private IList <SearchResult> GetGroups(JitGroupMapping mapping) { string filter = $"(&(objectCategory=group))"; string path = $"LDAP://{mapping.GroupOU}"; return(this.GetObjects(path, SearchScope.OneLevel, filter)); }
public JitGroupMappingViewModel(JitGroupMapping model, ILogger <JitGroupMappingViewModel> logger, IDialogCoordinator dialogCoordinator, IModelValidator <JitGroupMappingViewModel> validator, IDiscoveryServices discoveryServices, IObjectSelectionProvider objectSelectionProvider) { this.logger = logger; this.dialogCoordinator = dialogCoordinator; this.Model = model; this.objectSelectionProvider = objectSelectionProvider; this.Validator = validator; this.discoveryServices = discoveryServices; }
public void SerializeJitGroupMapping() { JitGroupMapping s = new JitGroupMapping(); s.ComputerOU = TestContext.CurrentContext.Random.GetString(); s.GroupOU = TestContext.CurrentContext.Random.GetString(); s.GroupNameTemplate = TestContext.CurrentContext.Random.GetString(); s.GroupType = GroupType.Global; JitGroupMapping n = JsonConvert.DeserializeObject <JitGroupMapping>(JsonConvert.SerializeObject(s)); Assert.AreEqual(s.ComputerOU, n.ComputerOU); Assert.AreEqual(s.GroupOU, n.GroupOU); Assert.AreEqual(s.GroupNameTemplate, n.GroupNameTemplate); Assert.AreEqual(s.GroupType, n.GroupType); }
private void PerformSync(JitGroupMapping mapping, CancellationToken cancellationToken) { this.ThrowOnMappingConfigurationError(mapping); if (!this.deltaInformation.TryGetValue(mapping.ComputerOU, out SearchParameters usnData)) { usnData = new SearchParameters { Server = mapping.PreferredDC, DnsDomain = this.discoveryServices.GetDomainNameDns(mapping.ComputerOU), LastUsn = 0 }; this.deltaInformation.Add(mapping.ComputerOU, usnData); } cancellationToken.ThrowIfCancellationRequested(); if (this.deltaSyncInterval <= 0 || DateTime.UtcNow > usnData.LastFullSync.AddMinutes(this.fullSyncInterval)) { this.logger.LogTrace("Resetting for a full sync"); usnData.Server = mapping.PreferredDC; usnData.LastUsn = 0; } this.PopulateUsnDataWithFallback(usnData); cancellationToken.ThrowIfCancellationRequested(); if (usnData.LastUsn == usnData.HighestUsn) { this.logger.LogTrace($"No directory changes detected on {usnData.Server}"); return; } if (usnData.LastUsn == 0) { this.PerformFullSync(mapping, usnData, cancellationToken); usnData.LastFullSync = DateTime.UtcNow; } else { this.PerformPartialSync(mapping, usnData, cancellationToken); } usnData.LastUsn = usnData.HighestUsn; }
private void PerformPartialSync(JitGroupMapping mapping, SearchParameters data) { this.logger.LogTrace($"Performing delta JIT group synchronization for domain {data.DnsDomain} against server {data.Server}"); var computers = GetComputers(mapping, data); var expectedGroupNames = GetExpectedGroupNames(computers, mapping.GroupNameTemplate).ToList(); if (expectedGroupNames.Count > 0) { this.logger.LogTrace($"{expectedGroupNames.Count} groups to create"); this.CreateGroups(expectedGroupNames, mapping.GroupOU, mapping.GroupDescription, mapping.GroupType); } else { this.logger.LogTrace("No groups need to be created"); } }
private void PerformFullSync(JitGroupMapping mapping, SearchParameters data, CancellationToken cancellationToken) { this.logger.LogTrace($"Performing full JIT group synchronization for domain {data.DnsDomain} against server {data.Server}"); cancellationToken.ThrowIfCancellationRequested(); var computers = GetComputers(mapping, data); cancellationToken.ThrowIfCancellationRequested(); var groups = GetGroups(mapping); cancellationToken.ThrowIfCancellationRequested(); var expectedGroupNames = GetExpectedGroupNames(computers, mapping.GroupNameTemplate).ToList(); var currentGroupNames = groups.Select(t => t.GetPropertyString("cn")).ToList(); var groupsToCreate = expectedGroupNames.Except(currentGroupNames, StringComparer.CurrentCultureIgnoreCase).ToList(); if (groupsToCreate.Count > 0) { this.logger.LogTrace($"{groupsToCreate.Count} groups to create"); this.CreateGroups(groupsToCreate, mapping.GroupOU, mapping.GroupDescription, mapping.GroupType, cancellationToken); } else { this.logger.LogTrace("No groups need to be created"); } if (mapping.EnableJitGroupDeletion) { var groupsToDelete = groups .Where(t => !expectedGroupNames.Contains(t.GetPropertyString("cn"), StringComparer.CurrentCultureIgnoreCase)) .Select(t => t.GetPropertyString("msDS-PrincipalName")).ToList(); if (groupsToDelete.Count > 0) { this.logger.LogTrace($"{groupsToDelete.Count} groups to delete"); this.DeleteGroups(groupsToDelete, cancellationToken); } else { this.logger.LogTrace("No groups need to be deleted"); } } }
private void ThrowOnMappingConfigurationError(JitGroupMapping mapping) { if (string.IsNullOrWhiteSpace(mapping.ComputerOU)) { throw new ConfigurationException("A JIT group mapping contains a null ComputerOU field"); } if (string.IsNullOrWhiteSpace(mapping.GroupOU)) { throw new ConfigurationException("A JIT group mapping contains a null GroupOU field"); } if (string.IsNullOrWhiteSpace(mapping.GroupNameTemplate)) { throw new ConfigurationException("A JIT group mapping had a null GroupNameTemplate field"); } if (!this.groupResolver.IsTemplatedName(mapping.GroupNameTemplate)) { throw new ConfigurationException( $"The mapping for computers in OU '{mapping.ComputerOU}' contains a template without the %computerName% placeholder and cannot be processed"); } }
public JitGroupMappingViewModel CreateViewModel(JitGroupMapping model) { return(new JitGroupMappingViewModel(model, validator)); }
public JitGroupMappingViewModel CreateViewModel(JitGroupMapping model) { return(new JitGroupMappingViewModel(model, logger, dialogCoordinator, validator.Invoke(), discoveryServices, objectSelectionProvider)); }
private IList <SearchResult> GetComputers(JitGroupMapping mapping, SearchParameters searchParams) { return(this.GetObjects(searchParams.Server, mapping.ComputerOU, "computer", mapping.Subtree ? SearchScope.Subtree : SearchScope.OneLevel, searchParams.LastUsn, searchParams.HighestUsn)); }
public JitGroupMappingViewModel(JitGroupMapping model, IModelValidator <JitGroupMappingViewModel> validator) { this.Model = model; this.Validator = validator; }