protected override void InternalValidate()
{
TaskLogger.LogEnter();
base.InternalValidate();
bool flag = false;
if (base.Fields.IsModified(ADGroupSchema.Members))
{
if (this.DataObject.RoleGroupType == RoleGroupType.Linked)
{
base.WriteError(new RecipientTaskException(Strings.ErrorLinkedRoleGroupCannotHaveMembers), (ErrorCategory)1000, null);
}
List <ADObjectId> list = null;
SecurityPrincipalIdParameter[] parameters = this.GetChangedValues(true);
SecurityPrincipalIdParameter[] changedValues = this.GetChangedValues(false);
if (this.Members == null || !this.Members.IsChangesOnlyCopy)
{
flag = true;
if (this.Members != null)
{
parameters = this.Members.ToArray();
}
list = this.DataObject.Members.ToList <ADObjectId>();
this.DataObject.Members = new MultiValuedProperty <ADObjectId>();
}
SyncTaskHelper.ResolveModifiedMultiReferenceParameter <SecurityPrincipalIdParameter>("Members", "AddedMembers", parameters, new GetRecipientDelegate <SecurityPrincipalIdParameter>(this.GetRecipient), this.ReferenceErrorReporter, this.recipientIdsDictionary, this.recipientsDictionary, this.parameterDictionary);
SyncTaskHelper.ValidateModifiedMultiReferenceParameter <ADGroup>("Members", "AddedMembers", this.DataObject, new ValidateRecipientWithBaseObjectDelegate <ADGroup>(MailboxTaskHelper.ValidateGroupMember), this.ReferenceErrorReporter, this.recipientsDictionary, this.parameterDictionary);
SyncTaskHelper.AddModifiedRecipientIds("AddedMembers", SyncDistributionGroupSchema.Members, this.DataObject, this.recipientIdsDictionary);
if (flag)
{
MultiValuedProperty <ADObjectId> multiValuedProperty = new MultiValuedProperty <ADObjectId>();
foreach (ADObjectId item in list)
{
if (!this.DataObject.Members.Contains(item))
{
multiValuedProperty.Add(item);
}
}
this.recipientIdsDictionary["RemovedMembers"] = multiValuedProperty;
}
else
{
SyncTaskHelper.ResolveModifiedMultiReferenceParameter <SecurityPrincipalIdParameter>("Members", "RemovedMembers", changedValues, new GetRecipientDelegate <SecurityPrincipalIdParameter>(this.GetRecipient), this.ReferenceErrorReporter, this.recipientIdsDictionary, this.recipientsDictionary, this.parameterDictionary);
SyncTaskHelper.RemoveModifiedRecipientIds("RemovedMembers", SyncDistributionGroupSchema.Members, this.DataObject, this.recipientIdsDictionary);
}
}
MailboxTaskHelper.ValidateAddedMembers(base.TenantGlobalCatalogSession, this.DataObject, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>));
if (this.recipientIdsDictionary.ContainsKey("RemovedMembers") && this.recipientIdsDictionary["RemovedMembers"].Count > 0)
{
RoleAssignmentsGlobalConstraints roleAssignmentsGlobalConstraints = new RoleAssignmentsGlobalConstraints(this.ConfigurationSession, base.TenantGlobalCatalogSession, new Task.ErrorLoggerDelegate(base.WriteError));
roleAssignmentsGlobalConstraints.ValidateIsSafeToRemoveRoleGroupMember(this.DataObject, new List <ADObjectId>(this.recipientIdsDictionary["RemovedMembers"]));
}
TaskLogger.LogExit();
}
protected override void InternalProcessRecord()
{
try
{
base.InternalProcessRecord();
}
catch (ADNotAMemberException)
{
MailboxTaskHelper.WriteMemberNotFoundError(this.DataObject, base.Member, this.Identity.RawIdentity, base.IsSelfMemberAction, new Task.TaskErrorLoggingDelegate(base.WriteError));
}
}
protected override void SaveXsoObject(IConfigDataProvider provider, IConfigurable dataObject)
{
Exception ex = null;
try
{
TextMessagingHelper.SaveTextMessagingAccount((TextMessagingAccount)dataObject, (VersionedXmlDataProvider)provider, this.DataObject, (IRecipientSession)base.DataSession);
MailboxTaskHelper.ProcessRecord(delegate
{
Rules inboxRules = ((VersionedXmlDataProvider)provider).MailboxSession.InboxRules;
bool flag = false;
foreach (Rule rule in inboxRules)
{
if (rule.IsEnabled)
{
bool flag2 = true;
foreach (ActionBase actionBase in rule.Actions)
{
if (!(actionBase is SendSmsAlertToRecipientsAction) && !(actionBase is StopProcessingAction))
{
flag2 = false;
break;
}
}
if (flag2)
{
rule.IsEnabled = false;
flag = true;
}
}
}
if (flag)
{
inboxRules.Save();
}
}, new MailboxTaskHelper.ThrowTerminatingErrorDelegate(base.WriteError), this.Identity);
}
catch (ObjectExistedException ex2)
{
ex = ex2;
}
catch (SaveConflictException ex3)
{
ex = ex3;
}
catch (ADObjectEntryAlreadyExistsException ex4)
{
ex = ex4;
}
if (ex != null)
{
base.WriteError(new ConflictSavingException(this.DataObject.Identity.ToString(), ex), ErrorCategory.InvalidOperation, this.Identity);
}
}
protected override void PerformGroupMemberAction()
{
TaskLogger.LogEnter();
if (this.DataObject.RoleGroupType == RoleGroupType.Linked)
{
base.WriteError(new RecipientTaskException(Strings.ErrorLinkedRoleGroupCannotHaveMembers), (ErrorCategory)1000, null);
}
MailboxTaskHelper.ValidateAndAddMember(base.TenantGlobalCatalogSession, this.DataObject, base.Member, false, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>));
MailboxTaskHelper.ValidateAddedMembers(base.TenantGlobalCatalogSession, this.DataObject, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>));
TaskLogger.LogExit();
}
protected override IConfigDataProvider CreateSession()
{
MailboxIdParameter mailboxIdParameter = null;
ADUser aduser = null;
if (this.Identity != null)
{
if (this.Identity.InternalOWAExtensionId != null)
{
mailboxIdParameter = new MailboxIdParameter(this.Identity.InternalOWAExtensionId.MailboxOwnerId);
}
else
{
mailboxIdParameter = this.Identity.RawMailbox;
}
}
if (mailboxIdParameter != null && this.Mailbox != null)
{
base.WriteError(new InvalidOperationException(Strings.ErrorConflictingMailboxes), ErrorCategory.InvalidOperation, this.Identity);
}
if (mailboxIdParameter == null)
{
ADObjectId executingUserId;
if (!base.TryGetExecutingUserId(out executingUserId) && this.Mailbox == null)
{
return(this.CreateDataProviderForNonMailboxUser());
}
mailboxIdParameter = (this.Mailbox ?? MailboxTaskHelper.ResolveMailboxIdentity(executingUserId, new Task.ErrorLoggerDelegate(base.WriteError)));
}
try
{
aduser = (ADUser)base.GetDataObject <ADUser>(mailboxIdParameter, base.TenantGlobalCatalogSession, null, new LocalizedString?(Strings.ErrorMailboxNotFound(mailboxIdParameter.ToString())), new LocalizedString?(Strings.ErrorMailboxNotUnique(mailboxIdParameter.ToString())));
}
catch (ManagementObjectNotFoundException)
{
return(this.CreateDataProviderForNonMailboxUser());
}
if (this.Identity != null && this.Identity.InternalOWAExtensionId == null)
{
this.Identity.InternalOWAExtensionId = OWAExtensionHelper.CreateOWAExtensionId(this, aduser.Id, null, this.Identity.RawExtensionName);
}
ADScopeException ex;
if (!TaskHelper.UnderscopeSessionToOrganization(base.TenantGlobalCatalogSession, aduser.OrganizationId, true).TryVerifyIsWithinScopes(aduser, true, out ex))
{
base.WriteError(new InvalidOperationException(Strings.ErrorCannotChangeMailboxOutOfWriteScope(aduser.Identity.ToString(), (ex == null) ? string.Empty : ex.Message), ex), ErrorCategory.InvalidOperation, aduser.Identity);
}
IConfigDataProvider configDataProvider = GetApp.CreateOwaExtensionDataProvider(null, base.TenantGlobalCatalogSession, base.SessionSettings, !this.OrganizationApp, aduser, "Remove-App", false, new Task.ErrorLoggerDelegate(base.WriteError));
this.mailboxOwner = ((OWAExtensionDataProvider)configDataProvider).MailboxSession.MailboxOwner.ObjectId.ToString();
return(configDataProvider);
}
protected override void InternalValidate()
{
TaskLogger.LogEnter();
base.InternalValidate();
if (base.Fields.IsModified(ADRecipientSchema.RoleAssignmentPolicy) && (MailboxPolicyIdParameter)base.Fields[ADRecipientSchema.RoleAssignmentPolicy] == null && !OrganizationId.ForestWideOrgId.Equals(this.DataObject.OrganizationId))
{
base.WriteError(new TaskInvalidOperationException(Strings.ResettingPolicyIsNotSupported("RoleAssignmentPolicy")), ExchangeErrorCategory.Client, this.Identity);
}
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(base.CurrentOrganizationId);
if (sharedConfiguration != null)
{
this.DataObject.SharedConfiguration = sharedConfiguration.SharedConfigId.ConfigurationUnit;
}
if (this.DataObject.IsResource)
{
this.CheckResourceProperties();
}
else if (this.DataObject.RecipientTypeDetails == RecipientTypeDetails.DiscoveryMailbox)
{
if (base.Fields.IsModified(ADRecipientSchema.AcceptMessagesOnlyFrom) || base.Fields.IsModified(ADRecipientSchema.AcceptMessagesOnlyFromSendersOrMembers))
{
base.WriteError(new TaskInvalidOperationException(Strings.ErrorCannotChangeAcceptMessagesFrom), ExchangeErrorCategory.Client, this.DataObject);
}
MailboxTaskHelper.ValidateMaximumDiscoveryMailboxQuota(this.DataObject, this.ConfigurationSession, base.CurrentOrganizationId, new Task.ErrorLoggerDelegate(base.WriteError));
}
else if (this.PublicFolder && base.UserSpecifiedParameters.Contains(MailEnabledRecipientSchema.HiddenFromAddressListsEnabled.Name))
{
base.WriteError(new TaskInvalidOperationException(Strings.ErrorCannotChangeHiddenFromAddressListsEnabled), ExchangeErrorCategory.Client, this.DataObject);
}
if (this.RetentionPolicy != null && this.DataObject.RecipientTypeDetails == RecipientTypeDetails.TeamMailbox)
{
base.WriteError(new RecipientTaskException(Strings.ErrorNoRetentionPolicyForTeamMailbox(this.DataObject.Name)), ExchangeErrorCategory.Client, this.DataObject);
}
if (this.AuditLog)
{
Mailbox mailbox = (Mailbox)this.GetDynamicParameters();
foreach (object obj in SetMailboxBase<MailboxIdParameter, Mailbox>.InvalidAuditLogParameters)
{
ProviderPropertyDefinition providerPropertyDefinition = obj as ProviderPropertyDefinition;
if (base.Fields.IsModified(obj) || (providerPropertyDefinition != null && mailbox.IsModified(providerPropertyDefinition)))
{
base.WriteError(new TaskArgumentException(Strings.ErrorInvalidParameterForAuditLog((providerPropertyDefinition == null) ? obj.ToString() : providerPropertyDefinition.Name, "AuditLog")), ExchangeErrorCategory.Client, this.Identity);
}
}
}
else if (this.DataObject.RecipientTypeDetails == RecipientTypeDetails.AuditLogMailbox)
{
base.WriteError(new RecipientTaskException(Strings.RecipientNotFoundException(this.DataObject.Name)), ExchangeErrorCategory.Client, this.DataObject);
}
base.VerifyIsWithinScopes((IRecipientSession)base.DataSession, this.DataObject, true, new DataAccessTask<ADUser>.ADObjectOutOfScopeString(Strings.ErrorCannotChangeMailboxOutOfWriteScope));
TaskLogger.LogExit();
}
protected override IConfigDataProvider CreateSession()
{
MailboxIdParameter mailboxIdParameter = null;
if (this.Identity != null)
{
if (this.Identity.InternalInboxRuleId != null)
{
mailboxIdParameter = new MailboxIdParameter(this.Identity.InternalInboxRuleId.MailboxOwnerId);
}
else
{
mailboxIdParameter = this.Identity.RawMailbox;
}
}
if (mailboxIdParameter != null && this.Mailbox != null)
{
base.WriteError(new InvalidOperationException(Strings.ErrorConflictingMailboxes), ErrorCategory.InvalidOperation, this.Identity);
}
if (mailboxIdParameter == null)
{
ADObjectId executingUserId;
base.TryGetExecutingUserId(out executingUserId);
mailboxIdParameter = (this.Mailbox ?? MailboxTaskHelper.ResolveMailboxIdentity(executingUserId, new Task.ErrorLoggerDelegate(base.WriteError)));
}
ADUser aduser = (ADUser)base.GetDataObject <ADUser>(mailboxIdParameter, base.TenantGlobalCatalogSession, null, new LocalizedString?(Strings.ErrorMailboxNotFound(mailboxIdParameter.ToString())), new LocalizedString?(Strings.ErrorMailboxNotUnique(mailboxIdParameter.ToString())));
if (this.Identity != null && this.Identity.InternalInboxRuleId == null)
{
this.Identity.InternalInboxRuleId = new InboxRuleId(aduser.Id, this.Identity.RawRuleName, this.Identity.RawRuleId);
}
IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(base.DomainController, false, ConsistencyMode.PartiallyConsistent, null, base.SessionSettings, 150, "CreateSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\InboxRule\\GetInboxRule.cs");
base.VerifyIsWithinScopes(TaskHelper.UnderscopeSessionToOrganization(tenantOrRootOrgRecipientSession, aduser.OrganizationId, true), aduser, true, new DataAccessTask <InboxRule> .ADObjectOutOfScopeString(Strings.ErrorCannotChangeMailboxOutOfWriteScope));
InboxRuleDataProvider inboxRuleDataProvider = new InboxRuleDataProvider(base.SessionSettings, aduser, "Get-InboxRule");
if (this.IncludeHidden)
{
inboxRuleDataProvider.IncludeHidden = true;
}
if (base.Fields.IsChanged("DescriptionTimeZone"))
{
inboxRuleDataProvider.DescriptionTimeZone = this.DescriptionTimeZone;
}
if (base.Fields.IsChanged("DescriptionTimeFormat"))
{
inboxRuleDataProvider.DescriptionTimeFormat = this.DescriptionTimeFormat;
}
return(inboxRuleDataProvider);
}
private void GrantPermissionToLinkedUser(ADUser user)
{
if (this.IsAccountDisabled(user))
{
return;
}
user.UserAccountControl = (UserAccountControlFlags.AccountDisabled | UserAccountControlFlags.NormalAccount);
MailboxTaskHelper.GrantPermissionToLinkedUserAccount(user, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose));
if (base.IsVerboseOn)
{
base.WriteVerbose(Strings.VerboseSaveADSecurityDescriptor(user.Id.ToString()));
}
user.SaveSecurityDescriptor(((SecurityDescriptor)user[ADObjectSchema.NTSecurityDescriptor]).ToRawSecurityDescriptor());
}
protected override void PrepareRecipientObject(ref ADGroup group)
{
TaskLogger.LogEnter();
base.PrepareRecipientObject(ref group);
if (group != null && (group.RecipientTypeDetails == RecipientTypeDetails.GroupMailbox || group.RecipientTypeDetails == RecipientTypeDetails.RemoteGroupMailbox))
{
base.WriteError(new RecipientTaskException(Strings.NotAValidDistributionGroup), ExchangeErrorCategory.Client, this.Identity.ToString());
}
if (RecipientType.MailUniversalDistributionGroup == group.RecipientType || RecipientType.MailUniversalSecurityGroup == group.RecipientType || RecipientType.MailNonUniversalGroup == group.RecipientType)
{
base.WriteError(new InvalidOperationException(Strings.ErrorGroupAlreadyMailEnabled(this.Identity.ToString())), ErrorCategory.InvalidOperation, group.Identity);
}
if ((group.GroupType & GroupTypeFlags.Universal) == GroupTypeFlags.None)
{
base.WriteError(new InvalidOperationException(Strings.ErrorEnableNonUniversalGroup), ErrorCategory.InvalidOperation, group.Identity);
}
if (group.RecipientTypeDetails == RecipientTypeDetails.RoleGroup)
{
base.WriteError(new CannotEnableRoleGroupException(), ErrorCategory.InvalidOperation, group.Identity);
}
group.SetExchangeVersion(group.MaximumSupportedExchangeObjectVersion);
List <PropertyDefinition> list = new List <PropertyDefinition>(DisableDistributionGroup.PropertiesToReset);
MailboxTaskHelper.RemovePersistentProperties(list);
MailboxTaskHelper.ClearExchangeProperties(group, list);
group.SetExchangeVersion(group.MaximumSupportedExchangeObjectVersion);
if (this.DelayProvisioning && base.IsProvisioningLayerAvailable)
{
this.ProvisionDefaultValues(new ADGroup(), group);
}
if (VariantConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).CmdletInfra.ReportToOriginator.Enabled)
{
group.ReportToOriginatorEnabled = true;
}
else
{
group.ReportToOriginatorEnabled = false;
}
group.RequireAllSendersAreAuthenticated = true;
if ((group.GroupType & GroupTypeFlags.SecurityEnabled) == GroupTypeFlags.SecurityEnabled)
{
group.RecipientDisplayType = new RecipientDisplayType?(RecipientDisplayType.SecurityDistributionGroup);
}
else
{
group.RecipientDisplayType = new RecipientDisplayType?(RecipientDisplayType.DistributionGroup);
}
TaskLogger.LogExit();
}
protected override IConfigurable PrepareDataObject()
{
TaskLogger.LogEnter();
ADGroup adgroup = (ADGroup)base.PrepareDataObject();
if (adgroup != null && (adgroup.RecipientTypeDetails == RecipientTypeDetails.GroupMailbox || adgroup.RecipientTypeDetails == RecipientTypeDetails.RemoteGroupMailbox))
{
base.WriteError(new RecipientTaskException(Strings.NotAValidDistributionGroup), ExchangeErrorCategory.Client, this.Identity.ToString());
}
MailboxTaskHelper.ClearExchangeProperties(adgroup, DisableDistributionGroup.PropertiesToReset);
adgroup.SetExchangeVersion(null);
adgroup.OverrideCorruptedValuesWithDefault();
TaskLogger.LogExit();
return(adgroup);
}
protected override IConfigurable PrepareDataObject()
{
TaskLogger.LogEnter();
ADContact adcontact = (ADContact)base.PrepareDataObject();
if (adcontact.RecipientTypeDetails == RecipientTypeDetails.MailForestContact)
{
base.WriteError(new InvalidOperationException(Strings.DisableMailForestContactNotAllowed(adcontact.Name)), ErrorCategory.InvalidOperation, adcontact.Identity);
}
MailboxTaskHelper.ClearExchangeProperties(adcontact, DisableMailContact.PropertiesToReset);
adcontact.SetExchangeVersion(null);
adcontact.OverrideCorruptedValuesWithDefault();
TaskLogger.LogExit();
return(adcontact);
}
protected override void PerformGroupMemberAction()
{
TaskLogger.LogEnter();
MailboxTaskHelper.ValidateAndRemoveMember(base.TenantGlobalCatalogSession, this.DataObject, base.Member, null, false, new Task.TaskErrorLoggingDelegate(base.WriteError), new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ADRecipient>));
if (this.DataObject.Members.Changed)
{
ADRecipient adrecipient = (ADRecipient)base.GetDataObject <ADRecipient>(base.Member, base.TenantGlobalCatalogSession, this.DataObject.OrganizationId.OrganizationalUnit, null, new LocalizedString?(Strings.ErrorRecipientNotFound(base.Member.ToString())), new LocalizedString?(Strings.ErrorRecipientNotUnique(base.Member.ToString())));
RoleAssignmentsGlobalConstraints roleAssignmentsGlobalConstraints = new RoleAssignmentsGlobalConstraints(this.ConfigurationSession, base.TenantGlobalCatalogSession, new Task.ErrorLoggerDelegate(base.WriteError));
roleAssignmentsGlobalConstraints.ValidateIsSafeToRemoveRoleGroupMember(this.DataObject, new List <ADObjectId>
{
adrecipient.Id
});
}
TaskLogger.LogExit();
}
private static void ConnectArchiveCore(ADUser userToConnect, Guid deletedMailboxGuid, string parameterSetName, IRecipientSession recipientSession, IConfigurationSession configSession, MapiAdministrationSession mapiAdministrationSession, string alias, SecurityIdentifier linkedUserSid, DatabaseLocationInfo databaseLocationInfo, MailboxDatabase database, Task.TaskVerboseLoggingDelegate verboseLogger, Task.TaskWarningLoggingDelegate warningLogger)
{
userToConnect.ArchiveDatabase = (ADObjectId)database.Identity;
userToConnect.ArchiveGuid = deletedMailboxGuid;
userToConnect.ArchiveName = new MultiValuedProperty <string>(Strings.ArchiveNamePrefix + userToConnect.DisplayName);
if (MailboxTaskHelper.SupportsMailboxReleaseVersioning(userToConnect))
{
userToConnect.ArchiveRelease = databaseLocationInfo.MailboxRelease;
}
userToConnect.ArchiveQuota = ProvisioningHelper.DefaultArchiveQuota;
userToConnect.ArchiveWarningQuota = ProvisioningHelper.DefaultArchiveWarningQuota;
MailboxTaskHelper.ApplyDefaultArchivePolicy(userToConnect, configSession);
recipientSession.Save(userToConnect);
verboseLogger(Strings.VerboseADOperationSucceeded(userToConnect.Identity.ToString()));
ConnectMailbox.UpdateSDAndRefreshMailbox(mapiAdministrationSession, userToConnect, database, deletedMailboxGuid, parameterSetName, verboseLogger, warningLogger);
}
protected override void InternalValidate()
{
TaskLogger.LogEnter();
base.InternalValidate();
if (this.Identity != null && this.Arbitration.IsPresent)
{
MailboxTaskHelper.ValidateArbitrationMailboxHasNoGroups(this.DataObject, base.TenantGlobalCatalogSession, new Task.ErrorLoggerDelegate(base.WriteError), Strings.ErrorDisableMailboxWithAssociatedApprovalRecipents(this.Identity.ToString()));
MailboxTaskHelper.ValidateNotLastArbitrationMailbox(this.DataObject, base.TenantGlobalCatalogSession, base.RootOrgContainerId, this.DisableLastArbitrationMailboxAllowed.IsPresent, new Task.ErrorLoggerDelegate(base.WriteError), Strings.ErrorCannotDisableLastArbitrationMailboxInOrganization(this.Identity.ToString()));
}
if (this.PublicFolder && (this.currentOrganizationId == null || this.currentOrganizationId != this.DataObject.OrganizationId))
{
this.currentOrganizationId = this.DataObject.OrganizationId;
TenantPublicFolderConfigurationCache.Instance.RemoveValue(this.DataObject.OrganizationId);
}
TaskLogger.LogExit();
}
private void ValidateLinkedMasterAccount()
{
if (string.IsNullOrEmpty(this.LinkedDomainController))
{
base.WriteError(new RecipientTaskException(Strings.ErrorMissLinkedDomainController), ErrorCategory.InvalidArgument, this.Identity);
}
try
{
NetworkCredential userForestCredential = (this.LinkedCredential == null) ? null : this.LinkedCredential.GetNetworkCredential();
this.linkedUserSid = MailboxTaskHelper.GetAccountSidFromAnotherForest(this.LinkedMasterAccount, this.LinkedDomainController, userForestCredential, base.GlobalConfigSession, new MailboxTaskHelper.GetUniqueObject(base.GetDataObject <ADUser>), new Task.ErrorLoggerDelegate(base.ThrowTerminatingError));
}
catch (PSArgumentException exception)
{
base.ThrowTerminatingError(exception, ErrorCategory.InvalidArgument, this.LinkedCredential);
}
}
protected override void InternalProcessRecord()
{
TaskLogger.LogEnter();
base.DataSession.Save(this.DataObject);
base.WriteVerbose(Strings.VerboseSettingPassword(this.DataObject.Id.ToString()));
MailboxTaskHelper.SetMailboxPassword((IRecipientSession)base.DataSession, this.DataObject, null, new Task.ErrorLoggerDelegate(base.WriteError));
this.DataObject = (ADUser)base.DataSession.Read <ADUser>(this.DataObject.Identity);
this.DataObject[ADUserSchema.PasswordLastSetRaw] = new long?(-1L);
this.DataObject.UserAccountControl = UserAccountControlFlags.NormalAccount;
if (base.Fields.IsModified(SyncMailUserSchema.AccountDisabled))
{
SyncTaskHelper.SetExchangeAccountDisabled(this.DataObject, this.AccountDisabled);
}
base.InternalProcessRecord();
TaskLogger.LogExit();
}
protected override void InternalBeginProcessing()
{
TaskLogger.LogEnter();
LocalizedString empty = LocalizedString.Empty;
this.Name = MailboxTaskHelper.GetNameOfAcceptableLengthForMultiTenantMode(this.Name, out empty);
if (empty != LocalizedString.Empty)
{
this.WriteWarning(empty);
}
base.InternalBeginProcessing();
if (this.Organization == null)
{
if (base.CurrentOrganizationId == OrganizationId.ForestWideOrgId)
{
base.WriteError(new ArgumentException(Strings.ErrorOrganizationParameterRequired), ErrorCategory.InvalidOperation, null);
}
else
{
this.Organization = new OrganizationIdParameter(base.CurrentOrganizationId.OrganizationalUnit.Name);
}
}
base.CurrentOrganizationId = this.ResolveCurrentOrganization();
OrganizationTaskHelper.ValidateParamString("Name", this.Name, new Task.TaskErrorLoggingDelegate(base.WriteError));
if (base.Fields["AuthenticationType"] == null)
{
this.AuthenticationType = AuthenticationType.Managed;
}
if (base.Fields["LiveIdInstanceType"] == null)
{
this.LiveIdInstanceType = LiveIdInstanceType.Consumer;
}
base.Fields["OutBoundOnly"] = this.OutBoundOnly;
base.Fields["MakeDefault"] = this.MakeDefault;
string value = string.Empty;
if (this.Organization != null)
{
PartitionId partitionIdByAcceptedDomainName = ADAccountPartitionLocator.GetPartitionIdByAcceptedDomainName(this.Organization.RawIdentity);
if (partitionIdByAcceptedDomainName != null)
{
value = base.ServerSettings.PreferredGlobalCatalog(partitionIdByAcceptedDomainName.ForestFQDN);
}
}
base.Fields["PreferredServer"] = value;
TaskLogger.LogExit();
}
protected override void InternalValidate()
{
TaskLogger.LogEnter();
if (this.WindowsLiveID != null)
{
using (new CmdletMonitoredScope(base.CurrentTaskContext.UniqueId, "BizLogic", "NewUserBase.InternalValidate", LoggerHelper.CmdletPerfMonitors))
{
if (this.WindowsLiveID.NetId != null && !this.BypassLiveId)
{
MailboxTaskHelper.IsLiveIdExists((IRecipientSession)base.DataSession, this.WindowsLiveID.SmtpAddress, this.WindowsLiveID.NetId, new Task.ErrorLoggerDelegate(base.WriteError));
}
MailboxTaskHelper.CheckNameAvailability(base.TenantGlobalCatalogSession, base.Name, base.RecipientContainerId, new Task.ErrorLoggerDelegate(base.WriteError));
}
}
base.InternalValidate();
TaskLogger.LogExit();
}
protected override void InternalValidate()
{
TaskLogger.LogEnter();
base.InternalValidate();
this.recipient = MailboxTaskHelper.FindMicrosoftExchangeRecipient((IRecipientSession)base.DataSession, DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(this.DomainController, true, ConsistencyMode.PartiallyConsistent, ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(base.CurrentOrganizationId), 114, "InternalValidate", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\MicrosoftExchangeRecipient\\RemoveMicrosoftExchangeRecipient.cs"));
if (this.recipient == null)
{
base.WriteError(new InvalidOperationException(Strings.ErrorMicrosoftExchangeRecipientNotFound), ErrorCategory.InvalidOperation, null);
}
IVersionable versionable = this.recipient;
if (versionable != null && versionable.MaximumSupportedExchangeObjectVersion.IsOlderThan(versionable.ExchangeVersion))
{
base.WriteError(new TaskException(Strings.ErrorRemoveNewerObject(this.recipient.Identity.ToString(), versionable.ExchangeVersion.ExchangeBuild.ToString())), ErrorCategory.InvalidArgument, null);
}
TaskLogger.LogExit();
}
protected override void PrepareRecipientObject(ADUser user)
{
TaskLogger.LogEnter();
base.PrepareRecipientObject(user);
user.Database = ProvisioningCache.Instance.TryAddAndGetGlobalData <ADObjectId>(CannedProvisioningCacheKeys.DatabaseContainerId, () => base.GlobalConfigSession.GetDatabasesContainerId());
string str = ProvisioningCache.Instance.TryAddAndGetGlobalData <string>(CannedProvisioningCacheKeys.AdministrativeGroupLegDN, () => base.GlobalConfigSession.GetAdministrativeGroup().LegacyExchangeDN);
user.MailboxRelease = MailboxRelease.None;
user.ArchiveRelease = MailboxRelease.None;
user.ServerLegacyDN = str + "/cn=Servers/cn=73BCAADF75B34A4781FDCDA446B76E7C";
MailboxTaskHelper.StampMailboxRecipientTypes(user, "MailboxPlan");
base.IsSetRandomPassword = true;
if (this.IsDefault || ((IRecipientSession)base.DataSession).Find(null, QueryScope.SubTree, RecipientFilterHelper.MailboxPlanFilter, null, 1).Length == 0)
{
user.IsDefault = true;
}
TaskLogger.LogExit();
}
protected override void PerformGroupMemberAction()
{
try
{
ADRecipient memberRecipient = (ADRecipient)base.GetDataObject <ADRecipient>(base.Member, base.GlobalCatalogRBACSession, this.DataObject.OrganizationId.OrganizationalUnit, null, new LocalizedString?(Strings.ErrorRecipientNotFound((string)base.Member)), new LocalizedString?(Strings.ErrorRecipientNotUnique((string)base.Member)), ExchangeErrorCategory.Client);
MailboxTaskHelper.ValidateAndAddMember(this.DataObject, base.Member, memberRecipient, new Task.ErrorLoggerDelegate(base.WriteError));
}
catch (ManagementObjectNotFoundException)
{
ADRecipient adrecipient = (ADRecipient)base.GetDataObject <ADRecipient>(base.Member, base.PartitionOrRootOrgGlobalCatalogSession, this.DataObject.OrganizationId.OrganizationalUnit, null, new LocalizedString?(Strings.ErrorRecipientNotFound((string)base.Member)), new LocalizedString?(Strings.ErrorRecipientNotUnique((string)base.Member)), ExchangeErrorCategory.Client);
ADObjectId x;
if (adrecipient == null || !base.TryGetExecutingUserId(out x) || !ADObjectId.Equals(x, adrecipient.Id) || !adrecipient.HiddenFromAddressListsEnabled)
{
throw;
}
MailboxTaskHelper.ValidateAndAddMember(this.DataObject, base.Member, adrecipient, new Task.ErrorLoggerDelegate(base.WriteError));
}
}
protected override void InternalBeginProcessing()
{
TaskLogger.LogEnter();
base.InternalBeginProcessing();
if ("crossforest" == base.ParameterSetName)
{
try
{
NetworkCredential userForestCredential = (this.LinkedCredential == null) ? null : this.LinkedCredential.GetNetworkCredential();
this.linkedGroupSid = MailboxTaskHelper.GetSidFromAnotherForest <ADGroup>(this.LinkedForeignGroup, this.LinkedDomainController, userForestCredential, base.GlobalConfigSession, new MailboxTaskHelper.GetUniqueObject(base.GetDataObject <ADGroup>), new Task.ErrorLoggerDelegate(base.ThrowTerminatingError), new MailboxTaskHelper.OneStringErrorDelegate(Strings.ErrorLinkedGroupInTheCurrentForest), new MailboxTaskHelper.TwoStringErrorDelegate(Strings.ErrorGroupNotFoundOnGlobalCatalog), new MailboxTaskHelper.TwoStringErrorDelegate(Strings.ErrorGroupNotFoundOnDomainController), new MailboxTaskHelper.TwoStringErrorDelegate(Strings.ErrorGroupNotUniqueOnGlobalCatalog), new MailboxTaskHelper.TwoStringErrorDelegate(Strings.ErrorGroupNotUniqueOnDomainController), new MailboxTaskHelper.OneStringErrorDelegate(Strings.ErrorVerifyLinkedGroupForest));
}
catch (PSArgumentException exception)
{
base.ThrowTerminatingError(exception, ErrorCategory.InvalidArgument, this.LinkedCredential);
}
}
TaskLogger.LogExit();
}
protected override IConfigurable ResolveDataObject()
{
ADRecipient adrecipient = (ADRecipient)base.ResolveDataObject();
MailboxTaskHelper.BlockRemoveOrDisableIfLitigationHoldEnabled((ADUser)adrecipient, new Task.ErrorLoggerDelegate(base.WriteError), true, this.IgnoreLegalHold.ToBool());
MailboxTaskHelper.BlockRemoveOrDisableIfDiscoveryHoldEnabled((ADUser)adrecipient, new Task.ErrorLoggerDelegate(base.WriteError), true, this.IgnoreLegalHold.ToBool());
MailboxTaskHelper.BlockRemoveOrDisableIfJournalNDRMailbox((ADUser)adrecipient, this.TenantLocalConfigurationSession, new Task.ErrorLoggerDelegate(base.WriteError), true);
MailboxTaskHelper.ValidateNoOABsAssignedToArbitrationMailbox((ADUser)adrecipient, this.DisableArbitrationMailboxWithOABsAllowed.ToBool(), new Task.ErrorLoggerDelegate(base.WriteError), Strings.ErrorDisableArbitrationMailboxWithOABsAssigned(this.Identity.ToString()));
if (MailboxTaskHelper.ExcludeArbitrationMailbox(adrecipient, this.Arbitration) || MailboxTaskHelper.ExcludePublicFolderMailbox(adrecipient, this.PublicFolder) || MailboxTaskHelper.ExcludeMailboxPlan(adrecipient, false))
{
base.WriteError(new ManagementObjectNotFoundException(base.GetErrorMessageObjectNotFound(this.Identity.ToString(), typeof(ADUser).ToString(), (base.DataSession != null) ? base.DataSession.Source : null)), ErrorCategory.InvalidData, this.Identity);
}
if (ComplianceConfigImpl.JournalArchivingHardeningEnabled)
{
MailboxTaskHelper.BlockRemoveOrDisableMailboxIfJournalArchiveEnabled(base.DataSession as IRecipientSession, this.ConfigurationSession, (ADUser)adrecipient, new Task.ErrorLoggerDelegate(base.WriteError), true);
}
return(adrecipient);
}
protected override IConfigDataProvider CreateSession()
{
MailboxIdParameter mailboxIdParameter = null;
if (this.Identity != null)
{
if (this.Identity.InternalOWAExtensionId != null)
{
mailboxIdParameter = new MailboxIdParameter(this.Identity.InternalOWAExtensionId.MailboxOwnerId);
}
else
{
mailboxIdParameter = this.Identity.RawMailbox;
}
}
if (mailboxIdParameter != null && this.Mailbox != null)
{
base.WriteError(new InvalidOperationException(Strings.ErrorConflictingMailboxes), ErrorCategory.InvalidOperation, this.Identity);
}
if (mailboxIdParameter == null)
{
ADObjectId executingUserId;
if (!base.TryGetExecutingUserId(out executingUserId) && this.Mailbox == null)
{
base.WriteError(new LocalizedException(Strings.ErrorParameterRequired("Mailbox")), ErrorCategory.InvalidArgument, null);
}
mailboxIdParameter = (this.Mailbox ?? MailboxTaskHelper.ResolveMailboxIdentity(executingUserId, new Task.ErrorLoggerDelegate(base.WriteError)));
}
this.adUser = (ADUser)base.GetDataObject <ADUser>(mailboxIdParameter, base.TenantGlobalCatalogSession, null, new LocalizedString?(Strings.ErrorMailboxNotFound(mailboxIdParameter.ToString())), new LocalizedString?(Strings.ErrorMailboxNotUnique(mailboxIdParameter.ToString())));
if (this.Identity != null && this.Identity.InternalOWAExtensionId == null)
{
this.Identity.InternalOWAExtensionId = OWAExtensionHelper.CreateOWAExtensionId(this, this.adUser.Id, null, this.Identity.RawExtensionName);
}
ADScopeException ex;
if (!base.TenantGlobalCatalogSession.TryVerifyIsWithinScopes(this.adUser, true, out ex))
{
base.WriteError(new InvalidOperationException(Strings.ErrorCannotChangeMailboxOutOfWriteScope(this.adUser.Identity.ToString(), (ex == null) ? string.Empty : ex.Message), ex), ErrorCategory.InvalidOperation, this.adUser.Identity);
}
OWAExtensionDataProvider owaextensionDataProvider = GetApp.CreateOwaExtensionDataProvider(null, base.TenantGlobalCatalogSession, base.SessionSettings, true, this.adUser, "EnableDisable-App", false, new Task.ErrorLoggerDelegate(base.WriteError));
this.mailboxOwner = owaextensionDataProvider.MailboxSession.MailboxOwner.ObjectId.ToString();
return(owaextensionDataProvider);
}
private static RawSecurityDescriptor UpdateMailboxSecurityDescriptor(SecurityIdentifier userSid, ADUser userToConnect, MapiAdministrationSession mapiAdministrationSession, MailboxDatabase database, Guid deletedMailboxGuid, string parameterSetName, Task.TaskVerboseLoggingDelegate verboseLogger)
{
RawSecurityDescriptor rawSecurityDescriptor = null;
try
{
rawSecurityDescriptor = mapiAdministrationSession.GetMailboxSecurityDescriptor(new MailboxId(MapiTaskHelper.ConvertDatabaseADObjectToDatabaseId(database), deletedMailboxGuid));
}
catch (Microsoft.Exchange.Data.Mapi.Common.MailboxNotFoundException)
{
rawSecurityDescriptor = new RawSecurityDescriptor(ControlFlags.DiscretionaryAclDefaulted | ControlFlags.SystemAclDefaulted | ControlFlags.SelfRelative, WindowsIdentity.GetCurrent().User, WindowsIdentity.GetCurrent().User, null, null);
DiscretionaryAcl discretionaryAcl = new DiscretionaryAcl(true, true, 0);
byte[] binaryForm = new byte[discretionaryAcl.BinaryLength];
discretionaryAcl.GetBinaryForm(binaryForm, 0);
rawSecurityDescriptor.DiscretionaryAcl = new RawAcl(binaryForm, 0);
}
bool flag = false;
foreach (GenericAce genericAce in rawSecurityDescriptor.DiscretionaryAcl)
{
KnownAce knownAce = (KnownAce)genericAce;
if (knownAce.SecurityIdentifier.IsWellKnown(WellKnownSidType.SelfSid))
{
flag = true;
break;
}
}
if (!flag)
{
CommonAce ace = new CommonAce(AceFlags.ContainerInherit, AceQualifier.AccessAllowed, 131073, new SecurityIdentifier(WellKnownSidType.SelfSid, null), false, null);
rawSecurityDescriptor.DiscretionaryAcl.InsertAce(0, ace);
}
rawSecurityDescriptor.SetFlags(rawSecurityDescriptor.ControlFlags | ControlFlags.SelfRelative);
if ("Linked" == parameterSetName || "Shared" == parameterSetName || "Room" == parameterSetName || "Equipment" == parameterSetName)
{
RawSecurityDescriptor sd = userToConnect.ReadSecurityDescriptor();
MailboxTaskHelper.GrantPermissionToLinkedUserAccount(userToConnect.MasterAccountSid, ref rawSecurityDescriptor, ref sd);
verboseLogger(Strings.VerboseSaveADSecurityDescriptor(userToConnect.Id.ToString()));
userToConnect.SaveSecurityDescriptor(sd);
}
mapiAdministrationSession.Administration.PurgeCachedMailboxObject(deletedMailboxGuid);
return(rawSecurityDescriptor);
}
protected override IConfigurable PrepareDataObject()
{
TaskLogger.LogEnter();
ADGroup adgroup = (ADGroup)base.PrepareDataObject();
if (base.Fields.IsModified(DistributionGroupSchema.ManagedBy))
{
if (!this.BypassSecurityGroupManagerCheck && GroupTypeFlags.SecurityEnabled == (adgroup.GroupType & GroupTypeFlags.SecurityEnabled))
{
ADObjectId userId;
if (!base.TryGetExecutingUserId(out userId))
{
base.WriteError(new RecipientTaskException(Strings.ErrorExecutingUserOutOfTargetOrg(base.MyInvocation.MyCommand.Name)), ExchangeErrorCategory.Client, adgroup.Identity.ToString());
}
RecipientTaskHelper.ValidateUserIsGroupManager(userId, adgroup, new Task.ErrorLoggerDelegate(base.WriteError), false, null);
}
MailboxTaskHelper.StampOnManagedBy(adgroup, this.managedByRecipients, new Task.ErrorLoggerDelegate(base.WriteError));
}
TaskLogger.LogExit();
return(adgroup);
}
protected override void PrepareRecipientObject(ref ADUser user)
{
TaskLogger.LogEnter();
base.PrepareRecipientObject(ref user);
if (!this.IsValidUser(user))
{
base.WriteError(new RecipientTaskException(Strings.ErrorInvalidRecipientType(user.Identity.ToString(), user.RecipientType.ToString())), ErrorCategory.InvalidArgument, user.Id);
}
if (user.RecipientType != RecipientType.MailUser)
{
user.SetExchangeVersion(ExchangeObjectVersion.Exchange2010);
List <PropertyDefinition> list = new List <PropertyDefinition>(RecipientConstants.DisableMailUserBase_PropertiesToReset);
MailboxTaskHelper.RemovePersistentProperties(list);
MailboxTaskHelper.ClearExchangeProperties(user, list);
user.SetExchangeVersion(ExchangeObjectVersion.Exchange2010);
if (this.DelayProvisioning && base.IsProvisioningLayerAvailable)
{
this.ProvisionDefaultValues(new ADUser(), user);
}
}
TaskLogger.LogExit();
}
protected override void PrepareRecipientObject(ADUser user)
{
TaskLogger.LogEnter();
base.PrepareRecipientObject(user);
if (this.WindowsLiveID != null && this.WindowsLiveID.SmtpAddress != SmtpAddress.Empty)
{
MailboxTaskHelper.IsLiveIdExists((IRecipientSession)base.DataSession, user.WindowsLiveID, user.NetID, new Task.ErrorLoggerDelegate(base.WriteError));
user.UserPrincipalName = user.WindowsLiveID.ToString();
}
if (!user.IsModified(ADRecipientSchema.DisplayName))
{
user.DisplayName = user.Name;
}
SoftDeletedTaskHelper.UpdateShadowWhenSoftDeletedProperty((IRecipientSession)base.DataSession, this.ConfigurationSession, base.CurrentOrganizationId, this.DataObject);
this.DataObject.RecipientSoftDeletedStatus = 0;
this.DataObject.WhenSoftDeleted = null;
this.DataObject.InternalOnly = false;
this.DataObject.propertyBag.MarkAsChanged(ADRecipientSchema.RecipientSoftDeletedStatus);
this.DataObject.propertyBag.MarkAsChanged(ADRecipientSchema.WhenSoftDeleted);
this.DataObject.propertyBag.MarkAsChanged(ADRecipientSchema.TransportSettingFlags);
TaskLogger.LogExit();
}
protected void RemoveMonitoringMailboxes()
{
MailboxDatabase mailboxDatabase = base.DataObject as MailboxDatabase;
if (mailboxDatabase != null)
{
try
{
MailboxTaskHelper.RemoveMonitoringMailboxes(mailboxDatabase, new Task.TaskWarningLoggingDelegate(this.WriteWarning), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose));
}
catch (DataSourceTransientException ex)
{
TaskLogger.Trace("The action of Removing monitoring mailbox objects of database '{0}' raises exception: {1}.", new object[]
{
mailboxDatabase.Identity.ToString(),
ex.Message
});
this.WriteWarning(Strings.ErrorFailedToRemoveMonitoringMailbox(mailboxDatabase.Identity.ToString(), ex.Message));
}
catch (DataSourceOperationException ex2)
{
TaskLogger.Trace("The action of Removing monitoring mailbox objects of database '{0}' raises exception: {1}.", new object[]
{
mailboxDatabase.Identity.ToString(),
ex2.Message
});
this.WriteWarning(Strings.ErrorFailedToRemoveMonitoringMailbox(mailboxDatabase.Identity.ToString(), ex2.Message));
}
catch (DataValidationException ex3)
{
TaskLogger.Trace("The action of Removing monitoring mailbox objects of database '{0}' raises exception: {1}.", new object[]
{
mailboxDatabase.Identity.ToString(),
ex3.Message
});
this.WriteWarning(Strings.ErrorFailedToRemoveMonitoringMailbox(mailboxDatabase.Identity.ToString(), ex3.Message));
}
}
}
protected override IConfigurable ResolveDataObject()
{
ADUser aduser = (ADUser)base.ResolveDataObject();
if (MailboxTaskHelper.ExcludeArbitrationMailbox(aduser, this.Arbitration) || MailboxTaskHelper.ExcludePublicFolderMailbox(aduser, this.PublicFolder) || MailboxTaskHelper.ExcludeMailboxPlan(aduser, false))
{
base.WriteError(new ManagementObjectNotFoundException(base.GetErrorMessageObjectNotFound(this.Identity.ToString(), typeof(ADUser).ToString(), (base.DataSession != null) ? base.DataSession.Source : null)), ErrorCategory.InvalidData, this.Identity);
}
if (base.Fields.IsModified(UserSchema.LinkedMasterAccount))
{
aduser.MasterAccountSid = this.linkedUserSid;
if (aduser.MasterAccountSid != null)
{
this.ResolveLinkedUser(aduser);
}
else
{
this.ResolveUnlinkedUser(aduser);
}
}
return(aduser);
}
