public DSNAME[] GetMemberships( DsServer dc, DSNAME names, REVERSE_MEMBERSHIP_OPERATION_TYPE operationType, DSNAME?limitingDomain) { string baseDn = LdapUtility.ConvertUshortArrayToString( ((AddsDomain)dc.Domain).DomainNC.StringName ); string name = LdapUtility.ConvertUshortArrayToString(names.StringName); List <DSNAME> results = new List <DSNAME>(); // GroupMembersTransitive if (operationType == REVERSE_MEMBERSHIP_OPERATION_TYPE.GroupMembersTransitive) { return(GetGroupMembersTransitive(dc, names)); } // Get the primary group first DSNAME primaryGroup = LdapUtility.GetPrimaryGroup(dc, name, baseDn).Value; uint groupType = (uint)Convert.ToInt32( (string)LdapUtility.GetAttributeValue( dc, LdapUtility.ConvertUshortArrayToString(primaryGroup.StringName), "groupType") ); if (FilterGroupOperationType(operationType, groupType)) { // Valid primary group results.Add(primaryGroup); } string[] memberOfs = LdapUtility.GetAttributeValuesString(dc, name, "memberOf"); foreach (string grpName in memberOfs) { // Get groupType and filter using the filters groupType = (uint)Convert.ToInt32( LdapUtility.GetAttributeValue(dc, grpName, "groupType") ); if (!FilterGroupOperationType(operationType, groupType)) { continue; } results.Add(LdapUtility.CreateDSNameForObject(dc, grpName)); } return(results.ToArray()); }
static bool FilterGroupOperationType(REVERSE_MEMBERSHIP_OPERATION_TYPE opType, uint groupType) { GroupTypeFlags[] grpTypes = ParseGroupType(groupType); // filterout built-in groups if (opType == REVERSE_MEMBERSHIP_OPERATION_TYPE.RevMembGetAliasMembership || opType == REVERSE_MEMBERSHIP_OPERATION_TYPE.RevMembGetResourceGroups) { if ((groupType & (uint)GroupTypeFlags.BUILTIN_LOCAL_GROUP) > 0) { return(false); } } switch (opType) { case REVERSE_MEMBERSHIP_OPERATION_TYPE.RevMembGetGroupsForUser: { // Nontransitive membership in groups that are confined to a given domain, // excluding built-in groups and domain-local groups (resource groups). if ((groupType & (uint)GroupTypeFlags.RESOURCE_GROUP) == 0) { return(true); } return(false); } case REVERSE_MEMBERSHIP_OPERATION_TYPE.RevMembGetAliasMembership: { // Nontransitive membership in domain-local groups that are confined to a given domain. if ((groupType & (uint)GroupTypeFlags.RESOURCE_GROUP) > 0) { return(true); } return(false); } case REVERSE_MEMBERSHIP_OPERATION_TYPE.RevMembGetAccountGroups: { // Transitive membership in all account groups in a given domain, // excluding built-in groups. if ((groupType & (uint)GroupTypeFlags.ACCOUNT_GROUP) > 0) { return(true); } return(false); } case REVERSE_MEMBERSHIP_OPERATION_TYPE.RevMembGetResourceGroups: { // Transitive membership in all domain-local groups in a given domain, // excluding built-in groups. if ((groupType & (uint)GroupTypeFlags.RESOURCE_GROUP) > 0) { return(true); } return(false); } case REVERSE_MEMBERSHIP_OPERATION_TYPE.RevMembGetUniversalGroups: { // Transitive membership in all universal groups, excluding built-in groups. if ((groupType & (uint)GroupTypeFlags.UNIVERSAL_GROUP) > 0) { return(true); } return(false); } case REVERSE_MEMBERSHIP_OPERATION_TYPE.GroupMembersTransitive: { // Transitive closure of members of a group based on the information // present in the server's NC replicas, including the primary group. throw new NotImplementedException(); } case REVERSE_MEMBERSHIP_OPERATION_TYPE.RevMembGlobalGroupsNonTransitive: { // Non-transitive membership in global groups, excluding built-in groups. if ((groupType & (uint)GroupTypeFlags.ACCOUNT_GROUP) > 0) { return(true); } return(false); } default: return(false); } }