39 L"\\Registry\\Machine\\SECURITY");
97 TRACE(
"LsapInstallDatabase()\n");
118 ERR(
"Failed to create the 'Policy' key (Status: 0x%08lx)\n",
Status);
141 ERR(
"Failed to create the 'Accounts' key (Status: 0x%08lx)\n",
Status);
164 ERR(
"Failed to create the 'Domains' key (Status: 0x%08lx)\n",
Status);
187 ERR(
"Failed to create the 'Secrets' key (Status: 0x%08lx)\n",
Status);
192 if (SecretsKeyHandle !=
NULL)
195 if (DomainsKeyHandle !=
NULL)
198 if (AccountsKeyHandle !=
NULL)
201 if (PolicyKeyHandle !=
NULL)
204 TRACE(
"LsapInstallDatabase() done (Status: 0x%08lx)\n",
Status);
217 Seed = &SystemTime.
u.LowPart;
245 ULONG PolicySdSize = 0;
269 if (AuditEventsInfo ==
NULL)
338 sizeof(ModificationInfo));
344 sizeof(AuditFullInfo));
350 sizeof(AuditLogInfo));
356 sizeof(*AuditEventsInfo));
374 sizeof(DnsDomainGuid));
383 if (AuditEventsInfo !=
NULL)
384 RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);
386 if (PolicyObject !=
NULL)
392 if (PolicySd !=
NULL)
448 if (AttributeSize > 0)
476 if (AttributeSize > 0)
481 if (DomainName ==
NULL)
503 ERR(
"Failed to allocate the account domain name buffer\n");
514 TRACE(
"Builtin Domain SID: %S\n", SidString);
521 TRACE(
"Account Domain SID: %S\n", SidString);
528 if (DomainName !=
NULL)
531 if (PolicyObject !=
NULL)
543 TRACE(
"LsapInitDatabase()\n");
548 ERR(
"Failed to open the service key (Status: 0x%08lx)\n",
Status);
557 ERR(
"Failed to create the LSA database keys (Status: 0x%08lx)\n",
Status);
564 ERR(
"Failed to create the LSA database objects (Status: 0x%08lx)\n",
Status);
573 ERR(
"Failed to update the LSA database (Status: 0x%08lx)\n",
Status);
581 ERR(
"Failed to get the domain information (Status: 0x%08lx)\n",
Status);
585 TRACE(
"LsapInitDatabase() done\n");
608 if (DbObject ==
NULL)
611 if (ParentObject ==
NULL)
614 ParentKeyHandle = ParentObject->KeyHandle;
616 if (ContainerName !=
NULL)
702 if (ParentObject !=
NULL)
703 ParentObject->RefCount++;
728 if (DbObject ==
NULL)
731 if (ParentObject ==
NULL)
734 ParentKeyHandle = ParentObject->KeyHandle;
736 if (ContainerName !=
NULL)
815 if (ParentObject !=
NULL)
816 ParentObject->RefCount++;
856 ERR(
"LsapValidateDbObject access check failed %08lx %08lx\n",
862 if (DbObject !=
NULL)
863 *DbObject = LocalObject;
888 if (ParentObject !=
NULL)
908 DbObject->RefCount--;
910 if (DbObject->RefCount > 0)
913 if (DbObject->KeyHandle !=
NULL)
943 if (DbObject->ParentObject !=
NULL)
948 if (ParentObject !=
NULL)
989 ERR(
"NtCreateKey failed for '%S' with status 0x%lx\n",
1003 ERR(
"RtlpNtSetValueKey failed for '%S' with status 0x%lx\n",
1040 ValueSize = *AttributeSize;
1053 *AttributeSize = ValueSize;
1057 else if (*AttributeSize < ValueSize)
1059 *AttributeSize = ValueSize;
1071 *AttributeSize = ValueSize;
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
#define NT_SUCCESS(StatCode)
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
NTSTATUS LsapInitDatabase(VOID)
UNICODE_STRING BuiltinDomainName
NTSTATUS LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
NTSTATUS LsapDeleteDbObject(IN PLSA_DB_OBJECT DbObject)
UNICODE_STRING AccountDomainName
SID_IDENTIFIER_AUTHORITY NullSidAuthority
static NTSTATUS LsapUpdateDatabase(VOID)
static NTSTATUS LsapOpenServiceKey(VOID)
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
SID_IDENTIFIER_AUTHORITY NtAuthority
static NTSTATUS LsapGetDomainInfo(VOID)
static NTSTATUS LsapCreateDatabaseKeys(VOID)
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
NTSTATUS LsapDeleteObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
NTSTATUS LsapValidateDbObject(LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *DbObject)
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
static BOOLEAN LsapIsDatabaseInstalled(VOID)
static NTSTATUS LsapCreateRandomDomainSid(OUT PSID *Sid)
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
static NTSTATUS LsapCreateDatabaseObjects(VOID)
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
static HANDLE SecurityKeyHandle
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
NTSTATUS LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
#define LSAP_DB_SIGNATURE
enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
struct _LSA_DB_OBJECT * PLSA_DB_OBJECT
#define POLICY_AUDIT_EVENT_TYPE_COUNT
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
HLOCAL NTAPI LocalFree(HLOCAL hMem)
#define EXCEPTION_EXECUTE_HANDLER
#define OBJ_CASE_INSENSITIVE
#define InitializeObjectAttributes(p, n, a, r, s)
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
NTSYSAPI ULONG NTAPI RtlUniform(_In_ PULONG Seed)
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define KEY_CREATE_SUB_KEY
#define REG_OPTION_NON_VOLATILE
#define KEY_ENUMERATE_SUB_KEYS
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
#define STATUS_INVALID_HANDLE
#define STATUS_NO_MORE_ENTRIES
#define _SEH2_EXCEPT(...)
NTSTATUS NTAPI RtlpNtSetValueKey(IN HANDLE KeyHandle, IN ULONG Type, IN PVOID Data, IN ULONG DataLength)
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
#define STATUS_BUFFER_OVERFLOW
DWORD MaximumAuditEventCount
DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]
struct _LSA_DB_OBJECT * ParentObject
LSA_DB_OBJECT_TYPE ObjectType
LARGE_INTEGER AuditRetentionPeriod
BOOLEAN AuditLogFullShutdownInProgress
LARGE_INTEGER TimeToShutdown
ULONG AuditLogPercentFull
LARGE_INTEGER DatabaseCreationTime
INT64 MaximumWorkingSetSize
INT64 MinimumWorkingSetSize
#define RtlCopyMemory(Destination, Source, Length)
#define RtlZeroMemory(Destination, Length)
#define STATUS_ACCESS_DENIED
#define STATUS_INVALID_PARAMETER
#define STATUS_INSUFFICIENT_RESOURCES
struct _LARGE_INTEGER::@2299 u
_In_ WDFCOLLECTION _In_ ULONG Index
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
#define SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_LOCAL_SID_AUTHORITY
#define SECURITY_WORLD_SID_AUTHORITY
#define SECURITY_NULL_RID
#define SECURITY_NT_AUTHORITY
#define SECURITY_NULL_SID_AUTHORITY
#define SECURITY_CREATOR_SID_AUTHORITY
#define SECURITY_NT_NON_UNIQUE