archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/admin/cmdline/whoami/wssid.cpp

691 lines
19 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) Microsoft Corporation
  5. Module Name:
  7. wssid.cpp
  9. Abstract:
  11. This file gets the security identifier (SID) for respective user name and
  12. groups in the current access token on a local system or a remote system.
  14. Authors:
  16. Christophe Robert
  18. Revision History:
  20. 02-July-2001 : Updated by Wipro Technologies.
  22. --*/
  24. //common header files needed for this file
  25. #include "pch.h"
  26. #include "CommonHeaderFiles.h"
  29. WsSid::WsSid ( VOID )
  30. /*++
  31. Routine Description:
  32. This function intializes the members of WsSid class.
  34. Arguments:
  35. None
  36. Return Value:
  37. None
  38. --*/
  39. {
  40. // initializing member variables
  41. pSid = NULL ;
  42. bToBeFreed = FALSE ;
  43. }
  47. WsSid::~WsSid ( VOID )
  48. /*++
  49. Routine Description:
  50. This function deallocates the members of WsSid class.
  52. Arguments:
  53. None
  54. Return Value:
  55. None
  56. --*/
  57. {
  59. // release memory
  60. if ( bToBeFreed && pSid ){
  61. FreeMemory ( (LPVOID *) &pSid ) ;
  62. }
  63. }
  66. DWORD
  67. WsSid::DisplayAccountName (
  68. IN DWORD dwFormatType ,
  69. IN DWORD dwNameFormat
  70. )
  71. /*++
  72. Routine Description:
  73. This function displays the user name and SID.
  75. Arguments:
  76. [IN] DWORD dwFormatType : Format type i.,e LIST, CSV or TABLE
  77. [IN] DWORD dwNameFormat : Name Format either UPN or FQDN
  79. Return Value:
  80. EXIT_SUCCESS : On success
  81. EXIT_FAILURE : On failure
  82. --*/
  83. {
  85. // sub-local variables
  86. WCHAR wszUserName[ MAX_STRING_LENGTH ];
  87. WCHAR wszSid [ MAX_STRING_LENGTH ];
  88. WCHAR wszGroup[MAX_STRING_LENGTH];
  89. DWORD dwErr = 0 ;
  90. DWORD dwColCount = 0 ;
  91. DWORD dw = 0 ;
  92. DWORD dwCount = 0 ;
  93. DWORD dwArrSize = 0 ;
  94. DWORD dwSize = 0;
  95. DWORD dwUserLen = 0;
  96. DWORD dwSidLen = 0;
  97. DWORD dwUserColLen = 0;
  98. DWORD dwSidColLen = 0;
  99. DWORD dwSidUse = 0;
  100. LPWSTR wszBuffer = NULL;
  102. //initialize memory
  103. SecureZeroMemory ( wszUserName, SIZE_OF_ARRAY(wszUserName) );
  104. SecureZeroMemory ( wszSid, SIZE_OF_ARRAY(wszSid) );
  105. SecureZeroMemory ( wszGroup, SIZE_OF_ARRAY(wszGroup) );
  107. // create a dynamic array
  108. TARRAY pColData = CreateDynamicArray();
  109. if ( NULL == pColData)
  110. {
  111. // set last error and display an error message with respect
  112. //to ERROR_NOT_ENOUGH_MEMORY
  113. SetLastError((DWORD)E_OUTOFMEMORY);
  114. SaveLastError();
  115. ShowLastErrorEx (stderr, SLE_TYPE_ERROR | SLE_SYSTEM);
  116. return EXIT_FAILURE;
  117. }
  119. dwSize = SIZE_OF_ARRAY(wszGroup);
  121. //if /FQDN is specified
  122. if ( (FQDN_FORMAT == dwNameFormat) )
  123. {
  124. //Get the username in FQDN format
  125. if (GetUserNameEx ( NameFullyQualifiedDN, wszGroup, &dwSize) == FALSE )
  126. {
  127. // GetUserNameEx() got failed due to small size specified for username.
  128. // allocate the actual size (dwSize) of username and call the same
  129. // function again...
  130. wszBuffer = (LPWSTR) AllocateMemory(dwSize * sizeof(WCHAR));
  131. if ( NULL == wszBuffer )
  132. {
  133. // display system error message with respect to GetLastError()
  134. ShowLastErrorEx ( stderr, SLE_TYPE_ERROR | SLE_SYSTEM );
  135. return EXIT_FAILURE;
  136. }
  138. if (GetUserNameEx ( NameFullyQualifiedDN, wszBuffer, &dwSize) == FALSE )
  139. {
  140. // display an error messaga as.. unable to get FQDN name
  141. // as logged-on user is not a domain user
  142. ShowMessage ( stderr, GetResString (IDS_ERROR_FQDN) );
  143. DestroyDynamicArray(&pColData);
  144. FreeMemory ((LPVOID*) &wszBuffer);
  145. return EXIT_FAILURE ;
  146. }
  148. ShowMessage ( stdout, _X(wszBuffer));
  149. ShowMessage ( stdout, L"\n");
  150. FreeMemory ((LPVOID*) &wszBuffer);
  151. DestroyDynamicArray(&pColData);
  152. // return success
  153. return EXIT_SUCCESS;
  154. }
  156. ShowMessage ( stdout, _X(wszGroup));
  157. ShowMessage ( stdout, L"\n");
  158. DestroyDynamicArray(&pColData);
  159. // return success
  160. return EXIT_SUCCESS;
  162. }
  163. else if ( (UPN_FORMAT == dwNameFormat ) )
  164. {
  165. // get the user name in UPN format
  166. if ( GetUserNameEx ( NameUserPrincipal, wszGroup, &dwSize) == FALSE )
  167. {
  168. // GetUserNameEx() got failed due to small size specified for username
  169. // allocate the actual size(dwSize) of username and call the same
  170. // function again...
  171. wszBuffer = (LPWSTR) AllocateMemory(dwSize * sizeof(WCHAR));
  172. if ( NULL == wszBuffer )
  173. {
  174. // display system error message with respect to GetLastError()
  175. ShowLastErrorEx ( stderr, SLE_TYPE_ERROR | SLE_SYSTEM );
  176. return EXIT_FAILURE;
  177. }
  179. // get the user name in UPN format
  180. if ( GetUserNameEx ( NameUserPrincipal, wszBuffer, &dwSize) == FALSE )
  181. {
  182. // display an error messaga as.. unable to get UPN name
  183. // as logged-on user is not a domain user
  184. ShowMessage ( stderr, GetResString (IDS_ERROR_UPN) );
  185. // release memory
  186. DestroyDynamicArray(&pColData);
  187. FreeMemory ((LPVOID*) &wszBuffer);
  188. return EXIT_FAILURE ;
  189. }
  191. // convert UPN name in lower case letters
  192. CharLower ( wszBuffer );
  194. // display UPN name
  195. ShowMessage ( stdout, _X(wszBuffer) );
  196. ShowMessage ( stdout, L"\n");
  197. // release memory
  198. DestroyDynamicArray(&pColData);
  199. FreeMemory ((LPVOID*) &wszBuffer);
  200. //return success
  201. return EXIT_SUCCESS;
  202. }
  204. // convert UPN name in lower case letters
  205. CharLower ( wszGroup );
  207. // display UPN name
  208. ShowMessage ( stdout, _X(wszGroup) );
  209. ShowMessage ( stdout, L"\n");
  211. DestroyDynamicArray(&pColData);
  212. //return success
  213. return EXIT_SUCCESS;
  214. }
  217. // get user name
  218. if ( (dwErr = GetAccountName ( wszUserName, &dwSidUse)) != EXIT_SUCCESS ){
  219. // display an error message with respect to Win32 error code
  220. ShowLastErrorEx(stderr, SLE_TYPE_ERROR | SLE_SYSTEM);
  221. DestroyDynamicArray(&pColData);
  222. return dwErr ;
  223. }
  225. // convery user name in lower case letters
  226. CharLower ( wszUserName );
  228. // if /USER specified
  229. if ( USER_ONLY != dwNameFormat)
  230. {
  231. // display SID with respect to username
  232. if ( (dwErr = DisplaySid ( wszSid ) ) != EXIT_SUCCESS ){
  233. DestroyDynamicArray(&pColData);
  234. return dwErr ;
  235. }
  236. }
  238. // get the length of user name
  239. dwUserLen = StringLengthInBytes (wszUserName);
  240. // get the length of SID
  241. dwSidLen = StringLengthInBytes (wszSid);
  243. //
  244. //To avoid localization problems, get the maximum length of column name and
  245. // values of respective columns
  246. //
  248. // Get the maximum length of a column name "UserName"
  249. dwUserColLen = StringLengthInBytes( GetResString(IDS_COL_USERNAME) );
  250. if ( dwUserColLen > dwUserLen )
  251. {
  252. dwUserLen = dwUserColLen;
  253. }
  255. // Get the maximum length of a column name "SID"
  256. dwSidColLen = StringLengthInBytes( GetResString(IDS_COL_SID) );
  257. if ( dwSidColLen > dwSidLen )
  258. {
  259. dwSidLen = dwSidColLen;
  260. }
  262. // defining verbose columns with the actual size
  263. TCOLUMNS pVerboseCols[] =
  264. {
  265. {L"\0",dwUserLen, SR_TYPE_STRING, COL_FORMAT_STRING, NULL, NULL},
  266. {L"\0",dwSidLen,SR_TYPE_STRING,COL_FORMAT_STRING,NULL,NULL}
  267. };
  269. // if /USER is specified
  270. if ( USER_ONLY == dwNameFormat )
  271. {
  272. // display the user name
  273. StringCopy (pVerboseCols[dw].szColumn , GetResString(IDS_COL_USERNAME), MAX_RES_STRING);
  274. ShowMessage ( stdout, _X(wszUserName) );
  275. ShowMessage ( stdout, L"\n");
  277. // release memory
  278. DestroyDynamicArray(&pColData);
  280. return EXIT_SUCCESS;
  281. }
  282. else
  283. {
  284. //Load the column names for verbose mode
  285. for( dwColCount = IDS_COL_USERNAME , dw = 0 ; dwColCount <= IDS_COL_SID;
  286. dwColCount++, dw++)
  287. {
  288. StringCopy(pVerboseCols[dw].szColumn , GetResString(dwColCount), MAX_RES_STRING );
  289. }
  291. // get the number of columns
  292. dwArrSize = SIZE_OF_ARRAY( pVerboseCols );
  293. }
  295. //Start appending to the 2D array
  296. DynArrayAppendRow(pColData, dwArrSize);
  298. //Insert the user name
  299. DynArraySetString2(pColData, dwCount, USERNAME_COL_NUMBER, _X(wszUserName), 0);
  301. //Insert the SID string
  302. DynArraySetString2(pColData, dwCount, SID_COL_NUMBER, _X(wszSid), 0);
  304. // 1) If the display format is CSV.. then we should not display column headings..
  305. // 2) If /NH is specified ...then we should not display column headings..
  306. if ( !(( SR_FORMAT_CSV == dwFormatType ) || ((dwFormatType & SR_HIDECOLUMN) == SR_HIDECOLUMN)))
  307. {
  308. // display the headings before displaying the username and SID
  309. ShowMessage ( stdout, L"\n" );
  310. ShowMessage ( stdout, GetResString ( IDS_LIST_USER_NAMES ) );
  311. ShowMessage ( stdout, GetResString ( IDS_DISPLAY_USER_DASH ) );
  312. }
  314. // display the actual values for user name and SID
  315. ShowResults(dwArrSize, pVerboseCols, dwFormatType, pColData);
  317. // release memory
  318. DestroyDynamicArray(&pColData);
  319. // return success
  320. return EXIT_SUCCESS;
  321. }
  325. DWORD
  326. WsSid::DisplayGroupName ( OUT LPWSTR wszGroupName,
  327. OUT LPWSTR wszGroupSid,
  328. IN DWORD *dwSidUseName)
  329. /*++
  330. Routine Description:
  331. This function gets the group name and SID to display.
  333. Arguments:
  334. [OUT] LPWSTR wszGroupName : Stores group name
  335. [OUT] LPWSTR wszGroupSid : Stores group SID
  336. [IN] DWORD dwSidUseName : stores Sid use name
  338. Return Value:
  339. EXIT_SUCCESS : On success
  340. EXIT_FAILURE : On failure
  341. --*/
  342. {
  343. // sub-local variables
  344. DWORD dwErr = 0 ;
  345. DWORD dwSidUse = 0;
  347. // display the user name
  348. if ( (dwErr = GetAccountName ( wszGroupName, &dwSidUse) ) != EXIT_SUCCESS ){
  349. // display an error message with respect to Win32 error code
  350. ShowLastErrorEx(stderr, SLE_TYPE_ERROR | SLE_SYSTEM);
  351. return dwErr ;
  352. }
  354. // display SID
  355. if ( (dwErr = DisplaySid ( wszGroupSid ) ) != EXIT_SUCCESS ){
  356. return dwErr ;
  357. }
  359. *dwSidUseName = dwSidUse;
  361. // return success
  362. return EXIT_SUCCESS;
  363. }
  366. DWORD
  367. WsSid::DisplaySid (
  368. OUT LPWSTR wszSid
  369. )
  370. /*++
  371. Routine Description:
  372. This function gets the SID .
  374. Arguments:
  375. [OUT] LPWSTR wszSid : Stores SID string
  377. Return Value:
  378. EXIT_SUCCESS : On success
  379. EXIT_FAILURE : On failure
  380. --*/
  381. {
  383. // sub-local variable
  384. DWORD dwErr = 0 ;
  386. // Get SID string
  387. if ( (dwErr = GetSidString (wszSid)) != EXIT_SUCCESS )
  388. {
  389. return dwErr ;
  390. }
  392. // return success
  393. return EXIT_SUCCESS;
  395. }
  399. DWORD
  400. WsSid::GetAccountName (
  401. OUT LPWSTR wszAccountName,
  402. OUT DWORD *dwSidType
  403. )
  404. /*++
  405. Routine Description:
  406. This function gets the account name and SID
  408. Arguments:
  409. [OUT] szAccountName : Stores user name
  410. [OUT] dwSidType : Stores Sid use name
  412. Return Value:
  413. EXIT_SUCCESS : On success
  414. EXIT_FAILURE : On failure
  415. --*/
  416. {
  418. // sub-local variables
  419. SID_NAME_USE SidUse ;
  421. WCHAR wszUserName[ MAX_RES_STRING ];
  422. WCHAR wszDomainName [ MAX_RES_STRING ];
  423. DWORD dwUserLen = 0;
  424. DWORD dwDomainLen = 0;
  425. BOOL bNotResolved = FALSE;
  427. // initialize the variables
  428. SecureZeroMemory ( wszUserName, SIZE_OF_ARRAY(wszUserName) );
  429. SecureZeroMemory ( wszDomainName, SIZE_OF_ARRAY(wszDomainName) );
  431. // get the length of user name and group name
  432. dwUserLen = SIZE_OF_ARRAY ( wszUserName );
  433. dwDomainLen = SIZE_OF_ARRAY ( wszDomainName );
  435. // enable debug privileges
  436. if ( FALSE == EnableDebugPriv() )
  437. {
  438. // return WIN32 error code
  439. return GetLastError () ;
  440. }
  442. // get user name and domain name with respective to SID
  443. if ( FALSE == LookupAccountSid ( NULL, // Local System
  444. pSid,
  445. wszUserName,
  446. &dwUserLen,
  447. wszDomainName,
  448. &dwDomainLen,
  449. &SidUse ) ){
  450. if ( 0 == StringLength (wszUserName, 0))
  451. {
  452. bNotResolved = TRUE;
  453. StringCopy ( wszAccountName, L" ", MAX_RES_STRING );
  454. }
  455. else if ( ( 0 != StringLength (wszDomainName, 0) ) && ( 0 != StringLength (wszUserName, 0) ) ) {
  456. // return WIN32 error code
  457. return GetLastError () ;
  458. }
  460. }
  462. if ( FALSE == bNotResolved)
  463. {
  464. // check for empty domain name
  465. if ( 0 != StringLength ( wszDomainName, 0 ) ) {
  466. StringCopy ( wszAccountName, wszDomainName, MAX_RES_STRING );
  467. StringConcat ( wszAccountName, SLASH , MAX_RES_STRING);
  468. StringConcat ( wszAccountName, wszUserName, MAX_RES_STRING );
  469. }
  470. else {
  471. StringCopy ( wszAccountName, wszUserName, MAX_RES_STRING );
  472. }
  473. }
  475. *dwSidType = (DWORD)SidUse;
  477. // return success
  478. return EXIT_SUCCESS ;
  479. }
  482. DWORD
  483. WsSid::GetSidString (
  484. OUT LPWSTR wszSid
  485. )
  486. /*++
  487. Routine Description:
  488. This function gets the SID string.
  490. Arguments:
  491. [OUT] LPWSTR wszSid : Stores SID string
  493. Return Value:
  494. EXIT_SUCCESS : On success
  495. EXIT_FAILURE : On failure
  496. --*/
  497. {
  499. // sub-local variables
  500. PSID_IDENTIFIER_AUTHORITY Auth ;
  501. PUCHAR lpNbSubAuth ;
  502. LPDWORD lpSubAuth = 0 ;
  503. UCHAR uloop ;
  504. WCHAR wszTmp[MAX_RES_STRING] ;
  505. WCHAR wszStr[ MAX_RES_STRING ] ;
  507. // initialize the variables
  508. SecureZeroMemory ( wszTmp, SIZE_OF_ARRAY(wszTmp) );
  509. SecureZeroMemory ( wszStr, SIZE_OF_ARRAY(wszStr) );
  511. //check for empty
  512. if ( NULL == pSid )
  513. {
  514. return EXIT_FAILURE ;
  515. }
  517. //Is it a valid SID
  518. if ( FALSE == IsValidSid ( pSid ) ) {
  519. ShowMessage ( stderr, GetResString ( IDS_INVALID_SID ) );
  520. return EXIT_FAILURE ;
  521. }
  523. //Add the revision
  524. StringCopy ( wszStr, SID_STRING, MAX_RES_STRING );
  526. //Get identifier authority
  527. Auth = GetSidIdentifierAuthority ( pSid ) ;
  529. if ( NULL == Auth )
  530. {
  531. // return WIN32 error code
  532. return GetLastError () ;
  533. }
  535. // format authority value
  536. if ( (Auth->Value[0] != 0) || (Auth->Value[1] != 0) ) {
  537. StringCchPrintf ( wszTmp, SIZE_OF_ARRAY(wszTmp), AUTH_FORMAT_STR1 ,
  538. (ULONG)Auth->Value[0],
  539. (ULONG)Auth->Value[1],
  540. (ULONG)Auth->Value[2],
  541. (ULONG)Auth->Value[3],
  542. (ULONG)Auth->Value[4],
  543. (ULONG)Auth->Value[5] );
  544. }
  545. else {
  546. StringCchPrintf ( wszTmp, SIZE_OF_ARRAY(wszTmp), AUTH_FORMAT_STR2 ,
  547. (ULONG)(Auth->Value[5] ) +
  548. (ULONG)(Auth->Value[4] << 8) +
  549. (ULONG)(Auth->Value[3] << 16) +
  550. (ULONG)(Auth->Value[2] << 24) );
  551. }
  553. StringConcat (wszStr, DASH , SIZE_OF_ARRAY(wszStr));
  554. StringConcat (wszStr, wszTmp, SIZE_OF_ARRAY(wszStr));
  556. //Get sub authorities
  557. lpNbSubAuth = GetSidSubAuthorityCount ( pSid ) ;
  559. if ( NULL == lpNbSubAuth )
  560. {
  561. return GetLastError () ;
  562. }
  564. // loop through and get sub authority
  565. for ( uloop = 0 ; uloop < *lpNbSubAuth ; uloop++ ) {
  566. lpSubAuth = GetSidSubAuthority ( pSid,(DWORD)uloop ) ;
  567. if ( NULL == lpSubAuth )
  568. {
  569. return GetLastError () ;
  570. }
  572. // convert long integer to a string
  573. _ultot (*lpSubAuth, wszTmp, BASE_TEN) ;
  574. StringConcat ( wszStr, DASH, SIZE_OF_ARRAY(wszStr) ) ;
  575. StringConcat (wszStr, wszTmp, SIZE_OF_ARRAY(wszStr) ) ;
  576. }
  578. StringCopy ( wszSid, wszStr, MAX_RES_STRING );
  580. // retunr success
  581. return EXIT_SUCCESS ;
  582. }
  585. DWORD
  586. WsSid::Init (
  587. OUT PSID pOtherSid
  588. )
  589. /*++
  590. Routine Description:
  591. This function Initializes the SID
  593. Arguments:
  594. [OUT] PSID pOtherSid : Stores SID string
  596. Return Value:
  597. EXIT_SUCCESS : On success
  598. EXIT_FAILURE : On failure
  599. --*/
  600. {
  602. // sub-local variable
  603. DWORD dwSize ;
  605. // get the length of SID
  606. dwSize = GetLengthSid ( pOtherSid ) ;
  608. // allocate the memory with the actual size
  609. pSid = (PSID) AllocateMemory ( dwSize ) ;
  610. if ( NULL == pSid )
  611. {
  612. // return WIN32 error code
  613. return GetLastError () ;
  614. }
  616. bToBeFreed = TRUE ;
  618. // copy SID
  619. if ( FALSE == CopySid ( dwSize, pSid, pOtherSid ) ){
  620. return GetLastError () ;
  621. }
  623. // return success
  624. return EXIT_SUCCESS ;
  625. }
  627. BOOL
  628. WsSid::EnableDebugPriv()
  629. /*++
  630. Routine Description:
  631. Enables the debug privliges for the current process so that
  632. this utility can terminate the processes on local system without any problem
  634. Arguments:
  635. NONE
  637. Return Value:
  638. TRUE upon successfull and FALSE if failed
  639. --*/
  640. {
  641. // local variables
  642. LUID luidValue;
  643. BOOL bResult = FALSE;
  644. HANDLE hToken = NULL;
  645. TOKEN_PRIVILEGES tkp;
  647. // Retrieve a handle of the access token
  648. bResult = OpenProcessToken( GetCurrentProcess(),
  649. TOKEN_ADJUST_PRIVILEGES | TOKEN_ADJUST_GROUPS | TOKEN_QUERY, &hToken );
  650. if ( bResult == FALSE )
  651. {
  652. // save the error messaage and return
  653. SaveLastError();
  654. return FALSE;
  655. }
  657. // Enable the SE_DEBUG_NAME privilege or disable
  658. // all privileges, depends on this flag.
  659. bResult = LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &luidValue );
  660. if ( bResult == FALSE )
  661. {
  662. // save the error messaage and return
  663. SaveLastError();
  664. CloseHandle( hToken );
  665. return FALSE;
  666. }
  668. // prepare the token privileges structure
  669. tkp.PrivilegeCount = 1;
  670. tkp.Privileges[ 0 ].Luid = luidValue;
  671. tkp.Privileges[ 0 ].Attributes = SE_PRIVILEGE_ENABLED;
  673. // now enable the debug privileges in the token
  674. bResult = AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof( TOKEN_PRIVILEGES ),
  675. ( PTOKEN_PRIVILEGES ) NULL, ( PDWORD ) NULL );
  676. if ( bResult == FALSE )
  677. {
  678. // The return value of AdjustTokenPrivileges be texted
  679. SaveLastError();
  680. CloseHandle( hToken );
  681. return FALSE;
  682. }
  684. // close the opened handle object
  685. CloseHandle( hToken );
  687. // enabled ... inform success
  688. return TRUE;
  689. }