                    if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
                    {
                        bAcountDisable = true;
                    }
                    if (userCtrlBinStr.Length >= 17 && userCtrlBinStr[userCtrlBinStr.Length - 17] == '1')
                    {
                        bNeverExpiresPwd = true;
                        bMustChangePwd   = false;
                    }
                    if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 7] == '1' &&
                        pwdLastSet != 0)
                    {
                        bUserCannotChange = true;
                    }
                    if (userCtrlBinStr.Length >= 8 && userCtrlBinStr[userCtrlBinStr.Length - 8] == '1')
                    {
                        bStorePwd = true;
                    }
                    if (userCtrlBinStr.Length >= 19 && userCtrlBinStr[userCtrlBinStr.Length - 19] == '1')
                    {
                        bSmartCardRequired = true;
                    }
                    if (userCtrlBinStr.Length >= 21 && userCtrlBinStr[userCtrlBinStr.Length - 21] == '1')
                    {
                        bAccSensitive = true;
                    }
                    if (userCtrlBinStr.Length >= 22 && userCtrlBinStr[userCtrlBinStr.Length - 22] == '1')
                    {
                        bUseDESDescription = true;
                    }
                    if (userCtrlBinStr.Length >= 23 && userCtrlBinStr[userCtrlBinStr.Length - 23] == '1')
                    {
                        bNotKrbAuthentication = true;
                    }
                }
                catch
                {
                }

                FillUserOptions();

                dateTimePicker.Enabled = rbEndOf.Checked;

                this.ParentContainer.DataChanged      = false;
                this.ParentContainer.btnApply.Enabled = false;
            }
            catch (Exception e)
            {
                Logger.LogException("UserAccountPage.SetData", e);
            }
        }
Esempio n. 3
0
        /// <summary>
        /// Queries and fills the ldap message for the selected computer
        /// Gets the attribute list from AD for computer schema attribute.
        /// search for the attributes dNSHostName, cn or name and displays them in a controls
        /// </summary>
        /// <param name="ce"></param>
        /// <param name="servername"></param>
        /// <param name="name"></param>
        /// <param name="dirnode"></param>
        public void SetData(CredentialEntry ce, string servername, string name, ADUCDirectoryNode dirnode)
        {
            try
            {
                this.dirnode = dirnode;
                int ret = -1;
                List <LdapEntry> ldapEntries = null;

                ret = dirnode.LdapContext.ListChildEntriesSynchronous
                          (dirnode.DistinguishedName,
                          LdapAPI.LDAPSCOPE.BASE,
                          "(objectClass=*)",
                          null,
                          false,
                          out ldapEntries);

                if (ldapEntries == null || ldapEntries.Count == 0)
                {
                    return;
                }

                LdapEntry ldapNextEntry = ldapEntries[0];

                string[] attrsList = ldapNextEntry.GetAttributeNames();

                if (attrsList != null)
                {
                    foreach (string attr in attrsList)
                    {
                        string sValue = "";

                        LdapValue[] attrValues = ldapNextEntry.GetAttributeValues(attr, dirnode.LdapContext);

                        if (attrValues != null && attrValues.Length > 0)
                        {
                            foreach (LdapValue value in attrValues)
                            {
                                sValue = sValue + "," + value.stringData;
                            }
                        }

                        if (sValue.StartsWith(","))
                        {
                            sValue = sValue.Substring(1);
                        }

                        sValue = sValue.Substring(0, sValue.Length);

                        if (string.Compare(sValue, "") == 0)
                        {
                            sValue = "<Not Set>";
                        }

                        if (string.Compare(attr, "cn") == 0)
                        {
                            this.lblComputerName.Text = sValue;
                        }

                        if (string.Compare(attr, "sAMAccountName") == 0)
                        {
                            if (sValue.EndsWith("$"))
                            {
                                this.txtCName.Text = sValue.Substring(0, sValue.Length - 1);
                            }
                            else
                            {
                                this.txtCName.Text = sValue;
                            }
                        }

                        if (string.Compare(attr, "description") == 0)
                        {
                            this.txtDescription.Text = sValue;
                            _editObject.Description  = sValue;
                        }

                        if (string.Compare(attr, "dNSHostName") == 0)
                        {
                            this.txtDNSName.Text = sValue;
                        }

                        if (string.Compare(attr, "userAccountControl") == 0)
                        {
                            int userCtrlVal = 0;
                            if (attrValues != null && attrValues.Length > 0)
                            {
                                userCtrlVal = Convert.ToInt32(attrValues[0].stringData);
                            }
                            string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlVal, 16);
                            _editObject.UserCtrlBinStr = userCtrlVal;

                            this.txtRole.Text = "Workstation or server";
                            if (userCtrlBinStr.Length >= 3)
                            {
                                //Determine role of computer
                                if (userCtrlBinStr.Length == 3)
                                {
                                    //examine the third position from the left (2=NORMAL_ACCOUNT)
                                    if (userCtrlBinStr[0] == '2')
                                    {
                                        this.txtRole.Text = "Normal computer";
                                    }

                                    //examine the third position from the left (2=INTERDOMAIN_TRUST_ACCOUNT)
                                    if (userCtrlBinStr[0] == '8')
                                    {
                                        this.txtRole.Text = "Inter domain trust computer";
                                    }
                                }
                                else
                                {
                                    //examine the forth position from the left (2=WORKSTATION_TRUST_ACCOUNT)
                                    if (userCtrlBinStr[userCtrlBinStr.Length - 4] == '1')
                                    {
                                        this.txtRole.Text = "Workstation or server";
                                    }
                                    //examine the forth position from the left (2=SERVER_TRUST_ACCOUNT)
                                    if (userCtrlBinStr[userCtrlBinStr.Length - 4] == '2')
                                    {
                                        this.txtRole.Text = "Domain controller";
                                    }
                                }
                            }
                            if (userCtrlBinStr.Length >= 5)
                            {
                                //Determine whether this user is TRUSTED_FOR_DELEGATION
                                //examine the fifth position from the left (8=TRUSTED_FOR_DELEGATION, 0=NOT TRUSTED)
                                //TRUSTED_FOR_DELEGATION
                                if (userCtrlBinStr[userCtrlBinStr.Length - 5] == '8')
                                {
                                    this.checkBoxTrust.CheckedChanged -= new System.EventHandler(this.checkBoxTrust_CheckedChanged);
                                    checkBoxTrust.Checked              = true;
                                    this.checkBoxTrust.CheckedChanged += new System.EventHandler(this.checkBoxTrust_CheckedChanged);
                                }
                                else if (userCtrlBinStr[userCtrlBinStr.Length - 5] == '0')
                                {
                                    checkBoxTrust.Checked = false;
                                }
                            }
                            else
                            {
                                checkBoxTrust.Checked = false;
                            }

                            _editObject.DelegateTrust = checkBoxTrust.Checked;
                        }
                    }
                }
                UpdateOriginalData();
                UpdateApplyButton();
            }
            catch (Exception e)
            {
                container.ShowError(e.Message);
            }
        }
Esempio n. 4
0
        /// <summary>
        /// Getting added all children to the selected node that are of type ObjectClass="group"
        /// , ObjectClass="user", ObjectClass="computer", ObjectClass="organizationalUnit"
        /// </summary>
        public void ListGroupAndUserOUChildren()
        {
            int ret = -1;

            if (haveRetrievedChildren && !this.IsModified)
            {
                return;
            }

            string[] attrs = { "objectClass", "distinguishedName", null };

            DateTime start = DateTime.Now;

            ret = dirContext.ListChildEntriesSynchronous
                      (distinguishedName,
                      LdapAPI.LDAPSCOPE.ONE_LEVEL,
                      "(objectClass=*)",
                      attrs,
                      false,
                      out ldapEntries);

            if (ldapEntries == null || ldapEntries.Count == 0)
            {
                //haveRetrievedChildren = true;
                //return;

                //clears the domian level node, if the ldap connection timed out or disconnected
                ADUCPlugin plugin = this.Plugin as ADUCPlugin;
                haveRetrievedChildren = true;
                this.IsModified       = false;
                if (ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_SERVER_DOWN ||
                    ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_CONNECT_ERROR ||
                    ret == -1)
                {
                    if (ret == -1)
                    {
                        ret = (int)ErrorCodes.LDAPEnum.LDAP_TIMEOUT;
                        Logger.LogMsgBox(ErrorCodes.LDAPString(ret));
                    }
                    plugin._pluginNode.Nodes.Clear();
                    this.sc.ShowControl(plugin._pluginNode);
                }
                else
                {
                    Nodes.Clear();
                }

                return;
            }

            foreach (LdapEntry ldapNextEntry in ldapEntries)
            {
                string s           = ldapNextEntry.GetDN();
                string objectClass = "";

                LdapValue[] values = ldapNextEntry.GetAttributeValues("objectClass", dirContext);
                if (values != null && values.Length > 0)
                {
                    //use the most specific object Class, which will be listed last.
                    objectClass = values[values.Length - 1].stringData;

                    Logger.Log("Start--", Logger.ldapLogLevel);
                    for (int i = 0; i < values.Length; i++)
                    {
                        Logger.Log("objectclass is " + values[i], Logger.ldapLogLevel);
                    }
                    Logger.Log("End--", Logger.ldapLogLevel);
                }

                if (objectClass.Equals("group", StringComparison.InvariantCultureIgnoreCase))
                {
                    ADUCDirectoryNode dtn = new ADUCDirectoryNode(s, dirContext, objectClass,
                                                                  Resources.Group_16, NodeType, Plugin, false);
                    dtn.sc = this.sc;
                    Nodes.Add(dtn);
                }

                bool IsDisabled = false;
                bool IsDc       = false;
                if (objectClass.Equals("user", StringComparison.InvariantCultureIgnoreCase) ||
                    objectClass.Equals("computer", StringComparison.InvariantCultureIgnoreCase))
                {
                    values = ldapNextEntry.GetAttributeValues("userAccountControl", dirContext);
                    int userCtrlVal = 0;
                    if (values != null && values.Length > 0)
                    {
                        userCtrlVal = Convert.ToInt32(values[0].stringData);
                    }
                    if (userCtrlVal.Equals(8224) || userCtrlVal.Equals(8202) || userCtrlVal.Equals(532480))
                    {
                        IsDc = true;
                    }
                    string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlVal, 2);

                    //Determine whether this user is enabled or disabled
                    //examine the second to last position from the right (0=Active, 1=Inactive)
                    if (userCtrlBinStr.Length >= 2)
                    {
                        if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
                        {
                            IsDisabled = true;
                        }
                        else if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '0')
                        {
                            IsDisabled = false;
                        }
                    }

                    ADUCDirectoryNode dtn = new ADUCDirectoryNode(s, dirContext, objectClass,
                                                                  Resources.Group_16, NodeType, Plugin, IsDisabled);
                    dtn.sc = this.sc;
                    dtn._IsDomainController = IsDc;
                    Nodes.Add(dtn);
                }


                if (objectClass.Equals("organizationalUnit", StringComparison.InvariantCultureIgnoreCase))
                {
                    ADUCDirectoryNode dtn = new ADUCDirectoryNode(s, dirContext, objectClass,
                                                                  Resources.Group_16, NodeType, Plugin, false);
                    dtn.sc = this.sc;
                    Nodes.Add(dtn);
                }
            }
            haveRetrievedChildren = true;
        }
Esempio n. 5
0
        /// <summary>
        /// List the all children for the selected distinguished name
        /// Adds the all children to the node
        /// </summary>
        public ADUCDirectoryNode[] ListChildren(ADUCDirectoryNode dnode)
        {
            Logger.Log("DirectoryNode.ListChildren() called", Logger.ldapLogLevel);
            int ret = -1;

            string[] attrList = new string[]
            {
                "dummy",
                "objectClass",
                "distinguishedName",
                "userAccountControl",
                null
            };

            ret = dirContext.ListChildEntriesSynchronous
                      (distinguishedName,
                      LdapAPI.LDAPSCOPE.ONE_LEVEL,
                      "(objectClass=*)",
                      attrList,
                      false,
                      out ldapEntries);

            if (ldapEntries == null || ldapEntries.Count == 0)
            {
                //clears the domian level node, if the ldap connection timed out or disconnected
                ADUCPlugin plugin = this.Plugin as ADUCPlugin;
                haveRetrievedChildren = true;
                this.IsModified       = false;
                if (ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_SERVER_DOWN ||
                    ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_CONNECT_ERROR ||
                    ret == -1)
                {
                    if (ret == -1)
                    {
                        ret = (int)ErrorCodes.LDAPEnum.LDAP_TIMEOUT;
                        Logger.LogMsgBox(ErrorCodes.LDAPString(ret));
                    }
                    plugin._pluginNode.Nodes.Clear();
                    this.sc.ShowControl(plugin._pluginNode);
                }

                return(null);
            }

            DateTime timer = Logger.StartTimer();

            List <ADUCDirectoryNode> nodesToAdd = new List <ADUCDirectoryNode>();
            int nodesAdded = 0;

            foreach (LdapEntry ldapNextEntry in ldapEntries)
            {
                string currentDN = ldapNextEntry.GetDN();

                if (!String.IsNullOrEmpty(currentDN))
                {
                    bool IsDisabled = false;
                    bool IsDc       = false;

                    LdapValue[] values      = ldapNextEntry.GetAttributeValues("objectClass", dirContext);
                    string      objectClass = "";
                    if (values != null && values.Length > 0)
                    {
                        objectClass = values[values.Length - 1].stringData;
                    }

                    if (objectClass.Equals("user", StringComparison.InvariantCultureIgnoreCase) ||
                        objectClass.Equals("computer", StringComparison.InvariantCultureIgnoreCase))
                    {
                        values = ldapNextEntry.GetAttributeValues("userAccountControl", dirContext);
                        int userCtrlVal = 0;
                        if (values != null && values.Length > 0)
                        {
                            userCtrlVal = Convert.ToInt32(values[0].stringData);
                        }
                        if (userCtrlVal.Equals(8224) || userCtrlVal.Equals(8202) || userCtrlVal.Equals(532480))
                        {
                            IsDc = true;
                        }
                        string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlVal, 2);

                        //Determine whether this user is enabled or disabled
                        //examine the second to last position from the right (0=Active, 1=Inactive)
                        if (userCtrlBinStr.Length >= 2)
                        {
                            if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
                            {
                                IsDisabled = true;
                            }
                            else if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '0')
                            {
                                IsDisabled = false;
                            }
                        }
                    }

                    ADUCDirectoryNode newNode = new ADUCDirectoryNode(currentDN, dirContext, objectClass,
                                                                      Resources.Group_16, NodeType, Plugin, IsDisabled);
                    newNode.sc = this.sc;
                    newNode._IsDomainController = IsDc;
                    newNode.Text = newNode.Text.Substring(3);

                    Logger.Log(String.Format("new Entry: {0}", currentDN), Logger.ldapLogLevel);
                    Logger.Log(String.Format("scheduling addition of new Entry: {0}", currentDN), Logger.ldapLogLevel);

                    nodesToAdd.Add(newNode);
                    nodesAdded++;
                }
            }

            ADUCDirectoryNode[] nodesToAddRecast = new ADUCDirectoryNode[nodesAdded];

            try
            {
                nodesToAdd.Sort(delegate(ADUCDirectoryNode d1, ADUCDirectoryNode d2)
                {
                    return(d1.Text.CompareTo(d2.Text));
                }
                                );
                for (int i = 0; i < nodesAdded; i++)
                {
                    nodesToAddRecast[i] = nodesToAdd[i];
                }
            }
            catch (Exception)
            {
            }
            Logger.TimerMsg(ref timer, String.Format("DirectoryNode.ListChildren(): Entry Processing({0})", distinguishedName));
            this.IsModified       = false;
            haveRetrievedChildren = true;

            return(nodesToAddRecast);
        }
Esempio n. 6
0
        /// <summary>
        /// List the all children for the selected distinguished name
        /// Adds the all children to the node
        /// </summary>
        public void ListChildren()
        {
            Logger.Log("ADUCDirectoryNode.ListChildren() called", Logger.ldapLogLevel);
            int ret = -1;

            if (haveRetrievedChildren && !this.IsModified)
            {
                return;
            }

            string[] attrList = new string[]
            {
                "dummy",
                "objectClass",
                "distinguishedName",
                "userAccountControl",
                null
            };

            ret = dirContext.ListChildEntriesSynchronous
                      (distinguishedName,
                      LdapAPI.LDAPSCOPE.ONE_LEVEL,
                      "(objectClass=*)",
                      attrList,
                      false,
                      out ldapEntries);

            if (ldapEntries == null || ldapEntries.Count == 0)
            {
                //clears the domian level node, if the ldap connection timed out or disconnected
                ADUCPlugin plugin = this.Plugin as ADUCPlugin;
                haveRetrievedChildren = true;
                this.IsModified       = false;
                if (ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_SERVER_DOWN ||
                    ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_CONNECT_ERROR ||
                    ret == -1)
                {
                    if (ret == -1)
                    {
                        ret = (int)ErrorCodes.LDAPEnum.LDAP_TIMEOUT;
                        Logger.LogMsgBox(ErrorCodes.LDAPString(ret));
                    }
                    plugin._pluginNode.Nodes.Clear();
                    this.sc.ShowControl(plugin._pluginNode);
                }
                else
                {
                    Nodes.Clear();
                }

                return;
            }
            else if (IsModified)
            {
                Nodes.Clear();
            }

            DateTime timer = Logger.StartTimer();

            //The following is optimized for speed, taking into account that in Mono,
            //Nodes.Add() and Nodes.AddRange() both take a long time to complete.
            //Nodes.AddRange() does not offer much time savings over Nodes.Add()
            //Therefore, make two hashtables holding the new and old contents of the DN.
            //Determine which have been added, and which have been deleted, to minimize the number of calls
            //to Nodes.Add() and Nodes.Remove();
            Hashtable oldEntries = new Hashtable();
            Hashtable newEntries = new Hashtable();

            List <ADUCDirectoryNode> nodesToAdd = new List <ADUCDirectoryNode>();
            int nodesAdded = 0;

            foreach (TreeNode node in Nodes)
            {
                ADUCDirectoryNode dNode = (ADUCDirectoryNode)node;
                if (dNode != null && !String.IsNullOrEmpty(dNode.distinguishedName) &&
                    !oldEntries.ContainsKey(dNode.distinguishedName))
                {
                    oldEntries.Add(dNode.distinguishedName, dNode);
                }
            }

            foreach (LdapEntry ldapNextEntry in ldapEntries)
            {
                string currentDN = ldapNextEntry.GetDN();

                if (!String.IsNullOrEmpty(currentDN))
                {
                    LdapValue[] values      = ldapNextEntry.GetAttributeValues("objectClass", dirContext);
                    string      objectClass = "";
                    if (values != null && values.Length > 0)
                    {
                        objectClass = values[values.Length - 1].stringData;
                    }

                    bool IsDisabled = false;
                    bool IsDc       = false;
                    if (objectClass.Equals("user", StringComparison.InvariantCultureIgnoreCase) ||
                        objectClass.Equals("computer", StringComparison.InvariantCultureIgnoreCase))
                    {
                        values = ldapNextEntry.GetAttributeValues("userAccountControl", dirContext);
                        int userCtrlVal = 0;
                        if (values != null && values.Length > 0)
                        {
                            userCtrlVal = Convert.ToInt32(values[0].stringData);
                        }
                        if (userCtrlVal.Equals(8224) || userCtrlVal.Equals(8202) || userCtrlVal.Equals(532480))
                        {
                            IsDc = true;
                        }
                        string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlVal, 2);

                        //Determine whether this user is enabled or disabled
                        //examine the second to last position from the right (0=Active, 1=Inactive)
                        if (userCtrlBinStr.Length >= 2)
                        {
                            if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
                            {
                                IsDisabled = true;
                            }
                            else if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '0')
                            {
                                IsDisabled = false;
                            }
                        }
                    }

                    ADUCDirectoryNode newNode = new ADUCDirectoryNode(currentDN, dirContext, objectClass,
                                                                      Resources.Group_16, NodeType, Plugin, IsDisabled);
                    newNode.sc = this.sc;
                    newNode._IsDomainController = IsDc;
                    newNode.Text = newNode.Text.Substring(3);

                    Logger.Log(String.Format("new Entry: {0}", currentDN), Logger.ldapLogLevel);

                    newEntries.Add(currentDN, newNode);

                    if (oldEntries.ContainsKey(currentDN))
                    {
                        ADUCDirectoryNode oldNode = (ADUCDirectoryNode)oldEntries[currentDN];

                        if ((oldNode != null && oldNode.ObjectClass != objectClass)
                            ||
                            (oldNode != null && oldNode.IsDisabled != IsDisabled))
                        {
                            oldEntries.Remove(currentDN);
                            oldEntries.Add(currentDN, newNode);
                            Nodes.Remove(oldNode);
                            nodesToAdd.Add(newNode);
                            nodesAdded++;
                        }
                    }
                    else
                    {
                        Logger.Log(String.Format("scheduling addition of new Entry: {0}", currentDN), Logger.ldapLogLevel);
                        nodesToAdd.Add(newNode);
                        nodesAdded++;
                    }
                }
            }

            foreach (Object o in oldEntries.Keys)
            {
                string oldNodeKey = (string)o;

                Logger.Log(String.Format("old Entry: {0}", oldNodeKey));

                if (!String.IsNullOrEmpty(oldNodeKey) && !newEntries.ContainsKey(oldNodeKey))
                {
                    ADUCDirectoryNode oldNode = (ADUCDirectoryNode)oldEntries[oldNodeKey];

                    if (oldNode != null)
                    {
                        Logger.Log(String.Format("removing old Entry: {0}", oldNodeKey), Logger.ldapLogLevel);

                        Nodes.Remove(oldNode);
                    }
                }
            }

            ADUCDirectoryNode[] nodesToAddRecast = new ADUCDirectoryNode[nodesAdded];
            try
            {
                nodesToAdd.Sort(delegate(ADUCDirectoryNode d1, ADUCDirectoryNode d2)
                {
                    return(d1.Text.CompareTo(d2.Text));
                }
                                );
                for (int i = 0; i < nodesAdded; i++)
                {
                    nodesToAddRecast[i] = nodesToAdd[i];
                }
            }
            catch (Exception)
            {
            }

            Nodes.AddRange(nodesToAddRecast);

            Logger.TimerMsg(ref timer, String.Format("DirectoryNode.ListChildren(): Entry Processing({0})", distinguishedName));
            this.IsModified       = false;
            haveRetrievedChildren = true;
        }