archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/services/scerpc/escprov/password.cpp

801 lines
22 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //////////////////////////////////////////////////////////////////////
  2. // password.cpp: implementation of the CPasswordPolicy class
  3. // Copyright (c)1997-1999 Microsoft Corporation
  4. //
  5. //////////////////////////////////////////////////////////////////////
  7. #include "precomp.h"
  8. #include "password.h"
  9. #include "persistmgr.h"
  10. #include <io.h>
  11. #include "requestobject.h"
  13. #define KeyMinAge L"MinimumPasswordAge"
  14. #define KeyMaxAge L"MaximumPasswordAge"
  15. #define KeyMinLength L"MinimumPasswordLength"
  16. #define KeyHistory L"PasswordHistorySize"
  17. #define KeyComplexity L"PasswordComplexity"
  18. #define KeyClearText L"ClearTextPassword"
  19. #define KeyForceLogoff L"ForceLogoffWhenHourExpire"
  20. #define KeyEnableAdmin L"EnableAdminAccount"
  21. #define KeyEnableGuest L"EnableGuestAccount"
  22. #define KeyLSAAnonLookup L"LSAAnonymousNameLookup"
  24. /*
  25. Routine Description:
  27. Name:
  29. CPasswordPolicy::CPasswordPolicy
  31. Functionality:
  33. This is the constructor. Pass along the parameters to the base class
  35. Virtual:
  37. No (you know that, constructor won't be virtual!)
  39. Arguments:
  41. pKeyChain - Pointer to the ISceKeyChain COM interface which is prepared
  42. by the caller who constructs this instance.
  44. pNamespace - Pointer to WMI namespace of our provider (COM interface).
  45. Passed along by the caller. Must not be NULL.
  47. pCtx - Pointer to WMI context object (COM interface). Passed along
  48. by the caller. It's up to WMI whether this interface pointer is NULL or not.
  50. Return Value:
  52. None as any constructor
  54. Notes:
  55. if you create any local members, think about initialize them here
  57. */
  59. CPasswordPolicy::CPasswordPolicy (
  60. IN ISceKeyChain * pKeyChain,
  61. IN IWbemServices * pNamespace,
  62. IN IWbemContext * pCtx
  63. )
  64. :
  65. CGenericClass(pKeyChain, pNamespace, pCtx)
  66. {
  68. }
  70. /*
  71. Routine Description:
  73. Name:
  75. CPasswordPolicy::~CPasswordPolicy
  77. Functionality:
  79. Destructor. Necessary as good C++ discipline since we have virtual functions.
  81. Virtual:
  83. Yes.
  85. Arguments:
  87. none as any destructor
  89. Return Value:
  91. None as any destructor
  93. Notes:
  94. if you create any local members, think about whether
  95. there is any need for a non-trivial destructor
  97. */
  99. CPasswordPolicy::~CPasswordPolicy ()
  100. {
  101. }
  103. /*
  104. Routine Description:
  106. Name:
  108. CRGroups::CreateObject
  110. Functionality:
  112. Create WMI objects (Sce_PasswordPolicy). Depending on parameter atAction,
  113. this creation may mean:
  114. (a) Get a single instance (atAction == ACTIONTYPE_GET)
  115. (b) Get several instances satisfying some criteria (atAction == ACTIONTYPE_QUERY)
  116. (c) Delete an instance (atAction == ACTIONTYPE_DELETE)
  118. Virtual:
  120. Yes.
  122. Arguments:
  124. pHandler - COM interface pointer for notifying WMI for creation result.
  125. atAction - Get single instance ACTIONTYPE_GET
  126. Get several instances ACTIONTYPE_QUERY
  127. Delete a single instance ACTIONTYPE_DELETE
  129. Return Value:
  131. Success: it must return success code (use SUCCEEDED to test). It is
  132. not guaranteed to return WBEM_NO_ERROR. The returned objects are indicated to WMI,
  133. not directly passed back via parameters.
  135. Failure: Various errors may occurs. Except WBEM_E_NOT_FOUND, any such error should indicate
  136. the failure of getting the wanted instance. If WBEM_E_NOT_FOUND is returned in querying
  137. situations, this may not be an error depending on caller's intention.
  139. Notes:
  141. */
  143. HRESULT
  144. CPasswordPolicy::CreateObject (
  145. IN IWbemObjectSink * pHandler,
  146. IN ACTIONTYPE atAction
  147. )
  148. {
  149. //
  150. // we know how to:
  151. // Get single instance ACTIONTYPE_GET
  152. // Delete a single instance ACTIONTYPE_DELETE
  153. // Get several instances ACTIONTYPE_QUERY
  154. //
  156. if ( ACTIONTYPE_GET != atAction &&
  157. ACTIONTYPE_DELETE != atAction &&
  158. ACTIONTYPE_QUERY != atAction )
  159. {
  160. return WBEM_E_NOT_SUPPORTED;
  161. }
  163. //
  164. // We must have the pStorePath property because that is where
  165. // our instance is stored.
  166. // m_srpKeyChain->GetKeyPropertyValue WBEM_S_FALSE if the key is not recognized
  167. // So, we need to test against WBEM_S_FALSE if the property is mandatory
  168. //
  170. CComVariant varStorePath;
  171. HRESULT hr = m_srpKeyChain->GetKeyPropertyValue(pStorePath, &varStorePath);
  173. if (SUCCEEDED(hr) && hr != WBEM_S_FALSE && varStorePath.vt == VT_BSTR)
  174. {
  175. //
  176. // Prepare a store (for persistence) for this store path (file)
  177. //
  179. CSceStore SceStore;
  180. hr = SceStore.SetPersistPath(varStorePath.bstrVal);
  182. if ( SUCCEEDED(hr) )
  183. {
  185. //
  186. // make sure the store (just a file) really exists. The raw path
  187. // may contain env variables, so we need the expanded path
  188. //
  190. DWORD dwAttrib = GetFileAttributes(SceStore.GetExpandedPath());
  192. if ( dwAttrib != -1 )
  193. {
  195. if ( ACTIONTYPE_DELETE == atAction )
  196. {
  197. hr = DeleteInstance(pHandler, &SceStore);
  198. }
  199. else
  200. {
  201. hr = ConstructInstance(pHandler, &SceStore, varStorePath.bstrVal,atAction);
  202. }
  204. }
  205. else
  206. {
  207. hr = WBEM_E_NOT_FOUND;
  208. }
  209. }
  210. }
  212. return hr;
  213. }
  215. /*
  216. Routine Description:
  218. Name:
  220. CPasswordPolicy::PutInst
  222. Functionality:
  224. Put an instance as instructed by WMI. Since this class implements Sce_PasswordPolicy,
  225. which is persistence oriented, this will cause the Sce_PasswordPolicy object's property
  226. information to be saved in our store.
  228. Virtual:
  230. Yes.
  232. Arguments:
  234. pInst - COM interface pointer to the WMI class (Sce_PasswordPolicy) object.
  236. pHandler - COM interface pointer for notifying WMI of any events.
  238. pCtx - COM interface pointer. This interface is just something we pass around.
  239. WMI may mandate it (not now) in the future. But we never construct
  240. such an interface and so, we just pass around for various WMI API's
  242. Return Value:
  244. Success: it must return success code (use SUCCEEDED to test). It is
  245. not guaranteed to return WBEM_NO_ERROR.
  247. Failure: Various errors may occurs. Any such error should indicate the failure of persisting
  248. the instance.
  250. Notes:
  251. Since GetProperty will return a success code (WBEM_S_RESET_TO_DEFAULT) when the
  252. requested property is not present, don't simply use SUCCEEDED or FAILED macros
  253. to test for the result of retrieving a property.
  255. */
  257. HRESULT
  258. CPasswordPolicy::PutInst (
  259. IN IWbemClassObject * pInst,
  260. IN IWbemObjectSink * pHandler,
  261. IN IWbemContext * pCtx
  262. )
  263. {
  264. HRESULT hr = WBEM_E_INVALID_PARAMETER;
  266. //
  267. // These are all password policy's properties.
  268. // SCE_NO_VALUE means the property is not set.
  269. //
  271. DWORD dwMinAge = SCE_NO_VALUE;
  272. DWORD dwMaxAge = SCE_NO_VALUE;
  273. DWORD dwMinLen = SCE_NO_VALUE;
  274. DWORD dwHistory = SCE_NO_VALUE;
  275. DWORD dwComplexity = SCE_NO_VALUE;
  276. DWORD dwClear = SCE_NO_VALUE;
  277. DWORD dwForce = SCE_NO_VALUE;
  278. DWORD dwLSAPol = SCE_NO_VALUE;
  279. DWORD dwAdmin = SCE_NO_VALUE;
  280. DWORD dwGuest = SCE_NO_VALUE;
  282. //
  283. // CScePropertyMgr helps us to access WMI object's properties
  284. // create an instance and attach the WMI object to it.
  285. // This will always succeed.
  286. //
  288. CScePropertyMgr ScePropMgr;
  289. ScePropMgr.Attach(pInst);
  291. //
  292. // the use of the macro SCE_PROV_IfErrorGotoCleanup cause
  293. // a "goto CleanUp;" with hr set to the return value from
  294. // the function (macro parameter)
  295. //
  297. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.GetProperty(pMinAge, &dwMinAge));
  299. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.GetProperty(pMaxAge, &dwMaxAge));
  301. //
  302. // check dependency
  303. //
  305. if ( dwMinAge != SCE_NO_VALUE && dwMaxAge != SCE_NO_VALUE )
  306. {
  307. if ( dwMinAge >= dwMaxAge )
  308. {
  309. hr = WBEM_E_VALUE_OUT_OF_RANGE;
  310. }
  311. if ( dwMinAge > 999 || dwMaxAge > 999 )
  312. {
  313. hr = WBEM_E_VALUE_OUT_OF_RANGE;
  314. }
  315. }
  316. else if (dwMinAge != SCE_NO_VALUE || dwMaxAge != SCE_NO_VALUE )
  317. {
  318. hr = WBEM_E_ILLEGAL_NULL;
  319. }
  321. if ( FAILED(hr) )
  322. {
  323. goto CleanUp;
  324. }
  326. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.GetProperty(pMinLength, &dwMinLen));
  328. //
  329. // check validity of the minimum length property
  330. //
  332. if ( dwMinLen != SCE_NO_VALUE && dwMinLen > 14 )
  333. {
  334. hr = WBEM_E_VALUE_OUT_OF_RANGE;
  335. goto CleanUp;
  336. }
  338. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.GetProperty(pHistory, &dwHistory));
  340. //
  341. // check validity of the history property
  342. //
  344. if ( dwHistory != SCE_NO_VALUE && dwHistory > 24 )
  345. {
  346. hr = WBEM_E_VALUE_OUT_OF_RANGE;
  347. goto CleanUp;
  348. }
  350. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.GetProperty(pComplexity, &dwComplexity));
  352. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.GetProperty(pStoreClearText, &dwClear));
  354. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.GetProperty(pForceLogoff, &dwForce));
  356. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.GetProperty(pLSAPol, &dwLSAPol));
  358. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.GetProperty(pEnableAdmin, &dwAdmin));
  360. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.GetProperty(pEnableGuest, &dwGuest));
  362. //
  363. // this set of braces allow us to define the store instance closer to where it is used
  364. //
  366. {
  367. //
  368. // Attach the WMI object instance to the store and let the store know that
  369. // it's store is given by the pStorePath property of the instance.
  370. //
  372. CSceStore SceStore;
  373. SceStore.SetPersistProperties(pInst, pStorePath);
  375. //
  376. // now save the info to file
  377. //
  379. hr = SaveSettingsToStore(&SceStore,
  380. dwMinAge,
  381. dwMaxAge,
  382. dwMinLen,
  383. dwHistory,
  384. dwComplexity,
  385. dwClear,
  386. dwForce,
  387. dwLSAPol,
  388. dwAdmin,
  389. dwGuest
  390. );
  391. }
  393. CleanUp:
  395. return hr;
  396. }
  398. /*
  399. Routine Description:
  401. Name:
  403. CRGroups::ConstructInstance
  405. Functionality:
  407. This is private function to create an instance of Sce_PasswordPolicy.
  409. Virtual:
  411. No.
  413. Arguments:
  415. pHandler - COM interface pointer for notifying WMI of any events.
  417. pSceStore - Pointer to our store. It must have been appropriately set up.
  419. wszLogStorePath - store path, a key property of Sce_PasswordPolicy class.
  421. atAction - whether it's querying or a single instance fetching.
  423. Return Value:
  425. Success: it must return success code (use SUCCEEDED to test). It is
  426. not guaranteed to return WBEM_NO_ERROR.
  428. Failure: Various errors may occurs. Any such error should indicate the creating the instance.
  430. Notes:
  432. */
  434. HRESULT
  435. CPasswordPolicy::ConstructInstance (
  436. IN IWbemObjectSink * pHandler,
  437. IN CSceStore * pSceStore,
  438. IN LPWSTR wszLogStorePath,
  439. IN ACTIONTYPE atAction
  440. )
  441. {
  442. //
  443. // make sure that we have a valid store
  444. //
  446. if ( pSceStore == NULL ||
  447. pSceStore->GetStoreType() < SCE_INF_FORMAT ||
  448. pSceStore->GetStoreType() > SCE_JET_ANALYSIS_REQUIRED )
  449. {
  450. return WBEM_E_INVALID_PARAMETER;
  451. }
  453. //
  454. // ask SCE to read a gigantic structure out from the store. Only SCE
  455. // knows now to release the memory. Don't just delete it! Use our CSceStore
  456. // to do the releasing (FreeSecurityProfileInfo)
  457. //
  459. PSCE_PROFILE_INFO pInfo=NULL;
  460. HRESULT hr = pSceStore->GetSecurityProfileInfo(
  461. AREA_SECURITY_POLICY,
  462. &pInfo,
  463. NULL
  464. );
  466. if (FAILED(hr))
  467. {
  468. return hr;
  469. }
  471. //
  472. // If one of the following properties are missing from the store,
  473. // we won't construct the wmi object for it.
  474. //
  476. if (pInfo->MinimumPasswordAge == SCE_NO_VALUE &&
  477. pInfo->MaximumPasswordAge == SCE_NO_VALUE &&
  478. pInfo->MinimumPasswordLength == SCE_NO_VALUE &&
  479. pInfo->PasswordHistorySize == SCE_NO_VALUE &&
  480. pInfo->PasswordComplexity == SCE_NO_VALUE &&
  481. pInfo->ClearTextPassword == SCE_NO_VALUE &&
  482. pInfo->ForceLogoffWhenHourExpire == SCE_NO_VALUE &&
  483. pInfo->LSAAnonymousNameLookup == SCE_NO_VALUE )
  484. {
  485. pSceStore->FreeSecurityProfileInfo(pInfo);
  486. return WBEM_E_NOT_FOUND;
  487. }
  489. CComBSTR bstrLogOut;
  490. LPCWSTR pszExpandedPath = pSceStore->GetExpandedPath();
  492. CComPtr<IWbemClassObject> srpObj;
  494. //
  495. // CScePropertyMgr helps us to access WMI object's properties.
  496. //
  498. CScePropertyMgr ScePropMgr;
  500. //
  501. // the use of the macro SCE_PROV_IfErrorGotoCleanup cause
  502. // a "goto CleanUp;" with hr set to the return value from
  503. // the function (macro parameter)
  504. //
  506. if ( ACTIONTYPE_QUERY == atAction )
  507. {
  508. SCE_PROV_IfErrorGotoCleanup(MakeSingleBackSlashPath(wszLogStorePath, L'\\', &bstrLogOut));
  509. pszExpandedPath = bstrLogOut;
  510. }
  512. SCE_PROV_IfErrorGotoCleanup(SpawnAnInstance(&srpObj));
  514. //
  515. // attach the WMI object to the property mgr.
  516. // This will always succeed.
  517. //
  519. ScePropMgr.Attach(srpObj);
  521. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.PutProperty(pStorePath, pszExpandedPath));
  523. if (pInfo->MinimumPasswordAge != SCE_NO_VALUE ) {
  524. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.PutProperty(pMinAge, pInfo->MinimumPasswordAge));
  525. }
  527. if (pInfo->MaximumPasswordAge != SCE_NO_VALUE ) {
  528. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.PutProperty(pMaxAge, pInfo->MaximumPasswordAge));
  529. }
  531. if (pInfo->MinimumPasswordLength != SCE_NO_VALUE ) {
  532. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.PutProperty(pMinLength, pInfo->MinimumPasswordLength));
  533. }
  535. if (pInfo->PasswordHistorySize != SCE_NO_VALUE ) {
  536. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.PutProperty(pHistory, pInfo->PasswordHistorySize));
  537. }
  539. if (pInfo->PasswordComplexity != SCE_NO_VALUE ) {
  540. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.PutProperty(pComplexity, (pInfo->PasswordComplexity==1)? true : false));
  541. }
  543. if (pInfo->ClearTextPassword != SCE_NO_VALUE ) {
  544. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.PutProperty(pStoreClearText, (pInfo->ClearTextPassword==1)? true : false));
  545. }
  547. if (pInfo->ForceLogoffWhenHourExpire != SCE_NO_VALUE ) {
  548. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.PutProperty(pForceLogoff, (pInfo->ForceLogoffWhenHourExpire==1)? true : false));
  549. }
  551. if (pInfo->LSAAnonymousNameLookup != SCE_NO_VALUE ) {
  552. SCE_PROV_IfErrorGotoCleanup(ScePropMgr.PutProperty(pLSAPol, (pInfo->LSAAnonymousNameLookup==1)? true : false));
  553. }
  555. //
  556. // do the necessary gestures to WMI.
  557. // the use of WBEM_STATUS_REQUIREMENTS in SetStatus is not documented by WMI
  558. // at this point. Consult WMI team for detail if you suspect problems with
  559. // the use of WBEM_STATUS_REQUIREMENTS
  560. //
  562. if ( ACTIONTYPE_QUERY == atAction ) {
  563. pHandler->SetStatus(WBEM_STATUS_REQUIREMENTS, S_FALSE, NULL, NULL);
  564. } else {
  565. pHandler->SetStatus(WBEM_STATUS_REQUIREMENTS, S_OK, NULL, NULL);
  566. }
  568. //
  569. // pass the new instance to WMI
  570. //
  572. hr = pHandler->Indicate(1, &srpObj);
  574. CleanUp:
  576. pSceStore->FreeSecurityProfileInfo(pInfo);
  578. return hr;
  579. }
  581. /*
  582. Routine Description:
  584. Name:
  586. CPasswordPolicy::DeleteInstance
  588. Functionality:
  590. remove an instance of Sce_PasswordPolicy from the specified store.
  592. Virtual:
  594. No.
  596. Arguments:
  598. pHandler - COM interface pointer for notifying WMI of any events.
  600. pSceStore - Pointer to our store. It must have been appropriately set up.
  602. Return Value:
  604. Success: WBEM_NO_ERROR.
  606. Failure: WBEM_E_INVALID_PARAMETER.
  608. Notes:
  610. */
  612. HRESULT
  613. CPasswordPolicy::DeleteInstance (
  614. IN IWbemObjectSink * pHandler,
  615. IN CSceStore * pSceStore
  616. )
  617. {
  618. //
  619. // make sure that we have a valid store
  620. //
  622. if ( pSceStore == NULL || pSceStore->GetStoreType() < SCE_INF_FORMAT ||
  623. pSceStore->GetStoreType() > SCE_JET_ANALYSIS_REQUIRED )
  624. {
  625. return WBEM_E_INVALID_PARAMETER;
  626. }
  628. HRESULT hr=WBEM_S_NO_ERROR;
  630. //
  631. // a SCE_NO_VALUE will cause that property to be delete by SaveSettingsToStore
  632. //
  634. hr = SaveSettingsToStore(pSceStore,
  635. SCE_NO_VALUE,
  636. SCE_NO_VALUE,
  637. SCE_NO_VALUE,
  638. SCE_NO_VALUE,
  639. SCE_NO_VALUE,
  640. SCE_NO_VALUE,
  641. SCE_NO_VALUE,
  642. SCE_NO_VALUE,
  643. SCE_NO_VALUE,
  644. SCE_NO_VALUE
  645. );
  647. return hr;
  649. }
  651. /*
  652. Routine Description:
  654. Name:
  656. CPasswordPolicy::SaveSettingsToStore
  658. Functionality:
  660. With all the properties of a Sce_PasswordPolicy, this function just saves
  661. the instance properties to our store.
  663. Virtual:
  665. No.
  667. Arguments:
  669. pSceStore - the store.
  671. dwMinAge - a corresponding key property of Sce_PasswordPolicy class.
  673. dwMaxAge - another corresponding property of the Sce_PasswordPolicy class.
  675. dwMinLen - another corresponding property of the Sce_PasswordPolicy class.
  677. dwHistory - another corresponding property of the Sce_PasswordPolicy class.
  679. dwComplexity, - another corresponding property of the Sce_PasswordPolicy class.
  681. dwClear - another corresponding property of the Sce_PasswordPolicy class.
  683. dwForce - another corresponding property of the Sce_PasswordPolicy class.
  685. dwLSAPol - another corresponding property of the Sce_PasswordPolicy class.
  687. dwAdmin - another corresponding property of the Sce_PasswordPolicy class.
  689. dwGuest - another corresponding property of the Sce_PasswordPolicy class.
  691. Return Value:
  693. Success: it must return success code (use SUCCEEDED to test). It is
  694. not guaranteed to return WBEM_NO_ERROR.
  696. Failure: Various errors may occurs. Any error indicates the failure to save the instance.
  698. Notes:
  699. */
  701. HRESULT
  702. CPasswordPolicy::SaveSettingsToStore (
  703. IN CSceStore * pSceStore,
  704. IN DWORD dwMinAge,
  705. IN DWORD dwMaxAge,
  706. IN DWORD dwMinLen,
  707. IN DWORD dwHistory,
  708. IN DWORD dwComplexity,
  709. IN DWORD dwClear,
  710. IN DWORD dwForce,
  711. IN DWORD dwLSAPol,
  712. IN DWORD dwAdmin,
  713. IN DWORD dwGuest
  714. )
  715. {
  716. //
  717. // the use of the macro SCE_PROV_IfErrorGotoCleanup cause
  718. // a "goto CleanUp;" with hr set to the return value from
  719. // the function (macro parameter)
  720. //
  722. DWORD dwDump;
  724. //
  725. // For a new .inf file. Write an empty buffer to the file
  726. // will creates the file with right header/signature/unicode format
  727. // this is harmless for existing files.
  728. // For database store, this is a no-op.
  729. //
  731. HRESULT hr = WBEM_NO_ERROR;
  733. SCE_PROV_IfErrorGotoCleanup(pSceStore->WriteSecurityProfileInfo(AreaBogus,
  734. (PSCE_PROFILE_INFO)&dwDump,
  735. NULL, false));
  737. //
  738. // MinAge
  739. //
  741. SCE_PROV_IfErrorGotoCleanup(pSceStore->SavePropertyToStore(szSystemAccess, KeyMinAge, dwMinAge));
  743. //
  744. // MaxAge
  745. //
  747. SCE_PROV_IfErrorGotoCleanup(pSceStore->SavePropertyToStore(szSystemAccess, KeyMaxAge, dwMaxAge));
  749. //
  750. // MinLength
  751. //
  753. SCE_PROV_IfErrorGotoCleanup(pSceStore->SavePropertyToStore(szSystemAccess, KeyMinLength, dwMinLen));
  755. //
  756. // History
  757. //
  759. SCE_PROV_IfErrorGotoCleanup(pSceStore->SavePropertyToStore(szSystemAccess, KeyHistory, dwHistory));
  761. //
  762. // Complexity
  763. //
  765. SCE_PROV_IfErrorGotoCleanup(pSceStore->SavePropertyToStore(szSystemAccess, KeyComplexity, dwComplexity));
  767. //
  768. // Cleartext
  769. //
  771. SCE_PROV_IfErrorGotoCleanup(pSceStore->SavePropertyToStore(szSystemAccess, KeyClearText, dwClear));
  773. //
  774. // Force logoff
  775. //
  777. SCE_PROV_IfErrorGotoCleanup(pSceStore->SavePropertyToStore(szSystemAccess, KeyForceLogoff, dwForce));
  779. //
  780. // LSA Anonymous Lookup
  781. //
  783. SCE_PROV_IfErrorGotoCleanup(pSceStore->SavePropertyToStore(szSystemAccess, KeyLSAAnonLookup, dwLSAPol));
  785. //
  786. // disable admin
  787. //
  789. SCE_PROV_IfErrorGotoCleanup(pSceStore->SavePropertyToStore(szSystemAccess, KeyEnableAdmin, dwAdmin));
  791. //
  792. // disable guest
  793. //
  795. SCE_PROV_IfErrorGotoCleanup(pSceStore->SavePropertyToStore(szSystemAccess, KeyEnableGuest, dwGuest));
  797. CleanUp:
  799. return hr;
  800. }