Publish LDAPCPSE v18.0

.github/workflows/verify-prs-and-commits.yml → .github/workflows/build.yml

@@ -1,11 +1,13 @@
-name: Verify PRs and commits
+name: Build code
 
 on:
   workflow_dispatch:
   push:
-    branches: [ "master", "dev" ]
+    branches:
+    - master
+    - 'releases/**'
   pull_request:
-    branches: [ "master", "dev" ]
+    branches: [ "master", "releases/**" ]
 
 jobs:
   call-build:

.github/workflows/publish-production-release.yml

@@ -2,7 +2,7 @@ name: Publish production release
 on: workflow_dispatch
 jobs:
   call-workflow-publish-nightly-release:
-    uses: Yvand/AzureCP/.github/workflows/reusable-build-publish-release.yml@master
+    uses: Yvand/EntraCP/.github/workflows/reusable-build-publish-release.yml@master
     with:
       project-name: ${{ vars.PROJECT_NAME }}
       version-major-minor: ${{ vars.VERSION_MAJOR_MINOR }}

.github/workflows/run-tests.yml

@@ -16,7 +16,7 @@ on:
 
 jobs:
   call-workflow-prepare-dtl-env:
-    uses: Yvand/AzureCP/.github/workflows/reusable-prepare-dtl-env.yml@master
+    uses: Yvand/EntraCP/.github/workflows/reusable-prepare-dtl-env.yml@master
     with:
       project-name: ${{ vars.PROJECT_NAME }}
       sharepoint-versions: ${{ inputs.sharepoint_versions }}

CHANGELOG.md

@@ -1,8 +1,17 @@
 # Change log for LDAPCP
 
+## Unreleased
+
+* Fix error when creating the configuration, due to case-sensitive test in the claim types - https://github.com/Yvand/LDAPCP/issues/204
+* Fix the error when loading the global configuration page, if the group claim type set in the LDAPCP configuration does not exist in the trust - https://github.com/Yvand/LDAPCP/issues/203
+* Add the property MaxSearchResultsCount, to override the SharePoint limit of the maximum number of objects that the LDAP server returns - https://github.com/Yvand/LDAPCP/issues/209
+* Correctly initialize LDAP-specific properties with their actual value, instead of the default value of the type - https://github.com/Yvand/LDAPCP/pull/212
+* Fix an NullReferenceException in a very rare scenario where ClaimsPrincipal.Identity is null
+* Add helper methods to get/delete a directory connection in the configuration
+
 ## LDAPCP Second Edition v17.0.20240226.2 - Published in February 26, 2024
 
-* Initial release of LDAPCP Second Edition, a complete rewrite of current project
+* Ignore case when comparing claim types, to avoid errors when creating the configuration - https://github.com/Yvand/LDAPCP/pull/205
 
 ## LDAPCP v16.0.20230824.1 enhancements & bug-fixes - Published in August 24, 2023
 

Yvand.LDAPCPSE/Properties/AssemblyInfo.cs

@@ -7,11 +7,11 @@
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("LDAPCP")]
-[assembly: AssemblyDescription("")]
+[assembly: AssemblyDescription("A claims provider to connect SharePoint Subscription / 2019 / 2016 with Active Directory and LDAP directories in federated authentication")]
 [assembly: AssemblyConfiguration("")]
-[assembly: AssemblyCompany("GitHub.com/Yvand - Yvan Duhamel")]
+[assembly: AssemblyCompany("Yvan Duhamel - GitHub.com/Yvand")]
 [assembly: AssemblyProduct("LDAPCP")]
-[assembly: AssemblyCopyright("Copyright © 2019, Yvan Duhamel, All rights reserved")]
+[assembly: AssemblyCopyright("Copyright © 2024, Yvan Duhamel, All rights reserved")]
 [assembly: AssemblyTrademark("LDAPCP")]
 [assembly: AssemblyCulture("")]
 

Yvand.LDAPCPSE/TEMPLATE/ADMIN/LDAPCPSE/GlobalSettings.ascx

@@ -249,37 +249,37 @@
     </tr>
 </table>
 <table border="0" cellspacing="0" cellpadding="0" width="100%">
-    <wssuc:buttonsection runat="server">
-        <template_buttons>
+    <wssuc:ButtonSection runat="server">
+        <Template_Buttons>
             <asp:Button UseSubmitBehavior="false" runat="server" class="ms-ButtonHeightWidth" OnClick="BtnOK_Click" Text="<%$Resources:wss,multipages_okbutton_text%>" ID="BtnOKTop" AccessKey="<%$Resources:wss,okbutton_accesskey%>" />
-        </template_buttons>
-    </wssuc:buttonsection>
+        </Template_Buttons>
+    </wssuc:ButtonSection>
 
     <wssuc:InputFormSection ID="CurrentLdapConnectionSection" Title="Registered LDAP connections" runat="server">
-        <template_description>
+        <Template_Description>
             <wssawc:EncodedLiteral runat="server" Text="LDAP connections currently registered in LDAPCP configuration." EncodeMethod='HtmlEncodeAllowSimpleTextFormatting' />
-        </template_description>
-        <template_inputformcontrols>
+        </Template_Description>
+        <Template_InputFormControls>
             <tr>
                 <td>
-                    <wssawc:SPGridView runat="server" ID="grdLDAPConnections" AutoGenerateColumns="false" OnRowDeleting="grdLDAPConnections_RowDeleting">
+                    <wssawc:SPGridView runat="server" ID="grdLDAPConnections" AutoGenerateColumns="false" OnRowDeleting="grdLDAPConnections_RowDeleting" OnRowDataBound="grdLDAPConnections_RowDataBound">
                         <Columns>
                             <asp:BoundField DataField="Id" ItemStyle-CssClass="ldapcp-HideCol" HeaderStyle-CssClass="ldapcp-HideCol" />
                             <asp:BoundField HeaderText="LDAP Path" DataField="Path" />
                             <asp:BoundField HeaderText="Username" DataField="Username" />
-                            <asp:CommandField HeaderText="Action" ButtonType="Button" DeleteText="Remove" ShowDeleteButton="True" />
+                            <asp:CommandField HeaderText="Action" ButtonType="Button" DeleteText="Delete" ShowDeleteButton="True" />
                         </Columns>
                     </wssawc:SPGridView>
                 </td>
             </tr>
-        </template_inputformcontrols>
+        </Template_InputFormControls>
     </wssuc:InputFormSection>
 
     <wssuc:InputFormSection ID="NewLdapConnectionSection" Title="Register a new LDAP connection" runat="server">
-        <template_description>
+        <Template_Description>
             <wssawc:EncodedLiteral runat="server" Text="By default, LDAPCP connects to the Active Directory domain of the SharePoint servers using the application pool identity. This connection is labelled 'Connect to SharePoint domain'." EncodeMethod='HtmlEncodeAllowSimpleTextFormatting' />
-        </template_description>
-        <template_inputformcontrols>
+        </Template_Description>
+        <Template_InputFormControls>
             <tr>
                 <td>
                     <table>
@@ -337,11 +337,11 @@
                     </p>
                 </td>
             </tr>
-        </template_inputformcontrols>
+        </Template_InputFormControls>
     </wssuc:InputFormSection>
 
-    <wssuc:inputformsection runat="server" Title="Configuration for the user identifier claim type">
-        <template_description>
+    <wssuc:InputFormSection runat="server" Title="Configuration for the user identifier claim type">
+        <Template_Description>
             <sharepoint:encodedliteral runat="server" text="Specify the settings to search, create and display the permissions for users." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
             <br />
             <br />
@@ -354,8 +354,8 @@
             <br />
             <br />
             <sharepoint:encodedliteral runat="server" text="- &quot;Additional LDAP filter&quot;: Specify a custom LDAP filter to restrict the users that may be returned. Be mindful that an invalid filter may break the LDAP requests." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
-        </template_description>
-        <template_inputformcontrols>
+        </Template_Description>
+        <Template_InputFormControls>
             <tr>
                 <td colspan="2">
                     <div class="divfieldset">
@@ -421,11 +421,11 @@
                     </div>
                 </td>
             </tr>
-        </template_inputformcontrols>
-    </wssuc:inputformsection>
+        </Template_InputFormControls>
+    </wssuc:InputFormSection>
 
-    <wssuc:inputformsection ID="AugmentationSection" runat="server" title="Configuration for the group claim type">
-        <template_description>
+    <wssuc:InputFormSection ID="AugmentationSection" runat="server" Title="Configuration for the group claim type">
+        <Template_Description>
             <sharepoint:encodedliteral runat="server" text="Specify the settings to search, create and display the permissions for groups." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
             <br />
             <br />
@@ -438,8 +438,8 @@
             <br />
             <br />
             <sharepoint:encodedliteral runat="server" text="- &quot;Additional LDAP filter&quot;: Specify a custom LDAP filter to restrict the groups that may be returned. Be mindful that an invalid filter may break the LDAP requests." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
-        </template_description>
-        <template_inputformcontrols>
+        </Template_Description>
+        <Template_InputFormControls>
             <p class="ms-error">
                 <asp:Label ID="Label1" runat="server" EnableViewState="False" />
             </p>
@@ -453,9 +453,7 @@
                                     <li>
                                         <label title="This liste is based on the claim types registered in your SharePoint trust">
                                             <wssawc:EncodedLiteral runat="server" Text="Claim type &#9432;" EncodeMethod='HtmlEncodeAllowSimpleTextFormatting' /><em>*</em></label>
-                                        <asp:DropDownList ID="DdlGroupClaimType" runat="server">
-                                            <asp:ListItem Selected="True" Value="None"></asp:ListItem>
-                                        </asp:DropDownList>
+                                        <asp:DropDownList ID="DdlGroupClaimType" runat="server" />
                                     </li>
                                     <li>
                                         <label for="<%= TxtGroupLdapClass.ClientID %>">LDAP object class <em>*</em></label>
@@ -492,18 +490,16 @@
                     </td>
                 </tr>
             </div>
-        </template_inputformcontrols>
-    </wssuc:inputformsection>
+        </Template_InputFormControls>
+    </wssuc:InputFormSection>
 
     <wssuc:InputFormSection runat="server" Title="Augmentation">
-        <template_description>
-            <sharepoint:encodedliteral runat="server" text="When enabled, LDAPCP returns the group membership of the trusted users to SharePoint." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
-            <sharepoint:encodedliteral runat="server" text="It is required for some features to work correctly, like the &quot;check permissions&quot; dialog." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
-            <br />
+        <Template_Description>
+            <sharepoint:encodedliteral runat="server" text="If enabled, LDAPCP gets the group membership of the trusted users when they sign-in, or whenever SharePoint asks for it." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
             <br />
-            <wssawc:EncodedLiteral runat="server" Text="Augmentation can be controlled per LDAP connection.<br />If possible, you should use the <a href='https://docs.microsoft.com/en-us/dotnet/api/system.directoryservices.accountmanagement.userprincipal.getauthorizationgroups' target='_blank'>.NET helper</a>, otherwise LDAPCP only gets the groups the user is directly member of, not the nested groups." EncodeMethod='NoEncode' />
-        </template_description>
-        <template_inputformcontrols>
+            <sharepoint:encodedliteral runat="server" text="If disabled, some SharePoint features, and permissions granted to trusted groups, may not work or not work reliably." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
+        </Template_Description>
+        <Template_InputFormControls>
             <tr>
                 <td>
                     <asp:CheckBox Checked="false" runat="server" Name="ChkEnableAugmentation" ID="ChkEnableAugmentation" OnClick="window.Ldapcp.AdminGlobalSettingsControl.InitAugmentationControls();" Text="Enable augmentation" />
@@ -525,58 +521,61 @@
                     </div>
                 </td>
             </tr>
-        </template_inputformcontrols>
+        </Template_InputFormControls>
     </wssuc:InputFormSection>
 
     <wssuc:InputFormSection runat="server" Title="Active Directory specific settings" Description="Enable or disable LDAP filters specific to Active Directory.">
-        <template_inputformcontrols>
+        <Template_InputFormControls>
             <asp:CheckBox Checked="false" runat="server" Name="ChkFilterEnabledUsersOnly" ID="ChkFilterEnabledUsersOnly" Text="Exclude disabled users" />
             <br />
             <br />
             <asp:CheckBox Checked="false" runat="server" Name="ChkFilterSecurityGroupsOnly" ID="ChkFilterSecurityGroupsOnly" Text="Exclude distribution lists" />
-        </template_inputformcontrols>
+        </Template_InputFormControls>
     </wssuc:InputFormSection>
 
     <wssuc:InputFormSection runat="server" Title="LDAP requests timeout" Description="Specify the timeout for the requests to the LDAP servers, in seconds.">
-        <template_inputformcontrols>
+        <Template_InputFormControls>
             <wssawc:InputFormTextBox title="Set the timeout value in seconds." class="ms-input" ID="txtTimeout" Columns="5" runat="server" MaxLength="3" />
             <wssawc:EncodedLiteral runat="server" Text="&nbsp;second(s)" EncodeMethod='HtmlEncodeAllowSimpleTextFormatting' />
-        </template_inputformcontrols>
+        </Template_InputFormControls>
     </wssuc:InputFormSection>
 
-    <wssuc:InputFormSection runat="server" Title="Bypass requests to LDAP server(s)">
-        <template_description>
-            <sharepoint:encodedliteral runat="server" text="Bypass the LDAP server(s) and, depending on the context:" encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
+    <wssuc:InputFormSection runat="server" Title="Bypass the LDAP server(s)">
+        <Template_Description>
+            <sharepoint:encodedliteral runat="server" text="Bypass the LDAP server(s) registered and, depending on the context:" encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
             <br />
-            <sharepoint:encodedliteral runat="server" text="- Search: Use the input as the claim's value, and return 1 entity per claim type." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
+            <sharepoint:encodedliteral runat="server" text="- Search: Uses the input as the claim's value, and return 1 entity per claim type." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
             <br />
-            <sharepoint:encodedliteral runat="server" text="- Validation: Validate the incoming entity, as if it matched an object in LDAP." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
+            <sharepoint:encodedliteral runat="server" text="- Validation: Validates the incoming entity as-is." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
             <br />
             <sharepoint:encodedliteral runat="server" text="This setting does not affect the augmentation." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
-        </template_description>
-        <template_inputformcontrols>
+            <br />
+            <br />
+            <sharepoint:encodedliteral runat="server" text="It can be used as a mitigation if one or more SharePoint server(s) lost the connection with a LDAP server(s), until it is restored." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
+        </Template_Description>
+        <Template_InputFormControls>
             <asp:CheckBox Checked="false" runat="server" Name="ChkAlwaysResolveUserInput" ID="ChkAlwaysResolveUserInput" Text="Bypass requests to LDAP server(s)" />
-        </template_inputformcontrols>
+        </Template_InputFormControls>
     </wssuc:InputFormSection>
 
     <wssuc:InputFormSection runat="server" Title="Require exact match when typing in the people picker">
-        <template_description>
+        <Template_Description>
             <sharepoint:encodedliteral runat="server" text="Enable this to return results in the people picker, only if the user input matches exactly the value of the LDAP object attribute (case-insensitive)." encodemethod='HtmlEncodeAllowSimpleTextFormatting' />
-        </template_description>
-        <template_inputformcontrols>
+        </Template_Description>
+        <Template_InputFormControls>
             <asp:CheckBox Checked="false" runat="server" Name="ChkFilterExactMatchOnly" ID="ChkFilterExactMatchOnly" Text="Require exact match when typing in the people picker" />
-        </template_inputformcontrols>
+        </Template_InputFormControls>
     </wssuc:InputFormSection>
 
-    <wssuc:InputFormSection runat="server" Title="Reset LDAPCP configuration" description="Restore configuration to its default values. All changes, including in claim types mappings, will be lost.">
-        <template_inputformcontrols>
+    <wssuc:InputFormSection runat="server" Title="Reset LDAPCP configuration" Description="Restore configuration to its default values. All changes, including in claim types mappings, will be lost.">
+        <Template_InputFormControls>
             <asp:Button runat="server" ID="BtnResetConfig" Text="Reset LDAPCP configuration" OnClick="BtnResetConfig_Click" class="ms-ButtonHeightWidth" OnClientClick="return confirm('Do you really want to reset LDAPCP configuration?');" />
-        </template_inputformcontrols>
+        </Template_InputFormControls>
     </wssuc:InputFormSection>
 
-    <wssuc:buttonsection runat="server">
-        <template_buttons>
+    <wssuc:ButtonSection runat="server">
+        <Template_Buttons>
             <asp:Button UseSubmitBehavior="false" runat="server" class="ms-ButtonHeightWidth" OnClick="BtnOK_Click" Text="<%$Resources:wss,multipages_okbutton_text%>" ID="BtnOK" AccessKey="<%$Resources:wss,okbutton_accesskey%>" />
-        </template_buttons>
-    </wssuc:buttonsection>
+        </Template_Buttons>
+    </wssuc:ButtonSection>
 </table>