DWORD VmAuthsvcConfigSetAdminCredentials( PCSTR pszUserDN, PCSTR pszPassword ) { DWORD dwError = 0; PCSTR pszParamsKeyPath = VMAUTHSVC_CONFIG_PARAMETER_KEY_PATH; PCSTR pszValueAdminDN = VMAUTHSVC_REG_KEY_ADMIN_DN; PCSTR pszCredsKeyPath = VMAUTHSVC_CONFIG_CREDS_KEY_PATH; PCSTR pszValueAdminPassword = VMAUTHSVC_REG_KEY_ADMIN_PASSWD; HANDLE hConnection = NULL; if (IsNullOrEmptyString(pszUserDN) || !pszPassword) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAUTHSVC_ERROR(dwError); } dwError = RegOpenServer(&hConnection); BAIL_ON_VMAUTHSVC_ERROR(dwError); dwError = RegUtilSetValue( hConnection, HKEY_THIS_MACHINE, pszParamsKeyPath, NULL, pszValueAdminDN, REG_SZ, (PVOID)pszUserDN, VmAuthsvcStringLenA(pszUserDN)); BAIL_ON_VMAUTHSVC_ERROR(dwError); dwError = RegUtilSetValue( hConnection, HKEY_THIS_MACHINE, pszCredsKeyPath, NULL, pszValueAdminPassword, REG_SZ, (PVOID)pszPassword, VmAuthsvcStringLenA(pszPassword)); BAIL_ON_VMAUTHSVC_ERROR(dwError); error: if (hConnection) { RegCloseServer(hConnection); } return dwError; }
DWORD LwCASetRegKeyValue( PCSTR pszConfigParamKeyPath, PCSTR pszKey, PSTR pszValue, size_t valueLen ) { DWORD dwError = 0; if (IsNullOrEmptyString(pszConfigParamKeyPath) || IsNullOrEmptyString(pszKey)) { dwError = LWCA_ERROR_INVALID_PARAMETER; BAIL_ON_LWCA_ERROR(dwError); } dwError = RegUtilSetValue( NULL, HKEY_THIS_MACHINE, pszConfigParamKeyPath, NULL, pszKey, REG_SZ, (PVOID)pszValue, valueLen); BAIL_ON_LWCA_ERROR(dwError); cleanup: return dwError; error: goto cleanup; }
DWORD LwpsLegacySetJoinedDomainTrustEnumerationWaitTime( IN PLWPS_LEGACY_STATE pContext, IN OPTIONAL PCSTR pszDomainName ) { DWORD dwError = 0; int EE = 0; PSTR pszRegistryPath = NULL; DWORD dwValue = 0; if (pszDomainName) { dwError = LwAllocateStringPrintf( &pszRegistryPath, "%s\\%s", PSTOREDB_REGISTRY_AD_KEY, pszDomainName); GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE); dwError = RegUtilSetValue( pContext->hReg, HKEY_THIS_MACHINE, pszRegistryPath, NULL, PSTOREDB_REGISTRY_TRUSTENUMERATIONWAIT_VALUE, REG_DWORD, (PVOID)&dwValue, sizeof(dwValue)); GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE); dwError = RegUtilSetValue( pContext->hReg, HKEY_THIS_MACHINE, pszRegistryPath, NULL, PSTOREDB_REGISTRY_TRUSTENUMERATIONWAITSECONDS_VALUE, REG_DWORD, (PVOID)&dwValue, sizeof(dwValue)); GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE); } cleanup: LSA_PSTORE_LOG_LEAVE_ERROR_EE(dwError, EE); return dwError; }
DWORD VmDirConfigSetDefaultSiteandLduGuid( PCSTR pszDefaultSiteGuid, PCSTR pszDefaultLduGuid ) #ifndef _WIN32 { DWORD dwError = 0; if (IsNullOrEmptyString(pszDefaultSiteGuid) || IsNullOrEmptyString(pszDefaultLduGuid)) { dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMDIR_ERROR(dwError); } dwError = RegUtilSetValue( NULL, HKEY_THIS_MACHINE, VMDIR_CONFIG_PARAMETER_KEY_PATH, NULL, VMDIR_REG_KEY_SITE_GUID, REG_SZ, (PVOID)pszDefaultSiteGuid, VmDirStringLenA(pszDefaultSiteGuid)+1); BAIL_ON_VMDIR_ERROR(dwError); dwError = RegUtilSetValue( NULL, HKEY_THIS_MACHINE, VMDIR_CONFIG_PARAMETER_KEY_PATH, NULL, VMDIR_REG_KEY_LDU_GUID, REG_SZ, (PVOID)pszDefaultLduGuid, VmDirStringLenA(pszDefaultLduGuid)+1); BAIL_ON_VMDIR_ERROR(dwError); cleanup: return dwError; error: VmDirLog(LDAP_DEBUG_ANY, "VmDirConfigSetDefaultSiteandLduGuid failed with error (%u)", dwError); goto cleanup; }
DWORD LwpsLegacySetDefaultJoinedDomain( IN PLWPS_LEGACY_STATE pContext, IN OPTIONAL PCSTR pszDomainName ) { DWORD dwError = 0; int EE = 0; if (pszDomainName) { dwError = LwpsLegacyReadPassword( pContext, pszDomainName, NULL); GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE); dwError = RegUtilAddKey( pContext->hReg, HKEY_THIS_MACHINE, PSTOREDB_REGISTRY_AD_KEY, NULL); GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE); dwError = RegUtilSetValue( pContext->hReg, HKEY_THIS_MACHINE, PSTOREDB_REGISTRY_AD_KEY, NULL, PSTOREDB_REGISTRY_DEFAULT_VALUE, REG_SZ, (PVOID)pszDomainName, pszDomainName ? strlen(pszDomainName) : 0); GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE); } else { dwError = RegUtilDeleteValue( pContext->hReg, HKEY_THIS_MACHINE, PSTOREDB_REGISTRY_AD_KEY, NULL, PSTOREDB_REGISTRY_DEFAULT_VALUE); GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE); } cleanup: LSA_PSTORE_LOG_LEAVE_ERROR_EE(dwError, EE); return dwError; }
DWORD DeletePassword( PCSTR pSmbdPath ) { DWORD error = 0; PLSA_PSTORE_PLUGIN_DISPATCH pDispatch = NULL; PLSA_PSTORE_PLUGIN_CONTEXT pContext = NULL; PSTR pSecretsPath = NULL; LW_HANDLE hLsa = NULL; PLSA_MACHINE_ACCOUNT_INFO_A pAccountInfo = NULL; HANDLE hReg = NULL; error = LwRegOpenServer(&hReg); BAIL_ON_LSA_ERROR(error); // Even though this was set during the install process, we'll try setting // it again. This way if the user calls uninstall without calling install // first, they won't get an error. error = GetSecretsPath( pSmbdPath, &pSecretsPath); BAIL_ON_LSA_ERROR(error); error = LsaOpenServer( &hLsa); if (error) { LW_RTL_LOG_ERROR("Unable to contact lsassd"); } BAIL_ON_LSA_ERROR(error); error = LsaAdGetMachineAccountInfo( hLsa, NULL, &pAccountInfo); BAIL_ON_LSA_ERROR(error); error = RegUtilAddKey( hReg, LSA_PSTORE_REG_ROOT_KEY_PATH, NULL, LSA_PSTORE_REG_ROOT_KEY_RELATIVE_PATH_PLUGINS "\\" PLUGIN_NAME); BAIL_ON_LSA_ERROR(error); error = RegUtilSetValue( hReg, LSA_PSTORE_REG_ROOT_KEY_PATH, NULL, LSA_PSTORE_REG_ROOT_KEY_RELATIVE_PATH_PLUGINS "\\" PLUGIN_NAME, "SecretsPath", REG_SZ, pSecretsPath, strlen(pSecretsPath)); BAIL_ON_LSA_ERROR(error); error = RemoveSambaLoadPath(hReg); BAIL_ON_LSA_ERROR(error); error = LsaPstorePluginInitializeContext( LSA_PSTORE_PLUGIN_VERSION, PLUGIN_NAME, &pDispatch, &pContext); BAIL_ON_LSA_ERROR(error); error = pDispatch->DeletePasswordInfoA( pContext, pAccountInfo); BAIL_ON_LSA_ERROR(error); cleanup: if (pContext) { pDispatch->Cleanup(pContext); } if (hReg != NULL) { LwRegCloseServer(hReg); } if (hLsa != NULL) { LsaCloseServer(hLsa); } if (pAccountInfo != NULL) { LsaAdFreeMachineAccountInfo(pAccountInfo); } return error; }
DWORD SynchronizePassword( PCSTR pSmbdPath ) { DWORD error = 0; PSTR pSecretsPath = NULL; LW_HANDLE hLsa = NULL; PLSA_MACHINE_PASSWORD_INFO_A pPasswordInfo = NULL; PLSA_PSTORE_PLUGIN_DISPATCH pDispatch = NULL; PLSA_PSTORE_PLUGIN_CONTEXT pContext = NULL; HANDLE hReg = NULL; error = LwRegOpenServer(&hReg); BAIL_ON_LSA_ERROR(error); error = GetSecretsPath( pSmbdPath, &pSecretsPath); BAIL_ON_LSA_ERROR(error); error = RegUtilAddKey( hReg, LSA_PSTORE_REG_ROOT_KEY_PATH, NULL, LSA_PSTORE_REG_ROOT_KEY_RELATIVE_PATH_PLUGINS "\\" PLUGIN_NAME); BAIL_ON_LSA_ERROR(error); error = RegUtilSetValue( hReg, LSA_PSTORE_REG_ROOT_KEY_PATH, NULL, LSA_PSTORE_REG_ROOT_KEY_RELATIVE_PATH_PLUGINS "\\" PLUGIN_NAME, "SecretsPath", REG_SZ, pSecretsPath, strlen(pSecretsPath)); BAIL_ON_LSA_ERROR(error); error = RegUtilSetValue( hReg, HKEY_THIS_MACHINE, NULL, LSA_PSTORE_REG_ROOT_KEY_RELATIVE_PATH_PLUGINS "\\" PLUGIN_NAME, "Path", REG_SZ, PLUGIN_PATH, strlen(PLUGIN_PATH)); BAIL_ON_LSA_ERROR(error); error = AddSambaLoadPath(hReg); BAIL_ON_LSA_ERROR(error); error = LsaOpenServer( &hLsa); if (error) { LW_RTL_LOG_ERROR("Unable to contact lsassd"); } BAIL_ON_LSA_ERROR(error); error = LsaAdGetMachinePasswordInfo( hLsa, NULL, &pPasswordInfo); if (error == NERR_SetupNotJoined) { LW_RTL_LOG_ERROR("Unable to write machine password in secrets.tdb because PowerBroker Identity Services is not joined. The password will be written to secrets.tdb on the next successful join attempt"); error = 0; } else { BAIL_ON_LSA_ERROR(error); error = LsaPstorePluginInitializeContext( LSA_PSTORE_PLUGIN_VERSION, PLUGIN_NAME, &pDispatch, &pContext); BAIL_ON_LSA_ERROR(error); error = pDispatch->SetPasswordInfoA( pContext, pPasswordInfo); BAIL_ON_LSA_ERROR(error); } cleanup: LW_SAFE_FREE_STRING(pSecretsPath); if (hLsa != NULL) { LsaCloseServer(hLsa); } if (hReg != NULL) { LwRegCloseServer(hReg); } if (pPasswordInfo != NULL) { LsaAdFreeMachinePasswordInfo(pPasswordInfo); } if (pContext) { pDispatch->Cleanup(pContext); } return error; }