//---------------------------------------------------------------------------- // // Copyright (c) Intel Corporation, 2011 All Rights Reserved. // //---------------------------------------------------------------------------- using System; using System.Collections.Generic; using System.ComponentModel; using System.Reflection; using Intel.Manageability; using Intel.Manageability.ACL; using Intel.Manageability.Exceptions; using System.Security; namespace ACLSample { public static class ACLFunctionality { public static void CreateOrUpdateDigestUser(IAMTInstance amt) { //------------------------ // Create DigestEntry //------------------------ List realms = new List { Realm.HardwareAsset, Realm.Storage }; // Create SecureString by password. using (SecureString secureString = new SecureString()) { foreach (char c in "P@ssw0rd") secureString.AppendChar(c); var digestEntry = new DigestEntry("DigestUser", secureString, realms, AccessPermission.Network); try { amt.Config.ACL.CreateOrUpdateDigestUser(digestEntry); Console.WriteLine("Create digest user completed successfully."); } catch (ACLManageabilityException e) { Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure); } catch (ManageabilityException e) { Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message); } } } public static void GetAllDigestUsers(IAMTInstance amt) { try { var digestUsers = amt.Config.ACL.GetAllDigestUsers(); Console.WriteLine("\n DigestUsers Details"); Console.WriteLine(" -------------------"); // Display DigestUser details. digestUsers.ForEach(e => DisplayDigestUser(e)); } catch (ACLManageabilityException e) { Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure); } catch (ManageabilityException e) { Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message); } } public static void GetDigestUser(IAMTInstance amt, string userName) { try { var digestEntry = amt.Config.ACL.GetDigestUser(userName); Console.WriteLine("\n DigestUser Details"); // Display DigestUser details. Console.WriteLine(" ------------------"); DisplayDigestUser(digestEntry); } catch (ACLManageabilityException e) { Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure); } catch (ManageabilityException e) { Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message); } } public static void DeleteDigestUser(IAMTInstance amt, string userNameOrSid) { try { amt.Config.ACL.DeleteDigestUser(userNameOrSid); Console.WriteLine("Delete digest user completed successfully."); } catch (ACLManageabilityException e) { Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure); } catch (ManageabilityException e) { Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message); } } public static void CreateOrUpdateKerberosUser(IAMTInstance amt, string userNameOrSid) { //------------------------ // Create KerberosEntry //------------------------ List realms = new List { Realm.Administration }; KerberosEntry kerberosEntry = new KerberosEntry(userNameOrSid, realms, AccessPermission.Any); try { amt.Config.ACL.CreateOrUpdateKerberosUser(kerberosEntry); Console.WriteLine("Create kerberos user completed successfully."); } catch (ACLManageabilityException e) { Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure); } catch (ManageabilityException e) { Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message); } } public static void GetAllKerberosUsers(IAMTInstance amt) { try { var kerberosUsers = amt.Config.ACL.GetAllKerberosUsers(); Console.WriteLine("\n KerberosUsers Details"); Console.WriteLine(" ---------------------"); kerberosUsers.ForEach(e => DisplayKerberosUser(e)); } catch (ACLManageabilityException e) { Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure); } catch (ManageabilityException e) { Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message); } } public static void GetKerberosUser(IAMTInstance amt, string userNameOrSid) { try { // If UserNameOrSid equals to Domain\\UserName calculate the appropriate SID. var kerberosUser = amt.Config.ACL.GetKerberosUser(userNameOrSid); Console.WriteLine("\n KerberosUser Details"); Console.WriteLine(" --------------------"); DisplayKerberosUser(kerberosUser); } catch (ACLManageabilityException e) { Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure); } catch (ManageabilityException e) { Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message); } } public static void DeleteKerberosUser(IAMTInstance amt, string userNameOrSid) { try { amt.Config.ACL.DeleteKerberosUser(userNameOrSid); Console.WriteLine("Delete kerberos user completed successfully."); } catch (ACLManageabilityException e) { Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure); } catch(ManageabilityException e) { Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message); } } public static void UpdateAdminUser(IAMTInstance amt, string UserName, string password) { try { // Create SecureString by password. if (password == null) { Console.WriteLine("UpdateAdmin failed with error: Failed to update Admin user. ACLFailor: InvalidPassword"); return; } using (SecureString secureString = new SecureString()) { foreach (char c in password) secureString.AppendChar(c); amt.Config.ACL.UpdateAdmin(UserName, secureString); } Console.WriteLine("Update admin user completed successfully."); } catch (ACLManageabilityException e) { Console.WriteLine("{0} failed with error: {1} ACLFailor: {2}\n",e.Source ,e.Message, e.Failure); } catch(ManageabilityException e) { Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message); } } public static void GetAdminUser(IAMTInstance amt) { try { string adminUser = amt.Config.ACL.GetAdminUser(); Console.WriteLine("The name of the admin user is "+adminUser); } catch (ACLManageabilityException e) { Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure); } catch (ManageabilityException e) { Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message); } } public static void DisplayDigestUser(DigestEntry user) { Console.WriteLine("\n * Name : " + user.UserName); // Get description attribute of AccessPermission. Type type = user.Access.GetType(); MemberInfo[] memInfo = type.GetMember(user.Access.ToString()); object[] attributes = memInfo[0].GetCustomAttributes(typeof(DescriptionAttribute), false); string accessPermission = ((DescriptionAttribute)attributes[0]).Description; Console.WriteLine(" Permission : " + accessPermission); // Get description attribute of Realms. Console.Write(" Realms : "); foreach (Realm realm in user.Realms) { if ((uint)realm != 23 && (uint)realm != 22 && (uint)realm != 1) { type = realm.GetType(); memInfo = type.GetMember(realm.ToString()); attributes = memInfo[0].GetCustomAttributes(typeof(DescriptionAttribute), false); string realmString = ((DescriptionAttribute)attributes[0]).Description; Console.Write(realmString + ", "); } } Console.Write("\b\b \n"); } public static void DisplayKerberosUser(KerberosEntry user) { Console.WriteLine("\n * SID : " + user.UserNameOrSID); // Get description attribute of AccessPermission. Type type = user.Access.GetType(); MemberInfo[] memInfo = type.GetMember(user.Access.ToString()); object[] attributes = memInfo[0].GetCustomAttributes(typeof(DescriptionAttribute), false); string accessPermission = ((DescriptionAttribute)attributes[0]).Description; Console.WriteLine(" Permission : " + accessPermission); // Get description attribute of Realms. Console.Write(" Realms : "); foreach (Realm realm in user.Realms) { if ((uint)realm != 23 && (uint)realm != 22 && (uint)realm != 1) { type = realm.GetType(); memInfo = type.GetMember(realm.ToString()); attributes = memInfo[0].GetCustomAttributes(typeof(DescriptionAttribute), false); string realmString = ((DescriptionAttribute)attributes[0]).Description; Console.Write(realmString + ", "); } } Console.Write("\b\b \n"); } } }