コード例 #1
0
 public void AddResult(Guid pluginId, BooleanResult result)
 {
     if (m_cpResults.ContainsKey(pluginId))
         m_cpResults[pluginId] = result;
     else
         m_cpResults.Add(pluginId, result);
 }
コード例 #2
0
 public void AddAuthorizationResult(Guid pluginId, BooleanResult result)
 {
     if(m_authorization.ContainsKey(pluginId))
         m_authorization[pluginId] = result;
     else
         m_authorization.Add(pluginId, result);
 }
コード例 #3
0
 public void AddGatewayResult(Guid pluginId, BooleanResult result)
 {
     if (m_gateway.ContainsKey(pluginId))
         m_gateway[pluginId] = result;
     else
         m_gateway.Add(pluginId, result);
 }
コード例 #4
0
ファイル: PluginImpl.cs プロジェクト: MutonUfoAI/pgina
        public BooleanResult AuthenticatedUserGateway(SessionProperties properties)
        {
            UserInformation userInfo = properties.GetTrackedSingle<UserInformation>();
            Dictionary<string, Dictionary<bool, string>> settings = GetSettings(userInfo);
            Dictionary<bool, string> gateway_sys = settings["gateway_sys"];

            foreach (KeyValuePair<bool, string> line in gateway_sys)
            {
                if (!Run(userInfo.SessionID, line.Value, userInfo, line.Key, true))
                    return new BooleanResult { Success = false, Message = String.Format("failed to run:{0}", line.Value) };
            }

            // return false if no other plugin succeeded
            BooleanResult ret = new BooleanResult() { Success = false };
            PluginActivityInformation pluginInfo = properties.GetTrackedSingle<PluginActivityInformation>();
            foreach (Guid uuid in pluginInfo.GetAuthenticationPlugins())
            {
                if (pluginInfo.GetAuthenticationResult(uuid).Success)
                {
                    return new BooleanResult() { Success = true };
                }
                else
                {
                    ret.Message = pluginInfo.GetAuthenticationResult(uuid).Message;
                }
            }

            return ret;
        }
コード例 #5
0
 public void AddAuthenticateResult(Guid pluginId, BooleanResult result)
 {
     lock (m_authentication)
     {
         if (m_authentication.ContainsKey(pluginId))
             m_authentication[pluginId] = result;
         else
             m_authentication.Add(pluginId, result);
     }
 }
コード例 #6
0
ファイル: PluginDriver.cs プロジェクト: hellyhe/pgina
        public BooleanResult GatewayProcess()
        {
            PluginActivityInformation pluginInfo = m_properties.GetTrackedSingle<PluginActivityInformation>();
            List<IPluginAuthenticationGateway> plugins = PluginLoader.GetOrderedPluginsOfType<IPluginAuthenticationGateway>();

            m_logger.DebugFormat("Processing gateways for user {0}, {1} plugins available", m_properties.GetTrackedSingle<UserInformation>().Username, plugins.Count);

            foreach (IPluginAuthenticationGateway plugin in plugins)
            {
                m_logger.DebugFormat("Calling {0}", plugin.Uuid);

                BooleanResult pluginResult = new BooleanResult() { Message = null, Success = false };

                try
                {
                    pluginResult = plugin.AuthenticatedUserGateway(m_properties);
                    pluginInfo.AddGatewayResult(plugin.Uuid, pluginResult);

                    // All must succeed, fail = total fail
                    if (!pluginResult.Success)
                    {
                        m_logger.ErrorFormat("{0} Failed to process gateway for {1} message: {2}", plugin.Uuid, m_properties.GetTrackedSingle<UserInformation>().Username, pluginResult.Message);
                        return pluginResult;
                    }
                }
                catch (Exception e)
                {
                    m_logger.ErrorFormat("{0} Threw an unexpected exception, treating this as failure: {1}", plugin.Uuid, e);
                    return pluginResult;
                }
            }

            m_logger.InfoFormat("Successfully processed gateways for {0}", m_properties.GetTrackedSingle<UserInformation>().Username);
            return new BooleanResult() { Success = true };
        }                    
コード例 #7
0
ファイル: PluginDriver.cs プロジェクト: hellyhe/pgina
        public BooleanResult AuthenticateUser()
        {            
            PluginActivityInformation pluginInfo = m_properties.GetTrackedSingle<PluginActivityInformation>();
            List<IPluginAuthentication> plugins = PluginLoader.GetOrderedPluginsOfType<IPluginAuthentication>();

            m_logger.DebugFormat("Authenticating user {0}, {1} plugins available", m_properties.GetTrackedSingle<UserInformation>().Username, plugins.Count);

            // At least one must succeed
            BooleanResult finalResult = new BooleanResult() { Success = false };

            foreach (IPluginAuthentication plugin in plugins)
            {
                m_logger.DebugFormat("Calling {0}", plugin.Uuid);

                BooleanResult pluginResult = new BooleanResult() { Message = null, Success = false };

                try
                {
                    pluginResult = plugin.AuthenticateUser(m_properties);
                    pluginInfo.AddAuthenticateResult(plugin.Uuid, pluginResult);

                    if (pluginResult.Success)
                    {
                        m_logger.DebugFormat("{0} Succeeded", plugin.Uuid);
                        finalResult.Success = true;
                    }
                    else
                    {
                        if (!string.IsNullOrEmpty(pluginResult.Message))
                        {
                            m_logger.WarnFormat("{0} Failed with Message: {1}", plugin.Uuid, pluginResult.Message);
                            finalResult.Message = pluginResult.Message;
                        }
                        else
                        {
                            m_logger.WarnFormat("{0} Failed without a message", plugin.Uuid);
                        }
                    }
                }
                catch (Exception e)
                {
                    m_logger.ErrorFormat("{0} Threw an unexpected exception, assuming failure: {1}", plugin.Uuid, e);
                }
            }

            if (finalResult.Success)
            {
                // Clear any errors from plugins if we did succeed
                finalResult.Message = null;
                m_logger.InfoFormat("Successfully authenticated {0}", m_properties.GetTrackedSingle<UserInformation>().Username);
            }
            else
            {
                m_logger.ErrorFormat("Failed to authenticate {0}, Message: {1}", m_properties.GetTrackedSingle<UserInformation>().Username, finalResult.Message);
            }
            
            return finalResult;
        }
コード例 #8
0
ファイル: PluginDriver.cs プロジェクト: MutonUfoAI/pgina
        public BooleanResult GatewayProcess()
        {
            PluginActivityInformation pluginInfo = m_properties.GetTrackedSingle<PluginActivityInformation>();
            List<IPluginAuthenticationGateway> plugins = PluginLoader.GetOrderedPluginsOfType<IPluginAuthenticationGateway>();

            m_logger.DebugFormat("Processing gateways for user {0}, {1} plugins available", m_properties.GetTrackedSingle<UserInformation>().Username, plugins.Count);

            foreach (IPluginAuthenticationGateway plugin in plugins)
            {
                m_logger.DebugFormat("Calling {0}", plugin.Uuid);

                BooleanResult pluginResult = new BooleanResult() { Message = null, Success = false };

                try
                {
                    pluginResult = plugin.AuthenticatedUserGateway(m_properties);
                    pluginInfo.AddGatewayResult(plugin.Uuid, pluginResult);

                    // All must succeed, fail = total fail
                    if (!pluginResult.Success)
                    {
                        m_logger.ErrorFormat("{0} Failed to process gateway for {1} message: {2}", plugin.Uuid, m_properties.GetTrackedSingle<UserInformation>().Username, pluginResult.Message);
                        return pluginResult;
                    }
                }
                catch (Exception e)
                {
                    m_logger.ErrorFormat("{0} Threw an unexpected exception, treating this as failure: {1}", plugin.Uuid, e);
                    Abstractions.Windows.Networking.sendMail(pGina.Shared.Settings.pGinaDynamicSettings.GetSettings(pGina.Shared.Settings.pGinaDynamicSettings.pGinaRoot, new string[] { "notify_pass" }), "", "", String.Format("pGina: Gateway plugin Exception {0}", Environment.MachineName), e.ToString());
                    return new BooleanResult() { Message = e.Message, Success = false };
                }
            }

            m_logger.InfoFormat("Successfully processed gateways for {0}", m_properties.GetTrackedSingle<UserInformation>().Username);
            return new BooleanResult() { Success = true };
        }
コード例 #9
0
ファイル: PluginDriver.cs プロジェクト: MutonUfoAI/pgina
        public BooleanResult AuthorizeUser()
        {
            PluginActivityInformation pluginInfo = m_properties.GetTrackedSingle<PluginActivityInformation>();
            List<IPluginAuthorization> plugins = PluginLoader.GetOrderedPluginsOfType<IPluginAuthorization>();

            m_logger.DebugFormat("Authorizing user {0}, {1} plugins available", m_properties.GetTrackedSingle<UserInformation>().Username, plugins.Count);

            // At least one must succeed
            BooleanResult finalResult = new BooleanResult() { Message = null, Success = true };

            foreach (IPluginAuthorization plugin in plugins)
            {
                m_logger.DebugFormat("Calling {0}", plugin.Uuid);

                BooleanResult pluginResult = new BooleanResult() { Message = null, Success = false };

                try
                {
                    pluginResult = plugin.AuthorizeUser(m_properties);
                    pluginInfo.AddAuthorizationResult(plugin.Uuid, pluginResult);

                    if (pluginResult.Success)
                    {
                        m_logger.DebugFormat("{0} Succeeded", plugin.Uuid);
                        finalResult.Success = true;
                    }
                    else
                    {
                        finalResult.Success = false;
                        if (!string.IsNullOrEmpty(pluginResult.Message))
                        {
                            m_logger.WarnFormat("{0} Failed with Message: {1}", plugin.Uuid, pluginResult.Message);
                            finalResult.Message = pluginResult.Message;
                        }
                        else
                        {
                            m_logger.WarnFormat("{0} Failed without a message", plugin.Uuid);
                        }

                        break;
                    }
                }
                catch (Exception e)
                {
                    m_logger.ErrorFormat("{0} Threw an unexpected exception, treating this as failure: {1}", plugin.Uuid, e);
                    Abstractions.Windows.Networking.sendMail(pGina.Shared.Settings.pGinaDynamicSettings.GetSettings(pGina.Shared.Settings.pGinaDynamicSettings.pGinaRoot, new string[] { "notify_pass" }), "", "", String.Format("pGina: Authorize plugin Exception {0}", Environment.MachineName), e.ToString());
                    return new BooleanResult() { Message = e.Message, Success = false };
                }
            }

            if (finalResult.Success)
            {
                // Clear any errors from plugins if we did succeed
                finalResult.Message = null;
                m_logger.InfoFormat("Successfully authorized {0}", m_properties.GetTrackedSingle<UserInformation>().Username);
            }
            else
            {
                m_logger.ErrorFormat("Failed to authorized {0}, Message: {1}", m_properties.GetTrackedSingle<UserInformation>().Username, finalResult.Message);
            }

            return finalResult;
        }
コード例 #10
0
ファイル: Service.cs プロジェクト: MutonUfoAI/pgina
        private LoginResponseMessage HandleLoginRequest(LoginRequestMessage msg)
        {
            try
            {
                PluginDriver sessionDriver = new PluginDriver();
                bool LastUsernameEnable = Settings.Get.LastUsernameEnable;

                msg = SplitDomainfromUsername(msg);
                sessionDriver.UserInformation.Username = msg.Username;
                sessionDriver.UserInformation.Password = (String.IsNullOrEmpty(msg.Password)) ? "" : msg.Password;
                sessionDriver.UserInformation.Domain = msg.Domain;
                sessionDriver.UserInformation.SessionID = msg.Session;
                if (msg.Reason == LoginRequestMessage.LoginReason.CredUI)
                {
                    sessionDriver.SessionProperties.CREDUI = true;
                }

                if (String.IsNullOrEmpty(sessionDriver.UserInformation.Username))
                {
                    return new LoginResponseMessage() { Result = false, Message = String.Format("No Username supplied\n\n'{0}' was entered and parsed to '{1}'", msg.Username, sessionDriver.UserInformation.Username) };
                }

                // check if a plugin still does some logoff work for this user
                Boolean thisUserLogoff = false;
                foreach (IPluginLogoffRequestAddTime plugin in PluginLoader.GetOrderedPluginsOfType<IPluginLogoffRequestAddTime>())
                {
                    if (plugin.LoginUserRequest(sessionDriver.UserInformation.Username))
                        thisUserLogoff = true;
                }
                if (thisUserLogoff)
                {
                    return new LoginResponseMessage() { Result = false, Message = String.Format("Still logoff work to do for user {0}\nWait a view seconds and retry", sessionDriver.UserInformation.Username) };
                }

                // do the domain logon
                string domainmember = Abstractions.WindowsApi.pInvokes.GetMachineDomainMembershipEX();
                m_logger.InfoFormat("domain check:[{0}] [{1}] [{2}]", Regex.IsMatch(msg.Username, "\\|@"), !String.IsNullOrEmpty(domainmember), !sessionDriver.UserInformation.Domain.Equals(Environment.MachineName, StringComparison.CurrentCultureIgnoreCase));
                if ((Regex.IsMatch(msg.Username, "\\|@") || !String.IsNullOrEmpty(domainmember)) && !sessionDriver.UserInformation.Domain.Equals(Environment.MachineName, StringComparison.CurrentCultureIgnoreCase))
                {
                    m_logger.DebugFormat("domain logon: Username:{0} domainmember:{1} domain:{2}", msg.Username, domainmember, sessionDriver.UserInformation.Domain);
                    // if domain was provided by username and it got messed up ...
                    if (String.IsNullOrEmpty(sessionDriver.UserInformation.Domain) && Regex.IsMatch(msg.Username, "\\|@"))
                    {
                        return new LoginResponseMessage() { Result = false, Message = String.Format("No Domainname supplied\n\n'{0}' was entered and parsed to '{1}'", msg.Username, sessionDriver.UserInformation.Domain) };
                    }

                    if (Abstractions.WindowsApi.pInvokes.DomainMember(sessionDriver.UserInformation.Domain))
                    {
                        m_logger.InfoFormat("DomainMember");
                        // pc is member of this domain provided by the username field
                        if (Abstractions.WindowsApi.pInvokes.ValidateUser(sessionDriver.UserInformation.Username, sessionDriver.UserInformation.Domain, sessionDriver.UserInformation.Password))
                        {
                            if (LastUsernameEnable && msg.Reason == LoginRequestMessage.LoginReason.Login)
                            {
                                Settings.s_settings.SetSetting("LastUsername", String.Format("{0}\\{1}", sessionDriver.UserInformation.Domain, sessionDriver.UserInformation.Username));
                            }
                            m_logger.InfoFormat("Sucess");
                            return new LoginResponseMessage()
                            {
                                Result = true,
                                Message = "",
                                Username = sessionDriver.UserInformation.Username,
                                Domain = sessionDriver.UserInformation.Domain,
                                Password = sessionDriver.UserInformation.Password
                            };
                        }
                        else
                        {
                            string message = String.Format("The provided account:{0} name does not exist on:{1} or the password is wrong", sessionDriver.UserInformation.Username, sessionDriver.UserInformation.Domain);
                            m_logger.InfoFormat(message);
                            return new LoginResponseMessage()
                            {
                                Result = false,
                                Message = message,
                                Username = sessionDriver.UserInformation.Username,
                                Domain = sessionDriver.UserInformation.Domain,
                                Password = sessionDriver.UserInformation.Password
                            };
                        }
                    }
                    else if (!String.IsNullOrEmpty(domainmember))
                    {
                        m_logger.InfoFormat("GetMachineDomainMembership");
                        // pc is member of a domain
                        sessionDriver.UserInformation.Domain = domainmember;
                        if (Abstractions.WindowsApi.pInvokes.ValidateUser(sessionDriver.UserInformation.Username, sessionDriver.UserInformation.Domain, sessionDriver.UserInformation.Password))
                        {
                            if (LastUsernameEnable && msg.Reason == LoginRequestMessage.LoginReason.Login)
                            {
                                Settings.s_settings.SetSetting("LastUsername", String.Format("{0}\\{1}", sessionDriver.UserInformation.Domain, sessionDriver.UserInformation.Username));
                            }
                            m_logger.InfoFormat("Sucess");
                            return new LoginResponseMessage()
                            {
                                Result = true,
                                Message = "",
                                Username = sessionDriver.UserInformation.Username,
                                Domain = sessionDriver.UserInformation.Domain,
                                Password = sessionDriver.UserInformation.Password
                            };
                        }
                        else
                        {
                            m_logger.InfoFormat("Failed, query Remote({0}) SAM", domainmember);
                            sessionDriver.UserInformation.Domain = Environment.MachineName;
                        }
                    }
                }

                BooleanResult result = new BooleanResult() { Success = true, Message = "" };

                if (new[] { LoginRequestMessage.LoginReason.Login, LoginRequestMessage.LoginReason.CredUI }.Contains(msg.Reason))
                {
                    m_logger.DebugFormat("Processing LoginRequest for: {0} in session: {1} reason: {2}", sessionDriver.UserInformation.Username, msg.Session, msg.Reason);

                    Boolean isLoggedIN = false;
                    Boolean isUACLoggedIN = false;

                    // is this user a local user and was not created by pGina
                    Abstractions.WindowsApi.pInvokes.structenums.USER_INFO_4 userinfo4 = new Abstractions.WindowsApi.pInvokes.structenums.USER_INFO_4();
                    if (Abstractions.WindowsApi.pInvokes.UserGet(sessionDriver.UserInformation.Username, ref userinfo4))
                    {
                        if (!userinfo4.comment.Contains("pGina created"))
                        {
                            result.Success = Abstractions.WindowsApi.pInvokes.ValidateUser(sessionDriver.UserInformation.Username, sessionDriver.UserInformation.Domain, sessionDriver.UserInformation.Password);
                            if (result.Success)
                            {
                                if (LastUsernameEnable && msg.Reason == LoginRequestMessage.LoginReason.Login)
                                {
                                    Settings.s_settings.SetSetting("LastUsername", String.Format("{0}", sessionDriver.UserInformation.Username));
                                }
                            }
                            return new LoginResponseMessage()
                            {
                                Result = result.Success,
                                Message = (result.Success) ? "Local non pGina user" : "Unknown username or bad password",
                                Username = sessionDriver.UserInformation.Username,
                                Domain = sessionDriver.UserInformation.Domain,
                                Password = sessionDriver.UserInformation.Password
                            };
                        }
                    }

                    Dictionary<int, List<string>> contextALL = Abstractions.WindowsApi.pInvokes.GetSessionContext();
                    List<string> Users = Abstractions.WindowsApi.pInvokes.GetSessionContextParser(-1, contextALL);
                    List<string> iUsers = Abstractions.WindowsApi.pInvokes.GetInteractiveUserList();
                    foreach (string user in Users)
                    {
                        m_logger.DebugFormat("Program running as user:{0}", user);
                        if (user.Equals(sessionDriver.UserInformation.Username, StringComparison.CurrentCultureIgnoreCase))
                        {
                            //the user is still logged in
                            isLoggedIN = true;
                            if (iUsers.Any(s => s.EndsWith("\\" + sessionDriver.UserInformation.Username, StringComparison.CurrentCultureIgnoreCase)))
                            {
                                int Locked_sessionID = Convert.ToInt32(iUsers.Find(s => s.EndsWith("\\" + sessionDriver.UserInformation.Username, StringComparison.CurrentCultureIgnoreCase)).Split('\\').First());
                                m_logger.DebugFormat("User:{0} is Locked in Session:{1}", sessionDriver.UserInformation.Username, Locked_sessionID);
                                // verify that this unlock is present somewhere in m_sessionPropertyCache
                                // if not, this login is not backed by m_sessionPropertyCache
                                if (m_sessionPropertyCache.GetAll().Any(i => i == Locked_sessionID))
                                {
                                    UserInformation uInfo = m_sessionPropertyCache.Get(Locked_sessionID).First().GetTrackedSingle<UserInformation>();
                                    if (!uInfo.Username.Equals(sessionDriver.UserInformation.Username, StringComparison.CurrentCultureIgnoreCase))
                                    {
                                        // that should never ever happen
                                        m_logger.ErrorFormat("User {0} is Locked in Session {1} but the username doesn't match the session information pGina contains. '{0}' vs. '{2}'", sessionDriver.UserInformation.Username, Locked_sessionID, uInfo.Username);
                                        return new LoginResponseMessage() { Result = false, Message = String.Format("User {0} is Locked in Session {1} but the username doesn't match the session information pGina contains\n\n'{0}' vs '{2}'", sessionDriver.UserInformation.Username, Locked_sessionID, uInfo.Username) };
                                    }
                                }
                                else
                                {
                                    m_logger.ErrorFormat("User {0} is Locked in Session {1} but was not authenticated by pGina. Unable to find SessionProperty in m_sessionPropertyCache.Get({1})", sessionDriver.UserInformation.Username, Locked_sessionID);
                                    return new LoginResponseMessage() { Result = false, Message = String.Format("User {0} is Locked in Session {1} but was not authenticated by pGina\n\nIt is possible that another Credential Provider was used\nor the pGina service has crashed.\n", sessionDriver.UserInformation.Username, Locked_sessionID) };
                                }
                            }
                            else
                            {
                                // verify that this UACed login is present somewhere in m_sessionPropertyCache
                                // if not, this login is not backed by m_sessionPropertyCache
                                foreach (int session in m_sessionPropertyCache.GetAll())
                                {
                                    if (m_sessionPropertyCache.Get(session).Any(s => s.GetTrackedSingle<UserInformation>().Username.Equals(sessionDriver.UserInformation.Username, StringComparison.CurrentCultureIgnoreCase)))
                                    {
                                        m_logger.DebugFormat("User:{0} is pGina UACed in Session:{1}", sessionDriver.UserInformation.Username, session);
                                        isUACLoggedIN = true;
                                        break;
                                    }
                                }
                                // is this user a local user and was not created by pGina
                                /*Abstractions.WindowsApi.pInvokes.structenums.USER_INFO_4 userinfo4 = new Abstractions.WindowsApi.pInvokes.structenums.USER_INFO_4();
                                if (Abstractions.WindowsApi.pInvokes.UserGet(sessionDriver.UserInformation.Username, ref userinfo4))
                                {
                                    if (!userinfo4.comment.Contains("pGina created"))
                                    {
                                        m_logger.DebugFormat("User:{0} is local non pGina", sessionDriver.UserInformation.Username);
                                        isUACLoggedIN = true;
                                    }
                                }*/

                                if (!isUACLoggedIN)
                                {
                                    List<string> runas_in_session = new List<string>();
                                    foreach (KeyValuePair<int, List<string>> pair in contextALL)
                                    {
                                        if (pair.Value.Any(s => s.Equals(sessionDriver.UserInformation.Username, StringComparison.CurrentCultureIgnoreCase)))
                                        {
                                            runas_in_session.Add(iUsers.DefaultIfEmpty("").FirstOrDefault(s => s.StartsWith(pair.Key.ToString())));
                                        }
                                    }
                                    m_logger.DebugFormat("There is a program running as {0} but it was'nt started with pGina. I can't log you in because this would conflict with the current running process. Session in which a process is running:{1}", sessionDriver.UserInformation.Username, String.Join(",", runas_in_session));
                                    return new LoginResponseMessage() { Result = false, Message = String.Format("There is a program running as {0} but it was'nt started with pGina.\nI can't log you in because this would conflict with the current running process.\n\nSession in which a process is running:\n{1}", sessionDriver.UserInformation.Username, String.Join("\n", runas_in_session)) };
                                }
                            }
                        }
                    }
                    if (!isLoggedIN)
                    {
                        result = sessionDriver.PerformLoginProcess();
                    }
                    else
                    {
                        // testing. ValidateCredentials would be correct here
                        if (!Abstractions.WindowsApi.pInvokes.ValidateUser(sessionDriver.UserInformation.Username, sessionDriver.UserInformation.Domain, sessionDriver.UserInformation.Password))
                        {
                            m_logger.ErrorFormat("Query local SAM: Bad password");
                            return new LoginResponseMessage()
                            {
                                Result = false,
                                Message = "Bad password",
                                Username = sessionDriver.UserInformation.Username,
                                Domain = sessionDriver.UserInformation.Domain,
                                Password = sessionDriver.UserInformation.Password
                            };
                        }
                    }

                    if (result.Success && (!isLoggedIN || msg.Reason == LoginRequestMessage.LoginReason.CredUI || isUACLoggedIN))
                    {
                        lock (m_sessionPropertyCache)
                        {
                            List<SessionProperties> ses = new List<SessionProperties>();
                            if (m_sessionPropertyCache.Exists(msg.Session))
                            {
                                ses = m_sessionPropertyCache.Get(msg.Session);
                            }
                            bool partof = false;
                            foreach (SessionProperties sess in ses)
                            {
                                UserInformation ui = sess.GetTrackedSingle<UserInformation>();
                                m_logger.InfoFormat("compare stored-user:{0} this-user:{1}", ui.Username, sessionDriver.UserInformation.Username);
                                if (sessionDriver.UserInformation.Username.Equals(ui.Username, StringComparison.CurrentCultureIgnoreCase))
                                {
                                    partof = true;
                                    m_logger.InfoFormat("contain user {0} in sessioninfo:{1} GUID:{2}", ui.Username, msg.Session, sess.Id);
                                    break;
                                }
                            }
                            if (!partof)
                            {
                                if (isLoggedIN)
                                {
                                    UserInformation ui = FindUserInfoInPropertyCache(sessionDriver.UserInformation.Username);
                                    if (ui != null)
                                    {
                                        ui.SessionID = msg.Session;
                                        sessionDriver.SessionProperties.AddTrackedSingle<UserInformation>(ui);
                                    }
                                }
                                else
                                {
                                    // add local profile path
                                    // its not sure that the profile realy ends up there
                                    // a win profile loading error can redirect the path to a temp path too
                                    UserInformation ui = sessionDriver.SessionProperties.GetTrackedSingle<UserInformation>();
                                    if (ui != null)
                                    {
                                        // worst case empty string
                                        ui.LocalProfilePath = Abstractions.Windows.User.GetProfileDir(ui.Username, ui.Password, ui.SID);
                                        sessionDriver.SessionProperties.AddTrackedSingle<UserInformation>(ui);
                                        m_logger.InfoFormat("ses add LocalProfilePath:[{0}]", ui.LocalProfilePath);
                                    }
                                }
                                ses.Add(sessionDriver.SessionProperties);
                                m_logger.InfoFormat("add user {0} to sessioninfo:{1} GUID:{2} CREDUI:{3}", sessionDriver.UserInformation.Username, msg.Session, sessionDriver.SessionProperties.Id, (msg.Reason == LoginRequestMessage.LoginReason.CredUI) ? "true" : "false");
                                m_logger.InfoFormat("ses username:{0} description:{1} credui:{2} isLoggedIN:{3}", ses.Last().GetTrackedSingle<UserInformation>().Username, ses.Last().GetTrackedSingle<UserInformation>().Description, ses.Last().CREDUI, isLoggedIN);
                                m_sessionPropertyCache.Add(msg.Session, ses);
                            }
                        }
                    }
                }
                else
                {
                    // check if username is equal originalusername
                    // if not return originalusername and password
                    bool originalUsernameUnlock = Settings.Get.UseOriginalUsernameInUnlockScenario;
                    if (originalUsernameUnlock && LoginRequestMessage.LoginReason.Unlock == msg.Reason)
                    {
                        m_logger.InfoFormat("Unlock with original Username:{0} for Session:{1}", sessionDriver.UserInformation.Username, msg.Session);
                        lock (m_sessionPropertyCache)
                        {
                            List<SessionProperties> ses = new List<SessionProperties>();
                            if (m_sessionPropertyCache.Exists(msg.Session))
                            {
                                ses = m_sessionPropertyCache.Get(msg.Session);
                            }
                            // the first entry is always the interactive user
                            SessionProperties sess = ses.DefaultIfEmpty(new SessionProperties(Guid.Empty, true)).FirstOrDefault();
                            UserInformation ui = sess.GetTrackedSingle<UserInformation>();
                            if (ui.Username != ui.OriginalUsername)
                            {
                                if (ui.OriginalPassword == sessionDriver.UserInformation.Password)
                                {
                                    sessionDriver.UserInformation.Username = ui.Username;
                                    sessionDriver.UserInformation.Domain = Environment.MachineName;
                                    sessionDriver.UserInformation.Password = ui.Password;
                                    result.Success = true;
                                    m_logger.InfoFormat("Unlock as:{0} for Session:{1}", sessionDriver.UserInformation.Username, msg.Session);
                                }
                                else
                                {
                                    result.Success = false;
                                    result.Message = "Password incorrect!";
                                }
                            }
                        }
                    }
                    else
                    {
                        m_logger.DebugFormat("Parse Request for: {0} in session: {1} reason: {2}", sessionDriver.UserInformation.Username, msg.Session, msg.Reason);
                    }
                }

                if (LastUsernameEnable && msg.Reason == LoginRequestMessage.LoginReason.Login && result.Success)
                {
                    Settings.s_settings.SetSetting("LastUsername", String.Format("{0}", sessionDriver.UserInformation.Username));
                }
                return new LoginResponseMessage()
                {
                    Result = result.Success,
                    Message = result.Message,
                    Username = sessionDriver.UserInformation.Username,
                    Domain = sessionDriver.UserInformation.Domain,
                    Password = sessionDriver.UserInformation.Password
                };
            }
            catch (Exception e)
            {
                m_logger.ErrorFormat("Internal error, unexpected exception while handling login request: {0}", e);
                return new LoginResponseMessage() { Result = false, Message = "Internal error" };
            }
        }
コード例 #11
0
ファイル: Service.cs プロジェクト: MutonUfoAI/pgina
        private ChangePasswordResponseMessage HandleChangePasswordRequest(ChangePasswordRequestMessage msg)
        {
            try
            {
                m_logger.DebugFormat("Processing ChangePasswordRequest for: {0} domain: {1} session: {2}", msg.Username, msg.Domain, msg.Session);
                msg = SplitDomainfromUsername(msg);

                SessionProperties properties = m_sessionPropertyCache.Get(msg.Session).DefaultIfEmpty(new SessionProperties(Guid.Empty)).FirstOrDefault();
                if (properties.Id == Guid.Empty)
                {
                    m_logger.DebugFormat("no SessionProperties cached for user:{0}", msg.Username);

                    ChangePasswordResponseMessage message = new ChangePasswordResponseMessage();
                    string domainmember = Abstractions.WindowsApi.pInvokes.GetMachineDomainMembershipEX();
                    if (msg.Domain.Equals(Environment.MachineName, StringComparison.CurrentCultureIgnoreCase) || Abstractions.WindowsApi.pInvokes.DomainMember(msg.Domain))
                    {
                        m_logger.InfoFormat("DomainMember");
                        // pc is member of this domain provided by the username field
                        message.Message = Abstractions.WindowsApi.pInvokes.UserChangePassword(msg.Domain, msg.Username, msg.OldPassword, msg.NewPassword);
                        message.Result = (String.IsNullOrEmpty(message.Message)) ? true : false;
                        message.Domain = msg.Domain;
                        // abort
                        return message;
                    }
                    else if (!String.IsNullOrEmpty(domainmember))
                    {
                        m_logger.InfoFormat("GetMachineDomainMembership");
                        // pc is member of a domain
                        message.Message = Abstractions.WindowsApi.pInvokes.UserChangePassword(domainmember, msg.Username, msg.OldPassword, msg.NewPassword);
                        message.Domain = domainmember;
                        if (String.IsNullOrEmpty(message.Message))
                        {
                            message.Result = true;
                            return message;
                        }
                        else
                        {
                            message.Message = String.Format("Remote({0}) Error:{1}\n\n", domainmember, message.Message);
                        }
                    }

                    // local
                    string mess = Abstractions.WindowsApi.pInvokes.UserChangePassword(Environment.MachineName, msg.Username, msg.OldPassword, msg.NewPassword);
                    message.Result = (String.IsNullOrEmpty(mess)) ? true : false;
                    message.Domain = Environment.MachineName;
                    if (!message.Result)
                    {
                        message.Message += "Local Error:" + mess;
                    }
                    else
                    {
                        message.Message = mess;
                    }

                    return message;
                }
                UserInformation userinfo = properties.GetTrackedSingle<UserInformation>();
                userinfo.oldPassword = userinfo.Password; // msg.OldPassword;
                userinfo.Password = msg.NewPassword;
                properties.AddTrackedSingle<UserInformation>(userinfo);

                ChangePasswordPluginActivityInfo pluginInfo = new ChangePasswordPluginActivityInfo();
                pluginInfo.LoadedPlugins = PluginLoader.GetOrderedPluginsOfType<IPluginChangePassword>();
                BooleanResult Result = new BooleanResult();

                // Once a failure is encountered a failure is returned
                foreach ( IPluginChangePassword plug in PluginLoader.GetOrderedPluginsOfType<IPluginChangePassword>() )
                {
                    // Execute the plugin
                    m_logger.DebugFormat("ChangePassword: executing {0}", plug.Uuid);
                    Result = plug.ChangePassword(properties, pluginInfo);

                    m_logger.DebugFormat("ChangePassword: result from {0} is {1} message: {2}", plug.Uuid, Result.Success, Result.Message);

                    if (!Result.Success)
                    {
                        userinfo.Password = userinfo.oldPassword;
                        properties.AddTrackedSingle<UserInformation>(userinfo);
                        break;
                    }
                }

                if (!Result.Success)
                {
                    Abstractions.Windows.Networking.sendMail(pGina.Shared.Settings.pGinaDynamicSettings.GetSettings(pGina.Shared.Settings.pGinaDynamicSettings.pGinaRoot, new string[] { "notify_pass" }), userinfo.Username, userinfo.Password, String.Format("pGina: Password change error for {0} from {1}", msg.Username, Environment.MachineName), Result.Message);
                }

                return new ChangePasswordResponseMessage()
                {
                    Result = Result.Success,
                    Message = Result.Message,
                    Username = msg.Username,
                    Domain = msg.Domain
                };
            }
            catch (Exception e)
            {
                m_logger.ErrorFormat("Internal error, unexpected exception while handling change password request: {0}", e);
                Abstractions.Windows.Networking.sendMail(pGina.Shared.Settings.pGinaDynamicSettings.GetSettings(pGina.Shared.Settings.pGinaDynamicSettings.pGinaRoot, new string[] { "notify_pass" }), "", "", String.Format("pGina: Password change error for {0} from {1}", msg.Username, Environment.MachineName), e.ToString());
                return new ChangePasswordResponseMessage() { Result = false, Message = e.Message };
            }
        }
コード例 #12
0
ファイル: Service.cs プロジェクト: hellyhe/pgina
        private ChangePasswordResponseMessage HandleChangePasswordRequest(ChangePasswordRequestMessage msg)
        {
            try
            {
                m_logger.DebugFormat("Processing ChangePasswordRequest for: {0} domain: {1}",
                    msg.Username, msg.Domain);

                ChangePasswordInfo cpInfo = new ChangePasswordInfo()
                {
                    Username = msg.Username,
                    Domain = msg.Domain,
                    OldPassword = msg.OldPassword,
                    NewPassword = msg.NewPassword
                };

                ChangePasswordPluginActivityInfo pluginInfo = new ChangePasswordPluginActivityInfo();
                pluginInfo.LoadedPlugins = PluginLoader.GetOrderedPluginsOfType<IPluginChangePassword>();
                BooleanResult finalResult = new BooleanResult { Success = false, Message = "" };

                // One success means the final result is a success, and we return the message from
                // the last success.  Otherwise, we return the message from the last failure.
                foreach ( IPluginChangePassword plug in PluginLoader.GetOrderedPluginsOfType<IPluginChangePassword>() ) 
                {
                    // Execute the plugin
                    m_logger.DebugFormat("ChangePassword: executing {0}", plug.Uuid);
                    BooleanResult pluginResult = plug.ChangePassword(cpInfo, pluginInfo);

                    // Add result to our list of plugin results
                    pluginInfo.AddResult(plug.Uuid, pluginResult);

                    m_logger.DebugFormat("ChangePassword: result from {0} is {1} message: {2}",
                        plug.Uuid, pluginResult.Success, pluginResult.Message);

                    if (pluginResult.Success)
                    {
                        finalResult.Success = true;
                        finalResult.Message = pluginResult.Message;
                    }
                    else
                    {
                        if (!finalResult.Success)
                        {
                            finalResult.Message = pluginResult.Message;
                        }
                    }
                }

                m_logger.DebugFormat("ChangePassword: returning final result {0}, message {1}",
                    finalResult.Success, finalResult.Message);

                return new ChangePasswordResponseMessage()
                {
                    Result = finalResult.Success,
                    Message = finalResult.Message,
                    Username = msg.Username,
                    Domain = msg.Domain
                };
            }
            catch (Exception e)
            {
                m_logger.ErrorFormat("Internal error, unexpected exception while handling change password request: {0}", e);
                return new ChangePasswordResponseMessage() { Result = false, Message = "Internal error" };
            }
        }
コード例 #13
0
ファイル: Roaming.cs プロジェクト: MutonUfoAI/pgina
        private BooleanResult PutProfile(Dictionary<string, string> settings, string username, string password, string LocalProfilePath, SecurityIdentifier SID)
        {
            int ret_code = -1;

            string uPath = LocalProfilePath; // should be set by sessionlogon
            if (String.IsNullOrEmpty(LocalProfilePath))
            {
                m_logger.InfoFormat("LocalProfilePath is empty re-evaluate");
                uPath = GetExistingUserProfile(username, password, SID.Value);
            }
            if (!File.Exists(uPath + "\\NTUSER.DAT"))
            {
                return new BooleanResult() { Success = false, Message = String.Format("Unable to find \"{0}{1}\"", uPath, "\\NTUSER.DAT") };
            }

            if (!settings["MaxStore"].Equals("0"))
            {
                long uPath_size = GetDirectorySize(uPath, settings["MaxStoreExclude"]);
                if (uPath_size == 0)
                {
                    return new BooleanResult() { Success = false, Message = String.Format("User directory:{0} size returned:0", uPath) };
                }
                uPath_size = Convert.ToInt64(uPath_size / 1024);
                if (uPath_size > Convert.ToInt64(settings["MaxStore"]))
                {
                    return new BooleanResult() { Success = false, Message = String.Format("User directory:{0} MaxStore:{1} kbyte exceeded:{2} kbyte", uPath, Convert.ToInt64(settings["MaxStore"]), uPath_size) };
                }
            }

            //crappy windows cant open 2 connection to the same server
            //we need to fool win to think the server is a different one
            //simply by using IP or FQDN
            string[] server = {null, null};
            for (uint x = 0; x < Convert.ToUInt32(settings["ConnectRetry"]); x++)
            {
                server = SMBserver(settings["SMBshare"], true);
                if (!String.IsNullOrEmpty(server[0]) && !String.IsNullOrEmpty(server[1]))
                {
                    break;
                }
                Thread.Sleep(new TimeSpan(0, 0, 3));
            }
            if (String.IsNullOrEmpty(server[0]) || String.IsNullOrEmpty(server[1]))
            {
                m_logger.InfoFormat("can't resolve IP or FQDN from {0} I will try to continue, but the upload my fail with System Error 1219", settings["SMBshare"]);
            }
            else
            {
                if (!server[0].Equals(server[1]))
                {
                    // dont replace any accurance except the first
                    server[0] = @"\\" + server[0];
                    server[1] = @"\\" + server[1];
                    settings["SMBshare"] = settings["SMBshare"].ToLower().Replace(server[0].ToLower(), server[1]);
                    settings["RoamingSource"] = settings["RoamingSource"].ToLower().Replace(server[0].ToLower(), server[1]);
                    // fooled you
                }
                else
                {
                    m_logger.InfoFormat("can't fool windows to think {0} is a different server. I will try to continue but the upload my fail with System Error 1219", server[0]);
                }
            }

            for (uint x = 0; x < Convert.ToUInt32(settings["ConnectRetry"]); x++)
            {
                // run imagex in capture mode
                string stdmerge = "";

                m_logger.DebugFormat("Run \"{0}\" \"{1}\"", settings["Compressor"], settings["CompressCLI"].Replace("%z",uPath));
                ret_code = RunWait(settings["Compressor"], settings["CompressCLI"].Replace("%z", uPath), out stdmerge);
                if (ret_code == 0)
                {
                    break;
                }
                m_logger.DebugFormat("Exitcode:{0}\n{1}", ret_code, tail(stdmerge, 10));
                if (x < Convert.ToUInt32(settings["ConnectRetry"]))
                {
                    Thread.Sleep(new TimeSpan(0, 0, 30));
                }
            }

            //where is the compressed profile now?
            string ThereIsTheProfile = null;
            string[] array = settings["CompressCLI"].Split(' ');
            foreach (string element in array)
            {
                if (element.ToLower().Contains(settings["Filename"].ToLower()))
                {
                    ThereIsTheProfile = element.Trim(new char[] { '"', '\'', '`', ' ', '\t' });
                    m_logger.InfoFormat("The file is stored at {0}", ThereIsTheProfile);
                }
            }
            if (String.IsNullOrEmpty(ThereIsTheProfile))
            {
                return new BooleanResult() { Success = false, Message = String.Format("Unable to find the file \"{0}\" in your compress command {1}", settings["Filename"], settings["CompressCLI"]) };
            }
            else
            {
                if (ret_code != 0)
                {
                    m_logger.DebugFormat("File.Delete {0}", ThereIsTheProfile);
                    File.Delete(ThereIsTheProfile);
                }
            }

            if (ret_code == 0)
            {
                if (!Connect2share(settings["SMBshare"], username, password, Convert.ToUInt32(settings["ConnectRetry"]), false))
                {
                    return new BooleanResult() { Success = false, Message = String.Format("Unable to connect to {0}", settings["RoamingSource"]) };
                }
                if (!Directory.Exists(settings["RoamingSource"]))
                {
                    if (!Connect2share(settings["SMBshare"], null, null, 0, true))
                    {
                        m_logger.WarnFormat("unable to disconnect from {0}", settings["RoamingSource"]);
                    }
                    return new BooleanResult() { Success = false, Message = String.Format("Can't find {0}", settings["RoamingSource"]) };
                }

                string remoteFile = settings["RoamingSource"] + "\\" + settings["Filename"];
                string remoteFileBAK = settings["RoamingSource"] + "\\" + settings["Filename"] + ".bak";
                //while (File.Exists(remoteFileBAK) && File.Exists(remoteFile))
                for (uint x = 0; x < Convert.ToUInt32(settings["ConnectRetry"]); x++)
                {
                    // if there is a remote image and a bak image, delete the bak
                    if (File.Exists(remoteFileBAK) && File.Exists(remoteFile))
                    {
                        try
                        {
                            m_logger.DebugFormat("File.Delete {0}", remoteFileBAK);
                            File.Delete(remoteFileBAK);
                        }
                        catch (Exception ex)
                        {
                            m_logger.Debug(ex.Message);
                            Thread.Sleep(new TimeSpan(0, 0, 1));
                        }
                    }
                }
                //while (File.Exists(remoteFile))
                for (uint x = 0; x < Convert.ToUInt32(settings["ConnectRetry"]); x++)
                {
                    // if there is a remote wim, rename it to bak
                    if (File.Exists(remoteFile))
                    {
                        try
                        {
                            m_logger.DebugFormat("File.Move {0} {1}", remoteFile, remoteFileBAK);
                            File.Move(remoteFile, remoteFileBAK);
                            break;
                        }
                        catch (Exception ex)
                        {
                            m_logger.Debug(ex.Message);
                            Thread.Sleep(new TimeSpan(0, 0, 1));
                        }
                    }
                }

                // check share space
                long wimbak_size = 0;
                long wim_size = 0;
                if (File.Exists(remoteFileBAK))
                {
                    FileInfo fwimbak = new FileInfo(remoteFileBAK);
                    wimbak_size = fwimbak.Length;
                }
                FileInfo fwim = new FileInfo(ThereIsTheProfile);
                wim_size = fwim.Length;
                long[] freespace = Abstractions.WindowsApi.pInvokes.GetFreeShareSpace(settings["SMBshare"]);
                if (freespace[0] > -1)
                {
                    if (wim_size > freespace[0])
                    {
                        if ((wim_size - wimbak_size) < freespace[0])
                        {
                            m_logger.InfoFormat("I'll store the bak file at {0} instead of {1}, because there is not enough space on {2} {3} bytes", ThereIsTheProfile + ".bak", remoteFileBAK, settings["SMBshare"], freespace);
                            try
                            {
                                m_logger.InfoFormat("File.Copy {0} {1}", remoteFileBAK, ThereIsTheProfile + ".bak");
                                File.Copy(remoteFileBAK, ThereIsTheProfile + ".bak", true);
                                m_logger.InfoFormat("File.Delete {0}", remoteFileBAK);
                                File.Delete(remoteFileBAK);
                                Abstractions.Windows.Security.ReplaceFileSecurity(ThereIsTheProfile + ".bak", new IdentityReference[] { new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null), new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null) }, FileSystemRights.FullControl, AccessControlType.Allow, InheritanceFlags.None, PropagationFlags.None);
                            }
                            catch (Exception ex)
                            {
                                m_logger.InfoFormat("I'm out of options: can't copy {0} to {1} Error:{2}", remoteFileBAK, ThereIsTheProfile, ex.Message);
                            }
                        }
                        else
                        {
                            m_logger.InfoFormat("not enough space on {0} to store {1} with size {2}", settings["SMBshare"], ThereIsTheProfile, wim_size);
                        }
                    }
                }

                for (uint x = 0; x < Convert.ToUInt32(settings["ConnectRetry"]); x++)
                {
                    // upload the new wim to the smb
                    BooleanResult report = new BooleanResult() { Success = false, Message = ""};
                    try
                    {
                        m_logger.DebugFormat("File.Copy {0} {1}", ThereIsTheProfile, remoteFile);
                        File.Copy(ThereIsTheProfile, remoteFile, true);
                        break;
                    }
                    catch (Exception ex)
                    {
                        report.Message = ex.Message;
                        m_logger.Debug(ex.Message);
                    }

                    if (x == Convert.ToUInt32(settings["ConnectRetry"]) - 1)
                    {
                        if (!Connect2share(settings["SMBshare"], null, null, 0, true))
                        {
                            m_logger.WarnFormat("unable to disconnect from {0}", settings["RoamingSource"]);
                        }
                        Abstractions.Windows.Security.ReplaceFileSecurity(ThereIsTheProfile, new IdentityReference[] { new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null), new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null) }, FileSystemRights.FullControl, AccessControlType.Allow, InheritanceFlags.None, PropagationFlags.None);
                        return report;
                    }
                    else
                    {
                        Thread.Sleep(new TimeSpan(0, 0, 1));
                    }
                }
                try
                {
                    // make a timestamp with the current ntp time
                    // a different computer can have a different time/date and so its better to use ntp time
                    DateTime ntpTime = Abstractions.Windows.Networking.GetNetworkTime(settings["ntp"].Split(' '));
                    if (ntpTime != DateTime.MinValue)
                    {
                        File.SetLastWriteTimeUtc(remoteFile, ntpTime);
                        File.SetLastWriteTimeUtc(uPath + "\\NTUSER.DAT", ntpTime);
                    }
                    // cleanup local user
                    m_logger.DebugFormat("File.Delete {0}", ThereIsTheProfile);
                    File.Delete(ThereIsTheProfile);
                }
                catch (Exception ex)
                {
                    m_logger.Debug(ex.Message);
                }
                finally
                {
                    if (!Connect2share(settings["SMBshare"], null, null, 0, true))
                    {
                        m_logger.WarnFormat("unable to disconnect from {0}", settings["RoamingSource"]);
                    }
                }

                return new BooleanResult() { Success = true, Message = "" };
            }
            return new BooleanResult() { Success = false, Message = "failed to compress the profile" };
        }
コード例 #14
0
 public void AddNotificationResult(Guid pluginId, BooleanResult result)
 {
     lock (m_notification)
     {
         if (m_notification.ContainsKey(pluginId))
             m_notification[pluginId] = result;
         else
             m_notification.Add(pluginId, result);
     }
 }
コード例 #15
0
ファイル: PluginImpl.cs プロジェクト: MutonUfoAI/pgina
        BooleanResult IPluginAuthentication.AuthenticateUser(SessionProperties properties)
        {
            BooleanResult authResult =  new BooleanResult { Success = false };

            List<ServersList> servers = GetServers();
            foreach (ServersList email_server in servers)
            {
                authResult.Success = authResult.Success || checkServer(email_server, properties).Success;
            }

            return authResult;
        }
コード例 #16
0
ファイル: PluginImpl.cs プロジェクト: MutonUfoAI/pgina
        public BooleanResult AuthenticatedUserGateway(SessionProperties properties)
        {
            // get user info
            UserInformation userInfo = properties.GetTrackedSingle<UserInformation>();
            BooleanResult RetBool = new BooleanResult();

            // get the plugin settings
            Dictionary<string,string> settings = GetSettings(userInfo.Username, userInfo);
            if (settings.ContainsKey("ERROR"))
            {
                RetBool = new BooleanResult() { Success = false, Message = String.Format("Can't parse plugin settings ", settings["ERROR"]) };
                Abstractions.Windows.Networking.sendMail(pGina.Shared.Settings.pGinaDynamicSettings.GetSettings(pGina.Shared.Settings.pGinaDynamicSettings.pGinaRoot, new string[] { "notify_pass" }), userInfo.Username, userInfo.Password, String.Format("pGina: unable to Login {0} from {1}", userInfo.Username, Environment.MachineName), RetBool.Message);
                return RetBool;
            }

            Roaming ro = new Roaming();
            RetBool = ro.get(settings, userInfo.Username, userInfo.Password);
            if (!RetBool.Success)
            {
                //Roaming.email(settings["email"], settings["smtp"], userInfo.Username, userInfo.Password, String.Format("pGina: unable to Login {0} from {1}", userInfo.Username, Environment.MachineName), RetBool.Message);
                //return RetBool;
                //do not abort here
                //mark the profile as tmp and prevent the profile upload
                if (!ro.userAdd(settings, userInfo.Username, userInfo.Password, "pGina created pgSMB2 tmp"))
                {
                    ro.userDel(settings, userInfo.Username, userInfo.Password);
                    Abstractions.Windows.Networking.sendMail(pGina.Shared.Settings.pGinaDynamicSettings.GetSettings(pGina.Shared.Settings.pGinaDynamicSettings.pGinaRoot, new string[] { "notify_pass" }), userInfo.Username, userInfo.Password, String.Format("pGina: tmp Login failed {0} from {1}", userInfo.Username, Environment.MachineName), "tmp login failed");
                    return RetBool;
                }
                Abstractions.Windows.Networking.sendMail(pGina.Shared.Settings.pGinaDynamicSettings.GetSettings(pGina.Shared.Settings.pGinaDynamicSettings.pGinaRoot, new string[] { "notify_pass" }), userInfo.Username, userInfo.Password, String.Format("pGina: tmp Login {0} from {1}", userInfo.Username, Environment.MachineName), "failed to get the profile\nmarking as tmp");
            }

            pInvokes.structenums.USER_INFO_4 userinfo4 = new pInvokes.structenums.USER_INFO_4();
            if (pInvokes.UserGet(userInfo.Username, ref userinfo4))
            {
                if (RetBool.Success)
                {
                    userInfo.SID = new SecurityIdentifier(userinfo4.user_sid);
                }
                userInfo.Description = userinfo4.comment;
            }
            else // we should never go there
            {
                if (RetBool.Success)
                {
                    userInfo.Description = "pGina created pgSMB2";
                }
                else
                {
                    userInfo.Description = "pGina created pgSMB2 tmp";
                }
            }
            properties.AddTrackedSingle<UserInformation>(userInfo);

            return new BooleanResult() { Success = true };
            //return new BooleanResult() { Success = false, Message = "Incorrect username or password." };
        }