d2/d31/dll_2win32_2samsrv_2setup_8c_source.html

 /*
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         Security Account Manager (SAM) Server
  * FILE:            reactos/dll/win32/samsrv/setup.c
  * PURPOSE:         Registry setup routines
  *
  * PROGRAMMERS:     Eric Kohl
  */

 #include "samsrv.h"

 #include <ntsecapi.h>

 #include "resources.h"

 /* GLOBALS *****************************************************************/

 #define TICKS_PER_SECOND 10000000LL

 SID_IDENTIFIER_AUTHORITY SecurityNtAuthority = {SECURITY_NT_AUTHORITY};

 /* FUNCTIONS ***************************************************************/

 static BOOL
 SampSetupAddMemberToAlias(HKEY hDomainKey,
                           ULONG AliasId,
                           PSID MemberSid)
 {
     DWORD dwDisposition;
     LPWSTR MemberSidString = NULL;
     WCHAR szKeyName[256];
     HKEY hMembersKey;

     ConvertSidToStringSidW(MemberSid, &MemberSidString);

     swprintf(szKeyName, L"Aliases\\%08lX\\Members", AliasId);

     if (!RegCreateKeyExW(hDomainKey,
                          szKeyName,
                          0,
                          NULL,
                          REG_OPTION_NON_VOLATILE,
                          KEY_ALL_ACCESS,
                          NULL,
                          &hMembersKey,
                          &dwDisposition))
     {
         RegSetValueEx(hMembersKey,
                       MemberSidString,
                       0,
                       REG_BINARY,
                       (LPVOID)MemberSid,
                       RtlLengthSid(MemberSid));

         RegCloseKey(hMembersKey);
     }

     swprintf(szKeyName, L"Aliases\\Members\\%s", MemberSidString);

     if (!RegCreateKeyExW(hDomainKey,
                          szKeyName,
                          0,
                          NULL,
                          REG_OPTION_NON_VOLATILE,
                          KEY_ALL_ACCESS,
                          NULL,
                          &hMembersKey,
                          &dwDisposition))
     {
         swprintf(szKeyName, L"%08lX", AliasId);

         RegSetValueEx(hMembersKey,
                       szKeyName,
                       0,
                       REG_BINARY,
                       (LPVOID)MemberSid,
                       RtlLengthSid(MemberSid));

         RegCloseKey(hMembersKey);
     }

     if (MemberSidString != NULL)
         LocalFree(MemberSidString);

     return TRUE;
 }


 static
 NTSTATUS
 SampSetupCreateAliasAccount(HANDLE hDomainKey,
                             LPCWSTR lpAccountName,
                             LPCWSTR lpDescription,
                             ULONG ulRelativeId)
 {
     WCHAR szAccountKeyName[32];
     HANDLE hAccountKey = NULL;
     HANDLE hNamesKey = NULL;
     PSECURITY_DESCRIPTOR Sd = NULL;
     ULONG SdSize = 0;
     NTSTATUS Status;

     swprintf(szAccountKeyName, L"Aliases\\%08lX", ulRelativeId);

     Status = SampRegCreateKey(hDomainKey,
                               szAccountKeyName,
                               KEY_ALL_ACCESS,
                               &hAccountKey);
     if (!NT_SUCCESS(Status))
         return Status;

     Status = SampRegSetValue(hAccountKey,
                              L"Name",
                              REG_SZ,
                              (LPVOID)lpAccountName,
                              (wcslen(lpAccountName) + 1) * sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"Description",
                              REG_SZ,
                              (LPVOID)lpDescription,
                              (wcslen(lpDescription) + 1) * sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     /* Create the server SD */
     Status = SampCreateAliasSD(&Sd,
                                &SdSize);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set SecDesc attribute*/
     Status = SampRegSetValue(hAccountKey,
                              L"SecDesc",
                              REG_BINARY,
                              Sd,
                              SdSize);
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegOpenKey(hDomainKey,
                             L"Aliases\\Names",
                             KEY_ALL_ACCESS,
                             &hNamesKey);
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hNamesKey,
                             lpAccountName,
                             REG_DWORD,
                             (LPVOID)&ulRelativeId,
                             sizeof(ULONG));

 done:
     SampRegCloseKey(&hNamesKey);

     if (Sd != NULL)
         RtlFreeHeap(RtlGetProcessHeap(), 0, Sd);

     if (hAccountKey != NULL)
     {
         SampRegCloseKey(&hAccountKey);

         if (!NT_SUCCESS(Status))
             SampRegDeleteKey(hDomainKey,
                              szAccountKeyName);
     }

     return Status;
 }


 static
 NTSTATUS
 SampSetupAddMemberToGroup(IN HANDLE hDomainKey,
                           IN ULONG GroupId,
                           IN ULONG MemberId)
 {
     WCHAR szKeyName[256];
     HANDLE hGroupKey = NULL;
     PULONG MembersBuffer = NULL;
     ULONG MembersCount = 0;
     ULONG Length = 0;
     ULONG i;
     NTSTATUS Status;

     swprintf(szKeyName, L"Groups\\%08lX", GroupId);

     Status = SampRegOpenKey(hDomainKey,
                             szKeyName,
                             KEY_ALL_ACCESS,
                             &hGroupKey);
     if (!NT_SUCCESS(Status))
         return Status;

     Status = SampRegQueryValue(hGroupKey,
                                L"Members",
                                NULL,
                                NULL,
                                &Length);
     if (!NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND)
         goto done;

     MembersBuffer = midl_user_allocate(Length + sizeof(ULONG));
     if (MembersBuffer == NULL)
     {
         Status = STATUS_INSUFFICIENT_RESOURCES;
         goto done;
     }

     if (Status != STATUS_OBJECT_NAME_NOT_FOUND)
     {
         Status = SampRegQueryValue(hGroupKey,
                                    L"Members",
                                    NULL,
                                    MembersBuffer,
                                    &Length);
         if (!NT_SUCCESS(Status))
             goto done;

         MembersCount = Length / sizeof(ULONG);
     }

     for (i = 0; i < MembersCount; i++)
     {
         if (MembersBuffer[i] == MemberId)
         {
             Status = STATUS_MEMBER_IN_GROUP;
             goto done;
         }
     }

     MembersBuffer[MembersCount] = MemberId;
     Length += sizeof(ULONG);

     Status = SampRegSetValue(hGroupKey,
                              L"Members",
                              REG_BINARY,
                              MembersBuffer,
                              Length);

 done:
     if (MembersBuffer != NULL)
         midl_user_free(MembersBuffer);

     SampRegCloseKey(&hGroupKey);

     return Status;
 }


 static
 NTSTATUS
 SampSetupCreateGroupAccount(HANDLE hDomainKey,
                             LPCWSTR lpAccountName,
                             LPCWSTR lpComment,
                             ULONG ulRelativeId)
 {
     SAM_GROUP_FIXED_DATA FixedGroupData;
     WCHAR szAccountKeyName[32];
     HANDLE hAccountKey = NULL;
     HANDLE hNamesKey = NULL;
     PSECURITY_DESCRIPTOR Sd = NULL;
     ULONG SdSize = 0;
     NTSTATUS Status;

     /* Initialize fixed group data */
     FixedGroupData.Version = 1;
     FixedGroupData.Reserved = 0;
     FixedGroupData.GroupId = ulRelativeId;
     FixedGroupData.Attributes = 0;

     swprintf(szAccountKeyName, L"Groups\\%08lX", ulRelativeId);

     Status = SampRegCreateKey(hDomainKey,
                               szAccountKeyName,
                               KEY_ALL_ACCESS,
                               &hAccountKey);
     if (!NT_SUCCESS(Status))
         return Status;

     Status = SampRegSetValue(hAccountKey,
                              L"F",
                              REG_BINARY,
                              (LPVOID)&FixedGroupData,
                              sizeof(SAM_GROUP_FIXED_DATA));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"Name",
                              REG_SZ,
                              (LPVOID)lpAccountName,
                              (wcslen(lpAccountName) + 1) * sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"AdminComment",
                              REG_SZ,
                              (LPVOID)lpComment,
                              (wcslen(lpComment) + 1) * sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     /* Create the security descriptor */
     Status = SampCreateGroupSD(&Sd,
                                &SdSize);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set the SecDesc attribute*/
     Status = SampRegSetValue(hAccountKey,
                              L"SecDesc",
                              REG_BINARY,
                              Sd,
                              SdSize);
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegOpenKey(hDomainKey,
                             L"Groups\\Names",
                             KEY_ALL_ACCESS,
                             &hNamesKey);
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hNamesKey,
                             lpAccountName,
                             REG_DWORD,
                             (LPVOID)&ulRelativeId,
                             sizeof(ULONG));

 done:
     SampRegCloseKey(&hNamesKey);

     if (Sd != NULL)
         RtlFreeHeap(RtlGetProcessHeap(), 0, Sd);

     if (hAccountKey != NULL)
     {
         SampRegCloseKey(&hAccountKey);

         if (!NT_SUCCESS(Status))
             SampRegDeleteKey(hDomainKey,
                              szAccountKeyName);
     }

     return Status;
 }


 static
 NTSTATUS
 SampSetupCreateUserAccount(HANDLE hDomainKey,
                            LPCWSTR lpAccountName,
                            LPCWSTR lpComment,
                            PSID lpDomainSid,
                            ULONG ulRelativeId,
                            ULONG UserAccountControl)
 {
     SAM_USER_FIXED_DATA FixedUserData;
     GROUP_MEMBERSHIP GroupMembership;
     UCHAR LogonHours[23];
     LPWSTR lpEmptyString = L"";
     WCHAR szAccountKeyName[32];
     HANDLE hAccountKey = NULL;
     HANDLE hNamesKey = NULL;
     PSECURITY_DESCRIPTOR Sd = NULL;
     ULONG SdSize = 0;
     PSID UserSid = NULL;
     NTSTATUS Status;

     UserSid = AppendRidToSid(lpDomainSid,
                              ulRelativeId);

     /* Create the security descriptor */
     Status = SampCreateUserSD(UserSid,
                               &Sd,
                               &SdSize);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Initialize fixed user data */
     FixedUserData.Version = 1;
     FixedUserData.Reserved = 0;
     FixedUserData.LastLogon.QuadPart = 0;
     FixedUserData.LastLogoff.QuadPart = 0;
     FixedUserData.PasswordLastSet.QuadPart = 0;
     FixedUserData.AccountExpires.QuadPart = MAXLONGLONG;
     FixedUserData.LastBadPasswordTime.QuadPart = 0;
     FixedUserData.UserId = ulRelativeId;
     FixedUserData.PrimaryGroupId = DOMAIN_GROUP_RID_USERS;
     FixedUserData.UserAccountControl = UserAccountControl;
     FixedUserData.CountryCode = 0;
     FixedUserData.CodePage = 0;
     FixedUserData.BadPasswordCount = 0;
     FixedUserData.LogonCount = 0;
     FixedUserData.AdminCount = 0;
     FixedUserData.OperatorCount = 0;

     swprintf(szAccountKeyName, L"Users\\%08lX", ulRelativeId);

     Status = SampRegCreateKey(hDomainKey,
                               szAccountKeyName,
                               KEY_ALL_ACCESS,
                               &hAccountKey);
     if (!NT_SUCCESS(Status))
         return Status;

     Status = SampRegSetValue(hAccountKey,
                              L"F",
                              REG_BINARY,
                              (LPVOID)&FixedUserData,
                              sizeof(SAM_USER_FIXED_DATA));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"Name",
                              REG_SZ,
                              (LPVOID)lpAccountName,
                              (wcslen(lpAccountName) + 1) * sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"FullName",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"HomeDirectory",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"HomeDirectoryDrive",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"ScriptPath",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"ProfilePath",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"AdminComment",
                              REG_SZ,
                              (LPVOID)lpComment,
                              (wcslen(lpComment) + 1) * sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"UserComment",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"WorkStations",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hAccountKey,
                              L"Parameters",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set LogonHours attribute*/
     *((PUSHORT)LogonHours) = 168;
     memset(&(LogonHours[2]), 0xff, 21);

     Status = SampRegSetValue(hAccountKey,
                              L"LogonHours",
                              REG_BINARY,
                              (LPVOID)LogonHours,
                              sizeof(LogonHours));
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set Groups attribute*/
     GroupMembership.RelativeId = DOMAIN_GROUP_RID_USERS;
     GroupMembership.Attributes = SE_GROUP_MANDATORY |
                                  SE_GROUP_ENABLED |
                                  SE_GROUP_ENABLED_BY_DEFAULT;

     Status = SampRegSetValue(hAccountKey,
                              L"Groups",
                              REG_BINARY,
                              (LPVOID)&GroupMembership,
                              sizeof(GROUP_MEMBERSHIP));
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set LMPwd attribute*/
     Status = SampRegSetValue(hAccountKey,
                              L"LMPwd",
                              REG_BINARY,
                              (LPVOID)&EmptyLmHash,
                              sizeof(ENCRYPTED_LM_OWF_PASSWORD));
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set NTPwd attribute*/
     Status = SampRegSetValue(hAccountKey,
                              L"NTPwd",
                              REG_BINARY,
                              (LPVOID)&EmptyNtHash,
                              sizeof(ENCRYPTED_NT_OWF_PASSWORD));
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set LMPwdHistory attribute*/
     Status = SampRegSetValue(hAccountKey,
                              L"LMPwdHistory",
                              REG_BINARY,
                              NULL,
                              0);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set NTPwdHistory attribute*/
     Status = SampRegSetValue(hAccountKey,
                              L"NTPwdHistory",
                              REG_BINARY,
                              NULL,
                              0);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set PrivateData attribute*/
     Status = SampRegSetValue(hAccountKey,
                              L"PrivateData",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set the SecDesc attribute*/
     Status = SampRegSetValue(hAccountKey,
                              L"SecDesc",
                              REG_BINARY,
                              Sd,
                              SdSize);
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegOpenKey(hDomainKey,
                             L"Users\\Names",
                             KEY_ALL_ACCESS,
                             &hNamesKey);
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hNamesKey,
                             lpAccountName,
                             REG_DWORD,
                             (LPVOID)&ulRelativeId,
                             sizeof(ULONG));

 done:
     SampRegCloseKey(&hNamesKey);

     if (Sd != NULL)
         RtlFreeHeap(RtlGetProcessHeap(), 0, Sd);

     if (UserSid != NULL)
         RtlFreeHeap(RtlGetProcessHeap(), 0, UserSid);

     if (hAccountKey != NULL)
     {
         SampRegCloseKey(&hAccountKey);

         if (!NT_SUCCESS(Status))
             SampRegDeleteKey(hDomainKey,
                              szAccountKeyName);
     }

     return Status;
 }


 static
 NTSTATUS
 SampSetupCreateDomain(IN HANDLE hServerKey,
                       IN LPCWSTR lpKeyName,
                       IN LPCWSTR lpDomainName,
                       IN PSID lpDomainSid,
                       IN BOOLEAN bBuiltinDomain,
                       OUT HANDLE *lpDomainKey)
 {
     SAM_DOMAIN_FIXED_DATA FixedData;
     WCHAR szDomainKeyName[32];
     LPWSTR lpEmptyString = L"";
     HANDLE hDomainKey = NULL;
     HANDLE hAliasesKey = NULL;
     HANDLE hGroupsKey = NULL;
     HANDLE hUsersKey = NULL;
     HANDLE hNamesKey = NULL;
     PSECURITY_DESCRIPTOR Sd = NULL;
     ULONG SdSize = 0;
     NTSTATUS Status;

     if (lpDomainKey != NULL)
         *lpDomainKey = NULL;

     /* Initialize the fixed domain data */
     memset(&FixedData, 0, sizeof(SAM_DOMAIN_FIXED_DATA));
     FixedData.Version = 1;
     NtQuerySystemTime(&FixedData.CreationTime);
     FixedData.DomainModifiedCount.QuadPart = 0;
     FixedData.MaxPasswordAge.QuadPart = -(6LL * 7LL * 24LL * 60LL * 60LL * TICKS_PER_SECOND); /* 6 weeks */
     FixedData.MinPasswordAge.QuadPart = 0;                                                    /* right now */
     FixedData.ForceLogoff.QuadPart = LLONG_MAX;                                               /* very far in the future aka never */
     FixedData.LockoutDuration.QuadPart = -(30LL * 60LL * TICKS_PER_SECOND);                   /* 30 minutes */
     FixedData.LockoutObservationWindow.QuadPart = -(30LL * 60LL * TICKS_PER_SECOND);          /* 30 minutes */
     FixedData.ModifiedCountAtLastPromotion.QuadPart = 0;
     FixedData.NextRid = 1000;
     FixedData.PasswordProperties = 0;
     FixedData.MinPasswordLength = 0;
     FixedData.PasswordHistoryLength = 0;
     FixedData.LockoutThreshold = 0;
     FixedData.DomainServerState = DomainServerEnabled;
     FixedData.DomainServerRole = DomainServerRolePrimary;
     FixedData.UasCompatibilityRequired = TRUE;

     wcscpy(szDomainKeyName, L"Domains\\");
     wcscat(szDomainKeyName, lpKeyName);

     Status = SampRegCreateKey(hServerKey,
                               szDomainKeyName,
                               KEY_ALL_ACCESS,
                               &hDomainKey);
     if (!NT_SUCCESS(Status))
         return Status;

     /* Set the fixed data value */
     Status = SampRegSetValue(hDomainKey,
                              L"F",
                              REG_BINARY,
                              (LPVOID)&FixedData,
                              sizeof(SAM_DOMAIN_FIXED_DATA));
     if (!NT_SUCCESS(Status))
         goto done;

     if (lpDomainSid != NULL)
     {
         Status = SampRegSetValue(hDomainKey,
                                  L"Name",
                                  REG_SZ,
                                  (LPVOID)lpDomainName,
                                  (wcslen(lpDomainName) + 1) * sizeof(WCHAR));
         if (!NT_SUCCESS(Status))
             goto done;

         Status = SampRegSetValue(hDomainKey,
                                  L"SID",
                                  REG_BINARY,
                                  (LPVOID)lpDomainSid,
                                  RtlLengthSid(lpDomainSid));
         if (!NT_SUCCESS(Status))
             goto done;
     }

     Status = SampRegSetValue(hDomainKey,
                              L"OemInformation",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegSetValue(hDomainKey,
                              L"ReplicaSourceNodeName",
                              REG_SZ,
                              (LPVOID)lpEmptyString,
                              sizeof(WCHAR));
     if (!NT_SUCCESS(Status))
         goto done;

     /* Create the Alias container */
     Status = SampRegCreateKey(hDomainKey,
                               L"Aliases",
                               KEY_ALL_ACCESS,
                               &hAliasesKey);
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegCreateKey(hAliasesKey,
                               L"Names",
                               KEY_ALL_ACCESS,
                               &hNamesKey);
     if (!NT_SUCCESS(Status))
         goto done;

     SampRegCloseKey(&hNamesKey);

     /* Create the Groups container */
     Status = SampRegCreateKey(hDomainKey,
                               L"Groups",
                               KEY_ALL_ACCESS,
                               &hGroupsKey);
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegCreateKey(hGroupsKey,
                               L"Names",
                               KEY_ALL_ACCESS,
                               &hNamesKey);
     if (!NT_SUCCESS(Status))
         goto done;

     SampRegCloseKey(&hNamesKey);

     /* Create the Users container */
     Status = SampRegCreateKey(hDomainKey,
                               L"Users",
                               KEY_ALL_ACCESS,
                               &hUsersKey);
     if (!NT_SUCCESS(Status))
         goto done;

     Status = SampRegCreateKey(hUsersKey,
                               L"Names",
                               KEY_ALL_ACCESS,
                               &hNamesKey);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Create the server SD */
     if (bBuiltinDomain != FALSE)
         Status = SampCreateBuiltinDomainSD(&Sd,
                                            &SdSize);
     else
         Status = SampCreateAccountDomainSD(&Sd,
                                            &SdSize);

     if (!NT_SUCCESS(Status))
         goto done;

     /* Set SecDesc attribute*/
     Status = SampRegSetValue(hServerKey,
                              L"SecDesc",
                              REG_BINARY,
                              Sd,
                              SdSize);
     if (!NT_SUCCESS(Status))
         goto done;

     SampRegCloseKey(&hNamesKey);

     if (lpDomainKey != NULL)
         *lpDomainKey = hDomainKey;

 done:
     if (Sd != NULL)
         RtlFreeHeap(RtlGetProcessHeap(), 0, Sd);

     SampRegCloseKey(&hAliasesKey);
     SampRegCloseKey(&hGroupsKey);
     SampRegCloseKey(&hUsersKey);

     if (!NT_SUCCESS(Status))
         SampRegCloseKey(&hDomainKey);

     return Status;
 }


 static
 NTSTATUS
 SampSetupCreateServer(IN HANDLE hSamKey,
                       OUT HANDLE *lpServerKey)
 {
     HANDLE hServerKey = NULL;
     HANDLE hDomainsKey = NULL;
     PSECURITY_DESCRIPTOR Sd = NULL;
     ULONG SdSize = 0;
     NTSTATUS Status;

     Status = SampRegCreateKey(hSamKey,
                               L"SAM",
                               KEY_ALL_ACCESS,
                               &hServerKey);
     if (!NT_SUCCESS(Status))
         return Status;

     Status = SampRegCreateKey(hServerKey,
                               L"Domains",
                               KEY_ALL_ACCESS,
                               &hDomainsKey);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Create the server SD */
     Status = SampCreateServerSD(&Sd,
                                 &SdSize);
     if (!NT_SUCCESS(Status))
         goto done;

     /* Set SecDesc attribute*/
     Status = SampRegSetValue(hServerKey,
                              L"SecDesc",
                              REG_BINARY,
                              Sd,
                              SdSize);
     if (!NT_SUCCESS(Status))
         goto done;

     SampRegCloseKey(&hDomainsKey);

     *lpServerKey = hServerKey;

 done:
     if (Sd != NULL)
         RtlFreeHeap(RtlGetProcessHeap(), 0, Sd);

     return Status;
 }


 NTSTATUS
 SampGetAccountDomainInfo(PPOLICY_ACCOUNT_DOMAIN_INFO *AccountDomainInfo)
 {
     LSA_OBJECT_ATTRIBUTES ObjectAttributes;
     LSA_HANDLE PolicyHandle;
     NTSTATUS Status;

     TRACE("SampGetAccountDomainInfo\n");

     memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
     ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);

     Status = LsaOpenPolicy(NULL,
                            &ObjectAttributes,
                            POLICY_VIEW_LOCAL_INFORMATION,
                            &PolicyHandle);
     if (Status != STATUS_SUCCESS)
     {
         ERR("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status);
         return Status;
     }

     Status = LsaQueryInformationPolicy(PolicyHandle,
                                        PolicyAccountDomainInformation,
                                        (PVOID *)AccountDomainInfo);

     LsaClose(PolicyHandle);

     return Status;
 }


 BOOL
 SampInitializeSAM(VOID)
 {
     PPOLICY_ACCOUNT_DOMAIN_INFO AccountDomainInfo = NULL;
     HANDLE hSamKey = NULL;
     HANDLE hServerKey = NULL;
     HANDLE hBuiltinDomainKey = NULL;
     HANDLE hAccountDomainKey = NULL;
     PSID pBuiltinSid = NULL;
     PSID pInteractiveSid = NULL;
     PSID pAuthenticatedUserSid = NULL;
     BOOL bResult = TRUE;
     PSID pSid;
     HINSTANCE hInstance;
     WCHAR szComment[256];
     WCHAR szName[80];
     NTSTATUS Status;

     TRACE("SampInitializeSAM() called\n");

     hInstance = GetModuleHandleW(L"samsrv.dll");

     /* Open the SAM key */
     Status = SampRegOpenKey(NULL,
                             L"\\Registry\\Machine\\SAM",
                             KEY_READ | KEY_CREATE_SUB_KEY | KEY_ENUMERATE_SUB_KEYS,
                             &hSamKey);
     if (!NT_SUCCESS(Status))
     {
         ERR("Failed to open the SAM key (Status: 0x%08lx)\n", Status);
         return FALSE;
     }

     /* Create the SAM Server object */
     Status = SampSetupCreateServer(hSamKey,
                                    &hServerKey);
     if (!NT_SUCCESS(Status))
     {
         bResult = FALSE;
         goto done;
     }

     /* Create and initialize the Builtin Domain SID */
     pBuiltinSid = RtlAllocateHeap(RtlGetProcessHeap(), 0, RtlLengthRequiredSid(1));
     if (pBuiltinSid == NULL)
     {
         ERR("Failed to allocate the Builtin Domain SID\n");
         bResult = FALSE;
         goto done;
     }

     RtlInitializeSid(pBuiltinSid, &SecurityNtAuthority, 1);
     *(RtlSubAuthoritySid(pBuiltinSid, 0)) = SECURITY_BUILTIN_DOMAIN_RID;

     /* Create and initialize the Interactive SID */
     pInteractiveSid = RtlAllocateHeap(RtlGetProcessHeap(), 0, RtlLengthRequiredSid(1));
     if (pInteractiveSid == NULL)
     {
         ERR("Failed to allocate the Interactive SID\n");
         bResult = FALSE;
         goto done;
     }

     RtlInitializeSid(pInteractiveSid, &SecurityNtAuthority, 1);
     *(RtlSubAuthoritySid(pInteractiveSid, 0)) = SECURITY_INTERACTIVE_RID;

     /* Create and initialize the Authenticated User SID */
     pAuthenticatedUserSid = RtlAllocateHeap(RtlGetProcessHeap(), 0, RtlLengthRequiredSid(1));
     if (pAuthenticatedUserSid == NULL)
     {
         ERR("Failed to allocate the Authenticated User SID\n");
         bResult = FALSE;
         goto done;
     }

     RtlInitializeSid(pAuthenticatedUserSid, &SecurityNtAuthority, 1);
     *(RtlSubAuthoritySid(pAuthenticatedUserSid, 0)) = SECURITY_AUTHENTICATED_USER_RID;

     /* Get account domain information */
     Status = SampGetAccountDomainInfo(&AccountDomainInfo);
     if (!NT_SUCCESS(Status))
     {
         ERR("SampGetAccountDomainInfo failed (Status %08lx)\n", Status);
         bResult = FALSE;
         goto done;
     }

     SampLoadString(hInstance, IDS_DOMAIN_BUILTIN_NAME, szName, 80);

     /* Create the Builtin domain */
     Status = SampSetupCreateDomain(hServerKey,
                                    L"Builtin",
                                    szName,
                                    pBuiltinSid,
                                    TRUE,
                                    &hBuiltinDomainKey);
     if (!NT_SUCCESS(Status))
     {
         bResult = FALSE;
         goto done;
     }

     /* Create the Administrators alias */
     SampLoadString(hInstance, IDS_ALIAS_ADMINISTRATORS_NAME, szName, 80);
     SampLoadString(hInstance, IDS_ALIAS_ADMINISTRATORS_COMMENT, szComment, 256);

     SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                 szName,
                                 szComment,
                                 DOMAIN_ALIAS_RID_ADMINS);

     /* Create the Users alias */
     SampLoadString(hInstance, IDS_ALIAS_USERS_NAME, szName, 80);
     SampLoadString(hInstance, IDS_ALIAS_USERS_COMMENT, szComment, 256);

     SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                 szName,
                                 szComment,
                                 DOMAIN_ALIAS_RID_USERS);

     /* Create the Guests alias */
     SampLoadString(hInstance, IDS_ALIAS_GUESTS_NAME, szName, 80);
     SampLoadString(hInstance, IDS_ALIAS_GUESTS_COMMENT, szComment, 256);

     SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                 szName,
                                 szComment,
                                 DOMAIN_ALIAS_RID_GUESTS);

     /* Create the Power Users alias */
     SampLoadString(hInstance, IDS_ALIAS_POWER_USERS_NAME, szName, 80);
     SampLoadString(hInstance, IDS_ALIAS_POWER_USERS_COMMENT, szComment, 256);

     SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                 szName,
                                 szComment,
                                 DOMAIN_ALIAS_RID_POWER_USERS);

     if (SampProductType != NtProductWinNt)
     {
         /* Create the Print Operators alias (Server only) */
         SampLoadString(hInstance, IDS_ALIAS_PRINT_OPS_NAME, szName, 80);
         SampLoadString(hInstance, IDS_ALIAS_PRINT_OPS_COMMENT, szComment, 256);

         SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                     szName,
                                     szComment,
                                     DOMAIN_ALIAS_RID_PRINT_OPS);
     }

     /* Create the Backup Operators alias */
     SampLoadString(hInstance, IDS_ALIAS_BACKUP_OPS_NAME, szName, 80);
     SampLoadString(hInstance, IDS_ALIAS_BACKUP_OPS_COMMENT, szComment, 256);

     SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                 szName,
                                 szComment,
                                 DOMAIN_ALIAS_RID_BACKUP_OPS);

     /* Create the Replicator alias */
     SampLoadString(hInstance, IDS_ALIAS_REPLICATOR_NAME, szName, 80);
     SampLoadString(hInstance, IDS_ALIAS_REPLICATOR_COMMENT, szComment, 256);

     SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                 szName,
                                 szComment,
                                 DOMAIN_ALIAS_RID_REPLICATOR);

     /* Create the Remote Desktop Users alias */
     SampLoadString(hInstance, IDS_ALIAS_REMOTE_DESKTOP_USERS_NAME, szName, 80);
     SampLoadString(hInstance, IDS_ALIAS_REMOTE_DESKTOP_USERS_COMMENT, szComment, 256);

     SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                 szName,
                                 szComment,
                                 DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS);

     /* Create the Network Configuration Operators alias */
     SampLoadString(hInstance, IDS_ALIAS_NETWORK_CONFIGURATION_OPS_NAME, szName, 80);
     SampLoadString(hInstance, IDS_ALIAS_NETWORK_CONFIGURATION_OPS_COMMENT, szComment, 256);

     SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                 szName,
                                 szComment,
                                 DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS);

     if (SampProductType != NtProductWinNt)
     {
         /* Create the Performance Monitor Users alias (Server only) */
         SampLoadString(hInstance, IDS_ALIAS_MONITORING_USERS_NAME, szName, 80);
         SampLoadString(hInstance, IDS_ALIAS_MONITORING_USERS_COMMENT, szComment, 256);

         SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                     szName,
                                     szComment,
                                     DOMAIN_ALIAS_RID_MONITORING_USERS);

         /* Create the Performance Log Users alias (Server only) */
         SampLoadString(hInstance, IDS_ALIAS_LOGGING_USERS_NAME, szName, 80);
         SampLoadString(hInstance, IDS_ALIAS_LOGGING_USERS_COMMENT, szComment, 256);

         SampSetupCreateAliasAccount(hBuiltinDomainKey,
                                     szName,
                                     szComment,
                                     DOMAIN_ALIAS_RID_LOGGING_USERS);
     }

     /* Add the Administrator user to the Administrators alias */
     pSid = AppendRidToSid(AccountDomainInfo->DomainSid,
                           DOMAIN_USER_RID_ADMIN);
     if (pSid != NULL)
     {
         SampSetupAddMemberToAlias(hBuiltinDomainKey,
                                   DOMAIN_ALIAS_RID_ADMINS,
                                   pSid);

         RtlFreeHeap(RtlGetProcessHeap(), 0, pSid);
     }

     /* Add the Guest user to the Guests alias */
     pSid = AppendRidToSid(AccountDomainInfo->DomainSid,
                           DOMAIN_USER_RID_GUEST);
     if (pSid != NULL)
     {
         SampSetupAddMemberToAlias(hBuiltinDomainKey,
                                   DOMAIN_ALIAS_RID_GUESTS,
                                   pSid);

         RtlFreeHeap(RtlGetProcessHeap(), 0, pSid);
     }

     /* Add the Interactive SID to the Users alias */
     SampSetupAddMemberToAlias(hBuiltinDomainKey,
                               DOMAIN_ALIAS_RID_USERS,
                               pInteractiveSid);

     /* Add the Authenticated User SID to the Users alias */
     SampSetupAddMemberToAlias(hBuiltinDomainKey,
                               DOMAIN_ALIAS_RID_USERS,
                               pAuthenticatedUserSid);

     /* Create the Account domain */
     Status = SampSetupCreateDomain(hServerKey,
                                    L"Account",
                                    L"",
                                    AccountDomainInfo->DomainSid,
                                    FALSE,
                                    &hAccountDomainKey);
     if (!NT_SUCCESS(Status))
     {
         bResult = FALSE;
         goto done;
     }

     /* Create the None group */
     SampLoadString(hInstance, IDS_GROUP_NONE_NAME, szName, 80);
     SampLoadString(hInstance, IDS_GROUP_NONE_COMMENT, szComment, 256);

     SampSetupCreateGroupAccount(hAccountDomainKey,
                                 szName,
                                 szComment,
                                 DOMAIN_GROUP_RID_USERS);

     /* Create the Administrator user */
     SampLoadString(hInstance, IDS_USER_ADMINISTRATOR_NAME, szName, 80);
     SampLoadString(hInstance, IDS_USER_ADMINISTRATOR_COMMENT, szComment, 256);

     SampSetupCreateUserAccount(hAccountDomainKey,
                                szName,
                                szComment,
                                AccountDomainInfo->DomainSid,
                                DOMAIN_USER_RID_ADMIN,
                                USER_DONT_EXPIRE_PASSWORD | USER_NORMAL_ACCOUNT);

     /* Add the Adminitrator user to the Administrators alias */
     SampSetupAddMemberToGroup(hAccountDomainKey,
                               DOMAIN_GROUP_RID_USERS,
                               DOMAIN_USER_RID_ADMIN);

     /* Create the Guest user */
     SampLoadString(hInstance, IDS_USER_GUEST_NAME, szName, 80);
     SampLoadString(hInstance, IDS_USER_GUEST_COMMENT, szComment, 256);

     SampSetupCreateUserAccount(hAccountDomainKey,
                                szName,
                                szComment,
                                AccountDomainInfo->DomainSid,
                                DOMAIN_USER_RID_GUEST,
                                USER_ACCOUNT_DISABLED | USER_DONT_EXPIRE_PASSWORD | USER_NORMAL_ACCOUNT);

     /* Add the Guest user to the Guests alias */
     SampSetupAddMemberToGroup(hAccountDomainKey,
                               DOMAIN_GROUP_RID_USERS,
                               DOMAIN_USER_RID_GUEST);

 done:
     if (AccountDomainInfo)
         LsaFreeMemory(AccountDomainInfo);

     if (pAuthenticatedUserSid)
         RtlFreeHeap(RtlGetProcessHeap(), 0, pAuthenticatedUserSid);

     if (pInteractiveSid)
         RtlFreeHeap(RtlGetProcessHeap(), 0, pInteractiveSid);

     if (pBuiltinSid)
         RtlFreeHeap(RtlGetProcessHeap(), 0, pBuiltinSid);

     SampRegCloseKey(&hAccountDomainKey);
     SampRegCloseKey(&hBuiltinDomainKey);
     SampRegCloseKey(&hServerKey);
     SampRegCloseKey(&hSamKey);

     TRACE("SampInitializeSAM() done\n");

     return bResult;
 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301

SampCreateAccountDomainSD
NTSTATUS SampCreateAccountDomainSD(OUT PSECURITY_DESCRIPTOR *DomainSd, OUT PULONG Size)
Definition: security.c:545

_ENCRYPTED_LM_OWF_PASSWORD
Definition: msv1_0.h:49

_GROUP_MEMBERSHIP::Attributes
ULONG Attributes
Definition: ntsam.h:497

ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35

_SAM_USER_FIXED_DATA::CountryCode
USHORT CountryCode
Definition: samsrv.h:110

IDS_USER_ADMINISTRATOR_NAME
#define IDS_USER_ADMINISTRATOR_NAME
Definition: resources.h:39

_SAM_USER_FIXED_DATA::Version
ULONG Version
Definition: samsrv.h:100

_SAM_GROUP_FIXED_DATA::Version
ULONG Version
Definition: samsrv.h:92

IN
#define IN
Definition: typedefs.h:39

szName
static const WCHAR szName[]
Definition: powrprof.c:45

_SAM_USER_FIXED_DATA::AdminCount
USHORT AdminCount
Definition: samsrv.h:114

SECURITY_AUTHENTICATED_USER_RID
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:568

midl_user_free
#define midl_user_free
Definition: rpc.h:45

IDS_ALIAS_LOGGING_USERS_COMMENT
#define IDS_ALIAS_LOGGING_USERS_COMMENT
Definition: resources.h:37

IDS_GROUP_NONE_NAME
#define IDS_GROUP_NONE_NAME
Definition: resources.h:13

DOMAIN_ALIAS_RID_GUESTS
#define DOMAIN_ALIAS_RID_GUESTS
Definition: setypes.h:654

LL
#define LL
Definition: tui.h:150

resources.h

STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158

_GROUP_MEMBERSHIP::RelativeId
ULONG RelativeId
Definition: ntsam.h:496

Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101

SampCreateServerSD
NTSTATUS SampCreateServerSD(OUT PSECURITY_DESCRIPTOR *ServerSd, OUT PULONG Size)
Definition: security.c:21

SampSetupCreateDomain
static NTSTATUS SampSetupCreateDomain(IN HANDLE hServerKey, IN LPCWSTR lpKeyName, IN LPCWSTR lpDomainName, IN PSID lpDomainSid, IN BOOLEAN bBuiltinDomain, OUT HANDLE *lpDomainKey)
Definition: setup.c:618

IDS_ALIAS_POWER_USERS_NAME
#define IDS_ALIAS_POWER_USERS_NAME
Definition: resources.h:20

_SAM_USER_FIXED_DATA::Reserved
ULONG Reserved
Definition: samsrv.h:101

DomainServerRolePrimary
Definition: ntsam.h:365

_SID
Definition: ms-dtyp.idl:198

LsaQueryInformationPolicy
NTSTATUS WINAPI LsaQueryInformationPolicy(IN LSA_HANDLE PolicyHandle, IN POLICY_INFORMATION_CLASS InformationClass, OUT PVOID *Buffer)
Definition: lsa.c:1471

LPCWSTR
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185

IDS_DOMAIN_BUILTIN_NAME
#define IDS_DOMAIN_BUILTIN_NAME
Definition: resources.h:11

IDS_ALIAS_ADMINISTRATORS_NAME
#define IDS_ALIAS_ADMINISTRATORS_NAME
Definition: resources.h:16

_SAM_USER_FIXED_DATA::AccountExpires
LARGE_INTEGER AccountExpires
Definition: samsrv.h:105

_POLICY_ACCOUNT_DOMAIN_INFO
Definition: ntsecapi.h:565

REG_BINARY
#define REG_BINARY
Definition: nt_native.h:1496

KEY_READ
#define KEY_READ
Definition: nt_native.h:1023

TRUE
#define TRUE
Definition: types.h:120

midl_user_allocate
#define midl_user_allocate
Definition: rpc.h:44

POLICY_VIEW_LOCAL_INFORMATION
#define POLICY_VIEW_LOCAL_INFORMATION
Definition: ntsecapi.h:61

pAuthenticatedUserSid
static PSID pAuthenticatedUserSid
Definition: security.c:19

_SAM_USER_FIXED_DATA::LastBadPasswordTime
LARGE_INTEGER LastBadPasswordTime
Definition: samsrv.h:106

_SAM_DOMAIN_FIXED_DATA::MinPasswordLength
USHORT MinPasswordLength
Definition: samsrv.h:82

IDS_ALIAS_ADMINISTRATORS_COMMENT
#define IDS_ALIAS_ADMINISTRATORS_COMMENT
Definition: resources.h:17

_SAM_USER_FIXED_DATA::PrimaryGroupId
ULONG PrimaryGroupId
Definition: samsrv.h:108

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369

RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606

_SAM_GROUP_FIXED_DATA::Reserved
ULONG Reserved
Definition: samsrv.h:93

LsaClose
NTSTATUS WINAPI LsaClose(IN LSA_HANDLE ObjectHandle)
Definition: lsa.c:192

AppendRidToSid
static PSID AppendRidToSid(PSID SrcSid, ULONG Rid)
Definition: msv1_0.c:280

_SAM_DOMAIN_FIXED_DATA::DomainServerState
DOMAIN_SERVER_ENABLE_STATE DomainServerState
Definition: samsrv.h:85

_SAM_DOMAIN_FIXED_DATA::DomainModifiedCount
LARGE_INTEGER DomainModifiedCount
Definition: samsrv.h:73

RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)

IDS_USER_ADMINISTRATOR_COMMENT
#define IDS_USER_ADMINISTRATOR_COMMENT
Definition: resources.h:40

_SAM_DOMAIN_FIXED_DATA::Version
ULONG Version
Definition: samsrv.h:70

IDS_ALIAS_PRINT_OPS_COMMENT
#define IDS_ALIAS_PRINT_OPS_COMMENT
Definition: resources.h:25

DOMAIN_ALIAS_RID_POWER_USERS
#define DOMAIN_ALIAS_RID_POWER_USERS
Definition: setypes.h:655

SECURITY_INTERACTIVE_RID
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:559

MAXLONGLONG
#define MAXLONGLONG

_SAM_DOMAIN_FIXED_DATA
Definition: samsrv.h:68

_SAM_DOMAIN_FIXED_DATA::MinPasswordAge
LARGE_INTEGER MinPasswordAge
Definition: samsrv.h:75

SampCreateUserSD
NTSTATUS SampCreateUserSD(IN PSID UserSid, OUT PSECURITY_DESCRIPTOR *UserSd, OUT PULONG Size)
Definition: security.c:1433

IDS_ALIAS_REMOTE_DESKTOP_USERS_COMMENT
#define IDS_ALIAS_REMOTE_DESKTOP_USERS_COMMENT
Definition: resources.h:31

SampSetupCreateUserAccount
static NTSTATUS SampSetupCreateUserAccount(HANDLE hDomainKey, LPCWSTR lpAccountName, LPCWSTR lpComment, PSID lpDomainSid, ULONG ulRelativeId, ULONG UserAccountControl)
Definition: setup.c:357

ConvertSidToStringSidW
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3382

lpAccountName
_In_ LPCSTR lpAccountName
Definition: winbase.h:2725

_SAM_USER_FIXED_DATA::LogonCount
USHORT LogonCount
Definition: samsrv.h:113

EmptyNtHash
ENCRYPTED_NT_OWF_PASSWORD EmptyNtHash
Definition: samsrv.c:26

_LSA_OBJECT_ATTRIBUTES
Definition: ntsecapi.h:177

RegCreateKeyExW
LONG WINAPI RegCreateKeyExW(_In_ HKEY hKey, _In_ LPCWSTR lpSubKey, _In_ DWORD Reserved, _In_opt_ LPWSTR lpClass, _In_ DWORD dwOptions, _In_ REGSAM samDesired, _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes, _Out_ PHKEY phkResult, _Out_opt_ LPDWORD lpdwDisposition)
Definition: reg.c:1091

SampSetupCreateServer
static NTSTATUS SampSetupCreateServer(IN HANDLE hSamKey, OUT HANDLE *lpServerKey)
Definition: setup.c:805

USER_ACCOUNT_DISABLED
#define USER_ACCOUNT_DISABLED
Definition: ntsam.h:167

SampRegCloseKey
NTSTATUS SampRegCloseKey(IN OUT PHANDLE KeyHandle)
Definition: registry.c:26

_SAM_DOMAIN_FIXED_DATA::UasCompatibilityRequired
BOOLEAN UasCompatibilityRequired
Definition: samsrv.h:87

LsaOpenPolicy
NTSTATUS WINAPI LsaOpenPolicy(IN PLSA_UNICODE_STRING SystemName OPTIONAL, IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes, IN ACCESS_MASK DesiredAccess, OUT PLSA_HANDLE PolicyHandle)
Definition: lsa.c:1181

RtlInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)

hInstance
HINSTANCE hInstance
Definition: charmap.c:20

L
#define L(x)
Definition: ntvdm.h:50

FALSE
#define FALSE
Definition: types.h:117

LLONG_MAX
#define LLONG_MAX
Definition: limits.h:45

BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94

_SAM_USER_FIXED_DATA::OperatorCount
USHORT OperatorCount
Definition: samsrv.h:115

DOMAIN_USER_RID_ADMIN
#define DOMAIN_USER_RID_ADMIN
Definition: setypes.h:631

_SAM_DOMAIN_FIXED_DATA::PasswordProperties
ULONG PasswordProperties
Definition: samsrv.h:81

IDS_GROUP_NONE_COMMENT
#define IDS_GROUP_NONE_COMMENT
Definition: resources.h:14

BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185

ntsecapi.h

SE_GROUP_ENABLED_BY_DEFAULT
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91

IDS_USER_GUEST_COMMENT
#define IDS_USER_GUEST_COMMENT
Definition: resources.h:42

_SAM_DOMAIN_FIXED_DATA::LockoutObservationWindow
LARGE_INTEGER LockoutObservationWindow
Definition: samsrv.h:78

IDS_ALIAS_USERS_COMMENT
#define IDS_ALIAS_USERS_COMMENT
Definition: resources.h:23

RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150

_SAM_DOMAIN_FIXED_DATA::ForceLogoff
LARGE_INTEGER ForceLogoff
Definition: samsrv.h:76

LsaFreeMemory
NTSTATUS WINAPI LsaFreeMemory(IN PVOID Buffer)
Definition: lsa.c:699

NtProductWinNt
Definition: ntdef.template.h:350

SampCreateBuiltinDomainSD
NTSTATUS SampCreateBuiltinDomainSD(OUT PSECURITY_DESCRIPTOR *DomainSd, OUT PULONG Size)
Definition: security.c:283

SampCreateGroupSD
NTSTATUS SampCreateGroupSD(OUT PSECURITY_DESCRIPTOR *GroupSd, OUT PULONG Size)
Definition: security.c:1146

SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554

RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588

Status
Status
Definition: gdiplustypes.h:24

REG_OPTION_NON_VOLATILE
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057

DomainServerEnabled
Definition: ntsam.h:358

STATUS_MEMBER_IN_GROUP
#define STATUS_MEMBER_IN_GROUP
Definition: ntstatus.h:339

DOMAIN_USER_RID_GUEST
#define DOMAIN_USER_RID_GUEST
Definition: setypes.h:632

TRACE
#define TRACE(s)
Definition: solgame.cpp:4

SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581

WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

_SAM_USER_FIXED_DATA::PasswordLastSet
LARGE_INTEGER PasswordLastSet
Definition: samsrv.h:104

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32

SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92

DOMAIN_ALIAS_RID_BACKUP_OPS
#define DOMAIN_ALIAS_RID_BACKUP_OPS
Definition: setypes.h:660

IDS_ALIAS_BACKUP_OPS_COMMENT
#define IDS_ALIAS_BACKUP_OPS_COMMENT
Definition: resources.h:27

DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95

USER_NORMAL_ACCOUNT
#define USER_NORMAL_ACCOUNT
Definition: ntsam.h:171

SampLoadString
INT SampLoadString(HINSTANCE hInstance, UINT uId, LPWSTR lpBuffer, INT nBufferMax)
Definition: utils.c:17

SampSetupAddMemberToAlias
static BOOL SampSetupAddMemberToAlias(HKEY hDomainKey, ULONG AliasId, PSID MemberSid)
Definition: setup.c:25

_SAM_USER_FIXED_DATA::UserId
ULONG UserId
Definition: samsrv.h:107

SE_GROUP_MANDATORY
#define SE_GROUP_MANDATORY
Definition: setypes.h:90

IDS_ALIAS_REPLICATOR_NAME
#define IDS_ALIAS_REPLICATOR_NAME
Definition: resources.h:28

IDS_ALIAS_PRINT_OPS_NAME
#define IDS_ALIAS_PRINT_OPS_NAME
Definition: resources.h:24

SampSetupCreateAliasAccount
static NTSTATUS SampSetupCreateAliasAccount(HANDLE hDomainKey, LPCWSTR lpAccountName, LPCWSTR lpDescription, ULONG ulRelativeId)
Definition: setup.c:91

_SAM_GROUP_FIXED_DATA::GroupId
ULONG GroupId
Definition: samsrv.h:94

UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181

_SAM_DOMAIN_FIXED_DATA::LockoutDuration
LARGE_INTEGER LockoutDuration
Definition: samsrv.h:77

SampRegDeleteKey
NTSTATUS SampRegDeleteKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:71

wcscpy
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)

SampRegQueryValue
NTSTATUS SampRegQueryValue(IN HANDLE KeyHandle, IN LPCWSTR ValueName, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL)
Definition: registry.c:332

IDS_ALIAS_MONITORING_USERS_NAME
#define IDS_ALIAS_MONITORING_USERS_NAME
Definition: resources.h:34

SampGetAccountDomainInfo
NTSTATUS SampGetAccountDomainInfo(PPOLICY_ACCOUNT_DOMAIN_INFO *AccountDomainInfo)
Definition: setup.c:856

_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194

DOMAIN_ALIAS_RID_MONITORING_USERS
#define DOMAIN_ALIAS_RID_MONITORING_USERS
Definition: setypes.h:669

IDS_ALIAS_MONITORING_USERS_COMMENT
#define IDS_ALIAS_MONITORING_USERS_COMMENT
Definition: resources.h:35

_SAM_GROUP_FIXED_DATA
Definition: samsrv.h:90

IDS_ALIAS_NETWORK_CONFIGURATION_OPS_COMMENT
#define IDS_ALIAS_NETWORK_CONFIGURATION_OPS_COMMENT
Definition: resources.h:33

IDS_ALIAS_BACKUP_OPS_NAME
#define IDS_ALIAS_BACKUP_OPS_NAME
Definition: resources.h:26

_SAM_USER_FIXED_DATA::LastLogon
LARGE_INTEGER LastLogon
Definition: samsrv.h:102

TICKS_PER_SECOND
#define TICKS_PER_SECOND
Definition: setup.c:18

swprintf
int _cdecl swprintf(const WCHAR *,...)

IDS_ALIAS_GUESTS_NAME
#define IDS_ALIAS_GUESTS_NAME
Definition: resources.h:18

LSA_OBJECT_ATTRIBUTES
struct _LSA_OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES

SampInitializeSAM
BOOL SampInitializeSAM(VOID)
Definition: setup.c:888

ERR
#define ERR(fmt,...)
Definition: debug.h:110

EmptyLmHash
ENCRYPTED_LM_OWF_PASSWORD EmptyLmHash
Definition: samsrv.c:27

_SAM_USER_FIXED_DATA::BadPasswordCount
USHORT BadPasswordCount
Definition: samsrv.h:112

_SAM_USER_FIXED_DATA
Definition: samsrv.h:98

STATUS_OBJECT_NAME_NOT_FOUND
#define STATUS_OBJECT_NAME_NOT_FOUND
Definition: udferr_usr.h:149

IDS_ALIAS_POWER_USERS_COMMENT
#define IDS_ALIAS_POWER_USERS_COMMENT
Definition: resources.h:21

i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

IDS_ALIAS_NETWORK_CONFIGURATION_OPS_NAME
#define IDS_ALIAS_NETWORK_CONFIGURATION_OPS_NAME
Definition: resources.h:32

SampRegOpenKey
NTSTATUS SampRegOpenKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName, IN ACCESS_MASK DesiredAccess, OUT PHANDLE KeyHandle)
Definition: registry.c:158

DOMAIN_ALIAS_RID_USERS
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:653

_SAM_GROUP_FIXED_DATA::Attributes
ULONG Attributes
Definition: samsrv.h:95

LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577

IDS_USER_GUEST_NAME
#define IDS_USER_GUEST_NAME
Definition: resources.h:41

KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041

_SAM_DOMAIN_FIXED_DATA::MaxPasswordAge
LARGE_INTEGER MaxPasswordAge
Definition: samsrv.h:74

wcscat
_CRTIMP wchar_t *__cdecl wcscat(_Inout_updates_z_(_String_length_(_Dest)+_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)

SampSetupAddMemberToGroup
static NTSTATUS SampSetupAddMemberToGroup(IN HANDLE hDomainKey, IN ULONG GroupId, IN ULONG MemberId)
Definition: setup.c:177

DOMAIN_ALIAS_RID_REPLICATOR
#define DOMAIN_ALIAS_RID_REPLICATOR
Definition: setypes.h:662

DOMAIN_GROUP_RID_USERS
#define DOMAIN_GROUP_RID_USERS
Definition: setypes.h:640

PULONG
unsigned int * PULONG
Definition: retypes.h:1

NULL
#define NULL
Definition: types.h:112

pSid
static PSID pSid
Definition: security.c:74

wcslen
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)

SampRegSetValue
NTSTATUS SampRegSetValue(HANDLE KeyHandle, LPCWSTR ValueName, ULONG Type, LPVOID Data, ULONG DataLength)
Definition: registry.c:402

_SAM_DOMAIN_FIXED_DATA::LockoutThreshold
USHORT LockoutThreshold
Definition: samsrv.h:84

SampProductType
NT_PRODUCT_TYPE SampProductType
Definition: samsrv.c:29

DOMAIN_ALIAS_RID_PRINT_OPS
#define DOMAIN_ALIAS_RID_PRINT_OPS
Definition: setypes.h:659

_SAM_DOMAIN_FIXED_DATA::ModifiedCountAtLastPromotion
LARGE_INTEGER ModifiedCountAtLastPromotion
Definition: samsrv.h:79

_SAM_DOMAIN_FIXED_DATA::DomainServerRole
DOMAIN_SERVER_ROLE DomainServerRole
Definition: samsrv.h:86

OUT
#define OUT
Definition: typedefs.h:40

_SAM_USER_FIXED_DATA::UserAccountControl
ULONG UserAccountControl
Definition: samsrv.h:109

_SAM_DOMAIN_FIXED_DATA::CreationTime
LARGE_INTEGER CreationTime
Definition: samsrv.h:72

IDS_ALIAS_REMOTE_DESKTOP_USERS_NAME
#define IDS_ALIAS_REMOTE_DESKTOP_USERS_NAME
Definition: resources.h:30

ULONG
unsigned int ULONG
Definition: retypes.h:1

_GROUP_MEMBERSHIP
Definition: ntsam.h:494

GetModuleHandleW
HMODULE WINAPI GetModuleHandleW(LPCWSTR lpModuleName)
Definition: loader.c:838

SampCreateAliasSD
NTSTATUS SampCreateAliasSD(OUT PSECURITY_DESCRIPTOR *AliasSd, OUT PULONG Size)
Definition: security.c:859

_SAM_DOMAIN_FIXED_DATA::PasswordHistoryLength
USHORT PasswordHistoryLength
Definition: samsrv.h:83

NtQuerySystemTime
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:472

IDS_ALIAS_LOGGING_USERS_NAME
#define IDS_ALIAS_LOGGING_USERS_NAME
Definition: resources.h:36

DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS
#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS
Definition: setypes.h:666

STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS
#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS
Definition: setypes.h:665

IDS_ALIAS_GUESTS_COMMENT
#define IDS_ALIAS_GUESTS_COMMENT
Definition: resources.h:19

SampSetupCreateGroupAccount
static NTSTATUS SampSetupCreateGroupAccount(HANDLE hDomainKey, LPCWSTR lpAccountName, LPCWSTR lpComment, ULONG ulRelativeId)
Definition: setup.c:256

SampRegCreateKey
NTSTATUS SampRegCreateKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName, IN ACCESS_MASK DesiredAccess, OUT PHANDLE KeyHandle)
Definition: registry.c:42

LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

PolicyAccountDomainInformation
Definition: ntsecapi.h:247

void
Definition: nsiface.idl:2306

IDS_ALIAS_REPLICATOR_COMMENT
#define IDS_ALIAS_REPLICATOR_COMMENT
Definition: resources.h:29

memset
#define memset(x, y, z)
Definition: compat.h:39

REG_DWORD
#define REG_DWORD
Definition: sdbapi.c:596

DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652

KEY_CREATE_SUB_KEY
#define KEY_CREATE_SUB_KEY
Definition: nt_native.h:1018

_SAM_USER_FIXED_DATA::CodePage
USHORT CodePage
Definition: samsrv.h:111

_SAM_USER_FIXED_DATA::LastLogoff
LARGE_INTEGER LastLogoff
Definition: samsrv.h:103

samsrv.h

PUSHORT
unsigned short * PUSHORT
Definition: retypes.h:2

_SAM_DOMAIN_FIXED_DATA::NextRid
ULONG NextRid
Definition: samsrv.h:80

RegCloseKey
#define RegCloseKey(hKey)
Definition: registry.h:47

RegSetValueEx
#define RegSetValueEx
Definition: winreg.h:533

_POLICY_ACCOUNT_DOMAIN_INFO::DomainSid
PSID DomainSid
Definition: ntsecapi.h:567

USER_DONT_EXPIRE_PASSWORD
#define USER_DONT_EXPIRE_PASSWORD
Definition: ntsam.h:176

SecurityNtAuthority
SID_IDENTIFIER_AUTHORITY SecurityNtAuthority
Definition: setup.c:20

IDS_ALIAS_USERS_NAME
#define IDS_ALIAS_USERS_NAME
Definition: resources.h:22

_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114

DOMAIN_ALIAS_RID_LOGGING_USERS
#define DOMAIN_ALIAS_RID_LOGGING_USERS
Definition: setypes.h:670

RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54

szComment
static const WCHAR szComment[]
Definition: domdoc.c:1167

KEY_ENUMERATE_SUB_KEYS
#define KEY_ENUMERATE_SUB_KEYS
Definition: nt_native.h:1019

REG_SZ
#define REG_SZ
Definition: layer.c:22