archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/admin/admt/script/usermigration.cpp

513 lines
13 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include "StdAfx.h"
  2. #include "ADMTScript.h"
  3. #include "UserMigration.h"
  5. #include "Error.h"
  6. #include "VarSetOptions.h"
  7. #include "VarSetAccountOptions.h"
  8. #include "VarSetSecurity.h"
  11. //---------------------------------------------------------------------------
  12. // CUserMigration
  13. //---------------------------------------------------------------------------
  16. CUserMigration::CUserMigration() :
  17. m_lDisableOption(admtEnableTarget),
  18. m_lSourceExpiration(-1),
  19. m_bMigrateSids(false),
  20. m_bTranslateRoamingProfile(false),
  21. m_bUpdateUserRights(false),
  22. m_bMigrateGroups(false),
  23. m_bUpdatePreviouslyMigratedObjects(false),
  24. m_bFixGroupMembership(true),
  25. m_bMigrateServiceAccounts(false)
  26. {
  27. }
  30. CUserMigration::~CUserMigration()
  31. {
  32. }
  35. // IUserMigration Implementation --------------------------------------------
  38. // DisableOption Property
  40. STDMETHODIMP CUserMigration::put_DisableOption(long lOption)
  41. {
  42. HRESULT hr = S_OK;
  44. if (IsDisableOptionValid(lOption))
  45. {
  46. m_lDisableOption = lOption;
  47. }
  48. else
  49. {
  50. hr = AdmtSetError(CLSID_Migration, IID_IUserMigration, E_INVALIDARG, IDS_E_DISABLE_OPTION_INVALID);
  51. }
  53. return hr;
  54. }
  56. STDMETHODIMP CUserMigration::get_DisableOption(long* plOption)
  57. {
  58. *plOption = m_lDisableOption;
  60. return S_OK;
  61. }
  64. // SourceExpiration Property
  66. STDMETHODIMP CUserMigration::put_SourceExpiration(long lExpiration)
  67. {
  68. HRESULT hr = S_OK;
  70. if (IsSourceExpirationValid(lExpiration))
  71. {
  72. m_lSourceExpiration = lExpiration;
  73. }
  74. else
  75. {
  76. hr = AdmtSetError(CLSID_Migration, IID_IUserMigration, E_INVALIDARG, IDS_E_SOURCE_EXPIRATION_INVALID);
  77. }
  79. return hr;
  80. }
  82. STDMETHODIMP CUserMigration::get_SourceExpiration(long* plExpiration)
  83. {
  84. *plExpiration = m_lSourceExpiration;
  86. return S_OK;
  87. }
  90. // MigrateSIDs Property
  92. STDMETHODIMP CUserMigration::put_MigrateSIDs(VARIANT_BOOL bMigrate)
  93. {
  94. m_bMigrateSids = bMigrate ? true : false;
  96. return S_OK;
  97. }
  99. STDMETHODIMP CUserMigration::get_MigrateSIDs(VARIANT_BOOL* pbMigrate)
  100. {
  101. *pbMigrate = m_bMigrateSids ? VARIANT_TRUE : VARIANT_FALSE;
  103. return S_OK;
  104. }
  107. // TranslateRoamingProfile Property
  109. STDMETHODIMP CUserMigration::put_TranslateRoamingProfile(VARIANT_BOOL bTranslate)
  110. {
  111. m_bTranslateRoamingProfile = bTranslate ? true : false;
  113. return S_OK;
  114. }
  116. STDMETHODIMP CUserMigration::get_TranslateRoamingProfile(VARIANT_BOOL* pbTranslate)
  117. {
  118. *pbTranslate = m_bTranslateRoamingProfile ? VARIANT_TRUE : VARIANT_FALSE;
  120. return S_OK;
  121. }
  124. // UpdateUserRights Property
  126. STDMETHODIMP CUserMigration::put_UpdateUserRights(VARIANT_BOOL bUpdate)
  127. {
  128. m_bUpdateUserRights = bUpdate ? true : false;
  130. return S_OK;
  131. }
  133. STDMETHODIMP CUserMigration::get_UpdateUserRights(VARIANT_BOOL* pbUpdate)
  134. {
  135. *pbUpdate = m_bUpdateUserRights ? VARIANT_TRUE : VARIANT_FALSE;
  137. return S_OK;
  138. }
  141. // MigrateGroups Property
  143. STDMETHODIMP CUserMigration::put_MigrateGroups(VARIANT_BOOL bMigrate)
  144. {
  145. m_bMigrateGroups = bMigrate ? true : false;
  147. return S_OK;
  148. }
  150. STDMETHODIMP CUserMigration::get_MigrateGroups(VARIANT_BOOL* pbMigrate)
  151. {
  152. *pbMigrate = m_bMigrateGroups ? VARIANT_TRUE : VARIANT_FALSE;
  154. return S_OK;
  155. }
  158. // UpdatePreviouslyMigratedObjects Property
  160. STDMETHODIMP CUserMigration::put_UpdatePreviouslyMigratedObjects(VARIANT_BOOL bUpdate)
  161. {
  162. m_bUpdatePreviouslyMigratedObjects = bUpdate ? true : false;
  164. return S_OK;
  165. }
  167. STDMETHODIMP CUserMigration::get_UpdatePreviouslyMigratedObjects(VARIANT_BOOL* pbUpdate)
  168. {
  169. *pbUpdate = m_bUpdatePreviouslyMigratedObjects ? VARIANT_TRUE : VARIANT_FALSE;
  171. return S_OK;
  172. }
  175. // FixGroupMembership Property
  177. STDMETHODIMP CUserMigration::put_FixGroupMembership(VARIANT_BOOL bFix)
  178. {
  179. m_bFixGroupMembership = bFix ? true : false;
  181. return S_OK;
  182. }
  184. STDMETHODIMP CUserMigration::get_FixGroupMembership(VARIANT_BOOL* pbFix)
  185. {
  186. *pbFix = m_bFixGroupMembership ? VARIANT_TRUE : VARIANT_FALSE;
  188. return S_OK;
  189. }
  192. // MigrateServiceAccounts Property
  194. STDMETHODIMP CUserMigration::put_MigrateServiceAccounts(VARIANT_BOOL bMigrate)
  195. {
  196. m_bMigrateServiceAccounts = bMigrate ? true : false;
  198. return S_OK;
  199. }
  201. STDMETHODIMP CUserMigration::get_MigrateServiceAccounts(VARIANT_BOOL* pbMigrate)
  202. {
  203. *pbMigrate = m_bMigrateServiceAccounts ? VARIANT_TRUE : VARIANT_FALSE;
  205. return S_OK;
  206. }
  209. // Migrate Method
  211. STDMETHODIMP CUserMigration::Migrate(long lOptions, VARIANT vntInclude, VARIANT vntExclude)
  212. {
  213. HRESULT hr = S_OK;
  215. MutexWait();
  217. bool bLogOpen = _Module.OpenLog();
  219. try
  220. {
  221. _Module.Log(ErrI, IDS_STARTED_USER_MIGRATION);
  223. InitSourceDomainAndContainer();
  224. InitTargetDomainAndContainer();
  226. SetDefaultExcludedSystemProperties();
  228. VerifyInterIntraForest();
  229. VerifyCallerDelegated();
  230. ValidateMigrationParameters();
  232. if (m_bMigrateSids)
  233. {
  234. VerifyCanAddSidHistory();
  235. }
  237. VerifyPasswordOption();
  239. DoOption(lOptions, vntInclude, vntExclude);
  240. }
  241. catch (_com_error& ce)
  242. {
  243. _Module.Log(ErrE, IDS_E_CANT_MIGRATE_USERS, ce);
  244. hr = AdmtSetError(CLSID_Migration, IID_IUserMigration, ce, IDS_E_CANT_MIGRATE_USERS);
  245. }
  246. catch (...)
  247. {
  248. _Module.Log(ErrE, IDS_E_CANT_MIGRATE_USERS, _com_error(E_FAIL));
  249. hr = AdmtSetError(CLSID_Migration, IID_IUserMigration, E_FAIL, IDS_E_CANT_MIGRATE_USERS);
  250. }
  252. if (bLogOpen)
  253. {
  254. _Module.CloseLog();
  255. }
  257. MutexRelease();
  259. return hr;
  260. }
  263. // Implementation -----------------------------------------------------------
  266. // ValidateMigrationParameters Method
  268. void CUserMigration::ValidateMigrationParameters()
  269. {
  270. bool bIntraForest = m_spInternal->IntraForest ? true : false;
  272. if (bIntraForest)
  273. {
  274. // validate conflict option
  276. long lConflictOptions = m_spInternal->ConflictOptions;
  277. long lConflictOption = lConflictOptions & 0x0F;
  279. if (lConflictOption == admtReplaceConflicting)
  280. {
  281. AdmtThrowError(GUID_NULL, GUID_NULL, E_INVALIDARG, IDS_E_INTRA_FOREST_REPLACE);
  282. }
  283. }
  284. }
  287. // DoNames Method
  289. void CUserMigration::DoNames()
  290. {
  291. CDomainAccounts aUsers;
  293. m_SourceDomain.QueryUsers(GetSourceContainer(), m_setIncludeNames, m_setExcludeNames, aUsers);
  295. DoUsers(aUsers, GetTargetContainer());
  296. }
  299. // DoDomain Method
  301. void CUserMigration::DoDomain()
  302. {
  303. CContainer& rSource = GetSourceContainer();
  304. CContainer& rTarget = GetTargetContainer();
  306. if (m_nRecurseMaintain == 2)
  307. {
  308. rTarget.CreateContainerHierarchy(rSource);
  309. }
  311. DoContainers(rSource, rTarget);
  312. }
  315. // DoContainers Method
  317. void CUserMigration::DoContainers(CContainer& rSource, CContainer& rTarget)
  318. {
  319. DoUsers(rSource, rTarget);
  321. if (m_nRecurseMaintain == 2)
  322. {
  323. ContainerVector aContainers;
  324. rSource.QueryContainers(aContainers);
  326. for (ContainerVector::iterator it = aContainers.begin(); it != aContainers.end(); it++)
  327. {
  328. DoContainers(*it, rTarget.GetContainer(it->GetName()));
  329. }
  330. }
  331. }
  334. // DoUsers Method
  336. void CUserMigration::DoUsers(CContainer& rSource, CContainer& rTarget)
  337. {
  338. CDomainAccounts aUsers;
  339. rSource.QueryUsers(m_nRecurseMaintain == 1, m_setExcludeNames, aUsers);
  341. DoUsers(aUsers, rTarget);
  342. }
  345. // DoUsers Method
  347. void CUserMigration::DoUsers(CDomainAccounts& rUsers, CContainer& rTarget)
  348. {
  349. if (rUsers.size() > 0)
  350. {
  351. if (!m_bMigrateServiceAccounts)
  352. {
  353. RemoveServiceAccounts(rUsers);
  354. }
  356. if (rUsers.size() > 0)
  357. {
  358. CVarSet aVarSet;
  360. SetOptions(rTarget.GetPath(), aVarSet);
  361. SetAccountOptions(aVarSet);
  363. VerifyRenameConflictPrefixSuffixValid();
  365. FillInVarSetForUsers(rUsers, aVarSet);
  367. rUsers.clear();
  369. #ifdef _DEBUG
  370. aVarSet.Dump();
  371. #endif
  373. PerformMigration(aVarSet);
  375. SaveSettings(aVarSet);
  377. if ((m_nRecurseMaintain == 2) && m_bMigrateGroups)
  378. {
  379. FixObjectsInHierarchy(_T("group"));
  380. }
  381. }
  382. }
  383. }
  386. // RemoveServiceAccounts Method
  388. void CUserMigration::RemoveServiceAccounts(CDomainAccounts& rUsers)
  389. {
  390. try
  391. {
  392. CVarSet varset;
  394. IIManageDBPtr spDatabase(__uuidof(IManageDB));
  395. IUnknownPtr spunkVarSet(varset.GetInterface());
  396. IUnknown* punkVarset = spunkVarSet;
  397. spDatabase->GetServiceAccount(_bstr_t(_T("")), &punkVarset);
  399. long lCount = varset.Get(_T("ServiceAccountEntries"));
  401. if (lCount > 0)
  402. {
  403. StringSet setNames;
  405. for (long lIndex = 0; lIndex < lCount; lIndex++)
  406. {
  407. setNames.insert(_bstr_t(varset.Get(_T("ServiceAccount.%ld"), lIndex)));
  408. }
  410. _bstr_t strDomain = m_SourceDomain.NameFlat();
  412. for (CDomainAccounts::iterator itUser = rUsers.begin(); itUser != rUsers.end(); )
  413. {
  414. bool bFound = false;
  416. _bstr_t strAccountName = strDomain + _T("\\") + itUser->GetSamAccountName();
  417. _bstr_t strUserPrincipalName = itUser->GetUserPrincipalName();
  419. PCTSTR pszAccountName = strAccountName;
  420. PCTSTR pszUserPrincipalName = strUserPrincipalName;
  422. for (StringSet::iterator itName = setNames.begin(); itName != setNames.end(); itName++)
  423. {
  424. PCTSTR pszName = *itName;
  426. if (pszName)
  427. {
  428. if (pszAccountName && (_tcsicmp(pszName, pszAccountName) == 0))
  429. {
  430. bFound = true;
  431. break;
  432. }
  434. if (pszUserPrincipalName && (_tcsicmp(pszName, pszUserPrincipalName) == 0))
  435. {
  436. bFound = true;
  437. break;
  438. }
  439. }
  440. }
  442. if (bFound)
  443. {
  444. itUser = rUsers.erase(itUser);
  445. }
  446. else
  447. {
  448. ++itUser;
  449. }
  450. }
  451. }
  452. }
  453. catch (_com_error& ce)
  454. {
  455. AdmtThrowError(GUID_NULL, GUID_NULL, ce, IDS_E_REMOVING_SERVICE_ACCOUNTS);
  456. }
  457. }
  460. // SetOptions Method
  462. void CUserMigration::SetOptions(_bstr_t strTargetOu, CVarSet& rVarSet)
  463. {
  464. CVarSetOptions aOptions(rVarSet);
  466. aOptions.SetTest(m_spInternal->TestMigration ? true : false);
  468. aOptions.SetUndo(false);
  469. aOptions.SetWizard(_T("user"));
  471. aOptions.SetIntraForest(m_spInternal->IntraForest ? true : false);
  472. aOptions.SetSourceDomain(m_SourceDomain.NameFlat(), m_SourceDomain.NameDns(), m_SourceDomain.Sid());
  473. aOptions.SetTargetDomain(m_TargetDomain.NameFlat(), m_TargetDomain.NameDns());
  474. aOptions.SetTargetOu(strTargetOu);
  476. if (m_bMigrateSids || (m_spInternal->PasswordOption == admtCopyPassword))
  477. {
  478. aOptions.SetTargetServer(
  479. m_TargetDomain.DomainControllerNameFlat(),
  480. m_TargetDomain.DomainControllerNameDns()
  481. );
  482. }
  484. aOptions.SetRenameOptions(m_spInternal->RenameOption, m_spInternal->RenamePrefixOrSuffix);
  485. }
  488. // SetAccountOptions Method
  490. void CUserMigration::SetAccountOptions(CVarSet& rVarSet)
  491. {
  492. CVarSetAccountOptions aOptions(rVarSet);
  494. aOptions.SetPasswordOption(m_spInternal->PasswordOption, m_spInternal->PasswordServer);
  495. aOptions.SetPasswordFile(m_spInternal->PasswordFile);
  496. aOptions.SetConflictOptions(m_spInternal->ConflictOptions, m_spInternal->ConflictPrefixOrSuffix);
  498. aOptions.SetDisableOption(m_lDisableOption);
  499. aOptions.SetSourceExpiration(m_lSourceExpiration);
  500. aOptions.SetMigrateSids(m_bMigrateSids);
  501. aOptions.SetUserMigrationOptions(m_bMigrateGroups, m_bUpdatePreviouslyMigratedObjects);
  502. aOptions.SetFixGroupMembership(m_bFixGroupMembership);
  503. aOptions.SetUpdateUserRights(m_bUpdateUserRights);
  504. aOptions.SetTranslateRoamingProfile(m_bTranslateRoamingProfile);
  506. aOptions.SetExcludedUserProps(m_spInternal->UserPropertiesToExclude);
  507. aOptions.SetExcludedInetOrgPersonProps(m_spInternal->InetOrgPersonPropertiesToExclude);
  509. if (m_bMigrateGroups)
  510. {
  511. aOptions.SetExcludedGroupProps(m_spInternal->GroupPropertiesToExclude);
  512. }
  513. }