public void UpdateGroupPrincipal(GroupPrincipal group) { if (this.SamAccountName != null) { group.SamAccountName = SetValueOrNull(this.SamAccountName); } if (this.Description != null) { group.Description = SetValueOrNull(this.Description); } if (this.IsSecurityGroup != null) { group.IsSecurityGroup = this.IsSecurityGroup; } if (this.Scope != null) { group.GroupScope = this.Scope; } // Get DistinguishedName from User or Group Identity for ManagedBy Property if (this.ManagedBy != null && group.GetUnderlyingObjectType() == typeof(DirectoryEntry)) { String distinguishedName = DirectoryServices.GetDistinguishedName(this.ManagedBy); if (distinguishedName == null) { distinguishedName = this.ManagedBy; // Cant' Find As User Or Group, Pass Raw Value (Might Be ~null~) } DirectoryServices.SetProperty((DirectoryEntry)group.GetUnderlyingObject(), "managedby", distinguishedName); } if (group.GetUnderlyingObjectType() == typeof(DirectoryEntry) && this.Properties?.Count > 0) { DirectoryServices.SetProperties((DirectoryEntry)group.GetUnderlyingObject(), this.Properties); } }
public void UpdateUserPrincipal(UserPrincipal user) { if (this.UserPrincipalName != null) { user.UserPrincipalName = SetValueOrNull(this.UserPrincipalName); } if (this.SamAccountName != null) { user.SamAccountName = SetValueOrNull(this.SamAccountName); } if (this.DisplayName != null) { user.DisplayName = SetValueOrNull(this.DisplayName); } if (this.Description != null) { user.Description = SetValueOrNull(this.Description); } if (this.Enabled != null) { user.Enabled = this.Enabled; } if (this.PermittedLogonTimes != null) { user.PermittedLogonTimes = this.PermittedLogonTimes; } if (this.AccountExpirationDate != null) { user.AccountExpirationDate = this.AccountExpirationDate; } if (this.SmartcardLogonRequired.HasValue) { user.SmartcardLogonRequired = this.SmartcardLogonRequired.Value; } if (this.DelegationPermitted.HasValue) { user.DelegationPermitted = this.DelegationPermitted.Value; } if (this.HomeDirectory != null) { user.HomeDirectory = SetValueOrNull(this.HomeDirectory); } if (this.ScriptPath != null) { user.ScriptPath = SetValueOrNull(this.ScriptPath); } if (this.PasswordNotRequired.HasValue) { user.PasswordNotRequired = this.PasswordNotRequired.Value; } if (this.PasswordNeverExpires.HasValue) { user.PasswordNeverExpires = this.PasswordNeverExpires.Value; } if (this.UserCannotChangePassword.HasValue) { user.UserCannotChangePassword = this.UserCannotChangePassword.Value; } if (this.AllowReversiblePasswordEncryption.HasValue) { user.AllowReversiblePasswordEncryption = this.AllowReversiblePasswordEncryption.Value; } if (this.HomeDrive != null) { user.HomeDrive = SetValueOrNull(this.HomeDrive); } if (this.GivenName != null) { user.GivenName = SetValueOrNull(this.GivenName); } if (this.MiddleName != null) { user.MiddleName = SetValueOrNull(this.MiddleName); } if (this.Surname != null) { user.Surname = (this.Surname == "") ? null : this.Surname; } if (this.EmailAddress != null) { user.EmailAddress = SetValueOrNull(this.EmailAddress); } if (this.VoiceTelephoneNumber != null) { user.VoiceTelephoneNumber = SetValueOrNull(this.VoiceTelephoneNumber); } if (this.EmployeeId != null) { user.EmployeeId = SetValueOrNull(this.EmployeeId); } if (this.Password != null) { user.SetPassword(Password); } if (this.Manager != null && user.GetUnderlyingObjectType() == typeof(DirectoryEntry)) { String distinguishedName = DirectoryServices.GetDistinguishedName(this.Manager); if (distinguishedName == null) { distinguishedName = this.Manager; // Cant' Find As User Or Group, Pass Raw Value (Might Be ~null~) } DirectoryServices.SetProperty((DirectoryEntry)user.GetUnderlyingObject(), "manager", distinguishedName); } if (this.Properties?.Count > 0) { if (user.GetUnderlyingObjectType() == typeof(DirectoryEntry)) { DirectoryServices.SetProperties((DirectoryEntry)user.GetUnderlyingObject(), this.Properties); } } }
private void ProcessModify(AdObject obj, bool returnObject = true) { ActiveDirectoryObjectResult result = new ActiveDirectoryObjectResult() { Type = obj.Type, Identity = obj.Identity }; ActiveDirectoryStatus status = new ActiveDirectoryStatus() { Action = config.Action, Status = AdStatusType.Success, Message = "Success", }; try { string statusAction = "Modified"; switch (obj.Type) { case AdObjectType.User: AdUser user = (AdUser)obj; UserPrincipal up = null; if (config.UseUpsert && !DirectoryServices.IsExistingUser(obj.Identity)) { if (DirectoryServices.IsDistinguishedName(obj.Identity)) { String path = DirectoryServices.GetParentPath(obj.Identity); roleManager.CanPerformActionOrException(requestUser, ActionType.Create, path); up = user.CreateUserPrincipal(); statusAction = "Created"; } else { throw new AdException($"Identity [{obj.Identity}] Must Be A Distinguished Name For User Creation.", AdStatusType.MissingInput); } } else { roleManager.CanPerformActionOrException(requestUser, ActionType.Modify, obj.Identity); up = DirectoryServices.GetUserPrincipal(obj.Identity); if (up == null) { throw new AdException($"User [{obj.Identity}] Not Found.", AdStatusType.DoesNotExist); } user.UpdateUserPrincipal(up); } DirectoryServices.SaveUser(up, isDryRun); OnLogMessage("ProcessModify", obj.Type + " [" + obj.Identity + "] " + statusAction + "."); if (user.Groups != null) { ProcessGroupAdd(user, false); } result.Statuses.Add(status); break; case AdObjectType.Group: AdGroup group = (AdGroup)obj; GroupPrincipal gp = null; if (config.UseUpsert && !DirectoryServices.IsExistingGroup(obj.Identity)) { if (DirectoryServices.IsDistinguishedName(obj.Identity)) { String path = DirectoryServices.GetParentPath(obj.Identity); roleManager.CanPerformActionOrException(requestUser, ActionType.Create, path); gp = group.CreateGroupPrincipal(); statusAction = "Created"; } else { throw new AdException($"Identity [{obj.Identity}] Must Be A Distinguished Name For Group Creation.", AdStatusType.MissingInput); } } else { roleManager.CanPerformActionOrException(requestUser, ActionType.Modify, obj.Identity); gp = DirectoryServices.GetGroupPrincipal(obj.Identity); if (gp == null) { throw new AdException($"Group [{obj.Identity}] Not Found.", AdStatusType.DoesNotExist); } group.UpdateGroupPrincipal(gp); } DirectoryServices.SaveGroup(gp, isDryRun); OnLogMessage("ProcessModify", obj.Type + " [" + obj.Identity + "] " + statusAction + "."); if (group.Groups != null) { ProcessGroupAdd(group, false); } result.Statuses.Add(status); break; case AdObjectType.OrganizationalUnit: AdOrganizationalUnit ou = (AdOrganizationalUnit)obj; // Get DistinguishedName from User or Group Identity for ManagedBy Property if (!String.IsNullOrWhiteSpace(ou.ManagedBy)) { if (ou.Properties == null) { ou.Properties = new Dictionary <string, List <string> >(); } if (!ou.Properties.ContainsKey("managedBy")) { String distinguishedName = DirectoryServices.GetDistinguishedName(ou.ManagedBy); if (distinguishedName == null) { distinguishedName = ou.ManagedBy; } List <String> values = new List <string>() { distinguishedName }; ou.Properties.Add("managedBy", values); } } if (config.UseUpsert && !DirectoryServices.IsExistingDirectoryEntry(obj.Identity)) { if (DirectoryServices.IsDistinguishedName(obj.Identity)) { String path = DirectoryServices.GetParentPath(obj.Identity); roleManager.CanPerformActionOrException(requestUser, ActionType.Create, path); if (!String.IsNullOrWhiteSpace(ou.Description)) { DirectoryServices.AddProperty(ou.Properties, "description", ou.Description); } DirectoryServices.CreateOrganizationUnit(obj.Identity, ou.Properties, isDryRun); statusAction = "Created"; } else { throw new AdException($"Identity [{obj.Identity}] Must Be A Distinguished Name For Organizational Unit Creation.", AdStatusType.MissingInput); } } else { roleManager.CanPerformActionOrException(requestUser, ActionType.Modify, obj.Identity); if (!String.IsNullOrWhiteSpace(ou.Description)) { DirectoryServices.AddProperty(ou.Properties, "description", ou.Description); } DirectoryServices.ModifyOrganizationUnit(ou.Identity, ou.Properties, isDryRun); } OnLogMessage("ProcessModify", obj.Type + " [" + obj.Identity + "] " + statusAction + "."); result.Statuses.Add(status); break; default: throw new AdException("Action [" + config.Action + "] Not Implemented For Type [" + obj.Type + "]", AdStatusType.NotSupported); } if (returnObject) { result.Object = GetActiveDirectoryObject(obj); } } catch (AdException ex) { ProcessActiveDirectoryException(result, ex, status.Action); } catch (Exception e) { OnLogMessage("ProcessCreate", e.Message); OnLogMessage("ProcessCreate", e.StackTrace); AdException le = new AdException(e); ProcessActiveDirectoryException(result, le, status.Action); } results.Add(result); }