internal static void FreeLsaString(ref SAMAPI.LSA_UNICODE_STRING s)
{
if (s.Buffer != IntPtr.Zero)
{
Marshal.FreeHGlobal(s.Buffer);
s.Buffer = IntPtr.Zero;
return;
}
else
{
return;
}
}
internal static void InitLsaString(string s, ref SAMAPI.LSA_UNICODE_STRING lus)
{
ushort num = 0x7ffe;
if (s.Length <= num)
{
lus.Buffer = Marshal.StringToHGlobalUni(s);
lus.Length = (ushort)(s.Length * 2);
lus.MaximumLength = (ushort)((s.Length + 1) * 2);
return;
}
else
{
throw new ArgumentException("String too long");
}
}
internal static void ResetMachineAccountPassword(string domain, string localMachineName, string server, PSCredential credential, PSCmdlet cmdlet)
{
SAMAPI.LSA_UNICODE_STRING structure;
string userName;
string stringFromSecureString;
string cannotFindMachineAccountFromServer;
DirectoryEntry directoryEntry = null;
DirectoryEntry directoryEntry1 = null;
DirectorySearcher directorySearcher = null;
string randomPassword = null;
string str = server;
string str1 = str;
if (str == null)
{
str1 = domain;
}
string str2 = str1;
try
{
try
{
if (credential != null)
{
userName = credential.UserName;
}
else
{
userName = null;
}
string str3 = userName;
if (credential != null)
{
stringFromSecureString = Utils.GetStringFromSecureString(credential.Password);
}
else
{
stringFromSecureString = null;
}
string str4 = stringFromSecureString;
directoryEntry = new DirectoryEntry(string.Concat("LDAP://", str2), str3, str4, AuthenticationTypes.Secure);
directorySearcher = new DirectorySearcher(directoryEntry);
string[] strArrays = new string[5];
strArrays[0] = "(&(objectClass=computer)(|(cn=";
strArrays[1] = localMachineName;
strArrays[2] = ")(dn=";
strArrays[3] = localMachineName;
strArrays[4] = ")))";
directorySearcher.Filter = string.Concat(strArrays);
SearchResult searchResult = directorySearcher.FindOne();
if (searchResult != null)
{
directoryEntry1 = searchResult.GetDirectoryEntry();
randomPassword = ComputerWMIHelper.GetRandomPassword(120);
object[] objArray = new object[1];
objArray[0] = randomPassword;
directoryEntry1.Invoke("SetPassword", objArray);
directoryEntry1.Properties["LockOutTime"].Value = 0;
}
else
{
if (server != null)
{
cannotFindMachineAccountFromServer = ComputerResources.CannotFindMachineAccountFromServer;
}
else
{
cannotFindMachineAccountFromServer = ComputerResources.CannotFindMachineAccountFromDomain;
}
string str5 = cannotFindMachineAccountFromServer;
string str6 = StringUtil.Format(str5, str2);
ErrorRecord errorRecord = new ErrorRecord(new InvalidOperationException(str6), "CannotFindMachineAccount", ErrorCategory.OperationStopped, localMachineName);
cmdlet.ThrowTerminatingError(errorRecord);
}
}
#if !MONO
catch (DirectoryServicesCOMException directoryServicesCOMException1)
{
DirectoryServicesCOMException directoryServicesCOMException = directoryServicesCOMException1;
string str7 = StringUtil.Format(ComputerResources.FailToResetPasswordOnDomain, directoryServicesCOMException.Message);
ErrorRecord errorRecord1 = new ErrorRecord(new InvalidOperationException(str7), "FailToResetPasswordOnDomain", ErrorCategory.OperationStopped, localMachineName);
cmdlet.ThrowTerminatingError(errorRecord1);
}
#endif
catch (TargetInvocationException targetInvocationException1)
{
TargetInvocationException targetInvocationException = targetInvocationException1;
string str8 = StringUtil.Format(ComputerResources.FailToResetPasswordOnDomain, targetInvocationException.InnerException.Message);
ErrorRecord errorRecord2 = new ErrorRecord(new InvalidOperationException(str8), "FailToResetPasswordOnDomain", ErrorCategory.OperationStopped, localMachineName);
cmdlet.ThrowTerminatingError(errorRecord2);
}
catch (COMException cOMException1)
{
COMException cOMException = cOMException1;
string str9 = StringUtil.Format(ComputerResources.FailToResetPasswordOnDomain, cOMException.Message);
ErrorRecord errorRecord3 = new ErrorRecord(new InvalidOperationException(str9), "FailToResetPasswordOnDomain", ErrorCategory.OperationStopped, localMachineName);
cmdlet.ThrowTerminatingError(errorRecord3);
}
}
finally
{
if (directoryEntry != null)
{
directoryEntry.Close();
directoryEntry.Dispose();
}
if (directorySearcher != null)
{
directorySearcher.Dispose();
}
if (directoryEntry1 != null)
{
directoryEntry1.Close();
directoryEntry1.Dispose();
}
}
SAMAPI.LSA_OBJECT_ATTRIBUTES zero = new SAMAPI.LSA_OBJECT_ATTRIBUTES();
zero.RootDirectory = IntPtr.Zero;
zero.ObjectName = IntPtr.Zero;
zero.Attributes = 0;
zero.SecurityDescriptor = IntPtr.Zero;
zero.SecurityQualityOfService = IntPtr.Zero;
zero.Length = Marshal.SizeOf(typeof(SAMAPI.LSA_OBJECT_ATTRIBUTES));
IntPtr intPtr = IntPtr.Zero;
IntPtr zero1 = IntPtr.Zero;
IntPtr intPtr1 = IntPtr.Zero;
SAMAPI.LSA_UNICODE_STRING lSAUNICODESTRING = new SAMAPI.LSA_UNICODE_STRING();
lSAUNICODESTRING.Buffer = IntPtr.Zero;
SAMAPI.LSA_UNICODE_STRING lSAUNICODESTRING1 = lSAUNICODESTRING;
SAMAPI.LSA_UNICODE_STRING zero2 = new SAMAPI.LSA_UNICODE_STRING();
zero2.Buffer = IntPtr.Zero;
SAMAPI.LSA_UNICODE_STRING lSAUNICODESTRING2 = zero2;
SAMAPI.LSA_UNICODE_STRING zero3 = new SAMAPI.LSA_UNICODE_STRING();
zero3.Buffer = IntPtr.Zero;
zero3.Length = 0;
zero3.MaximumLength = 0;
try
{
uint num = SAMAPI.LsaOpenPolicy(ref zero3, ref zero, 0xf0fff, out intPtr);
if (num == -1073741790)
{
string needAdminPrivilegeToResetPassword = ComputerResources.NeedAdminPrivilegeToResetPassword;
ErrorRecord errorRecord4 = new ErrorRecord(new InvalidOperationException(needAdminPrivilegeToResetPassword), "UnauthorizedAccessException", ErrorCategory.InvalidOperation, localMachineName);
cmdlet.ThrowTerminatingError(errorRecord4);
}
if (num != 0)
{
ResetComputerMachinePasswordCommand.ThrowOutLsaError(num, cmdlet);
}
SAMAPI.InitLsaString("$MACHINE.ACC", ref lSAUNICODESTRING1);
SAMAPI.InitLsaString(randomPassword, ref lSAUNICODESTRING2);
bool flag = false;
num = SAMAPI.LsaOpenSecret(intPtr, ref lSAUNICODESTRING1, 3, out zero1);
if (num == -1073741772)
{
num = SAMAPI.LsaCreateSecret(intPtr, ref lSAUNICODESTRING1, 1, out zero1);
flag = true;
}
if (num != 0)
{
ResetComputerMachinePasswordCommand.ThrowOutLsaError(num, cmdlet);
}
if (!flag)
{
num = SAMAPI.LsaQuerySecret(zero1, out intPtr1, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero);
if (num != 0)
{
ResetComputerMachinePasswordCommand.ThrowOutLsaError(num, cmdlet);
}
structure = (SAMAPI.LSA_UNICODE_STRING)Marshal.PtrToStructure(intPtr1, typeof(SAMAPI.LSA_UNICODE_STRING));
}
else
{
structure = lSAUNICODESTRING2;
}
num = SAMAPI.LsaSetSecret(zero1, ref lSAUNICODESTRING2, ref structure);
if (num != 0)
{
ResetComputerMachinePasswordCommand.ThrowOutLsaError(num, cmdlet);
}
}
finally
{
if (intPtr1 != IntPtr.Zero)
{
SAMAPI.LsaFreeMemory(intPtr1);
}
if (intPtr != IntPtr.Zero)
{
SAMAPI.LsaClose(intPtr);
}
if (zero1 != IntPtr.Zero)
{
SAMAPI.LsaClose(zero1);
}
SAMAPI.FreeLsaString(ref lSAUNICODESTRING1);
SAMAPI.FreeLsaString(ref lSAUNICODESTRING2);
}
}
internal static extern uint LsaSetSecret(IntPtr secretHandle, ref SAMAPI.LSA_UNICODE_STRING currentValue, ref SAMAPI.LSA_UNICODE_STRING oldValue);
internal static extern uint LsaOpenSecret(IntPtr policyHandle, ref SAMAPI.LSA_UNICODE_STRING secretName, uint accessMask, out IntPtr secretHandle);
internal static extern uint LsaOpenPolicy(ref SAMAPI.LSA_UNICODE_STRING systemName, ref SAMAPI.LSA_OBJECT_ATTRIBUTES objectAttributes, uint desiredAccess, out IntPtr policyHandle);
internal static extern uint LsaCreateSecret(IntPtr policyHandle, ref SAMAPI.LSA_UNICODE_STRING secretName, uint desiredAccess, out IntPtr secretHandle);
internal static void ResetMachineAccountPassword(string domain, string localMachineName, string server, PSCredential credential, PSCmdlet cmdlet)
{
SAMAPI.LSA_UNICODE_STRING structure;
string userName;
string stringFromSecureString;
string cannotFindMachineAccountFromServer;
DirectoryEntry directoryEntry = null;
DirectoryEntry directoryEntry1 = null;
DirectorySearcher directorySearcher = null;
string randomPassword = null;
string str = server;
string str1 = str;
if (str == null)
{
str1 = domain;
}
string str2 = str1;
try
{
try
{
if (credential != null)
{
userName = credential.UserName;
}
else
{
userName = null;
}
string str3 = userName;
if (credential != null)
{
stringFromSecureString = Utils.GetStringFromSecureString(credential.Password);
}
else
{
stringFromSecureString = null;
}
string str4 = stringFromSecureString;
directoryEntry = new DirectoryEntry(string.Concat("LDAP://", str2), str3, str4, AuthenticationTypes.Secure);
directorySearcher = new DirectorySearcher(directoryEntry);
string[] strArrays = new string[5];
strArrays[0] = "(&(objectClass=computer)(|(cn=";
strArrays[1] = localMachineName;
strArrays[2] = ")(dn=";
strArrays[3] = localMachineName;
strArrays[4] = ")))";
directorySearcher.Filter = string.Concat(strArrays);
SearchResult searchResult = directorySearcher.FindOne();
if (searchResult != null)
{
directoryEntry1 = searchResult.GetDirectoryEntry();
randomPassword = ComputerWMIHelper.GetRandomPassword(120);
object[] objArray = new object[1];
objArray[0] = randomPassword;
directoryEntry1.Invoke("SetPassword", objArray);
directoryEntry1.Properties["LockOutTime"].Value = 0;
}
else
{
if (server != null)
{
cannotFindMachineAccountFromServer = ComputerResources.CannotFindMachineAccountFromServer;
}
else
{
cannotFindMachineAccountFromServer = ComputerResources.CannotFindMachineAccountFromDomain;
}
string str5 = cannotFindMachineAccountFromServer;
string str6 = StringUtil.Format(str5, str2);
ErrorRecord errorRecord = new ErrorRecord(new InvalidOperationException(str6), "CannotFindMachineAccount", ErrorCategory.OperationStopped, localMachineName);
cmdlet.ThrowTerminatingError(errorRecord);
}
}
#if !MONO
catch (DirectoryServicesCOMException directoryServicesCOMException1)
{
DirectoryServicesCOMException directoryServicesCOMException = directoryServicesCOMException1;
string str7 = StringUtil.Format(ComputerResources.FailToResetPasswordOnDomain, directoryServicesCOMException.Message);
ErrorRecord errorRecord1 = new ErrorRecord(new InvalidOperationException(str7), "FailToResetPasswordOnDomain", ErrorCategory.OperationStopped, localMachineName);
cmdlet.ThrowTerminatingError(errorRecord1);
}
#endif
catch (TargetInvocationException targetInvocationException1)
{
TargetInvocationException targetInvocationException = targetInvocationException1;
string str8 = StringUtil.Format(ComputerResources.FailToResetPasswordOnDomain, targetInvocationException.InnerException.Message);
ErrorRecord errorRecord2 = new ErrorRecord(new InvalidOperationException(str8), "FailToResetPasswordOnDomain", ErrorCategory.OperationStopped, localMachineName);
cmdlet.ThrowTerminatingError(errorRecord2);
}
catch (COMException cOMException1)
{
COMException cOMException = cOMException1;
string str9 = StringUtil.Format(ComputerResources.FailToResetPasswordOnDomain, cOMException.Message);
ErrorRecord errorRecord3 = new ErrorRecord(new InvalidOperationException(str9), "FailToResetPasswordOnDomain", ErrorCategory.OperationStopped, localMachineName);
cmdlet.ThrowTerminatingError(errorRecord3);
}
}
finally
{
if (directoryEntry != null)
{
directoryEntry.Close();
directoryEntry.Dispose();
}
if (directorySearcher != null)
{
directorySearcher.Dispose();
}
if (directoryEntry1 != null)
{
directoryEntry1.Close();
directoryEntry1.Dispose();
}
}
SAMAPI.LSA_OBJECT_ATTRIBUTES zero = new SAMAPI.LSA_OBJECT_ATTRIBUTES();
zero.RootDirectory = IntPtr.Zero;
zero.ObjectName = IntPtr.Zero;
zero.Attributes = 0;
zero.SecurityDescriptor = IntPtr.Zero;
zero.SecurityQualityOfService = IntPtr.Zero;
zero.Length = Marshal.SizeOf(typeof(SAMAPI.LSA_OBJECT_ATTRIBUTES));
IntPtr intPtr = IntPtr.Zero;
IntPtr zero1 = IntPtr.Zero;
IntPtr intPtr1 = IntPtr.Zero;
SAMAPI.LSA_UNICODE_STRING lSAUNICODESTRING = new SAMAPI.LSA_UNICODE_STRING();
lSAUNICODESTRING.Buffer = IntPtr.Zero;
SAMAPI.LSA_UNICODE_STRING lSAUNICODESTRING1 = lSAUNICODESTRING;
SAMAPI.LSA_UNICODE_STRING zero2 = new SAMAPI.LSA_UNICODE_STRING();
zero2.Buffer = IntPtr.Zero;
SAMAPI.LSA_UNICODE_STRING lSAUNICODESTRING2 = zero2;
SAMAPI.LSA_UNICODE_STRING zero3 = new SAMAPI.LSA_UNICODE_STRING();
zero3.Buffer = IntPtr.Zero;
zero3.Length = 0;
zero3.MaximumLength = 0;
try
{
uint num = SAMAPI.LsaOpenPolicy(ref zero3, ref zero, 0xf0fff, out intPtr);
if (num == -1073741790)
{
string needAdminPrivilegeToResetPassword = ComputerResources.NeedAdminPrivilegeToResetPassword;
ErrorRecord errorRecord4 = new ErrorRecord(new InvalidOperationException(needAdminPrivilegeToResetPassword), "UnauthorizedAccessException", ErrorCategory.InvalidOperation, localMachineName);
cmdlet.ThrowTerminatingError(errorRecord4);
}
if (num != 0)
{
ResetComputerMachinePasswordCommand.ThrowOutLsaError(num, cmdlet);
}
SAMAPI.InitLsaString("$MACHINE.ACC", ref lSAUNICODESTRING1);
SAMAPI.InitLsaString(randomPassword, ref lSAUNICODESTRING2);
bool flag = false;
num = SAMAPI.LsaOpenSecret(intPtr, ref lSAUNICODESTRING1, 3, out zero1);
if (num == -1073741772)
{
num = SAMAPI.LsaCreateSecret(intPtr, ref lSAUNICODESTRING1, 1, out zero1);
flag = true;
}
if (num != 0)
{
ResetComputerMachinePasswordCommand.ThrowOutLsaError(num, cmdlet);
}
if (!flag)
{
num = SAMAPI.LsaQuerySecret(zero1, out intPtr1, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero);
if (num != 0)
{
ResetComputerMachinePasswordCommand.ThrowOutLsaError(num, cmdlet);
}
structure = (SAMAPI.LSA_UNICODE_STRING)Marshal.PtrToStructure(intPtr1, typeof(SAMAPI.LSA_UNICODE_STRING));
}
else
{
structure = lSAUNICODESTRING2;
}
num = SAMAPI.LsaSetSecret(zero1, ref lSAUNICODESTRING2, ref structure);
if (num != 0)
{
ResetComputerMachinePasswordCommand.ThrowOutLsaError(num, cmdlet);
}
}
finally
{
if (intPtr1 != IntPtr.Zero)
{
SAMAPI.LsaFreeMemory(intPtr1);
}
if (intPtr != IntPtr.Zero)
{
SAMAPI.LsaClose(intPtr);
}
if (zero1 != IntPtr.Zero)
{
SAMAPI.LsaClose(zero1);
}
SAMAPI.FreeLsaString(ref lSAUNICODESTRING1);
SAMAPI.FreeLsaString(ref lSAUNICODESTRING2);
}
}
