37 L"\\Registry\\Machine\\SECURITY");
95 TRACE(
"LsapInstallDatabase()\n");
116 ERR(
"Failed to create the 'Policy' key (Status: 0x%08lx)\n",
Status);
139 ERR(
"Failed to create the 'Accounts' key (Status: 0x%08lx)\n",
Status);
162 ERR(
"Failed to create the 'Domains' key (Status: 0x%08lx)\n",
Status);
185 ERR(
"Failed to create the 'Secrets' key (Status: 0x%08lx)\n",
Status);
190 if (SecretsKeyHandle !=
NULL)
193 if (DomainsKeyHandle !=
NULL)
196 if (AccountsKeyHandle !=
NULL)
199 if (PolicyKeyHandle !=
NULL)
202 TRACE(
"LsapInstallDatabase() done (Status: 0x%08lx)\n",
Status);
215 Seed = &SystemTime.
u.LowPart;
243 ULONG PolicySdSize = 0;
267 if (AuditEventsInfo ==
NULL)
336 sizeof(ModificationInfo));
342 sizeof(AuditFullInfo));
348 sizeof(AuditLogInfo));
354 sizeof(*AuditEventsInfo));
372 sizeof(DnsDomainGuid));
381 if (AuditEventsInfo !=
NULL)
382 RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);
384 if (PolicyObject !=
NULL)
390 if (PolicySd !=
NULL)
446 if (AttributeSize > 0)
474 if (AttributeSize > 0)
479 if (DomainName ==
NULL)
501 ERR(
"Failed to allocate the account domain name buffer\n");
512 TRACE(
"Builtin Domain SID: %S\n", SidString);
519 TRACE(
"Account Domain SID: %S\n", SidString);
526 if (DomainName !=
NULL)
529 if (PolicyObject !=
NULL)
541 TRACE(
"LsapInitDatabase()\n");
546 ERR(
"Failed to open the service key (Status: 0x%08lx)\n",
Status);
555 ERR(
"Failed to create the LSA database keys (Status: 0x%08lx)\n",
Status);
562 ERR(
"Failed to create the LSA database objects (Status: 0x%08lx)\n",
Status);
571 ERR(
"Failed to update the LSA database (Status: 0x%08lx)\n",
Status);
579 ERR(
"Failed to get the domain information (Status: 0x%08lx)\n",
Status);
583 TRACE(
"LsapInitDatabase() done\n");
606 if (DbObject ==
NULL)
609 if (ParentObject ==
NULL)
612 ParentKeyHandle = ParentObject->KeyHandle;
614 if (ContainerName !=
NULL)
700 if (ParentObject !=
NULL)
701 ParentObject->RefCount++;
726 if (DbObject ==
NULL)
729 if (ParentObject ==
NULL)
732 ParentKeyHandle = ParentObject->KeyHandle;
734 if (ContainerName !=
NULL)
813 if (ParentObject !=
NULL)
814 ParentObject->RefCount++;
854 ERR(
"LsapValidateDbObject access check failed %08lx %08lx\n",
860 if (DbObject !=
NULL)
861 *DbObject = LocalObject;
886 if (ParentObject !=
NULL)
906 DbObject->RefCount--;
908 if (DbObject->RefCount > 0)
911 if (DbObject->KeyHandle !=
NULL)
941 if (DbObject->ParentObject !=
NULL)
946 if (ParentObject !=
NULL)
987 ERR(
"NtCreateKey failed for '%S' with status 0x%lx\n",
1001 ERR(
"RtlpNtSetValueKey failed for '%S' with status 0x%lx\n",
1038 ValueSize = *AttributeSize;
1051 *AttributeSize = ValueSize;
1055 else if (*AttributeSize < ValueSize)
1057 *AttributeSize = ValueSize;
1069 *AttributeSize = ValueSize;
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
static BOOLEAN LsapIsDatabaseInstalled(VOID)
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
#define STATUS_INSUFFICIENT_RESOURCES
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
#define STATUS_NO_MORE_ENTRIES
NTSTATUS LsapDeleteDbObject(IN PLSA_DB_OBJECT DbObject)
#define OBJ_CASE_INSENSITIVE
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
#define STATUS_INVALID_PARAMETER
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
struct _LSA_DB_OBJECT * ParentObject
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
static NTSTATUS LsapCreateRandomDomainSid(OUT PSID *Sid)
LSA_DB_OBJECT_TYPE ObjectType
DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
#define SECURITY_NULL_SID_AUTHORITY
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
NTSTATUS LsapInitDatabase(VOID)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
#define STATUS_INVALID_HANDLE
DWORD MaximumAuditEventCount
UNICODE_STRING AccountDomainName
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
static NTSTATUS LsapOpenServiceKey(VOID)
static NTSTATUS LsapGetDomainInfo(VOID)
static NTSTATUS LsapCreateDatabaseObjects(VOID)
NTSTATUS LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
#define SECURITY_LOCAL_SID_AUTHORITY
#define EXCEPTION_EXECUTE_HANDLER
NTSYSAPI ULONG NTAPI RtlUniform(_In_ PULONG Seed)
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
#define SECURITY_NT_AUTHORITY
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
static NTSTATUS LsapUpdateDatabase(VOID)
#define REG_OPTION_NON_VOLATILE
#define SECURITY_BUILTIN_DOMAIN_RID
#define NT_SUCCESS(StatCode)
UNICODE_STRING BuiltinDomainName
#define SECURITY_WORLD_SID_AUTHORITY
_In_ WDFCOLLECTION _In_ ULONG Index
#define STATUS_ACCESS_DENIED
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
#define SECURITY_NULL_RID
LARGE_INTEGER TimeToShutdown
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
BOOLEAN AuditLogFullShutdownInProgress
static HANDLE SecurityKeyHandle
INT64 MinimumWorkingSetSize
enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE
LARGE_INTEGER AuditRetentionPeriod
#define LSAP_DB_SIGNATURE
#define STATUS_BUFFER_OVERFLOW
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
HLOCAL NTAPI LocalFree(HLOCAL hMem)
NTSTATUS NTAPI RtlpNtSetValueKey(IN HANDLE KeyHandle, IN ULONG Type, IN PVOID Data, IN ULONG DataLength)
NTSTATUS LsapValidateDbObject(LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *DbObject)
INT64 MaximumWorkingSetSize
static NTSTATUS LsapCreateDatabaseKeys(VOID)
NTSTATUS LsapDeleteObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
LARGE_INTEGER DatabaseCreationTime
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define RtlZeroMemory(Destination, Length)
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
#define InitializeObjectAttributes(p, n, a, r, s)
struct _LSA_DB_OBJECT * PLSA_DB_OBJECT
#define RtlCopyMemory(Destination, Source, Length)
#define _SEH2_EXCEPT(...)
SID_IDENTIFIER_AUTHORITY NullSidAuthority
NTSTATUS LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
struct _LARGE_INTEGER::@2269 u
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
#define KEY_CREATE_SUB_KEY
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
#define SECURITY_NT_NON_UNIQUE
#define SECURITY_CREATOR_SID_AUTHORITY
SID_IDENTIFIER_AUTHORITY NtAuthority
ULONG AuditLogPercentFull
#define POLICY_AUDIT_EVENT_TYPE_COUNT
#define KEY_ENUMERATE_SUB_KEYS