public static ADObject CreateIdentityCopy(ADObject sourceObj) { object item; ADObject aDObject = new ADObject(); string[] identityPropertyNames = ADObject.IdentityPropertyNames; for (int i = 0; i < (int)identityPropertyNames.Length; i++) { string str = identityPropertyNames[i]; if (!aDObject.Contains(str)) { item = sourceObj[str]; if (item != null) { aDObject.Add(str, item); } } } foreach (string propertyName in sourceObj.InternalProperties.PropertyNames) { if (aDObject.InternalProperties.Contains(propertyName)) { continue; } item = sourceObj.InternalProperties[propertyName].Value; if (item == null) { continue; } aDObject.InternalProperties.SetValue(propertyName, item); } return(aDObject); }
private static bool SetAndValidateClaimSourceType(ADObject directoryObj, StringBuilder errorBuffer) { bool flag = false; if (!directoryObj.Contains("msDS-ClaimSource")) { if (directoryObj.Contains("msDS-ClaimAttributeSource")) { directoryObj.SetValue("msDS-ClaimSourceType", "AD"); } } else { if (!directoryObj.Contains("msDS-ClaimValueType")) { directoryObj.Add("msDS-ClaimValueType", (long)6); } else { long?value = (long?)(directoryObj["msDS-ClaimValueType"].Value as long?); if (value.Value != (long)6) { flag = true; errorBuffer.AppendLine(StringResources.CTSourceOIDValueTypeError); } } directoryObj.SetValue("msDS-ClaimSourceType", "Certificate"); } return(!flag); }
private static void UpdateNTMixedDomainMode(CmdletSessionInfo cmdletSessionInfo, int ntMixedDomainMode) { ADObject aDObject = new ADObject(); aDObject.DistinguishedName = cmdletSessionInfo.ADRootDSE.DefaultNamingContext; using (ADActiveObject aDActiveObject = new ADActiveObject(cmdletSessionInfo.ADSessionInfo, aDObject)) { aDObject.TrackChanges = true; aDObject.Add("ntMixedDomain", ntMixedDomainMode); aDActiveObject.Update(); } }
private bool SyncADObjectProcessCSRoutine() { CmdletSessionInfo cmdletSessionInfo; ADRootDSE rootDSE; ADObject directoryObjectFromIdentity; bool flag; string empty; this.ValidateParameters(); ADObject obj = this._cmdletParameters.Object; string destination = this._cmdletParameters.Destination; if (this.sourceServer == null) { if (!obj.IsSearchResult) { if (this.currentADDriveServer == null) { object[] objArray = new object[1]; objArray[0] = "Source"; throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, StringResources.ParameterRequired, objArray)); } else { this.sourceServer = this.currentADDriveServer; } } else { this.sourceServer = obj.SessionInfo.Server; } } try { cmdletSessionInfo = this.GetCmdletSessionInfo(); } catch (ADServerDownException aDServerDownException1) { ADServerDownException aDServerDownException = aDServerDownException1; object[] objArray1 = new object[1]; objArray1[0] = destination; throw new ADServerDownException(string.Format(CultureInfo.CurrentCulture, StringResources.DestinationServerDown, objArray1), aDServerDownException.InnerException, destination); } if (!cmdletSessionInfo.ADRootDSE.IsWritable() || !this._cmdletParameters.GetSwitchParameterBooleanValue("PasswordOnly")) { string dSServiceName = null; ADSessionInfo aDSessionInfo = cmdletSessionInfo.ADSessionInfo.Copy(); aDSessionInfo.Server = this.sourceServer; string distinguishedName = null; using (ADObjectSearcher aDObjectSearcher = new ADObjectSearcher(aDSessionInfo)) { try { rootDSE = aDObjectSearcher.GetRootDSE(); dSServiceName = rootDSE.DSServiceName; } catch (ADIdentityNotFoundException aDIdentityNotFoundException) { object[] objArray2 = new object[1]; objArray2[0] = this.sourceServer; throw new ADServerDownException(string.Format(CultureInfo.CurrentCulture, StringResources.SourceServerDown, objArray2), this.sourceServer); } if (!obj.IsSearchResult) { ADCmdletCache aDCmdletCache = new ADCmdletCache(); aDSessionInfo.ServerType = Utils.ADServerTypeFromRootDSE(rootDSE); CmdletSessionInfo cmdletSessionInfo1 = new CmdletSessionInfo(aDSessionInfo, rootDSE, rootDSE.DefaultNamingContext, rootDSE.DefaultNamingContext, rootDSE.DefaultNamingContext, aDSessionInfo.ServerType, aDCmdletCache, this, null, this._cmdletParameters); this._adObjectFactory.SetCmdletSessionInfo(cmdletSessionInfo1); try { directoryObjectFromIdentity = this._adObjectFactory.GetDirectoryObjectFromIdentity(obj, cmdletSessionInfo1.DefaultPartitionPath); distinguishedName = directoryObjectFromIdentity.DistinguishedName; } catch (ADIdentityNotFoundException aDIdentityNotFoundException2) { this._adObjectFactory.SetCmdletSessionInfo(cmdletSessionInfo); try { directoryObjectFromIdentity = this._adObjectFactory.GetDirectoryObjectFromIdentity(obj, cmdletSessionInfo.DefaultPartitionPath); Guid?objectGuid = directoryObjectFromIdentity.ObjectGuid; distinguishedName = string.Concat("<GUID=", objectGuid.ToString(), ">"); } catch (ADIdentityNotFoundException aDIdentityNotFoundException1) { object[] str = new object[1]; str[0] = obj.ToString(); throw new ADIdentityNotFoundException(string.Format(CultureInfo.CurrentCulture, StringResources.ObjectToReplicateNotFoundOnSource, str)); } } aDCmdletCache.Clear(); } else { distinguishedName = obj.DistinguishedName; } } ADObject aDObject = new ADObject(); aDObject.DistinguishedName = ""; string str1 = string.Concat(dSServiceName, ":", distinguishedName); if (this._cmdletParameters.GetSwitchParameterBooleanValue("PasswordOnly")) { str1 = string.Concat(str1, ":SECRETS_ONLY"); } aDObject.Add("replicateSingleObject", str1); aDObject.TrackChanges = false; using (ADActiveObject aDActiveObject = new ADActiveObject(cmdletSessionInfo.ADSessionInfo, aDObject)) { if (base.ShouldProcessOverride(obj.IdentifyingString, "Sync")) { try { aDActiveObject.Update(); } catch (ADIdentityNotFoundException aDIdentityNotFoundException3) { object[] objArray3 = new object[2]; objArray3[0] = this.sourceServer; objArray3[1] = destination; throw new ADIdentityNotFoundException(string.Format(CultureInfo.CurrentCulture, StringResources.SourceServerObjNotFoundOrObjToReplicateNotFound, objArray3)); } catch (ArgumentException argumentException1) { ArgumentException argumentException = argumentException1; Win32Exception win32Exception = new Win32Exception(0x200a); if (string.Compare(win32Exception.Message, 0, argumentException.Message, 0, win32Exception.Message.Length, StringComparison.OrdinalIgnoreCase) != 0 || string.Compare("replicateSingleObject", argumentException.ParamName, StringComparison.OrdinalIgnoreCase) != 0) { throw argumentException; } else { object[] objArray4 = new object[1]; objArray4[0] = destination; throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, StringResources.DestinationServerDoesNotSupportSynchronizingObject, objArray4)); } } if (this._cmdletParameters.GetSwitchParameterBooleanValue("PassThru")) { this._adObjectFactory.SetCmdletSessionInfo(cmdletSessionInfo); ADObject extendedObjectFromDN = this._adObjectFactory.GetExtendedObjectFromDN(distinguishedName); base.WriteObject(extendedObjectFromDN); } return(false); } else { flag = false; } } return(flag); } else { CultureInfo currentCulture = CultureInfo.CurrentCulture; string passwordOnlySwitchAllowedOnlyOnRODC = StringResources.PasswordOnlySwitchAllowedOnlyOnRODC; object[] objArray5 = new object[1]; object[] objArray6 = objArray5; int num = 0; string dNSHostName = cmdletSessionInfo.ADRootDSE.DNSHostName; int? portLDAP = cmdletSessionInfo.ADRootDSE.PortLDAP; if (!portLDAP.HasValue) { empty = string.Empty; } else { int?nullable = cmdletSessionInfo.ADRootDSE.PortLDAP; empty = string.Concat(":", nullable.ToString()); } objArray6[num] = string.Concat(dNSHostName, empty); throw new ArgumentException(string.Format(currentCulture, passwordOnlySwitchAllowedOnlyOnRODC, objArray5)); } }
internal static bool UnprotectFromAccidentalDeletion(ADObject directoryObj, CmdletSessionInfo cmdletSessionInfo) { ADObject cachedObject; bool hasValue; string value = directoryObj["distinguishedName"].Value as string; if (!directoryObj.Contains("nTSecurityDescriptor") || !directoryObj.Contains("sdRightsEffective")) { cachedObject = ProtectedFromDeletionUtil.GetCachedObject(value, ProtectedFromDeletionUtil.AttributesToFetchOnObject, cmdletSessionInfo); } else { cachedObject = directoryObj; ProtectedFromDeletionUtil.AddObjectToCache(directoryObj, cmdletSessionInfo); } if (cachedObject != null) { bool?nullable = ProtectedFromDeletionUtil.IsProtectedFromDeletion(cachedObject, cmdletSessionInfo); if (nullable.HasValue) { bool?nullable1 = nullable; if (nullable1.GetValueOrDefault()) { hasValue = false; } else { hasValue = nullable1.HasValue; } if (!hasValue) { if (Utils.HasFlagsSet((int)cachedObject["sdRightsEffective"].Value, 4)) { ActiveDirectorySecurity activeDirectorySecurity = (ActiveDirectorySecurity)cachedObject["nTSecurityDescriptor"].Value; activeDirectorySecurity.RemoveAccessRule(ProtectedFromDeletionUtil.ACEConstants.DeleteAndDeleteTreeAccessRule); if (!directoryObj.Contains("nTSecurityDescriptor")) { directoryObj.Add("nTSecurityDescriptor", activeDirectorySecurity); } else { directoryObj["nTSecurityDescriptor"].Value = activeDirectorySecurity; } return(true); } else { object[] objArray = new object[1]; objArray[0] = directoryObj["distinguishedName"].Value; throw new ADException(string.Format(CultureInfo.CurrentCulture, StringResources.InsufficientPermissionsToProtectObject, objArray)); } } else { return(false); } } else { object[] value1 = new object[1]; value1[0] = directoryObj["distinguishedName"].Value; throw new ADException(string.Format(CultureInfo.CurrentCulture, StringResources.InsufficientPermissionsToProtectObject, value1)); } } else { object[] objArray1 = new object[1]; objArray1[0] = directoryObj["distinguishedName"].Value; throw new ADException(string.Format(CultureInfo.CurrentCulture, StringResources.InsufficientPermissionsToProtectObject, objArray1)); } }
internal static bool ProtectFromAccidentalDeletion(ADObject directoryObj, CmdletSessionInfo cmdletSessionInfo) { ADObject cachedObject; string value = directoryObj["distinguishedName"].Value as string; if (!directoryObj.Contains("nTSecurityDescriptor") || !directoryObj.Contains("sdRightsEffective")) { cachedObject = ProtectedFromDeletionUtil.GetCachedObject(value, ProtectedFromDeletionUtil.AttributesToFetchOnObject, cmdletSessionInfo); } else { cachedObject = directoryObj; ProtectedFromDeletionUtil.AddObjectToCache(directoryObj, cmdletSessionInfo); } if (cachedObject == null || !cachedObject.Contains("nTSecurityDescriptor") || cachedObject["nTSecurityDescriptor"].Value == null) { object[] objArray = new object[1]; objArray[0] = directoryObj["distinguishedName"].Value; throw new ADException(string.Format(CultureInfo.CurrentCulture, StringResources.InsufficientPermissionsToProtectObject, objArray)); } else { if (ProtectedFromDeletionUtil.EveryoneDeniedDeleteAndDeleteTree(cachedObject) || Utils.HasFlagsSet((int)cachedObject["sdRightsEffective"].Value, 4)) { if (!Utils.IsNamingContext(cachedObject) && !Utils.IsDeleted(cachedObject)) { string parentPath = ADPathModule.GetParentPath(value, null, ADPathFormat.X500); ADObject aDObject = ProtectedFromDeletionUtil.GetCachedObject(parentPath, ProtectedFromDeletionUtil.AttributesToFetchOnParent, cmdletSessionInfo); if (aDObject != null && !ProtectedFromDeletionUtil.EveryoneDeniedDeleteChild(aDObject)) { if (Utils.HasFlagsSet((int)aDObject["sdRightsEffective"].Value, 4)) { ActiveDirectorySecurity activeDirectorySecurity = (ActiveDirectorySecurity)aDObject["nTSecurityDescriptor"].Value; activeDirectorySecurity.AddAccessRule(ProtectedFromDeletionUtil.ACEConstants.DeleteChildAccessRule); using (ADActiveObject aDActiveObject = new ADActiveObject(cmdletSessionInfo.ADSessionInfo, aDObject)) { aDObject.TrackChanges = true; aDObject["nTSecurityDescriptor"].Value = activeDirectorySecurity; aDActiveObject.Update(); } } else { object[] value1 = new object[2]; value1[0] = directoryObj["distinguishedName"].Value; value1[1] = aDObject["distinguishedName"].Value; throw new ADException(string.Format(CultureInfo.CurrentCulture, StringResources.InsufficientPermissionsToProtectObjectParent, value1)); } } } ActiveDirectorySecurity activeDirectorySecurity1 = (ActiveDirectorySecurity)cachedObject["nTSecurityDescriptor"].Value; if (ProtectedFromDeletionUtil.EveryoneDeniedDeleteAndDeleteTree(cachedObject)) { return(false); } else { activeDirectorySecurity1.AddAccessRule(ProtectedFromDeletionUtil.ACEConstants.DeleteAndDeleteTreeAccessRule); if (!directoryObj.Contains("nTSecurityDescriptor")) { directoryObj.Add("nTSecurityDescriptor", activeDirectorySecurity1); } else { directoryObj["nTSecurityDescriptor"].Value = activeDirectorySecurity1; } return(true); } } else { object[] objArray1 = new object[1]; objArray1[0] = directoryObj["distinguishedName"].Value; throw new ADException(string.Format(CultureInfo.CurrentCulture, StringResources.InsufficientPermissionsToProtectObject, objArray1)); } } }