protected override void InternalValidate()
{
if (this.Identity == null)
{
if (base.CurrentOrganizationId == OrganizationId.ForestWideOrgId)
{
this.rootId = RoleGroupCommon.RoleGroupContainerId(base.TenantGlobalCatalogSession, this.ConfigurationSession);
}
}
else
{
IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(base.ServerSettings.PreferredGlobalCatalog(base.TenantGlobalCatalogSession.SessionSettings.PartitionId.ForestFQDN), true, ConsistencyMode.PartiallyConsistent, base.NetCredential, ADSessionSettings.FromAccountPartitionRootOrgScopeSet(base.TenantGlobalCatalogSession.SessionSettings.PartitionId), 203, "InternalValidate", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleGroup\\GetRoleGroup.cs");
base.OptionalIdentityData.RootOrgDomainContainerId = RoleGroupCommon.RoleGroupContainerId(tenantOrRootOrgRecipientSession, this.ConfigurationSession);
}
base.InternalValidate();
}
protected override void PrepareRecipientObject(ADGroup group)
{
TaskLogger.LogEnter();
base.PrepareRecipientObject(group);
group.GroupType = (GroupTypeFlags.Universal | GroupTypeFlags.SecurityEnabled);
group[ADRecipientSchema.Description] = new MultiValuedProperty <string>(this.Description);
if (string.Equals(this.Description, CoreStrings.MsoManagedTenantAdminGroupDescription, StringComparison.Ordinal))
{
group[ADGroupSchema.RoleGroupTypeId] = 23;
}
else if (string.Equals(this.Description, CoreStrings.MsoMailTenantAdminGroupDescription, StringComparison.Ordinal))
{
group[ADGroupSchema.RoleGroupTypeId] = 24;
}
else if (string.Equals(this.Description, CoreStrings.MsoManagedTenantHelpdeskGroupDescription, StringComparison.Ordinal))
{
group[ADGroupSchema.RoleGroupTypeId] = 25;
}
if (base.CurrentOrganizationId == OrganizationId.ForestWideOrgId)
{
ADObjectId adobjectId = RoleGroupCommon.RoleGroupContainerId(base.TenantGlobalCatalogSession, this.ConfigurationSession);
group.SetId(adobjectId.GetChildId(this.Name));
}
MailboxTaskHelper.StampOnManagedBy(this.DataObject, this.managedByRecipients, new Task.ErrorLoggerDelegate(base.WriteError));
this.DataObject.RecipientTypeDetails = RecipientTypeDetails.RoleGroup;
MailboxTaskHelper.ValidateGroupManagedBy(base.TenantGlobalCatalogSession, group, this.managedByRecipients, RoleGroupCommon.OwnerRecipientTypeDetails, true, new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>), new Task.ErrorLoggerDelegate(base.WriteError));
if (string.IsNullOrEmpty(group.SamAccountName))
{
IRecipientSession[] recipientSessions = new IRecipientSession[]
{
base.RootOrgGlobalCatalogSession
};
if (VariantConfiguration.InvariantNoFlightingSnapshot.CmdletInfra.ServiceAccountForest.Enabled && base.CurrentOrganizationId != OrganizationId.ForestWideOrgId)
{
recipientSessions = new IRecipientSession[]
{
base.RootOrgGlobalCatalogSession,
base.PartitionOrRootOrgGlobalCatalogSession
};
}
group.SamAccountName = RecipientTaskHelper.GenerateUniqueSamAccountName(recipientSessions, group.Id.DomainId, group.Name, true, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), false);
}
else
{
RecipientTaskHelper.IsSamAccountNameUnique(group, group.SamAccountName, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError), ExchangeErrorCategory.Client);
}
if ("crossforest" == base.ParameterSetName)
{
group.ForeignGroupSid = this.linkedGroupSid;
}
if ("linkedpartnergroup" == base.ParameterSetName)
{
group.LinkedPartnerGroupId = this.LinkedPartnerGroupId;
group.LinkedPartnerOrganizationId = this.LinkedPartnerOrganizationId;
}
if (this.PartnerManaged.IsPresent)
{
group.RawCapabilities.Add(Capability.Partner_Managed);
}
if (base.Fields.IsChanged(RoleGroupParameters.ParameterMembers) && this.Members != null)
{
foreach (SecurityPrincipalIdParameter member in this.Members)
{
MailboxTaskHelper.ValidateAndAddMember(base.TenantGlobalCatalogSession, group, member, false, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>));
}
}
MailboxTaskHelper.ValidateAddedMembers(base.TenantGlobalCatalogSession, group, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>));
TaskLogger.LogExit();
}
internal static ADObjectId GetRootOrgUsgContainerId(IConfigurationSession configurationSession, ADServerSettings adServerSettings, IRecipientSession globalCatalogSession, OrganizationId organizationId)
{
IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(adServerSettings.PreferredGlobalCatalog(globalCatalogSession.SessionSettings.PartitionId.ForestFQDN), true, ConsistencyMode.PartiallyConsistent, null, ADSessionSettings.FromAccountPartitionRootOrgScopeSet(globalCatalogSession.SessionSettings.PartitionId), 110, "GetRootOrgUsgContainerId", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleGroup\\RoleGroupCommon.cs");
return(RoleGroupCommon.RoleGroupContainerId(tenantOrRootOrgRecipientSession, configurationSession));
}
