archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/admin/snapin/dsadmin/dssite.cpp

442 lines
15 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Windows NT Directory Service Administration SnapIn
  4. //
  5. // Microsoft Windows
  6. // Copyright (C) Microsoft Corporation, 1992 - 1999
  7. //
  8. // File: dssite.cpp
  9. //
  10. // Contents: DS App
  11. //
  12. // History: 04-nov-99 JeffJon Created
  13. //
  14. //--------------------------------------------------------------------------
  17. #include "stdafx.h"
  18. #include "resource.h"
  20. #include "dsutil.h"
  21. #include "uiutil.h"
  23. #include "dssnap.h"
  25. #include "ntdsapi.h"
  29. #ifdef FIXUPDC
  30. FixupOptionsMsg g_FixupOptionsMsg[NUM_FIXUP_OPTIONS] = {
  31. {DSROLE_DC_FIXUP_ACCOUNT, IDS_FIXUP_ACCOUNT, FALSE},
  32. {DSROLE_DC_FIXUP_ACCOUNT_PASSWORD, IDS_FIXUP_ACCOUNT_PASSWORD, TRUE},
  33. {DSROLE_DC_FIXUP_ACCOUNT_TYPE, IDS_FIXUP_ACCOUNT_TYPE, TRUE},
  34. {DSROLE_DC_FIXUP_TIME_SERVICE, IDS_FIXUP_TIME_SERVICE, FALSE},
  35. {DSROLE_DC_FIXUP_DC_SERVICES, IDS_FIXUP_DC_SERVICES, FALSE},
  36. {DSROLE_DC_FIXUP_FORCE_SYNC, IDS_FIXUP_FORCE_SYNC, TRUE}
  37. };
  38. #endif // FIXUPDC
  40. #ifdef FIXUPDC
  43. // put back in RESOURCE.H if/when this is restored
  44. #define IDD_FIXUP_DC 239
  45. #define IDC_FIXUP_DC_SERVER 265
  46. #define IDC_FIXUP_DC_CHECK0 266
  47. #define IDC_FIXUP_DC_CHECK1 267
  48. #define IDC_FIXUP_DC_CHECK2 268
  49. #define IDC_FIXUP_DC_CHECK3 269
  50. #define IDC_FIXUP_DC_CHECK4 270
  51. #define IDC_FIXUP_DC_CHECK5 271
  52. #define IDM_GEN_TASK_FIXUP_DC 720
  53. #define IDS_FIXUP_ITSELF 721
  54. #define IDS_FIXUP_REPORT_ERROR 722
  55. #define IDS_FIXUP_REPORT_SUCCESS 723
  56. #define IDS_FIXUP_GEN_ERROR 724
  57. #define IDS_FIXUP_ACCOUNT 725
  58. #define IDS_FIXUP_ACCOUNT_PASSWORD 726
  59. #define IDS_FIXUP_ACCOUNT_TYPE 727
  60. #define IDS_FIXUP_TIME_SERVICE 728
  61. #define IDS_FIXUP_DC_SERVICES 729
  62. #define IDS_FIXUP_FORCE_SYNC 730
  63. #define IDS_FIXUP_DC_SELECTION_WARNING 732
  65. // put back in DSSNAP.RC if/when this is restored
  66. IDD_FIXUP_DC DIALOGEX 0, 0, 211, 163
  67. STYLE DS_MODALFRAME | DS_CONTEXTHELP | WS_POPUP | WS_CAPTION | WS_SYSMENU
  68. CAPTION "Repair Domain Controller"
  69. FONT 8, "MS Shell Dlg", 0, 0, 0x1
  70. BEGIN
  71. LTEXT "Repair:",IDC_STATIC,12,14,33,8
  72. EDITTEXT IDC_FIXUP_DC_SERVER,49,14,155,12,ES_AUTOHSCROLL |
  73. ES_READONLY | NOT WS_BORDER
  74. CONTROL "Repair Computer &Account",IDC_FIXUP_DC_CHECK0,"Button",
  75. BS_AUTOCHECKBOX | WS_TABSTOP,18,35,151,10
  76. CONTROL "Repair Computer Account &Password",IDC_FIXUP_DC_CHECK1,
  77. "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,48,151,10
  78. CONTROL "Repair Computer Account &Type",IDC_FIXUP_DC_CHECK2,
  79. "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,61,151,10
  80. CONTROL "&Synchronize Time Service",IDC_FIXUP_DC_CHECK3,"Button",
  81. BS_AUTOCHECKBOX | WS_TABSTOP,18,74,151,10
  82. CONTROL "&Reset Active Directory Services",IDC_FIXUP_DC_CHECK4,
  83. "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,87,151,10
  84. CONTROL "Synchronize Active &Directory",IDC_FIXUP_DC_CHECK5,
  85. "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,100,151,10
  86. DEFPUSHBUTTON "&OK",IDOK,29,143,50,14
  87. PUSHBUTTON "&Cancel",IDCANCEL,108,143,50,14
  88. END
  89. IDM_GEN_TASK_FIXUP_DC "Repair Domain Controller...\nRepair domain controller."
  90. IDS_FIXUP_ITSELF "No other domain controllers in the domain can be contacted. Do you want to repair domain controller %1\nusing its local copy of the directory information?"
  91. IDS_FIXUP_REPORT_ERROR "The following operations succeeded:\n%2\nAn error occurred during the following operation:\n%3\nError:%1"
  92. IDS_FIXUP_REPORT_SUCCESS "The following operations succeeded:\n%1"
  93. IDS_FIXUP_GEN_ERROR "The repair of the domain controller was unsuccessful because:\n%1"
  94. IDS_FIXUP_ACCOUNT "\n Repair Computer Account."
  95. IDS_FIXUP_ACCOUNT_PASSWORD "\n Repair Computer Account Password."
  96. IDS_FIXUP_ACCOUNT_TYPE "\n Repair Computer Account Type."
  97. IDS_FIXUP_TIME_SERVICE "\n Synchronize Time Service."
  98. IDS_FIXUP_DC_SERVICES "\n Reset Active Directory Services."
  99. IDS_FIXUP_FORCE_SYNC "\n Synchronize Active Directory."
  100. IDS_FIXUP_DC_SELECTION_WARNING "Make a selection."
  103. HRESULT CDSComponentData::_FixupDC(LPCWSTR pwszPath)
  104. /*++
  106. Routine Description:
  108. This function calls DsRoleFixDc() API to ssync and fixup
  109. local server against other DCs.
  111. Arguments:
  113. pwszPath: The LDAP Path of the local "server" object.
  114. We use this path to get the object, retrieve the server name
  115. and call the DsRoleFixDc() API.
  117. Return Value:
  119. HRESULT
  121. Report Error to user if any
  123. --*/
  124. {
  125. // ISSUE-2002/04/05-artm Changes to CPasswordDlg impact this block of code.
  126. // I have changed CPasswordDlg class to store the password as an
  127. // encrypted string instead of a clear text string. Since this code is not
  128. // currently compiled and built JonN recommended I do not alter the code
  129. // to compile with the changes.
  130. //
  131. // The items that will need to be changed are:
  132. // a) Using an encrypted string variable to hold password received from
  133. // CPasswordDlg.DoModal().
  134. // b) Access aforementioned password through the accessor methods of
  135. // CPasswordDlg. I have made the member fields private since this is
  136. // the only block of code that is impacted.
  137. // c) When passing the password to DsRoleFixDc() first decrypt the pwd
  138. // to a WCHAR* buffer scoped to the do {...} while() loop. Immediately
  139. // after the call to DsRoleFixDc() call password.DestroyClearTextCopy().
  140. // This will ensure that the clear text copy is correctly zeroed out and
  141. // freed. Scoping the variable to the loop ensures that it will be
  142. // properly cleaned up. WARNING: password.GetClearTextCopy() can return
  143. // null on error (I think mainly from memory allocation failure, but not
  144. // sure). You need to think about if this should be handled, and if so, how.
  145. // d) Since the clear text copy is a WCHAR*, it is probably a good idea to call
  146. // password.Empty() to determine if NULL should be passed for the password.
  147. // e) May need to include a header file.
  148. #pragma message( __FILE__ ": CPasswordDlg class changed to use encrypted passwords. Investigate changes.")
  150. CThemeContextActivator activator;
  152. HRESULT hr = S_OK;
  153. CComPtr<IADs> spIADs;
  155. hr = DSAdminOpenObject(pwszPath,
  156. IID_IADs,
  157. (PVOID *)&spIADs,
  158. TRUE /*bServer*/);
  160. if ( SUCCEEDED(hr) ) {
  161. //
  162. // retrieve the local server name
  163. //
  164. CComVariant var;
  165. hr = spIADs->Get(L"dNSHostName", &var);
  167. if ( SUCCEEDED(hr) )
  168. {
  169. ASSERT((var.vt == VT_BSTR) && var.bstrVal && *(var.bstrVal));
  170. LPWSTR lpszServer = var.bstrVal;
  172. CFixupDC dlgFixupDC;
  173. dlgFixupDC.m_strServer = lpszServer;
  174. if (IDCANCEL == dlgFixupDC.DoModal())
  175. goto cleanup; // user cancelled the fixup process
  177. CWaitCursor wait;
  178. DWORD dwReturn = 0;
  179. BOOL fLocal = FALSE;
  180. CString strAccount = _T(""), strPassword = _T("");
  181. DWORD dwOptions = 0;
  182. ULONG ulCompletedOps = 0, ulFailedOps = 0;
  184. for (int i=0; i<NUM_FIXUP_OPTIONS; i++) {
  185. if (dlgFixupDC.m_bCheck[i])
  186. dwOptions |= g_FixupOptionsMsg[i].dwOption;
  187. }
  189. //
  190. // call DsRoleFixDc() API to ssync and fixup the local server
  191. //
  192. do {
  193. dwReturn = DsRoleFixDc(
  194. lpszServer,
  195. (fLocal ? lpszServer : NULL),
  196. (strAccount.IsEmpty() ? NULL : (LPCWSTR)strAccount),
  197. (strAccount.IsEmpty() ? NULL : (LPCWSTR)strPassword),
  198. dwOptions,
  199. &ulCompletedOps,
  200. &ulFailedOps
  201. );
  203. if (ERROR_NO_SUCH_DOMAIN == dwReturn) {
  204. //
  205. // lpszServer is the only DC found in the domain,
  206. // ask if he wants to ssync and fixup the local server against itself
  207. //
  208. PVOID apv[1] = {(PVOID)lpszServer};
  209. if (IDNO == ReportMessageEx(m_hwnd, IDS_FIXUP_ITSELF, MB_YESNO | MB_ICONWARNING, apv, 1) )
  210. goto cleanup; // user cancelled the fixup process
  212. fLocal = TRUE;
  214. } else if (ERROR_ACCESS_DENIED == dwReturn) {
  215. //
  216. // connection failed
  217. // prompt for username and password
  218. //
  219. CPasswordDlg dlgPassword;
  220. if (IDCANCEL == dlgPassword.DoModal())
  221. goto cleanup; // user cancelled the fixup process
  223. strAccount = dlgPassword.m_strUserName;
  224. strPassword = dlgPassword.m_strPassword;
  226. } else {
  227. // either ERROR_SUCCESS or some other error happened
  228. break;
  229. }
  230. } while (TRUE);
  232. //
  233. // report succeeded/failed operations to user
  234. //
  235. CString strCompletedOps = _T(""), strFailedOps = _T("");
  236. CString strMsg;
  238. for (i=0; i<NUM_FIXUP_OPTIONS; i++) {
  239. if (ulCompletedOps & g_FixupOptionsMsg[i].dwOption) {
  240. strMsg.LoadString(g_FixupOptionsMsg[i].nMsgID);
  241. strCompletedOps += strMsg;
  242. }
  243. if (ulFailedOps & g_FixupOptionsMsg[i].dwOption) {
  244. strMsg.LoadString(g_FixupOptionsMsg[i].nMsgID);
  245. strFailedOps += strMsg;
  246. }
  247. }
  249. PVOID apv[2];
  250. apv[0] = (PVOID)(LPCWSTR)strCompletedOps;
  251. apv[1] = (PVOID)(LPCWSTR)strFailedOps;
  253. if (dwReturn != ERROR_SUCCESS) {
  254. ReportErrorEx(m_hwnd, IDS_FIXUP_REPORT_ERROR, dwReturn,
  255. MB_OK | MB_ICONINFORMATION, apv, 2, 0, FALSE);
  256. } else {
  257. ReportMessageEx(m_hwnd, IDS_FIXUP_REPORT_SUCCESS,
  258. MB_OK | MB_ICONINFORMATION, apv, 1);
  259. }
  260. } // Get()
  261. } // DSAdminOpenObject()
  263. if (FAILED(hr))
  264. ReportErrorEx(m_hwnd, IDS_FIXUP_GEN_ERROR, hr,
  265. MB_OK | MB_ICONINFORMATION, NULL, 0, 0);
  267. cleanup:
  269. return hr;
  270. }
  271. #endif // FIXUPDC
  273. HRESULT CDSComponentData::_RunKCC(LPCWSTR pwszPath)
  274. /*++
  276. Routine Description:
  278. This function calls DsReplicaConsistencyCheck()
  279. to force the KCC to recheck topology immediately.
  281. Arguments:
  283. pwszPath: The LDAP Path of the local "server" object.
  284. We use this path to get the object, retrieve the server name
  285. and call the DsReplicaConsistencyCheck() API.
  287. Return Value:
  289. HRESULT
  291. Report Error to user if any
  293. --*/
  294. {
  295. HRESULT hr = S_OK;
  296. CComPtr<IADs> spIADs;
  297. BOOL fSyncing = FALSE;
  299. CWaitCursor cwait;
  300. CComVariant var;
  301. LPWSTR lpszRunKCCServer = NULL;
  303. do { // false loop
  305. // Bind to "server" object
  306. hr = DSAdminOpenObject(pwszPath,
  307. IID_IADs,
  308. (PVOID *)&spIADs,
  309. TRUE /*bServer*/);
  310. if ( FAILED(hr) )
  311. break;
  313. // retrieve the local server name
  314. hr = spIADs->Get(CComBSTR(L"dNSHostName"), &var);
  315. if ( FAILED(hr) )
  316. break;
  317. if ((var.vt != VT_BSTR) || !(var.bstrVal) || !(*(var.bstrVal)))
  318. {
  319. ASSERT(FALSE);
  320. hr = E_FAIL;
  321. break;
  322. }
  323. lpszRunKCCServer = var.bstrVal;
  325. // now bind to the target DC
  326. Smart_DsHandle shDS;
  327. DWORD dwWinError = DsBind( lpszRunKCCServer, // DomainControllerAddress
  328. NULL, // DnsDomainName
  329. &shDS );
  330. if (ERROR_SUCCESS != dwWinError)
  331. {
  332. hr = HRESULT_FROM_WIN32(dwWinError);
  333. break;
  334. }
  336. // Run the KCC synchronously on this DSA
  337. fSyncing = TRUE;
  338. dwWinError = DsReplicaConsistencyCheck(
  339. shDS,
  340. DS_KCC_TASKID_UPDATE_TOPOLOGY,
  341. 0 ); // synchronous, not DS_KCC_FLAG_ASYNC_OP
  342. if (ERROR_SUCCESS != dwWinError)
  343. {
  344. hr = HRESULT_FROM_WIN32(dwWinError);
  345. break;
  346. }
  348. } while (FALSE); // false loop
  350. if (FAILED(hr))
  351. {
  352. (void) ReportErrorEx( m_hwnd,
  353. (fSyncing) ? IDS_RUN_KCC_1_FORCESYNC_ERROR
  354. : IDS_RUN_KCC_1_PARAMLOAD_ERROR,
  355. hr,
  356. MB_OK | MB_ICONEXCLAMATION,
  357. NULL,
  358. 0,
  359. IDS_RUN_KCC_TITLE );
  360. } else {
  361. // JonN 3/30/00
  362. // 26926: SITEREPL: Add popup after "Check Replication Topology" execution(DSLAB)
  363. LPCWSTR lpcwszDSADMINServer = NULL;
  364. if (NULL != GetBasePathsInfo())
  365. {
  366. lpcwszDSADMINServer = GetBasePathsInfo()->GetServerName();
  367. if ( !lpszRunKCCServer || !lpcwszDSADMINServer || !wcscmp( lpszRunKCCServer, lpcwszDSADMINServer ) )
  368. lpcwszDSADMINServer = NULL;
  369. }
  370. PVOID apv[2] = { (PVOID)lpszRunKCCServer, (PVOID)lpcwszDSADMINServer };
  371. (void) ReportMessageEx( m_hwnd,
  372. (NULL == lpcwszDSADMINServer)
  373. ? IDS_RUN_KCC_1_SUCCEEDED_LOCAL
  374. : IDS_RUN_KCC_2_SUCCEEDED_REMOTE,
  375. MB_OK | MB_ICONINFORMATION,
  376. apv,
  377. 2,
  378. IDS_RUN_KCC_TITLE );
  379. }
  381. return hr;
  382. }
  384. // JonN 7/23/99
  385. // 373806: Site&Svcs: Renaming an auto-generated connection should make it admin owned
  386. // RETURN TRUE iff rename should proceed, handles own errors
  387. BOOL CDSComponentData::RenameConnectionFixup(CDSCookie* pCookie)
  388. {
  389. ASSERT( NULL != pCookie );
  391. CDSCookieInfoConnection* pextrainfo =
  392. (CDSCookieInfoConnection*)(pCookie->GetExtraInfo());
  393. if ( (NULL == pextrainfo)
  394. || (pextrainfo->GetClass() != CDSCookieInfoBase::connection)
  395. || pextrainfo->m_fFRSConnection
  396. || !(NTDSCONN_OPT_IS_GENERATED & pextrainfo->m_nOptions)
  397. )
  398. return TRUE;
  400. int nResponse = ReportMessageEx (m_hwnd, IDS_CONNECTION_RENAME_WARNING,
  401. MB_YESNO | MB_ICONWARNING);
  402. if (IDYES != nResponse)
  403. return FALSE;
  405. CString szPath;
  406. GetBasePathsInfo()->ComposeADsIPath(szPath, pCookie->GetPath());
  408. CComPtr<IDirectoryObject> spDO;
  410. HRESULT hr = S_OK;
  411. do { // false loop
  412. hr = DSAdminOpenObject(szPath,
  413. IID_IDirectoryObject,
  414. (void **)&spDO,
  415. TRUE /*bServer*/);
  416. if ( FAILED(hr) )
  417. break;
  419. PWSTR rgpwzAttrNames[] = {L"options"};
  420. Smart_PADS_ATTR_INFO spAttrs;
  421. DWORD cAttrs = 1;
  422. hr = spDO->GetObjectAttributes(rgpwzAttrNames, 1, &spAttrs, &cAttrs);
  423. if (FAILED(hr))
  424. break;
  425. if ( !(NTDSCONN_OPT_IS_GENERATED & spAttrs[0].pADsValues->Integer) )
  426. break;
  428. spAttrs[0].pADsValues->Integer &= ~NTDSCONN_OPT_IS_GENERATED;
  429. spAttrs[0].dwControlCode = ADS_ATTR_UPDATE;
  431. ULONG cModified = 0;
  432. hr = spDO->SetObjectAttributes (spAttrs, 1, &cModified);
  433. } while (false); // false loop
  435. if (FAILED(hr)) {
  436. ReportErrorEx (m_hwnd, IDS_CONNECTION_RENAME_ERROR, hr,
  437. MB_OK|MB_ICONERROR, NULL, 0, 0, TRUE);
  438. return FALSE;
  439. }
  441. return TRUE;
  442. }