public List <GroupInfo> GetDiscoveredGroupsByAttributes() { if (!_settings.GroupMembership) { return(new List <GroupInfo>()); } if (!AllDomainGroups.Any() && !TryLoadLDAPGroups()) { return(new List <GroupInfo>()); } var groups = new List <GroupInfo>(); var groupsToAdd = from g in AllDomainGroups select new GroupInfo { Name = g.InvokeGet(_settings.GroupNameAttribute) as string, Sid = g.Sid }; groups.AddRange(groupsToAdd); return(groups); }
private LdapObject FindGroupByMember(string member) { if (!AllDomainGroups.Any() && !TryLoadLDAPGroups()) { return(null); } return(AllDomainGroups.FirstOrDefault(g => g.DistinguishedName.Equals(member, StringComparison.InvariantCultureIgnoreCase))); }
public List <LdapObject> FindGroupsByAttribute(string key, IEnumerable <string> value, StringComparison comparison = StringComparison.InvariantCultureIgnoreCase) { var gr = new List <LdapObject>(); if (!AllDomainGroups.Any() && !TryLoadLDAPGroups()) { return(gr); } return(AllDomainGroups.Where(g => !g.IsDisabled && value.Any(val => string.Equals(val, (string)g.GetValue(key), comparison))).ToList()); }
private LdapObject FindGroupByMember(string member) { if (!AllDomainGroups.Any() && !TryLoadLDAPGroups()) { return(null); } _log.DebugFormat("LdapUserImporter.FindGroupByMember(member: {0})", member); return(AllDomainGroups.FirstOrDefault(g => g.DistinguishedName.Equals(member, StringComparison.InvariantCultureIgnoreCase))); }
public bool TryLoadLDAPGroups() { try { if (!Settings.EnableLdapAuthentication || !Settings.GroupMembership) { return(false); } if (!LdapHelper.IsConnected) { LdapHelper.Connect(); } var groups = LdapHelper.GetGroups(); foreach (var group in groups) { if (string.IsNullOrEmpty(group.Sid)) { AllSkipedDomainGroups.Add(group, LdapSettingsStatus.WrongSidAttribute); continue; } if (!CheckGroupAttribute(group, Settings.GroupAttribute)) { AllSkipedDomainGroups.Add(group, LdapSettingsStatus.WrongGroupAttribute); continue; } if (!CheckGroupNameAttribute(group, Settings.GroupNameAttribute)) { AllSkipedDomainGroups.Add(group, LdapSettingsStatus.WrongGroupNameAttribute); continue; } AllDomainGroups.Add(group); } return(AllDomainGroups.Any() || !groups.Any()); } catch (ArgumentException) { _log.ErrorFormat("TryLoadLDAPGroups(): Incorrect group filter. groupFilter = {0}", Settings.GroupFilter); } return(false); }
public bool IsUserExistsInGroups(UserInfo ldapUser) { try { if (!_settings.GroupMembership) { return(false); } if (ldapUser == null || Equals(ldapUser, Core.Users.Constants.LostUser) || string.IsNullOrEmpty(ldapUser.Sid)) { return(false); } if (!AllDomainGroups.Any() && !TryLoadLDAPGroups()) { return(false); } var domainUser = _ldapHelper.GetUserBySid(_settings, ldapUser.Sid); if (domainUser == null) { return(false); } var distinguishedName = _ldapHelper.GetUserAttribute(domainUser, _settings.UserAttribute); foreach (var domainGroup in AllDomainGroups) { if (_ldapHelper.UserExistsInGroup(_settings, domainGroup, distinguishedName, _settings.GroupAttribute)) { return(true); } } } catch (Exception ex) { if (ldapUser != null) { _log.ErrorFormat("IsUserExistInGroups(login: '******' sid: '{1}') error {2}", ldapUser.UserName, ldapUser.Sid, ex); } } return(false); }
public List <GroupInfo> GetDiscoveredGroupsByAttributes() { if (!Settings.GroupMembership) { return(new List <GroupInfo>()); } if (!AllDomainGroups.Any() && !TryLoadLDAPGroups()) { return(new List <GroupInfo>()); } var groups = new List <GroupInfo>(); var groupsToAdd = AllDomainGroups.ConvertAll(g => g.ToGroupInfo(Settings)); groups.AddRange(groupsToAdd); return(groups); }
private List <UserInfo> GetGroupUsers(GroupInfo groupInfo, bool clearCache) { if (!LdapHelper.IsConnected) { LdapHelper.Connect(); } _log.DebugFormat("LdapUserImporter.GetGroupUsers(Group name: {0})", groupInfo.Name); var users = new List <UserInfo>(); if (!AllDomainGroups.Any() && !TryLoadLDAPGroups()) { return(users); } var domainGroup = AllDomainGroups.FirstOrDefault(lg => lg.Sid.Equals(groupInfo.Sid)); if (domainGroup == null) { return(users); } if (!string.IsNullOrEmpty(PrimaryGroupId) && domainGroup.Sid.EndsWith("-" + PrimaryGroupId)) { // Domain Users found var ldapUsers = FindUsersByPrimaryGroup(); if (!ldapUsers.Any()) { return(users); } foreach (var ldapUser in ldapUsers) { var userInfo = ldapUser.ToUserInfo(this, _log); if (!users.Exists(u => u.Sid == userInfo.Sid)) { users.Add(userInfo); } } } else { var members = domainGroup.GetAttributes(Settings.GroupAttribute, _log); if (!members.Any()) { return(users); } foreach (var member in members) { var ldapUser = FindUserByMember(member); if (ldapUser == null) { var nestedLdapGroup = FindGroupByMember(member); if (nestedLdapGroup != null) { _log.DebugFormat("Found nested LDAP Group: {0}", nestedLdapGroup.DistinguishedName); if (clearCache) { _watchedNestedGroups = new List <string>(); } if (_watchedNestedGroups.Contains(nestedLdapGroup.DistinguishedName)) { _log.DebugFormat("Skip already watched nested LDAP Group: {0}", nestedLdapGroup.DistinguishedName); continue; } _watchedNestedGroups.Add(nestedLdapGroup.DistinguishedName); var nestedGroupInfo = nestedLdapGroup.ToGroupInfo(Settings, _log); var nestedGroupUsers = GetGroupUsers(nestedGroupInfo, false); foreach (var groupUser in nestedGroupUsers) { if (!users.Exists(u => u.Sid == groupUser.Sid)) { users.Add(groupUser); } } } continue; } var userInfo = ldapUser.ToUserInfo(this, _log); if (!users.Exists(u => u.Sid == userInfo.Sid)) { users.Add(userInfo); } } } return(users); }
public void SyncUserGroupMembership(UserInfo user) { if (user == null || !_settings.GroupMembership || AllDomainGroups == null || !AllDomainGroups.Any() && !TryLoadLDAPGroups() || !AllDomainUsers.Any() && !TryLoadLDAPUsers()) { return; } var domainUser = AllDomainUsers.FirstOrDefault(u => u.Sid.Equals(user.Sid)); if (domainUser == null) { return; } var userAttributeValue = _ldapHelper.GetUserAttribute(domainUser, _settings.UserAttribute); foreach (var domainGroup in AllDomainGroups) { var sid = domainGroup.Sid; var members = _ldapHelper.GetGroupAttribute(domainGroup, _settings.GroupAttribute); if (members == null) { continue; } foreach (var member in members) { var ldapUser = FindUserByMember(member); if (ldapUser == null) { continue; } if (!userAttributeValue.Equals(member, StringComparison.InvariantCultureIgnoreCase)) { continue; } var groupInfo = CoreContext.UserManager.GetGroupInfoBySid(sid); if (!Equals(groupInfo, Core.Users.Constants.LostGroupInfo)) { CoreContext.UserManager.AddUserIntoGroup(user.ID, groupInfo.ID); } } } var primaryGroup = AllDomainGroups.FirstOrDefault(g => g.Sid.EndsWith("-513")); if (primaryGroup == null) { return; } var getPrimaryGroup = CoreContext.UserManager.GetGroupInfoBySid(primaryGroup.Sid); if (!Equals(getPrimaryGroup, Core.Users.Constants.LostGroupInfo)) { CoreContext.UserManager.AddUserIntoGroup(user.ID, getPrimaryGroup.ID); } }
public List <UserInfo> GetGroupUsers(GroupInfo groupInfo) { var users = new List <UserInfo>(); if (!AllDomainGroups.Any() && !TryLoadLDAPGroups()) { return(users); } var domainGroup = AllDomainGroups.FirstOrDefault(lg => lg.Sid.Equals(groupInfo.Sid)); if (domainGroup == null) { return(users); } if (domainGroup.Sid.EndsWith("-513")) { // Domain Users found //var ldapUsers = _ldapHelper.GetUsersByAttributesAndFilter(_settings, "(&(objectCategory=person)(objectClass=user)(primaryGroupID=513))"); var ldapUsers = _ldapHelper.GetUsersFromPrimaryGroup(_settings, "513"); if (ldapUsers == null) { return(users); } foreach (var ldapUser in ldapUsers) { var userInfo = CreateUserInfo(ldapUser); if (!users.Exists(u => u.Sid == userInfo.Sid)) { users.Add(userInfo); } } } else { var members = _ldapHelper.GetGroupAttribute(domainGroup, _settings.GroupAttribute); if (members == null) { return(users); } foreach (var member in members) { var ldapUser = FindUserByMember(member); if (ldapUser != null) { var userInfo = CreateUserInfo(ldapUser); if (!users.Exists(u => u.Sid == userInfo.Sid)) { users.Add(userInfo); } } } } return(users); }
public List <UserInfo> GetGroupUsers(GroupInfo groupInfo) { if (!LdapHelper.IsConnected) { LdapHelper.Connect(); } var users = new List <UserInfo>(); if (!AllDomainGroups.Any() && !TryLoadLDAPGroups()) { return(users); } var domainGroup = AllDomainGroups.FirstOrDefault(lg => lg.Sid.Equals(groupInfo.Sid)); if (domainGroup == null) { return(users); } if (!string.IsNullOrEmpty(PrimaryGroupId) && domainGroup.Sid.EndsWith("-" + PrimaryGroupId)) { // Domain Users found var ldapUsers = FindUsersByPrimaryGroup(); if (!ldapUsers.Any()) { return(users); } foreach (var ldapUser in ldapUsers) { var userInfo = ldapUser.ToUserInfo(this, _log); if (!users.Exists(u => u.Sid == userInfo.Sid)) { users.Add(userInfo); } } } else { var members = domainGroup.GetAttributes(Settings.GroupAttribute, _log); if (!members.Any()) { return(users); } foreach (var member in members) { var ldapUser = FindUserByMember(member); if (ldapUser == null) { var nestedLdapGroup = FindGroupByMember(member); if (nestedLdapGroup != null) { var nestedGroupInfo = nestedLdapGroup.ToGroupInfo(Settings, _log); var nestedGroupUsers = GetGroupUsers(nestedGroupInfo); foreach (var groupUser in nestedGroupUsers) { if (!users.Exists(u => u.Sid == groupUser.Sid)) { users.Add(groupUser); } } } continue; } var userInfo = ldapUser.ToUserInfo(this, _log); if (!users.Exists(u => u.Sid == userInfo.Sid)) { users.Add(userInfo); } } } return(users); }