archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/net/ias/providers/ntuser/auth/lockout.cpp

122 lines
2.6 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. ///////////////////////////////////////////////////////////////////////////////
  2. //
  3. // Copyright (c) 1998, Microsoft Corp. All rights reserved.
  4. //
  5. // FILE
  6. //
  7. // lockout.cpp
  8. //
  9. // SYNOPSIS
  10. //
  11. // Defines the account lockout API.
  12. //
  13. // MODIFICATION HISTORY
  14. //
  15. // 10/21/1998 Original version.
  16. // 11/10/1998 Do not revoke dialin privilege.
  17. //
  18. ///////////////////////////////////////////////////////////////////////////////
  20. #include <ias.h>
  21. #include <iastlb.h>
  22. #include <iaslsa.h>
  23. #include <acctinfo.h>
  24. #include <lockout.h>
  26. DWORD
  27. WINAPI
  28. AccountLockoutInitialize( VOID )
  29. {
  30. AccountInfo::initialize();
  32. return NO_ERROR;
  33. }
  35. VOID
  36. WINAPI
  37. AccountLockoutShutdown( VOID )
  38. {
  39. AccountInfo::finalize();
  40. }
  42. BOOL
  43. WINAPI
  44. AccountLockoutOpenAndQuery(
  45. IN PCWSTR pszUser,
  46. IN PCWSTR pszDomain,
  47. OUT PHANDLE phAccount
  48. )
  49. {
  50. // Check the arguments.
  51. if (phAccount == NULL) { return ERROR_INVALID_PARAMETER; }
  53. // Open the AccountInfo object for this user.
  54. AccountInfo* info = AccountInfo::open(pszDomain, pszUser);
  56. // Return it to the caller as an opaque handle.
  57. *phAccount = (HANDLE)info;
  59. // If the info doesn't exist, it's not an error; it just means account
  60. // lockout is disabled.
  61. return info && info->isLockedOut() ? TRUE : FALSE;
  62. }
  64. VOID
  65. WINAPI
  66. AccountLockoutUpdatePass(
  67. IN HANDLE hAccount
  68. )
  69. {
  70. if (hAccount)
  71. {
  72. // The logon succeeded, so reset the lockout count.
  73. ((AccountInfo*)hAccount)->reset();
  74. }
  75. }
  77. VOID
  78. WINAPI
  79. AccountLockoutUpdateFail(
  80. IN HANDLE hAccount
  81. )
  82. {
  83. if (hAccount)
  84. {
  85. IASTraceString("Authentication failed; incrementing lockout count.");
  87. AccountInfo* info = (AccountInfo*)hAccount;
  89. // Is this the first denial ?
  90. if (info->isClean())
  91. {
  92. IASTraceString("Validating account name for new entry.");
  94. // Yes, so make sure it's a valid account. We don't want to create a
  95. // lot of registry keys for bogus accounts.
  96. DWORD status = IASValidateUserName(
  97. info->getUserName(),
  98. info->getDomain()
  99. );
  101. if (status != NO_ERROR)
  102. {
  103. IASTraceFailure("IASValidateUserName", status);
  104. return;
  105. }
  107. IASTraceString("Account name is valid.");
  108. }
  110. // Bump up the denial count.
  111. info->incrementDenials();
  112. }
  113. }
  115. VOID
  116. WINAPI
  117. AccountLockoutClose(
  118. IN HANDLE hAccount
  119. )
  120. {
  121. AccountInfo::close((AccountInfo*)hAccount);
  122. }