static int smpd_build_spn_list()
{
HRESULT hr;
IDirectoryObject *pSCP = NULL;
ADS_ATTR_INFO *pPropEntries = NULL;
IDirectorySearch *pSearch = NULL;
ADS_SEARCH_HANDLE hSearch = NULL;
LPWSTR pszDN; /* distinguished name of SCP. */
LPWSTR pszServiceDNSName; /* service DNS name. */
LPWSTR pszClass; /* name of service class. */
USHORT usPort; /* service port. */
WCHAR pszSearchString[SMPD_MAX_NAME_LENGTH];
char temp_str[SMPD_MAX_NAME_LENGTH];
char temp_str2[SMPD_MAX_NAME_LENGTH];
smpd_host_spn_node_t *iter;
/* double t1, t2; */
static int initialized = 0;
if (initialized)
{
return SMPD_SUCCESS;
}
initialized = 1;
/* t1 = PMPI_Wtime(); */
CoInitialize(NULL);
/* Get an IDirectorySearch pointer for the Global Catalog. */
hr = GetGCSearch(&pSearch);
if (FAILED(hr) || pSearch == NULL)
{
smpd_err_printf("GetGC failed 0x%x\n", hr);
goto Cleanup;
}
/* Set up a deep search.
Thousands of objects are not expected in this example, therefore
query for 1000 rows per page.*/
ADS_SEARCHPREF_INFO SearchPref[2];
DWORD dwPref = sizeof(SearchPref)/sizeof(ADS_SEARCHPREF_INFO);
SearchPref[0].dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE;
SearchPref[0].vValue.dwType = ADSTYPE_INTEGER;
SearchPref[0].vValue.Integer = ADS_SCOPE_SUBTREE;
SearchPref[1].dwSearchPref = ADS_SEARCHPREF_PAGESIZE;
SearchPref[1].vValue.dwType = ADSTYPE_INTEGER;
SearchPref[1].vValue.Integer = 1000;
hr = pSearch->SetSearchPreference(SearchPref, dwPref);
if (FAILED(hr))
{
smpd_err_printf("Failed to set search prefs: hr:0x%x\n", hr);
goto Cleanup;
}
/* Execute the search. From the GC get the distinguished name
of the SCP. Use the DN to bind to the SCP and get the other
properties. */
LPWSTR rgszDN[] = {L"distinguishedName"};
/* Search for a match of the product GUID. */
swprintf(pszSearchString, L"keywords=%s", SMPD_SERVICE_VENDOR_GUIDW);
hr = pSearch->ExecuteSearch(pszSearchString, rgszDN, 1, &hSearch);
/*hr = pSearch->ExecuteSearch(L"keywords=5722fe5f-cf46-4594-af7c-0997ca2e9d72", rgszDN, 1, &hSearch);*/
if (FAILED(hr))
{
smpd_err_printf("ExecuteSearch failed: hr:0x%x\n", hr);
goto Cleanup;
}
/* Loop through the results. Each row should be an instance of the
service identified by the product GUID.
Add logic to select from multiple service instances. */
while (SUCCEEDED(hr = pSearch->GetNextRow(hSearch)))
{
if (hr == S_ADS_NOMORE_ROWS)
{
DWORD dwError = ERROR_SUCCESS;
WCHAR szError[512];
WCHAR szProvider[512];
ADsGetLastError(&dwError, szError, 512, szProvider, 512);
if (ERROR_MORE_DATA == dwError)
{
continue;
}
goto Cleanup;
}
ADS_SEARCH_COLUMN Col;
hr = pSearch->GetColumn(hSearch, L"distinguishedName", &Col);
pszDN = AllocADsStr(Col.pADsValues->CaseIgnoreString);
pSearch->FreeColumn(&Col);
/* Bind to the DN to get the other properties. */
LPWSTR lpszLDAPPrefix = L"LDAP://";
DWORD dwSCPPathLength = (DWORD)(wcslen(lpszLDAPPrefix) + wcslen(pszDN) + 1);
LPWSTR pwszSCPPath = (LPWSTR)malloc(sizeof(WCHAR) * dwSCPPathLength);
if (pwszSCPPath)
{
wcscpy(pwszSCPPath, lpszLDAPPrefix);
wcscat(pwszSCPPath, pszDN);
}
else
{
smpd_err_printf("Failed to allocate a buffer\n");
goto Cleanup;
}
/*wprintf(L"pszDN = %s\n", pszDN);*/
/*FreeADsStr(pszDN);*/
hr = ADsGetObject(pwszSCPPath, IID_IDirectoryObject, (void**)&pSCP);
free(pwszSCPPath);
if (SUCCEEDED(hr))
{
/* Properties to retrieve from the SCP object. */
LPWSTR rgszAttribs[]=
{
{L"serviceClassName"},
{L"serviceDNSName"},
/*{L"serviceDNSNameType"},*/
{L"serviceBindingInformation"}
};
DWORD dwAttrs = sizeof(rgszAttribs)/sizeof(LPWSTR);
DWORD dwNumAttrGot;
hr = pSCP->GetObjectAttributes(rgszAttribs, dwAttrs, &pPropEntries, &dwNumAttrGot);
if (FAILED(hr))
{
smpd_err_printf("GetObjectAttributes Failed. hr:0x%x\n", hr);
goto Cleanup;
}
pszServiceDNSName = NULL;
pszClass = NULL;
iter = (smpd_host_spn_node_t*)malloc(sizeof(smpd_host_spn_node_t));
if (iter == NULL)
{
smpd_err_printf("Unable to allocate memory to store an SPN entry.\n");
goto Cleanup;
}
iter->next = NULL;
iter->host[0] = '\0';
iter->spn[0] = '\0';
iter->dnshost[0] = '\0';
/* Loop through the entries returned by GetObjectAttributes
and save the values in the appropriate buffers. */
for (int i = 0; i < (LONG)dwAttrs; i++)
{
if ((wcscmp(L"serviceDNSName", pPropEntries[i].pszAttrName) == 0) &&
(pPropEntries[i].dwADsType == ADSTYPE_CASE_IGNORE_STRING))
{
pszServiceDNSName = AllocADsStr(pPropEntries[i].pADsValues->CaseIgnoreString);
/*wprintf(L"pszServiceDNSName = %s\n", pszServiceDNSName);*/
}
/*
if ((wcscmp(L"serviceDNSNameType", pPropEntries[i].pszAttrName) == 0) &&
(pPropEntries[i].dwADsType == ADSTYPE_CASE_IGNORE_STRING))
{
pszServiceDNSNameType = AllocADsStr(pPropEntries[i].pADsValues->CaseIgnoreString);
wprintf(L"pszServiceDNSNameType = %s\n", pszServiceDNSNameType);
}
*/
if ((wcscmp(L"serviceClassName", pPropEntries[i].pszAttrName) == 0) &&
(pPropEntries[i].dwADsType == ADSTYPE_CASE_IGNORE_STRING))
{
pszClass = AllocADsStr(pPropEntries[i].pADsValues->CaseIgnoreString);
/*wprintf(L"pszClass = %s\n", pszClass);*/
}
if ((wcscmp(L"serviceBindingInformation", pPropEntries[i].pszAttrName) == 0) &&
(pPropEntries[i].dwADsType == ADSTYPE_CASE_IGNORE_STRING))
{
usPort=(USHORT)_wtoi(pPropEntries[i].pADsValues->CaseIgnoreString);
/*wprintf(L"usPort = %d\n", usPort);*/
}
}
wcstombs(iter->dnshost, pszServiceDNSName, SMPD_MAX_NAME_LENGTH);
wcstombs(temp_str, pszClass, SMPD_MAX_NAME_LENGTH);
/*MPIU_Snprintf(iter->spn, SMPD_MAX_NAME_LENGTH, "%s/%s:%d", temp_str, iter->dnshost, usPort);*/
wcstombs(temp_str2, pszDN, SMPD_MAX_NAME_LENGTH);
MPIU_Snprintf(iter->spn, SMPD_MAX_NAME_LENGTH, "%s/%s/%s", temp_str, iter->dnshost, temp_str2);
MPIU_Strncpy(iter->host, iter->dnshost, SMPD_MAX_NAME_LENGTH);
strtok(iter->host, ".");
iter->next = spn_list;
spn_list = iter;
if (pszServiceDNSName != NULL)
{
FreeADsStr(pszServiceDNSName);
}
if (pszClass != NULL)
{
FreeADsStr(pszClass);
}
}
FreeADsStr(pszDN);
}
Cleanup:
/*
iter = spn_list;
while (iter != NULL)
{
printf("host : %s\n", iter->host);
printf("dnshost: %s\n", iter->dnshost);
printf("spn : %s\n", iter->spn);
iter = iter->next;
}
fflush(stdout);
*/
if (pSCP)
{
pSCP->Release();
pSCP = NULL;
}
if (pPropEntries)
{
FreeADsMem(pPropEntries);
pPropEntries = NULL;
}
if (pSearch)
{
if (hSearch)
{
pSearch->CloseSearchHandle(hSearch);
hSearch = NULL;
}
pSearch->Release();
pSearch = NULL;
}
CoUninitialize();
/* t2 = PMPI_Wtime();
smpd_dbg_printf("build_spn_list took %0.6f seconds\n", t2-t1);
*/
return SMPD_SUCCESS;
}
LDAPAUTH_API
BOOL CUGP(char * userin,char *password,char *machine, char * groupin,int locdom)
{
OSVERSIONINFO ovi = { sizeof ovi };
GetVersionEx( &ovi );
if (ovi.dwPlatformId == VER_PLATFORM_WIN32_NT &&
ovi.dwMajorVersion >= 5 )
{
//Handle the command line arguments.
LPOLESTR pszBuffer = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer2 = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer3 = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer4 = new OLECHAR[MAX_PATH*2];
mbstowcs( (wchar_t *) pszBuffer, userin, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer2, password, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer3, machine, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer4, groupin, MAX_PATH );
HRESULT hr = S_OK;
//Get rootDSE and the domain container's DN.
IADs *pObject = NULL;
IADs *pObjectUser = NULL;
IADs *pObjectGroup = NULL;
IDirectorySearch *pDS = NULL;
LPOLESTR szPath = new OLECHAR[MAX_PATH];
LPOLESTR myPath = new OLECHAR[MAX_PATH];
VARIANT var;
wcscpy(szPath,L"LDAP://");
wcscat(szPath,L"rootDSE");
wprintf(szPath);
wprintf(L"\n");
hr = ADsOpenObject(szPath,
pszBuffer,
pszBuffer2,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IADs,
(void**)&pObject);
if (FAILED(hr))
{
wprintf(L"Bind to domain failed %i\n",hr);
if (pObject) pObject->Release();
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
return false;
}
hr = pObject->Get(L"defaultNamingContext",&var);
if (SUCCEEDED(hr))
{
wcscpy(szPath,L"LDAP://");
wcscat(szPath,var.bstrVal);
VariantClear(&var);
if (pObject)
{
pObject->Release();
pObject = NULL;
}
wprintf( szPath);
wprintf(L"\n");
//Bind to the root of the current domain.
hr = ADsOpenObject(szPath,pszBuffer,pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IDirectorySearch,(void**)&pDS);
if (SUCCEEDED(hr))
{
if (SUCCEEDED(hr))
{
hr = FindUserByName(pDS, pszBuffer, &pObjectUser);
if (FAILED(hr))
{
wprintf(L"User not found %i\n",hr);
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
if (pObjectUser) pObjectUser->Release();
return false;
}
if (pObjectUser) pObjectUser->Release();
///////////////////// VNCACCESS
hr = FindGroup(pDS, pszBuffer, &pObjectGroup,pszBuffer4);
if (pObjectGroup)
{
pObjectGroup->Release();
pObjectGroup = NULL;
}
if (FAILED(hr)) wprintf(L"group not found\n");
if (SUCCEEDED(hr))
{
wprintf(L"Group found OK\n");
IADsGroup * pIADsG;
hr = ADsOpenObject( gbsGroup,pszBuffer, pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IADsGroup, (void**) &pIADsG);
if (SUCCEEDED(hr))
{
VARIANT_BOOL bMember = FALSE;
hr = pIADsG->IsMember(gbsMember,&bMember);
if (SUCCEEDED(hr))
{
if (bMember == -1)
{
wprintf(L"Object \n\n%s\n\n IS a member of the following Group:\n\n%s\n\n",gbsMember,gbsGroup);
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
return true;
}
else
{
BSTR bsMemberGUID = NULL;
IDirectoryObject * pDOMember = NULL;
hr = ADsOpenObject( gbsMember,pszBuffer, pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDOMember);
if (SUCCEEDED(hr))
{
hr = GetObjectGuid(pDOMember,bsMemberGUID);
pDOMember->Release();
pDOMember = NULL;
if (RecursiveIsMember(pIADsG,bsMemberGUID,gbsMember,true, pszBuffer, pszBuffer2))
{
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
return true;
}
}
}//else bmember
}//ismember
}//iadsgroup
}//Findgroup
wprintf(L"USER not found in group\n");
}//user
}
if (pDS) pDS->Release();
}
/*LOGFAILED(pszBuffer3,pszBuffer);*/
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] szPath;
delete [] myPath;
return false;
}
return false;
}
/* Note: Using the UNICODE version of main().
this removes the need for the sample to include
UNICODE-ANSI conversion routines
*/
void wmain( int argc, wchar_t *argv[ ])
{
WCHAR pwszTemp[4096];
// We have now scanned PAST whitespace- so copy the string:
wcscpy_s(pwszTemp,4096,L" A String");
Trim(pwszTemp);
HRESULT hr;
IDirectoryObject * pDirObjectContainer = NULL;
IDirectoryObject * pDirObjRet = NULL;
if (!ParseCommandLine(argc,argv))
return;
// Initialize COM
CoInitialize(0);
// Bind to the container passed
// If USER and PASS passed in, use ADsOpenObject()
if (bsUSER)
hr = ADsOpenObject(bsLDAP, bsUSER, bsPASS,
ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDirObjectContainer);
else
hr = ADsGetObject( bsLDAP, IID_IDirectoryObject,(void **)&pDirObjectContainer);
if (SUCCEEDED(hr))
{
// if a file is NOT passed in- Do the simple version
if (!bsFILE)
{
// Call the helper funtion to create the User
hr = CreateUser(pDirObjectContainer, bsUNAME,bsSAMNAME,
&pDirObjRet);
}
else // file was passed in
{
// Call the helper funtion to create the User
hr = CreateUserFromFile(pDirObjectContainer, bsUNAME,bsSAMNAME,
&pDirObjRet,bsFILE);
}
if (SUCCEEDED(hr))
{
_putws(L"\n\n New User created with the following properties:\n");
IADs * pIADsNewGoup = NULL;
// User succeeded- now get an IADs interface to it
// and print some properties
hr = pDirObjRet->QueryInterface(IID_IADs,(void**)&pIADsNewGoup);
if (SUCCEEDED(hr))
{
PrintIADSObject(pIADsNewGoup);
pIADsNewGoup->Release();
pIADsNewGoup = NULL;
}
else
CheckADHRESULT(hr,L"QueryInterface() - New User for IADs");
pDirObjRet->Release();
pDirObjRet = NULL;
}
else
CheckADHRESULT(hr,L"CreateUser()");
pDirObjectContainer->Release();
pDirObjectContainer = NULL;
}
else
if (bsUSER)
CheckADHRESULT(hr,L"ADsOpenObject()");
else
CheckADHRESULT(hr,L"ADsGetObject()");
if ( bsLDAP )
::SysFreeString(bsLDAP);
if ( bsUNAME )
::SysFreeString(bsUNAME);
if ( bsSAMNAME )
::SysFreeString(bsSAMNAME);
if ( bsFILE )
::SysFreeString(bsFILE);
if ( bsUSER )
::SysFreeString(bsUSER);
if ( bsPASS )
::SysFreeString(bsPASS);
CoUninitialize();
}
BOOL RecursiveIsMember(IADsGroup * pADsGroup,LPWSTR pwszMemberGUID,LPWSTR pwszMemberPath,
BOOL bVerbose, LPOLESTR pwszUser, LPOLESTR pwszPassword)
{
HRESULT hr = S_OK; // COM Result Code
IADsMembers * pADsMembers = NULL; // Ptr to Members of the IADsGroup
BOOL fContinue = TRUE; // Looping Variable
IEnumVARIANT * pEnumVariant = NULL; // Ptr to the Enum variant
IUnknown * pUnknown = NULL; // IUnknown for getting the ENUM initially
VARIANT VariantArray[FETCH_NUM]; // Variant array for temp holding returned data
ULONG ulElementsFetched = NULL; // Number of elements retrieved
BSTR bsGroupPath = NULL;
BOOL bRet = FALSE;
if(!pADsGroup || !pwszMemberGUID || !pwszMemberPath)
{
return FALSE;
}
// Get the path of the object passed in
hr = pADsGroup->get_ADsPath(&bsGroupPath);
if (!SUCCEEDED(hr))
return hr;
if (bVerbose)
{
WCHAR pwszOutput[2048];
wsprintf(pwszOutput,L"Checking the Group:\n\n%s\n\n for the member:\n\n%s\n\n",bsGroupPath,pwszMemberPath);
PrintBanner(pwszOutput);
}
// Get an interface pointer to the IADsCollection of members
hr = pADsGroup->Members(&pADsMembers);
if (SUCCEEDED(hr))
{
// Query the IADsCollection of members for a new ENUM Interface
// Be aware that the enum comes back as an IUnknown *
hr = pADsMembers->get__NewEnum(&pUnknown);
if (SUCCEEDED(hr))
{
// QI the IUnknown * for an IEnumVARIANT interface
hr = pUnknown->QueryInterface(IID_IEnumVARIANT, (void **)&pEnumVariant);
if (SUCCEEDED(hr))
{
// While have not hit errors or end of data....
while (fContinue)
{
ulElementsFetched = 0;
// Get a "batch" number of group members-number of rows specified by FETCH_NUM
hr = ADsEnumerateNext(pEnumVariant, FETCH_NUM, VariantArray, &ulElementsFetched);
if (ulElementsFetched )
{
// Loop through the current batch-printing the path for each member.
for (ULONG i = 0; i < ulElementsFetched; i++ )
{
IDispatch * pDispatch = NULL; // ptr for holding dispath of element
BSTR bstrCurrentPath = NULL; // Holds path of object
BSTR bstrGuidCurrent = NULL; // Holds path of object
IDirectoryObject * pIDOCurrent = NULL;// Holds the current object
// Get the dispatch ptr for the variant
pDispatch = VariantArray[i].pdispVal;
// assert(HAS_BIT_STYLE(VariantArray[i].vt,VT_DISPATCH));
// Get the IADs interface for the "member" of this group
hr = pDispatch->QueryInterface(IID_IDirectoryObject,
(VOID **) &pIDOCurrent ) ;
if (SUCCEEDED(hr))
{
// Get the GUID for the current object
hr = GetObjectGuid(pIDOCurrent,bstrGuidCurrent);
if (FAILED(hr))
return hr;
IADs * pIADsCurrent = NULL;
// Retrieve the IADs Interface for the current object
hr = pIDOCurrent->QueryInterface(IID_IADs,(void**)&pIADsCurrent);
if (FAILED(hr))
return hr;
// Get the ADsPath property for this member
hr = pIADsCurrent->get_ADsPath(&bstrCurrentPath);
if (SUCCEEDED(hr))
{
if (bVerbose)
wprintf(L"Comparing:\n\n%s\nWITH:\n%s\n\n",bstrGuidCurrent,pwszMemberGUID);
// Verify that the member of this group is Equal to passed.
if (_wcsicmp(bstrGuidCurrent,pwszMemberGUID)==0)
{
if (bVerbose)
wprintf(L"!!!!!Object:\n\n%s\n\nIs a member of\n\n%s\n\n",pwszMemberPath,bstrGuidCurrent);
bRet = TRUE;
break;
}
else // Otherwise, bind to this and see if it is a group.
{ // If is it a group then the QI to IADsGroup succeeds
IADsGroup * pIADsGroupAsMember = NULL;
if (pwszUser)
hr = ADsOpenObject( bstrCurrentPath,
pwszUser,
pwszPassword,
ADS_SECURE_AUTHENTICATION,
IID_IADsGroup,
(void**) &pIADsGroupAsMember);
else
hr = ADsGetObject( bstrCurrentPath, IID_IADsGroup,(void **)&pIADsGroupAsMember);
// If bind was completed, then this is a group.
if (SUCCEEDED(hr))
{
// Recursively call this group to verify this group.
BOOL bRetRecurse;
bRetRecurse = RecursiveIsMember(pIADsGroupAsMember,pwszMemberGUID,pwszMemberPath,bVerbose,pwszUser ,pwszPassword );
if (bRetRecurse)
{
bRet = TRUE;
break;
}
pIADsGroupAsMember->Release();
pIADsGroupAsMember = NULL;
}
}
SysFreeString(bstrCurrentPath);
bstrCurrentPath = NULL;
SysFreeString(bstrGuidCurrent);
bstrGuidCurrent = NULL;
}
// Release
pIDOCurrent->Release();
pIDOCurrent = NULL;
if (pIADsCurrent)
{
pIADsCurrent->Release();
pIADsCurrent = NULL;
}
}
}
// Clear the variant array.
memset(VariantArray, 0, sizeof(VARIANT)*FETCH_NUM);
}
else
fContinue = FALSE;
}
pEnumVariant->Release();
pEnumVariant = NULL;
}
pUnknown->Release();
pUnknown = NULL;
}
pADsMembers ->Release();
pADsMembers = NULL;
}
// Free the group path if retrieved.
if (bsGroupPath)
{
SysFreeString(bsGroupPath);
bsGroupPath = NULL;
}
return bRet;
}
LDAPAUTHNT4_API
BOOL CUGP(char * userin,char *password,char *machine,char *groupin,int locdom)
{
{
//Handle the command line arguments.
LPOLESTR pszBuffer = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer2 = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer3 = new OLECHAR[MAX_PATH*2];
LPOLESTR pszBuffer4 = new OLECHAR[MAX_PATH*2];
mbstowcs( (wchar_t *) pszBuffer, userin, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer2, password, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer3, machine, MAX_PATH );
mbstowcs( (wchar_t *) pszBuffer4, groupin, MAX_PATH );
HRESULT hr = S_OK;
//Get rootDSE and the domain container's DN.
IADs *pObject = NULL;
IADs *pObjectUser = NULL;
IADs *pObjectGroup = NULL;
IDirectorySearch *pDS = NULL;
LPOLESTR szPath = new OLECHAR[MAX_PATH];
LPOLESTR myPath = new OLECHAR[MAX_PATH];
VARIANT var;
////////////FIND SERVER NEEDED FOR NT4
DWORD dwRet;
PDOMAIN_CONTROLLER_INFO pdci;
dwRet = DsGetDcName(NULL, NULL, NULL, NULL , DS_PDC_REQUIRED, &pdci);
if (ERROR_SUCCESS!=dwRet)
{
wprintf(L"PDC not found try a rediscover \n");
dwRet = DsGetDcName(NULL, NULL, NULL, NULL , DS_DIRECTORY_SERVICE_REQUIRED|DS_FORCE_REDISCOVERY, &pdci);
if (ERROR_SUCCESS!=dwRet)
{
wprintf(L"PDC not found \n");
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
return false;
}
}
//////////////////////////////////////////
wcscpy(szPath,L"LDAP://");
wcscat(szPath,pdci->DomainControllerName+2);
wcscat(szPath,L"/rootDSE");
wprintf(szPath);
wprintf(L"\n");
hr = ADsOpenObject(szPath,
pszBuffer,
pszBuffer2,
ADS_SECURE_AUTHENTICATION, //Use Secure Authentication
IID_IADs,
(void**)&pObject);
if (FAILED(hr))
{
bool result=false;
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
return result;
}
hr = pObject->Get(L"defaultNamingContext",&var);
if (SUCCEEDED(hr))
{
wcscpy(szPath,L"LDAP://");
wcscat(szPath,pdci->DomainControllerName+2);
wcscat(szPath,L"/");
wcscat(szPath,var.bstrVal);
VariantClear(&var);
if (pObject)
{
pObject->Release();
pObject = NULL;
}
wprintf( szPath);
wprintf(L"\n");
//Bind to the root of the current domain.
hr = ADsOpenObject(szPath,pszBuffer,pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IDirectorySearch,(void**)&pDS);
if (SUCCEEDED(hr))
{
if (SUCCEEDED(hr))
{
hr = FindUserByName(pDS, pszBuffer, &pObjectUser );
if (FAILED(hr))
{
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
if (pObjectUser) pObjectUser->Release();
return false;
}
if (pObjectUser) pObjectUser->Release();
///////////////////// VNCACCESS
hr = FindGroup(pDS, pszBuffer, &pObjectGroup,pszBuffer4);
if (pObjectGroup)
{
pObjectGroup->Release();
pObjectGroup = NULL;
}
if (SUCCEEDED(hr))
{
wprintf(L"FindGroup OK\n");
IADsGroup * pIADsG;
hr = ADsOpenObject( gbsGroup,pszBuffer, pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IADsGroup, (void**) &pIADsG);
if (SUCCEEDED(hr))
{
VARIANT_BOOL bMember = FALSE;
hr = pIADsG->IsMember(gbsMember,&bMember);
if (SUCCEEDED(hr))
{
if (bMember == -1)
{
wprintf(L"Object \n\n%s\n\n IS a member of the following Group:\n\n%s\n\n",gbsMember,gbsGroup);
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
return true;
}
else
{
BSTR bsMemberGUID = NULL;
IDirectoryObject * pDOMember = NULL;
hr = ADsOpenObject( gbsMember,pszBuffer, pszBuffer2,
ADS_SECURE_AUTHENTICATION,IID_IDirectoryObject, (void**) &pDOMember);
if (SUCCEEDED(hr))
{
hr = GetObjectGuid(pDOMember,bsMemberGUID);
pDOMember->Release();
pDOMember = NULL;
if (RecursiveIsMember(pIADsG,bsMemberGUID,gbsMember,true, pszBuffer, pszBuffer2))
{
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
if (pDS) pDS->Release();
return true;
}
}
}//else bmember
}//ismember
}//iadsgroup
}//Findgroup
}//user
}
if (pDS) pDS->Release();
}
delete [] pszBuffer;
delete [] pszBuffer2;
delete [] pszBuffer3;
delete [] pszBuffer4;
delete [] szPath;
delete [] myPath;
return false;
}
return false;
}
