archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/admt/plugins/mcspisag/csvcinf.cpp

491 lines
15 KiB
Raw Normal View History

Add source files
4 years ago
  1. // CSvcInf.cpp : Implementation of CCSvcAcctInfo
  2. #include "stdafx.h"
  3. #include "McsPISag.h"
  4. //#import "\bin\McsVarSetMin.tlb" no_namespace, named_guids
  5. //#import "\bin\DBManager.tlb" no_namespace, named_guids
  6. #import "VarSet.tlb" no_namespace, named_guids rename("property", "aproperty")
  7. #import "DBMgr.tlb" no_namespace, named_guids
  8. #include "CSvcInf.h"
  9. #include "ResStr.h"
  10. #include "ErrDct.hpp"
  12. #include <ntdsapi.h>
  13. #include <lm.h>
  14. #include <dsgetdc.h>
  16. // these are needed for ISecPlugIn
  17. #include "cipher.hpp"
  18. #include "SecPI.h"
  20. #define EXCHANGE_SERVICE_NAME L"MSExchangeSA"
  21. #define SvcAcctStatus_DoNotUpdate 1
  22. #define SvcAcctStatus_NeverAllowUpdate 8
  24. TErrorDct err;
  25. /////////////////////////////////////////////////////////////////////////////
  26. // CCSvcAcctInfo
  29. typedef UINT (CALLBACK* DSBINDFUNC)(TCHAR*, TCHAR*, HANDLE*);
  30. typedef UINT (CALLBACK* DSUNBINDFUNC)(HANDLE*);
  31. // Win2k function
  32. typedef HRESULT (CALLBACK * DSGETDCNAME)(LPWSTR, LPWSTR, GUID*, LPWSTR, DWORD, PDOMAIN_CONTROLLER_INFO*);
  34. typedef NTDSAPI
  35. DWORD
  36. WINAPI
  37. DSCRACKNAMES(
  38. HANDLE hDS, // in
  39. DS_NAME_FLAGS flags, // in
  40. DS_NAME_FORMAT formatOffered, // in
  41. DS_NAME_FORMAT formatDesired, // in
  42. DWORD cNames, // in
  43. const LPCWSTR *rpNames, // in
  44. PDS_NAME_RESULTW *ppResult); // out
  46. typedef NTDSAPI
  47. void
  48. WINAPI
  49. DSFREENAMERESULT(
  50. DS_NAME_RESULTW *pResult
  51. );
  53. // This method is called by the dispatcher to verify that this is a valid plug-in
  54. // Only valid plug-ins will be sent out with the agents
  55. // The purpose of this check is to make it more difficult for unauthorized parties
  56. // to use our plug-in interface, since it is currently undocumented.
  57. STDMETHODIMP CCSvcAcctInfo::Verify(/*[in,out]*/ULONG * pData,/*[in]*/ULONG size)
  58. {
  60. McsChallenge * pMcsChallenge;
  61. long lTemp1;
  62. long lTemp2;
  64. if( size == sizeof(McsChallenge) )
  65. {
  66. pMcsChallenge = (McsChallenge*)(pData);
  68. SimpleCipher((LPBYTE)pMcsChallenge,size);
  70. pMcsChallenge->MCS[0] = 'M';
  71. pMcsChallenge->MCS[1] = 'C';
  72. pMcsChallenge->MCS[2] = 'S';
  73. pMcsChallenge->MCS[3] = 0;
  76. lTemp1 = pMcsChallenge->lRand1 + pMcsChallenge->lRand2;
  77. lTemp2 = pMcsChallenge->lRand2 - pMcsChallenge->lRand1;
  78. pMcsChallenge->lRand1 = lTemp1;
  79. pMcsChallenge->lRand2 = lTemp2;
  80. pMcsChallenge->lTime += 100;
  82. SimpleCipher((LPBYTE)pMcsChallenge,size);
  83. }
  84. else
  85. return E_FAIL;
  88. return S_OK;
  89. }
  91. STDMETHODIMP CCSvcAcctInfo::GetRegisterableFiles(/* [out] */SAFEARRAY ** pArray)
  92. {
  93. SAFEARRAYBOUND bound[1] = { 1, 0 };
  94. LONG ndx[1] = { 0 };
  96. (*pArray) = SafeArrayCreate(VT_BSTR,1,bound);
  98. SafeArrayPutElement(*pArray,ndx,SysAllocString(L"McsPISag.DLL"));
  100. return S_OK;
  101. }
  103. STDMETHODIMP CCSvcAcctInfo::GetRequiredFiles(/* [out] */SAFEARRAY ** pArray)
  104. {
  105. SAFEARRAYBOUND bound[1] = { 1, 0 };
  106. LONG ndx[1] = { 0 };
  108. (*pArray) = SafeArrayCreate(VT_BSTR,1,bound);
  110. SafeArrayPutElement(*pArray,ndx,SysAllocString(L"McsPISag.DLL"));
  112. return S_OK;
  113. }
  115. STDMETHODIMP CCSvcAcctInfo::GetDescription(/* [out] */ BSTR * description)
  116. {
  117. (*description) = SysAllocString(L"");
  119. return S_OK;
  120. }
  122. STDMETHODIMP CCSvcAcctInfo::PreMigrationTask(/* [in] */IUnknown * pVarSet)
  123. {
  124. return S_OK;
  125. }
  127. STDMETHODIMP CCSvcAcctInfo::PostMigrationTask(/* [in] */IUnknown * pVarSet)
  128. {
  129. // DWORD rc = 0;
  130. IVarSetPtr pVS;
  132. pVS = pVarSet;
  134. _bstr_t log = pVS->get(GET_BSTR(DCTVS_Options_Logfile));
  136. err.LogOpen((WCHAR*)log,1);
  138. err.MsgWrite(0,DCT_MSG_MCSPISAG_STARTING);
  140. pVS->put(GET_BSTR(DCTVS_CurrentOperation),GET_BSTR(IDS_Gathering_SvcAcct));
  142. ProcessServices(pVS);
  144. pVS->put(GET_BSTR(DCTVS_CurrentOperation),L"");
  146. err.MsgWrite(0,DCT_MSG_MCSPISAG_DONE);
  148. err.LogClose();
  149. return S_OK;
  150. }
  153. STDMETHODIMP CCSvcAcctInfo::GetName(/* [out] */BSTR * name)
  154. {
  155. (*name) = SysAllocString(L"");
  157. return S_OK;
  158. }
  160. STDMETHODIMP CCSvcAcctInfo::GetResultString(/* [in] */IUnknown * pVarSet,/* [out] */ BSTR * text)
  161. {
  162. WCHAR buffer[1000] = L"";
  163. IVarSetPtr pVS;
  165. pVS = pVarSet;
  168. (*text) = SysAllocString(buffer);
  170. return S_OK;
  171. }
  173. STDMETHODIMP CCSvcAcctInfo::StoreResults(/* [in] */IUnknown * pVarSet)
  174. {
  175. IVarSetPtr pVS = pVarSet;
  176. IIManageDBPtr pDatabase;
  177. HRESULT hr;
  178. WCHAR key[200];
  179. _bstr_t service;
  180. _bstr_t account;
  181. _bstr_t computer;
  182. _bstr_t display;
  183. long ndx = 0;
  184. _bstr_t exchangeAccount;
  185. HINSTANCE hLibrary = NULL;
  186. DSCRACKNAMES * DsCrackNames = NULL;
  187. DSFREENAMERESULT * DsFreeNameResult = NULL;
  188. DSBINDFUNC DsBind = NULL;
  189. DSUNBINDFUNC DsUnBind = NULL;
  190. _bstr_t sourceDomainDns = pVS->get(GET_BSTR(DCTVS_Options_SourceDomainDns));
  191. WCHAR * atPtr = NULL;
  192. HANDLE hDs = NULL;
  193. bool bWin2K = false;
  195. //find out the OS version of this system to determine which GetDCName
  196. //function to use
  197. WKSTA_INFO_100 * pInfo = NULL;
  198. NET_API_STATUS nStatus;
  200. nStatus = NetWkstaGetInfo(NULL,100,(LPBYTE*)&pInfo);
  201. if (nStatus == NERR_Success)
  202. {
  203. if ( pInfo->wki100_ver_major > 4 )
  204. bWin2K = true;
  205. NetApiBufferFree(pInfo);
  206. }
  208. computer = pVS->get("LocalServer");
  209. hr = pDatabase.CreateInstance(CLSID_IManageDB);
  210. if ( SUCCEEDED(hr) )
  211. {
  212. // make a pre-pass through the data
  213. do
  214. {
  215. swprintf(key,L"ServiceAccounts.%ld.Service",ndx);
  216. service = pVS->get(key);
  218. swprintf(key,L"ServiceAccounts.%ld.Account",ndx);
  219. account = pVS->get(key);
  221. // make sure the account names are not in UPN format
  222. if ( NULL == wcschr((WCHAR*)account,L'\\') )
  223. {
  224. if (! hDs )
  225. {
  226. if (! hLibrary )
  227. {
  228. hLibrary = LoadLibrary(L"NTDSAPI.DLL");
  229. }
  230. if ( hLibrary )
  231. {
  232. DsBind = (DSBINDFUNC)GetProcAddress(hLibrary,"DsBindW");
  233. DsUnBind = (DSUNBINDFUNC)GetProcAddress(hLibrary,"DsUnBindW");
  234. DsCrackNames = (DSCRACKNAMES *)GetProcAddress(hLibrary,"DsCrackNamesW");
  235. DsFreeNameResult = (DSFREENAMERESULT *)GetProcAddress(hLibrary,"DsFreeNameResultW");
  236. }
  238. if ( DsBind && DsUnBind && DsCrackNames && DsFreeNameResult)
  239. {
  240. hr = (*DsBind)(NULL,(WCHAR*)sourceDomainDns,&hDs);
  241. if ( hr )
  242. {
  243. hDs = NULL;
  244. }
  245. }
  246. }
  247. if ( hDs )
  248. {
  249. PDS_NAME_RESULT pNamesOut = NULL;
  250. WCHAR * pNamesIn[1];
  252. pNamesIn[0] = (WCHAR*)account;
  253. hr = (*DsCrackNames)(hDs,DS_NAME_NO_FLAGS,DS_USER_PRINCIPAL_NAME,DS_NT4_ACCOUNT_NAME,1,pNamesIn,&pNamesOut);
  254. (*DsUnBind)(&hDs);
  255. hDs = NULL;
  256. if ( !hr )
  257. {
  258. if ( pNamesOut->rItems[0].status == DS_NAME_NO_ERROR )
  259. {
  260. account = pNamesOut->rItems[0].pName;
  261. pVS->put(key,account);
  262. }
  263. //if from another domain try connecting to that domain's DC and
  264. //retry DSCrackNames
  265. else if ( pNamesOut->rItems[0].status == DS_NAME_ERROR_DOMAIN_ONLY )
  266. {
  267. WCHAR dc[MAX_PATH];
  268. HRESULT res;
  269. bool bGotDC = false;
  271. //else if win2k, load and use DSGetDCName
  272. if (bWin2K)
  273. {
  274. PDOMAIN_CONTROLLER_INFOW pdomc;
  275. //load DSGetDCName
  276. DSGETDCNAME DsGetDcName = NULL;
  277. DOMAIN_CONTROLLER_INFO * pSrcDomCtrlInfo = NULL;
  279. HMODULE hPro = LoadLibrary(L"NetApi32.dll");
  280. if ( hPro )
  281. DsGetDcName = (DSGETDCNAME)GetProcAddress(hPro, "DsGetDcNameW");
  283. if (DsGetDcName)
  284. {
  285. res = DsGetDcName(NULL,pNamesOut->rItems[0].pDomain,NULL,NULL,DS_DIRECTORY_SERVICE_PREFERRED,&pdomc);
  286. if (res==NERR_Success)
  287. {
  288. bGotDC = true;
  289. safecopy(dc,pdomc->DomainControllerName);
  290. NetApiBufferFree(pdomc);
  291. }
  292. }
  293. }//end if Win2K machine
  295. //if this is an NT 4.0 or earlier machine or DSGetDCName failed,
  296. //use NetGetDCName
  297. if (!bGotDC)
  298. {
  299. LPWSTR pdomc;
  300. res = NetGetDCName(NULL,pNamesOut->rItems[0].pDomain,(LPBYTE *)&pdomc);
  301. if (res==NERR_Success)
  302. {
  303. safecopy(dc,pdomc);
  304. NetApiBufferFree(pdomc);
  305. }
  306. }
  308. if (res==NERR_Success)
  309. {
  310. //bind to that domain DC
  311. hr = (*DsBind)(dc,NULL,&hDs);
  312. if ( !hr )
  313. {
  314. (*DsFreeNameResult)(pNamesOut);//release the old info
  315. pNamesOut = NULL;
  316. //retry DSCrackNames again
  317. hr = (*DsCrackNames)(hDs,DS_NAME_NO_FLAGS,DS_USER_PRINCIPAL_NAME,DS_NT4_ACCOUNT_NAME,1,pNamesIn,&pNamesOut);
  318. if ( !hr )
  319. {
  320. if ( pNamesOut->rItems[0].status == DS_NAME_NO_ERROR )
  321. {
  322. account = pNamesOut->rItems[0].pName;
  323. pVS->put(key,account);
  324. }
  325. }
  326. (*DsUnBind)(&hDs);
  327. hDs = NULL;
  328. }
  329. }
  330. }
  331. if (pNamesOut)
  332. (*DsFreeNameResult)(pNamesOut);
  333. }
  334. }
  335. }
  336. // also, look for the exchange server service account
  337. if ( !UStrICmp(service,EXCHANGE_SERVICE_NAME) )
  338. {
  339. exchangeAccount = account;
  340. break;
  341. }
  342. ndx++;
  343. } while ( service.length() );
  345. ndx = 0;
  346. WCHAR serverFilter[300];
  348. // clear any old entries from the table for this computer
  349. swprintf(serverFilter,L"System = '%ls'",(WCHAR*)computer);
  350. _variant_t Filter = serverFilter;
  351. hr = pDatabase->raw_ClearTable(SysAllocString(L"ServiceAccounts"), Filter);
  352. do
  353. {
  354. swprintf(key,L"ServiceAccounts.%ld.Service",ndx);
  355. service = pVS->get(key);
  356. swprintf(key,L"ServiceAccounts.%ld.DisplayName",ndx);
  357. display = pVS->get(key);
  358. swprintf(key,L"ServiceAccounts.%ld.Account",ndx);
  359. account = pVS->get(key);
  360. if ( service.length() && account.length() )
  361. {
  362. hr = pDatabase->raw_SetServiceAccount(computer,service,display,account);
  363. if ( SUCCEEDED(hr) && !UStrICmp((WCHAR*)account,(WCHAR*)exchangeAccount) )
  364. {
  365. // mark this account to be excluded from the processing
  366. hr = pDatabase->raw_SetServiceAcctEntryStatus(computer,service,account,SvcAcctStatus_NeverAllowUpdate);
  367. }
  368. }
  369. ndx++;
  370. } while ( service.length() );
  371. }
  372. if ( hLibrary )
  373. {
  374. FreeLibrary(hLibrary);
  375. }
  376. return S_OK;
  377. }
  379. STDMETHODIMP CCSvcAcctInfo::ConfigureSettings(/*[in]*/IUnknown * pVarSet)
  380. {
  381. IVarSetPtr pVS = pVarSet;
  383. MessageBox(NULL,L"This is a test",L"McsPISag PlugIn",MB_OK);
  385. return S_OK;
  386. }
  388. void CCSvcAcctInfo::ProcessServices(IVarSet * pVarSet)
  389. {
  390. // Connect to the SCM on the local computer
  391. SC_HANDLE pScm = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS );
  392. DWORD rc = 0;
  393. WCHAR domain[200];
  394. WKSTA_INFO_100 * info;
  396. // Get the name of the domain that this computer is in, so we can resolve any accounts that are
  397. // specified as .\Account to DOMAIN\account format
  399. rc = NetWkstaGetInfo(NULL,100,(BYTE**)&info);
  400. if ( ! rc )
  401. {
  402. UStrCpy(domain,info->wki100_langroup);
  403. NetApiBufferFree(info);
  404. }
  405. else
  406. {
  407. // if we can't get the domain name, just leave the .
  408. UStrCpy(domain,L".");
  409. }
  410. if ( pScm )
  411. {
  412. // Enumerate the services on the computer
  413. ENUM_SERVICE_STATUS servStatus[1000];
  414. DWORD cbBufSize = (sizeof servStatus);
  415. DWORD cbBytesNeeded = 0;
  416. DWORD nReturned = 0;
  417. DWORD hResume = 0;
  418. WCHAR string[1000];
  419. long count = 0;
  421. if (! EnumServicesStatus(pScm,SERVICE_WIN32,SERVICE_STATE_ALL,servStatus,cbBufSize,&cbBytesNeeded,&nReturned,&hResume) )
  422. {
  423. rc = GetLastError();
  424. err.SysMsgWrite(ErrE,rc,DCT_MSG_SERVICE_ENUM_FAILED_D,rc);
  425. }
  426. else
  427. {
  428. rc = 0;
  429. }
  431. if ( rc == ERROR_SUCCESS || rc == ERROR_MORE_DATA )
  432. {
  434. for ( UINT i = 0 ; i < nReturned ; i++ )
  435. {
  436. SC_HANDLE pService = OpenService(pScm,servStatus[i].lpServiceName,SERVICE_ALL_ACCESS );
  437. BYTE buf[3000];
  438. QUERY_SERVICE_CONFIG * pConfig = (QUERY_SERVICE_CONFIG *)buf;
  439. // BOOL bIncluded = FALSE;
  440. DWORD lenNeeded = 0;
  443. if ( pService )
  444. {
  445. // get the information about this service
  446. if ( QueryServiceConfig(pService,pConfig,sizeof buf, &lenNeeded) )
  447. {
  448. err.MsgWrite(0,DCT_MSG_SERVICE_USES_ACCOUNT_SS,servStatus[i].lpServiceName,pConfig->lpServiceStartName);
  449. // add the account to the list if it is not using LocalSystem
  450. if ( UStrICmp(pConfig->lpServiceStartName,L"LocalSystem"))
  451. {
  452. swprintf(string,L"ServiceAccounts.%ld.Service",count);
  453. pVarSet->put(string,servStatus[i].lpServiceName);
  454. swprintf(string,L"ServiceAccounts.%ld.DisplayName",count);
  455. pVarSet->put(string,servStatus[i].lpDisplayName);
  456. swprintf(string,L"ServiceAccounts.%ld.Account",count);
  457. if ( pConfig->lpServiceStartName[0] == L'.' && pConfig->lpServiceStartName[1] == L'\\' )
  458. {
  459. WCHAR domAcct[500];
  461. // set domAcct to DOMAIN + \Account
  462. UStrCpy(domAcct,domain);
  463. UStrCpy(domAcct+UStrLen(domAcct),pConfig->lpServiceStartName + 1 );
  465. pVarSet->put(string,domAcct);
  467. }
  468. else
  469. {
  470. pVarSet->put(string,pConfig->lpServiceStartName);
  471. }
  472. count++;
  473. }
  475. }
  476. CloseServiceHandle(pService);
  477. }
  478. else
  479. {
  480. err.SysMsgWrite(ErrE,GetLastError(),DCT_MSG_OPEN_SERVICE_FAILED_SD,servStatus[i].lpServiceName,rc);
  481. }
  482. }
  483. }
  484. CloseServiceHandle(pScm);
  485. }
  486. else
  487. {
  488. rc = GetLastError();
  489. err.SysMsgWrite(ErrE,rc,DCT_MSG_SCM_OPEN_FAILED_D,rc);
  490. }
  491. }