archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/admin/admt/arext/disacct/disacct.cpp

554 lines
22 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //---------------------------------------------------------------------------
  2. // DisableTarget.cpp
  3. //
  4. // Comment: This is a COM object extension for the MCS DCTAccountReplicator.
  5. // This object implements the IExtendAccountMigration interface. In
  6. // the process method this object disables the Source and the Target
  7. // accounts depending on the settings in the VarSet.
  8. //
  9. // (c) Copyright 1995-1998, Mission Critical Software, Inc., All Rights Reserved
  10. //
  11. // Proprietary and confidential to Mission Critical Software, Inc.
  12. //---------------------------------------------------------------------------
  14. #include "stdafx.h"
  15. #include "ResStr.h"
  16. #include <lm.h>
  17. #include <activeds.h>
  18. #include "AcctDis.h"
  19. #include "DisAcct.h"
  20. #include "ARExt.h"
  21. #include "ARExt_i.c"
  22. #include "ErrDCT.hpp"
  23. //#import "\bin\McsVarSetMin.tlb" no_namespace
  24. //#import "\bin\DBManager.tlb" no_namespace
  25. #import "VarSet.tlb" no_namespace rename("property", "aproperty")
  26. #import "DBMgr.tlb" no_namespace
  28. const int LEN_Path = 255;
  29. StringLoader gString;
  31. #define AR_Status_PasswordError (0x00000400)
  33. /////////////////////////////////////////////////////////////////////////////
  34. // CDisableTarget
  36. //---------------------------------------------------------------------------
  37. // Get and set methods for the properties.
  38. //---------------------------------------------------------------------------
  39. STDMETHODIMP CDisableTarget::get_sName(BSTR *pVal)
  40. {
  41. *pVal = m_sName;
  42. return S_OK;
  43. }
  45. STDMETHODIMP CDisableTarget::put_sName(BSTR newVal)
  46. {
  47. m_sName = newVal;
  48. return S_OK;
  49. }
  51. STDMETHODIMP CDisableTarget::get_sDesc(BSTR *pVal)
  52. {
  53. *pVal = m_sDesc;
  54. return S_OK;
  55. }
  57. STDMETHODIMP CDisableTarget::put_sDesc(BSTR newVal)
  58. {
  59. m_sDesc = newVal;
  60. return S_OK;
  61. }
  64. //---------------------------------------------------------------------------
  65. // ProcessObject : This method doesn't do anything.
  66. //---------------------------------------------------------------------------
  67. STDMETHODIMP CDisableTarget::PreProcessObject(
  68. IUnknown *pSource, //in- Pointer to the source AD object
  69. IUnknown *pTarget, //in- Pointer to the target AD object
  70. IUnknown *pMainSettings, //in- Varset filled with the settings supplied by user
  71. IUnknown **ppPropsToSet, //in,out - Varset filled with Prop-Value pairs that will be set
  72. // once all extension objects are executed.
  73. EAMAccountStats* pStats
  74. )
  75. {
  76. // Check if the object is of user type. if not then there is no point in disabling that account.
  77. IVarSetPtr pVs = pMainSettings;
  78. _bstr_t sType = pVs->get(GET_BSTR(DCTVS_CopiedAccount_Type));
  79. if (!sType.length())
  80. return HRESULT_FROM_WIN32(ERROR_NOT_ENOUGH_MEMORY);
  81. if (UStrICmp((WCHAR*)sType,L"user") && UStrICmp((WCHAR*)sType,L"inetOrgPerson"))
  82. return S_OK;
  84. if ( pSource )
  85. {
  86. // HRESULT hr = S_OK;
  87. _variant_t vtExp;
  88. _variant_t vtFlag;
  89. _bstr_t sSourceType;
  90. IIManageDBPtr pDb = pVs->get(GET_BSTR(DCTVS_DBManager));
  92. sSourceType = pVs->get(GET_BSTR(DCTVS_CopiedAccount_Type));
  94. if ( !_wcsicmp((WCHAR*) sSourceType, L"user") || !_wcsicmp((WCHAR*) sSourceType, L"inetOrgPerson") )
  95. {
  96. // Get the expiration date and put it into the AR Node.
  97. _bstr_t sSam = pVs->get(GET_BSTR(DCTVS_CopiedAccount_SourceSam));
  98. _bstr_t sComp = pVs->get(GET_BSTR(DCTVS_Options_SourceServer));
  99. USER_INFO_3 * pInfo = NULL;
  100. DWORD rc = NetUserGetInfo((WCHAR*) sComp, (WCHAR*)sSam, 3, (LPBYTE*)&pInfo);
  102. if ( !rc )
  103. {
  104. vtExp = (long)pInfo->usri3_acct_expires;
  105. pVs->put(GET_BSTR(DCTVS_CopiedAccount_ExpDate), vtExp);
  107. // Get the ControlFlag and store it into the AR Node.
  108. vtFlag = (long)pInfo->usri3_flags;
  109. pVs->put(GET_BSTR(DCTVS_CopiedAccount_UserFlags), vtFlag);
  110. if ( pInfo ) NetApiBufferFree(pInfo);
  111. }
  112. }
  113. pDb->raw_SaveUserProps(pMainSettings);
  114. }
  115. return S_OK;
  116. }
  117. //---------------------------------------------------------------------------
  118. // ProcessObject : This method checks in varset if it needs to disable any
  119. // accounts. If it does then it disables those accounts.
  120. //---------------------------------------------------------------------------
  121. STDMETHODIMP CDisableTarget::ProcessObject(
  122. IUnknown *pSource, //in- Pointer to the source AD object
  123. IUnknown *pTarget, //in- Pointer to the target AD object
  124. IUnknown *pMainSettings, //in- Varset filled with the settings supplied by user
  125. IUnknown **ppPropsToSet, //in,out - Varset filled with Prop-Value pairs that will be set
  126. // once all extension objects are executed.
  127. EAMAccountStats* pStats
  128. )
  129. {
  130. IVarSetPtr pVarSet = pMainSettings;
  131. _variant_t var;
  132. DWORD paramErr;
  133. USER_INFO_3 * info = NULL;
  134. long rc;
  135. WCHAR strDomain[LEN_Path];
  136. WCHAR strAcct[LEN_Path];
  137. HRESULT hr = S_OK;
  138. TErrorDct err;
  139. WCHAR fileName[LEN_Path];
  140. BOOL bDisableSource = FALSE;
  141. BOOL bExpireSource = FALSE;
  142. _bstr_t temp;
  143. time_t expireTime = 0;
  144. _bstr_t bstrSameForest;
  145. BOOL bSameAsSource = FALSE;
  146. BOOL bDisableTarget = FALSE;
  147. BOOL bGotSrcState = FALSE;
  148. BOOL bSrcDisabled = FALSE;
  150. bstrSameForest = pVarSet->get(GET_BSTR(DCTVS_Options_IsIntraforest));
  152. if (! UStrICmp((WCHAR*)bstrSameForest,GET_STRING(IDS_YES)) )
  153. {
  154. // in the intra-forest case, we are moving the user accounts, not
  155. // copying them, so these disabling/expiring options don't make any sense
  156. return S_OK;
  157. }
  158. // Get the Error log filename from the Varset
  159. var = pVarSet->get(GET_BSTR(DCTVS_Options_Logfile));
  160. wcscpy(fileName, (WCHAR*)V_BSTR(&var));
  161. VariantInit(&var);
  162. // Open the error log
  163. err.LogOpen(fileName, 1);
  165. // Check if the object is of user type. if not then there is no point in disabling that account.
  166. var = pVarSet->get(GET_BSTR(DCTVS_CopiedAccount_Type));
  167. if ( UStrICmp(var.bstrVal,L"user") && UStrICmp(var.bstrVal,L"inetOrgPerson") )
  168. {
  169. return S_OK;
  170. }
  172. //set flags based on user selections
  173. temp = pVarSet->get(GET_BSTR(DCTVS_AccountOptions_DisableSourceAccounts));
  174. if ( ! UStrICmp(temp,GET_STRING(IDS_YES)) )
  175. {
  176. bDisableSource = TRUE;
  177. }
  178. //
  179. // If disable target account option is true or unable to
  180. // set password for this account then disable account.
  181. //
  182. temp = pVarSet->get(GET_BSTR(DCTVS_AccountOptions_DisableCopiedAccounts));
  183. long lStatus = pVarSet->get(GET_BSTR(DCTVS_CopiedAccount_Status));
  184. if ( ! UStrICmp(temp,GET_STRING(IDS_YES)) || (lStatus & AR_Status_PasswordError) )
  185. {
  186. bDisableTarget = TRUE;
  187. }
  188. temp = pVarSet->get(GET_BSTR(DCTVS_AccountOptions_TgtStateSameAsSrc));
  189. if ( ! UStrICmp(temp,GET_STRING(IDS_YES)) )
  190. {
  191. bSameAsSource = TRUE;
  192. }
  194. /* process the source account */
  195. //if expire source accounts was set, retrieve the expire time, now given to us in
  196. //number of days from now
  197. temp = pVarSet->get(GET_BSTR(DCTVS_AccountOptions_ExpireSourceAccounts));
  198. if ( temp.length() )
  199. {
  200. long oneDay = 24 * 60 * 60; // number of seconds in 1 day
  202. //get days until expire
  203. long lExpireDays = _wtol(temp);
  204. //get the current time
  205. time_t currentTime = time(NULL);
  206. //convert current time to local time
  207. struct tm * convtm;
  208. convtm = localtime(&currentTime);
  209. //rollback to this morning
  210. convtm->tm_hour = 0;
  211. convtm->tm_min = 0;
  212. convtm->tm_sec = 0;
  214. //convert this time back to GMT
  215. expireTime = mktime(convtm);
  216. //move forward to tonight at midnight
  217. expireTime += oneDay;
  219. //now add the desired number of days
  220. expireTime += lExpireDays * oneDay;
  222. bExpireSource = TRUE;
  223. }
  225. //get source account state
  226. var = pVarSet->get(GET_BSTR(DCTVS_CopiedAccount_SourceSam));
  227. wcscpy(strAcct, (WCHAR*)V_BSTR(&var));
  228. var = pVarSet->get(GET_BSTR(DCTVS_Options_SourceServer));
  229. wcscpy(strDomain, (WCHAR*)V_BSTR(&var));
  230. // we will use the net APIs to disable the source account
  231. rc = NetUserGetInfo(strDomain, strAcct, 3, (LPBYTE *)&info);
  232. if (rc != 0)
  233. {
  234. hr = S_FALSE;
  236. if (bDisableSource || bExpireSource || bSameAsSource)
  237. {
  238. if (pStats != NULL)
  239. {
  240. pStats->errors.users++;
  241. }
  243. err.SysMsgWrite(ErrE, rc, DCT_MSG_UNABLE_RETRIEVE_SOURCE_DISABLE_STATE_S, strAcct);
  245. if (bDisableSource || bExpireSource)
  246. {
  247. err.MsgWrite(ErrE, DCT_MSG_ACCOUNT_DISABLE_OR_EXPIRE_FAILED_S, strAcct);
  248. }
  250. if (bSameAsSource)
  251. {
  252. err.MsgWrite(ErrE, DCT_MSG_CANNOT_ENABLEDISABLE_TARGET_SAMEASSOURCE_S, strAcct);
  253. }
  254. }
  255. }
  256. else
  257. {
  258. bGotSrcState = TRUE;
  260. //set current source account state
  261. if (info->usri3_flags & UF_ACCOUNTDISABLE)
  262. bSrcDisabled = TRUE;
  263. //also save the flags in the varset to be used in setpass ARExt
  264. _variant_t vtFlag = (long)info->usri3_flags;
  265. pVarSet->put(GET_BSTR(DCTVS_CopiedAccount_UserFlags), vtFlag);
  267. //disable the source account if requested
  268. if (bDisableSource)
  269. {
  270. // Set the disable flag
  271. info->usri3_flags |= UF_ACCOUNTDISABLE;
  272. }
  274. //expire the account in given timeframe, if requested
  275. if ( bExpireSource )
  276. {
  277. if (((time_t)info->usri3_acct_expires == TIMEQ_FOREVER)
  278. || ((time_t)info->usri3_acct_expires > expireTime))
  279. {
  280. info->usri3_acct_expires = (DWORD)expireTime;
  281. }
  282. }
  284. //if changed, set the source information into the Domain.
  285. if (bDisableSource || bExpireSource)
  286. {
  287. rc = NetUserSetInfo(strDomain,strAcct, 3, (LPBYTE)info, &paramErr);
  289. if (rc == NERR_Success)
  290. {
  291. if (bDisableSource)
  292. {
  293. err.MsgWrite(0, DCT_MSG_SOURCE_DISABLED_S, strAcct);
  294. }
  296. if ( bExpireSource )
  297. {
  298. if (((time_t)info->usri3_acct_expires == TIMEQ_FOREVER) ||
  299. ((time_t)info->usri3_acct_expires > expireTime))
  300. {
  301. err.MsgWrite(0, DCT_MSG_SOURCE_EXPIRED_S, strAcct);
  302. }
  303. else
  304. {
  305. err.MsgWrite(0, DCT_MSG_SOURCE_EXPIRATION_EARLY_S, strAcct);
  306. }
  307. }
  308. }
  309. else
  310. {
  311. if (pStats != NULL)
  312. pStats->errors.users++;
  313. err.SysMsgWrite(ErrE, rc, DCT_MSG_ACCOUNT_DISABLE_OR_EXPIRE_FAILED_S, strAcct);
  314. }
  315. }
  316. NetApiBufferFree((LPVOID) info);
  317. }//if got current src account state
  320. /* process the target account */
  321. //get the target state
  322. var = pVarSet->get(GET_BSTR(DCTVS_CopiedAccount_TargetSam));
  323. wcscpy(strAcct, (WCHAR*)V_BSTR(&var));
  324. var = pVarSet->get(GET_BSTR(DCTVS_Options_TargetServer));
  325. wcscpy(strDomain, (WCHAR*)V_BSTR(&var));
  326. // we will use the net APIs to disable the target account
  327. rc = NetUserGetInfo(strDomain, strAcct, 3, (LPBYTE *)&info);
  329. if (rc != NERR_Success)
  330. {
  331. hr = S_FALSE;
  332. if (pStats != NULL)
  333. pStats->errors.users++;
  334. err.SysMsgWrite(ErrE, rc, DCT_MSG_DISABLE_TARGET_FAILED_S, strAcct);
  335. }
  336. else
  337. {
  338. //disable the target if requested
  339. if (bDisableTarget)
  340. {
  341. // Set the disable flag
  342. info->usri3_flags |= UF_ACCOUNTDISABLE;
  343. // Set the information into the Domain.
  344. rc = NetUserSetInfo(strDomain, strAcct, 3, (LPBYTE)info, &paramErr);
  346. if (rc == NERR_Success)
  347. {
  348. err.MsgWrite(0, DCT_MSG_TARGET_DISABLED_S, strAcct);
  349. }
  350. else
  351. {
  352. if (pStats != NULL)
  353. pStats->errors.users++;
  354. err.SysMsgWrite(ErrE, rc, DCT_MSG_DISABLE_TARGET_FAILED_S, strAcct);
  355. }
  356. }
  357. //else make target same state as source was
  358. else if (bSameAsSource)
  359. {
  360. //if the source was disabled or unable to retrieve source state, disable the target
  361. if (bSrcDisabled || !bGotSrcState)
  362. {
  363. //disable the target
  364. info->usri3_flags |= UF_ACCOUNTDISABLE;
  365. // Set the information into the Domain.
  366. rc = NetUserSetInfo( strDomain, strAcct, 3, (LPBYTE)info, &paramErr);
  368. if (rc == NERR_Success)
  369. {
  370. err.MsgWrite(0, DCT_MSG_TARGET_DISABLED_S, strAcct);
  371. }
  372. else
  373. {
  374. if (pStats != NULL)
  375. pStats->errors.users++;
  376. err.SysMsgWrite(ErrE, rc, DCT_MSG_DISABLE_TARGET_FAILED_S, strAcct);
  377. }
  378. }
  379. else //else make sure target is enabled and not set to expire
  380. {
  381. info->usri3_flags &= ~UF_ACCOUNTDISABLE;
  382. rc = NetUserSetInfo(strDomain,strAcct,3,(LPBYTE)info,&paramErr);
  384. if (rc != NERR_Success)
  385. {
  386. if (pStats != NULL)
  387. pStats->warnings.users++;
  388. err.SysMsgWrite(ErrW, rc, DCT_MSG_ENABLE_TARGET_FAILED_S, strAcct);
  389. }
  390. }
  391. }
  392. else //else make sure target is enabled and not set to expire
  393. {
  394. info->usri3_flags &= ~UF_ACCOUNTDISABLE;
  395. rc = NetUserSetInfo(strDomain,strAcct,3,(LPBYTE)info,&paramErr);
  397. if (rc != NERR_Success)
  398. {
  399. if (pStats != NULL)
  400. pStats->warnings.users++;
  401. err.SysMsgWrite(ErrW, rc, DCT_MSG_ENABLE_TARGET_FAILED_S, strAcct);
  402. }
  403. }
  404. NetApiBufferFree((LPVOID) info);
  405. }
  407. return hr;
  408. }
  411. //---------------------------------------------------------------------------
  412. // ProcessUndo : This function Enables the accounts that were previously
  413. // disabled..
  414. //---------------------------------------------------------------------------
  415. STDMETHODIMP CDisableTarget::ProcessUndo(
  416. IUnknown *pSource, //in- Pointer to the source AD object
  417. IUnknown *pTarget, //in- Pointer to the target AD object
  418. IUnknown *pMainSettings, //in- Varset filled with the settings supplied by user
  419. IUnknown **ppPropsToSet, //in,out - Varset filled with Prop-Value pairs that will be set
  420. // once all extension objects are executed.
  421. EAMAccountStats* pStats
  422. )
  423. {
  424. IVarSetPtr pVarSet = pMainSettings;
  425. IIManageDBPtr pDb = pVarSet->get(GET_BSTR(DCTVS_DBManager));
  426. _variant_t var;
  427. DWORD paramErr;
  428. USER_INFO_3 * info;
  429. long rc;
  430. WCHAR strDomain[LEN_Path];
  431. WCHAR strAcct[LEN_Path];
  432. HRESULT hr = S_OK;
  433. TErrorDct err;
  434. IUnknown * pUnk = NULL;
  435. _bstr_t sSourceName, sSourceDomain, sTgtDomain;
  436. WCHAR fileName[LEN_Path];
  437. IVarSetPtr pVs(__uuidof(VarSet));
  438. _variant_t vtExp, vtFlag;
  439. _bstr_t sDomainName = pVarSet->get(GET_BSTR(DCTVS_Options_SourceDomain));
  441. pVs->QueryInterface(IID_IUnknown, (void**)&pUnk);
  443. sSourceName = pVarSet->get(GET_BSTR(DCTVS_CopiedAccount_SourceSam));
  444. sSourceDomain = pVarSet->get(GET_BSTR(DCTVS_Options_SourceDomain));
  445. sTgtDomain = pVarSet->get(GET_BSTR(DCTVS_Options_TargetDomain));
  447. hr = pDb->raw_GetUserProps(sSourceDomain, sSourceName, &pUnk);
  448. if ( pUnk ) pUnk->Release();
  450. if ( hr == S_OK )
  451. {
  452. vtExp = pVs->get(GET_BSTR(DCTVS_CopiedAccount_ExpDate));
  453. vtFlag = pVs->get(GET_BSTR(DCTVS_CopiedAccount_UserFlags));
  454. }
  456. // Get the Error log filename from the Varset
  457. var = pVarSet->get(GET_BSTR(DCTVS_Options_Logfile));
  458. wcscpy(fileName, (WCHAR*)V_BSTR(&var));
  459. VariantInit(&var);
  460. // Open the error log
  461. err.LogOpen(fileName, 1);
  463. // Check if the object is of user type. if not then there is no point in disabling that account.
  464. var = pVarSet->get(GET_BSTR(DCTVS_CopiedAccount_Type));
  465. if ( _wcsicmp((WCHAR*)V_BSTR(&var),L"user") != 0 && _wcsicmp((WCHAR*)V_BSTR(&var),L"inetOrgPerson") != 0 )
  466. return S_OK;
  468. _bstr_t sDis = pVarSet->get(GET_BSTR(DCTVS_AccountOptions_DisableSourceAccounts));
  469. _bstr_t sExp = pVarSet->get(GET_BSTR(DCTVS_AccountOptions_ExpireSourceAccounts));
  472. if ( !wcscmp((WCHAR*)sDis,GET_STRING(IDS_YES)) || sExp.length() )
  473. {
  474. // Reset the flag and the expiration date for the source account.
  475. var = pVarSet->get(GET_BSTR(DCTVS_CopiedAccount_SourceSam));
  476. wcscpy(strAcct, (WCHAR*)V_BSTR(&var));
  477. var = pVarSet->get(GET_BSTR(DCTVS_Options_SourceServer));
  478. wcscpy(strDomain, (WCHAR*)V_BSTR(&var));
  479. // we will use the net APIs to disable the source account
  480. rc = NetUserGetInfo( strDomain, strAcct, 3, (LPBYTE *)&info);
  481. if (rc != NERR_Success)
  482. {
  483. hr = S_FALSE;
  484. if (pStats != NULL)
  485. pStats->warnings.users++;
  486. err.SysMsgWrite(ErrW, rc, DCT_MSG_ENABLE_SOURCE_FAILED_S, strAcct);
  487. }
  488. else
  489. {
  490. // Set the disable flag
  491. info->usri3_flags = vtFlag.lVal;
  492. info->usri3_acct_expires = vtExp.lVal;
  493. // Set the information into the Domain.
  494. rc = NetUserSetInfo(strDomain,strAcct, 3, (LPBYTE)info, &paramErr);
  495. NetApiBufferFree((LPVOID) info);
  497. if (rc == NERR_Success)
  498. {
  499. err.MsgWrite(0, DCT_MSG_SOURCE_ENABLED_S, strAcct);
  500. }
  501. else
  502. {
  503. if (pStats != NULL)
  504. pStats->warnings.users++;
  505. err.SysMsgWrite(ErrW, rc, DCT_MSG_ENABLE_SOURCE_FAILED_S, strAcct);
  506. }
  507. }
  508. }
  510. // Process the target account if the Varset is set
  511. var = pVarSet->get(GET_BSTR(DCTVS_AccountOptions_DisableCopiedAccounts));
  512. if ( (var.vt == VT_BSTR) && (_wcsicmp((WCHAR*)V_BSTR(&var),GET_STRING(IDS_YES)) == 0) )
  513. {
  514. var = pVarSet->get(GET_BSTR(DCTVS_CopiedAccount_TargetSam));
  515. wcscpy(strAcct, (WCHAR*)V_BSTR(&var));
  516. var = pVarSet->get(GET_BSTR(DCTVS_Options_TargetServer));
  517. wcscpy(strDomain, (WCHAR*)V_BSTR(&var));
  518. // we will use the net APIs to disable the target account
  519. rc = NetUserGetInfo( strDomain, strAcct, 3, (LPBYTE *)&info);
  520. if (rc != NERR_Success)
  521. {
  522. hr = S_FALSE;
  523. if (pStats != NULL)
  524. pStats->warnings.users++;
  525. err.SysMsgWrite(ErrW, rc, DCT_MSG_ENABLE_TARGET_FAILED_S, strAcct);
  526. }
  527. else
  528. {
  529. // clear the disable flag
  530. info->usri3_flags &= ~(UF_ACCOUNTDISABLE);
  531. // Set the information into the Domain.
  532. rc = NetUserSetInfo( strDomain, strAcct, 3, (LPBYTE)info, &paramErr);
  533. NetApiBufferFree((LPVOID) info);
  535. if (rc == NERR_Success)
  536. {
  537. err.MsgWrite(0, DCT_MSG_TARGET_ENABLED_S, strAcct);
  538. }
  539. else
  540. {
  541. if (pStats != NULL)
  542. pStats->warnings.users++;
  543. err.SysMsgWrite(ErrW, rc, DCT_MSG_ENABLE_TARGET_FAILED_S, strAcct);
  544. }
  545. }
  546. }
  547. WCHAR sFilter[5000];
  548. wsprintf(sFilter, L"SourceDomain='%s' and SourceSam='%s'", (WCHAR*)sDomainName, strAcct);
  549. _variant_t Filter = sFilter;
  550. pDb->raw_ClearTable(L"UserProps", Filter);
  552. err.LogClose();
  553. return hr;
  554. }