public void HandleGroupDeletedEvent(ExSearchResultEntry entry) { if (EhfAdminAccountSynchronizer.IsEventForDeletedOrganization(entry, base.DiagSession)) { throw new InvalidOperationException("Change entry " + entry.DistinguishedName + " is for a deleted organization. The entry should have been ignored from PreDecorate."); } EhfAdminSyncChangeBuilder adminBuilderForChange = this.GetAdminBuilderForChange(entry); base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Encountered a DELETE rolegroup event. ObjectGuid: <{0}>; Company: <{1}>", new object[] { entry.GetObjectGuid(), adminBuilderForChange.TenantOU }); if (adminBuilderForChange != null) { adminBuilderForChange.HandleGroupDeletedEvent(entry); } if (!EhfWellKnownGroup.IsWellKnownPartnerGroupDN(entry.DistinguishedName)) { return; } Guid externalDirectoryObjectId; if (EhfCompanyAdmins.TryGetExternalDirectoryObjectId(entry, base.DiagSession, out externalDirectoryObjectId)) { this.AddGroupToDeleteGroupsBatch(externalDirectoryObjectId); return; } base.DiagSession.LogAndTraceError("Could not find the ExternalDirectoryObjectId for well known partner group {0}", new object[] { entry.DistinguishedName }); }
private void InvokeSyncAdminAccountsAndSyncGroupUsers(EhfCompanyAdmins admin, EhfADAdapter configADAdapter) { bool syncAdminAccountsCompleted = true; bool syncAdminAgentCompleted = true; bool syncHelpdeskAgentCompleted = true; if (admin.HasLocalAdminChanges) { FailedAdminAccounts syncAdminAccountsResponse = null; FaultException syncAdminException = null; string syncAdminsOperation = EhfAdminAccountSynchronizer.SyncAdminsOperation; base.InvokeProvisioningService(syncAdminsOperation, delegate { syncAdminAccountsResponse = this.ProvisioningService.SyncAdminAccounts(admin.GetLocalAdminsToSync(this.DiagSession), out syncAdminException); }, 1); if (syncAdminException != null) { this.HandleOperationLevelException(syncAdminException, syncAdminsOperation, admin.EhfCompanyIdentity); } else { this.ProcessSyncAdminAccountsResponse(syncAdminAccountsResponse, admin, syncAdminsOperation); } syncAdminAccountsCompleted = (syncAdminException == null); } if (admin.HasPartnerAdminGroupChanges) { syncAdminAgentCompleted = this.InvokeSyncGroupUsers(admin.EhfCompanyIdentity, admin.AdminAgent, admin.TenantOU); syncHelpdeskAgentCompleted = this.InvokeSyncGroupUsers(admin.EhfCompanyIdentity, admin.HelpdeskAgent, admin.TenantOU); } this.UpdateSyncStateInAD(admin, configADAdapter, syncAdminAccountsCompleted, syncAdminAgentCompleted, syncHelpdeskAgentCompleted); }
public EhfCompanyAdmins Flush(EhfADAdapter configADAdapter) { if (this.flushed) { throw new InvalidOperationException("Flush() should be called only once"); } this.flushed = true; return(EhfCompanyAdmins.CreateEhfCompanyAdmins(this, this.ehfTargetConnection, configADAdapter)); }
public static EhfAdminSyncState Create(EhfCompanyAdmins admins, bool addOrgAdminState, bool addViewOnlyOrgAdminState, bool addAdminAgentState, bool addHelpDeskAgentState, EhfTargetConnection targetConnection) { EhfAdminSyncState ehfAdminSyncState = admins.EhfAdminSyncState; EhfAdminSyncState ehfAdminSyncState2 = new EhfAdminSyncState(admins.EhfCompanyIdentity, targetConnection); ehfAdminSyncState2.orgAdminMembers = ehfAdminSyncState2.GetNewState(admins.OrganizationMangement, ehfAdminSyncState.orgAdminMembers, addOrgAdminState); ehfAdminSyncState2.viewOnlyOrgAdminMembers = ehfAdminSyncState2.GetNewState(admins.ViewonlyOrganizationManagement, ehfAdminSyncState.viewOnlyOrgAdminMembers, addViewOnlyOrgAdminState); ehfAdminSyncState2.adminAgentMembers = ehfAdminSyncState2.GetNewState(admins.AdminAgent, ehfAdminSyncState.adminAgentMembers, addAdminAgentState); ehfAdminSyncState2.helpDeskAgentMembers = ehfAdminSyncState2.GetNewState(admins.HelpdeskAgent, ehfAdminSyncState.helpDeskAgentMembers, addHelpDeskAgentState); return(ehfAdminSyncState2); }
private void UpdateSyncStateInAD(EhfCompanyAdmins admins, EhfADAdapter configADAdapter, bool syncAdminAccountsCompleted, bool syncAdminAgentCompleted, bool syncHelpdeskAgentCompleted) { EhfAdminSyncState ehfAdminSyncState = EhfAdminSyncState.Create(admins, syncAdminAccountsCompleted, syncAdminAccountsCompleted, syncAdminAgentCompleted, syncHelpdeskAgentCompleted, base.EhfConnection); if (ehfAdminSyncState.IsEmpty) { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Low, "Admin state is up to date for <{0}>. No need to update the state.", new object[] { admins.TenantOU }); return; } try { configADAdapter.SetAttributeValues(admins.EhfCompanyIdentity.EhfCompanyGuid, ehfAdminSyncState.GetStatesToUpdate()); } catch (ExDirectoryException exception) { this.HandleFaultAsTransientFailure(admins.EhfCompanyIdentity, "Update Sync State", exception, true, string.Empty); } }
private void ProcessSyncAdminAccountsResponse(FailedAdminAccounts syncAdminAccountsResponse, EhfCompanyAdmins requestAdmins, string operationName) { if (syncAdminAccountsResponse == null) { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Low, "Successfully completed SyncAdminAccounts operation. Sync details: <{0}>", new object[] { requestAdmins }); return; } int num = 0; int num2 = 0; bool hasCriticalError = false; StringBuilder stringBuilder = new StringBuilder(); stringBuilder.AppendFormat(CultureInfo.InvariantCulture, "Tenant: <{0}> ", new object[] { requestAdmins.TenantOU }); stringBuilder.Append("SyncAdminAccountUserErrors: "); if (syncAdminAccountsResponse.FailedUsers != null) { EhfAdminAccountSynchronizer.ClassifyFailedResponse <string>(syncAdminAccountsResponse.FailedUsers, ref num, ref num2, ref hasCriticalError, stringBuilder); } stringBuilder.Append(" SyncAdminAccountGroupErrors: "); if (syncAdminAccountsResponse.FailedGroups != null) { EhfAdminAccountSynchronizer.ClassifyFailedResponse <Guid>(syncAdminAccountsResponse.FailedGroups, ref num, ref num2, ref hasCriticalError, stringBuilder); } string text = stringBuilder.ToString(); this.HandleOperationFailureCounts(requestAdmins.EhfCompanyIdentity, operationName, (num > 0) ? 1 : 0, (num2 > 0) ? 1 : 0, text, hasCriticalError); this.LogAdminSyncOperationFailure(operationName, num, num2, text); }
public override bool FlushBatches() { if (this.adminAccountChange.Count == 0 && this.groupsToRemove.Count == 0) { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "{0}: No admin changes to Sync to FOSE", new object[] { EhfAdminAccountSynchronizer.cycleCount }); return(true); } this.InvokeRemoveGroups(); if (this.adminAccountChange.Count != 0) { Exception ex; EhfADAdapter configADAdapter = base.ADAdapter.GetConfigADAdapter(base.DiagSession, out ex); if (configADAdapter == null) { base.DiagSession.LogAndTraceError("Could not create a LDAP connection to the Configuration naming context. Details {0}", new object[] { ex }); base.DiagSession.EventLog.LogEvent(EdgeSyncEventLogConstants.Tuple_EhfAdminSyncFailedToConnectToConfigNamingContext, null, new object[] { ex.Message }); base.EhfConnection.AbortSyncCycle(ex); return(false); } base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "{0} : Changes to <{1}> tenant(s) detected. Checking if sync is required.", new object[] { EhfAdminAccountSynchronizer.cycleCount.ToString(), this.adminAccountChange.Count.ToString() }); foreach (KeyValuePair <string, EhfAdminSyncChangeBuilder> keyValuePair in this.adminAccountChange) { this.AbortSyncCycleIfTooManyFailures(); EhfAdminSyncChangeBuilder value = keyValuePair.Value; if (value.ChangeExists) { EhfCompanyAdmins ehfCompanyAdmins = value.Flush(configADAdapter); if (ehfCompanyAdmins == null) { this.errorTracker.AddCriticalFailure(); } else if (ehfCompanyAdmins.IsSyncRequired) { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "AdminSync: {0}", new object[] { ehfCompanyAdmins }); if (ehfCompanyAdmins.CompanyId != 0) { this.InvokeSyncAdminAccountsAndSyncGroupUsers(ehfCompanyAdmins, configADAdapter); } else { base.DiagSession.LogAndTraceError("Not syncing {0} since companyId is not set", new object[] { ehfCompanyAdmins.TenantOU }); if (!ehfCompanyAdmins.PerimeterConfigNotReplicatedOrIsDeleted) { this.errorTracker.AddTransientFailure(ehfCompanyAdmins.EhfCompanyIdentity, new EhfAdminAccountSynchronizer.EhfAdminSyncTransientException("PerimeterConfig object does not have Ehf CompanyId set."), string.Empty); } else { this.errorTracker.AddCriticalFailure(); } } } else { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "No adminsync is required for: {0}", new object[] { keyValuePair.Key }); } value.ClearCachedChanges(); } } this.adminAccountChange.Clear(); } return(true); }
private EhfCompanyAdmins(EhfAdminSyncChangeBuilder builder, EhfTargetConnection targetConnection, string orgManagementGroupDN, string viewOnlyOrgManagementGroupDN, EhfADAdapter configADAdapter) { EhfWellKnownGroup ehfWellKnownGroup = null; EhfWellKnownGroup ehfWellKnownGroup2 = null; EhfWellKnownGroup ehfWellKnownGroup3 = null; EhfWellKnownGroup ehfWellKnownGroup4 = null; this.tenantOU = builder.TenantOU; this.ehfTargetConnection = targetConnection; if (builder.DeletedObjects.Count != 0) { this.CacheAdminSyncState(configADAdapter); } bool flag = builder.UpdateOrgManagementGroup || builder.HasDirectChangeForGroup(orgManagementGroupDN) || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.OrganizationManagmentMembers, orgManagementGroupDN)); bool flag2 = builder.UpdateViewOnlyOrgManagementGroup || builder.HasDirectChangeForGroup(viewOnlyOrgManagementGroupDN) || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.ViewOnlyOrganizationManagmentMembers, viewOnlyOrgManagementGroupDN)); bool flag3 = builder.UpdateAdminAgentGroup || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.AdminAgentMembers, EhfCompanyAdmins.AdminAgentGroupNamePrefix)); bool flag4 = builder.UpdateHelpdeskAgentGroup || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.HelpdeskAgentMembers, EhfCompanyAdmins.HelpdeskAgentGroupNamePrefix)); if ((flag || builder.GroupChanges.Count != 0 || builder.LiveIdChanges.Count != 0) && orgManagementGroupDN != null) { ehfWellKnownGroup = this.GetMembersOfGroupFromDN(orgManagementGroupDN, false, targetConnection.DiagSession); } if ((flag2 || builder.GroupChanges.Count != 0 || builder.LiveIdChanges.Count != 0) && viewOnlyOrgManagementGroupDN != null) { ehfWellKnownGroup2 = this.GetMembersOfGroupFromDN(viewOnlyOrgManagementGroupDN, false, targetConnection.DiagSession); } if (builder.GroupChanges.Count != 0 || builder.LiveIdChanges.Count != 0 || flag3 || flag4) { string text = null; string text2 = null; foreach (ExSearchResultEntry exSearchResultEntry in this.ehfTargetConnection.ADAdapter.PagedScan(this.tenantOU, EhfCompanyAdmins.PartnerAdminGroupFilter, new string[0])) { targetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Found a Partner Admin group {0}", new object[] { exSearchResultEntry.DistinguishedName }); if (exSearchResultEntry.DistinguishedName.StartsWith(EhfWellKnownGroup.AdminAgentGroupDnPrefix)) { text = exSearchResultEntry.DistinguishedName; } else if (exSearchResultEntry.DistinguishedName.StartsWith(EhfWellKnownGroup.HelpdeskAgentGroupDnPrefix)) { text2 = exSearchResultEntry.DistinguishedName; } } targetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "AdminAgentPartnerGroup={0}; HelpDeskAgentPartnerGroup = {1}", new object[] { text ?? "<null>", text2 ?? "<null>" }); if (flag3 && text != null) { ehfWellKnownGroup3 = this.GetMembersOfGroupFromDN(text, true, targetConnection.DiagSession); } if (flag4 && text2 != null) { ehfWellKnownGroup4 = this.GetMembersOfGroupFromDN(text2, true, targetConnection.DiagSession); } } EdgeSyncDiag diagSession = builder.EhfTargetConnection.DiagSession; if (!flag && ehfWellKnownGroup != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup.GroupMembers, diagSession))) { flag = true; } if (!flag2 && ehfWellKnownGroup2 != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup2.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup2.GroupMembers, diagSession))) { flag2 = true; } if (!flag3 && ehfWellKnownGroup3 != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup3.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup3.GroupMembers, diagSession))) { flag3 = true; } if (!flag4 && ehfWellKnownGroup4 != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup4.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup4.GroupMembers, diagSession))) { flag4 = true; } if (flag) { this.organizationManagement = ehfWellKnownGroup; } if (flag2) { this.viewOnlyOrganizationManagement = ehfWellKnownGroup2; } if (flag3) { this.adminAgent = ehfWellKnownGroup3; } if (flag4) { this.helpdeskAgent = ehfWellKnownGroup4; } if (this.IsSyncRequired) { this.CacheAdminSyncState(configADAdapter); } }
private EhfWellKnownGroup GetMembersOfGroupFromDN(string groupDistinguishedName, bool isPartnerAdminGroup, EdgeSyncDiag diagSession) { EhfWellKnownGroup ehfWellKnownGroup; if (isPartnerAdminGroup) { ExSearchResultEntry exSearchResultEntry = this.ehfTargetConnection.ADAdapter.ReadObjectEntry(groupDistinguishedName, false, EhfCompanyAdmins.AttributesToFetchFromMembers); if (exSearchResultEntry == null) { diagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Low, "Could not find wellknown partner admin group {0}", new object[] { groupDistinguishedName }); return(null); } if (!EhfCompanyAdmins.IsPartnerManagedGroup(exSearchResultEntry, diagSession)) { diagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Found the partner group {0}, but it is no partner Managed", new object[] { groupDistinguishedName }); return(null); } Guid externalDirectoryObjectId; if (!EhfCompanyAdmins.TryGetExternalDirectoryObjectId(exSearchResultEntry, diagSession, out externalDirectoryObjectId)) { return(null); } ehfWellKnownGroup = new EhfWellKnownGroup(groupDistinguishedName, externalDirectoryObjectId); } else { ehfWellKnownGroup = new EhfWellKnownGroup(groupDistinguishedName); } Stack <string> stack = new Stack <string>(); stack.Push(groupDistinguishedName); while (stack.Count != 0) { string text = stack.Pop(); string query = string.Format("(memberOf={0})", text); diagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.High, "Expanding group {0}", new object[] { text }); IEnumerable <ExSearchResultEntry> enumerable = this.ehfTargetConnection.ADAdapter.PagedScan(this.tenantOU, query, EhfCompanyAdmins.AttributesToFetchFromMembers); int num = 0; foreach (ExSearchResultEntry exSearchResultEntry2 in enumerable) { num++; if (!exSearchResultEntry2.IsDeleted) { Guid objectGuid = exSearchResultEntry2.GetObjectGuid(); if (EhfCompanyAdmins.IsGroup(exSearchResultEntry2)) { Guid partnerGroupGuid; if (ehfWellKnownGroup.SubGroups.ContainsKey(objectGuid) || ehfWellKnownGroup.LinkedRoleGroups.ContainsKey(objectGuid)) { this.ehfTargetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Group {0} is already processed. Ignoring it.", new object[] { exSearchResultEntry2.DistinguishedName }); } else if (EhfCompanyAdmins.IsPartnerManagedLinkedRoleGroup(exSearchResultEntry2, diagSession, out partnerGroupGuid)) { ehfWellKnownGroup.LinkedRoleGroups.Add(objectGuid, new PartnerGroupAdminSyncUser(exSearchResultEntry2.DistinguishedName, objectGuid, partnerGroupGuid)); } else { ehfWellKnownGroup.SubGroups.Add(objectGuid, new AdminSyncUser(exSearchResultEntry2.DistinguishedName, objectGuid)); stack.Push(exSearchResultEntry2.DistinguishedName); } } else { string text2 = string.Empty; if (exSearchResultEntry2.Attributes.ContainsKey("msExchWindowsLiveID") && exSearchResultEntry2.Attributes["msExchWindowsLiveID"].Count != 0) { text2 = (string)exSearchResultEntry2.Attributes["msExchWindowsLiveID"][0]; if (text2 != null) { text2 = text2.Trim(); } } else { diagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "WindowsLiveID is not set for {0}", new object[] { exSearchResultEntry2.DistinguishedName }); } if (!ehfWellKnownGroup.GroupMembers.ContainsKey(objectGuid)) { ehfWellKnownGroup.GroupMembers.Add(objectGuid, new MailboxAdminSyncUser(text2, objectGuid, exSearchResultEntry2.DistinguishedName)); } } } else { diagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "{0} is deleted, ignoring...", new object[] { exSearchResultEntry2.DistinguishedName }); } } diagSession.Tracer.TraceDebug <string, int>((long)this.GetHashCode(), "Expanded group {0}. Found {1} children", text, num); } return(ehfWellKnownGroup); }
private static bool IsPartnerManagedLinkedRoleGroup(ExSearchResultEntry searchEntry, EdgeSyncDiag diagSession, out Guid groupGuid) { groupGuid = Guid.Empty; if (!EhfCompanyAdmins.IsPartnerManagedGroup(searchEntry, diagSession)) { return(false); } DirectoryAttribute directoryAttribute; if (!searchEntry.Attributes.TryGetValue("msExchPartnerGroupID", out directoryAttribute)) { diagSession.LogAndTraceError("msExchPartnerGroupID attribute is not present in the partner managed group '{0}'", new object[] { searchEntry.DistinguishedName }); return(false); } if (directoryAttribute == null || directoryAttribute.Count == 0) { diagSession.LogAndTraceError("msExchPartnerGroupID attribute is not set on the partner managed group '{0}'", new object[] { searchEntry.DistinguishedName }); return(false); } string text = directoryAttribute[0] as string; if (string.IsNullOrEmpty(text)) { diagSession.LogAndTraceError("msExchPartnerGroupID attribute is empty for the partner managed group '{0}'", new object[] { searchEntry.DistinguishedName }); return(false); } LinkedPartnerGroupInformation linkedPartnerGroupInformation; try { linkedPartnerGroupInformation = LinkedPartnerGroupInformation.Parse(text); } catch (ArgumentException) { diagSession.LogAndTraceError("msExchPartnerGroupID attribute value '{0}' is not in the expected format for '{1}'", new object[] { text, searchEntry.DistinguishedName }); return(false); } if (string.IsNullOrEmpty(linkedPartnerGroupInformation.LinkedPartnerGroupId)) { diagSession.LogAndTraceError("msExchPartnerGroupID attribute value '{0}' has an empty LinkdedPartnetGroupId: '{1}'", new object[] { text, searchEntry.DistinguishedName }); return(false); } if (GuidHelper.TryParseGuid(linkedPartnerGroupInformation.LinkedPartnerGroupId, out groupGuid)) { return(true); } diagSession.LogAndTraceError("msExchPartnerGroupID attribute value '{0}' is not a valid Guid: '{1}'", new object[] { text, searchEntry.DistinguishedName }); return(false); }