diff --git a/LSL2/STPROC/ACTIVE_DIRECTORY_SERVICES.txt b/LSL2/STPROC/ACTIVE_DIRECTORY_SERVICES.txt index a26ac61..b984895 100644 --- a/LSL2/STPROC/ACTIVE_DIRECTORY_SERVICES.txt +++ b/LSL2/STPROC/ACTIVE_DIRECTORY_SERVICES.txt @@ -28,7 +28,7 @@ $Insert APP_INSERTS $Insert REVDOTNETEQUATES Declare function Logging_Services, Environment_Services, Active_Directory_Services -Declare subroutine Set_Property.Net, Logging_Services, Set_Status +Declare subroutine Set_Property.Net, Logging_Services, Set_Status, Database_Services LogPath = Environment_Services('GetApplicationRootPath') : '\LogFiles\ActiveDirectory' LogDate = Oconv(Date(), 'D4/') @@ -47,6 +47,13 @@ GoToService Return Response or "" +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// Service Parameter Options +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +Options DOMAIN = 'INFINEON', 'INFINEON.COM', 'NA.INFINEON.COM' +Options DESCRIPTION_BOOL = True$, False$ +Options AD_GROUP_TYPE = 'DL', 'SECURITY' + //----------------------------------------------------------------------------- // SERVICES //----------------------------------------------------------------------------- @@ -136,6 +143,7 @@ Service GetADGroups(Username, Domain) End Service + Service GetComputerDomain() Domain = '' @@ -158,12 +166,35 @@ Service GetComputerDomain() end service -Service GetADGroupMembers(GroupName, Domain) +//---------------------------------------------------------------------------------------------------------------------- +// GetADGroupsByString +// +// SearchString - [Required] Defines the string name or description of the group you want to search for. Accepts * as a wildcard +// Domain - Defines the domain to search in. If null will set to 'INFINEON' +// SearchByDescription - Boolean flag to indicate if you'd like to search for groups that match the description. Set to false by default. +// GroupType - Used to indicate if you want only Security Groups or only Distribution list group types. If you want both don't set this variable. +// If you want only security groups, set to SECURITY. If you want only distribution lists, set to DL +// +// Takes in a search string either whole or part of a full string and returns a @FM delimited list of matching results. Supports * as a wildcard. +// For each @FM there are three values that are @VM delimited. First value is the Group Name, second value is the group description, third value is +// the groups type, either SECURITY or DL +// +// 9/26/2024 - [JRO] Initial Programmer. +//---------------------------------------------------------------------------------------------------------------------- +Service GetADGroupsByString(SearchString, Domain=DOMAIN, SearchByDescription=DESCRIPTION_BOOL, GroupType=AD_GROUP_TYPE) Set_Status(0) - Users = '' ErrMessage = '' - If GroupName NE '' AND Domain NE '' then - + ADGroups = '' + If SearchString EQ '' then + ErrMessage = 'Error calling GetADGroupsByString: Search string was null.' + end + If Domain EQ '' then + Domain = 'INFINEON' + end + If SearchByDescription EQ '' then + SearchByDescription = False$ + end + If ErrMessage EQ '' then DotNetHandle = StartDotNet("","4.0") DotNetDir = CheckDotNet('4.0'):'\' AccountMgmtDllPath = DotNetDir:'System.DirectoryServices.AccountManagement.dll' @@ -173,7 +204,234 @@ Service GetADGroupMembers(GroupName, Domain) ParamTypes = 'System.DirectoryServices.AccountManagement.ContextType':@FM:'System.String' objPC = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalContext", 0, Params, ParamTypes) If Not(Get_Status(errCode)) then - objGroupPrincipal = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.GroupPrincipal", 0, objPC, 'RevDotNet');//forced an error here + objGroupPrincipal = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.GroupPrincipal", 0, objPC, 'RevDotNet') + If Not(Get_Status(errCode)) then + If SearchByDescription then + Set_Property.Net(objGroupPrincipal, 'Description', SearchString) + end else + Set_Property.Net(objGroupPrincipal, 'Name', SearchString) + end + Begin Case + Case GroupType EQ 'DL' + Set_Property.Net(objGroupPrincipal, 'IsSecurityGroup', 'False') + Case GroupType EQ 'SECURITY' + Set_Property.Net(objGroupPrincipal, 'IsSecurityGroup', 'True') + End Case + objPrinSearcher = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalSearcher", 0, objGroupPrincipal, 'RevDotNet') + If Not(Get_Status(errCode)) then + objSearchResultCollection = Create_Class.Net(objPrinSearcher, 'System.DirectoryServices.AccountManagement.PrincipalSearchResult', 0, '', '', 'RevDotNet') + objSearchResultCollection = Send_Message.Net(objPrinSearcher, 'FindAll', '', '', 1) + + if Not(Get_Status(errCode)) then + + objEnum = Send_Message.Net(objSearchResultCollection, 'GetEnumerator', '', '', 1) + If Not(Get_Status(errCode)) then + Void = Send_Message.Net(objEnum, 'Reset', '', '', 0) + Loop + Done = Send_Message.Net(objEnum, 'MoveNext', '', '', 0) + Until Done EQ 'False' OR Done EQ '' + If Not(Get_Status(errCode)) then + ThisGroup = Get_Property.Net(objEnum, 'Current', 1) + If Not(Get_Status(errCode)) then + ADGroup = '' + ADGroup<1,1> = Get_Property.Net(ThisGroup, 'Name', 0) + ADGroup<1,2> = Get_Property.Net(ThisGroup, 'Description', 0) + IsSecGroup = Get_Property.Net(ThisGroup, 'IsSecurityGroup', 0) + If IsSecGroup EQ 'True' then + ADGroup<1,3> = 'SECURITY' + end else + ADGroup<1,3> = 'DL' + end + ADGroups<-1> = ADGroup + Free_Class.Net(ThisGroup) + end else + Error_Services('Add', 'DotNet Error, Error getting group properties') + end + end else + Error_Services('Add', 'DotNet Error, Error iterating through results') + end + Repeat + Free_Class.Net(objEnum) + If ADGroups EQ '' then + ErrMessage = 'No groups were found.' + end + end else + ErrMessage = 'DotNet Error, Error getting object enumerator' + end + Free_Class.Net(objSearchResultCollection) + end else + ErrMessage = 'DotNet Error, Error getting AD search results' + end + Free_Class.Net(objPrinSearcher) + end else + ErrMessage = 'DotNet Error, Error creating AD searcher.' + end + Free_Class.Net(objGroupPrincipal) + end else + ErrMessage = 'DotNet Error, Error creating group principle.' + end + Free_Class.Net(objPC) + end else + ErrMessage = 'DotNet Error, Error creating principle context.' + end + end else + ErrMessage = 'DotNet Error, Error starting DotNet.' + end + If ErrMessage EQ '' then + Message = 'Successfully retrieved list of AD groups matching the search string ' : SearchString : ' within the ' : Domain : ' domain.' + LogData = '' + LogData<1> = LoggingDTM + LogData<2> = 'GetADGroupsByString' + LogData<3> = Message + Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) + end else + LogData = '' + LogData<1> = LoggingDTM + LogData<2> = 'GetADGroupsByString' + LogData<3> = 'Error list of groups matching the search string ' : SearchString : ':' : ErrMessage + Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) + Error_Services('Add', ErrMessage) + end + end else + LogData = '' + LogData<1> = LoggingDTM + LogData<2> = 'GetADGroupsByString' + LogData<3> = ErrMessage + Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) + Error_Services('Add', ErrMessage) + end + + Response = ADGroups +end service + +//---------------------------------------------------------------------------------------------------------------------- +// GetADGroupMembersByGroupDescription +// +// DescriptionName - [Required] Defines the string name or description of the group you want to find. +// Domain - Defines the domain to search in. If null will set to 'INFINEON' +// +// Takes in a whole string description of a groupand returns a @FM delimited list of matching results. Does not support * as a wildcard. +// If a matching group is found it calls GetADGroupMembersByGroupName to get the group member list. +// It then returns a @FM delimited list of users. +// For each @FM there are three @VM delimited values. They are the Users AD name, their display name, and their email. +// +// 9/26/2024 - [JRO] Initial Programmer. +//---------------------------------------------------------------------------------------------------------------------- +Service GetADGroupMembersByGroupDescription(DescriptionName, Domain=DOMAIN) + Set_Status(0) + ErrMessage = '' + GroupUsers = '' + If DescriptionName EQ '' then + ErrMessage = 'Error calling GetADGroupMembersByGroupDescription: Description was null.' + end + If Domain EQ '' then + Domain = 'INFINEON' + end + If ErrMessage EQ '' then + DotNetHandle = StartDotNet("","4.0") + DotNetDir = CheckDotNet('4.0'):'\' + AccountMgmtDllPath = DotNetDir:'System.DirectoryServices.AccountManagement.dll' + Set_Property.Net(DotNetHandle, "AssemblyName", AccountMgmtDllPath) + If Not(Get_Status(errCode)) then + Params = 'Domain':@FM:Domain + ParamTypes = 'System.DirectoryServices.AccountManagement.ContextType':@FM:'System.String' + objPC = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalContext", 0, Params, ParamTypes) + If Not(Get_Status(errCode)) then + objGroupPrincipal = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.GroupPrincipal", 0, objPC, 'RevDotNet') + If Not(Get_Status(errCode)) then + Set_Property.Net(objGroupPrincipal, 'Description', DescriptionName) + objPrinSearcher = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalSearcher", 0, objGroupPrincipal, 'RevDotNet') + If Not(Get_Status(errCode)) then + objSearchResult = Create_Class.Net(objPrinSearcher, 'System.DirectoryServices.AccountManagement.PrincipalSearcher', 0, '', '', 'RevDotNet') + objSearchResult = Send_Message.Net(objPrinSearcher, 'FindOne', '', '', 1) + if Not(Get_Status(errCode)) then + GroupName = Get_Property.Net(objSearchResult, 'Name', 0) + If GroupName NE '' then + GroupUsers = Active_Directory_Services('GetADGroupMembersByGroupName', GroupName, Domain) + If GroupUsers EQ '' then + ErrMessage = 'No group members were returned.' + end + end else + ErrMessage = 'No group matching that description was found.' + end + Free_Class.Net(objSearchResult) + end else + ErrMessage = 'DotNet Error, Error getting AD search results' + end + Free_Class.Net(objPrinSearcher) + end else + ErrMessage = 'DotNet Error, Error creating AD searcher.' + end + Free_Class.Net(objGroupPrincipal) + end else + ErrMessage = 'DotNet Error, Error creating group principle.' + end + Free_Class.Net(objPC) + + end else + ErrMessage = 'DotNet Error, Error creating principle context.' + end + end + If ErrMessage EQ '' then + Message = 'Successfully retrieved members of AD group with description of ' : DescriptionName : ' within the ' : Domain : ' domain.' + LogData = '' + LogData<1> = LoggingDTM + LogData<2> = 'GetADGroupMembersByGroupDescription' + LogData<3> = Message + Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) + end else + LogData = '' + LogData<1> = LoggingDTM + LogData<2> = 'GetADGroupMembersByGroupDescription' + LogData<3> = 'Error getting members of group with description ' : DescriptionName : ':' : ErrMessage + Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) + Error_Services('Add', ErrMessage) + end + end else + LogData = '' + LogData<1> = LoggingDTM + LogData<2> = 'GetADGroupMembersByGroupDescription' + LogData<3> = ErrMessage + Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) + Error_Services('Add', ErrMessage) + end + Response = GroupUsers +end service + +//---------------------------------------------------------------------------------------------------------------------- +// GetADGroupMembersByGroupName +// +// GroupName - [Required] Defines the Group name of the group you want to find. +// Domain - Defines the domain to search in. If null will set to 'INFINEON' +// +// Takes in a whole string group name of a group and returns a @FM delimited list of matching results. Does not support * as a wildcard. +// If a matching group is found it gets a group members list and calls GetADUserAttributes for each member to get the user attributes +// It then returns a @FM delimited list of users. +// For each @FM there are three @VM delimited values. They are the Users AD name, their display name, and their email. +// +// 9/26/2024 - [JRO] Initial Programmer. +//---------------------------------------------------------------------------------------------------------------------- +Service GetADGroupMembersByGroupName(GroupName, Domain=DOMAIN) + Set_Status(0) + Users = '' + ErrMessage = '' + If GroupName EQ '' then + ErrMessage = 'Error calling GetADGroupMembersByGroupName: Group name was null.' + end + If Domain EQ '' then + Domain = 'INFINEON' + end + If ErrMessage EQ '' then + DotNetHandle = StartDotNet("","4.0") + DotNetDir = CheckDotNet('4.0'):'\' + AccountMgmtDllPath = DotNetDir:'System.DirectoryServices.AccountManagement.dll' + Set_Property.Net(DotNetHandle, "AssemblyName", AccountMgmtDllPath) + If Not(Get_Status(errCode)) then + Params = 'Domain':@FM:Domain + ParamTypes = 'System.DirectoryServices.AccountManagement.ContextType':@FM:'System.String' + objPC = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalContext", 0, Params, ParamTypes) + If Not(Get_Status(errCode)) then + objGroupPrincipal = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.GroupPrincipal", 0, objPC, 'RevDotNet') If Not(Get_Status(errCode)) then ThisGroup = Send_Message.Net(objGroupPrincipal, 'FindByIdentity', objPC:@FM:GroupName, 'RevDotNet':@FM:'System.String', 1) objPrinSearcher = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalSearcher", 0, objGroupPrincipal, 'RevDotNet') @@ -196,11 +454,13 @@ Service GetADGroupMembers(GroupName, Domain) Free_Class.Net(ThisUser) end Repeat + If Users EQ '' then + ErrMessage = 'No group members were returned.' + end Free_Class.Net(objEnum) end else ErrMessage = 'Error applying searcher object for group.' end - end else ErrMessage = 'Error creating searcher object.' end @@ -217,29 +477,38 @@ Service GetADGroupMembers(GroupName, Domain) end Free_Class.Net(objPC) If ErrMessage EQ '' then + Message = 'Successfully retrieved members of AD group ' : GroupName : ' within the ' : Domain : ' domain.' LogData = '' LogData<1> = LoggingDTM - LogData<2> = 'GetADGroupMembers' - LogData<3> = 'Successfully retrieved members of AD group ' : GroupName : ' within the ' : Domain : ' domain.' + LogData<2> = 'GetADGroupMembersByGroupName' + LogData<3> = Message Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) end else - LogData = '' LogData<1> = LoggingDTM - LogData<2> = 'GetADGroupMembers' - LogData<3> = 'Error getting members of AD group ' : GroupName : ' within the ' : Domain : ' domain. ' : ErrMessage + LogData<2> = 'GetADGroupMembersByGroupName' + LogData<3> = 'Error getting members of group with name ' : GroupName : ':' : ErrMessage Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) + Error_Services('Add', ErrMessage) end end else LogData = '' LogData<1> = LoggingDTM - LogData<2> = 'GetADGroupMembers' - LogData<3> = 'Error getting members of AD group ' : GroupName : ' within the ' : Domain : ' domain. Either the group name or domain name was empty.' + LogData<2> = 'GetADGroupMembersByGroupName' + LogData<3> = ErrMessage Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) + Error_Services('Add', ErrMessage) end Response = Users end service +//---------------------------------------------------------------------------------------------------------------------- +// VerifyEPPMetrology +// +// RDSNo. - [Required] +// +// Sets an error in Error_Services if there is an issue with the metrology data. +//---------------------------------------------------------------------------------------------------------------------- Service GetADUserAttributes(Username, Domain) Set_Status(0) ThisUser = '' @@ -264,8 +533,6 @@ Service GetADUserAttributes(Username, Domain) UserName = Get_Property.Net(objUserPrincipal, 'Name', 0) Email = Get_Property.Net(objUserPrincipal, 'EmailAddress', 0) DisplayName = Get_Property.Net(objUserPrincipal, 'DisplayName', 0) - Sid = Get_Property.Net(objUserPrincipal, 'Sid', 0) - SamAccountName = Get_Property.Net(objUserPrincipal, 'SamAccountName', 0) ThisUser<1> = UserName ThisUser<2> = DisplayName ThisUser<3> = Email @@ -322,6 +589,3 @@ Service GetADUserAttributes(Username, Domain) end Response = ThisUser end service - - - diff --git a/LSL2/STPROC/PM_SERVICES.txt b/LSL2/STPROC/PM_SERVICES.txt index 9294757..bc137df 100644 --- a/LSL2/STPROC/PM_SERVICES.txt +++ b/LSL2/STPROC/PM_SERVICES.txt @@ -620,7 +620,7 @@ Service GetPMNotificationRecipients(PMSID) ADNotificationGroups = XLATE('PM_SPEC', PMSID, PM_SPEC_AD_NOTIFICATION_GROUPS$, 'X') IF ADNotificationGroups NE '' then for each ADGroup in ADNotificationGroups using @VM - GroupMemberList = Active_Directory_Services('GetADGroupMembers', ADGroup, 'INFINEON') + GroupMemberList = Active_Directory_Services('GetADGroupMembersByGroupName', ADGroup, 'INFINEON') for each GroupMember in GroupMemberList using @FM ADUsername = LCASE(GroupMember<1,1>) ADToLSLUserMap = Database_Services('ReadDataRow', 'APP_INFO', 'AD_TO_LSL_USER_MAP') @@ -934,9 +934,3 @@ Service CompleteScrubberPM(ScrubberID) end end service - - - - - -