/// <summary> /// Creates a proxy connection to retrieve user information for. /// /// NOTE: This connection is used instead of the connection created by /// the Service.Start method because there cannot be multiple outstanding /// requests made on a single ldap connection. /// </summary> /// <returns>The LdapConnection object if successful. Otherwise a null is returned.</returns> private LdapConnection BindProxyUser() { LdapConnection proxy; try { proxy = new LdapConnection(); proxy.SecureSocketLayer = ldapSettings.SSL; proxy.Connect(ldapSettings.Host, ldapSettings.Port); Simias.LdapProvider.ProxyUser proxyCredentials = new Simias.LdapProvider.ProxyUser(); proxy.Bind(proxyCredentials.UserDN, proxyCredentials.Password); } catch (LdapException e) { log.Error("LdapError:" + e.LdapErrorMessage); log.Error("Error:" + e.Message); proxy = null; } catch (Exception e) { log.Error("Error:" + e.Message); proxy = null; } return(proxy); }
/// <summary> /// Call to inform a provider to start a synchronization cycle /// </summary> /// <returns> True - provider successfully finished a sync cycle, /// False - provider failed the sync cycle /// </returns> public bool Start(Simias.IdentitySynchronization.State State) { log.Debug("Start called"); int MaxConnectRetry = 5; bool status = false; abort = false; try { this.state = State; try { ldapSettings = LdapSettings.Get(Store.StorePath); log.Debug("new LdapConnection"); conn = new LdapConnection(); log.Debug("Connecting to: " + ldapSettings.Host + " on port: " + ldapSettings.Port.ToString()); conn.SecureSocketLayer = ldapSettings.SSL; for (int i = 1; i <= MaxConnectRetry; i++) { try { conn.Connect(ldapSettings.Host, ldapSettings.Port); } catch (Exception ex) { log.Debug("Failed to connect to : " + ldapSettings.Host + ", retry count: " + i.ToString() + ", Error Message : " + ex.Message); continue; } break; } ProxyUser proxy = new ProxyUser(); log.Debug("Binding as: " + proxy.UserDN); conn.Bind(proxy.UserDN, proxy.Password); ProcessSimiasAdmin(conn); ProcessSearchObjects(conn, ldapSettings); } catch (SimiasShutdownException s) { log.Error(s.Message); syncException = s; syncStatus = Status.SyncThreadDown; } catch (LdapException e) { log.Error(e.LdapErrorMessage); log.Error(e.StackTrace); syncException = e; syncStatus = (conn == null) ? Status.LdapConnectionFailure : Status.LdapAuthenticationFailure; state.ReportError(e.LdapErrorMessage); } catch (Exception e) { log.Error(e.Message); log.Error(e.StackTrace); syncException = e; syncStatus = Status.InternalException; state.ReportError(e.Message); } finally { if (conn != null) { log.Debug("Disconnecting Ldap connection"); try{ conn.Disconnect(); }catch {} conn = null; } } status = true; } catch (Exception e) { log.Error(e.Message); log.Error(e.StackTrace); State.ReportError(e.Message); } return(status); }
/// <summary> /// Update the ldap settings /// </summary> /// <param name="LdapAdminDN">ldap admin DN</param> /// <param name="LdapAdminPwd">ldap admin password</param> /// <param name="FieldToUpdate">which field is to update in config file</param> /// <param name="IsMaster">Is it master server</param> private void UpdateLdapSettings(string LdapAdminDN, string LdapAdminPwd, string FieldToUpdate, bool IsMaster) { if (FieldToUpdate.Equals("LDAPURI")) { UriBuilder newUri = new UriBuilder(); newUri.Host = host; newUri.Scheme = scheme; Uri newldapUrl = new Uri(newUri.ToString()); string ldapUrl = newldapUrl.ToString(); log.Debug("into condition ldapuri modification, ldapurl is {0} and going to create an instance of ldaputility", ldapUrl); LdapWebUtility ldapUtility = new LdapWebUtility(ldapUrl, LdapAdminDN, LdapAdminPwd); if (ldapUtility.Secure) { string certfile = Path.Combine(storePath, "RootCert.cer"); if (Execute("../../../../bin/get-root-certificate", "{0} {1} {2} {3} get {4}", ldapUtility.Host, ldapUtility.Port, LdapAdminDN, LdapAdminPwd, certfile) != 0) { //Failed , getting certificate and install log.Debug("Failed : getting certificate for {0}", ldapUtility.Host); throw new Exception(string.Format("Failed to get certificate.")); } if (Execute("/usr/bin/mono", "/usr/lib/mono/1.0/certmgr.exe -add -c Trust {0}", certfile) != 0) { //Failed , getting certificate and install log.Debug("Failed : Installing certificate for {0}", ldapUtility.Host); throw new Exception(string.Format("Failed to save certificate.")); } } log.Debug("Connecting to {0}", ldapUrl); try { ldapUtility.Connect(); } catch (Exception ex) { log.Debug("Ldap connect failed to server URL {0} ", ldapUrl); throw new Exception(string.Format("Ldap connect failed to server URL {0} ", ldapUrl)); } // get the directory type. log.Debug("Querying for directory type..."); LdapDirectoryType directoryType = ldapUtility.QueryDirectoryType(); log.Debug(" {0}", directoryType); ldapUtility.Disconnect(); if (directoryType.Equals(LdapDirectoryType.Unknown)) { throw new Exception(string.Format("Unable to determine directory type for {0}", ldapUtility.Host)); } // now check connecting with this proxy ldapUtility = new LdapWebUtility(ldapUrl, proxy, password); try { ldapUtility.Connect(); } catch (Exception ex) { log.Debug("Ldap connect failed to server URL {0} with proxy user {1} ", ldapUrl, proxy); throw new Exception(string.Format("Ldap connect failed to server URL {0} with proxy user {1} ", ldapUrl, proxy)); } ldapUtility.Disconnect(); } else { // ldap IP and SSL status has not changed , other fields (context, proxyDN, proxypwd) might have changed UriBuilder newUri = new UriBuilder(); newUri.Host = host; newUri.Scheme = scheme; Uri newldapUrl = new Uri(newUri.ToString()); string ldapUrl = newldapUrl.ToString(); LdapWebUtility ldapUtility = new LdapWebUtility(ldapUrl, LdapAdminDN, LdapAdminPwd); // connect ldapUtility.Connect(); if (FieldToUpdate.Equals("PROXYDN")) { LdapDirectoryType directoryType = ldapUtility.QueryDirectoryType(); // proxy DN has changed , so either create user or change the password. if (password == null || password == "") { ProxyUser proxyDetails = new ProxyUser(); ProxyPassword = proxyDetails.Password; } if (ldapUtility.CreateUser(proxy, password)) { // successful, proxy user is created log.Debug("New user created with DN = {0} ", proxy); } settingChangeMap |= ChangeMap.searchContexts; } else if (FieldToUpdate.Equals("PROXYPWD")) { if (password == null || password == "") { ProxyUser proxyDetails = new ProxyUser(); password = proxyDetails.Password; } ldapUtility.ChangePassword(proxy, password); } else { UpdateLdapContexts(ldapUrl, LdapAdminDN, LdapAdminPwd); } ldapUtility.Disconnect(); } }