static internal void ApplyChangesToDirectory(
Principal p,
StoreCtx storeCtx,
GroupMembershipUpdater updateGroupMembership,
NetCred credentials,
AuthenticationTypes authTypes)
{
GlobalDebug.WriteLineIf(GlobalDebug.Info, "SDSUtils", "Entering ApplyChangesToDirectory");
Debug.Assert(storeCtx != null);
Debug.Assert(storeCtx is ADStoreCtx || storeCtx is SAMStoreCtx || storeCtx is ADAMStoreCtx);
Debug.Assert(p != null);
Debug.Assert(updateGroupMembership != null);
// Update the properties in the DirectoryEntry. Note that this does NOT
// update group membership.
DirectoryEntry de = (DirectoryEntry)storeCtx.PushChangesToNative(p);
Debug.Assert(de == p.UnderlyingObject);
// Commit the property update
try
{
de.CommitChanges();
}
catch (System.Runtime.InteropServices.COMException e)
{
GlobalDebug.WriteLineIf(GlobalDebug.Error, "SDSUtils", "ApplyChangesToDirectory: caught COMException with message " + e.Message);
throw (ExceptionHelper.GetExceptionFromCOMException(e));
}
if ((p is GroupPrincipal) && (p.GetChangeStatusForProperty(PropertyNames.GroupMembers)))
{
GlobalDebug.WriteLineIf(GlobalDebug.Info, "SDSUtils", "ApplyChangesToDirectory: Updating group membership");
// It's a group, and it's membership has changed. Commit those membership changes.
// Note that this is an immediate operation, because it goes through IADsGroup,
// and does not require a call to de.CommitChanges().
updateGroupMembership(p, de, credentials, authTypes);
}
}
static internal void InsertPrincipal(
Principal p,
StoreCtx storeCtx,
GroupMembershipUpdater updateGroupMembership,
NetCred credentials,
AuthenticationTypes authTypes,
bool needToSetPassword)
{
GlobalDebug.WriteLineIf(GlobalDebug.Info, "SDSUtils", "Entering InsertPrincipal");
Debug.Assert(storeCtx != null);
Debug.Assert(storeCtx is ADStoreCtx || storeCtx is SAMStoreCtx);
Debug.Assert(p != null);
if ((!(p is UserPrincipal)) &&
(!(p is GroupPrincipal)) &&
(!(p is AuthenticablePrincipal)) &&
(!(p is ComputerPrincipal)))
{
// It's not a type of Principal that we support
GlobalDebug.WriteLineIf(GlobalDebug.Warn, "SDSUtils", "InsertPrincipal: Bad principal type:" + p.GetType().ToString());
throw new InvalidOperationException(
String.Format(CultureInfo.CurrentCulture, SR.StoreCtxUnsupportedPrincipalTypeForSave, p.GetType().ToString()));
}
// Commit the properties
SDSUtils.ApplyChangesToDirectory(
p,
storeCtx,
updateGroupMembership,
credentials,
authTypes
);
// Handle any saved-off operations
// For SAM, we set password elsewhere prior to creating the principal, so needToSetPassword == false
// For AD, we have to set the password after creating the principal, so needToSetPassword == true
if (needToSetPassword && p.GetChangeStatusForProperty(PropertyNames.PwdInfoPassword))
{
GlobalDebug.WriteLineIf(GlobalDebug.Info, "SDSUtils", "InsertPrincipal: Setting password");
// Only AuthenticablePrincipals can have PasswordInfo
Debug.Assert(p is AuthenticablePrincipal);
string password = (string)p.GetValueForProperty(PropertyNames.PwdInfoPassword);
Debug.Assert(password != null); // if null, PasswordInfo should not have indicated it was changed
storeCtx.SetPassword((AuthenticablePrincipal)p, password);
}
if (p.GetChangeStatusForProperty(PropertyNames.PwdInfoExpireImmediately))
{
// Only AuthenticablePrincipals can have PasswordInfo
Debug.Assert(p is AuthenticablePrincipal);
bool expireImmediately = (bool)p.GetValueForProperty(PropertyNames.PwdInfoExpireImmediately);
if (expireImmediately)
{
GlobalDebug.WriteLineIf(GlobalDebug.Info, "SDSUtils", "InsertPrincipal: Setting pwd expired");
storeCtx.ExpirePassword((AuthenticablePrincipal)p);
}
}
}
