static internal Principal SearchResultToPrincipal(SearchResult sr, PrincipalContext owningContext, Type principalType) { Principal p; // Construct an appropriate Principal object. // Make* constructs a Principal that is marked persisted // and not loaded (p.unpersisted = false, p.loaded = false). // Since there should be no more multistore contexts, the owning context IS // the specific context // If we know the type we should just construct it ourselves so that we don't need to incur the costs of reflection. // If this is an extension type then we must reflect teh constructor to create the object. if (typeof(UserPrincipal) == principalType) { p = UserPrincipal.MakeUser(owningContext); } else if (typeof(ComputerPrincipal) == principalType) { p = ComputerPrincipal.MakeComputer(owningContext); } else if (typeof(GroupPrincipal) == principalType) { p = GroupPrincipal.MakeGroup(owningContext); } else if (null == principalType || typeof(AuthenticablePrincipal) == principalType || typeof(Principal) == principalType) { if (SDSUtils.IsOfObjectClass(sr, "computer")) { p = ComputerPrincipal.MakeComputer(owningContext); } else if (SDSUtils.IsOfObjectClass(sr, "user")) { p = UserPrincipal.MakeUser(owningContext); } else if (SDSUtils.IsOfObjectClass(sr, "group")) { p = GroupPrincipal.MakeGroup(owningContext); } else { p = AuthenticablePrincipal.MakeAuthenticablePrincipal(owningContext); } } else { p = Principal.MakePrincipal(owningContext, principalType); } // The DirectoryEntry we're constructing the Principal from // will serve as the underlying object for that Principal. p.UnderlyingSearchObject = sr; // It's up to our caller to assign an appropriate StoreKey. // Caller must also populate the underlyingObject field if the P is to be used R/W return(p); }
internal static Principal ConstructFakePrincipalFromSID(byte[] sid, PrincipalContext ctx, string serverName, NetCred credentials, string authorityName) { string str = null; string str1 = null; string str2; string str3 = ""; int num = 0; int num1 = Utils.LookupSid(serverName, credentials, sid, out str, out str1, out num); if (num1 == 0) { if (!string.IsNullOrEmpty(str1)) { str2 = string.Concat(str1, "\\"); } else { str2 = ""; } str3 = string.Concat(str2, str); } GroupPrincipal groupPrincipal = GroupPrincipal.MakeGroup(ctx); groupPrincipal.fakePrincipal = true; groupPrincipal.unpersisted = false; groupPrincipal.LoadValueIntoProperty("Principal.DisplayName", str3); groupPrincipal.LoadValueIntoProperty("Principal.Name", str); groupPrincipal.LoadValueIntoProperty("Principal.SamAccountName", str); SecurityIdentifier securityIdentifier = new SecurityIdentifier(Utils.ConvertSidToSDDL(sid)); groupPrincipal.LoadValueIntoProperty("Principal.Sid", securityIdentifier); groupPrincipal.LoadValueIntoProperty("GroupPrincipal.IsSecurityGroup", (bool)1); return(groupPrincipal); }
internal static Principal SearchResultToPrincipal(SearchResult sr, PrincipalContext owningContext, Type principalType) { Principal principal; if (typeof(UserPrincipal) != principalType) { if (typeof(ComputerPrincipal) != principalType) { if (typeof(GroupPrincipal) != principalType) { if (null == principalType || typeof(AuthenticablePrincipal) == principalType || typeof(Principal) == principalType) { if (!SDSUtils.IsOfObjectClass(sr, "computer")) { if (!SDSUtils.IsOfObjectClass(sr, "user")) { if (!SDSUtils.IsOfObjectClass(sr, "group")) { principal = AuthenticablePrincipal.MakeAuthenticablePrincipal(owningContext); } else { principal = GroupPrincipal.MakeGroup(owningContext); } } else { principal = UserPrincipal.MakeUser(owningContext); } } else { principal = ComputerPrincipal.MakeComputer(owningContext); } } else { principal = Principal.MakePrincipal(owningContext, principalType); } } else { principal = GroupPrincipal.MakeGroup(owningContext); } } else { principal = ComputerPrincipal.MakeComputer(owningContext); } } else { principal = UserPrincipal.MakeUser(owningContext); } principal.UnderlyingSearchObject = sr; return(principal); }
internal static Principal DirectoryEntryToPrincipal(DirectoryEntry de, PrincipalContext owningContext, Type principalType) { Principal principal; if (typeof(UserPrincipal) != principalType) { if (typeof(ComputerPrincipal) != principalType) { if (typeof(GroupPrincipal) != principalType) { if (null == principalType || typeof(AuthenticablePrincipal) == principalType || typeof(Principal) == principalType) { if (!SDSUtils.IsOfObjectClass(de, "computer")) { if (!SDSUtils.IsOfObjectClass(de, "user")) { if (!SDSUtils.IsOfObjectClass(de, "group")) { principal = AuthenticablePrincipal.MakeAuthenticablePrincipal(owningContext); } else { principal = GroupPrincipal.MakeGroup(owningContext); } } else { principal = UserPrincipal.MakeUser(owningContext); } } else { principal = ComputerPrincipal.MakeComputer(owningContext); } } else { principal = Principal.MakePrincipal(owningContext, principalType); } } else { principal = GroupPrincipal.MakeGroup(owningContext); } } else { principal = ComputerPrincipal.MakeComputer(owningContext); } } else { principal = UserPrincipal.MakeUser(owningContext); } principal.UnderlyingObject = de; return(principal); }
// Used to implement StoreCtx.GetAsPrincipal for AD and SAM static internal Principal DirectoryEntryToPrincipal(DirectoryEntry de, PrincipalContext owningContext, Type principalType) { Principal p; // Construct an appropriate Principal object. // Make* constructs a Principal that is marked persisted // and not loaded (p.unpersisted = false, p.loaded = false). // Since there should be no more multistore contexts, the owning context IS // the specific context if (typeof(UserPrincipal) == principalType) { p = UserPrincipal.MakeUser(owningContext); } else if (typeof(ComputerPrincipal) == principalType) { p = ComputerPrincipal.MakeComputer(owningContext); } else if (typeof(GroupPrincipal) == principalType) { p = GroupPrincipal.MakeGroup(owningContext); } else if (null == principalType || typeof(AuthenticablePrincipal) == principalType || typeof(Principal) == principalType) { if (SDSUtils.IsOfObjectClass(de, "computer")) { p = ComputerPrincipal.MakeComputer(owningContext); } else if (SDSUtils.IsOfObjectClass(de, "user")) { p = UserPrincipal.MakeUser(owningContext); } else if (SDSUtils.IsOfObjectClass(de, "group")) { p = GroupPrincipal.MakeGroup(owningContext); } else { p = AuthenticablePrincipal.MakeAuthenticablePrincipal(owningContext); } } else { p = Principal.MakePrincipal(owningContext, principalType); } // The DirectoryEntry we're constructing the Principal from // will serve as the underlying object for that Principal. p.UnderlyingObject = de; // It's up to our caller to assign an appropriate StoreKey. return(p); }
static internal Principal ConstructFakePrincipalFromSID( byte[] sid, PrincipalContext ctx, string serverName, NetCred credentials, string authorityName) { GlobalDebug.WriteLineIf( GlobalDebug.Info, "Utils", "ConstructFakePrincipalFromSID: Build principal for SID={0}, server={1}, authority={2}", Utils.ByteArrayToString(sid), (serverName != null ? serverName : "NULL"), (authorityName != null ? authorityName : "NULL")); Debug.Assert(ClassifySID(sid) == SidType.FakeObject); // Get the name for it string nt4Name = ""; int accountUsage = 0; string name; string domainName; int err = Utils.LookupSid(serverName, credentials, sid, out name, out domainName, out accountUsage); if (err == 0) { // If it failed, we'll just live without a name //Debug.Assert(accountUsage == 5 /*WellKnownGroup*/); nt4Name = (!String.IsNullOrEmpty(domainName) ? domainName + "\\" : "") + name; } else { GlobalDebug.WriteLineIf( GlobalDebug.Warn, "Utils", "ConstructFakePrincipalFromSID: LookupSid failed (ignoring), serverName=" + serverName + ", err=" + err); } // Since LookupAccountSid indicates all of the NT AUTHORITY, etc., SIDs are WellKnownGroups, // we'll map them all to Group. // Create a Principal object to represent it GroupPrincipal g = GroupPrincipal.MakeGroup(ctx); g.fakePrincipal = true; g.unpersisted = false; // Set the display name on the object g.LoadValueIntoProperty(PropertyNames.PrincipalDisplayName, nt4Name); // Set the display name on the object g.LoadValueIntoProperty(PropertyNames.PrincipalName, name); // Set the display name on the object g.LoadValueIntoProperty(PropertyNames.PrincipalSamAccountName, name); // SID IdentityClaim SecurityIdentifier sidObj = new SecurityIdentifier(Utils.ConvertSidToSDDL(sid)); // Set the display name on the object g.LoadValueIntoProperty(PropertyNames.PrincipalSid, sidObj); g.LoadValueIntoProperty(PropertyNames.GroupIsSecurityGroup, true); return(g); }