Exemplo n.º 1
0
 public override LDAPObject GetDomain(LDAPSupportSettings settings)
 {
     try
     {
         string            password           = GetPassword(settings.PasswordBytes);
         var               novellLdapSearcher = new NovellLdapSearcher(AcceptCertificate);
         List <LDAPObject> searchResult       = novellLdapSearcher.Search(settings.Login, password, settings.Server,
                                                                          settings.PortNumber, LdapConnection.SCOPE_BASE, settings.StartTls, searchFilter, settings.UserDN);
         if (searchResult.Count == 0)
         {
             string domainDn = GetPossibleDomainDn(settings.Server);
             searchResult = novellLdapSearcher.Search(settings.Login, password, settings.Server,
                                                      settings.PortNumber, LdapConnection.SCOPE_BASE, settings.StartTls, searchFilter, domainDn);
             if (searchResult.Count == 0)
             {
                 return(null);
             }
         }
         return(searchResult[0]);
     }
     catch (Exception e)
     {
         log.WarnFormat("Can't get current domain. May be current user has not needed permissions. {0}", e);
         return(null);
     }
 }
Exemplo n.º 2
0
        private List <DirectoryEntry> Search(string rootDistinguishedName, string filter, SearchScope scope,
                                             LDAPSupportSettings settings)
        {
            var type = AuthenticationTypes.ReadonlyServer | AuthenticationTypes.Secure;

            if (settings.PortNumber == Constants.SSL_LDAP_PORT)
            {
                type |= AuthenticationTypes.SecureSocketsLayer;
            }

            string password;

            try
            {
                password = new UnicodeEncoding().GetString(InstanceCrypto.Decrypt(settings.PasswordBytes));
            }
            catch (Exception)
            {
                password = string.Empty;
            }

            var de = settings.Authentication
                                    ? CreateDirectoryEntry(rootDistinguishedName, settings.Login, password, type)
                                    : CreateDirectoryEntry(rootDistinguishedName);

            return(de != null?Search(de, filter, scope) : null);
        }
Exemplo n.º 3
0
        public List <LDAPObject> Search(string root, Criteria criteria, LDAPSupportSettings settings)
        {
            var    type = AuthenticationTypes.ReadonlyServer | AuthenticationTypes.Secure;
            string password;

            try
            {
                password = new UnicodeEncoding().GetString(InstanceCrypto.Decrypt(settings.PasswordBytes));
            }
            catch (Exception)
            {
                password = string.Empty;
            }
            if (settings.PortNumber == Constants.SSL_LDAP_PORT)
            {
                type |= AuthenticationTypes.SecureSocketsLayer;
            }
            var entry = settings.Authentication ? new DirectoryEntry(root, settings.Login, password, type) : new DirectoryEntry(root);

            try
            {
                object nativeObject = entry.NativeObject;
            }
            catch (Exception e)
            {
                log.ErrorFormat("Error authenticating user. Current user has not access to read this directory: {0}. {1}", root, e);
                return(null);
            }
            return(SearchInternal(root, criteria != null ? criteria.ToString() : null, SearchScope.Subtree, settings));
        }
Exemplo n.º 4
0
        protected LDAPOperation(LDAPSupportSettings settings, Tenant tenant = null, bool?acceptCertificate = null)
        {
            CurrentTenant = tenant ?? CoreContext.TenantManager.GetCurrentTenant();

            _culture = Thread.CurrentThread.CurrentCulture.Name;

            LDAPSettings = settings;

            _ldapSettingsChecker = !WorkContext.IsMono
                                       ? (LdapSettingsChecker) new SystemLdapSettingsChecker()
                                       : new NovellLdapSettingsChecker();

            Source   = "";
            Progress = 0;
            Status   = "";
            Error    = "";
            Source   = "";

            TaskInfo = new DistributedTask();

            if (acceptCertificate.HasValue)
            {
                TaskInfo.SetProperty(CERT_ALLOW, acceptCertificate.Value);
            }
        }
Exemplo n.º 5
0
        public override LDAPObject GetDomain(LDAPSupportSettings settings)
        {
            try
            {
                string password;
                var    type = AuthenticationTypes.ReadonlyServer | AuthenticationTypes.Secure;
                try
                {
                    password = new UnicodeEncoding().GetString(InstanceCrypto.Decrypt(settings.PasswordBytes));
                }
                catch (Exception)
                {
                    password = string.Empty;
                }

                if (settings.PortNumber == Constants.SSL_LDAP_PORT)
                {
                    type |= AuthenticationTypes.SecureSocketsLayer;
                }

                var entry = settings.Authentication
                                ? new DirectoryEntry(settings.Server + ":" + settings.PortNumber, settings.Login, password,
                                                     type)
                                : new DirectoryEntry(settings.Server + ":" + settings.PortNumber);

                return(LDAPObjectFactory.CreateObject(entry));
            }
            catch (Exception e)
            {
                Log.WarnFormat("Can't get current domain. May be current user has not needed permissions. {0}", e);
                return(null);
            }
        }
Exemplo n.º 6
0
        public override List <LDAPObject> GetUsersByAttributesAndFilter(LDAPSupportSettings settings, string filter)
        {
            var password = GetPassword(settings.PasswordBytes);

            if (!string.IsNullOrEmpty(settings.UserFilter) && !settings.UserFilter.StartsWith("(") &&
                !settings.UserFilter.EndsWith(")"))
            {
                settings.UserFilter = "(" + settings.UserFilter + ")";
            }

            filter = "(&" + settings.UserFilter + filter + ")";

            try
            {
                var novellLdapSearcher = new NovellLdapSearcher(AcceptCertificate);
                return(novellLdapSearcher.Search(settings.Login, password, settings.Server, settings.PortNumber,
                                                 LdapConnection.SCOPE_SUB, settings.StartTls, null, filter,
                                                 settings.UserDN));
            }
            catch (Exception e)
            {
                Log.ErrorFormat("Can not access to directory: {0}. {1}", settings.UserDN, e);
            }

            return(null);
        }
Exemplo n.º 7
0
        public bool?IsLDAPDomainExists(string domain, LDAPSupportSettings settings)
        {
            try
            {
                if (string.IsNullOrEmpty(domain))
                {
                    return(null);
                }

                var ldapDomain = GetDomain(settings);

                if (string.IsNullOrEmpty(ldapDomain))
                {
                    return(null);
                }

                var domainTest = domain.Trim();
                ldapDomain = ldapDomain.Trim();

                return(domainTest.Equals(ldapDomain, StringComparison.InvariantCultureIgnoreCase) ||
                       ldapDomain.StartsWith(domainTest));
            }
            catch (Exception e)
            {
                log.ErrorFormat("ExistsLDAPDomain(domain: {0}) error: {1}", domain, e);
            }

            return(null);
        }
Exemplo n.º 8
0
        public SaveLdapSettingTask(LDAPSupportSettings settings, int tenantId, string status, bool acceptCertificate = false, bool skipSaveSettings = false)
        {
            _settings = settings;

            Id = tenantId;

            AscCache.Default.Remove(Constants.LDAP_SETTING_TASK_ID);
            AscCache.Default.Remove(Constants.LDAP_SETTING_TASK_IS_COMPLETED);
            AscCache.Default.Remove(Constants.LDAP_SETTING_TASK_PERCENTAGE);
            AscCache.Default.Remove(Constants.LDAP_SETTING_TASK_STATUS);
            AscCache.Default.Remove(Constants.LDAP_SETTING_TASK_ERROR);
            AscCache.Default.Remove(Constants.NOVELL_LDAP_CERTIFICATE_CONFIRM_REQUEST);

            SetProggressInfo(Constants.LDAP_SETTING_TASK_ID, Id);
            SetProggressInfo(Constants.LDAP_SETTING_TASK_STATUS, status);
            SetProggressInfo(Constants.LDAP_SETTING_TASK_ACCEPT_CERTIFICATE, acceptCertificate);
            SetProggressInfo(Constants.LDAP_SETTING_TASK_STARTED, "started");
            SetProggressInfo(Constants.LDAP_SETTING_TASK_IS_COMPLETED, false);

            _ldapSettingsChecker = !WorkContext.IsMono
                                       ? (LdapSettingsChecker) new SystemLdapSettingsChecker()
                                       : new NovellLdapSettingsChecker();

            _skipSaveSettings = skipSaveSettings;
        }
Exemplo n.º 9
0
 protected void Page_Load(object sender, EventArgs e)
 {
     AjaxPro.Utility.RegisterTypeForAjax(typeof(LdapSettings), Page);
     Page.RegisterBodyScripts(ResolveUrl("~/usercontrols/management/ldapsettings/js/ldapsettings.js"));
     ldapSettingsConfirmContainerId.Options.IsPopup = true;
     ldapSettingsLimitPanelId.Options.IsPopup       = true;
     settings = SettingsManager.Instance.LoadSettings <LDAPSupportSettings>(TenantProvider.CurrentTenantID);
 }
Exemplo n.º 10
0
            private void CreateUsersAndGroups(LDAPSupportSettings settings)
            {
                Status = Resource.LdapSettingsStatusGettingGroupsFromLdap;
                var groups = _importer.GetDiscoveredGroupsByAttributes(settings);

                Percentage = 8;
                Status     = Resource.LdapSettingsStatusGettingUsersFromLdap;
                var users = _importer.GetDiscoveredUsersByAttributes(settings);

                Percentage = 15;
                Status     = Resource.LdapSettingsStatusSavingGroups;
                AddGroupsToCore(groups);
                Percentage = 35;
                Status     = Resource.LdapSettingsStatusSavingUsers;
                double percents = 35;
                var    step     = percents / users.Count;

                if (users != null && users.Count != 0)
                {
                    for (int i = 0; i < users.Count; i++)
                    {
                        if (users[i].FirstName == string.Empty)
                        {
                            users[i].FirstName = Resource.FirstName;
                        }
                        if (users[i].LastName == string.Empty)
                        {
                            users[i].LastName = Resource.LastName;
                        }
                    }
                    users = users.SortByUserName();
                    for (int i = 0; i < users.Count; i++)
                    {
                        if (TenantStatisticsProvider.GetUsersCount() < TenantExtra.GetTenantQuota().ActiveUsers)
                        {
                            users[i] = UserManagerWrapper.AddUser(users[i], UserManagerWrapper.GeneratePassword(), true, false);
                        }
                        else
                        {
                            users[i] = UserManagerWrapper.AddUser(users[i], UserManagerWrapper.GeneratePassword(), true, false, true);
                        }
                        Percentage += step;
                    }
                }
                Percentage = 70;
                var allLdapUsers = CoreContext.UserManager.GetUsers().Where(u => u.Sid != null).ToArray();

                percents = 20;
                step     = percents / allLdapUsers.Length;
                for (int i = 0; i < allLdapUsers.Length; i++)
                {
                    _importer.AddUserIntoGroups(allLdapUsers[i], settings);
                    Percentage += step;
                }
                Percentage = 90;
                AddUsersInCacheGroups();
                RemoveEmptyGroups();
            }
Exemplo n.º 11
0
        private List <LDAPObject> SearchInternal(string root, string criteria, SearchScope scope,
                                                 LDAPSupportSettings settings)
        {
            _log.InfoFormat("ADDomain.Search(root: \"{0}\", criteria: \"{1}\", scope: {2})",
                            root, criteria, scope);

            var entries = Search(root, criteria, scope, settings) ?? new List <DirectoryEntry>(0);

            return(LDAPObjectFactory.CreateObjects(entries));
        }
Exemplo n.º 12
0
        public override List <LDAPObject> GetUsersByAttributes(LDAPSupportSettings settings)
        {
            string            password           = GetPassword(settings.PasswordBytes);
            var               criteria           = Criteria.All(Expression.Exists(settings.LoginAttribute));
            var               novellLdapSearcher = new NovellLdapSearcher(AcceptCertificate);
            List <LDAPObject> searchResult       = novellLdapSearcher.Search(settings.Login, password, settings.Server,
                                                                             settings.PortNumber, LdapConnection.SCOPE_SUB, settings.StartTls, criteria, settings.UserFilter, settings.UserDN);

            return(searchResult);
        }
Exemplo n.º 13
0
        public override string GetDomain(LDAPSupportSettings settings)
        {
            var dataInfo = _novellLdapHelper.GetDomain(settings);

            var domainName = dataInfo != null && dataInfo.DistinguishedName != null
                                 ? dataInfo.DistinguishedName.Remove(0, 3).Replace(",DC=", ".").Replace(",dc=", ".")
                                 : null;

            return(domainName);
        }
Exemplo n.º 14
0
        public override LDAPObject GetUserBySid(LDAPSupportSettings settings, string sid)
        {
            string password = GetPassword(settings.PasswordBytes);

            try
            {
                string            ldapUniqueIdAttribute = ConfigurationManager.AppSettings["ldap.unique.id"];
                List <LDAPObject> list;
                var novellLdapSearcher = new NovellLdapSearcher(AcceptCertificate);
                if (ldapUniqueIdAttribute == null)
                {
                    list = novellLdapSearcher.Search(settings.Login, password, settings.Server, settings.PortNumber,
                                                     LdapConnection.SCOPE_SUB, settings.StartTls, Criteria.All(Expression.Equal(Constants.RFCLDAPAttributes.EntryUUID, sid)),
                                                     settings.UserFilter, settings.UserDN);
                    if (list == null || list.Count == 0)
                    {
                        list = novellLdapSearcher.Search(settings.Login, password, settings.Server, settings.PortNumber,
                                                         LdapConnection.SCOPE_SUB, settings.StartTls, Criteria.All(Expression.Equal(Constants.RFCLDAPAttributes.NSUniqueId, sid)),
                                                         settings.UserFilter, settings.UserDN);
                        if (list == null || list.Count == 0)
                        {
                            list = novellLdapSearcher.Search(settings.Login, password, settings.Server, settings.PortNumber,
                                                             LdapConnection.SCOPE_SUB, settings.StartTls, Criteria.All(Expression.Equal(Constants.RFCLDAPAttributes.GUID, sid)),
                                                             settings.UserFilter, settings.UserDN);
                            if (list == null || list.Count == 0)
                            {
                                list = novellLdapSearcher.Search(settings.Login, password, settings.Server, settings.PortNumber,
                                                                 LdapConnection.SCOPE_SUB, settings.StartTls, Criteria.All(Expression.Equal(Constants.ADSchemaAttributes.ObjectSid, sid)),
                                                                 settings.UserFilter, settings.UserDN);
                            }
                        }
                    }
                }
                else
                {
                    list = novellLdapSearcher.Search(settings.Login, password, settings.Server, settings.PortNumber,
                                                     LdapConnection.SCOPE_SUB, settings.StartTls, Criteria.All(Expression.Equal(ldapUniqueIdAttribute, sid)),
                                                     settings.UserFilter, settings.UserDN);
                }
                if (list.Count != 0)
                {
                    return(list[0]);
                }
            }
            catch (Exception e)
            {
                log.ErrorFormat("Can not access to directory: {0}. {1}", settings.UserDN, e);
            }
            return(null);
        }
Exemplo n.º 15
0
        private static string GetEntryDN(LDAPSupportSettings settings, string login)
        {
            LdapHelper ldapHelper = new NovellLdapHelper();
            var        users      = ldapHelper.GetUsersByAttributesAndFilter(
                settings, "(" + settings.LoginAttribute + "=" + login + ")");

            if (users.Count == 0)
            {
                return(null);
            }
            var currentUser = users.FirstOrDefault(user => user != null);

            return(currentUser == null ? null : currentUser.DistinguishedName);
        }
Exemplo n.º 16
0
        public override List <LDAPObject> GetUsersFromPrimaryGroup(LDAPSupportSettings settings, string primaryGroupID)
        {
            var distinguishedName = settings.Server + ":" + settings.PortNumber + "/" + settings.UserDN;

            try
            {
                return(systemLdapSearcher.Search(distinguishedName, Criteria.All(Expression.Equal(
                                                                                     Constants.ADSchemaAttributes.PrimaryGroupID, primaryGroupID)), settings.UserFilter, settings));
            }
            catch (Exception e)
            {
                log.ErrorFormat("Can not access to directory: {0}. {1}", distinguishedName, e);
            }
            return(null);
        }
Exemplo n.º 17
0
 public override List <LDAPObject> GetGroupsByAttributes(LDAPSupportSettings settings)
 {
     try
     {
         List <LDAPObject> groups = systemLdapSearcher.Search(
             settings.Server + ":" + settings.PortNumber + "/" + settings.GroupDN, null, settings.GroupFilter, settings);
         return(groups);
     }
     catch (Exception ex)
     {
         log.ErrorFormat("Wrong Group DN or Group Filter parameter: GroupDN = {0}, GroupFilter = {1}, {2}",
                         settings.GroupDN, settings.GroupFilter, ex);
     }
     return(null);
 }
Exemplo n.º 18
0
        public bool UserExistsInGroup(LDAPSupportSettings settings, LDAPObject domainGroup, string memberString, string groupAttribute)
        {
            try
            {
                if (domainGroup == null ||
                    string.IsNullOrEmpty(memberString) ||
                    string.IsNullOrEmpty(groupAttribute))
                {
                    return(false);
                }

                if (domainGroup.Sid.EndsWith("-513"))
                {
                    // Domain Users found

                    var ldapUsers = GetUsersFromPrimaryGroup(settings, "513");

                    if (ldapUsers == null)
                    {
                        return(false);
                    }

                    if (ldapUsers.Any(ldapUser => ldapUser.DistinguishedName.Equals(memberString, StringComparison.InvariantCultureIgnoreCase)))
                    {
                        return(true);
                    }
                }
                else
                {
                    var members = domainGroup.GetValues(groupAttribute);

                    if (members == null)
                    {
                        return(false);
                    }

                    if (members.Any(member => memberString.Equals(member, StringComparison.InvariantCultureIgnoreCase)))
                    {
                        return(true);
                    }
                }
            }
            catch (Exception e)
            {
                Log.ErrorFormat("Wrong Group Attribute parameters: {0}. {1}", groupAttribute, e);
            }
            return(false);
        }
Exemplo n.º 19
0
        public override List <LDAPObject> GetGroupsByAttributes(LDAPSupportSettings settings)
        {
            try
            {
                string password           = GetPassword(settings.PasswordBytes);
                var    novellLdapSearcher = new NovellLdapSearcher(AcceptCertificate);
                var    groups             = novellLdapSearcher.Search(settings.Login, password, settings.Server,
                                                                      settings.PortNumber, LdapConnection.SCOPE_SUB, settings.StartTls, null, settings.GroupFilter, settings.GroupDN);

                return(groups);
            }
            catch (Exception e)
            {
                log.ErrorFormat("Bad GroupDN or GroupName parameter. {0}", e);
            }
            return(null);
        }
Exemplo n.º 20
0
        public override List <LDAPObject> GetUsersFromPrimaryGroup(LDAPSupportSettings settings, string primaryGroupID)
        {
            var    distinguishedName  = settings.Server + ":" + settings.PortNumber + "/" + settings.UserDN;
            string password           = GetPassword(settings.PasswordBytes);
            var    novellLdapSearcher = new NovellLdapSearcher(AcceptCertificate);

            try
            {
                return(novellLdapSearcher.Search(settings.Login, password, settings.Server, settings.PortNumber,
                                                 LdapConnection.SCOPE_SUB, settings.StartTls, Criteria.All(Expression.Equal(Constants.ADSchemaAttributes.PrimaryGroupID, primaryGroupID)),
                                                 settings.UserFilter, distinguishedName));
            }
            catch (Exception e)
            {
                log.ErrorFormat("Can not access to directory: {0}. {1}", distinguishedName, e);
            }
            return(null);
        }
Exemplo n.º 21
0
        public override List <LDAPObject> GetUsersByAttributesAndFilter(LDAPSupportSettings settings, string filter)
        {
            var distinguishedName = settings.Server + ":" + settings.PortNumber + "/" + settings.UserDN;

            if (!string.IsNullOrEmpty(settings.UserFilter) && !settings.UserFilter.StartsWith("(") && !settings.UserFilter.EndsWith(")"))
            {
                settings.UserFilter = "(" + settings.UserFilter + ")";
            }
            filter = "(&" + settings.UserFilter + filter + ")";
            try
            {
                return(systemLdapSearcher.Search(distinguishedName, null, filter, settings));
            }
            catch (Exception e)
            {
                log.ErrorFormat("Can not access to directory: {0}. {1}", distinguishedName, e);
            }
            return(null);
        }
Exemplo n.º 22
0
        public override LDAPObject GetUserBySid(LDAPSupportSettings settings, string sid)
        {
            var distinguishedName = settings.Server + ":" + settings.PortNumber + "/" + settings.UserDN;

            try
            {
                var list = systemLdapSearcher.Search(distinguishedName, Criteria.All(
                                                         Expression.Equal(Constants.ADSchemaAttributes.ObjectSid, sid)), settings.UserFilter, settings);
                if (list.Count != 0)
                {
                    return(list[0]);
                }
            }
            catch (Exception e)
            {
                log.ErrorFormat("Can not access to directory: {0}. {1}", distinguishedName, e);
            }
            return(null);
        }
Exemplo n.º 23
0
        public override List <LDAPObject> GetUsersByAttributes(LDAPSupportSettings settings)
        {
            var distinguishedName = settings.Server + ":" + settings.PortNumber + "/" + settings.UserDN;

            try
            {
                return(systemLdapSearcher.Search(distinguishedName, Criteria.All(Expression.Exists(settings.LoginAttribute)),
                                                 settings.UserFilter, settings));
            }
            catch (ArgumentException)
            {
                throw new ArgumentException();
            }
            catch (Exception e)
            {
                log.ErrorFormat("Can not access to directory: {0}. {1}", distinguishedName, e);
            }
            return(null);
        }
Exemplo n.º 24
0
 public abstract List <LDAPObject> GetGroupsByAttributes(LDAPSupportSettings settings);
Exemplo n.º 25
0
 public abstract LDAPObject GetUserBySid(LDAPSupportSettings settings, string sid);
Exemplo n.º 26
0
 public abstract List <LDAPObject> GetUsersFromPrimaryGroup(LDAPSupportSettings settings, string primaryGroupId);
Exemplo n.º 27
0
 public abstract List <LDAPObject> GetUsersByAttributesAndFilter(LDAPSupportSettings settings, string filter);
Exemplo n.º 28
0
 public abstract LDAPObject GetDomain(LDAPSupportSettings settings);
Exemplo n.º 29
0
        public override byte CheckSettings(LDAPSupportSettings settings, LDAPUserImporter importer, bool acceptCertificate = false)
        {
            // call static constructor of MonitorEventRequest class
            MonitorEventRequest.RegisterResponseTypes = true;
            novellLdapHelper.AcceptCertificate        = acceptCertificate;
            if (!settings.EnableLdapAuthentication)
            {
                return(OPERATION_OK);
            }
            string password = GetPassword(settings.PasswordBytes);

            if (settings.Server.Equals("LDAP://", StringComparison.InvariantCultureIgnoreCase))
            {
                return(WRONG_SERVER_OR_PORT);
            }
            try
            {
                if (settings.Authentication)
                {
                    CheckCredentials(settings.Login, password, settings.Server, settings.PortNumber, settings.StartTls);
                }
            }
            catch (NovellLdapTlsCertificateRequestedException ex)
            {
                CertificateConfirmRequest = ex.CertificateConfirmRequest;
                return(CERTIFICATE_REQUEST);
            }
            catch (NotSupportedException)
            {
                return(TLS_NOT_SUPPORTED);
            }
            catch (InvalidOperationException)
            {
                return(CONNECT_ERROR);
            }
            catch (ArgumentException)
            {
                return(WRONG_SERVER_OR_PORT);
            }
            catch (SecurityException)
            {
                return(STRONG_AUTH_REQUIRED);
            }
            catch (SystemException)
            {
                return(WRONG_SERVER_OR_PORT);
            }
            catch (Exception)
            {
                return(CREDENTIALS_NOT_VALID);
            }
            if (!CheckUserDN(settings.UserDN, settings.Server, settings.PortNumber,
                             settings.Authentication, settings.Login, password, settings.StartTls))
            {
                return(WRONG_USER_DN);
            }
            try
            {
                importer.AllDomainUsers = novellLdapHelper.GetUsersByAttributes(settings);
            }
            catch (Exception ex)
            {
                log.ErrorFormat("Incorrect filter. userFilter = {0}, {1}", settings.UserFilter, ex);
                return(INCORRECT_LDAP_FILTER);
            }
            if (importer.AllDomainUsers == null || importer.AllDomainUsers.Count == 0)
            {
                log.ErrorFormat("Any user is not found. userDN = {0}", settings.UserDN);
                return(USERS_NOT_FOUND);
            }
            foreach (var user in importer.AllDomainUsers)
            {
                if (!CheckLoginAttribute(user, settings.LoginAttribute))
                {
                    return(WRONG_LOGIN_ATTRIBUTE);
                }
                if (user.Sid == null)
                {
                    return(WRONG_SID_ATTRIBUTE);
                }
            }
            if (settings.GroupMembership)
            {
                if (!CheckGroupDN(settings.GroupDN, settings.Server, settings.PortNumber,
                                  settings.Authentication, settings.Login, password, settings.StartTls))
                {
                    return(WRONG_GROUP_DN);
                }
                try
                {
                    importer.DomainGroups = novellLdapHelper.GetGroupsByAttributes(settings);
                }
                catch (Exception ex)
                {
                    log.ErrorFormat("Incorrect filter. groupFilter = {0}, {1}", settings.GroupFilter, ex);
                    return(INCORRECT_GROUP_LDAP_FILTER);
                }
                if (importer.DomainGroups == null || importer.DomainGroups.Count == 0)
                {
                    log.ErrorFormat("Any group is not found. groupDN = {0}", settings.GroupDN);
                    return(GROUPS_NOT_FOUND);
                }
                foreach (var group in importer.DomainGroups)
                {
                    if (!CheckGroupAttribute(group, settings.GroupAttribute))
                    {
                        return(WRONG_GROUP_ATTRIBUTE);
                    }
                    if (!CheckGroupNameAttribute(group, settings.GroupNameAttribute))
                    {
                        return(WRONG_GROUP_NAME_ATTRIBUTE);
                    }
                    if (group.Sid == null)
                    {
                        return(WRONG_SID_ATTRIBUTE);
                    }
                }
                foreach (var user in importer.AllDomainUsers)
                {
                    if (!CheckUserAttribute(user, settings.UserAttribute))
                    {
                        return(WRONG_USER_ATTRIBUTE);
                    }
                }
            }
            return(OPERATION_OK);
        }
Exemplo n.º 30
0
        private void PrepareSettings(LDAPSupportSettings settings)
        {
            if (settings == null)
            {
                Logger.Error("Wrong LDAP settings were received from client.");
                Error = Resource.LdapSettingsErrorCantGetLdapSettings;
                return;
            }

            if (!settings.EnableLdapAuthentication)
            {
                settings.Password = string.Empty;
                return;
            }

            if (!string.IsNullOrWhiteSpace(settings.Server))
            {
                settings.Server = settings.Server.Trim();
            }
            else
            {
                Logger.Error("settings.Server is null or empty.");
                Error = Resource.LdapSettingsErrorCantGetLdapSettings;
                return;
            }

            if (!settings.Server.StartsWith("LDAP://"))
            {
                settings.Server = "LDAP://" + settings.Server;
            }

            if (!string.IsNullOrWhiteSpace(settings.UserDN))
            {
                settings.UserDN = settings.UserDN.Trim();
            }
            else
            {
                Logger.Error("settings.UserDN is null or empty.");
                Error = Resource.LdapSettingsErrorCantGetLdapSettings;
                return;
            }

            if (!string.IsNullOrWhiteSpace(settings.LoginAttribute))
            {
                settings.LoginAttribute = settings.LoginAttribute.Trim();
            }
            else
            {
                Logger.Error("settings.LoginAttribute is null or empty.");
                Error = Resource.LdapSettingsErrorCantGetLdapSettings;
                return;
            }

            if (!string.IsNullOrWhiteSpace(settings.UserFilter))
            {
                settings.UserFilter = settings.UserFilter.Trim();
            }

            if (!string.IsNullOrWhiteSpace(settings.FirstNameAttribute))
            {
                settings.FirstNameAttribute = settings.FirstNameAttribute.Trim();
            }

            if (!string.IsNullOrWhiteSpace(settings.SecondNameAttribute))
            {
                settings.SecondNameAttribute = settings.SecondNameAttribute.Trim();
            }

            if (!string.IsNullOrWhiteSpace(settings.MailAttribute))
            {
                settings.MailAttribute = settings.MailAttribute.Trim();
            }

            if (!string.IsNullOrWhiteSpace(settings.TitleAttribute))
            {
                settings.TitleAttribute = settings.TitleAttribute.Trim();
            }

            if (!string.IsNullOrWhiteSpace(settings.MobilePhoneAttribute))
            {
                settings.MobilePhoneAttribute = settings.MobilePhoneAttribute.Trim();
            }

            if (settings.GroupMembership)
            {
                if (!string.IsNullOrWhiteSpace(settings.GroupDN))
                {
                    settings.GroupDN = settings.GroupDN.Trim();
                }
                else
                {
                    Logger.Error("settings.GroupDN is null or empty.");
                    Error = Resource.LdapSettingsErrorCantGetLdapSettings;
                    return;
                }

                if (!string.IsNullOrWhiteSpace(settings.GroupFilter))
                {
                    settings.GroupFilter = settings.GroupFilter.Trim();
                }

                if (!string.IsNullOrWhiteSpace(settings.GroupAttribute))
                {
                    settings.GroupAttribute = settings.GroupAttribute.Trim();
                }
                else
                {
                    Logger.Error("settings.GroupAttribute is null or empty.");
                    Error = Resource.LdapSettingsErrorCantGetLdapSettings;
                    return;
                }

                if (!string.IsNullOrWhiteSpace(settings.UserAttribute))
                {
                    settings.UserAttribute = settings.UserAttribute.Trim();
                }
                else
                {
                    Logger.Error("settings.UserAttribute is null or empty.");
                    Error = Resource.LdapSettingsErrorCantGetLdapSettings;
                    return;
                }
            }

            if (WorkContext.IsMono)
            {
                settings.Authentication = true;
            }

            if (!settings.Authentication)
            {
                settings.Password = string.Empty;
                return;
            }

            if (!string.IsNullOrWhiteSpace(settings.Login))
            {
                settings.Login = settings.Login.Trim();
            }
            else
            {
                Logger.Error("settings.Login is null or empty.");
                Error = Resource.LdapSettingsErrorCantGetLdapSettings;
                return;
            }

            if (settings.PasswordBytes == null || !settings.PasswordBytes.Any())
            {
                if (!string.IsNullOrEmpty(settings.Password))
                {
                    settings.PasswordBytes =
                        InstanceCrypto.Encrypt(new UnicodeEncoding().GetBytes(settings.Password));
                }
                else
                {
                    Logger.Error("settings.Password is null or empty.");
                    Error = Resource.LdapSettingsErrorCantGetLdapSettings;
                    return;
                }
            }

            settings.Password = string.Empty;
        }