303 lines
11 KiB
C#
303 lines
11 KiB
C#
//----------------------------------------------------------------------------
|
|
//
|
|
// Copyright (c) Intel Corporation, 2011 All Rights Reserved.
|
|
//
|
|
//----------------------------------------------------------------------------
|
|
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.ComponentModel;
|
|
using System.Reflection;
|
|
using Intel.Manageability;
|
|
using Intel.Manageability.ACL;
|
|
using Intel.Manageability.Exceptions;
|
|
using System.Security;
|
|
|
|
namespace ACLSample
|
|
{
|
|
public static class ACLFunctionality
|
|
{
|
|
|
|
|
|
public static void CreateOrUpdateDigestUser(IAMTInstance amt)
|
|
{
|
|
//------------------------
|
|
// Create DigestEntry
|
|
//------------------------
|
|
|
|
List<Realm> realms = new List<Realm>
|
|
{
|
|
Realm.HardwareAsset,
|
|
Realm.Storage
|
|
};
|
|
|
|
// Create SecureString by password.
|
|
using (SecureString secureString = new SecureString())
|
|
{
|
|
foreach (char c in "P@ssw0rd")
|
|
secureString.AppendChar(c);
|
|
|
|
var digestEntry = new DigestEntry("DigestUser", secureString, realms, AccessPermission.Network);
|
|
try
|
|
{
|
|
amt.Config.ACL.CreateOrUpdateDigestUser(digestEntry);
|
|
Console.WriteLine("Create digest user completed successfully.");
|
|
}
|
|
catch (ACLManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure);
|
|
}
|
|
catch (ManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message);
|
|
}
|
|
}
|
|
}
|
|
|
|
public static void GetAllDigestUsers(IAMTInstance amt)
|
|
{
|
|
try
|
|
{
|
|
var digestUsers = amt.Config.ACL.GetAllDigestUsers();
|
|
Console.WriteLine("\n DigestUsers Details");
|
|
Console.WriteLine(" -------------------");
|
|
// Display DigestUser details.
|
|
digestUsers.ForEach(e => DisplayDigestUser(e));
|
|
}
|
|
catch (ACLManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure);
|
|
}
|
|
catch (ManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message);
|
|
}
|
|
}
|
|
|
|
|
|
public static void GetDigestUser(IAMTInstance amt, string userName)
|
|
{
|
|
try
|
|
{
|
|
var digestEntry = amt.Config.ACL.GetDigestUser(userName);
|
|
Console.WriteLine("\n DigestUser Details");
|
|
// Display DigestUser details.
|
|
Console.WriteLine(" ------------------");
|
|
DisplayDigestUser(digestEntry);
|
|
}
|
|
catch (ACLManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure);
|
|
}
|
|
catch (ManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message);
|
|
}
|
|
|
|
}
|
|
|
|
public static void DeleteDigestUser(IAMTInstance amt, string userNameOrSid)
|
|
{
|
|
try
|
|
{
|
|
amt.Config.ACL.DeleteDigestUser(userNameOrSid);
|
|
Console.WriteLine("Delete digest user completed successfully.");
|
|
}
|
|
catch (ACLManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure);
|
|
}
|
|
catch (ManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message);
|
|
}
|
|
}
|
|
|
|
|
|
|
|
public static void CreateOrUpdateKerberosUser(IAMTInstance amt, string userNameOrSid)
|
|
{
|
|
//------------------------
|
|
// Create KerberosEntry
|
|
//------------------------
|
|
|
|
List<Realm> realms = new List<Realm> { Realm.Administration };
|
|
|
|
KerberosEntry kerberosEntry = new KerberosEntry(userNameOrSid, realms, AccessPermission.Any);
|
|
|
|
try
|
|
{
|
|
amt.Config.ACL.CreateOrUpdateKerberosUser(kerberosEntry);
|
|
Console.WriteLine("Create kerberos user completed successfully.");
|
|
}
|
|
catch (ACLManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure);
|
|
}
|
|
catch (ManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message);
|
|
}
|
|
}
|
|
|
|
public static void GetAllKerberosUsers(IAMTInstance amt)
|
|
{
|
|
try
|
|
{
|
|
var kerberosUsers = amt.Config.ACL.GetAllKerberosUsers();
|
|
Console.WriteLine("\n KerberosUsers Details");
|
|
Console.WriteLine(" ---------------------");
|
|
kerberosUsers.ForEach(e => DisplayKerberosUser(e));
|
|
}
|
|
catch (ACLManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure);
|
|
}
|
|
catch (ManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message);
|
|
}
|
|
}
|
|
|
|
|
|
public static void GetKerberosUser(IAMTInstance amt, string userNameOrSid)
|
|
{
|
|
try
|
|
{
|
|
// If UserNameOrSid equals to Domain\\UserName calculate the appropriate SID.
|
|
var kerberosUser = amt.Config.ACL.GetKerberosUser(userNameOrSid);
|
|
Console.WriteLine("\n KerberosUser Details");
|
|
Console.WriteLine(" --------------------");
|
|
DisplayKerberosUser(kerberosUser);
|
|
}
|
|
catch (ACLManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure);
|
|
}
|
|
catch (ManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message);
|
|
}
|
|
|
|
}
|
|
|
|
public static void DeleteKerberosUser(IAMTInstance amt, string userNameOrSid)
|
|
{
|
|
try
|
|
{
|
|
amt.Config.ACL.DeleteKerberosUser(userNameOrSid);
|
|
Console.WriteLine("Delete kerberos user completed successfully.");
|
|
}
|
|
catch (ACLManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure);
|
|
}
|
|
catch(ManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message);
|
|
}
|
|
}
|
|
|
|
public static void UpdateAdminUser(IAMTInstance amt, string UserName, string password)
|
|
{
|
|
try
|
|
{
|
|
// Create SecureString by password.
|
|
if (password == null)
|
|
{
|
|
Console.WriteLine("UpdateAdmin failed with error: Failed to update Admin user. ACLFailor: InvalidPassword");
|
|
return;
|
|
}
|
|
|
|
using (SecureString secureString = new SecureString())
|
|
{
|
|
foreach (char c in password)
|
|
secureString.AppendChar(c);
|
|
|
|
amt.Config.ACL.UpdateAdmin(UserName, secureString);
|
|
}
|
|
Console.WriteLine("Update admin user completed successfully.");
|
|
}
|
|
catch (ACLManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1} ACLFailor: {2}\n",e.Source ,e.Message, e.Failure);
|
|
}
|
|
catch(ManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message);
|
|
}
|
|
}
|
|
|
|
public static void GetAdminUser(IAMTInstance amt)
|
|
{
|
|
try
|
|
{
|
|
string adminUser = amt.Config.ACL.GetAdminUser();
|
|
Console.WriteLine("The name of the admin user is "+adminUser);
|
|
}
|
|
catch (ACLManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1} ACLFailure: {2}\n", e.Source, e.Message, e.Failure);
|
|
}
|
|
catch (ManageabilityException e)
|
|
{
|
|
Console.WriteLine("{0} failed with error: {1}\n", e.Source, e.Message);
|
|
}
|
|
}
|
|
|
|
public static void DisplayDigestUser(DigestEntry user)
|
|
{
|
|
Console.WriteLine("\n * Name : " + user.UserName);
|
|
|
|
// Get description attribute of AccessPermission.
|
|
Type type = user.Access.GetType();
|
|
MemberInfo[] memInfo = type.GetMember(user.Access.ToString());
|
|
object[] attributes = memInfo[0].GetCustomAttributes(typeof(DescriptionAttribute), false);
|
|
string accessPermission = ((DescriptionAttribute)attributes[0]).Description;
|
|
Console.WriteLine(" Permission : " + accessPermission);
|
|
|
|
// Get description attribute of Realms.
|
|
Console.Write(" Realms : ");
|
|
foreach (Realm realm in user.Realms)
|
|
{
|
|
if ((uint)realm != 23 && (uint)realm != 22 && (uint)realm != 1)
|
|
{
|
|
type = realm.GetType();
|
|
memInfo = type.GetMember(realm.ToString());
|
|
attributes = memInfo[0].GetCustomAttributes(typeof(DescriptionAttribute), false);
|
|
string realmString = ((DescriptionAttribute)attributes[0]).Description;
|
|
Console.Write(realmString + ", ");
|
|
}
|
|
}
|
|
Console.Write("\b\b \n");
|
|
}
|
|
|
|
public static void DisplayKerberosUser(KerberosEntry user)
|
|
{
|
|
Console.WriteLine("\n * SID : " + user.UserNameOrSID);
|
|
|
|
// Get description attribute of AccessPermission.
|
|
Type type = user.Access.GetType();
|
|
MemberInfo[] memInfo = type.GetMember(user.Access.ToString());
|
|
object[] attributes = memInfo[0].GetCustomAttributes(typeof(DescriptionAttribute), false);
|
|
string accessPermission = ((DescriptionAttribute)attributes[0]).Description;
|
|
Console.WriteLine(" Permission : " + accessPermission);
|
|
|
|
// Get description attribute of Realms.
|
|
Console.Write(" Realms : ");
|
|
foreach (Realm realm in user.Realms)
|
|
{
|
|
if ((uint)realm != 23 && (uint)realm != 22 && (uint)realm != 1)
|
|
{
|
|
type = realm.GetType();
|
|
memInfo = type.GetMember(realm.ToString());
|
|
attributes = memInfo[0].GetCustomAttributes(typeof(DescriptionAttribute), false);
|
|
string realmString = ((DescriptionAttribute)attributes[0]).Description;
|
|
Console.Write(realmString + ", ");
|
|
}
|
|
}
|
|
Console.Write("\b\b \n");
|
|
}
|
|
}
|
|
}
|