public void ReformatLdif(LdifReader r, LdifWriter w, Encoding passwordEncoding, string defaultPwd, List <string> ignoredAttrs, bool allowMsExchange, Func <string, bool> ignoreIt) { if (!allowMsExchange) { ignoredAttrs.Add("showinaddressbook"); ignoredAttrs.Add("legacyexchangedn"); ignoredAttrs.Add("homemta"); ignoredAttrs.Add("homemdb"); ignoredAttrs.Add("mailnickname"); ignoredAttrs.Add("mdbusedefaults"); ignoredAttrs.Add("publicdelegatesbl"); ignoredAttrs.Add("protocolsettings"); ignoredAttrs.Add("publicdelegates"); ignoredAttrs.Add("deleteditemflags"); ignoredAttrs.Add("mDBStorageQuota".ToLowerInvariant()); ignoredAttrs.Add("mDBOverQuotaLimit".ToLowerInvariant()); ignoredAttrs.Add("garbageCollPeriod".ToLowerInvariant()); ignoredAttrs.Add("mDBOverHardQuotaLimit".ToLowerInvariant()); ignoredAttrs.Add("altrecipient"); ignoredAttrs.Add("deliverandredirect"); ignoredAttrs.Add("securityprotocol"); ignoredAttrs.Add("reporttooriginator"); ignoredAttrs.Add("reporttoowner"); ignoredAttrs.Add("oOFReplyToOriginator".ToLowerInvariant()); ignoredAttrs.Add("mapirecipient"); ignoredAttrs.Add("internetencoding"); ignoredAttrs.Add("targetaddress"); ignoredAttrs.Add("altrecipientbl"); ignoredAttrs.Add("delivcontlength"); ignoredAttrs.Add("submissioncontlength"); } bool ignored = false, hasPw = false; int pwdScore = 0; string thisDn = null; r.OnBeginEntry += (s, a) => { thisDn = a.DistinguishedName; hasPw = false; if (ignoreIt != null && ignoreIt.Invoke(a.DistinguishedName)) { ignored = true; } // Ignore domain trusts / special accounts // This part could use some rethinking. else if (a.DistinguishedName.Contains("$,CN=Users,") || a.DistinguishedName.Contains("krbtgt") || a.DistinguishedName.Contains("ForeignSecurityP")) { ignored = true; } else if (!allowMsExchange && a.DistinguishedName.Contains("Exchange System")) { ignored = true; } else { ignored = false; w.BeginEntry(a.DistinguishedName); } }; r.OnEndEntry += (s, a) => { if (!ignored) { if (pwdScore > 1 && !hasPw) { w.WriteAttr("unicodePwd", passwordEncoding.GetBytes( string.Format("\"{0}\"", defaultPwd)) ); } w.EndEntry(); } pwdScore = 0; }; r.OnAttributeValue += (s, a) => { if (!ignored) { if (a.Name == "unicodePwd") { hasPw = true; } else if (a.Name == "objectCategory" && ((string)a.Value).StartsWith("CN=Person")) { pwdScore++; } else if (a.Name == "objectClass" && "user".Equals(a.Value)) { pwdScore++; } if (string.Equals(a.Name, "objectSID", StringComparison.InvariantCultureIgnoreCase)) { if (thisDn.IndexOf("ForeignSecurity", StringComparison.InvariantCultureIgnoreCase) > 0) { if (a.Value is byte[]) { System.Security.Principal.SecurityIdentifier sid = new System.Security.Principal.SecurityIdentifier((byte[])a.Value, 0); w.WriteAttr(a.Name, sid.ToString()); } else if (a.Value is string) { w.WriteAttr(a.Name, (string)a.Value); } } } else { if (a.Value != null && !ignoredAttrs.Contains(a.Name.ToLowerInvariant())) { if (allowMsExchange || (!a.Name.StartsWith("msExch", StringComparison.InvariantCultureIgnoreCase) && !a.Name.StartsWith("extensionAttribute"))) { if (a.Value is string) { w.WriteAttr(a.Name, (string)a.Value); } else if (a.Value is byte[]) { w.WriteAttr(a.Name, (byte[])a.Value); } else { Console.Error.WriteLine("Warn: type of {0} is {1}", a.Name, a.Value.GetType()); w.WriteAttr(a.Name, Convert.ToString(a.Value)); } } } } } }; while (r.Read()) { // Keep reading } w.Close(); }
static void Main(string[] args) { try { AuthType auth = AuthType.Negotiate; string server = null, searchBase = null, filter = null, user = null, pass = null, domain = null, fileOut = null; int maxcount = 0; bool ssl = false; string[] attrs = null; // Parse arguments for (int i = 0; i < args.Length; i++) { switch (args[i]) { case "-s": case "-h": server = args[++i]; break; case "-o": fileOut = args[++i]; break; case "-b": searchBase = args[++i]; break; case "-f": case "-r": filter = args[++i]; break; case "-l": attrs = args[++i].Split(',', ' '); break; case "-m": maxcount = int.Parse(args[++i]); break; case "-anon": auth = AuthType.Anonymous; break; case "-x": auth = AuthType.Basic; break; case "-a": auth = (AuthType)Enum.Parse(typeof(AuthType), args[++i]); break; case "-D": case "-u": user = args[++i]; break; case "-w": case "-p": pass = args[++i]; break; case "-d": domain = args[++i]; break; case "-ssl": ssl = true; break; default: Console.Error.WriteLine("Unexpected argument: {0}", args[i]); break; } } if (args.Length == 0 || args[0].IndexOf('?') > -1 || string.IsNullOrEmpty(server) || string.IsNullOrEmpty(filter)) { ShowUsage(); return; } using (var conn = new LdapConnection(server)) { conn.SessionOptions.ProtocolVersion = 3; conn.SessionOptions.SecureSocketLayer = ssl; conn.AuthType = auth; if (!string.IsNullOrEmpty(user)) { conn.Credential = string.IsNullOrEmpty(domain) ? new System.Net.NetworkCredential(user, pass) : new System.Net.NetworkCredential(user, pass, domain); } conn.AutoBind = false; conn.Bind(); var pager = new PagingHelper() { Connection = conn, Attrs = attrs, Filter = filter, DistinguishedName = searchBase, SizeLimit = maxcount }; LdifWriter ldif = !string.IsNullOrEmpty(fileOut) ? new LdifWriter(fileOut) : new LdifWriter(System.Console.Out); ldif.WriteSummary = false; using (ldif) { foreach (var entry in pager.GetResults()) { ldif.BeginEntry(entry.DistinguishedName); foreach (DirectoryAttribute attr in entry.Attributes.Values) { if (attr.Count == 0) { Console.Error.WriteLine("Attribute {0} contains no values; possible ranged attr", attr.Name); continue; } try { foreach (string s in attr.GetValues(typeof(string))) { ldif.WriteAttr(attr.Name, s); } } catch { foreach (byte[] bytes in attr.GetValues(typeof(byte[]))) { ldif.WriteAttr(attr.Name, bytes); } } } ldif.EndEntry(); } ldif.Close(); } } } catch (Exception e) { Console.Error.WriteLine("Error type {0}, message {1}: {2}", e.GetType(), e.Message, e.StackTrace); System.Environment.ExitCode = 1; } }
public void ReformatLdif(LdifReader r, LdifWriter w, Encoding passwordEncoding, string defaultPwd, List<string> ignoredAttrs, bool allowMsExchange, Func<string, bool> ignoreIt) { if (!allowMsExchange) { ignoredAttrs.Add("showinaddressbook"); ignoredAttrs.Add("legacyexchangedn"); ignoredAttrs.Add("homemta"); ignoredAttrs.Add("homemdb"); ignoredAttrs.Add("mailnickname"); ignoredAttrs.Add("mdbusedefaults"); ignoredAttrs.Add("publicdelegatesbl"); ignoredAttrs.Add("protocolsettings"); ignoredAttrs.Add("publicdelegates"); ignoredAttrs.Add("deleteditemflags"); ignoredAttrs.Add("mDBStorageQuota".ToLowerInvariant()); ignoredAttrs.Add("mDBOverQuotaLimit".ToLowerInvariant()); ignoredAttrs.Add("garbageCollPeriod".ToLowerInvariant()); ignoredAttrs.Add("mDBOverHardQuotaLimit".ToLowerInvariant()); ignoredAttrs.Add("altrecipient"); ignoredAttrs.Add("deliverandredirect"); ignoredAttrs.Add("securityprotocol"); ignoredAttrs.Add("reporttooriginator"); ignoredAttrs.Add("reporttoowner"); ignoredAttrs.Add("oOFReplyToOriginator".ToLowerInvariant()); ignoredAttrs.Add("mapirecipient"); ignoredAttrs.Add("internetencoding"); ignoredAttrs.Add("targetaddress"); ignoredAttrs.Add("altrecipientbl"); ignoredAttrs.Add("delivcontlength"); ignoredAttrs.Add("submissioncontlength"); } bool ignored = false, hasPw = false; int pwdScore = 0; string thisDn = null; r.OnBeginEntry += (s, a) => { thisDn = a.DistinguishedName; hasPw = false; if (ignoreIt != null && ignoreIt.Invoke(a.DistinguishedName)) { ignored = true; } // Ignore domain trusts / special accounts // This part could use some rethinking. else if (a.DistinguishedName.Contains("$,CN=Users,") || a.DistinguishedName.Contains("krbtgt") || a.DistinguishedName.Contains("ForeignSecurityP")) { ignored = true; } else if (!allowMsExchange && a.DistinguishedName.Contains("Exchange System")) { ignored = true; } else { ignored = false; w.BeginEntry(a.DistinguishedName); } }; r.OnEndEntry += (s, a) => { if (!ignored) { if (pwdScore > 1 && !hasPw) w.WriteAttr("unicodePwd", passwordEncoding.GetBytes( string.Format("\"{0}\"", defaultPwd)) ); w.EndEntry(); } pwdScore = 0; }; r.OnAttributeValue += (s, a) => { if (!ignored) { if (a.Name == "unicodePwd") hasPw = true; else if (a.Name == "objectCategory" && ((string)a.Value).StartsWith("CN=Person")) pwdScore++; else if (a.Name == "objectClass" && "user".Equals(a.Value)) pwdScore++; if (string.Equals(a.Name, "objectSID", StringComparison.InvariantCultureIgnoreCase)) { if (thisDn.IndexOf("ForeignSecurity", StringComparison.InvariantCultureIgnoreCase) > 0) { if (a.Value is byte[]) { System.Security.Principal.SecurityIdentifier sid = new System.Security.Principal.SecurityIdentifier((byte[])a.Value, 0); w.WriteAttr(a.Name, sid.ToString()); } else if (a.Value is string) { w.WriteAttr(a.Name, (string)a.Value); } } } else { if (a.Value != null && !ignoredAttrs.Contains(a.Name.ToLowerInvariant())) { if (allowMsExchange || (!a.Name.StartsWith("msExch", StringComparison.InvariantCultureIgnoreCase) && !a.Name.StartsWith("extensionAttribute"))) { if (a.Value is string) { w.WriteAttr(a.Name, (string)a.Value); } else if (a.Value is byte[]) { w.WriteAttr(a.Name, (byte[])a.Value); } else { Console.Error.WriteLine("Warn: type of {0} is {1}", a.Name, a.Value.GetType()); w.WriteAttr(a.Name, Convert.ToString(a.Value)); } } } } } }; while (r.Read()) { // Keep reading } w.Close(); }