Exemple #1
0
        // Token: 0x06000577 RID: 1399 RVA: 0x00014FA0 File Offset: 0x000131A0
        private void LoadRoleAssignments()
        {
            if (!typeof(TDataObject).IsAssignableFrom(typeof(ADUser)))
            {
                this.roleAssignments = null;
                return;
            }
            TDataObject dataObject = base.DataObject;
            ADObjectId  adobjectId;

            if (!dataObject.OrganizationId.Equals(OrganizationId.ForestWideOrgId))
            {
                TDataObject dataObject2 = base.DataObject;
                adobjectId = dataObject2.OrganizationId.ConfigurationUnit;
            }
            else
            {
                adobjectId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            }
            ADObjectId            adobjectId2     = adobjectId;
            ADObjectId            rootOrgId       = adobjectId2;
            TDataObject           dataObject3     = base.DataObject;
            ADSessionSettings     sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgId, dataObject3.OrganizationId, base.ExecutingUserOrganizationId, false);
            IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(base.TenantGlobalCatalogSession.DomainController, false, ConsistencyMode.PartiallyConsistent, sessionSettings, 340, "LoadRoleAssignments", "f:\\15.00.1497\\sources\\dev\\Configuration\\src\\ObjectModel\\BaseTasks\\RemoveAdObjectTask.cs");
            IConfigurationSession configurationSession = tenantOrTopologyConfigurationSession;

            ADObjectId[] array       = new ADObjectId[1];
            ADObjectId[] array2      = array;
            int          num         = 0;
            TDataObject  dataObject4 = base.DataObject;

            array2[num]          = dataObject4.Id;
            this.roleAssignments = configurationSession.FindRoleAssignmentsByUserIds(array, false);
        }
Exemple #2
0
        internal virtual IConfigurationSession CreateSession()
        {
            this.rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            ADSessionSettings sessionSettings = ADSessionSettings.FromCustomScopeSet(base.ScopeSet, this.RootOrgContainerId, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, true);

            return(DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(base.DomainController, true, ConsistencyMode.PartiallyConsistent, ADSessionSettings.RescopeToSubtree(sessionSettings), 213, "CreateSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\Deployment\\ManageOrganizationTaskBase.cs"));
        }
Exemple #3
0
        public virtual string GetTargetPath(ExSearchResultEntry entry)
        {
            string text;

            if (this.type == SyncTreeType.Recipients)
            {
                DirectoryAttribute directoryAttribute = entry.Attributes["objectGUID"];
                Guid guid = new Guid((byte[])directoryAttribute.GetValues(typeof(byte[]))[0]);
                text = "cn=" + guid.ToString() + ",CN=Recipients,OU=MSExchangeGateway";
            }
            else
            {
                if (LdapTargetConnection.rootOrgContainerDN == null)
                {
                    LdapTargetConnection.rootOrgContainerDN = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest().DistinguishedName;
                }
                string text2      = entry.DistinguishedName;
                int    startIndex = -1;
                int    count      = 0;
                if (entry.IsCollisionObject(out startIndex, out count))
                {
                    text2 = text2.Remove(startIndex, count);
                }
                text = text2.Replace(LdapTargetConnection.rootOrgContainerDN, this.adamRootOrgContainerDN);
            }
            ExTraceGlobals.SynchronizationJobTracer.TraceDebug <string, string>((long)this.GetHashCode(), "Translate source DN {0} to target DN {1}", entry.DistinguishedName, text);
            return(text);
        }
Exemple #4
0
            private static IEnumerable <PolicyTipMessageConfig> GetBuiltIn()
            {
                ADObjectId GlobalScopeContainerId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest().GetDescendantId(PolicyTipMessageConfig.PolicyTipMessageConfigContainer);
                IEnumerable <CultureInfo> supportedCultureInfos = from lcid in LanguagePackInfo.expectedCultureLcids
                                                                  select new CultureInfo(lcid);
                PolicyTipMessageConfig policyTipMessageConfig;

                foreach (CultureInfo exchangeCultureInfo in supportedCultureInfos)
                {
                    foreach (Tuple <PolicyTipMessageConfigAction, LocalizedString> mapping in PerTenantPolicyNudgeRulesCollection.PolicyTipMessages.builtInActionStringsMapping)
                    {
                        policyTipMessageConfig = new PolicyTipMessageConfig
                        {
                            Action = mapping.Item1,
                            Locale = exchangeCultureInfo.Name,
                            Value  = mapping.Item2.ToString(exchangeCultureInfo)
                        };
                        policyTipMessageConfig.SetId(GlobalScopeContainerId.GetChildId("BuiltIn\\" + exchangeCultureInfo.Name + "\\" + mapping.Item1.ToString()));
                        yield return(policyTipMessageConfig);
                    }
                }
                policyTipMessageConfig = new PolicyTipMessageConfig
                {
                    Action = PolicyTipMessageConfigAction.Url,
                    Locale = string.Empty,
                    Value  = string.Empty
                };
                policyTipMessageConfig.SetId(GlobalScopeContainerId.GetChildId("BuiltIn\\" + PolicyTipMessageConfigAction.Url.ToString()));
                yield return(policyTipMessageConfig);

                yield break;
            }
Exemple #5
0
        internal override IConfigurationSession CreateSession()
        {
            this.rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            ADSessionSettings sessionSettings = ADSessionSettings.FromCustomScopeSet(base.ScopeSet, base.RootOrgContainerId, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, true);

            return(DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(base.DomainController, false, ConsistencyMode.PartiallyConsistent, null, sessionSettings, ConfigScopes.TenantSubTree, 128, "CreateSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\Deployment\\UpdateServicePlanTask.cs"));
        }
Exemple #6
0
        internal static OrganizationId ResolveOrganization(OrganizationIdParameter organization, OrganizationId currentOrganizationId, OrganizationId executingUserOrganizationId)
        {
            if (organization == null)
            {
                return(null);
            }
            ADObjectId            rootOrgContainerIdForLocalForest = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            ADSessionSettings     sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgContainerIdForLocalForest, currentOrganizationId, executingUserOrganizationId, false);
            IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(null, true, ConsistencyMode.PartiallyConsistent, null, sessionSettings, ConfigScopes.TenantSubTree, 48, "ResolveOrganization", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\FfoReporting\\Common\\ADHelper.cs");

            tenantOrTopologyConfigurationSession.UseConfigNC = false;
            ADOrganizationalUnit adorganizationalUnit  = null;
            LocalizedString?     localizedString       = null;
            IEnumerable <ADOrganizationalUnit> objects = organization.GetObjects <ADOrganizationalUnit>(null, tenantOrTopologyConfigurationSession, null, out localizedString);

            using (IEnumerator <ADOrganizationalUnit> enumerator = objects.GetEnumerator())
            {
                if (!enumerator.MoveNext())
                {
                    throw new ManagementObjectNotFoundException(Strings.ErrorOrganizationNotFound(organization.ToString()));
                }
                adorganizationalUnit = enumerator.Current;
                if (enumerator.MoveNext())
                {
                    throw new ManagementObjectAmbiguousException(Strings.ErrorOrganizationNotUnique(organization.ToString()));
                }
            }
            return(adorganizationalUnit.OrganizationId);
        }
Exemple #7
0
 static Canary15DataSegment()
 {
     Canary15Trace.TraceDateTime(Canary15DataSegment.UtcNow, 0, "Canary15DataSegment().UtcNow.");
     Canary15Trace.TraceTimeSpan(Canary15DataSegment.defaultRefreshPeriod, 1, "Canary15DataSegment().defaultRefreshPeriod.");
     Canary15Trace.TraceTimeSpan(Canary15DataSegment.ReplicationDuration, 2, "Canary15DataSegment().ReplicationDuration.");
     Canary15DataSegment.topoConfigSession      = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(false, ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 119, ".cctor", "f:\\15.00.1497\\sources\\dev\\clients\\src\\common\\Canary15DataSegment.cs");
     Canary15DataSegment.adClientAccessObjectId = Canary15DataSegment.topoConfigSession.GetClientAccessContainerId();
     Canary15DataSegment.LoadClientAccessADObject();
     byte[] array  = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest().ObjectGuid.ToByteArray();
     byte[] array2 = Canary15DataSegment.topoConfigSession.GetDatabasesContainerId().ObjectGuid.ToByteArray();
     Canary15DataSegment.adObjectIdsBinary = new byte[array.Length + array2.Length];
     array.CopyTo(Canary15DataSegment.adObjectIdsBinary, 0);
     array2.CopyTo(Canary15DataSegment.adObjectIdsBinary, array.Length);
     if (Canary15Trace.IsTraceEnabled(TraceType.DebugTrace))
     {
         using (SHA256Cng sha256Cng = new SHA256Cng())
         {
             byte[] bytes = sha256Cng.ComputeHash(Canary15DataSegment.adObjectIdsBinary);
             Canary15Trace.TraceDebug(2L, "adObjectIdsBinaryHash:{0}", new object[]
             {
                 Canary15DataSegment.GetHexString(bytes)
             });
             sha256Cng.Clear();
         }
     }
 }
Exemple #8
0
        internal override IThrottlingPolicy InternalLookup()
        {
            ADObjectId rootOrgContainerIdForLocalForest = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            string     distinguishedName  = string.Format("CN={0},CN=Global Settings,{1}", "TenantHydrationThrottlingPolicy", rootOrgContainerIdForLocalForest.DistinguishedName);
            ADObjectId throttlingPolicyId = new ADObjectId(distinguishedName);

            return(ThrottlingPolicyCache.Singleton.Get(OrganizationId.ForestWideOrgId, throttlingPolicyId));
        }
Exemple #9
0
 public static void SetResolveUsers(AdminAuditLogSearch searchObject, DataAccessHelper.GetDataObjectDelegate getDataObject, Task.TaskVerboseLoggingDelegate writeVerbose, Task.TaskWarningLoggingDelegate writeWarning)
 {
     if (searchObject.UserIdsUserInput != null && searchObject.UserIdsUserInput.Count > 0)
     {
         writeVerbose(Strings.VerboseStartResolvingUsers);
         ADObjectId        rootOrgContainerIdForLocalForest = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
         ADSessionSettings sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgContainerIdForLocalForest, searchObject.OrganizationId, null, false);
         IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(true, ConsistencyMode.PartiallyConsistent, sessionSettings, 515, "SetResolveUsers", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\AdminAuditLog\\AdminAuditLogHelper.cs");
         tenantOrRootOrgRecipientSession.UseConfigNC = false;
         searchObject.UserIds       = new MultiValuedProperty <string>();
         searchObject.ResolvedUsers = new MultiValuedProperty <string>();
         foreach (SecurityPrincipalIdParameter securityPrincipalIdParameter in searchObject.UserIdsUserInput)
         {
             searchObject.UserIds.Add(securityPrincipalIdParameter.RawIdentity);
             bool flag = false;
             try
             {
                 ADRecipient adrecipient = (ADRecipient)getDataObject(securityPrincipalIdParameter, tenantOrRootOrgRecipientSession, null, null, new LocalizedString?(Strings.WarningSearchUserNotFound(securityPrincipalIdParameter.ToString())), new LocalizedString?(Strings.ErrorSearchUserNotUnique(securityPrincipalIdParameter.ToString())));
                 if (adrecipient.Id != null && adrecipient.Id.DomainId != null && !string.IsNullOrEmpty(adrecipient.Id.DomainId.Name))
                 {
                     string text = (string)adrecipient.propertyBag[IADSecurityPrincipalSchema.SamAccountName];
                     if (!string.IsNullOrEmpty(text))
                     {
                         searchObject.ResolvedUsers.Add(adrecipient.Id.DomainId.Name + "\\" + text);
                         flag = true;
                         writeVerbose(Strings.DebugResolvingDomainAccount(securityPrincipalIdParameter.ToString(), adrecipient.Id.DomainId.Name, text));
                     }
                 }
                 if (adrecipient.propertyBag[IADSecurityPrincipalSchema.Sid] != null)
                 {
                     string value = ((SecurityIdentifier)adrecipient.propertyBag[IADSecurityPrincipalSchema.Sid]).Value;
                     if (!string.IsNullOrEmpty(value))
                     {
                         searchObject.ResolvedUsers.Add(value);
                         flag = true;
                         writeVerbose(Strings.DebugResolvingUserSid(securityPrincipalIdParameter.ToString(), value));
                     }
                 }
                 if (adrecipient.Id != null && !string.IsNullOrEmpty(adrecipient.Id.ToString()))
                 {
                     searchObject.ResolvedUsers.Add(adrecipient.Id.ToString());
                     flag = true;
                     writeVerbose(Strings.DebugResolvingUserCN(securityPrincipalIdParameter.ToString(), adrecipient.Id.ToString()));
                 }
                 if (!flag)
                 {
                     writeWarning(Strings.WarningCannotResolveUser(securityPrincipalIdParameter.ToString()));
                     searchObject.ResolvedUsers.Add(securityPrincipalIdParameter.ToString());
                 }
             }
             catch (ManagementObjectNotFoundException)
             {
                 writeWarning(Strings.WarningSearchUserNotFound(securityPrincipalIdParameter.ToString()));
                 searchObject.ResolvedUsers.Add(securityPrincipalIdParameter.ToString());
             }
         }
     }
 }
Exemple #10
0
        public void RegisterForSubmissionServiceEvents()
        {
            if (!this.NeedExplicitDeletedObjectSubscription)
            {
                return;
            }
            ADObjectId descendantId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest().GetDescendantId(InterceptorRule.InterceptorRulesContainer);

            this.RegisterChangeNotificationForDeletedObject <InterceptorRule>(descendantId, new ADNotificationCallback(this.HandleInterceptorRuleDeleted));
        }
Exemple #11
0
        private static ADObjectId GetRootOrgContainerIdForLocalForest()
        {
            ADObjectId rootOrgContainerIdForLocalForest = null;

            ADNotificationAdapter.RunADOperation(delegate()
            {
                rootOrgContainerIdForLocalForest = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            });
            return(rootOrgContainerIdForLocalForest);
        }
Exemple #12
0
        static Canary()
        {
            ITopologyConfigurationSession topologyConfigurationSession = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(true, ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 585, ".cctor", "f:\\15.00.1497\\sources\\dev\\admin\\src\\ecp\\Utilities\\Canary.cs");

            byte[] array  = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest().ObjectGuid.ToByteArray();
            byte[] array2 = topologyConfigurationSession.GetDatabasesContainerId().ObjectGuid.ToByteArray();
            Canary.adObjectIdsBinary = new byte[array.Length + array2.Length];
            array.CopyTo(Canary.adObjectIdsBinary, 0);
            array2.CopyTo(Canary.adObjectIdsBinary, array.Length);
        }
Exemple #13
0
        protected override IConfigDataProvider CreateSession()
        {
            ADObjectId            rootOrgContainerIdForLocalForest = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            ADSessionSettings     sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgContainerIdForLocalForest, base.CurrentOrganizationId ?? base.ExecutingUserOrganizationId, base.ExecutingUserOrganizationId, true);
            IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.PartiallyConsistent, sessionSettings, 133, "CreateSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\TenantMonitoring\\TestExchangeNotification.cs");

            tenantOrTopologyConfigurationSession.UseConfigNC      = true;
            tenantOrTopologyConfigurationSession.UseGlobalCatalog = false;
            return(tenantOrTopologyConfigurationSession);
        }
Exemple #14
0
        private OrganizationId ResolveCurrentOrganization()
        {
            ADObjectId            rootOrgContainerIdForLocalForest = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            ADSessionSettings     sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgContainerIdForLocalForest, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, true);
            IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(base.DomainController, true, ConsistencyMode.PartiallyConsistent, null, sessionSettings, 362, "ResolveCurrentOrganization", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\Migration\\ExportMigrationReport.cs");

            tenantOrTopologyConfigurationSession.UseConfigNC = false;
            ADOrganizationalUnit adorganizationalUnit = (ADOrganizationalUnit)base.GetDataObject <ADOrganizationalUnit>(this.Organization, tenantOrTopologyConfigurationSession, null, new LocalizedString?(Strings.ErrorOrganizationNotFound(this.Organization.ToString())), new LocalizedString?(Strings.ErrorOrganizationNotUnique(this.Organization.ToString())));

            return(adorganizationalUnit.OrganizationId);
        }
Exemple #15
0
 protected override void InternalBeginProcessing()
 {
     base.InternalBeginProcessing();
     this.LoadSupportedToolsData();
     this.tenantVersionRequired = this.toolsData.RequiresTenantVersion();
     if (this.tenantVersionRequired)
     {
         this.rootOrgContainerId    = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
         base.CurrentOrganizationId = OrganizationTaskHelper.ResolveOrganization(this, this.Organization, this.rootOrgContainerId, Strings.ErrorOrganizationParameterRequired);
     }
 }
Exemple #16
0
        private IConfigurationSession GetDialPlanSession()
        {
            IConfigurationSession result = (IConfigurationSession)base.DataSession;

            if (this.SharedUMDialPlan)
            {
                ADObjectId        rootOrgContainerIdForLocalForest = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
                ADSessionSettings sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgContainerIdForLocalForest, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, true);
                result = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, sessionSettings, 167, "GetDialPlanSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\MailboxPolicies\\UMMailboxPolicyTask.cs");
            }
            return(result);
        }
Exemple #17
0
 internal virtual ADObjectId GetRootOrgContainerId(PartitionId partitionId)
 {
     if (partitionId == null)
     {
         throw new ArgumentNullException("partitionId");
     }
     if (ADSession.IsBoundToAdam || partitionId.IsLocalForestPartition())
     {
         return(ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest());
     }
     return(ADSystemConfigurationSession.GetRootOrgContainerId(partitionId.ForestFQDN, null, null));
 }
Exemple #18
0
        protected override IConfigDataProvider CreateSession()
        {
            if (OrganizationId.ForestWideOrgId.Equals(base.CurrentOrganizationId))
            {
                base.WriteError(new ArgumentException(Strings.TenantOrganizationMissing, string.Empty), (ErrorCategory)1000, null);
            }
            ADObjectId            rootOrgContainerIdForLocalForest = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            ADSessionSettings     sessionSettings = ADSessionSettings.FromCustomScopeSet(base.ScopeSet, rootOrgContainerIdForLocalForest, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, true);
            IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(this.DomainController, false, ConsistencyMode.PartiallyConsistent, sessionSettings, 149, "CreateSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\rms\\SetRmsTemplate.cs");

            return(new RmsTemplateDataProvider(tenantOrTopologyConfigurationSession, RmsTemplateType.All, true));
        }
Exemple #19
0
        public static IConfigurationSession CreateSession(OrganizationId organizationId, string configurationDomainController)
        {
            ADObjectId        rootOrgContainerIdForLocalForest = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            ADSessionSettings adsessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgContainerIdForLocalForest, organizationId, null, false);

            if (adsessionSettings == null)
            {
                AdminAuditLogHelper.Tracer.TraceError(0L, "AdminAuditLogHelper: adSessionSettings is null. Cannot get config objects from AD.");
                throw new ArgumentNullException("adSessionSettings is null");
            }
            return(DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(configurationDomainController, true, ConsistencyMode.FullyConsistent, adsessionSettings, 133, "CreateSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\AdminAuditLog\\AdminAuditLogHelper.cs"));
        }
Exemple #20
0
 public static ADSessionSettings ToADSessionSettings(this OrganizationId organizationId)
 {
     if (organizationId == null || organizationId == OrganizationId.ForestWideOrgId)
     {
         return(ADSessionSettings.FromRootOrgScopeSet());
     }
     if (DirectoryExtensions.ServicesRootOrgId == null)
     {
         DirectoryExtensions.ServicesRootOrgId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
     }
     return(ADSessionSettings.FromOrganizationIdWithoutRbacScopes(DirectoryExtensions.ServicesRootOrgId, organizationId, null, false));
 }
Exemple #21
0
        private IPowerShellBudget GetBudget(HttpContext context)
        {
            if (context.User is DelegatedPrincipal)
            {
                using (new MonitoredScope("ThrottlingHttpModule", "AcquireDelegatedPrincipalBudget", HttpModuleHelper.HttpPerfMonitors))
                {
                    return(PowerShellBudget.Acquire(new DelegatedPrincipalBudgetKey((DelegatedPrincipal)context.User, BudgetType.WSMan)));
                }
            }
            if (context.CurrentUserToken() == null)
            {
                ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[ThrottlingHttpModule::GetBudget] No CAT.");
                return(null);
            }
            SecurityIdentifier userSid = context.CurrentUserToken().UserSid;

            if (userSid == null)
            {
                ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[ThrottlingHttpModule::GetBudget] sid = null.");
                return(null);
            }
            OrganizationId organization = context.CurrentUserToken().Organization;

            if (organization == null)
            {
                ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[ThrottlingHttpModule::GetBudget] orgId = null.");
                return(null);
            }
            ADObjectId adobjectId;

            if (organization.Equals(OrganizationId.ForestWideOrgId))
            {
                ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[ThrottlingHttpModule::GetBudget] Forest Wide Org Id.");
                adobjectId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            }
            else
            {
                adobjectId = ADSystemConfigurationSession.GetRootOrgContainerId(organization.PartitionId.ForestFQDN, null, null);
            }
            ExTraceGlobals.HttpModuleTracer.TraceDebug <string>((long)this.GetHashCode(), "[ThrottlingHttpModule::GetBudget] rootOrgId = {0}.", (adobjectId == null) ? null : adobjectId.DistinguishedName);
            IPowerShellBudget result;

            using (new MonitoredScope("ThrottlingHttpModule", "AcquireBudget", HttpModuleHelper.HttpPerfMonitors))
            {
                result = PowerShellBudget.Acquire(userSid, BudgetType.WSMan, ADSessionSettings.FromOrganizationIdWithoutRbacScopes(adobjectId, organization, organization, true));
            }
            return(result);
        }
Exemple #22
0
        // Token: 0x06007494 RID: 29844 RVA: 0x001805CC File Offset: 0x0017E7CC
        protected override IThrottlingPolicy LookupPolicyByOrganizationId()
        {
            string distinguishedName;

            if (OrganizationId.ForestWideOrgId == base.OrganizationId)
            {
                distinguishedName = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest().DistinguishedName;
            }
            else
            {
                distinguishedName = base.OrganizationId.ConfigurationUnit.DistinguishedName;
            }
            string     distinguishedName2 = string.Format("CN=Global Settings,{0}", distinguishedName);
            ADObjectId adobjectId         = new ADObjectId(distinguishedName2);
            ADObjectId childId            = adobjectId.GetChildId("DiscoveryThrottlingPolicy");

            return(ThrottlingPolicyCache.Singleton.Get(base.OrganizationId, childId));
        }
Exemple #23
0
        private static ADSessionSettings GetADSessionSettings(IExchangePrincipal exchangePrincipal)
        {
            OrganizationId organizationId = exchangePrincipal.MailboxInfo.OrganizationId;

            if (organizationId == null)
            {
                organizationId = OrganizationId.ForestWideOrgId;
            }
            ADSessionSettings sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(organizationId);
            IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(true, ConsistencyMode.PartiallyConsistent, sessionSettings, 367, "GetADSessionSettings", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Contacts\\DirectoryPersonSearcher.cs");

            DirectoryPersonSearcher.Tracer.TraceDebug <Guid, OrganizationId>(0L, "Searching for mailbox {0} in organization {1}", exchangePrincipal.MailboxInfo.MailboxGuid, organizationId);
            ADUser aduser = tenantOrRootOrgRecipientSession.FindByExchangeGuid(exchangePrincipal.MailboxInfo.MailboxGuid) as ADUser;

            if (aduser == null)
            {
                DirectoryPersonSearcher.Tracer.TraceError(0L, "Unable to get FromOrganizationIdWithAddressListScopeServiceOnly because ExchangePrincipal is not complete.");
                return(null);
            }
            IConfigurationSession    tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(true, ConsistencyMode.IgnoreInvalid, sessionSettings, 380, "GetADSessionSettings", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Contacts\\DirectoryPersonSearcher.cs");
            AddressBookMailboxPolicy addressBookMailboxPolicy             = null;

            if (aduser.AddressBookPolicy != null)
            {
                addressBookMailboxPolicy = tenantOrTopologyConfigurationSession.Read <AddressBookMailboxPolicy>(aduser.AddressBookPolicy);
            }
            ADObjectId adobjectId;

            if (addressBookMailboxPolicy != null)
            {
                adobjectId = addressBookMailboxPolicy.GlobalAddressList;
            }
            else
            {
                adobjectId = null;
            }
            if (adobjectId != null)
            {
                DirectoryPersonSearcher.Tracer.TraceDebug <ADObjectId>(0L, "Using GAL from ABP {0} for directory search.", adobjectId);
                return(ADSessionSettings.FromOrganizationIdWithAddressListScope(ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest(), organizationId, adobjectId, null));
            }
            DirectoryPersonSearcher.Tracer.TraceDebug(0L, "Using organization scope for directory search.");
            return(ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(organizationId));
        }
Exemple #24
0
        // Token: 0x060007AA RID: 1962 RVA: 0x0003A52C File Offset: 0x0003872C
        static Canary()
        {
            ITopologyConfigurationSession topologyConfigurationSession = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(true, ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 78, ".cctor", "f:\\15.00.1497\\sources\\dev\\clients\\src\\owa\\bin\\core\\Canary.cs");

            byte[] array  = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest().ObjectGuid.ToByteArray();
            byte[] array2 = topologyConfigurationSession.GetDatabasesContainerId().ObjectGuid.ToByteArray();
            Canary.adObjectIdsBinary = new byte[array.Length + array2.Length];
            array.CopyTo(Canary.adObjectIdsBinary, 0);
            array2.CopyTo(Canary.adObjectIdsBinary, array.Length);
            if (ExTraceGlobals.UserContextTracer.IsTraceEnabled(TraceType.DebugTrace))
            {
                using (SHA256Cng sha256Cng = new SHA256Cng())
                {
                    byte[] bytes = sha256Cng.ComputeHash(Canary.adObjectIdsBinary);
                    ExTraceGlobals.UserContextTracer.TraceDebug <string, string>(2L, "{0}.Canary(): adObjectIdsBinaryHash={1}", "Owa.Core.Canary", Canary.GetHexString(bytes));
                    sha256Cng.Clear();
                }
            }
        }
Exemple #25
0
        private static IPowerShellBudget AcquirePowerShellBudget(ExchangeRunspaceConfiguration configuration)
        {
            IPowerShellBudget  powerShellBudget;
            SecurityIdentifier callerSid;

            if (configuration.DelegatedPrincipal != null)
            {
                powerShellBudget = PowerShellBudget.Acquire(new DelegatedPrincipalBudgetKey(configuration.DelegatedPrincipal, BudgetType.PowerShell));
            }
            else if (!configuration.TryGetExecutingUserSid(out callerSid))
            {
                ADObjectId adobjectId;
                if (!configuration.TryGetExecutingUserId(out adobjectId))
                {
                    throw new ExecutingUserPropertyNotFoundException("ExecutingUserSid");
                }
                powerShellBudget = PowerShellBudget.AcquireFallback(adobjectId.ObjectGuid.ToString(), BudgetType.PowerShell);
            }
            else
            {
                ADObjectId rootOrgId;
                if (configuration.ExecutingUserOrganizationId == null || configuration.ExecutingUserOrganizationId.Equals(OrganizationId.ForestWideOrgId))
                {
                    rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
                }
                else
                {
                    rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerId(configuration.ExecutingUserOrganizationId.PartitionId.ForestFQDN, null, null);
                }
                powerShellBudget = PowerShellBudget.Acquire(callerSid, BudgetType.PowerShell, ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgId, configuration.ExecutingUserOrganizationId, configuration.ExecutingUserOrganizationId, true));
            }
            PowerShellThrottlingPolicyUpdater.RevertExpiredThrottlingPolicyIfNeeded(powerShellBudget);
            if (configuration.IsPowerShellWebService)
            {
                IPowerShellBudget result = new PswsBudgetWrapper(((BudgetWrapper <PowerShellBudget>)powerShellBudget).GetInnerBudget());
                if (powerShellBudget != null)
                {
                    powerShellBudget.Dispose();
                }
                return(result);
            }
            return(powerShellBudget);
        }
Exemple #26
0
        private static byte[] Init()
        {
            ITopologyConfigurationSession topologyConfigurationSession = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(true, ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 112, "Init", "f:\\15.00.1497\\sources\\dev\\clients\\src\\common\\CryptoMessage.cs");

            byte[] array  = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest().ObjectGuid.ToByteArray();
            byte[] array2 = topologyConfigurationSession.GetDatabasesContainerId().ObjectGuid.ToByteArray();
            byte[] array3 = new byte[array.Length + array2.Length];
            array.CopyTo(array3, 0);
            array2.CopyTo(array3, array.Length);
            if (ExTraceGlobals.CryptoTracer.IsTraceEnabled(TraceType.DebugTrace))
            {
                using (SHA256Cng sha256Cng = new SHA256Cng())
                {
                    byte[] bytes = sha256Cng.ComputeHash(array3);
                    ExTraceGlobals.CryptoTracer.TraceDebug <string, string, string>(0L, "{0}.{1}: adObjectIdsBinaryHash={2}", "Clients.Common.CryptoMessage", "CryptoMessage()", CryptoMessage.GetHexString(bytes));
                    sha256Cng.Clear();
                }
            }
            return(array3);
        }
Exemple #27
0
        private void PrepareSessionsForTenant()
        {
            this.rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            if (this.Organization != null)
            {
                this.ResolveOrganization();
                this.LogReadObject(this.organization);
                this.orgDomainRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(this.organization.OriginatingServer, false, ConsistencyMode.PartiallyConsistent, ADSessionSettings.FromAllTenantsObjectId(this.organization.Id), 479, "PrepareSessionsForTenant", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\DirectorySetup\\SetupTaskBase.cs");
            }
            if (this.organization != null)
            {
                this.rootOrgId = ((null != this.organization.Id.GetPartitionId() && this.organization.Id.GetPartitionId().ForestFQDN != null) ? ADSystemConfigurationSession.GetRootOrgContainerId(this.organization.Id.GetPartitionId().ForestFQDN, null, null) : ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest());
            }
            ADSessionSettings sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(this.rootOrgId, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, false);

            this.recipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(this.DomainController, false, ConsistencyMode.PartiallyConsistent, null, sessionSettings, ConfigScopes.TenantSubTree, 503, "PrepareSessionsForTenant", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\DirectorySetup\\SetupTaskBase.cs");
            this.recipientSession.UseGlobalCatalog = false;
            this.configurationSession                   = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(this.DomainController, false, ConsistencyMode.PartiallyConsistent, null, sessionSettings, 514, "PrepareSessionsForTenant", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\DirectorySetup\\SetupTaskBase.cs");
            this.domainConfigurationSession             = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(this.DomainController, false, ConsistencyMode.PartiallyConsistent, null, sessionSettings, 521, "PrepareSessionsForTenant", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\DirectorySetup\\SetupTaskBase.cs");
            this.domainConfigurationSession.UseConfigNC = false;
            this.ReadRootDomainFromDc(base.CurrentOrganizationId);
            this.rootDomainRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(this.rootDomain.OriginatingServer, false, ConsistencyMode.PartiallyConsistent, ADSessionSettings.FromAccountPartitionRootOrgScopeSet(base.CurrentOrganizationId.PartitionId), 533, "PrepareSessionsForTenant", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\DirectorySetup\\SetupTaskBase.cs");
        }
Exemple #28
0
        internal void SetOrganizationManagementACLs(ADObject obj)
        {
            ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
            ADSessionSettings  sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(this.OrganizationId.ConfigurationUnit, this.OrganizationId, this.taskInstance.ExecutingUserOrganizationId, false);
            IRecipientSession  tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(false, ConsistencyMode.PartiallyConsistent, sessionSettings, 403, "SetOrganizationManagementACLs", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\database\\PFTreeManagement.cs");
            ADObjectId         childId            = this.OrganizationId.OrganizationalUnit.GetChildId("Organization Management");
            ADGroup            adgroup            = (ADGroup)tenantOrRootOrgRecipientSession.Read(childId);
            SecurityIdentifier sid                = adgroup.Sid;
            List <ActiveDirectoryAccessRule> list = new List <ActiveDirectoryAccessRule>();

            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.MailEnablePublicFolderGuid, ActiveDirectorySecurityInheritance.All));
            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.CreatePublicFolderExtendedRightGuid, ActiveDirectorySecurityInheritance.All));
            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.CreateTopLevelPublicFolderExtendedRightGuid, ActiveDirectorySecurityInheritance.All));
            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.ModifyPublicFolderACLExtendedRightGuid, ActiveDirectorySecurityInheritance.All));
            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.ModifyPublicFolderAdminACLExtendedRightGuid, ActiveDirectorySecurityInheritance.All));
            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.ModifyPublicFolderDeletedItemRetentionExtendedRightGuid, ActiveDirectorySecurityInheritance.All));
            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.ModifyPublicFolderExpiryExtendedRightGuid, ActiveDirectorySecurityInheritance.All));
            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.ModifyPublicFolderQuotasExtendedRightGuid, ActiveDirectorySecurityInheritance.All));
            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.StoreAdminExtendedRightGuid, ActiveDirectorySecurityInheritance.All));
            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.StoreCreateNamedPropertiesExtendedRightGuid, ActiveDirectorySecurityInheritance.All));
            list.Add(new ActiveDirectoryAccessRule(sid, ActiveDirectoryRights.ExtendedRight, AccessControlType.Allow, WellKnownGuid.StoreVisibleExtendedRightGuid, ActiveDirectorySecurityInheritance.All));
            DirectoryCommon.SetAces(new Task.TaskVerboseLoggingDelegate(this.taskInstance.WriteVerbose), null, obj, list.ToArray());
        }
Exemple #29
0
        internal virtual IPowerShellBudget CreateBudget(BudgetType budgetType)
        {
            IPowerShellBudget result = null;

            if (this.DelegatedPrincipal != null)
            {
                ExTraceGlobals.PublicPluginAPITracer.TraceDebug <BudgetType, string>(0L, "Create Budge {0} for AuthZPluginUserToken {1} using DelegatedPrincipal.", budgetType, this.UserName);
                result = PowerShellBudget.Acquire(new DelegatedPrincipalBudgetKey(this.DelegatedPrincipal, budgetType));
            }
            else
            {
                ExTraceGlobals.PublicPluginAPITracer.TraceDebug <BudgetType, string>(0L, "Create Budge {0} for AuthZPluginUserToken {1} using UserEntry.", budgetType, this.UserName);
                if (budgetType == BudgetType.WSManTenant)
                {
                    return(PowerShellBudget.Acquire(new TenantBudgetKey(this.OrgId, budgetType)));
                }
                SecurityIdentifier securityIdentifier = (SecurityIdentifier)this.UserEntry[IADSecurityPrincipalSchema.Sid];
                if (securityIdentifier != null)
                {
                    ADObjectId rootOrgId;
                    if (this.OrgId == null || this.OrgId.Equals(OrganizationId.ForestWideOrgId))
                    {
                        rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest();
                    }
                    else
                    {
                        rootOrgId = ADSystemConfigurationSession.GetRootOrgContainerId(this.OrgId.PartitionId.ForestFQDN, null, null);
                    }
                    result = PowerShellBudget.Acquire(securityIdentifier, budgetType, ADSessionSettings.FromOrganizationIdWithoutRbacScopes(rootOrgId, this.OrgId, this.OrgId, true));
                }
                else
                {
                    ExTraceGlobals.PublicPluginAPITracer.TraceDebug <string>(0L, "Sid is null, return null budget for AuthZPluginUserToken {0}.", this.UserName);
                }
            }
            return(result);
        }
Exemple #30
0
        protected override SiteConfigCache.Item Create(ADObjectId key, ref bool shouldAdd)
        {
            TraceWrapper.SearchLibraryTracer.TraceDebug <ADObjectId>(this.GetHashCode(), "SiteConfigCache miss, searching for {0}", key);
            IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromOrganizationIdWithoutRbacScopes(ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest(), OrganizationId.ForestWideOrgId, null, false), 116, "Create", "f:\\15.00.1497\\sources\\dev\\infoworker\\src\\common\\MessageTracking\\Caching\\SiteConfigCache.cs");

            shouldAdd = true;
            return(SiteConfigCache.GetSiteConfiguration(tenantOrTopologyConfigurationSession, key));
        }