PSO fixes

src/adldap/ad_defines.h

@@ -149,6 +149,10 @@ enum SystemFlagsBit {
 #define ATTRIBUTE_MAX_PWD_AGE "maxPwdAge"
 #define ATTRIBUTE_MIN_PWD_AGE "minPwdAge"
 #define ATTRIBUTE_LOCKOUT_DURATION "lockoutDuration"
+#define ATTRIBUTE_PWD_PROPERTIES "pwdProperties"
+#define ATTRIBUTE_PWD_HISTORY_LENGTH "pwdHistoryLength"
+#define ATTRIBUTE_MIN_PWD_LENGTH "minPwdLength"
+#define ATTRIBUTE_LOCKOUT_THRESHOLD "lockoutThreshold"
 #define ATTRIBUTE_IS_CRITICAL_SYSTEM_OBJECT "isCriticalSystemObject"
 #define ATTRIBUTE_GPC_FILE_SYS_PATH "gPCFileSysPath"
 #define ATTRIBUTE_GPC_FUNCTIONALITY_VERSION "gpCFunctionalityVersion"
@@ -407,6 +411,13 @@ const long long MILLIS_TO_100_NANOS = 10000LL;
 #define ETYPES_AES128_CTS_HMAC_SHA1_96 0x00000008
 #define ETYPES_AES256_CTS_HMAC_SHA1_96 0x00000010
 
+#define SAM_MASK_DOMAIN_PASSWORD_COMPLEX 1
+#define SAM_MASK_DOMAIN_PASSWORD_NO_ANON_CHANGE 2
+#define SAM_MASK_DOMAIN_PASSWORD_NO_CLEAR_CHANGE 4
+#define SAM_MASK_DOMAIN_LOCKOUT_ADMINS 8
+#define SAM_MASK_DOMAIN_PASSWORD_STORE_CLEARTEXT 16
+#define SAM_MASK_DOMAIN_REFUSE_PASSWORD_CHANGE 32
+
 enum SearchScope {
     SearchScope_Object,
     SearchScope_Children,

src/admc/CMakeLists.txt

@@ -254,6 +254,7 @@ set(ADMC_SOURCES
     console_impls/policy_ou_impl.cpp
     console_impls/found_policy_impl.cpp
     console_impls/domain_info_impl.cpp
+    console_impls/password_settings_impl.cpp
 
     permission_control_widgets/permissions_widget.cpp
     permission_control_widgets/creation_deletion_permissions_widget.cpp

src/admc/console_impls/item_type.h

@@ -34,6 +34,7 @@ enum ItemType {
     ItemType_FindPolicy,
     ItemType_FoundPolicy,
     ItemType_DomainInfo,
+    ItemType_PasswordSettings,
 
     ItemType_LAST,
 };

src/admc/console_impls/object_impl/console_object_operations.cpp

@@ -596,6 +596,10 @@ bool ConsoleObjectTreeOperations::console_object_deletion_dialog(ConsoleWidget *
 }
 
 void ConsoleObjectTreeOperations::console_tree_add_password_settings(ConsoleWidget *console, AdInterface &ad) {
+    QStandardItem *password_settings_root = console->add_scope_item(ItemType_PasswordSettings, console->domain_info_index())[0];
+    password_settings_root->setText(QCoreApplication::translate("password_settings_impl", "Password settings"));
+    password_settings_root->setIcon(g_icon_manager->item_icon(ItemIcon_Password_Settings_Object));
+    password_settings_root->setDragEnabled(false);
     const QString filter = filter_CONDITION(Condition_Equals, ATTRIBUTE_OBJECT_CLASS, CLASS_PSO_CONTAINER);
     auto search_results = ad.search(g_adconfig->domain_dn(), SearchScope_All, filter, {});
     const QString err = QObject::tr("Password settings container is not available");
@@ -604,8 +608,10 @@ void ConsoleObjectTreeOperations::console_tree_add_password_settings(ConsoleWidg
         return;
     }
 
+    console_object_item_data_load(password_settings_root, search_results.values()[0]);
+
     const int pso_container_sort_idx = 3;
-    console_tree_add_root_child(console, search_results.values()[0], pso_container_sort_idx);
+    console->set_item_sort_index(password_settings_root->index(), pso_container_sort_idx);
 }
 
 QString ConsoleObjectTreeOperations::console_object_count_string(ConsoleWidget *console, const QModelIndex &index) {
@@ -936,13 +942,6 @@ void ConsoleObjectTreeOperations::console_object_properties(const QList<ConsoleW
     }
 }
 
-void ConsoleObjectTreeOperations::console_tree_add_root_child(ConsoleWidget *console, AdObject &obj, int sort_idx) {
-    const QList<QStandardItem *> row = console->add_scope_item(ItemType_Object, console->domain_info_index());
-    console_object_item_data_load(row[0], obj);
-    row[0]->setText(obj.get_string(ATTRIBUTE_NAME));
-    console->set_item_sort_index(row[0]->index(), sort_idx);
-}
-
 void ConsoleObjectTreeOperations::console_tree_add_sites_container(ConsoleWidget *console, AdInterface &ad) {
     const QString filter = filter_CONDITION(Condition_Equals, ATTRIBUTE_OBJECT_CLASS, CLASS_SITES_CONTAINER);
     auto search_results = ad.search(g_adconfig->configuration_dn(), SearchScope_All, filter, {});
@@ -953,7 +952,10 @@ void ConsoleObjectTreeOperations::console_tree_add_sites_container(ConsoleWidget
     }
 
     const int sites_container_sort_idx = 4;
-    console_tree_add_root_child(console, search_results.values()[0], sites_container_sort_idx);
+    QStandardItem *main_item = console->add_scope_item(ItemType_Object, console->domain_info_index())[0];
+    console_object_item_data_load(main_item, search_results.values()[0]);
+    main_item->setText(search_results.values()[0].get_string(ATTRIBUTE_NAME));
+    console->set_item_sort_index(main_item->index(), sites_container_sort_idx);
 }
 
 CreateObjectDialog *ConsoleObjectTreeOperations::create_dialog(const QString &object_class, AdInterface &ad, const QString &parent_dn, ConsoleWidget *parent) {

src/admc/console_impls/object_impl/console_object_operations.h

@@ -52,8 +52,6 @@ namespace ConsoleObjectTreeOperations {
     void console_object_properties(const QList<ConsoleWidget *> &console_list, const QList<QModelIndex> &index_list, const int dn_role, const QList<QString> &class_list);
     bool console_object_deletion_dialog(ConsoleWidget *console, const QList<QModelIndex> &index_deleted_list);
 
-    // Adds object as direct child to the root tree item
-    void console_tree_add_root_child(ConsoleWidget *console, AdObject &obj, int sort_idx);
     // Adds password settings container to the root item childs
     void console_tree_add_password_settings(ConsoleWidget *console, AdInterface &ad);
     void console_tree_add_sites_container(ConsoleWidget *console, AdInterface &ad);

src/admc/console_impls/object_impl/object_impl.cpp

@@ -481,8 +481,10 @@ void ObjectImpl::selected_as_scope(const QModelIndex &index)
     else if (object.is_class(CLASS_SUBNET)) {
         stacked_widget->setCurrentWidget(subnet_results_widget);
         subnet_results_widget->update(object);
-    }
-    else {
+    } else if (object.is_class(CLASS_COMPUTER)) {
+        stacked_widget->setCurrentWidget(computer_results_widget);
+        computer_results_widget->update(ad, object);
+    } else {
         stacked_widget->setCurrentWidget(view());
     }
 }
@@ -509,6 +511,11 @@ void ObjectImpl::update_results_widget(const QModelIndex &index) const {
         return;
     }
 
+    if (object.is_class(CLASS_COMPUTER)) {
+        computer_results_widget->update(ad, object);
+        return;
+    }
+
     if (object.is_class(CLASS_CONTACT) ||
              object.is_class(CLASS_USER) ||
              object.is_class(CLASS_INET_ORG_PERSON)) {
@@ -950,9 +957,11 @@ void ObjectImpl::setup_widgets() {
     set_results_view(new ResultsView(console));
     group_results_widget = new GeneralGroupTab();
     user_results_widget = new GeneralUserTab();
+    computer_results_widget = new GeneralComputerTab();
     pso_results_widget = new PSOResultsWidget();
     subnet_results_widget = new SubnetResultsWidget();
     stacked_widget->addWidget(group_results_widget);
+    stacked_widget->addWidget(computer_results_widget);
     stacked_widget->addWidget(user_results_widget);
     stacked_widget->addWidget(pso_results_widget);
     stacked_widget->addWidget(subnet_results_widget);

src/admc/console_impls/object_impl/object_impl.h

@@ -31,6 +31,7 @@
 #include "console_widget/console_impl.h"
 #include "console_widget/console_widget.h"
 #include "console_object_operations.h"
+#include "tabs/general_computer_tab.h"
 
 class QStandardItem;
 class AdObject;
@@ -151,6 +152,7 @@ private slots:
     QStackedWidget *stacked_widget;
     GeneralGroupTab *group_results_widget;
     GeneralUserTab *user_results_widget;
+    GeneralComputerTab *computer_results_widget;
     PSOResultsWidget *pso_results_widget;
     SubnetResultsWidget *subnet_results_widget;
 

src/admc/console_impls/password_settings_impl.cpp

@@ -0,0 +1,130 @@
+/*
+ * ADMC - AD Management Center
+ *
+ * Copyright (C) 2020-2025 BaseALT Ltd.
+ * Copyright (C) 2020-2025 Dmitry Degtyarev
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "console_impls/password_settings_impl.h"
+
+#include "ad_defines.h"
+#include "adldap.h"
+#include "console_impls/item_type.h"
+#include "console_impls/object_impl/object_impl.h"
+#include "console_impls/policy_impl.h"
+#include "console_widget/results_view.h"
+#include "create_dialogs/create_policy_dialog.h"
+#include "fsmo/fsmo_utils.h"
+#include "globals.h"
+#include "object_impl/console_object_operations.h"
+#include "results_widgets/pso_results_widget/pso_results_widget.h"
+#include "status.h"
+#include "utils.h"
+
+#include <QAction>
+#include <QList>
+#include <QMessageBox>
+#include <QStandardItem>
+
+PasswordSettingsImpl::PasswordSettingsImpl(ConsoleWidget *console_arg)
+: ConsoleImpl(console_arg) {
+    set_results_widget(new PSOResultsWidget(console_arg));
+
+    create_pso_action = new QAction(tr("Create password settings object"), this);
+
+    connect(
+        create_pso_action, &QAction::triggered,
+        this, [this]() {
+            const QString parent_dn = get_selected_target_dn(console, ItemType_PasswordSettings, ObjectRole_DN);
+            ConsoleObjectTreeOperations::console_object_create({console}, CLASS_PSO, parent_dn);
+        });
+}
+
+void PasswordSettingsImpl::fetch(const QModelIndex &index) {
+    AdInterface ad;
+    if (ad_failed(ad, console)) {
+        return;
+    }
+
+    const QString base = g_adconfig->pso_container_dn();
+    const SearchScope scope = SearchScope_Children;
+    const QString filter = filter_CONDITION(Condition_Equals, ATTRIBUTE_OBJECT_CLASS, CLASS_PSO_CONTAINER);
+    const QList<QString> attributes = QList<QString>();
+    const QHash<QString, AdObject> results = ad.search(base, scope, "", attributes);
+
+    ConsoleObjectTreeOperations::add_objects_to_console(console, results.values(), index);
+}
+
+void PasswordSettingsImpl::refresh(const QList<QModelIndex> &index_list) {
+    const QModelIndex index = index_list[0];
+
+    console->delete_children(index);
+    fetch(index);
+}
+
+QList<QAction *> PasswordSettingsImpl::get_all_custom_actions() const {
+    QList<QAction *> out;
+
+    out.append(create_pso_action);
+
+    return out;
+}
+
+QSet<QAction *> PasswordSettingsImpl::get_custom_actions(const QModelIndex &index, const bool single_selection) const {
+    UNUSED_ARG(index);
+    UNUSED_ARG(single_selection);
+
+    QSet<QAction *> out;
+
+    out.insert(create_pso_action);
+
+    return out;
+}
+
+QSet<StandardAction> PasswordSettingsImpl::get_standard_actions(const QModelIndex &index, const bool single_selection) const {
+    UNUSED_ARG(index);
+    UNUSED_ARG(single_selection);
+
+    QSet<StandardAction> out;
+
+    out.insert(StandardAction_Refresh);
+
+    return out;
+}
+
+void password_settings_impl_add_objects(ConsoleWidget *console, const QList<AdObject> &object_list, const QModelIndex &parent) {
+    if (!parent.isValid()) {
+        return;
+    }
+
+    const bool parent_was_fetched = console_item_get_was_fetched(parent);
+    if (!parent_was_fetched) {
+        return;
+    }
+
+    for (const AdObject &object : object_list) {
+        const QList<QStandardItem *> row = console->add_scope_item(ItemType_Object, parent);
+        ConsoleObjectTreeOperations::console_object_load(row, object);
+    }
+}
+
+QList<QString> PasswordSettingsImpl::column_labels() const {
+    return ConsoleObjectTreeOperations::object_impl_column_labels();
+}
+
+QList<int> PasswordSettingsImpl::default_columns() const {
+    return ConsoleObjectTreeOperations::object_impl_default_columns();
+}

src/admc/console_impls/password_settings_impl.h

@@ -0,0 +1,57 @@
+/*
+ * ADMC - AD Management Center
+ *
+ * Copyright (C) 2020-2025 BaseALT Ltd.
+ * Copyright (C) 2020-2025 Dmitry Degtyarev
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef PASSWORD_SETTINGS_IMPL_H
+#define PASSWORD_SETTINGS_IMPL_H
+
+/**
+ * Impl for a virtual container for "All policies". Displays
+ * all of the policies present in the domain.
+ */
+
+#include "console_widget/console_impl.h"
+#include "console_widget/console_widget.h"
+
+class AdObject;
+class AdInterface;
+
+class PasswordSettingsImpl final : public ConsoleImpl {
+    Q_OBJECT
+
+public:
+    PasswordSettingsImpl(ConsoleWidget *console_arg);
+
+    void fetch(const QModelIndex &index) override;
+    void refresh(const QList<QModelIndex> &index_list) override;
+
+    QList<QAction *> get_all_custom_actions() const override;
+    QSet<QAction *> get_custom_actions(const QModelIndex &index, const bool single_selection) const override;
+    QSet<StandardAction> get_standard_actions(const QModelIndex &index, const bool single_selection) const override;
+
+    QList<QString> column_labels() const override;
+    QList<int> default_columns() const override;
+
+private:
+    QAction *create_pso_action;
+};
+
+void password_settings_impl_add_objects(ConsoleWidget *console, const QList<AdObject> &object_list, const QModelIndex &parent);
+
+#endif /* PASSWORD_SETTINGS_IMPL_H */

src/admc/main_window.cpp

@@ -19,6 +19,7 @@
  */
 
 #include "main_window.h"
+#include "console_impls/password_settings_impl.h"
 #include "ui_main_window.h"
 
 #include "about_dialog.h"
@@ -479,6 +480,9 @@ void MainWindow::init_on_connect(AdInterface &ad) {
     auto policy_impl = new PolicyImpl(ui->console);
     ui->console->register_impl(ItemType_Policy, policy_impl);
 
+    auto pso_impl = new PasswordSettingsImpl(ui->console);
+    ui->console->register_impl(ItemType_PasswordSettings, pso_impl);
+
     auto query_item_impl = new QueryItemImpl(ui->console);
     ui->console->register_impl(ItemType_QueryItem, query_item_impl);