archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
3.8 GiB
Tree: 1b390dddff
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1b390dddff'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/adsi/nds/cuar.cxx

592 lines
13 KiB
Raw Normal View History

Add source files
4 years ago
  1. //---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 1995
  5. //
  6. // File: cuar.cxx
  7. //
  8. // Contents: Account Restrictions Propset for the User object
  9. //
  10. // History: 11-1-95 krishnag Created.
  11. // 8-5-96 ramv Modified to be consistent with spec
  12. //
  13. // PROPERTY_RW(AccountDisabled, boolean, 1) I
  14. // PROPERTY_RW(AccountExpirationDate, DATE, 2) I
  15. // PROPERTY_RW(GraceLoginsAllowed, long, 5) NI
  16. // PROPERTY_RW(GraceLoginsRemaining, long, 6) NI
  17. // PROPERTY_RW(IsAccountLocked, boolean, 7) I
  18. // PROPERTY_RW(IsAdmin, boolean, 8) I
  19. // PROPERTY_RW(LoginHours, VARIANT, 9) I
  20. // PROPERTY_RW(LoginWorkstations, VARIANT, 10) I
  21. // PROPERTY_RW(MaxLogins, long, 11) I
  22. // PROPERTY_RW(MaxStorage, long, 12) I
  23. // PROPERTY_RW(PasswordExpirationDate, DATE, 13) I
  24. // PROPERTY_RW(PasswordRequired, boolean, 14) I
  25. // PROPERTY_RW(RequireUniquePassword,boolean, 15) I
  26. //
  27. //
  28. //----------------------------------------------------------------------------
  29. #include "nds.hxx"
  30. #pragma hdrstop
  33. // Class CNDSUser
  35. STDMETHODIMP
  36. CNDSUser::get_AccountDisabled(THIS_ VARIANT_BOOL FAR* retval)
  37. {
  38. GET_PROPERTY_VARIANT_BOOL((IADsUser *)this, AccountDisabled);
  39. }
  41. STDMETHODIMP
  42. CNDSUser::put_AccountDisabled(THIS_ VARIANT_BOOL fAccountDisabled)
  43. {
  44. PUT_PROPERTY_VARIANT_BOOL((IADsUser *)this, AccountDisabled);
  45. }
  48. STDMETHODIMP
  49. CNDSUser::get_AccountExpirationDate(THIS_ DATE FAR* retval)
  50. {
  51. GET_PROPERTY_DATE((IADsUser *)this, AccountExpirationDate);
  52. }
  54. STDMETHODIMP
  55. CNDSUser::put_AccountExpirationDate(THIS_ DATE daAccountExpirationDate)
  56. {
  57. PUT_PROPERTY_DATE((IADsUser *)this, AccountExpirationDate);
  58. }
  60. STDMETHODIMP
  61. CNDSUser::get_GraceLoginsAllowed(THIS_ long FAR* retval)
  62. {
  63. GET_PROPERTY_LONG((IADsUser *)this, GraceLoginsAllowed);
  64. }
  67. STDMETHODIMP
  68. CNDSUser::put_GraceLoginsAllowed(THIS_ long lGraceLoginsAllowed)
  69. {
  70. PUT_PROPERTY_LONG((IADsUser *)this, GraceLoginsAllowed);
  71. }
  73. STDMETHODIMP
  74. CNDSUser::get_GraceLoginsRemaining(THIS_ long FAR* retval)
  75. {
  76. GET_PROPERTY_LONG((IADsUser *)this, GraceLoginsRemaining);
  77. }
  79. STDMETHODIMP
  80. CNDSUser::put_GraceLoginsRemaining(THIS_ long lGraceLoginsRemaining)
  81. {
  82. PUT_PROPERTY_LONG((IADsUser *)this, GraceLoginsRemaining);
  83. }
  85. STDMETHODIMP
  86. CNDSUser::get_IsAccountLocked(THIS_ VARIANT_BOOL FAR* retval)
  87. {
  88. HRESULT hr;
  89. hr = get_VARIANT_BOOL_Property(
  90. (IADs *)this,
  91. TEXT("Locked By Intruder"),
  92. retval
  93. );
  94. RRETURN_EXP_IF_ERR(hr);
  95. }
  97. STDMETHODIMP
  98. CNDSUser::put_IsAccountLocked(THIS_ VARIANT_BOOL fIsAccountLocked)
  99. {
  100. HRESULT hr;
  101. hr = put_VARIANT_BOOL_Property(
  102. (IADs *)this,
  103. TEXT("Locked By Intruder"),
  104. fIsAccountLocked
  105. );
  106. RRETURN_EXP_IF_ERR(hr);
  107. }
  109. STDMETHODIMP
  110. CNDSUser::get_LoginHours(THIS_ VARIANT FAR* retval)
  111. {
  112. GET_PROPERTY_VARIANT((IADsUser *)this,LoginHours);
  113. }
  115. STDMETHODIMP
  116. CNDSUser::put_LoginHours(THIS_ VARIANT vLoginHours)
  117. {
  118. PUT_PROPERTY_VARIANT((IADsUser *)this,LoginHours);
  119. }
  121. STDMETHODIMP
  122. CNDSUser::get_LoginWorkstations(THIS_ VARIANT FAR* retval)
  123. {
  124. GET_PROPERTY_VARIANT((IADsUser *)this,LoginWorkstations);
  125. }
  128. STDMETHODIMP
  129. CNDSUser::put_LoginWorkstations(THIS_ VARIANT vLoginWorkstations)
  130. {
  131. PUT_PROPERTY_VARIANT((IADsUser *)this,LoginWorkstations);
  132. }
  134. STDMETHODIMP
  135. CNDSUser::get_MaxLogins(THIS_ long FAR* retval)
  136. {
  137. GET_PROPERTY_LONG((IADsUser *)this, MaxLogins);
  138. }
  140. STDMETHODIMP
  141. CNDSUser::put_MaxLogins(THIS_ long lMaxLogins)
  142. {
  143. PUT_PROPERTY_LONG((IADsUser *)this, MaxLogins);
  144. }
  146. STDMETHODIMP
  147. CNDSUser::get_MaxStorage(THIS_ long FAR* retval)
  148. {
  149. GET_PROPERTY_LONG((IADsUser *)this, MaxStorage);
  150. }
  153. STDMETHODIMP
  154. CNDSUser::put_MaxStorage(THIS_ long lMaxStorage)
  155. {
  156. PUT_PROPERTY_LONG((IADsUser *)this, MaxStorage);
  157. }
  159. STDMETHODIMP
  160. CNDSUser::get_PasswordExpirationDate(THIS_ DATE FAR* retval)
  161. {
  162. GET_PROPERTY_DATE((IADsUser *)this, PasswordExpirationDate);
  163. }
  165. STDMETHODIMP
  166. CNDSUser::put_PasswordExpirationDate(THIS_ DATE daPasswordExpirationDate)
  167. {
  168. PUT_PROPERTY_DATE((IADsUser *)this, PasswordExpirationDate);
  169. }
  171. STDMETHODIMP
  172. CNDSUser::get_PasswordRequired(THIS_ VARIANT_BOOL FAR* retval)
  173. {
  174. GET_PROPERTY_VARIANT_BOOL((IADsUser *)this, PasswordRequired);
  175. }
  177. STDMETHODIMP
  178. CNDSUser::put_PasswordRequired(THIS_ VARIANT_BOOL fPasswordRequired)
  179. {
  180. PUT_PROPERTY_VARIANT_BOOL((IADsUser *)this, PasswordRequired);
  181. }
  183. STDMETHODIMP
  184. CNDSUser::get_PasswordMinimumLength(THIS_ LONG FAR* retval)
  185. {
  186. GET_PROPERTY_LONG((IADsUser *)this, PasswordMinimumLength);
  187. }
  189. STDMETHODIMP
  190. CNDSUser::put_PasswordMinimumLength(THIS_ LONG lPasswordMinimumLength)
  191. {
  192. PUT_PROPERTY_LONG((IADsUser *)this, PasswordMinimumLength);
  193. }
  195. STDMETHODIMP
  196. CNDSUser::get_RequireUniquePassword(THIS_ VARIANT_BOOL FAR* retval)
  197. {
  198. GET_PROPERTY_VARIANT_BOOL((IADsUser *)this, RequireUniquePassword);
  199. }
  201. STDMETHODIMP
  202. CNDSUser::put_RequireUniquePassword(THIS_ VARIANT_BOOL fRequireUniquePassword)
  203. {
  204. PUT_PROPERTY_VARIANT_BOOL((IADsUser *)this, RequireUniquePassword);
  205. }
  207. STDMETHODIMP
  208. CNDSUser::ChangePassword(
  209. THIS_ BSTR bstrOldPassword,
  210. BSTR bstrNewPassword
  211. )
  212. {
  213. HANDLE hObject = NULL;
  214. LPWSTR pszNDSPathName = NULL;
  215. DWORD dwStatus;
  216. HRESULT hr = S_OK;
  217. BSTR bstrADsPath = NULL;
  219. hr = _pADs->get_ADsPath(
  220. &bstrADsPath
  221. );
  222. BAIL_ON_FAILURE(hr);
  225. hr = BuildNDSPathFromADsPath(
  226. bstrADsPath,
  227. &pszNDSPathName
  228. );
  229. BAIL_ON_FAILURE(hr);
  231. dwStatus = ADsNwNdsOpenObject(
  232. pszNDSPathName,
  233. _Credentials,
  234. &hObject,
  235. NULL,
  236. NULL,
  237. NULL,
  238. NULL
  239. );
  241. CHECK_AND_SET_EXTENDED_ERROR(dwStatus, hr);
  243. dwStatus = NwNdsChangeUserPassword(
  244. hObject,
  245. bstrOldPassword,
  246. bstrNewPassword
  247. );
  249. CHECK_AND_SET_EXTENDED_ERROR(dwStatus, hr);
  250. error:
  252. if (hObject) {
  253. dwStatus = NwNdsCloseObject(hObject);
  254. }
  256. if (bstrADsPath) {
  257. ADsFreeString(bstrADsPath);
  258. }
  260. if (pszNDSPathName) {
  261. FreeADsStr(pszNDSPathName);
  262. }
  264. RRETURN_EXP_IF_ERR(hr);
  265. }
  268. HRESULT
  269. NWApiSetUserPassword(
  270. NWCONN_HANDLE hConn,
  271. DWORD dwUserObjID,
  272. LPWSTR pszUserName,
  273. LPWSTR pszPassword
  274. );
  276. HRESULT
  277. BuildUserNameFromADsPath(
  278. LPWSTR pszADsPath,
  279. LPWSTR szUserName
  280. );
  283. #define NW_MAX_PASSWORD_LEN 256
  286. STDMETHODIMP
  287. CNDSUser::SetPassword(THIS_ BSTR NewPassword)
  288. {
  289. HANDLE hObject = NULL;
  290. LPWSTR pszNDSPathName = NULL;
  291. DWORD dwStatus;
  292. HRESULT hr = S_OK;
  293. BSTR bstrADsPath = NULL;
  294. WCHAR szUserName[NDS_MAX_NAME_CHARS+1];
  295. WCHAR szPasswordCopy[NW_MAX_PASSWORD_LEN + 1];
  296. DWORD dwObjID;
  297. NWCONN_HANDLE hConn = NULL;
  299. wcscpy(szPasswordCopy, NewPassword);
  300. hr = ChangePassword(L"", szPasswordCopy);
  302. if (!FAILED(hr)) {
  304. return hr;
  305. }
  307. hr = _pADs->get_ADsPath(
  308. &bstrADsPath
  309. );
  310. BAIL_ON_FAILURE(hr);
  313. hr = BuildNDSPathFromADsPath(
  314. bstrADsPath,
  315. &pszNDSPathName
  316. );
  317. BAIL_ON_FAILURE(hr);
  319. hr = BuildUserNameFromADsPath(
  320. bstrADsPath,
  321. szUserName
  322. );
  323. BAIL_ON_FAILURE(hr);
  325. dwStatus = ADsNwNdsOpenObject(
  326. pszNDSPathName,
  327. _Credentials,
  328. &hObject,
  329. NULL,
  330. NULL,
  331. NULL,
  332. NULL
  333. );
  335. CHECK_AND_SET_EXTENDED_ERROR(dwStatus, hr);
  338. dwObjID = NwNdsGetObjectId(hObject);
  339. hConn = NwNdsObjectHandleToConnHandle(hObject);
  341. if (hConn == NULL) {
  342. hr = HRESULT_FROM_WIN32(GetLastError());
  343. BAIL_ON_FAILURE(hr);
  344. }
  346. hr = NWApiSetUserPassword(
  347. hConn,
  348. dwObjID,
  349. szUserName,
  350. szPasswordCopy
  351. );
  353. NwNdsConnHandleFree(hConn);
  356. error:
  358. if (hObject) {
  359. dwStatus = NwNdsCloseObject(hObject);
  360. }
  362. if (bstrADsPath) {
  363. ADsFreeString(bstrADsPath);
  364. }
  366. if (pszNDSPathName) {
  367. FreeADsStr(pszNDSPathName);
  368. }
  370. RRETURN_EXP_IF_ERR(hr);
  371. }
  376. HRESULT
  377. NWApiSetUserPassword(
  378. NWCONN_HANDLE hConn,
  379. DWORD dwUserObjID,
  380. LPWSTR pszUserName,
  381. LPWSTR pszPassword
  382. )
  383. {
  384. CHAR szOemUserName[NDS_MAX_NAME_CHARS + 1];
  385. CHAR szOemPassword[NW_MAX_PASSWORD_LEN + 1];
  386. CHAR Buffer[128];
  387. DWORD rc, err = 0;
  388. HRESULT hr = S_OK;
  389. NTSTATUS NtStatus;
  390. UCHAR ChallengeKey[8];
  391. UCHAR ucMoreFlag;
  392. UCHAR ucPropFlag;
  394. if ( !pszUserName ||
  395. !pszPassword ) {
  397. hr = E_INVALIDARG ;
  398. BAIL_ON_FAILURE(hr);
  399. }
  401. //
  402. // Convert UNICODE into OEM representation required by NW APIs.
  403. //
  405. rc = WideCharToMultiByte(
  406. CP_OEMCP,
  407. 0,
  408. pszUserName,
  409. -1,
  410. szOemUserName,
  411. sizeof(szOemUserName),
  412. NULL,
  413. NULL) ;
  415. if (rc == 0) {
  417. err = GetLastError() ;
  418. hr = HRESULT_FROM_WIN32(err);
  419. BAIL_ON_FAILURE(hr);
  421. }
  423. _wcsupr(pszPassword) ;
  424. rc = WideCharToMultiByte(
  425. CP_OEMCP,
  426. 0,
  427. pszPassword,
  428. -1,
  429. szOemPassword,
  430. sizeof(szOemPassword),
  431. NULL,
  432. NULL) ;
  434. if (rc == 0) {
  436. err = GetLastError() ;
  437. hr = HRESULT_FROM_WIN32(err);
  438. BAIL_ON_FAILURE(hr);
  440. }
  443. //
  444. // Get challenge key.
  445. //
  447. NtStatus = NWPGetChallengeKey(
  448. hConn,
  449. ChallengeKey
  450. );
  452. if (!NT_SUCCESS(NtStatus)) {
  454. err = ERROR_UNEXP_NET_ERR ;
  455. }
  458. if (!err) {
  460. //
  461. // The old password and object ID make up the 17-byte Vold. This is used
  462. // later to form the 17-byte Vc for changing password on the server.
  463. //
  465. UCHAR ValidationKey[8];
  466. UCHAR NewKeyedPassword[17];
  468. EncryptChangePassword(
  469. (PUCHAR) "",
  470. (PUCHAR) szOemPassword,
  471. dwUserObjID,
  472. ChallengeKey,
  473. ValidationKey,
  474. NewKeyedPassword
  475. );
  477. NtStatus = NWPChangeObjectPasswordEncrypted(
  478. hConn,
  479. szOemUserName,
  480. OT_USER,
  481. ValidationKey,
  482. NewKeyedPassword
  483. );
  485. if (!NT_SUCCESS(NtStatus)) {
  487. err = ERROR_NOT_SUPPORTED;
  488. }
  490. }
  492. //
  493. // Return.
  494. //
  496. hr = HRESULT_FROM_WIN32(err);
  499. error:
  501. RRETURN(hr);
  502. }
  505. //+---------------------------------------------------------------------------
  506. // Function: Extract user name from ADs path
  507. //
  508. // Synopsis: This call attempts to extract a username from a NDS style
  509. // ADs path. The last component is assumed to be the username.
  510. //
  511. // Arguments: [LPTSTR szBuffer]
  512. // [LPVOID *ppObject]
  513. //
  514. // Returns: HRESULT
  515. //
  516. // Modifies: -
  517. //
  518. // History: 11-3-95 krishnag Created.
  519. //
  520. //----------------------------------------------------------------------------
  521. HRESULT
  522. BuildUserNameFromADsPath(
  523. LPWSTR pszADsPath,
  524. LPWSTR szUserName
  525. )
  526. {
  527. OBJECTINFO ObjectInfo;
  528. POBJECTINFO pObjectInfo = &ObjectInfo;
  530. LPWSTR pszSrcComp = NULL;
  531. LPWSTR pszSrcValue = NULL;
  533. DWORD dwNumComponents = 0;
  535. HRESULT hr = S_OK;
  537. CLexer Lexer(pszADsPath);
  539. memset(pObjectInfo, 0, sizeof(OBJECTINFO));
  541. hr = ADsObject(&Lexer, pObjectInfo);
  542. BAIL_ON_FAILURE(hr);
  544. dwNumComponents = pObjectInfo->NumComponents ;
  546. if (dwNumComponents) {
  548. //
  549. // take the last value
  550. //
  551. pszSrcComp = pObjectInfo->ComponentArray[dwNumComponents-1].szComponent;
  552. pszSrcValue = pObjectInfo->ComponentArray[dwNumComponents-1].szValue;
  554. if (pszSrcComp && pszSrcValue) {
  556. //
  557. // You have a CN = "MyUserName"
  558. // Then copy the szValue as your UserName
  559. //
  561. wcscpy(szUserName, pszSrcValue);
  563. }
  564. else if (pszSrcComp) {
  566. //
  567. // Simply MyUserName. For example: path
  568. // is "NDS://marsdev/mars/dev/MyUserName)"
  569. //
  571. wcscpy(szUserName, pszSrcComp);
  573. }
  574. }
  577. error:
  579. //
  580. // Clean up the parser object
  581. //
  583. FreeObjectInfo(pObjectInfo);
  585. RRETURN(hr);
  586. }