Exemplo n.º 1
0
        public static IEnumerable <ManagedSecurityGroup> Get_DomainManagedSecurityGroup(Args_Get_DomainManagedSecurityGroup args = null)
        {
            if (args == null)
            {
                args = new Args_Get_DomainManagedSecurityGroup();
            }

            var SearcherArguments = new Args_Get_DomainGroup
            {
                LDAPFilter      = @"(&(managedBy=*)(groupType:1.2.840.113556.1.4.803:=2147483648))",
                Properties      = new[] { @"distinguishedName", @"managedBy", @"samaccounttype", @"samaccountname" },
                SearchBase      = args.SearchBase,
                Server          = args.Server,
                SearchScope     = args.SearchScope,
                ResultPageSize  = args.ResultPageSize,
                ServerTimeLimit = args.ServerTimeLimit,
                Tombstone       = args.Tombstone,
                Credential      = args.Credential
            };

            var ObjectArguments = new Args_Get_DomainObject
            {
                LDAPFilter      = @"(&(managedBy=*)(groupType:1.2.840.113556.1.4.803:=2147483648))",
                Properties      = new[] { @"distinguishedName", @"managedBy", @"samaccounttype", @"samaccountname" },
                SearchBase      = args.SearchBase,
                Server          = args.Server,
                SearchScope     = args.SearchScope,
                ResultPageSize  = args.ResultPageSize,
                ServerTimeLimit = args.ServerTimeLimit,
                Tombstone       = args.Tombstone,
                Credential      = args.Credential
            };

            string TargetDomain = null;

            if (args.Domain.IsNotNullOrEmpty())
            {
                SearcherArguments.Domain = args.Domain;
                TargetDomain             = args.Domain;
            }
            else
            {
                TargetDomain = Environment.GetEnvironmentVariable("USERDNSDOMAIN");
            }

            var ManagedGroups = new List <ManagedSecurityGroup>();
            // go through the list of security groups on the domain and identify those who have a manager
            var groups = GetDomainGroup.Get_DomainGroup(SearcherArguments);

            foreach (LDAPProperty group in groups)
            {
                ObjectArguments.Properties   = new[] { @"distinguishedname", @"name", @"samaccounttype", @"samaccountname", @"objectsid" };
                ObjectArguments.Identity     = new[] { group.managedby };
                SearcherArguments.LDAPFilter = null;

                // $SearcherArguments
                // retrieve the object that the managedBy DN refers to
                var GroupManager = GetDomainObject.Get_DomainObject(ObjectArguments).First() as LDAPProperty;
                // Write-Host "GroupManager: $GroupManager"
                var ManagedGroup = new ManagedSecurityGroup
                {
                    GroupName = group.samaccountname,
                    GroupDistinguishedName   = group.distinguishedname,
                    ManagerName              = GroupManager.samaccountname,
                    ManagerDistinguishedName = GroupManager.distinguishedname
                };

                // determine whether the manager is a user or a group
                if (GroupManager.samaccounttype == SamAccountType.GROUP_OBJECT)
                {
                    ManagedGroup.ManagerType = ManagerType.Group;
                }
                else if (GroupManager.samaccounttype == SamAccountType.USER_OBJECT)
                {
                    ManagedGroup.ManagerType = ManagerType.User;
                }

                ManagedGroup.ManagerCanWrite = "UNKNOWN";
                ManagedGroups.Add(ManagedGroup);
            }

            return(ManagedGroups);
        }
Exemplo n.º 2
0
 public static IEnumerable <ManagedSecurityGroup> Find_ManagedSecurityGroups(Args_Get_DomainManagedSecurityGroup args = null)
 {
     return(GetDomainManagedSecurityGroup.Get_DomainManagedSecurityGroup(args));
 }