archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/admin/cys/servmgmt/auw/dll/inc/ausrutil.h

643 lines
19 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #ifndef _AUSRUTIL_H
  2. #define _AUSRUTIL_H
  4. #include <activeds.h>
  5. #include "EscStr.h"
  7. #include <lm.h>
  8. #include <lmapibuf.h>
  9. #include <lmshare.h>
  11. #define SECURITY_WIN32
  12. #include <security.h>
  14. enum NameContextType
  15. {
  16. NAMECTX_SCHEMA = 0,
  17. NAMECTX_CONFIG = 1,
  18. NAMECTX_COUNT
  19. };
  21. // ----------------------------------------------------------------------------
  22. // GetADNamingContext()
  23. // ----------------------------------------------------------------------------
  24. inline HRESULT GetADNamingContext(NameContextType ctx, LPCWSTR* ppszContextDN)
  25. {
  26. const static LPCWSTR pszContextName[NAMECTX_COUNT] = { L"schemaNamingContext", L"configurationNamingContext"};
  27. static CString strContextDN[NAMECTX_COUNT];
  29. HRESULT hr = S_OK;
  31. if (strContextDN[ctx].IsEmpty())
  32. {
  33. CComVariant var;
  34. CComPtr<IADs> pObj;
  36. hr = ADsGetObject(L"LDAP://rootDSE", IID_IADs, (void**)&pObj);
  37. if (SUCCEEDED(hr))
  38. {
  39. CComBSTR bstrProp = pszContextName[ctx];
  40. hr = pObj->Get( bstrProp, &var );
  41. if (SUCCEEDED(hr))
  42. {
  43. strContextDN[ctx] = var.bstrVal;
  44. *ppszContextDN = strContextDN[ctx];
  45. }
  46. }
  47. }
  48. else
  49. {
  50. *ppszContextDN = strContextDN[ctx];
  51. hr = S_OK;
  52. }
  54. return hr;
  55. }
  57. //--------------------------------------------------------------------------
  58. // EnableButton
  59. //
  60. // Enables or disables a dialog control. If the control has the focus when
  61. // it is disabled, the focus is moved to the next control
  62. //--------------------------------------------------------------------------
  63. inline void EnableButton(HWND hwndDialog, int iCtrlID, BOOL bEnable)
  64. {
  65. HWND hWndCtrl = ::GetDlgItem(hwndDialog, iCtrlID);
  66. ATLASSERT(::IsWindow(hWndCtrl));
  68. if (!bEnable && ::GetFocus() == hWndCtrl)
  69. {
  70. HWND hWndNextCtrl = ::GetNextDlgTabItem(hwndDialog, hWndCtrl, FALSE);
  71. if (hWndNextCtrl != NULL && hWndNextCtrl != hWndCtrl)
  72. {
  73. ::SetFocus(hWndNextCtrl);
  74. }
  75. }
  77. ::EnableWindow(hWndCtrl, bEnable);
  78. }
  80. // ----------------------------------------------------------------------------
  81. // ErrorMsg()
  82. // ----------------------------------------------------------------------------
  83. inline void ErrorMsg(UINT uiError, UINT uiTitle)
  84. {
  85. CString csError;
  86. CString csTitle;
  88. csError.LoadString(uiError);
  89. csTitle.LoadString(uiTitle);
  91. ::MessageBox(NULL, (LPCWSTR)csError, (LPCWSTR)csTitle, MB_OK | MB_TASKMODAL | MB_ICONERROR);
  92. }
  94. inline BOOL StrContainsDBCS(LPCTSTR szIn)
  95. {
  96. if( !szIn ) return FALSE;
  98. BOOL bFound = FALSE;
  99. TCHAR *pch = NULL;
  101. for ( pch=(LPTSTR)szIn; *pch && !bFound; pch=_tcsinc(pch) )
  102. {
  103. if ( IsDBCSLeadByte((BYTE)*pch) )
  104. {
  105. bFound = TRUE;
  106. }
  107. }
  109. return bFound;
  110. }
  112. inline BOOL LdapToDCName(LPCTSTR pszPath, LPTSTR pszOutBuf, int nOutBufSize)
  113. {
  114. if( !pszPath || !pszOutBuf || !nOutBufSize ) return FALSE;
  116. pszOutBuf[0] = 0;
  118. TCHAR* pszTemp = _tcsstr( pszPath, _T("DC=") );
  119. if( !pszTemp ) return FALSE;
  121. DWORD dwSize = nOutBufSize;
  123. BOOLEAN bSuccess = TranslateName( pszTemp, NameFullyQualifiedDN, NameCanonical, pszOutBuf, &dwSize );
  125. if( bSuccess && (dwSize > 2) )
  126. {
  127. if( pszOutBuf[dwSize-2] == _T('/') )
  128. {
  129. pszOutBuf[dwSize-2] = 0;
  130. }
  131. }
  133. return (BOOL)bSuccess;
  135. }
  137. // ----------------------------------------------------------------------------
  138. // FindADsObject()
  139. //
  140. // szFilterFmt must be of the format "(|(cn=%1)(ou=%1))"
  141. // NOTE: szFilterFmt must contain ONLY %1's.. i.e. %2 is right out!
  142. // ----------------------------------------------------------------------------
  143. inline HRESULT FindADsObject( LPCTSTR szOU, LPCTSTR szObject, LPCTSTR szFilterFmt, CString &csResult, DWORD dwRetType/*=0*/, BOOL bRoot/*=FALSE*/ )
  144. {
  145. if( !szOU || !szObject || !szFilterFmt ) return E_POINTER;
  147. // Find out if the szObject contains any '(' or ')'s.. if so then we have to exit.
  148. if ( _tcschr(szObject, _T('(')) ||
  149. _tcschr(szObject, _T(')')) )
  150. {
  151. return S_FALSE;
  152. }
  154. HRESULT hr = S_OK;
  155. CString csTmp = szOU;
  156. CString csOU = L"LDAP://";
  157. TCHAR *pch = NULL;
  159. if ( bRoot )
  160. {
  161. csTmp.MakeUpper();
  162. pch = _tcsstr( (LPCTSTR)csTmp, L"DC=" ); // Find the first DC=
  163. if ( !pch ) return E_FAIL;
  165. csOU += pch; // Append from the DC= on.
  167. if ( (pch = _tcschr((LPCTSTR)csOU + 7, L'/')) != NULL )
  168. {
  169. // Hmmm. . something was after the DC='s... I don't even know
  170. // if that's allowed.
  171. // (e.g. LDAP://DC=ted,DC=microsoft,DC=com/foo)
  172. // If so, let's end the string at the /
  173. *pch = 0;
  174. }
  175. }
  176. else
  177. {
  178. csTmp.MakeUpper();
  179. pch = _tcsstr( (LPCTSTR)csTmp, L"LDAP://" ); // Did the string include the LDAP://?
  180. if ( !pch )
  181. {
  182. csOU += csTmp;
  183. }
  184. else
  185. {
  186. csOU = csTmp;
  187. }
  188. // Now csOU contains the LDAP:// for sure.
  189. }
  191. // Set query parameters
  192. CComPtr<IDirectorySearch> spDirSearch = NULL;
  193. ADS_SEARCH_HANDLE hSearch; // Handle used for searching.
  194. ADS_SEARCH_COLUMN col; // Used to hold the current column.
  195. CString csFilter;
  196. LPTSTR pszAttr[] = { _T("cn"), _T("distinguishedName"), _T("description"), _T("sAMAccountName"), _T("mailNickname") };
  197. DWORD dwCount = sizeof(pszAttr) / sizeof(LPTSTR);
  200. csFilter.FormatMessage(szFilterFmt, szObject);
  202. // Open our search object.
  203. hr = ::ADsOpenObject(const_cast<LPTSTR>((LPCTSTR)csOU), NULL, NULL, ADS_SECURE_AUTHENTICATION, IID_IDirectorySearch, (void**)&spDirSearch);
  204. if ( !SUCCEEDED(hr) )
  205. {
  206. _ASSERT(FALSE);
  207. return hr;
  208. }
  210. // Search for out object.
  211. hr = spDirSearch->ExecuteSearch(const_cast<LPTSTR>((LPCTSTR)csFilter), pszAttr, dwCount, &hSearch);
  212. if ( !SUCCEEDED(hr) )
  213. {
  214. return(hr);
  215. }
  217. if ( spDirSearch->GetNextRow(hSearch) == S_ADS_NOMORE_ROWS )
  218. {
  219. spDirSearch->CloseSearchHandle(hSearch);
  220. return(E_FAIL);
  221. }
  223. // If we got to here, then we got the object, so let's get the LDAP path to the
  224. // object so that we can return it to the caller.
  225. hr = spDirSearch->GetColumn(hSearch, pszAttr[dwRetType], &col);
  226. if ( !SUCCEEDED(hr) )
  227. {
  228. _ASSERT(FALSE);
  229. csResult = _T("");
  230. }
  231. else
  232. {
  233. csResult = col.pADsValues->CaseExactString;
  234. spDirSearch->FreeColumn(&col);
  235. }
  237. spDirSearch->CloseSearchHandle(hSearch);
  239. return(S_OK);
  240. }
  242. inline tstring GetDomainPath( LPCTSTR lpServer )
  243. {
  244. if( !lpServer ) return _T("");
  246. // get the domain information
  247. CComVariant var;
  248. tstring strRet = _T("");
  250. TCHAR pszString[MAX_PATH*2] = {0};
  251. _sntprintf( pszString, (MAX_PATH*2)-1, L"LDAP://%s/rootDSE", lpServer );
  253. CComPtr<IADs> pDS = NULL;
  254. HRESULT hr = ::ADsGetObject( pszString, IID_IADs, (void**)&pDS );
  255. if( SUCCEEDED(hr) )
  256. {
  257. CComBSTR bstrProp = _T("defaultNamingContext");
  258. hr = pDS->Get( bstrProp, &var );
  259. }
  261. if( SUCCEEDED(hr) && (V_VT(&var) == VT_BSTR) )
  262. {
  263. strRet = V_BSTR( &var );
  264. }
  267. return strRet;
  268. }
  270. //+----------------------------------------------------------------------------
  271. //
  272. // Function: RemoveTrailingWhitespace
  273. //
  274. // Synopsis: Trailing white space is replaced by NULLs.
  275. //
  276. //-----------------------------------------------------------------------------
  277. inline void RemoveTrailingWhitespace(LPTSTR pszIn)
  278. {
  279. if( !pszIn ) return;
  281. int nLen = _tcslen(pszIn);
  283. while( nLen )
  284. {
  285. if( !iswspace(pszIn[nLen - 1]) )
  286. {
  287. return;
  288. }
  289. pszIn[nLen - 1] = L'\0';
  290. nLen--;
  291. }
  292. }
  294. inline tstring StrFormatSystemError( HRESULT hrErr )
  295. {
  296. tstring strError = _T("");
  297. LPVOID lpMsgBuf = NULL;
  299. // look up the error from the system
  300. if ( ::FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER |
  301. FORMAT_MESSAGE_FROM_SYSTEM |
  302. FORMAT_MESSAGE_IGNORE_INSERTS,
  303. NULL,
  304. hrErr,
  305. MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
  306. (LPTSTR)&lpMsgBuf,
  307. 0,
  308. NULL ))
  309. {
  310. if( lpMsgBuf )
  311. {
  312. strError = (LPTSTR)lpMsgBuf;
  313. LocalFree( lpMsgBuf );
  314. }
  315. }
  317. // return the error string
  318. return strError;
  319. }
  321. inline tstring StrGetWindowText( HWND hWnd )
  322. {
  323. if( !hWnd || !IsWindow(hWnd) )
  324. {
  325. return _T("");
  326. }
  328. TSTRING strRet = _T("");
  329. INT iLen = GetWindowTextLength(hWnd);
  330. TCHAR* pszText = new TCHAR[ iLen + 1 ];
  331. if ( pszText )
  332. {
  333. if ( GetWindowText(hWnd, pszText, iLen + 1) )
  334. {
  335. strRet = pszText;
  336. }
  338. delete[] pszText;
  339. }
  341. return strRet;
  342. }
  344. inline HRESULT SetSecInfoMask( LPUNKNOWN punk, SECURITY_INFORMATION si )
  345. {
  346. HRESULT hr = E_INVALIDARG;
  347. if( punk )
  348. {
  349. CComPtr<IADsObjectOptions> spOptions;
  350. hr = punk->QueryInterface( IID_IADsObjectOptions, (void**)&spOptions );
  351. if( SUCCEEDED(hr) )
  352. {
  353. VARIANT var;
  354. VariantInit( &var );
  355. V_VT( &var ) = VT_I4;
  356. V_I4( &var ) = si;
  358. hr = spOptions->SetOption( ADS_OPTION_SECURITY_MASK, var );
  359. }
  360. }
  362. return hr;
  363. }
  365. //+---------------------------------------------------------------------------
  366. //
  367. // Function: GetSDForDsObject
  368. // Synopsis: Reads the security descriptor from the specied DS object
  369. // It only reads the DACL portion of the security descriptor
  370. //
  371. // Arguments: [IN pDsObject] -- DS object
  372. // [ppDACL] --pointer to dacl in ppSD is returned here
  373. // [OUT ppSD] -- Security descriptor returned here.
  374. // calling API must free this by calling LocalFree
  375. //
  376. // Notes: The returned security descriptor must be freed with LocalFree
  377. //
  378. //----------------------------------------------------------------------------
  380. inline HRESULT GetSDForDsObject( IDirectoryObject* pDsObject, PACL* ppDACL, PSECURITY_DESCRIPTOR* ppSD )
  381. {
  382. if(!pDsObject || !ppSD) return E_POINTER;
  384. *ppSD = NULL;
  385. if(ppDACL)
  386. {
  387. *ppDACL = NULL;
  388. }
  390. HRESULT hr = S_OK;
  391. PADS_ATTR_INFO pSDAttributeInfo = NULL;
  393. WCHAR const c_szSDProperty[] = L"nTSecurityDescriptor";
  394. LPWSTR pszProperty = (LPWSTR)c_szSDProperty;
  396. // Set the SECURITY_INFORMATION mask to DACL_SECURITY_INFORMATION
  397. hr = SetSecInfoMask(pDsObject, DACL_SECURITY_INFORMATION);
  399. DWORD dwAttributesReturned;
  400. if( SUCCEEDED(hr) )
  401. {
  402. // Read the security descriptor attribute
  403. hr = pDsObject->GetObjectAttributes( &pszProperty, 1, &pSDAttributeInfo, &dwAttributesReturned );
  404. if(SUCCEEDED(hr) && !pSDAttributeInfo)
  405. {
  406. hr = E_FAIL;
  407. }
  408. }
  410. if( SUCCEEDED(hr) )
  411. {
  412. if((ADSTYPE_NT_SECURITY_DESCRIPTOR == pSDAttributeInfo->dwADsType) &&
  413. (ADSTYPE_NT_SECURITY_DESCRIPTOR == pSDAttributeInfo->pADsValues->dwType))
  414. {
  415. *ppSD = (PSECURITY_DESCRIPTOR)LocalAlloc(LPTR, pSDAttributeInfo->pADsValues->SecurityDescriptor.dwLength);
  416. if (!*ppSD)
  417. {
  418. hr = E_OUTOFMEMORY;
  419. }
  420. }
  421. else
  422. {
  423. hr = E_FAIL;
  424. }
  425. }
  427. if( SUCCEEDED(hr) )
  428. {
  429. CopyMemory( *ppSD, pSDAttributeInfo->pADsValues->SecurityDescriptor.lpValue, pSDAttributeInfo->pADsValues->SecurityDescriptor.dwLength );
  431. if( ppDACL )
  432. {
  433. BOOL bDaclPresent,bDaclDeafulted;
  434. if( !GetSecurityDescriptorDacl(*ppSD, &bDaclPresent, ppDACL, &bDaclDeafulted) )
  435. {
  436. DWORD dwErr = GetLastError();
  437. hr = HRESULT_FROM_WIN32(dwErr);
  438. }
  439. }
  440. }
  442. if( pSDAttributeInfo )
  443. {
  444. FreeADsMem( pSDAttributeInfo );
  445. }
  447. if( FAILED(hr) )
  448. {
  449. if(*ppSD)
  450. {
  451. LocalFree(*ppSD);
  452. *ppSD = NULL;
  453. if(ppDACL)
  454. *ppDACL = NULL;
  455. }
  456. }
  458. return hr;
  459. }
  461. //+---------------------------------------------------------------------------
  462. //
  463. // Function: GetSDForDsObjectPath
  464. // Synopsis: Reads the security descriptor from the specied DS object
  465. // It only reads the DACL portion of the security descriptor
  466. //
  467. // Arguments: [IN pszObjectPath] -- LDAP Path of ds object
  468. // [ppDACL] --pointer to dacl in ppSD is returned here
  469. // [OUT ppSD] -- Security descriptor returned here.
  470. // calling API must free this by calling LocalFree
  471. //
  472. // Notes: The returned security descriptor must be freed with LocalFree
  473. //
  474. //----------------------------------------------------------------------------
  475. inline HRESULT GetSDForDsObjectPath( LPCWSTR pszObjectPath, PACL* ppDACL, PSECURITY_DESCRIPTOR* ppSecurityDescriptor )
  476. {
  477. if(!pszObjectPath || !ppSecurityDescriptor) return E_POINTER;
  479. CComPtr<IDirectoryObject> spDsObject = NULL;
  480. HRESULT hr = ADsGetObject(pszObjectPath, IID_IDirectoryObject,(void**)&spDsObject);
  481. if(SUCCEEDED(hr))
  482. {
  483. hr = GetSDForDsObject( spDsObject, ppDACL, ppSecurityDescriptor );
  484. }
  486. return hr;
  487. }
  489. //+---------------------------------------------------------------------------
  490. //
  491. // Function: SetDaclForDsObject
  492. // Synopsis: Sets the the DACL for the specified DS object
  493. //
  494. // Arguments: [IN pDsObject] -- ds object
  495. // [IN pDACL] --pointer to dacl to be set
  496. //
  497. //----------------------------------------------------------------------------
  498. inline HRESULT SetDaclForDsObject( IDirectoryObject* pDsObject, PACL pDACL )
  499. {
  500. if(!pDsObject || !pDACL) return E_POINTER;
  502. WCHAR const c_szSDProperty[] = L"nTSecurityDescriptor";
  503. PSECURITY_DESCRIPTOR pSD = NULL;
  504. PSECURITY_DESCRIPTOR pSDCurrent = NULL;
  505. HRESULT hr = S_OK;
  507. //Get the current SD for the object
  508. hr = GetSDForDsObject(pDsObject,NULL,&pSDCurrent);
  510. //Get the control for the current security descriptor
  511. SECURITY_DESCRIPTOR_CONTROL currentControl;
  512. DWORD dwRevision = 0;
  513. if( SUCCEEDED(hr) )
  514. {
  515. if( !GetSecurityDescriptorControl(pSDCurrent, &currentControl, &dwRevision) )
  516. {
  517. DWORD dwErr = GetLastError();
  518. hr = HRESULT_FROM_WIN32(dwErr);
  519. }
  520. }
  522. if( SUCCEEDED(hr) )
  523. {
  524. //Allocate the buffer for Security Descriptor
  525. pSD = (PSECURITY_DESCRIPTOR)LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH + pDACL->AclSize);
  526. if(!pSD)
  527. {
  528. hr = E_OUTOFMEMORY;
  529. }
  530. }
  532. if( SUCCEEDED(hr) )
  533. {
  534. if(!InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION))
  535. {
  536. DWORD dwErr = GetLastError();
  537. hr = HRESULT_FROM_WIN32(dwErr);
  538. }
  539. }
  541. if( SUCCEEDED(hr) )
  542. {
  543. PISECURITY_DESCRIPTOR pISD = (PISECURITY_DESCRIPTOR)pSD;
  545. //
  546. // Finally, build the security descriptor
  547. //
  548. pISD->Control |= SE_DACL_PRESENT | SE_DACL_AUTO_INHERIT_REQ | (currentControl & (SE_DACL_PROTECTED | SE_DACL_AUTO_INHERITED));
  550. if (pDACL->AclSize > 0)
  551. {
  552. pISD->Dacl = (PACL)(pISD + 1);
  553. CopyMemory(pISD->Dacl, pDACL, pDACL->AclSize);
  554. }
  556. // We are only setting DACL information
  557. hr = SetSecInfoMask(pDsObject, DACL_SECURITY_INFORMATION);
  558. }
  560. SECURITY_DESCRIPTOR_CONTROL sdControl = 0;
  561. if( SUCCEEDED(hr) )
  562. {
  563. //
  564. // If necessary, make a self-relative copy of the security descriptor
  565. //
  566. if(!GetSecurityDescriptorControl(pSD, &sdControl, &dwRevision))
  567. {
  568. DWORD dwErr = GetLastError();
  569. hr = HRESULT_FROM_WIN32(dwErr);
  570. }
  571. }
  573. DWORD dwSDLength = 0;
  574. if( SUCCEEDED(hr) )
  575. {
  576. // Need the total size
  577. dwSDLength = GetSecurityDescriptorLength(pSD);
  579. if (!(sdControl & SE_SELF_RELATIVE))
  580. {
  581. PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR)LocalAlloc(LPTR, dwSDLength);
  583. if (psd == NULL || !MakeSelfRelativeSD(pSD, psd, &dwSDLength))
  584. {
  585. DWORD dwErr = GetLastError();
  586. hr = HRESULT_FROM_WIN32(dwErr);
  587. }
  589. // Point to the self-relative copy
  590. LocalFree(pSD);
  591. pSD = psd;
  592. }
  593. }
  595. if( SUCCEEDED(hr) )
  596. {
  597. ADSVALUE attributeValue;
  598. attributeValue.dwType = ADSTYPE_NT_SECURITY_DESCRIPTOR;
  599. attributeValue.SecurityDescriptor.dwLength = dwSDLength;
  600. attributeValue.SecurityDescriptor.lpValue = (LPBYTE)pSD;
  602. ADS_ATTR_INFO attributeInfo;
  603. attributeInfo.pszAttrName = (LPWSTR)c_szSDProperty;
  604. attributeInfo.dwControlCode = ADS_ATTR_UPDATE;
  605. attributeInfo.dwADsType = ADSTYPE_NT_SECURITY_DESCRIPTOR;
  606. attributeInfo.pADsValues = &attributeValue;
  607. attributeInfo.dwNumValues = 1;
  609. // Write the security descriptor
  610. DWORD dwAttributesModified;
  611. hr = pDsObject->SetObjectAttributes(&attributeInfo, 1, &dwAttributesModified);
  612. }
  614. if(pSDCurrent)
  615. {
  616. LocalFree(pSDCurrent);
  617. }
  619. if(pSD)
  620. {
  621. LocalFree(pSD);
  622. }
  624. return S_OK;
  625. }
  627. inline HRESULT SetDaclForDsObjectPath( LPCWSTR pszObjectPath, PACL pDACL )
  628. {
  629. // VAlidate the parameters
  630. if(!pszObjectPath || !pDACL) return E_POINTER;
  632. // Get the object and then pass it on to the helper function
  633. CComPtr<IDirectoryObject> spDsObject = NULL;
  634. HRESULT hr = ADsGetObject( pszObjectPath, IID_IDirectoryObject, (void**)&spDsObject );
  635. if( SUCCEEDED(hr) )
  636. {
  637. hr = SetDaclForDsObject( spDsObject, pDACL );
  638. }
  640. return hr;
  641. }
  643. #endif // _AUSRUTIL_H