internal static PrincipalPermissionList GetDefaultPermission(bool isHubTransportServer) { PrincipalPermissionList principalPermissionList = new PrincipalPermissionList(5); principalPermissionList.Add(new SecurityIdentifier(WellKnownSidType.AnonymousSid, null), Permission.SendRoutingHeaders); principalPermissionList.Add(WellKnownSids.PartnerServers, Permission.SendRoutingHeaders); principalPermissionList.Add(WellKnownSids.LegacyExchangeServers, Permission.SMTPSendEXCH50 | Permission.SendRoutingHeaders); principalPermissionList.Add(WellKnownSids.HubTransportServers, Permission.SMTPSendEXCH50 | Permission.SendRoutingHeaders | Permission.SendForestHeaders | Permission.SendOrganizationHeaders | Permission.SMTPSendXShadow); principalPermissionList.Add(WellKnownSids.EdgeTransportServers, Permission.SMTPSendEXCH50 | Permission.SendRoutingHeaders | Permission.SendForestHeaders | Permission.SendOrganizationHeaders | Permission.SMTPSendXShadow); principalPermissionList.Add(WellKnownSids.ExternallySecuredServers, Permission.SMTPSendEXCH50 | Permission.SendRoutingHeaders); if (isHubTransportServer) { IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.FullyConsistent, ADSessionSettings.FromRootOrgScopeSet(), 1215, "GetDefaultPermission", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Transport\\NewSendConnector.cs"); IConfigurationSession configurationSession = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 1219, "GetDefaultPermission", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Transport\\NewSendConnector.cs"); configurationSession.UseConfigNC = false; principalPermissionList.Add(NewEdgeSubscription.GetSidForExchangeKnownGuid(tenantOrRootOrgRecipientSession, WellKnownGuid.ExSWkGuid, configurationSession.ConfigurationNamingContext.DistinguishedName), Permission.SMTPSendEXCH50 | Permission.SendRoutingHeaders | Permission.SendForestHeaders | Permission.SendOrganizationHeaders | Permission.SMTPSendXShadow); } return(principalPermissionList); }
private RawSecurityDescriptor ConfigureDefaultSecurityDescriptor(RawSecurityDescriptor originalSecurityDescriptor) { PrincipalPermissionList defaultPermission = NewSendConnector.GetDefaultPermission(this.isHubTransportServer); return(defaultPermission.AddExtendedRightsToSecurityDescriptor(originalSecurityDescriptor)); }