PdActiveDirectory

PdActiveDirectory

using System;
using System.Collections.Generic;
using System.DirectoryServices;
using System.IO;
using System.Linq;
using System.Security.AccessControl;
using System.Text;

namespace PdMagic.Windows
{
    public class PdActiveDirectory
    {
        

        public delegate void SetStatusCallback(string aStatus);

        private DirectoryEntry mActiveDirectory;

        public PdActiveDirectory()
        {
            mActiveDirectory = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
        }

        public static string CleanedException(Exception aException)
        {
            var lRealError = aException;
            var lMessages = aException.Message;

            while (lRealError.InnerException != null)
            {
                lRealError = lRealError.InnerException;
                lMessages += " | " + lRealError.Message;
            }

            return lMessages;
        }

        public void CreateLocalUserGroup(string aGroupName, string aDescription)
        {
            try
            {
                DirectoryEntry newGroup = mActiveDirectory.Children.Add(aGroupName, "group");
                newGroup.Invoke("Put", new object[] {"Description", aDescription});
                newGroup.CommitChanges();
            }
            catch (Exception lException)
            {
                throw new Exception("CreateLocalUserGroup", lException);
            }
        }

        public void CreateLocalUser(string aUserName, string aUserPassword, string aDescription)
        {
            try
            {
                try
                {
                    DirectoryEntry lUser = mActiveDirectory.Children.Add(aUserName, "user");
                    lUser.Invoke("SetPassword", new object[] {aUserPassword});
                    lUser.Invoke("Put", new object[] {"Description", aDescription});

                    int lUserFlags = 0;
                    if (lUser.Properties["userAccountControl"].Value != null)
                    {
                        lUserFlags = (int) lUser.Properties["userAccountControl"].Value;
                    }
                    lUser.Properties["UserFlags"].Value = lUserFlags | 0x10000 | 0x0040;
                    lUser.CommitChanges();
                }
                catch (Exception lCreateUser)
                {
                    throw new Exception("Create User", lCreateUser);
                }
            }
            catch (Exception lException)
            {
                throw new Exception("CreateLocalUser", lException);
            }
        }

        public bool GroupExists(string aGroupName)
        {
            try
            {
                mActiveDirectory.Children.Find(aGroupName, "group");
                return true;
            }
            catch
            {
                return false;
            }
        }


        public void AddUserToGroup(string aUserName, string aGroupName)
        {
            DirectoryEntry lUser;
            try
            {
                lUser = mActiveDirectory.Children.Find(aUserName, "user");
            }
            catch (Exception lFindUser)
            {
                throw new Exception("Find User", lFindUser);
            }

            DirectoryEntry lGroup;
            try
            {
                lGroup = mActiveDirectory.Children.Find(aGroupName, "group");
            }
            catch (Exception lFindGroup)
            {
                throw new Exception("Find Group", lFindGroup);
            }

            try
            {
                lGroup.Invoke("Add", new object[] {lUser.Path.ToString()});
                lGroup.CommitChanges();
            }
            catch (Exception lAddUserToGroup)
            {
                throw new Exception("AddUserToGroup", lAddUserToGroup);
            }
        }

        private static void ReplaceAllDescendantPermissionsFromObject(DirectoryInfo dInfo, DirectorySecurity dSecurity,
                                         SetStatusCallback aCallback)
        {

            dInfo.SetAccessControl(dSecurity);
            aCallback("Setting security on:" + dInfo.FullName);

            foreach (FileInfo fi in dInfo.GetFiles())
            {
                aCallback("Setting security on:" + fi.FullName);


                var ac = fi.GetAccessControl();


                ac.SetAccessRuleProtection(false, true);



            }

            dInfo.GetDirectories().ToList()
                 .ForEach(d => ReplaceAllDescendantPermissionsFromObject(d, dSecurity, aCallback ));
        }

        public void AddDirectorySecurity(string aDirectory, string aAccount,
                                         FileSystemRights aRights,
                                         AccessControlType aControlType,
                                         SetStatusCallback aCallback)
        {
            try
            {
                var lDirectoryInfo = new DirectoryInfo(aDirectory);
                DirectorySecurity lSecurity = lDirectoryInfo.GetAccessControl();
                lSecurity.AddAccessRule(new FileSystemAccessRule( aAccount, aRights, 
                                                                  InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
                                                                  PropagationFlags.InheritOnly, aControlType));
                lDirectoryInfo.SetAccessControl(lSecurity);
            }
            catch (Exception lException)
            {
                throw new Exception("AddDirectorySecurity", lException);
            }
        }
    }
}