public static void BuildExtendedRightsDict() { _logger.Debug("Building an Extended Rights List"); string extendedRightsDn = "CN=Extended-Rights," + Searcher.LdapInfo.ConfigDN; var rightsResult = Searcher.GetResultEntries(new LDAPSearchString { DN = extendedRightsDn, Filter = "(rightsGuid=*)", ReturnAttributes = new string[] { "rightsGuid", "cn" }, Scope = SearchScope.Subtree, //UseGlobalCatalog = true }).ToList(); foreach (var rights in rightsResult) { //Ignore duplicated rightsGuid DNS-Host-Name-Attributes & Validated-DNS-Host-Name: "72e39547-7b18-11d1-adef-00c04fd8d5cd" string rightsGuid = rights.Attributes["rightsGuid"][0].ToString().ToLower(); if (rightsGuid == "72e39547-7b18-11d1-adef-00c04fd8d5cd") { continue; } ExtendedRightsList.Add(rightsGuid, rights.Attributes["cn"][0].ToString()); } ExtendedRightsList.Add("72e39547-7b18-11d1-adef-00c04fd8d5cd", "DNS-Host-Name-Attributes & Validated-DNS-Host-Name"); ExtendedRightsList.Add("aa4e1a6d-550d-4e05-8c35-4afcb917a9fe", "ms-TPM-OwnerInformation"); ExtendedRightsList.Add("00000000-0000-0000-0000-000000000000", "All"); }
//It does not work well with Task public static string ResolveRightsGuid(string rightsGuid, bool isExtendedRights = true) { if (isExtendedRights) { if (ExtendedRightsList.ContainsKey(rightsGuid.ToLower())) { return(ExtendedRightsList[rightsGuid.ToLower()]); } //ms-TPM-OwnerInformation:aa4e1a6d-550d-4e05-8c35-4afcb917a9fe (this is a schema attribute...) else { _logger.Warn($"{rightsGuid} is extended rights but cannot be resolved"); return(rightsGuid); } } else { if (SchemaList.ContainsKey(rightsGuid.ToLower())) { return(SchemaList[rightsGuid.ToLower()]); } else { _logger.Warn($"{rightsGuid} is a schema attribute but cannot be resolved"); return(rightsGuid); } } //string partition = isExtendedRights ? "CN=Extended-Rights,CN=Configuration," : "CN=Schema,CN=Configuration,"; //string partition = "CN=Schema,CN=Configuration,"; //No SPACE near "=" //From The .Net Developer Guide to Directory Services Programming Searching for Binary Data //resolve schema attributes / extended rights //string searchFilter = isExtendedRights ? @"(rightsGuid=" + rightsGuid + @")" : // @"(schemaIDGUID=" + BuildFilterOctetString(new Guid(rightsGuid).ToByteArray()) + @")"; }