public void CopyShareSecurity(NTShare sourceShare, NTShare destShare)
{
ActionObserver.NotifyAction("Copying", "Share Security", sourceShare.FullName, destShare.FullName);
try {
ShareSecurity sourceSecurity = sourceShare.GetAccessControl();
NTShare.SetAccessControl(
destShare.FullName,
TranslateShareACL(
sourceShare.GetAccessControl()
)
);
} catch (Exception error) {
ActionObserver.NotifyActionFailed("Copying", "Share Security", sourceShare.FullName, destShare.FullName, error.Message);
}
}
public void CopyRemoteGroupMembership(NTLocalGroup sourceRemoteGroup, NTLocalGroup destinationLocalGroup, NTObject[] destinationLocalGroupMembers)
{
ActionObserver.NotifyAction("Copy", "Remote Group Membership", sourceRemoteGroup.FullName, destinationLocalGroup.FullName);
TextBank existingMembers = new TextBank(
from obj in destinationLocalGroupMembers
where obj is NTObject
select(object) obj
);
#region debug region
NTRemoteObject[] tmpObjects = sourceRemoteGroup.GetRemoteMembers();
if (tmpObjects == null)
{
tmpObjects = new NTRemoteObject[0];
}
ActionObserver.NotifyInformation("Detected a total of {0} members for remote local group {1}", tmpObjects.Length, sourceRemoteGroup.FullName);
foreach (NTRemoteObject remoteObject in tmpObjects)
{
ActionObserver.NotifyInformation("Member '{0}' its type is {1}", remoteObject.FullName, remoteObject.GetType().FullName);
}
#endregion
NTRemoteObject[] remoteObjects = sourceRemoteGroup.GetRemoteMembers();
if (remoteObjects == null)
{
remoteObjects = new NTRemoteObject[0];
}
ActionObserver.NotifyInformation("Detected a total of {0} AD members for remote local group {1}", remoteObjects.Length, sourceRemoteGroup.FullName);
foreach (NTRemoteObject remoteObject in remoteObjects)
{
ActionObserver.NotifyInformation("AD Member '{0}' its is {1}", remoteObject.FullName, remoteObject.GetType().FullName);
}
foreach (NTRemoteObject remoteObject in remoteObjects)
{
string remoteObjectName = remoteObject.Domain + "\\" + remoteObject.Name;
if (!existingMembers.ContainsText(remoteObjectName))
{
destinationLocalGroup.AddMember(remoteObjectName);
}
}
}
public NTLocalGroup CopyRemoteGroupToLocalMachine(NTLocalGroup remoteGroup)
{
ActionObserver.NotifyAction("Querying", "Group", remoteGroup.Name, string.Empty);
NTLocalGroup localGroup = null;
if (!NTHost.CurrentMachine.TryGetLocalGroup(remoteGroup.Name, out localGroup))
{
ActionObserver.NotifyAction("Creating", "Group", NTHost.CurrentMachine.Name + '\\' + remoteGroup.Name, string.Empty);
localGroup = NTHost.CurrentMachine.CreateLocalGroup(
remoteGroup.Name,
remoteGroup.Description
);
}
else
{
ActionObserver.NotifyAction("Copying", "Group", localGroup.FullName, remoteGroup.FullName);
localGroup.Description = remoteGroup.Description;
localGroup.Update();
}
Debug.Assert(localGroup != null);
NTObject[] localMembers = localGroup.GetMembers();
if (_applyMembershipDeletions)
{
foreach (NTObject obj in localMembers)
{
ActionObserver.NotifyAction("Deleting", "Group Membership", localGroup.FullName, obj.FullName);
localGroup.DeleteMember(obj);
}
}
if (_copyLocalMembership)
{
CopyLocalGroupMembership(remoteGroup, localGroup, localMembers);
}
if (_copyDomainMembership)
{
CopyRemoteGroupMembership(remoteGroup, localGroup, localMembers);
}
return(localGroup);
}
public void CopyLocalGroupMembership(NTLocalGroup sourceRemoteGroup, NTLocalGroup destinationLocalGroup, NTObject[] destinationLocalGroupMembers)
{
ActionObserver.NotifyAction("Copy", "Local Group Membership", sourceRemoteGroup.FullName, destinationLocalGroup.FullName);
TextBank existingMembers = new TextBank(
from obj in destinationLocalGroupMembers
where obj is NTLocalObject
select(object) obj
);
UserCopier userCopier = new UserCopier(
false,
false,
DefaultUserPassword,
false,
ActionObserver
);
foreach (NTLocalUser remoteUser in sourceRemoteGroup.GetLocalMembers())
{
NTLocalUser localUser = null;
// find a user by the same name of local machine
if (!NTHost.CurrentMachine.TryGetLocalUser(remoteUser.Name, out localUser))
{
// import the user if required
if (_importLocalUsers)
{
localUser = userCopier.CopyRemoteUserToLocalMachine(remoteUser);
}
}
if (localUser != null)
{
if (!existingMembers.ContainsText(localUser.Name))
{
destinationLocalGroup.AddLocalMember(localUser);
}
}
}
}
public void CopyShare(CopyableShare copyableShare)
{
#region Validation
if (!Directory.Exists(copyableShare.DestPath))
{
ActionObserver.NotifyError("Cannot copy share '{0}' to '{1}' as the destination path does not exist", copyableShare.SourceShare.FullName, copyableShare.DestPath);
return;
}
#endregion
NTShare sourceShare = copyableShare.SourceShare;
string destPath = copyableShare.DestPath;
ActionObserver.NotifyAction("Copying", "Share", sourceShare.FullName, destPath);
try {
NTShare destShare;
// try to load share at destination server (assumed to be localhost), by name
if (!NTHost.CurrentMachine.TryGetShare(sourceShare.Name, out destShare))
{
// one doesn't exist so create one
destShare = NTHost.CurrentMachine.CreateShare(
sourceShare.Name,
sourceShare.Description,
sourceShare.Type,
destPath
);
}
else
{
// make sure we loaded one pointing to same directory as we expect
if (!Path.Equals(destShare.ServerPath, copyableShare.DestPath))
{
// in this branch, a different share of the same name already exists
if (AutoResolveShareNameConflicts)
{
string newName = ResolveShareNameConflict(NTHost.CurrentMachine, sourceShare.Name);
ActionObserver.NotifyWarning(
"Copying share '{0}\\{1}' as '{2}\\{3}' to avoid name conflict",
copyableShare.SourceShare.Host,
copyableShare.SourceShare.Name,
NTHost.CurrentMachine.Host,
newName
);
// we want to auto-create a share name
destShare = NTHost.CurrentMachine.CreateShare(
newName,
sourceShare.Description,
sourceShare.Type,
destPath
);
}
else
{
// in this branch, bail out of share copying as share name already taken
ActionObserver.NotifyError(
"Cannot copy the share '{0}\\{1}' to folder '{2}' as it will conflict with '{3}\\{4}' defined for folder '{5}'",
copyableShare.SourceShare.Host,
copyableShare.SourceShare.Name,
copyableShare.DestPath,
destShare.Host,
destShare.Name,
destShare.ServerPath
);
}
return;
}
}
// copy details
destShare.Name = sourceShare.Name;
destShare.Description = sourceShare.Description;
destShare.MaxUses = sourceShare.MaxUses;
destShare.Password = sourceShare.Password;
destShare.Permissions = sourceShare.Permissions;
destShare.Reserved = sourceShare.Reserved;
destShare.ServerPath = destPath;
destShare.Update();
CopyShareSecurity(sourceShare, destShare);
// create new share
} catch (Exception error) {
ActionObserver.NotifyActionFailed("Copying", "Share", copyableShare.SourceShare.FullName, copyableShare.DestPath, error.Message);
}
}
private Dictionary <string, string> AssembleSidTranslationTable(IEnumerable <AuthorizationRule> authorizationRules)
{
var danglingSids = new Dictionary <string, string>();
foreach (var authorizationRule in authorizationRules)
{
// if we encounter a SID and not an account name, it means it could not be resolved
if (authorizationRule.IdentityReference is SecurityIdentifier)
{
// rule references a dangling id, try to resolve it to remote machine name
var remoteSID = authorizationRule.IdentityReference.Value;
string remoteName;
string remoteHost;
WinAPI.ADVAPI32.SidNameUse remoteNameUse;
if (Resolver.TryResolve(remoteSID, out remoteHost, out remoteName, out remoteNameUse))
{
// 2.1 Translate dangling user to equivalent name on local server
if (!danglingSids.ContainsKey(remoteSID))
{
string translatedName;
// translate to a local name
if (!SidTranslator.TryTranslate(
remoteHost,
remoteName,
remoteNameUse,
out translatedName))
{
// couldn't translate it, or import anything, so just default to administrators
ActionObserver.NotifyWarning("Unable to translate/import remote {0} '{1}\\{2}'", remoteNameUse, remoteHost, remoteName);
translatedName = "Administrators";
}
var localAccount = new NTAccount(
translatedName
);
var translatedUserSid = localAccount.Translate(
typeof(SecurityIdentifier)
).Value;
ActionObserver.NotifyAction("Translating", "SID", remoteSID, translatedUserSid);
if (!danglingSids.ContainsKey(remoteSID))
{
danglingSids.Add(remoteSID, translatedUserSid);
}
}
}
else
{
// replace this SID with administrators
var localAccount = new NTAccount("Administrators");
var translatedUserSid = localAccount.Translate(
typeof(SecurityIdentifier)
).Value;
ActionObserver.NotifyWarning("Danging SID '{0}' identified, using Administrators group sid", remoteSID);
if (!danglingSids.ContainsKey(remoteSID))
{
danglingSids.Add(remoteSID, translatedUserSid);
}
}
}
}
return(danglingSids);
}