archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/netui/shell/test/apptest4.cxx

484 lines
15 KiB
Raw Normal View History

Add source files
4 years ago
  1. /********************************************************************/
  2. /** Microsoft LAN Manager **/
  3. /** Copyright(c) Microsoft Corp., 1987-1990 **/
  4. /********************************************************************/
  6. /*
  7. * FILE STATUS:
  8. * 1/02/91 Created
  9. * 1/12/91 Split from Logon App, reduced to just Shell Test APP
  10. * 2/21/91 Disabled
  11. * Johnl 12/28/91 Created DACL Editor test
  12. */
  14. /****************************************************************************
  16. PROGRAM: test4.cxx
  18. PURPOSE: Test the SedDiscretionaryAclEditor API
  20. FUNCTIONS:
  22. test4()
  24. COMMENTS:
  26. ****************************************************************************/
  29. #ifdef CODESPEC
  30. /*START CODESPEC*/
  32. /********
  33. TEST4.CXX
  34. ********/
  36. /************
  37. end TEST4.CXX
  38. ************/
  39. /*END CODESPEC*/
  40. #endif // CODESPEC
  42. #include <ntstuff.hxx>
  44. #define INCL_NETLIB
  45. #define INCL_WINDOWS
  46. #define INCL_NETERRORS
  47. #define INCL_DOSERRORS
  48. #include <lmui.hxx>
  50. #include <string.hxx>
  51. #include <security.hxx>
  52. #include <uibuffer.hxx>
  53. extern "C"
  54. {
  55. #include <sedapi.h>
  56. }
  58. #include <uiassert.hxx>
  60. #include "apptest.hxx"
  62. #define CALLBACK_CONTEXT 0x12345678
  63. DWORD SedCallback( ULONG_PTR ulCallbackContext,
  64. PSECURITY_DESCRIPTOR psecdesc,
  65. BOOLEAN fApplyToSubContainers,
  66. BOOLEAN fApplyToSubObjects,
  67. LPDWORD StatusReturn
  68. ) ;
  70. /* Individual permission bits, these show up in the Special permission dialog
  71. */
  72. #define TEST_SPECIAL_PERM1 0x00000001
  73. #define TEST_SPECIAL_PERM2 0x00000002
  74. #define TEST_SPECIAL_PERM3 0x00000004
  75. #define TEST_SPECIAL_PERM4 0x00000008
  76. #define TEST_SPECIAL_PERM5 0x00000010
  78. /* Sets of permission bits (these are shown in the main dialog)
  79. */
  80. #define TEST_RESOURCE_NO_ACCESS (0)
  81. #define TEST_RESOURCE_PERM12 (TEST_SPECIAL_PERM1|TEST_SPECIAL_PERM2)
  82. #define TEST_RESOURCE_PERM34 (TEST_SPECIAL_PERM3|TEST_SPECIAL_PERM4)
  83. #define TEST_RESOURCE_PERM135 (TEST_SPECIAL_PERM1|TEST_SPECIAL_PERM3|TEST_SPECIAL_PERM5)
  84. #define TEST_RESOURCE_PERM4 (TEST_SPECIAL_PERM4)
  87. /* Individual permission bits, these show up in the Special permission dialog
  88. */
  89. #define TEST_NEW_OBJ_SPECIAL_PERM1 0x00000020
  90. #define TEST_NEW_OBJ_SPECIAL_PERM2 0x00000040
  91. #define TEST_NEW_OBJ_SPECIAL_PERM3 0x00000080
  92. #define TEST_NEW_OBJ_SPECIAL_PERM4 0x00000100
  93. #define TEST_NEW_OBJ_SPECIAL_PERM5 0x00000200
  95. #define TEST_NEW_OBJ_SPECIAL_NO_ACCESS (0)
  96. #define TEST_NEW_OBJ_SPECIAL_PERM12 (TEST_NEW_OBJ_SPECIAL_PERM1|TEST_NEW_OBJ_SPECIAL_PERM2)
  97. #define TEST_NEW_OBJ_SPECIAL_PERM34 (TEST_NEW_OBJ_SPECIAL_PERM3|TEST_NEW_OBJ_SPECIAL_PERM4)
  99. SED_APPLICATION_ACCESS sedappaccessNoNewObj[] =
  100. { { SED_DESC_TYPE_RESOURCE, TEST_RESOURCE_NO_ACCESS,0, SZ("No Access")},
  101. { SED_DESC_TYPE_RESOURCE, TEST_RESOURCE_PERM12, 0, SZ("Resource perms with 1, 2")},
  102. { SED_DESC_TYPE_RESOURCE, TEST_RESOURCE_PERM34, 0, SZ("Resource perms with 3, 4")},
  103. { SED_DESC_TYPE_RESOURCE, TEST_RESOURCE_PERM135, 0, SZ("Resource perms with 1, 3, 5")},
  104. { SED_DESC_TYPE_RESOURCE, TEST_RESOURCE_PERM4, 0, SZ("Resource perms with 4")},
  105. { SED_DESC_TYPE_RESOURCE_SPECIAL, TEST_SPECIAL_PERM1, 0, SZ("Perm bit 1")},
  106. { SED_DESC_TYPE_RESOURCE_SPECIAL, TEST_SPECIAL_PERM2, 0, SZ("Perm bit 2")},
  107. { SED_DESC_TYPE_RESOURCE_SPECIAL, TEST_SPECIAL_PERM3, 0, SZ("Perm bit 3")},
  108. { SED_DESC_TYPE_RESOURCE_SPECIAL, TEST_SPECIAL_PERM4, 0, SZ("Perm bit 4")},
  109. { SED_DESC_TYPE_RESOURCE_SPECIAL, TEST_SPECIAL_PERM5, 0, SZ("Perm bit 5")}
  110. } ;
  112. SED_APPLICATION_ACCESS sedappaccessNewObj[] =
  113. { { SED_DESC_TYPE_CONT_AND_NEW_OBJECT, TEST_RESOURCE_NO_ACCESS,TEST_NEW_OBJ_SPECIAL_NO_ACCESS, SZ("No Access")},
  114. { SED_DESC_TYPE_CONT_AND_NEW_OBJECT, TEST_RESOURCE_PERM12, TEST_NEW_OBJ_SPECIAL_PERM12, SZ("Resource perms with 1, 2, New Obj 1, 2")},
  115. { SED_DESC_TYPE_CONT_AND_NEW_OBJECT, TEST_RESOURCE_PERM34, TEST_NEW_OBJ_SPECIAL_PERM34, SZ("Resource perms with 3, 4, New Obj 3, 4")},
  116. { SED_DESC_TYPE_CONT_AND_NEW_OBJECT, TEST_RESOURCE_PERM135, TEST_NEW_OBJ_SPECIAL_PERM12, SZ("Resource perms with 1, 3, 5, New Obj 1, 2")},
  117. { SED_DESC_TYPE_CONT_AND_NEW_OBJECT, TEST_RESOURCE_PERM4, TEST_NEW_OBJ_SPECIAL_PERM34, SZ("Resource perms with 4, New Obj 3, 4")},
  118. { SED_DESC_TYPE_RESOURCE_SPECIAL, TEST_SPECIAL_PERM1, 0, SZ("Perm bit 1")},
  119. { SED_DESC_TYPE_RESOURCE_SPECIAL, TEST_SPECIAL_PERM2, 0, SZ("Perm bit 2")},
  120. { SED_DESC_TYPE_RESOURCE_SPECIAL, TEST_SPECIAL_PERM3, 0, SZ("Perm bit 3")},
  121. { SED_DESC_TYPE_RESOURCE_SPECIAL, TEST_SPECIAL_PERM4, 0, SZ("Perm bit 4")},
  122. { SED_DESC_TYPE_RESOURCE_SPECIAL, TEST_SPECIAL_PERM5, 0, SZ("Perm bit 5")},
  124. { SED_DESC_TYPE_NEW_OBJECT_SPECIAL, TEST_NEW_OBJ_SPECIAL_PERM1, 0, SZ("New Obj Perm bit 1")},
  125. { SED_DESC_TYPE_NEW_OBJECT_SPECIAL, TEST_NEW_OBJ_SPECIAL_PERM2, 0, SZ("New Obj Perm bit 2")},
  126. { SED_DESC_TYPE_NEW_OBJECT_SPECIAL, TEST_NEW_OBJ_SPECIAL_PERM3, 0, SZ("New Obj Perm bit 3")},
  127. { SED_DESC_TYPE_NEW_OBJECT_SPECIAL, TEST_NEW_OBJ_SPECIAL_PERM4, 0, SZ("New Obj Perm bit 4")},
  128. { SED_DESC_TYPE_NEW_OBJECT_SPECIAL, TEST_NEW_OBJ_SPECIAL_PERM5, 0, SZ("New Obj Perm bit 5")}
  129. } ;
  131. SED_APPLICATION_ACCESS sedappaccessAuditting[] =
  132. { { SED_DESC_TYPE_AUDIT, TEST_RESOURCE_PERM12, 0, SZ("Resource Audits with 1, 2")},
  133. { SED_DESC_TYPE_AUDIT, TEST_RESOURCE_PERM34, 0, SZ("Resource Audits with 3, 4")},
  134. { SED_DESC_TYPE_AUDIT, TEST_RESOURCE_PERM135, 0, SZ("Resource Audits with 1, 3, 5")},
  135. } ;
  138. #define SIZEOF_NEWOBJ_ARRAY (sizeof(sedappaccessNewObj))
  139. #define SIZEOF_NO_NEWOBJ_ARRAY (sizeof(sedappaccessNoNewObj))
  140. #define SIZEOF_AUDIT_ARRAY (sizeof(sedappaccessAuditting))
  142. #define COUNT_NEWOBJ_ARRAY (sizeof(sedappaccessNewObj)/sizeof(SED_APPLICATION_ACCESS))
  143. #define COUNT_NO_NEWOBJ_ARRAY (sizeof(sedappaccessNoNewObj)/sizeof(SED_APPLICATION_ACCESS))
  144. #define COUNT_AUDIT_ARRAY (sizeof(sedappaccessAuditting)/sizeof(SED_APPLICATION_ACCESS))
  146. /* We need to build a dummy security descriptor that we can pass to the
  147. * API. The following was borrowed from Danl's radmin test stuff.
  148. */
  149. //
  150. // DataStructures
  151. //
  153. typedef struct _TEST_SID {
  154. UCHAR Revision;
  155. UCHAR SubAuthorityCount;
  156. UCHAR IdentifierAuthority[6];
  157. ULONG SubAuthority[10];
  158. } TEST_SID, *PTEST_SID, *LPTEST_SID;
  160. typedef struct _TEST_ACE {
  161. UCHAR AceType ;
  162. UCHAR AceSize ;
  163. UCHAR InheritFlags ;
  164. UCHAR AceFlags ;
  165. ACCESS_MASK Mask ;
  166. TEST_SID sid ;
  167. } TEST_ACE, *PTEST_ACE ;
  170. typedef struct _TEST_ACL {
  171. UCHAR AclRevision;
  172. UCHAR Sbz1;
  173. USHORT AclSize;
  174. USHORT AceCount;
  175. USHORT sbz2 ;
  176. TEST_ACE Ace1[3] ;
  177. //TEST_ACE Ace2 ;
  178. //TEST_ACE Ace3 ;
  179. } TEST_ACL, *PTEST_ACL;
  181. typedef struct _TEST_SECURITY_DESCRIPTOR {
  182. UCHAR Revision;
  183. UCHAR Sbz1;
  184. SECURITY_DESCRIPTOR_CONTROL Control;
  185. PTEST_SID Owner;
  186. PTEST_SID Group;
  187. PTEST_ACL Sacl;
  188. PTEST_ACL Dacl;
  189. } TEST_SECURITY_DESCRIPTOR, *PTEST_SECURITY_DESCRIPTOR;
  191. //
  192. // GLOBALS
  193. //
  195. TEST_SID OwnerSid = {
  196. 1, 5,
  197. 1,2,3,4,5,6,
  198. 0x999, 0x888, 0x777, 0x666, 0x12345678};
  200. TEST_SID GroupSid = {
  201. 1, 5,
  202. 1,2,3,4,5,6,
  203. 0x999, 0x888, 0x777, 0x666, 0x12345678};
  205. TEST_ACL SaclAcl = { 2, 0, sizeof(TEST_ACL)+1024, 1, 0,
  206. { SYSTEM_AUDIT_ACE_TYPE, sizeof(TEST_ACE),
  207. CONTAINER_INHERIT_ACE|OBJECT_INHERIT_ACE, SUCCESSFUL_ACCESS_ACE_FLAG|FAILED_ACCESS_ACE_FLAG,
  208. TEST_RESOURCE_PERM12,
  209. { 1, 5,
  210. 1,2,3,4,5,6,
  211. 0x999, 0x888, 0x777, 0x666, 0x12345678
  212. }
  213. } } ;
  214. TCHAR _SaclAclBufferSpace[1024] ;
  216. TEST_ACL DaclAcl = { 2, 0, sizeof(TEST_ACL)+1024, 1, 0,
  217. { ACCESS_DENIED_ACE_TYPE, sizeof(TEST_ACE),
  218. CONTAINER_INHERIT_ACE, 0,
  219. GENERIC_ALL,
  220. { 1, 5,
  221. 1,2,3,4,5,6,
  222. 0x999, 0x888, 0x777, 0x666, 0x12345678
  223. }
  224. } } ;
  225. TCHAR _DaclAclBufferSpace[1024] ;
  227. TEST_ACL DaclAclNewObj = { 2, 0, sizeof(TEST_ACL)+1024, 1, 0,
  228. { ACCESS_DENIED_ACE_TYPE, sizeof(TEST_ACE),
  229. CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE, 0,
  230. GENERIC_ALL,
  231. { 1, 5,
  232. 1,2,3,4,5,6,
  233. 0x999, 0x888, 0x777, 0x666, 0x12345678
  234. }
  235. } } ;
  236. TCHAR _DaclAclNewObjBufferSpace[1024] ;
  239. TEST_ACE AuditAce1 =
  240. { SYSTEM_AUDIT_ACE_TYPE, sizeof(TEST_ACE),
  241. CONTAINER_INHERIT_ACE|OBJECT_INHERIT_ACE, SUCCESSFUL_ACCESS_ACE_FLAG|FAILED_ACCESS_ACE_FLAG,
  242. TEST_RESOURCE_PERM135,
  243. { 1, 5,
  244. 1,1,3,4,5,6,
  245. 0x999, 0x888, 0x777, 0x666, 0x12345678
  246. }
  247. } ;
  248. TEST_ACE AccessAce1 =
  249. { ACCESS_DENIED_ACE_TYPE, sizeof(TEST_ACE),
  250. CONTAINER_INHERIT_ACE, 0,
  251. GENERIC_ALL,
  252. { 1, 5,
  253. 1,1,3,4,5,6,
  254. 0x999, 0x888, 0x777, 0x666, 0x12345678
  255. }
  256. } ;
  258. TEST_ACE AccessNewObjAce1 =
  259. { ACCESS_DENIED_ACE_TYPE, sizeof(TEST_ACE),
  260. CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE, 0,
  261. GENERIC_ALL,
  262. { 1, 5,
  263. 1,1,3,4,5,6,
  264. 0x999, 0x888, 0x777, 0x666, 0x12345678
  265. }
  266. } ;
  271. TEST_SECURITY_DESCRIPTOR TestSd = {
  272. 1, 2, SE_DACL_PRESENT|SE_SACL_PRESENT,
  273. &OwnerSid,
  274. &GroupSid,
  275. &SaclAcl,
  276. &DaclAcl };
  278. TEST_SECURITY_DESCRIPTOR TestSdNewObj = {
  279. 1, 2, SE_DACL_PRESENT|SE_SACL_PRESENT,
  280. &OwnerSid,
  281. &GroupSid,
  282. &SaclAcl,
  283. &DaclAclNewObj };
  287. /****************************************************************************
  289. FUNCTION: test4()
  291. PURPOSE: Test the generic ACL Editor, specifically the
  292. SedDiscretionaryAclEditor and the SedSystemAclEditor
  294. COMMENTS:
  296. ****************************************************************************/
  298. void test4(HWND hwndParent)
  299. {
  300. BOOL fIsContainer = FALSE,
  301. fSupportsNewObjects = FALSE,
  302. fDACLEditor = TRUE ;
  305. switch (MessageBox(hwndParent,SZ("Test the DACL editor (Yes) or the SACL editor (No)?"),
  306. SZ("Welcome to way cool test4 (AclEditor)"),MB_YESNOCANCEL))
  307. {
  308. case IDYES:
  309. break ;
  311. case IDNO:
  312. {
  313. fDACLEditor = FALSE ;
  314. BOOL fPresent ;
  315. OS_ACL * posSACL ;
  316. OS_ACE osAceSACL( (void *) &AuditAce1 ) ;
  317. UIASSERT( !osAceSACL.QueryError() ) ;
  318. OS_SECURITY_DESCRIPTOR ossecdescSACL( (PSECURITY_DESCRIPTOR)&TestSd ) ;
  319. UIASSERT( !ossecdescSACL.QueryError() ) ;
  320. REQUIRE( !ossecdescSACL.QuerySACL( &fPresent, &posSACL )) ;
  321. UIASSERT( fPresent ) ;
  322. REQUIRE( !posSACL->AddACE( 0, osAceSACL )) ;
  323. }
  324. break ;
  326. case IDCANCEL:
  327. default:
  328. return ;
  329. }
  332. if ( fDACLEditor )
  333. {
  334. switch (MessageBox(hwndParent,SZ("Test the container object code? "),
  335. SZ("Welcome to way cool test4 (SedDiscretionaryAclEditor)"),MB_YESNOCANCEL))
  336. {
  337. case IDYES:
  338. fIsContainer = TRUE ;
  339. break ;
  341. switch (MessageBox(hwndParent,SZ("Does the container support New Object creation? "),
  342. SZ("Welcome to way cool test4 (SedDiscretionaryAclEditor)"),MB_YESNOCANCEL))
  343. {
  344. case IDYES:
  345. {
  346. fSupportsNewObjects = TRUE ;
  347. BOOL fPresent ;
  348. OS_ACL * posDACL ;
  349. OS_ACE osAceDACL( (void *) &AccessNewObjAce1 ) ;
  350. UIASSERT( !osAceDACL.QueryError() ) ;
  351. OS_SECURITY_DESCRIPTOR ossecdescDACL( (PSECURITY_DESCRIPTOR)&TestSdNewObj ) ;
  352. UIASSERT( !ossecdescDACL.QueryError() ) ;
  353. REQUIRE( !ossecdescDACL.QueryDACL( &fPresent, &posDACL )) ;
  354. UIASSERT( fPresent ) ;
  355. REQUIRE( !posDACL->AddACE( 0, osAceDACL )) ;
  356. }
  358. break ;
  360. case IDNO:
  361. {
  362. BOOL fPresent ;
  363. OS_ACL * posDACL ;
  364. OS_ACE osAceDACL( (void *) &AccessAce1 ) ;
  365. UIASSERT( !osAceDACL.QueryError() ) ;
  366. OS_SECURITY_DESCRIPTOR ossecdescDACL( (PSECURITY_DESCRIPTOR)&TestSd ) ;
  367. UIASSERT( !ossecdescDACL.QueryError() ) ;
  368. REQUIRE( !ossecdescDACL.QueryDACL( &fPresent, &posDACL )) ;
  369. UIASSERT( fPresent ) ;
  370. REQUIRE( !posDACL->AddACE( 0, osAceDACL )) ;
  371. }
  372. break ;
  374. case IDCANCEL:
  375. default:
  376. return ;
  377. }
  378. break ;
  380. case IDNO:
  381. break ;
  383. case IDCANCEL:
  384. default:
  385. return ;
  386. }
  387. }
  389. SED_OBJECT_TYPE_DESCRIPTOR sedobjdesc ;
  390. GENERIC_MAPPING GenericMapping ;
  392. sedobjdesc.Revision = SED_REVISION1 ;
  393. sedobjdesc.IsContainer = fIsContainer ;
  394. sedobjdesc.AllowNewObjectPerms = fSupportsNewObjects ;
  395. sedobjdesc.ObjectTypeName = SZ("Test object type name") ;
  396. sedobjdesc.MapSpecificPermsToGeneric = FALSE ;
  397. sedobjdesc.GenericMapping = &GenericMapping ;
  398. sedobjdesc.HelpInfo = NULL ;
  399. sedobjdesc.ApplyToSubContainerTitle = SZ("Apply To Sub Container Title") ;
  400. sedobjdesc.SpecialObjectAccessTitle = SZ("Special Object Access Title...") ;
  401. sedobjdesc.SpecialNewObjectAccessTitle = SZ("Special NEW Object Access Title...") ;
  403. BUFFER buff( sizeof(SED_APPLICATION_ACCESSES) +
  404. fSupportsNewObjects ? SIZEOF_NEWOBJ_ARRAY : SIZEOF_NO_NEWOBJ_ARRAY) ;
  405. if ( buff.QueryError() )
  406. {
  407. MessageBox( hwndParent, SZ("Error occurred allocating buffer"),SZ("Exitting test"), MB_OK) ;
  408. return ;
  409. }
  411. PSED_APPLICATION_ACCESSES psedappaccesses = (PSED_APPLICATION_ACCESSES) buff.QueryPtr() ;
  412. psedappaccesses->Count = !fDACLEditor ? COUNT_AUDIT_ARRAY :
  413. fSupportsNewObjects ? COUNT_NEWOBJ_ARRAY : COUNT_NO_NEWOBJ_ARRAY ;
  415. //::memcpyf( psedappaccesses->AccessGroup,
  416. // !fDACLEditor ? sedappaccessAuditting :
  417. // fSupportsNewObjects ? sedappaccessNewObj : sedappaccessNoNewObj,
  418. // !fDACLEditor ? SIZEOF_AUDIT_ARRAY :
  419. // fSupportsNewObjects ? SIZEOF_NEWOBJ_ARRAY : SIZEOF_NO_NEWOBJ_ARRAY ) ;
  421. DWORD rc ;
  422. DWORD dwSEDReturnStatus ;
  424. if ( fDACLEditor )
  425. rc = SedDiscretionaryAclEditor( hwndParent,
  426. NULL, // Instance handle
  427. SZ("\\\\JOHNL0"),
  428. &sedobjdesc,
  429. psedappaccesses,
  430. SZ("Resource Name (i.e., C:\MyFile)"),
  431. (PSED_FUNC_APPLY_SEC_CALLBACK) SedCallback,
  432. (ULONG_PTR)CALLBACK_CONTEXT,
  433. (PSECURITY_DESCRIPTOR) fSupportsNewObjects ?
  434. &TestSdNewObj : &TestSd,
  435. FALSE,
  436. &dwSEDReturnStatus ) ;
  438. else
  439. rc = SedSystemAclEditor( hwndParent,
  440. NULL, // Instance handle
  441. SZ("\\\\JOHNL0"),
  442. &sedobjdesc,
  443. psedappaccesses,
  444. SZ("Resource Name (i.e., C:\MyFile)"),
  445. (PSED_FUNC_APPLY_SEC_CALLBACK) SedCallback,
  446. (ULONG_PTR)CALLBACK_CONTEXT,
  447. (PSECURITY_DESCRIPTOR) fSupportsNewObjects ?
  448. &TestSdNewObj : &TestSd,
  449. FALSE,
  450. &dwSEDReturnStatus ) ;
  452. if ( rc )
  453. {
  454. TCHAR achBuff[100] ;
  455. wsprintf( achBuff, "Error code %ld returned from ACL Editor", rc ) ;
  456. MessageBox( hwndParent, achBuff, SZ("Apptest4"), MB_OK ) ;
  457. }
  458. }
  461. DWORD SedCallback( ULONG_PTR ulCallbackContext,
  462. PSECURITY_DESCRIPTOR psecdesc,
  463. BOOLEAN fApplyToSubContainers,
  464. BOOLEAN fApplyToSubObjects,
  465. LPDWORD StatusReturn
  466. )
  467. {
  468. UIASSERT( ulCallbackContext == CALLBACK_CONTEXT ) ;
  470. OS_SECURITY_DESCRIPTOR ossecdesc( psecdesc ) ;
  471. APIERR err = ossecdesc.QueryError() ;
  472. BOOL fValid = ossecdesc.IsValid() ;
  474. TCHAR achBuff[200] ;
  475. wsprintf( achBuff, "ossecdesc.QueryError() = %d, fApplyToSubContainers = %d, fApplyToSubObjects = %d, security desc will be output to the debugger (if debug build)",
  476. err, fApplyToSubContainers, fApplyToSubObjects ) ;
  477. MessageBox( NULL, achBuff, SZ("SedCallback"), MB_OK ) ;
  479. #ifdef DEBUG
  480. ossecdesc.DbgPrint() ;
  481. #endif
  482. *StatusReturn = SED_STATUS_FAILED_TO_MODIFY ;
  483. return NERR_Success ;
  484. }