|
|
//+--------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1994 - 2001.
//
// File: delobjs.cpp
//
// Contents: Functions for handling the deletion of template objects
//
//---------------------------------------------------------------------------
#include "stdafx.h"
#include "afxdlgs.h"
#include "cookie.h"
#include "snapmgr.h"
#include "wrapper.h"
#include "util.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;#endif
HRESULT CSnapin::OnDeleteObjects( LPDATAOBJECT pDataObj, DATA_OBJECT_TYPES cctType, MMC_COOKIE cookie, LPARAM arg, LPARAM param){
if ( 0 == cookie) return S_OK;
if (NULL == pDataObj) return S_OK;
INTERNAL *pAllInternals, *pInternal; pAllInternals = ExtractInternalFormat( pDataObj );
//
// Find out if this is a mutli select item.
//
int iCnt = 1; pInternal = pAllInternals;
if(!pInternal) return S_OK;
if(pAllInternals && pAllInternals->m_cookie == (MMC_COOKIE)MMC_MULTI_SELECT_COOKIE) { pInternal = pAllInternals; iCnt = (int)pInternal->m_type; pInternal++; }
CFolder *pFolder = m_pSelectedFolder; BOOL bAsk = TRUE;
while( iCnt-- ){ cookie = pInternal->m_cookie; cctType = pInternal->m_type;
if ( cctType == CCT_RESULT ) { CResult* pResult = (CResult *)cookie;
RESULT_TYPES rsltType = pResult->GetType();
if ( rsltType == ITEM_PROF_GROUP || rsltType == ITEM_PROF_REGSD || rsltType == ITEM_PROF_FILESD ) {
if(bAsk ){ CString str,strFmt;
//
// The first cast asks the users if they wish to delete all selected items.
// the second case asks to delete one file.
//
if(bAsk && iCnt > 0 ){ //Raid #463490, Yang Gao, 9/6/2001
str.LoadString( IDS_DELETE_ALL_ITEMS); } else { strFmt.LoadString(IDS_QUERY_DELETE); str.Format(strFmt,pResult->GetAttr()); if( str.GetLength() > MAX_PATH ) //Raid 567778, yanggao, 4/25/2002.
{ strFmt = str.Left(MAX_PATH); str = strFmt + L"... ?"; } }
//
// Ask the question. We only want to ask the question once, so set
// bAsk to false so that we neve enter this block again.
//
if ( IDNO == AfxMessageBox((LPCTSTR)str, MB_YESNO, 0) ) { iCnt = 0; continue; } bAsk = FALSE; }
//
// free memory associated with the item
//
BOOL bDelete=FALSE;
TRACE(_T("CSnapin::OnDeleteObjects-pResult(%x)\n"),pResult);
if ( rsltType == ITEM_PROF_GROUP ) {
PSCE_GROUP_MEMBERSHIP pGroup, pParentGrp; PEDITTEMPLATE pTemplate; //
// delete this group from the template
//
pTemplate = pResult->GetBaseProfile();
if ( pResult->GetBase() != 0 && pTemplate && pTemplate->pTemplate && pTemplate->pTemplate->pGroupMembership ) {
for ( pGroup=pTemplate->pTemplate->pGroupMembership, pParentGrp=NULL; pGroup != NULL; pParentGrp=pGroup, pGroup=pGroup->Next ) {
if ( pResult->GetBase() == (LONG_PTR)pGroup ) { //
// remove this node from the list
//
if ( pParentGrp ) { pParentGrp->Next = pGroup->Next; } else { pTemplate->pTemplate->pGroupMembership = pGroup->Next; } pGroup->Next = NULL; TRACE(_T("CSnapin::OnDeleteObjects-pGroup(%x)\n"),pGroup); //
// free the node
//
if ( pGroup ) { SceFreeMemory((PVOID)pGroup, SCE_STRUCT_GROUP); } break; } } } if ( pTemplate ) { (void)pTemplate->SetDirty(AREA_GROUP_MEMBERSHIP); }
bDelete = TRUE;
} else if ( rsltType == ITEM_PROF_REGSD || rsltType == ITEM_PROF_FILESD ) {
PSCE_OBJECT_SECURITY pObject; PSCE_OBJECT_ARRAY poa; DWORD i,j; PEDITTEMPLATE pTemplate; AREA_INFORMATION Area;
pObject = (PSCE_OBJECT_SECURITY)(pResult->GetID()); pTemplate = pResult->GetBaseProfile();
if ( rsltType == ITEM_PROF_REGSD ) { poa = pTemplate->pTemplate->pRegistryKeys.pAllNodes; Area = AREA_REGISTRY_SECURITY; } else if ( rsltType == ITEM_PROF_FILESD ) { poa = pTemplate->pTemplate->pFiles.pAllNodes; Area = AREA_FILE_SECURITY; } else { poa = pTemplate->pTemplate->pDsObjects.pAllNodes; Area = AREA_DS_OBJECTS; }
if ( pResult->GetID() != 0 && pTemplate && pTemplate->pTemplate && poa ) {
i=0; while ( i < poa->Count && (pResult->GetID() != (LONG_PTR)(poa->pObjectArray[i])) ) i++;
if ( i < poa->Count ) { //
// remove this node from the array, but the arry won't be reallocated
//
for ( j=i+1; j<poa->Count; j++ ) { poa->pObjectArray[j-1] = poa->pObjectArray[j]; } poa->pObjectArray[poa->Count-1] = NULL;
poa->Count--; //
// free the node
//
TRACE(_T("CSnapin::OnDeleteObjects-pObject(%x)\n"),pObject); if ( pObject ) { if ( pObject->Name != NULL ) LocalFree( pObject->Name );
if ( pObject->pSecurityDescriptor != NULL ) LocalFree(pObject->pSecurityDescriptor);
LocalFree( pObject ); } } } if ( pTemplate ) { (void)pTemplate->SetDirty(Area); }
bDelete = TRUE; } if ( bDelete ) { //
// delete from the result pane
//
HRESULTITEM hItem = NULL; if(m_pResult->FindItemByLParam( (LPARAM)pResult, &hItem) == S_OK){ m_pResult->DeleteItem(hItem, 0); } //
// delete the item from result list and free the buffer
//
POSITION pos=NULL;
//if ( FindResult((long)cookie, &pos) ) {
// if ( pos ) {
if (m_pSelectedFolder->RemoveResultItem( m_resultItemHandle, pResult ) == ERROR_SUCCESS) {
//
// delete the node
//
delete pResult; }
//
// Notify any other views to also delete the item
//
m_pConsole->UpdateAllViews((LPDATAOBJECT)this, (LONG_PTR)pResult, UAV_RESULTITEM_REMOVE); } } } pInternal++; }
if( pAllInternals ) { FREE_INTERNAL(pAllInternals); } return S_OK;}
CResult* CSnapin::FindResult(MMC_COOKIE cookie, POSITION* thePos){ POSITION pos = NULL; //m_resultItemList.GetHeadPosition();
POSITION curPos; CResult* pResult = NULL;
if(!m_pSelectedFolder || !m_resultItemHandle) { return NULL; }
do { curPos = pos; if( m_pSelectedFolder->GetResultItem( m_resultItemHandle, pos, &pResult) != ERROR_SUCCESS ) { break; }
// pos is already updated to the next item after this call
//pResult = m_resultItemList.GetNext(pos);
// how to compare result item correctly ?
// for now, let's compare the pointer address.
if ((MMC_COOKIE)pResult == cookie) { if ( thePos ) { *thePos = curPos; }
return pResult; } } while( pos );
if ( thePos ) *thePos = NULL;
return NULL;}
voidOnDeleteHelper(CRegKey& regkeySCE,CString tmpstr) { //
// replace the "\" with "/" because registry does not take "\" in a single key
//
int npos = tmpstr.Find(L'\\'); while (npos != -1) { *(tmpstr.GetBuffer(1)+npos) = L'/'; npos = tmpstr.Find(L'\\'); } regkeySCE.DeleteSubKey(tmpstr);
regkeySCE.Close();}
HRESULT CComponentDataImpl::OnDelete(LPDATAOBJECT lpDataObject, LPARAM arg, LPARAM param){ ASSERT(lpDataObject); AFX_MANAGE_STATE(AfxGetStaticModuleState( ));
if ( lpDataObject == NULL ) { return S_OK; }
HRESULT hr = S_OK;
INTERNAL* pInternal = ExtractInternalFormat(lpDataObject);
if ( pInternal ) { MMC_COOKIE cookie = pInternal->m_cookie;
CFolder* pFolder = (CFolder *)cookie; FOLDER_TYPES fldType = pFolder->GetType();
if ( fldType == LOCATIONS || fldType == PROFILE ) {
//Raid #483251, Yanggao, 10/19/2001
//If there is any property page opened under this folder, this folder is not
//allowed to be deleted.
if( CSnapin::m_PropertyPageList.GetCount() > 0) { CString szInfFile = pFolder->GetInfFile(); if(fldType==LOCATIONS) szInfFile = pFolder->GetName(); szInfFile.MakeLower(); POSITION newpos = CSnapin::m_PropertyPageList.GetHeadPosition(); int nCount = (int)CSnapin::m_PropertyPageList.GetCount(); CResult* pItem = NULL;
while( nCount > 0 && newpos ) { pItem = CSnapin::m_PropertyPageList.GetNext(newpos); if( pItem && szInfFile) { pItem->m_strInfFile.MakeLower(); if( _wcsicmp(pItem->m_strInfFile, szInfFile) == 0 || pItem->m_strInfFile.Find(szInfFile) == 0 ) { CString msg; msg.LoadString(IDS_NOT_DELETE_ITEM); AfxMessageBox(msg, MB_OK|MB_ICONERROR); //Raid #491120, yanggao
return S_OK; } } nCount--; } }
CString str; str.Format(IDS_DELETE_CONFIRM,pFolder->GetName() );
if ( IDYES == AfxMessageBox((LPCTSTR)str, MB_YESNO, 0) ) { //
// delete the nodes and all related children info
//
if ( fldType == PROFILE ) { if (CAttribute::m_nDialogs > 0) { CString str; AfxFormatString1(str,IDS_CLOSE_PAGES,pFolder->GetName()); AfxMessageBox(str,MB_OK); hr = S_FALSE; } else { //
// delete a single inf file
//
if( DeleteFile(pFolder->GetInfFile()) ) //Raid #668270, yanggao, 8/9/2002
{ hr = DeleteOneTemplateNodes(cookie); } else { LPTSTR lpMsgBuf; FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM, NULL, GetLastError(), MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)&lpMsgBuf, 0, NULL ); AppMessageBox(NULL, lpMsgBuf, NULL, MB_ICONSTOP|MB_OK); if ( lpMsgBuf != NULL ) { LocalFree(lpMsgBuf); } hr = S_FALSE; } }
} else { //
// delete a registry path from SCE
//
CRegKey regkeySCE; CString tmpstr; tmpstr.LoadString(IDS_TEMPLATE_LOCATION_KEY); LONG lRes;
lRes = regkeySCE.Open(HKEY_LOCAL_MACHINE, tmpstr); if (lRes == ERROR_SUCCESS) { OnDeleteHelper(regkeySCE,pFolder->GetName()); } //
// Bug 375324: Delete from HKCU as well as HKLM
//
lRes = regkeySCE.Open(HKEY_CURRENT_USER, tmpstr); if (lRes == ERROR_SUCCESS) { OnDeleteHelper(regkeySCE,pFolder->GetName()); }
MMC_COOKIE FindCookie=FALSE; HSCOPEITEM pItemChild;
pItemChild = NULL; hr = m_pScope->GetChildItem(pFolder->GetScopeItem()->ID, &pItemChild, &FindCookie); //
// find a child item
//
while ( pItemChild ) { if ( FindCookie ) { //
// find a template, delete it
//
DeleteOneTemplateNodes(FindCookie); }
// get next pointer
pItemChild = NULL; FindCookie = FALSE; hr = m_pScope->GetChildItem( pFolder->GetScopeItem()->ID, &pItemChild, &FindCookie);
} //
// delete this location node
//
DeleteThisNode(pFolder);
}
} } FREE_INTERNAL(pInternal); }
return hr;}
HRESULT CComponentDataImpl::DeleteOneTemplateNodes(MMC_COOKIE cookie){
if ( !cookie ) { return S_OK; }
CFolder *pFolder = (CFolder *)cookie;
//
// delete the template info first, this will delete handles
// associated with any extension services
//
if ( pFolder->GetInfFile() ) {
DeleteTemplate(pFolder->GetInfFile());
} //
// delete the scope items and m_scopeItemList (for all children)
//
DeleteChildrenUnderNode(pFolder);
//
// delete this location node
//
DeleteThisNode(pFolder);
return S_OK;
}
void CComponentDataImpl::DeleteTemplate(CString infFile){
PEDITTEMPLATE pTemplateInfo = NULL;
CString stri = infFile; stri.MakeLower();
if ( m_Templates.Lookup(stri, pTemplateInfo) ) {
m_Templates.RemoveKey(stri);
if ( pTemplateInfo ) {
if ( pTemplateInfo->pTemplate ) //Raid 494837, yanggao
{ SceFreeProfileMemory(pTemplateInfo->pTemplate); pTemplateInfo->pTemplate = NULL; }
delete pTemplateInfo; } }}
void CSnapin::CreateProfilePolicyResultList(MMC_COOKIE cookie, FOLDER_TYPES type, PEDITTEMPLATE pSceInfo, LPDATAOBJECT pDataObj){ if ( !pSceInfo ) { return; }
bool bVerify=false; UINT i; DWORD curVal; UINT IdsMax[]={IDS_SYS_LOG_MAX, IDS_SEC_LOG_MAX, IDS_APP_LOG_MAX}; UINT IdsRet[]={IDS_SYS_LOG_RET, IDS_SEC_LOG_RET, IDS_APP_LOG_RET}; UINT IdsDays[]={IDS_SYS_LOG_DAYS, IDS_SEC_LOG_DAYS, IDS_APP_LOG_DAYS}; UINT IdsGuest[]={IDS_SYS_LOG_GUEST, IDS_SEC_LOG_GUEST, IDS_APP_LOG_GUEST};
switch ( type ) { case POLICY_PASSWORD:
// L"Maximum passage age", L"Days"
AddResultItem(IDS_MAX_PAS_AGE, SCE_NO_VALUE, pSceInfo->pTemplate->MaximumPasswordAge, ITEM_PROF_DW, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Minimum passage age", L"Days"
AddResultItem(IDS_MIN_PAS_AGE, SCE_NO_VALUE, pSceInfo->pTemplate->MinimumPasswordAge, ITEM_PROF_DW, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Minimum passage length", L"Characters"
AddResultItem(IDS_MIN_PAS_LEN, SCE_NO_VALUE, pSceInfo->pTemplate->MinimumPasswordLength, ITEM_PROF_DW, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Password history size", L"Passwords"
AddResultItem(IDS_PAS_UNIQUENESS, SCE_NO_VALUE, pSceInfo->pTemplate->PasswordHistorySize, ITEM_PROF_DW, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Password complexity", L""
AddResultItem(IDS_PAS_COMPLEX, SCE_NO_VALUE, pSceInfo->pTemplate->PasswordComplexity, ITEM_PROF_BOOL, -1, cookie, bVerify,pSceInfo,pDataObj);
// NT5 new flag
// L"Clear Text Password", L""
AddResultItem(IDS_CLEAR_PASSWORD, SCE_NO_VALUE, pSceInfo->pTemplate->ClearTextPassword, ITEM_PROF_BOOL, -1, cookie, bVerify,pSceInfo,pDataObj);
#if defined(USE_REQ_LOGON_ITEM)
// L"Require logon to change password", L""
AddResultItem(IDS_REQ_LOGON, SCE_NO_VALUE, pSceInfo->pTemplate->RequireLogonToChangePassword, ITEM_PROF_BOOL, -1, cookie, bVerify,pSceInfo,pDataObj);
#endif
break;
case POLICY_KERBEROS: if (!VerifyKerberosInfo(pSceInfo->pTemplate)) { AddResultItem(IDS_CANT_DISPLAY_ERROR_OOM,NULL,NULL,ITEM_OTHER,-1,cookie); break; } AddResultItem(IDS_KERBEROS_MAX_SERVICE,SCE_NO_VALUE, pSceInfo->pTemplate->pKerberosInfo->MaxServiceAge, ITEM_PROF_DW,-1,cookie,bVerify,pSceInfo,pDataObj); AddResultItem(IDS_KERBEROS_MAX_CLOCK,SCE_NO_VALUE, pSceInfo->pTemplate->pKerberosInfo->MaxClockSkew, ITEM_PROF_DW,-1,cookie,bVerify,pSceInfo,pDataObj); AddResultItem(IDS_KERBEROS_RENEWAL,SCE_NO_VALUE, pSceInfo->pTemplate->pKerberosInfo->MaxRenewAge, ITEM_PROF_DW,-1,cookie,bVerify,pSceInfo,pDataObj); AddResultItem(IDS_KERBEROS_MAX_AGE,SCE_NO_VALUE, pSceInfo->pTemplate->pKerberosInfo->MaxTicketAge, ITEM_PROF_DW,-1,cookie,bVerify,pSceInfo,pDataObj); AddResultItem(IDS_KERBEROS_VALIDATE_CLIENT,SCE_NO_VALUE, pSceInfo->pTemplate->pKerberosInfo->TicketValidateClient, ITEM_PROF_BOOL,-1,cookie,bVerify,pSceInfo,pDataObj); break;
case POLICY_LOCKOUT:
// L"Account lockout count", L"Attempts"
AddResultItem(IDS_LOCK_COUNT, SCE_NO_VALUE, pSceInfo->pTemplate->LockoutBadCount, ITEM_PROF_DW, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Reset lockout count after", L"Minutes"
AddResultItem(IDS_LOCK_RESET_COUNT, SCE_NO_VALUE, pSceInfo->pTemplate->ResetLockoutCount, ITEM_PROF_DW, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Lockout duration", L"Minutes"
AddResultItem(IDS_LOCK_DURATION, SCE_NO_VALUE, pSceInfo->pTemplate->LockoutDuration, ITEM_PROF_DW, -1, cookie, bVerify,pSceInfo,pDataObj);
break;
case POLICY_AUDIT:
//
// Event auditing
//
// if ( pSceInfo->pTemplate->EventAuditingOnOff)
// curVal = 1;
// else
// curVal = 0;
// L"Event Auditing Mode",
// AddResultItem(IDS_EVENT_ON, SCE_NO_VALUE,
// pSceInfo->pTemplate->EventAuditingOnOff, ITEM_PROF_BON, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Audit system events"
AddResultItem(IDS_SYSTEM_EVENT, SCE_NO_VALUE, pSceInfo->pTemplate->AuditSystemEvents, ITEM_PROF_B2ON, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Audit logon events"
AddResultItem(IDS_LOGON_EVENT, SCE_NO_VALUE, pSceInfo->pTemplate->AuditLogonEvents, ITEM_PROF_B2ON, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Audit Object Access"
AddResultItem(IDS_OBJECT_ACCESS, SCE_NO_VALUE, pSceInfo->pTemplate->AuditObjectAccess, ITEM_PROF_B2ON, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Audit Privilege Use"
AddResultItem(IDS_PRIVILEGE_USE, SCE_NO_VALUE, pSceInfo->pTemplate->AuditPrivilegeUse, ITEM_PROF_B2ON, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Audit policy change"
AddResultItem(IDS_POLICY_CHANGE, SCE_NO_VALUE, pSceInfo->pTemplate->AuditPolicyChange, ITEM_PROF_B2ON, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Audit Account Manage"
AddResultItem(IDS_ACCOUNT_MANAGE, SCE_NO_VALUE, pSceInfo->pTemplate->AuditAccountManage, ITEM_PROF_B2ON, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Audit process tracking"
AddResultItem(IDS_PROCESS_TRACK, SCE_NO_VALUE, pSceInfo->pTemplate->AuditProcessTracking, ITEM_PROF_B2ON, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Audit directory service access"
AddResultItem(IDS_DIRECTORY_ACCESS, SCE_NO_VALUE, pSceInfo->pTemplate->AuditDSAccess, ITEM_PROF_B2ON, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Audit Account Logon"
AddResultItem(IDS_ACCOUNT_LOGON, SCE_NO_VALUE, pSceInfo->pTemplate->AuditAccountLogon, ITEM_PROF_B2ON, -1, cookie, bVerify,pSceInfo,pDataObj);
break;
case POLICY_OTHER:
//
// Account Logon category
//
// L"Force logoff when logon hour expire", L""
AddResultItem(IDS_FORCE_LOGOFF, SCE_NO_VALUE, pSceInfo->pTemplate->ForceLogoffWhenHourExpire, ITEM_PROF_BOOL, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Accounts: Administrator account status", L""
AddResultItem(IDS_ENABLE_ADMIN, SCE_NO_VALUE, pSceInfo->pTemplate->EnableAdminAccount, ITEM_PROF_BOOL, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"Accounts: Guest account status", L""
AddResultItem(IDS_ENABLE_GUEST, SCE_NO_VALUE, pSceInfo->pTemplate->EnableGuestAccount, ITEM_PROF_BOOL, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"New Administrator account name"
AddResultItem(IDS_NEW_ADMIN, 0, (LONG_PTR)(LPCTSTR)pSceInfo->pTemplate->NewAdministratorName, ITEM_PROF_SZ, -1, cookie,bVerify,pSceInfo,pDataObj);
// L"New Guest account name"
AddResultItem(IDS_NEW_GUEST, NULL, (LONG_PTR)(LPCTSTR)pSceInfo->pTemplate->NewGuestName, ITEM_PROF_SZ, -1, cookie,bVerify,pSceInfo,pDataObj);
// L"Network access: Allow anonymous SID/Name translation"
AddResultItem(IDS_LSA_ANON_LOOKUP, SCE_NO_VALUE, pSceInfo->pTemplate->LSAAnonymousNameLookup, ITEM_PROF_BOOL, -1, cookie, bVerify,pSceInfo,pDataObj);
CreateProfileRegValueList(cookie, pSceInfo, pDataObj);
break;
case POLICY_LOG: //
// Event Log setting
//
for ( i=0; i<3; i++) {
// L"... Log Maximum Size", L"KBytes"
AddResultItem(IdsMax[i], SCE_NO_VALUE, pSceInfo->pTemplate->MaximumLogSize[i], ITEM_PROF_DW, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"... Log Retention Method",
AddResultItem(IdsRet[i], SCE_NO_VALUE, pSceInfo->pTemplate->AuditLogRetentionPeriod[i], ITEM_PROF_RET, -1, cookie, bVerify,pSceInfo,pDataObj);
//
// AuditLogRetentionPeriod has already been interpreted by the
// SCE engine into the RetentionDays setting. So, the RSOP UI
// should display RetentionDays if it exists in the WMI db.
//
// if ( pSceInfo->pTemplate->AuditLogRetentionPeriod[i] == 1) {
// curVal = pSceInfo->pTemplate->RetentionDays[i];
// } else {
// curVal = SCE_NO_VALUE;
// }
// L"... Log Retention days", "days"
// AddResultItem(IdsDays[i], SCE_NO_VALUE, curVal, ITEM_PROF_DW, -1, cookie, bVerify,pSceInfo,pDataObj);
AddResultItem(IdsDays[i], SCE_NO_VALUE, pSceInfo->pTemplate->RetentionDays[i], ITEM_PROF_DW, -1, cookie, bVerify,pSceInfo,pDataObj);
// L"RestrictGuestAccess", L""
AddResultItem(IdsGuest[i], SCE_NO_VALUE, pSceInfo->pTemplate->RestrictGuestAccess[i], ITEM_PROF_BOOL, -1, cookie, bVerify,pSceInfo,pDataObj); }
break; }
}
voidCSnapin::CreateAnalysisPolicyResultList(MMC_COOKIE cookie, FOLDER_TYPES type, PEDITTEMPLATE pSceInfo, PEDITTEMPLATE pBase, LPDATAOBJECT pDataObj ){ if ( !pSceInfo || !pBase ) { AddResultItem(IDS_ERROR_NO_ANALYSIS_INFO,NULL,NULL,ITEM_OTHER,-1,cookie); return; }
bool bVerify=true; UINT i; UINT IdsMax[]={IDS_SYS_LOG_MAX, IDS_SEC_LOG_MAX, IDS_APP_LOG_MAX}; UINT IdsRet[]={IDS_SYS_LOG_RET, IDS_SEC_LOG_RET, IDS_APP_LOG_RET}; UINT IdsDays[]={IDS_SYS_LOG_DAYS, IDS_SEC_LOG_DAYS, IDS_APP_LOG_DAYS}; UINT IdsGuest[]={IDS_SYS_LOG_GUEST, IDS_SEC_LOG_GUEST, IDS_APP_LOG_GUEST};
DWORD status; LONG_PTR setting;
switch ( type ) { case POLICY_PASSWORD_ANALYSIS: //
// password category
//
// L"Maximum passage age", L"Days"
AddResultItem(IDS_MAX_PAS_AGE, pSceInfo->pTemplate->MaximumPasswordAge, pBase->pTemplate->MaximumPasswordAge, ITEM_DW, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Minimum passage age", L"Days"
AddResultItem(IDS_MIN_PAS_AGE, pSceInfo->pTemplate->MinimumPasswordAge, pBase->pTemplate->MinimumPasswordAge, ITEM_DW, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Minimum passage length", L"Characters"
AddResultItem(IDS_MIN_PAS_LEN, pSceInfo->pTemplate->MinimumPasswordLength, pBase->pTemplate->MinimumPasswordLength, ITEM_DW, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Password history size", L"Passwords"
AddResultItem(IDS_PAS_UNIQUENESS, pSceInfo->pTemplate->PasswordHistorySize, pBase->pTemplate->PasswordHistorySize, ITEM_DW, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Password complexity", L""
AddResultItem(IDS_PAS_COMPLEX, pSceInfo->pTemplate->PasswordComplexity, pBase->pTemplate->PasswordComplexity, ITEM_BOOL, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Clear Text Password", L""
AddResultItem(IDS_CLEAR_PASSWORD, pSceInfo->pTemplate->ClearTextPassword, pBase->pTemplate->ClearTextPassword, ITEM_BOOL, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
#if defined(USE_REQ_LOGON_ITEM)
// L"Require logon to change password", L""
AddResultItem(IDS_REQ_LOGON, pSceInfo->pTemplate->RequireLogonToChangePassword, pBase->pTemplate->RequireLogonToChangePassword, ITEM_BOOL, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
#endif
break; case POLICY_KERBEROS_ANALYSIS: if (!VerifyKerberosInfo(pSceInfo->pTemplate) || !VerifyKerberosInfo(pBase->pTemplate)) { AddResultItem(IDS_CANT_DISPLAY_ERROR_OOM,NULL,NULL,ITEM_OTHER,-1,cookie); break; } AddResultItem(IDS_KERBEROS_MAX_SERVICE, pSceInfo->pTemplate->pKerberosInfo->MaxServiceAge, pBase->pTemplate->pKerberosInfo->MaxServiceAge, ITEM_DW,-1,cookie,bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
AddResultItem(IDS_KERBEROS_MAX_CLOCK, pSceInfo->pTemplate->pKerberosInfo->MaxClockSkew, pBase->pTemplate->pKerberosInfo->MaxClockSkew, ITEM_DW,-1,cookie,bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
AddResultItem(IDS_KERBEROS_VALIDATE_CLIENT, pSceInfo->pTemplate->pKerberosInfo->TicketValidateClient, pBase->pTemplate->pKerberosInfo->TicketValidateClient, ITEM_BOOL,-1,cookie,bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
AddResultItem(IDS_KERBEROS_RENEWAL, pSceInfo->pTemplate->pKerberosInfo->MaxRenewAge, pBase->pTemplate->pKerberosInfo->MaxRenewAge, ITEM_DW,-1,cookie,bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
AddResultItem(IDS_KERBEROS_MAX_AGE, pSceInfo->pTemplate->pKerberosInfo->MaxTicketAge, pBase->pTemplate->pKerberosInfo->MaxTicketAge, ITEM_DW,-1,cookie,bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
break;
case POLICY_LOCKOUT_ANALYSIS: //
// Account Lockout category
//
// L"Account lockout count", L"Attempts"
AddResultItem(IDS_LOCK_COUNT, pSceInfo->pTemplate->LockoutBadCount, pBase->pTemplate->LockoutBadCount, ITEM_DW, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Reset lockout count after", L"Minutes"
AddResultItem(IDS_LOCK_RESET_COUNT, pSceInfo->pTemplate->ResetLockoutCount, pBase->pTemplate->ResetLockoutCount, ITEM_DW, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Lockout duration", L"Minutes"
AddResultItem(IDS_LOCK_DURATION, pSceInfo->pTemplate->LockoutDuration, pBase->pTemplate->LockoutDuration, ITEM_DW, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
break;
case POLICY_AUDIT_ANALYSIS: //
// Event auditing
//
// L"Event Auditing Mode",
// AddResultItem(IDS_EVENT_ON, pSceInfo->pTemplate->EventAuditingOnOff,
// pBase->pTemplate->EventAuditingOnOff, ITEM_BON, 1, cookie, bVerify);
// L"Audit system events"
AddResultItem(IDS_SYSTEM_EVENT, pSceInfo->pTemplate->AuditSystemEvents, pBase->pTemplate->AuditSystemEvents, ITEM_B2ON, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit logon events"
AddResultItem(IDS_LOGON_EVENT, pSceInfo->pTemplate->AuditLogonEvents, pBase->pTemplate->AuditLogonEvents, ITEM_B2ON, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit Object Access"
AddResultItem(IDS_OBJECT_ACCESS, pSceInfo->pTemplate->AuditObjectAccess, pBase->pTemplate->AuditObjectAccess, ITEM_B2ON, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit Privilege Use"
AddResultItem(IDS_PRIVILEGE_USE, pSceInfo->pTemplate->AuditPrivilegeUse, pBase->pTemplate->AuditPrivilegeUse, ITEM_B2ON, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit policy change"
AddResultItem(IDS_POLICY_CHANGE, pSceInfo->pTemplate->AuditPolicyChange, pBase->pTemplate->AuditPolicyChange, ITEM_B2ON, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit Account Manage"
AddResultItem(IDS_ACCOUNT_MANAGE, pSceInfo->pTemplate->AuditAccountManage, pBase->pTemplate->AuditAccountManage, ITEM_B2ON, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit process tracking"
AddResultItem(IDS_PROCESS_TRACK, pSceInfo->pTemplate->AuditProcessTracking, pBase->pTemplate->AuditProcessTracking, ITEM_B2ON, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit directory access "
AddResultItem(IDS_DIRECTORY_ACCESS, pSceInfo->pTemplate->AuditDSAccess, pBase->pTemplate->AuditDSAccess, ITEM_B2ON, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit account logon"
AddResultItem(IDS_ACCOUNT_LOGON, pSceInfo->pTemplate->AuditAccountLogon, pBase->pTemplate->AuditAccountLogon, ITEM_B2ON, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
break;
case POLICY_LOG_ANALYSIS:
//
// Event Log setting
//
for ( i=0; i<3; i++) { // Maximum Log Size
AddResultItem(IdsMax[i], pSceInfo->pTemplate->MaximumLogSize[i], pBase->pTemplate->MaximumLogSize[i], ITEM_DW, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"... Log Retention Method",
AddResultItem(IdsRet[i], pSceInfo->pTemplate->AuditLogRetentionPeriod[i], pBase->pTemplate->AuditLogRetentionPeriod[i], ITEM_RET, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
if ( pSceInfo->pTemplate->AuditLogRetentionPeriod[i] == 1 || pBase->pTemplate->AuditLogRetentionPeriod[i] == 1) // L"... Log Retention days", "days"
AddResultItem(IdsDays[i], pSceInfo->pTemplate->RetentionDays[i], pBase->pTemplate->RetentionDays[i], ITEM_DW, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"RestrictGuestAccess", L""
AddResultItem(IdsGuest[i], pSceInfo->pTemplate->RestrictGuestAccess[i], pBase->pTemplate->RestrictGuestAccess[i], ITEM_BOOL, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
}
break;
case POLICY_OTHER_ANALYSIS:
// L"Force logoff when logon hour expire", L""
AddResultItem(IDS_FORCE_LOGOFF, pSceInfo->pTemplate->ForceLogoffWhenHourExpire, pBase->pTemplate->ForceLogoffWhenHourExpire, ITEM_BOOL, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Accounts: Administrator account status", L""
AddResultItem(IDS_ENABLE_ADMIN, pSceInfo->pTemplate->EnableAdminAccount, pBase->pTemplate->EnableAdminAccount, ITEM_BOOL, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Accounts: Guest account status", L""
AddResultItem(IDS_ENABLE_GUEST, pSceInfo->pTemplate->EnableGuestAccount, pBase->pTemplate->EnableGuestAccount, ITEM_BOOL, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Network access: Allow anonymous SID/Name translation"
AddResultItem(IDS_LSA_ANON_LOOKUP, pSceInfo->pTemplate->LSAAnonymousNameLookup, pBase->pTemplate->LSAAnonymousNameLookup, ITEM_BOOL, 1, cookie, bVerify, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"New Administrator account name"
setting = (LONG_PTR)(pSceInfo->pTemplate->NewAdministratorName); if ( !pBase->pTemplate->NewAdministratorName ) { status = SCE_STATUS_NOT_CONFIGURED; } else if ( pSceInfo->pTemplate->NewAdministratorName) { status = SCE_STATUS_MISMATCH; } else { setting = (LONG_PTR)(pBase->pTemplate->NewAdministratorName); status = SCE_STATUS_GOOD; } AddResultItem(IDS_NEW_ADMIN, setting, (LONG_PTR)(LPCTSTR)pBase->pTemplate->NewAdministratorName, ITEM_SZ, status, cookie,false, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"New Guest account name"
setting = (LONG_PTR)(pSceInfo->pTemplate->NewGuestName); if ( !pBase->pTemplate->NewGuestName ) { status = SCE_STATUS_NOT_CONFIGURED; } else if ( pSceInfo->pTemplate->NewGuestName) { status = SCE_STATUS_MISMATCH; } else { setting = (LONG_PTR)(pBase->pTemplate->NewGuestName); status = SCE_STATUS_GOOD; } AddResultItem(IDS_NEW_GUEST, setting, (LONG_PTR)(LPCTSTR)pBase->pTemplate->NewGuestName, ITEM_SZ, status, cookie,false, pBase, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
CreateAnalysisRegValueList(cookie, pSceInfo, pBase, pDataObj,ITEM_REGVALUE);
break; }}
voidCSnapin::CreateLocalPolicyResultList(MMC_COOKIE cookie, FOLDER_TYPES type, PEDITTEMPLATE pLocal, PEDITTEMPLATE pEffective, LPDATAOBJECT pDataObj ){ if ( !pLocal || !pEffective ) { AddResultItem(IDS_ERROR_NO_LOCAL_POLICY_INFO,NULL,NULL,ITEM_OTHER,-1,cookie); return; }
bool bVerify= false; UINT i; UINT IdsMax[]={IDS_SYS_LOG_MAX, IDS_SEC_LOG_MAX, IDS_APP_LOG_MAX}; UINT IdsRet[]={IDS_SYS_LOG_RET, IDS_SEC_LOG_RET, IDS_APP_LOG_RET}; UINT IdsDays[]={IDS_SYS_LOG_DAYS, IDS_SEC_LOG_DAYS, IDS_APP_LOG_DAYS}; UINT IdsGuest[]={IDS_SYS_LOG_GUEST, IDS_SEC_LOG_GUEST, IDS_APP_LOG_GUEST};
DWORD status; LONG_PTR setting;
switch ( type ) { case LOCALPOL_PASSWORD: //
// password category
//
// L"Maximum passage age", L"Days"
AddResultItem(IDS_MAX_PAS_AGE, pEffective->pTemplate->MaximumPasswordAge, pLocal->pTemplate->MaximumPasswordAge, ITEM_LOCALPOL_DW, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Minimum passage age", L"Days"
AddResultItem(IDS_MIN_PAS_AGE, pEffective->pTemplate->MinimumPasswordAge, pLocal->pTemplate->MinimumPasswordAge, ITEM_LOCALPOL_DW, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Minimum passage length", L"Characters"
AddResultItem(IDS_MIN_PAS_LEN, pEffective->pTemplate->MinimumPasswordLength, pLocal->pTemplate->MinimumPasswordLength, ITEM_LOCALPOL_DW, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Password history size", L"Passwords"
AddResultItem(IDS_PAS_UNIQUENESS, pEffective->pTemplate->PasswordHistorySize, pLocal->pTemplate->PasswordHistorySize, ITEM_LOCALPOL_DW, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Password complexity", L""
AddResultItem(IDS_PAS_COMPLEX, pEffective->pTemplate->PasswordComplexity, pLocal->pTemplate->PasswordComplexity, ITEM_LOCALPOL_BOOL, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Clear Text Password", L""
AddResultItem(IDS_CLEAR_PASSWORD, pEffective->pTemplate->ClearTextPassword, pLocal->pTemplate->ClearTextPassword, ITEM_LOCALPOL_BOOL, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
#if defined(USE_REQ_LOGON_ITEM)
// L"Require logon to change password", L""
AddResultItem(IDS_REQ_LOGON, pEffective->pTemplate->RequireLogonToChangePassword, pLocal->pTemplate->RequireLogonToChangePassword, ITEM_LOCALPOL_BOOL, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
#endif
break;
case LOCALPOL_KERBEROS: if (!VerifyKerberosInfo(pLocal->pTemplate) || !VerifyKerberosInfo(pEffective->pTemplate)) { AddResultItem(IDS_CANT_DISPLAY_ERROR_OOM,NULL,NULL,ITEM_OTHER,-1,cookie); break; } AddResultItem(IDS_KERBEROS_MAX_SERVICE, pEffective->pTemplate->pKerberosInfo->MaxServiceAge, pLocal->pTemplate->pKerberosInfo->MaxServiceAge, ITEM_LOCALPOL_DW,-1,cookie,bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
AddResultItem(IDS_KERBEROS_MAX_CLOCK, pEffective->pTemplate->pKerberosInfo->MaxClockSkew, pLocal->pTemplate->pKerberosInfo->MaxClockSkew, ITEM_LOCALPOL_DW,-1,cookie,bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
AddResultItem(IDS_KERBEROS_VALIDATE_CLIENT, pEffective->pTemplate->pKerberosInfo->TicketValidateClient, pLocal->pTemplate->pKerberosInfo->TicketValidateClient, ITEM_LOCALPOL_BOOL,-1,cookie,bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
AddResultItem(IDS_KERBEROS_RENEWAL, pEffective->pTemplate->pKerberosInfo->MaxRenewAge, pLocal->pTemplate->pKerberosInfo->MaxRenewAge, ITEM_LOCALPOL_DW,-1,cookie,bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
AddResultItem(IDS_KERBEROS_MAX_AGE, pEffective->pTemplate->pKerberosInfo->MaxTicketAge, pLocal->pTemplate->pKerberosInfo->MaxTicketAge, ITEM_LOCALPOL_DW,-1,cookie,bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
break;
case LOCALPOL_LOCKOUT: //
// Account Lockout category
//
// L"Account lockout count", L"Attempts"
AddResultItem(IDS_LOCK_COUNT, pEffective->pTemplate->LockoutBadCount, pLocal->pTemplate->LockoutBadCount,ITEM_LOCALPOL_DW, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Reset lockout count after", L"Minutes"
AddResultItem(IDS_LOCK_RESET_COUNT, pEffective->pTemplate->ResetLockoutCount, pLocal->pTemplate->ResetLockoutCount, ITEM_LOCALPOL_DW, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Lockout duration", L"Minutes"
AddResultItem(IDS_LOCK_DURATION, pEffective->pTemplate->LockoutDuration, pLocal->pTemplate->LockoutDuration, ITEM_LOCALPOL_DW, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
break;
case LOCALPOL_AUDIT: //
// Event auditing
//
// L"Event Auditing Mode",
// AddResultItem(IDS_EVENT_ON, pLocal->pTemplate->EventAuditingOnOff,
// pEffective->pTemplate->EventAuditingOnOff, ITEM_LOCALPOL_BON, 1, cookie, bVerify);
// L"Audit system events"
AddResultItem(IDS_SYSTEM_EVENT, pEffective->pTemplate->AuditSystemEvents, pLocal->pTemplate->AuditSystemEvents, ITEM_LOCALPOL_B2ON, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit logon events"
AddResultItem(IDS_LOGON_EVENT, pEffective->pTemplate->AuditLogonEvents, pLocal->pTemplate->AuditLogonEvents, ITEM_LOCALPOL_B2ON, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit Object Access"
AddResultItem(IDS_OBJECT_ACCESS, pEffective->pTemplate->AuditObjectAccess, pLocal->pTemplate->AuditObjectAccess, ITEM_LOCALPOL_B2ON, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit Privilege Use"
AddResultItem(IDS_PRIVILEGE_USE, pEffective->pTemplate->AuditPrivilegeUse, pLocal->pTemplate->AuditPrivilegeUse, ITEM_LOCALPOL_B2ON, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit policy change"
AddResultItem(IDS_POLICY_CHANGE, pEffective->pTemplate->AuditPolicyChange, pLocal->pTemplate->AuditPolicyChange, ITEM_LOCALPOL_B2ON, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit Account Manage"
AddResultItem(IDS_ACCOUNT_MANAGE, pEffective->pTemplate->AuditAccountManage, pLocal->pTemplate->AuditAccountManage, ITEM_LOCALPOL_B2ON, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit process tracking"
AddResultItem(IDS_PROCESS_TRACK, pEffective->pTemplate->AuditProcessTracking, pLocal->pTemplate->AuditProcessTracking, ITEM_LOCALPOL_B2ON, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit directory access "
AddResultItem(IDS_DIRECTORY_ACCESS, pEffective->pTemplate->AuditDSAccess, pLocal->pTemplate->AuditDSAccess, ITEM_LOCALPOL_B2ON, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Audit account logon"
AddResultItem(IDS_ACCOUNT_LOGON, pEffective->pTemplate->AuditAccountLogon, pLocal->pTemplate->AuditAccountLogon, ITEM_LOCALPOL_B2ON, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
break;
case LOCALPOL_LOG:
//
// Event Log setting
//
for ( i=0; i<3; i++) { // Maximum Log Size
AddResultItem(IdsMax[i], pEffective->pTemplate->MaximumLogSize[i], pLocal->pTemplate->MaximumLogSize[i], ITEM_LOCALPOL_DW, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"... Log Retention Method",
AddResultItem(IdsRet[i], pEffective->pTemplate->AuditLogRetentionPeriod[i], pLocal->pTemplate->AuditLogRetentionPeriod[i], ITEM_LOCALPOL_RET, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
if ( pLocal->pTemplate->AuditLogRetentionPeriod[i] == 1 || pEffective->pTemplate->AuditLogRetentionPeriod[i] == 1) // L"... Log Retention days", "days"
AddResultItem(IdsDays[i], pEffective->pTemplate->RetentionDays[i], pLocal->pTemplate->RetentionDays[i], ITEM_LOCALPOL_DW, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"RestrictGuestAccess", L""
AddResultItem(IdsGuest[i], pEffective->pTemplate->RestrictGuestAccess[i], pLocal->pTemplate->RestrictGuestAccess[i], ITEM_LOCALPOL_BOOL, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
}
break;
case LOCALPOL_OTHER:
// L"Force logoff when logon hour expire", L""
AddResultItem(IDS_FORCE_LOGOFF, pEffective->pTemplate->ForceLogoffWhenHourExpire, pLocal->pTemplate->ForceLogoffWhenHourExpire, ITEM_LOCALPOL_BOOL, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Accounts: Administrator account status", L""
AddResultItem(IDS_ENABLE_ADMIN, pEffective->pTemplate->EnableAdminAccount, pLocal->pTemplate->EnableAdminAccount, ITEM_LOCALPOL_BOOL, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Accounts: Guest account status", L""
AddResultItem(IDS_ENABLE_GUEST, pEffective->pTemplate->EnableGuestAccount, pLocal->pTemplate->EnableGuestAccount, ITEM_LOCALPOL_BOOL, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"Network access: Allow anonymous SID/Name translation"
AddResultItem(IDS_LSA_ANON_LOOKUP, pEffective->pTemplate->LSAAnonymousNameLookup, pLocal->pTemplate->LSAAnonymousNameLookup, ITEM_LOCALPOL_BOOL, 1, cookie, bVerify, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"New Administrator account name"
setting = (LONG_PTR)(pEffective->pTemplate->NewAdministratorName); if ( !pLocal->pTemplate->NewAdministratorName ) { status = SCE_STATUS_NOT_CONFIGURED; } else if ( pEffective->pTemplate->NewAdministratorName) { status = SCE_STATUS_MISMATCH; } else { setting = (LONG_PTR)(pEffective->pTemplate->NewAdministratorName); status = SCE_STATUS_GOOD; }
AddResultItem(IDS_NEW_ADMIN, setting, (LONG_PTR)(LPCTSTR)pLocal->pTemplate->NewAdministratorName, ITEM_LOCALPOL_SZ, status, cookie,false, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
// L"New Guest account name"
setting = (LONG_PTR)(pEffective->pTemplate->NewGuestName); if ( !pLocal->pTemplate->NewGuestName ) { status = SCE_STATUS_NOT_CONFIGURED; } else if ( pEffective->pTemplate->NewGuestName) { status = SCE_STATUS_MISMATCH; } else { setting = (LONG_PTR)(pEffective->pTemplate->NewGuestName); status = SCE_STATUS_GOOD; } AddResultItem(IDS_NEW_GUEST, setting, (LONG_PTR)(LPCTSTR)pLocal->pTemplate->NewGuestName, ITEM_LOCALPOL_SZ, status, cookie,false, pLocal, //The template to save this attribute in
pDataObj); //The data object for the scope note who owns the result pane
CreateAnalysisRegValueList(cookie, pEffective, pLocal, pDataObj,ITEM_LOCALPOL_REGVALUE);
break;
case LOCALPOL_PRIVILEGE: { // find in the current setting list
CString strDisp; TCHAR szPriv[255]; TCHAR szDisp[255]; DWORD cbDisp; DWORD dwMatch; PSCE_PRIVILEGE_ASSIGNMENT pPrivLocal; PSCE_PRIVILEGE_ASSIGNMENT pPrivEffective;
for ( i=0; i<cPrivCnt; i++ ) { //Raid #prefast
cbDisp = 255; if ( SCESTATUS_SUCCESS == SceLookupPrivRightName(i,szPriv, (PINT)&cbDisp) ) { // find the local setting
for (pPrivLocal=pLocal->pTemplate->OtherInfo.sap.pPrivilegeAssignedTo; pPrivLocal!=NULL; pPrivLocal=pPrivLocal->Next) {
if ( _wcsicmp(szPriv, pPrivLocal->Name) == 0 ) { break; } }
// find the effective setting
for (pPrivEffective=pEffective->pTemplate->OtherInfo.smp.pPrivilegeAssignedTo; pPrivEffective!=NULL; pPrivEffective=pPrivEffective->Next) {
if ( _wcsicmp(szPriv, pPrivEffective->Name) == 0 ) { break; } }
cbDisp = 255; GetRightDisplayName(NULL,(LPCTSTR)szPriv,szDisp,&cbDisp);
LONG itemid = GetUserRightAssignmentItemID(szPriv); //
// Status field is not loaded for local policy mode, except for not configured
//
dwMatch = CEditTemplate::ComputeStatus( pPrivLocal, pPrivEffective );
CResult *pResult = AddResultItem(szDisp, // The name of the attribute being added
(LONG_PTR)pPrivEffective, // The local policy setting of the attribute
(LONG_PTR)pPrivLocal, // The effective policy setting of the attribute
ITEM_LOCALPOL_PRIVS, // The type of of the attribute's data
dwMatch, // The mismatch status of the attribute
cookie, // The cookie for the result item pane
FALSE, // True if the setting is set only if it differs from base (so copy the data)
szPriv, // The units the attribute is set in
0, // An id to let us know where to save this attribute
pLocal, // The template to save this attribute in
pDataObj, // The data object for the scope note who owns the result pane
NULL, itemid); // Assign an ID to this item
} }
break; } }}
//+--------------------------------------------------------------------------
//
// Method: TransferAnalysisName
//
// Synopsis: Copy a name data from the last inspection information to the
// computer template
//
// Arguments: [dwItem] - The id of the item to copy
//
// Returns: none
//
//---------------------------------------------------------------------------
voidCSnapin::TransferAnalysisName(LONG_PTR dwItem){ PEDITTEMPLATE pet; PSCE_PROFILE_INFO pProfileInfo; PSCE_PROFILE_INFO pBaseInfo;
pet = GetTemplate(GT_LAST_INSPECTION,AREA_SECURITY_POLICY); if (!pet) { return; } pProfileInfo = pet->pTemplate;
pet = GetTemplate(GT_COMPUTER_TEMPLATE,AREA_SECURITY_POLICY); if (!pet) { return; } pBaseInfo = pet->pTemplate;
switch ( dwItem ) { case IDS_NEW_GUEST: if ( pProfileInfo->NewGuestName ) { LocalFree(pProfileInfo->NewGuestName); }
pProfileInfo->NewGuestName = pBaseInfo->NewGuestName; pBaseInfo->NewGuestName = NULL;
break; case IDS_NEW_ADMIN: if ( pProfileInfo->NewAdministratorName ) { LocalFree(pProfileInfo->NewAdministratorName); }
pProfileInfo->NewAdministratorName = pBaseInfo->NewAdministratorName; pBaseInfo->NewAdministratorName = NULL; break; }
}
|
