protected override void InternalValidate() { if (this.Identity == null) { if (base.CurrentOrganizationId == OrganizationId.ForestWideOrgId) { this.rootId = RoleGroupCommon.RoleGroupContainerId(base.TenantGlobalCatalogSession, this.ConfigurationSession); } } else { IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(base.ServerSettings.PreferredGlobalCatalog(base.TenantGlobalCatalogSession.SessionSettings.PartitionId.ForestFQDN), true, ConsistencyMode.PartiallyConsistent, base.NetCredential, ADSessionSettings.FromAccountPartitionRootOrgScopeSet(base.TenantGlobalCatalogSession.SessionSettings.PartitionId), 203, "InternalValidate", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleGroup\\GetRoleGroup.cs"); base.OptionalIdentityData.RootOrgDomainContainerId = RoleGroupCommon.RoleGroupContainerId(tenantOrRootOrgRecipientSession, this.ConfigurationSession); } base.InternalValidate(); }
protected override void PrepareRecipientObject(ADGroup group) { TaskLogger.LogEnter(); base.PrepareRecipientObject(group); group.GroupType = (GroupTypeFlags.Universal | GroupTypeFlags.SecurityEnabled); group[ADRecipientSchema.Description] = new MultiValuedProperty <string>(this.Description); if (string.Equals(this.Description, CoreStrings.MsoManagedTenantAdminGroupDescription, StringComparison.Ordinal)) { group[ADGroupSchema.RoleGroupTypeId] = 23; } else if (string.Equals(this.Description, CoreStrings.MsoMailTenantAdminGroupDescription, StringComparison.Ordinal)) { group[ADGroupSchema.RoleGroupTypeId] = 24; } else if (string.Equals(this.Description, CoreStrings.MsoManagedTenantHelpdeskGroupDescription, StringComparison.Ordinal)) { group[ADGroupSchema.RoleGroupTypeId] = 25; } if (base.CurrentOrganizationId == OrganizationId.ForestWideOrgId) { ADObjectId adobjectId = RoleGroupCommon.RoleGroupContainerId(base.TenantGlobalCatalogSession, this.ConfigurationSession); group.SetId(adobjectId.GetChildId(this.Name)); } MailboxTaskHelper.StampOnManagedBy(this.DataObject, this.managedByRecipients, new Task.ErrorLoggerDelegate(base.WriteError)); this.DataObject.RecipientTypeDetails = RecipientTypeDetails.RoleGroup; MailboxTaskHelper.ValidateGroupManagedBy(base.TenantGlobalCatalogSession, group, this.managedByRecipients, RoleGroupCommon.OwnerRecipientTypeDetails, true, new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>), new Task.ErrorLoggerDelegate(base.WriteError)); if (string.IsNullOrEmpty(group.SamAccountName)) { IRecipientSession[] recipientSessions = new IRecipientSession[] { base.RootOrgGlobalCatalogSession }; if (VariantConfiguration.InvariantNoFlightingSnapshot.CmdletInfra.ServiceAccountForest.Enabled && base.CurrentOrganizationId != OrganizationId.ForestWideOrgId) { recipientSessions = new IRecipientSession[] { base.RootOrgGlobalCatalogSession, base.PartitionOrRootOrgGlobalCatalogSession }; } group.SamAccountName = RecipientTaskHelper.GenerateUniqueSamAccountName(recipientSessions, group.Id.DomainId, group.Name, true, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), false); } else { RecipientTaskHelper.IsSamAccountNameUnique(group, group.SamAccountName, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError), ExchangeErrorCategory.Client); } if ("crossforest" == base.ParameterSetName) { group.ForeignGroupSid = this.linkedGroupSid; } if ("linkedpartnergroup" == base.ParameterSetName) { group.LinkedPartnerGroupId = this.LinkedPartnerGroupId; group.LinkedPartnerOrganizationId = this.LinkedPartnerOrganizationId; } if (this.PartnerManaged.IsPresent) { group.RawCapabilities.Add(Capability.Partner_Managed); } if (base.Fields.IsChanged(RoleGroupParameters.ParameterMembers) && this.Members != null) { foreach (SecurityPrincipalIdParameter member in this.Members) { MailboxTaskHelper.ValidateAndAddMember(base.TenantGlobalCatalogSession, group, member, false, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>)); } } MailboxTaskHelper.ValidateAddedMembers(base.TenantGlobalCatalogSession, group, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>)); TaskLogger.LogExit(); }
internal static ADObjectId GetRootOrgUsgContainerId(IConfigurationSession configurationSession, ADServerSettings adServerSettings, IRecipientSession globalCatalogSession, OrganizationId organizationId) { IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(adServerSettings.PreferredGlobalCatalog(globalCatalogSession.SessionSettings.PartitionId.ForestFQDN), true, ConsistencyMode.PartiallyConsistent, null, ADSessionSettings.FromAccountPartitionRootOrgScopeSet(globalCatalogSession.SessionSettings.PartitionId), 110, "GetRootOrgUsgContainerId", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RBAC\\RoleGroup\\RoleGroupCommon.cs"); return(RoleGroupCommon.RoleGroupContainerId(tenantOrRootOrgRecipientSession, configurationSession)); }