|
|
//+-------------------------------------------------------------------------
//
// Microsoft Windows
//
// Copyright (C) Microsoft Corporation, 1998 - 1999
//
// File: util.cpp
//
//--------------------------------------------------------------------------
#include "pch.h"
#include "resource.h"
#include "util.h"
#include "delegWiz.h"
#include <_util.cpp>
VOID DisplayMessageBox(HWND hwnd, LPWSTR lpszText){ CWString szTitle; szTitle.LoadFromResource(IDS_DELEGWIZ_WIZ_TITLE); ::MessageBox(hwnd,lpszText, szTitle, MB_OK);}
//This function checks if current user has read and write
//access to the szObjectPath. If not it shows appropriate
//Message box.
HRESULT InitCheckAccess( HWND hwndParent, LPCWSTR pszObjectLADPPath ){ HRESULT hr = S_OK; WCHAR szSDRightsProp[] = L"sDRightsEffective"; LPWSTR pProp = (LPWSTR)szSDRightsProp; PADS_ATTR_INFO pSDRightsInfo = NULL; PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL; DWORD dwAttributesReturned; IDirectoryObject *pDsObject = NULL; SECURITY_INFORMATION si = 0;
//Check Permission to "Read Permission"
DWORD dwErr = ::GetNamedSecurityInfo(IN const_cast<LPWSTR>(pszObjectLADPPath), SE_DS_OBJECT_ALL, DACL_SECURITY_INFORMATION, NULL, NULL, NULL, NULL, &pSecurityDescriptor);
TRACE(L"GetNamedSecurityInfo() returned dwErr = 0x%x\n", dwErr);
if (dwErr != ERROR_SUCCESS) { TRACE(L"failed on GetNamedSecurityInfo(): dwErr = 0x%x\n", dwErr); WCHAR szMsg[512]; LoadStringHelper(IDS_DELEGWIZ_ERR_GET_SEC_INFO, szMsg, 512); DisplayMessageBox(hwndParent, szMsg); hr = HRESULT_FROM_WIN32(dwErr); goto exit_gracefully; } // Bind to the object
hr = ADsOpenObject(pszObjectLADPPath, (LPWSTR)NULL, (LPWSTR)NULL, ADS_SECURE_AUTHENTICATION | ADS_FAST_BIND, IID_IDirectoryObject, (LPVOID*)&pDsObject); if( hr != S_OK ) goto exit_gracefully;
// Read the sDRightsEffective property to determine writability
pDsObject->GetObjectAttributes( &pProp, 1, &pSDRightsInfo, &dwAttributesReturned); if (pSDRightsInfo) { si = pSDRightsInfo->pADsValues->Integer; FreeADsMem(pSDRightsInfo); } else { //
// Note that GetObjectAttributes commonly returns S_OK even when
// it fails, so the HRESULT is basically useless here.
//
// This can fail if we don't have read_property access, which can
// happen when an admin is trying to restore access to an object
// that has had all access removed or denied
//
// Assume we can write the Owner and DACL. If not, the worst that
// happens is the user gets an "Access Denied" message when trying
// to save changes.
//
si = DACL_SECURITY_INFORMATION; }
if( !(si & DACL_SECURITY_INFORMATION) ) { TRACE(L"failed on SetNamedSecurityInfo(): dwErr = 0x%x\n", dwErr); WCHAR szMsg[512]; LoadStringHelper(IDS_DELEGWIZ_ERR_ACCESS_DENIED, szMsg, 512); DisplayMessageBox(hwndParent, szMsg); hr = !S_OK; }
exit_gracefully: if( pSecurityDescriptor ) LocalFree(pSecurityDescriptor); if( pDsObject ) pDsObject->Release(); return hr;}
DWORDFormatStringID(LPTSTR *ppszResult, UINT idStr , ...){ va_list args; va_start(args, idStr); TCHAR szFormat[1024]; LoadStringHelper(idStr, szFormat, ARRAYSIZE(szFormat)); return FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_STRING, szFormat, 0, 0, (LPTSTR)ppszResult, 1, &args);}
|
