public void UpdateGroupPrincipal(GroupPrincipal group)
{
if (this.SamAccountName != null)
{
group.SamAccountName = SetValueOrNull(this.SamAccountName);
}
if (this.Description != null)
{
group.Description = SetValueOrNull(this.Description);
}
if (this.IsSecurityGroup != null)
{
group.IsSecurityGroup = this.IsSecurityGroup;
}
if (this.Scope != null)
{
group.GroupScope = this.Scope;
}
// Get DistinguishedName from User or Group Identity for ManagedBy Property
if (this.ManagedBy != null && group.GetUnderlyingObjectType() == typeof(DirectoryEntry))
{
String distinguishedName = DirectoryServices.GetDistinguishedName(this.ManagedBy);
if (distinguishedName == null)
{
distinguishedName = this.ManagedBy; // Cant' Find As User Or Group, Pass Raw Value (Might Be ~null~)
}
DirectoryServices.SetProperty((DirectoryEntry)group.GetUnderlyingObject(), "managedby", distinguishedName);
}
if (group.GetUnderlyingObjectType() == typeof(DirectoryEntry) && this.Properties?.Count > 0)
{
DirectoryServices.SetProperties((DirectoryEntry)group.GetUnderlyingObject(), this.Properties);
}
}
public void UpdateUserPrincipal(UserPrincipal user)
{
if (this.UserPrincipalName != null)
{
user.UserPrincipalName = SetValueOrNull(this.UserPrincipalName);
}
if (this.SamAccountName != null)
{
user.SamAccountName = SetValueOrNull(this.SamAccountName);
}
if (this.DisplayName != null)
{
user.DisplayName = SetValueOrNull(this.DisplayName);
}
if (this.Description != null)
{
user.Description = SetValueOrNull(this.Description);
}
if (this.Enabled != null)
{
user.Enabled = this.Enabled;
}
if (this.PermittedLogonTimes != null)
{
user.PermittedLogonTimes = this.PermittedLogonTimes;
}
if (this.AccountExpirationDate != null)
{
user.AccountExpirationDate = this.AccountExpirationDate;
}
if (this.SmartcardLogonRequired.HasValue)
{
user.SmartcardLogonRequired = this.SmartcardLogonRequired.Value;
}
if (this.DelegationPermitted.HasValue)
{
user.DelegationPermitted = this.DelegationPermitted.Value;
}
if (this.HomeDirectory != null)
{
user.HomeDirectory = SetValueOrNull(this.HomeDirectory);
}
if (this.ScriptPath != null)
{
user.ScriptPath = SetValueOrNull(this.ScriptPath);
}
if (this.PasswordNotRequired.HasValue)
{
user.PasswordNotRequired = this.PasswordNotRequired.Value;
}
if (this.PasswordNeverExpires.HasValue)
{
user.PasswordNeverExpires = this.PasswordNeverExpires.Value;
}
if (this.UserCannotChangePassword.HasValue)
{
user.UserCannotChangePassword = this.UserCannotChangePassword.Value;
}
if (this.AllowReversiblePasswordEncryption.HasValue)
{
user.AllowReversiblePasswordEncryption = this.AllowReversiblePasswordEncryption.Value;
}
if (this.HomeDrive != null)
{
user.HomeDrive = SetValueOrNull(this.HomeDrive);
}
if (this.GivenName != null)
{
user.GivenName = SetValueOrNull(this.GivenName);
}
if (this.MiddleName != null)
{
user.MiddleName = SetValueOrNull(this.MiddleName);
}
if (this.Surname != null)
{
user.Surname = (this.Surname == "") ? null : this.Surname;
}
if (this.EmailAddress != null)
{
user.EmailAddress = SetValueOrNull(this.EmailAddress);
}
if (this.VoiceTelephoneNumber != null)
{
user.VoiceTelephoneNumber = SetValueOrNull(this.VoiceTelephoneNumber);
}
if (this.EmployeeId != null)
{
user.EmployeeId = SetValueOrNull(this.EmployeeId);
}
if (this.Password != null)
{
user.SetPassword(Password);
}
if (this.Manager != null && user.GetUnderlyingObjectType() == typeof(DirectoryEntry))
{
String distinguishedName = DirectoryServices.GetDistinguishedName(this.Manager);
if (distinguishedName == null)
{
distinguishedName = this.Manager; // Cant' Find As User Or Group, Pass Raw Value (Might Be ~null~)
}
DirectoryServices.SetProperty((DirectoryEntry)user.GetUnderlyingObject(), "manager", distinguishedName);
}
if (this.Properties?.Count > 0)
{
if (user.GetUnderlyingObjectType() == typeof(DirectoryEntry))
{
DirectoryServices.SetProperties((DirectoryEntry)user.GetUnderlyingObject(), this.Properties);
}
}
}
private void ProcessModify(AdObject obj, bool returnObject = true)
{
ActiveDirectoryObjectResult result = new ActiveDirectoryObjectResult()
{
Type = obj.Type,
Identity = obj.Identity
};
ActiveDirectoryStatus status = new ActiveDirectoryStatus()
{
Action = config.Action,
Status = AdStatusType.Success,
Message = "Success",
};
try
{
string statusAction = "Modified";
switch (obj.Type)
{
case AdObjectType.User:
AdUser user = (AdUser)obj;
UserPrincipal up = null;
if (config.UseUpsert && !DirectoryServices.IsExistingUser(obj.Identity))
{
if (DirectoryServices.IsDistinguishedName(obj.Identity))
{
String path = DirectoryServices.GetParentPath(obj.Identity);
roleManager.CanPerformActionOrException(requestUser, ActionType.Create, path);
up = user.CreateUserPrincipal();
statusAction = "Created";
}
else
{
throw new AdException($"Identity [{obj.Identity}] Must Be A Distinguished Name For User Creation.", AdStatusType.MissingInput);
}
}
else
{
roleManager.CanPerformActionOrException(requestUser, ActionType.Modify, obj.Identity);
up = DirectoryServices.GetUserPrincipal(obj.Identity);
if (up == null)
{
throw new AdException($"User [{obj.Identity}] Not Found.", AdStatusType.DoesNotExist);
}
user.UpdateUserPrincipal(up);
}
DirectoryServices.SaveUser(up, isDryRun);
OnLogMessage("ProcessModify", obj.Type + " [" + obj.Identity + "] " + statusAction + ".");
if (user.Groups != null)
{
ProcessGroupAdd(user, false);
}
result.Statuses.Add(status);
break;
case AdObjectType.Group:
AdGroup group = (AdGroup)obj;
GroupPrincipal gp = null;
if (config.UseUpsert && !DirectoryServices.IsExistingGroup(obj.Identity))
{
if (DirectoryServices.IsDistinguishedName(obj.Identity))
{
String path = DirectoryServices.GetParentPath(obj.Identity);
roleManager.CanPerformActionOrException(requestUser, ActionType.Create, path);
gp = group.CreateGroupPrincipal();
statusAction = "Created";
}
else
{
throw new AdException($"Identity [{obj.Identity}] Must Be A Distinguished Name For Group Creation.", AdStatusType.MissingInput);
}
}
else
{
roleManager.CanPerformActionOrException(requestUser, ActionType.Modify, obj.Identity);
gp = DirectoryServices.GetGroupPrincipal(obj.Identity);
if (gp == null)
{
throw new AdException($"Group [{obj.Identity}] Not Found.", AdStatusType.DoesNotExist);
}
group.UpdateGroupPrincipal(gp);
}
DirectoryServices.SaveGroup(gp, isDryRun);
OnLogMessage("ProcessModify", obj.Type + " [" + obj.Identity + "] " + statusAction + ".");
if (group.Groups != null)
{
ProcessGroupAdd(group, false);
}
result.Statuses.Add(status);
break;
case AdObjectType.OrganizationalUnit:
AdOrganizationalUnit ou = (AdOrganizationalUnit)obj;
// Get DistinguishedName from User or Group Identity for ManagedBy Property
if (!String.IsNullOrWhiteSpace(ou.ManagedBy))
{
if (ou.Properties == null)
{
ou.Properties = new Dictionary <string, List <string> >();
}
if (!ou.Properties.ContainsKey("managedBy"))
{
String distinguishedName = DirectoryServices.GetDistinguishedName(ou.ManagedBy);
if (distinguishedName == null)
{
distinguishedName = ou.ManagedBy;
}
List <String> values = new List <string>()
{
distinguishedName
};
ou.Properties.Add("managedBy", values);
}
}
if (config.UseUpsert && !DirectoryServices.IsExistingDirectoryEntry(obj.Identity))
{
if (DirectoryServices.IsDistinguishedName(obj.Identity))
{
String path = DirectoryServices.GetParentPath(obj.Identity);
roleManager.CanPerformActionOrException(requestUser, ActionType.Create, path);
if (!String.IsNullOrWhiteSpace(ou.Description))
{
DirectoryServices.AddProperty(ou.Properties, "description", ou.Description);
}
DirectoryServices.CreateOrganizationUnit(obj.Identity, ou.Properties, isDryRun);
statusAction = "Created";
}
else
{
throw new AdException($"Identity [{obj.Identity}] Must Be A Distinguished Name For Organizational Unit Creation.", AdStatusType.MissingInput);
}
}
else
{
roleManager.CanPerformActionOrException(requestUser, ActionType.Modify, obj.Identity);
if (!String.IsNullOrWhiteSpace(ou.Description))
{
DirectoryServices.AddProperty(ou.Properties, "description", ou.Description);
}
DirectoryServices.ModifyOrganizationUnit(ou.Identity, ou.Properties, isDryRun);
}
OnLogMessage("ProcessModify", obj.Type + " [" + obj.Identity + "] " + statusAction + ".");
result.Statuses.Add(status);
break;
default:
throw new AdException("Action [" + config.Action + "] Not Implemented For Type [" + obj.Type + "]", AdStatusType.NotSupported);
}
if (returnObject)
{
result.Object = GetActiveDirectoryObject(obj);
}
}
catch (AdException ex)
{
ProcessActiveDirectoryException(result, ex, status.Action);
}
catch (Exception e)
{
OnLogMessage("ProcessCreate", e.Message);
OnLogMessage("ProcessCreate", e.StackTrace);
AdException le = new AdException(e);
ProcessActiveDirectoryException(result, le, status.Action);
}
results.Add(result);
}
