/// <summary> /// Event raises when we click on any contextmenu item /// And then performs the specified action /// </summary> /// <param name="sender"></param> /// <param name="e"></param> public void cm_OnMenuClick(object sender, EventArgs e) { // assure that the sender is a MenuItem MenuItem mi = sender as MenuItem; //Help if (mi != null && mi.Text.Equals("Help")) { ProcessStartInfo psi = new ProcessStartInfo(); psi.UseShellExecute = true; psi.FileName = CommonResources.GetString("LAC_Help"); psi.Verb = "open"; psi.WindowStyle = ProcessWindowStyle.Normal; Process.Start(psi); return; } ADUCDirectoryNode dirnode = mi.Tag as ADUCDirectoryNode; if (dirnode == null && lvChildNodes.SelectedItems.Count == 1) { return; } int ret = -1; if (dirnode != null) { string[] attrs = { null }; List<LdapEntry> ldapEntries = null; ret = dirnode.LdapContext.ListChildEntriesSynchronous( dirnode.DistinguishedName, Likewise.LMC.LDAP.Interop.LdapAPI.LDAPSCOPE.ONE_LEVEL, "(objectClass=*)", attrs, false, out ldapEntries); if (ret == (int)Likewise.LMC.Utilities.ErrorCodes.LDAPEnum.LDAP_NO_SUCH_OBJECT) { return; } } //Refresh the dirnode (redo a ldap query at the current dirnode) if (mi != null && mi.Text.Equals("Refresh")) { if (dirnode != null) { dirnode.Refresh(); if (dirnode.Nodes.Count == 0) { return; } dirnode.IsModified = true; base.treeNode = dirnode; } } //Add New User if (mi != null && mi.Text.Equals("User")) { if (dirnode != null) { AddNewUser(dirnode); } } //Add new computer if (mi != null && mi.Text.Equals("Computer")) { if (dirnode != null) { AddNewComputer(dirnode, null); } } //Add new group if (mi != null && mi.Text.Equals("Group")) { if (dirnode != null) { AddNewGroup(dirnode); } } //Add new OU if (mi != null && mi.Text.Equals("Organizational Unit")) { if (dirnode != null) { AddNewOU(dirnode); } } //Add a generic Object if (mi != null && mi.Text.Equals("Other")) { if (dirnode != null) { AddNewObject(dirnode); } } //Delete an object (user, computer, group and OU if (mi != null && mi.Text.Equals("Delete")) { LACTreeNode parentNode = null; ret = -1; DialogResult dlg = container.ShowMessage( "Are you sure you want to delete this object(s)?", MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation); if (dlg == DialogResult.Yes) { if (mi.Tag != null) { parentNode = dirnode.Parent == null ? treeNode as ADUCDirectoryNode : dirnode.Parent as ADUCDirectoryNode; ret = DODeleteADObjects(dirnode); } else { parentNode = (LACTreeNode)treeNode; foreach (ListViewItem item in lvChildNodes.SelectedItems) { ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode; if (dn != null) { ret = DODeleteADObjects(dn); if (ret != 0) { break; } } } } if (ret == 0) { int length = CommonResources.GetString("Caption_Console").Length + 24; string msgToDisplay = "Object(s) is deleted!"; if (length > msgToDisplay.Length) { msgToDisplay = msgToDisplay.PadRight(length - msgToDisplay.Length, '�'); } container.ShowError(msgToDisplay); if ((parentNode != null) && (parentNode is ADUCDirectoryNode)) { ADUCPlugin plugin = treeNode.Plugin as ADUCPlugin; ADUCDirectoryNode parentdirnode = parentNode as ADUCDirectoryNode; parentdirnode.Refresh(); parentdirnode.IsModified = true; base.treeNode = parentdirnode; } } } } //Copy ... if (mi != null && mi.Text.Equals("Copy...")) { if (dirnode != null) { string obj_type = dirnode.ObjectClass; if (obj_type.Equals("top", StringComparison.InvariantCultureIgnoreCase) || obj_type.Equals("user", StringComparison.InvariantCultureIgnoreCase)) { string sText = "Copy Object - User"; DirectoryContext dirContext = dirnode.LdapContext; try { //first obtain the current userAccountControl value DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName)); int userCtrlInt = Convert.ToInt32(de.Properties["userAccountControl"].Value.ToString()); long pwdLastSet = Convert.ToInt64(de.Properties["pwdLastSet"].Value.ToString()); string copyfrom = "Copy from: " + de.Properties["name"].Value.ToString(); bool bAcountDisable = false, bNeverExpiresPwd = false, bMustChangePwd = false, bUserCannotChange = false; string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlInt, 2); if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 10] == '1' && pwdLastSet == 0) { bMustChangePwd = true; } if (userCtrlBinStr.Length >= 17 && userCtrlBinStr[userCtrlBinStr.Length - 17] == '1') { bNeverExpiresPwd = true; bMustChangePwd = false; } if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 7] == '1' && pwdLastSet != 0) { bUserCannotChange = true; } if (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 2] == '1') { bAcountDisable = true; } ADUserAddDlg f = new ADUserAddDlg(base.container, this, sText, treeNode as ADUCDirectoryNode, bAcountDisable, bNeverExpiresPwd, bMustChangePwd, bUserCannotChange, copyfrom); f.ShowDialog(this); //the user information is gather in f.userInfo before "finish" button is clicked if (f.userInfo.commit == true) { Hashtable htUserInfo = new Hashtable(); if (f.userInfo.fName != "") { htUserInfo.Add("givenName", f.userInfo.fName); } if (f.userInfo.initials != "") { htUserInfo.Add("initials", f.userInfo.initials); } if (f.userInfo.lName != "") { htUserInfo.Add("sn", f.userInfo.lName); } if (f.userInfo.fullName != "") { htUserInfo.Add("cn", f.userInfo.fullName); htUserInfo.Add("displayName", f.userInfo.fullName); htUserInfo.Add("name", f.userInfo.fullName); } if (f.userInfo.logonName != "") { htUserInfo.Add("userPrincipalName", f.userInfo.logonName); } if (f.userInfo.userPrelogonname != "") { htUserInfo.Add("sAMAccountName", f.userInfo.userPrelogonname); } //use logon name to set "sAMAaccountname" AddNewObj_User(treeNode as ADUCDirectoryNode, htUserInfo, false, f.userInfo.passWord, f.userInfo.bAcountDisable, f.userInfo.bNeverExpiresPwd, f.userInfo.bMustChangePwd, f.userInfo.bCannotChangePwd); } } catch (Exception ex) { Logger.LogException("ADUCPage.cm_OnMenuClick", ex); } } } } //Move... if (mi != null && mi.Text.Equals("Move...")) { DoMoveObjectWork(dirnode); } //Rename if (mi != null && mi.Text.Equals("Rename")) { if (dirnode != null) { DirectoryContext dirContext = dirnode.LdapContext; string obj_type = dirnode.ObjectClass; if (obj_type.Equals("top", StringComparison.InvariantCultureIgnoreCase) || obj_type.Equals("user", StringComparison.InvariantCultureIgnoreCase)) { LACTreeNode parentnode = dirnode.Parent == null ? treeNode as LACTreeNode : dirnode.Parent as LACTreeNode; ADUCDirectoryNode parentdirnode = parentnode as ADUCDirectoryNode; ADRenameUserDlg f = new ADRenameUserDlg(dirnode, parentdirnode.DistinguishedName); f.ShowDialog(this); if (f.renameUserInfo.commit == true) { string basedn = dirnode.DistinguishedName; string newdn = f.renameUserInfo.fullName; newdn = string.Concat(CN_PREFIX, newdn); ret = dirContext.RenameSynchronous(basedn, newdn, null); if (ret == 0) { Hashtable htUserInfo = new Hashtable(); if (f.renameUserInfo.fName != "") { htUserInfo.Add("givenName", f.renameUserInfo.fName); } if (f.renameUserInfo.initials != "") { htUserInfo.Add("initials", f.renameUserInfo.initials); } if (f.renameUserInfo.lName != "") { htUserInfo.Add("sn", f.renameUserInfo.lName); } if (f.renameUserInfo.displayName != "") { htUserInfo.Add("displayName", f.renameUserInfo.displayName); } if (f.renameUserInfo.logonName != "") { htUserInfo.Add("userPrincipalName", f.renameUserInfo.logonName); } if (f.renameUserInfo.userPrelogonname != "") { htUserInfo.Add("sAMAccountName", f.renameUserInfo.userPrelogonname); } string cn = string.Empty; string smamAccount = string.Empty; List<LDAPMod> userinfo = new List<LDAPMod>(); foreach (string key in htUserInfo.Keys) { string[] objectClass_values = new string[] { htUserInfo[key].ToString(), null }; LDAPMod ldapMod_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, key, objectClass_values); userinfo.Add(ldapMod_Info); } LDAPMod[] renameinfo = new LDAPMod[userinfo.Count]; userinfo.CopyTo(renameinfo); string dn = string.Concat(newdn, DN_SEPARATOR); string ou = parentdirnode.DistinguishedName; dn = string.Concat(dn, ou); ret = dirContext.ModifySynchronous(dn, renameinfo); if (ret == 0) { int length = CommonResources.GetString("Caption_Console").Length + 24; string msgToDisplay = "Object is renamed!"; if (length > msgToDisplay.Length) { msgToDisplay = msgToDisplay.PadRight(length - msgToDisplay.Length, '�'); } container.ShowMessage(msgToDisplay); } else { container.ShowError(ErrorCodes.LDAPString(ret)); return; } } else { container.ShowError(ErrorCodes.LDAPString(ret)); return; } if (parentdirnode != null) { parentdirnode.Refresh(); parentdirnode.IsModified = true; base.treeNode = parentdirnode; } } } else { ADRenameDlg f = new ADRenameDlg(base.container, this, dirnode.Text, dirnode.ObjectClass); f.ShowDialog(this); //OK clicked if (f.rename != null) { //the following portion of code uses openldap "ldap_rename_s" string basedn = dirnode.DistinguishedName; LACTreeNode parentnode = dirnode.Parent == null ? treeNode as LACTreeNode : dirnode.Parent as LACTreeNode; ADUCDirectoryNode parentdirnode = parentnode as ADUCDirectoryNode; string newdn = f.rename; //rename an object if (obj_type.Equals("organizationalUnit", StringComparison.InvariantCultureIgnoreCase)) { newdn = string.Concat(OU_PREFIX, newdn); } else { newdn = string.Concat(CN_PREFIX, newdn); //Renaming any object(user, group, computer, container etc...) } ret = dirContext.RenameSynchronous(basedn, newdn, null); if (ret == 0) { int length = CommonResources.GetString("Caption_Console").Length + 24; string msgToDisplay = "Object is renamed!"; if (length > msgToDisplay.Length) { msgToDisplay = msgToDisplay.PadRight(length - msgToDisplay.Length, '�'); } container.ShowMessage(msgToDisplay); } else { container.ShowError(ErrorCodes.LDAPString(ret)); return; } if (parentdirnode != null) { parentdirnode.Refresh(); parentdirnode.IsModified = true; base.treeNode = parentdirnode; } } }//if f.name == null, there is no rename performed } } //in Computer Or user if (mi != null && mi.Text.Equals("Disable Account")) { ret = -1; ADUCDirectoryNode parentNode = null; if (mi.Tag != null) { parentNode = dirnode.Parent == null ? treeNode as ADUCDirectoryNode : dirnode.Parent as ADUCDirectoryNode; string obj_type = dirnode.ObjectClass; DialogResult dlg = MessageBox.Show(this, "Are you sure you want to disable this account?", CommonResources.GetString("Caption_Console"), MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2); if (dlg == DialogResult.Yes) { if (obj_type.Equals("user", StringComparison.InvariantCultureIgnoreCase)) { dlg = DialogResult.Yes; } if (obj_type.Equals("computer", StringComparison.InvariantCultureIgnoreCase)) { dlg = MessageBox.Show(this, "Disabling the computer account " + dirnode.Text + " prevents users on that computer from logging on to this domain\n " + "Do you want to disable this computer account?", CommonResources.GetString("Caption_Console"), MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2); } if (dlg == DialogResult.Yes || dlg == DialogResult.OK) { ret = DoDisableADObjects(dirnode); } if (ret == 0) { MessageBox.Show(this, string.Format("Object {0} has been disabled.", dirnode.Text), CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Information); } } } else { bool bAlertMsg = true; parentNode = treeNode as ADUCDirectoryNode; foreach (ListViewItem item in lvChildNodes.SelectedItems) { ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode; if (dn != null) { if (!dn.IsDisabled) { bAlertMsg = false; break; } } } if (bAlertMsg) { MessageBox.Show(this, "All of the selected objects are disabled", CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Information); return; } foreach (ListViewItem item in lvChildNodes.SelectedItems) { ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode; if (dn != null) { ret = DoDisableADObjects(dn); if (ret != 0) { return; } } } if (ret == 0) { MessageBox.Show(this, string.Format("All of the selected objects have been disabled."), CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Information); } } if (ret == 0) { if (parentNode != null) { parentNode.Refresh(); parentNode.IsModified = true; base.treeNode = parentNode; } } else if (ret != -1) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowMessage(sMsg); } } //Enable Account if (mi != null && mi.Text.Equals("Enable Account")) { ret = -1; ADUCDirectoryNode parentNode = null; if (mi.Tag != null) { parentNode = dirnode.Parent == null ? treeNode as ADUCDirectoryNode : dirnode.Parent as ADUCDirectoryNode; DialogResult dlg = MessageBox.Show(this, "Are you sure you want to enable this account?", CommonResources.GetString("Caption_Console"), MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2); if (dlg == DialogResult.Yes) { ret = DoEnableAccount(dirnode); if (ret == 0) { MessageBox.Show(this, string.Format("Object {0} has been enabled.", dirnode.Text), CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Information); } } } else { bool bAlertMsg = true; parentNode = treeNode as ADUCDirectoryNode; foreach (ListViewItem item in lvChildNodes.SelectedItems) { ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode; if (dn != null) { if (dn.IsDisabled) { bAlertMsg = false; break; } } } if (bAlertMsg) { MessageBox.Show(this, "All of the selected objects are enabled", CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Information); return; } foreach (ListViewItem item in lvChildNodes.SelectedItems) { ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode; if (dn != null) { ret = DoEnableAccount(dn); if (ret != 0) { return; } } } if (ret == 0) { MessageBox.Show(this, string.Format("All of the selected objects have been enabled."), CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Information); } } if (ret == 0) { if (parentNode != null) { parentNode.Refresh(); parentNode.IsModified = true; base.treeNode = parentNode; } } else if (ret == -2) { string sMsg = string.Format("Windows cannot enable object {0} becuase\n" + "Unanle to update the password. The value provided for the new passoword does not meeth\n" + "length, complexity, or history requirement of the domain", dirnode.Text); MessageBox.Show(this, sMsg, CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Error); } else if (ret != -1) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowMessage(sMsg); } } //in User only if (mi != null && mi.Text.Equals("Reset Password")) { if (dirnode != null) { DirectoryContext dirContext = dirnode.LdapContext; //first obtain the current userAccountControl value DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName)); int userCtrlInt = int.Parse(de.Properties["userAccountControl"].Value.ToString()); int useraccountCtr_decimalVal = 512; bool bNeverExpiresPwd = false; ret = 0; string userCtrlBinStr = UserGroupUtils.DecimalToBase(userCtrlInt, 2); if ((userCtrlBinStr.Length >= 17 && userCtrlBinStr[userCtrlBinStr.Length - 17] == '1') || (userCtrlBinStr.Length >= 10 && userCtrlBinStr[userCtrlBinStr.Length - 7] == '1')) { bNeverExpiresPwd = true; } ResetPassword f = new ResetPassword(base.container, this, bNeverExpiresPwd, dirnode.Text); if (f.ShowDialog(this) == DialogResult.OK) { //first, change the password //first obtain the current userAccountControl value //DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName)); string username = de.Properties["sAMAccountName"].Value.ToString(); if (String.IsNullOrEmpty(f.passwordinfo.password)) { return; } bool retValue = false; try { ADUCPlugin plugin = pi as ADUCPlugin; Hostinfo hn = ctx as Hostinfo; retValue = !Convert.ToBoolean(LUGAPI.NetChangePassword(hn.domainName, username, f.passwordinfo.password)); } catch (Exception) { retValue = false; } List<LDAPMod> attrlist = new List<LDAPMod>(); //second, we need to set up to make sure that user shall change his password next time he logs in. if (f.passwordinfo.MustChangePwNextLogon && !bNeverExpiresPwd && retValue) { //int userCtrlInt = (int)de.Properties["msDS-User-Account-Control-Computed"].Value; //userCtrlInt = Convert.ToInt32(de.Properties["userAccountControl"].Value.ToString()); if (userCtrlInt != 546) { string newUserCtrl_val = Convert.ToString(useraccountCtr_decimalVal + 8388608); string[] userControl_values = { newUserCtrl_val, null }; LDAPMod userControl_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "userAccountControl", userControl_values); attrlist.Add(userControl_Info); } string[] pwdLastSet_values = { "0", null }; LDAPMod pwdLastSet_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "pwdLastSet", pwdLastSet_values); attrlist.Add(pwdLastSet_attr); } if (attrlist.Count != 0) { LDAPMod[] attrinfo = new LDAPMod[attrlist.Count]; attrlist.CopyTo(attrinfo); ret = dirnode.LdapContext.ModifySynchronous(dirnode.DistinguishedName, attrinfo); } if (retValue && ret == 0) { int length = CommonResources.GetString("Caption_Console").Length + 28; string msgToDisplay = "Password has been reset successfully."; if (length > msgToDisplay.Length) { msgToDisplay = msgToDisplay.PadRight(length - msgToDisplay.Length, '�'); } container.ShowMessage(msgToDisplay); return; } else { container.ShowError("Failed to reset password."); return; } } else { return; } } } //Add to Group if (mi != null && mi.Text.Equals("Add to Group")) { if (dirnode == null) { dirnode = lvChildNodes.SelectedItems[0].Tag as ADUCDirectoryNode; } string sLdapPath = string.Format("LDAP://{0}/{1}", dirnode.LdapContext.DomainName, dirnode.DistinguishedName); string sProtocol; string sServer; string sCNs; string sDCs; System.DirectoryServices.SDSUtils.CrackPath(sLdapPath, out sProtocol, out sServer, out sCNs, out sDCs); System.DirectoryServices.Misc.DsPicker f = new System.DirectoryServices.Misc.DsPicker(); f.SetData(System.DirectoryServices.Misc.DsPicker.DialogType.SELECT_GROUPS, sProtocol, sServer, sDCs, false); if (f.waitForm != null && f.waitForm.bIsInterrupted) { return; } if (f.ShowDialog(this) == DialogResult.OK) { List<ListViewItem> itemlist = new List<ListViewItem>(); ADUCDirectoryNode parentNode = null; string sDN = f.ADobjectsArray[0].de.Properties["distinguishedName"].Value as string; if (mi.Tag != null) { parentNode = dirnode.Parent == null ? treeNode as ADUCDirectoryNode : dirnode.Parent as ADUCDirectoryNode; ret = DoAddtoGroup(dirnode, sDN, true, f.ADobjectsArray[0].Name, ref itemlist); if (ret == 0) { container.ShowMessage("The Add to Group operation was successfully completed"); } } else { parentNode = treeNode as ADUCDirectoryNode; foreach (ListViewItem item in lvChildNodes.SelectedItems) { ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode; if (dn != null) { ret = DoAddtoGroup(dn, sDN, false,null, ref itemlist); } } if (itemlist != null && itemlist.Count != 0) { ADAddtoGroupErrorEditor errorDailog = new ADAddtoGroupErrorEditor(itemlist); errorDailog.ShowDialog(this); } else if (ret == 0) { container.ShowMessage("The Add to Group operation was successfully completed"); } } if (ret != 0 && ret != -1) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowError(sMsg); return; } } } //Reset Computer Account if (mi != null && mi.Text.Equals("Reset Account")) { DirectoryContext dirContext = dirnode.LdapContext; DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName)); int iPrimaryGroupID = Convert.ToInt32(de.Properties["primaryGroupID"].Value.ToString()); // string DCResetacc = de.Properties["cn"].Value.ToString() + "$"; if (iPrimaryGroupID == 516) { string sMsg = string.Format( "Server {0} is a domain controller.You cannot reset " + "the password on this object.", dirnode.Text); MessageBox.Show(sMsg); return; } if (dirnode != null) { DialogResult dlg = MessageBox.Show(this, "Are you sure you want to reset this computer account?", CommonResources.GetString("Caption_Console"), MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2); if (dlg == DialogResult.Yes) { string computername = de.Properties["sAMAccountName"].Value.ToString(); //It will give the DistinguishedName for the computer is nothing but getting 'cn' attribute string compResetpawd = de.Properties["cn"].Value.ToString() + "$"; //dirnode.DistinguishedName.Split(',')[0].Substring(3) + "$"; try { ADUCPlugin plugin = pi as ADUCPlugin; Hostinfo hn = ctx as Hostinfo; bool retValue = !Convert.ToBoolean(LUGAPI.NetChangePassword(hn.domainName, computername, compResetpawd)); if (retValue) { string sMsg = string.Format( "Account {0} was successfully reset.", dirnode.Text); container.ShowMessage(sMsg); return; } else { string sMsg = string.Format( "Resetting account for {0} was unsuccessful.", dirnode.Text); container.ShowMessage(sMsg); return; } } catch (Exception ex) { string sMsg = string.Format( "Resetting account for {0} was unsuccessful. Becuase {1}", dirnode.Text, ex.Message); container.ShowError(sMsg); Logger.LogException("ADUCPage", ex); return; } } } } //Refreshing the Aduc page after performing any of the aduc functionalities RefreshPluginPage(); //Properties... if (mi != null && mi.Text.Equals("Properties")) { if (lvChildNodes.SelectedItems.Count > 1) { ADUCPlugin plugin = treeNode.Plugin as ADUCPlugin; ADUCDirectoryNode dnNode = treeNode as ADUCDirectoryNode; List<object> dirnodes = new List<object>(); bool bIsuserType = false; bool bIsgroupType = false; bool bIsOUType = false; bool bIsOthers = false; ADObjectType = string.Empty; foreach (ListViewItem item in lvChildNodes.SelectedItems) { ADUCDirectoryNode dn = item.Tag as ADUCDirectoryNode; if (dn != null) { if (dn.ObjectClass.Trim().Equals("user", StringComparison.InvariantCultureIgnoreCase)) { bIsuserType = true; } else if (dn.ObjectClass.Trim().Equals("group", StringComparison.InvariantCultureIgnoreCase)) { bIsgroupType = true; } else if (dn.ObjectClass.Trim().Equals("organizationalUnit", StringComparison.InvariantCultureIgnoreCase)) { bIsOUType = true; } else { bIsOthers = true; ADObjectType = string.Empty; } dirnodes.Add(dn); } } if (bIsgroupType && !bIsOthers && !bIsuserType && !bIsOUType) { ADObjectType = "group"; } else if (bIsuserType && !bIsOthers && !bIsgroupType && !bIsOUType) { ADObjectType = "user"; } else if (bIsOUType && !bIsOthers && !bIsuserType && !bIsgroupType) { ADObjectType = "organizationalUnit"; } MultiItemPropertiesDlg propertiesDlg = new MultiItemPropertiesDlg(base.container, this, base.pi as ADUCPlugin, dirnodes); propertiesDlg.SetData(plugin.HostInfo.creds, plugin.HostInfo.hostName, "", dnNode, dnNode.LdapContext.SchemaCache); propertiesDlg.Show(); } else { DoPropertyPagesWork(dirnode); } } }
private void lvGPOs_MouseUp(object sender, MouseEventArgs e) { ListView lvSender = sender as ListView; if (lvSender != null && e.Button == MouseButtons.Right) { ListViewHitTestInfo hti = lvSender.HitTest(e.X, e.Y); if (hti != null && hti.Item != null) { ListViewItem lvItem = hti.Item; ContextMenu menu = null; if (!lvItem.Selected) { lvItem.Selected = true; } if (lvItem.Tag != null) { menu = GetListViewMouseUpContextMenu(lvItem.Tag as string); } if (menu != null) { menu.Show(lvSender, new Point(e.X, e.Y)); } else { Logger.Log( "ObjectsListPage::lvGPOs_MouseUp, menu == null", Logger.manageLogLevel); } } } else if (lvSender != null && e.Button == MouseButtons.Left) { if (bIsLabelEdited && lvGPOs.Items.Count != 0) { if (lvGPOs.Items[lvGPOs.Items.Count - 1].Text.Trim().Equals(string.Empty)) lvGPOs.Items[lvGPOs.Items.Count - 1].Text = "New Group Policy Object"; sNewGPODN = lvGPOs.Items[lvGPOs.Items.Count - 1].Text; if (!AddNewGPO(sNewGPODN, false)) bIsLabelEdited = false; if (lvGPOs.SelectedItems.Count == 0) return; ListViewItem selectedItem = lvGPOs.SelectedItems[0]; sDistinguishedName = selectedItem.Tag as string; sGPODisplayName = selectedItem.Text; btnOk.Enabled = true; } else if (bIsRenameEdited && lvGPOs.Items.Count != 0) { if (lvGPOs.SelectedItems.Count == 0) return; if (lvGPOs.SelectedItems[0].Text.Trim().Equals(string.Empty)) { lvGPOs.SelectedItems[0].Text = sGPODisplayName; return; } string rename = lvGPOs.SelectedItems[0].Text; bIsRenameEdited = false; ListViewItem selectedItem = lvGPOs.SelectedItems[0]; sDistinguishedName = selectedItem.Tag as string; sGPODisplayName = selectedItem.Text; string[] displayname_values = new string[] { rename, null }; LDAPMod displayname_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "displayName", displayname_values); LDAPMod[] attrinfo = new LDAPMod[] { displayname_Info }; int ret = dirContext.ModifySynchronous(sDistinguishedName, attrinfo); btnOk.Enabled = true; } } }
private void DeleteGPO(string DistinguishedName) { List<LdapEntry> ldapEntries = new List<LdapEntry>(); int ret = dirContext.ListChildEntriesSynchronous (dirContext.RootDN, LdapAPI.LDAPSCOPE.SUB_TREE, "(objectClass=organizationalUnit)", new string[] { "dummy", "objectClass", "distinguishedName", "userAccountControl", null }, false, out ldapEntries); if (ldapEntries != null && ldapEntries.Count != 0) { List<LdapEntry> rootldapEntries = new List<LdapEntry>(); ret = dirContext.ListChildEntriesSynchronous (dirContext.RootDN, LdapAPI.LDAPSCOPE.BASE, "(objectClass=*)", new string[] { "dummy", "objectClass", "distinguishedName", "userAccountControl", null }, false, out rootldapEntries); if (rootldapEntries != null && rootldapEntries.Count != 0) { foreach (LdapEntry ldapentry in rootldapEntries) ldapEntries.Add(ldapentry); } foreach (LdapEntry ldapNextEntry in ldapEntries) { string currentDN = ldapNextEntry.GetDN(); DirectoryEntry deEntry = new DirectoryEntry(currentDN); if (deEntry != null) { string gpLinkEntries = null; if (deEntry.Properties["gpLink"].Value != null) gpLinkEntries = deEntry.Properties["gpLink"].Value.ToString(); if (gpLinkEntries != null) { string[] gplinkTokens = gpLinkEntries.Split(']'); if (gplinkTokens == null) return; List<string> gpoLinksList = new List<string>(); bool IsLinkExists = false; foreach (string gpLink in gplinkTokens) { if (gpLink.Trim().Length == 0) continue; string gpoLink = gpLink.Substring(1, gpLink.IndexOf(';') - 1); string currentGPO = "LDAP://" + DistinguishedName; if (gpoLink.Trim().Equals(currentGPO.Trim(), StringComparison.InvariantCultureIgnoreCase)) IsLinkExists = true; else { gpoLinksList.Add(gpLink + "]"); } } if (IsLinkExists) { string gpLink_Value = ""; foreach (string value in gpoLinksList) { gpLink_Value += value; } string[] gpLink_values = { gpLink_Value, null }; LDAPMod gpLink_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "gpLink", gpLink_values); LDAPMod[] attrinfo = new LDAPMod[] { gpLink_Info }; ret = dirContext.ModifySynchronous(currentDN, attrinfo); } } } } } ret = dirContext.DeleteChildren_Recursive(DistinguishedName); if (ret == 0) { string baseDn = "CN=Policies,CN=System,"; baseDn = string.Concat(baseDn, dirContext.RootDN); ListGPOChildren(baseDn); RefreshlvItems(); } else { string sMsg = ErrorCodes.LDAPString(ret); container.ShowMessage(sMsg); return; } }
/// <summary> /// Modifies the specified attributes for the selected AD Object either "user" to AD Schema template /// </summary> /// <returns></returns> public bool OnApply() { List<LDAPMod> ldapAttrlist = new List<LDAPMod>(); List<LDAPMod> attrlist = new List<LDAPMod>(); if (dirnode == null || String.IsNullOrEmpty(dirnode.DistinguishedName) || dirnode.LdapContext == null) { return true; } if (ListUserOptions.GetItemChecked(0) && ListUserOptions.GetItemChecked(1)) { string Msg = "You cannot select both 'User must change passowrd at next logon' and 'User cannot change password'\nfor the same user"; MessageBox.Show(this, Msg, CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Information); ListUserOptions.SetItemChecked(1, false); return false; } if (ListUserOptions.GetItemChecked(0) && ListUserOptions.GetItemChecked(2)) { string Msg = "You have selected 'Password never expires'. \nThe user will not be required to change the password at next logon."; MessageBox.Show(this, Msg, CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Information); ListUserOptions.SetItemChecked(0, false); return false; } //the following portion of code uses openldap "ldap_Modify_s" string basedn = dirnode.DistinguishedName; DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = null; if (Logonname != null && !(Logonname.Trim().Equals(txtlogon.Text.Trim()))) { objectClass_values = new string[] { txtlogon.Text.Trim(), null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "userPrincipalName", objectClass_values); attrlist.Add(attr); } if (txtpreLogonname.Text.Trim().Length > 0 && !(PreLogonname.Trim().Equals(txtpreLogonname.Text.Trim()))) { objectClass_values = new string[] { txtpreLogonname.Text.Trim(), null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "sAMAccountName", objectClass_values); attrlist.Add(attr); } if (dateTimePicker.Enabled && dateTimePicker.Value != null) { objectClass_values = new string[] { ConvertToUnixTimestamp(dateTimePicker.Value).ToString(), null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "accountExpires", objectClass_values); attrlist.Add(attr); } if (!String.IsNullOrEmpty(pwdLastSet)) { objectClass_values = new string[] { pwdLastSet, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "pwdLastSet", objectClass_values); attrlist.Add(attr); } //userWorkstations attribute if (String.IsNullOrEmpty(sUserWorkStations)) objectClass_values = new string[] { null }; else objectClass_values = new string[] { sUserWorkStations, null }; LDAPMod attri = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "userWorkstations", objectClass_values); attrlist.Add(attri); if (ListUserOptions.SelectedIndices.Count > 0) { objectClass_values = new string[] { CalculateUserAccountControl().ToString(), null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "userAccountControl", objectClass_values); attrlist.Add(attr); } LDAPMod[] attrArry = attrlist.ToArray(); int ret = -1; if (attrArry != null && attrArry.Length != 0) { ret = dirContext.ModifySynchronous(basedn, attrArry); } else { return true; } if (ret != 0) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowError(sMsg); return false; } else { DirectoryEntry de = new DirectoryEntry(dirnode.DistinguishedName); de.Properties["pwdLastSet"].Value = pwdLastSet; de.CommitChanges(); } return true; }
/// <summary> /// Modifies the "member" attribute for the selected "user" or "group" in AD schema template /// </summary> /// <param name="changedGroups"></param> /// <param name="_dirnode"></param> /// <param name="page"></param> /// <param name="operation"></param> /// <returns></returns> private static bool OnApply_inner(List<string> changedGroups, ADUCDirectoryNode _dirnode, MPPage page, int operation) { bool retVal = true; int ret = -1; string AdminGroupDN = string.Concat("CN=Administrators,CN=Builtin,", _dirnode.LdapContext.RootDN); if (changedGroups != null && changedGroups.Count > 0) { foreach (string newGroupname in changedGroups) { List<string> members = new List<string>(); members = GetMemberAttrofGroup(newGroupname.Trim(), _dirnode); bool existingMember = false; //if we want to add, we need check whether it is already a member of the group if (operation == ADDING) { foreach (string str in members) { if (str.Equals(_dirnode.DistinguishedName, StringComparison.InvariantCultureIgnoreCase)) { existingMember = true; break; } } } if (!existingMember) { if (operation == ADDING) { members.Add(_dirnode.DistinguishedName); } if (operation == REMOVING) { members.Remove(_dirnode.DistinguishedName); } if (newGroupname.Trim().ToLower().Equals(AdminGroupDN.Trim().ToLower())) { string userlogonName = OnApply_GetObjectRealmName(_dirnode); LUGAPI.NetAddGroupMember(_dirnode.LdapContext.DomainControllerName, "Administrators", userlogonName); } else { string[] members_values = new string[members.Count + 1]; members.CopyTo(members_values); members_values[members.Count] = null; LDAPMod memberattr_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "member", members_values); LDAPMod[] attrinfo = new LDAPMod[] { memberattr_Info }; if (_dirnode != null) { ret = _dirnode.LdapContext.ModifySynchronous(newGroupname.Trim(), attrinfo); if (ret == 0) { retVal = true; } else { string sMsg = ErrorCodes.LDAPString(ret); MessageBox.Show(page, sMsg, "Likewise Management Console", MessageBoxButtons.OK); retVal = false; } } } } } if (ret == 0) { if (operation == ADDING) { MessageBox.Show( page, "User/Computer/Group list is added to new groups!", CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK); } if (operation == REMOVING) { MessageBox.Show( page, "User/Computer/Group list is removed from chose groups!", CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK); } } } return retVal; }
private void HandleLVDefault(ListViewItem lvItem, ref bool dnIsChanged, ref int ret) { string basedn = dirnode.DistinguishedName; DirectoryContext dirContext = dirnode.LdapContext; string value = lvItem.SubItems[2].Text; if (String.Equals(value, "<Not Set>", StringComparison.InvariantCultureIgnoreCase)) { string[] objectClass_values = { null }; LDAPMod attr_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, lvItem.SubItems[0].Text, objectClass_values); LDAPMod[] attrinfo = new LDAPMod[] { attr_Info }; ret = dirContext.ModifySynchronous(basedn, attrinfo); //need recover the previous value if (ret != 0) { lvItem.SubItems[2].Text = lvItem.SubItems[2].Tag as string; } } else { //application crashes for single digit value if (value.StartsWith("0x", StringComparison.InvariantCultureIgnoreCase)) { value = value.Replace("ox", "-"); value = value.Substring(1); } string[] objectClass_values = { value, null }; LDAPMod attr_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, lvItem.SubItems[0].Text, objectClass_values); LDAPMod[] attrinfo = new LDAPMod[] { attr_Info }; ret = dirContext.ModifySynchronous(basedn, attrinfo); } }
/// <summary> /// Modifies the specified attributes for the selected Domain /// </summary> /// <returns></returns> public bool OnApply() { Description = this.txtDescription.Text.Trim(); List<LDAPMod> attrlist = new List<LDAPMod>(); //the following portion of code uses openldap "ldap_Modify_s" string basedn = dirnode.DistinguishedName; DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = null; if (!String.IsNullOrEmpty(Description)) { objectClass_values = new string[] { Description, null }; } else { objectClass_values = new string[] { null }; } LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "description", objectClass_values); LDAPMod[] attrArry = new LDAPMod[] { attr }; int ret = -1; if (attrArry != null && attrArry.Length != 0) { ret = dirContext.ModifySynchronous(basedn, attrArry); } else { return true; } if (ret != 0) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowError(sMsg); return false; } this.ParentContainer.DataChanged = false; this.ParentContainer.btnApply.Enabled = false; return true; }
/// <summary> /// Helper function that saves the new OU information in AD by /// defining the attributes "ou", "ObjectClass" as user for the new object /// Here we can say that ObjectClass,cn is mandatory attributes that has to be set while creating the new OU /// </summary> /// <param name="dirnode"></param> /// <param name="cn"></param> /// <param name="htAttributesList"></param> /// <param name="IsObjectItem"></param> private void AddNewObj_OU(ADUCDirectoryNode dirnode, string cn,Hashtable htAttributesList,bool IsObjectItem) { if (dirnode != null) { DirectoryContext dirContext = dirnode.LdapContext; List<LDAPMod> listattr = new List<LDAPMod>(); string[] objectClass_values = { "organizationalUnit", null }; if (IsObjectItem) { foreach (string key in htAttributesList.Keys) { if (key.Trim().ToLower().Equals("ou") || key.Trim().ToLower().Equals("cn")) { cn = htAttributesList[key].ToString(); } if (key.Trim().ToLower().Equals("objectclass")) { continue; } objectClass_values = new string[] { htAttributesList[key].ToString(), null }; LDAPMod ouinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, key, objectClass_values); listattr.Add(ouinfo_attr1); } objectClass_values = new string[] { "organizationalUnit", null }; LDAPMod ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); listattr.Add(ouinfo_attr); } else { objectClass_values = new string[] { "organizationalUnit", null }; LDAPMod ouinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); listattr.Add(ouinfo_attr1); } LDAPMod[] ouinfo = new LDAPMod[listattr.Count]; listattr.CopyTo(ouinfo); string dn = string.Concat(OU_PREFIX, cn, DN_SEPARATOR); string ou = dirnode.DistinguishedName; dn = string.Concat(dn, ou); //Returns the ret=0 if adding new OU is successfull int ret = dirContext.AddSynchronous(dn, ouinfo); if (ret == 0) { //int length = CommonResources.GetString("Caption_Console").Length + 24; string msgToDisplay = "New OrganizationalUnit Object is added!"; MessageBox.Show(this, msgToDisplay, CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK); dirnode.Refresh(); dirnode.IsModified = true; base.treeNode = dirnode; } else { container.ShowError(ErrorCodes.LDAPString(ret)); } } }
/// <summary> /// Helper function that saves the new object information in AD by /// defining the attributes "ObjectClass" as selected object type for the new object /// Here we can say that the values getting from "systemMustContain" attribute have to be set while creating the new object /// New object may be any of the class schema attribute from AD Schema template /// </summary> /// <param name="dirnode"></param> /// <param name="choosenclass"></param> /// <param name="cn"></param> /// <param name="htAttributesList"></param> private void AddNewObj(ADUCDirectoryNode dirnode, string choosenclass, string cn, Hashtable htAttributesList) { if (dirnode != null) { LDAPMod[] info = null; DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = { choosenclass, null }; if (htAttributesList != null) { info = new LDAPMod[htAttributesList.Count]; } int i = 0; foreach (string key in htAttributesList.Keys) { if (key.Trim().ToLower().Equals("cn")) { cn = htAttributesList[key].ToString(); continue; } objectClass_values = new string[] { htAttributesList[key].ToString(), null }; LDAPMod info_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, key, objectClass_values); info[i] = info_attr1; i++; } if (!htAttributesList.Contains("ObjectClass")) { objectClass_values = new string[] { choosenclass, null }; LDAPMod info_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); info[i] = info_attr1; } string dn = string.Concat(CN_PREFIX, cn, DN_SEPARATOR); string ou = dirnode.DistinguishedName; dn = string.Concat(dn, ou); int ret = dirContext.AddSynchronous(dn, info); if (ret == 0) { container.ShowMessage("New Object is added!"); dirnode.Refresh(); dirnode.IsModified = true; base.treeNode = dirnode; } else if (ret == (int)ErrorCodes.LDAPEnum.LDAP_INSUFFICIENT_RIGHTS) { string showmsg = "You do not have sufficient access rights"; container.ShowError(showmsg); } else { container.ShowError(ErrorCodes.LDAPString(ret)); } } }
/// <summary> /// Helper function that saves the new user information in AD by /// defining the attributes "cn", "sAMAccountName", "ObjectClass" as user for the new object /// Here we can say that ObjectClass,sAMAccountName is mandatory attribute that has to be set while creating the new user /// </summary> /// <param name="dirnode"></param> /// <param name="cn"></param> /// <param name="smamAccount"></param> /// <param name="htAttributesList"></param> /// <param name="IsObjectItem"></param> /// <param name="password"></param> /// <param name="IsDisabled"></param> private void AddNewObj_User(ADUCDirectoryNode dirnode, Hashtable htAttributesList, bool IsObjectItem, string password, bool IsDisabled, bool NeverExpiredPW, bool MustChangePWNxtLogon, bool CannotChangePW) { if (dirnode != null) { string cn = string.Empty; string smamAccount = string.Empty; List<LDAPMod> userinfo = new List<LDAPMod>(); DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = { "user", null }; if (IsObjectItem) { foreach (string key in htAttributesList.Keys) { if (key.Trim().ToLower().Equals("cn")) { cn = htAttributesList[key].ToString(); } else if (key.Trim().ToLower().Equals("sAMAccountName".Trim().ToLower())) { smamAccount = htAttributesList[key].ToString(); } else if (key.Trim().ToLower().Equals("objectclass")) { continue; } objectClass_values = new string[] { htAttributesList[key].ToString(), null }; LDAPMod userinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, key, objectClass_values); userinfo.Add(userinfo_attr1); } objectClass_values = new string[] { "user", null }; LDAPMod userinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); userinfo.Add(userinfo_attr); } else { LDAPMod userinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); userinfo.Add(userinfo_attr1); foreach (string key in htAttributesList.Keys) { if (key.Trim().ToLower().Equals("cn")) { cn = htAttributesList[key].ToString(); } else if (key.Trim().ToLower().Equals("sAMAccountName".ToLower())) { smamAccount = htAttributesList[key].ToString(); } objectClass_values = new string[] { htAttributesList[key].ToString(), null }; userinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, key, objectClass_values); userinfo.Add(userinfo_attr1); } } int useraccountCtr_decimalVal = 512; if (IsObjectItem) { useraccountCtr_decimalVal = 546; } else { if (IsDisabled) { useraccountCtr_decimalVal += 2; } if (NeverExpiredPW) { useraccountCtr_decimalVal += 65536; } ////user password needs to be set in another way instead of using "userPassword" attribute //if (MustChangePWNxtLogon) //{ // useraccountCtr_decimalVal += 8388608; //} if (CannotChangePW) { useraccountCtr_decimalVal += 64; } } string useraccountCtr_decimalStr = Convert.ToString(useraccountCtr_decimalVal); string[] useraccountCtr_values = { useraccountCtr_decimalStr, null }; LDAPMod[] userinfos = new LDAPMod[userinfo.Count]; userinfo.CopyTo(userinfos); string dn = string.Concat(CN_PREFIX, cn, DN_SEPARATOR); string ou = dirnode.DistinguishedName; dn = string.Concat(dn, ou); Logger.Log(string.Format("New user DN :" + dn)); foreach (LDAPMod key in userinfos) { Logger.Log(string.Format(string.Format("New user keys {0}, {1} :", key.ldapmod.mod_type, key.modv_strvals[0]))); } //returns ret=0 if adding user is successfull int ret = dirContext.AddSynchronous(dn, userinfos); if (ret == 0) { bool retValue = false; if (!IsDisabled) { container.ShowMessage("New User Object is added!"); } else { container.ShowMessage("New (disabled) User Object is added!"); } //need to make sure the interop is working correctly, comment it for now try { if (!String.IsNullOrEmpty(password)) { ADUCPlugin plugin = pi as ADUCPlugin; Hostinfo hn = ctx as Hostinfo; retValue = !Convert.ToBoolean(LUGAPI.NetChangePassword(hn.domainName, smamAccount, password)); Logger.Log(string.Format("hn.domainName is {0} : userName is {1} and password is {2}", hn.domainName, smamAccount, password)); } } catch (Exception ex) { container.ShowError("Filed to set the password for this new user because " + ex.Message); } } else if (ret == (int)ErrorCodes.LDAPEnum.LDAP_UNWILLING_TO_PERFORM) { string accessDenied = "Indicates that the Active Directory server cannot process the request because of server-defined restrictions. \n This error is returned for the following reasons:\n - The add entry request violates the server's structure rules.\n - The modify attribute request specifies attributes that users cannot modify.\n - Password restrictions prevent the action.\n - Connection restrictions prevent the action."; string returnedErrMsg = ErrorCodes.LDAPString(ret); if (accessDenied.Equals(returnedErrMsg, StringComparison.InvariantCultureIgnoreCase)) { returnedErrMsg = "The password could not be set for the new user object.\n\nThe the Active Directory server cannot process the request because of server-defined restrictions.\nThis error is returned for the following reasons:\n - The add entry request violates the server's structure rules.\n - The modify attribute request specifies attributes that users cannot modify.\n - Password restrictions prevent the action.\n - Connection restrictions prevent the action.\n\nLikewise Console will attempt to disable this account.\nBefore this user can log on, the password should be set and the account must be enabled."; container.ShowError(returnedErrMsg); } //returns ret=0 if adding user is successfull ret = dirContext.AddSynchronous(dn, userinfos); if (!IsDisabled) { container.ShowMessage("New User Object is added!"); } else { container.ShowMessage("New (disabled) User Object is added!"); } } else if (ret == (int)ErrorCodes.LDAPEnum.LDAP_INSUFFICIENT_RIGHTS) { string showmsg = "You do not have sufficient access rights"; container.ShowError(showmsg); } else { container.ShowError(ErrorCodes.LDAPString(ret)); } if (ret == 0) { DirectoryEntry de = new DirectoryEntry(dn, dirContext.UserName, dirContext.Password); int userCtrlInt = Convert.ToInt32(de.Properties["userAccountControl"].Value.ToString()); de.CommitChanges(); //string newUserCtrl_val = Convert.ToString(userCtrlInt - 2); //in order to disable an user, we need to add 2 to the existing userControl value //string[] userControl_values = { newUserCtrl_val, null }; LDAPMod userControl_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "userAccountControl", useraccountCtr_values); LDAPMod[] attrinfo = new LDAPMod[] { userControl_Info }; ret = dirContext.ModifySynchronous(dn, attrinfo); if (ret.ToString() == ((int)ErrorCodes.LDAPEnum.LDAP_UNWILLING_TO_PERFORM).ToString()) { //string accessDenied = "Indicates that the Active Directory server cannot process the request because of server-defined restrictions. \n This error is returned for the following reasons:\n - The add entry request violates the server's structure rules.\n - The modify attribute request specifies attributes that users cannot modify.\n - Password restrictions prevent the action.\n - Connection restrictions prevent the action."; //string returnedErrMsg = ErrorCodes.LDAPString(ret); //if (accessDenied.Equals(returnedErrMsg, StringComparison.InvariantCultureIgnoreCase)) //{ string returnedErrMsg = "The password could not be set for the new user object.\n\nThe the Active Directory server cannot process the request because of server-defined restrictions.\nThis error is returned for the following reasons:\n - The add entry request violates the server's structure rules.\n - The modify attribute request specifies attributes that users cannot modify.\n - Password restrictions prevent the action.\n - Connection restrictions prevent the action.\n\nLikewise Console will attempt to disable this account.\nBefore this user can log on, the password should be set and the account must be enabled."; container.ShowError(returnedErrMsg); } if (MustChangePWNxtLogon) { de.Properties["pwdLastSet"].Value = "0"; de.CommitChanges(); } else { de.Properties["pwdLastSet"].Value = ConvertToUnixTimestamp(DateTime.Now).ToString(); de.CommitChanges(); } dirnode.Refresh(); dirnode.IsModified = true; base.treeNode = dirnode; } } }
/// <summary> /// Helper function that saves the new group information in AD by /// defining the attributes "cn", "grouptype", "ObjectClass" as user for the new object /// Here we can say that ObjectClass,grouptype is mandatory attributes that has to be set while creating the new group /// </summary> /// <param name="dirnode"></param> /// <param name="cn"></param> /// <param name="smamAccount"></param> /// <param name="groupType"></param> /// <param name="htAttributesList"></param> /// <param name="IsObjectItem"></param> private void AddNewObj_Group(ADUCDirectoryNode dirnode,Hashtable htAttributesList,bool IsObjectItem) { if (dirnode != null) { string cn = string.Empty; DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = { "group", null }; List<LDAPMod> ldapAttrlist = new List<LDAPMod>(); if (IsObjectItem) { foreach (string key in htAttributesList.Keys) { if (key.Trim().ToLower().Equals("cn")) { cn = htAttributesList[key].ToString(); } else if (key.Trim().ToLower().Equals("objectclass")) { continue; } objectClass_values = new string[] { htAttributesList[key].ToString(), null }; LDAPMod groupinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, key, objectClass_values); ldapAttrlist.Add(groupinfo_attr1); } objectClass_values = new string[] { "group", null }; LDAPMod groupinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); ldapAttrlist.Add(groupinfo_attr); } else { LDAPMod groupinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); ldapAttrlist.Add(groupinfo_attr1); foreach (string key in htAttributesList.Keys) { if (key.Trim().ToLower().Equals("cn")) { cn = htAttributesList[key].ToString(); } objectClass_values = new string[] { htAttributesList[key].ToString(), null }; groupinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, key, objectClass_values); ldapAttrlist.Add(groupinfo_attr1); } } LDAPMod[] groupinfo = new LDAPMod[ldapAttrlist.Count]; ldapAttrlist.CopyTo(groupinfo); string dn = string.Concat(CN_PREFIX, cn, DN_SEPARATOR); string ou = dirnode.DistinguishedName; dn = string.Concat(dn, ou); //Returns ret=0 if adding group is successfull int ret = dirContext.AddSynchronous(dn, groupinfo); if (ret == 0) { container.ShowMessage("New Group Object is added!"); dirnode.Refresh(); dirnode.IsModified = true; base.treeNode = dirnode; } else if (ret == (int)ErrorCodes.LDAPEnum.LDAP_INSUFFICIENT_RIGHTS) { string showmsg = "You do not have sufficient access rights"; container.ShowError(showmsg); } else { container.ShowError(ErrorCodes.LDAPString(ret)); } } }
/// <summary> /// Helper function that saves the new computer information in AD by /// defining the attributes "cn", "ObjectClass" as computer for the new object /// Here we can say that ObjectClass is mandatory attribute that has to be set while creating the new computer /// </summary> /// <param name="dirnode"></param> /// <param name="cn"></param> /// <param name="smamAccount"></param> /// <param name="htAttributesList"></param> /// <param name="IsObjectItem"></param> private void AddNewObj_Computer(ADUCDirectoryNode dirnode, Hashtable htAttributesList, bool IsObjectItem, bool IsBackupDC,bool IsPreWindowsComp) { if (dirnode != null) { string cn = string.Empty; List<LDAPMod> ldapattrlst = new List<LDAPMod>(); DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = { "computer", null }; int ret = 0; if (IsObjectItem) { foreach (string key in htAttributesList.Keys) { if (key.Trim().ToLower().Equals("cn")) { cn = htAttributesList[key].ToString(); } else if (key.Trim().ToLower().Equals("objectclass") || key.Trim().ToLower().Equals("useraccountcontrol")) { continue; } objectClass_values = new string[] { htAttributesList[key].ToString(), null }; LDAPMod ouinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, key, objectClass_values); ldapattrlst.Add(ouinfo_attr1); } objectClass_values = new string[] { "computer", null }; LDAPMod ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); ldapattrlst.Add(ouinfo_attr); string compuserAccountControl = Convert.ToString(546); objectClass_values = new string[] { compuserAccountControl, null }; ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "userAccountControl", objectClass_values); ldapattrlst.Add(ouinfo_attr); } else { LDAPMod userinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); ldapattrlst.Add(userinfo_attr1); foreach (string key in htAttributesList.Keys) { if (key.Trim().ToLower().Equals("cn")) { cn = htAttributesList[key].ToString(); } objectClass_values = new string[] { htAttributesList[key].ToString(), null }; userinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, key, objectClass_values); ldapattrlst.Add(userinfo_attr1); } } string dn = string.Concat(CN_PREFIX, cn, DN_SEPARATOR); string ou = dirnode.DistinguishedName; dn = string.Concat(dn, ou); LDAPMod[] computerinfo = new LDAPMod[ldapattrlst.Count]; ldapattrlst.CopyTo(computerinfo); //returns ret=0 if adding computer is successfull ret = dirContext.AddSynchronous(dn, computerinfo); if (ret == 0) { container.ShowMessage("New Computer Object is added!"); dirnode.Refresh(); dirnode.IsModified = true; base.treeNode = dirnode; } else if (ret == (int)ErrorCodes.LDAPEnum.LDAP_INSUFFICIENT_RIGHTS) { string showmsg = "You do not have sufficient access rights"; container.ShowError(showmsg); } else { container.ShowError(ErrorCodes.LDAPString(ret)); } } }
private int DoDisableADObjects(ADUCDirectoryNode dirnode) { int ret = -1; if (dirnode != null && !dirnode.IsDisabled) { DirectoryContext dirContext = dirnode.LdapContext; string obj_type = dirnode.ObjectClass; //first obtain the current userAccountControl value DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", dirContext.DomainName, dirnode.DistinguishedName)); int userCtrlInt = Convert.ToInt32(de.Properties["userAccountControl"].Value.ToString()); string newUserCtrl_val = Convert.ToString(userCtrlInt + 2); //in order to disable an user, we need to add 2 to the existing userControl value string[] userControl_values = { newUserCtrl_val, null }; LDAPMod userControl_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "userAccountControl", userControl_values); LDAPMod[] attrinfo = new LDAPMod[] { userControl_Info }; ret = dirnode.LdapContext.ModifySynchronous(dirnode.DistinguishedName, attrinfo); } else { return ret; } return ret; }
private int DoAddtoGroup(ADUCDirectoryNode dirnode, string sDN, bool IsSingleObject, string group, ref List<ListViewItem> itemsList) { int ret = -1; string errorMsg = "The specified account name is already a member of the local group"; string[] groupDns = UserGroupUtils.GetGroupsforUser(dirnode); foreach (string dn in groupDns) { string aPartName = string.Empty; if (dn.Trim().ToLower().Equals(sDN.Trim().ToLower())) { if (IsSingleObject) { string sMsg = string.Format( "Object {0} cannot be added to group {1} becuase:\n " + "The specified user is already member to that group", dirnode.Text, group); container.ShowError(sMsg); return ret; } else { string[] values = new string[] { dirnode.Text, errorMsg }; ListViewItem item = new ListViewItem(values); itemsList.Add(item); return ret; } } } string AdminGroupDN = string.Concat("CN=Administrators,CN=Builtin,", dirnode.LdapContext.RootDN); if (sDN.Trim().ToLower().Equals(AdminGroupDN.Trim().ToLower())) { string userlogonName = string.Empty; DirectoryEntry de = new DirectoryEntry(dirnode.DistinguishedName); if (de != null && de.Properties["userPrincipalName"].Value != null) { userlogonName = de.Properties["userPrincipalName"].Value as string; } LUGAPI.NetAddGroupMember(dirnode.LdapContext.DomainControllerName, "Administrators", userlogonName); } else { List<string> members = new List<string>(); members = MemOfPages.GetMemberAttrofGroup(sDN, dirnode); members.Add(dirnode.DistinguishedName); string[] members_values = new string[members.Count + 1]; members.CopyTo(members_values); members_values[members.Count] = null; LDAPMod memberattr_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "member", members_values); LDAPMod[] attrinfo = new LDAPMod[] { memberattr_Info }; ret = dirnode.LdapContext.ModifySynchronous(sDN, attrinfo); } return ret; }
/// <summary> /// when adding a user to a new group, we need modify the group's "member" attribute to include this user, /// we cannot modify the user's "memberof" attribute /// </summary> /// <returns></returns> public bool OnApply() { bool retVal = true; if (IsPrimaryGroupChanged) { List<LDAPMod> attrlist = new List<LDAPMod>(); //the following portion of code uses openldap "ldap_Modify_s" string basedn = _dirnode.DistinguishedName; string[] objectClass_values = null; //first obtain the current primaryGroupID value DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}/{1}", _dirnode.LdapContext.DomainName, ChangedPrimaryGroup)); if (de.Properties["primaryGroupToken"].Value != null) { int iPrimaryGroupToken = Convert.ToInt32(de.Properties["primaryGroupToken"].Value.ToString()); objectClass_values = new string[] { iPrimaryGroupToken.ToString(), null }; LDAPMod attr_info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "primaryGroupID", objectClass_values); LDAPMod[] attrinfo = new LDAPMod[] { attr_info }; int ret = _dirnode.LdapContext.ModifySynchronous(basedn, attrinfo); Logger.Log("Modify primaryGroupID returns " + ret); if (ret == 0) { string[] Items = UserGroupUtils.splitDn(ChangedPrimaryGroup); if (!string.IsNullOrEmpty(Items[0])) { DomainUserlabel.Text = Items[0]; } } else retVal = false; } } retVal = MemOfPages.OnApply_helper(MemofDnList, AddedGroups, RemovedGroups, _dirnode, this); return retVal; }
/// <summary> /// takes a leaf node as input, perform a rename operation (delete and then add) /// </summary> /// <param name="dirnode"></param> /// <param name="newName"></param> private void DelAndAddLeaf(ADUCDirectoryNode dirnode, string newName) { int ret; LACTreeNode parentnode = dirnode.Parent == null ? treeNode as LACTreeNode : dirnode.Parent as LACTreeNode; ADUCDirectoryNode parentdirnode = parentnode as ADUCDirectoryNode; string newDn = parentdirnode.DistinguishedName; string obj_type = dirnode.ObjectClass; DirectoryContext dirContext = dirnode.LdapContext; //rename leaf user if (obj_type.Equals("top", StringComparison.InvariantCultureIgnoreCase) || obj_type.Equals("user", StringComparison.InvariantCultureIgnoreCase)) { //User } { ret = dirContext.DeleteSynchronous(dirnode.DistinguishedName); if (ret!=0) { container.ShowError(ErrorCodes.LDAPString(ret)); return; } string[] objectClass_values = { "user", null }; LDAPMod userinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); LDAPMod[] userinfo = new LDAPMod[] { userinfo_attr1 }; newDn = string.Concat(CN_PREFIX, newName, DN_SEPARATOR, newDn); ret = dirContext.AddSynchronous(newDn, userinfo); if (ret != 0) { container.ShowError(ErrorCodes.LDAPString(ret)); } } //rename leaf computer if (obj_type.Equals("computer", StringComparison.InvariantCultureIgnoreCase)) { ret = dirContext.DeleteSynchronous(dirnode.DistinguishedName); if (ret != 0) { container.ShowError(ErrorCodes.LDAPString(ret)); return; } string[] objectClass_values = { "user", null }; //need to be fixed, computer is now treated as user (person) LDAPMod userinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); LDAPMod[] userinfo = new LDAPMod[] { userinfo_attr1 }; newDn = string.Concat(CN_PREFIX, newName, DN_SEPARATOR, newDn); ret = dirContext.AddSynchronous(newDn, userinfo); if (ret != 0) { container.ShowError(ErrorCodes.LDAPString(ret)); } } //rename leaf ou if (obj_type.Equals("organizationalUnit", StringComparison.InvariantCultureIgnoreCase)) { } { ret = dirContext.DeleteSynchronous(dirnode.DistinguishedName); if (ret != 0) { container.ShowError(ErrorCodes.LDAPString(ret)); return; } string[] objectClass_values = { "organizationalUnit", null }; LDAPMod userinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); LDAPMod[] userinfo = new LDAPMod[] { userinfo_attr1 }; newDn = string.Concat(OU_PREFIX, newName, DN_SEPARATOR, newDn); ret = dirContext.AddSynchronous(newDn, userinfo); if (ret != 0) { container.ShowError(ErrorCodes.LDAPString(ret)); } } //rename a group if (obj_type.Equals("group", StringComparison.InvariantCultureIgnoreCase)) { ret = dirContext.DeleteSynchronous(dirnode.DistinguishedName); if (ret != 0) { container.ShowError(ErrorCodes.LDAPString(ret)); return; } string[] objectClass_values = { "group", null }; LDAPMod userinfo_attr1 = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); LDAPMod[] userinfo = new LDAPMod[] { userinfo_attr1 }; newDn = string.Concat(CN_PREFIX, newName, DN_SEPARATOR, newDn); ret = dirContext.AddSynchronous(newDn, userinfo); if (ret != 0) { container.ShowError(ErrorCodes.LDAPString(ret)); } } parentdirnode.Refresh(); }
private void HandleLVMember(ListViewItem lvItem, ref bool dnIsChanged, ref int ret) { string basedn = dirnode.DistinguishedName; DirectoryContext dirContext = dirnode.LdapContext; string membersConcated = lvItem.SubItems[2].Text; if (membersConcated.Equals("<Not Set>", StringComparison.InvariantCultureIgnoreCase)) { string[] members_values = { null }; LDAPMod memberattr_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "member", members_values); LDAPMod[] attrinfo = new LDAPMod[] { memberattr_Info }; ret = dirnode.LdapContext.ModifySynchronous(dirnode.DistinguishedName, attrinfo); } else { string[] members = membersConcated.Split(';'); string[] members_values = new string[members.Length + 1]; int i = 0; foreach (string member in members) { members_values[i] = member; i++; } members_values[i] = null; LDAPMod memberattr_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "member", members_values); LDAPMod[] attrinfo = new LDAPMod[] { memberattr_Info }; ret = dirnode.LdapContext.ModifySynchronous(dirnode.DistinguishedName, attrinfo); } }
public bool OnApply() { List<LDAPMod> attrlist = new List<LDAPMod>(); LDAPMod attr = null; DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = null; string street = txtStreet.Text.Trim(); if (street.Contains("\n")) { street = street.Replace("\n", "\r\n"); } objectClass_values = street == string.Empty ? new string[] { null } : new string[] { street, null }; attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "streetAddress", objectClass_values); if (bMultiUserSelected && chkStreet.Checked) { attrlist.Add(attr); } else if (!bMultiUserSelected && !String.IsNullOrEmpty(txtStreet.Text.Trim())) { attrlist.Add(attr); } objectClass_values = txtPOBox.Text.Trim() == string.Empty ? new string[] { null } : new string[] { txtPOBox.Text.Trim(), null }; attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "postOfficeBox", objectClass_values); if (bMultiUserSelected && chkPO.Checked) { attrlist.Add(attr); } else if (!bMultiUserSelected && !String.IsNullOrEmpty(txtPOBox.Text.Trim())) { attrlist.Add(attr); } objectClass_values = txtCity.Text.Trim() == string.Empty ? new string[] { null } : new string[] { txtCity.Text.Trim(), null }; attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "l", objectClass_values); if (bMultiUserSelected && chkCity.Checked) { attrlist.Add(attr); } else if (!bMultiUserSelected && !String.IsNullOrEmpty(txtCity.Text.Trim())) { attrlist.Add(attr); } objectClass_values = txtState.Text.Trim() == string.Empty ? new string[] { null } : new string[] { txtState.Text.Trim(), null }; attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "st", objectClass_values); if (bMultiUserSelected && chkState.Checked) { attrlist.Add(attr); } else if (!bMultiUserSelected && !String.IsNullOrEmpty(txtState.Text.Trim())) { attrlist.Add(attr); } objectClass_values = txtZip.Text.Trim() == string.Empty ? new string[] { null } : new string[] { txtZip.Text.Trim(), null }; attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "postalCode", objectClass_values); if (bMultiUserSelected && chkZip.Checked) { attrlist.Add(attr); } else if (!bMultiUserSelected && !String.IsNullOrEmpty(txtZip.Text.Trim())) { attrlist.Add(attr); } objectClass_values = cbCountry.Text.Trim() == string.Empty ? new string[] { null } : new string[] { cbCountry.Text.Trim(), null }; attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "co", objectClass_values); if (bMultiUserSelected && chkCountry.Checked) { attrlist.Add(attr); } else if (!bMultiUserSelected && !String.IsNullOrEmpty(cbCountry.Text.Trim())) { attrlist.Add(attr); } SetControlStatus(); LDAPMod[] attrArry = attrlist.ToArray(); int ret = -1; if (attrArry != null && attrArry.Length != 0) { List<object> dirnodes = new List<object>(); if (parentDlg is MultiItemPropertiesDlg) { MPContainer _MultiItemPropertiesDlg = parentDlg as MPContainer; dirnodes = _MultiItemPropertiesDlg.ObjectCounts; } else { MPContainer _ADUserPropertiesDlg = parentDlg as MPContainer; dirnodes = _ADUserPropertiesDlg.ObjectCounts; } foreach (ADUCDirectoryNode dn in dirnodes) { if (dn != null) { ret = dirContext.ModifySynchronous(dn.DistinguishedName, attrArry); } if (ret != 0) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowError(sMsg); return false; } } } return true; }
/// <summary> /// Modifies the specified attributes for the selected AD Object either "user" to AD Schema template /// </summary> /// <returns></returns> public bool OnApply() { if (rbConnect.Checked) { string Connect = txtConnect.Text.Trim(); bool IsValid = true; if (String.IsNullOrEmpty(Connect) || Connect.Length < 3) { IsValid = false; } else if (Connect.Length == 3 && Connect.IndexOf(@"\\") == 0) { MessageBox.Show(this, "The home folder could not be created because: The filename, directory name, or valume" + "label syntax is incorrect", CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } else { string[] Slashsplits = Connect.Substring(2).Split('\\'); if (String.IsNullOrEmpty(Connect) || Slashsplits.Length != 2 || txtConnect.Text.Trim().IndexOf(@"\\") != 0 || Connect.EndsWith(@"\")) { IsValid = false; } } if (!IsValid) { MessageBox.Show(this, "The specified path is not valid. Enter a valid network server path using the form:\n\\\\server\\share\\folder", CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } } List<LDAPMod> ldapAttrlist = new List<LDAPMod>(); List<LDAPMod> attrlist = new List<LDAPMod>(); if (dirnode == null || String.IsNullOrEmpty(dirnode.DistinguishedName) || dirnode.LdapContext == null) { return true; } //the following portion of code uses openldap "ldap_Modify_s" string basedn = dirnode.DistinguishedName; DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = null; if (txtProfilePath.Text.Trim().Length > 0) { objectClass_values = new string[] { txtProfilePath.Text.Trim(), null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "profilePath", objectClass_values); attrlist.Add(attr); } if (txtLogonScript.Text.Trim().Length > 0) { objectClass_values = new string[] { txtLogonScript.Text.Trim(), null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "scriptPath", objectClass_values); attrlist.Add(attr); } if (rbConnect.Checked) { if (txtConnect.Text.Trim().Length > 0) { objectClass_values = new string[] { txtConnect.Text.Trim(), null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "homeDirectory", objectClass_values); attrlist.Add(attr); } if (cbDrive.SelectedItem != null) { objectClass_values = new string[] { cbDrive.SelectedItem.ToString(), null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "homeDrive", objectClass_values); attrlist.Add(attr); } } else { if (txtLocalPath.Text.Trim().Length > 0) { objectClass_values = new string[] { txtLocalPath.Text.Trim(), null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "homeDirectory", objectClass_values); attrlist.Add(attr); } } LDAPMod[] attrArry = attrlist.ToArray(); int ret = -1; if (attrArry != null && attrArry.Length != 0) { ret = dirContext.ModifySynchronous(basedn, attrArry); } else { return true; } if (ret != 0) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowError(sMsg); return false; } else { if (rbConnect.Checked) { string sMsg = string.Empty; if (!bIsOpened) { sMsg = string.Format("The {0} home folder was not created because the path was not found. This could be caused by listing\n" + "non-existent intermediate folders or by not finding the server or share. The user account has been updated" + "with the new home folder value but you must create the folder manually", txtConnect.Text.Trim()); bIsOpened = true; } else { sMsg = "The home folder could not be created becuase: The network location cannot be reached." + "\nFor information about network troubleshooting, see the google map"; } MessageBox.Show(this, sMsg, CommonResources.GetString("Caption_Console"), MessageBoxButtons.OK, MessageBoxIcon.Exclamation); } } return true; }
/// <summary> /// Modifies the specified attributes for the selected group in AD schema template /// </summary> /// <returns></returns> public bool OnApply() { bool retVal = true; if (!compareLists(ModifiedObjects, OriginalObjects)) { string AdminGroupDN = string.Concat("CN=Administrators,CN=Builtin,", _dirnode.LdapContext.RootDN); if (ModifiedObjects.Contains(AdminGroupDN.ToLower())) { string userlogonName = string.Empty; DirectoryEntry de = new DirectoryEntry(_dirnode.DistinguishedName, _dirnode.LdapContext.UserName, _dirnode.LdapContext.Password); if (de != null && de.Properties["sAMAccountName"].Value != null) { userlogonName = de.Properties["sAMAccountName"].Value as string; } LUGAPI.NetAddGroupMember(_dirnode.LdapContext.DomainControllerName, "Administrators", userlogonName); ModifiedObjects.Remove(AdminGroupDN.ToLower()); } string[] members_values = new string[ModifiedObjects.Count + 1]; if (ModifiedObjects.Count > 0) { ModifiedObjects.CopyTo(members_values); } members_values[ModifiedObjects.Count] = null; LDAPMod memberattr_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "member", members_values); LDAPMod[] attrinfo = new LDAPMod[] { memberattr_Info }; if (_dirnode != null) { int ret = _dirnode.LdapContext.ModifySynchronous(_dirnode.DistinguishedName, attrinfo); if (ret == 0) { container.ShowMessage("Group Memerbers have been modified successfully!"); retVal = true; } else { string sMsg = ErrorCodes.LDAPString(ret); container.ShowError(sMsg); retVal = false; } } } return retVal; }
/// <summary> /// Modifies the specified attributes for the selected AD Object either "user" to AD Schema template /// </summary> /// <returns></returns> public bool OnApply() { if (checkBox.Checked) { List<LDAPMod> ldapAttrlist = new List<LDAPMod>(); List<LDAPMod> attrlist = new List<LDAPMod>(); //the following portion of code uses openldap "ldap_Modify_s" DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = null; objectClass_values = txtDescription.Text.Trim() == string.Empty ? new string[] { null } : new string[] { txtDescription.Text.Trim(), null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "description", objectClass_values); attrlist.Add(attr); LDAPMod[] attrArry = attrlist.ToArray(); int ret = -1; if (attrArry != null && attrArry.Length != 0) { foreach (ADUCDirectoryNode dn in this.parentDlg.ObjectCounts) { if (dn != null) { ret = dirContext.ModifySynchronous(dn.DistinguishedName, attrArry); } if (ret != 0) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowError(sMsg); return false; } } } else { return true; } checkBox.Checked = false; } return true; }
/// <summary> /// Modifies the specified attributes for the selected AD Object either "user" to AD Schema template /// </summary> /// <returns></returns> public bool OnApply() { List<LDAPMod> attrlist = new List<LDAPMod>(); //the following portion of code uses openldap "ldap_Modify_s" string basedn = dirnode.DistinguishedName; DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = null; if (_editObject.Description != "" && !(_editObject.Description.Equals(_originalObject.Description))) { objectClass_values = new string[] { _editObject.Description, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "description", objectClass_values); attrlist.Add(attr); } if (_editObject.Street != "" && !(_editObject.Street.Equals(_originalObject.Street))) { objectClass_values = new string[] { _editObject.Street, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "street", objectClass_values); attrlist.Add(attr); } if (_editObject.City != "" && !(_editObject.City.Equals(_originalObject.City))) { objectClass_values = new string[] { _editObject.City, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "l", objectClass_values); attrlist.Add(attr); } if (_editObject.State != "" && !(_editObject.State.Equals(_originalObject.State))) { objectClass_values = new string[] { _editObject.State, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "st", objectClass_values); attrlist.Add(attr); } if (_editObject.PostalCode != "" && !(_editObject.PostalCode.Equals(_originalObject.PostalCode))) { objectClass_values = new string[] { _editObject.PostalCode, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "postalCode", objectClass_values); attrlist.Add(attr); } if (_editObject.Country != "" && !(_editObject.Country.Equals(_originalObject.Country))) { objectClass_values = new string[] { _editObject.Country, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "co", objectClass_values); attrlist.Add(attr); } LDAPMod[] attrArry = attrlist.ToArray(); int ret = -1; if (attrArry != null && attrArry.Length != 0) { ret = dirContext.ModifySynchronous(basedn, attrArry); } else { return true; } if (ret != 0) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowError(sMsg); return false; } UpdateOriginalData(); return true; }
/// <summary> /// Modifies the specified attributes for the selected AD Object either "user" to AD Schema template /// </summary> /// <returns></returns> public bool OnApply() { List<LDAPMod> ldapAttrlist = new List<LDAPMod>(); List<LDAPMod> attrlist = new List<LDAPMod>(); if (dirnode == null || String.IsNullOrEmpty(dirnode.DistinguishedName) || dirnode.LdapContext == null) { return true; } //the following portion of code uses openldap "ldap_Modify_s" string basedn = dirnode.DistinguishedName; DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = null; if (_editObject.FirstName != "" && !(_editObject.FirstName.Equals(_originalObject.FirstName))) { objectClass_values = new string[] { _editObject.FirstName, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "givenName", objectClass_values); attrlist.Add(attr); } if (_editObject.Initails != "" && !(_editObject.Initails.Equals(_originalObject.Initails))) { objectClass_values = new string[] { _editObject.Initails, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "initials", objectClass_values); attrlist.Add(attr); } if (_editObject.LastName != "" && !(_editObject.LastName.Equals(_originalObject.LastName))) { objectClass_values = new string[] { _editObject.LastName, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "sn", objectClass_values); attrlist.Add(attr); } if (_editObject.Description != "" && !(_editObject.Description.Equals(_originalObject.Description))) { objectClass_values = new string[] { _editObject.Description, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "description", objectClass_values); attrlist.Add(attr); } if (_editObject.DisplayName != "" && !(_editObject.DisplayName.Equals(_originalObject.DisplayName))) { objectClass_values = new string[] { _editObject.DisplayName, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "displayName", objectClass_values); attrlist.Add(attr); } if (_editObject.Office != "" && !(_editObject.Office.Equals(_originalObject.Office))) { objectClass_values = new string[] { _editObject.Office, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "physicalDeliveryOfficeName", objectClass_values); attrlist.Add(attr); } if (_editObject.Email != "" && !(_editObject.Email.Equals(_originalObject.Email))) { objectClass_values = new string[] { _editObject.Email, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "mail", objectClass_values); attrlist.Add(attr); } if (_editObject.WebPage != "" && !(_editObject.WebPage.Equals(_originalObject.WebPage))) { objectClass_values = new string[] { _editObject.WebPage, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "wWWHomePage", objectClass_values); attrlist.Add(attr); } if (_editObject.TelephoneNumber != "" && !(_editObject.TelephoneNumber.Equals(_originalObject.TelephoneNumber))) { objectClass_values = new string[] { _editObject.TelephoneNumber, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "telephoneNumber", objectClass_values); attrlist.Add(attr); } if (_editObject.TelephoneNumberOther != "" && !(_editObject.TelephoneNumberOther.Equals(_originalObject.TelephoneNumberOther))) { _editObject.TelephoneNumberOther += ";"; string[] split = _editObject.TelephoneNumberOther.Split(';'); split[split.Length - 1] = null; objectClass_values = split; LDAPMod TelephoneNumberOther = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "otherTelephone", objectClass_values); ldapAttrlist.Add(TelephoneNumberOther); attrlist.Add(TelephoneNumberOther); } if (_editObject.WebPageOther != "" && !(_editObject.WebPageOther.Equals(_originalObject.WebPageOther))) { objectClass_values = new string[] { _editObject.WebPageOther, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "url", objectClass_values); attrlist.Add(attr); } LDAPMod[] attrArry = attrlist.ToArray(); int ret = -1; if (attrArry != null && attrArry.Length != 0) { ret = dirContext.ModifySynchronous(basedn, attrArry); } else { return true; } if (ret !=0) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowError(sMsg); return false; } UpdateOriginalData(); return true; }
public int ModifySynchronous(string distinguishedName, LDAPMod[] userinfo) { int ret = 0; lock (lockThis_modSyn) { ret = _ldapHandle.Ldap_Modify_S(distinguishedName, userinfo); } return ret; }
private void lvDomainOUs_MouseUp(object sender, MouseEventArgs e) { ListView lvSender = sender as ListView; if (lvSender != null && e.Button == MouseButtons.Right) { ListViewHitTestInfo hti = lvSender.HitTest(e.X, e.Y); if (hti != null && hti.Item != null) { ListViewItem lvItem = hti.Item; ContextMenu menu = null; if (!lvItem.Selected) { lvItem.Selected = true; } if (lvItem.Tag != null) { DirectoryEntry de = new DirectoryEntry(lvItem.Tag as string); if (de != null) { object[] asProp = de.Properties["objectClass"].Value as object[]; if (asProp != null) { List<string> liClasses = new List<string>(); foreach (string s in asProp) liClasses.Add(s); if (liClasses.Contains("groupPolicyContainer")) menu = GetListViewMouseUpContextMenu(lvItem.Tag as string); } } } if (menu != null) { menu.Show(lvSender, new Point(e.X, e.Y)); } else { Logger.Log( "ObjectsListPage::lvDomainOUs_MouseUp, menu == null", Logger.manageLogLevel); } } } else if (lvSender != null && e.Button == MouseButtons.Left) { if (bIsLabelEdited && lvDomainOUs.Items.Count != 0) { if (lvDomainOUs.Items[lvDomainOUs.Items.Count - 1].Text.Trim().Equals(string.Empty)) lvDomainOUs.Items[lvDomainOUs.Items.Count - 1].Text = "New Group Policy Object"; sNewGPODN = lvDomainOUs.Items[lvDomainOUs.Items.Count - 1].Text; if (!AddNewGPO(sNewGPODN, true)) { lvDomainOUs.Items.RemoveAt(lvDomainOUs.Items.Count - 1); return; } bIsLabelEdited = false; if (lvDomainOUs.SelectedItems.Count == 0) return; ListViewItem selectedItem = lvDomainOUs.SelectedItems[0]; sDistinguishedName = selectedItem.Tag as string; sGPODisplayName = selectedItem.Text; btnOk.Enabled = true; } else if (bIsRenameEdited && lvDomainOUs.Items.Count != 0) { if (lvDomainOUs.SelectedItems.Count == 0) return; if (lvDomainOUs.SelectedItems[0].Text.Trim().Equals(string.Empty)) { lvDomainOUs.SelectedItems[0].Text = sGPODisplayName; return; } string rename = lvDomainOUs.SelectedItems[0].Text; bIsRenameEdited = false; ListViewItem selectedItem = lvDomainOUs.SelectedItems[0]; sDistinguishedName = selectedItem.Tag as string; sGPODisplayName = selectedItem.Text; string[] displayname_values = new string[] { rename, null }; LDAPMod displayname_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "displayName", displayname_values); LDAPMod[] attrinfo = new LDAPMod[] { displayname_Info }; int ret = dirContext.ModifySynchronous(sDistinguishedName, attrinfo); btnOk.Enabled = true; } } }
public static int AddNewObj(Likewise.LMC.LDAP.DirectoryContext dirContext, string choosenclass, string nodeDN) { if (dirContext != null) { LDAPMod[] info = new LDAPMod[1]; string[] objectClass_values = new string[] { choosenclass, null }; info[0] = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "ObjectClass", objectClass_values); return dirContext.AddSynchronous(nodeDN, info); } return -1; }
public bool AddNewGPO(string DN, bool bIsLinkable) { string baseDn = "CN=Policies,CN=System,"; baseDn = string.Concat(baseDn, dirContext.RootDN); List<LDAPMod> listattr = new List<LDAPMod>(); Guid guid = Guid.NewGuid(); string[] attr_values = { "groupPolicyContainer", null }; LDAPMod ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "objectClass", attr_values); listattr.Add(ouinfo_attr); attr_values = new string[] { DN, null }; ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "displayName", attr_values); listattr.Add(ouinfo_attr); attr_values = new string[] { "0", null }; ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "flags", attr_values); listattr.Add(ouinfo_attr); attr_values = new string[] { "2", null }; ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "gPCFunctionalityVersion", attr_values); listattr.Add(ouinfo_attr); attr_values = new string[] { "0", null }; ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "versionNumber", attr_values); listattr.Add(ouinfo_attr); string gPCFileSysPath = @"\\" + dirContext.DomainName + @"\SysVol\" + dirContext.DomainName + @"\Policies\" + "{" + guid.ToString().ToUpper() + "}"; attr_values = new string[] { gPCFileSysPath, null }; ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "gPCFileSysPath", attr_values); listattr.Add(ouinfo_attr); string ldapDN = "CN={" + guid.ToString() + "}," + baseDn; if (bIsLinkable) { lvDomainOUs.Items[lvDomainOUs.Items.Count - 1].Tag = ldapDN; } else { lvGPOs.Items[lvGPOs.Items.Count - 1].Tag = ldapDN; } LDAPMod[] gpoinfo = new LDAPMod[listattr.Count]; listattr.CopyTo(gpoinfo); //Returns the ret=0 if adding new GPO is successfull int ret = dirContext.AddSynchronous(ldapDN.ToUpper(), gpoinfo); if (ret == 0) { int length = CommonResources.GetString("Caption_Console").Length + 24; string msgToDisplay = "New Group Policy Object is added!"; if (length > msgToDisplay.Length) { msgToDisplay = msgToDisplay.PadRight(length - msgToDisplay.Length, '�'); } container.ShowMessage(msgToDisplay); //call of CreateGPOFolderInSysVol() function to make Folder generation in SysVol CreateGPOFolderInSysVol(guid.ToString().ToUpper(), DN); listattr.Clear(); string machineDN = string.Concat("CN=Machine,", ldapDN.ToUpper()); attr_values = new string[] { "container", null }; ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "objectClass", attr_values); listattr.Add(ouinfo_attr); gpoinfo = new LDAPMod[listattr.Count]; listattr.CopyTo(gpoinfo); //Returns the ret=0 if adding new Machine is successfull ret = dirContext.AddSynchronous(machineDN, gpoinfo); listattr.Clear(); string UserDN = string.Concat("CN=User,", ldapDN.ToUpper()); attr_values = new string[] { "container", null }; ouinfo_attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_ADD, "objectClass", attr_values); listattr.Add(ouinfo_attr); gpoinfo = new LDAPMod[listattr.Count]; listattr.CopyTo(gpoinfo); //Returns the ret=0 if adding new User is successfull ret = dirContext.AddSynchronous(UserDN, gpoinfo); #region Linking to slected OU if (bIsLinkable) { DirectoryEntry rootDE = new DirectoryEntry(sParentDN); if (rootDE != null) { Dictionary<string, string> gpoLinksList = new Dictionary<string, string>(); string gpLinkEntries = null; if (rootDE.Properties["gpLink"].Value != null) gpLinkEntries = rootDE.Properties["gpLink"].Value.ToString(); if (gpLinkEntries != null) { string[] gplinkTokens = gpLinkEntries.Split(']'); foreach (string gpLink in gplinkTokens) { if (gpLink.Trim().Length == 0) continue; string gpoLink = gpLink.Substring(1, gpLink.IndexOf(';') - 1); gpoLinksList.Add(gpoLink.Trim().ToLower(), gpLink + "]"); } } if (!gpoLinksList.ContainsKey(ldapDN.Trim().ToLower())) { string newgpoLink = "[LDAP://" + ldapDN.ToUpper() + ";1]"; gpoLinksList.Add(ldapDN, newgpoLink); } if (gpoLinksList.Count != 0) { string gpLink_Value = ""; foreach (string key in gpoLinksList.Keys) gpLink_Value += gpoLinksList[key]; string[] gpLink_Values = new string[] { gpLink_Value, null }; LDAPMod gpLink_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "gpLink", gpLink_Values); LDAPMod[] attrinfo = new LDAPMod[] { gpLink_Info }; ret = dirContext.ModifySynchronous(sParentDN, attrinfo); if (ret == 0) { container.ShowMessage("Linked GPO object successful"); return true; } else { string sMsg = ErrorCodes.LDAPString(ret); container.ShowMessage(sMsg); return false; } } } } #endregion } else { container.ShowMessage(Utilities.ErrorCodes.LDAPString(ret)); } return true; }
public static int ModifyProperty(Likewise.LMC.LDAP.DirectoryContext dirContext, string nodeDN, string propertyName, PropertyValueCollection propertyValue) { List<object> valueObjects = propertyValue.ValueCollection; string[] values; if (valueObjects == null || valueObjects.Count == 0) values = new string[] { null }; else if (valueObjects.Count == 1) { values = new string[] { ParsingValueObj(valueObjects[0]), null }; //Console.WriteLine("In SDSUtils::modifyPropertyvalue is " + ParsingValueObj(valueObjects[0])); } else { values = new string[valueObjects.Count + 1]; int i; for (i = 0; i < valueObjects.Count; i++) { values[i] = ParsingValueObj(valueObjects[i]); //Console.WriteLine("In SDSUtils::modifyPropertyvalue " + i + "is " + values[i]); } values[i] = null; } LDAPMod[] attrinfo = new LDAPMod[] { new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, propertyName, values) }; return dirContext.ModifySynchronous(nodeDN, attrinfo); }
private void DeleteGPOLink(string DistinguishedName) { List<string> attrValues = new List<string>(); DirectoryEntry parentDE = new DirectoryEntry(sParentDN); if (parentDE != null) { string gpLinkEntries = null; string[] gplinkTokens = null; if (parentDE.Properties["gpLink"].Value != null) gpLinkEntries = parentDE.Properties["gpLink"].Value.ToString(); if (gpLinkEntries != null) gplinkTokens = gpLinkEntries.Split(']'); if (gplinkTokens == null) return; foreach (string gpLink in gplinkTokens) { if (gpLink.Trim().Length == 0) continue; string gpoLink = gpLink.Substring(1, gpLink.IndexOf(';') - 1); gpoLink = gpoLink.Substring(gpoLink.LastIndexOf('/') + 1); if (!gpoLink.Trim().Equals(DistinguishedName, StringComparison.InvariantCultureIgnoreCase)) attrValues.Add(gpLink + "]"); } string gpLink_Value = ""; foreach (string value in attrValues) { gpLink_Value += value; } string[] gpLink_values = null; if (String.IsNullOrEmpty(gpLink_Value)) { gpLink_values = new string[] { null }; } else { gpLink_values = new string[] { gpLink_Value, null }; } LDAPMod gpLink_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "gpLink", gpLink_values); LDAPMod[] attrinfo = new LDAPMod[] { gpLink_Info }; int ret = dirContext.ModifySynchronous(sParentDN, attrinfo); if (ret == 0) { ListOUChildren(sParentDN); RefreshlvItems(); } else { string sMsg = ErrorCodes.LDAPString(ret); container.ShowMessage(sMsg); return; } } }
/// <summary> /// Modifies the specified attributes for the selected AD Object either "user" to AD Schema template /// </summary> /// <returns></returns> public bool OnApply() { List<LDAPMod> attrlist = new List<LDAPMod>(); //the following portion of code uses openldap "ldap_Modify_s" string basedn = dirnode.DistinguishedName; DirectoryContext dirContext = dirnode.LdapContext; string[] objectClass_values = null; if (!(_editObject.Description.Equals(_originalObject.Description))) { if (String.IsNullOrEmpty(_editObject.Description)) objectClass_values = new string[] { null }; else objectClass_values = new string[] { _editObject.Description, null }; LDAPMod attr = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "description", objectClass_values); attrlist.Add(attr); } if (!_editObject.DelegateTrust.Equals(_originalObject.DelegateTrust)) { int userCtrlBinStr = _editObject.UserCtrlBinStr; if (_editObject.DelegateTrust) { userCtrlBinStr += 524288; } else { userCtrlBinStr -= 524288; } string[] userControl_values = { userCtrlBinStr.ToString(), null }; LDAPMod userControl_Info = new LDAPMod((int)LDAPMod.mod_ops.LDAP_MOD_REPLACE, "userAccountControl", userControl_values); attrlist.Add(userControl_Info); } LDAPMod[] attrArry = attrlist.ToArray(); int ret = -1; if (attrArry != null && attrArry.Length != 0) { ret = dirContext.ModifySynchronous(basedn, attrArry); } else { return true; } if (ret != 0) { string sMsg = ErrorCodes.LDAPString(ret); container.ShowMessage(sMsg); return false; } UpdateOriginalData(); return true; }