protected override void WriteResult(IConfigurable dataObject) { TaskLogger.LogEnter(); base.HasObjectMatchingIdentity = true; ActiveDirectorySecurity activeDirectorySecurity = PermissionTaskHelper.ReadAdSecurityDescriptor((ADRawEntry)dataObject, (IConfigurationSession)base.DataSession, new Task.TaskErrorLoggingDelegate(base.WriteError)); if (!base.Owner.IsPresent) { AuthorizationRuleCollection accessRules = activeDirectorySecurity.GetAccessRules(true, true, typeof(SecurityIdentifier)); int num = 0; while (accessRules.Count > num) { ActiveDirectoryAccessRule activeDirectoryAccessRule = (ActiveDirectoryAccessRule)accessRules[num]; if (base.SecurityPrincipal == null || (base.SecurityPrincipal != null && base.SecurityPrincipal == activeDirectoryAccessRule.IdentityReference)) { ADAcePresentationObject adacePresentationObject = new ADAcePresentationObject(activeDirectoryAccessRule, ((ADRawEntry)dataObject).Id); adacePresentationObject.ResetChangeTracking(true); base.WriteResult(adacePresentationObject); } num++; } } else { IdentityReference owner = activeDirectorySecurity.GetOwner(typeof(NTAccount)); base.WriteResult(new OwnerPresentationObject(((ADRawEntry)dataObject).Id, owner.ToString())); } TaskLogger.LogExit(); }
protected override void InternalBeginProcessing() { TaskLogger.LogEnter(); this.readOnlyRecipientSession = PermissionTaskHelper.GetReadOnlyRecipientSession(this.DomainController); if (this.readOnlyRecipientSession.UseGlobalCatalog) { this.globalCatalogRecipientSession = this.readOnlyRecipientSession; } else { this.globalCatalogRecipientSession = PermissionTaskHelper.GetReadOnlyRecipientSession(null); } this.readOnlyConfigurationSession = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(this.DomainController, true, ConsistencyMode.PartiallyConsistent, ADSessionSettings.FromRootOrgScopeSet(), 207, "InternalBeginProcessing", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\permission\\SetPermissionTaskBase.cs"); if (this.DomainController != null) { ADServer adserver = DirectoryUtilities.DomainControllerFromName(this.DomainController); if (adserver == null) { base.ThrowTerminatingError(new RecipientTaskException(Strings.DCWithGivenNameCouldNotBeFound(this.DomainController)), ErrorCategory.ObjectNotFound, null); } this.domainControllerDomainId = adserver.DomainId; } this.modifiedAcl.Clear(); this.modifiedObjects.Clear(); TaskLogger.LogExit(); }
protected override void InternalBeginProcessing() { TaskLogger.LogEnter(); base.InternalBeginProcessing(); this.readOnlySession = PermissionTaskHelper.GetReadOnlySession(base.DomainController); TaskLogger.LogExit(); }
protected override IConfigurable ResolveDataObject() { TaskLogger.LogEnter(); IConfigurable result = PermissionTaskHelper.ResolveDataObject(this.readOnlySession, base.ReadOnlyConfigurationSession, this.globalCatalogSession, this.Identity, new DataAccessHelper.GetDataObjectDelegate(base.GetDataObject <ADRawEntry>), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); TaskLogger.LogExit(); return(result); }
protected override void WriteResult(IConfigurable dataObject) { TaskLogger.LogEnter(); this.HasObjectMatchingIdentity = true; ADUser aduser = (ADUser)dataObject; if (aduser.Database == null || aduser.ExchangeGuid == Guid.Empty) { base.Validate(aduser); } else { ActiveDirectorySecurity activeDirectorySecurity = PermissionTaskHelper.ReadMailboxSecurityDescriptor((ADUser)dataObject, PermissionTaskHelper.GetReadOnlySession(base.DomainController), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError)); if (!this.Owner.IsPresent) { AuthorizationRuleCollection accessRules = activeDirectorySecurity.GetAccessRules(true, true, typeof(SecurityIdentifier)); int num = 0; while (accessRules.Count > num) { ActiveDirectoryAccessRule activeDirectoryAccessRule = (ActiveDirectoryAccessRule)accessRules[num]; if (this.SecurityPrincipal == null || this.SecurityPrincipal.Sid == activeDirectoryAccessRule.IdentityReference || this.SecurityPrincipal.SidHistory.Contains(activeDirectoryAccessRule.IdentityReference as SecurityIdentifier)) { MailboxAcePresentationObject mailboxAcePresentationObject = new MailboxAcePresentationObject(activeDirectoryAccessRule, ((ADRawEntry)dataObject).Id); if (Globals.IsDatacenter && base.TenantGlobalCatalogSession != null) { SecurityIdentifier securityIdentifier = (SecurityIdentifier)activeDirectoryAccessRule.IdentityReference; ADRecipient adrecipient = null; try { adrecipient = base.TenantGlobalCatalogSession.FindBySid(securityIdentifier); } catch { } if (adrecipient != null) { string friendlyName = (!string.IsNullOrEmpty(adrecipient.DisplayName)) ? adrecipient.DisplayName : adrecipient.Name; mailboxAcePresentationObject.User = new SecurityPrincipalIdParameter(securityIdentifier, friendlyName); } } mailboxAcePresentationObject.ResetChangeTracking(true); base.WriteResult(mailboxAcePresentationObject); } num++; } } else { IdentityReference owner = activeDirectorySecurity.GetOwner(typeof(NTAccount)); OwnerPresentationObject dataObject2 = new OwnerPresentationObject(((ADUser)dataObject).Id, owner.ToString()); base.WriteResult(dataObject2); } } TaskLogger.LogExit(); }
private void GrantServerAdminRole() { try { ActiveDirectoryAccessRule[] acesToServerAdmin = PermissionTaskHelper.GetAcesToServerAdmin(this.ConfigurationSession, ((IADSecurityPrincipal)this.user).Sid); DirectoryCommon.SetAces(new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskWarningLoggingDelegate(this.WriteWarning), this.server, acesToServerAdmin); } catch (SecurityDescriptorAccessDeniedException exception) { base.WriteError(exception, ErrorCategory.PermissionDenied, null); } this.WriteWarning(Strings.CouldNotFindLocalAdministratorGroup(this.server.Name, this.Identity.ToString())); }
protected override void WriteResult(IConfigurable dataObject) { TaskLogger.LogEnter(); IDirectorySession directorySession = (IDirectorySession)base.DataSession; if (TaskHelper.ShouldUnderscopeDataSessionToOrganization(directorySession, (ADObject)dataObject)) { directorySession = TaskHelper.UnderscopeSessionToOrganization(directorySession, ((ADObject)dataObject).OrganizationId, true); } ActiveDirectorySecurity activeDirectorySecurity = PermissionTaskHelper.ReadAdSecurityDescriptor((ADRawEntry)dataObject, directorySession, new Task.TaskErrorLoggingDelegate(base.WriteError)); AuthorizationRuleCollection accessRules = activeDirectorySecurity.GetAccessRules(true, true, typeof(SecurityIdentifier)); foreach (object obj in accessRules) { ActiveDirectoryAccessRule activeDirectoryAccessRule = (ActiveDirectoryAccessRule)obj; if (this.Trustee == null || this.trusteeSid == activeDirectoryAccessRule.IdentityReference) { RecipientAccessRight?recipientAccessRight = this.FilterByRecipientAccessRights(activeDirectoryAccessRule, this.AccessRights); if (recipientAccessRight != null) { string text = string.Empty; if (Globals.IsDatacenter && base.TenantGlobalCatalogSession != null) { try { SecurityIdentifier sId = (SecurityIdentifier)activeDirectoryAccessRule.IdentityReference; ADRecipient adrecipient = base.TenantGlobalCatalogSession.FindBySid(sId); if (adrecipient != null) { text = ((!string.IsNullOrEmpty(adrecipient.DisplayName)) ? adrecipient.DisplayName : adrecipient.Name); } } catch { } } if (string.IsNullOrEmpty(text)) { text = RecipientPermissionTaskHelper.GetFriendlyNameOfSecurityIdentifier((SecurityIdentifier)activeDirectoryAccessRule.IdentityReference, base.TenantGlobalCatalogSession, new Task.TaskErrorLoggingDelegate(base.WriteError), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); } RecipientPermission dataObject2 = new RecipientPermission(activeDirectoryAccessRule, ((ADRawEntry)dataObject).Id, text, recipientAccessRight.Value); base.WriteResult(dataObject2); } } } TaskLogger.LogExit(); }
protected override void InternalBeginProcessing() { TaskLogger.LogEnter(); base.InternalBeginProcessing(); this.readOnlySession = PermissionTaskHelper.GetReadOnlySession(base.DomainController); if (this.readOnlySession.UseGlobalCatalog) { this.globalCatalogSession = this.readOnlySession; } else { this.globalCatalogSession = PermissionTaskHelper.GetReadOnlySession(null); } this.writableSessionOnSpcecifiedDC = PermissionTaskHelper.GetWritableSession(base.DomainController); this.writableSession = PermissionTaskHelper.GetWritableSession(null); TaskLogger.LogExit(); }
protected override void InternalBeginProcessing() { TaskLogger.LogEnter(); base.InternalBeginProcessing(); this.readOnlyRecipientSession = PermissionTaskHelper.GetReadOnlyRecipientSession(this.DomainController); if (this.readOnlyRecipientSession.UseGlobalCatalog) { this.globalCatalogRecipientSession = this.readOnlyRecipientSession; } else { this.globalCatalogRecipientSession = PermissionTaskHelper.GetReadOnlyRecipientSession(null); } if (this.User != null) { this.securityPrincipal = SecurityPrincipalIdParameter.GetUserSid(this.GlobalCatalogRecipientSession, this.User, new Task.TaskErrorLoggingDelegate(base.ThrowTerminatingError), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); } TaskLogger.LogExit(); }
protected void ApplyDelegationInternal(bool removeDelegation) { ADRecipient adrecipient = this.SecurityPrincipal.Sid.IsWellKnown(WellKnownSidType.SelfSid) ? this.DataObject : ((ADRecipient)this.SecurityPrincipal); if (adrecipient.RecipientType == RecipientType.UserMailbox) { ADUser dataObject = this.DataObject; ADUser aduser = this.GetADUser(base.DataSession, dataObject); if (aduser != null) { try { PermissionTaskHelper.SetDelegation(aduser, adrecipient, base.DataSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), removeDelegation); if (!removeDelegation && ((ADUser)adrecipient).DelegateListBL.Count >= 16) { this.WriteWarning(Strings.WarningDelegatesExceededOutlookLimit); } return; } catch (DataValidationException exception) { base.WriteError(exception, ErrorCategory.WriteError, null); return; } catch (DataSourceOperationException exception2) { base.WriteError(exception2, ErrorCategory.WriteError, null); return; } catch (DataSourceTransientException exception3) { base.WriteError(exception3, ErrorCategory.WriteError, null); return; } } base.WriteVerbose(Strings.VerboseMailboxDelegateSkipNotADUser(this.DataObject.ToString())); return; } base.WriteVerbose(Strings.VerboseMailboxDelegateSkip(this.Instance.User.ToString())); }
protected override void InternalProcessRecord() { TaskLogger.LogEnter(); if (base.IsInherited) { return; } if ("Owner" == base.ParameterSetName) { ActiveDirectorySecurity activeDirectorySecurity = PermissionTaskHelper.ReadMailboxSecurityDescriptor(this.DataObject, PermissionTaskHelper.GetReadOnlySession(base.DomainController), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError)); SecurityIdentifier sid = this.owner; activeDirectorySecurity.SetOwner(sid); new RawSecurityDescriptor(activeDirectorySecurity.GetSecurityDescriptorBinaryForm(), 0); PermissionTaskHelper.SaveMailboxSecurityDescriptor(this.DataObject, activeDirectorySecurity, base.DataSession, ref this.storeSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError)); string friendlyUserName = SecurityPrincipalIdParameter.GetFriendlyUserName(sid, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); base.WriteObject(new OwnerPresentationObject(this.DataObject.Id, friendlyUserName)); } else { base.InternalProcessRecord(); } TaskLogger.LogExit(); }
protected override void InternalProcessRecord() { TaskLogger.LogEnter(); if (base.IsInherited) { return; } if ("Owner" == base.ParameterSetName) { IConfigurationSession writableSession = base.GetWritableSession(this.DataObject.Id); ActiveDirectorySecurity activeDirectorySecurity = PermissionTaskHelper.ReadAdSecurityDescriptor(this.DataObject, writableSession, new Task.TaskErrorLoggingDelegate(base.WriteError)); SecurityIdentifier sid = this.owner; activeDirectorySecurity.SetOwner(sid); RawSecurityDescriptor sd = new RawSecurityDescriptor(activeDirectorySecurity.GetSecurityDescriptorBinaryForm(), 0); writableSession.SaveSecurityDescriptor(this.DataObject.Id, sd, true); string friendlyUserName = SecurityPrincipalIdParameter.GetFriendlyUserName(sid, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); base.WriteObject(new OwnerPresentationObject(this.DataObject.Id, friendlyUserName)); } else { base.InternalProcessRecord(); } TaskLogger.LogExit(); }
protected override void InternalProcessRecord() { TaskLogger.LogEnter(new object[] { this.DataObject }); bool flag = false; if (false == this.Force && this.Arbitration) { TIdentity identity = this.Identity; if (!base.ShouldContinue(Strings.SetArbitrationMailboxConfirmationMessage(identity.ToString()))) { TaskLogger.LogExit(); return; } } if (false == this.Force && this.originalForwardingAddress == null && this.DataObject.ForwardingAddress != null && this.DataObject.ForwardingSmtpAddress != null) { LocalizedString message = (this.originalForwardingSmtpAddress != null) ? Strings.SetMailboxForwardingAddressConfirmationMessage : Strings.SetBothForwardingAddressConfirmationMessage; if (!base.ShouldContinue(message)) { TaskLogger.LogExit(); return; } } if (this.DataObject.IsModified(MailboxSchema.ForwardingSmtpAddress) && this.DataObject.ForwardingSmtpAddress != null && this.DataObject.ForwardingAddress != null && !base.Fields.IsModified(MailboxSchema.ForwardingAddress)) { this.WriteWarning(Strings.ContactAdminForForwardingWarning); } if (false == this.Force && this.DataObject.IsModified(ADRecipientSchema.AuditLogAgeLimit)) { EnhancedTimeSpan t; if (this.DataObject.MailboxAuditLogAgeLimit == EnhancedTimeSpan.Zero) { TIdentity identity2 = this.Identity; if (!base.ShouldContinue(Strings.ConfirmationMessageSetMailboxAuditLogAgeLimitZero(identity2.ToString()))) { TaskLogger.LogExit(); return; } } else if (this.DataObject.TryGetOriginalValue<EnhancedTimeSpan>(ADRecipientSchema.AuditLogAgeLimit, out t)) { EnhancedTimeSpan mailboxAuditLogAgeLimit = this.DataObject.MailboxAuditLogAgeLimit; if (t > mailboxAuditLogAgeLimit) { TIdentity identity3 = this.Identity; if (!base.ShouldContinue(Strings.ConfirmationMessageSetMailboxAuditLogAgeLimitSmaller(identity3.ToString(), mailboxAuditLogAgeLimit.ToString()))) { TaskLogger.LogExit(); return; } } } } bool flag2 = false; bool flag3 = false; MapiMessageStoreSession mapiMessageStoreSession = null; try { if (this.needChangeMailboxSubtype) { if (this.originalRecipientTypeDetails == RecipientTypeDetails.UserMailbox) { MailboxTaskHelper.GrantPermissionToLinkedUserAccount(this.DataObject, PermissionTaskHelper.GetReadOnlySession(null), new Task.ErrorLoggerDelegate(base.WriteError), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); flag2 = true; flag3 = true; } else if (this.targetRecipientTypeDetails == RecipientTypeDetails.UserMailbox) { MailboxTaskHelper.ClearExternalAssociatedAccountPermission(this.DataObject, PermissionTaskHelper.GetReadOnlySession(null), new Task.ErrorLoggerDelegate(base.WriteError), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); flag = true; flag3 = true; } } else if (this.DataObject.IsChanged(ADRecipientSchema.MasterAccountSid)) { MailboxTaskHelper.GrantPermissionToLinkedUserAccount(this.DataObject, PermissionTaskHelper.GetReadOnlySession(null), new Task.ErrorLoggerDelegate(base.WriteError), new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); flag2 = true; flag3 = true; } base.InternalProcessRecord(); if (flag3) { PermissionTaskHelper.SaveMailboxSecurityDescriptor(this.DataObject, SecurityDescriptorConverter.ConvertToActiveDirectorySecurity(this.DataObject.ExchangeSecurityDescriptor), (IRecipientSession)base.DataSession, ref mapiMessageStoreSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError)); } } finally { if (mapiMessageStoreSession != null) { mapiMessageStoreSession.Dispose(); } } if (flag2) { base.WriteVerbose(Strings.VerboseSaveADSecurityDescriptor(this.DataObject.Id.ToString())); this.DataObject.SaveSecurityDescriptor(((SecurityDescriptor)this.DataObject[ADObjectSchema.NTSecurityDescriptor]).ToRawSecurityDescriptor()); } bool flag4 = base.Fields.IsModified(ADUserSchema.SharingPolicy); if (this.RemoveManagedFolderAndPolicy || flag || flag4) { ADSessionSettings sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(base.RootOrgContainerId, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, false); IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(base.DomainController, true, ConsistencyMode.IgnoreInvalid, sessionSettings, 4021, "InternalProcessRecord", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\mailbox\\SetMailbox.cs"); if (!tenantOrRootOrgRecipientSession.IsReadConnectionAvailable()) { tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, sessionSettings, 4030, "InternalProcessRecord", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\mailbox\\SetMailbox.cs"); } MailboxSession mailboxSession = this.OpenMailboxSession(tenantOrRootOrgRecipientSession, this.DataObject); if (mailboxSession == null) { base.WriteError(new RecipientTaskException(Strings.LogonFailure), ExchangeErrorCategory.ServerOperation, null); return; } using (mailboxSession) { if (this.RemoveManagedFolderAndPolicy && !ElcMailboxHelper.RemoveElcInMailbox(mailboxSession)) { this.WriteWarning(Strings.WarningNonemptyManagedFolderNotDeleted); } if (flag) { using (CalendarConfigurationDataProvider calendarConfigurationDataProvider = new CalendarConfigurationDataProvider(mailboxSession)) { CalendarConfiguration calendarConfiguration = (CalendarConfiguration)calendarConfigurationDataProvider.Read<CalendarConfiguration>(null); calendarConfiguration.AutomateProcessing = CalendarProcessingFlags.None; try { calendarConfigurationDataProvider.Save(calendarConfiguration); } catch (LocalizedException exception) { base.WriteError(exception, ExchangeErrorCategory.ServerOperation, null); } } } if (flag4) { mailboxSession.Mailbox.Delete(MailboxSchema.LastSharingPolicyAppliedId); mailboxSession.Mailbox.Delete(MailboxSchema.LastSharingPolicyAppliedHash); mailboxSession.Mailbox.Delete(MailboxSchema.LastSharingPolicyAppliedTime); mailboxSession.Mailbox.Save(); } } } if (base.IsSetRandomPassword) { MailboxTaskHelper.SetMailboxPassword((IRecipientSession)base.DataSession, this.DataObject, null, new Task.ErrorLoggerDelegate(base.WriteError)); } TaskLogger.LogExit(); }
private static bool CheckPermissionsOnDkmObjects(IEnumerable <ADRawEntry> dkmObjects, IRootOrganizationRecipientSession session, Dictionary <SecurityIdentifier, ActiveDirectoryRights> expectedAccessRights, StringBuilder detailStatus) { bool result = true; foreach (ADRawEntry adrawEntry in dkmObjects) { RawSecurityDescriptor rawSecurityDescriptor; ActiveDirectorySecurity activeDirectorySecurity = PermissionTaskHelper.ReadAdSecurityDescriptor(adrawEntry, session, null, out rawSecurityDescriptor); if (activeDirectorySecurity == null) { result = false; detailStatus.AppendFormat("Failed to read security descriptor for DKM object {0}. Examine the ACL settings on DKM objects.\r\n", adrawEntry.Id.DistinguishedName); } else { AuthorizationRuleCollection accessRules = activeDirectorySecurity.GetAccessRules(true, true, typeof(SecurityIdentifier)); StringBuilder stringBuilder = new StringBuilder(); stringBuilder.AppendLine(string.Format("Object DN: {0}\r\n", adrawEntry.Id.DistinguishedName)); bool flag = false; Dictionary <SecurityIdentifier, ActiveDirectoryRights> dictionary = new Dictionary <SecurityIdentifier, ActiveDirectoryRights>(); foreach (object obj in accessRules) { ActiveDirectoryAccessRule activeDirectoryAccessRule = (ActiveDirectoryAccessRule)obj; try { if (!expectedAccessRights.ContainsKey((SecurityIdentifier)activeDirectoryAccessRule.IdentityReference)) { int num = AuthzAuthorization.CheckGenericPermission((SecurityIdentifier)activeDirectoryAccessRule.IdentityReference, rawSecurityDescriptor, AccessMask.MaximumAllowed); if (num != 0) { stringBuilder.AppendFormat("Unexpected ACE with Identity: {0}, Rights: {1}\r\n\r\n", TestDataCenterDKMAccess.AccountNameFromSid(activeDirectoryAccessRule.IdentityReference.ToString()), (ActiveDirectoryRights)num); result = false; flag = true; } } else { dictionary[(SecurityIdentifier)activeDirectoryAccessRule.IdentityReference] = (ActiveDirectoryRights)AuthzAuthorization.CheckGenericPermission((SecurityIdentifier)activeDirectoryAccessRule.IdentityReference, rawSecurityDescriptor, AccessMask.MaximumAllowed); } } catch (Win32Exception ex) { stringBuilder.AppendFormat("Failed to check ACL for Identity: {0} with Win32Exception {1} and ErrorCode {2}\r\n", TestDataCenterDKMAccess.AccountNameFromSid(activeDirectoryAccessRule.IdentityReference.ToString()), ex.Message, ex.ErrorCode); result = false; flag = true; } } Dictionary <SecurityIdentifier, ActiveDirectoryRights> dictionary2 = new Dictionary <SecurityIdentifier, ActiveDirectoryRights>(expectedAccessRights); foreach (KeyValuePair <SecurityIdentifier, ActiveDirectoryRights> keyValuePair in dictionary) { if (dictionary2[keyValuePair.Key] != keyValuePair.Value) { stringBuilder.AppendFormat("Wrong rights in ACE for Identity {0}\r\nExpected Rights: {1}\r\nActual Rights: {2}\r\n\r\n", TestDataCenterDKMAccess.AccountNameFromSid(keyValuePair.Key.ToString()), dictionary2[keyValuePair.Key], keyValuePair.Value); result = false; flag = true; } dictionary2.Remove(keyValuePair.Key); } if (dictionary2.Count > 0) { foreach (KeyValuePair <SecurityIdentifier, ActiveDirectoryRights> keyValuePair2 in dictionary2) { stringBuilder.AppendFormat("Missing expected ACE for Identity {0}\r\nExpected Rights: {1}\r\n\r\n", TestDataCenterDKMAccess.AccountNameFromSid(keyValuePair2.Key.ToString()), keyValuePair2.Value); result = false; flag = true; } } if (flag) { detailStatus.AppendLine(stringBuilder.ToString()); } } } return(result); }
internal override void ApplyModification(ADUser modifiedObject, ActiveDirectoryAccessRule[] modifiedAces, IConfigDataProvider modifyingSession) { PermissionTaskHelper.SetMailboxAces(modifiedObject, modifyingSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskWarningLoggingDelegate(this.WriteWarning), new Task.ErrorLoggerDelegate(base.WriteError), PermissionTaskHelper.GetReadOnlySession(base.DomainController), ref this.storeSession, false, modifiedAces); }