/// <summary> /// Gets the configuration used by the unit tests to acces an AD resource. /// </summary> /// <returns>A new instance of <see cref="ActiveDirectoryConfiguration"/>.</returns> public static Configuration GetConfiguration() { var config = new ActiveDirectoryConfiguration { ConnectorMessages = TestHelpers.CreateDummyMessages(), Container = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>( ConfigHelper.CONFIG_PROPERTY_CONTAINER), DirectoryAdminName = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>( ConfigHelper.CONFIG_PROPERTY_USER), DirectoryAdminPassword = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>( ConfigHelper.CONFIG_PROPERTY_PASSWORD), DomainName = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>( ConfigHelper.CONFIG_PROPERTY_DOMAIN_NAME), LDAPHostName = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>( ConfigHelper.CONFIG_PROPERTY_LDAPHOSTNAME), SearchContext = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>( ConfigHelper.CONFIG_PROPERTY_SEARCH_CONTEXT), SyncDomainController = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>( ConfigHelper.CONFIG_PROPERTY_SYNC_DOMAIN_CONTROLLER), SyncGlobalCatalogServer = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>( ConfigHelper.CONFIG_PROPERTY_GC_DOMAIN_CONTROLLER) }; return(config); }
internal static DomainController GetDomainController(ActiveDirectoryConfiguration configuration) { String serverName = configuration.LDAPHostName; DomainController controller = null; if ((serverName == null) || (serverName.Length == 0)) { // get the active directory schema DirectoryContext context = new DirectoryContext( DirectoryContextType.Domain, configuration.DomainName, configuration.DirectoryAdminName, configuration.DirectoryAdminPassword); controller = DomainController.FindOne(context); } else { DirectoryContext context = new DirectoryContext( DirectoryContextType.DirectoryServer, configuration.LDAPHostName, configuration.DirectoryAdminName, configuration.DirectoryAdminPassword); controller = DomainController.GetDomainController(context); } return(controller); }
public static string GetDomainControllerName(ActiveDirectoryConfiguration configuration) { string serverName = configuration.LDAPHostName; if (string.IsNullOrEmpty(serverName)) { // serverless using (DirectoryEntry rootDe = new DirectoryEntry("LDAP://RootDSE", configuration.DirectoryAdminName, configuration.DirectoryAdminPassword)) { serverName = rootDe.Properties["dnsHostName"].Value as string; } } return serverName; }
public static string GetDomainControllerName(ActiveDirectoryConfiguration configuration) { string serverName = configuration.LDAPHostName; if (string.IsNullOrEmpty(serverName)) { // serverless using (DirectoryEntry rootDe = new DirectoryEntry("LDAP://RootDSE", configuration.DirectoryAdminName, configuration.DirectoryAdminPassword)) { serverName = rootDe.Properties["dnsHostName"].Value as string; } } return(serverName); }
/// <summary> /// This does not work ... for now, don't handle container changes /// </summary> /// <param name="type"></param> /// <param name="directoryEntry"></param> /// <param name="attributes"></param> /// <param name="config"></param> private static void HandleContainerChange(UpdateType type, DirectoryEntry directoryEntry, ICollection <ConnectorAttribute> attributes, ActiveDirectoryConfiguration config) { Name nameAttribute = ConnectorAttributeUtil.GetNameFromAttributes(attributes); if (nameAttribute == null) { // no name, so must not be a container change return; } if (!type.Equals(UpdateType.REPLACE)) { // this only make sense for replace. you can't // add a name or delete a name return; } String oldContainer = GetParentDn(directoryEntry.Path); String newContainer = GetParentDn(nameAttribute.GetNameValue()); if (!NormalizeLdapString(oldContainer).Equals(NormalizeLdapString(newContainer))) { if (newContainer != null) { try { if (!NormalizeLdapString(oldContainer).Equals( NormalizeLdapString(newContainer))) { String newContainerLdapPath = ActiveDirectoryUtils.GetLDAPPath( config.LDAPHostName, newContainer); DirectoryEntry newContainerDe = new DirectoryEntry(newContainerLdapPath, config.DirectoryAdminName, config.DirectoryAdminPassword); directoryEntry.MoveTo(newContainerDe); } } catch (Exception e) { throw e; } } } }
/// <summary> /// Updates an AD object (also called by create after object is created) /// </summary> /// <param name="oclass"></param> /// <param name="directoryEntry"></param> /// <param name="attributes"></param> /// <param name="type"></param> /// <param name="config"></param> internal void UpdateADObject(ObjectClass oclass, DirectoryEntry directoryEntry, ICollection<ConnectorAttribute> attributes, UpdateType type, ActiveDirectoryConfiguration config) { if(oclass.Equals(ObjectClass.ACCOUNT)) { // translate attribute passed in foreach (ConnectorAttribute attribute in attributes) { // encountered problems when processing change password at the same time // as setting expired. It would be set to expired, but the change would // clear that. So we must ensure that expired comes last. if (OperationalAttributes.PASSWORD_EXPIRED_NAME.Equals(attribute.Name)) { continue; } AddConnectorAttributeToADProperties(oclass, directoryEntry, attribute, type); // Uncommenting the next line is very helpful in // finding mysterious errors. // Trace.TraceInformation("Committing after setting attribute {0} to {1}", attribute.Name, attribute.Value); // directoryEntry.CommitChanges(); } directoryEntry.CommitChanges(); // now do the password change. This is handled separately, because // it might be a user changing his own password, or it might be an // administrative change. GuardedString gsNewPassword = ConnectorAttributeUtil.GetPasswordValue(attributes); if (gsNewPassword != null) { GuardedString gsCurrentPassword = ConnectorAttributeUtil.GetCurrentPasswordValue(attributes); PasswordChangeHandler changeHandler = new PasswordChangeHandler(_configuration); if (gsCurrentPassword == null) { // just a normal password change changeHandler.changePassword(directoryEntry, gsNewPassword); } else { changeHandler.changePassword(directoryEntry, gsCurrentPassword, gsNewPassword); } UserAccountControl.Set(directoryEntry.Properties[ActiveDirectoryConnector.ATT_USER_ACOUNT_CONTROL], UserAccountControl.PASSWD_NOTREQD, false); directoryEntry.CommitChanges(); } // see note in loop above for explaination of this ConnectorAttribute expirePasswordAttribute = ConnectorAttributeUtil.Find( OperationalAttributes.PASSWORD_EXPIRED_NAME, attributes); if (expirePasswordAttribute != null) { AddConnectorAttributeToADProperties(oclass, directoryEntry, expirePasswordAttribute, type); directoryEntry.CommitChanges(); } /* UserAccountControl.Set(directoryEntry.Properties[ActiveDirectoryConnector.ATT_USER_ACOUNT_CONTROL], UserAccountControl.PASSWD_NOTREQD, false); */ directoryEntry.CommitChanges(); HandleNameAndContainerChange(type, directoryEntry, attributes, config); } else if (oclass.Equals(ActiveDirectoryConnector.groupObjectClass)) { // translate attribute passed in foreach (ConnectorAttribute attribute in attributes) { // Temporary // Trace.TraceInformation(String.Format("Setting attribute {0} to {1}", // attribute.Name, attribute.Value)); AddConnectorAttributeToADProperties(oclass, directoryEntry, attribute, type); // Uncommenting the next line is very helpful in // finding mysterious errors. // directoryEntry.CommitChanges(); } directoryEntry.CommitChanges(); HandleNameAndContainerChange(type, directoryEntry, attributes, config); } else if (oclass.Equals(ActiveDirectoryConnector.ouObjectClass)) { // translate attribute passed in foreach (ConnectorAttribute attribute in attributes) { // Temporary // Trace.TraceInformation(String.Format("Setting attribute {0} to {1}", // attribute.Name, attribute.Value)); AddConnectorAttributeToADProperties(oclass, directoryEntry, attribute, type); // Uncommenting the next line is very helpful in // finding mysterious errors. // directoryEntry.CommitChanges(); } directoryEntry.CommitChanges(); HandleNameAndContainerChange(type, directoryEntry, attributes, config); } else { String objectClassName = GetADObjectClass(oclass); // translate attribute passed in foreach (ConnectorAttribute attribute in attributes) { // Temporary // Trace.TraceInformation(String.Format("Setting attribute {0} to {1}", // attribute.Name, attribute.Value)); AddConnectorAttributeToADProperties(oclass, directoryEntry, attribute, type); // Uncommenting the next line is very helpful in // finding mysterious errors. // directoryEntry.CommitChanges(); } directoryEntry.CommitChanges(); HandleNameAndContainerChange(type, directoryEntry, attributes, config); } }
/// <summary> /// </summary> /// <param name="type"></param> /// <param name="directoryEntry"></param> /// <param name="attributes"></param> /// <param name="config"></param> private static void HandleNameAndContainerChange(UpdateType type, DirectoryEntry directoryEntry, ICollection<ConnectorAttribute> attributes, ActiveDirectoryConfiguration config) { Name nameAttribute = ConnectorAttributeUtil.GetNameFromAttributes(attributes); if(nameAttribute == null) { // no name, so must not be a container change return; } if (!type.Equals(UpdateType.REPLACE)) { // this only make sense for replace. you can't // add a name or delete a name return; } String oldName = directoryEntry.Name; String newName = GetRelativeName(nameAttribute); bool nameChanged = !NormalizeLdapString(oldName).Equals(NormalizeLdapString(newName), StringComparison.OrdinalIgnoreCase); String oldContainer = GetParentDn(directoryEntry.Path); String newContainer = GetParentDn(nameAttribute.GetNameValue()); bool containerChanged = !NormalizeLdapString(oldContainer).Equals(NormalizeLdapString(newContainer), StringComparison.OrdinalIgnoreCase); if (!nameChanged && !containerChanged) { return; } if (nameChanged && !containerChanged) // rename without moving { LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming {0} to {1}", oldName, newName); directoryEntry.Rename(newName); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK"); return; } // so this is move with or without rename // step 1: if WITH rename, we have to rename the entry to a temporary name first String temporaryName = null; if (nameChanged) { temporaryName = oldName + "-" + RandomStr(); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming {0} to a temporary name of {1}", oldName, temporaryName); directoryEntry.Rename(temporaryName); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK"); } // step 2: do the move try { String newContainerLdapPath = ActiveDirectoryUtils.GetLDAPPath(config.LDAPHostName, newContainer); DirectoryEntry newContainerDe = new DirectoryEntry(newContainerLdapPath, config.DirectoryAdminName, config.DirectoryAdminPassword); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Moving from {0} to {1} ({2})", oldContainer, newContainer, newContainerLdapPath); directoryEntry.MoveTo(newContainerDe); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Move OK"); newContainerDe.Dispose(); } catch (Exception e) { LOGGER.TraceEvent(TraceEventType.Information, CAT_DEFAULT, "Exception caught when moving: {0}", e); if (nameChanged) { LOGGER.TraceEvent(TraceEventType.Information, CAT_DEFAULT, "Renaming back from temporary name of {0} to {1}", temporaryName, oldName); directoryEntry.Rename(oldName); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK"); } throw e; } // step 3: if WITH rename, then rename from temporary name to the new name if (nameChanged) { LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming from temporary name of {0} to a new name of {1}", temporaryName, newName); directoryEntry.Rename(newName); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK"); } }
internal static DomainController GetDomainController(ActiveDirectoryConfiguration configuration) { String serverName = configuration.LDAPHostName; DomainController controller = null; if ((serverName == null) || (serverName.Length == 0)) { // get the active directory schema DirectoryContext context = new DirectoryContext( DirectoryContextType.Domain, configuration.DomainName, configuration.DirectoryAdminName, configuration.DirectoryAdminPassword); controller = DomainController.FindOne(context); } else { DirectoryContext context = new DirectoryContext( DirectoryContextType.DirectoryServer, configuration.LDAPHostName, configuration.DirectoryAdminName, configuration.DirectoryAdminPassword); controller = DomainController.GetDomainController(context); } return controller; }
/// <summary> /// Constructor /// </summary> /// <param name="configuration"> /// Configuration object for the connector. /// </param> public ActiveDirectoryUtils(ActiveDirectoryConfiguration configuration) { _configuration = configuration; _customHandlers = new CustomAttributeHandlers(_configuration); }
/// <summary> /// Gets the configuration used by the unit tests to acces an AD resource. /// </summary> /// <returns>A new instance of <see cref="ActiveDirectoryConfiguration"/>.</returns> public static Configuration GetConfiguration() { var config = new ActiveDirectoryConfiguration { ConnectorMessages = TestHelpers.CreateDummyMessages(), Container = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_CONTAINER ), DirectoryAdminName = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_USER ), DirectoryAdminPassword = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_PASSWORD ), DomainName = TestHelpers.GetProperties( typeof (ActiveDirectoryConnector)).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_DOMAIN_NAME), LDAPHostName = TestHelpers.GetProperties( typeof (ActiveDirectoryConnector)).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_LDAPHOSTNAME), SearchContext = TestHelpers.GetProperties( typeof (ActiveDirectoryConnector)).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_SEARCH_CONTEXT), SyncDomainController = TestHelpers.GetProperties( typeof (ActiveDirectoryConnector)).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_SYNC_DOMAIN_CONTROLLER), SyncGlobalCatalogServer = TestHelpers.GetProperties( typeof (ActiveDirectoryConnector)).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_GC_DOMAIN_CONTROLLER) }; return config; }
internal PasswordChangeHandler(ActiveDirectoryConfiguration configuration) { _configuration = configuration; }
/// <summary> /// This does not work ... for now, don't handle container changes /// </summary> /// <param name="type"></param> /// <param name="directoryEntry"></param> /// <param name="attributes"></param> /// <param name="config"></param> private static void HandleContainerChange(UpdateType type, DirectoryEntry directoryEntry, ICollection<ConnectorAttribute> attributes, ActiveDirectoryConfiguration config) { Name nameAttribute = ConnectorAttributeUtil.GetNameFromAttributes(attributes); if(nameAttribute == null) { // no name, so must not be a container change return; } if (!type.Equals(UpdateType.REPLACE)) { // this only make sense for replace. you can't // add a name or delete a name return; } String oldContainer = GetParentDn(directoryEntry.Path); String newContainer = GetParentDn(nameAttribute.GetNameValue()); if (!NormalizeLdapString(oldContainer).Equals(NormalizeLdapString(newContainer), StringComparison.OrdinalIgnoreCase)) { if (newContainer != null) { try { if (!NormalizeLdapString(oldContainer).Equals( NormalizeLdapString(newContainer), StringComparison.OrdinalIgnoreCase)) { String newContainerLdapPath = ActiveDirectoryUtils.GetLDAPPath( config.LDAPHostName, newContainer); DirectoryEntry newContainerDe = new DirectoryEntry(newContainerLdapPath, config.DirectoryAdminName, config.DirectoryAdminPassword); directoryEntry.MoveTo(newContainerDe); newContainerDe.Dispose(); } } catch (Exception e) { throw e; } } } }
internal AuthenticationHelper(ActiveDirectoryConfiguration configuration) { _configuration = configuration; }
public void TestProperties() { var sut = new ActiveDirectoryConfiguration { ConnectorMessages = TestHelpers.CreateDummyMessages() }; var container = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_CONTAINER); sut.Container = container; Assert.AreEqual(container, sut.Container, "Container"); //test with the negate of the default value var createHomeDirectory = !sut.CreateHomeDirectory; sut.CreateHomeDirectory = createHomeDirectory; Assert.AreEqual(createHomeDirectory, sut.CreateHomeDirectory, "CreateHomeDirectory"); var directoryAdminName = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_USER); sut.DirectoryAdminName = directoryAdminName; Assert.AreEqual(directoryAdminName, sut.DirectoryAdminName, "DirectoryAdminName"); var directoryAdminPassword = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_PASSWORD); sut.DirectoryAdminPassword = directoryAdminPassword; Assert.AreEqual(directoryAdminPassword, sut.DirectoryAdminPassword, "DirectoryAdminPassword"); var domainName = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_DOMAIN_NAME); sut.DomainName = domainName; Assert.AreEqual(domainName, sut.DomainName, "DomainName"); var ldapHostName = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_LDAPHOSTNAME); sut.LDAPHostName = ldapHostName; Assert.AreEqual(ldapHostName, sut.LDAPHostName, "LDAPHostName"); const string objectClassName = "DOES NOT MATTER"; sut.ObjectClass = objectClassName; Assert.AreEqual(objectClassName, sut.ObjectClass, "ObjectClass"); //test with the negate of the default value var searchChildDomains = !sut.SearchChildDomains; sut.SearchChildDomains = searchChildDomains; Assert.AreEqual(searchChildDomains, sut.SearchChildDomains, "SearchChildDomains"); var searchContext = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_SEARCH_CONTEXT); sut.SearchContext = searchContext; Assert.AreEqual(searchContext, sut.SearchContext, "SearchContext"); var syncDomainController = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_SYNC_DOMAIN_CONTROLLER); sut.SyncDomainController = syncDomainController; Assert.AreEqual(syncDomainController, sut.SyncDomainController, "SyncDomainController"); var syncGlobalCatalogServer = TestHelpers.GetProperties( typeof(ActiveDirectoryConnector)).GetProperty <string>(ConfigHelper.CONFIG_PROPERTY_GC_DOMAIN_CONTROLLER); sut.SyncGlobalCatalogServer = syncGlobalCatalogServer; Assert.AreEqual(syncGlobalCatalogServer, sut.SyncGlobalCatalogServer, "SyncGlobalCatalogServer"); }
/// <summary> /// </summary> /// <param name="type"></param> /// <param name="directoryEntry"></param> /// <param name="attributes"></param> /// <param name="config"></param> private static void HandleNameAndContainerChange(UpdateType type, DirectoryEntry directoryEntry, ICollection <ConnectorAttribute> attributes, ActiveDirectoryConfiguration config) { Name nameAttribute = ConnectorAttributeUtil.GetNameFromAttributes(attributes); if (nameAttribute == null) { // no name, so must not be a container change return; } if (!type.Equals(UpdateType.REPLACE)) { // this only make sense for replace. you can't // add a name or delete a name return; } String oldName = directoryEntry.Name; String newName = GetRelativeName(nameAttribute); bool nameChanged = !NormalizeLdapString(oldName).Equals(NormalizeLdapString(newName), StringComparison.OrdinalIgnoreCase); String oldContainer = GetParentDn(directoryEntry.Path); String newContainer = GetParentDn(nameAttribute.GetNameValue()); bool containerChanged = !NormalizeLdapString(oldContainer).Equals(NormalizeLdapString(newContainer), StringComparison.OrdinalIgnoreCase); if (!nameChanged && !containerChanged) { return; } if (nameChanged && !containerChanged) // rename without moving { LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming {0} to {1}", oldName, newName); directoryEntry.Rename(newName); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK"); return; } // so this is move with or without rename // step 1: if WITH rename, we have to rename the entry to a temporary name first String temporaryName = null; if (nameChanged) { temporaryName = oldName + "-" + RandomStr(); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming {0} to a temporary name of {1}", oldName, temporaryName); directoryEntry.Rename(temporaryName); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK"); } // step 2: do the move try { String newContainerLdapPath = ActiveDirectoryUtils.GetLDAPPath(config.LDAPHostName, newContainer); DirectoryEntry newContainerDe = new DirectoryEntry(newContainerLdapPath, config.DirectoryAdminName, config.DirectoryAdminPassword); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Moving from {0} to {1} ({2})", oldContainer, newContainer, newContainerLdapPath); directoryEntry.MoveTo(newContainerDe); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Move OK"); newContainerDe.Dispose(); } catch (Exception e) { LOGGER.TraceEvent(TraceEventType.Information, CAT_DEFAULT, "Exception caught when moving: {0}", e); if (nameChanged) { LOGGER.TraceEvent(TraceEventType.Information, CAT_DEFAULT, "Renaming back from temporary name of {0} to {1}", temporaryName, oldName); directoryEntry.Rename(oldName); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK"); } throw e; } // step 3: if WITH rename, then rename from temporary name to the new name if (nameChanged) { LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Renaming from temporary name of {0} to a new name of {1}", temporaryName, newName); directoryEntry.Rename(newName); LOGGER.TraceEvent(TraceEventType.Verbose, CAT_DEFAULT, "Rename OK"); } }
/// <summary> /// Updates an AD object (also called by create after object is created) /// </summary> /// <param name="oclass"></param> /// <param name="directoryEntry"></param> /// <param name="attributes"></param> /// <param name="type"></param> /// <param name="config"></param> internal void UpdateADObject(ObjectClass oclass, DirectoryEntry directoryEntry, ICollection <ConnectorAttribute> attributes, UpdateType type, ActiveDirectoryConfiguration config) { if (oclass.Equals(ObjectClass.ACCOUNT)) { // translate attribute passed in foreach (ConnectorAttribute attribute in attributes) { // encountered problems when processing change password at the same time // as setting expired. It would be set to expired, but the change would // clear that. So we must ensure that expired comes last. if (OperationalAttributes.PASSWORD_EXPIRED_NAME.Equals(attribute.Name)) { continue; } AddConnectorAttributeToADProperties(oclass, directoryEntry, attribute, type); // Uncommenting the next line is very helpful in // finding mysterious errors. // Trace.TraceInformation("Committing after setting attribute {0} to {1}", attribute.Name, attribute.Value); // directoryEntry.CommitChanges(); } directoryEntry.CommitChanges(); // now do the password change. This is handled separately, because // it might be a user changing his own password, or it might be an // administrative change. GuardedString gsNewPassword = ConnectorAttributeUtil.GetPasswordValue(attributes); if (gsNewPassword != null) { GuardedString gsCurrentPassword = ConnectorAttributeUtil.GetCurrentPasswordValue(attributes); PasswordChangeHandler changeHandler = new PasswordChangeHandler(_configuration); if (gsCurrentPassword == null) { // just a normal password change changeHandler.changePassword(directoryEntry, gsNewPassword); } else { changeHandler.changePassword(directoryEntry, gsCurrentPassword, gsNewPassword); } UserAccountControl.Set(directoryEntry.Properties[ActiveDirectoryConnector.ATT_USER_ACOUNT_CONTROL], UserAccountControl.PASSWD_NOTREQD, false); directoryEntry.CommitChanges(); } // see note in loop above for explaination of this ConnectorAttribute expirePasswordAttribute = ConnectorAttributeUtil.Find( OperationalAttributes.PASSWORD_EXPIRED_NAME, attributes); if (expirePasswordAttribute != null) { AddConnectorAttributeToADProperties(oclass, directoryEntry, expirePasswordAttribute, type); directoryEntry.CommitChanges(); } /* * UserAccountControl.Set(directoryEntry.Properties[ActiveDirectoryConnector.ATT_USER_ACOUNT_CONTROL], * UserAccountControl.PASSWD_NOTREQD, false); */ directoryEntry.CommitChanges(); HandleNameAndContainerChange(type, directoryEntry, attributes, config); } else if (oclass.Equals(ActiveDirectoryConnector.groupObjectClass)) { // translate attribute passed in foreach (ConnectorAttribute attribute in attributes) { // Temporary // Trace.TraceInformation(String.Format("Setting attribute {0} to {1}", // attribute.Name, attribute.Value)); AddConnectorAttributeToADProperties(oclass, directoryEntry, attribute, type); // Uncommenting the next line is very helpful in // finding mysterious errors. // directoryEntry.CommitChanges(); } directoryEntry.CommitChanges(); HandleNameAndContainerChange(type, directoryEntry, attributes, config); } else if (oclass.Equals(ActiveDirectoryConnector.ouObjectClass)) { // translate attribute passed in foreach (ConnectorAttribute attribute in attributes) { // Temporary // Trace.TraceInformation(String.Format("Setting attribute {0} to {1}", // attribute.Name, attribute.Value)); AddConnectorAttributeToADProperties(oclass, directoryEntry, attribute, type); // Uncommenting the next line is very helpful in // finding mysterious errors. // directoryEntry.CommitChanges(); } directoryEntry.CommitChanges(); HandleNameAndContainerChange(type, directoryEntry, attributes, config); } else { String objectClassName = GetADObjectClass(oclass); // translate attribute passed in foreach (ConnectorAttribute attribute in attributes) { // Temporary // Trace.TraceInformation(String.Format("Setting attribute {0} to {1}", // attribute.Name, attribute.Value)); AddConnectorAttributeToADProperties(oclass, directoryEntry, attribute, type); // Uncommenting the next line is very helpful in // finding mysterious errors. // directoryEntry.CommitChanges(); } directoryEntry.CommitChanges(); HandleNameAndContainerChange(type, directoryEntry, attributes, config); } }
public void TestProperties() { var sut = new ActiveDirectoryConfiguration { ConnectorMessages = TestHelpers.CreateDummyMessages() }; var container = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_CONTAINER ); sut.Container = container; Assert.AreEqual( container, sut.Container, "Container" ); //test with the negate of the default value var createHomeDirectory = !sut.CreateHomeDirectory; sut.CreateHomeDirectory = createHomeDirectory; Assert.AreEqual( createHomeDirectory, sut.CreateHomeDirectory, "CreateHomeDirectory" ); var directoryAdminName = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_USER ); sut.DirectoryAdminName = directoryAdminName; Assert.AreEqual( directoryAdminName, sut.DirectoryAdminName, "DirectoryAdminName" ); var directoryAdminPassword = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_PASSWORD ); sut.DirectoryAdminPassword = directoryAdminPassword; Assert.AreEqual( directoryAdminPassword, sut.DirectoryAdminPassword, "DirectoryAdminPassword" ); var domainName = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_DOMAIN_NAME ); sut.DomainName = domainName; Assert.AreEqual( domainName, sut.DomainName, "DomainName" ); var ldapHostName = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_LDAPHOSTNAME ); sut.LDAPHostName = ldapHostName; Assert.AreEqual( ldapHostName, sut.LDAPHostName, "LDAPHostName" ); const string objectClassName = "DOES NOT MATTER"; sut.ObjectClass = objectClassName; Assert.AreEqual( objectClassName, sut.ObjectClass, "ObjectClass" ); //test with the negate of the default value var searchChildDomains = !sut.SearchChildDomains; sut.SearchChildDomains = searchChildDomains; Assert.AreEqual( searchChildDomains, sut.SearchChildDomains, "SearchChildDomains" ); var searchContext = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_SEARCH_CONTEXT ); sut.SearchContext = searchContext; Assert.AreEqual( searchContext, sut.SearchContext, "SearchContext" ); var syncDomainController = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_SYNC_DOMAIN_CONTROLLER ); sut.SyncDomainController = syncDomainController; Assert.AreEqual( syncDomainController, sut.SyncDomainController, "SyncDomainController" ); var syncGlobalCatalogServer = TestHelpers.GetProperties( typeof( ActiveDirectoryConnector ) ).GetProperty<string>( ConfigHelper.CONFIG_PROPERTY_GC_DOMAIN_CONTROLLER ); sut.SyncGlobalCatalogServer = syncGlobalCatalogServer; Assert.AreEqual( syncGlobalCatalogServer, sut.SyncGlobalCatalogServer, "SyncGlobalCatalogServer" ); }