Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

540 lines
12 KiB

  1. //---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 1995
  5. //
  6. // File: cuar.cxx
  7. //
  8. // Contents: Account Restrictions Propset for the User object
  9. //
  10. // History: 11-1-95 krishnag Created.
  11. // 8-5-96 ramv Modified to be consistent with spec
  12. //
  13. //
  14. // PROPERTY_RW(AccountDisabled, boolean, 1) I
  15. // PROPERTY_RW(AccountExpirationDate, DATE, 2) I
  16. // PROPERTY_RO(AccountCanExpire, boolean, 3) I
  17. // PROPERTY_RO(PasswordCanExpire, boolean, 4) I
  18. // PROPERTY_RW(GraceLoginsAllowed, long, 5) NI
  19. // PROPERTY_RW(GraceLoginsRemaining, long, 6) NI
  20. // PROPERTY_RW(IsAccountLocked, boolean, 7) I
  21. // PROPERTY_RW(IsAdmin, boolean, 8) I
  22. // PROPERTY_RW(LoginHours, VARIANT, 9) I
  23. // PROPERTY_RW(LoginWorkstations, VARIANT, 10) I
  24. // PROPERTY_RW(MaxLogins, long, 11) I
  25. // PROPERTY_RW(MaxStorage, long, 12) I
  26. // PROPERTY_RW(PasswordExpirationDate, DATE, 13) I
  27. // PROPERTY_RW(PasswordRequired, boolean, 14) I
  28. // PROPERTY_RW(RequireUniquePassword,boolean, 15) I
  29. //
  30. //
  31. //----------------------------------------------------------------------------
  32. #include "winnt.hxx"
  33. #pragma hdrstop
  34. // Class CWinNTUser
  35. STDMETHODIMP
  36. CWinNTUser::get_AccountDisabled(THIS_ VARIANT_BOOL FAR* retval)
  37. {
  38. HRESULT hr = S_OK;
  39. VARIANT var;
  40. VariantInit(&var);
  41. hr = Get(L"UserFlags", &var);
  42. BAIL_ON_FAILURE(hr);
  43. if (V_I4(&var) & UF_ACCOUNTDISABLE) {
  44. *retval = VARIANT_TRUE;
  45. }else {
  46. *retval = VARIANT_FALSE;
  47. }
  48. error:
  49. RRETURN_EXP_IF_ERR(hr);
  50. }
  51. STDMETHODIMP
  52. CWinNTUser::put_AccountDisabled(THIS_ VARIANT_BOOL fAccountDisabled)
  53. {
  54. HRESULT hr = S_OK;
  55. VARIANT var;
  56. VariantInit(&var);
  57. hr = Get(L"UserFlags", &var);
  58. BAIL_ON_FAILURE(hr);
  59. if (fAccountDisabled == VARIANT_TRUE) {
  60. V_I4(&var) |= UF_ACCOUNTDISABLE;
  61. } else if (fAccountDisabled == VARIANT_FALSE){
  62. V_I4(&var) &= ~UF_ACCOUNTDISABLE;
  63. }else {
  64. BAIL_ON_FAILURE(hr = E_FAIL);
  65. }
  66. hr = Put(L"UserFlags", var);
  67. BAIL_ON_FAILURE(hr);
  68. error:
  69. RRETURN_EXP_IF_ERR(hr);
  70. }
  71. STDMETHODIMP
  72. CWinNTUser::get_AccountExpirationDate(THIS_ DATE FAR* retval)
  73. {
  74. GET_PROPERTY_DATE((IADsUser *)this, AccountExpirationDate);
  75. }
  76. STDMETHODIMP
  77. CWinNTUser::put_AccountExpirationDate(THIS_ DATE daAccountExpirationDate)
  78. {
  79. PUT_PROPERTY_DATE((IADsUser *)this, AccountExpirationDate);
  80. }
  81. STDMETHODIMP
  82. CWinNTUser::get_GraceLoginsAllowed(THIS_ long FAR* retval)
  83. {
  84. GET_PROPERTY_LONG((IADsUser *)this, GraceLoginsAllowed);
  85. }
  86. STDMETHODIMP
  87. CWinNTUser::put_GraceLoginsAllowed(THIS_ long lGraceLoginsAllowed)
  88. {
  89. PUT_PROPERTY_LONG((IADsUser *)this, GraceLoginsAllowed);
  90. }
  91. STDMETHODIMP
  92. CWinNTUser::get_GraceLoginsRemaining(THIS_ long FAR* retval)
  93. {
  94. GET_PROPERTY_LONG((IADsUser *)this, GraceLoginsRemaining);
  95. }
  96. STDMETHODIMP
  97. CWinNTUser::put_GraceLoginsRemaining(THIS_ long lGraceLoginsRemaining)
  98. {
  99. PUT_PROPERTY_LONG((IADsUser *)this, GraceLoginsRemaining);
  100. }
  101. STDMETHODIMP
  102. CWinNTUser::get_IsAccountLocked(THIS_ VARIANT_BOOL FAR* retval)
  103. {
  104. HRESULT hr = S_OK;
  105. DWORD dwUserFlags = 0;
  106. VARIANT var;
  107. if(_fUseCacheForAcctLocked) {
  108. // see comment on _fUseCacheForAcctLocked in cuser.hxx
  109. VariantInit(&var);
  110. hr = Get(L"UserFlags", &var);
  111. BAIL_ON_FAILURE(hr);
  112. if (V_I4(&var) & UF_LOCKOUT) {
  113. *retval = VARIANT_TRUE;
  114. }else {
  115. *retval = VARIANT_FALSE;
  116. }
  117. }
  118. else {
  119. hr = GetUserFlags(&dwUserFlags);
  120. BAIL_ON_FAILURE(hr);
  121. VariantInit(&var);
  122. hr = Get(L"UserFlags", &var);
  123. BAIL_ON_FAILURE(hr);
  124. if (dwUserFlags & UF_LOCKOUT) {
  125. V_I4(&var) |= UF_LOCKOUT;
  126. *retval = VARIANT_TRUE;
  127. }
  128. else {
  129. V_I4(&var) &= ~UF_LOCKOUT;
  130. *retval = VARIANT_FALSE;
  131. }
  132. hr = Put(L"UserFlags", var);
  133. BAIL_ON_FAILURE(hr);
  134. _fUseCacheForAcctLocked = TRUE;
  135. }
  136. error:
  137. RRETURN_EXP_IF_ERR(hr);
  138. }
  139. STDMETHODIMP
  140. CWinNTUser::put_IsAccountLocked(THIS_ VARIANT_BOOL fIsAccountLocked)
  141. {
  142. HRESULT hr = S_OK;
  143. VARIANT var;
  144. VariantInit(&var);
  145. hr = Get(L"UserFlags", &var);
  146. BAIL_ON_FAILURE(hr);
  147. if (fIsAccountLocked == VARIANT_TRUE) {
  148. // only the system can lockout an account. Can't do it using ADSI.
  149. BAIL_ON_FAILURE(hr = E_INVALIDARG);
  150. } else if (fIsAccountLocked == VARIANT_FALSE){
  151. V_I4(&var) &= ~UF_LOCKOUT;
  152. }else {
  153. BAIL_ON_FAILURE(hr = E_FAIL);
  154. }
  155. hr = Put(L"UserFlags", var);
  156. BAIL_ON_FAILURE(hr);
  157. _fUseCacheForAcctLocked = TRUE;
  158. error:
  159. RRETURN_EXP_IF_ERR(hr);
  160. }
  161. STDMETHODIMP
  162. CWinNTUser::get_LoginHours(THIS_ VARIANT FAR* retval)
  163. {
  164. GET_PROPERTY_VARIANT((IADsUser *)this,LoginHours);
  165. }
  166. STDMETHODIMP
  167. CWinNTUser::put_LoginHours(THIS_ VARIANT vLoginHours)
  168. {
  169. PUT_PROPERTY_VARIANT((IADsUser *)this,LoginHours);
  170. }
  171. STDMETHODIMP
  172. CWinNTUser::get_LoginWorkstations(THIS_ VARIANT FAR* retval)
  173. {
  174. GET_PROPERTY_VARIANT((IADsUser *)this,LoginWorkstations);
  175. }
  176. STDMETHODIMP
  177. CWinNTUser::put_LoginWorkstations(THIS_ VARIANT vLoginWorkstations)
  178. {
  179. PUT_PROPERTY_VARIANT((IADsUser *)this,LoginWorkstations);
  180. }
  181. STDMETHODIMP
  182. CWinNTUser::get_MaxLogins(THIS_ long FAR* retval)
  183. {
  184. RRETURN(E_ADS_PROPERTY_NOT_SUPPORTED);
  185. }
  186. STDMETHODIMP
  187. CWinNTUser::put_MaxLogins(THIS_ long lMaxLogins)
  188. {
  189. RRETURN(E_ADS_PROPERTY_NOT_SUPPORTED);
  190. }
  191. STDMETHODIMP
  192. CWinNTUser::get_MaxStorage(THIS_ long FAR* retval)
  193. {
  194. GET_PROPERTY_LONG((IADsUser *)this, MaxStorage);
  195. }
  196. STDMETHODIMP
  197. CWinNTUser::put_MaxStorage(THIS_ long lMaxStorage)
  198. {
  199. PUT_PROPERTY_LONG((IADsUser *)this, MaxStorage);
  200. }
  201. STDMETHODIMP
  202. CWinNTUser::get_PasswordExpirationDate(THIS_ DATE FAR* retval)
  203. {
  204. HRESULT hr = S_OK;
  205. VARIANT var;
  206. SYSTEMTIME SystemTime;
  207. SYSTEMTIME LocalTime;
  208. FILETIME FileTime;
  209. DWORD dwCurrentTime = 0L;
  210. DWORD dwLastMod = 0L;
  211. DWORD dwPasswordAge = 0L;
  212. DWORD dwMaxPasswordAge = 0L;
  213. DWORD dwPasswordExpDate = 0L;
  214. VariantInit(&var);
  215. hr = Get(L"PasswordAge", &var);
  216. BAIL_ON_FAILURE(hr);
  217. dwPasswordAge = V_I4(&var);
  218. VariantInit(&var);
  219. hr = Get(L"MaxPasswordAge", &var);
  220. BAIL_ON_FAILURE(hr);
  221. dwMaxPasswordAge = V_I4(&var);
  222. LARGE_INTEGER Time;
  223. GetSystemTime(&SystemTime);
  224. SystemTimeToFileTime(&SystemTime, &FileTime);
  225. memset(&Time, 0, sizeof(LARGE_INTEGER));
  226. Time.LowPart = FileTime.dwLowDateTime;
  227. Time.HighPart = FileTime.dwHighDateTime
  228. ;
  229. RtlTimeToSecondsSince1970 ((PLARGE_INTEGER)&Time, &dwCurrentTime);
  230. dwLastMod = dwCurrentTime - dwPasswordAge;
  231. if (dwMaxPasswordAge == TIMEQ_FOREVER) {
  232. BAIL_ON_FAILURE(hr = E_ADS_PROPERTY_NOT_FOUND);
  233. }else {
  234. dwPasswordExpDate = dwLastMod + dwMaxPasswordAge;
  235. }
  236. hr = ConvertDWORDtoDATE( dwPasswordExpDate, retval);
  237. error:
  238. RRETURN_EXP_IF_ERR(hr);
  239. }
  240. STDMETHODIMP
  241. CWinNTUser::put_PasswordExpirationDate(THIS_ DATE daPasswordExpirationDate)
  242. {
  243. PUT_PROPERTY_DATE((IADsUser *)this, PasswordExpirationDate);
  244. }
  245. STDMETHODIMP
  246. CWinNTUser::get_PasswordRequired(THIS_ VARIANT_BOOL FAR* retval)
  247. {
  248. HRESULT hr = S_OK;
  249. long lnUserFlags = 0L;
  250. VARIANT var;
  251. VariantInit(&var);
  252. hr = Get(L"UserFlags", &var);
  253. BAIL_ON_FAILURE(hr);
  254. if (V_I4(&var) & UF_PASSWD_NOTREQD) {
  255. *retval = VARIANT_FALSE;
  256. }else {
  257. *retval = VARIANT_TRUE;
  258. }
  259. error:
  260. RRETURN_EXP_IF_ERR(hr);
  261. }
  262. STDMETHODIMP
  263. CWinNTUser::put_PasswordRequired(THIS_ VARIANT_BOOL fPasswordRequired)
  264. {
  265. HRESULT hr = S_OK;
  266. VARIANT var;
  267. VariantInit(&var);
  268. hr = Get(L"UserFlags", &var);
  269. BAIL_ON_FAILURE(hr);
  270. if (fPasswordRequired == VARIANT_TRUE) {
  271. V_I4(&var) &= ~UF_PASSWD_NOTREQD;
  272. } else if (fPasswordRequired == VARIANT_FALSE){
  273. V_I4(&var) |= UF_PASSWD_NOTREQD;
  274. }else {
  275. BAIL_ON_FAILURE(hr = E_FAIL);
  276. }
  277. hr = Put(L"UserFlags", var);
  278. BAIL_ON_FAILURE(hr);
  279. error:
  280. RRETURN_EXP_IF_ERR(hr);
  281. }
  282. STDMETHODIMP
  283. CWinNTUser::get_PasswordMinimumLength(THIS_ LONG FAR* retval)
  284. {
  285. HRESULT hr = S_OK;
  286. VARIANT varTemp;
  287. hr = Get(L"MinPasswordLength", &varTemp);
  288. BAIL_ON_FAILURE(hr);
  289. *retval = V_I4(&varTemp);
  290. error:
  291. RRETURN_EXP_IF_ERR(hr);
  292. }
  293. STDMETHODIMP
  294. CWinNTUser::put_PasswordMinimumLength(THIS_ LONG lPasswordMinimumLength)
  295. {
  296. VARIANT varTemp;
  297. HRESULT hr;
  298. VariantInit(&varTemp);
  299. V_VT(&varTemp) = VT_I4;
  300. V_I4(&varTemp) = lPasswordMinimumLength;
  301. hr = Put(L"MinPasswordLength", varTemp);
  302. RRETURN_EXP_IF_ERR(hr);
  303. }
  304. STDMETHODIMP
  305. CWinNTUser::get_RequireUniquePassword(THIS_ VARIANT_BOOL FAR* retval)
  306. {
  307. GET_PROPERTY_VARIANT_BOOL((IADsUser *)this, RequireUniquePassword);
  308. }
  309. STDMETHODIMP
  310. CWinNTUser::put_RequireUniquePassword(THIS_ VARIANT_BOOL fRequireUniquePassword)
  311. {
  312. PUT_PROPERTY_VARIANT_BOOL((IADsUser *)this, RequireUniquePassword);
  313. }
  314. STDMETHODIMP
  315. CWinNTUser::SetPassword(THIS_ BSTR NewPassword)
  316. {
  317. NET_API_STATUS nasStatus;
  318. LPUSER_INFO_2 lpUserInfo2 = NULL;
  319. HRESULT hr;
  320. WCHAR szHostServerName[MAX_PATH];
  321. DWORD dwParmErr = 0;
  322. WCHAR szBuffer[MAX_PATH];
  323. //
  324. // objects associated with invalid SIDs have neither a
  325. // corresponding server nor domain
  326. //
  327. if ((!_DomainName) && (!_ServerName)) {
  328. BAIL_ON_FAILURE(hr = E_ADS_INVALID_USER_OBJECT);
  329. }
  330. if (GetObjectState() == ADS_OBJECT_UNBOUND) {
  331. // We want to set the password in this case
  332. // This is to allow the creation of users when there
  333. // is a restriction such as new user should have passwd.
  334. hr = setPrivatePassword(NewPassword);
  335. RRETURN(hr);
  336. }
  337. if (_ParentType == WINNT_DOMAIN_ID) {
  338. hr = WinNTGetCachedDCName(
  339. _DomainName,
  340. szHostServerName,
  341. _Credentials.GetFlags()
  342. );
  343. BAIL_ON_FAILURE(hr);
  344. }else {
  345. hr = MakeUncName(
  346. _ServerName,
  347. szHostServerName
  348. );
  349. BAIL_ON_FAILURE(hr);
  350. }
  351. nasStatus = NetUserGetInfo(
  352. szHostServerName,
  353. _Name,
  354. 2,
  355. (LPBYTE *)&lpUserInfo2
  356. );
  357. hr = HRESULT_FROM_WIN32(nasStatus);
  358. BAIL_ON_FAILURE(hr);
  359. lpUserInfo2->usri2_password = NewPassword;
  360. nasStatus = NetUserSetInfo(
  361. szHostServerName,
  362. _Name,
  363. 2,
  364. (LPBYTE)lpUserInfo2,
  365. &dwParmErr
  366. );
  367. hr = HRESULT_FROM_WIN32(nasStatus);
  368. BAIL_ON_FAILURE(hr);
  369. error:
  370. if (lpUserInfo2) {
  371. NetApiBufferFree(lpUserInfo2);
  372. }
  373. RRETURN_EXP_IF_ERR(hr);
  374. }
  375. STDMETHODIMP
  376. CWinNTUser::ChangePassword(THIS_ BSTR bstrOldPassword, BSTR bstrNewPassword)
  377. {
  378. NET_API_STATUS nasStatus;
  379. LPBYTE lpBuffer = NULL;
  380. HRESULT hr;
  381. WCHAR szHostServerName[MAX_PATH];
  382. //
  383. // objects associated with invalid SIDs have neither a
  384. // corresponding server nor domain
  385. //
  386. if ((!_DomainName) && (!_ServerName)) {
  387. BAIL_ON_FAILURE(hr = E_ADS_INVALID_USER_OBJECT);
  388. }
  389. if (_ParentType == WINNT_DOMAIN_ID) {
  390. hr = WinNTGetCachedDCName(
  391. _DomainName,
  392. szHostServerName,
  393. _Credentials.GetFlags()
  394. );
  395. BAIL_ON_FAILURE(hr);
  396. }else {
  397. hr = MakeUncName(
  398. _ServerName,
  399. szHostServerName
  400. );
  401. BAIL_ON_FAILURE(hr);
  402. }
  403. nasStatus = NetUserChangePassword(
  404. szHostServerName,
  405. _Name,
  406. bstrOldPassword,
  407. bstrNewPassword
  408. );
  409. hr = HRESULT_FROM_WIN32(nasStatus);
  410. BAIL_ON_FAILURE(hr);
  411. error:
  412. RRETURN_EXP_IF_ERR(hr);
  413. }