public void SyncToLocalUser()
{
m_logger.Debug("SyncToLocalUser()");
using (UserPrincipal user = CreateOrGetUserPrincipal(UserInfo))
{
// Force password and fullname match (redundant if we just created, but oh well)
SyncUserPrincipalInfo(user, UserInfo);
try
{
List <SecurityIdentifier> ignoredSids = new List <SecurityIdentifier>(new SecurityIdentifier[] {
new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null), // "Authenticated Users"
new SecurityIdentifier("S-1-1-0"), // "Everyone"
});
// First remove from any local groups they aren't supposed to be in
m_logger.Debug("Checking for groups to remove.");
List <GroupPrincipal> localGroups = LocalAccount.GetGroups(user);
foreach (GroupPrincipal group in localGroups)
{
m_logger.DebugFormat("Remove {0}?", group.Name);
// Skip ignored sids
if (!ignoredSids.Contains(group.Sid))
{
GroupInformation gi = new GroupInformation()
{
Name = group.Name, SID = group.Sid, Description = group.Description
};
if (!UserInfo.InGroup(gi))
{
m_logger.DebugFormat("Removing user {0} from group {1}", user.Name, group.Name);
RemoveUserFromGroup(user, group);
}
}
group.Dispose();
}
// Now add to any they aren't already in that they should be
m_logger.Debug("Checking for groups to add");
foreach (GroupInformation groupInfo in UserInfo.Groups)
{
m_logger.DebugFormat("Add {0}?", groupInfo.Name);
if (!IsUserInGroup(user, groupInfo))
{
using (GroupPrincipal group = CreateOrGetGroupPrincipal(groupInfo))
{
m_logger.DebugFormat("Adding user {0} to group {1}", user.Name, group.Name);
AddUserToGroup(user, group);
}
}
}
}
catch (Exception e)
{
throw new GroupSyncException(e);
}
}
m_logger.Debug("End SyncToLocalUser()");
}