public void Delete_NonExistingCAProd_ShouldReturnErrorAndResult() { // Arrange. var controller = new ComputersController(); controller.Request = HttpRequestHandler.GenerateHttpRequestMessage(); string serverName = TestConstants.NonExistingComputerAccountToDeleteProd; string environment = TestConstants.ProductionEnvironment; string projectName = TestConstants.ExistingOrganizationalUnitProd; string siteName = TestConstants.SitePrimary; var caRequest = new ComputerAccountRequest() { serverName = serverName, environment = environment, projectName = projectName, siteName = siteName }; var expected = ComputerAccountResultGenerator.GenerateResultForNonExistingCADeleteProd(siteName); // Act. var result = controller.Delete(serverName, TestConstants.checkpointAdminAcccessToken); // Assert. Assert.IsNotNull(result); var caResult = result.Content.ReadAsAsync <ComputerAccountResult>().Result; Assert.AreEqual(expected.action, caResult.action); Assert.AreEqual(expected.message, caResult.message); Assert.AreEqual(expected.objectADPath, caResult.objectADPath); Assert.AreEqual(expected.serverName, caResult.serverName); }
public void Post_NewCAInNewOUProd_ShouldReturnSuccessAndResult() { // Arrange. var controller = new ComputersController(); controller.Request = HttpRequestHandler.GenerateHttpRequestMessage(); string serverName = TestConstants.NewComputerAccountProd; string environment = TestConstants.ProductionEnvironment; string projectName = TestConstants.NewOrganizationalUnitProd; string siteName = TestConstants.SitePrimary; var caRequest = new ComputerAccountRequest() { serverName = serverName, environment = environment, projectName = projectName, siteName = siteName }; var expected = ComputerAccountResultGenerator.GenerateResultForNewCAInProd(true, siteName); // Act. var result = controller.Post(TestConstants.checkpointAdminAcccessToken, caRequest); // Cleanup. ActiveDirectory.DeleteOrganizationalUnitTreeVoid(environment, projectName); // Assert. Assert.IsNotNull(result); var caResult = result.Content.ReadAsAsync <ComputerAccountResult>().Result; Assert.AreEqual(expected.action, caResult.action); Assert.AreEqual(expected.message, caResult.message); Assert.AreEqual(expected.objectADPath, caResult.objectADPath); Assert.AreEqual(expected.serverName, caResult.serverName); }
public HttpResponseMessage Post([FromUri] string accessToken, [FromBody] ComputerAccountRequest caRequest) { bool isAuth = CheckpointAuth.CheckCheckpointToken(accessToken); HttpResponseMessage response = new HttpResponseMessage(); ComputerAccountResult result = new ComputerAccountResult(); if (isAuth) { if (caRequest.serverName.Length > 15) { result.action = "create"; result.message = "Computer Account name longer than 15 characters."; result.serverName = caRequest.serverName; response = Request.CreateResponse(HttpStatusCode.BadRequest, result); } else { result = ActiveDirectory.CreateComputerAccount(caRequest); response = Request.CreateResponse(HttpStatusCode.OK, result); } } else { result.action = "create"; result.message = "Invalid token."; result.serverName = caRequest.serverName; response = Request.CreateResponse(HttpStatusCode.Forbidden, result); } return(response); }
private static DirectoryEntry GetDirectoryEntryBySite(ComputerAccountRequest request) { // Creating DirectoryEntry. DirectoryEntry adSiteRoot; // Determining selected environment for computer accoount. if (request.environment.ToLower() == "production") { // Determining selected site for computer accoount. switch (request.siteName.ToLower()) { case "SITE1": adSiteRoot = new DirectoryEntry($"LDAP://[DIRECTORY_PATH]"); break; case "SITE2": adSiteRoot = new DirectoryEntry($"[DIRECTORY_PATH]"); break; case "SITE3": adSiteRoot = new DirectoryEntry($"[DIRECTORY_PATH]"); break; case "SITE4": adSiteRoot = new DirectoryEntry($"[DIRECTORY_PATH]"); break; case "SITE5": adSiteRoot = new DirectoryEntry($"[DIRECTORY_PATH]"); break; default: adSiteRoot = null; break; } } else if (request.environment.ToLower() == "test") { // Determining selected site for computer accoount. switch (request.siteName.ToLower()) { case "SITE1": adSiteRoot = new DirectoryEntry($"LDAP://[DIRECTORY_PATH]"); break; case "SITE2": adSiteRoot = new DirectoryEntry($"LDAP://[DIRECTORY_PATH]"); break; case "SITE3": adSiteRoot = new DirectoryEntry($"LDAP://[DIRECTORY_PATH]"); break; case "SITE4": adSiteRoot = new DirectoryEntry($"LDAP://[DIRECTORY_PATH]"); break; case "SITE5": adSiteRoot = new DirectoryEntry($"LDAP://[DIRECTORY_PATH]"); break; default: adSiteRoot = null; break; } } else { adSiteRoot = null; } return(adSiteRoot); }
/// <summary> /// This method receives a ComputerAccountRequest object containing the server name, /// The site name and the project name and creates the computer account, a new OU /// will be created if necessary. /// </summary> /// <param name="request">A ComputerAccountRequest object containing the server name, /// the site name and the project name.</param> public static void CreateComputerAccountVoid(ComputerAccountRequest request) { // Set up the result object. ComputerAccountResult result = new ComputerAccountResult() { action = "create", message = string.Empty, serverName = request.serverName, objectADPath = string.Empty }; // Set up domain context. PrincipalContext pc = new PrincipalContext(ContextType.Domain, Domain); // Check if an existing computer account exists in AD. ComputerPrincipal computer = ComputerPrincipal.FindByIdentity(pc, request.serverName); // Creating DirectoryEntry object. DirectoryEntry adSiteRoot; DirectoryEntry newOU; DirectoryEntry newCA; while (computer != null) { computer = ComputerPrincipal.FindByIdentity(pc, request.serverName); } if (computer == null) { // No such computer account, creating. // Initializing DirectoryEntry object. adSiteRoot = GetDirectoryEntryBySite(request); if (adSiteRoot == null) { result.message = "Invalid site/environment provided."; result.objectADPath = string.Empty; } else { // Generating path of the target OU by project name. newOU = adSiteRoot.Children.Add($"OU={request.projectName}", "OrganizationalUnit"); // Checking if the OU already exists. if (!DirectoryEntry.Exists(newOU.Path)) { // OU doesn't exist, Creating new OU for the Computer Account. newOU.CommitChanges(); } // Creating new Computer Account in the OU. newCA = newOU.Children.Add($"CN={request.serverName}", "computer"); // Applying Server Name in uppercase as the sAMAccountName because by default AD generates a random // GUID for new servers. // Adding a trailing $ due to pre-windows 2000 server name requirements. newCA.Properties["sAMAccountName"].Value = request.serverName.ToUpper() + "$"; // Defining the properties PASSWD_NOTREQD and WORKSTATION_TRUST_ACCOUNT. newCA.Properties["userAccountControl"].Value = 0x1020; newCA.CommitChanges(); result.message = "Computer Account created successfully."; result.objectADPath = newCA.Path; } } else { // Computer already exists in AD. result.message = "Computer Account already exists."; result.objectADPath = computer.DistinguishedName; } }