protected override void InternalProcessRecord()
{
TaskLogger.LogEnter();
this.RemoveGroupByWKGuid(WellKnownGuid.ExSWkGuid);
this.RemoveGroupByWKGuid(WellKnownGuid.MaSWkGuid);
this.RemoveGroupByWKGuid(WellKnownGuid.EraWkGuid);
this.RemoveGroupByWKGuid(WellKnownGuid.EmaWkGuid);
this.RemoveGroupByWKGuid(WellKnownGuid.EpaWkGuid);
this.RemoveGroupByWKGuid(WellKnownGuid.E3iWkGuid);
this.RemoveGroupByWKGuid(WellKnownGuid.EwpWkGuid);
this.RemoveGroupByWKGuid(WellKnownGuid.EtsWkGuid);
this.RemoveGroupByWKGuid(WellKnownGuid.EahoWkGuid);
this.RemoveGroupByWKGuid(WellKnownGuid.EfomgWkGuid);
foreach (RoleGroupDefinition roleGroupDefinition in InitializeExchangeUniversalGroups.RoleGroupsToCreate())
{
if (!roleGroupDefinition.RoleGroupGuid.Equals(WellKnownGuid.EoaWkGuid))
{
this.RemoveGroupByWKGuid(roleGroupDefinition.RoleGroupGuid);
}
}
try
{
this.RemoveGroupByWKGuid(WellKnownGuid.EoaWkGuid);
}
catch (ADOperationException ex)
{
this.WriteWarning(Strings.NeedManuallyRemoveEOA(ex.Message));
}
TaskLogger.LogExit();
}
private void CreateAndValidateRoleGroups(ADOrganizationalUnit usgContainer, RoleGroupCollection roleGroups)
{
foreach (RoleGroupDefinition roleGroup in roleGroups)
{
this.CreateRoleGroup(usgContainer, roleGroup);
}
WindowsPrincipal windowsPrincipal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
string name = windowsPrincipal.Identity.Name;
string[] array = name.Split(new char[]
{
'\\'
}, 2);
ADRecipient adrecipient = (ADRecipient)this.recipientSession.FindByAccountName <ADRecipient>(array[0], array[1]);
if (adrecipient != null)
{
TaskLogger.Trace("Didn't find user {0})", new object[]
{
name
});
}
ADGroup adgroup = base.ResolveExchangeGroupGuid <ADGroup>(WellKnownGuid.EoaWkGuid);
if (adgroup == null)
{
base.WriteError(new ExOrgAdminSGroupNotFoundException(WellKnownGuid.EoaWkGuid), ErrorCategory.ObjectNotFound, null);
}
else if (adrecipient != null)
{
base.LogReadObject(adrecipient);
TaskLogger.Trace("User {0} is being set as member of RoleGroup {1}", new object[]
{
adrecipient.DistinguishedName,
adgroup.Name
});
InitializeExchangeUniversalGroups.AddMember(adrecipient, this.rootDomainRecipientSession, adgroup, new WriteVerboseDelegate(base.WriteVerbose));
}
foreach (RoleGroupDefinition roleGroupDefinition in roleGroups)
{
if (roleGroupDefinition.ADGroup == null)
{
roleGroupDefinition.ADGroup = base.ResolveExchangeGroupGuid <ADGroup>(roleGroupDefinition.RoleGroupGuid);
if (roleGroupDefinition.ADGroup == null)
{
base.WriteError(roleGroupDefinition.GuidNotFoundException, ErrorCategory.ObjectNotFound, null);
}
base.LogReadObject(roleGroupDefinition.ADGroup);
}
if (roleGroupDefinition.ADGroup != null && !roleGroupDefinition.ADGroup.ManagedBy.Contains(adgroup.Id))
{
roleGroupDefinition.ADGroup.ManagedBy.Add(adgroup.Id);
this.rootDomainRecipientSession.Save(roleGroupDefinition.ADGroup);
base.LogWriteObject(roleGroupDefinition.ADGroup);
}
}
}
internal static ADGroup CreateUniqueChildSG(IRecipientSession session, ADObjectId dom, ADObjectId containerId, string groupNameOrig, string groupDescription, string groupSam, GroupTypeFlags groupType, OrganizationId orgId)
{
string commonName = InitializeExchangeUniversalGroups.FindUniqueCN(session, containerId, groupNameOrig);
ADGroup adgroup = new ADGroup(session, commonName, containerId, groupType);
MultiValuedProperty <string> multiValuedProperty = new MultiValuedProperty <string>();
multiValuedProperty.Add(groupDescription);
adgroup[ADRecipientSchema.Description] = multiValuedProperty;
adgroup.SamAccountName = groupSam;
adgroup.OrganizationId = orgId;
InitializeExchangeUniversalGroups.SaveGroup(session, containerId, adgroup);
TaskLogger.Trace(Strings.InfoCreatedGroup(adgroup.DistinguishedName));
return(adgroup);
}
private ADGroup CreateOrMoveEWPGroup(ADGroup ewp, ADOrganizationalUnit usgContainer)
{
if (ewp == null)
{
return(this.CreateGroup(usgContainer, "Exchange Windows Permissions", 0, WellKnownGuid.EwpWkGuid, Strings.ExchangeWindowsPermissionsDescription));
}
if (!ewp.Id.IsDescendantOf(usgContainer.Id))
{
ewp.SetId(usgContainer.Id.GetChildId("CN", ewp.Id.Rdn.UnescapedName));
InitializeExchangeUniversalGroups.SaveGroup(this.rootDomainRecipientSession, usgContainer.Id, ewp);
TaskLogger.Trace(Strings.InfoMovedGroup(ewp.DistinguishedName, ewp.Id.Parent.ToDNString(), usgContainer.Id.ToDNString()));
}
return(ewp);
}
internal static string FindUniqueCN(IRecipientSession session, ADObjectId parentId, string cnOrig)
{
string suffix = "";
for (int i = 1; i < 100; i++)
{
string text = InitializeExchangeUniversalGroups.Concat(cnOrig, suffix, 64);
if (session.Read(parentId.GetChildId(text)) == null)
{
return(text);
}
suffix = i.ToString();
}
return(InitializeExchangeUniversalGroups.Concat(cnOrig, Guid.NewGuid().ToString("N"), 64));
}
internal static string FindUniqueSamAccountName(IRecipientSession session, ADObjectId dom, string samOrig)
{
string suffix = "";
for (int i = 1; i < 100; i++)
{
string text = InitializeExchangeUniversalGroups.Concat(samOrig, suffix, 256);
QueryFilter filter = new ComparisonFilter(ComparisonOperator.Equal, IADSecurityPrincipalSchema.SamAccountName, text);
ADRawEntry[] array = session.Find(dom, QueryScope.SubTree, filter, null, 1);
if (array.Length == 0)
{
return(text);
}
suffix = i.ToString();
}
return(InitializeExchangeUniversalGroups.Concat(samOrig, Guid.NewGuid().ToString("N"), 256));
}
internal static ADGroup CreateUniqueRoleGroup(IRecipientSession session, ADObjectId dom, ADObjectId containerId, string groupNameOrig, int groupId, string groupDescription, string groupSam, List <ADObjectId> manageBy, OrganizationId orgId)
{
string commonName = InitializeExchangeUniversalGroups.FindUniqueCN(session, containerId, groupNameOrig);
ADGroup adgroup = new ADGroup(session, commonName, containerId, GroupTypeFlags.Universal | GroupTypeFlags.SecurityEnabled);
adgroup.RecipientTypeDetails = RecipientTypeDetails.RoleGroup;
adgroup.SamAccountName = groupSam;
adgroup.OrganizationId = orgId;
adgroup[ADRecipientSchema.Description] = new MultiValuedProperty <string>(groupDescription);
adgroup[ADGroupSchema.RoleGroupTypeId] = groupId;
if (manageBy != null && manageBy.Count > 0)
{
adgroup.ManagedBy = new MultiValuedProperty <ADObjectId>(manageBy);
}
InitializeExchangeUniversalGroups.SaveGroup(session, containerId, adgroup);
TaskLogger.Trace(Strings.InfoCreatedGroup(adgroup.DistinguishedName));
return(adgroup);
}
private void FixExchangeTrustedSubsystemGroupMembership(ADGroup ets, ADGroup ewp, ADGroup exs, ADGroup ema, bool etsExisted, bool ewpExisted)
{
if (!ewpExisted && etsExisted)
{
ets.Members.Remove(exs.Id);
ADPagedReader <Server> adpagedReader = ((ITopologyConfigurationSession)this.configurationSession).FindAllServersWithVersionNumber(Server.E14MinVersion);
bool useGlobalCatalog = this.domainConfigurationSession.UseGlobalCatalog;
this.domainConfigurationSession.UseGlobalCatalog = true;
foreach (Server server in adpagedReader)
{
ADComputer adcomputer = ((ITopologyConfigurationSession)this.domainConfigurationSession).FindComputerByHostName(server.Fqdn);
if (adcomputer == null)
{
this.WriteWarning(Strings.ErrorCannotFindComputerObjectByServerFqdnNeedManualAdd(server.Fqdn));
}
else if (ets.Members.Contains(adcomputer.Id))
{
base.WriteVerbose(Strings.InfoAlreadyIsMemberOfGroup(adcomputer.DistinguishedName, ets.DistinguishedName));
}
else
{
ets.Members.Add(adcomputer.Id);
}
}
this.domainConfigurationSession.UseGlobalCatalog = useGlobalCatalog;
SetupTaskBase.Save(ets, this.rootDomainRecipientSession);
}
if (this.adSplitPermissionMode)
{
InitializeExchangeUniversalGroups.RemoveMember(ets, this.rootDomainRecipientSession, ewp, new WriteVerboseDelegate(base.WriteVerbose));
}
else
{
InitializeExchangeUniversalGroups.AddMember(ets, this.rootDomainRecipientSession, ewp, new WriteVerboseDelegate(base.WriteVerbose));
}
if (ema.Members.Contains(ets.Id))
{
ema.Members.Remove(ets.Id);
SetupTaskBase.Save(ema, this.rootDomainRecipientSession);
}
}
private void CreateRoleGroup(ADOrganizationalUnit usgContainer, RoleGroupDefinition roleGroup)
{
ADGroup adgroup = this.CreateGroup(usgContainer, roleGroup.Name, roleGroup.Id, roleGroup.RoleGroupGuid, roleGroup.Description, GroupTypeFlags.Universal | GroupTypeFlags.SecurityEnabled, true);
if (adgroup == null)
{
base.WriteError(roleGroup.GuidNotFoundException, ErrorCategory.ObjectNotFound, null);
}
base.LogReadObject(adgroup);
foreach (Guid wkg in roleGroup.E12USG)
{
ADGroup adgroup2 = base.ResolveExchangeGroupGuid <ADGroup>(wkg);
if (adgroup2 != null && adgroup2.RecipientType == RecipientType.Group)
{
base.LogReadObject(adgroup2);
TaskLogger.Trace("Adding old USG {0} as member of RG {1}", new object[]
{
adgroup2.Name,
adgroup.Name
});
InitializeExchangeUniversalGroups.AddMember(adgroup2, this.rootDomainRecipientSession, adgroup, new WriteVerboseDelegate(base.WriteVerbose));
}
}
}
private ADGroup CreateGroup(OrganizationId orgId, ADObjectId usgContainerId, string groupName, int groupId, Guid wkGuid, string groupDescription, GroupTypeFlags groupType, List <ADObjectId> manageBy)
{
ADGroup adgroup = null;
DNWithBinary dnwithBinary = DirectoryCommon.FindWellKnownObjectEntry(this.configurationUnit.OtherWellKnownObjects, wkGuid);
if (null != dnwithBinary)
{
ADObjectId adobjectId = new ADObjectId(dnwithBinary.DistinguishedName);
if (adobjectId.IsDeleted)
{
base.WriteError(new InvalidWKObjectException(dnwithBinary.ToString(), orgId.ConfigurationUnit.DistinguishedName), ErrorCategory.InvalidData, null);
}
ADRecipient adrecipient = this.orgDomainRecipientSession.Read(adobjectId);
if (adrecipient == null)
{
base.WriteError(new InvalidWKObjectException(dnwithBinary.ToString(), orgId.ConfigurationUnit.DistinguishedName), ErrorCategory.InvalidData, null);
}
base.LogReadObject(adrecipient);
if (adrecipient.RecipientType != RecipientType.Group)
{
base.WriteError(new InvalidWKObjectTargetException(wkGuid.ToString(), orgId.ConfigurationUnit.ToString(), adgroup.Id.DistinguishedName, groupType.ToString()), ErrorCategory.InvalidData, null);
}
adgroup = (adrecipient as ADGroup);
InitializeExchangeUniversalGroups.UpgradeRoleGroupLocalization(adgroup, groupId, groupDescription, this.orgDomainRecipientSession);
if ((adgroup.GroupType & groupType) != groupType)
{
base.WriteVerbose(Strings.InfoChangingGroupType(adgroup.Id.DistinguishedName, groupType.ToString()));
adgroup.GroupType = groupType;
adgroup.RecipientTypeDetails = RecipientTypeDetails.RoleGroup;
this.orgDomainRecipientSession.Save(adgroup);
base.LogWriteObject(adgroup);
}
else
{
base.WriteVerbose(Strings.InfoGroupAlreadyPresent(adgroup.Id.DistinguishedName));
}
return(adgroup);
}
ADGroup adgroup2 = null;
try
{
string groupSam = groupName + "{" + Guid.NewGuid().ToString("N") + "}";
adgroup2 = InitializeExchangeUniversalGroups.CreateUniqueRoleGroup(this.orgDomainRecipientSession, orgId.OrganizationalUnit.DomainId, usgContainerId, groupName, groupId, groupDescription, groupSam, manageBy, orgId);
dnwithBinary = this.CreateWKGuid(adgroup2.Id, wkGuid);
}
finally
{
if (adgroup2 == null && dnwithBinary != null)
{
this.configurationUnit.OtherWellKnownObjects.Remove(dnwithBinary);
this.configurationSession.Save(this.configurationUnit);
base.LogWriteObject(this.configurationUnit);
}
else if (adgroup2 != null && dnwithBinary == null)
{
this.orgDomainRecipientSession.Delete(adgroup2);
base.LogWriteObject(adgroup2);
adgroup2 = null;
}
}
return(adgroup2);
}
internal static ADGroup CreateUniqueRoleGroup(IRecipientSession session, ADObjectId dom, ADObjectId containerId, string groupNameOrig, int groupId, string groupDescription, OrganizationId orgId)
{
string groupSam = InitializeExchangeUniversalGroups.FindUniqueSamAccountName(session, dom, groupNameOrig);
return(InitializeExchangeUniversalGroups.CreateUniqueRoleGroup(session, dom, containerId, groupNameOrig, groupId, groupDescription, groupSam, null, orgId));
}
internal static ADGroup CreateUniqueChildUSG(IRecipientSession session, ADObjectId dom, ADObjectId containerId, string groupNameOrig, string groupDescription, OrganizationId orgId)
{
return(InitializeExchangeUniversalGroups.CreateUniqueChildSG(session, dom, containerId, groupNameOrig, groupDescription, GroupTypeFlags.Universal | GroupTypeFlags.SecurityEnabled, orgId));
}
private ADGroup CreateGroup(ADOrganizationalUnit usgContainer, string groupName, int groupId, Guid wkGuid, string groupDescription, GroupTypeFlags groupType, bool createAsRoleGroup)
{
ADRecipient adrecipient = base.ResolveExchangeGroupGuid <ADRecipient>(wkGuid);
DNWithBinary dnwithBinary = null;
if (adrecipient != null)
{
base.LogReadObject(adrecipient);
if (adrecipient.RecipientType != RecipientType.Group)
{
base.WriteError(new InvalidWKObjectTargetException(wkGuid.ToString(), "CN=Microsoft Exchange,CN=Services," + this.configurationSession.ConfigurationNamingContext.DistinguishedName, adrecipient.Id.DistinguishedName, groupType.ToString()), ErrorCategory.NotSpecified, null);
}
ADGroup adgroup = adrecipient as ADGroup;
base.LogReadObject(adgroup);
if ((adgroup.GroupType & groupType) != groupType)
{
base.WriteError(new InvalidWKObjectTargetException(wkGuid.ToString(), "CN=Microsoft Exchange,CN=Services," + this.configurationSession.ConfigurationNamingContext.DistinguishedName, adgroup.Id.DistinguishedName, groupType.ToString()), ErrorCategory.NotSpecified, null);
}
if (createAsRoleGroup && adgroup.RecipientTypeDetails != RecipientTypeDetails.RoleGroup)
{
base.WriteError(new InvalidWKObjectTargetException(wkGuid.ToString(), "CN=Microsoft Exchange,CN=Services," + this.configurationSession.ConfigurationNamingContext.DistinguishedName, adgroup.Id.DistinguishedName, RecipientTypeDetails.RoleGroup.ToString()), ErrorCategory.NotSpecified, null);
}
base.WriteVerbose(Strings.InfoGroupAlreadyPresent(adgroup.Id.DistinguishedName));
dnwithBinary = DirectoryCommon.FindWellKnownObjectEntry(this.exchangeConfigContainer.OtherWellKnownObjects, wkGuid);
if (dnwithBinary == null)
{
dnwithBinary = this.CreateWKGuid(this.exchangeConfigContainer, adgroup.Id, wkGuid);
}
if (createAsRoleGroup)
{
InitializeExchangeUniversalGroups.UpgradeRoleGroupLocalization(adgroup, groupId, groupDescription, this.rootDomainRecipientSession);
}
return(adgroup);
}
ADContainer adcontainer = this.exchangeConfigContainer;
dnwithBinary = DirectoryCommon.FindWellKnownObjectEntry(adcontainer.OtherWellKnownObjects, wkGuid);
if (dnwithBinary == null)
{
adcontainer = this.configContainer;
dnwithBinary = DirectoryCommon.FindWellKnownObjectEntry(adcontainer.OtherWellKnownObjects, wkGuid);
}
if (dnwithBinary != null)
{
base.WriteError(new InvalidWKObjectException(dnwithBinary.ToString(), adcontainer.DistinguishedName), ErrorCategory.NotSpecified, null);
}
ADGroup adgroup2 = null;
try
{
if (createAsRoleGroup)
{
adgroup2 = InitializeExchangeUniversalGroups.CreateUniqueRoleGroup(this.rootDomainRecipientSession, this.rootDomain.Id, usgContainer.Id, groupName, groupId, groupDescription, OrganizationId.ForestWideOrgId);
}
else
{
adgroup2 = InitializeExchangeUniversalGroups.CreateUniqueChildSG(this.rootDomainRecipientSession, this.rootDomain.Id, usgContainer.Id, groupName, groupDescription, groupType, OrganizationId.ForestWideOrgId);
}
dnwithBinary = this.CreateWKGuid(this.exchangeConfigContainer, adgroup2.Id, wkGuid);
}
finally
{
if (adgroup2 == null && dnwithBinary != null)
{
this.exchangeConfigContainer.OtherWellKnownObjects.Remove(dnwithBinary);
this.domainConfigurationSession.Save(this.exchangeConfigContainer);
base.LogWriteObject(this.exchangeConfigContainer);
}
else if (adgroup2 != null && dnwithBinary == null)
{
this.rootDomainRecipientSession.Delete(adgroup2);
base.LogWriteObject(adgroup2);
adgroup2 = null;
}
}
return(adgroup2);
}
protected override void InternalProcessRecord()
{
TaskLogger.LogEnter();
RoleGroupCollection roleGroupCollection = InitializeExchangeUniversalGroups.RoleGroupsToCreate();
bool flag = false;
foreach (RoleGroupDefinition roleGroupDefinition in roleGroupCollection)
{
roleGroupDefinition.ADGroup = base.ResolveExchangeGroupGuid <ADGroup>(roleGroupDefinition.RoleGroupGuid);
if (roleGroupDefinition.ADGroup == null)
{
flag = true;
}
}
ADGroup adgroup = base.ResolveExchangeGroupGuid <ADGroup>(WellKnownGuid.ExSWkGuid);
ADGroup adgroup2 = base.ResolveExchangeGroupGuid <ADGroup>(WellKnownGuid.E3iWkGuid);
ADGroup adgroup3 = base.ResolveExchangeGroupGuid <ADGroup>(WellKnownGuid.EtsWkGuid);
ADGroup adgroup4 = base.ResolveExchangeGroupGuid <ADGroup>(WellKnownGuid.EwpWkGuid);
this.adSplitPermissionMode = false;
if (this.ActiveDirectorySplitPermissions != null)
{
if (this.ActiveDirectorySplitPermissions.Value)
{
this.adSplitPermissionMode = true;
}
else
{
this.adSplitPermissionMode = false;
}
}
else if (adgroup3 == null)
{
this.adSplitPermissionMode = false;
}
else if (adgroup4 == null)
{
this.adSplitPermissionMode = false;
}
else if (!adgroup4.Members.Contains(adgroup3.Id))
{
this.adSplitPermissionMode = true;
}
else
{
this.adSplitPermissionMode = false;
}
ADOrganizationalUnit adorganizationalUnit = this.FindExchangeUSGContainer("Microsoft Exchange Protected Groups", this.domainConfigurationSession, this.rootDomain.Id);
if (this.adSplitPermissionMode && adorganizationalUnit == null)
{
adorganizationalUnit = this.CreateExchangeUSGContainer("Microsoft Exchange Protected Groups", this.domainConfigurationSession, this.rootDomain.Id);
if (adorganizationalUnit == null)
{
base.WriteError(new USGContainerNotFoundException("Microsoft Exchange Protected Groups", this.rootDomain.DistinguishedName), ErrorCategory.ObjectNotFound, null);
}
}
ADOrganizationalUnit adorganizationalUnit2 = null;
if (flag || adgroup == null || adgroup2 == null || adgroup3 == null || (!this.adSplitPermissionMode && adgroup4 == null))
{
adorganizationalUnit2 = this.CreateExchangeUSGContainer("Microsoft Exchange Security Groups", this.domainConfigurationSession, this.rootDomain.Id);
if (adorganizationalUnit2 == null)
{
base.WriteError(new USGContainerNotFoundException("Microsoft Exchange Security Groups", this.rootDomain.DistinguishedName), ErrorCategory.ObjectNotFound, null);
}
}
else
{
adorganizationalUnit2 = this.FindExchangeUSGContainer("Microsoft Exchange Security Groups", this.domainConfigurationSession, this.rootDomain.Id);
}
this.CreateAndValidateRoleGroups(adorganizationalUnit2, roleGroupCollection);
this.CreateGroup(adorganizationalUnit2, "Exchange Servers", 0, WellKnownGuid.ExSWkGuid, Strings.ExchangeServersUSGDescription);
this.CreateGroup(adorganizationalUnit2, "Exchange Trusted Subsystem", 0, WellKnownGuid.EtsWkGuid, Strings.ExchangeTrustedSubsystemDescription);
this.CreateGroup(adorganizationalUnit2, "Managed Availability Servers", 0, WellKnownGuid.MaSWkGuid, Strings.ManagedAvailabilityServersUSGDescription);
if (this.adSplitPermissionMode)
{
this.CreateOrMoveEWPGroup(adgroup4, adorganizationalUnit);
}
else
{
this.CreateOrMoveEWPGroup(adgroup4, adorganizationalUnit2);
if (adorganizationalUnit != null)
{
this.domainConfigurationSession.Delete(adorganizationalUnit);
base.LogWriteObject(adorganizationalUnit);
}
}
this.CreateGroup(adorganizationalUnit2, "ExchangeLegacyInterop", 0, WellKnownGuid.E3iWkGuid, Strings.ExchangeInteropUSGDescription);
if (adgroup == null)
{
adgroup = base.ResolveExchangeGroupGuid <ADGroup>(WellKnownGuid.ExSWkGuid);
if (adgroup == null)
{
base.WriteError(new ExSGroupNotFoundException(WellKnownGuid.ExSWkGuid), ErrorCategory.InvalidData, null);
}
}
base.LogReadObject(adgroup);
ADGroup adgroup5 = base.ResolveExchangeGroupGuid <ADGroup>(WellKnownGuid.MaSWkGuid);
if (adgroup5 == null)
{
base.WriteError(new MaSGroupNotFoundException(WellKnownGuid.MaSWkGuid), ErrorCategory.InvalidData, null);
}
base.LogReadObject(adgroup5);
InitializeExchangeUniversalGroups.AddMember(adgroup, this.rootDomainRecipientSession, adgroup5, new WriteVerboseDelegate(base.WriteVerbose));
if (adgroup2 == null)
{
adgroup2 = base.ResolveExchangeGroupGuid <ADGroup>(WellKnownGuid.E3iWkGuid);
if (adgroup2 == null)
{
base.WriteError(new E2k3InteropGroupNotFoundException(WellKnownGuid.E3iWkGuid), ErrorCategory.InvalidData, null);
}
}
base.LogReadObject(adgroup2);
bool etsExisted = adgroup3 != null;
if (adgroup3 == null)
{
adgroup3 = base.ResolveExchangeGroupGuid <ADGroup>(WellKnownGuid.EtsWkGuid);
if (adgroup3 == null)
{
base.WriteError(new ExTrustedSubsystemGroupNotFoundException(WellKnownGuid.EtsWkGuid), ErrorCategory.InvalidData, null);
}
}
base.LogReadObject(adgroup3);
bool ewpExisted = adgroup4 != null;
if (adgroup4 == null)
{
adgroup4 = base.ResolveExchangeGroupGuid <ADGroup>(WellKnownGuid.EwpWkGuid);
if (adgroup4 == null)
{
base.WriteError(new ExWindowsPermissionsGroupNotFoundException(WellKnownGuid.EwpWkGuid), ErrorCategory.InvalidData, null);
}
}
base.LogReadObject(adgroup4);
this.GrantWriteMembershipPermission(adgroup3.Sid, adorganizationalUnit2);
this.FixExchangeTrustedSubsystemGroupMembership(adgroup3, adgroup4, adgroup, roleGroupCollection.GetADGroupByGuid(WellKnownGuid.EmaWkGuid), etsExisted, ewpExisted);
WindowsPrincipal windowsPrincipal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
string name = windowsPrincipal.Identity.Name;
string[] array = name.Split(new char[]
{
'\\'
}, 2);
ADCrossRef[] domainPartitions = ADForest.GetLocalForest(base.DomainController).GetDomainPartitions();
if (domainPartitions == null || domainPartitions.Length == 0)
{
base.WriteError(new DomainsNotFoundException(), ErrorCategory.InvalidData, null);
}
List <SecurityIdentifier> list = new List <SecurityIdentifier>();
foreach (ADCrossRef adcrossRef in domainPartitions)
{
Exception ex = null;
try
{
this.domainConfigurationSession.DomainController = null;
ADDomain addomain = this.domainConfigurationSession.Read <ADDomain>(adcrossRef.NCName);
base.LogReadObject(addomain);
SecurityIdentifier item = new SecurityIdentifier(WellKnownSidType.AccountDomainAdminsSid, addomain.Sid);
list.Add(item);
}
catch (ADExternalException ex2)
{
ex = ex2;
}
catch (ADTransientException ex3)
{
ex = ex3;
}
if (ex != null)
{
this.WriteWarning(Strings.DomainNotReachableWarning(adcrossRef.DnsRoot[0]));
}
}
this.domainConfigurationSession.DomainController = null;
ADGroup adgroupByGuid = roleGroupCollection.GetADGroupByGuid(WellKnownGuid.EoaWkGuid);
ADGroup adgroupByGuid2 = roleGroupCollection.GetADGroupByGuid(WellKnownGuid.EpaWkGuid);
ActiveDirectoryAccessRule activeDirectoryAccessRule = new ActiveDirectoryAccessRule(adgroupByGuid.Sid, ActiveDirectoryRights.GenericAll, AccessControlType.Allow, ActiveDirectorySecurityInheritance.All);
List <ActiveDirectoryAccessRule> list2 = new List <ActiveDirectoryAccessRule>();
list2.Add(activeDirectoryAccessRule);
Guid schemaPropertyGuid = DirectoryCommon.GetSchemaPropertyGuid(this.configurationSession, "member");
foreach (SecurityIdentifier identity in list)
{
list2.Add(new ActiveDirectoryAccessRule(identity, ActiveDirectoryRights.ReadProperty | ActiveDirectoryRights.WriteProperty, AccessControlType.Allow, schemaPropertyGuid, ActiveDirectorySecurityInheritance.All));
}
DirectoryCommon.SetAces(new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), null, adgroup, list2.ToArray());
try
{
DirectoryCommon.SetAces(new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), null, adgroupByGuid, new ActiveDirectoryAccessRule[]
{
activeDirectoryAccessRule
});
}
catch (ADOperationException ex4)
{
this.WriteWarning(Strings.UnableToGrantFullControlOnEOA(adgroupByGuid.Id.ToString(), adgroupByGuid.Id.ToString(), ex4.Message));
}
if (adgroupByGuid2 != null)
{
DirectoryCommon.SetAces(new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), null, adgroupByGuid2, new ActiveDirectoryAccessRule[]
{
activeDirectoryAccessRule
});
}
if (adorganizationalUnit2 != null)
{
base.WriteVerbose(Strings.InfoSetAces(adorganizationalUnit2.Id.DistinguishedName));
DirectoryCommon.SetAces(new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), null, adorganizationalUnit2, new ActiveDirectoryAccessRule[]
{
activeDirectoryAccessRule
});
}
DirectoryCommon.SetAces(new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), null, adgroup2, new ActiveDirectoryAccessRule[]
{
activeDirectoryAccessRule
});
bool useGlobalCatalog = this.recipientSession.UseGlobalCatalog;
this.recipientSession.UseGlobalCatalog = true;
try
{
ADRecipient adrecipient = (ADRecipient)this.recipientSession.FindByAccountName <ADRecipient>(array[0], array[1]);
if (adrecipient != null)
{
TaskLogger.Trace("Adding user {0} ({1}), to group {2}.", new object[]
{
name,
adrecipient.DistinguishedName,
adgroupByGuid.DistinguishedName
});
InitializeExchangeUniversalGroups.AddMember(adrecipient, this.rootDomainRecipientSession, adgroupByGuid, new WriteVerboseDelegate(base.WriteVerbose));
}
else
{
TaskLogger.Trace("Didn't find user {0})", new object[]
{
name
});
}
}
catch (ADOperationException ex5)
{
base.WriteVerbose(new LocalizedString(ex5.Message));
}
this.recipientSession.UseGlobalCatalog = useGlobalCatalog;
TaskLogger.LogExit();
}
