using System; using System.Collections.Generic; using System.DirectoryServices; using System.IO; using System.Linq; using System.Security.AccessControl; using System.Text; namespace PdMagic.Windows { public class PdActiveDirectory { public delegate void SetStatusCallback(string aStatus); private DirectoryEntry mActiveDirectory; public PdActiveDirectory() { mActiveDirectory = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"); } public static string CleanedException(Exception aException) { var lRealError = aException; var lMessages = aException.Message; while (lRealError.InnerException != null) { lRealError = lRealError.InnerException; lMessages += " | " + lRealError.Message; } return lMessages; } public void CreateLocalUserGroup(string aGroupName, string aDescription) { try { DirectoryEntry newGroup = mActiveDirectory.Children.Add(aGroupName, "group"); newGroup.Invoke("Put", new object[] {"Description", aDescription}); newGroup.CommitChanges(); } catch (Exception lException) { throw new Exception("CreateLocalUserGroup", lException); } } public void CreateLocalUser(string aUserName, string aUserPassword, string aDescription) { try { try { DirectoryEntry lUser = mActiveDirectory.Children.Add(aUserName, "user"); lUser.Invoke("SetPassword", new object[] {aUserPassword}); lUser.Invoke("Put", new object[] {"Description", aDescription}); int lUserFlags = 0; if (lUser.Properties["userAccountControl"].Value != null) { lUserFlags = (int) lUser.Properties["userAccountControl"].Value; } lUser.Properties["UserFlags"].Value = lUserFlags | 0x10000 | 0x0040; lUser.CommitChanges(); } catch (Exception lCreateUser) { throw new Exception("Create User", lCreateUser); } } catch (Exception lException) { throw new Exception("CreateLocalUser", lException); } } public bool GroupExists(string aGroupName) { try { mActiveDirectory.Children.Find(aGroupName, "group"); return true; } catch { return false; } } public void AddUserToGroup(string aUserName, string aGroupName) { DirectoryEntry lUser; try { lUser = mActiveDirectory.Children.Find(aUserName, "user"); } catch (Exception lFindUser) { throw new Exception("Find User", lFindUser); } DirectoryEntry lGroup; try { lGroup = mActiveDirectory.Children.Find(aGroupName, "group"); } catch (Exception lFindGroup) { throw new Exception("Find Group", lFindGroup); } try { lGroup.Invoke("Add", new object[] {lUser.Path.ToString()}); lGroup.CommitChanges(); } catch (Exception lAddUserToGroup) { throw new Exception("AddUserToGroup", lAddUserToGroup); } } private static void ReplaceAllDescendantPermissionsFromObject(DirectoryInfo dInfo, DirectorySecurity dSecurity, SetStatusCallback aCallback) { dInfo.SetAccessControl(dSecurity); aCallback("Setting security on:" + dInfo.FullName); foreach (FileInfo fi in dInfo.GetFiles()) { aCallback("Setting security on:" + fi.FullName); var ac = fi.GetAccessControl(); ac.SetAccessRuleProtection(false, true); } dInfo.GetDirectories().ToList() .ForEach(d => ReplaceAllDescendantPermissionsFromObject(d, dSecurity, aCallback )); } public void AddDirectorySecurity(string aDirectory, string aAccount, FileSystemRights aRights, AccessControlType aControlType, SetStatusCallback aCallback) { try { var lDirectoryInfo = new DirectoryInfo(aDirectory); DirectorySecurity lSecurity = lDirectoryInfo.GetAccessControl(); lSecurity.AddAccessRule(new FileSystemAccessRule( aAccount, aRights, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, aControlType)); lDirectoryInfo.SetAccessControl(lSecurity); } catch (Exception lException) { throw new Exception("AddDirectorySecurity", lException); } } } }