archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/admin/snapin/filemgmt/lsastuff.cpp

462 lines
12 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. // LsaStuff.cpp
  2. //
  3. // LSA-dependent code
  4. //
  5. // HISTORY
  6. // 09-Jul-97 jonn Creation.
  7. //
  9. #include "stdafx.h"
  10. #include "DynamLnk.h" // DynamicDLL
  12. extern "C"
  13. {
  14. #define NTSTATUS LONG
  15. #define PNTSTATUS NTSTATUS*
  16. #define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)
  17. #define SE_SHUTDOWN_PRIVILEGE (19L)
  19. // stuff taken from ntdef.h
  20. typedef struct _UNICODE_STRING {
  21. USHORT Length;
  22. USHORT MaximumLength;
  23. #ifdef MIDL_PASS
  24. [size_is(MaximumLength / 2), length_is((Length) / 2) ] USHORT * Buffer;
  25. #else // MIDL_PASS
  26. PWSTR Buffer;
  27. #endif // MIDL_PASS
  28. } UNICODE_STRING;
  29. typedef UNICODE_STRING *PUNICODE_STRING;
  31. #include <ntlsa.h>
  32. #define _NTDEF_
  34. typedef struct _OBJECT_ATTRIBUTES {
  35. ULONG Length;
  36. HANDLE RootDirectory;
  37. PUNICODE_STRING ObjectName;
  38. ULONG Attributes;
  39. PVOID SecurityDescriptor; // Points to type SECURITY_DESCRIPTOR
  40. PVOID SecurityQualityOfService; // Points to type SECURITY_QUALITY_OF_SERVICE
  41. } OBJECT_ATTRIBUTES;
  42. typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES;
  43. #define InitializeObjectAttributes( p, n, a, r, s ) { \
  44. (p)->Length = sizeof( OBJECT_ATTRIBUTES ); \
  45. (p)->RootDirectory = r; \
  46. (p)->Attributes = a; \
  47. (p)->ObjectName = n; \
  48. (p)->SecurityDescriptor = s; \
  49. (p)->SecurityQualityOfService = NULL; \
  50. }
  51. #define _NTDEF
  53. // from ntstatus.h
  54. #define STATUS_OBJECT_NAME_NOT_FOUND ((NTSTATUS)0xC0000034L)
  56. #include <lmaccess.h>
  57. }
  60. #ifdef _DEBUG
  61. #define new DEBUG_NEW
  62. #undef THIS_FILE
  63. static char THIS_FILE[] = __FILE__;
  64. #endif
  67. typedef enum _Netapi32ApiIndex
  68. {
  69. BUFFERFREE_ENUM = 0,
  70. USERMODALSGET_ENUM
  71. };
  73. // not subject to localization
  74. static LPCSTR g_apchNetapi32FunctionNames[] = {
  75. "NetApiBufferFree",
  76. "NetUserModalsGet",
  77. NULL
  78. };
  80. typedef NET_API_STATUS (*BUFFERFREEPROC)(LPVOID);
  81. typedef NET_API_STATUS (*USERMODALSGETPROC)(LPCWSTR, DWORD, LPBYTE*);
  83. // not subject to localization
  84. DynamicDLL g_LSASTUFF_Netapi32DLL( _T("NETAPI32.DLL"), g_apchNetapi32FunctionNames );
  88. /*******************************************************************
  90. NAME: ::FillUnicodeString
  92. SYNOPSIS: Standalone method for filling in a UNICODE_STRING
  94. ENTRY: punistr - Unicode string to be filled in.
  95. nls - Source for filling the unistr
  97. EXIT:
  99. NOTES: punistr->Buffer is allocated here and must be deallocated
  100. by the caller using FreeUnicodeString.
  102. HISTORY:
  103. jonn 07/09/97 copied from net\ui\common\src\lmobj\lmobj\uintmem.cxx
  105. ********************************************************************/
  106. VOID FillUnicodeString( LSA_UNICODE_STRING * punistr, LPCWSTR psz )
  107. {
  108. if ( NULL == punistr || NULL == psz )
  109. {
  110. ASSERT(FALSE);
  111. return;
  112. }
  113. size_t cTchar = ::wcslen(psz);
  114. punistr->Buffer = new WCHAR[cTchar + 1];
  115. ASSERT( NULL != punistr->Buffer );
  116. if ( NULL != punistr->Buffer )
  117. {
  118. ::wcscpy( punistr->Buffer, psz );
  119. // Length and MaximumLength are counts of bytes.
  120. punistr->Length = (USHORT)(cTchar * sizeof(WCHAR));
  121. punistr->MaximumLength = punistr->Length + sizeof(WCHAR);
  122. }
  123. else
  124. ::ZeroMemory( punistr, sizeof(*punistr) );
  125. }
  127. /*******************************************************************
  129. NAME: ::FreeUnicodeString
  131. SYNOPSIS: Standalone method for freeing in a UNICODE_STRING
  133. ENTRY: unistr - Unicode string whose Buffer is to be freed.
  135. EXIT:
  137. HISTORY:
  138. jonn 07/09/97 copied from net\ui\common\src\lmobj\lmobj\uintmem.cxx
  140. ********************************************************************/
  141. VOID FreeUnicodeString( LSA_UNICODE_STRING * punistr )
  142. {
  143. if ( punistr && punistr->Buffer )
  144. {
  145. delete punistr->Buffer;
  146. ::ZeroMemory( punistr, sizeof(*punistr) );
  147. }
  148. }
  152. /*******************************************************************
  154. NAME: InitObjectAttributes
  156. SYNOPSIS:
  158. This function initializes the given Object Attributes structure, including
  159. Security Quality Of Service. Memory must be allcated for both
  160. ObjectAttributes and Security QOS by the caller.
  162. ENTRY:
  164. poa - Pointer to Object Attributes to be initialized.
  166. psqos - Pointer to Security QOS to be initialized.
  168. EXIT:
  170. NOTES:
  172. HISTORY:
  173. jonn 07/09/97 copied from net\ui\common\src\lmobj\lmobj\uintlsa.cxx
  175. ********************************************************************/
  176. VOID InitObjectAttributes( PLSA_OBJECT_ATTRIBUTES poa,
  177. PSECURITY_QUALITY_OF_SERVICE psqos )
  179. {
  180. ASSERT( poa != NULL );
  181. ASSERT( psqos != NULL );
  183. psqos->Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
  184. psqos->ImpersonationLevel = SecurityImpersonation;
  185. psqos->ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
  186. psqos->EffectiveOnly = FALSE;
  188. //
  189. // Set up the object attributes prior to opening the LSA.
  190. //
  192. InitializeObjectAttributes(
  193. poa,
  194. NULL,
  195. 0L,
  196. NULL,
  197. NULL );
  199. //
  200. // The InitializeObjectAttributes macro presently stores NULL for
  201. // the psqos field, so we must manually copy that
  202. // structure for now.
  203. //
  205. poa->SecurityQualityOfService = psqos;
  206. }
  209. BOOL
  210. I_CheckLSAAccount( LSA_UNICODE_STRING* punistrServerName,
  211. LPCTSTR pszLogOnAccountName,
  212. DWORD* pdwMsgID ) // *pdsMsgID is always set if this fails
  213. {
  214. ASSERT( NULL != pdwMsgID );
  216. BOOL fSuccess = FALSE;
  217. LSA_HANDLE hlsa = NULL;
  218. LSA_HANDLE hlsaAccount = NULL;
  219. PSID psidAccount = NULL;
  221. do { // false loop
  223. //
  224. // Determine whether the target machine is a BDC, and if so, get the PDC
  225. //
  227. // if an error occurs now, it is a read error
  228. *pdwMsgID = IDS_LSAERR_READ_FAILED;
  230. //
  231. // Get LSA_POLICY handle
  232. //
  233. LSA_OBJECT_ATTRIBUTES oa;
  234. SECURITY_QUALITY_OF_SERVICE sqos;
  235. InitObjectAttributes( &oa, &sqos );
  237. // 563140-2002/03/04 JonN POLICY_ALL_ACCESS was too much authority.
  238. // LsaLookupNames only requires POLICY_LOOKUP_NAMES.
  239. // LsaOpenAccount requres no rights (MarkPu).
  240. // LsaCreateAccount requires POLICY_CREATE_ACCOUNT (MarkPu).
  241. NTSTATUS ntstatus = ::LsaOpenPolicy(
  242. punistrServerName,
  243. &oa,
  244. POLICY_LOOKUP_NAMES | POLICY_CREATE_ACCOUNT,
  245. &hlsa );
  246. if ( !NT_SUCCESS(ntstatus) )
  247. break;
  249. //
  250. // Remove ".\" or "thismachine\" from the head of the account name if it is present
  251. //
  252. CString strAccountName = pszLogOnAccountName;
  253. int iBackslash = strAccountName.Find( _T('\\') );
  254. if ( -1 < iBackslash )
  255. {
  256. CString strPrefix = strAccountName.Left(iBackslash);
  257. if ( !lstrcmp(strPrefix, _T(".")) || IsLocalComputername(strPrefix) )
  258. {
  259. strAccountName = strAccountName.Mid(iBackslash+1);
  260. }
  261. }
  263. //
  264. // determine the SID of the account
  265. //
  266. PLSA_REFERENCED_DOMAIN_LIST plsardl = NULL;
  267. PLSA_TRANSLATED_SID plsasid = NULL;
  268. LSA_UNICODE_STRING unistrAccountName;
  269. ::FillUnicodeString( &unistrAccountName, strAccountName );
  270. ntstatus = ::LsaLookupNames(
  271. hlsa,
  272. 1,
  273. &unistrAccountName,
  274. &plsardl,
  275. &plsasid );
  276. ::FreeUnicodeString( &unistrAccountName );
  277. if ( !NT_SUCCESS(ntstatus) )
  278. break;
  279. if ( !plsardl || !plsasid || !plsardl->Domains[0].Sid )
  280. {
  281. ASSERT(FALSE);
  282. ntstatus = E_FAIL;
  283. break;
  284. }
  286. // ISSUE-2002-03-04-JonN There is a potential issue here
  287. // if LsaLookupNames returns an invalid SID. This is a fairly
  288. // remote risk however.
  290. //
  291. // Build the SID of the account by taking the SID of the domain
  292. // and adding at the end the RID of the account
  293. //
  294. PSID psidDomain = plsardl->Domains[0].Sid;
  295. DWORD ridAccount = plsasid[0].RelativeId;
  296. DWORD cbNewSid = ::GetLengthSid(psidDomain)+sizeof(ridAccount);
  297. psidAccount = (PSID) new BYTE[cbNewSid];
  298. ASSERT( NULL != psidAccount );
  299. (void) ::CopySid( cbNewSid, psidAccount, psidDomain );
  300. UCHAR* pcSubAuthorities = ::GetSidSubAuthorityCount( psidAccount ) ;
  301. (*pcSubAuthorities)++;
  302. DWORD* pdwSubAuthority = ::GetSidSubAuthority(
  303. psidAccount, (*pcSubAuthorities)-1 );
  304. *pdwSubAuthority = ridAccount;
  306. (void) ::LsaFreeMemory( plsardl );
  307. (void) ::LsaFreeMemory( plsasid );
  309. // 563140-2002/04/08 JonN POLICY_ALL_ACCESS | DELETE was too much authority.
  310. // CliffV says:
  311. // LsaGetSystemAccessAccount only requires ACCOUNT_VIEW.
  312. // LsaSetSystemAccessAccount only requires ACCOUNT_ADJUST_SYSTEM_ACCESS.
  314. //
  315. // Determine whether this LSA account exists, create it if not
  316. //
  317. ntstatus = ::LsaOpenAccount( hlsa,
  318. psidAccount,
  319. ACCOUNT_VIEW | ACCOUNT_ADJUST_SYSTEM_ACCESS,
  320. &hlsaAccount );
  321. ULONG ulSystemAccessCurrent = 0;
  322. if (STATUS_OBJECT_NAME_NOT_FOUND == ntstatus)
  323. {
  324. // handle account-not-found case
  326. // if an error occurs now, it is a write error
  327. *pdwMsgID = IDS_LSAERR_WRITE_FAILED;
  328. ntstatus = ::LsaCreateAccount( hlsa,
  329. psidAccount,
  330. ACCOUNT_ADJUST_SYSTEM_ACCESS,
  331. &hlsaAccount );
  332. // 4/8/02 JonN: CliffV confirms that the account is created without any privileges
  333. }
  334. else
  335. {
  336. ntstatus = ::LsaGetSystemAccessAccount( hlsaAccount, &ulSystemAccessCurrent );
  337. }
  338. if ( !NT_SUCCESS(ntstatus) )
  339. break;
  341. //
  342. // Determine whether this LSA account has POLICY_MODE_SERVICE privilege,
  343. // grant it if not
  344. //
  345. if ( POLICY_MODE_SERVICE != (ulSystemAccessCurrent & POLICY_MODE_SERVICE ) )
  346. {
  347. // if an error occurs now, it is a write error
  348. *pdwMsgID = IDS_LSAERR_WRITE_FAILED;
  350. ntstatus = ::LsaSetSystemAccessAccount(
  351. hlsaAccount,
  352. ulSystemAccessCurrent | POLICY_MODE_SERVICE );
  353. if ( !NT_SUCCESS(ntstatus) )
  354. break; // CODEWORK could check for STATUS_BACKUP_CONTROLLER
  356. // display the write-succeeded message
  357. *pdwMsgID = IDS_LSAERR_WRITE_SUCCEEDED;
  358. }
  359. else
  360. {
  361. *pdwMsgID = 0;
  362. }
  364. fSuccess = TRUE;
  366. } while (FALSE); // false loop
  368. // CODEWORK should check for special error code for NT5 non-DC
  369. // using local policy object
  371. if (NULL != hlsa)
  372. {
  373. ::LsaClose( hlsa );
  374. }
  375. if (NULL != hlsaAccount)
  376. {
  377. ::LsaClose( hlsaAccount );
  378. }
  379. if (NULL != psidAccount)
  380. {
  381. delete[] psidAccount;
  382. }
  384. return fSuccess;
  386. } // I_CheckLSAAccount()
  388. /////////////////////////////////////////////////////////////////////
  389. // FCheckLSAAccount()
  390. //
  391. VOID
  392. CServicePropertyData::FCheckLSAAccount()
  393. {
  394. LSA_UNICODE_STRING unistrServerName;
  395. PLSA_UNICODE_STRING punistrServerName = NULL ;
  396. USER_MODALS_INFO_1* pum1 = NULL;
  397. DWORD dwMsgID = 0;
  399. TRACE1("INFO: Checking LSA permissions for account %s...\n",
  400. (LPCTSTR)m_strLogOnAccountName);
  402. if ( !m_strMachineName.IsEmpty() )
  403. {
  404. ::FillUnicodeString( &unistrServerName, m_strMachineName );
  405. punistrServerName = &unistrServerName;
  406. }
  408. do // false loop
  409. {
  410. // check on the local machine
  411. // this will always set dwMsgID if it fails
  412. if (I_CheckLSAAccount(punistrServerName, m_strLogOnAccountName, &dwMsgID))
  413. break; // this succeeded, we can stop now
  415. // check whether this is a Backup Domain Controller
  416. if ( !g_LSASTUFF_Netapi32DLL.LoadFunctionPointers() )
  417. {
  418. ASSERT(FALSE);
  419. return;
  420. }
  421. DWORD err = ((USERMODALSGETPROC)g_LSASTUFF_Netapi32DLL[USERMODALSGET_ENUM])(
  422. (m_strMachineName.IsEmpty()) ? NULL : const_cast<LPTSTR>((LPCTSTR)m_strMachineName),
  423. 1,
  424. reinterpret_cast<LPBYTE*>(&pum1) );
  425. if (NERR_Success != err)
  426. break;
  427. ASSERT( NULL != pum1 );
  428. if (UAS_ROLE_BACKUP != pum1->usrmod1_role)
  429. break; // not a backup controller
  430. if (NULL == pum1->usrmod1_primary )
  431. {
  432. ASSERT(FALSE);
  433. break;
  434. }
  436. // Try it on the PDC
  437. (void) I_CheckLSAAccount(punistrServerName, pum1->usrmod1_primary, &dwMsgID);
  439. } while (FALSE); // false loop
  441. if ( NULL != punistrServerName )
  442. {
  443. ::FreeUnicodeString( punistrServerName );
  444. }
  446. if ( NULL != pum1 )
  447. {
  448. if ( !g_LSASTUFF_Netapi32DLL.LoadFunctionPointers() )
  449. {
  450. ASSERT(FALSE);
  451. return;
  452. }
  454. ((BUFFERFREEPROC)g_LSASTUFF_Netapi32DLL[BUFFERFREE_ENUM])( pum1 );
  455. }
  457. if (0 != dwMsgID)
  458. {
  459. DoServicesErrMsgBox( GetActiveWindow(), MB_OK | MB_ICONEXCLAMATION, 0, dwMsgID, (LPCTSTR)m_strLogOnAccountName );
  460. }
  462. } // FCheckLSAAccount()