ReactOS  0.4.15-dev-2359-g0dedb9b
security.c
Go to the documentation of this file.
1 /*
2  * COPYRIGHT: See COPYING in the top level directory
3  * PROJECT: ReactOS system libraries
4  * PURPOSE: System setup
5  * FILE: dll/win32/syssetup/security.c
6  * PROGRAMER: Eric Kohl
7  */
8 
9 /* INCLUDES *****************************************************************/
10 
11 #include "precomp.h"
12 
13 #include <ntlsa.h>
14 #include <ntsecapi.h>
15 #include <ntsam.h>
16 #include <sddl.h>
17 
18 #define NDEBUG
19 #include <debug.h>
20 
21 #define TICKS_PER_DAY -864000000000LL
22 #define TICKS_PER_MINUTE -600000000LL
23 
24 /* FUNCTIONS ****************************************************************/
25 
26 NTSTATUS
27 WINAPI
28 SetAccountsDomainSid(
29  PSID DomainSid,
30  LPCWSTR DomainName)
31 {
32  PPOLICY_ACCOUNT_DOMAIN_INFO OrigInfo = NULL;
33  POLICY_ACCOUNT_DOMAIN_INFO Info;
34  LSA_OBJECT_ATTRIBUTES ObjectAttributes;
35  LSA_HANDLE PolicyHandle;
36 
37  SAM_HANDLE ServerHandle = NULL;
38  SAM_HANDLE DomainHandle = NULL;
39  DOMAIN_NAME_INFORMATION DomainNameInfo;
40 
41  NTSTATUS Status;
42 
43  DPRINT("SYSSETUP: SetAccountsDomainSid\n");
44 
45  memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
46  ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
47 
48  Status = LsaOpenPolicy(NULL,
49  &ObjectAttributes,
50  POLICY_VIEW_LOCAL_INFORMATION | POLICY_TRUST_ADMIN,
51  &PolicyHandle);
52  if (Status != STATUS_SUCCESS)
53  {
54  DPRINT("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status);
55  return Status;
56  }
57 
58  Status = LsaQueryInformationPolicy(PolicyHandle,
59  PolicyAccountDomainInformation,
60  (PVOID *)&OrigInfo);
61  if (Status == STATUS_SUCCESS && OrigInfo != NULL)
62  {
63  if (DomainName == NULL)
64  {
65  Info.DomainName.Buffer = OrigInfo->DomainName.Buffer;
66  Info.DomainName.Length = OrigInfo->DomainName.Length;
67  Info.DomainName.MaximumLength = OrigInfo->DomainName.MaximumLength;
68  }
69  else
70  {
71  Info.DomainName.Buffer = (LPWSTR)DomainName;
72  Info.DomainName.Length = wcslen(DomainName) * sizeof(WCHAR);
73  Info.DomainName.MaximumLength = Info.DomainName.Length + sizeof(WCHAR);
74  }
75 
76  if (DomainSid == NULL)
77  Info.DomainSid = OrigInfo->DomainSid;
78  else
79  Info.DomainSid = DomainSid;
80  }
81  else
82  {
83  Info.DomainName.Buffer = (LPWSTR)DomainName;
84  Info.DomainName.Length = wcslen(DomainName) * sizeof(WCHAR);
85  Info.DomainName.MaximumLength = Info.DomainName.Length + sizeof(WCHAR);
86  Info.DomainSid = DomainSid;
87  }
88 
89  Status = LsaSetInformationPolicy(PolicyHandle,
90  PolicyAccountDomainInformation,
91  (PVOID)&Info);
92  if (Status != STATUS_SUCCESS)
93  {
94  DPRINT("LsaSetInformationPolicy failed (Status: 0x%08lx)\n", Status);
95  }
96 
97  if (OrigInfo != NULL)
98  LsaFreeMemory(OrigInfo);
99 
100  LsaClose(PolicyHandle);
101 
102  DomainNameInfo.DomainName.Length = wcslen(DomainName) * sizeof(WCHAR);
103  DomainNameInfo.DomainName.MaximumLength = DomainNameInfo.DomainName.Length + sizeof(WCHAR);
104  DomainNameInfo.DomainName.Buffer = (LPWSTR)DomainName;
105 
106  Status = SamConnect(NULL,
107  &ServerHandle,
108  SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
109  NULL);
110  if (NT_SUCCESS(Status))
111  {
112  Status = SamOpenDomain(ServerHandle,
113  DOMAIN_WRITE_OTHER_PARAMETERS,
114  Info.DomainSid,
115  &DomainHandle);
116  if (NT_SUCCESS(Status))
117  {
118  Status = SamSetInformationDomain(DomainHandle,
119  DomainNameInformation,
120  &DomainNameInfo);
121  if (!NT_SUCCESS(Status))
122  {
123  DPRINT1("SamSetInformationDomain failed (Status: 0x%08lx)\n", Status);
124  }
125 
126  SamCloseHandle(DomainHandle);
127  }
128  else
129  {
130  DPRINT1("SamOpenDomain failed (Status: 0x%08lx)\n", Status);
131  }
132 
133  SamCloseHandle(ServerHandle);
134  }
135 
136  return Status;
137 }
138 
139 
140 /* Hack */
141 static
142 NTSTATUS
143 SetPrimaryDomain(LPCWSTR DomainName,
144  PSID DomainSid)
145 {
146  PPOLICY_PRIMARY_DOMAIN_INFO OrigInfo = NULL;
147  POLICY_PRIMARY_DOMAIN_INFO Info;
148  LSA_OBJECT_ATTRIBUTES ObjectAttributes;
149  LSA_HANDLE PolicyHandle;
150  NTSTATUS Status;
151 
152  DPRINT1("SYSSETUP: SetPrimaryDomain()\n");
153 
154  memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
155  ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
156 
157  Status = LsaOpenPolicy(NULL,
158  &ObjectAttributes,
159  POLICY_VIEW_LOCAL_INFORMATION | POLICY_TRUST_ADMIN,
160  &PolicyHandle);
161  if (Status != STATUS_SUCCESS)
162  {
163  DPRINT("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status);
164  return Status;
165  }
166 
167  Status = LsaQueryInformationPolicy(PolicyHandle,
168  PolicyPrimaryDomainInformation,
169  (PVOID *)&OrigInfo);
170  if (Status == STATUS_SUCCESS && OrigInfo != NULL)
171  {
172  if (DomainName == NULL)
173  {
174  Info.Name.Buffer = OrigInfo->Name.Buffer;
175  Info.Name.Length = OrigInfo->Name.Length;
176  Info.Name.MaximumLength = OrigInfo->Name.MaximumLength;
177  }
178  else
179  {
180  Info.Name.Buffer = (LPWSTR)DomainName;
181  Info.Name.Length = wcslen(DomainName) * sizeof(WCHAR);
182  Info.Name.MaximumLength = Info.Name.Length + sizeof(WCHAR);
183  }
184 
185  if (DomainSid == NULL)
186  Info.Sid = OrigInfo->Sid;
187  else
188  Info.Sid = DomainSid;
189  }
190  else
191  {
192  Info.Name.Buffer = (LPWSTR)DomainName;
193  Info.Name.Length = wcslen(DomainName) * sizeof(WCHAR);
194  Info.Name.MaximumLength = Info.Name.Length + sizeof(WCHAR);
195  Info.Sid = DomainSid;
196  }
197 
198  Status = LsaSetInformationPolicy(PolicyHandle,
199  PolicyPrimaryDomainInformation,
200  (PVOID)&Info);
201  if (Status != STATUS_SUCCESS)
202  {
203  DPRINT("LsaSetInformationPolicy failed (Status: 0x%08lx)\n", Status);
204  }
205 
206  if (OrigInfo != NULL)
207  LsaFreeMemory(OrigInfo);
208 
209  LsaClose(PolicyHandle);
210 
211  return Status;
212 }
213 
214 
215 static
216 VOID
217 InstallBuiltinAccounts(VOID)
218 {
219  LPWSTR BuiltinAccounts[] = {
220  L"S-1-1-0", /* Everyone */
221  L"S-1-5-4", /* Interactive */
222  L"S-1-5-6", /* Service */
223  L"S-1-5-19", /* Local Service */
224  L"S-1-5-20", /* Network Service */
225  L"S-1-5-32-544", /* Administrators */
226  L"S-1-5-32-545", /* Users */
227  L"S-1-5-32-547", /* Power Users */
228  L"S-1-5-32-551", /* Backup Operators */
229  L"S-1-5-32-555"}; /* Remote Desktop Users */
230  LSA_OBJECT_ATTRIBUTES ObjectAttributes;
231  NTSTATUS Status;
232  LSA_HANDLE PolicyHandle = NULL;
233  LSA_HANDLE AccountHandle = NULL;
234  PSID AccountSid;
235  ULONG i;
236 
237  DPRINT("InstallBuiltinAccounts()\n");
238 
239  memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
240 
241  Status = LsaOpenPolicy(NULL,
242  &ObjectAttributes,
243  POLICY_CREATE_ACCOUNT,
244  &PolicyHandle);
245  if (!NT_SUCCESS(Status))
246  {
247  DPRINT1("LsaOpenPolicy failed (Status %08lx)\n", Status);
248  return;
249  }
250 
251  for (i = 0; i < ARRAYSIZE(BuiltinAccounts); i++)
252  {
253  if (!ConvertStringSidToSid(BuiltinAccounts[i], &AccountSid))
254  {
255  DPRINT1("ConvertStringSidToSid(%S) failed: %lu\n", BuiltinAccounts[i], GetLastError());
256  continue;
257  }
258 
259  Status = LsaCreateAccount(PolicyHandle,
260  AccountSid,
261  0,
262  &AccountHandle);
263  if (NT_SUCCESS(Status))
264  {
265  LsaClose(AccountHandle);
266  }
267 
268  LocalFree(AccountSid);
269  }
270 
271  LsaClose(PolicyHandle);
272 }
273 
274 
275 static
276 VOID
277 InstallPrivileges(
278  HINF hSecurityInf)
279 {
280  LSA_OBJECT_ATTRIBUTES ObjectAttributes;
281  WCHAR szPrivilegeString[256];
282  WCHAR szSidString[256];
283  INFCONTEXT InfContext;
284  DWORD i;
285  PSID AccountSid = NULL;
286  NTSTATUS Status;
287  LSA_HANDLE PolicyHandle = NULL;
288  LSA_UNICODE_STRING RightString, AccountName;
289  PLSA_REFERENCED_DOMAIN_LIST ReferencedDomains = NULL;
290  PLSA_TRANSLATED_SID2 Sids = NULL;
291 
292  DPRINT("InstallPrivileges()\n");
293 
294  memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
295 
296  Status = LsaOpenPolicy(NULL,
297  &ObjectAttributes,
298  POLICY_CREATE_ACCOUNT | POLICY_LOOKUP_NAMES,
299  &PolicyHandle);
300  if (!NT_SUCCESS(Status))
301  {
302  DPRINT1("LsaOpenPolicy failed (Status %08lx)\n", Status);
303  goto done;
304  }
305 
306  if (!SetupFindFirstLineW(hSecurityInf,
307  L"Privilege Rights",
308  NULL,
309  &InfContext))
310  {
311  DPRINT1("SetupFindFirstLineW failed\n");
312  goto done;
313  }
314 
315  do
316  {
317  /* Retrieve the privilege name */
318  if (!SetupGetStringFieldW(&InfContext,
319  0,
320  szPrivilegeString,
321  ARRAYSIZE(szPrivilegeString),
322  NULL))
323  {
324  DPRINT1("SetupGetStringFieldW() failed\n");
325  goto done;
326  }
327  DPRINT("Privilege: %S\n", szPrivilegeString);
328 
329  for (i = 0; i < SetupGetFieldCount(&InfContext); i++)
330  {
331  if (!SetupGetStringFieldW(&InfContext,
332  i + 1,
333  szSidString,
334  ARRAYSIZE(szSidString),
335  NULL))
336  {
337  DPRINT1("SetupGetStringFieldW() failed\n");
338  goto done;
339  }
340  DPRINT("SID: %S\n", szSidString);
341 
342  if (szSidString[0] == UNICODE_NULL)
343  continue;
344 
345  if (szSidString[0] == L'*')
346  {
347  DPRINT("Account Sid: %S\n", &szSidString[1]);
348 
349  if (!ConvertStringSidToSid(&szSidString[1], &AccountSid))
350  {
351  DPRINT1("ConvertStringSidToSid(%S) failed: %lu\n", szSidString, GetLastError());
352  continue;
353  }
354  }
355  else
356  {
357  DPRINT("Account name: %S\n", szSidString);
358 
359  ReferencedDomains = NULL;
360  Sids = NULL;
361  RtlInitUnicodeString(&AccountName, szSidString);
362  Status = LsaLookupNames2(PolicyHandle,
363  0,
364  1,
365  &AccountName,
366  &ReferencedDomains,
367  &Sids);
368  if (ReferencedDomains != NULL)
369  {
370  LsaFreeMemory(ReferencedDomains);
371  }
372 
373  if (!NT_SUCCESS(Status))
374  {
375  DPRINT1("LsaLookupNames2() failed (Status 0x%08lx)\n", Status);
376 
377  if (Sids != NULL)
378  {
379  LsaFreeMemory(Sids);
380  Sids = NULL;
381  }
382 
383  continue;
384  }
385  }
386 
387  RtlInitUnicodeString(&RightString, szPrivilegeString);
388  Status = LsaAddAccountRights(PolicyHandle,
389  (AccountSid != NULL) ? AccountSid : Sids[0].Sid,
390  &RightString,
391  1);
392  if (!NT_SUCCESS(Status))
393  {
394  DPRINT1("LsaAddAccountRights() failed (Status %08lx)\n", Status);
395  }
396 
397  if (Sids != NULL)
398  {
399  LsaFreeMemory(Sids);
400  Sids = NULL;
401  }
402 
403  if (AccountSid != NULL)
404  {
405  LocalFree(AccountSid);
406  AccountSid = NULL;
407  }
408  }
409 
410  }
411  while (SetupFindNextLine(&InfContext, &InfContext));
412 
413 done:
414  if (PolicyHandle != NULL)
415  LsaClose(PolicyHandle);
416 }
417 
418 
419 static
420 VOID
421 ApplyRegistryValues(
422  HINF hSecurityInf)
423 {
424  WCHAR szRegistryPath[MAX_PATH];
425  WCHAR szRootName[MAX_PATH];
426  WCHAR szKeyName[MAX_PATH];
427  WCHAR szValueName[MAX_PATH];
428  INFCONTEXT InfContext;
429  DWORD dwLength, dwType;
430  HKEY hRootKey, hKey;
431  PWSTR Ptr1, Ptr2;
432  DWORD dwError;
433  PVOID pBuffer;
434 
435  DPRINT("ApplyRegistryValues()\n");
436 
437  if (!SetupFindFirstLineW(hSecurityInf,
438  L"Registry Values",
439  NULL,
440  &InfContext))
441  {
442  DPRINT1("SetupFindFirstLineW failed\n");
443  return;
444  }
445 
446  do
447  {
448  /* Retrieve the privilege name */
449  if (!SetupGetStringFieldW(&InfContext,
450  0,
451  szRegistryPath,
452  ARRAYSIZE(szRegistryPath),
453  NULL))
454  {
455  DPRINT1("SetupGetStringFieldW() failed\n");
456  return;
457  }
458 
459  DPRINT("RegistryPath: %S\n", szRegistryPath);
460 
461  Ptr1 = wcschr(szRegistryPath, L'\\');
462  Ptr2 = wcsrchr(szRegistryPath, L'\\');
463  if (Ptr1 != NULL && Ptr2 != NULL && Ptr1 != Ptr2)
464  {
465  dwLength = (DWORD)(((ULONG_PTR)Ptr1 - (ULONG_PTR)szRegistryPath) / sizeof(WCHAR));
466  wcsncpy(szRootName, szRegistryPath, dwLength);
467  szRootName[dwLength] = UNICODE_NULL;
468 
469  Ptr1++;
470  dwLength = (DWORD)(((ULONG_PTR)Ptr2 - (ULONG_PTR)Ptr1) / sizeof(WCHAR));
471  wcsncpy(szKeyName, Ptr1, dwLength);
472  szKeyName[dwLength] = UNICODE_NULL;
473 
474  Ptr2++;
475  wcscpy(szValueName, Ptr2);
476 
477  DPRINT("RootName: %S\n", szRootName);
478  DPRINT("KeyName: %S\n", szKeyName);
479  DPRINT("ValueName: %S\n", szValueName);
480 
481  if (_wcsicmp(szRootName, L"Machine") == 0)
482  {
483  hRootKey = HKEY_LOCAL_MACHINE;
484  }
485  else
486  {
487  DPRINT1("Unsupported root key %S\n", szRootName);
488  break;
489  }
490 
491  if (!SetupGetIntField(&InfContext,
492  1,
493  (PINT)&dwType))
494  {
495  DPRINT1("Failed to get key type (Error %lu)\n", GetLastError());
496  break;
497  }
498 
499  if (dwType != REG_SZ && dwType != REG_EXPAND_SZ && dwType != REG_BINARY &&
500  dwType != REG_DWORD && dwType != REG_MULTI_SZ)
501  {
502  DPRINT1("Invalid value type %lu\n", dwType);
503  break;
504  }
505 
506  dwLength = 0;
507  switch (dwType)
508  {
509  case REG_SZ:
510  case REG_EXPAND_SZ:
511  SetupGetStringField(&InfContext,
512  2,
513  NULL,
514  0,
515  &dwLength);
516  dwLength *= sizeof(WCHAR);
517  break;
518 
519  case REG_BINARY:
520  SetupGetBinaryField(&InfContext,
521  2,
522  NULL,
523  0,
524  &dwLength);
525  break;
526 
527  case REG_DWORD:
528  dwLength = sizeof(INT);
529  break;
530 
531  case REG_MULTI_SZ:
532  SetupGetMultiSzField(&InfContext,
533  2,
534  NULL,
535  0,
536  &dwLength);
537  dwLength *= sizeof(WCHAR);
538  break;
539  }
540 
541  if (dwLength == 0)
542  {
543  DPRINT1("Failed to determine the required buffer size!\n");
544  break;
545  }
546 
547  dwError = RegCreateKeyExW(hRootKey,
548  szKeyName,
549  0,
550  NULL,
551  REG_OPTION_NON_VOLATILE,
552  KEY_WRITE,
553  NULL,
554  &hKey,
555  NULL);
556  if (dwError != ERROR_SUCCESS)
557  {
558  DPRINT1("Failed to create the key %S (Error %lu)\n", szKeyName, dwError);
559  break;
560  }
561 
562  pBuffer = HeapAlloc(GetProcessHeap(), 0, dwLength);
563  if (pBuffer)
564  {
565  switch (dwType)
566  {
567  case REG_SZ:
568  case REG_EXPAND_SZ:
569  SetupGetStringField(&InfContext,
570  2,
571  pBuffer,
572  dwLength / sizeof(WCHAR),
573  &dwLength);
574  dwLength *= sizeof(WCHAR);
575  break;
576 
577  case REG_BINARY:
578  SetupGetBinaryField(&InfContext,
579  2,
580  pBuffer,
581  dwLength,
582  &dwLength);
583  break;
584 
585  case REG_DWORD:
586  SetupGetIntField(&InfContext,
587  2,
588  pBuffer);
589  break;
590 
591  case REG_MULTI_SZ:
592  SetupGetMultiSzField(&InfContext,
593  2,
594  pBuffer,
595  dwLength / sizeof(WCHAR),
596  &dwLength);
597  dwLength *= sizeof(WCHAR);
598  break;
599  }
600 
601  RegSetValueEx(hKey,
602  szValueName,
603  0,
604  dwType,
605  pBuffer,
606  dwLength);
607 
608  HeapFree(GetProcessHeap(), 0, pBuffer);
609  }
610 
611  RegCloseKey(hKey);
612  }
613  }
614  while (SetupFindNextLine(&InfContext, &InfContext));
615 }
616 
617 
618 static
619 VOID
620 ApplyEventlogSettings(
621  _In_ HINF hSecurityInf,
622  _In_ PWSTR pszSectionName,
623  _In_ PWSTR pszLogName)
624 {
625  INFCONTEXT InfContext;
626  HKEY hServiceKey = NULL, hLogKey = NULL;
627  DWORD dwValue, dwError;
628  BOOL bValueSet;
629 
630  DPRINT("ApplyEventlogSettings(%p %S %S)\n",
631  hSecurityInf, pszSectionName, pszLogName);
632 
633  dwError = RegCreateKeyExW(HKEY_LOCAL_MACHINE,
634  L"System\\CurrentControlSet\\Services\\Eventlog",
635  0,
636  NULL,
637  REG_OPTION_NON_VOLATILE,
638  KEY_WRITE,
639  NULL,
640  &hServiceKey,
641  NULL);
642  if (dwError != ERROR_SUCCESS)
643  {
644  DPRINT1("Failed to create the Eventlog Service key (Error %lu)\n", dwError);
645  return;
646  }
647 
648  dwError = RegCreateKeyExW(hServiceKey,
649  pszLogName,
650  0,
651  NULL,
652  REG_OPTION_NON_VOLATILE,
653  KEY_WRITE,
654  NULL,
655  &hLogKey,
656  NULL);
657  if (dwError != ERROR_SUCCESS)
658  {
659  DPRINT1("Failed to create the key %S (Error %lu)\n", pszLogName, dwError);
660  RegCloseKey(hServiceKey);
661  return;
662  }
663 
664  if (SetupFindFirstLineW(hSecurityInf,
665  pszSectionName,
666  L"MaximumLogSize",
667  &InfContext))
668  {
669  DPRINT("MaximumLogSize\n");
670  dwValue = 0;
671  SetupGetIntField(&InfContext,
672  1,
673  (PINT)&dwValue);
674 
675  DPRINT("MaximumLogSize: %lu (kByte)\n", dwValue);
676  if (dwValue >= 64 && dwValue <= 4194240)
677  {
678  dwValue *= 1024;
679 
680  DPRINT("MaxSize: %lu\n", dwValue);
681  RegSetValueEx(hLogKey,
682  L"MaxSize",
683  0,
684  REG_DWORD,
685  (LPBYTE)&dwValue,
686  sizeof(dwValue));
687  }
688  }
689 
690  if (SetupFindFirstLineW(hSecurityInf,
691  pszSectionName,
692  L"AuditLogRetentionPeriod",
693  &InfContext))
694  {
695  bValueSet = FALSE;
696  dwValue = 0;
697  SetupGetIntField(&InfContext,
698  1,
699  (PINT)&dwValue);
700  if (dwValue == 0)
701  {
702  bValueSet = TRUE;
703  }
704  else if (dwValue == 1)
705  {
706  if (SetupFindFirstLineW(hSecurityInf,
707  pszSectionName,
708  L"RetentionDays",
709  &InfContext))
710  {
711  SetupGetIntField(&InfContext,
712  1,
713  (PINT)&dwValue);
714  dwValue *= 86400;
715  bValueSet = TRUE;
716  }
717  }
718  else if (dwValue == 2)
719  {
720  dwValue = (DWORD)-1;
721  bValueSet = TRUE;
722  }
723 
724  if (bValueSet)
725  {
726  DPRINT("Retention: %lu\n", dwValue);
727  RegSetValueEx(hLogKey,
728  L"Retention",
729  0,
730  REG_DWORD,
731  (LPBYTE)&dwValue,
732  sizeof(dwValue));
733  }
734  }
735 
736  if (SetupFindFirstLineW(hSecurityInf,
737  pszSectionName,
738  L"RestrictGuestAccess",
739  &InfContext))
740  {
741  dwValue = 0;
742  SetupGetIntField(&InfContext,
743  1,
744  (PINT)&dwValue);
745  if (dwValue == 0 || dwValue == 1)
746  {
747  DPRINT("RestrictGuestAccess: %lu\n", dwValue);
748  RegSetValueEx(hLogKey,
749  L"RestrictGuestAccess",
750  0,
751  REG_DWORD,
752  (LPBYTE)&dwValue,
753  sizeof(dwValue));
754  }
755  }
756 
757  RegCloseKey(hLogKey);
758  RegCloseKey(hServiceKey);
759 }
760 
761 
762 static
763 VOID
764 ApplyPasswordSettings(
765  _In_ HINF hSecurityInf,
766  _In_ PWSTR pszSectionName)
767 {
768  INFCONTEXT InfContext;
769  PDOMAIN_PASSWORD_INFORMATION PasswordInfo = NULL;
770  PPOLICY_ACCOUNT_DOMAIN_INFO OrigInfo = NULL;
771  LSA_OBJECT_ATTRIBUTES ObjectAttributes;
772  LSA_HANDLE PolicyHandle = NULL;
773  SAM_HANDLE ServerHandle = NULL;
774  SAM_HANDLE DomainHandle = NULL;
775  INT nValue;
776  NTSTATUS Status;
777 
778  DPRINT("ApplyPasswordSettings()\n");
779 
780  memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
781  ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
782 
783  Status = LsaOpenPolicy(NULL,
784  &ObjectAttributes,
785  POLICY_VIEW_LOCAL_INFORMATION | POLICY_TRUST_ADMIN,
786  &PolicyHandle);
787  if (Status != STATUS_SUCCESS)
788  {
789  DPRINT1("LsaOpenPolicy() failed (Status: 0x%08lx)\n", Status);
790  return;
791  }
792 
793  Status = LsaQueryInformationPolicy(PolicyHandle,
794  PolicyAccountDomainInformation,
795  (PVOID *)&OrigInfo);
796  if (!NT_SUCCESS(Status))
797  {
798  DPRINT1("LsaQueryInformationPolicy() failed (Status: 0x%08lx)\n", Status);
799  goto done;
800  }
801 
802  Status = SamConnect(NULL,
803  &ServerHandle,
804  SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
805  NULL);
806  if (!NT_SUCCESS(Status))
807  {
808  DPRINT1("SamConnect() failed (Status: 0x%08lx)\n", Status);
809  goto done;
810  }
811 
812  Status = SamOpenDomain(ServerHandle,
813  DOMAIN_READ_PASSWORD_PARAMETERS | DOMAIN_WRITE_PASSWORD_PARAMS,
814  OrigInfo->DomainSid,
815  &DomainHandle);
816  if (!NT_SUCCESS(Status))
817  {
818  DPRINT1("SamOpenDomain() failed (Status: 0x%08lx)\n", Status);
819  goto done;
820  }
821 
822  Status = SamQueryInformationDomain(DomainHandle,
823  DomainPasswordInformation,
824  (PVOID*)&PasswordInfo);
825  if (!NT_SUCCESS(Status))
826  {
827  DPRINT1("SamQueryInformationDomain() failed (Status %08lx)\n", Status);
828  goto done;
829  }
830 
831  DPRINT("MaximumPasswordAge (OldValue) : 0x%I64x\n", PasswordInfo->MaxPasswordAge.QuadPart);
832  if (SetupFindFirstLineW(hSecurityInf,
833  pszSectionName,
834  L"MaximumPasswordAge",
835  &InfContext))
836  {
837  if (SetupGetIntField(&InfContext, 1, &nValue))
838  {
839  DPRINT("Value: %ld\n", nValue);
840  if (nValue == -1)
841  {
842  PasswordInfo->MaxPasswordAge.QuadPart = 0x8000000000000000;
843  }
844  else if ((nValue >= 1) && (nValue < 1000))
845  {
846  PasswordInfo->MaxPasswordAge.QuadPart = (LONGLONG)nValue * TICKS_PER_DAY;
847  }
848  DPRINT("MaximumPasswordAge (NewValue) : 0x%I64x\n", PasswordInfo->MaxPasswordAge.QuadPart);
849  }
850  }
851 
852  DPRINT("MinimumPasswordAge (OldValue) : 0x%I64x\n", PasswordInfo->MinPasswordAge.QuadPart);
853  if (SetupFindFirstLineW(hSecurityInf,
854  pszSectionName,
855  L"MinimumPasswordAge",
856  &InfContext))
857  {
858  if (SetupGetIntField(&InfContext, 1, &nValue))
859  {
860  DPRINT("Wert: %ld\n", nValue);
861  if ((nValue >= 0) && (nValue < 1000))
862  {
863  if (PasswordInfo->MaxPasswordAge.QuadPart < (LONGLONG)nValue * TICKS_PER_DAY)
864  PasswordInfo->MinPasswordAge.QuadPart = (LONGLONG)nValue * TICKS_PER_DAY;
865  }
866  DPRINT("MinimumPasswordAge (NewValue) : 0x%I64x\n", PasswordInfo->MinPasswordAge.QuadPart);
867  }
868  }
869 
870  DPRINT("MinimumPasswordLength (OldValue) : %lu\n", PasswordInfo->MinPasswordLength);
871  if (SetupFindFirstLineW(hSecurityInf,
872  pszSectionName,
873  L"MinimumPasswordLength",
874  &InfContext))
875  {
876  if (SetupGetIntField(&InfContext, 1, &nValue))
877  {
878  DPRINT("Value: %ld\n", nValue);
879  if ((nValue >= 0) && (nValue <= 65535))
880  {
881  PasswordInfo->MinPasswordLength = nValue;
882  }
883  DPRINT("MinimumPasswordLength (NewValue) : %lu\n", PasswordInfo->MinPasswordLength);
884  }
885  }
886 
887  DPRINT("PasswordHistoryLength (OldValue) : %lu\n", PasswordInfo->PasswordHistoryLength);
888  if (SetupFindFirstLineW(hSecurityInf,
889  pszSectionName,
890  L"PasswordHistorySize",
891  &InfContext))
892  {
893  if (SetupGetIntField(&InfContext, 1, &nValue))
894  {
895  DPRINT("Value: %ld\n", nValue);
896  if ((nValue >= 0) && (nValue <= 65535))
897  {
898  PasswordInfo->PasswordHistoryLength = nValue;
899  }
900  DPRINT("PasswordHistoryLength (NewValue) : %lu\n", PasswordInfo->PasswordHistoryLength);
901  }
902  }
903 
904  if (SetupFindFirstLineW(hSecurityInf,
905  pszSectionName,
906  L"PasswordComplexity",
907  &InfContext))
908  {
909  if (SetupGetIntField(&InfContext, 1, &nValue))
910  {
911  if (nValue == 0)
912  {
913  PasswordInfo->PasswordProperties &= ~DOMAIN_PASSWORD_COMPLEX;
914  }
915  else
916  {
917  PasswordInfo->PasswordProperties |= DOMAIN_PASSWORD_COMPLEX;
918  }
919  }
920  }
921 
922  if (SetupFindFirstLineW(hSecurityInf,
923  pszSectionName,
924  L"ClearTextPassword",
925  &InfContext))
926  {
927  if (SetupGetIntField(&InfContext, 1, &nValue))
928  {
929  if (nValue == 0)
930  {
931  PasswordInfo->PasswordProperties &= ~DOMAIN_PASSWORD_STORE_CLEARTEXT;
932  }
933  else
934  {
935  PasswordInfo->PasswordProperties |= DOMAIN_PASSWORD_STORE_CLEARTEXT;
936  }
937  }
938  }
939 
940  /* Windows ignores the RequireLogonToChangePassword option */
941 
942  Status = SamSetInformationDomain(DomainHandle,
943  DomainPasswordInformation,
944  PasswordInfo);
945  if (!NT_SUCCESS(Status))
946  {
947  DPRINT1("SamSetInformationDomain() failed (Status %08lx)\n", Status);
948  goto done;
949  }
950 
951 done:
952  if (PasswordInfo != NULL)
953  SamFreeMemory(PasswordInfo);
954 
955  if (DomainHandle != NULL)
956  SamCloseHandle(DomainHandle);
957 
958  if (ServerHandle != NULL)
959  SamCloseHandle(ServerHandle);
960 
961  if (OrigInfo != NULL)
962  LsaFreeMemory(OrigInfo);
963 
964  if (PolicyHandle != NULL)
965  LsaClose(PolicyHandle);
966 }
967 
968 
969 static
970 VOID
971 ApplyLockoutSettings(
972  _In_ HINF hSecurityInf,
973  _In_ PWSTR pszSectionName)
974 {
975  INFCONTEXT InfContext;
976  PDOMAIN_LOCKOUT_INFORMATION LockoutInfo = NULL;
977  PPOLICY_ACCOUNT_DOMAIN_INFO OrigInfo = NULL;
978  LSA_OBJECT_ATTRIBUTES ObjectAttributes;
979  LSA_HANDLE PolicyHandle = NULL;
980  SAM_HANDLE ServerHandle = NULL;
981  SAM_HANDLE DomainHandle = NULL;
982  INT nValue;
983  NTSTATUS Status;
984 
985  DPRINT("ApplyLockoutSettings()\n");
986 
987  memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
988  ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
989 
990  Status = LsaOpenPolicy(NULL,
991  &ObjectAttributes,
992  POLICY_VIEW_LOCAL_INFORMATION | POLICY_TRUST_ADMIN,
993  &PolicyHandle);
994  if (Status != STATUS_SUCCESS)
995  {
996  DPRINT1("LsaOpenPolicy() failed (Status: 0x%08lx)\n", Status);
997  return;
998  }
999 
1000  Status = LsaQueryInformationPolicy(PolicyHandle,
1001  PolicyAccountDomainInformation,
1002  (PVOID *)&OrigInfo);
1003  if (!NT_SUCCESS(Status))
1004  {
1005  DPRINT1("LsaQueryInformationPolicy() failed (Status: 0x%08lx)\n", Status);
1006  goto done;
1007  }
1008 
1009  Status = SamConnect(NULL,
1010  &ServerHandle,
1011  SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
1012  NULL);
1013  if (!NT_SUCCESS(Status))
1014  {
1015  DPRINT1("SamConnect() failed (Status: 0x%08lx)\n", Status);
1016  goto done;
1017  }
1018 
1019  Status = SamOpenDomain(ServerHandle,
1020  DOMAIN_READ_PASSWORD_PARAMETERS | DOMAIN_WRITE_PASSWORD_PARAMS,
1021  OrigInfo->DomainSid,
1022  &DomainHandle);
1023  if (!NT_SUCCESS(Status))
1024  {
1025  DPRINT1("SamOpenDomain() failed (Status: 0x%08lx)\n", Status);
1026  goto done;
1027  }
1028 
1029  Status = SamQueryInformationDomain(DomainHandle,
1030  DomainLockoutInformation,
1031  (PVOID*)&LockoutInfo);
1032  if (!NT_SUCCESS(Status))
1033  {
1034  DPRINT1("SamQueryInformationDomain() failed (Status %08lx)\n", Status);
1035  goto done;
1036  }
1037 
1038  if (SetupFindFirstLineW(hSecurityInf,
1039  pszSectionName,
1040  L"LockoutBadCount",
1041  &InfContext))
1042  {
1043  if (SetupGetIntField(&InfContext, 1, &nValue))
1044  {
1045  if (nValue >= 0)
1046  {
1047  LockoutInfo->LockoutThreshold = nValue;
1048  }
1049  }
1050  }
1051 
1052  if (SetupFindFirstLineW(hSecurityInf,
1053  pszSectionName,
1054  L"ResetLockoutCount",
1055  &InfContext))
1056  {
1057  if (SetupGetIntField(&InfContext, 1, &nValue))
1058  {
1059  if (nValue >= 0)
1060  {
1061  LockoutInfo->LockoutObservationWindow.QuadPart = (LONGLONG)nValue * TICKS_PER_MINUTE;
1062  }
1063  }
1064  }
1065 
1066  if (SetupFindFirstLineW(hSecurityInf,
1067  pszSectionName,
1068  L"LockoutDuration",
1069  &InfContext))
1070  {
1071  if (SetupGetIntField(&InfContext, 1, &nValue))
1072  {
1073  if (nValue == -1)
1074  {
1075  LockoutInfo->LockoutDuration.QuadPart = 0x8000000000000000LL;
1076  }
1077  else if ((nValue >= 0) && (nValue < 100000))
1078  {
1079  LockoutInfo->LockoutDuration.QuadPart = (LONGLONG)nValue * TICKS_PER_MINUTE;
1080  }
1081  }
1082  }
1083 
1084  Status = SamSetInformationDomain(DomainHandle,
1085  DomainLockoutInformation,
1086  LockoutInfo);
1087  if (!NT_SUCCESS(Status))
1088  {
1089  DPRINT1("SamSetInformationDomain() failed (Status %08lx)\n", Status);
1090  goto done;
1091  }
1092 
1093 done:
1094  if (LockoutInfo != NULL)
1095  SamFreeMemory(LockoutInfo);
1096 
1097  if (DomainHandle != NULL)
1098  SamCloseHandle(DomainHandle);
1099 
1100  if (ServerHandle != NULL)
1101  SamCloseHandle(ServerHandle);
1102 
1103  if (OrigInfo != NULL)
1104  LsaFreeMemory(OrigInfo);
1105 
1106  if (PolicyHandle != NULL)
1107  LsaClose(PolicyHandle);
1108 }
1109 
1110 
1111 static
1112 VOID
1113 SetLsaAnonymousNameLookup(
1114  _In_ HINF hSecurityInf,
1115  _In_ PWSTR pszSectionName)
1116 {
1117 #if 0
1118  INFCONTEXT InfContext;
1119  INT nValue = 0;
1120 
1121  DPRINT1("SetLsaAnonymousNameLookup()\n");
1122 
1123  if (!SetupFindFirstLineW(hSecurityInf,
1124  pszSectionName,
1125  L"LSAAnonymousNameLookup",
1126  &InfContext))
1127  {
1128  return;
1129  }
1130 
1131  if (!SetupGetIntField(&InfContext, 1, &nValue))
1132  {
1133  return;
1134  }
1135 
1136  if (nValue == 0)
1137  {
1138  }
1139  else
1140  {
1141  }
1142 #endif
1143 }
1144 
1145 
1146 static
1147 VOID
1148 EnableAccount(
1149  _In_ HINF hSecurityInf,
1150  _In_ PWSTR pszSectionName,
1151  _In_ PWSTR pszValueName,
1152  _In_ SAM_HANDLE DomainHandle,
1153  _In_ DWORD dwAccountRid)
1154 {
1155  INFCONTEXT InfContext;
1156  SAM_HANDLE UserHandle = NULL;
1157  PUSER_CONTROL_INFORMATION ControlInfo = NULL;
1158  INT nValue = 0;
1159  NTSTATUS Status;
1160 
1161  DPRINT("EnableAccount()\n");
1162 
1163  if (!SetupFindFirstLineW(hSecurityInf,
1164  pszSectionName,
1165  pszValueName,
1166  &InfContext))
1167  return;
1168 
1169  if (!SetupGetIntField(&InfContext, 1, &nValue))
1170  {
1171  DPRINT1("No valid integer value\n");
1172  goto done;
1173  }
1174 
1175  DPRINT("Value: %d\n", nValue);
1176 
1177  Status = SamOpenUser(DomainHandle,
1178  USER_READ_ACCOUNT | USER_WRITE_ACCOUNT,
1179  dwAccountRid,
1180  &UserHandle);
1181  if (!NT_SUCCESS(Status))
1182  {
1183  DPRINT1("SamOpenUser() failed (Status: 0x%08lx)\n", Status);
1184  goto done;
1185  }
1186 
1187  Status = SamQueryInformationUser(UserHandle,
1188  UserControlInformation,
1189  (PVOID*)&ControlInfo);
1190  if (!NT_SUCCESS(Status))
1191  {
1192  DPRINT1("SamQueryInformationUser() failed (Status: 0x%08lx)\n", Status);
1193  goto done;
1194  }
1195 
1196  if (nValue == 0)
1197  {
1198  ControlInfo->UserAccountControl |= USER_ACCOUNT_DISABLED;
1199  }
1200  else
1201  {
1202  ControlInfo->UserAccountControl &= ~USER_ACCOUNT_DISABLED;
1203  }
1204 
1205  Status = SamSetInformationUser(UserHandle,
1206  UserControlInformation,
1207  ControlInfo);
1208  if (!NT_SUCCESS(Status))
1209  {
1210  DPRINT1("SamSetInformationUser() failed (Status: 0x%08lx)\n", Status);
1211  }
1212 
1213 done:
1214  if (ControlInfo != NULL)
1215  SamFreeMemory(ControlInfo);
1216 
1217  if (UserHandle != NULL)
1218  SamCloseHandle(UserHandle);
1219 }
1220 
1221 
1222 static
1223 VOID
1224 SetNewAccountName(
1225  _In_ HINF hSecurityInf,
1226  _In_ PWSTR pszSectionName,
1227  _In_ PWSTR pszValueName,
1228  _In_ SAM_HANDLE DomainHandle,
1229  _In_ DWORD dwAccountRid)
1230 {
1231  INFCONTEXT InfContext;
1232  DWORD dwLength = 0;
1233  PWSTR pszName = NULL;
1234  SAM_HANDLE UserHandle = NULL;
1235  USER_NAME_INFORMATION NameInfo;
1236  NTSTATUS Status;
1237 
1238  DPRINT("SetNewAccountName()\n");
1239 
1240  if (!SetupFindFirstLineW(hSecurityInf,
1241  pszSectionName,
1242  pszValueName,
1243  &InfContext))
1244  return;
1245 
1246  SetupGetStringFieldW(&InfContext,
1247  1,
1248  NULL,
1249  0,
1250  &dwLength);
1251  if (dwLength == 0)
1252  return;
1253 
1254  pszName = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength * sizeof(WCHAR));
1255  if (pszName == NULL)
1256  {
1257  DPRINT1("HeapAlloc() failed\n");
1258  return;
1259  }
1260 
1261  if (!SetupGetStringFieldW(&InfContext,
1262  1,
1263  pszName,
1264  dwLength,
1265  &dwLength))
1266  {
1267  DPRINT1("No valid string value\n");
1268  goto done;
1269  }
1270 
1271  DPRINT("NewAccountName: '%S'\n", pszName);
1272 
1273  Status = SamOpenUser(DomainHandle,
1274  USER_WRITE_ACCOUNT,
1275  dwAccountRid,
1276  &UserHandle);
1277  if (!NT_SUCCESS(Status))
1278  {
1279  DPRINT1("SamOpenUser() failed (Status: 0x%08lx)\n", Status);
1280  goto done;
1281  }
1282 
1283  NameInfo.UserName.Length = wcslen(pszName) * sizeof(WCHAR);
1284  NameInfo.UserName.MaximumLength = NameInfo.UserName.Length + sizeof(WCHAR);
1285  NameInfo.UserName.Buffer = pszName;
1286  NameInfo.FullName.Length = 0;
1287  NameInfo.FullName.MaximumLength = 0;
1288  NameInfo.FullName.Buffer = NULL;
1289 
1290  Status = SamSetInformationUser(UserHandle,
1291  UserNameInformation,
1292  &NameInfo);
1293  if (!NT_SUCCESS(Status))
1294  {
1295  DPRINT1("SamSetInformationUser() failed (Status: 0x%08lx)\n", Status);
1296  }
1297 
1298 done:
1299  if (UserHandle != NULL)
1300  SamCloseHandle(UserHandle);
1301 
1302  if (pszName != NULL)
1303  HeapFree(GetProcessHeap(), 0, pszName);
1304 }
1305 
1306 
1307 static
1308 VOID
1309 ApplyAccountSettings(
1310  _In_ HINF hSecurityInf,
1311  _In_ PWSTR pszSectionName)
1312 {
1313  PPOLICY_ACCOUNT_DOMAIN_INFO OrigInfo = NULL;
1314  LSA_OBJECT_ATTRIBUTES ObjectAttributes;
1315  LSA_HANDLE PolicyHandle = NULL;
1316  SAM_HANDLE ServerHandle = NULL;
1317  SAM_HANDLE DomainHandle = NULL;
1318  NTSTATUS Status;
1319 
1320  DPRINT("ApplyAccountSettings()\n");
1321 
1322  memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
1323  ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
1324 
1325  Status = LsaOpenPolicy(NULL,
1326  &ObjectAttributes,
1327  POLICY_VIEW_LOCAL_INFORMATION | POLICY_TRUST_ADMIN,
1328  &PolicyHandle);
1329  if (Status != STATUS_SUCCESS)
1330  {
1331  DPRINT1("LsaOpenPolicy() failed (Status: 0x%08lx)\n", Status);
1332  return;
1333  }
1334 
1335  Status = LsaQueryInformationPolicy(PolicyHandle,
1336  PolicyAccountDomainInformation,
1337  (PVOID *)&OrigInfo);
1338  if (!NT_SUCCESS(Status))
1339  {
1340  DPRINT1("LsaQueryInformationPolicy() failed (Status: 0x%08lx)\n", Status);
1341  goto done;
1342  }
1343 
1344  Status = SamConnect(NULL,
1345  &ServerHandle,
1346  SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
1347  NULL);
1348  if (!NT_SUCCESS(Status))
1349  {
1350  DPRINT1("SamConnect() failed (Status: 0x%08lx)\n", Status);
1351  goto done;
1352  }
1353 
1354  Status = SamOpenDomain(ServerHandle,
1355  DOMAIN_LOOKUP,
1356  OrigInfo->DomainSid,
1357  &DomainHandle);
1358  if (!NT_SUCCESS(Status))
1359  {
1360  DPRINT1("SamOpenDomain() failed (Status: 0x%08lx)\n", Status);
1361  goto done;
1362  }
1363 
1364  SetLsaAnonymousNameLookup(hSecurityInf,
1365  pszSectionName);
1366 
1367  EnableAccount(hSecurityInf,
1368  pszSectionName,
1369  L"EnableAdminAccount",
1370  DomainHandle,
1371  DOMAIN_USER_RID_ADMIN);
1372 
1373  EnableAccount(hSecurityInf,
1374  pszSectionName,
1375  L"EnableGuestAccount",
1376  DomainHandle,
1377  DOMAIN_USER_RID_GUEST);
1378 
1379  SetNewAccountName(hSecurityInf,
1380  pszSectionName,
1381  L"NewAdministratorName",
1382  DomainHandle,
1383  DOMAIN_USER_RID_ADMIN);
1384 
1385  SetNewAccountName(hSecurityInf,
1386  pszSectionName,
1387  L"NewGuestName",
1388  DomainHandle,
1389  DOMAIN_USER_RID_GUEST);
1390 
1391 done:
1392  if (DomainHandle != NULL)
1393  SamCloseHandle(DomainHandle);
1394 
1395  if (ServerHandle != NULL)
1396  SamCloseHandle(ServerHandle);
1397 
1398  if (OrigInfo != NULL)
1399  LsaFreeMemory(OrigInfo);
1400 
1401  if (PolicyHandle != NULL)
1402  LsaClose(PolicyHandle);
1403 }
1404 
1405 
1406 static
1407 VOID
1408 ApplyAuditEvents(
1409  _In_ HINF hSecurityInf)
1410 {
1411  LSA_OBJECT_ATTRIBUTES ObjectAttributes;
1412  INFCONTEXT InfContext;
1413  WCHAR szOptionName[256];
1414  INT nValue;
1415  LSA_HANDLE PolicyHandle = NULL;
1416  POLICY_AUDIT_EVENTS_INFO AuditInfo;
1417  PULONG AuditOptions = NULL;
1418  NTSTATUS Status;
1419 
1420  DPRINT("ApplyAuditEvents(%p)\n", hSecurityInf);
1421 
1422  if (!SetupFindFirstLineW(hSecurityInf,
1423  L"Event Audit",
1424  NULL,
1425  &InfContext))
1426  {
1427  DPRINT1("SetupFindFirstLineW failed\n");
1428  return;
1429  }
1430 
1431  ZeroMemory(&ObjectAttributes, sizeof(LSA_OBJECT_ATTRIBUTES));
1432 
1433  Status = LsaOpenPolicy(NULL,
1434  &ObjectAttributes,
1435  POLICY_SET_AUDIT_REQUIREMENTS,
1436  &PolicyHandle);
1437  if (!NT_SUCCESS(Status))
1438  {
1439  DPRINT1("LsaOpenPolicy failed (Status %08lx)\n", Status);
1440  return;
1441  }
1442 
1443  AuditOptions = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,
1444  (AuditCategoryAccountLogon + 1) * sizeof(ULONG));
1445  if (AuditOptions == NULL)
1446  {
1447  DPRINT1("Failed to allocate the auditiing options array!\n");
1448  goto done;
1449  }
1450 
1451  AuditInfo.AuditingMode = TRUE;
1452  AuditInfo.EventAuditingOptions = AuditOptions;
1453  AuditInfo.MaximumAuditEventCount = AuditCategoryAccountLogon + 1;
1454 
1455  do
1456  {
1457  /* Retrieve the group name */
1458  if (!SetupGetStringFieldW(&InfContext,
1459  0,
1460  szOptionName,
1461  ARRAYSIZE(szOptionName),
1462  NULL))
1463  {
1464  DPRINT1("SetupGetStringFieldW() failed\n");
1465  continue;
1466  }
1467 
1468  DPRINT("Option: '%S'\n", szOptionName);
1469 
1470  if (!SetupGetIntField(&InfContext,
1471  1,
1472  &nValue))
1473  {
1474  DPRINT1("SetupGetStringFieldW() failed\n");
1475  continue;
1476  }
1477 
1478  DPRINT("Value: %d\n", nValue);
1479 
1480  if ((nValue < POLICY_AUDIT_EVENT_UNCHANGED) || (nValue > POLICY_AUDIT_EVENT_NONE))
1481  {
1482  DPRINT1("Invalid audit option!\n");
1483  continue;
1484  }
1485 
1486  if (_wcsicmp(szOptionName, L"AuditSystemEvents") == 0)
1487  {
1488  AuditOptions[AuditCategorySystem] = (ULONG)nValue;
1489  }
1490  else if (_wcsicmp(szOptionName, L"AuditLogonEvents") == 0)
1491  {
1492  AuditOptions[AuditCategoryLogon] = (ULONG)nValue;
1493  }
1494  else if (_wcsicmp(szOptionName, L"AuditObjectAccess") == 0)
1495  {
1496  AuditOptions[AuditCategoryObjectAccess] = (ULONG)nValue;
1497  }
1498  else if (_wcsicmp(szOptionName, L"AuditPrivilegeUse") == 0)
1499  {
1500  AuditOptions[AuditCategoryPrivilegeUse] = (ULONG)nValue;
1501  }
1502  else if (_wcsicmp(szOptionName, L"AuditProcessTracking") == 0)
1503  {
1504  AuditOptions[AuditCategoryDetailedTracking] = (ULONG)nValue;
1505  }
1506  else if (_wcsicmp(szOptionName, L"AuditPolicyChange") == 0)
1507  {
1508  AuditOptions[AuditCategoryPolicyChange] = (ULONG)nValue;
1509  }
1510  else if (_wcsicmp(szOptionName, L"AuditAccountManage") == 0)
1511  {
1512  AuditOptions[AuditCategoryAccountManagement] = (ULONG)nValue;
1513  }
1514  else if (_wcsicmp(szOptionName, L"AuditDSAccess") == 0)
1515  {
1516  AuditOptions[AuditCategoryDirectoryServiceAccess] = (ULONG)nValue;
1517  }
1518  else if (_wcsicmp(szOptionName, L"AuditAccountLogon") == 0)
1519  {
1520  AuditOptions[AuditCategoryAccountLogon] = (ULONG)nValue;
1521  }
1522  else
1523  {
1524  DPRINT1("Invalid auditing option '%S'\n", szOptionName);
1525  }
1526  }
1527  while (SetupFindNextLine(&InfContext, &InfContext));
1528 
1529  Status = LsaSetInformationPolicy(PolicyHandle,
1530  PolicyAuditEventsInformation,
1531  (PVOID)&AuditInfo);
1532  if (Status != STATUS_SUCCESS)
1533  {
1534  DPRINT1("LsaSetInformationPolicy() failed (Status 0x%08lx)\n", Status);
1535  }
1536 
1537 done:
1538  if (AuditOptions != NULL)
1539  HeapFree(GetProcessHeap(), 0, AuditOptions);
1540 
1541  if (PolicyHandle != NULL)
1542  LsaClose(PolicyHandle);
1543 }
1544 
1545 
1546 VOID
1547 InstallSecurity(VOID)
1548 {
1549  HINF hSecurityInf;
1550  PWSTR pszSecurityInf;
1551 
1552 // if (IsServer())
1553 // pszSecurityInf = L"defltsv.inf";
1554 // else
1555  pszSecurityInf = L"defltwk.inf";
1556 
1557  InstallBuiltinAccounts();
1558 
1559  hSecurityInf = SetupOpenInfFileW(pszSecurityInf,
1560  NULL,
1561  INF_STYLE_WIN4,
1562  NULL);
1563  if (hSecurityInf != INVALID_HANDLE_VALUE)
1564  {
1565  InstallPrivileges(hSecurityInf);
1566  ApplyRegistryValues(hSecurityInf);
1567 
1568  ApplyEventlogSettings(hSecurityInf, L"Application Log", L"Application");
1569  ApplyEventlogSettings(hSecurityInf, L"Security Log", L"Security");
1570  ApplyEventlogSettings(hSecurityInf, L"System Log", L"System");
1571 
1572  ApplyPasswordSettings(hSecurityInf, L"System Access");
1573  ApplyLockoutSettings(hSecurityInf, L"System Access");
1574  ApplyAccountSettings(hSecurityInf, L"System Access");
1575 
1576  ApplyAuditEvents(hSecurityInf);
1577 
1578  SetupCloseInfFile(hSecurityInf);
1579  }
1580 
1581  /* Hack */
1582  SetPrimaryDomain(L"WORKGROUP", NULL);
1583 }
1584 
1585 
1586 NTSTATUS
1587 SetAdministratorPassword(LPCWSTR Password)
1588 {
1589  PPOLICY_ACCOUNT_DOMAIN_INFO OrigInfo = NULL;
1590  PUSER_ACCOUNT_NAME_INFORMATION AccountNameInfo = NULL;
1591  USER_SET_PASSWORD_INFORMATION PasswordInfo;
1592  LSA_OBJECT_ATTRIBUTES ObjectAttributes;
1593  LSA_HANDLE PolicyHandle = NULL;
1594  SAM_HANDLE ServerHandle = NULL;
1595  SAM_HANDLE DomainHandle = NULL;
1596  SAM_HANDLE UserHandle = NULL;
1597  NTSTATUS Status;
1598 
1599  DPRINT("SYSSETUP: SetAdministratorPassword(%p)\n", Password);
1600 
1601  memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
1602  ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
1603 
1604  Status = LsaOpenPolicy(NULL,
1605  &ObjectAttributes,
1606  POLICY_VIEW_LOCAL_INFORMATION | POLICY_TRUST_ADMIN,
1607  &PolicyHandle);
1608  if (Status != STATUS_SUCCESS)
1609  {
1610  DPRINT1("LsaOpenPolicy() failed (Status: 0x%08lx)\n", Status);
1611  return Status;
1612  }
1613 
1614  Status = LsaQueryInformationPolicy(PolicyHandle,
1615  PolicyAccountDomainInformation,
1616  (PVOID *)&OrigInfo);
1617  if (!NT_SUCCESS(Status))
1618  {
1619  DPRINT1("LsaQueryInformationPolicy() failed (Status: 0x%08lx)\n", Status);
1620  goto done;
1621  }
1622 
1623  Status = SamConnect(NULL,
1624  &ServerHandle,
1625  SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
1626  NULL);
1627  if (!NT_SUCCESS(Status))
1628  {
1629  DPRINT1("SamConnect() failed (Status: 0x%08lx)\n", Status);
1630  goto done;
1631  }
1632 
1633  Status = SamOpenDomain(ServerHandle,
1634  DOMAIN_LOOKUP,
1635  OrigInfo->DomainSid,
1636  &DomainHandle);
1637  if (!NT_SUCCESS(Status))
1638  {
1639  DPRINT1("SamOpenDomain() failed (Status: 0x%08lx)\n", Status);
1640  goto done;
1641  }
1642 
1643  Status = SamOpenUser(DomainHandle,
1644  USER_FORCE_PASSWORD_CHANGE | USER_READ_GENERAL,
1645  DOMAIN_USER_RID_ADMIN,
1646  &UserHandle);
1647  if (!NT_SUCCESS(Status))
1648  {
1649  DPRINT1("SamOpenUser() failed (Status %08lx)\n", Status);
1650  goto done;
1651  }
1652 
1653  RtlInitUnicodeString(&PasswordInfo.Password, Password);
1654  PasswordInfo.PasswordExpired = FALSE;
1655 
1656  Status = SamSetInformationUser(UserHandle,
1657  UserSetPasswordInformation,
1658  &PasswordInfo);
1659  if (!NT_SUCCESS(Status))
1660  {
1661  DPRINT1("SamSetInformationUser() failed (Status %08lx)\n", Status);
1662  goto done;
1663  }
1664 
1665  Status = SamQueryInformationUser(UserHandle,
1666  UserAccountNameInformation,
1667  (PVOID*)&AccountNameInfo);
1668  if (!NT_SUCCESS(Status))
1669  {
1670  DPRINT1("SamQueryInformationUser() failed (Status 0x%08lx)\n", Status);
1671  goto done;
1672  }
1673 
1674  AdminInfo.Name = RtlAllocateHeap(RtlGetProcessHeap(),
1675  HEAP_ZERO_MEMORY,
1676  AccountNameInfo->UserName.Length + sizeof(WCHAR));
1677  if (AdminInfo.Name != NULL)
1678  RtlCopyMemory(AdminInfo.Name,
1679  AccountNameInfo->UserName.Buffer,
1680  AccountNameInfo->UserName.Length);
1681 
1682  AdminInfo.Domain = RtlAllocateHeap(RtlGetProcessHeap(),
1683  HEAP_ZERO_MEMORY,
1684  OrigInfo->DomainName.Length + sizeof(WCHAR));
1685  if (AdminInfo.Domain != NULL)
1686  RtlCopyMemory(AdminInfo.Domain,
1687  OrigInfo->DomainName.Buffer,
1688  OrigInfo->DomainName.Length);
1689 
1690  AdminInfo.Password = RtlAllocateHeap(RtlGetProcessHeap(),
1691  0,
1692  (wcslen(Password) + 1) * sizeof(WCHAR));
1693  if (AdminInfo.Password != NULL)
1694  wcscpy(AdminInfo.Password, Password);
1695 
1696  DPRINT("Administrator Name: %S\n", AdminInfo.Name);
1697  DPRINT("Administrator Domain: %S\n", AdminInfo.Domain);
1698  DPRINT("Administrator Password: %S\n", AdminInfo.Password);
1699 
1700 done:
1701  if (AccountNameInfo != NULL)
1702  SamFreeMemory(AccountNameInfo);
1703 
1704  if (OrigInfo != NULL)
1705  LsaFreeMemory(OrigInfo);
1706 
1707  if (PolicyHandle != NULL)
1708  LsaClose(PolicyHandle);
1709 
1710  if (UserHandle != NULL)
1711  SamCloseHandle(UserHandle);
1712 
1713  if (DomainHandle != NULL)
1714  SamCloseHandle(DomainHandle);
1715 
1716  if (ServerHandle != NULL)
1717  SamCloseHandle(ServerHandle);
1718 
1719  DPRINT1("SYSSETUP: SetAdministratorPassword() done (Status %08lx)\n", Status);
1720 
1721  return Status;
1722 }
1723 
1724 
1725 VOID
1726 SetAutoAdminLogon(VOID)
1727 {
1728  WCHAR szAutoAdminLogon[2];
1729  HKEY hKey = NULL;
1730  DWORD dwType;
1731  DWORD dwSize;
1732  LONG lError;
1733 
1734  lError = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
1735  L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon",
1736  0,
1737  KEY_READ | KEY_WRITE,
1738  &hKey);
1739  if (lError != ERROR_SUCCESS)
1740  return;
1741 
1742  dwSize = 2 * sizeof(WCHAR);
1743  lError = RegQueryValueExW(hKey,
1744  L"AutoAdminLogon",
1745  NULL,
1746  &dwType,
1747  (LPBYTE)szAutoAdminLogon,
1748  &dwSize);
1749  if (lError != ERROR_SUCCESS)
1750  goto done;
1751 
1752  if (wcscmp(szAutoAdminLogon, L"1") == 0)
1753  {
1754  RegSetValueExW(hKey,
1755  L"DefaultDomainName",
1756  0,
1757  REG_SZ,
1758  (LPBYTE)AdminInfo.Domain,
1759  (wcslen(AdminInfo.Domain) + 1) * sizeof(WCHAR));
1760 
1761  RegSetValueExW(hKey,
1762  L"DefaultUserName",
1763  0,
1764  REG_SZ,
1765  (LPBYTE)AdminInfo.Name,
1766  (wcslen(AdminInfo.Name) + 1) * sizeof(WCHAR));
1767 
1768  RegSetValueExW(hKey,
1769  L"DefaultPassword",
1770  0,
1771  REG_SZ,
1772  (LPBYTE)AdminInfo.Password,
1773  (wcslen(AdminInfo.Password) + 1) * sizeof(WCHAR));
1774  }
1775 
1776 done:
1777  if (hKey != NULL)
1778  RegCloseKey(hKey);
1779 }
1780 
1781 
1782 /* EOF */
1783 
DWORD
static DWORD
Definition: security.c:70
SamCloseHandle
NTSTATUS NTAPI SamCloseHandle(IN SAM_HANDLE SamHandle)
Definition: samlib.c:476
ApplyAuditEvents
static VOID ApplyAuditEvents(_In_ HINF hSecurityInf)
Definition: security.c:1408
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
SetupFindFirstLineW
BOOL WINAPI SetupFindFirstLineW(IN HINF InfHandle, IN PCWSTR Section, IN PCWSTR Key, IN OUT PINFCONTEXT Context)
Definition: infsupp.c:54
SAM_SERVER_CONNECT
#define SAM_SERVER_CONNECT
Definition: ntsam.h:99
InstallPrivileges
static VOID InstallPrivileges(HINF hSecurityInf)
Definition: security.c:277
LL
#define LL
Definition: tui.h:84
ULONG
static ULONG
Definition: security.c:118
SetAutoAdminLogon
VOID SetAutoAdminLogon(VOID)
Definition: security.c:1726
INF_STYLE_WIN4
#define INF_STYLE_WIN4
Definition: infsupp.h:41
_POLICY_AUDIT_EVENTS_INFO::EventAuditingOptions
PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions
Definition: ntsecapi.h:562
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
_USER_ACCOUNT_NAME_INFORMATION
Definition: ntsam.h:593
_SID
Definition: ms-dtyp.idl:198
LsaQueryInformationPolicy
NTSTATUS WINAPI LsaQueryInformationPolicy(IN LSA_HANDLE PolicyHandle, IN POLICY_INFORMATION_CLASS InformationClass, OUT PVOID *Buffer)
Definition: lsa.c:1471
LPCWSTR
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
REG_BINARY
#define REG_BINARY
Definition: nt_native.h:1496
_POLICY_ACCOUNT_DOMAIN_INFO
Definition: ntsecapi.h:565
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
TRUE
#define TRUE
Definition: types.h:120
_LSA_REFERENCED_DOMAIN_LIST
Definition: ntsecapi.h:406
POLICY_VIEW_LOCAL_INFORMATION
#define POLICY_VIEW_LOCAL_INFORMATION
Definition: ntsecapi.h:61
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56
DOMAIN_WRITE_PASSWORD_PARAMS
#define DOMAIN_WRITE_PASSWORD_PARAMS
Definition: ntsam.h:34
ConvertStringSidToSid
#define ConvertStringSidToSid
Definition: sddl.h:161
InstallBuiltinAccounts
static VOID InstallBuiltinAccounts(VOID)
Definition: security.c:217
_INFCONTEXT
Definition: infsupp.h:22
AdminInfo
ADMIN_INFO AdminInfo
Definition: install.c:38
SamOpenDomain
NTSTATUS NTAPI SamOpenDomain(IN SAM_HANDLE ServerHandle, IN ACCESS_MASK DesiredAccess, IN PSID DomainId, OUT PSAM_HANDLE DomainHandle)
Definition: samlib.c:1441
SetupGetMultiSzField
#define SetupGetMultiSzField
Definition: setupapi.h:2630
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
INT
#define INT
Definition: polytest.cpp:20
EnableAccount
static VOID EnableAccount(_In_ HINF hSecurityInf, _In_ PWSTR pszSectionName, _In_ PWSTR pszValueName, _In_ SAM_HANDLE DomainHandle, _In_ DWORD dwAccountRid)
Definition: security.c:1148
LsaClose
NTSTATUS WINAPI LsaClose(IN LSA_HANDLE ObjectHandle)
Definition: lsa.c:192
_USER_NAME_INFORMATION
Definition: ntsam.h:587
ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
ApplyPasswordSettings
static VOID ApplyPasswordSettings(_In_ HINF hSecurityInf, _In_ PWSTR pszSectionName)
Definition: security.c:764
INVALID_HANDLE_VALUE
#define INVALID_HANDLE_VALUE
Definition: compat.h:590
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1044
ZeroMemory
#define ZeroMemory
Definition: winbase.h:1664
SamQueryInformationDomain
NTSTATUS NTAPI SamQueryInformationDomain(IN SAM_HANDLE DomainHandle, IN DOMAIN_INFORMATION_CLASS DomainInformationClass, OUT PVOID *Buffer)
Definition: samlib.c:1641
SetupOpenInfFileW
HINF WINAPI SetupOpenInfFileW(PCWSTR name, PCWSTR class, DWORD style, UINT *error)
Definition: parser.c:1229
LsaSetInformationPolicy
NTSTATUS WINAPI LsaSetInformationPolicy(IN LSA_HANDLE PolicyHandle, IN POLICY_INFORMATION_CLASS InformationClass, IN PVOID Buffer)
Definition: lsa.c:1946
INT
int32_t INT
Definition: typedefs.h:58
_ADMIN_INFO::Name
LPWSTR Name
Definition: globals.h:23
_LSA_OBJECT_ATTRIBUTES
Definition: ntsecapi.h:177
SetupCloseInfFile
VOID WINAPI SetupCloseInfFile(IN HINF InfHandle)
Definition: infsupp.c:43
RegCreateKeyExW
LONG WINAPI RegCreateKeyExW(_In_ HKEY hKey, _In_ LPCWSTR lpSubKey, _In_ DWORD Reserved, _In_opt_ LPWSTR lpClass, _In_ DWORD dwOptions, _In_ REGSAM samDesired, _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes, _Out_ PHKEY phkResult, _Out_opt_ LPDWORD lpdwDisposition)
Definition: reg.c:1091
USER_ACCOUNT_DISABLED
#define USER_ACCOUNT_DISABLED
Definition: ntsam.h:167
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
Info
_Must_inspect_result_ _In_ WDFCHILDLIST _In_ PWDF_CHILD_LIST_ITERATOR _Out_ WDFDEVICE _Inout_opt_ PWDF_CHILD_RETRIEVE_INFO Info
Definition: wdfchildlist.h:683
LsaOpenPolicy
NTSTATUS WINAPI LsaOpenPolicy(IN PLSA_UNICODE_STRING SystemName OPTIONAL, IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes, IN ACCESS_MASK DesiredAccess, OUT PLSA_HANDLE PolicyHandle)
Definition: lsa.c:1181
TICKS_PER_MINUTE
#define TICKS_PER_MINUTE
Definition: security.c:22
DOMAIN_PASSWORD_COMPLEX
#define DOMAIN_PASSWORD_COMPLEX
Definition: ntsam.h:254
RegCloseKey
LONG WINAPI RegCloseKey(HKEY hKey)
Definition: reg.c:423
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:53
USER_READ_GENERAL
#define USER_READ_GENERAL
Definition: ntsam.h:126
FALSE
#define FALSE
Definition: types.h:117
UNICODE_NULL
#define UNICODE_NULL
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
_LSA_UNICODE_STRING
Definition: ntsecapi.h:162
LONG
long LONG
Definition: pedump.c:60
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
SetupGetBinaryField
BOOL WINAPI SetupGetBinaryField(IN PINFCONTEXT Context, IN ULONG FieldIndex, OUT PUCHAR ReturnBuffer, IN ULONG ReturnBufferSize, OUT PULONG RequiredSize)
Definition: infsupp.c:126
_DOMAIN_NAME_INFORMATION
Definition: ntsam.h:379
DOMAIN_USER_RID_ADMIN
#define DOMAIN_USER_RID_ADMIN
Definition: setypes.h:603
REG_MULTI_SZ
#define REG_MULTI_SZ
Definition: nt_native.h:1501
_POLICY_AUDIT_EVENTS_INFO::AuditingMode
BOOLEAN AuditingMode
Definition: ntsecapi.h:561
USER_FORCE_PASSWORD_CHANGE
#define USER_FORCE_PASSWORD_CHANGE
Definition: ntsam.h:133
SetAdministratorPassword
NTSTATUS SetAdministratorPassword(LPCWSTR Password)
Definition: security.c:1587
_USER_SET_PASSWORD_INFORMATION::Password
UNICODE_STRING Password
Definition: ntsam.h:636
pBuffer
PVOID pBuffer
Definition: rdesktop-core-tester.cpp:188
SAM_SERVER_LOOKUP_DOMAIN
#define SAM_SERVER_LOOKUP_DOMAIN
Definition: ntsam.h:104
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
POLICY_SET_AUDIT_REQUIREMENTS
#define POLICY_SET_AUDIT_REQUIREMENTS
Definition: ntsecapi.h:69
LsaFreeMemory
NTSTATUS WINAPI LsaFreeMemory(IN PVOID Buffer)
Definition: lsa.c:699
SamSetInformationUser
NTSTATUS NTAPI SamSetInformationUser(IN SAM_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, IN PVOID Buffer)
Definition: samlib.c:1964
_USER_NAME_INFORMATION::UserName
UNICODE_STRING UserName
Definition: ntsam.h:589
_DOMAIN_NAME_INFORMATION::DomainName
UNICODE_STRING DomainName
Definition: ntsam.h:381
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
POLICY_LOOKUP_NAMES
#define POLICY_LOOKUP_NAMES
Definition: ntsecapi.h:72
Status
Status
Definition: gdiplustypes.h:24
REG_OPTION_NON_VOLATILE
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057
KEY_WRITE
#define KEY_WRITE
Definition: nt_native.h:1031
RegSetValueExW
LONG WINAPI RegSetValueExW(_In_ HKEY hKey, _In_ LPCWSTR lpValueName, _In_ DWORD Reserved, _In_ DWORD dwType, _In_ CONST BYTE *lpData, _In_ DWORD cbData)
Definition: reg.c:4895
LONGLONG
int64_t LONGLONG
Definition: typedefs.h:68
DOMAIN_USER_RID_GUEST
#define DOMAIN_USER_RID_GUEST
Definition: setypes.h:604
PINT
int * PINT
Definition: windef.h:177
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:595
HeapAlloc
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
wcschr
_CONST_RETURN wchar_t *__cdecl wcschr(_In_z_ const wchar_t *_Str, wchar_t _Ch)
SamSetInformationDomain
NTSTATUS NTAPI SamSetInformationDomain(IN SAM_HANDLE DomainHandle, IN DOMAIN_INFORMATION_CLASS DomainInformationClass, IN PVOID Buffer)
Definition: samlib.c:1910
RegQueryValueExW
LONG WINAPI RegQueryValueExW(_In_ HKEY hkeyorg, _In_ LPCWSTR name, _In_ LPDWORD reserved, _In_ LPDWORD type, _In_ LPBYTE data, _In_ LPDWORD count)
Definition: reg.c:4116
POLICY_AUDIT_EVENT_NONE
#define POLICY_AUDIT_EVENT_NONE
Definition: ntsecapi.h:81
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
dwLength
static DWORD DWORD * dwLength
Definition: fusion.c:85
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
USER_READ_ACCOUNT
#define USER_READ_ACCOUNT
Definition: ntsam.h:130
POLICY_TRUST_ADMIN
#define POLICY_TRUST_ADMIN
Definition: ntsecapi.h:64
LsaCreateAccount
NTSTATUS WINAPI LsaCreateAccount(IN LSA_HANDLE PolicyHandle, IN PSID AccountSid, IN ACCESS_MASK DesiredAccess, OUT PLSA_HANDLE AccountHandle)
Definition: lsa.c:217
MAX_PATH
#define MAX_PATH
Definition: compat.h:34
DOMAIN_READ_PASSWORD_PARAMETERS
#define DOMAIN_READ_PASSWORD_PARAMETERS
Definition: ntsam.h:33
WINAPI
#define WINAPI
Definition: msvc.h:6
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
DOMAIN_WRITE_OTHER_PARAMETERS
#define DOMAIN_WRITE_OTHER_PARAMETERS
Definition: ntsam.h:36
_USER_SET_PASSWORD_INFORMATION::PasswordExpired
BOOLEAN PasswordExpired
Definition: ntsam.h:637
SetupGetStringField
#define SetupGetStringField
Definition: setupapi.h:2634
SetupGetFieldCount
ULONG WINAPI SetupGetFieldCount(IN PINFCONTEXT Context)
Definition: infsupp.c:91
wcscpy
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
_POLICY_PRIMARY_DOMAIN_INFO
Definition: ntsecapi.h:569
L
static const WCHAR L[]
Definition: oid.c:1250
SamFreeMemory
NTSTATUS NTAPI SamFreeMemory(IN PVOID Buffer)
Definition: samlib.c:947
_LSA_TRANSLATED_SID2
Definition: ntsecapi.h:415
_DOMAIN_PASSWORD_INFORMATION
Definition: ntsam.h:342
SetLsaAnonymousNameLookup
static VOID SetLsaAnonymousNameLookup(_In_ HINF hSecurityInf, _In_ PWSTR pszSectionName)
Definition: security.c:1113
wcsrchr
#define wcsrchr
Definition: compat.h:16
_USER_CONTROL_INFORMATION
Definition: ntsam.h:640
_ADMIN_INFO::Password
LPWSTR Password
Definition: globals.h:25
_USER_SET_PASSWORD_INFORMATION
Definition: ntsam.h:634
LSA_OBJECT_ATTRIBUTES
struct _LSA_OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES
_DOMAIN_LOCKOUT_INFORMATION
Definition: ntsam.h:420
_POLICY_AUDIT_EVENTS_INFO::MaximumAuditEventCount
ULONG MaximumAuditEventCount
Definition: ntsecapi.h:563
_In_
#define _In_
Definition: no_sal2.h:158
USER_WRITE_ACCOUNT
#define USER_WRITE_ACCOUNT
Definition: ntsam.h:131
LsaAddAccountRights
NTSTATUS WINAPI LsaAddAccountRights(IN LSA_HANDLE PolicyHandle, IN PSID AccountSid, IN PLSA_UNICODE_STRING UserRights, IN ULONG CountOfRights)
Definition: lsa.c:103
wcscmp
_Check_return_ _CRTIMP int __cdecl wcscmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
wcsncpy
_CRTIMP wchar_t *__cdecl wcsncpy(wchar_t *_Dest, const wchar_t *_Source, size_t _Count)
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
POLICY_AUDIT_EVENT_UNCHANGED
#define POLICY_AUDIT_EVENT_UNCHANGED
Definition: ntsecapi.h:78
ApplyLockoutSettings
static VOID ApplyLockoutSettings(_In_ HINF hSecurityInf, _In_ PWSTR pszSectionName)
Definition: security.c:971
hKey
FxAutoRegKey hKey
Definition: fxdriverapikm.cpp:59
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
REG_EXPAND_SZ
#define REG_EXPAND_SZ
Definition: nt_native.h:1494
ApplyRegistryValues
static VOID ApplyRegistryValues(HINF hSecurityInf)
Definition: security.c:421
InstallSecurity
VOID InstallSecurity(VOID)
Definition: security.c:1547
PULONG
unsigned int * PULONG
Definition: retypes.h:1
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
SetupFindNextLine
BOOL WINAPI SetupFindNextLine(IN PINFCONTEXT ContextIn, OUT PINFCONTEXT ContextOut)
Definition: infsupp.c:80
wcslen
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
SetNewAccountName
static VOID SetNewAccountName(_In_ HINF hSecurityInf, _In_ PWSTR pszSectionName, _In_ PWSTR pszValueName, _In_ SAM_HANDLE DomainHandle, _In_ DWORD dwAccountRid)
Definition: security.c:1224
ApplyAccountSettings
static VOID ApplyAccountSettings(_In_ HINF hSecurityInf, _In_ PWSTR pszSectionName)
Definition: security.c:1309
SetPrimaryDomain
static NTSTATUS SetPrimaryDomain(LPCWSTR DomainName, PSID DomainSid)
Definition: security.c:143
DPRINT1
#define DPRINT1
Definition: precomp.h:8
_ADMIN_INFO::Domain
LPWSTR Domain
Definition: globals.h:24
_POLICY_AUDIT_EVENTS_INFO
Definition: ntsecapi.h:560
SetupGetIntField
BOOL WINAPI SetupGetIntField(IN PINFCONTEXT Context, IN ULONG FieldIndex, OUT INT *IntegerValue)
Definition: infsupp.c:146
DOMAIN_PASSWORD_STORE_CLEARTEXT
#define DOMAIN_PASSWORD_STORE_CLEARTEXT
Definition: ntsam.h:258
ULONG
unsigned int ULONG
Definition: retypes.h:1
LsaLookupNames2
NTSTATUS WINAPI LsaLookupNames2(IN LSA_HANDLE PolicyHandle, IN ULONG Flags, IN ULONG Count, IN PLSA_UNICODE_STRING Names, OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, OUT PLSA_TRANSLATED_SID2 *Sids)
Definition: lsa.c:904
DOMAIN_LOOKUP
#define DOMAIN_LOOKUP
Definition: ntsam.h:42
RegOpenKeyExW
LONG WINAPI RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
Definition: reg.c:3366
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_USER_NAME_INFORMATION::FullName
UNICODE_STRING FullName
Definition: ntsam.h:590
DPRINT
#define DPRINT
Definition: sndvol32.h:71
ApplyEventlogSettings
static VOID ApplyEventlogSettings(_In_ HINF hSecurityInf, _In_ PWSTR pszSectionName, _In_ PWSTR pszLogName)
Definition: security.c:620
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
SamQueryInformationUser
NTSTATUS NTAPI SamQueryInformationUser(IN SAM_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, OUT PVOID *Buffer)
Definition: samlib.c:1695
TICKS_PER_DAY
#define TICKS_PER_DAY
Definition: security.c:21
POLICY_CREATE_ACCOUNT
#define POLICY_CREATE_ACCOUNT
Definition: ntsecapi.h:65
memset
#define memset(x, y, z)
Definition: compat.h:39
REG_DWORD
#define REG_DWORD
Definition: sdbapi.c:596
SamConnect
NTSTATUS NTAPI SamConnect(IN OUT PUNICODE_STRING ServerName OPTIONAL, OUT PSAM_HANDLE ServerHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: samlib.c:498
SetAccountsDomainSid
NTSTATUS WINAPI SetAccountsDomainSid(PSID DomainSid, LPCWSTR DomainName)
Definition: security.c:28
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:594
dwSize
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:54
RegSetValueEx
#define RegSetValueEx
Definition: winreg.h:533
_wcsicmp
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
HKEY_LOCAL_MACHINE
#define HKEY_LOCAL_MACHINE
Definition: winreg.h:12
SamOpenUser
NTSTATUS NTAPI SamOpenUser(IN SAM_HANDLE DomainHandle, IN ACCESS_MASK DesiredAccess, IN ULONG UserId, OUT PSAM_HANDLE UserHandle)
Definition: samlib.c:1499
REG_SZ
#define REG_SZ
Definition: layer.c:22
SetupGetStringFieldW
BOOL WINAPI SetupGetStringFieldW(IN PINFCONTEXT Context, IN ULONG FieldIndex, OUT PWSTR ReturnBuffer, IN ULONG ReturnBufferSize, OUT PULONG RequiredSize)
Definition: infsupp.c:184