d0/d67/dll_2win32_2lsasrv_2database_8c_source.html

 /*
  * PROJECT:     Local Security Authority Server DLL
  * LICENSE:     GPL - See COPYING in the top level directory
  * FILE:        dll/win32/lsasrv/database.c
  * PURPOSE:     LSA object database
  * COPYRIGHT:   Copyright 2011 Eric Kohl
  */

 #include "lsasrv.h"

 /* GLOBALS *****************************************************************/

 static HANDLE SecurityKeyHandle = NULL;

 SID_IDENTIFIER_AUTHORITY NullSidAuthority    = {SECURITY_NULL_SID_AUTHORITY};
 SID_IDENTIFIER_AUTHORITY WorldSidAuthority   = {SECURITY_WORLD_SID_AUTHORITY};
 SID_IDENTIFIER_AUTHORITY LocalSidAuthority   = {SECURITY_LOCAL_SID_AUTHORITY};
 SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY};
 SID_IDENTIFIER_AUTHORITY NtAuthority         = {SECURITY_NT_AUTHORITY};

 PSID BuiltinDomainSid = NULL;
 PSID AccountDomainSid = NULL;
 UNICODE_STRING BuiltinDomainName = {0, 0, NULL};
 UNICODE_STRING AccountDomainName = {0, 0, NULL};


 /* FUNCTIONS ***************************************************************/

 static NTSTATUS
 LsapOpenServiceKey(VOID)
 {
     OBJECT_ATTRIBUTES ObjectAttributes;
     UNICODE_STRING KeyName;
     NTSTATUS Status;

     RtlInitUnicodeString(&KeyName,
                          L"\\Registry\\Machine\\SECURITY");

     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                NULL,
                                NULL);

     Status = RtlpNtOpenKey(&SecurityKeyHandle,
                            KEY_READ | KEY_CREATE_SUB_KEY | KEY_ENUMERATE_SUB_KEYS,
                            &ObjectAttributes,
                            0);

     return Status;
 }


 static BOOLEAN
 LsapIsDatabaseInstalled(VOID)
 {
     OBJECT_ATTRIBUTES ObjectAttributes;
     UNICODE_STRING KeyName;
     HANDLE KeyHandle;
     NTSTATUS Status;

     RtlInitUnicodeString(&KeyName,
                          L"Policy");

     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                SecurityKeyHandle,
                                NULL);

     Status = RtlpNtOpenKey(&KeyHandle,
                            KEY_READ,
                            &ObjectAttributes,
                            0);
     if (!NT_SUCCESS(Status))
         return FALSE;

     NtClose(KeyHandle);

     return TRUE;
 }


 static NTSTATUS
 LsapCreateDatabaseKeys(VOID)
 {
     OBJECT_ATTRIBUTES ObjectAttributes;
     UNICODE_STRING KeyName;
     HANDLE PolicyKeyHandle = NULL;
     HANDLE AccountsKeyHandle = NULL;
     HANDLE DomainsKeyHandle = NULL;
     HANDLE SecretsKeyHandle = NULL;
     NTSTATUS Status = STATUS_SUCCESS;

     TRACE("LsapInstallDatabase()\n");

     /* Create the 'Policy' key */
     RtlInitUnicodeString(&KeyName,
                          L"Policy");

     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                SecurityKeyHandle,
                                NULL);

     Status = NtCreateKey(&PolicyKeyHandle,
                          KEY_ALL_ACCESS,
                          &ObjectAttributes,
                          0,
                          NULL,
                          0,
                          NULL);
     if (!NT_SUCCESS(Status))
     {
         ERR("Failed to create the 'Policy' key (Status: 0x%08lx)\n", Status);
         goto Done;
     }

     /* Create the 'Accounts' key */
     RtlInitUnicodeString(&KeyName,
                          L"Accounts");

     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                PolicyKeyHandle,
                                NULL);

     Status = NtCreateKey(&AccountsKeyHandle,
                          KEY_ALL_ACCESS,
                          &ObjectAttributes,
                          0,
                          NULL,
                          0,
                          NULL);
     if (!NT_SUCCESS(Status))
     {
         ERR("Failed to create the 'Accounts' key (Status: 0x%08lx)\n", Status);
         goto Done;
     }

     /* Create the 'Domains' key */
     RtlInitUnicodeString(&KeyName,
                          L"Domains");

     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                PolicyKeyHandle,
                                NULL);

     Status = NtCreateKey(&DomainsKeyHandle,
                          KEY_ALL_ACCESS,
                          &ObjectAttributes,
                          0,
                          NULL,
                          0,
                          NULL);
     if (!NT_SUCCESS(Status))
     {
         ERR("Failed to create the 'Domains' key (Status: 0x%08lx)\n", Status);
         goto Done;
     }

     /* Create the 'Secrets' key */
     RtlInitUnicodeString(&KeyName,
                          L"Secrets");

     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                PolicyKeyHandle,
                                NULL);

     Status = NtCreateKey(&SecretsKeyHandle,
                          KEY_ALL_ACCESS,
                          &ObjectAttributes,
                          0,
                          NULL,
                          0,
                          NULL);
     if (!NT_SUCCESS(Status))
     {
         ERR("Failed to create the 'Secrets' key (Status: 0x%08lx)\n", Status);
         goto Done;
     }

 Done:
     if (SecretsKeyHandle != NULL)
         NtClose(SecretsKeyHandle);

     if (DomainsKeyHandle != NULL)
         NtClose(DomainsKeyHandle);

     if (AccountsKeyHandle != NULL)
         NtClose(AccountsKeyHandle);

     if (PolicyKeyHandle != NULL)
         NtClose(PolicyKeyHandle);

     TRACE("LsapInstallDatabase() done (Status: 0x%08lx)\n", Status);

     return Status;
 }


 static NTSTATUS
 LsapCreateRandomDomainSid(OUT PSID *Sid)
 {
     LARGE_INTEGER SystemTime;
     PULONG Seed;

     NtQuerySystemTime(&SystemTime);
     Seed = &SystemTime.u.LowPart;

     return RtlAllocateAndInitializeSid(&NtAuthority,
                                        4,
                                        SECURITY_NT_NON_UNIQUE,
                                        RtlUniform(Seed),
                                        RtlUniform(Seed),
                                        RtlUniform(Seed),
                                        SECURITY_NULL_RID,
                                        SECURITY_NULL_RID,
                                        SECURITY_NULL_RID,
                                        SECURITY_NULL_RID,
                                        Sid);
 }


 static NTSTATUS
 LsapCreateDatabaseObjects(VOID)
 {
     PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL;
     POLICY_DEFAULT_QUOTA_INFO QuotaInfo;
     POLICY_MODIFICATION_INFO ModificationInfo;
     POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE};
     POLICY_AUDIT_LOG_INFO AuditLogInfo;
     GUID DnsDomainGuid;
     PLSA_DB_OBJECT PolicyObject = NULL;
     PSID AccountDomainSid = NULL;
     PSECURITY_DESCRIPTOR PolicySd = NULL;
     ULONG PolicySdSize = 0;
     ULONG i;
     NTSTATUS Status;

     /* Initialize the default quota limits */
     QuotaInfo.QuotaLimits.PagedPoolLimit = 0x2000000;
     QuotaInfo.QuotaLimits.NonPagedPoolLimit = 0x100000;
     QuotaInfo.QuotaLimits.MinimumWorkingSetSize = 0x10000;
     QuotaInfo.QuotaLimits.MaximumWorkingSetSize = 0xF000000;
     QuotaInfo.QuotaLimits.PagefileLimit = 0;
     QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0;

     /* Initialize the audit log attribute */
     AuditLogInfo.AuditLogPercentFull = 0;
     AuditLogInfo.MaximumLogSize = 0;                    // DWORD
     AuditLogInfo.AuditRetentionPeriod.QuadPart = 0;     // LARGE_INTEGER
     AuditLogInfo.AuditLogFullShutdownInProgress = 0;    // BYTE
     AuditLogInfo.TimeToShutdown.QuadPart = 0;           // LARGE_INTEGER
     AuditLogInfo.NextAuditRecordId = 0;                 // DWORD

     /* Initialize the Audit Events attribute */
     AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(),
                                       HEAP_ZERO_MEMORY,
                                       sizeof(LSAP_POLICY_AUDIT_EVENTS_DATA));
     if (AuditEventsInfo == NULL)
         return STATUS_INSUFFICIENT_RESOURCES;

     AuditEventsInfo->AuditingMode = FALSE;
     AuditEventsInfo->MaximumAuditEventCount = POLICY_AUDIT_EVENT_TYPE_COUNT;
     for (i = 0; i < POLICY_AUDIT_EVENT_TYPE_COUNT; i++)
         AuditEventsInfo->AuditEvents[i] = 0;

     /* Initialize the DNS Domain GUID attribute */
     RtlZeroMemory(&DnsDomainGuid, sizeof(DnsDomainGuid));

     /* Initialize the modification attribute */
     ModificationInfo.ModifiedId.QuadPart = 0;
     NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime);

     /* Create a random domain SID */
     Status = LsapCreateRandomDomainSid(&AccountDomainSid);
     if (!NT_SUCCESS(Status))
         goto done;

     Status = LsapCreatePolicySd(&PolicySd, &PolicySdSize);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Open the 'Policy' object */
     Status = LsapOpenDbObject(NULL,
                               NULL,
                               L"Policy",
                               LsaDbPolicyObject,
                               0,
                               TRUE,
                               &PolicyObject);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set the Primary Domain Name attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolPrDmN",
                            NULL,
                            0);

     /* Set the Primary Domain SID attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolPrDmS",
                            NULL,
                            0);

     /* Set the Account Domain Name attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolAcDmN",
                            NULL,
                            0);

     /* Set the Account Domain SID attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolAcDmS",
                            AccountDomainSid,
                            RtlLengthSid(AccountDomainSid));

     /* Set the default quota limits attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"DefQuota",
                            &QuotaInfo,
                            sizeof(QuotaInfo));

     /* Set the modification attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolMod",
                            &ModificationInfo,
                            sizeof(ModificationInfo));

     /* Set the audit full attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolAdtFl",
                            &AuditFullInfo,
                            sizeof(AuditFullInfo));

     /* Set the audit log attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolAdtLg",
                            &AuditLogInfo,
                            sizeof(AuditLogInfo));

     /* Set the audit events attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolAdtEv",
                            AuditEventsInfo,
                            sizeof(*AuditEventsInfo));

     /* Set the DNS Domain Name attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolDnDDN",
                            NULL,
                            0);

     /* Set the DNS Forest Name attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolDnTrN",
                            NULL,
                            0);

     /* Set the DNS Domain GUID attribute */
     LsapSetObjectAttribute(PolicyObject,
                            L"PolDnDmG",
                            &DnsDomainGuid,
                            sizeof(DnsDomainGuid));

     /* Set the Security Descriptor */
     LsapSetObjectAttribute(PolicyObject,
                            L"SecDesc",
                            PolicySd,
                            PolicySdSize);

 done:
     if (AuditEventsInfo != NULL)
         RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);

     if (PolicyObject != NULL)
         LsapCloseDbObject(PolicyObject);

     if (AccountDomainSid != NULL)
         RtlFreeSid(AccountDomainSid);

     if (PolicySd != NULL)
         RtlFreeHeap(RtlGetProcessHeap(), 0, PolicySd);

     return Status;
 }


 static NTSTATUS
 LsapUpdateDatabase(VOID)
 {
     return STATUS_SUCCESS;
 }


 static NTSTATUS
 LsapGetDomainInfo(VOID)
 {
     PLSA_DB_OBJECT PolicyObject = NULL;
     PUNICODE_STRING DomainName = NULL;
     ULONG AttributeSize;
     LPWSTR SidString = NULL;
     NTSTATUS Status;

     /* Get the built-in domain SID and name */
     Status = RtlAllocateAndInitializeSid(&NtAuthority,
                                          1,
                                          SECURITY_BUILTIN_DOMAIN_RID,
                                          0, 0, 0, 0, 0, 0, 0,
                                          &BuiltinDomainSid);
     if (!NT_SUCCESS(Status))
         return Status;


     RtlInitUnicodeString(&BuiltinDomainName,
                          L"BUILTIN");

     /* Open the 'Policy' object */
     Status = LsapOpenDbObject(NULL,
                               NULL,
                               L"Policy",
                               LsaDbPolicyObject,
                               0,
                               TRUE,
                               &PolicyObject);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Get the account domain SID */
     AttributeSize = 0;
     Status = LsapGetObjectAttribute(PolicyObject,
                                     L"PolAcDmS",
                                     NULL,
                                     &AttributeSize);
     if (!NT_SUCCESS(Status))
         goto done;

     if (AttributeSize > 0)
     {
         AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(),
                                            HEAP_ZERO_MEMORY,
                                            AttributeSize);
         if (AccountDomainSid == NULL)
         {
             Status = STATUS_INSUFFICIENT_RESOURCES;
             goto done;
         }

         Status = LsapGetObjectAttribute(PolicyObject,
                                         L"PolAcDmS",
                                         AccountDomainSid,
                                         &AttributeSize);
         if (!NT_SUCCESS(Status))
             goto done;
     }

     /* Get the account domain name */
     AttributeSize = 0;
     Status = LsapGetObjectAttribute(PolicyObject,
                                     L"PolAcDmN",
                                     NULL,
                                     &AttributeSize);
     if (!NT_SUCCESS(Status))
         goto done;

     if (AttributeSize > 0)
     {
         DomainName = RtlAllocateHeap(RtlGetProcessHeap(),
                                      HEAP_ZERO_MEMORY,
                                      AttributeSize);
         if (DomainName == NULL)
         {
             Status = STATUS_INSUFFICIENT_RESOURCES;
             goto done;
         }

         Status = LsapGetObjectAttribute(PolicyObject,
                                         L"PolAcDmN",
                                         DomainName,
                                         &AttributeSize);
         if (!NT_SUCCESS(Status))
             goto done;

         DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);

         AccountDomainName.Length = DomainName->Length;
         AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR);
         AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
                                                    HEAP_ZERO_MEMORY,
                                                    AccountDomainName.MaximumLength);
         if (AccountDomainName.Buffer == NULL)
         {
             ERR("Failed to allocate the account domain name buffer\n");
             Status = STATUS_INSUFFICIENT_RESOURCES;
             goto done;
         }

         RtlCopyMemory(AccountDomainName.Buffer,
                       DomainName->Buffer,
                       DomainName->Length);
     }

     ConvertSidToStringSidW(BuiltinDomainSid, &SidString);
     TRACE("Builtin Domain SID: %S\n", SidString);
     LocalFree(SidString);
     SidString = NULL;

     TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName);

     ConvertSidToStringSidW(AccountDomainSid, &SidString);
     TRACE("Account Domain SID: %S\n", SidString);
     LocalFree(SidString);
     SidString = NULL;

     TRACE("Account Domain Name: %wZ\n", &AccountDomainName);

 done:
     if (DomainName != NULL)
         RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName);

     if (PolicyObject != NULL)
         LsapCloseDbObject(PolicyObject);

     return Status;
 }


 NTSTATUS
 LsapInitDatabase(VOID)
 {
     NTSTATUS Status;

     TRACE("LsapInitDatabase()\n");

     Status = LsapOpenServiceKey();
     if (!NT_SUCCESS(Status))
     {
         ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
         return Status;
     }

     if (!LsapIsDatabaseInstalled())
     {
         Status = LsapCreateDatabaseKeys();
         if (!NT_SUCCESS(Status))
         {
             ERR("Failed to create the LSA database keys (Status: 0x%08lx)\n", Status);
             return Status;
         }

         Status = LsapCreateDatabaseObjects();
         if (!NT_SUCCESS(Status))
         {
             ERR("Failed to create the LSA database objects (Status: 0x%08lx)\n", Status);
             return Status;
         }
     }
     else
     {
         Status = LsapUpdateDatabase();
         if (!NT_SUCCESS(Status))
         {
             ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status);
             return Status;
         }
     }

     Status = LsapGetDomainInfo();
     if (!NT_SUCCESS(Status))
     {
         ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status);
         return Status;
     }

     TRACE("LsapInitDatabase() done\n");

     return STATUS_SUCCESS;
 }


 NTSTATUS
 LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject,
                    IN LPWSTR ContainerName,
                    IN LPWSTR ObjectName,
                    IN LSA_DB_OBJECT_TYPE ObjectType,
                    IN ACCESS_MASK DesiredAccess,
                    IN BOOLEAN Trusted,
                    OUT PLSA_DB_OBJECT *DbObject)
 {
     PLSA_DB_OBJECT NewObject;
     OBJECT_ATTRIBUTES ObjectAttributes;
     UNICODE_STRING KeyName;
     HANDLE ParentKeyHandle;
     HANDLE ContainerKeyHandle = NULL;
     HANDLE ObjectKeyHandle = NULL;
     NTSTATUS Status;

     if (DbObject == NULL)
         return STATUS_INVALID_PARAMETER;

     if (ParentObject == NULL)
         ParentKeyHandle = SecurityKeyHandle;
     else
         ParentKeyHandle = ParentObject->KeyHandle;

     if (ContainerName != NULL)
     {
         /* Open the container key */
         RtlInitUnicodeString(&KeyName,
                              ContainerName);

         InitializeObjectAttributes(&ObjectAttributes,
                                    &KeyName,
                                    OBJ_CASE_INSENSITIVE,
                                    ParentKeyHandle,
                                    NULL);

         Status = NtOpenKey(&ContainerKeyHandle,
                            KEY_ALL_ACCESS,
                            &ObjectAttributes);
         if (!NT_SUCCESS(Status))
         {
             return Status;
         }

         /* Open the object key */
         RtlInitUnicodeString(&KeyName,
                              ObjectName);

         InitializeObjectAttributes(&ObjectAttributes,
                                    &KeyName,
                                    OBJ_CASE_INSENSITIVE,
                                    ContainerKeyHandle,
                                    NULL);

         Status = NtCreateKey(&ObjectKeyHandle,
                              KEY_ALL_ACCESS,
                              &ObjectAttributes,
                              0,
                              NULL,
                              0,
                              NULL);

         NtClose(ContainerKeyHandle);

         if (!NT_SUCCESS(Status))
         {
             return Status;
         }
     }
     else
     {
         RtlInitUnicodeString(&KeyName,
                              ObjectName);

         InitializeObjectAttributes(&ObjectAttributes,
                                    &KeyName,
                                    OBJ_CASE_INSENSITIVE,
                                    ParentKeyHandle,
                                    NULL);

         Status = NtCreateKey(&ObjectKeyHandle,
                              KEY_ALL_ACCESS,
                              &ObjectAttributes,
                              0,
                              NULL,
                              0,
                              NULL);
         if (!NT_SUCCESS(Status))
         {
             return Status;
         }
     }

     NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
                                 0,
                                 sizeof(LSA_DB_OBJECT));
     if (NewObject == NULL)
     {
         NtClose(ObjectKeyHandle);
         return STATUS_NO_MEMORY;
     }

     NewObject->Signature = LSAP_DB_SIGNATURE;
     NewObject->RefCount = 1;
     NewObject->ObjectType = ObjectType;
     NewObject->Access = DesiredAccess;
     NewObject->KeyHandle = ObjectKeyHandle;
     NewObject->ParentObject = ParentObject;
     NewObject->Trusted = Trusted;

     if (ParentObject != NULL)
         ParentObject->RefCount++;

     *DbObject = NewObject;

     return STATUS_SUCCESS;
 }


 NTSTATUS
 LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject,
                  IN LPWSTR ContainerName,
                  IN LPWSTR ObjectName,
                  IN LSA_DB_OBJECT_TYPE ObjectType,
                  IN ACCESS_MASK DesiredAccess,
                  IN BOOLEAN Trusted,
                  OUT PLSA_DB_OBJECT *DbObject)
 {
     PLSA_DB_OBJECT NewObject;
     OBJECT_ATTRIBUTES ObjectAttributes;
     UNICODE_STRING KeyName;
     HANDLE ParentKeyHandle;
     HANDLE ContainerKeyHandle = NULL;
     HANDLE ObjectKeyHandle = NULL;
     NTSTATUS Status;

     if (DbObject == NULL)
         return STATUS_INVALID_PARAMETER;

     if (ParentObject == NULL)
         ParentKeyHandle = SecurityKeyHandle;
     else
         ParentKeyHandle = ParentObject->KeyHandle;

     if (ContainerName != NULL)
     {
         /* Open the container key */
         RtlInitUnicodeString(&KeyName,
                              ContainerName);

         InitializeObjectAttributes(&ObjectAttributes,
                                    &KeyName,
                                    OBJ_CASE_INSENSITIVE,
                                    ParentKeyHandle,
                                    NULL);

         Status = NtOpenKey(&ContainerKeyHandle,
                            KEY_ALL_ACCESS,
                            &ObjectAttributes);
         if (!NT_SUCCESS(Status))
         {
             return Status;
         }

         /* Open the object key */
         RtlInitUnicodeString(&KeyName,
                              ObjectName);

         InitializeObjectAttributes(&ObjectAttributes,
                                    &KeyName,
                                    OBJ_CASE_INSENSITIVE,
                                    ContainerKeyHandle,
                                    NULL);

         Status = NtOpenKey(&ObjectKeyHandle,
                            KEY_ALL_ACCESS,
                            &ObjectAttributes);

         NtClose(ContainerKeyHandle);

         if (!NT_SUCCESS(Status))
         {
             return Status;
         }
     }
     else
     {
         /* Open the object key */
         RtlInitUnicodeString(&KeyName,
                              ObjectName);

         InitializeObjectAttributes(&ObjectAttributes,
                                    &KeyName,
                                    OBJ_CASE_INSENSITIVE,
                                    ParentKeyHandle,
                                    NULL);

         Status = NtOpenKey(&ObjectKeyHandle,
                            KEY_ALL_ACCESS,
                            &ObjectAttributes);
         if (!NT_SUCCESS(Status))
         {
             return Status;
         }
     }

     NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
                                 0,
                                 sizeof(LSA_DB_OBJECT));
     if (NewObject == NULL)
     {
         NtClose(ObjectKeyHandle);
         return STATUS_NO_MEMORY;
     }

     NewObject->Signature = LSAP_DB_SIGNATURE;
     NewObject->RefCount = 1;
     NewObject->ObjectType = ObjectType;
     NewObject->Access = DesiredAccess;
     NewObject->KeyHandle = ObjectKeyHandle;
     NewObject->ParentObject = ParentObject;
     NewObject->Trusted = Trusted;

     if (ParentObject != NULL)
         ParentObject->RefCount++;

     *DbObject = NewObject;

     return STATUS_SUCCESS;
 }


 NTSTATUS
 LsapValidateDbObject(LSAPR_HANDLE Handle,
                      LSA_DB_OBJECT_TYPE ObjectType,
                      ACCESS_MASK DesiredAccess,
                      PLSA_DB_OBJECT *DbObject)
 {
     PLSA_DB_OBJECT LocalObject = (PLSA_DB_OBJECT)Handle;
     BOOLEAN bValid = FALSE;

     _SEH2_TRY
     {
         if (LocalObject->Signature == LSAP_DB_SIGNATURE)
         {
             if ((ObjectType == LsaDbIgnoreObject) ||
                 (LocalObject->ObjectType == ObjectType))
                 bValid = TRUE;
         }
     }
     _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
     {
         bValid = FALSE;
     }
     _SEH2_END;

     if (bValid == FALSE)
         return STATUS_INVALID_HANDLE;

     if (DesiredAccess != 0)
     {
         /* Check for granted access rights */
         if ((LocalObject->Access & DesiredAccess) != DesiredAccess)
         {
             ERR("LsapValidateDbObject access check failed %08lx  %08lx\n",
                 LocalObject->Access, DesiredAccess);
             return STATUS_ACCESS_DENIED;
         }
     }

     if (DbObject != NULL)
         *DbObject = LocalObject;

     return STATUS_SUCCESS;
 }


 NTSTATUS
 LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
 {
     PLSA_DB_OBJECT ParentObject = NULL;
     NTSTATUS Status = STATUS_SUCCESS;

     DbObject->RefCount--;

     if (DbObject->RefCount > 0)
         return STATUS_SUCCESS;

     if (DbObject->KeyHandle != NULL)
         NtClose(DbObject->KeyHandle);

     if (DbObject->ParentObject != NULL)
         ParentObject = DbObject->ParentObject;

     RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);

     if (ParentObject != NULL)
     {
         ParentObject->RefCount--;

         if (ParentObject->RefCount == 0)
             Status = LsapCloseDbObject(ParentObject);
     }

     return Status;
 }


 NTSTATUS
 LsapDeleteDbObject(IN PLSA_DB_OBJECT DbObject)
 {
     PLSA_DB_OBJECT ParentObject = NULL;
     WCHAR KeyName[64];
     ULONG Index;
     NTSTATUS Status = STATUS_SUCCESS;

     DbObject->RefCount--;

     if (DbObject->RefCount > 0)
         return STATUS_SUCCESS;

     if (DbObject->KeyHandle != NULL)
     {
         Index = 0;

         while (TRUE)
         {
             Status = LsapRegEnumerateSubKey(DbObject->KeyHandle,
                                             Index,
                                             sizeof(KeyName),
                                             KeyName);
             if (!NT_SUCCESS(Status))
                 break;

             TRACE("Index: %lu\n", Index);
             TRACE("Key name: %S\n", KeyName);

             Status = LsapRegDeleteSubKey(DbObject->KeyHandle,
                                          KeyName);
             if (!NT_SUCCESS(Status))
                 break;
         }

         if (Status == STATUS_NO_MORE_ENTRIES)
             Status = STATUS_SUCCESS;

         LsapRegDeleteKey(DbObject->KeyHandle);

         NtClose(DbObject->KeyHandle);
     }

     if (DbObject->ParentObject != NULL)
         ParentObject = DbObject->ParentObject;

     RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);

     if (ParentObject != NULL)
     {
         ParentObject->RefCount--;

         if (ParentObject->RefCount == 0)
             Status = LsapCloseDbObject(ParentObject);
     }

     return Status;
 }


 NTSTATUS
 LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject,
                        LPWSTR AttributeName,
                        LPVOID AttributeData,
                        ULONG AttributeSize)
 {
     OBJECT_ATTRIBUTES ObjectAttributes;
     UNICODE_STRING KeyName;
     HANDLE AttributeKey;
     NTSTATUS Status;

     RtlInitUnicodeString(&KeyName,
                          AttributeName);

     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                DbObject->KeyHandle,
                                NULL);

     Status = NtCreateKey(&AttributeKey,
                          KEY_SET_VALUE,
                          &ObjectAttributes,
                          0,
                          NULL,
                          REG_OPTION_NON_VOLATILE,
                          NULL);
     if (!NT_SUCCESS(Status))
     {
         ERR("NtCreateKey failed for '%S' with status 0x%lx\n",
             AttributeName, Status);
         return Status;
     }

     Status = RtlpNtSetValueKey(AttributeKey,
                                REG_NONE,
                                AttributeData,
                                AttributeSize);

     NtClose(AttributeKey);

     if (!NT_SUCCESS(Status))
     {
         ERR("RtlpNtSetValueKey failed for '%S' with status 0x%lx\n",
             AttributeName, Status);
     }

     return Status;
 }


 NTSTATUS
 LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject,
                        LPWSTR AttributeName,
                        LPVOID AttributeData,
                        PULONG AttributeSize)
 {
     OBJECT_ATTRIBUTES ObjectAttributes;
     UNICODE_STRING KeyName;
     HANDLE AttributeKey;
     ULONG ValueSize;
     NTSTATUS Status;

     RtlInitUnicodeString(&KeyName,
                          AttributeName);

     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                DbObject->KeyHandle,
                                NULL);

     Status = NtOpenKey(&AttributeKey,
                        KEY_QUERY_VALUE,
                        &ObjectAttributes);
     if (!NT_SUCCESS(Status))
     {
         return Status;
     }

     ValueSize = *AttributeSize;
     Status = RtlpNtQueryValueKey(AttributeKey,
                                  NULL,
                                  NULL,
                                  &ValueSize,
                                  0);
     if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
     {
         goto Done;
     }

     if (AttributeData == NULL || *AttributeSize == 0)
     {
         *AttributeSize = ValueSize;
         Status = STATUS_SUCCESS;
         goto Done;
     }
     else if (*AttributeSize < ValueSize)
     {
         *AttributeSize = ValueSize;
         Status = STATUS_BUFFER_OVERFLOW;
         goto Done;
     }

     Status = RtlpNtQueryValueKey(AttributeKey,
                                  NULL,
                                  AttributeData,
                                  &ValueSize,
                                  0);
     if (NT_SUCCESS(Status))
     {
         *AttributeSize = ValueSize;
     }

 Done:
     NtClose(AttributeKey);

     return Status;
 }


 NTSTATUS
 LsapDeleteObjectAttribute(PLSA_DB_OBJECT DbObject,
                           LPWSTR AttributeName)
 {
     return LsapRegDeleteSubKey(DbObject->KeyHandle,
                                AttributeName);
 }

 /* EOF */
_QUOTA_LIMITS::TimeLimit
LARGE_INTEGER TimeLimit
Definition: lsa.idl:292

_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301

_LSA_DB_OBJECT::Access
ACCESS_MASK Access
Definition: lsasrv.h:61

LsapRegDeleteSubKey
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59

LsapOpenDbObject
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:710

ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35

ObjectType
ObjectType
Definition: metafile.c:80

LocalSidAuthority
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
Definition: database.c:17

KeyName
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711

_QUOTA_LIMITS::NonPagedPoolLimit
INT64 NonPagedPoolLimit
Definition: lsa.idl:288

IN
#define IN
Definition: typedefs.h:39

LsapIsDatabaseInstalled
static BOOLEAN LsapIsDatabaseInstalled(VOID)
Definition: database.c:55

RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)

LsapSetObjectAttribute
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
Definition: database.c:959

STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158

_POLICY_AUDIT_LOG_INFO::MaximumLogSize
ULONG MaximumLogSize
Definition: ntsecapi.h:554

_QUOTA_LIMITS::PagefileLimit
INT64 PagefileLimit
Definition: lsa.idl:291

NtCreateKey
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240

STATUS_NO_MORE_ENTRIES
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:205

LsapDeleteDbObject
NTSTATUS LsapDeleteDbObject(IN PLSA_DB_OBJECT DbObject)
Definition: database.c:899

_SID
Definition: ms-dtyp.idl:198

KEY_SET_VALUE
#define KEY_SET_VALUE
Definition: nt_native.h:1017

OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228

KeyHandle
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4711

_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370

KEY_READ
#define KEY_READ
Definition: nt_native.h:1023

TRUE
#define TRUE
Definition: types.h:120

_OBJECT_ATTRIBUTES
Definition: umtypes.h:181

STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135

_POLICY_AUDIT_LOG_INFO::NextAuditRecordId
ULONG NextAuditRecordId
Definition: ntsecapi.h:558

RtlFreeSid
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369

_LSA_DB_OBJECT::ParentObject
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:64

RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606

LsapCreateRandomDomainSid
static NTSTATUS LsapCreateRandomDomainSid(OUT PSID *Sid)
Definition: database.c:209

_LSA_DB_OBJECT::ObjectType
LSA_DB_OBJECT_TYPE ObjectType
Definition: lsasrv.h:59

GUID
Definition: shobjidl.idl:2868

_LSAP_POLICY_AUDIT_EVENTS_DATA::AuditEvents
DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]
Definition: lsasrv.h:73

LsapRegDeleteKey
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
Definition: registry.c:89

SECURITY_NULL_SID_AUTHORITY
#define SECURITY_NULL_SID_AUTHORITY
Definition: setypes.h:496

_POLICY_AUDIT_FULL_QUERY_INFO
Definition: ntsecapi.h:600

ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62

CreatorSidAuthority
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
Definition: database.c:18

ConvertSidToStringSidW
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3259

LsapInitDatabase
NTSTATUS LsapInitDatabase(VOID)
Definition: database.c:537

RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290

STATUS_INVALID_HANDLE
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:245

_LSAP_POLICY_AUDIT_EVENTS_DATA::MaximumAuditEventCount
DWORD MaximumAuditEventCount
Definition: lsasrv.h:74

_POLICY_DEFAULT_QUOTA_INFO
Definition: ntsecapi.h:590

AccountDomainName
UNICODE_STRING AccountDomainName
Definition: database.c:24

LsapCloseDbObject
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:868

_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226

ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65

LsapOpenServiceKey
static NTSTATUS LsapOpenServiceKey(VOID)
Definition: database.c:30

_POLICY_DEFAULT_QUOTA_INFO::QuotaLimits
QUOTA_LIMITS QuotaLimits
Definition: ntsecapi.h:591

LsapGetDomainInfo
static NTSTATUS LsapGetDomainInfo(VOID)
Definition: database.c:405

LsapCreateDatabaseObjects
static NTSTATUS LsapCreateDatabaseObjects(VOID)
Definition: database.c:232

i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

BuiltinDomainSid
PSID BuiltinDomainSid
Definition: database.c:21

FALSE
#define FALSE
Definition: types.h:117

LsapCreatePolicySd
NTSTATUS LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
Definition: security.c:14

_LSA_DB_OBJECT::KeyHandle
HANDLE KeyHandle
Definition: lsasrv.h:62

SECURITY_LOCAL_SID_AUTHORITY
#define SECURITY_LOCAL_SID_AUTHORITY
Definition: setypes.h:502

_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371

_QUOTA_LIMITS::PagedPoolLimit
INT64 PagedPoolLimit
Definition: lsa.idl:287

_LSAP_POLICY_AUDIT_EVENTS_DATA::AuditingMode
BOOLEAN AuditingMode
Definition: lsasrv.h:72

EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85

RtlUniform
NTSYSAPI ULONG NTAPI RtlUniform(_In_ PULONG Seed)

BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185

NULL
smooth NULL
Definition: ftsmooth.c:416

Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103

RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150

RtlpNtOpenKey
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
Definition: registry.c:912

SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526

WorldSidAuthority
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:16

lsasrv.h

RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588

LsapUpdateDatabase
static NTSTATUS LsapUpdateDatabase(VOID)
Definition: database.c:398

REG_OPTION_NON_VOLATILE
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057

Handle
_In_ HANDLE Handle
Definition: extypes.h:390

TRACE
#define TRACE(s)
Definition: solgame.cpp:4

SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553

WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32

BuiltinDomainName
UNICODE_STRING BuiltinDomainName
Definition: database.c:23

SECURITY_WORLD_SID_AUTHORITY
#define SECURITY_WORLD_SID_AUTHORITY
Definition: setypes.h:499

Index
static const UCHAR Index[8]
Definition: usbohci.c:18

STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145

_LSA_DB_OBJECT::RefCount
ULONG RefCount
Definition: lsasrv.h:60

_LSA_DB_OBJECT::Signature
ULONG Signature
Definition: lsasrv.h:58

NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399

SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:512

_POLICY_AUDIT_LOG_INFO::TimeToShutdown
LARGE_INTEGER TimeToShutdown
Definition: ntsecapi.h:557

Status
Status
Definition: gdiplustypes.h:24

RtlpNtQueryValueKey
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
Definition: registry.c:933

_POLICY_AUDIT_LOG_INFO::AuditLogFullShutdownInProgress
BOOLEAN AuditLogFullShutdownInProgress
Definition: ntsecapi.h:556

L
static const WCHAR L[]
Definition: oid.c:1250

_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194

_POLICY_MODIFICATION_INFO::ModifiedId
LARGE_INTEGER ModifiedId
Definition: ntsecapi.h:594

SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:13

_QUOTA_LIMITS::MinimumWorkingSetSize
INT64 MinimumWorkingSetSize
Definition: lsa.idl:289

LSA_DB_OBJECT_TYPE
enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE

ERR
#define ERR(fmt,...)
Definition: debug.h:110

_POLICY_AUDIT_LOG_INFO::AuditRetentionPeriod
LARGE_INTEGER AuditRetentionPeriod
Definition: ntsecapi.h:555

LSAP_DB_SIGNATURE
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:67

_UNICODE_STRING
Definition: env_spec_w32.h:368

_SEH2_END
_SEH2_END
Definition: create.c:4400

STATUS_BUFFER_OVERFLOW
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66

LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577

KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041

RtlpNtSetValueKey
NTSTATUS NTAPI RtlpNtSetValueKey(IN HANDLE KeyHandle, IN ULONG Type, IN PVOID Data, IN ULONG DataLength)
Definition: registry.c:988

LsapValidateDbObject
NTSTATUS LsapValidateDbObject(LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *DbObject)
Definition: database.c:823

KEY_QUERY_VALUE
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016

_LSA_DB_OBJECT
Definition: lsasrv.h:56

DesiredAccess
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4137

STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260

PULONG
unsigned int * PULONG
Definition: retypes.h:1

AttributeData
Definition: ntfs.h:168

_POLICY_AUDIT_LOG_INFO
Definition: ntsecapi.h:552

LsaDbIgnoreObject
Definition: lsasrv.h:49

HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134

_QUOTA_LIMITS::MaximumWorkingSetSize
INT64 MaximumWorkingSetSize
Definition: lsa.idl:290

_LARGE_INTEGER
Definition: typedefs.h:102

LsapCreateDatabaseKeys
static NTSTATUS LsapCreateDatabaseKeys(VOID)
Definition: database.c:85

LsapDeleteObjectAttribute
NTSTATUS LsapDeleteObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
Definition: database.c:1080

NtOpenKey
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336

LsaDbPolicyObject
Definition: lsasrv.h:50

OUT
#define OUT
Definition: typedefs.h:40

_POLICY_MODIFICATION_INFO::DatabaseCreationTime
LARGE_INTEGER DatabaseCreationTime
Definition: ntsecapi.h:595

ULONG
unsigned int ULONG
Definition: retypes.h:1

RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262

ULONG_PTR
#define ULONG_PTR
Definition: config.h:101

NtQuerySystemTime
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:417

InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106

AccountDomainSid
PSID AccountDomainSid
Definition: database.c:22

PLSA_DB_OBJECT
struct _LSA_DB_OBJECT * PLSA_DB_OBJECT

_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6

NullSidAuthority
SID_IDENTIFIER_AUTHORITY NullSidAuthority
Definition: database.c:15

_LARGE_INTEGER::u
struct _LARGE_INTEGER::@2267 u

REG_NONE
#define REG_NONE
Definition: nt_native.h:1492

LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

LsapCreateDbObject
NTSTATUS LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:590

void
Definition: nsiface.idl:2306

_POLICY_MODIFICATION_INFO
Definition: ntsecapi.h:593

NewObject
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:71

STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:3014

LsapGetObjectAttribute
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
Definition: database.c:1010

KEY_CREATE_SUB_KEY
#define KEY_CREATE_SUB_KEY
Definition: nt_native.h:1018

ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40

LsapRegEnumerateSubKey
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96

SECURITY_NT_NON_UNIQUE
#define SECURITY_NT_NON_UNIQUE
Definition: setypes.h:549

SECURITY_CREATOR_SID_AUTHORITY
#define SECURITY_CREATOR_SID_AUTHORITY
Definition: setypes.h:505

NtAuthority
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:19

_POLICY_AUDIT_LOG_INFO::AuditLogPercentFull
ULONG AuditLogPercentFull
Definition: ntsecapi.h:553

_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114

_LSAP_POLICY_AUDIT_EVENTS_DATA
Definition: lsasrv.h:70

POLICY_AUDIT_EVENT_TYPE_COUNT
#define POLICY_AUDIT_EVENT_TYPE_COUNT
Definition: lsasrv.h:69

KEY_ENUMERATE_SUB_KEYS
#define KEY_ENUMERATE_SUB_KEYS
Definition: nt_native.h:1019