private ActiveDirectoryHandlerResults CallPlan(string planName, StartPlanEnvelope planEnvelope) { IExecuteController ec = GetExecuteControllerInstance(); StartPlanEnvelope pe = planEnvelope; if (pe == null) { pe = new StartPlanEnvelope() { DynamicParameters = new Dictionary <string, string>() } } ; IEnumerable <KeyValuePair <string, string> > queryString = this.Request.GetQueryNameValuePairs(); foreach (KeyValuePair <string, string> kvp in queryString) { pe.DynamicParameters.Add(kvp.Key, kvp.Value); } object reply = ec.StartPlanSync(pe, planName, setContentType: false); ActiveDirectoryHandlerResults result = null; Type replyType = reply.GetType(); if (replyType == typeof(string)) { try { result = YamlHelpers.Deserialize <ActiveDirectoryHandlerResults>((string)reply); } catch (Exception e) { try { // Reply was not Json or Yaml. See if Xml XmlDocument doc = new XmlDocument(); doc.LoadXml((string)reply); result = XmlHelpers.Deserialize <ActiveDirectoryHandlerResults>(doc.InnerXml); } catch (Exception) { throw e; } } } else if (replyType == typeof(Dictionary <object, object>)) { String str = YamlHelpers.Serialize(reply); result = YamlHelpers.Deserialize <ActiveDirectoryHandlerResults>(str); } else if (replyType == typeof(XmlDocument)) { XmlDocument doc = (XmlDocument)reply; result = XmlHelpers.Deserialize <ActiveDirectoryHandlerResults>(doc.InnerXml); } return(result); }
public static ActiveDirectoryHandlerResults CallPlan(string planName, Dictionary <string, string> dynamicParameters = null) { object output = CallRawPlan(planName, dynamicParameters); ActiveDirectoryHandlerResults result = YamlHelpers.Deserialize <ActiveDirectoryHandlerResults>(output.ToString()); Console.WriteLine(YamlHelpers.Serialize(result)); return(result); }
public void Handler_SearchTestsSuccess() { Dictionary <string, string> parameters = new Dictionary <string, string>(); // Create Objects To Search UserPrincipal up1 = Utility.CreateUser(workspaceName); UserPrincipal up2 = Utility.CreateUser(workspaceName); UserPrincipal up3 = Utility.CreateUser(workspaceName); UserPrincipal up4 = Utility.CreateUser(workspaceName); GroupPrincipal gp1 = Utility.CreateGroup(workspaceName); GroupPrincipal gp2 = Utility.CreateGroup(workspaceName); // Search For Users Console.WriteLine($"Searching For All Users In : [{workspaceName}]"); parameters.Clear(); parameters.Add("searchbase", workspaceName); parameters.Add("filter", "(objectClass=User)"); parameters.Add("attributes", @"[ ""objectGUID"", ""objectSid"" ]"); ActiveDirectoryHandlerResults result = Utility.CallPlan("Search", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].SearchResults.Results.Count, Is.EqualTo(4)); // Search For Groups Console.WriteLine($"Searching For All Groups In : [{workspaceName}]"); parameters.Clear(); parameters.Add("searchbase", workspaceName); parameters.Add("filter", "(objectClass=Group)"); parameters.Add("attributes", @"[ ""objectGUID"", ""objectSid"" ]"); result = Utility.CallPlan("Search", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].SearchResults.Results.Count, Is.EqualTo(2)); // Check Group Membership (GetAllGroups) DirectoryServices.AddGroupToGroup(gp1.DistinguishedName, gp2.DistinguishedName); DirectoryServices.AddUserToGroup(up1.DistinguishedName, gp1.DistinguishedName); Console.WriteLine($"Searching For All Groups For User : [{up1.DistinguishedName}]"); parameters.Clear(); parameters.Add("distinguishedname", up1.DistinguishedName); result = Utility.CallPlan("GetAllGroups", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].SearchResults.Results.Count, Is.EqualTo(3)); // Delete Search Objects Utility.DeleteUser(up1.DistinguishedName); Utility.DeleteUser(up2.DistinguishedName); Utility.DeleteUser(up3.DistinguishedName); Utility.DeleteUser(up4.DistinguishedName); Utility.DeleteGroup(gp1.DistinguishedName); Utility.DeleteGroup(gp2.DistinguishedName); }
public void Handler_PurgeAccessRuleBadTarget() { String userName = $"testuser_{Utility.GenerateToken( 8 )}"; String userDistinguishedName = $"CN={userName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); Console.WriteLine($"Purging AccessRule For User [{manager.DistinguishedName}] On Target [{userDistinguishedName}] Which Should Not Exist."); parameters.Add("returnobjects", "true"); parameters.Add("identity", manager.DistinguishedName); parameters.Add("ruleidentity", userDistinguishedName); ActiveDirectoryHandlerResults result = Utility.CallPlan("PurgeAccessRulesOnUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.DoesNotExist)); Assert.That(result.Results[0].Statuses[0].Message, Contains.Substring("Can Not Be Found")); }
public void Handler_DeleteUserDoesNotExist() { String userName = $"testuser_{Utility.GenerateToken( 8 )}"; String userDistinguishedName = $"CN={userName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); Console.WriteLine($"Deleting User [{userDistinguishedName}] Which Should Not Exist."); parameters.Add("returngroupmembership", "true"); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", userDistinguishedName); ActiveDirectoryHandlerResults result = Utility.CallPlan("DeleteUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.DoesNotExist)); Assert.That(result.Results[0].Statuses[0].Message, Contains.Substring("cannot be found")); }
public void Handler_CreateUserBadDistName() { String userName = $"testuser_{Utility.GenerateToken( 8 )}"; String userDistinguishedName = $"GW={userName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); Console.WriteLine($"Create User With Bad Distinguished Name [{userDistinguishedName}]"); parameters.Add("returngroupmembership", "true"); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", userDistinguishedName); ActiveDirectoryHandlerResults result = Utility.CallPlan("CreateUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.MissingInput)); Assert.That(result.Results[0].Statuses[0].Message, Contains.Substring("Must Be A Distinguished Name")); }
public void Handler_PurgeAccessRulesBadGroup() { String groupName = $"testgroup_{Utility.GenerateToken( 8 )}"; String groupDistinguishedName = $"OU={groupName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); Console.WriteLine($"Purging AccessRules For Group [{groupDistinguishedName}] Which Should Not Exist On Target [{workspaceName}]."); parameters.Add("returnobjects", "true"); parameters.Add("identity", workspaceName); parameters.Add("ruleidentity", groupDistinguishedName); ActiveDirectoryHandlerResults result = Utility.CallPlan("PurgeAccessRulesOnOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.DoesNotExist)); Assert.That(result.Results[0].Statuses[0].Message, Contains.Substring("Can Not Be Found")); }
public void Handler_GetOrgUnitDoesNotExist() { String ouName = $"testou_{Utility.GenerateToken( 8 )}"; String ouDistinguishedName = $"OU={ouName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); Console.WriteLine($"Getting OrgUnit [{ouDistinguishedName}] Which Should Not Exist."); parameters.Add("returngroupmembership", "true"); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", ouDistinguishedName); ActiveDirectoryHandlerResults result = Utility.CallPlan("GetOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.DoesNotExist)); Assert.That(result.Results[0].Statuses[0].Message, Contains.Substring("Was Not Found")); }
public void Handler_CreateUserSimplePassword() { String userName = $"testuser_{Utility.GenerateToken( 8 )}"; String userDistinguishedName = $"CN={userName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); Console.WriteLine($"Creating User [{userDistinguishedName}] With A Simple Password."); parameters.Add("returngroupmembership", "true"); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", userDistinguishedName); parameters.Add("password", "password"); ActiveDirectoryHandlerResults result = Utility.CallPlan("CreateUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Unknown)); Assert.That(result.Results[0].Statuses[0].Message, Contains.Substring("The password does not meet the password policy requirements")); }
public void Handler_SetAccessRuleBadTarget() { String ouName = $"testou_{Utility.GenerateToken( 8 )}"; String ouDistinguishedName = $"OU={ouName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); Console.WriteLine($"Setting AccessRule For Group [{managedBy.DistinguishedName}] On Target [{ouDistinguishedName}] Which Should Not Exist."); parameters.Add("returnobjects", "true"); parameters.Add("identity", ouDistinguishedName); parameters.Add("ruleidentity", managedBy.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); ActiveDirectoryHandlerResults result = Utility.CallPlan("SetAccessRuleOnOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.DoesNotExist)); Assert.That(result.Results[0].Statuses[0].Message, Contains.Substring("Can Not Be Found")); }
public void Handler_RemoveAccessRuleBadGroup() { String groupName = $"testgroup_{Utility.GenerateToken( 8 )}"; String groupDistinguishedName = $"CN={groupName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); Console.WriteLine($"Deleting AccessRule For Group [{groupDistinguishedName}] Which Should Not Exist From Target [{managedBy.DistinguishedName}]"); parameters.Add("returnobjects", "true"); parameters.Add("identity", groupDistinguishedName); parameters.Add("ruleidentity", managedBy.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); ActiveDirectoryHandlerResults result = Utility.CallPlan("RemoveAccessRuleFromGroup", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.DoesNotExist)); Assert.That(result.Results[0].Statuses[0].Message, Contains.Substring("Can Not Be Found")); }
public void Handler_UserTestsSuccess() { String userName = $"testuser_{Utility.GenerateToken( 8 )}"; String userDistinguishedName = $"CN={userName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); // Create User Console.WriteLine($"Creating User : [{userDistinguishedName}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", userDistinguishedName); parameters.Add("userprincipalname", $"{userName}1@{DirectoryServices.GetDomain(userDistinguishedName)}"); parameters.Add("samaccountname", userName.Substring(0, 19)); parameters.Add("displayName", $"Test User {userName}"); parameters.Add("description", $"Test User {userName} Description"); parameters.Add("password", "bi@02LL49_VWQ{b"); parameters.Add("enabled", "true"); parameters.Add("accountexpirationdate", DateTime.Now.AddDays(30).ToString()); parameters.Add("smartcardlogonrequired", "true"); parameters.Add("delegationpermitted", "true"); parameters.Add("homedirectory", "Temp"); parameters.Add("scriptpath", "D:\\Temp\\Scripts\\startup.bat"); parameters.Add("passwordnotrequired", "false"); parameters.Add("passwordneverexpires", "true"); parameters.Add("usercannotchangepassword", "false"); parameters.Add("allowreversiblepasswordencryption", "true"); parameters.Add("homedrive", "D"); parameters.Add("givenname", "Test"); parameters.Add("middlename", "Bartholomew"); parameters.Add("surname", "User"); parameters.Add("emailaddress", "*****@*****.**"); parameters.Add("voicetelephonenumber", "713-555-1212"); parameters.Add("employeeid", "42"); // Add Properties parameters.Add("initials", @"[ ""TBU"" ]"); parameters.Add("physicaldeliveryofficename", @"[ ""Company Plaza 2"" ]"); parameters.Add("othertelephone", @"[ ""713-555-1313"", ""7135551414"", ""713-555-1515"" ]"); parameters.Add("wwwhomepage", @"[ ""http://www.google.com"" ]"); parameters.Add("url", @"[ ""http://www.bing.com"", ""http://www.altavista.com"", ""http://www.cnn.com"", ""http://www.fakenews.fox.com"" ]"); parameters.Add("logonworkstation", @"[ ""Workstation001"" ]"); parameters.Add("userworkstations", @"[ ""Workstation002"" ]"); parameters.Add("c", @"[ ""US"" ]"); parameters.Add("l", @"[ ""Translyvania"" ]"); parameters.Add("st", @"[ ""Louisiana"" ]"); parameters.Add("streetaddress", @"[ ""13119 US-65"" ]"); parameters.Add("postofficebox", @"[ ""666"" ]"); parameters.Add("postalcode", @"[ ""71286"" ]"); parameters.Add("co", @"[ ""United States"" ]"); parameters.Add("countrycode", @"[ ""840"" ]"); parameters.Add("title", @"[ ""Laboratory Assistant"" ]"); parameters.Add("department", @"[ ""Vampire Studies"" ]"); parameters.Add("company", @"[ ""True Blood Inc."" ]"); parameters.Add("manager", $"[ \"{manager.DistinguishedName}\" ]"); parameters.Add("profilepath", @"[ ""D:\\Temp\\ProfilePath"" ]"); parameters.Add("homephone", @"[ ""832-555-1212"" ]"); parameters.Add("otherhomephone", @"[ ""832-555-1313"", ""832-555-1414"" ]"); parameters.Add("pager", @"[ ""281-555-1212"" ]"); parameters.Add("otherpager", @"[ ""281-555-1313"", ""281-555-1414"", ""281-555-1515"" ]"); parameters.Add("mobile", @"[ ""346-555-1212"" ]"); parameters.Add("othermobile", @"[ ""346-555-1313"" ]"); parameters.Add("facsimiletelephonenumber", @"[ ""318-555-1111"" ]"); parameters.Add("otherfacsimiletelephonenumber", @"[ ""318-555-2222"", ""318-555-3333"", ""318-555-4444"" ]"); parameters.Add("ipphone", @"[ ""504-555-1111"" ]"); parameters.Add("otheripphone", @"[ ""504-555-2222"", ""504-555-3333"" ]"); parameters.Add("info", @"[ ""Keep Out Of Direct Sunlight"" ]"); parameters.Add("lockouttime", $"[ \"0\" ]"); ActiveDirectoryHandlerResults result = Utility.CallPlan("CreateUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.DistinguishedName, Is.EqualTo(userDistinguishedName)); Assert.That(result.Results[0].User.Properties["st"][0], Is.EqualTo("Louisiana")); Assert.That(result.Results[0].User.Groups, Is.Not.Null); Assert.That(result.Results[0].User.AccessRules, Is.Not.Null); string userPrincipalName = result.Results[0].User.UserPrincipalName; string samAccountName = result.Results[0].User.SamAccountName; string sid = result.Results[0].User.Sid; string guid = result.Results[0].User.Guid.ToString(); // Get User By Name Console.WriteLine($"Getting User By Name : [{userName}]"); parameters.Clear(); parameters.Add("returngroupmembership", "false"); parameters.Add("returnaccessrules", "false"); parameters.Add("returnobjectproperties", "false"); parameters.Add("returnobjects", "false"); parameters.Add("identity", userName); result = Utility.CallPlan("GetUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User, Is.Null); // Get User By DistinguishedName Console.WriteLine($"Getting User By DistinguishedName : [{userDistinguishedName}]"); parameters.Clear(); parameters.Add("returngroupmembership", "false"); parameters.Add("returnaccessrules", "false"); parameters.Add("returnobjectproperties", "false"); parameters.Add("returnobjects", "true"); parameters.Add("identity", userDistinguishedName); result = Utility.CallPlan("GetUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.Groups, Is.Null); Assert.That(result.Results[0].User.AccessRules, Is.Null); Assert.That(result.Results[0].User.Properties, Is.Null); // Get User By UserPrincipalName Console.WriteLine($"Getting User By UserPrincipalName : [{userPrincipalName}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("returnaccessrules", "true"); parameters.Add("returnobjectproperties", "true"); parameters.Add("returnobjects", "true"); parameters.Add("identity", userPrincipalName); result = Utility.CallPlan("GetUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.Groups, Is.Not.Null); Assert.That(result.Results[0].User.AccessRules, Is.Not.Null); Assert.That(result.Results[0].User.Properties, Is.Not.Null); // Get User By SamAccountName Console.WriteLine($"Getting User By SamAccountName : [{samAccountName}]"); parameters.Clear(); parameters.Add("identity", samAccountName); result = Utility.CallPlan("GetUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User, Is.Not.Null); Assert.That(result.Results[0].User.SamAccountName, Is.EqualTo(samAccountName)); // Get User By Sid Console.WriteLine($"Getting User By SecurityId : [{sid}]"); parameters.Clear(); parameters.Add("identity", sid); result = Utility.CallPlan("GetUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User, Is.Not.Null); Assert.That(result.Results[0].User.Sid, Is.EqualTo(sid)); // Get User By Guid Console.WriteLine($"Getting User By Guid : [{guid}]"); parameters.Clear(); parameters.Add("identity", guid); result = Utility.CallPlan("GetUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User, Is.Not.Null); Assert.That(result.Results[0].User.Guid.ToString(), Is.EqualTo(guid)); // Modify User Console.WriteLine($"Modifying User"); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", userDistinguishedName); parameters.Add("employeeid", "84"); parameters.Add("manager", $"[ \"~null~\" ]"); parameters.Add("otheripphone", @"[ ""504-555-7777"", ""~null~"", ""504-555-8888"" ]"); result = Utility.CallPlan("ModifyUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.EmployeeId, Is.EqualTo("84")); Assert.That(result.Results[0].User.Properties.ContainsKey("manager"), Is.False); Assert.That(result.Results[0].User.Properties.ContainsKey("otheripphone"), Is.False); // AccessRules int initialRuleCount = result.Results[0].User.AccessRules.Count; // Add Access Rule Console.WriteLine($"Add Access Rule To User [{userDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", userDistinguishedName); parameters.Add("ruleidentity", manager.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("AddAccessRuleToUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.AccessRules.Count, Is.EqualTo(initialRuleCount + 1)); // Remove Access Rule Console.WriteLine($"Remove Access Rule From User [{userDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", userDistinguishedName); parameters.Add("ruleidentity", manager.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("RemoveAccessRuleFromUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.AccessRules.Count, Is.EqualTo(initialRuleCount)); // Set Access Rule Console.WriteLine($"Set Access Rule On User [{userDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", userDistinguishedName); parameters.Add("ruleidentity", manager.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("SetAccessRuleOnUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.AccessRules.Count, Is.EqualTo(initialRuleCount + 1)); // Purge Access Rule Console.WriteLine($"Purge Access Rules On User [{userDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", userDistinguishedName); parameters.Add("ruleidentity", manager.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("PurgeAccessRulesOnUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.AccessRules.Count, Is.EqualTo(initialRuleCount)); // Delete User Console.WriteLine($"Deleting User"); parameters.Clear(); parameters.Add("identity", userDistinguishedName); result = Utility.CallPlan("DeleteUser", parameters); Assert.That(result.Results[0].Statuses[0].Status, Is.EqualTo(AdStatusType.Success)); }
public void Handler_OrgUnitTestsSuccess() { String ouName = $"testorgunit_{Utility.GenerateToken( 8 )}"; String ouDistinguishedName = $"OU={ouName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); // Create OrgUnit Console.WriteLine($"Creating OrgUnit : [{ouDistinguishedName}]"); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", ouDistinguishedName); parameters.Add("description", $"Test OrgUnit {ouName} Description"); parameters.Add("managedby", managedBy.Name); // Add Properties Dictionary <string, string[]> properties = new Dictionary <string, string[]>(); properties.Add("c", new string[] { "US" }); properties.Add("l", new string[] { "Translyvania" }); properties.Add("st", new string[] { "Louisiana" }); properties.Add("street", new string[] { "13119 US-65" }); properties.Add("postalcode", new string[] { "71286" }); properties.Add("co", new string[] { "United States" }); properties.Add("countrycode", new string[] { "840" }); parameters.Add("properties", YamlHelpers.Serialize(properties, true, false)); ActiveDirectoryHandlerResults result = Utility.CallPlan("CreateOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].OrganizationalUnit.DistinguishedName, Is.EqualTo(ouDistinguishedName)); Assert.That(result.Results[0].OrganizationalUnit.Properties["postalCode"][0], Is.EqualTo("71286")); Assert.That(result.Results[0].OrganizationalUnit.Properties["managedBy"][0], Is.EqualTo(managedBy.DistinguishedName)); Assert.That(result.Results[0].OrganizationalUnit.AccessRules, Is.Not.Null); string guid = result.Results[0].OrganizationalUnit.Guid.ToString(); int initialRuleCount = result.Results[0].OrganizationalUnit.AccessRules.Count; // Get OrgUnit By Name Console.WriteLine($"Getting OrgUnit By Name : [{ouName}]"); parameters.Clear(); parameters.Add("returnaccessrules", "false"); parameters.Add("returnobjectproperties", "false"); parameters.Add("returnobjects", "false"); parameters.Add("identity", ouName); result = Utility.CallPlan("GetOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].OrganizationalUnit, Is.Null); // Get OrgUnit By DistinguishedName Console.WriteLine($"Getting OrgUnit By DistinguishedName : [{ouDistinguishedName}]"); parameters.Clear(); parameters.Add("returnaccessrules", "false"); parameters.Add("returnobjectproperties", "false"); parameters.Add("returnobjects", "true"); parameters.Add("identity", ouDistinguishedName); result = Utility.CallPlan("GetOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].OrganizationalUnit.AccessRules, Is.Null); Assert.That(result.Results[0].OrganizationalUnit.Properties, Is.Null); // Get OrgUnit By Guid Console.WriteLine($"Getting OrgUnit By Guid : [{guid}]"); parameters.Clear(); parameters.Add("identity", guid); result = Utility.CallPlan("GetOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].OrganizationalUnit, Is.Not.Null); Assert.That(result.Results[0].OrganizationalUnit.Guid.ToString(), Is.EqualTo(guid)); // Modify OrgUnit Console.WriteLine($"Modifying OrgUnit"); parameters.Clear(); parameters.Add("identity", ouDistinguishedName); parameters.Add("managedby", $"~null~"); properties.Clear(); properties.Add("postalcode", new string[] { "90210" }); parameters.Add("properties", YamlHelpers.Serialize(properties, true, false)); result = Utility.CallPlan("ModifyOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].OrganizationalUnit.Properties.ContainsKey("managedBy"), Is.False); Assert.That(result.Results[0].OrganizationalUnit.Properties["postalCode"][0], Is.EqualTo("90210")); // Add Access Rule Console.WriteLine($"Add Access Rule To OrgUnit [{ouDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", ouDistinguishedName); parameters.Add("ruleidentity", managedBy.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("AddAccessRuleToOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].OrganizationalUnit.AccessRules.Count, Is.EqualTo(initialRuleCount + 1)); // Remove Access Rule Console.WriteLine($"Remove Access Rule From OrgUnit [{ouDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", ouDistinguishedName); parameters.Add("ruleidentity", managedBy.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("RemoveAccessRuleFromOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].OrganizationalUnit.AccessRules.Count, Is.EqualTo(initialRuleCount)); // Set Access Rule Console.WriteLine($"Set Access Rule On OrgUnit [{ouDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", ouDistinguishedName); parameters.Add("ruleidentity", managedBy.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("SetAccessRuleOnOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].OrganizationalUnit.AccessRules.Count, Is.EqualTo(initialRuleCount + 1)); // Purge Access Rule Console.WriteLine($"Purge Access Rules On OrgUnit [{ouDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", ouDistinguishedName); parameters.Add("ruleidentity", managedBy.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("PurgeAccessRulesOnOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].OrganizationalUnit.AccessRules.Count, Is.EqualTo(initialRuleCount)); // Delete OrgUnit Console.WriteLine($"Deleting Group"); parameters.Clear(); parameters.Add("identity", ouDistinguishedName); result = Utility.CallPlan("DeleteOrgUnit", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); }
public void Handler_GroupTestsSuccess() { String groupName = $"testgroup_{Utility.GenerateToken( 8 )}"; String groupDistinguishedName = $"CN={groupName},{workspaceName}"; Dictionary <string, string> parameters = new Dictionary <string, string>(); // Create Group Console.WriteLine($"Creating Group : [{groupDistinguishedName}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", groupDistinguishedName); parameters.Add("scope", "Universal"); parameters.Add("description", $"Test Group {groupName} Description"); parameters.Add("securitygroup", "true"); parameters.Add("samaccountname", groupName.Substring(0, 19)); parameters.Add("managedby", managedBy.Name); Dictionary <string, string[]> properties = new Dictionary <string, string[]>(); properties.Add("displayName", new string[] { groupName }); properties.Add("mail", new string[] { $"{groupName}@company.com" }); properties.Add("info", new string[] { $"Random Notes Here." }); parameters.Add("properties", YamlHelpers.Serialize(properties, true, false)); ActiveDirectoryHandlerResults result = Utility.CallPlan("CreateGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.DistinguishedName, Is.EqualTo(groupDistinguishedName)); Assert.That(result.Results[0].Group.Groups, Is.Not.Null); Assert.That(result.Results[0].Group.AccessRules, Is.Not.Null); string samAccountName = result.Results[0].Group.SamAccountName; string sid = result.Results[0].Group.Sid; string guid = result.Results[0].Group.Guid.ToString(); // Get Group By Name Console.WriteLine($"Getting Group By Name : [{groupName}]"); parameters.Clear(); parameters.Add("returngroupmembership", "false"); parameters.Add("returnaccessrules", "false"); parameters.Add("returnobjectproperties", "false"); parameters.Add("returnobjects", "false"); parameters.Add("identity", groupName); result = Utility.CallPlan("GetGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group, Is.Null); // Get Group By DistinguishedName Console.WriteLine($"Getting Group By DistinguishedName : [{groupDistinguishedName}]"); parameters.Clear(); parameters.Add("returngroupmembership", "false"); parameters.Add("returnaccessrules", "false"); parameters.Add("returnobjectproperties", "false"); parameters.Add("returnobjects", "true"); parameters.Add("identity", groupDistinguishedName); result = Utility.CallPlan("GetGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.Groups, Is.Null); Assert.That(result.Results[0].Group.AccessRules, Is.Null); Assert.That(result.Results[0].Group.Properties, Is.Null); // Get Group By SamAccountName Console.WriteLine($"Getting Group By SamAccountName : [{samAccountName}]"); parameters.Clear(); parameters.Add("identity", samAccountName); result = Utility.CallPlan("GetGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group, Is.Not.Null); Assert.That(result.Results[0].Group.SamAccountName, Is.EqualTo(samAccountName)); // Get Group By Sid Console.WriteLine($"Getting Group By SecurityId : [{sid}]"); parameters.Clear(); parameters.Add("identity", sid); result = Utility.CallPlan("GetGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group, Is.Not.Null); Assert.That(result.Results[0].Group.Sid, Is.EqualTo(sid)); // Get Group By Guid Console.WriteLine($"Getting Group By Guid : [{guid}]"); parameters.Clear(); parameters.Add("identity", guid); result = Utility.CallPlan("GetGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group, Is.Not.Null); Assert.That(result.Results[0].Group.Guid.ToString(), Is.EqualTo(guid)); // Modify Group Console.WriteLine($"Modifying Group"); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", groupDistinguishedName); parameters.Add("managedby", $"~null~"); parameters.Add("scope", "Global"); properties.Clear(); properties.Add("info", new string[] { $"Hello World" }); parameters.Add("properties", YamlHelpers.Serialize(properties, true, false)); result = Utility.CallPlan("ModifyGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.Properties.ContainsKey("managedBy"), Is.False); Assert.That(result.Results[0].Group.GroupScope.ToString(), Is.EqualTo("Global")); Assert.That(result.Results[0].Group.Properties["info"][0], Is.EqualTo("Hello World")); // AccessRules int initialRuleCount = result.Results[0].Group.AccessRules.Count; // Add Access Rule Console.WriteLine($"Add Access Rule To Group [{groupDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", groupDistinguishedName); parameters.Add("ruleidentity", managedBy.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("AddAccessRuleToGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.AccessRules.Count, Is.EqualTo(initialRuleCount + 1)); // Remove Access Rule Console.WriteLine($"Remove Access Rule From Group [{groupDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", groupDistinguishedName); parameters.Add("ruleidentity", managedBy.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("RemoveAccessRuleFromGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.AccessRules.Count, Is.EqualTo(initialRuleCount)); // Set Access Rule Console.WriteLine($"Set Access Rule On Group [{groupDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", groupDistinguishedName); parameters.Add("ruleidentity", managedBy.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("SetAccessRuleOnGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.AccessRules.Count, Is.EqualTo(initialRuleCount + 1)); // Purge Access Rule Console.WriteLine($"Purge Access Rules On Group [{groupDistinguishedName}]."); parameters.Clear(); parameters.Add("returnaccessrules", "true"); parameters.Add("identity", groupDistinguishedName); parameters.Add("ruleidentity", managedBy.DistinguishedName); parameters.Add("ruletype", "Allow"); parameters.Add("rulerights", "GenericAll"); result = Utility.CallPlan("PurgeAccessRulesOnGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.AccessRules.Count, Is.EqualTo(initialRuleCount)); // Delete Group Console.WriteLine($"Deleting Group"); parameters.Clear(); parameters.Add("identity", groupDistinguishedName); result = Utility.CallPlan("DeleteGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); }
public void Handler_GroupManagementTestsSuccess() { Dictionary <string, string> parameters = new Dictionary <string, string>(); // Users UserPrincipal user = Utility.CreateUser(workspaceName); UserPrincipalObject upo = DirectoryServices.GetUser(user.DistinguishedName, true, false, false); int initialCount = upo.Groups.Count; // Add User To Group Console.WriteLine($"Adding User [{user.Name}] To Group [{targetGroup.Name}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("identity", user.DistinguishedName); parameters.Add("memberof", targetGroup.DistinguishedName); ActiveDirectoryHandlerResults result = Utility.CallPlan("AddUserToGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.Groups.Count, Is.EqualTo(initialCount + 1)); // Remove User From Group Console.WriteLine($"Removing User [{user.Name}] From Group [{targetGroup.Name}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("identity", user.DistinguishedName); parameters.Add("memberof", targetGroup.DistinguishedName); result = Utility.CallPlan("RemoveUserFromGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].User.Groups.Count, Is.EqualTo(initialCount)); Utility.DeleteUser(user.DistinguishedName); // Groups GroupPrincipal group = Utility.CreateGroup(workspaceName); GroupPrincipalObject gpo = DirectoryServices.GetGroup(group.DistinguishedName, true, false, false); initialCount = gpo.Groups.Count; // Add Group To Group Console.WriteLine($"Adding Group [{group.Name}] To Group [{targetGroup.Name}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("identity", group.DistinguishedName); parameters.Add("memberof", targetGroup.DistinguishedName); result = Utility.CallPlan("AddGroupToGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.Groups.Count, Is.EqualTo(initialCount + 1)); // Remove Group From Group Console.WriteLine($"Removing Group [{group.Name}] From Group [{targetGroup.Name}]"); parameters.Clear(); parameters.Add("returngroupmembership", "true"); parameters.Add("identity", group.DistinguishedName); parameters.Add("memberof", targetGroup.DistinguishedName); result = Utility.CallPlan("RemoveGroupFromGroup", parameters); Assert.That(result.Results[0].Statuses[0].StatusId, Is.EqualTo(AdStatusType.Success)); Assert.That(result.Results[0].Group.Groups.Count, Is.EqualTo(initialCount)); Utility.DeleteGroup(group.DistinguishedName); }
private ActiveDirectoryHandlerResults CallPlan(string planName, StartPlanEnvelope planEnvelope) { IExecuteController ec = GetExecuteControllerInstance(); StartPlanEnvelope pe = planEnvelope; if (pe == null) { pe = new StartPlanEnvelope() { DynamicParameters = new Dictionary <string, string>() } } ; // Add Query String values into Plan Envelope Exactly As Provided IEnumerable <KeyValuePair <string, string> > queryString = this.Request.GetQueryNameValuePairs(); foreach (KeyValuePair <string, string> kvp in queryString) { pe.DynamicParameters.Add(kvp.Key, kvp.Value); } object reply = ec.StartPlanSync(pe, planName, setContentType: false); ActiveDirectoryHandlerResults result = null; Type replyType = reply.GetType(); if (replyType == typeof(Dictionary <object, object>)) { String str = YamlHelpers.Serialize(reply); result = YamlHelpers.Deserialize <ActiveDirectoryHandlerResults>(str); } else if (replyType == typeof(XmlDocument)) { XmlDocument doc = (XmlDocument)reply; result = XmlHelpers.Deserialize <ActiveDirectoryHandlerResults>(doc.InnerXml); } else { try { result = YamlHelpers.Deserialize <ActiveDirectoryHandlerResults>(reply.ToString()); } catch (Exception) { try { // Reply was not Json or Yaml. See if Xml XmlDocument doc = new XmlDocument(); doc.LoadXml(reply.ToString()); result = XmlHelpers.Deserialize <ActiveDirectoryHandlerResults>(doc.InnerXml); } catch (Exception) { // Reply was of unknown type. Put Raw Output In Return Object result = new ActiveDirectoryHandlerResults(); ActiveDirectoryObjectResult error = new ActiveDirectoryObjectResult(); ActiveDirectoryStatus status = new ActiveDirectoryStatus(); status.StatusId = AdStatusType.NotSupported; status.Message = $"Unable To Parse ObjectType [{replyType}]."; status.ActionId = ActionType.None; error.Statuses.Add(status); error.TypeId = AdObjectType.None; error.Object = reply; result.Add(error); } } } return(result); }