private void RepairTrustHelper(Forest targetForest, TrustDirection direction)
{
string password = TrustHelper.CreateTrustPassword();
string preferredTargetServer = TrustHelper.UpdateTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, password, true);
string str3 = TrustHelper.UpdateTrust(this.context, this.Name, targetForest.Name, password, true);
if ((direction & TrustDirection.Outbound) != ((TrustDirection)0))
{
try
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, true, preferredTargetServer);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
if ((direction & TrustDirection.Inbound) != ((TrustDirection)0))
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, true, str3);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
}
public void CreateTrustRelationship(Forest targetForest, TrustDirection direction)
{
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
if ((direction < TrustDirection.Inbound) || (direction > TrustDirection.Bidirectional))
{
throw new InvalidEnumArgumentException("direction", (int)direction, typeof(TrustDirection));
}
string password = TrustHelper.CreateTrustPassword();
TrustHelper.CreateTrust(this.context, this.Name, targetForest.GetDirectoryContext(), targetForest.Name, true, direction, password);
int num = 0;
if ((direction & TrustDirection.Inbound) != ((TrustDirection)0))
{
num |= 2;
}
if ((direction & TrustDirection.Outbound) != ((TrustDirection)0))
{
num |= 1;
}
TrustHelper.CreateTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.context, this.Name, true, (TrustDirection)num, password);
}
public void CreateTrustRelationship(Forest targetForest, TrustDirection direction)
{
CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException(nameof(targetForest));
}
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
{
throw new InvalidEnumArgumentException(nameof(direction), (int)direction, typeof(TrustDirection));
}
string password = TrustHelper.CreateTrustPassword();
// first create trust on local side
TrustHelper.CreateTrust(_context, Name, targetForest.GetDirectoryContext(), targetForest.Name, true, direction, password);
// then create trust on remote side
int reverseDirection = 0;
if ((direction & TrustDirection.Inbound) != 0)
{
reverseDirection |= (int)TrustDirection.Outbound;
}
if ((direction & TrustDirection.Outbound) != 0)
{
reverseDirection |= (int)TrustDirection.Inbound;
}
TrustHelper.CreateTrust(targetForest.GetDirectoryContext(), targetForest.Name, _context, Name, true, (TrustDirection)reverseDirection, password);
}
public void UpdateTrustRelationship(Forest targetForest, TrustDirection newTrustDirection)
{
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
if ((newTrustDirection < TrustDirection.Inbound) || (newTrustDirection > TrustDirection.Bidirectional))
{
throw new InvalidEnumArgumentException("newTrustDirection", (int)newTrustDirection, typeof(TrustDirection));
}
string password = TrustHelper.CreateTrustPassword();
TrustHelper.UpdateTrustDirection(this.context, this.Name, targetForest.Name, password, true, newTrustDirection);
TrustDirection direction = (TrustDirection)0;
if ((newTrustDirection & TrustDirection.Inbound) != ((TrustDirection)0))
{
direction |= TrustDirection.Outbound;
}
if ((newTrustDirection & TrustDirection.Outbound) != ((TrustDirection)0))
{
direction |= TrustDirection.Inbound;
}
TrustHelper.UpdateTrustDirection(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, password, true, direction);
}
public void VerifyTrustRelationship(Forest targetForest, TrustDirection direction)
{
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
if ((direction < TrustDirection.Inbound) || (direction > TrustDirection.Bidirectional))
{
throw new InvalidEnumArgumentException("direction", (int)direction, typeof(TrustDirection));
}
if ((direction & TrustDirection.Outbound) != ((TrustDirection)0))
{
try
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, false, null);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
if ((direction & TrustDirection.Inbound) != ((TrustDirection)0))
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, false, null);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
}
public void UpdateTrustRelationship(Forest targetForest, TrustDirection newTrustDirection)
{
CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException(nameof(targetForest));
}
if (newTrustDirection < TrustDirection.Inbound || newTrustDirection > TrustDirection.Bidirectional)
{
throw new InvalidEnumArgumentException(nameof(newTrustDirection), (int)newTrustDirection, typeof(TrustDirection));
}
// no we generate trust password
string password = TrustHelper.CreateTrustPassword();
TrustHelper.UpdateTrustDirection(_context, Name, targetForest.Name, password, true /*is forest*/, newTrustDirection);
// then create trust on remote side
TrustDirection reverseDirection = 0;
if ((newTrustDirection & TrustDirection.Inbound) != 0)
{
reverseDirection |= TrustDirection.Outbound;
}
if ((newTrustDirection & TrustDirection.Outbound) != 0)
{
reverseDirection |= TrustDirection.Inbound;
}
TrustHelper.UpdateTrustDirection(targetForest.GetDirectoryContext(), targetForest.Name, Name, password, true /*is forest*/, reverseDirection);
}
public void RepairTrustRelationship(Forest targetForest)
{
TrustDirection bidirectional = TrustDirection.Bidirectional;
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
try
{
bidirectional = this.GetTrustRelationship(targetForest.Name).TrustDirection;
if ((bidirectional & TrustDirection.Outbound) != ((TrustDirection)0))
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, true, null);
}
if ((bidirectional & TrustDirection.Inbound) != ((TrustDirection)0))
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, true, null);
}
}
catch (ActiveDirectoryOperationException)
{
this.RepairTrustHelper(targetForest, bidirectional);
}
catch (UnauthorizedAccessException)
{
this.RepairTrustHelper(targetForest, bidirectional);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, bidirectional }), typeof(ForestTrustRelationshipInformation), null);
}
}
private static DirectoryEntry GetSearchRootEntry(Forest forest)
{
DirectoryContext directoryContext = forest.GetDirectoryContext();
bool flag = false;
bool flag2 = false;
AuthenticationTypes defaultAuthType = Utils.DefaultAuthType;
if (directoryContext.ContextType == DirectoryContextType.DirectoryServer)
{
flag = true;
DirectoryEntry directoryEntry = DirectoryEntryManager.GetDirectoryEntry(directoryContext, WellKnownDN.RootDSE);
string str = (string)PropertyManager.GetPropertyValue(directoryContext, directoryEntry, PropertyManager.IsGlobalCatalogReady);
flag2 = Utils.Compare(str, "TRUE") == 0;
}
if (flag)
{
if (DirectoryContext.ServerBindSupported)
{
defaultAuthType |= AuthenticationTypes.ServerBind;
}
if (flag2)
{
return(new DirectoryEntry("GC://" + directoryContext.GetServerName(), directoryContext.UserName, directoryContext.Password, defaultAuthType));
}
return(new DirectoryEntry("LDAP://" + directoryContext.GetServerName(), directoryContext.UserName, directoryContext.Password, defaultAuthType));
}
return(new DirectoryEntry("GC://" + forest.Name, directoryContext.UserName, directoryContext.Password, defaultAuthType));
}
public void DeleteTrustRelationship(Forest targetForest)
{
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
TrustHelper.DeleteTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true);
TrustHelper.DeleteTrust(this.context, this.Name, targetForest.Name, true);
}
public void DeleteTrustRelationship(Forest targetForest)
{
CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException(nameof(targetForest));
}
// first delete the trust on the remote side
TrustHelper.DeleteTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true);
// then delete the local side trust
TrustHelper.DeleteTrust(_context, Name, targetForest.Name, true);
}
private static DirectoryEntry GetSearchRootEntry(Forest forest)
{
DirectoryEntry rootEntry;
DirectoryContext forestContext = forest.GetDirectoryContext();
bool isServer = false;
bool isGC = false;
AuthenticationTypes authType = Utils.DefaultAuthType;
if (forestContext.ContextType == DirectoryContextType.DirectoryServer)
{
//
// the forest object was created by specifying a server name
// so we will stick to that server for the search. We need to determine
// whether or not the server is a DC or GC
//
isServer = true;
DirectoryEntry rootDSE = DirectoryEntryManager.GetDirectoryEntry(forestContext, WellKnownDN.RootDSE);
string isGCReady = (string)PropertyManager.GetPropertyValue(forestContext, rootDSE, PropertyManager.IsGlobalCatalogReady);
isGC = (Utils.Compare(isGCReady, "TRUE") == 0);
}
if (isServer)
{
if (DirectoryContext.ServerBindSupported)
{
authType |= AuthenticationTypes.ServerBind;
}
if (isGC)
{
rootEntry = new DirectoryEntry("GC://" + forestContext.GetServerName(), forestContext.UserName, forestContext.Password, authType);
}
else
{
rootEntry = new DirectoryEntry("LDAP://" + forestContext.GetServerName(), forestContext.UserName, forestContext.Password, authType);
}
}
else
{
// need to find any GC in the forest
rootEntry = new DirectoryEntry("GC://" + forest.Name, forestContext.UserName, forestContext.Password, authType);
}
return(rootEntry);
}
public void RepairTrustRelationship(Forest targetForest)
{
TrustDirection direction = TrustDirection.Bidirectional;
CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException(nameof(targetForest));
}
// first try to reset the secure channel
try
{
direction = GetTrustRelationship(targetForest.Name).TrustDirection;
// verify outbound trust first
if ((direction & TrustDirection.Outbound) != 0)
{
TrustHelper.VerifyTrust(_context, Name, targetForest.Name, true /*is forest*/, TrustDirection.Outbound, true /*reset secure channel*/, null /* no need to go to specific server*/);
}
// verify inbound trust
if ((direction & TrustDirection.Inbound) != 0)
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true /*is forest*/, TrustDirection.Outbound, true /*reset secure channel*/, null /* no need to go to specific server*/);
}
}
catch (ActiveDirectoryOperationException)
{
RepairTrustHelper(targetForest, direction);
}
catch (UnauthorizedAccessException)
{
RepairTrustHelper(targetForest, direction);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(SR.Format(SR.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
public void VerifyTrustRelationship(Forest targetForest, TrustDirection direction)
{
CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException(nameof(targetForest));
}
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
{
throw new InvalidEnumArgumentException(nameof(direction), (int)direction, typeof(TrustDirection));
}
// verify outbound trust first
if ((direction & TrustDirection.Outbound) != 0)
{
try
{
TrustHelper.VerifyTrust(_context, Name, targetForest.Name, true /*forest*/, TrustDirection.Outbound, false /*just TC verification*/, null /* no need to go to specific server*/);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(SR.Format(SR.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
// verify inbound trust
if ((direction & TrustDirection.Inbound) != 0)
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true /*forest*/, TrustDirection.Outbound, false /*just TC verification*/, null /* no need to go to specific server*/);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(SR.Format(SR.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
}
private static DirectoryEntry GetSearchRootEntry(Forest forest)
{
DirectoryEntry directoryEntry;
DirectoryContext directoryContext = forest.GetDirectoryContext();
bool flag = false;
bool flag1 = false;
AuthenticationTypes defaultAuthType = Utils.DefaultAuthType;
if (directoryContext.ContextType == DirectoryContextType.DirectoryServer)
{
flag = true;
DirectoryEntry directoryEntry1 = DirectoryEntryManager.GetDirectoryEntry(directoryContext, WellKnownDN.RootDSE);
string propertyValue = (string)PropertyManager.GetPropertyValue(directoryContext, directoryEntry1, PropertyManager.IsGlobalCatalogReady);
flag1 = Utils.Compare(propertyValue, "TRUE") == 0;
}
if (!flag)
{
directoryEntry = new DirectoryEntry(string.Concat("GC://", forest.Name), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
else
{
if (DirectoryContext.ServerBindSupported)
{
defaultAuthType = defaultAuthType | AuthenticationTypes.ServerBind;
}
if (!flag1)
{
directoryEntry = new DirectoryEntry(string.Concat("LDAP://", directoryContext.GetServerName()), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
else
{
directoryEntry = new DirectoryEntry(string.Concat("GC://", directoryContext.GetServerName()), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
}
return(directoryEntry);
}
public void CreateTrustRelationship(Forest targetForest, TrustDirection direction)
{
CheckIfDisposed();
if (targetForest == null)
throw new ArgumentNullException("targetForest");
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
throw new InvalidEnumArgumentException("direction", (int)direction, typeof(TrustDirection));
string password = TrustHelper.CreateTrustPassword();
// first create trust on local side
TrustHelper.CreateTrust(_context, Name, targetForest.GetDirectoryContext(), targetForest.Name, true, direction, password);
// then create trust on remote side
int reverseDirection = 0;
if ((direction & TrustDirection.Inbound) != 0)
reverseDirection |= (int)TrustDirection.Outbound;
if ((direction & TrustDirection.Outbound) != 0)
reverseDirection |= (int)TrustDirection.Inbound;
TrustHelper.CreateTrust(targetForest.GetDirectoryContext(), targetForest.Name, _context, Name, true, (TrustDirection)reverseDirection, password);
}
public void UpdateTrustRelationship(Forest targetForest, TrustDirection newTrustDirection)
{
CheckIfDisposed();
if (targetForest == null)
throw new ArgumentNullException("targetForest");
if (newTrustDirection < TrustDirection.Inbound || newTrustDirection > TrustDirection.Bidirectional)
throw new InvalidEnumArgumentException("newTrustDirection", (int)newTrustDirection, typeof(TrustDirection));
// no we generate trust password
string password = TrustHelper.CreateTrustPassword();
TrustHelper.UpdateTrustDirection(_context, Name, targetForest.Name, password, true /*is forest*/, newTrustDirection);
// then create trust on remote side
TrustDirection reverseDirection = 0;
if ((newTrustDirection & TrustDirection.Inbound) != 0)
reverseDirection |= TrustDirection.Outbound;
if ((newTrustDirection & TrustDirection.Outbound) != 0)
reverseDirection |= TrustDirection.Inbound;
TrustHelper.UpdateTrustDirection(targetForest.GetDirectoryContext(), targetForest.Name, Name, password, true /*is forest*/, reverseDirection);
}
private static DirectoryEntry GetSearchRootEntry(Forest forest)
{
DirectoryEntry directoryEntry;
DirectoryContext directoryContext = forest.GetDirectoryContext();
bool flag = false;
bool flag1 = false;
AuthenticationTypes defaultAuthType = Utils.DefaultAuthType;
if (directoryContext.ContextType == DirectoryContextType.DirectoryServer)
{
flag = true;
DirectoryEntry directoryEntry1 = DirectoryEntryManager.GetDirectoryEntry(directoryContext, WellKnownDN.RootDSE);
string propertyValue = (string)PropertyManager.GetPropertyValue(directoryContext, directoryEntry1, PropertyManager.IsGlobalCatalogReady);
flag1 = Utils.Compare(propertyValue, "TRUE") == 0;
}
if (!flag)
{
directoryEntry = new DirectoryEntry(string.Concat("GC://", forest.Name), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
else
{
if (DirectoryContext.ServerBindSupported)
{
defaultAuthType = defaultAuthType | AuthenticationTypes.ServerBind;
}
if (!flag1)
{
directoryEntry = new DirectoryEntry(string.Concat("LDAP://", directoryContext.GetServerName()), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
else
{
directoryEntry = new DirectoryEntry(string.Concat("GC://", directoryContext.GetServerName()), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
}
return directoryEntry;
}
public void VerifyTrustRelationship(Forest targetForest, TrustDirection direction)
{
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
if ((direction < TrustDirection.Inbound) || (direction > TrustDirection.Bidirectional))
{
throw new InvalidEnumArgumentException("direction", (int) direction, typeof(TrustDirection));
}
if ((direction & TrustDirection.Outbound) != ((TrustDirection) 0))
{
try
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, false, null);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
if ((direction & TrustDirection.Inbound) != ((TrustDirection) 0))
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, false, null);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
}
private void RepairTrustHelper(Forest targetForest, TrustDirection direction)
{
string str = TrustHelper.CreateTrustPassword();
string str1 = TrustHelper.UpdateTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, str, true);
string str2 = TrustHelper.UpdateTrust(this.context, this.Name, targetForest.Name, str, true);
if ((direction & TrustDirection.Outbound) != 0)
{
try
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, true, str1);
}
catch (ActiveDirectoryObjectNotFoundException activeDirectoryObjectNotFoundException)
{
object[] name = new object[3];
name[0] = this.Name;
name[1] = targetForest.Name;
name[2] = direction;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", name), typeof(ForestTrustRelationshipInformation), null);
}
}
if ((direction & TrustDirection.Inbound) != 0)
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, true, str2);
}
catch (ActiveDirectoryObjectNotFoundException activeDirectoryObjectNotFoundException1)
{
object[] objArray = new object[3];
objArray[0] = this.Name;
objArray[1] = targetForest.Name;
objArray[2] = direction;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", objArray), typeof(ForestTrustRelationshipInformation), null);
}
}
}
public void RepairTrustRelationship(Forest targetForest)
{
TrustDirection bidirectional = TrustDirection.Bidirectional;
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
try
{
bidirectional = this.GetTrustRelationship(targetForest.Name).TrustDirection;
if ((bidirectional & TrustDirection.Outbound) != ((TrustDirection) 0))
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, true, null);
}
if ((bidirectional & TrustDirection.Inbound) != ((TrustDirection) 0))
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, true, null);
}
}
catch (ActiveDirectoryOperationException)
{
this.RepairTrustHelper(targetForest, bidirectional);
}
catch (UnauthorizedAccessException)
{
this.RepairTrustHelper(targetForest, bidirectional);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, bidirectional }), typeof(ForestTrustRelationshipInformation), null);
}
}
public void DeleteTrustRelationship(Forest targetForest)
{
CheckIfDisposed();
if (targetForest == null)
throw new ArgumentNullException("targetForest");
// first delete the trust on the remote side
TrustHelper.DeleteTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true);
// then delete the local side trust
TrustHelper.DeleteTrust(_context, Name, targetForest.Name, true);
}
public void CreateTrustRelationship(Forest targetForest, TrustDirection direction)
{
this.CheckIfDisposed();
if (targetForest != null)
{
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
{
throw new InvalidEnumArgumentException("direction", (int)direction, typeof(TrustDirection));
}
else
{
string str = TrustHelper.CreateTrustPassword();
TrustHelper.CreateTrust(this.context, this.Name, targetForest.GetDirectoryContext(), targetForest.Name, true, direction, str);
int num = 0;
if ((direction & TrustDirection.Inbound) != 0)
{
num = num | 2;
}
if ((direction & TrustDirection.Outbound) != 0)
{
num = num | 1;
}
TrustHelper.CreateTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.context, this.Name, true, (TrustDirection)num, str);
return;
}
}
else
{
throw new ArgumentNullException("targetForest");
}
}
public void UpdateTrustRelationship(Forest targetForest, TrustDirection newTrustDirection)
{
this.CheckIfDisposed();
if (targetForest != null)
{
if (newTrustDirection < TrustDirection.Inbound || newTrustDirection > TrustDirection.Bidirectional)
{
throw new InvalidEnumArgumentException("newTrustDirection", (int)newTrustDirection, typeof(TrustDirection));
}
else
{
string str = TrustHelper.CreateTrustPassword();
TrustHelper.UpdateTrustDirection(this.context, this.Name, targetForest.Name, str, true, newTrustDirection);
TrustDirection trustDirection = 0;
if ((newTrustDirection & TrustDirection.Inbound) != 0)
{
trustDirection = trustDirection | TrustDirection.Outbound;
}
if ((newTrustDirection & TrustDirection.Outbound) != 0)
{
trustDirection = trustDirection | TrustDirection.Inbound;
}
TrustHelper.UpdateTrustDirection(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, str, true, trustDirection);
return;
}
}
else
{
throw new ArgumentNullException("targetForest");
}
}
private static DirectoryEntry GetSearchRootEntry(Forest forest)
{
DirectoryContext directoryContext = forest.GetDirectoryContext();
bool flag = false;
bool flag2 = false;
AuthenticationTypes defaultAuthType = Utils.DefaultAuthType;
if (directoryContext.ContextType == DirectoryContextType.DirectoryServer)
{
flag = true;
DirectoryEntry directoryEntry = DirectoryEntryManager.GetDirectoryEntry(directoryContext, WellKnownDN.RootDSE);
string str = (string) PropertyManager.GetPropertyValue(directoryContext, directoryEntry, PropertyManager.IsGlobalCatalogReady);
flag2 = Utils.Compare(str, "TRUE") == 0;
}
if (flag)
{
if (DirectoryContext.ServerBindSupported)
{
defaultAuthType |= AuthenticationTypes.ServerBind;
}
if (flag2)
{
return new DirectoryEntry("GC://" + directoryContext.GetServerName(), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
return new DirectoryEntry("LDAP://" + directoryContext.GetServerName(), directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
return new DirectoryEntry("GC://" + forest.Name, directoryContext.UserName, directoryContext.Password, defaultAuthType);
}
public void RepairTrustRelationship(Forest targetForest)
{
TrustDirection direction = TrustDirection.Bidirectional;
CheckIfDisposed();
if (targetForest == null)
throw new ArgumentNullException("targetForest");
// first try to reset the secure channel
try
{
direction = GetTrustRelationship(targetForest.Name).TrustDirection;
// verify outbound trust first
if ((direction & TrustDirection.Outbound) != 0)
{
TrustHelper.VerifyTrust(_context, Name, targetForest.Name, true /*is forest*/, TrustDirection.Outbound, true/*reset secure channel*/, null /* no need to go to specific server*/);
}
// verify inbound trust
if ((direction & TrustDirection.Inbound) != 0)
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true/*is forest*/, TrustDirection.Outbound, true/*reset secure channel*/, null /* no need to go to specific server*/);
}
}
catch (ActiveDirectoryOperationException)
{
RepairTrustHelper(targetForest, direction);
}
catch (UnauthorizedAccessException)
{
RepairTrustHelper(targetForest, direction);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
public void VerifyTrustRelationship(Forest targetForest, TrustDirection direction)
{
CheckIfDisposed();
if (targetForest == null)
throw new ArgumentNullException("targetForest");
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
throw new InvalidEnumArgumentException("direction", (int)direction, typeof(TrustDirection));
// verify outbound trust first
if ((direction & TrustDirection.Outbound) != 0)
{
try
{
TrustHelper.VerifyTrust(_context, Name, targetForest.Name, true/*forest*/, TrustDirection.Outbound, false/*just TC verification*/, null /* no need to go to specific server*/);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
// verify inbound trust
if ((direction & TrustDirection.Inbound) != 0)
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true/*forest*/, TrustDirection.Outbound, false/*just TC verification*/, null /* no need to go to specific server*/);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
}
public void CreateTrustRelationship(Forest targetForest, TrustDirection direction)
{
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
if ((direction < TrustDirection.Inbound) || (direction > TrustDirection.Bidirectional))
{
throw new InvalidEnumArgumentException("direction", (int) direction, typeof(TrustDirection));
}
string password = TrustHelper.CreateTrustPassword();
TrustHelper.CreateTrust(this.context, this.Name, targetForest.GetDirectoryContext(), targetForest.Name, true, direction, password);
int num = 0;
if ((direction & TrustDirection.Inbound) != ((TrustDirection) 0))
{
num |= 2;
}
if ((direction & TrustDirection.Outbound) != ((TrustDirection) 0))
{
num |= 1;
}
TrustHelper.CreateTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.context, this.Name, true, (TrustDirection) num, password);
}
public void UpdateTrustRelationship(Forest targetForest, TrustDirection newTrustDirection)
{
this.CheckIfDisposed();
if (targetForest == null)
{
throw new ArgumentNullException("targetForest");
}
if ((newTrustDirection < TrustDirection.Inbound) || (newTrustDirection > TrustDirection.Bidirectional))
{
throw new InvalidEnumArgumentException("newTrustDirection", (int) newTrustDirection, typeof(TrustDirection));
}
string password = TrustHelper.CreateTrustPassword();
TrustHelper.UpdateTrustDirection(this.context, this.Name, targetForest.Name, password, true, newTrustDirection);
TrustDirection direction = (TrustDirection) 0;
if ((newTrustDirection & TrustDirection.Inbound) != ((TrustDirection) 0))
{
direction |= TrustDirection.Outbound;
}
if ((newTrustDirection & TrustDirection.Outbound) != ((TrustDirection) 0))
{
direction |= TrustDirection.Inbound;
}
TrustHelper.UpdateTrustDirection(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, password, true, direction);
}
public void RepairTrustRelationship(Forest targetForest)
{
TrustDirection trustDirection = TrustDirection.Bidirectional;
this.CheckIfDisposed();
if (targetForest != null)
{
try
{
trustDirection = this.GetTrustRelationship(targetForest.Name).TrustDirection;
if ((trustDirection & TrustDirection.Outbound) != 0)
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, true, null);
}
if ((trustDirection & TrustDirection.Inbound) != 0)
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, true, null);
}
}
catch (ActiveDirectoryOperationException activeDirectoryOperationException)
{
this.RepairTrustHelper(targetForest, trustDirection);
}
catch (UnauthorizedAccessException unauthorizedAccessException)
{
this.RepairTrustHelper(targetForest, trustDirection);
}
catch (ActiveDirectoryObjectNotFoundException activeDirectoryObjectNotFoundException)
{
object[] name = new object[3];
name[0] = this.Name;
name[1] = targetForest.Name;
name[2] = trustDirection;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", name), typeof(ForestTrustRelationshipInformation), null);
}
return;
}
else
{
throw new ArgumentNullException("targetForest");
}
}
private static DirectoryEntry GetSearchRootEntry(Forest forest)
{
DirectoryEntry rootEntry;
DirectoryContext forestContext = forest.GetDirectoryContext();
bool isServer = false;
bool isGC = false;
AuthenticationTypes authType = Utils.DefaultAuthType;
if (forestContext.ContextType == DirectoryContextType.DirectoryServer)
{
//
// the forest object was created by specifying a server name
// so we will stick to that server for the search. We need to determine
// whether or not the server is a DC or GC
//
isServer = true;
DirectoryEntry rootDSE = DirectoryEntryManager.GetDirectoryEntry(forestContext, WellKnownDN.RootDSE);
string isGCReady = (string)PropertyManager.GetPropertyValue(forestContext, rootDSE, PropertyManager.IsGlobalCatalogReady);
isGC = (Utils.Compare(isGCReady, "TRUE") == 0);
}
if (isServer)
{
if (DirectoryContext.ServerBindSupported)
{
authType |= AuthenticationTypes.ServerBind;
}
if (isGC)
{
rootEntry = new DirectoryEntry("GC://" + forestContext.GetServerName(), forestContext.UserName, forestContext.Password, authType);
}
else
{
rootEntry = new DirectoryEntry("LDAP://" + forestContext.GetServerName(), forestContext.UserName, forestContext.Password, authType);
}
}
else
{
// need to find any GC in the forest
rootEntry = new DirectoryEntry("GC://" + forest.Name, forestContext.UserName, forestContext.Password, authType);
}
return rootEntry;
}
public void VerifyTrustRelationship(Forest targetForest, TrustDirection direction)
{
this.CheckIfDisposed();
if (targetForest != null)
{
if (direction < TrustDirection.Inbound || direction > TrustDirection.Bidirectional)
{
throw new InvalidEnumArgumentException("direction", (int)direction, typeof(TrustDirection));
}
else
{
if ((direction & TrustDirection.Outbound) != 0)
{
try
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, false, null);
}
catch (ActiveDirectoryObjectNotFoundException activeDirectoryObjectNotFoundException)
{
object[] name = new object[3];
name[0] = this.Name;
name[1] = targetForest.Name;
name[2] = direction;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", name), typeof(ForestTrustRelationshipInformation), null);
}
}
if ((direction & TrustDirection.Inbound) != 0)
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, false, null);
}
catch (ActiveDirectoryObjectNotFoundException activeDirectoryObjectNotFoundException1)
{
object[] objArray = new object[3];
objArray[0] = this.Name;
objArray[1] = targetForest.Name;
objArray[2] = direction;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", objArray), typeof(ForestTrustRelationshipInformation), null);
}
}
return;
}
}
else
{
throw new ArgumentNullException("targetForest");
}
}
private void RepairTrustHelper(Forest targetForest, TrustDirection direction)
{
string password = TrustHelper.CreateTrustPassword();
string preferredTargetServer = TrustHelper.UpdateTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, password, true);
string str3 = TrustHelper.UpdateTrust(this.context, this.Name, targetForest.Name, password, true);
if ((direction & TrustDirection.Outbound) != ((TrustDirection) 0))
{
try
{
TrustHelper.VerifyTrust(this.context, this.Name, targetForest.Name, true, TrustDirection.Outbound, true, preferredTargetServer);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
if ((direction & TrustDirection.Inbound) != ((TrustDirection) 0))
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true, TrustDirection.Outbound, true, str3);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("WrongTrustDirection", new object[] { this.Name, targetForest.Name, direction }), typeof(ForestTrustRelationshipInformation), null);
}
}
}
public void DeleteTrustRelationship(Forest targetForest)
{
this.CheckIfDisposed();
if (targetForest != null)
{
TrustHelper.DeleteTrust(targetForest.GetDirectoryContext(), targetForest.Name, this.Name, true);
TrustHelper.DeleteTrust(this.context, this.Name, targetForest.Name, true);
return;
}
else
{
throw new ArgumentNullException("targetForest");
}
}
private void RepairTrustHelper(Forest targetForest, TrustDirection direction)
{
// no we try changing trust password on both sides
string password = TrustHelper.CreateTrustPassword();
// first reset trust password on remote side
string targetServerName = TrustHelper.UpdateTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, password, true /*is forest*/);
// then reset trust password on local side
string sourceServerName = TrustHelper.UpdateTrust(_context, Name, targetForest.Name, password, true /*is forest*/);
// last we reset the secure channel again to make sure info is replicated and trust is indeed ready now
// verify outbound trust first
if ((direction & TrustDirection.Outbound) != 0)
{
try
{
TrustHelper.VerifyTrust(_context, Name, targetForest.Name, true /*is forest*/, TrustDirection.Outbound, true/*reset secure channel*/, targetServerName /* need to specify which target server */);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
// verify inbound trust
if ((direction & TrustDirection.Inbound) != 0)
{
try
{
TrustHelper.VerifyTrust(targetForest.GetDirectoryContext(), targetForest.Name, Name, true/*is forest*/, TrustDirection.Outbound, true/*reset secure channel*/, sourceServerName /* need to specify which target server */);
}
catch (ActiveDirectoryObjectNotFoundException)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.WrongTrustDirection, Name, targetForest.Name, direction), typeof(ForestTrustRelationshipInformation), null);
}
}
}