public static Forest GetForest(DirectoryContext dc)
{
Forest fr = new Forest();
fr.fName = dc.Name;
fr.DC = dc;
return fr;
}
public void RepairTrustRelationship(Forest targetForest)
{
TrustDirection direction = TrustDirection.Bidirectional;
CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException(nameof(targetForest));
}
// first try to reset the secure channel
try
{
direction = GetTrustRelationship(targetForest.Name).TrustDirection;
// verify outbound trust first
if ((direction & TrustDirection.Outbound) != 0)
{
TrustHelper.VerifyTrust(_context, Name, targetForest.Name, true /*is forest*/, TrustDirection.Outbound, true /*reset secure channel*/, null /* no need to go to specific server*/);
}
// verify inbound trust
if ((direction & TrustDirection.Inbound) != 0)
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true /*is forest*/, TrustDirection.Outbound, true /*reset secure channel*/, null /* no need to go to specific server*/);
}
}
catch (ActiveDirectoryOperationException)
{
RepairTrustHelper(targetForest, direction);
}
catch (UnauthorizedAccessException)
{
RepairTrustHelper(targetForest, direction);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(SR.Format(SR.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
public void VerifyTrustRelationship(Forest targetForest, TrustDirection direction)
{
CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException(nameof(targetForest));
}
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
{
throw new InvalidEnumArgumentException(nameof(direction), (int)direction, typeof(TrustDirection));
}
// verify outbound trust first
if ((direction & TrustDirection.Outbound) != 0)
{
try
{
TrustHelper.VerifyTrust(_context, Name, targetForest.Name, true /*forest*/, TrustDirection.Outbound, false /*just TC verification*/, null /* no need to go to specific server*/);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(SR.Format(SR.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
// verify inbound trust
if ((direction & TrustDirection.Inbound) != 0)
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true /*forest*/, TrustDirection.Outbound, false /*just TC verification*/, null /* no need to go to specific server*/);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(SR.Format(SR.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
}
private static DirectoryEntry GetSearchRootEntry(Forest forest)
{
DirectoryEntry directoryEntry;
DirectoryContext directoryContext = forest.GetDirectoryContext();
bool flag = false;
bool flag1 = false;
AuthenticationTypes defaultAuthType = Utils.DefaultAuthType;
if (directoryContext.ContextType == DirectoryContextType.DirectoryServer)
{
flag = true;
DirectoryEntry directoryEntry1 = DirectoryEntryManager.GetDirectoryEntry(directoryContext, WellKnownDN.RootDSE);
string propertyValue = (string)PropertyManager.GetPropertyValue(directoryContext, directoryEntry1, PropertyManager.IsGlobalCatalogReady);
flag1 = Utils.Compare(propertyValue, "TRUE") == 0;
}
if (!flag)
{
directoryEntry = new DirectoryEntry(string.Concat("GC://", forest.Name), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
else
{
if (DirectoryContext.ServerBindSupported)
{
defaultAuthType = defaultAuthType | AuthenticationTypes.ServerBind;
}
if (!flag1)
{
directoryEntry = new DirectoryEntry(string.Concat("LDAP://", directoryContext.GetServerName()), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
else
{
directoryEntry = new DirectoryEntry(string.Concat("GC://", directoryContext.GetServerName()), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
}
return(directoryEntry);
}
public void CreateTrustRelationship(Forest targetForest, TrustDirection direction)
{
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
if ((direction < TrustDirection.Inbound) || (direction > TrustDirection.Bidirectional))
{
throw new InvalidEnumArgumentException("direction", (int) direction, typeof(TrustDirection));
}
string password = TrustHelper.CreateTrustPassword();
TrustHelper.CreateTrust(this.context, this.Name, targetForest.GetDirectoryContext(), targetForest.Name, true, direction, password);
int num = 0;
if ((direction & TrustDirection.Inbound) != ((TrustDirection) 0))
{
num |= 2;
}
if ((direction & TrustDirection.Outbound) != ((TrustDirection) 0))
{
num |= 1;
}
TrustHelper.CreateTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.context, this.Name, true, (TrustDirection) num, password);
}
private static DirectoryEntry GetSearchRootEntry(Forest forest)
{
DirectoryEntry rootEntry;
DirectoryContext forestContext = forest.GetDirectoryContext();
bool isServer = false;
bool isGC = false;
AuthenticationTypes authType = Utils.DefaultAuthType;
if (forestContext.ContextType == DirectoryContextType.DirectoryServer)
{
//
// the forest object was created by specifying a server name
// so we will stick to that server for the search. We need to determine
// whether or not the server is a DC or GC
//
isServer = true;
DirectoryEntry rootDSE = DirectoryEntryManager.GetDirectoryEntry(forestContext, WellKnownDN.RootDSE);
string isGCReady = (string)PropertyManager.GetPropertyValue(forestContext, rootDSE, PropertyManager.IsGlobalCatalogReady);
isGC = (Utils.Compare(isGCReady, "TRUE") == 0);
}
if (isServer)
{
if (DirectoryContext.ServerBindSupported)
{
authType |= AuthenticationTypes.ServerBind;
}
if (isGC)
{
rootEntry = new DirectoryEntry("GC://" + forestContext.GetServerName(), forestContext.UserName, forestContext.Password, authType);
}
else
{
rootEntry = new DirectoryEntry("LDAP://" + forestContext.GetServerName(), forestContext.UserName, forestContext.Password, authType);
}
}
else
{
// need to find any GC in the forest
rootEntry = new DirectoryEntry("GC://" + forest.Name, forestContext.UserName, forestContext.Password, authType);
}
return rootEntry;
}
public void CreateTrustRelationship(Forest targetForest, TrustDirection direction)
{
this.CheckIfDisposed();
if (targetForest != null)
{
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
{
throw new InvalidEnumArgumentException("direction", (int)direction, typeof(TrustDirection));
}
else
{
string str = TrustHelper.CreateTrustPassword();
TrustHelper.CreateTrust(this.context, this.Name, targetForest.GetDirectoryContext(), targetForest.Name, true, direction, str);
int num = 0;
if ((direction & TrustDirection.Inbound) != 0)
{
num = num | 2;
}
if ((direction & TrustDirection.Outbound) != 0)
{
num = num | 1;
}
TrustHelper.CreateTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.context, this.Name, true, (TrustDirection)num, str);
return;
}
}
else
{
throw new ArgumentNullException("targetForest");
}
}
public void RepairTrustRelationship(Forest targetForest)
{
}
private void RepairTrustHelper(Forest targetForest, TrustDirection direction)
{
string str = TrustHelper.CreateTrustPassword();
string str1 = TrustHelper.UpdateTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, str, true);
string str2 = TrustHelper.UpdateTrust(this.context, this.Name, targetForest.Name, str, true);
if ((direction & TrustDirection.Outbound) != 0)
{
try
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, true, str1);
}
catch (ActiveDirectoryObjectNotFoundException activeDirectoryObjectNotFoundException)
{
object[] name = new object[3];
name[0] = this.Name;
name[1] = targetForest.Name;
name[2] = direction;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", name), typeof(ForestTrustRelationshipInformation), null);
}
}
if ((direction & TrustDirection.Inbound) != 0)
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, true, str2);
}
catch (ActiveDirectoryObjectNotFoundException activeDirectoryObjectNotFoundException1)
{
object[] objArray = new object[3];
objArray[0] = this.Name;
objArray[1] = targetForest.Name;
objArray[2] = direction;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", objArray), typeof(ForestTrustRelationshipInformation), null);
}
}
}
public void UpdateTrustRelationship(Forest targetForest, TrustDirection newTrustDirection)
{
this.CheckIfDisposed();
if (targetForest != null)
{
if (newTrustDirection < TrustDirection.Inbound || newTrustDirection > TrustDirection.Bidirectional)
{
throw new InvalidEnumArgumentException("newTrustDirection", (int)newTrustDirection, typeof(TrustDirection));
}
else
{
string str = TrustHelper.CreateTrustPassword();
TrustHelper.UpdateTrustDirection(this.context, this.Name, targetForest.Name, str, true, newTrustDirection);
TrustDirection trustDirection = 0;
if ((newTrustDirection & TrustDirection.Inbound) != 0)
{
trustDirection = trustDirection | TrustDirection.Outbound;
}
if ((newTrustDirection & TrustDirection.Outbound) != 0)
{
trustDirection = trustDirection | TrustDirection.Inbound;
}
TrustHelper.UpdateTrustDirection(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, str, true, trustDirection);
return;
}
}
else
{
throw new ArgumentNullException("targetForest");
}
}
private void RepairTrustHelper(Forest targetForest, TrustDirection direction)
{
// no we try changing trust password on both sides
string password = TrustHelper.CreateTrustPassword();
// first reset trust password on remote side
string targetServerName = TrustHelper.UpdateTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, password, true /*is forest*/);
// then reset trust password on local side
string sourceServerName = TrustHelper.UpdateTrust(_context, Name, targetForest.Name, password, true /*is forest*/);
// last we reset the secure channel again to make sure info is replicated and trust is indeed ready now
// verify outbound trust first
if ((direction & TrustDirection.Outbound) != 0)
{
try
{
TrustHelper.VerifyTrust(_context, Name, targetForest.Name, true /*is forest*/, TrustDirection.Outbound, true/*reset secure channel*/, targetServerName /* need to specify which target server */);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
// verify inbound trust
if ((direction & TrustDirection.Inbound) != 0)
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true/*is forest*/, TrustDirection.Outbound, true/*reset secure channel*/, sourceServerName /* need to specify which target server */);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
}
public void DeleteTrustRelationship(Forest targetForest)
{
Contract.Requires(targetForest != null);
}
public void RepairTrustRelationship(Forest targetForest)
{
}
public void DeleteTrustRelationship(Forest targetForest)
{
Contract.Requires(targetForest != null);
}
internal static AdamInstance FindAnyAdamInstance(DirectoryContext context)
{
if (context.ContextType == DirectoryContextType.ConfigurationSet)
{
DirectoryEntry searchRootEntry = ConfigurationSet.GetSearchRootEntry(Forest.GetCurrentForest());
ArrayList arrayLists = new ArrayList();
try
{
try
{
StringBuilder stringBuilder = new StringBuilder(15);
stringBuilder.Append("(&(");
stringBuilder.Append(PropertyManager.ObjectCategory);
stringBuilder.Append("=serviceConnectionPoint)");
stringBuilder.Append("(");
stringBuilder.Append(PropertyManager.Keywords);
stringBuilder.Append("=1.2.840.113556.1.4.1851)(");
stringBuilder.Append(PropertyManager.Keywords);
stringBuilder.Append("=");
stringBuilder.Append(Utils.GetEscapedFilterValue(context.Name));
stringBuilder.Append("))");
string str = stringBuilder.ToString();
string[] serviceBindingInformation = new string[1];
serviceBindingInformation[0] = PropertyManager.ServiceBindingInformation;
ADSearcher aDSearcher = new ADSearcher(searchRootEntry, str, serviceBindingInformation, SearchScope.Subtree, false, false);
SearchResultCollection searchResultCollections = aDSearcher.FindAll();
try
{
foreach (SearchResult item in searchResultCollections)
{
string str1 = "ldap://";
IEnumerator enumerator = item.Properties[PropertyManager.ServiceBindingInformation].GetEnumerator();
try
{
while (enumerator.MoveNext())
{
string str2 = item.ToString();
if (str2.Length <= str1.Length || string.Compare(str2.Substring(0, str1.Length), str1, StringComparison.OrdinalIgnoreCase) != 0)
{
continue;
}
arrayLists.Add(str2.Substring(str1.Length));
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
}
finally
{
searchResultCollections.Dispose();
}
}
catch (COMException cOMException1)
{
COMException cOMException = cOMException1;
throw ExceptionHelper.GetExceptionFromCOMException(context, cOMException);
}
}
finally
{
searchRootEntry.Dispose();
}
return(ConfigurationSet.FindAliveAdamInstance(null, context, arrayLists));
}
else
{
DirectoryEntryManager directoryEntryManager = new DirectoryEntryManager(context);
DirectoryEntry cachedDirectoryEntry = directoryEntryManager.GetCachedDirectoryEntry(WellKnownDN.RootDSE);
if (Utils.CheckCapability(cachedDirectoryEntry, Capability.ActiveDirectoryApplicationMode))
{
string propertyValue = (string)PropertyManager.GetPropertyValue(context, cachedDirectoryEntry, PropertyManager.DnsHostName);
return(new AdamInstance(context, propertyValue, directoryEntryManager));
}
else
{
directoryEntryManager.RemoveIfExists(directoryEntryManager.ExpandWellKnownDN(WellKnownDN.RootDSE));
throw new ArgumentException(Res.GetString("TargetShouldBeServerORConfigSet"), "context");
}
}
}
public void UpdateTrustRelationship(Forest targetForest, TrustDirection newTrustDirection)
{
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
if ((newTrustDirection < TrustDirection.Inbound) || (newTrustDirection > TrustDirection.Bidirectional))
{
throw new InvalidEnumArgumentException("newTrustDirection", (int) newTrustDirection, typeof(TrustDirection));
}
string password = TrustHelper.CreateTrustPassword();
TrustHelper.UpdateTrustDirection(this.context, this.Name, targetForest.Name, password, true, newTrustDirection);
TrustDirection direction = (TrustDirection) 0;
if ((newTrustDirection & TrustDirection.Inbound) != ((TrustDirection) 0))
{
direction |= TrustDirection.Outbound;
}
if ((newTrustDirection & TrustDirection.Outbound) != ((TrustDirection) 0))
{
direction |= TrustDirection.Inbound;
}
TrustHelper.UpdateTrustDirection(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, password, true, direction);
}
public void RepairTrustRelationship(Forest targetForest)
{
TrustDirection direction = TrustDirection.Bidirectional;
CheckIfDisposed();
if (targetForest == null)
throw new ArgumentNullException("targetForest");
// first try to reset the secure channel
try
{
direction = GetTrustRelationship(targetForest.Name).TrustDirection;
// verify outbound trust first
if ((direction & TrustDirection.Outbound) != 0)
{
TrustHelper.VerifyTrust(_context, Name, targetForest.Name, true /*is forest*/, TrustDirection.Outbound, true/*reset secure channel*/, null /* no need to go to specific server*/);
}
// verify inbound trust
if ((direction & TrustDirection.Inbound) != 0)
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true/*is forest*/, TrustDirection.Outbound, true/*reset secure channel*/, null /* no need to go to specific server*/);
}
}
catch (ActiveDirectoryOperationException)
{
RepairTrustHelper(targetForest, direction);
}
catch (UnauthorizedAccessException)
{
RepairTrustHelper(targetForest, direction);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
public void UpdateTrustRelationship(Forest targetForest, TrustDirection newTrustDirection)
{
CheckIfDisposed();
if (targetForest == null)
throw new ArgumentNullException("targetForest");
if (newTrustDirection < TrustDirection.Inbound || newTrustDirection > TrustDirection.Bidirectional)
throw new InvalidEnumArgumentException("newTrustDirection", (int)newTrustDirection, typeof(TrustDirection));
// no we generate trust password
string password = TrustHelper.CreateTrustPassword();
TrustHelper.UpdateTrustDirection(_context, Name, targetForest.Name, password, true /*is forest*/, newTrustDirection);
// then create trust on remote side
TrustDirection reverseDirection = 0;
if ((newTrustDirection & TrustDirection.Inbound) != 0)
reverseDirection |= TrustDirection.Outbound;
if ((newTrustDirection & TrustDirection.Outbound) != 0)
reverseDirection |= TrustDirection.Inbound;
TrustHelper.UpdateTrustDirection(targetForest.GetDirectoryContext(), targetForest.Name, Name, password, true /*is forest*/, reverseDirection);
}
public void CreateTrustRelationship(Forest targetForest, TrustDirection direction)
{
CheckIfDisposed();
if (targetForest == null)
throw new ArgumentNullException("targetForest");
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
throw new InvalidEnumArgumentException("direction", (int)direction, typeof(TrustDirection));
string password = TrustHelper.CreateTrustPassword();
// first create trust on local side
TrustHelper.CreateTrust(_context, Name, targetForest.GetDirectoryContext(), targetForest.Name, true, direction, password);
// then create trust on remote side
int reverseDirection = 0;
if ((direction & TrustDirection.Inbound) != 0)
reverseDirection |= (int)TrustDirection.Outbound;
if ((direction & TrustDirection.Outbound) != 0)
reverseDirection |= (int)TrustDirection.Inbound;
TrustHelper.CreateTrust(targetForest.GetDirectoryContext(), targetForest.Name, _context, Name, true, (TrustDirection)reverseDirection, password);
}
public void VerifyTrustRelationship(Forest targetForest, TrustDirection direction)
{
CheckIfDisposed();
if (targetForest == null)
throw new ArgumentNullException("targetForest");
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
throw new InvalidEnumArgumentException("direction", (int)direction, typeof(TrustDirection));
// verify outbound trust first
if ((direction & TrustDirection.Outbound) != 0)
{
try
{
TrustHelper.VerifyTrust(_context, Name, targetForest.Name, true/*forest*/, TrustDirection.Outbound, false/*just TC verification*/, null /* no need to go to specific server*/);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
// verify inbound trust
if ((direction & TrustDirection.Inbound) != 0)
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true/*forest*/, TrustDirection.Outbound, false/*just TC verification*/, null /* no need to go to specific server*/);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
}
public void DeleteTrustRelationship(Forest targetForest)
{
CheckIfDisposed();
if (targetForest == null)
throw new ArgumentNullException("targetForest");
// first delete the trust on the remote side
TrustHelper.DeleteTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true);
// then delete the local side trust
TrustHelper.DeleteTrust(_context, Name, targetForest.Name, true);
}
public void VerifyTrustRelationship(Forest targetForest, TrustDirection direction)
{
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
if ((direction < TrustDirection.Inbound) || (direction > TrustDirection.Bidirectional))
{
throw new InvalidEnumArgumentException("direction", (int) direction, typeof(TrustDirection));
}
if ((direction & TrustDirection.Outbound) != ((TrustDirection) 0))
{
try
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, false, null);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
if ((direction & TrustDirection.Inbound) != ((TrustDirection) 0))
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, false, null);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
}
private static DirectoryEntry GetSearchRootEntry(Forest forest)
{
DirectoryContext directoryContext = forest.GetDirectoryContext();
bool flag = false;
bool flag2 = false;
AuthenticationTypes defaultAuthType = Utils.DefaultAuthType;
if (directoryContext.ContextType == DirectoryContextType.DirectoryServer)
{
flag = true;
DirectoryEntry directoryEntry = DirectoryEntryManager.GetDirectoryEntry(directoryContext, WellKnownDN.RootDSE);
string str = (string) PropertyManager.GetPropertyValue(directoryContext, directoryEntry, PropertyManager.IsGlobalCatalogReady);
flag2 = Utils.Compare(str, "TRUE") == 0;
}
if (flag)
{
if (DirectoryContext.ServerBindSupported)
{
defaultAuthType |= AuthenticationTypes.ServerBind;
}
if (flag2)
{
return new DirectoryEntry("GC://" + directoryContext.GetServerName(), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
return new DirectoryEntry("LDAP://" + directoryContext.GetServerName(), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
return new DirectoryEntry("GC://" + forest.Name, directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
public void CreateTrustRelationship(Forest targetForest, TrustDirection direction)
{
Contract.Requires(targetForest != null);
}
internal static AdamInstance FindAnyAdamInstance(DirectoryContext context)
{
if (context.ContextType != DirectoryContextType.ConfigurationSet)
{
// assuming it's an ADAM Instance
// check that it is an ADAM server only (not AD)
DirectoryEntryManager directoryEntryMgr = new DirectoryEntryManager(context);
DirectoryEntry rootDSE = directoryEntryMgr.GetCachedDirectoryEntry(WellKnownDN.RootDSE);
if (!Utils.CheckCapability(rootDSE, Capability.ActiveDirectoryApplicationMode))
{
directoryEntryMgr.RemoveIfExists(directoryEntryMgr.ExpandWellKnownDN(WellKnownDN.RootDSE));
throw new ArgumentException(SR.TargetShouldBeServerORConfigSet, nameof(context));
}
string dnsHostName = (string)PropertyManager.GetPropertyValue(context, rootDSE, PropertyManager.DnsHostName);
return(new AdamInstance(context, dnsHostName, directoryEntryMgr));
}
// Now this is the case where context is a Config Set
// Here we need to search for the service connection points in the forest
// (if the forest object was created by specifying the server, we stick to that, else search in a GC)
DirectoryEntry rootEntry = GetSearchRootEntry(Forest.GetCurrentForest());
ArrayList adamInstanceNames = new ArrayList();
try
{
string entryName = (string)rootEntry.Properties["distinguishedName"].Value;
// Search for computer "serviceConnectionObjects" where the keywords attribute
// contains the specified keyword
// set up the searcher object
// build the filter
StringBuilder str = new StringBuilder(15);
str.Append("(&(");
str.Append(PropertyManager.ObjectCategory);
str.Append("=serviceConnectionPoint)");
str.Append("(");
str.Append(PropertyManager.Keywords);
str.Append("=1.2.840.113556.1.4.1851)(");
str.Append(PropertyManager.Keywords);
str.Append("=");
str.Append(Utils.GetEscapedFilterValue(context.Name)); // target = config set name
str.Append("))");
string filter = str.ToString();
string[] propertiesToLoad = new string[1];
propertiesToLoad[0] = PropertyManager.ServiceBindingInformation;
ADSearcher searcher = new ADSearcher(rootEntry, filter, propertiesToLoad, SearchScope.Subtree, false /*not paged search*/, false /*no cached results*/);
SearchResultCollection resCol = searcher.FindAll();
try
{
foreach (SearchResult res in resCol)
{
// the binding info contains two values
// "ldap://hostname:ldapport"
// and "ldaps://hostname:sslport"
// we need the "hostname:ldapport" value
string prefix = "ldap://";
foreach (string bindingInfo in res.Properties[PropertyManager.ServiceBindingInformation])
{
if ((bindingInfo.Length > prefix.Length) && (string.Equals(bindingInfo.Substring(0, prefix.Length), prefix, StringComparison.OrdinalIgnoreCase)))
{
adamInstanceNames.Add(bindingInfo.Substring(prefix.Length));
}
}
}
}
finally
{
resCol.Dispose();
}
}
catch (COMException e)
{
throw ExceptionHelper.GetExceptionFromCOMException(context, e);
}
finally
{
rootEntry.Dispose();
}
//
// we have all the adam instance names in teh form of server:port from the scp
// now we need to find one that is alive
//
return(FindAliveAdamInstance(null, context, adamInstanceNames));
}
private static DirectoryEntry GetSearchRootEntry(Forest forest)
{
DirectoryEntry directoryEntry;
DirectoryContext directoryContext = forest.GetDirectoryContext();
bool flag = false;
bool flag1 = false;
AuthenticationTypes defaultAuthType = Utils.DefaultAuthType;
if (directoryContext.ContextType == DirectoryContextType.DirectoryServer)
{
flag = true;
DirectoryEntry directoryEntry1 = DirectoryEntryManager.GetDirectoryEntry(directoryContext, WellKnownDN.RootDSE);
string propertyValue = (string)PropertyManager.GetPropertyValue(directoryContext, directoryEntry1, PropertyManager.IsGlobalCatalogReady);
flag1 = Utils.Compare(propertyValue, "TRUE") == 0;
}
if (!flag)
{
directoryEntry = new DirectoryEntry(string.Concat("GC://", forest.Name), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
else
{
if (DirectoryContext.ServerBindSupported)
{
defaultAuthType = defaultAuthType | AuthenticationTypes.ServerBind;
}
if (!flag1)
{
directoryEntry = new DirectoryEntry(string.Concat("LDAP://", directoryContext.GetServerName()), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
else
{
directoryEntry = new DirectoryEntry(string.Concat("GC://", directoryContext.GetServerName()), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
}
return directoryEntry;
}
public void UpdateTrustRelationship (Forest targetForest, TrustDirection newTrustDirection)
{
throw new NotImplementedException ();
}
public void VerifyTrustRelationship(Forest targetForest, TrustDirection direction)
{
throw new NotImplementedException();
}
public void CreateTrustRelationship(Forest targetForest, TrustDirection direction)
{
Contract.Requires(targetForest != null);
}
public void VerifyTrustRelationship (Forest targetForest, TrustDirection direction)
{
throw new NotImplementedException ();
}
public void UpdateTrustRelationship(Forest targetForest, TrustDirection newTrustDirection)
{
throw new NotImplementedException();
}
public void RepairTrustRelationship (Forest targetForest)
{
throw new NotImplementedException ();
}
public void RepairTrustRelationship(Forest targetForest)
{
throw new NotImplementedException();
}
public void RepairTrustRelationship(Forest targetForest)
{
TrustDirection trustDirection = TrustDirection.Bidirectional;
this.CheckIfDisposed();
if (targetForest != null)
{
try
{
trustDirection = this.GetTrustRelationship(targetForest.Name).TrustDirection;
if ((trustDirection & TrustDirection.Outbound) != 0)
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, true, null);
}
if ((trustDirection & TrustDirection.Inbound) != 0)
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, true, null);
}
}
catch (ActiveDirectoryOperationException activeDirectoryOperationException)
{
this.RepairTrustHelper(targetForest, trustDirection);
}
catch (UnauthorizedAccessException unauthorizedAccessException)
{
this.RepairTrustHelper(targetForest, trustDirection);
}
catch (ActiveDirectoryObjectNotFoundException activeDirectoryObjectNotFoundException)
{
object[] name = new object[3];
name[0] = this.Name;
name[1] = targetForest.Name;
name[2] = trustDirection;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", name), typeof(ForestTrustRelationshipInformation), null);
}
return;
}
else
{
throw new ArgumentNullException("targetForest");
}
}
private void RepairTrustHelper(Forest targetForest, TrustDirection direction)
{
string password = TrustHelper.CreateTrustPassword();
string preferredTargetServer = TrustHelper.UpdateTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, password, true);
string str3 = TrustHelper.UpdateTrust(this.context, this.Name, targetForest.Name, password, true);
if ((direction & TrustDirection.Outbound) != ((TrustDirection) 0))
{
try
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, true, preferredTargetServer);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
if ((direction & TrustDirection.Inbound) != ((TrustDirection) 0))
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, true, str3);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
}
public void VerifyTrustRelationship(Forest targetForest, TrustDirection direction)
{
this.CheckIfDisposed();
if (targetForest != null)
{
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
{
throw new InvalidEnumArgumentException("direction", (int)direction, typeof(TrustDirection));
}
else
{
if ((direction & TrustDirection.Outbound) != 0)
{
try
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, false, null);
}
catch (ActiveDirectoryObjectNotFoundException activeDirectoryObjectNotFoundException)
{
object[] name = new object[3];
name[0] = this.Name;
name[1] = targetForest.Name;
name[2] = direction;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", name), typeof(ForestTrustRelationshipInformation), null);
}
}
if ((direction & TrustDirection.Inbound) != 0)
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, false, null);
}
catch (ActiveDirectoryObjectNotFoundException activeDirectoryObjectNotFoundException1)
{
object[] objArray = new object[3];
objArray[0] = this.Name;
objArray[1] = targetForest.Name;
objArray[2] = direction;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", objArray), typeof(ForestTrustRelationshipInformation), null);
}
}
return;
}
}
else
{
throw new ArgumentNullException("targetForest");
}
}
public void RepairTrustRelationship(Forest targetForest)
{
TrustDirection bidirectional = TrustDirection.Bidirectional;
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
try
{
bidirectional = this.GetTrustRelationship(targetForest.Name).TrustDirection;
if ((bidirectional & TrustDirection.Outbound) != ((TrustDirection) 0))
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, true, null);
}
if ((bidirectional & TrustDirection.Inbound) != ((TrustDirection) 0))
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, true, null);
}
}
catch (ActiveDirectoryOperationException)
{
this.RepairTrustHelper(targetForest, bidirectional);
}
catch (UnauthorizedAccessException)
{
this.RepairTrustHelper(targetForest, bidirectional);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, bidirectional }), typeof(ForestTrustRelationshipInformation), null);
}
}
public void DeleteTrustRelationship(Forest targetForest)
{
this.CheckIfDisposed();
if (targetForest != null)
{
TrustHelper.DeleteTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true);
TrustHelper.DeleteTrust(this.context, this.Name, targetForest.Name, true);
return;
}
else
{
throw new ArgumentNullException("targetForest");
}
}
AD_GlobalCatalog(Forest forest)
{
}
