v1.1.0 - Fix DN comparison in device page extension
This commit is contained in:
@@ -41,35 +41,28 @@ namespace Disco.Plugins.ADCompare.Features
|
||||
var hasManagedBy = !string.IsNullOrEmpty(managedByDN);
|
||||
var hasAssignment = !string.IsNullOrEmpty(discoAssignedUser);
|
||||
|
||||
string adManagedByUserId = null;
|
||||
string adManagedByName = null;
|
||||
// Extract display name from managedBy DN
|
||||
string managedByDisplayName = hasManagedBy ? ExtractCNFromDN(managedByDN) : null;
|
||||
|
||||
if (hasManagedBy)
|
||||
// Look up the Disco assigned user's DN in AD for comparison
|
||||
string assignedUserDN = null;
|
||||
if (hasAssignment)
|
||||
{
|
||||
try
|
||||
{
|
||||
var managedByUser = ActiveDirectory.RetrieveADUserAccount(managedByDN);
|
||||
if (managedByUser != null)
|
||||
{
|
||||
adManagedByUserId = managedByUser.Id;
|
||||
adManagedByName = managedByUser.DisplayName;
|
||||
}
|
||||
else
|
||||
{
|
||||
adManagedByUserId = managedByDN;
|
||||
}
|
||||
}
|
||||
catch
|
||||
{
|
||||
adManagedByUserId = managedByDN;
|
||||
var assignedUserAD = ActiveDirectory.RetrieveADUserAccount(discoAssignedUser);
|
||||
if (assignedUserAD != null)
|
||||
assignedUserDN = assignedUserAD.DistinguishedName;
|
||||
}
|
||||
catch { }
|
||||
}
|
||||
|
||||
// Compare DN-to-DN
|
||||
bool isMatch = false;
|
||||
if (!hasAssignment && !hasManagedBy)
|
||||
isMatch = true;
|
||||
else if (hasAssignment && hasManagedBy)
|
||||
isMatch = string.Equals(discoAssignedUser, adManagedByUserId, StringComparison.OrdinalIgnoreCase);
|
||||
else if (hasAssignment && hasManagedBy && assignedUserDN != null)
|
||||
isMatch = string.Equals(assignedUserDN, managedByDN, StringComparison.OrdinalIgnoreCase);
|
||||
|
||||
html.Append("<table class='table table-condensed' style='margin-bottom:10px;'>");
|
||||
|
||||
@@ -106,13 +99,7 @@ namespace Disco.Plugins.ADCompare.Features
|
||||
html.Append("<tr><td><strong>AD Managed By</strong></td><td>");
|
||||
if (hasManagedBy)
|
||||
{
|
||||
html.Append(Encode(adManagedByUserId));
|
||||
if (!string.IsNullOrEmpty(adManagedByName))
|
||||
{
|
||||
html.Append(" <span class='text-muted'>(");
|
||||
html.Append(Encode(adManagedByName));
|
||||
html.Append(")</span>");
|
||||
}
|
||||
html.Append(Encode(managedByDisplayName ?? managedByDN));
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -120,6 +107,7 @@ namespace Disco.Plugins.ADCompare.Features
|
||||
}
|
||||
html.Append("</td></tr>");
|
||||
|
||||
// Last Logon
|
||||
var lastLogonTicks = adAccount.GetPropertyValue<long>("lastLogonTimestamp");
|
||||
html.Append("<tr><td><strong>Last Login</strong></td><td>");
|
||||
if (lastLogonTicks > 0)
|
||||
@@ -166,6 +154,18 @@ namespace Disco.Plugins.ADCompare.Features
|
||||
return Literal(html.ToString());
|
||||
}
|
||||
|
||||
private string ExtractCNFromDN(string dn)
|
||||
{
|
||||
if (string.IsNullOrEmpty(dn)) return null;
|
||||
if (dn.StartsWith("CN=", StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
var commaIndex = dn.IndexOf(',');
|
||||
if (commaIndex > 3) return dn.Substring(3, commaIndex - 3);
|
||||
return dn.Substring(3);
|
||||
}
|
||||
return dn;
|
||||
}
|
||||
|
||||
private string Encode(string value)
|
||||
{
|
||||
if (string.IsNullOrEmpty(value)) return "";
|
||||
|
||||
Reference in New Issue
Block a user