/// <summary>
/// Gets the configuration used by the unit tests to acces an AD resource.
/// </summary>
/// <returns>A new instance of <see cref="ActiveDirectoryConfiguration"/>.</returns>
public static Configuration GetConfiguration()
{
var config = new ActiveDirectoryConfiguration
{
ConnectorMessages = TestHelpers.CreateDummyMessages(),
Container = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(
ConfigHelper.CONFIG_PROPERTY_CONTAINER),
DirectoryAdminName = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(
ConfigHelper.CONFIG_PROPERTY_USER),
DirectoryAdminPassword = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(
ConfigHelper.CONFIG_PROPERTY_PASSWORD),
DomainName = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(
ConfigHelper.CONFIG_PROPERTY_DOMAIN_NAME),
LDAPHostName = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(
ConfigHelper.CONFIG_PROPERTY_LDAPHOSTNAME),
SearchContext = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(
ConfigHelper.CONFIG_PROPERTY_SEARCH_CONTEXT),
SyncDomainController = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(
ConfigHelper.CONFIG_PROPERTY_SYNC_DOMAIN_CONTROLLER),
SyncGlobalCatalogServer = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(
ConfigHelper.CONFIG_PROPERTY_GC_DOMAIN_CONTROLLER)
};
return(config);
}
internal static DomainController GetDomainController(ActiveDirectoryConfiguration configuration)
{
String serverName = configuration.LDAPHostName;
DomainController controller = null;
if ((serverName == null) || (serverName.Length == 0))
{
// get the active directory schema
DirectoryContext context = new DirectoryContext(
DirectoryContextType.Domain,
configuration.DomainName,
configuration.DirectoryAdminName,
configuration.DirectoryAdminPassword);
controller = DomainController.FindOne(context);
}
else
{
DirectoryContext context = new DirectoryContext(
DirectoryContextType.DirectoryServer,
configuration.LDAPHostName,
configuration.DirectoryAdminName,
configuration.DirectoryAdminPassword);
controller = DomainController.GetDomainController(context);
}
return(controller);
}
public static string GetDomainControllerName(ActiveDirectoryConfiguration configuration)
{
string serverName = configuration.LDAPHostName;
if (string.IsNullOrEmpty(serverName))
{
// serverless
using (DirectoryEntry rootDe = new DirectoryEntry("LDAP://RootDSE",
configuration.DirectoryAdminName, configuration.DirectoryAdminPassword))
{
serverName = rootDe.Properties["dnsHostName"].Value as string;
}
}
return serverName;
}
public static string GetDomainControllerName(ActiveDirectoryConfiguration configuration)
{
string serverName = configuration.LDAPHostName;
if (string.IsNullOrEmpty(serverName))
{
// serverless
using (DirectoryEntry rootDe = new DirectoryEntry("LDAP://RootDSE",
configuration.DirectoryAdminName, configuration.DirectoryAdminPassword))
{
serverName = rootDe.Properties["dnsHostName"].Value as string;
}
}
return(serverName);
}
/// <summary>
/// This does not work ... for now, don't handle container changes
/// </summary>
/// <param name="type"></param>
/// <param name="directoryEntry"></param>
/// <param name="attributes"></param>
/// <param name="config"></param>
private static void HandleContainerChange(UpdateType type,
DirectoryEntry directoryEntry, ICollection <ConnectorAttribute> attributes,
ActiveDirectoryConfiguration config)
{
Name nameAttribute = ConnectorAttributeUtil.GetNameFromAttributes(attributes);
if (nameAttribute == null)
{
// no name, so must not be a container change
return;
}
if (!type.Equals(UpdateType.REPLACE))
{
// this only make sense for replace. you can't
// add a name or delete a name
return;
}
String oldContainer = GetParentDn(directoryEntry.Path);
String newContainer = GetParentDn(nameAttribute.GetNameValue());
if (!NormalizeLdapString(oldContainer).Equals(NormalizeLdapString(newContainer)))
{
if (newContainer != null)
{
try
{
if (!NormalizeLdapString(oldContainer).Equals(
NormalizeLdapString(newContainer)))
{
String newContainerLdapPath = ActiveDirectoryUtils.GetLDAPPath(
config.LDAPHostName, newContainer);
DirectoryEntry newContainerDe = new DirectoryEntry(newContainerLdapPath,
config.DirectoryAdminName, config.DirectoryAdminPassword);
directoryEntry.MoveTo(newContainerDe);
}
}
catch (Exception e)
{
throw e;
}
}
}
}
/// <summary>
/// Updates an AD object (also called by create after object is created)
/// </summary>
/// <param name="oclass"></param>
/// <param name="directoryEntry"></param>
/// <param name="attributes"></param>
/// <param name="type"></param>
/// <param name="config"></param>
internal void UpdateADObject(ObjectClass oclass,
DirectoryEntry directoryEntry, ICollection<ConnectorAttribute> attributes,
UpdateType type, ActiveDirectoryConfiguration config)
{
if(oclass.Equals(ObjectClass.ACCOUNT))
{
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// encountered problems when processing change password at the same time
// as setting expired. It would be set to expired, but the change would
// clear that. So we must ensure that expired comes last.
if (OperationalAttributes.PASSWORD_EXPIRED_NAME.Equals(attribute.Name))
{
continue;
}
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// Trace.TraceInformation("Committing after setting attribute {0} to {1}", attribute.Name, attribute.Value);
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
// now do the password change. This is handled separately, because
// it might be a user changing his own password, or it might be an
// administrative change.
GuardedString gsNewPassword = ConnectorAttributeUtil.GetPasswordValue(attributes);
if (gsNewPassword != null)
{
GuardedString gsCurrentPassword = ConnectorAttributeUtil.GetCurrentPasswordValue(attributes);
PasswordChangeHandler changeHandler = new PasswordChangeHandler(_configuration);
if (gsCurrentPassword == null)
{
// just a normal password change
changeHandler.changePassword(directoryEntry, gsNewPassword);
}
else
{
changeHandler.changePassword(directoryEntry,
gsCurrentPassword, gsNewPassword);
}
UserAccountControl.Set(directoryEntry.Properties[ActiveDirectoryConnector.ATT_USER_ACOUNT_CONTROL],
UserAccountControl.PASSWD_NOTREQD, false);
directoryEntry.CommitChanges();
}
// see note in loop above for explaination of this
ConnectorAttribute expirePasswordAttribute = ConnectorAttributeUtil.Find(
OperationalAttributes.PASSWORD_EXPIRED_NAME, attributes);
if (expirePasswordAttribute != null)
{
AddConnectorAttributeToADProperties(oclass,
directoryEntry, expirePasswordAttribute, type);
directoryEntry.CommitChanges();
}
/*
UserAccountControl.Set(directoryEntry.Properties[ActiveDirectoryConnector.ATT_USER_ACOUNT_CONTROL],
UserAccountControl.PASSWD_NOTREQD, false);
*/
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
else if (oclass.Equals(ActiveDirectoryConnector.groupObjectClass))
{
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// Temporary
// Trace.TraceInformation(String.Format("Setting attribute {0} to {1}",
// attribute.Name, attribute.Value));
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
else if (oclass.Equals(ActiveDirectoryConnector.ouObjectClass))
{
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// Temporary
// Trace.TraceInformation(String.Format("Setting attribute {0} to {1}",
// attribute.Name, attribute.Value));
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
else
{
String objectClassName = GetADObjectClass(oclass);
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// Temporary
// Trace.TraceInformation(String.Format("Setting attribute {0} to {1}",
// attribute.Name, attribute.Value));
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
}
/// <summary>
/// </summary>
/// <param name="type"></param>
/// <param name="directoryEntry"></param>
/// <param name="attributes"></param>
/// <param name="config"></param>
private static void HandleNameAndContainerChange(UpdateType type,
DirectoryEntry directoryEntry, ICollection<ConnectorAttribute> attributes,
ActiveDirectoryConfiguration config)
{
Name nameAttribute = ConnectorAttributeUtil.GetNameFromAttributes(attributes);
if(nameAttribute == null)
{
// no name, so must not be a container change
return;
}
if (!type.Equals(UpdateType.REPLACE))
{
// this only make sense for replace. you can't
// add a name or delete a name
return;
}
String oldName = directoryEntry.Name;
String newName = GetRelativeName(nameAttribute);
bool nameChanged = !NormalizeLdapString(oldName).Equals(NormalizeLdapString(newName), StringComparison.OrdinalIgnoreCase);
String oldContainer = GetParentDn(directoryEntry.Path);
String newContainer = GetParentDn(nameAttribute.GetNameValue());
bool containerChanged = !NormalizeLdapString(oldContainer).Equals(NormalizeLdapString(newContainer), StringComparison.OrdinalIgnoreCase);
if (!nameChanged && !containerChanged)
{
return;
}
if (nameChanged && !containerChanged) // rename without moving
{
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming {0} to {1}", oldName, newName);
directoryEntry.Rename(newName);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK");
return;
}
// so this is move with or without rename
// step 1: if WITH rename, we have to rename the entry to a temporary name first
String temporaryName = null;
if (nameChanged)
{
temporaryName = oldName + "-" + RandomStr();
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming {0} to a temporary name of {1}", oldName, temporaryName);
directoryEntry.Rename(temporaryName);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK");
}
// step 2: do the move
try
{
String newContainerLdapPath = ActiveDirectoryUtils.GetLDAPPath(config.LDAPHostName, newContainer);
DirectoryEntry newContainerDe = new DirectoryEntry(newContainerLdapPath, config.DirectoryAdminName, config.DirectoryAdminPassword);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Moving from {0} to {1} ({2})", oldContainer, newContainer, newContainerLdapPath);
directoryEntry.MoveTo(newContainerDe);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Move OK");
newContainerDe.Dispose();
}
catch (Exception e)
{
LOGGER.TraceEvent(TraceEventType.Information, CAT_DEFAULT, "Exception caught when moving: {0}", e);
if (nameChanged)
{
LOGGER.TraceEvent(TraceEventType.Information, CAT_DEFAULT, "Renaming back from temporary name of {0} to {1}", temporaryName, oldName);
directoryEntry.Rename(oldName);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK");
}
throw e;
}
// step 3: if WITH rename, then rename from temporary name to the new name
if (nameChanged)
{
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming from temporary name of {0} to a new name of {1}", temporaryName, newName);
directoryEntry.Rename(newName);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK");
}
}
internal static DomainController GetDomainController(ActiveDirectoryConfiguration configuration)
{
String serverName = configuration.LDAPHostName;
DomainController controller = null;
if ((serverName == null) || (serverName.Length == 0))
{
// get the active directory schema
DirectoryContext context = new DirectoryContext(
DirectoryContextType.Domain,
configuration.DomainName,
configuration.DirectoryAdminName,
configuration.DirectoryAdminPassword);
controller = DomainController.FindOne(context);
}
else
{
DirectoryContext context = new DirectoryContext(
DirectoryContextType.DirectoryServer,
configuration.LDAPHostName,
configuration.DirectoryAdminName,
configuration.DirectoryAdminPassword);
controller = DomainController.GetDomainController(context);
}
return controller;
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="configuration">
/// Configuration object for the connector.
/// </param>
public ActiveDirectoryUtils(ActiveDirectoryConfiguration configuration)
{
_configuration = configuration;
_customHandlers = new CustomAttributeHandlers(_configuration);
}
/// <summary>
/// Gets the configuration used by the unit tests to acces an AD resource.
/// </summary>
/// <returns>A new instance of <see cref="ActiveDirectoryConfiguration"/>.</returns>
public static Configuration GetConfiguration()
{
var config = new ActiveDirectoryConfiguration
{
ConnectorMessages = TestHelpers.CreateDummyMessages(),
Container = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>(
ConfigHelper.CONFIG_PROPERTY_CONTAINER ),
DirectoryAdminName = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>(
ConfigHelper.CONFIG_PROPERTY_USER ),
DirectoryAdminPassword = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>(
ConfigHelper.CONFIG_PROPERTY_PASSWORD ),
DomainName = TestHelpers.GetProperties(
typeof (ActiveDirectoryConnector)).GetProperty<string>(
ConfigHelper.CONFIG_PROPERTY_DOMAIN_NAME),
LDAPHostName = TestHelpers.GetProperties(
typeof (ActiveDirectoryConnector)).GetProperty<string>(
ConfigHelper.CONFIG_PROPERTY_LDAPHOSTNAME),
SearchContext = TestHelpers.GetProperties(
typeof (ActiveDirectoryConnector)).GetProperty<string>(
ConfigHelper.CONFIG_PROPERTY_SEARCH_CONTEXT),
SyncDomainController = TestHelpers.GetProperties(
typeof (ActiveDirectoryConnector)).GetProperty<string>(
ConfigHelper.CONFIG_PROPERTY_SYNC_DOMAIN_CONTROLLER),
SyncGlobalCatalogServer = TestHelpers.GetProperties(
typeof (ActiveDirectoryConnector)).GetProperty<string>(
ConfigHelper.CONFIG_PROPERTY_GC_DOMAIN_CONTROLLER)
};
return config;
}
internal PasswordChangeHandler(ActiveDirectoryConfiguration configuration)
{
_configuration = configuration;
}
/// <summary>
/// This does not work ... for now, don't handle container changes
/// </summary>
/// <param name="type"></param>
/// <param name="directoryEntry"></param>
/// <param name="attributes"></param>
/// <param name="config"></param>
private static void HandleContainerChange(UpdateType type,
DirectoryEntry directoryEntry, ICollection<ConnectorAttribute> attributes,
ActiveDirectoryConfiguration config)
{
Name nameAttribute = ConnectorAttributeUtil.GetNameFromAttributes(attributes);
if(nameAttribute == null)
{
// no name, so must not be a container change
return;
}
if (!type.Equals(UpdateType.REPLACE))
{
// this only make sense for replace. you can't
// add a name or delete a name
return;
}
String oldContainer = GetParentDn(directoryEntry.Path);
String newContainer = GetParentDn(nameAttribute.GetNameValue());
if (!NormalizeLdapString(oldContainer).Equals(NormalizeLdapString(newContainer), StringComparison.OrdinalIgnoreCase))
{
if (newContainer != null)
{
try
{
if (!NormalizeLdapString(oldContainer).Equals(
NormalizeLdapString(newContainer), StringComparison.OrdinalIgnoreCase))
{
String newContainerLdapPath = ActiveDirectoryUtils.GetLDAPPath(
config.LDAPHostName, newContainer);
DirectoryEntry newContainerDe = new DirectoryEntry(newContainerLdapPath,
config.DirectoryAdminName, config.DirectoryAdminPassword);
directoryEntry.MoveTo(newContainerDe);
newContainerDe.Dispose();
}
}
catch (Exception e)
{
throw e;
}
}
}
}
internal AuthenticationHelper(ActiveDirectoryConfiguration configuration)
{
_configuration = configuration;
}
public void TestProperties()
{
var sut = new ActiveDirectoryConfiguration
{
ConnectorMessages = TestHelpers.CreateDummyMessages()
};
var container = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_CONTAINER);
sut.Container = container;
Assert.AreEqual(container, sut.Container, "Container");
//test with the negate of the default value
var createHomeDirectory = !sut.CreateHomeDirectory;
sut.CreateHomeDirectory = createHomeDirectory;
Assert.AreEqual(createHomeDirectory, sut.CreateHomeDirectory, "CreateHomeDirectory");
var directoryAdminName = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_USER);
sut.DirectoryAdminName = directoryAdminName;
Assert.AreEqual(directoryAdminName, sut.DirectoryAdminName, "DirectoryAdminName");
var directoryAdminPassword = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_PASSWORD);
sut.DirectoryAdminPassword = directoryAdminPassword;
Assert.AreEqual(directoryAdminPassword, sut.DirectoryAdminPassword, "DirectoryAdminPassword");
var domainName = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_DOMAIN_NAME);
sut.DomainName = domainName;
Assert.AreEqual(domainName, sut.DomainName, "DomainName");
var ldapHostName = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_LDAPHOSTNAME);
sut.LDAPHostName = ldapHostName;
Assert.AreEqual(ldapHostName, sut.LDAPHostName, "LDAPHostName");
const string objectClassName = "DOES NOT MATTER";
sut.ObjectClass = objectClassName;
Assert.AreEqual(objectClassName, sut.ObjectClass, "ObjectClass");
//test with the negate of the default value
var searchChildDomains = !sut.SearchChildDomains;
sut.SearchChildDomains = searchChildDomains;
Assert.AreEqual(searchChildDomains, sut.SearchChildDomains, "SearchChildDomains");
var searchContext = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_SEARCH_CONTEXT);
sut.SearchContext = searchContext;
Assert.AreEqual(searchContext, sut.SearchContext, "SearchContext");
var syncDomainController = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_SYNC_DOMAIN_CONTROLLER);
sut.SyncDomainController = syncDomainController;
Assert.AreEqual(syncDomainController, sut.SyncDomainController, "SyncDomainController");
var syncGlobalCatalogServer = TestHelpers.GetProperties(
typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_GC_DOMAIN_CONTROLLER);
sut.SyncGlobalCatalogServer = syncGlobalCatalogServer;
Assert.AreEqual(syncGlobalCatalogServer, sut.SyncGlobalCatalogServer, "SyncGlobalCatalogServer");
}
internal AuthenticationHelper(ActiveDirectoryConfiguration configuration)
{
_configuration = configuration;
}
/// <summary>
/// </summary>
/// <param name="type"></param>
/// <param name="directoryEntry"></param>
/// <param name="attributes"></param>
/// <param name="config"></param>
private static void HandleNameAndContainerChange(UpdateType type,
DirectoryEntry directoryEntry, ICollection <ConnectorAttribute> attributes,
ActiveDirectoryConfiguration config)
{
Name nameAttribute = ConnectorAttributeUtil.GetNameFromAttributes(attributes);
if (nameAttribute == null)
{
// no name, so must not be a container change
return;
}
if (!type.Equals(UpdateType.REPLACE))
{
// this only make sense for replace. you can't
// add a name or delete a name
return;
}
String oldName = directoryEntry.Name;
String newName = GetRelativeName(nameAttribute);
bool nameChanged = !NormalizeLdapString(oldName).Equals(NormalizeLdapString(newName), StringComparison.OrdinalIgnoreCase);
String oldContainer = GetParentDn(directoryEntry.Path);
String newContainer = GetParentDn(nameAttribute.GetNameValue());
bool containerChanged = !NormalizeLdapString(oldContainer).Equals(NormalizeLdapString(newContainer), StringComparison.OrdinalIgnoreCase);
if (!nameChanged && !containerChanged)
{
return;
}
if (nameChanged && !containerChanged) // rename without moving
{
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming {0} to {1}", oldName, newName);
directoryEntry.Rename(newName);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK");
return;
}
// so this is move with or without rename
// step 1: if WITH rename, we have to rename the entry to a temporary name first
String temporaryName = null;
if (nameChanged)
{
temporaryName = oldName + "-" + RandomStr();
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming {0} to a temporary name of {1}", oldName, temporaryName);
directoryEntry.Rename(temporaryName);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK");
}
// step 2: do the move
try
{
String newContainerLdapPath = ActiveDirectoryUtils.GetLDAPPath(config.LDAPHostName, newContainer);
DirectoryEntry newContainerDe = new DirectoryEntry(newContainerLdapPath, config.DirectoryAdminName, config.DirectoryAdminPassword);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Moving from {0} to {1} ({2})", oldContainer, newContainer, newContainerLdapPath);
directoryEntry.MoveTo(newContainerDe);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Move OK");
newContainerDe.Dispose();
}
catch (Exception e)
{
LOGGER.TraceEvent(TraceEventType.Information, CAT_DEFAULT, "Exception caught when moving: {0}", e);
if (nameChanged)
{
LOGGER.TraceEvent(TraceEventType.Information, CAT_DEFAULT, "Renaming back from temporary name of {0} to {1}", temporaryName, oldName);
directoryEntry.Rename(oldName);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK");
}
throw e;
}
// step 3: if WITH rename, then rename from temporary name to the new name
if (nameChanged)
{
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming from temporary name of {0} to a new name of {1}", temporaryName, newName);
directoryEntry.Rename(newName);
LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK");
}
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="configuration">
/// Configuration object for the connector.
/// </param>
public ActiveDirectoryUtils(ActiveDirectoryConfiguration configuration)
{
_configuration = configuration;
_customHandlers = new CustomAttributeHandlers(_configuration);
}
/// <summary>
/// Updates an AD object (also called by create after object is created)
/// </summary>
/// <param name="oclass"></param>
/// <param name="directoryEntry"></param>
/// <param name="attributes"></param>
/// <param name="type"></param>
/// <param name="config"></param>
internal void UpdateADObject(ObjectClass oclass,
DirectoryEntry directoryEntry, ICollection <ConnectorAttribute> attributes,
UpdateType type, ActiveDirectoryConfiguration config)
{
if (oclass.Equals(ObjectClass.ACCOUNT))
{
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// encountered problems when processing change password at the same time
// as setting expired. It would be set to expired, but the change would
// clear that. So we must ensure that expired comes last.
if (OperationalAttributes.PASSWORD_EXPIRED_NAME.Equals(attribute.Name))
{
continue;
}
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// Trace.TraceInformation("Committing after setting attribute {0} to {1}", attribute.Name, attribute.Value);
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
// now do the password change. This is handled separately, because
// it might be a user changing his own password, or it might be an
// administrative change.
GuardedString gsNewPassword = ConnectorAttributeUtil.GetPasswordValue(attributes);
if (gsNewPassword != null)
{
GuardedString gsCurrentPassword = ConnectorAttributeUtil.GetCurrentPasswordValue(attributes);
PasswordChangeHandler changeHandler = new PasswordChangeHandler(_configuration);
if (gsCurrentPassword == null)
{
// just a normal password change
changeHandler.changePassword(directoryEntry, gsNewPassword);
}
else
{
changeHandler.changePassword(directoryEntry,
gsCurrentPassword, gsNewPassword);
}
UserAccountControl.Set(directoryEntry.Properties[ActiveDirectoryConnector.ATT_USER_ACOUNT_CONTROL],
UserAccountControl.PASSWD_NOTREQD, false);
directoryEntry.CommitChanges();
}
// see note in loop above for explaination of this
ConnectorAttribute expirePasswordAttribute = ConnectorAttributeUtil.Find(
OperationalAttributes.PASSWORD_EXPIRED_NAME, attributes);
if (expirePasswordAttribute != null)
{
AddConnectorAttributeToADProperties(oclass,
directoryEntry, expirePasswordAttribute, type);
directoryEntry.CommitChanges();
}
/*
* UserAccountControl.Set(directoryEntry.Properties[ActiveDirectoryConnector.ATT_USER_ACOUNT_CONTROL],
* UserAccountControl.PASSWD_NOTREQD, false);
*/
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
else if (oclass.Equals(ActiveDirectoryConnector.groupObjectClass))
{
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// Temporary
// Trace.TraceInformation(String.Format("Setting attribute {0} to {1}",
// attribute.Name, attribute.Value));
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
else if (oclass.Equals(ActiveDirectoryConnector.ouObjectClass))
{
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// Temporary
// Trace.TraceInformation(String.Format("Setting attribute {0} to {1}",
// attribute.Name, attribute.Value));
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
else
{
String objectClassName = GetADObjectClass(oclass);
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// Temporary
// Trace.TraceInformation(String.Format("Setting attribute {0} to {1}",
// attribute.Name, attribute.Value));
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
}
public void TestProperties()
{
var sut = new ActiveDirectoryConfiguration
{
ConnectorMessages = TestHelpers.CreateDummyMessages()
};
var container = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_CONTAINER );
sut.Container = container;
Assert.AreEqual( container, sut.Container, "Container" );
//test with the negate of the default value
var createHomeDirectory = !sut.CreateHomeDirectory;
sut.CreateHomeDirectory = createHomeDirectory;
Assert.AreEqual( createHomeDirectory, sut.CreateHomeDirectory, "CreateHomeDirectory" );
var directoryAdminName = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_USER );
sut.DirectoryAdminName = directoryAdminName;
Assert.AreEqual( directoryAdminName, sut.DirectoryAdminName, "DirectoryAdminName" );
var directoryAdminPassword = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_PASSWORD );
sut.DirectoryAdminPassword = directoryAdminPassword;
Assert.AreEqual( directoryAdminPassword, sut.DirectoryAdminPassword, "DirectoryAdminPassword" );
var domainName = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_DOMAIN_NAME );
sut.DomainName = domainName;
Assert.AreEqual( domainName, sut.DomainName, "DomainName" );
var ldapHostName = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_LDAPHOSTNAME );
sut.LDAPHostName = ldapHostName;
Assert.AreEqual( ldapHostName, sut.LDAPHostName, "LDAPHostName" );
const string objectClassName = "DOES NOT MATTER";
sut.ObjectClass = objectClassName;
Assert.AreEqual( objectClassName, sut.ObjectClass, "ObjectClass" );
//test with the negate of the default value
var searchChildDomains = !sut.SearchChildDomains;
sut.SearchChildDomains = searchChildDomains;
Assert.AreEqual( searchChildDomains, sut.SearchChildDomains, "SearchChildDomains" );
var searchContext = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_SEARCH_CONTEXT );
sut.SearchContext = searchContext;
Assert.AreEqual( searchContext, sut.SearchContext, "SearchContext" );
var syncDomainController = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_SYNC_DOMAIN_CONTROLLER );
sut.SyncDomainController = syncDomainController;
Assert.AreEqual( syncDomainController, sut.SyncDomainController, "SyncDomainController" );
var syncGlobalCatalogServer = TestHelpers.GetProperties(
typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_GC_DOMAIN_CONTROLLER );
sut.SyncGlobalCatalogServer = syncGlobalCatalogServer;
Assert.AreEqual( syncGlobalCatalogServer, sut.SyncGlobalCatalogServer, "SyncGlobalCatalogServer" );
}
internal PasswordChangeHandler(ActiveDirectoryConfiguration configuration)
{
_configuration = configuration;
}