private void DoMachineInit() { DirectoryEntry directoryEntry = null; try { string computerFlatName = this.name; if (computerFlatName == null) { computerFlatName = Utils.GetComputerFlatName(); } AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(this.options); directoryEntry = new DirectoryEntry(string.Concat("WinNT://", computerFlatName, ",computer"), this.username, this.password, authTypes); directoryEntry.RefreshCache(); StoreCtx storeCtx = this.CreateContextFromDirectoryEntry(directoryEntry); this.queryCtx = storeCtx; this.userCtx = storeCtx; this.groupCtx = storeCtx; this.computerCtx = storeCtx; this.connectedServer = computerFlatName; directoryEntry = null; } catch (Exception exception) { if (directoryEntry != null) { directoryEntry.Dispose(); } throw; } }
private void DoMachineInit() { GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "Entering DoMachineInit"); Debug.Assert(_contextType == ContextType.Machine); Debug.Assert(_container == null); DirectoryEntry de = null; try { string hostname = _name; if (hostname == null) { hostname = Utils.GetComputerFlatName(); } GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoMachineInit: hostname is " + hostname); // use the options they specified AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(_options); GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoMachineInit: authTypes is " + authTypes.ToString()); de = new DirectoryEntry("WinNT://" + hostname + ",computer", _username, _password, authTypes); // Force ADSI to connect so we detect if the server is down or if the servername is invalid de.RefreshCache(); StoreCtx storeCtx = CreateContextFromDirectoryEntry(de); _queryCtx = storeCtx; _userCtx = storeCtx; _groupCtx = storeCtx; _computerCtx = storeCtx; _connectedServer = hostname; de = null; } catch (Exception e) { GlobalDebug.WriteLineIf(GlobalDebug.Error, "PrincipalContext", "DoMachineInit: caught exception of type " + e.GetType().ToString() + " and message " + e.Message); // Cleanup the DE on failure if (de != null) { de.Dispose(); } throw; } }
private void DoLDAPDirectoryInit() { int num; string str = ""; if (this.name != null) { if (this.contextType != ContextType.ApplicationDirectory) { str = this.name; } else { string str1 = this.serverProperties.dnsHostName; string str2 = ":"; if ((ContextOptions.SecureSocketLayer & this.options) > 0) { num = this.serverProperties.portSSL; } else { num = this.serverProperties.portLDAP; } str = string.Concat(str1, str2, num); } str = string.Concat(str, "/"); } AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(this.options); using (DirectoryEntry directoryEntry = new DirectoryEntry(string.Concat("LDAP://", str, this.container), this.username, this.password, authTypes)) { try { if (this.serverProperties.portSSL > 0) { directoryEntry.Options.PasswordPort = this.serverProperties.portSSL; } StoreCtx storeCtx = this.CreateContextFromDirectoryEntry(directoryEntry); this.queryCtx = storeCtx; this.userCtx = storeCtx; this.groupCtx = storeCtx; this.computerCtx = storeCtx; this.connectedServer = ADUtils.GetServerName(directoryEntry); } catch (COMException cOMException1) { COMException cOMException = cOMException1; throw ExceptionHelper.GetExceptionFromCOMException(cOMException); } catch (Exception exception) { throw; } } }
// Throws exception if ctxBase is not a computer object public SAMStoreCtx(DirectoryEntry ctxBase, bool ownCtxBase, string username, string password, ContextOptions options) { Debug.Assert(ctxBase != null); GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMStoreCtx", "Constructing SAMStoreCtx for {0}", ctxBase.Path); Debug.Assert(SAMUtils.IsOfObjectClass(ctxBase, "Computer")); _ctxBase = ctxBase; _ownCtxBase = ownCtxBase; if (username != null && password != null) { _credentials = new NetCred(username, password); } _contextOptions = options; _authTypes = SDSUtils.MapOptionsToAuthTypes(options); }
private void DoLDAPDirectoryInitNoContainer() { byte[] USERS_CONTAINER_GUID = new byte[] { 0xa9, 0xd1, 0xca, 0x15, 0x76, 0x88, 0x11, 0xd1, 0xad, 0xed, 0x00, 0xc0, 0x4f, 0xd8, 0xd5, 0xcd }; byte[] COMPUTERS_CONTAINER_GUID = new byte[] { 0xaa, 0x31, 0x28, 0x25, 0x76, 0x88, 0x11, 0xd1, 0xad, 0xed, 0x00, 0xc0, 0x4f, 0xd8, 0xd5, 0xcd }; // The StoreCtxs that will be used in the PrincipalContext, and their associated DirectoryEntry objects. DirectoryEntry deUserGroupOrg = null; DirectoryEntry deComputer = null; DirectoryEntry deBase = null; ADStoreCtx storeCtxUserGroupOrg = null; ADStoreCtx storeCtxComputer = null; ADStoreCtx storeCtxBase = null; GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "Entering DoLDAPDirectoryInitNoContainer"); // // Build a DirectoryEntry that represents the root of the domain. // // Use the RootDSE to find the default naming context DirectoryEntry deRootDse = null; string adsPathBase; // use the servername if they gave us one, else let ADSI figure it out string serverName = ""; if (_name != null) { serverName = _name + "/"; } GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: serverName is " + serverName); // use the options they specified AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(_options); GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: authTypes is " + authTypes.ToString()); try { deRootDse = new DirectoryEntry("LDAP://" + serverName + "rootDse", _username, _password, authTypes); // This will also detect if the server is down or nonexistent string domainNC = (string)deRootDse.Properties["defaultNamingContext"][0]; adsPathBase = "LDAP://" + serverName + domainNC; GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: domainNC is " + domainNC); GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: adsPathBase is " + adsPathBase); } finally { // Don't allow the DE to leak deRootDse?.Dispose(); } try { // Build a DE for the root of the domain using the retrieved naming context deBase = new DirectoryEntry(adsPathBase, _username, _password, authTypes); // Set the password port to the ssl port read off of the rootDSE. Without this // password change/set won't work when we connect without SSL and ADAM is running // on non-standard port numbers. We have already verified directory connectivity at this point // so this should always succeed. if (_serverProperties.portSSL > 0) { deBase.Options.PasswordPort = _serverProperties.portSSL; } // // Use the wellKnownObjects attribute to determine the default location // for users and computers. // string adsPathUserGroupOrg = null; string adsPathComputer = null; PropertyValueCollection wellKnownObjectValues = deBase.Properties["wellKnownObjects"]; foreach (UnsafeNativeMethods.IADsDNWithBinary value in wellKnownObjectValues) { if (Utils.AreBytesEqual(USERS_CONTAINER_GUID, (byte[])value.BinaryValue)) { Debug.Assert(adsPathUserGroupOrg == null); adsPathUserGroupOrg = "LDAP://" + serverName + value.DNString; GlobalDebug.WriteLineIf( GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: found USER, adsPathUserGroupOrg is " + adsPathUserGroupOrg); } // Is it the computer container? if (Utils.AreBytesEqual(COMPUTERS_CONTAINER_GUID, (byte[])value.BinaryValue)) { Debug.Assert(adsPathComputer == null); adsPathComputer = "LDAP://" + serverName + value.DNString; GlobalDebug.WriteLineIf( GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: found COMPUTER, adsPathComputer is " + adsPathComputer); } } if ((adsPathUserGroupOrg == null) || (adsPathComputer == null)) { // Something's wrong with the domain, it's not exposing the proper // well-known object fields. throw new PrincipalOperationException(SR.ContextNoWellKnownObjects); } // // Build DEs for the Users and Computers containers. // The Users container will also be used as the default for Groups. // The reason there are different contexts for groups, users and computers is so that // when a principal is created it will go into the appropriate default container. This is so users don't // by default create principals in the root of their directory. When a search happens the base context is used so that // the whole directory will be covered. // deUserGroupOrg = new DirectoryEntry(adsPathUserGroupOrg, _username, _password, authTypes); deComputer = new DirectoryEntry(adsPathComputer, _username, _password, authTypes); StoreCtx userStore = CreateContextFromDirectoryEntry(deUserGroupOrg); _userCtx = userStore; _groupCtx = userStore; deUserGroupOrg = null; // since we handed off ownership to the StoreCtx _computerCtx = CreateContextFromDirectoryEntry(deComputer); deComputer = null; _queryCtx = CreateContextFromDirectoryEntry(deBase); _connectedServer = ADUtils.GetServerName(deBase); deBase = null; } catch (Exception e) { GlobalDebug.WriteLineIf(GlobalDebug.Error, "PrincipalContext", "DoLDAPDirectoryInitNoContainer: caught exception of type " + e.GetType().ToString() + " and message " + e.Message); // Cleanup on failure. Once a DE has been successfully handed off to a ADStoreCtx, // that ADStoreCtx will handle Dispose()'ing it deUserGroupOrg?.Dispose(); deComputer?.Dispose(); deBase?.Dispose(); storeCtxUserGroupOrg?.Dispose(); storeCtxComputer?.Dispose(); storeCtxBase?.Dispose(); throw; } }
private void DoLDAPDirectoryInit() { // use the servername if they gave us one, else let ADSI figure it out string serverName = ""; if (_name != null) { if (_contextType == ContextType.ApplicationDirectory) { serverName = _serverProperties.dnsHostName + ":" + ((ContextOptions.SecureSocketLayer & _options) > 0 ? _serverProperties.portSSL : _serverProperties.portLDAP); } else { serverName = _name; } serverName += "/"; } GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInit: serverName is " + serverName); // use the options they specified AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(_options); GlobalDebug.WriteLineIf(GlobalDebug.Info, "PrincipalContext", "DoLDAPDirectoryInit: authTypes is " + authTypes.ToString()); DirectoryEntry de = new DirectoryEntry("LDAP://" + serverName + _container, _username, _password, authTypes); try { // Set the password port to the ssl port read off of the rootDSE. Without this // password change/set won't work when we connect without SSL and ADAM is running // on non-standard port numbers. We have already verified directory connectivity at this point // so this should always succeed. if (_serverProperties.portSSL > 0) { de.Options.PasswordPort = _serverProperties.portSSL; } StoreCtx storeCtx = CreateContextFromDirectoryEntry(de); _queryCtx = storeCtx; _userCtx = storeCtx; _groupCtx = storeCtx; _computerCtx = storeCtx; _connectedServer = ADUtils.GetServerName(de); de = null; } catch (System.Runtime.InteropServices.COMException e) { throw ExceptionHelper.GetExceptionFromCOMException(e); } catch (Exception e) { GlobalDebug.WriteLineIf(GlobalDebug.Error, "PrincipalContext", "DoLDAPDirectoryInit: caught exception of type " + e.GetType().ToString() + " and message " + e.Message); throw; } finally { // Cleanup the DE on failure de?.Dispose(); } }
private void DoLDAPDirectoryInitNoContainer() { string str = null; string str1 = null; byte[] numArray = new byte[] { 169, 209, 202, 21, 118, 136, 17, 209, 173, 237, 0, 192, 79, 216, 213, 205 }; byte[] numArray1 = numArray; byte[] numArray2 = new byte[] { 170, 49, 40, 37, 118, 136, 17, 209, 173, 237, 0, 192, 79, 216, 213, 205 }; byte[] numArray3 = numArray2; DirectoryEntry directoryEntry = null; DirectoryEntry directoryEntry1 = null; DirectoryEntry directoryEntry2 = null; ADStoreCtx aDStoreCtx = null; ADStoreCtx aDStoreCtx1 = null; ADStoreCtx aDStoreCtx2 = null; DirectoryEntry directoryEntry3 = null; string str2 = ""; if (this.name != null) { str2 = string.Concat(this.name, "/"); } AuthenticationTypes authTypes = SDSUtils.MapOptionsToAuthTypes(this.options); using (directoryEntry3) { directoryEntry3 = new DirectoryEntry(string.Concat("LDAP://", str2, "rootDse"), this.username, this.password, authTypes); string item = (string)directoryEntry3.Properties["defaultNamingContext"][0]; str = string.Concat("LDAP://", str2, item); } try { directoryEntry2 = new DirectoryEntry(str, this.username, this.password, authTypes); if (this.serverProperties.portSSL > 0) { directoryEntry2.Options.PasswordPort = this.serverProperties.portSSL; } string str3 = null; PropertyValueCollection propertyValueCollection = directoryEntry2.Properties["wellKnownObjects"]; foreach (UnsafeNativeMethods.IADsDNWithBinary aDsDNWithBinary in propertyValueCollection) { if (Utils.AreBytesEqual(numArray1, (byte[])aDsDNWithBinary.BinaryValue)) { str3 = string.Concat("LDAP://", str2, aDsDNWithBinary.DNString); } if (!Utils.AreBytesEqual(numArray3, (byte[])aDsDNWithBinary.BinaryValue)) { continue; } str1 = string.Concat("LDAP://", str2, aDsDNWithBinary.DNString); } if (str3 == null || str1 == null) { throw new PrincipalOperationException(StringResources.ContextNoWellKnownObjects); } else { directoryEntry = new DirectoryEntry(str3, this.username, this.password, authTypes); directoryEntry1 = new DirectoryEntry(str1, this.username, this.password, authTypes); StoreCtx storeCtx = this.CreateContextFromDirectoryEntry(directoryEntry); this.userCtx = storeCtx; this.groupCtx = storeCtx; directoryEntry = null; this.computerCtx = this.CreateContextFromDirectoryEntry(directoryEntry1); directoryEntry1 = null; this.queryCtx = this.CreateContextFromDirectoryEntry(directoryEntry2); this.connectedServer = ADUtils.GetServerName(directoryEntry2); directoryEntry2 = null; } } catch (Exception exception) { if (directoryEntry != null) { directoryEntry.Dispose(); } if (directoryEntry1 != null) { directoryEntry1.Dispose(); } if (directoryEntry2 != null) { directoryEntry2.Dispose(); } if (aDStoreCtx != null) { aDStoreCtx.Dispose(); } if (aDStoreCtx1 != null) { aDStoreCtx1.Dispose(); } if (aDStoreCtx2 != null) { aDStoreCtx2.Dispose(); } throw; } }