archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/admin/extens/acldiag/adutils.h

226 lines
7.0 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1999.
  5. //
  6. // File: ADUtils.h
  7. //
  8. // Contents: Classes CWString, CACLDiagComModule, ACE_SAMNAME, helper methods
  9. //
  10. //
  11. //----------------------------------------------------------------------------
  12. #ifndef __ACLDIAG_ADUTILS_H
  13. #define __ACLDIAG_ADUTILS_H
  15. #include "stdafx.h"
  16. #include "ADSIObj.h"
  18. ///////////////////////////////////////////////////////////////////////
  19. // wstring helper methods
  21. HRESULT wstringFromGUID (wstring& str, REFGUID guid);
  22. bool LoadFromResource(wstring& str, UINT uID);
  23. bool FormatMessage(wstring& str, UINT nFormatID, ...);
  24. bool FormatMessage(wstring& str, LPCTSTR lpszFormat, ...);
  27. #include <util.h>
  29. void StripQuotes (wstring& str);
  30. wstring GetSystemMessage (DWORD dwErr);
  31. HRESULT SetSecurityInfoMask(LPUNKNOWN punk, SECURITY_INFORMATION si);
  32. HANDLE EnablePrivileges(PDWORD pdwPrivileges, ULONG cPrivileges);
  33. BOOL ReleasePrivileges(HANDLE hToken);
  35. static const GUID NULLGUID =
  36. { 0x00000000, 0x0000, 0x0000, { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } };
  38. #define IsObjectAceType(Ace) ( \
  39. (((PACE_HEADER)(Ace))->AceType >= ACCESS_MIN_MS_OBJECT_ACE_TYPE) && \
  40. (((PACE_HEADER)(Ace))->AceType <= ACCESS_MAX_MS_OBJECT_ACE_TYPE) \
  41. )
  44. #define THROW(e) throw e
  47. #define ACLDIAG_CONFIG_NAMING_CONTEXT L"configurationNamingContext"
  48. #define ACLDIAG_ROOTDSE L"RootDSE"
  50. class PSID_FQDN
  51. {
  52. public:
  53. PSID_FQDN (PSID psid, const wstring& strFQDN, const wstring& strDownLevelName, SID_NAME_USE sne) :
  54. m_PSID (psid),
  55. m_strFQDN (strFQDN),
  56. m_strDownLevelName (strDownLevelName),
  57. m_sne (sne)
  58. {
  59. }
  60. PSID m_PSID;
  61. wstring m_strFQDN;
  62. wstring m_strDownLevelName;
  63. SID_NAME_USE m_sne;
  64. };
  66. ///////////////////////////////////////////////////////////////////////////////
  67. // Important note: m_pAllowedAce is used to refer to the Header and Mask fields.
  68. // This allows most operations because the fields are always in the same place for
  69. // all the structs below. For anything else, one of the other members of the
  70. // union must be used, depending on the m_AceType.
  71. class ACE_SAMNAME
  72. {
  73. public:
  74. ACE_SAMNAME () :
  75. m_AceType (0),
  76. m_pAllowedAce (0)
  77. {
  78. }
  80. void DebugOut () const;
  81. bool IsInherited () const;
  82. BOOL operator==(const ACE_SAMNAME& rAceSAMName) const;
  83. BOOL IsEquivalent (ACE_SAMNAME& rAceSAMName, ACCESS_MASK accessMask);
  84. BYTE m_AceType;
  85. union {
  86. PACCESS_ALLOWED_ACE m_pAllowedAce;
  87. PACCESS_ALLOWED_OBJECT_ACE m_pAllowedObjectAce;
  88. PACCESS_DENIED_ACE m_pDeniedAce;
  89. PACCESS_DENIED_OBJECT_ACE m_pDeniedObjectAce;
  90. PSYSTEM_AUDIT_ACE m_pSystemAuditAce;
  91. PSYSTEM_AUDIT_OBJECT_ACE m_pSystemAuditObjectAce;
  92. };
  93. wstring m_SAMAccountName;
  94. wstring m_strObjectGUID;
  95. wstring m_strInheritedObjectGUID;
  96. };
  99. typedef list<ACE_SAMNAME*> ACE_SAMNAME_LIST;
  101. typedef list<PSID_FQDN*> PSID_FQDN_LIST;
  103. class SAMNAME_SD {
  104. public:
  105. SAMNAME_SD (const wstring& upn, PSECURITY_DESCRIPTOR pSecurityDescriptor)
  106. {
  107. m_upn = upn;
  108. m_pSecurityDescriptor = pSecurityDescriptor;
  109. }
  110. virtual ~SAMNAME_SD ()
  111. {
  112. if ( m_pSecurityDescriptor )
  113. ::LocalFree (m_pSecurityDescriptor);
  114. }
  115. wstring m_upn;
  116. PSECURITY_DESCRIPTOR m_pSecurityDescriptor;
  117. ACE_SAMNAME_LIST m_DACLList;
  118. ACE_SAMNAME_LIST m_SACLList;
  119. };
  122. typedef enum {
  123. GUID_TYPE_UNKNOWN = -1,
  124. GUID_TYPE_CLASS = 0,
  125. GUID_TYPE_ATTRIBUTE,
  126. GUID_TYPE_CONTROL
  127. } GUID_TYPE;
  129. class CACLDiagComModule : public CComModule
  130. {
  131. public:
  132. CACLDiagComModule();
  134. virtual ~CACLDiagComModule ();
  136. HRESULT Init ();
  138. void SetObjectDN (const wstring& objectDN)
  139. {
  140. // strip quotes, if present
  141. m_strObjectDN = objectDN;
  142. StripQuotes (m_strObjectDN);
  143. }
  145. wstring GetObjectDN () const { return m_strObjectDN;}
  147. bool DoSchema () const { return m_bDoSchema;}
  148. void SetDoSchema () { m_bDoSchema = true;}
  150. bool CheckDelegation () const { return m_bDoCheckDelegation;}
  151. void SetCheckDelegation () { m_bDoCheckDelegation = true;}
  152. void TurnOffFixDelegation() { m_bDoFixDelegation = false;}
  153. bool FixDelegation () const { return m_bDoFixDelegation;}
  154. void SetFixDelegation () { m_bDoFixDelegation = true;}
  156. bool DoGetEffective () const { return m_bDoGetEffective;}
  157. void SetDoGetEffective (const wstring& strUserGroupDN)
  158. {
  159. // strip quotes, if present
  160. m_strUserGroupDN = strUserGroupDN;
  161. StripQuotes (m_strUserGroupDN);
  162. m_bDoGetEffective = true;
  163. }
  164. wstring GetEffectiveRightsPrincipal() const { return m_strUserGroupDN;}
  166. void SetTabDelimitedOutput () { m_bTabDelimitedOutput = true;}
  167. bool DoTabDelimitedOutput () const { return m_bTabDelimitedOutput;}
  169. void SetSkipDescription () { m_bSkipDescription = true;}
  170. bool SkipDescription () const { return m_bSkipDescription;}
  172. HRESULT GetClassFromGUID (REFGUID rGuid, wstring& strClassName, GUID_TYPE* pGuidType = 0);
  174. static HRESULT IsUserAdministrator (BOOL & bIsAdministrator);
  175. static bool IsWindowsNT();
  177. void SetDoLog(const wstring &strPath)
  178. {
  179. m_bLogErrors = true;
  180. m_strLogPath = strPath;
  181. }
  182. bool DoLog () const { return m_bLogErrors;}
  183. wstring GetLogPath () const { return m_strLogPath;};
  185. public:
  186. // SD of m_strObjectDN
  187. PSECURITY_DESCRIPTOR m_pSecurityDescriptor;
  188. PSID_FQDN_LIST m_PSIDList; // SIDs of interest: the owner, the SACL, the DACL
  190. // DACL and SACL of m_strObjectDN
  191. ACE_SAMNAME_LIST m_DACLList;
  192. ACE_SAMNAME_LIST m_SACLList;
  194. // SDs and DACLs for all the parents of m_strObjectDN
  195. list<SAMNAME_SD*> m_listOfParentSDs;
  197. // List of all known classes and properties, with their GUIDs
  198. CGrowableArr<CSchemaClassInfo> m_classInfoArray;
  199. CGrowableArr<CSchemaClassInfo> m_attrInfoArray;
  201. CACLAdsiObject m_adsiObject;
  203. private:
  204. bool m_bSkipDescription;
  205. wstring m_strLogPath;
  206. HANDLE m_hPrivToken;
  207. wstring m_strObjectDN;
  208. wstring m_strUserGroupDN;
  209. bool m_bDoSchema;
  210. bool m_bDoCheckDelegation;
  211. bool m_bDoGetEffective;
  212. bool m_bDoFixDelegation;
  213. bool m_bTabDelimitedOutput;
  214. bool m_bLogErrors;
  215. };
  217. extern CACLDiagComModule _Module;
  220. VOID LocalFreeStringW(LPWSTR* ppString);
  221. HRESULT GetNameFromSid (PSID pSid, wstring& strPrincipalName, wstring* pstrFQDN, SID_NAME_USE& sne);
  224. int MyWprintf( const wchar_t *format, ... );
  227. #endif __ACLDIAG_ADUTILS_H