jj: Active Directory group fetching
This commit is contained in:
Jonathan Jenne
parent
4cae296541
commit
a52fa63476
@ -9,8 +9,10 @@ Public Class ClassActiveDirectory
|
|||||||
"Dns",
|
"Dns",
|
||||||
"Domänen-Gäste",
|
"Domänen-Gäste",
|
||||||
"Domänencomput",
|
"Domänencomput",
|
||||||
|
"Domänencontroller",
|
||||||
"Druck",
|
"Druck",
|
||||||
"Einstellungen eingehender",
|
"Einstellungen eingehender",
|
||||||
|
"Erstellungen",
|
||||||
"Ereignis",
|
"Ereignis",
|
||||||
"Gäst",
|
"Gäst",
|
||||||
"Hyper-V",
|
"Hyper-V",
|
||||||
@ -31,11 +33,15 @@ Public Class ClassActiveDirectory
|
|||||||
"Richtlinien-Ersteller",
|
"Richtlinien-Ersteller",
|
||||||
"SQLAccess",
|
"SQLAccess",
|
||||||
"Schreibgeschützte Domänen",
|
"Schreibgeschützte Domänen",
|
||||||
|
"Schlüsseladministratoren",
|
||||||
"Server-Operatore",
|
"Server-Operatore",
|
||||||
"Sicherungs",
|
"Sicherungs",
|
||||||
|
"Storage",
|
||||||
|
"System Managed",
|
||||||
"Terminalserver-Liz",
|
"Terminalserver-Liz",
|
||||||
"WinRMR",
|
"WinRMR",
|
||||||
"Windows-Auth",
|
"Windows-Auth",
|
||||||
|
"Unternehme",
|
||||||
"Zertifikat",
|
"Zertifikat",
|
||||||
"Zugriffssteuerungs",
|
"Zugriffssteuerungs",
|
||||||
"Zulässige"
|
"Zulässige"
|
||||||
@ -66,52 +72,54 @@ Public Class ClassActiveDirectory
|
|||||||
Dim results As SearchResultCollection = deSearch.FindAll()
|
Dim results As SearchResultCollection = deSearch.FindAll()
|
||||||
For Each r As SearchResult In results
|
For Each r As SearchResult In results
|
||||||
Try
|
Try
|
||||||
Dim groupName = r.GetDirectoryEntry.Name.Replace("CN=", "")
|
'Dim groupName = r.GetDirectoryEntry.Name.Replace("CN=", "")
|
||||||
|
Dim groupName = r.Properties.Item("samaccountname").Item(0)
|
||||||
|
|
||||||
If Not IsNothing(groupName) Then
|
If Not IsNothing(groupName) Then
|
||||||
Dim isValidGroup As Boolean = excludedGroupNames.Where(Function(excludedGroup)
|
Dim isExcluded = excludedGroupNames.Where(Function(excludedGroup)
|
||||||
Return Not (groupName.Contains(excludedGroup) Or groupName.StartsWith(excludedGroup))
|
Return (groupName.Contains(excludedGroup) Or groupName.StartsWith(excludedGroup))
|
||||||
End Function).Any()
|
End Function).Any()
|
||||||
|
|
||||||
If isValidGroup Then
|
If Not isExcluded Then
|
||||||
groups.Add(groupName)
|
groups.Add(groupName)
|
||||||
End If
|
End If
|
||||||
End If
|
End If
|
||||||
Catch
|
Catch ex As Exception
|
||||||
|
MsgBox("Error while fetching Active Directory groups", MsgBoxStyle.Critical)
|
||||||
End Try
|
End Try
|
||||||
Next
|
Next
|
||||||
|
|
||||||
Return groups
|
Return groups
|
||||||
End Function
|
End Function
|
||||||
|
|
||||||
Public Shared Function GetActiveDirectoryGroups(samAccountName As String) As List(Of String)
|
'Public Shared Function GetActiveDirectoryGroups(samAccountName As String) As List(Of String)
|
||||||
Dim groups As New List(Of String)
|
' Dim groups As New List(Of String)
|
||||||
Dim adRoot As New DirectoryEntry() With {
|
' Dim adRoot As New DirectoryEntry() With {
|
||||||
.AuthenticationType = AuthenticationTypes.Secure
|
' .AuthenticationType = AuthenticationTypes.Secure
|
||||||
}
|
' }
|
||||||
Dim user As DirectoryEntry = FindUser(adRoot, samAccountName)
|
' Dim user As DirectoryEntry = FindUser(adRoot, samAccountName)
|
||||||
|
|
||||||
If IsNothing(user) Then
|
' If IsNothing(user) Then
|
||||||
MsgBox($"Benutzer {samAccountName} wurde nicht in der Active Directory gefunden!")
|
' MsgBox($"Benutzer {samAccountName} wurde nicht in der Active Directory gefunden!")
|
||||||
Return groups
|
' Return groups
|
||||||
End If
|
' End If
|
||||||
|
|
||||||
user.RefreshCache(New String() {"tokenGroups"})
|
' user.RefreshCache(New String() {"tokenGroups"})
|
||||||
|
|
||||||
For Each tokenGroup As Byte() In user.Properties("tokenGroups")
|
' For Each tokenGroup As Byte() In user.Properties("tokenGroups")
|
||||||
Dim groupName As String = GetGroupNameFromTokenGroupEntry(adRoot, tokenGroup)
|
' Dim groupName As String = GetGroupNameFromTokenGroupEntry(adRoot, tokenGroup)
|
||||||
|
|
||||||
If Not IsNothing(groupName) Then
|
' If Not IsNothing(groupName) Then
|
||||||
Dim isValidGroup As Boolean = excludedGroupNames.Where(Function(excludedGroup) Not groupName.StartsWith(excludedGroup)).Any()
|
' Dim isValidGroup As Boolean = excludedGroupNames.Where(Function(excludedGroup) Not groupName.StartsWith(excludedGroup)).Any()
|
||||||
|
|
||||||
If isValidGroup Then
|
' If isValidGroup Then
|
||||||
groups.Add(groupName)
|
' groups.Add(groupName)
|
||||||
End If
|
' End If
|
||||||
End If
|
' End If
|
||||||
Next
|
' Next
|
||||||
|
|
||||||
Return groups
|
' Return groups
|
||||||
End Function
|
'End Function
|
||||||
|
|
||||||
Public Shared Function GetActiveDirectoryUsersForGroup(groupName As String) As List(Of UserPrincipal)
|
Public Shared Function GetActiveDirectoryUsersForGroup(groupName As String) As List(Of UserPrincipal)
|
||||||
Dim users As New List(Of UserPrincipal)
|
Dim users As New List(Of UserPrincipal)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user