Compile function Active_Directory_Services(@Service, @Params) /*********************************************************************************************************************** This program is proprietary and is not to be used by or disclosed to others, nor is it to be copied without written permission from SRP Computer Solutions, Inc. Name : Active_Directory_Services Description : Handler program for all module related services. Notes : The generic parameters should contain all the necessary information to process the services. Often this will be information like the data Record and Key ID. Parameters : Service [in] -- Name of the service being requested Param1-10 [in/out] -- Additional request parameter holders Response [out] -- Response to be sent back to the Controller (MCP) or requesting procedure History : (Date, Initials, Notes) 02/17/23 djs Original programmer. ***********************************************************************************************************************/ #pragma precomp SRP_PreCompiler $Insert SERVICE_SETUP $Insert APP_INSERTS $Insert REVDOTNETEQUATES Declare function Logging_Services, Environment_Services, Active_Directory_Services Declare subroutine Set_Property.Net, Logging_Services, Set_Status LogPath = Environment_Services('GetApplicationRootPath') : '\LogFiles\ActiveDirectory' LogDate = Oconv(Date(), 'D4/') LogTime = Oconv(Time(), 'MTS') LoggingDTM = LogDate : ' ' : LogTime ; // Logging DTM LogFileName = LogDate[7, 4] : '-' : LogDate[1, 2] : '-' : LogDate[4, 2] : ' ActiveDirectoryAuthLog.csv' Headers = 'Logging DTM' : @FM : 'Username' : @FM : 'Authenticated' objADAuthLog = Logging_Services('NewLog', LogPath, LogFileName, CRLF$, ',', Headers, '', False$, False$) LogFileName = LogDate[7, 4] : '-' : LogDate[1, 2] : '-' : LogDate[4, 2] : ' ActiveDirectoryLog.csv' Headers = 'Logging DTM' : @FM : 'Operation' : @FM : 'Message' objADLog = Logging_Services('NewLog', LogPath, LogFileName, CRLF$, ',', Headers, '', False$, False$) GoToService Return Response or "" //----------------------------------------------------------------------------- // SERVICES //----------------------------------------------------------------------------- Service AuthenticateUser(Username, Password, Domain) Authenticated = False$ DotNetHandle = StartDotNet("","4.0") DotNetDir = CheckDotNet('4.0'):'\' AccountMgmtDllPath = DotNetDir:'System.DirectoryServices.AccountManagement.dll' Set_Property.Net(DotNetHandle, "AssemblyName", AccountMgmtDllPath) If Not(Get_Status(errCode)) then Params = 'Domain':@FM:Domain ParamTypes = 'System.DirectoryServices.AccountManagement.ContextType':@FM:'System.String' objPC = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalContext", 0, Params, ParamTypes) If Not(Get_Status(errCode)) then Params = Username:@FM:Password ParamTypes = 'System.String':@FM:'System.String' Authenticated = Send_Message.Net(objPC, 'ValidateCredentials', Params, ParamTypes, 0) Swap 'True' with True$ in Authenticated Swap 'False' with False$ in Authenticated Free_Class.Net(objPC) end end LogData = '' LogData<1> = LoggingDTM LogData<2> = Username LogData<3> = Authenticated Logging_Services('AppendLog', objADAuthLog, LogData, @RM, @FM, False$) Response = Authenticated end service Service GetADGroups(Username, Domain) ADGroups = '' DotNetHandle = StartDotNet("","4.0") DotNetDir = CheckDotNet('4.0'):'\' AccountMgmtDllPath = DotNetDir:'System.DirectoryServices.AccountManagement.dll' Set_Property.Net(DotNetHandle, "AssemblyName", AccountMgmtDllPath) If Not(Get_Status(errCode)) then Params = 'Domain':@FM:'Infineon' ParamTypes = 'System.DirectoryServices.AccountManagement.ContextType':@FM:'System.String' objPC = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalContext", 0, Params, ParamTypes) If Not(Get_Status(errCode)) then objUserPrincipal = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.UserPrincipal", 0, objPC, 'RevDotNet') If Not(Get_Status(errCode)) then Set_Property.Net(objUserPrincipal, 'Name', Username) objPrinSearcher = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalSearcher", 0, objUserPrincipal, 'RevDotNet') If Not(Get_Status(errCode)) then objPrin = Send_Message.Net(objPrinSearcher, 'FindOne', '', '', 1) If Not(Get_Status(errCode)) then Name = Get_Property.Net(objPrin, 'Name', 0) objPrinSearchResult = Send_Message.Net(objPrin, 'GetGroups', '', '', 1) If Not(Get_Status(errCode)) then objEnum = Send_Message.Net(objPrinSearchResult, 'GetEnumerator', '', '', 1) If Not(Get_Status(errCode)) then Loop Done = Send_Message.Net(objEnum, 'MoveNext', '', '', 0) Until Done EQ 'False' If Not(Get_Status(errCode)) then objCurrPrin = Get_Property.Net(objEnum, 'Current', 1) If Not(Get_Status(errCode)) then CurrPrinName = Get_Property.Net(objCurrPrin, 'Name', 0) If CurrPrinName NE 'Domain Users' then ADGroups<-1> = CurrPrinName Free_Class.Net(objCurrPrin) end end Repeat Free_Class.Net(objEnum) end Free_Class.Net(objPrinSearchResult) end Free_Class.Net(objPrin) end Free_class.Net(objPrinSearcher) end Free_Class.Net(objUserPrincipal) end Free_Class.Net(objPC) end end Response = ADGroups End Service Service GetComputerDomain() Domain = '' DotNetHandle = StartDotNet("","4.0") DotNetDir = CheckDotNet('4.0'):'\' DirDllPath = DotNetDir:'System.DirectoryServices.dll' Set_Property.Net(DotNetHandle, "AssemblyName", DirDllPath) If Not(Get_Status(errCode)) then objDomain = Create_Class.Net(DotNetHandle, "System.DirectoryServices.ActiveDirectory.Domain", 0, '', '') If Not(Get_status(errCode)) then ObjCompDomain = Send_Message.Net(objDomain, 'GetComputerDomain', '', '', True$) If Not(Get_Status(errCode)) then Domain = Get_Property.Net(objCompDomAin, 'Name', False$) Free_class.Net(objCompDomain) end Free_Class.Net(objDomain) end end Response = Domain end service Service GetADGroupMembers(GroupName, Domain) Set_Status(0) Users = '' ErrMessage = '' If GroupName NE '' AND Domain NE '' then DotNetHandle = StartDotNet("","4.0") DotNetDir = CheckDotNet('4.0'):'\' AccountMgmtDllPath = DotNetDir:'System.DirectoryServices.AccountManagement.dll' Set_Property.Net(DotNetHandle, "AssemblyName", AccountMgmtDllPath) If Not(Get_Status(errCode)) then Params = 'Domain':@FM:Domain ParamTypes = 'System.DirectoryServices.AccountManagement.ContextType':@FM:'System.String' objPC = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalContext", 0, Params, ParamTypes) If Not(Get_Status(errCode)) then objGroupPrincipal = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.GroupPrincipal", 0, objPC, 'RevDotNet');//forced an error here If Not(Get_Status(errCode)) then ThisGroup = Send_Message.Net(objGroupPrincipal, 'FindByIdentity', objPC:@FM:GroupName, 'RevDotNet':@FM:'System.String', 1) objPrinSearcher = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalSearcher", 0, objGroupPrincipal, 'RevDotNet') if Not(Get_Status(errCode)) then objPrinSearcher = Send_Message.Net(ThisGroup, 'GetMembers', '', '', 1) if Not(Get_Status(errCode)) then objEnum = Send_Message.Net(objPrinSearcher, 'GetEnumerator', '', '', 1) Loop Done = Send_Message.Net(objEnum, 'MoveNext', '', '', 0) Until Done EQ 'False' OR Done EQ '' If Not(Get_Status(errCode)) then ThisUser = Get_Property.Net(objEnum, 'Current', 1) If Not(Get_Status(errCode)) then Username = Get_Property.Net(ThisUser, 'Name', 0) UserADAttributes = Active_Directory_Services('GetADUserAttributes', Username, Domain) swap @FM with @VM in UserADAttributes users<-1> = UserADAttributes Free_Class.Net(username) end Free_Class.Net(ThisUser) end Repeat Free_Class.Net(objEnum) end else ErrMessage = 'Error applying searcher object for group.' end end else ErrMessage = 'Error creating searcher object.' end Free_Class.Net(objPrinSearcher) end else ErrMessage = 'Error creating Group Principle object.' end end else ErrMessage = 'Error creating Principle Context object.' end Free_Class.Net(objGroupPrincipal) end else ErrMessage = 'Error creating dotnet object.' end Free_Class.Net(objPC) If ErrMessage EQ '' then LogData = '' LogData<1> = LoggingDTM LogData<2> = 'GetADGroupMembers' LogData<3> = 'Successfully retrieved members of AD group ' : GroupName : ' within the ' : Domain : ' domain.' Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) end else LogData = '' LogData<1> = LoggingDTM LogData<2> = 'GetADGroupMembers' LogData<3> = 'Error getting members of AD group ' : GroupName : ' within the ' : Domain : ' domain. ' : ErrMessage Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) end end else LogData = '' LogData<1> = LoggingDTM LogData<2> = 'GetADGroupMembers' LogData<3> = 'Error getting members of AD group ' : GroupName : ' within the ' : Domain : ' domain. Either the group name or domain name was empty.' Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) end Response = Users end service Service GetADUserAttributes(Username, Domain) Set_Status(0) ThisUser = '' ErrMessage = '' If Username NE '' AND Domain NE '' then DotNetHandle = StartDotNet("","4.0") DotNetDir = CheckDotNet('4.0'):'\' AccountMgmtDllPath = DotNetDir:'System.DirectoryServices.AccountManagement.dll' Set_Property.Net(DotNetHandle, "AssemblyName", AccountMgmtDllPath) If Not(Get_Status(errCode)) then Params = 'Domain':@FM:'Infineon' ParamTypes = 'System.DirectoryServices.AccountManagement.ContextType':@FM:'System.String' objPC = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalContext", 0, Params, ParamTypes) If Not(Get_Status(errCode)) then objUserPrincipal = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.UserPrincipal", 0, objPC, 'RevDotNet') If Not(Get_Status(errCode)) then Set_Property.Net(objUserPrincipal, 'Name', Username) objPrinSearcher = Create_Class.Net(DotNetHandle, "System.DirectoryServices.AccountManagement.PrincipalSearcher", 0, objUserPrincipal, 'RevDotNet') If Not(Get_Status(errCode)) then objUserPrincipal = Send_Message.Net(objPrinSearcher, 'FindOne', '', '', 1) If Not(Get_Status(errCode)) then UserName = Get_Property.Net(objUserPrincipal, 'Name', 0) Email = Get_Property.Net(objUserPrincipal, 'EmailAddress', 0) DisplayName = Get_Property.Net(objUserPrincipal, 'DisplayName', 0) Sid = Get_Property.Net(objUserPrincipal, 'Sid', 0) SamAccountName = Get_Property.Net(objUserPrincipal, 'SamAccountName', 0) ThisUser<1> = UserName ThisUser<2> = DisplayName ThisUser<3> = Email end else //Error getting user object LogData = '' LogData<1> = LoggingDTM LogData<2> = 'GetADUserAttributes' LogData<3> = 'Error getting user attributes of user: ' : Username : ' within the ' : Domain : ' domain.' Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) end Free_class.Net(objPrinSearcher) end else //error creating principle searcher LogData = '' LogData<1> = LoggingDTM LogData<2> = 'GetADUserAttributes' LogData<3> = 'Error creating principle searcher. Username: ' : Username : ' within the ' : Domain : ' domain.' Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) end Free_Class.Net(objUserPrincipal) end else //error creating user principle object LogData = '' LogData<1> = LoggingDTM LogData<2> = 'GetADUserAttributes' LogData<3> = 'Error creating principle searcher. Username' : Username : 'within the ' : Domain : ' domain.' Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) end Free_Class.Net(objPC) end else //Error creating principle context LogData = '' LogData<1> = LoggingDTM LogData<2> = 'GetADUserAttributes' LogData<3> = 'Error creating principle context Username' : Username : 'within the ' : Domain : ' domain.' Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) end end else //error calling dotnet LogData = '' LogData<1> = LoggingDTM LogData<2> = 'GetADUserAttributes' LogData<3> = 'Error creating dotnet object. Username' : Username : 'within the ' : Domain : ' domain.' Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) end end else //Error, missing username or domain name LogData = '' LogData<1> = LoggingDTM LogData<2> = 'GetADUserAttributes' LogData<3> = 'Missing username or domain name' Logging_Services('AppendLog', objADLog, LogData, @RM, @FM, False$) end Response = ThisUser end service