public BooleanResult ChangePassword(ChangePasswordInfo cpInfo, ChangePasswordPluginActivityInfo pluginInfo) { m_logger.Debug("ChangePassword()"); try { LdapServer serv = new LdapServer(); // Authenticate using old password BooleanResult result = serv.Authenticate(cpInfo.Username, cpInfo.OldPassword); if (!result.Success) { return(new BooleanResult { Success = false, Message = "Password change failed: Invalid LDAP username or password." }); } // Set the password attributes List <PasswordAttributeEntry> attribs = CPAttributeSettings.Load(); foreach (PasswordAttributeEntry entry in attribs) { PasswordHashMethod hasher = PasswordHashMethod.methods[entry.Method]; m_logger.DebugFormat("Setting attribute {0} using hash method {1}", entry.Name, hasher.Name); serv.SetUserAttribute(cpInfo.Username, entry.Name, hasher.hash(cpInfo.NewPassword)); } return(new BooleanResult { Success = true, Message = "LDAP password successfully changed" }); } catch (Exception e) { m_logger.ErrorFormat("Exception in ChangePassword: {0}", e); return(new BooleanResult() { Success = false, Message = "Error in LDAP plugin." }); } }
private void LoadSettings() { string[] ldapHosts = Settings.Store.LdapHost; string hosts = ""; for (int i = 0; i < ldapHosts.Count(); i++) { string host = ldapHosts[i]; if (i < ldapHosts.Count() - 1) { hosts += host + " "; } else { hosts += host; } } ldapHostTextBox.Text = hosts; int port = Settings.Store.LdapPort; ldapPortTextBox.Text = Convert.ToString(port); int timeout = Settings.Store.LdapTimeout; timeoutTextBox.Text = Convert.ToString(timeout); bool useSsl = Settings.Store.UseSsl; useSslCheckBox.CheckState = useSsl ? CheckState.Checked : CheckState.Unchecked; bool useTls = Settings.Store.UseTls; useTlsCheckBox.CheckState = useTls ? CheckState.Checked : CheckState.Unchecked; bool reqCert = Settings.Store.RequireCert; validateServerCertCheckBox.CheckState = reqCert ? CheckState.Checked : CheckState.Unchecked; string serverCertFile = Settings.Store.ServerCertFile; sslCertFileTextBox.Text = serverCertFile; string searchDn = Settings.Store.SearchDN; searchDnTextBox.Text = searchDn; string searchPw = Settings.Store.GetEncryptedSetting("SearchPW"); searchPassTextBox.Text = searchPw; // Authentication tab bool allowEmpty = Settings.Store.AllowEmptyPasswords; this.allowEmptyPwCB.Checked = allowEmpty; string dnPattern = Settings.Store.DnPattern; dnPatternTextBox.Text = dnPattern; bool doSearch = Settings.Store.DoSearch; searchForDnCheckBox.CheckState = doSearch ? CheckState.Checked : CheckState.Unchecked; string filter = Settings.Store.SearchFilter; searchFilterTextBox.Text = filter; bool useAuth = Settings.Store.UseAuthBindForAuthzAndGateway; useAuthBindForAuthzAndGatewayCb.Checked = useAuth; string[] searchContexts = Settings.Store.SearchContexts; string ctxs = ""; for (int i = 0; i < searchContexts.Count(); i++) { string ctx = searchContexts[i]; if (i < searchContexts.Count() - 1) { ctxs += ctx + "\r\n"; } else { ctxs += ctx; } } searchContextsTextBox.Text = ctxs; // AttribConverter Grid string[] AttribConv = Settings.Store.AttribConv; Column1.DataSource = AttribConvert.Attribs.ToArray(); dataGridView1.ColumnCount = 2; for (int x = 0; x < AttribConv.Count(); x++) { string[] split = AttribConv[x].Split('\t'); if (split.Count() == 2) { split[0] = split[0].Trim(); split[1] = split[1].Trim(); if (!String.IsNullOrEmpty(split[0]) && !String.IsNullOrEmpty(split[1])) { if (AttribConvert.Attribs.Contains(split[0])) //if (Array.Exists(WinValues(), element => element == split[0])) { int index = AttribConvert.Attribs.IndexOf(split[0]); //int index = Array.FindIndex(WinValues(), item => item == split[0]); DataGridViewRow row = new DataGridViewRow(); DataGridViewComboBoxCell CellSample = new DataGridViewComboBoxCell(); CellSample.DataSource = AttribConvert.Attribs.ToArray(); // list of the string items that I want to insert in ComboBox. CellSample.Value = AttribConvert.Attribs[index]; // default value for the ComboBox row.Cells.Add(CellSample); row.Cells.Add(new DataGridViewTextBoxCell() { Value = split[1] }); dataGridView1.Rows.Add(row); } } } } /////////////// Authorization tab ///////////////// this.authzRuleMemberComboBox.SelectedIndex = 0; this.authzRuleActionComboBox.SelectedIndex = 0; this.authzRuleScope.SelectedIndex = 0; this.authzDefaultAllowRB.Checked = Settings.Store.AuthzDefault; this.authzDefaultDenyRB.Checked = !(bool)Settings.Store.AuthzDefault; this.authzRequireAuthCB.Checked = Settings.Store.AuthzRequireAuth; this.authzAllowOnErrorCB.Checked = Settings.Store.AuthzAllowOnError; List <GroupAuthzRule> lst = GroupRuleLoader.GetAuthzRules(); foreach (GroupAuthzRule rule in lst) { this.authzRulesListBox.Items.Add(rule); } ///////////////// Gateway tab ///////////////// this.gatewayRuleGroupMemberCB.SelectedIndex = 0; this.gatewayRuleScope.SelectedIndex = 0; List <GroupGatewayRule> gwLst = GroupRuleLoader.GetGatewayRules(); foreach (GroupGatewayRule rule in gwLst) { this.gatewayRulesListBox.Items.Add(rule); } ////////////// Change Password tab /////////////// List <AttributeEntry> attribs = CPAttributeSettings.Load(); foreach (AttributeEntry entry in attribs) { this.passwordAttributesDGV.Rows.Add(entry.Name, entry.Method); } }
private void StoreSettings() { Settings.Store.LdapHost = Regex.Split(ldapHostTextBox.Text.Trim(), @"\s+"); Settings.Store.LdapPort = Convert.ToInt32(ldapPortTextBox.Text.Trim()); Settings.Store.LdapTimeout = Convert.ToInt32(timeoutTextBox.Text.Trim()); Settings.Store.UseSsl = (useSslCheckBox.CheckState == CheckState.Checked); Settings.Store.UseTls = (useTlsCheckBox.CheckState == CheckState.Checked); Settings.Store.RequireCert = (validateServerCertCheckBox.CheckState == CheckState.Checked); Settings.Store.ServerCertFile = sslCertFileTextBox.Text.Trim(); Settings.Store.UseAuthBindForAuthzAndGateway = (useAuthBindForAuthzAndGatewayCb.CheckState == CheckState.Checked); Settings.Store.SearchDN = searchDnTextBox.Text.Trim(); Settings.Store.SetEncryptedSetting("SearchPW", searchPassTextBox.Text); // Authentication Settings.Store.AllowEmptyPasswords = this.allowEmptyPwCB.Checked; Settings.Store.DnPattern = dnPatternTextBox.Text.Trim(); Settings.Store.DoSearch = (searchForDnCheckBox.CheckState == CheckState.Checked); Settings.Store.SearchFilter = searchFilterTextBox.Text.Trim(); Settings.Store.SearchContexts = Regex.Split(searchContextsTextBox.Text.Trim(), @"\s*\r?\n\s*"); Settings.Store.AuthzDefault = this.authzDefaultAllowRB.Checked; List <string> AttribConv = new List <string>(); foreach (DataGridViewRow row in dataGridView1.Rows) { if (row.Cells[0].Value != null && row.Cells[1].Value != null) { AttribConv.Add(row.Cells[0].Value.ToString() + "\t" + row.Cells[1].Value.ToString().Trim()); } } if (AttribConv.Count > 0) { Settings.Store.AttribConv = AttribConv.ToArray(); } else { Settings.Store.AttribConv = new string[] { } }; // Authorization Settings.Store.AuthzRequireAuth = this.authzRequireAuthCB.Checked; Settings.Store.AuthzAllowOnError = this.authzAllowOnErrorCB.Checked; Settings.Store.AuthzDefault = this.authzDefaultAllowRB.Checked; List <GroupAuthzRule> lst = new List <GroupAuthzRule>(); foreach (Object item in this.authzRulesListBox.Items) { lst.Add(item as GroupAuthzRule); m_logger.DebugFormat("Saving rule: {0}", item); } string SaveAuthzRules_ret = GroupRuleLoader.SaveAuthzRules(lst); if (!string.IsNullOrEmpty(SaveAuthzRules_ret)) { MessageBox.Show("There was an error in saving your authorization rules.\n" + SaveAuthzRules_ret); } // Gateway List <GroupGatewayRule> gwList = new List <GroupGatewayRule>(); foreach (Object item in this.gatewayRulesListBox.Items) { gwList.Add(item as GroupGatewayRule); m_logger.DebugFormat("Saving rule: {0}", item); } string SaveGatewayRules_ret = GroupRuleLoader.SaveGatewayRules(gwList); if (!string.IsNullOrEmpty(SaveGatewayRules_ret)) { MessageBox.Show("There was an error in saving your gateway rules.\n" + SaveGatewayRules_ret); } // Change Password List <AttributeEntry> entries = new List <AttributeEntry>(); foreach (DataGridViewRow row in this.passwordAttributesDGV.Rows) { if (row.Cells[0].Value != null && row.Cells[1].Value != null) { string attribName = row.Cells[0].Value.ToString(); if (!string.IsNullOrEmpty(attribName)) { AttributeEntry entry = new AttributeEntry { Name = attribName, Method = (Methods)(row.Cells[1].Value) }; entries.Add(entry); } } } CPAttributeSettings.Save(entries); }
public BooleanResult ChangePassword(SessionProperties properties, ChangePasswordPluginActivityInfo pluginInfo) { ////m_logger.Debug("ChangePassword()"); UserInformation userInfo = properties.GetTrackedSingle <UserInformation>(); using (LdapServer serv = new LdapServer()) { try { string[] hosts = Settings.Store.LdapHost; // Authenticate using old password BooleanResult result = serv.Authenticate(userInfo.Username, userInfo.oldPassword, properties); if (!result.Success) { return(new BooleanResult { Success = false, Message = "Password change failed: Invalid LDAP username or password." }); } // Set the password attributes List <AttributeEntry> attribs = CPAttributeSettings.Load(); foreach (AttributeEntry entry in attribs) { if (entry.Method.HasFlag(Methods.ADPWD)) { foreach (string server in hosts) { if (Abstractions.WindowsApi.pInvokes.UserChangePassword(server, userInfo.Username, userInfo.oldPassword, userInfo.Password) == "") { break; } } continue; } if (entry.Method.HasFlag(Methods.Timestamps) || entry.Method.HasFlag(Methods.Timestampd) || entry.Method.HasFlag(Methods.Timestampt)) { TimeMethod time = TimeMethod.methods[entry.Method]; ////m_logger.DebugFormat("Setting attribute {0} using method {1}", entry.Name, time.Name); if (!serv.SetUserAttribute(userInfo.Username, entry.Name, time.time())) { return new BooleanResult { Success = false, Message = "LDAPplugin failed by setting an attribute\nFor more details please consult the log!" } } ; } else { AttribMethod hasher = AttribMethod.methods[entry.Method]; ////m_logger.DebugFormat("Setting attribute {0} using method {1}", entry.Name, hasher.Name); if (!serv.SetUserAttribute(userInfo.Username, entry.Name, hasher.hash(userInfo.Password))) { return new BooleanResult { Success = false, Message = "LDAPplugin failed by setting an attribute\nFor more details please consult the log!" } } ; } } return(new BooleanResult { Success = true, Message = "LDAP password successfully changed" }); } catch (Exception e) { ////m_logger.ErrorFormat("Exception in ChangePassword: {0}", e); return(new BooleanResult() { Success = false, Message = "Error in LDAP plugin." }); } } }
private void StoreSettings() { Settings.Store.LdapHost = Regex.Split(ldapHostTextBox.Text.Trim(), @"\s+"); Settings.Store.LdapPort = Convert.ToInt32(ldapPortTextBox.Text.Trim()); Settings.Store.LdapTimeout = Convert.ToInt32(timeoutTextBox.Text.Trim()); Settings.Store.EncryptionMethod = (int)(GetEncryptionMethodSelection()); Settings.Store.RequireCert = (validateServerCertCheckBox.CheckState == CheckState.Checked); Settings.Store.ServerCertFile = sslCertFileTextBox.Text.Trim(); Settings.Store.SearchDN = searchDnTextBox.Text.Trim(); Settings.Store.SetEncryptedSetting("SearchPW", searchPassTextBox.Text); Settings.Store.GroupDnPattern = this.groupDNPattern.Text.Trim(); Settings.Store.GroupMemberAttrib = this.groupMemberAttrTB.Text.Trim(); Settings.Store.GroupGidAttrib = this.groupGidAttr.Text.Trim(); Settings.Store.GroupGidAttribIU = this.groupGidAttrIU.Text.Trim(); Settings.Store.Dereference = this.DereferenceComboBox.SelectedIndex; Settings.Store.UseAuthBindForAuthzAndGateway = this.m_useAuthBindForAuthzAndGatewayCb.Checked; // Authentication Settings.Store.AllowEmptyPasswords = this.allowEmptyPwCB.Checked; Settings.Store.DnPattern = dnPatternTextBox.Text.Trim(); Settings.Store.DoSearch = (searchForDnCheckBox.CheckState == CheckState.Checked); Settings.Store.SearchFilter = searchFilterTextBox.Text.Trim(); Settings.Store.SearchContexts = Regex.Split(searchContextsTextBox.Text.Trim(), @"\s*\r?\n\s*"); // Authorization Settings.Store.AuthzRequireAuth = this.authzRequireAuthCB.Checked; Settings.Store.AuthzAllowOnError = this.authzAllowOnErrorCB.Checked; Settings.Store.AuthzApplyToAllUsers = this.authzApplyToAllUsersCB.Checked; List <GroupAuthzRule> lst = new List <GroupAuthzRule>(); foreach (Object item in this.authzRulesListBox.Items) { lst.Add(item as GroupAuthzRule); m_logger.DebugFormat("Saving rule: {0}", item); } // Add the default as the last rule in the list lst.Add(new GroupAuthzRule(this.authzDefaultAllowRB.Checked)); GroupRuleLoader.SaveAuthzRules(lst); // Gateway List <GroupGatewayRule> gwList = new List <GroupGatewayRule>(); foreach (Object item in this.gatewayRulesListBox.Items) { gwList.Add(item as GroupGatewayRule); m_logger.DebugFormat("Saving rule: {0}", item); } GroupRuleLoader.SaveGatewayRules(gwList); // Change Password List <PasswordAttributeEntry> entries = new List <PasswordAttributeEntry>(); foreach (DataGridViewRow row in this.passwordAttributesDGV.Rows) { if (row.Cells[0].Value != null && row.Cells[1].Value != null) { string attribName = row.Cells[0].Value.ToString(); if (!string.IsNullOrEmpty(attribName)) { PasswordAttributeEntry entry = new PasswordAttributeEntry { Name = attribName, Method = (HashMethod)(row.Cells[1].Value) }; entries.Add(entry); } } } CPAttributeSettings.Save(entries); // Login Script SFTP Settings.Store.SFTPServerURL = txt_script_serverurl.Text; Settings.Store.SFTPUser = txt_script_user.Text; Settings.Store.SFTPPassword = txt_script_password.Text; Settings.Store.SFTPFingerprint = txt_script_fingerprint.Text; Settings.Store.SFTPScriptPath = txt_script_path.Text; Settings.Store.SFTPScriptPath2 = txt_script_path_2.Text; Settings.Store.SFTPGroupListPath = txt_script_group_list_path.Text; Settings.Store.CMDLoginScript = txt_script_cmd_login.Text; Settings.Store.CMDLogoffScript = txt_script_cmd_logoff.Text; }
private void LoadSettings() { string[] ldapHosts = Settings.Store.LdapHost; string hosts = ""; for (int i = 0; i < ldapHosts.Count(); i++) { string host = ldapHosts[i]; if (i < ldapHosts.Count() - 1) { hosts += host + " "; } else { hosts += host; } } ldapHostTextBox.Text = hosts; int port = Settings.Store.LdapPort; ldapPortTextBox.Text = Convert.ToString(port); int timeout = Settings.Store.LdapTimeout; timeoutTextBox.Text = Convert.ToString(timeout); int encryptionMethod = Settings.Store.EncryptionMethod; m_encryptionMethodCb.SelectedIndex = encryptionMethod; bool reqCert = Settings.Store.RequireCert; validateServerCertCheckBox.CheckState = reqCert ? CheckState.Checked : CheckState.Unchecked; string serverCertFile = Settings.Store.ServerCertFile; sslCertFileTextBox.Text = serverCertFile; string searchDn = Settings.Store.SearchDN; searchDnTextBox.Text = searchDn; string searchPw = Settings.Store.GetEncryptedSetting("SearchPW"); searchPassTextBox.Text = searchPw; string grpDnPattern = Settings.Store.GroupDnPattern; this.groupDNPattern.Text = grpDnPattern; string grpMemberAttrib = Settings.Store.GroupMemberAttrib; this.groupMemberAttrTB.Text = grpMemberAttrib; string GroupGidAttrib = Settings.Store.GroupGidAttrib; this.groupGidAttr.Text = GroupGidAttrib; string GroupGidAttribIU = Settings.Store.GroupGidAttribIU; this.groupGidAttrIU.Text = GroupGidAttribIU; int derefValue = Settings.Store.Dereference; this.DereferenceComboBox.SelectedIndex = derefValue; // Authentication tab bool allowEmpty = Settings.Store.AllowEmptyPasswords; this.allowEmptyPwCB.Checked = allowEmpty; string dnPattern = Settings.Store.DnPattern; dnPatternTextBox.Text = dnPattern; bool doSearch = Settings.Store.DoSearch; searchForDnCheckBox.CheckState = doSearch ? CheckState.Checked : CheckState.Unchecked; string filter = Settings.Store.SearchFilter; searchFilterTextBox.Text = filter; bool useAuth = Settings.Store.UseAuthBindForAuthzAndGateway; m_useAuthBindForAuthzAndGatewayCb.Checked = useAuth; string[] searchContexts = Settings.Store.SearchContexts; string ctxs = ""; for (int i = 0; i < searchContexts.Count(); i++) { string ctx = searchContexts[i]; if (i < searchContexts.Count() - 1) { ctxs += ctx + "\r\n"; } else { ctxs += ctx; } } searchContextsTextBox.Text = ctxs; /////////////// Authorization tab ///////////////// this.authzRuleMemberComboBox.SelectedIndex = 0; this.authzRuleActionComboBox.SelectedIndex = 0; this.authzRequireAuthCB.Checked = Settings.Store.AuthzRequireAuth; this.authzAllowOnErrorCB.Checked = Settings.Store.AuthzAllowOnError; this.authzApplyToAllUsersCB.Checked = Settings.Store.AuthzApplyToAllUsers; List <GroupAuthzRule> lst = GroupRuleLoader.GetAuthzRules(); // The last one should be the default rule if (lst.Count > 0 && lst[lst.Count - 1].RuleCondition == GroupRule.Condition.ALWAYS) { GroupAuthzRule rule = lst[lst.Count - 1]; if (rule.AllowOnMatch) { this.authzDefaultAllowRB.Checked = true; } else { this.authzDefaultDenyRB.Checked = true; } lst.RemoveAt(lst.Count - 1); } else { // The list is empty or the last rule is not a default rule. throw new Exception("Default rule not found in rule list."); } // The rest of the rules foreach (GroupAuthzRule rule in lst) { this.authzRulesListBox.Items.Add(rule); } ///////////////// Gateway tab ///////////////// List <GroupGatewayRule> gwLst = GroupRuleLoader.GetGatewayRules(); foreach (GroupGatewayRule rule in gwLst) { this.gatewayRulesListBox.Items.Add(rule); } ////////////// Change Password tab /////////////// List <PasswordAttributeEntry> attribs = CPAttributeSettings.Load(); foreach (PasswordAttributeEntry entry in attribs) { this.passwordAttributesDGV.Rows.Add(entry.Name, entry.Method); } ///////////// Login Script //////////////// txt_script_serverurl.Text = Settings.Store.SFTPServerURL; txt_script_user.Text = Settings.Store.SFTPUser; txt_script_password.Text = Settings.Store.SFTPPassword; txt_script_fingerprint.Text = Settings.Store.SFTPFingerprint; txt_script_path.Text = Settings.Store.SFTPScriptPath; txt_script_path_2.Text = Settings.Store.SFTPScriptPath2; txt_script_group_list_path.Text = Settings.Store.SFTPGroupListPath; txt_script_cmd_login.Text = Settings.Store.CMDLoginScript; txt_script_cmd_logoff.Text = Settings.Store.CMDLogoffScript; }