public override void OnSetFederatedOrganizationIdentifier(FederationTrust federationTrust, SmtpDomain accountNamespace) { string text = accountNamespace.ToString(); string wkgDomain = FederatedOrganizationId.AddHybridConfigurationWellKnownSubDomain(text); AppIdInfo appIdInfo = null; ManageDelegation2Client client = this.GetManageDelegation(wkgDomain); try { appIdInfo = client.CreateAppId(wkgDomain); } catch (LiveDomainServicesException ex) { if (ex.DomainError != null && ex.DomainError.Value == DomainError.ProofOfOwnershipNotValid) { throw new DomainProofOwnershipException(Strings.ErrorManageDelegation2ProofDomainOwnership, ex); } throw new ProvisioningFederatedExchangeException(ex.LocalizedString, ex); } if (string.IsNullOrEmpty(federationTrust.ApplicationIdentifier)) { if (appIdInfo == null || string.IsNullOrEmpty(appIdInfo.AppId)) { throw new LiveDomainServicesException(Strings.ErrorLiveDomainServicesUnexpectedResult(Strings.ErrorInvalidApplicationId)); } base.WriteVerbose(Strings.NewFederationTrustSuccessAppId(FederationTrust.PartnerSTSType.LiveId.ToString(), appIdInfo.AppId)); federationTrust.ApplicationIdentifier = appIdInfo.AppId.Trim(); } base.ReserveDomain(wkgDomain, federationTrust.ApplicationIdentifier, client, Strings.ErrorManageDelegation2ProofDomainOwnership, () => LiveFederationProvision2.GetDomainStateFromDomainInfo(client.GetDomainInfo(federationTrust.ApplicationIdentifier, wkgDomain))); using (ManageDelegation2Client manageDelegation = this.GetManageDelegation(text)) { manageDelegation.AddUri(appIdInfo.AppId, text); } }
protected override void InternalValidate() { SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); base.InternalValidate(); this.ConfigurationSession.SessionSettings.IsSharedConfigChecked = true; FederatedOrganizationId federatedOrganizationId = this.ConfigurationSession.GetFederatedOrganizationId(base.DataObject.OrganizationId); if (base.DataObject.Id.Equals(federatedOrganizationId.DefaultSharingPolicyLink)) { base.WriteError(new CannotRemoveDefaultSharingPolicy(), ErrorCategory.InvalidOperation, this.Identity); } IRecipientSession tenantOrRootOrgRecipientSession; if (this.ConfigurationSession.ConfigScope == ConfigScopes.TenantSubTree) { tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(this.ConfigurationSession.DomainController, null, this.ConfigurationSession.Lcid, true, ConsistencyMode.PartiallyConsistent, this.ConfigurationSession.NetworkCredential, this.ConfigurationSession.SessionSettings, this.ConfigurationSession.ConfigScope, 68, "InternalValidate", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Federation\\RemoveSharingPolicy.cs"); } else { tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(this.ConfigurationSession.DomainController, null, this.ConfigurationSession.Lcid, true, ConsistencyMode.PartiallyConsistent, this.ConfigurationSession.NetworkCredential, this.ConfigurationSession.SessionSettings, 80, "InternalValidate", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Federation\\RemoveSharingPolicy.cs"); } QueryFilter filter = new ComparisonFilter(ComparisonOperator.Equal, IADMailStorageSchema.SharingPolicy, base.DataObject.Id); ADRecipient[] array = tenantOrRootOrgRecipientSession.Find(null, QueryScope.SubTree, filter, null, 1); if (array.Length > 0) { base.WriteError(new CannotRemoveSharingPolicyWithUsersAssignedException(), ErrorCategory.InvalidOperation, this.Identity); } }
public SecurityTokenService GetSecurityTokenService(OrganizationId organizationId) { this.ThrowIfNotEnabled(); OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId); FederatedOrganizationId federatedOrganizationId = organizationIdCacheValue.FederatedOrganizationId; if (federatedOrganizationId == null) { ExternalAuthentication.ConfigurationTracer.TraceError <string>(0L, "Unable to find Federated Organization Identifier for organization {0}.", organizationId.ToString()); return(null); } if (federatedOrganizationId.DelegationTrustLink == null) { ExternalAuthentication.ConfigurationTracer.TraceError <string>(0L, "Unable to find configured delegation trust link for organization {0}.", organizationId.ToString()); return(null); } SecurityTokenService result; if (this.securityTokenServices.TryGetValue(federatedOrganizationId.DelegationTrustLink, out result)) { return(result); } ExternalAuthentication.ConfigurationTracer.TraceError <string, string>(0L, "Unable to find configured Security Token Service client for delegation trust link {0} for organization {1}.", federatedOrganizationId.DelegationTrustLink.DistinguishedName, organizationId.ToString()); ExternalAuthentication.ConfigurationTracer.TraceError <string>(0L, "Current Security Token Service client list is {0}.", this.SecurityTokenServicesIdentifiers); return(null); }
protected override IConfigurable PrepareDataObject() { TaskLogger.LogEnter(); this.ConfigurationSession.SessionSettings.IsSharedConfigChecked = true; FederatedOrganizationId federatedOrganizationId = this.ConfigurationSession.GetFederatedOrganizationId(); string organization = (federatedOrganizationId.OrganizationId == null) ? "<No Org>" : federatedOrganizationId.OrganizationId.ToString(); string cn; if (federatedOrganizationId.DefaultSharingPolicyLink != null) { this.skipProcessRecord = true; base.WriteVerbose(Strings.FoundDefaultSharingPolicy(federatedOrganizationId.DefaultSharingPolicyLink.DistinguishedName, organization)); cn = Guid.NewGuid().ToString(); } else { cn = this.GetDefaultSharingPolicyName(); base.WriteVerbose(Strings.InstallDefaultSharingPolicy(organization)); } SharingPolicy sharingPolicy = (SharingPolicy)base.PrepareDataObject(); sharingPolicy.SetId(this.ConfigurationSession, cn); sharingPolicy.Enabled = true; sharingPolicy.Domains = new MultiValuedProperty <SharingPolicyDomain>(new SharingPolicyDomain[] { new SharingPolicyDomain("*", SharingPolicyAction.CalendarSharingFreeBusySimple) }); sharingPolicy.Domains.Add(new SharingPolicyDomain("Anonymous", SharingPolicyAction.CalendarSharingFreeBusyReviewer)); TaskLogger.LogExit(); return(sharingPolicy); }
// Token: 0x06000E62 RID: 3682 RVA: 0x00056A70 File Offset: 0x00054C70 private static ADObjectId GetDefaultSharingPolicyId(IConfigurationSession configurationSession) { FederatedOrganizationId federatedOrganizationId = configurationSession.GetFederatedOrganizationId(configurationSession.SessionSettings.CurrentOrganizationId); if (federatedOrganizationId == null || federatedOrganizationId.DefaultSharingPolicyLink == null) { SharingPolicyCache.Tracer.TraceError <OrganizationId>(0L, "Could not find FederatedOrganizationId or DefaultSharingPolicyLink for Org {0}", configurationSession.SessionSettings.CurrentOrganizationId); return(null); } SharingPolicyCache.Tracer.TraceDebug <OrganizationId, ADObjectId>(0L, "Found Default Policy Id {0} for Org {1} ", configurationSession.SessionSettings.CurrentOrganizationId, federatedOrganizationId.DefaultSharingPolicyLink); return(federatedOrganizationId.DefaultSharingPolicyLink); }
public static SharingPolicy ReadSharingPolicy(Guid mailboxGuid, bool isArchive, IRecipientSession recipientSession) { ADRecipient adrecipient = DirectoryHelper.ReadADRecipient(mailboxGuid, isArchive, recipientSession); if (adrecipient == null) { throw new ObjectNotFoundException(ServerStrings.ADUserNotFound); } ADUser aduser = adrecipient as ADUser; if (aduser == null) { ExTraceGlobals.StorageTracer.TraceError <ADRecipient>((long)mailboxGuid.GetHashCode(), "ExchangePrincipal::ReadSharingPolicy. This is not an ADUser so policy doesn't apply. Recipient = {0}.", adrecipient); return(null); } ADObjectId adobjectId = aduser.SharingPolicy; ADSessionSettings adsessionSettings; if (SharedConfiguration.IsDehydratedConfiguration(aduser.OrganizationId)) { SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(aduser.OrganizationId); adsessionSettings = sharedConfiguration.GetSharedConfigurationSessionSettings(); } else { adsessionSettings = aduser.OrganizationId.ToADSessionSettings(); adsessionSettings.IsSharedConfigChecked = true; } IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, adsessionSettings, 248, "ReadSharingPolicy", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\DirectoryHelper.cs"); if (adobjectId == null) { FederatedOrganizationId federatedOrganizationId = tenantOrTopologyConfigurationSession.GetFederatedOrganizationId(tenantOrTopologyConfigurationSession.SessionSettings.CurrentOrganizationId); if (federatedOrganizationId != null) { adobjectId = federatedOrganizationId.DefaultSharingPolicyLink; } } SharingPolicy sharingPolicy = null; if (adobjectId != null) { sharingPolicy = tenantOrTopologyConfigurationSession.Read <SharingPolicy>(adobjectId); if (sharingPolicy == null) { throw new ObjectNotFoundException(ServerStrings.SharingPolicyNotFound(adobjectId.Name)); } } return(sharingPolicy); }
protected override void InternalValidate() { TaskLogger.LogEnter(); SharedConfigurationTaskHelper.VerifyIsNotTinyTenant(base.CurrentOrgState, new Task.ErrorLoggerDelegate(base.WriteError)); base.InternalValidate(); if (this.isDefault) { this.ConfigurationSession.SessionSettings.IsSharedConfigChecked = true; FederatedOrganizationId federatedOrganizationId = this.ConfigurationSession.GetFederatedOrganizationId(this.DataObject.OrganizationId); if (federatedOrganizationId != null) { this.defaultChanged = !this.DataObject.Id.Equals(federatedOrganizationId.DefaultSharingPolicyLink); } } TaskLogger.LogExit(); }
public static LicenseIdentity GetFederatedLicenseIdentity(OrganizationId organizationId) { ArgumentValidator.ThrowIfNull("organizationId", organizationId); OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId); FederatedOrganizationId federatedOrganizationId = (organizationIdCacheValue != null) ? organizationIdCacheValue.FederatedOrganizationId : null; if (organizationIdCacheValue == null || organizationIdCacheValue.FederatedDomains == null || federatedOrganizationId == null || !federatedOrganizationId.Enabled || federatedOrganizationId.AccountNamespace == null || federatedOrganizationId.AccountNamespace.Domain == null) { Microsoft.Exchange.Diagnostics.Components.Data.Storage.ExTraceGlobals.RightsManagementTracer.TraceError <OrganizationId>(0L, "GetFederatedLicenseIdentity: Organization {0} does not have any federated domains.", organizationId); throw new RightsManagementException(RightsManagementFailureCode.FederationNotEnabled, ServerStrings.FederationNotEnabled); } string tenantFederatedMailbox = RmsClientManager.IRMConfig.GetTenantFederatedMailbox(organizationId); if (string.IsNullOrEmpty(tenantFederatedMailbox)) { Microsoft.Exchange.Diagnostics.Components.Data.Storage.ExTraceGlobals.RightsManagementTracer.TraceError <OrganizationId>(0L, "GetFederatedLicenseIdentity: Organization {0} doesn't have federated identity set.", organizationId); throw new RightsManagementException(RightsManagementFailureCode.FederatedMailboxNotSet, ServerStrings.FederatedMailboxNotSet(organizationId.ToString())); } string[] array = organizationIdCacheValue.FederatedDomains.ToArray <string>(); int num = 0; while (num < array.Length && num < 50) { array[num] = string.Format(CultureInfo.InvariantCulture, "{0}{1}", new object[] { "@", array[num] }); num++; } if (organizationId == OrganizationId.ForestWideOrgId) { return(new LicenseIdentity(string.Format(CultureInfo.InvariantCulture, "{0}{1}{2}", new object[] { new SmtpAddress(tenantFederatedMailbox).Local, "@", federatedOrganizationId.AccountNamespace.Domain }), array)); } return(new LicenseIdentity(tenantFederatedMailbox, array)); }
internal static void SetDefaultSharingPolicy(IConfigurationSession session, OrganizationId organizationId, ADObjectId sharingPolicyId) { IConfigurationSession tenantOrTopologyConfigurationSession; if (session.ConfigScope == ConfigScopes.TenantSubTree) { tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(session.DomainController, false, ConsistencyMode.FullyConsistent, session.NetworkCredential, session.SessionSettings, session.ConfigScope, 199, "SetDefaultSharingPolicy", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Federation\\SetSharingPolicy.cs"); } else { tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(session.DomainController, false, ConsistencyMode.FullyConsistent, session.NetworkCredential, session.SessionSettings, 210, "SetDefaultSharingPolicy", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Federation\\SetSharingPolicy.cs"); } tenantOrTopologyConfigurationSession.SessionSettings.IsSharedConfigChecked = true; FederatedOrganizationId federatedOrganizationId = tenantOrTopologyConfigurationSession.GetFederatedOrganizationId(organizationId); if (federatedOrganizationId != null) { federatedOrganizationId.DefaultSharingPolicyLink = sharingPolicyId; tenantOrTopologyConfigurationSession.Save(federatedOrganizationId); } }
internal ADObjectId GetDefaultSharingPolicyId(ADObject user, SharedConfiguration sharedConfig) { ADObjectId result; try { if (!this.defaultSharingPolicyIds.ContainsKey(user.OrganizationId)) { IConfigurationSession configurationSession = this.GenerateIConfigurationSessionForShareableObjects(user.OrganizationId, sharedConfig); FederatedOrganizationId federatedOrganizationId = configurationSession.GetFederatedOrganizationId(configurationSession.SessionSettings.CurrentOrganizationId); this.defaultSharingPolicyIds[user.OrganizationId] = ((federatedOrganizationId != null) ? federatedOrganizationId.DefaultSharingPolicyLink : null); } result = this.defaultSharingPolicyIds[user.OrganizationId]; } catch (DataSourceTransientException exception) { base.WriteError(exception, ErrorCategory.ReadError, null); result = null; } return(result); }
private void ProcessRemoveFederatedDomainRequest() { this.RemoveFederatedDomainFromSTS(); if (this.DomainName.Equals(this.DataObject.AccountNamespace) && !this.IsDatacenter) { string domain = this.DataObject.AccountNamespace.Domain; base.ZapDanglingDomainTrusts(); this.DataObject.AccountNamespace = null; this.DataObject.DelegationTrustLink = null; this.DataObject.Enabled = false; if (this.federationTrust != null && null != this.federationTrust.ApplicationUri) { string text = FederatedOrganizationId.RemoveHybridConfigurationWellKnownSubDomain(this.federationTrust.ApplicationUri.ToString()); if (text.Equals(domain, StringComparison.InvariantCultureIgnoreCase)) { this.federationTrust.ApplicationUri = null; this.federationTrust.ApplicationIdentifier = null; base.DataSession.Save(this.federationTrust); } } base.InternalProcessRecord(); return; } if (this.matchedAcceptedDomain != null && this.matchedAcceptedDomain.Id != null) { AcceptedDomain acceptedDomain = (AcceptedDomain)base.DataSession.Read <AcceptedDomain>(this.matchedAcceptedDomain.Id); if (acceptedDomain == null) { this.WriteWarning(Strings.ErrorDomainNameNotAcceptedDomain(this.DomainName.Domain)); return; } if (acceptedDomain.FederatedOrganizationLink == null) { this.WriteWarning(Strings.ErrorDomainIsNotFederated(this.DomainName.Domain)); return; } acceptedDomain.FederatedOrganizationLink = null; base.DataSession.Save(acceptedDomain); } }
AcceptedDomain[] IConfigurationSession.FindAcceptedDomainsByFederatedOrgId(FederatedOrganizationId federatedOrganizationId) { FfoDirectorySession.LogNotSupportedInFFO(null); return(new AcceptedDomain[0]); }
private void PrintConfiguration(ADUser user, FederationTrust fedTrust) { bool enabled = VariantConfiguration.InvariantNoFlightingSnapshot.Global.MultiTenancy.Enabled; string text = enabled ? "Online" : "On-Prem"; bool flag = false; HashSet <string> localFederatedDomains = this.GetLocalFederatedDomains(user); int startIndex = user.GetFederatedIdentity().Identity.IndexOf('@') + 1; string text2 = user.GetFederatedIdentity().Identity.Substring(startIndex); if (localFederatedDomains.Contains(text2)) { flag = true; } OrganizationId organizationId = user.OrganizationId; OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId); FederatedOrganizationId federatedOrganizationId = organizationIdCacheValue.FederatedOrganizationId; string text3 = string.Concat(new string[] { Environment.NewLine, Environment.NewLine, "Printing current configuration...", Environment.NewLine, Environment.NewLine, "---------------------------------------------------------------------", Environment.NewLine, "Online or On-Prem: ", text, Environment.NewLine, Environment.NewLine, "Printing configuration information (from FederationTrust): ", Environment.NewLine, "Name: ", fedTrust.Name, Environment.NewLine, "TokenIssuerUri: ", fedTrust.TokenIssuerUri.ToString(), Environment.NewLine, "TokenIssuerType: ", fedTrust.TokenIssuerType.ToString(), Environment.NewLine, "TokenIssuerEpr: ", fedTrust.TokenIssuerEpr.ToString(), Environment.NewLine, "TokenIssuerMetadataEpr: ", fedTrust.TokenIssuerMetadataEpr.ToString(), Environment.NewLine, "TokenIssuerCertificateThumbprint: ", fedTrust.TokenIssuerCertificate.Thumbprint.ToString(), Environment.NewLine, "TokenIssuerCertReference: ", fedTrust.TokenIssuerCertReference, Environment.NewLine, "ApplicationIdentifier: ", fedTrust.ApplicationIdentifier, Environment.NewLine, "ApplicationUri: ", fedTrust.ApplicationUri.ToString(), Environment.NewLine, "OrgPublicCertificateThumbprint: ", fedTrust.OrgCertificate.Thumbprint.ToString(), Environment.NewLine, "PolicyReferenceUri: ", fedTrust.PolicyReferenceUri, Environment.NewLine, Environment.NewLine, "Printing configuration information (from ADUser): ", Environment.NewLine }); if (flag) { text3 = text3 + "Domain Type: Federated" + Environment.NewLine; } else { text3 = text3 + "Domain Type: Managed" + Environment.NewLine; } text3 = string.Concat(new object[] { text3, "Domain Name: ", text2, Environment.NewLine, "Email: ", user.GetFederatedSmtpAddress().ToString(), Environment.NewLine, "RST Identity Type = FederatedIdentity Type: ", user.GetFederatedIdentity().Type, Environment.NewLine, "RST Idenitty Value = FederatedIdentity Value: ", user.GetFederatedIdentity().Identity, Environment.NewLine, "ImmutableId: ", user.ImmutableId.ToString(), Environment.NewLine, "msExchOnPremiseObjectGuid: ", user.OnPremisesObjectId.ToString(), Environment.NewLine, "ObjectGuid: ", user.Guid.ToString(), Environment.NewLine }); if (enabled) { text3 = text3 + "WindowsLiveID: " + user.WindowsLiveID.ToString() + Environment.NewLine; } else { text3 = text3 + "AccountNamespace: " + federatedOrganizationId.AccountNamespace.ToString() + Environment.NewLine; } text3 = string.Concat(new string[] { text3, "SID: ", user.Sid.ToString(), Environment.NewLine, "Organization ID: ", user.OrganizationId.ToString(), Environment.NewLine, Environment.NewLine, "Offer: ", TestFederationTrust.TokenOffer.ToString(), Environment.NewLine, "---------------------------------------------------------------------", Environment.NewLine }); base.WriteVerbose(new LocalizedString(text3)); this.ValidateConfiguration(enabled, flag, user, text2); }
private void ValidateSetParameters() { ADObjectId adobjectId = ADObjectIdResolutionHelper.ResolveDN(this.DataObject.DelegationTrustLink); if (adobjectId != null && (string.IsNullOrEmpty(adobjectId.DistinguishedName) || adobjectId.Parent.Equals(this.ConfigurationSession.DeletedObjectsContainer))) { adobjectId = null; } if (this.DelegationFederationTrust == null && this.AccountNamespace == null) { if (adobjectId == null) { base.WriteError(new NoTrustConfiguredException(), ErrorCategory.InvalidOperation, this.DataObject.Identity); } this.noTrustToUpdate = true; return; } if (this.DelegationFederationTrust != null) { if (this.AccountNamespace == null) { if (adobjectId != null) { return; } base.WriteError(new NoAccountNamespaceException(), ErrorCategory.InvalidOperation, this.DataObject.Identity); } } else { base.WriteError(new CannotSpecifyAccountNamespaceWithoutTrustException(), ErrorCategory.InvalidOperation, this.DataObject.Identity); } if (this.DataObject.AccountNamespace != null) { string x = FederatedOrganizationId.ContainsHybridConfigurationWellKnownSubDomain(this.DataObject.AccountNamespace.Domain) ? FederatedOrganizationId.AddHybridConfigurationWellKnownSubDomain(this.AccountNamespace.Domain) : this.AccountNamespace.Domain; if (!StringComparer.OrdinalIgnoreCase.Equals(x, this.DataObject.AccountNamespace.Domain) && adobjectId != null) { base.WriteError(new TrustAlreadyDefinedException(), ErrorCategory.InvalidOperation, this.DataObject.Identity); } if (adobjectId != null && !adobjectId.Equals(this.delegationTrustId)) { base.WriteError(new TrustAlreadyDefinedException(), ErrorCategory.InvalidOperation, this.DataObject.Identity); } } ADObjectId adobjectId2 = this.matchedAcceptedDomain.FederatedOrganizationLink; if (adobjectId2 != null && adobjectId2.Parent.Equals(this.ConfigurationSession.DeletedObjectsContainer)) { adobjectId2 = null; } if (adobjectId2 != null) { if (adobjectId2.ObjectGuid != this.DataObject.Id.ObjectGuid) { base.WriteError(new DomainAlreadyFederatedException(this.AccountNamespace.Domain), ErrorCategory.InvalidOperation, this.DataObject.Identity); } else { this.noTrustToUpdate = true; } } TaskLogger.LogExit(); }
protected override void InternalProcessRecord() { if (base.Fields.IsModified("DefaultDomain")) { IEnumerable <AcceptedDomain> enumerable = base.DataSession.FindPaged <AcceptedDomain>(null, base.CurrentOrgContainerId, true, null, 1000); foreach (AcceptedDomain acceptedDomain in enumerable) { if (acceptedDomain.IsDefaultFederatedDomain && (this.matchedDefaultAcceptedDomain == null || !this.matchedDefaultAcceptedDomain.Id.Equals(acceptedDomain.Id))) { acceptedDomain.IsDefaultFederatedDomain = false; base.DataSession.Save(acceptedDomain); } } if (this.matchedDefaultAcceptedDomain != null && !this.matchedDefaultAcceptedDomain.IsDefaultFederatedDomain) { this.matchedDefaultAcceptedDomain.IsDefaultFederatedDomain = true; base.DataSession.Save(this.matchedDefaultAcceptedDomain); this.defaultDomainChanged = true; } } if (this.noTrustToUpdate) { if (this.IsObjectStateChanged()) { base.InternalProcessRecord(); return; } } else { base.ZapDanglingDomainTrusts(); this.ProvisionSTS(); SmtpDomain smtpDomain = this.AccountNamespace; if (this.federationTrust.NamespaceProvisioner == FederationTrust.NamespaceProvisionerType.LiveDomainServices2) { smtpDomain = new SmtpDomain(FederatedOrganizationId.AddHybridConfigurationWellKnownSubDomain(this.AccountNamespace.Domain)); } this.DataObject.AccountNamespace = smtpDomain; this.DataObject.DelegationTrustLink = this.delegationTrustId; if (!this.DataObject.IsModified(FederatedOrganizationIdSchema.Enabled)) { this.DataObject.Enabled = true; } bool flag = false; Uri applicationUri = null; if (null == this.federationTrust.ApplicationUri) { if (!Uri.TryCreate(smtpDomain.Domain, UriKind.RelativeOrAbsolute, out applicationUri)) { base.WriteError(new InvalidApplicationUriException(Strings.ErrorInvalidApplicationUri(this.AccountNamespace.Domain)), ErrorCategory.InvalidArgument, this.DataObject.Identity); } flag = true; } base.InternalProcessRecord(); if (flag) { this.federationTrust.ApplicationUri = applicationUri; base.DataSession.Save(this.federationTrust); } AcceptedDomain acceptedDomain2 = (AcceptedDomain)base.DataSession.Read <AcceptedDomain>(this.matchedAcceptedDomain.Id); acceptedDomain2.FederatedOrganizationLink = this.DataObject.Id; acceptedDomain2.PendingFederatedAccountNamespace = false; acceptedDomain2.PendingFederatedDomain = false; base.DataSession.Save(acceptedDomain2); } }
public static void GenerateAddAndRemoveCollection(DataRow row, DataTable dataTable, DataObjectStore store) { if (store.GetDataObject("FederatedOrganizationIdentifier") == null) { return; } List <object> list = new List <object>(); if (dataTable.Rows[0]["SharingEnabledDomains"] != DBNull.Value) { foreach (object obj in ((IEnumerable)dataTable.Rows[0]["SharingEnabledDomains"])) { SharingDomain sharingDomain = (SharingDomain)obj; list.Add((SmtpDomain)sharingDomain); } } FederatedOrganizationIdWithDomainStatus federatedOrganizationIdWithDomainStatus = (FederatedOrganizationIdWithDomainStatus)store.GetDataObject("FederatedOrganizationIdentifier"); SmtpDomain smtpDomain = (federatedOrganizationIdWithDomainStatus.AccountNamespace == null) ? null : new SmtpDomain(FederatedOrganizationId.RemoveHybridConfigurationWellKnownSubDomain(federatedOrganizationIdWithDomainStatus.AccountNamespace.Domain)); if (smtpDomain == null && dataTable.Rows[0]["AccountNamespace"] != DBNull.Value) { smtpDomain = (SmtpDomain)((SharingDomain)dataTable.Rows[0]["AccountNamespace"]); } if (smtpDomain != null) { list.Remove(smtpDomain); } MultiValuedProperty <FederatedDomain> multiValuedProperty = (MultiValuedProperty <FederatedDomain>)store.GetValue("FederatedOrganizationIdentifier", "Domains"); List <object> list2 = new List <object>(); if (multiValuedProperty != null) { foreach (FederatedDomain federatedDomain in multiValuedProperty) { if (!federatedDomain.Domain.Domain.Equals(smtpDomain.Domain, StringComparison.InvariantCultureIgnoreCase)) { SmtpDomain item = new SmtpDomain(federatedDomain.Domain.Domain); if (list.Contains(item)) { list.Remove(item); } else { list2.Add(item); } } } } dataTable.Rows[0]["AddedSharingEnabledDomains"] = list; dataTable.Rows[0]["RemovedSharingEnabledDomains"] = list2; }
public FederatedOrganizationIdWithDomainStatus(FederatedOrganizationId dataObject) : base(dataObject) { }
public static void ExtractAccountNamespaceAndSharingDomains(DataRow row, DataTable dataTable, DataObjectStore store) { if (store.GetDataObject("FederatedOrganizationIdentifier") == null) { return; } FederatedOrganizationIdWithDomainStatus federatedOrganizationIdWithDomainStatus = (FederatedOrganizationIdWithDomainStatus)store.GetDataObject("FederatedOrganizationIdentifier"); SmtpDomain smtpDomain = (federatedOrganizationIdWithDomainStatus.AccountNamespace == null) ? null : new SmtpDomain(FederatedOrganizationId.RemoveHybridConfigurationWellKnownSubDomain(federatedOrganizationIdWithDomainStatus.AccountNamespace.Domain)); MultiValuedProperty <FederatedDomain> domains = federatedOrganizationIdWithDomainStatus.Domains; dataTable.Rows[0]["HasAccountNamespace"] = false; dataTable.Rows[0]["HasFederatedDomains"] = false; if (smtpDomain != null) { List <object> list = new List <object>(); dataTable.Rows[0]["HasAccountNamespace"] = true; dataTable.Rows[0]["Name"] = federatedOrganizationIdWithDomainStatus.AccountNamespace.Domain; foreach (FederatedDomain federatedDomain in domains) { if (federatedDomain.Domain.Domain.Equals(smtpDomain.Domain, StringComparison.InvariantCultureIgnoreCase)) { dataTable.Rows[0]["AccountNamespace"] = (SharingDomain)federatedDomain; } else { list.Add((SharingDomain)federatedDomain); } } if (list.Count > 0) { dataTable.Rows[0]["SharingEnabledDomains"] = list; dataTable.Rows[0]["HasFederatedDomains"] = true; } } }
private ManageDelegation2Client GetManageDelegation(string domain) { string signingDomain = FederatedOrganizationId.RemoveHybridConfigurationWellKnownSubDomain(domain); return(new ManageDelegation2Client(domain, signingDomain, base.CertificateThumbprint, base.WriteVerbose)); }
private FederationTrust GetFederationTrust(ADUser user) { base.WriteVerbose(new LocalizedString(string.Concat(new object[] { Environment.NewLine, "using ADUser OrganizationId: ", user.OrganizationId, " " }))); ADSessionSettings adsessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest(), user.OrganizationId, null, false); adsessionSettings.IsSharedConfigChecked = true; IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(this.DomainController, true, ConsistencyMode.IgnoreInvalid, adsessionSettings, 463, "GetFederationTrust", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Federation\\TestFederationTrust.cs"); FederatedOrganizationId federatedOrganizationId = tenantOrTopologyConfigurationSession.GetFederatedOrganizationId(user.OrganizationId); if (federatedOrganizationId == null || !federatedOrganizationId.Enabled) { this.Log(EventTypeEnumeration.Information, TestFederationTrust.TestFederationTrustEventId.NoFederationTrust, Strings.NoFederationTrust); return(null); } ADSessionSettings adsessionSettings2 = ADSessionSettings.FromRootOrgScopeSet(); adsessionSettings2.IsSharedConfigChecked = true; IConfigurationSession tenantOrTopologyConfigurationSession2 = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(this.DomainController, true, ConsistencyMode.IgnoreInvalid, adsessionSettings2, 486, "GetFederationTrust", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Federation\\TestFederationTrust.cs"); FederationTrust federationTrust = tenantOrTopologyConfigurationSession2.Read <FederationTrust>(federatedOrganizationId.DelegationTrustLink); if (federationTrust == null) { this.Log(EventTypeEnumeration.Information, TestFederationTrust.TestFederationTrustEventId.NoFederationTrust, Strings.NoFederationTrust); return(null); } StringBuilder stringBuilder = new StringBuilder(); bool flag = false; if (string.IsNullOrEmpty(federationTrust.OrgPrivCertificate)) { stringBuilder.Append("OrgPrivCertificate"); flag = true; } var array = new < > f__AnonymousType26 <object, string>[] { new { Value = federationTrust.TokenIssuerUri, Name = "TokenIssuerUri" }, new { Value = federationTrust.TokenIssuerEpr, Name = "TokenIssuerEpr" }, new { Value = federationTrust.ApplicationUri, Name = "ApplicationUri" }, new { Value = federationTrust.TokenIssuerCertificate, Name = "TokenIssuerCertificate" } }; var array2 = array; for (int i = 0; i < array2.Length; i++) { var <> f__AnonymousType = array2[i]; if (< > f__AnonymousType.Value == null) { if (stringBuilder.Length != 0) { stringBuilder.Append(","); } stringBuilder.Append(< > f__AnonymousType.Name); flag = true; } } if (flag) { this.Log(EventTypeEnumeration.Error, TestFederationTrust.TestFederationTrustEventId.FederationTrustConfiguration, Strings.MissingPropertyInFederationTrust(stringBuilder.ToString())); return(null); } base.WriteVerbose(new LocalizedString(string.Concat(new object[] { Environment.NewLine, Environment.NewLine, "Retrieved FederationTrust object with the following properties: ", Environment.NewLine, "TokenIssuerUri: ", federationTrust.TokenIssuerUri, Environment.NewLine, "TokenIssuerEpr: ", federationTrust.TokenIssuerEpr, Environment.NewLine, "ApplicationUri: ", federationTrust.ApplicationUri, Environment.NewLine, "TokenIssuerCertificate Thumbprint: ", federationTrust.TokenIssuerCertificate.Thumbprint }))); try { user.GetFederatedIdentity(); } catch (LocalizedException ex) { base.WriteVerbose(Strings.FailureAndReason(Strings.FederatedOrganizationIdNotSet.ToString(), ex.ToString())); this.Log(EventTypeEnumeration.Error, TestFederationTrust.TestFederationTrustEventId.FederationTrustConfiguration, Strings.FederatedOrganizationIdNotSet); return(null); } try { user.GetFederatedSmtpAddress(); } catch (LocalizedException ex2) { base.WriteVerbose(Strings.FailureAndReason(Strings.UserWithoutFederatedDomain.ToString(), ex2.ToString())); this.Log(EventTypeEnumeration.Error, TestFederationTrust.TestFederationTrustEventId.FederationTrustConfiguration, Strings.UserWithoutFederatedDomain); return(null); } this.Log(EventTypeEnumeration.Success, TestFederationTrust.TestFederationTrustEventId.FederationTrustConfiguration, Strings.FederationTrustValid); return(federationTrust); }