예제 #1
0
 protected override void InternalProcessRecord()
 {
     TaskLogger.LogEnter();
     base.InternalProcessRecord();
     ExtendedProtection.CommitToMetabase(this.DataObject, this);
     TaskLogger.LogExit();
 }
예제 #2
0
 public static void LoadFromMetabase(string metabasePath, ObjectId identity, Task task, out ExtendedProtectionTokenCheckingMode extendedProtectionTokenChecking, out MultiValuedProperty <ExtendedProtectionFlag> extendedProtectionFlags, out MultiValuedProperty <string> extendedProtectionSPNList)
 {
     extendedProtectionTokenChecking = ExtendedProtectionTokenCheckingMode.None;
     extendedProtectionFlags         = new MultiValuedProperty <ExtendedProtectionFlag>();
     extendedProtectionSPNList       = new MultiValuedProperty <string>();
     using (DirectoryEntry directoryEntry = IisUtility.CreateIISDirectoryEntry(metabasePath, (task != null) ? new Task.TaskErrorLoggingReThrowDelegate(task.WriteError) : null, identity, false))
     {
         if (directoryEntry != null)
         {
             string text;
             string str;
             string str2;
             if (ExtendedProtection.GetServerWebSiteAndPath(metabasePath, out text, out str, out str2))
             {
                 using (ServerManager serverManager = ServerManager.OpenRemote(text))
                 {
                     Configuration applicationHostConfiguration = serverManager.GetApplicationHostConfiguration();
                     if (applicationHostConfiguration != null)
                     {
                         ConfigurationSection section = applicationHostConfiguration.GetSection("system.webServer/security/authentication/windowsAuthentication", "/" + str + str2);
                         if (section != null)
                         {
                             ConfigurationElement configurationElement = section.ChildElements["extendedProtection"];
                             if (configurationElement != null)
                             {
                                 object attributeValue = configurationElement.GetAttributeValue("tokenChecking");
                                 if (attributeValue != null && attributeValue is int)
                                 {
                                     extendedProtectionTokenChecking = (ExtendedProtectionTokenCheckingMode)attributeValue;
                                 }
                                 object attributeValue2 = configurationElement.GetAttributeValue("flags");
                                 if (attributeValue2 != null && attributeValue2 is int)
                                 {
                                     extendedProtectionFlags.Add((ExtendedProtectionFlag)attributeValue2);
                                 }
                                 ConfigurationElementCollection collection = configurationElement.GetCollection();
                                 if (collection != null)
                                 {
                                     foreach (ConfigurationElement configurationElement2 in collection)
                                     {
                                         if (configurationElement2.Schema.Name == "spn")
                                         {
                                             string item = configurationElement2.GetAttributeValue("name").ToString();
                                             extendedProtectionSPNList.Add(item);
                                         }
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
 }
예제 #3
0
        public static void LoadFromMetabase(ExchangeVirtualDirectory exchangeVirtualDirectory, Task task)
        {
            if (exchangeVirtualDirectory.ExchangeVersion.IsOlderThan(ExchangeObjectVersion.Exchange2010))
            {
                return;
            }
            string metabasePath = exchangeVirtualDirectory.MetabasePath;
            ExtendedProtectionTokenCheckingMode          extendedProtectionTokenCheckingMode;
            MultiValuedProperty <ExtendedProtectionFlag> extendedProtectionFlags;
            MultiValuedProperty <string> extendedProtectionSPNList;

            ExtendedProtection.LoadFromMetabase(metabasePath, exchangeVirtualDirectory.Identity, task, out extendedProtectionTokenCheckingMode, out extendedProtectionFlags, out extendedProtectionSPNList);
            exchangeVirtualDirectory[ExchangeVirtualDirectorySchema.ExtendedProtectionTokenChecking] = extendedProtectionTokenCheckingMode;
            exchangeVirtualDirectory.ExtendedProtectionFlags   = extendedProtectionFlags;
            exchangeVirtualDirectory.ExtendedProtectionSPNList = extendedProtectionSPNList;
        }
 private static void UpdateSubDirectory(ADMobileVirtualDirectory dataObject, string vdirPath, Task task)
 {
     if (IisUtility.Exists(vdirPath))
     {
         using (DirectoryEntry directoryEntry = IisUtility.CreateIISDirectoryEntry(vdirPath))
         {
             IisUtility.SetAuthenticationMethod(directoryEntry, AuthenticationMethodFlags.None, false);
             IisUtility.SetAuthenticationMethod(directoryEntry, AuthenticationMethodFlags.WindowsIntegrated, true);
             IisUtility.SetProperty(directoryEntry, "AccessFlags", MetabasePropertyTypes.AccessFlags.Script, true);
             directoryEntry.CommitChanges();
         }
     }
     if (dataObject.ProxyVirtualDirectoryObject != null)
     {
         MobileSyncVirtualDirectoryHelper.CopyProxyExtendedParameters(dataObject);
         ExtendedProtection.CommitToMetabase(dataObject.ProxyVirtualDirectoryObject, task);
     }
 }
예제 #5
0
        protected override void InternalValidate()
        {
            base.InternalValidate();
            if (base.HasErrors)
            {
                return;
            }
            T      dataObject = this.DataObject;
            string hostName   = IisUtility.GetHostName(dataObject.MetabasePath);

            try
            {
                if (!new IisVersionValidCondition(hostName).Verify())
                {
                    Exception     exception   = new ArgumentException(Strings.ErrorIisVersionIsInvalid(hostName), "Server");
                    ErrorCategory category    = ErrorCategory.InvalidArgument;
                    T             dataObject2 = this.DataObject;
                    base.WriteError(exception, category, dataObject2.Identity);
                    return;
                }
            }
            catch (IOException innerException)
            {
                Exception     exception2  = new ArgumentException(Strings.ErrorCannotDetermineIisVersion(hostName), "Server", innerException);
                ErrorCategory category2   = ErrorCategory.InvalidArgument;
                T             dataObject3 = this.DataObject;
                base.WriteError(exception2, category2, dataObject3.Identity);
            }
            catch (InvalidOperationException innerException2)
            {
                Exception     exception3  = new ArgumentException(Strings.ErrorCannotDetermineIisVersion(hostName), "Server", innerException2);
                ErrorCategory category3   = ErrorCategory.InvalidArgument;
                T             dataObject4 = this.DataObject;
                base.WriteError(exception3, category3, dataObject4.Identity);
            }
            ExtendedProtection.Validate(this, this.DataObject);
            base.VerifyIsWithinScopes((IConfigurationSession)base.DataSession, this.DataObject, true, new DataAccessTask <T> .ADObjectOutOfScopeString(Strings.ErrorCannotSetVirtualDirectoryOutOfWriteScope));
            TaskLogger.LogExit();
        }
예제 #6
0
        public static void CommitToMetabase(ExchangeVirtualDirectory exchangeVirtualDirectory, Task task)
        {
            if (exchangeVirtualDirectory.ExchangeVersion.IsOlderThan(ExchangeObjectVersion.Exchange2010))
            {
                return;
            }
            bool flag  = task.Fields.IsModified("ExtendedProtectionTokenChecking");
            bool flag2 = task.Fields.IsModified("ExtendedProtectionFlags");
            bool flag3 = task.Fields.IsModified("ExtendedProtectionSPNList");

            if (flag || flag2 || flag3)
            {
                string metabasePath = exchangeVirtualDirectory.MetabasePath;
                using (DirectoryEntry directoryEntry = IisUtility.CreateIISDirectoryEntry(metabasePath, new Task.TaskErrorLoggingReThrowDelegate(task.WriteError), exchangeVirtualDirectory.Identity))
                {
                    if (directoryEntry != null)
                    {
                        string text;
                        string text2;
                        string text3;
                        if (ExtendedProtection.GetServerWebSiteAndPath(metabasePath, out text, out text2, out text3))
                        {
                            if (!ExtendedProtection.WebConfigReflectionHelper.IsExtendedProtectionSupported(task))
                            {
                                TaskLogger.Trace("Warning: ExtendedProtectionPolicy has not been added to HttpTransportElement of web.config.  Install the operating system update(s) specified in KB {0} onto server {1} and try again.", new object[]
                                {
                                    "981205",
                                    text
                                });
                                task.WriteWarning(Strings.WarnExtendedProtectionIsNotEnabled(text, "981205"));
                            }
                            else
                            {
                                string text4 = "/" + text2 + text3;
                                using (ServerManager serverManager = ServerManager.OpenRemote(text))
                                {
                                    Configuration applicationHostConfiguration = serverManager.GetApplicationHostConfiguration();
                                    if (applicationHostConfiguration != null)
                                    {
                                        ConfigurationSection section = applicationHostConfiguration.GetSection("system.webServer/security/authentication/windowsAuthentication", text4);
                                        if (section != null)
                                        {
                                            ConfigurationElement configurationElement = section.ChildElements["extendedProtection"];
                                            if (configurationElement != null)
                                            {
                                                if (flag)
                                                {
                                                    int num = (int)exchangeVirtualDirectory[ExchangeVirtualDirectorySchema.ExtendedProtectionTokenChecking];
                                                    configurationElement.SetAttributeValue("tokenChecking", num);
                                                }
                                                if (flag2)
                                                {
                                                    int num2 = (int)exchangeVirtualDirectory[ExchangeVirtualDirectorySchema.ExtendedProtectionFlags];
                                                    configurationElement.SetAttributeValue("flags", num2);
                                                }
                                                if (flag3)
                                                {
                                                    ConfigurationElementCollection collection = configurationElement.GetCollection();
                                                    collection.Clear();
                                                    foreach (string text5 in exchangeVirtualDirectory.ExtendedProtectionSPNList)
                                                    {
                                                        ConfigurationElement configurationElement2 = collection.CreateElement("spn");
                                                        configurationElement2.SetAttributeValue("name", text5);
                                                        collection.Add(configurationElement2);
                                                    }
                                                }
                                                ExtendedProtection.WebConfigReflectionHelper.CommitToWebConfigMWA(exchangeVirtualDirectory, task, text3, text2, text, flag, flag3);
                                                serverManager.CommitChanges();
                                                return;
                                            }
                                            TaskLogger.Trace("Warning: Extended protection has not been enabled.  Install the operating system update specified in KB {0} onto server {1} and try again.", new object[]
                                            {
                                                "973917",
                                                text
                                            });
                                            task.WriteWarning(Strings.WarnExtendedProtectionIsNotEnabled(text, "973917"));
                                            return;
                                        }
                                    }
                                    TaskLogger.Trace("Error:ApplicationHost.config or {0} is not found for virtual directory with metabase path '{1}' and local path '{2}'.", new object[]
                                    {
                                        "system.webServer/security/authentication/windowsAuthentication",
                                        metabasePath,
                                        text4
                                    });
                                    task.WriteError(new ArgumentException(Strings.ErrorAppHostOrWindowsAuthenticationNotFound("system.webServer/security/authentication/windowsAuthentication", metabasePath, text4)), ErrorCategory.ObjectNotFound, exchangeVirtualDirectory.Identity);
                                }
                            }
                        }
                    }
                }
            }
        }
예제 #7
0
 protected virtual void InternalProcessMetabase()
 {
     ExtendedProtection.CommitToMetabase(this.DataObject, this);
 }
예제 #8
0
        protected override void InternalValidate()
        {
            object[] array      = new object[1];
            object[] array2     = array;
            int      num        = 0;
            T        dataObject = this.DataObject;

            array2[num] = dataObject.Identity;
            TaskLogger.LogEnter(array);
            base.InternalValidate();
            if (base.HasErrors)
            {
                return;
            }
            string fqdn = base.OwningServer.Fqdn;
            string text = base.Name.ToString();

            if (string.IsNullOrEmpty(this.WebSiteName))
            {
                if (this.Role == VirtualDirectoryRole.ClientAccess)
                {
                    this.WebSiteName     = IisUtility.GetWebSiteName(IisUtility.CreateAbsolutePath(IisUtility.AbsolutePathType.WebSiteRoot, fqdn, "/W3SVC/1/ROOT", null));
                    this.ApplicationRoot = "/W3SVC/1/ROOT";
                }
                else
                {
                    this.WebSiteName = "Exchange Back End";
                }
            }
            if (string.Empty.Equals(this.AppPoolId))
            {
                Exception     exception   = new ArgumentException(Strings.ErrorAppPoolIdCannotBeEmpty, "AppPoolId");
                ErrorCategory category    = ErrorCategory.InvalidArgument;
                T             dataObject2 = this.DataObject;
                base.WriteError(exception, category, dataObject2.Identity);
            }
            try
            {
                if (!new IisVersionValidCondition(fqdn).Verify())
                {
                    Exception     exception2  = new ArgumentException(Strings.ErrorIisVersionIsInvalid(fqdn), "Server");
                    ErrorCategory category2   = ErrorCategory.InvalidArgument;
                    T             dataObject3 = this.DataObject;
                    base.WriteError(exception2, category2, dataObject3.Identity);
                }
            }
            catch (IOException innerException)
            {
                Exception     exception3  = new ArgumentException(Strings.ErrorCannotDetermineIisVersion(fqdn), "Server", innerException);
                ErrorCategory category3   = ErrorCategory.InvalidArgument;
                T             dataObject4 = this.DataObject;
                base.WriteError(exception3, category3, dataObject4.Identity);
            }
            catch (InvalidOperationException innerException2)
            {
                Exception     exception4  = new ArgumentException(Strings.ErrorCannotDetermineIisVersion(fqdn), "Server", innerException2);
                ErrorCategory category4   = ErrorCategory.InvalidArgument;
                T             dataObject5 = this.DataObject;
                base.WriteError(exception4, category4, dataObject5.Identity);
            }
            try
            {
                if (!new WebSiteExistsCondition(fqdn, this.WebSiteName).Verify())
                {
                    Exception     exception5  = new ArgumentException(Strings.ErrorWebSiteNotExists(this.WebSiteName, fqdn), "WebSiteName");
                    ErrorCategory category5   = ErrorCategory.InvalidArgument;
                    T             dataObject6 = this.DataObject;
                    base.WriteError(exception5, category5, dataObject6.Identity);
                }
                if (string.IsNullOrEmpty(this.ApplicationRoot))
                {
                    this.ApplicationRoot = IisUtility.FindWebSiteRootPath(this.WebSiteName, fqdn);
                }
            }
            catch (IisUtilityCannotDisambiguateWebSiteException innerException3)
            {
                Exception     exception6  = new ArgumentException(Strings.ErrorWebsiteAmbiguousInIIS(this.WebSiteName, fqdn), "WebSiteName", innerException3);
                ErrorCategory category6   = ErrorCategory.InvalidArgument;
                T             dataObject7 = this.DataObject;
                base.WriteError(exception6, category6, dataObject7.Identity);
            }
            T dataObject8 = this.DataObject;
            T dataObject9 = this.DataObject;

            dataObject8.SetId(new ADObjectId(dataObject9.Server.DistinguishedName).GetDescendantId("Protocols", "HTTP", new string[]
            {
                string.Format("{0} ({1})", base.Name, this.WebSiteName)
            }));
            if (this.FailOnVirtualDirectoryADObjectAlreadyExists())
            {
                IConfigDataProvider dataSession = base.DataSession;
                T dataObject10 = this.DataObject;
                if (dataSession.Read <T>(dataObject10.Identity) != null)
                {
                    string        virtualDirectoryName = text;
                    T             dataObject11         = this.DataObject;
                    Exception     exception7           = new ArgumentException(Strings.ErrorVirtualDirectoryADObjectAlreadyExists(virtualDirectoryName, dataObject11.DistinguishedName), "VirtualDirectoryName");
                    ErrorCategory category7            = ErrorCategory.InvalidArgument;
                    T             dataObject12         = this.DataObject;
                    base.WriteError(exception7, category7, dataObject12.Identity);
                }
            }
            if (this.FailOnVirtualDirectoryAlreadyExists() && new VirtualDirectoryExistsCondition(fqdn, this.WebSiteName, text).Verify())
            {
                Exception     exception8   = new ArgumentException(Strings.ErrorVirtualDirectoryAlreadyExists(text, this.WebSiteName, fqdn), "VirtualDirectoryName");
                ErrorCategory category8    = ErrorCategory.InvalidArgument;
                T             dataObject13 = this.DataObject;
                base.WriteError(exception8, category8, dataObject13.Identity);
            }
            T dataObject14 = this.DataObject;

            dataObject14.MetabasePath = string.Format("IIS://{0}{1}/{2}", fqdn, IisUtility.FindWebSiteRootPath(this.WebSiteName, fqdn), text);
            ExtendedProtection.Validate(this, this.DataObject);
            TaskLogger.LogExit();
        }
예제 #9
0
 protected virtual void ProcessMetabaseProperties(ExchangeVirtualDirectory dataObject)
 {
     dataObject.Path = (string)IisUtility.GetIisPropertyValue("Path", this.MetabaseProperties);
     ExtendedProtection.LoadFromMetabase(dataObject, this);
 }
        public static void ReadFromMetabase(ADMobileVirtualDirectory vdirObject, Task task)
        {
            MetabasePropertyTypes.AccessSSLFlags accessSSLFlags = MetabasePropertyTypes.AccessSSLFlags.AccessSSL | MetabasePropertyTypes.AccessSSLFlags.AccessSSLNegotiateCert | MetabasePropertyTypes.AccessSSLFlags.AccessSSLRequireCert;
            string metabasePath = vdirObject.MetabasePath;

            if (string.IsNullOrEmpty(metabasePath))
            {
                return;
            }
            MetabaseProperty[] array = null;
            using (DirectoryEntry directoryEntry = IisUtility.CreateIISDirectoryEntry(metabasePath))
            {
                array = IisUtility.GetProperties(directoryEntry);
            }
            uint num  = 0U;
            bool flag = false;

            foreach (MetabaseProperty metabaseProperty in array)
            {
                if (string.Equals(metabaseProperty.Name, "AuthFlags", StringComparison.OrdinalIgnoreCase))
                {
                    object value = metabaseProperty.Value;
                    if (value != null)
                    {
                        MetabasePropertyTypes.AuthFlags authFlags = (MetabasePropertyTypes.AuthFlags)((int)value);
                        vdirObject.BasicAuthEnabled   = ((authFlags & MetabasePropertyTypes.AuthFlags.Basic) == MetabasePropertyTypes.AuthFlags.Basic);
                        vdirObject.WindowsAuthEnabled = ((authFlags & MetabasePropertyTypes.AuthFlags.Ntlm) == MetabasePropertyTypes.AuthFlags.Ntlm);
                    }
                    num += 1U;
                }
                else if (string.Equals(metabaseProperty.Name, "DoDynamicCompression", StringComparison.OrdinalIgnoreCase))
                {
                    object value2 = metabaseProperty.Value;
                    if (value2 != null)
                    {
                        vdirObject.CompressionEnabled = (bool)value2;
                    }
                    num += 1U;
                }
                else if (string.Equals(metabaseProperty.Name, "AccessSSLFlags", StringComparison.OrdinalIgnoreCase))
                {
                    int?num2 = (int?)metabaseProperty.Value;
                    if (num2 != null)
                    {
                        if ((num2.Value & (int)accessSSLFlags) == (int)accessSSLFlags)
                        {
                            vdirObject.ClientCertAuth = new ClientCertAuthTypes?(ClientCertAuthTypes.Required);
                        }
                        else if ((num2.Value & 32) == 32)
                        {
                            vdirObject.ClientCertAuth = new ClientCertAuthTypes?(ClientCertAuthTypes.Accepted);
                        }
                        else
                        {
                            vdirObject.ClientCertAuth = new ClientCertAuthTypes?(ClientCertAuthTypes.Ignore);
                        }
                        if ((num2.Value & 8) == 8)
                        {
                            vdirObject.WebSiteSSLEnabled = true;
                        }
                        else
                        {
                            vdirObject.WebSiteSSLEnabled = false;
                        }
                    }
                    else
                    {
                        vdirObject.ClientCertAuth    = new ClientCertAuthTypes?(ClientCertAuthTypes.Ignore);
                        vdirObject.WebSiteSSLEnabled = false;
                    }
                    flag = true;
                    num += 1U;
                }
                else if (string.Equals(metabaseProperty.Name, "AppFriendlyName", StringComparison.OrdinalIgnoreCase))
                {
                    object value3 = metabaseProperty.Value;
                    if (value3 != null)
                    {
                        vdirObject.VirtualDirectoryName = (string)value3;
                    }
                    num += 1U;
                }
                else if (num == 4U)
                {
                    break;
                }
            }
            if (!flag)
            {
                int    startIndex            = metabasePath.LastIndexOf('/');
                string iisDirectoryEntryPath = metabasePath.Remove(startIndex);
                using (DirectoryEntry directoryEntry2 = IisUtility.CreateIISDirectoryEntry(iisDirectoryEntryPath))
                {
                    int?num3 = (int?)directoryEntry2.Properties["AccessSSLFlags"].Value;
                    if (num3 != null)
                    {
                        if ((num3.Value & (int)accessSSLFlags) == (int)accessSSLFlags)
                        {
                            vdirObject.ClientCertAuth = new ClientCertAuthTypes?(ClientCertAuthTypes.Required);
                        }
                        else if ((num3.Value & 32) == 32)
                        {
                            vdirObject.ClientCertAuth = new ClientCertAuthTypes?(ClientCertAuthTypes.Accepted);
                        }
                        else
                        {
                            vdirObject.ClientCertAuth = new ClientCertAuthTypes?(ClientCertAuthTypes.Ignore);
                        }
                        if ((num3.Value & 8) == 8)
                        {
                            vdirObject.WebSiteSSLEnabled = true;
                        }
                        else
                        {
                            vdirObject.WebSiteSSLEnabled = false;
                        }
                    }
                    else
                    {
                        vdirObject.ClientCertAuth    = new ClientCertAuthTypes?(ClientCertAuthTypes.Ignore);
                        vdirObject.WebSiteSSLEnabled = false;
                    }
                }
            }
            char[] separator = new char[]
            {
                '/'
            };
            string[] array3 = metabasePath.Split(separator);
            int      num4   = array3.Length - 2;

            if (num4 <= 0)
            {
                return;
            }
            StringBuilder stringBuilder = new StringBuilder(47);

            for (int j = 0; j < num4; j++)
            {
                stringBuilder.Append(array3[j]);
                if (j < num4 - 1)
                {
                    stringBuilder.Append('/');
                }
            }
            using (DirectoryEntry directoryEntry3 = IisUtility.CreateIISDirectoryEntry(stringBuilder.ToString()))
            {
                array = IisUtility.GetProperties(directoryEntry3);
            }
            MetabaseProperty[] array4 = array;
            int k = 0;

            while (k < array4.Length)
            {
                MetabaseProperty metabaseProperty2 = array4[k];
                if (string.Compare(metabaseProperty2.Name, "ServerComment", true) == 0)
                {
                    object value4 = metabaseProperty2.Value;
                    if (value4 != null)
                    {
                        vdirObject.WebsiteName = (string)value4;
                        break;
                    }
                    break;
                }
                else
                {
                    k++;
                }
            }
            vdirObject.InitProxyVDirDataObject();
            ExtendedProtection.LoadFromMetabase(vdirObject, task);
        }