AppStd/Modules
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add surname and guid to users, filter users and groups

Browse Source
This commit is contained in:
Jonathan Jenne 2019-11-08 14:52:15 +01:00
parent faa86ed0be
commit 68dfc365ee
5 changed files with 75 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
GUIs.Test.ADSyncTest/Form1.vb
View File

@ -19,14 +19,14 @@ Public Class Form1
_firebird = New Firebird(_logConfig, "172.24.12.41", "172.24.12.41:E:\DB\Firebird\Databases\DD_ICM.fdb", "sysdba", "dd") _firebird = New Firebird(_logConfig, "172.24.12.41", "172.24.12.41:E:\DB\Firebird\Databases\DD_ICM.fdb", "sysdba", "dd")
_sql = New MSSQLServer(_logConfig, "Server=172.24.12.41\tests;Database=DD_ECM_TEST;User Id=sa; Password=dd") _sql = New MSSQLServer(_logConfig, "Server=172.24.12.41\tests;Database=DD_ECM_TEST;User Id=sa; Password=dd")
_sync = New ActiveDirectoryInterface(_logConfig, Nothing, _sql) _sync = New ActiveDirectoryInterface(_logConfig)
_sync.Authenticate() _sync.Authenticate()
End Sub End Sub
Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
Dim oGroup As String = ListBox1.SelectedItem Dim oGroup As String = ListBox1.SelectedItem
Dim oAttributeMappings = GetAttributeMappings() Dim oAttributeMappings = GetAttributeMappings()
_sync.SyncUsersForGroup(oGroup, oAttributeMappings) _sync.SyncUsersForGroup(oGroup, oAttributeMappings, _firebird, _sql)
End Sub End Sub
Private Sub Button2_Click(sender As Object, e As EventArgs) Handles Button2.Click Private Sub Button2_Click(sender As Object, e As EventArgs) Handles Button2.Click

69
Modules.Interfaces/ActiveDirectoryInterface.vb
View File

@ -1,5 +1,6 @@
Imports System.DirectoryServices Imports System.DirectoryServices
Imports System.DirectoryServices.AccountManagement Imports System.DirectoryServices.AccountManagement
Imports System.Text.RegularExpressions
Imports DigitalData.Modules.Database Imports DigitalData.Modules.Database
Imports DigitalData.Modules.Logging Imports DigitalData.Modules.Logging
@ -11,6 +12,7 @@ Public Class ActiveDirectoryInterface
Private ReadOnly _mssql As MSSQLServer Private ReadOnly _mssql As MSSQLServer
Private ReadOnly _rootPath As String Private ReadOnly _rootPath As String
Private _rootNode As DirectoryEntry Private _rootNode As DirectoryEntry
Private Const SEARCH_LIMIT = 50000 Private Const SEARCH_LIMIT = 50000
@ -23,31 +25,31 @@ Public Class ActiveDirectoryInterface
Private Const NAME = "name" Private Const NAME = "name"
Private Const OBJECTCATEGORY = "objectCategory" Private Const OBJECTCATEGORY = "objectCategory"
Public Sub New(LogConfig As LogConfig, Firebird As Firebird, MSSQL As MSSQLServer, Optional RootPath As String = Nothing) Public Const DEFAULT_USER_FILTER = "(&(objectClass=user)(samAccountName=@SAMACCOUNTNAME)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))"
Public Const DEFAULT_GROUP_FILTER = "(&(objectClass=group) (samAccountName=*))"
Public Sub New(LogConfig As LogConfig, Optional RootPath As String = Nothing)
_logConfig = LogConfig _logConfig = LogConfig
_logger = _logConfig.GetLogger() _logger = _logConfig.GetLogger()
_firebird = Firebird
_mssql = MSSQL
If RootPath Is Nothing Then If RootPath Is Nothing Then
_rootPath = $"LDAP://{Environment.UserDomainName}" _rootPath = $"LDAP://{Environment.UserDomainName}"
Else Else
_rootPath = RootPath _rootPath = RootPath
End If End If
_logger.Info("Using RootPath {0}", _rootPath) _logger.Info("Using RootPath {0}", _rootPath)
End Sub End Sub
Public Function SyncUsersForGroup(GroupName As String) As List(Of ADUser) Public Function SyncUsersForGroup(GroupName As String, Firebird As Firebird, MSSQL As MSSQLServer) As List(Of ADUser)
Try Try
Return SyncUsersForGroup(GroupName, New List(Of AttributeMapping)) Return SyncUsersForGroup(GroupName, New List(Of AttributeMapping), Firebird, MSSQL)
Catch ex As Exception Catch ex As Exception
_logger.Error(ex) _logger.Error(ex)
Return Nothing Return Nothing
End Try End Try
End Function End Function
Public Function SyncUsersForGroup(GroupName As String, AttributeMappings As List(Of AttributeMapping)) As List(Of ADUser) Public Function SyncUsersForGroup(GroupName As String, AttributeMappings As List(Of AttributeMapping), Firebird As Firebird, MSSQL As MSSQLServer, Optional Filter As String = DEFAULT_USER_FILTER) As List(Of ADUser)
Dim oUsers As New List(Of ADUser) Dim oUsers As New List(Of ADUser)
Dim oSyncedUsers As New List(Of ADUser) Dim oSyncedUsers As New List(Of ADUser)
Dim oGroupId As Int64 = Nothing Dim oGroupId As Int64 = Nothing
@ -58,7 +60,7 @@ Public Class ActiveDirectoryInterface
Try Try
_logger.Debug("Fetching users from ActiveDirectory") _logger.Debug("Fetching users from ActiveDirectory")
oUsers = ListUsers(GroupName, AttributeMappings) oUsers = ListUsers(GroupName, AttributeMappings, Filter)
_logger.Debug("Found {0} users", oUsers.Count) _logger.Debug("Found {0} users", oUsers.Count)
Catch ex As Exception Catch ex As Exception
_logger.Error(ex) _logger.Error(ex)
@ -116,10 +118,12 @@ Public Class ActiveDirectoryInterface
End Try End Try
End Function End Function
Public Function ListGroups(Optional Query As String = "(&(objectClass=group) (samAccountName=*))") As List(Of ADGroup) Public Function ListGroups(Optional Query As String = DEFAULT_GROUP_FILTER) As List(Of ADGroup)
Return ListGroups(_rootNode, Query) Return ListGroups(_rootNode, Query)
End Function End Function
Public Function ListGroups(RootNode As DirectoryEntry, Optional Query As String = "(&(objectClass=group) (samAccountName=*))") As List(Of ADGroup)
Public Function ListGroups(RootNode As DirectoryEntry, Optional Query As String = DEFAULT_GROUP_FILTER) As List(Of ADGroup)
Dim oGroups As New List(Of ADGroup) Dim oGroups As New List(Of ADGroup)
Try Try
@ -139,11 +143,11 @@ Public Class ActiveDirectoryInterface
End Try End Try
End Function End Function
Public Function ListUsers(GroupName As String) As List(Of ADUser) Public Function ListUsers(GroupName As String, Optional Filter As String = DEFAULT_USER_FILTER) As List(Of ADUser)
Return ListUsers(GroupName, New List(Of AttributeMapping)) Return ListUsers(GroupName, New List(Of AttributeMapping), Filter)
End Function End Function
Public Function ListUsers(GroupName As String, AttributeMappings As List(Of AttributeMapping)) As List(Of ADUser) Public Function ListUsers(GroupName As String, AttributeMappings As List(Of AttributeMapping), Optional Filter As String = DEFAULT_USER_FILTER) As List(Of ADUser)
Dim oUsers As New List(Of ADUser) Dim oUsers As New List(Of ADUser)
Try Try
@ -161,9 +165,14 @@ Public Class ActiveDirectoryInterface
Try Try
If TypeOf oMember Is UserPrincipal Then If TypeOf oMember Is UserPrincipal Then
Dim oUser As UserPrincipal = DirectCast(oMember, UserPrincipal) Dim oUser As UserPrincipal = DirectCast(oMember, UserPrincipal)
Dim oUserEx As UserPrincipalEx = UserPrincipalEx.FindByIdentity(oContext, oUser.SamAccountName) Dim oUserEx As UserPrincipalEx = UserPrincipalEx.FindByIdentity(oContext, IdentityType.SamAccountName, oUser.SamAccountName)
Dim oCustomAttributes As New List(Of ADUser.CustomAttribute) Dim oCustomAttributes As New List(Of ADUser.CustomAttribute)
If FindUserWithFilter(oUserEx, Filter) = False Then
_logger.Debug("User '{0}' was skipped out due to user filter.", oUserEx.SamAccountName)
Continue For
End If
' TODO: Figure out why oUserEx can be nothing for certain users ' TODO: Figure out why oUserEx can be nothing for certain users
If oUserEx IsNot Nothing Then If oUserEx IsNot Nothing Then
For Each oMap As AttributeMapping In AttributeMappings For Each oMap As AttributeMapping In AttributeMappings
@ -191,6 +200,8 @@ Public Class ActiveDirectoryInterface
.samAccountName = oUser.SamAccountName, .samAccountName = oUser.SamAccountName,
.Middlename = oUser.MiddleName, .Middlename = oUser.MiddleName,
.GivenName = oUser.GivenName, .GivenName = oUser.GivenName,
.Surname = oUser.Surname,
.GUID = oUser.Guid,
.Email = oUser.EmailAddress, .Email = oUser.EmailAddress,
.CustomAttributes = oCustomAttributes .CustomAttributes = oCustomAttributes
} }
@ -213,6 +224,36 @@ Public Class ActiveDirectoryInterface
End Try End Try
End Function End Function
Public Function FindUserWithFilter(User As UserPrincipalEx, Filter As String) As Boolean
Dim oRootPath = String.Join(","c, User.DistinguishedName.Split(","c).Skip(1))
Dim oPlaceholder = "@SAMACCOUNTNAME"
Dim oEntry As New DirectoryEntry("LDAP://" & oRootPath) With {
.Username = Nothing,
.Password = Nothing,
.AuthenticationType = AuthenticationTypes.Secure
}
If Filter = String.Empty Then
_logger.Warn("FindUserWithFilter: Filter was empty, returning True for User {0}", User.SamAccountName)
Return True
End If
If Filter.Contains(oPlaceholder) Then
Filter = Filter.Replace(oPlaceholder, User.SamAccountName)
Else
_logger.Warn("FindUserWithFilter: Placeholder '{0}' was not found in filter. Results may not be correct.")
End If
Dim oSearcher As New DirectorySearcher(oEntry, Filter)
Dim oResult = oSearcher.FindOne()
If oResult Is Nothing Then
Return False
Else
Return True
End If
End Function
Private Function GetRootNode() As DirectoryEntry Private Function GetRootNode() As DirectoryEntry
Dim oEntry As New DirectoryEntry(_rootPath) With { Dim oEntry As New DirectoryEntry(_rootPath) With {
.AuthenticationType = AuthenticationTypes.Secure, .AuthenticationType = AuthenticationTypes.Secure,

7
Modules.Jobs/EDMI/ADSync/ADSyncArgs.vb
View File

@ -1,7 +1,14 @@
Public Class ADSyncArgs Public Class ADSyncArgs
Inherits JobArgs Inherits JobArgs
''' <summary>
''' LDAP URI that acts as the root node of searches, ex: LDAP://DIGITALDATA
''' </summary>
Public RootPath As String Public RootPath As String
Public UserFilter As String
Public GroupFilter As String
Public DisableFirebird As String Public DisableFirebird As String
Public DisableMSSQL As String Public DisableMSSQL As String
End Class End Class

6
Modules.Jobs/EDMI/ADSync/ADSyncJob.vb
View File

@ -16,7 +16,7 @@ Public Class ADSyncJob
Dim oJobName As String = [GetType]().Name Dim oJobName As String = [GetType]().Name
Try Try
Dim oSync = New ActiveDirectoryInterface(_LogConfig, _Firebird, _MSSQL, Arguments.RootPath) Dim oSync = New ActiveDirectoryInterface(_LogConfig, Arguments.RootPath)
_Logger.Info("Running job {0}", oJobName) _Logger.Info("Running job {0}", oJobName)
@ -25,13 +25,13 @@ Public Class ADSyncJob
Exit Sub Exit Sub
End If End If
Dim oGroups = GetGroups() Dim oGroups = GetGroups(Arguments.GroupFilter)
Dim oAttributeMappings = GetAttributeMappings() Dim oAttributeMappings = GetAttributeMappings()
_Logger.Debug("Found {0} Groups", oGroups) _Logger.Debug("Found {0} Groups", oGroups)
For Each oGroup In oGroups For Each oGroup In oGroups
_Logger.Debug("Syncing Group {0}", oGroup) _Logger.Debug("Syncing Group {0}", oGroup)
Dim oSyncedUsers = oSync.SyncUsersForGroup(oGroup, oAttributeMappings) Dim oSyncedUsers = oSync.SyncUsersForGroup(oGroup, oAttributeMappings, _Firebird, _MSSQL, Arguments.UserFilter)
If oSyncedUsers Is Nothing Then If oSyncedUsers Is Nothing Then
_Logger.Warn("Group {0} could not be synced!", oGroup) _Logger.Warn("Group {0} could not be synced!", oGroup)

8
Service.JobRunner/Jobs/ADJob.vb
View File

@ -17,6 +17,14 @@ Public Class ADJob
oADJobArgs.RootPath = oArgs.Item("RootPath") oADJobArgs.RootPath = oArgs.Item("RootPath")
End If End If
If oArgs.ContainsKey("UserFilter") Then
oADJobArgs.UserFilter = oArgs.Item("UserFilter")
End If
If oArgs.ContainsKey("GroupFilter") Then
oADJobArgs.GroupFilter = oArgs.Item("GroupFilter")
End If
If oArgs.ContainsKey("DisableFirebird") AndAlso oArgs.Item("DisableFirebird") = "True" Then If oArgs.ContainsKey("DisableFirebird") AndAlso oArgs.Item("DisableFirebird") = "True" Then
oFirebird = Nothing oFirebird = Nothing
End If End If