public static void LoadFromMetabase(string metabasePath, ObjectId identity, Task task, out ExtendedProtectionTokenCheckingMode extendedProtectionTokenChecking, out MultiValuedProperty <ExtendedProtectionFlag> extendedProtectionFlags, out MultiValuedProperty <string> extendedProtectionSPNList)
{
extendedProtectionTokenChecking = ExtendedProtectionTokenCheckingMode.None;
extendedProtectionFlags = new MultiValuedProperty <ExtendedProtectionFlag>();
extendedProtectionSPNList = new MultiValuedProperty <string>();
using (DirectoryEntry directoryEntry = IisUtility.CreateIISDirectoryEntry(metabasePath, (task != null) ? new Task.TaskErrorLoggingReThrowDelegate(task.WriteError) : null, identity, false))
{
if (directoryEntry != null)
{
string text;
string str;
string str2;
if (ExtendedProtection.GetServerWebSiteAndPath(metabasePath, out text, out str, out str2))
{
using (ServerManager serverManager = ServerManager.OpenRemote(text))
{
Configuration applicationHostConfiguration = serverManager.GetApplicationHostConfiguration();
if (applicationHostConfiguration != null)
{
ConfigurationSection section = applicationHostConfiguration.GetSection("system.webServer/security/authentication/windowsAuthentication", "/" + str + str2);
if (section != null)
{
ConfigurationElement configurationElement = section.ChildElements["extendedProtection"];
if (configurationElement != null)
{
object attributeValue = configurationElement.GetAttributeValue("tokenChecking");
if (attributeValue != null && attributeValue is int)
{
extendedProtectionTokenChecking = (ExtendedProtectionTokenCheckingMode)attributeValue;
}
object attributeValue2 = configurationElement.GetAttributeValue("flags");
if (attributeValue2 != null && attributeValue2 is int)
{
extendedProtectionFlags.Add((ExtendedProtectionFlag)attributeValue2);
}
ConfigurationElementCollection collection = configurationElement.GetCollection();
if (collection != null)
{
foreach (ConfigurationElement configurationElement2 in collection)
{
if (configurationElement2.Schema.Name == "spn")
{
string item = configurationElement2.GetAttributeValue("name").ToString();
extendedProtectionSPNList.Add(item);
}
}
}
}
}
}
}
}
}
}
}
public static void CommitToMetabase(ExchangeVirtualDirectory exchangeVirtualDirectory, Task task)
{
if (exchangeVirtualDirectory.ExchangeVersion.IsOlderThan(ExchangeObjectVersion.Exchange2010))
{
return;
}
bool flag = task.Fields.IsModified("ExtendedProtectionTokenChecking");
bool flag2 = task.Fields.IsModified("ExtendedProtectionFlags");
bool flag3 = task.Fields.IsModified("ExtendedProtectionSPNList");
if (flag || flag2 || flag3)
{
string metabasePath = exchangeVirtualDirectory.MetabasePath;
using (DirectoryEntry directoryEntry = IisUtility.CreateIISDirectoryEntry(metabasePath, new Task.TaskErrorLoggingReThrowDelegate(task.WriteError), exchangeVirtualDirectory.Identity))
{
if (directoryEntry != null)
{
string text;
string text2;
string text3;
if (ExtendedProtection.GetServerWebSiteAndPath(metabasePath, out text, out text2, out text3))
{
if (!ExtendedProtection.WebConfigReflectionHelper.IsExtendedProtectionSupported(task))
{
TaskLogger.Trace("Warning: ExtendedProtectionPolicy has not been added to HttpTransportElement of web.config. Install the operating system update(s) specified in KB {0} onto server {1} and try again.", new object[]
{
"981205",
text
});
task.WriteWarning(Strings.WarnExtendedProtectionIsNotEnabled(text, "981205"));
}
else
{
string text4 = "/" + text2 + text3;
using (ServerManager serverManager = ServerManager.OpenRemote(text))
{
Configuration applicationHostConfiguration = serverManager.GetApplicationHostConfiguration();
if (applicationHostConfiguration != null)
{
ConfigurationSection section = applicationHostConfiguration.GetSection("system.webServer/security/authentication/windowsAuthentication", text4);
if (section != null)
{
ConfigurationElement configurationElement = section.ChildElements["extendedProtection"];
if (configurationElement != null)
{
if (flag)
{
int num = (int)exchangeVirtualDirectory[ExchangeVirtualDirectorySchema.ExtendedProtectionTokenChecking];
configurationElement.SetAttributeValue("tokenChecking", num);
}
if (flag2)
{
int num2 = (int)exchangeVirtualDirectory[ExchangeVirtualDirectorySchema.ExtendedProtectionFlags];
configurationElement.SetAttributeValue("flags", num2);
}
if (flag3)
{
ConfigurationElementCollection collection = configurationElement.GetCollection();
collection.Clear();
foreach (string text5 in exchangeVirtualDirectory.ExtendedProtectionSPNList)
{
ConfigurationElement configurationElement2 = collection.CreateElement("spn");
configurationElement2.SetAttributeValue("name", text5);
collection.Add(configurationElement2);
}
}
ExtendedProtection.WebConfigReflectionHelper.CommitToWebConfigMWA(exchangeVirtualDirectory, task, text3, text2, text, flag, flag3);
serverManager.CommitChanges();
return;
}
TaskLogger.Trace("Warning: Extended protection has not been enabled. Install the operating system update specified in KB {0} onto server {1} and try again.", new object[]
{
"973917",
text
});
task.WriteWarning(Strings.WarnExtendedProtectionIsNotEnabled(text, "973917"));
return;
}
}
TaskLogger.Trace("Error:ApplicationHost.config or {0} is not found for virtual directory with metabase path '{1}' and local path '{2}'.", new object[]
{
"system.webServer/security/authentication/windowsAuthentication",
metabasePath,
text4
});
task.WriteError(new ArgumentException(Strings.ErrorAppHostOrWindowsAuthenticationNotFound("system.webServer/security/authentication/windowsAuthentication", metabasePath, text4)), ErrorCategory.ObjectNotFound, exchangeVirtualDirectory.Identity);
}
}
}
}
}
}
}