[ros-diffs] [ekohl] 59115: [SAMSRV] - Create the None (aka Users) group upon setup. - Add all users as members of the Users group. - Add the Guest user as a member of the Guests alias.

Author: ekohl Date: Thu May 30 10:50:52 2013 New Revision: 59115 URL: http://svn.reactos.org/svn/reactos?rev=59115&view=rev Log: [SAMSRV] - Create the None (aka Users) group upon setup. - Add all users as members of the Users group. - Add the Guest user as a member of the Guests alias. Modified: trunk/reactos/dll/win32/samsrv/lang/de-DE.rc trunk/reactos/dll/win32/samsrv/lang/en-US.rc trunk/reactos/dll/win32/samsrv/lang/pl-PL.rc trunk/reactos/dll/win32/samsrv/resources.h trunk/reactos/dll/win32/samsrv/setup.c Modified: trunk/reactos/dll/win32/samsrv/lang/de-DE.rc URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/lang/de-D… ============================================================================== --- trunk/reactos/dll/win32/samsrv/lang/de-DE.rc [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/lang/de-DE.rc [iso-8859-1] Thu May 30 10:50:52 2013 @@ -3,6 +3,9 @@ STRINGTABLE BEGIN IDS_DOMAIN_BUILTIN_NAME "Builtin" + + IDS_GROUP_NONE_NAME "Kein" + IDS_GROUP_NONE_COMMENT "Gewöhnliche Benutzer" IDS_ALIAS_ADMINISTRATORS_NAME "Administratoren" IDS_ALIAS_ADMINISTRATORS_COMMENT "Administratoren haben unbeschränkten Zugriff auf den Computer oder die Domäne." Modified: trunk/reactos/dll/win32/samsrv/lang/en-US.rc URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/lang/en-U… ============================================================================== --- trunk/reactos/dll/win32/samsrv/lang/en-US.rc [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/lang/en-US.rc [iso-8859-1] Thu May 30 10:50:52 2013 @@ -3,6 +3,9 @@ STRINGTABLE BEGIN IDS_DOMAIN_BUILTIN_NAME "Builtin" + + IDS_GROUP_NONE_NAME "None" + IDS_GROUP_NONE_COMMENT "Ordinary Users" IDS_ALIAS_ADMINISTRATORS_NAME "Administrators" IDS_ALIAS_ADMINISTRATORS_COMMENT "Administrators have unrestricted access to the computer or domain." Modified: trunk/reactos/dll/win32/samsrv/lang/pl-PL.rc URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/lang/pl-P… ============================================================================== --- trunk/reactos/dll/win32/samsrv/lang/pl-PL.rc [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/lang/pl-PL.rc [iso-8859-1] Thu May 30 10:50:52 2013 @@ -3,6 +3,9 @@ STRINGTABLE BEGIN IDS_DOMAIN_BUILTIN_NAME "Wbudowane" + + IDS_GROUP_NONE_NAME "None" + IDS_GROUP_NONE_COMMENT "Ordinary Users" IDS_ALIAS_ADMINISTRATORS_NAME "Administratorzy" IDS_ALIAS_ADMINISTRATORS_COMMENT "Administratorzy mają nieograniczony dostęp w obrębie komputera lub domeny." Modified: trunk/reactos/dll/win32/samsrv/resources.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/resources… ============================================================================== --- trunk/reactos/dll/win32/samsrv/resources.h [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/resources.h [iso-8859-1] Thu May 30 10:50:52 2013 @@ -10,18 +10,21 @@ #define IDS_DOMAIN_BUILTIN_NAME 100 -#define IDS_ALIAS_ADMINISTRATORS_NAME 110 -#define IDS_ALIAS_ADMINISTRATORS_COMMENT 111 -#define IDS_ALIAS_GUESTS_NAME 112 -#define IDS_ALIAS_GUESTS_COMMENT 113 -#define IDS_ALIAS_POWER_USERS_NAME 114 -#define IDS_ALIAS_POWER_USERS_COMMENT 115 -#define IDS_ALIAS_USERS_NAME 116 -#define IDS_ALIAS_USERS_COMMENT 117 +#define IDS_GROUP_NONE_NAME 110 +#define IDS_GROUP_NONE_COMMENT 111 -#define IDS_USER_ADMINISTRATOR_NAME 120 -#define IDS_USER_ADMINISTRATOR_COMMENT 121 -#define IDS_USER_GUEST_NAME 122 -#define IDS_USER_GUEST_COMMENT 123 +#define IDS_ALIAS_ADMINISTRATORS_NAME 120 +#define IDS_ALIAS_ADMINISTRATORS_COMMENT 121 +#define IDS_ALIAS_GUESTS_NAME 122 +#define IDS_ALIAS_GUESTS_COMMENT 123 +#define IDS_ALIAS_POWER_USERS_NAME 124 +#define IDS_ALIAS_POWER_USERS_COMMENT 125 +#define IDS_ALIAS_USERS_NAME 126 +#define IDS_ALIAS_USERS_COMMENT 127 + +#define IDS_USER_ADMINISTRATOR_NAME 140 +#define IDS_USER_ADMINISTRATOR_COMMENT 141 +#define IDS_USER_GUEST_NAME 142 +#define IDS_USER_GUEST_COMMENT 143 /* EOF */ Modified: trunk/reactos/dll/win32/samsrv/setup.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/setup.c?r… ============================================================================== --- trunk/reactos/dll/win32/samsrv/setup.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/setup.c [iso-8859-1] Thu May 30 10:50:52 2013 @@ -148,16 +148,166 @@ } -#if 0 -static BOOL -SampSetupCreateGroupAccount(HKEY hDomainKey, +static +NTSTATUS +SampSetupAddMemberToGroup(IN HANDLE hDomainKey, + IN ULONG GroupId, + IN ULONG MemberId) +{ + WCHAR szKeyName[256]; + HANDLE hGroupKey = NULL; + PULONG MembersBuffer = NULL; + ULONG MembersCount = 0; + ULONG Length = 0; + ULONG i; + NTSTATUS Status; + + swprintf(szKeyName, L"Groups\\%08lX", GroupId); + + Status = SampRegOpenKey(hDomainKey, + szKeyName, + KEY_ALL_ACCESS, + &hGroupKey); + if (!NT_SUCCESS(Status)) + return Status; + + Status = SampRegQueryValue(hGroupKey, + L"Members", + NULL, + NULL, + &Length); + if (!NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND) + goto done; + + MembersBuffer = midl_user_allocate(Length + sizeof(ULONG)); + if (MembersBuffer == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + if (Status != STATUS_OBJECT_NAME_NOT_FOUND) + { + Status = SampRegQueryValue(hGroupKey, + L"Members", + NULL, + MembersBuffer, + &Length); + if (!NT_SUCCESS(Status)) + goto done; + + MembersCount = Length / sizeof(ULONG); + } + + for (i = 0; i < MembersCount; i++) + { + if (MembersBuffer[i] == MemberId) + { + Status = STATUS_MEMBER_IN_GROUP; + goto done; + } + } + + MembersBuffer[MembersCount] = MemberId; + Length += sizeof(ULONG); + + Status = SampRegSetValue(hGroupKey, + L"Members", + REG_BINARY, + MembersBuffer, + Length); + +done: + if (MembersBuffer != NULL) + midl_user_free(MembersBuffer); + + if (hGroupKey != NULL) + SampRegCloseKey(hGroupKey); + + return Status; +} + + +static +NTSTATUS +SampSetupCreateGroupAccount(HANDLE hDomainKey, LPCWSTR lpAccountName, + LPCWSTR lpComment, ULONG ulRelativeId) { - - return FALSE; + SAM_GROUP_FIXED_DATA FixedGroupData; + WCHAR szAccountKeyName[32]; + HANDLE hAccountKey = NULL; + HANDLE hNamesKey = NULL; + NTSTATUS Status; + + /* Initialize fixed group data */ + FixedGroupData.Version = 1; + FixedGroupData.Reserved = 0; + FixedGroupData.GroupId = ulRelativeId; + FixedGroupData.Attributes = 0; + + swprintf(szAccountKeyName, L"Groups\\%08lX", ulRelativeId); + + Status = SampRegCreateKey(hDomainKey, + szAccountKeyName, + KEY_ALL_ACCESS, + &hAccountKey); + if (!NT_SUCCESS(Status)) + return Status; + + Status = SampRegSetValue(hAccountKey, + L"F", + REG_BINARY, + (LPVOID)&FixedGroupData, + sizeof(SAM_GROUP_FIXED_DATA)); + if (!NT_SUCCESS(Status)) + goto done; + + Status = SampRegSetValue(hAccountKey, + L"Name", + REG_SZ, + (LPVOID)lpAccountName, + (wcslen(lpAccountName) + 1) * sizeof(WCHAR)); + if (!NT_SUCCESS(Status)) + goto done; + + Status = SampRegSetValue(hAccountKey, + L"AdminComment", + REG_SZ, + (LPVOID)lpComment, + (wcslen(lpComment) + 1) * sizeof(WCHAR)); + if (!NT_SUCCESS(Status)) + goto done; + + Status = SampRegOpenKey(hDomainKey, + L"Groups\\Names", + KEY_ALL_ACCESS, + &hNamesKey); + if (!NT_SUCCESS(Status)) + goto done; + + Status = SampRegSetValue(hNamesKey, + lpAccountName, + REG_DWORD, + (LPVOID)&ulRelativeId, + sizeof(ULONG)); + +done: + if (hNamesKey != NULL) + SampRegCloseKey(hNamesKey); + + if (hAccountKey != NULL) + { + SampRegCloseKey(hAccountKey); + + if (!NT_SUCCESS(Status)) + SampRegDeleteKey(hDomainKey, + szAccountKeyName); + } + + return Status; } -#endif static BOOL @@ -684,7 +834,7 @@ szComment, DOMAIN_ALIAS_RID_POWER_USERS); - + /* Add the Administrator user to the Administrators alias */ pSid = AppendRidToSid(AccountDomainInfo->DomainSid, DOMAIN_USER_RID_ADMIN); if (pSid != NULL) @@ -696,6 +846,17 @@ RtlFreeHeap(RtlGetProcessHeap(), 0, pSid); } + /* Add the Guest user to the Guests alias */ + pSid = AppendRidToSid(AccountDomainInfo->DomainSid, + DOMAIN_USER_RID_GUEST); + if (pSid != NULL) + { + SampSetupAddMemberToAlias(hDomainKey, + DOMAIN_ALIAS_RID_GUESTS, + pSid); + + RtlFreeHeap(RtlGetProcessHeap(), 0, pSid); + } RegCloseKey(hDomainKey); } @@ -707,6 +868,14 @@ AccountDomainInfo->DomainSid, &hDomainKey)) { + SampLoadString(hInstance, IDS_GROUP_NONE_NAME, szName, 80); + SampLoadString(hInstance, IDS_GROUP_NONE_COMMENT, szComment, 256); + + SampSetupCreateGroupAccount(hDomainKey, + szName, + szComment, + DOMAIN_GROUP_RID_USERS); + SampLoadString(hInstance, IDS_USER_ADMINISTRATOR_NAME, szName, 80); SampLoadString(hInstance, IDS_USER_ADMINISTRATOR_COMMENT, szComment, 256); @@ -716,6 +885,10 @@ DOMAIN_USER_RID_ADMIN, USER_DONT_EXPIRE_PASSWORD | USER_NORMAL_ACCOUNT); + SampSetupAddMemberToGroup(hDomainKey, + DOMAIN_GROUP_RID_USERS, + DOMAIN_USER_RID_ADMIN); + SampLoadString(hInstance, IDS_USER_GUEST_NAME, szName, 80); SampLoadString(hInstance, IDS_USER_GUEST_COMMENT, szComment, 256); @@ -725,6 +898,10 @@ DOMAIN_USER_RID_GUEST, USER_ACCOUNT_DISABLED | USER_DONT_EXPIRE_PASSWORD | USER_NORMAL_ACCOUNT); + SampSetupAddMemberToGroup(hDomainKey, + DOMAIN_GROUP_RID_USERS, + DOMAIN_USER_RID_GUEST); + RegCloseKey(hDomainKey); }