static internal Principal SearchResultToPrincipal(SearchResult sr, PrincipalContext owningContext, Type principalType)
{
Principal p;
// Construct an appropriate Principal object.
// Make* constructs a Principal that is marked persisted
// and not loaded (p.unpersisted = false, p.loaded = false).
// Since there should be no more multistore contexts, the owning context IS
// the specific context
// If we know the type we should just construct it ourselves so that we don't need to incur the costs of reflection.
// If this is an extension type then we must reflect teh constructor to create the object.
if (typeof(UserPrincipal) == principalType)
{
p = UserPrincipal.MakeUser(owningContext);
}
else if (typeof(ComputerPrincipal) == principalType)
{
p = ComputerPrincipal.MakeComputer(owningContext);
}
else if (typeof(GroupPrincipal) == principalType)
{
p = GroupPrincipal.MakeGroup(owningContext);
}
else if (null == principalType ||
typeof(AuthenticablePrincipal) == principalType ||
typeof(Principal) == principalType)
{
if (SDSUtils.IsOfObjectClass(sr, "computer"))
{
p = ComputerPrincipal.MakeComputer(owningContext);
}
else if (SDSUtils.IsOfObjectClass(sr, "user"))
{
p = UserPrincipal.MakeUser(owningContext);
}
else if (SDSUtils.IsOfObjectClass(sr, "group"))
{
p = GroupPrincipal.MakeGroup(owningContext);
}
else
{
p = AuthenticablePrincipal.MakeAuthenticablePrincipal(owningContext);
}
}
else
{
p = Principal.MakePrincipal(owningContext, principalType);
}
// The DirectoryEntry we're constructing the Principal from
// will serve as the underlying object for that Principal.
p.UnderlyingSearchObject = sr;
// It's up to our caller to assign an appropriate StoreKey.
// Caller must also populate the underlyingObject field if the P is to be used R/W
return(p);
}
internal static Principal ConstructFakePrincipalFromSID(byte[] sid, PrincipalContext ctx, string serverName, NetCred credentials, string authorityName)
{
string str = null;
string str1 = null;
string str2;
string str3 = "";
int num = 0;
int num1 = Utils.LookupSid(serverName, credentials, sid, out str, out str1, out num);
if (num1 == 0)
{
if (!string.IsNullOrEmpty(str1))
{
str2 = string.Concat(str1, "\\");
}
else
{
str2 = "";
}
str3 = string.Concat(str2, str);
}
GroupPrincipal groupPrincipal = GroupPrincipal.MakeGroup(ctx);
groupPrincipal.fakePrincipal = true;
groupPrincipal.unpersisted = false;
groupPrincipal.LoadValueIntoProperty("Principal.DisplayName", str3);
groupPrincipal.LoadValueIntoProperty("Principal.Name", str);
groupPrincipal.LoadValueIntoProperty("Principal.SamAccountName", str);
SecurityIdentifier securityIdentifier = new SecurityIdentifier(Utils.ConvertSidToSDDL(sid));
groupPrincipal.LoadValueIntoProperty("Principal.Sid", securityIdentifier);
groupPrincipal.LoadValueIntoProperty("GroupPrincipal.IsSecurityGroup", (bool)1);
return(groupPrincipal);
}
internal static Principal SearchResultToPrincipal(SearchResult sr, PrincipalContext owningContext, Type principalType)
{
Principal principal;
if (typeof(UserPrincipal) != principalType)
{
if (typeof(ComputerPrincipal) != principalType)
{
if (typeof(GroupPrincipal) != principalType)
{
if (null == principalType || typeof(AuthenticablePrincipal) == principalType || typeof(Principal) == principalType)
{
if (!SDSUtils.IsOfObjectClass(sr, "computer"))
{
if (!SDSUtils.IsOfObjectClass(sr, "user"))
{
if (!SDSUtils.IsOfObjectClass(sr, "group"))
{
principal = AuthenticablePrincipal.MakeAuthenticablePrincipal(owningContext);
}
else
{
principal = GroupPrincipal.MakeGroup(owningContext);
}
}
else
{
principal = UserPrincipal.MakeUser(owningContext);
}
}
else
{
principal = ComputerPrincipal.MakeComputer(owningContext);
}
}
else
{
principal = Principal.MakePrincipal(owningContext, principalType);
}
}
else
{
principal = GroupPrincipal.MakeGroup(owningContext);
}
}
else
{
principal = ComputerPrincipal.MakeComputer(owningContext);
}
}
else
{
principal = UserPrincipal.MakeUser(owningContext);
}
principal.UnderlyingSearchObject = sr;
return(principal);
}
internal static Principal DirectoryEntryToPrincipal(DirectoryEntry de, PrincipalContext owningContext, Type principalType)
{
Principal principal;
if (typeof(UserPrincipal) != principalType)
{
if (typeof(ComputerPrincipal) != principalType)
{
if (typeof(GroupPrincipal) != principalType)
{
if (null == principalType || typeof(AuthenticablePrincipal) == principalType || typeof(Principal) == principalType)
{
if (!SDSUtils.IsOfObjectClass(de, "computer"))
{
if (!SDSUtils.IsOfObjectClass(de, "user"))
{
if (!SDSUtils.IsOfObjectClass(de, "group"))
{
principal = AuthenticablePrincipal.MakeAuthenticablePrincipal(owningContext);
}
else
{
principal = GroupPrincipal.MakeGroup(owningContext);
}
}
else
{
principal = UserPrincipal.MakeUser(owningContext);
}
}
else
{
principal = ComputerPrincipal.MakeComputer(owningContext);
}
}
else
{
principal = Principal.MakePrincipal(owningContext, principalType);
}
}
else
{
principal = GroupPrincipal.MakeGroup(owningContext);
}
}
else
{
principal = ComputerPrincipal.MakeComputer(owningContext);
}
}
else
{
principal = UserPrincipal.MakeUser(owningContext);
}
principal.UnderlyingObject = de;
return(principal);
}
// Used to implement StoreCtx.GetAsPrincipal for AD and SAM
static internal Principal DirectoryEntryToPrincipal(DirectoryEntry de, PrincipalContext owningContext, Type principalType)
{
Principal p;
// Construct an appropriate Principal object.
// Make* constructs a Principal that is marked persisted
// and not loaded (p.unpersisted = false, p.loaded = false).
// Since there should be no more multistore contexts, the owning context IS
// the specific context
if (typeof(UserPrincipal) == principalType)
{
p = UserPrincipal.MakeUser(owningContext);
}
else if (typeof(ComputerPrincipal) == principalType)
{
p = ComputerPrincipal.MakeComputer(owningContext);
}
else if (typeof(GroupPrincipal) == principalType)
{
p = GroupPrincipal.MakeGroup(owningContext);
}
else if (null == principalType ||
typeof(AuthenticablePrincipal) == principalType ||
typeof(Principal) == principalType)
{
if (SDSUtils.IsOfObjectClass(de, "computer"))
{
p = ComputerPrincipal.MakeComputer(owningContext);
}
else if (SDSUtils.IsOfObjectClass(de, "user"))
{
p = UserPrincipal.MakeUser(owningContext);
}
else if (SDSUtils.IsOfObjectClass(de, "group"))
{
p = GroupPrincipal.MakeGroup(owningContext);
}
else
{
p = AuthenticablePrincipal.MakeAuthenticablePrincipal(owningContext);
}
}
else
{
p = Principal.MakePrincipal(owningContext, principalType);
}
// The DirectoryEntry we're constructing the Principal from
// will serve as the underlying object for that Principal.
p.UnderlyingObject = de;
// It's up to our caller to assign an appropriate StoreKey.
return(p);
}
static internal Principal ConstructFakePrincipalFromSID(
byte[] sid,
PrincipalContext ctx,
string serverName,
NetCred credentials,
string authorityName)
{
GlobalDebug.WriteLineIf(
GlobalDebug.Info,
"Utils",
"ConstructFakePrincipalFromSID: Build principal for SID={0}, server={1}, authority={2}",
Utils.ByteArrayToString(sid),
(serverName != null ? serverName : "NULL"),
(authorityName != null ? authorityName : "NULL"));
Debug.Assert(ClassifySID(sid) == SidType.FakeObject);
// Get the name for it
string nt4Name = "";
int accountUsage = 0;
string name;
string domainName;
int err = Utils.LookupSid(serverName, credentials, sid, out name, out domainName, out accountUsage);
if (err == 0)
{
// If it failed, we'll just live without a name
//Debug.Assert(accountUsage == 5 /*WellKnownGroup*/);
nt4Name = (!String.IsNullOrEmpty(domainName) ? domainName + "\\" : "") + name;
}
else
{
GlobalDebug.WriteLineIf(
GlobalDebug.Warn,
"Utils",
"ConstructFakePrincipalFromSID: LookupSid failed (ignoring), serverName=" + serverName + ", err=" + err);
}
// Since LookupAccountSid indicates all of the NT AUTHORITY, etc., SIDs are WellKnownGroups,
// we'll map them all to Group.
// Create a Principal object to represent it
GroupPrincipal g = GroupPrincipal.MakeGroup(ctx);
g.fakePrincipal = true;
g.unpersisted = false;
// Set the display name on the object
g.LoadValueIntoProperty(PropertyNames.PrincipalDisplayName, nt4Name);
// Set the display name on the object
g.LoadValueIntoProperty(PropertyNames.PrincipalName, name);
// Set the display name on the object
g.LoadValueIntoProperty(PropertyNames.PrincipalSamAccountName, name);
// SID IdentityClaim
SecurityIdentifier sidObj = new SecurityIdentifier(Utils.ConvertSidToSDDL(sid));
// Set the display name on the object
g.LoadValueIntoProperty(PropertyNames.PrincipalSid, sidObj);
g.LoadValueIntoProperty(PropertyNames.GroupIsSecurityGroup, true);
return(g);
}
