protected override IConfigDataProvider CreateSession()
{
OrganizationId organizationId = this.ResolveCurrentOrganization();
ADUser tenantArbitrationMailbox;
try
{
tenantArbitrationMailbox = AdminAuditLogHelper.GetTenantArbitrationMailbox(organizationId);
}
catch (ObjectNotFoundException innerException)
{
TaskLogger.Trace("ObjectNotFoundException occurred when getting Exchange principal from the arbitration mailbox.", new object[0]);
throw new AuditLogSearchArbitrationMailboxNotFoundException(organizationId.ToString(), innerException);
}
catch (NonUniqueRecipientException innerException2)
{
TaskLogger.Trace("More than one tenant arbitration mailbox found for the current organization.", new object[0]);
throw new AuditLogSearchNonUniqueArbitrationMailboxFoundException(organizationId.ToString(), innerException2);
}
ExchangePrincipal principal = ExchangePrincipal.FromADUser(ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(organizationId), tenantArbitrationMailbox, RemotingOptions.AllowCrossSite);
ADSessionSettings sessionSettings = base.CurrentOrganizationId.ToADSessionSettings();
this.recipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(true, ConsistencyMode.FullyConsistent, sessionSettings, 310, "CreateSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\AuditLogSearch\\NewAuditLogSearch.cs");
return(this.InternalCreateSearchDataProvider(principal, organizationId));
}
protected override void InternalProcessRecord()
{
if (this.DataObject.IsChanged(AdminAuditLogConfigSchema.AdminAuditLogAgeLimit) && !this.Force)
{
EnhancedTimeSpan t;
if (this.DataObject.AdminAuditLogAgeLimit == EnhancedTimeSpan.Zero)
{
if (!base.ShouldContinue(Strings.ConfirmationMessageAdminAuditLogAgeLimitZero(base.CurrentOrgContainerId.ToString())))
{
return;
}
}
else if (this.DataObject.TryGetOriginalValue <EnhancedTimeSpan>(AdminAuditLogConfigSchema.AdminAuditLogAgeLimit, out t))
{
EnhancedTimeSpan adminAuditLogAgeLimit = this.DataObject.AdminAuditLogAgeLimit;
if (t > adminAuditLogAgeLimit && !base.ShouldContinue(Strings.ConfirmationMessageAdminAuditLogAgeLimitSmaller(base.CurrentOrgContainerId.ToString(), adminAuditLogAgeLimit.ToString())))
{
return;
}
}
}
if (this.IsObjectStateChanged())
{
this.WriteWarning(Strings.WarningSetAdminAuditLogConfigDelay(SetAdminAuditLogConfig.AuditConfigSettingsDelayTime.TotalMinutes));
}
if (AdminAuditLogHelper.ShouldIssueWarning(base.CurrentOrganizationId))
{
this.WriteWarning(Strings.WarningSetAdminAuditLogOnPreE15(base.CurrentOrganizationId.ToString()));
}
base.InternalProcessRecord();
ProvisioningLayer.RefreshProvisioningBroker(this);
}
private AdminAuditLogEvent[] SearchInFFO()
{
IConfigurationSession configurationSession = AdminAuditLogHelper.CreateSession(this.searchCriteria.OrganizationId, null);
QueryFilter filter = this.GenerateSearchQueryFilterForFFO();
if (this.searchStatistics != null)
{
this.searchStatistics.QueryComplexity = this.searchCriteria.QueryComplexity;
}
AdminAuditLogEvent[] array = configurationSession.Find <AdminAuditLogEventFacade>(filter, null, false, null).Cast <AdminAuditLogEventFacade>().Select(delegate(AdminAuditLogEventFacade e)
{
AdminAuditLogEvent adminAuditLogEvent = new AdminAuditLogEvent
{
ObjectModified = e.ObjectModified,
ModifiedObjectResolvedName = e.ModifiedObjectResolvedName,
CmdletName = e.CmdletName,
CmdletParameters = e.CmdletParameters,
ModifiedProperties = e.ModifiedProperties,
Caller = e.Caller,
Succeeded = e.Succeeded,
Error = e.Error,
RunDate = e.RunDate,
OriginatingServer = e.OriginatingServer
};
adminAuditLogEvent[SimpleProviderObjectSchema.Identity] = new AdminAuditLogEventId(e.Identity);
return(adminAuditLogEvent);
}).ToArray <AdminAuditLogEvent>();
this.RedactCallerField(array);
if (array != null && this.searchStatistics != null)
{
this.searchStatistics.ResultsReturned += array.LongLength;
this.searchStatistics.CallResult = true;
}
return(array);
}
protected override IConfigurable PrepareDataObject()
{
base.PrepareDataObject();
if (this.Cmdlets != null)
{
this.DataObject.Cmdlets = this.Cmdlets;
}
if (this.Parameters != null)
{
this.DataObject.Parameters = this.Parameters;
}
if (this.ObjectIds != null)
{
this.DataObject.ObjectIds = this.ObjectIds;
}
if (this.UserIds != null)
{
this.DataObject.UserIdsUserInput = this.UserIds;
}
this.DataObject.Succeeded = null;
this.DataObject.StartIndex = 0;
this.DataObject.ResultSize = 50000;
this.DataObject.RedactDatacenterAdmins = !AdminAuditExternalAccessDeterminer.IsExternalAccess(base.SessionSettings.ExecutingUserIdentityName, base.SessionSettings.ExecutingUserOrganizationId, base.SessionSettings.CurrentOrganizationId);
AdminAuditLogHelper.SetResolveUsers(this.DataObject, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ADRecipient>), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskWarningLoggingDelegate(this.WriteWarning));
this.DataObject.Validate(new Task.TaskErrorLoggingDelegate(base.WriteError));
return(this.DataObject);
}
public static bool ShouldIssueWarning(OrganizationId organizationId)
{
ADUser aduser;
ExchangePrincipal exchangePrincipal;
Exception ex;
ArbitrationMailboxStatus arbitrationMailboxStatus = AdminAuditLogHelper.CheckArbitrationMailboxStatus(organizationId, out aduser, out exchangePrincipal, out ex);
return(arbitrationMailboxStatus != ArbitrationMailboxStatus.E15 && arbitrationMailboxStatus != ArbitrationMailboxStatus.FFO);
}
protected override void InternalProcessRecord()
{
if (AdminAuditLogHelper.ShouldIssueWarning(base.CurrentOrganizationId))
{
this.WriteWarning(Strings.WarningNewAdminAuditLogSearchOnPreE15(base.CurrentOrganizationId.ToString()));
return;
}
base.InternalProcessRecord();
}
public static StoreObjectId GetOrCreateAdminAuditLogsFolderId(ADUser adUser)
{
ExchangePrincipal exchangePrincipal = ExchangePrincipal.FromADUser(adUser.OrganizationId.ToADSessionSettings(), adUser, RemotingOptions.AllowCrossSite);
StoreObjectId orCreateAdminAuditLogsFolderId;
using (MailboxSession mailboxSession = AdminAuditLogHelper.GetMailboxSession(exchangePrincipal, "Client=Management;Action=GetOrCreateAdminAuditLogsFolderId"))
{
orCreateAdminAuditLogsFolderId = AdminAuditLogHelper.GetOrCreateAdminAuditLogsFolderId(mailboxSession);
}
return(orCreateAdminAuditLogsFolderId);
}
public static ArbitrationMailboxStatus CheckArbitrationMailboxStatus(OrganizationId organizationId, out ADUser user, out ExchangePrincipal principal, out Exception exception)
{
user = null;
principal = null;
exception = null;
try
{
if (DatacenterRegistry.IsForefrontForOffice())
{
return(ArbitrationMailboxStatus.FFO);
}
user = AdminAuditLogHelper.GetTenantArbitrationMailbox(organizationId);
principal = ExchangePrincipal.FromADUser(ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(organizationId), user, RemotingOptions.AllowCrossSite);
AdminAuditLogHelper.Tracer.TraceDebug <int>(0L, "AdminAuditLogHelper: Tenant arbitration mailbox server version is {0}", principal.MailboxInfo.Location.ServerVersion);
if (principal.MailboxInfo.Location.ServerVersion < Server.E14SP1MinVersion)
{
return(ArbitrationMailboxStatus.R4);
}
if (principal.MailboxInfo.Location.ServerVersion < Server.E15MinVersion)
{
return(ArbitrationMailboxStatus.R5);
}
return(ArbitrationMailboxStatus.E15);
}
catch (ObjectNotFoundException ex)
{
exception = ex;
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, ObjectNotFoundException>(0L, "AdminAuditLogHelper: unable to determine the arbitration mailbox version for org {0}, exception {1}", organizationId, ex);
}
catch (MailboxInfoStaleException ex2)
{
exception = ex2;
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, MailboxInfoStaleException>(0L, "AdminAuditLogHelper: unable to determine the arbitration mailbox version for org {0}, exception {1}", organizationId, ex2);
}
catch (SuitabilityDirectoryException ex3)
{
exception = ex3;
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, SuitabilityDirectoryException>(0L, "AdminAuditLogHelper: unable to determine the arbitration mailbox version for org {0}, exception {1}", organizationId, ex3);
}
catch (DatabaseLocationUnavailableException ex4)
{
exception = ex4;
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, DatabaseLocationUnavailableException>(0L, "AdminAuditLogHelper: unable to determine the arbitration mailbox version for org {0}, exception {1}", organizationId, ex4);
}
return(ArbitrationMailboxStatus.UnableToKnow);
}
public static AdminAuditLogConfig GetAdminAuditLogConfig(IConfigurationSession configSession)
{
OrganizationId currentOrganizationId = configSession.SessionSettings.CurrentOrganizationId;
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId>(0L, "AdminAuditLogHelper: Will retrieve config objects from AD for OrganizationId: {0}", currentOrganizationId);
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(currentOrganizationId);
IConfigurationSession configurationSession = configSession;
if (sharedConfiguration != null)
{
configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(configSession.ConsistencyMode, sharedConfiguration.GetSharedConfigurationSessionSettings(), 160, "GetAdminAuditLogConfig", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\AdminAuditLog\\AdminAuditLogHelper.cs");
}
configurationSession.SessionSettings.IsSharedConfigChecked = true;
bool includeCNFObject = configurationSession.SessionSettings.IncludeCNFObject;
AdminAuditLogConfig[] array;
try
{
configurationSession.SessionSettings.IncludeCNFObject = false;
array = configurationSession.Find <AdminAuditLogConfig>(null, QueryScope.SubTree, null, null, 2);
}
finally
{
configurationSession.SessionSettings.IncludeCNFObject = includeCNFObject;
}
if (array.Length == 0)
{
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId>(0L, "AdminAuditLogHelper: No AdminAuditLogConfig was found in org {0}.", currentOrganizationId);
AdminAuditLogHelper.WriteNoAdminAuditLogWarningAsNeed(configSession);
return(null);
}
if (array.Length > 1)
{
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId>(0L, "AdminAuditLogHelper: More than one AdminAuditLogConfig was found in org {0}.", currentOrganizationId);
ExManagementApplicationLogger.LogEvent(currentOrganizationId, ManagementEventLogConstants.Tuple_MultipleAdminAuditLogConfig, new string[]
{
currentOrganizationId.ToString()
});
throw new MultipleAdminAuditLogConfigException(currentOrganizationId.ToString());
}
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, bool>(0L, "AdminAuditLogHelper: One AdminAuditLogConfig was found in org {0}. Logging enabled is {1}.", currentOrganizationId, array[0].AdminAuditLogEnabled);
return(array[0]);
}
protected override IConfigDataProvider CreateSession()
{
OrganizationId organizationId = this.ResolveOrganizationId();
ADUser tenantArbitrationMailbox;
try
{
tenantArbitrationMailbox = AdminAuditLogHelper.GetTenantArbitrationMailbox(organizationId);
}
catch (ObjectNotFoundException innerException)
{
TaskLogger.Trace("ObjectNotFoundException occurred when getting Exchange principal from the discovery mailbox user.", new object[0]);
throw new AdminAuditLogSearchException(Strings.AuditLogSearchArbitrationMailboxNotFound(organizationId.ToString()), innerException);
}
catch (NonUniqueRecipientException innerException2)
{
TaskLogger.Trace("More than one tenant arbitration mailbox found for the current organization.", new object[0]);
throw new AdminAuditLogSearchException(Strings.AuditLogSearchNonUniqueArbitrationMailbox(organizationId.ToString()), innerException2);
}
ExchangePrincipal primaryMailbox = ExchangePrincipal.FromADUser(ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(organizationId), tenantArbitrationMailbox, RemotingOptions.AllowCrossSite);
return(new AuditLogSearchEwsDataProvider(primaryMailbox));
}
public static MailboxSession GetMailboxSession(ExchangePrincipal exchangePrincipal, string clientInfo)
{
return(AdminAuditLogHelper.RetryOnStorageTransientException <MailboxSession>(() => MailboxSession.OpenAsSystemService(exchangePrincipal, CultureInfo.InvariantCulture, clientInfo)));
}
public static StoreObjectId GetOrCreateAdminAuditLogsFolderId(OrganizationId orgId)
{
ADUser tenantArbitrationMailbox = AdminAuditLogHelper.GetTenantArbitrationMailbox(orgId);
return(AdminAuditLogHelper.GetOrCreateAdminAuditLogsFolderId(tenantArbitrationMailbox));
}
public AdminAuditLogEvent[] Search()
{
TaskLogger.LogEnter();
TaskLogger.Trace("Search criteria:\\r\\n{0}", new object[]
{
this.searchCriteria.ToString()
});
if (DatacenterRegistry.IsForefrontForOffice())
{
return(this.SearchInFFO());
}
ADUser tenantArbitrationMailbox;
try
{
tenantArbitrationMailbox = AdminAuditLogHelper.GetTenantArbitrationMailbox(this.searchCriteria.OrganizationId);
}
catch (ObjectNotFoundException innerException)
{
TaskLogger.Trace("ObjectNotFoundException occurred when getting Exchange principal from the discovery mailbox user.", new object[0]);
throw new AdminAuditLogSearchException(Strings.AdminAuditLogsLocationNotFound(this.searchCriteria.OrganizationId.ToString()), innerException);
}
catch (NonUniqueRecipientException innerException2)
{
TaskLogger.Trace("More than one tenant arbitration mailbox found for the current organization.", new object[0]);
throw new AdminAuditLogSearchException(Strings.AdminAuditLogsLocationNotFound(this.searchCriteria.OrganizationId.ToString()), innerException2);
}
Exception ex = null;
ExchangePrincipal principal = ExchangePrincipal.FromADUser(this.searchCriteria.OrganizationId.ToADSessionSettings(), tenantArbitrationMailbox, RemotingOptions.AllowCrossSite);
AdminAuditLogEvent[] result;
try
{
TaskLogger.Trace("Opening EWS connection for the tenant arbitration mailbox", new object[0]);
EwsAuditClient ewsAuditClient = new EwsAuditClient(new EwsConnectionManager(principal, OpenAsAdminOrSystemServiceBudgetTypeType.Default, AdminAuditLogSearchWorker.Tracer), TimeSpan.FromSeconds((double)this.searchTimeoutSeconds), AdminAuditLogSearchWorker.Tracer);
FolderIdType folderIdType = null;
ewsAuditClient.CheckAndCreateWellKnownFolder(DistinguishedFolderIdNameType.root, DistinguishedFolderIdNameType.recoverableitemsroot, out folderIdType);
ewsAuditClient.CheckAndCreateWellKnownFolder(DistinguishedFolderIdNameType.recoverableitemsroot, DistinguishedFolderIdNameType.adminauditlogs, out folderIdType);
if (folderIdType == null)
{
result = Array <AdminAuditLogEvent> .Empty;
}
else
{
EwsAuditLogCollection logCollection = new EwsAuditLogCollection(ewsAuditClient, folderIdType);
AuditLogSearchId auditLogSearchId = this.searchCriteria.Identity as AuditLogSearchId;
IEnumerable <AdminAuditLogEvent> source;
if (this.UseFASTQuery())
{
QueryStringType queryFilter = this.GenerateFASTSearchQueryString();
source = AuditLogSearchQuery.SearchAuditLogs <AdminAuditLogEvent, QueryStringType>(logCollection, queryFilter, this.searchCriteria.ResultSize + this.searchCriteria.StartIndex, TimeSpan.FromSeconds((double)this.searchTimeoutSeconds), new AdminAuditLogSearchWorker.QueryStrategy(this.searchCriteria), AdminAuditLogSearchWorker.Tracer);
}
else
{
RestrictionType queryFilter2 = this.GenerateSearchQueryFilterForEWS();
source = AuditLogSearchQuery.SearchAuditLogs <AdminAuditLogEvent, RestrictionType>(logCollection, queryFilter2, this.searchCriteria.ResultSize + this.searchCriteria.StartIndex, TimeSpan.FromSeconds((double)this.searchTimeoutSeconds), new AdminAuditLogSearchWorker.QueryStrategy(this.searchCriteria), AdminAuditLogSearchWorker.Tracer);
}
if (this.searchStatistics != null)
{
this.searchStatistics.QueryComplexity = this.searchCriteria.QueryComplexity;
this.searchStatistics.CorrelationID = ((auditLogSearchId != null) ? auditLogSearchId.Guid.ToString() : string.Empty);
}
AdminAuditLogEvent[] array = source.Take(this.searchCriteria.ResultSize).ToArray <AdminAuditLogEvent>();
this.RedactCallerField(array);
if (this.searchStatistics != null)
{
this.searchStatistics.ResultsReturned += array.LongLength;
this.searchStatistics.CallResult = true;
}
result = array;
}
}
catch (StorageTransientException ex2)
{
ex = ex2;
TaskLogger.Trace("Search admin audit log failed with transient storage exception. {0}", new object[]
{
ex2
});
throw new AdminAuditLogSearchException(Strings.AdminAuditLogSearchFailed, ex2, this.searchCriteria);
}
catch (StoragePermanentException ex3)
{
ex = ex3;
TaskLogger.Trace("Search admin audit log failed with permanent storage exception. {0}", new object[]
{
ex3
});
throw new AdminAuditLogSearchException(Strings.AdminAuditLogSearchFailed, ex3, this.searchCriteria);
}
catch (AuditLogException ex4)
{
ex = ex4;
TaskLogger.Trace("Search admin audit log failed with storage exception. {0}", new object[]
{
ex4
});
throw new AdminAuditLogSearchException(Strings.AdminAuditLogSearchFailed, ex4, this.searchCriteria);
}
finally
{
if (this.searchStatistics != null && ex != null)
{
this.searchStatistics.ErrorType = ex;
this.searchStatistics.ErrorCount++;
}
TaskLogger.LogExit();
}
return(result);
}
protected override void WriteResult <T>(IEnumerable <T> dataObjects)
{
try
{
TaskLogger.LogEnter(new object[]
{
dataObjects
});
DiagnosticContext.Reset();
using (AuditLogOpticsLogData auditLogOpticsLogData = new AuditLogOpticsLogData())
{
auditLogOpticsLogData.IsAsynchronous = false;
auditLogOpticsLogData.CallResult = false;
auditLogOpticsLogData.SearchStartDateTime = this.searchObject.StartDateUtc;
auditLogOpticsLogData.SearchEndDateTime = this.searchObject.EndDateUtc;
try
{
if (AdminAuditLogHelper.ShouldIssueWarning(base.CurrentOrganizationId))
{
DiagnosticContext.TraceLocation((LID)42684U);
this.WriteWarning(Strings.WarningSearchAdminAuditLogOnPreE15(base.CurrentOrganizationId.ToString()));
}
else
{
if (dataObjects != null)
{
using (IEnumerator <AdminAuditLogConfig> enumerator = (IEnumerator <AdminAuditLogConfig>)dataObjects.GetEnumerator())
{
this.GetAuditConfigObject(enumerator);
auditLogOpticsLogData.SearchType = "Admin";
auditLogOpticsLogData.OrganizationId = this.searchObject.OrganizationId;
auditLogOpticsLogData.ShowDetails = true;
auditLogOpticsLogData.MailboxCount = 1;
AdminAuditLogSearchWorker adminAuditLogSearchWorker = new AdminAuditLogSearchWorker(600, this.searchObject, auditLogOpticsLogData);
base.WriteVerbose(Strings.VerboseStartAuditLogSearch);
AdminAuditLogEvent[] array = adminAuditLogSearchWorker.Search();
base.WriteVerbose(Strings.VerboseSearchCompleted((array != null) ? array.Length : 0));
foreach (AdminAuditLogEvent dataObject in array)
{
this.WriteResult(dataObject);
}
auditLogOpticsLogData.CallResult = true;
goto IL_181;
}
}
DiagnosticContext.TraceLocation((LID)59068U);
Exception ex = new AdminAuditLogSearchException(Strings.ErrorAdminAuditLogConfig(base.CurrentOrganizationId.ToString()));
auditLogOpticsLogData.ErrorType = ex;
auditLogOpticsLogData.ErrorCount++;
base.WriteError(ex, ErrorCategory.ObjectNotFound, null);
IL_181 :;
}
}
catch (ArgumentException ex2)
{
DiagnosticContext.TraceLocation((LID)34492U);
auditLogOpticsLogData.ErrorType = ex2;
auditLogOpticsLogData.ErrorCount++;
base.WriteError(ex2, ErrorCategory.InvalidArgument, null);
}
catch (AdminAuditLogSearchException ex3)
{
DiagnosticContext.TraceLocation((LID)50876U);
auditLogOpticsLogData.ErrorType = ex3;
auditLogOpticsLogData.ErrorCount++;
base.WriteError(ex3, ErrorCategory.NotSpecified, null);
}
}
}
finally
{
TaskLogger.LogExit();
}
}
protected override void InternalValidate()
{
if (this.StartDate == null && this.EndDate == null)
{
this.EndDate = new ExDateTime?(ExDateTime.Now);
this.StartDate = new ExDateTime?(this.EndDate.Value.AddDays(-15.0));
}
if (this.StartDate != null && this.EndDate == null)
{
this.EndDate = new ExDateTime?(this.StartDate.Value.AddDays(15.0));
}
if (this.StartDate == null && this.EndDate != null)
{
this.StartDate = new ExDateTime?(this.EndDate.Value.AddDays(-15.0));
}
if (this.StartDate.Value > this.EndDate.Value)
{
base.WriteError(new ArgumentException(Strings.AdminAuditLogSearchStartDateIsLaterThanEndDate(this.StartDate.Value.ToString(), this.EndDate.Value.ToString())), ErrorCategory.InvalidArgument, null);
}
if (base.Fields["ResultSize"] == null)
{
this.ResultSize = 1000;
}
int num = 250000;
if (base.Fields["StartIndex"] == null)
{
this.StartIndex = 0;
}
if (this.StartIndex < 0 || this.StartIndex > num)
{
base.WriteError(new ArgumentOutOfRangeException("StartIndex", this.StartIndex, Strings.AdminAuditLogSearchOutOfRangeStartIndex(num)), ErrorCategory.InvalidArgument, null);
}
this.searchObject = new AdminAuditLogSearch
{
OrganizationId = base.CurrentOrganizationId,
Cmdlets = this.Cmdlets,
Parameters = this.Parameters,
ObjectIds = this.ObjectIds,
UserIdsUserInput = this.UserIds,
Succeeded = this.IsSuccess,
StartIndex = this.StartIndex,
ExternalAccess = this.ExternalAccess,
ResultSize = this.ResultSize,
RedactDatacenterAdmins = !AdminAuditExternalAccessDeterminer.IsExternalAccess(base.SessionSettings.ExecutingUserIdentityName, base.SessionSettings.ExecutingUserOrganizationId, base.SessionSettings.CurrentOrganizationId)
};
if (!this.StartDate.Value.HasTimeZone)
{
ExDateTime exDateTime = ExDateTime.Create(ExTimeZone.CurrentTimeZone, this.StartDate.Value.UniversalTime)[0];
this.searchObject.StartDateUtc = new DateTime?(exDateTime.UniversalTime);
}
else
{
this.searchObject.StartDateUtc = new DateTime?(this.StartDate.Value.UniversalTime);
}
if (!this.EndDate.Value.HasTimeZone)
{
ExDateTime exDateTime2 = ExDateTime.Create(ExTimeZone.CurrentTimeZone, this.EndDate.Value.UniversalTime)[0];
this.searchObject.EndDateUtc = new DateTime?(exDateTime2.UniversalTime);
}
else
{
this.searchObject.EndDateUtc = new DateTime?(this.EndDate.Value.UniversalTime);
}
AdminAuditLogHelper.SetResolveUsers(this.searchObject, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ADRecipient>), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskWarningLoggingDelegate(this.WriteWarning));
this.searchObject.Validate(new Task.TaskErrorLoggingDelegate(base.WriteError));
base.InternalValidate();
}
