Rules Extensions – MA Extension

This post has been republished via RSS; it originally appeared at: Core Infrastructure and Security Blog articles.

First published on MSDN on Jun 23, 2017

The following is just an example of what an MA Extension would like like and should only be used as a reference on how to build your own MA Extension, I use this post as a reference for all my MA Extension Post which I have broken up into sections

Rules Extensions – ShouldProjectToMV


Rules Extensions – MapAttributesForImport


Rules Extensions – MapAttributesForJoin



2 Way Account Expires Rules Extension




using System;
using Microsoft.MetadirectoryServices;
using System.Globalization;
using System.Security.Principal;
// Date Changed 23 June 2017
namespace Mms_ManagementAgent_MAExtension
{
/// <summary>
/// Summary description for MAExtensionObject.
/// </summary>
public class MAExtensionObject : IMASynchronization
{
const string FSP = "foreignSecurityPrincipal";
const string ADMA1 = "Contoso ADMA";
const string ADMA2 = "Fabrikam ADMA";
const string ADMA3 = "Fabrikam SPMA";
public MAExtensionObject()
{
//
// TODO: Add constructor logic here
//
}
void IMASynchronization.Initialize()
{
//
// TODO: write initialization code
//
}
void IMASynchronization.Terminate()
{
//
// TODO: write termination code
//
}
//bool IMASynchronization.ShouldProjectToMV(CSEntry csentry, out string MVObjectType)
//{
//    MVObjectType = "foreignSecurityPrincipal";
//    bool ShouldProject = false;
//    if (csentry["whatever"].StringValue.Length >= 30)
//    {
//        ShouldProject = true;
//    }
//    return ShouldProject;
//}
bool IMASynchronization.ShouldProjectToMV(CSEntry csentry, out string MVObjectType)
{
string fsp = "foreignSecurityPrincipal";
bool ShouldProject = false;
MVObjectType = null;
switch (csentry.MA.Name)
{
case ADMA1:
{
MVObjectType = "person";
ShouldProject = true;
}
break;
case ADMA2:
{
MVObjectType = "group";
ShouldProject = true;
}
break;
case ADMA3:
switch (csentry.ObjectType)
{
case FSP:
{
MVObjectType = fsp;
if (csentry["cn"].StringValue.Length >= 30)
{
ShouldProject = true;
}
}
break;
}
break;
default: throw new EntryPointNotImplementedException();
}
return ShouldProject;
}
DeprovisionAction IMASynchronization.Deprovision(CSEntry csentry)
{
//
// TODO: Remove this throw statement if you implement this method
//
throw new EntryPointNotImplementedException();
}
bool IMASynchronization.FilterForDisconnection(CSEntry csentry)
{
//
// TODO: write connector filter code
//
throw new EntryPointNotImplementedException();
}
void IMASynchronization.MapAttributesForJoin(string FlowRuleName, CSEntry csentry, ref ValueCollection values)
{
switch (FlowRuleName)
{
case "SPAccountName":
//
// TODO: write join mapping code
//
values.Add(csentry["samAccountName"].StringValue.Replace("SP_", ""));
break;
case "BuildAccountName":
if (csentry["accountName"].IsPresent)
{
values.Add(csentry["accountName"].StringValue);
}
else if (csentry["firstName"].IsPresent && csentry["lastName"].IsPresent)
{
values.Add(csentry["firstName"].StringValue + "." + csentry["lastName"].StringValue);
}
break;
}
}
bool IMASynchronization.ResolveJoinSearch(string joinCriteriaName, CSEntry csentry, MVEntry[] rgmventry, out int imventry, ref string MVObjectType)
{
//
// TODO: write join resolution code
//
throw new EntryPointNotImplementedException();
}
void IMASynchronization.MapAttributesForImport(string FlowRuleName, CSEntry csentry, MVEntry mventry)
{
string csAttrib;
string mvAttrib;
long dtInt;
string targetFormat;
string sourceFormat;
//
// TODO: write your import attribute flow code
//
switch (FlowRuleName)
{
case "getDate":
mvAttrib = "deprovisionDate";
if (mventry.ConnectedMAs[ADMA1].Connectors.Count == 0)
{
if (mventry[mvAttrib].IsPresent && !string.IsNullOrWhiteSpace(mvAttrib))
{
DateTime depoDate;
if (!DateTime.TryParse(mventry[mvAttrib].Value, out depoDate))
{
//mventry ["deprovisionDate"].Value = DateTime.Now.AddDays(90).ToString("yyyy'-'MM'-'dd'T'HH':'mm':'ss'.000'");
mventry[mvAttrib].Value = DateTime.Now.AddDays(90).ToString("yyyy-MM-ddTHH:mm:ss.000");
}
else
{
mventry[mvAttrib].Value = DateTime.Now.AddDays(90).ToString("yyyy-MM-ddTHH:mm:ss.000");
}
}
else
{
mventry[mvAttrib].Value = DateTime.Now.AddDays(90).ToString("yyyy-MM-ddTHH:mm:ss.000");
}
}
break;
case "removeDate":
mvAttrib = "deprovisionDate";
if (mventry.ConnectedMAs[ADMA1].Connectors.Count == 1)
{
if (mventry[mvAttrib].IsPresent)
{
mventry[mvAttrib].Values.Clear();
}
}
break;
case "employeeEndDate":
csAttrib = "accountExpires";
mvAttrib = "employeeEndDate";
dtInt = csentry[csAttrib].IntegerValue;
//targetFormat = "yyyy'-'MM'-'dd'T'HH':'mm':'ss'.000'";
targetFormat = "yyyy-MM-ddTHH:mm:ss.000";
//targetFormat = "M/d/yyyy h:mm tt";
sourceFormat = string.Empty;
GetDateString(csentry, mventry, dtInt, mvAttrib, sourceFormat, targetFormat);
break;
case "pwdLastSet":
csAttrib = "pwdLastSet";
mvAttrib = "pwdLastSet";
dtInt = csentry[csAttrib].IntegerValue;
targetFormat = "M/d/yyyy h:mm tt";
sourceFormat = string.Empty; ;
if (csentry[csAttrib].IsPresent && csentry[csAttrib].IntegerValue != 0)
GetDateString(csentry, mventry, dtInt, mvAttrib, sourceFormat, targetFormat);
///mventry[mvAttrib].Value = ConvertFileTimeToFimTimeStamp(csentry[csAttrib].IntegerValue);
else
mventry[mvAttrib].Delete();
break;
case "pwdExpires":
csAttrib = "pwdLastSet";
mvAttrib = "pwdExpires";
dtInt = csentry[csAttrib].IntegerValue;
targetFormat = "M/d/yyyy h:mm tt";
sourceFormat = string.Empty;
if (csentry[csAttrib].IsPresent && csentry[csAttrib].IntegerValue != 0)
GetDateString(csentry, mventry, dtInt, mvAttrib, sourceFormat, targetFormat, 180);
///mventry[mvAttrib].Value = ConvertFileTimeToFimTimeStamp(csentry[csAttrib].IntegerValue);
else
mventry[mvAttrib].Delete();
break;
case "lastLogonTimestamp":
csAttrib = "lastLogonTimestamp";
mvAttrib = "lastLogonTimestamp";
dtInt = csentry[csAttrib].IntegerValue;
targetFormat = "M/d/yyyy h:mm tt";
sourceFormat = string.Empty;
if (csentry[csAttrib].IsPresent && csentry[csAttrib].IntegerValue != 0)
GetDateString(csentry, mventry, dtInt, mvAttrib, sourceFormat, targetFormat);
//mventry[mvAttrib].Value = ConvertFileTimeToFimTimeStamp(csentry[csAttrib].IntegerValue);
else
mventry[mvAttrib].Delete();
break;
case "createdDate":
csAttrib = "whenCreated";
mvAttrib = "createDate";
string dateStr = csentry[csAttrib].StringValue;
targetFormat = "M/dd/yyyy h:mm:ss tt";
sourceFormat = "yyyyMMddHHmmss.0Z";
GetDateString(csentry, mventry, dateStr, mvAttrib, sourceFormat, targetFormat);
break;
case "objectSidString":
string objectSidString = ConvertSidToString(csentry["objectSid"].BinaryValue);
mventry["objectSidSTring"].StringValue = objectSidString;
break;
}
}

void IMASynchronization.MapAttributesForExport(string FlowRuleName, MVEntry mventry, CSEntry csentry)
{
//
// TODO: write your export attribute flow code
//
//
// TODO: write your export attribute flow code
//
switch (FlowRuleName)
{
case "accountExpires":
CultureInfo provider = CultureInfo.InvariantCulture;
if (mventry["employeeEndDate"].ToString() != "")
{
//DateTime dtFileTime = DateTime.ParseExact(mventry["employeeEndDate"].Value, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'.000'", provider);
DateTime dtFileTime = DateTime.Parse(mventry["employeeEndDate"].Value, provider);
csentry["accountExpires"].IntegerValue = dtFileTime.ToFileTime();
}
else
{
csentry["accountExpires"].Value = "9223372036854775807";
}
break;
}
}
#region helper functions
private static void GetDateString(CSEntry csentry, MVEntry mventry, long dtInt, string mvAttrib, string sourceFormat, string targetFormat, int days = 0)
{
if (dtInt == 0 || dtInt == 9223372036854775807)
{
// This is a special condition, do not contribute and delete any current value
mventry[mvAttrib].Delete();
}
else
{
DateTime dtFileTime = DateTime.FromFileTime(dtInt).AddDays(days);
if (targetFormat.Equals("LONG", StringComparison.OrdinalIgnoreCase))
{
mventry[mvAttrib].Value = dtFileTime.ToLongDateString();
}
else if (targetFormat.Equals("SHORT", StringComparison.OrdinalIgnoreCase))
{
mventry[mvAttrib].Value = dtFileTime.ToShortDateString();
}
else
mventry[mvAttrib].Value = dtFileTime.ToString(targetFormat);
// mventry[mvAttrib].Value = DateTime.FromFileTimeUtc(dtInt).ToString(targetFormat);
}
}
//(CSEntry csentry, MVEntry mventry, long dtInt, string mvAttrib, string targetFormat, int days = 0)
private static void GetDateString(CSEntry csentry, MVEntry mventry, string dateStr, string mvAttrib, string sourceFormat, string targetFormat, int days = 0)
{
DateTime dt = DateTime.ParseExact(dateStr, sourceFormat, CultureInfo.InvariantCulture);
GetDateString(csentry, mventry, dt.ToFileTime(), mvAttrib, sourceFormat, targetFormat, days);
}

private static string ConvertFileTimeToFimTimeStamp(long fileTime)
{
return DateTime.FromFileTimeUtc(fileTime).ToString("yyyy-MM-ddTHH:mm:ss.000");
}
private static string ConvertSidToString(byte[] objectSid)
{
string objectSidString = "";
SecurityIdentifier SI = new SecurityIdentifier(objectSid, 0);
objectSidString = SI.ToString();
return objectSidString;
}
#endregion
}
}

REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.