protected AuditEventRecordAdapter(ExchangeMailboxAuditBaseRecord record, string displayOrganizationId)
{
this.record = record;
Util.ThrowOnNullArgument(record, "record");
MailboxAuditOperations mailboxAuditOperations;
this.AuditOperation = (Enum.TryParse <MailboxAuditOperations>(record.Operation, out mailboxAuditOperations) ? mailboxAuditOperations : MailboxAuditOperations.None);
this.Result = ((record.OperationResult == null) ? OperationResult.Succeeded : ((record.OperationResult == 2) ? OperationResult.PartiallySucceeded : OperationResult.Failed));
this.OrganizationId = displayOrganizationId;
this.MailboxGuid = record.MailboxGuid;
this.OperationName = record.Operation;
this.LogonTypeName = record.LogonType.ToString();
this.OperationSucceeded = ((record.OperationResult == null) ? OperationResult.Succeeded : ((record.OperationResult == 2) ? OperationResult.PartiallySucceeded : OperationResult.Failed));
this.ExternalAccess = record.ExternalAccess;
this.CreationTime = record.CreationTime;
this.RecordId = record.Id;
}
private static void Fill(ExchangeMailboxAuditBaseRecord record, MailboxSession session, MailboxAuditOperations operation, OperationResult result, LogonType logonType, bool externalAccess)
{
EnumValidator.ThrowIfInvalid <MailboxAuditOperations>(operation);
EnumValidator.ThrowIfInvalid <OperationResult>(result, "result");
EnumValidator.ThrowIfInvalid <LogonType>(logonType, "logonType");
Util.ThrowOnNullArgument(session, "session");
record.Operation = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
operation
});
record.OperationResult = AuditRecordFactory.GetOperationResult(result);
record.LogonType = AuditRecordFactory.GetLogonType(logonType);
record.ExternalAccess = externalAccess;
record.CreationTime = DateTime.UtcNow;
record.InternalLogonType = AuditRecordFactory.GetLogonType(session.LogonType);
record.MailboxGuid = session.MailboxOwner.MailboxInfo.MailboxGuid;
OrganizationId organizationId = session.OrganizationId;
record.OrganizationId = ((organizationId == null || organizationId.OrganizationalUnit == null || organizationId.ConfigurationUnit == null) ? null : Convert.ToBase64String(organizationId.GetBytes(Encoding.UTF8)));
record.OrganizationName = AuditRecordFactory.GetOrgNameFromOrgId(organizationId);
record.MailboxOwnerUPN = session.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString();
if (session.MailboxOwner.Sid != null)
{
record.MailboxOwnerSid = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
session.MailboxOwner.Sid
});
if (session.MailboxOwner.MasterAccountSid != null)
{
record.MailboxOwnerMasterAccountSid = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
session.MailboxOwner.MasterAccountSid
});
}
}
IdentityPair userIdentityPair = AuditRecordFactory.GetUserIdentityPair(session, logonType);
if (userIdentityPair.LogonUserSid != null)
{
record.LogonUserSid = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
userIdentityPair.LogonUserSid
});
record.UserId = record.LogonUserSid;
}
else
{
record.UserId = session.MailboxOwner.MailboxInfo.MailboxGuid.ToString("D", CultureInfo.InvariantCulture);
}
if (userIdentityPair.LogonUserDisplayName != null)
{
record.LogonUserDisplayName = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
userIdentityPair.LogonUserDisplayName
});
}
string text = (session.RemoteClientSessionInfo == null) ? session.ClientInfoString : session.RemoteClientSessionInfo.ClientInfoString;
if (!string.IsNullOrEmpty(text))
{
record.ClientInfoString = text;
}
record.ClientIPAddress = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
session.ClientIPAddress
});
if (!string.IsNullOrEmpty(session.ClientMachineName))
{
record.ClientMachineName = session.ClientMachineName;
}
if (!string.IsNullOrEmpty(session.ClientProcessName))
{
record.ClientProcessName = session.ClientProcessName;
}
if (session.ClientVersion != 0L)
{
record.ClientVersion = AuditRecordFactory.GetVersionString(session.ClientVersion);
}
record.OriginatingServer = string.Format(CultureInfo.InvariantCulture, "{0} ({1})\r\n", new object[]
{
AuditRecordFactory.MachineName,
"15.00.1497.012"
});
}
