1827 lines
59 KiB
C++
1827 lines
59 KiB
C++
//+----------------------------------------------------------------------------
|
|
//
|
|
// Scheduling Agent Service
|
|
//
|
|
// Microsoft Windows
|
|
// Copyright (C) Microsoft Corporation, 1992 - 1996.
|
|
//
|
|
// File: runjob.cxx
|
|
//
|
|
// Contents: Functions to run the target file.
|
|
//
|
|
// History: 02-Jul-96 EricB created
|
|
//
|
|
//-----------------------------------------------------------------------------
|
|
|
|
#include "..\pch\headers.hxx"
|
|
#pragma hdrstop
|
|
#include <lmerr.h> // NERR_Success
|
|
#include <dsgetdc.h> // DsGetDcName
|
|
#include <lmaccess.h> // NetUserGetInfo
|
|
#include <lmapibuf.h> // NetApiBufferFree
|
|
#include <netevent.h> // for logging to event log
|
|
#include "globals.hxx"
|
|
#include "svc_core.hxx"
|
|
#include "..\inc\resource.h"
|
|
#include "path.hxx"
|
|
#include "..\inc\common.hxx"
|
|
#include "..\inc\runobj.hxx"
|
|
#include <wtsapi32.h>
|
|
|
|
|
|
HRESULT
|
|
ComposeBatchParam(
|
|
LPCTSTR pwszPrefix,
|
|
LPCTSTR wszAppPathName,
|
|
LPCTSTR pwszParameters,
|
|
LPTSTR * ppwszCmdLine
|
|
);
|
|
|
|
HRESULT
|
|
ComposeParam(BOOL fTargetIsExe,
|
|
LPTSTR ptszRunTarget,
|
|
LPTSTR ptszParameters,
|
|
LPTSTR * pptszCmdLine);
|
|
|
|
#include <userenv.h> // LoadUserProfile
|
|
|
|
BOOL AllowInteractiveServices(void);
|
|
BOOL LogonAccount(
|
|
LPCWSTR pwszJobFile,
|
|
CJob * pJob,
|
|
DWORD * pdwErrorMsg,
|
|
HRESULT * pdwSpecificError,
|
|
//CRun * pRun,
|
|
HANDLE * phToken,
|
|
BOOL * pfTokenIsShellToken,
|
|
LPWSTR * ppwsz,
|
|
HANDLE * phUserProfile);
|
|
HANDLE
|
|
LoadAccountProfile(
|
|
HANDLE hToken,
|
|
LPCWSTR pwszUser,
|
|
LPCWSTR pwszDomain);
|
|
|
|
BOOL GetUserTokenFromSession(
|
|
LPTSTR lpszUsername,
|
|
LPTSTR lpszDomain,
|
|
PHANDLE phUserToken
|
|
);
|
|
|
|
DWORD SchedUPNToAccountName(
|
|
IN LPCWSTR lpUPN,
|
|
OUT LPWSTR *ppAccountName);
|
|
|
|
void InitializeStartupInfo(
|
|
CJob * pJob,
|
|
LPTSTR ptszDesktop,
|
|
STARTUPINFO * psi);
|
|
HRESULT MapFindExecutableError(HINSTANCE hRet);
|
|
BOOL WaitForStubExe(HANDLE hProcess);
|
|
|
|
|
|
#define WSZ_INTERACTIVE_DESKTOP L"WinSta0\\Default"
|
|
#define WSZ_SA_DESKTOP L"SAWinSta\\SADesktop"
|
|
#define CMD_PREFIX TEXT("cmd.exe /c ")
|
|
#define STUB_PREFIX L"RUNDLL32.EXE Shell32.DLL,ShellExec_RunDLL ?0x400?"
|
|
// 0x400 is SEE_MASK_FLAG_NO_UI
|
|
#define USERNAME L"USERNAME"
|
|
#define USERDOMAIN L"USERDOMAIN"
|
|
#define USERPROFILE L"USERPROFILE"
|
|
|
|
#define DQUOTE TEXT("\"")
|
|
#define SPACE TEXT(" ")
|
|
|
|
//+----------------------------------------------------------------------------
|
|
//
|
|
// Member: CSchedWorker::RunNTJob
|
|
//
|
|
// Synopsis: Run an NT Job.
|
|
//
|
|
// Arguments: [pJob] - the job object to be run.
|
|
// [pRun] - the run information object.
|
|
// [phrRet] - a place to return launch failure info.
|
|
// [pdwErrMsgID] - message ID for failure reporting.
|
|
//
|
|
// Returns: S_OK - if job launched.
|
|
// S_FALSE - if job not launched.
|
|
// HRESULT - other, fatal, error.
|
|
//
|
|
//-----------------------------------------------------------------------------
|
|
HRESULT
|
|
CSchedWorker::RunNTJob(CJob * pJob, CRun * pRun, HRESULT * phrRet,
|
|
DWORD * pdwErrMsgID)
|
|
{
|
|
LPWSTR pwszRunTarget,
|
|
pwszWorkingDir = pJob->m_pwszWorkingDirectory,
|
|
pwszParameters = pJob->m_pwszParameters;
|
|
DWORD cch;
|
|
BOOL fRanJob = FALSE;
|
|
LPTSTR ptszDesktop = NULL;
|
|
HANDLE hImpersonationHandle = NULL;
|
|
HANDLE hToken = NULL;
|
|
BOOL fTokenIsShellToken = FALSE;
|
|
HANDLE hUserProfile = NULL;
|
|
BOOL fTargetIsExe = FALSE;
|
|
BOOL fTargetIsBinaryExe = FALSE;
|
|
BOOL fUseStubExe = FALSE;
|
|
|
|
|
|
*pdwErrMsgID = IDS_LOG_JOB_ERROR_FAILED_START;
|
|
|
|
size_t cchBuff = lstrlen(pJob->m_pwszApplicationName) + 1;
|
|
pwszRunTarget = new WCHAR[cchBuff];
|
|
|
|
if (pwszRunTarget == NULL)
|
|
{
|
|
LogServiceError(IDS_NON_FATAL_ERROR,
|
|
ERROR_OUTOFMEMORY,
|
|
IDS_HELP_HINT_CLOSE_APPS);
|
|
ERR_OUT("CSchedWorker::RunNTJob", E_OUTOFMEMORY);
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
StringCchCopy(pwszRunTarget, cchBuff, pJob->m_pwszApplicationName);
|
|
|
|
schDebugOut((DEB_TRACE, "*** Running job %S\n", pJob->m_ptszFileName));
|
|
schDebugOut((DEB_USER3, "*** with MaxRunTime of %u\n", pJob->m_dwMaxRunTime));
|
|
|
|
HRESULT hr = S_OK;
|
|
WCHAR wszAppPathName[MAX_PATH + 1];
|
|
LPWSTR pwszCmdLine = NULL;
|
|
|
|
//
|
|
// Logon the account associated with the job and set the security token
|
|
// and desktop appropriately based on several factors: is this an AT job,
|
|
// is the account the same as the currently logged-on user, etc.
|
|
//
|
|
|
|
if (!LogonAccount(pJob->m_ptszFileName,
|
|
pJob,
|
|
pdwErrMsgID,
|
|
phrRet,
|
|
//pRun,
|
|
&hToken,
|
|
&fTokenIsShellToken,
|
|
&ptszDesktop,
|
|
&hUserProfile))
|
|
{
|
|
hr = S_FALSE;
|
|
goto cleanup;
|
|
}
|
|
|
|
if( NULL != ptszDesktop )
|
|
{
|
|
hr = pRun->SetDesktop( _tcschr( ptszDesktop, '\\' ) + 1 );
|
|
if( FAILED( hr ) )
|
|
{
|
|
LogServiceError(IDS_NON_FATAL_ERROR,
|
|
ERROR_OUTOFMEMORY,
|
|
IDS_HELP_HINT_CLOSE_APPS);
|
|
ERR_OUT("CSchedWorker::RunNTJob", E_OUTOFMEMORY);
|
|
goto cleanup;
|
|
}
|
|
|
|
TCHAR ptszStation[MAX_PATH];
|
|
|
|
SecureZeroMemory( ptszStation, sizeof(ptszStation) );
|
|
|
|
wcsncpy( ptszStation, ptszDesktop,
|
|
( _tcschr( ptszDesktop, '\\' ) - ptszDesktop ) );
|
|
|
|
hr = pRun->SetStation( ptszStation );
|
|
|
|
if( FAILED( hr ) )
|
|
{
|
|
LogServiceError(IDS_NON_FATAL_ERROR,
|
|
ERROR_OUTOFMEMORY,
|
|
IDS_HELP_HINT_CLOSE_APPS);
|
|
ERR_OUT("CSchedWorker::RunNTJob", E_OUTOFMEMORY);
|
|
goto cleanup;
|
|
}
|
|
}
|
|
|
|
//
|
|
// NOTE: After this point, if fTokenIsShellToken is TRUE, we must leave
|
|
// gUserLogonInfo.CritSection.
|
|
//
|
|
|
|
//
|
|
// For all but AT jobs, impersonate the user to ensure the user
|
|
// gets access checked correctly on the file executed.
|
|
//
|
|
|
|
hImpersonationHandle = NULL;
|
|
|
|
if (!pJob->IsFlagSet(JOB_I_FLAG_NET_SCHEDULE))
|
|
{
|
|
if (fTokenIsShellToken)
|
|
{
|
|
hImpersonationHandle = ImpersonateLoggedInUser();
|
|
}
|
|
else
|
|
{
|
|
hImpersonationHandle = ImpersonateUser(hToken,
|
|
hImpersonationHandle);
|
|
}
|
|
|
|
if (hImpersonationHandle == NULL)
|
|
{
|
|
*phrRet = 0;
|
|
*pdwErrMsgID = IDS_ACCOUNT_LOGON_FAILED;
|
|
hr = S_FALSE;
|
|
goto cleanup2;
|
|
}
|
|
}
|
|
|
|
//
|
|
// Change to the job's working dir before searching for the
|
|
// executable.
|
|
//
|
|
if (pwszWorkingDir != NULL)
|
|
{
|
|
if (!SetCurrentDirectory(pwszWorkingDir))
|
|
{
|
|
//
|
|
// An invalid working directory may not prevent the job from
|
|
// running, so this is not a fatal error. Log it though, to
|
|
// inform the user.
|
|
//
|
|
TCHAR tszExeName[MAX_PATH + 1];
|
|
|
|
GetExeNameFromCmdLine(pJob->GetCommand(), MAX_PATH + 1, tszExeName);
|
|
|
|
LogTaskError(pRun->GetName(),
|
|
tszExeName,
|
|
IDS_LOG_SEVERITY_WARNING,
|
|
IDS_LOG_JOB_WARNING_BAD_DIR,
|
|
NULL,
|
|
GetLastError(),
|
|
IDS_HELP_HINT_BADDIR);
|
|
|
|
//
|
|
// Set the pointer to NULL so that CreateProcess will ignore it.
|
|
//
|
|
pwszWorkingDir = NULL;
|
|
}
|
|
}
|
|
|
|
//
|
|
// Check if the run target has an extension and determine if the run
|
|
// target is a program, a batch or command file (.bat or .cmd), or a
|
|
// document. If there is no extension, then it is assumed that it is a
|
|
// program.
|
|
//
|
|
WCHAR* pExtension = PathFindExtension(pwszRunTarget);
|
|
|
|
if (*pExtension == '\0')
|
|
{
|
|
fTargetIsExe = TRUE;
|
|
fTargetIsBinaryExe = TRUE;
|
|
}
|
|
else if (PathIsExe(pwszRunTarget))
|
|
{
|
|
fTargetIsExe = TRUE;
|
|
|
|
if (PathIsBinaryExe(pwszRunTarget))
|
|
{
|
|
fTargetIsBinaryExe = TRUE;
|
|
}
|
|
}
|
|
|
|
if (fTargetIsExe)
|
|
{
|
|
if (fTargetIsBinaryExe)
|
|
{
|
|
DBG_OUT("Job target is a binary executable");
|
|
}
|
|
else
|
|
{
|
|
DBG_OUT("Job target is a batch file");
|
|
}
|
|
|
|
if (pwszRunTarget[1] == L':' || pwszRunTarget[1] == L'\\')
|
|
{
|
|
//
|
|
// If the second character is a colon or a backslash, then this
|
|
// must be a fully qualified path. If so, don't call SearchPath.
|
|
//
|
|
|
|
StringCchCopy(wszAppPathName, MAX_PATH + 1, pwszRunTarget);
|
|
}
|
|
else
|
|
{
|
|
//
|
|
// Build a full path name for the application.
|
|
//
|
|
|
|
DWORD cchFound;
|
|
|
|
cchFound = SearchPath(NULL, pwszRunTarget, DOTEXE, MAX_PATH + 1,
|
|
wszAppPathName, NULL);
|
|
|
|
if (!cchFound || cchFound >= MAX_PATH)
|
|
{
|
|
//
|
|
// Error, cannot locate job target application. Note that this
|
|
// is not a fatal error (probably file-not-found) so
|
|
// processing will continue with other jobs in the list.
|
|
//
|
|
|
|
//
|
|
// phrRet and pdwErrMsgId are used by LogTaskError on return.
|
|
//
|
|
*phrRet = HRESULT_FROM_WIN32(GetLastError());
|
|
*pdwErrMsgID = IDS_LOG_JOB_ERROR_FAILED_START;
|
|
|
|
hr = S_FALSE;
|
|
goto cleanup3;
|
|
}
|
|
}
|
|
|
|
if (fTargetIsBinaryExe)
|
|
{
|
|
schDebugOut((DEB_ITRACE, "*** Running '%S'\n", wszAppPathName));
|
|
}
|
|
}
|
|
else
|
|
{
|
|
DBG_OUT("Job target is a document");
|
|
|
|
HINSTANCE hRet = FindExecutable(pwszRunTarget,
|
|
pwszWorkingDir,
|
|
wszAppPathName);
|
|
if (hRet == (HINSTANCE)31)
|
|
{
|
|
//
|
|
// No association found. Try using rundll32.exe with ShellExecute
|
|
// to run the document.
|
|
//
|
|
fUseStubExe = TRUE;
|
|
|
|
fTargetIsExe = TRUE;
|
|
fTargetIsBinaryExe = FALSE;
|
|
|
|
StringCchCopy(wszAppPathName, MAX_PATH + 1, pwszRunTarget);
|
|
}
|
|
else if (hRet < (HINSTANCE)32)
|
|
{
|
|
//
|
|
// This is not a fatal error, so RunJobs will just log the failure
|
|
// and continue with any other pending jobs.
|
|
//
|
|
|
|
//
|
|
// phrRet and pdwErrMsgId are used by LogTaskError on return.
|
|
//
|
|
schDebugOut((DEB_ERROR, "FindExecutable FAILED with %d for '%ws'\n",
|
|
hRet, pwszRunTarget));
|
|
*phrRet = MapFindExecutableError(hRet);
|
|
*pdwErrMsgID = IDS_LOG_JOB_ERROR_FAILED_START;
|
|
|
|
hr = S_FALSE;
|
|
goto cleanup3;
|
|
}
|
|
else
|
|
{
|
|
//
|
|
// If running a document by association, the parameter property is
|
|
// ignored and the run target property is passed as the parameter.
|
|
//
|
|
pwszParameters = pwszRunTarget;
|
|
pwszRunTarget = wszAppPathName;
|
|
|
|
schDebugOut((DEB_ITRACE, "*** Running '%S'\n", pwszParameters));
|
|
}
|
|
}
|
|
|
|
if (fTargetIsExe && !fTargetIsBinaryExe)
|
|
{
|
|
hr = ComposeBatchParam(fUseStubExe ? STUB_PREFIX : CMD_PREFIX,
|
|
wszAppPathName,
|
|
pwszParameters,
|
|
&pwszCmdLine);
|
|
|
|
if (FAILED(hr))
|
|
{
|
|
goto cleanup3;
|
|
}
|
|
|
|
schDebugOut((DEB_ITRACE, "*** Running batch file '%S'\n", pwszCmdLine));
|
|
}
|
|
else
|
|
{
|
|
//
|
|
// Add the app name as the first token of the command line param.
|
|
//
|
|
|
|
if (pwszParameters != NULL)
|
|
{
|
|
hr = ComposeParam(fTargetIsExe,
|
|
pwszRunTarget,
|
|
pwszParameters,
|
|
&pwszCmdLine);
|
|
|
|
if (FAILED(hr))
|
|
{
|
|
goto cleanup3;
|
|
}
|
|
|
|
schDebugOut((DEB_ITRACE, "*** With cmd line '%S'\n", pwszCmdLine));
|
|
}
|
|
}
|
|
|
|
STARTUPINFO startupinfo;
|
|
|
|
InitializeStartupInfo(pJob, ptszDesktop, &startupinfo);
|
|
|
|
if (pJob->IsFlagSet(TASK_FLAG_HIDDEN))
|
|
{
|
|
startupinfo.wShowWindow = SW_HIDE;
|
|
}
|
|
|
|
//
|
|
// Modify the path if the application has an app path registry entry
|
|
//
|
|
|
|
BOOL fChangedPath;
|
|
LPWSTR pwszSavedPath;
|
|
|
|
fChangedPath = SetAppPath(wszAppPathName, &pwszSavedPath);
|
|
|
|
//
|
|
// Launch job.
|
|
//
|
|
// NB : Must call CreateProcess when the token handle is
|
|
// NULL (in the case of AT jobs running as local system),
|
|
// since CreateProcessAsUser rejects NULL handles.
|
|
// Alternatively, OpenProcessToken could be used,
|
|
// but then we have to deal with the failure cases,
|
|
// logging appropriate errors, closing the token
|
|
// handle, etc.
|
|
//
|
|
|
|
HANDLE hProcess = NULL;
|
|
HANDLE hThread = NULL;
|
|
DWORD dwProcessId = 0;
|
|
|
|
if (hToken == NULL)
|
|
{
|
|
PROCESS_INFORMATION processinfo;
|
|
ZeroMemory(&processinfo, sizeof(PROCESS_INFORMATION));
|
|
|
|
fRanJob = CreateProcess((fTargetIsExe && !fTargetIsBinaryExe) ?
|
|
NULL : wszAppPathName,
|
|
pwszCmdLine,
|
|
NULL,
|
|
NULL,
|
|
FALSE,
|
|
pJob->m_dwPriority |
|
|
CREATE_NEW_CONSOLE |
|
|
CREATE_SEPARATE_WOW_VDM,
|
|
NULL,
|
|
pwszWorkingDir,
|
|
&startupinfo,
|
|
&processinfo);
|
|
|
|
hProcess = processinfo.hProcess;
|
|
hThread = processinfo.hThread;
|
|
dwProcessId = processinfo.dwProcessId;
|
|
}
|
|
else
|
|
{
|
|
LPVOID lpEnvironment;
|
|
|
|
//
|
|
// Launch the job with the appropriate environment
|
|
//
|
|
|
|
schDebugOut((DEB_ITRACE, "Calling CreateEnvironmentBlock...\n"));
|
|
if (!CreateEnvironmentBlock(&lpEnvironment,
|
|
hToken,
|
|
FALSE))
|
|
{
|
|
ERR_OUT("CreateEnvironmentBlock", GetLastError());
|
|
lpEnvironment = NULL;
|
|
}
|
|
else
|
|
{
|
|
schDebugOut((DEB_ITRACE, "... CreateEnvironmentBlock succeded\n"));
|
|
}
|
|
|
|
PROCESS_INFORMATION processinfo;
|
|
ZeroMemory(&processinfo, sizeof(PROCESS_INFORMATION));
|
|
|
|
fRanJob = CreateProcessAsUser(hToken,
|
|
(fTargetIsExe && !fTargetIsBinaryExe) ?
|
|
NULL : wszAppPathName,
|
|
pwszCmdLine,
|
|
NULL,
|
|
NULL,
|
|
FALSE,
|
|
pJob->m_dwPriority |
|
|
CREATE_NEW_CONSOLE |
|
|
CREATE_SEPARATE_WOW_VDM |
|
|
CREATE_UNICODE_ENVIRONMENT,
|
|
lpEnvironment,
|
|
pwszWorkingDir,
|
|
&startupinfo,
|
|
&processinfo);
|
|
|
|
hProcess = processinfo.hProcess;
|
|
hThread = processinfo.hThread;
|
|
dwProcessId = processinfo.dwProcessId;
|
|
|
|
//
|
|
// DestroyEnvironmentBlock handles NULL
|
|
//
|
|
|
|
DestroyEnvironmentBlock(lpEnvironment);
|
|
}
|
|
|
|
if (fRanJob && fUseStubExe)
|
|
{
|
|
//
|
|
// If we launched the stub exe, we must wait for it to exit, and check
|
|
// its exit code.
|
|
//
|
|
fRanJob = WaitForStubExe(hProcess);
|
|
|
|
//
|
|
// It's not interesting to copy info about the stub exe into pRun
|
|
//
|
|
CloseHandle(hProcess);
|
|
CloseHandle(hThread);
|
|
hProcess = NULL;
|
|
dwProcessId = NULL;
|
|
}
|
|
|
|
if (fRanJob)
|
|
{
|
|
//
|
|
// Successfully launched job.
|
|
//
|
|
hr = S_OK;
|
|
|
|
pRun->SetHandle(hProcess);
|
|
pRun->SetProcessId(dwProcessId);
|
|
|
|
if (fUseStubExe)
|
|
{
|
|
pRun->ClearFlag(RUN_STATUS_RUNNING); // was set by SetHandle
|
|
fRanJob = FALSE;
|
|
|
|
// HMH: okay, I don't like this logic, but that's the way it worked
|
|
// when I got here. It seems like the process launched by the stub
|
|
// would want the user profile, etc, available...
|
|
// ... but then we wouldn't know when to close it!
|
|
|
|
if (hUserProfile)
|
|
UnloadUserProfile(hToken, hUserProfile);
|
|
|
|
if (hToken && !fTokenIsShellToken)
|
|
CloseHandle(hToken);
|
|
}
|
|
else
|
|
{
|
|
CloseHandle(hThread);
|
|
pRun->SetProfileHandles(hToken, hUserProfile, !fTokenIsShellToken);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
//
|
|
// Job launch failed.
|
|
//
|
|
hr = S_FALSE;
|
|
|
|
// so, let's clean up - shall we?
|
|
if (hUserProfile)
|
|
UnloadUserProfile(hToken, hUserProfile);
|
|
|
|
if (hToken && !fTokenIsShellToken)
|
|
CloseHandle(hToken);
|
|
|
|
//
|
|
// phrRet and pdwErrMsgId are used by LogTaskError on return.
|
|
//
|
|
*phrRet = HRESULT_FROM_WIN32(GetLastError());
|
|
*pdwErrMsgID = IDS_LOG_JOB_ERROR_FAILED_START;
|
|
schDebugOut((DEB_ERROR, "*** CreateProcess for job %S failed, %lu\n",
|
|
pJob->m_ptszFileName, GetLastError()));
|
|
}
|
|
|
|
if (fChangedPath)
|
|
{
|
|
SetEnvironmentVariable(L"PATH", pwszSavedPath);
|
|
delete [] pwszSavedPath;
|
|
pwszSavedPath = NULL;
|
|
}
|
|
|
|
//
|
|
// If impersonating, stop.
|
|
//
|
|
|
|
cleanup3:
|
|
|
|
if (!pJob->IsFlagSet(JOB_I_FLAG_NET_SCHEDULE))
|
|
{
|
|
StopImpersonating(hImpersonationHandle, !fTokenIsShellToken);
|
|
}
|
|
|
|
cleanup2:
|
|
|
|
if (fTokenIsShellToken)
|
|
{
|
|
LeaveCriticalSection(gUserLogonInfo.CritSection);
|
|
}
|
|
|
|
cleanup:
|
|
|
|
//
|
|
// If the job ran successfully, then the CRun object pointed to by pRun
|
|
// has the profile and user tokens and will release them when the job
|
|
// quits.
|
|
|
|
|
|
//
|
|
// Change back to the service's working directory.
|
|
//
|
|
if (pwszWorkingDir != NULL)
|
|
{
|
|
if (!SetCurrentDirectory(m_ptszSvcDir))
|
|
{
|
|
LogServiceError(IDS_NON_FATAL_ERROR, GetLastError(), 0);
|
|
ERR_OUT("RunJobs: changing back to the service's directory",
|
|
HRESULT_FROM_WIN32(GetLastError()));
|
|
}
|
|
}
|
|
|
|
if (pwszRunTarget != wszAppPathName)
|
|
{
|
|
delete [] pwszRunTarget;
|
|
}
|
|
else
|
|
{
|
|
delete [] pwszParameters;
|
|
}
|
|
|
|
if (pwszCmdLine != NULL)
|
|
{
|
|
delete [] pwszCmdLine;
|
|
}
|
|
|
|
return hr;
|
|
}
|
|
|
|
//+----------------------------------------------------------------------------
|
|
//
|
|
// Function: LogonAccount
|
|
//
|
|
// Synopsis: Retrieve the account information associated with the job
|
|
// and logon.
|
|
//
|
|
// Non-AT jobs:
|
|
// Account == Current logged on user:
|
|
// If the logon succeeds and the account matches that of the
|
|
// currently logged on user, return the shell security token
|
|
// to be used with CreateProcessAsUser. This enables jobs to
|
|
// show up on the user's desktop.
|
|
//
|
|
// Account != Current logged on user or no user logged on:
|
|
// If the logon succeeds, but the currently logged on user is
|
|
// different than the account, or there is no-one logged on,
|
|
// return the account token. Also return the scheduling agent's
|
|
// desktop name in the desktop return argument so this job can
|
|
// run on it.
|
|
//
|
|
// AT jobs:
|
|
// Ensure the AT job owner is an administrator and return an
|
|
// account token. AT jobs never get the shell token, since
|
|
// that's how the original schedule service worked. Also
|
|
// return the desktop name, "WinSta0\Default".
|
|
//
|
|
// Arguments: [pwszJobFile] -- Path to the job object file.
|
|
// [pJob] -- Job object to execute under the
|
|
// associated account.
|
|
// [pdwErrorMsg] -- SCHED_E error message on error.
|
|
// [pdwSpecificError] -- HRESULT on error.
|
|
// [phToken] -- Returned token.
|
|
// [pfTokenIsShellToken] -- If TRUE, the token returned is the
|
|
// shell's.
|
|
// [ppwszDesktop] -- Desktop to launch the job on.
|
|
// [phUserProfile] -- user profile token
|
|
//
|
|
// Returns: TRUE -- Logon successful.
|
|
// FALSE -- Logon failure.
|
|
//
|
|
// Notes: DO NOT delete:
|
|
// *pptszDestkop. If non-NULL, it refers to a static string.
|
|
// *phToken if *pfTokenIsShellToken == TRUE. This token
|
|
// cannot be duplicated. You delete it and you've got
|
|
// problems.
|
|
// If *pfTokenIsShellToken, the logon session critical section
|
|
// has been entered! Right after the call to CreateProcessAsUser
|
|
// leave this critical section if this flag value is TRUE.
|
|
//
|
|
//-----------------------------------------------------------------------------
|
|
BOOL
|
|
LogonAccount(LPCWSTR pwszJobFile,
|
|
CJob * pJob,
|
|
DWORD * pdwErrorMsg,
|
|
HRESULT * phrSpecificError,
|
|
// CRun * pRun,
|
|
HANDLE * phToken,
|
|
BOOL * pfTokenIsShellToken,
|
|
LPWSTR * ppwszDesktop,
|
|
HANDLE * phUserProfile)
|
|
{
|
|
JOB_CREDENTIALS jc;
|
|
HANDLE hToken = NULL;
|
|
HRESULT hr;
|
|
WCHAR wszProfilePath[MAX_PATH+1] = L"";
|
|
ULONG cchPath = ARRAY_LEN(wszProfilePath);
|
|
|
|
*pdwErrorMsg = 0;
|
|
*phrSpecificError = S_OK;
|
|
*phToken = NULL;
|
|
*pfTokenIsShellToken = FALSE;
|
|
*ppwszDesktop = NULL;
|
|
*phUserProfile = NULL;
|
|
|
|
if (pJob->IsFlagSet(JOB_I_FLAG_NET_SCHEDULE))
|
|
{
|
|
//
|
|
// Verify the job's signature.
|
|
//
|
|
if (! pJob->VerifySignature())
|
|
{
|
|
*phrSpecificError = HRESULT_FROM_WIN32(ERROR_ACCESS_DENIED);
|
|
*pdwErrorMsg = IDS_FILE_ACCESS_DENIED;
|
|
return(FALSE);
|
|
}
|
|
|
|
*ppwszDesktop = WSZ_INTERACTIVE_DESKTOP;
|
|
|
|
hr = GetNSAccountInformation(&jc);
|
|
|
|
if (SUCCEEDED(hr))
|
|
{
|
|
if (hr == S_OK)
|
|
{
|
|
if (!LogonUser(jc.wszAccount,
|
|
jc.wszDomain,
|
|
jc.wszPassword,
|
|
LOGON32_LOGON_BATCH,
|
|
LOGON32_PROVIDER_DEFAULT,
|
|
&hToken))
|
|
{
|
|
*pdwErrorMsg = IDS_NS_ACCOUNT_LOGON_FAILED;
|
|
*phrSpecificError = HRESULT_FROM_WIN32(GetLastError());
|
|
}
|
|
|
|
//
|
|
// Don't leave the plain-text password on the stack.
|
|
//
|
|
|
|
ZERO_PASSWORD(jc.wszPassword);
|
|
|
|
if (*phrSpecificError)
|
|
{
|
|
return(FALSE);
|
|
}
|
|
|
|
// If the job was scheduled to run in any account other than LocalSystem account
|
|
if ((!jc.fIsPasswordNull) ||(jc.wszAccount[0] != L'\0'))
|
|
{
|
|
// If Fast User Switching is enabled and the task user
|
|
// is logged on in any of the sessions then use the session's
|
|
// user token in place of that obtained above so any UI associated
|
|
// with the job can show up on the user's desktop.
|
|
|
|
// If terminal serveice is running but FUS is disabled, WTSEnumerateSessions
|
|
// will return the only user logged on. If the username and domain name of that
|
|
// user matches with the jc.wszDomain and jc.wszAccount respectively, then
|
|
// GetUserTokenFromSession will return TRUE with the token of that user
|
|
|
|
HANDLE hSessionUserToken = INVALID_HANDLE_VALUE;
|
|
BOOL bUserLoggedOn = GetUserTokenFromSession(jc.wszAccount,jc.wszDomain,&hSessionUserToken);
|
|
|
|
if(bUserLoggedOn)
|
|
{
|
|
schDebugOut((DEB_TRACE, "*** user session found\n"));
|
|
|
|
if (!jc.fIsPasswordNull)
|
|
{
|
|
// pRun->SetProfileHandles(hSessionUserToken, *phUserProfile);
|
|
*ppwszDesktop = WSZ_INTERACTIVE_DESKTOP;
|
|
}
|
|
|
|
hToken = hSessionUserToken;
|
|
}
|
|
}
|
|
|
|
*phToken = hToken;
|
|
*phUserProfile = LoadAccountProfile(hToken,
|
|
jc.wszAccount,
|
|
jc.wszDomain);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
CHECK_HRESULT(hr);
|
|
*pdwErrorMsg = IDS_FAILED_NS_ACCOUNT_RETRIEVAL;
|
|
*phrSpecificError = hr;
|
|
return(FALSE);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
hr = GetAccountInformation(pJob->GetFileName(), &jc);
|
|
|
|
if (FAILED(hr))
|
|
{
|
|
CHECK_HRESULT(hr);
|
|
*pdwErrorMsg = IDS_FAILED_ACCOUNT_RETRIEVAL;
|
|
*phrSpecificError = hr;
|
|
return(FALSE);
|
|
}
|
|
|
|
//
|
|
// If the job was set with a NULL password, we don't need to log it on.
|
|
//
|
|
if (jc.fIsPasswordNull)
|
|
{
|
|
//
|
|
// If the job was scheduled to run in the LocalSystem account
|
|
// (Accountname is the empty string), the NULL password is valid.
|
|
//
|
|
if (jc.wszAccount[0] == L'\0')
|
|
{
|
|
//
|
|
// It's LocalSystem, so we don't need to log on the account.
|
|
// Since the token is zeroed out above, this works
|
|
//
|
|
schDebugOut((DEB_TRACE, "Running %ws as LocalSystem\n",
|
|
pJob->GetFileName()));
|
|
*ppwszDesktop = WSZ_SA_DESKTOP;
|
|
return(TRUE);
|
|
}
|
|
else
|
|
{
|
|
//
|
|
// It's not LocalSystem, so make sure this job has
|
|
// the appropriate flags for a NULL password set
|
|
//
|
|
if (!pJob->IsFlagSet(TASK_FLAG_RUN_ONLY_IF_LOGGED_ON))
|
|
{
|
|
schDebugOut((DEB_ERROR, "%ws is scheduled to run in "
|
|
"a user account with a NULL password, but"
|
|
" lacks TASK_FLAG_RUN_ONLY_IF_LOGGED_ON\n",
|
|
pJob->GetFileName()));
|
|
//
|
|
// Not a completely accurate error message, but since there
|
|
// is no UI for this task option, it's good enough.
|
|
//
|
|
*pdwErrorMsg = IDS_ACCOUNT_LOGON_FAILED;
|
|
*phrSpecificError = SCHED_E_UNSUPPORTED_ACCOUNT_OPTION;
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
//
|
|
// If the name was stored as a UPN, convert it to a SAM name first.
|
|
//
|
|
if (jc.wszDomain[0] == L'\0')
|
|
{
|
|
LPWSTR pwszSamName;
|
|
DWORD dwErr = SchedUPNToAccountName(jc.wszAccount, &pwszSamName);
|
|
if (dwErr != NO_ERROR)
|
|
{
|
|
*pdwErrorMsg = IDS_ACCOUNT_LOGON_FAILED;
|
|
*phrSpecificError = HRESULT_FROM_WIN32(dwErr);
|
|
CHECK_HRESULT(*phrSpecificError);
|
|
}
|
|
else
|
|
{
|
|
WCHAR * pSlash = wcschr(pwszSamName, L'\\');
|
|
schAssert(pSlash);
|
|
*pSlash = L'\0';
|
|
StringCchCopy(jc.wszDomain, MAX_DOMAINNAME + 1, pwszSamName);
|
|
StringCchCopy(jc.wszAccount, MAX_USERNAME + 1, pSlash + 1);
|
|
delete pwszSamName;
|
|
}
|
|
}
|
|
|
|
if (SUCCEEDED(*phrSpecificError))
|
|
{
|
|
if (!LogonUser(jc.wszAccount,
|
|
jc.wszDomain,
|
|
jc.wszPassword,
|
|
LOGON32_LOGON_BATCH,
|
|
LOGON32_PROVIDER_DEFAULT,
|
|
&hToken))
|
|
{
|
|
*pdwErrorMsg = IDS_ACCOUNT_LOGON_FAILED;
|
|
*phrSpecificError = HRESULT_FROM_WIN32(GetLastError());
|
|
}
|
|
}
|
|
}
|
|
|
|
//
|
|
// Don't leave the plain-text password on the stack.
|
|
//
|
|
|
|
ZERO_PASSWORD(jc.wszPassword);
|
|
|
|
if (*phrSpecificError)
|
|
{
|
|
return(FALSE);
|
|
}
|
|
|
|
//
|
|
// Load the user profile associated with the account just logged on.
|
|
// (If the user is already logged on, this will just increment the
|
|
// profile ref count, to be decremented when the job stops.)
|
|
// Don't bother doing this if the job is "run-only-if-logged-on", in
|
|
// which case it's OK to unload the profile when the user logs off.
|
|
//
|
|
|
|
if (!pJob->IsFlagSet(TASK_FLAG_RUN_ONLY_IF_LOGGED_ON))
|
|
{
|
|
*phToken = hToken;
|
|
*phUserProfile = LoadAccountProfile(*phToken,
|
|
jc.wszAccount,
|
|
jc.wszDomain);
|
|
}
|
|
|
|
|
|
// If Fast User Switching is enabled and the task user
|
|
// is logged on in any of the sessions then use the session's
|
|
// user token in place of that obtained above so any UI associated
|
|
// with the job can show up on the user's desktop.
|
|
|
|
// If terminal serveice is running but FUS is disabled, WTSEnumerateSessions
|
|
// will return the only user logged on. If the username and domain name of that
|
|
// user matches with the jc.wszDomain and jc.wszAccount respectively, then
|
|
// GetUserTokenFromSession will return TRUE with the token of that user
|
|
|
|
HANDLE hSessionUserToken = INVALID_HANDLE_VALUE;
|
|
BOOL bUserLoggedOn = GetUserTokenFromSession(jc.wszAccount,jc.wszDomain,&hSessionUserToken);
|
|
|
|
if(bUserLoggedOn)
|
|
{
|
|
schDebugOut((DEB_TRACE, "*** Terminal services running and user session found\n"));
|
|
|
|
if (!jc.fIsPasswordNull)
|
|
{
|
|
*ppwszDesktop = WSZ_INTERACTIVE_DESKTOP;
|
|
}
|
|
|
|
// we're not passing this one out, close it
|
|
if (hToken)
|
|
CloseHandle(hToken);
|
|
|
|
*phToken = hSessionUserToken;
|
|
*pfTokenIsShellToken = FALSE;
|
|
}
|
|
|
|
else
|
|
{
|
|
schDebugOut((DEB_TRACE, "*** user session not found executing old code\n"));
|
|
//
|
|
// Providing a user is logged on locally, is the account logged
|
|
// on above the same as that of the currently logged on user?
|
|
// If so, use the shell's security token in place of that
|
|
// obtained above so any UI associated with the job can
|
|
// show up on the user's desktop.
|
|
//
|
|
// ** Important **
|
|
//
|
|
// Only perform this check if the account logon succeeded
|
|
// above. Otherwise, it would be possible to specify an
|
|
// account name with an invalid password and have the job
|
|
// run anyway.
|
|
//
|
|
|
|
EnterCriticalSection(gUserLogonInfo.CritSection);
|
|
|
|
GetLoggedOnUser();
|
|
|
|
if (gUserLogonInfo.DomainUserName != NULL &&
|
|
_wcsicmp(jc.wszAccount, gUserLogonInfo.UserName) == 0 &&
|
|
_wcsicmp(jc.wszDomain, gUserLogonInfo.DomainName) == 0)
|
|
|
|
{
|
|
if (!jc.fIsPasswordNull)
|
|
{
|
|
*ppwszDesktop = WSZ_INTERACTIVE_DESKTOP;
|
|
}
|
|
|
|
// we're not passing this one out, so close it
|
|
if (hToken)
|
|
CloseHandle(hToken);
|
|
|
|
*phToken = gUserLogonInfo.ShellToken;
|
|
*pfTokenIsShellToken = TRUE;
|
|
}
|
|
else
|
|
{
|
|
LeaveCriticalSection(gUserLogonInfo.CritSection);
|
|
|
|
//
|
|
// Is this "run-only-if-logged-on"?
|
|
//
|
|
if (pJob->IsFlagSet(TASK_FLAG_RUN_ONLY_IF_LOGGED_ON))
|
|
{
|
|
//
|
|
// The job is "run-only-if-logged-on" and the user is
|
|
// not currently logged on, so fail silently
|
|
//
|
|
schDebugOut((DEB_TRACE, "Not running %ws because user is not logged on\n",
|
|
pJob->GetFileName()));
|
|
*pdwErrorMsg = IDS_ACCOUNT_LOGON_FAILED; // not really used
|
|
*phrSpecificError = S_FALSE; // suppress error logging
|
|
if (!jc.fIsPasswordNull)
|
|
{
|
|
CloseHandle(hToken);
|
|
}
|
|
return(FALSE);
|
|
}
|
|
|
|
*phToken = hToken;
|
|
*ppwszDesktop = WSZ_SA_DESKTOP;
|
|
//
|
|
// Load the user profile associated with the account just logged on.
|
|
// (If the user is already logged on, this will just increment the
|
|
// profile ref count, to be decremented when the job stops.)
|
|
// Don't bother doing this if the job is "run-only-if-logged-on", in
|
|
// which case it's OK to unload the profile when the user logs off.
|
|
//
|
|
if (!pJob->IsFlagSet(TASK_FLAG_RUN_ONLY_IF_LOGGED_ON) && (NULL == *phUserProfile))
|
|
{
|
|
*phUserProfile = LoadAccountProfile(*phToken,
|
|
jc.wszAccount,
|
|
jc.wszDomain);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return(TRUE);
|
|
}
|
|
|
|
|
|
//+---------------------------------------------------------------------------
|
|
//
|
|
// Function: LoadAccountProfile
|
|
//
|
|
// Synopsis: Attempt to load the profile for the specified user.
|
|
//
|
|
// Arguments: [hToken] - handle representing user
|
|
// [pwszUser] - user name
|
|
// [pwszDomain] - domain name
|
|
//
|
|
// Returns: Profile handle or NULL.
|
|
//
|
|
// History: 10-04-96 DavidMun Created
|
|
// 07-07-99 AnirudhS Rewrote to use NetUserGetInfo
|
|
//
|
|
// Notes: Returned profile handle must be closed with
|
|
// UnloadUserProfile(hToken, hUserProfile);
|
|
// CODEWORK Delay-load netapi32.dll.
|
|
//
|
|
//----------------------------------------------------------------------------
|
|
|
|
HANDLE
|
|
LoadAccountProfile(
|
|
HANDLE hToken,
|
|
LPCWSTR pwszUser,
|
|
LPCWSTR pwszDomain
|
|
)
|
|
{
|
|
schDebugOut((DEB_TRACE, "Loading profile for '%ws%'\\'%ws'\n",
|
|
pwszDomain, pwszUser));
|
|
|
|
//
|
|
// Determine the server on which to look up the account info
|
|
// Skip this for for local accounts
|
|
// CODEWORK lstrcmpi won't work if pwszDomain is a DNS name.
|
|
//
|
|
PDOMAIN_CONTROLLER_INFO pDcInfo = NULL;
|
|
LPWSTR pwszDC = NULL;
|
|
|
|
if (lstrcmpi(pwszDomain, gpwszComputerName) != 0)
|
|
{
|
|
DWORD err = DsGetDcName(NULL, pwszDomain, NULL, NULL, 0, &pDcInfo);
|
|
if (err == NO_ERROR)
|
|
{
|
|
pwszDC = pDcInfo->DomainControllerName;
|
|
}
|
|
else
|
|
{
|
|
schDebugOut((DEB_ERROR, "DsGetDcName for '%ws' FAILED, %u\n",
|
|
pwszDomain, err));
|
|
|
|
// continue anyway, using NULL as the server
|
|
}
|
|
}
|
|
|
|
//
|
|
// Impersonate the user before calling NetUserGetInfo
|
|
//
|
|
if (!ImpersonateLoggedOnUser(hToken))
|
|
{
|
|
ERR_OUT("ImpersonateLoggedOnUser", GetLastError());
|
|
}
|
|
|
|
//
|
|
// Look up the path to the profile for the account
|
|
//
|
|
LPUSER_INFO_3 pUserInfo = NULL;
|
|
|
|
NET_API_STATUS nerr = NetUserGetInfo(pwszDC, pwszUser, 3,
|
|
(LPBYTE *) &pUserInfo);
|
|
//
|
|
// Stop impersonating
|
|
//
|
|
if (!RevertToSelf())
|
|
{
|
|
ERR_OUT("RevertToSelf", GetLastError());
|
|
}
|
|
|
|
if (nerr != NERR_Success)
|
|
{
|
|
schDebugOut((DEB_ERROR, "NetUserGetInfo on '%ws' for '%ws' FAILED, %u\n",
|
|
pwszDC, pwszUser, nerr));
|
|
NetApiBufferFree(pDcInfo);
|
|
SetLastError(nerr);
|
|
return NULL;
|
|
}
|
|
|
|
NetApiBufferFree(pDcInfo);
|
|
|
|
schDebugOut((DEB_USER3, "Profile path is '%ws'\n", pUserInfo->usri3_profile));
|
|
|
|
//
|
|
// LoadUserProfile changes our USERPROFILE environment variable, so save
|
|
// its value before calling LoadUserProfile
|
|
//
|
|
WCHAR wszOrigUserProfile[MAX_PATH + 1] = L"";
|
|
|
|
GetEnvironmentVariable(USERPROFILE,
|
|
wszOrigUserProfile,
|
|
ARRAY_LEN(wszOrigUserProfile));
|
|
|
|
//
|
|
// Load the profile
|
|
//
|
|
PROFILEINFO ProfileInfo;
|
|
|
|
SecureZeroMemory(&ProfileInfo, sizeof(ProfileInfo));
|
|
ProfileInfo.dwSize = sizeof(ProfileInfo);
|
|
ProfileInfo.dwFlags = PI_NOUI;
|
|
ProfileInfo.lpUserName = (LPWSTR) pwszUser;
|
|
if (pUserInfo != NULL)
|
|
{
|
|
ProfileInfo.lpProfilePath = pUserInfo->usri3_profile;
|
|
}
|
|
|
|
if (!LoadUserProfile(hToken, &ProfileInfo))
|
|
{
|
|
schDebugOut((DEB_ERROR, "LoadUserProfile from '%ws' FAILED, %lu\n",
|
|
ProfileInfo.lpProfilePath, GetLastError()));
|
|
ProfileInfo.hProfile = NULL;
|
|
}
|
|
|
|
NetApiBufferFree(pUserInfo);
|
|
|
|
//
|
|
// Restore environment variables changed by LoadUserProfile
|
|
//
|
|
SetEnvironmentVariable(USERPROFILE, wszOrigUserProfile);
|
|
|
|
return ProfileInfo.hProfile;
|
|
}
|
|
|
|
|
|
//+----------------------------------------------------------------------------
|
|
//
|
|
// Function: AllowInteractiveServices
|
|
//
|
|
// Synopsis: Tests the NoInteractiveServices value in the Microsoft\Windows
|
|
// key. If the value is present and its value is non-zero return
|
|
// FALSE; return TRUE otherwise.
|
|
//
|
|
// Arguments: None.
|
|
//
|
|
// Returns: TRUE -- Allow interactive services.
|
|
// FALSE -- Disallow interactive services.
|
|
//
|
|
// Notes: None.
|
|
//
|
|
//-----------------------------------------------------------------------------
|
|
BOOL
|
|
AllowInteractiveServices(void)
|
|
{
|
|
#define WINDOWS_REGISTRY_PATH L"System\\CurrentControlSet\\Control\\Windows"
|
|
#define NOINTERACTIVESERVICES L"NoInteractiveServices"
|
|
|
|
HKEY hKey;
|
|
DWORD dwNoInteractiveServices, dwSize, dwType;
|
|
|
|
if (RegOpenKeyEx(HKEY_LOCAL_MACHINE,
|
|
WINDOWS_REGISTRY_PATH,
|
|
0L,
|
|
KEY_READ,
|
|
&hKey) == ERROR_SUCCESS)
|
|
{
|
|
dwSize = sizeof(dwNoInteractiveServices);
|
|
|
|
if (RegQueryValueEx(hKey,
|
|
NOINTERACTIVESERVICES,
|
|
NULL,
|
|
&dwType,
|
|
(LPBYTE)&dwNoInteractiveServices,
|
|
&dwSize) == ERROR_SUCCESS)
|
|
{
|
|
if (dwType == REG_DWORD)
|
|
{
|
|
return(dwNoInteractiveServices == 0);
|
|
}
|
|
}
|
|
|
|
RegCloseKey(hKey);
|
|
}
|
|
|
|
//
|
|
// I really hate to have this be the default, but AT does this currently.
|
|
//
|
|
|
|
return(TRUE);
|
|
}
|
|
|
|
//+----------------------------------------------------------------------------
|
|
//
|
|
// Function: InitializeStartupInfo
|
|
//
|
|
// Synopsis: Initialize the STARTUPINFO structure passed. If the job is
|
|
// an AT interactive job, set structure fields accordingly.
|
|
//
|
|
// Arguments: [pJob] -- Job object.
|
|
// [ptszDesktop] -- Desktop name.
|
|
// [psi] -- Structure to initialized.
|
|
//
|
|
// Returns: None.
|
|
//
|
|
// Notes: None.
|
|
//
|
|
//-----------------------------------------------------------------------------
|
|
void
|
|
InitializeStartupInfo(
|
|
CJob * pJob,
|
|
LPTSTR ptszDesktop,
|
|
STARTUPINFO * psi)
|
|
{
|
|
//
|
|
// NT only.
|
|
//
|
|
// Check if the job is to run interactively. Applicable only for AT jobs.
|
|
//
|
|
// If the job is an AT job AND
|
|
// if the interactive flag is set AND
|
|
// if the NoInteractiveServices is not set in the registry THEN
|
|
//
|
|
// initialize the STARTUPINFO struct such that the AT job will run
|
|
// interactively.
|
|
//
|
|
|
|
BOOL fInteractive = pJob->IsFlagSet(JOB_I_FLAG_NET_SCHEDULE) &&
|
|
pJob->IsFlagSet(TASK_FLAG_INTERACTIVE) &&
|
|
AllowInteractiveServices();
|
|
//
|
|
// Emulate the NT4 AT_SVC and log an error to the event log, if the
|
|
// task is supposed to be interactive, but we can't be, due to
|
|
// system settings.
|
|
//
|
|
// Note this query is NOT fInteractive.
|
|
//
|
|
|
|
if (pJob->IsFlagSet(JOB_I_FLAG_NET_SCHEDULE) &&
|
|
pJob->IsFlagSet(TASK_FLAG_INTERACTIVE) &&
|
|
!AllowInteractiveServices())
|
|
{
|
|
LPWSTR StringArray[1];
|
|
HRESULT hr;
|
|
|
|
//
|
|
// EVENT_COMMAND_NOT_INTERACTIVE
|
|
// The %1 command is marked as an interactive command. However, the system is
|
|
// configured to not allow interactive command execution. This command may not
|
|
// function properly.
|
|
//
|
|
|
|
hr = pJob->GetCurFile(&StringArray[0]);
|
|
if (FAILED(hr))
|
|
{
|
|
ERR_OUT("Failed to obtain file name for non-interactive AT job", hr);
|
|
}
|
|
else
|
|
{
|
|
if (! ReportEvent(g_hAtEventSource, // source handle
|
|
EVENTLOG_WARNING_TYPE, // event type
|
|
0, // event category
|
|
EVENT_COMMAND_NOT_INTERACTIVE, // event id
|
|
NULL, // user sid
|
|
1, // number of strings
|
|
0, // data block length
|
|
(LPCWSTR *)StringArray, // string array
|
|
NULL)) // data block
|
|
{
|
|
// Not fatal, but why did we fail?
|
|
ERR_OUT("Failed to report the non-interactive event to the eventlog", GetLastError());
|
|
}
|
|
//
|
|
// Clean up -- Theoretically, we should use IMalloc::Free here, but we are in
|
|
// the same process, and the memory was allocated from CoTaskMemAlloc,
|
|
// so CoTaskMemFree is the appropriate call
|
|
//
|
|
CoTaskMemFree(StringArray[0]);
|
|
}
|
|
}
|
|
|
|
GetStartupInfo(psi);
|
|
|
|
psi->dwFlags |= STARTF_USESHOWWINDOW;
|
|
psi->wShowWindow = SW_SHOWNOACTIVATE;
|
|
|
|
if (pJob->IsFlagSet(JOB_I_FLAG_NET_SCHEDULE))
|
|
{
|
|
if (fInteractive)
|
|
{
|
|
psi->lpDesktop = ptszDesktop;
|
|
psi->dwFlags |= STARTF_DESKTOPINHERIT;
|
|
}
|
|
else
|
|
{
|
|
psi->lpDesktop = WSZ_SA_DESKTOP;
|
|
psi->dwFlags &= ~STARTF_DESKTOPINHERIT;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
psi->lpDesktop = ptszDesktop;
|
|
}
|
|
}
|
|
|
|
|
|
//+----------------------------------------------------------------------------
|
|
//
|
|
// Function: ComposeBatchParam
|
|
//
|
|
// Synopsis: Builds the CreateProcess command line parameter
|
|
//
|
|
// Arguments: [pwszPrefix] -
|
|
// [pwszAppPathName] - The run target task property.
|
|
// [pwszParameters] - The parameters task propery.
|
|
// [ppwszCmdLine] - The command line to return.
|
|
//
|
|
// Returns: S_OK or E_OUTOFMEMORY.
|
|
//
|
|
//-----------------------------------------------------------------------------
|
|
HRESULT
|
|
ComposeBatchParam(
|
|
LPCTSTR pwszPrefix,
|
|
LPCTSTR pwszAppPathName,
|
|
LPCTSTR pwszParameters,
|
|
LPTSTR * ppwszCmdLine)
|
|
{
|
|
ULONG cchCmdLine;
|
|
BOOL fBatchNameHasSpaces = HasSpaces(pwszAppPathName);
|
|
|
|
//
|
|
// Space for the command line is length of prefix "cmd /c " plus batch
|
|
// file name, plus two if the batch file name will be surrounded with
|
|
// spaces, plus length of parameters, if any, plus one for the space
|
|
// preceding the parameters, plus one for the terminating nul.
|
|
//
|
|
|
|
cchCmdLine = lstrlen(pwszPrefix) + 1 +
|
|
lstrlen(pwszAppPathName) +
|
|
(fBatchNameHasSpaces ? 2 : 0) +
|
|
(pwszParameters ? 1 + lstrlen(pwszParameters) : 0);
|
|
|
|
*ppwszCmdLine = new TCHAR[cchCmdLine];
|
|
|
|
if (!*ppwszCmdLine)
|
|
{
|
|
schDebugOut((DEB_ERROR,
|
|
"RunNTJob: Can't allocate %u for cmdline\n",
|
|
cchCmdLine));
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
StringCchCopy(*ppwszCmdLine, cchCmdLine, pwszPrefix);
|
|
|
|
if (fBatchNameHasSpaces)
|
|
{
|
|
StringCchCat(*ppwszCmdLine, cchCmdLine, DQUOTE);
|
|
}
|
|
|
|
StringCchCat(*ppwszCmdLine, cchCmdLine, pwszAppPathName);
|
|
|
|
if (fBatchNameHasSpaces)
|
|
{
|
|
StringCchCat(*ppwszCmdLine, cchCmdLine, DQUOTE);
|
|
}
|
|
|
|
if (pwszParameters)
|
|
{
|
|
StringCchCat(*ppwszCmdLine, cchCmdLine, SPACE);
|
|
StringCchCat(*ppwszCmdLine, cchCmdLine, pwszParameters);
|
|
}
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
//+----------------------------------------------------------------------------
|
|
//
|
|
// Function: ComposeParam
|
|
//
|
|
// Synopsis: Builds the CreateProcess command line parameter
|
|
//
|
|
// Arguments: [fTargetIsExe] - Is pwszRunTarget an exe or a document.
|
|
// [ptszRunTarget] - The run target task property.
|
|
// [ptszParameters] - The parameters task propery.
|
|
// [ptszCmdLine] - The command line to return.
|
|
//
|
|
// Returns: S_OK or E_OUTOFMEMORY.
|
|
//
|
|
//-----------------------------------------------------------------------------
|
|
HRESULT
|
|
ComposeParam(BOOL fTargetIsExe,
|
|
LPTSTR ptszRunTarget,
|
|
LPTSTR ptszParameters,
|
|
LPTSTR * pptszCmdLine)
|
|
{
|
|
LPTSTR ptszCmdLine;
|
|
|
|
//
|
|
// Check for whitespace in the app name.
|
|
//
|
|
|
|
BOOL fAppNameHasSpaces = HasSpaces(ptszRunTarget);
|
|
|
|
//
|
|
// If running a document, check for spaces in the doc path name.
|
|
//
|
|
|
|
BOOL fParamHasSpaces = FALSE;
|
|
|
|
if (!fTargetIsExe && HasSpaces(ptszParameters))
|
|
{
|
|
fParamHasSpaces = TRUE;
|
|
}
|
|
|
|
//
|
|
// Figure the length, adding 1 for the space and 1 for the null,
|
|
// plus 2 for the quotes, if needed.
|
|
//
|
|
|
|
DWORD cch = lstrlen(ptszRunTarget) + lstrlen(ptszParameters) + 2
|
|
+ (fAppNameHasSpaces ? 2 : 0)
|
|
+ (fParamHasSpaces ? 2 : 0);
|
|
|
|
ptszCmdLine = new TCHAR[cch];
|
|
if (!ptszCmdLine)
|
|
{
|
|
LogServiceError(IDS_NON_FATAL_ERROR,
|
|
ERROR_OUTOFMEMORY,
|
|
IDS_HELP_HINT_CLOSE_APPS);
|
|
ERR_OUT("CSchedWorker::RunWin95Job", E_OUTOFMEMORY);
|
|
*pptszCmdLine = NULL;
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
if (fAppNameHasSpaces)
|
|
{
|
|
//
|
|
// Enclose the app name in quotes if it contains whitespace.
|
|
//
|
|
StringCchCopy(ptszCmdLine, cch, DQUOTE);
|
|
StringCchCat(ptszCmdLine, cch, ptszRunTarget);
|
|
StringCchCat(ptszCmdLine, cch, DQUOTE);
|
|
}
|
|
else
|
|
{
|
|
StringCchCopy(ptszCmdLine, cch, ptszRunTarget);
|
|
}
|
|
|
|
StringCchCat(ptszCmdLine, cch, SPACE);
|
|
|
|
if (fParamHasSpaces)
|
|
{
|
|
StringCchCat(ptszCmdLine, cch, DQUOTE);
|
|
}
|
|
|
|
StringCchCat(ptszCmdLine, cch, ptszParameters);
|
|
|
|
if (fParamHasSpaces)
|
|
{
|
|
StringCchCat(ptszCmdLine, cch, DQUOTE);
|
|
}
|
|
|
|
*pptszCmdLine = ptszCmdLine;
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
//+----------------------------------------------------------------------------
|
|
//
|
|
// Function: MapFindExecutableError
|
|
//
|
|
// Synopsis: Converts the poorly designed error codes returned by the
|
|
// FindExecutable API to HRESULTs
|
|
//
|
|
// Arguments: [hRet] - Error return code from FindExecutable
|
|
//
|
|
// Returns: HRESULT (with FACILITY_WIN32) for the same error
|
|
//
|
|
//-----------------------------------------------------------------------------
|
|
HRESULT
|
|
MapFindExecutableError(HINSTANCE hRet)
|
|
{
|
|
schAssert((DWORD_PTR)hRet <= 32);
|
|
|
|
HRESULT hr;
|
|
if (hRet == 0)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_OUTOFMEMORY);
|
|
}
|
|
else if ((DWORD_PTR)hRet == 31)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_NO_ASSOCIATION);
|
|
}
|
|
else
|
|
{
|
|
hr = HRESULT_FROM_WIN32((DWORD_PTR)hRet);
|
|
}
|
|
|
|
return hr;
|
|
}
|
|
|
|
//+----------------------------------------------------------------------------
|
|
//
|
|
// Function: WaitForStubExe
|
|
//
|
|
// Synopsis: Waits for the stub exe to launch the job
|
|
//
|
|
// Arguments: [hProcess] - Handle to the stub exe process
|
|
//
|
|
// Returns: TRUE if stub exe launched job
|
|
// FALSE if stub exe didn't launch job. Last error is set to the
|
|
// exit code from the stub exe.
|
|
//
|
|
//-----------------------------------------------------------------------------
|
|
BOOL
|
|
WaitForStubExe(HANDLE hProcess)
|
|
{
|
|
BOOL fRanJob = FALSE;
|
|
|
|
DWORD dwWait = WaitForSingleObject(hProcess, 90000);
|
|
if (dwWait == WAIT_OBJECT_0)
|
|
{
|
|
DWORD dwExitCode;
|
|
if (!GetExitCodeProcess(hProcess, &dwExitCode))
|
|
{
|
|
ERR_OUT("GetExitCodeProcess", GetLastError());
|
|
}
|
|
else if (dwExitCode == 0)
|
|
{
|
|
fRanJob = TRUE;
|
|
}
|
|
else
|
|
{
|
|
ERR_OUT("Stub exe run", dwExitCode);
|
|
SetLastError(dwExitCode);
|
|
}
|
|
}
|
|
else if (dwWait == WAIT_TIMEOUT)
|
|
{
|
|
schAssert(!"Stub exe didn't exit in 90 sec!");
|
|
SetLastError(ERROR_TIMEOUT);
|
|
}
|
|
// else WAIT_FAILED - last error will be set to failure code
|
|
|
|
return fRanJob;
|
|
}
|
|
|
|
|
|
|
|
//+----------------------------------------------------------------------------
|
|
//
|
|
// Function: GetUserTokenFromSession
|
|
//
|
|
// Synopsis: Enumerates the sessions and returns token of the session in
|
|
// which the given user has logged on
|
|
//
|
|
// Arguments: [IN lpszUsername] - user account name
|
|
// [IN lpszDomain] - domain name
|
|
// [OUT phUserToken] - token to be returned
|
|
//
|
|
// Returns: FALSE if the given user is not found in the enumerated sessions
|
|
// TRUE if the user is found in the the enumerated sessions array
|
|
//
|
|
// This function enumerates the sessions and compared the user name
|
|
// and domainname of the session with the given username and domain
|
|
// name. If such session is found, it checks to see if it is a console
|
|
// session.
|
|
// If it is a console session, the search is terminated and the token
|
|
// given by the session is returned in phUserToken
|
|
// Else the token from first session saved and search is continued
|
|
//
|
|
// At the end of the search if no console session is found then
|
|
// the saved first session token is returned.
|
|
//
|
|
// Else if no session found whatsoever then the function returns FALSE
|
|
//-----------------------------------------------------------------------------
|
|
|
|
BOOL GetUserTokenFromSession(
|
|
LPTSTR lpszUsername, // user name
|
|
LPTSTR lpszDomain, // domain or server
|
|
PHANDLE phUserToken // receive tokens handle
|
|
)
|
|
{
|
|
|
|
PWTS_SESSION_INFO pWTSSessionInfo = NULL;
|
|
DWORD WTSSessionInfoCount = 0;
|
|
|
|
//WTS_CURRENT_SERVER_HANDLE indicates the terminal server
|
|
//on which your application is running
|
|
|
|
BOOL result = WTSEnumerateSessions(
|
|
WTS_CURRENT_SERVER_HANDLE,
|
|
0, //Reserved; must be zero
|
|
1, //version of the enumeration request. Must be 1
|
|
&pWTSSessionInfo,
|
|
&WTSSessionInfoCount);
|
|
|
|
if(!result)
|
|
{
|
|
schDebugOut((DEB_TRACE, "*** WTSEnumerateSessions failed\n"));
|
|
return (FALSE);
|
|
}
|
|
|
|
schDebugOut((DEB_TRACE, "*** WTSEnumerateSessions returned %d sessions\n",WTSSessionInfoCount));
|
|
|
|
LPTSTR pWTSDomainNameBuffer = NULL;
|
|
LPTSTR pWTSUserNameBuffer = NULL;
|
|
|
|
HANDLE hNewToken = INVALID_HANDLE_VALUE;
|
|
HANDLE hFirstToken = INVALID_HANDLE_VALUE;
|
|
HANDLE hConsoleToken = INVALID_HANDLE_VALUE;
|
|
|
|
// Get the session id of the session attached to the console. If there is
|
|
// no session attached to console then this return 0xFFFFFFFF
|
|
DWORD ConsoleSessionID = WTSGetActiveConsoleSessionId ();
|
|
|
|
BOOL bSuccess = FALSE;
|
|
|
|
//Check each session to see if the user name and the domain name matches with the
|
|
//ones that are passed to this function
|
|
for (DWORD i = 0; i < WTSSessionInfoCount; i++)
|
|
{
|
|
WTS_INFO_CLASS WTSInfoClass;
|
|
pWTSDomainNameBuffer = NULL;
|
|
pWTSUserNameBuffer = NULL;
|
|
DWORD BytesReturned = 0;
|
|
|
|
BOOL bDomainNameResult = WTSQuerySessionInformation(
|
|
WTS_CURRENT_SERVER_HANDLE,
|
|
pWTSSessionInfo[i].SessionId,
|
|
WTSDomainName, //the type of information to retrieve
|
|
&pWTSDomainNameBuffer,
|
|
&BytesReturned
|
|
);
|
|
|
|
BOOL bUserNameResult = WTSQuerySessionInformation(
|
|
WTS_CURRENT_SERVER_HANDLE,
|
|
pWTSSessionInfo[i].SessionId,
|
|
WTSUserName, //the type of information to retrieve
|
|
&pWTSUserNameBuffer,
|
|
&BytesReturned
|
|
);
|
|
|
|
if (bDomainNameResult && bUserNameResult)
|
|
{
|
|
|
|
schDebugOut((DEB_TRACE, "*** \n Comparing %s with %s and %s with %s",
|
|
lpszUsername,pWTSUserNameBuffer,
|
|
lpszDomain, pWTSDomainNameBuffer));
|
|
|
|
if (_wcsicmp(lpszUsername, pWTSUserNameBuffer) == 0 &&
|
|
_wcsicmp(lpszDomain, pWTSDomainNameBuffer) == 0)
|
|
{
|
|
// Call WTSQueryUserToken to retrieve a handle to the user access
|
|
// token for this session. Token returned by WTSQueryUserToken is
|
|
// a primary token and can be passed to CreateProcessAsUser
|
|
|
|
BOOL fRet = WTSQueryUserToken(pWTSSessionInfo[i].SessionId, &hNewToken);
|
|
|
|
if(fRet)
|
|
{
|
|
// Check to see if it is a console session
|
|
|
|
if(pWTSSessionInfo[i].SessionId == ConsoleSessionID)
|
|
{
|
|
schDebugOut((DEB_TRACE, "*** Console session found\n"));
|
|
// We have have found the user session that is attached to console
|
|
// No need to search the remaining So we can break from here
|
|
hConsoleToken = hNewToken;
|
|
|
|
WTSFreeMemory(pWTSUserNameBuffer);
|
|
WTSFreeMemory(pWTSDomainNameBuffer);
|
|
|
|
bSuccess = TRUE;
|
|
break;
|
|
}
|
|
|
|
// Else if this is the first token that matches then save it in hFirstToken
|
|
// and proceed to search for console session that matches with the user
|
|
// If such session is not found then we will use this token
|
|
else if (!bSuccess)
|
|
{
|
|
schDebugOut((DEB_TRACE, "*** First session found\n"));
|
|
|
|
hFirstToken = hNewToken;
|
|
bSuccess = TRUE;
|
|
}
|
|
|
|
else
|
|
{
|
|
if (hNewToken != INVALID_HANDLE_VALUE)
|
|
{
|
|
CloseHandle(hNewToken);
|
|
hNewToken = INVALID_HANDLE_VALUE;
|
|
}
|
|
}
|
|
|
|
// else keep seaching as we may get console session id in the remaining
|
|
// list
|
|
}
|
|
}
|
|
}
|
|
|
|
// pWTSUserNameBuffer may be non-null if bUserNameResult is false
|
|
if (pWTSUserNameBuffer)
|
|
{
|
|
WTSFreeMemory(pWTSUserNameBuffer);
|
|
}
|
|
|
|
// pWTSDomainNameBuffer may be non-null if bDomainNameResult is false
|
|
if (pWTSDomainNameBuffer)
|
|
{
|
|
WTSFreeMemory(pWTSDomainNameBuffer);
|
|
}
|
|
}
|
|
|
|
WTSFreeMemory(pWTSSessionInfo);
|
|
|
|
if(bSuccess)
|
|
{
|
|
// We may have either one or both open tokens.
|
|
// If we get hConsoleToken then we return hConsoleToken
|
|
// In that case if hFirstToken is open then we close hFirstToken
|
|
// If we dont get hConsoleToken then we return hFirstToken
|
|
if(hConsoleToken != INVALID_HANDLE_VALUE)
|
|
{
|
|
if(hFirstToken != INVALID_HANDLE_VALUE)
|
|
{
|
|
CloseHandle(hFirstToken);
|
|
}
|
|
|
|
*phUserToken = hConsoleToken;
|
|
|
|
schDebugOut((DEB_TRACE, "*** Returning TRUE with Console Session Token\n"));
|
|
}
|
|
else
|
|
{
|
|
*phUserToken = hFirstToken;
|
|
|
|
schDebugOut((DEB_TRACE, "*** Returning TRUE with First Session Token\n"));
|
|
}
|
|
}
|
|
|
|
else
|
|
{
|
|
schDebugOut((DEB_TRACE, "*** Returning FALSE\n"));
|
|
}
|
|
|
|
return (bSuccess);
|
|
}
|
|
|
|
|
|
|