int main(int argc, char* argv[])
{
wprintf(L"This program checks whether the current domain is in mixed or native mode.\n");
//Intialize COM
CoInitialize(NULL);
HRESULT hr = S_OK;
//Get rootDSE and the domain container's DN.
IADs *pObject = NULL;
VARIANT var;
BOOL bIsMixed;
LPOLESTR szPath = new OLECHAR[MAX_PATH];
if ( !szPath )
{
wprintf(L"Alloc Failed");
return FALSE;
}
hr = ADsOpenObject(L"LDAP://rootDSE",
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IADs,
(void**)&pObject);
if (FAILED(hr))
{
wprintf(L"Not Found. Could not bind to the domain.\n");
if (pObject)
pObject->Release();
delete [] szPath;
CoUninitialize();
return TRUE;
}
hr = pObject->Get(L"defaultNamingContext",&var);
if (SUCCEEDED(hr))
{
wcscpy_s(szPath,MAX_PATH,L"LDAP://"); //For NT 4.0 and Win 9.x, you must add the server name, e.g LDAP://myServer
int len = wcslen(szPath);
int dnLen = wcslen( var.bstrVal);
if ( MAX_PATH <= len + dnLen ) // make sure we have enough buffer
{
wprintf(L"The buffer is too small for the DN\n");
pObject->Release();
VariantClear(&var);
delete [] szPath;
CoUninitialize();
return FALSE;
}
wcscat_s(szPath,MAX_PATH,var.bstrVal);
VariantClear(&var);
if (pObject)
{
pObject->Release();
pObject = NULL;
}
//Bind to the root of the current domain.
hr = ADsOpenObject(szPath,
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IADs,
(void**)&pObject);
if (SUCCEEDED(hr))
{
hr = GetDomainMode(pObject, &bIsMixed);
if (SUCCEEDED(hr))
{
hr = pObject->Get(L"name",&var);
if (bIsMixed)
wprintf(L"Current domain %s is in mixed mode\n", var.bstrVal);
else
wprintf(L"Current domain %s is in native mode\n", var.bstrVal);
}
else
wprintf(L"GetDomainMode failed with hr: %x",hr);
}
else
wprintf(L"Bind to domain failed with hr: %x",hr);
}
VariantClear(&var);
if (pObject)
pObject->Release();
delete [] szPath;
CoUninitialize();
return TRUE;
}
HRESULT ExchangeAdmin::DeleteExchangeMailBox(LPCWSTR lpwstrMailBox, LPCWSTR lpwstrlogonuser,
LPCWSTR lpwstrLogonUsrPwd)
{
HRESULT hr;
wstring UserDN;
wstring LegacyName;
Zimbra::Util::ScopedInterface<IDirectoryObject> pDirContainer;
try
{
Zimbra::MAPI::Util::GetUserDNAndLegacyName(m_strServer.c_str(), lpwstrlogonuser,
lpwstrLogonUsrPwd, UserDN, LegacyName);
}
catch (Zimbra::MAPI::ExchangeAdminException &ex)
{
dloge("ExchangeAdmin::DeleteExchangeMailBox ExchangeAdminException exception: %S", ex.Description().c_str());
throw;
}
catch (Zimbra::MAPI::Util::MapiUtilsException &ex)
{
dloge("ExchangeAdmin::DeleteExchangeMailBox MapiUtilsException exception: %S", ex.Description().c_str());
throw;
}
wstring twtsrlogonuserDN = UserDN;
size_t nPos = twtsrlogonuserDN.find(_T("DC="), 0);
wstring wstrServerDN = twtsrlogonuserDN.substr(nPos);
wstring wstrADSPath = _T("LDAP://CN=Users,") + wstrServerDN;
// get dir container
if (FAILED(hr = ADsOpenObject(wstrADSPath.c_str(), lpwstrlogonuser, lpwstrLogonUsrPwd,
ADS_SECURE_AUTHENTICATION, IID_IDirectoryObject, (void **)pDirContainer.getptr())))
throw ExchangeAdminException(hr, L"DeleteExchangeMailBox(): ADsOpenObject Failed.",
ERR_DELETE_MBOX, __LINE__, __FILE__);
wstring mailboxcn = L"CN=";
mailboxcn += lpwstrMailBox;
hr = pDirContainer->DeleteDSObject((LPWSTR)mailboxcn.c_str());
return hr;
}
static HRESULT GetGCSearch(IDirectorySearch **ppDS)
{
HRESULT hr;
IEnumVARIANT *pEnum = NULL;
IADsContainer *pCont = NULL;
IDispatch *pDisp = NULL;
VARIANT var;
ULONG lFetch;
*ppDS = NULL;
/* Bind to the GC: namespace container object. The true GC DN
is a single immediate child of the GC: namespace, which must
be obtained using enumeration. */
hr = ADsOpenObject(L"GC:", NULL, NULL, ADS_SECURE_AUTHENTICATION, /* Use Secure Authentication. */
IID_IADsContainer,
(void**)&pCont);
if (FAILED(hr))
{
smpd_err_printf("ADsOpenObject failed: 0x%x\n", hr);
goto cleanup;
}
/* Get an enumeration interface for the GC container. */
hr = ADsBuildEnumerator(pCont, &pEnum);
if (FAILED(hr))
{
smpd_err_printf("ADsBuildEnumerator failed: 0x%x\n", hr);
goto cleanup;
}
/* Now enumerate. There is only one child of the GC: object. */
hr = ADsEnumerateNext(pEnum, 1, &var, &lFetch);
if (FAILED(hr))
{
smpd_err_printf("ADsEnumerateNext failed: 0x%x\n", hr);
goto cleanup;
}
if ((hr == S_OK) && (lFetch == 1))
{
pDisp = V_DISPATCH(&var);
hr = pDisp->QueryInterface(IID_IDirectorySearch, (void**)ppDS);
}
cleanup:
if (pEnum)
{
ADsFreeEnumerator(pEnum);
pEnum = NULL;
}
if (pCont)
{
pCont->Release();
pCont = NULL;
}
if (pDisp)
{
pDisp->Release();
pDisp = NULL;
}
return hr;
}
void wmain( int argc, wchar_t *argv[ ])
{
BOOL bIsAttributeQuery = TRUE;
BOOL bReturnVerbose = FALSE;
LPOLESTR szType = L"attribute";
if (1==argc||(_wcsicmp(argv[1],L"/?") == 0))
{
wprintf(L"This program queries the schema for the specified classes or attributes.\n");
wprintf(L"Syntax: getschemainfo [/C|/A][/V][querystring]\n");
wprintf(L"where /C specifies to query for classes.\n");
wprintf(L" /A specifies to query for attributes.\n");
wprintf(L" /V specifies that all properties for the found classes or attributes should be returned.\n");
wprintf(L" querystring is the query criteria in ldap query format.\n");
wprintf(L"Defaults: If neither /A or /C is specified, the query is against both.\n");
wprintf(L" If no /V is specified, the query returns only the ldapDisplayName and cn of the items found.\n");
wprintf(L" If no querystring is specified, the query returns all classes and/or attributes.\n");
wprintf(L"Example: getschemainfo /A (IsSingleValued=TRUE)\n");
wprintf(L"Returns all single-valued attributes in the schema.\n");
wprintf(L"Common querystrings:\n");
wprintf(L"For attributes:\n");
wprintf(L"(cn=Street-Address) to find the attribute with CN of Street-Address.\n");
wprintf(L"(ldapdisplayname=street) to find the attribute with ldapdisplayname of street.\n");
wprintf(L"(IsSingleValued=TRUE) for single-valued attributes.\n");
wprintf(L"(IsSingleValued=FALSE) for mulit-valued attributes.\n");
wprintf(L"(systemFlags:1.2.840.113556.1.4.804:=00000001) for non-replicated attributes\n");
wprintf(L"(systemFlags:1.2.840.113556.1.4.804:=00000004) for constructed attributes\n");
wprintf(L"(searchFlags=1) for indexed attributes.\n");
wprintf(L"(isMemberOfPartialAttributeSet=TRUE) for attributes included in the global catalog\n");
return;
}
//Handle the command line arguments
int maxAlloc=MAX_PATH*2;
LPOLESTR pszBuffer = new OLECHAR[maxAlloc];
if ( !pszBuffer )
{
wprintf(L"Alloc Failed ");
return;
}
wcscpy_s(pszBuffer, maxAlloc, L"");
for (int i = 1;i<argc;i++)
{
if (_wcsicmp(argv[i],L"/C") == 0)
{
bIsAttributeQuery = FALSE;
szType = L"class";
}
else if (_wcsicmp(argv[i],L"/A") == 0)
{
bIsAttributeQuery = TRUE;
szType = L"attribute";
}
else if (_wcsicmp(argv[i],L"/V") == 0)
{
bReturnVerbose = TRUE;
}
else
{
if ( IS_BUFFER_ENOUGH(maxAlloc,pszBuffer, argv[i]) > 0 )
{
wcscpy_s(pszBuffer,maxAlloc,argv[i]);
}
else
{
wprintf(L"The argument is too large ");
if ( pszBuffer )
delete [] pszBuffer;
return;
}
}
}
if (_wcsicmp(pszBuffer,L"") == 0)
wprintf(L"\nFinding all %sSchema objects in the schema...\n\n",szType);
else
wprintf(L"\nFinding %sSchema objects based on query: %s...\n\n",szType, pszBuffer);
HRESULT hr = S_OK;
//Get rootDSE and the domain container's DN.
IADs *pObject = NULL;
IDirectorySearch *pSchemaNC = NULL;
const unsigned int pathLen = MAX_PATH;
LPOLESTR szPath = new OLECHAR[pathLen];
if ( !szPath )
{
wprintf(L"Alloc Failed ");
delete [] pszBuffer;
return;
}
//Intialize COM
CoInitialize(NULL);
VARIANT var;
hr = ADsOpenObject(L"LDAP://rootDSE",
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IADs,
(void**)&pObject);
if (FAILED(hr))
{
wprintf(L"Could not execute query. Could not bind to LDAP://rootDSE.\n");
if (pObject)
pObject->Release();
delete [] pszBuffer;
delete [] szPath;
CoUninitialize();
return;
}
if (SUCCEEDED(hr))
{
hr = pObject->Get(L"schemaNamingContext",&var);
if (SUCCEEDED(hr))
{
wcscpy_s(szPath,pathLen,L"LDAP://");
if ( IS_BUFFER_ENOUGH(MAX_PATH,szPath, var.bstrVal, SysStringLen(var.bstrVal)) > 0 )
{
wcscat_s(szPath,pathLen,var.bstrVal);
}
else
{
wprintf(L"The Schema's DN is too large");
pObject->Release();
delete [] pszBuffer;
delete [] szPath;
CoUninitialize();
return;
}
hr = ADsOpenObject(szPath,
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IDirectorySearch,
(void**)&pSchemaNC);
if (SUCCEEDED(hr))
{
hr = FindAttributesOrClasses(pSchemaNC, //IDirectorySearch pointer to schema naming context.
pszBuffer,
NULL,
bIsAttributeQuery,
bReturnVerbose
);
if (SUCCEEDED(hr))
{
if (S_FALSE==hr)
wprintf(L"No %sSchema object could be found based on the query: %s\n",szType,pszBuffer);
}
else if (0x8007203e==hr)
wprintf(L"Could not execute query. An invalid filter was specified.\n");
else
wprintf(L"Query failed to run. HRESULT: %x\n",hr);
}
else
{
wprintf(L"Could not execute query. Could not bind to the schema container.\n");
}
if (pSchemaNC)
pSchemaNC->Release();
}
VariantClear(&var);
}
if (pObject)
pObject->Release();
delete [] pszBuffer;
delete [] szPath;
// Uninitialize COM
CoUninitialize();
return;
}
HRESULT ExchangeAdmin::CreateExchangeMailBox(LPCWSTR lpwstrNewUser, LPCWSTR lpwstrNewUserPwd,
LPCWSTR lpwstrlogonuser, LPCWSTR lpwstrLogonUsrPwd)
{
HRESULT hr = S_OK;
// Get Logon user DN
wstring LogonUserDN;
wstring legacyName;
wstring msExchHomeSvrName;
Zimbra::MAPI::Util::GetUserDNAndLegacyName(m_strServer.c_str(), lpwstrlogonuser,
lpwstrLogonUsrPwd, LogonUserDN, legacyName);
Zimbra::MAPI::Util::GetmsExchHomeServerName(m_strServer.c_str(), lpwstrlogonuser,
lpwstrLogonUsrPwd, msExchHomeSvrName);
Zimbra::Util::ScopedInterface<IDirectoryObject> pLogonContainer;
Zimbra::Util::ScopedInterface<IADsUser> pIAdUser;
Zimbra::Util::ScopedInterface<IADs> pIAds;
wstring strContainer = L"LDAP://";
strContainer += LogonUserDN.c_str();
dloge("strContainer %S msExchHomeSvrName: %S", strContainer.c_str(), msExchHomeSvrName.c_str());
// Get loggedin user container
hr = ADsOpenObject(strContainer.c_str(), NULL, NULL, ADS_SECURE_AUTHENTICATION,
IID_IDirectoryObject, (void **)pLogonContainer.getptr());
if (FAILED(hr))
{
if (hr == 0x8007052e) // credentials are not valid
{
hr = ADsOpenObject((LPTSTR)strContainer.c_str(), lpwstrlogonuser, lpwstrLogonUsrPwd,
ADS_SECURE_AUTHENTICATION, IID_IDirectoryObject, (void **)pLogonContainer.getptr());
if (FAILED(hr)||(pLogonContainer.get()==NULL))
throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): ADsOpenObject Failed.",
ERR_ADOBJECT_OPEN, __LINE__, __FILE__);
}
else
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): ADsOpenObject Failed.",
ERR_ADOBJECT_OPEN, __LINE__, __FILE__);
}
}
ADS_ATTR_INFO *pAttrInfo = NULL;
DWORD dwReturn;
LPWSTR pAttrNames[] = { L"mail", L"homeMDB", L"homeMTA" };
DWORD dwNumAttr = sizeof (pAttrNames) / sizeof (LPWSTR);
wstring strLogonHomeMDB;
wstring strLogonHomeMTA;
wstring strLogonMail;
// Get attribute values requested. Its not necessary the order is same as requested.
if (FAILED(hr = pLogonContainer->GetObjectAttributes(pAttrNames, dwNumAttr, &pAttrInfo,
&dwReturn)))
throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): GetObjectAttributes Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
for (DWORD idx = 0; idx < dwReturn; idx++)
{
if (_wcsicmp(pAttrInfo[idx].pszAttrName, L"mail") == 0)
strLogonMail = pAttrInfo[idx].pADsValues->Email.Address;
else if (_wcsicmp(pAttrInfo[idx].pszAttrName, L"homeMTA") == 0)
strLogonHomeMTA = pAttrInfo[idx].pADsValues->DNString;
else if (_wcsicmp(pAttrInfo[idx].pszAttrName, L"homeMDB") == 0)
strLogonHomeMDB = pAttrInfo[idx].pADsValues->DNString;
}
// Use FreeADsMem for all memory obtained from the ADSI call.
FreeADsMem(pAttrInfo);
wstring twtsrlogonuserDN = LogonUserDN;
size_t nPos = twtsrlogonuserDN.find(_T("DC="), 0);
wstring wstrServerDN = twtsrlogonuserDN.substr(nPos);
wstring wstrADSPath = _T("LDAP://CN=Users,") + wstrServerDN;
ADSVALUE cnValue;
ADSVALUE classValue;
ADSVALUE sAMValue;
ADSVALUE uPNValue;
ADSVALUE controlValue;
ADS_ATTR_INFO attrInfo[] = {
{ L"objectClass", ADS_ATTR_UPDATE, ADSTYPE_CASE_IGNORE_STRING, &classValue, 1 },
{ L"cn", ADS_ATTR_UPDATE, ADSTYPE_CASE_IGNORE_STRING, &cnValue, 1 },
{ L"sAMAccountName", ADS_ATTR_UPDATE, ADSTYPE_CASE_IGNORE_STRING, &sAMValue, 1 },
{ L"userPrincipalName", ADS_ATTR_UPDATE, ADSTYPE_CASE_IGNORE_STRING, &uPNValue, 1 },
{L"userAccountControl", ADS_ATTR_UPDATE, ADSTYPE_INTEGER,&controlValue, 1},
};
DWORD dwAttrs = sizeof (attrInfo) / sizeof (ADS_ATTR_INFO);
classValue.dwType = ADSTYPE_CASE_IGNORE_STRING;
classValue.CaseIgnoreString = L"user";
//int UF_ACCOUNTDISABLE = 0x0002;
int UF_PASSWD_NOTREQD = 0x0020;
//int UF_PASSWD_CANT_CHANGE = 0x0040;
int UF_NORMAL_ACCOUNT = 0x0200;
int UF_DONT_EXPIRE_PASSWD = 0x10000;
//int UF_PASSWORD_EXPIRED = 0x800000;
controlValue.dwType = ADSTYPE_INTEGER;
controlValue.Integer=UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD |UF_DONT_EXPIRE_PASSWD;
cnValue.dwType = ADSTYPE_CASE_IGNORE_STRING;
cnValue.CaseIgnoreString = (LPWSTR)lpwstrNewUser;
sAMValue.dwType = ADSTYPE_CASE_IGNORE_STRING;
sAMValue.CaseIgnoreString = (LPWSTR)lpwstrNewUser;
wstring wstrMail;
size_t nPosMail = strLogonMail.find(_T("@"), 0);
wstrMail = strLogonMail.substr(nPosMail);
wstrMail = lpwstrNewUser + wstrMail;
LPWSTR upnval = (LPWSTR)wstrMail.c_str();
uPNValue.dwType = ADSTYPE_CASE_IGNORE_STRING;
uPNValue.CaseIgnoreString = upnval;
Zimbra::Util::ScopedInterface<IDirectoryObject> pDirContainer;
Zimbra::Util::ScopedInterface<IDispatch> pDisp;
Zimbra::Util::ScopedInterface<IADsUser> pIADNewUser;
wstring wstrLoggedUserName(LogonUserDN);
size_t snPos = 0;
size_t enPos = 0;
if ((snPos = wstrLoggedUserName.find(L"CN=")) != wstring::npos)
{
if ((enPos = wstrLoggedUserName.find(L",", snPos)) != wstring::npos)
wstrLoggedUserName = wstrLoggedUserName.substr(snPos + 3, (enPos - (snPos + 3)));
}
// get dir container
if (FAILED(hr = ADsOpenObject(wstrADSPath.c_str(), wstrLoggedUserName.c_str(),
lpwstrLogonUsrPwd, ADS_SECURE_AUTHENTICATION, IID_IDirectoryObject,
(void **)pDirContainer.getptr())))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): ADsOpenObject Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
wstring wstrUserCN = L"CN=";
wstrUserCN += lpwstrNewUser;
dloge("CreateDSObject: %S",wstrUserCN.c_str());
if (FAILED(hr = pDirContainer->CreateDSObject((LPWSTR)wstrUserCN.c_str(), attrInfo, dwAttrs,
pDisp.getptr())))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): CreateDSObject Failed.",
ERR_CREATE_EXCHMBX,__LINE__, __FILE__);
if (FAILED(hr = pDisp->QueryInterface(IID_IADsUser, (void **)pIADNewUser.getptr())))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): QueryInterface Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
CComVariant varProp;
varProp.Clear();
// set samAccount
varProp = lpwstrNewUser;
if (FAILED(hr = pIADNewUser->Put(CComBSTR(L"sAMAccountName"), varProp)))
throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): Put(sAMAccountName) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
if(FAILED(hr = pIADNewUser->SetInfo()))
throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): Put(sAMAccountName) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
// set userAccountControl
varProp.Clear();
hr = pIADNewUser->Get(CComBSTR(L"userAccountControl"), &varProp);
varProp = varProp.lVal & ~(ADS_UF_ACCOUNTDISABLE);
if (FAILED(hr = pIADNewUser->Put(CComBSTR(L"userAccountControl"), varProp)))
throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): Put(userAccountControl) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - Put(userAccountControl) Failed.");
// set Account enabled
if (FAILED(hr = pIADNewUser->put_AccountDisabled(VARIANT_FALSE)))
{
throw
ExchangeAdminException(hr, L"CreateExchangeMailBox(): put_AccountDisabled Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - put_AccountDisabled Failed.");
// set password
if (FAILED(hr = pIADNewUser->SetPassword(CComBSTR(lpwstrNewUserPwd))))
{
throw
ExchangeAdminException(hr, L"CreateExchangeMailBox(): SetPassword Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - SetPassword Failed.");
// user account password does not expire
varProp.Clear();
VARIANT var;
VariantInit(&var);
if (!FAILED(hr = pIADNewUser->Get(CComBSTR(L"userAccountControl"), &var)))
{
V_I4(&var) |= ADS_UF_DONT_EXPIRE_PASSWD;
if (FAILED(hr = pIADNewUser->Put(CComBSTR(L"userAccountControl"), var)))
{
throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): Put(userAccountControl) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - userAccountControl Failed.");
varProp.Clear();
// set the homeMDB;
if (!strLogonHomeMDB.empty())
{
varProp = strLogonHomeMDB.c_str();
if (FAILED(hr = pIADNewUser->Put(CComBSTR("homeMDB"), varProp)))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(homeMDB) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - Put(homeMDB) Failed.");
varProp.Clear();
if (!strLogonHomeMTA.empty())
{
varProp = strLogonHomeMTA.c_str();
if (FAILED(hr = pIADNewUser->Put(CComBSTR("homeMTA"), varProp)))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(homeMTA) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - Put(homeMTA) Failed.");
varProp.Clear();
if (!msExchHomeSvrName.empty())
{
varProp = msExchHomeSvrName.c_str();
if (FAILED(hr = pIADNewUser->Put(CComBSTR("msExchHomeServerName"), varProp)))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(msExchHomeServerName) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - Put(msExchHomeServerName) Failed.");
varProp.Clear();
varProp.Clear();
wstring newUsrLegacyName=legacyName;
size_t nwpos=newUsrLegacyName.rfind(L"cn=");
if(nwpos !=wstring::npos)
{
newUsrLegacyName = newUsrLegacyName.substr(0,nwpos);
newUsrLegacyName += L"cn=";
newUsrLegacyName += lpwstrNewUser;
}
if (!newUsrLegacyName.empty())
{
varProp = newUsrLegacyName.c_str();
if (FAILED(hr = pIADNewUser->Put(CComBSTR("legacyExchangeDN"), varProp)))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(legacyExchangeDN) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - Put(legacyExchangeDN) Failed.");
// set nickname
varProp.Clear();
varProp = lpwstrNewUser;
if (FAILED(hr = pIADNewUser->Put(CComBSTR("mailNickname"), varProp)))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(mailNickname) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - Put(mailNickname) Failed.");
// set the displayName
varProp.Clear();
varProp = lpwstrNewUser;
if (FAILED(hr = pIADNewUser->Put(CComBSTR("displayName"), varProp)))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(displayName) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - Put(displayName) Failed.");
// set the mail atrribute
varProp.Clear();
varProp = wstrMail.c_str();
if (FAILED(hr = pIADNewUser->Put(CComBSTR("mail"), varProp)))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(mail) Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - Put(mail) Failed.");
// set email
if (FAILED(hr = pIADNewUser->put_EmailAddress(CComBSTR(wstrMail.c_str()))))
{
throw
ExchangeAdminException(hr, L"CreateExchangeMailBox(): put_EmailAddress Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - put_EmailAddress Failed.");
varProp.Clear();
wstrMail=L"SMTP:"+wstrMail;
varProp = wstrMail.c_str();
if (FAILED(hr = pIADNewUser->Put(CComBSTR("proxyAddresses"),varProp)))
{
throw
ExchangeAdminException(hr, L"CreateExchangeMailBox(): proxyAddressess Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - proxyAddressess Failed.");
// add to Domain Admins group
BSTR bstrADSPath;
if (FAILED(hr = pIADNewUser->get_ADsPath(&bstrADSPath)))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): get_ADsPath Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
wstring wstrGroup = _T("LDAP://CN=Domain Admins,CN=Users,") + wstrServerDN;
Zimbra::Util::ScopedInterface<IADsGroup> pGroup;
if (FAILED(hr = ADsGetObject(wstrGroup.c_str(), IID_IADsGroup, (void **)pGroup.getptr())))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): ADsGetObject Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
if (FAILED(hr = ADsOpenObject(wstrGroup.c_str(), wstrLoggedUserName.c_str(),
lpwstrLogonUsrPwd, ADS_SECURE_AUTHENTICATION, IID_IADsGroup,
(void **)pGroup.getptr())))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): ADsOpenObject Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
if (SUCCEEDED(hr = pGroup->Add(bstrADSPath)))
{
if (FAILED(hr = pGroup->SetInfo()))
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): pGroup SetInfo Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
else
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): pGroup Add Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
GUID guid;
if(FAILED(hr = CoCreateGuid(&guid)))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): CoCreateGuid Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
BYTE *str;
hr = UuidToString((UUID *)&guid, (RPC_WSTR *)&str);
if (hr != RPC_S_OK)
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): UuidToString Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
varProp.Clear();
//BYTE bytArr[]="3429bb3084703348b8023e94fabf16ea";
PutBinaryIntoVariant(&varProp,str,16);
RpcStringFree((RPC_WSTR *)&str);
if (FAILED(hr = pIADNewUser->Put(CComBSTR("msExchMailboxGuid"), varProp)))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put msExchMailboxGuid Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - msExchMailboxGuid Failed.");
if (FAILED(hr = ADsOpenObject(strContainer.c_str(), NULL, NULL, ADS_SECURE_AUTHENTICATION,
IID_IDirectoryObject, (void **)pIAdUser.getptr())))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): ADsOpenObject2 Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if (FAILED(hr = pIAdUser->QueryInterface(IID_IADs, (void**) pIAds.getptr())))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): pIAdUser->QueryInterface Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
varProp.Clear();
if( FAILED(hr= pIAds->Get(CComBSTR("msExchMailboxSecurityDescriptor"),&varProp)))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Get msExchMailboxSecurityDescriptor Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if (FAILED(hr = pIADNewUser->Put(CComBSTR("msExchMailboxSecurityDescriptor"), varProp)))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put msExchMailboxSecurityDescriptor Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - msExchMailboxSecurityDescriptor Failed.");
varProp.Clear();
if( FAILED(hr=pIAds->Get(CComBSTR("msExchPoliciesIncluded"),&varProp)))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Get msExchPoliciesIncluded Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if (FAILED(hr = pIADNewUser->Put(CComBSTR("msExchPoliciesIncluded"), varProp)))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put msExchPoliciesIncluded Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - msExchPoliciesIncluded Failed.");
varProp.Clear();
if( FAILED(hr= pIAds->Get(CComBSTR("msExchUserAccountControl"),&varProp)))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Get msExchUserAccountControl Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if (FAILED(hr = pIADNewUser->Put(CComBSTR("msExchUserAccountControl"), varProp)))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put msExchUserAccountControl Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - msExchUserAccountControl Failed.");
varProp.Clear();
if(FAILED(hr = pIAds->GetEx(CComBSTR("showInAddressBook"), &varProp )))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Get showInAddressBook Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->Put(CComBSTR("showInAddressBook"), varProp)))
{
throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put showInAddressBook Failed.",
ERR_CREATE_EXCHMBX, __LINE__, __FILE__);
}
if(FAILED(hr = pIADNewUser->SetInfo()))
ThrowSetInfoException(hr, L"SetInfo - showInAddressBook Failed.");
return hr;
}
BOOL RecursiveIsMember(IADsGroup * pADsGroup,LPWSTR pwszMemberGUID,LPWSTR pwszMemberPath,
BOOL bVerbose, LPOLESTR pwszUser, LPOLESTR pwszPassword)
{
HRESULT hr = S_OK; // COM Result Code
IADsMembers * pADsMembers = NULL; // Ptr to Members of the IADsGroup
BOOL fContinue = TRUE; // Looping Variable
IEnumVARIANT * pEnumVariant = NULL; // Ptr to the Enum variant
IUnknown * pUnknown = NULL; // IUnknown for getting the ENUM initially
VARIANT VariantArray[FETCH_NUM]; // Variant array for temp holding returned data
ULONG ulElementsFetched = NULL; // Number of elements retrieved
BSTR bsGroupPath = NULL;
BOOL bRet = FALSE;
if(!pADsGroup || !pwszMemberGUID || !pwszMemberPath)
{
return FALSE;
}
// Get the path of the object passed in
hr = pADsGroup->get_ADsPath(&bsGroupPath);
if (!SUCCEEDED(hr))
return hr;
if (bVerbose)
{
WCHAR pwszOutput[2048];
wsprintf(pwszOutput,L"Checking the Group:\n\n%s\n\n for the member:\n\n%s\n\n",bsGroupPath,pwszMemberPath);
PrintBanner(pwszOutput);
}
// Get an interface pointer to the IADsCollection of members
hr = pADsGroup->Members(&pADsMembers);
if (SUCCEEDED(hr))
{
// Query the IADsCollection of members for a new ENUM Interface
// Be aware that the enum comes back as an IUnknown *
hr = pADsMembers->get__NewEnum(&pUnknown);
if (SUCCEEDED(hr))
{
// QI the IUnknown * for an IEnumVARIANT interface
hr = pUnknown->QueryInterface(IID_IEnumVARIANT, (void **)&pEnumVariant);
if (SUCCEEDED(hr))
{
// While have not hit errors or end of data....
while (fContinue)
{
ulElementsFetched = 0;
// Get a "batch" number of group members-number of rows specified by FETCH_NUM
hr = ADsEnumerateNext(pEnumVariant, FETCH_NUM, VariantArray, &ulElementsFetched);
if (ulElementsFetched )
{
// Loop through the current batch-printing the path for each member.
for (ULONG i = 0; i < ulElementsFetched; i++ )
{
IDispatch * pDispatch = NULL; // ptr for holding dispath of element
BSTR bstrCurrentPath = NULL; // Holds path of object
BSTR bstrGuidCurrent = NULL; // Holds path of object
IDirectoryObject * pIDOCurrent = NULL;// Holds the current object
// Get the dispatch ptr for the variant
pDispatch = VariantArray[i].pdispVal;
// assert(HAS_BIT_STYLE(VariantArray[i].vt,VT_DISPATCH));
// Get the IADs interface for the "member" of this group
hr = pDispatch->QueryInterface(IID_IDirectoryObject,
(VOID **) &pIDOCurrent ) ;
if (SUCCEEDED(hr))
{
// Get the GUID for the current object
hr = GetObjectGuid(pIDOCurrent,bstrGuidCurrent);
if (FAILED(hr))
return hr;
IADs * pIADsCurrent = NULL;
// Retrieve the IADs Interface for the current object
hr = pIDOCurrent->QueryInterface(IID_IADs,(void**)&pIADsCurrent);
if (FAILED(hr))
return hr;
// Get the ADsPath property for this member
hr = pIADsCurrent->get_ADsPath(&bstrCurrentPath);
if (SUCCEEDED(hr))
{
if (bVerbose)
wprintf(L"Comparing:\n\n%s\nWITH:\n%s\n\n",bstrGuidCurrent,pwszMemberGUID);
// Verify that the member of this group is Equal to passed.
if (_wcsicmp(bstrGuidCurrent,pwszMemberGUID)==0)
{
if (bVerbose)
wprintf(L"!!!!!Object:\n\n%s\n\nIs a member of\n\n%s\n\n",pwszMemberPath,bstrGuidCurrent);
bRet = TRUE;
break;
}
else // Otherwise, bind to this and see if it is a group.
{ // If is it a group then the QI to IADsGroup succeeds
IADsGroup * pIADsGroupAsMember = NULL;
if (pwszUser)
hr = ADsOpenObject( bstrCurrentPath,
pwszUser,
pwszPassword,
ADS_SECURE_AUTHENTICATION,
IID_IADsGroup,
(void**) &pIADsGroupAsMember);
else
hr = ADsGetObject( bstrCurrentPath, IID_IADsGroup,(void **)&pIADsGroupAsMember);
// If bind was completed, then this is a group.
if (SUCCEEDED(hr))
{
// Recursively call this group to verify this group.
BOOL bRetRecurse;
bRetRecurse = RecursiveIsMember(pIADsGroupAsMember,pwszMemberGUID,pwszMemberPath,bVerbose,pwszUser ,pwszPassword );
if (bRetRecurse)
{
bRet = TRUE;
break;
}
pIADsGroupAsMember->Release();
pIADsGroupAsMember = NULL;
}
}
SysFreeString(bstrCurrentPath);
bstrCurrentPath = NULL;
SysFreeString(bstrGuidCurrent);
bstrGuidCurrent = NULL;
}
// Release
pIDOCurrent->Release();
pIDOCurrent = NULL;
if (pIADsCurrent)
{
pIADsCurrent->Release();
pIADsCurrent = NULL;
}
}
}
// Clear the variant array.
memset(VariantArray, 0, sizeof(VARIANT)*FETCH_NUM);
}
else
fContinue = FALSE;
}
pEnumVariant->Release();
pEnumVariant = NULL;
}
pUnknown->Release();
pUnknown = NULL;
}
pADsMembers ->Release();
pADsMembers = NULL;
}
// Free the group path if retrieved.
if (bsGroupPath)
{
SysFreeString(bsGroupPath);
bsGroupPath = NULL;
}
return bRet;
}
LDAPAUTH_API
BOOL CUGP(char * userin,char *password,char *machine, char * groupin,int locdom)
{
OSVERSIONINFO ovi = { sizeof ovi };
GetVersionEx( &ovi );
if (ovi.dwPlatformId == VER_PLATFORM_WIN32_NT &&
ovi.dwMajorVersion >= 5 )
{
//Handle the command line arguments.
LPOLESTR pszBuffer = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer2 = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer3 = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer4 = new OLECHAR[MAX_PATH*2];
mbstowcs( (wchar_t *) pszBuffer, userin, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer2, password, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer3, machine, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer4, groupin, MAX_PATH );
HRESULT hr = S_OK;
//Get rootDSE and the domain container's DN.
IADs *pObject = NULL;
IADs *pObjectUser = NULL;
IADs *pObjectGroup = NULL;
IDirectorySearch *pDS = NULL;
LPOLESTR szPath = new OLECHAR[MAX_PATH];
LPOLESTR myPath = new OLECHAR[MAX_PATH];
VARIANT var;
wcscpy(szPath,L"LDAP://");
wcscat(szPath,L"rootDSE");
wprintf(szPath);
wprintf(L"\n");
hr = ADsOpenObject(szPath,
pszBuffer,
pszBuffer2,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IADs,
(void**)&pObject);
if (FAILED(hr))
{
wprintf(L"Bind to domain failed %i\n",hr);
if (pObject) pObject->Release();
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
return false;
}
hr = pObject->Get(L"defaultNamingContext",&var);
if (SUCCEEDED(hr))
{
wcscpy(szPath,L"LDAP://");
wcscat(szPath,var.bstrVal);
VariantClear(&var);
if (pObject)
{
pObject->Release();
pObject = NULL;
}
wprintf( szPath);
wprintf(L"\n");
//Bind to the root of the current domain.
hr = ADsOpenObject(szPath,pszBuffer,pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IDirectorySearch,(void**)&pDS);
if (SUCCEEDED(hr))
{
if (SUCCEEDED(hr))
{
hr = FindUserByName(pDS, pszBuffer, &pObjectUser);
if (FAILED(hr))
{
wprintf(L"User not found %i\n",hr);
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
if (pObjectUser) pObjectUser->Release();
return false;
}
if (pObjectUser) pObjectUser->Release();
///////////////////// VNCACCESS
hr = FindGroup(pDS, pszBuffer, &pObjectGroup,pszBuffer4);
if (pObjectGroup)
{
pObjectGroup->Release();
pObjectGroup = NULL;
}
if (FAILED(hr)) wprintf(L"group not found\n");
if (SUCCEEDED(hr))
{
wprintf(L"Group found OK\n");
IADsGroup * pIADsG;
hr = ADsOpenObject( gbsGroup,pszBuffer, pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IADsGroup, (void**) &pIADsG);
if (SUCCEEDED(hr))
{
VARIANT_BOOL bMember = FALSE;
hr = pIADsG->IsMember(gbsMember,&bMember);
if (SUCCEEDED(hr))
{
if (bMember == -1)
{
wprintf(L"Object \n\n%s\n\n IS a member of the following Group:\n\n%s\n\n",gbsMember,gbsGroup);
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
return true;
}
else
{
BSTR bsMemberGUID = NULL;
IDirectoryObject * pDOMember = NULL;
hr = ADsOpenObject( gbsMember,pszBuffer, pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDOMember);
if (SUCCEEDED(hr))
{
hr = GetObjectGuid(pDOMember,bsMemberGUID);
pDOMember->Release();
pDOMember = NULL;
if (RecursiveIsMember(pIADsG,bsMemberGUID,gbsMember,true, pszBuffer, pszBuffer2))
{
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
return true;
}
}
}//else bmember
}//ismember
}//iadsgroup
}//Findgroup
wprintf(L"USER not found in group\n");
}//user
}
if (pDS) pDS->Release();
}
/*LOGFAILED(pszBuffer3,pszBuffer);*/
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] szPath;
delete [] myPath;
return false;
}
return false;
}
//----------------------------------------------------------------------------
//
// GetDeletedObjectsContainer()
//
// Binds to the Deleted Object container.
//
//----------------------------------------------------------------------------
HRESULT GetDeletedObjectsContainer(IADsContainer **ppContainer)
{
if(NULL == ppContainer)
{
return E_INVALIDARG;
}
HRESULT hr;
IADs *pRoot;
*ppContainer = NULL;
// Bind to the rootDSE object.
hr = ADsOpenObject(L"LDAP://rootDSE",
NULL,
NULL,
ADS_SECURE_AUTHENTICATION,
IID_IADs,
(LPVOID*)&pRoot);
if(SUCCEEDED(hr))
{
VARIANT var;
VariantInit(&var);
// Get the current domain DN.
hr = pRoot->Get(L"defaultNamingContext", &var);
if(SUCCEEDED(hr))
{
// Build the binding string.
LPWSTR pwszFormat = L"LDAP://<WKGUID=%s,%s>";
LPWSTR pwszPath;
pwszPath = new WCHAR[wcslen(pwszFormat) + wcslen(GUID_DELETED_OBJECTS_CONTAINER_W) + wcslen(var.bstrVal)];
if(NULL != pwszPath)
{
swprintf(pwszPath, pwszFormat, GUID_DELETED_OBJECTS_CONTAINER_W, var.bstrVal);
// Bind to the object.
hr = ADsOpenObject(pwszPath,
NULL,
NULL,
ADS_FAST_BIND | ADS_SECURE_AUTHENTICATION,
IID_IADsContainer,
(LPVOID*)ppContainer);
delete pwszPath;
}
else
{
hr = E_OUTOFMEMORY;
}
VariantClear(&var);
}
pRoot->Release();
}
return hr;
}
HRESULT FindGroup(IDirectorySearch *pSearchBase, //Container to search
LPOLESTR szFindUser, //Name of user to find.
IADs **ppUser,LPOLESTR szGroup) //Return a pointer to the user
{
HRESULT hrObj = E_FAIL;
HRESULT hr = E_FAIL;
if ((!pSearchBase)||(!szFindUser))
return E_INVALIDARG;
//Create search filter
LPOLESTR pszSearchFilter = new OLECHAR[MAX_PATH];
LPOLESTR szADsPath = new OLECHAR[MAX_PATH];
wcscpy(pszSearchFilter, L"(&(objectClass=group)(cn=");
wcscat(pszSearchFilter,szGroup);
wcscat(pszSearchFilter, L"))");
//Search entire subtree from root.
ADS_SEARCHPREF_INFO SearchPrefs;
SearchPrefs.dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE;
SearchPrefs.vValue.dwType = ADSTYPE_INTEGER;
SearchPrefs.vValue.Integer = ADS_SCOPE_SUBTREE;
DWORD dwNumPrefs = 1;
// COL for iterations
ADS_SEARCH_COLUMN col;
// Handle used for searching
ADS_SEARCH_HANDLE hSearch;
// Set the search preference
hr = pSearchBase->SetSearchPreference( &SearchPrefs, dwNumPrefs);
if (FAILED(hr))
return hr;
// Set attributes to return
CONST DWORD dwAttrNameSize = 1;
LPOLESTR pszAttribute[dwAttrNameSize] = {L"ADsPath"};
// Execute the search
hr = pSearchBase->ExecuteSearch(pszSearchFilter,
pszAttribute,
dwAttrNameSize,
&hSearch
);
if (SUCCEEDED(hr))
{
// Call IDirectorySearch::GetNextRow() to retrieve the next row
//of data
while( pSearchBase->GetNextRow( hSearch) != S_ADS_NOMORE_ROWS )
{
// loop through the array of passed column names,
// print the data for each column
for (DWORD x = 0; x < dwAttrNameSize; x++)
{
// Get the data for this column
hr = pSearchBase->GetColumn( hSearch, pszAttribute[x], &col );
if ( SUCCEEDED(hr) )
{
// Print the data for the column and free the column
// Note the attribute we asked for is type CaseIgnoreString.
wcscpy(szADsPath, col.pADsValues->CaseIgnoreString);
hr = ADsOpenObject(szADsPath,
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IADs,
(void**)ppUser);
if (SUCCEEDED(hr))
{
wprintf(L"%s: %s\r\n",pszAttribute[x],col.pADsValues->CaseIgnoreString);
hrObj = S_OK;
gbsGroup=SysAllocString(col.pADsValues->CaseIgnoreString);
}
pSearchBase->FreeColumn( &col );
}
else
hr = E_FAIL;
}
}
// Close the search handle to clean up
pSearchBase->CloseSearchHandle(hSearch);
}
if (FAILED(hrObj))
hr = hrObj;
return hr;
}
void wmain( int argc, wchar_t *argv[ ])
{
//Handle the command line arguments.
LPOLESTR pszBuffer = NULL;
pszBuffer = new OLECHAR[MAX_PATH*2];
if(pszBuffer == NULL)
goto ret;
if (argv[1] == NULL)
{
wprintf(L"This program finds a user in the current Window 2000 domain\n");
wprintf(L"and displays its objectSid property in string form.\n");
wprintf(L"This program demonstrates reading a property of type octet string.\n\n");
wprintf(L"Enter Common Name of the user to find:");
if ( !_getws_s(pszBuffer, MAX_PATH*2))
{
delete [] pszBuffer;
wprintf(L"String exceeded buffer size.\n\n");
return;
}
}
else
if ( !wcscpy_s(pszBuffer, MAX_PATH*2, argv[1]))
{
delete [] pszBuffer;
wprintf(L"String exceeded buffer size.\n\n");
return;
}
//if empty string, exit.
if (0==wcscmp(L"", pszBuffer))
goto ret;
wprintf(L"\nFinding user: %s...\n",pszBuffer);
//Intialize COM
CoInitialize(NULL);
HRESULT hr = S_OK;
//Get rootDSE and the domain container's DN.
IADs *pObject = NULL;
IDirectorySearch *pDS = NULL;
LPOLESTR szPath = NULL;
szPath = new OLECHAR[MAX_PATH];
if(szPath == NULL)
goto ret;
VARIANT var;
hr = ADsOpenObject(L"LDAP://rootDSE",
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IADs,
(void**)&pObject);
if (FAILED(hr))
{
wprintf(L"Not Found. Could not bind to the domain.\n");
if (pObject)
pObject->Release();
goto ret;
}
VariantInit(&var);
hr = pObject->Get(L"defaultNamingContext",&var);
if (SUCCEEDED(hr))
{
wcscpy_s(szPath,MAX_PATH,L"LDAP://");
wcscat_s(szPath,MAX_PATH,var.bstrVal);
VariantClear(&var);
if (pObject)
{
pObject->Release();
pObject = NULL;
}
//Bind to the root of the current domain.
hr = ADsOpenObject(szPath,
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IDirectorySearch,
(void**)&pDS);
if (SUCCEEDED(hr))
{
hr = FindUserByName(pDS, //Container to search
pszBuffer, //Name of user to find.
&pObject); //Return a pointer to the user
if (SUCCEEDED(hr))
{
//Get the objectSid property
hr = pObject->Get(L"objectSid", &var);
if (SUCCEEDED(hr))
{
LPBYTE pByte = NULL;
wprintf (L"----------------------------------------------\n");
wprintf (L"----------Call GetLPBYTEtoOctetString---------\n");
wprintf (L"----------------------------------------------\n");
hr = GetLPBYTEtoOctetString(&var, //IN. Pointer to variant containing the octetstring.
&pByte //OUT. Return LPBYTE to the data represented in octetstring.
);
PSID pObjectSID = (PSID)pByte;
//Convert SID to string.
LPOLESTR szSID = NULL;
ConvertSidToStringSid(pObjectSID, &szSID);
wprintf(L"objectSid:%s\n",szSID);
LocalFree(szSID);
//Free the buffer.
CoTaskMemFree(pByte);
}
else
wprintf(L"Get method failed with hr: %x\n",hr);
VariantClear(&var);
}
else
{
wprintf(L"User \"%s\" not Found.\n",pszBuffer);
wprintf (L"FindUserByName failed with the following HR: %x\n", hr);
}
if (pObject)
pObject->Release();
}
if (pDS)
pDS->Release();
}
ret:
if(pszBuffer) delete pszBuffer;
if(szPath) delete szPath;
//Uninitalize COM
CoUninitialize();
return;
}
OperationDomainPaths::OperationDomainPaths(std::queue<std::wstring> & oArgList) : Operation(oArgList)
{
// exit if there are not enough arguments to parse
std::vector<std::wstring> sSubArgs = ProcessAndCheckArgs(1, oArgList);
// initialize com only
static HRESULT hComInit = CoInitializeEx(NULL, COINIT_MULTITHREADED);
if (hComInit != S_OK && hComInit != S_FALSE)
{
wprintf(L"ERROR: Could not initialize COM.\n");
exit(-1);
}
// find a domain controller for the specified domain
PDOMAIN_CONTROLLER_INFO tDomainControllerInfo;
if (DsGetDcName(NULL, sSubArgs[0].c_str(), NULL, NULL,
DS_IS_FLAT_NAME | DS_RETURN_DNS_NAME | DS_TRY_NEXTCLOSEST_SITE | DS_FORCE_REDISCOVERY,
&tDomainControllerInfo) != ERROR_SUCCESS)
{
wprintf(L"ERROR: Could not locate domain controller for domain '%s'\n", sSubArgs[0].c_str());
exit(-1);
}
// create a string
std::wstring sPath = std::wstring(L"LDAP://") + (wcsrchr(tDomainControllerInfo->DomainControllerName, '\\') + 1);
// grab the dns suffix for later use
std::wstring sSuffix = tDomainControllerInfo->DomainName;
NetApiBufferFree(tDomainControllerInfo);
// bind to global catalog
CComPtr<IDirectorySearch> oSearch;
if (FAILED(ADsOpenObject(sPath.c_str(), NULL, NULL, ADS_SECURE_AUTHENTICATION,
IID_IDirectorySearch, (void**)&oSearch)))
{
wprintf(L"ERROR: Could not establish search for domain '%s'\n", sSubArgs[0].c_str());
exit(-1);
}
// setup preferences to search entire tree
ADS_SEARCHPREF_INFO SearchPref;
SearchPref.dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE;
SearchPref.vValue.dwType = ADSTYPE_INTEGER;
SearchPref.vValue.Integer = ADS_SCOPE_SUBTREE;
// set the search preference.
if (FAILED(oSearch->SetSearchPreference(&SearchPref, 1)))
{
wprintf(L"ERROR: Could not set search preference for domain '%s'\n", sSubArgs[0].c_str());
exit(-1);
}
// create the search filter
WCHAR sSearchFilter[] = L"(&(objectCategory=computer)(|(operatingSystem=*server*)(operatingSystem=*ontap*)(operatingSystem=*netapp*))" \
"(!(userAccountControl:1.2.840.113556.1.4.803:=8192))(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(msDS-isRODC=true)))";
// execute the search.
LPWSTR sAttributes[] = { L"cn" };
ADS_SEARCH_HANDLE hSearch;
if (FAILED(oSearch->ExecuteSearch(sSearchFilter, sAttributes, _countof(sAttributes), &hSearch)))
{
wprintf(L"ERROR: Could not execute search for domain '%s'\n", sSubArgs[0].c_str());
exit(-1);
}
// enumerate results
std::vector<std::wstring> sServers;
for (HRESULT hResult = oSearch->GetFirstRow(hSearch); hResult == S_OK; hResult = oSearch->GetNextRow(hSearch))
{
// get the data from the column
ADS_SEARCH_COLUMN oColumn;
if (FAILED(oSearch->GetColumn(hSearch, sAttributes[0], &oColumn)) ||
oColumn.dwADsType != ADSTYPE_CASE_IGNORE_STRING)
{
continue;
}
// add the server to our list
oArgList.push(L"/SharePaths");
oArgList.push(std::wstring(oColumn.pADsValues->CaseIgnoreString) + L"." + sSuffix +
((sSubArgs.size() == 2) ? (L":" + sSubArgs[1]) : L""));
// free the column.
oSearch->FreeColumn(&oColumn);
}
// close search handle
if (oSearch->CloseSearchHandle(hSearch) != NULL)
{
wprintf(L"ERROR: Could not close search for domain '%s'\n", sSubArgs[0].c_str());
exit(-1);
}
};
void wmain( int argc, wchar_t *argv[])
{
//Handle the command line arguments.
int maxAlloc = MAX_PATH*2;
LPOLESTR pszBuffer = new OLECHAR[maxAlloc];
wcscpy_s(pszBuffer, maxAlloc, L"");
BOOL bReturnVerbose = FALSE;
for (int i = 1;i<argc;i++)
{
if (_wcsicmp(argv[i],L"/V") == 0)
{
bReturnVerbose = TRUE;
}
else if ((_wcsicmp(argv[i],L"/?") == 0)||
(_wcsicmp(argv[i],L"-?") == 0))
{
wprintf(L"This program queries for users in the current user's domain.\n");
wprintf(L"Syntax: queryusers [/V][querystring]\n");
wprintf(L"where /V specifies that all properties for the found users should be returned.\n");
wprintf(L" querystring is the query criteria in ldap query format.\n");
wprintf(L"Defaults: If no /V is specified, the query returns only the RDN and DN of the items found.\n");
wprintf(L" If no querystring is specified, the query returns all users.\n");
wprintf(L"Example: queryusers (sn=Smith)\n");
wprintf(L"Returns all users with surname Smith.\n");
return;
}
else
{
if ( IS_BUFFER_ENOUGH(maxAlloc, pszBuffer, argv[i]) > 0 )
{
wcscpy_s(pszBuffer,maxAlloc,argv[i]);
}
else
{
wprintf(L"Buffer is too small for the argument");
delete [] pszBuffer;
return;
}
}
}
if (_wcsicmp(pszBuffer,L"") == 0)
wprintf(L"\nFinding all user objects...\n\n");
else
wprintf(L"\nFinding user objects based on query: %s...\n\n", pszBuffer);
//Initialize COM
CoInitialize(NULL);
HRESULT hr = S_OK;
//Get rootDSE and the current user's domain container DN.
IADs *pObject = NULL;
IDirectorySearch *pContainerToSearch = NULL;
LPOLESTR szPath = new OLECHAR[MAX_PATH];
VARIANT var;
hr = ADsOpenObject(L"LDAP://rootDSE",
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IADs,
(void**)&pObject);
if (FAILED(hr))
{
wprintf(L"Could not execute query. Could not bind to LDAP://rootDSE.\n");
if (pObject)
pObject->Release();
delete [] pszBuffer;
delete [] szPath;
CoUninitialize();
return;
}
if (SUCCEEDED(hr))
{
hr = pObject->Get(L"defaultNamingContext",&var);
if (SUCCEEDED(hr))
{
//Build path to the domain container.
wcscpy_s(szPath,MAX_PATH,L"LDAP://");
if ( IS_BUFFER_ENOUGH(MAX_PATH, szPath, var.bstrVal) > 0 )
{
wcscat_s(szPath,MAX_PATH,var.bstrVal);
}
else
{
wprintf(L"Buffer is too small for the domain DN");
delete [] pszBuffer;
delete [] szPath;
CoUninitialize();
return;
}
hr = ADsOpenObject(szPath,
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IDirectorySearch,
(void**)&pContainerToSearch);
if (SUCCEEDED(hr))
{
hr = FindUsers(pContainerToSearch, //IDirectorySearch pointer to Partitions container.
pszBuffer,
NULL, //Return all properties
-1, // Return all properties
bReturnVerbose
);
if (SUCCEEDED(hr))
{
if (S_FALSE==hr)
wprintf(L"No user object could be found.\n");
}
else if (0x8007203e==hr)
wprintf(L"Could not execute query. An invalid filter was specified.\n");
else
wprintf(L"Query failed to run. HRESULT: %x\n",hr);
}
else
{
wprintf(L"Could not execute query. Could not bind to the container.\n");
}
if (pContainerToSearch)
pContainerToSearch->Release();
}
VariantClear(&var);
}
if (pObject)
pObject->Release();
delete [] pszBuffer;
delete [] szPath;
// Uninitialize COM
CoUninitialize();
return;
}
/* Note: Using the UNICODE version of main().
this removes the need for the sample to include
UNICODE-ANSI conversion routines
*/
void wmain( int argc, wchar_t *argv[ ])
{
WCHAR pwszTemp[4096];
// We have now scanned PAST whitespace- so copy the string:
wcscpy_s(pwszTemp,4096,L" A String");
Trim(pwszTemp);
HRESULT hr;
IDirectoryObject * pDirObjectContainer = NULL;
IDirectoryObject * pDirObjRet = NULL;
if (!ParseCommandLine(argc,argv))
return;
// Initialize COM
CoInitialize(0);
// Bind to the container passed
// If USER and PASS passed in, use ADsOpenObject()
if (bsUSER)
hr = ADsOpenObject(bsLDAP, bsUSER, bsPASS,
ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDirObjectContainer);
else
hr = ADsGetObject( bsLDAP, IID_IDirectoryObject,(void **)&pDirObjectContainer);
if (SUCCEEDED(hr))
{
// if a file is NOT passed in- Do the simple version
if (!bsFILE)
{
// Call the helper funtion to create the User
hr = CreateUser(pDirObjectContainer, bsUNAME,bsSAMNAME,
&pDirObjRet);
}
else // file was passed in
{
// Call the helper funtion to create the User
hr = CreateUserFromFile(pDirObjectContainer, bsUNAME,bsSAMNAME,
&pDirObjRet,bsFILE);
}
if (SUCCEEDED(hr))
{
_putws(L"\n\n New User created with the following properties:\n");
IADs * pIADsNewGoup = NULL;
// User succeeded- now get an IADs interface to it
// and print some properties
hr = pDirObjRet->QueryInterface(IID_IADs,(void**)&pIADsNewGoup);
if (SUCCEEDED(hr))
{
PrintIADSObject(pIADsNewGoup);
pIADsNewGoup->Release();
pIADsNewGoup = NULL;
}
else
CheckADHRESULT(hr,L"QueryInterface() - New User for IADs");
pDirObjRet->Release();
pDirObjRet = NULL;
}
else
CheckADHRESULT(hr,L"CreateUser()");
pDirObjectContainer->Release();
pDirObjectContainer = NULL;
}
else
if (bsUSER)
CheckADHRESULT(hr,L"ADsOpenObject()");
else
CheckADHRESULT(hr,L"ADsGetObject()");
if ( bsLDAP )
::SysFreeString(bsLDAP);
if ( bsUNAME )
::SysFreeString(bsUNAME);
if ( bsSAMNAME )
::SysFreeString(bsSAMNAME);
if ( bsFILE )
::SysFreeString(bsFILE);
if ( bsUSER )
::SysFreeString(bsUSER);
if ( bsPASS )
::SysFreeString(bsPASS);
CoUninitialize();
}
LDAPAUTHNT4_API
BOOL CUGP(char * userin,char *password,char *machine,char *groupin,int locdom)
{
{
//Handle the command line arguments.
LPOLESTR pszBuffer = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer2 = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer3 = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer4 = new OLECHAR[MAX_PATH*2];
mbstowcs( (wchar_t *) pszBuffer, userin, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer2, password, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer3, machine, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer4, groupin, MAX_PATH );
HRESULT hr = S_OK;
//Get rootDSE and the domain container's DN.
IADs *pObject = NULL;
IADs *pObjectUser = NULL;
IADs *pObjectGroup = NULL;
IDirectorySearch *pDS = NULL;
LPOLESTR szPath = new OLECHAR[MAX_PATH];
LPOLESTR myPath = new OLECHAR[MAX_PATH];
VARIANT var;
////////////FIND SERVER NEEDED FOR NT4
DWORD dwRet;
PDOMAIN_CONTROLLER_INFO pdci;
dwRet = DsGetDcName(NULL, NULL, NULL, NULL , DS_PDC_REQUIRED, &pdci);
if (ERROR_SUCCESS!=dwRet)
{
wprintf(L"PDC not found try a rediscover \n");
dwRet = DsGetDcName(NULL, NULL, NULL, NULL , DS_DIRECTORY_SERVICE_REQUIRED|DS_FORCE_REDISCOVERY, &pdci);
if (ERROR_SUCCESS!=dwRet)
{
wprintf(L"PDC not found \n");
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
return false;
}
}
//////////////////////////////////////////
wcscpy(szPath,L"LDAP://");
wcscat(szPath,pdci->DomainControllerName+2);
wcscat(szPath,L"/rootDSE");
wprintf(szPath);
wprintf(L"\n");
hr = ADsOpenObject(szPath,
pszBuffer,
pszBuffer2,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IADs,
(void**)&pObject);
if (FAILED(hr))
{
bool result=false;
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
return result;
}
hr = pObject->Get(L"defaultNamingContext",&var);
if (SUCCEEDED(hr))
{
wcscpy(szPath,L"LDAP://");
wcscat(szPath,pdci->DomainControllerName+2);
wcscat(szPath,L"/");
wcscat(szPath,var.bstrVal);
VariantClear(&var);
if (pObject)
{
pObject->Release();
pObject = NULL;
}
wprintf( szPath);
wprintf(L"\n");
//Bind to the root of the current domain.
hr = ADsOpenObject(szPath,pszBuffer,pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IDirectorySearch,(void**)&pDS);
if (SUCCEEDED(hr))
{
if (SUCCEEDED(hr))
{
hr = FindUserByName(pDS, pszBuffer, &pObjectUser );
if (FAILED(hr))
{
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
if (pObjectUser) pObjectUser->Release();
return false;
}
if (pObjectUser) pObjectUser->Release();
///////////////////// VNCACCESS
hr = FindGroup(pDS, pszBuffer, &pObjectGroup,pszBuffer4);
if (pObjectGroup)
{
pObjectGroup->Release();
pObjectGroup = NULL;
}
if (SUCCEEDED(hr))
{
wprintf(L"FindGroup OK\n");
IADsGroup * pIADsG;
hr = ADsOpenObject( gbsGroup,pszBuffer, pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IADsGroup, (void**) &pIADsG);
if (SUCCEEDED(hr))
{
VARIANT_BOOL bMember = FALSE;
hr = pIADsG->IsMember(gbsMember,&bMember);
if (SUCCEEDED(hr))
{
if (bMember == -1)
{
wprintf(L"Object \n\n%s\n\n IS a member of the following Group:\n\n%s\n\n",gbsMember,gbsGroup);
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
return true;
}
else
{
BSTR bsMemberGUID = NULL;
IDirectoryObject * pDOMember = NULL;
hr = ADsOpenObject( gbsMember,pszBuffer, pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDOMember);
if (SUCCEEDED(hr))
{
hr = GetObjectGuid(pDOMember,bsMemberGUID);
pDOMember->Release();
pDOMember = NULL;
if (RecursiveIsMember(pIADsG,bsMemberGUID,gbsMember,true, pszBuffer, pszBuffer2))
{
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
return true;
}
}
}//else bmember
}//ismember
}//iadsgroup
}//Findgroup
}//user
}
if (pDS) pDS->Release();
}
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
return false;
}
return false;
}
