public void HandleGroupDeletedEvent(ExSearchResultEntry entry) { if (EhfAdminAccountSynchronizer.IsEventForDeletedOrganization(entry, base.DiagSession)) { throw new InvalidOperationException("Change entry " + entry.DistinguishedName + " is for a deleted organization. The entry should have been ignored from PreDecorate."); } EhfAdminSyncChangeBuilder adminBuilderForChange = this.GetAdminBuilderForChange(entry); base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Encountered a DELETE rolegroup event. ObjectGuid: <{0}>; Company: <{1}>", new object[] { entry.GetObjectGuid(), adminBuilderForChange.TenantOU }); if (adminBuilderForChange != null) { adminBuilderForChange.HandleGroupDeletedEvent(entry); } if (!EhfWellKnownGroup.IsWellKnownPartnerGroupDN(entry.DistinguishedName)) { return; } Guid externalDirectoryObjectId; if (EhfCompanyAdmins.TryGetExternalDirectoryObjectId(entry, base.DiagSession, out externalDirectoryObjectId)) { this.AddGroupToDeleteGroupsBatch(externalDirectoryObjectId); return; } base.DiagSession.LogAndTraceError("Could not find the ExternalDirectoryObjectId for well known partner group {0}", new object[] { entry.DistinguishedName }); }
private EhfAdminSyncChangeBuilder GetAdminBuilderForChange(ExSearchResultEntry entry) { string text; if (!EhfAdminAccountSynchronizer.TryGetOrganizationUnit(entry, base.DiagSession, out text)) { return(null); } EhfAdminSyncChangeBuilder ehfAdminSyncChangeBuilder; if (!this.adminAccountChange.TryGetValue(text, out ehfAdminSyncChangeBuilder)) { DirectoryAttribute attribute = entry.GetAttribute("msExchCU"); if (attribute == null) { base.DiagSession.LogAndTraceError("Could not find ConfigUnitDN for {0}. Every object is expected to contain this attribute.", new object[] { entry.DistinguishedName }); return(null); } string tenantConfigUnitDN = (string)attribute[0]; ehfAdminSyncChangeBuilder = new EhfAdminSyncChangeBuilder(text, tenantConfigUnitDN, base.EhfConnection); this.adminAccountChange.Add(text, ehfAdminSyncChangeBuilder); } return(ehfAdminSyncChangeBuilder); }
private bool AdminGroupMemberDeleted(EhfAdminSyncChangeBuilder builder, HashSet <Guid> previousSyncState, string groupName) { if (previousSyncState == null) { return(false); } if (previousSyncState.Count == 1 && previousSyncState.Contains(EhfCompanyAdmins.SyncStateFullGuid)) { this.ehfTargetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Low, "Admin State in PerimeterConfig is full for group <{0}> in company <{1}>. Treating the deleted object as an admin.", new object[] { groupName, builder.TenantOU }); return(true); } foreach (Guid guid in builder.DeletedObjects) { if (previousSyncState.Contains(guid)) { this.ehfTargetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Low, "Deleted object with Guid <{0}> is a member of admin group <{1}> in company <{2}>.", new object[] { guid, groupName, builder.TenantOU }); return(true); } } this.ehfTargetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "None of the Deleted objects is a member of admin group <{0}> in company <{1}>.", new object[] { groupName, builder.TenantOU }); return(false); }
public static EhfCompanyAdmins CreateEhfCompanyAdmins(EhfAdminSyncChangeBuilder ehfAdminSyncChangeBuilder, EhfTargetConnection ehfTargetConnection, EhfADAdapter configADAdapter) { ExSearchResultEntry exSearchResultEntry = configADAdapter.ReadObjectEntry(ehfAdminSyncChangeBuilder.ConfigUnitDN, false, EhfCompanyAdmins.OtherWellKnownObjectsAttribute); if (exSearchResultEntry == null) { ehfTargetConnection.DiagSession.LogAndTraceError("Could not find Configuration Unit for company {0}. The config naming context is either not replicated or the organization is deleted", new object[] { ehfAdminSyncChangeBuilder.TenantOU }); return(null); } string text = null; string text2 = null; DirectoryAttribute attribute = exSearchResultEntry.GetAttribute("otherWellKnownObjects"); if (attribute == null) { ehfTargetConnection.DiagSession.LogAndTraceError("Could not find OtherWellKnownObjects attribute in Configuration Unit object for company {0}.", new object[] { ehfAdminSyncChangeBuilder.TenantOU }); return(null); } foreach (object obj in attribute.GetValues(typeof(string))) { DNWithBinary dnwithBinary; if (DNWithBinary.TryParse(obj as string, out dnwithBinary)) { try { Guid b = new Guid(dnwithBinary.Binary); if (WellKnownGuid.EoaWkGuid == b) { text = dnwithBinary.DistinguishedName; } if (WellKnownGuid.EraWkGuid == b) { text2 = dnwithBinary.DistinguishedName; } if (text != null && text2 != null) { break; } } catch (ArgumentException exception) { ehfTargetConnection.DiagSession.LogAndTraceException(exception, "OtherWellKnownObjects attribute for company {0} contains an entry with invalid Binary part.", new object[] { ehfAdminSyncChangeBuilder.TenantOU }); } } } return(new EhfCompanyAdmins(ehfAdminSyncChangeBuilder, ehfTargetConnection, text, text2, configADAdapter)); }
public void HandleOrganizationAddedEvent(ExSearchResultEntry entry) { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Organization created: <{0}>", new object[] { entry.DistinguishedName }); EhfAdminSyncChangeBuilder adminBuilderForChange = this.GetAdminBuilderForChange(entry); if (adminBuilderForChange != null) { this.ThrowIfAdminSyncNotEnabled(adminBuilderForChange.TenantOU, entry); adminBuilderForChange.HandleOrganizationAddedEvent(entry); } }
public void HandleGroupChangedEvent(ExSearchResultEntry entry) { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "GroupChanged: {0}", new object[] { entry.DistinguishedName }); EhfAdminSyncChangeBuilder adminBuilderForChange = this.GetAdminBuilderForChange(entry); if (adminBuilderForChange != null) { this.ThrowIfAdminSyncNotEnabled(adminBuilderForChange.TenantOU, entry); adminBuilderForChange.AddGroupMembershipChange(entry); } }
public void HandleWlidDeletedEvent(ExSearchResultEntry entry) { if (!EhfAdminAccountSynchronizer.IsEventForDeletedOrganization(entry, base.DiagSession)) { EhfAdminSyncChangeBuilder adminBuilderForChange = this.GetAdminBuilderForChange(entry); base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Encountered a DELETE mailbox event. ObjectGuid: <{0}>; Company: <{1}>", new object[] { entry.GetObjectGuid(), adminBuilderForChange.TenantOU }); if (adminBuilderForChange != null) { adminBuilderForChange.HandleWlidDeletedEvent(entry); return; } } else { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Ignoring the WLID delete event '{0}' for a deleted organization", new object[] { entry.DistinguishedName }); } }
public override bool FlushBatches() { if (this.adminAccountChange.Count == 0 && this.groupsToRemove.Count == 0) { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "{0}: No admin changes to Sync to FOSE", new object[] { EhfAdminAccountSynchronizer.cycleCount }); return(true); } this.InvokeRemoveGroups(); if (this.adminAccountChange.Count != 0) { Exception ex; EhfADAdapter configADAdapter = base.ADAdapter.GetConfigADAdapter(base.DiagSession, out ex); if (configADAdapter == null) { base.DiagSession.LogAndTraceError("Could not create a LDAP connection to the Configuration naming context. Details {0}", new object[] { ex }); base.DiagSession.EventLog.LogEvent(EdgeSyncEventLogConstants.Tuple_EhfAdminSyncFailedToConnectToConfigNamingContext, null, new object[] { ex.Message }); base.EhfConnection.AbortSyncCycle(ex); return(false); } base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "{0} : Changes to <{1}> tenant(s) detected. Checking if sync is required.", new object[] { EhfAdminAccountSynchronizer.cycleCount.ToString(), this.adminAccountChange.Count.ToString() }); foreach (KeyValuePair <string, EhfAdminSyncChangeBuilder> keyValuePair in this.adminAccountChange) { this.AbortSyncCycleIfTooManyFailures(); EhfAdminSyncChangeBuilder value = keyValuePair.Value; if (value.ChangeExists) { EhfCompanyAdmins ehfCompanyAdmins = value.Flush(configADAdapter); if (ehfCompanyAdmins == null) { this.errorTracker.AddCriticalFailure(); } else if (ehfCompanyAdmins.IsSyncRequired) { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "AdminSync: {0}", new object[] { ehfCompanyAdmins }); if (ehfCompanyAdmins.CompanyId != 0) { this.InvokeSyncAdminAccountsAndSyncGroupUsers(ehfCompanyAdmins, configADAdapter); } else { base.DiagSession.LogAndTraceError("Not syncing {0} since companyId is not set", new object[] { ehfCompanyAdmins.TenantOU }); if (!ehfCompanyAdmins.PerimeterConfigNotReplicatedOrIsDeleted) { this.errorTracker.AddTransientFailure(ehfCompanyAdmins.EhfCompanyIdentity, new EhfAdminAccountSynchronizer.EhfAdminSyncTransientException("PerimeterConfig object does not have Ehf CompanyId set."), string.Empty); } else { this.errorTracker.AddCriticalFailure(); } } } else { base.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "No adminsync is required for: {0}", new object[] { keyValuePair.Key }); } value.ClearCachedChanges(); } } this.adminAccountChange.Clear(); } return(true); }
private EhfCompanyAdmins(EhfAdminSyncChangeBuilder builder, EhfTargetConnection targetConnection, string orgManagementGroupDN, string viewOnlyOrgManagementGroupDN, EhfADAdapter configADAdapter) { EhfWellKnownGroup ehfWellKnownGroup = null; EhfWellKnownGroup ehfWellKnownGroup2 = null; EhfWellKnownGroup ehfWellKnownGroup3 = null; EhfWellKnownGroup ehfWellKnownGroup4 = null; this.tenantOU = builder.TenantOU; this.ehfTargetConnection = targetConnection; if (builder.DeletedObjects.Count != 0) { this.CacheAdminSyncState(configADAdapter); } bool flag = builder.UpdateOrgManagementGroup || builder.HasDirectChangeForGroup(orgManagementGroupDN) || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.OrganizationManagmentMembers, orgManagementGroupDN)); bool flag2 = builder.UpdateViewOnlyOrgManagementGroup || builder.HasDirectChangeForGroup(viewOnlyOrgManagementGroupDN) || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.ViewOnlyOrganizationManagmentMembers, viewOnlyOrgManagementGroupDN)); bool flag3 = builder.UpdateAdminAgentGroup || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.AdminAgentMembers, EhfCompanyAdmins.AdminAgentGroupNamePrefix)); bool flag4 = builder.UpdateHelpdeskAgentGroup || (this.ehfAdminSyncState != null && this.AdminGroupMemberDeleted(builder, this.ehfAdminSyncState.HelpdeskAgentMembers, EhfCompanyAdmins.HelpdeskAgentGroupNamePrefix)); if ((flag || builder.GroupChanges.Count != 0 || builder.LiveIdChanges.Count != 0) && orgManagementGroupDN != null) { ehfWellKnownGroup = this.GetMembersOfGroupFromDN(orgManagementGroupDN, false, targetConnection.DiagSession); } if ((flag2 || builder.GroupChanges.Count != 0 || builder.LiveIdChanges.Count != 0) && viewOnlyOrgManagementGroupDN != null) { ehfWellKnownGroup2 = this.GetMembersOfGroupFromDN(viewOnlyOrgManagementGroupDN, false, targetConnection.DiagSession); } if (builder.GroupChanges.Count != 0 || builder.LiveIdChanges.Count != 0 || flag3 || flag4) { string text = null; string text2 = null; foreach (ExSearchResultEntry exSearchResultEntry in this.ehfTargetConnection.ADAdapter.PagedScan(this.tenantOU, EhfCompanyAdmins.PartnerAdminGroupFilter, new string[0])) { targetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "Found a Partner Admin group {0}", new object[] { exSearchResultEntry.DistinguishedName }); if (exSearchResultEntry.DistinguishedName.StartsWith(EhfWellKnownGroup.AdminAgentGroupDnPrefix)) { text = exSearchResultEntry.DistinguishedName; } else if (exSearchResultEntry.DistinguishedName.StartsWith(EhfWellKnownGroup.HelpdeskAgentGroupDnPrefix)) { text2 = exSearchResultEntry.DistinguishedName; } } targetConnection.DiagSession.LogAndTraceInfo(EdgeSyncLoggingLevel.Medium, "AdminAgentPartnerGroup={0}; HelpDeskAgentPartnerGroup = {1}", new object[] { text ?? "<null>", text2 ?? "<null>" }); if (flag3 && text != null) { ehfWellKnownGroup3 = this.GetMembersOfGroupFromDN(text, true, targetConnection.DiagSession); } if (flag4 && text2 != null) { ehfWellKnownGroup4 = this.GetMembersOfGroupFromDN(text2, true, targetConnection.DiagSession); } } EdgeSyncDiag diagSession = builder.EhfTargetConnection.DiagSession; if (!flag && ehfWellKnownGroup != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup.GroupMembers, diagSession))) { flag = true; } if (!flag2 && ehfWellKnownGroup2 != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup2.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup2.GroupMembers, diagSession))) { flag2 = true; } if (!flag3 && ehfWellKnownGroup3 != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup3.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup3.GroupMembers, diagSession))) { flag3 = true; } if (!flag4 && ehfWellKnownGroup4 != null && (EhfCompanyAdmins.RelevantChangePresent <AdminSyncUser>(builder.GroupChanges, ehfWellKnownGroup4.SubGroups, diagSession) || EhfCompanyAdmins.RelevantChangePresent <MailboxAdminSyncUser>(builder.LiveIdChanges, ehfWellKnownGroup4.GroupMembers, diagSession))) { flag4 = true; } if (flag) { this.organizationManagement = ehfWellKnownGroup; } if (flag2) { this.viewOnlyOrganizationManagement = ehfWellKnownGroup2; } if (flag3) { this.adminAgent = ehfWellKnownGroup3; } if (flag4) { this.helpdeskAgent = ehfWellKnownGroup4; } if (this.IsSyncRequired) { this.CacheAdminSyncState(configADAdapter); } }