/// <summary> /// Gets all groups for the selected user AD Object is member of /// Add groups to the Member Of page listview /// </summary> /// <param name="ce"></param> /// <param name="servername"></param> /// <param name="name"></param> /// <param name="dirnode"></param> public void SetData(CredentialEntry ce, string servername, string name, ADUCDirectoryNode dirnode) { _servername = servername; _dirnode = dirnode; try { string[] groupDns = UserGroupUtils.GetGroupsforUser(dirnode); MemoflistView.Items.Clear(); //show a list of group names in the member of page Logger.Log("user member of contains: "); if (groupDns != null && groupDns.Length > 0) { //populate the data in usermemberOf page using groupDns foreach (string groupDn in groupDns) { Logger.Log("group: " + groupDn); //CN=Domain Users,CN=Users,DC=qadom,DC=centeris,DC=com // split the groupDns string[] slvItem = UserGroupUtils.splitDn(groupDn); string sLDAPPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, groupDn); DirectoryEntry entry = new DirectoryEntry(sLDAPPath, _dirnode.LdapContext.UserName, _dirnode.LdapContext.Password); if (entry == null) { return; } ListViewItem lvItem = new ListViewItem(slvItem); lvItem.ImageIndex = MemOfPages.GetIndexForADObject(entry); MemoflistView.Items.Add(lvItem); lvItem.Tag = groupDn; if (!slvItem[0].Equals("Domain Users", StringComparison.InvariantCultureIgnoreCase)) { MemofDnList.Add(groupDn); } } //settings primary group to user sPrimayGroup = UserGroupUtils.GetPrimaryGroup(_dirnode); string[] Items = UserGroupUtils.splitDn(sPrimayGroup); if (!string.IsNullOrEmpty(Items[0])) { DomainUserlabel.Text = Items[0]; } if (MemoflistView.Items.Count > 0) { MemoflistView.Items[0].Selected = true; } } } catch (Exception ex) { Logger.LogException("UserMemberOfPage.SetData", ex); } }
/// <summary> /// Queries and initializes the ldapMessage for the selected group /// Gets all users and groups those are members for selected group /// Fills the list with listview /// </summary> /// <param name="ce"></param> /// <param name="servername"></param> /// <param name="name"></param> /// <param name="dirnode"></param> public void SetData(CredentialEntry ce, string servername, string name, ADUCDirectoryNode dirnode) { Dictionary <string, string> members = UserGroupUtils.GetGroupMembers(dirnode); foreach (string str in members.Keys) { OriginalObjects.Add(str); ModifiedObjects.Add(str.ToLower()); } _dirnode = dirnode; MemoflistView.Items.Clear(); //show a list of group names in the member of page Logger.Log("Group member contains: "); foreach (string sDN in members.Keys) { string[] slvItem = null; System.DirectoryServices.DirectoryEntry de = new System.DirectoryServices.DirectoryEntry(sDN, _dirnode.LdapContext.UserName, _dirnode.LdapContext.Password); if (members[sDN].Equals("foreignSecurityPrincipal")) { byte[] objectSid = de.Properties["objectSid"].Value as byte[]; string Sid = UserGroupUtils.SIDtoString(objectSid); string cn = UserGroupUtils.GetGroupFromForeignSecurity(Sid, dirnode.LdapContext); if (cn != null) { slvItem = new string[] { cn, "NT AUTHORITY" }; } else { continue; } } else { slvItem = UserGroupUtils.splitDn(sDN); } ListViewItem lvItem = new ListViewItem(slvItem); lvItem.ImageIndex = MemOfPages.GetIndexForADObject(de); MemoflistView.Items.Add(lvItem); lvItem.Tag = sDN; } if (MemoflistView.Items.Count > 0) { MemoflistView.Items[0].Selected = true; } }
//when adding a user to a new group, we need modify the group's "member" attribute to include this user, // we cannot modify the user's "memberof" attribute public bool OnApply() { bool retVal = true; if (IsPrimaryGroupChanged) { List <LDAPMod> attrlist = new List <LDAPMod>(); //the following portion of code uses openldap "ldap_Modify_s" string basedn = _dirnode.DistinguishedName; DirectoryContext dirContext = _dirnode.LdapContext; string[] objectClass_values = null; //first obtain the current primaryGroupID value DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, ChangedPrimaryGroup));; if (de.Properties["primaryGroupToken"].Value != null) { int iPrimaryGroupToken = Convert.ToInt32(de.Properties["primaryGroupToken"].Value.ToString()); objectClass_values = new string[] { iPrimaryGroupToken.ToString(), null }; LDAPMod attr_info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "primaryGroupID", objectClass_values); LDAPMod[] attrinfo = new LDAPMod[] { attr_info }; int ret = dirContext.ModifySynchronous(basedn, attrinfo); Logger.Log("Modify primaryGroupID returns " + ret); if (ret == 0) { string[] Items = UserGroupUtils.splitDn(ChangedPrimaryGroup); if (!string.IsNullOrEmpty(Items[0])) { DomainUserlabel.Text = Items[0]; } } else { retVal = false; } } } retVal = MemOfPages.OnApply_helper(MemofDnList, AddedGroups, RemovedGroups, _dirnode, this); return(retVal); }
/// <summary> /// Shows the AddUserToGroup dialog with the all groups and users /// AddUsertoGroup.MEMBERS_PAGE parameter will tell the tree to show both Group and User /// On Apply will adds new entry to the "members" attribute for the selected "group" /// </summary> /// <param name="sender"></param> /// <param name="e"></param> private void Addbutton_Click(object sender, EventArgs e) { // show picker string sLdapPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, _dirnode.DistinguishedName); string sProtocol; string sServer; string sCNs; string sDCs; System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs); string groupScope = GetgroupType(); System.DirectoryServices.Misc.DsPicker f = new System.DirectoryServices.Misc.DsPicker(groupScope); f.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_ONLY_DOMAIN_USERS_OR_GROUPS, sProtocol, sServer, sDCs, true); if (f.waitForm != null && f.waitForm.bIsInterrupted) { return; } if (f.ShowDialog(this) == DialogResult.OK) { if (f.ADobjectsArray != null && f.ADobjectsArray.Length != 0) { foreach (System.DirectoryServices.Misc.ADObject ado in f.ADobjectsArray) { bool bIsObjectExists = false; string sDN = ado.de.Properties["distinguishedName"].Value as string; string[] slvItem = UserGroupUtils.splitDn(sDN); if (IsItemExists(sDN)) { string sMsg = "The object " + slvItem[0] + " is already in the list \nand cannot be added a second time"; container.ShowError(sMsg); bIsObjectExists = true; } if (sDN.Equals(_dirnode.DistinguishedName)) { container.ShowError("A group cannot be made a member of itself."); continue; } if (!bIsObjectExists) { ListViewItem lvItem = new ListViewItem(slvItem); lvItem.ImageIndex = MemOfPages.GetIndexForADObject(ado.de); MemoflistView.Items.Add(lvItem); lvItem.Tag = sDN; bool found = false; foreach (string str in ModifiedObjects) { if (str.Equals(sDN, StringComparison.InvariantCultureIgnoreCase)) { found = true; break; } } //do not add duplicate objects if (!found) { ModifiedObjects.Add(sDN.ToLower()); } memListchanged = true; } } } } else { memListchanged = false; } UpdateApplyButton(); }
/// <summary> /// Populate the AddUsertoGroup model dialog /// AddUsertoGroup.MEMOF_PAGE is parameter which filter only the groups /// Gets the selected group and add it to the list, removed from the RemovedGroups list if it is exists /// </summary> /// <param name="sender"></param> /// <param name="e"></param> private void Addbutton_Click(object sender, EventArgs e) { // show picker string sLdapPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, _dirnode.DistinguishedName); string sProtocol; string sServer; string sCNs; string sDCs; System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs); System.DirectoryServices.Misc.DsPicker f = new System.DirectoryServices.Misc.DsPicker(); f.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_GROUPS, sProtocol, sServer, sDCs, true); if (f.waitForm != null && f.waitForm.bIsInterrupted) { return; } if (f.ShowDialog(this) == DialogResult.OK) { if (f.ADobjectsArray != null && f.ADobjectsArray.Length != 0) { foreach (System.DirectoryServices.Misc.ADObject ado in f.ADobjectsArray) { bool bIsObjectExists = false; string sDN = ado.de.Properties["distinguishedName"].Value as string; string[] slvItem = UserGroupUtils.splitDn(sDN); if (IsItemExists(sDN)) { string sMsg = "The object " + slvItem[0] + " is already in the list \nand cannot be added a second time"; container.ShowError(sMsg); bIsObjectExists = true; } if (!bIsObjectExists) { string sLDAPPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, sDN); DirectoryEntry entry = new DirectoryEntry(sLDAPPath, _dirnode.LdapContext.UserName, _dirnode.LdapContext.Password); if (entry == null) { return; } ListViewItem lvItem = new ListViewItem(slvItem); lvItem.ImageIndex = MemOfPages.GetIndexForADObject(entry); MemoflistView.Items.Add(lvItem); lvItem.Tag = sDN; if (!slvItem[0].Equals("Domain Users", StringComparison.InvariantCultureIgnoreCase)) { MemofDnList.Add(sDN); AddedGroups.Add(sDN); foreach (string str in RemovedGroups) { if (str.Equals(sDN, StringComparison.InvariantCultureIgnoreCase)) { } // Remove the selected group from the list, if it is exists RemovedGroups.Remove(sDN); break; } } memListchanged = true; } } } } else { memListchanged = false; } UpdateApplyButton(); }
/// <summary> /// when adding a user to a new group, we need modify the group's "member" attribute to include this user, /// we cannot modify the user's "memberof" attribute /// </summary> /// <returns></returns> public bool OnApply() { bool retVal = MemOfPages.OnApply_helper(MemofDnList, AddedGroups, RemovedGroups, _dirnode, this); return(retVal); }