private void CreateRAPRoleAssignments(RoleAssignmentPolicy policy, IList <ExchangeRole> roles, string mailboxPlanIndex)
{
foreach (ExchangeRole exchangeRole in roles)
{
if (string.IsNullOrEmpty(mailboxPlanIndex) || mailboxPlanIndex.Equals(exchangeRole.MailboxPlanIndex, StringComparison.OrdinalIgnoreCase))
{
RoleHelper.CreateRoleAssignment(exchangeRole, policy.Id, policy.OrganizationId, RoleAssigneeType.RoleAssignmentPolicy, policy.OriginatingServer, RoleAssignmentDelegationType.Regular, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, this.configurationSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError));
}
}
}
private void CreateRoleAssignment(ExchangeRole role, ADRecipient recipient, RoleAssignmentDelegationType delegationType)
{
if (this.adSplitPermissionMode && delegationType == RoleAssignmentDelegationType.Regular && InstallCannedRbacRoleAssignments.invalidRoleTypesInADSplitPermissionMode.Contains(role.RoleType))
{
base.WriteVerbose(Strings.VerboseSkipCreatingRoleAssignment(recipient.Id.ToString(), role.Id.ToString(), delegationType.ToString()));
return;
}
RoleAssigneeType roleAssigneeType = ExchangeRoleAssignment.RoleAssigneeTypeFromADRecipient(recipient);
RoleHelper.CreateRoleAssignment(role, recipient.Id, recipient.OrganizationId, roleAssigneeType, recipient.OriginatingServer, delegationType, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, this.configurationSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError));
}
protected override void InternalProcessRecord()
{
TaskLogger.LogEnter();
if (!this.Force && SharedConfiguration.IsSharedConfiguration(this.DataObject.OrganizationId) && !base.ShouldContinue(Strings.ConfirmSharedConfiguration(this.DataObject.OrganizationId.OrganizationalUnit.Name)))
{
TaskLogger.LogExit();
return;
}
base.InternalProcessRecord();
if (this.UnScopedTopLevel)
{
try
{
if (base.ExecutingUserOrganizationId.Equals(this.DataObject.OrganizationId))
{
ADObjectId id;
RoleAssigneeType roleAssigneeType;
if (base.TryGetExecutingUserId(out id))
{
roleAssigneeType = RoleAssigneeType.User;
}
else
{
roleAssigneeType = RoleAssigneeType.RoleGroup;
bool useGlobalCatalog = base.TenantGlobalCatalogSession.UseGlobalCatalog;
bool useConfigNC = base.TenantGlobalCatalogSession.UseConfigNC;
bool skipRangedAttributes = base.TenantGlobalCatalogSession.SkipRangedAttributes;
ADGroup adgroup;
try
{
base.TenantGlobalCatalogSession.UseGlobalCatalog = true;
base.TenantGlobalCatalogSession.UseConfigNC = false;
base.TenantGlobalCatalogSession.SkipRangedAttributes = true;
adgroup = base.TenantGlobalCatalogSession.ResolveWellKnownGuid <ADGroup>(RoleGroup.OrganizationManagement_InitInfo.WellKnownGuid, OrganizationId.ForestWideOrgId.Equals(base.CurrentOrganizationId) ? this.ConfigurationSession.ConfigurationNamingContext : base.TenantGlobalCatalogSession.SessionSettings.CurrentOrganizationId.ConfigurationUnit);
}
finally
{
base.TenantGlobalCatalogSession.UseGlobalCatalog = useGlobalCatalog;
base.TenantGlobalCatalogSession.UseConfigNC = useConfigNC;
base.TenantGlobalCatalogSession.SkipRangedAttributes = skipRangedAttributes;
}
if (adgroup != null)
{
id = adgroup.Id;
}
else
{
base.ThrowTerminatingError(new ManagementObjectNotFoundException(DirectoryStrings.ExceptionADTopologyCannotFindWellKnownExchangeGroup), (ErrorCategory)1001, RoleGroup.OrganizationManagement_InitInfo.WellKnownGuid);
}
}
RoleHelper.CreateRoleAssignment(this.DataObject, id, base.ExecutingUserOrganizationId, roleAssigneeType, this.DataObject.OriginatingServer, RoleAssignmentDelegationType.DelegatingOrgWide, base.CurrentOrganizationId, base.ExecutingUserOrganizationId, base.DataSession as IConfigurationSession, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.TaskErrorLoggingDelegate(base.WriteError));
}
}
catch (Exception)
{
this.WriteWarning(Strings.WarningFailedToCreateAssignmentForNewRole(this.DataObject.Id.ToString()));
base.DataSession.Delete(this.DataObject);
throw;
}
if (base.ExchangeRunspaceConfig != null)
{
base.ExchangeRunspaceConfig.LoadRoleCmdletInfo();
}
}
TaskLogger.LogExit();
}
