public override object GetParametersInstance() { ActiveDirectoryHandlerParameters parms = new ActiveDirectoryHandlerParameters(); parms.Users = new List <AdUser>(); AdUser user = new AdUser(); user.Identity = "cn=mfox,ou=FamousActors,dc=sandbox,dc=local"; parms.Users.Add(user); parms.Groups = new List <AdGroup>(); AdGroup group = new AdGroup(); group.Identity = "cn=BackToTheFuture,ou=Movies,dc=sandbox,dc=local"; parms.Groups.Add(group); parms.OrganizationalUnits = new List <AdOrganizationalUnit>(); AdOrganizationalUnit ou = new AdOrganizationalUnit(); ou.Identity = "ou=Movies,dc=sandbox,dc=local"; parms.OrganizationalUnits.Add(ou); parms.SearchRequests = new List <AdSearchRequest>(); AdSearchRequest search = new AdSearchRequest(); search.SearchBase = "ou=Synapse,dc=sandbox,dc=local"; search.Filter = "(objectClass=User)"; search.ReturnAttributes = new List <string>(); search.ReturnAttributes.Add("Name"); search.ReturnAttributes.Add("objectGUID"); parms.SearchRequests.Add(search); return(parms); }
public ActiveDirectoryHandlerResults ModifyOrgUnit(string identity, AdOrganizationalUnit ou, string domain = null) { string planName = config.Plans.OrganizationalUnit.Modify; StartPlanEnvelope pe = GetPlanEnvelope(BuildIdentity(domain, identity), ou); return(CallPlan(planName, pe)); }
public ActiveDirectoryHandlerResults CreateOrgUnit(string identity, AdOrganizationalUnit ou) { string planName = config.Plans.OrganizationalUnit.Create; StartPlanEnvelope pe = GetPlanEnvelope(identity, ou); return(CallPlan(planName, pe)); }
private void ProcessDelete(AdObject obj, bool returnObject = false) { ActiveDirectoryObjectResult result = new ActiveDirectoryObjectResult() { Type = obj.Type, Identity = obj.Identity }; ActiveDirectoryStatus status = new ActiveDirectoryStatus() { Action = config.Action, Status = AdStatusType.Success, Message = "Success", }; try { roleManager.CanPerformActionOrException(requestUser, ActionType.Delete, obj.Identity); switch (obj.Type) { case AdObjectType.User: AdUser user = (AdUser)obj; DirectoryServices.DeleteUser(user.Identity); result.Statuses.Add(status); break; case AdObjectType.Group: AdGroup group = (AdGroup)obj; DirectoryServices.DeleteGroup(group.Identity, isDryRun); result.Statuses.Add(status); break; case AdObjectType.OrganizationalUnit: AdOrganizationalUnit ou = (AdOrganizationalUnit)obj; DirectoryServices.DeleteOrganizationUnit(ou.Identity); result.Statuses.Add(status); break; default: throw new AdException("Action [" + config.Action + "] Not Implemented For Type [" + obj.Type + "]", AdStatusType.NotSupported); } String message = $"{obj.Type} [{obj.Identity}] Deleted."; OnLogMessage("ProcessDelete", message); } catch (AdException ex) { ProcessActiveDirectoryException(result, ex, status.Action); } catch (Exception e) { OnLogMessage("ProcessDelete", e.Message); OnLogMessage("ProcessDelete", e.StackTrace); AdException le = new AdException(e); ProcessActiveDirectoryException(result, le, status.Action); } results.Add(result); }
// Create and Modify Organizational Unit By DistinguishedName private StartPlanEnvelope GetPlanEnvelope(string identity, AdOrganizationalUnit ou) { StartPlanEnvelope pe = GetPlanEnvelope(identity); if (ou != null) { if (!string.IsNullOrWhiteSpace(ou.Description)) { pe.DynamicParameters.Add(@"description", ou.Description); } if (ou.ManagedBy != null) { pe.DynamicParameters.Add(@"managedby", ou.ManagedBy); } AddPropertiesToPlan(pe, ou.Properties); } return(pe); }
private object GetActiveDirectoryObject(AdObject obj) { switch (obj.Type) { case AdObjectType.User: AdUser user = (AdUser)obj; UserPrincipalObject upo = null; upo = DirectoryServices.GetUser(user.Identity, config.ReturnGroupMembership, config.ReturnAccessRules, config.ReturnObjectProperties); if (upo == null) { throw new AdException($"User [{user.Identity}] Was Not Found.", AdStatusType.DoesNotExist); } return(upo); case AdObjectType.Group: AdGroup group = (AdGroup)obj; GroupPrincipalObject gpo = null; gpo = DirectoryServices.GetGroup(group.Identity, config.ReturnGroupMembership, config.ReturnAccessRules, config.ReturnObjectProperties); if (gpo == null) { throw new AdException($"Group [{group.Identity}] Was Not Found.", AdStatusType.DoesNotExist); } return(gpo); case AdObjectType.OrganizationalUnit: AdOrganizationalUnit ou = (AdOrganizationalUnit)obj; OrganizationalUnitObject ouo = null; ouo = DirectoryServices.GetOrganizationalUnit(ou.Identity, config.ReturnAccessRules, config.ReturnObjectProperties); if (ouo == null) { throw new AdException($"Organizational Unit [{ou.Identity}] Was Not Found.", AdStatusType.DoesNotExist); } return(ouo); default: throw new AdException("Action [" + config.Action + "] Not Implemented For Type [" + obj.Type + "]", AdStatusType.NotSupported); } }
private void ProcessModify(AdObject obj, bool returnObject = true) { ActiveDirectoryObjectResult result = new ActiveDirectoryObjectResult() { Type = obj.Type, Identity = obj.Identity }; ActiveDirectoryStatus status = new ActiveDirectoryStatus() { Action = config.Action, Status = AdStatusType.Success, Message = "Success", }; try { string statusAction = "Modified"; switch (obj.Type) { case AdObjectType.User: AdUser user = (AdUser)obj; UserPrincipal up = null; if (config.UseUpsert && !DirectoryServices.IsExistingUser(obj.Identity)) { if (DirectoryServices.IsDistinguishedName(obj.Identity)) { String path = DirectoryServices.GetParentPath(obj.Identity); roleManager.CanPerformActionOrException(requestUser, ActionType.Create, path); up = user.CreateUserPrincipal(); statusAction = "Created"; } else { throw new AdException($"Identity [{obj.Identity}] Must Be A Distinguished Name For User Creation.", AdStatusType.MissingInput); } } else { roleManager.CanPerformActionOrException(requestUser, ActionType.Modify, obj.Identity); up = DirectoryServices.GetUserPrincipal(obj.Identity); if (up == null) { throw new AdException($"User [{obj.Identity}] Not Found.", AdStatusType.DoesNotExist); } user.UpdateUserPrincipal(up); } DirectoryServices.SaveUser(up, isDryRun); OnLogMessage("ProcessModify", obj.Type + " [" + obj.Identity + "] " + statusAction + "."); if (user.Groups != null) { ProcessGroupAdd(user, false); } result.Statuses.Add(status); break; case AdObjectType.Group: AdGroup group = (AdGroup)obj; GroupPrincipal gp = null; if (config.UseUpsert && !DirectoryServices.IsExistingGroup(obj.Identity)) { if (DirectoryServices.IsDistinguishedName(obj.Identity)) { String path = DirectoryServices.GetParentPath(obj.Identity); roleManager.CanPerformActionOrException(requestUser, ActionType.Create, path); gp = group.CreateGroupPrincipal(); statusAction = "Created"; } else { throw new AdException($"Identity [{obj.Identity}] Must Be A Distinguished Name For Group Creation.", AdStatusType.MissingInput); } } else { roleManager.CanPerformActionOrException(requestUser, ActionType.Modify, obj.Identity); gp = DirectoryServices.GetGroupPrincipal(obj.Identity); if (gp == null) { throw new AdException($"Group [{obj.Identity}] Not Found.", AdStatusType.DoesNotExist); } group.UpdateGroupPrincipal(gp); } DirectoryServices.SaveGroup(gp, isDryRun); OnLogMessage("ProcessModify", obj.Type + " [" + obj.Identity + "] " + statusAction + "."); if (group.Groups != null) { ProcessGroupAdd(group, false); } result.Statuses.Add(status); break; case AdObjectType.OrganizationalUnit: AdOrganizationalUnit ou = (AdOrganizationalUnit)obj; // Get DistinguishedName from User or Group Identity for ManagedBy Property if (!String.IsNullOrWhiteSpace(ou.ManagedBy)) { if (ou.Properties == null) { ou.Properties = new Dictionary <string, List <string> >(); } if (!ou.Properties.ContainsKey("managedBy")) { String distinguishedName = DirectoryServices.GetDistinguishedName(ou.ManagedBy); if (distinguishedName == null) { distinguishedName = ou.ManagedBy; } List <String> values = new List <string>() { distinguishedName }; ou.Properties.Add("managedBy", values); } } if (config.UseUpsert && !DirectoryServices.IsExistingDirectoryEntry(obj.Identity)) { if (DirectoryServices.IsDistinguishedName(obj.Identity)) { String path = DirectoryServices.GetParentPath(obj.Identity); roleManager.CanPerformActionOrException(requestUser, ActionType.Create, path); if (!String.IsNullOrWhiteSpace(ou.Description)) { DirectoryServices.AddProperty(ou.Properties, "description", ou.Description); } DirectoryServices.CreateOrganizationUnit(obj.Identity, ou.Properties, isDryRun); statusAction = "Created"; } else { throw new AdException($"Identity [{obj.Identity}] Must Be A Distinguished Name For Organizational Unit Creation.", AdStatusType.MissingInput); } } else { roleManager.CanPerformActionOrException(requestUser, ActionType.Modify, obj.Identity); if (!String.IsNullOrWhiteSpace(ou.Description)) { DirectoryServices.AddProperty(ou.Properties, "description", ou.Description); } DirectoryServices.ModifyOrganizationUnit(ou.Identity, ou.Properties, isDryRun); } OnLogMessage("ProcessModify", obj.Type + " [" + obj.Identity + "] " + statusAction + "."); result.Statuses.Add(status); break; default: throw new AdException("Action [" + config.Action + "] Not Implemented For Type [" + obj.Type + "]", AdStatusType.NotSupported); } if (returnObject) { result.Object = GetActiveDirectoryObject(obj); } } catch (AdException ex) { ProcessActiveDirectoryException(result, ex, status.Action); } catch (Exception e) { OnLogMessage("ProcessCreate", e.Message); OnLogMessage("ProcessCreate", e.StackTrace); AdException le = new AdException(e); ProcessActiveDirectoryException(result, le, status.Action); } results.Add(result); }