/// <summary>
/// Queries to find the type of directory
/// </summary>
/// <returns>The LDAP directory type.</returns>
public LdapDirectoryType QueryDirectoryType()
{
LdapAttribute attr = null;
LdapEntry entry = null;
bool eDirectory = false;
LdapSearchResults lsc = connection.Search("",
LdapConnection.SCOPE_BASE,
"objectClass=*",
null,
false);
UserAdd.DisplayStrings(String.Format(""));
UserAdd.DisplayStrings(String.Format("============="));
while (lsc.hasMore())
{
entry = null;
try
{
entry = lsc.next();
}
catch (LdapException e)
{
Console.WriteLine("Error: " + e.LdapErrorMessage);
continue;
}
UserAdd.DisplayStrings(String.Format("Entry DN: {0} ", entry.DN));
LdapAttributeSet attributeSet = entry.getAttributeSet();
System.Collections.IEnumerator ienum = attributeSet.GetEnumerator();
while (ienum.MoveNext())
{
attr = (LdapAttribute)ienum.Current;
string attributeName = attr.Name;
string attributeVal = attr.StringValue;
UserAdd.DisplayStrings(String.Format("{0}: {1}", attributeName, attributeVal));
if (String.Equals(attributeVal, "Novell, Inc.") == true)
{
eDirectory = true;
UserAdd.DisplayStrings(String.Format("Directory Type: {0} ", "Novell eDirectory"));
break;
}
}
}
if (eDirectory == true)
{
ldapType = LdapDirectoryType.eDirectory;
}
else
{
entry = connection.Read("");
attr = entry.getAttribute("defaultNamingContext");
if (attr != null)
{
UserAdd.DisplayStrings(String.Format("Directory Type: {0} ", "Active Directory"));
ldapType = LdapDirectoryType.ActiveDirectory;
}
else
{
UserAdd.DisplayStrings(String.Format("Directory Type: {0} ", "OpenLdap Directory"));
ldapType = LdapDirectoryType.OpenLDAP;
}
}
UserAdd.DisplayStrings(String.Format("============="));
UserAdd.DisplayStrings(String.Format(""));
return(ldapType);
}
/// <summary>
/// Create a New User in the LDAP Tree
/// </summary>
/// <param name="dn">The New User DN</param>
/// <param name="password">The New User Password</param>
/// <param name="sn">New User sn</param>
/// <param name="ldapHomeServer">New User ldapHomeServer</param>
/// <returns>true, if the user was created. false, if the user already exists.</returns>
public bool CreateUser(string dn, string password, string sn, string ldapHomeServer)
{
bool created = true;
try
{
connection.Read(dn);
created = false;
}
catch
{
UserAdd.DisplayStrings("");
UserAdd.DisplayStrings("Attempting to create user, with the following ldif");
UserAdd.DisplayStrings("");
UserAdd.DisplayStrings("--------------------------------------------------");
LdapAttributeSet attributeSet = new LdapAttributeSet();
switch (ldapType)
{
case LdapDirectoryType.ActiveDirectory:
{
Regex cnRegex = null;
int AccEnable = (int)ADS_USER_FLAGS.NORMAL_ACCOUNT | (int)ADS_USER_FLAGS.DONT_EXPIRE_PASSWD; // Flags set to 66048
string quotedPassword = "******"" + password + "\"";
char [] unicodePassword = quotedPassword.ToCharArray();
sbyte [] userPassword = new sbyte[unicodePassword.Length * 2];
for (int i = 0; i < unicodePassword.Length; i++)
{
userPassword[i * 2 + 1] = (sbyte)(unicodePassword[i] >> 8);
userPassword[i * 2 + 0] = (sbyte)(unicodePassword[i] & 0xff);
}
if (dn.ToLower().StartsWith("cn="))
{
cnRegex = new Regex(@"^cn=(.*?),.*$", RegexOptions.IgnoreCase | RegexOptions.Compiled);
}
else if (dn.ToLower().StartsWith("uid="))
{
cnRegex = new Regex(@"^uid=(.*?),.*$", RegexOptions.IgnoreCase | RegexOptions.Compiled);
}
string cn = cnRegex.Replace(dn, "$1");
// create user attributes
UserAdd.DisplayStrings(String.Format("{0}: {1}", "dn", dn));
attributeSet.Add(new LdapAttribute("objectClass", "user"));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "objectClass", "user"));
attributeSet.Add(new LdapAttribute("objectClass", "InetOrgPerson"));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "objectClass", "InetOrgPerson"));
attributeSet.Add(new LdapAttribute("cn", cn));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "cn", cn));
attributeSet.Add(new LdapAttribute("SamAccountName", cn));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "SamAccountName", cn));
attributeSet.Add(new LdapAttribute("sn", sn));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "sn", sn));
attributeSet.Add(new LdapAttribute("userAccountControl", AccEnable.ToString()));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "userAccountControl", AccEnable.ToString()));
attributeSet.Add(new LdapAttribute("UnicodePwd", userPassword));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "UnicodePwd", "xxxxxxx"));
LdapEntry entry = new LdapEntry(dn, attributeSet);
connection.Add(entry);
if (ldapHomeServer != null)
{
if (UpdateUserObject(dn, "iFolderHomeServer", ldapHomeServer, false) == false)
{
UpdateUserObject(dn, "iFolderHomeServer", ldapHomeServer, true);
}
}
break;
}
case LdapDirectoryType.eDirectory:
{
// parse the cn
Regex cnRegex = null;
if (dn.ToLower().StartsWith("cn="))
{
cnRegex = new Regex(@"^cn=(.*?),.*$", RegexOptions.IgnoreCase | RegexOptions.Compiled);
}
else if (dn.ToLower().StartsWith("uid="))
{
cnRegex = new Regex(@"^uid=(.*?),.*$", RegexOptions.IgnoreCase | RegexOptions.Compiled);
}
string cn = cnRegex.Replace(dn, "$1");
// create user attributes
UserAdd.DisplayStrings(String.Format("{0}: {1}", "Dn", dn));
attributeSet.Add(new LdapAttribute("objectClass", "inetOrgPerson"));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "objectClass", "inetOrgPerson"));
attributeSet.Add(new LdapAttribute("objectclass", "iFolderUserProvision"));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "objectclass", "iFolderUserProvision"));
attributeSet.Add(new LdapAttribute("cn", cn));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "cn", cn));
attributeSet.Add(new LdapAttribute("sn", sn));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "sn", sn));
attributeSet.Add(new LdapAttribute("userPassword", password));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "userPassword", "xxxxxxxx"));
LdapEntry entry = new LdapEntry(dn, attributeSet);
connection.Add(entry);
UpdateUserObject(dn, "objectclass", "iFolderUserProvision", false);
if (ldapHomeServer != null)
{
if (UpdateUserObject(dn, "iFolderHomeServer", ldapHomeServer, false) == false)
{
UpdateUserObject(dn, "iFolderHomeServer", ldapHomeServer, true);
}
}
break;
}
case LdapDirectoryType.OpenLDAP:
{
Regex uidRegex = new Regex(@"^(.*?)=(.*?),.*$", RegexOptions.IgnoreCase | RegexOptions.Compiled);
string uid = uidRegex.Replace(dn, "$2");
// I think we can get away with just creating an inetOrgPerson ...
// we don't need a posixAccount ... hmm, maybe a shadowAccount
// so that the password can expire?
attributeSet.Add(new LdapAttribute("objectClass", "inetOrgPerson")); //new string[]{"inetOrgPerson", "posixAccount", "shadowAccount"}));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "Dn", dn));
attributeSet.Add(new LdapAttribute("uid", uid));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "uid", uid));
attributeSet.Add(new LdapAttribute("cn", uid));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "cn", uid));
attributeSet.Add(new LdapAttribute("sn", sn));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "sn", sn));
attributeSet.Add(new LdapAttribute("givenName", uid));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "givenName", uid));
attributeSet.Add(new LdapAttribute("displayName", uid));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "displayName", uid));
attributeSet.Add(new LdapAttribute("objectclass", "iFolderUserProvision"));
// TODO: Need to encrypt the password first.
attributeSet.Add(new LdapAttribute("userPassword", password));
UserAdd.DisplayStrings(String.Format("{0}: {1}", "userPassword", "xxxxxxx"));
LdapEntry entry = new LdapEntry(dn, attributeSet);
connection.Add(entry);
UpdateUserObject(dn, "objectclass", "iFolderUserProvision", false);
if (ldapHomeServer != null)
{
if (UpdateUserObject(dn, "iFolderHomeServer", ldapHomeServer, false) == false)
{
UpdateUserObject(dn, "iFolderHomeServer", ldapHomeServer, true);
}
}
break;
}
}
UserAdd.DisplayStrings("");
UserAdd.DisplayStrings("--------------------------------------------------");
}
// result
return(created);
}