public static PolicyConfiguration FromPolicyStorage(PolicyStorage policyStorage)
        {
            PolicyConfiguration policyConfiguration = new PolicyConfiguration(policyStorage.OrganizationalUnitRoot.ObjectGuid, policyStorage.Id.ObjectGuid);

            UnifiedPolicyStorageFactory.CopyPropertiesFromStorage <PolicyConfiguration>(policyConfiguration, new TenantSettingFacade <PolicyStorage>(policyStorage));
            return(policyConfiguration);
        }
        public static PolicyApplyStatus GetPolicyDistributionStatus(PolicyStorage policyStorage, IList <BindingStorage> bindingStorages, IConfigDataProvider dataSession, out List <PolicyDistributionErrorDetails> distributionErrors, out DateTime?lastStatusUpdateTime)
        {
            ArgumentValidator.ThrowIfNull("policyStorage", policyStorage);
            ArgumentValidator.ThrowIfNull("bindingStorages", bindingStorages);
            ArgumentValidator.ThrowIfNull("dataSession", dataSession);
            PolicySettingStatusHelpers policySettingStatusHelpers = new PolicySettingStatusHelpers(dataSession, null, null);

            return(policySettingStatusHelpers.CalculatePolicyDistributionStatus(policyStorage, bindingStorages, dataSession, out distributionErrors, out lastStatusUpdateTime));
        }
        public static PolicyStorage ToPolicyStorage(PolicyConfiguration policy)
        {
            PolicyStorage policyStorage = new PolicyStorage();

            policyStorage[ADObjectSchema.OrganizationalUnitRoot] = new ADObjectId(policy.TenantId);
            policyStorage.Name = policy.Name;
            policyStorage.SetId((ADObjectId)DalHelper.ConvertFromStoreObject(policy.ObjectId, typeof(ADObjectId)));
            UnifiedPolicyStorageFactory.CopyPropertiesToStorage <PolicyConfiguration>(new TenantSettingFacade <PolicyStorage>(policyStorage), policy);
            return(policyStorage);
        }
		private PsCompliancePolicyBase CreatePolicyByScenario(PolicyStorage policyStorage)
		{
			if (policyStorage.Scenario == PolicyScenario.DeviceSettings)
			{
				return new DevicePolicy(policyStorage);
			}
			if (policyStorage.Scenario == PolicyScenario.DeviceConditionalAccess)
			{
				return new DeviceConditionalAccessPolicy(policyStorage);
			}
			if (policyStorage.Scenario == PolicyScenario.DeviceTenantConditionalAccess)
			{
				return new DeviceTenantPolicy(policyStorage);
			}
			return null;
		}
Example #5
0
        internal virtual void PopulateTaskProperties(Task task, IConfigurationSession configurationSession)
        {
            this.InitializeBindings();
            foreach (BindingStorage bindingStorage in this.StorageBindings)
            {
                switch (bindingStorage.Workload)
                {
                case Workload.Exchange:
                    this.ExchangeBinding = Utils.GetScopesFromStorage(bindingStorage);
                    break;

                case Workload.SharePoint:
                {
                    MultiValuedProperty <BindingMetadata> scopesFromStorage   = Utils.GetScopesFromStorage(bindingStorage);
                    MultiValuedProperty <BindingMetadata> multiValuedProperty = new MultiValuedProperty <BindingMetadata>(PsCompliancePolicyBase.GetBindingsBySubWorkload(scopesFromStorage, Workload.SharePoint));
                    multiValuedProperty.SetIsReadOnly(false, null);
                    if (multiValuedProperty.Any <BindingMetadata>())
                    {
                        this.SharePointBinding = multiValuedProperty;
                    }
                    else
                    {
                        multiValuedProperty = new MultiValuedProperty <BindingMetadata>(PsCompliancePolicyBase.GetBindingsBySubWorkload(scopesFromStorage, Workload.OneDriveForBusiness));
                        multiValuedProperty.SetIsReadOnly(false, null);
                        if (multiValuedProperty.Any <BindingMetadata>())
                        {
                            this.OneDriveBinding = scopesFromStorage;
                        }
                    }
                    break;
                }

                default:
                    this.ReadOnly = true;
                    this.ExchangeBinding.Clear();
                    this.SharePointBinding.Clear();
                    this.OneDriveBinding.Clear();
                    break;
                }
            }
            PolicyStorage policyStorage = base.DataObject as PolicyStorage;
            ADUser        userObjectByExternalDirectoryObjectId  = Utils.GetUserObjectByExternalDirectoryObjectId(policyStorage.CreatedBy, configurationSession);
            ADUser        userObjectByExternalDirectoryObjectId2 = Utils.GetUserObjectByExternalDirectoryObjectId(policyStorage.LastModifiedBy, configurationSession);

            this.CreatedBy      = ((!Utils.ExecutingUserIsForestWideAdmin(task) && userObjectByExternalDirectoryObjectId != null) ? userObjectByExternalDirectoryObjectId.DisplayName : policyStorage.CreatedBy);
            this.LastModifiedBy = ((!Utils.ExecutingUserIsForestWideAdmin(task) && userObjectByExternalDirectoryObjectId2 != null) ? userObjectByExternalDirectoryObjectId2.DisplayName : policyStorage.LastModifiedBy);
        }
Example #6
0
 protected override void InternalValidate()
 {
     Utils.ThrowIfNotRunInEOP();
     Utils.ValidateNotForestWideOrganization(base.CurrentOrganizationId);
     base.InternalValidate();
     if (this.DataObject.IsModified(ADObjectSchema.Name) && this.DoesComplianceRuleExist())
     {
         throw new ComplianceRuleAlreadyExistsException((string)this.DataObject[ADObjectSchema.Name]);
     }
     if (base.Fields.IsModified("Disabled") && this.Disabled)
     {
         PolicyStorage policyStorage = (PolicyStorage)base.GetDataObject <PolicyStorage>(new PolicyIdParameter(this.DataObject.ParentPolicyId), base.DataSession, null, new LocalizedString?(Strings.ErrorPolicyNotFound(this.DataObject.ParentPolicyId.ToString())), new LocalizedString?(Strings.ErrorPolicyNotUnique(this.DataObject.ParentPolicyId.ToString())), ExchangeErrorCategory.Client);
         if (policyStorage.IsEnabled)
         {
             this.WriteWarning(Strings.WarningDisabledRuleInEnabledPolicy(this.DataObject.Name));
         }
     }
 }
Example #7
0
        internal virtual void UpdateStorageProperties(Task task, IConfigurationSession configurationSession, bool isNewPolicy)
        {
            PolicyStorage policyStorage     = base.DataObject as PolicyStorage;
            Guid          universalIdentity = Utils.GetUniversalIdentity(policyStorage);

            if (!Utils.ExecutingUserIsForestWideAdmin(task))
            {
                ADObjectId objectId;
                task.TryGetExecutingUserId(out objectId);
                ADUser userObjectByObjectId = Utils.GetUserObjectByObjectId(objectId, configurationSession);
                if (userObjectByObjectId != null)
                {
                    policyStorage.LastModifiedBy = userObjectByObjectId.ExternalDirectoryObjectId;
                    if (isNewPolicy)
                    {
                        policyStorage.CreatedBy = userObjectByObjectId.ExternalDirectoryObjectId;
                    }
                }
            }
            this.UpdateWorkloadStorageBinding(universalIdentity, Workload.Exchange, this.ExchangeBinding, new MulipleExBindingObjectDetectedException());
            this.UpdateSharepointStorageBinding(universalIdentity, Workload.SharePoint, this.SharePointBinding, new MulipleSpBindingObjectDetectedException());
            this.UpdateSharepointStorageBinding(universalIdentity, Workload.OneDriveForBusiness, this.OneDriveBinding, new MulipleSpBindingObjectDetectedException());
        }
Example #8
0
 public PsCompliancePolicyBase(PolicyStorage policyStorage) : base(policyStorage)
 {
     this.InitializeBindings();
 }
Example #9
0
 public AuditConfigurationPolicy(PolicyStorage policyStorage) : base(policyStorage)
 {
 }
Example #10
0
        internal static IList <RuleStorage> LoadRuleStoragesByPolicy(IConfigDataProvider dataSession, PolicyStorage policyStorage, ObjectId rootId)
        {
            Guid policyId = Utils.GetUniversalIdentity(policyStorage);

            return((from RuleStorage x in dataSession.Find <RuleStorage>(new ComparisonFilter(ComparisonOperator.Equal, RuleStorageSchema.ParentPolicyId, policyId), rootId, true, null)
                    where x.ParentPolicyId.Equals(policyId)
                    select x).ToList <RuleStorage>());
        }
Example #11
0
 public DevicePolicy(PolicyStorage policyStorage) : base(policyStorage)
 {
 }
        public static void PopulatePolicyDistributionStatus(PsCompliancePolicyBase psPolicy, PolicyStorage policyStorage, IConfigDataProvider dataSession, Task task = null, ExecutionLog logger = null)
        {
            ArgumentValidator.ThrowIfNull("psPolicy", psPolicy);
            ArgumentValidator.ThrowIfNull("policyStorage", policyStorage);
            ArgumentValidator.ThrowIfNull("dataSession", dataSession);
            PolicySettingStatusHelpers            policySettingStatusHelpers = new PolicySettingStatusHelpers(dataSession, task, logger);
            List <PolicyDistributionErrorDetails> value;
            DateTime?lastStatusUpdateTime;

            psPolicy.DistributionStatus   = policySettingStatusHelpers.CalculatePolicyDistributionStatus(policyStorage, psPolicy.StorageBindings, dataSession, out value, out lastStatusUpdateTime);
            psPolicy.LastStatusUpdateTime = lastStatusUpdateTime;
            psPolicy.DistributionResults  = new MultiValuedProperty <PolicyDistributionErrorDetails>(value);
        }
        private PolicyApplyStatus CalculatePolicyDistributionStatus(PolicyStorage policyStorage, IList <BindingStorage> bindingStorages, IConfigDataProvider dataSession, out List <PolicyDistributionErrorDetails> distributionErrors, out DateTime?lastStatusUpdateTime)
        {
            this.WriteVerbose(Strings.VerboseBeginCalculatePolicyDistributionStatus(policyStorage.Name), true);
            distributionErrors   = new List <PolicyDistributionErrorDetails>();
            lastStatusUpdateTime = null;
            bool flag         = false;
            int  warningCount = 0;

            flag = this.CalculatePolicyDistributionStatus(new List <UnifiedPolicyStorageBase>(new UnifiedPolicyStorageBase[]
            {
                policyStorage
            }), null, ref distributionErrors, ref lastStatusUpdateTime);
            flag = (flag || this.CalculatePolicyDistributionStatus(bindingStorages, null, ref distributionErrors, ref lastStatusUpdateTime));
            if (!flag)
            {
                IList <RuleStorage> storageObjects = Utils.LoadRuleStoragesByPolicy(dataSession, policyStorage, Utils.GetRootId(dataSession));
                if (this.CalculatePolicyDistributionStatus(storageObjects, null, ref distributionErrors, ref lastStatusUpdateTime))
                {
                    flag = true;
                }
            }
            distributionErrors.ForEach(delegate(PolicyDistributionErrorDetails errorDetails)
            {
                BindingStorage bindingStorage2 = bindingStorages.FirstOrDefault((BindingStorage binding) => binding.Workload == errorDetails.Workload);
                if (bindingStorage2 == null || !bindingStorage2.AppliedScopes.Any <ScopeStorage>())
                {
                    errorDetails.Severity = PolicyDistributionResultSeverity.Warning;
                    errorDetails.AppendAdditionalDiagnosticsInfo(errorDetails.ResultMessage);
                    errorDetails.ResultMessage = Strings.DeploymentFailureWithNoImpact;
                    warningCount++;
                    this.WriteVerbose(Strings.VerboseTreatAsWarning(errorDetails.Endpoint, errorDetails.ObjectType.ToString(), errorDetails.Workload.ToString()), false);
                }
            });
            List <PolicyDistributionErrorDetails> collection = new List <PolicyDistributionErrorDetails>();

            if (!flag)
            {
                foreach (BindingStorage bindingStorage in bindingStorages)
                {
                    this.CalculatePolicyDistributionStatus(bindingStorage.AppliedScopes, new Workload?(bindingStorage.Workload), ref collection, ref lastStatusUpdateTime);
                }
            }
            List <PolicyDistributionErrorDetails> list = distributionErrors.FindAll((PolicyDistributionErrorDetails errorDetails) => errorDetails.ResultCode != UnifiedPolicyErrorCode.PolicySyncTimeout);
            int timeoutErrorCount = distributionErrors.Count - list.Count;
            PolicyApplyStatus policyApplyStatus;

            if (flag || (list.Count != distributionErrors.Count && lastStatusUpdateTime != null && lastStatusUpdateTime.Value.Add(PolicySettingStatusHelpers.policySyncTimeoutInterval) > DateTime.UtcNow))
            {
                policyApplyStatus    = PolicyApplyStatus.Pending;
                lastStatusUpdateTime = null;
                distributionErrors   = list;
                timeoutErrorCount    = 0;
            }
            else
            {
                if (warningCount == distributionErrors.Count)
                {
                    distributionErrors.AddRange(collection);
                }
                policyApplyStatus = ((warningCount < distributionErrors.Count) ? PolicyApplyStatus.Error : PolicyApplyStatus.Success);
            }
            this.WriteVerbose(Strings.VerboseEndCalculatePolicyDistributionStatus(policyStorage.Name, policyApplyStatus.ToString(), distributionErrors.Count, timeoutErrorCount), true);
            return(policyApplyStatus);
        }
Example #14
0
 public DeviceConditionalAccessPolicy(PolicyStorage policyStorage) : base(policyStorage)
 {
 }
 public PsDlpCompliancePolicy(PolicyStorage policyStorage) : base(policyStorage)
 {
 }
Example #16
0
 internal static void ThrowIfRulesInPolicyAreTooAdvanced(IEnumerable <RuleStorage> ruleStorages, PolicyStorage policyStorage, Task task, IConfigurationSession datasession)
 {
     foreach (PsComplianceRuleBase psComplianceRuleBase in from x in ruleStorages
              select new PsComplianceRuleBase(x))
     {
         psComplianceRuleBase.PopulateTaskProperties(task, datasession);
         if (psComplianceRuleBase.ReadOnly)
         {
             throw new RulesInPolicyIsTooAdvancedToModifyException(policyStorage.Name, psComplianceRuleBase.Name);
         }
     }
 }
Example #17
0
 public DeviceTenantPolicy(PolicyStorage policyStorage) : base(policyStorage)
 {
 }
Example #18
0
 public PsHoldCompliancePolicy(PolicyStorage policyStorage) : base(policyStorage)
 {
 }