public async Task <IEnumerable <TIdentity> > FindIdentities(TLookupInfo item, IProviderManager providerManager, CancellationToken cancellationToken) { var providers = providerManager.GetItemIdentityProviders <TLookupInfo, TIdentity>(); var converters = providerManager.GetItemIdentityConverters <TIdentity>(); var identities = new List <IdentityPair>(); foreach (var provider in providers) { var result = new IdentityPair { Identity = await provider.FindIdentity(item), Order = provider.Order }; if (!Equals(result.Identity, default(TIdentity))) { identities.Add(result); } } var convertersAvailable = new List <IItemIdentityConverter <TIdentity> >(converters); bool changesMade; do { changesMade = false; for (int i = convertersAvailable.Count - 1; i >= 0; i--) { var converter = convertersAvailable[i]; var input = identities.FirstOrDefault(id => id.Identity.Type == converter.SourceType); var existing = identities.Where(id => id.Identity.Type == converter.ResultType); if (input != null && !existing.Any(id => id.Order <= converter.Order)) { var result = new IdentityPair { Identity = await converter.Convert(input.Identity).ConfigureAwait(false), Order = converter.Order }; if (!Equals(result.Identity, default(TIdentity))) { identities.Add(result); convertersAvailable.RemoveAt(i); changesMade = true; } } } } while (changesMade); return(identities.OrderBy(id => id.Order).Select(id => id.Identity)); }
private static IdentityPair GetUserIdentityPair(MailboxSession session, LogonType logonType) { IdentityPair result = default(IdentityPair); ClientSessionInfo remoteClientSessionInfo = session.RemoteClientSessionInfo; if (remoteClientSessionInfo != null) { result.LogonUserSid = remoteClientSessionInfo.LogonUserSid; result.LogonUserDisplayName = remoteClientSessionInfo.LogonUserDisplayName; } else { result = IdentityHelper.GetIdentityPair(session); if (result.LogonUserDisplayName == null && logonType == LogonType.Owner && session.MailboxOwner.MailboxInfo.IsArchive) { result.LogonUserDisplayName = AuditRecordFactory.ResolveMailboxOwnerName(session.MailboxOwner); } } return(result); }
private IdentityPair GetUserIdentityPair() { IdentityPair result = default(IdentityPair); ClientSessionInfo remoteClientSessionInfo = this.MailboxSession.RemoteClientSessionInfo; if (remoteClientSessionInfo != null) { result.LogonUserSid = remoteClientSessionInfo.LogonUserSid; result.LogonUserDisplayName = remoteClientSessionInfo.LogonUserDisplayName; } else { result = IdentityHelper.GetIdentityPair(this.MailboxSession); if (result.LogonUserDisplayName == null && this.LogonType == LogonType.Owner && this.MailboxSession.MailboxOwner.MailboxInfo.IsArchive) { result.LogonUserDisplayName = AuditEvent.ResolveMailboxOwnerName(this.MailboxSession.MailboxOwner); } } return(result); }
protected virtual IEnumerable <KeyValuePair <string, string> > InternalGetEventDetails() { yield return(new KeyValuePair <string, string>("Operation", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { this.AuditOperation }))); yield return(new KeyValuePair <string, string>("OperationResult", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { this.OperationSucceeded }))); yield return(new KeyValuePair <string, string>("LogonType", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { this.AuditScopeFromLogonType(this.LogonType) }))); yield return(new KeyValuePair <string, string>("ExternalAccess", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { this.ExternalAccess }))); yield return(new KeyValuePair <string, string>("UtcTime", this.CreationTime.ToString("s"))); yield return(new KeyValuePair <string, string>("InternalLogonType", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { this.MailboxSession.LogonType }))); yield return(new KeyValuePair <string, string>("MailboxGuid", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { this.MailboxSession.MailboxOwner.MailboxInfo.MailboxGuid }))); yield return(new KeyValuePair <string, string>("MailboxOwnerUPN", this.MailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString())); if (this.MailboxSession.MailboxOwner.Sid != null) { yield return(new KeyValuePair <string, string>("MailboxOwnerSid", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { this.MailboxSession.MailboxOwner.Sid }))); if (this.MailboxSession.MailboxOwner.MasterAccountSid != null) { yield return(new KeyValuePair <string, string>("MailboxOwnerMasterAccountSid", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { this.MailboxSession.MailboxOwner.MasterAccountSid }))); } } IdentityPair pair = this.GetUserIdentityPair(); if (pair.LogonUserSid != null) { yield return(new KeyValuePair <string, string>("LogonUserSid", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { pair.LogonUserSid }))); } if (pair.LogonUserDisplayName != null) { yield return(new KeyValuePair <string, string>("LogonUserDisplayName", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { pair.LogonUserDisplayName }))); } string clientInfoString = (this.MailboxSession.RemoteClientSessionInfo == null) ? this.MailboxSession.ClientInfoString : this.MailboxSession.RemoteClientSessionInfo.ClientInfoString; if (!string.IsNullOrEmpty(clientInfoString)) { yield return(new KeyValuePair <string, string>("ClientInfoString", clientInfoString)); } yield return(new KeyValuePair <string, string>("ClientIPAddress", string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { this.MailboxSession.ClientIPAddress }))); if (!string.IsNullOrEmpty(this.MailboxSession.ClientMachineName)) { yield return(new KeyValuePair <string, string>("ClientMachineName", this.MailboxSession.ClientMachineName)); } if (!string.IsNullOrEmpty(this.MailboxSession.ClientProcessName)) { yield return(new KeyValuePair <string, string>("ClientProcessName", this.MailboxSession.ClientProcessName)); } if (this.MailboxSession.ClientVersion != 0L) { yield return(new KeyValuePair <string, string>("ClientVersion", AuditEvent.GetVersionString(this.MailboxSession.ClientVersion))); } yield return(new KeyValuePair <string, string>("OriginatingServer", string.Format(CultureInfo.InvariantCulture, "{0} ({1})\r\n", new object[] { AuditEvent.MachineName, "15.00.1497.012" }))); yield break; }
private static void Fill(ExchangeMailboxAuditBaseRecord record, MailboxSession session, MailboxAuditOperations operation, OperationResult result, LogonType logonType, bool externalAccess) { EnumValidator.ThrowIfInvalid <MailboxAuditOperations>(operation); EnumValidator.ThrowIfInvalid <OperationResult>(result, "result"); EnumValidator.ThrowIfInvalid <LogonType>(logonType, "logonType"); Util.ThrowOnNullArgument(session, "session"); record.Operation = string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { operation }); record.OperationResult = AuditRecordFactory.GetOperationResult(result); record.LogonType = AuditRecordFactory.GetLogonType(logonType); record.ExternalAccess = externalAccess; record.CreationTime = DateTime.UtcNow; record.InternalLogonType = AuditRecordFactory.GetLogonType(session.LogonType); record.MailboxGuid = session.MailboxOwner.MailboxInfo.MailboxGuid; OrganizationId organizationId = session.OrganizationId; record.OrganizationId = ((organizationId == null || organizationId.OrganizationalUnit == null || organizationId.ConfigurationUnit == null) ? null : Convert.ToBase64String(organizationId.GetBytes(Encoding.UTF8))); record.OrganizationName = AuditRecordFactory.GetOrgNameFromOrgId(organizationId); record.MailboxOwnerUPN = session.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString(); if (session.MailboxOwner.Sid != null) { record.MailboxOwnerSid = string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { session.MailboxOwner.Sid }); if (session.MailboxOwner.MasterAccountSid != null) { record.MailboxOwnerMasterAccountSid = string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { session.MailboxOwner.MasterAccountSid }); } } IdentityPair userIdentityPair = AuditRecordFactory.GetUserIdentityPair(session, logonType); if (userIdentityPair.LogonUserSid != null) { record.LogonUserSid = string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { userIdentityPair.LogonUserSid }); record.UserId = record.LogonUserSid; } else { record.UserId = session.MailboxOwner.MailboxInfo.MailboxGuid.ToString("D", CultureInfo.InvariantCulture); } if (userIdentityPair.LogonUserDisplayName != null) { record.LogonUserDisplayName = string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { userIdentityPair.LogonUserDisplayName }); } string text = (session.RemoteClientSessionInfo == null) ? session.ClientInfoString : session.RemoteClientSessionInfo.ClientInfoString; if (!string.IsNullOrEmpty(text)) { record.ClientInfoString = text; } record.ClientIPAddress = string.Format(CultureInfo.InvariantCulture, "{0}", new object[] { session.ClientIPAddress }); if (!string.IsNullOrEmpty(session.ClientMachineName)) { record.ClientMachineName = session.ClientMachineName; } if (!string.IsNullOrEmpty(session.ClientProcessName)) { record.ClientProcessName = session.ClientProcessName; } if (session.ClientVersion != 0L) { record.ClientVersion = AuditRecordFactory.GetVersionString(session.ClientVersion); } record.OriginatingServer = string.Format(CultureInfo.InvariantCulture, "{0} ({1})\r\n", new object[] { AuditRecordFactory.MachineName, "15.00.1497.012" }); }