ReactOS Development > Doxygen
sids.c
Go to the documentation of this file.
00001 /* 00002 * COPYRIGHT: See COPYING in the top level directory 00003 * PROJECT: Local Security Authority (LSA) Server 00004 * FILE: reactos/dll/win32/lsasrv/sids.c 00005 * PURPOSE: Sid / Name lookup functions 00006 * 00007 * PROGRAMMERS: Eric Kohl 00008 */ 00009 #include "lsasrv.h" 00010 00011 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv); 00012 00013 00014 typedef struct _WELL_KNOWN_SID 00015 { 00016 LIST_ENTRY ListEntry; 00017 PSID Sid; 00018 UNICODE_STRING Name; 00019 UNICODE_STRING Domain; 00020 SID_NAME_USE NameUse; 00021 } WELL_KNOWN_SID, *PWELL_KNOWN_SID; 00022 00023 00024 static SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}; 00025 static SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}; 00026 static SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}; 00027 static SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}; 00028 static SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}; 00029 00030 LIST_ENTRY WellKnownSidListHead; 00031 00032 00033 00034 #if 0 00035 typedef struct _AccountSid 00036 { 00037 WELL_KNOWN_SID_TYPE type; 00038 LPCWSTR account; 00039 LPCWSTR domain; 00040 SID_NAME_USE name_use; 00041 } AccountSid; 00042 00043 static const WCHAR Account_Operators[] = { 'A','c','c','o','u','n','t',' ','O','p','e','r','a','t','o','r','s',0 }; 00044 static const WCHAR Administrator[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0 }; 00045 static const WCHAR Administrators[] = { 'A','d','m','i','n','i','s','t','r','a','t','o','r','s',0 }; 00046 static const WCHAR ANONYMOUS_LOGON[] = { 'A','N','O','N','Y','M','O','U','S',' ','L','O','G','O','N',0 }; 00047 static const WCHAR Authenticated_Users[] = { 'A','u','t','h','e','n','t','i','c','a','t','e','d',' ','U','s','e','r','s',0 }; 00048 static const WCHAR Backup_Operators[] = { 'B','a','c','k','u','p',' ','O','p','e','r','a','t','o','r','s',0 }; 00049 static const WCHAR BATCH[] = { 'B','A','T','C','H',0 }; 00050 static const WCHAR Blank[] = { 0 }; 00051 static const WCHAR BUILTIN[] = { 'B','U','I','L','T','I','N',0 }; 00052 static const WCHAR Cert_Publishers[] = { 'C','e','r','t',' ','P','u','b','l','i','s','h','e','r','s',0 }; 00053 static const WCHAR CREATOR_GROUP[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',0 }; 00054 static const WCHAR CREATOR_GROUP_SERVER[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',' ','S','E','R','V','E','R',0 }; 00055 static const WCHAR CREATOR_OWNER[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',0 }; 00056 static const WCHAR CREATOR_OWNER_SERVER[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',' ','S','E','R','V','E','R',0 }; 00057 static const WCHAR DIALUP[] = { 'D','I','A','L','U','P',0 }; 00058 static const WCHAR Digest_Authentication[] = { 'D','i','g','e','s','t',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 }; 00059 static const WCHAR DOMAIN[] = {'D','O','M','A','I','N',0}; 00060 static const WCHAR Domain_Admins[] = { 'D','o','m','a','i','n',' ','A','d','m','i','n','s',0 }; 00061 static const WCHAR Domain_Computers[] = { 'D','o','m','a','i','n',' ','C','o','m','p','u','t','e','r','s',0 }; 00062 static const WCHAR Domain_Controllers[] = { 'D','o','m','a','i','n',' ','C','o','n','t','r','o','l','l','e','r','s',0 }; 00063 static const WCHAR Domain_Guests[] = { 'D','o','m','a','i','n',' ','G','u','e','s','t','s',0 }; 00064 static const WCHAR Domain_Users[] = { 'D','o','m','a','i','n',' ','U','s','e','r','s',0 }; 00065 static const WCHAR Enterprise_Admins[] = { 'E','n','t','e','r','p','r','i','s','e',' ','A','d','m','i','n','s',0 }; 00066 static const WCHAR ENTERPRISE_DOMAIN_CONTROLLERS[] = { 'E','N','T','E','R','P','R','I','S','E',' ','D','O','M','A','I','N',' ','C','O','N','T','R','O','L','L','E','R','S',0 }; 00067 static const WCHAR Everyone[] = { 'E','v','e','r','y','o','n','e',0 }; 00068 static const WCHAR Group_Policy_Creator_Owners[] = { 'G','r','o','u','p',' ','P','o','l','i','c','y',' ','C','r','e','a','t','o','r',' ','O','w','n','e','r','s',0 }; 00069 static const WCHAR Guest[] = { 'G','u','e','s','t',0 }; 00070 static const WCHAR Guests[] = { 'G','u','e','s','t','s',0 }; 00071 static const WCHAR INTERACTIVE[] = { 'I','N','T','E','R','A','C','T','I','V','E',0 }; 00072 static const WCHAR LOCAL[] = { 'L','O','C','A','L',0 }; 00073 static const WCHAR LOCAL_SERVICE[] = { 'L','O','C','A','L',' ','S','E','R','V','I','C','E',0 }; 00074 static const WCHAR NETWORK[] = { 'N','E','T','W','O','R','K',0 }; 00075 static const WCHAR Network_Configuration_Operators[] = { 'N','e','t','w','o','r','k',' ','C','o','n','f','i','g','u','r','a','t','i','o','n',' ','O','p','e','r','a','t','o','r','s',0 }; 00076 static const WCHAR NETWORK_SERVICE[] = { 'N','E','T','W','O','R','K',' ','S','E','R','V','I','C','E',0 }; 00077 static const WCHAR NT_AUTHORITY[] = { 'N','T',' ','A','U','T','H','O','R','I','T','Y',0 }; 00078 static const WCHAR NT_Pseudo_Domain[] = { 'N','T',' ','P','s','e','u','d','o',' ','D','o','m','a','i','n',0 }; 00079 static const WCHAR NTML_Authentication[] = { 'N','T','M','L',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 }; 00080 static const WCHAR NULL_SID[] = { 'N','U','L','L',' ','S','I','D',0 }; 00081 static const WCHAR Other_Organization[] = { 'O','t','h','e','r',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 }; 00082 static const WCHAR Performance_Log_Users[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','L','o','g',' ','U','s','e','r','s',0 }; 00083 static const WCHAR Performance_Monitor_Users[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','M','o','n','i','t','o','r',' ','U','s','e','r','s',0 }; 00084 static const WCHAR Power_Users[] = { 'P','o','w','e','r',' ','U','s','e','r','s',0 }; 00085 static const WCHAR Pre_Windows_2000_Compatible_Access[] = { 'P','r','e','-','W','i','n','d','o','w','s',' ','2','0','0','0',' ','C','o','m','p','a','t','i','b','l','e',' ','A','c','c','e','s','s',0 }; 00086 static const WCHAR Print_Operators[] = { 'P','r','i','n','t',' ','O','p','e','r','a','t','o','r','s',0 }; 00087 static const WCHAR PROXY[] = { 'P','R','O','X','Y',0 }; 00088 static const WCHAR RAS_and_IAS_Servers[] = { 'R','A','S',' ','a','n','d',' ','I','A','S',' ','S','e','r','v','e','r','s',0 }; 00089 static const WCHAR Remote_Desktop_Users[] = { 'R','e','m','o','t','e',' ','D','e','s','k','t','o','p',' ','U','s','e','r','s',0 }; 00090 static const WCHAR REMOTE_INTERACTIVE_LOGON[] = { 'R','E','M','O','T','E',' ','I','N','T','E','R','A','C','T','I','V','E',' ','L','O','G','O','N',0 }; 00091 static const WCHAR Replicators[] = { 'R','e','p','l','i','c','a','t','o','r','s',0 }; 00092 static const WCHAR RESTRICTED[] = { 'R','E','S','T','R','I','C','T','E','D',0 }; 00093 static const WCHAR SChannel_Authentication[] = { 'S','C','h','a','n','n','e','l',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 }; 00094 static const WCHAR Schema_Admins[] = { 'S','c','h','e','m','a',' ','A','d','m','i','n','s',0 }; 00095 static const WCHAR SELF[] = { 'S','E','L','F',0 }; 00096 static const WCHAR Server_Operators[] = { 'S','e','r','v','e','r',' ','O','p','e','r','a','t','o','r','s',0 }; 00097 static const WCHAR SERVICE[] = { 'S','E','R','V','I','C','E',0 }; 00098 static const WCHAR SYSTEM[] = { 'S','Y','S','T','E','M',0 }; 00099 static const WCHAR TERMINAL_SERVER_USER[] = { 'T','E','R','M','I','N','A','L',' ','S','E','R','V','E','R',' ','U','S','E','R',0 }; 00100 static const WCHAR This_Organization[] = { 'T','h','i','s',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 }; 00101 static const WCHAR Users[] = { 'U','s','e','r','s',0 }; 00102 00103 static const AccountSid ACCOUNT_SIDS[] = { 00104 // { WinNullSid, NULL_SID, Blank, SidTypeWellKnownGroup }, 00105 // { WinWorldSid, Everyone, Blank, SidTypeWellKnownGroup }, 00106 // { WinLocalSid, LOCAL, Blank, SidTypeWellKnownGroup }, 00107 // { WinCreatorOwnerSid, CREATOR_OWNER, Blank, SidTypeWellKnownGroup }, 00108 // { WinCreatorGroupSid, CREATOR_GROUP, Blank, SidTypeWellKnownGroup }, 00109 // { WinCreatorOwnerServerSid, CREATOR_OWNER_SERVER, Blank, SidTypeWellKnownGroup }, 00110 // { WinCreatorGroupServerSid, CREATOR_GROUP_SERVER, Blank, SidTypeWellKnownGroup }, 00111 // { WinNtAuthoritySid, NT_Pseudo_Domain, NT_Pseudo_Domain, SidTypeDomain }, 00112 // { WinDialupSid, DIALUP, NT_AUTHORITY, SidTypeWellKnownGroup }, 00113 // { WinNetworkSid, NETWORK, NT_AUTHORITY, SidTypeWellKnownGroup }, 00114 // { WinBatchSid, BATCH, NT_AUTHORITY, SidTypeWellKnownGroup }, 00115 // { WinInteractiveSid, INTERACTIVE, NT_AUTHORITY, SidTypeWellKnownGroup }, 00116 // { WinServiceSid, SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup }, 00117 // { WinAnonymousSid, ANONYMOUS_LOGON, NT_AUTHORITY, SidTypeWellKnownGroup }, 00118 // { WinProxySid, PROXY, NT_AUTHORITY, SidTypeWellKnownGroup }, 00119 // { WinEnterpriseControllersSid, ENTERPRISE_DOMAIN_CONTROLLERS, NT_AUTHORITY, SidTypeWellKnownGroup }, 00120 // { WinSelfSid, SELF, NT_AUTHORITY, SidTypeWellKnownGroup }, 00121 // { WinAuthenticatedUserSid, Authenticated_Users, NT_AUTHORITY, SidTypeWellKnownGroup }, 00122 // { WinRestrictedCodeSid, RESTRICTED, NT_AUTHORITY, SidTypeWellKnownGroup }, 00123 // { WinTerminalServerSid, TERMINAL_SERVER_USER, NT_AUTHORITY, SidTypeWellKnownGroup }, 00124 // { WinRemoteLogonIdSid, REMOTE_INTERACTIVE_LOGON, NT_AUTHORITY, SidTypeWellKnownGroup }, 00125 // { WinLocalSystemSid, SYSTEM, NT_AUTHORITY, SidTypeWellKnownGroup }, 00126 // { WinLocalServiceSid, LOCAL_SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup }, 00127 // { WinNetworkServiceSid, NETWORK_SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup }, 00128 // { WinBuiltinDomainSid, BUILTIN, BUILTIN, SidTypeDomain }, 00129 // { WinBuiltinAdministratorsSid, Administrators, BUILTIN, SidTypeAlias }, 00130 // { WinBuiltinUsersSid, Users, BUILTIN, SidTypeAlias }, 00131 // { WinBuiltinGuestsSid, Guests, BUILTIN, SidTypeAlias }, 00132 // { WinBuiltinPowerUsersSid, Power_Users, BUILTIN, SidTypeAlias }, 00133 // { WinBuiltinAccountOperatorsSid, Account_Operators, BUILTIN, SidTypeAlias }, 00134 // { WinBuiltinSystemOperatorsSid, Server_Operators, BUILTIN, SidTypeAlias }, 00135 // { WinBuiltinPrintOperatorsSid, Print_Operators, BUILTIN, SidTypeAlias }, 00136 // { WinBuiltinBackupOperatorsSid, Backup_Operators, BUILTIN, SidTypeAlias }, 00137 // { WinBuiltinReplicatorSid, Replicators, BUILTIN, SidTypeAlias }, 00138 // { WinBuiltinPreWindows2000CompatibleAccessSid, Pre_Windows_2000_Compatible_Access, BUILTIN, SidTypeAlias }, 00139 // { WinBuiltinRemoteDesktopUsersSid, Remote_Desktop_Users, BUILTIN, SidTypeAlias }, 00140 // { WinBuiltinNetworkConfigurationOperatorsSid, Network_Configuration_Operators, BUILTIN, SidTypeAlias }, 00141 { WinNTLMAuthenticationSid, NTML_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup }, 00142 { WinDigestAuthenticationSid, Digest_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup }, 00143 { WinSChannelAuthenticationSid, SChannel_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup }, 00144 // { WinThisOrganizationSid, This_Organization, NT_AUTHORITY, SidTypeWellKnownGroup }, 00145 { WinOtherOrganizationSid, Other_Organization, NT_AUTHORITY, SidTypeWellKnownGroup }, 00146 { WinBuiltinPerfMonitoringUsersSid, Performance_Monitor_Users, BUILTIN, SidTypeAlias }, 00147 { WinBuiltinPerfLoggingUsersSid, Performance_Log_Users, BUILTIN, SidTypeAlias }, 00148 }; 00149 #endif 00150 00151 00152 BOOLEAN 00153 LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, 00154 UCHAR SubAuthorityCount, 00155 PULONG SubAuthorities, 00156 PWSTR Name, 00157 PWSTR Domain, 00158 SID_NAME_USE NameUse) 00159 { 00160 PWELL_KNOWN_SID SidEntry; 00161 PULONG p; 00162 ULONG i; 00163 00164 SidEntry = RtlAllocateHeap(RtlGetProcessHeap(), 0, sizeof(WELL_KNOWN_SID)); 00165 if (SidEntry == NULL) 00166 return FALSE; 00167 00168 InitializeListHead(&SidEntry->ListEntry); 00169 00170 SidEntry->Sid = RtlAllocateHeap(RtlGetProcessHeap(), 00171 0, 00172 RtlLengthRequiredSid(SubAuthorityCount)); 00173 if (SidEntry->Sid == NULL) 00174 { 00175 RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry); 00176 return FALSE; 00177 } 00178 00179 RtlInitializeSid(SidEntry->Sid, 00180 IdentifierAuthority, 00181 SubAuthorityCount); 00182 00183 for (i = 0; i < (ULONG)SubAuthorityCount; i++) 00184 { 00185 p = RtlSubAuthoritySid(SidEntry->Sid, i); 00186 *p = SubAuthorities[i]; 00187 } 00188 00189 RtlInitUnicodeString(&SidEntry->Name, 00190 Name); 00191 00192 RtlInitUnicodeString(&SidEntry->Domain, 00193 Domain); 00194 00195 SidEntry->NameUse = NameUse; 00196 00197 InsertTailList(&WellKnownSidListHead, 00198 &SidEntry->ListEntry); 00199 00200 return TRUE; 00201 } 00202 00203 00204 NTSTATUS 00205 LsapInitSids(VOID) 00206 { 00207 ULONG SubAuthorities[5]; 00208 00209 InitializeListHead(&WellKnownSidListHead); 00210 00211 /* Null Sid */ 00212 SubAuthorities[0] = SECURITY_NULL_RID; 00213 LsapCreateSid(&NullSidAuthority, 00214 1, 00215 SubAuthorities, 00216 L"NULL SID", 00217 L"", 00218 SidTypeWellKnownGroup); 00219 00220 /* World Sid */ 00221 SubAuthorities[0] = SECURITY_WORLD_RID; 00222 LsapCreateSid(&WorldSidAuthority, 00223 1, 00224 SubAuthorities, 00225 L"Everyone", 00226 L"", 00227 SidTypeWellKnownGroup); 00228 00229 /* Local Sid */ 00230 SubAuthorities[0] = SECURITY_LOCAL_RID; 00231 LsapCreateSid(&LocalSidAuthority, 00232 1, 00233 SubAuthorities, 00234 L"LOCAL", 00235 L"", 00236 SidTypeWellKnownGroup); 00237 00238 /* Creator Owner Sid */ 00239 SubAuthorities[0] = SECURITY_CREATOR_OWNER_RID; 00240 LsapCreateSid(&CreatorSidAuthority, 00241 1, 00242 SubAuthorities, 00243 L"CREATOR OWNER", 00244 L"", 00245 SidTypeWellKnownGroup); 00246 00247 /* Creator Group Sid */ 00248 SubAuthorities[0] = SECURITY_CREATOR_GROUP_RID; 00249 LsapCreateSid(&CreatorSidAuthority, 00250 1, 00251 SubAuthorities, 00252 L"CREATOR GROUP", 00253 L"", 00254 SidTypeWellKnownGroup); 00255 00256 /* Creator Owner Server Sid */ 00257 SubAuthorities[0] = SECURITY_CREATOR_OWNER_SERVER_RID; 00258 LsapCreateSid(&CreatorSidAuthority, 00259 1, 00260 SubAuthorities, 00261 L"CREATOR OWNER SERVER", 00262 L"", 00263 SidTypeWellKnownGroup); 00264 00265 /* Creator Group Server Sid */ 00266 SubAuthorities[0] = SECURITY_CREATOR_GROUP_SERVER_RID; 00267 LsapCreateSid(&CreatorSidAuthority, 00268 1, 00269 SubAuthorities, 00270 L"CREATOR GROUP SERVER", 00271 L"", 00272 SidTypeWellKnownGroup); 00273 00274 /* NT Domain Sid */ 00275 LsapCreateSid(&NtAuthority, 00276 0, 00277 NULL, 00278 L"NT Pseudo Domain", 00279 L"NT Pseudo Domain", 00280 SidTypeDomain); 00281 00282 /* Dialup Sid */ 00283 SubAuthorities[0] = SECURITY_DIALUP_RID; 00284 LsapCreateSid(&NtAuthority, 00285 1, 00286 SubAuthorities, 00287 L"DIALUP", 00288 L"NT AUTHORITY", 00289 SidTypeWellKnownGroup); 00290 00291 /* Network Sid */ 00292 SubAuthorities[0] = SECURITY_NETWORK_RID; 00293 LsapCreateSid(&NtAuthority, 00294 1, 00295 SubAuthorities, 00296 L"NETWORK", 00297 L"NT AUTHORITY", 00298 SidTypeWellKnownGroup); 00299 00300 /* Batch Sid*/ 00301 SubAuthorities[0] = SECURITY_BATCH_RID; 00302 LsapCreateSid(&NtAuthority, 00303 1, 00304 SubAuthorities, 00305 L"BATCH", 00306 L"NT AUTHORITY", 00307 SidTypeWellKnownGroup); 00308 00309 /* Interactive Sid */ 00310 SubAuthorities[0] = SECURITY_INTERACTIVE_RID; 00311 LsapCreateSid(&NtAuthority, 00312 1, 00313 SubAuthorities, 00314 L"INTERACTIVE", 00315 L"NT AUTHORITY", 00316 SidTypeWellKnownGroup); 00317 00318 /* Service Sid */ 00319 SubAuthorities[0] = SECURITY_SERVICE_RID; 00320 LsapCreateSid(&NtAuthority, 00321 1, 00322 SubAuthorities, 00323 L"SERVICE", 00324 L"NT AUTHORITY", 00325 SidTypeWellKnownGroup); 00326 00327 /* Anonymous Logon Sid */ 00328 SubAuthorities[0] = SECURITY_ANONYMOUS_LOGON_RID; 00329 LsapCreateSid(&NtAuthority, 00330 1, 00331 SubAuthorities, 00332 L"ANONYMOUS LOGON", 00333 L"NT AUTHORITY", 00334 SidTypeWellKnownGroup); 00335 00336 /* Proxy Sid */ 00337 SubAuthorities[0] = SECURITY_PROXY_RID; 00338 LsapCreateSid(&NtAuthority, 00339 1, 00340 SubAuthorities, 00341 L"PROXY", 00342 L"NT AUTHORITY", 00343 SidTypeWellKnownGroup); 00344 00345 /* Enterprise Controllers Sid */ 00346 SubAuthorities[0] = SECURITY_ENTERPRISE_CONTROLLERS_RID; 00347 LsapCreateSid(&NtAuthority, 00348 1, 00349 SubAuthorities, 00350 L"ENTERPRISE DOMAIN CONTROLLERS", 00351 L"NT AUTHORITY", 00352 SidTypeWellKnownGroup); 00353 00354 /* Principal Self Sid */ 00355 SubAuthorities[0] = SECURITY_PRINCIPAL_SELF_RID; 00356 LsapCreateSid(&NtAuthority, 00357 1, 00358 SubAuthorities, 00359 L"SELF", 00360 L"NT AUTHORITY", 00361 SidTypeWellKnownGroup); 00362 00363 /* Authenticated Users Sid */ 00364 SubAuthorities[0] = SECURITY_AUTHENTICATED_USER_RID; 00365 LsapCreateSid(&NtAuthority, 00366 1, 00367 SubAuthorities, 00368 L"Authenticated Users", 00369 L"NT AUTHORITY", 00370 SidTypeWellKnownGroup); 00371 00372 /* Restricted Code Sid */ 00373 SubAuthorities[0] = SECURITY_RESTRICTED_CODE_RID; 00374 LsapCreateSid(&NtAuthority, 00375 1, 00376 SubAuthorities, 00377 L"RESTRICTED", 00378 L"NT AUTHORITY", 00379 SidTypeWellKnownGroup); 00380 00381 /* Terminal Server Sid */ 00382 SubAuthorities[0] = SECURITY_TERMINAL_SERVER_RID; 00383 LsapCreateSid(&NtAuthority, 00384 1, 00385 SubAuthorities, 00386 L"TERMINAL SERVER USER", 00387 L"NT AUTHORITY", 00388 SidTypeWellKnownGroup); 00389 00390 /* Remote Logon Sid */ 00391 SubAuthorities[0] = SECURITY_REMOTE_LOGON_RID; 00392 LsapCreateSid(&NtAuthority, 00393 1, 00394 SubAuthorities, 00395 L"REMOTE INTERACTIVE LOGON", 00396 L"NT AUTHORITY", 00397 SidTypeWellKnownGroup); 00398 00399 /* This Organization Sid */ 00400 SubAuthorities[0] = SECURITY_THIS_ORGANIZATION_RID; 00401 LsapCreateSid(&NtAuthority, 00402 1, 00403 SubAuthorities, 00404 L"This Organization", 00405 L"NT AUTHORITY", 00406 SidTypeWellKnownGroup); 00407 00408 /* Local System Sid */ 00409 SubAuthorities[0] = SECURITY_LOCAL_SYSTEM_RID; 00410 LsapCreateSid(&NtAuthority, 00411 1, 00412 SubAuthorities, 00413 L"SYSTEM", 00414 L"NT AUTHORITY", 00415 SidTypeWellKnownGroup); 00416 00417 /* Local Service Sid */ 00418 SubAuthorities[0] = SECURITY_LOCAL_SERVICE_RID; 00419 LsapCreateSid(&NtAuthority, 00420 1, 00421 SubAuthorities, 00422 L"LOCAL SERVICE", 00423 L"NT AUTHORITY", 00424 SidTypeWellKnownGroup); 00425 00426 /* Network Service Sid */ 00427 SubAuthorities[0] = SECURITY_NETWORK_SERVICE_RID; 00428 LsapCreateSid(&NtAuthority, 00429 1, 00430 SubAuthorities, 00431 L"NETWORK SERVICE", 00432 L"NT AUTHORITY", 00433 SidTypeWellKnownGroup); 00434 00435 /* Builtin Domain Sid */ 00436 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00437 LsapCreateSid(&NtAuthority, 00438 1, 00439 SubAuthorities, 00440 L"BUILTIN", 00441 L"BUILTIN", 00442 SidTypeDomain); 00443 00444 /* Administrators Alias Sid */ 00445 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00446 SubAuthorities[1] = DOMAIN_ALIAS_RID_ADMINS; 00447 LsapCreateSid(&NtAuthority, 00448 2, 00449 SubAuthorities, 00450 L"Administrators", 00451 L"BUILTIN", 00452 SidTypeAlias); 00453 00454 /* Users Alias Sid */ 00455 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00456 SubAuthorities[1] = DOMAIN_ALIAS_RID_USERS; 00457 LsapCreateSid(&NtAuthority, 00458 2, 00459 SubAuthorities, 00460 L"Users", 00461 L"BUILTIN", 00462 SidTypeAlias); 00463 00464 /* Guests Alias Sid */ 00465 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00466 SubAuthorities[1] = DOMAIN_ALIAS_RID_GUESTS; 00467 LsapCreateSid(&NtAuthority, 00468 2, 00469 SubAuthorities, 00470 L"Guests", 00471 L"BUILTIN", 00472 SidTypeAlias); 00473 00474 /* Power User Alias Sid */ 00475 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00476 SubAuthorities[1] = DOMAIN_ALIAS_RID_POWER_USERS; 00477 LsapCreateSid(&NtAuthority, 00478 2, 00479 SubAuthorities, 00480 L"Power User", 00481 L"BUILTIN", 00482 SidTypeAlias); 00483 00484 /* Account Operators Alias Sid */ 00485 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00486 SubAuthorities[1] = DOMAIN_ALIAS_RID_ACCOUNT_OPS; 00487 LsapCreateSid(&NtAuthority, 00488 2, 00489 SubAuthorities, 00490 L"Account Operators", 00491 L"BUILTIN", 00492 SidTypeAlias); 00493 00494 /* System Operators Alias Sid */ 00495 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00496 SubAuthorities[1] = DOMAIN_ALIAS_RID_SYSTEM_OPS; 00497 LsapCreateSid(&NtAuthority, 00498 2, 00499 SubAuthorities, 00500 L"Server Operators", 00501 L"BUILTIN", 00502 SidTypeAlias); 00503 00504 /* Print Operators Alias Sid */ 00505 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00506 SubAuthorities[1] = DOMAIN_ALIAS_RID_PRINT_OPS; 00507 LsapCreateSid(&NtAuthority, 00508 2, 00509 SubAuthorities, 00510 L"Print Operators", 00511 L"BUILTIN", 00512 SidTypeAlias); 00513 00514 /* Backup Operators Alias Sid */ 00515 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00516 SubAuthorities[1] = DOMAIN_ALIAS_RID_BACKUP_OPS; 00517 LsapCreateSid(&NtAuthority, 00518 2, 00519 SubAuthorities, 00520 L"Backup Operators", 00521 L"BUILTIN", 00522 SidTypeAlias); 00523 00524 /* Replicators Alias Sid */ 00525 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00526 SubAuthorities[1] = DOMAIN_ALIAS_RID_REPLICATOR; 00527 LsapCreateSid(&NtAuthority, 00528 2, 00529 SubAuthorities, 00530 L"Replicators", 00531 L"BUILTIN", 00532 SidTypeAlias); 00533 00534 #if 0 00535 /* RAS Servers Alias Sid */ 00536 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00537 SubAuthorities[1] = DOMAIN_ALIAS_RID_RAS_SERVERS; 00538 LsapCreateSid(&NtAuthority, 00539 2, 00540 SubAuthorities, 00541 L"Backup Operators", 00542 L"BUILTIN", 00543 SidTypeAlias); 00544 #endif 00545 00546 /* Pre-Windows 2000 Compatible Access Alias Sid */ 00547 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00548 SubAuthorities[1] = DOMAIN_ALIAS_RID_PREW2KCOMPACCESS; 00549 LsapCreateSid(&NtAuthority, 00550 2, 00551 SubAuthorities, 00552 L"Pre-Windows 2000 Compatible Access", 00553 L"BUILTIN", 00554 SidTypeAlias); 00555 00556 /* Remote Desktop Users Alias Sid */ 00557 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00558 SubAuthorities[1] = DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS; 00559 LsapCreateSid(&NtAuthority, 00560 2, 00561 SubAuthorities, 00562 L"Remote Desktop Users", 00563 L"BUILTIN", 00564 SidTypeAlias); 00565 00566 /* Network Configuration Operators Alias Sid */ 00567 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; 00568 SubAuthorities[1] = DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS; 00569 LsapCreateSid(&NtAuthority, 00570 2, 00571 SubAuthorities, 00572 L"Network Configuration Operators", 00573 L"BUILTIN", 00574 SidTypeAlias); 00575 00576 /* FIXME: Add more well known sids */ 00577 00578 return STATUS_SUCCESS; 00579 } 00580 00581 00582 PWELL_KNOWN_SID 00583 LsapLookupWellKnownSid(PSID Sid) 00584 { 00585 PLIST_ENTRY ListEntry; 00586 PWELL_KNOWN_SID Ptr; 00587 00588 ListEntry = WellKnownSidListHead.Flink; 00589 while (ListEntry != &WellKnownSidListHead) 00590 { 00591 Ptr = CONTAINING_RECORD(ListEntry, 00592 WELL_KNOWN_SID, 00593 ListEntry); 00594 if (RtlEqualSid(Sid, Ptr->Sid)) 00595 { 00596 return Ptr; 00597 } 00598 00599 ListEntry = ListEntry->Flink; 00600 } 00601 00602 return NULL; 00603 } 00604 00605 00606 NTSTATUS 00607 LsapLookupSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, 00608 PLSAPR_TRANSLATED_NAME OutputNames) 00609 { 00610 static const UNICODE_STRING UserName = RTL_CONSTANT_STRING(L"Administrator"); 00611 PWELL_KNOWN_SID ptr; 00612 ULONG Mapped = 0; 00613 ULONG i; 00614 NTSTATUS Status; 00615 00616 PSID *Sids = (PSID *) SidEnumBuffer->SidInfo; 00617 00618 TRACE("LsapLookupSids(%p, %p)\n", SidEnumBuffer, OutputNames); 00619 TRACE("SidEnumBuffer->Entries: %lu\n", SidEnumBuffer->Entries); 00620 TRACE("SidEnumBuffer->SidInfo: %p\n", SidEnumBuffer->SidInfo); 00621 00622 for (i = 0; i < SidEnumBuffer->Entries; i++) 00623 { 00624 TRACE("i: %lu\n", i); 00625 ptr = LsapLookupWellKnownSid(Sids[i]); 00626 if (ptr != NULL) 00627 { 00628 OutputNames[i].Use = ptr->NameUse; 00629 00630 OutputNames[i].DomainIndex = i; /* Fixme */ 00631 00632 OutputNames[i].Name.Buffer = MIDL_user_allocate(ptr->Name.MaximumLength); 00633 OutputNames[i].Name.Length = ptr->Name.Length; 00634 OutputNames[i].Name.MaximumLength = ptr->Name.MaximumLength; 00635 RtlCopyMemory(OutputNames[i].Name.Buffer, ptr->Name.Buffer, ptr->Name.MaximumLength); 00636 00637 Mapped++; 00638 } 00639 else 00640 { 00641 OutputNames[i].Use = SidTypeWellKnownGroup; 00642 OutputNames[i].DomainIndex = i; 00643 OutputNames[i].Name.Buffer = MIDL_user_allocate(UserName.MaximumLength); 00644 OutputNames[i].Name.Length = UserName.Length; 00645 OutputNames[i].Name.MaximumLength = UserName.MaximumLength; 00646 RtlCopyMemory(OutputNames[i].Name.Buffer, UserName.Buffer, UserName.MaximumLength); 00647 00648 Mapped++; 00649 } 00650 } 00651 00652 if (Mapped == 0) 00653 Status = STATUS_NONE_MAPPED; 00654 else if (Mapped < SidEnumBuffer->Entries) 00655 Status = STATUS_SOME_NOT_MAPPED; 00656 else 00657 Status = STATUS_SUCCESS; 00658 00659 return Status; 00660 } 00661 00662 /* EOF */
Generated on Sat May 26 2012 04:23:10 for ReactOS by
1.7.6.1
