public static bool IsExistingUser(string identity) { String idOnly = null; String domain = DirectoryServices.GetDomain(identity, out idOnly); return(GetUserPrincipal(idOnly, domain) != null); }
public void SetPropertiesFromGroupPrincipal(GroupPrincipal gp, bool getAccessRules, bool getObjectProperties) { if (gp == null) { return; } SetPropertiesFromPrincipal(gp, getAccessRules); object obj = gp.GetUnderlyingObject(); if (obj.GetType() == typeof(DirectoryEntry) && getObjectProperties) { DirectoryEntry gde = (DirectoryEntry)obj; Properties = DirectoryServices.GetProperties(gde); } GroupScope = gp.GroupScope; IsSecurityGroup = gp.IsSecurityGroup; if (gp.Members?.Count > 0) { Members = new List <PrincipalObject>(); foreach (Principal p in gp.Members) { Members.Add(new PrincipalObject(p)); } } }
public static UserPrincipalObject GetUser(string identity, bool getGroups, bool getAccessRules, bool getObjectProperties) { UserPrincipalObject u = null; try { String idOnly = null; String domain = DirectoryServices.GetDomain(identity, out idOnly); UserPrincipal user = GetUserPrincipal(idOnly, domain); if (user != null) { u = new UserPrincipalObject(user, getAccessRules, getObjectProperties); if (getGroups) { u.GetGroups(); } } } catch (MultipleMatchesException mme) { throw new AdException($"Multiple Users Contain The Identity [{identity}].", mme, AdStatusType.MultipleMatches); } return(u); }
public void SetPropertiesFromPrincipal(Principal p, bool getAccessRules) { _innerPrincipal = p; if (p == null) { return; } ContextType = p.ContextType; Description = p.Description; DisplayName = p.DisplayName; DistinguishedName = p.DistinguishedName; Guid = p.Guid; Name = p.Name; SamAccountName = p.SamAccountName; Sid = p.Sid.Value; StructuralObjectClass = p.StructuralObjectClass; UserPrincipalName = p.UserPrincipalName; if (getAccessRules) { AccessRules = new List <AccessRuleObject>(); AccessRules = DirectoryServices.GetAccessRules(p); } }
public static GroupPrincipalObject GetGroup(string identity, bool getGroups, bool getAccessRules, bool getObjectProperties) { GroupPrincipalObject g = null; try { String idOnly = null; String domain = DirectoryServices.GetDomain(identity, out idOnly); GroupPrincipal group = GetGroupPrincipal(idOnly, domain); if (group != null) { g = new GroupPrincipalObject(group, getAccessRules, getObjectProperties); if (getGroups) { g.GetGroups(); } } } catch (MultipleMatchesException mme) { throw new AdException($"Multiple Groups Contain The Identity [{identity}].", mme, AdStatusType.MultipleMatches); } return(g); }
public static string GetDistinguishedName(string identity) { String idOnly = null; String domain = GetDomain(identity, out idOnly); Principal principal = DirectoryServices.GetPrincipal(idOnly, domain); return(principal?.DistinguishedName); }
public static void SetAccessRule(DirectoryEntry de, String identity, ActiveDirectoryRights rights, AccessControlType type, ActiveDirectorySecurityInheritance inherit = ActiveDirectorySecurityInheritance.None) { Principal principal = DirectoryServices.GetPrincipal(identity); if (principal == null) { throw new AdException($"Principal [{identity}] Can Not Be Found.", AdStatusType.DoesNotExist); } SetAccessRule(de, principal, rights, type, inherit); }
public static void PurgeAccessRules(DirectoryEntry de, String identity) { Principal principal = DirectoryServices.GetPrincipal(identity); if (principal == null) { throw new AdException($"Principal [{identity}] Can Not Be Found.", AdStatusType.DoesNotExist); } PurgeAccessRules(de, principal); }
public static UserPrincipal CreateUserPrincipal(string distinguishedName, string userPrincipalName = null, string samAccountName = null, bool saveOnCreate = true) { String name = distinguishedName; String domain = DirectoryServices.GetDomain(distinguishedName, out name); String path = domain; if (DirectoryServices.IsDistinguishedName(distinguishedName)) { Regex regex = new Regex(@"cn=(.*?),(.*)$", RegexOptions.IgnoreCase); Match match = regex.Match(distinguishedName); if (match.Success) { name = match.Groups[1]?.Value?.Trim(); path = match.Groups[2]?.Value?.Trim(); } domain = DirectoryServices.GetDomain(distinguishedName); } else if (String.IsNullOrWhiteSpace(distinguishedName) || String.IsNullOrWhiteSpace(path)) { throw new AdException("Unable To Create User Principal From Given Input.", AdStatusType.MissingInput); } path = path.Replace("LDAP://", ""); PrincipalContext context = DirectoryServices.GetPrincipalContext(path); UserPrincipal user = new UserPrincipal(context) { Name = name, UserPrincipalName = userPrincipalName ?? $"{name}@{domain}" }; if (samAccountName != null) { if (samAccountName.Length < 20) { user.SamAccountName = samAccountName; } else { throw new AdException($"SamAccountName [{samAccountName}] Is Longer than 20 Characters.", AdStatusType.InvalidAttribute); } } else if (name.Length < 20) { user.SamAccountName = name; } if (saveOnCreate) { SaveUser(user); } return(user); }
public static DirectoryEntry GetDirectoryEntry(string identity, string objectClass = null) { string searchString = null; if (String.IsNullOrWhiteSpace(identity)) { return(null); } identity = identity.Replace("LDAP://", ""); String id = null; String domain = DirectoryServices.GetDomain(identity, out id); if (IsDistinguishedName(id)) { searchString = $"(distinguishedName={id})"; } else if (IsGuid(id)) { searchString = $"(objectGuid={GetGuidSearchBytes(id)})"; } else if (IsSid(id)) { searchString = $"(objectSid={id})"; } else { searchString = $"(|(name={id})(userPrincipalName={id})(sAMAccountName={id}))"; } if (objectClass != null) { searchString = $"(&(objectClass={objectClass}){searchString})"; } List <DirectoryEntry> results = GetDirectoryEntries(searchString, domain); if (results.Count > 1) { throw new AdException($"Multiple Objects Found With Identity [{identity}].", AdStatusType.MultipleMatches); } if (results.Count > 0) { return(results[0]); } else { return(null); } }
public static DirectoryEntry Rename(string identity, string newName) { DirectoryEntry de = GetDirectoryEntry(identity); String distinguishedName = de.Properties["distinguishedName"].Value.ToString(); String prefix = de.Name.Substring(0, de.Name.IndexOf("=")); String parentName = DirectoryServices.GetParentPath(distinguishedName); DirectoryEntry parent = GetDirectoryEntry(parentName); de.MoveTo(parent, $"{prefix}={newName}"); String newPath = parent.Path.Replace("LDAP://", ""); newPath = newPath.Substring(newPath.IndexOf("/") + 1); String newDN = $"{prefix}={newName},{newPath}"; return(GetDirectoryEntry(newDN)); }
public static List <AccessRuleObject> GetAccessRules(DirectoryEntry de) { if (de == null) { throw new AdException($"DirectoryEntry Can Not Be NULL", AdStatusType.MissingInput); } List <AccessRuleObject> accessRules = new List <AccessRuleObject>(); Dictionary <string, Principal> principals = new Dictionary <string, Principal>(); AuthorizationRuleCollection rules = de?.ObjectSecurity?.GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier)); if (rules != null) { foreach (AuthorizationRule rule in rules) { ActiveDirectoryAccessRule accessRule = (ActiveDirectoryAccessRule)rule; AccessRuleObject aro = new AccessRuleObject() { ControlType = accessRule.AccessControlType, Rights = accessRule.ActiveDirectoryRights, IdentityReference = accessRule.IdentityReference.Value, InheritanceFlags = accessRule.InheritanceFlags, IsInherited = accessRule.IsInherited, }; Principal principal = null; if (principals.ContainsKey(aro.IdentityReference)) { principal = principals[aro.IdentityReference]; } else { principal = DirectoryServices.GetPrincipal(aro.IdentityReference); principals.Add(aro.IdentityReference, principal); } aro.IdentityName = principal.Name; accessRules.Add(aro); } } return(accessRules); }
public static List <AccessRuleObject> GetAccessRules(DirectoryEntry de) { if (de == null) { throw new AdException($"DirectoryEntry Can Not Be NULL", AdStatusType.MissingInput); } List <AccessRuleObject> accessRules = new List <AccessRuleObject>(); AuthorizationRuleCollection rules = de?.ObjectSecurity?.GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier)); if (rules != null) { foreach (AuthorizationRule rule in rules) { ActiveDirectoryAccessRule accessRule = (ActiveDirectoryAccessRule)rule; AccessRuleObject aro = new AccessRuleObject() { ControlType = accessRule.AccessControlType, Rights = accessRule.ActiveDirectoryRights, IdentityReference = accessRule.IdentityReference.Value, InheritanceFlags = accessRule.InheritanceFlags, IsInherited = accessRule.IsInherited, }; String identity = aro.IdentityReference; if (DirectoryServices.IsSid(aro.IdentityReference)) { // Get User-Readable Principal Name from Sid System.Security.Principal.SecurityIdentifier sid = (System.Security.Principal.SecurityIdentifier)rule.IdentityReference; System.Security.Principal.NTAccount acct = (System.Security.Principal.NTAccount)sid.Translate(typeof(System.Security.Principal.NTAccount)); identity = acct.Value; } aro.IdentityName = identity; accessRules.Add(aro); } } return(accessRules); }
public static void PurgeAccessRules(Principal target, String identity) { Principal principal = DirectoryServices.GetPrincipal(identity); if (principal == null) { throw new AdException($"Principal [{identity}] Can Not Be Found.", AdStatusType.DoesNotExist); } else if (target == null) { throw new AdException($"Target Principal Can Not Be NULL", AdStatusType.MissingInput); } else if (target.GetUnderlyingObjectType() == typeof(DirectoryEntry)) { PurgeAccessRules((DirectoryEntry)target.GetUnderlyingObject(), principal); } else { throw new AdException($"PurgeAccessRules Not Available For Object Type [{target.GetUnderlyingObjectType()}]", AdStatusType.NotSupported); } }
public static void SetAccessRule(Principal target, String identity, ActiveDirectoryRights rights, AccessControlType type, ActiveDirectorySecurityInheritance inherit = ActiveDirectorySecurityInheritance.None) { Principal principal = DirectoryServices.GetPrincipal(identity); if (principal == null) { throw new AdException($"Principal [{identity}] Can Not Be Found.", AdStatusType.DoesNotExist); } else if (target == null) { throw new AdException($"Target Principal Can Not Be NULL", AdStatusType.MissingInput); } else if (target.GetUnderlyingObjectType() == typeof(DirectoryEntry)) { SetAccessRule((DirectoryEntry)target.GetUnderlyingObject(), principal, rights, type, inherit); } else { throw new AdException($"SetAccessRule Not Available For Object Type [{target.GetUnderlyingObjectType()}]", AdStatusType.NotSupported); } }
public void SetPropertiesFromDirectoryEntry(DirectoryEntry de, bool loadSchema, bool getAccessRules, bool getObjectProperties, bool getParent) { if (de == null) { return; } Guid = de.Guid; Name = de.Name; NativeGuid = de.NativeGuid; if (getParent) { Parent = new DirectoryEntryObject(de.Parent, false, false, false, false); } if (de.Properties != null && getObjectProperties) { Properties = new SerializableDictionary <string, List <string> >(); IDictionaryEnumerator ide = de.Properties.GetEnumerator(); while (ide.MoveNext()) { List <string> propValues = DirectoryServices.GetPropertyValues(ide.Key.ToString(), ide.Value); Properties.Add(ide.Key.ToString(), propValues); } } Path = de.Path; SchemaClassName = de.SchemaClassName; if (loadSchema) { SchemaEntry = new DirectoryEntryObject(de.SchemaEntry, false, false, false); } UsePropertyCache = de.UsePropertyCache; Username = de.Username; if (getAccessRules) { AccessRules = DirectoryServices.GetAccessRules(de); } }
public void SetPropertiesFromUserPrincipal(UserPrincipal up, bool getAccessRules, bool getObjectProperties) { if (up == null) { return; } SetPropertiesFromAuthenticablePrincipal(up, getAccessRules); EmailAddress = up.EmailAddress; EmployeeId = up.EmployeeId; GivenName = up.GivenName; MiddleName = up.MiddleName; Surname = up.Surname; VoiceTelephoneNumber = up.VoiceTelephoneNumber; object obj = up.GetUnderlyingObject(); if (obj.GetType() == typeof(DirectoryEntry) && getObjectProperties) { DirectoryEntry gde = (DirectoryEntry)obj; Properties = DirectoryServices.GetProperties(gde); } }
public static string GetDistinguishedName(string identity) { Principal principal = DirectoryServices.GetPrincipal(identity); return(principal?.DistinguishedName); }