private static DirectorySearcher DirectorySearcher(
string loginId, string password, ParameterAccessor.Parts.Ldap ldap)
{
return(new DirectorySearcher(loginId != null && password != null
? new DirectoryEntry(ldap.LdapSearchRoot, loginId, password)
: new DirectoryEntry(ldap.LdapSearchRoot)));
}
public static string NetBiosName(
Context context, LdapEntry entry, ParameterAccessor.Parts.Ldap ldap)
{
return(ldap.NetBiosDomainName + "\\" + entry.Property(
context: context,
name: "sAMAccountName"));
}
private static void Sync(
Context context,
ParameterAccessor.Parts.Ldap ldap,
string pattern,
DateTime synchronizedTime)
{
var logs = new Logs()
{
new Log("pattern", pattern)
};
try
{
var directorySearcher = DirectorySearcher(
ldap.LdapSyncUser,
ldap.LdapSyncPassword,
ldap);
directorySearcher.Filter = pattern;
directorySearcher.PageSize = 1000;
var results = directorySearcher.FindAll();
logs.Add("results", results.Count.ToString());
foreach (SearchResult result in results)
{
DirectoryEntry entry = result.Entry(
ldap.LdapSyncUser,
ldap.LdapSyncPassword);
if (Enabled(entry, ldap))
{
logs.Add("entry", entry.Path);
if (Authentications.Windows())
{
UpdateOrInsert(
context: context,
loginId: NetBiosName(
context: context,
entry: entry,
ldap: ldap),
entry: entry,
ldap: ldap,
synchronizedTime: synchronizedTime);
}
else
{
UpdateOrInsert(
context: context,
loginId: entry.Property(
context: context,
name: ldap.LdapSearchProperty),
entry: entry,
ldap: ldap,
synchronizedTime: synchronizedTime);
}
}
}
}
catch (Exception e)
{
new SysLogModel(context: context, e: e, logs: logs);
}
}
public static string NetBiosName(
Context context, SearchResult result, ParameterAccessor.Parts.Ldap ldap)
{
return(ldap.NetBiosDomainName + "\\" + result.Property(
context: context,
name: "sAMAccountName"));
}
private static void UpdateOrInsert(
string loginId, DirectoryEntry entry, ParameterAccessor.Parts.Ldap ldap)
{
var deptCode = entry.Property(ldap.LdapDeptCode, ldap.LdapDeptCodePattern);
var deptName = entry.Property(ldap.LdapDeptName, ldap.LdapDeptNamePattern);
var deptExists = !deptCode.IsNullOrEmpty() && !deptName.IsNullOrEmpty();
var userCode = entry.Property(ldap.LdapUserCode, ldap.LdapUserCodePattern);
var name = Name(loginId, entry, ldap);
var mailAddress = entry.Property(ldap.LdapMailAddress, ldap.LdapMailAddressPattern);
var statements = new List <SqlStatement>();
if (deptExists)
{
statements.Add(Rds.UpdateOrInsertDepts(
param: Rds.DeptsParam()
.TenantId(ldap.LdapTenantId)
.DeptCode(deptCode)
.DeptName(deptName),
where : Rds.DeptsWhere().DeptCode(deptCode)));
}
statements.Add(Rds.UpdateOrInsertUsers(
param: Rds.UsersParam()
.TenantId(ldap.LdapTenantId)
.LoginId(loginId)
.UserCode(userCode)
.Name(name)
.DeptId(
sub: Rds.SelectDepts(
column: Rds.DeptsColumn().DeptId(),
where : Rds.DeptsWhere().DeptCode(deptCode)),
_using: deptExists)
.DeptId(0, _using: !deptExists),
where : Rds.UsersWhere().LoginId(loginId)));
if (!mailAddress.IsNullOrEmpty())
{
statements.Add(Rds.PhysicalDeleteMailAddresses(
where : Rds.MailAddressesWhere()
.OwnerType("Users")
.OwnerId(sub: Rds.SelectUsers(
column: Rds.UsersColumn().UserId(),
where : Rds.UsersWhere().LoginId(loginId)))));
statements.Add(Rds.InsertMailAddresses(
param: Rds.MailAddressesParam()
.OwnerId(sub: Rds.SelectUsers(
column: Rds.UsersColumn().UserId(),
where : Rds.UsersWhere().LoginId(loginId)))
.OwnerType("Users")
.MailAddress(mailAddress)));
}
statements.Add(StatusUtilities.UpdateStatus(
StatusUtilities.Types.DeptsUpdated,
tenantId: ldap.LdapTenantId));
statements.Add(StatusUtilities.UpdateStatus(
StatusUtilities.Types.UsersUpdated,
tenantId: ldap.LdapTenantId));
Rds.ExecuteNonQuery(
transactional: true,
statements: statements.ToArray());
}
private static bool Enabled(SearchResult result, ParameterAccessor.Parts.Ldap ldap)
{
var accountDisabled = 2;
return(!ldap.LdapExcludeAccountDisabled ||
!result.Properties.Contains("UserAccountControl") ||
(result.Properties["UserAccountControl"].ToLong() & accountDisabled) == 0);
}
private static bool Enabled(DirectoryEntry entry, ParameterAccessor.Parts.Ldap ldap)
{
var accountDisabled = 2;
return
(!ldap.LdapExcludeAccountDisabled ||
(entry.Properties["UserAccountControl"].Value.ToLong() & accountDisabled) == 0);
}
private static bool Enabled(LdapEntry entry, ParameterAccessor.Parts.Ldap ldap)
{
var accountDisabled = 2;
return
(!ldap.LdapExcludeAccountDisabled ||
(entry.GetAttribute("UserAccountControl")?.StringValue.ToLong() & accountDisabled) == 0);
}
private static string Name(
string loginId, DirectoryEntry entry, ParameterAccessor.Parts.Ldap ldap)
{
var name = "{0} {1}".Params(
entry.Property(ldap.LdapLastName, ldap.LdapLastNamePattern),
entry.Property(ldap.LdapFirstName, ldap.LdapFirstNamePattern));
return(name != " "
? name.Trim()
: loginId);
}
private static void Sync(
Context context,
ParameterAccessor.Parts.Ldap ldap,
string pattern,
DateTime synchronizedTime)
{
var logs = new Logs()
{
new Log("pattern", pattern)
};
try
{
using (var con = LdapConnection(
ldap.LdapSyncUser,
ldap.LdapSyncPassword,
ldap))
{
var results = con.Search(
con.DN(ldap),
Novell.Directory.Ldap.LdapConnection.ScopeSub,
pattern,
null,
false,
new LdapSearchConstraints()
{
MaxResults = 0, ReferralFollowing = true
});
logs.Add("results", results.Count.ToString());
while (results.HasMore())
{
var entry = results.Next();
if (Enabled(entry, ldap))
{
logs.Add("entry", entry.Dn);
UpdateOrInsert(
context: context,
entry: entry,
ldap: ldap,
synchronizedTime: synchronizedTime);
}
}
}
}
catch (LdapException le)
{
logs.Add(new Log("LdapErrorMessage", le.LdapErrorMessage?.TrimEnd('\0')));
new SysLogModel(context: context, e: le, logs: logs);
}
catch (Exception e)
{
new SysLogModel(context: context, e: e, logs: logs);
}
}
private static void UpdateOrInsert(
Context context,
LdapEntry entry,
ParameterAccessor.Parts.Ldap ldap,
DateTime synchronizedTime)
{
var deptCode = entry.Property(
context: context,
name: ldap.LdapDeptCode,
pattern: ldap.LdapDeptCodePattern);
var deptName = entry.Property(
context: context,
name: ldap.LdapDeptName,
pattern: ldap.LdapDeptNamePattern);
var userCode = entry.Property(
context: context,
name: ldap.LdapUserCode,
pattern: ldap.LdapUserCodePattern);
var loginId = LoginId(
context: context,
ldap: ldap,
entry: entry);
var name = Name(
context: context,
loginId: loginId,
entry: entry,
ldap: ldap);
var mailAddress = entry.Property(
context: context,
name: ldap.LdapMailAddress,
pattern: ldap.LdapMailAddressPattern);
var attributes = ldap.LdapExtendedAttributes?
.Select(attribute =>
new KeyValuePair <LdapExtendedAttribute, string>(
attribute,
entry.Property(
context: context,
name: attribute.Name,
pattern: attribute.Pattern)))
.ToList();
UpdateOrInsert(
context: context,
loginId: loginId,
deptCode: deptCode,
deptName: deptName,
userCode: userCode,
name: name,
mailAddress: mailAddress,
attributes: attributes,
ldap: ldap,
synchronizedTime: synchronizedTime);
}
private static void Sync(
Context context,
ParameterAccessor.Parts.Ldap ldap,
string pattern,
DateTime synchronizedTime)
{
var logs = new Logs()
{
new Log("pattern", pattern)
};
try
{
var directorySearcher = DirectorySearcher(
ldap.LdapSyncUser,
ldap.LdapSyncPassword,
ldap);
directorySearcher.Filter = pattern;
if (ldap.LdapSyncPageSize == 0)
{
directorySearcher.PageSize = 1000;
}
else if (ldap.LdapSyncPageSize > 0)
{
directorySearcher.PageSize = ldap.LdapSyncPageSize;
}
var results = directorySearcher.FindAll();
logs.Add("results", results.Count.ToString());
foreach (SearchResult result in results)
{
if (Enabled(result, ldap))
{
logs.Add("result", result.Path);
UpdateOrInsert(
context: context,
result: result,
ldap: ldap,
synchronizedTime: synchronizedTime);
}
}
}
catch (DirectoryServicesCOMException e)
{
new SysLogModel(
context: context,
extendedErrorMessage: e.ExtendedErrorMessage,
e: e);
}
catch (Exception e)
{
new SysLogModel(context: context, e: e, logs: logs);
}
}
private static DirectorySearcher DirectorySearcher(
string loginId, string password, ParameterAccessor.Parts.Ldap ldap)
{
if (!Enum.TryParse(ldap.LdapAuthenticationType, out AuthenticationTypes type) ||
!Enum.IsDefined(typeof(AuthenticationTypes), type))
{
type = AuthenticationTypes.Secure;
}
return(new DirectorySearcher(loginId == null || password == null
? new DirectoryEntry(ldap.LdapSearchRoot)
: new DirectoryEntry(ldap.LdapSearchRoot, loginId, password, type)));
}
private static string LoginId(
Context context,
ParameterAccessor.Parts.Ldap ldap,
LdapEntry entry)
{
var loginId = Authentications.Windows(context: context)
? NetBiosName(
context: context,
entry: entry,
ldap: ldap)
: entry.Property(
context: context,
name: ldap.LdapSearchProperty);
return(loginId);
}
private static string LoginId(
Context context,
ParameterAccessor.Parts.Ldap ldap,
SearchResult result)
{
var loginId = Authentications.Windows(context: context)
? NetBiosName(
context: context,
result: result,
ldap: ldap)
: result.Property(
context: context,
name: ldap.LdapSearchProperty);
return(loginId);
}
private static LdapConnection LdapConnection(
string loginId, string password, ParameterAccessor.Parts.Ldap ldap)
{
var url = new LdapUrl(ldap.LdapSearchRoot);
var con = new LdapConnection();
con.Connect(url.Host, url.Port);
if (loginId != null && password != null)
{
con.Bind(loginId, password);
}
else
{
con.Bind(null, null);
}
return(con);
}
private static string Name(
Context context,
string loginId,
LdapEntry entry,
ParameterAccessor.Parts.Ldap ldap)
{
var name = "{0} {1}".Params(
entry.Property(
context: context,
name: ldap.LdapLastName,
pattern: ldap.LdapLastNamePattern),
entry.Property(
context: context,
name: ldap.LdapFirstName,
pattern: ldap.LdapFirstNamePattern));
return(name != " "
? name.Trim()
: loginId);
}
private static bool Enabled(LdapEntry entry, ParameterAccessor.Parts.Ldap ldap)
{
var accountDisabled = 2;
if (!ldap.LdapExcludeAccountDisabled)
{
return(true);
}
if (entry.GetAttributeSet().Any(o => o.Key == "userAccountControl"))
{
var userAccountControl = entry.GetAttribute("userAccountControl")?.StringValue;
return(userAccountControl.IsNullOrEmpty()
? true
: (userAccountControl.ToLong() & accountDisabled) == 0);
}
else
{
return(true);
}
}
private static void UpdateOrInsert(
Context context,
string loginId,
SearchResult result,
ParameterAccessor.Parts.Ldap ldap,
DateTime synchronizedTime)
{
var deptCode = result.Property(
context: context,
name: ldap.LdapDeptCode,
pattern: ldap.LdapDeptCodePattern);
var deptName = result.Property(
context: context,
name: ldap.LdapDeptName,
pattern: ldap.LdapDeptNamePattern);
var deptExists = !deptCode.IsNullOrEmpty() && !deptName.IsNullOrEmpty();
var deptSettings = !ldap.LdapDeptCode.IsNullOrEmpty() && !ldap.LdapDeptName.IsNullOrEmpty();
var userCode = result.Property(
context: context,
name: ldap.LdapUserCode,
pattern: ldap.LdapUserCodePattern);
var name = Name(
context: context,
loginId: loginId,
result: result,
ldap: ldap);
var mailAddress = result.Property(
context: context,
name: ldap.LdapMailAddress,
pattern: ldap.LdapMailAddressPattern);
var statements = new List <SqlStatement>();
if (deptExists)
{
statements.Add(Rds.UpdateOrInsertDepts(
param: Rds.DeptsParam()
.TenantId(ldap.LdapTenantId)
.DeptCode(deptCode)
.DeptName(deptName),
where : Rds.DeptsWhere().DeptCode(deptCode)));
}
var param = Rds.UsersParam()
.TenantId(ldap.LdapTenantId)
.LoginId(loginId)
.UserCode(userCode)
.Name(name)
.DeptId(
sub: Rds.SelectDepts(
column: Rds.DeptsColumn().DeptId(),
where : Rds.DeptsWhere().DeptCode(deptCode)),
_using: deptExists)
.DeptId(0, _using: deptSettings && !deptExists)
.LdapSearchRoot(ldap.LdapSearchRoot)
.SynchronizedTime(synchronizedTime);
ldap.LdapExtendedAttributes?.ForEach(attribute =>
param.Add(
$"[Users].[{attribute.ColumnName}]",
attribute.ColumnName,
result.Property(
context: context,
name: attribute.Name,
pattern: attribute.Pattern)));
statements.Add(Rds.UpdateOrInsertUsers(
param: param,
where : Rds.UsersWhere().LoginId(loginId),
addUpdatorParam: false,
addUpdatedTimeParam: false));
if (!mailAddress.IsNullOrEmpty())
{
statements.Add(Rds.PhysicalDeleteMailAddresses(
where : Rds.MailAddressesWhere()
.OwnerType("Users")
.OwnerId(sub: Rds.SelectUsers(
column: Rds.UsersColumn().UserId(),
where : Rds.UsersWhere().LoginId(loginId)))));
statements.Add(Rds.InsertMailAddresses(
param: Rds.MailAddressesParam()
.OwnerId(sub: Rds.SelectUsers(
column: Rds.UsersColumn().UserId(),
where : Rds.UsersWhere().LoginId(loginId)))
.OwnerType("Users")
.MailAddress(mailAddress)));
}
var ss = new SiteSettings();
statements.Add(StatusUtilities.UpdateStatus(
tenantId: ldap.LdapTenantId, type: StatusUtilities.Types.DeptsUpdated));
statements.Add(StatusUtilities.UpdateStatus(
tenantId: ldap.LdapTenantId, type: StatusUtilities.Types.UsersUpdated));
Rds.ExecuteNonQuery(
context: context,
transactional: true,
statements: statements.ToArray());
}
public static string NetBiosName(DirectoryEntry entry, ParameterAccessor.Parts.Ldap ldap)
{
return(ldap.NetBiosDomainName + "\\" + entry.Property("sAMAccountName", null));
}
private static string DN(this LdapConnection con, ParameterAccessor.Parts.Ldap ldap)
{
return((new LdapUrl(ldap.LdapSearchRoot)).GetDn());
}
private static void Sync(
Context context,
ParameterAccessor.Parts.Ldap ldap,
string pattern,
DateTime synchronizedTime)
{
var logs = new Logs()
{
new Log("pattern", pattern)
};
try
{
var directorySearcher = DirectorySearcher(
ldap.LdapSyncUser,
ldap.LdapSyncPassword,
ldap);
directorySearcher.Filter = pattern;
directorySearcher.PageSize = 1000;
var results = directorySearcher.FindAll();
logs.Add("results", results.Count.ToString());
foreach (SearchResult result in results)
{
DirectoryEntry entry = result.Entry(
ldap.LdapSyncUser,
ldap.LdapSyncPassword);
if (Enabled(entry, ldap))
{
logs.Add("entry", entry.Path);
if (Authentications.Windows())
{
UpdateOrInsert(
context: context,
loginId: NetBiosName(
context: context,
entry: entry,
ldap: ldap),
entry: entry,
ldap: ldap,
synchronizedTime: synchronizedTime);
}
else
{
UpdateOrInsert(
context: context,
loginId: entry.Property(
context: context,
name: ldap.LdapSearchProperty),
entry: entry,
ldap: ldap,
synchronizedTime: synchronizedTime);
}
}
}
if (ldap.AutoDisable)
{
Rds.ExecuteNonQuery(
context: context,
statements: Rds.UpdateUsers(
param: Rds.UsersParam().Disabled(true),
where : Rds.UsersWhere()
.Disabled(false)
.LdapSearchRoot(ldap.LdapSearchRoot)
.SynchronizedTime(_operator: " is not null")
.SynchronizedTime(synchronizedTime, _operator: "<>")));
}
if (ldap.AutoEnable)
{
Rds.ExecuteNonQuery(
context: context,
statements: Rds.UpdateUsers(
param: Rds.UsersParam().Disabled(false),
where : Rds.UsersWhere()
.Disabled(true)
.LdapSearchRoot(ldap.LdapSearchRoot)
.SynchronizedTime(_operator: " is not null")
.SynchronizedTime(synchronizedTime)));
}
}
catch (Exception e)
{
new SysLogModel(context: context, e: e, logs: logs);
}
}
public static string NetBiosName(DirectoryEntry entry, ParameterAccessor.Parts.Ldap ldap)
{
return(ldap.NetBiosDomainName + System.IO.Path.DirectorySeparatorChar + entry.Property("sAMAccountName", null));
}
private static void UpdateOrInsert(
Context context,
string loginId,
string deptCode,
string deptName,
string userCode,
string name,
string mailAddress,
List <KeyValuePair <LdapExtendedAttribute, string> > attributes,
ParameterAccessor.Parts.Ldap ldap,
DateTime synchronizedTime)
{
var deptExists = !deptCode.IsNullOrEmpty() && !deptName.IsNullOrEmpty();
var deptSettings = !ldap.LdapDeptCode.IsNullOrEmpty() && !ldap.LdapDeptName.IsNullOrEmpty();
var statements = new List <SqlStatement>();
if (deptExists)
{
statements.Add(Rds.UpdateOrInsertDepts(
param: Rds.DeptsParam()
.TenantId(ldap.LdapTenantId)
.DeptCode(deptCode)
.DeptName(deptName),
where : Rds.DeptsWhere().DeptCode(deptCode)));
}
var exists = Rds.ExecuteScalar_int(
context: context,
statements: Rds.SelectUsers(
column: Rds.UsersColumn().UsersCount(),
where : Rds.UsersWhere().LoginId(
value: context.Sqls.EscapeValue(loginId),
_operator: context.Sqls.LikeWithEscape))) == 1;
var param = Rds.UsersParam()
.TenantId(ldap.LdapTenantId)
.LoginId(loginId, _using: !exists)
.UserCode(userCode)
.Name(name)
.DeptId(
sub: Rds.SelectDepts(
column: Rds.DeptsColumn().DeptId(),
where : Rds.DeptsWhere().DeptCode(deptCode)),
_using: deptExists)
.DeptId(0, _using: deptSettings && !deptExists)
.LdapSearchRoot(ldap.LdapSearchRoot)
.SynchronizedTime(synchronizedTime);
attributes?.ForEach(attributeAndName =>
param.Add(
$"\"Users\".\"{attributeAndName.Key.ColumnName}\"",
attributeAndName.Key.ColumnName,
attributeAndName.Value));
statements.Add(Rds.UpdateOrInsertUsers(
param: param,
where : Rds.UsersWhere().LoginId(
value: context.Sqls.EscapeValue(loginId),
_operator: context.Sqls.LikeWithEscape),
addUpdatorParam: false,
addUpdatedTimeParam: false));
if (!mailAddress.IsNullOrEmpty())
{
statements.Add(Rds.PhysicalDeleteMailAddresses(
where : Rds.MailAddressesWhere()
.OwnerType("Users")
.OwnerId(sub: Rds.SelectUsers(
column: Rds.UsersColumn().UserId(),
where : Rds.UsersWhere().LoginId(
value: context.Sqls.EscapeValue(loginId),
_operator: context.Sqls.LikeWithEscape)))));
statements.Add(Rds.InsertMailAddresses(
param: Rds.MailAddressesParam()
.OwnerId(sub: Rds.SelectUsers(
column: Rds.UsersColumn().UserId(),
where : Rds.UsersWhere().LoginId(
value: context.Sqls.EscapeValue(loginId),
_operator: context.Sqls.LikeWithEscape)))
.OwnerType("Users")
.MailAddress(mailAddress)));
}
var ss = new SiteSettings();
statements.Add(StatusUtilities.UpdateStatus(
tenantId: ldap.LdapTenantId, type: StatusUtilities.Types.DeptsUpdated));
statements.Add(StatusUtilities.UpdateStatus(
tenantId: ldap.LdapTenantId, type: StatusUtilities.Types.UsersUpdated));
Repository.ExecuteNonQuery(
context: context,
transactional: true,
statements: statements.ToArray());
}
private static void Sync(
Context context,
ParameterAccessor.Parts.Ldap ldap,
string pattern,
DateTime synchronizedTime)
{
var logs = new Logs()
{
new Log("pattern", pattern)
};
try
{
using (var con = LdapConnection(
ldap.LdapSyncUser,
ldap.LdapSyncPassword,
ldap))
{
var results = con.Search(
con.DN(ldap),
Novell.Directory.Ldap.LdapConnection.SCOPE_SUB,
pattern,
null,
false,
new LdapSearchConstraints()
{
MaxResults = 1000
});
logs.Add("results", results.Count.ToString());
while (results.hasMore())
{
var entry = results.next();
if (Enabled(entry, ldap))
{
logs.Add("entry", entry.DN);
if (Authentications.Windows(context: context))
{
UpdateOrInsert(
context: context,
loginId: NetBiosName(
context: context,
entry: entry,
ldap: ldap),
entry: entry,
ldap: ldap,
synchronizedTime: synchronizedTime);
}
else
{
UpdateOrInsert(
context: context,
loginId: entry.Property(
context: context,
name: ldap.LdapSearchProperty),
entry: entry,
ldap: ldap,
synchronizedTime: synchronizedTime);
}
}
}
}
}
catch (Exception e)
{
new SysLogModel(context: context, e: e, logs: logs);
}
}
