public HttpResponseMessage Delete(string computer, [FromUri] string accessToken) { bool isAuth = CheckpointAuth.CheckCheckpointToken(accessToken); HttpResponseMessage response = new HttpResponseMessage(); ComputerAccountResult result = new ComputerAccountResult(); if (isAuth) { result = ActiveDirectory.DeleteComputerAccount(computer); response = Request.CreateResponse(HttpStatusCode.OK, result); } else { result.action = "delete"; result.message = "Invalid token."; result.serverName = computer; response = Request.CreateResponse(HttpStatusCode.Forbidden, result); } return(response); }
/// <summary> /// This method receives a string containing the server name, and deletes it's computer account. /// </summary> /// <param name="serverName">a string containing the server name.</param> /// <returns>A ComputerAccountResult containing the action performed, a success/failure message, /// the name of the server which the computer account belongs to and the path of the object in AD.</returns> public static ComputerAccountResult DeleteComputerAccount(string serverName) { // Set up the result object. ComputerAccountResult result = new ComputerAccountResult() { action = "delete", message = string.Empty, serverName = serverName, objectADPath = string.Empty }; // Set up domain context. PrincipalContext pc = new PrincipalContext(ContextType.Domain, Domain); // Check if an existing computer account exists in AD. ComputerPrincipal computer = ComputerPrincipal.FindByIdentity(pc, serverName); if (computer != null) { result.objectADPath = computer.DistinguishedName; computer.Delete(); result.message = "Computer Account deleted successfully."; } else { result.message = "No such Computer Account."; } return(result); }
public static ComputerAccountResult GenerateResultForTooLongCANameProd() { ComputerAccountResult result = new ComputerAccountResult(); result.action = "create"; result.message = "Computer Account name longer than 15 characters."; result.serverName = TestConstants.TooLongComputerAccountNameProd; return(result); }
public static ComputerAccountResult GenerateResultForInvalidEnvironmentTest() { ComputerAccountResult result = new ComputerAccountResult(); result.action = "create"; result.message = "Invalid site/environment provided."; result.serverName = TestConstants.NewComputerAccountTest; result.objectADPath = string.Empty; return(result); }
public static ComputerAccountResult GenerateResultForNonExistingCADeleteProd(string site) { ComputerAccountResult result = new ComputerAccountResult(); result.action = "delete"; result.serverName = TestConstants.NonExistingComputerAccountToDeleteProd; result.message = "No such Computer Account."; result.objectADPath = string.Empty; return(result); }
public static ComputerAccountResult GenerateResultForCADeleteProd(string site) { ComputerAccountResult result = new ComputerAccountResult(); result.action = "delete"; result.serverName = TestConstants.NewComputerAccountProd; result.message = "Computer Account deleted successfully."; result.objectADPath = $"CN={TestConstants.NewComputerAccountProd},OU={TestConstants.ExistingOrganizationalUnitProd},OU={site},[DEFAULT_DIRECTORY_PATH]"; return(result); }
public static ComputerAccountResult GenerateResultForExistingCAInProd(string site) { ComputerAccountResult result = new ComputerAccountResult(); result.action = "create"; result.message = "Computer Account already exists."; result.serverName = TestConstants.ExistingComputerAccountProd; site = StringHandler.ToTitleCase(site); result.objectADPath = $"CN={TestConstants.ExistingComputerAccountProd},OU={TestConstants.ExistingOrganizationalUnitProd},OU={site},[DEFAULT_DIRECTORY_PATH]"; return(result); }
public static ComputerAccountResult GenerateResultForNewCAInProd(bool newOU, string site) { ComputerAccountResult result = new ComputerAccountResult(); result.action = "create"; result.message = "Computer Account created successfully."; result.serverName = TestConstants.NewComputerAccountProd; site = StringHandler.ToTitleCase(site); if (newOU) { result.objectADPath = $"LDAP://CN={TestConstants.NewComputerAccountProd},OU={TestConstants.NewOrganizationalUnitProd},OU={site},[DEFAULT_DIRECTORY_PATH]"; } else { result.objectADPath = $"LDAP://CN={TestConstants.NewComputerAccountProd},OU={TestConstants.ExistingOrganizationalUnitProd},OU={site},[DEFAULT_DIRECTORY_PATH]"; } return(result); }
public HttpResponseMessage Post([FromUri] string accessToken, [FromBody] ComputerAccountRequest caRequest) { bool isAuth = CheckpointAuth.CheckCheckpointToken(accessToken); HttpResponseMessage response = new HttpResponseMessage(); ComputerAccountResult result = new ComputerAccountResult(); if (isAuth) { if (caRequest.serverName.Length > 15) { result.action = "create"; result.message = "Computer Account name longer than 15 characters."; result.serverName = caRequest.serverName; response = Request.CreateResponse(HttpStatusCode.BadRequest, result); } else { result = ActiveDirectory.CreateComputerAccount(caRequest); response = Request.CreateResponse(HttpStatusCode.OK, result); } } else { result.action = "create"; result.message = "Invalid token."; result.serverName = caRequest.serverName; response = Request.CreateResponse(HttpStatusCode.Forbidden, result); } return(response); }
/// <summary> /// This method receives a ComputerAccountRequest object containing the server name, /// The site name and the project name and creates the computer account, a new OU /// will be created if necessary. /// </summary> /// <param name="request">A ComputerAccountRequest object containing the server name, /// the site name and the project name.</param> public static void CreateComputerAccountVoid(ComputerAccountRequest request) { // Set up the result object. ComputerAccountResult result = new ComputerAccountResult() { action = "create", message = string.Empty, serverName = request.serverName, objectADPath = string.Empty }; // Set up domain context. PrincipalContext pc = new PrincipalContext(ContextType.Domain, Domain); // Check if an existing computer account exists in AD. ComputerPrincipal computer = ComputerPrincipal.FindByIdentity(pc, request.serverName); // Creating DirectoryEntry object. DirectoryEntry adSiteRoot; DirectoryEntry newOU; DirectoryEntry newCA; while (computer != null) { computer = ComputerPrincipal.FindByIdentity(pc, request.serverName); } if (computer == null) { // No such computer account, creating. // Initializing DirectoryEntry object. adSiteRoot = GetDirectoryEntryBySite(request); if (adSiteRoot == null) { result.message = "Invalid site/environment provided."; result.objectADPath = string.Empty; } else { // Generating path of the target OU by project name. newOU = adSiteRoot.Children.Add($"OU={request.projectName}", "OrganizationalUnit"); // Checking if the OU already exists. if (!DirectoryEntry.Exists(newOU.Path)) { // OU doesn't exist, Creating new OU for the Computer Account. newOU.CommitChanges(); } // Creating new Computer Account in the OU. newCA = newOU.Children.Add($"CN={request.serverName}", "computer"); // Applying Server Name in uppercase as the sAMAccountName because by default AD generates a random // GUID for new servers. // Adding a trailing $ due to pre-windows 2000 server name requirements. newCA.Properties["sAMAccountName"].Value = request.serverName.ToUpper() + "$"; // Defining the properties PASSWD_NOTREQD and WORKSTATION_TRUST_ACCOUNT. newCA.Properties["userAccountControl"].Value = 0x1020; newCA.CommitChanges(); result.message = "Computer Account created successfully."; result.objectADPath = newCA.Path; } } else { // Computer already exists in AD. result.message = "Computer Account already exists."; result.objectADPath = computer.DistinguishedName; } }