2 files changed, 62 insertions, 63 deletions
diff --git a/src/ext/Util/ca/scaexec.cpp b/src/ext/Util/ca/scaexec.cpp
index 7bd271d1..5119bc11 100644
--- a/src/ext/Util/ca/scaexec.cpp
+++ b/src/ext/Util/ca/scaexec.cpp
@@ -519,10 +519,8 @@ static HRESULT ModifyUserLocalBatchRight(
    return hr;
 }
-static HRESULT ApplyAttributes(int iAttributes, DWORD* pFlags)
+static void ApplyAttributes(int iAttributes, DWORD* pFlags)
 {
-    HRESULT hr = S_OK;
    if (SCAU_DONT_EXPIRE_PASSWRD & iAttributes)
    {
        *pFlags |= UF_DONT_EXPIRE_PASSWD;
@@ -558,14 +556,10 @@ static HRESULT ApplyAttributes(int iAttributes, DWORD* pFlags)
    {
        *pFlags &= ~UF_PASSWORD_EXPIRED;
    }
-    return hr;
 }
-static HRESULT ApplyComment(int iAttributes, LPWSTR pwzComment, LPWSTR* ppComment)
+static void ApplyComment(int iAttributes, LPWSTR pwzComment, LPWSTR* ppComment)
 {
-    HRESULT hr = S_OK;
    if (SCAU_REMOVE_COMMENT & iAttributes)
    {
        *ppComment = L"";
@@ -574,32 +568,36 @@ static HRESULT ApplyComment(int iAttributes, LPWSTR pwzComment, LPWSTR* ppCommen
    {
        *ppComment = pwzComment;
    }
-    return hr;
 }
 static NET_API_STATUS SetUserPassword(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in LPWSTR pwzPassword)
 {
-    _USER_INFO_1003 userInfo1003;
+    NET_API_STATUS er = NERR_Success;
+    _USER_INFO_1003 userInfo1003 = { };
    userInfo1003.usri1003_password = pwzPassword;
-    return ::NetUserSetInfo(pwzServerName, pwzName, 1003, reinterpret_cast<LPBYTE>(&userInfo1003), NULL);
+    er = ::NetUserSetInfo(pwzServerName, pwzName, 1003, reinterpret_cast<LPBYTE>(&userInfo1003), NULL);
+    return HRESULT_FROM_WIN32(er);
 }
-static NET_API_STATUS SetUserComment(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in LPWSTR pwzComment)
+static HRESULT SetUserComment(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in LPWSTR pwzComment)
 {
-    _USER_INFO_1007 userInfo1007;
+    NET_API_STATUS er = NERR_Success;
+    _USER_INFO_1007 userInfo1007 = { };
    userInfo1007.usri1007_comment = pwzComment;
-    return ::NetUserSetInfo(pwzServerName, pwzName, 1007, reinterpret_cast<LPBYTE>(&userInfo1007), NULL);
+    er = ::NetUserSetInfo(pwzServerName, pwzName, 1007, reinterpret_cast<LPBYTE>(&userInfo1007), NULL);
+    return HRESULT_FROM_WIN32(er);
 }
-static NET_API_STATUS SetUserFlags(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in DWORD flags)
+static HRESULT SetUserFlags(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in DWORD flags)
 {
-    _USER_INFO_1008 userInfo1008;
+    NET_API_STATUS er = NERR_Success;
+    _USER_INFO_1008 userInfo1008 = { };
    userInfo1008.usri1008_flags = flags;
-    return ::NetUserSetInfo(pwzServerName, pwzName, 1008, reinterpret_cast<LPBYTE>(&userInfo1008), NULL);
+    er = ::NetUserSetInfo(pwzServerName, pwzName, 1008, reinterpret_cast<LPBYTE>(&userInfo1008), NULL);
+    return HRESULT_FROM_WIN32(er);
 }
 static HRESULT RemoveUserInternal(
@@ -717,12 +715,10 @@ LExit:
    return hr;
 }
-static HRESULT GetServerName(LPWSTR pwzDomain, LPWSTR* ppwzServerName)
+static void GetServerName(LPWSTR pwzDomain, LPWSTR* ppwzServerName)
 {
-    HRESULT hr = S_OK;
+    DWORD er = ERROR_SUCCESS;
    PDOMAIN_CONTROLLER_INFOW pDomainControllerInfo = NULL;
-    UINT er;
    if (pwzDomain && *pwzDomain)
    {
@@ -732,12 +728,18 @@ static HRESULT GetServerName(LPWSTR pwzDomain, LPWSTR* ppwzServerName)
            // MSDN says, if we get the above error code, try again with the "DS_FORCE_REDISCOVERY" flag
            er = ::DsGetDcNameW(NULL, (LPCWSTR)pwzDomain, NULL, NULL, DS_FORCE_REDISCOVERY, &pDomainControllerInfo);
        }
-        if (ERROR_SUCCESS == er
-         && 2 <= wcslen(pDomainControllerInfo->DomainControllerName)
+        if (ERROR_SUCCESS == er && pDomainControllerInfo->DomainControllerName)
-         && '\\' == *pDomainControllerInfo->DomainControllerName
-         && '\\' == *pDomainControllerInfo->DomainControllerName + 1)
        {
-            *ppwzServerName = pDomainControllerInfo->DomainControllerName + 2;  // Skip the \\ prefix
+            // Skip the \\ prefix if present.
+            if ('\\' == *pDomainControllerInfo->DomainControllerName && '\\' == *pDomainControllerInfo->DomainControllerName + 1)
+            {
+                *ppwzServerName = pDomainControllerInfo->DomainControllerName + 2;
+            }
+            else
+            {
+                *ppwzServerName = pDomainControllerInfo->DomainControllerName;
+            }
        }
        else
        {
@@ -749,8 +751,6 @@ static HRESULT GetServerName(LPWSTR pwzDomain, LPWSTR* ppwzServerName)
    {
        ::NetApiBufferFree((LPVOID)pDomainControllerInfo);
    }
-    return hr;
 }
 /********************************************************************
@@ -837,30 +837,28 @@ extern "C" UINT __stdcall CreateUser(
        pUserInfo1->usri1_password = pwzPassword;
        // Set the user's comment
-        hr = ApplyComment(iAttributes, pwzComment, &pUserInfo1->usri1_comment);
+        ApplyComment(iAttributes, pwzComment, &pUserInfo1->usri1_comment);
-        ExitOnFailure(hr, "failed to apply comment");
        // Set the user's flags
-        hr = ApplyAttributes(iAttributes, &pUserInfo1->usri1_flags);
+        ApplyAttributes(iAttributes, &pUserInfo1->usri1_flags);
-        ExitOnFailure(hr, "failed to apply attributes");
        //
        // Create the User
        //
-        hr = GetServerName(pwzDomain, &pwzServerName);
+        GetServerName(pwzDomain, &pwzServerName);
-        ExitOnFailure(hr, "failed to get server name");
        er = ::NetUserAdd(pwzServerName, 1, reinterpret_cast<LPBYTE>(pUserInfo1), &dw);
        if (NERR_UserExists == er)
        {
-            er = ERROR_SUCCESS; // Make sure that we don't report this situation as an error
-                                // if we fall through the tests that follow.
            if (SCAU_FAIL_IF_EXISTS & iAttributes)
            {
                hr = HRESULT_FROM_WIN32(er);
                ExitOnFailure(hr, "User was not supposed to exist, but does.");
            }
+            er = ERROR_SUCCESS; // Make sure that we don't report this situation as an error
+                                // if we fall through the tests that follow.
            if (SCAU_UPDATE_IF_EXISTS & iAttributes)
            {
                pUserInfo1 = NULL;
@@ -890,6 +888,7 @@ extern "C" UINT __stdcall CreateUser(
                            if (FAILED(hr))
                            {
                                WcaLogError(hr, "failed to get existing user rights: %ls, continuing anyway.", pwzName);
+                                hr = S_OK;
                            }
                            else
                            {
@@ -923,41 +922,41 @@ extern "C" UINT __stdcall CreateUser(
                if (ERROR_SUCCESS == er)
                {
-                    hr = HRESULT_FROM_WIN32(::SetUserPassword(pwzServerName, pwzName, pwzPassword));
+                    hr = SetUserPassword(pwzServerName, pwzName, pwzPassword);
                    if (FAILED(hr))
                    {
                        WcaLogError(hr, "failed to set user password for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);
+                        hr = S_OK;
                    }
                    if (SCAU_REMOVE_COMMENT & iAttributes)
                    {
-                        hr = HRESULT_FROM_WIN32(SetUserComment(pwzServerName, pwzName, L""));
+                        hr = SetUserComment(pwzServerName, pwzName, L"");
                        if (FAILED(hr))
                        {
                            WcaLogError(hr, "failed to clear user comment for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);
+                            hr = S_OK;
                        }
                    }
                    else if (pwzComment && *pwzComment)
                    {
-                        hr = HRESULT_FROM_WIN32(SetUserComment(pwzServerName, pwzName, pwzComment));
+                        hr = SetUserComment(pwzServerName, pwzName, pwzComment);
                        if (FAILED(hr))
                        {
                            WcaLogError(hr, "failed to set user comment to %ls for user %ls\\%ls, continuing anyway.", pwzComment, pwzServerName, pwzName);
+                            hr = S_OK;
                        }
                    }
                    DWORD flags = pUserInfo1->usri1_flags;
-                    hr = ApplyAttributes(iAttributes, &flags);
+                    ApplyAttributes(iAttributes, &flags);
-                    if (FAILED(hr))
-                    {
-                        WcaLogError(hr, "failed to apply attributes for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);
-                    }
-                    hr = HRESULT_FROM_WIN32(SetUserFlags(pwzServerName, pwzName, flags));
+                    hr = SetUserFlags(pwzServerName, pwzName, flags);
                    if (FAILED(hr))
                    {
                        WcaLogError(hr, "failed to set user flags for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);
+                        hr = S_OK;
                    }
                }
            }
@@ -985,13 +984,13 @@ extern "C" UINT __stdcall CreateUser(
        MessageExitOnFailure(hr, msierrUSRFailedGrantLogonAsService, "Failed to grant logon as batch job rights to user: %ls", pwzName);
    }
-//
+    //
-// Add the users to groups
+    // Add the users to groups
-//
+    //
-while (S_OK == (hr = WcaReadStringFromCaData(&pwz, &pwzGroup)))
+    while (S_OK == (hr = WcaReadStringFromCaData(&pwz, &pwzGroup)))
-{
+    {
-    hr = WcaReadStringFromCaData(&pwz, &pwzGroupDomain);
+        hr = WcaReadStringFromCaData(&pwz, &pwzGroupDomain);
-    ExitOnFailure(hr, "failed to get domain for group: %ls", pwzGroup);
+        ExitOnFailure(hr, "failed to get domain for group: %ls", pwzGroup);
        WcaLog(LOGMSG_STANDARD, "Adding user %ls\\%ls to group %ls\\%ls", pwzDomain, pwzName, pwzGroupDomain, pwzGroup);
        hr = AddUserToGroup(pwzName, pwzDomain, pwzGroup, pwzGroupDomain);
@@ -1001,10 +1000,7 @@ while (S_OK == (hr = WcaReadStringFromCaData(&pwz, &pwzGroup)))
    {
        hr = S_OK;
    }
+    ExitOnFailure(hr, "failed to get next group in which to include user: %ls", pwzName);
-    ExitOnFailure(hr, "failed to get next group in which to include user:%ls", pwzName);
-ExitOnFailure(hr, "failed to get next group in which to include user:%ls", pwzName);
 LExit:
    WcaCaScriptClose(hRollbackScript, WCA_CASCRIPT_CLOSE_PRESERVE);
diff --git a/src/ext/Util/ca/scauser.cpp b/src/ext/Util/ca/scauser.cpp
index dc5bebba..b643a842 100644
--- a/src/ext/Util/ca/scauser.cpp
+++ b/src/ext/Util/ca/scauser.cpp
@@ -533,13 +533,16 @@ HRESULT ScaUserExecute(
                // MSDN says, if we get the above error code, try again with the "DS_FORCE_REDISCOVERY" flag
                er = ::DsGetDcNameW(NULL, wzDomain, NULL, NULL, DS_FORCE_REDISCOVERY, &pDomainControllerInfo);
            }
-            if (ERROR_SUCCESS == er)
+            if (ERROR_SUCCESS == er && pDomainControllerInfo->DomainControllerName)
            {
-                if (2 <= wcslen(pDomainControllerInfo->DomainControllerName))
+                // If the  \\ prefix on the queried domain was present, skip it.
+                if ('\\' == *pDomainControllerInfo->DomainControllerName && '\\' == *pDomainControllerInfo->DomainControllerName + 1)
                {
-                    wzDomain = pDomainControllerInfo->DomainControllerName + 2; // Add 2 so that we don't get the \\ prefix.
+                    wzDomain = pDomainControllerInfo->DomainControllerName + 2;
-                                                                                // Pass the entire string if it is too short
+                }
-                                                                                // to have a \\ prefix.
+                else
+                {
+                    wzDomain = pDomainControllerInfo->DomainControllerName;
                }
            }
        }
@@ -672,7 +675,7 @@ HRESULT ScaUserExecute(
            // CustomAction.
            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION(L"RemoveUser"), pwzActionData, COST_USER_DELETE);
            ExitOnFailure(hr, "failed to schedule RemoveUser");
-       }
+        }
        ReleaseNullStr(pwzScriptKey);
        ReleaseNullStr(pwzActionData);

diff --git a/src/ext/Util/ca/scaexec.cpp b/src/ext/Util/ca/scaexec.cpp index 7bd271d1..5119bc11 100644 --- a/src/ext/Util/ca/scaexec.cpp +++ b/src/ext/Util/ca/scaexec.cpp
@@ -519,10 +519,8 @@ static HRESULT ModifyUserLocalBatchRight(
519	return hr;	519	return hr;
520	}	520	}
521		521
522	static HRESULT ApplyAttributes(int iAttributes, DWORD* pFlags)	522	static void ApplyAttributes(int iAttributes, DWORD* pFlags)
523	{	523	{
524	HRESULT hr = S_OK;
525
526	if (SCAU_DONT_EXPIRE_PASSWRD & iAttributes)	524	if (SCAU_DONT_EXPIRE_PASSWRD & iAttributes)
527	{	525	{
528	*pFlags \|= UF_DONT_EXPIRE_PASSWD;	526	*pFlags \|= UF_DONT_EXPIRE_PASSWD;
@@ -558,14 +556,10 @@ static HRESULT ApplyAttributes(int iAttributes, DWORD* pFlags)
558	{	556	{
559	*pFlags &= ~UF_PASSWORD_EXPIRED;	557	*pFlags &= ~UF_PASSWORD_EXPIRED;
560	}	558	}
561
562	return hr;
563	}	559	}
564		560
565	static HRESULT ApplyComment(int iAttributes, LPWSTR pwzComment, LPWSTR* ppComment)	561	static void ApplyComment(int iAttributes, LPWSTR pwzComment, LPWSTR* ppComment)
566	{	562	{
567	HRESULT hr = S_OK;
568
569	if (SCAU_REMOVE_COMMENT & iAttributes)	563	if (SCAU_REMOVE_COMMENT & iAttributes)
570	{	564	{
571	*ppComment = L"";	565	*ppComment = L"";
@@ -574,32 +568,36 @@ static HRESULT ApplyComment(int iAttributes, LPWSTR pwzComment, LPWSTR* ppCommen
574	{	568	{
575	*ppComment = pwzComment;	569	*ppComment = pwzComment;
576	}	570	}
577
578	return hr;
579	}	571	}
580		572
581	static NET_API_STATUS SetUserPassword(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in LPWSTR pwzPassword)	573	static NET_API_STATUS SetUserPassword(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in LPWSTR pwzPassword)
582	{	574	{
583	_USER_INFO_1003 userInfo1003;	575	NET_API_STATUS er = NERR_Success;
		576	_USER_INFO_1003 userInfo1003 = { };
584		577
585	userInfo1003.usri1003_password = pwzPassword;	578	userInfo1003.usri1003_password = pwzPassword;
586	return ::NetUserSetInfo(pwzServerName, pwzName, 1003, reinterpret_cast<LPBYTE>(&userInfo1003), NULL);	579	er = ::NetUserSetInfo(pwzServerName, pwzName, 1003, reinterpret_cast<LPBYTE>(&userInfo1003), NULL);
		580	return HRESULT_FROM_WIN32(er);
587	}	581	}
588		582
589	static NET_API_STATUS SetUserComment(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in LPWSTR pwzComment)	583	static HRESULT SetUserComment(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in LPWSTR pwzComment)
590	{	584	{
591	_USER_INFO_1007 userInfo1007;	585	NET_API_STATUS er = NERR_Success;
		586	_USER_INFO_1007 userInfo1007 = { };
592		587
593	userInfo1007.usri1007_comment = pwzComment;	588	userInfo1007.usri1007_comment = pwzComment;
594	return ::NetUserSetInfo(pwzServerName, pwzName, 1007, reinterpret_cast<LPBYTE>(&userInfo1007), NULL);	589	er = ::NetUserSetInfo(pwzServerName, pwzName, 1007, reinterpret_cast<LPBYTE>(&userInfo1007), NULL);
		590	return HRESULT_FROM_WIN32(er);
595	}	591	}
596		592
597	static NET_API_STATUS SetUserFlags(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in DWORD flags)	593	static HRESULT SetUserFlags(__in LPWSTR pwzServerName, __in LPWSTR pwzName, __in DWORD flags)
598	{	594	{
599	_USER_INFO_1008 userInfo1008;	595	NET_API_STATUS er = NERR_Success;
		596	_USER_INFO_1008 userInfo1008 = { };
600		597
601	userInfo1008.usri1008_flags = flags;	598	userInfo1008.usri1008_flags = flags;
602	return ::NetUserSetInfo(pwzServerName, pwzName, 1008, reinterpret_cast<LPBYTE>(&userInfo1008), NULL);	599	er = ::NetUserSetInfo(pwzServerName, pwzName, 1008, reinterpret_cast<LPBYTE>(&userInfo1008), NULL);
		600	return HRESULT_FROM_WIN32(er);
603	}	601	}
604		602
605	static HRESULT RemoveUserInternal(	603	static HRESULT RemoveUserInternal(
@@ -717,12 +715,10 @@ LExit:
717	return hr;	715	return hr;
718	}	716	}
719		717
720	static HRESULT GetServerName(LPWSTR pwzDomain, LPWSTR* ppwzServerName)	718	static void GetServerName(LPWSTR pwzDomain, LPWSTR* ppwzServerName)
721	{	719	{
722	HRESULT hr = S_OK;	720	DWORD er = ERROR_SUCCESS;
723
724	PDOMAIN_CONTROLLER_INFOW pDomainControllerInfo = NULL;	721	PDOMAIN_CONTROLLER_INFOW pDomainControllerInfo = NULL;
725	UINT er;
726		722
727	if (pwzDomain && *pwzDomain)	723	if (pwzDomain && *pwzDomain)
728	{	724	{
@@ -732,12 +728,18 @@ static HRESULT GetServerName(LPWSTR pwzDomain, LPWSTR* ppwzServerName)
732	// MSDN says, if we get the above error code, try again with the "DS_FORCE_REDISCOVERY" flag	728	// MSDN says, if we get the above error code, try again with the "DS_FORCE_REDISCOVERY" flag
733	er = ::DsGetDcNameW(NULL, (LPCWSTR)pwzDomain, NULL, NULL, DS_FORCE_REDISCOVERY, &pDomainControllerInfo);	729	er = ::DsGetDcNameW(NULL, (LPCWSTR)pwzDomain, NULL, NULL, DS_FORCE_REDISCOVERY, &pDomainControllerInfo);
734	}	730	}
735	if (ERROR_SUCCESS == er	731
736	&& 2 <= wcslen(pDomainControllerInfo->DomainControllerName)	732	if (ERROR_SUCCESS == er && pDomainControllerInfo->DomainControllerName)
737	&& '\\' == *pDomainControllerInfo->DomainControllerName
738	&& '\\' == *pDomainControllerInfo->DomainControllerName + 1)
739	{	733	{
740	*ppwzServerName = pDomainControllerInfo->DomainControllerName + 2; // Skip the \\ prefix	734	// Skip the \\ prefix if present.
		735	if ('\\' == pDomainControllerInfo->DomainControllerName && '\\' == pDomainControllerInfo->DomainControllerName + 1)
		736	{
		737	*ppwzServerName = pDomainControllerInfo->DomainControllerName + 2;
		738	}
		739	else
		740	{
		741	*ppwzServerName = pDomainControllerInfo->DomainControllerName;
		742	}
741	}	743	}
742	else	744	else
743	{	745	{
@@ -749,8 +751,6 @@ static HRESULT GetServerName(LPWSTR pwzDomain, LPWSTR* ppwzServerName)
749	{	751	{
750	::NetApiBufferFree((LPVOID)pDomainControllerInfo);	752	::NetApiBufferFree((LPVOID)pDomainControllerInfo);
751	}	753	}
752
753	return hr;
754	}	754	}
755		755
756	/********************************************************************	756	/********************************************************************
@@ -837,30 +837,28 @@ extern "C" UINT __stdcall CreateUser(
837	pUserInfo1->usri1_password = pwzPassword;	837	pUserInfo1->usri1_password = pwzPassword;
838		838
839	// Set the user's comment	839	// Set the user's comment
840	hr = ApplyComment(iAttributes, pwzComment, &pUserInfo1->usri1_comment);	840	ApplyComment(iAttributes, pwzComment, &pUserInfo1->usri1_comment);
841	ExitOnFailure(hr, "failed to apply comment");
842		841
843	// Set the user's flags	842	// Set the user's flags
844	hr = ApplyAttributes(iAttributes, &pUserInfo1->usri1_flags);	843	ApplyAttributes(iAttributes, &pUserInfo1->usri1_flags);
845	ExitOnFailure(hr, "failed to apply attributes");
846		844
847	//	845	//
848	// Create the User	846	// Create the User
849	//	847	//
850	hr = GetServerName(pwzDomain, &pwzServerName);	848	GetServerName(pwzDomain, &pwzServerName);
851	ExitOnFailure(hr, "failed to get server name");
852		849
853	er = ::NetUserAdd(pwzServerName, 1, reinterpret_cast<LPBYTE>(pUserInfo1), &dw);	850	er = ::NetUserAdd(pwzServerName, 1, reinterpret_cast<LPBYTE>(pUserInfo1), &dw);
854	if (NERR_UserExists == er)	851	if (NERR_UserExists == er)
855	{	852	{
856	er = ERROR_SUCCESS; // Make sure that we don't report this situation as an error
857	// if we fall through the tests that follow.
858	if (SCAU_FAIL_IF_EXISTS & iAttributes)	853	if (SCAU_FAIL_IF_EXISTS & iAttributes)
859	{	854	{
860	hr = HRESULT_FROM_WIN32(er);	855	hr = HRESULT_FROM_WIN32(er);
861	ExitOnFailure(hr, "User was not supposed to exist, but does.");	856	ExitOnFailure(hr, "User was not supposed to exist, but does.");
862	}	857	}
863		858
		859	er = ERROR_SUCCESS; // Make sure that we don't report this situation as an error
		860	// if we fall through the tests that follow.
		861
864	if (SCAU_UPDATE_IF_EXISTS & iAttributes)	862	if (SCAU_UPDATE_IF_EXISTS & iAttributes)
865	{	863	{
866	pUserInfo1 = NULL;	864	pUserInfo1 = NULL;
@@ -890,6 +888,7 @@ extern "C" UINT __stdcall CreateUser(
890	if (FAILED(hr))	888	if (FAILED(hr))
891	{	889	{
892	WcaLogError(hr, "failed to get existing user rights: %ls, continuing anyway.", pwzName);	890	WcaLogError(hr, "failed to get existing user rights: %ls, continuing anyway.", pwzName);
		891	hr = S_OK;
893	}	892	}
894	else	893	else
895	{	894	{
@@ -923,41 +922,41 @@ extern "C" UINT __stdcall CreateUser(
923		922
924	if (ERROR_SUCCESS == er)	923	if (ERROR_SUCCESS == er)
925	{	924	{
926	hr = HRESULT_FROM_WIN32(::SetUserPassword(pwzServerName, pwzName, pwzPassword));	925	hr = SetUserPassword(pwzServerName, pwzName, pwzPassword);
927	if (FAILED(hr))	926	if (FAILED(hr))
928	{	927	{
929	WcaLogError(hr, "failed to set user password for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);	928	WcaLogError(hr, "failed to set user password for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);
		929	hr = S_OK;
930	}	930	}
931		931
932	if (SCAU_REMOVE_COMMENT & iAttributes)	932	if (SCAU_REMOVE_COMMENT & iAttributes)
933	{	933	{
934	hr = HRESULT_FROM_WIN32(SetUserComment(pwzServerName, pwzName, L""));	934	hr = SetUserComment(pwzServerName, pwzName, L"");
935	if (FAILED(hr))	935	if (FAILED(hr))
936	{	936	{
937	WcaLogError(hr, "failed to clear user comment for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);	937	WcaLogError(hr, "failed to clear user comment for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);
		938	hr = S_OK;
938	}	939	}
939	}	940	}
940	else if (pwzComment && *pwzComment)	941	else if (pwzComment && *pwzComment)
941	{	942	{
942	hr = HRESULT_FROM_WIN32(SetUserComment(pwzServerName, pwzName, pwzComment));	943	hr = SetUserComment(pwzServerName, pwzName, pwzComment);
943	if (FAILED(hr))	944	if (FAILED(hr))
944	{	945	{
945	WcaLogError(hr, "failed to set user comment to %ls for user %ls\\%ls, continuing anyway.", pwzComment, pwzServerName, pwzName);	946	WcaLogError(hr, "failed to set user comment to %ls for user %ls\\%ls, continuing anyway.", pwzComment, pwzServerName, pwzName);
		947	hr = S_OK;
946	}	948	}
947	}	949	}
948		950
949	DWORD flags = pUserInfo1->usri1_flags;	951	DWORD flags = pUserInfo1->usri1_flags;
950		952
951	hr = ApplyAttributes(iAttributes, &flags);	953	ApplyAttributes(iAttributes, &flags);
952	if (FAILED(hr))
953	{
954	WcaLogError(hr, "failed to apply attributes for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);
955	}
956		954
957	hr = HRESULT_FROM_WIN32(SetUserFlags(pwzServerName, pwzName, flags));	955	hr = SetUserFlags(pwzServerName, pwzName, flags);
958	if (FAILED(hr))	956	if (FAILED(hr))
959	{	957	{
960	WcaLogError(hr, "failed to set user flags for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);	958	WcaLogError(hr, "failed to set user flags for user %ls\\%ls, continuing anyway.", pwzServerName, pwzName);
		959	hr = S_OK;
961	}	960	}
962	}	961	}
963	}	962	}
@@ -985,13 +984,13 @@ extern "C" UINT __stdcall CreateUser(
985	MessageExitOnFailure(hr, msierrUSRFailedGrantLogonAsService, "Failed to grant logon as batch job rights to user: %ls", pwzName);	984	MessageExitOnFailure(hr, msierrUSRFailedGrantLogonAsService, "Failed to grant logon as batch job rights to user: %ls", pwzName);
986	}	985	}
987		986
988	//	987	//
989	// Add the users to groups	988	// Add the users to groups
990	//	989	//
991	while (S_OK == (hr = WcaReadStringFromCaData(&pwz, &pwzGroup)))	990	while (S_OK == (hr = WcaReadStringFromCaData(&pwz, &pwzGroup)))
992	{	991	{
993	hr = WcaReadStringFromCaData(&pwz, &pwzGroupDomain);	992	hr = WcaReadStringFromCaData(&pwz, &pwzGroupDomain);
994	ExitOnFailure(hr, "failed to get domain for group: %ls", pwzGroup);	993	ExitOnFailure(hr, "failed to get domain for group: %ls", pwzGroup);
995		994
996	WcaLog(LOGMSG_STANDARD, "Adding user %ls\\%ls to group %ls\\%ls", pwzDomain, pwzName, pwzGroupDomain, pwzGroup);	995	WcaLog(LOGMSG_STANDARD, "Adding user %ls\\%ls to group %ls\\%ls", pwzDomain, pwzName, pwzGroupDomain, pwzGroup);
997	hr = AddUserToGroup(pwzName, pwzDomain, pwzGroup, pwzGroupDomain);	996	hr = AddUserToGroup(pwzName, pwzDomain, pwzGroup, pwzGroupDomain);
@@ -1001,10 +1000,7 @@ while (S_OK == (hr = WcaReadStringFromCaData(&pwz, &pwzGroup)))
1001	{	1000	{
1002	hr = S_OK;	1001	hr = S_OK;
1003	}	1002	}
1004		1003	ExitOnFailure(hr, "failed to get next group in which to include user: %ls", pwzName);
1005	ExitOnFailure(hr, "failed to get next group in which to include user:%ls", pwzName);
1006
1007	ExitOnFailure(hr, "failed to get next group in which to include user:%ls", pwzName);
1008		1004
1009	LExit:	1005	LExit:
1010	WcaCaScriptClose(hRollbackScript, WCA_CASCRIPT_CLOSE_PRESERVE);	1006	WcaCaScriptClose(hRollbackScript, WCA_CASCRIPT_CLOSE_PRESERVE);


diff --git a/src/ext/Util/ca/scauser.cpp b/src/ext/Util/ca/scauser.cpp index dc5bebba..b643a842 100644 --- a/src/ext/Util/ca/scauser.cpp +++ b/src/ext/Util/ca/scauser.cpp
@@ -533,13 +533,16 @@ HRESULT ScaUserExecute(
533	// MSDN says, if we get the above error code, try again with the "DS_FORCE_REDISCOVERY" flag	533	// MSDN says, if we get the above error code, try again with the "DS_FORCE_REDISCOVERY" flag
534	er = ::DsGetDcNameW(NULL, wzDomain, NULL, NULL, DS_FORCE_REDISCOVERY, &pDomainControllerInfo);	534	er = ::DsGetDcNameW(NULL, wzDomain, NULL, NULL, DS_FORCE_REDISCOVERY, &pDomainControllerInfo);
535	}	535	}
536	if (ERROR_SUCCESS == er)	536	if (ERROR_SUCCESS == er && pDomainControllerInfo->DomainControllerName)
537	{	537	{
538	if (2 <= wcslen(pDomainControllerInfo->DomainControllerName))	538	// If the \\ prefix on the queried domain was present, skip it.
		539	if ('\\' == pDomainControllerInfo->DomainControllerName && '\\' == pDomainControllerInfo->DomainControllerName + 1)
539	{	540	{
540	wzDomain = pDomainControllerInfo->DomainControllerName + 2; // Add 2 so that we don't get the \\ prefix.	541	wzDomain = pDomainControllerInfo->DomainControllerName + 2;
541	// Pass the entire string if it is too short	542	}
542	// to have a \\ prefix.	543	else
		544	{
		545	wzDomain = pDomainControllerInfo->DomainControllerName;
543	}	546	}
544	}	547	}
545	}	548	}
@@ -672,7 +675,7 @@ HRESULT ScaUserExecute(
672	// CustomAction.	675	// CustomAction.
673	hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION(L"RemoveUser"), pwzActionData, COST_USER_DELETE);	676	hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION(L"RemoveUser"), pwzActionData, COST_USER_DELETE);
674	ExitOnFailure(hr, "failed to schedule RemoveUser");	677	ExitOnFailure(hr, "failed to schedule RemoveUser");
675	}	678	}
676		679
677	ReleaseNullStr(pwzScriptKey);	680	ReleaseNullStr(pwzScriptKey);
678	ReleaseNullStr(pwzActionData);	681	ReleaseNullStr(pwzActionData);