windows-nt/Source/XPSP1/NT/net/rras/dim/admindll/userapi.c

2372 lines
57 KiB
C
Raw Normal View History

2020-09-26 03:20:57 -05:00
/******************************************************************\
* Microsoft Windows NT *
* Copyright(c) Microsoft Corp., 1992 *
\******************************************************************/
/*++
Module Name:
USERAPI.C
Description:
This module contains code for all the RASADMIN APIs
that require RAS information from the UAS.
MprAdminUserSetInfo
MprAdminUserGetInfo
MprAdminGetUASServer
Author:
Janakiram Cherala (RamC) July 6,1992
Revision History:
June 8,1993 RamC Changes to RasAdminUserEnum to speed up user enumeration.
May 13,1993 AndyHe Modified to coexist with other apps using user parms
Mar 16,1993 RamC Change to speed up User enumeration. Now, when
RasAdminUserEnum is invoked, only the user name
information is returned. MprAdminUserGetInfo should
be invoked to get the Ras permissions and Callback
information.
Aug 25,1992 RamC Code review changes:
o changed all lpbBuffers to actual structure
pointers.
o changed all LPTSTR to LPWSTR
o Added a new function RasPrivilegeAndCallBackNumber
July 6,1992 RamC Begun porting from RAS 1.0 (Original version
written by Narendra Gidwani - nareng)
Oct 18,1995 NarenG Ported over to routing sources tree. Removed Enum
since users can call NetQueryDisplayInformation
to get this information.
--*/
#include <nt.h>
#include <ntrtl.h>
#include <nturtl.h>
#include <ntlsa.h>
#include <ntsam.h>
#include <windows.h>
#include <lm.h>
#include <stdio.h>
#include <stdlib.h>
#include <memory.h>
#include <malloc.h>
#include <raserror.h>
#include <rasman.h>
#include <rasppp.h>
#include <mprapi.h>
#include <mprapip.h>
#include <usrparms.h> // for UP_CLIENT_DIAL
#include <compress.h> // for Compress & Decompress fns.
#include <dsrole.h> // To get the computer's role (NTW, NTS, etc)
#include <oleauto.h>
#include <samrpc.h>
#include <dsgetdc.h>
#include "sdolib.h" // To deal with SDO's
extern DWORD dwFramed;
extern DWORD dwFramedCallback;
//
// Local definitions
//
#define NT40_BUILD_NUMBER 1381
extern const WCHAR c_szWinVersionPath[];
extern const WCHAR c_szCurrentBuildNumber[];
const WCHAR* pszBuildNumPath = c_szWinVersionPath;
const WCHAR* pszBuildVal = c_szCurrentBuildNumber;
// Names of user attributes that we set during upgrade
//
static const WCHAR pszAttrDialin[] = L"msNPAllowDialin";
static const WCHAR pszAttrServiceType[] = L"msRADIUSServiceType";
static const WCHAR pszAttrCbNumber[] = L"msRADIUSCallbackNumber";
static const WCHAR pszAttrSavedCbNumber[] = L"msRASSavedCallbackNumber";
// Defines a callback for enumerating users.
// Returns TRUE to continue the enueration
// FALSE to stop it. See EnumUsers
//
typedef
BOOL (* pEnumUserCb)(
IN NET_DISPLAY_USER* pUser,
IN HANDLE hData);
//
// Structure of data to support user servers
//
typedef struct _MPR_USER_SERVER {
BOOL bLocal; // Whether this is a local server
HANDLE hSdo; // Sdolib handle
HANDLE hServer; // Sdo server
HANDLE hDefProf; // Default profile
} MPR_USER_SERVER;
//
// Structure of data to support users
//
typedef struct _MPR_USER {
HANDLE hUser; // Sdo handle to user
MPR_USER_SERVER* pServer; // Server used to obtain this user
} MPR_USER;
//
// Definitions used to directly manipulate ias parameters
//
typedef
HRESULT (WINAPI *IASSetUserPropFuncPtr)(
IN OPTIONAL PCWSTR pszUserParms,
IN PCWSTR pszName,
IN CONST VARIANT *pvarValue,
OUT PWSTR *ppszNewUserParms
);
typedef
HRESULT (WINAPI *IASQueryUserPropFuncPtr)(
IN PCWSTR pszUserParms,
IN PCWSTR pszName,
OUT VARIANT *pvarValue
);
typedef
VOID (WINAPI *IASFreeUserParmsFuncPtr)(
IN PWSTR pszNewUserParms
);
const WCHAR pszIasLibrary[] = L"iassam.dll";
const CHAR pszIasSetUserPropFunc[] = "IASParmsSetUserProperty";
const CHAR pszIasQueryUserPropFunc[] = "IASParmsQueryUserProperty";
const CHAR pszIasFreeUserParmsFunc[] = "IASParmsFreeUserParms";
//
// Control block for information needed to set ias
// parameters directly.
//
typedef struct _IAS_PARAM_CB
{
HINSTANCE hLib;
IASSetUserPropFuncPtr pSetUserProp;
IASQueryUserPropFuncPtr pQueryUserProp;
IASFreeUserParmsFuncPtr pFreeUserParms;
} IAS_PARAM_CB;
//
// Structure defines data passed to MigrateNt4UserInfo
//
typedef struct _MIGRATE_NT4_USER_CB
{
IAS_PARAM_CB* pIasParams;
PWCHAR pszServer;
} MIGRATE_NT4_USER_CB;
//
// Determines the role of the given computer
// (NTW, NTS, NTS DC, etc.)
//
DWORD GetMachineRole(
IN PWCHAR pszMachine,
OUT DSROLE_MACHINE_ROLE * peRole);
//
// Determines the build number of a given machine
//
DWORD GetNtosBuildNumber(
IN PWCHAR pszMachine,
OUT LPDWORD lpdwBuild);
//
// Flags used by the following ias api's.
//
#define IAS_F_SetDenyAsPolicy 0x1
DWORD
IasLoadParamInfo(
OUT IAS_PARAM_CB * pIasInfo
);
DWORD
IasUnloadParamInfo(
IN IAS_PARAM_CB * pIasInfo
);
DWORD
IasSyncUserInfo(
IN IAS_PARAM_CB * IasInfo,
IN PWSTR pszUserParms,
IN RAS_USER_0 * pRasUser0,
IN DWORD dwFlags,
OUT PWSTR* ppszNewUserParams);
PWCHAR
FormatServerNameForNetApis(
IN PWCHAR pszServer,
IN PWCHAR pszBuffer);
DWORD
EnumUsers(
IN PWCHAR pszServer,
IN pEnumUserCb pCbFunction,
IN HANDLE hData);
BOOL
MigrateNt4UserInfo(
IN NET_DISPLAY_USER* pUser,
IN HANDLE hData);
NTSTATUS
UaspGetDomainId(
IN LPCWSTR ServerName OPTIONAL,
OUT PSAM_HANDLE SamServerHandle OPTIONAL,
OUT PPOLICY_ACCOUNT_DOMAIN_INFO * AccountDomainInfo
)
/*++
Routine Description (borrowed from \nt\private\net\access\uasp.c):
Return a domain ID of the account domain of a server.
Arguments:
ServerName - A pointer to a string containing the name of the
Domain Controller (DC) to query. A NULL pointer
or string specifies the local machine.
SamServerHandle - Returns the SAM connection handle if the caller wants it.
DomainId - Receives a pointer to the domain ID.
Caller must deallocate buffer using NetpMemoryFree.
Return Value:
Error code for the operation.
--*/
{
NTSTATUS Status;
SAM_HANDLE LocalSamHandle = NULL;
ACCESS_MASK LSADesiredAccess;
LSA_HANDLE LSAPolicyHandle = NULL;
OBJECT_ATTRIBUTES LSAObjectAttributes;
UNICODE_STRING ServerNameString;
//
// Connect to the SAM server
//
RtlInitUnicodeString( &ServerNameString, ServerName );
Status = SamConnect(
&ServerNameString,
&LocalSamHandle,
SAM_SERVER_LOOKUP_DOMAIN,
NULL);
if ( !NT_SUCCESS(Status)) {
LocalSamHandle = NULL;
goto Cleanup;
}
//
// Open LSA to read account domain info.
//
if ( AccountDomainInfo != NULL) {
//
// set desired access mask.
//
LSADesiredAccess = POLICY_VIEW_LOCAL_INFORMATION;
InitializeObjectAttributes( &LSAObjectAttributes,
NULL, // Name
0, // Attributes
NULL, // Root
NULL ); // Security Descriptor
Status = LsaOpenPolicy( &ServerNameString,
&LSAObjectAttributes,
LSADesiredAccess,
&LSAPolicyHandle );
if( !NT_SUCCESS(Status) ) {
goto Cleanup;
}
//
// now read account domain info from LSA.
//
Status = LsaQueryInformationPolicy(
LSAPolicyHandle,
PolicyAccountDomainInformation,
(PVOID *) AccountDomainInfo );
if( !NT_SUCCESS(Status) ) {
goto Cleanup;
}
}
//
// Return the SAM connection handle to the caller if he wants it.
// Otherwise, disconnect from SAM.
//
if ( SamServerHandle != NULL ) {
*SamServerHandle = LocalSamHandle;
LocalSamHandle = NULL;
}
//
// Cleanup locally used resources
//
Cleanup:
if ( LocalSamHandle != NULL ) {
(VOID) SamCloseHandle( LocalSamHandle );
}
if( LSAPolicyHandle != NULL ) {
LsaClose( LSAPolicyHandle );
}
return Status;
}
NTSTATUS
RasParseUserSid(
IN PSID pUserSid,
IN OUT PSID pDomainSid,
OUT ULONG *Rid
)
/*++
Routine Description:
This function splits a sid into its domain sid and rid. The caller
must provide a memory buffer for the returned DomainSid
Arguments:
pUserSid - Specifies the Sid to be split. The Sid is assumed to be
syntactically valid. Sids with zero subauthorities cannot be split.
DomainSid - Pointer to buffer to receive the domain sid.
Return Value:
NTSTATUS - Standard Nt Result Code
STATUS_SUCCESS - The call completed successfully.
STATUS_INVALID_SID - The Sid is has a subauthority count of 0.
--*/
{
NTSTATUS NtStatus;
UCHAR AccountSubAuthorityCount;
ULONG AccountSidLength;
//
// Validate parameters
//
if (pDomainSid == NULL)
return STATUS_INVALID_PARAMETER;
//
// Calculate the size of the domain sid
//
AccountSubAuthorityCount = *RtlSubAuthorityCountSid(pUserSid);
if (AccountSubAuthorityCount < 1)
return STATUS_INVALID_SID;
AccountSidLength = RtlLengthSid(pUserSid);
//
// Copy the Account sid into the Domain sid
//
RtlMoveMemory(pDomainSid, pUserSid, AccountSidLength);
//
// Decrement the domain sid sub-authority count
//
(*RtlSubAuthorityCountSid(pDomainSid))--;
//
// Copy the rid out of the account sid
//
*Rid = *RtlSubAuthoritySid(pUserSid, AccountSubAuthorityCount-1);
NtStatus = STATUS_SUCCESS;
return(NtStatus);
}
NTSTATUS
RasOpenSamUser(
IN WCHAR * lpszServer,
IN WCHAR * lpszUser,
IN ACCESS_MASK DesiredAccess,
OUT PSAM_HANDLE phUser)
/*++
Routine Description:
Obtains a reference to a user that can be used in subsequent
SAM calls.
--*/
{
NTSTATUS ntStatus = STATUS_SUCCESS;
SAM_HANDLE hServer = NULL, hDomain = NULL;
BOOL bOk;
PSID pSidUser = NULL, pSidDomain = NULL;
DWORD dwSizeUserSid, dwDomainLength;
PWCHAR pszDomain = NULL;
SID_NAME_USE SidNameUse;
ULONG ulRidUser = 0;
do {
// Get a server handle so that we can
// open the domain
ntStatus = UaspGetDomainId(
lpszServer,
&hServer,
NULL);
if (ntStatus != STATUS_SUCCESS)
break;
// Find out how large we need the user sid and
// domain name buffers to be allocated.
dwSizeUserSid = 0;
dwDomainLength = 0;
bOk = LookupAccountNameW(
lpszServer,
lpszUser,
NULL,
&dwSizeUserSid,
NULL,
&dwDomainLength,
&SidNameUse);
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
{
ntStatus = GetLastError();
if (ntStatus == ERROR_NONE_MAPPED)
{
ntStatus = STATUS_NO_SUCH_USER;
}
break;
}
// Allocate the domain name and sid
dwDomainLength++;
dwDomainLength *= sizeof(WCHAR);
pSidUser = LocalAlloc(LPTR, dwSizeUserSid);
pSidDomain = LocalAlloc(LPTR, dwSizeUserSid);
pszDomain = LocalAlloc(LPTR, dwDomainLength);
if ((pSidUser == NULL) ||
(pszDomain == NULL) ||
(pSidDomain == NULL)
)
{
ntStatus = STATUS_NO_MEMORY;
break;
}
// Lookup the user sid and domain name.
//
bOk = LookupAccountNameW(
lpszServer,
lpszUser,
pSidUser,
&dwSizeUserSid,
pszDomain,
&dwDomainLength,
&SidNameUse);
if (! bOk)
{
ntStatus = GetLastError();
if (ntStatus == ERROR_NONE_MAPPED)
{
ntStatus = STATUS_NO_SUCH_USER;
}
break;
}
// Derive the user id and domain sid from the
// user sid.
ntStatus = RasParseUserSid(
pSidUser,
pSidDomain,
&ulRidUser);
if (ntStatus != STATUS_SUCCESS)
break;
// Open up the domain
ntStatus = SamOpenDomain(
hServer,
DOMAIN_LOOKUP,
pSidDomain,
&hDomain);
if (ntStatus != STATUS_SUCCESS)
break;
// Get a reference to the user
ntStatus = SamOpenUser(
hDomain,
DesiredAccess,
ulRidUser,
phUser);
if (ntStatus != STATUS_SUCCESS)
break;
} while (FALSE);
// Cleanup
{
if (hServer)
SamCloseHandle(hServer);
if (hDomain)
SamCloseHandle(hDomain);
if (pszDomain)
LocalFree(pszDomain);
if (pSidUser)
LocalFree(pSidUser);
if (pSidDomain)
LocalFree(pSidDomain);
}
return ntStatus;
}
NTSTATUS
RasCloseSamUser(
SAM_HANDLE hUser)
/*++
Routine Description:
Cleans up after the RasOpenSamUser call.
--*/
{
return SamCloseHandle(hUser);
}
DWORD
RasGetUserParms(
IN WCHAR * lpszServer,
IN WCHAR * lpszUser,
OUT LPWSTR * ppUserParms)
/*++
Routine Description:
Obtains the user parms of the given user on the
given machine. This function bypasses using
NetUserGetInfo since level 1013 is not supported
for read access (only for NetUserSetInfo). On
nt5, we do not have sufficient privilege to obtain
anything other than userparms.
Return Value:
SUCCESS on successful return.
--*/
{
PVOID pvData;
SAM_HANDLE hUser = NULL;
NTSTATUS ntStatus = STATUS_SUCCESS;
SAMPR_USER_PARAMETERS_INFORMATION * pUserParms = NULL;
DWORD dwSize;
// Validate parameters
if ((ppUserParms == NULL) || (lpszUser == NULL))
{
return ERROR_INVALID_PARAMETER;
}
do {
// Attempt to open the user with read access.
// This level of access is required in nt4
// domains in order to retrieve user parms.
//
ntStatus = RasOpenSamUser(
lpszServer,
lpszUser,
GENERIC_READ,
&hUser);
if (ntStatus == STATUS_ACCESS_DENIED)
{
// If the previous call failed because
// access is denied, it's likely that we're
// running in an nt5 domain. In this case,
// if we open the user object with no
// desired access, we will still be allowed
// to query the user parms.
ntStatus = RasOpenSamUser(
lpszServer,
lpszUser,
0,
&hUser);
}
if (ntStatus != STATUS_SUCCESS)
break;
// Query the user parms
//
ntStatus = SamQueryInformationUser(
hUser,
UserParametersInformation,
(PVOID*)&pUserParms);
if (ntStatus != STATUS_SUCCESS)
break;
// If the value is zero length, return null
if (pUserParms->Parameters.Length == 0)
{
*ppUserParms = NULL;
break;
}
// Otherwise, allocate and return the parms
dwSize = (pUserParms->Parameters.Length + sizeof(WCHAR));
*ppUserParms =
(LPWSTR) LocalAlloc(LPTR, dwSize);
if (*ppUserParms == NULL)
{
ntStatus = STATUS_NO_MEMORY;
break;
}
CopyMemory(
*ppUserParms,
pUserParms->Parameters.Buffer,
pUserParms->Parameters.Length);
} while (FALSE);
// Cleanup
{
if (ntStatus != STATUS_SUCCESS)
*ppUserParms = NULL;
if (hUser != NULL)
RasCloseSamUser(hUser);
if (pUserParms)
SamFreeMemory(pUserParms);
}
return RtlNtStatusToDosError(ntStatus);
}
DWORD RasFreeUserParms(
IN PVOID pvUserParms)
/*++
Routine Description:
Frees the buffer returned by RasGetUserParms
Return Value:
SUCCESS on successful return.
--*/
{
LocalFree (pvUserParms);
return NO_ERROR;
}
DWORD APIENTRY
RasPrivilegeAndCallBackNumber(
IN BOOL Compress,
IN PRAS_USER_0 pRasUser0
)
/*++
Routine Description:
This routine either compresses or decompresses the users call
back number depending on the boolean value Compress.
Return Value:
SUCCESS on successful return.
one of the following non-zero error codes on failure:
ERROR_BAD_FORMAT indicating that usr_parms is invalid
--*/
{
DWORD dwRetCode;
switch( pRasUser0->bfPrivilege & RASPRIV_CallbackType) {
case RASPRIV_NoCallback:
case RASPRIV_AdminSetCallback:
case RASPRIV_CallerSetCallback:
if (Compress == TRUE)
{
WCHAR compressed[ MAX_PHONE_NUMBER_LEN + 1];
// compress the phone number to fit in the
// user parms field
if (dwRetCode = CompressPhoneNumber(pRasUser0->wszPhoneNumber,
compressed))
{
return (dwRetCode);
}
else
{
lstrcpy((LPTSTR) pRasUser0->wszPhoneNumber,
(LPCTSTR) compressed);
}
}
else
{
WCHAR decompressed[ MAX_PHONE_NUMBER_LEN + 1];
decompressed[ MAX_PHONE_NUMBER_LEN ] = 0;
//
// decompress the phone number
//
if (DecompressPhoneNumber(pRasUser0->wszPhoneNumber,
decompressed))
{
pRasUser0->bfPrivilege = RASPRIV_NoCallback;
pRasUser0->wszPhoneNumber[0] = UNICODE_NULL;
}
else
{
decompressed[ MAX_PHONE_NUMBER_LEN ] = 0;
lstrcpy((LPTSTR) pRasUser0->wszPhoneNumber,
(LPCTSTR) decompressed);
}
}
break;
default:
if (Compress == TRUE)
{
return(ERROR_BAD_FORMAT);
}
else
{
pRasUser0->bfPrivilege = RASPRIV_NoCallback;
pRasUser0->wszPhoneNumber[0] = UNICODE_NULL;
}
break;
}
return(SUCCESS);
}
DWORD APIENTRY
RasAdminUserSetInfo(
IN const WCHAR * lpszServer,
IN const WCHAR * lpszUser,
IN DWORD dwLevel,
IN const LPBYTE pRasUser
)
/*++
Routine Description:
This routine allows the admin to change the RAS permission for a
user. If the user parms field of a user is being used by another
application, it will be destroyed.
Arguments:
lpszServer name of the server which has the user database,
eg., "\\\\UASSRVR" (the server must be one on which
the UAS can be changed i.e., the name returned by
RasAdminGetUasServer).
lpszUser user account name to retrieve information for,
e.g. "USER".
dwLevel Level of the structure being passed in.
pRasUser pointer to a buffer in which user information is
provided. The buffer should contain a filled
RAS_USER_0 structure for level 0.
Return Value:
SUCCESS on successful return.
One of the following non-zero error codes indicating failure:
return codes from NetUserGetInfo or NetUserSetInfo
ERROR_BAD_FORMAT indicates that the data in pRasUser0 is bad.
NERR_BufTooSmall indicates buffer size is smaller than RAS_USER_0.
--*/
{
NET_API_STATUS dwRetCode;
USER_PARMS UserParms;
USER_INFO_1013 UserInfo1013;
LPWSTR lpszUserParms = NULL, lpszServerFmt = NULL;
PRAS_USER_0 pRasUser0;
RAS_USER_0 RasUser0Backup;
WCHAR pszBuffer[1024];
if ( dwLevel != 0 )
{
return( ERROR_NOT_SUPPORTED );
}
pRasUser0 = (PRAS_USER_0)pRasUser;
CopyMemory(&RasUser0Backup, pRasUser0, sizeof(RasUser0Backup));
//
// This will initialize a USER_PARMS structure with a template
// for default Macintosh and Ras data.
//
InitUsrParams(&UserParms);
// Format the server name
lpszServerFmt = FormatServerNameForNetApis (
(PWCHAR)lpszServer,
pszBuffer);
//
// We are sharing the user parms field with LM SFM, and want to
// preserver it's portion. So we'll get the user parms and put
// the Mac primary group into our template, which is what we'll
// eventually store back to the user parms field.
//
dwRetCode = RasGetUserParms(
(WCHAR *)lpszServerFmt,
(WCHAR *)lpszUser,
&lpszUserParms);
if (dwRetCode)
{
return (dwRetCode);
}
if (lpszUserParms)
{
//
// usr_parms comes back as a wide character string. The MAC Primary
// Group is at offset 1. We'll convert this part to ASCII and store
// it in our template.
//
if (lstrlenW(lpszUserParms+1) >= UP_LEN_MAC)
{
wcstombs(UserParms.up_PriGrp, lpszUserParms+1,
UP_LEN_MAC);
}
}
//
// We're done with the user info, so free up the buffer we were given.
//
// AndyHe... we're not done with it yet...
// NetApiBufferFree(pUserInfo1013);
//
// Compress Callback number (the compressed phone number is placed
// back in the RAS_USER_0 structure. The permissions byte may also
// be affected if the phone number is not compressable.
//
if (dwRetCode = RasPrivilegeAndCallBackNumber(TRUE, pRasUser0))
{
return(dwRetCode);
}
//
// Now put the dialin privileges and compressed phone number into
// the USER_PARMS template. Note that the privileges byte is the
// first byte of the callback number field.
//
UserParms.up_CBNum[0] = pRasUser0->bfPrivilege;
wcstombs(&UserParms.up_CBNum[1], pRasUser0->wszPhoneNumber,
sizeof(UserParms.up_CBNum) - 1);
//
// Wow, that was tough. Now, we'll convert our template into
// wide characters for storing back into user parms field.
//
// AndyHe... we'll preserve anything past the USER_PARMS field.
if (lpszUserParms &&
lstrlenW(lpszUserParms) > sizeof(USER_PARMS) )
{
// allocate enough storage for usri1013_parms and a NULL
UserInfo1013.usri1013_parms =
malloc(sizeof(WCHAR) * (lstrlenW(lpszUserParms)+1));
}
else
{
UserInfo1013.usri1013_parms = malloc(2 * sizeof(USER_PARMS));
}
//
// Just for grins, let's check that we got our buffer.
//
if (UserInfo1013.usri1013_parms == NULL)
{
RasFreeUserParms(lpszUserParms);
return(GetLastError());
}
//
// Fill in the remaining data with ' ' up to the bounds of USER_PARMS.
//
UserParms.up_Null = '\0';
{
USHORT Count;
for (Count = 0; Count < sizeof(UserParms.up_CBNum); Count++ )
{
if (UserParms.up_CBNum[Count] == '\0')
{
UserParms.up_CBNum[Count] = ' ';
}
}
}
mbstowcs(UserInfo1013.usri1013_parms, (PBYTE) &UserParms,
sizeof(USER_PARMS));
if (lpszUserParms && lstrlenW(lpszUserParms) > sizeof(USER_PARMS) )
{
//
// Here's where we copy all data after our parms back into the buffer
//
// the -1 is to account for NULL being part of the USER_PARMS struct.
lstrcatW( UserInfo1013.usri1013_parms,
lpszUserParms+(sizeof(USER_PARMS) - 1 ));
}
// AndyHe... moved from above. Now we're done with the buffer.
RasFreeUserParms(lpszUserParms);
// pmay: 297080
//
// Sync nt4 and nt5 section of user parms
//
{
IAS_PARAM_CB IasCb;
ZeroMemory(&IasCb, sizeof(IasCb));
dwRetCode = IasLoadParamInfo(&IasCb);
if (dwRetCode != NO_ERROR)
{
free(UserInfo1013.usri1013_parms);
return dwRetCode;
}
dwRetCode = IasSyncUserInfo(
&IasCb,
UserInfo1013.usri1013_parms,
&RasUser0Backup,
0,
&lpszUserParms);
free(UserInfo1013.usri1013_parms);
if (dwRetCode != NO_ERROR)
{
IasUnloadParamInfo(&IasCb);
return dwRetCode;
}
UserInfo1013.usri1013_parms = _wcsdup(lpszUserParms);
(*IasCb.pFreeUserParms)(lpszUserParms);
IasUnloadParamInfo(&IasCb);
if (UserInfo1013.usri1013_parms == NULL)
{
return ERROR_NOT_ENOUGH_MEMORY;
}
}
//
// info level for setting user parms is 1013
//
dwRetCode = NetUserSetInfo(
lpszServerFmt,
(WCHAR *) lpszUser,
1013,
(LPBYTE)&UserInfo1013,
NULL);
free(UserInfo1013.usri1013_parms);
if (dwRetCode)
{
return(dwRetCode);
}
else
{
return(SUCCESS);
}
}
DWORD
RasAdminUserGetInfoFromUserParms(
IN WCHAR * lpszUserParms,
IN DWORD dwLevel,
OUT LPBYTE pRasUser)
{
RAS_USER_0 * pRasUser0 = (RAS_USER_0 *)pRasUser;
//
// if usr_parms not initialized, default to no RAS privilege
//
if (lpszUserParms == NULL)
{
pRasUser0->bfPrivilege = RASPRIV_NoCallback;
pRasUser0->wszPhoneNumber[0] = UNICODE_NULL;
}
else
{
//
// AndyHe... truncate user parms at sizeof USER_PARMS
//
if (lstrlenW(lpszUserParms) >= sizeof(USER_PARMS))
{
//
// we slam in a null at sizeof(USER_PARMS)-1 which corresponds to
// user_parms.up_Null
//
lpszUserParms[sizeof(USER_PARMS)-1] = L'\0';
}
//
// get RAS info (and validate) from usr_parms
//
if (MprGetUsrParams(UP_CLIENT_DIAL,
(LPWSTR) lpszUserParms,
(LPWSTR) pRasUser0))
{
pRasUser0->bfPrivilege = RASPRIV_NoCallback;
pRasUser0->wszPhoneNumber[0] = UNICODE_NULL;
}
else
{
//
// get RAS Privilege and callback number
//
RasPrivilegeAndCallBackNumber(FALSE, pRasUser0);
}
}
return (SUCCESS);
}
DWORD APIENTRY
RasAdminUserGetInfo(
IN const WCHAR * lpszServer,
IN const WCHAR * lpszUser,
IN DWORD dwLevel,
OUT LPBYTE pRasUser
)
/*++
Routine Description:
This routine retrieves RAS and other UAS information for a user
in the domain the specified server belongs to. It loads the caller's
pRasUser0 with a RAS_USER_0 structure.
Arguments:
lpszServer name of the server which has the user database,
eg., "\\\\UASSRVR" (the server must be one on which
the UAS can be changed i.e., the name returned by
RasAdminGetUasServer).
lpszUser user account name to retrieve information for,
e.g. "USER".
dwLevel Level of the structure being passed in.
pRasUser0 pointer to a buffer in which user information is
returned. The returned info is a RAS_USER_0 structure for
level 0.
Return Value:
SUCCESS on successful return.
One of the following non-zero error codes indicating failure:
return codes from NetUserGetInfo or NetUserSetInfo
ERROR_BAD_FORMAT indicates that user parms is invalid.
--*/
{
NET_API_STATUS rc;
LPWSTR lpszUserParms = NULL;
PRAS_USER_0 pRasUser0;
PWCHAR lpszServerFmt = NULL;
WCHAR pszBuffer[1024];
if ( dwLevel != 0 )
{
return( ERROR_NOT_SUPPORTED );
}
// Format the server name
lpszServerFmt = FormatServerNameForNetApis (
(PWCHAR)lpszServer,
pszBuffer);
pRasUser0 = (PRAS_USER_0)pRasUser;
memset(pRasUser0, '\0', sizeof(RAS_USER_0));
rc = RasGetUserParms(
(WCHAR *)lpszServerFmt,
(WCHAR *)lpszUser,
&lpszUserParms );
if (rc)
{
pRasUser0->bfPrivilege = RASPRIV_NoCallback;
pRasUser0->wszPhoneNumber[0] = UNICODE_NULL;
return( rc );
}
rc = RasAdminUserGetInfoFromUserParms(
lpszUserParms,
dwLevel,
pRasUser);
if (lpszUserParms)
{
RasFreeUserParms(lpszUserParms);
}
return rc;
}
DWORD APIENTRY
RasAdminGetPDCServer(
IN const WCHAR * lpszDomain,
IN const WCHAR * lpszServer,
OUT LPWSTR lpszUasServer
)
/*++
Routine Description:
This routine finds the server with the master UAS (the PDC) from
either a domain name or a server name. Either the domain or the
server (but not both) may be NULL.
Arguments:
lpszDomain Domain name or NULL if none.
lpszServer name of the server which has the user database.
lpszUasServer Caller's buffer for the returned UAS server name.
The buffer should be atleast UNCLEN + 1 characters
long.
Return Value:
SUCCESS on successful return.
one of the following non-zero error codes on failure:
return codes from NetGetDCName
--*/
{
PUSER_MODALS_INFO_1 pModalsInfo1 = NULL;
PDOMAIN_CONTROLLER_INFO pControllerInfo = NULL;
DWORD dwErr = NO_ERROR;
WCHAR TempName[UNCLEN + 1];
//
// Check the caller's buffer. Must be UNCLEN+1 bytes
//
lpszUasServer[0] = 0;
lpszUasServer[UNCLEN] = 0;
if ((lpszDomain) && (*lpszDomain))
{
//
// This code will get the name of a DC for this domain.
//
dwErr = DsGetDcName(
NULL,
lpszDomain,
NULL,
NULL,
DS_DIRECTORY_SERVICE_PREFERRED | DS_WRITABLE_REQUIRED,
&pControllerInfo);
if (dwErr != NO_ERROR)
{
return dwErr;
}
//
// Return the name of the DC
//
wcscpy(lpszUasServer, pControllerInfo->DomainControllerName);
// Cleanup
//
NetApiBufferFree(pControllerInfo);
}
else
{
if ((lpszServer) && (*lpszServer))
{
lstrcpyW(TempName, lpszServer);
}
else
{
//
// Should have specified a computer name
//
return (NERR_InvalidComputer);
}
//
// Ok, we have the name of a server to use - now find out it's
// server role.
//
if (dwErr = NetUserModalsGet(TempName, 1, (LPBYTE *) &pModalsInfo1))
{
DbgPrint("Admapi: %x from NetUserModalGet(%ws)\n", dwErr, TempName);
return dwErr;
}
//
// Examine the role played by this server
//
switch (pModalsInfo1->usrmod1_role)
{
case UAS_ROLE_STANDALONE:
case UAS_ROLE_PRIMARY:
//
// In this case our server is a primary or a standalone.
// in either case we use it.
//
break;
case UAS_ROLE_BACKUP:
case UAS_ROLE_MEMBER:
//
// Use the primary domain controller as the remote server
// in this case.
//
wsprintf(TempName, L"\\\\%s", pModalsInfo1->usrmod1_primary);
break;
}
if (*TempName == L'\\')
{
lstrcpyW(lpszUasServer, TempName);
}
else
{
lstrcpyW(lpszUasServer, L"\\\\");
lstrcpyW(lpszUasServer + 2, TempName);
}
if (pModalsInfo1)
{
NetApiBufferFree(pModalsInfo1);
}
}
return (NERR_Success);
}
//
// Connects to the "user server" exposed on the given
// machine.
//
DWORD WINAPI
MprAdminUserServerConnect (
IN PWCHAR pszMachine,
IN BOOL bLocal,
OUT PHANDLE phUserServer)
{
MPR_USER_SERVER * pServer = NULL;
DWORD dwErr = NO_ERROR;
HANDLE hSdo = NULL;
// Load the SDO library if needed
if ((dwErr = SdoInit(&hSdo)) != NO_ERROR)
{
return dwErr;
}
do
{
// Create and initialize the server data
pServer = (MPR_USER_SERVER*) malloc (sizeof(MPR_USER_SERVER));
if (!pServer)
{
dwErr = ERROR_NOT_ENOUGH_MEMORY;
break;
}
ZeroMemory(pServer, sizeof(MPR_USER_SERVER));
pServer->bLocal = bLocal;
// Connect
dwErr = SdoConnect(hSdo, pszMachine, bLocal, &(pServer->hServer));
if (dwErr != NO_ERROR)
{
free (pServer);
break;
}
// Return the result
pServer->hSdo = hSdo;
*phUserServer = (HANDLE)pServer;
} while (FALSE);
// Cleanup
{
if (dwErr != NO_ERROR)
{
if (hSdo)
{
SdoCleanup(hSdo);
}
}
}
return dwErr;
}
//
// Disconnects the given "user server".
//
DWORD WINAPI
MprAdminUserServerDisconnect (
IN HANDLE hUserServer)
{
MPR_USER_SERVER * pServer = (MPR_USER_SERVER*)hUserServer;
DWORD dwErr;
// Validate
if (!pServer || !pServer->hServer)
return ERROR_INVALID_PARAMETER;
// Close out the default profile if neccessary
if (pServer->hDefProf)
{
SdoCloseProfile(pServer->hSdo, pServer->hDefProf);
pServer->hDefProf = NULL;
}
// Disconnect from the server
SdoDisconnect(pServer->hSdo, pServer->hServer);
SdoCleanup(pServer->hSdo);
pServer->hSdo = NULL;
pServer->hServer = NULL;
free (pServer);
return NO_ERROR;
}
//
// This helper function is not exported
//
DWORD WINAPI
MprAdminUserReadWriteProfFlags(
IN HANDLE hUserServer,
IN BOOL bRead,
OUT LPDWORD lpdwFlags)
{
MPR_USER_SERVER * pServer = (MPR_USER_SERVER*)hUserServer;
DWORD dwErr;
// Validate
if (!pServer || !pServer->hServer)
return ERROR_INVALID_PARAMETER;
// For MprAdmin, we assume global data is stored
// in default profile. Open it if needed.
if (pServer->hDefProf == NULL) {
dwErr = SdoOpenDefaultProfile(
pServer->hSdo,
pServer->hServer,
&(pServer->hDefProf));
if (dwErr != NO_ERROR)
return dwErr;
}
// Read or write the data according to bRead
if (bRead) {
dwErr = SdoGetProfileData(
pServer->hSdo,
pServer->hDefProf,
lpdwFlags);
}
else {
dwErr = SdoSetProfileData(
pServer->hSdo,
pServer->hDefProf,
*lpdwFlags);
}
return dwErr;
}
//
// Reads global user information
//
DWORD WINAPI
MprAdminUserReadProfFlags(
IN HANDLE hUserServer,
OUT LPDWORD lpdwFlags)
{
return MprAdminUserReadWriteProfFlags(
hUserServer,
TRUE,
lpdwFlags);
}
//
// Writes global user information
//
DWORD WINAPI
MprAdminUserWriteProfFlags(
IN HANDLE hUserServer,
IN DWORD dwFlags)
{
return MprAdminUserReadWriteProfFlags(
hUserServer,
FALSE,
&dwFlags);
}
//
// Opens the user on the given server
//
DWORD WINAPI
MprAdminUserOpen (
IN HANDLE hUserServer,
IN PWCHAR pszUser,
OUT PHANDLE phUser)
{
MPR_USER_SERVER * pServer = (MPR_USER_SERVER*)hUserServer;
MPR_USER * pUser = NULL;
HANDLE hUser = NULL;
DWORD dwErr;
WCHAR pszAdsUser[1024];
// Make sure we have a server
if (pServer == NULL)
return ERROR_INVALID_PARAMETER;
// Open up the user object in the SDO
dwErr = SdoOpenUser(
pServer->hSdo,
pServer->hServer,
pszUser,
&hUser);
if (dwErr != NO_ERROR)
return dwErr;
// Initialize and return the return value
pUser = (MPR_USER*) malloc (sizeof(MPR_USER));
if (pUser == NULL) {
SdoCloseUser (pServer->hSdo, hUser);
return ERROR_NOT_ENOUGH_MEMORY;
}
ZeroMemory(pUser, sizeof(MPR_USER));
pUser->hUser = hUser;
pUser->pServer = pServer;
*phUser = (HANDLE)pUser;
return NO_ERROR;
}
//
// Closes the user on the given server
//
DWORD WINAPI
MprAdminUserClose (
IN HANDLE hUser)
{
MPR_USER * pUser = (MPR_USER*)hUser;
DWORD dwErr;
if (pUser) {
SdoCloseUser(pUser->pServer->hSdo, pUser->hUser);
free (pUser);
}
return NO_ERROR;
}
//
// Reads in user information
//
DWORD WINAPI
MprAdminUserRead (
IN HANDLE hUser,
IN DWORD dwLevel,
IN const LPBYTE pRasUser)
{
DWORD dwErr;
MPR_USER * pUser = (MPR_USER*)hUser;
if (!hUser || !pRasUser || (dwLevel != 0 && dwLevel != 1))
return ERROR_INVALID_PARAMETER;
// Read in the info
if ((dwErr = SdoUserGetInfo (
pUser->pServer->hSdo,
pUser->hUser,
dwLevel,
pRasUser)) != NO_ERROR)
return dwErr;
return NO_ERROR;
}
//
// Writes out user information
//
DWORD WINAPI
MprAdminUserWrite (
IN HANDLE hUser,
IN DWORD dwLevel,
IN const LPBYTE pRasUser)
{
DWORD dwErr;
MPR_USER * pUser = (MPR_USER*)hUser;
if (!hUser || !pRasUser || (dwLevel != 0 && dwLevel != 1))
return ERROR_INVALID_PARAMETER;
// Write out the info
dwErr = SdoUserSetInfo (
pUser->pServer->hSdo,
pUser->hUser,
dwLevel,
pRasUser);
if (dwErr != NO_ERROR)
{
return dwErr;
}
// Commit the settings
SdoCommitUser(pUser->pServer->hSdo, pUser->hUser, TRUE);
return NO_ERROR;
}
//
// Deprecated function used only in NT4
//
DWORD APIENTRY
MprAdminUserSetInfo(
IN const WCHAR * lpszServer,
IN const WCHAR * lpszUser,
IN DWORD dwLevel,
IN const LPBYTE pRasUser
)
{
DWORD dwErr = NO_ERROR;
HANDLE hUser = NULL, hServer = NULL;
if (dwLevel == 0)
{
return RasAdminUserSetInfo(lpszServer, lpszUser, dwLevel, pRasUser);
}
else if (dwLevel == 1)
{
RAS_USER_0 RasUser0;
PRAS_USER_1 pRasUser1 = (PRAS_USER_1)pRasUser;
do
{
// Initialize the data
//
ZeroMemory(&RasUser0, sizeof(RasUser0));
RasUser0.bfPrivilege = pRasUser1->bfPrivilege;
wcsncpy(
RasUser0.wszPhoneNumber,
pRasUser1->wszPhoneNumber,
(sizeof(RasUser0.wszPhoneNumber) / sizeof(WCHAR)) - 1);
RasUser0.bfPrivilege &= ~RASPRIV_DialinPolicy;
if (pRasUser1->bfPrivilege2 & RASPRIV2_DialinPolicy)
{
RasUser0.bfPrivilege |= RASPRIV_DialinPolicy;
}
dwErr = MprAdminUserServerConnect(
(PWCHAR)lpszServer,
TRUE,
&hServer);
if (dwErr != NO_ERROR)
{
break;
}
dwErr = MprAdminUserOpen(hServer, (PWCHAR)lpszUser, &hUser);
if (dwErr != NO_ERROR)
{
break;
}
dwErr = MprAdminUserWrite(hUser, dwLevel, (LPBYTE)&RasUser0);
if (dwErr != NO_ERROR)
{
break;
}
} while (FALSE);
// Cleanup
{
if (hUser)
{
MprAdminUserClose(hUser);
}
if (hServer)
{
MprAdminUserServerDisconnect(hServer);
}
}
return dwErr;
}
return ERROR_INVALID_LEVEL;
}
//
// Deprecated function used only in NT4
//
DWORD APIENTRY
MprAdminUserGetInfo(
IN const WCHAR * lpszServer,
IN const WCHAR * lpszUser,
IN DWORD dwLevel,
OUT LPBYTE pRasUser
)
{
DWORD dwErr = NO_ERROR;
HANDLE hUser = NULL, hServer = NULL;
if (dwLevel == 0)
{
return RasAdminUserGetInfo(lpszServer, lpszUser, dwLevel, pRasUser);
}
else if (dwLevel == 1)
{
RAS_USER_0 RasUser0;
PRAS_USER_1 pRasUser1 = (PRAS_USER_1)pRasUser;
if (pRasUser1 == NULL)
{
return ERROR_INVALID_PARAMETER;
}
do
{
dwErr = MprAdminUserServerConnect(
(PWCHAR)lpszServer,
TRUE,
&hServer);
if (dwErr != NO_ERROR)
{
break;
}
dwErr = MprAdminUserOpen(hServer, (PWCHAR)lpszUser, &hUser);
if (dwErr != NO_ERROR)
{
break;
}
dwErr = MprAdminUserRead(hUser, dwLevel, (LPBYTE)&RasUser0);
if (dwErr != NO_ERROR)
{
break;
}
ZeroMemory(pRasUser1, sizeof(*pRasUser1));
pRasUser1->bfPrivilege = RasUser0.bfPrivilege;
wcsncpy(
pRasUser1->wszPhoneNumber,
RasUser0.wszPhoneNumber,
(sizeof(RasUser0.wszPhoneNumber) / sizeof(WCHAR)) - 1);
if (RasUser0.bfPrivilege & RASPRIV_DialinPolicy)
{
pRasUser1->bfPrivilege2 |= RASPRIV2_DialinPolicy;
pRasUser1->bfPrivilege &= ~RASPRIV_DialinPrivilege;
pRasUser1->bfPrivilege &= ~RASPRIV_DialinPolicy;
}
} while (FALSE);
// Cleanup
{
if (hUser)
{
MprAdminUserClose(hUser);
}
if (hServer)
{
MprAdminUserServerDisconnect(hServer);
}
}
return dwErr;
}
return ERROR_INVALID_LEVEL;
}
//
// Upgrades information from NT4 SAM (located on pszServer) to NT5 SDO's.
// Will upgrade the information into local .mdb files or into the DS
// depending on the value of bLocal.
//
DWORD APIENTRY
MprAdminUpgradeUsers(
IN PWCHAR pszServer,
IN BOOL bLocal)
{
WCHAR pszBuffer[1024], *pszServerFmt;
MIGRATE_NT4_USER_CB MigrateInfo;
IAS_PARAM_CB IasParams;
DWORD dwErr;
// Format the server name
pszServerFmt = FormatServerNameForNetApis(pszServer, pszBuffer);
// Intialize the data
ZeroMemory(&IasParams, sizeof(IasParams));
ZeroMemory(&MigrateInfo, sizeof(MigrateInfo));
MigrateInfo.pIasParams = &IasParams;
MigrateInfo.pszServer = pszServerFmt;
// Load the ias helper
dwErr = IasLoadParamInfo(&IasParams);
if (dwErr != NO_ERROR)
{
return dwErr;
}
// Enumerate the users, migrating their information as
// we go
//
dwErr = EnumUsers(
pszServerFmt,
MigrateNt4UserInfo,
(HANDLE)&MigrateInfo);
// Cleanup
{
IasUnloadParamInfo(&IasParams);
}
return dwErr;
}
DWORD APIENTRY
MprAdminGetPDCServer(
IN const WCHAR * lpszDomain,
IN const WCHAR * lpszServer,
OUT LPWSTR lpszUasServer
)
{
return(RasAdminGetPDCServer(lpszDomain, lpszServer, lpszUasServer));
}
//
// Determines the role of the given computer (NTW, NTS, NTS DC, etc.)
//
DWORD GetMachineRole(
IN PWCHAR pszMachine,
OUT DSROLE_MACHINE_ROLE * peRole)
{
PDSROLE_PRIMARY_DOMAIN_INFO_BASIC pGlobalDomainInfo = NULL;
DWORD dwErr = NO_ERROR;
if (!peRole)
{
return ERROR_INVALID_PARAMETER;
}
//
// Get the name of the domain this machine is a member of
//
do
{
dwErr = DsRoleGetPrimaryDomainInformation(
pszMachine,
DsRolePrimaryDomainInfoBasic,
(LPBYTE *)&pGlobalDomainInfo );
if (dwErr != NO_ERROR)
{
break;
}
*peRole = pGlobalDomainInfo->MachineRole;
} while (FALSE);
// Cleanup
{
if (pGlobalDomainInfo)
{
DsRoleFreeMemory (pGlobalDomainInfo);
}
}
return dwErr;
}
//
// Determines the build number of a given machine
//
DWORD GetNtosBuildNumber(
IN PWCHAR pszMachine,
OUT LPDWORD lpdwBuild)
{
WCHAR pszComputer[1024], pszBuf[64];
HKEY hkBuild = NULL, hkMachine = NULL;
DWORD dwErr = NO_ERROR, dwType = REG_SZ, dwSize = sizeof(pszBuf);
do
{
if (pszMachine)
{
if (*pszMachine != L'\\')
{
wsprintfW(pszComputer, L"\\\\%s", pszMachine);
}
else
{
wcscpy(pszComputer, pszMachine);
}
dwErr = RegConnectRegistry (
pszComputer,
HKEY_LOCAL_MACHINE,
&hkMachine);
if (dwErr != ERROR_SUCCESS)
{
break;
}
}
else
{
hkMachine = HKEY_LOCAL_MACHINE;
}
// Open the build number key
dwErr = RegOpenKeyEx (
hkMachine,
pszBuildNumPath,
0,
KEY_READ,
&hkBuild);
if (dwErr != ERROR_SUCCESS)
{
break;
}
// Get the value
dwErr = RegQueryValueExW (
hkBuild,
pszBuildVal,
NULL,
&dwType,
(LPBYTE)pszBuf,
&dwSize);
if (dwErr != ERROR_SUCCESS)
{
break;
}
*lpdwBuild = (DWORD) _wtoi(pszBuf);
} while (FALSE);
// Cleanup
{
if (hkMachine && pszMachine)
{
RegCloseKey(hkMachine);
}
if (hkBuild)
{
RegCloseKey(hkBuild);
}
}
return dwErr;
}
//
// Initalizes all variables needed to directly manipulate
// ias data (i.e. bypass sdo's)
//
DWORD
IasLoadParamInfo(
OUT IAS_PARAM_CB * pIasInfo
)
{
if (! pIasInfo)
{
return ERROR_INVALID_PARAMETER;
}
// Initialize
ZeroMemory(pIasInfo, sizeof(IAS_PARAM_CB));
// Load the library
//
pIasInfo->hLib = LoadLibraryW( pszIasLibrary );
if (pIasInfo->hLib == NULL)
{
return GetLastError();
}
// Load the functions
//
pIasInfo->pSetUserProp = (IASSetUserPropFuncPtr)
GetProcAddress(
pIasInfo->hLib,
pszIasSetUserPropFunc);
pIasInfo->pQueryUserProp = (IASQueryUserPropFuncPtr)
GetProcAddress(
pIasInfo->hLib,
pszIasQueryUserPropFunc);
pIasInfo->pFreeUserParms = (IASFreeUserParmsFuncPtr)
GetProcAddress(
pIasInfo->hLib,
pszIasFreeUserParmsFunc);
// Make sure everything loaded correctly
if (
(pIasInfo->pSetUserProp == NULL) ||
(pIasInfo->pQueryUserProp == NULL) ||
(pIasInfo->pFreeUserParms == NULL)
)
{
FreeLibrary(pIasInfo->hLib);
return ERROR_CAN_NOT_COMPLETE;
}
return NO_ERROR;
}
//
// Cleansup after IasLoadParamInfo
//
DWORD
IasUnloadParamInfo(
IN IAS_PARAM_CB * pIasInfo
)
{
if (pIasInfo && pIasInfo->hLib)
{
FreeLibrary(pIasInfo->hLib);
}
return NO_ERROR;
}
//
// Syncs Ias User information so that
//
DWORD
IasSyncUserInfo(
IN IAS_PARAM_CB * pIasInfo,
IN PWSTR pszUserParms,
IN RAS_USER_0 * pRasUser0,
IN DWORD dwFlags,
OUT PWSTR* ppszNewUserParams)
{
VARIANT var;
PWSTR pszParms = NULL, pszNewParms = NULL;
PWCHAR pszAttr = NULL;
DWORD dwErr;
// Initialize
*ppszNewUserParams = NULL;
// Set the Dialin bit
VariantInit(&var);
if (dwFlags & IAS_F_SetDenyAsPolicy)
{
if (pRasUser0->bfPrivilege & RASPRIV_DialinPrivilege)
{
V_VT(&var) = VT_BOOL;
V_BOOL(&var) = TRUE;
}
else
{
V_VT(&var) = VT_EMPTY;
}
}
else
{
V_VT(&var) = VT_BOOL;
if (pRasUser0->bfPrivilege & RASPRIV_DialinPrivilege)
{
V_BOOL(&var) = TRUE;
}
else
{
V_BOOL(&var) = FALSE;
}
}
dwErr = (* (pIasInfo->pSetUserProp))(
pszUserParms,
pszAttrDialin,
&var,
&pszNewParms);
VariantClear(&var);
if (dwErr != NO_ERROR)
{
return dwErr;
}
// Set the service type
VariantInit(&var);
pszParms = pszNewParms;
pszNewParms = NULL;
V_VT(&var) = VT_I4;
if (pRasUser0->bfPrivilege & RASPRIV_NoCallback)
{
V_I4(&var) = dwFramed;
}
else
{
V_I4(&var) = dwFramedCallback;
}
dwErr = (* (pIasInfo->pSetUserProp))(
pszParms,
pszAttrServiceType,
&var,
&pszNewParms);
(* (pIasInfo->pFreeUserParms))(pszParms);
VariantClear(&var);
if (dwErr != NO_ERROR)
{
return dwErr;
}
// Set the callback number
VariantInit(&var);
pszParms = pszNewParms;
pszNewParms = NULL;
V_VT(&var) = VT_BSTR;
V_BSTR(&var) = SysAllocString(pRasUser0->wszPhoneNumber);
if (V_BSTR(&var) == NULL)
{
return ERROR_NOT_ENOUGH_MEMORY;
}
if (pRasUser0->bfPrivilege & RASPRIV_AdminSetCallback)
{
pszAttr = (PWCHAR)pszAttrCbNumber;
}
else
{
pszAttr = (PWCHAR)pszAttrSavedCbNumber;
}
dwErr = (* (pIasInfo->pSetUserProp))(
pszParms,
pszAttr,
&var,
&pszNewParms);
(* (pIasInfo->pFreeUserParms))(pszParms);
VariantClear(&var);
if (dwErr != NO_ERROR)
{
return dwErr;
}
// Delete the callback number as appropriate
VariantInit(&var);
pszParms = pszNewParms;
pszNewParms = NULL;
V_VT(&var) = VT_EMPTY;
if (pRasUser0->bfPrivilege & RASPRIV_AdminSetCallback)
{
pszAttr = (PWCHAR)pszAttrSavedCbNumber;
}
else
{
pszAttr = (PWCHAR)pszAttrCbNumber;
}
dwErr = (* (pIasInfo->pSetUserProp))(
pszParms,
pszAttr,
&var,
&pszNewParms);
if (dwErr != NO_ERROR)
{
return dwErr;
}
(* (pIasInfo->pFreeUserParms))(pszParms);
VariantClear(&var);
// Return the new user parms
*ppszNewUserParams = pszNewParms;
return NO_ERROR;
}
PWCHAR
FormatServerNameForNetApis(
IN PWCHAR pszServer,
IN PWCHAR pszBuffer)
/*++
Routine Description (borrowed from \nt\private\net\access\uasp.c):
Returns static pointer to server in "\\<server>" format
--*/
{
PWCHAR pszRet = NULL;
if ((pszServer) && (*pszServer))
{
if (*pszServer != L'\\')
{
wcscpy(pszBuffer, L"\\\\");
wcscpy(pszBuffer + 2, pszServer);
pszRet = pszBuffer;
}
else
{
pszRet = pszServer;
}
}
return pszRet;
}
// Enumerates the local users
//
DWORD
EnumUsers(
IN PWCHAR pszServer,
IN pEnumUserCb pCbFunction,
IN HANDLE hData)
{
DWORD dwErr, dwIndex = 0, dwCount = 100, dwEntriesRead, i;
NET_DISPLAY_USER * pUsers;
NET_API_STATUS nStatus;
RAS_USER_0 RasUser0;
HANDLE hUser = NULL, hServer = NULL;
// Enumerate the users,
while (TRUE) {
// Read in the first block of user names
nStatus = NetQueryDisplayInformation(
pszServer,
1,
dwIndex,
dwCount,
dwCount * sizeof(NET_DISPLAY_USER),
&dwEntriesRead,
&pUsers);
// Get out if there's an error getting user names
if ((nStatus != NERR_Success) &&
(nStatus != ERROR_MORE_DATA))
{
break;
}
// For each user read in, call the callback function
for (i = 0; i < dwEntriesRead; i++)
{
BOOL bOk;
bOk = (*pCbFunction)(&(pUsers[i]), hData);
if (bOk == FALSE)
{
nStatus = NERR_Success;
break;
}
}
// Set the index to read in the next set of users
dwIndex = pUsers[dwEntriesRead - 1].usri1_next_index;
// Free the users buffer
NetApiBufferFree (pUsers);
// If we've read in everybody, go ahead and break
if (nStatus != ERROR_MORE_DATA)
{
break;
}
}
return NO_ERROR;
}
//
// Callback function for enum users that migrates the nt4 section
// of user parms into the nt5 section
//
// Returns TRUE to continue enumeration, FALSE to stop it.
//
BOOL
MigrateNt4UserInfo(
IN NET_DISPLAY_USER* pUser,
IN HANDLE hData)
{
NET_API_STATUS nStatus;
RAS_USER_0 RasUser0;
PWSTR pszNewUserParms = NULL, pszOldUserParms = NULL, pszTemp = NULL;
USER_INFO_1013 UserInfo1013;
MIGRATE_NT4_USER_CB * pMigrateInfo;
DWORD dwErr = NO_ERROR, dwBytes;
// Get a reference to the migrate info
pMigrateInfo = (MIGRATE_NT4_USER_CB*)hData;
do
{
// Read in the old userparms
dwErr = RasGetUserParms(
pMigrateInfo->pszServer,
pUser->usri1_name,
&pszOldUserParms);
if (pszOldUserParms == NULL)
{
dwErr = NO_ERROR;
break;
}
if (pszOldUserParms != NULL)
{
// Make a copy of user parms, since
// RasAdminUserGetInfoFromUserParms may modify
// the version we read (trucation).
//
dwBytes = (wcslen(pszOldUserParms) + 1) * sizeof(WCHAR);
pszTemp = LocalAlloc(LMEM_FIXED, dwBytes);
if (pszTemp == NULL)
{
break;
}
CopyMemory(pszTemp, pszOldUserParms, dwBytes);
}
// Get the associated ras properties
dwErr = RasAdminUserGetInfoFromUserParms (
pszTemp,
0,
(LPBYTE)&RasUser0);
if (dwErr != NO_ERROR)
{
continue;
}
// Set the information into the new
// ias section.
dwErr = IasSyncUserInfo(
pMigrateInfo->pIasParams,
pszOldUserParms,
&RasUser0,
IAS_F_SetDenyAsPolicy,
&pszNewUserParms);
if (dwErr != NO_ERROR)
{
break;
}
// Commit the information
UserInfo1013.usri1013_parms = pszNewUserParms;
nStatus = NetUserSetInfo(
pMigrateInfo->pszServer,
pUser->usri1_name,
1013,
(LPBYTE)(&UserInfo1013),
NULL);
if (nStatus != NERR_Success)
{
break;
}
} while (FALSE);
// Cleanup
{
if (pszNewUserParms)
{
(* (pMigrateInfo->pIasParams->pFreeUserParms))(pszNewUserParms);
}
if (pszOldUserParms)
{
RasFreeUserParms(pszOldUserParms);
}
if (pszTemp)
{
LocalFree(pszTemp);
}
}
return TRUE;
}