public List <GroupInfo> GetDiscoveredGroupsByAttributes(LDAPSupportSettings settings, out List <GroupInfo> existingGroups)
{
existingGroups = new List <GroupInfo>();
if (settings.GroupMembership)
{
if (DomainGroups == null)
{
DomainGroups = ldapHelper.GetGroupsByAttributes(settings);
}
if (DomainGroups != null)
{
var groups = new List <GroupInfo>(DomainGroups.Count);
var removedGroups = new List <LDAPObject>();
foreach (var domainGroup in DomainGroups)
{
var lastId = domainGroup.Sid.Split(hyphen).Last();
if (lastId != primaryGroupId)
{
var members = ldapHelper.GetGroupAttribute(domainGroup, settings.GroupAttribute);
if (members == null)
{
removedGroups.Add(domainGroup);
continue;
}
}
string sid = domainGroup.Sid;
var groupInfo = new GroupInfo
{
Name = domainGroup.InvokeGet(settings.GroupNameAttribute) as string,
Sid = sid
};
// Domain Users - primary group
if (sid.Split(hyphen).Last() == primaryGroupId)
{
primaryGroup = groupInfo;
}
if (CoreContext.UserManager.GetGroupInfoBySid(groupInfo.Sid).ID == Core.Users.Constants.LostGroupInfo.ID)
{
groups.Add(groupInfo);
}
else
{
existingGroups.Add(groupInfo);
}
}
foreach (var domainGroup in removedGroups)
{
if (DomainGroups.Contains(domainGroup))
{
DomainGroups.Remove(domainGroup);
}
}
return(groups);
}
}
return(null);
}
public bool TryLoadLDAPGroups()
{
try
{
if (!_settings.EnableLdapAuthentication || !_settings.GroupMembership)
{
return(false);
}
AllDomainGroups = _ldapHelper.GetGroupsByAttributes(_settings) ?? new List <LDAPObject>();
return(true);
}
catch (ArgumentException)
{
_log.ErrorFormat("Incorrect group filter. groupFilter = {0}", _settings.GroupFilter);
}
return(false);
}
public override byte CheckSettings(LDAPSupportSettings settings, LDAPUserImporter importer, bool acceptCertificate = false)
{
if (!settings.EnableLdapAuthentication)
{
return(OPERATION_OK);
}
string password = GetPassword(settings.PasswordBytes);
try
{
if (settings.Authentication)
{
CheckCredentials(settings.Login, password, settings.Server, settings.PortNumber, settings.StartTls);
}
if (!CheckServerAndPort(settings.Server,
settings.PortNumber, settings.Authentication, settings.Login, password))
{
return(WRONG_SERVER_OR_PORT);
}
}
catch (DirectoryServicesCOMException)
{
return(CREDENTIALS_NOT_VALID);
}
catch (COMException)
{
return(WRONG_SERVER_OR_PORT);
}
if (!CheckUserDN(settings.UserDN, settings.Server, settings.PortNumber,
settings.Authentication, settings.Login, password, settings.StartTls))
{
return(WRONG_USER_DN);
}
try
{
importer.AllDomainUsers = ldapHelper.GetUsersByAttributes(settings);
}
catch (ArgumentException)
{
log.ErrorFormat("Incorrect filter. userFilter = {0}", settings.UserFilter);
return(INCORRECT_LDAP_FILTER);
}
if (importer.AllDomainUsers == null || importer.AllDomainUsers.Count == 0)
{
log.ErrorFormat("Any user is not found. userDN = {0}", settings.UserDN);
return(USERS_NOT_FOUND);
}
foreach (var user in importer.AllDomainUsers)
{
if (!CheckLoginAttribute(user, settings.LoginAttribute))
{
return(WRONG_LOGIN_ATTRIBUTE);
}
}
if (settings.GroupMembership)
{
if (!CheckGroupDN(settings.UserDN, settings.Server, settings.PortNumber,
settings.Authentication, settings.Login, password, settings.StartTls))
{
return(WRONG_USER_DN);
}
try
{
importer.DomainGroups = ldapHelper.GetGroupsByAttributes(settings);
}
catch (ArgumentException)
{
log.ErrorFormat("Incorrect group filter. groupFilter = {0}", settings.GroupFilter);
return(INCORRECT_GROUP_LDAP_FILTER);
}
if (importer.DomainGroups == null || importer.DomainGroups.Count == 0)
{
return(GROUPS_NOT_FOUND);
}
foreach (var group in importer.DomainGroups)
{
if (!CheckGroupAttribute(group, settings.GroupAttribute))
{
return(WRONG_GROUP_ATTRIBUTE);
}
if (!CheckGroupNameAttribute(group, settings.GroupNameAttribute))
{
return(WRONG_GROUP_NAME_ATTRIBUTE);
}
}
foreach (var user in importer.AllDomainUsers)
{
if (!CheckUserAttribute(user, settings.UserAttribute))
{
return(WRONG_USER_ATTRIBUTE);
}
}
}
return(OPERATION_OK);
}
