// Token: 0x06000FF5 RID: 4085 RVA: 0x0004BB28 File Offset: 0x00049D28 public static IEnumerable <ADUser> GetUMEnabledUsersInDatabase(MailboxDatabase database) { QueryFilter filter = UMMailbox.GetUMEnabledUserQueryFilter(database); foreach (PartitionId partitionId in ADAccountPartitionLocator.GetAllAccountPartitionIds(true)) { ADSessionSettings settings = ADSessionSettings.FromAllTenantsPartitionId(partitionId); ITenantRecipientSession session = DirectorySessionFactory.Default.CreateTenantRecipientSession(null, null, LcidMapper.DefaultLcid, true, ConsistencyMode.IgnoreInvalid, null, settings, 199, "GetUMEnabledUsersInDatabase", "f:\\15.00.1497\\sources\\dev\\data\\src\\directory\\PartitionDataAggregator.cs"); ADPagedReader <ADRecipient> recipientReader = session.FindPaged(null, QueryScope.SubTree, filter, null, 0); foreach (ADRecipient recipient in recipientReader) { ADUser user = recipient as ADUser; if (user != null) { yield return(user); } } } yield break; }
protected override ADRawEntry CreateOnCacheMiss(string key, ref bool shouldAdd) { ADRawEntry adrawEntry = null; bool useGlobalCatalog = TeamMailboxNameIdResolver.instance.dataSession.UseGlobalCatalog; try { TeamMailboxNameIdResolver.instance.dataSession.UseGlobalCatalog = true; if (VariantConfiguration.InvariantNoFlightingSnapshot.Global.MultiTenancy.Enabled) { ITenantRecipientSession tenantRecipientSession = TeamMailboxNameIdResolver.instance.dataSession as ITenantRecipientSession; if (tenantRecipientSession != null) { adrawEntry = tenantRecipientSession.FindUniqueEntryByNetID(key, TeamMailboxNameIdResolver.UserObjectProperties); } } else { SecurityIdentifier securityIdentifier = null; try { securityIdentifier = new SecurityIdentifier(key); } catch (ArgumentException ex) { this.newSidEx = ex; } if (securityIdentifier != null) { adrawEntry = TeamMailboxNameIdResolver.instance.dataSession.FindADRawEntryBySid(securityIdentifier, TeamMailboxNameIdResolver.UserObjectProperties); } } } finally { TeamMailboxNameIdResolver.instance.dataSession.UseGlobalCatalog = useGlobalCatalog; } shouldAdd = (adrawEntry != null); return(adrawEntry); }
private static ADRawEntry GetCallerAdEntry(HttpContext httpContext) { if (!httpContext.Items.Contains(Constants.CallerADRawEntryKeyName)) { CommonAccessToken commonAccessToken = httpContext.Items["Item-CommonAccessToken"] as CommonAccessToken; if (commonAccessToken == null) { throw new InvalidOperationException("CAT token not present - cannot lookup LiveIdBasic user's AD entry."); } ADRawEntry value = null; LatencyTracker latencyTracker = (LatencyTracker)httpContext.Items[Constants.LatencyTrackerContextKeyName]; LiveIdBasicTokenAccessor accessor = LiveIdBasicTokenAccessor.Attach(commonAccessToken); if (accessor.TokenType == AccessTokenType.LiveIdBasic) { ExTraceGlobals.VerboseTracer.TraceDebug <string, string>(0L, "[Extensions::GetFullCallerIdentity] Calling AD to convert PUID {0} for LiveIdMemberName {1} to SID to construct GenericSidIdentity.", accessor.Puid, accessor.LiveIdMemberName); ITenantRecipientSession session = DirectoryHelper.GetTenantRecipientSessionFromSmtpOrLiveId(latencyTracker, accessor.LiveIdMemberName, false); value = DirectoryHelper.InvokeAccountForest(latencyTracker, () => session.FindUniqueEntryByNetID(accessor.Puid, null, UserBasedAnchorMailbox.ADRawEntryPropertySet)); } httpContext.Items[Constants.CallerADRawEntryKeyName] = value; } return((ADRawEntry)httpContext.Items[Constants.CallerADRawEntryKeyName]); }
protected override ADRawEntry LoadADRawEntry() { ADRawEntry adrawEntry = null; bool ignoreCannotResolveTenantNameException = PuidAnchorMailbox.AllowMissingDirectoryObject.Value || AnchorMailbox.AllowMissingTenant.Value; ITenantRecipientSession tenantRecipientSessionFromSmtpOrLiveId = DirectoryHelper.GetTenantRecipientSessionFromSmtpOrLiveId(base.RequestContext.LatencyTracker, this.LiveIdMemberName, ignoreCannotResolveTenantNameException); if (tenantRecipientSessionFromSmtpOrLiveId != null) { adrawEntry = DirectoryHelper.InvokeAccountForest(base.RequestContext.LatencyTracker, () => tenantRecipientSessionFromSmtpOrLiveId.FindUniqueEntryByNetID(this.Puid, null, this.PropertySet)); } if (!PuidAnchorMailbox.AllowMissingDirectoryObject.Value) { base.CheckForNullAndThrowIfApplicable <ADRawEntry>(adrawEntry); } else if (adrawEntry == null) { if (tenantRecipientSessionFromSmtpOrLiveId != null) { ExTraceGlobals.VerboseTracer.TraceWarning <PuidAnchorMailbox, string, ADScope>((long)this.GetHashCode(), "[PuidAnchorMailbox::LoadADRawEntry]: Anchor mailbox {0} not found for a user with MemberName {1} in {2}.", this, this.LiveIdMemberName, (tenantRecipientSessionFromSmtpOrLiveId.SessionSettings != null) ? tenantRecipientSessionFromSmtpOrLiveId.SessionSettings.ConfigReadScope : null); } ITenantRecipientSession tenantRecipientSessionByMSAUserNetID = DirectoryHelper.GetTenantRecipientSessionByMSAUserNetID(base.RequestContext.LatencyTracker, this.Puid, PuidAnchorMailbox.AllowMissingDirectoryObject.Value, PuidAnchorMailbox.AllowMissingDirectoryObject.Value) as ITenantRecipientSession; if (tenantRecipientSessionByMSAUserNetID != null) { adrawEntry = DirectoryHelper.InvokeAccountForest(base.RequestContext.LatencyTracker, () => tenantRecipientSessionByMSAUserNetID.FindUniqueEntryByNetID(this.Puid, null, this.PropertySet)); base.CheckForNullAndThrowIfApplicable <ADRawEntry>(adrawEntry); } else { this.isMissingDirectoryUserObject = true; base.RequestContext.HttpContext.Items[Constants.MissingDirectoryUserObjectKey] = PuidAnchorMailbox.BooleanTrue; } } if (adrawEntry != null && base.RequestContext.HttpContext.User.Identity.Name.Equals(this.LiveIdMemberName, StringComparison.OrdinalIgnoreCase)) { base.RequestContext.HttpContext.Items[Constants.CallerADRawEntryKeyName] = adrawEntry; } return(adrawEntry); }
// Token: 0x0600027D RID: 637 RVA: 0x00010D88 File Offset: 0x0000EF88 private static bool CheckClaimSets(OperationContext operationContext, ReadOnlyCollection <ClaimSet> claimSets) { HttpContext.Current.Items["AuthType"] = "LiveIdToken"; claimSets.TraceClaimSets(); bool flag = false; bool flag2 = false; bool flag3 = false; string text = null; string text2 = null; foreach (ClaimSet claimSet in claimSets) { foreach (Claim claim in claimSet) { if (AutodiscoverAuthorizationManager.DoesClaimMatch(claim, "http://schemas.xmlsoap.org/claims/PUID", Rights.PossessProperty)) { flag = AutodiscoverAuthorizationManager.DoesClaimHaveProperResource <string>(claim, out text); } else if (AutodiscoverAuthorizationManager.DoesClaimMatch(claim, "http://schemas.xmlsoap.org/claims/ConsumerPUID", Rights.PossessProperty)) { flag2 = AutodiscoverAuthorizationManager.DoesClaimHaveProperResource <string>(claim, out text2); } else if (AutodiscoverAuthorizationManager.DoesClaimMatch(claim, ClaimTypes.Authentication, Rights.PossessProperty)) { flag3 = true; } if (flag && flag2 && flag3) { break; } } if (flag && flag2 && flag3) { break; } } if (!flag3 || (text == null && text2 == null)) { string reason = string.Format("Did not find all necessary claims. PUID: {0}; ConsumerPUID: {1}; Auth/Possess: {2}", flag, flag2, flag3); return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, reason)); } string userId = (text2 == null) ? text : text2; RequestDetailsLoggerBase <RequestDetailsLogger> .Current.AppendGenericInfo("UserPUID", userId); SmtpAddress smtpAddress; if (!AutodiscoverAuthorizationManager.TryGetEmailAddressInClaimSets(claimSets, out smtpAddress)) { string reason2 = string.Format("Did not find EmailAddress claim for PUID: {0}; ", userId); return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, reason2)); } PropertyDefinition[] propertyDefinitionArrayUPN = new PropertyDefinition[] { ADUserSchema.UserPrincipalName, ADMailboxRecipientSchema.SamAccountName, ADObjectSchema.OrganizationId }; ADRawEntry adRawEntry = null; try { bool isRootOrgLookup = false; RequestDetailsLoggerBase <RequestDetailsLogger> .Current.TrackLatency(ServiceLatencyMetadata.CallerADLatency, delegate() { DateTime utcNow = DateTime.UtcNow; ADSessionSettings adsessionSettings = Common.SessionSettingsFromAddress(smtpAddress.ToString()); RequestDetailsLoggerBase <RequestDetailsLogger> .Current.AppendGenericInfo("CheckClaimSets_SmtpAddress", smtpAddress.ToString()); RequestDetailsLoggerBase <RequestDetailsLogger> .Current.AppendGenericInfo("AD_ChkClaim_SessionSettingsFromAddress", (DateTime.UtcNow - utcNow).TotalMilliseconds); utcNow = DateTime.UtcNow; isRootOrgLookup = OrganizationId.ForestWideOrgId.Equals(adsessionSettings.CurrentOrganizationId); if (!isRootOrgLookup) { ITenantRecipientSession tenantRecipientSession = DirectorySessionFactory.Default.CreateTenantRecipientSession(true, ConsistencyMode.IgnoreInvalid, adsessionSettings, 596, "CheckClaimSets", "f:\\15.00.1497\\sources\\dev\\autodisc\\src\\WCF\\AutodiscoverAuthorizationManager.cs"); RequestDetailsLoggerBase <RequestDetailsLogger> .Current.AppendGenericInfo("AD_TenantRecipientSession", (DateTime.UtcNow - utcNow).TotalMilliseconds); utcNow = DateTime.UtcNow; adRawEntry = tenantRecipientSession.FindUniqueEntryByNetID(userId, propertyDefinitionArrayUPN); RequestDetailsLoggerBase <RequestDetailsLogger> .Current.AppendGenericInfo("AD_FindUniqueEntryByNetID", (DateTime.UtcNow - utcNow).TotalMilliseconds); } }); if (isRootOrgLookup) { return(AutodiscoverAuthorizationManager.Return403UnauthorizedResponse(operationContext, "NetID lookup for root org user is not allowed")); } } catch (NonUniqueRecipientException arg) { ExTraceGlobals.AuthenticationTracer.TraceDebug <NonUniqueRecipientException>(0L, "FindUniqueEntryByNetId threw exception: {0}", arg); return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, "Found more than 1 user by NetID in AD")); } if (adRawEntry == null) { RequestDetailsLoggerBase <RequestDetailsLogger> .Current.AppendGenericError("Redirect as we are unable to find user:.", userId); return(AutodiscoverAuthorizationManager.RedirectCaller(operationContext, smtpAddress.ToString())); } string arg2 = (string)adRawEntry[ADMailboxRecipientSchema.SamAccountName]; string text3 = string.Format("{0}@{1}", arg2, adRawEntry.Id.GetPartitionId().ForestFQDN); string text4 = (string)adRawEntry[ADUserSchema.UserPrincipalName]; OrganizationId organizationId = (OrganizationId)adRawEntry[ADObjectSchema.OrganizationId]; HttpContext.Current.Items["UserOrganizationId"] = organizationId; OrganizationProperties organizationProperties; if (!OrganizationPropertyCache.TryGetOrganizationProperties(organizationId, out organizationProperties)) { ExTraceGlobals.AuthenticationTracer.TraceError <OrganizationId, string>(0L, "[AutodiscoverAuthorizationManager::CheckClaimSets] Logon failed: could not locate org info for organization {0} even though user from this org was found {1}", organizationId, text4); return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, "Could not find organization info via OrganizationPropertyCache")); } if (!organizationProperties.SkipToUAndParentalControlCheck && !AutodiscoverAuthorizationManager.CheckClaimSetsForTOUClaims(operationContext, claimSets, true) && !AutodiscoverAuthorizationManager.CheckClaimSetsForTOUClaims(operationContext, claimSets, false)) { return(false); } WindowsIdentity windowsIdentity = null; try { windowsIdentity = new WindowsIdentity(text3); } catch (UnauthorizedAccessException ex) { RequestDetailsLoggerBase <RequestDetailsLogger> .Current.AppendAuthError("WindowsIdentity_UnauthorizedAccessException", ex.ToString()); ExTraceGlobals.AuthenticationTracer.TraceError <string, string, object>(0L, "[AutodiscoverAuthorizationManager::CheckClaimSets] UnauthorizedAccessException encountered. UPN: {0}, Exception message: {1}, Identity: {2}", text3, ex.Message, (windowsIdentity == null) ? "<NULL>" : windowsIdentity.User); return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, "Creating WindowsIdentity from UPN failed with a UnauthorizedAccessException")); } catch (SecurityException ex2) { RequestDetailsLoggerBase <RequestDetailsLogger> .Current.AppendAuthError("WindowsIdentity_SecurityException", ex2.ToString()); ExTraceGlobals.AuthenticationTracer.TraceError <string, string, object>(0L, "[AutodiscoverAuthorizationManager::CheckClaimSets] SecurityException encountered. UPN: {0}, Exception message: {1}, Identity: {2}", text3, ex2.Message, (windowsIdentity == null) ? "<NULL>" : windowsIdentity.User); return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, "Creating WindowsIdentity from UPN failed with a SecurityException")); } string org = null; if (organizationId != null && organizationId.OrganizationalUnit != null) { org = organizationId.OrganizationalUnit.Name; } AutodiscoverAuthorizationManager.PushUserAndOrgInfoToContext(text4, org); HttpContext.Current.User = new WindowsPrincipal(windowsIdentity); return(true); }
// Token: 0x06000FB5 RID: 4021 RVA: 0x00040414 File Offset: 0x0003E614 public IEnumerable <ConnectionSettings> GetConnectionSettingsMatchingEmail(SmtpAddress email) { Office365ConnectionSettings connectionSettings = null; this.log.ExecuteMonitoredOperation(ConnectionSettingsDiscoveryMetadata.GetOffice365ConnectionSettings, delegate { try { ADSessionSettings sessionSettings = ADSessionSettings.FromTenantAcceptedDomain(email.Domain); ITenantRecipientSession recipientSession = DirectorySessionFactory.Default.CreateTenantRecipientSession(true, ConsistencyMode.IgnoreInvalid, sessionSettings, 78, "GetConnectionSettingsMatchingEmail", "f:\\15.00.1497\\sources\\dev\\data\\src\\ApplicationLogic\\ConnectionSettingsDiscovery\\ConnectionSettingsProviders\\O365ConnectionSettingsProvider.cs"); MiniRecipient adUser = null; Action action = delegate() { adUser = recipientSession.FindByProxyAddress <MiniRecipient>(new SmtpProxyAddress(email.ToString(), true)); }; bool flag = false; int i = 0; while (i < 1) { i++; try { action(); flag = true; break; } catch (DataSourceTransientException ex) { this.log.Trace("Caught an exception from directory while trying to find an AD user object for email address {0}. Exception: {1}", new object[] { email, ex }); } catch (DataSourceOperationException ex2) { this.log.Trace("Caught an exception from directory while trying to find an AD user object for email address {0}. Exception: {1}", new object[] { email, ex2 }); } } if (!flag) { i++; action(); } if (adUser != null) { connectionSettings = new Office365ConnectionSettings(adUser); } else { this.log.Trace("Found Office365 connection settings for email address {0} when AD user object does not exist", new object[] { email }); connectionSettings = new Office365ConnectionSettings(); } } catch (CannotResolveTenantNameException exception) { this.log.LogException(exception, "Failed to find Office365 connection settings for email address {0}. No tenant exists with domain name: ", new object[] { email, email.Domain }); } }); if (connectionSettings != null) { this.log.LogOperationResult(ConnectionSettingsDiscoveryMetadata.Office365ConnectionSettingsFound, email.Domain, true); yield return(new ConnectionSettings(this, connectionSettings, null)); } this.log.LogOperationResult(ConnectionSettingsDiscoveryMetadata.Office365ConnectionSettingsFound, email.Domain, false); yield break; }
internal OwaFblHandler(ITenantRecipientSession tenantRecipientSession) { this.tenantRecipientSession = tenantRecipientSession; this.FblEnabled = VariantConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).OwaClient.EnableFBL.Enabled; }
// Token: 0x0600049E RID: 1182 RVA: 0x000108B0 File Offset: 0x0000EAB0 protected override void InternalBeginProcessing() { base.InternalBeginProcessing(); if (!string.IsNullOrEmpty(this.ExternalDirectoryObjectId)) { ITenantRecipientSession tenantRecipientSession = base.TenantGlobalCatalogSession as ITenantRecipientSession; if (tenantRecipientSession != null) { bool useGlobalCatalog = tenantRecipientSession.UseGlobalCatalog; tenantRecipientSession.UseGlobalCatalog = false; Result <ADRawEntry>[] array = null; try { array = tenantRecipientSession.FindByExternalDirectoryObjectIds(new string[] { this.ExternalDirectoryObjectId }, true, new ADPropertyDefinition[] { DeletedObjectSchema.LastKnownParent }); } finally { tenantRecipientSession.UseGlobalCatalog = useGlobalCatalog; } if (array != null) { for (int i = 0; i < array.Length; i++) { if (array[i].Error != ProviderError.NotFound || array[i].Data != null) { ADObjectId adobjectId = null; if (array[i].Error == null) { adobjectId = (ADObjectId)array[i].Data[DeletedObjectSchema.LastKnownParent]; } if (array[i].Error != null || adobjectId == null || (adobjectId.DomainId != null && !adobjectId.IsDescendantOf(ADSession.GetDeletedObjectsContainer(adobjectId.DomainId)))) { base.ThrowTerminatingError(new DuplicateExternalDirectoryObjectIdException(this.Name, this.ExternalDirectoryObjectId), ExchangeErrorCategory.Client, null); } } } } } } bool useConfigNC = this.ConfigurationSession.UseConfigNC; bool useGlobalCatalog2 = this.ConfigurationSession.UseGlobalCatalog; this.ConfigurationSession.UseConfigNC = false; this.ConfigurationSession.UseGlobalCatalog = true; IConfigurationSession cfgSession = this.ConfigurationSession; if (!cfgSession.IsReadConnectionAvailable()) { cfgSession = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(ConsistencyMode.PartiallyConsistent, this.ConfigurationSession.SessionSettings, 623, "InternalBeginProcessing", "f:\\15.00.1497\\sources\\dev\\Configuration\\src\\ObjectModel\\BaseTasks\\NewAdObjectTask.cs"); cfgSession.UseGlobalCatalog = true; cfgSession.UseConfigNC = false; } try { ExchangeOrganizationalUnit exchangeOrganizationalUnit = null; if (this.OrganizationalUnit != null) { exchangeOrganizationalUnit = base.ProvisioningCache.TryAddAndGetGlobalDictionaryValue <ExchangeOrganizationalUnit, string>(CannedProvisioningCacheKeys.OrganizationalUnitDictionary, this.OrganizationalUnit.RawIdentity, () => (ExchangeOrganizationalUnit)this.GetDataObject <ExchangeOrganizationalUnit>(this.OrganizationalUnit, cfgSession, (this.CurrentOrganizationId != null) ? this.CurrentOrganizationId.OrganizationalUnit : null, null, new LocalizedString?(Strings.ErrorOrganizationalUnitNotFound(this.OrganizationalUnit.ToString())), new LocalizedString?(Strings.ErrorOrganizationalUnitNotUnique(this.OrganizationalUnit.ToString())))); } if (exchangeOrganizationalUnit != null) { this.containerId = exchangeOrganizationalUnit.Id; } else if (base.CurrentOrganizationId != null && base.CurrentOrganizationId.OrganizationalUnit != null) { this.containerId = base.CurrentOrganizationId.OrganizationalUnit; } else { string defaultOUForRecipient = RecipientTaskHelper.GetDefaultOUForRecipient(base.ServerSettings.RecipientViewRoot); if (string.IsNullOrEmpty(defaultOUForRecipient)) { base.ThrowTerminatingError(new TaskArgumentException(Strings.ErrorCannotDiscoverDefaultOrganizationUnitForRecipient), ExchangeErrorCategory.Client, null); } exchangeOrganizationalUnit = (ExchangeOrganizationalUnit)base.GetDataObject <ExchangeOrganizationalUnit>(new OrganizationalUnitIdParameter(defaultOUForRecipient), cfgSession, null, null, new LocalizedString?(Strings.ErrorOrganizationalUnitNotFound(defaultOUForRecipient)), new LocalizedString?(Strings.ErrorOrganizationalUnitNotUnique(defaultOUForRecipient)), ExchangeErrorCategory.Client); this.containerId = exchangeOrganizationalUnit.Id; } if (exchangeOrganizationalUnit != null) { RecipientTaskHelper.IsOrgnizationalUnitInOrganization(cfgSession, base.CurrentOrganizationId, exchangeOrganizationalUnit, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError)); } } finally { this.ConfigurationSession.UseConfigNC = useConfigNC; this.ConfigurationSession.UseGlobalCatalog = useGlobalCatalog2; } }
private static ADRawEntry FindByLiveIdMemberName(SmtpAddress liveIdMemberName, ITenantRecipientSession recipientSession, IRoutingDiagnostics diagnostics) { DateTime utcNow = DateTime.UtcNow; ADRawEntry result; try { result = recipientSession.FindByLiveIdMemberName(liveIdMemberName.ToString(), ActiveDirectoryUserProvider.AdRawEntryProperties); } finally { diagnostics.AddAccountForestLatency(DateTime.UtcNow - utcNow); } return(result); }
internal void SetConfiguration(ITopologyConfigurationSession rootOrgConfigurationSession, ITenantConfigurationSession tenantSystemConfigurationSession, ITenantRecipientSession adRecipientSession) { ExTraceGlobals.BackSyncTracer.TraceDebug((long)SyncConfiguration.TraceId, "SyncConfiguration SetConfiguration ..."); this.RootOrgConfigurationSession = rootOrgConfigurationSession; this.TenantConfigurationSession = tenantSystemConfigurationSession; this.RecipientSession = adRecipientSession; ExTraceGlobals.BackSyncTracer.TraceDebug <string>((long)SyncConfiguration.TraceId, "this.RootOrgConfigurationSession.DomainController {0}", this.RootOrgConfigurationSession.DomainController); ExTraceGlobals.BackSyncTracer.TraceDebug <string>((long)SyncConfiguration.TraceId, "this.TenantConfigurationSession.DomainController {0}", this.TenantConfigurationSession.DomainController); ExTraceGlobals.BackSyncTracer.TraceDebug <string>((long)SyncConfiguration.TraceId, "this.RecipientSession.DomainController {0}", this.RecipientSession.DomainController); }
protected override void InternalProcessRecord() { TaskLogger.LogEnter(); if (this.isRelocationComplete) { ITenantConfigurationSession tenantConfigurationSession = this.CreateAllTenantsScopedConfigSession(this.DataObject.OrganizationId); ITenantRecipientSession recipientSession = this.CreateRecipientSession(this.DataObject.OrganizationId.OrganizationalUnit); Container container = tenantConfigurationSession.Read <Container>(this.DataObject.OrganizationId.ConfigurationUnit.Parent); ADOrganizationalUnit adorganizationalUnit = null; bool useConfigNC = tenantConfigurationSession.UseConfigNC; try { tenantConfigurationSession.UseConfigNC = false; adorganizationalUnit = tenantConfigurationSession.Read <ADOrganizationalUnit>(this.DataObject.OrganizationId.OrganizationalUnit); } finally { tenantConfigurationSession.UseConfigNC = useConfigNC; } if (adorganizationalUnit != null) { this.CleanupRecipients(this.DataObject.OrganizationId.OrganizationalUnit, recipientSession); tenantConfigurationSession.DeleteTree(adorganizationalUnit, null); } if (container != null) { this.RemoveExternalDirOrgIdFromCU(tenantConfigurationSession, this.DataObject.OrganizationId.ConfigurationUnit); tenantConfigurationSession.DeleteTree(container, null); } if (!this.DeprovisionedTarget) { ITenantConfigurationSession tenantConfigurationSession2 = this.CreateAllTenantsScopedConfigSession(this.DataObject.TargetOrganizationId); ExchangeConfigurationUnit exchangeConfigurationUnit = tenantConfigurationSession2.Read <ExchangeConfigurationUnit>(this.DataObject.TargetOrganizationId.ConfigurationUnit); exchangeConfigurationUnit.RelocationSourceForestRaw = null; exchangeConfigurationUnit.RelocationStatusDetailsRaw = RelocationStatusDetails.NotStarted; exchangeConfigurationUnit.TenantRelocationCompletionTargetVector = null; tenantConfigurationSession2.Save(exchangeConfigurationUnit); } } else { ITenantConfigurationSession tenantConfigurationSession3 = this.CreateAllTenantsScopedConfigSession(this.DataObject.TargetOrganizationId); if (this.DataObject.TargetOrganizationId != null) { if (!TenantRelocationStateCache.IgnoreRelocationTimeConstraints() && !this.WaitForReplicationConvergenceInTargetForest(this.DataObject.TargetOriginatingServer, new TimeSpan(0, 5, 0))) { base.WriteError(new ReplicationNotCompleteException(this.DataObject.TargetForest, this.DataObject.TargetOriginatingServer), ErrorCategory.InvalidOperation, this.DataObject.Identity); } ITenantRecipientSession recipientSession2 = this.CreateRecipientSession(this.DataObject.TargetOrganizationId.OrganizationalUnit); Container container2 = tenantConfigurationSession3.Read <Container>(this.DataObject.TargetOrganizationId.ConfigurationUnit.Parent); ADOrganizationalUnit adorganizationalUnit2 = null; if (this.DataObject.TargetOrganizationId.OrganizationalUnit != null) { bool useConfigNC2 = tenantConfigurationSession3.UseConfigNC; try { tenantConfigurationSession3.UseConfigNC = false; adorganizationalUnit2 = tenantConfigurationSession3.Read <ADOrganizationalUnit>(this.DataObject.TargetOrganizationId.OrganizationalUnit); } finally { tenantConfigurationSession3.UseConfigNC = useConfigNC2; } } if (adorganizationalUnit2 != null) { this.CleanupRecipients(this.DataObject.TargetOrganizationId.OrganizationalUnit, recipientSession2); tenantConfigurationSession3.DeleteTree(adorganizationalUnit2, null); } if (container2 != null) { this.RemoveExternalDirOrgIdFromCU(tenantConfigurationSession3, this.DataObject.TargetOrganizationId.ConfigurationUnit); tenantConfigurationSession3.DeleteTree(container2, null); } } this.DataObject.RelocationSyncStartTime = null; this.DataObject.LockdownStartTime = null; this.DataObject.RetiredStartTime = null; this.DataObject.TransitionCounter = null; this.DataObject.TargetForest = null; this.DataObject.SafeLockdownSchedule = null; this.DataObject[TenantRelocationRequestSchema.RelocationStatusDetailsRaw] = null; this.DataObject[TenantRelocationRequestSchema.RelocationSourceForestRaw] = null; this.DataObject[TenantRelocationRequestSchema.TenantRelocationFlags] = 0; base.InternalProcessRecord(); } TaskLogger.LogExit(); }