public List <GroupInfo> GetDiscoveredGroupsByAttributes(LDAPSupportSettings settings, out List <GroupInfo> existingGroups) { existingGroups = new List <GroupInfo>(); if (settings.GroupMembership) { if (DomainGroups == null) { DomainGroups = ldapHelper.GetGroupsByAttributes(settings); } if (DomainGroups != null) { var groups = new List <GroupInfo>(DomainGroups.Count); var removedGroups = new List <LDAPObject>(); foreach (var domainGroup in DomainGroups) { var lastId = domainGroup.Sid.Split(hyphen).Last(); if (lastId != primaryGroupId) { var members = ldapHelper.GetGroupAttribute(domainGroup, settings.GroupAttribute); if (members == null) { removedGroups.Add(domainGroup); continue; } } string sid = domainGroup.Sid; var groupInfo = new GroupInfo { Name = domainGroup.InvokeGet(settings.GroupNameAttribute) as string, Sid = sid }; // Domain Users - primary group if (sid.Split(hyphen).Last() == primaryGroupId) { primaryGroup = groupInfo; } if (CoreContext.UserManager.GetGroupInfoBySid(groupInfo.Sid).ID == Core.Users.Constants.LostGroupInfo.ID) { groups.Add(groupInfo); } else { existingGroups.Add(groupInfo); } } foreach (var domainGroup in removedGroups) { if (DomainGroups.Contains(domainGroup)) { DomainGroups.Remove(domainGroup); } } return(groups); } } return(null); }
public bool TryLoadLDAPGroups() { try { if (!_settings.EnableLdapAuthentication || !_settings.GroupMembership) { return(false); } AllDomainGroups = _ldapHelper.GetGroupsByAttributes(_settings) ?? new List <LDAPObject>(); return(true); } catch (ArgumentException) { _log.ErrorFormat("Incorrect group filter. groupFilter = {0}", _settings.GroupFilter); } return(false); }
public override byte CheckSettings(LDAPSupportSettings settings, LDAPUserImporter importer, bool acceptCertificate = false) { if (!settings.EnableLdapAuthentication) { return(OPERATION_OK); } string password = GetPassword(settings.PasswordBytes); try { if (settings.Authentication) { CheckCredentials(settings.Login, password, settings.Server, settings.PortNumber, settings.StartTls); } if (!CheckServerAndPort(settings.Server, settings.PortNumber, settings.Authentication, settings.Login, password)) { return(WRONG_SERVER_OR_PORT); } } catch (DirectoryServicesCOMException) { return(CREDENTIALS_NOT_VALID); } catch (COMException) { return(WRONG_SERVER_OR_PORT); } if (!CheckUserDN(settings.UserDN, settings.Server, settings.PortNumber, settings.Authentication, settings.Login, password, settings.StartTls)) { return(WRONG_USER_DN); } try { importer.AllDomainUsers = ldapHelper.GetUsersByAttributes(settings); } catch (ArgumentException) { log.ErrorFormat("Incorrect filter. userFilter = {0}", settings.UserFilter); return(INCORRECT_LDAP_FILTER); } if (importer.AllDomainUsers == null || importer.AllDomainUsers.Count == 0) { log.ErrorFormat("Any user is not found. userDN = {0}", settings.UserDN); return(USERS_NOT_FOUND); } foreach (var user in importer.AllDomainUsers) { if (!CheckLoginAttribute(user, settings.LoginAttribute)) { return(WRONG_LOGIN_ATTRIBUTE); } } if (settings.GroupMembership) { if (!CheckGroupDN(settings.UserDN, settings.Server, settings.PortNumber, settings.Authentication, settings.Login, password, settings.StartTls)) { return(WRONG_USER_DN); } try { importer.DomainGroups = ldapHelper.GetGroupsByAttributes(settings); } catch (ArgumentException) { log.ErrorFormat("Incorrect group filter. groupFilter = {0}", settings.GroupFilter); return(INCORRECT_GROUP_LDAP_FILTER); } if (importer.DomainGroups == null || importer.DomainGroups.Count == 0) { return(GROUPS_NOT_FOUND); } foreach (var group in importer.DomainGroups) { if (!CheckGroupAttribute(group, settings.GroupAttribute)) { return(WRONG_GROUP_ATTRIBUTE); } if (!CheckGroupNameAttribute(group, settings.GroupNameAttribute)) { return(WRONG_GROUP_NAME_ATTRIBUTE); } } foreach (var user in importer.AllDomainUsers) { if (!CheckUserAttribute(user, settings.UserAttribute)) { return(WRONG_USER_ATTRIBUTE); } } } return(OPERATION_OK); }