Add user to all Domain Controllers in local site to reflect the permissions immediately

By Perry
Access over 40 UI widgets with everything from interactive menus to rich charts.

This program gets all the domain controllers available in the specified site and add the specified user into the group specified to all the domain controllers. Like this you can avoid the delay in the permission reflection after user has been added to the domain controller because it is possible that user has been added to DC1 and your application checks the permissions on DC2. Note that the running context of this application has to have the permission to access/write in active directory.

Usage:

adduser.exe mygroup domain\userid => This will retrieve all the Domain Controllers available in user's local site and add user in all DCs

Complete C# Code:
----------------
using System;
using System.IO;
using System.Text;
using Microsoft.Win32;
using System.Security;
using System.Threading;
using System.Reflection;
using System.Diagnostics;
using System.Configuration;
using System.Globalization;
using System.ComponentModel;
using System.DirectoryServices;
using System.Security.Principal;
using System.Collections.Generic;
using System.Security.Permissions;
using System.Text.RegularExpressions;
using System.Runtime.InteropServices;
using System.Runtime.Remoting.Contexts;
using System.Runtime.Remoting.Messaging;

namespace DCReflactionTest
{
    class Program
    {
        static void Main(string[] args)
        {
            string privilegesGroup = args[0];
            string userName = args[1];
            string DistName = null;         
            object[] user_path = null;          
            // get the domain/host name and user name
            string[] un_split = userName.Split(new char[] { '\\' });
            string dhn_part = un_split[0];
            string un_part = un_split[1];
            int i = 0;

            DirectoryEntry root = new DirectoryEntry("LDAP://RootDSE");
            DirectoryEntry group = null;
            SearchResult userDN, groupDN;
            DirectorySearcher dsGroup, ds;

            string namingContext = (string)root.Properties["defaultNamingContext"].Value;
            if (namingContext == null)
                namingContext = (string)root.Properties["namingContext"].Value;                        
           
            //Get the timestamp
            DateTime oldDate = new DateTime(2000, 1, 1);
            DateTime newDate = DateTime.Now;
            TimeSpan ts = newDate - oldDate;        
            //Find the all site           
            string[] sites = getAllDCs(Environment.GetEnvironmentVariable("site")).Split(new char[]{'\n'});
            for (i = 0; i < sites.Length; i++)
            {               
                sites[i] = sites[i].Trim();
                System.Console.WriteLine("For " + sites[i]);
                sites[i] = sites[i].Substring(1, sites[i].Length - 2);
                System.Console.WriteLine("Site: " + sites[i]);
                root = new DirectoryEntry("LDAP://" + sites[i] + "/" + namingContext);

                ds = new DirectorySearcher(root,
                                       "samAccountName=" + un_part
                                       , null
                                       , SearchScope.Subtree);
                userDN = ds.FindOne();

                dsGroup = new DirectorySearcher(root,
                                      "samAccountName=" + privilegesGroup
                                      , null
                                      , SearchScope.Subtree);

                groupDN = dsGroup.FindOne();
                group = groupDN.GetDirectoryEntry();

                if (userDN != null)
                    DistName = userDN.Path;
                else
                    throw new Exception("User: " + un_part + " is not found in AD");

                user_path = new object[] { DistName };

                Thread.Sleep(10000);
                try
                {
                    //check if user already member of the specified group
                    if (!bool.Parse(Convert.ToString(
                           group.Invoke("IsMember", user_path),
                           CultureInfo.CurrentCulture)))
                    {
                        if (i == 1)
                        {
                            System.Console.WriteLine("User not exist...waiting...");
                            Thread.Sleep(20000);
                            if (bool.Parse(Convert.ToString(
                           group.Invoke("IsMember", user_path),
                           CultureInfo.CurrentCulture)))
                                System.Console.WriteLine("User Found");
                        }
                        try
                        {
                            group.Invoke("Add", user_path);
                            group.CommitChanges();                          
                            System.Console.WriteLine("Site: " + sites[i] + "  " + DistName + " is added " + privilegesGroup);
                        }
                        catch (Exception ex)
                        {
                            System.Console.WriteLine("Exception: " + ex.Message);
                        }
                    }
                    else
                        System.Console.WriteLine(user_path + " is already member of " + privilegesGroup);
                }
                catch (Exception ex)
                {
                    System.Console.WriteLine("Exception: " + ex.Message);
                }
               
            }
            if (group != null)
            {
                group.Invoke("Remove", user_path);
                group.CommitChanges();
                group.Close();
                group.Dispose();
            }           
            newDate = DateTime.Now;
            TimeSpan ts2 = newDate - oldDate;   
            System.Console.WriteLine("ms: " +  (ts2.TotalMilliseconds -  ts.TotalMilliseconds));
            System.Console.Read();
        }

        private static string getAllDCs(string site)
        {
            //Start the process           
            Process MyProcess = new Process();
            MyProcess.StartInfo.FileName = "cmd.exe";
            MyProcess.StartInfo.CreateNoWindow = true;
            MyProcess.StartInfo.Arguments = "/c dsquery server -o rdn -site " + site;
            MyProcess.StartInfo.UseShellExecute = false;
            MyProcess.StartInfo.RedirectStandardInput = true;
            MyProcess.StartInfo.RedirectStandardOutput = true;
            MyProcess.StartInfo.WorkingDirectory = ".";
            MyProcess.StartInfo.RedirectStandardError = true;
            MyProcess.Start();
            //wait for some time so that output will be ready          
            Thread.Sleep(50);
            string output = MyProcess.StandardOutput.ReadToEnd().ToString();
            MyProcess.StandardOutput.DiscardBufferedData();
            return output.Trim();
        }
    }
}
Regards,
Megha

Popularity  (1031 Views)