public DataClassificationConfig GetDataClassificationConfig(OrganizationId organizationId, IConfigurationSession currentDataSession) { if (object.ReferenceEquals(null, organizationId)) { throw new ArgumentNullException("organizationId"); } if (currentDataSession == null) { throw new ArgumentNullException("currentDataSession"); } if (!VariantConfiguration.InvariantNoFlightingSnapshot.Global.MultiTenancy.Enabled || OrganizationId.ForestWideOrgId.Equals(organizationId)) { return(null); } if (!organizationId.Equals(currentDataSession.SessionSettings.CurrentOrganizationId)) { throw new ArgumentException(new ArgumentException().Message, "currentDataSession"); } SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(organizationId); IConfigurationSession configurationSession; if (sharedConfiguration != null) { configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(true, ConsistencyMode.PartiallyConsistent, sharedConfiguration.GetSharedConfigurationSessionSettings(), 1186, "GetDataClassificationConfig", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\transport\\ClassificationDefinitions\\ClassificationDefinitionUtils.cs"); } else { configurationSession = currentDataSession; } DataClassificationConfig[] array = configurationSession.Find <DataClassificationConfig>(null, QueryScope.SubTree, null, null, 1); ExAssert.RetailAssert(array != null && 1 == array.Length, "There should be one and only one DataClassificationConfig applicable to a particular tenant."); return(array[0]); }
private void FillTaskPopulatedFields(ADOrganizationConfig organization) { RbacContainer rbacContainer = null; if (OrganizationId.ForestWideOrgId.Equals(organization.OrganizationId)) { rbacContainer = this.ConfigurationSession.GetRbacContainer(); } else { ExchangeConfigurationUnit exchangeConfigurationUnit = this.ConfigurationSession.GetOrgContainer() as ExchangeConfigurationUnit; if (exchangeConfigurationUnit != null) { organization.ServicePlan = exchangeConfigurationUnit.ServicePlan; organization.TargetServicePlan = exchangeConfigurationUnit.TargetServicePlan; if (exchangeConfigurationUnit.IsStaticConfigurationShared) { SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(organization.OrganizationId); rbacContainer = sharedConfiguration.GetRbacContainer(); } else { rbacContainer = this.ConfigurationSession.GetRbacContainer(); } } } if (rbacContainer != null) { organization.RBACConfigurationVersion = rbacContainer.ExchangeVersion; } }
internal static RoleGroup PopulateRoleAssignmentsAndConvert(ADGroup group, IConfigurationSession configurationSession) { Result <ExchangeRoleAssignment>[] roleAssignmentResults = null; if (RoleGroup.ContainsRoleAssignments(group)) { return(new RoleGroup(group, roleAssignmentResults)); } SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(group.OrganizationId); RoleGroup roleGroup; if (sharedConfiguration != null) { if (group.RoleGroupType == RoleGroupType.PartnerLinked) { roleGroup = new RoleGroup(group, null); } else { ADObjectId sharedConfiguration2 = null; ADObjectId[] sharedRoleGroupIds; if (group.IsModified(ADObjectSchema.Name)) { sharedRoleGroupIds = sharedConfiguration.GetSharedRoleGroupIds(new ADObjectId[] { group.OriginalId }); } else { sharedRoleGroupIds = sharedConfiguration.GetSharedRoleGroupIds(new ADObjectId[] { group.Id }); } if (sharedRoleGroupIds != null && sharedRoleGroupIds.Length != 0) { IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.PartiallyConsistent, sharedConfiguration.GetSharedConfigurationSessionSettings(), 171, "PopulateRoleAssignmentsAndConvert", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleGroup\\RoleGroupCommon.cs"); roleAssignmentResults = tenantOrTopologyConfigurationSession.FindRoleAssignmentsByUserIds(new ADObjectId[] { sharedRoleGroupIds[0] }, false); sharedConfiguration2 = sharedConfiguration.SharedConfigurationCU.Id; } roleGroup = new RoleGroup(group, roleAssignmentResults); roleGroup.SharedConfiguration = sharedConfiguration2; } } else { configurationSession.SessionSettings.IsSharedConfigChecked = true; roleAssignmentResults = configurationSession.FindRoleAssignmentsByUserIds(new ADObjectId[] { group.Id }, false); roleGroup = new RoleGroup(group, roleAssignmentResults); } return(roleGroup); }
protected override void InternalBeginProcessing() { TaskLogger.LogEnter(); base.InternalBeginProcessing(); if (this.SharedTenantConfigurationMode == SharedTenantConfigurationMode.Static || (this.SharedTenantConfigurationMode == SharedTenantConfigurationMode.Dehydrateable && SharedConfiguration.IsDehydratedConfiguration(base.CurrentOrganizationId))) { this.sharedConfig = SharedConfiguration.GetSharedConfiguration(base.CurrentOrganizationId); } TaskLogger.LogExit(); }
public void ValidateIsSafeToRemoveRoleGroupMember(ADGroup group, List <ADObjectId> membersToRemove) { if (group == null || membersToRemove == null) { return; } this.InitializeContextVariables(); this.excludedFromEmptinessValidation.AddRange(membersToRemove); this.excludedFromAssignmentSearch.Add(group.Id); if (!this.IsGroupEmpty(group)) { return; } this.excludedFromEmptinessValidation.Add(group.Id); string membersToRemove2 = RoleGroupCommon.NamesFromObjects(membersToRemove); bool flag = RoleGroupCommon.IsPrecannedRoleGroup(group, this.configurationSession, new Guid[] { RoleGroup.OrganizationManagement_InitInfo.WellKnownGuid }); if (flag) { this.writeError(new TaskInvalidOperationException(Strings.ErrorCannedRoleGroupCannotBeEmpty(group.Name, membersToRemove2)), ExchangeErrorCategory.Client, null); } SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(group.OrganizationId); if (sharedConfiguration != null) { return; } Result <ExchangeRoleAssignment>[] directRoleAssignmentsForGroup = this.GetDirectRoleAssignmentsForGroup(group); if (directRoleAssignmentsForGroup != null) { foreach (Result <ExchangeRoleAssignment> result in directRoleAssignmentsForGroup) { if (!this.IsSafeToRemoveDisableAssignmentFromGroup(result.Data)) { this.writeError(new TaskInvalidOperationException(Strings.ErrorGroupCannotBeEmptyRoleAssignmentConstraint(group.Name, membersToRemove2, result.Data.Name, result.Data.Role.Name)), ExchangeErrorCategory.Client, null); } } } ExchangeRoleAssignment exchangeRoleAssignment; if (!this.HierarchicalCheckForGroupEmptiness(group, out exchangeRoleAssignment)) { this.writeError(new TaskInvalidOperationException(Strings.ErrorGroupCannotBeEmptyRoleAssignmentConstraint(group.Name, membersToRemove2, exchangeRoleAssignment.Name, exchangeRoleAssignment.Role.Name)), ExchangeErrorCategory.Client, null); } ADGroup adgroup = null; if (!this.HierarchicalCheckForCannedRoleGroups(group, out adgroup)) { this.writeError(new TaskInvalidOperationException(Strings.ErrorCannedRoleGroupCannotBeEmpty(adgroup.Name, membersToRemove2)), ExchangeErrorCategory.Client, null); } }
// Token: 0x06000E61 RID: 3681 RVA: 0x000568D8 File Offset: 0x00054AD8 private static SharingPolicyCache GetDehydratedPolicyFromCacheOrAD(OrganizationId orgId, ADObjectId policyId) { SharingPolicyCache sharingPolicyCache; if (policyId != SharingPolicyCache.DynamicDefaultPolicy) { lock (SharingPolicyCache.cacheSyncLock) { if (SharingPolicyCache.dehydratedDefaultCache.TryGetValue(policyId.ObjectGuid, out sharingPolicyCache)) { SharingPolicyCache.Tracer.TraceDebug <ADObjectId>(0L, "Found Sharing Policy {0} in dehydrated cache.", policyId); return(sharingPolicyCache); } } } SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(orgId); IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, sharedConfiguration.GetSharedConfigurationSessionSettings(), 282, "GetDehydratedPolicyFromCacheOrAD", "f:\\15.00.1497\\sources\\dev\\MailboxAssistants\\src\\assistants\\SharingPolicy\\SharingPolicyCache.cs"); tenantOrTopologyConfigurationSession.SessionSettings.IsSharedConfigChecked = true; bool flag2 = policyId == SharingPolicyCache.DynamicDefaultPolicy; if (flag2) { SharingPolicyCache.Tracer.TraceDebug <OrganizationId>(0L, "Find Default Policy Id for Org {0} ", orgId); policyId = SharingPolicyCache.GetDefaultSharingPolicyId(tenantOrTopologyConfigurationSession); if (policyId == null) { return(null); } lock (SharingPolicyCache.cacheSyncLock) { if (SharingPolicyCache.dehydratedDefaultCache.TryGetValue(policyId.ObjectGuid, out sharingPolicyCache)) { SharingPolicyCache.Tracer.TraceDebug <ADObjectId>(0L, "Found Sharing Policy {0} in dehydrated cache.", policyId); return(sharingPolicyCache); } } } SharingPolicy sharingPolicy = tenantOrTopologyConfigurationSession.Read <SharingPolicy>(policyId); if (sharingPolicy == null) { SharingPolicyCache.Tracer.TraceError <ADObjectId, bool>(0L, "Unable to find SharingPolicy {0} in the AD. PolicyId is default:{1}", policyId, flag2); return(null); } sharingPolicyCache = new SharingPolicyCache(sharingPolicy, true); lock (SharingPolicyCache.cacheSyncLock) { SharingPolicyCache.dehydratedDefaultCache[policyId.ObjectGuid] = sharingPolicyCache; } return(sharingPolicyCache); }
protected override void InternalValidate() { TaskLogger.LogEnter(); base.InternalValidate(); if (base.Fields.IsModified(ADRecipientSchema.RoleAssignmentPolicy) && (MailboxPolicyIdParameter)base.Fields[ADRecipientSchema.RoleAssignmentPolicy] == null && !OrganizationId.ForestWideOrgId.Equals(this.DataObject.OrganizationId)) { base.WriteError(new TaskInvalidOperationException(Strings.ResettingPolicyIsNotSupported("RoleAssignmentPolicy")), ExchangeErrorCategory.Client, this.Identity); } SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(base.CurrentOrganizationId); if (sharedConfiguration != null) { this.DataObject.SharedConfiguration = sharedConfiguration.SharedConfigId.ConfigurationUnit; } if (this.DataObject.IsResource) { this.CheckResourceProperties(); } else if (this.DataObject.RecipientTypeDetails == RecipientTypeDetails.DiscoveryMailbox) { if (base.Fields.IsModified(ADRecipientSchema.AcceptMessagesOnlyFrom) || base.Fields.IsModified(ADRecipientSchema.AcceptMessagesOnlyFromSendersOrMembers)) { base.WriteError(new TaskInvalidOperationException(Strings.ErrorCannotChangeAcceptMessagesFrom), ExchangeErrorCategory.Client, this.DataObject); } MailboxTaskHelper.ValidateMaximumDiscoveryMailboxQuota(this.DataObject, this.ConfigurationSession, base.CurrentOrganizationId, new Task.ErrorLoggerDelegate(base.WriteError)); } else if (this.PublicFolder && base.UserSpecifiedParameters.Contains(MailEnabledRecipientSchema.HiddenFromAddressListsEnabled.Name)) { base.WriteError(new TaskInvalidOperationException(Strings.ErrorCannotChangeHiddenFromAddressListsEnabled), ExchangeErrorCategory.Client, this.DataObject); } if (this.RetentionPolicy != null && this.DataObject.RecipientTypeDetails == RecipientTypeDetails.TeamMailbox) { base.WriteError(new RecipientTaskException(Strings.ErrorNoRetentionPolicyForTeamMailbox(this.DataObject.Name)), ExchangeErrorCategory.Client, this.DataObject); } if (this.AuditLog) { Mailbox mailbox = (Mailbox)this.GetDynamicParameters(); foreach (object obj in SetMailboxBase<MailboxIdParameter, Mailbox>.InvalidAuditLogParameters) { ProviderPropertyDefinition providerPropertyDefinition = obj as ProviderPropertyDefinition; if (base.Fields.IsModified(obj) || (providerPropertyDefinition != null && mailbox.IsModified(providerPropertyDefinition))) { base.WriteError(new TaskArgumentException(Strings.ErrorInvalidParameterForAuditLog((providerPropertyDefinition == null) ? obj.ToString() : providerPropertyDefinition.Name, "AuditLog")), ExchangeErrorCategory.Client, this.Identity); } } } else if (this.DataObject.RecipientTypeDetails == RecipientTypeDetails.AuditLogMailbox) { base.WriteError(new RecipientTaskException(Strings.RecipientNotFoundException(this.DataObject.Name)), ExchangeErrorCategory.Client, this.DataObject); } base.VerifyIsWithinScopes((IRecipientSession)base.DataSession, this.DataObject, true, new DataAccessTask<ADUser>.ADObjectOutOfScopeString(Strings.ErrorCannotChangeMailboxOutOfWriteScope)); TaskLogger.LogExit(); }
private static ThrottlingPolicy ReadOrganizationThrottlingPolicyFromAD(OrganizationId orgId) { SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(orgId); if (sharedConfiguration != null) { orgId = sharedConfiguration.SharedConfigId; } ADSessionSettings sessionSettings = ADSessionSettings.FromAllTenantsOrRootOrgAutoDetect(orgId); IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(true, ConsistencyMode.PartiallyConsistent, sessionSettings, 224, "ReadOrganizationThrottlingPolicyFromAD", "f:\\15.00.1497\\sources\\dev\\data\\src\\directory\\throttling\\EffectiveThrottlingPolicy.cs"); tenantOrTopologyConfigurationSession.SessionSettings.IsSharedConfigChecked = true; return(tenantOrTopologyConfigurationSession.GetOrganizationThrottlingPolicy(orgId)); }
public static SharingPolicy ReadSharingPolicy(Guid mailboxGuid, bool isArchive, IRecipientSession recipientSession) { ADRecipient adrecipient = DirectoryHelper.ReadADRecipient(mailboxGuid, isArchive, recipientSession); if (adrecipient == null) { throw new ObjectNotFoundException(ServerStrings.ADUserNotFound); } ADUser aduser = adrecipient as ADUser; if (aduser == null) { ExTraceGlobals.StorageTracer.TraceError <ADRecipient>((long)mailboxGuid.GetHashCode(), "ExchangePrincipal::ReadSharingPolicy. This is not an ADUser so policy doesn't apply. Recipient = {0}.", adrecipient); return(null); } ADObjectId adobjectId = aduser.SharingPolicy; ADSessionSettings adsessionSettings; if (SharedConfiguration.IsDehydratedConfiguration(aduser.OrganizationId)) { SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(aduser.OrganizationId); adsessionSettings = sharedConfiguration.GetSharedConfigurationSessionSettings(); } else { adsessionSettings = aduser.OrganizationId.ToADSessionSettings(); adsessionSettings.IsSharedConfigChecked = true; } IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, adsessionSettings, 248, "ReadSharingPolicy", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\DirectoryHelper.cs"); if (adobjectId == null) { FederatedOrganizationId federatedOrganizationId = tenantOrTopologyConfigurationSession.GetFederatedOrganizationId(tenantOrTopologyConfigurationSession.SessionSettings.CurrentOrganizationId); if (federatedOrganizationId != null) { adobjectId = federatedOrganizationId.DefaultSharingPolicyLink; } } SharingPolicy sharingPolicy = null; if (adobjectId != null) { sharingPolicy = tenantOrTopologyConfigurationSession.Read <SharingPolicy>(adobjectId); if (sharingPolicy == null) { throw new ObjectNotFoundException(ServerStrings.SharingPolicyNotFound(adobjectId.Name)); } } return(sharingPolicy); }
internal static void VerifyIsNotTinyTenant(OrganizationId organizationId, Task.ErrorLoggerDelegate writeError) { if (null == organizationId) { throw new ArgumentNullException("organizationId"); } if (writeError == null) { throw new ArgumentNullException("writeError"); } if (SharedConfiguration.GetSharedConfiguration(organizationId) != null) { SharedConfigurationTaskHelper.WriteTinyTenantError(writeError); } }
public static AdminAuditLogConfig GetAdminAuditLogConfig(IConfigurationSession configSession) { OrganizationId currentOrganizationId = configSession.SessionSettings.CurrentOrganizationId; AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId>(0L, "AdminAuditLogHelper: Will retrieve config objects from AD for OrganizationId: {0}", currentOrganizationId); SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(currentOrganizationId); IConfigurationSession configurationSession = configSession; if (sharedConfiguration != null) { configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(configSession.ConsistencyMode, sharedConfiguration.GetSharedConfigurationSessionSettings(), 160, "GetAdminAuditLogConfig", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\AdminAuditLog\\AdminAuditLogHelper.cs"); } configurationSession.SessionSettings.IsSharedConfigChecked = true; bool includeCNFObject = configurationSession.SessionSettings.IncludeCNFObject; AdminAuditLogConfig[] array; try { configurationSession.SessionSettings.IncludeCNFObject = false; array = configurationSession.Find <AdminAuditLogConfig>(null, QueryScope.SubTree, null, null, 2); } finally { configurationSession.SessionSettings.IncludeCNFObject = includeCNFObject; } if (array.Length == 0) { AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId>(0L, "AdminAuditLogHelper: No AdminAuditLogConfig was found in org {0}.", currentOrganizationId); AdminAuditLogHelper.WriteNoAdminAuditLogWarningAsNeed(configSession); return(null); } if (array.Length > 1) { AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId>(0L, "AdminAuditLogHelper: More than one AdminAuditLogConfig was found in org {0}.", currentOrganizationId); ExManagementApplicationLogger.LogEvent(currentOrganizationId, ManagementEventLogConstants.Tuple_MultipleAdminAuditLogConfig, new string[] { currentOrganizationId.ToString() }); throw new MultipleAdminAuditLogConfigException(currentOrganizationId.ToString()); } AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, bool>(0L, "AdminAuditLogHelper: One AdminAuditLogConfig was found in org {0}. Logging enabled is {1}.", currentOrganizationId, array[0].AdminAuditLogEnabled); return(array[0]); }
internal static ExchangeAssistance GetExchangeAssistanceObjectFromAD(OrganizationId organizationId) { ExchangeAssistance result = null; try { IConfigurationSession configurationSession; ADObjectId adobjectId; if (organizationId == OrganizationId.ForestWideOrgId) { configurationSession = HelpProvider.GetOrganizationConfigurationSession(organizationId); adobjectId = configurationSession.GetOrgContainerId(); } else { SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(organizationId); if (sharedConfiguration != null) { adobjectId = sharedConfiguration.SharedConfigurationCU.Id; configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, sharedConfiguration.GetSharedConfigurationSessionSettings(), 955, "GetExchangeAssistanceObjectFromAD", "f:\\15.00.1497\\sources\\dev\\UA\\src\\HelpProvider\\HelpProvider.cs"); } else { adobjectId = organizationId.ConfigurationUnit; configurationSession = HelpProvider.GetOrganizationConfigurationSession(organizationId); } } ADObjectId childId = adobjectId.GetChildId("ExchangeAssistance").GetChildId(HelpProvider.CurrentVersionExchangeAssistanceContainerName); result = configurationSession.Read <ExchangeAssistance>(childId); } catch (ADTransientException ex) { ExTraceGlobals.CoreTracer.TraceDebug <string>(0L, "ADTransient Exception in LoadBaseURL: {0}", ex.Message); } catch (ADOperationException ex2) { ExTraceGlobals.CoreTracer.TraceDebug <string>(0L, "ADOperationException in LoadBaseURL: {0}", ex2.Message); } return(result); }
private IList <TeamMailboxProvisioningPolicy> GetTeamMailboxPolicies() { OrganizationId currentOrganizationId = base.CurrentOrganizationId; IConfigurationSession session = this.ConfigurationSession; if (SharedConfiguration.IsDehydratedConfiguration(currentOrganizationId) || (SharedConfiguration.GetSharedConfigurationState(currentOrganizationId) & SharedTenantConfigurationState.Static) != SharedTenantConfigurationState.UnSupported) { ADSessionSettings adsessionSettings = null; SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(currentOrganizationId); if (sharedConfiguration != null) { adsessionSettings = sharedConfiguration.GetSharedConfigurationSessionSettings(); } if (adsessionSettings == null) { adsessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(base.RootOrgContainerId, currentOrganizationId, base.ExecutingUserOrganizationId, false); adsessionSettings.IsSharedConfigChecked = true; } session = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(base.DomainController, true, ConsistencyMode.PartiallyConsistent, base.NetCredential, adsessionSettings, 732, "GetTeamMailboxPolicies", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\TeamMailbox\\NewSiteMailbox.cs"); } return(DefaultTeamMailboxProvisioningPolicyUtility.GetDefaultPolicies(session)); }
protected OrganizationId GetOrganizationId(OrganizationId currentOrgId, string orgName) { if (OrganizationId.ForestWideOrgId.Equals(currentOrgId) && !string.IsNullOrEmpty(orgName)) { if (TemplateTenantConfiguration.IsTemplateTenantName(orgName) && TemplateTenantConfiguration.GetLocalTemplateTenant() != null) { return(TemplateTenantConfiguration.GetLocalTemplateTenant().OrganizationId); } ExchangeConfigurationUnit configurationUnit = this.GetConfigurationUnit(orgName); if (configurationUnit != null) { if (this.MustScopeToSharedConfiguration(configurationUnit)) { SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(configurationUnit.OrganizationId); if (sharedConfiguration != null) { return(sharedConfiguration.SharedConfigurationCU.OrganizationId); } } return(configurationUnit.OrganizationId); } } return(currentOrgId); }
private void CheckResourceProperties() { if (this.DataObject.IsChanged(ADRecipientSchema.ResourceSearchProperties) || this.DataObject.IsChanged(ADRecipientSchema.ResourceMetaData) || this.DataObject.IsChanged(ADRecipientSchema.ResourcePropertiesDisplay)) { SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(base.CurrentOrganizationId); IConfigurationSession configurationSession = this.ConfigurationSession; if (sharedConfiguration != null) { configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(this.ConfigurationSession.ConsistencyMode, sharedConfiguration.GetSharedConfigurationSessionSettings(), 4180, "CheckResourceProperties", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\mailbox\\SetMailbox.cs"); } configurationSession.SessionSettings.IsSharedConfigChecked = true; configurationSession.SessionSettings.IsRedirectedToSharedConfig = false; ResourceBookingConfig resourceBookingConfig = configurationSession.Read<ResourceBookingConfig>(ResourceBookingConfig.GetWellKnownLocation(configurationSession.GetOrgContainerId())); List<string> list = new List<string>(this.DataObject.ResourceCustom); list.Remove(this.DataObject.ResourceType.Value.ToString()); foreach (string text in list) { if (!resourceBookingConfig.IsPropAllowedOnResourceType(this.DataObject.ResourceType.Value.ToString(), text)) { this.WriteError(new RecipientTaskException(Strings.ErrorResourceSearchPropertyInvalid(text)), ExchangeErrorCategory.Client, this.DataObject, false); } } } }
protected override IConfigurable ConvertDataObjectToPresentationObject(IConfigurable dataObject) { if (dataObject == null) { return(null); } ADUser user = (ADUser)dataObject; SharedConfiguration sharedConfig = null; if (SharedConfiguration.IsDehydratedConfiguration(user.OrganizationId) || (SharedConfiguration.GetSharedConfigurationState(user.OrganizationId) & SharedTenantConfigurationState.Static) != SharedTenantConfigurationState.UnSupported) { sharedConfig = base.ProvisioningCache.TryAddAndGetOrganizationData <SharedConfiguration>(CannedProvisioningCacheKeys.MailboxSharedConfigCacheKey, user.OrganizationId, () => SharedConfiguration.GetSharedConfiguration(user.OrganizationId)); } if (null != user.MasterAccountSid) { user.LinkedMasterAccount = SecurityPrincipalIdParameter.GetFriendlyUserName(user.MasterAccountSid, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); user.ResetChangeTracking(); } Mailbox mailbox = new Mailbox(user); mailbox.propertyBag.SetField(MailboxSchema.Database, ADObjectIdResolutionHelper.ResolveDN(mailbox.Database)); if (sharedConfig != null) { mailbox.SharedConfiguration = sharedConfig.SharedConfigId.ConfigurationUnit; if (mailbox.RoleAssignmentPolicy == null) { mailbox.RoleAssignmentPolicy = base.ProvisioningCache.TryAddAndGetOrganizationData <ADObjectId>(CannedProvisioningCacheKeys.MailboxRoleAssignmentPolicyCacheKey, user.OrganizationId, () => sharedConfig.GetSharedRoleAssignmentPolicy()); } } else if (mailbox.RoleAssignmentPolicy == null && !mailbox.ExchangeVersion.IsOlderThan(MailboxSchema.RoleAssignmentPolicy.VersionAdded)) { ADObjectId defaultRoleAssignmentPolicy = RBACHelper.GetDefaultRoleAssignmentPolicy(user.OrganizationId); if (defaultRoleAssignmentPolicy != null) { mailbox.RoleAssignmentPolicy = defaultRoleAssignmentPolicy; } } if (mailbox.SharingPolicy == null && !mailbox.propertyBag.IsReadOnlyProperty(MailboxSchema.SharingPolicy)) { mailbox.SharingPolicy = base.GetDefaultSharingPolicyId(user, sharedConfig); } if (mailbox.RetentionPolicy == null && mailbox.ShouldUseDefaultRetentionPolicy && !mailbox.propertyBag.IsReadOnlyProperty(MailboxSchema.RetentionPolicy)) { mailbox.RetentionPolicy = base.GetDefaultRetentionPolicyId(user, sharedConfig); } if (mailbox.Database != null && mailbox.UseDatabaseRetentionDefaults) { this.SetDefaultRetentionValues(mailbox); } mailbox.AdminDisplayVersion = Microsoft.Exchange.Data.Directory.SystemConfiguration.Server.GetServerVersion(mailbox.ServerName); return(mailbox); }
protected override IConfigurable ConvertDataObjectToPresentationObject(IConfigurable dataObject) { ReducedRecipient reducedRecipient = (ReducedRecipient)dataObject; if (reducedRecipient == null) { return(null); } if (this.ShouldReadProperties(new ADPropertyDefinition[] { ReducedRecipientSchema.OwaMailboxPolicy, ReducedRecipientSchema.SharingPolicy, ReducedRecipientSchema.RetentionPolicy }) && reducedRecipient.RecipientType == Microsoft.Exchange.Data.Directory.Recipient.RecipientType.UserMailbox) { SharedConfiguration sharedConfig = null; if (SharedConfiguration.IsDehydratedConfiguration(reducedRecipient.OrganizationId) || (SharedConfiguration.GetSharedConfigurationState(reducedRecipient.OrganizationId) & SharedTenantConfigurationState.Static) != SharedTenantConfigurationState.UnSupported) { sharedConfig = SharedConfiguration.GetSharedConfiguration(reducedRecipient.OrganizationId); } if (this.ShouldReadProperties(new ADPropertyDefinition[] { ReducedRecipientSchema.OwaMailboxPolicy }) && reducedRecipient.OwaMailboxPolicy == null) { ADObjectId defaultOwaMailboxPolicyId = this.GetDefaultOwaMailboxPolicyId(reducedRecipient); if (defaultOwaMailboxPolicyId != null) { reducedRecipient.OwaMailboxPolicy = defaultOwaMailboxPolicyId; } } if (this.ShouldReadProperties(new ADPropertyDefinition[] { ReducedRecipientSchema.SharingPolicy }) && reducedRecipient.SharingPolicy == null) { reducedRecipient.SharingPolicy = base.GetDefaultSharingPolicyId(reducedRecipient, sharedConfig); } if (this.ShouldReadProperties(new ADPropertyDefinition[] { ReducedRecipientSchema.RetentionPolicy }) && reducedRecipient.RetentionPolicy == null && reducedRecipient.ShouldUseDefaultRetentionPolicy) { reducedRecipient.RetentionPolicy = base.GetDefaultRetentionPolicyId(reducedRecipient, sharedConfig); } } if (this.ShouldReadProperties(new ADPropertyDefinition[] { ReducedRecipientSchema.ActiveSyncMailboxPolicy, ReducedRecipientSchema.ActiveSyncMailboxPolicyIsDefaulted }) && reducedRecipient.ActiveSyncMailboxPolicy == null && !reducedRecipient.ExchangeVersion.IsOlderThan(ReducedRecipientSchema.ActiveSyncMailboxPolicy.VersionAdded)) { ADObjectId defaultPolicyId = base.GetDefaultPolicyId(reducedRecipient); if (defaultPolicyId != null) { reducedRecipient.ActiveSyncMailboxPolicy = defaultPolicyId; reducedRecipient.ActiveSyncMailboxPolicyIsDefaulted = true; } } if (this.ShouldReadProperties(new ADPropertyDefinition[] { ReducedRecipientSchema.AuthenticationType }) && reducedRecipient.OrganizationId.ConfigurationUnit != null) { SmtpAddress windowsLiveID = reducedRecipient.WindowsLiveID; if (reducedRecipient.WindowsLiveID.Domain != null && !reducedRecipient.ExchangeVersion.IsOlderThan(ExchangeObjectVersion.Exchange2010)) { reducedRecipient.AuthenticationType = MailboxTaskHelper.GetNamespaceAuthenticationType(reducedRecipient.OrganizationId, reducedRecipient.WindowsLiveID.Domain); } } if (this.ShouldReadProperties(new ADPropertyDefinition[] { ReducedRecipientSchema.Capabilities })) { reducedRecipient.PopulateCapabilitiesProperty(); } return(reducedRecipient); }
public bool IsLastAdmin(ADUser adUser) { if (adUser == null) { throw new ArgumentNullException("adUser"); } IRecipientSession recipientSession = this.recipientSession; IConfigurationSession configurationSession = this.configurationSession; bool result; try { this.InitializeContextVariables(); ADSessionSettings sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest(), adUser.OrganizationId, adUser.OrganizationId, false); this.recipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.PartiallyConsistent, sessionSettings, 1045, "IsLastAdmin", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleAssignment\\RoleAssignmentsGlobalConstraints.cs"); this.configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.PartiallyConsistent, sessionSettings, 1046, "IsLastAdmin", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleAssignment\\RoleAssignmentsGlobalConstraints.cs"); this.excludedFromEmptinessValidation.Add(adUser.Id); this.excludedFromAssignmentSearch.Add(adUser.Id); this.isObjectRemovalValidation = true; this.includeOnlyPowerShellEnabledRecipients = this.IsPowerShellEnabled(adUser.Id); List <string> tokenSids = this.recipientSession.GetTokenSids(adUser, AssignmentMethod.SecurityGroup | AssignmentMethod.RoleGroup); if (tokenSids == null || tokenSids.Count == 0) { result = false; } else { ADObjectId[] entryIds = this.recipientSession.ResolveSidsToADObjectIds(tokenSids.ToArray()); this.sharedConfig = SharedConfiguration.GetSharedConfiguration(adUser.OrganizationId); if (this.sharedConfig != null) { this.configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(this.configurationSession.ConsistencyMode, this.sharedConfig.GetSharedConfigurationSessionSettings(), 1065, "IsLastAdmin", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleAssignment\\RoleAssignmentsGlobalConstraints.cs"); } Result <ADGroup>[] array = this.recipientSession.ReadMultipleADGroups(entryIds); foreach (Result <ADGroup> result2 in array) { bool flag = this.IsGroupEmpty(result2.Data); if (flag) { Result <ExchangeRoleAssignment>[] directRoleAssignmentsForGroup = this.GetDirectRoleAssignmentsForGroup(result2.Data); if (directRoleAssignmentsForGroup != null) { foreach (Result <ExchangeRoleAssignment> result3 in directRoleAssignmentsForGroup) { if (!this.IsSafeToRemoveDisableAssignmentFromGroup(result3.Data)) { return(true); } } } ExchangeRoleAssignment exchangeRoleAssignment; if (!this.HierarchicalCheckForGroupEmptiness(result2.Data, out exchangeRoleAssignment)) { return(true); } } } result = false; } } finally { this.recipientSession = recipientSession; this.configurationSession = configurationSession; } return(result); }