protected override IConfigDataProvider CreateSession()
{
OrganizationId organizationId = this.ResolveCurrentOrganization();
ADUser tenantArbitrationMailbox;
try
{
tenantArbitrationMailbox = AdminAuditLogHelper.GetTenantArbitrationMailbox(organizationId);
}
catch (ObjectNotFoundException innerException)
{
TaskLogger.Trace("ObjectNotFoundException occurred when getting Exchange principal from the arbitration mailbox.", new object[0]);
throw new AuditLogSearchArbitrationMailboxNotFoundException(organizationId.ToString(), innerException);
}
catch (NonUniqueRecipientException innerException2)
{
TaskLogger.Trace("More than one tenant arbitration mailbox found for the current organization.", new object[0]);
throw new AuditLogSearchNonUniqueArbitrationMailboxFoundException(organizationId.ToString(), innerException2);
}
ExchangePrincipal principal = ExchangePrincipal.FromADUser(ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(organizationId), tenantArbitrationMailbox, RemotingOptions.AllowCrossSite);
ADSessionSettings sessionSettings = base.CurrentOrganizationId.ToADSessionSettings();
this.recipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(true, ConsistencyMode.FullyConsistent, sessionSettings, 310, "CreateSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\AuditLogSearch\\NewAuditLogSearch.cs");
return(this.InternalCreateSearchDataProvider(principal, organizationId));
}
public static ArbitrationMailboxStatus CheckArbitrationMailboxStatus(OrganizationId organizationId, out ADUser user, out ExchangePrincipal principal, out Exception exception)
{
user = null;
principal = null;
exception = null;
try
{
if (DatacenterRegistry.IsForefrontForOffice())
{
return(ArbitrationMailboxStatus.FFO);
}
user = AdminAuditLogHelper.GetTenantArbitrationMailbox(organizationId);
principal = ExchangePrincipal.FromADUser(ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(organizationId), user, RemotingOptions.AllowCrossSite);
AdminAuditLogHelper.Tracer.TraceDebug <int>(0L, "AdminAuditLogHelper: Tenant arbitration mailbox server version is {0}", principal.MailboxInfo.Location.ServerVersion);
if (principal.MailboxInfo.Location.ServerVersion < Server.E14SP1MinVersion)
{
return(ArbitrationMailboxStatus.R4);
}
if (principal.MailboxInfo.Location.ServerVersion < Server.E15MinVersion)
{
return(ArbitrationMailboxStatus.R5);
}
return(ArbitrationMailboxStatus.E15);
}
catch (ObjectNotFoundException ex)
{
exception = ex;
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, ObjectNotFoundException>(0L, "AdminAuditLogHelper: unable to determine the arbitration mailbox version for org {0}, exception {1}", organizationId, ex);
}
catch (MailboxInfoStaleException ex2)
{
exception = ex2;
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, MailboxInfoStaleException>(0L, "AdminAuditLogHelper: unable to determine the arbitration mailbox version for org {0}, exception {1}", organizationId, ex2);
}
catch (SuitabilityDirectoryException ex3)
{
exception = ex3;
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, SuitabilityDirectoryException>(0L, "AdminAuditLogHelper: unable to determine the arbitration mailbox version for org {0}, exception {1}", organizationId, ex3);
}
catch (DatabaseLocationUnavailableException ex4)
{
exception = ex4;
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, DatabaseLocationUnavailableException>(0L, "AdminAuditLogHelper: unable to determine the arbitration mailbox version for org {0}, exception {1}", organizationId, ex4);
}
return(ArbitrationMailboxStatus.UnableToKnow);
}
protected override IConfigDataProvider CreateSession()
{
OrganizationId organizationId = this.ResolveOrganizationId();
ADUser tenantArbitrationMailbox;
try
{
tenantArbitrationMailbox = AdminAuditLogHelper.GetTenantArbitrationMailbox(organizationId);
}
catch (ObjectNotFoundException innerException)
{
TaskLogger.Trace("ObjectNotFoundException occurred when getting Exchange principal from the discovery mailbox user.", new object[0]);
throw new AdminAuditLogSearchException(Strings.AuditLogSearchArbitrationMailboxNotFound(organizationId.ToString()), innerException);
}
catch (NonUniqueRecipientException innerException2)
{
TaskLogger.Trace("More than one tenant arbitration mailbox found for the current organization.", new object[0]);
throw new AdminAuditLogSearchException(Strings.AuditLogSearchNonUniqueArbitrationMailbox(organizationId.ToString()), innerException2);
}
ExchangePrincipal primaryMailbox = ExchangePrincipal.FromADUser(ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(organizationId), tenantArbitrationMailbox, RemotingOptions.AllowCrossSite);
return(new AuditLogSearchEwsDataProvider(primaryMailbox));
}
public static StoreObjectId GetOrCreateAdminAuditLogsFolderId(OrganizationId orgId)
{
ADUser tenantArbitrationMailbox = AdminAuditLogHelper.GetTenantArbitrationMailbox(orgId);
return(AdminAuditLogHelper.GetOrCreateAdminAuditLogsFolderId(tenantArbitrationMailbox));
}
public AdminAuditLogEvent[] Search()
{
TaskLogger.LogEnter();
TaskLogger.Trace("Search criteria:\\r\\n{0}", new object[]
{
this.searchCriteria.ToString()
});
if (DatacenterRegistry.IsForefrontForOffice())
{
return(this.SearchInFFO());
}
ADUser tenantArbitrationMailbox;
try
{
tenantArbitrationMailbox = AdminAuditLogHelper.GetTenantArbitrationMailbox(this.searchCriteria.OrganizationId);
}
catch (ObjectNotFoundException innerException)
{
TaskLogger.Trace("ObjectNotFoundException occurred when getting Exchange principal from the discovery mailbox user.", new object[0]);
throw new AdminAuditLogSearchException(Strings.AdminAuditLogsLocationNotFound(this.searchCriteria.OrganizationId.ToString()), innerException);
}
catch (NonUniqueRecipientException innerException2)
{
TaskLogger.Trace("More than one tenant arbitration mailbox found for the current organization.", new object[0]);
throw new AdminAuditLogSearchException(Strings.AdminAuditLogsLocationNotFound(this.searchCriteria.OrganizationId.ToString()), innerException2);
}
Exception ex = null;
ExchangePrincipal principal = ExchangePrincipal.FromADUser(this.searchCriteria.OrganizationId.ToADSessionSettings(), tenantArbitrationMailbox, RemotingOptions.AllowCrossSite);
AdminAuditLogEvent[] result;
try
{
TaskLogger.Trace("Opening EWS connection for the tenant arbitration mailbox", new object[0]);
EwsAuditClient ewsAuditClient = new EwsAuditClient(new EwsConnectionManager(principal, OpenAsAdminOrSystemServiceBudgetTypeType.Default, AdminAuditLogSearchWorker.Tracer), TimeSpan.FromSeconds((double)this.searchTimeoutSeconds), AdminAuditLogSearchWorker.Tracer);
FolderIdType folderIdType = null;
ewsAuditClient.CheckAndCreateWellKnownFolder(DistinguishedFolderIdNameType.root, DistinguishedFolderIdNameType.recoverableitemsroot, out folderIdType);
ewsAuditClient.CheckAndCreateWellKnownFolder(DistinguishedFolderIdNameType.recoverableitemsroot, DistinguishedFolderIdNameType.adminauditlogs, out folderIdType);
if (folderIdType == null)
{
result = Array <AdminAuditLogEvent> .Empty;
}
else
{
EwsAuditLogCollection logCollection = new EwsAuditLogCollection(ewsAuditClient, folderIdType);
AuditLogSearchId auditLogSearchId = this.searchCriteria.Identity as AuditLogSearchId;
IEnumerable <AdminAuditLogEvent> source;
if (this.UseFASTQuery())
{
QueryStringType queryFilter = this.GenerateFASTSearchQueryString();
source = AuditLogSearchQuery.SearchAuditLogs <AdminAuditLogEvent, QueryStringType>(logCollection, queryFilter, this.searchCriteria.ResultSize + this.searchCriteria.StartIndex, TimeSpan.FromSeconds((double)this.searchTimeoutSeconds), new AdminAuditLogSearchWorker.QueryStrategy(this.searchCriteria), AdminAuditLogSearchWorker.Tracer);
}
else
{
RestrictionType queryFilter2 = this.GenerateSearchQueryFilterForEWS();
source = AuditLogSearchQuery.SearchAuditLogs <AdminAuditLogEvent, RestrictionType>(logCollection, queryFilter2, this.searchCriteria.ResultSize + this.searchCriteria.StartIndex, TimeSpan.FromSeconds((double)this.searchTimeoutSeconds), new AdminAuditLogSearchWorker.QueryStrategy(this.searchCriteria), AdminAuditLogSearchWorker.Tracer);
}
if (this.searchStatistics != null)
{
this.searchStatistics.QueryComplexity = this.searchCriteria.QueryComplexity;
this.searchStatistics.CorrelationID = ((auditLogSearchId != null) ? auditLogSearchId.Guid.ToString() : string.Empty);
}
AdminAuditLogEvent[] array = source.Take(this.searchCriteria.ResultSize).ToArray <AdminAuditLogEvent>();
this.RedactCallerField(array);
if (this.searchStatistics != null)
{
this.searchStatistics.ResultsReturned += array.LongLength;
this.searchStatistics.CallResult = true;
}
result = array;
}
}
catch (StorageTransientException ex2)
{
ex = ex2;
TaskLogger.Trace("Search admin audit log failed with transient storage exception. {0}", new object[]
{
ex2
});
throw new AdminAuditLogSearchException(Strings.AdminAuditLogSearchFailed, ex2, this.searchCriteria);
}
catch (StoragePermanentException ex3)
{
ex = ex3;
TaskLogger.Trace("Search admin audit log failed with permanent storage exception. {0}", new object[]
{
ex3
});
throw new AdminAuditLogSearchException(Strings.AdminAuditLogSearchFailed, ex3, this.searchCriteria);
}
catch (AuditLogException ex4)
{
ex = ex4;
TaskLogger.Trace("Search admin audit log failed with storage exception. {0}", new object[]
{
ex4
});
throw new AdminAuditLogSearchException(Strings.AdminAuditLogSearchFailed, ex4, this.searchCriteria);
}
finally
{
if (this.searchStatistics != null && ex != null)
{
this.searchStatistics.ErrorType = ex;
this.searchStatistics.ErrorCount++;
}
TaskLogger.LogExit();
}
return(result);
}
