/////////////////////////////////////////////////////////////////////////////// //
// FILE
//
// samutil.h
//
// SYNOPSIS
//
// This file describes functions and macros common to all SAM handlers.
//
// MODIFICATION HISTORY
//
// 02/25/1998 Original version.
// 03/30/1998 Change prototype of IASCrackSamIdentity to take pointers
// to const strings for the out arguments.
// 04/13/1998 Modified to use the new NT4-Account-Name attribute.
// 08/11/1998 Added missing include.
// 08/24/1998 Added IASEncryptAndStore, IASProcessFailure & NtSamHandler.
// 03/23/1999 Added IASStoreFQUserName.
// 04/22/1999 Fix RADIUS encryption.
//
///////////////////////////////////////////////////////////////////////////////
#ifndef _SAMUTIL_H_
#define _SAMUTIL_H_
#include <ntdsapi.h>
#include <iaspolcy.h>
#include <iastl.h>
#include <iastlutl.h>
using namespace IASTL;
///////////////////////////////////////////////////////////////////////////////
//
// FUNCTION
//
// IASStoreFQUserName
//
// DESCRIPTION
//
// Stores the Fully-Qualified-User-Name.
//
///////////////////////////////////////////////////////////////////////////////
HRESULT
WINAPI
IASStoreFQUserName(
IAttributesRaw* request,
DS_NAME_FORMAT format,
PCWSTR fqdn
);
///////////////////////////////////////////////////////////////////////////////
//
// FUNCTION
//
// IASEncryptBuffer
//
// DESCRIPTION
//
// Encrypts the buffer using the appropriate shared secret and authentictor
// for 'request'.
//
///////////////////////////////////////////////////////////////////////////////
VOID
WINAPI
IASEncryptBuffer(
IAttributesRaw* request,
BOOL salted,
PBYTE buf,
ULONG buflen
) throw ();
///////////////////////////////////////////////////////////////////////////////
//
// FUNCTION
//
// IASProcessFailure
//
// DESCRIPTION
//
// Handles any failure during processing of an Access-Request. This function
// will set the response code for the request based on hrReason and return
// an appropriate request status. This ensures that all failures are
// handled consistently across handlers.
//
///////////////////////////////////////////////////////////////////////////////
IASREQUESTSTATUS
WINAPI
IASProcessFailure(
IRequest* pRequest,
HRESULT hrReason
) throw ();
///////////////////////////////////////////////////////////////////////////////
//
// CLASS
//
// SamExtractor
//
// DESCRIPTION
//
// This class parses a NT4 Account Name of the form "<domain>\<username>"
// into its separate components. Then replaces the backslash when it goes
// out of scope.
//
///////////////////////////////////////////////////////////////////////////////
class SamExtractor
{
public:
SamExtractor(IAS_STRING& identity) throw ()
: delim(wcschr(identity.pszWide, L'\\'))
{ *delim = L'\0'; }
~SamExtractor() throw ()
{ *delim = L'\\'; }
PCWSTR getUsername() const throw ()
{ return delim + 1; }
protected:
PWSTR delim;
};
//////////
// Macro to split an IAS_STRING into a Unicode domain and username.
//////////
#define EXTRACT_SAM_IDENTITY(identity, domain, username) \
SamExtractor __SAM_EXTRACTOR__(identity); \
domain = (identity).pszWide; \
username = __SAM_EXTRACTOR__.getUsername();
///////////////////////////////////////////////////////////////////////////////
//
// CLASS
//
// NtSamHandler
//
// DESCRIPTION
//
// Abstract base class for sub-handlers that process NT-SAM users.
//
///////////////////////////////////////////////////////////////////////////////
class __declspec(novtable) NtSamHandler
{
public:
virtual ~NtSamHandler() throw ()
{ }
virtual HRESULT initialize() throw ()
{ return S_OK; }
virtual void finalize() throw ()
{ }
};
#endif // _SAMUTIL_H_