Skip to content

Commit

Permalink
Test workaround to bug #87
Browse files Browse the repository at this point in the history
  • Loading branch information
@Yvand
Yvand committed Aug 6, 2019
1 parent 653e1d9 commit 8b024e2
Show file tree
Hide file tree
Showing 3 changed files with 75 additions and 48 deletions.
47 changes: 31 additions & 16 deletions LDAPCP/LDAPCP.cs
View file
Expand Up @@ -909,8 +909,8 @@ protected bool QueryLDAPServers(OperationContext currentContext, List<LDAPConnec

Parallel.ForEach(ldapServers.Where(x => !String.IsNullOrEmpty(x.Filter)), ldapConnection =>
{
Debug.WriteLine($"ldapConnection: Path: {ldapConnection.LDAPPath}, UseSPServerConnectionToAD: {ldapConnection.UseSPServerConnectionToAD}");
ClaimsProviderLogging.LogDebug($"ldapConnection: Path: {ldapConnection.LDAPPath}, UseSPServerConnectionToAD: {ldapConnection.UseSPServerConnectionToAD}");
Debug.WriteLine($"ldapConnection: Path: {ldapConnection.Directory.Path}, UseSPServerConnectionToAD: {ldapConnection.UseSPServerConnectionToAD}");
ClaimsProviderLogging.LogDebug($"ldapConnection: Path: {ldapConnection.Directory.Path}, UseSPServerConnectionToAD: {ldapConnection.UseSPServerConnectionToAD}");
#pragma warning disable CS0618 // Type or member is obsolete
SetLDAPConnection(currentContext, ldapConnection);
#pragma warning restore CS0618 // Type or member is obsolete
Expand Down Expand Up @@ -1001,25 +1001,40 @@ protected virtual void SetLDAPConnection(Uri currentContext, LDAPConnection ldap
}
else
{
ldapConnection.Directory = Domain.GetComputerDomain().GetDirectoryEntry();
Domain computerDomain = Domain.GetComputerDomain();
ldapConnection.Directory = computerDomain.GetDirectoryEntry();
ldapConnection.DomainFQDN = computerDomain.Name;
ldapConnection.DomainName = OperationContext.GetDomainName(ldapConnection.DomainFQDN);
// Property LDAPConnection.AuthenticationSettings must be set, in order to build the PrincipalContext correctly in GetGroupsFromActiveDirectory()
ldapConnection.AuthenticationSettings = ldapConnection.Directory.AuthenticationType;
}

// This block does LDAP operations
using (new SPMonitoredScope($"[{ProviderInternalName}] Get domain names / root container information about LDAP server \"{ldapConnection.Directory.Path}\"", 2000))
if (String.IsNullOrEmpty(ldapConnection.RootContainer) || String.IsNullOrEmpty(ldapConnection.DomainFQDN) || String.IsNullOrEmpty(ldapConnection.DomainName))
{
// Retrieve FQDN and domain name of current DirectoryEntry
string domainName = String.Empty;
string domainFQDN = String.Empty;
string domaindistinguishedName = String.Empty;

// If there is no existing LDAPCP configuration, this method will be called each time (LDAPConnection properties will be null)
OperationContext.GetDomainInformation(ldapConnection.Directory, out domaindistinguishedName, out domainName, out domainFQDN);
// Cache those values for the whole lifetime of the process, because getting them requires LDAP operations
ldapConnection.RootContainer = domaindistinguishedName;
ldapConnection.DomainName = domainName;
ldapConnection.DomainFQDN = domainFQDN;
// This block does LDAP operations
using (new SPMonitoredScope($"[{ProviderInternalName}] Get domain names / root container information about LDAP server \"{ldapConnection.Directory.Path}\"", 2000))
{
// Retrieve FQDN and domain name of current DirectoryEntry
string domainName = String.Empty;
string domainFQDN = String.Empty;
string domaindistinguishedName = String.Empty;

// If there is no existing LDAPCP configuration, this method will be called each time as property LDAPConnection.RootContainer will be null
OperationContext.GetDomainInformation(ldapConnection.Directory, out domaindistinguishedName, out domainName, out domainFQDN);
// Cache those values for the whole lifetime of the process, because getting them requires LDAP operations
if (!String.IsNullOrWhiteSpace(domaindistinguishedName))
{
ldapConnection.RootContainer = domaindistinguishedName;
}
if (!String.IsNullOrWhiteSpace(domainName))
{
ldapConnection.DomainName = domainName;
}
if (!String.IsNullOrWhiteSpace(domainFQDN))
{
ldapConnection.DomainFQDN = domainFQDN;
}
}
}
}

Expand Down
74 changes: 43 additions & 31 deletions LDAPCP/LDAPCPConfig.cs
View file
Expand Up @@ -1222,6 +1222,21 @@ public static string GetFirstSubString(string value, string separator)
return (stop > -1) ? value.Substring(0, stop) : string.Empty;
}

/// <summary>
/// Return the domain name from the domain FQDN
/// </summary>
/// <param name="domainFQDN">Fully qualified domain name</param>
/// <returns>Domain name</returns>
public static string GetDomainName(string domainFQDN)
{
string domainName = String.Empty;
if (domainFQDN.Contains("."))
{
domainName = domainFQDN.Split(new char[] { '.' })[0];
}
return domainName;
}

/// <summary>
/// Extract domain name information from the distinguishedName supplied
/// </summary>
Expand Down Expand Up @@ -1256,52 +1271,49 @@ public static void GetDomainInformation(string distinguishedName, out string dom
/// <param name="directory">LDAP Server to query</param>
/// <param name="domainName">Domain name</param>
/// <param name="domainFQDN">Fully qualified domain name</param>
public static void GetDomainInformation(DirectoryEntry directory, out string domaindistinguishedName, out string domainName, out string domainFQDN)
public static bool GetDomainInformation(DirectoryEntry directory, out string domaindistinguishedName, out string domainName, out string domainFQDN)
{
bool success = false;
domaindistinguishedName = String.Empty;
domainName = String.Empty;
domainFQDN = String.Empty;
int count = 0;
do

try
{
count++;
try
{
#if DEBUG
directory.AuthenticationType = AuthenticationTypes.None;
ClaimsProviderLogging.Log($"directory.AuthenticationType = {directory.AuthenticationType}", TraceSeverity.Unexpected, EventSeverity.Error, TraceCategory.Configuration);
directory.AuthenticationType = AuthenticationTypes.None;
ClaimsProviderLogging.LogDebug($"Hardcoded property DirectoryEntry.AuthenticationType to {directory.AuthenticationType} for \"{directory.Path}\"");
#endif

// Method PropertyCollection.Contains("distinguishedName") does a LDAP bind
// In AD LDS: property "distinguishedName" = "CN=LDSInstance2,DC=ADLDS,DC=local", properties "name" and "cn" = "LDSInstance2"
if (directory.Properties.Contains("distinguishedName"))
{
domaindistinguishedName = directory.Properties["distinguishedName"].Value.ToString();
GetDomainInformation(domaindistinguishedName, out domainName, out domainFQDN);
}
else if (directory.Properties.Contains("name"))
{
domainName = directory.Properties["name"].Value.ToString();
}
else if (directory.Properties.Contains("cn"))
{
// Tivoli stores domain name in property "cn" (properties "distinguishedName" and "name" don't exist)
domainName = directory.Properties["cn"].Value.ToString();
}

success = true;
// Method PropertyCollection.Contains("distinguishedName") does a LDAP bind
// In AD LDS: property "distinguishedName" = "CN=LDSInstance2,DC=ADLDS,DC=local", properties "name" and "cn" = "LDSInstance2"
if (directory.Properties.Contains("distinguishedName"))
{
domaindistinguishedName = directory.Properties["distinguishedName"].Value.ToString();
GetDomainInformation(domaindistinguishedName, out domainName, out domainFQDN);
}
catch (DirectoryServicesCOMException ex)
else if (directory.Properties.Contains("name"))
{
ClaimsProviderLogging.LogException("", $"while getting domain names information for LDAP connection {directory.Path} (DirectoryServicesCOMException) at attempt {count}", TraceCategory.Configuration, ex);
domainName = directory.Properties["name"].Value.ToString();
}
catch (Exception ex)
else if (directory.Properties.Contains("cn"))
{
ClaimsProviderLogging.LogException("", $"while getting domain names information for LDAP connection {directory.Path} (Exception) at attempt {count}", TraceCategory.Configuration, ex);
// Tivoli stores domain name in property "cn" (properties "distinguishedName" and "name" don't exist)
domainName = directory.Properties["cn"].Value.ToString();
}

success = true;
}
while (success == false && count < 5);
catch (DirectoryServicesCOMException ex)
{
ClaimsProviderLogging.LogException("", $"while getting domain names information for LDAP connection {directory.Path} (DirectoryServicesCOMException)", TraceCategory.Configuration, ex);
}
catch (Exception ex)
{
ClaimsProviderLogging.LogException("", $"while getting domain names information for LDAP connection {directory.Path} (Exception)", TraceCategory.Configuration, ex);
}

return success;
}

/// <summary>
Expand Down
2 changes: 1 addition & 1 deletion LDAPCP/LdapcpLoggingService.cs
View file
Expand Up @@ -118,7 +118,7 @@ public static void LogDebug(string message)
try
{
#if DEBUG
WriteTrace(TraceCategory.Debug, TraceSeverity.VerboseEx, message);
WriteTrace(TraceCategory.Debug, TraceSeverity.Verbose, message);
Debug.WriteLine(message);
#else
// Do nothing
Expand Down

0 comments on commit 8b024e2

Please sign in to comment.