Beispiel #1
0
static int smpd_build_spn_list()
{
    HRESULT hr;
    IDirectoryObject *pSCP = NULL;
    ADS_ATTR_INFO *pPropEntries = NULL;
    IDirectorySearch *pSearch = NULL;
    ADS_SEARCH_HANDLE hSearch = NULL;
    LPWSTR pszDN;                  /* distinguished name of SCP. */
    LPWSTR pszServiceDNSName;      /* service DNS name. */
    LPWSTR pszClass;               /* name of service class. */
    USHORT usPort;                 /* service port. */
    WCHAR pszSearchString[SMPD_MAX_NAME_LENGTH];
    char temp_str[SMPD_MAX_NAME_LENGTH];
    char temp_str2[SMPD_MAX_NAME_LENGTH];
    smpd_host_spn_node_t *iter;
    /* double t1, t2; */
    static int initialized = 0;

    if (initialized)
    {
	return SMPD_SUCCESS;
    }
    initialized = 1;

    /* t1 = PMPI_Wtime(); */

    CoInitialize(NULL);

    /* Get an IDirectorySearch pointer for the Global Catalog.  */
    hr = GetGCSearch(&pSearch);
    if (FAILED(hr) || pSearch == NULL) 
    {
	smpd_err_printf("GetGC failed 0x%x\n", hr);
	goto Cleanup;
    }

    /* Set up a deep search.
      Thousands of objects are not expected in this example, therefore
      query for 1000 rows per page.*/
    ADS_SEARCHPREF_INFO SearchPref[2];
    DWORD dwPref = sizeof(SearchPref)/sizeof(ADS_SEARCHPREF_INFO);
    SearchPref[0].dwSearchPref =    ADS_SEARCHPREF_SEARCH_SCOPE;
    SearchPref[0].vValue.dwType =   ADSTYPE_INTEGER;
    SearchPref[0].vValue.Integer =  ADS_SCOPE_SUBTREE;

    SearchPref[1].dwSearchPref =    ADS_SEARCHPREF_PAGESIZE;
    SearchPref[1].vValue.dwType =   ADSTYPE_INTEGER;
    SearchPref[1].vValue.Integer =  1000;

    hr = pSearch->SetSearchPreference(SearchPref, dwPref);
    if (FAILED(hr))
    {
	smpd_err_printf("Failed to set search prefs: hr:0x%x\n", hr);
	goto Cleanup;
    }

    /* Execute the search. From the GC get the distinguished name 
      of the SCP. Use the DN to bind to the SCP and get the other 
      properties. */
    LPWSTR rgszDN[] = {L"distinguishedName"};

    /* Search for a match of the product GUID. */
    swprintf(pszSearchString, L"keywords=%s", SMPD_SERVICE_VENDOR_GUIDW);
    hr = pSearch->ExecuteSearch(pszSearchString, rgszDN, 1, &hSearch);
    /*hr = pSearch->ExecuteSearch(L"keywords=5722fe5f-cf46-4594-af7c-0997ca2e9d72", rgszDN, 1, &hSearch);*/
    if (FAILED(hr))
    {
	smpd_err_printf("ExecuteSearch failed: hr:0x%x\n", hr);
	goto Cleanup;
    }

    /* Loop through the results. Each row should be an instance of the 
      service identified by the product GUID.
      Add logic to select from multiple service instances. */
    while (SUCCEEDED(hr = pSearch->GetNextRow(hSearch)))
    {
	if (hr == S_ADS_NOMORE_ROWS)
	{
	    DWORD dwError = ERROR_SUCCESS;
	    WCHAR szError[512];
	    WCHAR szProvider[512];

	    ADsGetLastError(&dwError, szError, 512, szProvider, 512);
	    if (ERROR_MORE_DATA == dwError)
	    {
		continue;
	    }
	    goto Cleanup;
	}

	ADS_SEARCH_COLUMN Col;

	hr = pSearch->GetColumn(hSearch, L"distinguishedName", &Col);
	pszDN = AllocADsStr(Col.pADsValues->CaseIgnoreString);
	pSearch->FreeColumn(&Col);

	/* Bind to the DN to get the other properties. */
	LPWSTR lpszLDAPPrefix = L"LDAP://";
	DWORD dwSCPPathLength = (DWORD)(wcslen(lpszLDAPPrefix) + wcslen(pszDN) + 1);
	LPWSTR pwszSCPPath = (LPWSTR)malloc(sizeof(WCHAR) * dwSCPPathLength);
	if (pwszSCPPath)
	{
	    wcscpy(pwszSCPPath, lpszLDAPPrefix);
	    wcscat(pwszSCPPath, pszDN);
	}       
	else
	{
	    smpd_err_printf("Failed to allocate a buffer\n");
	    goto Cleanup;
	}               
	/*wprintf(L"pszDN = %s\n", pszDN);*/
	/*FreeADsStr(pszDN);*/

	hr = ADsGetObject(pwszSCPPath, IID_IDirectoryObject, (void**)&pSCP);
	free(pwszSCPPath);

	if (SUCCEEDED(hr)) 
	{
	    /* Properties to retrieve from the SCP object. */
	    LPWSTR rgszAttribs[]=
	    {
		{L"serviceClassName"},
		{L"serviceDNSName"},
		/*{L"serviceDNSNameType"},*/
		{L"serviceBindingInformation"}
	    };

	    DWORD dwAttrs = sizeof(rgszAttribs)/sizeof(LPWSTR);
	    DWORD dwNumAttrGot;
	    hr = pSCP->GetObjectAttributes(rgszAttribs, dwAttrs, &pPropEntries, &dwNumAttrGot);
	    if (FAILED(hr)) 
	    {
		smpd_err_printf("GetObjectAttributes Failed. hr:0x%x\n", hr);
		goto Cleanup;
	    }

	    pszServiceDNSName = NULL;
	    pszClass = NULL;
	    iter = (smpd_host_spn_node_t*)malloc(sizeof(smpd_host_spn_node_t));
	    if (iter == NULL)
	    {
		smpd_err_printf("Unable to allocate memory to store an SPN entry.\n");
		goto Cleanup;
	    }
	    iter->next = NULL;
	    iter->host[0] = '\0';
	    iter->spn[0] = '\0';
	    iter->dnshost[0] = '\0';

	    /* Loop through the entries returned by GetObjectAttributes 
	    and save the values in the appropriate buffers.  */
	    for (int i = 0; i < (LONG)dwAttrs; i++) 
	    {
		if ((wcscmp(L"serviceDNSName", pPropEntries[i].pszAttrName) == 0) &&
		    (pPropEntries[i].dwADsType == ADSTYPE_CASE_IGNORE_STRING)) 
		{
		    pszServiceDNSName = AllocADsStr(pPropEntries[i].pADsValues->CaseIgnoreString);
		    /*wprintf(L"pszServiceDNSName = %s\n", pszServiceDNSName);*/
		}

		/*
		if ((wcscmp(L"serviceDNSNameType", pPropEntries[i].pszAttrName) == 0) &&
		(pPropEntries[i].dwADsType == ADSTYPE_CASE_IGNORE_STRING)) 
		{
		pszServiceDNSNameType = AllocADsStr(pPropEntries[i].pADsValues->CaseIgnoreString);
		wprintf(L"pszServiceDNSNameType = %s\n", pszServiceDNSNameType);
		}
		*/

		if ((wcscmp(L"serviceClassName", pPropEntries[i].pszAttrName) == 0) &&
		    (pPropEntries[i].dwADsType == ADSTYPE_CASE_IGNORE_STRING)) 
		{
		    pszClass = AllocADsStr(pPropEntries[i].pADsValues->CaseIgnoreString);
		    /*wprintf(L"pszClass = %s\n", pszClass);*/
		}

		if ((wcscmp(L"serviceBindingInformation", pPropEntries[i].pszAttrName) == 0) &&
		    (pPropEntries[i].dwADsType == ADSTYPE_CASE_IGNORE_STRING)) 
		{
		    usPort=(USHORT)_wtoi(pPropEntries[i].pADsValues->CaseIgnoreString);
		    /*wprintf(L"usPort = %d\n", usPort);*/
		}
	    }

	    wcstombs(iter->dnshost, pszServiceDNSName, SMPD_MAX_NAME_LENGTH);
	    wcstombs(temp_str, pszClass, SMPD_MAX_NAME_LENGTH);
	    /*MPIU_Snprintf(iter->spn, SMPD_MAX_NAME_LENGTH, "%s/%s:%d", temp_str, iter->dnshost, usPort);*/
	    wcstombs(temp_str2, pszDN, SMPD_MAX_NAME_LENGTH);
	    MPIU_Snprintf(iter->spn, SMPD_MAX_NAME_LENGTH, "%s/%s/%s", temp_str, iter->dnshost, temp_str2);
	    MPIU_Strncpy(iter->host, iter->dnshost, SMPD_MAX_NAME_LENGTH);
	    strtok(iter->host, ".");
	    iter->next = spn_list;
	    spn_list = iter;
	    if (pszServiceDNSName != NULL)
	    {
		FreeADsStr(pszServiceDNSName);
	    }
	    if (pszClass != NULL)
	    {
		FreeADsStr(pszClass);
	    }
	}
	FreeADsStr(pszDN);
    }

Cleanup:
    /*
    iter = spn_list;
    while (iter != NULL)
    {
	printf("host   : %s\n", iter->host);
	printf("dnshost: %s\n", iter->dnshost);
	printf("spn    : %s\n", iter->spn);
	iter = iter->next;
    }
    fflush(stdout);
    */
    if (pSCP)
    {
	pSCP->Release();
	pSCP = NULL;
    }

    if (pPropEntries)
    {
	FreeADsMem(pPropEntries);
	pPropEntries = NULL;
    }

    if (pSearch)
    {
	if (hSearch)
	{
	    pSearch->CloseSearchHandle(hSearch);
	    hSearch = NULL;
	}

	pSearch->Release();
	pSearch = NULL;
    }
    CoUninitialize();

    /* t2 = PMPI_Wtime();
    smpd_dbg_printf("build_spn_list took %0.6f seconds\n", t2-t1);
    */

    return SMPD_SUCCESS;
}
Beispiel #2
0
LDAPAUTH_API
BOOL CUGP(char * userin,char *password,char *machine, char * groupin,int locdom)
{
	OSVERSIONINFO ovi = { sizeof ovi };
	GetVersionEx( &ovi );
	if (ovi.dwPlatformId == VER_PLATFORM_WIN32_NT &&
      ovi.dwMajorVersion >= 5 )
	{
	//Handle the command line arguments.
	LPOLESTR pszBuffer = new OLECHAR[MAX_PATH*2];
	LPOLESTR pszBuffer2 = new OLECHAR[MAX_PATH*2];
	LPOLESTR pszBuffer3 = new OLECHAR[MAX_PATH*2];
	LPOLESTR pszBuffer4 = new OLECHAR[MAX_PATH*2];
	mbstowcs( (wchar_t *) pszBuffer, userin, MAX_PATH );
	mbstowcs( (wchar_t *) pszBuffer2, password, MAX_PATH );
	mbstowcs( (wchar_t *) pszBuffer3, machine, MAX_PATH );
	mbstowcs( (wchar_t *) pszBuffer4, groupin, MAX_PATH );
	HRESULT hr = S_OK;
	//Get rootDSE and the domain container's DN.
	IADs *pObject = NULL;
	IADs *pObjectUser = NULL;
	IADs *pObjectGroup = NULL;
	IDirectorySearch *pDS = NULL;
	LPOLESTR szPath = new OLECHAR[MAX_PATH];
	LPOLESTR myPath = new OLECHAR[MAX_PATH];
	VARIANT var;
	
	wcscpy(szPath,L"LDAP://");
	wcscat(szPath,L"rootDSE");
	wprintf(szPath);
	wprintf(L"\n");

	hr = ADsOpenObject(szPath,
					pszBuffer,
					pszBuffer2,
					ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
					IID_IADs,
					(void**)&pObject);
	if (FAILED(hr))
		{
			wprintf(L"Bind to domain failed %i\n",hr);

			if (pObject) pObject->Release();
			delete [] pszBuffer;
			delete [] pszBuffer2;
			delete [] pszBuffer3;
			delete [] pszBuffer4;
			delete [] szPath;
			delete [] myPath;
			return false;
		}
	hr = pObject->Get(L"defaultNamingContext",&var);

	if (SUCCEEDED(hr))
		{
			wcscpy(szPath,L"LDAP://");
			wcscat(szPath,var.bstrVal);
			VariantClear(&var);
			if (pObject)
				{
					pObject->Release();
					pObject = NULL;
				}
			wprintf( szPath);
			wprintf(L"\n");
			//Bind to the root of the current domain.
			hr = ADsOpenObject(szPath,pszBuffer,pszBuffer2,
					 ADS_SECURE_AUTHENTICATION,IID_IDirectorySearch,(void**)&pDS);
			if (SUCCEEDED(hr))
				{
					if (SUCCEEDED(hr))
						{
							hr =  FindUserByName(pDS, pszBuffer, &pObjectUser);
							if (FAILED(hr))
								{
									wprintf(L"User not found %i\n",hr);
									delete [] pszBuffer;
									delete [] pszBuffer2;
									delete [] pszBuffer3;
									delete [] szPath;
									delete [] myPath;
									if (pDS) pDS->Release();
									if (pObjectUser) pObjectUser->Release();
									return false;
								}
							if (pObjectUser) pObjectUser->Release();
							///////////////////// VNCACCESS
							hr =  FindGroup(pDS, pszBuffer, &pObjectGroup,pszBuffer4);
							if (pObjectGroup)
										{
											pObjectGroup->Release();
											pObjectGroup = NULL;
										}
							if (FAILED(hr)) wprintf(L"group not found\n");
							if (SUCCEEDED(hr))
								{
									wprintf(L"Group found OK\n");
									IADsGroup *     pIADsG;
									hr = ADsOpenObject( gbsGroup,pszBuffer, pszBuffer2, 
											ADS_SECURE_AUTHENTICATION,IID_IADsGroup, (void**) &pIADsG);
									if (SUCCEEDED(hr))
										{
											VARIANT_BOOL bMember = FALSE;  
											hr = pIADsG->IsMember(gbsMember,&bMember);
											if (SUCCEEDED(hr))
												{
													if (bMember == -1)
														{
															wprintf(L"Object \n\n%s\n\n IS a member of the following Group:\n\n%s\n\n",gbsMember,gbsGroup);
															delete [] pszBuffer;
															delete [] pszBuffer2;
															delete [] pszBuffer3;
															delete [] szPath;
															delete [] myPath;
															if (pDS) pDS->Release();
															return true;
														}
													else
														{
															BSTR bsMemberGUID = NULL;
															IDirectoryObject * pDOMember = NULL;
															hr = ADsOpenObject( gbsMember,pszBuffer, pszBuffer2, 
																	ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDOMember);
															if (SUCCEEDED(hr))
																{
																	hr = GetObjectGuid(pDOMember,bsMemberGUID);
																	pDOMember->Release();
																	pDOMember  = NULL;
																	if (RecursiveIsMember(pIADsG,bsMemberGUID,gbsMember,true, pszBuffer, pszBuffer2))
																		{
																			delete [] pszBuffer;
																			delete [] pszBuffer2;
																			delete [] pszBuffer3;
																			delete [] szPath;
																			delete [] myPath;
																			if (pDS) pDS->Release();
																			return true;
																		}
																}
													}//else bmember
											}//ismember
									}//iadsgroup 
							}//Findgroup
							wprintf(L"USER not found in group\n");
							
						}//user
				}
		if (pDS) pDS->Release();
		}
		/*LOGFAILED(pszBuffer3,pszBuffer);*/
		delete [] pszBuffer;
		delete [] pszBuffer2;
		delete [] pszBuffer3;
		delete [] szPath;
		delete [] myPath;
		return false;
	}
	return false;
}
/* Note: Using the UNICODE version of main().
   this removes the need for the sample to include
   UNICODE-ANSI conversion routines
*/
void wmain( int argc, wchar_t *argv[ ])
{
    WCHAR pwszTemp[4096];
    
    // We have now scanned PAST whitespace- so copy the string:
    wcscpy_s(pwszTemp,4096,L" A String");

    Trim(pwszTemp);

    HRESULT hr;
    IDirectoryObject * pDirObjectContainer = NULL;
    IDirectoryObject * pDirObjRet = NULL;

    if (!ParseCommandLine(argc,argv))
        return;

    // Initialize COM
    CoInitialize(0);
 
    // Bind to the container passed 
    // If USER and PASS passed in, use ADsOpenObject()
    if (bsUSER)
        hr = ADsOpenObject(bsLDAP, bsUSER, bsPASS, 
                                   ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDirObjectContainer);
    else
        hr = ADsGetObject(  bsLDAP, IID_IDirectoryObject,(void **)&pDirObjectContainer);
    
    if (SUCCEEDED(hr))
    {
        // if a file is NOT passed in- Do the simple version
        if (!bsFILE)
        {
            // Call the helper funtion to create the User
            hr = CreateUser(pDirObjectContainer, bsUNAME,bsSAMNAME,
                             &pDirObjRet);
        }
        else // file was passed in
        {
            // Call the helper funtion to create the User
            hr = CreateUserFromFile(pDirObjectContainer, bsUNAME,bsSAMNAME,
                                    &pDirObjRet,bsFILE);
        }        
        if (SUCCEEDED(hr))
        {
            _putws(L"\n\n New User created with the following properties:\n");
        
            IADs * pIADsNewGoup = NULL;
        
            // User succeeded- now get an IADs interface to it 
            // and print some properties
            hr = pDirObjRet->QueryInterface(IID_IADs,(void**)&pIADsNewGoup);

            if (SUCCEEDED(hr))
            {
                PrintIADSObject(pIADsNewGoup);
                        
                pIADsNewGoup->Release();
                pIADsNewGoup = NULL;
            }
            else
                CheckADHRESULT(hr,L"QueryInterface() - New User for IADs");
            pDirObjRet->Release();
            pDirObjRet = NULL;    
        }
        else
            CheckADHRESULT(hr,L"CreateUser()");

        pDirObjectContainer->Release();
        pDirObjectContainer = NULL;    
    }
    else
        if (bsUSER)
            CheckADHRESULT(hr,L"ADsOpenObject()");
        else
            CheckADHRESULT(hr,L"ADsGetObject()");


	if ( bsLDAP )
		::SysFreeString(bsLDAP);
	if ( bsUNAME )
		::SysFreeString(bsUNAME);
	if ( bsSAMNAME )
		::SysFreeString(bsSAMNAME);
	if ( bsFILE )
		::SysFreeString(bsFILE);
	if ( bsUSER )
		::SysFreeString(bsUSER);
	if ( bsPASS )
		::SysFreeString(bsPASS);

    CoUninitialize();
 }
Beispiel #4
0
BOOL RecursiveIsMember(IADsGroup * pADsGroup,LPWSTR pwszMemberGUID,LPWSTR pwszMemberPath, 
                                             BOOL bVerbose, LPOLESTR  pwszUser, LPOLESTR pwszPassword)
{
    HRESULT         hr                = S_OK;     // COM Result Code
    IADsMembers *   pADsMembers       = NULL;     // Ptr to Members of the IADsGroup
    BOOL            fContinue         = TRUE;     // Looping Variable
    IEnumVARIANT *  pEnumVariant      = NULL;     // Ptr to the Enum variant
    IUnknown *      pUnknown          = NULL;     // IUnknown for getting the ENUM initially
    VARIANT         VariantArray[FETCH_NUM];      // Variant array for temp holding returned data
    ULONG           ulElementsFetched = NULL;     // Number of elements retrieved
    BSTR            bsGroupPath       = NULL;
    BOOL            bRet              = FALSE;

    if(!pADsGroup || !pwszMemberGUID || !pwszMemberPath)
    {
        return FALSE;
    }
 
    // Get the path of the object passed in
    hr = pADsGroup->get_ADsPath(&bsGroupPath);
 
    if (!SUCCEEDED(hr))
        return hr;
 
    if (bVerbose)
    {
        WCHAR pwszOutput[2048];
        wsprintf(pwszOutput,L"Checking the Group:\n\n%s\n\n for the member:\n\n%s\n\n",bsGroupPath,pwszMemberPath);
        PrintBanner(pwszOutput);
    }
 
    // Get an interface pointer to the IADsCollection of members
    hr = pADsGroup->Members(&pADsMembers);
 
    if (SUCCEEDED(hr))
    {
        // Query the IADsCollection of members for a new ENUM Interface
        // Be aware that the enum comes back as an IUnknown *
        hr = pADsMembers->get__NewEnum(&pUnknown);
 
        if (SUCCEEDED(hr))
        {
            // QI the IUnknown * for an IEnumVARIANT interface
            hr = pUnknown->QueryInterface(IID_IEnumVARIANT, (void **)&pEnumVariant);
 
            if (SUCCEEDED(hr))
            {
                // While have not hit errors or end of data....
                while (fContinue) 
                {
                   ulElementsFetched = 0;
                    // Get a "batch" number of group members-number of rows specified by FETCH_NUM
                    hr = ADsEnumerateNext(pEnumVariant, FETCH_NUM, VariantArray, &ulElementsFetched);
 
                    if (ulElementsFetched )
                    {
                        // Loop through the current batch-printing the path for each member.
                        for (ULONG i = 0; i < ulElementsFetched; i++ ) 
                        {
                            IDispatch * pDispatch         = NULL; // ptr for holding dispath of element
                            BSTR        bstrCurrentPath   = NULL; // Holds path of object
                            BSTR        bstrGuidCurrent   = NULL; // Holds path of object
                            IDirectoryObject * pIDOCurrent = NULL;// Holds the current object          
 
                            // Get the dispatch ptr for the variant
                            pDispatch = VariantArray[i].pdispVal;
//                            assert(HAS_BIT_STYLE(VariantArray[i].vt,VT_DISPATCH));
 
                            // Get the IADs interface for the "member" of this group
                            hr = pDispatch->QueryInterface(IID_IDirectoryObject,
                                                           (VOID **) &pIDOCurrent ) ;
 
                            if (SUCCEEDED(hr))
                            {
                                // Get the GUID for the current object
                                hr = GetObjectGuid(pIDOCurrent,bstrGuidCurrent);
 
                                if (FAILED(hr))
                                    return hr;
 
                                IADs * pIADsCurrent = NULL;
 
                                // Retrieve the IADs Interface for the current object
                                hr = pIDOCurrent->QueryInterface(IID_IADs,(void**)&pIADsCurrent);
                                if (FAILED(hr))
                                    return hr;
 
                                // Get the ADsPath property for this member
                                hr = pIADsCurrent->get_ADsPath(&bstrCurrentPath);
 
                                if (SUCCEEDED(hr))
                                {
                                    if (bVerbose)
                                        wprintf(L"Comparing:\n\n%s\nWITH:\n%s\n\n",bstrGuidCurrent,pwszMemberGUID);
                                    
                                    // Verify that the member of this group is Equal to passed.
                                    if (_wcsicmp(bstrGuidCurrent,pwszMemberGUID)==0)
                                    {
                                        if (bVerbose)
                                            wprintf(L"!!!!!Object:\n\n%s\n\nIs a member of\n\n%s\n\n",pwszMemberPath,bstrGuidCurrent);   
 
                                        bRet = TRUE;
                                        break;
                                    }
                                    else // Otherwise, bind to this and see if it is a group.
                                    {    // If is it a group then the QI to IADsGroup succeeds
                                        
                                        IADsGroup * pIADsGroupAsMember = NULL;
                                        
                                        if (pwszUser)
                                            hr = ADsOpenObject( bstrCurrentPath,
                                                                pwszUser, 
                                                                pwszPassword, 
                                                                ADS_SECURE_AUTHENTICATION,
                                                                IID_IADsGroup, 
                                                                (void**) &pIADsGroupAsMember);
                                        else
                                            hr = ADsGetObject( bstrCurrentPath, IID_IADsGroup,(void **)&pIADsGroupAsMember);
 
                                        // If bind was completed, then this is a group.
                                        if (SUCCEEDED(hr))
                                        {
                                            // Recursively call this group to verify this group.
                                            BOOL bRetRecurse;
                                            bRetRecurse = RecursiveIsMember(pIADsGroupAsMember,pwszMemberGUID,pwszMemberPath,bVerbose,pwszUser ,pwszPassword );
                                            
                                            if (bRetRecurse)
                                            {
                                                bRet = TRUE;
                                                break;
                                            }
                                            pIADsGroupAsMember->Release();
                                            pIADsGroupAsMember = NULL;
                                        }
                                    }
                                    SysFreeString(bstrCurrentPath);
                                    bstrCurrentPath = NULL;
 
                                    SysFreeString(bstrGuidCurrent);
                                    bstrGuidCurrent = NULL;
                                }
                                // Release
                                pIDOCurrent->Release();
                                pIDOCurrent = NULL;
                                if (pIADsCurrent)
                                {
                                    pIADsCurrent->Release();
                                    pIADsCurrent = NULL;
                                }
                            }
                         }
                        // Clear the variant array.
                        memset(VariantArray, 0, sizeof(VARIANT)*FETCH_NUM);
                    }
                    else
                        fContinue = FALSE;
                }
                pEnumVariant->Release();
                pEnumVariant = NULL;
            }
            pUnknown->Release();
            pUnknown = NULL;
        }
        pADsMembers ->Release();
        pADsMembers  = NULL;
    }
 
    // Free the group path if retrieved.
    if (bsGroupPath)
    {
        SysFreeString(bsGroupPath);
        bsGroupPath = NULL;
    }
    return bRet;
}
Beispiel #5
0
LDAPAUTHNT4_API
BOOL CUGP(char * userin,char *password,char *machine,char *groupin,int locdom)
{

	{
	//Handle the command line arguments.
	LPOLESTR pszBuffer = new OLECHAR[MAX_PATH*2];
	LPOLESTR pszBuffer2 = new OLECHAR[MAX_PATH*2];
	LPOLESTR pszBuffer3 = new OLECHAR[MAX_PATH*2];
	LPOLESTR pszBuffer4 = new OLECHAR[MAX_PATH*2];
	mbstowcs( (wchar_t *) pszBuffer, userin, MAX_PATH );
	mbstowcs( (wchar_t *) pszBuffer2, password, MAX_PATH );
	mbstowcs( (wchar_t *) pszBuffer3, machine, MAX_PATH );
	mbstowcs( (wchar_t *) pszBuffer4, groupin, MAX_PATH );
	HRESULT hr = S_OK;
	//Get rootDSE and the domain container's DN.
	IADs *pObject = NULL;
	IADs *pObjectUser = NULL;
	IADs *pObjectGroup = NULL;
	IDirectorySearch *pDS = NULL;
	LPOLESTR szPath = new OLECHAR[MAX_PATH];
	LPOLESTR myPath = new OLECHAR[MAX_PATH];
	VARIANT var;
	////////////FIND SERVER NEEDED FOR NT4
	DWORD dwRet;
	PDOMAIN_CONTROLLER_INFO pdci;
	dwRet = DsGetDcName(NULL, NULL, NULL, NULL	, DS_PDC_REQUIRED, &pdci);
	if (ERROR_SUCCESS!=dwRet) 
		{
			wprintf(L"PDC not found try a rediscover \n");
			dwRet = DsGetDcName(NULL, NULL, NULL, NULL	, DS_DIRECTORY_SERVICE_REQUIRED|DS_FORCE_REDISCOVERY, &pdci);
			if (ERROR_SUCCESS!=dwRet)
			{
				wprintf(L"PDC not found \n");
				delete [] pszBuffer;
				delete [] pszBuffer2;
				delete [] pszBuffer3;
				delete [] pszBuffer4;
				delete [] szPath;
				delete [] myPath;
				return false;
			}
		}
	//////////////////////////////////////////
	wcscpy(szPath,L"LDAP://");
	wcscat(szPath,pdci->DomainControllerName+2);
	wcscat(szPath,L"/rootDSE");
	wprintf(szPath);
	wprintf(L"\n");

	hr = ADsOpenObject(szPath,
					pszBuffer,
					pszBuffer2,
					ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
					IID_IADs,
					(void**)&pObject);
	if (FAILED(hr))
		{
			bool result=false;
			delete [] pszBuffer;
			delete [] pszBuffer2;
			delete [] pszBuffer3;
			delete [] pszBuffer4;
			delete [] szPath;
			delete [] myPath;
			return result;
		}
	hr = pObject->Get(L"defaultNamingContext",&var);

	if (SUCCEEDED(hr))
		{
			wcscpy(szPath,L"LDAP://");
			wcscat(szPath,pdci->DomainControllerName+2);
			wcscat(szPath,L"/");
			wcscat(szPath,var.bstrVal);
			VariantClear(&var);
			if (pObject)
				{
					pObject->Release();
					pObject = NULL;
				}
			wprintf( szPath);
			wprintf(L"\n");
			//Bind to the root of the current domain.
			hr = ADsOpenObject(szPath,pszBuffer,pszBuffer2,
					 ADS_SECURE_AUTHENTICATION,IID_IDirectorySearch,(void**)&pDS);
			if (SUCCEEDED(hr))
				{
					if (SUCCEEDED(hr))
						{
							hr =  FindUserByName(pDS, pszBuffer, &pObjectUser );
							if (FAILED(hr))
								{
									delete [] pszBuffer;
									delete [] pszBuffer2;
									delete [] pszBuffer3;
									delete [] pszBuffer4;
									delete [] szPath;
									delete [] myPath;
									if (pDS) pDS->Release();
									if (pObjectUser) pObjectUser->Release();
									return false;
								}
							if (pObjectUser) pObjectUser->Release();
							///////////////////// VNCACCESS
							hr =  FindGroup(pDS, pszBuffer, &pObjectGroup,pszBuffer4);
							if (pObjectGroup)
										{
											pObjectGroup->Release();
											pObjectGroup = NULL;
										}
							if (SUCCEEDED(hr))
								{
									wprintf(L"FindGroup OK\n");
									IADsGroup *     pIADsG;
									hr = ADsOpenObject( gbsGroup,pszBuffer, pszBuffer2, 
											ADS_SECURE_AUTHENTICATION,IID_IADsGroup, (void**) &pIADsG);
									if (SUCCEEDED(hr))
										{
											VARIANT_BOOL bMember = FALSE;  
											hr = pIADsG->IsMember(gbsMember,&bMember);
											if (SUCCEEDED(hr))
												{
													if (bMember == -1)
														{
															wprintf(L"Object \n\n%s\n\n IS a member of the following Group:\n\n%s\n\n",gbsMember,gbsGroup);
															delete [] pszBuffer;
															delete [] pszBuffer2;
															delete [] pszBuffer3;
															delete [] pszBuffer4;
															delete [] szPath;
															delete [] myPath;
															if (pDS) pDS->Release();
															return true;
														}
													else
														{
															BSTR bsMemberGUID = NULL;
															IDirectoryObject * pDOMember = NULL;
															hr = ADsOpenObject( gbsMember,pszBuffer, pszBuffer2, 
																	ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDOMember);
															if (SUCCEEDED(hr))
																{
																	hr = GetObjectGuid(pDOMember,bsMemberGUID);
																	pDOMember->Release();
																	pDOMember  = NULL;
																	if (RecursiveIsMember(pIADsG,bsMemberGUID,gbsMember,true, pszBuffer, pszBuffer2))
																		{
																			delete [] pszBuffer;
																			delete [] pszBuffer2;
																			delete [] pszBuffer3;
																			delete [] pszBuffer4;
																			delete [] szPath;
																			delete [] myPath;
																			if (pDS) pDS->Release();
																			return true;
																		}
																}
													}//else bmember
											}//ismember
									}//iadsgroup 
							}//Findgroup
							
						}//user
				}
		if (pDS) pDS->Release();
		}
	delete [] pszBuffer;
	delete [] pszBuffer2;
	delete [] pszBuffer3;
	delete [] pszBuffer4;
	delete [] szPath;
	delete [] myPath;
	return false;
	}
	return false;
}