archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/enduser/sakit/sak/plugins/usergroup/script/inc_usersngroups.asp

365 lines
12 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. <%
  4. '-------------------------------------------------------------------------
  5. ' inc_usersngroups.asp: Some common functions in groups & users pages
  6. '
  7. ' Copyright (c) Microsoft Corporation. All rights reserved.
  8. '
  9. ' Date Description
  10. ' 04/08/2000 Creation date
  11. '-------------------------------------------------------------------------
  12. Const CONST_FULLCONROL = &H1F01FF
  14. ' Default home directory
  15. Dim CONST_DEFAULTHOMEDIR
  17. ' Key name for Users and Groups
  18. Const CONST_USERGROUP_KEYNAME = "SoftWare\Microsoft\ServerAppliance\UserGroup"
  20. ' Default home directory optional defined by OEM
  21. Const CONST_USERDIR_VALUENAME = "UserDir"
  23. ' Return value of CreateHomeDirectory
  24. Const CONST_CREATDIRECTORY_ERROR = 0
  25. Const CONST_CREATDIRECTORY_EXIST = 1
  26. Const CONST_CREATDIRECTORY_SUCCESS = 2
  28. CONST_DEFAULTHOMEDIR = GetSystemDrive() & "\Users\"
  30. '---------------------------------------------------------------------
  31. ' Function name: isValidMember
  32. ' Description: checks the validity of the user in WiNT name space
  33. ' Input Variables: User name
  34. ' Output Variables: None
  35. ' Returns: True if User path exists in Winnt space else false
  36. '---------------------------------------------------------------------
  37. Function isValidMember(strMember, ByVal sAdminID, ByVal sAdminPSW, ByRef errorCode)
  38. on error resume next
  39. Err.Clear
  41. Dim objTemp
  42. Dim objPath
  44. objPath = "WinNT://" + strMember + ",user"
  45. set objTemp = GetObject(objPath)
  46. errorCode = Err.Number
  48. 'If it's not a valid user, check whether it's a valid group
  49. if errorCode <> 0 then
  50. Err.Clear
  51. objPath = "WinNT://" + strMember
  52. set objTemp = GetObject(objPath)
  53. errorCode = Err.Number
  55. If errorCode <> 0 Then
  57. ' If it's neither a valid user nor a group, check if it's a valid domain member
  58. If IsValidDomainMember( strMember, sAdminID, sAdminPSW, errorCode) Then
  59. isValidMember = true
  60. Exit Function
  61. End If
  62. isValidMember = false
  63. SA_TraceOut "Inc_UsersNGroups", "IsValidMember(" + objPath + ") failed: " + CStr(Hex(errorCode))
  64. Else
  65. isValidMember = true
  66. End If
  67. else
  68. isValidMember = true
  69. end if
  70. End FUnction
  73. Function IsValidDomainMember(ByVal sDomainUser, ByVal sAdminID, ByVal sAdminPSW, ByRef errorCode)
  75. Dim objComputer
  76. Dim objUser
  77. Dim sDomainUserPath
  79. On Error Resume Next
  80. Err.Clear
  82. 'SA_TraceOut "IsValidDomainMember", "Domain User: " + sDomainUser + " AdminID: " + sAdminID
  84. Set objComputer = GetObject("WinNT:")
  86. sDomainUserPath = "WinNT://" + sDomainUser + ",user"
  87. Set objUser = objComputer.OpenDSObject(sDomainUserPath, sAdminID, sAdminPSW, 1 )
  89. 'If it's not a valid domain user, check whether it's a valid domain group
  90. If ( Err.Number <> 0 ) Then
  92. errorCode = Err.Number
  93. Err.Clear
  94. sDomainUserPath = "WinNT://" + sDomainUser
  95. Set objUser = objComputer.OpenDSObject(sDomainUserPath, sAdminID, sAdminPSW, 1 )
  97. ' If it's neither a valid domain user nor a domain group, it's invalid input
  98. If ( Err.Number <> 0 ) Then
  99. errorCode = Err.Number
  100. SA_TraceOut "IsValidDomainMember", "objComputer.OpenDSObject failed: " + CStr(Hex(errorCode)) + " : " + Err.Description
  101. IsValidDomainMember = FALSE
  102. Else
  103. errorCode = 0
  104. IsValidDomainMember = TRUE
  105. End If
  106. Else
  107. errorCode = 0
  108. IsValidDomainMember = TRUE
  109. End If
  111. Set objUser = nothing
  112. Set objComputer = nothing
  113. End Function
  116. Function AddUserToGroup(ByVal sGroup, ByVal sUser, ByVal sAdminID, ByVal sAdminPSW)
  118. Dim objComputer
  119. Dim objGroup
  120. Dim objUser
  122. On Error Resume Next
  123. Err.Clear
  125. 'SA_TraceOut "AddUserToGroup", "Group: " + sGroup + " User: " + sUser + " AdminID: " + sAdminID
  127. Set objComputer = GetObject("WinNT:")
  129. Set objGroup = objComputer.OpenDSObject("WinNT://" + GetComputerName() + "/" + sGroup,_
  130. sAdminID, sAdminPSW, 1 )
  131. If ( Err.Number <> 0 ) Then
  132. SA_TraceOut "AddUserToGroup", "objComputer.OpenDSObject failed: " + CStr(Hex(Err.Number)) + " : " + Err.Description
  133. SA_TraceOut "AddUserToGrop", "Attempted to open: " +"WinNT://" + GetComputerName() + "/" + sGroup
  134. AddUserToGroup = FALSE
  135. Exit Function
  136. End If
  138. objGroup.Add( "WinNT://" + sUser )
  139. If ( Err.Number <> 0 ) Then
  140. SA_TraceOut "AddUserToGroup", "objGroup.Add failed: " + CStr(Hex(Err.Number)) + " : " + Err.Description
  141. AddUserToGroup = FALSE
  142. Set objComputer = nothing
  143. Set objGroup = nothing
  144. Exit Function
  145. End If
  147. objGroup.SetInfo
  148. If ( Err.Number <> 0 ) Then
  149. SA_TraceOut "AddUserToGroup", "objGroup.SetInfo failed: " + CStr(Hex(Err.Number)) + " : " + Err.Description
  150. AddUserToGroup = FALSE
  151. Set objComputer = nothing
  152. Set objGroup = nothing
  153. Exit Function
  154. End If
  156. Set objComputer = nothing
  157. Set objGroup = nothing
  158. AddUserToGroup = TRUE
  160. End Function
  162. Function CreateHomeDirectory( ByVal strHomeDirectory, ByRef ObjFolder)
  163. Err.Clear
  164. On Error Resume Next
  166. CreateHomeDirectory= CONST_CREATDIRECTORY_ERROR
  168. If ( ObjFolder.FolderExists( strHomeDirectory ) ) Then
  169. Call SA_TraceOut("inc_userngroups", "Folder exist")
  170. CreateHomeDirectory = CONST_CREATDIRECTORY_EXIST
  171. Exit Function
  172. End If
  174. Dim strParentDirectory
  175. Dim endPosition
  177. endPosition = InStrRev( strHomeDirectory, "\" )
  178. If( endPosition = 0 )Then
  179. Call SA_TraceOut("inc_userngroups", "Error home directory" )
  180. Exit Function
  181. End If
  183. strParentDirectory = Left( strHomeDirectory, ( endPosition - 1 ) )
  185. If( CreateHomeDirectory( strParentDirectory, ObjFolder) = CONST_CREATDIRECTORY_ERROR ) Then
  186. Call SA_TraceOut("inc_userngroups", "create parent folder error" )
  187. Exit Function
  188. End If
  190. ObjFolder.CreateFolder( strHomeDirectory )
  191. If Err.Number <> 0 Then
  192. Call SA_TraceOut("inc_userngroups", "Failed to create folder" & "(" & Hex(Err.Number) & ")" )
  193. Exit Function
  194. End If
  196. CreateHomeDirectory = CONST_CREATDIRECTORY_SUCCESS
  197. End Function
  199. Function SetHomeDirectoryPermission( ByVal strComputerName, ByVal strUserName, ByVal strHomeDirectory )
  200. Err.Clear
  201. On Error Resume Next
  203. SetHomeDirectoryPermission = FALSE
  205. Dim objService 'to hold WMI connection object
  206. Dim strTemp 'to hold temp value
  207. Dim objSecSetting 'to hold security setting value
  208. Dim objSecDescriptor 'to hold security descriptor value
  209. Dim strPath 'to hold Path
  210. Dim objDACL 'to hold DACL value
  211. Dim objUserAce
  212. Dim objAdminAce
  213. Dim objSystemAce
  214. Dim retval 'holds return value
  216. Call SA_TraceOut(SA_GetScriptFileName(), "SetHomeDirectoryPermission( " + strComputerName + ", " + strUserName + ", " + strHomeDirectory )
  218. Set objService = getWMIConnection(CONST_WMI_WIN32_NAMESPACE)
  219. objService.security_.impersonationlevel = 3
  221. 'get the sec seting for file
  222. strPath = "Win32_LogicalFileSecuritySetting.Path='" & strHomeDirectory & "'"
  224. set objSecSetting = objService.Get(strPath)
  225. if Err.number <> 0 then
  226. Call SA_TraceOut ("inc_userngroups", "Failed to get Sec object for dir " & "(" & Hex(Err.Number) & ")" )
  227. exit function
  228. end if
  230. 'get the ace's for users
  231. if NOT GetUserAce(objService, strUserName , strComputerName, CONST_FULLCONROL, objUserAce ) then
  232. Call SA_TraceOut ("inc_userngroups", "Failed to get ACE object for user, error:" & "(" & Hex(Err.Number) & ")" )
  233. exit function
  234. end if
  236. 'get the ace's for System account
  237. if NOT GetSystemAce(objService, SA_GetAccount_System() , strComputerName, CONST_FULLCONROL, objSystemAce ) then
  238. Call SA_TraceOut ("inc_userngroups", "Failed to get ACE object for SYSTEM, error:" & "(" & Hex(Err.Number) & ")" )
  239. exit function
  240. end if
  242. 'get the ace's for Administrators
  243. if NOT GetGroupAce(objService, SA_GetAccount_Administrators() , strComputerName, CONST_FULLCONROL, objAdminAce ) then
  244. Call SA_TraceOut ("inc_userngroups", "Failed to get ACE object for Administrators, error:" & "(" & Hex(Err.Number) & ")" )
  245. exit function
  246. end if
  248. Set objSecDescriptor = objService.Get("Win32_SecurityDescriptor").SpawnInstance_()
  249. if Err.Number <> 0 then
  250. Call SA_TraceOut ("inc_userngroups", "Failed to get create the Win32_SecurityDescriptor object " & "(" & Hex(Err.Number) & ")" )
  251. exit function
  252. end if
  254. objSecDescriptor.Properties_.Item("DACL") = Array()
  255. Set objDACL = objSecDescriptor.Properties_.Item("DACL")
  257. objDACL.Value(0) = objUserAce
  258. objDACL.Value(1) = objAdminAce
  259. objDACL.Value(2) = objSystemAce
  261. objSecDescriptor.Properties_.Item("ControlFlags") = 32772
  262. Set objSecDescriptor.Properties_.Item("Owner") = objUserAce.Trustee
  264. Err.Clear
  266. retval = objSecSetting.SetSecurityDescriptor( objSecDescriptor )
  267. if Err.number <> 0 then
  268. Call SA_TraceOut ( "site_new", "Failed to set the Security Descriptor for Root dir " & "(" & Hex(Err.Number) & ")" )
  269. exit function
  270. end if
  272. SetHomeDirectoryPermission = TRUE
  274. 'Release the objects
  275. set objService = nothing
  276. set objSecSetting = nothing
  277. set objSecDescriptor = nothing
  278. End Function
  281. Function GetUserAce(objService, strName, strDomain, nAccessMask, ByRef objACE)
  282. Dim strObjPath 'holds query string
  284. strObjPath = "Win32_UserAccount.Domain=" & chr(34) & strDomain & chr(34) & ",Name=" & chr(34) & strName & chr(34)
  285. Call SA_TraceOut( "inc_userngroups", "GetUserAce : " +strObjPath )
  287. GetUserAce = GetAce(strObjPath, objService, strName, strDomain, nAccessMask, objACE)
  289. End Function
  292. Function GetSystemAce(objService, strName, strDomain, nAccessMask, ByRef objACE)
  293. Dim strObjPath 'holds query string
  295. strObjPath = "Win32_SystemAccount.Domain=" & chr(34) & strDomain & chr(34) & ",Name=" & chr(34) & strName & chr(34)
  296. Call SA_TraceOut( "inc_userngroups", "GetSystemAce : " +strObjPath )
  298. GetSystemAce = GetAce(strObjPath, objService, strName, strDomain, nAccessMask, objACE)
  300. End Function
  303. Function GetGroupAce(objService, strName, strDomain, nAccessMask, ByRef objACE)
  304. Dim strObjPath 'holds query string
  306. strObjPath = "Win32_Group.Domain=" & chr(34) & strDomain & chr(34) & ",Name=" & chr(34) & strName & chr(34)
  307. Call SA_TraceOut( "inc_userngroups", "GetGroupAce : " + strObjPath )
  309. GetGroupAce = GetAce(strObjPath, objService, strName, strDomain, nAccessMask, objACE)
  310. End Function
  313. Function GetAce(strObjPath, objService, strName, strDomain, nAccessMask, ByRef objACE)
  315. Dim objAcct 'holds query result
  316. Dim objSID 'holds security identifier
  317. Dim objTrustee 'holds trustee value
  319. GetAce = FALSE
  321. set objAcct = objService.Get(strObjPath)
  322. if Err.number <> 0 then
  323. Call SA_TraceOut( "inc_userngroups", "Failed to get object " & "(" & Hex(Err.Number) & ")" )
  324. exit function
  325. end if
  328. set objSID = objService.Get("Win32_SID.SID='" & objAcct.SID & "'")
  329. if Err.number <> 0 then
  330. Call SA_TraceOut( "inc_userngroups", "Failed to get Win32_SID Object " & "(" & Hex(Err.Number) & ")" )
  331. exit function
  332. end if
  334. set objTrustee = objService.Get("Win32_Trustee").SpawnInstance_
  335. if Err.number <> 0 then
  336. Call SA_TraceOut( "inc_userngroups", "Failed to get new Instance of Win32_Trustee " & "(" & Hex(Err.Number) & ")" )
  337. exit function
  338. end if
  340. objTrustee.Name = strName
  341. objTrustee.Domain = strDomain
  342. objTrustee.SID = objSID.BinaryRepresentation
  343. objTrustee.SIDString = objSID.SID
  344. objTrustee.SidLength = objSID.SidLength
  345. set objACE = objService.Get("Win32_ACE").SpawnInstance_
  346. if Err.number <> 0 then
  347. Call SA_TraceOut( "inc_userngroups", "Failed to Create Win32_Ace Object " & "(" & Hex(Err.Number) & ")" )
  348. exit function
  349. end if
  351. objACE.AccessMask = nAccessMask
  352. objACE.Aceflags = 3
  353. objACE.AceType = 0
  354. objACE.Trustee = objTrustee
  355. GetAce = TRUE
  358. 'Release objects
  359. set objAcct = nothing
  360. set objSID = nothing
  361. set objTrustee = nothing
  363. End Function
  365. %>