internal static string GetGroupNameWithNamingPolicy(Organization organization, ADUser user, ADGroup group, string groupName, PropertyDefinition property, Task.ErrorLoggerDelegate errorLogger) { DistributionGroupTaskHelper.ValidateGroupNameWithBlockedWordsList(organization, group, groupName, property, errorLogger); if (organization.DistributionGroupNamingPolicy == null) { errorLogger(new RecipientTaskException(Strings.ErrorDistributionGroupNamingPolicy), ExchangeErrorCategory.ServerOperation, organization.Identity); } string appliedName = organization.DistributionGroupNamingPolicy.GetAppliedName(groupName, user); return(appliedName.Trim()); }
protected override void InternalValidate() { TaskLogger.LogEnter(); base.InternalValidate(); if (!VariantConfiguration.InvariantNoFlightingSnapshot.CmdletInfra.EmailAddressPolicy.Enabled) { this.DataObject.EmailAddressPolicyEnabled = false; } DistributionGroupTaskHelper.CheckModerationInMixedEnvironment(this.DataObject, new Task.TaskWarningLoggingDelegate(this.WriteWarning), Strings.WarningLegacyExchangeServer); TaskLogger.LogExit(); }
protected override void InternalValidate() { TaskLogger.LogEnter(); base.InternalValidate(); if (base.HasErrors) { return; } DistributionGroupTaskHelper.CheckModerationInMixedEnvironment(this.DataObject, new Task.TaskWarningLoggingDelegate(this.WriteWarning), Strings.WarningLegacyExchangeServer); if (base.Fields.IsModified(DynamicDistributionGroupSchema.RecipientFilter) && VariantConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).CmdletInfra.SupportOptimizedFilterOnlyInDDG.Enabled) { QueryFilter oldFilter = this.ConvertToQueryFilter(this.originalFilter); LocalizedString?localizedString; if (!DynamicDistributionGroupFilterValidation.IsFullOptimizedOrImproved(oldFilter, this.innerFilter, out localizedString)) { base.WriteError(new RecipientTaskException(localizedString.Value, null), ExchangeErrorCategory.Client, this.DataObject.Identity); } } TaskLogger.LogExit(); }
protected override void InternalValidate() { TaskLogger.LogEnter(); base.InternalValidate(); if (string.IsNullOrEmpty(this.DataObject.LegacyExchangeDN)) { AdministrativeGroup administrativeGroup = base.GlobalConfigSession.GetAdministrativeGroup(); string parentLegacyDN = string.Format(CultureInfo.InvariantCulture, "{0}/cn=Recipients", new object[] { administrativeGroup.LegacyExchangeDN }); this.DataObject.LegacyExchangeDN = LegacyDN.GenerateLegacyDN(parentLegacyDN, this.DataObject, true, new LegacyDN.LegacyDNIsUnique(this.LegacyDNIsUnique)); } if (!VariantConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).CmdletInfra.EmailAddressPolicy.Enabled) { this.DataObject.EmailAddressPolicyEnabled = false; } DistributionGroupTaskHelper.CheckModerationInMixedEnvironment(this.DataObject, new Task.TaskWarningLoggingDelegate(this.WriteWarning), Strings.WarningLegacyExchangeServer); TaskLogger.LogExit(); }
protected override void InternalValidate() { TaskLogger.LogEnter(); base.InternalValidate(); if (base.HasErrors) { return; } DistributionGroupTaskHelper.CheckMembershipRestriction(this.DataObject, new Task.ErrorLoggerDelegate(base.WriteError)); if (this.RoomList.IsPresent && this.DataObject.RecipientTypeDetails != RecipientTypeDetails.RoomList) { this.ValidateConvertToRoomList(); } base.ValidateMultiReferenceParameter(DistributionGroupSchema.ManagedBy, new ValidateRecipientWithBaseObjectDelegate <ADGroup>(MailboxTaskHelper.ValidateGroupManagedBy)); MultiValuedProperty <ADRecipient> recipients; this.recipientsDictionary.TryGetValue(DistributionGroupSchema.ManagedBy, out recipients); if (base.Fields.IsModified(DistributionGroupSchema.ManagedBy) || base.Fields.IsModified(DistributionGroupSchema.MemberJoinRestriction) || base.Fields.IsModified(DistributionGroupSchema.MemberDepartRestriction) || this.DataObject.ModerationEnabled || base.Fields.IsModified(MailEnabledRecipientSchema.ModeratedBy)) { MailboxTaskHelper.ValidateGroupManagedByRecipientRestriction(base.TenantGlobalCatalogSession, this.DataObject, recipients, new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>), new Task.ErrorLoggerDelegate(base.WriteError), new Task.TaskWarningLoggingDelegate(this.WriteWarning)); } if (this.DataObject.IsModified(ADMailboxRecipientSchema.SamAccountName)) { RecipientTaskHelper.IsSamAccountNameUnique(this.DataObject, this.DataObject.SamAccountName, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError), ExchangeErrorCategory.Client); } if (base.Fields.IsModified("ExpansionServer")) { this.DataObject.ExpansionServer = this.ExpansionServer; this.DataObject.HomeMTA = this.homeMTA; } else if (this.DataObject.IsChanged(DistributionGroupBaseSchema.ExpansionServer)) { if (!string.IsNullOrEmpty(this.DataObject.ExpansionServer)) { QueryFilter filter = new ComparisonFilter(ComparisonOperator.Equal, ServerSchema.ExchangeLegacyDN, this.DataObject.ExpansionServer); base.WriteVerbose(TaskVerboseStringHelper.GetFindDataObjectsVerboseString(base.GlobalConfigSession, typeof(Server), filter, null, true)); Server[] array = null; try { array = base.GlobalConfigSession.Find <Server>(null, QueryScope.SubTree, filter, null, 2); } finally { base.WriteVerbose(TaskVerboseStringHelper.GetSourceVerboseString(base.GlobalConfigSession)); } switch (array.Length) { case 0: base.WriteError(new ManagementObjectNotFoundException(Strings.ErrorServerNotFound(this.DataObject.ExpansionServer)), ExchangeErrorCategory.Client, this.Identity); return; case 1: base.ValidateExpansionServer(array[0], false); this.DataObject.ExpansionServer = array[0].ExchangeLegacyDN; break; case 2: base.WriteError(new ManagementObjectAmbiguousException(Strings.ErrorServerNotUnique(this.DataObject.ExpansionServer)), ExchangeErrorCategory.Client, this.Identity); return; } this.DataObject.HomeMTA = array[0].ResponsibleMTA; } else { this.DataObject.HomeMTA = null; } } DistributionGroupTaskHelper.CheckModerationInMixedEnvironment(this.DataObject, new Task.TaskWarningLoggingDelegate(this.WriteWarning), Strings.WarningLegacyExchangeServer); TaskLogger.LogExit(); }
protected override IConfigurable PrepareDataObject() { TaskLogger.LogEnter(); ADGroup group = (ADGroup)base.PrepareDataObject(); this.flagCloseGroupMemberJoinForNoArbitrationMbx = false; this.flagCloseGroupMemberDepartForNoArbitrationMbx = false; this.UpdateRecipientDisplayType(group); ADObjectId adobjectId; bool flag = base.TryGetExecutingUserId(out adobjectId); if (!this.IgnoreNamingPolicy.IsPresent && (base.UserSpecifiedParameters.IsChanged(ADObjectSchema.Name.Name) || base.UserSpecifiedParameters.IsChanged(MailEnabledRecipientSchema.DisplayName.Name))) { Organization organization; if (group.OrganizationId.ConfigurationUnit == null && group.OrganizationId.OrganizationalUnit == null) { organization = this.ConfigurationSession.GetOrgContainer(); } else { organization = this.ConfigurationSession.Read <ExchangeConfigurationUnit>(group.OrganizationId.ConfigurationUnit); } if (flag) { IRecipientSession recipientSession = RecipientTaskHelper.CreatePartitionOrRootOrgScopedGcSession(null, adobjectId); ADUser user = (ADUser)recipientSession.Read(adobjectId); if (base.UserSpecifiedParameters.IsChanged(ADObjectSchema.Name.Name)) { group.Name = DistributionGroupTaskHelper.GetGroupNameWithNamingPolicy(organization, user, group, group.Name, ADObjectSchema.Name, new Task.ErrorLoggerDelegate(base.WriteError)); } if (base.UserSpecifiedParameters.IsChanged(MailEnabledRecipientSchema.DisplayName.Name)) { group.DisplayName = DistributionGroupTaskHelper.GetGroupNameWithNamingPolicy(organization, user, group, group.DisplayName, ADRecipientSchema.DisplayName, new Task.ErrorLoggerDelegate(base.WriteError)); } } } bool flag2 = false; ADScopeException ex = null; if (flag && adobjectId != null && !((IDirectorySession)base.DataSession).TryVerifyIsWithinScopes(group, true, out ex)) { group.IsExecutingUserGroupOwner = true; flag2 = true; base.WriteVerbose(Strings.VerboseDGOwnershipDeepSearch(adobjectId.ToString(), group.Identity.ToString())); RecipientTaskHelper.ValidateUserIsGroupManager(adobjectId, group, delegate(LocalizedException exception, ExchangeErrorCategory category, object taget) { group.IsExecutingUserGroupOwner = false; }, true, base.TenantGlobalCatalogSession); group.propertyBag.ResetChangeTracking(ADGroupSchema.IsExecutingUserGroupOwner); } if (group.RecipientDisplayType == RecipientDisplayType.SecurityDistributionGroup && !flag2 && !this.BypassSecurityGroupManagerCheck && (base.Fields.IsChanged(DistributionGroupSchema.ManagedBy) || base.Fields.IsChanged(MailEnabledRecipientSchema.GrantSendOnBehalfTo) || base.Fields.IsChanged(ADObjectSchema.Name) || base.Fields.IsChanged(DistributionGroupSchema.SamAccountName))) { if (!flag) { base.WriteError(new RecipientTaskException(Strings.ErrorExecutingUserOutOfTargetOrg(base.MyInvocation.MyCommand.Name)), ExchangeErrorCategory.Client, group.Identity.ToString()); } RecipientTaskHelper.ValidateUserIsGroupManager(adobjectId, group, new Task.ErrorLoggerDelegate(base.WriteError), true, base.TenantGlobalCatalogSession); group.IsExecutingUserGroupOwner = true; group.propertyBag.ResetChangeTracking(ADGroupSchema.IsExecutingUserGroupOwner); } base.SetMultiReferenceParameter <GeneralRecipientIdParameter>(DistributionGroupSchema.ManagedBy, this.ManagedBy, group, new GetRecipientDelegate <GeneralRecipientIdParameter>(this.GetRecipient)); if (base.Fields.IsModified(ADGroupSchema.MemberJoinRestriction)) { group.MemberJoinRestriction = this.MemberJoinRestriction; } if (base.Fields.IsModified(ADGroupSchema.MemberDepartRestriction)) { group.MemberDepartRestriction = this.MemberDepartRestriction; } if (base.Fields.IsModified(ADRecipientSchema.ArbitrationMailbox)) { if (base.ArbitrationMailbox == null) { base.WriteError(new RecipientTaskException(Strings.ErrorNullParameter(ADRecipientSchema.ArbitrationMailbox.Name)), ExchangeErrorCategory.Client, group.Identity); } ADObjectId arbitrationMailbox = group.ArbitrationMailbox; } if (!group.ExchangeVersion.IsOlderThan(ADRecipientSchema.ArbitrationMailbox.VersionAdded) && (group.ArbitrationMailbox == null || group.ArbitrationMailbox.IsDescendantOf(ADSession.GetDeletedObjectsContainer(group.ArbitrationMailbox.DomainId)))) { group.ArbitrationMailbox = MailboxTaskHelper.GetArbitrationMailbox(base.TenantGlobalCatalogSession, group.ConfigurationUnit ?? base.RootOrgContainerId); if (group.ArbitrationMailbox == null) { if (group.MemberJoinRestriction == MemberUpdateType.ApprovalRequired) { if (base.Fields.IsModified(ADGroupSchema.MemberJoinRestriction)) { base.WriteError(new RecipientTaskException(Strings.ErrorArbitrationMbxNotSetForApproval(this.Identity.ToString())), ExchangeErrorCategory.Client, group.Identity); } else { group.MemberJoinRestriction = MemberUpdateType.Closed; this.flagCloseGroupMemberJoinForNoArbitrationMbx = true; } } if (group.MemberDepartRestriction == MemberUpdateType.ApprovalRequired) { if (base.Fields.IsModified(ADGroupSchema.MemberDepartRestriction)) { base.WriteError(new RecipientTaskException(Strings.ErrorArbitrationMbxNotSetForApproval(this.Identity.ToString())), ExchangeErrorCategory.Client, group.Identity); } else { group.MemberDepartRestriction = MemberUpdateType.Closed; this.flagCloseGroupMemberDepartForNoArbitrationMbx = true; } } } } TaskLogger.LogExit(); return(group); }
protected override void PrepareRecipientObject(ADGroup group) { TaskLogger.LogEnter(); base.PrepareRecipientObject(group); Organization organization; if (base.Organization == null) { organization = this.ConfigurationSession.GetOrgContainer(); } else { organization = this.ConfigurationSession.Read <ExchangeConfigurationUnit>(base.CurrentOrgContainerId); } ADObjectId adobjectId = null; base.TryGetExecutingUserId(out adobjectId); if (!this.IgnoreNamingPolicy.IsPresent && adobjectId != null) { ADUser user = (ADUser)RecipientTaskHelper.CreatePartitionOrRootOrgScopedGcSession(null, adobjectId).Read(adobjectId); string groupNameWithNamingPolicy = DistributionGroupTaskHelper.GetGroupNameWithNamingPolicy(organization, user, group, base.Name, ADObjectSchema.Name, new Task.ErrorLoggerDelegate(base.WriteError)); if (groupNameWithNamingPolicy.Length > 64) { base.WriteError(new RecipientTaskException(Strings.ErrorDistributionGroupNameTooLong), ExchangeErrorCategory.Client, null); } base.Name = groupNameWithNamingPolicy; if (!string.IsNullOrEmpty(base.DisplayName)) { base.DisplayName = DistributionGroupTaskHelper.GetGroupNameWithNamingPolicy(organization, user, group, base.DisplayName, ADRecipientSchema.DisplayName, new Task.ErrorLoggerDelegate(base.WriteError)); } } if (base.OrganizationalUnit == null && !ADObjectId.IsNullOrEmpty(organization.DistributionGroupDefaultOU)) { group.SetId(organization.DistributionGroupDefaultOU.GetChildId(base.Name)); } if (base.OrganizationalUnit == null && group[ADRecipientSchema.DefaultDistributionListOU] != null) { ADObjectId adobjectId2 = (ADObjectId)group[ADRecipientSchema.DefaultDistributionListOU]; RecipientTaskHelper.ResolveOrganizationalUnitInOrganization(new OrganizationalUnitIdParameter(adobjectId2), this.ConfigurationSession, base.CurrentOrganizationId, new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ExchangeOrganizationalUnit>), ExchangeErrorCategory.Client, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError)); group.SetId(adobjectId2.GetChildId(base.Name)); } if (this.Type != GroupType.Distribution && this.Type != GroupType.Security) { base.WriteError(new RecipientTaskException(Strings.ErrorGroupTypeInvalid), ExchangeErrorCategory.Client, null); } if (base.Fields.IsModified(DistributionGroupSchema.ManagedBy)) { MailboxTaskHelper.StampOnManagedBy(this.DataObject, this.managedByRecipients, new Task.ErrorLoggerDelegate(base.WriteError)); } if (this.RoomList.IsPresent) { if (this.Type != GroupType.Distribution) { base.WriteError(new RecipientTaskException(Strings.ErrorCreateRoomListSecurityGroup(base.Name)), ExchangeErrorCategory.Client, base.Name); } group.RecipientTypeDetails = RecipientTypeDetails.RoomList; if (group.ManagedBy != null) { group.AcceptMessagesOnlyFromSendersOrMembers = new MultiValuedProperty <ADObjectId>(group.ManagedBy); } } MailboxTaskHelper.ValidateGroupManagedBy(base.TenantGlobalCatalogSession, group, this.managedByRecipients, new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>), new Task.ErrorLoggerDelegate(base.WriteError)); MailboxTaskHelper.ValidateGroupManagedByRecipientRestriction(base.TenantGlobalCatalogSession, group, this.managedByRecipients, new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>), new Task.ErrorLoggerDelegate(base.WriteError), new Task.TaskWarningLoggingDelegate(this.WriteWarning)); group.GroupType = (GroupTypeFlags)((GroupType)8 | this.Type); if (!group.IsChanged(ADRecipientSchema.RecipientDisplayType)) { if ((group.GroupType & GroupTypeFlags.SecurityEnabled) == GroupTypeFlags.SecurityEnabled) { group.RecipientDisplayType = new RecipientDisplayType?(RecipientDisplayType.SecurityDistributionGroup); } else { group.RecipientDisplayType = new RecipientDisplayType?(RecipientDisplayType.DistributionGroup); } } if (string.IsNullOrEmpty(group.SamAccountName)) { IRecipientSession[] recipientSessions = new IRecipientSession[] { base.RootOrgGlobalCatalogSession }; if (VariantConfiguration.InvariantNoFlightingSnapshot.CmdletInfra.ServiceAccountForest.Enabled && base.CurrentOrganizationId != OrganizationId.ForestWideOrgId) { recipientSessions = new IRecipientSession[] { base.RootOrgGlobalCatalogSession, base.PartitionOrRootOrgGlobalCatalogSession }; } group.SamAccountName = RecipientTaskHelper.GenerateUniqueSamAccountName(recipientSessions, group.Id.DomainId, group.Name, true, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), false); } else { RecipientTaskHelper.IsSamAccountNameUnique(group, group.SamAccountName, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose), new Task.ErrorLoggerDelegate(base.WriteError), ExchangeErrorCategory.Client); } if (string.IsNullOrEmpty(group.Alias)) { group.Alias = RecipientTaskHelper.GenerateUniqueAlias(base.TenantGlobalCatalogSession, base.CurrentOrganizationId, group.SamAccountName, new Task.TaskVerboseLoggingDelegate(base.WriteVerbose)); } if (base.Fields.IsChanged(ADGroupSchema.Members) && this.Members != null) { foreach (RecipientIdParameter member in this.Members) { MailboxTaskHelper.ValidateAndAddMember(base.TenantGlobalCatalogSession, group, member, false, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>)); } } if (this.CopyOwnerToMember.IsPresent && this.managedByRecipients != null) { foreach (ADRecipient adrecipient in this.managedByRecipients) { if (!group.Members.Contains(adrecipient.Id)) { MailboxTaskHelper.ValidateMemberInGroup(adrecipient, group, new Task.ErrorLoggerDelegate(base.WriteError)); group.Members.Add(adrecipient.Id); } } } if ((group.GroupType & GroupTypeFlags.Universal) == GroupTypeFlags.Universal) { MailboxTaskHelper.ValidateAddedMembers(base.TenantGlobalCatalogSession, group, new Task.ErrorLoggerDelegate(base.WriteError), new DataAccessHelper.CategorizedGetDataObjectDelegate(base.GetDataObject <ADRecipient>)); } if (!this.DataObject.IsModified(ADGroupSchema.MemberDepartRestriction)) { this.DataObject.MemberDepartRestriction = ((this.Type == GroupType.Security) ? MemberUpdateType.Closed : MemberUpdateType.Open); } if (group.ArbitrationMailbox == null) { group.ArbitrationMailbox = MailboxTaskHelper.GetArbitrationMailbox(base.TenantGlobalCatalogSession, base.CurrentOrgContainerId); if (group.ArbitrationMailbox == null) { if (group.MemberJoinRestriction == MemberUpdateType.ApprovalRequired || group.MemberDepartRestriction == MemberUpdateType.ApprovalRequired) { base.WriteError(new RecipientTaskException(Strings.ErrorArbitrationMbxNotSetForApproval(base.Name)), ExchangeErrorCategory.Client, group.Identity); } if (group.ModerationEnabled) { base.WriteError(new RecipientTaskException(Strings.ErrorArbitrationMbxNotSetForModeration(base.Name)), ExchangeErrorCategory.Client, group.Identity); } } } DistributionGroupTaskHelper.CheckMembershipRestriction(group, new Task.ErrorLoggerDelegate(base.WriteError)); TaskLogger.LogExit(); }
protected override void InternalValidate() { base.InternalValidate(); DistributionGroupTaskHelper.CheckModerationInMixedEnvironment(this.DataObject, new Task.TaskWarningLoggingDelegate(this.WriteWarning), Strings.WarningLegacyExchangeServerForMailContact); }