public static System.DirectoryServices.AccountManagement.GroupPrincipal New_DomainGroup(Args_New_DomainGroup args = null)
{
if (args == null)
{
args = new Args_New_DomainGroup();
}
var ContextArguments = new Args_Get_PrincipalContext
{
Identity = args.SamAccountName,
Domain = args.Domain,
Credential = args.Credential
};
var Context = GetPrincipalContext.Get_PrincipalContext(ContextArguments);
if (Context != null)
{
var Group = new System.DirectoryServices.AccountManagement.GroupPrincipal(Context.Context);
// set all the appropriate group parameters
Group.SamAccountName = Context.Identity;
if (!string.IsNullOrEmpty(args.Name))
{
Group.Name = args.Name;
}
else
{
Group.Name = Context.Identity;
}
if (!string.IsNullOrEmpty(args.DisplayName))
{
Group.DisplayName = args.DisplayName;
}
else
{
Group.DisplayName = Context.Identity;
}
if (!string.IsNullOrEmpty(args.Description))
{
Group.Description = args.Description;
}
Logger.Write_Verbose($@"[New-DomainGroup] Attempting to create group '{args.SamAccountName}'");
try
{
Group.Save();
Logger.Write_Verbose($@"[New-DomainGroup] Group '{args.SamAccountName}' successfully created");
return(Group);
}
catch (Exception e)
{
Logger.Write_Warning($@"[New-DomainGroup] Error creating group '{args.SamAccountName}' : {e}");
}
}
return(null);
}
public static void Add_DomainGroupMember(Args_Add_DomainGroupMember args = null)
{
if (args == null)
{
args = new Args_Add_DomainGroupMember();
}
var ContextArguments = new Args_Get_PrincipalContext
{
Identity = args.Identity,
Domain = args.Domain,
Credential = args.Credential
};
var GroupContext = GetPrincipalContext.Get_PrincipalContext(ContextArguments);
System.DirectoryServices.AccountManagement.GroupPrincipal Group = null;
if (GroupContext != null)
{
try
{
Group = System.DirectoryServices.AccountManagement.GroupPrincipal.FindByIdentity(GroupContext.Context, GroupContext.Identity);
}
catch (Exception e)
{
Logger.Write_Warning($@"[Add-DomainGroupMember] Error finding the group identity '{args.Identity}' : {e}");
}
}
if (Group != null)
{
PrincipalContextEx UserContext = null;
var UserIdentity = string.Empty;
foreach (var Member in args.Members)
{
if (Member.IsRegexMatch(@".+\\.+"))
{
ContextArguments.Identity = Member;
UserContext = GetPrincipalContext.Get_PrincipalContext(ContextArguments);
if (UserContext != null)
{
UserIdentity = UserContext.Identity;
}
}
else
{
UserContext = GroupContext;
UserIdentity = Member;
}
Logger.Write_Verbose($@"[Add-DomainGroupMember] Adding member '{Member}' to group '{args.Identity}'");
Group.Members.Add(System.DirectoryServices.AccountManagement.Principal.FindByIdentity(UserContext.Context, UserIdentity));
Group.Save();
}
}
}
public static void Set_DomainUserPassword(Args_Set_DomainUserPassword args = null)
{
if (args == null)
{
args = new Args_Set_DomainUserPassword();
}
var ContextArguments = new Args_Get_PrincipalContext
{
Identity = args.Identity,
Domain = args.Domain,
Credential = args.Credential
};
var Context = GetPrincipalContext.Get_PrincipalContext(ContextArguments);
System.DirectoryServices.AccountManagement.UserPrincipal User = null;
if (Context != null)
{
User = System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(Context.Context, args.Identity);
if (User != null)
{
Logger.Write_Verbose($@"[Set-DomainUserPassword] Attempting to set the password for user '{args.Identity}'");
try
{
var TempCred = new System.Net.NetworkCredential("a", args.AccountPassword);
User.SetPassword(TempCred.Password);
User.Save();
Logger.Write_Verbose($@"[Set-DomainUserPassword] Password for user '{args.Identity}' successfully reset");
}
catch (Exception e)
{
Logger.Write_Warning($@"[Set-DomainUserPassword] Error setting password for user '{args.Identity}' : {e}");
}
}
else
{
Logger.Write_Warning($@"[Set-DomainUserPassword] Unable to find user '{args.Identity}'");
}
}
}
public static System.DirectoryServices.AccountManagement.UserPrincipal New_DomainUser(Args_New_DomainUser args = null)
{
if (args == null)
{
args = new Args_New_DomainUser();
}
var ContextArguments = new Args_Get_PrincipalContext
{
Identity = args.SamAccountName,
Domain = args.Domain,
Credential = args.Credential
};
var Context = GetPrincipalContext.Get_PrincipalContext(ContextArguments);
if (Context != null)
{
var User = new System.DirectoryServices.AccountManagement.UserPrincipal(Context.Context);
// set all the appropriate user parameters
User.SamAccountName = Context.Identity;
var TempCred = new System.Net.NetworkCredential("a", args.AccountPassword);
User.SetPassword(TempCred.Password);
User.Enabled = true;
User.PasswordNotRequired = false;
if (!string.IsNullOrEmpty(args.Name))
{
User.Name = args.Name;
}
else
{
User.Name = Context.Identity;
}
if (!string.IsNullOrEmpty(args.DisplayName))
{
User.DisplayName = args.DisplayName;
}
else
{
User.DisplayName = Context.Identity;
}
if (!string.IsNullOrEmpty(args.Description))
{
User.Description = args.Description;
}
Logger.Write_Verbose($@"[New-DomainUser] Attempting to create user '{args.SamAccountName}'");
try
{
User.Save();
Logger.Write_Verbose($@"[New-DomainUser] User '{args.SamAccountName}' successfully created");
return(User);
}
catch (Exception e)
{
Logger.Write_Warning($@"[New-DomainUser] Error creating user '{args.SamAccountName}' : {e}");
}
}
return(null);
}
public static PrincipalContextEx Get_PrincipalContext(Args_Get_PrincipalContext args = null)
{
if (args == null)
{
args = new Args_Get_PrincipalContext();
}
try
{
var ConnectTarget = string.Empty;
var ObjectIdentity = string.Empty;
System.DirectoryServices.AccountManagement.PrincipalContext Context = null;
if (!string.IsNullOrEmpty(args.Domain) || args.Identity.IsRegexMatch(@".+\\.+"))
{
if (args.Identity.IsRegexMatch(@".+\\.+"))
{
// DOMAIN\groupname
var ConvertedIdentity = ConvertADName.Convert_ADName(new Args_Convert_ADName {
Identity = new[] { args.Identity }
}).FirstOrDefault();
if (ConvertedIdentity != null)
{
ConnectTarget = ConvertedIdentity.Substring(0, ConvertedIdentity.IndexOf('/'));
ObjectIdentity = args.Identity.Split('\\')[1];
Logger.Write_Verbose($@"[Get-PrincipalContext] Binding to domain '{ConnectTarget}'");
}
}
else
{
ObjectIdentity = args.Identity;
Logger.Write_Verbose($@"[Get-PrincipalContext] Binding to domain '{args.Domain}'");
ConnectTarget = args.Domain;
}
if (args.Credential != null)
{
Logger.Write_Verbose($@"[Get-PrincipalContext] Using alternate credentials");
Context = new System.DirectoryServices.AccountManagement.PrincipalContext(System.DirectoryServices.AccountManagement.ContextType.Domain, ConnectTarget, args.Credential.UserName, args.Credential.Password);
}
else
{
Context = new System.DirectoryServices.AccountManagement.PrincipalContext(System.DirectoryServices.AccountManagement.ContextType.Domain, ConnectTarget);
}
}
else
{
if (args.Credential != null)
{
Logger.Write_Verbose($@"[Get-PrincipalContext] Using alternate credentials");
var DomainName = GetDomain.Get_Domain().Name;
Context = new System.DirectoryServices.AccountManagement.PrincipalContext(System.DirectoryServices.AccountManagement.ContextType.Domain, DomainName, args.Credential.UserName, args.Credential.Password);
}
else
{
Context = new System.DirectoryServices.AccountManagement.PrincipalContext(System.DirectoryServices.AccountManagement.ContextType.Domain);
}
ObjectIdentity = args.Identity;
}
return(new PrincipalContextEx
{
Context = Context,
Identity = ObjectIdentity
});
}
catch (Exception e)
{
Logger.Write_Warning($@"[Get-PrincipalContext] Error creating binding for object ('{args.Identity}') context : {e}");
}
return(null);
}
public static PrincipalContextEx Get_PrincipalContext(Args_Get_PrincipalContext args = null)
{
return(GetPrincipalContext.Get_PrincipalContext(args));
}
