ReactOS 0.4.15-dev-5666-gc548b97
lsarpc.c
Go to the documentation of this file.
1/*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
6 *
7 * PROGRAMMERS: Eric Kohl
8 */
9
10#include "lsasrv.h"
11
12/* GLOBALS *****************************************************************/
13
15
16static
22
23static
29
30static
36
37/* FUNCTIONS ***************************************************************/
38
41{
43 DWORD dwError;
45
47
48 TRACE("LsarStartRpcServer() called\n");
49
52 L"\\pipe\\lsarpc",
53 NULL);
54 if (Status != RPC_S_OK)
55 {
56 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status);
58 }
59
60 Status = RpcServerRegisterIf(lsarpc_v0_0_s_ifspec,
61 NULL,
62 NULL);
63 if (Status != RPC_S_OK)
64 {
65 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status);
67 }
68
70
71 Status = RpcServerListen(1, 20, TRUE);
72 if (Status != RPC_S_OK)
73 {
74 WARN("RpcServerListen() failed (Status %lx)\n", Status);
76 }
77
78 /* Notify the service manager */
79 TRACE("Creating notification event!\n");
81 TRUE,
82 FALSE,
83 L"LSA_RPC_SERVER_ACTIVE");
84 if (hEvent == NULL)
85 {
86 dwError = GetLastError();
87 TRACE("Failed to create or open the notification event (Error %lu)\n", dwError);
88#if 0
89 if (dwError == ERROR_ALREADY_EXISTS)
90 {
92 FALSE,
93 L"LSA_RPC_SERVER_ACTIVE");
94 if (hEvent == NULL)
95 {
96 ERR("Could not open the notification event (Error %lu)\n", GetLastError());
98 }
99 }
100#endif
101 return STATUS_UNSUCCESSFUL;
102 }
103
104 TRACE("Set notification event!\n");
106
107 /* NOTE: Do not close the event handle, as it must remain alive! */
108
109 TRACE("LsarStartRpcServer() done\n");
110 return STATUS_SUCCESS;
111}
112
113
114void
117 LSAPR_HANDLE hHandle)
118{
119}
120
121
122/* Function 0 */
124WINAPI
126 LSAPR_HANDLE *ObjectHandle)
127{
128 PLSA_DB_OBJECT DbObject;
130
131 TRACE("LsarClose(%p)\n", ObjectHandle);
132
133// RtlEnterCriticalSection(&PolicyHandleTableLock);
134
135 Status = LsapValidateDbObject(*ObjectHandle,
137 0,
138 &DbObject);
139 if (Status == STATUS_SUCCESS)
140 {
141 Status = LsapCloseDbObject(DbObject);
142 *ObjectHandle = NULL;
143 }
144
145// RtlLeaveCriticalSection(&PolicyHandleTableLock);
146
147 return Status;
148}
149
150
151/* Function 1 */
153WINAPI
155 LSAPR_HANDLE ObjectHandle)
156{
157 TRACE("LsarDelete(%p)\n", ObjectHandle);
158
159 return LsarDeleteObject(&ObjectHandle);
160}
161
162
163/* Function 2 */
165WINAPI
167 LSAPR_HANDLE PolicyHandle,
168 DWORD *EnumerationContext,
169 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer,
170 DWORD PreferedMaximumLength)
171{
172 PLSA_DB_OBJECT PolicyObject;
174
175 TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
176 PolicyHandle, EnumerationContext, EnumerationBuffer,
177 PreferedMaximumLength);
178
179 Status = LsapValidateDbObject(PolicyHandle,
182 &PolicyObject);
183 if (!NT_SUCCESS(Status))
184 return Status;
185
186 if (EnumerationContext == NULL)
188
189 return LsarpEnumeratePrivileges(EnumerationContext,
190 EnumerationBuffer,
191 PreferedMaximumLength);
192}
193
194
195/* Function 3 */
197WINAPI
199 LSAPR_HANDLE ObjectHandle,
202{
203 PLSA_DB_OBJECT DbObject = NULL;
204 PSECURITY_DESCRIPTOR RelativeSd = NULL;
205 PSECURITY_DESCRIPTOR ResultSd = NULL;
208 ULONG RelativeSdSize = 0;
209 ULONG ResultSdSize = 0;
211
212 TRACE("LsarQuerySecurityObject(%p %lx %p)\n",
214
217
219
224
227
228 /* Validate the ObjectHandle */
229 Status = LsapValidateDbObject(ObjectHandle,
232 &DbObject);
233 if (!NT_SUCCESS(Status))
234 return Status;
235
236 /* Get the size of the SD */
238 L"SecDesc",
239 NULL,
240 &RelativeSdSize);
241 if (!NT_SUCCESS(Status))
242 return Status;
243
244 /* Allocate a buffer for the SD */
245 RelativeSd = MIDL_user_allocate(RelativeSdSize);
246 if (RelativeSd == NULL)
248
249 /* Get the SD */
251 L"SecDesc",
252 RelativeSd,
253 &RelativeSdSize);
254 if (!NT_SUCCESS(Status))
255 goto done;
256
257 /* Invalidate the SD information that was not requested */
259 ((PISECURITY_DESCRIPTOR)RelativeSd)->Owner = NULL;
260
262 ((PISECURITY_DESCRIPTOR)RelativeSd)->Group = NULL;
263
266
269
270 /* Calculate the required SD size */
271 Status = RtlMakeSelfRelativeSD(RelativeSd,
272 NULL,
273 &ResultSdSize);
275 goto done;
276
277 /* Allocate a buffer for the new SD */
278 ResultSd = MIDL_user_allocate(ResultSdSize);
279 if (ResultSd == NULL)
280 {
282 goto done;
283 }
284
285 /* Build the new SD */
286 Status = RtlMakeSelfRelativeSD(RelativeSd,
287 ResultSd,
288 &ResultSdSize);
289 if (!NT_SUCCESS(Status))
290 goto done;
291
292 /* Allocate the SD data buffer */
294 if (SdData == NULL)
295 {
297 goto done;
298 }
299
300 /* Fill the SD data buffer and return it to the caller */
301 SdData->Length = RelativeSdSize;
302 SdData->SecurityDescriptor = (PBYTE)ResultSd;
303
304 *SecurityDescriptor = SdData;
305
306done:
307 if (!NT_SUCCESS(Status))
308 {
309 if (ResultSd != NULL)
310 MIDL_user_free(ResultSd);
311 }
312
313 if (RelativeSd != NULL)
314 MIDL_user_free(RelativeSd);
315
316 return Status;
317}
318
319
320/* Function 4 */
322WINAPI
324 LSAPR_HANDLE ObjectHandle,
327{
328 PLSA_DB_OBJECT DbObject = NULL;
330 PSECURITY_DESCRIPTOR RelativeSd = NULL;
331 ULONG RelativeSdSize = 0;
335
336 TRACE("LsarSetSecurityObject(%p %lx %p)\n",
338
339 if ((SecurityDescriptor == NULL) ||
340 (SecurityDescriptor->SecurityDescriptor == NULL) ||
343
344 if (SecurityInformation == 0 ||
348
351
354
357
361
365
366 /* Validate the ObjectHandle */
367 Status = LsapValidateDbObject(ObjectHandle,
370 &DbObject);
371 if (!NT_SUCCESS(Status))
372 {
373 ERR("LsapValidateDbObject failed (Status 0x%08lx)\n", Status);
374 return Status;
375 }
376
377 /* Get the mapping for the object type */
378 switch (DbObject->ObjectType)
379 {
382 break;
383
386 break;
387
388// case LsaDbDomainObject:
389// Mapping = &LsapDomainMapping;
390// break;
391
394 break;
395
396 default:
398 }
399
400 /* Get the size of the SD */
402 L"SecDesc",
403 NULL,
404 &RelativeSdSize);
405 if (!NT_SUCCESS(Status))
406 return Status;
407
408 /* Allocate a buffer for the SD */
409 RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(), 0, RelativeSdSize);
410 if (RelativeSd == NULL)
412
413 /* Get the SD */
415 L"SecDesc",
416 RelativeSd,
417 &RelativeSdSize);
418 if (!NT_SUCCESS(Status))
419 goto done;
420
421 /* Get the clients token if we try to set the owner */
423 {
425 if (!NT_SUCCESS(Status))
426 {
427 ERR("RpcImpersonateClient returns 0x%08lx\n", Status);
428 goto done;
429 }
430
433 TRUE,
434 &TokenHandle);
436 if (!NT_SUCCESS(Status))
437 {
438 ERR("NtOpenThreadToken returns 0x%08lx\n", Status);
439 goto done;
440 }
441 }
442
443 /* Build the new security descriptor */
445 (PSECURITY_DESCRIPTOR)SecurityDescriptor->SecurityDescriptor,
446 &RelativeSd,
447 Mapping,
449 if (!NT_SUCCESS(Status))
450 {
451 ERR("RtlSetSecurityObject failed (Status 0x%08lx)\n", Status);
452 goto done;
453 }
454
455 /* Set the modified SD */
457 L"SecDesc",
458 RelativeSd,
459 RtlLengthSecurityDescriptor(RelativeSd));
460 if (!NT_SUCCESS(Status))
461 {
462 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
463 }
464
465done:
466 if (TokenHandle != NULL)
468
469 if (RelativeSd != NULL)
470 RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
471
472 return Status;
473}
474
475
476/* Function 5 */
478WINAPI
480 handle_t IDL_handle,
481 PRPC_UNICODE_STRING String1,
483 PRPC_UNICODE_STRING String3,
484 PRPC_UNICODE_STRING String4,
485 PRPC_UNICODE_STRING String5)
486{
487 /* Deprecated */
489}
490
491
492/* Function 6 */
494WINAPI
496 LPWSTR SystemName,
499 LSAPR_HANDLE *PolicyHandle)
500{
501 PLSA_DB_OBJECT PolicyObject;
503
504 TRACE("LsarOpenPolicy(%S %p %lx %p)\n",
505 SystemName, ObjectAttributes, DesiredAccess, PolicyHandle);
506
508
510 NULL,
511 L"Policy",
514 FALSE,
515 &PolicyObject);
516
518
519 if (NT_SUCCESS(Status))
520 *PolicyHandle = (LSAPR_HANDLE)PolicyObject;
521
522 TRACE("LsarOpenPolicy done!\n");
523
524 return Status;
525}
526
527
528/* Function 7 */
530WINAPI
532 LSAPR_HANDLE PolicyHandle,
534 PLSAPR_POLICY_INFORMATION *PolicyInformation)
535{
536 PLSA_DB_OBJECT PolicyObject;
539
540 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
541 PolicyHandle, InformationClass, PolicyInformation);
542
543 if (PolicyInformation)
544 {
545 TRACE("*PolicyInformation %p\n", *PolicyInformation);
546 }
547
548 switch (InformationClass)
549 {
554 break;
555
566 break;
567
570 break;
571
572 default:
573 ERR("Invalid InformationClass!\n");
575 }
576
577 Status = LsapValidateDbObject(PolicyHandle,
580 &PolicyObject);
581 if (!NT_SUCCESS(Status))
582 return Status;
583
584 switch (InformationClass)
585 {
586 case PolicyAuditLogInformation: /* 1 */
587 Status = LsarQueryAuditLog(PolicyObject,
588 PolicyInformation);
589 break;
590
591 case PolicyAuditEventsInformation: /* 2 */
592 Status = LsarQueryAuditEvents(PolicyObject,
593 PolicyInformation);
594 break;
595
597 Status = LsarQueryPrimaryDomain(PolicyObject,
598 PolicyInformation);
599 break;
600
601 case PolicyPdAccountInformation: /* 4 */
602 Status = LsarQueryPdAccount(PolicyObject,
603 PolicyInformation);
604 break;
605
607 Status = LsarQueryAccountDomain(PolicyObject,
608 PolicyInformation);
609 break;
610
612 Status = LsarQueryServerRole(PolicyObject,
613 PolicyInformation);
614 break;
615
617 Status = LsarQueryReplicaSource(PolicyObject,
618 PolicyInformation);
619 break;
620
622 Status = LsarQueryDefaultQuota(PolicyObject,
623 PolicyInformation);
624 break;
625
627 Status = LsarQueryModification(PolicyObject,
628 PolicyInformation);
629 break;
630
631 case PolicyAuditFullQueryInformation: /* 11 (0xB) */
632 Status = LsarQueryAuditFull(PolicyObject,
633 PolicyInformation);
634 break;
635
636 case PolicyDnsDomainInformation: /* 12 (0xC) */
637 Status = LsarQueryDnsDomain(PolicyObject,
638 PolicyInformation);
639 break;
640
641 case PolicyDnsDomainInformationInt: /* 13 (0xD) */
642 Status = LsarQueryDnsDomainInt(PolicyObject,
643 PolicyInformation);
644 break;
645
646 case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
647 Status = LsarQueryLocalAccountDomain(PolicyObject,
648 PolicyInformation);
649 break;
650
651 default:
652 ERR("Invalid InformationClass!\n");
654 }
655
656 return Status;
657}
658
659
660/* Function 8 */
662WINAPI
664 LSAPR_HANDLE PolicyHandle,
666 PLSAPR_POLICY_INFORMATION PolicyInformation)
667{
668 PLSA_DB_OBJECT PolicyObject;
671
672 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
673 PolicyHandle, InformationClass, PolicyInformation);
674
675 if (PolicyInformation)
676 {
677 TRACE("*PolicyInformation %p\n", *PolicyInformation);
678 }
679
680 switch (InformationClass)
681 {
685 break;
686
689 break;
690
697 break;
698
702 break;
703
706 break;
707
708 default:
709 ERR("Invalid InformationClass!\n");
711 }
712
713 Status = LsapValidateDbObject(PolicyHandle,
716 &PolicyObject);
717 if (!NT_SUCCESS(Status))
718 return Status;
719
720 switch (InformationClass)
721 {
722 case PolicyAuditLogInformation: /* 1 */
723 Status = LsarSetAuditLog(PolicyObject,
724 (PPOLICY_AUDIT_LOG_INFO)PolicyInformation);
725 break;
726
727 case PolicyAuditEventsInformation: /* 2 */
728 Status = LsarSetAuditEvents(PolicyObject,
729 (PLSAPR_POLICY_AUDIT_EVENTS_INFO)PolicyInformation);
730 if (NT_SUCCESS(Status))
732 break;
733
735 Status = LsarSetPrimaryDomain(PolicyObject,
736 (PLSAPR_POLICY_PRIMARY_DOM_INFO)PolicyInformation);
737 if (NT_SUCCESS(Status))
739 break;
740
742 Status = LsarSetAccountDomain(PolicyObject,
743 (PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
744 if (NT_SUCCESS(Status))
746 break;
747
749 Status = LsarSetServerRole(PolicyObject,
750 (PPOLICY_LSA_SERVER_ROLE_INFO)PolicyInformation);
751 if (NT_SUCCESS(Status))
753 break;
754
756 Status = LsarSetReplicaSource(PolicyObject,
757 (PPOLICY_LSA_REPLICA_SRCE_INFO)PolicyInformation);
758 break;
759
761 Status = LsarSetDefaultQuota(PolicyObject,
762 (PPOLICY_DEFAULT_QUOTA_INFO)PolicyInformation);
763 break;
764
766 Status = LsarSetModification(PolicyObject,
767 (PPOLICY_MODIFICATION_INFO)PolicyInformation);
768 break;
769
770 case PolicyAuditFullSetInformation: /* 10 (0xA) */
771 Status = LsarSetAuditFull(PolicyObject,
772 (PPOLICY_AUDIT_FULL_QUERY_INFO)PolicyInformation);
773 break;
774
775 case PolicyDnsDomainInformation: /* 12 (0xC) */
776 Status = LsarSetDnsDomain(PolicyObject,
777 (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
778 if (NT_SUCCESS(Status))
780 break;
781
782 case PolicyDnsDomainInformationInt: /* 13 (0xD) */
783 Status = LsarSetDnsDomainInt(PolicyObject,
784 (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
785 break;
786
787 case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
788 Status = LsarSetLocalAccountDomain(PolicyObject,
789 (PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
790 break;
791
792 default:
794 break;
795 }
796
797 return Status;
798}
799
800
801/* Function 9 */
803WINAPI
805 LSAPR_HANDLE ObjectHandle)
806{
807 /* Deprecated */
809}
810
811
814 PLSA_DB_OBJECT PolicyObject,
815 PRPC_SID AccountSid,
817 PLSA_DB_OBJECT *AccountObject)
818{
819 LPWSTR SidString = NULL;
820 PSECURITY_DESCRIPTOR AccountSd = NULL;
821 ULONG AccountSdSize;
823
824 /* Create SID string */
825 if (!ConvertSidToStringSid((PSID)AccountSid,
826 &SidString))
827 {
828 ERR("ConvertSidToStringSid failed\n");
830 }
831
832 /* Create a security descriptor for the account */
833 Status = LsapCreateAccountSd(&AccountSd,
834 &AccountSdSize);
835 if (!NT_SUCCESS(Status))
836 {
837 ERR("LsapCreateAccountSd returned 0x%08lx\n", Status);
838 goto done;
839 }
840
841 /* Create the Account object */
842 Status = LsapCreateDbObject(PolicyObject,
843 L"Accounts",
844 SidString,
847 PolicyObject->Trusted,
848 AccountObject);
849 if (!NT_SUCCESS(Status))
850 {
851 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
852 goto done;
853 }
854
855 /* Set the Sid attribute */
856 Status = LsapSetObjectAttribute(*AccountObject,
857 L"Sid",
858 (PVOID)AccountSid,
859 GetLengthSid(AccountSid));
860 if (!NT_SUCCESS(Status))
861 goto done;
862
863 /* Set the SecDesc attribute */
864 Status = LsapSetObjectAttribute(*AccountObject,
865 L"SecDesc",
866 AccountSd,
867 AccountSdSize);
868
869done:
870 if (SidString != NULL)
871 LocalFree(SidString);
872
873 if (AccountSd != NULL)
874 RtlFreeHeap(RtlGetProcessHeap(), 0, AccountSd);
875
876 return Status;
877}
878
879
880/* Function 10 */
882WINAPI
884 LSAPR_HANDLE PolicyHandle,
885 PRPC_SID AccountSid,
887 LSAPR_HANDLE *AccountHandle)
888{
889 PLSA_DB_OBJECT PolicyObject;
890 PLSA_DB_OBJECT AccountObject = NULL;
892
893 TRACE("LsarCreateAccount(%p %p %lx %p)\n",
894 PolicyHandle, AccountSid, DesiredAccess, AccountHandle);
895
896 /* Validate the AccountSid */
897 if (!RtlValidSid(AccountSid))
899
900 /* Validate the PolicyHandle */
901 Status = LsapValidateDbObject(PolicyHandle,
904 &PolicyObject);
905 if (!NT_SUCCESS(Status))
906 {
907 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
908 return Status;
909 }
910
911
912 Status = LsarpCreateAccount(PolicyObject,
913 AccountSid,
915 &AccountObject);
916 if (NT_SUCCESS(Status))
917 {
918 *AccountHandle = (LSAPR_HANDLE)AccountObject;
919 }
920
921 return Status;
922}
923
924
925/* Function 11 */
927WINAPI
929 LSAPR_HANDLE PolicyHandle,
930 DWORD *EnumerationContext,
931 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer,
932 DWORD PreferedMaximumLength)
933{
934 LSAPR_ACCOUNT_ENUM_BUFFER EnumBuffer = {0, NULL};
935 PLSA_DB_OBJECT PolicyObject = NULL;
936 PWSTR AccountKeyBuffer = NULL;
937 HANDLE AccountsKeyHandle = NULL;
938 HANDLE AccountKeyHandle;
939 HANDLE SidKeyHandle;
940 ULONG AccountKeyBufferSize;
941 ULONG EnumIndex;
942 ULONG EnumCount;
945 ULONG i;
947
948 TRACE("LsarEnumerateAccount(%p %p %p %lu)\n",
949 PolicyHandle, EnumerationContext, EnumerationBuffer, PreferedMaximumLength);
950
951 if (EnumerationContext == NULL ||
952 EnumerationBuffer == NULL)
954
955 EnumerationBuffer->EntriesRead = 0;
956 EnumerationBuffer->Information = NULL;
957
958 /* Validate the PolicyHandle */
959 Status = LsapValidateDbObject(PolicyHandle,
962 &PolicyObject);
963 if (!NT_SUCCESS(Status))
964 {
965 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
966 return Status;
967 }
968
969 Status = LsapRegOpenKey(PolicyObject->KeyHandle,
970 L"Accounts",
971 KEY_READ,
972 &AccountsKeyHandle);
973 if (!NT_SUCCESS(Status))
974 return Status;
975
976 Status = LsapRegQueryKeyInfo(AccountsKeyHandle,
977 NULL,
978 &AccountKeyBufferSize,
979 NULL);
980 if (!NT_SUCCESS(Status))
981 {
982 ERR("LsapRegQueryKeyInfo returned 0x%08lx\n", Status);
983 return Status;
984 }
985
986 AccountKeyBufferSize += sizeof(WCHAR);
987 AccountKeyBuffer = RtlAllocateHeap(RtlGetProcessHeap(), 0, AccountKeyBufferSize);
988 if (AccountKeyBuffer == NULL)
989 {
990 return STATUS_NO_MEMORY;
991 }
992
993 EnumIndex = *EnumerationContext;
994 EnumCount = 0;
995 RequiredLength = 0;
996
997 while (TRUE)
998 {
999 Status = LsapRegEnumerateSubKey(AccountsKeyHandle,
1000 EnumIndex,
1001 AccountKeyBufferSize,
1002 AccountKeyBuffer);
1003 if (!NT_SUCCESS(Status))
1004 break;
1005
1006 TRACE("EnumIndex: %lu\n", EnumIndex);
1007 TRACE("Account key name: %S\n", AccountKeyBuffer);
1008
1009 Status = LsapRegOpenKey(AccountsKeyHandle,
1010 AccountKeyBuffer,
1011 KEY_READ,
1012 &AccountKeyHandle);
1013 TRACE("LsapRegOpenKey returned %08lX\n", Status);
1014 if (NT_SUCCESS(Status))
1015 {
1016 Status = LsapRegOpenKey(AccountKeyHandle,
1017 L"Sid",
1018 KEY_READ,
1019 &SidKeyHandle);
1020 TRACE("LsapRegOpenKey returned %08lX\n", Status);
1021 if (NT_SUCCESS(Status))
1022 {
1023 DataLength = 0;
1024 Status = LsapRegQueryValue(SidKeyHandle,
1025 NULL,
1026 NULL,
1027 NULL,
1028 &DataLength);
1029 TRACE("LsapRegQueryValue returned %08lX\n", Status);
1030 if (NT_SUCCESS(Status))
1031 {
1032 TRACE("Data length: %lu\n", DataLength);
1033
1034 if ((RequiredLength + DataLength + sizeof(LSAPR_ACCOUNT_INFORMATION)) > PreferedMaximumLength)
1035 break;
1036
1038 EnumCount++;
1039 }
1040
1041 LsapRegCloseKey(SidKeyHandle);
1042 }
1043
1044 LsapRegCloseKey(AccountKeyHandle);
1045 }
1046
1047 EnumIndex++;
1048 }
1049
1050 TRACE("EnumCount: %lu\n", EnumCount);
1051 TRACE("RequiredLength: %lu\n", RequiredLength);
1052
1053 EnumBuffer.EntriesRead = EnumCount;
1054 EnumBuffer.Information = midl_user_allocate(EnumCount * sizeof(LSAPR_ACCOUNT_INFORMATION));
1055 if (EnumBuffer.Information == NULL)
1056 {
1058 goto done;
1059 }
1060
1061 EnumIndex = *EnumerationContext;
1062 for (i = 0; i < EnumCount; i++, EnumIndex++)
1063 {
1064 Status = LsapRegEnumerateSubKey(AccountsKeyHandle,
1065 EnumIndex,
1066 AccountKeyBufferSize,
1067 AccountKeyBuffer);
1068 if (!NT_SUCCESS(Status))
1069 break;
1070
1071 TRACE("EnumIndex: %lu\n", EnumIndex);
1072 TRACE("Account key name: %S\n", AccountKeyBuffer);
1073
1074 Status = LsapRegOpenKey(AccountsKeyHandle,
1075 AccountKeyBuffer,
1076 KEY_READ,
1077 &AccountKeyHandle);
1078 TRACE("LsapRegOpenKey returned %08lX\n", Status);
1079 if (NT_SUCCESS(Status))
1080 {
1081 Status = LsapRegOpenKey(AccountKeyHandle,
1082 L"Sid",
1083 KEY_READ,
1084 &SidKeyHandle);
1085 TRACE("LsapRegOpenKey returned %08lX\n", Status);
1086 if (NT_SUCCESS(Status))
1087 {
1088 DataLength = 0;
1089 Status = LsapRegQueryValue(SidKeyHandle,
1090 NULL,
1091 NULL,
1092 NULL,
1093 &DataLength);
1094 TRACE("LsapRegQueryValue returned %08lX\n", Status);
1095 if (NT_SUCCESS(Status))
1096 {
1098 if (EnumBuffer.Information[i].Sid == NULL)
1099 {
1100 LsapRegCloseKey(AccountKeyHandle);
1102 goto done;
1103 }
1104
1105 Status = LsapRegQueryValue(SidKeyHandle,
1106 NULL,
1107 NULL,
1108 EnumBuffer.Information[i].Sid,
1109 &DataLength);
1110 TRACE("SampRegQueryValue returned %08lX\n", Status);
1111 }
1112
1113 LsapRegCloseKey(SidKeyHandle);
1114 }
1115
1116 LsapRegCloseKey(AccountKeyHandle);
1117
1118 if (!NT_SUCCESS(Status))
1119 goto done;
1120 }
1121 }
1122
1123 if (NT_SUCCESS(Status))
1124 {
1125 *EnumerationContext += EnumCount;
1126 EnumerationBuffer->EntriesRead = EnumBuffer.EntriesRead;
1127 EnumerationBuffer->Information = EnumBuffer.Information;
1128 }
1129
1130done:
1131 if (!NT_SUCCESS(Status))
1132 {
1133 if (EnumBuffer.Information)
1134 {
1135 for (i = 0; i < EnumBuffer.EntriesRead; i++)
1136 {
1137 if (EnumBuffer.Information[i].Sid != NULL)
1138 midl_user_free(EnumBuffer.Information[i].Sid);
1139 }
1140
1141 midl_user_free(EnumBuffer.Information);
1142 }
1143 }
1144
1145 if (AccountKeyBuffer != NULL)
1146 RtlFreeHeap(RtlGetProcessHeap(), 0, AccountKeyBuffer);
1147
1148 if (AccountsKeyHandle != NULL)
1149 LsapRegCloseKey(AccountsKeyHandle);
1150
1151 return Status;
1152}
1153
1154
1155/* Function 12 */
1157WINAPI
1159 LSAPR_HANDLE PolicyHandle,
1160 PLSAPR_TRUST_INFORMATION TrustedDomainInformation,
1162 LSAPR_HANDLE *TrustedDomainHandle)
1163{
1164 /* Fail, if we are not a domain controller */
1167
1170}
1171
1172
1173/* Function 13 */
1175WINAPI
1177 LSAPR_HANDLE PolicyHandle,
1178 DWORD *EnumerationContext,
1179 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
1180 DWORD PreferedMaximumLength)
1181{
1182 /* FIXME: We are not running an AD yet */
1183 EnumerationBuffer->EntriesRead = 0;
1184 EnumerationBuffer->Information = NULL;
1186}
1187
1188
1189/* Function 14 */
1191WINAPI
1193 LSAPR_HANDLE PolicyHandle,
1194 DWORD Count,
1196 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1197 PLSAPR_TRANSLATED_SIDS TranslatedSids,
1198 LSAP_LOOKUP_LEVEL LookupLevel,
1199 DWORD *MappedCount)
1200{
1201 LSAPR_TRANSLATED_SIDS_EX2 TranslatedSidsEx2;
1202 ULONG i;
1204
1205 TRACE("LsarLookupNames(%p %lu %p %p %p %d %p)\n",
1206 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
1207 LookupLevel, MappedCount);
1208
1209 TranslatedSids->Entries = 0;
1210 TranslatedSids->Sids = NULL;
1211 *ReferencedDomains = NULL;
1212
1213 if (Count == 0)
1214 return STATUS_NONE_MAPPED;
1215
1216 TranslatedSidsEx2.Entries = 0;
1217 TranslatedSidsEx2.Sids = NULL;
1218
1220 Names,
1221 ReferencedDomains,
1222 &TranslatedSidsEx2,
1223 LookupLevel,
1224 MappedCount,
1225 0,
1226 0);
1227 if (!NT_SUCCESS(Status))
1228 return Status;
1229
1230 TranslatedSids->Entries = TranslatedSidsEx2.Entries;
1231 TranslatedSids->Sids = MIDL_user_allocate(TranslatedSids->Entries * sizeof(LSA_TRANSLATED_SID));
1232 if (TranslatedSids->Sids == NULL)
1233 {
1234 MIDL_user_free(TranslatedSidsEx2.Sids);
1235 MIDL_user_free(*ReferencedDomains);
1236 *ReferencedDomains = NULL;
1238 }
1239
1240 for (i = 0; i < TranslatedSidsEx2.Entries; i++)
1241 {
1242 TranslatedSids->Sids[i].Use = TranslatedSidsEx2.Sids[i].Use;
1243 TranslatedSids->Sids[i].RelativeId = LsapGetRelativeIdFromSid(TranslatedSidsEx2.Sids[i].Sid);
1244 TranslatedSids->Sids[i].DomainIndex = TranslatedSidsEx2.Sids[i].DomainIndex;
1245 }
1246
1247 MIDL_user_free(TranslatedSidsEx2.Sids);
1248
1249 return STATUS_SUCCESS;
1250}
1251
1252
1253/* Function 15 */
1255WINAPI
1257 LSAPR_HANDLE PolicyHandle,
1258 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
1259 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1260 PLSAPR_TRANSLATED_NAMES TranslatedNames,
1261 LSAP_LOOKUP_LEVEL LookupLevel,
1262 DWORD *MappedCount)
1263{
1264 LSAPR_TRANSLATED_NAMES_EX TranslatedNamesEx;
1265 ULONG i;
1267
1268 TRACE("LsarLookupSids(%p %p %p %p %d %p)\n",
1269 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
1270 LookupLevel, MappedCount);
1271
1272 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
1273
1274 TranslatedNames->Entries = SidEnumBuffer->Entries;
1275 TranslatedNames->Names = NULL;
1276 *ReferencedDomains = NULL;
1277
1278 TranslatedNamesEx.Entries = SidEnumBuffer->Entries;
1279 TranslatedNamesEx.Names = NULL;
1280
1281 Status = LsapLookupSids(SidEnumBuffer,
1282 ReferencedDomains,
1283 &TranslatedNamesEx,
1284 LookupLevel,
1285 MappedCount,
1286 0,
1287 0);
1288 if (!NT_SUCCESS(Status))
1289 return Status;
1290
1291 TranslatedNames->Entries = SidEnumBuffer->Entries;
1292 TranslatedNames->Names = MIDL_user_allocate(SidEnumBuffer->Entries * sizeof(LSAPR_TRANSLATED_NAME));
1293 if (TranslatedNames->Names == NULL)
1294 {
1295 MIDL_user_free(TranslatedNamesEx.Names);
1296 MIDL_user_free(*ReferencedDomains);
1297 *ReferencedDomains = NULL;
1299 }
1300
1301 for (i = 0; i < TranslatedNamesEx.Entries; i++)
1302 {
1303 TranslatedNames->Names[i].Use = TranslatedNamesEx.Names[i].Use;
1304 TranslatedNames->Names[i].Name.Length = TranslatedNamesEx.Names[i].Name.Length;
1305 TranslatedNames->Names[i].Name.MaximumLength = TranslatedNamesEx.Names[i].Name.MaximumLength;
1306 TranslatedNames->Names[i].Name.Buffer = TranslatedNamesEx.Names[i].Name.Buffer;
1307 TranslatedNames->Names[i].DomainIndex = TranslatedNamesEx.Names[i].DomainIndex;
1308 }
1309
1310 MIDL_user_free(TranslatedNamesEx.Names);
1311
1312 return Status;
1313}
1314
1315
1316/* Function 16 */
1318WINAPI
1320 LSAPR_HANDLE PolicyHandle,
1321 PRPC_UNICODE_STRING SecretName,
1323 LSAPR_HANDLE *SecretHandle)
1324{
1325 PLSA_DB_OBJECT PolicyObject;
1326 PLSA_DB_OBJECT SecretObject = NULL;
1328 PSECURITY_DESCRIPTOR SecretSd = NULL;
1329 ULONG SecretSdSize;
1331
1332 TRACE("LsarCreateSecret(%p %wZ %lx %p)\n",
1333 PolicyHandle, SecretName, DesiredAccess, SecretHandle);
1334
1335 /* Validate the PolicyHandle */
1336 Status = LsapValidateDbObject(PolicyHandle,
1339 &PolicyObject);
1340 if (!NT_SUCCESS(Status))
1341 {
1342 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1343 return Status;
1344 }
1345
1346 /* Get the current time */
1348 if (!NT_SUCCESS(Status))
1349 {
1350 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
1351 goto done;
1352 }
1353
1354 /* Create a security descriptor for the secret */
1355 Status = LsapCreateSecretSd(&SecretSd,
1356 &SecretSdSize);
1357 if (!NT_SUCCESS(Status))
1358 {
1359 ERR("LsapCreateAccountSd returned 0x%08lx\n", Status);
1360 return Status;
1361 }
1362
1363 /* Create the Secret object */
1364 Status = LsapCreateDbObject(PolicyObject,
1365 L"Secrets",
1366 SecretName->Buffer,
1369 PolicyObject->Trusted,
1370 &SecretObject);
1371 if (!NT_SUCCESS(Status))
1372 {
1373 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
1374 goto done;
1375 }
1376
1377 /* Set the CurrentTime attribute */
1378 Status = LsapSetObjectAttribute(SecretObject,
1379 L"CurrentTime",
1380 (PVOID)&Time,
1381 sizeof(LARGE_INTEGER));
1382 if (!NT_SUCCESS(Status))
1383 {
1384 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status);
1385 goto done;
1386 }
1387
1388 /* Set the OldTime attribute */
1389 Status = LsapSetObjectAttribute(SecretObject,
1390 L"OldTime",
1391 (PVOID)&Time,
1392 sizeof(LARGE_INTEGER));
1393 if (!NT_SUCCESS(Status))
1394 {
1395 ERR("LsapSetObjectAttribute (OldTime) failed (Status 0x%08lx)\n", Status);
1396 goto done;
1397 }
1398
1399 /* Set the SecDesc attribute */
1400 Status = LsapSetObjectAttribute(SecretObject,
1401 L"SecDesc",
1402 SecretSd,
1403 SecretSdSize);
1404
1405done:
1406 if (SecretSd != NULL)
1407 RtlFreeHeap(RtlGetProcessHeap(), 0, SecretSd);
1408
1409 if (!NT_SUCCESS(Status))
1410 {
1411 if (SecretObject != NULL)
1412 LsapCloseDbObject(SecretObject);
1413 }
1414 else
1415 {
1416 *SecretHandle = (LSAPR_HANDLE)SecretObject;
1417 }
1418
1419 return STATUS_SUCCESS;
1420}
1421
1422
1423static
1426 IN PLSA_DB_OBJECT PolicyObject,
1427 IN PRPC_SID AccountSid,
1429 OUT PLSA_DB_OBJECT *AccountObject)
1430{
1431 LPWSTR SidString = NULL;
1433
1434 /* Create SID string */
1435 if (!ConvertSidToStringSid((PSID)AccountSid,
1436 &SidString))
1437 {
1438 ERR("ConvertSidToStringSid failed\n");
1440 }
1441
1442 /* Create the Account object */
1443 Status = LsapOpenDbObject(PolicyObject,
1444 L"Accounts",
1445 SidString,
1448 PolicyObject->Trusted,
1449 AccountObject);
1450 if (!NT_SUCCESS(Status))
1451 {
1452 ERR("LsapOpenDbObject(Accounts/%S) failed (Status 0x%08lx)\n", SidString, Status);
1453 }
1454
1455 if (SidString != NULL)
1456 LocalFree(SidString);
1457
1458 return Status;
1459}
1460
1461
1462/* Function 17 */
1464WINAPI
1466 LSAPR_HANDLE PolicyHandle,
1467 PRPC_SID AccountSid,
1469 LSAPR_HANDLE *AccountHandle)
1470{
1471 PLSA_DB_OBJECT PolicyObject;
1473
1474 TRACE("LsarOpenAccount(%p %p %lx %p)\n",
1475 PolicyHandle, AccountSid, DesiredAccess, AccountHandle);
1476
1477 /* Validate the AccountSid */
1478 if (!RtlValidSid(AccountSid))
1480
1481 /* Validate the PolicyHandle */
1482 Status = LsapValidateDbObject(PolicyHandle,
1484 0,
1485 &PolicyObject);
1486 if (!NT_SUCCESS(Status))
1487 {
1488 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1489 return Status;
1490 }
1491
1492
1493 /* Open the Account object */
1494 return LsarpOpenAccount(PolicyObject,
1495 AccountSid,
1497 (PLSA_DB_OBJECT *)AccountHandle);
1498}
1499
1500
1501/* Function 18 */
1503WINAPI
1505 LSAPR_HANDLE AccountHandle,
1507{
1508 PLSA_DB_OBJECT AccountObject;
1509 ULONG PrivilegeSetSize = 0;
1510 PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
1512
1513 TRACE("LsarEnumeratePrivilegesAccount(%p %p)\n",
1514 AccountHandle, Privileges);
1515
1516 *Privileges = NULL;
1517
1518 /* Validate the AccountHandle */
1519 Status = LsapValidateDbObject(AccountHandle,
1522 &AccountObject);
1523 if (!NT_SUCCESS(Status))
1524 {
1525 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1526 return Status;
1527 }
1528
1529 /* Get the size of the privilege set */
1530 Status = LsapGetObjectAttribute(AccountObject,
1531 L"Privilgs",
1532 NULL,
1533 &PrivilegeSetSize);
1534 if (!NT_SUCCESS(Status))
1535 return Status;
1536
1537 /* Allocate a buffer for the privilege set */
1538 PrivilegeSet = MIDL_user_allocate(PrivilegeSetSize);
1539 if (PrivilegeSet == NULL)
1540 return STATUS_NO_MEMORY;
1541
1542 /* Get the privilege set */
1543 Status = LsapGetObjectAttribute(AccountObject,
1544 L"Privilgs",
1545 PrivilegeSet,
1546 &PrivilegeSetSize);
1547 if (!NT_SUCCESS(Status))
1548 {
1549 MIDL_user_free(PrivilegeSet);
1550 return Status;
1551 }
1552
1553 /* Return a pointer to the privilege set */
1554 *Privileges = PrivilegeSet;
1555
1556 return STATUS_SUCCESS;
1557}
1558
1559
1560/* Function 19 */
1562WINAPI
1564 LSAPR_HANDLE AccountHandle,
1566{
1567 PLSA_DB_OBJECT AccountObject;
1568 PPRIVILEGE_SET CurrentPrivileges = NULL;
1569 PPRIVILEGE_SET NewPrivileges = NULL;
1570 ULONG PrivilegeSetSize = 0;
1571 ULONG PrivilegeCount;
1572 ULONG i, j;
1573 BOOL bFound;
1575
1576 TRACE("LsarAddPrivilegesToAccount(%p %p)\n",
1577 AccountHandle, Privileges);
1578
1579 /* Validate the AccountHandle */
1580 Status = LsapValidateDbObject(AccountHandle,
1583 &AccountObject);
1584 if (!NT_SUCCESS(Status))
1585 {
1586 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1587 return Status;
1588 }
1589
1590 /* Get the size of the Privilgs attribute */
1591 Status = LsapGetObjectAttribute(AccountObject,
1592 L"Privilgs",
1593 NULL,
1594 &PrivilegeSetSize);
1595 if (!NT_SUCCESS(Status) || PrivilegeSetSize == 0)
1596 {
1597 /* The Privilgs attribute does not exist */
1598
1599 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1600 (Privileges->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1601 Status = LsapSetObjectAttribute(AccountObject,
1602 L"Privilgs",
1603 Privileges,
1604 PrivilegeSetSize);
1605 }
1606 else
1607 {
1608 /* The Privilgs attribute exists */
1609
1610 /* Allocate memory for the stored privilege set */
1611 CurrentPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1612 if (CurrentPrivileges == NULL)
1613 return STATUS_NO_MEMORY;
1614
1615 /* Get the current privilege set */
1616 Status = LsapGetObjectAttribute(AccountObject,
1617 L"Privilgs",
1618 CurrentPrivileges,
1619 &PrivilegeSetSize);
1620 if (!NT_SUCCESS(Status))
1621 {
1622 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
1623 goto done;
1624 }
1625
1626 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1627 TRACE("Current privilege count: %lu\n", PrivilegeCount);
1628
1629 /* Calculate the number of privileges in the combined privilege set */
1630 for (i = 0; i < Privileges->PrivilegeCount; i++)
1631 {
1632 bFound = FALSE;
1633 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1634 {
1635 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1636 &(CurrentPrivileges->Privilege[i].Luid)))
1637 {
1638 bFound = TRUE;
1639 break;
1640 }
1641 }
1642
1643 if (bFound == FALSE)
1644 {
1645 TRACE("Found new privilege\n");
1646 PrivilegeCount++;
1647 }
1648 }
1649 TRACE("New privilege count: %lu\n", PrivilegeCount);
1650
1651 /* Calculate the size of the new privilege set and allocate it */
1652 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1653 (PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1654 NewPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1655 if (NewPrivileges == NULL)
1656 {
1658 goto done;
1659 }
1660
1661 /* Initialize the new privilege set */
1662 NewPrivileges->PrivilegeCount = PrivilegeCount;
1663 NewPrivileges->Control = 0;
1664
1665 /* Copy all privileges from the current privilege set */
1667 &(CurrentPrivileges->Privilege[0]),
1668 &(NewPrivileges->Privilege[0]));
1669
1670 /* Add new privileges to the new privilege set */
1671 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1672 for (i = 0; i < Privileges->PrivilegeCount; i++)
1673 {
1674 bFound = FALSE;
1675 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1676 {
1677 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1678 &(CurrentPrivileges->Privilege[i].Luid)))
1679 {
1680 /* Overwrite attributes if a matching privilege was found */
1681 NewPrivileges->Privilege[j].Attributes = Privileges->Privilege[i].Attributes;
1682
1683 bFound = TRUE;
1684 break;
1685 }
1686 }
1687
1688 if (bFound == FALSE)
1689 {
1690 /* Copy the new privilege */
1692 (PLUID_AND_ATTRIBUTES)&(Privileges->Privilege[i]),
1693 &(NewPrivileges->Privilege[PrivilegeCount]));
1694 PrivilegeCount++;
1695 }
1696 }
1697
1698 /* Set the new privilege set */
1699 Status = LsapSetObjectAttribute(AccountObject,
1700 L"Privilgs",
1701 NewPrivileges,
1702 PrivilegeSetSize);
1703 }
1704
1705done:
1706 if (CurrentPrivileges != NULL)
1707 MIDL_user_free(CurrentPrivileges);
1708
1709 if (NewPrivileges != NULL)
1710 MIDL_user_free(NewPrivileges);
1711
1712 return Status;
1713}
1714
1715
1716/* Function 20 */
1718WINAPI
1720 LSAPR_HANDLE AccountHandle,
1721 BOOLEAN AllPrivileges,
1723{
1724 PLSA_DB_OBJECT AccountObject;
1725 PPRIVILEGE_SET CurrentPrivileges = NULL;
1726 PPRIVILEGE_SET NewPrivileges = NULL;
1727 ULONG PrivilegeSetSize = 0;
1728 ULONG PrivilegeCount;
1729 ULONG i, j, k;
1730 BOOL bFound;
1732
1733 TRACE("LsarRemovePrivilegesFromAccount(%p %u %p)\n",
1734 AccountHandle, AllPrivileges, Privileges);
1735
1736 /* */
1737 if (((AllPrivileges == FALSE) && (Privileges == NULL)) ||
1738 ((AllPrivileges != FALSE) && (Privileges != NULL)))
1740
1741 /* Validate the AccountHandle */
1742 Status = LsapValidateDbObject(AccountHandle,
1745 &AccountObject);
1746 if (!NT_SUCCESS(Status))
1747 {
1748 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1749 return Status;
1750 }
1751
1752 if (AllPrivileges != FALSE)
1753 {
1754 /* Delete the Privilgs attribute */
1755 Status = LsapDeleteObjectAttribute(AccountObject,
1756 L"Privilgs");
1759 }
1760 else
1761 {
1762 /* Get the size of the Privilgs attribute */
1763 Status = LsapGetObjectAttribute(AccountObject,
1764 L"Privilgs",
1765 NULL,
1766 &PrivilegeSetSize);
1767 if (!NT_SUCCESS(Status))
1768 goto done;
1769
1770 /* Succeed, if there is no privilege set to remove privileges from */
1771 if (PrivilegeSetSize == 0)
1772 {
1774 goto done;
1775 }
1776
1777 /* Allocate memory for the stored privilege set */
1778 CurrentPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1779 if (CurrentPrivileges == NULL)
1780 return STATUS_NO_MEMORY;
1781
1782 /* Get the current privilege set */
1783 Status = LsapGetObjectAttribute(AccountObject,
1784 L"Privilgs",
1785 CurrentPrivileges,
1786 &PrivilegeSetSize);
1787 if (!NT_SUCCESS(Status))
1788 {
1789 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
1790 goto done;
1791 }
1792
1793 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1794 TRACE("Current privilege count: %lu\n", PrivilegeCount);
1795
1796 /* Calculate the number of privileges in the new privilege set */
1797 for (i = 0; i < CurrentPrivileges->PrivilegeCount; i++)
1798 {
1799 for (j = 0; j < Privileges->PrivilegeCount; j++)
1800 {
1801 if (RtlEqualLuid(&(CurrentPrivileges->Privilege[i].Luid),
1802 &(Privileges->Privilege[j].Luid)))
1803 {
1804 if (PrivilegeCount > 0)
1805 PrivilegeCount--;
1806 }
1807 }
1808 }
1809 TRACE("New privilege count: %lu\n", PrivilegeCount);
1810
1811 if (PrivilegeCount == 0)
1812 {
1813 /* Delete the Privilgs attribute */
1814 Status = LsapDeleteObjectAttribute(AccountObject,
1815 L"Privilgs");
1818 }
1819 else
1820 {
1821 /* Calculate the size of the new privilege set and allocate it */
1822 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1823 (PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1824 NewPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1825 if (NewPrivileges == NULL)
1826 {
1828 goto done;
1829 }
1830
1831 /* Initialize the new privilege set */
1832 NewPrivileges->PrivilegeCount = PrivilegeCount;
1833 NewPrivileges->Control = 0;
1834
1835 /* Copy the privileges which are not to be removed */
1836 for (i = 0, k = 0; i < CurrentPrivileges->PrivilegeCount; i++)
1837 {
1838 bFound = FALSE;
1839 for (j = 0; j < Privileges->PrivilegeCount; j++)
1840 {
1841 if (RtlEqualLuid(&(CurrentPrivileges->Privilege[i].Luid),
1842 &(Privileges->Privilege[j].Luid)))
1843 bFound = TRUE;
1844 }
1845
1846 if (bFound == FALSE)
1847 {
1848 /* Copy the privilege */
1850 &(CurrentPrivileges->Privilege[i]),
1851 &(NewPrivileges->Privilege[k]));
1852 k++;
1853 }
1854 }
1855
1856 /* Set the new privilege set */
1857 Status = LsapSetObjectAttribute(AccountObject,
1858 L"Privilgs",
1859 NewPrivileges,
1860 PrivilegeSetSize);
1861 }
1862 }
1863
1864done:
1865 if (CurrentPrivileges != NULL)
1866 MIDL_user_free(CurrentPrivileges);
1867
1868 if (NewPrivileges != NULL)
1869 MIDL_user_free(NewPrivileges);
1870
1871 return Status;
1872}
1873
1874
1875/* Function 21 */
1877WINAPI
1879 LSAPR_HANDLE AccountHandle,
1880 PQUOTA_LIMITS QuotaLimits)
1881{
1882 PLSA_DB_OBJECT AccountObject;
1883 ULONG Size;
1885
1886 TRACE("LsarGetQuotasForAccount(%p %p)\n",
1887 AccountHandle, QuotaLimits);
1888
1889 /* Validate the account handle */
1890 Status = LsapValidateDbObject(AccountHandle,
1893 &AccountObject);
1894 if (!NT_SUCCESS(Status))
1895 {
1896 ERR("Invalid handle (Status %lx)\n", Status);
1897 return Status;
1898 }
1899
1900 /* Get the quota attribute */
1901 Status = LsapGetObjectAttribute(AccountObject,
1902 L"DefQuota",
1903 QuotaLimits,
1904 &Size);
1905
1906 return Status;
1907}
1908
1909
1910/* Function 22 */
1912WINAPI
1914 LSAPR_HANDLE AccountHandle,
1915 PQUOTA_LIMITS QuotaLimits)
1916{
1917 PLSA_DB_OBJECT AccountObject;
1918 QUOTA_LIMITS InternalQuotaLimits;
1919 ULONG Size;
1921
1922 TRACE("LsarSetQuotasForAccount(%p %p)\n",
1923 AccountHandle, QuotaLimits);
1924
1925 /* Validate the account handle */
1926 Status = LsapValidateDbObject(AccountHandle,
1929 &AccountObject);
1930 if (!NT_SUCCESS(Status))
1931 {
1932 ERR("Invalid handle (Status %lx)\n", Status);
1933 return Status;
1934 }
1935
1936 /* Get the quota limits attribute */
1937 Size = sizeof(QUOTA_LIMITS);
1938 Status = LsapGetObjectAttribute(AccountObject,
1939 L"DefQuota",
1940 &InternalQuotaLimits,
1941 &Size);
1942 if (!NT_SUCCESS(Status))
1943 {
1944 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
1945 return Status;
1946 }
1947
1948 /* Update the quota limits */
1949 if (QuotaLimits->PagedPoolLimit != 0)
1950 InternalQuotaLimits.PagedPoolLimit = QuotaLimits->PagedPoolLimit;
1951
1952 if (QuotaLimits->NonPagedPoolLimit != 0)
1953 InternalQuotaLimits.NonPagedPoolLimit = QuotaLimits->NonPagedPoolLimit;
1954
1955 if (QuotaLimits->MinimumWorkingSetSize != 0)
1956 InternalQuotaLimits.MinimumWorkingSetSize = QuotaLimits->MinimumWorkingSetSize;
1957
1958 if (QuotaLimits->MaximumWorkingSetSize != 0)
1959 InternalQuotaLimits.MaximumWorkingSetSize = QuotaLimits->MaximumWorkingSetSize;
1960
1961 if (QuotaLimits->PagefileLimit != 0)
1962 InternalQuotaLimits.PagefileLimit = QuotaLimits->PagefileLimit;
1963
1964 /* Set the quota limits attribute */
1965 Status = LsapSetObjectAttribute(AccountObject,
1966 L"DefQuota",
1967 &InternalQuotaLimits,
1968 sizeof(QUOTA_LIMITS));
1969
1970 return Status;
1971}
1972
1973
1974/* Function 23 */
1976WINAPI
1978 LSAPR_HANDLE AccountHandle,
1979 ACCESS_MASK *SystemAccess)
1980{
1981 PLSA_DB_OBJECT AccountObject;
1982 ULONG Size = sizeof(ACCESS_MASK);
1984
1985 TRACE("LsarGetSystemAccessAccount(%p %p)\n",
1986 AccountHandle, SystemAccess);
1987
1988 /* Validate the account handle */
1989 Status = LsapValidateDbObject(AccountHandle,
1992 &AccountObject);
1993 if (!NT_SUCCESS(Status))
1994 {
1995 ERR("Invalid handle (Status %lx)\n", Status);
1996 return Status;
1997 }
1998
1999 /* Get the system access flags */
2000 Status = LsapGetObjectAttribute(AccountObject,
2001 L"ActSysAc",
2002 SystemAccess,
2003 &Size);
2004
2005 return Status;
2006}
2007
2008
2009/* Function 24 */
2011WINAPI
2013 LSAPR_HANDLE AccountHandle,
2014 ACCESS_MASK SystemAccess)
2015{
2016 PLSA_DB_OBJECT AccountObject;
2018
2019 TRACE("LsarSetSystemAccessAccount(%p %lx)\n",
2020 AccountHandle, SystemAccess);
2021
2022 /* Validate the account handle */
2023 Status = LsapValidateDbObject(AccountHandle,
2026 &AccountObject);
2027 if (!NT_SUCCESS(Status))
2028 {
2029 ERR("Invalid handle (Status %lx)\n", Status);
2030 return Status;
2031 }
2032
2033 /* Set the system access flags */
2034 Status = LsapSetObjectAttribute(AccountObject,
2035 L"ActSysAc",
2036 &SystemAccess,
2037 sizeof(ACCESS_MASK));
2038
2039 return Status;
2040}
2041
2042
2043/* Function 25 */
2045WINAPI
2047 LSAPR_HANDLE PolicyHandle,
2048 PRPC_SID TrustedDomainSid,
2050 LSAPR_HANDLE *TrustedDomainHandle)
2051{
2052 /* Fail, if we are not a domain controller */
2055
2058}
2059
2060
2061/* Function 26 */
2063WINAPI
2065 LSAPR_HANDLE TrustedDomainHandle,
2067 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
2068{
2071}
2072
2073
2074/* Function 27 */
2076WINAPI
2078 LSAPR_HANDLE TrustedDomainHandle,
2080 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
2081{
2084}
2085
2086
2087/* Function 28 */
2089WINAPI
2091 LSAPR_HANDLE PolicyHandle,
2092 PRPC_UNICODE_STRING SecretName,
2094 LSAPR_HANDLE *SecretHandle)
2095{
2096 PLSA_DB_OBJECT PolicyObject;
2097 PLSA_DB_OBJECT SecretObject = NULL;
2099
2100 TRACE("LsarOpenSecret(%p %wZ %lx %p)\n",
2101 PolicyHandle, SecretName, DesiredAccess, SecretHandle);
2102
2103 /* Validate the PolicyHandle */
2104 Status = LsapValidateDbObject(PolicyHandle,
2106 0,
2107 &PolicyObject);
2108 if (!NT_SUCCESS(Status))
2109 {
2110 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
2111 return Status;
2112 }
2113
2114 /* Create the secret object */
2115 Status = LsapOpenDbObject(PolicyObject,
2116 L"Secrets",
2117 SecretName->Buffer,
2120 PolicyObject->Trusted,
2121 &SecretObject);
2122 if (!NT_SUCCESS(Status))
2123 {
2124 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
2125 goto done;
2126 }
2127
2128done:
2129 if (!NT_SUCCESS(Status))
2130 {
2131 if (SecretObject != NULL)
2132 LsapCloseDbObject(SecretObject);
2133 }
2134 else
2135 {
2136 *SecretHandle = (LSAPR_HANDLE)SecretObject;
2137 }
2138
2139 return Status;
2140}
2141
2142
2143/* Function 29 */
2145WINAPI
2147 LSAPR_HANDLE SecretHandle,
2148 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue,
2149 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue)
2150{
2151 PLSA_DB_OBJECT SecretObject;
2152 PBYTE CurrentValue = NULL;
2153 PBYTE OldValue = NULL;
2154 ULONG CurrentValueLength = 0;
2155 ULONG OldValueLength = 0;
2158
2159 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle,
2160 EncryptedCurrentValue, EncryptedOldValue);
2161
2162 /* Validate the SecretHandle */
2163 Status = LsapValidateDbObject(SecretHandle,
2166 &SecretObject);
2167 if (!NT_SUCCESS(Status))
2168 {
2169 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
2170 return Status;
2171 }
2172
2173 if (EncryptedCurrentValue != NULL)
2174 {
2175 /* FIXME: Decrypt the current value */
2176 CurrentValue = EncryptedCurrentValue->Buffer;
2177 CurrentValueLength = EncryptedCurrentValue->MaximumLength;
2178 }
2179
2180 /* Set the current value */
2181 Status = LsapSetObjectAttribute(SecretObject,
2182 L"CurrentValue",
2183 CurrentValue,
2184 CurrentValueLength);
2185 if (!NT_SUCCESS(Status))
2186 {
2187 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
2188 goto done;
2189 }
2190
2191 /* Get the current time */
2193 if (!NT_SUCCESS(Status))
2194 {
2195 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
2196 goto done;
2197 }
2198
2199 /* Set the current time */
2200 Status = LsapSetObjectAttribute(SecretObject,
2201 L"CurrentTime",
2202 &Time,
2203 sizeof(LARGE_INTEGER));
2204 if (!NT_SUCCESS(Status))
2205 {
2206 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
2207 goto done;
2208 }
2209
2210 if (EncryptedOldValue != NULL)
2211 {
2212 /* FIXME: Decrypt the old value */
2213 OldValue = EncryptedOldValue->Buffer;
2214 OldValueLength = EncryptedOldValue->MaximumLength;
2215 }
2216
2217 /* Set the old value */
2218 Status = LsapSetObjectAttribute(SecretObject,
2219 L"OldValue",
2220 OldValue,
2221 OldValueLength);
2222 if (!NT_SUCCESS(Status))
2223 {
2224 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
2225 goto done;
2226 }
2227
2228 /* Set the old time */
2229 Status = LsapSetObjectAttribute(SecretObject,
2230 L"OldTime",
2231 &Time,
2232 sizeof(LARGE_INTEGER));
2233 if (!NT_SUCCESS(Status))
2234 {
2235 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
2236 }
2237
2238done:
2239 return Status;
2240}
2241
2242
2243/* Function 30 */
2245WINAPI
2247 LSAPR_HANDLE SecretHandle,
2248 PLSAPR_CR_CIPHER_VALUE *EncryptedCurrentValue,
2249 PLARGE_INTEGER CurrentValueSetTime,
2250 PLSAPR_CR_CIPHER_VALUE *EncryptedOldValue,
2251 PLARGE_INTEGER OldValueSetTime)
2252{
2253 PLSA_DB_OBJECT SecretObject;
2254 PLSAPR_CR_CIPHER_VALUE EncCurrentValue = NULL;
2255 PLSAPR_CR_CIPHER_VALUE EncOldValue = NULL;
2256 PBYTE CurrentValue = NULL;
2257 PBYTE OldValue = NULL;
2258 ULONG CurrentValueLength = 0;
2259 ULONG OldValueLength = 0;
2262
2263 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle,
2264 EncryptedCurrentValue, CurrentValueSetTime,
2265 EncryptedOldValue, OldValueSetTime);
2266
2267 /* Validate the SecretHandle */
2268 Status = LsapValidateDbObject(SecretHandle,
2271 &SecretObject);
2272 if (!NT_SUCCESS(Status))
2273 {
2274 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
2275 return Status;
2276 }
2277
2278 if (EncryptedCurrentValue != NULL)
2279 {
2280 CurrentValueLength = 0;
2281
2282 /* Get the size of the current value */
2283 Status = LsapGetObjectAttribute(SecretObject,
2284 L"CurrentValue",
2285 NULL,
2286 &CurrentValueLength);
2287 if (!NT_SUCCESS(Status))
2288 goto done;
2289
2290 /* Allocate a buffer for the current value */
2291 CurrentValue = midl_user_allocate(CurrentValueLength);
2292 if (CurrentValue == NULL)
2293 {
2295 goto done;
2296 }
2297
2298 /* Get the current value */
2299 Status = LsapGetObjectAttribute(SecretObject,
2300 L"CurrentValue",
2301 CurrentValue,
2302 &CurrentValueLength);
2303 if (!NT_SUCCESS(Status))
2304 goto done;
2305
2306 /* Allocate a buffer for the encrypted current value */
2307 EncCurrentValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE));
2308 if (EncCurrentValue == NULL)
2309 {
2311 goto done;
2312 }
2313
2314 /* FIXME: Encrypt the current value */
2315 EncCurrentValue->Length = (USHORT)(CurrentValueLength - sizeof(WCHAR));
2316 EncCurrentValue->MaximumLength = (USHORT)CurrentValueLength;
2317 EncCurrentValue->Buffer = (PBYTE)CurrentValue;
2318 }
2319
2320 if (CurrentValueSetTime != NULL)
2321 {
2322 BufferSize = sizeof(LARGE_INTEGER);
2323
2324 /* Get the current value time */
2325 Status = LsapGetObjectAttribute(SecretObject,
2326 L"CurrentTime",
2327 (PBYTE)CurrentValueSetTime,
2328 &BufferSize);
2329 if (!NT_SUCCESS(Status))
2330 goto done;
2331 }
2332
2333 if (EncryptedOldValue != NULL)
2334 {
2335 OldValueLength = 0;
2336
2337 /* Get the size of the old value */
2338 Status = LsapGetObjectAttribute(SecretObject,
2339 L"OldValue",
2340 NULL,
2341 &OldValueLength);
2342 if (!NT_SUCCESS(Status))
2343 goto done;
2344
2345 /* Allocate a buffer for the old value */
2346 OldValue = midl_user_allocate(OldValueLength);
2347 if (OldValue == NULL)
2348 {
2350 goto done;
2351 }
2352
2353 /* Get the old value */
2354 Status = LsapGetObjectAttribute(SecretObject,
2355 L"OldValue",
2356 OldValue,
2357 &OldValueLength);
2358 if (!NT_SUCCESS(Status))
2359 goto done;
2360
2361 /* Allocate a buffer for the encrypted old value */
2362 EncOldValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE) + OldValueLength);
2363 if (EncOldValue == NULL)
2364 {
2366 goto done;
2367 }
2368
2369 /* FIXME: Encrypt the old value */
2370 EncOldValue->Length = (USHORT)(OldValueLength - sizeof(WCHAR));
2371 EncOldValue->MaximumLength = (USHORT)OldValueLength;
2372 EncOldValue->Buffer = (PBYTE)OldValue;
2373 }
2374
2375 if (OldValueSetTime != NULL)
2376 {
2377 BufferSize = sizeof(LARGE_INTEGER);
2378
2379 /* Get the old value time */
2380 Status = LsapGetObjectAttribute(SecretObject,
2381 L"OldTime",
2382 (PBYTE)OldValueSetTime,
2383 &BufferSize);
2384 if (!NT_SUCCESS(Status))
2385 goto done;
2386 }
2387
2388
2389done:
2390 if (NT_SUCCESS(Status))
2391 {
2392 if (EncryptedCurrentValue != NULL)
2393 *EncryptedCurrentValue = EncCurrentValue;
2394
2395 if (EncryptedOldValue != NULL)
2396 *EncryptedOldValue = EncOldValue;
2397 }
2398 else
2399 {
2400 if (EncryptedCurrentValue != NULL)
2401 *EncryptedCurrentValue = NULL;
2402
2403 if (EncryptedOldValue != NULL)
2404 *EncryptedOldValue = NULL;
2405
2406 if (EncCurrentValue != NULL)
2407 midl_user_free(EncCurrentValue);
2408
2409 if (EncOldValue != NULL)
2410 midl_user_free(EncOldValue);
2411
2412 if (CurrentValue != NULL)
2413 midl_user_free(CurrentValue);
2414
2415 if (OldValue != NULL)
2416 midl_user_free(OldValue);
2417 }
2418
2419 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status);
2420
2421 return Status;
2422}
2423
2424
2425/* Function 31 */
2427WINAPI
2429 LSAPR_HANDLE PolicyHandle,
2431 PLUID Value)
2432{
2433 PLUID pValue;
2435
2436 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
2437 PolicyHandle, Name, Value);
2438
2439 Status = LsapValidateDbObject(PolicyHandle,
2442 NULL);
2443 if (!NT_SUCCESS(Status))
2444 {
2445 ERR("Invalid handle (Status %lx)\n", Status);
2446 return Status;
2447 }
2448
2449 TRACE("Privilege: %wZ\n", Name);
2450
2452 if (pValue == NULL)
2454
2456
2457 return STATUS_SUCCESS;
2458}
2459
2460
2461/* Function 32 */
2463WINAPI
2465 LSAPR_HANDLE PolicyHandle,
2466 PLUID Value,
2468{
2470
2471 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
2472 PolicyHandle, Value, Name);
2473
2474 Status = LsapValidateDbObject(PolicyHandle,
2477 NULL);
2478 if (!NT_SUCCESS(Status))
2479 {
2480 ERR("Invalid handle\n");
2481 return Status;
2482 }
2483
2485 Name);
2486
2487 return Status;
2488}
2489
2490
2491/* Function 33 */
2493WINAPI
2495 LSAPR_HANDLE PolicyHandle,
2497 USHORT ClientLanguage,
2498 USHORT ClientSystemDefaultLanguage,
2499 PRPC_UNICODE_STRING *DisplayName,
2500 USHORT *LanguageReturned)
2501{
2503
2504 TRACE("LsarLookupPrivilegeDisplayName(%p, %p, %u, %u, %p, %p)\n",
2505 PolicyHandle, Name, ClientLanguage, ClientSystemDefaultLanguage, DisplayName, LanguageReturned);
2506
2507 Status = LsapValidateDbObject(PolicyHandle,
2510 NULL);
2511 if (!NT_SUCCESS(Status))
2512 {
2513 ERR("Invalid handle\n");
2514 return Status;
2515 }
2516
2518 ClientLanguage,
2519 ClientSystemDefaultLanguage,
2520 DisplayName,
2521 LanguageReturned);
2522
2523 return Status;
2524}
2525
2526
2527/* Function 34 */
2529WINAPI
2531 LSAPR_HANDLE *ObjectHandle)
2532{
2533 PLSA_DB_OBJECT DbObject;
2535
2536 TRACE("LsarDeleteObject(%p)\n", ObjectHandle);
2537
2538 if (ObjectHandle == NULL)
2540
2541 /* Validate the ObjectHandle */
2542 Status = LsapValidateDbObject(*ObjectHandle,
2544 DELETE,
2545 &DbObject);
2546 if (!NT_SUCCESS(Status))
2547 {
2548 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
2549 return Status;
2550 }
2551
2552 /* You cannot delete the policy object */
2553 if (DbObject->ObjectType == LsaDbPolicyObject)
2555
2556 /* Delete the database object */
2557 Status = LsapDeleteDbObject(DbObject);
2558 if (!NT_SUCCESS(Status))
2559 {
2560 ERR("LsapDeleteDbObject returned 0x%08lx\n", Status);
2561 return Status;
2562 }
2563
2564 /* Invalidate the object handle */
2565 *ObjectHandle = NULL;
2566
2567 return STATUS_SUCCESS;
2568}
2569
2570
2571/* Function 35 */
2573WINAPI
2575 LSAPR_HANDLE PolicyHandle,
2576 PRPC_UNICODE_STRING UserRight,
2577 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer)
2578{
2579 PLSA_DB_OBJECT PolicyObject;
2580 ACCESS_MASK AccountRight = 0;
2581 PLUID Luid = NULL;
2582 ULONG AccountKeyBufferSize;
2583 PWSTR AccountKeyBuffer = NULL;
2584 HKEY AccountsKeyHandle = NULL;
2585 HKEY AccountKeyHandle = NULL;
2586 HKEY AttributeKeyHandle;
2587 ACCESS_MASK SystemAccess;
2588 PPRIVILEGE_SET PrivilegeSet;
2589 PLSAPR_ACCOUNT_INFORMATION EnumBuffer = NULL, ReturnBuffer;
2590 ULONG SubKeyCount = 0;
2591 ULONG EnumIndex, EnumCount;
2592 ULONG Size, i;
2593 BOOL Found;
2595
2596 TRACE("LsarEnumerateAccountsWithUserRights(%p %wZ %p)\n",
2597 PolicyHandle, UserRight, EnumerationBuffer);
2598
2599 /* Validate the privilege and account right names */
2600 if (UserRight != NULL)
2601 {
2602 Luid = LsarpLookupPrivilegeValue(UserRight);
2603 if (Luid == NULL)
2604 {
2605 AccountRight = LsapLookupAccountRightValue(UserRight);
2606 if (AccountRight == 0)
2608 }
2609 }
2610
2611 if (EnumerationBuffer == NULL)
2613
2614 EnumerationBuffer->EntriesRead = 0;
2615 EnumerationBuffer->Information = NULL;
2616
2617 /* Validate the PolicyHandle */
2618 Status = LsapValidateDbObject(PolicyHandle,
2621 &PolicyObject);
2622 if (!NT_SUCCESS(Status))
2623 {
2624 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
2625 return Status;
2626 }
2627
2628 Status = LsapRegOpenKey(PolicyObject->KeyHandle,
2629 L"Accounts",
2630 KEY_READ,
2631 &AccountsKeyHandle);
2632 if (!NT_SUCCESS(Status))
2633 {
2634 ERR("LsapRegOpenKey returned 0x%08lx\n", Status);
2635 return Status;
2636 }
2637
2638 Status = LsapRegQueryKeyInfo(AccountsKeyHandle,
2639 &SubKeyCount,
2640 &AccountKeyBufferSize,
2641 NULL);
2642 if (!NT_SUCCESS(Status))
2643 {
2644 ERR("LsapRegOpenKey returned 0x%08lx\n", Status);
2645 return Status;
2646 }
2647
2648 AccountKeyBufferSize += sizeof(WCHAR);
2649 AccountKeyBuffer = RtlAllocateHeap(RtlGetProcessHeap(), 0, AccountKeyBufferSize);
2650 if (AccountKeyBuffer == NULL)
2651 {
2653 }
2654
2655 EnumBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
2657 SubKeyCount * sizeof(LSAPR_ACCOUNT_INFORMATION));
2658 if (EnumBuffer == NULL)
2659 {
2661 goto done;
2662 }
2663
2664 EnumCount = 0;
2665 EnumIndex = 0;
2666 while (TRUE)
2667 {
2668 Found = FALSE;
2669
2670 Status = LsapRegEnumerateSubKey(AccountsKeyHandle,
2671 EnumIndex,
2672 AccountKeyBufferSize,
2673 AccountKeyBuffer);
2674 if (!NT_SUCCESS(Status))
2675 {
2678 break;
2679 }
2680
2681 TRACE("EnumIndex: %lu\n", EnumIndex);
2682 TRACE("Account key name: %S\n", AccountKeyBuffer);
2683
2684 Status = LsapRegOpenKey(AccountsKeyHandle,
2685 AccountKeyBuffer,
2686 KEY_READ,
2687 &AccountKeyHandle);
2688 if (NT_SUCCESS(Status))
2689 {
2690 if (Luid != NULL || AccountRight != 0)
2691 {
2692 Status = LsapRegOpenKey(AccountKeyHandle,
2693 (Luid != NULL) ? L"Privilgs" : L"ActSysAc",
2694 KEY_READ,
2695 &AttributeKeyHandle);
2696 if (NT_SUCCESS(Status))
2697 {
2698 if (Luid != NULL)
2699 {
2700 Size = 0;
2701 LsapRegQueryValue(AttributeKeyHandle,
2702 NULL,
2703 NULL,
2704 NULL,
2705 &Size);
2706 if (Size != 0)
2707 {
2708 PrivilegeSet = RtlAllocateHeap(RtlGetProcessHeap(), 0, Size);
2709 if (PrivilegeSet)
2710 {
2711 if (LsapRegQueryValue(AttributeKeyHandle,
2712 NULL,
2713 NULL,
2714 PrivilegeSet,
2715 &Size) == STATUS_SUCCESS)
2716 {
2717 for (i = 0; i < PrivilegeSet->PrivilegeCount; i++)
2718 {
2719 if (RtlEqualLuid(&(PrivilegeSet->Privilege[i].Luid), Luid))
2720 {
2721 TRACE("%S got the privilege!\n", AccountKeyBuffer);
2722 Found = TRUE;
2723 break;
2724 }
2725 }
2726 }
2727
2728 RtlFreeHeap(RtlGetProcessHeap(), 0, PrivilegeSet);
2729 }
2730 }
2731 }
2732 else if (AccountRight != 0)
2733 {
2734 SystemAccess = 0;
2735 Size = sizeof(ACCESS_MASK);
2736 LsapRegQueryValue(AttributeKeyHandle,
2737 NULL,
2738 NULL,
2739 &SystemAccess,
2740 &Size);
2741 if (SystemAccess & AccountRight)
2742 {
2743 TRACE("%S got the account right!\n", AccountKeyBuffer);
2744 Found = TRUE;
2745 }
2746 }
2747
2748 LsapRegCloseKey(AttributeKeyHandle);
2749 }
2750 }
2751 else
2752 {
2753 /* enumerate all accounts */
2754 Found = TRUE;
2755 }
2756
2757 if (Found == TRUE)
2758 {
2759 TRACE("Add account: %S\n", AccountKeyBuffer);
2760
2761 Status = LsapRegOpenKey(AccountKeyHandle,
2762 L"Sid",
2763 KEY_READ,
2764 &AttributeKeyHandle);
2765 if (NT_SUCCESS(Status))
2766 {
2767 Size = 0;
2768 LsapRegQueryValue(AttributeKeyHandle,
2769 NULL,
2770 NULL,
2771 NULL,
2772 &Size);
2773 if (Size != 0)
2774 {
2775 EnumBuffer[EnumCount].Sid = midl_user_allocate(Size);
2776 if (EnumBuffer[EnumCount].Sid != NULL)
2777 {
2778 Status = LsapRegQueryValue(AttributeKeyHandle,
2779 NULL,
2780 NULL,
2781 EnumBuffer[EnumCount].Sid,
2782 &Size);
2783 if (NT_SUCCESS(Status))
2784 {
2785 EnumCount++;
2786 }
2787 else
2788 {
2789 TRACE("SampRegQueryValue returned %08lX\n", Status);
2790 midl_user_free(EnumBuffer[EnumCount].Sid);
2791 EnumBuffer[EnumCount].Sid = NULL;
2792 }
2793 }
2794 }
2795
2796 LsapRegCloseKey(AttributeKeyHandle);
2797 }
2798 }
2799
2800 LsapRegCloseKey(AccountKeyHandle);
2801 }
2802
2803 EnumIndex++;
2804 }
2805
2806 TRACE("EnumCount: %lu\n", EnumCount);
2807
2808 if (NT_SUCCESS(Status) && EnumCount != 0)
2809 {
2810 ReturnBuffer = midl_user_allocate(EnumCount * sizeof(LSAPR_ACCOUNT_INFORMATION));
2811 if (ReturnBuffer == NULL)
2812 {
2814 goto done;
2815 }
2816
2817 RtlCopyMemory(ReturnBuffer,
2818 EnumBuffer,
2819 EnumCount * sizeof(LSAPR_ACCOUNT_INFORMATION));
2820
2821 EnumerationBuffer->EntriesRead = EnumCount;
2822 EnumerationBuffer->Information = ReturnBuffer;
2823 }
2824
2825done:
2826 if (EnumBuffer != NULL)
2827 {
2828 if (Status != STATUS_SUCCESS)
2829 {
2830 for (i = 0; i < EnumCount; i++)
2831 {
2832 if (EnumBuffer[i].Sid != NULL)
2833 midl_user_free(EnumBuffer[i].Sid);
2834 }
2835 }
2836
2837 RtlFreeHeap(RtlGetProcessHeap(), 0, EnumBuffer);
2838 }
2839
2840 if (AccountKeyBuffer != NULL)
2841 RtlFreeHeap(RtlGetProcessHeap(), 0, AccountKeyBuffer);
2842
2843 if (Status == STATUS_SUCCESS && EnumCount == 0)
2845
2846 return Status;
2847}
2848
2849
2850/* Function 36 */
2852WINAPI
2854 LSAPR_HANDLE PolicyHandle,
2855 PRPC_SID AccountSid,
2856 PLSAPR_USER_RIGHT_SET UserRights)
2857{
2858 LSAPR_HANDLE AccountHandle;
2859 PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
2860 PRPC_UNICODE_STRING RightsBuffer = NULL;
2861 PRPC_UNICODE_STRING PrivilegeString;
2862 ACCESS_MASK SystemAccess = 0;
2863 ULONG RightsCount = 0;
2864 ULONG Index;
2865 ULONG i;
2867
2868 TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
2869 PolicyHandle, AccountSid, UserRights);
2870
2871 /* Open the account */
2872 Status = LsarOpenAccount(PolicyHandle,
2873 AccountSid,
2875 &AccountHandle);
2876 if (!NT_SUCCESS(Status))
2877 {
2878 WARN("LsarOpenAccount returned 0x%08lx\n", Status);
2879 return Status;
2880 }
2881
2882 /* Enumerate the privileges */
2883 Status = LsarEnumeratePrivilegesAccount(AccountHandle,
2884 &PrivilegeSet);
2886 {
2887 WARN("LsarEnumeratePrivilegesAccount returned 0x%08lx\n", Status);
2888 goto done;
2889 }
2890
2891 /* Get account rights */
2892 Status = LsarGetSystemAccessAccount(AccountHandle,
2893 &SystemAccess);
2895 {
2896 WARN("LsarGetSystemAccessAccount returned 0x%08lx\n", Status);
2897 goto done;
2898 }
2899
2900 RightsCount = PrivilegeSet->PrivilegeCount;
2901
2902 /* Count account rights */
2903 for (i = 0; i < sizeof(ACCESS_MASK) * 8; i++)
2904 {
2905 if (SystemAccess & (1 << i))
2906 RightsCount++;
2907 }
2908
2909 /* We are done if there are no rights to be enumerated */
2910 if (RightsCount == 0)
2911 {
2912 UserRights->Entries = 0;
2913 UserRights->UserRights = NULL;
2915 goto done;
2916 }
2917
2918 /* Allocate a buffer for the account rights */
2919 RightsBuffer = MIDL_user_allocate(RightsCount * sizeof(RPC_UNICODE_STRING));
2920 if (RightsBuffer == NULL)
2921 {
2923 goto done;
2924 }
2925
2926 /* Copy the privileges into the buffer */
2927 Index = 0;
2928 if (PrivilegeSet)
2929 {
2930 for (i = 0; i < PrivilegeSet->PrivilegeCount; i++)
2931 {
2932 PrivilegeString = NULL;
2933 Status = LsarLookupPrivilegeName(PolicyHandle,
2934 (PLUID)&PrivilegeSet->Privilege[i].Luid,
2935 &PrivilegeString);
2936 if (!NT_SUCCESS(Status))
2937 {
2938 WARN("LsarLookupPrivilegeName returned 0x%08lx\n", Status);
2939 goto done;
2940 }
2941
2942 RightsBuffer[Index].Length = PrivilegeString->Length;
2943 RightsBuffer[Index].MaximumLength = PrivilegeString->MaximumLength;
2944 RightsBuffer[Index].Buffer = PrivilegeString->Buffer;
2945
2946 MIDL_user_free(PrivilegeString);
2947 Index++;
2948 }
2949 }
2950
2951 /* Copy account rights into the buffer */
2952 for (i = 0; i < sizeof(ACCESS_MASK) * 8; i++)
2953 {
2954 if (SystemAccess & (1 << i))
2955 {
2957 &PrivilegeString);
2958 if (!NT_SUCCESS(Status))
2959 {
2960 WARN("LsarLookupAccountRightName returned 0x%08lx\n", Status);
2961 goto done;
2962 }
2963
2964 RightsBuffer[Index].Length = PrivilegeString->Length;
2965 RightsBuffer[Index].MaximumLength = PrivilegeString->MaximumLength;
2966 RightsBuffer[Index].Buffer = PrivilegeString->Buffer;
2967
2968 MIDL_user_free(PrivilegeString);
2969 Index++;
2970 }
2971 }
2972
2973 UserRights->Entries = RightsCount;
2974 UserRights->UserRights = (PRPC_UNICODE_STRING)RightsBuffer;
2975
2976done:
2977 if (!NT_SUCCESS(Status))
2978 {
2979 if (RightsBuffer != NULL)
2980 {
2981 for (Index = 0; Index < RightsCount; Index++)
2982 {
2983 if (RightsBuffer[Index].Buffer != NULL)
2984 MIDL_user_free(RightsBuffer[Index].Buffer);
2985 }
2986
2987 MIDL_user_free(RightsBuffer);
2988 }
2989 }
2990
2991 if (PrivilegeSet != NULL)
2992 MIDL_user_free(PrivilegeSet);
2993
2994 LsarClose(&AccountHandle);
2995
2996 return Status;
2997}
2998
2999
3000/* Function 37 */
3002WINAPI
3004 LSAPR_HANDLE PolicyHandle,
3005 PRPC_SID AccountSid,
3006 PLSAPR_USER_RIGHT_SET UserRights)
3007{
3008 PLSA_DB_OBJECT PolicyObject;
3009 PLSA_DB_OBJECT AccountObject = NULL;
3010 ULONG ulNewPrivileges = 0, ulNewRights = 0;
3011 ACCESS_MASK SystemAccess = 0;
3012 ULONG Size, Value, i, j;
3013 PPRIVILEGE_SET PrivilegeSet = NULL;
3014 ULONG PrivilegeSetBufferSize = 0;
3015 ULONG PrivilegeCount;
3016 BOOLEAN bFound;
3017 PLUID pLuid;
3019
3020 TRACE("LsarAddAccountRights(%p %p %p)\n",
3021 PolicyHandle, AccountSid, UserRights);
3022
3023 /* Validate the AccountSid */
3024 if (!RtlValidSid(AccountSid))
3026
3027 /* Validate the UserRights */
3028 if (UserRights == NULL)
3030
3031 /* Validate the privilege and account right names */
3032 for (i = 0; i < UserRights->Entries; i++)
3033 {
3034 if (LsarpLookupPrivilegeValue(&UserRights->UserRights[i]) != NULL)
3035 {
3036 ulNewPrivileges++;
3037 }
3038 else
3039 {
3040 if (LsapLookupAccountRightValue(&UserRights->UserRights[i]) == 0)
3042
3043 ulNewRights++;
3044 }
3045 }
3046
3047 TRACE("ulNewPrivileges: %lu\n", ulNewPrivileges);
3048 TRACE("ulNewRights: %lu\n", ulNewRights);
3049
3050 /* Validate the PolicyHandle */
3051 Status = LsapValidateDbObject(PolicyHandle,
3054 &PolicyObject);
3055 if (!NT_SUCCESS(Status))
3056 {
3057 WARN("LsapValidateDbObject returned 0x%08lx\n", Status);
3058 return Status;
3059 }
3060
3061 /* Open the account */
3062 Status = LsarpOpenAccount(PolicyObject,
3063 AccountSid,
3064 0,
3065 &AccountObject);
3067 {
3068 WARN("LsarpOpenAccount returned 0x%08lx\n", Status);
3069 goto done;
3070 }
3072 {
3073 /* Create a new account if it does not yet exist */
3074 Status = LsarpCreateAccount(PolicyObject,
3075 AccountSid,
3076 0,
3077 &AccountObject);
3078 if (!NT_SUCCESS(Status))
3079 {
3080 WARN("LsarpCreateAccount returned 0x%08lx\n", Status);
3081 goto done;
3082 }
3083 }
3084
3085 if (ulNewPrivileges > 0)
3086 {
3087 Size = 0;
3088
3089 /* Get the size of the Privilgs attribute */
3090 Status = LsapGetObjectAttribute(AccountObject,
3091 L"Privilgs",
3092 NULL,
3093 &Size);
3095 goto done;
3096
3097 /* Calculate the required privilege set buffer size */
3098 if (Size == 0)
3099 PrivilegeSetBufferSize = sizeof(PRIVILEGE_SET) +
3100 (ulNewPrivileges - 1) * sizeof(LUID_AND_ATTRIBUTES);
3101 else
3102 PrivilegeSetBufferSize = Size +
3103 ulNewPrivileges * sizeof(LUID_AND_ATTRIBUTES);
3104
3105 /* Allocate the privilege set buffer */
3106 PrivilegeSet = RtlAllocateHeap(RtlGetProcessHeap(),
3108 PrivilegeSetBufferSize);
3109 if (PrivilegeSet == NULL)
3110 return STATUS_NO_MEMORY;
3111
3112 /* Get the privilege set */
3113 if (Size != 0)
3114 {
3115 Status = LsapGetObjectAttribute(AccountObject,
3116 L"Privilgs",
3117 PrivilegeSet,
3118 &Size);
3119 if (!NT_SUCCESS(Status))
3120 {
3121 WARN("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
3122 goto done;
3123 }
3124 }
3125
3126 PrivilegeCount = PrivilegeSet->PrivilegeCount;
3127 TRACE("Privilege count: %lu\n", PrivilegeCount);
3128
3129 for (i = 0; i < UserRights->Entries; i++)
3130 {
3131 pLuid = LsarpLookupPrivilegeValue(&UserRights->UserRights[i]);
3132 if (pLuid == NULL)
3133 continue;
3134
3135 bFound = FALSE;
3136 for (j = 0; j < PrivilegeSet->PrivilegeCount; j++)
3137 {
3138 if (RtlEqualLuid(&(PrivilegeSet->Privilege[j].Luid), pLuid))
3139 {
3140 bFound = TRUE;
3141 break;
3142 }
3143 }
3144
3145 if (bFound == FALSE)
3146 {
3147 /* Copy the new privilege */
3148 RtlCopyMemory(&(PrivilegeSet->Privilege[PrivilegeSet->PrivilegeCount]),
3149 pLuid,
3150 sizeof(LUID));
3151 PrivilegeSet->PrivilegeCount++;
3152 }
3153 }
3154
3155 /* Store the extended privilege set */
3156 if (PrivilegeCount != PrivilegeSet->PrivilegeCount)
3157 {
3158 Size = sizeof(PRIVILEGE_SET) +
3159 (PrivilegeSet->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
3160
3161 Status = LsapSetObjectAttribute(AccountObject,
3162 L"Privilgs",
3163 PrivilegeSet,
3164 Size);
3165 if (!NT_SUCCESS(Status))
3166 {
3167 WARN("LsapSetObjectAttribute() failed (Status 0x%08lx)\n", Status);
3168 goto done;
3169 }
3170 }
3171 }
3172
3173 if (ulNewRights > 0)
3174 {
3175 Size = sizeof(ACCESS_MASK);
3176
3177 /* Get the system access flags, if the attribute exists */
3178 Status = LsapGetObjectAttribute(AccountObject,
3179 L"ActSysAc",
3180 &SystemAccess,
3181 &Size);
3183 goto done;
3184
3185 /* Set the new access rights */
3186 for (i = 0; i < UserRights->Entries; i++)
3187 {
3189 if (Value != 0)
3190 SystemAccess |= Value;
3191 }
3192
3193 /* Set the system access flags */
3194 Status = LsapSetObjectAttribute(AccountObject,
3195 L"ActSysAc",
3196 &SystemAccess,
3197 sizeof(ACCESS_MASK));
3198 }
3199
3200done:
3201 if (PrivilegeSet != NULL)
3202 RtlFreeHeap(RtlGetProcessHeap(), 0, PrivilegeSet);
3203
3204 if (AccountObject != NULL)
3205 LsapCloseDbObject(AccountObject);
3206
3207 return Status;
3208}
3209
3210
3211/* Function 38 */
3213WINAPI
3215 LSAPR_HANDLE PolicyHandle,
3216 PRPC_SID AccountSid,
3217 BOOLEAN AllRights,
3218 PLSAPR_USER_RIGHT_SET UserRights)
3219{
3220 PLSA_DB_OBJECT PolicyObject;
3221 PLSA_DB_OBJECT AccountObject = NULL;
3222 ULONG PrivilegesToRemove = 0, RightsToRemove = 0;
3223 ACCESS_MASK SystemAccess = 0;
3224 ULONG Size, Value, i, j, Index;
3225 PPRIVILEGE_SET PrivilegeSet = NULL;
3226 ULONG PrivilegeCount;
3227 PLUID pLuid;
3229
3230 TRACE("LsarRemoveAccountRights(%p %p %lu %p)\n",
3231 PolicyHandle, AccountSid, AllRights, UserRights);
3232
3233 /* Validate the AccountSid */
3234 if (!RtlValidSid(AccountSid))
3236
3237 /* Validate the UserRights */
3238 if (UserRights == NULL)
3240
3241 /* Validate the privilege and account right names */
3242 for (i = 0; i < UserRights->Entries; i++)
3243 {
3244 if (LsarpLookupPrivilegeValue(&UserRights->UserRights[i]) != NULL)
3245 {
3246 PrivilegesToRemove++;
3247 }
3248 else
3249 {
3250 if (LsapLookupAccountRightValue(&UserRights->UserRights[i]) == 0)
3252
3253 RightsToRemove++;
3254 }
3255 }
3256
3257 /* Validate the PolicyHandle */
3258 Status = LsapValidateDbObject(PolicyHandle,
3261 &PolicyObject);
3262 if (!NT_SUCCESS(Status))
3263 {
3264 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
3265 return Status;
3266 }
3267
3268 /* Open the account */
3269 Status = LsarpOpenAccount(PolicyObject,
3270 AccountSid,
3271 0,
3272 &AccountObject);
3274 {
3275 ERR("LsarpOpenAccount returned 0x%08lx\n", Status);
3276 goto done;
3277 }
3278
3279 if (AllRights == FALSE)
3280 {
3281 /* Get the size of the Privilgs attribute */
3282 Size = 0;
3283 Status = LsapGetObjectAttribute(AccountObject,
3284 L"Privilgs",
3285 NULL,
3286 &Size);
3288 goto done;
3289
3290 if ((Size != 0) && (PrivilegesToRemove != 0))
3291 {
3292 /* Allocate the privilege set buffer */
3293 PrivilegeSet = RtlAllocateHeap(RtlGetProcessHeap(),
3295 Size);
3296 if (PrivilegeSet == NULL)
3297 return STATUS_NO_MEMORY;
3298
3299 /* Get the privilege set */
3300 Status = LsapGetObjectAttribute(AccountObject,
3301 L"Privilgs",
3302 PrivilegeSet,
3303 &Size);
3304 if (!NT_SUCCESS(Status))
3305 {
3306 ERR("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
3307 goto done;
3308 }
3309
3310 PrivilegeCount = PrivilegeSet->PrivilegeCount;
3311
3312 for (i = 0; i < UserRights->Entries; i++)
3313 {
3314 pLuid = LsarpLookupPrivilegeValue(&UserRights->UserRights[i]);
3315 if (pLuid == NULL)
3316 continue;
3317
3318 Index = -1;
3319 for (j = 0; j < PrivilegeSet->PrivilegeCount; j++)
3320 {
3321 if (RtlEqualLuid(&(PrivilegeSet->Privilege[j].Luid), pLuid))
3322 {
3323 Index = j;
3324 break;
3325 }
3326 }
3327
3328 if (Index != -1)
3329 {
3330 /* Remove the privilege */
3331 if ((PrivilegeSet->PrivilegeCount > 1) &&
3332 (Index < PrivilegeSet->PrivilegeCount - 1))
3333 RtlMoveMemory(&(PrivilegeSet->Privilege[Index]),
3334 &(PrivilegeSet->Privilege[Index + 1]),
3335 (Index - PrivilegeSet->PrivilegeCount - 1) * sizeof(LUID));
3336
3337 /* Wipe the last entry */
3338 RtlZeroMemory(&(PrivilegeSet->Privilege[PrivilegeSet->PrivilegeCount - 1]),
3339 sizeof(LUID));
3340
3341 PrivilegeSet->PrivilegeCount--;
3342 }
3343 }
3344
3345 /* Store the extended privilege set */
3346 if (PrivilegeCount != PrivilegeSet->PrivilegeCount)
3347 {
3348 Size = sizeof(PRIVILEGE_SET) +
3349 (PrivilegeSet->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
3350
3351 Status = LsapSetObjectAttribute(AccountObject,
3352 L"Privilgs",
3353 PrivilegeSet,
3354 Size);
3355 if (!NT_SUCCESS(Status))
3356 {
3357 ERR("LsapSetObjectAttribute() failed (Status 0x%08lx)\n", Status);
3358 goto done;
3359 }
3360 }
3361 }
3362
3363 /* Get the system access flags, if the attribute exists */
3364 Size = 0;
3365 Status = LsapGetObjectAttribute(AccountObject,
3366 L"ActSysAc",
3367 &SystemAccess,
3368 &Size);
3370 goto done;
3371
3372 if ((Size != 0) && (RightsToRemove != 0))
3373 {
3374 ERR("Rights: 0x%lx\n", SystemAccess);
3375
3376 /* Set the new access rights */
3377 for (i = 0; i < UserRights->Entries; i++)
3378 {
3380 if (Value != 0)
3381 SystemAccess &= ~Value;
3382 }
3383 ERR("New Rights: 0x%lx\n", SystemAccess);
3384
3385 /* Set the system access flags */
3386 Status = LsapSetObjectAttribute(AccountObject,
3387 L"ActSysAc",
3388 &SystemAccess,
3389 sizeof(ACCESS_MASK));
3390 }
3391 }
3392 else
3393 {
3394 }
3395
3396done:
3397 if (PrivilegeSet != NULL)
3398 RtlFreeHeap(RtlGetProcessHeap(), 0, PrivilegeSet);
3399
3400 if (AccountObject != NULL)
3401 LsapCloseDbObject(AccountObject);
3402
3403 return Status;
3404}
3405
3406
3407/* Function 39 */
3409WINAPI
3411 LSAPR_HANDLE PolicyHandle,
3412 PRPC_SID TrustedDomainSid,
3414 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
3415{
3416 /* Fail, if we are not a domain controller */
3419
3422}
3423
3424
3425/* Function 40 */
3427WINAPI
3429 LSAPR_HANDLE PolicyHandle,
3430 PRPC_SID TrustedDomainSid,
3432 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
3433{
3434 /* Fail, if we are not a domain controller */
3437
3440}
3441
3442
3443/* Function 41 */
3445WINAPI
3447 LSAPR_HANDLE PolicyHandle,
3448 PRPC_SID TrustedDomainSid)
3449{
3450 /* Fail, if we are not a domain controller */
3453
3456}
3457
3458
3459/* Function 42 */
3461WINAPI
3463 LSAPR_HANDLE PolicyHandle,
3465 PLSAPR_CR_CIPHER_VALUE EncryptedData)
3466{
3467 PLSA_DB_OBJECT PolicyObject = NULL;
3468 PLSA_DB_OBJECT SecretsObject = NULL;
3469 PLSA_DB_OBJECT SecretObject = NULL;
3471 PBYTE Value = NULL;
3472 ULONG ValueLength = 0;
3474
3475 TRACE("LsarStorePrivateData(%p %p %p)\n",
3476 PolicyHandle, KeyName, EncryptedData);
3477
3478 /* Validate the SecretHandle */
3479 Status = LsapValidateDbObject(PolicyHandle,
3482 &PolicyObject);
3483 if (!NT_SUCCESS(Status))
3484 {
3485 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
3486 return Status;
3487 }
3488
3489 /* Open the 'Secrets' object */
3490 Status = LsapOpenDbObject(PolicyObject,
3491 NULL,
3492 L"Secrets",
3494 0,
3495 PolicyObject->Trusted,
3496 &SecretsObject);
3497 if (!NT_SUCCESS(Status))
3498 {
3499 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
3500 goto done;
3501 }
3502
3503 if (EncryptedData == NULL)
3504 {
3505 /* Open the Secret object */
3506 Status = LsapOpenDbObject(SecretsObject,
3507 NULL,
3508 KeyName->Buffer,
3510 0,
3511 PolicyObject->Trusted,
3512 &SecretObject);
3513 if (!NT_SUCCESS(Status))
3514 {
3515 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
3516 goto done;
3517 }
3518
3519 /* Delete the secret */
3520 Status = LsapDeleteDbObject(SecretObject);
3521 if (NT_SUCCESS(Status))
3522 SecretObject = NULL;
3523 }
3524 else
3525 {
3526 /* Create the Secret object */
3527 Status = LsapCreateDbObject(SecretsObject,
3528 NULL,
3529 KeyName->Buffer,
3531 0,
3532 PolicyObject->Trusted,
3533 &SecretObject);
3534 if (!NT_SUCCESS(Status))
3535 {
3536 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
3537 goto done;
3538 }
3539
3540 /* FIXME: Decrypt data */
3541 Value = EncryptedData->Buffer;
3542 ValueLength = EncryptedData->MaximumLength;
3543
3544 /* Get the current time */
3546 if (!NT_SUCCESS(Status))
3547 {
3548 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
3549 goto done;
3550 }
3551
3552 /* Set the current value */
3553 Status = LsapSetObjectAttribute(SecretObject,
3554 L"CurrentValue",
3555 Value,
3556 ValueLength);
3557 if (!NT_SUCCESS(Status))
3558 {
3559 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
3560 goto done;
3561 }
3562
3563 /* Set the current time */
3564 Status = LsapSetObjectAttribute(SecretObject,
3565 L"CurrentTime",
3566 &Time,
3567 sizeof(LARGE_INTEGER));
3568 if (!NT_SUCCESS(Status))
3569 {
3570 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
3571 goto done;
3572 }
3573
3574 /* Get the current time */
3576 if (!NT_SUCCESS(Status))
3577 {
3578 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
3579 goto done;
3580 }
3581
3582 /* Set the old value */
3583 Status = LsapSetObjectAttribute(SecretObject,
3584 L"OldValue",
3585 NULL,
3586 0);
3587 if (!NT_SUCCESS(Status))
3588 {
3589 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
3590 goto done;
3591 }
3592
3593 /* Set the old time */
3594 Status = LsapSetObjectAttribute(SecretObject,
3595 L"OldTime",
3596 &Time,
3597 sizeof(LARGE_INTEGER));
3598 if (!NT_SUCCESS(Status))
3599 {
3600 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
3601 }
3602 }
3603
3604done:
3605 if (SecretObject != NULL)
3606 LsapCloseDbObject(SecretObject);
3607
3608 if (SecretsObject != NULL)
3609 LsapCloseDbObject(SecretsObject);
3610
3611 return Status;
3612}
3613
3614
3615/* Function 43 */
3617WINAPI
3619 LSAPR_HANDLE PolicyHandle,
3621 PLSAPR_CR_CIPHER_VALUE *EncryptedData)
3622{
3623 PLSA_DB_OBJECT PolicyObject = NULL;
3624 PLSA_DB_OBJECT SecretObject = NULL;
3625 PLSAPR_CR_CIPHER_VALUE EncCurrentValue = NULL;
3626 ULONG CurrentValueLength = 0;
3627 PBYTE CurrentValue = NULL;
3629
3630 TRACE("LsarRetrievePrivateData(%p %wZ %p)\n",
3631 PolicyHandle, KeyName, EncryptedData);
3632
3633 /* Validate the SecretHandle */
3634 Status = LsapValidateDbObject(PolicyHandle,
3637 &PolicyObject);
3638 if (!NT_SUCCESS(Status))
3639 {
3640 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
3641 return Status;
3642 }
3643
3644 /* Open the secret object */
3645 Status = LsapOpenDbObject(PolicyObject,
3646 L"Secrets",
3647 KeyName->Buffer,
3649 0,
3650 PolicyObject->Trusted,
3651 &SecretObject);
3652 if (!NT_SUCCESS(Status))
3653 {
3654 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
3655 goto done;
3656 }
3657
3658 /* Get the size of the current value */
3659 Status = LsapGetObjectAttribute(SecretObject,
3660 L"CurrentValue",
3661 NULL,
3662 &CurrentValueLength);
3663 if (!NT_SUCCESS(Status))
3664 goto done;
3665
3666 /* Allocate a buffer for the current value */
3667 CurrentValue = midl_user_allocate(CurrentValueLength);
3668 if (CurrentValue == NULL)
3669 {
3671 goto done;
3672 }
3673
3674 /* Get the current value */
3675 Status = LsapGetObjectAttribute(SecretObject,
3676 L"CurrentValue",
3677 CurrentValue,
3678 &CurrentValueLength);
3679 if (!NT_SUCCESS(Status))
3680 goto done;
3681
3682 /* Allocate a buffer for the encrypted current value */
3683 EncCurrentValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE) + CurrentValueLength);
3684 if (EncCurrentValue == NULL)
3685 {
3687 goto done;
3688 }
3689
3690 /* FIXME: Encrypt the current value */
3691 EncCurrentValue->Length = (USHORT)(CurrentValueLength - sizeof(WCHAR));
3692 EncCurrentValue->MaximumLength = (USHORT)CurrentValueLength;
3693 EncCurrentValue->Buffer = (PBYTE)(EncCurrentValue + 1);
3694 RtlCopyMemory(EncCurrentValue->Buffer,
3695 CurrentValue,
3696 CurrentValueLength);
3697
3698done:
3699 if (NT_SUCCESS(Status))
3700 {
3701 if (EncryptedData != NULL)
3702 *EncryptedData = EncCurrentValue;
3703 }
3704 else
3705 {
3706 if (EncryptedData != NULL)
3707 *EncryptedData = NULL;
3708
3709 if (EncCurrentValue != NULL)
3710 midl_user_free(EncCurrentValue);
3711 }
3712
3713 if (SecretObject != NULL)
3714 LsapCloseDbObject(SecretObject);
3715
3716 return Status;
3717}
3718
3719
3720/* Function 44 */
3722WINAPI
3724 LPWSTR SystemName,
3727 LSAPR_HANDLE *PolicyHandle)
3728{
3729 return LsarOpenPolicy(SystemName,
3732 PolicyHandle);
3733}
3734
3735
3736/* Function 45 */
3738WINAPI
3740 LPWSTR SystemName,
3741 PRPC_UNICODE_STRING *UserName,
3742 PRPC_UNICODE_STRING *DomainName)
3743{
3746}
3747
3748
3749/* Function 46 */
3751WINAPI
3753 LSAPR_HANDLE PolicyHandle,
3755 PLSAPR_POLICY_INFORMATION *PolicyInformation)
3756{
3757 return LsarQueryInformationPolicy(PolicyHandle,
3759 PolicyInformation);
3760}
3761
3762
3763/* Function 47 */
3765WINAPI
3767 LSAPR_HANDLE PolicyHandle,
3769 PLSAPR_POLICY_INFORMATION PolicyInformation)
3770{
3771 return LsarSetInformationPolicy(PolicyHandle,
3773 PolicyInformation);
3774}
3775
3776
3777/* Function 48 */
3779WINAPI
3781 LSAPR_HANDLE PolicyHandle,
3782 PRPC_UNICODE_STRING TrustedDomainName,
3784 PLSAPR_TRUSTED_DOMAIN_INFO *PolicyInformation)
3785{
3786 /* Fail, if we are not a domain controller */
3789
3790 /* FIXME: We are not running an AD yet */
3792}
3793
3794
3795/* Function 49 */
3797WINAPI
3799 LSAPR_HANDLE PolicyHandle,
3800 PRPC_UNICODE_STRING TrustedDomainName,
3802 PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation)
3803{
3804 /* Fail, if we are not a domain controller */
3807
3808 /* FIXME: We are not running an AD yet */
3810}
3811
3812
3813/* Function 50 */
3815WINAPI
3817 LSAPR_HANDLE PolicyHandle,
3818 DWORD *EnumerationContext,
3819 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer,
3820 DWORD PreferedMaximumLength)
3821{
3822 /* Fail, if we are not a domain controller */
3825
3826 /* FIXME: We are not running an AD yet */
3827 EnumerationBuffer->EntriesRead = 0;
3828 EnumerationBuffer->EnumerationBuffer = NULL;
3830}
3831
3832
3833/* Function 51 */
3835WINAPI
3837 LSAPR_HANDLE PolicyHandle,
3838 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
3839 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation,
3841 LSAPR_HANDLE *TrustedDomainHandle)
3842{
3843 /* Fail, if we are not a domain controller */
3846
3849}
3850
3851
3852/* Function 52 */
3854WINAPI
3856 PLSAPR_HANDLE PolicyHandle)
3857{
3858 /* Deprecated */
3860}
3861
3862
3863/* Function 53 */
3865WINAPI
3867 LSAPR_HANDLE PolicyHandle,
3869 PLSAPR_POLICY_DOMAIN_INFORMATION *PolicyInformation)
3870{
3873}
3874
3875
3876/* Function 54 */
3878WINAPI
3880 LSAPR_HANDLE PolicyHandle,
3882 PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation)
3883{
3886}
3887
3888
3889/* Function 55 */
3891WINAPI
3893 LSAPR_HANDLE PolicyHandle,
3894 PRPC_UNICODE_STRING TrustedDomainName,
3896 LSAPR_HANDLE *TrustedDomainHandle)
3897{
3898 /* Fail, if we are not a domain controller */
3901
3904}
3905
3906
3907/* Function 56 */
3909WINAPI
3912{
3915}
3916
3917
3918/* Function 57 */
3920WINAPI
3922 LSAPR_HANDLE PolicyHandle,
3923 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
3924 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
3925 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
3926 LSAP_LOOKUP_LEVEL LookupLevel,
3927 DWORD *MappedCount,
3928 DWORD LookupOptions,
3929 DWORD ClientRevision)
3930{
3932
3933 TRACE("LsarLookupSids2(%p %p %p %p %d %p %lu %lu)\n",
3934 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
3935 LookupLevel, MappedCount, LookupOptions, ClientRevision);
3936
3937 TranslatedNames->Entries = SidEnumBuffer->Entries;
3938 TranslatedNames->Names = NULL;
3939 *ReferencedDomains = NULL;
3940
3941 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
3942
3943 Status = LsapLookupSids(SidEnumBuffer,
3944 ReferencedDomains,
3945 TranslatedNames,
3946 LookupLevel,
3947 MappedCount,
3948 LookupOptions,
3949 ClientRevision);
3950
3951 return Status;
3952}
3953
3954
3955/* Function 58 */
3957WINAPI
3959 LSAPR_HANDLE PolicyHandle,
3960 DWORD Count,
3962 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
3963 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids,
3964 LSAP_LOOKUP_LEVEL LookupLevel,
3965 DWORD *MappedCount,
3966 DWORD LookupOptions,
3967 DWORD ClientRevision)
3968{
3969 LSAPR_TRANSLATED_SIDS_EX2 TranslatedSidsEx2;
3970 ULONG i;
3972
3973 TRACE("LsarLookupNames2(%p %lu %p %p %p %d %p %lu %lu)\n",
3974 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
3975 LookupLevel, MappedCount, LookupOptions, ClientRevision);
3976
3977 TranslatedSids->Entries = 0;
3978 TranslatedSids->Sids = NULL;
3979 *ReferencedDomains = NULL;
3980
3981 if (Count == 0)
3982 return STATUS_NONE_MAPPED;
3983
3984 TranslatedSidsEx2.Entries = 0;
3985 TranslatedSidsEx2.Sids = NULL;
3986
3988 Names,
3989 ReferencedDomains,
3990 &TranslatedSidsEx2,
3991 LookupLevel,
3992 MappedCount,
3993 LookupOptions,
3994 ClientRevision);
3995 if (!NT_SUCCESS(Status))
3996 return Status;
3997
3998 TranslatedSids->Entries = TranslatedSidsEx2.Entries;
3999 TranslatedSids->Sids = MIDL_user_allocate(TranslatedSids->Entries * sizeof(LSA_TRANSLATED_SID));
4000 if (TranslatedSids->Sids == NULL)
4001 {
4002 MIDL_user_free(TranslatedSidsEx2.Sids);
4003 MIDL_user_free(*ReferencedDomains);
4004 *ReferencedDomains = NULL;
4006 }
4007
4008 for (i = 0; i < TranslatedSidsEx2.Entries; i++)
4009 {
4010 TranslatedSids->Sids[i].Use = TranslatedSidsEx2.Sids[i].Use;
4011 TranslatedSids->Sids[i].RelativeId = LsapGetRelativeIdFromSid(TranslatedSidsEx2.Sids[i].Sid);
4012 TranslatedSids->Sids[i].DomainIndex = TranslatedSidsEx2.Sids[i].DomainIndex;
4013 TranslatedSids->Sids[i].Flags = TranslatedSidsEx2.Sids[i].Flags;
4014 }
4015
4016 MIDL_user_free(TranslatedSidsEx2.Sids);
4017
4018 return STATUS_SUCCESS;
4019}
4020
4021
4022/* Function 59 */
4024WINAPI
4026 LSAPR_HANDLE PolicyHandle,
4027 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
4028 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation,
4030 LSAPR_HANDLE *TrustedDomainHandle)
4031{
4032 /* Fail, if we are not a domain controller */
4035
4038}
4039
4040
4041/* Function 60 */
4043WINAPI
4045 PLSAPR_SERVER_NAME SystemName)
4046{
4049}
4050
4051
4052/* Function 61 */
4054WINAPI
4056 PLSAPR_SERVER_NAME SystemName)
4057{
4060}
4061
4062
4063/* Function 62 */
4065WINAPI
4067 PLSAPR_SERVER_NAME SystemName)
4068{
4071}
4072
4073
4074/* Function 63 */
4076WINAPI
4078 PLSAPR_SERVER_NAME SystemName)
4079{
4082}
4083
4084
4085/* Function 64 */
4087WINAPI
4089 PLSAPR_SERVER_NAME SystemName)
4090{
4093}
4094
4095
4096/* Function 65 */
4098WINAPI
4100 PLSAPR_SERVER_NAME SystemName,
4102 DWORD Type,
4103 DWORD Flags)
4104{
4107}
4108
4109
4110/* Function 66 */
4112WINAPI
4114 PLSAPR_SERVER_NAME SystemName,
4116 DWORD Flags,
4117 CREDPR_TARGET_INFORMATION *TargetInformation)
4118{
4121}
4122
4123
4124/* Function 67 */
4126WINAPI
4128 PLSAPR_SERVER_NAME SystemName)
4129{
4132}
4133
4134
4135/* Function 68 */
4137WINAPI
4139 LSAPR_HANDLE PolicyHandle,
4140 DWORD Count,
4142 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
4143 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
4144 LSAP_LOOKUP_LEVEL LookupLevel,
4145 DWORD *MappedCount,
4146 DWORD LookupOptions,
4147 DWORD ClientRevision)
4148{
4150
4151 TRACE("LsarLookupNames3(%p %lu %p %p %p %d %p %lu %lu)\n",
4152 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
4153 LookupLevel, MappedCount, LookupOptions, ClientRevision);
4154
4155 TranslatedSids->Entries = 0;
4156 TranslatedSids->Sids = NULL;
4157 *ReferencedDomains = NULL;
4158
4159 if (Count == 0)
4160 return STATUS_NONE_MAPPED;
4161
4163 Names,
4164 ReferencedDomains,
4165 TranslatedSids,
4166 LookupLevel,
4167 MappedCount,
4168 LookupOptions,
4169 ClientRevision);
4170
4171 return Status;
4172}
4173
4174
4175/* Function 69 */
4177WINAPI
4179 PLSAPR_SERVER_NAME SystemName,
4180 DWORD MaximumPersistCount,
4181 DWORD *MaximumPersist)
4182{
4185}
4186
4187
4188/* Function 70 */
4190WINAPI
4193{
4196}
4197
4198
4199/* Function 71 */
4201WINAPI
4204{
4207}
4208
4209
4210/* Function 72 */
4212WINAPI
4215{
4218}
4219
4220
4221/* Function 73 */
4223WINAPI
4225 LSAPR_HANDLE PolicyHandle,
4226 PLSA_UNICODE_STRING TrustedDomainName,
4227 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
4228 PLSA_FOREST_TRUST_INFORMATION *ForestTrustInfo)
4229{
4232}
4233
4234
4235/* Function 74 */
4237WINAPI
4239 LSAPR_HANDLE PolicyHandle,
4240 PLSA_UNICODE_STRING TrustedDomainName,
4241 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
4242 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo,
4243 BOOLEAN CheckOnly,
4245{
4248}
4249
4250
4251/* Function 75 */
4253WINAPI
4255 PLSAPR_SERVER_NAME SystemName,
4256 LPWSTR OldTargetName,
4257 LPWSTR NewTargetName,
4258 DWORD Type,
4259 DWORD Flags)
4260{
4263}
4264
4265
4266/* Function 76 */
4268WINAPI
4270 LSAPR_HANDLE PolicyHandle,
4271 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
4272 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
4273 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
4274 LSAP_LOOKUP_LEVEL LookupLevel,
4275 DWORD *MappedCount,
4276 DWORD LookupOptions,
4277 DWORD ClientRevision)
4278{
4280
4281 TRACE("LsarLookupSids3(%p %p %p %p %d %p %lu %lu)\n",
4282 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
4283 LookupLevel, MappedCount, LookupOptions, ClientRevision);
4284
4285 TranslatedNames->Entries = SidEnumBuffer->Entries;
4286 TranslatedNames->Names = NULL;
4287 *ReferencedDomains = NULL;
4288
4289 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
4290
4291 Status = LsapLookupSids(SidEnumBuffer,
4292 ReferencedDomains,
4293 TranslatedNames,
4294 LookupLevel,
4295 MappedCount,
4296 LookupOptions,
4297 ClientRevision);
4298
4299 return Status;
4300}
4301
4302
4303/* Function 77 */
4305WINAPI
4307 handle_t RpcHandle,
4308 DWORD Count,
4310 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
4311 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
4312 LSAP_LOOKUP_LEVEL LookupLevel,
4313 DWORD *MappedCount,
4314 DWORD LookupOptions,
4315 DWORD ClientRevision)
4316{
4318
4319 TRACE("LsarLookupNames4(%p %lu %p %p %p %d %p %lu %lu)\n",
4320 RpcHandle, Count, Names, ReferencedDomains, TranslatedSids,
4321 LookupLevel, MappedCount, LookupOptions, ClientRevision);
4322
4323 TranslatedSids->Entries = 0;
4324 TranslatedSids->Sids = NULL;
4325 *ReferencedDomains = NULL;
4326
4327 if (Count == 0)
4328 return STATUS_NONE_MAPPED;
4329
4331 Names,
4332 ReferencedDomains,
4333 TranslatedSids,
4334 LookupLevel,
4335 MappedCount,
4336 LookupOptions,
4337 ClientRevision);
4338
4339 return Status;
4340}
4341
4342
4343/* Function 78 */
4345WINAPI
4347 LPWSTR SystemName,
4350 LSAPR_HANDLE *PolicyHandle)
4351{
4354}
4355
4356
4357/* Function 79 */
4359WINAPI
4362{
4365}
4366
4367
4368/* Function 80 */
4370WINAPI
4373{
4376}
4377
4378
4379/* Function 81 */
4381WINAPI
4384{
4387}
4388
4389/* EOF */
unsigned char BOOLEAN
PWSTR Names[]
Type
Definition: Type.h:7
LONG NTSTATUS
Definition: precomp.h:26
#define UNIMPLEMENTED
Definition: debug.h:115
#define WARN(fmt,...)
Definition: debug.h:112
#define ERR(fmt,...)
Definition: debug.h:110
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
return Found
Definition: dirsup.c:1270
_In_ ULONG _In_opt_ WDFREQUEST _In_opt_ PVOID _In_ size_t _In_ PVOID _In_ size_t _Out_ size_t * DataLength
Definition: cdrom.h:1444
Definition: bufpool.h:45
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
handle_t hBinding
Definition: ctx_c.c:54
#define BufferSize
Definition: mmc.h:75
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:921
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
NTSTATUS LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:592
NTSTATUS LsapDeleteDbObject(IN PLSA_DB_OBJECT DbObject)
Definition: database.c:901
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:870
NTSTATUS LsapDeleteObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
Definition: database.c:1082
NTSTATUS LsapValidateDbObject(LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *DbObject)
Definition: database.c:825
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
Definition: database.c:1012
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:712
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
Definition: database.c:961
ULONG LsapGetRelativeIdFromSid(PSID Sid_)
Definition: lookup.c:1038
NTSTATUS LsapLookupNames(DWORD Count, PRPC_UNICODE_STRING Names, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
Definition: lookup.c:1813
NTSTATUS LsapLookupSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_NAMES_EX TranslatedNames, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
Definition: lookup.c:2412
NTSTATUS LsarSetAccountDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
Definition: policy.c:876
NTSTATUS LsarSetReplicaSource(PLSA_DB_OBJECT PolicyObject, PPOLICY_LSA_REPLICA_SRCE_INFO Info)
Definition: policy.c:936
NTSTATUS LsarSetDnsDomainInt(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
Definition: policy.c:1017
NTSTATUS LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:759
NTSTATUS LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:70
NTSTATUS LsarSetAuditEvents(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_AUDIT_EVENTS_INFO Info)
Definition: policy.c:792
PLUID LsarpLookupPrivilegeValue(IN PRPC_UNICODE_STRING Name)
Definition: privileges.c:227
NTSTATUS LsarSetDefaultQuota(PLSA_DB_OBJECT PolicyObject, PPOLICY_DEFAULT_QUOTA_INFO Info)
Definition: policy.c:945
NTSTATUS LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:769
NTSTATUS LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:157
NTSTATUS LsarpLookupPrivilegeName(PLUID Value, PRPC_UNICODE_STRING *Name)
Definition: privileges.c:80
NTSTATUS LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_PRIMARY_DOM_INFO Info)
Definition: policy.c:829
NTSTATUS LsapRegQueryKeyInfo(IN HANDLE KeyHandle, OUT PULONG SubKeyCount, OUT PULONG MaxSubKeyNameLength, OUT PULONG ValueCount)
Definition: registry.c:176
NTSTATUS LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
Definition: policy.c:1008
NTSTATUS LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:436
NTSTATUS LsapRegOpenKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName, IN ACCESS_MASK DesiredAccess, OUT HANDLE KeyHandle)
Definition: registry.c:153
NTSTATUS LsarSetAuditLog(PLSA_DB_OBJECT PolicyObject, PPOLICY_AUDIT_LOG_INFO Info)
Definition: policy.c:779
NTSTATUS LsarSetAuditFull(PLSA_DB_OBJECT PolicyObject, PPOLICY_AUDIT_FULL_QUERY_INFO Info)
Definition: policy.c:971
ACCESS_MASK LsapLookupAccountRightValue(IN PRPC_UNICODE_STRING Name)
Definition: privileges.c:380
NTSTATUS LsarSetLocalAccountDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
Definition: policy.c:1026
VOID LsapNotifyPolicyChange(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass)
Definition: notify.c:188
NTSTATUS LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:542
NTSTATUS LsapRegCloseKey(IN HANDLE KeyHandle)
Definition: registry.c:23
@ LsaDbIgnoreObject
Definition: lsasrv.h:49
@ LsaDbSecretObject
Definition: lsasrv.h:53
@ LsaDbAccountObject
Definition: lsasrv.h:51
@ LsaDbPolicyObject
Definition: lsasrv.h:50
NTSTATUS LsapRegQueryValue(IN HANDLE KeyHandle, IN LPWSTR ValueName, OUT PULONG Type OPTIONAL, OUT LPVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL)
Definition: registry.c:331
NTSTATUS LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:289
NTSTATUS LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:510
NTSTATUS LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:398
NTSTATUS LsarSetModification(PLSA_DB_OBJECT PolicyObject, PPOLICY_MODIFICATION_INFO Info)
Definition: policy.c:958
NTSTATUS LsapCreateSecretSd(PSECURITY_DESCRIPTOR *SecretSd, PULONG SecretSdSize)
Definition: security.c:436
NTSTATUS LsarQueryModification(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:478
NTSTATUS LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:38
NTSTATUS LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:446
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96
NTSTATUS LsarpEnumeratePrivileges(DWORD *EnumerationContext, PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer, DWORD PreferedMaximumLength)
Definition: privileges.c:246
NTSTATUS LsarSetServerRole(PLSA_DB_OBJECT PolicyObject, PPOLICY_LSA_SERVER_ROLE_INFO Info)
Definition: policy.c:923
NTSTATUS LsapCreateAccountSd(PSECURITY_DESCRIPTOR *AccountSd, PULONG AccountSdSize)
Definition: security.c:268
NTSTATUS LsapLookupAccountRightName(ULONG RightValue, PRPC_UNICODE_STRING *Name)
Definition: privileges.c:343
NTSTATUS LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: policy.c:267
NTSTATUS LsarpLookupPrivilegeDisplayName(PRPC_UNICODE_STRING Name, USHORT ClientLanguage, USHORT ClientSystemDefaultLanguage, PRPC_UNICODE_STRING *DisplayName, USHORT *LanguageReturned)
Definition: privileges.c:125
@ NtProductLanManNt
Definition: shellpath.c:65
static PVOID Mapping[EMS_PHYSICAL_PAGES]
Definition: emsdrv.c:41
unsigned int BOOL
Definition: ntddk_ex.h:94
unsigned long DWORD
Definition: ntddk_ex.h:95
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1340
_In_ FILTER_INFORMATION_CLASS InformationClass
Definition: fltkernel.h:1713
PWCHAR pValue
Status
Definition: gdiplustypes.h:25
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
NTSYSAPI ULONG WINAPI RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR)
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
void *__RPC_USER MIDL_user_allocate(SIZE_T size)
Definition: irotp.c:371
void __RPC_USER MIDL_user_free(void *p)
Definition: irotp.c:376
unsigned int ULONG
Definition: retypes.h:1
struct _LSAPR_ACCOUNT_INFORMATION LSAPR_ACCOUNT_INFORMATION
struct _QUOTA_LIMITS QUOTA_LIMITS
LPWSTR PLSAPR_SERVER_NAME
Definition: lsa.idl:7
enum _LSAP_LOOKUP_LEVEL LSAP_LOOKUP_LEVEL
NTSTATUS WINAPI LsarSetSystemAccessAccount(LSAPR_HANDLE AccountHandle, ACCESS_MASK SystemAccess)
Definition: lsarpc.c:2012
NTSTATUS WINAPI LsarEnumerateAccountsWithUserRight(LSAPR_HANDLE PolicyHandle, PRPC_UNICODE_STRING UserRight, PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer)
Definition: lsarpc.c:2574
NTSTATUS WINAPI CredrWrite(PLSAPR_SERVER_NAME SystemName)
Definition: lsarpc.c:4044
NTSTATUS WINAPI LsarSetTrustedDomainInfo(LSAPR_HANDLE PolicyHandle, PRPC_SID TrustedDomainSid, TRUSTED_INFORMATION_CLASS InformationClass, PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
Definition: lsarpc.c:3428
NTSTATUS WINAPI LsarEnumerateTrustedDomains(LSAPR_HANDLE PolicyHandle, DWORD *EnumerationContext, PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer, DWORD PreferedMaximumLength)
Definition: lsarpc.c:1176
static RTL_CRITICAL_SECTION PolicyHandleTableLock
Definition: lsarpc.c:14
NTSTATUS WINAPI LsarQueryDomainInformationPolicy(LSAPR_HANDLE PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, PLSAPR_POLICY_DOMAIN_INFORMATION *PolicyInformation)
Definition: lsarpc.c:3866
NTSTATUS WINAPI LsarCreateTrustedDomainEx2(LSAPR_HANDLE PolicyHandle, PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation, PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *TrustedDomainHandle)
Definition: lsarpc.c:4025
NTSTATUS WINAPI CredrWriteDomainCredentials(PLSAPR_SERVER_NAME SystemName)
Definition: lsarpc.c:4077
NTSTATUS LsarpCreateAccount(PLSA_DB_OBJECT PolicyObject, PRPC_SID AccountSid, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *AccountObject)
Definition: lsarpc.c:813
NTSTATUS WINAPI LsarQuerySecret(LSAPR_HANDLE SecretHandle, PLSAPR_CR_CIPHER_VALUE *EncryptedCurrentValue, PLARGE_INTEGER CurrentValueSetTime, PLSAPR_CR_CIPHER_VALUE *EncryptedOldValue, PLARGE_INTEGER OldValueSetTime)
Definition: lsarpc.c:2246
NTSTATUS LsarStartRpcServer(VOID)
Definition: lsarpc.c:40
NTSTATUS WINAPI LsarLookupSids2(LSAPR_HANDLE PolicyHandle, PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_NAMES_EX TranslatedNames, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
Definition: lsarpc.c:3921
NTSTATUS WINAPI CredrDelete(PLSAPR_SERVER_NAME SystemName, LPWSTR TargetName, DWORD Type, DWORD Flags)
Definition: lsarpc.c:4099
NTSTATUS WINAPI LsarAdtReportSecurityEvent(handle_t hBinding)
Definition: lsarpc.c:4382
NTSTATUS WINAPI LsarOpenAccount(LSAPR_HANDLE PolicyHandle, PRPC_SID AccountSid, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *AccountHandle)
Definition: lsarpc.c:1465
NTSTATUS WINAPI LsarSetPolicyReplicationHandle(PLSAPR_HANDLE PolicyHandle)
Definition: lsarpc.c:3855
NTSTATUS WINAPI LsarOpenPolicy2(LPWSTR SystemName, PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *PolicyHandle)
Definition: lsarpc.c:3723
NTSTATUS WINAPI LsarSetInformationPolicy(LSAPR_HANDLE PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, PLSAPR_POLICY_INFORMATION PolicyInformation)
Definition: lsarpc.c:663
NTSTATUS WINAPI LsarEnumeratePrivileges(LSAPR_HANDLE PolicyHandle, DWORD *EnumerationContext, PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer, DWORD PreferedMaximumLength)
Definition: lsarpc.c:166
void __RPC_USER LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle)
Definition: lsarpc.c:116
NTSTATUS WINAPI LsarGetQuotasForAccount(LSAPR_HANDLE AccountHandle, PQUOTA_LIMITS QuotaLimits)
Definition: lsarpc.c:1878
NTSTATUS WINAPI LsarAdtUnregisterSecurityEventSource(handle_t hBinding)
Definition: lsarpc.c:4371
NTSTATUS WINAPI LsarOpenTrustedDomain(LSAPR_HANDLE PolicyHandle, PRPC_SID TrustedDomainSid, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *TrustedDomainHandle)
Definition: lsarpc.c:2046
NTSTATUS WINAPI LsarRemovePrivilegesFromAccount(LSAPR_HANDLE AccountHandle, BOOLEAN AllPrivileges, PLSAPR_PRIVILEGE_SET Privileges)
Definition: lsarpc.c:1719
NTSTATUS WINAPI LsarRetrievePrivateData(LSAPR_HANDLE PolicyHandle, PRPC_UNICODE_STRING KeyName, PLSAPR_CR_CIPHER_VALUE *EncryptedData)
Definition: lsarpc.c:3618
NTSTATUS WINAPI LsarEnumerateAccounts(LSAPR_HANDLE PolicyHandle, DWORD *EnumerationContext, PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer, DWORD PreferedMaximumLength)
Definition: lsarpc.c:928
NTSTATUS WINAPI LsarDeleteTrustedDomain(LSAPR_HANDLE PolicyHandle, PRPC_SID TrustedDomainSid)
Definition: lsarpc.c:3446
NTSTATUS WINAPI LsarRegisterAuditEvent(handle_t hBinding)
Definition: lsarpc.c:4191
static GENERIC_MAPPING LsapSecretMapping
Definition: lsarpc.c:32
NTSTATUS WINAPI LsarDeleteObject(LSAPR_HANDLE *ObjectHandle)
Definition: lsarpc.c:2530
NTSTATUS WINAPI CredrReadDomainCredentials(PLSAPR_SERVER_NAME SystemName)
Definition: lsarpc.c:4088
NTSTATUS WINAPI LsarLookupPrivilegeName(LSAPR_HANDLE PolicyHandle, PLUID Value, PRPC_UNICODE_STRING *Name)
Definition: lsarpc.c:2464
NTSTATUS WINAPI LsarSetInformationTrustedDomain(LSAPR_HANDLE TrustedDomainHandle, TRUSTED_INFORMATION_CLASS InformationClass, PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
Definition: lsarpc.c:2077
NTSTATUS WINAPI LsarLookupNames(LSAPR_HANDLE PolicyHandle, DWORD Count, PRPC_UNICODE_STRING Names, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_SIDS TranslatedSids, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount)
Definition: lsarpc.c:1192
NTSTATUS WINAPI LsarTestCall(handle_t hBinding)
Definition: lsarpc.c:3910
NTSTATUS WINAPI LsarQueryTrustedDomainInfo(LSAPR_HANDLE PolicyHandle, PRPC_SID TrustedDomainSid, TRUSTED_INFORMATION_CLASS InformationClass, PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
Definition: lsarpc.c:3410
NTSTATUS WINAPI LsarCreateTrustedDomainEx(LSAPR_HANDLE PolicyHandle, PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation, PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *TrustedDomainHandle)
Definition: lsarpc.c:3836
NTSTATUS WINAPI LsarLookupPrivilegeValue(LSAPR_HANDLE PolicyHandle, PRPC_UNICODE_STRING Name, PLUID Value)
Definition: lsarpc.c:2428
NTSTATUS WINAPI LsarGetUserName(LPWSTR SystemName, PRPC_UNICODE_STRING *UserName, PRPC_UNICODE_STRING *DomainName)
Definition: lsarpc.c:3739
NTSTATUS WINAPI LsarSetSecret(LSAPR_HANDLE SecretHandle, PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue, PLSAPR_CR_CIPHER_VALUE EncryptedOldValue)
Definition: lsarpc.c:2146
NTSTATUS WINAPI LsarLookupSids3(LSAPR_HANDLE PolicyHandle, PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_NAMES_EX TranslatedNames, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
Definition: lsarpc.c:4269
NTSTATUS WINAPI CredrRead(PLSAPR_SERVER_NAME SystemName)
Definition: lsarpc.c:4055
static NTSTATUS LsarpOpenAccount(IN PLSA_DB_OBJECT PolicyObject, IN PRPC_SID AccountSid, IN ACCESS_MASK DesiredAccess, OUT PLSA_DB_OBJECT *AccountObject)
Definition: lsarpc.c:1425
NTSTATUS WINAPI LsarGenAuditEvent(handle_t hBinding)
Definition: lsarpc.c:4202
static GENERIC_MAPPING LsapAccountMapping
Definition: lsarpc.c:25
NTSTATUS WINAPI LsarOpenPolicy(LPWSTR SystemName, PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *PolicyHandle)
Definition: lsarpc.c:495
NTSTATUS WINAPI LsarLookupNames3(LSAPR_HANDLE PolicyHandle, DWORD Count, PRPC_UNICODE_STRING Names, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
Definition: lsarpc.c:4138
NTSTATUS WINAPI LsarQueryInfoTrustedDomain(LSAPR_HANDLE TrustedDomainHandle, TRUSTED_INFORMATION_CLASS InformationClass, PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
Definition: lsarpc.c:2064
NTSTATUS WINAPI LsarOpenSecret(LSAPR_HANDLE PolicyHandle, PRPC_UNICODE_STRING SecretName, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *SecretHandle)
Definition: lsarpc.c:2090
NTSTATUS WINAPI LsarEnumeratePrivilegesAccount(LSAPR_HANDLE AccountHandle, PLSAPR_PRIVILEGE_SET *Privileges)
Definition: lsarpc.c:1504
NTSTATUS WINAPI LsarClearAuditLog(LSAPR_HANDLE ObjectHandle)
Definition: lsarpc.c:804
NTSTATUS WINAPI LsarClose(LSAPR_HANDLE *ObjectHandle)
Definition: lsarpc.c:125
NTSTATUS WINAPI LsarUnregisterAuditEvent(handle_t hBinding)
Definition: lsarpc.c:4213
NTSTATUS WINAPI LsarCreateTrustedDomain(LSAPR_HANDLE PolicyHandle, PLSAPR_TRUST_INFORMATION TrustedDomainInformation, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *TrustedDomainHandle)
Definition: lsarpc.c:1158
NTSTATUS WINAPI LsarSetQuotasForAccount(LSAPR_HANDLE AccountHandle, PQUOTA_LIMITS QuotaLimits)
Definition: lsarpc.c:1913
NTSTATUS WINAPI LsarGetSystemAccessAccount(LSAPR_HANDLE AccountHandle, ACCESS_MASK *SystemAccess)
Definition: lsarpc.c:1977
NTSTATUS WINAPI LsarAddPrivilegesToAccount(LSAPR_HANDLE AccountHandle, PLSAPR_PRIVILEGE_SET Privileges)
Definition: lsarpc.c:1563
NTSTATUS WINAPI LsarLookupNames2(LSAPR_HANDLE PolicyHandle, DWORD Count, PRPC_UNICODE_STRING Names, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_SIDS_EX TranslatedSids, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DW