archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 9769ad7c3d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9769ad7c3d'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/admt/workobj/pwdage.cpp

288 lines
8.4 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*---------------------------------------------------------------------------
  2. File: ComputerPwdAge.cpp
  4. Comments: Implementation of COM object to retrieve password age for computer
  5. accounts (used to detect defunct computer accounts.)
  7. (c) Copyright 1999, Mission Critical Software, Inc., All Rights Reserved
  8. Proprietary and confidential to Mission Critical Software, Inc.
  10. REVISION LOG ENTRY
  11. Revision By: Christy Boles
  12. Revised on 02/15/99 11:19:31
  14. ---------------------------------------------------------------------------
  15. */
  17. // ComputerPwdAge.cpp : Implementation of CComputerPwdAge
  18. #include "stdafx.h"
  19. #include "WorkObj.h"
  20. #include "PwdAge.h"
  21. #include "Common.hpp"
  22. #include "UString.hpp"
  23. #include "Err.hpp"
  24. #include "CommaLog.hpp"
  25. #include "EaLen.hpp"
  27. //#import "\bin\McsVarSetMin.tlb" no_namespace
  28. //#import "\bin\DBManager.tlb" no_namespace, named_guids
  29. #import "VarSet.tlb" no_namespace rename("property", "aproperty")
  30. #import "DBMgr.tlb" no_namespace, named_guids
  32. #include <lm.h>
  34. /////////////////////////////////////////////////////////////////////////////
  35. // CComputerPwdAge
  38. STDMETHODIMP
  39. CComputerPwdAge::SetDomain(
  40. BSTR domain // in - domain name to examine
  41. )
  42. {
  43. HRESULT hr = S_OK;
  44. DWORD rc;
  45. WCHAR domctrl[LEN_Computer];
  47. if ( UStrICmp(m_Domain,domain) )
  48. {
  49. m_Domain = domain;
  51. rc = GetDomainControllerForDomain(domain,domctrl);
  53. if ( rc )
  54. {
  55. hr = HRESULT_FROM_WIN32(rc);
  56. }
  57. else
  58. {
  59. m_DomainCtrl = domctrl;
  60. }
  61. }
  62. return hr;
  63. }
  65. STDMETHODIMP
  66. CComputerPwdAge::GetPwdAge(
  67. BSTR domain, // in - domain name to examine
  68. BSTR ComputerName, // in - machine name of computer
  69. DWORD * pPwdAge // out- password age in seconds
  70. )
  71. {
  72. HRESULT hr;
  73. DWORD rc;
  74. WCHAR computerAccountName[LEN_Account];
  75. DWORD pwdage = 0;
  77. hr = SetDomain(domain);
  78. if ( SUCCEEDED(hr) )
  79. {
  80. swprintf(computerAccountName,L"%s",ComputerName);
  81. rc = GetSinglePasswordAgeInternal(m_DomainCtrl,computerAccountName,&pwdage);
  82. if ( ! rc )
  83. {
  84. (*pPwdAge) = pwdage;
  85. }
  86. else
  87. {
  88. hr = HRESULT_FROM_WIN32(rc);
  89. }
  90. }
  91. return hr;
  92. }
  94. STDMETHODIMP
  95. CComputerPwdAge::ExportPasswordAge(
  96. BSTR domain, // in - domain to export information from
  97. BSTR filename // in - UNC name of file to write information to
  98. )
  99. {
  100. HRESULT hr;
  102. hr = SetDomain(domain);
  103. if ( SUCCEEDED(hr) )
  104. {
  105. hr = ExportPasswordAgeOlderThan(domain,filename,0);
  106. }
  107. return hr;
  108. }
  110. STDMETHODIMP
  111. CComputerPwdAge::ExportPasswordAgeOlderThan(
  112. BSTR domain, // in - domain to export information from
  113. BSTR filename, // in - filename to write information to
  114. DWORD minAge // in - write only accounts with password age older than minAge
  115. )
  116. {
  117. DWORD rc = 0;
  118. HRESULT hr;
  120. hr = SetDomain(domain);
  122. if ( SUCCEEDED(hr) )
  123. {
  124. rc = ExportPasswordAgeInternal(m_DomainCtrl,filename,minAge,TRUE);
  125. if ( rc )
  126. {
  127. hr = HRESULT_FROM_WIN32(rc);
  128. }
  129. }
  130. return hr;
  131. }
  133. STDMETHODIMP
  134. CComputerPwdAge::ExportPasswordAgeNewerThan(
  135. BSTR domain, // in - domain to export information from
  136. BSTR filename, // in - filename to write information to
  137. DWORD maxAge // in - write only computer accounts with password age less than maxAge
  138. )
  139. {
  140. DWORD rc = 0;
  141. HRESULT hr;
  143. hr = SetDomain(domain);
  145. if ( SUCCEEDED(hr) )
  146. {
  147. rc = ExportPasswordAgeInternal(m_DomainCtrl,filename,maxAge,FALSE);
  148. if ( rc )
  149. {
  150. hr = HRESULT_FROM_WIN32(rc);
  151. }
  152. }
  153. return hr;
  155. }
  157. DWORD // ret- WIN32 error code
  158. CComputerPwdAge::GetDomainControllerForDomain(
  159. WCHAR const * domain, // in - name of domain
  160. WCHAR * domctrl // out- domain controller for domain
  161. )
  162. {
  163. DWORD rc;
  164. WCHAR * result;
  166. rc = NetGetDCName(NULL,domain,(LPBYTE*)&result);
  167. if ( ! rc )
  168. {
  169. wcscpy(domctrl,result);
  170. NetApiBufferFree(result);
  171. }
  172. return rc;
  173. }
  175. DWORD // ret- WIN32 error code
  176. CComputerPwdAge::ExportPasswordAgeInternal(
  177. WCHAR const * domctrl, // in - domain controller to query
  178. WCHAR const * filename, // in - filename to write results to
  179. DWORD minOrMaxAge, // in - optional min or max age to write
  180. BOOL bOld // in - TRUE-Age is min age, copies only old accounts
  181. )
  182. {
  183. DWORD rc = 0;
  184. DWORD nRead;
  185. DWORD nTotal;
  186. DWORD nResume = 0;
  187. DWORD prefmax = 1000;
  188. USER_INFO_11 * buf;
  189. time_t pwdage; // the number of seconds ago that the pwd was last changed
  190. time_t pwdtime; // the time when the pwd was last changed
  191. time_t now; // the current time
  192. CommaDelimitedLog log;
  193. IIManageDBPtr pDB;
  194. WCHAR computerName[LEN_Account];
  196. rc = pDB.CreateInstance(CLSID_IManageDB);
  197. if ( SUCCEEDED(rc) )
  198. {
  200. time(&now);
  201. do
  202. {
  203. rc = NetUserEnum(domctrl,11,FILTER_WORKSTATION_TRUST_ACCOUNT,(LPBYTE*)&buf,prefmax,&nRead,&nTotal,&nResume);
  204. if ( rc && rc != ERROR_MORE_DATA )
  205. break;
  206. for ( UINT i = 0 ; i < nRead ; i++ )
  207. {
  208. pwdage = buf[i].usri11_password_age;
  209. if ( ( pwdage >= (time_t)minOrMaxAge && bOld ) // inactive machines
  210. ||( pwdage <= (time_t)minOrMaxAge && !bOld ) ) // active machines
  211. {
  212. safecopy(computerName,buf[i].usri11_name);
  213. // strip off the $ from the end of the computer account
  214. computerName[UStrLen(computerName)-1] = 0;
  215. // pDB->raw_SavePasswordAge(m_Domain,SysAllocString(computerName),SysAllocString(buf[i].usri11_comment),pwdage);
  216. pDB->raw_SavePasswordAge(m_Domain,SysAllocString(computerName),SysAllocString(buf[i].usri11_comment),(long)pwdage);
  218. pwdtime = now - pwdage;
  219. }
  220. }
  221. NetApiBufferFree(buf);
  223. } while ( rc == ERROR_MORE_DATA );
  225. }
  226. else
  227. {
  228. rc = GetLastError();
  229. }
  230. return rc;
  231. }
  234. DWORD // ret- WIN32 error code
  235. CComputerPwdAge::GetSinglePasswordAgeInternal(
  236. WCHAR const * domctrl, // in - domain controller to query
  237. WCHAR const * computer, // in - name of computer account
  238. DWORD * pwdage // out- password age in seconds
  239. )
  240. {
  241. DWORD rc = 0;
  242. USER_INFO_11 * buf;
  244. rc = NetUserGetInfo(domctrl,computer,11,(LPBYTE*)&buf);
  246. if (! rc )
  247. {
  248. (*pwdage) = buf->usri11_password_age;
  249. NetApiBufferFree(buf);
  250. }
  251. return rc;
  252. }
  255. // ComputerPwdAge worknode
  256. // Retrieves the password age (in seconds) for a computer account in a specified domain
  257. // This can be used to identify defunct computer accounts
  258. //
  259. // VarSet syntax
  260. // Input:
  261. // ComputerPasswordAge.Domain: <DomainName>
  262. // ComputerPasswordAge.Computer: <ComputerName>
  263. // Output:
  264. // ComputerPasswordAge.Seconds : <number>
  266. STDMETHODIMP
  267. CComputerPwdAge::Process(
  268. IUnknown * pWorkItem // in - varset containing settings
  269. )
  270. {
  271. HRESULT hr = S_OK;
  272. IVarSetPtr pVarSet = pWorkItem;
  273. _bstr_t domain;
  274. _bstr_t computer;
  275. DWORD age;
  277. domain = pVarSet->get(L"ComputerPasswordAge.Domain");
  278. computer = pVarSet->get(L"ComputerPasswordAge.Computer");
  279. if ( computer.length() && domain.length() )
  280. {
  281. hr = GetPwdAge(domain,computer,&age);
  282. if ( SUCCEEDED(hr) )
  283. {
  284. pVarSet->put(L"ComputerPasswordAge.Seconds",(LONG)age);
  285. }
  286. }
  287. return hr;
  288. }