archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/admin/admt/workobj/pwdage.cpp

288 lines
8.7 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*---------------------------------------------------------------------------
  2. File: ComputerPwdAge.cpp
  4. Comments: Implementation of COM object to retrieve password age for computer
  5. accounts (used to detect defunct computer accounts.)
  7. (c) Copyright 1999, Mission Critical Software, Inc., All Rights Reserved
  8. Proprietary and confidential to Mission Critical Software, Inc.
  10. REVISION LOG ENTRY
  11. Revision By: Christy Boles
  12. Revised on 02/15/99 11:19:31
  14. ---------------------------------------------------------------------------
  15. */
  17. // ComputerPwdAge.cpp : Implementation of CComputerPwdAge
  18. #include "stdafx.h"
  19. #include "WorkObj.h"
  20. #include "PwdAge.h"
  21. #include "Common.hpp"
  22. #include "UString.hpp"
  23. #include "Err.hpp"
  24. #include "CommaLog.hpp"
  25. #include "EaLen.hpp"
  26. #include "GetDcName.h"
  28. //#import "\bin\McsVarSetMin.tlb" no_namespace
  29. //#import "\bin\DBManager.tlb" no_namespace, named_guids
  30. #import "VarSet.tlb" no_namespace rename("property", "aproperty")
  31. #import "DBMgr.tlb" no_namespace, named_guids
  33. #include <lm.h>
  35. /////////////////////////////////////////////////////////////////////////////
  36. // CComputerPwdAge
  39. STDMETHODIMP
  40. CComputerPwdAge::SetDomain(
  41. BSTR domain // in - domain name to examine
  42. )
  43. {
  44. HRESULT hr = S_OK;
  45. DWORD rc;
  46. WCHAR domctrl[LEN_Computer];
  48. if ( UStrICmp(m_Domain,domain) )
  49. {
  50. m_Domain = domain;
  52. rc = GetDomainControllerForDomain(domain,domctrl);
  54. if ( rc )
  55. {
  56. hr = HRESULT_FROM_WIN32(rc);
  57. }
  58. else
  59. {
  60. m_DomainCtrl = domctrl;
  61. }
  62. }
  63. return hr;
  64. }
  66. STDMETHODIMP
  67. CComputerPwdAge::GetPwdAge(
  68. BSTR domain, // in - domain name to examine
  69. BSTR ComputerName, // in - machine name of computer
  70. DWORD * pPwdAge // out- password age in seconds
  71. )
  72. {
  73. HRESULT hr;
  74. DWORD rc;
  75. WCHAR computerAccountName[LEN_Account];
  76. DWORD pwdage = 0;
  78. hr = SetDomain(domain);
  79. if ( SUCCEEDED(hr) )
  80. {
  81. swprintf(computerAccountName,L"%s",ComputerName);
  82. rc = GetSinglePasswordAgeInternal(m_DomainCtrl,computerAccountName,&pwdage);
  83. if ( ! rc )
  84. {
  85. (*pPwdAge) = pwdage;
  86. }
  87. else
  88. {
  89. hr = HRESULT_FROM_WIN32(rc);
  90. }
  91. }
  92. return hr;
  93. }
  95. STDMETHODIMP
  96. CComputerPwdAge::ExportPasswordAge(
  97. BSTR domain, // in - domain to export information from
  98. BSTR filename // in - UNC name of file to write information to
  99. )
  100. {
  101. HRESULT hr;
  103. hr = SetDomain(domain);
  104. if ( SUCCEEDED(hr) )
  105. {
  106. hr = ExportPasswordAgeOlderThan(domain,filename,0);
  107. }
  108. return hr;
  109. }
  111. STDMETHODIMP
  112. CComputerPwdAge::ExportPasswordAgeOlderThan(
  113. BSTR domain, // in - domain to export information from
  114. BSTR filename, // in - filename to write information to
  115. DWORD minAge // in - write only accounts with password age older than minAge
  116. )
  117. {
  118. DWORD rc = 0;
  119. HRESULT hr;
  121. hr = SetDomain(domain);
  123. if ( SUCCEEDED(hr) )
  124. {
  125. rc = ExportPasswordAgeInternal(m_DomainCtrl,filename,minAge,TRUE);
  126. if ( rc )
  127. {
  128. hr = HRESULT_FROM_WIN32(rc);
  129. }
  130. }
  131. return hr;
  132. }
  134. STDMETHODIMP
  135. CComputerPwdAge::ExportPasswordAgeNewerThan(
  136. BSTR domain, // in - domain to export information from
  137. BSTR filename, // in - filename to write information to
  138. DWORD maxAge // in - write only computer accounts with password age less than maxAge
  139. )
  140. {
  141. DWORD rc = 0;
  142. HRESULT hr;
  144. hr = SetDomain(domain);
  146. if ( SUCCEEDED(hr) )
  147. {
  148. rc = ExportPasswordAgeInternal(m_DomainCtrl,filename,maxAge,FALSE);
  149. if ( rc )
  150. {
  151. hr = HRESULT_FROM_WIN32(rc);
  152. }
  153. }
  154. return hr;
  156. }
  158. DWORD // ret- WIN32 error code
  159. CComputerPwdAge::GetDomainControllerForDomain(
  160. WCHAR const * domain, // in - name of domain
  161. WCHAR * domctrl // out- domain controller for domain
  162. )
  163. {
  164. DWORD rc;
  165. _bstr_t result;
  167. rc = GetAnyDcName4(domain, result);
  168. if ( ! rc )
  169. {
  170. wcscpy(domctrl,result);
  171. }
  172. return rc;
  173. }
  175. DWORD // ret- WIN32 error code
  176. CComputerPwdAge::ExportPasswordAgeInternal(
  177. WCHAR const * domctrl, // in - domain controller to query
  178. WCHAR const * filename, // in - filename to write results to
  179. DWORD minOrMaxAge, // in - optional min or max age to write
  180. BOOL bOld // in - TRUE-Age is min age, copies only old accounts
  181. )
  182. {
  183. DWORD rc = 0;
  184. DWORD nRead;
  185. DWORD nTotal;
  186. DWORD nResume = 0;
  187. DWORD prefmax = 1000;
  188. USER_INFO_11 * buf;
  189. time_t pwdage; // the number of seconds ago that the pwd was last changed
  190. time_t pwdtime; // the time when the pwd was last changed
  191. time_t now; // the current time
  192. CommaDelimitedLog log;
  193. IIManageDBPtr pDB;
  194. WCHAR computerName[LEN_Account];
  196. rc = pDB.CreateInstance(CLSID_IManageDB);
  197. if ( SUCCEEDED(rc) )
  198. {
  200. time(&now);
  201. do
  202. {
  203. rc = NetUserEnum(domctrl,11,FILTER_WORKSTATION_TRUST_ACCOUNT,(LPBYTE*)&buf,prefmax,&nRead,&nTotal,&nResume);
  204. if ( rc && rc != ERROR_MORE_DATA )
  205. break;
  206. for ( UINT i = 0 ; i < nRead ; i++ )
  207. {
  208. pwdage = buf[i].usri11_password_age;
  209. if ( ( pwdage >= (time_t)minOrMaxAge && bOld ) // inactive machines
  210. ||( pwdage <= (time_t)minOrMaxAge && !bOld ) ) // active machines
  211. {
  212. safecopy(computerName,buf[i].usri11_name);
  213. // strip off the $ from the end of the computer account
  214. computerName[UStrLen(computerName)-1] = 0;
  215. // pDB->raw_SavePasswordAge(m_Domain,SysAllocString(computerName),SysAllocString(buf[i].usri11_comment),pwdage);
  216. pDB->raw_SavePasswordAge(m_Domain,SysAllocString(computerName),SysAllocString(buf[i].usri11_comment),(long)pwdage);
  218. pwdtime = now - pwdage;
  219. }
  220. }
  221. NetApiBufferFree(buf);
  223. } while ( rc == ERROR_MORE_DATA );
  225. }
  226. else
  227. {
  228. rc = GetLastError();
  229. }
  230. return rc;
  231. }
  234. DWORD // ret- WIN32 error code
  235. CComputerPwdAge::GetSinglePasswordAgeInternal(
  236. WCHAR const * domctrl, // in - domain controller to query
  237. WCHAR const * computer, // in - name of computer account
  238. DWORD * pwdage // out- password age in seconds
  239. )
  240. {
  241. DWORD rc = 0;
  242. USER_INFO_11 * buf;
  244. rc = NetUserGetInfo(domctrl,computer,11,(LPBYTE*)&buf);
  246. if (! rc )
  247. {
  248. (*pwdage) = buf->usri11_password_age;
  249. NetApiBufferFree(buf);
  250. }
  251. return rc;
  252. }
  255. // ComputerPwdAge worknode
  256. // Retrieves the password age (in seconds) for a computer account in a specified domain
  257. // This can be used to identify defunct computer accounts
  258. //
  259. // VarSet syntax
  260. // Input:
  261. // ComputerPasswordAge.Domain: <DomainName>
  262. // ComputerPasswordAge.Computer: <ComputerName>
  263. // Output:
  264. // ComputerPasswordAge.Seconds : <number>
  266. STDMETHODIMP
  267. CComputerPwdAge::Process(
  268. IUnknown * pWorkItem // in - varset containing settings
  269. )
  270. {
  271. HRESULT hr = S_OK;
  272. IVarSetPtr pVarSet = pWorkItem;
  273. _bstr_t domain;
  274. _bstr_t computer;
  275. DWORD age;
  277. domain = pVarSet->get(L"ComputerPasswordAge.Domain");
  278. computer = pVarSet->get(L"ComputerPasswordAge.Computer");
  279. if ( computer.length() && domain.length() )
  280. {
  281. hr = GetPwdAge(domain,computer,&age);
  282. if ( SUCCEEDED(hr) )
  283. {
  284. pVarSet->put(L"ComputerPasswordAge.Seconds",(LONG)age);
  285. }
  286. }
  287. return hr;
  288. }