protected override void SetPropertyValue(IOguObject srcOguObject, string srcPropertyName, DirectoryEntry entry, string targetPropertyName, string context, SetterContext setterContext) { entry.InvokeSet(targetPropertyName, new object[] { SynchronizeHelper.GetADAccountExpiresDate(srcOguObject.Properties[srcPropertyName]) }); TraceItHere(srcOguObject.ObjectType.ToString(), srcPropertyName, entry.Name, targetPropertyName, context, srcOguObject.Properties[srcPropertyName].ToString(), SynchronizeHelper.GetADAccountExpiresDate(srcOguObject.Properties[srcPropertyName]).ToLongTimeString()); }
public IEnumerator <ADObjectWrapper> GetEnumerator() { int batchSize = 500; var context = SynchronizeContext.Current; var neededProperties = this.propertiesToGet ?? SynchronizeHelper.GetNeededProperties(ADSchemaType.Users); IEnumerable <SearchResult> aBatch; for (int i = 0; i < source.Count / batchSize; i++) { aBatch = GetBatchData(i * batchSize, batchSize, context, neededProperties); foreach (var item in aBatch) { yield return(CreateADObjectWrapper(item, neededProperties, context)); } } aBatch = GetBatchData(source.Count / batchSize * batchSize, source.Count % batchSize, context, neededProperties); foreach (var item in aBatch) { yield return(CreateADObjectWrapper(item, neededProperties, context)); } }
private static bool IsChildrenModified(IOguObject oguObject, ADObjectWrapper targetObject) { ADHelper adHelper = SynchronizeContext.Current.ADHelper; SearchResult result = SynchronizeHelper.GetSearchResultByDN(adHelper, targetObject.DN, ADSchemaType.Groups); //当前肯定有改组存在 ResultPropertyValueCollection adMembers = result.Properties["member"]; IUser[] oguUsers = ((IGroup)oguObject).Members.Where(u => u.FullPath.StartsWith(SynchronizeContext.Current.StartPath) && u.IsSideline == false).ToArray(); if (adMembers.Count != oguUsers.Count()) { return(true); } foreach (var memberDN in adMembers) { bool exists = false; for (int i = oguUsers.Length - 1; i >= 0; i--) { if (SynchronizeHelper.AppendNamingContext(SynchronizeHelper.GetOguObjectDN(oguUsers[i])) == memberDN.ToString()) { exists = true; break; } } if (exists == false) { return(true); } } return(false); }
private static void ModifyBatchGroups(KeyedOguObjectCollection groups, int startIndex, int batchSize, SynchronizeContext context) { //Key是AD Guid,Value是Ogu ID Dictionary <string, string> adToOguMapping = GetADToOguMappingFromGroups(groups, startIndex, batchSize, context); string[] propertiesToGet = { "objectguid", "member" }; IEnumerable <SearchResult> adGroups = SynchronizeHelper.GetSearchResultsByIDs(context.ADHelper, adToOguMapping.Keys, propertiesToGet, batchSize); foreach (SearchResult adGroup in adGroups) { SynchronizeContext.Current.ExtendLockTime(); string guid = AttributeHelper.Hex((byte[])adGroup.Properties["objectguid"][0]); ADGroupMemberCollection adGroupMembers = new ADGroupMemberCollection(adGroup.Properties["member"], new string[] { "objectGUID" }); Dictionary <string, ADObjectWrapper> adMemberDict = adGroupMembers.ToDictionary(o => o.NativeGuid); IGroup oguGroup = (IGroup)groups[adToOguMapping[guid]]; if (IsSameMembers(oguGroup.Members, adMemberDict) == false) { SyncGroupMembers(oguGroup, adGroup, context); } } }
private static void MoveItemToNewPath(IOguObject oguObject, DirectoryEntry targetObject) { ADHelper adHelper = SynchronizeContext.Current.ADHelper; IDMapping mapping = null; var oguParent = oguObject.Parent; if (oguParent != null) { mapping = SynchronizeContext.Current.IDMapper.GetAdObjectMapping(oguParent.ID, false); } if (mapping != null) { using (var adEntry = SynchronizeHelper.GetDirectoryEntryByID(SynchronizeContext.Current.ADHelper, mapping.ADObjectGuid)) { if (adEntry != null) { try { targetObject.MoveTo(adEntry); } catch (DirectoryServicesCOMException comEx) { switch (comEx.ErrorCode) { case -2147019886: //重名 SynchronizeHelper.SolveConflictAboutMove(oguObject, targetObject, adEntry); break; case -2147016656: Trace.WriteLine("修改对象属性后,移动对象说对象不存在??被移动的对象:" + oguObject.Name); throw; default: throw; } } } } } else { var parentDn = SynchronizeHelper.GetParentObjectDN(oguObject); Trace.WriteLine("不可靠的方法被执行,目标不存在时,靠DN来延迟移动。Careful !"); // 父对象还不存在,这可能是被重命名了 //SynchronizeContext.Current.DelayActions.Add(new DelayMoveToAction(oguObject, parentDn, targetObject.Guid)); // 没有这种可能性 var context = SynchronizeContext.Current; context.ExceptionCount++; LogHelper.WriteSynchronizeDBLogDetail(SynchronizeContext.Current.SynchronizeID, "移动对象", oguObject.ID, oguObject.Name, context.ADHelper.GetPropertyStrValue("objectGuid", targetObject), context.ADHelper.GetPropertyStrValue("distinguishedName", targetObject), string.Format("父对象:{0}无映射,无法移动。", parentDn)); } }
private static void AddADObject(ModifiedItem item) { var oguObject = item.OguObjectData; string[] rdns = SynchronizeHelper.GetOguObjectRdns(oguObject); string parentDN = string.Join(",", rdns, 1, rdns.Length - 1); ADHelper adHelper = SynchronizeContext.Current.ADHelper; using (DirectoryEntry parentEntry = parentDN.IsNullOrEmpty() ? adHelper.GetRootEntry() : adHelper.NewEntry(parentDN)) { parentEntry.ForceBound(); using (DirectoryEntry newEntry = WhatEverNewEntry(oguObject, parentEntry)) { ObjectSetterHelper.Convert(ObjectModifyType.Add, oguObject, newEntry); //item.ADObjectData = SynchronizeHelper.GetSearchResultByID(newEntry.NativeGuid, newEntry.ToADSchemaType()).ToADOjectWrapper(); if (SynchronizeContext.Current.IDMapper.NewIDMappingDictionary.ContainsKey(oguObject.ID) && SynchronizeContext.Current.IDMapper.NewIDMappingDictionary[oguObject.ID] == null) { SynchronizeContext.Current.IDMapper.NewIDMappingDictionary[oguObject.ID] = new IDMapping() { SCObjectID = oguObject.ID, ADObjectGuid = newEntry.NativeGuid, LastSynchronizedVersionTime = (DateTime)oguObject.Properties["VERSION_START_TIME"] }; } } } }
public static void WithDirectoryEntry(ADHelper adHelper, string nativeID, Action <DirectoryEntry> success, Action fail) { var result = SynchronizeHelper.GetSearchResultByID(adHelper, nativeID); if (result != null) { using (DirectoryEntry ent = result.GetDirectoryEntry()) { if (ent != null) { if (success != null) { success(ent); } } else { if (fail != null) { fail(); } } } } else { if (fail != null) { fail(); } } }
private void ProcessOrganization(IOrganization organization, ADObjectWrapper adObject) { SynchronizeContext.Current.ExtendLockTime(); IList <IOrganization> allOrganizationChildren = GetObjectDetailInfo <IOrganization>(organization.Children); SynchronizeContext.Current.ExtendLockTime(); IList <IUser> allUserChildren = GetUserDetailInfo(organization.Children); SynchronizeContext.Current.ExtendLockTime(); IList <IGroup> allGroupChildren = GetObjectDetailInfo <IGroup>(organization.Children); //如果AD中有对应的组织 if (adObject != null) { //在AD中找对应的子对象 List <ADObjectWrapper> allADChildren = SynchronizeHelper.SearchChildren(adObject); Trace.WriteLine("检查AD中的子项,共" + allADChildren.Count + "项"); foreach (ADObjectWrapper child in allADChildren) { SynchronizeContext.Current.ExtendLockTime(); if (child.Properties.Contains("displayNamePrintable")) { //肯定是群组了 if (SynchronizeHelper.PermissionCenterInvolved.Equals(child.Properties["displayNamePrintable"])) { IOguObject subObj = OguObjectFinder.Find(child, organization.Children); if (subObj == null) { //在权限中心的组织下没有找到则删除项 SynchronizeContext.Current.PrepareAndAddDeletedItem(subObj, child, ObjectModifyType.Delete); Trace.WriteLineIf(subObj == null, "无对应AD对象 " + child.DN + "的OGU对象,加入删除列表"); } } } else { IOguObject subObj = OguObjectFinder.Find(child, organization.Children); if (subObj == null) { //在权限中心的组织下没有找到则删除项 SynchronizeContext.Current.PrepareAndAddDeletedItem(subObj, child, ObjectModifyType.Delete); Trace.WriteLineIf(subObj == null, "无对应AD对象 " + child.DN + "的OGU对象,加入删除列表"); } } } } allUserChildren.ForEach(child => RecursiveProcess(child)); allGroupChildren.ForEach(child => RecursiveProcess(child)); allOrganizationChildren.ForEach(child => RecursiveProcess(child)); }
/// <summary> /// 获取对象RDN的数组,数组最开始为对象RDN /// </summary> /// <param name="oguObject"></param> /// <returns></returns> public static string[] GetOguObjectRdns(IOguObject oguObject) { if (SynchronizeContext.Current.IsIncluded(oguObject) == false) { throw new InvalidOperationException("对象不在同步范围中"); } string relativePath = SynchronizeHelper.GetRelativePath(oguObject); if (relativePath.Length > 0) { string[] paths = relativePath.Split('\\'); if (paths.Length > 0) { paths[0] = SynchronizeContext.Current.GetMappedName(paths[0]); // 一级目录 switch (oguObject.ObjectType) { case SchemaType.Organizations: for (int i = paths.Length - 1; i > 0; i--) { paths[i] = "OU=" + ADHelper.EscapeString(paths[i]); } break; case SchemaType.Users: case SchemaType.Groups: paths[paths.Length - 1] = "CN=" + ADHelper.EscapeString(paths[paths.Length - 1]); for (int i = paths.Length - 2; i > 0; i--) { paths[i] = "OU=" + ADHelper.EscapeString(paths[i]); } break; } } if (string.IsNullOrEmpty(SynchronizeContext.Current.TargetRootOU) == false) { string[] temp = new string[paths.Length + 1]; Array.Copy(paths, 0, temp, 1, paths.Length); temp[0] = SynchronizeContext.Current.TargetRootOU; paths = temp; } Array.Reverse(paths); return(paths); } else { return(new string[0]); } }
public static string GetOguObjectDN(IOguObject oguObject) { StringBuilder strResult = new StringBuilder(oguObject.FullPath.Length * 2); if (SynchronizeContext.Current.IsIncluded(oguObject) == false) { throw new InvalidOperationException("对象不在同步范围中"); } string relativePath = SynchronizeHelper.GetRelativePath(oguObject); if (relativePath.Length > 0) { var paths = relativePath.Split('\\'); if (paths.Length > 0) { paths[0] = SynchronizeContext.Current.GetMappedName(paths[0]); // 一级目录 switch (oguObject.ObjectType) { case SchemaType.Organizations: for (int i = paths.Length - 1; i > 0; i--) { strResult.Append("OU=").Append(ADHelper.EscapeString(paths[i])).Append(","); } strResult.Append(paths[0]); break; case SchemaType.Users: case SchemaType.Groups: string name = "CN="; for (int i = paths.Length - 1; i > 0; i--) { strResult.Append(name).Append(ADHelper.EscapeString(paths[i])).Append(","); name = "OU="; } strResult.Append(paths[0]); break; } } } if (strResult.Length > 0 && string.IsNullOrEmpty(SynchronizeContext.Current.TargetRootOU) == false) { strResult.Append(",").Append(SynchronizeContext.Current.TargetRootOU); } return(strResult.ToString()); }
private static void DeleteADObject(ObjectModifyType modifyType, IOguObject oguObject, ADObjectWrapper adObject) { ADHelper adHelper = SynchronizeContext.Current.ADHelper; using (DirectoryEntry entry = SynchronizeHelper.GetSearchResultByID(adHelper, adObject.NativeGuid).GetDirectoryEntry()) { entry.ForceBound(); ObjectSetterHelper.Convert(modifyType, oguObject, entry); } }
private static void ModifyADObjectProperties(ObjectModifyType modifyType, ModifiedItem item) { IOguObject oguObject = item.OguObjectData; ADObjectWrapper adObject = item.ADObjectData; using (DirectoryEntry entry = SynchronizeHelper.GetSearchResultByID(SynchronizeContext.Current.ADHelper, adObject.NativeGuid, (ADSchemaType)oguObject.ObjectType).GetDirectoryEntry()) { entry.ForceBound(); ObjectSetterHelper.Convert(modifyType, oguObject, entry); } }
protected override bool ComparePropertyValue(IOguObject srcOguObject, string srcPropertyName, ADObjectWrapper adObject, string targetPropertyName, string context) { string targetPropertyValue = null; if (adObject.Properties[targetPropertyName] != null) { targetPropertyValue = adObject.Properties[targetPropertyName].ToString(); } return(SynchronizeHelper.AppendNamingContext(SynchronizeHelper.GetOguObjectDN(srcOguObject)) == targetPropertyValue); }
private static void FillGroupMembersByOguIDs(IEnumerable <string> oguObjectIDs, PropertyValueCollection adGroupMembers, SynchronizeContext context) { IEnumerable <SearchResult> result = SynchronizeHelper.GetSearchResultsByIDs(context.ADHelper, context.IDMapper.GetMappedADObjectIDs(oguObjectIDs), new string[] { "distinguishedName" }, oguObjectIDs.Count()); foreach (SearchResult sr in result) { SynchronizeContext.Current.ExtendLockTime(); adGroupMembers.Add(sr.Properties["distinguishedName"][0]); } }
private static void ProcessBatch(ADToPermissionCenterSynchronizer context, EntityMappingCollection mappings, ADHelper adHelper, int startIndex, int size) { string[] propertiesToGet = { "sAMAccountName", "mail", "msRTCSIP-PrimaryUserAddress" }; IEnumerable <SearchResult> adResults = SynchronizeHelper.GetSearchResultsByPropertyValues(adHelper, "sAMAccountName", mappings.ToKeyArray("CodeName", startIndex, size), ADSchemaType.Users, propertiesToGet, size); Dictionary <string, SimpleUser> codeNameDict = mappings.ToCodeNameDictionary(startIndex, size); List <SimpleUser> changes = DiscoverChanges(codeNameDict, adResults); ApplyChanges(changes, context); }
private static ADObjectWrapper FindOUObject(IOguObject oguObject) { ADObjectWrapper adObject = null; string objectGuid; if (SynchronizeContext.Current.IDMapper.SCIDMappingDictionary.ContainsKey(oguObject.ID)) { var idMapping = SynchronizeContext.Current.IDMapper.SCIDMappingDictionary[oguObject.ID]; objectGuid = idMapping.ADObjectGuid; adObject = SynchronizeHelper.GetSearchResultByID(SynchronizeContext.Current.ADHelper, objectGuid, ADSchemaType.Organizations).ToADOjectWrapper(); if (adObject == null) { //这里要删除ID映射 if (!SynchronizeContext.Current.IDMapper.DeleteIDMappingDictionary.ContainsKey(oguObject.ID)) { SynchronizeContext.Current.IDMapper.DeleteIDMappingDictionary.Add(idMapping); } SynchronizeContext.Current.IDMapper.SCIDMappingDictionary.Remove(c => c.SCObjectID == oguObject.ID); } } if (adObject == null) //通过ID没找到 { string dn = SynchronizeHelper.GetOguObjectDN(oguObject); if (dn != "") { adObject = SynchronizeHelper.GetSearchResultByDN(SynchronizeContext.Current.ADHelper, dn, ADSchemaType.Organizations).ToADOjectWrapper(); if (adObject != null) { //这里首先要判断是否已被映射过 if (SynchronizeContext.Current.IDMapper.ADIDMappingDictionary.ContainsKey(adObject.NativeGuid)) { adObject = null; } } } else { //using (DirectoryEntry root = SynchronizeContext.Current.ADHelper.GetRootEntry()) //{ // adObject = new ADObjectWrapper() { ObjectType = ADSchemaType.Organizations }; // adObject.Properties["distinguishedName"] = root.Properties["distinguishedName"][0].ToString(); // adObject.Properties["objectGUID"] = root.NativeGuid; // adObject.Properties["name"] = root.Name; //} } } return(adObject); }
protected override void ProcessDeleteEntry(ObjectModifyType modifyType, IOguObject srcObject, DirectoryEntry targetObject, string context) { List <ADObjectWrapper> allChildren = targetObject.FindAllChildrenUser(); foreach (ADObjectWrapper child in allChildren) { using (DirectoryEntry subEntry = SynchronizeHelper.GetSearchResultByID(SynchronizeContext.Current.ADHelper, child.NativeGuid).GetDirectoryEntry()) { subEntry.ForceBound(); DisableAccount(subEntry); } } }
private IEnumerable <SearchResult> GetBatchData(int startIndex, int batchSize, SynchronizeContext context, string[] neededProperties) { List <string> buffer = new List <string>(batchSize); for (int k = startIndex; k < startIndex + batchSize; k++) { buffer.Add((string)this.source[k]); } var results = buffer.Count > 0 ? SynchronizeHelper.GetSearchResultsByDNList(context.ADHelper, buffer, ADSchemaType.Users, neededProperties, batchSize) : new SearchResult[0]; return(results); }
public static DirectoryEntry GetDirectoryEntryByID(ADHelper adHelper, string nativeID) { var result = SynchronizeHelper.GetSearchResultByID(adHelper, nativeID); if (result != null) { return(result.GetDirectoryEntry()); } else { return(null); } }
public static IOguObject Find(ADObjectWrapper childADObject, IEnumerable <IOguObject> oguObjects) { IOguObject result = null; //这里仅仅是查找所给集合里是不是存在相应的对象 foreach (var obj in oguObjects) { if (obj.ObjectType == SchemaType.Users) { if (((IUser)obj).IsSideline) { // continue; } } var guid = childADObject.NativeGuid; if (SynchronizeContext.Current.IDMapper.ADIDMappingDictionary.ContainsKey(guid)) //有映射 { if (obj.ID == SynchronizeContext.Current.IDMapper.ADIDMappingDictionary[guid].SCObjectID) { result = obj; } } else { switch (childADObject.ObjectType) { case ADSchemaType.Organizations: if (SynchronizeHelper.AppendNamingContext(childADObject.DN) == SynchronizeHelper.AppendNamingContext(SynchronizeHelper.GetOguObjectDN(obj))) { result = obj; } break; case ADSchemaType.Groups: case ADSchemaType.Users: if (childADObject.Properties["samAccountName"].ToString() == obj.Properties["LOGON_NAME"].ToString()) { result = obj; } break; } } } return(result); }
protected override void SetPropertyValue(IOguObject srcOguObject, string srcPropertyName, DirectoryEntry entry, string targetPropertyName, string context, SetterContext setterContext) { string srcPropertyValue = GetNormalizeddSourceValue(srcOguObject, srcPropertyName, context); string targetPropertyValue = GetNormalizeddTargetValue(entry, targetPropertyName, context); if (srcOguObject.FullPath == SynchronizeContext.Current.SourceRootPath) { srcPropertyValue = new PathPartEnumerator(SynchronizeContext.Current.TargetRootOU).Last(); //极其特别,不一定可靠,权限中心应限制更改这一组织的名称和位置。 } else { string relativePath = SynchronizeHelper.GetRelativePath(srcOguObject); if (relativePath.IndexOf('\\') < 0) { srcPropertyValue = SynchronizeContext.Current.GetMappedName(srcPropertyValue); } } if (srcPropertyValue != targetPropertyValue && entry.IsBounded() == true) { TraceItHere(srcOguObject, srcPropertyName, entry, targetPropertyName, context, srcPropertyValue, targetPropertyValue); entry.CommitChanges(); try { entry.Rename(srcOguObject.ObjectType.SchemaTypeToPrefix() + "=" + ADHelper.EscapeString(srcPropertyValue)); } catch (DirectoryServicesCOMException ex) { if (ex.ErrorCode == -2147019886) { //对象已存在 entry.Rename(srcOguObject.ObjectType.SchemaTypeToPrefix() + "=TMP" + Environment.TickCount.ToString("X")); SynchronizeContext.Current.DelayActions.Add(new DelayRenameAction(srcOguObject, entry.NativeGuid)); } else { throw; } } } }
protected override bool ComparePropertyValue(OGUPermission.IOguObject srcOguObject, string srcPropertyName, ADObjectWrapper adObject, string targetPropertyName, string context) { if (srcOguObject.FullPath == SynchronizeContext.Current.SourceRootPath) { //名称以权限中心为准 return(adObject.DN == SynchronizeHelper.AppendNamingContext(SynchronizeContext.Current.TargetRootOU)); } else { string path = SynchronizeHelper.GetRelativePath(srcOguObject); if (path.IndexOf('\\') > 0) { return(base.ComparePropertyValue(srcOguObject, srcPropertyName, adObject, targetPropertyName, context)); } else { string dn = SynchronizeContext.Current.GetMappedName(srcOguObject.Name); return(adObject.DN == SynchronizeHelper.AppendNamingContext(dn)); } } }
private static ADObjectWrapper FindGroupObject(IOguObject oguObject) { ADObjectWrapper adObject = null; string objectGuid; if (SynchronizeContext.Current.IDMapper.SCIDMappingDictionary.ContainsKey(oguObject.ID)) { var idMapping = SynchronizeContext.Current.IDMapper.SCIDMappingDictionary[oguObject.ID]; objectGuid = idMapping.ADObjectGuid; adObject = SynchronizeHelper.GetSearchResultByID(SynchronizeContext.Current.ADHelper, objectGuid, ADSchemaType.Groups).ToADOjectWrapper(); if (adObject == null) { //这里要删除ID映射 if (!SynchronizeContext.Current.IDMapper.DeleteIDMappingDictionary.ContainsKey(oguObject.ID)) { SynchronizeContext.Current.IDMapper.DeleteIDMappingDictionary.Add(idMapping); } SynchronizeContext.Current.IDMapper.SCIDMappingDictionary.Remove(c => c.SCObjectID == oguObject.ID); } } if (adObject == null) //通过ID没找到 { adObject = SynchronizeHelper.GetSearchResultByLogonName(oguObject.Properties["LOGON_NAME"].ToString(), ADSchemaType.Groups).ToADOjectWrapper(); if (adObject != null) { //这里首先要判断是否已被映射过 if (SynchronizeContext.Current.IDMapper.ADIDMappingDictionary.ContainsKey(adObject.NativeGuid)) { adObject = null; } } } return(adObject); }
private void EnsureRootOU(IOrganization startOrg) { if (SynchronizeContext.Current.IsIncluded(startOrg) == false) { throw new InvalidOperationException("同步根不在同步范围内"); } List <string> parentPaths = SynchronizeHelper.GetAllParentPaths(startOrg.FullPath); if (parentPaths.Count > 0) { foreach (string path in parentPaths) { if (path == SynchronizeContext.Current.SourceRootPath) { continue; // 根节点不应该被处理 } var curOrg = OguMechanismFactory.GetMechanism().GetObjects <IOrganization>(SearchOUIDType.FullPath, path).FirstOrDefault(); if (SynchronizeContext.Current.IsIncluded(curOrg)) { ADObjectWrapper adObject = ADObjectFinder.Find(curOrg, true); if (adObject == null) //这里判断找不到的情况,则加到变更列表 { SynchronizeContext.Current.PrepareAndAddModifiedItem(curOrg, adObject, ObjectModifyType.Add); } else //否则需要比较一下路径对不对,有可能按ID找到了,但路径变了 { if (!ObjectComparerHelper.ArePathEqaul(curOrg, adObject)) { SynchronizeContext.Current.PrepareAndAddModifiedItem(curOrg, adObject, ObjectModifyType.PropertyModified); } } } } } }
public static bool AreParentPathEqaul(IOguObject oguObject, ADObjectWrapper adObject) { var localPathToDN = SynchronizeHelper.AppendNamingContext(SynchronizeHelper.GetParentObjectDN(oguObject)); return(localPathToDN == ADHelper.GetParentRdnSequence(adObject.DN)); }
public static bool AreParentPathEqaul(IOguObject oguObject, DirectoryEntry entry) { var localPathToDN = SynchronizeHelper.AppendNamingContext(SynchronizeHelper.GetParentObjectDN(oguObject)); return(localPathToDN == ADHelper.GetParentRdnSequence(entry.Properties["distinguishedName"].Value.ToString())); }