private string CheckOUExists(ADServer server, string[] OUs, out bool success)
{
var starTime = DateTime.Now;
string errors = "";
success = false;
foreach (var OU in OUs)
{
string destPath = server.path + "/" + OU;
for (int trials = 0; trials < 6; trials++)
{
if (DateTime.Now.Subtract(starTime).TotalSeconds > 60)
{
success = false;
return("Unable to connect to [" + server.ToString() + "]");
}
try
{
using (var destOU = new DirectoryEntry(destPath, server.ServerUserName, server.ServerPassword, server.authTypes))
{
var n = destOU.Name.ToString();
success = true;
log.LogDebug(" found OU: " + destPath);
break;
}
}
catch (Exception e)
{
var msg = "Fail to check OU [" + OU + "] in " + server.ToString(); // ""specified in config";
// if (e.HResult == -2147016661 || e.HResult == -2147016656) //0x8007202b. A referral was returned from the server
if (trials == 0)
{
errors += msg + ". " + e.Message;
}
if (e.HResult == -2147016656 || // object not found
e.HResult == -2147023570 || // user name or passw incorrect
e.HResult == -2147016672 || // An operations error occurred.
e.HResult == -2147016661 // 0x8007202b. A referral was returned from the server
)
{
break;
}
else
{
// if -2147016646 //server is not operational
// and other errors means that server is down or not responding
Thread.Sleep(10 * 1000);
}
}
} // tries
}
return(errors);
}
public PollAD(ADServer server, IDictionary <string, string> prevHighUSNs, bool loadAll)
{
usersProperties = new List <UserProperties>();
currentHighUSN = null;
string prevHighUSN;
using (LdapConnection connection = server.getLapConnection)
{
var filter = "(&(objectClass=*))";
var searchRequest = new SearchRequest(null, filter, System.DirectoryServices.Protocols.SearchScope.Base, "highestCommittedUSN", "DnsHostName", "dsServiceName", "objectSID");
var response = connection.SendRequest(searchRequest) as SearchResponse;
currentHighUSN = Convert.ToString(response.Entries[0].Attributes["highestcommittedusn"][0]);
//Console.WriteLine(" currentHighUSN: " + currentHighUSN);
// Get the name of the DC connected to.
dnsHostName = Convert.ToString(response.Entries[0].Attributes["DnsHostName"][0]);
//Console.WriteLine(" dns: " + dnsHostName);
// Bind to the DC service object to get the invocationID.
// The dsServiceName property of root DSE contains the distinguished
// name of this DC service object.
dsServiceName = Convert.ToString(response.Entries[0].Attributes["dsServiceName"][0]);
}
using (DirectoryEntry rootDSE = new DirectoryEntry(server.path, server.ServerUserName, server.ServerPassword, server.authTypes))
{
using (DirectoryEntry dcService = new DirectoryEntry(server.path + @"/" + dsServiceName, server.ServerUserName, server.ServerPassword, server.authTypes))
{
// instanceID of AD database:
workInvocationID = BitConverter.ToString((byte[])dcService.Properties["invocationID"].Value);
//Console.WriteLine(" InvocationID = " + workInvocationID);
// Compare it to the DC name from the previous USN sync operation.
// Each invocationID has each own highestCommittedUSN !
if (loadAll || prevHighUSNs == null)
{
prevHighUSN = "0"; // initialize mode. Load All accounts.
}
else if (!prevHighUSNs.TryGetValue(workInvocationID, out prevHighUSN))
{
prevHighUSN = null; // AD server is polled first time.
}
#if DEBUG
//foreach (var prop in dcService.SchemaEntry.Properties)
//{
// string propName = prop.ToString();
// var propValue = dcService.SchemaEntry.Properties[propName].Value;
// Console.WriteLine(propName + "=" + propValue);
//}
#endif
}
log.LogDebug(server.ToString() + ". currentUSN=" + currentHighUSN);
if (String.IsNullOrEmpty(prevHighUSN))
{
log.LogDebug("FIRST launch. Skip polling. Set currentUSN=" + currentHighUSN);
return; // first launch. Just set currentHighUSN and return.
}
if (Equals(prevHighUSN, currentHighUSN))
{
return; // no changes since last update
}
if (prevHighUSN == "0")
{
log.LogWarn("Load all users from [" + server.ToString() + "] ...");
}
LoadUsersByFilter(server, rootDSE, string.Format("(&(objectClass=user)(objectCategory=person)(uSNChanged>={0})(!(uSNChanged={0})))", prevHighUSN));
if (prevHighUSN != "0") // only for realtime mode
{
LoadUsersByGroups(server, rootDSE, prevHighUSN);
}
return;
}
}
private void LoadUsersByFilter(ADServer server, DirectoryEntry rootDSE, string filter)
{
using (DirectorySearcher ds = new DirectorySearcher(rootDSE))
{
// if '>=' then we get last update twice
// Note that the operators "<" and ">" are not supported. See "LDAP syntax filter clause"
ds.Filter = filter;
ds.SizeLimit = 0; // unlimited
ds.PageSize = 1000;
IList <string> propsToLoad = server.SourceDest.StartsWith("source", StringComparison.OrdinalIgnoreCase) ? propNamesSource : propNamesDestination;
foreach (var p in propsToLoad)
{
ds.PropertiesToLoad.Add(p);
}
using (SearchResultCollection results = ds.FindAll())
{
var cnt = results.Count;
if (results != null && cnt > 0)
{
log.LogInfo("Reading " + cnt + " account(s) from " + server.ToString() + ". Current USN='" + CurrentHighUSN + "'. InvocationID='" + GetInvocationID + "'");
foreach (SearchResult user in results)
{
#if DEBUG
//foreach (var p in user.Properties)
//{
// var prop = (ResultPropertyValueCollection)((System.Collections.DictionaryEntry)p).Value;
// var propVal = (prop.Count > 0) ? Convert.ToString(prop[0]) : null;
// Console.WriteLine(((System.Collections.DictionaryEntry)p).Key + "=" + propVal);
//}
#endif
//var user = r.GetDirectoryEntry();
var objectSID = user.Properties.Contains("objectSID") ? (new SecurityIdentifier(((byte[])user.Properties["objectSID"][0]), 0)).ToString() : string.Empty;
var dnProp = user.Properties["distinguishedName"];
var dn = (dnProp.Count > 0) ? Convert.ToString(dnProp[0]) : null;
// simbols '{}' are special for Format. So replace them in DN.
if (cnt <= 20)
{
log.LogInfo(" Read samAccountName='" + user.Properties["samAccountName"][0] + "', objectSID='" + objectSID + "', DN='" + dn.Replace('{', '(').Replace('}', ')') + "'");
}
UserProperties props = new UserProperties(propsToLoad.Count, StringComparer.OrdinalIgnoreCase);
//var groups = GetGroups(domainCtx, (string)user.Properties["samAccountName"][0]);
foreach (var p in propsToLoad)
{
var prop = user.Properties[p];
if ("objectSID".Equals(p, StringComparison.OrdinalIgnoreCase))
{
props.Add(p, new string[] { objectSID });
}
else if (prop.Count > 0)// multi-value support ("memberof".Equals(p, StringComparison.OrdinalIgnoreCase))
{
var stringColl = ConvertToStrings(prop);
props.Add(p, stringColl);
}
else
{
props.Add(p, null); // property is set to null in AD
}
}
usersProperties.Add(props);
}
}
}
}
}
