/// <summary>
/// Checks if specified User is part of specified Domain.
/// </summary>
/// <param name="s">User information</param>
/// <param name="login">Login information to Active Directory.</param>
/// <returns>(bool) True.</returns>
public bool DoesUserExist(UserInfoModel s)
{
bool retVal = false;
ADLoginModel login = GetAdminActiveDirectoryLogin();
try
{
PrincipalContext pc = new PrincipalContext(ContextType.Domain, login.Domain, login.Username, login.Password);
UserPrincipal user = UserPrincipal.FindByIdentity(pc, s.DomainEmailAddress);
if (user != null)
{
retVal = true;
}
else
{
retVal = false;
}
}
catch (System.DirectoryServices.ActiveDirectory.ActiveDirectoryOperationException)
{
retVal = false;
}
catch (System.DirectoryServices.ActiveDirectory.ActiveDirectoryObjectNotFoundException)
{
retVal = false;
}
return(retVal);
}
public ActionResult Login(ADLoginModel model)
{
if (ModelState.IsValid)
{
var dao = new NHAN_VIEN_DAO();
var result = dao.Login(model.Email, Encryptor.MD5Hash(model.Password));
if (result == 1)
{
var user = dao.GetByEmail(model.Email);
var userSession = new UserLogin();
userSession.Email = user.EMAIL_NV;
Session["Email_NV"] = userSession.Email;
userSession.Userid = user.MA_NV;
userSession.TENNV = user.TENNV;
Session["Ten_NV"] = userSession.TENNV;
userSession.CHUCVU_NV = user.CHUCVU;
Session["CHUCVU_NV"] = userSession.CHUCVU_NV;
Session.Add(CommonConstants.USER_SESSION, userSession);
return(RedirectToAction("Index", "ADTuyenDuong"));
}
else if (result == 0)
{
ModelState.AddModelError("", "Tên Đăng nhập không tồn tại");
}
else if (result == -1)
{
ModelState.AddModelError("", "Mật khẩu không đúng");
}
}
return(View("Index"));
}
/// <summary>
/// This method will remove (delete) the user, if exists.
/// </summary>
/// <param name="s">User information</param>
/// <param name="login">Login information to Active Directory.</param>
/// <returns>Deleted user's email address.</returns>
public BaseResponse <string> RemoveUser(UserInfoModel s)
{
ADResponseType rt;
string rResult = string.Empty;
string rMessage = string.Empty;
Exception rException = null;
ADLoginModel login = GetAdminActiveDirectoryLogin();
try
{
PrincipalContext pc = new PrincipalContext(ContextType.Domain, login.Domain, login.Username, login.Password);
UserPrincipal user = UserPrincipal.FindByIdentity(pc, s.DomainEmailAddress);
if (user != null)
{
user.Delete();
rt = ADResponseType.OK;
rResult = s.DomainEmailAddress;
}
else
{
rMessage = "User does not exist.";
rt = ADResponseType.Undefined;
}
}
catch (System.DirectoryServices.ActiveDirectory.ActiveDirectoryOperationException E)
{
rMessage = "Unable to perform operation.";
rt = ADResponseType.Exception;
rException = E;
}
catch (System.DirectoryServices.ActiveDirectory.ActiveDirectoryObjectNotFoundException E)
{
rMessage = "User was not found.";
rt = ADResponseType.Exception;
rException = E;
}
return(new BaseResponse <string>(rResult, rt, rMessage, rException));
}
/// <summary>
/// If user does not exist, this method will create a user in the specified Organizational Unit.
/// </summary>
/// <param name="s">User information</param>
/// <param name="path">Distingushed Name of the Organizational Unit.</param>
/// <param name="login">Login information to Active Directory.</param>
/// <returns>ObjectGUID (within BaseResponse) created by Active Directory.</returns>
public BaseResponse <Guid> CreateUser(UserInfoModel s, string LDAPPath)
{
ADResponseType rt = ADResponseType.Undefined;
Guid rResult = Guid.Empty;
string rMessage = string.Empty;
Exception rException = null;
ADLoginModel login = GetAdminActiveDirectoryLogin();
try
{
if (!DoesUserExist(s))
{
using (var pc = new PrincipalContext(ContextType.Domain, DomainController, GetDomainContainer(LDAPPath), ContextOptions.SimpleBind, login.Username, login.Password))
{
using (var up = new UserPrincipal(pc))
{
up.SamAccountName = s.Username;
up.GivenName = s.FirstName;
up.Surname = s.LastName;
up.MiddleName = s.MiddleName;
up.EmailAddress = s.DomainEmailAddress;
up.UserPrincipalName = s.DomainEmailAddress;
up.DisplayName = String.Format("{0} {1}", s.FirstName, s.LastName);
up.SetPassword(s.Password);
up.PasswordNeverExpires = true;
up.Enabled = true;
up.Save();
((DirectoryEntry)up.GetUnderlyingObject()).Properties[SSOUsersIDProperty].Value = s.ID.ToString();
up.Save();
rResult = ((DirectoryEntry)up.GetUnderlyingObject()).Guid;
rt = ADResponseType.OK;
}
}
}
else
{
rMessage = "User already exists.";
rt = ADResponseType.Warning;
}
}
catch (System.DirectoryServices.ActiveDirectory.ActiveDirectoryOperationException E)
{
rMessage = "Unable to perform operation.";
rt = ADResponseType.Exception;
rException = E;
}
catch (DirectoryServicesCOMException E)
{
Console.WriteLine(String.Format("EXCEPTION : {0}\r\n{1}", E.Message, E.StackTrace));
rMessage = "Unable to set password.";
rt = ADResponseType.Exception;
rException = E;
}
catch (System.DirectoryServices.ActiveDirectory.ActiveDirectoryObjectNotFoundException E)
{
rMessage = "There is a problem with the LDAP string.";
rt = ADResponseType.Exception;
rException = E;
}
catch (System.DirectoryServices.ActiveDirectory.ActiveDirectoryObjectExistsException E)
{
rMessage = "User already exists.";
rt = ADResponseType.Exception;
rException = E;
}
catch (System.Reflection.TargetInvocationException E)
{
rMessage = "Password does not meet requirements.";
rt = ADResponseType.Exception;
rException = E;
}
return(new BaseResponse <Guid>(rResult, rt, rMessage, rException));
}
/// <summary>
/// Changes an attribute of a user.
/// </summary>
/// <param name="s">User information</param>
/// <param name="path">Distingushed Name of the Organizational Unit containing user.</param>
/// <param name="AttributeName">Name for the attribute to be changed from a defined set of attributes.</param>
/// <param name="AttributeValue">New attribute value.</param>
/// <param name="login">Login information to Active Directory.</param>
/// <returns>ResponseType.OK</returns>
public BaseResponse <string> ChangeUserAttribute(UserInfoModel s, string path, UserAttributes AttributeName, string AttributeValue)
{
ADResponseType rt;
string rResult = "";
string rMessage = "";
Exception rException = null;
ADLoginModel login = GetAdminActiveDirectoryLogin();
try
{
DirectoryEntry dirEntry = new DirectoryEntry(path, login.Username, login.Password);
if (dirEntry != null)
{
DirectorySearcher search = new DirectorySearcher(dirEntry);
search.Filter = "(&(objectClass=user)(SAMAccountName=" + s.Username + "))";
SearchResult result = search.FindOne();
if (result != null)
{
DirectoryEntry userEntry = new DirectoryEntry(result.Path, login.Username, login.Password);
if (userEntry != null)
{
if (userEntry.Properties.Contains("" + AttributeName.ToString() + ""))
{
userEntry.Properties["" + AttributeName.ToString() + ""].Value = AttributeValue;
userEntry.CommitChanges();
rt = ADResponseType.OK;
}
else
{
userEntry.Properties["" + AttributeName.ToString() + ""].Add(AttributeValue);
userEntry.CommitChanges();
rt = ADResponseType.OK;
}
}
else
{
rMessage = "User does not exist.";
rt = ADResponseType.Undefined;
}
}
else
{
rMessage = "User does not exist.";
rt = ADResponseType.Undefined;
}
}
else
{
rMessage = "LDAP string is incorrect.";
rt = ADResponseType.Warning;
}
}
catch (System.DirectoryServices.ActiveDirectory.ActiveDirectoryObjectNotFoundException E)
{
rMessage = "Parameters passed in were incorrect";
rt = ADResponseType.Exception;
rException = E;
}
catch (System.DirectoryServices.ActiveDirectory.ActiveDirectoryOperationException E)
{
rMessage = "Unable to perform operation.";
rt = ADResponseType.Exception;
rException = E;
}
return(new BaseResponse <string>(rResult, rt, rMessage, rException));
}
