private void grdDomainGroups_CellClick(object sender, DataGridViewCellEventArgs e)
{
if (DomainGroupChangeEvent == null) return;
if (grdDomainGroups.CurrentRow == null) return;
if (grdDomainGroups.CurrentRow.DataBoundItem == null) return;
_CurrentGroup = ((ADGroup)grdDomainGroups.CurrentRow.DataBoundItem);
OnObjectDomainChange();
}
private void domainGoups2_DomainGroupChangeEvent(ADGroup pGroup)
{
//_CurrentObjectDomainGroup = pGroup;
//txtXmlGroupInfo.Text = _CurrentObjectDomainGroup.GetXml();
//objectDomainGroupBindingSource.DataSource = pGroup;
//grdGroupInfo.Refresh();
//StaticAD.LoadDomain(txtDomain.Text);
domainUsers1.Populate(pGroup.Name);
//domainGoups1.Populate(pGroup.ActiveDirectoryMembersGroups);
//System.Threading.Thread.Sleep(100);
}
public void Remove(string user)
{
ADGroup Group = new ADGroup();
char ct = Convert.ToChar(Console.Read());
switch (ct)
{
case '1':
Group.RemoveUser("mail_rds", user);
break;
case '2':
Group.RemoveUser("sharepoint", user);
break;
case '3':
Group.RemoveUser("lucanet", user);
break;
case '4':
Group.RemoveUser("fullaccess", user);
break;
case '5':
Group.RemoveUser("regadmins", user);
break;
case '6':
Group.RemoveUser("mail_rds_GPS", user);
break;
default:
Console.WriteLine("Cancel");
break;
}
}
public static void RemoveServersFromGroup(IList<ADObjectId> serverIds, ADGroup group, IRecipientSession recipSession, ITopologyConfigurationSession gcSession, ManageSendConnectors.ThrowTerminatingErrorDelegate throwDelegate)
{
TaskLogger.LogEnter();
if (serverIds.Count == 0)
{
TaskLogger.LogExit();
return;
}
foreach (ADObjectId adobjectId in serverIds)
{
ADComputer computerObject = ManageSendConnectors.GetComputerObject(adobjectId.Name, gcSession, throwDelegate);
if (group.Members.Contains(computerObject.Id))
{
TaskLogger.Trace("Removing server '{0}' from group '{1}'", new object[]
{
adobjectId.Name,
group.Name
});
group.Members.Remove(computerObject.Id);
}
}
recipSession.Save(group);
TaskLogger.LogExit();
}
private void CreateRoleGroup(ADOrganizationalUnit usgContainer, RoleGroupDefinition roleGroup)
{
ADGroup adgroup = this.CreateGroup(usgContainer, roleGroup.Name, roleGroup.Id, roleGroup.RoleGroupGuid, roleGroup.Description, GroupTypeFlags.Universal | GroupTypeFlags.SecurityEnabled, true);
if (adgroup == null)
{
base.WriteError(roleGroup.GuidNotFoundException, ErrorCategory.ObjectNotFound, null);
}
base.LogReadObject(adgroup);
foreach (Guid wkg in roleGroup.E12USG)
{
ADGroup adgroup2 = base.ResolveExchangeGroupGuid <ADGroup>(wkg);
if (adgroup2 != null && adgroup2.RecipientType == RecipientType.Group)
{
base.LogReadObject(adgroup2);
TaskLogger.Trace("Adding old USG {0} as member of RG {1}", new object[]
{
adgroup2.Name,
adgroup.Name
});
InitializeExchangeUniversalGroups.AddMember(adgroup2, this.rootDomainRecipientSession, adgroup, new WriteVerboseDelegate(base.WriteVerbose));
}
}
}
/// <summary>
/// Private methods
/// </summary>
/// <param name="groupID"></param>
///
//private void FillRolesDataGrid()
//{
// dgrid_Roles.DataSource = null;
// dgrid_Roles.AutoGenerateColumns = false;
// dgrid_Roles.DataSource = _aDRoleWrapper.SelectAll();
// dgrid_Roles.Columns[0].DataPropertyName = "RoleID";
// dgrid_Roles.Columns[2].DataPropertyName = "RoleName";
// for (int i = 0; i < dgrid_Roles.Rows.Count; i++)
// {
// //DataGridViewCheckBoxCell chk = (DataGridViewCheckBoxCell)dgrid_Roles.Rows[i].Cells["check"];
// //chk.Selected = false;
// }
//}
private void InitiateEntity(int groupID)
{
ADGroupPrimaryKey pk = new ADGroupPrimaryKey();
pk.GroupID = groupID;
ADGroup _aDGroup = _aDGroupWrapper.SelectOne(pk);
tbx_GroupName.Text = _aDGroup.GroupName;
//ADGroupRoleCollection _aDGroupRoleCollection = _aDGroupRoleWrapper.SelectByGroupID(groupID);
//foreach (ADGroupRole _aDGroupRole in _aDGroupRoleCollection)
//{
// foreach (DataGridViewRow row in dgrid_Roles.Rows)
// {
// if (Convert.ToInt32(row.Cells["RoleID"].Value) == _aDGroupRole.RoleID)
// {
// row.Cells["check"].Value = true;
// //chk.Selected = true;
// //chk.TrueValue = true;
// //chk.Value = 1;
// }
// }
//}
}
// Token: 0x06001BA9 RID: 7081 RVA: 0x0006A15E File Offset: 0x0006835E
internal bool IsOpenDL(ADGroup group)
{
return(group != null && group.MemberJoinRestriction == MemberUpdateType.Open);
}
private bool SetValue(ADGroup Group)
{
Tuple<ADGroup, DateTime> groupRecord = Tuple.Create(Group, DateTime.Now.AddTicks(CacheTimeoutTicks));
Tuple<ADGroup, DateTime> oldGroupRecord;
var distinguishedName = Group.DistinguishedName;
var securityIdentifier = Group.SecurityIdentifier;
if (distinguishedNameCache.ContainsKey(distinguishedName))
{
if (distinguishedNameCache.TryGetValue(distinguishedName, out oldGroupRecord))
{
distinguishedNameCache.TryUpdate(distinguishedName, groupRecord, oldGroupRecord);
}
}
else
{
distinguishedNameCache.TryAdd(distinguishedName, groupRecord);
}
if (securityIdentifierCache.ContainsKey(securityIdentifier))
{
if (securityIdentifierCache.TryGetValue(securityIdentifier, out oldGroupRecord))
{
securityIdentifierCache.TryUpdate(securityIdentifier, groupRecord, oldGroupRecord);
}
}
else
{
securityIdentifierCache.TryAdd(securityIdentifier, groupRecord);
}
return true;
}
private bool IsGroupEmpty(ADGroup group)
{
if (group.Members.Count == 0)
{
if (!this.expandedRoleGroups.ContainsKey(group.Id))
{
this.expandedRoleGroups.Add(group.Id, 0);
}
return(true);
}
if (this.expandedRoleGroups.ContainsKey(group.Id))
{
return(this.expandedRoleGroups[group.Id] == 0);
}
int numberOfUsers = 0;
ADRecipientExpansion adrecipientExpansion = new ADRecipientExpansion(this.recipientSession, true);
adrecipientExpansion.Expand(group, delegate(ADRawEntry recipient, ExpansionType recipientExpansionType, ADRawEntry parent, ExpansionType parentExpansionType)
{
if (group.Id.Equals(recipient.Id))
{
return(ExpansionControl.Continue);
}
if (this.excludedFromEmptinessValidation != null && this.excludedFromEmptinessValidation.Contains(recipient.Id) && (this.isObjectRemovalValidation || (parent != null && parent.Id.Equals(group.Id))))
{
return(ExpansionControl.Skip);
}
if (recipientExpansionType == ExpansionType.None)
{
if (this.includeOnlyPowerShellEnabledRecipients)
{
if (this.IsPowerShellEnabled(recipient.Id))
{
numberOfUsers++;
}
}
else
{
numberOfUsers++;
}
}
if (this.expandedRoleGroups.ContainsKey(recipient.Id))
{
numberOfUsers += this.expandedRoleGroups[recipient.Id];
if (numberOfUsers == 0)
{
return(ExpansionControl.Skip);
}
}
if (numberOfUsers > 0)
{
return(ExpansionControl.Terminate);
}
return(ExpansionControl.Continue);
}, delegate(ExpansionFailure failure, ADRawEntry recipient, ExpansionType recipientExpansionType, ADRawEntry parent, ExpansionType parentExpansionType)
{
if (failure.Equals(ExpansionFailure.NoMembers))
{
return(ExpansionControl.Continue);
}
return(ExpansionControl.Skip);
});
this.expandedRoleGroups.Add(group.Id, numberOfUsers);
return(numberOfUsers == 0);
}
protected override IConfigurable PrepareDataObject()
{
TaskLogger.LogEnter();
ADGroup group = (ADGroup)base.PrepareDataObject();
this.flagCloseGroupMemberJoinForNoArbitrationMbx = false;
this.flagCloseGroupMemberDepartForNoArbitrationMbx = false;
this.UpdateRecipientDisplayType(group);
ADObjectId adobjectId;
bool flag = base.TryGetExecutingUserId(out adobjectId);
if (!this.IgnoreNamingPolicy.IsPresent && (base.UserSpecifiedParameters.IsChanged(ADObjectSchema.Name.Name) || base.UserSpecifiedParameters.IsChanged(MailEnabledRecipientSchema.DisplayName.Name)))
{
Organization organization;
if (group.OrganizationId.ConfigurationUnit == null && group.OrganizationId.OrganizationalUnit == null)
{
organization = this.ConfigurationSession.GetOrgContainer();
}
else
{
organization = this.ConfigurationSession.Read <ExchangeConfigurationUnit>(group.OrganizationId.ConfigurationUnit);
}
if (flag)
{
IRecipientSession recipientSession = RecipientTaskHelper.CreatePartitionOrRootOrgScopedGcSession(null, adobjectId);
ADUser user = (ADUser)recipientSession.Read(adobjectId);
if (base.UserSpecifiedParameters.IsChanged(ADObjectSchema.Name.Name))
{
group.Name = DistributionGroupTaskHelper.GetGroupNameWithNamingPolicy(organization, user, group, group.Name, ADObjectSchema.Name, new Task.ErrorLoggerDelegate(base.WriteError));
}
if (base.UserSpecifiedParameters.IsChanged(MailEnabledRecipientSchema.DisplayName.Name))
{
group.DisplayName = DistributionGroupTaskHelper.GetGroupNameWithNamingPolicy(organization, user, group, group.DisplayName, ADRecipientSchema.DisplayName, new Task.ErrorLoggerDelegate(base.WriteError));
}
}
}
bool flag2 = false;
ADScopeException ex = null;
if (flag && adobjectId != null && !((IDirectorySession)base.DataSession).TryVerifyIsWithinScopes(group, true, out ex))
{
group.IsExecutingUserGroupOwner = true;
flag2 = true;
base.WriteVerbose(Strings.VerboseDGOwnershipDeepSearch(adobjectId.ToString(), group.Identity.ToString()));
RecipientTaskHelper.ValidateUserIsGroupManager(adobjectId, group, delegate(LocalizedException exception, ExchangeErrorCategory category, object taget)
{
group.IsExecutingUserGroupOwner = false;
}, true, base.TenantGlobalCatalogSession);
group.propertyBag.ResetChangeTracking(ADGroupSchema.IsExecutingUserGroupOwner);
}
if (group.RecipientDisplayType == RecipientDisplayType.SecurityDistributionGroup && !flag2 && !this.BypassSecurityGroupManagerCheck && (base.Fields.IsChanged(DistributionGroupSchema.ManagedBy) || base.Fields.IsChanged(MailEnabledRecipientSchema.GrantSendOnBehalfTo) || base.Fields.IsChanged(ADObjectSchema.Name) || base.Fields.IsChanged(DistributionGroupSchema.SamAccountName)))
{
if (!flag)
{
base.WriteError(new RecipientTaskException(Strings.ErrorExecutingUserOutOfTargetOrg(base.MyInvocation.MyCommand.Name)), ExchangeErrorCategory.Client, group.Identity.ToString());
}
RecipientTaskHelper.ValidateUserIsGroupManager(adobjectId, group, new Task.ErrorLoggerDelegate(base.WriteError), true, base.TenantGlobalCatalogSession);
group.IsExecutingUserGroupOwner = true;
group.propertyBag.ResetChangeTracking(ADGroupSchema.IsExecutingUserGroupOwner);
}
base.SetMultiReferenceParameter <GeneralRecipientIdParameter>(DistributionGroupSchema.ManagedBy, this.ManagedBy, group, new GetRecipientDelegate <GeneralRecipientIdParameter>(this.GetRecipient));
if (base.Fields.IsModified(ADGroupSchema.MemberJoinRestriction))
{
group.MemberJoinRestriction = this.MemberJoinRestriction;
}
if (base.Fields.IsModified(ADGroupSchema.MemberDepartRestriction))
{
group.MemberDepartRestriction = this.MemberDepartRestriction;
}
if (base.Fields.IsModified(ADRecipientSchema.ArbitrationMailbox))
{
if (base.ArbitrationMailbox == null)
{
base.WriteError(new RecipientTaskException(Strings.ErrorNullParameter(ADRecipientSchema.ArbitrationMailbox.Name)), ExchangeErrorCategory.Client, group.Identity);
}
ADObjectId arbitrationMailbox = group.ArbitrationMailbox;
}
if (!group.ExchangeVersion.IsOlderThan(ADRecipientSchema.ArbitrationMailbox.VersionAdded) && (group.ArbitrationMailbox == null || group.ArbitrationMailbox.IsDescendantOf(ADSession.GetDeletedObjectsContainer(group.ArbitrationMailbox.DomainId))))
{
group.ArbitrationMailbox = MailboxTaskHelper.GetArbitrationMailbox(base.TenantGlobalCatalogSession, group.ConfigurationUnit ?? base.RootOrgContainerId);
if (group.ArbitrationMailbox == null)
{
if (group.MemberJoinRestriction == MemberUpdateType.ApprovalRequired)
{
if (base.Fields.IsModified(ADGroupSchema.MemberJoinRestriction))
{
base.WriteError(new RecipientTaskException(Strings.ErrorArbitrationMbxNotSetForApproval(this.Identity.ToString())), ExchangeErrorCategory.Client, group.Identity);
}
else
{
group.MemberJoinRestriction = MemberUpdateType.Closed;
this.flagCloseGroupMemberJoinForNoArbitrationMbx = true;
}
}
if (group.MemberDepartRestriction == MemberUpdateType.ApprovalRequired)
{
if (base.Fields.IsModified(ADGroupSchema.MemberDepartRestriction))
{
base.WriteError(new RecipientTaskException(Strings.ErrorArbitrationMbxNotSetForApproval(this.Identity.ToString())), ExchangeErrorCategory.Client, group.Identity);
}
else
{
group.MemberDepartRestriction = MemberUpdateType.Closed;
this.flagCloseGroupMemberDepartForNoArbitrationMbx = true;
}
}
}
}
TaskLogger.LogExit();
return(group);
}
// Token: 0x06005D55 RID: 23893 RVA: 0x00142330 File Offset: 0x00140530
public SyncGroup(ADGroup dataObject) : base(dataObject)
{
}
public void RemoveGroupFromGroup(ADGroup groupFrom, ADGroup groupTo)
{
RemoveEntityFromGroup(groupFrom.ObjectGuid.ToString(), groupTo.ObjectGuid.ToString());
}
// Token: 0x060053DD RID: 21469 RVA: 0x00131381 File Offset: 0x0012F581
public DistributionGroup(ADGroup dataObject) : base(dataObject)
{
}
private void DeleteAdGroup(ResourcesController controllerAdmin, ADGroup group)
{
if (group != null)
{
controllerAdmin.GraphClient.Groups.Delete(group.ObjectId);
}
}
internal static void ValidateGroupNameWithBlockedWordsList(Organization organization, ADGroup group, string groupName, PropertyDefinition property, Task.ErrorLoggerDelegate errorLogger)
{
if (organization == null)
{
throw new ArgumentNullException("organization");
}
if (group == null)
{
throw new ArgumentNullException("group");
}
if (string.IsNullOrEmpty(groupName))
{
throw new ArgumentNullException("groupName");
}
string text = groupName.ToLower();
foreach (string text2 in organization.DistributionGroupNameBlockedWordsList)
{
if (text.Contains(text2.ToLower()))
{
throw new DataValidationException(new PropertyValidationError(Strings.ErrorGroupNameContainBlockedWords(text2), property, null));
}
}
}
// Token: 0x06001055 RID: 4181 RVA: 0x0004F074 File Offset: 0x0004D274
internal void PopulateRootAndFilter(OrganizationId organizationId, IReadOnlyPropertyBag propertyBag)
{
if (this.Root != null || this.Filter != null)
{
return;
}
if (this.isFromEndUserRole && propertyBag == null)
{
throw new ArgumentNullException("propertyBag");
}
if (organizationId != null)
{
this.SelfRoot = organizationId.OrganizationalUnit;
}
if (propertyBag != null)
{
this.SelfFilter = new ComparisonFilter(ComparisonOperator.Equal, ADObjectSchema.Id, propertyBag[ADObjectSchema.Id]);
}
switch (this.scopeType)
{
case ScopeType.None:
this.Root = null;
this.Filter = ADScope.NoObjectFilter;
return;
case ScopeType.NotApplicable:
this.Root = null;
this.Filter = null;
return;
case ScopeType.Organization:
this.Root = organizationId.OrganizationalUnit;
this.Filter = null;
return;
case ScopeType.MyGAL:
{
AddressBookBase globalAddressList = this.GetGlobalAddressList(organizationId);
this.Root = organizationId.OrganizationalUnit;
if (globalAddressList == null)
{
this.Filter = ADScope.NoObjectFilter;
return;
}
this.Filter = new ComparisonFilter(ComparisonOperator.Equal, ADRecipientSchema.AddressListMembership, globalAddressList.Id);
return;
}
case ScopeType.Self:
this.Root = organizationId.OrganizationalUnit;
this.Filter = new ComparisonFilter(ComparisonOperator.Equal, ADObjectSchema.Id, propertyBag[ADObjectSchema.Id]);
return;
case ScopeType.MyDirectReports:
this.Root = organizationId.OrganizationalUnit;
this.Filter = new ComparisonFilter(ComparisonOperator.Equal, ADOrgPersonSchema.Manager, propertyBag[ADObjectSchema.Id]);
return;
case ScopeType.OU:
this.Root = this.ouId;
this.Filter = null;
return;
case ScopeType.CustomRecipientScope:
case ScopeType.CustomConfigScope:
case ScopeType.PartnerDelegatedTenantScope:
case ScopeType.ExclusiveRecipientScope:
case ScopeType.ExclusiveConfigScope:
this.Root = this.managementScope.RecipientRoot;
this.Filter = this.managementScope.QueryFilter;
return;
case ScopeType.MyDistributionGroups:
{
this.Root = organizationId.OrganizationalUnit;
QueryFilter[] array = new QueryFilter[3];
array[0] = new ComparisonFilter(ComparisonOperator.Equal, ADGroupSchema.ManagedBy, propertyBag[ADObjectSchema.Id]);
array[1] = new ComparisonFilter(ComparisonOperator.Equal, ADGroupSchema.CoManagedBy, propertyBag[ADObjectSchema.Id]);
array[2] = new CSharpFilter <IReadOnlyPropertyBag>(delegate(IReadOnlyPropertyBag obj)
{
ADGroup adgroup = obj as ADGroup;
return(adgroup != null && adgroup.IsExecutingUserGroupOwner);
});
this.Filter = new OrFilter(array);
return;
}
case ScopeType.MyExecutive:
break;
case ScopeType.OrganizationConfig:
this.Root = organizationId.ConfigurationUnit;
this.Filter = null;
return;
case ScopeType.MailboxICanDelegate:
{
this.Root = organizationId.OrganizationalUnit;
QueryFilter[] array2 = new QueryFilter[2];
array2[0] = new ComparisonFilter(ComparisonOperator.Equal, ADRecipientSchema.MasterAccountSid, this.securityAccessToken.UserSid);
array2[1] = new CSharpFilter <IReadOnlyPropertyBag>(delegate(IReadOnlyPropertyBag obj)
{
RawSecurityDescriptor rawSecurityDescriptor = ((ADObject)obj).ReadSecurityDescriptor();
if (rawSecurityDescriptor != null)
{
using (AuthzContextHandle authzContext = AuthzAuthorization.GetAuthzContext(new SecurityIdentifier(this.securityAccessToken.UserSid), false))
{
bool[] array3 = AuthzAuthorization.CheckExtendedRights(authzContext, rawSecurityDescriptor, new Guid[]
{
WellKnownGuid.PersonalInfoPropSetGuid
}, null, AccessMask.WriteProp);
return(array3[0]);
}
return(false);
}
return(false);
});
this.Filter = new OrFilter(array2);
return;
}
default:
this.Root = null;
this.Filter = ADScope.NoObjectFilter;
break;
}
}
public bool UpdateGroupWithRoles(ADGroup aDGroup, ADGroupRoleCollection aDGroupRoleCollection)
{
// Insert(aDGroup)
return true;
}
private void domainGoups2_ObjectDomainChangeEvent(ADGroup pObjectDomainGroup)
{
_CurrentGroup = pObjectDomainGroup;
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "get", "post", Route = null)] HttpRequest req,
ILogger log)
{
Logger.Log = log;
// validate b2c refresh token
string refreshToken = req.Query["refresh_token"];
if (string.IsNullOrWhiteSpace(refreshToken))
{
// default is guest
var guestGroup = await ADGroup.FindByName(Configurations.AzureB2C.GuestGroup);
// If the refresh token is missing, then return permissions for guest
var guestPermissions = await guestGroup.GetPermissions();
return(new JsonResult(new { success = true, permissions = guestPermissions, group = guestGroup.Name })
{
StatusCode = StatusCodes.Status200OK
});
}
string source = req.Query["source"];
ADGroup userGroup = null;
ADUser user;
ADToken adToken;
// cognito authentication
if (source == "cognito")
{
adToken = await CognitoService.Instance.GetAccessToken(refreshToken);
if (adToken == null || string.IsNullOrWhiteSpace(adToken.AccessToken))
{
return(CreateErrorResponse($"refresh_token is invalid: {refreshToken} ", StatusCodes.Status401Unauthorized));
}
// Validate the access token, then get id and group name
var(result, message, userId, groupName) = await CognitoService.Instance.ValidateAccessToken(adToken.AccessToken);
if (!result)
{
log.LogError($"can not get access token from refresh token {refreshToken}");
return(CreateErrorResponse(message, StatusCodes.Status403Forbidden));
}
var customUserId = await CognitoService.Instance.GetCustomUserId(userId);
if (string.IsNullOrWhiteSpace(customUserId))
{
return(CreateErrorResponse($"user {userId} does not have custom id", statusCode: StatusCodes.Status500InternalServerError));
}
// NOTE: if cognito user is disable, it throws exception on refresh token step above, so may not need to check account status
//var userInfo = await CognitoService.Instance.GetUserInfo(userId);
//if (!userInfo.Enabled)
//{
// return CreateErrorResponse("user is disabled", statusCode: StatusCodes.Status401Unauthorized);
//}
// create fake ADUser and ADGroup from cognito information
user = new ADUser {
ObjectId = customUserId
};
userGroup = new ADGroup {
Name = groupName
};
}
else
{
// azure b2c authentication
// get access token by refresh token
adToken = await ADAccess.Instance.RefreshToken(refreshToken);
if (adToken == null || string.IsNullOrWhiteSpace(adToken.AccessToken))
{
return(CreateErrorResponse($"refresh_token is invalid: {refreshToken} ", StatusCodes.Status401Unauthorized));
}
// Validate the access token, then get id
var(result, message, id) = await ADAccess.Instance.ValidateAccessToken(adToken.AccessToken);
if (!result)
{
log.LogError($"can not get access token from refresh token {refreshToken}");
return(CreateErrorResponse(message, StatusCodes.Status403Forbidden));
}
// find ad user by its email
user = await ADUser.FindById(id);
if (user == null)
{
return(CreateErrorResponse("user not exist"));
}
if (!user.AccountEnabled)
{
return(CreateErrorResponse("user is disabled", statusCode: StatusCodes.Status401Unauthorized));
}
// check role of user
var groupIds = await user.GroupIds();
if (groupIds != null && groupIds.Count > 0)
{
var group = await ADGroup.FindById(groupIds[0]);
if (group != null)
{
userGroup = group;
}
}
if (userGroup == null)
{
userGroup = await ADGroup.FindByName(Configurations.AzureB2C.GuestGroup);
}
}
log.LogInformation($"user {user?.ObjectId} has group {userGroup?.Name}");
var tasks = new List <Task <List <PermissionProperties> > >();
// get group permissions
tasks.Add(userGroup.GetPermissions());
// get user permissions
tasks.Add(user.GetPermissions(userGroup.Name));
await Task.WhenAll(tasks);
var permissions = new List <PermissionProperties>();
foreach (var task in tasks)
{
var p = task.Result;
permissions.AddRange(p);
}
// return list of permissions
return(new JsonResult(new { success = true, permissions, group = userGroup.Name, refreshToken = adToken.RefreshToken })
{
StatusCode = StatusCodes.Status200OK
});
}
public void SetProperty(ADGroup group, string propertyName, object newValue)
{
SetProperty(group.ObjectGuid.ToString(), propertyName, newValue);
}
public ADGroup[] GetGroupsInGroup(ADGroup group)
{
return(GetEntitiesInGroup <ADGroup>(group.ObjectGuid.ToString()).Where <ADGroup>(x => ((object[])x.Properties["objectclass"]).Contains("group")).ToArray <ADGroup>());
}
private LoginIdentity(ADGroup adGroup)
{
_backing = adGroup.SID.Value;
this.IsSecurityIdentitifer = true;
this.IsADObject = true;
}
public ADGroup[] GetGroupsGroupIsIn(ADGroup group)
{
return(GetGroupsEntityIsIn <ADGroup>(group.ObjectGuid.ToString()));
}
public bool UpdateGroupWithRoles(ADGroup aDGroup, ADGroupRoleCollection aDGroupRoleCollection)
{
// Insert(aDGroup)
return(true);
}
public void AddUserToGroup(string userGuid, ADGroup group)
{
AddEntityToGroup(userGuid, group.ObjectGuid.ToString());
}
private ADGroup CreateGroup(OrganizationId orgId, ADObjectId usgContainerId, string groupName, int groupId, Guid wkGuid, string groupDescription, GroupTypeFlags groupType, List <ADObjectId> manageBy)
{
ADGroup adgroup = null;
DNWithBinary dnwithBinary = DirectoryCommon.FindWellKnownObjectEntry(this.configurationUnit.OtherWellKnownObjects, wkGuid);
if (null != dnwithBinary)
{
ADObjectId adobjectId = new ADObjectId(dnwithBinary.DistinguishedName);
if (adobjectId.IsDeleted)
{
base.WriteError(new InvalidWKObjectException(dnwithBinary.ToString(), orgId.ConfigurationUnit.DistinguishedName), ErrorCategory.InvalidData, null);
}
ADRecipient adrecipient = this.orgDomainRecipientSession.Read(adobjectId);
if (adrecipient == null)
{
base.WriteError(new InvalidWKObjectException(dnwithBinary.ToString(), orgId.ConfigurationUnit.DistinguishedName), ErrorCategory.InvalidData, null);
}
base.LogReadObject(adrecipient);
if (adrecipient.RecipientType != RecipientType.Group)
{
base.WriteError(new InvalidWKObjectTargetException(wkGuid.ToString(), orgId.ConfigurationUnit.ToString(), adgroup.Id.DistinguishedName, groupType.ToString()), ErrorCategory.InvalidData, null);
}
adgroup = (adrecipient as ADGroup);
InitializeExchangeUniversalGroups.UpgradeRoleGroupLocalization(adgroup, groupId, groupDescription, this.orgDomainRecipientSession);
if ((adgroup.GroupType & groupType) != groupType)
{
base.WriteVerbose(Strings.InfoChangingGroupType(adgroup.Id.DistinguishedName, groupType.ToString()));
adgroup.GroupType = groupType;
adgroup.RecipientTypeDetails = RecipientTypeDetails.RoleGroup;
this.orgDomainRecipientSession.Save(adgroup);
base.LogWriteObject(adgroup);
}
else
{
base.WriteVerbose(Strings.InfoGroupAlreadyPresent(adgroup.Id.DistinguishedName));
}
return(adgroup);
}
ADGroup adgroup2 = null;
try
{
string groupSam = groupName + "{" + Guid.NewGuid().ToString("N") + "}";
adgroup2 = InitializeExchangeUniversalGroups.CreateUniqueRoleGroup(this.orgDomainRecipientSession, orgId.OrganizationalUnit.DomainId, usgContainerId, groupName, groupId, groupDescription, groupSam, manageBy, orgId);
dnwithBinary = this.CreateWKGuid(adgroup2.Id, wkGuid);
}
finally
{
if (adgroup2 == null && dnwithBinary != null)
{
this.configurationUnit.OtherWellKnownObjects.Remove(dnwithBinary);
this.configurationSession.Save(this.configurationUnit);
base.LogWriteObject(this.configurationUnit);
}
else if (adgroup2 != null && dnwithBinary == null)
{
this.orgDomainRecipientSession.Delete(adgroup2);
base.LogWriteObject(adgroup2);
adgroup2 = null;
}
}
return(adgroup2);
}
public void AddUserToGroup(ADUser user, ADGroup group)
{
AddEntityToGroup(user.ObjectGuid.ToString(), group.ObjectGuid.ToString());
}
public static bool ShowAD(ADGroup adInterfaceGroup, ADShowResultDelegate callback = null, bool bShowReminder = true)
{
return(m_GlobalAdDisPlayer.ShowAd(adInterfaceGroup, callback, bShowReminder));
}
public void AddGroupToGroup(string groupGuidFrom, ADGroup groupTo)
{
AddEntityToGroup(groupGuidFrom, groupTo.ObjectGuid.ToString());
}
internal static string GetGroupNameWithNamingPolicy(Organization organization, ADUser user, ADGroup group, string groupName, PropertyDefinition property, Task.ErrorLoggerDelegate errorLogger)
{
DistributionGroupTaskHelper.ValidateGroupNameWithBlockedWordsList(organization, group, groupName, property, errorLogger);
if (organization.DistributionGroupNamingPolicy == null)
{
errorLogger(new RecipientTaskException(Strings.ErrorDistributionGroupNamingPolicy), ExchangeErrorCategory.ServerOperation, organization.Identity);
}
string appliedName = organization.DistributionGroupNamingPolicy.GetAppliedName(groupName, user);
return(appliedName.Trim());
}
public void AddGroupToGroup(ADGroup groupFrom, ADGroup groupTo)
{
AddEntityToGroup(groupFrom.ObjectGuid.ToString(), groupTo.ObjectGuid.ToString());
}
/// <summary>
/// Creates a new company
/// </summary>
/// <param name="company"></param>
/// <param name="resellerCode"></param>
public void NewCompany(CompanyObject company, string resellerCode)
{
CPDatabase database = null;
// Rollback class in case something goes wrong we can undo changes
CloudPanelTransaction events = new CloudPanelTransaction();
try
{
database = new CPDatabase();
// Generate the company code
string companyCode = CompanyObject.GenerateCompanyCode(company.CompanyName, company.UseCompanyNameInsteadofCompanyCode);
// Loop and make sure one does exist or find one that does
int count = 0;
for (int i = 0; i < 1000; i++)
{
if (Validation.DoesCompanyCodeExist(companyCode))
{
this.logger.Info("Tried to create a new company with company code " + companyCode + " but it already existed... trying another code");
companyCode = companyCode + count.ToString();
count++;
}
else
{
company.CompanyCode = companyCode; // Assign company code to object
break;
}
}
// Get the resellers distinguished name
var resellerDistinguishedName = (from r in database.Companies
where r.IsReseller
where r.CompanyCode == resellerCode
select r.DistinguishedName).First();
#region Create Organizational Units
//
// Create organizational units
//
ADOrganizationalUnit adOrg = new ADOrganizationalUnit(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);
// Check if resellers are enabled and create the organizational unit in the correct place
string newCompanyDistinguishedName = string.Empty;
if (!StaticSettings.ResellersEnabled)
{
newCompanyDistinguishedName = adOrg.CreateCompany(StaticSettings.HostingOU, company);
}
else
{
newCompanyDistinguishedName = adOrg.CreateCompany(resellerDistinguishedName, company);
}
events.NewOrganizationalUnitEvent(newCompanyDistinguishedName);
adOrg.RemoveAuthUsersRights(newCompanyDistinguishedName); // Removes authenticated users from the OU;
// Create the Exchange OU
string exchangeOU = adOrg.CreateOU(newCompanyDistinguishedName, "Exchange", company.Domains[0]);
events.NewOrganizationalUnitEvent(exchangeOU);
adOrg.RemoveAuthUsersRights(exchangeOU); // Removes authenticated users from the OU;
// Create the Applications OU
string applicationsOU = adOrg.CreateOU(newCompanyDistinguishedName, "Applications", company.Domains[0]);
events.NewOrganizationalUnitEvent(applicationsOU);
adOrg.RemoveAuthUsersRights(applicationsOU); // Removes authenticated users from the OU;
// Create the custom users OU if there is one
string customUsersOU = string.Empty;
if (!string.IsNullOrEmpty(StaticSettings.UsersOU))
{
customUsersOU = adOrg.CreateOU(newCompanyDistinguishedName, StaticSettings.UsersOU, company.Domains[0]);
events.NewOrganizationalUnitEvent(customUsersOU);
adOrg.RemoveAuthUsersRights(customUsersOU); // Removes authenticated users from the OU;
}
#endregion
#region Create Security Groups
//
// Create Security Groups
//
ADGroup adGroup = new ADGroup(StaticSettings.Username, StaticSettings.DecryptedPassword, StaticSettings.PrimaryDC);
// Create the Admins security group
adGroup.Create(newCompanyDistinguishedName, "Admins@" + companyCode, "", true, false);
events.NewSecurityGroup("Admins@" + companyCode);
// Create the All Users security group
adGroup.Create(newCompanyDistinguishedName, "AllUsers@" + companyCode, "", true, false);
events.NewSecurityGroup("AllUsers@" + companyCode);
// Create the AllTSUsers security groups
adGroup.Create(newCompanyDistinguishedName, "AllTSUsers@" + companyCode, "", true, false);
events.NewSecurityGroup("AllTSUsers@" + companyCode);
// Add AllTSUsers to the AllTSUsers@Hosting group
adGroup.AddMember("AllTSUsers@Hosting", "AllTSUsers@" + companyCode, "name");
// Check the GPOAccess and see if we are using resellers or not. Then add the group to the GPOAccess security group
if (StaticSettings.ResellersEnabled)
{
adGroup.AddMember("GPOAccess@" + resellerCode, "AllTSUsers@" + companyCode, "name");
}
else
{
adGroup.AddMember("GPOAccess@Hosting", "AllTSUsers@" + companyCode, "name");
}
#endregion
#region Add read rights to organizational units
//
// Now add read rights
//
adOrg.AddAccessRights(newCompanyDistinguishedName, "AllUsers@ " + companyCode);
adOrg.AddAccessRights(exchangeOU, "AllUsers@" + companyCode);
adOrg.AddAccessRights(applicationsOU, "AllUsers@" + companyCode);
if (!string.IsNullOrEmpty(StaticSettings.UsersOU))
{
adOrg.AddAccessRights(customUsersOU, "AllUsers@" + companyCode);
}
#endregion
// Insert into database
Company newCompanyDb = new Company();
newCompanyDb.IsReseller = false;
newCompanyDb.CompanyName = company.CompanyName;
newCompanyDb.CompanyCode = company.CompanyCode;
newCompanyDb.ResellerCode = resellerCode;
newCompanyDb.Street = company.Street;
newCompanyDb.City = company.City;
newCompanyDb.State = company.State;
newCompanyDb.ZipCode = company.ZipCode;
newCompanyDb.Country = company.Country;
newCompanyDb.PhoneNumber = company.Telephone;
newCompanyDb.AdminName = company.AdminName;
newCompanyDb.AdminEmail = company.AdminEmail;
newCompanyDb.DistinguishedName = newCompanyDistinguishedName;
newCompanyDb.Created = DateTime.Now;
database.Companies.Add(newCompanyDb);
database.SaveChanges();
events.InsertCompanyToDatabase(newCompanyDb.CompanyCode);
// Insert domain into database
Domain newDomain = new Domain();
newDomain.CompanyCode = newCompanyDb.CompanyCode;
newDomain.Domain1 = company.Domains[0];
newDomain.IsAcceptedDomain = false;
newDomain.IsLyncDomain = false;
newDomain.IsSubDomain = false;
database.Domains.Add(newDomain);
database.SaveChanges();
// Notify success
ThrowEvent(AlertID.SUCCESS, "Successfully created new company " + newCompanyDb.CompanyName);
}
catch (Exception ex)
{
ThrowEvent(AlertID.FAILED, ex.Message);
// Rollback on error
events.RollBack();
}
finally
{
if (database != null)
{
database.Dispose();
}
}
}
public void RemoveUserFromGroup(string userGuid, ADGroup group)
{
RemoveEntityFromGroup(userGuid, group.ObjectGuid.ToString());
}
public void RemoveMember(MockContext context, ADGroup group, User user)
{
GetGraphClient(context).Groups.RemoveMember(group.ObjectId, user.ObjectId);
}
public void RemoveUserFromGroup(ADUser user, ADGroup group)
{
RemoveEntityFromGroup(user.ObjectGuid.ToString(), group.ObjectGuid.ToString());
}
internal void AddMemberToGroup(MockContext context, ADGroup groupId, User user)
{
AddMember(context, groupId, user);
}
private void CollectScreenData()
{
_aDGroup = new ADGroup();
_aDGroup.GroupName = tbx_GroupName.Text;
//foreach (DataGridViewRow row in dgrid_Roles.Rows)
//{
// ADGroupRole _aDGroupRole = new ADGroupRole();
// if ((bool)row.Cells["check"].Value == true)
// _aDGroupRole.RoleID = Convert.ToInt32(row.Cells["RoleID"].Value);
// _aDGroupRoleCollection.Add(_aDGroupRole);
//}
}
