/// <summary>
/// Gets the list of groups those are all of members to the selected node
/// </summary>
/// <param name="groupDn"></param>
/// <param name="_dirnode"></param>
/// <returns></returns>
public static List <string> GetMemberAttrofGroup(string groupDn, ADUCDirectoryNode _dirnode)
{
string[] search_attrs = { "objectsid", "member", null };
List <string> member = new List <string>();
ADUCDirectoryNode newGroupnode = new ADUCDirectoryNode(_dirnode, "group", groupDn);
List <LdapEntry> ldapEntries = UserGroupUtils.getLdapEntries(false, newGroupnode, search_attrs, "(objectClass=*)", LdapAPI.LDAPSCOPE.BASE);
if (ldapEntries != null && ldapEntries.Count > 0)
{
LdapEntry ldapNextEntry = ldapEntries[0];
if (ldapNextEntry != null)
{
string[] attrsList = ldapNextEntry.GetAttributeNames();
if (attrsList != null)
{
foreach (string attr in attrsList)
{
if (attr.Equals("member", StringComparison.InvariantCultureIgnoreCase))
{
LdapValue[] attrValues = ldapNextEntry.GetAttributeValues(attr, newGroupnode.LdapContext);
foreach (LdapValue attrValue in attrValues)
{
member.Add(attrValue.stringData);
}
}
}
}
}
}
return(member);
}
/// <summary>
/// Gets all groups for the selected user AD Object is member of
/// Add groups to the Member Of page listview
/// </summary>
/// <param name="ce"></param>
/// <param name="servername"></param>
/// <param name="name"></param>
/// <param name="dirnode"></param>
public void SetData(CredentialEntry ce, string servername, string name, ADUCDirectoryNode dirnode)
{
_servername = servername;
_dirnode = dirnode;
try
{
string[] groupDns = UserGroupUtils.GetGroupsforUser(dirnode);
MemoflistView.Items.Clear();
//show a list of group names in the member of page
Logger.Log("user member of contains: ");
if (groupDns != null && groupDns.Length > 0)
{
//populate the data in usermemberOf page using groupDns
foreach (string groupDn in groupDns)
{
Logger.Log("group: " + groupDn);
//CN=Domain Users,CN=Users,DC=qadom,DC=centeris,DC=com
// split the groupDns
string[] slvItem = UserGroupUtils.splitDn(groupDn);
string sLDAPPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, groupDn);
DirectoryEntry entry = new DirectoryEntry(sLDAPPath, _dirnode.LdapContext.UserName, _dirnode.LdapContext.Password);
if (entry == null)
{
return;
}
ListViewItem lvItem = new ListViewItem(slvItem);
lvItem.ImageIndex = MemOfPages.GetIndexForADObject(entry);
MemoflistView.Items.Add(lvItem);
lvItem.Tag = groupDn;
if (!slvItem[0].Equals("Domain Users", StringComparison.InvariantCultureIgnoreCase))
{
MemofDnList.Add(groupDn);
}
}
//settings primary group to user
sPrimayGroup = UserGroupUtils.GetPrimaryGroup(_dirnode);
string[] Items = UserGroupUtils.splitDn(sPrimayGroup);
if (!string.IsNullOrEmpty(Items[0]))
{
DomainUserlabel.Text = Items[0];
}
if (MemoflistView.Items.Count > 0)
{
MemoflistView.Items[0].Selected = true;
}
}
}
catch (Exception ex)
{
Logger.LogException("UserMemberOfPage.SetData", ex);
}
}
public static int GetIndexForADObject(System.DirectoryServices.DirectoryEntry de)
{
try
{
object[] asProp = de.Properties["objectClass"].Value as object[];
// poke these in a list for easier reference
List <string> liClasses = new List <string>();
foreach (string s in asProp)
{
liClasses.Add(s);
}
if (liClasses.Contains("user") || liClasses.Contains("computer"))
{
string usercontrol = de.Properties["userAccountControl"].Value.ToString();
int userControl = Convert.ToInt32(usercontrol);
string userCtrlBinStr = UserGroupUtils.DecimalToBase(userControl, 2);
if (userCtrlBinStr.Length >= 2)
{
if (liClasses.Contains("computer"))
{
if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
{
return((int)ADUCDirectoryNode.GetNodeType("Computer"));
}
else
{
return((int)ADUCDirectoryNode.GetNodeType("computer"));
}
}
if (liClasses.Contains("user"))
{
if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
{
return((int)ADUCDirectoryNode.GetNodeType("disabledUser"));
}
else
{
return((int)ADUCDirectoryNode.GetNodeType("user"));
}
}
}
}
else if (liClasses.Contains("group") || liClasses.Contains("foreignSecurityPrincipal"))
{
return((int)ADUCDirectoryNode.GetNodeType("group"));
}
}
catch
{
return((int)ADUCDirectoryNode.GetNodeType("group"));
}
return((int)ADUCDirectoryNode.GetNodeType("group"));
}
/// <summary>
/// Removes the selected group from the Member of listview
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void RemoveButton_Click(object sender, EventArgs e)
{
if (MemoflistView.SelectedItems.Count > 0)
{
DialogResult dlg =
MessageBox.Show(this, "Do you want to remove " + _dirnode.Text + " from the selected group(s)?",
"Remove user from group", MessageBoxButtons.YesNo,
MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2);
if (dlg == DialogResult.Yes)
{
foreach (ListViewItem item in MemoflistView.SelectedItems)
{
bool bIsPrimaryGroup = false;
string removeDn = item.Tag as string;
string[] slvItem = UserGroupUtils.splitDn(removeDn);
if (!string.IsNullOrEmpty(slvItem[0]) && DomainUserlabel.Text.Trim().Equals(slvItem[0]))
{
bIsPrimaryGroup = true;
string sMsg =
"The primary group cannot be removed. Set another group \nas primary " +
"if you want to remove this one";
container.ShowError(this, sMsg);
}
if (!bIsPrimaryGroup)
{
MemoflistView.Items.Remove(item);
RemovedGroups.Add(removeDn);
//remove the dn from added group list
foreach (string str in AddedGroups)
{
if (str.Equals(removeDn, StringComparison.InvariantCultureIgnoreCase))
{
}
AddedGroups.Remove(removeDn);
RemovedGroups.Remove(removeDn);
break;
}
}
}
RemoveButton.Enabled = false;
memListchanged = true;
}
}
else
{
memListchanged = false;
}
UpdateApplyButton();
}
private static string OnApply_GetObjectRealmName(ADUCDirectoryNode _dirnode)
{
string[] search_attrs = { "sAMAccountName", "userPrincipalName", null };
string realmName = string.Empty;
ADUCDirectoryNode newGroupnode = new ADUCDirectoryNode(_dirnode, _dirnode.ObjectClass, _dirnode.DistinguishedName);
List <LdapEntry> ldapEntries = UserGroupUtils.getLdapEntries(false, newGroupnode, search_attrs, "(objectClass=*)", LdapAPI.LDAPSCOPE.BASE);
if (ldapEntries != null && ldapEntries.Count > 0)
{
LdapEntry ldapNextEntry = ldapEntries[0];
if (ldapNextEntry != null)
{
string[] attrsList = ldapNextEntry.GetAttributeNames();
if (attrsList != null)
{
foreach (string attr in attrsList)
{
if (_dirnode.ObjectClass.Equals("group", StringComparison.InvariantCultureIgnoreCase) ||
_dirnode.ObjectClass.Equals("computer", StringComparison.InvariantCultureIgnoreCase))
{
if (attr.Equals("sAMAccountName", StringComparison.InvariantCultureIgnoreCase))
{
LdapValue[] attrValues = ldapNextEntry.GetAttributeValues(attr, newGroupnode.LdapContext);
if (attrValues != null)
{
realmName = attrValues[0].stringData;
break;
}
}
}
else if (_dirnode.ObjectClass.Equals("user", StringComparison.InvariantCultureIgnoreCase))
{
if (attr.Equals("userPrincipalName", StringComparison.InvariantCultureIgnoreCase))
{
LdapValue[] attrValues = ldapNextEntry.GetAttributeValues(attr, newGroupnode.LdapContext);
if (attrValues != null)
{
realmName = attrValues[0].stringData;
break;
}
}
}
}
}
}
}
return(realmName);
}
/// <summary>
/// Queries and initializes the ldapMessage for the selected group
/// Gets all users and groups those are members for selected group
/// Fills the list with listview
/// </summary>
/// <param name="ce"></param>
/// <param name="servername"></param>
/// <param name="name"></param>
/// <param name="dirnode"></param>
public void SetData(CredentialEntry ce, string servername, string name, ADUCDirectoryNode dirnode)
{
Dictionary <string, string> members = UserGroupUtils.GetGroupMembers(dirnode);
foreach (string str in members.Keys)
{
OriginalObjects.Add(str);
ModifiedObjects.Add(str.ToLower());
}
_dirnode = dirnode;
MemoflistView.Items.Clear();
//show a list of group names in the member of page
Logger.Log("Group member contains: ");
foreach (string sDN in members.Keys)
{
string[] slvItem = null;
System.DirectoryServices.DirectoryEntry de = new System.DirectoryServices.DirectoryEntry(sDN, _dirnode.LdapContext.UserName, _dirnode.LdapContext.Password);
if (members[sDN].Equals("foreignSecurityPrincipal"))
{
byte[] objectSid = de.Properties["objectSid"].Value as byte[];
string Sid = UserGroupUtils.SIDtoString(objectSid);
string cn = UserGroupUtils.GetGroupFromForeignSecurity(Sid, dirnode.LdapContext);
if (cn != null)
{
slvItem = new string[] { cn, "NT AUTHORITY" };
}
else
{
continue;
}
}
else
{
slvItem = UserGroupUtils.splitDn(sDN);
}
ListViewItem lvItem = new ListViewItem(slvItem);
lvItem.ImageIndex = MemOfPages.GetIndexForADObject(de);
MemoflistView.Items.Add(lvItem);
lvItem.Tag = sDN;
}
if (MemoflistView.Items.Count > 0)
{
MemoflistView.Items[0].Selected = true;
}
}
//when adding a user to a new group, we need modify the group's "member" attribute to include this user,
// we cannot modify the user's "memberof" attribute
public bool OnApply()
{
bool retVal = true;
if (IsPrimaryGroupChanged)
{
List <LDAPMod> attrlist = new List <LDAPMod>();
//the following portion of code uses openldap "ldap_Modify_s"
string basedn = _dirnode.DistinguishedName;
DirectoryContext dirContext = _dirnode.LdapContext;
string[] objectClass_values = null;
//first obtain the current primaryGroupID value
DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, ChangedPrimaryGroup));;
if (de.Properties["primaryGroupToken"].Value != null)
{
int iPrimaryGroupToken = Convert.ToInt32(de.Properties["primaryGroupToken"].Value.ToString());
objectClass_values = new string[] { iPrimaryGroupToken.ToString(), null };
LDAPMod attr_info =
new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "primaryGroupID",
objectClass_values);
LDAPMod[] attrinfo = new LDAPMod[] { attr_info };
int ret = dirContext.ModifySynchronous(basedn, attrinfo);
Logger.Log("Modify primaryGroupID returns " + ret);
if (ret == 0)
{
string[] Items = UserGroupUtils.splitDn(ChangedPrimaryGroup);
if (!string.IsNullOrEmpty(Items[0]))
{
DomainUserlabel.Text = Items[0];
}
}
else
{
retVal = false;
}
}
}
retVal = MemOfPages.OnApply_helper(MemofDnList, AddedGroups, RemovedGroups, _dirnode, this);
return(retVal);
}
/// <summary>
/// Gets and initializes the LikewiseIdentityCell for each root level
/// </summary>
/// <param name="dirnode"></param>
private void likewiseIdentityCell_init(ADUCDirectoryNode dirnode)
{
string likewiseCellDN = string.Concat("CN=$LikewiseIdentityCell,", dirnode.LdapContext.RootDN);
LdapValue[] descriptionValues =
UserGroupUtils.SearchAttrByDn(likewiseCellDN, dirnode, "description");
if (descriptionValues == null)
{
Logger.Log(String.Format(
"No description attribute found in {0}",
likewiseCellDN),
Logger.LogLevel.Error);
return;
}
foreach (LdapValue value in descriptionValues)
{
string descriptionString = value.stringData;
if (!String.IsNullOrEmpty(descriptionString))
{
string[] split = descriptionString.Split('=');
if (split[0].Equals("unixHomeDirectory", StringComparison.InvariantCultureIgnoreCase))
{
_defaultUnixHomedir = split[1].Trim();
}
if (split[0].Equals("loginShell", StringComparison.InvariantCultureIgnoreCase))
{
_loginShell = split[1].Trim();
}
if (split[0].Equals("use2307Attrs", StringComparison.InvariantCultureIgnoreCase))
{
if (split[1].Equals("True", StringComparison.InvariantCultureIgnoreCase))
{
Logger.Log("RFC2307 mode is detected!", Logger.ldapLogLevel);
}
}
}
}
}
private bool BuildSchemaCache(bool usingSimpleBind)
{
if (_adContext == null)
{
return(false);
}
_adContext.SchemaCache = LDAPSchemaCache.Build(_adContext);
_schemaCache = _adContext.SchemaCache;
DirectoryEntry.exisitngDirContext.Add(_adContext);
DirectoryEntry.existingSchemaCache.Add(_schemaCache);
string sldapPath = string.Concat("LDAP://", _hn.domainName, "/", rootDN);
ADUCDirectoryNode rootNode = ADUCDirectoryNode.GetDirectoryRoot(
_adContext,
_rootDN,
Resources.ADUC,
typeof(ADUCPage),
_plugin);
if (rootNode == null)
{
Logger.Log("The rootNode is null");
return(false);
}
_rootNode = rootNode;
_shortDomainName = UserGroupUtils.getnetBiosName(rootNode);
Logger.Log(
"the obtained NetbiosName is " + _shortDomainName,
Logger.ldapLogLevel);
return(true);
}
/// <summary>
/// Queries and fills the ldap message for the selected group
/// Gets the attribute list from AD for group schema attribute.
/// search for the attributes description, cn or name and displays them in a controls
/// </summary>
/// <param name="ce"></param>
/// <param name="servername"></param>
/// <param name="name"></param>
/// <param name="dirnode"></param>
public void SetData(CredentialEntry ce, string servername, string name, ADUCDirectoryNode dirnode)
{
try
{
this.dirnode = dirnode;
this.plugin = dirnode.Plugin as ADUCPlugin;
DirectoryContext dirContext = dirnode.LdapContext;
Logonname = "";
PreLogonname = "";
//first obtain the current userAccountControl value
DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName));
int userCtrlInt = Convert.ToInt32(de.Properties["userAccountControl"].Value.ToString());
long pwdLastSet = Convert.ToInt64(de.Properties["pwdLastSet"].Value.ToString());
sUserWorkStations = de.Properties["userWorkstations"].Value as string;
if (de.Properties["userPrincipalName"].Value != null)
{
Logonname = de.Properties["userPrincipalName"].Value as string;
Logonname = Logonname.IndexOf('@') >= 0 ? Logonname.Substring(0, Logonname.IndexOf('@')) : Logonname;
txtlogon.Text = Logonname;
}
txtpreLogonname.Text = de.Properties["sAMAccountName"].Value as string;
PreLogonname = txtpreLogonname.Text.Trim();
txtDomian.Text = dirContext.DomainName.Substring(0, dirContext.DomainName.IndexOf('.')).ToUpper() + @"\";
cbDomain.Items.Add(string.Concat("@", dirContext.DomainName.ToUpper()));
cbDomain.SelectedIndex = 0;
double accountExpires = Convert.ToInt64(de.Properties["accountExpires"].Value);
if (accountExpires == 9223372036854775807)
{
rbNever.Checked = true;
}
else
{
rbEndOf.Checked = true;
ConvertFromUnixTimestamp(accountExpires);
}
try
{
string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlInt, 2);
if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 10] == '1')
{
bMustChangePwd = true;
}
if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
{
bAcountDisable = true;
}
if (userCtrlBinStr.Length >= 17 && userCtrlBinStr[userCtrlBinStr.Length - 17] == '1')
{
bNeverExpiresPwd = true;
bMustChangePwd = false;
}
if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 7] == '1' &&
pwdLastSet != 0)
{
bUserCannotChange = true;
}
if (userCtrlBinStr.Length >= 8 && userCtrlBinStr[userCtrlBinStr.Length - 8] == '1')
{
bStorePwd = true;
}
if (userCtrlBinStr.Length >= 19 && userCtrlBinStr[userCtrlBinStr.Length - 19] == '1')
{
bSmartCardRequired = true;
}
if (userCtrlBinStr.Length >= 21 && userCtrlBinStr[userCtrlBinStr.Length - 21] == '1')
{
bAccSensitive = true;
}
if (userCtrlBinStr.Length >= 22 && userCtrlBinStr[userCtrlBinStr.Length - 22] == '1')
{
bUseDESDescription = true;
}
if (userCtrlBinStr.Length >= 23 && userCtrlBinStr[userCtrlBinStr.Length - 23] == '1')
{
bNotKrbAuthentication = true;
}
}
catch
{
}
FillUserOptions();
dateTimePicker.Enabled = rbEndOf.Checked;
this.ParentContainer.DataChanged = false;
this.ParentContainer.btnApply.Enabled = false;
}
catch (Exception e)
{
Logger.LogException("UserAccountPage.SetData", e);
}
}
/// <summary>
/// Removes the selected user/group from the list
/// On Apply will removes the selected listview item from "members" attribute for the selected "group"
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void RemoveButton_Click(object sender, EventArgs e)
{
if (MemoflistView.SelectedItems.Count > 0)
{
DialogResult dlg =
MessageBox.Show(this, "Do you want to remove the selected member(s) from the group?",
CommonResources.GetString("Caption_Console"), MessageBoxButtons.YesNo,
MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2);
if (dlg == DialogResult.Yes)
{
foreach (ListViewItem item in MemoflistView.SelectedItems)
{
string sDn = item.Tag as string;
string sLdapPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, sDn);
DirectoryEntry entry = new DirectoryEntry(sLdapPath, _dirnode.LdapContext.UserName, _dirnode.LdapContext.Password);
if (entry == null)
{
return;
}
ADUCDirectoryNode dn = new ADUCDirectoryNode(
sDn,
_dirnode.LdapContext,
_dirnode.ObjectClass,
Properties.Resources.computer,
_dirnode.t,
_dirnode.Plugin,
_dirnode.IsDisabled);
string primaryDn = UserGroupUtils.GetPrimaryGroup(dn);
if (primaryDn != null && primaryDn.Trim().Equals(_dirnode.DistinguishedName, StringComparison.InvariantCultureIgnoreCase))
{
string Msg =
"This is the member's primary group, so the member cannot be removed. " +
"Go to the Member Of tab of \n" +
"the member's property sheet and set another group " +
"as primary. You can then remove the member from this group";
container.ShowError(Msg);
return;
}
ListViewItem[] lvItemArr = new ListViewItem[MemoflistView.Items.Count - 1];
List <ListViewItem> lvItemList = new List <ListViewItem>();
int i = 0;
foreach (ListViewItem lvitem in MemoflistView.Items)
{
if (!lvitem.Equals(item))
{
lvItemList.Add(lvitem);
}
}
foreach (ListViewItem lvitem in lvItemList)
{
lvItemArr[i++] = lvitem;
}
MemoflistView.Items.Clear();
MemoflistView.Items.AddRange(lvItemArr);
ModifiedObjects.Remove((item.Tag as string).ToLower());
memListchanged = true;
}
RemoveButton.Enabled = false;
}
}
else
{
memListchanged = false;
}
UpdateApplyButton();
}
/// <summary>
/// Shows the AddUserToGroup dialog with the all groups and users
/// AddUsertoGroup.MEMBERS_PAGE parameter will tell the tree to show both Group and User
/// On Apply will adds new entry to the "members" attribute for the selected "group"
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void Addbutton_Click(object sender, EventArgs e)
{
// show picker
string sLdapPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, _dirnode.DistinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
string groupScope = GetgroupType();
System.DirectoryServices.Misc.DsPicker f = new System.DirectoryServices.Misc.DsPicker(groupScope);
f.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_ONLY_DOMAIN_USERS_OR_GROUPS, sProtocol, sServer, sDCs, true);
if (f.waitForm != null && f.waitForm.bIsInterrupted)
{
return;
}
if (f.ShowDialog(this) == DialogResult.OK)
{
if (f.ADobjectsArray != null && f.ADobjectsArray.Length != 0)
{
foreach (System.DirectoryServices.Misc.ADObject ado in f.ADobjectsArray)
{
bool bIsObjectExists = false;
string sDN = ado.de.Properties["distinguishedName"].Value as string;
string[] slvItem = UserGroupUtils.splitDn(sDN);
if (IsItemExists(sDN))
{
string sMsg =
"The object " +
slvItem[0] +
" is already in the list \nand cannot be added a second time";
container.ShowError(sMsg);
bIsObjectExists = true;
}
if (sDN.Equals(_dirnode.DistinguishedName))
{
container.ShowError("A group cannot be made a member of itself.");
continue;
}
if (!bIsObjectExists)
{
ListViewItem lvItem = new ListViewItem(slvItem);
lvItem.ImageIndex = MemOfPages.GetIndexForADObject(ado.de);
MemoflistView.Items.Add(lvItem);
lvItem.Tag = sDN;
bool found = false;
foreach (string str in ModifiedObjects)
{
if (str.Equals(sDN, StringComparison.InvariantCultureIgnoreCase))
{
found = true;
break;
}
}
//do not add duplicate objects
if (!found)
{
ModifiedObjects.Add(sDN.ToLower());
}
memListchanged = true;
}
}
}
}
else
{
memListchanged = false;
}
UpdateApplyButton();
}
/// <summary>
/// Queries and fills the ldap message for the selected computer
/// Gets the attribute list from AD for computer schema attribute.
/// search for the attributes dNSHostName, cn or name and displays them in a controls
/// </summary>
/// <param name="ce"></param>
/// <param name="servername"></param>
/// <param name="name"></param>
/// <param name="dirnode"></param>
public void SetData(CredentialEntry ce, string servername, string name, ADUCDirectoryNode dirnode)
{
try
{
this.dirnode = dirnode;
int ret = -1;
List <LdapEntry> ldapEntries = null;
ret = dirnode.LdapContext.ListChildEntriesSynchronous
(dirnode.DistinguishedName,
LdapAPI.LDAPSCOPE.BASE,
"(objectClass=*)",
null,
false,
out ldapEntries);
if (ldapEntries == null || ldapEntries.Count == 0)
{
return;
}
LdapEntry ldapNextEntry = ldapEntries[0];
string[] attrsList = ldapNextEntry.GetAttributeNames();
if (attrsList != null)
{
foreach (string attr in attrsList)
{
string sValue = "";
LdapValue[] attrValues = ldapNextEntry.GetAttributeValues(attr, dirnode.LdapContext);
if (attrValues != null && attrValues.Length > 0)
{
foreach (LdapValue value in attrValues)
{
sValue = sValue + "," + value.stringData;
}
}
if (sValue.StartsWith(","))
{
sValue = sValue.Substring(1);
}
sValue = sValue.Substring(0, sValue.Length);
if (string.Compare(sValue, "") == 0)
{
sValue = "<Not Set>";
}
if (string.Compare(attr, "cn") == 0)
{
this.lblComputerName.Text = sValue;
}
if (string.Compare(attr, "sAMAccountName") == 0)
{
if (sValue.EndsWith("$"))
{
this.txtCName.Text = sValue.Substring(0, sValue.Length - 1);
}
else
{
this.txtCName.Text = sValue;
}
}
if (string.Compare(attr, "description") == 0)
{
this.txtDescription.Text = sValue;
_editObject.Description = sValue;
}
if (string.Compare(attr, "dNSHostName") == 0)
{
this.txtDNSName.Text = sValue;
}
if (string.Compare(attr, "userAccountControl") == 0)
{
int userCtrlVal = 0;
if (attrValues != null && attrValues.Length > 0)
{
userCtrlVal = Convert.ToInt32(attrValues[0].stringData);
}
string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlVal, 16);
_editObject.UserCtrlBinStr = userCtrlVal;
this.txtRole.Text = "Workstation or server";
if (userCtrlBinStr.Length >= 3)
{
//Determine role of computer
if (userCtrlBinStr.Length == 3)
{
//examine the third position from the left (2=NORMAL_ACCOUNT)
if (userCtrlBinStr[0] == '2')
{
this.txtRole.Text = "Normal computer";
}
//examine the third position from the left (2=INTERDOMAIN_TRUST_ACCOUNT)
if (userCtrlBinStr[0] == '8')
{
this.txtRole.Text = "Inter domain trust computer";
}
}
else
{
//examine the forth position from the left (2=WORKSTATION_TRUST_ACCOUNT)
if (userCtrlBinStr[userCtrlBinStr.Length - 4] == '1')
{
this.txtRole.Text = "Workstation or server";
}
//examine the forth position from the left (2=SERVER_TRUST_ACCOUNT)
if (userCtrlBinStr[userCtrlBinStr.Length - 4] == '2')
{
this.txtRole.Text = "Domain controller";
}
}
}
if (userCtrlBinStr.Length >= 5)
{
//Determine whether this user is TRUSTED_FOR_DELEGATION
//examine the fifth position from the left (8=TRUSTED_FOR_DELEGATION, 0=NOT TRUSTED)
//TRUSTED_FOR_DELEGATION
if (userCtrlBinStr[userCtrlBinStr.Length - 5] == '8')
{
this.checkBoxTrust.CheckedChanged -= new System.EventHandler(this.checkBoxTrust_CheckedChanged);
checkBoxTrust.Checked = true;
this.checkBoxTrust.CheckedChanged += new System.EventHandler(this.checkBoxTrust_CheckedChanged);
}
else if (userCtrlBinStr[userCtrlBinStr.Length - 5] == '0')
{
checkBoxTrust.Checked = false;
}
}
else
{
checkBoxTrust.Checked = false;
}
_editObject.DelegateTrust = checkBoxTrust.Checked;
}
}
}
UpdateOriginalData();
UpdateApplyButton();
}
catch (Exception e)
{
container.ShowError(e.Message);
}
}
/// <summary>
/// Populate the AddUsertoGroup model dialog
/// AddUsertoGroup.MEMOF_PAGE is parameter which filter only the groups
/// Gets the selected group and add it to the list, removed from the RemovedGroups list if it is exists
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void Addbutton_Click(object sender, EventArgs e)
{
// show picker
string sLdapPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, _dirnode.DistinguishedName);
string sProtocol;
string sServer;
string sCNs;
string sDCs;
System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs);
System.DirectoryServices.Misc.DsPicker f = new System.DirectoryServices.Misc.DsPicker();
f.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_GROUPS, sProtocol, sServer, sDCs, true);
if (f.waitForm != null && f.waitForm.bIsInterrupted)
{
return;
}
if (f.ShowDialog(this) == DialogResult.OK)
{
if (f.ADobjectsArray != null && f.ADobjectsArray.Length != 0)
{
foreach (System.DirectoryServices.Misc.ADObject ado in f.ADobjectsArray)
{
bool bIsObjectExists = false;
string sDN = ado.de.Properties["distinguishedName"].Value as string;
string[] slvItem = UserGroupUtils.splitDn(sDN);
if (IsItemExists(sDN))
{
string sMsg =
"The object " +
slvItem[0] +
" is already in the list \nand cannot be added a second time";
container.ShowError(sMsg);
bIsObjectExists = true;
}
if (!bIsObjectExists)
{
string sLDAPPath = string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, sDN);
DirectoryEntry entry = new DirectoryEntry(sLDAPPath, _dirnode.LdapContext.UserName, _dirnode.LdapContext.Password);
if (entry == null)
{
return;
}
ListViewItem lvItem = new ListViewItem(slvItem);
lvItem.ImageIndex = MemOfPages.GetIndexForADObject(entry);
MemoflistView.Items.Add(lvItem);
lvItem.Tag = sDN;
if (!slvItem[0].Equals("Domain Users", StringComparison.InvariantCultureIgnoreCase))
{
MemofDnList.Add(sDN);
AddedGroups.Add(sDN);
foreach (string str in RemovedGroups)
{
if (str.Equals(sDN, StringComparison.InvariantCultureIgnoreCase))
{
}
// Remove the selected group from the list, if it is exists
RemovedGroups.Remove(sDN);
break;
}
}
memListchanged = true;
}
}
}
}
else
{
memListchanged = false;
}
UpdateApplyButton();
}
/// <summary>
/// Getting added all children to the selected node that are of type ObjectClass="group"
/// , ObjectClass="user", ObjectClass="computer", ObjectClass="organizationalUnit"
/// </summary>
public void ListGroupAndUserOUChildren()
{
int ret = -1;
if (haveRetrievedChildren && !this.IsModified)
{
return;
}
string[] attrs = { "objectClass", "distinguishedName", null };
DateTime start = DateTime.Now;
ret = dirContext.ListChildEntriesSynchronous
(distinguishedName,
LdapAPI.LDAPSCOPE.ONE_LEVEL,
"(objectClass=*)",
attrs,
false,
out ldapEntries);
if (ldapEntries == null || ldapEntries.Count == 0)
{
//haveRetrievedChildren = true;
//return;
//clears the domian level node, if the ldap connection timed out or disconnected
ADUCPlugin plugin = this.Plugin as ADUCPlugin;
haveRetrievedChildren = true;
this.IsModified = false;
if (ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_SERVER_DOWN ||
ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_CONNECT_ERROR ||
ret == -1)
{
if (ret == -1)
{
ret = (int)ErrorCodes.LDAPEnum.LDAP_TIMEOUT;
Logger.LogMsgBox(ErrorCodes.LDAPString(ret));
}
plugin._pluginNode.Nodes.Clear();
this.sc.ShowControl(plugin._pluginNode);
}
else
{
Nodes.Clear();
}
return;
}
foreach (LdapEntry ldapNextEntry in ldapEntries)
{
string s = ldapNextEntry.GetDN();
string objectClass = "";
LdapValue[] values = ldapNextEntry.GetAttributeValues("objectClass", dirContext);
if (values != null && values.Length > 0)
{
//use the most specific object Class, which will be listed last.
objectClass = values[values.Length - 1].stringData;
Logger.Log("Start--", Logger.ldapLogLevel);
for (int i = 0; i < values.Length; i++)
{
Logger.Log("objectclass is " + values[i], Logger.ldapLogLevel);
}
Logger.Log("End--", Logger.ldapLogLevel);
}
if (objectClass.Equals("group", StringComparison.InvariantCultureIgnoreCase))
{
ADUCDirectoryNode dtn = new ADUCDirectoryNode(s, dirContext, objectClass,
Resources.Group_16, NodeType, Plugin, false);
dtn.sc = this.sc;
Nodes.Add(dtn);
}
bool IsDisabled = false;
bool IsDc = false;
if (objectClass.Equals("user", StringComparison.InvariantCultureIgnoreCase) ||
objectClass.Equals("computer", StringComparison.InvariantCultureIgnoreCase))
{
values = ldapNextEntry.GetAttributeValues("userAccountControl", dirContext);
int userCtrlVal = 0;
if (values != null && values.Length > 0)
{
userCtrlVal = Convert.ToInt32(values[0].stringData);
}
if (userCtrlVal.Equals(8224) || userCtrlVal.Equals(8202) || userCtrlVal.Equals(532480))
{
IsDc = true;
}
string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlVal, 2);
//Determine whether this user is enabled or disabled
//examine the second to last position from the right (0=Active, 1=Inactive)
if (userCtrlBinStr.Length >= 2)
{
if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
{
IsDisabled = true;
}
else if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '0')
{
IsDisabled = false;
}
}
ADUCDirectoryNode dtn = new ADUCDirectoryNode(s, dirContext, objectClass,
Resources.Group_16, NodeType, Plugin, IsDisabled);
dtn.sc = this.sc;
dtn._IsDomainController = IsDc;
Nodes.Add(dtn);
}
if (objectClass.Equals("organizationalUnit", StringComparison.InvariantCultureIgnoreCase))
{
ADUCDirectoryNode dtn = new ADUCDirectoryNode(s, dirContext, objectClass,
Resources.Group_16, NodeType, Plugin, false);
dtn.sc = this.sc;
Nodes.Add(dtn);
}
}
haveRetrievedChildren = true;
}
/// <summary>
/// List the all children for the selected distinguished name
/// Adds the all children to the node
/// </summary>
public ADUCDirectoryNode[] ListChildren(ADUCDirectoryNode dnode)
{
Logger.Log("DirectoryNode.ListChildren() called", Logger.ldapLogLevel);
int ret = -1;
string[] attrList = new string[]
{
"dummy",
"objectClass",
"distinguishedName",
"userAccountControl",
null
};
ret = dirContext.ListChildEntriesSynchronous
(distinguishedName,
LdapAPI.LDAPSCOPE.ONE_LEVEL,
"(objectClass=*)",
attrList,
false,
out ldapEntries);
if (ldapEntries == null || ldapEntries.Count == 0)
{
//clears the domian level node, if the ldap connection timed out or disconnected
ADUCPlugin plugin = this.Plugin as ADUCPlugin;
haveRetrievedChildren = true;
this.IsModified = false;
if (ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_SERVER_DOWN ||
ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_CONNECT_ERROR ||
ret == -1)
{
if (ret == -1)
{
ret = (int)ErrorCodes.LDAPEnum.LDAP_TIMEOUT;
Logger.LogMsgBox(ErrorCodes.LDAPString(ret));
}
plugin._pluginNode.Nodes.Clear();
this.sc.ShowControl(plugin._pluginNode);
}
return(null);
}
DateTime timer = Logger.StartTimer();
List <ADUCDirectoryNode> nodesToAdd = new List <ADUCDirectoryNode>();
int nodesAdded = 0;
foreach (LdapEntry ldapNextEntry in ldapEntries)
{
string currentDN = ldapNextEntry.GetDN();
if (!String.IsNullOrEmpty(currentDN))
{
bool IsDisabled = false;
bool IsDc = false;
LdapValue[] values = ldapNextEntry.GetAttributeValues("objectClass", dirContext);
string objectClass = "";
if (values != null && values.Length > 0)
{
objectClass = values[values.Length - 1].stringData;
}
if (objectClass.Equals("user", StringComparison.InvariantCultureIgnoreCase) ||
objectClass.Equals("computer", StringComparison.InvariantCultureIgnoreCase))
{
values = ldapNextEntry.GetAttributeValues("userAccountControl", dirContext);
int userCtrlVal = 0;
if (values != null && values.Length > 0)
{
userCtrlVal = Convert.ToInt32(values[0].stringData);
}
if (userCtrlVal.Equals(8224) || userCtrlVal.Equals(8202) || userCtrlVal.Equals(532480))
{
IsDc = true;
}
string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlVal, 2);
//Determine whether this user is enabled or disabled
//examine the second to last position from the right (0=Active, 1=Inactive)
if (userCtrlBinStr.Length >= 2)
{
if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
{
IsDisabled = true;
}
else if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '0')
{
IsDisabled = false;
}
}
}
ADUCDirectoryNode newNode = new ADUCDirectoryNode(currentDN, dirContext, objectClass,
Resources.Group_16, NodeType, Plugin, IsDisabled);
newNode.sc = this.sc;
newNode._IsDomainController = IsDc;
newNode.Text = newNode.Text.Substring(3);
Logger.Log(String.Format("new Entry: {0}", currentDN), Logger.ldapLogLevel);
Logger.Log(String.Format("scheduling addition of new Entry: {0}", currentDN), Logger.ldapLogLevel);
nodesToAdd.Add(newNode);
nodesAdded++;
}
}
ADUCDirectoryNode[] nodesToAddRecast = new ADUCDirectoryNode[nodesAdded];
try
{
nodesToAdd.Sort(delegate(ADUCDirectoryNode d1, ADUCDirectoryNode d2)
{
return(d1.Text.CompareTo(d2.Text));
}
);
for (int i = 0; i < nodesAdded; i++)
{
nodesToAddRecast[i] = nodesToAdd[i];
}
}
catch (Exception)
{
}
Logger.TimerMsg(ref timer, String.Format("DirectoryNode.ListChildren(): Entry Processing({0})", distinguishedName));
this.IsModified = false;
haveRetrievedChildren = true;
return(nodesToAddRecast);
}
/// <summary>
/// List the all children for the selected distinguished name
/// Adds the all children to the node
/// </summary>
public void ListChildren()
{
Logger.Log("ADUCDirectoryNode.ListChildren() called", Logger.ldapLogLevel);
int ret = -1;
if (haveRetrievedChildren && !this.IsModified)
{
return;
}
string[] attrList = new string[]
{
"dummy",
"objectClass",
"distinguishedName",
"userAccountControl",
null
};
ret = dirContext.ListChildEntriesSynchronous
(distinguishedName,
LdapAPI.LDAPSCOPE.ONE_LEVEL,
"(objectClass=*)",
attrList,
false,
out ldapEntries);
if (ldapEntries == null || ldapEntries.Count == 0)
{
//clears the domian level node, if the ldap connection timed out or disconnected
ADUCPlugin plugin = this.Plugin as ADUCPlugin;
haveRetrievedChildren = true;
this.IsModified = false;
if (ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_SERVER_DOWN ||
ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_CONNECT_ERROR ||
ret == -1)
{
if (ret == -1)
{
ret = (int)ErrorCodes.LDAPEnum.LDAP_TIMEOUT;
Logger.LogMsgBox(ErrorCodes.LDAPString(ret));
}
plugin._pluginNode.Nodes.Clear();
this.sc.ShowControl(plugin._pluginNode);
}
else
{
Nodes.Clear();
}
return;
}
else if (IsModified)
{
Nodes.Clear();
}
DateTime timer = Logger.StartTimer();
//The following is optimized for speed, taking into account that in Mono,
//Nodes.Add() and Nodes.AddRange() both take a long time to complete.
//Nodes.AddRange() does not offer much time savings over Nodes.Add()
//Therefore, make two hashtables holding the new and old contents of the DN.
//Determine which have been added, and which have been deleted, to minimize the number of calls
//to Nodes.Add() and Nodes.Remove();
Hashtable oldEntries = new Hashtable();
Hashtable newEntries = new Hashtable();
List <ADUCDirectoryNode> nodesToAdd = new List <ADUCDirectoryNode>();
int nodesAdded = 0;
foreach (TreeNode node in Nodes)
{
ADUCDirectoryNode dNode = (ADUCDirectoryNode)node;
if (dNode != null && !String.IsNullOrEmpty(dNode.distinguishedName) &&
!oldEntries.ContainsKey(dNode.distinguishedName))
{
oldEntries.Add(dNode.distinguishedName, dNode);
}
}
foreach (LdapEntry ldapNextEntry in ldapEntries)
{
string currentDN = ldapNextEntry.GetDN();
if (!String.IsNullOrEmpty(currentDN))
{
LdapValue[] values = ldapNextEntry.GetAttributeValues("objectClass", dirContext);
string objectClass = "";
if (values != null && values.Length > 0)
{
objectClass = values[values.Length - 1].stringData;
}
bool IsDisabled = false;
bool IsDc = false;
if (objectClass.Equals("user", StringComparison.InvariantCultureIgnoreCase) ||
objectClass.Equals("computer", StringComparison.InvariantCultureIgnoreCase))
{
values = ldapNextEntry.GetAttributeValues("userAccountControl", dirContext);
int userCtrlVal = 0;
if (values != null && values.Length > 0)
{
userCtrlVal = Convert.ToInt32(values[0].stringData);
}
if (userCtrlVal.Equals(8224) || userCtrlVal.Equals(8202) || userCtrlVal.Equals(532480))
{
IsDc = true;
}
string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlVal, 2);
//Determine whether this user is enabled or disabled
//examine the second to last position from the right (0=Active, 1=Inactive)
if (userCtrlBinStr.Length >= 2)
{
if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '1')
{
IsDisabled = true;
}
else if (userCtrlBinStr[userCtrlBinStr.Length - 2] == '0')
{
IsDisabled = false;
}
}
}
ADUCDirectoryNode newNode = new ADUCDirectoryNode(currentDN, dirContext, objectClass,
Resources.Group_16, NodeType, Plugin, IsDisabled);
newNode.sc = this.sc;
newNode._IsDomainController = IsDc;
newNode.Text = newNode.Text.Substring(3);
Logger.Log(String.Format("new Entry: {0}", currentDN), Logger.ldapLogLevel);
newEntries.Add(currentDN, newNode);
if (oldEntries.ContainsKey(currentDN))
{
ADUCDirectoryNode oldNode = (ADUCDirectoryNode)oldEntries[currentDN];
if ((oldNode != null && oldNode.ObjectClass != objectClass)
||
(oldNode != null && oldNode.IsDisabled != IsDisabled))
{
oldEntries.Remove(currentDN);
oldEntries.Add(currentDN, newNode);
Nodes.Remove(oldNode);
nodesToAdd.Add(newNode);
nodesAdded++;
}
}
else
{
Logger.Log(String.Format("scheduling addition of new Entry: {0}", currentDN), Logger.ldapLogLevel);
nodesToAdd.Add(newNode);
nodesAdded++;
}
}
}
foreach (Object o in oldEntries.Keys)
{
string oldNodeKey = (string)o;
Logger.Log(String.Format("old Entry: {0}", oldNodeKey));
if (!String.IsNullOrEmpty(oldNodeKey) && !newEntries.ContainsKey(oldNodeKey))
{
ADUCDirectoryNode oldNode = (ADUCDirectoryNode)oldEntries[oldNodeKey];
if (oldNode != null)
{
Logger.Log(String.Format("removing old Entry: {0}", oldNodeKey), Logger.ldapLogLevel);
Nodes.Remove(oldNode);
}
}
}
ADUCDirectoryNode[] nodesToAddRecast = new ADUCDirectoryNode[nodesAdded];
try
{
nodesToAdd.Sort(delegate(ADUCDirectoryNode d1, ADUCDirectoryNode d2)
{
return(d1.Text.CompareTo(d2.Text));
}
);
for (int i = 0; i < nodesAdded; i++)
{
nodesToAddRecast[i] = nodesToAdd[i];
}
}
catch (Exception)
{
}
Nodes.AddRange(nodesToAddRecast);
Logger.TimerMsg(ref timer, String.Format("DirectoryNode.ListChildren(): Entry Processing({0})", distinguishedName));
this.IsModified = false;
haveRetrievedChildren = true;
}
/// <summary>
/// Queries and fills the ldap message for the Domain
/// Gets the attribute list from AD for Domain schema attribute.
/// search for the attributes description
/// </summary>
/// <param name="ce"></param>
/// <param name="servername"></param>
/// <param name="name"></param>
/// <param name="dirnode"></param>
public void SetData(CredentialEntry ce, string servername, string name, ADUCDirectoryNode dirnode)
{
try
{
this.dirnode = dirnode;
int ret = -1;
List <LdapEntry> ldapEntries = null;
ret = dirnode.LdapContext.ListChildEntriesSynchronous
(dirnode.DistinguishedName,
LdapAPI.LDAPSCOPE.BASE,
"(objectClass=*)",
null,
false,
out ldapEntries);
if (ldapEntries == null || ldapEntries.Count == 0)
{
return;
}
LdapEntry ldapNextEntry = ldapEntries[0];
string[] attrsList = ldapNextEntry.GetAttributeNames();
if (attrsList != null)
{
foreach (string attr in attrsList)
{
string sValue = "";
LdapValue[] attrValues = ldapNextEntry.GetAttributeValues(attr, dirnode.LdapContext);
if (attrValues != null && attrValues.Length > 0)
{
foreach (LdapValue value in attrValues)
{
sValue = sValue + "," + value.stringData;
}
}
if (sValue.StartsWith(","))
{
sValue = sValue.Substring(1);
}
if (string.Compare(sValue, "") == 0)
{
sValue = "<Not Set>";
}
if (string.Compare(attr, "description") == 0)
{
this.txtDescription.Text = sValue;
Description = sValue;
}
if (string.Compare(attr, "objectSid") == 0)
{
System.DirectoryServices.DirectoryEntry de = new System.DirectoryServices.DirectoryEntry(dirnode.DistinguishedName);
byte[] objectSid = de.Properties["objectSid"].Value as byte[];
string Sid = UserGroupUtils.SIDtoString(objectSid);
string cn = UserGroupUtils.GetGroupFromForeignSecurity(Sid, dirnode.LdapContext);
if (cn != null)
{
lblName.Text = string.Concat("NT AUTHORITY\\", cn);
}
}
}
this.ParentContainer.DataChanged = false;
this.ParentContainer.btnApply.Enabled = false;
}
}
catch (Exception e)
{
container.ShowError(e.Message);
}
// throw new NotImplementedException();
}
