I am trying to retrieve some attributes of a terminal service user(eg.ms-TS-Allow-Logon) through ADSI.
I tried something like
LPOLESTR pszPropertyList [] = {L"ms-TS-Allow-Logon"};
swprintf_s(pszSearchFilter, dwLength, L"(&(objectCategory=person)(objectClass=user)");
hr = pContainerToSearch->ExecuteSearch(pszSearchFilter,
pszPropertyList,
sizeof(pszPropertyList)/sizeof(LPOLESTR),
&hSearch
);
But it doesn't work.
Where can I get the exact attribute names to be passed to an ADSI call for all these terminal service names(like ms-TS-Allow-Logon, ms-TS-Endpoint-Type etc)
Thanks
Sunil
according to MSDN ms-TS-Allow-Logon attribute the ldap name for this attribute is msTSAllowLogon
We can get all the attribute names using the ADSI tool that gets shipped along with the activedirectory
Related
I have created a new index that is populated using an indexer. The indexer's datasource is a SQL view that has a Timestamp column of type datetime. Since we don't want a full reindexing each time the indexer runs, this column should be used to determine which data have changed since the last indexer run.
According to the documentation we need to create or update the datasource by setting the HighWatermarkColumnName and ODataType to the DataChangeDetectionPolicy object. The example in the documentation uses the REST API and there is also way to do it using the azure search portal directly.
However I want to do it using .netsdk and so far I haven't been able to do so. I am using Azure.Search.Documents(11.2.0 - beta.2). Here is the part of the code I use to create the datasource:
SearchIndexerDataSourceConnection CreateIndexerDataSource()
{
var ds = new SearchIndexerDataSourceConnection(DATASOURCE,
SearchIndexerDataSourceType.AzureSql,
this._datasourceConStringMaxEvents,
new SearchIndexerDataContainer(SQLVIEW));
//ds.DataChangeDetectionPolicy = new DataChangeDetectionPolicy();
return ds;
}
The commented code is what I tried to do to initialize the DataChangeDetectionPolicy but there is no ctor exposed. Am I missing something?
Thanks in advance.
Instead of using DataChangeDetectionPolicy, you will need to use HighWaterMarkChangeDetectionPolicy which is derived from DataChangeDetectionPolicy.
So your code would be something like:
ds.DataChangeDetectionPolicy = new HighWaterMarkChangeDetectionPolicy("Timestamp");
I need to support database logging.
For that I decided to use nlog because it brings database support.
But first of all I need to setup the configuration programatically.
As far as I understood it I have to set the layout for the target.
But the class "DatabaseTarget" does not have any property related to Layout :/.
var dbTarget = new DatabaseTarget();
dbTarget.ConnectionString = LogConnectionString;
dbTarget.CommandType = System.Data.CommandType.StoredProcedure;
dbTarget.CommandText = "exec dbo.InsertLog #level=${level}, #callSite=${callsite}, #message=${message}, #stackTrace=${stacktrace}, #machinename=${machinename}, #processname=${processname}";
Is the layout definition really necessary for the DatabaseTarget. If so how do I set it programatically?
Additionally I want to pass some information. But I am not sure how I can assign those informations for the procedure.
As far as I understood it I can assign those variables:
https://github.com/nlog/nlog/wiki/Layout-Renderers
But NLog support generic arguments with his Log Method. It looks like this:
_nLog.Log<AJourFaultLevel>(ConvertLogLevel(logEntry.Level), logEntry.Message, logEntry.Fault);
How can I assign the passed "logEntry.Fault" value for my stored procedure?
Best regards
Your current log-statement injects logEntry.Fault as parameter into string.Format(logEntry.Message, logEntry.Fault):
_nLog.Log<AJourFaultLevel>(ConvertLogLevel(logEntry.Level), logEntry.Message, logEntry.Fault);
If you are using NLog 4.5 then you can use structured-logging where you can name the parameter like this:
_nLog.Log<AJourFaultLevel>(ConvertLogLevel(logEntry.Level), "Fault occurred: {AJourFaultLevel}", logEntry.Fault);
Then you can access the named parameter using ${event-properties:item=}:
dbTarget.CommandText = "exec dbo.InsertLog #level=${level}, #callSite=${callsite}, #message=${message}, #stackTrace=${stacktrace}, #machinename=${machinename}, #processname=${processname}, #faultLevel=${event-properties:item=AJourFaultLevel}";
Got this information when I wrote out the DistinguishedName property on UserPrincipal class.
CN=Test Testie, OU=123,OU=Company,OU=Accounts,DC=myServer,DC=local
And im woundering if there is a property to get the nr 123 from OU. Is there any other property to get that or is this the best way to filter out my information?
\No. There is no "Parent" property.
Every object bellow the root has a parent being either an organizational unit (OU=) on a container (CN=). So just parse what is between the first two commas and remove OU= and CN=. That way you have the Name property.
Beware that it is possible to have objects with commas in their names. It then look like this:
Great OU, The
CN=Test Testie,OU=Great OU\,The,OU=Company,OU=Accounts,DC=myServer,DC=local
Testie, Test
CN=Testie\, Test
,OU=123,The,OU=Company,OU=Accounts,DC=myServer,DC=local
So you need to check for a backslah before parsing! If found, you then need to parse, between the first and the third comma.
Here is a link about "special" characters in Distinguished Names.
Ok, it's working but it doesn't feels like the best practice to do like this:
var ctx = new PrincipalContext(ContextType.Domain, "myDomain.local");
var user = UserPrincipal.FindByIdentity(ctx, "myUser");
var auth = user.GetAuthorizationGroups().Any(x => x.Name.Contains("myGroup"));
Because the thing is that I need to use contains because the group could look like this:
myGroup.xxxx.111
Any better way to soulve this?
I have been using PyroCMS and CI for quite some time, and truly love it.
I am extending a DB module that will allow an admin user to manage a DB without having to use something like phpMyAdmin.
The only thing I have been able to get working however is Browsing a table's field values (i.e 'SELECT * FROM 'table_name').
I want to include more functions, but I can't seem to get dbforge to work properly. I know it is loaded because dbforge is used to uninstall modules. I also get no error when calling functions from it.
Here is an example of my code from the controller (dbforge has already been loaded).
public function drop($table_name)
{
$table_name = $this->uri->segment(4);
$this->dbforge->drop_table($table_name);
redirect('admin/database/tables');
}
Lets say the function gets called from this url:
.../admin/database/drop/table_name
It appears to work... but instead it just redirects to the tables overview.
Is there something I am missing? Shouldn't [$this->dbforge->drop_table($table_name);] always drop a table (given $table_name is valid)?
EDIT
As a work around, I was able to use:
public function drop($table_name)
{
$table_name = $this->uri->segment(4);
//$this->dbforge->drop_table($table_name);
$this->db->query("DROP TABLE ".$table_name);
redirect('admin/database/tables');
return TRUE;
}
I really would like to use DB forge, however...
I think you might be getting a little confused by the site prefixes in PyroCMS 1.3.x.
By default all installations of Community and Professional will have default_ as a prefix for all tables in the first site. If you have Professional you can add new sites and the site reference will be whatever_ instead of default_
This prefix is accounted for by dbforge, so when you want to delete default_blog you would just delete:
/admin/database/drop/blog
Also, why are you accepting the $table_name as an argument then overriding it with a uri segment?
Also, why are you accepting the $table_name as an argument then overriding it with a uri segment?
See what I did there? xD
public function drop($table_name)
{
$this->dbforge->drop_table($table_name);
redirect('admin/database/tables');
}
I'm trying to find out the unboundid AttributeSyntax type for a specific attribute name and it's simply not working.
Here's the example test code that I'm using to achieve this:
#Test
public void testLDAPSchema() {
try {
LDAPConnection connection = new LDAPConnection();
connection.connect("hessmain", 389);
connection.bind("CN=Administrator,CN=Users,DC=FISHBOWL,DC=NET", "password");
Schema s = connection.getSchema();
System.out.println(s.toString());
AttributeTypeDefinition atd = s.getAttributeType("directReports");
Set<AttributeTypeDefinition> oat = s.getOperationalAttributeTypes();
Set<AttributeSyntaxDefinition> l = s.getAttributeSyntaxes();
AttributeSyntaxDefinition asd1 = s.getAttributeSyntax(atd.getOID());
AttributeSyntaxDefinition asd2 = s.getAttributeSyntax(atd.getSyntaxOID());
AttributeSyntaxDefinition asd3 = s.getAttributeSyntax(atd.getBaseSyntaxOID());
connection.close();
} catch (Exception e) {
Assert.fail(e.getMessage());
}
}
From the above code, all the sets are empty. This also means that no matter which OID I pass to the schema getAttributeSyntax method that I will simply get a null return.
Is there any reason why I can't get the attribute syntaxes from an Active Directory server schema?
Thanks
I don't think that this is specific to the UnboundID LDAP SDK for Java. I'm not sure that Active Directory exposes this information over LDAP. When I perform a general LDAP search to retrieve schema information, I can see the attributeTypes and objectClasses attributes, but ldapSyntaxes isn't returned (and in fact ldapSyntaxes doesn't appear in the list of attribute types).
Similarly, none of the attribute type definitions includes a USAGE element, which is what is used to indicate that the attribute type is operational (e.g., "USAGE directoryOperation").
It may well be that Active Directory simply doesn't report this information at all. It could be that it provides some other non-standard way to get this information (e.g., a control or extended operation, or some other entry that can be retrieved), but if there is then I don't know about it.