/// <summary> /// DoImportUser method implementation /// </summary> private void DoImportUser(DirectoryEntry DirEntry, MFAUniqueUserList users, UsersADDSRecord Parameters, bool disableall = false) { if (DirEntry.Properties["objectGUID"].Value != null) { MFAUser reg = new MFAUser(); try { reg.ID = new Guid((byte[])DirEntry.Properties["objectGUID"].Value).ToString(); if (DirEntry.Properties[ADDSClaimsUtilities.GetADDSUserAttribute()] != null) { if (DirEntry.Properties[ADDSClaimsUtilities.GetADDSUserAttribute()].Count > 0) { reg.UPN = DirEntry.Properties[ADDSClaimsUtilities.GetADDSUserAttribute()][0].ToString(); if (!string.IsNullOrEmpty(Parameters.MailAttribute)) { if (DirEntry.Properties[Parameters.MailAttribute].Value != null) { reg.MailAddress = DirEntry.Properties[Parameters.MailAttribute].Value.ToString(); } } else { if (DirEntry.Properties["otherMailbox"].Value != null) { reg.MailAddress = DirEntry.Properties["otherMailbox"].Value.ToString(); } else if (DirEntry.Properties["mail"].Value != null) { reg.MailAddress = DirEntry.Properties["mail"].Value.ToString(); } } if (!string.IsNullOrEmpty(Parameters.PhoneAttribute)) { if (DirEntry.Properties[Parameters.PhoneAttribute].Value != null) { reg.PhoneNumber = DirEntry.Properties[Parameters.PhoneAttribute].Value.ToString(); } } else { if (DirEntry.Properties["mobile"].Value != null) { reg.PhoneNumber = DirEntry.Properties["mobile"].Value.ToString(); } else if (DirEntry.Properties["otherMobile"].Value != null) { reg.PhoneNumber = DirEntry.Properties["otherMobile"].Value.ToString(); } else if (DirEntry.Properties["telephoneNumber"].Value != null) { reg.PhoneNumber = DirEntry.Properties["telephoneNumber"].Value.ToString(); } } reg.PreferredMethod = Parameters.Method; reg.OverrideMethod = string.Empty; if (disableall) { reg.Enabled = false; } else if (DirEntry.Properties["userAccountControl"] != null) { int v = Convert.ToInt32(DirEntry.Properties["userAccountControl"].Value); reg.Enabled = ((v & 2) == 0); } else { reg.Enabled = true; } users.AddOrUpdate(reg); } } } catch (Exception ex) { DataLog.WriteEntry("User ID : " + reg.ID + " Error : " + ex.Message, System.Diagnostics.EventLogEntryType.Error, 20104); } } }
/// <summary> /// CheckMFAUser method implmentation /// </summary> private bool CheckMFAUser(UsersADDSRecord Parameters, string identity) { try { using (DirectoryEntry rootdir = ADDSUtils.GetDirectoryEntry(Parameters.DomainName, Parameters.UserName, Parameters.Password)) { string qryldap = "(&(objectCategory=person)(objectClass=user)(" + ADDSClaimsUtilities.GetADDSSearchAttribute() + "=" + identity + "))"; using (DirectorySearcher dsusr = new DirectorySearcher(rootdir, qryldap)) { dsusr.PropertiesToLoad.Clear(); dsusr.PropertiesToLoad.Add("objectGUID"); dsusr.PropertiesToLoad.Add("userPrincipalName"); dsusr.PropertiesToLoad.Add("sAMAccountName"); dsusr.PropertiesToLoad.Add("msDS-PrincipalName"); dsusr.ReferralChasing = ReferralChasingOption.All; SearchResult sr = dsusr.FindOne(); if (sr != null) { return(sr.Properties["objectGUID"][0] != null); } } } } catch (Exception ex) { DataLog.WriteEntry(ex.Message, System.Diagnostics.EventLogEntryType.Error, 5000); // throw new Exception(ex.Message); } return(false); }
/// <summary> /// CleanMFAUsers method implementation /// </summary> public virtual List <string> CleanMFAUsers(UsersADDSRecord Parameters) { MFAUniqueDeletedUserList registrations = new MFAUniqueDeletedUserList(); try { using (DirectoryEntry rootdir = ADDSUtils.GetDirectoryEntry(Parameters.DomainName, Parameters.UserName, Parameters.Password)) { string qryldap = string.Empty; qryldap = "(&(objectClass=user)(isDeleted=TRUE))"; using (DirectorySearcher dsusr = new DirectorySearcher(rootdir, qryldap)) { AddPropertiesToLoadForDeleted(dsusr); dsusr.SizeLimit = 10000; // Set maxrows dsusr.PageSize = 5000; dsusr.ExtendedDN = ExtendedDN.Standard; dsusr.Tombstone = true; SearchResultCollection src = dsusr.FindAll(); if (src != null) { foreach (SearchResult sr in src) { string upn = string.Empty; string sam = string.Empty; if (sr.Properties.Contains("userPrincipalName")) { upn = sr.Properties["userPrincipalName"][0].ToString(); } if (sr.Properties.Contains("sAMAccountName")) { sam = sr.Properties["sAMAccountName"][0].ToString(); } if (!string.IsNullOrEmpty(upn) && !string.IsNullOrEmpty(sam)) { string identity = string.Empty; if (ADDSClaimsUtilities.GetADDSSearchAttribute().Equals("userPrincipalName")) { identity = upn; } else { identity = sam; } if (!CheckMFAUser(Parameters, identity)) { registrations.AddOrUpdate(identity); } } } } } } } catch (Exception ex) { DataLog.WriteEntry(ex.Message, System.Diagnostics.EventLogEntryType.Error, 5100); throw new Exception(ex.Message); } return(registrations); }