示例#1
0
        public void CreateUser(UsersObject newUser)
        {
            CPDatabase database = null;
            ADGroup ldapGroup = null;
            ADUser ldapUser = null;

            CloudPanelTransaction newUserTransaction = new CloudPanelTransaction();
            try
            {
                // Insert into database
                database = new CPDatabase();

                // Make sure the user doesn't already exist
                var foundUser = (from u in database.Users
                                 where u.UserPrincipalName == newUser.UserPrincipalName
                                 select u).FirstOrDefault();

                if (foundUser != null)
                    ThrowEvent(AlertID.FAILED, "User already exists " + newUser.UserPrincipalName);
                else
                {
                    // Get the company's OU where we need to save the user
                    var companyDistinguishedName = (from c in database.Companies
                                                    where !c.IsReseller
                                                    where c.CompanyCode == newUser.CompanyCode
                                                    select c.DistinguishedName).First();

                    // Check if they are using a custom user's OU
                    if (!string.IsNullOrEmpty(StaticSettings.UsersOU))
                        companyDistinguishedName = string.Format("OU={0},{1}", StaticSettings.UsersOU, companyDistinguishedName);

                    ldapUser = new ADUser(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);
                    UsersObject createdUser = ldapUser.NewUser(newUser, companyDistinguishedName, StaticSettings.AllowCustomNameAttribute);
                    newUserTransaction.NewUser(createdUser.UserPrincipalName);

                    // Add the users to the groups
                    ldapGroup = new ADGroup(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);
                    ldapGroup.AddMember("AllUsers@" + newUser.CompanyCode, createdUser.UserPrincipalName, "upn");

                    if (newUser.IsCompanyAdmin)
                        ldapGroup.AddMember("Admins@" + newUser.CompanyCode, createdUser.UserPrincipalName, "upn");

                    // Insert into database
                    User sqlUser = new User();
                    sqlUser.UserGuid = createdUser.UserGuid;
                    sqlUser.CompanyCode = createdUser.CompanyCode;
                    sqlUser.sAMAccountName = createdUser.sAMAccountName;
                    sqlUser.UserPrincipalName = createdUser.UserPrincipalName;
                    sqlUser.DistinguishedName = createdUser.DistinguishedName;
                    sqlUser.DisplayName = createdUser.DisplayName;
                    sqlUser.Firstname = createdUser.Firstname;
                    sqlUser.Middlename = createdUser.Middlename;
                    sqlUser.Lastname = createdUser.Lastname;
                    sqlUser.Email = string.Empty;
                    sqlUser.Department = createdUser.Department;
                    sqlUser.IsResellerAdmin = createdUser.IsResellerAdmin;
                    sqlUser.IsCompanyAdmin = createdUser.IsCompanyAdmin;
                    sqlUser.MailboxPlan = 0;
                    sqlUser.TSPlan = 0;
                    sqlUser.LyncPlan = 0;
                    sqlUser.Created = DateTime.Now;
                    sqlUser.AdditionalMB = 0;
                    sqlUser.ActiveSyncPlan = 0;
                    database.Users.Add(sqlUser);

                    // Insert permissions into database
                    if (createdUser.IsCompanyAdmin)
                    {
                        UserPermission newPermissions = new UserPermission();
                        newPermissions.UserID = sqlUser.ID;
                        newPermissions.EnableExchange = createdUser.EnableExchangePerm;
                        newPermissions.DisableExchange = createdUser.DisableExchangePerm;
                        newPermissions.AddDomain = createdUser.AddDomainPerm;
                        newPermissions.DeleteDomain = createdUser.DeleteDomainPerm;
                        newPermissions.EnableAcceptedDomain = createdUser.EnableAcceptedDomainPerm;
                        newPermissions.DisableAcceptedDomain = createdUser.DisableAcceptedDomainPerm;
                        database.UserPermissions.Add(newPermissions);
                    }

                    database.SaveChanges();
                }
            }
            catch (Exception ex)
            {
                ThrowEvent(AlertID.FAILED, ex.Message);

                // Rollback on error
                newUserTransaction.RollBack();
            }
            finally
            {
                if (ldapUser != null)
                    ldapUser.Dispose();

                if (ldapGroup != null)
                    ldapGroup.Dispose();

                if (database != null)
                    database.Dispose();
            }
        }
示例#2
0
        public void UpdateUser(UsersObject updateUser, bool isSuperOrResellerAdmin)
        {
            CPDatabase database = null;
            ADGroup ldapGroup = null;
            ADUser ldapUser = null;

            try
            {
                database = new CPDatabase();

                // Get the user from the database
                var foundUser = (from u in database.Users
                                 where u.UserPrincipalName == updateUser.UserPrincipalName
                                 select u).FirstOrDefault();

                if (foundUser == null)
                    ThrowEvent(AlertID.FAILED, "Unknown user " + updateUser.UserPrincipalName);
                else
                {
                    this.logger.Debug("Found user " + foundUser.UserPrincipalName + " in the database. Continuing...");

                    // Update the user values
                    foundUser.Firstname = updateUser.Firstname;
                    foundUser.Middlename = updateUser.Middlename;
                    foundUser.Lastname = updateUser.Lastname;
                    foundUser.DisplayName = updateUser.DisplayName;
                    foundUser.Department = updateUser.Department;

                    // Update user in Active Directory
                    ldapUser = new ADUser(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);
                    ldapUser.UpdateUser(updateUser, StaticSettings.AllowCustomNameAttribute);

                    // Only update these values if super admin or reseller admin is modifying the user
                    if (isSuperOrResellerAdmin)
                    {
                        this.logger.Debug("Super admin or reseller is updating user so we can check comapny admin permissions and reseller permissions");

                        foundUser.IsCompanyAdmin = updateUser.IsCompanyAdmin;
                        foundUser.IsResellerAdmin = updateUser.IsResellerAdmin;

                        // Get permissions from database
                        var userPermissions = (from p in database.UserPermissions
                                               where p.UserID == foundUser.ID
                                               select p).FirstOrDefault();

                        // If the user is no longer a company admin then remove permissions from the database
                        if (userPermissions != null && !updateUser.IsCompanyAdmin)
                        {
                            this.logger.Debug("User " + updateUser.UserPrincipalName + " is no longer a comapny admin. Need to remove rights from database and security group");

                            database.UserPermissions.Remove(userPermissions);

                            // Remove from Admins@ security group
                            ldapGroup = new ADGroup(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);
                            ldapGroup.RemoveMember("Admins@" + updateUser.CompanyCode, updateUser.UserPrincipalName, "upn");
                        }
                        else if (userPermissions != null && updateUser.IsCompanyAdmin)
                        {
                            this.logger.Debug("User " + updateUser.UserPrincipalName + " is a company admin. Need to update company admin rights in database.");

                            // If user permissions was found and the user is company admin then update the values
                            userPermissions.EnableExchange = updateUser.EnableExchangePerm;
                            userPermissions.DisableExchange = updateUser.DisableExchangePerm;
                            userPermissions.AddDomain = updateUser.AddDomainPerm;
                            userPermissions.DeleteDomain = updateUser.DeleteDomainPerm;
                            userPermissions.EnableAcceptedDomain = updateUser.EnableAcceptedDomainPerm;
                            userPermissions.DisableAcceptedDomain = updateUser.DisableAcceptedDomainPerm;
                        }
                        else if (userPermissions == null && updateUser.IsCompanyAdmin)
                        {
                            this.logger.Debug("User " + updateUser.UserPrincipalName + " does not have any existing company admin rights. We need to add them to the database.");

                            // No existing permissions were found and we need to add to database
                            userPermissions = new UserPermission();
                            userPermissions.UserID = foundUser.ID;
                            userPermissions.EnableExchange = updateUser.EnableExchangePerm;
                            userPermissions.DisableExchange = updateUser.DisableExchangePerm;
                            userPermissions.AddDomain = updateUser.AddDomainPerm;
                            userPermissions.DeleteDomain = updateUser.DeleteDomainPerm;
                            userPermissions.EnableAcceptedDomain = updateUser.EnableAcceptedDomainPerm;
                            userPermissions.DisableAcceptedDomain = updateUser.DisableAcceptedDomainPerm;
                            database.UserPermissions.Add(userPermissions);

                            // Add to Admins@ security group
                            ldapGroup = new ADGroup(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);
                            ldapGroup.AddMember("Admins@" + updateUser.CompanyCode, updateUser.UserPrincipalName, "upn");
                        }
                    }
                    else
                        this.logger.Debug("User making changes to " + updateUser.UserPrincipalName + " is not a super admin or reseller admin. We cannot update company admin or reseller admin permissions unless the user making changes is a super or reseller admin.");

                    // Update database
                    database.SaveChanges();
                }
            }
            catch (Exception ex)
            {
                this.logger.Debug("Error updating user " + updateUser.UserPrincipalName, ex);
                ThrowEvent(AlertID.FAILED, ex.Message);
            }
            finally
            {
                if (ldapUser != null)
                    ldapUser.Dispose();

                if (ldapGroup != null)
                    ldapGroup.Dispose();

                if (database != null)
                    database.Dispose();
            }
        }
示例#3
0
        /// <summary>
        /// Creates a new reseller
        /// </summary>
        /// <param name="reseller"></param>
        /// <param name="baseOrganizationalUnit"></param>
        public void NewReseller(ResellerObject reseller, string baseOrganizationalUnit)
        {
            CPDatabase database = null;

            // Rollback class in case something goes wrong we can undo changes
            CloudPanelTransaction events = new CloudPanelTransaction();

            try
            {
                database = new CPDatabase();

                // Generate the company code
                string companyCode = ResellerObject.GenerateCompanyCode(reseller.CompanyName);

                // Loop and make sure one does exist or find one that does
                int count = 0;
                for (int i = 0; i < 1000; i++)
                {
                    if (Validation.DoesCompanyCodeExist(companyCode))
                    {
                        this.logger.Info("Tried to create a new reseller with company code " + companyCode + " but it already existed... trying another code");

                        companyCode = companyCode + count.ToString();
                        count++;
                    }
                    else
                    {
                        reseller.CompanyCode = companyCode; // Assign company code to object
                        break;
                    }
                }

                // Create the reseller in Active Directory
                ADOrganizationalUnit adOrg = new ADOrganizationalUnit(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);
                string distinguishedName = adOrg.CreateReseller(StaticSettings.HostingOU, reseller);
                events.NewOrganizationalUnitEvent(distinguishedName);

                // Create the security group
                ADGroup adGroup = new ADGroup(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);
                adGroup.Create(distinguishedName, "GPOAccess@" + companyCode, "", true, false);
                events.NewSecurityGroup("GPOAccess@" + companyCode);

                // Add the new group to the GPOAccess@Hosting group for group policy permissions
                adGroup.AddMember("GPOAccess@Hosting", "GPOAccess@" + companyCode, "name");

                // Add access rights
                adOrg.AddAccessRights(distinguishedName, "GPOAccess@" + companyCode);

                // Insert into database
                Company company = new Company();
                company.IsReseller = true;
                company.CompanyName = reseller.CompanyName;
                company.CompanyCode = companyCode;
                company.Street = reseller.Street;
                company.City = reseller.City;
                company.State = reseller.State;
                company.ZipCode = reseller.ZipCode;
                company.Country = reseller.Country;
                company.PhoneNumber = reseller.Telephone;
                company.AdminName = reseller.AdminName;
                company.AdminEmail = reseller.AdminEmail;
                company.Created = DateTime.Now;
                company.DistinguishedName = distinguishedName;

                database.Companies.Add(company);
                database.SaveChanges();

                // Notify success
                ThrowEvent(AlertID.SUCCESS, "Successfully created new reseller " + reseller.CompanyName);
            }
            catch (Exception ex)
            {
                ThrowEvent(AlertID.FAILED, ex.Message);

                // Rollback on error
                events.RollBack();
            }
            finally
            {
                if (database != null)
                    database.Dispose();
            }
        }
示例#4
0
        /// <summary>
        /// Creates a new company
        /// </summary>
        /// <param name="company"></param>
        /// <param name="resellerCode"></param>
        public void NewCompany(CompanyObject company, string resellerCode)
        {
            CPDatabase database = null;

            // Rollback class in case something goes wrong we can undo changes
            CloudPanelTransaction events = new CloudPanelTransaction();

            try
            {
                database = new CPDatabase();

                // Generate the company code
                string companyCode = CompanyObject.GenerateCompanyCode(company.CompanyName, company.UseCompanyNameInsteadofCompanyCode);

                // Loop and make sure one does exist or find one that does
                int count = 0;
                for (int i = 0; i < 1000; i++)
                {
                    if (Validation.DoesCompanyCodeExist(companyCode))
                    {
                        this.logger.Info("Tried to create a new company with company code " + companyCode + " but it already existed... trying another code");

                        companyCode = companyCode + count.ToString();
                        count++;
                    }
                    else
                    {
                        company.CompanyCode = companyCode; // Assign company code to object
                        break;
                    }
                }

                // Get the resellers distinguished name
                var resellerDistinguishedName = (from r in database.Companies
                                                 where r.IsReseller
                                                 where r.CompanyCode == resellerCode
                                                 select r.DistinguishedName).First();

                #region Create Organizational Units

                //
                // Create organizational units
                //
                ADOrganizationalUnit adOrg = new ADOrganizationalUnit(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);

                // Check if resellers are enabled and create the organizational unit in the correct place
                string newCompanyDistinguishedName = string.Empty;
                if (!StaticSettings.ResellersEnabled)
                    newCompanyDistinguishedName = adOrg.CreateCompany(StaticSettings.HostingOU, company);
                else
                    newCompanyDistinguishedName = adOrg.CreateCompany(resellerDistinguishedName, company);
                events.NewOrganizationalUnitEvent(newCompanyDistinguishedName);
                adOrg.RemoveAuthUsersRights(newCompanyDistinguishedName); // Removes authenticated users from the OU;

                // Create the Exchange OU
                string exchangeOU = adOrg.CreateOU(newCompanyDistinguishedName, "Exchange", company.Domains[0]);
                events.NewOrganizationalUnitEvent(exchangeOU);
                adOrg.RemoveAuthUsersRights(exchangeOU); // Removes authenticated users from the OU;

                // Create the Applications OU
                string applicationsOU = adOrg.CreateOU(newCompanyDistinguishedName, "Applications", company.Domains[0]);
                events.NewOrganizationalUnitEvent(applicationsOU);
                adOrg.RemoveAuthUsersRights(applicationsOU); // Removes authenticated users from the OU;

                // Create the custom users OU if there is one
                string customUsersOU = string.Empty;
                if (!string.IsNullOrEmpty(StaticSettings.UsersOU))
                {
                    customUsersOU = adOrg.CreateOU(newCompanyDistinguishedName, StaticSettings.UsersOU, company.Domains[0]);
                    events.NewOrganizationalUnitEvent(customUsersOU);
                    adOrg.RemoveAuthUsersRights(customUsersOU); // Removes authenticated users from the OU;
                }
                #endregion

                #region Create Security Groups
                //
                // Create Security Groups
                //
                ADGroup adGroup = new ADGroup(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);

                // Create the Admins security group
                adGroup.Create(newCompanyDistinguishedName, "Admins@" + companyCode, "", true, false);
                events.NewSecurityGroup("Admins@" + companyCode);

                // Create the All Users security group
                adGroup.Create(newCompanyDistinguishedName, "AllUsers@" + companyCode, "", true, false);
                events.NewSecurityGroup("AllUsers@" + companyCode);

                // Create the AllTSUsers security groups
                adGroup.Create(newCompanyDistinguishedName, "AllTSUsers@" + companyCode, "", true, false);
                events.NewSecurityGroup("AllTSUsers@" + companyCode);

                // Add AllTSUsers to the AllTSUsers@Hosting group
                adGroup.AddMember("AllTSUsers@Hosting", "AllTSUsers@" + companyCode, "name");

                // Check the GPOAccess and see if we are using resellers or not. Then add the group to the GPOAccess security group
                if (StaticSettings.ResellersEnabled)
                {
                    adGroup.AddMember("GPOAccess@"+ resellerCode, "AllTSUsers@" + companyCode, "name");
                }
                else
                {
                    adGroup.AddMember("GPOAccess@Hosting", "AllTSUsers@" + companyCode, "name");
                }
                #endregion

                #region Add read rights to organizational units
                //
                // Now add read rights
                //
                adOrg.AddAccessRights(newCompanyDistinguishedName, "AllUsers@ " + companyCode);
                adOrg.AddAccessRights(exchangeOU, "AllUsers@" + companyCode);
                adOrg.AddAccessRights(applicationsOU, "AllUsers@" + companyCode);

                if (!string.IsNullOrEmpty(StaticSettings.UsersOU))
                    adOrg.AddAccessRights(customUsersOU, "AllUsers@" + companyCode);

                #endregion

                // Insert into database
                Company newCompanyDb = new Company();
                newCompanyDb.IsReseller = false;
                newCompanyDb.CompanyName = company.CompanyName;
                newCompanyDb.CompanyCode = company.CompanyCode;
                newCompanyDb.ResellerCode = resellerCode;
                newCompanyDb.Street = company.Street;
                newCompanyDb.City = company.City;
                newCompanyDb.State = company.State;
                newCompanyDb.ZipCode = company.ZipCode;
                newCompanyDb.Country = company.Country;
                newCompanyDb.PhoneNumber = company.Telephone;
                newCompanyDb.AdminName = company.AdminName;
                newCompanyDb.AdminEmail = company.AdminEmail;
                newCompanyDb.DistinguishedName = newCompanyDistinguishedName;
                newCompanyDb.Created = DateTime.Now;

                database.Companies.Add(newCompanyDb);
                database.SaveChanges();
                events.InsertCompanyToDatabase(newCompanyDb.CompanyCode);

                // Insert domain into database
                Domain newDomain = new Domain();
                newDomain.CompanyCode = newCompanyDb.CompanyCode;
                newDomain.Domain1 = company.Domains[0];
                newDomain.IsAcceptedDomain = false;
                newDomain.IsLyncDomain = false;
                newDomain.IsSubDomain = false;

                database.Domains.Add(newDomain);
                database.SaveChanges();

                // Notify success
                ThrowEvent(AlertID.SUCCESS, "Successfully created new company " + newCompanyDb.CompanyName);
            }
            catch (Exception ex)
            {
                ThrowEvent(AlertID.FAILED, ex.Message);

                // Rollback on error
                events.RollBack();
            }
            finally
            {
                if (database != null)
                    database.Dispose();
            }
        }
        private void Delete_Group(string groupname)
        {
            ADGroup group = null;

            try
            {
                this.logger.Warn("Rolling back action... Deleting group " + groupname);

                group = new ADGroup(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);
                group.Delete(groupname);

                this.logger.Warn("Successfully deleted " + groupname);
            }
            catch (Exception ex)
            {
                this.logger.Error("Failed to roll back action... Deleting group " + groupname, ex);
            }
        }