Pin NTFS AD operations to domain controller

2026-05-19 19:12:33 +02:00
parent ea0517d1dc
commit 0cad46ddef
6 changed files with 119 additions and 13 deletions
--- a/LiamNtfs/C4IT_IAM_SET/DataArea_FileSystem.cs
+++ b/LiamNtfs/C4IT_IAM_SET/DataArea_FileSystem.cs
@@ -27,6 +27,7 @@ namespace C4IT_IAM_SET
        public const string constApplicationDataPath = "%ProgramData%\\Consulting4IT GmbH\\LIAM";

        public string domainName;
+        public string effectiveDomainController;
        public string username;
        public SecureString password;
        private cNetworkConnection Connection;
@@ -87,6 +88,11 @@ namespace C4IT_IAM_SET
            templates = new List<IAM_SecurityGroupTemplate>();
        }

+        private string GetAdServer()
+        {
+            return string.IsNullOrWhiteSpace(effectiveDomainController) ? domainName : effectiveDomainController;
+        }
+
        private ResultToken checkRequiredVariables()
        {
            ResultToken resultToken = new ResultToken(System.Reflection.MethodBase.GetCurrentMethod().ToString());
@@ -302,6 +308,7 @@ namespace C4IT_IAM_SET
            {
                username = username,
                domainName = domainName,
+                effectiveDomainController = effectiveDomainController,
                password = password,
                ForceStrictAdGroupNames = forceStrictAdGroupNames,
                PreserveAdGroupNameCase = preserveAdGroupNameCase
@@ -441,7 +448,7 @@ namespace C4IT_IAM_SET
                    return resultToken;
                }

-                var domainContext = new PrincipalContext(ContextType.Domain, domainName, username, new NetworkCredential("", password).Password);
+                var domainContext = new PrincipalContext(ContextType.Domain, GetAdServer(), username, new NetworkCredential("", password).Password);
                DefaultLogger.LogEntry(LogLevels.Debug, "PrincipalContext erfolgreich erstellt.");

                // Überprüfen von newDataArea und IAM_Folders
@@ -1005,7 +1012,7 @@ namespace C4IT_IAM_SET
                return null;
            }

-            var basePath = "LDAP://" + domainName;
+            var basePath = "LDAP://" + GetAdServer();
            if (!string.IsNullOrWhiteSpace(groupOUPath))
                basePath += "/" + groupOUPath;

@@ -1213,6 +1220,7 @@ namespace C4IT_IAM_SET
            {
                ResultToken resultToken = new ResultToken(System.Reflection.MethodBase.GetCurrentMethod().ToString());
                resultToken.resultErrorId = 0;
+                newSecurityGroups.effectiveDomainController = effectiveDomainController;
                if (Directory.Exists(newDataArea.IAM_Folders[0].technicalName))
                {
                    resultToken.resultMessage = "New folder " + newDataArea.IAM_Folders[0].technicalName + " already exists";
@@ -1602,7 +1610,7 @@ namespace C4IT_IAM_SET

            try
            {
-                PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domainName, username, new NetworkCredential("", password).Password);
+                PrincipalContext ctx = new PrincipalContext(ContextType.Domain, GetAdServer(), username, new NetworkCredential("", password).Password);
                UserPrincipal user;
                user = UserPrincipal.FindByIdentity(ctx, IdentityType.Sid, (sid));
                return user;