archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/admin/admt/script/securitytranslation.cpp

470 lines
10 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. #include "StdAfx.h"
  2. #include "ADMTScript.h"
  3. #include "SecurityTranslation.h"
  5. #include "Error.h"
  6. #include "VarSetOptions.h"
  7. #include "VarSetAccountOptions.h"
  8. #include "VarSetSecurity.h"
  10. #ifndef tstring
  11. #include <string>
  12. typedef std::basic_string<_TCHAR> tstring;
  13. #endif
  16. //---------------------------------------------------------------------------
  17. // Security Translation Class
  18. //---------------------------------------------------------------------------
  21. CSecurityTranslation::CSecurityTranslation() :
  22. m_lTranslationOption(admtTranslateReplace),
  23. m_bTranslateFilesAndFolders(false),
  24. m_bTranslateLocalGroups(false),
  25. m_bTranslatePrinters(false),
  26. m_bTranslateRegistry(false),
  27. m_bTranslateShares(false),
  28. m_bTranslateUserProfiles(false),
  29. m_bTranslateUserRights(false)
  30. {
  31. }
  34. CSecurityTranslation::~CSecurityTranslation()
  35. {
  36. }
  39. // ISecurityTranslation Implementation ----------------------------------------
  42. // TranslationOption Property
  44. STDMETHODIMP CSecurityTranslation::put_TranslationOption(long lOption)
  45. {
  46. HRESULT hr = S_OK;
  48. if (IsTranslationOptionValid(lOption))
  49. {
  50. m_lTranslationOption = lOption;
  51. }
  52. else
  53. {
  54. hr = AdmtSetError(CLSID_Migration, IID_ISecurityTranslation, E_INVALIDARG, IDS_E_TRANSLATION_OPTION_INVALID);
  55. }
  57. return hr;
  58. }
  60. STDMETHODIMP CSecurityTranslation::get_TranslationOption(long* plOption)
  61. {
  62. *plOption = m_lTranslationOption;
  64. return S_OK;
  65. }
  68. // TranslateFilesAndFolders Property
  70. STDMETHODIMP CSecurityTranslation::put_TranslateFilesAndFolders(VARIANT_BOOL bTranslate)
  71. {
  72. m_bTranslateFilesAndFolders = bTranslate ? true : false;
  74. return S_OK;
  75. }
  77. STDMETHODIMP CSecurityTranslation::get_TranslateFilesAndFolders(VARIANT_BOOL* pbTranslate)
  78. {
  79. *pbTranslate = m_bTranslateFilesAndFolders ? VARIANT_TRUE : VARIANT_FALSE;
  81. return S_OK;
  82. }
  85. // TranslateLocalGroups Property
  87. STDMETHODIMP CSecurityTranslation::put_TranslateLocalGroups(VARIANT_BOOL bTranslate)
  88. {
  89. m_bTranslateLocalGroups = bTranslate ? true : false;
  91. return S_OK;
  92. }
  94. STDMETHODIMP CSecurityTranslation::get_TranslateLocalGroups(VARIANT_BOOL* pbTranslate)
  95. {
  96. *pbTranslate = m_bTranslateLocalGroups ? VARIANT_TRUE : VARIANT_FALSE;
  98. return S_OK;
  99. }
  102. // TranslatePrinters Property
  104. STDMETHODIMP CSecurityTranslation::put_TranslatePrinters(VARIANT_BOOL bTranslate)
  105. {
  106. m_bTranslatePrinters = bTranslate ? true : false;
  108. return S_OK;
  109. }
  111. STDMETHODIMP CSecurityTranslation::get_TranslatePrinters(VARIANT_BOOL* pbTranslate)
  112. {
  113. *pbTranslate = m_bTranslatePrinters ? VARIANT_TRUE : VARIANT_FALSE;
  115. return S_OK;
  116. }
  119. // TranslateRegistry Property
  121. STDMETHODIMP CSecurityTranslation::put_TranslateRegistry(VARIANT_BOOL bTranslate)
  122. {
  123. m_bTranslateRegistry = bTranslate ? true : false;
  125. return S_OK;
  126. }
  128. STDMETHODIMP CSecurityTranslation::get_TranslateRegistry(VARIANT_BOOL* pbTranslate)
  129. {
  130. *pbTranslate = m_bTranslateRegistry ? VARIANT_TRUE : VARIANT_FALSE;
  132. return S_OK;
  133. }
  136. // TranslateShares Property
  138. STDMETHODIMP CSecurityTranslation::put_TranslateShares(VARIANT_BOOL bTranslate)
  139. {
  140. m_bTranslateShares = bTranslate ? true : false;
  142. return S_OK;
  143. }
  145. STDMETHODIMP CSecurityTranslation::get_TranslateShares(VARIANT_BOOL* pbTranslate)
  146. {
  147. *pbTranslate = m_bTranslateShares ? VARIANT_TRUE : VARIANT_FALSE;
  149. return S_OK;
  150. }
  153. // TranslateUserProfiles Property
  155. STDMETHODIMP CSecurityTranslation::put_TranslateUserProfiles(VARIANT_BOOL bTranslate)
  156. {
  157. m_bTranslateUserProfiles = bTranslate ? true : false;
  159. return S_OK;
  160. }
  162. STDMETHODIMP CSecurityTranslation::get_TranslateUserProfiles(VARIANT_BOOL* pbTranslate)
  163. {
  164. *pbTranslate = m_bTranslateUserProfiles ? VARIANT_TRUE : VARIANT_FALSE;
  166. return S_OK;
  167. }
  170. // TranslateUserRights Property
  172. STDMETHODIMP CSecurityTranslation::put_TranslateUserRights(VARIANT_BOOL bTranslate)
  173. {
  174. m_bTranslateUserRights = bTranslate ? true : false;
  176. return S_OK;
  177. }
  179. STDMETHODIMP CSecurityTranslation::get_TranslateUserRights(VARIANT_BOOL* pbTranslate)
  180. {
  181. *pbTranslate = m_bTranslateUserRights ? VARIANT_TRUE : VARIANT_FALSE;
  183. return S_OK;
  184. }
  187. // SidMappingFile Property
  189. STDMETHODIMP CSecurityTranslation::put_SidMappingFile(BSTR bstrFile)
  190. {
  191. HRESULT hr = S_OK;
  193. try
  194. {
  195. _bstr_t strFile = bstrFile;
  197. if (strFile.length() > 0)
  198. {
  199. _TCHAR szPath[_MAX_PATH];
  200. LPTSTR pszFilePart;
  202. DWORD cchPath = GetFullPathName(strFile, _MAX_PATH, szPath, &pszFilePart);
  204. if ((cchPath == 0) || (cchPath >= _MAX_PATH))
  205. {
  206. AdmtThrowError(
  207. GUID_NULL,
  208. GUID_NULL,
  209. HRESULT_FROM_WIN32(GetLastError()),
  210. IDS_E_SID_MAPPING_FILE,
  211. (LPCTSTR)strFile
  212. );
  213. }
  215. HANDLE hFile = CreateFile(
  216. szPath,
  217. GENERIC_READ,
  218. FILE_SHARE_READ|FILE_SHARE_WRITE,
  219. NULL,
  220. OPEN_EXISTING,
  221. FILE_ATTRIBUTE_NORMAL,
  222. NULL
  223. );
  225. if (hFile == INVALID_HANDLE_VALUE)
  226. {
  227. AdmtThrowError(
  228. GUID_NULL,
  229. GUID_NULL,
  230. HRESULT_FROM_WIN32(GetLastError()),
  231. IDS_E_SID_MAPPING_FILE,
  232. (LPCTSTR)strFile
  233. );
  234. }
  236. CloseHandle(hFile);
  238. m_bstrSidMappingFile = szPath;
  239. }
  240. else
  241. {
  242. m_bstrSidMappingFile = strFile;
  243. }
  244. }
  245. catch (_com_error& ce)
  246. {
  247. hr = AdmtSetError(CLSID_Migration, IID_ISecurityTranslation, ce);
  248. }
  249. catch (...)
  250. {
  251. hr = AdmtSetError(CLSID_Migration, IID_ISecurityTranslation, E_FAIL);
  252. }
  254. return hr;
  255. }
  257. STDMETHODIMP CSecurityTranslation::get_SidMappingFile(BSTR* pbstrFile)
  258. {
  259. HRESULT hr = S_OK;
  261. try
  262. {
  263. *pbstrFile = m_bstrSidMappingFile.copy();
  264. }
  265. catch (_com_error& ce)
  266. {
  267. hr = AdmtSetError(CLSID_Migration, IID_ISecurityTranslation, ce);
  268. }
  269. catch (...)
  270. {
  271. hr = AdmtSetError(CLSID_Migration, IID_ISecurityTranslation, E_FAIL);
  272. }
  274. return hr;
  275. }
  278. // Translate Method
  280. STDMETHODIMP CSecurityTranslation::Translate(long lOptions, VARIANT vntInclude, VARIANT vntExclude)
  281. {
  282. HRESULT hr = S_OK;
  284. MutexWait();
  286. bool bLogOpen = _Module.OpenLog();
  288. try
  289. {
  290. _Module.Log(ErrI, IDS_STARTED_SECURITY_TRANSLATION);
  292. InitSourceDomainAndContainer(false);
  293. InitTargetDomainAndContainer();
  295. DoOption(lOptions, vntInclude, vntExclude);
  296. }
  297. catch (_com_error& ce)
  298. {
  299. _Module.Log(ErrE, IDS_E_CANT_TRANSLATE_SECURITY, ce);
  300. hr = AdmtSetError(CLSID_Migration, IID_ISecurityTranslation, ce, IDS_E_CANT_TRANSLATE_SECURITY);
  301. }
  302. catch (...)
  303. {
  304. _Module.Log(ErrE, IDS_E_CANT_TRANSLATE_SECURITY, _com_error(E_FAIL));
  305. hr = AdmtSetError(CLSID_Migration, IID_ISecurityTranslation, E_FAIL, IDS_E_CANT_TRANSLATE_SECURITY);
  306. }
  308. if (bLogOpen)
  309. {
  310. _Module.CloseLog();
  311. }
  313. MutexRelease();
  315. return hr;
  316. }
  319. // Implementation -----------------------------------------------------------
  322. // DoNames Method
  324. void CSecurityTranslation::DoNames()
  325. {
  326. CDomainAccounts aComputers;
  328. m_TargetDomain.QueryComputersAcrossDomains(GetTargetContainer(), true, m_setIncludeNames, m_setExcludeNames, aComputers);
  330. DoComputers(aComputers);
  331. }
  334. // DoDomain Method
  336. void CSecurityTranslation::DoDomain()
  337. {
  338. DoContainers(GetTargetContainer());
  339. }
  342. // DoContainers Method
  344. void CSecurityTranslation::DoContainers(CContainer& rContainer)
  345. {
  346. DoComputers(rContainer);
  347. }
  350. // DoComputers Method
  352. void CSecurityTranslation::DoComputers(CContainer& rContainer)
  353. {
  354. CDomainAccounts aComputers;
  356. rContainer.QueryComputers(true, m_nRecurseMaintain >= 1, m_setExcludeNames, aComputers);
  358. DoComputers(aComputers);
  359. }
  362. // DoComputers Method
  364. void CSecurityTranslation::DoComputers(CDomainAccounts& rComputers)
  365. {
  366. if (rComputers.size() > 0)
  367. {
  368. CVarSet aVarSet;
  370. SetOptions(aVarSet);
  371. SetAccountOptions(aVarSet);
  372. SetSecurity(aVarSet);
  374. FillInVarSetForComputers(rComputers, false, false, false, 0, aVarSet);
  376. rComputers.clear();
  378. aVarSet.Put(_T("PlugIn.%ld"), 0, _T("None"));
  380. PerformMigration(aVarSet);
  382. SaveSettings(aVarSet);
  383. }
  384. }
  387. // SetOptions Method
  389. void CSecurityTranslation::SetOptions(CVarSet& rVarSet)
  390. {
  391. CVarSetOptions aOptions(rVarSet);
  393. aOptions.SetTest(m_spInternal->TestMigration ? true : false);
  394. aOptions.SetUndo(false);
  395. aOptions.SetWizard(_T("security"));
  396. aOptions.SetIntraForest(m_spInternal->IntraForest ? true : false);
  398. // if source domain exists...
  400. if (m_SourceDomain.Initialized())
  401. {
  402. // then set domain information
  403. aOptions.SetSourceDomain(m_SourceDomain.NameFlat(), m_SourceDomain.NameDns(), m_SourceDomain.Sid());
  404. }
  405. else
  406. {
  407. // otherwise attempt to retrieve source domain information from database
  409. _bstr_t strName = m_spInternal->SourceDomain;
  411. // if name specified
  413. if (strName.length())
  414. {
  415. IIManageDBPtr spDatabase(__uuidof(IManageDB));
  417. IVarSetPtr spVarSet = spDatabase->GetSourceDomainInfo(strName);
  419. // if able to retrieve source domain information...
  421. if (spVarSet)
  422. {
  423. // then set domain information retrieved from database
  425. _bstr_t strFlatName = spVarSet->get(_T("Options.SourceDomain"));
  426. _bstr_t strDnsName = spVarSet->get(_T("Options.SourceDomainDns"));
  427. _bstr_t strSid = spVarSet->get(_T("Options.SourceDomainSid"));
  429. aOptions.SetSourceDomain(strFlatName, strDnsName, strSid);
  430. }
  431. else
  432. {
  433. // otherwise specify given name for flat name
  434. // this may occur if SID mapping file is being used
  435. aOptions.SetSourceDomain(strName, NULL);
  436. }
  437. }
  438. }
  440. aOptions.SetTargetDomain(m_TargetDomain.NameFlat(), m_TargetDomain.NameDns());
  441. }
  444. // SetAccountOptions Method
  446. void CSecurityTranslation::SetAccountOptions(CVarSet& rVarSet)
  447. {
  448. CVarSetAccountOptions aOptions(rVarSet);
  450. aOptions.SetSecurityTranslationOptions();
  451. aOptions.SetSecurityMapFile(m_bstrSidMappingFile);
  452. }
  455. // SetSecurity Method
  457. void CSecurityTranslation::SetSecurity(CVarSet& rVarSet)
  458. {
  459. CVarSetSecurity aSecurity(rVarSet);
  461. aSecurity.SetTranslationOption(m_lTranslationOption);
  462. aSecurity.SetTranslateContainers(false);
  463. aSecurity.SetTranslateFiles(m_bTranslateFilesAndFolders);
  464. aSecurity.SetTranslateLocalGroups(m_bTranslateLocalGroups);
  465. aSecurity.SetTranslatePrinters(m_bTranslatePrinters);
  466. aSecurity.SetTranslateRegistry(m_bTranslateRegistry);
  467. aSecurity.SetTranslateShares(m_bTranslateShares);
  468. aSecurity.SetTranslateUserProfiles(m_bTranslateUserProfiles);
  469. aSecurity.SetTranslateUserRights(m_bTranslateUserRights);
  470. }