internal static string GetGroupNameWithNamingPolicy(Organization organization, ADUser user, ADGroup group, string groupName, PropertyDefinition property, Task.ErrorLoggerDelegate errorLogger)
{
DistributionGroupTaskHelper.ValidateGroupNameWithBlockedWordsList(organization, group, groupName, property, errorLogger);
if (organization.DistributionGroupNamingPolicy == null)
{
errorLogger(new RecipientTaskException(Strings.ErrorDistributionGroupNamingPolicy), ExchangeErrorCategory.ServerOperation, organization.Identity);
}
string appliedName = organization.DistributionGroupNamingPolicy.GetAppliedName(groupName, user);
return(appliedName.Trim());
}
protected override void InternalValidate()
{
TaskLogger.LogEnter();
base.InternalValidate();
if (!VariantConfiguration.InvariantNoFlightingSnapshot.CmdletInfra.EmailAddressPolicy.Enabled)
{
this.DataObject.EmailAddressPolicyEnabled = false;
}
DistributionGroupTaskHelper.CheckModerationInMixedEnvironment(this.DataObject, new Task.TaskWarningLoggingDelegate(this.WriteWarning), Strings.WarningLegacyExchangeServer);
TaskLogger.LogExit();
}
protected override void InternalValidate()
{
TaskLogger.LogEnter();
base.InternalValidate();
if (base.HasErrors)
{
return;
}
DistributionGroupTaskHelper.CheckModerationInMixedEnvironment(this.DataObject, new Task.TaskWarningLoggingDelegate(this.WriteWarning), Strings.WarningLegacyExchangeServer);
if (base.Fields.IsModified(DynamicDistributionGroupSchema.RecipientFilter) && VariantConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).CmdletInfra.SupportOptimizedFilterOnlyInDDG.Enabled)
{
QueryFilter oldFilter = this.ConvertToQueryFilter(this.originalFilter);
LocalizedString?localizedString;
if (!DynamicDistributionGroupFilterValidation.IsFullOptimizedOrImproved(oldFilter, this.innerFilter, out localizedString))
{
base.WriteError(new RecipientTaskException(localizedString.Value, null), ExchangeErrorCategory.Client, this.DataObject.Identity);
}
}
TaskLogger.LogExit();
}
protected override void InternalValidate()
{
TaskLogger.LogEnter();
base.InternalValidate();
if (string.IsNullOrEmpty(this.DataObject.LegacyExchangeDN))
{
AdministrativeGroup administrativeGroup = base.GlobalConfigSession.GetAdministrativeGroup();
string parentLegacyDN = string.Format(CultureInfo.InvariantCulture, "{0}/cn=Recipients", new object[]
{
administrativeGroup.LegacyExchangeDN
});
this.DataObject.LegacyExchangeDN = LegacyDN.GenerateLegacyDN(parentLegacyDN, this.DataObject, true, new LegacyDN.LegacyDNIsUnique(this.LegacyDNIsUnique));
}
if (!VariantConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).CmdletInfra.EmailAddressPolicy.Enabled)
{
this.DataObject.EmailAddressPolicyEnabled = false;
}
DistributionGroupTaskHelper.CheckModerationInMixedEnvironment(this.DataObject, new Task.TaskWarningLoggingDelegate(this.WriteWarning), Strings.WarningLegacyExchangeServer);
TaskLogger.LogExit();
}
protected override void InternalValidate()
{
TaskLogger.LogEnter();
base.InternalValidate();
if (base.HasErrors)
{
return;
}
DistributionGroupTaskHelper.CheckMembershipRestriction(this.DataObject, new Task.ErrorLoggerDelegate(base.WriteError));
if (this.RoomList.IsPresent && this.DataObject.RecipientTypeDetails != RecipientTypeDetails.RoomList)
{
this.ValidateConvertToRoomList();
}
base.ValidateMultiReferenceParameter(DistributionGroupSchema.ManagedBy, new ValidateRecipientWithBaseObjectDelegate <ADGroup>(MailboxTaskHelper.ValidateGroupManagedBy));
MultiValuedProperty <ADRecipient> recipients;
this.recipientsDictionary.TryGetValue(DistributionGroupSchema.ManagedBy, out recipients);
if (base.Fields.IsModified(DistributionGroupSchema.ManagedBy) || base.Fields.IsModified(DistributionGroupSchema.MemberJoinRestriction) || base.Fields.IsModified(DistributionGroupSchema.MemberDepartRestriction) || this.DataObject.ModerationEnabled || base.Fields.IsModified(MailEnabledRecipientSchema.ModeratedBy))
{
MailboxTaskHelper.ValidateGroupManagedByRecipientRestriction(base.TenantGlobalCatalogSession, this.DataObject, recipients, new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>), new Task.ErrorLoggerDelegate(base.WriteError), new Task.TaskWarningLoggingDelegate(this.WriteWarning));
}
if (this.DataObject.IsModified(ADMailboxRecipientSchema.SamAccountName))
{
RecipientTaskHelper.IsSamAccountNameUnique(this.DataObject, this.DataObject.SamAccountName, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError), ExchangeErrorCategory.Client);
}
if (base.Fields.IsModified("ExpansionServer"))
{
this.DataObject.ExpansionServer = this.ExpansionServer;
this.DataObject.HomeMTA = this.homeMTA;
}
else if (this.DataObject.IsChanged(DistributionGroupBaseSchema.ExpansionServer))
{
if (!string.IsNullOrEmpty(this.DataObject.ExpansionServer))
{
QueryFilter filter = new ComparisonFilter(ComparisonOperator.Equal, ServerSchema.ExchangeLegacyDN, this.DataObject.ExpansionServer);
base.WriteVerbose(TaskVerboseStringHelper.GetFindDataObjectsVerboseString(base.GlobalConfigSession, typeof(Server), filter, null, true));
Server[] array = null;
try
{
array = base.GlobalConfigSession.Find <Server>(null, QueryScope.SubTree, filter, null, 2);
}
finally
{
base.WriteVerbose(TaskVerboseStringHelper.GetSourceVerboseString(base.GlobalConfigSession));
}
switch (array.Length)
{
case 0:
base.WriteError(new ManagementObjectNotFoundException(Strings.ErrorServerNotFound(this.DataObject.ExpansionServer)), ExchangeErrorCategory.Client, this.Identity);
return;
case 1:
base.ValidateExpansionServer(array[0], false);
this.DataObject.ExpansionServer = array[0].ExchangeLegacyDN;
break;
case 2:
base.WriteError(new ManagementObjectAmbiguousException(Strings.ErrorServerNotUnique(this.DataObject.ExpansionServer)), ExchangeErrorCategory.Client, this.Identity);
return;
}
this.DataObject.HomeMTA = array[0].ResponsibleMTA;
}
else
{
this.DataObject.HomeMTA = null;
}
}
DistributionGroupTaskHelper.CheckModerationInMixedEnvironment(this.DataObject, new Task.TaskWarningLoggingDelegate(this.WriteWarning), Strings.WarningLegacyExchangeServer);
TaskLogger.LogExit();
}
protected override IConfigurable PrepareDataObject()
{
TaskLogger.LogEnter();
ADGroup group = (ADGroup)base.PrepareDataObject();
this.flagCloseGroupMemberJoinForNoArbitrationMbx = false;
this.flagCloseGroupMemberDepartForNoArbitrationMbx = false;
this.UpdateRecipientDisplayType(group);
ADObjectId adobjectId;
bool flag = base.TryGetExecutingUserId(out adobjectId);
if (!this.IgnoreNamingPolicy.IsPresent && (base.UserSpecifiedParameters.IsChanged(ADObjectSchema.Name.Name) || base.UserSpecifiedParameters.IsChanged(MailEnabledRecipientSchema.DisplayName.Name)))
{
Organization organization;
if (group.OrganizationId.ConfigurationUnit == null && group.OrganizationId.OrganizationalUnit == null)
{
organization = this.ConfigurationSession.GetOrgContainer();
}
else
{
organization = this.ConfigurationSession.Read <ExchangeConfigurationUnit>(group.OrganizationId.ConfigurationUnit);
}
if (flag)
{
IRecipientSession recipientSession = RecipientTaskHelper.CreatePartitionOrRootOrgScopedGcSession(null, adobjectId);
ADUser user = (ADUser)recipientSession.Read(adobjectId);
if (base.UserSpecifiedParameters.IsChanged(ADObjectSchema.Name.Name))
{
group.Name = DistributionGroupTaskHelper.GetGroupNameWithNamingPolicy(organization, user, group, group.Name, ADObjectSchema.Name, new Task.ErrorLoggerDelegate(base.WriteError));
}
if (base.UserSpecifiedParameters.IsChanged(MailEnabledRecipientSchema.DisplayName.Name))
{
group.DisplayName = DistributionGroupTaskHelper.GetGroupNameWithNamingPolicy(organization, user, group, group.DisplayName, ADRecipientSchema.DisplayName, new Task.ErrorLoggerDelegate(base.WriteError));
}
}
}
bool flag2 = false;
ADScopeException ex = null;
if (flag && adobjectId != null && !((IDirectorySession)base.DataSession).TryVerifyIsWithinScopes(group, true, out ex))
{
group.IsExecutingUserGroupOwner = true;
flag2 = true;
base.WriteVerbose(Strings.VerboseDGOwnershipDeepSearch(adobjectId.ToString(), group.Identity.ToString()));
RecipientTaskHelper.ValidateUserIsGroupManager(adobjectId, group, delegate(LocalizedException exception, ExchangeErrorCategory category, object taget)
{
group.IsExecutingUserGroupOwner = false;
}, true, base.TenantGlobalCatalogSession);
group.propertyBag.ResetChangeTracking(ADGroupSchema.IsExecutingUserGroupOwner);
}
if (group.RecipientDisplayType == RecipientDisplayType.SecurityDistributionGroup && !flag2 && !this.BypassSecurityGroupManagerCheck && (base.Fields.IsChanged(DistributionGroupSchema.ManagedBy) || base.Fields.IsChanged(MailEnabledRecipientSchema.GrantSendOnBehalfTo) || base.Fields.IsChanged(ADObjectSchema.Name) || base.Fields.IsChanged(DistributionGroupSchema.SamAccountName)))
{
if (!flag)
{
base.WriteError(new RecipientTaskException(Strings.ErrorExecutingUserOutOfTargetOrg(base.MyInvocation.MyCommand.Name)), ExchangeErrorCategory.Client, group.Identity.ToString());
}
RecipientTaskHelper.ValidateUserIsGroupManager(adobjectId, group, new Task.ErrorLoggerDelegate(base.WriteError), true, base.TenantGlobalCatalogSession);
group.IsExecutingUserGroupOwner = true;
group.propertyBag.ResetChangeTracking(ADGroupSchema.IsExecutingUserGroupOwner);
}
base.SetMultiReferenceParameter <GeneralRecipientIdParameter>(DistributionGroupSchema.ManagedBy, this.ManagedBy, group, new GetRecipientDelegate <GeneralRecipientIdParameter>(this.GetRecipient));
if (base.Fields.IsModified(ADGroupSchema.MemberJoinRestriction))
{
group.MemberJoinRestriction = this.MemberJoinRestriction;
}
if (base.Fields.IsModified(ADGroupSchema.MemberDepartRestriction))
{
group.MemberDepartRestriction = this.MemberDepartRestriction;
}
if (base.Fields.IsModified(ADRecipientSchema.ArbitrationMailbox))
{
if (base.ArbitrationMailbox == null)
{
base.WriteError(new RecipientTaskException(Strings.ErrorNullParameter(ADRecipientSchema.ArbitrationMailbox.Name)), ExchangeErrorCategory.Client, group.Identity);
}
ADObjectId arbitrationMailbox = group.ArbitrationMailbox;
}
if (!group.ExchangeVersion.IsOlderThan(ADRecipientSchema.ArbitrationMailbox.VersionAdded) && (group.ArbitrationMailbox == null || group.ArbitrationMailbox.IsDescendantOf(ADSession.GetDeletedObjectsContainer(group.ArbitrationMailbox.DomainId))))
{
group.ArbitrationMailbox = MailboxTaskHelper.GetArbitrationMailbox(base.TenantGlobalCatalogSession, group.ConfigurationUnit ?? base.RootOrgContainerId);
if (group.ArbitrationMailbox == null)
{
if (group.MemberJoinRestriction == MemberUpdateType.ApprovalRequired)
{
if (base.Fields.IsModified(ADGroupSchema.MemberJoinRestriction))
{
base.WriteError(new RecipientTaskException(Strings.ErrorArbitrationMbxNotSetForApproval(this.Identity.ToString())), ExchangeErrorCategory.Client, group.Identity);
}
else
{
group.MemberJoinRestriction = MemberUpdateType.Closed;
this.flagCloseGroupMemberJoinForNoArbitrationMbx = true;
}
}
if (group.MemberDepartRestriction == MemberUpdateType.ApprovalRequired)
{
if (base.Fields.IsModified(ADGroupSchema.MemberDepartRestriction))
{
base.WriteError(new RecipientTaskException(Strings.ErrorArbitrationMbxNotSetForApproval(this.Identity.ToString())), ExchangeErrorCategory.Client, group.Identity);
}
else
{
group.MemberDepartRestriction = MemberUpdateType.Closed;
this.flagCloseGroupMemberDepartForNoArbitrationMbx = true;
}
}
}
}
TaskLogger.LogExit();
return(group);
}
protected override void PrepareRecipientObject(ADGroup group)
{
TaskLogger.LogEnter();
base.PrepareRecipientObject(group);
Organization organization;
if (base.Organization == null)
{
organization = this.ConfigurationSession.GetOrgContainer();
}
else
{
organization = this.ConfigurationSession.Read <ExchangeConfigurationUnit>(base.CurrentOrgContainerId);
}
ADObjectId adobjectId = null;
base.TryGetExecutingUserId(out adobjectId);
if (!this.IgnoreNamingPolicy.IsPresent && adobjectId != null)
{
ADUser user = (ADUser)RecipientTaskHelper.CreatePartitionOrRootOrgScopedGcSession(null, adobjectId).Read(adobjectId);
string groupNameWithNamingPolicy = DistributionGroupTaskHelper.GetGroupNameWithNamingPolicy(organization, user, group, base.Name, ADObjectSchema.Name, new Task.ErrorLoggerDelegate(base.WriteError));
if (groupNameWithNamingPolicy.Length > 64)
{
base.WriteError(new RecipientTaskException(Strings.ErrorDistributionGroupNameTooLong), ExchangeErrorCategory.Client, null);
}
base.Name = groupNameWithNamingPolicy;
if (!string.IsNullOrEmpty(base.DisplayName))
{
base.DisplayName = DistributionGroupTaskHelper.GetGroupNameWithNamingPolicy(organization, user, group, base.DisplayName, ADRecipientSchema.DisplayName, new Task.ErrorLoggerDelegate(base.WriteError));
}
}
if (base.OrganizationalUnit == null && !ADObjectId.IsNullOrEmpty(organization.DistributionGroupDefaultOU))
{
group.SetId(organization.DistributionGroupDefaultOU.GetChildId(base.Name));
}
if (base.OrganizationalUnit == null && group[ADRecipientSchema.DefaultDistributionListOU] != null)
{
ADObjectId adobjectId2 = (ADObjectId)group[ADRecipientSchema.DefaultDistributionListOU];
RecipientTaskHelper.ResolveOrganizationalUnitInOrganization(new OrganizationalUnitIdParameter(adobjectId2), this.ConfigurationSession, base.CurrentOrganizationId, new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ExchangeOrganizationalUnit>), ExchangeErrorCategory.Client, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError));
group.SetId(adobjectId2.GetChildId(base.Name));
}
if (this.Type != GroupType.Distribution && this.Type != GroupType.Security)
{
base.WriteError(new RecipientTaskException(Strings.ErrorGroupTypeInvalid), ExchangeErrorCategory.Client, null);
}
if (base.Fields.IsModified(DistributionGroupSchema.ManagedBy))
{
MailboxTaskHelper.StampOnManagedBy(this.DataObject, this.managedByRecipients, new Task.ErrorLoggerDelegate(base.WriteError));
}
if (this.RoomList.IsPresent)
{
if (this.Type != GroupType.Distribution)
{
base.WriteError(new RecipientTaskException(Strings.ErrorCreateRoomListSecurityGroup(base.Name)), ExchangeErrorCategory.Client, base.Name);
}
group.RecipientTypeDetails = RecipientTypeDetails.RoomList;
if (group.ManagedBy != null)
{
group.AcceptMessagesOnlyFromSendersOrMembers = new MultiValuedProperty <ADObjectId>(group.ManagedBy);
}
}
MailboxTaskHelper.ValidateGroupManagedBy(base.TenantGlobalCatalogSession, group, this.managedByRecipients, new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>), new Task.ErrorLoggerDelegate(base.WriteError));
MailboxTaskHelper.ValidateGroupManagedByRecipientRestriction(base.TenantGlobalCatalogSession, group, this.managedByRecipients, new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>), new Task.ErrorLoggerDelegate(base.WriteError), new Task.TaskWarningLoggingDelegate(this.WriteWarning));
group.GroupType = (GroupTypeFlags)((GroupType)8 | this.Type);
if (!group.IsChanged(ADRecipientSchema.RecipientDisplayType))
{
if ((group.GroupType & GroupTypeFlags.SecurityEnabled) == GroupTypeFlags.SecurityEnabled)
{
group.RecipientDisplayType = new RecipientDisplayType?(RecipientDisplayType.SecurityDistributionGroup);
}
else
{
group.RecipientDisplayType = new RecipientDisplayType?(RecipientDisplayType.DistributionGroup);
}
}
if (string.IsNullOrEmpty(group.SamAccountName))
{
IRecipientSession[] recipientSessions = new IRecipientSession[]
{
base.RootOrgGlobalCatalogSession
};
if (VariantConfiguration.InvariantNoFlightingSnapshot.CmdletInfra.ServiceAccountForest.Enabled && base.CurrentOrganizationId != OrganizationId.ForestWideOrgId)
{
recipientSessions = new IRecipientSession[]
{
base.RootOrgGlobalCatalogSession,
base.PartitionOrRootOrgGlobalCatalogSession
};
}
group.SamAccountName = RecipientTaskHelper.GenerateUniqueSamAccountName(recipientSessions, group.Id.DomainId, group.Name, true, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), false);
}
else
{
RecipientTaskHelper.IsSamAccountNameUnique(group, group.SamAccountName, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError), ExchangeErrorCategory.Client);
}
if (string.IsNullOrEmpty(group.Alias))
{
group.Alias = RecipientTaskHelper.GenerateUniqueAlias(base.TenantGlobalCatalogSession, base.CurrentOrganizationId, group.SamAccountName, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose));
}
if (base.Fields.IsChanged(ADGroupSchema.Members) && this.Members != null)
{
foreach (RecipientIdParameter member in this.Members)
{
MailboxTaskHelper.ValidateAndAddMember(base.TenantGlobalCatalogSession, group, member, false, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>));
}
}
if (this.CopyOwnerToMember.IsPresent && this.managedByRecipients != null)
{
foreach (ADRecipient adrecipient in this.managedByRecipients)
{
if (!group.Members.Contains(adrecipient.Id))
{
MailboxTaskHelper.ValidateMemberInGroup(adrecipient, group, new Task.ErrorLoggerDelegate(base.WriteError));
group.Members.Add(adrecipient.Id);
}
}
}
if ((group.GroupType & GroupTypeFlags.Universal) == GroupTypeFlags.Universal)
{
MailboxTaskHelper.ValidateAddedMembers(base.TenantGlobalCatalogSession, group, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>));
}
if (!this.DataObject.IsModified(ADGroupSchema.MemberDepartRestriction))
{
this.DataObject.MemberDepartRestriction = ((this.Type == GroupType.Security) ? MemberUpdateType.Closed : MemberUpdateType.Open);
}
if (group.ArbitrationMailbox == null)
{
group.ArbitrationMailbox = MailboxTaskHelper.GetArbitrationMailbox(base.TenantGlobalCatalogSession, base.CurrentOrgContainerId);
if (group.ArbitrationMailbox == null)
{
if (group.MemberJoinRestriction == MemberUpdateType.ApprovalRequired || group.MemberDepartRestriction == MemberUpdateType.ApprovalRequired)
{
base.WriteError(new RecipientTaskException(Strings.ErrorArbitrationMbxNotSetForApproval(base.Name)), ExchangeErrorCategory.Client, group.Identity);
}
if (group.ModerationEnabled)
{
base.WriteError(new RecipientTaskException(Strings.ErrorArbitrationMbxNotSetForModeration(base.Name)), ExchangeErrorCategory.Client, group.Identity);
}
}
}
DistributionGroupTaskHelper.CheckMembershipRestriction(group, new Task.ErrorLoggerDelegate(base.WriteError));
TaskLogger.LogExit();
}
protected override void InternalValidate()
{
base.InternalValidate();
DistributionGroupTaskHelper.CheckModerationInMixedEnvironment(this.DataObject, new Task.TaskWarningLoggingDelegate(this.WriteWarning), Strings.WarningLegacyExchangeServerForMailContact);
}
