mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
242 lines
6.4 KiB
242 lines
6.4 KiB
#pragma once
|
|
|
|
#include "Error.h"
|
|
#include "Resource.h"
|
|
#include "VarSetBase.h"
|
|
|
|
|
|
//---------------------------------------------------------------------------
|
|
// VarSet AccountOptions Class
|
|
//---------------------------------------------------------------------------
|
|
|
|
|
|
class CVarSetAccountOptions : public CVarSet
|
|
{
|
|
public:
|
|
|
|
CVarSetAccountOptions(const CVarSet& rVarSet) :
|
|
CVarSet(rVarSet)
|
|
{
|
|
// must specify that security translation uses the migrated objects
|
|
// table for all cases except when using a sid mapping file
|
|
|
|
Put(DCTVS_AccountOptions_SecurityInputMOT, true);
|
|
}
|
|
|
|
//
|
|
|
|
void SetPasswordOption(long lOption, LPCTSTR pszDc = NULL)
|
|
{
|
|
Put(DCTVS_AccountOptions_GenerateStrongPasswords, (lOption != admtPasswordFromName));
|
|
Put(DCTVS_AccountOptions_CopyPasswords, (lOption == admtCopyPassword));
|
|
|
|
if (lOption == admtCopyPassword)
|
|
{
|
|
if (pszDc)
|
|
{
|
|
Put(DCTVS_AccountOptions_PasswordDC, pszDc);
|
|
}
|
|
else
|
|
{
|
|
AdmtThrowError(GUID_NULL, GUID_NULL, E_INVALIDARG, IDS_E_PASSWORD_DC_NOT_SPECIFIED);
|
|
}
|
|
}
|
|
}
|
|
|
|
void SetPasswordFile(LPCTSTR pszFile)
|
|
{
|
|
if (pszFile && (_tcslen(pszFile) > 0))
|
|
{
|
|
Put(DCTVS_AccountOptions_PasswordFile, pszFile);
|
|
}
|
|
else
|
|
{
|
|
Put(DCTVS_AccountOptions_PasswordFile, GetLogFolder() + _T("Passwords.txt"));
|
|
}
|
|
}
|
|
|
|
void SetConflictOptions(long lOptions, LPCTSTR pszPrefixOrSuffix);
|
|
|
|
void SetDisableOption(long lOption)
|
|
{
|
|
long lTarget = lOption & (admtDisableTarget|admtTargetSameAsSource);
|
|
Put(DCTVS_AccountOptions_DisableCopiedAccounts, lTarget == admtDisableTarget);
|
|
Put(DCTVS_AccountOptions_TgtStateSameAsSrc, lTarget == admtTargetSameAsSource);
|
|
Put(DCTVS_AccountOptions_DisableSourceAccounts, (lOption & admtDisableSource) != 0);
|
|
}
|
|
|
|
void SetSourceExpiration(long lExpiration);
|
|
|
|
// SetUserMigrationOptions is for user migration only
|
|
|
|
void SetUserMigrationOptions(bool bMigrateGroups, bool bUpdateMigrated)
|
|
{
|
|
Put(DCTVS_AccountOptions_CopyUsers, true);
|
|
Put(DCTVS_AccountOptions_CopyLocalGroups, bMigrateGroups);
|
|
Put(DCTVS_AccountOptions_CopyMemberOf, bMigrateGroups);
|
|
Put(DCTVS_AccountOptions_CopyComputers, false);
|
|
Put(DCTVS_AccountOptions_CopyContainerContents, false);
|
|
Put(DCTVS_AccountOptions_IncludeMigratedAccts, bMigrateGroups ? bUpdateMigrated : false);
|
|
}
|
|
|
|
// SetGroupMigrationOptions is for group migration only
|
|
|
|
void SetGroupMigrationOptions(bool bMigrateMembers, bool bUpdateMigrated)
|
|
{
|
|
Put(DCTVS_AccountOptions_CopyUsers, bMigrateMembers);
|
|
Put(DCTVS_AccountOptions_CopyLocalGroups, true);
|
|
Put(DCTVS_AccountOptions_CopyComputers, false);
|
|
Put(DCTVS_AccountOptions_CopyContainerContents, bMigrateMembers);
|
|
Put(DCTVS_AccountOptions_CopyMemberOf, false);
|
|
Put(DCTVS_AccountOptions_IncludeMigratedAccts, bMigrateMembers ? bUpdateMigrated : false);
|
|
}
|
|
|
|
// SetComputerMigrationOptions is for computer migration only
|
|
|
|
void SetComputerMigrationOptions()
|
|
{
|
|
Put(DCTVS_AccountOptions_CopyUsers, false);
|
|
Put(DCTVS_AccountOptions_CopyLocalGroups, false);
|
|
Put(DCTVS_AccountOptions_CopyComputers, true);
|
|
Put(DCTVS_AccountOptions_CopyContainerContents, false);
|
|
Put(DCTVS_AccountOptions_CopyMemberOf, false);
|
|
}
|
|
|
|
// SetSecurityTranslationOptions is for security translation only
|
|
|
|
void SetSecurityTranslationOptions()
|
|
{
|
|
Put(DCTVS_AccountOptions_CopyUsers, false);
|
|
Put(DCTVS_AccountOptions_CopyLocalGroups, false);
|
|
Put(DCTVS_AccountOptions_CopyComputers, false);
|
|
Put(DCTVS_AccountOptions_CopyContainerContents, false);
|
|
// Put(DCTVS_AccountOptions_CopyMemberOf, false);
|
|
}
|
|
|
|
void SetMigrateSids(bool bMigrate)
|
|
{
|
|
Put(DCTVS_AccountOptions_AddSidHistory, bMigrate);
|
|
}
|
|
|
|
void SetSidHistoryCredentials(LPCTSTR pszDomain, LPCTSTR pszUserName, LPCTSTR pszPassword)
|
|
{
|
|
Put(DCTVS_AccountOptions_SidHistoryCredentials_Domain, pszDomain);
|
|
Put(DCTVS_AccountOptions_SidHistoryCredentials_UserName, pszUserName);
|
|
Put(DCTVS_AccountOptions_SidHistoryCredentials_Password, pszPassword);
|
|
}
|
|
|
|
void SetFixGroupMembership(bool bFix)
|
|
{
|
|
Put(DCTVS_AccountOptions_FixMembership, bFix);
|
|
}
|
|
|
|
void SetUpdateUserRights(bool bUpdate)
|
|
{
|
|
Put(DCTVS_AccountOptions_UpdateUserRights, bUpdate);
|
|
}
|
|
|
|
void SetTranslateRoamingProfile(bool bTranslate)
|
|
{
|
|
Put(DCTVS_AccountOptions_TranslateRoamingProfiles, bTranslate);
|
|
}
|
|
|
|
void SetExcludedUserProps(LPCTSTR pszProperties)
|
|
{
|
|
if (pszProperties && (_tcslen(pszProperties) > 0))
|
|
{
|
|
Put(DCTVS_AccountOptions_ExcludeProps, true);
|
|
Put(DCTVS_AccountOptions_ExcludedUserProps, pszProperties);
|
|
}
|
|
}
|
|
|
|
void SetExcludedGroupProps(LPCTSTR pszProperties)
|
|
{
|
|
if (pszProperties && (_tcslen(pszProperties) > 0))
|
|
{
|
|
Put(DCTVS_AccountOptions_ExcludeProps, true);
|
|
Put(DCTVS_AccountOptions_ExcludedGroupProps, pszProperties);
|
|
}
|
|
}
|
|
|
|
void SetExcludedComputerProps(LPCTSTR pszProperties)
|
|
{
|
|
if (pszProperties && (_tcslen(pszProperties) > 0))
|
|
{
|
|
Put(DCTVS_AccountOptions_ExcludeProps, true);
|
|
Put(DCTVS_AccountOptions_ExcludedComputerProps, pszProperties);
|
|
}
|
|
}
|
|
|
|
void SetSecurityMapFile(LPCTSTR pszFile)
|
|
{
|
|
if (pszFile && (_tcslen(pszFile) > 0))
|
|
{
|
|
Put(DCTVS_AccountOptions_SecurityInputMOT, false);
|
|
Put(DCTVS_AccountOptions_SecurityMapFile, pszFile);
|
|
}
|
|
}
|
|
|
|
protected:
|
|
|
|
void SetReplaceExistingAccounts(bool bReplace)
|
|
{
|
|
Put(DCTVS_AccountOptions_ReplaceExistingAccounts, bReplace);
|
|
}
|
|
|
|
void SetRemoveExistingUserRights(bool bRemove)
|
|
{
|
|
Put(DCTVS_AccountOptions_RemoveExistingUserRights, bRemove);
|
|
}
|
|
|
|
void SetReplaceExistingGroupMembers(bool bReplace)
|
|
{
|
|
Put(DCTVS_AccountOptions_ReplaceExistingGroupMembers, bReplace);
|
|
}
|
|
|
|
void SetMoveReplacedAccounts(bool bMove)
|
|
{
|
|
Put(DCTVS_AccountOptions_MoveReplacedAccounts, bMove);
|
|
}
|
|
|
|
void SetPrefix(LPCTSTR pszPrefix)
|
|
{
|
|
Put(DCTVS_AccountOptions_Prefix, pszPrefix);
|
|
}
|
|
|
|
void SetSuffix(LPCTSTR pszSuffix)
|
|
{
|
|
Put(DCTVS_AccountOptions_Suffix, pszSuffix);
|
|
}
|
|
};
|
|
|
|
|
|
//---------------------------------------------------------------------------
|
|
// Validation Functions
|
|
//---------------------------------------------------------------------------
|
|
|
|
|
|
inline bool IsDisableOptionValid(long lOption)
|
|
{
|
|
bool bIs = false;
|
|
|
|
// if only valid option bits are set...
|
|
|
|
if (!(lOption & ~(admtEnableTarget|admtDisableSource|admtDisableTarget|admtTargetSameAsSource)))
|
|
{
|
|
// and not both disable target and target same as source options...
|
|
|
|
if (!((lOption & admtDisableTarget) && (lOption & admtTargetSameAsSource)))
|
|
{
|
|
// then valid
|
|
bIs = true;
|
|
}
|
|
}
|
|
|
|
return bIs;
|
|
}
|
|
|
|
|
|
inline bool IsSourceExpirationValid(long lExpiration)
|
|
{
|
|
return ((lExpiration == -1) || ((lExpiration >= 0) && (lExpiration <= 1095)));
|
|
}
|