AppStd/Modules
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update active directory interface to sync to mssql and to sync custom attributes

Browse Source
This commit is contained in:
Jonathan Jenne
2019-04-17 16:29:44 +02:00
parent 32b000c947
commit 0374016cde
10 changed files with 437 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

185
Modules.Interfaces/ActiveDirectoryInterface.vb
View File

@@ -6,9 +6,11 @@ Imports DigitalData.Modules.Logging
Public Class ActiveDirectoryInterface
Private _logConfig As LogConfig
Private _logger As Logger
Private _firebird As Firebird
Private _rootPath As String
Private ReadOnly _firebird As Firebird
Private ReadOnly _mssql As MSSQLServer
Private ReadOnly _rootPath As String
Private _rootNode As DirectoryEntry
Private Const SEARCH_LIMIT = 50000
@@ -21,10 +23,11 @@ Public Class ActiveDirectoryInterface
Private Const NAME = "name"
Private Const OBJECTCATEGORY = "objectCategory"
Public Sub New(LogConfig As LogConfig, Firebird As Firebird, Optional RootPath As String = Nothing)
Public Sub New(LogConfig As LogConfig, Firebird As Firebird, MSSQL As MSSQLServer, Optional RootPath As String = Nothing)
_logConfig = LogConfig
_logger = _logConfig.GetLogger()
_firebird = Firebird
_mssql = MSSQL
If RootPath Is Nothing Then
_rootPath = $"LDAP://{Environment.UserDomainName}"
@@ -34,13 +37,21 @@ Public Class ActiveDirectoryInterface
End Sub
Public Function SyncUsersForGroup(GroupName As String) As List(Of ADUser)
Return SyncUsersForGroup(GroupName, New List(Of AttributeMapping))
End Function
Public Function SyncUsersForGroup(GroupName As String, AttributeMappings As List(Of AttributeMapping)) As List(Of ADUser)
Dim oUsers As New List(Of ADUser)
Dim oSyncedUsers As New List(Of ADUser)
Dim oGroupId As Int64 = Nothing
Dim oFirebirdSync As New SyncUsers.Firebird(_logConfig, _firebird)
Dim oSQLSync As New SyncUsers.MSSQL(_logConfig, _mssql)
Dim oSyncedUsersFirebird, oSyncedUsersMSSQL As List(Of ADUser)
Try
_logger.Debug("Fetching users from ActiveDirectory")
oUsers = ListUsers(GroupName)
oUsers = ListUsers(GroupName, AttributeMappings)
_logger.Debug("Found {0} users", oUsers.Count)
Catch ex As Exception
_logger.Error(ex)
@@ -49,66 +60,22 @@ Public Class ActiveDirectoryInterface
If oUsers.Count = 0 Then
_logger.Debug("Group {0} does not contain any users.", GroupName)
Return oSyncedUsers
Return oUsers
End If
Try
_logger.Debug("Getting group Id for group {0}", GroupName)
oGroupId = GetGroupId(GroupName)
' Do the actual sync into firebird
If _firebird IsNot Nothing Then
oSyncedUsersFirebird = oFirebirdSync.SyncUsers(GroupName, oUsers, AttributeMappings)
_logger.Info("Synced {0} users to Firebird", oSyncedUsersFirebird.Count)
End If
If oGroupId = 0 Then
_logger.Warn("Group {0} does not exist in database. Exiting", GroupName)
Return Nothing
End If
' Do the actual sync into MSSQL
If _mssql IsNot Nothing Then
oSyncedUsersMSSQL = oSQLSync.SyncUsers(GroupName, oUsers, AttributeMappings)
_logger.Info("Synced {0} users to MSSQLServer", oSyncedUsersMSSQL.Count)
End If
_logger.Debug("Using group Id {0}", oGroupId)
Catch ex As Exception
_logger.Error(ex)
Return Nothing
End Try
For Each oUser In oUsers
Dim oUserId As Int64
Dim oUserExists As Boolean = False
' Check if user already exists
Try
_logger.Debug("Checking if user {0} exists", oUser)
oUserId = GetUserId(oUser.samAccountName)
oUserExists = Not IsNothing(oUserId)
_logger.Debug("User {0} exists in database: ", oUser, oUserExists)
Catch ex As Exception
_logger.Error(ex)
_logger.Warn("Could not get UserId for user. Skipping")
Continue For
End Try
' I user does not exist, create a new user
Try
If Not oUserExists Then
_logger.Debug("Creating new user for {0}", oUser)
oUserId = CreateUser(oUser)
_logger.Debug("User created with Id {0}", oUserId)
End If
Catch ex As Exception
_logger.Error(ex)
_logger.Warn("Could not create user. Skipping")
Continue For
End Try
' Add the user to group
Try
AddUserToGroup(oUserId, oGroupId)
Catch ex As Exception
_logger.Error(ex)
_logger.Warn("Could not add user to group. Skipping")
Continue For
End Try
oSyncedUsers.Add(oUser)
Next
Return oSyncedUsers
Return oUsers
End Function
Public Function Authenticate() As Boolean
@@ -162,6 +129,10 @@ Public Class ActiveDirectoryInterface
End Function
Public Function ListUsers(GroupName As String) As List(Of ADUser)
Return ListUsers(GroupName, New List(Of AttributeMapping))
End Function
Public Function ListUsers(GroupName As String, AttributeMappings As List(Of AttributeMapping)) As List(Of ADUser)
Dim oUsers As New List(Of ADUser)
Try
@@ -176,15 +147,33 @@ Public Class ActiveDirectoryInterface
For Each oMember As Principal In oMembers
If TypeOf oMember Is UserPrincipal Then
Dim oUser As UserPrincipal = DirectCast(oMember, UserPrincipal)
Dim oUserEx As UserPrincipalEx = UserPrincipalEx.FindByIdentity(oContext, oUser.SamAccountName)
Dim oCustomAttributes As New List(Of ADUser.CustomAttribute)
For Each oMap As AttributeMapping In AttributeMappings
Dim oAttributeValue = oUserEx.GetAttributeValue(oMap.AttributeName)
If oAttributeValue <> String.Empty Then
_logger.Debug("Attribute {0} is not empty.", oMap.AttributeName)
oCustomAttributes.Add(New ADUser.CustomAttribute() With {
.Name = oMap.AttributeName,
.Value = oAttributeValue,
.FirebirdSyskey = oMap.FirebirdSyskey,
.MSSQLColumn = oMap.MSSQLColumn
})
End If
Next
oUsers.Add(New ADUser() With {
.GUID = oUser.Guid,
.SId = oUser.Sid,
.samAccountName = oUser.SamAccountName,
.Surname = oUser.Surname,
.Middlename = oUser.MiddleName,
.GivenName = oUser.GivenName,
.Email = oUser.EmailAddress
.GUID = oUserEx.Guid,
.SId = oUserEx.Sid,
.samAccountName = oUserEx.SamAccountName,
.Surname = oUserEx.Surname,
.Middlename = oUserEx.MiddleName,
.GivenName = oUserEx.GivenName,
.Email = oUserEx.EmailAddress,
.CustomAttributes = oCustomAttributes
})
End If
Next
@@ -199,68 +188,6 @@ Public Class ActiveDirectoryInterface
End Try
End Function
Private Function GetGroupId(GroupName As String) As Integer
Try
Dim oSQL As String = $"SELECT FNICM_GET_RECORD4SYSKEY('{GroupName}','002-NAME') from RDB$DATABASE"
Dim oGroupId = _firebird.GetScalarValue(oSQL)
If IsDBNull(oGroupId) OrElse oGroupId = 0 Then
_logger.Debug("Group {0} not found in database", GroupName)
Return Nothing
End If
Return oGroupId
Catch ex As Exception
_logger.Error(ex)
Throw ex
End Try
End Function
Private Function GetUserId(UserName As String) As Integer
Try
Dim oSQL As String = $"SELECT FNICM_GET_RECORD4SYSKEY('{UserName}','001-USRNAME') from RDB$DATABASE"
Dim oResult = _firebird.GetScalarValue(oSQL)
If IsDBNull(oResult) Then
Return Nothing
End If
Return oResult
Catch ex As Exception
_logger.Error(ex)
Throw ex
End Try
End Function
Private Function CreateUser(User As ADUser) As Int64
Try
Dim oSQL = $"SELECT FNICM_RADM_NEW_USER('{User.GivenName}', '{User.Surname}', '{User.samAccountName}', 'AD-Sync') from RDB$DATABASE"
Dim oUserId As Integer = _firebird.GetScalarValue(oSQL)
Return oUserId
Catch ex As Exception
_logger.Error(ex)
Throw ex
End Try
End Function
Private Function AddUserToGroup(UserId As Integer, GroupId As Integer) As Int64
Try
Dim oSQL = $"SELECT FNICM_RADM_NEW_USER2GROUP({UserId}, {GroupId}, 'AD-Sync') from RDB$DATABASE"
Dim oRecordId = _firebird.GetScalarValue(oSQL)
If IsDBNull(oRecordId) Then
_logger.Warn("UserId {0} - GroupId {1} relation already exists.", UserId, GroupId)
Return Nothing
End If
Return oRecordId
Catch ex As Exception
_logger.Error(ex)
Throw ex
End Try
End Function
Private Function GetRootNode() As DirectoryEntry
Dim oEntry As New DirectoryEntry(_rootPath) With {
.AuthenticationType = AuthenticationTypes.Secure,