private void LdapQuery()
{
try
{
LdapUtil util = new LdapUtil(config.LDAP_SERVER, config.LDAP_USERNAME, config.LDAP_PASSWORD);
UserManager mgr = new UserManager(util, model.Data.UserName);
UserMetaData user = mgr.GetMetaData();
model.Data.AccountModel = new AccountModel();
model.Data.AccountModel.City = user.City;
model.Data.AccountModel.Country = user.Country;
model.Data.AccountModel.Department = user.Department;
model.Data.AccountModel.EmailAddress = user.EmailAddress;
model.Data.AccountModel.FirstName = user.FirstName;
model.Data.AccountModel.JobTitle = user.JobTitle;
model.Data.AccountModel.LastLogon = user.LastLogon;
model.Data.AccountModel.LastName = user.LastName;
model.Data.AccountModel.Manager = user.Manager;
model.Data.AccountModel.PhoneNumber = user.PhoneNumber;
model.Data.AccountModel.StateProvince = user.StateProvince;
model.Data.AccountModel.StreetAddress = user.StreetAddress;
model.Data.AccountModel.OrganizationalUnit = user.OrganizationalUnit;
model.Data.AccountModel.Groups = user.Groups;
}
catch (System.DirectoryServices.ActiveDirectory.ActiveDirectoryObjectNotFoundException e)
{
log.Warn("Account " + model.Data.UserName + " not found", e);
}
catch (System.DirectoryServices.DirectoryServicesCOMException e)
{
log.Fatal("An error occured while performing a lookup against Active Directory", e);
Environment.Exit(1);
}
}
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
.AddEnvironmentVariables();
Configuration = builder.Build();
LdapUtil.Register(Configuration);
}
private void CheckADObjectExists(TaxonomyViewModel model)
{
if (model.TypeId == 3 || model.TypeId == 4)
{
AppConfiguration config = new AppConfiguration(System.Configuration.ConfigurationManager.AppSettings["CryptoKey"]);
LdapUtil ldap = new LdapUtil(config.LDAP_SERVER, config.LDAP_USERNAME, config.LDAP_PASSWORD);
Boolean exists = ldap.CheckIfDNExists(model.Value);
if (!exists)
{
throw new NotSupportedException(model.Value + " does not exist in Active Directory database");
}
}
}
public ActionResult Containment(string username, Boolean pwdReset, Boolean disableAccount)
{
try
{
AppConfiguration config = new AppConfiguration(System.Configuration.ConfigurationManager.AppSettings["CryptoKey"]);
LdapUtil util = new LdapUtil(config.LDAP_SERVER, config.LDAP_USERNAME, config.LDAP_PASSWORD);
UserManager user = new UserManager(util, username);
if (pwdReset)
{
user.EnforcePasswordReset();
}
if (disableAccount)
{
user.DisableAccount(config.LDAP_DESCRIPTION);
}
Response.StatusCode = 200;
return(new EmptyResult());
}
catch (Exception e)
{
Response.StatusCode = 500;
return(Content(e.Message));
}
}
/// <summary>
/// Realiza a sincroniza��o das senhas alteradas no Autenticador com o AD.
/// </summary>
/// <param name="userAD">Objeto de conex�o com o Active Directory (AD).</param>
/// <param name="dominio">Dom�nio do Active Directory (AD).</param>
/// <param name="organizationalUnitsPath">Caminho de Organizational Units onde os usu�rios s�o criados no Active Directory (AD).</param>
/// <param name="log">Dados do usu�rio.</param>
/// <returns></returns>
public static bool SincronizaSenhaAlteradaAutenticador(LdapUsers userAD, string dominio, string organizationalUnitsPath, sLOG_UsuarioAD log, string descricao)
{
bool processou = false;
if (!LdapUtil.Exists(dominio))
{
throw new ValidationException("Dom�nio n�o foi encontrado.");
}
if (!LdapUtil.ExistsOrganizationalUnitPath(dominio, organizationalUnitsPath))
{
throw new ValidationException("Caminho de Organizational Units n�o foi encontrado.");
}
switch (log.usuarioAD.usa_acao)
{
case (short)LOG_UsuarioAD.eAcao.IncluirUsuario:
{
if (userAD.UserExists(log.usuario.usu_login))
{
throw new ArgumentException("Usu�rio j� existe.");
}
processou = userAD.CreateUser(organizationalUnitsPath, log.pessoa.pes_nome, log.usuario.usu_email, log.usuario.usu_login, log.dadosUsuario.senha, descricao);
if (log.usuario.usu_situacao == (byte)SYS_UsuarioBO.eSituacao.Senha_Expirada)
{
processou &= userAD.SetExpirePassword(log.usuario.usu_login, true);
}
}
break;
case (short)LOG_UsuarioAD.eAcao.AlterarSenha:
{
if (!userAD.UserExists(log.usuario.usu_login))
{
throw new ArgumentException("Usu�rio n�o encontrado.");
}
processou = userAD.SetExpirePassword(log.usuario.usu_login, false);
processou &= userAD.SetPassword(log.usuario.usu_login, log.dadosUsuario.senha);
if (log.usuario.usu_situacao == (byte)SYS_UsuarioBO.eSituacao.Senha_Expirada)
{
processou &= userAD.SetExpirePassword(log.usuario.usu_login, true);
}
}
break;
case (short)LOG_UsuarioAD.eAcao.ExcluirUsuario:
{
if (!userAD.UserExists(log.usuario.usu_login))
{
throw new ArgumentException("Usu�rio n�o encontrado.");
}
processou = userAD.DeleteUser(log.usuario.usu_login);
}
break;
default:
throw new ValidationException("Opera��o inv�lida.");
}
return(processou);
}
/// <summary>
/// Processa os hist�ricos de altera��o de senha e realiza a sincroniza��o entre o Autenticador e AD.
/// </summary>
/// <param name="ltLogUsuarioAD">Lista de hist�rico de altera��o de senha.</param>
/// <returns></returns>
public static bool ProcessaLogUsuarioAD(List <sLOG_UsuarioAD> ltLogUsuarioAD)
{
try
{
string dominio = CFG_ConfiguracaoBO.SelecionaValorPorChave("AppDominioAD");
string organizationalUnitPath = CFG_ConfiguracaoBO.SelecionaValorPorChave("AppOrganizationalUnitPath");
string descricao = CFG_ConfiguracaoBO.SelecionaValorPorChave("AppUserDescriptionAD");
LdapUsers userAD = new LdapUsers(LdapUtil.CheckPath(dominio));
foreach (sLOG_UsuarioAD log in ltLogUsuarioAD)
{
try
{
bool processou = false;
if (log.usuarioAD.usa_origemAcao == (short)LOG_UsuarioAD.eOrigem.Autenticador)
{
processou = SincronizaSenhaAlteradaAutenticador(userAD, dominio, organizationalUnitPath, log, descricao);
}
else
{
processou = SincronizaSenhaAlteradaAD(log);
}
if (processou)
{
LOG_UsuarioAD usuarioAD = log.usuarioAD;
usuarioAD.usa_status = (short)LOG_UsuarioAD.eStatus.Processado;
usuarioAD.usa_dataProcessado = DateTime.Now;
LOG_UsuarioADBO.Save(usuarioAD);
}
else
{
LOG_UsuarioAD usuarioAD = log.usuarioAD;
usuarioAD.usa_status = (short)LOG_UsuarioAD.eStatus.Falha;
usuarioAD.usa_dataProcessado = DateTime.Now;
LOG_UsuarioADBO.Save(usuarioAD);
LOG_UsuarioADErro erro = new LOG_UsuarioADErro
{
usa_id = log.usuarioAD.usa_id
,
use_descricaoErro = "O log de altera��o de senha n�o foi processado."
};
LOG_UsuarioADErroBO.Save(erro);
}
}
catch (Exception ex)
{
LOG_UsuarioAD usuarioAD = log.usuarioAD;
usuarioAD.usa_status = (byte)LOG_UsuarioAD.eStatus.Falha;
usuarioAD.usa_dataProcessado = DateTime.Now;
LOG_UsuarioADBO.Save(usuarioAD);
LOG_UsuarioADErro erro = new LOG_UsuarioADErro
{
usa_id = log.usuarioAD.usa_id
,
use_descricaoErro = ex.Message
};
LOG_UsuarioADErroBO.Save(erro);
UtilBO.GravarErro(ex);
}
}
return(true);
}
catch (Exception ex)
{
ltLogUsuarioAD.ForEach(p =>
{
LOG_UsuarioAD entityUsuarioAD = p.usuarioAD;
entityUsuarioAD.usa_status = (short)LOG_UsuarioAD.eStatus.Pendente;
LOG_UsuarioADBO.Save(entityUsuarioAD);
});
throw ex;
}
}
