/// <summary> /// Updates policy module flags by writing them to Certification Authority. /// </summary> /// <param name="restart"> /// Indicates whether to restart certificate services to immediately apply changes. Updated settings has no effect /// until CA service is restarted. /// </param> /// <exception cref="UnauthorizedAccessException"> /// The caller do not have sufficient permissions to make changes in the CA configuration. /// </exception> /// <exception cref="ServerUnavailableException"> /// The target CA server could not be contacted via remote registry and RPC protocol. /// </exception> /// <returns> /// <strong>True</strong> if configuration was changed. If an object was not modified since it was instantiated, configuration is not updated /// and the method returns <strong>False</strong>. /// </returns> /// <remarks>The caller must have <strong>Administrator</strong> permissions on the target CA server.</remarks> public Boolean SetInfo(Boolean restart) { if (IsModified) { if (CryptoRegistry.Ping(ComputerName)) { CryptoRegistry.SetRReg((Int32)EditFlags, "EditFlags", RegistryValueKind.DWord, $@"{Name}\PolicyModules\{activePolicyModule}", ComputerName); if (restart) { CertificateAuthority.Restart(ComputerName); } IsModified = false; return(true); } if (CertificateAuthority.Ping(ComputerName)) { CryptoRegistry.SetRegFallback(configString, $@"PolicyModules\{activePolicyModule}", "EditFlags", (Int32)EditFlags); if (restart) { CertificateAuthority.Restart(ComputerName); } IsModified = false; return(true); } ServerUnavailableException e = new ServerUnavailableException(DisplayName); e.Data.Add(nameof(e.Source), (OfflineSource)3); throw e; } return(false); }
void m_initialize(CertificateAuthority certificateAuthority) { Name = certificateAuthority.Name; DisplayName = certificateAuthority.DisplayName; ComputerName = certificateAuthority.ComputerName; configString = certificateAuthority.ConfigString; version = certificateAuthority.Version; isEnterprise = certificateAuthority.IsEnterprise; if (CryptoRegistry.Ping(ComputerName)) { activePolicyModule = (String)CryptoRegistry.GetRReg("Active", $@"{Name}\PolicyModules", ComputerName); EditFlags = (PolicyModuleFlagEnum)CryptoRegistry.GetRReg("EditFlags", $@"{Name}\PolicyModules\{activePolicyModule}", ComputerName); } else { if (CertificateAuthority.Ping(ComputerName)) { activePolicyModule = (String)CryptoRegistry.GetRegFallback(configString, "PolicyModules", "EditFlags"); EditFlags = (PolicyModuleFlagEnum)CryptoRegistry.GetRegFallback(configString, $@"PolicyModules\{activePolicyModule}", "EditFlags"); } else { ServerUnavailableException e = new ServerUnavailableException(DisplayName); e.Data.Add(nameof(e.Source), (OfflineSource)3); throw e; } } }
/// <summary> /// Writes this object to a securable object's Access Control List. /// </summary> /// <param name="restart"> /// Indiciates whether to restart certificate services to immediately apply changes. Updated settings has /// no effect until CA service is restarted. /// </param> /// <exception cref="ServerUnavailableException"> /// The target CA server could not be contacted via remote registry and RPC protocol. /// </exception> public void SetObjectSecurity(Boolean restart) { if (CryptoRegistry.Ping(ComputerName)) { CryptoRegistry.SetRReg(GetSecurityDescriptorBinaryForm(), "Security", _name, ComputerName); if (restart) { CertificateAuthority.Restart(ComputerName); } return; } if (CertificateAuthority.Ping(ComputerName)) { CryptoRegistry.SetRegFallback(_config, String.Empty, "Security", GetSecurityDescriptorBinaryForm()); if (restart) { CertificateAuthority.Restart(ComputerName); } return; } ServerUnavailableException e = new ServerUnavailableException(DisplayName); e.Data.Add("Source", (OfflineSource)3); throw e; }
void m_initialize(CertificateAuthority certificateAuthority) { Name = certificateAuthority.Name; DisplayName = certificateAuthority.DisplayName; ComputerName = certificateAuthority.ComputerName; ConfigString = certificateAuthority.ConfigString; Version = certificateAuthority.Version; if (CryptoRegistry.Ping(ComputerName)) { CRLFlags = (CRLFlagEnum)CryptoRegistry.GetRReg("CRLFlags", Name, ComputerName); } else { if (CertificateAuthority.Ping(ComputerName)) { CRLFlags = (CRLFlagEnum)CryptoRegistry.GetRegFallback(ConfigString, "", "CRLFlags"); } else { ServerUnavailableException e = new ServerUnavailableException(DisplayName); e.Data.Add(nameof(e.Source), (OfflineSource)3); throw e; } } }
/// <summary> /// Updates management interface flags by writing them to Certification Authority. /// </summary> /// <param name="restart"> /// Indiciates whether to restart certificate services to immediately apply changes. Updated settings has no effect /// until CA service is restarted. /// </param> /// <exception cref="UnauthorizedAccessException"> /// The caller do not have sufficient permissions to make changes in the CA configuration. /// </exception> /// <exception cref="ServerUnavailableException"> /// The target CA server could not be contacted via remote registry and RPC protocol. /// </exception> /// <returns> /// <strong>True</strong> if configuration was changed. If an object was not modified since it was instantiated, configuration is not updated /// and the method returns <strong>False</strong>. /// </returns> /// <remarks>The caller must have <strong>Administrator</strong> permissions on the target CA server.</remarks> public Boolean SetInfo(Boolean restart) { if (IsModified) { if (CryptoRegistry.Ping(ComputerName)) { CryptoRegistry.SetRReg((Int32)InterfaceFlags, "InterfaceFlags", RegistryValueKind.DWord, Name, ComputerName); if (restart) { CertificateAuthority.Restart(ComputerName); } IsModified = false; return(true); } if (CertificateAuthority.Ping(ComputerName)) { CryptoRegistry.SetRegFallback(ConfigString, String.Empty, "InterfaceFlags", (Int32)InterfaceFlags); if (restart) { CertificateAuthority.Restart(ComputerName); } IsModified = false; return(true); } ServerUnavailableException e = new ServerUnavailableException(DisplayName); e.Data.Add(nameof(e.Source), (OfflineSource)3); throw e; } return(false); }
/// <summary> /// Updates policy module extension lists by writing them to Certification Authority. /// </summary> /// <param name="restart"> /// Indiciates whether to restart certificate services to immediately apply changes. Updated settings has no effect /// until CA service is restarted.</param> /// <exception cref="UnauthorizedAccessException"> /// If the caller do not have sufficient permissions to make changes in the CA configuration. /// </exception> /// <exception cref="ServerUnavailableException"> /// If the target CA server could not be contacted via remote registry and RPC protocol. /// </exception> /// <returns> /// <strong>True</strong> if configuration was changed. If an object was not modified since it was instantiated, configuration is not updated /// and the method returns <strong>False</strong>. /// </returns> /// <remarks>The caller must have <strong>Administrator</strong> permissions on the target CA server.</remarks> public Boolean SetInfo(Boolean restart) { if (IsModified) { List <String> oidstrings; if (CryptoRegistry.Ping(ComputerName)) { String path = $@"{Name}\PolicyModules\{ActivePolicyModule}"; oidstrings = EnabledExtensionList.Select(oid => oid.Value).ToList(); CryptoRegistry.SetRReg(oidstrings, "EnableRequestExtensionList", path, ComputerName); oidstrings.Clear(); oidstrings.AddRange(OfflineExtensionList.Select(oid => oid.Value)); CryptoRegistry.SetRReg(oidstrings, "EnableEnrolleeRequestExtensionList", path, ComputerName); oidstrings.Clear(); oidstrings.AddRange(DisabledExtensionList.Select(oid => oid.Value)); CryptoRegistry.SetRReg(oidstrings, "DisableExtensionList", path, ComputerName); oidstrings.Clear(); if (restart) { CertificateAuthority.Restart(ComputerName); } IsModified = false; return(true); } if (CertificateAuthority.Ping(ComputerName)) { String path = $@"PolicyModules\{ActivePolicyModule}"; oidstrings = EnabledExtensionList.Select(oid => oid.Value).ToList(); CryptoRegistry.SetRegFallback(ConfigString, path, "EnableRequestExtensionList", oidstrings.ToArray()); oidstrings.Clear(); oidstrings.AddRange(OfflineExtensionList.Select(oid => oid.Value)); CryptoRegistry.SetRegFallback(ConfigString, path, "EnableEnrolleeRequestExtensionList", oidstrings.ToArray()); oidstrings.Clear(); oidstrings.AddRange(DisabledExtensionList.Select(oid => oid.Value)); CryptoRegistry.SetRegFallback(ConfigString, path, "DisableExtensionList", oidstrings.ToArray()); oidstrings.Clear(); if (restart) { CertificateAuthority.Restart(ComputerName); } IsModified = false; return(true); } ServerUnavailableException e = new ServerUnavailableException(DisplayName); e.Data.Add(nameof(e.Source), (OfflineSource)3); throw e; } return(false); }
void m_initialize(CertificateAuthority certificateAuthority) { List <Oid> Oids = new List <Oid>(); Name = certificateAuthority.Name; DisplayName = certificateAuthority.DisplayName; ComputerName = certificateAuthority.ComputerName; ConfigString = certificateAuthority.ConfigString; if (CryptoRegistry.Ping(ComputerName)) { ActivePolicyModule = (String)CryptoRegistry.GetRReg("Active", $@"{Name}\PolicyModules", ComputerName); String[] oidstrings = (String[])CryptoRegistry.GetRReg("EnableRequestExtensionList", $@"{Name}\PolicyModules\{ActivePolicyModule}", ComputerName); Oids.AddRange(oidstrings.Select(item => new Oid(item))); EnabledExtensionList = Oids.ToArray(); Oids.Clear(); oidstrings = (String[])CryptoRegistry.GetRReg("EnableEnrolleeRequestExtensionList", $@"{Name}\PolicyModules\{ActivePolicyModule}", ComputerName); Oids.AddRange(oidstrings.Select(item => new Oid(item))); OfflineExtensionList = Oids.ToArray(); Oids.Clear(); oidstrings = (String[])CryptoRegistry.GetRReg("DisableExtensionList", $@"{Name}\PolicyModules\{ActivePolicyModule}", ComputerName); Oids.AddRange(oidstrings.Select(item => new Oid(item))); DisabledExtensionList = Oids.ToArray(); Oids.Clear(); } else { if (CertificateAuthority.Ping(ComputerName)) { ActivePolicyModule = (String)CryptoRegistry.GetRReg("Active", $@"{Name}\PolicyModules", ComputerName); String[] oidstrings = (String[])CryptoRegistry.GetRegFallback(ConfigString, $@"PolicyModules\{ActivePolicyModule}", "EnableRequestExtensionList"); Oids.AddRange(oidstrings.Select(item => new Oid(item))); EnabledExtensionList = Oids.ToArray(); Oids.Clear(); oidstrings = (String[])CryptoRegistry.GetRegFallback(ConfigString, $@"PolicyModules\{ActivePolicyModule}", "EnableEnrolleeRequestExtensionList"); Oids.AddRange(oidstrings.Select(item => new Oid(item))); OfflineExtensionList = Oids.ToArray(); Oids.Clear(); oidstrings = (String[])CryptoRegistry.GetRegFallback(ConfigString, $@"PolicyModules\{ActivePolicyModule}", "DisableExtensionList"); Oids.AddRange(oidstrings.Select(item => new Oid(item))); DisabledExtensionList = Oids.ToArray(); } else { ServerUnavailableException e = new ServerUnavailableException(DisplayName); e.Data.Add(nameof(e.Source), (OfflineSource)3); throw e; } } }