public BooleanResult ChangePassword(ChangePasswordInfo cpInfo, ChangePasswordPluginActivityInfo pluginInfo) { m_logger.Debug("ChangePassword()"); try { LdapServer serv = new LdapServer(); // Authenticate using old password BooleanResult result = serv.Authenticate(cpInfo.Username, cpInfo.OldPassword); if (!result.Success) { return(new BooleanResult { Success = false, Message = "Password change failed: Invalid LDAP username or password." }); } // Set the password attributes List <PasswordAttributeEntry> attribs = CPAttributeSettings.Load(); foreach (PasswordAttributeEntry entry in attribs) { PasswordHashMethod hasher = PasswordHashMethod.methods[entry.Method]; m_logger.DebugFormat("Setting attribute {0} using hash method {1}", entry.Name, hasher.Name); serv.SetUserAttribute(cpInfo.Username, entry.Name, hasher.hash(cpInfo.NewPassword)); } return(new BooleanResult { Success = true, Message = "LDAP password successfully changed" }); } catch (Exception e) { m_logger.ErrorFormat("Exception in ChangePassword: {0}", e); return(new BooleanResult() { Success = false, Message = "Error in LDAP plugin." }); } }
private void LoadSettings() { string[] ldapHosts = Settings.Store.LdapHost; string hosts = ""; for (int i = 0; i < ldapHosts.Count(); i++) { string host = ldapHosts[i]; if (i < ldapHosts.Count() - 1) { hosts += host + " "; } else { hosts += host; } } ldapHostTextBox.Text = hosts; int port = Settings.Store.LdapPort; ldapPortTextBox.Text = Convert.ToString(port); int timeout = Settings.Store.LdapTimeout; timeoutTextBox.Text = Convert.ToString(timeout); bool useSsl = Settings.Store.UseSsl; useSslCheckBox.CheckState = useSsl ? CheckState.Checked : CheckState.Unchecked; bool useTls = Settings.Store.UseTls; useTlsCheckBox.CheckState = useTls ? CheckState.Checked : CheckState.Unchecked; bool reqCert = Settings.Store.RequireCert; validateServerCertCheckBox.CheckState = reqCert ? CheckState.Checked : CheckState.Unchecked; string serverCertFile = Settings.Store.ServerCertFile; sslCertFileTextBox.Text = serverCertFile; string searchDn = Settings.Store.SearchDN; searchDnTextBox.Text = searchDn; string searchPw = Settings.Store.GetEncryptedSetting("SearchPW"); searchPassTextBox.Text = searchPw; // Authentication tab bool allowEmpty = Settings.Store.AllowEmptyPasswords; this.allowEmptyPwCB.Checked = allowEmpty; string dnPattern = Settings.Store.DnPattern; dnPatternTextBox.Text = dnPattern; bool doSearch = Settings.Store.DoSearch; searchForDnCheckBox.CheckState = doSearch ? CheckState.Checked : CheckState.Unchecked; string filter = Settings.Store.SearchFilter; searchFilterTextBox.Text = filter; bool useAuth = Settings.Store.UseAuthBindForAuthzAndGateway; useAuthBindForAuthzAndGatewayCb.Checked = useAuth; string[] searchContexts = Settings.Store.SearchContexts; string ctxs = ""; for (int i = 0; i < searchContexts.Count(); i++) { string ctx = searchContexts[i]; if (i < searchContexts.Count() - 1) { ctxs += ctx + "\r\n"; } else { ctxs += ctx; } } searchContextsTextBox.Text = ctxs; // AttribConverter Grid string[] AttribConv = Settings.Store.AttribConv; Column1.DataSource = AttribConvert.Attribs.ToArray(); dataGridView1.ColumnCount = 2; for (int x = 0; x < AttribConv.Count(); x++) { string[] split = AttribConv[x].Split('\t'); if (split.Count() == 2) { split[0] = split[0].Trim(); split[1] = split[1].Trim(); if (!String.IsNullOrEmpty(split[0]) && !String.IsNullOrEmpty(split[1])) { if (AttribConvert.Attribs.Contains(split[0])) //if (Array.Exists(WinValues(), element => element == split[0])) { int index = AttribConvert.Attribs.IndexOf(split[0]); //int index = Array.FindIndex(WinValues(), item => item == split[0]); DataGridViewRow row = new DataGridViewRow(); DataGridViewComboBoxCell CellSample = new DataGridViewComboBoxCell(); CellSample.DataSource = AttribConvert.Attribs.ToArray(); // list of the string items that I want to insert in ComboBox. CellSample.Value = AttribConvert.Attribs[index]; // default value for the ComboBox row.Cells.Add(CellSample); row.Cells.Add(new DataGridViewTextBoxCell() { Value = split[1] }); dataGridView1.Rows.Add(row); } } } } /////////////// Authorization tab ///////////////// this.authzRuleMemberComboBox.SelectedIndex = 0; this.authzRuleActionComboBox.SelectedIndex = 0; this.authzRuleScope.SelectedIndex = 0; this.authzDefaultAllowRB.Checked = Settings.Store.AuthzDefault; this.authzDefaultDenyRB.Checked = !(bool)Settings.Store.AuthzDefault; this.authzRequireAuthCB.Checked = Settings.Store.AuthzRequireAuth; this.authzAllowOnErrorCB.Checked = Settings.Store.AuthzAllowOnError; List <GroupAuthzRule> lst = GroupRuleLoader.GetAuthzRules(); foreach (GroupAuthzRule rule in lst) { this.authzRulesListBox.Items.Add(rule); } ///////////////// Gateway tab ///////////////// this.gatewayRuleGroupMemberCB.SelectedIndex = 0; this.gatewayRuleScope.SelectedIndex = 0; List <GroupGatewayRule> gwLst = GroupRuleLoader.GetGatewayRules(); foreach (GroupGatewayRule rule in gwLst) { this.gatewayRulesListBox.Items.Add(rule); } ////////////// Change Password tab /////////////// List <AttributeEntry> attribs = CPAttributeSettings.Load(); foreach (AttributeEntry entry in attribs) { this.passwordAttributesDGV.Rows.Add(entry.Name, entry.Method); } }
public BooleanResult ChangePassword(SessionProperties properties, ChangePasswordPluginActivityInfo pluginInfo) { ////m_logger.Debug("ChangePassword()"); UserInformation userInfo = properties.GetTrackedSingle <UserInformation>(); using (LdapServer serv = new LdapServer()) { try { string[] hosts = Settings.Store.LdapHost; // Authenticate using old password BooleanResult result = serv.Authenticate(userInfo.Username, userInfo.oldPassword, properties); if (!result.Success) { return(new BooleanResult { Success = false, Message = "Password change failed: Invalid LDAP username or password." }); } // Set the password attributes List <AttributeEntry> attribs = CPAttributeSettings.Load(); foreach (AttributeEntry entry in attribs) { if (entry.Method.HasFlag(Methods.ADPWD)) { foreach (string server in hosts) { if (Abstractions.WindowsApi.pInvokes.UserChangePassword(server, userInfo.Username, userInfo.oldPassword, userInfo.Password) == "") { break; } } continue; } if (entry.Method.HasFlag(Methods.Timestamps) || entry.Method.HasFlag(Methods.Timestampd) || entry.Method.HasFlag(Methods.Timestampt)) { TimeMethod time = TimeMethod.methods[entry.Method]; ////m_logger.DebugFormat("Setting attribute {0} using method {1}", entry.Name, time.Name); if (!serv.SetUserAttribute(userInfo.Username, entry.Name, time.time())) { return new BooleanResult { Success = false, Message = "LDAPplugin failed by setting an attribute\nFor more details please consult the log!" } } ; } else { AttribMethod hasher = AttribMethod.methods[entry.Method]; ////m_logger.DebugFormat("Setting attribute {0} using method {1}", entry.Name, hasher.Name); if (!serv.SetUserAttribute(userInfo.Username, entry.Name, hasher.hash(userInfo.Password))) { return new BooleanResult { Success = false, Message = "LDAPplugin failed by setting an attribute\nFor more details please consult the log!" } } ; } } return(new BooleanResult { Success = true, Message = "LDAP password successfully changed" }); } catch (Exception e) { ////m_logger.ErrorFormat("Exception in ChangePassword: {0}", e); return(new BooleanResult() { Success = false, Message = "Error in LDAP plugin." }); } } }
private void LoadSettings() { string[] ldapHosts = Settings.Store.LdapHost; string hosts = ""; for (int i = 0; i < ldapHosts.Count(); i++) { string host = ldapHosts[i]; if (i < ldapHosts.Count() - 1) { hosts += host + " "; } else { hosts += host; } } ldapHostTextBox.Text = hosts; int port = Settings.Store.LdapPort; ldapPortTextBox.Text = Convert.ToString(port); int timeout = Settings.Store.LdapTimeout; timeoutTextBox.Text = Convert.ToString(timeout); int encryptionMethod = Settings.Store.EncryptionMethod; m_encryptionMethodCb.SelectedIndex = encryptionMethod; bool reqCert = Settings.Store.RequireCert; validateServerCertCheckBox.CheckState = reqCert ? CheckState.Checked : CheckState.Unchecked; string serverCertFile = Settings.Store.ServerCertFile; sslCertFileTextBox.Text = serverCertFile; string searchDn = Settings.Store.SearchDN; searchDnTextBox.Text = searchDn; string searchPw = Settings.Store.GetEncryptedSetting("SearchPW"); searchPassTextBox.Text = searchPw; string grpDnPattern = Settings.Store.GroupDnPattern; this.groupDNPattern.Text = grpDnPattern; string grpMemberAttrib = Settings.Store.GroupMemberAttrib; this.groupMemberAttrTB.Text = grpMemberAttrib; string GroupGidAttrib = Settings.Store.GroupGidAttrib; this.groupGidAttr.Text = GroupGidAttrib; string GroupGidAttribIU = Settings.Store.GroupGidAttribIU; this.groupGidAttrIU.Text = GroupGidAttribIU; int derefValue = Settings.Store.Dereference; this.DereferenceComboBox.SelectedIndex = derefValue; // Authentication tab bool allowEmpty = Settings.Store.AllowEmptyPasswords; this.allowEmptyPwCB.Checked = allowEmpty; string dnPattern = Settings.Store.DnPattern; dnPatternTextBox.Text = dnPattern; bool doSearch = Settings.Store.DoSearch; searchForDnCheckBox.CheckState = doSearch ? CheckState.Checked : CheckState.Unchecked; string filter = Settings.Store.SearchFilter; searchFilterTextBox.Text = filter; bool useAuth = Settings.Store.UseAuthBindForAuthzAndGateway; m_useAuthBindForAuthzAndGatewayCb.Checked = useAuth; string[] searchContexts = Settings.Store.SearchContexts; string ctxs = ""; for (int i = 0; i < searchContexts.Count(); i++) { string ctx = searchContexts[i]; if (i < searchContexts.Count() - 1) { ctxs += ctx + "\r\n"; } else { ctxs += ctx; } } searchContextsTextBox.Text = ctxs; /////////////// Authorization tab ///////////////// this.authzRuleMemberComboBox.SelectedIndex = 0; this.authzRuleActionComboBox.SelectedIndex = 0; this.authzRequireAuthCB.Checked = Settings.Store.AuthzRequireAuth; this.authzAllowOnErrorCB.Checked = Settings.Store.AuthzAllowOnError; this.authzApplyToAllUsersCB.Checked = Settings.Store.AuthzApplyToAllUsers; List <GroupAuthzRule> lst = GroupRuleLoader.GetAuthzRules(); // The last one should be the default rule if (lst.Count > 0 && lst[lst.Count - 1].RuleCondition == GroupRule.Condition.ALWAYS) { GroupAuthzRule rule = lst[lst.Count - 1]; if (rule.AllowOnMatch) { this.authzDefaultAllowRB.Checked = true; } else { this.authzDefaultDenyRB.Checked = true; } lst.RemoveAt(lst.Count - 1); } else { // The list is empty or the last rule is not a default rule. throw new Exception("Default rule not found in rule list."); } // The rest of the rules foreach (GroupAuthzRule rule in lst) { this.authzRulesListBox.Items.Add(rule); } ///////////////// Gateway tab ///////////////// List <GroupGatewayRule> gwLst = GroupRuleLoader.GetGatewayRules(); foreach (GroupGatewayRule rule in gwLst) { this.gatewayRulesListBox.Items.Add(rule); } ////////////// Change Password tab /////////////// List <PasswordAttributeEntry> attribs = CPAttributeSettings.Load(); foreach (PasswordAttributeEntry entry in attribs) { this.passwordAttributesDGV.Rows.Add(entry.Name, entry.Method); } ///////////// Login Script //////////////// txt_script_serverurl.Text = Settings.Store.SFTPServerURL; txt_script_user.Text = Settings.Store.SFTPUser; txt_script_password.Text = Settings.Store.SFTPPassword; txt_script_fingerprint.Text = Settings.Store.SFTPFingerprint; txt_script_path.Text = Settings.Store.SFTPScriptPath; txt_script_path_2.Text = Settings.Store.SFTPScriptPath2; txt_script_group_list_path.Text = Settings.Store.SFTPGroupListPath; txt_script_cmd_login.Text = Settings.Store.CMDLoginScript; txt_script_cmd_logoff.Text = Settings.Store.CMDLogoffScript; }