windows-server-2003/admin/dscmd/dsget/display.cpp

//+-------------------------------------------------------------------------
//
//  Microsoft Windows
//  Copyright (C) Microsoft Corporation, 1992 - 2000
//
//  File:      display.cpp
//
//  Contents:  Defines the functions used to convert values to strings
//             for display purposes
//
//  History:   17-Oct-2000    JeffJon  Created
//             
//
//--------------------------------------------------------------------------

#include <pch.h>

#include "cstrings.h"
#include "gettable.h"
#include "display.h"
#include "output.h"
#include "query.h"
#include "resource.h"

#include <lmaccess.h>   // UF_* for userAccountControl flags
#include <ntsam.h>      // GROUP_TYPE_*
#include <ntdsapi.h>    // NTDSSETTINGS_OPT_*
#include <msxml.h>      // For XML_GetNodeText and GetTopObjectUsage
//
// Almost all of these functions are of type PGETDISPLAYSTRINGFUNC as defined in
// gettable.h
//

#ifdef ADS_OPTION_QUOTA
#pragma message("ADS_OPTION_QUOTA is now defined, so display.cpp needs to be updated to support it")
#pragma warning(error : 1);
#else
#pragma message("ADS_OPTION_QUOTA is not defined, so using 5 instead")
//
// until the global definition is published, define it on my own so I'm not blocked
//
#define ADS_OPTION_QUOTA 5
#endif

//+--------------------------------------------------------------------------
//
//  Function:   XML_GetNodeText
//
//  Synopsis:   This code was taken from admin\snapin\dsadmin\xmlutil.cpp
//              on 8/29/02. Given an XML node of type NODE_TEXT, it
//              returns its value into a CComBSTR
//
//  Arguments:  [pXDN - IN]:     The node to extract the text value from
//              [refBstr - OUT]: The node text if successful, else unchanged
//
//  Returns:    HRESULT : S_OK if everything succeeded
//                        Anything else is a failure code from XML 
//                        or E_INVALIDARG
//
//  History:    29-Aug-2002   RonMart   Created
//
//---------------------------------------------------------------------------
HRESULT XML_GetNodeText(IN IXMLDOMNode* pXDN, OUT CComBSTR& refBstr)
{
    ENTER_FUNCTION_HR(LEVEL5_LOGGING, XML_GetNodeText, hr);

    ASSERT(pXDN != NULL);

    // assume the given node has a child node
    CComPtr<IXMLDOMNode> spName;
    hr = pXDN->get_firstChild(&spName);
    if (FAILED(hr))
    {
        // unexpected failure
        return hr;
    }
    // if no children, the api returns S_FALSE
    if (spName == NULL)
    {
        return hr;
    }

    // got now a valid pointer,
    // check if this is the valid node type
    DOMNodeType nodeType = NODE_INVALID;
    hr = spName->get_nodeType(&nodeType);
    ASSERT(hr == S_OK);
    ASSERT(nodeType == NODE_TEXT);
    if (nodeType != NODE_TEXT)
    {
        ASSERT(FALSE);
        return E_INVALIDARG;
    }
    // it is of type text
    // retrieve the node value into a variant
    CComVariant val;
    hr = pXDN->get_nodeTypedValue(&val);
    if (FAILED(hr))
    {
        // unexpected failure
        ASSERT(FALSE);
        return hr;
    }

    if (val.vt != VT_BSTR)
    {
        ASSERT(FALSE);
        return E_INVALIDARG;
    }

    // got the text value
    refBstr = val.bstrVal;

    return hr;
}
//+--------------------------------------------------------------------------
//
//  Function:   GetNT4NameOrSidString
//
//  Synopsis:   Called by GetTopObjectUsage on failure, this first does
//              a LookupAccountSid and tries to get the NT4 style name.
//              If that succeeds, then it tries to get the DN using that.
//              If no DN is returned, then the NT4 style name (if it exists) 
//              or the SID string will be returned.
//
//  Arguments:  [bstrSid - IN]: Sid string to resolve
//              [lpszDN - OUT]: Returns the DN, NT4 name or Sid string. 
//                              Use LocalFree when done.
//
//  Returns:    HRESULT : S_OK if everything succeeded
//
//  History:    11-Oct-2002   RonMart   Created
//
//---------------------------------------------------------------------------
HRESULT GetNT4NameOrSidString(IN CComBSTR& bstrSid, OUT LPWSTR* lpszDN)
{
 
    ENTER_FUNCTION_HR(LEVEL5_LOGGING, GetNT4NameOrSidString, hr);
    LPWSTR lpszName = NULL;
    LPWSTR lpszDomain = NULL;
    PSID pSid = NULL;

    do
    {
        //
        // Verify parameters
        //
        if (!lpszDN)
        {
            hr = E_INVALIDARG;
            break;
        }
        // Convert the Sid String to a Sid so we can lookup the account
        if(!ConvertStringSidToSid(bstrSid, &pSid))
        {
            hr = E_FAIL;
            ASSERT(FALSE);
            break;
        }

        DWORD cchName = 0;
        DWORD cchDomainName = 0;
        SID_NAME_USE sUse = SidTypeInvalid;

        // Call once to get the buffer sizes
        if(!LookupAccountSid(NULL,
            pSid, 
            lpszName, 
            &cchName, 
            lpszDomain, 
            &cchDomainName, 
            &sUse))
        {
            // If it fails, then deleted account so return
            // the sid string
            DWORD cchBufSize = SysStringLen(bstrSid) + 1;

            // Alloc the return buffer
            *lpszDN = (LPWSTR) LocalAlloc(LPTR,
                                cchBufSize * sizeof(WCHAR));

            if(NULL == *lpszDN)
            {
                ASSERT(FALSE);
                hr = E_OUTOFMEMORY;
                break;
            }

            hr = StringCchCopy(*lpszDN, cchName, bstrSid.m_str);
        }

        if(cchName < 1 || cchDomainName < 1)
        {
            ASSERT(FALSE);
            E_UNEXPECTED;
            break;
        }

        lpszName = (LPWSTR) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, 
            cchName * sizeof(WCHAR));
        if(NULL == lpszName)
        {
            ASSERT(FALSE);
            E_OUTOFMEMORY;
            break;
        }

        lpszDomain = (LPWSTR) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, 
            cchDomainName * sizeof(WCHAR));
        if(NULL == lpszDomain)
        {
            ASSERT(FALSE);
            E_OUTOFMEMORY;
            break;
        }

        // Get the name
        if(!LookupAccountSid(NULL,
            pSid, 
            lpszName, 
            &cchName, 
            lpszDomain, 
            &cchDomainName, 
            &sUse))
        {
            ASSERT(FALSE);
            E_FAIL;
            break;
        }

        // Grow the buffer to hold both the domain and name
        DWORD chBufSize = (cchName + cchDomainName + 2);
        LPWSTR lpszNew = (LPWSTR) HeapReAlloc(GetProcessHeap(), 0, 
            lpszDomain, chBufSize * sizeof(WCHAR));
        if (NULL == lpszNew)
        {
            ASSERT(FALSE);
            hr = E_OUTOFMEMORY;
            break;
        }

        lpszDomain = lpszNew;

        // Merge the domain & account name
        hr = StringCchCat(lpszDomain, chBufSize, L"\\");
        if (FAILED(hr))
        {
            break;
        }

        hr = StringCchCat(lpszDomain, chBufSize, lpszName);
        if (FAILED(hr))
        {
            break;
        }
        
        // Try one more time to get the DN
        hr = ConvertTrusteeToDN(NULL, lpszDomain, lpszDN);

        // If this failed, then return the NT4 name
        if (FAILED(hr))
        {
            // Alloc the return buffer
            *lpszDN = (LPWSTR) LocalAlloc(LPTR,
                                chBufSize * sizeof(WCHAR));

            if(NULL == *lpszDN)
            {
                ASSERT(FALSE);
                hr = E_OUTOFMEMORY;
                break;
            }

            // Return the NT4 name 
            hr = StringCchCopy(*lpszDN, chBufSize, lpszDomain);

            // If we still fail, then give up and abort
            if(FAILED(hr))
            {
                ASSERT(FALSE);
                LocalFree(*lpszDN);
                *lpszDN = NULL;
                break;
            }
        }

    } while (0);

    if(pSid)
        LocalFree(pSid);

    if(lpszName)
        HeapFree(GetProcessHeap(), 0, lpszName);

    if(lpszDomain)
        HeapFree(GetProcessHeap(), 0, lpszDomain);

    return hr;
}
//+--------------------------------------------------------------------------
//
//  Function:   GetTopObjectUsage
//
//  Synopsis:   This code takes the XML block returned from a 
//              msDS-TopQuotaUsage attribute and extracts the trustee name
//              DN and the quotaUsed value
//
//  Arguments:  [pXDN - IN]:      The node to extract the text value from
//              [lpszDomain - IN]:Domain to query or NULL for local
//              [lpszDN - OUT]:   Returns the DN. Use LocalFree when done
//              [refBstr - OUT]:  The node text if successful, else unchanged
//
//  Returns:    HRESULT : S_OK if everything succeeded
//                        Anything else is a failure code from XML 
//                        or E_INVALIDARG
//
//  History:    29-Aug-2002   RonMart   Created
//
//---------------------------------------------------------------------------
HRESULT GetTopObjectUsage(IN CComBSTR& bstrXML, IN LPCWSTR lpszDomain, 
                          OUT LPWSTR* lpszDN, OUT CComBSTR& bstrQuotaUsed)
{
    ENTER_FUNCTION_HR(LEVEL5_LOGGING, GetTopObjectUsage, hr);

    // Create an XML document
    CComPtr<IXMLDOMDocument> pXMLDoc;
    hr = pXMLDoc.CoCreateInstance(CLSID_DOMDocument);

    if (FAILED(hr))
    {
        DEBUG_OUTPUT(MINIMAL_LOGGING,
            L"CoCreateInstance(CLSID_DOMDocument) failed: hr = 0x%x",
            hr);
        return hr;
    }

    do
    {
        //
        // Verify parameters
        //
        if (!lpszDN)
        {
            hr = E_INVALIDARG;
            break;
        }
        // Load the XML text
        VARIANT_BOOL isSuccessful;
        hr = pXMLDoc->loadXML(bstrXML, &isSuccessful);
        // If it failed for any reason, then abort
        if (FAILED(hr) || (isSuccessful == FALSE))
        {
            DEBUG_OUTPUT(MINIMAL_LOGGING,
                L"loadXML failed: hr = 0x%x",
                hr);
            break;
        }
        // Get the SID string node
        CComPtr<IXMLDOMNode> pSidNode;
        hr = pXMLDoc->selectSingleNode(CComBSTR(L"MS_DS_TOP_QUOTA_USAGE/ownerSID"), &pSidNode);
        if (FAILED (hr))
        {
            DEBUG_OUTPUT(MINIMAL_LOGGING,
                L"selectSingleNode('MS_DS_TOP_QUOTA_USAGE/ownerSID') failed: hr = 0x%x",
                hr);
            break;
        }

        // Extract the sid string
        CComBSTR bstrSID;
        hr = XML_GetNodeText(pSidNode, bstrSID);
        if(FAILED(hr))
        {
            break;
        }

        // Convert the sid string into a DN (into the return buffer)
        hr = ConvertTrusteeToDN(lpszDomain, bstrSID, lpszDN);
        if (FAILED (hr))
        {
           // If we couldn't get the DN then get the NT4 name
           // from the string sid and try again to get either the
           // DN, the NT4 name or last resort return the sid string
           hr = GetNT4NameOrSidString(bstrSID, lpszDN);
           if(FAILED(hr))
           {
               ASSERT(FALSE);
               break;
           }
         }

        // Get the quotaUsed node
        CComPtr<IXMLDOMNode> pQuotaUsedNode;
        hr = pXMLDoc->selectSingleNode(CComBSTR(L"MS_DS_TOP_QUOTA_USAGE/quotaUsed"), &pQuotaUsedNode);
        if (FAILED (hr))
        {
            DEBUG_OUTPUT(MINIMAL_LOGGING,
                L"selectSingleNode('MS_DS_TOP_QUOTA_USAGE/quotaUsed') failed: hr = 0x%x",
                hr);
            break;
        }

        // Extract the value as text (into the return buffer)
        hr = XML_GetNodeText(pQuotaUsedNode, bstrQuotaUsed);
        if (FAILED(hr))
        {
            return hr;
        }
    } while (0);

    return hr;
}

HRESULT DisplayTopObjOwner(PCWSTR /*pszDN*/,//pszDN will be the dn of the server (from config) or the partition dn
                                CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                                const CDSCmdCredentialObject& /*refCredentialObject*/,
                                _DSGetObjectTableEntry* pEntry,
                                ARG_RECORD* pRecord,
                                PADS_ATTR_INFO pAttrInfo,
                                CComPtr<IDirectoryObject>& /*spDirObject*/,
                                PDSGET_DISPLAY_INFO pDisplayInfo)
{
    ENTER_FUNCTION_HR(MINIMAL_LOGGING, DisplayTopObjOwner, hr);

    LPWSTR lpszDN = NULL;

    do // false loop
    {
        //
        // Verify parameters
        //
        if (!pEntry ||
            !pRecord ||
            !pAttrInfo ||
            !pDisplayInfo)
        {
            hr = E_INVALIDARG;
            break;
        }
        // These callback functions weren't designed for the headers
        // to be changed, so two values must be stuck in one column entry
        // Since this is always going to be a one column table, this should
        // be acceptable
        pDisplayInfo->AddValue(L"Account DN\tObjects Owned");

        // If values returned in dsget's GetObjectAttributes
        if (pAttrInfo && pAttrInfo->pADsValues)
        {
            DEBUG_OUTPUT(FULL_LOGGING,
                L"Examining %d values:",
                pAttrInfo->dwNumValues);

            // For each of the values found in dsget's GetObjectAttributes
            for (DWORD dwIdx = 0; dwIdx < pAttrInfo->dwNumValues; dwIdx++)
            {
                WCHAR* pBuffer = 0;

                // The top object usage will be a single XML string
                hr = GetStringFromADs(&(pAttrInfo->pADsValues[dwIdx]),
                    pAttrInfo->dwADsType,
                    &pBuffer, 
                    pAttrInfo->pszAttrName);

                // If we got it then parse it
                if (SUCCEEDED(hr))
                {
                    // Extract the trustee name and quota value
                    CComBSTR bstrXML(pBuffer);
                    CComBSTR bstrQuotaUsed;

                    delete[] pBuffer;
                    pBuffer = NULL;

                    hr = GetTopObjectUsage(bstrXML, NULL, &lpszDN, bstrQuotaUsed);
                    if (FAILED(hr) || (hr == S_FALSE))
                    {
                        if(hr == S_FALSE)
                            continue; // skip failures due to invalid sid bug in AD
                        else
                            break; // FAIL if not the known invalid sid
                    }

                    // How big are the return strings plus the tab char
                    size_t size = (lstrlen(lpszDN) + 
                                   bstrQuotaUsed.Length()+2) * 
                                   sizeof(WCHAR);

                    // Create a buffer to hold the value to display
                    PWSTR pszValue = (PWSTR) LocalAlloc(LPTR, size);
                    if(NULL == pszValue)
                    {
                        LocalFree(lpszDN);
                        hr = E_OUTOFMEMORY;
                        break;
                    }

                    // Format the two columns
                    hr = StringCbPrintf(pszValue, size, L"%s\t%s", 
                                        lpszDN, bstrQuotaUsed.m_str);

                    // Done with this now (if FAILED(hr)), so free it
                    LocalFree(lpszDN);
                    lpszDN = NULL;

                    // If the format failed
                    if(FAILED(hr))
                    {
                        break;
                    }

                    // Add the string to display
                    hr = pDisplayInfo->AddValue(pszValue);
                }
            }
        }
    } while (false);

    if(lpszDN != NULL)
        LocalFree(lpszDN);

    return hr;
}
//+--------------------------------------------------------------------------
//
//  Function:   AddValuesToDisplayInfo
//
//  Synopsis:   Adds the values a variant array of BSTR's (or single BSTR)
//              to the displayInfo
//
//  Arguments:  [refvar - IN]:     A variant that contains either a BSTR or
//                                 an array of BSTR's
//                                 
//              [pDisplayInfo - IN]: Display object to add to 
//
//  Returns:    HRESULT : S_OK if everything succeeded
//                        E_UNEXPECTED in most failure cases
//                        Anything else is a failure code from call that 
//                        returns a hr
//
//  Note:       This code was derrived from admin\snapin\adsiedit\common.cpp
//
//  History:    29-Aug-2002   RonMart   Created
//
//---------------------------------------------------------------------------
HRESULT AddValuesToDisplayInfo(VARIANT& refvar, PDSGET_DISPLAY_INFO pDisplayInfo)
{
    ENTER_FUNCTION_HR(MINIMAL_LOGGING, AddValuesToDisplayInfo, hr);

    long start = 0;
    long end = 0;

    // If a single value comes back
    if ( !(V_VT(&refvar) &  VT_ARRAY)  )
    {
        // and it is not a BSTR then abort
        if ( V_VT(&refvar) != VT_BSTR )
        {
            return E_UNEXPECTED;
        }
        // Add the value to the displayInfo 
        return pDisplayInfo->AddValue(V_BSTR(&refvar));
    }

    // Otherwise it is a SafeArray so get the array
    SAFEARRAY *saAttributes = V_ARRAY( &refvar );

    // Verify array returned
    if(NULL == saAttributes)
        return E_UNEXPECTED;

    // Figure out the dimensions of the array.
    hr = SafeArrayGetLBound( saAttributes, 1, &start );
    if( FAILED(hr) )
        return hr;

    hr = SafeArrayGetUBound( saAttributes, 1, &end );
    if( FAILED(hr) )
        return hr;

    // Search the array elements and abort if a match is found
    CComVariant SingleResult;
    for ( long idx = start; (idx <= end); idx++   ) 
    {

        hr = SafeArrayGetElement( saAttributes, &idx, &SingleResult );
        if( FAILED(hr) )
        {
            return hr;
        }

        if ( V_VT(&SingleResult) != VT_BSTR )
        {
            // If not BSTR then go to the next element
            continue; 
        }
        // Add the value to the displayInfo 
        hr = pDisplayInfo->AddValue(V_BSTR(&SingleResult));
        if( FAILED(hr) )
        {
            return hr;
        }
    }
    return hr;
}

HRESULT DisplayPartitions(PCWSTR pszDN,
                            CDSCmdBasePathsInfo& refBasePathsInfo,
                            const CDSCmdCredentialObject& refCredentialObject,
                            _DSGetObjectTableEntry* /*pEntry*/,
                            ARG_RECORD* /*pRecord*/,
                            PADS_ATTR_INFO /*pAttrInfo*/,
                            CComPtr<IDirectoryObject>& /*spDirObject*/,
                            PDSGET_DISPLAY_INFO pDisplayInfo)
{
    ENTER_FUNCTION_HR(MINIMAL_LOGGING, DisplayPartitions, hr);
    do // false loop
    {
        // Verify parameters
        if (!pszDN ||
            !pDisplayInfo)
        {
            hr = E_INVALIDARG;
            break;
        }

        // Compose the path to the NTDS settings object from the server DN
        CComBSTR sbstrNTDSSettingsDN;
        sbstrNTDSSettingsDN = L"CN=NTDS Settings,";
        sbstrNTDSSettingsDN += pszDN;

        CComBSTR sbstrNTDSSettingsPath;
        refBasePathsInfo.ComposePathFromDN(sbstrNTDSSettingsDN, sbstrNTDSSettingsPath);

        // Bind to it
        CComPtr<IADs> spADs;
        hr = DSCmdOpenObject(refCredentialObject,
            sbstrNTDSSettingsPath,
            IID_IADs,
            (void**)&spADs,
            true);

        if (FAILED(hr))
        {
            break;
        }

        // Get the partitions bstr array (per Brett Shirley)
        // 705146 ronmart 2002/09/18 .NET Server domains use msDS-hasMasterNCs
        CComVariant var;
        hr = spADs->Get(CComBSTR(L"msDS-hasMasterNCs"), &var);
        if (FAILED(hr))
        {
            DEBUG_OUTPUT(LEVEL5_LOGGING,
                L"Failed to get msDS-hasMasterNCs: hr = 0x%x",
                hr);

            // 705146 ronmart 2002/09/18 W2k Server domains use hasMasterNCs
            hr = spADs->Get(CComBSTR(L"hasMasterNCs"), &var);
            if (FAILED(hr))
            {
                DEBUG_OUTPUT(LEVEL5_LOGGING,
                L"Failed to get hasMasterNCs: hr = 0x%x",
                hr);
                break;
            }
        }
        
        // Add the array values to the displayInfo
        hr = AddValuesToDisplayInfo(var, pDisplayInfo);
        
        if (FAILED(hr))
        {
            break;
        }
    } while (false);

    return hr;
}

HRESULT DisplayQuotaInfoFunc(PCWSTR pszDN,
                                CDSCmdBasePathsInfo& refBasePathsInfo,
                                const CDSCmdCredentialObject& refCredentialObject,
                                _DSGetObjectTableEntry* pEntry,
                                ARG_RECORD* pRecord,
                                PADS_ATTR_INFO /*pAttrInfo*/,
                                CComPtr<IDirectoryObject>& /*spDirObject*/,
                                PDSGET_DISPLAY_INFO pDisplayInfo)
{
    ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayQuotaInfoFunc, hr);

    LPWSTR lpszSid = NULL;
    PWSTR  pszPartitionDN = NULL;
    PSID   pSid = NULL;

    do // false loop
    {
        //
        // Verify parameters
        //
        if (!pEntry ||
            !pRecord ||
            !pDisplayInfo ||
            !pszDN)
        {
            hr = E_INVALIDARG;
            break;
        }

        // Get a pointer to the object entry for readability
        PCWSTR pszCommandLineObjectType = pEntry->pszCommandLineObjectType;

        // NTRAID#NTBUG9-765440-2003/01/17-ronmart-dsget user/group -qlimit -qused 
        //                                         not returning values 
        PCWSTR pszAttrName = NULL;

        DSGET_COMMAND_ENUM ePart;

        if(0 == _wcsicmp(pszCommandLineObjectType, g_pszUser))
        {
            ePart = eUserPart;

            // NTRAID#NTBUG9-765440-2003/01/17-ronmart-dsget user/group -qlimit
            //                                      -qused not returning values 
            if(0 == _wcsicmp(pDisplayInfo->GetDisplayName(), g_pszArg1UserQLimit))
            {
                pszAttrName = g_pszAttrmsDSQuotaEffective;
            }
            else if(0 == _wcsicmp(pDisplayInfo->GetDisplayName(), g_pszArg1UserQuotaUsed))
            {
                pszAttrName = g_pszAttrmsDSQuotaUsed;
            }
            else
            {
                hr = E_INVALIDARG;
                DEBUG_OUTPUT(FULL_LOGGING, 
                    L"Unable to determine quota attribute name.");
                break;
            }
        }
        else if(0 == _wcsicmp(pszCommandLineObjectType, g_pszGroup))
        {
            ePart = eGroupPart;

            // NTRAID#NTBUG9-765440-2003/01/17-ronmart-dsget user/group -qlimit
            //                                      -qused not returning values 
            if(0 == _wcsicmp(pDisplayInfo->GetDisplayName(), g_pszArg1GroupQLimit))
            {
                pszAttrName = g_pszAttrmsDSQuotaEffective;
            }
            else if(0 == _wcsicmp(pDisplayInfo->GetDisplayName(), g_pszArg1GroupQuotaUsed))
            {
                pszAttrName = g_pszAttrmsDSQuotaUsed;
            }
            else
            {
                hr = E_INVALIDARG;
                DEBUG_OUTPUT(FULL_LOGGING, 
                    L"Unable to determine quota attribute name.");
                break;
            }


        }
        else if(0 == _wcsicmp(pszCommandLineObjectType, g_pszComputer))
        {
            ePart = eComputerPart;

            // NTRAID#NTBUG9-765440-2003/01/17-ronmart-dsget user/group -qlimit
            //                                      -qused not returning values 
            if(0 == _wcsicmp(pDisplayInfo->GetDisplayName(), g_pszArg1ComputerQLimit))
            {
                pszAttrName = g_pszAttrmsDSQuotaEffective;
            }
            else if(0 == _wcsicmp(pDisplayInfo->GetDisplayName(), g_pszArg1ComputerQuotaUsed))
            {
                pszAttrName = g_pszAttrmsDSQuotaUsed;
            }
            else
            {
                hr = E_INVALIDARG;
                DEBUG_OUTPUT(FULL_LOGGING, 
                    L"Unable to determine quota attribute name.");
                break;
            }

        }
        else
        {
            hr = E_INVALIDARG;
            // TODO: This may cause a duplicate error message
            DisplayErrorMessage(g_pszDSCommandName,
                pszDN,
                hr,
                IDS_ERRMSG_PART_MISSING);
            break;
        }

        // Validate the partition and get the quotas container DN
        hr = GetQuotaContainerDN(refBasePathsInfo, refCredentialObject, 
            pRecord[ePart].strValue, &pszPartitionDN);

        if(FAILED(hr))
        {
            // TODO: This may cause a duplicate error message
            DisplayErrorMessage(g_pszDSCommandName,
                pRecord[ePart].strValue,
                hr,
                IDS_ERRMSG_INVALID_PART);
            break;
        }

        // Get a path that accounts for -domain or -server
        CComBSTR sbstrObjectPath;
        refBasePathsInfo.ComposePathFromDN(pszPartitionDN, sbstrObjectPath,
            DSCMD_LDAP_PROVIDER);

        // Build a variant array of the value to look up
        CComVariant varArrayQuotaParams;
        LPWSTR pszAttrs[] = { (LPWSTR) pszAttrName };
        DWORD dwNumber = 1;
        hr = ADsBuildVarArrayStr( pszAttrs, dwNumber, &varArrayQuotaParams );
        if(FAILED(hr))
        {
            break;
        }

        CComPtr<IADs> spADsContainer;
        CComPtr<IADsObjectOptions> spADsObjectOptions;

        // Get the SID from the DN
        hr = GetDNSid(pszDN,
            refBasePathsInfo,
            refCredentialObject,
            &pSid);

        if(FAILED(hr))
        {
            break;
        }

        if(!ConvertSidToStringSid(pSid, &lpszSid))
        {
            DEBUG_OUTPUT(MINIMAL_LOGGING,
                L"ConvertSidToStringSid failure: GetLastError = 0x%08x, %s", 
                GetLastError());
            break;
        }

        // Bind to the quotas container for the given partition
        hr = DSCmdOpenObject(refCredentialObject,
            sbstrObjectPath,
            IID_IADs,
            (void**)&spADsContainer,
            false);

        if (FAILED(hr) || (spADsContainer.p == 0))
        {
            ASSERT( !!spADsContainer );
            DEBUG_OUTPUT(MINIMAL_LOGGING,
                L"DsCmdOpenObject failure: hr = 0x%08x, %s", hr);
            break;
        }

        // Get a object options pointer
        hr = spADsContainer->QueryInterface(IID_IADsObjectOptions,
            (void**)&spADsObjectOptions);

        if (FAILED(hr) || (spADsObjectOptions.p == 0))
        {
            ASSERT( !!spADsObjectOptions );
            DEBUG_OUTPUT(MINIMAL_LOGGING,
                L"QI for IID_IADsObjectOptions failed: hr = 0x%08x, %s",
                hr);
            break;
        }

        // Quota values are obtained by setting the ADS_OPTION_QUOTA value
        // to the SID string of the trustee who you want to inquire about
        // and then calling GetInfoEx to update the property cache with
        // the computed values
        CComVariant vntSID(lpszSid);
        hr = spADsObjectOptions->SetOption(ADS_OPTION_QUOTA, vntSID);
        if(FAILED(hr)) 
        { 
            DEBUG_OUTPUT(MINIMAL_LOGGING,
                L"SetOption(ADS_OPTION_QUOTA,sid) failure: hr = 0x%08x", hr);
            break; 
        }

        // Done with the sid string, so free it
        LocalFree(lpszSid);
        lpszSid= NULL;

        // Update the property cache
        hr = spADsContainer->GetInfoEx(varArrayQuotaParams, 0);
        if (FAILED(hr))
        {
            DEBUG_OUTPUT(MINIMAL_LOGGING,
                L"GetInfoEx failure: hr = 0x%08x", hr);
            break;
        }

        // Get the requested attribute from the quota container
        CComVariant var;
        hr = spADsContainer->Get(CComBSTR(pszAttrName), &var);
        if (FAILED(hr))
        {
            DEBUG_OUTPUT(MINIMAL_LOGGING,
                L"Failed to retrieve %s: hr = 0x%x", 
                pszAttrName, hr);
            hr = E_UNEXPECTED;
            break;
        }
        // Add the value to the display info
        var.ChangeType(VT_BSTR);
        hr = pDisplayInfo->AddValue(V_BSTR(&var));
        if (FAILED(hr))
        {
            break;
        }

    } while (false);

    if(pSid)
        LocalFree(pSid);

    if(pszPartitionDN)
        LocalFree(pszPartitionDN);

    if(lpszSid)
        LocalFree(lpszSid);

    return hr;
}


HRESULT DisplayUserFromSidFunc(PCWSTR /*pszDN*/,
                                CDSCmdBasePathsInfo& refBasePathsInfo,
                                const CDSCmdCredentialObject& /*refCredentialObject*/,
                                _DSGetObjectTableEntry* /*pEntry*/,
                                ARG_RECORD* /*pRecord*/,
                                PADS_ATTR_INFO pAttrInfo,
                                CComPtr<IDirectoryObject>& /*spDirObject*/,
                                PDSGET_DISPLAY_INFO pDisplayInfo)
{
    ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayUserFromSidFunc, hr);

    LPWSTR lpszName = NULL;
    LPWSTR lpszDomain = NULL;

    do // false loop
    {
        //
        // Verify parameters
        //
        if (!pAttrInfo ||
            !pDisplayInfo)
        {
            hr = E_INVALIDARG;
            break;
        }

        if (pAttrInfo && pAttrInfo->pADsValues)
        {
            DEBUG_OUTPUT(FULL_LOGGING,
                L"Adding %d values:",
                pAttrInfo->dwNumValues);

            DWORD dwValuesAdded = 0;
            for (DWORD dwIdx = 0; dwIdx < pAttrInfo->dwNumValues; dwIdx++)
            {
                DWORD cchName = 0;
                DWORD cchDomainName = 0;
                SID_NAME_USE sUse = SidTypeInvalid;

                if(pAttrInfo->dwADsType != ADSTYPE_OCTET_STRING)
                {
                    // Wrong attribute requested in gettable.cpp
                    hr = E_INVALIDARG;
                    break;
                }

                // Call once to get the buffer sizes
                LookupAccountSid(refBasePathsInfo.GetServerName(),
                    (PSID)pAttrInfo->pADsValues[dwIdx].OctetString.lpValue, 
                    lpszName, 
                    &cchName, 
                    lpszDomain, 
                    &cchDomainName, 
                    &sUse);

                if(cchName < 1 || cchDomainName < 1)
                {
                    E_UNEXPECTED;
                    break;
                }

                lpszName = (LPWSTR) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, 
                    cchName * sizeof(WCHAR));
                if(NULL == lpszName)
                {
                    E_OUTOFMEMORY;
                    break;
                }

                lpszDomain = (LPWSTR) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, 
                    cchDomainName * sizeof(WCHAR));
                if(NULL == lpszDomain)
                {
                    E_OUTOFMEMORY;
                    break;
                }

                // Get the SAM name
                if(!LookupAccountSid(refBasePathsInfo.GetServerName(),
                    (PSID)pAttrInfo->pADsValues[dwIdx].OctetString.lpValue, 
                    lpszName, 
                    &cchName, 
                    lpszDomain, 
                    &cchDomainName, 
                    &sUse))
                {
                    E_FAIL;
                    break;
                }

                DWORD chBufSize = (cchName + cchDomainName + 2);
                LPWSTR lpszNew = (LPWSTR) HeapReAlloc(GetProcessHeap(), 0, 
                    lpszDomain, chBufSize * sizeof(WCHAR));
                if (NULL == lpszNew)
                {
                    hr = E_OUTOFMEMORY;
                    break;
                }

                lpszDomain = lpszNew;


                // Merge the domain & account name and add the value
                // to the display info
                hr = StringCchCat(lpszDomain, chBufSize, L"\\");
                if (FAILED(hr))
                {
                    break;
                }

                hr = StringCchCat(lpszDomain, chBufSize, lpszName);
                if (FAILED(hr))
                {
                    break;
                }

                hr = pDisplayInfo->AddValue(lpszDomain);
                if (FAILED(hr))
                {
                    break;
                }

                // Release and reset everything for the next iteration
                HeapFree(GetProcessHeap(), 0, lpszName);
                HeapFree(GetProcessHeap(), 0, lpszDomain);

                lpszName = NULL;
                lpszDomain = NULL;
                cchName = 0;
                cchDomainName = 0;
                sUse = SidTypeInvalid;

                dwValuesAdded++;

            }
        }
    } while (false);

    if(lpszName)
        HeapFree(GetProcessHeap(), 0, lpszName);

    if(lpszDomain)
        HeapFree(GetProcessHeap(), 0, lpszDomain);

    return hr;
}

HRESULT CommonDisplayStringFunc(PCWSTR /*pszDN*/,
                                CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                                const CDSCmdCredentialObject& /*refCredentialObject*/,
                                _DSGetObjectTableEntry* pEntry,
                                ARG_RECORD* pRecord,
                                PADS_ATTR_INFO pAttrInfo,
                                CComPtr<IDirectoryObject>& /*spDirObject*/,
                                PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, CommonDisplayStringFunc, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pRecord ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pRecord);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      if (pAttrInfo && pAttrInfo->pADsValues)
      {
         DEBUG_OUTPUT(FULL_LOGGING,
                      L"Adding %d values:",
                      pAttrInfo->dwNumValues);


         DWORD dwValuesAdded = 0;
         for (DWORD dwIdx = 0; dwIdx < pAttrInfo->dwNumValues; dwIdx++)
         {
            WCHAR* pBuffer = 0;

            hr = GetStringFromADs(&(pAttrInfo->pADsValues[dwIdx]),
                                  pAttrInfo->dwADsType,
                                  &pBuffer, 
                                  pAttrInfo->pszAttrName);
            if (SUCCEEDED(hr))
            {
               hr = pDisplayInfo->AddValue(pBuffer);
               if (FAILED(hr))
               {
                  delete[] pBuffer;
                  pBuffer = NULL;
                  break;
               }
               delete[] pBuffer;
               pBuffer = NULL;

               dwValuesAdded++;
            }
         }
      }

   } while (false);

   return hr;
}


HRESULT DisplayCanChangePassword(PCWSTR pszDN,
                                 CDSCmdBasePathsInfo& refBasePathsInfo,
                                 const CDSCmdCredentialObject& refCredentialObject,
                                 _DSGetObjectTableEntry* pEntry,
                                 ARG_RECORD* pRecord,
                                 PADS_ATTR_INFO /*pAttrInfo*/,
                                 CComPtr<IDirectoryObject>& /*spDirObject*/,
                                 PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayCanChangePassword, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pszDN ||
          !pEntry ||
          !pRecord ||
          !pDisplayInfo)
      {
         ASSERT(pszDN);
         ASSERT(pEntry);
         ASSERT(pRecord);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      bool bCanChangePassword = false;
      hr = EvaluateCanChangePasswordAces(pszDN,
                                         refBasePathsInfo,
                                         refCredentialObject,
                                         bCanChangePassword);
      if (FAILED(hr))
      {
         break;
      }

      DEBUG_OUTPUT(LEVEL8_LOGGING, 
                   L"Can change password: %s", 
                   bCanChangePassword ? g_pszYes : g_pszNo);

      hr = pDisplayInfo->AddValue(bCanChangePassword ? g_pszYes : g_pszNo);

   } while (false);

   return hr;
}

HRESULT DisplayMustChangePassword(PCWSTR /*pszDN*/,
                                  CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                                  const CDSCmdCredentialObject& /*refCredentialObject*/,
                                  _DSGetObjectTableEntry* pEntry,
                                  ARG_RECORD* pRecord,
                                  PADS_ATTR_INFO pAttrInfo,
                                  CComPtr<IDirectoryObject>& /*spDirObject*/,
                                  PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayMustChangePassword, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pRecord ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pRecord);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      if (pAttrInfo->pADsValues && pAttrInfo->dwADsType == ADSTYPE_LARGE_INTEGER)
      {
         DEBUG_OUTPUT(FULL_LOGGING,
                      L"Adding %d values:",
                      pAttrInfo->dwNumValues);

         bool bMustChangePassword = false;

         if (pAttrInfo->pADsValues->LargeInteger.HighPart == 0 &&
             pAttrInfo->pADsValues->LargeInteger.LowPart  == 0)
         {
            bMustChangePassword = true;
         }
         DEBUG_OUTPUT(LEVEL8_LOGGING, 
                      L"Must change password: %s", 
                      bMustChangePassword ? g_pszYes : g_pszNo);

         hr = pDisplayInfo->AddValue(bMustChangePassword ? g_pszYes : g_pszNo);
      }

   } while (false);

   return hr;
}


HRESULT DisplayAccountDisabled(PCWSTR /*pszDN*/,
                               CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                               const CDSCmdCredentialObject& /*refCredentialObject*/,
                               _DSGetObjectTableEntry* pEntry,
                               ARG_RECORD* pRecord,
                               PADS_ATTR_INFO pAttrInfo,
                               CComPtr<IDirectoryObject>& /*spDirObject*/,
                               PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayAccountDisabled, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pRecord ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pRecord);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      if (pAttrInfo->pADsValues && pAttrInfo->dwADsType == ADSTYPE_INTEGER)
      {
         DEBUG_OUTPUT(FULL_LOGGING,
                      L"Adding %d values:",
                      pAttrInfo->dwNumValues);

         bool bAccountDisabled = false;

         if (pAttrInfo->pADsValues->Integer & UF_ACCOUNTDISABLE)
         {
            bAccountDisabled = true;
         }
         DEBUG_OUTPUT(LEVEL8_LOGGING, 
                      L"Account disabled: %s", 
                      bAccountDisabled ? g_pszYes : g_pszNo);

         hr = pDisplayInfo->AddValue(bAccountDisabled ? g_pszYes : g_pszNo);
      }

   } while (false);

   return hr;
}

HRESULT DisplayPasswordNeverExpires(PCWSTR /*pszDN*/,
                                    CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                                    const CDSCmdCredentialObject& /*refCredentialObject*/,
                                    _DSGetObjectTableEntry* pEntry,
                                    ARG_RECORD* pRecord,
                                    PADS_ATTR_INFO pAttrInfo,
                                    CComPtr<IDirectoryObject>& /*spDirObject*/,
                                    PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayPasswordNeverExpires, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pRecord ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pRecord);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      if (pAttrInfo->pADsValues && pAttrInfo->dwADsType == ADSTYPE_INTEGER)
      {
         DEBUG_OUTPUT(FULL_LOGGING,
                      L"Adding %d values:",
                      pAttrInfo->dwNumValues);

         bool bPwdNeverExpires = false;

         if (pAttrInfo->pADsValues->Integer & UF_DONT_EXPIRE_PASSWD)
         {
            bPwdNeverExpires = true;
         }
         DEBUG_OUTPUT(LEVEL8_LOGGING, 
                      L"Password never expires: %s", 
                      bPwdNeverExpires ? g_pszYes : g_pszNo);

         hr = pDisplayInfo->AddValue(bPwdNeverExpires ? g_pszYes : g_pszNo);
      }

   } while (false);

   return hr;
}


HRESULT DisplayReversiblePassword(PCWSTR /*pszDN*/,
                                  CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                                  const CDSCmdCredentialObject& /*refCredentialObject*/,
                                  _DSGetObjectTableEntry* pEntry,
                                  ARG_RECORD* pRecord,
                                  PADS_ATTR_INFO pAttrInfo,
                                  CComPtr<IDirectoryObject>& /*spDirObject*/,
                                  PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayReversiblePassword, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pRecord ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pRecord);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      if (pAttrInfo->pADsValues && pAttrInfo->dwADsType == ADSTYPE_INTEGER)
      {
         DEBUG_OUTPUT(FULL_LOGGING,
                      L"Adding %d values:",
                      pAttrInfo->dwNumValues);

         bool bReversiblePwd = false;

         if (pAttrInfo->pADsValues->Integer & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED)
         {
            bReversiblePwd = true;
         }
         DEBUG_OUTPUT(LEVEL8_LOGGING, 
                      L"Password store with reversible encryption: %s", 
                      bReversiblePwd ? g_pszYes : g_pszNo);

         hr = pDisplayInfo->AddValue(bReversiblePwd ? g_pszYes : g_pszNo);
      }

   } while (false);

   return hr;
}

// Constants

const unsigned long DSCMD_FILETIMES_PER_MILLISECOND = 10000;
const DWORD DSCMD_FILETIMES_PER_SECOND = 1000 * DSCMD_FILETIMES_PER_MILLISECOND;
const DWORD DSCMD_FILETIMES_PER_MINUTE = 60 * DSCMD_FILETIMES_PER_SECOND;
const __int64 DSCMD_FILETIMES_PER_HOUR = 60 * (__int64)DSCMD_FILETIMES_PER_MINUTE;
const __int64 DSCMD_FILETIMES_PER_DAY  = 24 * DSCMD_FILETIMES_PER_HOUR;
const __int64 DSCMD_FILETIMES_PER_MONTH= 30 * DSCMD_FILETIMES_PER_DAY;

HRESULT DisplayAccountExpires(PCWSTR /*pszDN*/,
                              CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                              const CDSCmdCredentialObject& /*refCredentialObject*/,
                              _DSGetObjectTableEntry* pEntry,
                              ARG_RECORD* pRecord,
                              PADS_ATTR_INFO pAttrInfo,
                              CComPtr<IDirectoryObject>& /*spDirObject*/,
                              PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayAccountExpires, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pRecord ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pRecord);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      if (pAttrInfo && pAttrInfo->pADsValues)
      {
         DEBUG_OUTPUT(FULL_LOGGING,
                      L"Adding %d values:",
                      pAttrInfo->dwNumValues);


         DWORD dwValuesAdded = 0;
         for (DWORD dwIdx = 0; dwIdx < pAttrInfo->dwNumValues; dwIdx++)
         {
            WCHAR* pBuffer = new WCHAR[MAXSTR+1];
            if (!pBuffer)
            {
               hr = E_OUTOFMEMORY;
               break;
            }
            ZeroMemory(pBuffer, (MAXSTR+1) * sizeof(WCHAR));
            if (pAttrInfo->pADsValues[dwIdx].LargeInteger.QuadPart == 0 ||
                pAttrInfo->pADsValues[dwIdx].LargeInteger.QuadPart == -1 ||
                pAttrInfo->pADsValues[dwIdx].LargeInteger.QuadPart == 0x7FFFFFFFFFFFFFFF)
            {
			   //Security Review: if g_pszNever is greater or equal to MAXSTR,
			   //buffer is not null terminated.Bug 574385
               wcsncpy(pBuffer, g_pszNever, MAXSTR); //Change pBuffer size to MAXSTR+1, yanggao
               hr = pDisplayInfo->AddValue(pBuffer);
               if (FAILED(hr))
               {
                  delete[] pBuffer;
                  pBuffer = NULL;
                  break;
               }
               dwValuesAdded++;
            }
            else
            {
               FILETIME ftGMT;     // GMT filetime
               FILETIME ftLocal;   // Local filetime
               SYSTEMTIME st;
               SYSTEMTIME stGMT;

               ZeroMemory(&ftGMT, sizeof(FILETIME));
               ZeroMemory(&ftLocal, sizeof(FILETIME));
               ZeroMemory(&st, sizeof(SYSTEMTIME));
               ZeroMemory(&stGMT, sizeof(SYSTEMTIME));

               //Get Local Time in SYSTEMTIME format
               ftGMT.dwLowDateTime = pAttrInfo->pADsValues[dwIdx].LargeInteger.LowPart;
               ftGMT.dwHighDateTime = pAttrInfo->pADsValues[dwIdx].LargeInteger.HighPart;
               FileTimeToSystemTime(&ftGMT, &stGMT);
               SystemTimeToTzSpecificLocalTime(NULL, &stGMT,&st);

               //For Display Purpose reduce one day
               SystemTimeToFileTime(&st, &ftLocal );
               pAttrInfo->pADsValues[dwIdx].LargeInteger.LowPart = ftLocal.dwLowDateTime;
               pAttrInfo->pADsValues[dwIdx].LargeInteger.HighPart = ftLocal.dwHighDateTime;
               pAttrInfo->pADsValues[dwIdx].LargeInteger.QuadPart -= DSCMD_FILETIMES_PER_DAY;
               ftLocal.dwLowDateTime = pAttrInfo->pADsValues[dwIdx].LargeInteger.LowPart;
               ftLocal.dwHighDateTime = pAttrInfo->pADsValues[dwIdx].LargeInteger.HighPart;
               FileTimeToSystemTime(&ftLocal, &st);

               // Format the string with respect to locale
               if (!GetDateFormat(LOCALE_USER_DEFAULT, 0 , 
                                  &st, NULL, 
                                  pBuffer, MAXSTR))
               {
                  hr = GetLastError();
                  DEBUG_OUTPUT(LEVEL5_LOGGING, 
                               L"Failed to locale string for date: hr = 0x%x",
                               hr);
               }
               else
               {
                  hr = pDisplayInfo->AddValue(pBuffer);
                  if (FAILED(hr))
                  {
                     delete[] pBuffer;
                     pBuffer = NULL;
                     break;
                  }
                  dwValuesAdded++;
               }
            }
            delete[] pBuffer;
            pBuffer = NULL;

         }
      }

   } while (false);

   return hr;
}

HRESULT DisplayGroupScope(PCWSTR /*pszDN*/,
                          CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                          const CDSCmdCredentialObject& /*refCredentialObject*/,
                          _DSGetObjectTableEntry* pEntry,
                          ARG_RECORD* pRecord,
                          PADS_ATTR_INFO pAttrInfo,
                          CComPtr<IDirectoryObject>& /*spDirObject*/,
                          PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayGroupScope, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pRecord ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pRecord);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      if (pAttrInfo->pADsValues && pAttrInfo->dwADsType == ADSTYPE_INTEGER)
      {
         DEBUG_OUTPUT(FULL_LOGGING,
                      L"Adding %d values:",
                      pAttrInfo->dwNumValues);

         if (pAttrInfo->pADsValues->Integer & GROUP_TYPE_RESOURCE_GROUP)
         {
            //
            // Display Domain Local
            //
            DEBUG_OUTPUT(LEVEL8_LOGGING, 
                         L"Group scope: domain local");

            hr = pDisplayInfo->AddValue(L"domain local");
         }
         else if (pAttrInfo->pADsValues->Integer & GROUP_TYPE_ACCOUNT_GROUP)
         {
            //
            // Display Global
            //
            DEBUG_OUTPUT(LEVEL8_LOGGING, 
                         L"Group scope: global");

            hr = pDisplayInfo->AddValue(L"global");
         }
         else if (pAttrInfo->pADsValues->Integer & GROUP_TYPE_UNIVERSAL_GROUP)
         {
            //
            // Display Universal
            //
            DEBUG_OUTPUT(LEVEL8_LOGGING, 
                         L"Group scope: universal");

            hr = pDisplayInfo->AddValue(L"universal");
         }
         else if (pAttrInfo->pADsValues->Integer & GROUP_TYPE_APP_BASIC_GROUP)
         {
            //
            // AZ basic group
            //
            DEBUG_OUTPUT(LEVEL8_LOGGING,
                         L"Group scope: app basic group");

            CComBSTR sbstrBasicGroup;
            bool result = sbstrBasicGroup.LoadString(::GetModuleHandle(NULL), IDS_APP_BASIC_GROUP);
            ASSERT(result);

            hr = pDisplayInfo->AddValue(sbstrBasicGroup);
         }
         else if (pAttrInfo->pADsValues->Integer & GROUP_TYPE_APP_QUERY_GROUP)
         {
            //
            // AZ basic group
            //
            DEBUG_OUTPUT(LEVEL8_LOGGING,
                         L"Group scope: app query group");

            CComBSTR sbstrQueryGroup;
            bool result = sbstrQueryGroup.LoadString(::GetModuleHandle(NULL), IDS_APP_QUERY_GROUP);
            ASSERT(result);

            hr = pDisplayInfo->AddValue(sbstrQueryGroup);
         }
         else
         {
            //
            // Unknown group type???
            //
            DEBUG_OUTPUT(LEVEL8_LOGGING, 
                         L"Group scope: unknown???");

            hr = pDisplayInfo->AddValue(L"unknown");
         }

      }

   } while (false);

   return hr;
}

HRESULT DisplayGroupSecurityEnabled(PCWSTR /*pszDN*/,
                                    CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                                    const CDSCmdCredentialObject& /*refCredentialObject*/,
                                    _DSGetObjectTableEntry* pEntry,
                                    ARG_RECORD* pRecord,
                                    PADS_ATTR_INFO pAttrInfo,
                                    CComPtr<IDirectoryObject>& /*spDirObject*/,
                                    PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayGroupSecurityEnabled, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pRecord ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pRecord);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      if (pAttrInfo->pADsValues && pAttrInfo->dwADsType == ADSTYPE_INTEGER)
      {
         DEBUG_OUTPUT(FULL_LOGGING,
                      L"Adding %d value:",
                      1);

         bool bSecurityEnabled = false;

         if (pAttrInfo->pADsValues->Integer & GROUP_TYPE_SECURITY_ENABLED)
         {
            bSecurityEnabled = true;
         }
         DEBUG_OUTPUT(LEVEL8_LOGGING, 
                      L"Group security enabled: %s", 
                      bSecurityEnabled ? g_pszYes : g_pszNo);

         hr = pDisplayInfo->AddValue(bSecurityEnabled ? g_pszYes : g_pszNo);
      }

   } while (false);

   return hr;
}

//+--------------------------------------------------------------------------
//
//  Function:   ConvertRIDtoDN
//
//  Synopsis:   Finds the DN for the group associated with the primary group ID
//
//  Arguments:  [pObjSID IN]           : SID of the object in question
//              [priGroupRID IN]       : primary group ID of the group to be found
//              [refBasePathsInfo IN]  : reference to base paths info
//              [refCredObject IN]     : reference to the credential manager object
//              [refsbstrdN OUT]       : DN of the group
//
//  Returns:    S_OK if everthing succeeds and a group was found
//              S_FALSE if everthing succeeds but no group was found
//              E_INVALIDARG is an argument is incorrect
//              Anything else was a result of a failed ADSI call
//
//  History:    24-Oct-2000   JeffJon   Created
//
//---------------------------------------------------------------------------
HRESULT ConvertRIDtoDN(PSID pObjSID,
                       DWORD priGroupRID, 
                       CDSCmdBasePathsInfo& refBasePathsInfo,
                       const CDSCmdCredentialObject& refCredObject,
                       CComBSTR& refsbstrDN)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, ConvertRIDtoDN, hr);

   //
   // This needs to be cleaned up no matter how we exit the false loop
   //
   PWSTR pszSearchFilter = NULL;

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pObjSID ||
          !priGroupRID)
      {
         ASSERT(pObjSID);
         ASSERT(priGroupRID);
         hr = E_INVALIDARG;
         break;
      }

      UCHAR * psaCount, i;
      PSID pSID = NULL;
      PSID_IDENTIFIER_AUTHORITY psia;
      DWORD rgRid[8];

      psaCount = GetSidSubAuthorityCount(pObjSID);

      if (psaCount == NULL)
      {
         DWORD _dwErr = GetLastError();	     
         hr = HRESULT_FROM_WIN32( _dwErr );
         DEBUG_OUTPUT(MINIMAL_LOGGING, 
                      L"GetSidSubAuthorityCount failed: hr = 0x%x",
                      hr);
         break;
      }

      if (*psaCount > 8)
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"The count returned from GetSidSubAuthorityCount was too high: %d",
                      *psaCount);
         hr = E_FAIL;
         break;
      }

      for (i = 0; i < (*psaCount - 1); i++)
      {
         PDWORD pRid = GetSidSubAuthority(pObjSID, (DWORD)i);
         if (pRid == NULL)
         {
            DWORD _dwErr = GetLastError();	     
            hr = HRESULT_FROM_WIN32( _dwErr );
            DEBUG_OUTPUT(MINIMAL_LOGGING,
                         L"GetSidSubAuthority for index %i failed: hr = 0x%x",
                         i,
                         hr);
            break;
         }
         rgRid[i] = *pRid;
      }

      if (FAILED(hr))
      {
         break;
      }

      rgRid[*psaCount - 1] = priGroupRID;
      for (i = *psaCount; i < 8; i++)
      {
         rgRid[i] = 0;
      }

      psia = GetSidIdentifierAuthority(pObjSID);
      if (psia == NULL)
      {
         DWORD _dwErr = GetLastError();	     
         hr = HRESULT_FROM_WIN32( _dwErr );
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"GetSidIdentifierAuthority failed: hr = 0x%x",
                      hr);
         break; 
      }

	  //Security Review:This is fine.
      if (!AllocateAndInitializeSid(psia, *psaCount, rgRid[0], rgRid[1],
                               rgRid[2], rgRid[3], rgRid[4],
                               rgRid[5], rgRid[6], rgRid[7], &pSID))
      {
         DWORD _dwErr = GetLastError();	     
         hr = HRESULT_FROM_WIN32( _dwErr );
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"AllocateAndInitializeSid failed: hr = 0x%x",
                      hr);
         break;
      }

      PWSTR rgpwzAttrNames[] = { L"ADsPath" };
      const WCHAR wzSearchFormat[] = L"(&(objectCategory=group)(objectSid=%1))";
      PWSTR pwzSID;

      hr = ADsEncodeBinaryData((PBYTE)pSID, GetLengthSid(pSID), &pwzSID);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"ADsEncodeBinaryData failed: hr = 0x%x",
                      hr);
         break;
      }

      PVOID apv[1] = { pwzSID };

      // generate the filter
      DWORD characterCount = 
         FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER
                        | FORMAT_MESSAGE_FROM_STRING
                        | FORMAT_MESSAGE_ARGUMENT_ARRAY,
                       wzSearchFormat,
                       0,
                       MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
                       (PTSTR)&pszSearchFilter, 
                       0, 
                       (va_list*)apv);

      FreeADsMem(pwzSID);

      if (!characterCount)
      {
         DWORD error = ::GetLastError();
         hr = HRESULT_FROM_WIN32(error);
 
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"FormatMessage failed to build filter string: hr = 0x%x",
                      hr);
         break;
      }

      DEBUG_OUTPUT(FULL_LOGGING,
                   L"Query filter = %s",
                   pszSearchFilter);
      //
      // Get the domain path
      //
      CComBSTR sbstrDomainDN;
      sbstrDomainDN = refBasePathsInfo.GetDefaultNamingContext();

      CComBSTR sbstrDomainPath;
      refBasePathsInfo.ComposePathFromDN(sbstrDomainDN, sbstrDomainPath);

      //
      // Get an IDirectorySearch interface to the domain
      //
      CComPtr<IDirectorySearch> spDirSearch;
      hr = DSCmdOpenObject(refCredObject,
                           sbstrDomainPath,
                           IID_IDirectorySearch,
                           (void**)&spDirSearch,
                           true);
      if (FAILED(hr))
      {
         break;
      }

      CDSSearch Search;
      hr = Search.Init(spDirSearch);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"Failed to initialize the search object: hr = 0x%x",
                      hr);
         break;
      }

      Search.SetFilterString(pszSearchFilter);

      Search.SetAttributeList(rgpwzAttrNames, 1);
      Search.SetSearchScope(ADS_SCOPE_SUBTREE);

      hr = Search.DoQuery();
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"Failed to run search: hr = 0x%x",
                      hr);
         break;
      }

      hr = Search.GetNextRow();
      if (hr == S_ADS_NOMORE_ROWS)
      {
         DEBUG_OUTPUT(LEVEL5_LOGGING,
                      L"No group was found with primaryGroupID = %d",
                      priGroupRID);
         //
         // No object has a matching RID, the primary group must have been
         // deleted. Return S_FALSE to denote this condition.
         //
         hr = S_FALSE;
         break;
      }

      if (FAILED(hr))
      {
         break;
      }

      ADS_SEARCH_COLUMN Column;
      hr = Search.GetColumn(L"ADsPath", &Column);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"Failed to get the path column: hr = 0x%x",
                      hr);
         break;
      }

      if (!Column.pADsValues->CaseIgnoreString)
      {
         hr = E_FAIL;
         break;
      }

      refsbstrDN = Column.pADsValues->CaseIgnoreString;
      Search.FreeColumn(&Column);
   } while (false);

   //
   // Cleanup
   //
   if (pszSearchFilter)
   {
      LocalFree(pszSearchFilter);
      pszSearchFilter = NULL;
   }

   return hr;
}


//+--------------------------------------------------------------------------
//
//  Function:   AddMembershipValues
//
//  Synopsis:   Retrieves the DNs of the objects to which the current object
//              is a member
//
//  Arguments:  [pszDN IN]                : DN of object to retrieve member of
//              [refBasePathsInfo IN]     : reference to Base paths info object
//              [refCredentialObject IN]  : reference to Credential management object
//              [pDisplayInfo IN/OUT]     : Pointer to display info for this attribute
//              [bMemberOf IN]            : Should we look for memberOf or members
//              [bRecurse IN]             : Should we find the membership for each object returned
//
//  Returns:    S_OK if everthing succeeds
//              E_INVALIDARG is an argument is incorrect
//              Anything else was a result of a failed ADSI call
//
//  History:    24-Oct-2000   JeffJon   Created
//
//---------------------------------------------------------------------------
HRESULT AddMembershipValues(PCWSTR pszDN,
                            CDSCmdBasePathsInfo& refBasePathsInfo,
                            const CDSCmdCredentialObject& refCredentialObject,
                            PDSGET_DISPLAY_INFO pDisplayInfo,
                            bool bMemberOf = true,
                            bool bRecurse = false)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, AddMembershipValues, hr);

   //
   // These are declared here so that we can free them if we break out of the false loop
   //
   PADS_ATTR_INFO pAttrInfo = NULL;
   PADS_ATTR_INFO pGCAttrInfo = NULL;
   PSID pObjSID = NULL;

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pszDN ||
          !pDisplayInfo)
      {
         ASSERT(pszDN);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      CManagedStringList groupsDisplayed;
      CManagedStringList membersToDisplay;

      membersToDisplay.Add(pszDN);

      CManagedStringEntry* pCurrent = membersToDisplay.Pop();
      while (pCurrent)
      {
         //
         // We have to open the object
         //

         CComPtr<IDirectoryObject> spDirObject;
         CComBSTR sbstrPath;
         refBasePathsInfo.ComposePathFromDN(pCurrent->sbstrValue, sbstrPath);

         hr = DSCmdOpenObject(refCredentialObject,
                              sbstrPath,
                              IID_IDirectoryObject,
                              (void**)&spDirObject,
                              true);
         if (FAILED(hr))
         {
            if (pCurrent)
            {
               delete pCurrent;
               pCurrent = 0;
            }
            pCurrent = membersToDisplay.Pop();
            continue;
         }

         CComBSTR sbstrClass;
         CComPtr<IADs> spIADs;
         hr = spDirObject->QueryInterface(IID_IADs, (void**)&spIADs);
         if (FAILED(hr))
         {
            if (pCurrent)
            {
               delete pCurrent;
               pCurrent = 0;
            }
            pCurrent = membersToDisplay.Pop();
            continue;
         }
      
         hr = spIADs->get_Class(&sbstrClass);
         if (FAILED(hr))
         {
            if (pCurrent)
            {
               delete pCurrent;
               pCurrent = 0;
            }
            pCurrent = membersToDisplay.Pop();
            continue;
         }

         //
         // Read the memberOf attribute and any attributes we need for that specific class
         //
		 //This is fine. Both are null terminated.
         if (_wcsicmp(sbstrClass, g_pszUser) == 0 ||
             _wcsicmp(sbstrClass, g_pszComputer) == 0)
         {
            if (!bMemberOf)
            {
               // Don't want to show memberOf info if we are looking for members

               if (pCurrent)
               {
                  delete pCurrent;
                  pCurrent = 0;
               }
               pCurrent = membersToDisplay.Pop();
               continue;
            }

            DEBUG_OUTPUT(FULL_LOGGING, L"Displaying membership for a user or computer");

            static const DWORD dwAttrCount = 3;
            PWSTR ppszAttrNames[] = { L"memberOf", L"primaryGroupID", L"objectSID" };
            DWORD dwAttrsReturned = 0;

            hr = spDirObject->GetObjectAttributes(ppszAttrNames,
                                                  dwAttrCount,
                                                  &pAttrInfo,
                                                  &dwAttrsReturned);
            if (FAILED(hr))
            {
               DEBUG_OUTPUT(MINIMAL_LOGGING,
                            L"GetObjectAttributes failed for class %s: hr = 0x%x",
                            sbstrClass,
                            hr);

               if (pCurrent)
               {
                  delete pCurrent;
                  pCurrent = 0;
               }
               pCurrent = membersToDisplay.Pop();
               continue;
            }

            if (pAttrInfo && dwAttrsReturned)
            {
               DWORD priGroupRID = 0;

               //
               // For each attribute returned do the appropriate thing
               //
               for (DWORD dwIdx = 0; dwIdx < dwAttrsReturned; dwIdx++)
               {
				  //Security Review:This is fine.
                  if (_wcsicmp(pAttrInfo[dwIdx].pszAttrName, L"memberOf") == 0)
                  {
                     //
                     // Add each value and recurse if necessary
                     //
                     for (DWORD dwValueIdx = 0; dwValueIdx < pAttrInfo[dwIdx].dwNumValues; dwValueIdx++)
                     {
                        if (pAttrInfo[dwIdx].pADsValues &&
                            pAttrInfo[dwIdx].pADsValues[dwValueIdx].DNString)
                        {
                           if (!groupsDisplayed.Contains(pAttrInfo[dwIdx].pADsValues[dwValueIdx].DNString))
                           {
                              DEBUG_OUTPUT(LEVEL8_LOGGING, 
                                           L"Adding group to display: %s",
                                           pAttrInfo[dwIdx].pADsValues[dwValueIdx].DNString);

                              groupsDisplayed.Add(pAttrInfo[dwIdx].pADsValues[dwValueIdx].DNString);
                              hr = pDisplayInfo->AddValue(GetQuotedDN(pAttrInfo[dwIdx].pADsValues[dwValueIdx].DNString));
                              if (FAILED(hr))
                              {
                                 break; // value for loop
                              }
                        
                              if (bRecurse)
                              {
                                 DEBUG_OUTPUT(LEVEL8_LOGGING,
                                              L"Adding group for recursion: %s",
                                              pAttrInfo[dwIdx].pADsValues[dwValueIdx].DNString);

                                 membersToDisplay.Add(pAttrInfo[dwIdx].pADsValues[dwValueIdx].DNString);
                              }
                           }
                        }
                     }

                     if (FAILED(hr))
                     {
                        break; // attrs for loop
                     }
                  }
				  //Security Review:Both are null terminated.
                  else if (_wcsicmp(pAttrInfo[dwIdx].pszAttrName, L"primaryGroupID") == 0)
                  {
                     if (pAttrInfo[dwIdx].pADsValues)
                     {
                        priGroupRID = pAttrInfo[dwIdx].pADsValues->Integer;
                     }
                  }
				  //Security Review:Both are null terminated.
                  else if (_wcsicmp(pAttrInfo[dwIdx].pszAttrName, L"objectSID") == 0)
                  {
                     pObjSID = new BYTE[pAttrInfo[dwIdx].pADsValues->OctetString.dwLength];
                     if (!pObjSID)
                     {
                        hr = E_OUTOFMEMORY;
                        break; // attrs for loop
                     }
					 //Security Review:This is fine.
                     memcpy(pObjSID, pAttrInfo[dwIdx].pADsValues->OctetString.lpValue,
                            pAttrInfo[dwIdx].pADsValues->OctetString.dwLength);
                  }

               } // attrs for loop

               //
               // if we were able to retrieve the SID and the primaryGroupID,
               // then convert that into the DN of the group
               //
               if (pObjSID &&
                   priGroupRID)
               {
                  CComBSTR sbstrPath;
                  hr = ConvertRIDtoDN(pObjSID,
                                      priGroupRID, 
                                      refBasePathsInfo,
                                      refCredentialObject,
                                      sbstrPath);
                  if (SUCCEEDED(hr) &&
                      hr != S_FALSE)
                  {
                     CComBSTR sbstrDN;

                     hr = CPathCracker::GetDNFromPath(sbstrPath, sbstrDN);
                     if (SUCCEEDED(hr))
                     {
                        if (!groupsDisplayed.Contains(sbstrDN))
                        {
                           groupsDisplayed.Add(sbstrDN);
                           hr = pDisplayInfo->AddValue(GetQuotedDN(sbstrDN));
                           if (SUCCEEDED(hr) && bRecurse)
                           {
                              membersToDisplay.Add(sbstrDN);
                           }
                        }
                     }
                  }

                  if (pObjSID)
                  {
                     delete[] pObjSID;
                     pObjSID = 0;
                  }
               }
            }
            if (pAttrInfo)
            {
               FreeADsMem(pAttrInfo);
               pAttrInfo = NULL;
            }

            if (FAILED(hr))
            {
               if (pCurrent)
               {
                  delete pCurrent;
                  pCurrent = 0;
               }
               pCurrent = membersToDisplay.Pop();
               continue; // while loop
            }
         }
		 //Security Review:Both are null terminated.
         else if (_wcsicmp(sbstrClass, g_pszGroup) == 0)
         {
            long lGroupType = 0;
            hr = ReadGroupType(pszDN,
                               refBasePathsInfo,
                               refCredentialObject,
                               &lGroupType);
            if (FAILED(hr))
            {
               DEBUG_OUTPUT(MINIMAL_LOGGING,
                            L"Could not read group type: hr = 0x%x",
                            hr);

               // Continue on even if we failed to read the group type
               // The worst thing we do is query the GC for memberOf
            }

            //
            // All we want to do is get the memberOf attribute
            //
            DWORD dwAttrCount = 1;
            PWSTR ppszAttrNames[1];
            ppszAttrNames[0] = (bMemberOf) ? L"memberOf" : L"member";

            DWORD dwGCAttrsReturned = 0;
            if (!(lGroupType & GROUP_TYPE_RESOURCE_GROUP))
            {
               //
               // We also have to get its memberOf attribute from the GC if its not a local group
               //
               CComBSTR sbstrGCPath;
               refBasePathsInfo.ComposePathFromDN(pszDN,
                                                  sbstrGCPath,
                                                  DSCMD_GC_PROVIDER);
            
               //
               // Note: we will continue on as long as we succeed
               //
               CComPtr<IDirectoryObject> spGCDirObject;
               hr = DSCmdOpenObject(refCredentialObject,
                                    sbstrGCPath,
                                    IID_IDirectoryObject,
                                    (void**)&spGCDirObject,
                                    false);
               if (SUCCEEDED(hr))
               {
                  //
                  // Now get the memberOf attribute
                  //
                  hr = spGCDirObject->GetObjectAttributes(ppszAttrNames,
                                                          dwAttrCount,
                                                          &pGCAttrInfo,
                                                          &dwGCAttrsReturned);
                  if (FAILED(hr))
                  {
                     DEBUG_OUTPUT(LEVEL3_LOGGING,
                                  L"Could not retrieve memberOf attribute from GC: hr = 0x%x",
                                  hr);
                     hr = S_OK;
                  }
               }
               else
               {
                  DEBUG_OUTPUT(LEVEL3_LOGGING,
                               L"Could not bind to object in GC: hr = 0x%x",
                               hr);
                  hr = S_OK;
               }
            }

            DWORD dwAttrsReturned = 0;

            hr = spDirObject->GetObjectAttributes(ppszAttrNames,
                                                  dwAttrCount,
                                                  &pAttrInfo,
                                                  &dwAttrsReturned);
            if (FAILED(hr))
            {
               DEBUG_OUTPUT(MINIMAL_LOGGING,
                            L"GetObjectAttributes failed for class %s: hr = 0x%x",
                            sbstrClass,
                            hr);

               if (pCurrent)
               {
                  delete pCurrent;
                  pCurrent = 0;
               }
               pCurrent = membersToDisplay.Pop();
               continue;
            }

            if (pAttrInfo && dwAttrsReturned)
            {
               bool bFirstPass = true;

               ASSERT(pAttrInfo);
               ASSERT(pAttrInfo->dwNumValues);
               ASSERT(dwAttrsReturned == 1);

               //
               // Add each value and recurse if necessary
               //
               for (DWORD dwValueIdx = 0; dwValueIdx < pAttrInfo->dwNumValues; dwValueIdx++)
               {
                  bool bExistsInGCList = false;

                  if (pAttrInfo->pADsValues &&
                      pAttrInfo->pADsValues[dwValueIdx].DNString)
                  {
                     if (pGCAttrInfo && dwGCAttrsReturned)
                     {
                        //
                        // Only add if it wasn't in the GC list
                        //
                        for (DWORD dwGCValueIdx = 0; dwGCValueIdx < pGCAttrInfo->dwNumValues; dwGCValueIdx++)
                        {
                           if (_wcsicmp(pAttrInfo->pADsValues[dwValueIdx].DNString,
                                        pGCAttrInfo->pADsValues[dwGCValueIdx].DNString) == 0)
                           {
                              bExistsInGCList = true;
                              if (!bFirstPass)
                              {
                                 break; // gc value for
                              }
                           }

                           //
                           // Add all the GC values on the first pass and recurse if necessary
                           //
                           if (bFirstPass)
                           {
                              if (!groupsDisplayed.Contains(pGCAttrInfo->pADsValues[dwGCValueIdx].DNString))
                              {
                                 groupsDisplayed.Add(pGCAttrInfo->pADsValues[dwGCValueIdx].DNString);
                                 hr = pDisplayInfo->AddValue(GetQuotedDN(pGCAttrInfo->pADsValues[dwGCValueIdx].DNString));
                           
                                 //
                                 // We will ignore failures with the GC list
                                 //

                                 if (bRecurse)
                                 {
                                    membersToDisplay.Add(pGCAttrInfo->pADsValues[dwGCValueIdx].DNString);
                                 } 
                              }
                           }
                        }

                        bFirstPass = false;

                        FreeADsMem(pGCAttrInfo);
                        pGCAttrInfo = 0;
                     }

                     //
                     // If it doesn't exist in the GC list then add it.
                     //
                     if (!bExistsInGCList)
                     {
                        if (!groupsDisplayed.Contains(pAttrInfo->pADsValues[dwValueIdx].DNString))
                        {
                           groupsDisplayed.Add(pAttrInfo->pADsValues[dwValueIdx].DNString);
                           hr = pDisplayInfo->AddValue(GetQuotedDN(pAttrInfo->pADsValues[dwValueIdx].DNString));
                           if (FAILED(hr))
                           {
                              break; // value for loop
                           }
               
                           if (bRecurse)
                           {
                              membersToDisplay.Add(pAttrInfo->pADsValues[dwValueIdx].DNString);
                           }
                        }
                     }
                  }
               } // value for loop

               FreeADsMem(pAttrInfo);
               pAttrInfo = 0;

               if (FAILED(hr))
               {
                  if (pCurrent)
                  {
                     delete pCurrent;
                     pCurrent = 0;
                  }
                  pCurrent = membersToDisplay.Pop();
                  continue; // while loop
               }

            }

         }
         else
         {
            DEBUG_OUTPUT(MINIMAL_LOGGING, L"Unknown class type: %s", sbstrClass);
            ASSERT(false);
            hr = E_INVALIDARG;
            break;
         }

         delete pCurrent;
         pCurrent = membersToDisplay.Pop();
      }

      if (pCurrent)
      {
         delete pCurrent;
         pCurrent = 0;
      }
   } while (false);


   return hr;
}

HRESULT DisplayGroupMembers(PCWSTR pszDN,
                            CDSCmdBasePathsInfo& refBasePathsInfo,
                            const CDSCmdCredentialObject& refCredentialObject,
                            _DSGetObjectTableEntry* /*pEntry*/,
                            ARG_RECORD* pCommandArgs,
                            PADS_ATTR_INFO /*pAttrInfo*/,
                            CComPtr<IDirectoryObject>& /*spDirObject*/,
                            PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayGroupMembers, hr);
   
   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pszDN ||
          !pCommandArgs ||
          !pDisplayInfo)
      {
         ASSERT(pszDN);
         ASSERT(pCommandArgs);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      hr = AddMembershipValues(pszDN,
                               refBasePathsInfo,
                               refCredentialObject,
                               pDisplayInfo,
                               false,
                               (pCommandArgs[eGroupExpand].bDefined != 0));

   } while (false);

   return hr;
}

HRESULT DisplayUserMemberOf(PCWSTR pszDN,
                            CDSCmdBasePathsInfo& refBasePathsInfo,
                            const CDSCmdCredentialObject& refCredentialObject,
                            _DSGetObjectTableEntry* /*pEntry*/,
                            ARG_RECORD* pCommandArgs,
                            PADS_ATTR_INFO /*pAttrInfo*/,
                            CComPtr<IDirectoryObject>& /*spDirObject*/,
                            PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayUserMemberOf, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pszDN ||
          !pCommandArgs ||
          !pDisplayInfo)
      {
         ASSERT(pCommandArgs);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      hr = AddMembershipValues(pszDN,
                               refBasePathsInfo,
                               refCredentialObject,
                               pDisplayInfo,
                               true,
                               (pCommandArgs[eUserExpand].bDefined != 0));

   } while (false);

   return hr;
}

HRESULT DisplayComputerMemberOf(PCWSTR pszDN,
                                CDSCmdBasePathsInfo& refBasePathsInfo,
                                const CDSCmdCredentialObject& refCredentialObject,
                                _DSGetObjectTableEntry* /*pEntry*/,
                                ARG_RECORD* pCommandArgs,
                                PADS_ATTR_INFO /*pAttrInfo*/,
                                CComPtr<IDirectoryObject>& /*spDirObject*/,
                                PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayComputerMemberOf, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pszDN ||
          !pCommandArgs ||
          !pDisplayInfo)
      {
         ASSERT(pszDN);
         ASSERT(pCommandArgs);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      hr = AddMembershipValues(pszDN,
                               refBasePathsInfo,
                               refCredentialObject,
                               pDisplayInfo,
                               true,
                               (pCommandArgs[eComputerExpand].bDefined != 0));
   } while (false);

   return hr;
}

HRESULT DisplayGroupMemberOf(PCWSTR pszDN,
                             CDSCmdBasePathsInfo& refBasePathsInfo,
                             const CDSCmdCredentialObject& refCredentialObject,
                             _DSGetObjectTableEntry* /*pEntry*/,
                             ARG_RECORD* pCommandArgs,
                             PADS_ATTR_INFO /*pAttrInfo*/,
                             CComPtr<IDirectoryObject>& /*spDirObject*/,
                             PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayGroupMemberOf, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pszDN ||
          !pCommandArgs ||
          !pDisplayInfo)
      {
         ASSERT(pszDN);
         ASSERT(pCommandArgs);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      hr = AddMembershipValues(pszDN,
                               refBasePathsInfo,
                               refCredentialObject,
                               pDisplayInfo,
                               true,
                               (pCommandArgs[eGroupExpand].bDefined != 0));
   } while (false);

   return hr;
}

HRESULT DisplayGrandparentRDN(PCWSTR pszDN,
                              CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                              const CDSCmdCredentialObject& /*refCredentialObject*/,
                              _DSGetObjectTableEntry* /*pEntry*/,
                              ARG_RECORD* /*pCommandArgs*/,
                              PADS_ATTR_INFO /*pAttrInfo*/,
                              CComPtr<IDirectoryObject>& /*spDirObject*/,
                              PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayGrandparentRDN, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pszDN ||
          !pDisplayInfo)
      {
         ASSERT(pszDN);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      CComBSTR sbstrSiteName;

      CPathCracker pathCracker;
      hr = pathCracker.Set(CComBSTR(pszDN), ADS_SETTYPE_DN);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"IADsPathname::Set failed: hr = 0x%x",
                      hr);
         break;
      }

      hr = pathCracker.SetDisplayType(ADS_DISPLAY_VALUE_ONLY);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"IADsPathname::SetDisplayType failed: hr = 0x%x",
                      hr);
         break;
      }

      hr = pathCracker.GetElement(2, &sbstrSiteName);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"IADsPathname::GetElement failed: hr = 0x%x",
                      hr);
         break;
      }

      hr = pDisplayInfo->AddValue(sbstrSiteName);
   } while (false);

   return hr;
}


HRESULT DisplayObjectAttributeAsRDN(PCWSTR /*pszDN*/,
                                    CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                                    const CDSCmdCredentialObject& /*refCredentialObject*/,
                                    _DSGetObjectTableEntry* pEntry,
                                    ARG_RECORD* pRecord,
                                    PADS_ATTR_INFO pAttrInfo,
                                    CComPtr<IDirectoryObject>& /*spDirObject*/,
                                    PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayObjectAttributeAsRDN, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pRecord ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pRecord);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      if (pAttrInfo && pAttrInfo->pADsValues)
      {
         DEBUG_OUTPUT(FULL_LOGGING,
                      L"Adding %d values:",
                      pAttrInfo->dwNumValues);


         ASSERT(pAttrInfo->dwADsType == ADSTYPE_DN_STRING);

         // Add only the RDN value of the attribute to the output

         CPathCracker pathCracker;
         hr = pathCracker.Set(CComBSTR(pAttrInfo->pADsValues->DNString), ADS_SETTYPE_DN);
         if (SUCCEEDED(hr))
         {
            hr = pathCracker.SetDisplayType(ADS_DISPLAY_VALUE_ONLY);
            ASSERT(SUCCEEDED(hr));

            CComBSTR sbstrRDN;
            hr = pathCracker.Retrieve(ADS_FORMAT_LEAF, &sbstrRDN);
            if (SUCCEEDED(hr))
            {
               hr = pDisplayInfo->AddValue(sbstrRDN);
            }
         }
      }

   } while (false);

   return hr;
}







HRESULT IsServerGCDisplay(PCWSTR pszDN,
                          CDSCmdBasePathsInfo& refBasePathsInfo,
                          const CDSCmdCredentialObject& refCredentialObject,
                          _DSGetObjectTableEntry* /*pEntry*/,
                          ARG_RECORD* /*pCommandArgs*/,
                          PADS_ATTR_INFO /*pAttrInfo*/,
                          CComPtr<IDirectoryObject>& /*spDirObject*/,
                          PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, IsServerGCDisplay, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pszDN ||
          !pDisplayInfo)
      {
         ASSERT(pszDN);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      //
      // Compose the path to the NTDS settings object from the server DN
      //
      CComBSTR sbstrNTDSSettingsDN;
      sbstrNTDSSettingsDN = L"CN=NTDS Settings,";
      sbstrNTDSSettingsDN += pszDN;

      CComBSTR sbstrNTDSSettingsPath;
      refBasePathsInfo.ComposePathFromDN(sbstrNTDSSettingsDN, sbstrNTDSSettingsPath);

      CComPtr<IADs> spADs;
      hr = DSCmdOpenObject(refCredentialObject,
                           sbstrNTDSSettingsPath,
                           IID_IADs,
                           (void**)&spADs,
                           true);

      if (FAILED(hr))
      {
         break;
      }

      bool bGC = false;

      CComVariant var;
      hr = spADs->Get(CComBSTR(L"options"), &var);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(LEVEL5_LOGGING,
                      L"Failed to get the options: hr = 0x%x",
                      hr);
      }
      else
      {
         ASSERT(var.vt == VT_I4);

         if (var.lVal & SERVER_IS_GC_BIT)
         {
            bGC = true;
         }
      }
      
      DEBUG_OUTPUT(LEVEL8_LOGGING,
                   L"Server is GC: %s",
                   bGC ? g_pszYes : g_pszNo);

      hr = pDisplayInfo->AddValue(bGC ? g_pszYes : g_pszNo);

   } while (false);

   return hr;
}

HRESULT FindSiteSettingsOptions(IDirectoryObject* pDirectoryObj,
                                DWORD& refOptions)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, FindSiteSettingsOptions, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pDirectoryObj)
      {
         ASSERT(pDirectoryObj);
         hr = E_INVALIDARG;
         break;
      }

      CComPtr<IDirectorySearch> spSearch;
      hr = pDirectoryObj->QueryInterface(IID_IDirectorySearch, (void**)&spSearch);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"QI for IDirectorySearch failed: hr = 0x%x",
                      hr);
         break;
      }

      CDSSearch Search;
      hr = Search.Init(spSearch);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"CDSSearch::Init failed: hr = 0x%x",
                      hr);
         break;
      }

      PWSTR pszSearchFilter = L"(objectClass=nTDSSiteSettings)";
      Search.SetFilterString(pszSearchFilter);

      PWSTR rgpwzAttrNames[] = { L"options" };
      Search.SetAttributeList(rgpwzAttrNames, 1);
      Search.SetSearchScope(ADS_SCOPE_ONELEVEL);

      hr = Search.DoQuery();
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"Failed to run search: hr = 0x%x",
                      hr);
         break;
      }

      hr = Search.GetNextRow();
      if (hr == S_ADS_NOMORE_ROWS)
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"No rows found!");
         hr = E_FAIL;
         break;
      }

      ADS_SEARCH_COLUMN Column;
      hr = Search.GetColumn(L"options", &Column);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"Failed to get the options column: hr = 0x%x",
                      hr);
         break;
      }

      if (Column.dwADsType != ADSTYPE_INTEGER ||
          Column.dwNumValues == 0 ||
          !Column.pADsValues)
      {
         Search.FreeColumn(&Column);
         hr = E_FAIL;
         break;
      }

      refOptions = Column.pADsValues->Integer;

      Search.FreeColumn(&Column);
   } while (false);

   return hr;
}

HRESULT IsAutotopologyEnabledSite(PCWSTR /*pszDN*/,
                                  CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                                  const CDSCmdCredentialObject& /*refCredentialObject*/,
                                  _DSGetObjectTableEntry* pEntry,
                                  ARG_RECORD* pCommandArgs,
                                  PADS_ATTR_INFO /*pAttrInfo*/,
                                  CComPtr<IDirectoryObject>& spDirObject,
                                  PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, IsAutotopologyEnabledSite, hr);

   bool bAutoTopDisabled = false;

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pCommandArgs ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pCommandArgs);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      //
      // Get the options attribute from the nTDSSiteSettings object under the site object
      //
      DWORD dwOptions = 0;
      hr = FindSiteSettingsOptions(spDirObject,
                                   dwOptions);
      if (FAILED(hr))
      {
         break;
      }

      //
      // See if the intersite autotopology is disabled
      //
      if (dwOptions & NTDSSETTINGS_OPT_IS_INTER_SITE_AUTO_TOPOLOGY_DISABLED)
      {
         bAutoTopDisabled = true;
      }

   } while (false);

   //
   // Add the value for display
   //
   DEBUG_OUTPUT(LEVEL8_LOGGING,
                L"Autotopology: %s",
                bAutoTopDisabled ? g_pszNo : g_pszYes);

   pDisplayInfo->AddValue(bAutoTopDisabled ? g_pszNo : g_pszYes);

   return hr;
}

HRESULT IsCacheGroupsEnabledSite(PCWSTR /*pszDN*/,
                                 CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                                 const CDSCmdCredentialObject& /*refCredentialObject*/,
                                 _DSGetObjectTableEntry* pEntry,
                                 ARG_RECORD* pCommandArgs,
                                 PADS_ATTR_INFO /*pAttrInfo*/,
                                 CComPtr<IDirectoryObject>& spDirObject,
                                 PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, IsCacheGroupsEnabledSite, hr);

   bool bCacheGroupsEnabled = false;

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pCommandArgs ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pCommandArgs);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      //
      // Get the options attribute from the nTDSSiteSettings object under the site object
      //
      DWORD dwOptions = 0;
      hr = FindSiteSettingsOptions(spDirObject,
                                   dwOptions);
      if (FAILED(hr))
      {
         break;
      }

      //
      // See if groups caching is enabled
      //
      if (dwOptions & NTDSSETTINGS_OPT_IS_GROUP_CACHING_ENABLED)
      {
         bCacheGroupsEnabled = true;
      }

   } while (false);

   //
   // Add the value for display
   //
   DEBUG_OUTPUT(LEVEL8_LOGGING,
                L"Cache groups enabled: %s",
                bCacheGroupsEnabled ? g_pszYes : g_pszNo);

   pDisplayInfo->AddValue(bCacheGroupsEnabled ? g_pszYes : g_pszNo);
  
   return hr;
}

HRESULT FindSiteSettingsPreferredGCSite(IDirectoryObject* pDirectoryObj,
                                        CComBSTR& refsbstrGC)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, FindSiteSettingsPreferredGCSite, hr);

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pDirectoryObj)
      {
         ASSERT(pDirectoryObj);
         hr = E_INVALIDARG;
         break;
      }

      CComPtr<IDirectorySearch> spSearch;
      hr = pDirectoryObj->QueryInterface(IID_IDirectorySearch, (void**)&spSearch);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"QI for IDirectorySearch failed: hr = 0x%x",
                      hr);
         break;
      }

      CDSSearch Search;
      hr = Search.Init(spSearch);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"CDSSearch::Init failed: hr = 0x%x",
                      hr);
         break;
      }

      PWSTR pszSearchFilter = L"(objectClass=nTDSSiteSettings)";
      Search.SetFilterString(pszSearchFilter);

      PWSTR rgpwzAttrNames[] = { L"msDS-Preferred-GC-Site" };
      Search.SetAttributeList(rgpwzAttrNames, 1);
      Search.SetSearchScope(ADS_SCOPE_ONELEVEL);

      hr = Search.DoQuery();
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"Failed to run search: hr = 0x%x",
                      hr);
         break;
      }

      hr = Search.GetNextRow();
      if (hr == S_ADS_NOMORE_ROWS)
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"No rows found!");
         hr = E_FAIL;
         break;
      }

      ADS_SEARCH_COLUMN Column;
      hr = Search.GetColumn(L"msDS-Preferred-GC-Site", &Column);
      if (FAILED(hr))
      {
         DEBUG_OUTPUT(MINIMAL_LOGGING,
                      L"Failed to get the msDS-Preferred-GC-Site column: hr = 0x%x",
                      hr);
         break;
      }

      if (Column.dwADsType != ADSTYPE_DN_STRING ||
          Column.dwNumValues == 0 ||
          !Column.pADsValues)
      {
         Search.FreeColumn(&Column);
         hr = E_FAIL;
         break;
      }

      refsbstrGC = Column.pADsValues->DNString;

      Search.FreeColumn(&Column);
   } while (false);

   return hr;
}

HRESULT DisplayPreferredGC(PCWSTR /*pszDN*/,
                           CDSCmdBasePathsInfo& /*refBasePathsInfo*/,
                           const CDSCmdCredentialObject& /*refCredentialObject*/,
                           _DSGetObjectTableEntry* pEntry,
                           ARG_RECORD* pCommandArgs,
                           PADS_ATTR_INFO /*pAttrInfo*/,
                           CComPtr<IDirectoryObject>& spDirObject,
                           PDSGET_DISPLAY_INFO pDisplayInfo)
{
   ENTER_FUNCTION_HR(LEVEL5_LOGGING, DisplayPreferredGC, hr);

   CComBSTR sbstrGC;

   do // false loop
   {
      //
      // Verify parameters
      //
      if (!pEntry ||
          !pCommandArgs ||
          !pDisplayInfo)
      {
         ASSERT(pEntry);
         ASSERT(pCommandArgs);
         ASSERT(pDisplayInfo);
         hr = E_INVALIDARG;
         break;
      }

      //
      // Get the msDS-Preferred-GC-Site attribute from the nTDSSiteSettings 
      // object under the site object
      //
      hr = FindSiteSettingsPreferredGCSite(spDirObject,
                                           sbstrGC);
      if (FAILED(hr))
      {
         break;
      }

   } while (false);

   //
   // Add the value for display
   //
   DEBUG_OUTPUT(LEVEL8_LOGGING,
                L"Preferred GC Site: %s",
                (!sbstrGC) ? g_pszNotConfigured : sbstrGC);

   pDisplayInfo->AddValue((!sbstrGC) ? g_pszNotConfigured : sbstrGC);

   return hr;
}