[ekohl] 56917: [SAMSRV] Check if the name of a new account (alias, group or user) is used before the account is created. This check is needed because account names must be unique.
20 Jul
2012
20 Jul
'12
8:42 p.m.
Author: ekohl
Date: Fri Jul 20 20:42:53 2012
New Revision: 56917
URL: http://svn.reactos.org/svn/reactos?rev=56917&view=rev
Log:
[SAMSRV]
Check if the name of a new account (alias, group or user) is used before the account is
created. This check is needed because account names must be unique.
Modified:
trunk/reactos/dll/win32/samsrv/database.c
trunk/reactos/dll/win32/samsrv/samrpc.c
trunk/reactos/dll/win32/samsrv/samsrv.h
Modified: trunk/reactos/dll/win32/samsrv/database.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/database.…
==============================================================================
--- trunk/reactos/dll/win32/samsrv/database.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/samsrv/database.c [iso-8859-1] Fri Jul 20 20:42:53 2012
@@ -629,6 +629,121 @@
NTSTATUS
+SampCheckAccountNameInDomain(IN PSAM_DB_OBJECT DomainObject,
+ IN LPWSTR lpAccountName)
+{
+ HANDLE AccountKey;
+ HANDLE NamesKey;
+ NTSTATUS Status;
+
+ TRACE("SampCheckNameInDomain()\n");
+
+ Status = SampRegOpenKey(DomainObject->KeyHandle,
+ L"Aliases",
+ KEY_READ,
+ &AccountKey);
+ if (NT_SUCCESS(Status))
+ {
+ Status = SampRegOpenKey(AccountKey,
+ L"Names",
+ KEY_READ,
+ &NamesKey);
+ if (NT_SUCCESS(Status))
+ {
+ Status = SampRegQueryValue(NamesKey,
+ lpAccountName,
+ NULL,
+ NULL,
+ NULL);
+ if (Status == STATUS_SUCCESS)
+ Status = STATUS_ALIAS_EXISTS;
+ else if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
+ Status = STATUS_SUCCESS;
+
+ SampRegCloseKey(NamesKey);
+ }
+
+ SampRegCloseKey(AccountKey);
+ }
+
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("Checking for alias account failed (Status 0x%08lx)\n", Status);
+ return Status;
+ }
+
+ Status = SampRegOpenKey(DomainObject->KeyHandle,
+ L"Groups",
+ KEY_READ,
+ &AccountKey);
+ if (NT_SUCCESS(Status))
+ {
+ Status = SampRegOpenKey(AccountKey,
+ L"Names",
+ KEY_READ,
+ &NamesKey);
+ if (NT_SUCCESS(Status))
+ {
+ Status = SampRegQueryValue(NamesKey,
+ lpAccountName,
+ NULL,
+ NULL,
+ NULL);
+ if (Status == STATUS_SUCCESS)
+ Status = STATUS_ALIAS_EXISTS;
+ else if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
+ Status = STATUS_SUCCESS;
+
+ SampRegCloseKey(NamesKey);
+ }
+
+ SampRegCloseKey(AccountKey);
+ }
+
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("Checking for group account failed (Status 0x%08lx)\n", Status);
+ return Status;
+ }
+
+ Status = SampRegOpenKey(DomainObject->KeyHandle,
+ L"Users",
+ KEY_READ,
+ &AccountKey);
+ if (NT_SUCCESS(Status))
+ {
+ Status = SampRegOpenKey(AccountKey,
+ L"Names",
+ KEY_READ,
+ &NamesKey);
+ if (NT_SUCCESS(Status))
+ {
+ Status = SampRegQueryValue(NamesKey,
+ lpAccountName,
+ NULL,
+ NULL,
+ NULL);
+ if (Status == STATUS_SUCCESS)
+ Status = STATUS_ALIAS_EXISTS;
+ else if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
+ Status = STATUS_SUCCESS;
+
+ SampRegCloseKey(NamesKey);
+ }
+
+ SampRegCloseKey(AccountKey);
+ }
+
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("Checking for user account failed (Status 0x%08lx)\n", Status);
+ }
+
+ return Status;
+}
+
+
+NTSTATUS
SampSetObjectAttribute(PSAM_DB_OBJECT DbObject,
LPWSTR AttributeName,
ULONG AttributeType,
Modified: trunk/reactos/dll/win32/samsrv/samrpc.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samrpc.c?…
==============================================================================
--- trunk/reactos/dll/win32/samsrv/samrpc.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/samsrv/samrpc.c [iso-8859-1] Fri Jul 20 20:42:53 2012
@@ -1565,6 +1565,16 @@
return Status;
}
+ /* Check if the group name already exists in the domain */
+ Status = SampCheckAccountNameInDomain(DomainObject,
+ Name->Buffer);
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("Group name \'%S\' already exists in domain (Status
0x%08lx)\n",
+ Name->Buffer, Status);
+ return Status;
+ }
+
/* Get the fixed domain attributes */
ulSize = sizeof(SAM_DOMAIN_FIXED_DATA);
Status = SampGetObjectAttribute(DomainObject,
@@ -1598,8 +1608,6 @@
/* Convert the RID into a string (hex) */
swprintf(szRid, L"%08lX", ulRid);
-
- /* FIXME: Check whether the group name is already in use */
/* Create the group object */
Status = SampCreateDbObject(DomainObject,
@@ -1710,7 +1718,6 @@
ULONG ulSize;
ULONG ulRid;
WCHAR szRid[9];
- BOOL bAliasExists = FALSE;
NTSTATUS Status;
TRACE("SamrCreateUserInDomain(%p %p %lx %p %p)\n",
@@ -1724,6 +1731,16 @@
if (!NT_SUCCESS(Status))
{
TRACE("failed with status 0x%08lx\n", Status);
+ return Status;
+ }
+
+ /* Check if the user name already exists in the domain */
+ Status = SampCheckAccountNameInDomain(DomainObject,
+ Name->Buffer);
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("User name \'%S\' already exists in domain (Status
0x%08lx)\n",
+ Name->Buffer, Status);
return Status;
}
@@ -1761,23 +1778,6 @@
/* Convert the RID into a string (hex) */
swprintf(szRid, L"%08lX", ulRid);
- /* Check whether the user name is already in use */
- Status = SampCheckDbObjectNameAlias(DomainObject,
- L"Users",
- Name->Buffer,
- &bAliasExists);
- if (!NT_SUCCESS(Status))
- {
- TRACE("failed with status 0x%08lx\n", Status);
- return Status;
- }
-
- if (bAliasExists)
- {
- TRACE("The user account %S already exists!\n", Name->Buffer);
- return STATUS_USER_EXISTS;
- }
-
/* Create the user object */
Status = SampCreateDbObject(DomainObject,
L"Users",
@@ -1807,6 +1807,10 @@
FixedUserData.Version = 1;
FixedUserData.UserId = ulRid;
+ FixedUserData.PrimaryGroupId = DOMAIN_GROUP_RID_USERS;
+// FixedUserData.UserAccountControl = USER_ACCOUNT_DISABLED |
+// USER_PASSWORD_NOT_REQUIRED ||
+// USER_NORMAL_ACCOUNT;
/* Set fixed user data attribute */
Status = SampSetObjectAttribute(UserObject,
@@ -1973,7 +1977,6 @@
ULONG ulSize;
ULONG ulRid;
WCHAR szRid[9];
- BOOL bAliasExists = FALSE;
NTSTATUS Status;
TRACE("SamrCreateAliasInDomain(%p %p %lx %p %p)\n",
@@ -1987,6 +1990,16 @@
if (!NT_SUCCESS(Status))
{
TRACE("failed with status 0x%08lx\n", Status);
+ return Status;
+ }
+
+ /* Check if the alias name already exists in the domain */
+ Status = SampCheckAccountNameInDomain(DomainObject,
+ AccountName->Buffer);
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("Alias name \'%S\' already exists in domain (Status
0x%08lx)\n",
+ AccountName->Buffer, Status);
return Status;
}
@@ -2023,23 +2036,6 @@
/* Convert the RID into a string (hex) */
swprintf(szRid, L"%08lX", ulRid);
-
- /* Check whether the user name is already in use */
- Status = SampCheckDbObjectNameAlias(DomainObject,
- L"Aliases",
- AccountName->Buffer,
- &bAliasExists);
- if (!NT_SUCCESS(Status))
- {
- TRACE("failed with status 0x%08lx\n", Status);
- return Status;
- }
-
- if (bAliasExists)
- {
- TRACE("The alias account %S already exists!\n",
AccountName->Buffer);
- return STATUS_ALIAS_EXISTS;
- }
/* Create the alias object */
Status = SampCreateDbObject(DomainObject,
Modified: trunk/reactos/dll/win32/samsrv/samsrv.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samsrv.h?…
==============================================================================
--- trunk/reactos/dll/win32/samsrv/samsrv.h [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/samsrv/samsrv.h [iso-8859-1] Fri Jul 20 20:42:53 2012
@@ -151,6 +151,10 @@
OUT PBOOL bAliasExists);
NTSTATUS
+SampCheckAccountNameInDomain(IN PSAM_DB_OBJECT DomainObject,
+ IN LPWSTR lpAccountName);
+
+NTSTATUS
SampSetObjectAttribute(PSAM_DB_OBJECT DbObject,
LPWSTR AttributeName,
ULONG AttributeType,
4445
days inactive
4445
days old
0 comments
1 participants
participants (1)
-
ekohl@svn.reactos.org