internal override ResultSetBookmark BookmarkAndReset() { SAMMembersSetBookmark sAMMembersSetBookmark = new SAMMembersSetBookmark(); sAMMembersSetBookmark.groupsToVisit = this.groupsToVisit; this.groupsToVisit = new List <string>(); string item = this.groupsVisited[0]; sAMMembersSetBookmark.groupsVisited = this.groupsVisited; this.groupsVisited = new List <string>(); this.groupsVisited.Add(item); sAMMembersSetBookmark.@group = this.@group; sAMMembersSetBookmark.membersEnumerator = this.membersEnumerator; this.@group = this.originalGroup; UnsafeNativeMethods.IADsMembers aDsMember = [email protected](); this.membersEnumerator = ((IEnumerable)aDsMember).GetEnumerator(); sAMMembersSetBookmark.current = this.current; sAMMembersSetBookmark.currentFakePrincipal = this.currentFakePrincipal; sAMMembersSetBookmark.currentForeign = this.currentForeign; this.current = null; this.currentFakePrincipal = null; this.currentForeign = null; sAMMembersSetBookmark.foreignMembers = this.foreignMembers; sAMMembersSetBookmark.foreignGroups = this.foreignGroups; sAMMembersSetBookmark.foreignResultSet = this.foreignResultSet; this.foreignMembers = new List <DirectoryEntry>(); this.foreignGroups = new List <GroupPrincipal>(); this.foreignResultSet = null; sAMMembersSetBookmark.atBeginning = this.atBeginning; this.atBeginning = true; return(sAMMembersSetBookmark); }
internal SAMMembersSet(string groupPath, UnsafeNativeMethods.IADsGroup group, bool recursive, SAMStoreCtx storeCtx, DirectoryEntry ctxBase) { this.atBeginning = true; this.groupsVisited = new List<string>(); this.groupsToVisit = new List<string>(); this.foreignMembers = new List<DirectoryEntry>(); this.foreignGroups = new List<GroupPrincipal>(); this.storeCtx = storeCtx; this.ctxBase = ctxBase; this.@group = group; this.originalGroup = group; this.recursive = recursive; this.groupsVisited.Add(groupPath); UnsafeNativeMethods.IADsMembers aDsMember = group.Members(); this.membersEnumerator = ((IEnumerable)aDsMember).GetEnumerator(); }
internal SAMMembersSet(string groupPath, UnsafeNativeMethods.IADsGroup group, bool recursive, SAMStoreCtx storeCtx, DirectoryEntry ctxBase) { this.atBeginning = true; this.groupsVisited = new List <string>(); this.groupsToVisit = new List <string>(); this.foreignMembers = new List <DirectoryEntry>(); this.foreignGroups = new List <GroupPrincipal>(); this.storeCtx = storeCtx; this.ctxBase = ctxBase; this.@group = group; this.originalGroup = group; this.recursive = recursive; this.groupsVisited.Add(groupPath); UnsafeNativeMethods.IADsMembers aDsMember = group.Members(); this.membersEnumerator = ((IEnumerable)aDsMember).GetEnumerator(); }
internal override bool Matches(DirectoryEntry groupDE) { // If it has no SID, it's not a security principal, and we're not interested in it. // (In reg-SAM, computers don't have accounts and therefore don't have SIDs, but ADSI // creates fake Computer objects for them. In LSAM, computers CAN have accounts, and thus // SIDs). if (groupDE.Properties["objectSid"] == null || groupDE.Properties["objectSid"].Count == 0) { GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMQuerySet", "GroupMemberMatcher: Matches: skipping no-SID group={0}", groupDE.Path); return(false); } // Enumerate the members of the group, looking for a match UnsafeNativeMethods.IADsGroup iADsGroup = (UnsafeNativeMethods.IADsGroup)groupDE.NativeObject; UnsafeNativeMethods.IADsMembers iADsMembers = iADsGroup.Members(); foreach (UnsafeNativeMethods.IADs nativeMember in ((IEnumerable)iADsMembers)) { // Wrap the DirectoryEntry around the native ADSI object // (which already has the correct credentials) DirectoryEntry memberDE = new DirectoryEntry(nativeMember); // No SID --> not interesting if (memberDE.Properties["objectSid"] == null || memberDE.Properties["objectSid"].Count == 0) { GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMQuerySet", "GroupMemberMatcher: Matches: skipping member no-SID member={0}", memberDE.Path); continue; } byte[] memberSid = (byte[])memberDE.Properties["objectSid"].Value; // Did we find a matching member in the group? if (Utils.AreBytesEqual(memberSid, _memberSidToMatch)) { GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMQuerySet", "GroupMemberMatcher: Matches: match member={0}, group={1)", memberDE.Path, groupDE.Path); return(true); } } // We tried all the members in the group and didn't get a match on any GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMQuerySet", "SamMatcher: Matches: no match, group={0}", groupDE.Path); return(false); }
internal override bool Matches(DirectoryEntry groupDE) { bool flag; if (groupDE.Properties["objectSid"] == null || groupDE.Properties["objectSid"].Count == 0) { return(false); } else { UnsafeNativeMethods.IADsGroup nativeObject = (UnsafeNativeMethods.IADsGroup)groupDE.NativeObject; UnsafeNativeMethods.IADsMembers aDsMember = nativeObject.Members(); IEnumerator enumerator = ((IEnumerable)aDsMember).GetEnumerator(); try { while (enumerator.MoveNext()) { UnsafeNativeMethods.IADs current = (UnsafeNativeMethods.IADs)enumerator.Current; DirectoryEntry directoryEntry = new DirectoryEntry(current); if (directoryEntry.Properties["objectSid"] == null || directoryEntry.Properties["objectSid"].Count == 0) { continue; } byte[] value = (byte[])directoryEntry.Properties["objectSid"].Value; if (!Utils.AreBytesEqual(value, this.memberSidToMatch)) { continue; } flag = true; return(flag); } return(false); } finally { IDisposable disposable = enumerator as IDisposable; if (disposable != null) { disposable.Dispose(); } } return(flag); } }
internal SAMMembersSet(string groupPath, UnsafeNativeMethods.IADsGroup group, bool recursive, SAMStoreCtx storeCtx, DirectoryEntry ctxBase) { GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMMembersSet", "SAMMembersSet: groupPath={0}, recursive={1}, base={2}", groupPath, recursive, ctxBase.Path); _storeCtx = storeCtx; _group = group; _originalGroup = group; _recursive = recursive; _groupsVisited.Add(groupPath); // so we don't revisit it UnsafeNativeMethods.IADsMembers iADsMembers = group.Members(); _membersEnumerator = ((IEnumerable)iADsMembers).GetEnumerator(); }
internal override void RestoreBookmark(ResultSetBookmark bookmark) { SAMMembersSetBookmark sAMMembersSetBookmark = (SAMMembersSetBookmark)bookmark; this.groupsToVisit = sAMMembersSetBookmark.groupsToVisit; this.groupsVisited = sAMMembersSetBookmark.groupsVisited; this.@group = sAMMembersSetBookmark.@group; this.membersEnumerator = sAMMembersSetBookmark.membersEnumerator; this.current = sAMMembersSetBookmark.current; this.currentFakePrincipal = sAMMembersSetBookmark.currentFakePrincipal; this.currentForeign = sAMMembersSetBookmark.currentForeign; this.foreignMembers = sAMMembersSetBookmark.foreignMembers; this.foreignGroups = sAMMembersSetBookmark.foreignGroups; if (this.foreignResultSet != null) { this.foreignResultSet.Dispose(); } this.foreignResultSet = sAMMembersSetBookmark.foreignResultSet; this.atBeginning = sAMMembersSetBookmark.atBeginning; }
// Get members of group g internal override BookmarkableResultSet GetGroupMembership(GroupPrincipal g, bool recursive) { // Enforced by the methods that call us Debug.Assert(g.unpersisted == false); // Fake groups are a member of other groups, but they themselves have no members // (they don't even exist in the store) if (g.fakePrincipal) { GlobalDebug.WriteLineIf(GlobalDebug.Info, "SAMStoreCtx", "GetGroupMembership: is fake principal, returning empty set"); return(new EmptySet()); } Debug.Assert(g.UnderlyingObject != null); DirectoryEntry groupDE = (DirectoryEntry)g.UnderlyingObject; UnsafeNativeMethods.IADsGroup iADsGroup = (UnsafeNativeMethods.IADsGroup)groupDE.NativeObject; BookmarkableResultSet resultSet = new SAMMembersSet(groupDE.Path, iADsGroup, recursive, this, _ctxBase); return(resultSet); }
internal override void Reset() { if (!this.atBeginning) { this.groupsToVisit.Clear(); string item = this.groupsVisited[0]; this.groupsVisited.Clear(); this.groupsVisited.Add(item); this.@group = this.originalGroup; UnsafeNativeMethods.IADsMembers aDsMember = [email protected](); this.membersEnumerator = ((IEnumerable)aDsMember).GetEnumerator(); this.current = null; this.currentFakePrincipal = null; this.currentForeign = null; this.foreignMembers.Clear(); this.foreignGroups.Clear(); if (this.foreignResultSet != null) { this.foreignResultSet.Dispose(); this.foreignResultSet = null; } this.atBeginning = true; } }
internal override ResultSetBookmark BookmarkAndReset() { SAMMembersSetBookmark sAMMembersSetBookmark = new SAMMembersSetBookmark(); sAMMembersSetBookmark.groupsToVisit = this.groupsToVisit; this.groupsToVisit = new List<string>(); string item = this.groupsVisited[0]; sAMMembersSetBookmark.groupsVisited = this.groupsVisited; this.groupsVisited = new List<string>(); this.groupsVisited.Add(item); sAMMembersSetBookmark.@group = this.@group; sAMMembersSetBookmark.membersEnumerator = this.membersEnumerator; this.@group = this.originalGroup; UnsafeNativeMethods.IADsMembers aDsMember = [email protected](); this.membersEnumerator = ((IEnumerable)aDsMember).GetEnumerator(); sAMMembersSetBookmark.current = this.current; sAMMembersSetBookmark.currentFakePrincipal = this.currentFakePrincipal; sAMMembersSetBookmark.currentForeign = this.currentForeign; this.current = null; this.currentFakePrincipal = null; this.currentForeign = null; sAMMembersSetBookmark.foreignMembers = this.foreignMembers; sAMMembersSetBookmark.foreignGroups = this.foreignGroups; sAMMembersSetBookmark.foreignResultSet = this.foreignResultSet; this.foreignMembers = new List<DirectoryEntry>(); this.foreignGroups = new List<GroupPrincipal>(); this.foreignResultSet = null; sAMMembersSetBookmark.atBeginning = this.atBeginning; this.atBeginning = true; return sAMMembersSetBookmark; }
private bool MoveNextLocal() { bool flag; do { flag = false; bool flag1 = this.membersEnumerator.MoveNext(); if (!flag1) { if (!this.recursive || this.groupsToVisit.Count <= 0) { continue; } string item = this.groupsToVisit[0]; this.groupsToVisit.RemoveAt(0); this.groupsVisited.Add(item); DirectoryEntry directoryEntry = SDSUtils.BuildDirectoryEntry(item, this.storeCtx.Credentials, this.storeCtx.AuthTypes); this.@group = (UnsafeNativeMethods.IADsGroup)directoryEntry.NativeObject; UnsafeNativeMethods.IADsMembers aDsMember = [email protected](); this.membersEnumerator = ((IEnumerable)aDsMember).GetEnumerator(); flag = true; } else { UnsafeNativeMethods.IADs current = (UnsafeNativeMethods.IADs)this.membersEnumerator.Current; byte[] numArray = (byte[])current.Get("objectSid"); SidType sidType = Utils.ClassifySID(numArray); if (sidType != SidType.FakeObject) { DirectoryEntry aDsPath = SDSUtils.BuildDirectoryEntry(this.storeCtx.Credentials, this.storeCtx.AuthTypes); if (sidType != SidType.RealObjectFakeDomain) { aDsPath.Path = current.ADsPath; } else { string str = current.ADsPath; UnsafeNativeMethods.Pathname pathname = new UnsafeNativeMethods.Pathname(); UnsafeNativeMethods.IADsPathname aDsPathname = (UnsafeNativeMethods.IADsPathname)pathname; aDsPathname.Set(str, 1); StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append("WinNT://"); stringBuilder.Append(this.storeCtx.MachineUserSuppliedName); stringBuilder.Append("/"); int numElements = aDsPathname.GetNumElements(); for (int i = numElements - 2; i >= 0; i--) { stringBuilder.Append(aDsPathname.GetElement(i)); stringBuilder.Append("/"); } stringBuilder.Remove(stringBuilder.Length - 1, 1); aDsPath.Path = stringBuilder.ToString(); } if (!this.IsLocalMember(numArray)) { this.foreignMembers.Add(aDsPath); flag = true; } else { if (!this.recursive || !SAMUtils.IsOfObjectClass(aDsPath, "Group")) { this.current = aDsPath; this.currentFakePrincipal = null; this.currentForeign = null; if (this.foreignResultSet != null) { this.foreignResultSet.Dispose(); } this.foreignResultSet = null; return true; } else { if (!this.groupsVisited.Contains(aDsPath.Path) && !this.groupsToVisit.Contains(aDsPath.Path)) { this.groupsToVisit.Add(aDsPath.Path); } flag = true; } } } else { this.currentFakePrincipal = this.storeCtx.ConstructFakePrincipalFromSID(numArray); this.current = null; this.currentForeign = null; if (this.foreignResultSet != null) { this.foreignResultSet.Dispose(); } this.foreignResultSet = null; return true; } } } while (flag); return false; }
private bool MoveNextLocal() { bool flag; do { flag = false; bool flag1 = this.membersEnumerator.MoveNext(); if (!flag1) { if (!this.recursive || this.groupsToVisit.Count <= 0) { continue; } string item = this.groupsToVisit[0]; this.groupsToVisit.RemoveAt(0); this.groupsVisited.Add(item); DirectoryEntry directoryEntry = SDSUtils.BuildDirectoryEntry(item, this.storeCtx.Credentials, this.storeCtx.AuthTypes); this.@group = (UnsafeNativeMethods.IADsGroup)directoryEntry.NativeObject; UnsafeNativeMethods.IADsMembers aDsMember = [email protected](); this.membersEnumerator = ((IEnumerable)aDsMember).GetEnumerator(); flag = true; } else { UnsafeNativeMethods.IADs current = (UnsafeNativeMethods.IADs) this.membersEnumerator.Current; byte[] numArray = (byte[])current.Get("objectSid"); SidType sidType = Utils.ClassifySID(numArray); if (sidType != SidType.FakeObject) { DirectoryEntry aDsPath = SDSUtils.BuildDirectoryEntry(this.storeCtx.Credentials, this.storeCtx.AuthTypes); if (sidType != SidType.RealObjectFakeDomain) { aDsPath.Path = current.ADsPath; } else { string str = current.ADsPath; UnsafeNativeMethods.Pathname pathname = new UnsafeNativeMethods.Pathname(); UnsafeNativeMethods.IADsPathname aDsPathname = (UnsafeNativeMethods.IADsPathname)pathname; aDsPathname.Set(str, 1); StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append("WinNT://"); stringBuilder.Append(this.storeCtx.MachineUserSuppliedName); stringBuilder.Append("/"); int numElements = aDsPathname.GetNumElements(); for (int i = numElements - 2; i >= 0; i--) { stringBuilder.Append(aDsPathname.GetElement(i)); stringBuilder.Append("/"); } stringBuilder.Remove(stringBuilder.Length - 1, 1); aDsPath.Path = stringBuilder.ToString(); } if (!this.IsLocalMember(numArray)) { this.foreignMembers.Add(aDsPath); flag = true; } else { if (!this.recursive || !SAMUtils.IsOfObjectClass(aDsPath, "Group")) { this.current = aDsPath; this.currentFakePrincipal = null; this.currentForeign = null; if (this.foreignResultSet != null) { this.foreignResultSet.Dispose(); } this.foreignResultSet = null; return(true); } else { if (!this.groupsVisited.Contains(aDsPath.Path) && !this.groupsToVisit.Contains(aDsPath.Path)) { this.groupsToVisit.Add(aDsPath.Path); } flag = true; } } } else { this.currentFakePrincipal = this.storeCtx.ConstructFakePrincipalFromSID(numArray); this.current = null; this.currentForeign = null; if (this.foreignResultSet != null) { this.foreignResultSet.Dispose(); } this.foreignResultSet = null; return(true); } } }while (flag); return(false); }