Example #1
0
        public void HandleGroupDeletedEvent(ExSearchResultEntry entry)
        {
            if (EhfAdminAccountSynchronizer.IsEventForDeletedOrganization(entry, base.DiagSession))
            {
                throw new InvalidOperationException("Change entry " + entry.DistinguishedName + " is for a deleted organization. The entry should have been ignored from PreDecorate.");
            }
            EhfAdminSyncChangeBuilder adminBuilderForChange = this.GetAdminBuilderForChange(entry);

            base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Encountered a DELETE rolegroup event. ObjectGuid: <{0}>; Company: <{1}>", new object[]
            {
                entry.GetObjectGuid(),
                adminBuilderForChange.TenantOU
            });
            if (adminBuilderForChange != null)
            {
                adminBuilderForChange.HandleGroupDeletedEvent(entry);
            }
            if (!EhfWellKnownGroup.IsWellKnownPartnerGroupDN(entry.DistinguishedName))
            {
                return;
            }
            Guid externalDirectoryObjectId;

            if (EhfCompanyAdmins.TryGetExternalDirectoryObjectId(entry, base.DiagSession, out externalDirectoryObjectId))
            {
                this.AddGroupToDeleteGroupsBatch(externalDirectoryObjectId);
                return;
            }
            base.DiagSession.LogAndTraceError("Could not find the ExternalDirectoryObjectId for well known partner group {0}", new object[]
            {
                entry.DistinguishedName
            });
        }
Example #2
0
        private EhfAdminSyncChangeBuilder GetAdminBuilderForChange(ExSearchResultEntry entry)
        {
            string text;

            if (!EhfAdminAccountSynchronizer.TryGetOrganizationUnit(entry, base.DiagSession, out text))
            {
                return(null);
            }
            EhfAdminSyncChangeBuilder ehfAdminSyncChangeBuilder;

            if (!this.adminAccountChange.TryGetValue(text, out ehfAdminSyncChangeBuilder))
            {
                DirectoryAttribute attribute = entry.GetAttribute("msExchCU");
                if (attribute == null)
                {
                    base.DiagSession.LogAndTraceError("Could not find ConfigUnitDN for {0}. Every object is expected to contain this attribute.", new object[]
                    {
                        entry.DistinguishedName
                    });
                    return(null);
                }
                string tenantConfigUnitDN = (string)attribute[0];
                ehfAdminSyncChangeBuilder = new EhfAdminSyncChangeBuilder(text, tenantConfigUnitDN, base.EhfConnection);
                this.adminAccountChange.Add(text, ehfAdminSyncChangeBuilder);
            }
            return(ehfAdminSyncChangeBuilder);
        }
Example #3
0
 private bool AdminGroupMemberDeleted(EhfAdminSyncChangeBuilder builder, HashSet <Guid> previousSyncState, string groupName)
 {
     if (previousSyncState == null)
     {
         return(false);
     }
     if (previousSyncState.Count == 1 && previousSyncState.Contains(EhfCompanyAdmins.SyncStateFullGuid))
     {
         this.ehfTargetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Low, "Admin State in PerimeterConfig is full for group <{0}> in company <{1}>. Treating the deleted object as an admin.", new object[]
         {
             groupName,
             builder.TenantOU
         });
         return(true);
     }
     foreach (Guid guid in builder.DeletedObjects)
     {
         if (previousSyncState.Contains(guid))
         {
             this.ehfTargetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Low, "Deleted object with Guid <{0}> is a member of admin group <{1}> in company <{2}>.", new object[]
             {
                 guid,
                 groupName,
                 builder.TenantOU
             });
             return(true);
         }
     }
     this.ehfTargetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "None of the Deleted objects is a member of admin group <{0}> in company <{1}>.", new object[]
     {
         groupName,
         builder.TenantOU
     });
     return(false);
 }
Example #4
0
        public static EhfCompanyAdmins CreateEhfCompanyAdmins(EhfAdminSyncChangeBuilder ehfAdminSyncChangeBuilder, EhfTargetConnection ehfTargetConnection, EhfADAdapter configADAdapter)
        {
            ExSearchResultEntry exSearchResultEntry = configADAdapter.ReadObjectEntry(ehfAdminSyncChangeBuilder.ConfigUnitDN, false, EhfCompanyAdmins.OtherWellKnownObjectsAttribute);

            if (exSearchResultEntry == null)
            {
                ehfTargetConnection.DiagSession.LogAndTraceError("Could not find Configuration Unit for company {0}. The config naming context is either not replicated or the organization is deleted", new object[]
                {
                    ehfAdminSyncChangeBuilder.TenantOU
                });
                return(null);
            }
            string             text      = null;
            string             text2     = null;
            DirectoryAttribute attribute = exSearchResultEntry.GetAttribute("otherWellKnownObjects");

            if (attribute == null)
            {
                ehfTargetConnection.DiagSession.LogAndTraceError("Could not find OtherWellKnownObjects attribute in Configuration Unit object for company {0}.", new object[]
                {
                    ehfAdminSyncChangeBuilder.TenantOU
                });
                return(null);
            }
            foreach (object obj in attribute.GetValues(typeof(string)))
            {
                DNWithBinary dnwithBinary;
                if (DNWithBinary.TryParse(obj as string, out dnwithBinary))
                {
                    try
                    {
                        Guid b = new Guid(dnwithBinary.Binary);
                        if (WellKnownGuid.EoaWkGuid == b)
                        {
                            text = dnwithBinary.DistinguishedName;
                        }
                        if (WellKnownGuid.EraWkGuid == b)
                        {
                            text2 = dnwithBinary.DistinguishedName;
                        }
                        if (text != null && text2 != null)
                        {
                            break;
                        }
                    }
                    catch (ArgumentException exception)
                    {
                        ehfTargetConnection.DiagSession.LogAndTraceException(exception, "OtherWellKnownObjects attribute for company {0} contains an entry with invalid Binary part.", new object[]
                        {
                            ehfAdminSyncChangeBuilder.TenantOU
                        });
                    }
                }
            }
            return(new EhfCompanyAdmins(ehfAdminSyncChangeBuilder, ehfTargetConnection, text, text2, configADAdapter));
        }
Example #5
0
        public void HandleOrganizationAddedEvent(ExSearchResultEntry entry)
        {
            base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Organization created: <{0}>", new object[]
            {
                entry.DistinguishedName
            });
            EhfAdminSyncChangeBuilder adminBuilderForChange = this.GetAdminBuilderForChange(entry);

            if (adminBuilderForChange != null)
            {
                this.ThrowIfAdminSyncNotEnabled(adminBuilderForChange.TenantOU, entry);
                adminBuilderForChange.HandleOrganizationAddedEvent(entry);
            }
        }
Example #6
0
        public void HandleGroupChangedEvent(ExSearchResultEntry entry)
        {
            base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "GroupChanged: {0}", new object[]
            {
                entry.DistinguishedName
            });
            EhfAdminSyncChangeBuilder adminBuilderForChange = this.GetAdminBuilderForChange(entry);

            if (adminBuilderForChange != null)
            {
                this.ThrowIfAdminSyncNotEnabled(adminBuilderForChange.TenantOU, entry);
                adminBuilderForChange.AddGroupMembershipChange(entry);
            }
        }
Example #7
0
 public void HandleWlidDeletedEvent(ExSearchResultEntry entry)
 {
     if (!EhfAdminAccountSynchronizer.IsEventForDeletedOrganization(entry, base.DiagSession))
     {
         EhfAdminSyncChangeBuilder adminBuilderForChange = this.GetAdminBuilderForChange(entry);
         base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Encountered a DELETE mailbox event. ObjectGuid: <{0}>; Company: <{1}>", new object[]
         {
             entry.GetObjectGuid(),
             adminBuilderForChange.TenantOU
         });
         if (adminBuilderForChange != null)
         {
             adminBuilderForChange.HandleWlidDeletedEvent(entry);
             return;
         }
     }
     else
     {
         base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Ignoring the WLID delete event '{0}' for a deleted organization", new object[]
         {
             entry.DistinguishedName
         });
     }
 }
Example #8
0
 public override bool FlushBatches()
 {
     if (this.adminAccountChange.Count == 0 && this.groupsToRemove.Count == 0)
     {
         base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "{0}: No admin changes to Sync to FOSE", new object[]
         {
             EhfAdminAccountSynchronizer.cycleCount
         });
         return(true);
     }
     this.InvokeRemoveGroups();
     if (this.adminAccountChange.Count != 0)
     {
         Exception    ex;
         EhfADAdapter configADAdapter = base.ADAdapter.GetConfigADAdapter(base.DiagSession, out ex);
         if (configADAdapter == null)
         {
             base.DiagSession.LogAndTraceError("Could not create a LDAP connection to the Configuration naming context. Details {0}", new object[]
             {
                 ex
             });
             base.DiagSession.EventLog.LogEvent(EdgeSyncEventLogConstants.Tuple_EhfAdminSyncFailedToConnectToConfigNamingContext, null, new object[]
             {
                 ex.Message
             });
             base.EhfConnection.AbortSyncCycle(ex);
             return(false);
         }
         base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "{0} : Changes to <{1}> tenant(s) detected. Checking if sync is required.", new object[]
         {
             EhfAdminAccountSynchronizer.cycleCount.ToString(),
             this.adminAccountChange.Count.ToString()
         });
         foreach (KeyValuePair <string, EhfAdminSyncChangeBuilder> keyValuePair in this.adminAccountChange)
         {
             this.AbortSyncCycleIfTooManyFailures();
             EhfAdminSyncChangeBuilder value = keyValuePair.Value;
             if (value.ChangeExists)
             {
                 EhfCompanyAdmins ehfCompanyAdmins = value.Flush(configADAdapter);
                 if (ehfCompanyAdmins == null)
                 {
                     this.errorTracker.AddCriticalFailure();
                 }
                 else if (ehfCompanyAdmins.IsSyncRequired)
                 {
                     base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "AdminSync: {0}", new object[]
                     {
                         ehfCompanyAdmins
                     });
                     if (ehfCompanyAdmins.CompanyId != 0)
                     {
                         this.InvokeSyncAdminAccountsAndSyncGroupUsers(ehfCompanyAdmins, configADAdapter);
                     }
                     else
                     {
                         base.DiagSession.LogAndTraceError("Not syncing {0} since companyId is not set", new object[]
                         {
                             ehfCompanyAdmins.TenantOU
                         });
                         if (!ehfCompanyAdmins.PerimeterConfigNotReplicatedOrIsDeleted)
                         {
                             this.errorTracker.AddTransientFailure(ehfCompanyAdmins.EhfCompanyIdentity, new EhfAdminAccountSynchronizer.EhfAdminSyncTransientException("PerimeterConfig object does not have Ehf CompanyId set."), string.Empty);
                         }
                         else
                         {
                             this.errorTracker.AddCriticalFailure();
                         }
                     }
                 }
                 else
                 {
                     base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "No adminsync is required for: {0}", new object[]
                     {
                         keyValuePair.Key
                     });
                 }
                 value.ClearCachedChanges();
             }
         }
         this.adminAccountChange.Clear();
     }
     return(true);
 }
Example #9
0
        private EhfCompanyAdmins(EhfAdminSyncChangeBuilder builder, EhfTargetConnection targetConnection, string orgManagementGroupDN, string viewOnlyOrgManagementGroupDN, EhfADAdapter configADAdapter)
        {
            EhfWellKnownGroup ehfWellKnownGroup  = null;
            EhfWellKnownGroup ehfWellKnownGroup2 = null;
            EhfWellKnownGroup ehfWellKnownGroup3 = null;
            EhfWellKnownGroup ehfWellKnownGroup4 = null;

            this.tenantOU            = builder.TenantOU;
            this.ehfTargetConnection = targetConnection;
            if (builder.DeletedObjects.Count != 0)
            {
                this.CacheAdminSyncState(configADAdapter);
            }
            bool flag  = builder.UpdateOrgManagementGroup || builder.HasDirectChangeForGroup(orgManagementGroupDN) || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.OrganizationManagmentMembers, orgManagementGroupDN));
            bool flag2 = builder.UpdateViewOnlyOrgManagementGroup || builder.HasDirectChangeForGroup(viewOnlyOrgManagementGroupDN) || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.ViewOnlyOrganizationManagmentMembers, viewOnlyOrgManagementGroupDN));
            bool flag3 = builder.UpdateAdminAgentGroup || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.AdminAgentMembers, EhfCompanyAdmins.AdminAgentGroupNamePrefix));
            bool flag4 = builder.UpdateHelpdeskAgentGroup || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.HelpdeskAgentMembers, EhfCompanyAdmins.HelpdeskAgentGroupNamePrefix));

            if ((flag || builder.GroupChanges.Count != 0 || builder.LiveIdChanges.Count != 0) && orgManagementGroupDN != null)
            {
                ehfWellKnownGroup = this.GetMembersOfGroupFromDN(orgManagementGroupDN, false, targetConnection.DiagSession);
            }
            if ((flag2 || builder.GroupChanges.Count != 0 || builder.LiveIdChanges.Count != 0) && viewOnlyOrgManagementGroupDN != null)
            {
                ehfWellKnownGroup2 = this.GetMembersOfGroupFromDN(viewOnlyOrgManagementGroupDN, false, targetConnection.DiagSession);
            }
            if (builder.GroupChanges.Count != 0 || builder.LiveIdChanges.Count != 0 || flag3 || flag4)
            {
                string text  = null;
                string text2 = null;
                foreach (ExSearchResultEntry exSearchResultEntry in this.ehfTargetConnection.ADAdapter.PagedScan(this.tenantOU, EhfCompanyAdmins.PartnerAdminGroupFilter, new string[0]))
                {
                    targetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Found a Partner Admin group {0}", new object[]
                    {
                        exSearchResultEntry.DistinguishedName
                    });
                    if (exSearchResultEntry.DistinguishedName.StartsWith(EhfWellKnownGroup.AdminAgentGroupDnPrefix))
                    {
                        text = exSearchResultEntry.DistinguishedName;
                    }
                    else if (exSearchResultEntry.DistinguishedName.StartsWith(EhfWellKnownGroup.HelpdeskAgentGroupDnPrefix))
                    {
                        text2 = exSearchResultEntry.DistinguishedName;
                    }
                }
                targetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "AdminAgentPartnerGroup={0}; HelpDeskAgentPartnerGroup = {1}", new object[]
                {
                    text ?? "<null>",
                    text2 ?? "<null>"
                });
                if (flag3 && text != null)
                {
                    ehfWellKnownGroup3 = this.GetMembersOfGroupFromDN(text, true, targetConnection.DiagSession);
                }
                if (flag4 && text2 != null)
                {
                    ehfWellKnownGroup4 = this.GetMembersOfGroupFromDN(text2, true, targetConnection.DiagSession);
                }
            }
            EdgeSyncDiag diagSession = builder.EhfTargetConnection.DiagSession;

            if (!flag && ehfWellKnownGroup != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup.GroupMembers, diagSession)))
            {
                flag = true;
            }
            if (!flag2 && ehfWellKnownGroup2 != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup2.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup2.GroupMembers, diagSession)))
            {
                flag2 = true;
            }
            if (!flag3 && ehfWellKnownGroup3 != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup3.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup3.GroupMembers, diagSession)))
            {
                flag3 = true;
            }
            if (!flag4 && ehfWellKnownGroup4 != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup4.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup4.GroupMembers, diagSession)))
            {
                flag4 = true;
            }
            if (flag)
            {
                this.organizationManagement = ehfWellKnownGroup;
            }
            if (flag2)
            {
                this.viewOnlyOrganizationManagement = ehfWellKnownGroup2;
            }
            if (flag3)
            {
                this.adminAgent = ehfWellKnownGroup3;
            }
            if (flag4)
            {
                this.helpdeskAgent = ehfWellKnownGroup4;
            }
            if (this.IsSyncRequired)
            {
                this.CacheAdminSyncState(configADAdapter);
            }
        }