From c6a7c2e40c8100514e0d49f7464f47d2371f96b3 Mon Sep 17 00:00:00 2001 From: Eric Kohl Date: Thu, 30 May 2013 10:50:52 +0000 Subject: [PATCH] [SAMSRV] - Create the None (aka Users) group upon setup. - Add all users as members of the Users group. - Add the Guest user as a member of the Guests alias. svn path=/trunk/; revision=59115 --- reactos/dll/win32/samsrv/lang/de-DE.rc | 3 + reactos/dll/win32/samsrv/lang/en-US.rc | 3 + reactos/dll/win32/samsrv/lang/pl-PL.rc | 3 + reactos/dll/win32/samsrv/resources.h | 27 ++-- reactos/dll/win32/samsrv/setup.c | 189 ++++++++++++++++++++++++- 5 files changed, 207 insertions(+), 18 deletions(-) diff --git a/reactos/dll/win32/samsrv/lang/de-DE.rc b/reactos/dll/win32/samsrv/lang/de-DE.rc index f88c273a930..3b060481332 100644 --- a/reactos/dll/win32/samsrv/lang/de-DE.rc +++ b/reactos/dll/win32/samsrv/lang/de-DE.rc @@ -4,6 +4,9 @@ STRINGTABLE BEGIN IDS_DOMAIN_BUILTIN_NAME "Builtin" + IDS_GROUP_NONE_NAME "Kein" + IDS_GROUP_NONE_COMMENT "Gewöhnliche Benutzer" + IDS_ALIAS_ADMINISTRATORS_NAME "Administratoren" IDS_ALIAS_ADMINISTRATORS_COMMENT "Administratoren haben unbeschränkten Zugriff auf den Computer oder die Domäne." diff --git a/reactos/dll/win32/samsrv/lang/en-US.rc b/reactos/dll/win32/samsrv/lang/en-US.rc index 8728978a63b..0d482238cc9 100644 --- a/reactos/dll/win32/samsrv/lang/en-US.rc +++ b/reactos/dll/win32/samsrv/lang/en-US.rc @@ -4,6 +4,9 @@ STRINGTABLE BEGIN IDS_DOMAIN_BUILTIN_NAME "Builtin" + IDS_GROUP_NONE_NAME "None" + IDS_GROUP_NONE_COMMENT "Ordinary Users" + IDS_ALIAS_ADMINISTRATORS_NAME "Administrators" IDS_ALIAS_ADMINISTRATORS_COMMENT "Administrators have unrestricted access to the computer or domain." diff --git a/reactos/dll/win32/samsrv/lang/pl-PL.rc b/reactos/dll/win32/samsrv/lang/pl-PL.rc index 454ac0e8a8f..02413d80505 100644 --- a/reactos/dll/win32/samsrv/lang/pl-PL.rc +++ b/reactos/dll/win32/samsrv/lang/pl-PL.rc @@ -4,6 +4,9 @@ STRINGTABLE BEGIN IDS_DOMAIN_BUILTIN_NAME "Wbudowane" + IDS_GROUP_NONE_NAME "None" + IDS_GROUP_NONE_COMMENT "Ordinary Users" + IDS_ALIAS_ADMINISTRATORS_NAME "Administratorzy" IDS_ALIAS_ADMINISTRATORS_COMMENT "Administratorzy mają nieograniczony dostęp w obrębie komputera lub domeny." diff --git a/reactos/dll/win32/samsrv/resources.h b/reactos/dll/win32/samsrv/resources.h index aa08e49a470..bc4bc447ef6 100644 --- a/reactos/dll/win32/samsrv/resources.h +++ b/reactos/dll/win32/samsrv/resources.h @@ -10,18 +10,21 @@ #define IDS_DOMAIN_BUILTIN_NAME 100 -#define IDS_ALIAS_ADMINISTRATORS_NAME 110 -#define IDS_ALIAS_ADMINISTRATORS_COMMENT 111 -#define IDS_ALIAS_GUESTS_NAME 112 -#define IDS_ALIAS_GUESTS_COMMENT 113 -#define IDS_ALIAS_POWER_USERS_NAME 114 -#define IDS_ALIAS_POWER_USERS_COMMENT 115 -#define IDS_ALIAS_USERS_NAME 116 -#define IDS_ALIAS_USERS_COMMENT 117 +#define IDS_GROUP_NONE_NAME 110 +#define IDS_GROUP_NONE_COMMENT 111 -#define IDS_USER_ADMINISTRATOR_NAME 120 -#define IDS_USER_ADMINISTRATOR_COMMENT 121 -#define IDS_USER_GUEST_NAME 122 -#define IDS_USER_GUEST_COMMENT 123 +#define IDS_ALIAS_ADMINISTRATORS_NAME 120 +#define IDS_ALIAS_ADMINISTRATORS_COMMENT 121 +#define IDS_ALIAS_GUESTS_NAME 122 +#define IDS_ALIAS_GUESTS_COMMENT 123 +#define IDS_ALIAS_POWER_USERS_NAME 124 +#define IDS_ALIAS_POWER_USERS_COMMENT 125 +#define IDS_ALIAS_USERS_NAME 126 +#define IDS_ALIAS_USERS_COMMENT 127 + +#define IDS_USER_ADMINISTRATOR_NAME 140 +#define IDS_USER_ADMINISTRATOR_COMMENT 141 +#define IDS_USER_GUEST_NAME 142 +#define IDS_USER_GUEST_COMMENT 143 /* EOF */ diff --git a/reactos/dll/win32/samsrv/setup.c b/reactos/dll/win32/samsrv/setup.c index 1000e830609..200a81b1004 100644 --- a/reactos/dll/win32/samsrv/setup.c +++ b/reactos/dll/win32/samsrv/setup.c @@ -148,16 +148,166 @@ SampSetupCreateAliasAccount(HKEY hDomainKey, } -#if 0 -static BOOL -SampSetupCreateGroupAccount(HKEY hDomainKey, +static +NTSTATUS +SampSetupAddMemberToGroup(IN HANDLE hDomainKey, + IN ULONG GroupId, + IN ULONG MemberId) +{ + WCHAR szKeyName[256]; + HANDLE hGroupKey = NULL; + PULONG MembersBuffer = NULL; + ULONG MembersCount = 0; + ULONG Length = 0; + ULONG i; + NTSTATUS Status; + + swprintf(szKeyName, L"Groups\\%08lX", GroupId); + + Status = SampRegOpenKey(hDomainKey, + szKeyName, + KEY_ALL_ACCESS, + &hGroupKey); + if (!NT_SUCCESS(Status)) + return Status; + + Status = SampRegQueryValue(hGroupKey, + L"Members", + NULL, + NULL, + &Length); + if (!NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND) + goto done; + + MembersBuffer = midl_user_allocate(Length + sizeof(ULONG)); + if (MembersBuffer == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + if (Status != STATUS_OBJECT_NAME_NOT_FOUND) + { + Status = SampRegQueryValue(hGroupKey, + L"Members", + NULL, + MembersBuffer, + &Length); + if (!NT_SUCCESS(Status)) + goto done; + + MembersCount = Length / sizeof(ULONG); + } + + for (i = 0; i < MembersCount; i++) + { + if (MembersBuffer[i] == MemberId) + { + Status = STATUS_MEMBER_IN_GROUP; + goto done; + } + } + + MembersBuffer[MembersCount] = MemberId; + Length += sizeof(ULONG); + + Status = SampRegSetValue(hGroupKey, + L"Members", + REG_BINARY, + MembersBuffer, + Length); + +done: + if (MembersBuffer != NULL) + midl_user_free(MembersBuffer); + + if (hGroupKey != NULL) + SampRegCloseKey(hGroupKey); + + return Status; +} + + +static +NTSTATUS +SampSetupCreateGroupAccount(HANDLE hDomainKey, LPCWSTR lpAccountName, + LPCWSTR lpComment, ULONG ulRelativeId) { + SAM_GROUP_FIXED_DATA FixedGroupData; + WCHAR szAccountKeyName[32]; + HANDLE hAccountKey = NULL; + HANDLE hNamesKey = NULL; + NTSTATUS Status; - return FALSE; + /* Initialize fixed group data */ + FixedGroupData.Version = 1; + FixedGroupData.Reserved = 0; + FixedGroupData.GroupId = ulRelativeId; + FixedGroupData.Attributes = 0; + + swprintf(szAccountKeyName, L"Groups\\%08lX", ulRelativeId); + + Status = SampRegCreateKey(hDomainKey, + szAccountKeyName, + KEY_ALL_ACCESS, + &hAccountKey); + if (!NT_SUCCESS(Status)) + return Status; + + Status = SampRegSetValue(hAccountKey, + L"F", + REG_BINARY, + (LPVOID)&FixedGroupData, + sizeof(SAM_GROUP_FIXED_DATA)); + if (!NT_SUCCESS(Status)) + goto done; + + Status = SampRegSetValue(hAccountKey, + L"Name", + REG_SZ, + (LPVOID)lpAccountName, + (wcslen(lpAccountName) + 1) * sizeof(WCHAR)); + if (!NT_SUCCESS(Status)) + goto done; + + Status = SampRegSetValue(hAccountKey, + L"AdminComment", + REG_SZ, + (LPVOID)lpComment, + (wcslen(lpComment) + 1) * sizeof(WCHAR)); + if (!NT_SUCCESS(Status)) + goto done; + + Status = SampRegOpenKey(hDomainKey, + L"Groups\\Names", + KEY_ALL_ACCESS, + &hNamesKey); + if (!NT_SUCCESS(Status)) + goto done; + + Status = SampRegSetValue(hNamesKey, + lpAccountName, + REG_DWORD, + (LPVOID)&ulRelativeId, + sizeof(ULONG)); + +done: + if (hNamesKey != NULL) + SampRegCloseKey(hNamesKey); + + if (hAccountKey != NULL) + { + SampRegCloseKey(hAccountKey); + + if (!NT_SUCCESS(Status)) + SampRegDeleteKey(hDomainKey, + szAccountKeyName); + } + + return Status; } -#endif static BOOL @@ -684,7 +834,7 @@ SampInitializeSAM(VOID) szComment, DOMAIN_ALIAS_RID_POWER_USERS); - + /* Add the Administrator user to the Administrators alias */ pSid = AppendRidToSid(AccountDomainInfo->DomainSid, DOMAIN_USER_RID_ADMIN); if (pSid != NULL) @@ -696,6 +846,17 @@ SampInitializeSAM(VOID) RtlFreeHeap(RtlGetProcessHeap(), 0, pSid); } + /* Add the Guest user to the Guests alias */ + pSid = AppendRidToSid(AccountDomainInfo->DomainSid, + DOMAIN_USER_RID_GUEST); + if (pSid != NULL) + { + SampSetupAddMemberToAlias(hDomainKey, + DOMAIN_ALIAS_RID_GUESTS, + pSid); + + RtlFreeHeap(RtlGetProcessHeap(), 0, pSid); + } RegCloseKey(hDomainKey); } @@ -707,6 +868,14 @@ SampInitializeSAM(VOID) AccountDomainInfo->DomainSid, &hDomainKey)) { + SampLoadString(hInstance, IDS_GROUP_NONE_NAME, szName, 80); + SampLoadString(hInstance, IDS_GROUP_NONE_COMMENT, szComment, 256); + + SampSetupCreateGroupAccount(hDomainKey, + szName, + szComment, + DOMAIN_GROUP_RID_USERS); + SampLoadString(hInstance, IDS_USER_ADMINISTRATOR_NAME, szName, 80); SampLoadString(hInstance, IDS_USER_ADMINISTRATOR_COMMENT, szComment, 256); @@ -716,6 +885,10 @@ SampInitializeSAM(VOID) DOMAIN_USER_RID_ADMIN, USER_DONT_EXPIRE_PASSWORD | USER_NORMAL_ACCOUNT); + SampSetupAddMemberToGroup(hDomainKey, + DOMAIN_GROUP_RID_USERS, + DOMAIN_USER_RID_ADMIN); + SampLoadString(hInstance, IDS_USER_GUEST_NAME, szName, 80); SampLoadString(hInstance, IDS_USER_GUEST_COMMENT, szComment, 256); @@ -725,6 +898,10 @@ SampInitializeSAM(VOID) DOMAIN_USER_RID_GUEST, USER_ACCOUNT_DISABLED | USER_DONT_EXPIRE_PASSWORD | USER_NORMAL_ACCOUNT); + SampSetupAddMemberToGroup(hDomainKey, + DOMAIN_GROUP_RID_USERS, + DOMAIN_USER_RID_GUEST); + RegCloseKey(hDomainKey); }