DWORD
DeletePassword(
PCSTR pSmbdPath
)
{
DWORD error = 0;
PLSA_PSTORE_PLUGIN_DISPATCH pDispatch = NULL;
PLSA_PSTORE_PLUGIN_CONTEXT pContext = NULL;
PSTR pSecretsPath = NULL;
LW_HANDLE hLsa = NULL;
PLSA_MACHINE_ACCOUNT_INFO_A pAccountInfo = NULL;
HANDLE hReg = NULL;
error = LwRegOpenServer(&hReg);
BAIL_ON_LSA_ERROR(error);
// Even though this was set during the install process, we'll try setting
// it again. This way if the user calls uninstall without calling install
// first, they won't get an error.
error = GetSecretsPath(
pSmbdPath,
&pSecretsPath);
BAIL_ON_LSA_ERROR(error);
error = LsaOpenServer(
&hLsa);
if (error)
{
LW_RTL_LOG_ERROR("Unable to contact lsassd");
}
BAIL_ON_LSA_ERROR(error);
error = LsaAdGetMachineAccountInfo(
hLsa,
NULL,
&pAccountInfo);
BAIL_ON_LSA_ERROR(error);
error = RegUtilAddKey(
hReg,
LSA_PSTORE_REG_ROOT_KEY_PATH,
NULL,
LSA_PSTORE_REG_ROOT_KEY_RELATIVE_PATH_PLUGINS "\\" PLUGIN_NAME);
BAIL_ON_LSA_ERROR(error);
error = RegUtilSetValue(
hReg,
LSA_PSTORE_REG_ROOT_KEY_PATH,
NULL,
LSA_PSTORE_REG_ROOT_KEY_RELATIVE_PATH_PLUGINS "\\" PLUGIN_NAME,
"SecretsPath",
REG_SZ,
pSecretsPath,
strlen(pSecretsPath));
BAIL_ON_LSA_ERROR(error);
error = RemoveSambaLoadPath(hReg);
BAIL_ON_LSA_ERROR(error);
error = LsaPstorePluginInitializeContext(
LSA_PSTORE_PLUGIN_VERSION,
PLUGIN_NAME,
&pDispatch,
&pContext);
BAIL_ON_LSA_ERROR(error);
error = pDispatch->DeletePasswordInfoA(
pContext,
pAccountInfo);
BAIL_ON_LSA_ERROR(error);
cleanup:
if (pContext)
{
pDispatch->Cleanup(pContext);
}
if (hReg != NULL)
{
LwRegCloseServer(hReg);
}
if (hLsa != NULL)
{
LsaCloseServer(hLsa);
}
if (pAccountInfo != NULL)
{
LsaAdFreeMachineAccountInfo(pAccountInfo);
}
return error;
}
static
DWORD
LsaPstorepGetPluginPath(
IN PCSTR pszName,
OUT PSTR* ppszPath
)
{
DWORD dwError = 0;
int EE = 0;
HANDLE registryConnection = NULL;
HKEY keyHandle = NULL;
PSTR pszKeyPath = NULL;
PSTR pszPath = NULL;
dwError = LwNtStatusToWin32Error(LwRtlCStringAllocatePrintf(
&pszKeyPath,
"%s\\%s",
LSA_PSTORE_REG_KEY_PATH_PLUGINS,
pszName));
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
dwError = LwRegOpenServer(®istryConnection);
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
dwError = LwRegOpenKeyExA(
registryConnection,
NULL,
pszKeyPath,
0,
GENERIC_READ,
&keyHandle);
if (dwError == LWREG_ERROR_NO_SUCH_KEY_OR_VALUE)
{
LW_RTL_LOG_ERROR("LSA pstore plugin '%s' is missing its configuration registry key '%s'",
pszName, pszKeyPath);
dwError = ERROR_DLL_INIT_FAILED;
GOTO_CLEANUP_EE(EE);
}
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
dwError = LsaPstorepRegGetStringA(
registryConnection,
keyHandle,
LSA_PSTORE_REG_VALUE_NAME_PLUGINS_PATH,
&pszPath);
if (dwError == LWREG_ERROR_NO_SUCH_KEY_OR_VALUE)
{
LW_RTL_LOG_ERROR("LSA pstore plugin '%s' is missing the '%s' configuration value from its configuration registry key '%s'",
pszName, LSA_PSTORE_REG_VALUE_NAME_PLUGINS_PATH, pszKeyPath);
dwError = ERROR_DLL_INIT_FAILED;
GOTO_CLEANUP_EE(EE);
}
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
cleanup:
if (dwError)
{
LSA_PSTORE_FREE(&pszPath);
}
if (keyHandle)
{
LwRegCloseKey(registryConnection, keyHandle);
}
if (registryConnection)
{
LwRegCloseServer(registryConnection);
}
LSA_PSTORE_FREE(&pszKeyPath);
*ppszPath = pszPath;
LSA_PSTORE_LOG_LEAVE_ERROR_EE(dwError, EE);
return dwError;
}
DWORD
SynchronizePassword(
PCSTR pSmbdPath
)
{
DWORD error = 0;
PSTR pSecretsPath = NULL;
LW_HANDLE hLsa = NULL;
PLSA_MACHINE_PASSWORD_INFO_A pPasswordInfo = NULL;
PLSA_PSTORE_PLUGIN_DISPATCH pDispatch = NULL;
PLSA_PSTORE_PLUGIN_CONTEXT pContext = NULL;
HANDLE hReg = NULL;
error = LwRegOpenServer(&hReg);
BAIL_ON_LSA_ERROR(error);
error = GetSecretsPath(
pSmbdPath,
&pSecretsPath);
BAIL_ON_LSA_ERROR(error);
error = RegUtilAddKey(
hReg,
LSA_PSTORE_REG_ROOT_KEY_PATH,
NULL,
LSA_PSTORE_REG_ROOT_KEY_RELATIVE_PATH_PLUGINS "\\" PLUGIN_NAME);
BAIL_ON_LSA_ERROR(error);
error = RegUtilSetValue(
hReg,
LSA_PSTORE_REG_ROOT_KEY_PATH,
NULL,
LSA_PSTORE_REG_ROOT_KEY_RELATIVE_PATH_PLUGINS "\\" PLUGIN_NAME,
"SecretsPath",
REG_SZ,
pSecretsPath,
strlen(pSecretsPath));
BAIL_ON_LSA_ERROR(error);
error = RegUtilSetValue(
hReg,
HKEY_THIS_MACHINE,
NULL,
LSA_PSTORE_REG_ROOT_KEY_RELATIVE_PATH_PLUGINS "\\" PLUGIN_NAME,
"Path",
REG_SZ,
PLUGIN_PATH,
strlen(PLUGIN_PATH));
BAIL_ON_LSA_ERROR(error);
error = AddSambaLoadPath(hReg);
BAIL_ON_LSA_ERROR(error);
error = LsaOpenServer(
&hLsa);
if (error)
{
LW_RTL_LOG_ERROR("Unable to contact lsassd");
}
BAIL_ON_LSA_ERROR(error);
error = LsaAdGetMachinePasswordInfo(
hLsa,
NULL,
&pPasswordInfo);
if (error == NERR_SetupNotJoined)
{
LW_RTL_LOG_ERROR("Unable to write machine password in secrets.tdb because PowerBroker Identity Services is not joined. The password will be written to secrets.tdb on the next successful join attempt");
error = 0;
}
else
{
BAIL_ON_LSA_ERROR(error);
error = LsaPstorePluginInitializeContext(
LSA_PSTORE_PLUGIN_VERSION,
PLUGIN_NAME,
&pDispatch,
&pContext);
BAIL_ON_LSA_ERROR(error);
error = pDispatch->SetPasswordInfoA(
pContext,
pPasswordInfo);
BAIL_ON_LSA_ERROR(error);
}
cleanup:
LW_SAFE_FREE_STRING(pSecretsPath);
if (hLsa != NULL)
{
LsaCloseServer(hLsa);
}
if (hReg != NULL)
{
LwRegCloseServer(hReg);
}
if (pPasswordInfo != NULL)
{
LsaAdFreeMachinePasswordInfo(pPasswordInfo);
}
if (pContext)
{
pDispatch->Cleanup(pContext);
}
return error;
}
