| public static ChangeToAdminAccount ( ) : void | ||
| return | void | |
/* ==================================================================================== Public Methods */
public void CreateNewADUser(User user, string newPath, string passwd)
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
try
{
var parentPath = RepositoryPath.GetParentPath(newPath);
// get containing synctree
var syncTree = GetSyncTreeContainingPortalPath(parentPath);
if (syncTree == null)
{
// not synced object
return;
}
AdLog.LogPortalObject("Creating new AD user", user.Path);
var parentADPath = syncTree.GetADPath(parentPath);
CreateADUser(syncTree, parentADPath, user, passwd);
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
public void UpdateADContainer(Node node, string newPath)
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
try
{
UpdateADObject(node, newPath, null, UpdateADContainerProperties);
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
public void UpdateADUser(User user, string newPath, string passwd)
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
try
{
UpdateADObject(user, newPath, passwd, UpdateADUserProperties);
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
public void CreateNewADContainer(Node node, string newPath)
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
try
{
var parentPath = RepositoryPath.GetParentPath(newPath);
// get containing synctree
var syncTree = GetSyncTreeContainingPortalPath(newPath);
if (syncTree == null)
{
// not synced object
return;
}
AdLog.LogPortalObject("Creating new AD orgunit/group/container", node.Path);
var parentADPath = syncTree.GetADPath(parentPath);
// create new AD object
var adObjType = Common.GetADObjectType(node.NodeType);
switch (adObjType)
{
case ADObjectType.OrgUnit:
CreateADOrgUnit(syncTree, parentADPath, node);
break;
case ADObjectType.Group:
CreateADGroup(syncTree, parentADPath, node);
break;
case ADObjectType.Container:
CreateADContainer(syncTree, parentADPath, node);
break;
default:
break;
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
public void DeleteADObject(string nodePath, Guid?guid)
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
try
{
if (!IsSyncedObject(nodePath))
{
return;
}
AdLog.LogPortalObject("Deleting AD object", nodePath);
//var guid = Common.GetPortalObjectGuid(node);
if (guid.HasValue)
{
SyncTreeADObject ADObject = GetADObjectByGuid((Guid)guid);
using (DirectoryEntry entry = ADObject.entry)
{
if (entry != null)
{
// disable users under AD object and move them to specific folder
var deletedPath = ADObject.syncTree.DeletedADObjectsPath;
bool entryDeleted = false;
using (DirectoryEntry deletedParent = ADObject.syncTree.ConnectToObject(deletedPath))
{
using (SearchResultCollection resultColl = ADObject.syncTree.GetUsersUnderADObject(entry))
{
foreach (SearchResult result in resultColl)
{
using (DirectoryEntry userEntry = result.GetDirectoryEntry())
{
var userPath = userEntry.Path;
// disable user and move to deleted folder
if (deletedParent != null)
{
userEntry.MoveTo(deletedParent);
}
else
{
AdLog.LogError("Folder for deleted users could not be found on AD server!");
}
Common.DisableUserAccount(userEntry);
Common.DisableADObjectCustomProperties(userEntry, _propertyMappings, _config.ADNameMaxLength, _config.ADsAMAccountNameMaxLength);
userEntry.CommitChanges();
// ha a parent objektum maga egy user volt, akkor őt később már nem kell törölni
if (entry.Path == userPath)
{
entryDeleted = true;
}
}
}
}
}
// delete remaining entries under this entry including itself (if it has not been deleted yet)
if (!entryDeleted)
{
// double check user containment: if it still contains users, raise an error!
using (SearchResultCollection resultColl = ADObject.syncTree.GetUsersUnderADObject(entry))
{
if (resultColl.Count == 0)
{
entry.DeleteTree();
}
else
{
AdLog.LogErrorADObject("AD container cannot be deleted, it contains users!", entry.Path);
}
}
}
}
else
{
AdLog.LogErrorPortalObject(string.Format("AD object with the given GUID ({0}) does not exist", guid.ToString()), nodePath);
}
}
}
else
{
AdLog.LogErrorPortalObject("Portal node does not have a syncguid", nodePath);
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
/* ==================================================================================== AD -> portal : Public methods */
/// <summary>
/// Syncs all objects of all configured sync trees from Active Directory(ies).
/// </summary>
public void SyncFromAD()
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
// init portal objects
AdLog.LogMain("Cacheing portal users...");
_portalUsers = GetAllPortalObjects(ADObjectType.User);
AdLog.LogMain("Cacheing portal groups...");
_portalGroups = GetAllPortalObjects(ADObjectType.Group);
AdLog.LogMain("Cacheing portal containers...");
_portalContainers = GetAllPortalObjects(ADObjectType.AllContainers);
foreach (SyncTree syncTree in _syncTrees)
{
try
{
SyncContainersFromAD(syncTree);
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
foreach (SyncTree syncTree in _syncTrees)
{
try
{
SyncUsersFromAD(syncTree);
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
foreach (SyncTree syncTree in _syncTrees)
{
try
{
if (syncTree.SyncGroups)
{
SyncGroupsFromAD(syncTree);
}
else
{
AdLog.LogMainActivity("Groups under synctree are skipped", syncTree.ADPath, syncTree.PortalPath);
}
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
foreach (SyncTree syncTree in _syncTrees)
{
try
{
DeletePortalUsers(syncTree);
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
foreach (SyncTree syncTree in _syncTrees)
{
try
{
DeletePortalGroups(syncTree);
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
foreach (SyncTree syncTree in _syncTrees)
{
try
{
DeletePortalContainers(syncTree);
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
// dispose synctrees (searchresultcollection objects contained in synctree)
foreach (SyncTree syncTree in _syncTrees)
{
syncTree.Dispose();
}
AdLog.EndLog();
Common.RestoreOriginalUser(originalUser);
}