int main(int argc, char* argv[]) { wprintf(L"This program checks whether the current domain is in mixed or native mode.\n"); //Intialize COM CoInitialize(NULL); HRESULT hr = S_OK; //Get rootDSE and the domain container's DN. IADs *pObject = NULL; VARIANT var; BOOL bIsMixed; LPOLESTR szPath = new OLECHAR[MAX_PATH]; if ( !szPath ) { wprintf(L"Alloc Failed"); return FALSE; } hr = ADsOpenObject(L"LDAP://rootDSE", NULL, NULL, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IADs, (void**)&pObject); if (FAILED(hr)) { wprintf(L"Not Found. Could not bind to the domain.\n"); if (pObject) pObject->Release(); delete [] szPath; CoUninitialize(); return TRUE; } hr = pObject->Get(L"defaultNamingContext",&var); if (SUCCEEDED(hr)) { wcscpy_s(szPath,MAX_PATH,L"LDAP://"); //For NT 4.0 and Win 9.x, you must add the server name, e.g LDAP://myServer int len = wcslen(szPath); int dnLen = wcslen( var.bstrVal); if ( MAX_PATH <= len + dnLen ) // make sure we have enough buffer { wprintf(L"The buffer is too small for the DN\n"); pObject->Release(); VariantClear(&var); delete [] szPath; CoUninitialize(); return FALSE; } wcscat_s(szPath,MAX_PATH,var.bstrVal); VariantClear(&var); if (pObject) { pObject->Release(); pObject = NULL; } //Bind to the root of the current domain. hr = ADsOpenObject(szPath, NULL, NULL, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IADs, (void**)&pObject); if (SUCCEEDED(hr)) { hr = GetDomainMode(pObject, &bIsMixed); if (SUCCEEDED(hr)) { hr = pObject->Get(L"name",&var); if (bIsMixed) wprintf(L"Current domain %s is in mixed mode\n", var.bstrVal); else wprintf(L"Current domain %s is in native mode\n", var.bstrVal); } else wprintf(L"GetDomainMode failed with hr: %x",hr); } else wprintf(L"Bind to domain failed with hr: %x",hr); } VariantClear(&var); if (pObject) pObject->Release(); delete [] szPath; CoUninitialize(); return TRUE; }
HRESULT ExchangeAdmin::DeleteExchangeMailBox(LPCWSTR lpwstrMailBox, LPCWSTR lpwstrlogonuser, LPCWSTR lpwstrLogonUsrPwd) { HRESULT hr; wstring UserDN; wstring LegacyName; Zimbra::Util::ScopedInterface<IDirectoryObject> pDirContainer; try { Zimbra::MAPI::Util::GetUserDNAndLegacyName(m_strServer.c_str(), lpwstrlogonuser, lpwstrLogonUsrPwd, UserDN, LegacyName); } catch (Zimbra::MAPI::ExchangeAdminException &ex) { dloge("ExchangeAdmin::DeleteExchangeMailBox ExchangeAdminException exception: %S", ex.Description().c_str()); throw; } catch (Zimbra::MAPI::Util::MapiUtilsException &ex) { dloge("ExchangeAdmin::DeleteExchangeMailBox MapiUtilsException exception: %S", ex.Description().c_str()); throw; } wstring twtsrlogonuserDN = UserDN; size_t nPos = twtsrlogonuserDN.find(_T("DC="), 0); wstring wstrServerDN = twtsrlogonuserDN.substr(nPos); wstring wstrADSPath = _T("LDAP://CN=Users,") + wstrServerDN; // get dir container if (FAILED(hr = ADsOpenObject(wstrADSPath.c_str(), lpwstrlogonuser, lpwstrLogonUsrPwd, ADS_SECURE_AUTHENTICATION, IID_IDirectoryObject, (void **)pDirContainer.getptr()))) throw ExchangeAdminException(hr, L"DeleteExchangeMailBox(): ADsOpenObject Failed.", ERR_DELETE_MBOX, __LINE__, __FILE__); wstring mailboxcn = L"CN="; mailboxcn += lpwstrMailBox; hr = pDirContainer->DeleteDSObject((LPWSTR)mailboxcn.c_str()); return hr; }
static HRESULT GetGCSearch(IDirectorySearch **ppDS) { HRESULT hr; IEnumVARIANT *pEnum = NULL; IADsContainer *pCont = NULL; IDispatch *pDisp = NULL; VARIANT var; ULONG lFetch; *ppDS = NULL; /* Bind to the GC: namespace container object. The true GC DN is a single immediate child of the GC: namespace, which must be obtained using enumeration. */ hr = ADsOpenObject(L"GC:", NULL, NULL, ADS_SECURE_AUTHENTICATION, /* Use Secure Authentication. */ IID_IADsContainer, (void**)&pCont); if (FAILED(hr)) { smpd_err_printf("ADsOpenObject failed: 0x%x\n", hr); goto cleanup; } /* Get an enumeration interface for the GC container. */ hr = ADsBuildEnumerator(pCont, &pEnum); if (FAILED(hr)) { smpd_err_printf("ADsBuildEnumerator failed: 0x%x\n", hr); goto cleanup; } /* Now enumerate. There is only one child of the GC: object. */ hr = ADsEnumerateNext(pEnum, 1, &var, &lFetch); if (FAILED(hr)) { smpd_err_printf("ADsEnumerateNext failed: 0x%x\n", hr); goto cleanup; } if ((hr == S_OK) && (lFetch == 1)) { pDisp = V_DISPATCH(&var); hr = pDisp->QueryInterface(IID_IDirectorySearch, (void**)ppDS); } cleanup: if (pEnum) { ADsFreeEnumerator(pEnum); pEnum = NULL; } if (pCont) { pCont->Release(); pCont = NULL; } if (pDisp) { pDisp->Release(); pDisp = NULL; } return hr; }
void wmain( int argc, wchar_t *argv[ ]) { BOOL bIsAttributeQuery = TRUE; BOOL bReturnVerbose = FALSE; LPOLESTR szType = L"attribute"; if (1==argc||(_wcsicmp(argv[1],L"/?") == 0)) { wprintf(L"This program queries the schema for the specified classes or attributes.\n"); wprintf(L"Syntax: getschemainfo [/C|/A][/V][querystring]\n"); wprintf(L"where /C specifies to query for classes.\n"); wprintf(L" /A specifies to query for attributes.\n"); wprintf(L" /V specifies that all properties for the found classes or attributes should be returned.\n"); wprintf(L" querystring is the query criteria in ldap query format.\n"); wprintf(L"Defaults: If neither /A or /C is specified, the query is against both.\n"); wprintf(L" If no /V is specified, the query returns only the ldapDisplayName and cn of the items found.\n"); wprintf(L" If no querystring is specified, the query returns all classes and/or attributes.\n"); wprintf(L"Example: getschemainfo /A (IsSingleValued=TRUE)\n"); wprintf(L"Returns all single-valued attributes in the schema.\n"); wprintf(L"Common querystrings:\n"); wprintf(L"For attributes:\n"); wprintf(L"(cn=Street-Address) to find the attribute with CN of Street-Address.\n"); wprintf(L"(ldapdisplayname=street) to find the attribute with ldapdisplayname of street.\n"); wprintf(L"(IsSingleValued=TRUE) for single-valued attributes.\n"); wprintf(L"(IsSingleValued=FALSE) for mulit-valued attributes.\n"); wprintf(L"(systemFlags:1.2.840.113556.1.4.804:=00000001) for non-replicated attributes\n"); wprintf(L"(systemFlags:1.2.840.113556.1.4.804:=00000004) for constructed attributes\n"); wprintf(L"(searchFlags=1) for indexed attributes.\n"); wprintf(L"(isMemberOfPartialAttributeSet=TRUE) for attributes included in the global catalog\n"); return; } //Handle the command line arguments int maxAlloc=MAX_PATH*2; LPOLESTR pszBuffer = new OLECHAR[maxAlloc]; if ( !pszBuffer ) { wprintf(L"Alloc Failed "); return; } wcscpy_s(pszBuffer, maxAlloc, L""); for (int i = 1;i<argc;i++) { if (_wcsicmp(argv[i],L"/C") == 0) { bIsAttributeQuery = FALSE; szType = L"class"; } else if (_wcsicmp(argv[i],L"/A") == 0) { bIsAttributeQuery = TRUE; szType = L"attribute"; } else if (_wcsicmp(argv[i],L"/V") == 0) { bReturnVerbose = TRUE; } else { if ( IS_BUFFER_ENOUGH(maxAlloc,pszBuffer, argv[i]) > 0 ) { wcscpy_s(pszBuffer,maxAlloc,argv[i]); } else { wprintf(L"The argument is too large "); if ( pszBuffer ) delete [] pszBuffer; return; } } } if (_wcsicmp(pszBuffer,L"") == 0) wprintf(L"\nFinding all %sSchema objects in the schema...\n\n",szType); else wprintf(L"\nFinding %sSchema objects based on query: %s...\n\n",szType, pszBuffer); HRESULT hr = S_OK; //Get rootDSE and the domain container's DN. IADs *pObject = NULL; IDirectorySearch *pSchemaNC = NULL; const unsigned int pathLen = MAX_PATH; LPOLESTR szPath = new OLECHAR[pathLen]; if ( !szPath ) { wprintf(L"Alloc Failed "); delete [] pszBuffer; return; } //Intialize COM CoInitialize(NULL); VARIANT var; hr = ADsOpenObject(L"LDAP://rootDSE", NULL, NULL, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IADs, (void**)&pObject); if (FAILED(hr)) { wprintf(L"Could not execute query. Could not bind to LDAP://rootDSE.\n"); if (pObject) pObject->Release(); delete [] pszBuffer; delete [] szPath; CoUninitialize(); return; } if (SUCCEEDED(hr)) { hr = pObject->Get(L"schemaNamingContext",&var); if (SUCCEEDED(hr)) { wcscpy_s(szPath,pathLen,L"LDAP://"); if ( IS_BUFFER_ENOUGH(MAX_PATH,szPath, var.bstrVal, SysStringLen(var.bstrVal)) > 0 ) { wcscat_s(szPath,pathLen,var.bstrVal); } else { wprintf(L"The Schema's DN is too large"); pObject->Release(); delete [] pszBuffer; delete [] szPath; CoUninitialize(); return; } hr = ADsOpenObject(szPath, NULL, NULL, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IDirectorySearch, (void**)&pSchemaNC); if (SUCCEEDED(hr)) { hr = FindAttributesOrClasses(pSchemaNC, //IDirectorySearch pointer to schema naming context. pszBuffer, NULL, bIsAttributeQuery, bReturnVerbose ); if (SUCCEEDED(hr)) { if (S_FALSE==hr) wprintf(L"No %sSchema object could be found based on the query: %s\n",szType,pszBuffer); } else if (0x8007203e==hr) wprintf(L"Could not execute query. An invalid filter was specified.\n"); else wprintf(L"Query failed to run. HRESULT: %x\n",hr); } else { wprintf(L"Could not execute query. Could not bind to the schema container.\n"); } if (pSchemaNC) pSchemaNC->Release(); } VariantClear(&var); } if (pObject) pObject->Release(); delete [] pszBuffer; delete [] szPath; // Uninitialize COM CoUninitialize(); return; }
HRESULT ExchangeAdmin::CreateExchangeMailBox(LPCWSTR lpwstrNewUser, LPCWSTR lpwstrNewUserPwd, LPCWSTR lpwstrlogonuser, LPCWSTR lpwstrLogonUsrPwd) { HRESULT hr = S_OK; // Get Logon user DN wstring LogonUserDN; wstring legacyName; wstring msExchHomeSvrName; Zimbra::MAPI::Util::GetUserDNAndLegacyName(m_strServer.c_str(), lpwstrlogonuser, lpwstrLogonUsrPwd, LogonUserDN, legacyName); Zimbra::MAPI::Util::GetmsExchHomeServerName(m_strServer.c_str(), lpwstrlogonuser, lpwstrLogonUsrPwd, msExchHomeSvrName); Zimbra::Util::ScopedInterface<IDirectoryObject> pLogonContainer; Zimbra::Util::ScopedInterface<IADsUser> pIAdUser; Zimbra::Util::ScopedInterface<IADs> pIAds; wstring strContainer = L"LDAP://"; strContainer += LogonUserDN.c_str(); dloge("strContainer %S msExchHomeSvrName: %S", strContainer.c_str(), msExchHomeSvrName.c_str()); // Get loggedin user container hr = ADsOpenObject(strContainer.c_str(), NULL, NULL, ADS_SECURE_AUTHENTICATION, IID_IDirectoryObject, (void **)pLogonContainer.getptr()); if (FAILED(hr)) { if (hr == 0x8007052e) // credentials are not valid { hr = ADsOpenObject((LPTSTR)strContainer.c_str(), lpwstrlogonuser, lpwstrLogonUsrPwd, ADS_SECURE_AUTHENTICATION, IID_IDirectoryObject, (void **)pLogonContainer.getptr()); if (FAILED(hr)||(pLogonContainer.get()==NULL)) throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): ADsOpenObject Failed.", ERR_ADOBJECT_OPEN, __LINE__, __FILE__); } else { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): ADsOpenObject Failed.", ERR_ADOBJECT_OPEN, __LINE__, __FILE__); } } ADS_ATTR_INFO *pAttrInfo = NULL; DWORD dwReturn; LPWSTR pAttrNames[] = { L"mail", L"homeMDB", L"homeMTA" }; DWORD dwNumAttr = sizeof (pAttrNames) / sizeof (LPWSTR); wstring strLogonHomeMDB; wstring strLogonHomeMTA; wstring strLogonMail; // Get attribute values requested. Its not necessary the order is same as requested. if (FAILED(hr = pLogonContainer->GetObjectAttributes(pAttrNames, dwNumAttr, &pAttrInfo, &dwReturn))) throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): GetObjectAttributes Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); for (DWORD idx = 0; idx < dwReturn; idx++) { if (_wcsicmp(pAttrInfo[idx].pszAttrName, L"mail") == 0) strLogonMail = pAttrInfo[idx].pADsValues->Email.Address; else if (_wcsicmp(pAttrInfo[idx].pszAttrName, L"homeMTA") == 0) strLogonHomeMTA = pAttrInfo[idx].pADsValues->DNString; else if (_wcsicmp(pAttrInfo[idx].pszAttrName, L"homeMDB") == 0) strLogonHomeMDB = pAttrInfo[idx].pADsValues->DNString; } // Use FreeADsMem for all memory obtained from the ADSI call. FreeADsMem(pAttrInfo); wstring twtsrlogonuserDN = LogonUserDN; size_t nPos = twtsrlogonuserDN.find(_T("DC="), 0); wstring wstrServerDN = twtsrlogonuserDN.substr(nPos); wstring wstrADSPath = _T("LDAP://CN=Users,") + wstrServerDN; ADSVALUE cnValue; ADSVALUE classValue; ADSVALUE sAMValue; ADSVALUE uPNValue; ADSVALUE controlValue; ADS_ATTR_INFO attrInfo[] = { { L"objectClass", ADS_ATTR_UPDATE, ADSTYPE_CASE_IGNORE_STRING, &classValue, 1 }, { L"cn", ADS_ATTR_UPDATE, ADSTYPE_CASE_IGNORE_STRING, &cnValue, 1 }, { L"sAMAccountName", ADS_ATTR_UPDATE, ADSTYPE_CASE_IGNORE_STRING, &sAMValue, 1 }, { L"userPrincipalName", ADS_ATTR_UPDATE, ADSTYPE_CASE_IGNORE_STRING, &uPNValue, 1 }, {L"userAccountControl", ADS_ATTR_UPDATE, ADSTYPE_INTEGER,&controlValue, 1}, }; DWORD dwAttrs = sizeof (attrInfo) / sizeof (ADS_ATTR_INFO); classValue.dwType = ADSTYPE_CASE_IGNORE_STRING; classValue.CaseIgnoreString = L"user"; //int UF_ACCOUNTDISABLE = 0x0002; int UF_PASSWD_NOTREQD = 0x0020; //int UF_PASSWD_CANT_CHANGE = 0x0040; int UF_NORMAL_ACCOUNT = 0x0200; int UF_DONT_EXPIRE_PASSWD = 0x10000; //int UF_PASSWORD_EXPIRED = 0x800000; controlValue.dwType = ADSTYPE_INTEGER; controlValue.Integer=UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD |UF_DONT_EXPIRE_PASSWD; cnValue.dwType = ADSTYPE_CASE_IGNORE_STRING; cnValue.CaseIgnoreString = (LPWSTR)lpwstrNewUser; sAMValue.dwType = ADSTYPE_CASE_IGNORE_STRING; sAMValue.CaseIgnoreString = (LPWSTR)lpwstrNewUser; wstring wstrMail; size_t nPosMail = strLogonMail.find(_T("@"), 0); wstrMail = strLogonMail.substr(nPosMail); wstrMail = lpwstrNewUser + wstrMail; LPWSTR upnval = (LPWSTR)wstrMail.c_str(); uPNValue.dwType = ADSTYPE_CASE_IGNORE_STRING; uPNValue.CaseIgnoreString = upnval; Zimbra::Util::ScopedInterface<IDirectoryObject> pDirContainer; Zimbra::Util::ScopedInterface<IDispatch> pDisp; Zimbra::Util::ScopedInterface<IADsUser> pIADNewUser; wstring wstrLoggedUserName(LogonUserDN); size_t snPos = 0; size_t enPos = 0; if ((snPos = wstrLoggedUserName.find(L"CN=")) != wstring::npos) { if ((enPos = wstrLoggedUserName.find(L",", snPos)) != wstring::npos) wstrLoggedUserName = wstrLoggedUserName.substr(snPos + 3, (enPos - (snPos + 3))); } // get dir container if (FAILED(hr = ADsOpenObject(wstrADSPath.c_str(), wstrLoggedUserName.c_str(), lpwstrLogonUsrPwd, ADS_SECURE_AUTHENTICATION, IID_IDirectoryObject, (void **)pDirContainer.getptr()))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): ADsOpenObject Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); wstring wstrUserCN = L"CN="; wstrUserCN += lpwstrNewUser; dloge("CreateDSObject: %S",wstrUserCN.c_str()); if (FAILED(hr = pDirContainer->CreateDSObject((LPWSTR)wstrUserCN.c_str(), attrInfo, dwAttrs, pDisp.getptr()))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): CreateDSObject Failed.", ERR_CREATE_EXCHMBX,__LINE__, __FILE__); if (FAILED(hr = pDisp->QueryInterface(IID_IADsUser, (void **)pIADNewUser.getptr()))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): QueryInterface Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); CComVariant varProp; varProp.Clear(); // set samAccount varProp = lpwstrNewUser; if (FAILED(hr = pIADNewUser->Put(CComBSTR(L"sAMAccountName"), varProp))) throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): Put(sAMAccountName) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); if(FAILED(hr = pIADNewUser->SetInfo())) throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): Put(sAMAccountName) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); // set userAccountControl varProp.Clear(); hr = pIADNewUser->Get(CComBSTR(L"userAccountControl"), &varProp); varProp = varProp.lVal & ~(ADS_UF_ACCOUNTDISABLE); if (FAILED(hr = pIADNewUser->Put(CComBSTR(L"userAccountControl"), varProp))) throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): Put(userAccountControl) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - Put(userAccountControl) Failed."); // set Account enabled if (FAILED(hr = pIADNewUser->put_AccountDisabled(VARIANT_FALSE))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): put_AccountDisabled Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - put_AccountDisabled Failed."); // set password if (FAILED(hr = pIADNewUser->SetPassword(CComBSTR(lpwstrNewUserPwd)))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): SetPassword Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - SetPassword Failed."); // user account password does not expire varProp.Clear(); VARIANT var; VariantInit(&var); if (!FAILED(hr = pIADNewUser->Get(CComBSTR(L"userAccountControl"), &var))) { V_I4(&var) |= ADS_UF_DONT_EXPIRE_PASSWD; if (FAILED(hr = pIADNewUser->Put(CComBSTR(L"userAccountControl"), var))) { throw ExchangeAdminException(hr,L"CreateExchangeMailBox(): Put(userAccountControl) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - userAccountControl Failed."); varProp.Clear(); // set the homeMDB; if (!strLogonHomeMDB.empty()) { varProp = strLogonHomeMDB.c_str(); if (FAILED(hr = pIADNewUser->Put(CComBSTR("homeMDB"), varProp))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(homeMDB) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - Put(homeMDB) Failed."); varProp.Clear(); if (!strLogonHomeMTA.empty()) { varProp = strLogonHomeMTA.c_str(); if (FAILED(hr = pIADNewUser->Put(CComBSTR("homeMTA"), varProp))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(homeMTA) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - Put(homeMTA) Failed."); varProp.Clear(); if (!msExchHomeSvrName.empty()) { varProp = msExchHomeSvrName.c_str(); if (FAILED(hr = pIADNewUser->Put(CComBSTR("msExchHomeServerName"), varProp))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(msExchHomeServerName) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - Put(msExchHomeServerName) Failed."); varProp.Clear(); varProp.Clear(); wstring newUsrLegacyName=legacyName; size_t nwpos=newUsrLegacyName.rfind(L"cn="); if(nwpos !=wstring::npos) { newUsrLegacyName = newUsrLegacyName.substr(0,nwpos); newUsrLegacyName += L"cn="; newUsrLegacyName += lpwstrNewUser; } if (!newUsrLegacyName.empty()) { varProp = newUsrLegacyName.c_str(); if (FAILED(hr = pIADNewUser->Put(CComBSTR("legacyExchangeDN"), varProp))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(legacyExchangeDN) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - Put(legacyExchangeDN) Failed."); // set nickname varProp.Clear(); varProp = lpwstrNewUser; if (FAILED(hr = pIADNewUser->Put(CComBSTR("mailNickname"), varProp))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(mailNickname) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - Put(mailNickname) Failed."); // set the displayName varProp.Clear(); varProp = lpwstrNewUser; if (FAILED(hr = pIADNewUser->Put(CComBSTR("displayName"), varProp))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(displayName) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - Put(displayName) Failed."); // set the mail atrribute varProp.Clear(); varProp = wstrMail.c_str(); if (FAILED(hr = pIADNewUser->Put(CComBSTR("mail"), varProp))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put(mail) Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - Put(mail) Failed."); // set email if (FAILED(hr = pIADNewUser->put_EmailAddress(CComBSTR(wstrMail.c_str())))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): put_EmailAddress Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - put_EmailAddress Failed."); varProp.Clear(); wstrMail=L"SMTP:"+wstrMail; varProp = wstrMail.c_str(); if (FAILED(hr = pIADNewUser->Put(CComBSTR("proxyAddresses"),varProp))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): proxyAddressess Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - proxyAddressess Failed."); // add to Domain Admins group BSTR bstrADSPath; if (FAILED(hr = pIADNewUser->get_ADsPath(&bstrADSPath))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): get_ADsPath Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); wstring wstrGroup = _T("LDAP://CN=Domain Admins,CN=Users,") + wstrServerDN; Zimbra::Util::ScopedInterface<IADsGroup> pGroup; if (FAILED(hr = ADsGetObject(wstrGroup.c_str(), IID_IADsGroup, (void **)pGroup.getptr()))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): ADsGetObject Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); if (FAILED(hr = ADsOpenObject(wstrGroup.c_str(), wstrLoggedUserName.c_str(), lpwstrLogonUsrPwd, ADS_SECURE_AUTHENTICATION, IID_IADsGroup, (void **)pGroup.getptr()))) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): ADsOpenObject Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); if (SUCCEEDED(hr = pGroup->Add(bstrADSPath))) { if (FAILED(hr = pGroup->SetInfo())) throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): pGroup SetInfo Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } else { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): pGroup Add Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } GUID guid; if(FAILED(hr = CoCreateGuid(&guid))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): CoCreateGuid Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } BYTE *str; hr = UuidToString((UUID *)&guid, (RPC_WSTR *)&str); if (hr != RPC_S_OK) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): UuidToString Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } varProp.Clear(); //BYTE bytArr[]="3429bb3084703348b8023e94fabf16ea"; PutBinaryIntoVariant(&varProp,str,16); RpcStringFree((RPC_WSTR *)&str); if (FAILED(hr = pIADNewUser->Put(CComBSTR("msExchMailboxGuid"), varProp))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put msExchMailboxGuid Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - msExchMailboxGuid Failed."); if (FAILED(hr = ADsOpenObject(strContainer.c_str(), NULL, NULL, ADS_SECURE_AUTHENTICATION, IID_IDirectoryObject, (void **)pIAdUser.getptr()))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): ADsOpenObject2 Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if (FAILED(hr = pIAdUser->QueryInterface(IID_IADs, (void**) pIAds.getptr()))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): pIAdUser->QueryInterface Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } varProp.Clear(); if( FAILED(hr= pIAds->Get(CComBSTR("msExchMailboxSecurityDescriptor"),&varProp))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Get msExchMailboxSecurityDescriptor Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if (FAILED(hr = pIADNewUser->Put(CComBSTR("msExchMailboxSecurityDescriptor"), varProp))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put msExchMailboxSecurityDescriptor Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - msExchMailboxSecurityDescriptor Failed."); varProp.Clear(); if( FAILED(hr=pIAds->Get(CComBSTR("msExchPoliciesIncluded"),&varProp))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Get msExchPoliciesIncluded Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if (FAILED(hr = pIADNewUser->Put(CComBSTR("msExchPoliciesIncluded"), varProp))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put msExchPoliciesIncluded Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - msExchPoliciesIncluded Failed."); varProp.Clear(); if( FAILED(hr= pIAds->Get(CComBSTR("msExchUserAccountControl"),&varProp))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Get msExchUserAccountControl Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if (FAILED(hr = pIADNewUser->Put(CComBSTR("msExchUserAccountControl"), varProp))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put msExchUserAccountControl Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - msExchUserAccountControl Failed."); varProp.Clear(); if(FAILED(hr = pIAds->GetEx(CComBSTR("showInAddressBook"), &varProp ))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Get showInAddressBook Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->Put(CComBSTR("showInAddressBook"), varProp))) { throw ExchangeAdminException(hr, L"CreateExchangeMailBox(): Put showInAddressBook Failed.", ERR_CREATE_EXCHMBX, __LINE__, __FILE__); } if(FAILED(hr = pIADNewUser->SetInfo())) ThrowSetInfoException(hr, L"SetInfo - showInAddressBook Failed."); return hr; }
BOOL RecursiveIsMember(IADsGroup * pADsGroup,LPWSTR pwszMemberGUID,LPWSTR pwszMemberPath, BOOL bVerbose, LPOLESTR pwszUser, LPOLESTR pwszPassword) { HRESULT hr = S_OK; // COM Result Code IADsMembers * pADsMembers = NULL; // Ptr to Members of the IADsGroup BOOL fContinue = TRUE; // Looping Variable IEnumVARIANT * pEnumVariant = NULL; // Ptr to the Enum variant IUnknown * pUnknown = NULL; // IUnknown for getting the ENUM initially VARIANT VariantArray[FETCH_NUM]; // Variant array for temp holding returned data ULONG ulElementsFetched = NULL; // Number of elements retrieved BSTR bsGroupPath = NULL; BOOL bRet = FALSE; if(!pADsGroup || !pwszMemberGUID || !pwszMemberPath) { return FALSE; } // Get the path of the object passed in hr = pADsGroup->get_ADsPath(&bsGroupPath); if (!SUCCEEDED(hr)) return hr; if (bVerbose) { WCHAR pwszOutput[2048]; wsprintf(pwszOutput,L"Checking the Group:\n\n%s\n\n for the member:\n\n%s\n\n",bsGroupPath,pwszMemberPath); PrintBanner(pwszOutput); } // Get an interface pointer to the IADsCollection of members hr = pADsGroup->Members(&pADsMembers); if (SUCCEEDED(hr)) { // Query the IADsCollection of members for a new ENUM Interface // Be aware that the enum comes back as an IUnknown * hr = pADsMembers->get__NewEnum(&pUnknown); if (SUCCEEDED(hr)) { // QI the IUnknown * for an IEnumVARIANT interface hr = pUnknown->QueryInterface(IID_IEnumVARIANT, (void **)&pEnumVariant); if (SUCCEEDED(hr)) { // While have not hit errors or end of data.... while (fContinue) { ulElementsFetched = 0; // Get a "batch" number of group members-number of rows specified by FETCH_NUM hr = ADsEnumerateNext(pEnumVariant, FETCH_NUM, VariantArray, &ulElementsFetched); if (ulElementsFetched ) { // Loop through the current batch-printing the path for each member. for (ULONG i = 0; i < ulElementsFetched; i++ ) { IDispatch * pDispatch = NULL; // ptr for holding dispath of element BSTR bstrCurrentPath = NULL; // Holds path of object BSTR bstrGuidCurrent = NULL; // Holds path of object IDirectoryObject * pIDOCurrent = NULL;// Holds the current object // Get the dispatch ptr for the variant pDispatch = VariantArray[i].pdispVal; // assert(HAS_BIT_STYLE(VariantArray[i].vt,VT_DISPATCH)); // Get the IADs interface for the "member" of this group hr = pDispatch->QueryInterface(IID_IDirectoryObject, (VOID **) &pIDOCurrent ) ; if (SUCCEEDED(hr)) { // Get the GUID for the current object hr = GetObjectGuid(pIDOCurrent,bstrGuidCurrent); if (FAILED(hr)) return hr; IADs * pIADsCurrent = NULL; // Retrieve the IADs Interface for the current object hr = pIDOCurrent->QueryInterface(IID_IADs,(void**)&pIADsCurrent); if (FAILED(hr)) return hr; // Get the ADsPath property for this member hr = pIADsCurrent->get_ADsPath(&bstrCurrentPath); if (SUCCEEDED(hr)) { if (bVerbose) wprintf(L"Comparing:\n\n%s\nWITH:\n%s\n\n",bstrGuidCurrent,pwszMemberGUID); // Verify that the member of this group is Equal to passed. if (_wcsicmp(bstrGuidCurrent,pwszMemberGUID)==0) { if (bVerbose) wprintf(L"!!!!!Object:\n\n%s\n\nIs a member of\n\n%s\n\n",pwszMemberPath,bstrGuidCurrent); bRet = TRUE; break; } else // Otherwise, bind to this and see if it is a group. { // If is it a group then the QI to IADsGroup succeeds IADsGroup * pIADsGroupAsMember = NULL; if (pwszUser) hr = ADsOpenObject( bstrCurrentPath, pwszUser, pwszPassword, ADS_SECURE_AUTHENTICATION, IID_IADsGroup, (void**) &pIADsGroupAsMember); else hr = ADsGetObject( bstrCurrentPath, IID_IADsGroup,(void **)&pIADsGroupAsMember); // If bind was completed, then this is a group. if (SUCCEEDED(hr)) { // Recursively call this group to verify this group. BOOL bRetRecurse; bRetRecurse = RecursiveIsMember(pIADsGroupAsMember,pwszMemberGUID,pwszMemberPath,bVerbose,pwszUser ,pwszPassword ); if (bRetRecurse) { bRet = TRUE; break; } pIADsGroupAsMember->Release(); pIADsGroupAsMember = NULL; } } SysFreeString(bstrCurrentPath); bstrCurrentPath = NULL; SysFreeString(bstrGuidCurrent); bstrGuidCurrent = NULL; } // Release pIDOCurrent->Release(); pIDOCurrent = NULL; if (pIADsCurrent) { pIADsCurrent->Release(); pIADsCurrent = NULL; } } } // Clear the variant array. memset(VariantArray, 0, sizeof(VARIANT)*FETCH_NUM); } else fContinue = FALSE; } pEnumVariant->Release(); pEnumVariant = NULL; } pUnknown->Release(); pUnknown = NULL; } pADsMembers ->Release(); pADsMembers = NULL; } // Free the group path if retrieved. if (bsGroupPath) { SysFreeString(bsGroupPath); bsGroupPath = NULL; } return bRet; }
LDAPAUTH_API BOOL CUGP(char * userin,char *password,char *machine, char * groupin,int locdom) { OSVERSIONINFO ovi = { sizeof ovi }; GetVersionEx( &ovi ); if (ovi.dwPlatformId == VER_PLATFORM_WIN32_NT && ovi.dwMajorVersion >= 5 ) { //Handle the command line arguments. LPOLESTR pszBuffer = new OLECHAR[MAX_PATH*2]; LPOLESTR pszBuffer2 = new OLECHAR[MAX_PATH*2]; LPOLESTR pszBuffer3 = new OLECHAR[MAX_PATH*2]; LPOLESTR pszBuffer4 = new OLECHAR[MAX_PATH*2]; mbstowcs( (wchar_t *) pszBuffer, userin, MAX_PATH ); mbstowcs( (wchar_t *) pszBuffer2, password, MAX_PATH ); mbstowcs( (wchar_t *) pszBuffer3, machine, MAX_PATH ); mbstowcs( (wchar_t *) pszBuffer4, groupin, MAX_PATH ); HRESULT hr = S_OK; //Get rootDSE and the domain container's DN. IADs *pObject = NULL; IADs *pObjectUser = NULL; IADs *pObjectGroup = NULL; IDirectorySearch *pDS = NULL; LPOLESTR szPath = new OLECHAR[MAX_PATH]; LPOLESTR myPath = new OLECHAR[MAX_PATH]; VARIANT var; wcscpy(szPath,L"LDAP://"); wcscat(szPath,L"rootDSE"); wprintf(szPath); wprintf(L"\n"); hr = ADsOpenObject(szPath, pszBuffer, pszBuffer2, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IADs, (void**)&pObject); if (FAILED(hr)) { wprintf(L"Bind to domain failed %i\n",hr); if (pObject) pObject->Release(); delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] pszBuffer4; delete [] szPath; delete [] myPath; return false; } hr = pObject->Get(L"defaultNamingContext",&var); if (SUCCEEDED(hr)) { wcscpy(szPath,L"LDAP://"); wcscat(szPath,var.bstrVal); VariantClear(&var); if (pObject) { pObject->Release(); pObject = NULL; } wprintf( szPath); wprintf(L"\n"); //Bind to the root of the current domain. hr = ADsOpenObject(szPath,pszBuffer,pszBuffer2, ADS_SECURE_AUTHENTICATION,IID_IDirectorySearch,(void**)&pDS); if (SUCCEEDED(hr)) { if (SUCCEEDED(hr)) { hr = FindUserByName(pDS, pszBuffer, &pObjectUser); if (FAILED(hr)) { wprintf(L"User not found %i\n",hr); delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] szPath; delete [] myPath; if (pDS) pDS->Release(); if (pObjectUser) pObjectUser->Release(); return false; } if (pObjectUser) pObjectUser->Release(); ///////////////////// VNCACCESS hr = FindGroup(pDS, pszBuffer, &pObjectGroup,pszBuffer4); if (pObjectGroup) { pObjectGroup->Release(); pObjectGroup = NULL; } if (FAILED(hr)) wprintf(L"group not found\n"); if (SUCCEEDED(hr)) { wprintf(L"Group found OK\n"); IADsGroup * pIADsG; hr = ADsOpenObject( gbsGroup,pszBuffer, pszBuffer2, ADS_SECURE_AUTHENTICATION,IID_IADsGroup, (void**) &pIADsG); if (SUCCEEDED(hr)) { VARIANT_BOOL bMember = FALSE; hr = pIADsG->IsMember(gbsMember,&bMember); if (SUCCEEDED(hr)) { if (bMember == -1) { wprintf(L"Object \n\n%s\n\n IS a member of the following Group:\n\n%s\n\n",gbsMember,gbsGroup); delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] szPath; delete [] myPath; if (pDS) pDS->Release(); return true; } else { BSTR bsMemberGUID = NULL; IDirectoryObject * pDOMember = NULL; hr = ADsOpenObject( gbsMember,pszBuffer, pszBuffer2, ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDOMember); if (SUCCEEDED(hr)) { hr = GetObjectGuid(pDOMember,bsMemberGUID); pDOMember->Release(); pDOMember = NULL; if (RecursiveIsMember(pIADsG,bsMemberGUID,gbsMember,true, pszBuffer, pszBuffer2)) { delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] szPath; delete [] myPath; if (pDS) pDS->Release(); return true; } } }//else bmember }//ismember }//iadsgroup }//Findgroup wprintf(L"USER not found in group\n"); }//user } if (pDS) pDS->Release(); } /*LOGFAILED(pszBuffer3,pszBuffer);*/ delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] szPath; delete [] myPath; return false; } return false; }
//---------------------------------------------------------------------------- // // GetDeletedObjectsContainer() // // Binds to the Deleted Object container. // //---------------------------------------------------------------------------- HRESULT GetDeletedObjectsContainer(IADsContainer **ppContainer) { if(NULL == ppContainer) { return E_INVALIDARG; } HRESULT hr; IADs *pRoot; *ppContainer = NULL; // Bind to the rootDSE object. hr = ADsOpenObject(L"LDAP://rootDSE", NULL, NULL, ADS_SECURE_AUTHENTICATION, IID_IADs, (LPVOID*)&pRoot); if(SUCCEEDED(hr)) { VARIANT var; VariantInit(&var); // Get the current domain DN. hr = pRoot->Get(L"defaultNamingContext", &var); if(SUCCEEDED(hr)) { // Build the binding string. LPWSTR pwszFormat = L"LDAP://<WKGUID=%s,%s>"; LPWSTR pwszPath; pwszPath = new WCHAR[wcslen(pwszFormat) + wcslen(GUID_DELETED_OBJECTS_CONTAINER_W) + wcslen(var.bstrVal)]; if(NULL != pwszPath) { swprintf(pwszPath, pwszFormat, GUID_DELETED_OBJECTS_CONTAINER_W, var.bstrVal); // Bind to the object. hr = ADsOpenObject(pwszPath, NULL, NULL, ADS_FAST_BIND | ADS_SECURE_AUTHENTICATION, IID_IADsContainer, (LPVOID*)ppContainer); delete pwszPath; } else { hr = E_OUTOFMEMORY; } VariantClear(&var); } pRoot->Release(); } return hr; }
HRESULT FindGroup(IDirectorySearch *pSearchBase, //Container to search LPOLESTR szFindUser, //Name of user to find. IADs **ppUser,LPOLESTR szGroup) //Return a pointer to the user { HRESULT hrObj = E_FAIL; HRESULT hr = E_FAIL; if ((!pSearchBase)||(!szFindUser)) return E_INVALIDARG; //Create search filter LPOLESTR pszSearchFilter = new OLECHAR[MAX_PATH]; LPOLESTR szADsPath = new OLECHAR[MAX_PATH]; wcscpy(pszSearchFilter, L"(&(objectClass=group)(cn="); wcscat(pszSearchFilter,szGroup); wcscat(pszSearchFilter, L"))"); //Search entire subtree from root. ADS_SEARCHPREF_INFO SearchPrefs; SearchPrefs.dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE; SearchPrefs.vValue.dwType = ADSTYPE_INTEGER; SearchPrefs.vValue.Integer = ADS_SCOPE_SUBTREE; DWORD dwNumPrefs = 1; // COL for iterations ADS_SEARCH_COLUMN col; // Handle used for searching ADS_SEARCH_HANDLE hSearch; // Set the search preference hr = pSearchBase->SetSearchPreference( &SearchPrefs, dwNumPrefs); if (FAILED(hr)) return hr; // Set attributes to return CONST DWORD dwAttrNameSize = 1; LPOLESTR pszAttribute[dwAttrNameSize] = {L"ADsPath"}; // Execute the search hr = pSearchBase->ExecuteSearch(pszSearchFilter, pszAttribute, dwAttrNameSize, &hSearch ); if (SUCCEEDED(hr)) { // Call IDirectorySearch::GetNextRow() to retrieve the next row //of data while( pSearchBase->GetNextRow( hSearch) != S_ADS_NOMORE_ROWS ) { // loop through the array of passed column names, // print the data for each column for (DWORD x = 0; x < dwAttrNameSize; x++) { // Get the data for this column hr = pSearchBase->GetColumn( hSearch, pszAttribute[x], &col ); if ( SUCCEEDED(hr) ) { // Print the data for the column and free the column // Note the attribute we asked for is type CaseIgnoreString. wcscpy(szADsPath, col.pADsValues->CaseIgnoreString); hr = ADsOpenObject(szADsPath, NULL, NULL, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IADs, (void**)ppUser); if (SUCCEEDED(hr)) { wprintf(L"%s: %s\r\n",pszAttribute[x],col.pADsValues->CaseIgnoreString); hrObj = S_OK; gbsGroup=SysAllocString(col.pADsValues->CaseIgnoreString); } pSearchBase->FreeColumn( &col ); } else hr = E_FAIL; } } // Close the search handle to clean up pSearchBase->CloseSearchHandle(hSearch); } if (FAILED(hrObj)) hr = hrObj; return hr; }
void wmain( int argc, wchar_t *argv[ ]) { //Handle the command line arguments. LPOLESTR pszBuffer = NULL; pszBuffer = new OLECHAR[MAX_PATH*2]; if(pszBuffer == NULL) goto ret; if (argv[1] == NULL) { wprintf(L"This program finds a user in the current Window 2000 domain\n"); wprintf(L"and displays its objectSid property in string form.\n"); wprintf(L"This program demonstrates reading a property of type octet string.\n\n"); wprintf(L"Enter Common Name of the user to find:"); if ( !_getws_s(pszBuffer, MAX_PATH*2)) { delete [] pszBuffer; wprintf(L"String exceeded buffer size.\n\n"); return; } } else if ( !wcscpy_s(pszBuffer, MAX_PATH*2, argv[1])) { delete [] pszBuffer; wprintf(L"String exceeded buffer size.\n\n"); return; } //if empty string, exit. if (0==wcscmp(L"", pszBuffer)) goto ret; wprintf(L"\nFinding user: %s...\n",pszBuffer); //Intialize COM CoInitialize(NULL); HRESULT hr = S_OK; //Get rootDSE and the domain container's DN. IADs *pObject = NULL; IDirectorySearch *pDS = NULL; LPOLESTR szPath = NULL; szPath = new OLECHAR[MAX_PATH]; if(szPath == NULL) goto ret; VARIANT var; hr = ADsOpenObject(L"LDAP://rootDSE", NULL, NULL, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IADs, (void**)&pObject); if (FAILED(hr)) { wprintf(L"Not Found. Could not bind to the domain.\n"); if (pObject) pObject->Release(); goto ret; } VariantInit(&var); hr = pObject->Get(L"defaultNamingContext",&var); if (SUCCEEDED(hr)) { wcscpy_s(szPath,MAX_PATH,L"LDAP://"); wcscat_s(szPath,MAX_PATH,var.bstrVal); VariantClear(&var); if (pObject) { pObject->Release(); pObject = NULL; } //Bind to the root of the current domain. hr = ADsOpenObject(szPath, NULL, NULL, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IDirectorySearch, (void**)&pDS); if (SUCCEEDED(hr)) { hr = FindUserByName(pDS, //Container to search pszBuffer, //Name of user to find. &pObject); //Return a pointer to the user if (SUCCEEDED(hr)) { //Get the objectSid property hr = pObject->Get(L"objectSid", &var); if (SUCCEEDED(hr)) { LPBYTE pByte = NULL; wprintf (L"----------------------------------------------\n"); wprintf (L"----------Call GetLPBYTEtoOctetString---------\n"); wprintf (L"----------------------------------------------\n"); hr = GetLPBYTEtoOctetString(&var, //IN. Pointer to variant containing the octetstring. &pByte //OUT. Return LPBYTE to the data represented in octetstring. ); PSID pObjectSID = (PSID)pByte; //Convert SID to string. LPOLESTR szSID = NULL; ConvertSidToStringSid(pObjectSID, &szSID); wprintf(L"objectSid:%s\n",szSID); LocalFree(szSID); //Free the buffer. CoTaskMemFree(pByte); } else wprintf(L"Get method failed with hr: %x\n",hr); VariantClear(&var); } else { wprintf(L"User \"%s\" not Found.\n",pszBuffer); wprintf (L"FindUserByName failed with the following HR: %x\n", hr); } if (pObject) pObject->Release(); } if (pDS) pDS->Release(); } ret: if(pszBuffer) delete pszBuffer; if(szPath) delete szPath; //Uninitalize COM CoUninitialize(); return; }
OperationDomainPaths::OperationDomainPaths(std::queue<std::wstring> & oArgList) : Operation(oArgList) { // exit if there are not enough arguments to parse std::vector<std::wstring> sSubArgs = ProcessAndCheckArgs(1, oArgList); // initialize com only static HRESULT hComInit = CoInitializeEx(NULL, COINIT_MULTITHREADED); if (hComInit != S_OK && hComInit != S_FALSE) { wprintf(L"ERROR: Could not initialize COM.\n"); exit(-1); } // find a domain controller for the specified domain PDOMAIN_CONTROLLER_INFO tDomainControllerInfo; if (DsGetDcName(NULL, sSubArgs[0].c_str(), NULL, NULL, DS_IS_FLAT_NAME | DS_RETURN_DNS_NAME | DS_TRY_NEXTCLOSEST_SITE | DS_FORCE_REDISCOVERY, &tDomainControllerInfo) != ERROR_SUCCESS) { wprintf(L"ERROR: Could not locate domain controller for domain '%s'\n", sSubArgs[0].c_str()); exit(-1); } // create a string std::wstring sPath = std::wstring(L"LDAP://") + (wcsrchr(tDomainControllerInfo->DomainControllerName, '\\') + 1); // grab the dns suffix for later use std::wstring sSuffix = tDomainControllerInfo->DomainName; NetApiBufferFree(tDomainControllerInfo); // bind to global catalog CComPtr<IDirectorySearch> oSearch; if (FAILED(ADsOpenObject(sPath.c_str(), NULL, NULL, ADS_SECURE_AUTHENTICATION, IID_IDirectorySearch, (void**)&oSearch))) { wprintf(L"ERROR: Could not establish search for domain '%s'\n", sSubArgs[0].c_str()); exit(-1); } // setup preferences to search entire tree ADS_SEARCHPREF_INFO SearchPref; SearchPref.dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE; SearchPref.vValue.dwType = ADSTYPE_INTEGER; SearchPref.vValue.Integer = ADS_SCOPE_SUBTREE; // set the search preference. if (FAILED(oSearch->SetSearchPreference(&SearchPref, 1))) { wprintf(L"ERROR: Could not set search preference for domain '%s'\n", sSubArgs[0].c_str()); exit(-1); } // create the search filter WCHAR sSearchFilter[] = L"(&(objectCategory=computer)(|(operatingSystem=*server*)(operatingSystem=*ontap*)(operatingSystem=*netapp*))" \ "(!(userAccountControl:1.2.840.113556.1.4.803:=8192))(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(msDS-isRODC=true)))"; // execute the search. LPWSTR sAttributes[] = { L"cn" }; ADS_SEARCH_HANDLE hSearch; if (FAILED(oSearch->ExecuteSearch(sSearchFilter, sAttributes, _countof(sAttributes), &hSearch))) { wprintf(L"ERROR: Could not execute search for domain '%s'\n", sSubArgs[0].c_str()); exit(-1); } // enumerate results std::vector<std::wstring> sServers; for (HRESULT hResult = oSearch->GetFirstRow(hSearch); hResult == S_OK; hResult = oSearch->GetNextRow(hSearch)) { // get the data from the column ADS_SEARCH_COLUMN oColumn; if (FAILED(oSearch->GetColumn(hSearch, sAttributes[0], &oColumn)) || oColumn.dwADsType != ADSTYPE_CASE_IGNORE_STRING) { continue; } // add the server to our list oArgList.push(L"/SharePaths"); oArgList.push(std::wstring(oColumn.pADsValues->CaseIgnoreString) + L"." + sSuffix + ((sSubArgs.size() == 2) ? (L":" + sSubArgs[1]) : L"")); // free the column. oSearch->FreeColumn(&oColumn); } // close search handle if (oSearch->CloseSearchHandle(hSearch) != NULL) { wprintf(L"ERROR: Could not close search for domain '%s'\n", sSubArgs[0].c_str()); exit(-1); } };
void wmain( int argc, wchar_t *argv[]) { //Handle the command line arguments. int maxAlloc = MAX_PATH*2; LPOLESTR pszBuffer = new OLECHAR[maxAlloc]; wcscpy_s(pszBuffer, maxAlloc, L""); BOOL bReturnVerbose = FALSE; for (int i = 1;i<argc;i++) { if (_wcsicmp(argv[i],L"/V") == 0) { bReturnVerbose = TRUE; } else if ((_wcsicmp(argv[i],L"/?") == 0)|| (_wcsicmp(argv[i],L"-?") == 0)) { wprintf(L"This program queries for users in the current user's domain.\n"); wprintf(L"Syntax: queryusers [/V][querystring]\n"); wprintf(L"where /V specifies that all properties for the found users should be returned.\n"); wprintf(L" querystring is the query criteria in ldap query format.\n"); wprintf(L"Defaults: If no /V is specified, the query returns only the RDN and DN of the items found.\n"); wprintf(L" If no querystring is specified, the query returns all users.\n"); wprintf(L"Example: queryusers (sn=Smith)\n"); wprintf(L"Returns all users with surname Smith.\n"); return; } else { if ( IS_BUFFER_ENOUGH(maxAlloc, pszBuffer, argv[i]) > 0 ) { wcscpy_s(pszBuffer,maxAlloc,argv[i]); } else { wprintf(L"Buffer is too small for the argument"); delete [] pszBuffer; return; } } } if (_wcsicmp(pszBuffer,L"") == 0) wprintf(L"\nFinding all user objects...\n\n"); else wprintf(L"\nFinding user objects based on query: %s...\n\n", pszBuffer); //Initialize COM CoInitialize(NULL); HRESULT hr = S_OK; //Get rootDSE and the current user's domain container DN. IADs *pObject = NULL; IDirectorySearch *pContainerToSearch = NULL; LPOLESTR szPath = new OLECHAR[MAX_PATH]; VARIANT var; hr = ADsOpenObject(L"LDAP://rootDSE", NULL, NULL, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IADs, (void**)&pObject); if (FAILED(hr)) { wprintf(L"Could not execute query. Could not bind to LDAP://rootDSE.\n"); if (pObject) pObject->Release(); delete [] pszBuffer; delete [] szPath; CoUninitialize(); return; } if (SUCCEEDED(hr)) { hr = pObject->Get(L"defaultNamingContext",&var); if (SUCCEEDED(hr)) { //Build path to the domain container. wcscpy_s(szPath,MAX_PATH,L"LDAP://"); if ( IS_BUFFER_ENOUGH(MAX_PATH, szPath, var.bstrVal) > 0 ) { wcscat_s(szPath,MAX_PATH,var.bstrVal); } else { wprintf(L"Buffer is too small for the domain DN"); delete [] pszBuffer; delete [] szPath; CoUninitialize(); return; } hr = ADsOpenObject(szPath, NULL, NULL, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IDirectorySearch, (void**)&pContainerToSearch); if (SUCCEEDED(hr)) { hr = FindUsers(pContainerToSearch, //IDirectorySearch pointer to Partitions container. pszBuffer, NULL, //Return all properties -1, // Return all properties bReturnVerbose ); if (SUCCEEDED(hr)) { if (S_FALSE==hr) wprintf(L"No user object could be found.\n"); } else if (0x8007203e==hr) wprintf(L"Could not execute query. An invalid filter was specified.\n"); else wprintf(L"Query failed to run. HRESULT: %x\n",hr); } else { wprintf(L"Could not execute query. Could not bind to the container.\n"); } if (pContainerToSearch) pContainerToSearch->Release(); } VariantClear(&var); } if (pObject) pObject->Release(); delete [] pszBuffer; delete [] szPath; // Uninitialize COM CoUninitialize(); return; }
/* Note: Using the UNICODE version of main(). this removes the need for the sample to include UNICODE-ANSI conversion routines */ void wmain( int argc, wchar_t *argv[ ]) { WCHAR pwszTemp[4096]; // We have now scanned PAST whitespace- so copy the string: wcscpy_s(pwszTemp,4096,L" A String"); Trim(pwszTemp); HRESULT hr; IDirectoryObject * pDirObjectContainer = NULL; IDirectoryObject * pDirObjRet = NULL; if (!ParseCommandLine(argc,argv)) return; // Initialize COM CoInitialize(0); // Bind to the container passed // If USER and PASS passed in, use ADsOpenObject() if (bsUSER) hr = ADsOpenObject(bsLDAP, bsUSER, bsPASS, ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDirObjectContainer); else hr = ADsGetObject( bsLDAP, IID_IDirectoryObject,(void **)&pDirObjectContainer); if (SUCCEEDED(hr)) { // if a file is NOT passed in- Do the simple version if (!bsFILE) { // Call the helper funtion to create the User hr = CreateUser(pDirObjectContainer, bsUNAME,bsSAMNAME, &pDirObjRet); } else // file was passed in { // Call the helper funtion to create the User hr = CreateUserFromFile(pDirObjectContainer, bsUNAME,bsSAMNAME, &pDirObjRet,bsFILE); } if (SUCCEEDED(hr)) { _putws(L"\n\n New User created with the following properties:\n"); IADs * pIADsNewGoup = NULL; // User succeeded- now get an IADs interface to it // and print some properties hr = pDirObjRet->QueryInterface(IID_IADs,(void**)&pIADsNewGoup); if (SUCCEEDED(hr)) { PrintIADSObject(pIADsNewGoup); pIADsNewGoup->Release(); pIADsNewGoup = NULL; } else CheckADHRESULT(hr,L"QueryInterface() - New User for IADs"); pDirObjRet->Release(); pDirObjRet = NULL; } else CheckADHRESULT(hr,L"CreateUser()"); pDirObjectContainer->Release(); pDirObjectContainer = NULL; } else if (bsUSER) CheckADHRESULT(hr,L"ADsOpenObject()"); else CheckADHRESULT(hr,L"ADsGetObject()"); if ( bsLDAP ) ::SysFreeString(bsLDAP); if ( bsUNAME ) ::SysFreeString(bsUNAME); if ( bsSAMNAME ) ::SysFreeString(bsSAMNAME); if ( bsFILE ) ::SysFreeString(bsFILE); if ( bsUSER ) ::SysFreeString(bsUSER); if ( bsPASS ) ::SysFreeString(bsPASS); CoUninitialize(); }
LDAPAUTHNT4_API BOOL CUGP(char * userin,char *password,char *machine,char *groupin,int locdom) { { //Handle the command line arguments. LPOLESTR pszBuffer = new OLECHAR[MAX_PATH*2]; LPOLESTR pszBuffer2 = new OLECHAR[MAX_PATH*2]; LPOLESTR pszBuffer3 = new OLECHAR[MAX_PATH*2]; LPOLESTR pszBuffer4 = new OLECHAR[MAX_PATH*2]; mbstowcs( (wchar_t *) pszBuffer, userin, MAX_PATH ); mbstowcs( (wchar_t *) pszBuffer2, password, MAX_PATH ); mbstowcs( (wchar_t *) pszBuffer3, machine, MAX_PATH ); mbstowcs( (wchar_t *) pszBuffer4, groupin, MAX_PATH ); HRESULT hr = S_OK; //Get rootDSE and the domain container's DN. IADs *pObject = NULL; IADs *pObjectUser = NULL; IADs *pObjectGroup = NULL; IDirectorySearch *pDS = NULL; LPOLESTR szPath = new OLECHAR[MAX_PATH]; LPOLESTR myPath = new OLECHAR[MAX_PATH]; VARIANT var; ////////////FIND SERVER NEEDED FOR NT4 DWORD dwRet; PDOMAIN_CONTROLLER_INFO pdci; dwRet = DsGetDcName(NULL, NULL, NULL, NULL , DS_PDC_REQUIRED, &pdci); if (ERROR_SUCCESS!=dwRet) { wprintf(L"PDC not found try a rediscover \n"); dwRet = DsGetDcName(NULL, NULL, NULL, NULL , DS_DIRECTORY_SERVICE_REQUIRED|DS_FORCE_REDISCOVERY, &pdci); if (ERROR_SUCCESS!=dwRet) { wprintf(L"PDC not found \n"); delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] pszBuffer4; delete [] szPath; delete [] myPath; return false; } } ////////////////////////////////////////// wcscpy(szPath,L"LDAP://"); wcscat(szPath,pdci->DomainControllerName+2); wcscat(szPath,L"/rootDSE"); wprintf(szPath); wprintf(L"\n"); hr = ADsOpenObject(szPath, pszBuffer, pszBuffer2, ADS_SECURE_AUTHENTICATION, //Use Secure Authentication IID_IADs, (void**)&pObject); if (FAILED(hr)) { bool result=false; delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] pszBuffer4; delete [] szPath; delete [] myPath; return result; } hr = pObject->Get(L"defaultNamingContext",&var); if (SUCCEEDED(hr)) { wcscpy(szPath,L"LDAP://"); wcscat(szPath,pdci->DomainControllerName+2); wcscat(szPath,L"/"); wcscat(szPath,var.bstrVal); VariantClear(&var); if (pObject) { pObject->Release(); pObject = NULL; } wprintf( szPath); wprintf(L"\n"); //Bind to the root of the current domain. hr = ADsOpenObject(szPath,pszBuffer,pszBuffer2, ADS_SECURE_AUTHENTICATION,IID_IDirectorySearch,(void**)&pDS); if (SUCCEEDED(hr)) { if (SUCCEEDED(hr)) { hr = FindUserByName(pDS, pszBuffer, &pObjectUser ); if (FAILED(hr)) { delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] pszBuffer4; delete [] szPath; delete [] myPath; if (pDS) pDS->Release(); if (pObjectUser) pObjectUser->Release(); return false; } if (pObjectUser) pObjectUser->Release(); ///////////////////// VNCACCESS hr = FindGroup(pDS, pszBuffer, &pObjectGroup,pszBuffer4); if (pObjectGroup) { pObjectGroup->Release(); pObjectGroup = NULL; } if (SUCCEEDED(hr)) { wprintf(L"FindGroup OK\n"); IADsGroup * pIADsG; hr = ADsOpenObject( gbsGroup,pszBuffer, pszBuffer2, ADS_SECURE_AUTHENTICATION,IID_IADsGroup, (void**) &pIADsG); if (SUCCEEDED(hr)) { VARIANT_BOOL bMember = FALSE; hr = pIADsG->IsMember(gbsMember,&bMember); if (SUCCEEDED(hr)) { if (bMember == -1) { wprintf(L"Object \n\n%s\n\n IS a member of the following Group:\n\n%s\n\n",gbsMember,gbsGroup); delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] pszBuffer4; delete [] szPath; delete [] myPath; if (pDS) pDS->Release(); return true; } else { BSTR bsMemberGUID = NULL; IDirectoryObject * pDOMember = NULL; hr = ADsOpenObject( gbsMember,pszBuffer, pszBuffer2, ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDOMember); if (SUCCEEDED(hr)) { hr = GetObjectGuid(pDOMember,bsMemberGUID); pDOMember->Release(); pDOMember = NULL; if (RecursiveIsMember(pIADsG,bsMemberGUID,gbsMember,true, pszBuffer, pszBuffer2)) { delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] pszBuffer4; delete [] szPath; delete [] myPath; if (pDS) pDS->Release(); return true; } } }//else bmember }//ismember }//iadsgroup }//Findgroup }//user } if (pDS) pDS->Release(); } delete [] pszBuffer; delete [] pszBuffer2; delete [] pszBuffer3; delete [] pszBuffer4; delete [] szPath; delete [] myPath; return false; } return false; }