public override void ProcessDelete(String cacheId, PluginConnectorBaseDeployPackage package, Dictionary <String, Object> config, List <PluginConnectorBaseDeployPackageMapping> fieldMapping) { if (!CheckInputConfig(config, true, Log)) { return; } try { LocalWindows lWin = new LocalWindows(config["server"].ToString(), config["username"].ToString(), config["password"].ToString()); try { lWin.Bind(); } catch (Exception ex) { Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on connect to Windows '" + config["server"].ToString() + "': " + ex.Message, ""); lWin = null; return; } String login = package.login; String container = package.container; if (login == "") { Log2(this, PluginLogType.Error, package.entityId, package.identityId, "IAM Login not found in properties list", ""); return; } if (container == "") { container = "IAMUsers"; } DirectoryEntry user = lWin.FindUser(package.login); if (user == null) { Log2(this, PluginLogType.Warning, package.entityId, package.identityId, "User not found", ""); return; } user.Parent.Children.Remove(user); NotityDeletedUser(this, package.entityId, package.identityId); if (package.password != "") { Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User updated with password", ""); } else { Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User updated without password", ""); } } catch (Exception ex) { Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on process deploy: " + ex.Message, ""); } }
public override void ProcessDeploy(String cacheId, PluginConnectorBaseDeployPackage package, Dictionary <String, Object> config, List <PluginConnectorBaseDeployPackageMapping> fieldMapping) { if (!CheckInputConfig(config, true, Log)) { return; } StringBuilder logText = new StringBuilder(); try { WindowsPrincipal pricipal = new WindowsPrincipal(WindowsIdentity.GetCurrent()); logText.AppendLine("Current user: "******"Has administrative right: " + pricipal.IsInRole(WindowsBuiltInRole.Administrator)); } catch { } try { if (package.login.Length > 20) { throw new Exception("Maximum size of login name reached, this method support up to 20 characters."); } LocalWindows lWin = new LocalWindows(config["server"].ToString(), config["username"].ToString(), config["password"].ToString()); try { lWin.Bind(); } catch (Exception ex) { Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on connect to Windows '" + config["server"].ToString() + "': " + ex.Message + (ex.InnerException != null ? ex.InnerException.Message : ""), ""); lWin = null; return; } logText.AppendLine("Successfully connected on " + config["server"].ToString()); String login = package.login; if (login == "") { Log2(this, PluginLogType.Error, package.entityId, package.identityId, "IAM Login not found in properties list", ""); return; } logText.AppendLine("Trying to find user '" + package.login + "'..."); DirectoryEntry user = lWin.FindUser(package.login); if (user == null) { logText.AppendLine("User not found, creating..."); //Usuário não encontrado, cria if (package.password == "") { package.password = IAM.Password.RandomPassword.Generate(16); Log2(this, PluginLogType.Warning, package.entityId, package.identityId, "User not found in AD and IAM Password not found in properties list, creating a random password (" + package.password + ")", ""); } //Primeira senha define uma randômica de 20 caracteres para passar o sistema de complexidade e não apresentar erro //nos próximos passos será tentato trocar a senha lWin.AddUser(package.login, IAM.Password.RandomPassword.Generate(20)); user = lWin.FindUser(package.login); Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User added", ""); } else { logText.AppendLine("User founded"); } logText.AppendLine("User path: " + user.Path); try { UserFlags ctrl = (UserFlags)user.InvokeGet("userFlags"); //Limpa as flags que serão verificadas por este sistema if ((ctrl & UserFlags.ACCOUNTDISABLE) == UserFlags.ACCOUNTDISABLE) { ctrl -= UserFlags.ACCOUNTDISABLE; } if ((package.locked) || (package.temp_locked)) { ctrl = (UserFlags)((Int32)ctrl + UserFlags.ACCOUNTDISABLE); } logText.AppendLine("Setting user flags..."); user.Invoke("Put", new object[] { "UserFlags", (Int32)ctrl }); user.CommitChanges(); } catch (Exception ex) { logText.AppendLine("Error applying user flags: " + ex.Message); user = lWin.FindUser(package.login); } try { logText.AppendLine("Setting user password..."); if (!String.IsNullOrWhiteSpace(package.password)) { user.Invoke("SetPassword", new Object[] { package.password }); } user.CommitChanges(); } catch (Exception ex) { String sPs = ""; try { PasswordStrength ps = CheckPasswordStrength(package.password, package.fullName.fullName); sPs += "Length = " + package.password.Length + Environment.NewLine; sPs += "Contains Uppercase? " + ps.HasUpperCase + Environment.NewLine; sPs += "Contains Lowercase? " + ps.HasLowerCase + Environment.NewLine; sPs += "Contains Symbol? " + ps.HasSymbol + Environment.NewLine; sPs += "Contains Number? " + ps.HasDigit + Environment.NewLine; sPs += "Contains part of the name/username? " + ps.HasNamePart + Environment.NewLine; } catch { } Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on set user password, check the password complexity rules", ex.Message + (ex.InnerException != null ? " " + ex.InnerException.Message : "") + Environment.NewLine + sPs); return; } try { logText.AppendLine("Setting user access..."); //Executa as ações do RBAC if ((package.pluginAction != null) && (package.pluginAction.Count > 0)) { foreach (PluginConnectorBaseDeployPackageAction act in package.pluginAction) { try { switch (act.actionKey.ToLower()) { case "group": if (act.actionType == PluginActionType.Add) { String grpCN = lWin.FindOrCreateGroup(act.actionValue); if (lWin.AddUserToGroup(user.Name, grpCN)) { Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User added in group " + act.actionValue + " by role " + act.roleName, ""); } } else if (act.actionType == PluginActionType.Remove) { String grpCN = lWin.FindOrCreateGroup(act.actionValue); if (lWin.RemoveUserFromGroup(user.Name, grpCN)) { Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User removed from group " + act.actionValue + " by role " + act.roleName, ""); } } break; default: Log2(this, PluginLogType.Warning, package.entityId, package.identityId, "Action not recognized: " + act.actionKey, ""); break; } } catch (Exception ex) { Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on execute action (" + act.actionKey + "): " + ex.Message, ""); } } } } finally { user.Close(); } NotityChangeUser(this, package.entityId); if (package.password != "") { Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User updated with password", ""); } else { Log2(this, PluginLogType.Information, package.entityId, package.identityId, "User updated without password", ""); } } catch (Exception ex) { logText.AppendLine("Error: " + ex.Message); if (ex.InnerException != null) { logText.AppendLine(ex.InnerException.Message); } logText.AppendLine(""); logText.AppendLine(""); logText.AppendLine(""); logText.AppendLine("### Package details"); String debugInfo = JSON.Serialize2(new { package = package, fieldMapping = fieldMapping }); if (package.password != "") { debugInfo = debugInfo.Replace(package.password, "Replaced for user security"); } logText.AppendLine(debugInfo); Log2(this, PluginLogType.Error, package.entityId, package.identityId, "Error on process deploy: " + ex.Message, logText.ToString()); logText = null; } }