archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
4.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/admt/workobj/rightstr.cpp

218 lines
8.5 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. /*---------------------------------------------------------------------------
  2. File: RightsTranslator.cpp
  4. Comments: Functions to translate user rights
  6. (c) Copyright 1999, Mission Critical Software, Inc., All Rights Reserved
  7. Proprietary and confidential to Mission Critical Software, Inc.
  9. REVISION LOG ENTRY
  10. Revision By: Christy Boles
  11. Revised on 02/25/99 19:57:16
  13. ---------------------------------------------------------------------------
  14. */
  17. #include "StdAfx.h"
  18. #include "Mcs.h"
  19. #include "WorkObj.h"
  20. #include "SecTrans.h"
  21. #include "STArgs.hpp"
  22. #include "SidCache.hpp"
  23. #include "SDStat.hpp"
  24. #include "TxtSid.h"
  25. #include "ErrDct.hpp"
  27. //#import "\bin\McsDctWorkerObjects.tlb"
  28. #import "WorkObj.tlb"
  30. extern TErrorDct err;
  32. DWORD
  33. TranslateUserRights(
  34. WCHAR const * serverName, // in - name of server to translate groups on
  35. SecurityTranslatorArgs * stArgs, // in - translation settings
  36. TSDRidCache * cache, // in - translation table
  37. TSDResolveStats * stat // in - stats on items modified
  38. )
  39. {
  40. // DWORD rc = 0;
  41. HRESULT hr;
  42. SAFEARRAY * pRights = NULL;
  43. SAFEARRAY * pUsers = NULL;
  44. TAcctNode * node = NULL;
  45. _bstr_t server = serverName;
  46. MCSDCTWORKEROBJECTSLib::IUserRightsPtr pLsa(CLSID_UserRights);
  47. WCHAR currPath[500];
  48. DWORD mode = stArgs->TranslationMode();
  49. BOOL bUseMapFile = stArgs->UsingMapFile();
  51. if ( pLsa == NULL )
  52. {
  53. return E_FAIL;
  54. }
  55. pLsa->NoChange = stArgs->NoChange();
  57. if ( stArgs->TranslationMode() != ADD_SECURITY )
  58. {
  59. err.MsgWrite(0,DCT_MSG_USER_RIGHTS_ONLY_ADDS);
  60. stArgs->SetTranslationMode(ADD_SECURITY);
  61. }
  62. // Get a list of all the rights
  63. hr = pLsa->raw_GetRights(server,&pRights);
  64. if ( SUCCEEDED(hr) )
  65. {
  66. LONG nRights = 0;
  67. long ndx[1];
  68. hr = SafeArrayGetUBound(pRights,1,&nRights);
  69. if ( SUCCEEDED(hr) )
  70. {
  71. for ( long i = 0 ; i <= nRights ; i++ )
  72. {
  73. BSTR right;
  75. ndx[0] = i;
  76. hr = SafeArrayGetElement(pRights,ndx,&right);
  77. if ( SUCCEEDED(hr) )
  78. {
  79. swprintf(currPath,L"%s\\%s",serverName,(WCHAR*)right);
  80. if( stat )
  81. {
  82. stat->DisplayPath(currPath);
  83. }
  84. // Get a list of users who have this right
  85. hr = pLsa->raw_GetUsersWithRight(server,right,&pUsers);
  86. if ( SUCCEEDED(hr))
  87. {
  88. LONG nUsers = 0;
  90. hr = SafeArrayGetUBound(pUsers,1,&nUsers);
  91. if ( SUCCEEDED(hr) )
  92. {
  93. BSTR user;
  94. PSID pSid = NULL;
  95. // PSID pTgt = NULL;
  97. for ( long j = 0 ; j <= nUsers ; j++ )
  98. {
  99. ndx[0] = j;
  100. hr = SafeArrayGetElement(pUsers,ndx,&user);
  101. if ( SUCCEEDED(hr))
  102. {
  103. // Get the user's sid
  104. pSid = SidFromString(user);
  105. if ( pSid )
  106. {
  107. stat->IncrementExamined(userright);
  108. // Lookup the user in the cache
  109. if (!bUseMapFile)
  110. node = cache->Lookup(pSid);
  111. else
  112. node = cache->LookupWODomain(pSid);
  113. if ( node )
  114. {
  115. if ( node == (TAcctNode*)-1 )
  116. {
  117. node = NULL;
  118. }
  119. if ( node && node->IsValidOnTgt() )
  120. {
  121. // Found the account in the cache
  122. // remove the right from the source user
  124. if ( (stArgs->TranslationMode() != ADD_SECURITY) )
  125. {
  126. hr = pLsa->raw_RemoveUserRight(server,user,right);
  127. if ( FAILED(hr))
  128. {
  129. err.SysMsgWrite(ErrE,hr,DCT_MSG_REMOVE_RIGHT_FAILED_SSSD,
  130. (WCHAR*)right,node->GetAcctName(),serverName,hr);
  131. stat->IncrementSkipped(userright);
  132. }
  133. else
  134. {
  135. err.MsgWrite(0,DCT_MSG_REMOVED_RIGHT_SSSS,serverName,right,stArgs->Source(),node->GetAcctName());
  136. }
  137. }
  138. if ( SUCCEEDED(hr) )
  139. {
  140. stat->IncrementChanged(userright);
  141. PSID sid = NULL;
  142. if (!bUseMapFile)
  143. sid = cache->GetTgtSid(node);
  144. else
  145. sid = cache->GetTgtSidWODomain(node);
  146. if ( sid )
  147. {
  148. WCHAR strSid[200];
  149. DWORD lenStrSid = DIM(strSid);
  150. GetTextualSid(sid,strSid,&lenStrSid);
  152. if ( (stArgs->TranslationMode() != REMOVE_SECURITY) )
  153. {
  154. hr = pLsa->raw_AddUserRight(server,SysAllocString(strSid),right);
  155. if ( FAILED(hr) )
  156. {
  157. err.SysMsgWrite(ErrE,hr,DCT_MSG_ADD_RIGHT_FAILED_SSSD,
  158. (WCHAR*)right,node->GetAcctName(),serverName,hr);
  160. }
  161. else
  162. {
  163. err.MsgWrite(0,DCT_MSG_ADDED_RIGHT_SSSS,serverName,right,stArgs->Target(),node->GetAcctName());
  164. }
  165. }
  166. free(sid);
  167. }
  168. }
  169. }
  170. }
  171. FreeSid(pSid);
  172. }
  173. else
  174. {
  175. err.MsgWrite(ErrW,DCT_MSG_INVALID_SID_STRING_S,user);
  176. }
  177. SysFreeString(user);
  178. }
  179. }
  180. }
  181. else
  182. {
  183. err.SysMsgWrite(ErrE,hr,DCT_MSG_USERS_WITH_RIGHT_COUNT_FAILED_SSD,(WCHAR*)right,serverName,hr);
  184. }
  185. SafeArrayDestroy(pUsers);
  186. }
  187. else
  188. {
  189. err.MsgWrite(ErrE,DCT_MSG_GET_USERS_WITH_RIGHT_FAILED_SSD,(WCHAR*)right,serverName,hr);
  190. }
  191. SysFreeString(right);
  192. }
  193. else
  194. {
  195. err.MsgWrite(ErrE,DCT_MSG_LIST_RIGHTS_FAILED_SD,serverName,hr);
  196. break;
  197. }
  198. }
  199. }
  200. else
  201. {
  202. err.MsgWrite(ErrE,DCT_MSG_LIST_RIGHTS_FAILED_SD,serverName,hr);
  203. }
  204. SafeArrayDestroy(pRights);
  205. }
  206. else
  207. {
  208. err.MsgWrite(ErrE,DCT_MSG_LIST_RIGHTS_FAILED_SD,serverName,hr);
  209. }
  210. if( stat )
  211. {
  212. stat->DisplayPath(L"");
  213. }
  215. // set the translation mode back to its original value
  216. stArgs->SetTranslationMode(mode);
  217. return hr;
  218. }