private string GetDefaultDomain(DomainPath domainPath)
{
using (DirectoryEntry entry = new DirectoryEntry(domainPath.GetPathWithProtocol()))
{
return(entry.Properties["dc"].Value.ToString());
}
}
protected virtual T GetPrincipalInternal <T>(Guid nativeGuid, ICollection <string> additionalPropertyNames = null) where T : Principal
{
using (DirectoryEntry domainEntry = GetDirectoryEntryByNativeGuid(nativeGuid))
{
DomainPath domainPath = ResolveDomainPath(domainEntry);
return(Principal.FromDirectoryEntry <T>(domainPath, domainEntry, additionalPropertyNames));
}
}
public ActiveDirectoryService(DomainPath domainPath)
{
if (domainPath == null)
{
throw new ArgumentNullException("domainPath", "Domain path must be defined.");
}
this.domainPath = domainPath;
}
public static T FromDirectoryEntry <T>(DomainPath domainPath, DirectoryEntry directoryEntry, ICollection <string> additionalPropertyNames = null) where T : Principal
{
Principal principal = FromDirectoryEntry(domainPath, directoryEntry, additionalPropertyNames);
if (principal is T)
{
return((T)principal);
}
throw new InvalidCastException(string.Format("Could not cast principal '{0}' to type '{1}'.", principal.AccountName, typeof(T).FullName));
}
protected Principal(DomainPath domainPath, DirectoryEntry directoryEntry, ICollection <string> additionalPropertyNames)
{
this.domainPath = domainPath;
AccountName = directoryEntry.Properties[ActiveDirectoryProperties.AccountName].Value.ToString();
NativeGuid = new Guid(directoryEntry.NativeGuid);
DomainPath = directoryEntry.Path;
DomainName = GetDomainName(directoryEntry);
DisplayName = GetDisplayName(directoryEntry) ?? AccountName;
AdditionalProperties = GetAdditionalProperties(directoryEntry, additionalPropertyNames);
}
public virtual IReadOnlyCollection <IPrincipal> GetGroupsWhereUserIsMember(Guid userNativeGuid)
{
using (DirectoryEntry domainEntry = GetDirectoryEntryByNativeGuid(userNativeGuid))
{
SecurityIdentifier sid = GetObjectSid(domainEntry);
DomainPath domainPath = ResolveDomainPath(domainEntry);
UserPrincipal principal = Principal.FromDirectoryEntry <UserPrincipal>(domainPath, domainEntry);
IReadOnlyCollection <IPrincipal> parentGroups = GetGroupsWhereUserIsMemberInternal(principal);
IReadOnlyCollection <IPrincipal> foreignGroups = GetGroupsWhereUserIsMemberInternal(sid);
return(parentGroups.Concat(foreignGroups.Where(o => parentGroups.All(p => p.NativeGuid != o.NativeGuid))).ToList());
}
}
public PrincipalSearcher(DomainPath domainPath, DirectoryEntry searchRoot, ICollection <string> additionalPropertyNames = null)
: base(searchRoot)
{
this.domainPath = domainPath;
this.additionalPropertyNames = additionalPropertyNames;
PropertiesToLoad.Add(ActiveDirectoryProperties.ObjectGuid);
PropertiesToLoad.Add(ActiveDirectoryProperties.DisplayName);
PropertiesToLoad.Add(ActiveDirectoryProperties.Member);
PropertiesToLoad.Add(ActiveDirectoryProperties.MemberOf);
if (additionalPropertyNames != null)
{
foreach (string propertyName in additionalPropertyNames)
{
PropertiesToLoad.Add(propertyName);
}
}
}
public static Principal FromDirectoryEntry(DomainPath domainPath, DirectoryEntry directoryEntry, ICollection <string> additionalPropertyNames = null)
{
if (directoryEntry == null)
{
throw new ArgumentNullException("directoryEntry");
}
if (directoryEntry.Properties[ActiveDirectoryProperties.AccountName].Value == null)
{
throw new ActiveDirectoryException("Account name property not found in active directory entry.");
}
bool isGroup = directoryEntry.SchemaClassName == ActiveDirectoryProperties.AccountGroup;
if (isGroup)
{
return(new GroupPrincipal(domainPath, directoryEntry, additionalPropertyNames));
}
return(new UserPrincipal(domainPath, directoryEntry, additionalPropertyNames));
}
protected virtual List <IPrincipal> GetParentDomainPaths(string path, string distinguishedName)
{
List <IPrincipal> principals = new List <IPrincipal>();
string fullDomainPath = path + "/" + distinguishedName;
using (DirectoryEntry entry = new DirectoryEntry(fullDomainPath))
{
DomainPath domainPath = ResolveDomainPath(path);
GroupPrincipal principal = Principal.FromDirectoryEntry(domainPath, entry) as GroupPrincipal;
if (principal != null)
{
principals.Add(principal);
foreach (string memberOf in entry.Properties[ActiveDirectoryProperties.MemberOf])
{
List <IPrincipal> groups = GetParentDomainPaths(path, memberOf);
principals.AddRange(groups.Where(o => principals.All(p => p.NativeGuid != o.NativeGuid)));
}
}
}
return(principals);
}
protected virtual IReadOnlyCollection <IPrincipal> GetGroupsWhereUserIsMemberInternal(UserPrincipal principal)
{
var groups = new List <IPrincipal>();
DomainPath domainPath = ResolveDomainPath(principal.DomainPath);
foreach (string parentDomainPath in principal.ParentDomainPaths)
{
string path = string.Format("{0}/{1}", domainPath.GetPathWithProtocol(), parentDomainPath);
using (var entry = new DirectoryEntry(path))
{
groups.Add(Principal.FromDirectoryEntry(domainPath, entry));
}
}
if (!groups.Select(p => p.AccountName).Any(accountName => accountName.ToLower().Contains("domain users")))
{
string domain = domains[domainPath];
groups.Add(GetPrincipalInternal <GroupPrincipal>(string.Format("{0}\\Domain users", domain)));
}
return(groups);
}
public UserPrincipal(DomainPath domainPath, DirectoryEntry directoryEntry, ICollection <string> additionalPropertyNames)
: base(domainPath, directoryEntry, additionalPropertyNames)
{
isActive = IsActiveUser(directoryEntry);
ParentDomainPaths = GetParentDomainPaths(directoryEntry);
}
public GroupPrincipal(DomainPath domainPath, DirectoryEntry directoryEntry, ICollection <string> additionalPropertyNames)
: base(domainPath, directoryEntry, additionalPropertyNames)
{
ChildDomainPaths = GetChildDomainPaths(directoryEntry);
}