|
public static LogException ( |
||
| ex | ||
| 리턴 | void | |
public static bool SyncVirtualUserFromAD(string adPath, Guid guid, User virtualUser, List <PropertyMapping> propertyMappings, string customADAdminAccountName, string customADAdminAccountPwd, bool novellSupport, string guidProp, bool syncUserName)
{
bool success = false;
try
{
using (var serverEntry = ConnectToAD(adPath, customADAdminAccountName, customADAdminAccountPwd, novellSupport, guidProp))
{
var filter = string.Format("{0}={1}", guidProp, Common.Guid2OctetString(guid));
using (var entry = SearchADObject(serverEntry, filter, novellSupport, guidProp))
{
if (entry != null)
{
UpdatePortalUserCustomProperties(entry, virtualUser, propertyMappings, syncUserName);
virtualUser["SyncGuid"] = guid.ToString();
success = true;
}
}
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
}
return(success);
}
private void CreateNewPortalOrgUnit(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
{
try
{
AdLog.LogADObject(string.Format("New portal orgunit - creating under {0}", parentPath), entry.Path);
OrganizationalUnit newOu = new OrganizationalUnit(Node.LoadNode(parentPath));
UpdatePortalOrgUnitProperties(entry, newOu, syncTree);
Common.UpdateLastSync(newOu, guid);
//newOu.Save(); - update lastsync already saves node
if (_portalContainers != null)
{
if (!_portalContainers.ContainsKey(guid.ToString()))
{
_portalContainers.Add(guid.ToString(), newOu.Id);
}
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
}
}
/* ==================================================================================== Public Methods */
public void CreateNewADUser(User user, string newPath, string passwd)
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
try
{
var parentPath = RepositoryPath.GetParentPath(newPath);
// get containing synctree
var syncTree = GetSyncTreeContainingPortalPath(parentPath);
if (syncTree == null)
{
// not synced object
return;
}
AdLog.LogPortalObject("Creating new AD user", user.Path);
var parentADPath = syncTree.GetADPath(parentPath);
CreateADUser(syncTree, parentADPath, user, passwd);
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
public static bool SyncVirtualUserFromAD(string adPath, string username, User virtualUser, List <PropertyMapping> propertyMappings, string customADAdminAccountName, string customADAdminAccountPwd, bool novellSupport, string guidProp, bool syncUserName)
{
bool success = false;
try
{
using (var serverEntry = ConnectToAD(adPath, customADAdminAccountName, customADAdminAccountPwd, novellSupport, guidProp))
{
var filter = string.Format("({0}={1})", SyncConfiguration.GetUserNameProp(propertyMappings), username);
using (var entry = SearchADObject(serverEntry, filter, novellSupport, guidProp))
{
if (entry != null)
{
UpdatePortalUserCustomProperties(entry, virtualUser, propertyMappings, syncUserName);
var guid = Common.GetADObjectGuid(entry, guidProp);
if (guid.HasValue)
{
virtualUser["SyncGuid"] = ((Guid)guid).ToString();
success = true;
}
}
}
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
}
return(success);
}
private static Dictionary <string, int> GetAllPortalObjects(ADObjectType objType)
{
var resultNodes = GetAllPortalObjectsByADObjectTypeAndPath(objType, "/Root/IMS");
//var startPath = "/Root/IMS";
//var types = (objType == ADObjectType.AllContainers)
// ? new[] { Common.GetNodeType(ADObjectType.OrgUnit).Name, Common.GetNodeType(ADObjectType.Container).Name, Common.GetNodeType(ADObjectType.Domain).Name }
// : new[] { Common.GetNodeType(objType).Name };
//var settings = new QuerySettings { EnableAutofilters = FilterStatus.Disabled, EnableLifespanFilter = FilterStatus.Disabled };
//var result = ContentQuery.Query(SafeQueries.InTreeAndTypeIs, settings, startPath, types);
var nodeList = new List <Node>();
foreach (var node in resultNodes)
{
try
{
if (!string.IsNullOrEmpty(node.GetProperty <string>("SyncGuid")))
{
nodeList.Add(node);
}
}
catch (Exception ex)
{
AdLog.LogError("Error caching nodes" + Environment.NewLine + "NodeId: " + node.Id + Environment.NewLine + "Node path: " + node.Path);
AdLog.LogException(ex);
throw ex; // rethrow, do not allow adsync to run. if there is something wrong with the syncguid property things can go wrong (content unintentionally deleted, etc.)
}
}
var guidIdList = nodeList.Select(node => new { Guid = node.GetProperty <string>("SyncGuid").ToLower(), ID = node.Id });
return(guidIdList.ToDictionary(a => a.Guid, a => a.ID));
}
private void CreateNewPortalGroup(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
{
try
{
AdLog.LogADObject(string.Format("New portal group - creating under {0}", parentPath), entry.Path);
var newGroup = new Group(Node.LoadNode(parentPath));
UpdatePortalGroupProperties(entry, newGroup, syncTree);
Common.UpdateLastSync(newGroup, guid);
//newGroup.Save(); - update lastsync already saves node
if (_portalGroups != null)
{
if (!_portalGroups.ContainsKey(guid.ToString()))
{
_portalGroups.Add(guid.ToString(), newGroup.Id);
}
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
}
}
private void CreateNewPortalUser(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
{
try
{
AdLog.LogADObject(string.Format("New portal user - creating under {0}", parentPath), entry.Path);
var newUser = new User(Node.LoadNode(parentPath), _config.UserType);
// user actions
UpdatePortalUserProperties(entry, newUser, syncTree);
Common.UpdateLastSync(newUser, guid);
//newUser.Save(); - update lastsync already saves node
if (_portalUsers != null)
{
if (!_portalUsers.ContainsKey(guid.ToString()))
{
_portalUsers.Add(guid.ToString(), newUser.Id);
}
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
}
}
/* ==================================================================================== Static Methods */
// gets directoryentry from AD - no custom account is used and Novell is not supported
public static DirectoryEntry ConnectToADSimple(string ldapPath)
{
var deADConn = new DirectoryEntry(ldapPath);
Exception exADConnectException = null;
bool bError = false;
for (int i = 0; i < 3; i++)
{
try
{
var oNativeObject = deADConn.NativeObject;
bError = false;
break;
}
catch (Exception ex)
{
bError = true;
exADConnectException = ex;
System.Threading.Thread.Sleep(3000);
}
}
if (bError)
{
AdLog.LogException(exADConnectException);
throw new Exception("Connecting to AD server failed", exADConnectException);
}
return(deADConn);
}
public static SearchResultCollection Search(DirectoryEntry searchRoot, string filter, bool novellSupport, string guidProp)
{
// Create a directory searcher
var dsDirSearcher = new DirectorySearcher(searchRoot);
// Set the search filter
dsDirSearcher.Filter = filter;
dsDirSearcher.SizeLimit = 10000;
dsDirSearcher.PageSize = 10000;
// NOVELL - force searcher to retrieve the objects' GUID
// - this is not done by default when connecting to Novell eDirectory
if (novellSupport)
{
dsDirSearcher.PropertiesToLoad.Add(guidProp);
}
// Find the user
try
{
var oResults = dsDirSearcher.FindAll();
return(oResults);
}
catch (Exception e)
{
AdLog.LogException(e);
}
return(null);
}
public static bool IsADCustomAuthenticated(string adPath, string loginPropValue, string pwd, string loginProp, string customADAdminAccountName, string customADAdminAccountPwd)
{
if (string.IsNullOrEmpty(adPath))
{
return(false);
}
DirectoryEntry searchRoot = null;
try
{
searchRoot = new DirectoryEntry(adPath);
searchRoot.AuthenticationType = AuthenticationTypes.None;
if (!string.IsNullOrEmpty(customADAdminAccountName))
{
searchRoot.AuthenticationType = AuthenticationTypes.ServerBind;
searchRoot.Username = customADAdminAccountName;
searchRoot.Password = customADAdminAccountPwd;
}
var objSearch = new DirectorySearcher(searchRoot);
objSearch.SearchScope = SearchScope.Subtree;
objSearch.Filter = string.Format("({0}={1})", loginProp, loginPropValue);
var result = objSearch.FindAll();
if (result.Count != 1)
{
AdLog.LogErrorPortalObject("Could not find corresponding AD user", loginPropValue);
return(false);
}
var userName = result[0].Path.Substring(adPath.Length + 1);
searchRoot.AuthenticationType = AuthenticationTypes.ServerBind;
searchRoot.Username = userName;
searchRoot.Password = pwd;
result = objSearch.FindAll();
if (result.Count != 1)
{
AdLog.LogErrorPortalObject("Could not find corresponding AD user", loginPropValue);
return(false);
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
return(false);
}
finally
{
if (searchRoot != null)
{
searchRoot.Dispose();
}
}
return(true);
}
// gets directoryentry from AD - custom account CAN BE used and Novell IS supported
public static DirectoryEntry ConnectToAD(string ldapPath, string customADAdminAccountName, string customADAdminAccountPwd, bool novellSupport, string guidProp)
{
var deADConn = new DirectoryEntry(ldapPath);
// use custom login to retrieve AD object
if (!string.IsNullOrEmpty(customADAdminAccountName))
{
deADConn.AuthenticationType = AuthenticationTypes.ServerBind;
deADConn.Username = customADAdminAccountName;
deADConn.Password = customADAdminAccountPwd;
}
Exception exADConnectException = null;
bool bError = false;
for (int i = 0; i < 3; i++)
{
try
{
var oNativeObject = deADConn.NativeObject;
bError = false;
break;
}
catch (Exception ex)
{
bError = true;
exADConnectException = ex;
System.Threading.Thread.Sleep(3000);
}
}
if (bError)
{
AdLog.LogException(exADConnectException);
throw new Exception("Connecting to AD server failed", exADConnectException);
}
// NOVELL - use a searcher to retrieve the objects' GUID
// - directoryentry properties does not include guid when connecting to Novell eDirectory
if (novellSupport)
{
var dsDirSearcher = new DirectorySearcher(deADConn);
var dn = ldapPath.Substring(ldapPath.LastIndexOf("/") + 1);
dsDirSearcher.PropertiesToLoad.Add(guidProp);
dsDirSearcher.SearchScope = SearchScope.Base;
var result = dsDirSearcher.FindOne();
var guid = result.Properties[guidProp][0];
deADConn.Properties[guidProp].Add(guid);
}
return(deADConn);
}
// sync objects from AD to portal
private void SyncObjectsFromAD(SyncTree syncTree,
ADObjectType objType,
SearchResultCollection allADObjects,
Action <DirectoryEntry, string, Guid, SyncTree> CreateNewObject,
Action <DirectoryEntry, Node, SyncTree> UpdateProperties)
{
foreach (SearchResult result in allADObjects)
{
try
{
string nodeADpath = result.Path;
if (syncTree.IsADPathExcluded(nodeADpath))
{
continue;
}
AdLog.LogOuterADObject("Syncing", result.Path);
var guid = Common.GetADResultGuid(result, _config.GuidProp);
if (!guid.HasValue)
{
// no AD guid present for object
AdLog.LogErrorADObject("No AD GUID present", result.Path);
continue;
}
// új objektumok (ou, user, group) felvétele, átmozgatások
// - ha létezik az adott guid-ú objektum -> path ellenőrzés, átmozgatás
// - ha nem létezik, létrehozás
string nodePortalParentPath = syncTree.GetPortalParentPath(nodeADpath);
if (!Node.Exists(nodePortalParentPath))
{
// adpath: OU=OtherOrg,OU=ExampleOrg,DC=Nativ,DC=local
// portalParentPath: "/Root/IMS/NATIV/ExampleOrg"
EnsurePortalPath(syncTree, syncTree.GetADParentObjectPath(result.Path), RepositoryPath.GetParentPath(nodePortalParentPath));
}
SyncOneADObject(result, null,
(Guid)guid,
objType,
nodePortalParentPath,
CreateNewObject,
UpdateProperties,
syncTree);
}
catch (Exception ex)
{
// syncing of one object of the current tree failed
AdLog.LogException(ex);
}
}
}
public static void SetPassword(DirectoryEntry adUser, string password)
{
try
{
adUser.Invoke("SetPassword", new Object[] { password });
}
catch (Exception ex)
{
AdLog.LogException(ex);
}
}
public bool AllowMoveADObject(Node node, string newPath)
{
try
{
// get containing synctree for previous and new path
var newParentPath = RepositoryPath.GetParentPath(newPath);
var newSyncTree = GetSyncTreeContainingPortalPath(newParentPath);
var oldParentPath = RepositoryPath.GetParentPath(node.Path);
var oldSyncTree = GetSyncTreeContainingPortalPath(oldParentPath);
if ((newSyncTree == null) && (oldSyncTree == null))
{
// not synced object
return(true);
}
if (newSyncTree == null)
{
// kikerül szinkronizált tartományból, NEM MEGENGEDETT
return(false);
}
if (oldSyncTree == null)
{
// bekerül szinkronizált tartományba, NEM MEGENGEDETT
return(false);
}
// tartománybeli vagy tartományközi moveolás?
if (newSyncTree.PortalPath != oldSyncTree.PortalPath)
{
// más tartományba mozgatjuk
if (newSyncTree.IPAddress != oldSyncTree.IPAddress)
{
// a szerver sem egyezik meg: NEM MEGENGEDETT
return(false);
}
}
return(true);
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
public void UpdateADUser(User user, string newPath, string passwd)
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
try
{
UpdateADObject(user, newPath, passwd, UpdateADUserProperties);
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
public void UpdateADContainer(Node node, string newPath)
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
try
{
UpdateADObject(node, newPath, null, UpdateADContainerProperties);
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
public void CreateNewADContainer(Node node, string newPath)
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
try
{
var parentPath = RepositoryPath.GetParentPath(newPath);
// get containing synctree
var syncTree = GetSyncTreeContainingPortalPath(newPath);
if (syncTree == null)
{
// not synced object
return;
}
AdLog.LogPortalObject("Creating new AD orgunit/group/container", node.Path);
var parentADPath = syncTree.GetADPath(parentPath);
// create new AD object
var adObjType = Common.GetADObjectType(node.NodeType);
switch (adObjType)
{
case ADObjectType.OrgUnit:
CreateADOrgUnit(syncTree, parentADPath, node);
break;
case ADObjectType.Group:
CreateADGroup(syncTree, parentADPath, node);
break;
case ADObjectType.Container:
CreateADContainer(syncTree, parentADPath, node);
break;
default:
break;
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
private void CreateNewPortalDomain(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
{
try
{
AdLog.LogADObject(string.Format("New portal domain - creating under {0}", parentPath), entry.Path);
Domain newNode = new Domain(Node.LoadNode(parentPath));
UpdatePortalDomainProperties(entry, newNode, syncTree);
Common.UpdateLastSync(newNode, guid);
//newNode.Save(); - update lastsync already saves node
}
catch (Exception ex)
{
AdLog.LogException(ex);
}
}
public bool AllowMoveADObject(Node node, string newPath)
{
try
{
// get containing synctree for previous and new path
var newParentPath = RepositoryPath.GetParentPath(newPath);
var newSyncTree = GetSyncTreeContainingPortalPath(newParentPath);
var oldParentPath = RepositoryPath.GetParentPath(node.Path);
var oldSyncTree = GetSyncTreeContainingPortalPath(oldParentPath);
if ((newSyncTree == null) && (oldSyncTree == null))
{
// not synced object
return(true);
}
if (newSyncTree == null)
{
return(false);
}
if (oldSyncTree == null)
{
return(false);
}
if (newSyncTree.PortalPath != oldSyncTree.PortalPath)
{
if (newSyncTree.IPAddress != oldSyncTree.IPAddress)
{
return(false);
}
}
return(true);
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
/* ==================================================================================== VirtualUser helper methods */
public static bool IsADAuthenticated(string adPath, string domain, string username, string pwd, string userNameProp)
{
if (string.IsNullOrEmpty(adPath))
{
return(false);
}
var domainAndUsername = string.Concat(domain, @"\", username);
DirectoryEntry entry = null;
try
{
entry = new DirectoryEntry(adPath, domainAndUsername, pwd);
// Bind to the native AdsObject to force authentication.
var obj = entry.NativeObject;
var search = new DirectorySearcher(entry)
{
Filter = $"({userNameProp}={username})"
};
search.PropertiesToLoad.Add("cn");
var result = search.FindOne();
if (result == null)
{
AdLog.LogErrorPortalObject("Could not find corresponding AD user", string.Concat(domain, "\\", username));
return(false);
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
return(false);
}
finally
{
entry?.Dispose();
}
return(true);
}
// delete portal objects that have no corresponding synchronized objects in AD
private void DeleteObjectsFromAD(SyncTree syncTree,
ADObjectType objType,
SearchResultCollection allADObjects,
Action <Node> DeletePortalObject)
{
try
{
AdLog.LogOuter("Querying all portal objects...");
var portalNodes = GetAllPortalObjects(objType, syncTree);
AdLog.LogOuter("Checking if portal objects exist under synchronized path in AD...");
foreach (Node node in portalNodes)
{
try
{
// check if object exists under synchronized path in AD
var guid = Common.GetPortalObjectGuid(node);
if ((!guid.HasValue) || (!ADObjectPathSynced((Guid)guid, allADObjects, node)))
{
if (!guid.HasValue)
{
AdLog.Log(string.Format("No guid set for portal object: {0} ", node.Path));
}
// deleted from AD or not under synchronized path any more
DeletePortalObject(node);
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
}
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
}
}
private void CreateNewPortalFolder(DirectoryEntry entry, string parentPath, Guid guid, SyncTree syncTree)
{
try
{
AdLog.LogADObject(string.Format("New portal folder - creating under {0}", parentPath), entry.Path);
//Folder newNode = new Folder(Node.LoadNode(parentPath));
//Node newNode = new GenericContent(Node.LoadNode(parentPath), "ADFolder");
var newNode = new ADFolder(Node.LoadNode(parentPath));
UpdatePortalFolderProperties(entry, newNode, syncTree);
Common.UpdateLastSync(newNode, guid);
//newNode.Save(); - update lastsync already saves node
if (!_portalContainers.ContainsKey(guid.ToString()))
{
_portalContainers.Add(guid.ToString(), newNode.Id);
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
}
}
public void DeleteADObject(string nodePath, Guid?guid)
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
try
{
if (!IsSyncedObject(nodePath))
{
return;
}
AdLog.LogPortalObject("Deleting AD object", nodePath);
//var guid = Common.GetPortalObjectGuid(node);
if (guid.HasValue)
{
SyncTreeADObject ADObject = GetADObjectByGuid((Guid)guid);
using (DirectoryEntry entry = ADObject.entry)
{
if (entry != null)
{
// disable users under AD object and move them to specific folder
var deletedPath = ADObject.syncTree.DeletedADObjectsPath;
bool entryDeleted = false;
using (DirectoryEntry deletedParent = ADObject.syncTree.ConnectToObject(deletedPath))
{
using (SearchResultCollection resultColl = ADObject.syncTree.GetUsersUnderADObject(entry))
{
foreach (SearchResult result in resultColl)
{
using (DirectoryEntry userEntry = result.GetDirectoryEntry())
{
var userPath = userEntry.Path;
// disable user and move to deleted folder
if (deletedParent != null)
{
userEntry.MoveTo(deletedParent);
}
else
{
AdLog.LogError("Folder for deleted users could not be found on AD server!");
}
Common.DisableUserAccount(userEntry);
Common.DisableADObjectCustomProperties(userEntry, _propertyMappings, _config.ADNameMaxLength, _config.ADsAMAccountNameMaxLength);
userEntry.CommitChanges();
// ha a parent objektum maga egy user volt, akkor őt később már nem kell törölni
if (entry.Path == userPath)
{
entryDeleted = true;
}
}
}
}
}
// delete remaining entries under this entry including itself (if it has not been deleted yet)
if (!entryDeleted)
{
// double check user containment: if it still contains users, raise an error!
using (SearchResultCollection resultColl = ADObject.syncTree.GetUsersUnderADObject(entry))
{
if (resultColl.Count == 0)
{
entry.DeleteTree();
}
else
{
AdLog.LogErrorADObject("AD container cannot be deleted, it contains users!", entry.Path);
}
}
}
}
else
{
AdLog.LogErrorPortalObject(string.Format("AD object with the given GUID ({0}) does not exist", guid.ToString()), nodePath);
}
}
}
else
{
AdLog.LogErrorPortalObject("Portal node does not have a syncguid", nodePath);
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
throw new Exception(ex.Message, ex);
}
}
/* ==================================================================================== AD -> portal : Main algorithms */
// sync one object
// két helyről hívhatjuk:
// - SyncObjectsFromAD --> innen SearchResult objektumot kapunk
// - SyncObjectsFromAD/EnsurePath --> innen Entryt kapunk
// - utóbbiból helyes működésnél csak létre kell hozni új objektumot, de ha már létezik az objektum, akkor
// moveoljuk, ne keletkezzen két azonos GUID-ú objektum a portálon
private void SyncOneADObject(SearchResult result, DirectoryEntry ADentry,
Guid guid,
ADObjectType objType,
string nodePortalParentPath,
Action <DirectoryEntry, string, Guid, SyncTree> CreateNewObject,
Action <DirectoryEntry, Node, SyncTree> UpdateProperties,
SyncTree syncTree)
{
//bool validResult;
//var node = GetNodeByGuid(guid, objType, out validResult);
Node node = null;
string guidStr = guid.ToString();
switch (objType)
{
case ADObjectType.AllContainers:
node = (_portalContainers.ContainsKey(guidStr)) ? Node.LoadNode(_portalContainers[guidStr]) : null;
break;
case ADObjectType.User:
node = (_portalUsers.ContainsKey(guidStr)) ? Node.LoadNode(_portalUsers[guidStr]) : null;
break;
case ADObjectType.Group:
node = (_portalGroups.ContainsKey(guidStr)) ? Node.LoadNode(_portalGroups[guidStr]) : null;
break;
default:
break;
}
if (node != null)
{
// existing portal object
try
{
bool isNodeSynced = false;
// check path, move object if necessary
if (RepositoryPath.GetParentPath(node.Path) != nodePortalParentPath)
{
AdLog.LogADObject(string.Format("Moving object from {0} to {1}", node.Path, nodePortalParentPath), result.Path);
Node.Move(node.Path, nodePortalParentPath);
// reload node for further processing (set properties)
node = Node.LoadNode(node.Id);
isNodeSynced = true;
}
if (ADentry != null)
{
// ensurepath-ból jön, mindenképp szinkronizáljuk
UpdateProperties(ADentry, node, syncTree);
AdLog.LogADObject(String.Format("Saving synced portal object: {0}", node.Path), ADentry.Path);
Common.UpdateLastSync(node, null);
//node.Save(); - update lastsync already saves node
}
else
{
// syncobjectsből jövünk, csak resultunk van (entrynk nincs)
// set properties and lastsync date - csak akkor szinkronizálunk, ha lastmod > x
// (ha az objektum át lett mozgatva, a lastmod is változik AD-ben)
if (_config.AlwaysSyncObjects || Common.IsPortalObjectInvalid(node, result, _config.NovellSupport))
{
using (var entry = result.GetDirectoryEntry())
{
UpdateProperties(entry, node, syncTree);
isNodeSynced = true;
}
}
if (isNodeSynced)
{
AdLog.LogADObject(String.Format("Saving synced portal object: {0}", node.Path), result.Path);
Common.UpdateLastSync(node, null);
//node.Save(); - update lastsync already saves node
}
}
}
catch (Exception ex)
{
AdLog.LogException(ex);
// log: adott objektum szinkronizálása nem sikerült
if (result != null)
{
AdLog.LogErrorADObject("Syncing of AD object not successful.", result.Path);
}
}
}
else
{
if (ADentry != null)
{
// ensurepath-ból jövünk
CreateNewObject(ADentry, nodePortalParentPath, guid, syncTree);
}
else
{
// syncobjectsből jövünk, csak resultunk van
// new portal object
using (var entry = result.GetDirectoryEntry())
{
CreateNewObject(entry, nodePortalParentPath, guid, syncTree);
}
}
}
}
/* ==================================================================================== AD -> portal : Public methods */
/// <summary>
/// Syncs all objects of all configured sync trees from Active Directory(ies).
/// </summary>
public void SyncFromAD()
{
IUser originalUser = User.Current;
Common.ChangeToAdminAccount();
// init portal objects
AdLog.LogMain("Cacheing portal users...");
_portalUsers = GetAllPortalObjects(ADObjectType.User);
AdLog.LogMain("Cacheing portal groups...");
_portalGroups = GetAllPortalObjects(ADObjectType.Group);
AdLog.LogMain("Cacheing portal containers...");
_portalContainers = GetAllPortalObjects(ADObjectType.AllContainers);
foreach (SyncTree syncTree in _syncTrees)
{
try
{
SyncContainersFromAD(syncTree);
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
foreach (SyncTree syncTree in _syncTrees)
{
try
{
SyncUsersFromAD(syncTree);
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
foreach (SyncTree syncTree in _syncTrees)
{
try
{
if (syncTree.SyncGroups)
{
SyncGroupsFromAD(syncTree);
}
else
{
AdLog.LogMainActivity("Groups under synctree are skipped", syncTree.ADPath, syncTree.PortalPath);
}
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
foreach (SyncTree syncTree in _syncTrees)
{
try
{
DeletePortalUsers(syncTree);
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
foreach (SyncTree syncTree in _syncTrees)
{
try
{
DeletePortalGroups(syncTree);
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
foreach (SyncTree syncTree in _syncTrees)
{
try
{
DeletePortalContainers(syncTree);
}
catch (Exception ex)
{
// syncing of the whole tree failed
AdLog.LogException(ex);
}
}
// dispose synctrees (searchresultcollection objects contained in synctree)
foreach (SyncTree syncTree in _syncTrees)
{
syncTree.Dispose();
}
AdLog.EndLog();
Common.RestoreOriginalUser(originalUser);
}