windows-nt/Source/XPSP1/NT/base/cluster/utils/cluspw/refrshpw.c

/*--

Copyright (c) 1987-1993  Microsoft Corporation

Module Name:

    refrshpw.c

Abstract:

    refresh the cached password for the specified account in the LSA on a
    node. derived from test program for the NtLmSsp service.

Author:

    28-Jun-1993 (cliffv)

Environment:

    User mode only.
    Contains NT-specific code.
    Requires ANSI C extensions: slash-slash comments, long external names.

Revision History:

    26-Jul-99 (charlwi) Charlie Wickham
        modified to handle updating a password (from Mike Swift or Scott Field)

--*/


//
// Common include files.
//

#define SECURITY_WIN32

#include <nt.h>
#include <ntrtl.h>
#include <nturtl.h>
#include <ntlsa.h>
#include <windef.h>
#include <winbase.h>
#include <stdio.h>      // printf
#include <ntmsv1_0.h>

#include "cluspw.h"

DWORD
ChangeCachedPassword(
    IN LPWSTR AccountName,
    IN LPWSTR DomainName,
    IN LPWSTR NewPassword
    )
{
    PMSV1_0_CHANGEPASSWORD_REQUEST Request = NULL;
    HANDLE LogonHandle = NULL;
    ULONG Dummy;
    ULONG RequestSize = 0;
    ULONG PackageId = 0;
    PVOID Response;
    ULONG ResponseSize;
    NTSTATUS SubStatus = STATUS_SUCCESS, Status = STATUS_SUCCESS;
    BOOLEAN Trusted = TRUE;
    BOOLEAN WasEnabled;
    PBYTE Where;
    STRING Name;

    //
    // Turn on the TCB privilege
    //

    PrintMsg(MsgSeverityVerbose, "Adjusting TCB privilege\n");
    Status = RtlAdjustPrivilege(SE_TCB_PRIVILEGE, TRUE, FALSE, &WasEnabled);
    if (!NT_SUCCESS(Status)) {
        PrintMsg(MsgSeverityInfo, "Failed to Adjust TCB privilege. status %X\n", Status);
        Trusted = FALSE;
    }

    RtlInitString( &Name, "Cluspw" );

    PrintMsg(MsgSeverityVerbose, "Connecting to LSA\n");
    if (Trusted) {
        Status = LsaRegisterLogonProcess( &Name, &LogonHandle, &Dummy );
    }
    else {
        Status = LsaConnectUntrusted( &LogonHandle );
    }

    if (!NT_SUCCESS(Status)) {
        PrintMsg(MsgSeverityFatal,
                 "Failed to register cluspw as a logon process: %08X\n",
                 Status);
        return Status;
    }

    RtlInitString( &Name, MSV1_0_PACKAGE_NAME );

    PrintMsg(MsgSeverityVerbose, "Looking up authentication package\n");
    Status = LsaLookupAuthenticationPackage( LogonHandle, &Name, &PackageId );
    if (!NT_SUCCESS(Status)) {
        PrintMsg(MsgSeverityFatal,
                 "Failed to lookup authentication package %Z: %08X\n",
                 &Name,
                 Status);
        return Status;
    }


    RequestSize = sizeof(MSV1_0_CHANGEPASSWORD_REQUEST) +
        (wcslen(AccountName) +
         wcslen(DomainName) +
         wcslen(NewPassword) + 3) * sizeof(WCHAR);

    Request = (PMSV1_0_CHANGEPASSWORD_REQUEST) LocalAlloc(LMEM_ZEROINIT,RequestSize);
    if ( Request == NULL ) {
        PrintMsg(MsgSeverityFatal, "Failed to allocate memory for cache update request.\n");
        return ERROR_NOT_ENOUGH_MEMORY;
    }

    Where = (PBYTE) (Request + 1);
    Request->MessageType = MsV1_0ChangeCachedPassword;
    wcscpy( (LPWSTR) Where, DomainName );
    RtlInitUnicodeString( &Request->DomainName, (LPWSTR) Where );
    Where += Request->DomainName.MaximumLength;

    wcscpy((LPWSTR) Where, AccountName );
    RtlInitUnicodeString( &Request->AccountName, (LPWSTR) Where );
    Where += Request->AccountName.MaximumLength;

    wcscpy((LPWSTR) Where, NewPassword );
    RtlInitUnicodeString( &Request->NewPassword, (LPWSTR) Where );
    Where += Request->NewPassword.MaximumLength;

    //
    // Make the call
    //
    PrintMsg(MsgSeverityVerbose, "Calling LSA to update the cache\n");
    Status = LsaCallAuthenticationPackage(LogonHandle,
                                          PackageId,
                                          Request,
                                          RequestSize,
                                          &Response,
                                          &ResponseSize,
                                          &SubStatus);


    if (!NT_SUCCESS(Status) || !NT_SUCCESS(SubStatus)) {
        DWORD winStatus;
        DWORD winSubStatus;

        winStatus = RtlNtStatusToDosError( Status );
        winSubStatus = RtlNtStatusToDosError( SubStatus );

        if ( winStatus == ERROR_MR_MID_NOT_FOUND ) {
            winStatus = Status;
        }
        if ( winSubStatus == ERROR_MR_MID_NOT_FOUND ) {
            winSubStatus = SubStatus;
        }
        PrintMsg(MsgSeverityFatal,
                 "Updating password cache failed: status = 0x%08X, substatus = 0x%08X\n",
                 winStatus,
                 winSubStatus);
        if ( Status == STATUS_SUCCESS ) {
            Status = SubStatus;
        }
    }
    else {
        PrintMsg(MsgSeverityVerbose, "LSA returned success\n");
    }

    if (LogonHandle != NULL) {
        LsaDeregisterLogonProcess(LogonHandle);
    }

    return Status;
}
Add source files 2020-09-26 03:20:57 -05:00			`/*--`

			`Copyright (c) 1987-1993 Microsoft Corporation`

			`Module Name:`

			`refrshpw.c`

			`Abstract:`

			`refresh the cached password for the specified account in the LSA on a`
			`node. derived from test program for the NtLmSsp service.`

			`Author:`

			`28-Jun-1993 (cliffv)`

			`Environment:`

			`User mode only.`
			`Contains NT-specific code.`
			`Requires ANSI C extensions: slash-slash comments, long external names.`

			`Revision History:`

			`26-Jul-99 (charlwi) Charlie Wickham`
			`modified to handle updating a password (from Mike Swift or Scott Field)`

			`--*/`


			`//`
			`// Common include files.`
			`//`

			`#define SECURITY_WIN32`

			`#include <nt.h>`
			`#include <ntrtl.h>`
			`#include <nturtl.h>`
			`#include <ntlsa.h>`
			`#include <windef.h>`
			`#include <winbase.h>`
			`#include <stdio.h> // printf`
			`#include <ntmsv1_0.h>`

			`#include "cluspw.h"`

			`DWORD`
			`ChangeCachedPassword(`
			`IN LPWSTR AccountName,`
			`IN LPWSTR DomainName,`
			`IN LPWSTR NewPassword`
			`)`
			`{`
			`PMSV1_0_CHANGEPASSWORD_REQUEST Request = NULL;`
			`HANDLE LogonHandle = NULL;`
			`ULONG Dummy;`
			`ULONG RequestSize = 0;`
			`ULONG PackageId = 0;`
			`PVOID Response;`
			`ULONG ResponseSize;`
			`NTSTATUS SubStatus = STATUS_SUCCESS, Status = STATUS_SUCCESS;`
			`BOOLEAN Trusted = TRUE;`
			`BOOLEAN WasEnabled;`
			`PBYTE Where;`
			`STRING Name;`

			`//`
			`// Turn on the TCB privilege`
			`//`

			`PrintMsg(MsgSeverityVerbose, "Adjusting TCB privilege\n");`
			`Status = RtlAdjustPrivilege(SE_TCB_PRIVILEGE, TRUE, FALSE, &WasEnabled);`
			`if (!NT_SUCCESS(Status)) {`
			`PrintMsg(MsgSeverityInfo, "Failed to Adjust TCB privilege. status %X\n", Status);`
			`Trusted = FALSE;`
			`}`

			`RtlInitString( &Name, "Cluspw" );`

			`PrintMsg(MsgSeverityVerbose, "Connecting to LSA\n");`
			`if (Trusted) {`
			`Status = LsaRegisterLogonProcess( &Name, &LogonHandle, &Dummy );`
			`}`
			`else {`
			`Status = LsaConnectUntrusted( &LogonHandle );`
			`}`

			`if (!NT_SUCCESS(Status)) {`
			`PrintMsg(MsgSeverityFatal,`
			`"Failed to register cluspw as a logon process: %08X\n",`
			`Status);`
			`return Status;`
			`}`

			`RtlInitString( &Name, MSV1_0_PACKAGE_NAME );`

			`PrintMsg(MsgSeverityVerbose, "Looking up authentication package\n");`
			`Status = LsaLookupAuthenticationPackage( LogonHandle, &Name, &PackageId );`
			`if (!NT_SUCCESS(Status)) {`
			`PrintMsg(MsgSeverityFatal,`
			`"Failed to lookup authentication package %Z: %08X\n",`
			`&Name,`
			`Status);`
			`return Status;`
			`}`


			`RequestSize = sizeof(MSV1_0_CHANGEPASSWORD_REQUEST) +`
			`(wcslen(AccountName) +`
			`wcslen(DomainName) +`
			`wcslen(NewPassword) + 3) * sizeof(WCHAR);`

			`Request = (PMSV1_0_CHANGEPASSWORD_REQUEST) LocalAlloc(LMEM_ZEROINIT,RequestSize);`
			`if ( Request == NULL ) {`
			`PrintMsg(MsgSeverityFatal, "Failed to allocate memory for cache update request.\n");`
			`return ERROR_NOT_ENOUGH_MEMORY;`
			`}`

			`Where = (PBYTE) (Request + 1);`
			`Request->MessageType = MsV1_0ChangeCachedPassword;`
			`wcscpy( (LPWSTR) Where, DomainName );`
			`RtlInitUnicodeString( &Request->DomainName, (LPWSTR) Where );`
			`Where += Request->DomainName.MaximumLength;`

			`wcscpy((LPWSTR) Where, AccountName );`
			`RtlInitUnicodeString( &Request->AccountName, (LPWSTR) Where );`
			`Where += Request->AccountName.MaximumLength;`

			`wcscpy((LPWSTR) Where, NewPassword );`
			`RtlInitUnicodeString( &Request->NewPassword, (LPWSTR) Where );`
			`Where += Request->NewPassword.MaximumLength;`

			`//`
			`// Make the call`
			`//`
			`PrintMsg(MsgSeverityVerbose, "Calling LSA to update the cache\n");`
			`Status = LsaCallAuthenticationPackage(LogonHandle,`
			`PackageId,`
			`Request,`
			`RequestSize,`
			`&Response,`
			`&ResponseSize,`
			`&SubStatus);`


			`if (!NT_SUCCESS(Status) \|\| !NT_SUCCESS(SubStatus)) {`
			`DWORD winStatus;`
			`DWORD winSubStatus;`

			`winStatus = RtlNtStatusToDosError( Status );`
			`winSubStatus = RtlNtStatusToDosError( SubStatus );`

			`if ( winStatus == ERROR_MR_MID_NOT_FOUND ) {`
			`winStatus = Status;`
			`}`
			`if ( winSubStatus == ERROR_MR_MID_NOT_FOUND ) {`
			`winSubStatus = SubStatus;`
			`}`
			`PrintMsg(MsgSeverityFatal,`
			`"Updating password cache failed: status = 0x%08X, substatus = 0x%08X\n",`
			`winStatus,`
			`winSubStatus);`
			`if ( Status == STATUS_SUCCESS ) {`
			`Status = SubStatus;`
			`}`
			`}`
			`else {`
			`PrintMsg(MsgSeverityVerbose, "LSA returned success\n");`
			`}`

			`if (LogonHandle != NULL) {`
			`LsaDeregisterLogonProcess(LogonHandle);`
			`}`

			`return Status;`
			`}`