private static bool IsChildrenModified(IOguObject oguObject, ADObjectWrapper targetObject)
{
ADHelper adHelper = SynchronizeContext.Current.ADHelper;
SearchResult result = SynchronizeHelper.GetSearchResultByDN(adHelper, targetObject.DN, ADSchemaType.Groups); //当前肯定有改组存在
ResultPropertyValueCollection adMembers = result.Properties["member"];
IUser[] oguUsers = ((IGroup)oguObject).Members.Where(u => u.FullPath.StartsWith(SynchronizeContext.Current.StartPath) && u.IsSideline == false).ToArray();
if (adMembers.Count != oguUsers.Count())
{
return(true);
}
foreach (var memberDN in adMembers)
{
bool exists = false;
for (int i = oguUsers.Length - 1; i >= 0; i--)
{
if (SynchronizeHelper.AppendNamingContext(SynchronizeHelper.GetOguObjectDN(oguUsers[i])) == memberDN.ToString())
{
exists = true;
break;
}
}
if (exists == false)
{
return(true);
}
}
return(false);
}
private void RecursiveProcess(IOguObject oguObject)
{
if (oguObject != null && SynchronizeContext.Current.IsIncluded(oguObject))
{
SynchronizeContext.Current.ExtendLockTime();
SynchronizeContext.Current.CurrentOguObject = oguObject;
Debug.WriteLine("递归:OGU对象:" + oguObject.FullPath);
//AD中是否找到对应的权限中心的对象
ADObjectWrapper adObject = ADObjectFinder.Find(oguObject);
if (oguObject.ObjectType == SchemaType.Groups)
{
SynchronizeContext.Current.PrepareGroupToTakeCare(oguObject); //需注意的群组
}
if (adObject == null) //没找到,新增
{
if (SynchronizeContext.Current.IsRealObject(oguObject))
{
Trace.WriteLine("AD中不存在决定新增" + oguObject.FullPath);
SynchronizeContext.Current.PrepareAndAddModifiedItem(oguObject, adObject, ObjectModifyType.Add);
}
else
{
Trace.WriteLine("不要新增AD中实际不存在的对象" + oguObject.FullPath);
}
}
else
{
if (SynchronizeContext.Current.IsRealObject(oguObject))
{
//比较已经找到的两个对象的差异
Trace.Write("AD中存在,比较差异……");
//比较差异,也要考虑时间戳是否变化
ObjectModifyType compareResult = ObjectComparerHelper.Compare(oguObject, adObject);
Trace.WriteLine(compareResult);
if (compareResult != ObjectModifyType.None) // 修改
{
SynchronizeContext.Current.PrepareAndAddModifiedItem(oguObject, adObject, compareResult);
}
}
else
{
Trace.WriteLine("实际不存在,该删掉的对象:" + oguObject.FullPath);
}
}
if (oguObject.ObjectType == SchemaType.Organizations)
{
//组织要检查是否有删除项,然后递归
ProcessOrganization((IOrganization)oguObject, adObject);
}
}
}
private void ProcessOrganization(IOrganization organization, ADObjectWrapper adObject)
{
SynchronizeContext.Current.ExtendLockTime();
IList <IOrganization> allOrganizationChildren = GetObjectDetailInfo <IOrganization>(organization.Children);
SynchronizeContext.Current.ExtendLockTime();
IList <IUser> allUserChildren = GetUserDetailInfo(organization.Children);
SynchronizeContext.Current.ExtendLockTime();
IList <IGroup> allGroupChildren = GetObjectDetailInfo <IGroup>(organization.Children);
//如果AD中有对应的组织
if (adObject != null)
{
//在AD中找对应的子对象
List <ADObjectWrapper> allADChildren = SynchronizeHelper.SearchChildren(adObject);
Trace.WriteLine("检查AD中的子项,共" + allADChildren.Count + "项");
foreach (ADObjectWrapper child in allADChildren)
{
SynchronizeContext.Current.ExtendLockTime();
if (child.Properties.Contains("displayNamePrintable"))
{
//肯定是群组了
if (SynchronizeHelper.PermissionCenterInvolved.Equals(child.Properties["displayNamePrintable"]))
{
IOguObject subObj = OguObjectFinder.Find(child, organization.Children);
if (subObj == null)
{
//在权限中心的组织下没有找到则删除项
SynchronizeContext.Current.PrepareAndAddDeletedItem(subObj, child, ObjectModifyType.Delete);
Trace.WriteLineIf(subObj == null, "无对应AD对象 " + child.DN + "的OGU对象,加入删除列表");
}
}
}
else
{
IOguObject subObj = OguObjectFinder.Find(child, organization.Children);
if (subObj == null)
{
//在权限中心的组织下没有找到则删除项
SynchronizeContext.Current.PrepareAndAddDeletedItem(subObj, child, ObjectModifyType.Delete);
Trace.WriteLineIf(subObj == null, "无对应AD对象 " + child.DN + "的OGU对象,加入删除列表");
}
}
}
}
allUserChildren.ForEach(child => RecursiveProcess(child));
allGroupChildren.ForEach(child => RecursiveProcess(child));
allOrganizationChildren.ForEach(child => RecursiveProcess(child));
}
public override bool Compare(object srcObject, string srcPropertyName, object targetObject, string targetPropertyName, string context)
{
(srcObject is IOguObject).FalseThrow("srcObject必须是IOguObject类型");
(targetObject is ADObjectWrapper).FalseThrow("targetObject必须是ADObjectWrapper类型");
IOguObject srcOguObject = (IOguObject)srcObject;
ADObjectWrapper adObject = (ADObjectWrapper)targetObject;
return(ComparePropertyValue(srcOguObject, srcPropertyName, adObject, targetPropertyName, context));
}
private static void ModifyADObjectProperties(ObjectModifyType modifyType, ModifiedItem item)
{
IOguObject oguObject = item.OguObjectData;
ADObjectWrapper adObject = item.ADObjectData;
using (DirectoryEntry entry = SynchronizeHelper.GetSearchResultByID(SynchronizeContext.Current.ADHelper, adObject.NativeGuid, (ADSchemaType)oguObject.ObjectType).GetDirectoryEntry())
{
entry.ForceBound();
ObjectSetterHelper.Convert(modifyType, oguObject, entry);
}
}
private static ADObjectWrapper FindOUObject(IOguObject oguObject)
{
ADObjectWrapper adObject = null;
string objectGuid;
if (SynchronizeContext.Current.IDMapper.SCIDMappingDictionary.ContainsKey(oguObject.ID))
{
var idMapping = SynchronizeContext.Current.IDMapper.SCIDMappingDictionary[oguObject.ID];
objectGuid = idMapping.ADObjectGuid;
adObject = SynchronizeHelper.GetSearchResultByID(SynchronizeContext.Current.ADHelper, objectGuid, ADSchemaType.Organizations).ToADOjectWrapper();
if (adObject == null)
{
//这里要删除ID映射
if (!SynchronizeContext.Current.IDMapper.DeleteIDMappingDictionary.ContainsKey(oguObject.ID))
{
SynchronizeContext.Current.IDMapper.DeleteIDMappingDictionary.Add(idMapping);
}
SynchronizeContext.Current.IDMapper.SCIDMappingDictionary.Remove(c => c.SCObjectID == oguObject.ID);
}
}
if (adObject == null) //通过ID没找到
{
string dn = SynchronizeHelper.GetOguObjectDN(oguObject);
if (dn != "")
{
adObject = SynchronizeHelper.GetSearchResultByDN(SynchronizeContext.Current.ADHelper, dn, ADSchemaType.Organizations).ToADOjectWrapper();
if (adObject != null)
{
//这里首先要判断是否已被映射过
if (SynchronizeContext.Current.IDMapper.ADIDMappingDictionary.ContainsKey(adObject.NativeGuid))
{
adObject = null;
}
}
}
else
{
//using (DirectoryEntry root = SynchronizeContext.Current.ADHelper.GetRootEntry())
//{
// adObject = new ADObjectWrapper() { ObjectType = ADSchemaType.Organizations };
// adObject.Properties["distinguishedName"] = root.Properties["distinguishedName"][0].ToString();
// adObject.Properties["objectGUID"] = root.NativeGuid;
// adObject.Properties["name"] = root.Name;
//}
}
}
return(adObject);
}
public static ADObjectWrapper Find(IOguObject oguObject, bool keepExists)
{
ADObjectWrapper adObject = null;
switch (oguObject.ObjectType)
{
case SchemaType.Organizations:
adObject = FindOUObject(oguObject);
break;
case SchemaType.Users:
adObject = FindUserObject(oguObject);
break;
case SchemaType.Groups:
adObject = FindGroupObject(oguObject);
break;
default:
throw new Exception("oguObject对象SchemaType不正确");
}
if (SynchronizeContext.Current.IDMapper.SCIDMappingDictionary.ContainsKey(oguObject.ID) == false)
{
{
//这里要新增ID映射
DateTime modifyTime = DateTime.MinValue;
if (oguObject.Properties["VERSION_START_TIME"] != null)
{
DateTime.TryParse(oguObject.Properties["VERSION_START_TIME"].ToString(), out modifyTime);
}
var mapping = adObject == null ? null : new IDMapping()
{
SCObjectID = oguObject.ID,
ADObjectGuid = adObject.NativeGuid,
LastSynchronizedVersionTime = modifyTime
};
if (keepExists == false)
{
SynchronizeContext.Current.IDMapper.NewIDMappingDictionary[oguObject.ID] = mapping;
}
else if (mapping != null)
{
SynchronizeContext.Current.IDMapper.SCIDMappingDictionary.AddNotExistsItem(mapping);
}
}
}
return(adObject);
}
public override ObjectModifyType Compare(IOguObject srcObject, ADObjectWrapper targetObject)
{
ObjectModifyType result = CompareProperties(srcObject, targetObject);
//if (IsChildrenModified(srcObject, targetObject))
// result |= ObjectModifyType.ChildrenModified;
if (targetObject.Properties.Contains("displayNamePrintable") == false || SynchronizeHelper.PermissionCenterInvolved.Equals(targetObject.Properties["displayNamePrintable"]) == false)
{
result |= ObjectModifyType.MissingMarker;
}
return(result);
}
public static IOguObject Find(ADObjectWrapper childADObject, IEnumerable <IOguObject> oguObjects)
{
IOguObject result = null;
//这里仅仅是查找所给集合里是不是存在相应的对象
foreach (var obj in oguObjects)
{
if (obj.ObjectType == SchemaType.Users)
{
if (((IUser)obj).IsSideline)
{
// continue;
}
}
var guid = childADObject.NativeGuid;
if (SynchronizeContext.Current.IDMapper.ADIDMappingDictionary.ContainsKey(guid)) //有映射
{
if (obj.ID == SynchronizeContext.Current.IDMapper.ADIDMappingDictionary[guid].SCObjectID)
{
result = obj;
}
}
else
{
switch (childADObject.ObjectType)
{
case ADSchemaType.Organizations:
if (SynchronizeHelper.AppendNamingContext(childADObject.DN) ==
SynchronizeHelper.AppendNamingContext(SynchronizeHelper.GetOguObjectDN(obj)))
{
result = obj;
}
break;
case ADSchemaType.Groups:
case ADSchemaType.Users:
if (childADObject.Properties["samAccountName"].ToString() == obj.Properties["LOGON_NAME"].ToString())
{
result = obj;
}
break;
}
}
}
return(result);
}
public static ADObjectWrapper ToADOjectWrapper(this SearchResult searchResult)
{
ADObjectWrapper adOjectWrapper = null;
if (searchResult != null)
{
ADHelper adHelper = SynchronizeContext.Current.ADHelper;
adOjectWrapper = new ADObjectWrapper();
if (searchResult.IsOrgnization())
{
adOjectWrapper.ObjectType = ADSchemaType.Organizations;
foreach (var adouObjNeededProperty in ADOUObjNeededProperties)
{
adOjectWrapper.Properties.Add(adouObjNeededProperty,
adHelper.GetSearchResultPropertyStrValues(adouObjNeededProperty, searchResult));
}
}
else if (searchResult.IsUser())
{
adOjectWrapper.ObjectType = ADSchemaType.Users;
foreach (var adouObjNeededProperty in ADUserObjNeededProperties)
{
adOjectWrapper.Properties.Add(adouObjNeededProperty,
adHelper.GetSearchResultPropertyStrValues(adouObjNeededProperty, searchResult));
}
}
else if (searchResult.IsGroup())
{
adOjectWrapper.ObjectType = ADSchemaType.Groups;
foreach (var adouObjNeededProperty in ADGroupObjNeededProperties)
{
adOjectWrapper.Properties.Add(adouObjNeededProperty,
adHelper.GetSearchResultPropertyStrValues(adouObjNeededProperty, searchResult));
}
}
}
return(adOjectWrapper);
}
public static List <ADObjectWrapper> SearchChildren(ADObjectWrapper adObject)
{
List <ADObjectWrapper> result = new List <ADObjectWrapper>();
ADHelper adHelper = SynchronizeContext.Current.ADHelper;
ADSearchConditions condition = new ADSearchConditions(SearchScope.OneLevel);
using (DirectoryEntry parentEntry = adHelper.NewEntry(adObject.DN))
{
List <SearchResult> searchList = adHelper.ExecuteSearch(parentEntry,
ADSearchConditions.GetFilterByMask(ADSchemaType.Users | ADSchemaType.Organizations | ADSchemaType.Groups),
condition,
ADObjNeededProperties);
foreach (var searchResult in searchList)
{
result.Add(searchResult.ToADOjectWrapper());
}
}
return(result);
}
private static ADObjectWrapper FindGroupObject(IOguObject oguObject)
{
ADObjectWrapper adObject = null;
string objectGuid;
if (SynchronizeContext.Current.IDMapper.SCIDMappingDictionary.ContainsKey(oguObject.ID))
{
var idMapping = SynchronizeContext.Current.IDMapper.SCIDMappingDictionary[oguObject.ID];
objectGuid = idMapping.ADObjectGuid;
adObject = SynchronizeHelper.GetSearchResultByID(SynchronizeContext.Current.ADHelper, objectGuid, ADSchemaType.Groups).ToADOjectWrapper();
if (adObject == null)
{
//这里要删除ID映射
if (!SynchronizeContext.Current.IDMapper.DeleteIDMappingDictionary.ContainsKey(oguObject.ID))
{
SynchronizeContext.Current.IDMapper.DeleteIDMappingDictionary.Add(idMapping);
}
SynchronizeContext.Current.IDMapper.SCIDMappingDictionary.Remove(c => c.SCObjectID == oguObject.ID);
}
}
if (adObject == null) //通过ID没找到
{
adObject = SynchronizeHelper.GetSearchResultByLogonName(oguObject.Properties["LOGON_NAME"].ToString(), ADSchemaType.Groups).ToADOjectWrapper();
if (adObject != null)
{
//这里首先要判断是否已被映射过
if (SynchronizeContext.Current.IDMapper.ADIDMappingDictionary.ContainsKey(adObject.NativeGuid))
{
adObject = null;
}
}
}
return(adObject);
}
private void EnsureRootOU(IOrganization startOrg)
{
if (SynchronizeContext.Current.IsIncluded(startOrg) == false)
{
throw new InvalidOperationException("同步根不在同步范围内");
}
List <string> parentPaths = SynchronizeHelper.GetAllParentPaths(startOrg.FullPath);
if (parentPaths.Count > 0)
{
foreach (string path in parentPaths)
{
if (path == SynchronizeContext.Current.SourceRootPath)
{
continue; // 根节点不应该被处理
}
var curOrg = OguMechanismFactory.GetMechanism().GetObjects <IOrganization>(SearchOUIDType.FullPath, path).FirstOrDefault();
if (SynchronizeContext.Current.IsIncluded(curOrg))
{
ADObjectWrapper adObject = ADObjectFinder.Find(curOrg, true);
if (adObject == null) //这里判断找不到的情况,则加到变更列表
{
SynchronizeContext.Current.PrepareAndAddModifiedItem(curOrg, adObject, ObjectModifyType.Add);
}
else //否则需要比较一下路径对不对,有可能按ID找到了,但路径变了
{
if (!ObjectComparerHelper.ArePathEqaul(curOrg, adObject))
{
SynchronizeContext.Current.PrepareAndAddModifiedItem(curOrg, adObject, ObjectModifyType.PropertyModified);
}
}
}
}
}
}
public static List <ADObjectWrapper> FindAllChildrenUser(ADObjectWrapper adObject)
{
List <ADObjectWrapper> result = new List <ADObjectWrapper>();
ADHelper adHelper = SynchronizeContext.Current.ADHelper;
ADSearchConditions condition = new ADSearchConditions(SearchScope.Subtree);
condition.PageSize = 1000;
using (DirectoryEntry parentEntry = adHelper.NewEntry(adObject.DN))
{
List <SearchResult> searchList = adHelper.ExecuteSearch(parentEntry,
ADSearchConditions.GetFilterByMask(ADSchemaType.Users),
condition,
ADUserObjNeededProperties);
foreach (SearchResult searchResult in searchList)
{
result.Add(searchResult.ToADOjectWrapper());
}
}
return(result);
}
public static ObjectModifyType Compare(IOguObject oguObject, ADObjectWrapper adObject)
{
OguAndADObjectComparerBase comparer = GetComparer(oguObject);
return(comparer.Compare(oguObject, adObject));
}
private static void DeleteADObject(ObjectModifyType modifyType, IOguObject oguObject, ADObjectWrapper adObject)
{
ADHelper adHelper = SynchronizeContext.Current.ADHelper;
using (DirectoryEntry entry = SynchronizeHelper.GetSearchResultByID(adHelper, adObject.NativeGuid).GetDirectoryEntry())
{
entry.ForceBound();
ObjectSetterHelper.Convert(modifyType, oguObject, entry);
}
}
protected override bool ComparePropertyValue(IOguObject srcOguObject, string srcPropertyName, ADObjectWrapper adObject, string targetPropertyName, string context)
{
string srcPropertyValue = null;
if (srcOguObject.Properties[srcPropertyName] != null)
{
srcPropertyValue = srcOguObject.Properties[srcPropertyName].ToString();
}
string targetPropertyValue = null;
if (adObject.Properties[targetPropertyName] != null)
{
targetPropertyValue = adObject.Properties[targetPropertyName].ToString();
}
bool result = false;
if (srcPropertyValue != null && targetPropertyValue != null)
{
result = srcPropertyValue == targetPropertyValue;
}
return(result);
}
protected abstract bool ComparePropertyValue(IOguObject srcOguObject, string srcPropertyName, ADObjectWrapper adObject, string targetPropertyName, string context);
protected override bool ComparePropertyValue(IOguObject srcOguObject, string srcPropertyName, ADObjectWrapper adObject, string targetPropertyName, string context)
{
string targetPropertyValue = null;
if (adObject.Properties[targetPropertyName] != null)
{
targetPropertyValue = adObject.Properties[targetPropertyName].ToString();
}
return(SynchronizeHelper.AppendNamingContext(SynchronizeHelper.GetOguObjectDN(srcOguObject)) == targetPropertyValue);
}
protected override bool ComparePropertyValue(IOguObject srcOguObject, string srcPropertyName, ADObjectWrapper adObject, string targetPropertyName, string context)
{
DateTime dtResult = DateTime.MinValue;
long adAccountExpiresValue = Convert.ToInt64(adObject.Properties[targetPropertyName]);
try
{
if (adAccountExpiresValue != SynchronizeHelper.ACCOUNT_EXPIRES_MAX_VALUE)
{
if (adAccountExpiresValue != 0)
{
DateTime dt = DateTime.FromFileTime(adAccountExpiresValue);
//舍弃掉毫秒
dtResult = new DateTime(dt.Year, dt.Month, dt.Day, dt.Hour, dt.Minute, dt.Second, dt.Millisecond);
}
}
}
catch (System.ArgumentOutOfRangeException)
{
dtResult = DateTime.MaxValue;
}
dtResult = SynchronizeContext.Current.ADHelper.GetUserAccountExpirationDate(dtResult);
var accountExpiresDate = Convert.ToDateTime(srcOguObject.Properties[srcPropertyName]);
return(accountExpiresDate == dtResult);
}
protected override bool ComparePropertyValue(OGUPermission.IOguObject srcOguObject, string srcPropertyName, ADObjectWrapper adObject, string targetPropertyName, string context)
{
if (srcOguObject.FullPath == SynchronizeContext.Current.SourceRootPath)
{
//名称以权限中心为准
return(adObject.DN == SynchronizeHelper.AppendNamingContext(SynchronizeContext.Current.TargetRootOU));
}
else
{
string path = SynchronizeHelper.GetRelativePath(srcOguObject);
if (path.IndexOf('\\') > 0)
{
return(base.ComparePropertyValue(srcOguObject, srcPropertyName, adObject, targetPropertyName, context));
}
else
{
string dn = SynchronizeContext.Current.GetMappedName(srcOguObject.Name);
return(adObject.DN == SynchronizeHelper.AppendNamingContext(dn));
}
}
}
protected override bool ComparePropertyValue(IOguObject srcOguObject, string srcPropertyName, ADObjectWrapper adObject, string targetPropertyName, string context)
{
return(base.ComparePropertyValue(srcOguObject, srcPropertyName, adObject, targetPropertyName, context));
}
protected override bool ComparePropertyValue(IOguObject srcOguObject, string srcPropertyName, ADObjectWrapper adObject, string targetPropertyName, string context)
{
int userAccountControl = Convert.ToInt32(adObject.Properties[targetPropertyName]);
ADS_USER_FLAG uacFlag = ADS_USER_FLAG.ADS_UF_NONE;
bool result = true;
if (Enum.TryParse(context, out uacFlag))
{
bool originalFlag = ((userAccountControl & (int)uacFlag) == (int)uacFlag);
result = originalFlag == (bool)srcOguObject.Properties[srcPropertyName];
}
return(result);
}
public static bool AreParentPathEqaul(IOguObject oguObject, ADObjectWrapper adObject)
{
var localPathToDN = SynchronizeHelper.AppendNamingContext(SynchronizeHelper.GetParentObjectDN(oguObject));
return(localPathToDN == ADHelper.GetParentRdnSequence(adObject.DN));
}