369 lines
15 KiB
C++
Raw Normal View History

2001-01-01 00:00:00 +01:00
#ifndef __USERCOPY_HPP__
#define __USERCOPY_HPP__
//#pragma title("usercopy.hpp- class definitions for usercopy")
/*
================================================================================
(c) Copyright 1995-1998, Mission Critical Software, Inc., All Rights Reserved
Proprietary and confidential to Mission Critical Software, Inc.
Program - usercopy
Class - LAN Manager Utilities
Author - Christy Boles
Created - 09/04/97
Description- class definitions to allow usercopy to process subsets of accounts.
The list of accounts will be generated by the GUI, and will consist
of a TNodeList of TAcctNodes. Users will be added from the front of
the list, and groups will be added at the end.
Updates - 01/30/98 CAB Added strong password generation
================================================================================
*/
#include <lmcons.h>
#include "TNode.hpp"
#include <share.h> // for _SH_DENYNO
#include "EaLen.hpp"
#include "Common.hpp"
#include "Err.hpp"
#include "UString.hpp"
#include "CommaLog.hpp"
#include "TARNode.hpp"
#include "WorkObj.h"
#include "ProcExts.h"
//#import "\bin\DBManager.tlb" no_namespace, named_guids
//#import "\bin\McsDctWorkerObjects.tlb"
#import "DBMgr.tlb" no_namespace, named_guids
#import "WorkObj.tlb"
#define AR_BUFSIZE ((size_t)16000)
#define AR_NUM_IN_BUF 5000
#define F_REPLACE 0x00000001 // replace account info
#define F_GROUP 0x00000002 // copy global groups
#define F_LGROUP 0x00000004 // copy local groups
#define F_USERS 0x00000008 // copy users
#define F_DISABLE_ALL 0x00000010 // disable all accounts
#define F_DISABLE_SPECIAL 0x00000020 // disable Account Ops, Backup Ops, Administrators, Domain Admins
#define F_STRONGPW_ALL 0x00000040 // generate strong passwords for all accounts
#define F_STRONGPW_SPECIAL 0x00000080 // generate strong passwords for Account Ops, Backup Ops, Admins, and Domain Admins
#define F_MACHINE 0x00000100 // copy computer accounts
#define F_REMOVE_OLD_MEMBERS 0x00000200 // remove old members from replaced groups
#define F_DISABLESOURCE 0x00000400 // disable copied user accounts on source domain
#define F_AddToSrcGroupLocal 0x00000800 // indicates that the add-to group is on the target domain
#define F_AddToGroupLocal 0x00001000 // add to group is a local group
#define F_INTERACT 0x00002000 // use command-line parms to initiate interactive gui session
#define F_WARN_FULLNAME 0x00004000 // warn before replacing accounts w/different fullname
#define F_WARN_COMMENT 0x00008000 // warn before replacing accounts w/different comment
#define F_CopyPasswords 0x00010000 // copy passwords
#define F_RevokeOldRights 0x00020000 // removes old user rights from copied accounts
#define F_AddSidHistory 0x00040000 // Add SID of source account to the SID history of the target account.
#define F_TranslateProfiles 0x00080000 // Translate roaming profiles
#define F_OUS 0x00100000 // Process the organizational units.
#define F_COMPUTERS 0x00200000 // Process the computer accounts in Acct replication
#define F_COPY_CONT_CONTENT 0x00400000 // Copy the container contents along with the container when copying accounts.
#define F_COPY_MIGRATED_ACCT 0x00800000 // When expanding containers/membership include accounts that have already been migrated.
#define F_MOVE_REPLACED_ACCT 0x01000000 // move a replaces account to the user-specified OU.
#define AR_AccountComputer (0x80000000)
#define AR_AccountComputerPdc (0x40000000)
#define ADMINISTRATORS 1
#define ACCOUNT_OPERATORS 2
#define BACKUP_OPERATORS 3
#define DOMAIN_ADMINS 4
#define CREATOR_OWNER 5
#define DOMAIN_USERS 6
#define DOMAIN_CONTROLLERS 7
#define DOMAIN_COMPUTERS 8
struct AccountStats
{
long users;
long globals;
long locals;
long computers;
long generic;
};
class TANode:public TNode
{
BOOL bMarked;
PSID pSid;
WCHAR name[LEN_Account];
public:
TANode() { name[0] = 0; bMarked = FALSE; pSid = NULL;}
TANode(WCHAR const * n)
{
safecopy(name,n);
bMarked = FALSE;
pSid = NULL;
}
~TANode()
{
if ( pSid )
delete pSid;
}
BOOL Marked() { return bMarked; }
void Mark() { bMarked = TRUE; }
void SetSid(PSID p) { pSid = p; }
void SetName(WCHAR const * n){ safecopy(name,n); }
WCHAR * GetName() { return name; }
PSID GetSid() { return pSid;}
};
// Password generation service
#define PWGEN_MIN_LENGTH 8 // enforced minimum password length
#define PWGEN_MAX_LENGTH 14 // enforced maximum password length
struct EaPwdFilterInfo
{
DWORD bEnforce;
DWORD bAllowName;
DWORD minLower;
DWORD minUpper;
DWORD minDigits;
DWORD minSpecial;
DWORD maxConsecutiveAlpha;
};
struct Options
{
WCHAR srcDomain[LEN_Domain];
WCHAR srcDomainDns[LEN_Domain];
WCHAR srcDomainFlat[LEN_Domain];
WCHAR tgtDomain[LEN_Domain];
WCHAR tgtDomainDns[LEN_Domain];
WCHAR tgtDomainFlat[LEN_Domain];
WCHAR srcComp[LEN_Account]; // source computername
WCHAR srcCompDns[LEN_Account]; // DNS source computername
WCHAR srcCompFlat[LEN_Account]; // flat source computername
WCHAR tgtComp[LEN_Account]; // target computername
WCHAR tgtCompDns[LEN_Account]; // DNS target computername
WCHAR tgtCompFlat[LEN_Account]; // flat target computername
PSID srcSid;
PSID tgtSid;
DWORD srcDomainVer;
DWORD srcDomainVerMinor;
DWORD tgtDomainVer;
DWORD tgtDomainVerMinor;
WCHAR prefix[UNLEN]; // prefix for added users
WCHAR suffix[UNLEN]; // suffix for added users
WCHAR globalPrefix[UNLEN];
WCHAR globalSuffix[UNLEN];
WCHAR addToGroup[GNLEN+1]; // optional group name to add new users to
WCHAR addToGroupSource[GNLEN+1]; // optional group name to add source users to
WCHAR logFile[MAX_PATH+1];
EaPwdFilterInfo policyInfo;
DWORD minPwdLength;
CommaDelimitedLog passwordLog;
DWORD flags; // operation flags
BOOL nochange;
WCHAR authUser[UNLEN+1]; //User name for source authentication
WCHAR authPassword[UNLEN+1]; //Password for Authentication.
WCHAR authDomain[LEN_Domain+1]; // Domain for the user passed for authentication
HANDLE dsBindHandle; // Handle to the directory service. Should be init by DsBind.
WCHAR srcNamingContext[LEN_Path]; // Naming context for the Adsi path
WCHAR tgtNamingContext[LEN_Path]; // Naming context for the Target domain
WCHAR tgtOUPath[LEN_Path]; // path for the OU container that is to be used to create objects in
BOOL expandContainers; // Whether or not we want to expand the containers.
BOOL expandMemberOf;
BOOL fixMembership;
IIManageDB * pDb;
HRESULT openDBResult;
BOOL bUndo;
BOOL bSameForest;
long lActionID;
long lUndoActionID;
MCSDCTWORKEROBJECTSLib::IStatusObjPtr pStatus;
WCHAR sDomUsers[UNLEN+1]; // Name of the domain users group in the source domain
_bstr_t sExcSystemProps; // system properties to exclude from migration
_bstr_t sExcUserProps; // user properties to exclude from migration
_bstr_t sExcInetOrgPersonProps; // InetOrgPerson properties to exclude from migration
_bstr_t sExcGroupProps; // group properties to exclude from migration
_bstr_t sExcCmpProps; // computer properties to exclude from migration
BOOL bExcludeProps;
_bstr_t sWizard;
Options() {
srcDomain[0] = 0;
srcDomainDns[0] = 0;
srcDomainFlat[0] = 0;
tgtDomain[0] = 0;
tgtDomainDns[0] = 0;
tgtDomainFlat[0] = 0;
srcComp[0] = 0;
srcCompDns[0] = 0;
srcCompFlat[0] = 0;
tgtComp[0] = 0;
tgtCompDns[0] = 0;
tgtCompFlat[0] = 0;
prefix[0] = 0;
suffix[0] = 0;
globalPrefix[0] = 0;
globalSuffix[0] = 0;
addToGroup[0] = 0;
addToGroupSource[0] = 0;
logFile[0] = 0;
minPwdLength = 0;
flags = 0;
nochange = TRUE;
authUser[0] = 0;
authPassword[0] = 0;
authDomain[0] = 0;
srcNamingContext[0] = 0;
tgtNamingContext[0] = 0;
tgtOUPath[0] = 0;
expandContainers = FALSE;
fixMembership = TRUE;
pDb = NULL;
openDBResult = CoCreateInstance(CLSID_IManageDB,NULL,CLSCTX_ALL,IID_IIManageDB,(void**)&pDb);
bUndo = FALSE;
srcDomainVer = -1;
srcDomainVerMinor = -1;
tgtDomainVer = -1;
tgtDomainVerMinor = -1;
srcSid = NULL;
tgtSid = NULL;
lUndoActionID = 0;
pStatus = NULL;
bSameForest = FALSE;
sDomUsers[0] = 0;
bExcludeProps = FALSE;
}
~Options()
{
if( pDb )
{
pDb->Release();
}
if ( srcSid )
FreeSid(srcSid);
if ( tgtSid )
FreeSid(tgtSid);
}
};
typedef void ProgressFn(WCHAR const * mesg);
int
UserCopy(
Options * options, // in - options
TNodeListSortable * acctlist, // in - list of accounts to process
ProgressFn * progress, // in - function called to log current progress
TError & error, // in - TError to write messages to
IStatusObj * pStatus, // in -status object to support cancellation
void fn (void ), // in - window update function
CProcessExtensions * pExts // in - pointer to extensions
);
int
UserRename(
Options * options, // in -options
TNodeListSortable * acctlist, // in -list of accounts to process
ProgressFn * progress, // in -window to write progress messages to
TError & error, // in -window to write error messages to
IStatusObj * pStatus, // in -status object to support cancellation
void WindowUpdate (void ) // in - window update function
);
bool AddSidHistory(
const Options * pOptions,
const WCHAR * strSrcPrincipal,
const WCHAR * strDestPrincipal,
IStatusObj * pStatus = NULL,
BOOL isFatal = TRUE
);
bool BindToDS(
Options * pOpt
);
bool AddToOU (
Options * options, // in -options
TNodeListSortable * acctlist // in -list of accounts to process
);
void MakeFullyQualifiedAdsPath(
WCHAR * sPath, //out- Fully qulified LDAP path to the object
DWORD nPathLen, //in - MAX size, in characters, of the sPath buffer
WCHAR * sSubPath, //in- LDAP subpath of the object
WCHAR * tgtDomain, //in- Domain name where object exists.
WCHAR * sDN //in- Deafault naming context for the Domain
);
void FillupNamingContext(Options * options);
bool IsAccountMigrated(
TAcctReplNode * pNode, //in -Account node that contains the Account info
Options * pOptions, //in -Options as specified by the user.
IIManageDBPtr pDb, //in -Pointer to DB manager. We dont want to create this object for every account we process
WCHAR * sTgtSam //in,out - Name of the target object that was copied if any.
);
bool CheckifAccountExists(
Options const* options, //in-Options as set by the user
WCHAR * acctName //in-Name of the account to look for
);
bool CallExtensions(
CProcessExtensions * pExt, // in - Extension handler.
Options * options, // in -options
TNodeListSortable * acctlist, //in -Accounts to be copied.
IStatusObj * pStatus, // in -status object to support cancellation
ProgressFn * progress //in- Progress function.
);
void
CopyGlobalGroupMembers(
Options const * options ,// in -options
TAcctReplNode * acct ,// in -account to copy
TNodeListSortable * acctlist ,// in -list of accounts being copied
void WindowUpdate (void ) // in - window update function
);
void
CopyLocalGroupMembers(
Options const * options ,// in -options
TAcctReplNode * acct ,// in -account to copy
TNodeListSortable * acctlist ,// in -list of accounts being copied
void WindowUpdate (void ) // in - window update function
);
HRESULT
CopySidHistoryProperty(
Options * pOptions,
TAcctReplNode * pNode,
IStatusObj * pStatus
);
HRESULT
__stdcall
GetRidPoolAllocator(
Options * pOptions
);
void Mark( _bstr_t sMark, _bstr_t sObj);
void BatchMark(const EAMAccountStats& stats);
DWORD GetName(PSID pObjectSID, WCHAR * sNameAccount, WCHAR * sDomain);
typedef HRESULT (CALLBACK * ADSGETOBJECT)(LPWSTR, REFIID, void**);
extern ADSGETOBJECT ADsGetObject;
#endif //__USERCOPY_HPP__