ReactOS  0.4.13-dev-242-g611e6d7
msv1_0.c
Go to the documentation of this file.
1 /*
2  * PROJECT: Authentication Package DLL
3  * LICENSE: GPL - See COPYING in the top level directory
4  * FILE: dll/win32/msv1_0/msv1_0.c
5  * PURPOSE: Main file
6  * COPYRIGHT: Copyright 2013 Eric Kohl
7  */
8 
9 /* INCLUDES ****************************************************************/
10 
11 #include "msv1_0.h"
12 
13 WINE_DEFAULT_DEBUG_CHANNEL(msv1_0);
14 
15 
16 /* GLOBALS *****************************************************************/
17 
18 LSA_DISPATCH_TABLE DispatchTable;
19 
20 
21 /* FUNCTIONS ***************************************************************/
22 
23 static
24 NTSTATUS
25 GetAccountDomainSid(PRPC_SID *Sid)
26 {
27  LSAPR_HANDLE PolicyHandle = NULL;
28  PLSAPR_POLICY_INFORMATION PolicyInfo = NULL;
29  ULONG Length = 0;
30  NTSTATUS Status;
31 
32  Status = LsaIOpenPolicyTrusted(&PolicyHandle);
33  if (!NT_SUCCESS(Status))
34  {
35  TRACE("LsaIOpenPolicyTrusted() failed (Status 0x%08lx)\n", Status);
36  return Status;
37  }
38 
39  Status = LsarQueryInformationPolicy(PolicyHandle,
40  PolicyAccountDomainInformation,
41  &PolicyInfo);
42  if (!NT_SUCCESS(Status))
43  {
44  TRACE("LsarQueryInformationPolicy() failed (Status 0x%08lx)\n", Status);
45  goto done;
46  }
47 
48  Length = RtlLengthSid(PolicyInfo->PolicyAccountDomainInfo.Sid);
49 
50  *Sid = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
51  if (*Sid == NULL)
52  {
53  ERR("Failed to allocate SID\n");
54  Status = STATUS_INSUFFICIENT_RESOURCES;
55  goto done;
56  }
57 
58  memcpy(*Sid, PolicyInfo->PolicyAccountDomainInfo.Sid, Length);
59 
60 done:
61  if (PolicyInfo != NULL)
62  LsaIFree_LSAPR_POLICY_INFORMATION(PolicyAccountDomainInformation,
63  PolicyInfo);
64 
65  if (PolicyHandle != NULL)
66  LsarClose(&PolicyHandle);
67 
68  return Status;
69 }
70 
71 
72 static
73 NTSTATUS
74 GetNtAuthorityDomainSid(PRPC_SID *Sid)
75 {
76  SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
77  ULONG Length = 0;
78 
79  Length = RtlLengthRequiredSid(0);
80  *Sid = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
81  if (*Sid == NULL)
82  {
83  ERR("Failed to allocate SID\n");
84  return STATUS_INSUFFICIENT_RESOURCES;
85  }
86 
87  RtlInitializeSid(*Sid,&NtAuthority, 0);
88 
89  return STATUS_SUCCESS;
90 }
91 
92 
93 static
94 NTSTATUS
95 BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest,
96  IN PSAMPR_USER_INFO_BUFFER UserInfo,
97  IN PWSTR ComputerName,
98  OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer,
99  OUT PULONG ProfileBufferLength)
100 {
101  PMSV1_0_INTERACTIVE_PROFILE LocalBuffer = NULL;
102  PVOID ClientBaseAddress = NULL;
103  LPWSTR Ptr;
104  ULONG BufferLength;
105  NTSTATUS Status = STATUS_SUCCESS;
106 
107  *ProfileBuffer = NULL;
108  *ProfileBufferLength = 0;
109 
110  BufferLength = sizeof(MSV1_0_INTERACTIVE_PROFILE) +
111  UserInfo->All.FullName.Length + sizeof(WCHAR) +
112  UserInfo->All.HomeDirectory.Length + sizeof(WCHAR) +
113  UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR) +
114  UserInfo->All.ScriptPath.Length + sizeof(WCHAR) +
115  UserInfo->All.ProfilePath.Length + sizeof(WCHAR) +
116  ((wcslen(ComputerName) + 3) * sizeof(WCHAR));
117 
118  LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
119  if (LocalBuffer == NULL)
120  {
121  TRACE("Failed to allocate the local buffer!\n");
122  Status = STATUS_INSUFFICIENT_RESOURCES;
123  goto done;
124  }
125 
126  Status = DispatchTable.AllocateClientBuffer(ClientRequest,
127  BufferLength,
128  &ClientBaseAddress);
129  if (!NT_SUCCESS(Status))
130  {
131  TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
132  goto done;
133  }
134 
135  TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
136 
137  Ptr = (LPWSTR)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_INTERACTIVE_PROFILE));
138 
139  LocalBuffer->MessageType = MsV1_0InteractiveProfile;
140  LocalBuffer->LogonCount = UserInfo->All.LogonCount;
141  LocalBuffer->BadPasswordCount = UserInfo->All.BadPasswordCount;
142 
143  LocalBuffer->LogonTime.LowPart = UserInfo->All.LastLogon.LowPart;
144  LocalBuffer->LogonTime.HighPart = UserInfo->All.LastLogon.HighPart;
145 
146  LocalBuffer->LogoffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
147  LocalBuffer->LogoffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
148 
149  LocalBuffer->KickOffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
150  LocalBuffer->KickOffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
151 
152  LocalBuffer->PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
153  LocalBuffer->PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;
154 
155  LocalBuffer->PasswordCanChange.LowPart = UserInfo->All.PasswordCanChange.LowPart;
156  LocalBuffer->PasswordCanChange.HighPart = UserInfo->All.PasswordCanChange.HighPart;
157 
158  LocalBuffer->PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
159  LocalBuffer->PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;
160 
161  LocalBuffer->LogonScript.Length = UserInfo->All.ScriptPath.Length;
162  LocalBuffer->LogonScript.MaximumLength = UserInfo->All.ScriptPath.Length + sizeof(WCHAR);
163  LocalBuffer->LogonScript.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
164  memcpy(Ptr,
165  UserInfo->All.ScriptPath.Buffer,
166  UserInfo->All.ScriptPath.Length);
167 
168  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->LogonScript.MaximumLength);
169 
170  LocalBuffer->HomeDirectory.Length = UserInfo->All.HomeDirectory.Length;
171  LocalBuffer->HomeDirectory.MaximumLength = UserInfo->All.HomeDirectory.Length + sizeof(WCHAR);
172  LocalBuffer->HomeDirectory.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
173  memcpy(Ptr,
174  UserInfo->All.HomeDirectory.Buffer,
175  UserInfo->All.HomeDirectory.Length);
176 
177  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectory.MaximumLength);
178 
179  LocalBuffer->FullName.Length = UserInfo->All.FullName.Length;
180  LocalBuffer->FullName.MaximumLength = UserInfo->All.FullName.Length + sizeof(WCHAR);
181  LocalBuffer->FullName.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
182  memcpy(Ptr,
183  UserInfo->All.FullName.Buffer,
184  UserInfo->All.FullName.Length);
185  TRACE("FullName.Buffer: %p\n", LocalBuffer->FullName.Buffer);
186 
187  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->FullName.MaximumLength);
188 
189  LocalBuffer->ProfilePath.Length = UserInfo->All.ProfilePath.Length;
190  LocalBuffer->ProfilePath.MaximumLength = UserInfo->All.ProfilePath.Length + sizeof(WCHAR);
191  LocalBuffer->ProfilePath.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
192  memcpy(Ptr,
193  UserInfo->All.ProfilePath.Buffer,
194  UserInfo->All.ProfilePath.Length);
195 
196  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->ProfilePath.MaximumLength);
197 
198  LocalBuffer->HomeDirectoryDrive.Length = UserInfo->All.HomeDirectoryDrive.Length;
199  LocalBuffer->HomeDirectoryDrive.MaximumLength = UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR);
200  LocalBuffer->HomeDirectoryDrive.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
201  memcpy(Ptr,
202  UserInfo->All.HomeDirectoryDrive.Buffer,
203  UserInfo->All.HomeDirectoryDrive.Length);
204 
205  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectoryDrive.MaximumLength);
206 
207  LocalBuffer->LogonServer.Length = (wcslen(ComputerName) + 2) * sizeof(WCHAR);
208  LocalBuffer->LogonServer.MaximumLength = LocalBuffer->LogonServer.Length + sizeof(WCHAR);
209  LocalBuffer->LogonServer.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
210  wcscpy(Ptr, L"\\");
211  wcscat(Ptr, ComputerName);
212 
213  LocalBuffer->UserFlags = 0;
214 
215  Status = DispatchTable.CopyToClientBuffer(ClientRequest,
216  BufferLength,
217  ClientBaseAddress,
218  LocalBuffer);
219  if (!NT_SUCCESS(Status))
220  {
221  TRACE("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
222  goto done;
223  }
224 
225  *ProfileBuffer = (PMSV1_0_INTERACTIVE_PROFILE)ClientBaseAddress;
226  *ProfileBufferLength = BufferLength;
227 
228 done:
229  if (LocalBuffer != NULL)
230  DispatchTable.FreeLsaHeap(LocalBuffer);
231 
232  if (!NT_SUCCESS(Status))
233  {
234  if (ClientBaseAddress != NULL)
235  DispatchTable.FreeClientBuffer(ClientRequest,
236  ClientBaseAddress);
237  }
238 
239  return Status;
240 }
241 
242 
243 static
244 PSID
245 AppendRidToSid(PSID SrcSid,
246  ULONG Rid)
247 {
248  PSID DstSid = NULL;
249  UCHAR RidCount;
250 
251  RidCount = *RtlSubAuthorityCountSid(SrcSid);
252  if (RidCount >= 8)
253  return NULL;
254 
255  DstSid = DispatchTable.AllocateLsaHeap(RtlLengthRequiredSid(RidCount + 1));
256  if (DstSid == NULL)
257  return NULL;
258 
259  RtlCopyMemory(DstSid,
260  SrcSid,
261  RtlLengthRequiredSid(RidCount));
262 
263  *RtlSubAuthorityCountSid(DstSid) = RidCount + 1;
264  *RtlSubAuthoritySid(DstSid, RidCount) = Rid;
265 
266  return DstSid;
267 }
268 
269 
270 static
271 NTSTATUS
272 BuildTokenUser(OUT PTOKEN_USER User,
273  IN PSID AccountDomainSid,
274  IN ULONG RelativeId)
275 {
276  User->User.Sid = AppendRidToSid(AccountDomainSid,
277  RelativeId);
278  if (User->User.Sid == NULL)
279  {
280  ERR("Could not create the user SID\n");
281  return STATUS_INSUFFICIENT_RESOURCES;
282  }
283 
284  User->User.Attributes = 0;
285 
286  return STATUS_SUCCESS;
287 }
288 
289 
290 static
291 NTSTATUS
292 BuildTokenPrimaryGroup(OUT PTOKEN_PRIMARY_GROUP PrimaryGroup,
293  IN PSID AccountDomainSid,
294  IN ULONG RelativeId)
295 {
296  PrimaryGroup->PrimaryGroup = AppendRidToSid(AccountDomainSid,
297  RelativeId);
298  if (PrimaryGroup->PrimaryGroup == NULL)
299  {
300  ERR("Could not create the primary group SID\n");
301  return STATUS_INSUFFICIENT_RESOURCES;
302  }
303 
304  return STATUS_SUCCESS;
305 }
306 
307 
308 static
309 NTSTATUS
310 BuildTokenGroups(OUT PTOKEN_GROUPS *Groups,
311  IN PSID AccountDomainSid,
312  IN ULONG RelativeId,
313  IN BOOL SpecialAccount)
314 {
315  SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
316  PTOKEN_GROUPS TokenGroups;
317  DWORD GroupCount = 0;
318  DWORD MaxGroups = 2;
319  PSID Sid;
320  NTSTATUS Status = STATUS_SUCCESS;
321 
322  if (SpecialAccount)
323  MaxGroups++;
324 
325  TokenGroups = DispatchTable.AllocateLsaHeap(sizeof(TOKEN_GROUPS) +
326  MaxGroups * sizeof(SID_AND_ATTRIBUTES));
327  if (TokenGroups == NULL)
328  {
329  return STATUS_INSUFFICIENT_RESOURCES;
330  }
331 
332  if (SpecialAccount)
333  {
334  /* Self */
335  Sid = AppendRidToSid(AccountDomainSid, RelativeId);
336  if (Sid == NULL)
337  {
338 
339  }
340 
341  TokenGroups->Groups[GroupCount].Sid = Sid;
342  TokenGroups->Groups[GroupCount].Attributes =
343  SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
344  GroupCount++;
345 
346  /* Member of 'Users' alias */
347  RtlAllocateAndInitializeSid(&SystemAuthority,
348  2,
349  SECURITY_BUILTIN_DOMAIN_RID,
350  DOMAIN_ALIAS_RID_USERS,
351  SECURITY_NULL_RID,
352  SECURITY_NULL_RID,
353  SECURITY_NULL_RID,
354  SECURITY_NULL_RID,
355  SECURITY_NULL_RID,
356  SECURITY_NULL_RID,
357  &Sid);
358  TokenGroups->Groups[GroupCount].Sid = Sid;
359  TokenGroups->Groups[GroupCount].Attributes =
360  SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
361  GroupCount++;
362  }
363  else
364  {
365  /* Member of the domains users group */
366  Sid = AppendRidToSid(AccountDomainSid, DOMAIN_GROUP_RID_USERS);
367  if (Sid == NULL)
368  {
369 
370  }
371 
372  TokenGroups->Groups[GroupCount].Sid = Sid;
373  TokenGroups->Groups[GroupCount].Attributes =
374  SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
375  GroupCount++;
376  }
377 
378  /* Member of 'Authenticated users' */
379  RtlAllocateAndInitializeSid(&SystemAuthority,
380  1,
381  SECURITY_AUTHENTICATED_USER_RID,
382  SECURITY_NULL_RID,
383  SECURITY_NULL_RID,
384  SECURITY_NULL_RID,
385  SECURITY_NULL_RID,
386  SECURITY_NULL_RID,
387  SECURITY_NULL_RID,
388  SECURITY_NULL_RID,
389  &Sid);
390  TokenGroups->Groups[GroupCount].Sid = Sid;
391  TokenGroups->Groups[GroupCount].Attributes =
392  SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
393  GroupCount++;
394 
395  TokenGroups->GroupCount = GroupCount;
396  ASSERT(TokenGroups->GroupCount <= MaxGroups);
397 
398  *Groups = TokenGroups;
399 
400  return Status;
401 }
402 
403 
404 static
405 NTSTATUS
406 BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation,
407  PRPC_SID AccountDomainSid,
408  PSAMPR_USER_INFO_BUFFER UserInfo,
409  BOOL SpecialAccount)
410 {
411  PLSA_TOKEN_INFORMATION_V1 Buffer = NULL;
412  ULONG i;
413  NTSTATUS Status = STATUS_SUCCESS;
414 
415  Buffer = DispatchTable.AllocateLsaHeap(sizeof(LSA_TOKEN_INFORMATION_V1));
416  if (Buffer == NULL)
417  {
418  WARN("Failed to allocate the local buffer!\n");
419  Status = STATUS_INSUFFICIENT_RESOURCES;
420  goto done;
421  }
422 
423  Buffer->ExpirationTime.LowPart = UserInfo->All.AccountExpires.LowPart;
424  Buffer->ExpirationTime.HighPart = UserInfo->All.AccountExpires.HighPart;
425 
426  Status = BuildTokenUser(&Buffer->User,
427  (PSID)AccountDomainSid,
428  UserInfo->All.UserId);
429  if (!NT_SUCCESS(Status))
430  {
431  WARN("BuildTokenUser() failed (Status 0x%08lx)\n", Status);
432  goto done;
433  }
434 
435  Status = BuildTokenPrimaryGroup(&Buffer->PrimaryGroup,
436  (PSID)AccountDomainSid,
437  UserInfo->All.PrimaryGroupId);
438  if (!NT_SUCCESS(Status))
439  {
440  WARN("BuildTokenPrimaryGroup() failed (Status 0x%08lx)\n", Status);
441  goto done;
442  }
443 
444  Status = BuildTokenGroups(&Buffer->Groups,
445  (PSID)AccountDomainSid,
446  UserInfo->All.UserId,
447  SpecialAccount);
448  if (!NT_SUCCESS(Status))
449  {
450  WARN("BuildTokenGroups() failed (Status 0x%08lx)\n", Status);
451  goto done;
452  }
453 
454  *TokenInformation = Buffer;
455 
456 done:
457  if (!NT_SUCCESS(Status))
458  {
459  if (Buffer != NULL)
460  {
461  if (Buffer->User.User.Sid != NULL)
462  DispatchTable.FreeLsaHeap(Buffer->User.User.Sid);
463 
464  if (Buffer->Groups != NULL)
465  {
466  for (i = 0; i < Buffer->Groups->GroupCount; i++)
467  {
468  if (Buffer->Groups->Groups[i].Sid != NULL)
469  DispatchTable.FreeLsaHeap(Buffer->Groups->Groups[i].Sid);
470  }
471 
472  DispatchTable.FreeLsaHeap(Buffer->Groups);
473  }
474 
475  if (Buffer->PrimaryGroup.PrimaryGroup != NULL)
476  DispatchTable.FreeLsaHeap(Buffer->PrimaryGroup.PrimaryGroup);
477 
478  if (Buffer->DefaultDacl.DefaultDacl != NULL)
479  DispatchTable.FreeLsaHeap(Buffer->DefaultDacl.DefaultDacl);
480 
481  DispatchTable.FreeLsaHeap(Buffer);
482  }
483  }
484 
485  return Status;
486 }
487 
488 
489 static
490 NTSTATUS
491 MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest,
492  IN PVOID ProtocolSubmitBuffer,
493  IN PVOID ClientBufferBase,
494  IN ULONG SubmitBufferLength,
495  OUT PVOID *ProtocolReturnBuffer,
496  OUT PULONG ReturnBufferLength,
497  OUT PNTSTATUS ProtocolStatus)
498 {
499  PMSV1_0_CHANGEPASSWORD_REQUEST RequestBuffer;
500  ULONG_PTR PtrOffset;
501 
502  SAMPR_HANDLE ServerHandle = NULL;
503  SAMPR_HANDLE DomainHandle = NULL;
504  SAMPR_HANDLE UserHandle = NULL;
505  PRPC_SID DomainSid = NULL;
506  RPC_UNICODE_STRING Names[1];
507  SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
508  SAMPR_ULONG_ARRAY Use = {0, NULL};
509  NTSTATUS Status;
510 
511  ENCRYPTED_NT_OWF_PASSWORD OldNtPassword;
512  ENCRYPTED_NT_OWF_PASSWORD NewNtPassword;
513  ENCRYPTED_LM_OWF_PASSWORD OldLmPassword;
514  ENCRYPTED_LM_OWF_PASSWORD NewLmPassword;
515  OEM_STRING LmPwdString;
516  CHAR LmPwdBuffer[15];
517  BOOLEAN OldLmPasswordPresent = FALSE;
518  BOOLEAN NewLmPasswordPresent = FALSE;
519 
520  ENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm;
521  ENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm;
522  ENCRYPTED_LM_OWF_PASSWORD OldNtEncryptedWithNewNt;
523  ENCRYPTED_LM_OWF_PASSWORD NewNtEncryptedWithOldNt;
524  PENCRYPTED_LM_OWF_PASSWORD pOldLmEncryptedWithNewLm = NULL;
525  PENCRYPTED_LM_OWF_PASSWORD pNewLmEncryptedWithOldLm = NULL;
526 
527  TRACE("()\n");
528 
529  RequestBuffer = (PMSV1_0_CHANGEPASSWORD_REQUEST)ProtocolSubmitBuffer;
530 
531  /* Fix-up pointers in the request buffer info */
532  PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
533 
534  RequestBuffer->DomainName.Buffer = FIXUP_POINTER(RequestBuffer->DomainName.Buffer, PtrOffset);
535  RequestBuffer->AccountName.Buffer = FIXUP_POINTER(RequestBuffer->AccountName.Buffer, PtrOffset);
536  RequestBuffer->OldPassword.Buffer = FIXUP_POINTER(RequestBuffer->OldPassword.Buffer, PtrOffset);
537  RequestBuffer->NewPassword.Buffer = FIXUP_POINTER(RequestBuffer->NewPassword.Buffer, PtrOffset);
538 
539  TRACE("Domain: %S\n", RequestBuffer->DomainName.Buffer);
540  TRACE("Account: %S\n", RequestBuffer->AccountName.Buffer);
541  TRACE("Old Password: %S\n", RequestBuffer->OldPassword.Buffer);
542  TRACE("New Password: %S\n", RequestBuffer->NewPassword.Buffer);
543 
544  /* Connect to the SAM server */
545  Status = SamIConnect(NULL,
546  &ServerHandle,
547  SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
548  TRUE);
549  if (!NT_SUCCESS(Status))
550  {
551  TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
552  goto done;
553  }
554 
555  /* Get the domain SID */
556  Status = SamrLookupDomainInSamServer(ServerHandle,
557  (PRPC_UNICODE_STRING)&RequestBuffer->DomainName,
558  &DomainSid);
559  if (!NT_SUCCESS(Status))
560  {
561  TRACE("SamrLookupDomainInSamServer failed (Status %08lx)\n", Status);
562  goto done;
563  }
564 
565  /* Open the domain */
566  Status = SamrOpenDomain(ServerHandle,
567  DOMAIN_LOOKUP,
568  DomainSid,
569  &DomainHandle);
570  if (!NT_SUCCESS(Status))
571  {
572  TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
573  goto done;
574  }
575 
576  Names[0].Length = RequestBuffer->AccountName.Length;
577  Names[0].MaximumLength = RequestBuffer->AccountName.MaximumLength;
578  Names[0].Buffer = RequestBuffer->AccountName.Buffer;
579 
580  /* Try to get the RID for the user name */
581  Status = SamrLookupNamesInDomain(DomainHandle,
582  1,
583  Names,
584  &RelativeIds,
585  &Use);
586  if (!NT_SUCCESS(Status))
587  {
588  TRACE("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
589  Status = STATUS_NO_SUCH_USER;
590  goto done;
591  }
592 
593  /* Fail, if it is not a user account */
594  if (Use.Element[0] != SidTypeUser)
595  {
596  TRACE("Account is not a user account!\n");
597  Status = STATUS_NO_SUCH_USER;
598  goto done;
599  }
600 
601  /* Open the user object */
602  Status = SamrOpenUser(DomainHandle,
603  USER_CHANGE_PASSWORD,
604  RelativeIds.Element[0],
605  &UserHandle);
606  if (!NT_SUCCESS(Status))
607  {
608  TRACE("SamrOpenUser failed (Status %08lx)\n", Status);
609  goto done;
610  }
611 
612 
613  /* Calculate the NT hash for the old password */
614  Status = SystemFunction007(&RequestBuffer->OldPassword,
615  (LPBYTE)&OldNtPassword);
616  if (!NT_SUCCESS(Status))
617  {
618  TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
619  goto done;
620  }
621 
622  /* Calculate the NT hash for the new password */
623  Status = SystemFunction007(&RequestBuffer->NewPassword,
624  (LPBYTE)&NewNtPassword);
625  if (!NT_SUCCESS(Status))
626  {
627  TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
628  goto done;
629  }
630 
631  /* Calculate the LM password and hash for the old password */
632  LmPwdString.Length = 15;
633  LmPwdString.MaximumLength = 15;
634  LmPwdString.Buffer = LmPwdBuffer;
635  ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
636 
637  Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
638  &RequestBuffer->OldPassword,
639  FALSE);
640  if (NT_SUCCESS(Status))
641  {
642  /* Calculate the LM hash value of the password */
643  Status = SystemFunction006(LmPwdString.Buffer,
644  (LPSTR)&OldLmPassword);
645  if (NT_SUCCESS(Status))
646  {
647  OldLmPasswordPresent = TRUE;
648  }
649  }
650 
651  /* Calculate the LM password and hash for the new password */
652  LmPwdString.Length = 15;
653  LmPwdString.MaximumLength = 15;
654  LmPwdString.Buffer = LmPwdBuffer;
655  ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
656 
657  Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
658  &RequestBuffer->NewPassword,
659  FALSE);
660  if (NT_SUCCESS(Status))
661  {
662  /* Calculate the LM hash value of the password */
663  Status = SystemFunction006(LmPwdString.Buffer,
664  (LPSTR)&NewLmPassword);
665  if (NT_SUCCESS(Status))
666  {
667  NewLmPasswordPresent = TRUE;
668  }
669  }
670 
671  /* Encrypt the old and new LM passwords, if they exist */
672  if (OldLmPasswordPresent && NewLmPasswordPresent)
673  {
674  /* Encrypt the old LM password */
675  Status = SystemFunction012((const BYTE *)&OldLmPassword,
676  (const BYTE *)&NewLmPassword,
677  (LPBYTE)&OldLmEncryptedWithNewLm);
678  if (!NT_SUCCESS(Status))
679  {
680  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
681  goto done;
682  }
683 
684  /* Encrypt the new LM password */
685  Status = SystemFunction012((const BYTE *)&NewLmPassword,
686  (const BYTE *)&OldLmPassword,
687  (LPBYTE)&NewLmEncryptedWithOldLm);
688  if (!NT_SUCCESS(Status))
689  {
690  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
691  goto done;
692  }
693 
694  pOldLmEncryptedWithNewLm = &OldLmEncryptedWithNewLm;
695  pNewLmEncryptedWithOldLm = &NewLmEncryptedWithOldLm;
696  }
697 
698  /* Encrypt the old NT password */
699  Status = SystemFunction012((const BYTE *)&OldNtPassword,
700  (const BYTE *)&NewNtPassword,
701  (LPBYTE)&OldNtEncryptedWithNewNt);
702  if (!NT_SUCCESS(Status))
703  {
704  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
705  goto done;
706  }
707 
708  /* Encrypt the new NT password */
709  Status = SystemFunction012((const BYTE *)&NewNtPassword,
710  (const BYTE *)&OldNtPassword,
711  (LPBYTE)&NewNtEncryptedWithOldNt);
712  if (!NT_SUCCESS(Status))
713  {
714  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
715  goto done;
716  }
717 
718  /* Change the password */
719  Status = SamrChangePasswordUser(UserHandle,
720  OldLmPasswordPresent && NewLmPasswordPresent,
721  pOldLmEncryptedWithNewLm,
722  pNewLmEncryptedWithOldLm,
723  TRUE,
724  &OldNtEncryptedWithNewNt,
725  &NewNtEncryptedWithOldNt,
726  FALSE,
727  NULL,
728  FALSE,
729  NULL);
730  if (!NT_SUCCESS(Status))
731  {
732  TRACE("SamrChangePasswordUser failed (Status %08lx)\n", Status);
733  goto done;
734  }
735 
736 done:
737  if (UserHandle != NULL)
738  SamrCloseHandle(&UserHandle);
739 
740  SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
741  SamIFree_SAMPR_ULONG_ARRAY(&Use);
742 
743  if (DomainHandle != NULL)
744  SamrCloseHandle(&DomainHandle);
745 
746  if (DomainSid != NULL)
747  SamIFreeVoid(DomainSid);
748 
749  if (ServerHandle != NULL)
750  SamrCloseHandle(&ServerHandle);
751 
752  return Status;
753 }
754 
755 
756 static
757 NTSTATUS
758 MsvpCheckPassword(PUNICODE_STRING UserPassword,
759  PSAMPR_USER_INFO_BUFFER UserInfo)
760 {
761  ENCRYPTED_NT_OWF_PASSWORD UserNtPassword;
762  ENCRYPTED_LM_OWF_PASSWORD UserLmPassword;
763  BOOLEAN UserLmPasswordPresent = FALSE;
764  BOOLEAN UserNtPasswordPresent = FALSE;
765  OEM_STRING LmPwdString;
766  CHAR LmPwdBuffer[15];
767  NTSTATUS Status;
768 
769  TRACE("(%p %p)\n", UserPassword, UserInfo);
770 
771  /* Calculate the LM password and hash for the users password */
772  LmPwdString.Length = 15;
773  LmPwdString.MaximumLength = 15;
774  LmPwdString.Buffer = LmPwdBuffer;
775  ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
776 
777  Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
778  UserPassword,
779  FALSE);
780  if (NT_SUCCESS(Status))
781  {
782  /* Calculate the LM hash value of the users password */
783  Status = SystemFunction006(LmPwdString.Buffer,
784  (LPSTR)&UserLmPassword);
785  if (NT_SUCCESS(Status))
786  {
787  UserLmPasswordPresent = TRUE;
788  }
789  }
790 
791  /* Calculate the NT hash of the users password */
792  Status = SystemFunction007(UserPassword,
793  (LPBYTE)&UserNtPassword);
794  if (NT_SUCCESS(Status))
795  {
796  UserNtPasswordPresent = TRUE;
797  }
798 
799  Status = STATUS_WRONG_PASSWORD;
800 
801  /* Succeed, if no password has been set */
802  if (UserInfo->All.NtPasswordPresent == FALSE &&
803  UserInfo->All.LmPasswordPresent == FALSE)
804  {
805  TRACE("No password check!\n");
806  Status = STATUS_SUCCESS;
807  goto done;
808  }
809 
810  /* Succeed, if NT password matches */
811  if (UserNtPasswordPresent && UserInfo->All.NtPasswordPresent)
812  {
813  TRACE("Check NT password hashes:\n");
814  if (RtlEqualMemory(&UserNtPassword,
815  UserInfo->All.NtOwfPassword.Buffer,
816  sizeof(ENCRYPTED_NT_OWF_PASSWORD)))
817  {
818  TRACE(" success!\n");
819  Status = STATUS_SUCCESS;
820  goto done;
821  }
822 
823  TRACE(" failed!\n");
824  }
825 
826  /* Succeed, if LM password matches */
827  if (UserLmPasswordPresent && UserInfo->All.LmPasswordPresent)
828  {
829  TRACE("Check LM password hashes:\n");
830  if (RtlEqualMemory(&UserLmPassword,
831  UserInfo->All.LmOwfPassword.Buffer,
832  sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
833  {
834  TRACE(" success!\n");
835  Status = STATUS_SUCCESS;
836  goto done;
837  }
838  TRACE(" failed!\n");
839  }
840 
841 done:
842  return Status;
843 }
844 
845 
846 static
847 BOOL
848 MsvpCheckLogonHours(
849  _In_ PSAMPR_LOGON_HOURS LogonHours,
850  _In_ PLARGE_INTEGER LogonTime)
851 {
852  LARGE_INTEGER LocalLogonTime;
853  TIME_FIELDS TimeFields;
854  USHORT MinutesPerUnit, Offset;
855 
856  TRACE("MsvpCheckLogonHours(%p %p)\n", LogonHours, LogonTime);
857 
858  if (LogonHours->UnitsPerWeek == 0 || LogonHours->LogonHours == NULL)
859  return TRUE;
860 
861  RtlSystemTimeToLocalTime(LogonTime, &LocalLogonTime);
862  RtlTimeToTimeFields(&LocalLogonTime, &TimeFields);
863 
864  TRACE("UnitsPerWeek: %u\n", LogonHours->UnitsPerWeek);
865  MinutesPerUnit = 10080 / LogonHours->UnitsPerWeek;
866 
867  Offset = ((TimeFields.Weekday * 24 + TimeFields.Hour) * 60 + TimeFields.Minute) / MinutesPerUnit;
868 
869  return (BOOL)(LogonHours->LogonHours[Offset / 8] & (1 << (Offset % 8)));
870 }
871 
872 
873 static
874 BOOL
875 MsvpCheckWorkstations(
876  _In_ PRPC_UNICODE_STRING WorkStations,
877  _In_ PWSTR ComputerName)
878 {
879  PWSTR pStart, pEnd;
880  BOOL bFound = FALSE;
881 
882  TRACE("MsvpCheckWorkstations(%wZ %S)\n", WorkStations, ComputerName);
883 
884  if (WorkStations->Length == 0 || WorkStations->Buffer == NULL)
885  return TRUE;
886 
887  pStart = WorkStations->Buffer;
888  for (;;)
889  {
890  pEnd = wcschr(pStart, L',');
891  if (pEnd != NULL)
892  *pEnd = UNICODE_NULL;
893 
894  if (_wcsicmp(ComputerName, pStart) == 0)
895  {
896  bFound = TRUE;
897  if (pEnd != NULL)
898  *pEnd = L',';
899  break;
900  }
901 
902  if (pEnd == NULL)
903  break;
904 
905  *pEnd = L',';
906  pStart = pEnd + 1;
907  }
908 
909  return bFound;
910 }
911 
912 
913 /*
914  * @unimplemented
915  */
916 NTSTATUS
917 NTAPI
918 LsaApCallPackage(IN PLSA_CLIENT_REQUEST ClientRequest,
919  IN PVOID ProtocolSubmitBuffer,
920  IN PVOID ClientBufferBase,
921  IN ULONG SubmitBufferLength,
922  OUT PVOID *ProtocolReturnBuffer,
923  OUT PULONG ReturnBufferLength,
924  OUT PNTSTATUS ProtocolStatus)
925 {
926  ULONG MessageType;
927  NTSTATUS Status;
928 
929  TRACE("LsaApCallPackage()\n");
930 
931  if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE))
932  return STATUS_INVALID_PARAMETER;
933 
934  MessageType = (ULONG)*((PMSV1_0_PROTOCOL_MESSAGE_TYPE)ProtocolSubmitBuffer);
935 
936  *ProtocolReturnBuffer = NULL;
937  *ReturnBufferLength = 0;
938 
939  switch (MessageType)
940  {
941  case MsV1_0Lm20ChallengeRequest:
942  case MsV1_0Lm20GetChallengeResponse:
943  case MsV1_0EnumerateUsers:
944  case MsV1_0GetUserInfo:
945  case MsV1_0ReLogonUsers:
946  Status = STATUS_NOT_IMPLEMENTED;
947  break;
948 
949  case MsV1_0ChangePassword:
950  Status = MsvpChangePassword(ClientRequest,
951  ProtocolSubmitBuffer,
952  ClientBufferBase,
953  SubmitBufferLength,
954  ProtocolReturnBuffer,
955  ReturnBufferLength,
956  ProtocolStatus);
957  break;
958 
959  case MsV1_0ChangeCachedPassword:
960  case MsV1_0GenericPassthrough:
961  case MsV1_0CacheLogon:
962  case MsV1_0SubAuth:
963  case MsV1_0DeriveCredential:
964  case MsV1_0CacheLookup:
965  Status = STATUS_NOT_IMPLEMENTED;
966  break;
967 
968  default:
969  return STATUS_INVALID_PARAMETER;
970  }
971 
972  return Status;
973 }
974 
975 
976 /*
977  * @unimplemented
978  */
979 NTSTATUS
980 NTAPI
981 LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest,
982  IN PVOID ProtocolSubmitBuffer,
983  IN PVOID ClientBufferBase,
984  IN ULONG SubmitBufferLength,
985  OUT PVOID *ProtocolReturnBuffer,
986  OUT PULONG ReturnBufferLength,
987  OUT PNTSTATUS ProtocolStatus)
988 {
989  TRACE("LsaApCallPackagePassthrough()\n");
990  return STATUS_NOT_IMPLEMENTED;
991 }
992 
993 
994 /*
995  * @unimplemented
996  */
997 NTSTATUS
998 NTAPI
999 LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest,
1000  IN PVOID ProtocolSubmitBuffer,
1001  IN PVOID ClientBufferBase,
1002  IN ULONG SubmitBufferLength,
1003  OUT PVOID *ProtocolReturnBuffer,
1004  OUT PULONG ReturnBufferLength,
1005  OUT PNTSTATUS ProtocolStatus)
1006 {
1007  TRACE("LsaApCallPackageUntrusted()\n");
1008  return STATUS_NOT_IMPLEMENTED;
1009 }
1010 
1011 
1012 /*
1013  * @implemented
1014  */
1015 NTSTATUS
1016 NTAPI
1017 LsaApInitializePackage(IN ULONG AuthenticationPackageId,
1018  IN PLSA_DISPATCH_TABLE LsaDispatchTable,
1019  IN PLSA_STRING Database OPTIONAL,
1020  IN PLSA_STRING Confidentiality OPTIONAL,
1021  OUT PLSA_STRING *AuthenticationPackageName)
1022 {
1023  PANSI_STRING NameString;
1024  PCHAR NameBuffer;
1025 
1026  TRACE("LsaApInitializePackage(%lu %p %p %p %p)\n",
1027  AuthenticationPackageId, LsaDispatchTable, Database,
1028  Confidentiality, AuthenticationPackageName);
1029 
1030  /* Get the dispatch table entries */
1031  DispatchTable.CreateLogonSession = LsaDispatchTable->CreateLogonSession;
1032  DispatchTable.DeleteLogonSession = LsaDispatchTable->DeleteLogonSession;
1033  DispatchTable.AddCredential = LsaDispatchTable->AddCredential;
1034  DispatchTable.GetCredentials = LsaDispatchTable->GetCredentials;
1035  DispatchTable.DeleteCredential = LsaDispatchTable->DeleteCredential;
1036  DispatchTable.AllocateLsaHeap = LsaDispatchTable->AllocateLsaHeap;
1037  DispatchTable.FreeLsaHeap = LsaDispatchTable->FreeLsaHeap;
1038  DispatchTable.AllocateClientBuffer = LsaDispatchTable->AllocateClientBuffer;
1039  DispatchTable.FreeClientBuffer = LsaDispatchTable->FreeClientBuffer;
1040  DispatchTable.CopyToClientBuffer = LsaDispatchTable->CopyToClientBuffer;
1041  DispatchTable.CopyFromClientBuffer = LsaDispatchTable->CopyFromClientBuffer;
1042 
1043  /* Return the package name */
1044  NameString = DispatchTable.AllocateLsaHeap(sizeof(LSA_STRING));
1045  if (NameString == NULL)
1046  return STATUS_INSUFFICIENT_RESOURCES;
1047 
1048  NameBuffer = DispatchTable.AllocateLsaHeap(sizeof(MSV1_0_PACKAGE_NAME));
1049  if (NameBuffer == NULL)
1050  {
1051  DispatchTable.FreeLsaHeap(NameString);
1052  return STATUS_INSUFFICIENT_RESOURCES;
1053  }
1054 
1055  strcpy(NameBuffer, MSV1_0_PACKAGE_NAME);
1056 
1057  RtlInitAnsiString(NameString, NameBuffer);
1058 
1059  *AuthenticationPackageName = (PLSA_STRING)NameString;
1060 
1061  return STATUS_SUCCESS;
1062 }
1063 
1064 
1065 /*
1066  * @unimplemented
1067  */
1068 VOID
1069 NTAPI
1070 LsaApLogonTerminated(IN PLUID LogonId)
1071 {
1072  TRACE("LsaApLogonTerminated()\n");
1073 }
1074 
1075 
1076 /*
1077  * @implemented
1078  */
1079 NTSTATUS
1080 NTAPI
1081 LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest,
1082  IN SECURITY_LOGON_TYPE LogonType,
1083  IN PVOID ProtocolSubmitBuffer,
1084  IN PVOID ClientBufferBase,
1085  IN ULONG SubmitBufferSize,
1086  OUT PVOID *ProfileBuffer,
1087  OUT PULONG ProfileBufferSize,
1088  OUT PLUID LogonId,
1089  OUT PNTSTATUS SubStatus,
1090  OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
1091  OUT PVOID *TokenInformation,
1092  OUT PUNICODE_STRING *AccountName,
1093  OUT PUNICODE_STRING *AuthenticatingAuthority,
1094  OUT PUNICODE_STRING *MachineName,
1095  OUT PSECPKG_PRIMARY_CRED PrimaryCredentials, /* Not supported yet */
1096  OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials) /* Not supported yet */
1097 {
1098  PMSV1_0_INTERACTIVE_LOGON LogonInfo;
1099  WCHAR ComputerName[MAX_COMPUTERNAME_LENGTH + 1];
1100  SAMPR_HANDLE ServerHandle = NULL;
1101  SAMPR_HANDLE DomainHandle = NULL;
1102  SAMPR_HANDLE UserHandle = NULL;
1103  PRPC_SID AccountDomainSid = NULL;
1104  RPC_UNICODE_STRING Names[1];
1105  SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
1106  SAMPR_ULONG_ARRAY Use = {0, NULL};
1107  PSAMPR_USER_INFO_BUFFER UserInfo = NULL;
1108  BOOLEAN SessionCreated = FALSE;
1109  LARGE_INTEGER LogonTime;
1110  LARGE_INTEGER AccountExpires;
1111  LARGE_INTEGER PasswordMustChange;
1112  LARGE_INTEGER PasswordLastSet;
1113  DWORD ComputerNameSize;
1114  BOOL SpecialAccount = FALSE;
1115  NTSTATUS Status;
1116 
1117  TRACE("LsaApLogonUser()\n");
1118 
1119  TRACE("LogonType: %lu\n", LogonType);
1120  TRACE("ProtocolSubmitBuffer: %p\n", ProtocolSubmitBuffer);
1121  TRACE("SubmitBufferSize: %lu\n", SubmitBufferSize);
1122 
1123  *ProfileBuffer = NULL;
1124  *ProfileBufferSize = 0;
1125  *SubStatus = STATUS_SUCCESS;
1126  *AccountName = NULL;
1127  *AuthenticatingAuthority = NULL;
1128 
1129  if (LogonType == Interactive ||
1130  LogonType == Batch ||
1131  LogonType == Service)
1132  {
1133  ULONG_PTR PtrOffset;
1134 
1135  LogonInfo = (PMSV1_0_INTERACTIVE_LOGON)ProtocolSubmitBuffer;
1136 
1137  /* Fix-up pointers in the authentication info */
1138  PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
1139 
1140  LogonInfo->LogonDomainName.Buffer = FIXUP_POINTER(LogonInfo->LogonDomainName.Buffer, PtrOffset);
1141  LogonInfo->UserName.Buffer = FIXUP_POINTER(LogonInfo->UserName.Buffer, PtrOffset);
1142  LogonInfo->Password.Buffer = FIXUP_POINTER(LogonInfo->Password.Buffer, PtrOffset);
1143 
1144  TRACE("Domain: %S\n", LogonInfo->LogonDomainName.Buffer);
1145  TRACE("User: %S\n", LogonInfo->UserName.Buffer);
1146  TRACE("Password: %S\n", LogonInfo->Password.Buffer);
1147  }
1148  else
1149  {
1150  FIXME("LogonType %lu is not supported yet!\n", LogonType);
1151  return STATUS_NOT_IMPLEMENTED;
1152  }
1153 
1154  /* Get the logon time */
1155  NtQuerySystemTime(&LogonTime);
1156 
1157  /* Get the computer name */
1158  ComputerNameSize = MAX_COMPUTERNAME_LENGTH + 1;
1159  GetComputerNameW(ComputerName, &ComputerNameSize);
1160 
1161  /* Check for special accounts */
1162  if (_wcsicmp(LogonInfo->LogonDomainName.Buffer, L"NT AUTHORITY") == 0)
1163  {
1164  SpecialAccount = TRUE;
1165 
1166  /* Get the authority domain SID */
1167  Status = GetNtAuthorityDomainSid(&AccountDomainSid);
1168  if (!NT_SUCCESS(Status))
1169  {
1170  ERR("GetNtAuthorityDomainSid() failed (Status 0x%08lx)\n", Status);
1171  return Status;
1172  }
1173 
1174  if (_wcsicmp(LogonInfo->UserName.Buffer, L"LocalService") == 0)
1175  {
1176  TRACE("SpecialAccount: LocalService\n");
1177 
1178  if (LogonType != Service)
1179  return STATUS_LOGON_FAILURE;
1180 
1181  UserInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1182  HEAP_ZERO_MEMORY,
1183  sizeof(SAMPR_USER_ALL_INFORMATION));
1184  if (UserInfo == NULL)
1185  {
1186  Status = STATUS_INSUFFICIENT_RESOURCES;
1187  goto done;
1188  }
1189 
1190  UserInfo->All.UserId = SECURITY_LOCAL_SERVICE_RID;
1191  UserInfo->All.PrimaryGroupId = SECURITY_LOCAL_SERVICE_RID;
1192  }
1193  else if (_wcsicmp(LogonInfo->UserName.Buffer, L"NetworkService") == 0)
1194  {
1195  TRACE("SpecialAccount: NetworkService\n");
1196 
1197  if (LogonType != Service)
1198  return STATUS_LOGON_FAILURE;
1199 
1200  UserInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1201  HEAP_ZERO_MEMORY,
1202  sizeof(SAMPR_USER_ALL_INFORMATION));
1203  if (UserInfo == NULL)
1204  {
1205  Status = STATUS_INSUFFICIENT_RESOURCES;
1206  goto done;
1207  }
1208 
1209  UserInfo->All.UserId = SECURITY_NETWORK_SERVICE_RID;
1210  UserInfo->All.PrimaryGroupId = SECURITY_NETWORK_SERVICE_RID;
1211  }
1212  else
1213  {
1214  Status = STATUS_NO_SUCH_USER;
1215  goto done;
1216  }
1217  }
1218  else
1219  {
1220  TRACE("NormalAccount\n");
1221 
1222  /* Get the account domain SID */
1223  Status = GetAccountDomainSid(&AccountDomainSid);
1224  if (!NT_SUCCESS(Status))
1225  {
1226  ERR("GetAccountDomainSid() failed (Status 0x%08lx)\n", Status);
1227  return Status;
1228  }
1229 
1230  /* Connect to the SAM server */
1231  Status = SamIConnect(NULL,
1232  &ServerHandle,
1233  SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
1234  TRUE);
1235  if (!NT_SUCCESS(Status))
1236  {
1237  TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
1238  goto done;
1239  }
1240 
1241  /* Open the account domain */
1242  Status = SamrOpenDomain(ServerHandle,
1243  DOMAIN_LOOKUP,
1244  AccountDomainSid,
1245  &DomainHandle);
1246  if (!NT_SUCCESS(Status))
1247  {
1248  ERR("SamrOpenDomain failed (Status %08lx)\n", Status);
1249  goto done;
1250  }
1251 
1252  Names[0].Length = LogonInfo->UserName.Length;
1253  Names[0].MaximumLength = LogonInfo->UserName.MaximumLength;
1254  Names[0].Buffer = LogonInfo->UserName.Buffer;
1255 
1256  /* Try to get the RID for the user name */
1257  Status = SamrLookupNamesInDomain(DomainHandle,
1258  1,
1259  Names,
1260  &RelativeIds,
1261  &Use);
1262  if (!NT_SUCCESS(Status))
1263  {
1264  ERR("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
1265  Status = STATUS_NO_SUCH_USER;
1266  goto done;
1267  }
1268 
1269  /* Fail, if it is not a user account */
1270  if (Use.Element[0] != SidTypeUser)
1271  {
1272  ERR("Account is not a user account!\n");
1273  Status = STATUS_NO_SUCH_USER;
1274  goto done;
1275  }
1276 
1277  /* Open the user object */
1278  Status = SamrOpenUser(DomainHandle,
1279  USER_READ_GENERAL | USER_READ_LOGON |
1280  USER_READ_ACCOUNT | USER_READ_PREFERENCES, /* FIXME */
1281  RelativeIds.Element[0],
1282  &UserHandle);
1283  if (!NT_SUCCESS(Status))
1284  {
1285  ERR("SamrOpenUser failed (Status %08lx)\n", Status);
1286  goto done;
1287  }
1288 
1289  Status = SamrQueryInformationUser(UserHandle,
1290  UserAllInformation,
1291  &UserInfo);
1292  if (!NT_SUCCESS(Status))
1293  {
1294  ERR("SamrQueryInformationUser failed (Status %08lx)\n", Status);
1295  goto done;
1296  }
1297 
1298  TRACE("UserName: %S\n", UserInfo->All.UserName.Buffer);
1299 
1300  /* Check the password */
1301  if ((UserInfo->All.UserAccountControl & USER_PASSWORD_NOT_REQUIRED) == 0)
1302  {
1303  Status = MsvpCheckPassword(&(LogonInfo->Password),
1304  UserInfo);
1305  if (!NT_SUCCESS(Status))
1306  {
1307  ERR("MsvpCheckPassword failed (Status %08lx)\n", Status);
1308  goto done;
1309  }
1310  }
1311 
1312  /* Check account restrictions for non-administrator accounts */
1313  if (RelativeIds.Element[0] != DOMAIN_USER_RID_ADMIN)
1314  {
1315  /* Check if the account has been disabled */
1316  if (UserInfo->All.UserAccountControl & USER_ACCOUNT_DISABLED)
1317  {
1318  ERR("Account disabled!\n");
1319  *SubStatus = STATUS_ACCOUNT_DISABLED;
1320  Status = STATUS_ACCOUNT_RESTRICTION;
1321  goto done;
1322  }
1323 
1324  /* Check if the account has been locked */
1325  if (UserInfo->All.UserAccountControl & USER_ACCOUNT_AUTO_LOCKED)
1326  {
1327  ERR("Account locked!\n");
1328  *SubStatus = STATUS_ACCOUNT_LOCKED_OUT;
1329  Status = STATUS_ACCOUNT_RESTRICTION;
1330  goto done;
1331  }
1332 
1333  /* Check if the account expired */
1334  AccountExpires.LowPart = UserInfo->All.AccountExpires.LowPart;
1335  AccountExpires.HighPart = UserInfo->All.AccountExpires.HighPart;
1336  if (LogonTime.QuadPart >= AccountExpires.QuadPart)
1337  {
1338  ERR("Account expired!\n");
1339  *SubStatus = STATUS_ACCOUNT_EXPIRED;
1340  Status = STATUS_ACCOUNT_RESTRICTION;
1341  goto done;
1342  }
1343 
1344  /* Check if the password expired */
1345  PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
1346  PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;
1347  PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
1348  PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;
1349 
1350  if (LogonTime.QuadPart >= PasswordMustChange.QuadPart)
1351  {
1352  ERR("Password expired!\n");
1353  if (PasswordLastSet.QuadPart == 0)
1354  *SubStatus = STATUS_PASSWORD_MUST_CHANGE;
1355  else
1356  *SubStatus = STATUS_PASSWORD_EXPIRED;
1357 
1358  Status = STATUS_ACCOUNT_RESTRICTION;
1359  goto done;
1360  }
1361 
1362  /* Check logon hours */
1363  if (!MsvpCheckLogonHours(&UserInfo->All.LogonHours, &LogonTime))
1364  {
1365  ERR("Invalid logon hours!\n");
1366  *SubStatus = STATUS_INVALID_LOGON_HOURS;
1367  Status = STATUS_ACCOUNT_RESTRICTION;
1368  goto done;
1369  }
1370 
1371  /* Check workstations */
1372  if (!MsvpCheckWorkstations(&UserInfo->All.WorkStations, ComputerName))
1373  {
1374  ERR("Invalid workstation!\n");
1375  *SubStatus = STATUS_INVALID_WORKSTATION;
1376  Status = STATUS_ACCOUNT_RESTRICTION;
1377  goto done;
1378  }
1379  }
1380  }
1381 
1382  /* Return logon information */
1383 
1384  /* Create and return a new logon id */
1385  Status = NtAllocateLocallyUniqueId(LogonId);
1386  if (!NT_SUCCESS(Status))
1387  {
1388  TRACE("NtAllocateLocallyUniqueId failed (Status %08lx)\n", Status);
1389  goto done;
1390  }
1391 
1392  /* Create the logon session */
1393  Status = DispatchTable.CreateLogonSession(LogonId);
1394  if (!NT_SUCCESS(Status))
1395  {
1396  TRACE("CreateLogonSession failed (Status %08lx)\n", Status);
1397  goto done;
1398  }
1399 
1400  SessionCreated = TRUE;
1401 
1402  /* Build and fill the interactive profile buffer */
1403  Status = BuildInteractiveProfileBuffer(ClientRequest,
1404  UserInfo,
1405  ComputerName,
1406  (PMSV1_0_INTERACTIVE_PROFILE*)ProfileBuffer,
1407  ProfileBufferSize);
1408  if (!NT_SUCCESS(Status))
1409  {
1410  TRACE("BuildInteractiveProfileBuffer failed (Status %08lx)\n", Status);
1411  goto done;
1412  }
1413 
1414  /* Return the token information type */
1415  *TokenInformationType = LsaTokenInformationV1;
1416 
1417  /* Build and fill the token information buffer */
1418  Status = BuildTokenInformationBuffer((PLSA_TOKEN_INFORMATION_V1*)TokenInformation,
1419  AccountDomainSid,
1420  UserInfo,
1421  SpecialAccount);
1422  if (!NT_SUCCESS(Status))
1423  {
1424  TRACE("BuildTokenInformationBuffer failed (Status %08lx)\n", Status);
1425  goto done;
1426  }
1427 
1428 done:
1429  /* Update the logon time/count or the bad password time/count */
1430  if ((UserHandle != NULL) &&
1431  (Status == STATUS_SUCCESS || Status == STATUS_WRONG_PASSWORD))
1432  {
1433  SAMPR_USER_INFO_BUFFER InternalInfo;
1434 
1435  RtlZeroMemory(&InternalInfo, sizeof(InternalInfo));
1436 
1437  if (Status == STATUS_SUCCESS)
1438  InternalInfo.Internal2.Flags = USER_LOGON_SUCCESS;
1439  else
1440  InternalInfo.Internal2.Flags = USER_LOGON_BAD_PASSWORD;
1441 
1442  SamrSetInformationUser(UserHandle,
1443  UserInternal2Information,
1444  &InternalInfo);
1445  }
1446 
1447  /* Return the account name */
1448  *AccountName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1449  if (*AccountName != NULL)
1450  {
1451  (*AccountName)->Buffer = DispatchTable.AllocateLsaHeap(LogonInfo->UserName.Length +
1452  sizeof(UNICODE_NULL));
1453  if ((*AccountName)->Buffer != NULL)
1454  {
1455  (*AccountName)->MaximumLength = LogonInfo->UserName.Length +
1456  sizeof(UNICODE_NULL);
1457  RtlCopyUnicodeString(*AccountName, &LogonInfo->UserName);
1458  }
1459  }
1460 
1461  /* Return the authenticating authority */
1462  *AuthenticatingAuthority = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1463  if (*AuthenticatingAuthority != NULL)
1464  {
1465  (*AuthenticatingAuthority)->Buffer = DispatchTable.AllocateLsaHeap(LogonInfo->LogonDomainName.Length +
1466  sizeof(UNICODE_NULL));
1467  if ((*AuthenticatingAuthority)->Buffer != NULL)
1468  {
1469  (*AuthenticatingAuthority)->MaximumLength = LogonInfo->LogonDomainName.Length +
1470  sizeof(UNICODE_NULL);
1471  RtlCopyUnicodeString(*AuthenticatingAuthority, &LogonInfo->LogonDomainName);
1472  }
1473  }
1474 
1475  /* Return the machine name */
1476  *MachineName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1477  if (*MachineName != NULL)
1478  {
1479  (*MachineName)->Buffer = DispatchTable.AllocateLsaHeap((ComputerNameSize + 1) * sizeof(WCHAR));
1480  if ((*MachineName)->Buffer != NULL)
1481  {
1482  (*MachineName)->MaximumLength = (ComputerNameSize + 1) * sizeof(WCHAR);
1483  (*MachineName)->Length = ComputerNameSize * sizeof(WCHAR);
1484  RtlCopyMemory((*MachineName)->Buffer, ComputerName, (*MachineName)->MaximumLength);
1485  }
1486  }
1487 
1488  if (!NT_SUCCESS(Status))
1489  {
1490  if (SessionCreated != FALSE)
1491  DispatchTable.DeleteLogonSession(LogonId);
1492 
1493  if (*ProfileBuffer != NULL)
1494  {
1495  DispatchTable.FreeClientBuffer(ClientRequest,
1496  *ProfileBuffer);
1497  *ProfileBuffer = NULL;
1498  }
1499  }
1500 
1501  if (UserHandle != NULL)
1502  SamrCloseHandle(&UserHandle);
1503 
1504  SamIFree_SAMPR_USER_INFO_BUFFER(UserInfo,
1505  UserAllInformation);
1506  SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
1507  SamIFree_SAMPR_ULONG_ARRAY(&Use);
1508 
1509  if (DomainHandle != NULL)
1510  SamrCloseHandle(&DomainHandle);
1511 
1512  if (ServerHandle != NULL)
1513  SamrCloseHandle(&ServerHandle);
1514 
1515  if (AccountDomainSid != NULL)
1516  RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
1517 
1518  if (Status == STATUS_NO_SUCH_USER ||
1519  Status == STATUS_WRONG_PASSWORD)
1520  {
1521  *SubStatus = Status;
1522  Status = STATUS_LOGON_FAILURE;
1523  }
1524 
1525  TRACE("LsaApLogonUser done (Status 0x%08lx SubStatus 0x%08lx)\n", Status, *SubStatus);
1526 
1527  return Status;
1528 }
1529 
1530 /* EOF */
LSA_DISPATCH_TABLE::FreeClientBuffer
PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
Definition: authpackage.c:63
LSA_DISPATCH_TABLE::CopyToClientBuffer
PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
Definition: authpackage.c:64
_ENCRYPTED_LM_OWF_PASSWORD
Definition: msv1_0.h:80
_TIME_FIELDS::Weekday
USHORT Weekday
Definition: env_spec_w32.h:718
_SAMPR_USER_ALL_INFORMATION::LmOwfPassword
RPC_SHORT_BLOB LmOwfPassword
Definition: msv1_0.h:127
PCHAR
signed char * PCHAR
Definition: retypes.h:7
PNTSTATUS
* PNTSTATUS
Definition: strlen.c:14
_SAMPR_ULONG_ARRAY::Element
unsigned long * Element
Definition: lsasrv.h:86
PMSV1_0_CHANGEPASSWORD_REQUEST
struct _MSV1_0_CHANGEPASSWORD_REQUEST * PMSV1_0_CHANGEPASSWORD_REQUEST
_LSAPR_POLICY_INFORMATION
Definition: msv1_0.h:301
STATUS_WRONG_PASSWORD
#define STATUS_WRONG_PASSWORD
Definition: ntstatus.h:328
LSA_DISPATCH_TABLE
Definition: authpackage.c:53
_SAMPR_USER_ALL_INFORMATION::UserName
RPC_UNICODE_STRING UserName
Definition: msv1_0.h:117
LsaApCallPackage
NTSTATUS NTAPI LsaApCallPackage(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:918
MSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE MSV1_0_INTERACTIVE_PROFILE
_SAMPR_USER_ALL_INFORMATION
Definition: msv1_0.h:109
SAM_SERVER_CONNECT
#define SAM_SERVER_CONNECT
Definition: ntsam.h:99
IN
#define IN
Definition: typedefs.h:38
BuildTokenInformationBuffer
static NTSTATUS BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation, PRPC_SID AccountDomainSid, PSAMPR_USER_INFO_BUFFER UserInfo, BOOL SpecialAccount)
Definition: msv1_0.c:406
Names
PWSTR Names[NAMES_COUNT]
Definition: RtlGenerate8dot3Name.c:25
MsvpCheckWorkstations
static BOOL MsvpCheckWorkstations(_In_ PRPC_UNICODE_STRING WorkStations, _In_ PWSTR ComputerName)
Definition: msv1_0.c:875
SECURITY_AUTHENTICATED_USER_RID
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:540
TRUE
#define TRUE
Definition: types.h:120
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
MSV1_0_PACKAGE_NAME
#define MSV1_0_PACKAGE_NAME
Definition: ntsecapi.h:42
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
USER_PASSWORD_NOT_REQUIRED
#define USER_PASSWORD_NOT_REQUIRED
Definition: ntsam.h:169
_SECPKG_SUPPLEMENTAL_CRED_ARRAY
Definition: ntsecpkg.h:107
LsaApInitializePackage
NTSTATUS NTAPI LsaApInitializePackage(IN ULONG AuthenticationPackageId, IN PLSA_DISPATCH_TABLE LsaDispatchTable, IN PLSA_STRING Database OPTIONAL, IN PLSA_STRING Confidentiality OPTIONAL, OUT PLSA_STRING *AuthenticationPackageName)
Definition: msv1_0.c:1017
_MSV1_0_INTERACTIVE_PROFILE::LogoffTime
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:441
_TOKEN_GROUPS
Definition: setypes.h:959
_SID
Definition: ms-dtyp.idl:198
_MSV1_0_INTERACTIVE_PROFILE::ProfilePath
UNICODE_STRING ProfilePath
Definition: ntsecapi.h:449
SamrOpenDomain
NTSTATUS __stdcall SamrOpenDomain(SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)
STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
_MSV1_0_INTERACTIVE_PROFILE::HomeDirectory
UNICODE_STRING HomeDirectory
Definition: ntsecapi.h:447
PtrOffset
#define PtrOffset(BASE, OFFSET)
Definition: cdprocs.h:1557
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:54
GetNtAuthorityDomainSid
static NTSTATUS GetNtAuthorityDomainSid(PRPC_SID *Sid)
Definition: msv1_0.c:74
_TOKEN_PRIMARY_GROUP
Definition: setypes.h:977
CHAR
char CHAR
Definition: xmlstorage.h:175
LSA_DISPATCH_TABLE::GetCredentials
PLSA_GET_CREDENTIALS GetCredentials
Definition: authpackage.c:58
_RPC_UNICODE_STRING
Definition: msv1_0.h:51
Ptr
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
WARN
#define WARN(fmt,...)
Definition: debug.h:111
_SAMPR_USER_ALL_INFORMATION::UserId
unsigned long UserId
Definition: msv1_0.h:131
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
PMSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE * PMSV1_0_INTERACTIVE_PROFILE
_SAMPR_ULONG_ARRAY
Definition: lsasrv.h:83
LSA_DISPATCH_TABLE::FreeLsaHeap
PLSA_FREE_LSA_HEAP FreeLsaHeap
Definition: authpackage.c:61
AppendRidToSid
static PSID AppendRidToSid(PSID SrcSid, ULONG Rid)
Definition: msv1_0.c:245
LSA_DISPATCH_TABLE::AllocateLsaHeap
PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
Definition: authpackage.c:60
_MSV1_0_INTERACTIVE_PROFILE::LogonScript
UNICODE_STRING LogonScript
Definition: ntsecapi.h:446
_SAMPR_USER_ALL_INFORMATION::PasswordLastSet
OLD_LARGE_INTEGER PasswordLastSet
Definition: msv1_0.h:113
MachineName
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1286
ZeroMemory
#define ZeroMemory
Definition: winbase.h:1635
RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
SamrLookupNamesInDomain
NTSTATUS NTAPI SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle, IN ULONG Count, IN RPC_UNICODE_STRING Names[], OUT PSAMPR_ULONG_ARRAY RelativeIds, OUT PSAMPR_ULONG_ARRAY Use)
Definition: samrpc.c:3558
ProfileBufferLength
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
Definition: ntifs.template.h:711
RPC_SHORT_BLOB::Buffer
unsigned short * Buffer
Definition: msv1_0.h:71
SamrChangePasswordUser
NTSTATUS NTAPI SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle, IN unsigned char LmPresent, IN PENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm, IN unsigned char NtPresent, IN PENCRYPTED_NT_OWF_PASSWORD OldNtEncryptedWithNewNt, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithOldNt, IN unsigned char NtCrossEncryptionPresent, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithNewLm, IN unsigned char LmCrossEncryptionPresent, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithNewNt)
Definition: samrpc.c:8324
SystemFunction006
NTSTATUS WINAPI SystemFunction006(LPCSTR password, LPSTR hash)
Definition: crypt_lmhash.c:53
STATUS_ACCOUNT_LOCKED_OUT
#define STATUS_ACCOUNT_LOCKED_OUT
Definition: ntstatus.h:682
_MSV1_0_CHANGEPASSWORD_REQUEST
Definition: ntsecapi.h:507
GetComputerNameW
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:440
OEM_STRING
STRING OEM_STRING
Definition: umtypes.h:203
Groups
TOpcodeData Groups[17][8]
Definition: disassemblerdata.h:895
LPSTR
char * LPSTR
Definition: xmlstorage.h:182
_LSAPR_POLICY_ACCOUNT_DOM_INFO::Sid
PRPC_SID Sid
Definition: msv1_0.h:278
NtAllocateLocallyUniqueId
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:371
_LSAPR_POLICY_INFORMATION::PolicyAccountDomainInfo
LSAPR_POLICY_ACCOUNT_DOM_INFO PolicyAccountDomainInfo
Definition: msv1_0.h:307
SamrLookupDomainInSamServer
NTSTATUS NTAPI SamrLookupDomainInSamServer(IN SAMPR_HANDLE ServerHandle, IN PRPC_UNICODE_STRING Name, OUT PRPC_SID *DomainId)
Definition: samrpc.c:497
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
_MSV1_0_INTERACTIVE_PROFILE::LogonCount
USHORT LogonCount
Definition: ntsecapi.h:438
_SAMPR_LOGON_HOURS
Definition: msv1_0.h:91
_MSV1_0_INTERACTIVE_PROFILE::PasswordMustChange
LARGE_INTEGER PasswordMustChange
Definition: ntsecapi.h:445
_SAMPR_USER_INFO_BUFFER
Definition: msv1_0.h:146
_MSV1_0_INTERACTIVE_LOGON::Password
UNICODE_STRING Password
Definition: ntsecapi.h:434
_MSV1_0_CHANGEPASSWORD_REQUEST::AccountName
UNICODE_STRING AccountName
Definition: ntsecapi.h:510
STATUS_ACCOUNT_EXPIRED
#define STATUS_ACCOUNT_EXPIRED
Definition: ntstatus.h:622
_MSV1_0_INTERACTIVE_PROFILE::FullName
UNICODE_STRING FullName
Definition: ntsecapi.h:448
_SAMPR_USER_INFO_BUFFER::All
SAMPR_USER_ALL_INFORMATION All
Definition: msv1_0.h:172
RtlCopyUnicodeString
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
STATUS_INVALID_LOGON_HOURS
#define STATUS_INVALID_LOGON_HOURS
Definition: ntstatus.h:333
LsaIOpenPolicyTrusted
NTSTATUS WINAPI LsaIOpenPolicyTrusted(OUT LSAPR_HANDLE *PolicyHandle)
Definition: policy.c:15
USER_ACCOUNT_DISABLED
#define USER_ACCOUNT_DISABLED
Definition: ntsam.h:167
STATUS_ACCOUNT_RESTRICTION
#define STATUS_ACCOUNT_RESTRICTION
Definition: ntstatus.h:332
_MSV1_0_INTERACTIVE_PROFILE
Definition: ntsecapi.h:436
RtlInitAnsiString
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:63
WINE_DEFAULT_DEBUG_CHANNEL
WINE_DEFAULT_DEBUG_CHANNEL(msv1_0)
LsaIFree_LSAPR_POLICY_INFORMATION
VOID NTAPI LsaIFree_LSAPR_POLICY_INFORMATION(IN POLICY_INFORMATION_CLASS InformationClass, IN PLSAPR_POLICY_INFORMATION PolicyInformation)
Definition: lsasrv.c:51
SamIConnect
NTSTATUS NTAPI SamIConnect(PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)
PMSV1_0_INTERACTIVE_LOGON
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
RtlInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
SamIFreeVoid
VOID NTAPI SamIFreeVoid(PVOID Ptr)
Definition: samsrv.c:146
GetAccountDomainSid
static NTSTATUS GetAccountDomainSid(PRPC_SID *Sid)
Definition: msv1_0.c:25
FIXUP_POINTER
#define FIXUP_POINTER(Pointer, Offset)
Definition: msv1_0.h:40
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:52
ProtocolStatus
VOID NTAPI ProtocolStatus(NDIS_HANDLE BindingContext, NDIS_STATUS GenerelStatus, PVOID StatusBuffer, UINT StatusBufferSize)
Called by NDIS when the underlying driver has changed state.
Definition: lan.c:461
USER_READ_GENERAL
#define USER_READ_GENERAL
Definition: ntsam.h:126
SystemFunction012
NTSTATUS WINAPI SystemFunction012(const BYTE *in, const BYTE *key, LPBYTE out)
Definition: sysfunc.c:353
NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
Offset
_In_ ULONG _In_ ULONG Offset
Definition: ntddpcm.h:101
UNICODE_NULL
#define UNICODE_NULL
SubStatus
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
Definition: ntifs.template.h:711
_LUID
Definition: devicetopology.idl:136
LsaApLogonTerminated
VOID NTAPI LsaApLogonTerminated(IN PLUID LogonId)
Definition: msv1_0.c:1070
PMSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE * PMSV1_0_PROTOCOL_MESSAGE_TYPE
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
_SAMPR_USER_INTERNAL2_INFORMATION::Flags
unsigned long Flags
Definition: msv1_0.h:102
BufferLength
_In_ ULONG BufferLength
Definition: usbdlib.h:225
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
DOMAIN_USER_RID_ADMIN
#define DOMAIN_USER_RID_ADMIN
Definition: setypes.h:603
LSA_DISPATCH_TABLE::CreateLogonSession
PLSA_CREATE_LOGON_SESSION CreateLogonSession
Definition: authpackage.c:55
_ANSI_STRING
Definition: env_spec_w32.h:375
RtlUpcaseUnicodeStringToOemString
NTSYSAPI NTSTATUS NTAPI RtlUpcaseUnicodeStringToOemString(POEM_STRING DestinationString, PCUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
_MSV1_0_INTERACTIVE_PROFILE::PasswordLastSet
LARGE_INTEGER PasswordLastSet
Definition: ntsecapi.h:443
FIXME
#define FIXME(fmt,...)
Definition: debug.h:110
BuildInteractiveProfileBuffer
static NTSTATUS BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PSAMPR_USER_INFO_BUFFER UserInfo, IN PWSTR ComputerName, OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer, OUT PULONG ProfileBufferLength)
Definition: msv1_0.c:95
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
_LARGE_INTEGER::HighPart
LONG HighPart
Definition: typedefs.h:105
NULL
smooth NULL
Definition: ftsmooth.c:416
SE_GROUP_ENABLED_BY_DEFAULT
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
PLSA_TOKEN_INFORMATION_TYPE
enum _LSA_TOKEN_INFORMATION_TYPE * PLSA_TOKEN_INFORMATION_TYPE
SAM_SERVER_LOOKUP_DOMAIN
#define SAM_SERVER_LOOKUP_DOMAIN
Definition: ntsam.h:104
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
_MSV1_0_INTERACTIVE_PROFILE::LogonTime
LARGE_INTEGER LogonTime
Definition: ntsecapi.h:440
RtlSystemTimeToLocalTime
NTSYSAPI NTSTATUS NTAPI RtlSystemTimeToLocalTime(_In_ PLARGE_INTEGER SystemTime, _Out_ PLARGE_INTEGER LocalTime)
Buffer
Definition: bufpool.h:45
_SAMPR_USER_ALL_INFORMATION::AccountExpires
OLD_LARGE_INTEGER AccountExpires
Definition: msv1_0.h:114
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
SECURITY_LOCAL_SERVICE_RID
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:547
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
_TIME_FIELDS::Hour
USHORT Hour
Definition: env_spec_w32.h:714
PrimaryGroup
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1559
STATUS_NO_SUCH_USER
#define STATUS_NO_SUCH_USER
Definition: ntstatus.h:322
RtlTimeToTimeFields
BOOLEAN RtlTimeToTimeFields(IN PLARGE_INTEGER Time, IN PTIME_FIELDS TimeFields)
Definition: env_spec_w32.cpp:895
LsarQueryInformationPolicy
NTSTATUS WINAPI LsarQueryInformationPolicy(LSAPR_HANDLE PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: lsarpc.c:531
STATUS_ACCOUNT_DISABLED
#define STATUS_ACCOUNT_DISABLED
Definition: ntstatus.h:336
_SAMPR_USER_ALL_INFORMATION::PasswordMustChange
OLD_LARGE_INTEGER PasswordMustChange
Definition: msv1_0.h:116
LSA_DISPATCH_TABLE::DeleteCredential
PLSA_DELETE_CREDENTIAL DeleteCredential
Definition: authpackage.c:59
_TIME_FIELDS::Minute
USHORT Minute
Definition: env_spec_w32.h:715
BuildTokenGroups
static NTSTATUS BuildTokenGroups(OUT PTOKEN_GROUPS *Groups, IN PSID AccountDomainSid, IN ULONG RelativeId, IN BOOL SpecialAccount)
Definition: msv1_0.c:310
_MSV1_0_INTERACTIVE_LOGON::UserName
UNICODE_STRING UserName
Definition: ntsecapi.h:433
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_MSV1_0_INTERACTIVE_PROFILE::KickOffTime
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:442
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
wcschr
_CONST_RETURN wchar_t *__cdecl wcschr(_In_z_ const wchar_t *_Str, wchar_t _Ch)
RtlEqualMemory
NTSYSAPI ULONG NTAPI RtlEqualMemory(CONST VOID *Source1, CONST VOID *Source2, ULONG Length)
STATUS_PASSWORD_EXPIRED
#define STATUS_PASSWORD_EXPIRED
Definition: ntstatus.h:335
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
USER_READ_ACCOUNT
#define USER_READ_ACCOUNT
Definition: ntsam.h:130
SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92
DispatchTable
LSA_DISPATCH_TABLE DispatchTable
Definition: msv1_0.c:18
SystemFunction007
NTSTATUS WINAPI SystemFunction007(const UNICODE_STRING *string, LPBYTE hash)
Definition: sysfunc.c:245
_SID_AND_ATTRIBUTES
Definition: setypes.h:474
RtlSubAuthorityCountSid
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104
_MSV1_0_CHANGEPASSWORD_REQUEST::NewPassword
UNICODE_STRING NewPassword
Definition: ntsecapi.h:512
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
MsvpCheckPassword
static NTSTATUS MsvpCheckPassword(PUNICODE_STRING UserPassword, PSAMPR_USER_INFO_BUFFER UserInfo)
Definition: msv1_0.c:758
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
SE_GROUP_MANDATORY
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
_MSV1_0_INTERACTIVE_PROFILE::LogonServer
UNICODE_STRING LogonServer
Definition: ntsecapi.h:451
_SAMPR_USER_ALL_INFORMATION::LogonHours
SAMPR_LOGON_HOURS LogonHours
Definition: msv1_0.h:135
LSA_DISPATCH_TABLE::DeleteLogonSession
PLSA_DELETE_LOGON_SESSION DeleteLogonSession
Definition: authpackage.c:56
USER_LOGON_SUCCESS
#define USER_LOGON_SUCCESS
Definition: msv1_0.h:98
LsarClose
NTSTATUS WINAPI LsarClose(LSAPR_HANDLE *ObjectHandle)
Definition: lsarpc.c:125
_SAMPR_USER_ALL_INFORMATION::PrimaryGroupId
unsigned long PrimaryGroupId
Definition: msv1_0.h:132
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:512
USER_LOGON_BAD_PASSWORD
#define USER_LOGON_BAD_PASSWORD
Definition: msv1_0.h:97
_TOKEN_USER
Definition: setypes.h:955
LSA_DISPATCH_TABLE::CopyFromClientBuffer
PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
Definition: authpackage.c:65
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
wcscpy
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
L
static const WCHAR L[]
Definition: oid.c:1250
USER_ACCOUNT_AUTO_LOCKED
#define USER_ACCOUNT_AUTO_LOCKED
Definition: ntsam.h:177
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
ProfileBuffer
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
Definition: ntifs.template.h:711
_LARGE_INTEGER::LowPart
ULONG LowPart
Definition: typedefs.h:104
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
BYTE
unsigned char BYTE
Definition: mem.h:68
_TIME_FIELDS
Definition: env_spec_w32.h:710
_MSV1_0_CHANGEPASSWORD_REQUEST::DomainName
UNICODE_STRING DomainName
Definition: ntsecapi.h:509
_SAMPR_USER_ALL_INFORMATION::LmPasswordPresent
unsigned char LmPasswordPresent
Definition: msv1_0.h:140
LSA_DISPATCH_TABLE::AddCredential
PLSA_ADD_CREDENTIAL AddCredential
Definition: authpackage.c:57
SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:548
_OLD_LARGE_INTEGER::HighPart
long HighPart
Definition: msv1_0.h:64
SamIFree_SAMPR_USER_INFO_BUFFER
VOID NTAPI SamIFree_SAMPR_USER_INFO_BUFFER(PSAMPR_USER_INFO_BUFFER Ptr, USER_INFORMATION_CLASS InformationClass)
Definition: samsrv.c:531
Status
Status
Definition: gdiplustypes.h:24
MsvpChangePassword
static NTSTATUS MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:491
ERR
#define ERR(fmt,...)
Definition: debug.h:109
_In_
#define _In_
Definition: no_sal2.h:204
MAX_COMPUTERNAME_LENGTH
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:240
_UNICODE_STRING
Definition: env_spec_w32.h:368
_MSV1_0_INTERACTIVE_PROFILE::UserFlags
ULONG UserFlags
Definition: ntsecapi.h:452
_RPC_SID
Definition: msv1_0.h:43
SamIFree_SAMPR_ULONG_ARRAY
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr)
Definition: samsrv.c:515
STATUS_INVALID_WORKSTATION
#define STATUS_INVALID_WORKSTATION
Definition: ntstatus.h:334
LsaApCallPackagePassthrough
NTSTATUS NTAPI LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:981
LSA_DISPATCH_TABLE::AllocateClientBuffer
PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
Definition: authpackage.c:62
LsaApCallPackageUntrusted
NTSTATUS NTAPI LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:999
_MSV1_0_INTERACTIVE_PROFILE::PasswordCanChange
LARGE_INTEGER PasswordCanChange
Definition: ntsecapi.h:444
DOMAIN_ALIAS_RID_USERS
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:625
USHORT
unsigned short USHORT
Definition: pedump.c:61
LogonType
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
Definition: ntifs.template.h:707
STATUS_PASSWORD_MUST_CHANGE
#define STATUS_PASSWORD_MUST_CHANGE
Definition: ntstatus.h:666
_SAMPR_USER_ALL_INFORMATION::UserAccountControl
unsigned long UserAccountControl
Definition: msv1_0.h:133
_MSV1_0_INTERACTIVE_PROFILE::MessageType
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:437
_OLD_LARGE_INTEGER::LowPart
unsigned long LowPart
Definition: msv1_0.h:63
SamrSetInformationUser
NTSTATUS NTAPI SamrSetInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, IN PSAMPR_USER_INFO_BUFFER Buffer)
Definition: samrpc.c:8119
SECURITY_LOGON_TYPE
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
SamrCloseHandle
NTSTATUS __stdcall SamrCloseHandle(SAMPR_HANDLE *SamHandle)
_MSV1_0_INTERACTIVE_PROFILE::HomeDirectoryDrive
UNICODE_STRING HomeDirectoryDrive
Definition: ntsecapi.h:450
wcscat
_CRTIMP wchar_t *__cdecl wcscat(_Inout_updates_z_(_String_length_(_Dest)+_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
DOMAIN_GROUP_RID_USERS
#define DOMAIN_GROUP_RID_USERS
Definition: setypes.h:612
PULONG
unsigned int * PULONG
Definition: retypes.h:1
_SECPKG_PRIMARY_CRED
Definition: ntsecpkg.h:84
_MSV1_0_INTERACTIVE_PROFILE::BadPasswordCount
USHORT BadPasswordCount
Definition: ntsecapi.h:439
LogonId
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
Definition: ntifs.template.h:711
PLSA_STRING
struct _LSA_STRING * PLSA_STRING
msv1_0.h
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
SamrOpenUser
NTSTATUS NTAPI SamrOpenUser(IN SAMPR_HANDLE DomainHandle, IN ACCESS_MASK DesiredAccess, IN ULONG UserId, OUT SAMPR_HANDLE *UserHandle)
_LARGE_INTEGER
Definition: typedefs.h:100
USER_READ_PREFERENCES
#define USER_READ_PREFERENCES
Definition: ntsam.h:127
_SAMPR_USER_ALL_INFORMATION::NtOwfPassword
RPC_SHORT_BLOB NtOwfPassword
Definition: msv1_0.h:128
OUT
#define OUT
Definition: typedefs.h:39
_MSV1_0_CHANGEPASSWORD_REQUEST::OldPassword
UNICODE_STRING OldPassword
Definition: ntsecapi.h:511
strcpy
char * strcpy(char *DstString, const char *SrcString)
Definition: utclib.c:388
ULONG
unsigned int ULONG
Definition: retypes.h:1
DOMAIN_LOOKUP
#define DOMAIN_LOOKUP
Definition: ntsam.h:42
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
_SAMPR_USER_INFO_BUFFER::Internal2
SAMPR_USER_INTERNAL2_INFORMATION Internal2
Definition: msv1_0.h:168
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
NtQuerySystemTime
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:417
AccountDomainSid
PSID AccountDomainSid
Definition: database.c:22
LsaApLogonUserEx2
NTSTATUS NTAPI LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest, IN SECURITY_LOGON_TYPE LogonType, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferSize, OUT PVOID *ProfileBuffer, OUT PULONG ProfileBufferSize, OUT PLUID LogonId, OUT PNTSTATUS SubStatus, OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType, OUT PVOID *TokenInformation, OUT PUNICODE_STRING *AccountName, OUT PUNICODE_STRING *AuthenticatingAuthority, OUT PUNICODE_STRING *MachineName, OUT PSECPKG_PRIMARY_CRED PrimaryCredentials, OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials)
Definition: msv1_0.c:1081
_LSA_TOKEN_INFORMATION_V1
Definition: authpackage.c:26
MSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE MSV1_0_PROTOCOL_MESSAGE_TYPE
_LSA_STRING
Definition: ntsecapi.h:171
SamrQueryInformationUser
NTSTATUS NTAPI SamrQueryInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, OUT PSAMPR_USER_INFO_BUFFER *Buffer)
Definition: samrpc.c:7328
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
Buffer
IN BOOLEAN OUT PSTR Buffer
Definition: progress.h:34
TimeFields
static PTIME_FIELDS TimeFields
Definition: time.c:104
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2745
MsvpCheckLogonHours
static BOOL MsvpCheckLogonHours(_In_ PSAMPR_LOGON_HOURS LogonHours, _In_ PLARGE_INTEGER LogonTime)
Definition: msv1_0.c:848
BuildTokenPrimaryGroup
static NTSTATUS BuildTokenPrimaryGroup(OUT PTOKEN_PRIMARY_GROUP PrimaryGroup, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:292
USER_READ_LOGON
#define USER_READ_LOGON
Definition: ntsam.h:129
wcslen
size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
BuildTokenUser
static NTSTATUS BuildTokenUser(OUT PTOKEN_USER User, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:272
_MSV1_0_INTERACTIVE_LOGON
Definition: ntsecapi.h:430
_wcsicmp
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
STATUS_LOGON_FAILURE
#define STATUS_LOGON_FAILURE
Definition: ntstatus.h:331
_SAMPR_USER_ALL_INFORMATION::NtPasswordPresent
unsigned char NtPasswordPresent
Definition: msv1_0.h:141
_SAMPR_USER_ALL_INFORMATION::WorkStations
RPC_UNICODE_STRING WorkStations
Definition: msv1_0.h:124
NtAuthority
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:19
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:112
_MSV1_0_INTERACTIVE_LOGON::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:432
RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
USER_CHANGE_PASSWORD
#define USER_CHANGE_PASSWORD
Definition: ntsam.h:132
SystemAuthority
static SID_IDENTIFIER_AUTHORITY SystemAuthority
Definition: msgina.c:38
_RPC_UNICODE_STRING::Buffer
wchar_t * Buffer
Definition: msv1_0.h:55
OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68