archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/inetsrv/iis/admin/adsi/setup/metacfg.cxx

665 lines
19 KiB
Raw Normal View History

Add source files
4 years ago
  1. #include "schema.h"
  2. #pragma hdrstop
  4. #include "initguid.h"
  5. #include "iadmw.h"
  6. #include "schemini.hxx"
  8. #if _IIS_6_0
  9. #include "..\adsiis\globdata.cxx"
  10. #elif _IIS_5_1
  11. #include "..\adsiis\iis51\globdata.cxx"
  12. #else
  13. #error "Neither _IIS_6_0 nor _IIS_5_1 is defined"
  14. #endif
  16. #define DEFAULT_TIMEOUT_VALUE 30000
  18. HRESULT SetAdminACL(IMSAdminBase * pAdminBase);
  19. DWORD
  20. GetPrincipalSID (
  21. LPTSTR Principal,
  22. PSID *Sid,
  23. BOOL *pbWellKnownSID
  24. );
  26. MetaHandle::MetaHandle(IMSAdminBasePtr _pmb) : pmb(_pmb) {
  27. if (pmb)
  28. pmb->AddRef();
  29. h = 0;
  30. }
  31. MetaHandle::~MetaHandle() {
  32. if (pmb) {
  33. if (h)
  34. pmb->CloseKey(h);
  35. pmb->Release();
  36. }
  37. }
  39. struct WideStrMapEntry {
  40. LPWSTR m_str;
  41. void *m_data;
  42. };
  44. class WideStrMap {
  45. WideStrMapEntry *map;
  46. int count;
  47. int mapSize;
  48. public:
  49. WideStrMap();
  50. ~WideStrMap();
  51. BOOL CheckSpace();
  52. BOOL Add(LPWSTR str, void *data);
  53. void *Find(LPWSTR str);
  54. void *operator[] (LPWSTR str);
  55. };
  57. WideStrMap::WideStrMap() {
  58. count = 0;
  59. mapSize = 64;
  60. map = (WideStrMapEntry *)malloc(sizeof(WideStrMapEntry) * mapSize);
  61. }
  63. WideStrMap::~WideStrMap() {
  64. free(map);
  65. }
  67. BOOL WideStrMap::CheckSpace() {
  68. if (count < mapSize)
  69. return TRUE;
  70. mapSize += 32;
  71. if ((map = (WideStrMapEntry *)realloc(map, sizeof(WideStrMapEntry)*mapSize)) == NULL)
  72. return FALSE;
  73. return TRUE;
  74. }
  76. BOOL WideStrMap::Add(LPWSTR str, void *data) {
  77. if (!CheckSpace())
  78. return FALSE;
  79. map[count].m_str = str;
  80. map[count].m_data = data;
  81. count++;
  82. return TRUE;
  83. }
  85. void *WideStrMap::Find(LPWSTR str) {
  86. for (int i=0; i < count; i++) {
  87. if (!_wcsicmp(str, map[i].m_str))
  88. return map[i].m_data;
  89. }
  90. return NULL;
  91. }
  93. void *WideStrMap::operator[] (LPWSTR str) {
  94. return Find(str);
  95. }
  97. #if 0
  98. struct PropValue {
  99. DWORD dwMetaID;
  100. DWORD dwSynID;
  101. DWORD dwMetaType;
  102. DWORD dwFlags;
  103. BOOL fMultiValued;
  104. DWORD dwMask;
  105. DWORD dwMetaFlags;
  106. DWORD dwUserGroup;
  107. };
  108. #endif
  110. void InitPropValue(PropValue *pv, PROPERTYINFO *pi) {
  111. pv->dwSynID = pi->dwSyntaxId;
  112. pv->dwMetaID = pi->dwMetaID;
  113. pv->dwPropID = pi->dwPropID;
  114. pv->dwMaxRange = (DWORD)pi->lMaxRange;
  115. pv->dwMinRange = (DWORD)pi->lMinRange;
  117. switch(pi->dwSyntaxId) {
  118. case IIS_SYNTAX_ID_DWORD:
  119. case IIS_SYNTAX_ID_BOOL:
  120. case IIS_SYNTAX_ID_BOOL_BITMASK:
  121. pv->dwMetaType = DWORD_METADATA;
  122. break;
  123. case IIS_SYNTAX_ID_STRING:
  124. pv->dwMetaType = STRING_METADATA;
  125. break;
  126. case IIS_SYNTAX_ID_EXPANDSZ:
  127. pv->dwMetaType = EXPANDSZ_METADATA;
  128. break;
  129. case IIS_SYNTAX_ID_MIMEMAP:
  130. case IIS_SYNTAX_ID_MULTISZ:
  131. pv->dwMetaType = MULTISZ_METADATA;
  132. break;
  133. case IIS_SYNTAX_ID_NTACL:
  134. case IIS_SYNTAX_ID_IPSECLIST:
  135. pv->dwMetaType = BINARY_METADATA;
  136. break;
  138. }
  139. pv->dwFlags = pi->dwFlags;
  140. pv->fMultiValued = pi->fMultiValued;
  141. pv->dwMask = pi->dwMask;
  142. pv->dwMetaFlags = pi->dwMetaFlags;
  143. pv->dwUserGroup = pi->dwUserGroup;
  144. }
  146. // struct __declspec(__uuid()
  147. static char asciiBuf[2048];
  149. BOOL DataForSyntaxID(PROPERTYINFO *pp, METADATA_RECORD *mdr) {
  150. static DWORD value=0;
  151. WCHAR *ptr;
  152. int i;
  154. switch(pp->dwSyntaxId) {
  155. case IIS_SYNTAX_ID_BOOL:
  156. case IIS_SYNTAX_ID_BOOL_BITMASK:
  157. case IIS_SYNTAX_ID_DWORD:
  158. mdr->dwMDDataType = DWORD_METADATA;
  159. mdr->dwMDDataLen = sizeof(DWORD);
  160. mdr->pbMDData = (unsigned char *)&(pp->dwDefault);
  161. break;
  162. case IIS_SYNTAX_ID_STRING:
  163. mdr->dwMDDataType = STRING_METADATA;
  164. mdr->dwMDDataLen = (wcslen(pp->szDefault)+1)*2;
  165. mdr->pbMDData = (unsigned char *)pp->szDefault;
  166. break;
  167. case IIS_SYNTAX_ID_EXPANDSZ:
  168. mdr->dwMDDataType = EXPANDSZ_METADATA;
  169. mdr->dwMDDataLen = (wcslen(pp->szDefault)+1)*2;
  170. mdr->pbMDData = (unsigned char *)pp->szDefault;
  171. break;
  172. case IIS_SYNTAX_ID_MIMEMAP:
  173. case IIS_SYNTAX_ID_MULTISZ:
  174. //
  175. // Note, ALL multisz types must have an extra \0 in the table.
  176. //
  177. mdr->dwMDDataType = MULTISZ_METADATA;
  178. ptr = pp->szDefault;
  179. do {
  180. ptr += wcslen(ptr)+1;
  181. } while (*ptr != 0);
  182. mdr->dwMDDataLen = DIFF((char *)ptr - (char *)pp->szDefault)+2;
  183. mdr->pbMDData = (unsigned char *)pp->szDefault;
  184. break;
  185. case IIS_SYNTAX_ID_IPSECLIST:
  186. case IIS_SYNTAX_ID_NTACL:
  187. case IIS_SYNTAX_ID_BINARY:
  188. mdr->dwMDDataType = BINARY_METADATA;
  189. mdr->dwMDDataLen = 0;
  190. mdr->pbMDData = NULL;
  191. break;
  192. default:
  193. mdr->dwMDDataType = DWORD_METADATA;
  194. mdr->dwMDDataLen = sizeof(DWORD);
  195. mdr->pbMDData = (unsigned char *)&value;
  196. return FALSE;
  197. }
  198. return TRUE;
  199. }
  201. const DWORD getAllBufSize = 4096;
  203. wchar_t *grabProp(wchar_t *out, wchar_t *in) {
  204. if (!in || *in == L'\0') {
  205. *out = L'\0';
  206. return NULL;
  207. }
  208. while (*in != L',' && *in != L'\0') {
  209. *out++ = *in++;
  210. }
  211. *out = L'\0';
  212. if (*in == L',')
  213. return ++in;
  214. return in;
  215. }
  218. HRESULT StoreSchema() {
  219. DWORD bufSize = getAllBufSize;
  220. BYTE *buf = new BYTE[bufSize];
  221. HRESULT hr;
  222. COSERVERINFO csiName;
  223. COSERVERINFO *pcsiParam = &csiName;
  224. IClassFactory * pcsfFactory = NULL;
  225. IMSAdminBase * pAdminBase = NULL;
  226. METADATA_RECORD mdr;
  227. wchar_t mandProps[MAX_PATH];
  228. wchar_t optProps[MAX_PATH];
  229. wchar_t prop[MAX_PATH], *propList;
  230. MetaHandle root(NULL);
  231. DWORD value = 0;
  232. DWORD i;
  233. //
  234. // nameToProp is used for mapping properties by name to the property structures
  235. // that define the properties. Since we first run through the list of props,
  236. // and write out the names, we add the prop to the map. Then, when we encounter
  237. // the properties by name, which is how the classes maintain them, we can access
  238. // the corresponding property structure.
  239. //
  240. WideStrMap nameToProp;
  242. memset(pcsiParam, 0, sizeof(COSERVERINFO));
  243. pcsiParam->pwszName = NULL;
  244. csiName.pAuthInfo = NULL;
  245. pcsiParam = &csiName;
  247. hr = CoGetClassObject(
  248. CLSID_MSAdminBase,
  249. CLSCTX_SERVER,
  250. pcsiParam,
  251. IID_IClassFactory,
  252. (void**) &pcsfFactory
  253. );
  255. BAIL_ON_FAILURE(hr);
  257. hr = pcsfFactory->CreateInstance(
  258. NULL,
  259. IID_IMSAdminBase,
  260. (void **) &pAdminBase
  261. );
  262. pcsfFactory->Release();
  263. BAIL_ON_FAILURE(hr);
  264. root.setpointer(pAdminBase);
  265. hr = pAdminBase->OpenKey(METADATA_MASTER_ROOT_HANDLE,
  266. L"",
  267. METADATA_PERMISSION_READ|METADATA_PERMISSION_WRITE,
  268. DEFAULT_TIMEOUT_VALUE,
  269. root);
  270. BAIL_ON_FAILURE(hr);
  272. hr = pAdminBase->AddKey(root, L"Schema");
  273. if (FAILED(hr) && HRESULT_CODE(hr) != ERROR_ALREADY_EXISTS) {
  274. BAIL_ON_FAILURE(hr);
  275. }
  276. hr = pAdminBase->AddKey(root, L"Schema/Properties");
  277. if (FAILED(hr) && HRESULT_CODE(hr) != ERROR_ALREADY_EXISTS) {
  278. BAIL_ON_FAILURE(hr);
  279. }
  281. hr = pAdminBase->AddKey(root, L"Schema/Classes");
  282. if (FAILED(hr) && HRESULT_CODE(hr) != ERROR_ALREADY_EXISTS) {
  283. BAIL_ON_FAILURE(hr);
  284. }
  286. hr = pAdminBase->AddKey(root, L"Schema/Properties/Names");
  287. if (FAILED(hr) && HRESULT_CODE(hr) != ERROR_ALREADY_EXISTS) {
  288. BAIL_ON_FAILURE(hr);
  289. }
  291. hr = pAdminBase->AddKey(root, L"Schema/Properties/Types");
  292. if (FAILED(hr) && HRESULT_CODE(hr) != ERROR_ALREADY_EXISTS) {
  293. BAIL_ON_FAILURE(hr);
  294. }
  296. hr = pAdminBase->AddKey(root, L"Schema/Properties/Defaults");
  297. if (FAILED(hr) && HRESULT_CODE(hr) != ERROR_ALREADY_EXISTS) {
  298. BAIL_ON_FAILURE(hr);
  299. }
  301. root.close();
  303. //
  304. // Now, let's initialize the property dictionary.
  305. //
  306. hr = pAdminBase->OpenKey(METADATA_MASTER_ROOT_HANDLE,
  307. L"/Schema/Properties",
  308. METADATA_PERMISSION_READ|METADATA_PERMISSION_WRITE,
  309. DEFAULT_TIMEOUT_VALUE,
  310. root);
  311. BAIL_ON_FAILURE(hr);
  313. mdr.dwMDDataTag = 0;
  314. DWORD propData[2];
  315. PropValue pv;
  316. for (i=0; i < g_cIISProperties; i++) {
  317. //
  318. // First, we set the name prop to the string value of the properties name.
  319. //
  320. mdr.dwMDIdentifier = g_aIISProperties[i].dwPropID;
  321. mdr.dwMDAttributes = METADATA_NO_ATTRIBUTES;
  322. mdr.dwMDUserType = IIS_MD_UT_SERVER;
  323. mdr.dwMDDataType = STRING_METADATA;
  324. mdr.dwMDDataLen = (wcslen(g_aIISProperties[i].szPropertyName)+1)*2;
  325. mdr.pbMDData = (unsigned char *)g_aIISProperties[i].szPropertyName;
  326. hr = pAdminBase->SetData(root, L"Names", &mdr);
  327. BAIL_ON_FAILURE(hr);
  329. //
  330. // Next, we need to update the type field.
  331. //
  332. InitPropValue(&pv, &g_aIISProperties[i]);
  333. mdr.dwMDDataType = BINARY_METADATA;
  334. mdr.dwMDDataLen = sizeof(PropValue);
  335. mdr.pbMDData = (unsigned char *)&pv;
  336. hr = pAdminBase->SetData(root, L"Types", &mdr);
  337. BAIL_ON_FAILURE(hr);
  339. //
  340. // update default values
  341. //
  343. mdr.dwMDIdentifier = g_aIISProperties[i].dwPropID;
  344. mdr.dwMDAttributes = METADATA_NO_ATTRIBUTES;
  345. mdr.dwMDUserType = IIS_MD_UT_SERVER;
  346. DataForSyntaxID(&(g_aIISProperties[i]), &mdr);
  347. hr = pAdminBase->SetData(root, L"Defaults", &mdr);
  348. BAIL_ON_FAILURE(hr);
  350. }
  352. root.close();
  353. hr = pAdminBase->SaveData();
  354. BAIL_ON_FAILURE(hr);
  356. hr = pAdminBase->OpenKey(METADATA_MASTER_ROOT_HANDLE,
  357. L"/Schema/Classes",
  358. METADATA_PERMISSION_READ|METADATA_PERMISSION_WRITE,
  359. DEFAULT_TIMEOUT_VALUE,
  360. root);
  361. BAIL_ON_FAILURE(hr);
  364. for (i=0; i < g_cIISClasses; i++) {
  365. hr = pAdminBase->AddKey(root, g_aIISClasses[i].bstrName);
  366. if (FAILED(hr) && HRESULT_CODE(hr) != ERROR_ALREADY_EXISTS) {
  367. BAIL_ON_FAILURE(hr);
  368. }
  370. //
  371. // setting Containment and Container property for classes
  372. //
  374. mdr.dwMDIdentifier = MD_SCHEMA_CLASS_CONTAINMENT;
  375. mdr.dwMDAttributes = METADATA_NO_ATTRIBUTES;
  376. mdr.dwMDUserType = IIS_MD_UT_SERVER;
  377. mdr.dwMDDataType = STRING_METADATA;
  378. if (g_aIISClasses[i].bstrContainment) {
  379. mdr.dwMDDataLen = (wcslen((LPWSTR)g_aIISClasses[i].bstrContainment)+1)*2;
  380. }
  381. else {
  382. mdr.dwMDDataLen = 0;
  383. }
  385. mdr.pbMDData = (unsigned char *)g_aIISClasses[i].bstrContainment;
  386. hr = pAdminBase->SetData(root, g_aIISClasses[i].bstrName, &mdr);
  387. BAIL_ON_FAILURE(hr);
  389. mdr.dwMDIdentifier = MD_SCHEMA_CLASS_CONTAINER;
  390. mdr.dwMDAttributes = METADATA_NO_ATTRIBUTES;
  391. mdr.dwMDUserType = IIS_MD_UT_SERVER;
  392. mdr.dwMDDataType = DWORD_METADATA;
  393. mdr.dwMDDataLen = sizeof(DWORD);
  394. mdr.pbMDData = (unsigned char *)&(g_aIISClasses[i].fContainer);
  395. hr = pAdminBase->SetData(root, g_aIISClasses[i].bstrName, &mdr);
  396. BAIL_ON_FAILURE(hr);
  399. //
  400. // setting Optional and Mandatory Properties
  401. //
  403. mdr.dwMDIdentifier = MD_SCHEMA_CLASS_MAND_PROPERTIES;
  404. mdr.dwMDAttributes = METADATA_NO_ATTRIBUTES;
  405. mdr.dwMDUserType = IIS_MD_UT_SERVER;
  406. mdr.dwMDDataType = STRING_METADATA;
  407. if (g_aIISClasses[i].bstrMandatoryProperties) {
  408. mdr.dwMDDataLen = (wcslen((LPWSTR)g_aIISClasses[i].bstrMandatoryProperties)+1)*2;
  409. }
  410. else {
  411. mdr.dwMDDataLen = 0;
  412. }
  414. mdr.pbMDData = (unsigned char *)g_aIISClasses[i].bstrMandatoryProperties;
  415. hr = pAdminBase->SetData(root, g_aIISClasses[i].bstrName, &mdr);
  416. BAIL_ON_FAILURE(hr);
  418. mdr.dwMDIdentifier = MD_SCHEMA_CLASS_OPT_PROPERTIES;
  419. mdr.dwMDAttributes = METADATA_NO_ATTRIBUTES;
  420. mdr.dwMDUserType = IIS_MD_UT_SERVER;
  421. mdr.dwMDDataType = STRING_METADATA;
  422. if (g_aIISClasses[i].bstrOptionalProperties) {
  423. mdr.dwMDDataLen = (wcslen((LPWSTR)g_aIISClasses[i].bstrOptionalProperties)+1)*2;
  424. }
  425. else {
  426. mdr.dwMDDataLen = 0;
  427. }
  429. mdr.pbMDData = (unsigned char *)g_aIISClasses[i].bstrOptionalProperties;
  430. hr = pAdminBase->SetData(root, g_aIISClasses[i].bstrName, &mdr);
  431. BAIL_ON_FAILURE(hr);
  433. }
  434. root.close();
  435. hr = pAdminBase->SaveData();
  436. BAIL_ON_FAILURE(hr);
  438. hr = SetAdminACL(pAdminBase);
  440. error:
  441. root.close();
  442. if (pAdminBase)
  443. pAdminBase->Release();
  444. return hr;
  445. }
  447. HRESULT SetAdminACL(
  448. IMSAdminBase * pAdminBase
  449. )
  450. {
  451. BOOL b = FALSE;
  452. DWORD dwLength = 0;
  454. PSECURITY_DESCRIPTOR pSD = NULL;
  455. PSECURITY_DESCRIPTOR outpSD = NULL;
  456. DWORD cboutpSD = 0;
  457. PACL pACLNew = NULL;
  458. DWORD cbACL = 0;
  459. PSID pAdminsSID = NULL, pEveryoneSID = NULL;
  460. BOOL bWellKnownSID = FALSE;
  461. MetaHandle root(NULL);
  462. METADATA_RECORD mdr;
  463. HRESULT hr = NO_ERROR;
  464. DWORD dwStartMetaId = IIS_MD_ADSI_METAID_BEGIN;
  466. // Initialize a new security descriptor
  467. pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
  468. if (!pSD) {hr = E_OUTOFMEMORY;}
  469. BAIL_ON_FAILURE(hr);
  471. InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION);
  473. // Get Local Admins Sid
  474. GetPrincipalSID (_T("Administrators"), &pAdminsSID, &bWellKnownSID);
  476. // Get everyone Sid
  477. GetPrincipalSID (_T("Everyone"), &pEveryoneSID, &bWellKnownSID);
  479. // Initialize a new ACL, which only contains 2 aaace
  480. cbACL = sizeof(ACL) +
  481. (sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pAdminsSID) - sizeof(DWORD)) +
  482. (sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pEveryoneSID) - sizeof(DWORD)) ;
  483. pACLNew = (PACL) LocalAlloc(LPTR, cbACL);
  484. if (!pACLNew) {hr = E_OUTOFMEMORY;}
  485. BAIL_ON_FAILURE(hr);
  487. InitializeAcl(pACLNew, cbACL, ACL_REVISION);
  489. AddAccessAllowedAce(
  490. pACLNew,
  491. ACL_REVISION,
  492. FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_GENERIC_EXECUTE,
  493. pAdminsSID);
  495. AddAccessAllowedAce(
  496. pACLNew,
  497. ACL_REVISION,
  498. FILE_GENERIC_READ,
  499. pEveryoneSID);
  501. // Add the ACL to the security descriptor
  502. b = SetSecurityDescriptorDacl(pSD, TRUE, pACLNew, FALSE);
  503. b = SetSecurityDescriptorOwner(pSD, pAdminsSID, TRUE);
  504. b = SetSecurityDescriptorGroup(pSD, pAdminsSID, TRUE);
  506. // Security descriptor blob must be self relative
  507. b = MakeSelfRelativeSD(pSD, outpSD, &cboutpSD);
  508. outpSD = (PSECURITY_DESCRIPTOR)GlobalAlloc(GPTR, cboutpSD);
  509. if (!outpSD) {hr = E_OUTOFMEMORY;}
  510. BAIL_ON_FAILURE(hr);
  511. b = MakeSelfRelativeSD( pSD, outpSD, &cboutpSD );
  513. // below this modify pSD to outpSD
  515. // Apply the new security descriptor to the file
  516. dwLength = GetSecurityDescriptorLength(outpSD);
  518. // Apply the new security descriptor to the file
  519. hr = pAdminBase->OpenKey(METADATA_MASTER_ROOT_HANDLE,
  520. L"/Schema",
  521. METADATA_PERMISSION_READ|METADATA_PERMISSION_WRITE,
  522. DEFAULT_TIMEOUT_VALUE,
  523. root);
  524. BAIL_ON_FAILURE(hr);
  526. mdr.dwMDIdentifier = MD_ADMIN_ACL;
  527. mdr.dwMDAttributes = METADATA_INHERIT | METADATA_REFERENCE | METADATA_SECURE;
  528. mdr.dwMDUserType = IIS_MD_UT_SERVER;
  529. mdr.dwMDDataType = BINARY_METADATA;
  530. mdr.dwMDDataLen = dwLength;
  531. mdr.pbMDData = (LPBYTE)outpSD;
  533. hr = pAdminBase->SetData(root, L"", &mdr);
  534. BAIL_ON_FAILURE(hr);
  536. //
  537. // set the start count for meta id
  538. //
  540. mdr.dwMDIdentifier = MD_SCHEMA_METAID;
  541. mdr.dwMDAttributes = METADATA_NO_ATTRIBUTES;
  542. mdr.dwMDUserType = IIS_MD_UT_SERVER;
  543. mdr.dwMDDataType = DWORD_METADATA;
  544. mdr.dwMDDataLen = sizeof(DWORD);
  545. mdr.pbMDData = (LPBYTE)&dwStartMetaId;
  547. hr = pAdminBase->SetData(root, L"", &mdr);
  548. BAIL_ON_FAILURE(hr);
  550. root.close();
  552. error :
  554. //Cleanup:
  555. // both of Administrators and Everyone are well-known SIDs, use FreeSid() to free them.
  556. if (outpSD)
  557. GlobalFree(outpSD);
  559. if (pAdminsSID)
  560. FreeSid(pAdminsSID);
  561. if (pEveryoneSID)
  562. FreeSid(pEveryoneSID);
  563. if (pSD)
  564. LocalFree((HLOCAL) pSD);
  565. if (pACLNew)
  566. LocalFree((HLOCAL) pACLNew);
  568. return (hr);
  569. }
  572. DWORD
  573. GetPrincipalSID (
  574. LPTSTR Principal,
  575. PSID *Sid,
  576. BOOL *pbWellKnownSID
  577. )
  578. {
  579. SID_IDENTIFIER_AUTHORITY SidIdentifierNTAuthority = SECURITY_NT_AUTHORITY;
  580. SID_IDENTIFIER_AUTHORITY SidIdentifierWORLDAuthority = SECURITY_WORLD_SID_AUTHORITY;
  581. PSID_IDENTIFIER_AUTHORITY pSidIdentifierAuthority;
  582. BYTE Count;
  583. DWORD dwRID[8];
  585. *pbWellKnownSID = TRUE;
  586. memset(&(dwRID[0]), 0, 8 * sizeof(DWORD));
  587. if ( wcscmp(Principal,_T("Administrators")) == 0 ) {
  588. // Administrators group
  589. pSidIdentifierAuthority = &SidIdentifierNTAuthority;
  590. Count = 2;
  591. dwRID[0] = SECURITY_BUILTIN_DOMAIN_RID;
  592. dwRID[1] = DOMAIN_ALIAS_RID_ADMINS;
  593. } else if ( wcscmp(Principal,_T("System")) == 0) {
  594. // SYSTEM
  595. pSidIdentifierAuthority = &SidIdentifierNTAuthority;
  596. Count = 1;
  597. dwRID[0] = SECURITY_LOCAL_SYSTEM_RID;
  598. } else if ( wcscmp(Principal,_T("Interactive")) == 0) {
  599. // INTERACTIVE
  600. pSidIdentifierAuthority = &SidIdentifierNTAuthority;
  601. Count = 1;
  602. dwRID[0] = SECURITY_INTERACTIVE_RID;
  603. } else if ( wcscmp(Principal,_T("Everyone")) == 0) {
  604. // Everyone
  605. pSidIdentifierAuthority = &SidIdentifierWORLDAuthority;
  606. Count = 1;
  607. dwRID[0] = SECURITY_WORLD_RID;
  608. } else {
  609. *pbWellKnownSID = FALSE;
  610. }
  612. if (*pbWellKnownSID) {
  613. if ( !AllocateAndInitializeSid(pSidIdentifierAuthority,
  614. (BYTE)Count,
  615. dwRID[0],
  616. dwRID[1],
  617. dwRID[2],
  618. dwRID[3],
  619. dwRID[4],
  620. dwRID[5],
  621. dwRID[6],
  622. dwRID[7],
  623. Sid) )
  624. return GetLastError();
  625. } else {
  626. // get regular account sid
  627. DWORD sidSize;
  628. TCHAR refDomain [256];
  629. DWORD refDomainSize;
  630. DWORD returnValue;
  631. SID_NAME_USE snu;
  633. sidSize = 0;
  634. refDomainSize = 255;
  636. LookupAccountName (NULL,
  637. Principal,
  638. *Sid,
  639. &sidSize,
  640. refDomain,
  641. &refDomainSize,
  642. &snu);
  644. returnValue = GetLastError();
  645. if (returnValue != ERROR_INSUFFICIENT_BUFFER)
  646. return returnValue;
  648. *Sid = (PSID) malloc (sidSize);
  649. refDomainSize = 255;
  651. if (!LookupAccountName (NULL,
  652. Principal,
  653. *Sid,
  654. &sidSize,
  655. refDomain,
  656. &refDomainSize,
  657. &snu))
  658. {
  659. return GetLastError();
  660. }
  661. }
  663. return ERROR_SUCCESS;
  664. }