/// <summary>
/// Updates an AD object (also called by create after object is created)
/// </summary>
/// <param name="oclass"></param>
/// <param name="directoryEntry"></param>
/// <param name="attributes"></param>
/// <param name="type"></param>
/// <param name="config"></param>
internal void UpdateADObject(ObjectClass oclass,
DirectoryEntry directoryEntry, ICollection<ConnectorAttribute> attributes,
UpdateType type, ActiveDirectoryConfiguration config)
{
if(oclass.Equals(ObjectClass.ACCOUNT))
{
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// encountered problems when processing change password at the same time
// as setting expired. It would be set to expired, but the change would
// clear that. So we must ensure that expired comes last.
if (OperationalAttributes.PASSWORD_EXPIRED_NAME.Equals(attribute.Name))
{
continue;
}
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// Trace.TraceInformation("Committing after setting attribute {0} to {1}", attribute.Name, attribute.Value);
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
// now do the password change. This is handled separately, because
// it might be a user changing his own password, or it might be an
// administrative change.
GuardedString gsNewPassword = ConnectorAttributeUtil.GetPasswordValue(attributes);
if (gsNewPassword != null)
{
GuardedString gsCurrentPassword = ConnectorAttributeUtil.GetCurrentPasswordValue(attributes);
PasswordChangeHandler changeHandler = new PasswordChangeHandler(_configuration);
if (gsCurrentPassword == null)
{
// just a normal password change
changeHandler.changePassword(directoryEntry, gsNewPassword);
}
else
{
changeHandler.changePassword(directoryEntry,
gsCurrentPassword, gsNewPassword);
}
UserAccountControl.Set(directoryEntry.Properties[ActiveDirectoryConnector.ATT_USER_ACOUNT_CONTROL],
UserAccountControl.PASSWD_NOTREQD, false);
directoryEntry.CommitChanges();
}
// see note in loop above for explaination of this
ConnectorAttribute expirePasswordAttribute = ConnectorAttributeUtil.Find(
OperationalAttributes.PASSWORD_EXPIRED_NAME, attributes);
if (expirePasswordAttribute != null)
{
AddConnectorAttributeToADProperties(oclass,
directoryEntry, expirePasswordAttribute, type);
directoryEntry.CommitChanges();
}
/*
UserAccountControl.Set(directoryEntry.Properties[ActiveDirectoryConnector.ATT_USER_ACOUNT_CONTROL],
UserAccountControl.PASSWD_NOTREQD, false);
*/
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
else if (oclass.Equals(ActiveDirectoryConnector.groupObjectClass))
{
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// Temporary
// Trace.TraceInformation(String.Format("Setting attribute {0} to {1}",
// attribute.Name, attribute.Value));
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
else if (oclass.Equals(ActiveDirectoryConnector.ouObjectClass))
{
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// Temporary
// Trace.TraceInformation(String.Format("Setting attribute {0} to {1}",
// attribute.Name, attribute.Value));
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
else
{
String objectClassName = GetADObjectClass(oclass);
// translate attribute passed in
foreach (ConnectorAttribute attribute in attributes)
{
// Temporary
// Trace.TraceInformation(String.Format("Setting attribute {0} to {1}",
// attribute.Name, attribute.Value));
AddConnectorAttributeToADProperties(oclass,
directoryEntry, attribute, type);
// Uncommenting the next line is very helpful in
// finding mysterious errors.
// directoryEntry.CommitChanges();
}
directoryEntry.CommitChanges();
HandleNameAndContainerChange(type, directoryEntry, attributes, config);
}
}