IIS Client Certificate Mapping Authentication - c++

I am trying to programmatically add onetoone client certificate authentication to the applicationhost.config file.
After referring to these two documents(thread1, thread2), I am sure that it is possible to implement it with different languages. And for some kind of reason I have to develop it with C++. While translating the code sample in thread1,
Below is the code snippet FYI.
#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
#include <ahadmin.h>
#include <crtdbg.h>
#include <string>
using namespace std;
void PrintPropertiesOfElement(IAppHostElement *pElement)
{
HRESULT hr = S_OK;
IAppHostPropertyCollection *pProperties = NULL;
IAppHostProperty *pProperty = NULL;
hr = pElement->get_Properties(&pProperties);
DWORD properties_count = 0;
hr = pProperties->get_Count(&properties_count);
VARIANT vtIndex;
vtIndex.vt = VT_INT;
for(DWORD i=0; i<properties_count; ++i)
{
vtIndex.intVal = i;
hr = pProperties->get_Item(vtIndex, &pProperty);
BSTR strName;
BSTR strValue;
hr = pProperty->get_Name(&strName);
hr = pProperty->get_StringValue(&strValue);
_tprintf(_T("name : %s, value: %s\n"), strName, strValue);
}
}
void PrintElementsOfCollection(IAppHostChildElementCollection *pCollection)
{
HRESULT hr = S_OK;
IAppHostElement *pElement = NULL;
DWORD elements_count = 0;
hr = pCollection->get_Count(&elements_count);
VARIANT vtIndex;
vtIndex.vt = VT_INT;
for(DWORD i=0; i<elements_count; ++i)
{
vtIndex.intVal = i;
hr = pCollection->get_Item(vtIndex, &pElement);
BSTR strName;
hr = pElement->get_Name(&strName);
_tprintf(_T("element : %s\n"), strName);
}
}
void PrintElementsOfCollection(IAppHostElementCollection *pCollection)
{
HRESULT hr = S_OK;
IAppHostElement *pElement = NULL;
DWORD elements_count = 0;
hr = pCollection->get_Count(&elements_count);
VARIANT vtIndex;
vtIndex.vt = VT_INT;
for(DWORD i=0; i<elements_count; ++i)
{
vtIndex.intVal = i;
hr = pCollection->get_Item(vtIndex, &pElement);
BSTR strName;
hr = pElement->get_Name(&strName);
_tprintf(_T("element : %s\n"), strName);
//PrintPropertiesOfElement(pElement);
}
}
struct UserCertification
{
VARIANT username;
VARIANT password;
VARIANT certification;
public:
UserCertification(wstring name, wstring pwd, wstring cert)
{
username.vt = VT_BSTR;
username.bstrVal = SysAllocString(name.c_str());
password.vt = VT_BSTR;
password.bstrVal = SysAllocString(pwd.c_str());
certification.vt = VT_BSTR;
certification.bstrVal = SysAllocString(cert.c_str());
}
};
HRESULT SetHostElementProperty(IAppHostElement *pElement, UserCertification *pUserCert)
{
HRESULT hr = S_OK;
IAppHostProperty *pProperty = NULL;
BSTR name = SysAllocString(L"userName");
BSTR password = SysAllocString(L"password");
BSTR certification = SysAllocString(L"certificate");
//name
hr = pElement->GetPropertyByName(name, &pProperty);
pProperty->put_Value(pUserCert->username);
//password
hr = pElement->GetPropertyByName(password, &pProperty);
pProperty->put_Value(pUserCert->password);
//certification
hr = pElement->GetPropertyByName(certification, &pProperty);
pProperty->put_Value(pUserCert->certification);
return hr;
}
UserCertification* GenerateUserCertification()
{
wstring username = L"jinqiu.tao#emacle.com";
wstring password = L"123456";
wstring certificate = L"xxxxxxxx";
return new UserCertification(username, password, certificate);
}
int _tmain(int argc, _TCHAR* argv[])
{
HRESULT hr = S_OK;
IAppHostWritableAdminManager * pWMgr = NULL;
IAppHostConfigManager * pCfgMgr = NULL;
IAppHostConfigFile * pCfgFile = NULL;
IAppHostConfigLocationCollection * pLocations = NULL;
IAppHostElement *pAdminSection = NULL;
IAppHostElementCollection *pElementCollection = NULL;
IAppHostChildElementCollection *pChildElements = NULL;
IAppHostElement *pElement = NULL;
IAppHostElement *pNewElement = NULL;
BSTR bstrConfigCommitPath = SysAllocString(L"MACHINE/WEBROOT/APPHOST/Default Web Site");
BSTR bstrSectionName = SysAllocString(L"system.webServer/security/authentication/iisClientCertificateMappingAuthentication");
BSTR bstrOneToOne = SysAllocString(L"oneToOneMappings");
BSTR bstrElementName = SysAllocString(L"add");
// Initialize
hr = CoInitializeEx( NULL, COINIT_MULTITHREADED );
// Create
hr = CoCreateInstance( __uuidof( AppHostWritableAdminManager ), NULL,
CLSCTX_INPROC_SERVER,
__uuidof( IAppHostWritableAdminManager ), (void**) &pWMgr );
pWMgr -> put_CommitPath ( bstrConfigCommitPath );
hr = pWMgr->GetAdminSection(bstrSectionName, bstrConfigCommitPath, &pAdminSection);
hr = pAdminSection->get_ChildElements(&pChildElements);
PrintElementsOfCollection(pChildElements);
hr = pAdminSection->GetElementByName(bstrOneToOne, &pElement);
hr = pElement->get_Collection(&pElementCollection);
//PrintElementsOfCollection(pElementCollection);
hr = pElementCollection->CreateNewElement(bstrElementName, &pNewElement);
//PrintPropertiesOfElement(pNewElement);
hr = SetHostElementProperty(pNewElement, GenerateUserCertification());
//got and error saying that another process is accesssing the data
hr = pElementCollection->AddElement(pNewElement); //got an error code 0x80070021 here |||||||||||||||||
PrintElementsOfCollection(pElementCollection);
// Commit the changes to the configuration system
pWMgr->CommitChanges ( );
return 0;
}
As you see, I can create a new element, but not able to add it to the element collection.
What I want to do is just add a record to the onetoonemappings part.
<location path="Default Web Site">
<system.webServer>
<security>
<access sslFlags="None" />
<authentication>
<anonymousAuthentication enabled="true" />
<iisClientCertificateMappingAuthentication enabled="true" oneToOneCertificateMappingsEnabled="true">
<oneToOneMappings>
<add userName="yonggui.yu#emacle.com" password="[enc:AesProvider:4QEVwn3c530VH5sdwCl+Sm8G2eJesNEs4SaL6U5LrXg=:enc]" certificate="MIIFOjCCBCKgAwIBAgIKOAV" />
<add userName="yuyonggui#tbp.com" password="[enc:AesProvider:iBqmPwvbefiuiUZ03AyPD/0AxzD0HIb4SlJXKQGr9Ug=:enc]" certificate="MIIEjzCCA3egAwIBAgIKGgSFpwAAAA" />
<add userName="yonggui.yu#emacle.com" password="[enc:AesProvider:DogNZMKGrLa9ih2IO9PiMNUz9Ucggu9icKD7o8+U8dQ=:enc]" certificate="MIIFZzCCBE+gAwIBAgIHGAOD3e2==" />
</oneToOneMappings>
</iisClientCertificateMappingAuthentication>
</authentication>
</security>
</system.webServer>
I hope that I have made it clear enough. If you guys need any kind of additional information, please do not hesitate to inform me.
Looking forward for your help.
Best Regards,
Jordan

Related

running .net application from c++

I have a byte array of a .NET application inside c++ code.
I want to execute this .NET application without writing those bytes on the disk. ICLRRuntimeHost::ExecuteInDefaultAppDomain expects a path to the assembly so it's out of the equation here. I'm looking for a possible way (or hack) to pass the binary directly to the clr.
So what i can do ?
//todo error checks/cleanup
HRESULT hr;
ICLRMetaHost *pMetaHost = NULL;
ICLRRuntimeInfo *pRuntimeInfo = NULL;
ICorRuntimeHost *pCorRuntimeHost = NULL;
IUnknownPtr spAppDomainThunk = NULL;
_AppDomainPtr spDefaultAppDomain = NULL;
bstr_t bstrAssemblyName(L"");
_AssemblyPtr spAssembly = NULL;
bstr_t bstrClassName(L"");
_TypePtr spType = NULL;
variant_t vtEmpty;
bstr_t bstrStaticMethodName(L"Main");
variant_t vtLengthRet;
hr = CLRCreateInstance(CLSID_CLRMetaHost, IID_PPV_ARGS(&pMetaHost));
const wchar_t* pszVersion = L"v2.0.50727";
hr = pMetaHost->GetRuntime(pszVersion, IID_PPV_ARGS(&pRuntimeInfo));
BOOL fLoadable;
hr = pRuntimeInfo->IsLoadable(&fLoadable);
if (!fLoadable) { wprintf(L".NET runtime %s cannot be loaded\n", pszVersion); return; }
hr = pRuntimeInfo->GetInterface(CLSID_CorRuntimeHost, IID_PPV_ARGS(&pCorRuntimeHost));
hr = pCorRuntimeHost->Start();
hr = pCorRuntimeHost->GetDefaultDomain(&spAppDomainThunk);
hr = spAppDomainThunk->QueryInterface(IID_PPV_ARGS(&spDefaultAppDomain));
SAFEARRAYBOUND bounds[1];
bounds[0].cElements = array_len;
bounds[0].lLbound = 0;
SAFEARRAY* arr = SafeArrayCreate(VT_UI1, 1, bounds);
SafeArrayLock(arr);
memcpy(arr->pvData, bytearray, array_len);
SafeArrayUnlock(arr);
hr = spDefaultAppDomain->Load_3(arr, &spAssembly);
hr = spAssembly->GetType_2(bstrClassName, &spType);
hr = spType->InvokeMember_3(bstrStaticMethodName, static_cast<BindingFlags>(BindingFlags_InvokeMethod | BindingFlags_Static | BindingFlags_Public), NULL, vtEmpty, nullptr, &vtLengthRet);
SafeArrayDestroy(arr);

ADSI Filter All computers from an OU using c++

Iam new to c++. Using the help of MSDN article iam trying to fetch all the computers under a OU in domain using ADSI. But Iam getting 8254L (FILTER_UNKNOWN) error. Iam not sure what iam doing wrong here. I tried to update the filter but no change in the error. Please suggest what iam doing wrong here.
Below is the code am using for getting the list.
// ConsoleApplication3.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include <objbase.h>
#include <wchar.h>
#include <activeds.h>
#include <sddl.h>
#include <comutil.h>
#include <string.h>
#include <stdio.h>
HRESULT FindComputers(IDirectorySearch *pContainerToSearch, // IDirectorySearch pointer to the container to search.
LPOLESTR szFilter, // Filter to find specific users.
// NULL returns all user objects.
LPOLESTR *pszPropertiesToReturn, // Properties to return for user objects found.
// NULL returns all set properties.
BOOL bIsVerbose // TRUE indicates that display all properties for the found objects.
// FALSE indicates that only the RDN.
);
// Entry point for the application.
void wmain(int argc, wchar_t *argv[])
{
// Initialize COM.
CoInitialize(NULL);
HRESULT hr = S_OK;
// Get rootDSE and the current user domain container distinguished name.
IADs *pObject = NULL;
IDirectorySearch *pContainerToSearch = NULL;
LPOLESTR szPath = new OLECHAR[MAX_PATH];
BOOL bReturnVerbose = FALSE;
DWORD dwLength = MAX_PATH * 2;
LPOLESTR pszBuffer = new OLECHAR[dwLength];
VARIANT var;
hr = ADsOpenObject(L"LDAP://rootDSE",
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, // Use Secure Authentication.
IID_IADs,
(void**)&pObject);
if (FAILED(hr))
{
wprintf(L"Cannot execute query. Cannot bind to LDAP://rootDSE.\n");
if (pObject)
pObject->Release();
return;
}
if (SUCCEEDED(hr))
{
hr = pObject->Get(_bstr_t("defaultNamingContext"), &var);
if (SUCCEEDED(hr))
{
wprintf(L"bstrVal: %s\n", var.bstrVal);
// Build path to the domain container.
// wcsncpy_s(szPath, L"LDAP://", MAX_PATH);
// wcsncat_s(szPath, var.bstrVal, MAX_PATH - wcslen(szPath));
//hr = ADsOpenObject(szPath,
hr = ADsOpenObject(L"LDAP://OU=IA Computers,OU=Infosys,DC=iaseries,Dc=local",
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, // Use Secure Authentication.
IID_IDirectorySearch,
(void**)&pContainerToSearch);
if (SUCCEEDED(hr))
{
hr = FindComputers(pContainerToSearch, // IDirectorySearch pointer to domainDNS container.
pszBuffer,
NULL, // Return all properties.
bReturnVerbose
);
if (SUCCEEDED(hr))
{
if (S_FALSE == hr)
wprintf(L"Computer object cannot be found.\n");
}
else if (E_ADS_INVALID_FILTER == hr)
wprintf(L"Cannot execute query. Invalid filter was specified.\n");
else
wprintf(L"Query failed to run. HRESULT: %x\n", hr);
}
else
{
wprintf(L"Cannot execute query. Cannot bind to the container.\n");
}
if (pContainerToSearch)
pContainerToSearch->Release();
}
VariantClear(&var);
}
if (pObject)
pObject->Release();
// Uninitialize COM.
CoUninitialize();
delete[] szPath;
delete[] pszBuffer;
getchar();
}
HRESULT FindComputers(IDirectorySearch *pContainerToSearch, // IDirectorySearch pointer to the container to search.
LPOLESTR szFilter, // Filter for finding specific users.
// NULL returns all user objects.
LPOLESTR *pszPropertiesToReturn, // Properties to return for user objects found.
// NULL returns all set properties.
BOOL bIsVerbose // TRUE indicates that all properties for the found objects are displayed.
// FALSE indicates only the RDN.
)
{
if (!pContainerToSearch)
return E_POINTER;
DWORD dwLength = (MAX_PATH * 2)+100;
// Create search filter.
LPOLESTR pszSearchFilter = new OLECHAR[dwLength];
// Add the filter.
//swprintf_s(pszSearchFilter, dwLength, L"((objectClass=Computer)%s)", szFilter);
swprintf_s(pszSearchFilter, dwLength, L"(&(objectClass=*)(objectCategory=Computer)%s)", szFilter);
// Specify subtree search.
ADS_SEARCHPREF_INFO SearchPrefs;
SearchPrefs.dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE;
SearchPrefs.vValue.dwType = ADSTYPE_INTEGER;
SearchPrefs.vValue.Integer = ADS_SCOPE_SUBTREE;
DWORD dwNumPrefs = 1;
// COL for iterations.
LPOLESTR pszColumn = NULL;
ADS_SEARCH_COLUMN col;
HRESULT hr = S_OK;
// Interface Pointers
IADs *pObj = NULL;
IADs * pIADs = NULL;
// Search handle.
ADS_SEARCH_HANDLE hSearch = NULL;
// Set search preference.
hr = pContainerToSearch->SetSearchPreference(&SearchPrefs, dwNumPrefs);
if (FAILED(hr))
return hr;
LPOLESTR pszBool = NULL;
DWORD dwBool = 0;
PSID pObjectSID = NULL;
LPOLESTR szSID = NULL;
LPOLESTR szDSGUID = new WCHAR[39];
LPGUID pObjectGUID = NULL;
SYSTEMTIME systemtime;
DATE date;
VARIANT varDate;
LPOLESTR *pszPropertyList = NULL;
LPOLESTR pszNonVerboseList[] = { L"name", L"distinguishedName" };
LPOLESTR szName = new OLECHAR[MAX_PATH];
LPOLESTR szDN = new OLECHAR[MAX_PATH];
VariantInit(&varDate);
int iCount = 0;
DWORD x = 0L;
if (!bIsVerbose)
{
// Return non-verbose list properties only.
hr = pContainerToSearch->ExecuteSearch(pszSearchFilter,
pszNonVerboseList,
sizeof(pszNonVerboseList) / sizeof(LPOLESTR),
&hSearch
);
}
else
{
if (!pszPropertiesToReturn)
{
// Return all properties.
hr = pContainerToSearch->ExecuteSearch(pszSearchFilter,
NULL,
(DWORD)-1,
&hSearch
);
}
else
{
// Specified subset.
pszPropertyList = pszPropertiesToReturn;
// Return specified properties.
hr = pContainerToSearch->ExecuteSearch(pszSearchFilter,
pszPropertyList,
sizeof(pszPropertyList) / sizeof(LPOLESTR),
&hSearch
);
}
}
if (SUCCEEDED(hr))
{
// Call IDirectorySearch::GetNextRow() to retrieve the next data row.
hr = pContainerToSearch->GetFirstRow(hSearch);
if (SUCCEEDED(hr))
{
while (hr != S_ADS_NOMORE_ROWS)
{
// Keep track of count.
iCount++;
if (bIsVerbose)
wprintf(L"----------------------------------\n");
// Loop through the array of passed column names,
// print the data for each column.
while (pContainerToSearch->GetNextColumnName(hSearch, &pszColumn) != S_ADS_NOMORE_COLUMNS)
{
hr = pContainerToSearch->GetColumn(hSearch, pszColumn, &col);
if (SUCCEEDED(hr))
{
// Print the data for the column and free the column.
if (bIsVerbose)
{
// Get the data for this column.
wprintf(L"%s\n", col.pszAttrName);
switch (col.dwADsType)
{
case ADSTYPE_DN_STRING:
for (x = 0; x< col.dwNumValues; x++)
{
wprintf(L" %s\r\n", col.pADsValues[x].DNString);
}
break;
case ADSTYPE_CASE_EXACT_STRING:
case ADSTYPE_CASE_IGNORE_STRING:
case ADSTYPE_PRINTABLE_STRING:
case ADSTYPE_NUMERIC_STRING:
case ADSTYPE_TYPEDNAME:
case ADSTYPE_FAXNUMBER:
case ADSTYPE_PATH:
for (x = 0; x< col.dwNumValues; x++)
{
wprintf(L" %s\r\n", col.pADsValues[x].CaseIgnoreString);
}
break;
case ADSTYPE_BOOLEAN:
for (x = 0; x< col.dwNumValues; x++)
{
dwBool = col.pADsValues[x].Boolean;
pszBool = dwBool ? L"TRUE" : L"FALSE";
wprintf(L" %s\r\n", pszBool);
}
break;
case ADSTYPE_INTEGER:
for (x = 0; x< col.dwNumValues; x++)
{
wprintf(L" %d\r\n", col.pADsValues[x].Integer);
}
break;
case ADSTYPE_OCTET_STRING:
if (_wcsicmp(col.pszAttrName, L"objectSID") == 0)
{
for (x = 0; x< col.dwNumValues; x++)
{
pObjectSID = (PSID)(col.pADsValues[x].OctetString.lpValue);
// Convert SID to string.
ConvertSidToStringSid(pObjectSID, &szSID);
wprintf(L" %s\r\n", szSID);
LocalFree(szSID);
}
}
else if ((_wcsicmp(col.pszAttrName, L"objectGUID") == 0))
{
for (x = 0; x< col.dwNumValues; x++)
{
// Cast to LPGUID.
pObjectGUID = (LPGUID)(col.pADsValues[x].OctetString.lpValue);
// Convert GUID to string.
::StringFromGUID2(*pObjectGUID, szDSGUID, 39);
// Print the GUID.
wprintf(L" %s\r\n", szDSGUID);
}
}
else
wprintf(L" Value of type Octet String. No Conversion.");
break;
case ADSTYPE_UTC_TIME:
for (x = 0; x< col.dwNumValues; x++)
{
systemtime = col.pADsValues[x].UTCTime;
if (SystemTimeToVariantTime(&systemtime,
&date) != 0)
{
// Pack in variant.vt.
varDate.vt = VT_DATE;
varDate.date = date;
VariantChangeType(&varDate, &varDate, VARIANT_NOVALUEPROP, VT_BSTR);
wprintf(L" %s\r\n", varDate.bstrVal);
VariantClear(&varDate);
}
else
wprintf(L" Could not convert UTC-Time.\n", pszColumn);
}
break;
case ADSTYPE_NT_SECURITY_DESCRIPTOR:
for (x = 0; x< col.dwNumValues; x++)
{
wprintf(L" Security descriptor.\n");
}
break;
default:
wprintf(L"Unknown type %d.\n", col.dwADsType);
}
}
else
{
#ifdef _MBCS
// Verbose handles only the two single-valued attributes: cn and ldapdisplayname,
// so this is a special case.
if (0 == wcscmp(L"name", pszColumn))
{
//wcscpy_s(szName, col.pADsValues->CaseIgnoreString);
szName = col.pADsValues->CaseIgnoreString;
}
if (0 == wcscmp(L"distinguishedName", pszColumn))
{
//wcscpy_s(szDN, col.pADsValues->CaseIgnoreString);
szDN = col.pADsValues->CaseIgnoreString;
}
#endif _MBCS
}
pContainerToSearch->FreeColumn(&col);
}
FreeADsMem(pszColumn);
}
if (!bIsVerbose)
wprintf(L"%s\n DN: %s\n\n", szName, szDN);
// Get the next row.
hr = pContainerToSearch->GetNextRow(hSearch);
}
}
// Close the search handle to cleanup.
pContainerToSearch->CloseSearchHandle(hSearch);
}
if (SUCCEEDED(hr) && 0 == iCount)
hr = S_FALSE;
delete[] szName;
delete[] szDN;
delete[] szDSGUID;
delete[] pszSearchFilter;
return hr;
}
Iam able to figure out the issue. Below is the code for working sample.
I haven't cleaned the code much. Please update if you intend to use.
// ConsoleApplication3.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include <objbase.h>
#include <wchar.h>
#include <activeds.h>
#include <sddl.h>
#include <comutil.h>
#include <string.h>
#include <stdio.h>
HRESULT FindComputers(IDirectorySearch *pContainerToSearch); // IDirectorySearch pointer to the container to search.
// Entry point for the application.
void wmain(int argc, wchar_t *argv[])
{
// Initialize COM.
CoInitialize(NULL);
HRESULT hr = S_OK;
// Get rootDSE and the current user domain container distinguished name.
IADs *pObject = NULL;
IDirectorySearch *pContainerToSearch = NULL;
LPOLESTR szPath = new OLECHAR[MAX_PATH];
BOOL bReturnVerbose = FALSE;
DWORD dwLength = MAX_PATH * 2;
VARIANT var;
hr = ADsOpenObject(L"LDAP://rootDSE",
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, // Use Secure Authentication.
IID_IADs,
(void**)&pObject);
if (FAILED(hr))
{
wprintf(L"Cannot execute query. Cannot bind to LDAP://rootDSE.\n");
if (pObject)
pObject->Release();
return;
}
if (SUCCEEDED(hr))
{
hr = pObject->Get(_bstr_t("defaultNamingContext"), &var);
if (SUCCEEDED(hr))
{
//wprintf(L"bstrVal: %s\n", var.bstrVal);
// Build path to the domain container.
// wcsncpy_s(szPath, L"LDAP://", MAX_PATH);
// wcsncat_s(szPath, var.bstrVal, MAX_PATH - wcslen(szPath));
//hr = ADsOpenObject(szPath,
hr = ADsOpenObject(L"LDAP://OU=IA Computers,OU=MyDept,DC=Test,Dc=com",
NULL,
NULL,
ADS_SECURE_AUTHENTICATION, // Use Secure Authentication.
IID_IDirectorySearch,
(void**)&pContainerToSearch);
if (SUCCEEDED(hr))
{
hr = FindComputers(pContainerToSearch); // IDirectorySearch pointer to domainDNS container.
if (SUCCEEDED(hr))
{
if (S_FALSE == hr)
wprintf(L"Computer object cannot be found.\n");
}
else if (E_ADS_INVALID_FILTER == hr)
wprintf(L"Cannot execute query. Invalid filter was specified.\n");
else
wprintf(L"Query failed to run. HRESULT: %x\n", hr);
}
else
{
wprintf(L"Cannot execute query. Cannot bind to the container.\n");
}
if (pContainerToSearch)
pContainerToSearch->Release();
}
VariantClear(&var);
}
if (pObject)
pObject->Release();
// Uninitialize COM.
CoUninitialize();
delete[] szPath;
getchar();
}
HRESULT FindComputers(IDirectorySearch *pContainerToSearch) // IDirectorySearch pointer to the container to search.
{
if (!pContainerToSearch)
return E_POINTER;
DWORD dwLength = (MAX_PATH * 2);
// Create search filter.
LPOLESTR pszSearchFilter = new OLECHAR[dwLength];
// Add the filter.
pszSearchFilter = L"((objectCategory=computer))";
// Specify subtree search.
ADS_SEARCHPREF_INFO SearchPrefs;
SearchPrefs.dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE;
SearchPrefs.vValue.dwType = ADSTYPE_INTEGER;
SearchPrefs.vValue.Integer = ADS_SCOPE_SUBTREE;
DWORD dwNumPrefs = 1;
// COL for iterations.
LPOLESTR pszColumn = NULL;
ADS_SEARCH_COLUMN col;
HRESULT hr = S_OK;
// Interface Pointers
IADs *pObj = NULL;
IADs * pIADs = NULL;
// Search handle.
ADS_SEARCH_HANDLE hSearch = NULL;
// Set search preference.
hr = pContainerToSearch->SetSearchPreference(&SearchPrefs, dwNumPrefs);
if (FAILED(hr))
return hr;
LPOLESTR pszNonVerboseList[] = { L"name", L"distinguishedName" };
LPOLESTR szName = new OLECHAR[MAX_PATH];
LPOLESTR szDN = new OLECHAR[MAX_PATH];
int iCount = 0;
DWORD x = 0L;
// Return non-verbose list properties only.
hr = pContainerToSearch->ExecuteSearch(pszSearchFilter,
pszNonVerboseList,
sizeof(pszNonVerboseList) / sizeof(LPOLESTR),
&hSearch
);
if (SUCCEEDED(hr))
{
// Call IDirectorySearch::GetNextRow() to retrieve the next data row.
hr = pContainerToSearch->GetFirstRow(hSearch);
if (SUCCEEDED(hr))
{
while (hr != S_ADS_NOMORE_ROWS)
{
// Keep track of count.
iCount++;
// Loop through the array of passed column names,
// print the data for each column.
while (pContainerToSearch->GetNextColumnName(hSearch, &pszColumn) != S_ADS_NOMORE_COLUMNS)
{
hr = pContainerToSearch->GetColumn(hSearch, pszColumn, &col);
if (SUCCEEDED(hr))
{
// Verbose handles only the two single-valued attributes: cn and ldapdisplayname,
// so this is a special case.
if (0 == wcscmp(L"name", pszColumn))
{
//wcscpy_s(szName, col.pADsValues->CaseIgnoreString);
szName = col.pADsValues->CaseIgnoreString;
}
if (0 == wcscmp(L"distinguishedName", pszColumn))
{
//wcscpy_s(szDN, col.pADsValues->CaseIgnoreString);
szDN = col.pADsValues->CaseIgnoreString;
}
pContainerToSearch->FreeColumn(&col);
}
FreeADsMem(pszColumn);
}
wprintf(L"%s\n DN: %s\n\n", szName, szDN);
// Get the next row.
hr = pContainerToSearch->GetNextRow(hSearch);
}
}
// Close the search handle to cleanup.
pContainerToSearch->CloseSearchHandle(hSearch);
}
if (SUCCEEDED(hr) && 0 == iCount)
hr = S_FALSE;
delete[] szName;
delete[] szDN;
delete[] pszSearchFilter;
return hr;
}
Thanks,
Vijay

Get email addresses of outlook profile, MAPI

How does one get the email addresses from an outlook profile, using MAPI, in C++ ?
The code for start(works ok):
HRESULT hRes = S_OK;
LPMAPISESSION lpSession = NULL;
LPMDB lpMDB = NULL;
LPMAPITABLE lptMsgStores = NULL;
LPMAPITABLE spTable = NULL;
std::wstring wProfileName;
std::wstring wUsername;
wUsername = L"user1#mymail.com";
wProfileName = L"TestProfile";
// Initiate MAPI.
hRes = MAPIInitialize(0);
// Logon to Extended MAPI session.
hRes = MAPILogonEx(NULL,
(LPTSTR)wProfileName.c_str(),
NULL,
MAPI_EXTENDED | MAPI_EXPLICIT_PROFILE | MAPI_NEW_SESSION | MAPI_UNICODE | MAPI_LOGON_UI, &lpSession);
if(FAILED(hRes))
{
MessageBox(NULL,L"logon error", L"",MB_OK);
}
LPOLKACCOUNTMANAGER lpAcctMgr = NULL;
hRes = CoCreateInstance(CLSID_OlkAccountManager,
NULL,
CLSCTX_INPROC_SERVER,
IID_IOlkAccountManager,
(LPVOID*)&lpAcctMgr);
if(SUCCEEDED(hRes) && lpAcctMgr)
{
CAccountHelper *pMyAcctHelper = new CAccountHelper((LPWSTR)wProfileName.c_str(), lpSession);
if(pMyAcctHelper)
{
LPOLKACCOUNTHELPER lpAcctHelper = NULL;
hRes = pMyAcctHelper->QueryInterface(IID_IOlkAccountHelper, (LPVOID*)&lpAcctHelper);
if(SUCCEEDED(hRes) && lpAcctHelper)
{
LPOLKENUM lpAcctEnum = NULL;
hRes = lpAcctMgr->EnumerateAccounts(&CLSID_OlkMail,
NULL,
OLK_ACCOUNT_NO_FLAGS,
&lpAcctEnum); //THIS FAILS HERE, hRes != S_OK!
_com_error err(hRes);
LPCTSTR errMsg = err.ErrorMessage();
wprintf(L"%s\n", errMsg);
if(SUCCEEDED(hRes) && lpAcctEnum)
{
DWORD cAccounts = 0 ;
hRes = lpAcctEnum->GetCount(&cAccounts);
if(SUCCEEDED(hRes))
{
hRes = lpAcctEnum->Reset();
if(SUCCEEDED(hRes))
{
DWORD i = 0;
for(i = 0 ; i< cAccounts; i++)
{
LPUNKNOWN lpUnk = NULL;
hRes = lpAcctEnum->GetNext(&lpUnk);
if(SUCCEEDED(hRes) &&lpUnk)
{
LPOLKACCOUNT lpAccount = NULL;
hRes = lpUnk->QueryInterface(IID_IOlkAccount, (LPVOID*)&lpAccount);
if(SUCCEEDED(hRes) && lpAccount)
{
ACCT_VARIANT pProp = {0};
HRESULT hRes = S_OK;
hRes = lpAccount->GetProp(PROP_ACCT_NAME, &pProp);
if(SUCCEEDED(hRes) && pProp.Val.pwsz)
{
wprintf(L"Found email:%s\n", pProp.Val.pwsz);
lpAccount->FreeMemory((LPBYTE)pProp.Val.pwsz);
}
}
if(lpAccount)
lpAccount->Release();
lpAccount = NULL;
}
if(lpUnk)
lpUnk->Release();
lpUnk = NULL;
}
///////////
}
}
}
if(lpAcctEnum)
lpAcctEnum->Release();
}
}
if(pMyAcctHelper)
pMyAcctHelper->Release();
}
if(lpAcctMgr)
lpAcctMgr->Release();
// Release the session.
lpSession->Logoff(0,MAPI_LOGOFF_UI,0);
lpSession->Release();
MAPIUninitialize();
_getch();
You don't add an email address to a profile, you add a service that may (POP3/IMAP4/SMTP) or may not (PST) expose or need an SMTP address. For POP3/IMAP4/SMTP addresses, use IOlkAccountManager API. You can play with it in OutlookSpy (I am its author - click IOlkAccountManager button).
Outlook Object Model exposes mail accounts (only mail, not store or address book) through the Namespace.Accounts collection.

Need to retrieve all groups a user belongs to... in C++

I need to find all the groups a particular user is a member of. I'm using C++, not Powershell, if this is the wrong forum I apologize.
From what I've found on the web I need to retrieve the memberOf property, but I get an error that the property doesn't exist. Any help would be appreciated. Here's the code:
HRESULT hrObj = E_FAIL;
HRESULT hr = E_FAIL;
ADS_SEARCHPREF_INFO SearchPrefs;
// COL for iterations
ADS_SEARCH_COLUMN col;
// Handle used for searching
ADS_SEARCH_HANDLE hSearch;
// Search entire subtree from root.
SearchPrefs.dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE;
SearchPrefs.vValue.dwType = ADSTYPE_INTEGER;
SearchPrefs.vValue.Integer = ADS_SCOPE_SUBTREE;
// Set the search preference.
DWORD dwNumPrefs = 1;
hr = pSearchBase->SetSearchPreference(&SearchPrefs, dwNumPrefs);
if (FAILED(hr))
{
return hr;
}
// Create search filter.
LPWSTR pszFormat = L"(&(objectCategory=person)(objectClass=user)(sAMAccountName=%s))";
int len = wcslen(pszFormat) + wcslen(szFindUser) + 1;
LPWSTR pszSearchFilter = new WCHAR[len];
if(NULL == pszSearchFilter)
{
return E_OUTOFMEMORY;
}
swprintf_s(pszSearchFilter, len, pszFormat, szFindUser);
// Set attributes to return.
LPWSTR pszAttribute[NUM_ATTRIBUTES] = {L"ADsPath"};
// Execute the search.
hr = pSearchBase->ExecuteSearch(pszSearchFilter,
pszAttribute,
NUM_ATTRIBUTES,
&hSearch);
if (SUCCEEDED(hr))
{
// Call IDirectorySearch::GetNextRow() to retrieve the next row of data.
while(pSearchBase->GetNextRow(hSearch) != S_ADS_NOMORE_ROWS)
{
// Loop through the array of passed column names and
// print the data for each column.
for (DWORD x = 0; x < NUM_ATTRIBUTES; x++)
{
// Get the data for this column.
hr = pSearchBase->GetColumn(hSearch, pszAttribute[x], &col);
if (SUCCEEDED(hr))
{
// Print the data for the column and free the column.
// Be aware that the requested attribute is type CaseIgnoreString.
if (ADSTYPE_CASE_IGNORE_STRING == col.dwADsType)
{
IADs *pADS;
hr = ADsOpenObject( col.pADsValues->CaseIgnoreString,
L"Administrator",
L"passW0rd",
ADS_SECURE_AUTHENTICATION,
IID_IADs,
(void**)&pADS);
VARIANT var;
VariantInit(&var);
if (SUCCEEDED(hr))
{
hr = pADS->GetEx(L"memberOf", &var); <-- FAILS!!!
wprintf(L"Found User.\n",szFindUser);
wprintf(L"%s: %s\r\n",pszAttribute[x],col.pADsValues->CaseIgnoreString);
hrObj = S_OK;
}
}
pSearchBase->FreeColumn( &col );
}
else
{
hr = E_FAIL;
}
}
}
// Close the search handle to cleanup.
pSearchBase->CloseSearchHandle(hSearch);
}
delete pszSearchFilter;
if (FAILED(hrObj))
{
hr = hrObj;
}
Unless you're set on using AD directly, it's probably easier to use the Windows Net* functions for the job:
#include <windows.h>
#include <lm.h>
#include <stdio.h>
int main() {
wchar_t user[256];
DWORD size = sizeof(user)/sizeof(user[0]);
GetUserNameW(user, &size);
printf("User: %S\n", user);
printf("Local groups: \n");
LPBYTE buffer;
DWORD entries, total_entries;
NetUserGetLocalGroups(NULL, user, 0, LG_INCLUDE_INDIRECT, &buffer, MAX_PREFERRED_LENGTH, &entries, &total_entries);
LOCALGROUP_USERS_INFO_0 *groups = (LOCALGROUP_USERS_INFO_0*)buffer;
for (int i=0; i<entries; i++)
printf("\t%S\n", groups[i].lgrui0_name);
NetApiBufferFree(buffer);
printf("Global groups: \n");
NetUserGetGroups(NULL, user, 0, &buffer, MAX_PREFERRED_LENGTH, &entries, &total_entries);
GROUP_USERS_INFO_0 *ggroups = (GROUP_USERS_INFO_0*)buffer;
for (int i=0; i<entries; i++)
printf("\t%S\n", ggroups[i].grui0_name);
NetApiBufferFree(buffer);
return 0;
}
Thanks for the reply, I think I found what I was looking for in MSDN.
HRESULT CheckUserGroups(IADsUser *pUser)
{
IADsMembers *pGroups;
HRESULT hr = S_OK;
hr = pUser->Groups(&pGroups);
pUser->Release();
if (FAILED(hr)) return hr;
IUnknown *pUnk;
hr = pGroups->get__NewEnum(&pUnk);
if (FAILED(hr)) return hr;
pGroups->Release();
IEnumVARIANT *pEnum;
hr = pUnk->QueryInterface(IID_IEnumVARIANT,(void**)&pEnum);
if (FAILED(hr)) return hr;
pUnk->Release();
// Enumerate.
BSTR bstr;
VARIANT var;
IADs *pADs;
ULONG lFetch;
IDispatch *pDisp;
VariantInit(&var);
hr = pEnum->Next(1, &var, &lFetch);
while(hr == S_OK)
{
if (lFetch == 1)
{
pDisp = V_DISPATCH(&var);
pDisp->QueryInterface(IID_IADs, (void**)&pADs);
pADs->get_Name(&bstr);
printf("Group belonged: %S\n",bstr);
SysFreeString(bstr);
pADs->Release();
}
VariantClear(&var);
pDisp=NULL;
hr = pEnum->Next(1, &var, &lFetch);
};
hr = pEnum->Release();
return S_OK;
}

Raw C++ code to display the names of tables in an SQL compact server using OLE DB

Does anyone have a sample code that given the database file displays the names of all the user tables there?
I am not interested in a .NET code, just the C++.
I am trying to grok OLE DB to do the task - rocket science seems child play in comparison.
I'm going to assume SQL Server CE 3.0/3.1 but, for your reference, here are provider strings I'm aware of:
SQL Server CE 3.0 / 3.1 - Microsoft.SQLLITE.MOBILE.OLEDB.3.0
SQL Server CE 3.5 - Microsoft.SQLSERVER.CE.OLEDB.3.5
Also, I will be providing you with two code examples:
ICommandText on "SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES"
IDBSchemaRowset on DBSCHEMA_TABLES
I'm providing you the samples as C++ console application and have used ATL to make the code short. The code is complete and working but does not include the necessary error checking of the HRESULT hr.
Here's the C++ console application sample for querying a SQL Server CE 3.0/3.1 database for executing "SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES" using ICommandText and IRowset:
#include <stdio.h>
#include <tchar.h>
#include <windows.h>
#include <oledb.h>
#include <atlbase.h>
int _tmain(int argc, _TCHAR* argv[])
{
HRESULT hr = S_OK;
hr = CoInitializeEx(NULL, COINIT_MULTITHREADED);
// Connect to SQL Server.
CComPtr<IDBInitialize> spIDBInitialize;
hr = spIDBInitialize.CoCreateInstance(OLESTR("Microsoft.SQLLITE.MOBILE.OLEDB.3.0"));
CComPtr<IDBProperties> spIDBProperties;
hr = spIDBInitialize->QueryInterface(&spIDBProperties);
CComVariant varDataSource(OLESTR("InsertYourSampleDatabase.SDF"));
DBPROP prop = { DBPROP_INIT_DATASOURCE, DBPROPOPTIONS_REQUIRED, 0, DB_NULLID, varDataSource };
DBPROPSET propSet = {&prop, 1, DBPROPSET_DBINIT};
hr = spIDBProperties->SetProperties(1, &propSet);
spIDBProperties = NULL;
hr = spIDBInitialize->Initialize();
// Execute the query.
CComPtr<IDBCreateSession> spIDBCreateSession;
hr = spIDBInitialize->QueryInterface(&spIDBCreateSession);
CComPtr<IDBCreateCommand> spIDBCreateCommand;
hr = spIDBCreateSession->CreateSession(NULL, IID_IDBCreateCommand, (IUnknown**) &spIDBCreateCommand);
spIDBCreateSession = NULL;
CComPtr<ICommandText> spICommandText;
hr = spIDBCreateCommand->CreateCommand(NULL, IID_ICommandText, (IUnknown**) &spICommandText);
spIDBCreateCommand = NULL;
hr = spICommandText->SetCommandText(DBGUID_SQL, OLESTR("SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES"));
DBROWCOUNT cRowsAffected = 0;
CComPtr<IRowset> spIRowset;
hr = spICommandText->Execute(NULL, IID_IRowset, NULL, &cRowsAffected, (IUnknown**) &spIRowset);
spICommandText = NULL;
// Retrieve records.
HROW hRow = NULL;
HROW *rghRow = &hRow;
DBCOUNTITEM cRowsObtained = 0;
hr = spIRowset->GetNextRows(DB_NULL_HCHAPTER, 0, 1, &cRowsObtained, &rghRow);
while (hr == S_OK && cRowsObtained == 1)
{
// Fetch the TABLE_NAME field.
struct
{
DBSTATUS dbTableNameStatus;
ULONG nTableNameLength;
WCHAR szTableName[128 + 1];
} data = {0};
DBBINDING Binding = {0};
Binding.iOrdinal = 1;
Binding.obValue = sizeof(DBSTATUS) + sizeof(ULONG);
Binding.obLength = sizeof(DBSTATUS);
Binding.obStatus = 0;
Binding.pTypeInfo = NULL;
Binding.pObject = NULL;
Binding.pBindExt = NULL;
Binding.dwPart = DBPART_STATUS | DBPART_LENGTH | DBPART_VALUE;
Binding.dwMemOwner = DBMEMOWNER_CLIENTOWNED;
Binding.eParamIO = DBPARAMIO_NOTPARAM;
Binding.cbMaxLen = (128 + 1) * sizeof(WCHAR);
Binding.wType = DBTYPE_WSTR;
Binding.dwFlags = 0;
Binding.bPrecision = 0;
Binding.bScale = 0;
CComPtr<IAccessor> spIAccessor;
hr = spIRowset->QueryInterface(IID_IAccessor, (void**) &spIAccessor);
HACCESSOR hAccessor = NULL;
hr = spIAccessor->CreateAccessor(DBACCESSOR_ROWDATA, 1, &Binding, 0, &hAccessor, NULL);
hr = spIRowset->GetData(hRow, hAccessor, &data);
DBREFCOUNT cRefCount = 0;
hr = spIAccessor->ReleaseAccessor(hAccessor, &cRefCount);
spIAccessor = NULL;
// ##TODO: Do something with data.szTableName and data.nTableNameLength
_tprintf(_T("%s\n"), data.szTableName);
// Fetch next row of data.
hr = spIRowset->ReleaseRows(1, rghRow, NULL, NULL, NULL);
cRowsObtained = 0;
hr = spIRowset->GetNextRows(DB_NULL_HCHAPTER, 0, 1, &cRowsObtained, &rghRow);
}
// Release everything
spIRowset = NULL;
spIDBInitialize = NULL;
CoUninitialize();
return 0;
}
Here's the C++ console application sample for querying a SQL Server CE 3.0/3.1 database for browsing the tables using IDBSchemaRowset and IRowset (note that TABLE_NAME is now at iOrdinal 3 instead of 1):
#include <stdio.h>
#include <tchar.h>
#include <windows.h>
#include <oledb.h>
#include <atlbase.h>
int _tmain(int argc, _TCHAR* argv[])
{
HRESULT hr = S_OK;
hr = CoInitializeEx(NULL, COINIT_MULTITHREADED);
// Connect to SQL Server.
CComPtr<IDBInitialize> spIDBInitialize;
hr = spIDBInitialize.CoCreateInstance(OLESTR("Microsoft.SQLLITE.MOBILE.OLEDB.3.0"));
CComPtr<IDBProperties> spIDBProperties;
hr = spIDBInitialize->QueryInterface(&spIDBProperties);
CComVariant varDataSource(OLESTR("InsertYourSampleDatabase.SDF"));
DBPROP prop = { DBPROP_INIT_DATASOURCE, DBPROPOPTIONS_REQUIRED, 0, DB_NULLID, varDataSource };
DBPROPSET propSet = {&prop, 1, DBPROPSET_DBINIT};
hr = spIDBProperties->SetProperties(1, &propSet);
spIDBProperties = NULL;
hr = spIDBInitialize->Initialize();
// Execute the query.
CComPtr<IDBCreateSession> spIDBCreateSession;
hr = spIDBInitialize->QueryInterface(&spIDBCreateSession);
CComPtr<IDBSchemaRowset> spIDBSchemaRowset;
hr = spIDBCreateSession->CreateSession(NULL, IID_IDBSchemaRowset, (IUnknown**) &spIDBSchemaRowset);
spIDBCreateSession = NULL;
CComVariant rgRestrictions[CRESTRICTIONS_DBSCHEMA_TABLES];
// rgRestrictions[2] = OLESTR("CENSUS"); TABLE_NAME restriction
rgRestrictions[3] = OLESTR("TABLE"); // TABLE_TYPE restriction
CComPtr<IRowset> spIRowset;
hr = spIDBSchemaRowset->GetRowset(NULL, DBSCHEMA_TABLES, CRESTRICTIONS_DBSCHEMA_TABLES, rgRestrictions, IID_IRowset, 0, NULL, (IUnknown**) &spIRowset);
spIDBSchemaRowset = NULL;
// Retrieve records.
HROW hRow = NULL;
HROW *rghRow = &hRow;
DBCOUNTITEM cRowsObtained = 0;
hr = spIRowset->GetNextRows(DB_NULL_HCHAPTER, 0, 1, &cRowsObtained, &rghRow);
while (hr == S_OK && cRowsObtained == 1)
{
// Fetch the TABLE_NAME field.
struct
{
DBSTATUS dbTableNameStatus;
ULONG nTableNameLength;
WCHAR szTableName[128 + 1];
} data = {0};
DBBINDING Binding = {0};
Binding.iOrdinal = 3;
Binding.obValue = sizeof(DBSTATUS) + sizeof(ULONG);
Binding.obLength = sizeof(DBSTATUS);
Binding.obStatus = 0;
Binding.pTypeInfo = NULL;
Binding.pObject = NULL;
Binding.pBindExt = NULL;
Binding.dwPart = DBPART_STATUS | DBPART_LENGTH | DBPART_VALUE;
Binding.dwMemOwner = DBMEMOWNER_CLIENTOWNED;
Binding.eParamIO = DBPARAMIO_NOTPARAM;
Binding.cbMaxLen = (128 + 1) * sizeof(WCHAR);
Binding.wType = DBTYPE_WSTR;
Binding.dwFlags = 0;
Binding.bPrecision = 0;
Binding.bScale = 0;
CComPtr<IAccessor> spIAccessor;
hr = spIRowset->QueryInterface(IID_IAccessor, (void**) &spIAccessor);
HACCESSOR hAccessor = NULL;
hr = spIAccessor->CreateAccessor(DBACCESSOR_ROWDATA, 1, &Binding, 0, &hAccessor, NULL);
hr = spIRowset->GetData(hRow, hAccessor, &data);
DBREFCOUNT cRefCount = 0;
hr = spIAccessor->ReleaseAccessor(hAccessor, &cRefCount);
spIAccessor = NULL;
// ##TODO: Do something with data.szTableName and data.nTableNameLength
_tprintf(_T("%s\n"), data.szTableName);
// Fetch next row of data.
hr = spIRowset->ReleaseRows(1, rghRow, NULL, NULL, NULL);
cRowsObtained = 0;
hr = spIRowset->GetNextRows(DB_NULL_HCHAPTER, 0, 1, &cRowsObtained, &rghRow);
}
// Release everything
spIRowset = NULL;
spIDBInitialize = NULL;
CoUninitialize();
return 0;
}
SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES