ReactOS  0.4.15-dev-5463-g138eb58
sam.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  _LSA_SAM_PWD_DATA
 

Typedefs

typedef enum _LSA_SAM_NETLOGON_TYPE LSA_SAM_NETLOGON_TYPE
 
typedef struct _LSA_SAM_PWD_DATA LSA_SAM_PWD_DATA
 
typedef struct _LSA_SAM_PWD_DATAPLSA_SAM_PWD_DATA
 

Enumerations

enum  _LSA_SAM_NETLOGON_TYPE { NetLogonAnonymous = 0, NetLogonLmKey, NetLogonNtKey }
 

Functions

NTSTATUS SamValidateUser (_In_ SECURITY_LOGON_TYPE LogonType, _In_ PUNICODE_STRING LogonUserName, _In_ PUNICODE_STRING LogonDomain, _In_ PLSA_SAM_PWD_DATA LogonPwdData, _In_ PUNICODE_STRING ComputerName, _Out_ PBOOL SpecialAccount, _Out_ PRPC_SID *AccountDomainSidPtr, _Out_ SAMPR_HANDLE *UserHandlePtr, _Out_ PSAMPR_USER_INFO_BUFFER *UserInfoPtr, _Out_ PNTSTATUS SubStatus)
 Validates a user by checking if it exists in the sam database. Some other checks are done further. More...
 

Typedef Documentation

◆ LSA_SAM_NETLOGON_TYPE

◆ LSA_SAM_PWD_DATA

◆ PLSA_SAM_PWD_DATA

Enumeration Type Documentation

◆ _LSA_SAM_NETLOGON_TYPE

Enumerator
NetLogonAnonymous 
NetLogonLmKey 
NetLogonNtKey 

Definition at line 10 of file sam.h.

11 {
enum _LSA_SAM_NETLOGON_TYPE LSA_SAM_NETLOGON_TYPE

Function Documentation

◆ SamValidateUser()

NTSTATUS SamValidateUser ( _In_ SECURITY_LOGON_TYPE  LogonType,
_In_ PUNICODE_STRING  LogonUserName,
_In_ PUNICODE_STRING  LogonDomain,
_In_ PLSA_SAM_PWD_DATA  LogonPwdData,
_In_ PUNICODE_STRING  ComputerName,
_Out_ PBOOL  SpecialAccount,
_Out_ PRPC_SID AccountDomainSidPtr,
_Out_ SAMPR_HANDLE UserHandlePtr,
_Out_ PSAMPR_USER_INFO_BUFFER UserInfoPtr,
_Out_ PNTSTATUS  SubStatus 
)

Validates a user by checking if it exists in the sam database. Some other checks are done further.

Definition at line 460 of file sam.c.

471 {
472  static const UNICODE_STRING NtAuthorityU = RTL_CONSTANT_STRING(L"NT AUTHORITY");
473  static const UNICODE_STRING LocalServiceU = RTL_CONSTANT_STRING(L"LocalService");
474  static const UNICODE_STRING NetworkServiceU = RTL_CONSTANT_STRING(L"NetworkService");
475 
477 
478  *SpecialAccount = FALSE;
479  *UserInfoPtr = NULL;
481 
482  /* Check for special accounts */
483  // FIXME: Windows does not do this that way!! (msv1_0 does not contain these hardcoded values)
484  if (RtlEqualUnicodeString(LogonDomain, &NtAuthorityU, TRUE))
485  {
486  *SpecialAccount = TRUE;
487 
488  /* Get the authority domain SID */
489  Status = GetNtAuthorityDomainSid(AccountDomainSidPtr);
490  if (!NT_SUCCESS(Status))
491  {
492  ERR("GetNtAuthorityDomainSid() failed (Status 0x%08lx)\n", Status);
493  return Status;
494  }
495 
496  if (RtlEqualUnicodeString(LogonUserName, &LocalServiceU, TRUE))
497  {
498  TRACE("SpecialAccount: LocalService\n");
499 
500  if (LogonType != Service)
501  return STATUS_LOGON_FAILURE;
502 
503  *UserInfoPtr = RtlAllocateHeap(RtlGetProcessHeap(),
506  if (*UserInfoPtr == NULL)
508 
509  (*UserInfoPtr)->All.UserId = SECURITY_LOCAL_SERVICE_RID;
510  (*UserInfoPtr)->All.PrimaryGroupId = SECURITY_LOCAL_SERVICE_RID;
511  }
512  else if (RtlEqualUnicodeString(LogonUserName, &NetworkServiceU, TRUE))
513  {
514  TRACE("SpecialAccount: NetworkService\n");
515 
516  if (LogonType != Service)
517  return STATUS_LOGON_FAILURE;
518 
519  *UserInfoPtr = RtlAllocateHeap(RtlGetProcessHeap(),
522  if (*UserInfoPtr == NULL)
524 
525  (*UserInfoPtr)->All.UserId = SECURITY_NETWORK_SERVICE_RID;
526  (*UserInfoPtr)->All.PrimaryGroupId = SECURITY_NETWORK_SERVICE_RID;
527  }
528  else
529  {
530  return STATUS_NO_SUCH_USER;
531  }
532  }
533  else
534  {
535  TRACE("NormalAccount\n");
536  Status = SamValidateNormalUser(LogonUserName,
537  LogonPwdData,
538  ComputerName,
539  AccountDomainSidPtr,
540  UserHandlePtr,
541  UserInfoPtr,
542  SubStatus);
543  if (!NT_SUCCESS(Status))
544  {
545  ERR("SamValidateNormalUser() failed (Status 0x%08lx)\n", Status);
546  return Status;
547  }
548  }
549 
550  return Status;
551 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
#define L(x)
Definition: ntvdm.h:50
#define FALSE
Definition: types.h:117
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
static NTSTATUS SamValidateNormalUser(_In_ PUNICODE_STRING UserName, _In_ PLSA_SAM_PWD_DATA PwdData, _In_ PUNICODE_STRING ComputerName, _Out_ PRPC_SID *AccountDomainSidPtr, _Out_ SAMPR_HANDLE *UserHandlePtr, _Out_ PSAMPR_USER_INFO_BUFFER *UserInfoPtr, _Out_ PNTSTATUS SubStatus)
Definition: sam.c:243
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:575
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
#define STATUS_NO_SUCH_USER
Definition: ntstatus.h:336
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:576
#define ERR(fmt,...)
Definition: debug.h:110
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
static NTSTATUS GetNtAuthorityDomainSid(_In_ PRPC_SID *Sid)
Definition: sam.c:439
#define STATUS_SUCCESS
Definition: shellext.h:65
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)
#define STATUS_LOGON_FAILURE
Definition: ntstatus.h:345
#define RTL_CONSTANT_STRING(s)
Definition: tunneltest.c:14

Referenced by LsaApLogonUserEx2(), and LsaApLogonUserEx2_Network().