19 ULONG RelativeSdSize = 0;
30 if (PolicySd ==
NULL || PolicySdSize ==
NULL)
220 if (RelativeSd ==
NULL)
232 *PolicySd = RelativeSd;
233 *PolicySdSize = RelativeSdSize;
239 if (AnonymousSid !=
NULL)
242 if (AdministratorsSid !=
NULL)
243 RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
245 if (EveryoneSid !=
NULL)
259 if (RelativeSd !=
NULL)
273 ULONG RelativeSdSize = 0;
281 if (AccountSd ==
NULL || AccountSdSize ==
NULL)
397 if (RelativeSd ==
NULL)
409 *AccountSd = RelativeSd;
410 *AccountSdSize = RelativeSdSize;
416 if (AdministratorsSid !=
NULL)
417 RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
419 if (EveryoneSid !=
NULL)
427 if (RelativeSd !=
NULL)
441 ULONG RelativeSdSize = 0;
449 if (SecretSd ==
NULL || SecretSdSize ==
NULL)
565 if (RelativeSd ==
NULL)
577 *SecretSd = RelativeSd;
578 *SecretSdSize = RelativeSdSize;
584 if (AdministratorsSid !=
NULL)
585 RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
587 if (EveryoneSid !=
NULL)
595 if (RelativeSd !=
NULL)
644 ULONG RelativeSdSize = 0;
651 if (TokenSd ==
NULL || TokenSdSize ==
NULL)
744 if (RelativeSd ==
NULL)
756 *TokenSd = RelativeSd;
757 *TokenSdSize = RelativeSdSize;
763 if (AdministratorsSid !=
NULL)
764 RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
771 if (RelativeSd !=
NULL)
static SID_IDENTIFIER_AUTHORITY NtAuthority
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
#define NT_SUCCESS(StatCode)
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
NTSTATUS LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
NTSTATUS LsapCreateSecretSd(PSECURITY_DESCRIPTOR *SecretSd, PULONG SecretSdSize)
NTSTATUS LsapCreateTokenSd(_In_ const TOKEN_USER *User, _Outptr_ PSECURITY_DESCRIPTOR *TokenSd, _Out_ PULONG TokenSdSize)
Creates a security descriptor for the token object.
NTSTATUS LsapCreateAccountSd(PSECURITY_DESCRIPTOR *AccountSd, PULONG AccountSdSize)
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
#define ACCOUNT_ALL_ACCESS
#define SECRET_ALL_ACCESS
#define POLICY_NOTIFICATION
#define POLICY_VIEW_LOCAL_INFORMATION
#define POLICY_ALL_ACCESS
#define POLICY_LOOKUP_NAMES
#define STATUS_BUFFER_TOO_SMALL
#define STATUS_INVALID_PARAMETER
#define STATUS_INSUFFICIENT_RESOURCES
#define SECURITY_ANONYMOUS_LOGON_RID
#define SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_WORLD_RID
#define SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SERVICE_RID
#define SECURITY_DESCRIPTOR_REVISION
#define SECURITY_NETWORK_SERVICE_RID
#define DOMAIN_ALIAS_RID_ADMINS