public DataClassificationConfig GetDataClassificationConfig(OrganizationId organizationId, IConfigurationSession currentDataSession)
{
if (object.ReferenceEquals(null, organizationId))
{
throw new ArgumentNullException("organizationId");
}
if (currentDataSession == null)
{
throw new ArgumentNullException("currentDataSession");
}
if (!VariantConfiguration.InvariantNoFlightingSnapshot.Global.MultiTenancy.Enabled || OrganizationId.ForestWideOrgId.Equals(organizationId))
{
return(null);
}
if (!organizationId.Equals(currentDataSession.SessionSettings.CurrentOrganizationId))
{
throw new ArgumentException(new ArgumentException().Message, "currentDataSession");
}
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(organizationId);
IConfigurationSession configurationSession;
if (sharedConfiguration != null)
{
configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(true, ConsistencyMode.PartiallyConsistent, sharedConfiguration.GetSharedConfigurationSessionSettings(), 1186, "GetDataClassificationConfig", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\transport\\ClassificationDefinitions\\ClassificationDefinitionUtils.cs");
}
else
{
configurationSession = currentDataSession;
}
DataClassificationConfig[] array = configurationSession.Find <DataClassificationConfig>(null, QueryScope.SubTree, null, null, 1);
ExAssert.RetailAssert(array != null && 1 == array.Length, "There should be one and only one DataClassificationConfig applicable to a particular tenant.");
return(array[0]);
}
private void FillTaskPopulatedFields(ADOrganizationConfig organization)
{
RbacContainer rbacContainer = null;
if (OrganizationId.ForestWideOrgId.Equals(organization.OrganizationId))
{
rbacContainer = this.ConfigurationSession.GetRbacContainer();
}
else
{
ExchangeConfigurationUnit exchangeConfigurationUnit = this.ConfigurationSession.GetOrgContainer() as ExchangeConfigurationUnit;
if (exchangeConfigurationUnit != null)
{
organization.ServicePlan = exchangeConfigurationUnit.ServicePlan;
organization.TargetServicePlan = exchangeConfigurationUnit.TargetServicePlan;
if (exchangeConfigurationUnit.IsStaticConfigurationShared)
{
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(organization.OrganizationId);
rbacContainer = sharedConfiguration.GetRbacContainer();
}
else
{
rbacContainer = this.ConfigurationSession.GetRbacContainer();
}
}
}
if (rbacContainer != null)
{
organization.RBACConfigurationVersion = rbacContainer.ExchangeVersion;
}
}
internal static RoleGroup PopulateRoleAssignmentsAndConvert(ADGroup group, IConfigurationSession configurationSession)
{
Result <ExchangeRoleAssignment>[] roleAssignmentResults = null;
if (RoleGroup.ContainsRoleAssignments(group))
{
return(new RoleGroup(group, roleAssignmentResults));
}
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(group.OrganizationId);
RoleGroup roleGroup;
if (sharedConfiguration != null)
{
if (group.RoleGroupType == RoleGroupType.PartnerLinked)
{
roleGroup = new RoleGroup(group, null);
}
else
{
ADObjectId sharedConfiguration2 = null;
ADObjectId[] sharedRoleGroupIds;
if (group.IsModified(ADObjectSchema.Name))
{
sharedRoleGroupIds = sharedConfiguration.GetSharedRoleGroupIds(new ADObjectId[]
{
group.OriginalId
});
}
else
{
sharedRoleGroupIds = sharedConfiguration.GetSharedRoleGroupIds(new ADObjectId[]
{
group.Id
});
}
if (sharedRoleGroupIds != null && sharedRoleGroupIds.Length != 0)
{
IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.PartiallyConsistent, sharedConfiguration.GetSharedConfigurationSessionSettings(), 171, "PopulateRoleAssignmentsAndConvert", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleGroup\\RoleGroupCommon.cs");
roleAssignmentResults = tenantOrTopologyConfigurationSession.FindRoleAssignmentsByUserIds(new ADObjectId[]
{
sharedRoleGroupIds[0]
}, false);
sharedConfiguration2 = sharedConfiguration.SharedConfigurationCU.Id;
}
roleGroup = new RoleGroup(group, roleAssignmentResults);
roleGroup.SharedConfiguration = sharedConfiguration2;
}
}
else
{
configurationSession.SessionSettings.IsSharedConfigChecked = true;
roleAssignmentResults = configurationSession.FindRoleAssignmentsByUserIds(new ADObjectId[]
{
group.Id
}, false);
roleGroup = new RoleGroup(group, roleAssignmentResults);
}
return(roleGroup);
}
protected override void InternalBeginProcessing()
{
TaskLogger.LogEnter();
base.InternalBeginProcessing();
if (this.SharedTenantConfigurationMode == SharedTenantConfigurationMode.Static || (this.SharedTenantConfigurationMode == SharedTenantConfigurationMode.Dehydrateable && SharedConfiguration.IsDehydratedConfiguration(base.CurrentOrganizationId)))
{
this.sharedConfig = SharedConfiguration.GetSharedConfiguration(base.CurrentOrganizationId);
}
TaskLogger.LogExit();
}
public void ValidateIsSafeToRemoveRoleGroupMember(ADGroup group, List <ADObjectId> membersToRemove)
{
if (group == null || membersToRemove == null)
{
return;
}
this.InitializeContextVariables();
this.excludedFromEmptinessValidation.AddRange(membersToRemove);
this.excludedFromAssignmentSearch.Add(group.Id);
if (!this.IsGroupEmpty(group))
{
return;
}
this.excludedFromEmptinessValidation.Add(group.Id);
string membersToRemove2 = RoleGroupCommon.NamesFromObjects(membersToRemove);
bool flag = RoleGroupCommon.IsPrecannedRoleGroup(group, this.configurationSession, new Guid[]
{
RoleGroup.OrganizationManagement_InitInfo.WellKnownGuid
});
if (flag)
{
this.writeError(new TaskInvalidOperationException(Strings.ErrorCannedRoleGroupCannotBeEmpty(group.Name, membersToRemove2)), ExchangeErrorCategory.Client, null);
}
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(group.OrganizationId);
if (sharedConfiguration != null)
{
return;
}
Result <ExchangeRoleAssignment>[] directRoleAssignmentsForGroup = this.GetDirectRoleAssignmentsForGroup(group);
if (directRoleAssignmentsForGroup != null)
{
foreach (Result <ExchangeRoleAssignment> result in directRoleAssignmentsForGroup)
{
if (!this.IsSafeToRemoveDisableAssignmentFromGroup(result.Data))
{
this.writeError(new TaskInvalidOperationException(Strings.ErrorGroupCannotBeEmptyRoleAssignmentConstraint(group.Name, membersToRemove2, result.Data.Name, result.Data.Role.Name)), ExchangeErrorCategory.Client, null);
}
}
}
ExchangeRoleAssignment exchangeRoleAssignment;
if (!this.HierarchicalCheckForGroupEmptiness(group, out exchangeRoleAssignment))
{
this.writeError(new TaskInvalidOperationException(Strings.ErrorGroupCannotBeEmptyRoleAssignmentConstraint(group.Name, membersToRemove2, exchangeRoleAssignment.Name, exchangeRoleAssignment.Role.Name)), ExchangeErrorCategory.Client, null);
}
ADGroup adgroup = null;
if (!this.HierarchicalCheckForCannedRoleGroups(group, out adgroup))
{
this.writeError(new TaskInvalidOperationException(Strings.ErrorCannedRoleGroupCannotBeEmpty(adgroup.Name, membersToRemove2)), ExchangeErrorCategory.Client, null);
}
}
// Token: 0x06000E61 RID: 3681 RVA: 0x000568D8 File Offset: 0x00054AD8
private static SharingPolicyCache GetDehydratedPolicyFromCacheOrAD(OrganizationId orgId, ADObjectId policyId)
{
SharingPolicyCache sharingPolicyCache;
if (policyId != SharingPolicyCache.DynamicDefaultPolicy)
{
lock (SharingPolicyCache.cacheSyncLock)
{
if (SharingPolicyCache.dehydratedDefaultCache.TryGetValue(policyId.ObjectGuid, out sharingPolicyCache))
{
SharingPolicyCache.Tracer.TraceDebug <ADObjectId>(0L, "Found Sharing Policy {0} in dehydrated cache.", policyId);
return(sharingPolicyCache);
}
}
}
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(orgId);
IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, sharedConfiguration.GetSharedConfigurationSessionSettings(), 282, "GetDehydratedPolicyFromCacheOrAD", "f:\\15.00.1497\\sources\\dev\\MailboxAssistants\\src\\assistants\\SharingPolicy\\SharingPolicyCache.cs");
tenantOrTopologyConfigurationSession.SessionSettings.IsSharedConfigChecked = true;
bool flag2 = policyId == SharingPolicyCache.DynamicDefaultPolicy;
if (flag2)
{
SharingPolicyCache.Tracer.TraceDebug <OrganizationId>(0L, "Find Default Policy Id for Org {0} ", orgId);
policyId = SharingPolicyCache.GetDefaultSharingPolicyId(tenantOrTopologyConfigurationSession);
if (policyId == null)
{
return(null);
}
lock (SharingPolicyCache.cacheSyncLock)
{
if (SharingPolicyCache.dehydratedDefaultCache.TryGetValue(policyId.ObjectGuid, out sharingPolicyCache))
{
SharingPolicyCache.Tracer.TraceDebug <ADObjectId>(0L, "Found Sharing Policy {0} in dehydrated cache.", policyId);
return(sharingPolicyCache);
}
}
}
SharingPolicy sharingPolicy = tenantOrTopologyConfigurationSession.Read <SharingPolicy>(policyId);
if (sharingPolicy == null)
{
SharingPolicyCache.Tracer.TraceError <ADObjectId, bool>(0L, "Unable to find SharingPolicy {0} in the AD. PolicyId is default:{1}", policyId, flag2);
return(null);
}
sharingPolicyCache = new SharingPolicyCache(sharingPolicy, true);
lock (SharingPolicyCache.cacheSyncLock)
{
SharingPolicyCache.dehydratedDefaultCache[policyId.ObjectGuid] = sharingPolicyCache;
}
return(sharingPolicyCache);
}
protected override void InternalValidate()
{
TaskLogger.LogEnter();
base.InternalValidate();
if (base.Fields.IsModified(ADRecipientSchema.RoleAssignmentPolicy) && (MailboxPolicyIdParameter)base.Fields[ADRecipientSchema.RoleAssignmentPolicy] == null && !OrganizationId.ForestWideOrgId.Equals(this.DataObject.OrganizationId))
{
base.WriteError(new TaskInvalidOperationException(Strings.ResettingPolicyIsNotSupported("RoleAssignmentPolicy")), ExchangeErrorCategory.Client, this.Identity);
}
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(base.CurrentOrganizationId);
if (sharedConfiguration != null)
{
this.DataObject.SharedConfiguration = sharedConfiguration.SharedConfigId.ConfigurationUnit;
}
if (this.DataObject.IsResource)
{
this.CheckResourceProperties();
}
else if (this.DataObject.RecipientTypeDetails == RecipientTypeDetails.DiscoveryMailbox)
{
if (base.Fields.IsModified(ADRecipientSchema.AcceptMessagesOnlyFrom) || base.Fields.IsModified(ADRecipientSchema.AcceptMessagesOnlyFromSendersOrMembers))
{
base.WriteError(new TaskInvalidOperationException(Strings.ErrorCannotChangeAcceptMessagesFrom), ExchangeErrorCategory.Client, this.DataObject);
}
MailboxTaskHelper.ValidateMaximumDiscoveryMailboxQuota(this.DataObject, this.ConfigurationSession, base.CurrentOrganizationId, new Task.ErrorLoggerDelegate(base.WriteError));
}
else if (this.PublicFolder && base.UserSpecifiedParameters.Contains(MailEnabledRecipientSchema.HiddenFromAddressListsEnabled.Name))
{
base.WriteError(new TaskInvalidOperationException(Strings.ErrorCannotChangeHiddenFromAddressListsEnabled), ExchangeErrorCategory.Client, this.DataObject);
}
if (this.RetentionPolicy != null && this.DataObject.RecipientTypeDetails == RecipientTypeDetails.TeamMailbox)
{
base.WriteError(new RecipientTaskException(Strings.ErrorNoRetentionPolicyForTeamMailbox(this.DataObject.Name)), ExchangeErrorCategory.Client, this.DataObject);
}
if (this.AuditLog)
{
Mailbox mailbox = (Mailbox)this.GetDynamicParameters();
foreach (object obj in SetMailboxBase<MailboxIdParameter, Mailbox>.InvalidAuditLogParameters)
{
ProviderPropertyDefinition providerPropertyDefinition = obj as ProviderPropertyDefinition;
if (base.Fields.IsModified(obj) || (providerPropertyDefinition != null && mailbox.IsModified(providerPropertyDefinition)))
{
base.WriteError(new TaskArgumentException(Strings.ErrorInvalidParameterForAuditLog((providerPropertyDefinition == null) ? obj.ToString() : providerPropertyDefinition.Name, "AuditLog")), ExchangeErrorCategory.Client, this.Identity);
}
}
}
else if (this.DataObject.RecipientTypeDetails == RecipientTypeDetails.AuditLogMailbox)
{
base.WriteError(new RecipientTaskException(Strings.RecipientNotFoundException(this.DataObject.Name)), ExchangeErrorCategory.Client, this.DataObject);
}
base.VerifyIsWithinScopes((IRecipientSession)base.DataSession, this.DataObject, true, new DataAccessTask<ADUser>.ADObjectOutOfScopeString(Strings.ErrorCannotChangeMailboxOutOfWriteScope));
TaskLogger.LogExit();
}
private static ThrottlingPolicy ReadOrganizationThrottlingPolicyFromAD(OrganizationId orgId)
{
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(orgId);
if (sharedConfiguration != null)
{
orgId = sharedConfiguration.SharedConfigId;
}
ADSessionSettings sessionSettings = ADSessionSettings.FromAllTenantsOrRootOrgAutoDetect(orgId);
IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(true, ConsistencyMode.PartiallyConsistent, sessionSettings, 224, "ReadOrganizationThrottlingPolicyFromAD", "f:\\15.00.1497\\sources\\dev\\data\\src\\directory\\throttling\\EffectiveThrottlingPolicy.cs");
tenantOrTopologyConfigurationSession.SessionSettings.IsSharedConfigChecked = true;
return(tenantOrTopologyConfigurationSession.GetOrganizationThrottlingPolicy(orgId));
}
public static SharingPolicy ReadSharingPolicy(Guid mailboxGuid, bool isArchive, IRecipientSession recipientSession)
{
ADRecipient adrecipient = DirectoryHelper.ReadADRecipient(mailboxGuid, isArchive, recipientSession);
if (adrecipient == null)
{
throw new ObjectNotFoundException(ServerStrings.ADUserNotFound);
}
ADUser aduser = adrecipient as ADUser;
if (aduser == null)
{
ExTraceGlobals.StorageTracer.TraceError <ADRecipient>((long)mailboxGuid.GetHashCode(), "ExchangePrincipal::ReadSharingPolicy. This is not an ADUser so policy doesn't apply. Recipient = {0}.", adrecipient);
return(null);
}
ADObjectId adobjectId = aduser.SharingPolicy;
ADSessionSettings adsessionSettings;
if (SharedConfiguration.IsDehydratedConfiguration(aduser.OrganizationId))
{
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(aduser.OrganizationId);
adsessionSettings = sharedConfiguration.GetSharedConfigurationSessionSettings();
}
else
{
adsessionSettings = aduser.OrganizationId.ToADSessionSettings();
adsessionSettings.IsSharedConfigChecked = true;
}
IConfigurationSession tenantOrTopologyConfigurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, adsessionSettings, 248, "ReadSharingPolicy", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\DirectoryHelper.cs");
if (adobjectId == null)
{
FederatedOrganizationId federatedOrganizationId = tenantOrTopologyConfigurationSession.GetFederatedOrganizationId(tenantOrTopologyConfigurationSession.SessionSettings.CurrentOrganizationId);
if (federatedOrganizationId != null)
{
adobjectId = federatedOrganizationId.DefaultSharingPolicyLink;
}
}
SharingPolicy sharingPolicy = null;
if (adobjectId != null)
{
sharingPolicy = tenantOrTopologyConfigurationSession.Read <SharingPolicy>(adobjectId);
if (sharingPolicy == null)
{
throw new ObjectNotFoundException(ServerStrings.SharingPolicyNotFound(adobjectId.Name));
}
}
return(sharingPolicy);
}
internal static void VerifyIsNotTinyTenant(OrganizationId organizationId, Task.ErrorLoggerDelegate writeError)
{
if (null == organizationId)
{
throw new ArgumentNullException("organizationId");
}
if (writeError == null)
{
throw new ArgumentNullException("writeError");
}
if (SharedConfiguration.GetSharedConfiguration(organizationId) != null)
{
SharedConfigurationTaskHelper.WriteTinyTenantError(writeError);
}
}
public static AdminAuditLogConfig GetAdminAuditLogConfig(IConfigurationSession configSession)
{
OrganizationId currentOrganizationId = configSession.SessionSettings.CurrentOrganizationId;
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId>(0L, "AdminAuditLogHelper: Will retrieve config objects from AD for OrganizationId: {0}", currentOrganizationId);
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(currentOrganizationId);
IConfigurationSession configurationSession = configSession;
if (sharedConfiguration != null)
{
configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(configSession.ConsistencyMode, sharedConfiguration.GetSharedConfigurationSessionSettings(), 160, "GetAdminAuditLogConfig", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\AdminAuditLog\\AdminAuditLogHelper.cs");
}
configurationSession.SessionSettings.IsSharedConfigChecked = true;
bool includeCNFObject = configurationSession.SessionSettings.IncludeCNFObject;
AdminAuditLogConfig[] array;
try
{
configurationSession.SessionSettings.IncludeCNFObject = false;
array = configurationSession.Find <AdminAuditLogConfig>(null, QueryScope.SubTree, null, null, 2);
}
finally
{
configurationSession.SessionSettings.IncludeCNFObject = includeCNFObject;
}
if (array.Length == 0)
{
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId>(0L, "AdminAuditLogHelper: No AdminAuditLogConfig was found in org {0}.", currentOrganizationId);
AdminAuditLogHelper.WriteNoAdminAuditLogWarningAsNeed(configSession);
return(null);
}
if (array.Length > 1)
{
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId>(0L, "AdminAuditLogHelper: More than one AdminAuditLogConfig was found in org {0}.", currentOrganizationId);
ExManagementApplicationLogger.LogEvent(currentOrganizationId, ManagementEventLogConstants.Tuple_MultipleAdminAuditLogConfig, new string[]
{
currentOrganizationId.ToString()
});
throw new MultipleAdminAuditLogConfigException(currentOrganizationId.ToString());
}
AdminAuditLogHelper.Tracer.TraceDebug <OrganizationId, bool>(0L, "AdminAuditLogHelper: One AdminAuditLogConfig was found in org {0}. Logging enabled is {1}.", currentOrganizationId, array[0].AdminAuditLogEnabled);
return(array[0]);
}
internal static ExchangeAssistance GetExchangeAssistanceObjectFromAD(OrganizationId organizationId)
{
ExchangeAssistance result = null;
try
{
IConfigurationSession configurationSession;
ADObjectId adobjectId;
if (organizationId == OrganizationId.ForestWideOrgId)
{
configurationSession = HelpProvider.GetOrganizationConfigurationSession(organizationId);
adobjectId = configurationSession.GetOrgContainerId();
}
else
{
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(organizationId);
if (sharedConfiguration != null)
{
adobjectId = sharedConfiguration.SharedConfigurationCU.Id;
configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, sharedConfiguration.GetSharedConfigurationSessionSettings(), 955, "GetExchangeAssistanceObjectFromAD", "f:\\15.00.1497\\sources\\dev\\UA\\src\\HelpProvider\\HelpProvider.cs");
}
else
{
adobjectId = organizationId.ConfigurationUnit;
configurationSession = HelpProvider.GetOrganizationConfigurationSession(organizationId);
}
}
ADObjectId childId = adobjectId.GetChildId("ExchangeAssistance").GetChildId(HelpProvider.CurrentVersionExchangeAssistanceContainerName);
result = configurationSession.Read <ExchangeAssistance>(childId);
}
catch (ADTransientException ex)
{
ExTraceGlobals.CoreTracer.TraceDebug <string>(0L, "ADTransient Exception in LoadBaseURL: {0}", ex.Message);
}
catch (ADOperationException ex2)
{
ExTraceGlobals.CoreTracer.TraceDebug <string>(0L, "ADOperationException in LoadBaseURL: {0}", ex2.Message);
}
return(result);
}
private IList <TeamMailboxProvisioningPolicy> GetTeamMailboxPolicies()
{
OrganizationId currentOrganizationId = base.CurrentOrganizationId;
IConfigurationSession session = this.ConfigurationSession;
if (SharedConfiguration.IsDehydratedConfiguration(currentOrganizationId) || (SharedConfiguration.GetSharedConfigurationState(currentOrganizationId) & SharedTenantConfigurationState.Static) != SharedTenantConfigurationState.UnSupported)
{
ADSessionSettings adsessionSettings = null;
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(currentOrganizationId);
if (sharedConfiguration != null)
{
adsessionSettings = sharedConfiguration.GetSharedConfigurationSessionSettings();
}
if (adsessionSettings == null)
{
adsessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(base.RootOrgContainerId, currentOrganizationId, base.ExecutingUserOrganizationId, false);
adsessionSettings.IsSharedConfigChecked = true;
}
session = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(base.DomainController, true, ConsistencyMode.PartiallyConsistent, base.NetCredential, adsessionSettings, 732, "GetTeamMailboxPolicies", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\TeamMailbox\\NewSiteMailbox.cs");
}
return(DefaultTeamMailboxProvisioningPolicyUtility.GetDefaultPolicies(session));
}
protected OrganizationId GetOrganizationId(OrganizationId currentOrgId, string orgName)
{
if (OrganizationId.ForestWideOrgId.Equals(currentOrgId) && !string.IsNullOrEmpty(orgName))
{
if (TemplateTenantConfiguration.IsTemplateTenantName(orgName) && TemplateTenantConfiguration.GetLocalTemplateTenant() != null)
{
return(TemplateTenantConfiguration.GetLocalTemplateTenant().OrganizationId);
}
ExchangeConfigurationUnit configurationUnit = this.GetConfigurationUnit(orgName);
if (configurationUnit != null)
{
if (this.MustScopeToSharedConfiguration(configurationUnit))
{
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(configurationUnit.OrganizationId);
if (sharedConfiguration != null)
{
return(sharedConfiguration.SharedConfigurationCU.OrganizationId);
}
}
return(configurationUnit.OrganizationId);
}
}
return(currentOrgId);
}
private void CheckResourceProperties()
{
if (this.DataObject.IsChanged(ADRecipientSchema.ResourceSearchProperties) || this.DataObject.IsChanged(ADRecipientSchema.ResourceMetaData) || this.DataObject.IsChanged(ADRecipientSchema.ResourcePropertiesDisplay))
{
SharedConfiguration sharedConfiguration = SharedConfiguration.GetSharedConfiguration(base.CurrentOrganizationId);
IConfigurationSession configurationSession = this.ConfigurationSession;
if (sharedConfiguration != null)
{
configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(this.ConfigurationSession.ConsistencyMode, sharedConfiguration.GetSharedConfigurationSessionSettings(), 4180, "CheckResourceProperties", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\mailbox\\SetMailbox.cs");
}
configurationSession.SessionSettings.IsSharedConfigChecked = true;
configurationSession.SessionSettings.IsRedirectedToSharedConfig = false;
ResourceBookingConfig resourceBookingConfig = configurationSession.Read<ResourceBookingConfig>(ResourceBookingConfig.GetWellKnownLocation(configurationSession.GetOrgContainerId()));
List<string> list = new List<string>(this.DataObject.ResourceCustom);
list.Remove(this.DataObject.ResourceType.Value.ToString());
foreach (string text in list)
{
if (!resourceBookingConfig.IsPropAllowedOnResourceType(this.DataObject.ResourceType.Value.ToString(), text))
{
this.WriteError(new RecipientTaskException(Strings.ErrorResourceSearchPropertyInvalid(text)), ExchangeErrorCategory.Client, this.DataObject, false);
}
}
}
}
protected override IConfigurable ConvertDataObjectToPresentationObject(IConfigurable dataObject)
{
if (dataObject == null)
{
return(null);
}
ADUser user = (ADUser)dataObject;
SharedConfiguration sharedConfig = null;
if (SharedConfiguration.IsDehydratedConfiguration(user.OrganizationId) || (SharedConfiguration.GetSharedConfigurationState(user.OrganizationId) & SharedTenantConfigurationState.Static) != SharedTenantConfigurationState.UnSupported)
{
sharedConfig = base.ProvisioningCache.TryAddAndGetOrganizationData <SharedConfiguration>(CannedProvisioningCacheKeys.MailboxSharedConfigCacheKey, user.OrganizationId, () => SharedConfiguration.GetSharedConfiguration(user.OrganizationId));
}
if (null != user.MasterAccountSid)
{
user.LinkedMasterAccount = SecurityPrincipalIdParameter.GetFriendlyUserName(user.MasterAccountSid, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose));
user.ResetChangeTracking();
}
Mailbox mailbox = new Mailbox(user);
mailbox.propertyBag.SetField(MailboxSchema.Database, ADObjectIdResolutionHelper.ResolveDN(mailbox.Database));
if (sharedConfig != null)
{
mailbox.SharedConfiguration = sharedConfig.SharedConfigId.ConfigurationUnit;
if (mailbox.RoleAssignmentPolicy == null)
{
mailbox.RoleAssignmentPolicy = base.ProvisioningCache.TryAddAndGetOrganizationData <ADObjectId>(CannedProvisioningCacheKeys.MailboxRoleAssignmentPolicyCacheKey, user.OrganizationId, () => sharedConfig.GetSharedRoleAssignmentPolicy());
}
}
else if (mailbox.RoleAssignmentPolicy == null && !mailbox.ExchangeVersion.IsOlderThan(MailboxSchema.RoleAssignmentPolicy.VersionAdded))
{
ADObjectId defaultRoleAssignmentPolicy = RBACHelper.GetDefaultRoleAssignmentPolicy(user.OrganizationId);
if (defaultRoleAssignmentPolicy != null)
{
mailbox.RoleAssignmentPolicy = defaultRoleAssignmentPolicy;
}
}
if (mailbox.SharingPolicy == null && !mailbox.propertyBag.IsReadOnlyProperty(MailboxSchema.SharingPolicy))
{
mailbox.SharingPolicy = base.GetDefaultSharingPolicyId(user, sharedConfig);
}
if (mailbox.RetentionPolicy == null && mailbox.ShouldUseDefaultRetentionPolicy && !mailbox.propertyBag.IsReadOnlyProperty(MailboxSchema.RetentionPolicy))
{
mailbox.RetentionPolicy = base.GetDefaultRetentionPolicyId(user, sharedConfig);
}
if (mailbox.Database != null && mailbox.UseDatabaseRetentionDefaults)
{
this.SetDefaultRetentionValues(mailbox);
}
mailbox.AdminDisplayVersion = Microsoft.Exchange.Data.Directory.SystemConfiguration.Server.GetServerVersion(mailbox.ServerName);
return(mailbox);
}
protected override IConfigurable ConvertDataObjectToPresentationObject(IConfigurable dataObject)
{
ReducedRecipient reducedRecipient = (ReducedRecipient)dataObject;
if (reducedRecipient == null)
{
return(null);
}
if (this.ShouldReadProperties(new ADPropertyDefinition[]
{
ReducedRecipientSchema.OwaMailboxPolicy,
ReducedRecipientSchema.SharingPolicy,
ReducedRecipientSchema.RetentionPolicy
}) && reducedRecipient.RecipientType == Microsoft.Exchange.Data.Directory.Recipient.RecipientType.UserMailbox)
{
SharedConfiguration sharedConfig = null;
if (SharedConfiguration.IsDehydratedConfiguration(reducedRecipient.OrganizationId) || (SharedConfiguration.GetSharedConfigurationState(reducedRecipient.OrganizationId) & SharedTenantConfigurationState.Static) != SharedTenantConfigurationState.UnSupported)
{
sharedConfig = SharedConfiguration.GetSharedConfiguration(reducedRecipient.OrganizationId);
}
if (this.ShouldReadProperties(new ADPropertyDefinition[]
{
ReducedRecipientSchema.OwaMailboxPolicy
}) && reducedRecipient.OwaMailboxPolicy == null)
{
ADObjectId defaultOwaMailboxPolicyId = this.GetDefaultOwaMailboxPolicyId(reducedRecipient);
if (defaultOwaMailboxPolicyId != null)
{
reducedRecipient.OwaMailboxPolicy = defaultOwaMailboxPolicyId;
}
}
if (this.ShouldReadProperties(new ADPropertyDefinition[]
{
ReducedRecipientSchema.SharingPolicy
}) && reducedRecipient.SharingPolicy == null)
{
reducedRecipient.SharingPolicy = base.GetDefaultSharingPolicyId(reducedRecipient, sharedConfig);
}
if (this.ShouldReadProperties(new ADPropertyDefinition[]
{
ReducedRecipientSchema.RetentionPolicy
}) && reducedRecipient.RetentionPolicy == null && reducedRecipient.ShouldUseDefaultRetentionPolicy)
{
reducedRecipient.RetentionPolicy = base.GetDefaultRetentionPolicyId(reducedRecipient, sharedConfig);
}
}
if (this.ShouldReadProperties(new ADPropertyDefinition[]
{
ReducedRecipientSchema.ActiveSyncMailboxPolicy,
ReducedRecipientSchema.ActiveSyncMailboxPolicyIsDefaulted
}) && reducedRecipient.ActiveSyncMailboxPolicy == null && !reducedRecipient.ExchangeVersion.IsOlderThan(ReducedRecipientSchema.ActiveSyncMailboxPolicy.VersionAdded))
{
ADObjectId defaultPolicyId = base.GetDefaultPolicyId(reducedRecipient);
if (defaultPolicyId != null)
{
reducedRecipient.ActiveSyncMailboxPolicy = defaultPolicyId;
reducedRecipient.ActiveSyncMailboxPolicyIsDefaulted = true;
}
}
if (this.ShouldReadProperties(new ADPropertyDefinition[]
{
ReducedRecipientSchema.AuthenticationType
}) && reducedRecipient.OrganizationId.ConfigurationUnit != null)
{
SmtpAddress windowsLiveID = reducedRecipient.WindowsLiveID;
if (reducedRecipient.WindowsLiveID.Domain != null && !reducedRecipient.ExchangeVersion.IsOlderThan(ExchangeObjectVersion.Exchange2010))
{
reducedRecipient.AuthenticationType = MailboxTaskHelper.GetNamespaceAuthenticationType(reducedRecipient.OrganizationId, reducedRecipient.WindowsLiveID.Domain);
}
}
if (this.ShouldReadProperties(new ADPropertyDefinition[]
{
ReducedRecipientSchema.Capabilities
}))
{
reducedRecipient.PopulateCapabilitiesProperty();
}
return(reducedRecipient);
}
public bool IsLastAdmin(ADUser adUser)
{
if (adUser == null)
{
throw new ArgumentNullException("adUser");
}
IRecipientSession recipientSession = this.recipientSession;
IConfigurationSession configurationSession = this.configurationSession;
bool result;
try
{
this.InitializeContextVariables();
ADSessionSettings sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopes(ADSystemConfigurationSession.GetRootOrgContainerIdForLocalForest(), adUser.OrganizationId, adUser.OrganizationId, false);
this.recipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.PartiallyConsistent, sessionSettings, 1045, "IsLastAdmin", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleAssignment\\RoleAssignmentsGlobalConstraints.cs");
this.configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.PartiallyConsistent, sessionSettings, 1046, "IsLastAdmin", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleAssignment\\RoleAssignmentsGlobalConstraints.cs");
this.excludedFromEmptinessValidation.Add(adUser.Id);
this.excludedFromAssignmentSearch.Add(adUser.Id);
this.isObjectRemovalValidation = true;
this.includeOnlyPowerShellEnabledRecipients = this.IsPowerShellEnabled(adUser.Id);
List <string> tokenSids = this.recipientSession.GetTokenSids(adUser, AssignmentMethod.SecurityGroup | AssignmentMethod.RoleGroup);
if (tokenSids == null || tokenSids.Count == 0)
{
result = false;
}
else
{
ADObjectId[] entryIds = this.recipientSession.ResolveSidsToADObjectIds(tokenSids.ToArray());
this.sharedConfig = SharedConfiguration.GetSharedConfiguration(adUser.OrganizationId);
if (this.sharedConfig != null)
{
this.configurationSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(this.configurationSession.ConsistencyMode, this.sharedConfig.GetSharedConfigurationSessionSettings(), 1065, "IsLastAdmin", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleAssignment\\RoleAssignmentsGlobalConstraints.cs");
}
Result <ADGroup>[] array = this.recipientSession.ReadMultipleADGroups(entryIds);
foreach (Result <ADGroup> result2 in array)
{
bool flag = this.IsGroupEmpty(result2.Data);
if (flag)
{
Result <ExchangeRoleAssignment>[] directRoleAssignmentsForGroup = this.GetDirectRoleAssignmentsForGroup(result2.Data);
if (directRoleAssignmentsForGroup != null)
{
foreach (Result <ExchangeRoleAssignment> result3 in directRoleAssignmentsForGroup)
{
if (!this.IsSafeToRemoveDisableAssignmentFromGroup(result3.Data))
{
return(true);
}
}
}
ExchangeRoleAssignment exchangeRoleAssignment;
if (!this.HierarchicalCheckForGroupEmptiness(result2.Data, out exchangeRoleAssignment))
{
return(true);
}
}
}
result = false;
}
}
finally
{
this.recipientSession = recipientSession;
this.configurationSession = configurationSession;
}
return(result);
}
