private static ObjectSecurity GetServerAdminSecurity() { FileSecurity securityDescriptor = null; ADNotificationAdapter.TryRunADOperation(delegate() { ITopologyConfigurationSession topologyConfigurationSession = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 578, "GetServerAdminSecurity", "f:\\15.00.1497\\sources\\dev\\data\\src\\ApplicationLogic\\ProcessAccessManager.cs"); Server server = null; try { server = topologyConfigurationSession.FindLocalServer(); } catch (LocalServerNotFoundException) { return; } RawSecurityDescriptor rawSecurityDescriptor = server.ReadSecurityDescriptor(); if (rawSecurityDescriptor != null) { securityDescriptor = new FileSecurity(); byte[] array = new byte[rawSecurityDescriptor.BinaryLength]; rawSecurityDescriptor.GetBinaryForm(array, 0); securityDescriptor.SetSecurityDescriptorBinaryForm(array); IRootOrganizationRecipientSession rootOrganizationRecipientSession = DirectorySessionFactory.Default.CreateRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 605, "GetServerAdminSecurity", "f:\\15.00.1497\\sources\\dev\\data\\src\\ApplicationLogic\\ProcessAccessManager.cs"); SecurityIdentifier exchangeServersUsgSid = rootOrganizationRecipientSession.GetExchangeServersUsgSid(); FileSystemAccessRule fileSystemAccessRule = new FileSystemAccessRule(exchangeServersUsgSid, FileSystemRights.ReadData, AccessControlType.Allow); securityDescriptor.SetAccessRule(fileSystemAccessRule); SecurityIdentifier identity = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null); fileSystemAccessRule = new FileSystemAccessRule(identity, FileSystemRights.ReadData, AccessControlType.Allow); securityDescriptor.AddAccessRule(fileSystemAccessRule); return; } }, 3); return(securityDescriptor); }
// Token: 0x06000026 RID: 38 RVA: 0x00002938 File Offset: 0x00000B38 private static ObjectSecurity GetRpcSecurityDescriptor() { FileSecurity fileSecurity = new FileSecurity(); IRootOrganizationRecipientSession rootOrganizationRecipientSession = DirectorySessionFactory.Default.CreateRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 348, "GetRpcSecurityDescriptor", "f:\\15.00.1497\\sources\\dev\\data\\src\\ThrottlingService\\Service\\ThrottlingRpcServerImpl.cs"); ThrottlingService.StartStopBreadcrumbs.Drop("Calling GetExchangeServersUsgSid", new object[0]); SecurityIdentifier exchangeServersUsgSid = rootOrganizationRecipientSession.GetExchangeServersUsgSid(); ThrottlingService.StartStopBreadcrumbs.Drop("GetExchangeServersUsgSid call completed", new object[0]); FileSystemAccessRule fileSystemAccessRule = new FileSystemAccessRule(exchangeServersUsgSid, FileSystemRights.ReadData, AccessControlType.Allow); fileSecurity.SetAccessRule(fileSystemAccessRule); if (ThrottlingAppConfig.AuthenticatedUsersRpcEnabled) { SecurityIdentifier identity = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null); fileSystemAccessRule = new FileSystemAccessRule(identity, FileSystemRights.ReadData, AccessControlType.Allow); fileSecurity.AddAccessRule(fileSystemAccessRule); ThrottlingService.Tracer.TraceDebug(0L, "RPC calls are allowed for all authenticated users."); } SecurityIdentifier securityIdentifier = new SecurityIdentifier(WellKnownSidType.NetworkServiceSid, null); fileSystemAccessRule = new FileSystemAccessRule(securityIdentifier, FileSystemRights.ReadData, AccessControlType.Allow); fileSecurity.AddAccessRule(fileSystemAccessRule); SecurityIdentifier identity2 = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null); fileSystemAccessRule = new FileSystemAccessRule(identity2, FileSystemRights.ReadData, AccessControlType.Allow); fileSecurity.AddAccessRule(fileSystemAccessRule); fileSecurity.SetOwner(securityIdentifier); return(fileSecurity); }
// Token: 0x0600018B RID: 395 RVA: 0x00007A68 File Offset: 0x00005C68 public void Init() { ExTraceGlobals.DatabaseManagerTracer.TraceDebug <DatabaseManager>((long)this.GetHashCode(), "{0}: Really starting", this); AIBreadcrumbs.DatabaseStatusTrail.Drop("Init Starting. Waiting on lock."); bool flag = false; try { Monitor.Enter(this, ref flag); AIBreadcrumbs.DatabaseStatusTrail.Drop("Init startup progressing. Lock acquired."); SecurityIdentifier exchangeServersSid = null; ADOperationResult adoperationResult = ADNotificationAdapter.TryRunADOperation(delegate() { IRootOrganizationRecipientSession rootOrganizationRecipientSession = DirectorySessionFactory.Default.CreateRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 514, "Init", "f:\\15.00.1497\\sources\\dev\\assistants\\src\\Assistants\\DatabaseManager.cs"); exchangeServersSid = rootOrganizationRecipientSession.GetExchangeServersUsgSid(); }); if (exchangeServersSid == null) { AIBreadcrumbs.DatabaseStatusTrail.Drop("Database Manager unable to contact AD."); TransientServerException ex = new TransientServerException(adoperationResult.Exception); ExTraceGlobals.DatabaseManagerTracer.TraceDebug <DatabaseManager, ADOperationErrorCode, TransientServerException>((long)this.GetHashCode(), "{0}: Unable to contact AD. Will not continue to start at this time. Code: {1}, Exception: {2}", this, adoperationResult.ErrorCode, ex); throw ex; } if (this.startState != DatabaseManager.StartState.Started) { ExTraceGlobals.DatabaseManagerTracer.TraceDebug <DatabaseManager, DatabaseManager.StartState>((long)this.GetHashCode(), "{0}: Init when not started: {1}", this, this.startState); return; } this.performanceCountersTotal = new PerformanceCountersPerDatabaseInstance(this.serviceName + "-Total", null); this.performanceCountersTotal.Reset(); if (this.timeBasedDriverManager != null) { this.timeBasedDriverManager.Start(exchangeServersSid); } this.databaseStatusTimer = new Timer(new TimerCallback(this.CheckDatabaseStatusTimerProc)); this.databaseStatusTimer.Change(TimeSpan.Zero, DatabaseManager.DatabaseStatusPollingInterval); base.TracePfd("PFD AIS {0} {1}: Started", new object[] { 23383, this }); this.startState = DatabaseManager.StartState.Initialized; } finally { if (flag) { Monitor.Exit(this); } } AIBreadcrumbs.DatabaseStatusTrail.Drop("Database manager startup completed."); }
internal override AdminRoleDefinition[] ComputeAdminRoles(IRootOrganizationRecipientSession recipientSession, ITopologyConfigurationSession configSession) { string containerDN = configSession.ConfigurationNamingContext.ToDNString(); ADGroup adgroup = recipientSession.ResolveWellKnownGuid <ADGroup>(WellKnownGuid.EmaWkGuid, containerDN); return(new AdminRoleDefinition[] { new AdminRoleDefinition(adgroup.Sid, "RecipientAdmins"), new AdminRoleDefinition(recipientSession.GetExchangeServersUsgSid(), "ExchangeServers"), new AdminRoleDefinition(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null), "LocalSystem"), new AdminRoleDefinition(new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null), "BuiltinAdmins") }); }
internal override AdminRoleDefinition[] ComputeAdminRoles(IRootOrganizationRecipientSession recipientSession, ITopologyConfigurationSession configSession) { string containerDN = configSession.ConfigurationNamingContext.ToDNString(); ADGroup adgroup = recipientSession.ResolveWellKnownGuid <ADGroup>(WellKnownGuid.EmaWkGuid, containerDN); List <AdminRoleDefinition> list = new List <AdminRoleDefinition>(4); list.Add(new AdminRoleDefinition(adgroup.Sid, "RecipientAdmins")); list.Add(new AdminRoleDefinition(recipientSession.GetExchangeServersUsgSid(), "ExchangeServers")); list.Add(new AdminRoleDefinition(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null), "LocalSystem")); list.Add(new AdminRoleDefinition(new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null), "BuiltinAdmins")); SecurityIdentifier[] additionalSids = this.GetAdditionalSids(); for (int i = 0; i < additionalSids.Length; i++) { string roleName = string.Format("AdditionalAdminRoleFromConfiguration {0}", i); list.Add(new AdminRoleDefinition(additionalSids[i], roleName)); } return(list.ToArray()); }