da/d86/msv1__0_8c_source.html

 /*
  * PROJECT:     Authentication Package DLL
  * LICENSE:     GPL - See COPYING in the top level directory
  * FILE:        dll/win32/msv1_0/msv1_0.c
  * PURPOSE:     Main file
  * COPYRIGHT:   Copyright 2013 Eric Kohl
  */

 /* INCLUDES ****************************************************************/

 #include "msv1_0.h"

 WINE_DEFAULT_DEBUG_CHANNEL(msv1_0);


 /* GLOBALS *****************************************************************/

 LSA_DISPATCH_TABLE DispatchTable;


 /* FUNCTIONS ***************************************************************/

 static
 NTSTATUS
 GetAccountDomainSid(PRPC_SID *Sid)
 {
     LSAPR_HANDLE PolicyHandle = NULL;
     PLSAPR_POLICY_INFORMATION PolicyInfo = NULL;
     ULONG Length = 0;
     NTSTATUS Status;

     Status = LsaIOpenPolicyTrusted(&PolicyHandle);
     if (!NT_SUCCESS(Status))
     {
         TRACE("LsaIOpenPolicyTrusted() failed (Status 0x%08lx)\n", Status);
         return Status;
     }

     Status = LsarQueryInformationPolicy(PolicyHandle,
                                         PolicyAccountDomainInformation,
                                         &PolicyInfo);
     if (!NT_SUCCESS(Status))
     {
         TRACE("LsarQueryInformationPolicy() failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     Length = RtlLengthSid(PolicyInfo->PolicyAccountDomainInfo.Sid);

     *Sid = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
     if (*Sid == NULL)
     {
         ERR("Failed to allocate SID\n");
         Status = STATUS_INSUFFICIENT_RESOURCES;
         goto done;
     }

     memcpy(*Sid, PolicyInfo->PolicyAccountDomainInfo.Sid, Length);

 done:
     if (PolicyInfo != NULL)
         LsaIFree_LSAPR_POLICY_INFORMATION(PolicyAccountDomainInformation,
                                           PolicyInfo);

     if (PolicyHandle != NULL)
         LsarClose(&PolicyHandle);

     return Status;
 }


 static
 NTSTATUS
 GetNtAuthorityDomainSid(PRPC_SID *Sid)
 {
     SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
     ULONG Length = 0;

     Length = RtlLengthRequiredSid(0);
     *Sid = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
     if (*Sid == NULL)
     {
         ERR("Failed to allocate SID\n");
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     RtlInitializeSid(*Sid,&NtAuthority, 0);

     return STATUS_SUCCESS;
 }


 static
 NTSTATUS
 BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest,
                               IN PSAMPR_USER_INFO_BUFFER UserInfo,
                               IN PWSTR ComputerName,
                               OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer,
                               OUT PULONG ProfileBufferLength)
 {
     PMSV1_0_INTERACTIVE_PROFILE LocalBuffer = NULL;
     PVOID ClientBaseAddress = NULL;
     LPWSTR Ptr;
     ULONG BufferLength;
     NTSTATUS Status = STATUS_SUCCESS;

     *ProfileBuffer = NULL;
     *ProfileBufferLength = 0;

     BufferLength = sizeof(MSV1_0_INTERACTIVE_PROFILE) +
                    UserInfo->All.FullName.Length + sizeof(WCHAR) +
                    UserInfo->All.HomeDirectory.Length + sizeof(WCHAR) +
                    UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR) +
                    UserInfo->All.ScriptPath.Length + sizeof(WCHAR) +
                    UserInfo->All.ProfilePath.Length + sizeof(WCHAR) +
                    ((wcslen(ComputerName) + 3) * sizeof(WCHAR));

     LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
     if (LocalBuffer == NULL)
     {
         TRACE("Failed to allocate the local buffer!\n");
         Status = STATUS_INSUFFICIENT_RESOURCES;
         goto done;
     }

     Status = DispatchTable.AllocateClientBuffer(ClientRequest,
                                                 BufferLength,
                                                 &ClientBaseAddress);
     if (!NT_SUCCESS(Status))
     {
         TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);

     Ptr = (LPWSTR)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_INTERACTIVE_PROFILE));

     LocalBuffer->MessageType = MsV1_0InteractiveProfile;
     LocalBuffer->LogonCount = UserInfo->All.LogonCount;
     LocalBuffer->BadPasswordCount = UserInfo->All.BadPasswordCount;

     LocalBuffer->LogonTime.LowPart = UserInfo->All.LastLogon.LowPart;
     LocalBuffer->LogonTime.HighPart = UserInfo->All.LastLogon.HighPart;

     LocalBuffer->LogoffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
     LocalBuffer->LogoffTime.HighPart = UserInfo->All.AccountExpires.HighPart;

     LocalBuffer->KickOffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
     LocalBuffer->KickOffTime.HighPart = UserInfo->All.AccountExpires.HighPart;

     LocalBuffer->PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
     LocalBuffer->PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;

     LocalBuffer->PasswordCanChange.LowPart = UserInfo->All.PasswordCanChange.LowPart;
     LocalBuffer->PasswordCanChange.HighPart = UserInfo->All.PasswordCanChange.HighPart;

     LocalBuffer->PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
     LocalBuffer->PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;

     LocalBuffer->LogonScript.Length = UserInfo->All.ScriptPath.Length;
     LocalBuffer->LogonScript.MaximumLength = UserInfo->All.ScriptPath.Length + sizeof(WCHAR);
     LocalBuffer->LogonScript.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
     memcpy(Ptr,
            UserInfo->All.ScriptPath.Buffer,
            UserInfo->All.ScriptPath.Length);

     Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->LogonScript.MaximumLength);

     LocalBuffer->HomeDirectory.Length = UserInfo->All.HomeDirectory.Length;
     LocalBuffer->HomeDirectory.MaximumLength = UserInfo->All.HomeDirectory.Length + sizeof(WCHAR);
     LocalBuffer->HomeDirectory.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
     memcpy(Ptr,
            UserInfo->All.HomeDirectory.Buffer,
            UserInfo->All.HomeDirectory.Length);

     Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectory.MaximumLength);

     LocalBuffer->FullName.Length = UserInfo->All.FullName.Length;
     LocalBuffer->FullName.MaximumLength = UserInfo->All.FullName.Length + sizeof(WCHAR);
     LocalBuffer->FullName.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
     memcpy(Ptr,
            UserInfo->All.FullName.Buffer,
            UserInfo->All.FullName.Length);
     TRACE("FullName.Buffer: %p\n", LocalBuffer->FullName.Buffer);

     Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->FullName.MaximumLength);

     LocalBuffer->ProfilePath.Length = UserInfo->All.ProfilePath.Length;
     LocalBuffer->ProfilePath.MaximumLength = UserInfo->All.ProfilePath.Length + sizeof(WCHAR);
     LocalBuffer->ProfilePath.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
     memcpy(Ptr,
            UserInfo->All.ProfilePath.Buffer,
            UserInfo->All.ProfilePath.Length);

     Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->ProfilePath.MaximumLength);

     LocalBuffer->HomeDirectoryDrive.Length = UserInfo->All.HomeDirectoryDrive.Length;
     LocalBuffer->HomeDirectoryDrive.MaximumLength = UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR);
     LocalBuffer->HomeDirectoryDrive.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
     memcpy(Ptr,
            UserInfo->All.HomeDirectoryDrive.Buffer,
            UserInfo->All.HomeDirectoryDrive.Length);

     Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectoryDrive.MaximumLength);

     LocalBuffer->LogonServer.Length = (wcslen(ComputerName) + 2) * sizeof(WCHAR);
     LocalBuffer->LogonServer.MaximumLength = LocalBuffer->LogonServer.Length + sizeof(WCHAR);
     LocalBuffer->LogonServer.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
     wcscpy(Ptr, L"\\");
     wcscat(Ptr, ComputerName);

     LocalBuffer->UserFlags = 0;

     Status = DispatchTable.CopyToClientBuffer(ClientRequest,
                                               BufferLength,
                                               ClientBaseAddress,
                                               LocalBuffer);
     if (!NT_SUCCESS(Status))
     {
         TRACE("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     *ProfileBuffer = (PMSV1_0_INTERACTIVE_PROFILE)ClientBaseAddress;
     *ProfileBufferLength = BufferLength;

 done:
     if (LocalBuffer != NULL)
         DispatchTable.FreeLsaHeap(LocalBuffer);

     if (!NT_SUCCESS(Status))
     {
         if (ClientBaseAddress != NULL)
             DispatchTable.FreeClientBuffer(ClientRequest,
                                            ClientBaseAddress);
     }

     return Status;
 }


 static
 PSID
 AppendRidToSid(PSID SrcSid,
                ULONG Rid)
 {
     PSID DstSid = NULL;
     UCHAR RidCount;

     RidCount = *RtlSubAuthorityCountSid(SrcSid);
     if (RidCount >= 8)
         return NULL;

     DstSid = DispatchTable.AllocateLsaHeap(RtlLengthRequiredSid(RidCount + 1));
     if (DstSid == NULL)
         return NULL;

     RtlCopyMemory(DstSid,
                   SrcSid,
                   RtlLengthRequiredSid(RidCount));

     *RtlSubAuthorityCountSid(DstSid) = RidCount + 1;
     *RtlSubAuthoritySid(DstSid, RidCount) = Rid;

     return DstSid;
 }


 static
 NTSTATUS
 BuildTokenUser(OUT PTOKEN_USER User,
                IN PSID AccountDomainSid,
                IN ULONG RelativeId)
 {
     User->User.Sid = AppendRidToSid(AccountDomainSid,
                                     RelativeId);
     if (User->User.Sid == NULL)
     {
         ERR("Could not create the user SID\n");
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     User->User.Attributes = 0;

     return STATUS_SUCCESS;
 }


 static
 NTSTATUS
 BuildTokenPrimaryGroup(OUT PTOKEN_PRIMARY_GROUP PrimaryGroup,
                        IN PSID AccountDomainSid,
                        IN ULONG RelativeId)
 {
     PrimaryGroup->PrimaryGroup = AppendRidToSid(AccountDomainSid,
                                                 RelativeId);
     if (PrimaryGroup->PrimaryGroup == NULL)
     {
         ERR("Could not create the primary group SID\n");
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     return STATUS_SUCCESS;
 }


 static
 NTSTATUS
 BuildTokenGroups(OUT PTOKEN_GROUPS *Groups,
                  IN PSID AccountDomainSid,
                  IN ULONG RelativeId,
                  IN BOOL SpecialAccount)
 {
     SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
     PTOKEN_GROUPS TokenGroups;
     DWORD GroupCount = 0;
     DWORD MaxGroups = 2;
     PSID Sid;
     NTSTATUS Status = STATUS_SUCCESS;

     if (SpecialAccount)
         MaxGroups++;

     TokenGroups = DispatchTable.AllocateLsaHeap(sizeof(TOKEN_GROUPS) +
                                                 MaxGroups * sizeof(SID_AND_ATTRIBUTES));
     if (TokenGroups == NULL)
     {
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     if (SpecialAccount)
     {
         /* Self */
         Sid = AppendRidToSid(AccountDomainSid, RelativeId);
         if (Sid == NULL)
         {

         }

         TokenGroups->Groups[GroupCount].Sid = Sid;
         TokenGroups->Groups[GroupCount].Attributes =
             SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
         GroupCount++;

         /* Member of 'Users' alias */
         RtlAllocateAndInitializeSid(&SystemAuthority,
                                     2,
                                     SECURITY_BUILTIN_DOMAIN_RID,
                                     DOMAIN_ALIAS_RID_USERS,
                                     SECURITY_NULL_RID,
                                     SECURITY_NULL_RID,
                                     SECURITY_NULL_RID,
                                     SECURITY_NULL_RID,
                                     SECURITY_NULL_RID,
                                     SECURITY_NULL_RID,
                                     &Sid);
         TokenGroups->Groups[GroupCount].Sid = Sid;
         TokenGroups->Groups[GroupCount].Attributes =
             SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
         GroupCount++;
     }
     else
     {
         /* Member of the domains users group */
         Sid = AppendRidToSid(AccountDomainSid, DOMAIN_GROUP_RID_USERS);
         if (Sid == NULL)
         {

         }

         TokenGroups->Groups[GroupCount].Sid = Sid;
         TokenGroups->Groups[GroupCount].Attributes =
             SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
         GroupCount++;
     }

     /* Member of 'Authenticated users' */
     RtlAllocateAndInitializeSid(&SystemAuthority,
                                 1,
                                 SECURITY_AUTHENTICATED_USER_RID,
                                 SECURITY_NULL_RID,
                                 SECURITY_NULL_RID,
                                 SECURITY_NULL_RID,
                                 SECURITY_NULL_RID,
                                 SECURITY_NULL_RID,
                                 SECURITY_NULL_RID,
                                 SECURITY_NULL_RID,
                                 &Sid);
     TokenGroups->Groups[GroupCount].Sid = Sid;
     TokenGroups->Groups[GroupCount].Attributes =
         SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
     GroupCount++;

     TokenGroups->GroupCount = GroupCount;
     ASSERT(TokenGroups->GroupCount <= MaxGroups);

     *Groups = TokenGroups;

     return Status;
 }


 static
 NTSTATUS
 BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation,
                             PRPC_SID AccountDomainSid,
                             PSAMPR_USER_INFO_BUFFER UserInfo,
                             BOOL SpecialAccount)
 {
     PLSA_TOKEN_INFORMATION_V1 Buffer = NULL;
     ULONG i;
     NTSTATUS Status = STATUS_SUCCESS;

     Buffer = DispatchTable.AllocateLsaHeap(sizeof(LSA_TOKEN_INFORMATION_V1));
     if (Buffer == NULL)
     {
         WARN("Failed to allocate the local buffer!\n");
         Status = STATUS_INSUFFICIENT_RESOURCES;
         goto done;
     }

     Buffer->ExpirationTime.LowPart = UserInfo->All.AccountExpires.LowPart;
     Buffer->ExpirationTime.HighPart = UserInfo->All.AccountExpires.HighPart;

     Status = BuildTokenUser(&Buffer->User,
                             (PSID)AccountDomainSid,
                             UserInfo->All.UserId);
     if (!NT_SUCCESS(Status))
     {
         WARN("BuildTokenUser() failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     Status = BuildTokenPrimaryGroup(&Buffer->PrimaryGroup,
                                     (PSID)AccountDomainSid,
                                     UserInfo->All.PrimaryGroupId);
     if (!NT_SUCCESS(Status))
     {
         WARN("BuildTokenPrimaryGroup() failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     Status = BuildTokenGroups(&Buffer->Groups,
                               (PSID)AccountDomainSid,
                               UserInfo->All.UserId,
                               SpecialAccount);
     if (!NT_SUCCESS(Status))
     {
         WARN("BuildTokenGroups() failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     *TokenInformation = Buffer;

 done:
     if (!NT_SUCCESS(Status))
     {
         if (Buffer != NULL)
         {
             if (Buffer->User.User.Sid != NULL)
                 DispatchTable.FreeLsaHeap(Buffer->User.User.Sid);

             if (Buffer->Groups != NULL)
             {
                 for (i = 0; i < Buffer->Groups->GroupCount; i++)
                 {
                     if (Buffer->Groups->Groups[i].Sid != NULL)
                         DispatchTable.FreeLsaHeap(Buffer->Groups->Groups[i].Sid);
                 }

                 DispatchTable.FreeLsaHeap(Buffer->Groups);
             }

             if (Buffer->PrimaryGroup.PrimaryGroup != NULL)
                 DispatchTable.FreeLsaHeap(Buffer->PrimaryGroup.PrimaryGroup);

             if (Buffer->DefaultDacl.DefaultDacl != NULL)
                 DispatchTable.FreeLsaHeap(Buffer->DefaultDacl.DefaultDacl);

             DispatchTable.FreeLsaHeap(Buffer);
         }
     }

     return Status;
 }


 static
 NTSTATUS
 MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest,
                    IN PVOID ProtocolSubmitBuffer,
                    IN PVOID ClientBufferBase,
                    IN ULONG SubmitBufferLength,
                    OUT PVOID *ProtocolReturnBuffer,
                    OUT PULONG ReturnBufferLength,
                    OUT PNTSTATUS ProtocolStatus)
 {
     NTSTATUS Status;
     PMSV1_0_CHANGEPASSWORD_REQUEST RequestBuffer;
     ULONG_PTR PtrOffset;

     SAMPR_HANDLE ServerHandle = NULL;
     SAMPR_HANDLE DomainHandle = NULL;
     SAMPR_HANDLE UserHandle = NULL;
     PRPC_SID DomainSid = NULL;
     RPC_UNICODE_STRING Names[1];
     SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
     SAMPR_ULONG_ARRAY Use = {0, NULL};

     ENCRYPTED_NT_OWF_PASSWORD OldNtPassword;
     ENCRYPTED_NT_OWF_PASSWORD NewNtPassword;
     ENCRYPTED_LM_OWF_PASSWORD OldLmPassword;
     ENCRYPTED_LM_OWF_PASSWORD NewLmPassword;
     OEM_STRING LmPwdString;
     CHAR LmPwdBuffer[15];
     BOOLEAN OldLmPasswordPresent = FALSE;
     BOOLEAN NewLmPasswordPresent = FALSE;

     ENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm;
     ENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm;
     ENCRYPTED_LM_OWF_PASSWORD OldNtEncryptedWithNewNt;
     ENCRYPTED_LM_OWF_PASSWORD NewNtEncryptedWithOldNt;
     PENCRYPTED_LM_OWF_PASSWORD pOldLmEncryptedWithNewLm = NULL;
     PENCRYPTED_LM_OWF_PASSWORD pNewLmEncryptedWithOldLm = NULL;

     TRACE("MsvpChangePassword()\n");

     /* Parameters validation */

     if (SubmitBufferLength < sizeof(MSV1_0_CHANGEPASSWORD_REQUEST))
     {
         ERR("Invalid SubmitBufferLength %lu\n", SubmitBufferLength);
         return STATUS_INVALID_PARAMETER;
     }

     RequestBuffer = (PMSV1_0_CHANGEPASSWORD_REQUEST)ProtocolSubmitBuffer;

     /* Fix-up pointers in the request buffer info */
     PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;

     Status = RtlValidateUnicodeString(0, &RequestBuffer->DomainName);
     if (!NT_SUCCESS(Status))
         return STATUS_INVALID_PARAMETER;
     // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
     RequestBuffer->DomainName.Buffer = FIXUP_POINTER(RequestBuffer->DomainName.Buffer, PtrOffset);
     RequestBuffer->DomainName.MaximumLength = RequestBuffer->DomainName.Length;

     Status = RtlValidateUnicodeString(0, &RequestBuffer->AccountName);
     if (!NT_SUCCESS(Status))
         return STATUS_INVALID_PARAMETER;
     // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
     RequestBuffer->AccountName.Buffer = FIXUP_POINTER(RequestBuffer->AccountName.Buffer, PtrOffset);
     RequestBuffer->AccountName.MaximumLength = RequestBuffer->AccountName.Length;

     Status = RtlValidateUnicodeString(0, &RequestBuffer->OldPassword);
     if (!NT_SUCCESS(Status))
         return STATUS_INVALID_PARAMETER;
     // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
     RequestBuffer->OldPassword.Buffer = FIXUP_POINTER(RequestBuffer->OldPassword.Buffer, PtrOffset);
     RequestBuffer->OldPassword.MaximumLength = RequestBuffer->OldPassword.Length;

     Status = RtlValidateUnicodeString(0, &RequestBuffer->NewPassword);
     if (!NT_SUCCESS(Status))
         return STATUS_INVALID_PARAMETER;
     // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
     RequestBuffer->NewPassword.Buffer = FIXUP_POINTER(RequestBuffer->NewPassword.Buffer, PtrOffset);
     RequestBuffer->NewPassword.MaximumLength = RequestBuffer->NewPassword.Length;

     TRACE("Domain: %S\n", RequestBuffer->DomainName.Buffer);
     TRACE("Account: %S\n", RequestBuffer->AccountName.Buffer);
     TRACE("Old Password: %S\n", RequestBuffer->OldPassword.Buffer);
     TRACE("New Password: %S\n", RequestBuffer->NewPassword.Buffer);

     /* Connect to the SAM server */
     Status = SamIConnect(NULL,
                          &ServerHandle,
                          SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
                          TRUE);
     if (!NT_SUCCESS(Status))
     {
         TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     /* Get the domain SID */
     Status = SamrLookupDomainInSamServer(ServerHandle,
                                          (PRPC_UNICODE_STRING)&RequestBuffer->DomainName,
                                          &DomainSid);
     if (!NT_SUCCESS(Status))
     {
         TRACE("SamrLookupDomainInSamServer failed (Status %08lx)\n", Status);
         goto done;
     }

     /* Open the domain */
     Status = SamrOpenDomain(ServerHandle,
                             DOMAIN_LOOKUP,
                             DomainSid,
                             &DomainHandle);
     if (!NT_SUCCESS(Status))
     {
         TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
         goto done;
     }

     Names[0].Length = RequestBuffer->AccountName.Length;
     Names[0].MaximumLength = RequestBuffer->AccountName.MaximumLength;
     Names[0].Buffer = RequestBuffer->AccountName.Buffer;

     /* Try to get the RID for the user name */
     Status = SamrLookupNamesInDomain(DomainHandle,
                                      1,
                                      Names,
                                      &RelativeIds,
                                      &Use);
     if (!NT_SUCCESS(Status))
     {
         TRACE("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
         Status = STATUS_NO_SUCH_USER;
         goto done;
     }

     /* Fail, if it is not a user account */
     if (Use.Element[0] != SidTypeUser)
     {
         TRACE("Account is not a user account!\n");
         Status = STATUS_NO_SUCH_USER;
         goto done;
     }

     /* Open the user object */
     Status = SamrOpenUser(DomainHandle,
                           USER_CHANGE_PASSWORD,
                           RelativeIds.Element[0],
                           &UserHandle);
     if (!NT_SUCCESS(Status))
     {
         TRACE("SamrOpenUser failed (Status %08lx)\n", Status);
         goto done;
     }


     /* Calculate the NT hash for the old password */
     Status = SystemFunction007(&RequestBuffer->OldPassword,
                                (LPBYTE)&OldNtPassword);
     if (!NT_SUCCESS(Status))
     {
         TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     /* Calculate the NT hash for the new password */
     Status = SystemFunction007(&RequestBuffer->NewPassword,
                                (LPBYTE)&NewNtPassword);
     if (!NT_SUCCESS(Status))
     {
         TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     /* Calculate the LM password and hash for the old password */
     LmPwdString.Length = 15;
     LmPwdString.MaximumLength = 15;
     LmPwdString.Buffer = LmPwdBuffer;
     ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);

     Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
                                                &RequestBuffer->OldPassword,
                                                FALSE);
     if (NT_SUCCESS(Status))
     {
         /* Calculate the LM hash value of the password */
         Status = SystemFunction006(LmPwdString.Buffer,
                                    (LPSTR)&OldLmPassword);
         if (NT_SUCCESS(Status))
         {
             OldLmPasswordPresent = TRUE;
         }
     }

     /* Calculate the LM password and hash for the new password */
     LmPwdString.Length = 15;
     LmPwdString.MaximumLength = 15;
     LmPwdString.Buffer = LmPwdBuffer;
     ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);

     Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
                                                &RequestBuffer->NewPassword,
                                                FALSE);
     if (NT_SUCCESS(Status))
     {
         /* Calculate the LM hash value of the password */
         Status = SystemFunction006(LmPwdString.Buffer,
                                    (LPSTR)&NewLmPassword);
         if (NT_SUCCESS(Status))
         {
             NewLmPasswordPresent = TRUE;
         }
     }

     /* Encrypt the old and new LM passwords, if they exist */
     if (OldLmPasswordPresent && NewLmPasswordPresent)
     {
         /* Encrypt the old LM password */
         Status = SystemFunction012((const BYTE *)&OldLmPassword,
                                    (const BYTE *)&NewLmPassword,
                                    (LPBYTE)&OldLmEncryptedWithNewLm);
         if (!NT_SUCCESS(Status))
         {
             TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
             goto done;
         }

         /* Encrypt the new LM password */
         Status = SystemFunction012((const BYTE *)&NewLmPassword,
                                    (const BYTE *)&OldLmPassword,
                                    (LPBYTE)&NewLmEncryptedWithOldLm);
         if (!NT_SUCCESS(Status))
         {
             TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
             goto done;
         }

         pOldLmEncryptedWithNewLm = &OldLmEncryptedWithNewLm;
         pNewLmEncryptedWithOldLm = &NewLmEncryptedWithOldLm;
     }

     /* Encrypt the old NT password */
     Status = SystemFunction012((const BYTE *)&OldNtPassword,
                                (const BYTE *)&NewNtPassword,
                                (LPBYTE)&OldNtEncryptedWithNewNt);
     if (!NT_SUCCESS(Status))
     {
         TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     /* Encrypt the new NT password */
     Status = SystemFunction012((const BYTE *)&NewNtPassword,
                                (const BYTE *)&OldNtPassword,
                                (LPBYTE)&NewNtEncryptedWithOldNt);
     if (!NT_SUCCESS(Status))
     {
         TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
         goto done;
     }

     /* Change the password */
     Status = SamrChangePasswordUser(UserHandle,
                                     OldLmPasswordPresent && NewLmPasswordPresent,
                                     pOldLmEncryptedWithNewLm,
                                     pNewLmEncryptedWithOldLm,
                                     TRUE,
                                     &OldNtEncryptedWithNewNt,
                                     &NewNtEncryptedWithOldNt,
                                     FALSE,
                                     NULL,
                                     FALSE,
                                     NULL);
     if (!NT_SUCCESS(Status))
     {
         TRACE("SamrChangePasswordUser failed (Status %08lx)\n", Status);
         goto done;
     }

 done:
     if (UserHandle != NULL)
         SamrCloseHandle(&UserHandle);

     SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
     SamIFree_SAMPR_ULONG_ARRAY(&Use);

     if (DomainHandle != NULL)
         SamrCloseHandle(&DomainHandle);

     if (DomainSid != NULL)
         SamIFreeVoid(DomainSid);

     if (ServerHandle != NULL)
         SamrCloseHandle(&ServerHandle);

     return Status;
 }


 static
 NTSTATUS
 MsvpCheckPassword(PUNICODE_STRING UserPassword,
                   PSAMPR_USER_INFO_BUFFER UserInfo)
 {
     ENCRYPTED_NT_OWF_PASSWORD UserNtPassword;
     ENCRYPTED_LM_OWF_PASSWORD UserLmPassword;
     BOOLEAN UserLmPasswordPresent = FALSE;
     BOOLEAN UserNtPasswordPresent = FALSE;
     OEM_STRING LmPwdString;
     CHAR LmPwdBuffer[15];
     NTSTATUS Status;

     TRACE("(%p %p)\n", UserPassword, UserInfo);

     /* Calculate the LM password and hash for the users password */
     LmPwdString.Length = 15;
     LmPwdString.MaximumLength = 15;
     LmPwdString.Buffer = LmPwdBuffer;
     ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);

     Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
                                                UserPassword,
                                                FALSE);
     if (NT_SUCCESS(Status))
     {
         /* Calculate the LM hash value of the users password */
         Status = SystemFunction006(LmPwdString.Buffer,
                                    (LPSTR)&UserLmPassword);
         if (NT_SUCCESS(Status))
         {
             UserLmPasswordPresent = TRUE;
         }
     }

     /* Calculate the NT hash of the users password */
     Status = SystemFunction007(UserPassword,
                                (LPBYTE)&UserNtPassword);
     if (NT_SUCCESS(Status))
     {
         UserNtPasswordPresent = TRUE;
     }

     Status = STATUS_WRONG_PASSWORD;

     /* Succeed, if no password has been set */
     if (UserInfo->All.NtPasswordPresent == FALSE &&
         UserInfo->All.LmPasswordPresent == FALSE)
     {
         TRACE("No password check!\n");
         Status = STATUS_SUCCESS;
         goto done;
     }

     /* Succeed, if NT password matches */
     if (UserNtPasswordPresent && UserInfo->All.NtPasswordPresent)
     {
         TRACE("Check NT password hashes:\n");
         if (RtlEqualMemory(&UserNtPassword,
                            UserInfo->All.NtOwfPassword.Buffer,
                            sizeof(ENCRYPTED_NT_OWF_PASSWORD)))
         {
             TRACE("  success!\n");
             Status = STATUS_SUCCESS;
             goto done;
         }

         TRACE("  failed!\n");
     }

     /* Succeed, if LM password matches */
     if (UserLmPasswordPresent && UserInfo->All.LmPasswordPresent)
     {
         TRACE("Check LM password hashes:\n");
         if (RtlEqualMemory(&UserLmPassword,
                            UserInfo->All.LmOwfPassword.Buffer,
                            sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
         {
             TRACE("  success!\n");
             Status = STATUS_SUCCESS;
             goto done;
         }
         TRACE("  failed!\n");
     }

 done:
     return Status;
 }


 static
 BOOL
 MsvpCheckLogonHours(
     _In_ PSAMPR_LOGON_HOURS LogonHours,
     _In_ PLARGE_INTEGER LogonTime)
 {
 #if 0
     LARGE_INTEGER LocalLogonTime;
     TIME_FIELDS TimeFields;
     USHORT MinutesPerUnit, Offset;
     BOOL bFound;

     FIXME("MsvpCheckLogonHours(%p %p)\n", LogonHours, LogonTime);

     if (LogonHours->UnitsPerWeek == 0 || LogonHours->LogonHours == NULL)
     {
         FIXME("No logon hours!\n");
         return TRUE;
     }

     RtlSystemTimeToLocalTime(LogonTime, &LocalLogonTime);
     RtlTimeToTimeFields(&LocalLogonTime, &TimeFields);

     FIXME("UnitsPerWeek: %u\n", LogonHours->UnitsPerWeek);
     MinutesPerUnit = 10080 / LogonHours->UnitsPerWeek;

     Offset = ((TimeFields.Weekday * 24 + TimeFields.Hour) * 60 + TimeFields.Minute) / MinutesPerUnit;
     FIXME("Offset: %us\n", Offset);

     bFound = (BOOL)(LogonHours->LogonHours[Offset / 8] & (1 << (Offset % 8)));
     FIXME("Logon permitted: %s\n", bFound ? "Yes" : "No");

     return bFound;
 #endif
     return TRUE;
 }


 static
 BOOL
 MsvpCheckWorkstations(
     _In_ PRPC_UNICODE_STRING WorkStations,
     _In_ PWSTR ComputerName)
 {
     PWSTR pStart, pEnd;
     BOOL bFound = FALSE;

     TRACE("MsvpCheckWorkstations(%p %S)\n", WorkStations, ComputerName);

     if (WorkStations->Length == 0 || WorkStations->Buffer == NULL)
     {
         TRACE("No workstations!\n");
         return TRUE;
     }

     TRACE("Workstations: %wZ\n", WorkStations);

     pStart = WorkStations->Buffer;
     for (;;)
     {
         pEnd = wcschr(pStart, L',');
         if (pEnd != NULL)
             *pEnd = UNICODE_NULL;

         TRACE("Comparing '%S' and '%S'\n", ComputerName, pStart);
         if (_wcsicmp(ComputerName, pStart) == 0)
         {
             bFound = TRUE;
             if (pEnd != NULL)
                 *pEnd = L',';
             break;
         }

         if (pEnd == NULL)
             break;

         *pEnd = L',';
         pStart = pEnd + 1;
     }

     TRACE("Found allowed workstation: %s\n", (bFound) ? "Yes" : "No");

     return bFound;
 }


 /*
  * @unimplemented
  */
 NTSTATUS
 NTAPI
 LsaApCallPackage(IN PLSA_CLIENT_REQUEST ClientRequest,
                  IN PVOID ProtocolSubmitBuffer,
                  IN PVOID ClientBufferBase,
                  IN ULONG SubmitBufferLength,
                  OUT PVOID *ProtocolReturnBuffer,
                  OUT PULONG ReturnBufferLength,
                  OUT PNTSTATUS ProtocolStatus)
 {
     NTSTATUS Status;
     MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;

     TRACE("LsaApCallPackage()\n");

     if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE))
         return STATUS_INVALID_PARAMETER;

     MessageType = *((PMSV1_0_PROTOCOL_MESSAGE_TYPE)ProtocolSubmitBuffer);

     *ProtocolReturnBuffer = NULL;
     *ReturnBufferLength = 0;

     switch (MessageType)
     {
         case MsV1_0Lm20ChallengeRequest:
         case MsV1_0Lm20GetChallengeResponse:
             Status = STATUS_NOT_IMPLEMENTED;
             break;

         case MsV1_0EnumerateUsers:
         case MsV1_0GetUserInfo:
         case MsV1_0ReLogonUsers:
             Status = STATUS_INVALID_PARAMETER;
             break;

         case MsV1_0ChangePassword:
             Status = MsvpChangePassword(ClientRequest,
                                         ProtocolSubmitBuffer,
                                         ClientBufferBase,
                                         SubmitBufferLength,
                                         ProtocolReturnBuffer,
                                         ReturnBufferLength,
                                         ProtocolStatus);
             break;

         case MsV1_0ChangeCachedPassword:
         case MsV1_0GenericPassthrough:
         case MsV1_0CacheLogon:
         case MsV1_0SubAuth:
         case MsV1_0DeriveCredential:
         case MsV1_0CacheLookup:
             Status = STATUS_NOT_IMPLEMENTED;
             break;

         default:
             return STATUS_INVALID_PARAMETER;
     }

     return Status;
 }


 /*
  * @unimplemented
  */
 NTSTATUS
 NTAPI
 LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest,
                             IN PVOID ProtocolSubmitBuffer,
                             IN PVOID ClientBufferBase,
                             IN ULONG SubmitBufferLength,
                             OUT PVOID *ProtocolReturnBuffer,
                             OUT PULONG ReturnBufferLength,
                             OUT PNTSTATUS ProtocolStatus)
 {
     TRACE("LsaApCallPackagePassthrough()\n");
     return STATUS_NOT_IMPLEMENTED;
 }


 /*
  * @implemented
  */
 NTSTATUS
 NTAPI
 LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest,
                           IN PVOID ProtocolSubmitBuffer,
                           IN PVOID ClientBufferBase,
                           IN ULONG SubmitBufferLength,
                           OUT PVOID *ProtocolReturnBuffer,
                           OUT PULONG ReturnBufferLength,
                           OUT PNTSTATUS ProtocolStatus)
 {
     ULONG MessageType;
     NTSTATUS Status;

     TRACE("LsaApCallPackageUntrusted()\n");

     if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE))
         return STATUS_INVALID_PARAMETER;

     MessageType = (ULONG)*((PMSV1_0_PROTOCOL_MESSAGE_TYPE)ProtocolSubmitBuffer);

     *ProtocolReturnBuffer = NULL;
     *ReturnBufferLength = 0;

     if (MessageType == MsV1_0ChangePassword)
         Status = MsvpChangePassword(ClientRequest,
                                     ProtocolSubmitBuffer,
                                     ClientBufferBase,
                                     SubmitBufferLength,
                                     ProtocolReturnBuffer,
                                     ReturnBufferLength,
                                     ProtocolStatus);
     else
         Status = STATUS_ACCESS_DENIED;

     return Status;
 }


 /*
  * @implemented
  */
 NTSTATUS
 NTAPI
 LsaApInitializePackage(IN ULONG AuthenticationPackageId,
                        IN PLSA_DISPATCH_TABLE LsaDispatchTable,
                        IN PLSA_STRING Database OPTIONAL,
                        IN PLSA_STRING Confidentiality OPTIONAL,
                        OUT PLSA_STRING *AuthenticationPackageName)
 {
     PANSI_STRING NameString;
     PCHAR NameBuffer;

     TRACE("LsaApInitializePackage(%lu %p %p %p %p)\n",
           AuthenticationPackageId, LsaDispatchTable, Database,
           Confidentiality, AuthenticationPackageName);

     /* Get the dispatch table entries */
     DispatchTable.CreateLogonSession = LsaDispatchTable->CreateLogonSession;
     DispatchTable.DeleteLogonSession = LsaDispatchTable->DeleteLogonSession;
     DispatchTable.AddCredential = LsaDispatchTable->AddCredential;
     DispatchTable.GetCredentials = LsaDispatchTable->GetCredentials;
     DispatchTable.DeleteCredential = LsaDispatchTable->DeleteCredential;
     DispatchTable.AllocateLsaHeap = LsaDispatchTable->AllocateLsaHeap;
     DispatchTable.FreeLsaHeap = LsaDispatchTable->FreeLsaHeap;
     DispatchTable.AllocateClientBuffer = LsaDispatchTable->AllocateClientBuffer;
     DispatchTable.FreeClientBuffer = LsaDispatchTable->FreeClientBuffer;
     DispatchTable.CopyToClientBuffer = LsaDispatchTable->CopyToClientBuffer;
     DispatchTable.CopyFromClientBuffer = LsaDispatchTable->CopyFromClientBuffer;

     /* Return the package name */
     NameString = DispatchTable.AllocateLsaHeap(sizeof(LSA_STRING));
     if (NameString == NULL)
         return STATUS_INSUFFICIENT_RESOURCES;

     NameBuffer = DispatchTable.AllocateLsaHeap(sizeof(MSV1_0_PACKAGE_NAME));
     if (NameBuffer == NULL)
     {
         DispatchTable.FreeLsaHeap(NameString);
         return STATUS_INSUFFICIENT_RESOURCES;
     }

     strcpy(NameBuffer, MSV1_0_PACKAGE_NAME);

     RtlInitAnsiString(NameString, NameBuffer);

     *AuthenticationPackageName = (PLSA_STRING)NameString;

     return STATUS_SUCCESS;
 }


 /*
  * @unimplemented
  */
 VOID
 NTAPI
 LsaApLogonTerminated(IN PLUID LogonId)
 {
     TRACE("LsaApLogonTerminated()\n");
 }


 /*
  * @implemented
  */
 NTSTATUS
 NTAPI
 LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest,
                   IN SECURITY_LOGON_TYPE LogonType,
                   IN PVOID ProtocolSubmitBuffer,
                   IN PVOID ClientBufferBase,
                   IN ULONG SubmitBufferSize,
                   OUT PVOID *ProfileBuffer,
                   OUT PULONG ProfileBufferSize,
                   OUT PLUID LogonId,
                   OUT PNTSTATUS SubStatus,
                   OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
                   OUT PVOID *TokenInformation,
                   OUT PUNICODE_STRING *AccountName,
                   OUT PUNICODE_STRING *AuthenticatingAuthority,
                   OUT PUNICODE_STRING *MachineName,
                   OUT PSECPKG_PRIMARY_CRED PrimaryCredentials, /* Not supported yet */
                   OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials) /* Not supported yet */
 {
     static const UNICODE_STRING NtAuthorityU = RTL_CONSTANT_STRING(L"NT AUTHORITY");
     static const UNICODE_STRING LocalServiceU = RTL_CONSTANT_STRING(L"LocalService");
     static const UNICODE_STRING NetworkServiceU = RTL_CONSTANT_STRING(L"NetworkService");

     NTSTATUS Status;
     PMSV1_0_INTERACTIVE_LOGON LogonInfo;
     WCHAR ComputerName[MAX_COMPUTERNAME_LENGTH + 1];
     SAMPR_HANDLE ServerHandle = NULL;
     SAMPR_HANDLE DomainHandle = NULL;
     SAMPR_HANDLE UserHandle = NULL;
     PRPC_SID AccountDomainSid = NULL;
     RPC_UNICODE_STRING Names[1];
     SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
     SAMPR_ULONG_ARRAY Use = {0, NULL};
     PSAMPR_USER_INFO_BUFFER UserInfo = NULL;
     BOOLEAN SessionCreated = FALSE;
     LARGE_INTEGER LogonTime;
     LARGE_INTEGER AccountExpires;
     LARGE_INTEGER PasswordMustChange;
     LARGE_INTEGER PasswordLastSet;
     DWORD ComputerNameSize;
     BOOL SpecialAccount = FALSE;

     TRACE("LsaApLogonUserEx2()\n");

     TRACE("LogonType: %lu\n", LogonType);
     TRACE("ProtocolSubmitBuffer: %p\n", ProtocolSubmitBuffer);
     TRACE("SubmitBufferSize: %lu\n", SubmitBufferSize);

     *ProfileBuffer = NULL;
     *ProfileBufferSize = 0;
     *SubStatus = STATUS_SUCCESS;
     *AccountName = NULL;
     *AuthenticatingAuthority = NULL;

     /* Parameters validation */
     if (LogonType == Interactive ||
         LogonType == Batch ||
         LogonType == Service)
     {
         ULONG_PTR PtrOffset;

         if (SubmitBufferSize < sizeof(MSV1_0_INTERACTIVE_LOGON))
         {
             ERR("Invalid SubmitBufferSize %lu\n", SubmitBufferSize);
             return STATUS_INVALID_PARAMETER;
         }

         LogonInfo = (PMSV1_0_INTERACTIVE_LOGON)ProtocolSubmitBuffer;

         if (LogonInfo->MessageType != MsV1_0InteractiveLogon &&
             LogonInfo->MessageType != MsV1_0WorkstationUnlockLogon)
         {
             ERR("Invalid MessageType %lu\n", LogonInfo->MessageType);
             return STATUS_BAD_VALIDATION_CLASS;
         }

 #if 0   // FIXME: These checks happen to be done on Windows. We however keep them general on ReactOS for now...
         if (LogonInfo->UserName.Length > 512) // CRED_MAX_STRING_LENGTH * sizeof(WCHAR) or (CREDUI_MAX_USERNAME_LENGTH (== CRED_MAX_USERNAME_LENGTH) - 1) * sizeof(WCHAR)
         {
             ERR("UserName too long (%lu, maximum 512)\n", LogonInfo->UserName.Length);
             return STATUS_NAME_TOO_LONG;
         }
         if (LogonInfo->Password.Length > 512) // CREDUI_MAX_PASSWORD_LENGTH * sizeof(WCHAR)
         {
             ERR("Password too long (%lu, maximum 512)\n", LogonInfo->Password.Length);
             return STATUS_NAME_TOO_LONG;
         }
 #endif

         /* Fix-up pointers in the authentication info */
         PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;

         Status = RtlValidateUnicodeString(0, &LogonInfo->LogonDomainName);
         if (!NT_SUCCESS(Status))
             return STATUS_INVALID_PARAMETER;
         /* LogonDomainName is optional and can be an empty string */
         if (LogonInfo->LogonDomainName.Length)
         {
             // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
             LogonInfo->LogonDomainName.Buffer = FIXUP_POINTER(LogonInfo->LogonDomainName.Buffer, PtrOffset);
             LogonInfo->LogonDomainName.MaximumLength = LogonInfo->LogonDomainName.Length;
         }
         else
         {
             LogonInfo->LogonDomainName.Buffer = NULL;
             LogonInfo->LogonDomainName.MaximumLength = 0;
         }

         Status = RtlValidateUnicodeString(0, &LogonInfo->UserName);
         if (!NT_SUCCESS(Status))
             return STATUS_INVALID_PARAMETER;
         /* UserName is mandatory and cannot be an empty string */
         // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
         LogonInfo->UserName.Buffer = FIXUP_POINTER(LogonInfo->UserName.Buffer, PtrOffset);
         LogonInfo->UserName.MaximumLength = LogonInfo->UserName.Length;

         Status = RtlValidateUnicodeString(0, &LogonInfo->Password);
         if (!NT_SUCCESS(Status))
             return STATUS_INVALID_PARAMETER;
         /* Password is optional and can be an empty string */
         if (LogonInfo->Password.Length)
         {
             // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
             LogonInfo->Password.Buffer = FIXUP_POINTER(LogonInfo->Password.Buffer, PtrOffset);
             LogonInfo->Password.MaximumLength = LogonInfo->Password.Length;
         }
         else
         {
             LogonInfo->Password.Buffer = NULL;
             LogonInfo->Password.MaximumLength = 0;
         }

         TRACE("Domain: %S\n", LogonInfo->LogonDomainName.Buffer);
         TRACE("User: %S\n", LogonInfo->UserName.Buffer);
         TRACE("Password: %S\n", LogonInfo->Password.Buffer);

         // TODO: If LogonType == Service, do some extra work using LogonInfo->Password.
     }
     else
     {
         FIXME("LogonType %lu is not supported yet!\n", LogonType);
         return STATUS_NOT_IMPLEMENTED;
     }
     // TODO: Add other LogonType validity checks.

     /* Get the logon time */
     NtQuerySystemTime(&LogonTime);

     /* Get the computer name */
     ComputerNameSize = ARRAYSIZE(ComputerName);
     GetComputerNameW(ComputerName, &ComputerNameSize);

     /* Check for special accounts */
     // FIXME: Windows does not do this that way!! (msv1_0 does not contain these hardcoded values)
     if (RtlEqualUnicodeString(&LogonInfo->LogonDomainName, &NtAuthorityU, TRUE))
     {
         SpecialAccount = TRUE;

         /* Get the authority domain SID */
         Status = GetNtAuthorityDomainSid(&AccountDomainSid);
         if (!NT_SUCCESS(Status))
         {
             ERR("GetNtAuthorityDomainSid() failed (Status 0x%08lx)\n", Status);
             return Status;
         }

         if (RtlEqualUnicodeString(&LogonInfo->UserName, &LocalServiceU, TRUE))
         {
             TRACE("SpecialAccount: LocalService\n");

             if (LogonType != Service)
                 return STATUS_LOGON_FAILURE;

             UserInfo = RtlAllocateHeap(RtlGetProcessHeap(),
                                        HEAP_ZERO_MEMORY,
                                        sizeof(SAMPR_USER_ALL_INFORMATION));
             if (UserInfo == NULL)
             {
                 Status = STATUS_INSUFFICIENT_RESOURCES;
                 goto done;
             }

             UserInfo->All.UserId = SECURITY_LOCAL_SERVICE_RID;
             UserInfo->All.PrimaryGroupId = SECURITY_LOCAL_SERVICE_RID;
         }
         else if (RtlEqualUnicodeString(&LogonInfo->UserName, &NetworkServiceU, TRUE))
         {
             TRACE("SpecialAccount: NetworkService\n");

             if (LogonType != Service)
                 return STATUS_LOGON_FAILURE;

             UserInfo = RtlAllocateHeap(RtlGetProcessHeap(),
                                        HEAP_ZERO_MEMORY,
                                        sizeof(SAMPR_USER_ALL_INFORMATION));
             if (UserInfo == NULL)
             {
                 Status = STATUS_INSUFFICIENT_RESOURCES;
                 goto done;
             }

             UserInfo->All.UserId = SECURITY_NETWORK_SERVICE_RID;
             UserInfo->All.PrimaryGroupId = SECURITY_NETWORK_SERVICE_RID;
         }
         else
         {
             Status = STATUS_NO_SUCH_USER;
             goto done;
         }
     }
     else
     {
         TRACE("NormalAccount\n");

         /* Get the account domain SID */
         Status = GetAccountDomainSid(&AccountDomainSid);
         if (!NT_SUCCESS(Status))
         {
             ERR("GetAccountDomainSid() failed (Status 0x%08lx)\n", Status);
             return Status;
         }

         /* Connect to the SAM server */
         Status = SamIConnect(NULL,
                              &ServerHandle,
                              SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
                              TRUE);
         if (!NT_SUCCESS(Status))
         {
             TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
             goto done;
         }

         /* Open the account domain */
         Status = SamrOpenDomain(ServerHandle,
                                 DOMAIN_LOOKUP,
                                 AccountDomainSid,
                                 &DomainHandle);
         if (!NT_SUCCESS(Status))
         {
             ERR("SamrOpenDomain failed (Status %08lx)\n", Status);
             goto done;
         }

         Names[0].Length = LogonInfo->UserName.Length;
         Names[0].MaximumLength = LogonInfo->UserName.MaximumLength;
         Names[0].Buffer = LogonInfo->UserName.Buffer;

         /* Try to get the RID for the user name */
         Status = SamrLookupNamesInDomain(DomainHandle,
                                          1,
                                          Names,
                                          &RelativeIds,
                                          &Use);
         if (!NT_SUCCESS(Status))
         {
             ERR("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
             Status = STATUS_NO_SUCH_USER;
             goto done;
         }

         /* Fail, if it is not a user account */
         if (Use.Element[0] != SidTypeUser)
         {
             ERR("Account is not a user account!\n");
             Status = STATUS_NO_SUCH_USER;
             goto done;
         }

         /* Open the user object */
         Status = SamrOpenUser(DomainHandle,
                               USER_READ_GENERAL | USER_READ_LOGON |
                               USER_READ_ACCOUNT | USER_READ_PREFERENCES, /* FIXME */
                               RelativeIds.Element[0],
                               &UserHandle);
         if (!NT_SUCCESS(Status))
         {
             ERR("SamrOpenUser failed (Status %08lx)\n", Status);
             goto done;
         }

         Status = SamrQueryInformationUser(UserHandle,
                                           UserAllInformation,
                                           &UserInfo);
         if (!NT_SUCCESS(Status))
         {
             ERR("SamrQueryInformationUser failed (Status %08lx)\n", Status);
             goto done;
         }

         TRACE("UserName: %S\n", UserInfo->All.UserName.Buffer);

         /* Check the password */
         if ((UserInfo->All.UserAccountControl & USER_PASSWORD_NOT_REQUIRED) == 0)
         {
             Status = MsvpCheckPassword(&LogonInfo->Password,
                                        UserInfo);
             if (!NT_SUCCESS(Status))
             {
                 ERR("MsvpCheckPassword failed (Status %08lx)\n", Status);
                 goto done;
             }
         }

         /* Check account restrictions for non-administrator accounts */
         if (RelativeIds.Element[0] != DOMAIN_USER_RID_ADMIN)
         {
             /* Check if the account has been disabled */
             if (UserInfo->All.UserAccountControl & USER_ACCOUNT_DISABLED)
             {
                 ERR("Account disabled!\n");
                 *SubStatus = STATUS_ACCOUNT_DISABLED;
                 Status = STATUS_ACCOUNT_RESTRICTION;
                 goto done;
             }

             /* Check if the account has been locked */
             if (UserInfo->All.UserAccountControl & USER_ACCOUNT_AUTO_LOCKED)
             {
                 ERR("Account locked!\n");
                 *SubStatus = STATUS_ACCOUNT_LOCKED_OUT;
                 Status = STATUS_ACCOUNT_RESTRICTION;
                 goto done;
             }

             /* Check if the account expired */
             AccountExpires.LowPart = UserInfo->All.AccountExpires.LowPart;
             AccountExpires.HighPart = UserInfo->All.AccountExpires.HighPart;
             if (LogonTime.QuadPart >= AccountExpires.QuadPart)
             {
                 ERR("Account expired!\n");
                 *SubStatus = STATUS_ACCOUNT_EXPIRED;
                 Status = STATUS_ACCOUNT_RESTRICTION;
                 goto done;
             }

             /* Check if the password expired */
             PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
             PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;
             PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
             PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;

             if (LogonTime.QuadPart >= PasswordMustChange.QuadPart)
             {
                 ERR("Password expired!\n");
                 if (PasswordLastSet.QuadPart == 0)
                     *SubStatus = STATUS_PASSWORD_MUST_CHANGE;
                 else
                     *SubStatus = STATUS_PASSWORD_EXPIRED;

                 Status = STATUS_ACCOUNT_RESTRICTION;
                 goto done;
             }

             /* Check logon hours */
             if (!MsvpCheckLogonHours(&UserInfo->All.LogonHours, &LogonTime))
             {
                 ERR("Invalid logon hours!\n");
                 *SubStatus = STATUS_INVALID_LOGON_HOURS;
                 Status = STATUS_ACCOUNT_RESTRICTION;
                 goto done;
             }

             /* Check workstations */
             if (!MsvpCheckWorkstations(&UserInfo->All.WorkStations, ComputerName))
             {
                 ERR("Invalid workstation!\n");
                 *SubStatus = STATUS_INVALID_WORKSTATION;
                 Status = STATUS_ACCOUNT_RESTRICTION;
                 goto done;
             }
         }
     }

     /* Return logon information */

     /* Create and return a new logon id */
     Status = NtAllocateLocallyUniqueId(LogonId);
     if (!NT_SUCCESS(Status))
     {
         TRACE("NtAllocateLocallyUniqueId failed (Status %08lx)\n", Status);
         goto done;
     }

     /* Create the logon session */
     Status = DispatchTable.CreateLogonSession(LogonId);
     if (!NT_SUCCESS(Status))
     {
         TRACE("CreateLogonSession failed (Status %08lx)\n", Status);
         goto done;
     }

     SessionCreated = TRUE;

     /* Build and fill the interactive profile buffer */
     Status = BuildInteractiveProfileBuffer(ClientRequest,
                                            UserInfo,
                                            ComputerName,
                                            (PMSV1_0_INTERACTIVE_PROFILE*)ProfileBuffer,
                                            ProfileBufferSize);
     if (!NT_SUCCESS(Status))
     {
         TRACE("BuildInteractiveProfileBuffer failed (Status %08lx)\n", Status);
         goto done;
     }

     /* Return the token information type */
     *TokenInformationType = LsaTokenInformationV1;

     /* Build and fill the token information buffer */
     Status = BuildTokenInformationBuffer((PLSA_TOKEN_INFORMATION_V1*)TokenInformation,
                                          AccountDomainSid,
                                          UserInfo,
                                          SpecialAccount);
     if (!NT_SUCCESS(Status))
     {
         TRACE("BuildTokenInformationBuffer failed (Status %08lx)\n", Status);
         goto done;
     }

 done:
     /* Update the logon time/count or the bad password time/count */
     if ((UserHandle != NULL) &&
         (Status == STATUS_SUCCESS || Status == STATUS_WRONG_PASSWORD))
     {
         SAMPR_USER_INFO_BUFFER InternalInfo;

         RtlZeroMemory(&InternalInfo, sizeof(InternalInfo));

         if (Status == STATUS_SUCCESS)
             InternalInfo.Internal2.Flags = USER_LOGON_SUCCESS;
         else
             InternalInfo.Internal2.Flags = USER_LOGON_BAD_PASSWORD;

         SamrSetInformationUser(UserHandle,
                                UserInternal2Information,
                                &InternalInfo);
     }

     /* Return the account name */
     *AccountName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
     if (*AccountName != NULL)
     {
         (*AccountName)->Buffer = DispatchTable.AllocateLsaHeap(LogonInfo->UserName.Length +
                                                                sizeof(UNICODE_NULL));
         if ((*AccountName)->Buffer != NULL)
         {
             (*AccountName)->MaximumLength = LogonInfo->UserName.Length +
                                             sizeof(UNICODE_NULL);
             RtlCopyUnicodeString(*AccountName, &LogonInfo->UserName);
         }
     }

     /* Return the authenticating authority */
     *AuthenticatingAuthority = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
     if (*AuthenticatingAuthority != NULL)
     {
         (*AuthenticatingAuthority)->Buffer = DispatchTable.AllocateLsaHeap(LogonInfo->LogonDomainName.Length +
                                                                            sizeof(UNICODE_NULL));
         if ((*AuthenticatingAuthority)->Buffer != NULL)
         {
             (*AuthenticatingAuthority)->MaximumLength = LogonInfo->LogonDomainName.Length +
                                                         sizeof(UNICODE_NULL);
             RtlCopyUnicodeString(*AuthenticatingAuthority, &LogonInfo->LogonDomainName);
         }
     }

     /* Return the machine name */
     *MachineName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
     if (*MachineName != NULL)
     {
         (*MachineName)->Buffer = DispatchTable.AllocateLsaHeap((ComputerNameSize + 1) * sizeof(WCHAR));
         if ((*MachineName)->Buffer != NULL)
         {
             (*MachineName)->MaximumLength = (ComputerNameSize + 1) * sizeof(WCHAR);
             (*MachineName)->Length = ComputerNameSize * sizeof(WCHAR);
             RtlCopyMemory((*MachineName)->Buffer, ComputerName, (*MachineName)->MaximumLength);
         }
     }

     if (!NT_SUCCESS(Status))
     {
         if (SessionCreated != FALSE)
             DispatchTable.DeleteLogonSession(LogonId);

         if (*ProfileBuffer != NULL)
         {
             DispatchTable.FreeClientBuffer(ClientRequest,
                                            *ProfileBuffer);
             *ProfileBuffer = NULL;
         }
     }

     if (UserHandle != NULL)
         SamrCloseHandle(&UserHandle);

     SamIFree_SAMPR_USER_INFO_BUFFER(UserInfo,
                                     UserAllInformation);
     SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
     SamIFree_SAMPR_ULONG_ARRAY(&Use);

     if (DomainHandle != NULL)
         SamrCloseHandle(&DomainHandle);

     if (ServerHandle != NULL)
         SamrCloseHandle(&ServerHandle);

     if (AccountDomainSid != NULL)
         RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);

     if (Status == STATUS_NO_SUCH_USER ||
         Status == STATUS_WRONG_PASSWORD)
     {
         *SubStatus = Status;
         Status = STATUS_LOGON_FAILURE;
     }

     TRACE("LsaApLogonUserEx2 done (Status 0x%08lx, SubStatus 0x%08lx)\n", Status, *SubStatus);

     return Status;
 }


 /*
  * @unimplemented
  */
 NTSTATUS
 NTAPI
 SpLsaModeInitialize(
     _In_ ULONG LsaVersion,
     _Out_ PULONG PackageVersion,
     _Out_ PSECPKG_FUNCTION_TABLE *ppTables,
     _Out_ PULONG pcTables)
 {
     SECPKG_FUNCTION_TABLE Tables[1];

     TRACE("SpLsaModeInitialize(0x%lx %p %p %p)\n",
           LsaVersion, PackageVersion, ppTables, pcTables);

     if (LsaVersion != SECPKG_INTERFACE_VERSION)
         return STATUS_INVALID_PARAMETER;

     *PackageVersion = SECPKG_INTERFACE_VERSION;

     RtlZeroMemory(&Tables, sizeof(Tables));

     Tables[0].InitializePackage = LsaApInitializePackage;
 //    Tables[0].LogonUser = NULL;
     Tables[0].CallPackage = (PLSA_AP_CALL_PACKAGE)LsaApCallPackage;
     Tables[0].LogonTerminated = LsaApLogonTerminated;
     Tables[0].CallPackageUntrusted = LsaApCallPackageUntrusted;
     Tables[0].CallPackagePassthrough = (PLSA_AP_CALL_PACKAGE_PASSTHROUGH)LsaApCallPackagePassthrough;
 //    Tables[0].LogonUserEx = NULL;
     Tables[0].LogonUserEx2 = LsaApLogonUserEx2;
 //    Tables[0].Initialize = SpInitialize;
 //    Tables[0].Shutdown = NULL;
 //    Tables[0].GetInfo = NULL;
 //    Tables[0].AcceptCredentials = NULL;
 //    Tables[0].SpAcquireCredentialsHandle = NULL;
 //    Tables[0].SpQueryCredentialsAttributes = NULL;
 //    Tables[0].FreeCredentialsHandle = NULL;
 //    Tables[0].SaveCredentials = NULL;
 //    Tables[0].GetCredentials = NULL;
 //    Tables[0].DeleteCredentials = NULL;
 //    Tables[0].InitLsaModeContext = NULL;
 //    Tables[0].AcceptLsaModeContext = NULL;
 //    Tables[0].DeleteContext = NULL;
 //    Tables[0].ApplyControlToken = NULL;
 //    Tables[0].GetUserInfo = NULL;
 //    Tables[0].GetExtendedInformation = NULL;
 //    Tables[0].SpQueryContextAttributes = NULL;
 //    Tables[0].SpAddCredentials = NULL;
 //    Tables[0].SetExtendedInformation = NULL;

     *ppTables = Tables;
     *pcTables = 1;

     return STATUS_SUCCESS;
 }


 /*
  * @unimplemented
  */
 NTSTATUS
 WINAPI
 SpUserModeInitialize(
     _In_ ULONG LsaVersion,
     _Out_ PULONG PackageVersion,
     _Out_ PSECPKG_USER_FUNCTION_TABLE *ppTables,
     _Out_ PULONG pcTables)
 {
     SECPKG_USER_FUNCTION_TABLE Tables[1];

     TRACE("SpUserModeInitialize(0x%lx %p %p %p)\n",
           LsaVersion, PackageVersion, ppTables, pcTables);

     if (LsaVersion != SECPKG_INTERFACE_VERSION)
         return STATUS_INVALID_PARAMETER;

     *PackageVersion = SECPKG_INTERFACE_VERSION;

     RtlZeroMemory(&Tables, sizeof(Tables));

 //    Tables[0].InstanceInit = SpInstanceInit;
 //    Tables[0].InitUserModeContext = NULL;
 //    Tables[0].MakeSignature = NULL;
 //    Tables[0].VerifySignature = NULL;
 //    Tables[0].SealMessage = NULL;
 //    Tables[0].UnsealMessage = NULL;
 //    Tables[0].GetContextToken = NULL;
 //    Tables[0].SpQueryContextAttributes = NULL;
 //    Tables[0].CompleteAuthToken = NULL;
 //    Tables[0].DeleteUserModeContext = NULL;
 //    Tables[0].FormatCredentials = NULL;
 //    Tables[0].MarshallSupplementalCreds = NULL;
 //    Tables[0].ExportContext = NULL;
 //    Tables[0].ImportContext = NULL;

     *ppTables = Tables;
     *pcTables = 1;

     return STATUS_SUCCESS;
 }

 /* EOF */
LSA_DISPATCH_TABLE::FreeClientBuffer
PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
Definition: authpackage.c:63

LSA_DISPATCH_TABLE::CopyToClientBuffer
PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
Definition: authpackage.c:64

_ENCRYPTED_LM_OWF_PASSWORD
Definition: msv1_0.h:80

_TIME_FIELDS::Weekday
USHORT Weekday
Definition: env_spec_w32.h:718

MsV1_0CacheLogon
Definition: ntsecapi.h:226

_SAMPR_USER_ALL_INFORMATION::LmOwfPassword
RPC_SHORT_BLOB LmOwfPassword
Definition: msv1_0.h:127

PCHAR
signed char * PCHAR
Definition: retypes.h:7

PNTSTATUS
* PNTSTATUS
Definition: strlen.c:14

_SAMPR_ULONG_ARRAY::Element
unsigned long * Element
Definition: lsasrv.h:88

MsV1_0DeriveCredential
Definition: ntsecapi.h:228

PMSV1_0_CHANGEPASSWORD_REQUEST
struct _MSV1_0_CHANGEPASSWORD_REQUEST * PMSV1_0_CHANGEPASSWORD_REQUEST

_LSAPR_POLICY_INFORMATION
Definition: msv1_0.h:301

STATUS_WRONG_PASSWORD
#define STATUS_WRONG_PASSWORD
Definition: ntstatus.h:328

LSA_DISPATCH_TABLE
Definition: authpackage.c:53

_SAMPR_USER_ALL_INFORMATION::UserName
RPC_UNICODE_STRING UserName
Definition: msv1_0.h:117

LsaApCallPackage
NTSTATUS NTAPI LsaApCallPackage(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:968

MSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE MSV1_0_INTERACTIVE_PROFILE

_SAMPR_USER_ALL_INFORMATION
Definition: msv1_0.h:109

SAM_SERVER_CONNECT
#define SAM_SERVER_CONNECT
Definition: ntsam.h:99

IN
#define IN
Definition: typedefs.h:38

BuildTokenInformationBuffer
static NTSTATUS BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation, PRPC_SID AccountDomainSid, PSAMPR_USER_INFO_BUFFER UserInfo, BOOL SpecialAccount)
Definition: msv1_0.c:406

Names
PWSTR Names[NAMES_COUNT]
Definition: RtlGenerate8dot3Name.c:25

MsvpCheckWorkstations
static BOOL MsvpCheckWorkstations(_In_ PRPC_UNICODE_STRING WorkStations, _In_ PWSTR ComputerName)
Definition: msv1_0.c:917

SECURITY_AUTHENTICATED_USER_RID
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:540

TRUE
#define TRUE
Definition: types.h:120

RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)

MsV1_0InteractiveProfile
Definition: ntsecapi.h:206

MSV1_0_PACKAGE_NAME
#define MSV1_0_PACKAGE_NAME
Definition: ntsecapi.h:42

STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158

USER_PASSWORD_NOT_REQUIRED
#define USER_PASSWORD_NOT_REQUIRED
Definition: ntsam.h:169

Batch
Definition: ntsecapi.h:288

_SECPKG_SUPPLEMENTAL_CRED_ARRAY
Definition: ntsecpkg.h:107

LsaApInitializePackage
NTSTATUS NTAPI LsaApInitializePackage(IN ULONG AuthenticationPackageId, IN PLSA_DISPATCH_TABLE LsaDispatchTable, IN PLSA_STRING Database OPTIONAL, IN PLSA_STRING Confidentiality OPTIONAL, OUT PLSA_STRING *AuthenticationPackageName)
Definition: msv1_0.c:1093

_MSV1_0_INTERACTIVE_LOGON::MessageType
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:431

_MSV1_0_INTERACTIVE_PROFILE::LogoffTime
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:441

_TOKEN_GROUPS
Definition: setypes.h:959

_SID
Definition: ms-dtyp.idl:198

_MSV1_0_INTERACTIVE_PROFILE::ProfilePath
UNICODE_STRING ProfilePath
Definition: ntsecapi.h:449

SamrOpenDomain
NTSTATUS __stdcall SamrOpenDomain(SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)

STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225

PLSA_AP_CALL_PACKAGE_PASSTHROUGH
NTSTATUS(NTAPI * PLSA_AP_CALL_PACKAGE_PASSTHROUGH)(PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)
Definition: authpackage.c:73

_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370

_MSV1_0_INTERACTIVE_PROFILE::HomeDirectory
UNICODE_STRING HomeDirectory
Definition: ntsecapi.h:447

PtrOffset
#define PtrOffset(BASE, OFFSET)
Definition: cdprocs.h:1557

STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135

MsV1_0Lm20GetChallengeResponse
Definition: ntsecapi.h:219

PWSTR
uint16_t * PWSTR
Definition: typedefs.h:54

GetNtAuthorityDomainSid
static NTSTATUS GetNtAuthorityDomainSid(PRPC_SID *Sid)
Definition: msv1_0.c:74

_TOKEN_PRIMARY_GROUP
Definition: setypes.h:977

LsaTokenInformationV1
Definition: authpackage.c:17

CHAR
char CHAR
Definition: xmlstorage.h:175

LSA_DISPATCH_TABLE::GetCredentials
PLSA_GET_CREDENTIALS GetCredentials
Definition: authpackage.c:58

_RPC_UNICODE_STRING
Definition: msv1_0.h:51

Ptr
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898

WARN
#define WARN(fmt,...)
Definition: debug.h:111

_SAMPR_USER_ALL_INFORMATION::UserId
unsigned long UserId
Definition: msv1_0.h:131

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369

RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606

PMSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE * PMSV1_0_INTERACTIVE_PROFILE

Interactive
Definition: ntsecapi.h:286

_SAMPR_ULONG_ARRAY
Definition: lsasrv.h:85

SpLsaModeInitialize
NTSTATUS NTAPI SpLsaModeInitialize(_In_ ULONG LsaVersion, _Out_ PULONG PackageVersion, _Out_ PSECPKG_FUNCTION_TABLE *ppTables, _Out_ PULONG pcTables)
Definition: msv1_0.c:1683

LSA_DISPATCH_TABLE::FreeLsaHeap
PLSA_FREE_LSA_HEAP FreeLsaHeap
Definition: authpackage.c:61

ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47

AppendRidToSid
static PSID AppendRidToSid(PSID SrcSid, ULONG Rid)
Definition: msv1_0.c:245

LSA_DISPATCH_TABLE::AllocateLsaHeap
PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
Definition: authpackage.c:60

_MSV1_0_INTERACTIVE_PROFILE::LogonScript
UNICODE_STRING LogonScript
Definition: ntsecapi.h:446

_SAMPR_USER_ALL_INFORMATION::PasswordLastSet
OLD_LARGE_INTEGER PasswordLastSet
Definition: msv1_0.h:113

MachineName
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1286

ZeroMemory
#define ZeroMemory
Definition: winbase.h:1642

RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)

SamrLookupNamesInDomain
NTSTATUS NTAPI SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle, IN ULONG Count, IN RPC_UNICODE_STRING Names[], OUT PSAMPR_ULONG_ARRAY RelativeIds, OUT PSAMPR_ULONG_ARRAY Use)
Definition: samrpc.c:3567

ProfileBufferLength
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
Definition: ntifs.template.h:711

RPC_SHORT_BLOB::Buffer
unsigned short * Buffer
Definition: msv1_0.h:71

SamrChangePasswordUser
NTSTATUS NTAPI SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle, IN unsigned char LmPresent, IN PENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm, IN unsigned char NtPresent, IN PENCRYPTED_NT_OWF_PASSWORD OldNtEncryptedWithNewNt, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithOldNt, IN unsigned char NtCrossEncryptionPresent, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithNewLm, IN unsigned char LmCrossEncryptionPresent, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithNewNt)
Definition: samrpc.c:8333

SystemFunction006
NTSTATUS WINAPI SystemFunction006(LPCSTR password, LPSTR hash)
Definition: crypt_lmhash.c:53

STATUS_ACCOUNT_LOCKED_OUT
#define STATUS_ACCOUNT_LOCKED_OUT
Definition: ntstatus.h:682

_MSV1_0_CHANGEPASSWORD_REQUEST
Definition: ntsecapi.h:507

GetComputerNameW
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:443

OEM_STRING
STRING OEM_STRING
Definition: umtypes.h:203

Groups
TOpcodeData Groups[17][8]
Definition: disassemblerdata.h:895

LPSTR
char * LPSTR
Definition: xmlstorage.h:182

_LSAPR_POLICY_ACCOUNT_DOM_INFO::Sid
PRPC_SID Sid
Definition: msv1_0.h:278

NtAllocateLocallyUniqueId
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:353

_LSAPR_POLICY_INFORMATION::PolicyAccountDomainInfo
LSAPR_POLICY_ACCOUNT_DOM_INFO PolicyAccountDomainInfo
Definition: msv1_0.h:307

SamrLookupDomainInSamServer
NTSTATUS NTAPI SamrLookupDomainInSamServer(IN SAMPR_HANDLE ServerHandle, IN PRPC_UNICODE_STRING Name, OUT PRPC_SID *DomainId)
Definition: samrpc.c:497

RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290

BOOL
#define BOOL
Definition: nt_native.h:43

_MSV1_0_INTERACTIVE_PROFILE::LogonCount
USHORT LogonCount
Definition: ntsecapi.h:438

_SAMPR_LOGON_HOURS
Definition: msv1_0.h:91

_MSV1_0_INTERACTIVE_PROFILE::PasswordMustChange
LARGE_INTEGER PasswordMustChange
Definition: ntsecapi.h:445

_SAMPR_USER_INFO_BUFFER
Definition: msv1_0.h:146

_MSV1_0_INTERACTIVE_LOGON::Password
UNICODE_STRING Password
Definition: ntsecapi.h:434

_SECPKG_FUNCTION_TABLE::CallPackageUntrusted
PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted
Definition: ntsecpkg.h:429

_MSV1_0_CHANGEPASSWORD_REQUEST::AccountName
UNICODE_STRING AccountName
Definition: ntsecapi.h:510

STATUS_ACCOUNT_EXPIRED
#define STATUS_ACCOUNT_EXPIRED
Definition: ntstatus.h:622

_MSV1_0_INTERACTIVE_PROFILE::FullName
UNICODE_STRING FullName
Definition: ntsecapi.h:448

_SAMPR_USER_INFO_BUFFER::All
SAMPR_USER_ALL_INFORMATION All
Definition: msv1_0.h:172

RtlCopyUnicodeString
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)

MsV1_0CacheLookup
Definition: ntsecapi.h:229

STATUS_INVALID_LOGON_HOURS
#define STATUS_INVALID_LOGON_HOURS
Definition: ntstatus.h:333

LsaIOpenPolicyTrusted
NTSTATUS WINAPI LsaIOpenPolicyTrusted(OUT LSAPR_HANDLE *PolicyHandle)
Definition: policy.c:15

USER_ACCOUNT_DISABLED
#define USER_ACCOUNT_DISABLED
Definition: ntsam.h:167

STATUS_ACCOUNT_RESTRICTION
#define STATUS_ACCOUNT_RESTRICTION
Definition: ntstatus.h:332

_MSV1_0_INTERACTIVE_PROFILE
Definition: ntsecapi.h:436

RtlInitAnsiString
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)

ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:63

WINE_DEFAULT_DEBUG_CHANNEL
WINE_DEFAULT_DEBUG_CHANNEL(msv1_0)

UserAllInformation
Definition: ntsam.h:506

LsaIFree_LSAPR_POLICY_INFORMATION
VOID NTAPI LsaIFree_LSAPR_POLICY_INFORMATION(IN POLICY_INFORMATION_CLASS InformationClass, IN PLSAPR_POLICY_INFORMATION PolicyInformation)
Definition: lsasrv.c:51

SamIConnect
NTSTATUS NTAPI SamIConnect(PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)

PMSV1_0_INTERACTIVE_LOGON
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON

RtlInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)

i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

SamIFreeVoid
VOID NTAPI SamIFreeVoid(PVOID Ptr)
Definition: samsrv.c:146

GetAccountDomainSid
static NTSTATUS GetAccountDomainSid(PRPC_SID *Sid)
Definition: msv1_0.c:25

FIXUP_POINTER
#define FIXUP_POINTER(Pointer, Offset)
Definition: msv1_0.h:40

LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:52

ProtocolStatus
VOID NTAPI ProtocolStatus(NDIS_HANDLE BindingContext, NDIS_STATUS GenerelStatus, PVOID StatusBuffer, UINT StatusBufferSize)
Called by NDIS when the underlying driver has changed state.
Definition: lan.c:461

USER_READ_GENERAL
#define USER_READ_GENERAL
Definition: ntsam.h:126

SystemFunction012
NTSTATUS WINAPI SystemFunction012(const BYTE *in, const BYTE *key, LPBYTE out)
Definition: sysfunc.c:353

NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117

Offset
_In_ ULONG _In_ ULONG Offset
Definition: ntddpcm.h:101

UNICODE_NULL
#define UNICODE_NULL

SubStatus
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
Definition: ntifs.template.h:711

_LUID
Definition: devicetopology.idl:136

LsaApLogonTerminated
VOID NTAPI LsaApLogonTerminated(IN PLUID LogonId)
Definition: msv1_0.c:1146

PMSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE * PMSV1_0_PROTOCOL_MESSAGE_TYPE

BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94

_SAMPR_USER_INTERNAL2_INFORMATION::Flags
unsigned long Flags
Definition: msv1_0.h:102

BufferLength
_In_ ULONG BufferLength
Definition: usbdlib.h:225

FALSE
Definition: jmorecfg.h:365

_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371

MsV1_0InteractiveLogon
Definition: ntsecapi.h:199

DOMAIN_USER_RID_ADMIN
#define DOMAIN_USER_RID_ADMIN
Definition: setypes.h:603

LSA_DISPATCH_TABLE::CreateLogonSession
PLSA_CREATE_LOGON_SESSION CreateLogonSession
Definition: authpackage.c:55

_ANSI_STRING
Definition: env_spec_w32.h:375

RtlUpcaseUnicodeStringToOemString
NTSYSAPI NTSTATUS NTAPI RtlUpcaseUnicodeStringToOemString(POEM_STRING DestinationString, PCUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)

_MSV1_0_INTERACTIVE_PROFILE::PasswordLastSet
LARGE_INTEGER PasswordLastSet
Definition: ntsecapi.h:443

FIXME
#define FIXME(fmt,...)
Definition: debug.h:110

BuildInteractiveProfileBuffer
static NTSTATUS BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PSAMPR_USER_INFO_BUFFER UserInfo, IN PWSTR ComputerName, OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer, OUT PULONG ProfileBufferLength)
Definition: msv1_0.c:95

_SECPKG_FUNCTION_TABLE::CallPackage
PLSA_AP_CALL_PACKAGE CallPackage
Definition: ntsecpkg.h:427

RtlValidateUnicodeString
NTSYSAPI NTSTATUS NTAPI RtlValidateUnicodeString(_In_ ULONG Flags, _In_ PCUNICODE_STRING String)
Definition: unicode.c:2544

_SECPKG_FUNCTION_TABLE
Definition: ntsecpkg.h:424

BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185

_LARGE_INTEGER::HighPart
LONG HighPart
Definition: typedefs.h:105

NULL
smooth NULL
Definition: ftsmooth.c:416

SE_GROUP_ENABLED_BY_DEFAULT
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91

PLSA_TOKEN_INFORMATION_TYPE
enum _LSA_TOKEN_INFORMATION_TYPE * PLSA_TOKEN_INFORMATION_TYPE

_Out_
#define _Out_
Definition: no_sal2.h:323

SAM_SERVER_LOOKUP_DOMAIN
#define SAM_SERVER_LOOKUP_DOMAIN
Definition: ntsam.h:104

Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104

_MSV1_0_INTERACTIVE_PROFILE::LogonTime
LARGE_INTEGER LogonTime
Definition: ntsecapi.h:440

RtlSystemTimeToLocalTime
NTSYSAPI NTSTATUS NTAPI RtlSystemTimeToLocalTime(_In_ PLARGE_INTEGER SystemTime, _Out_ PLARGE_INTEGER LocalTime)

Buffer
Definition: bufpool.h:45

_SAMPR_USER_ALL_INFORMATION::AccountExpires
OLD_LARGE_INTEGER AccountExpires
Definition: msv1_0.h:114

SECPKG_INTERFACE_VERSION
#define SECPKG_INTERFACE_VERSION
Definition: ntsecpkg.h:34

RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150

SECURITY_LOCAL_SERVICE_RID
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:547

PLSA_AP_CALL_PACKAGE
NTSTATUS(NTAPI * PLSA_AP_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)
Definition: ntsecpkg.h:333

SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526

STATUS_NAME_TOO_LONG
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:484

TokenGroups
Definition: setypes.h:913

_SECPKG_FUNCTION_TABLE::InitializePackage
PLSA_AP_INITIALIZE_PACKAGE InitializePackage
Definition: ntsecpkg.h:425

RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588

_TIME_FIELDS::Hour
USHORT Hour
Definition: env_spec_w32.h:714

PrimaryGroup
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1559

STATUS_NO_SUCH_USER
#define STATUS_NO_SUCH_USER
Definition: ntstatus.h:322

_SECPKG_USER_FUNCTION_TABLE
Definition: ntsecpkg.h:472

RtlTimeToTimeFields
BOOLEAN RtlTimeToTimeFields(IN PLARGE_INTEGER Time, IN PTIME_FIELDS TimeFields)
Definition: env_spec_w32.cpp:895

LsarQueryInformationPolicy
NTSTATUS WINAPI LsarQueryInformationPolicy(LSAPR_HANDLE PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: lsarpc.c:531

MsV1_0GetUserInfo
Definition: ntsecapi.h:221

STATUS_ACCOUNT_DISABLED
#define STATUS_ACCOUNT_DISABLED
Definition: ntstatus.h:336

_SAMPR_USER_ALL_INFORMATION::PasswordMustChange
OLD_LARGE_INTEGER PasswordMustChange
Definition: msv1_0.h:116

LSA_DISPATCH_TABLE::DeleteCredential
PLSA_DELETE_CREDENTIAL DeleteCredential
Definition: authpackage.c:59

_TIME_FIELDS::Minute
USHORT Minute
Definition: env_spec_w32.h:715

BuildTokenGroups
static NTSTATUS BuildTokenGroups(OUT PTOKEN_GROUPS *Groups, IN PSID AccountDomainSid, IN ULONG RelativeId, IN BOOL SpecialAccount)
Definition: msv1_0.c:310

_MSV1_0_INTERACTIVE_LOGON::UserName
UNICODE_STRING UserName
Definition: ntsecapi.h:433

TRACE
#define TRACE(s)
Definition: solgame.cpp:4

SidTypeUser
Definition: lsa.idl:118

_SECPKG_FUNCTION_TABLE::LogonUserEx2
PLSA_AP_LOGON_USER_EX2 LogonUserEx2
Definition: ntsecpkg.h:432

_MSV1_0_INTERACTIVE_PROFILE::KickOffTime
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:442

SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553

wcschr
_CONST_RETURN wchar_t *__cdecl wcschr(_In_z_ const wchar_t *_Str, wchar_t _Ch)

RtlEqualMemory
NTSYSAPI ULONG NTAPI RtlEqualMemory(CONST VOID *Source1, CONST VOID *Source2, ULONG Length)

MsV1_0WorkstationUnlockLogon
Definition: ntsecapi.h:203

STATUS_PASSWORD_EXPIRED
#define STATUS_PASSWORD_EXPIRED
Definition: ntstatus.h:335

WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32

USER_READ_ACCOUNT
#define USER_READ_ACCOUNT
Definition: ntsam.h:130

SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92

Database
Definition: xml2sdb.h:172

DispatchTable
LSA_DISPATCH_TABLE DispatchTable
Definition: msv1_0.c:18

SystemFunction007
NTSTATUS WINAPI SystemFunction007(const UNICODE_STRING *string, LPBYTE hash)
Definition: sysfunc.c:245

_SID_AND_ATTRIBUTES
Definition: setypes.h:474

RtlSubAuthorityCountSid
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104

_MSV1_0_CHANGEPASSWORD_REQUEST::NewPassword
UNICODE_STRING NewPassword
Definition: ntsecapi.h:512

UserInternal2Information
Definition: ntsam.h:504

WINAPI
#define WINAPI
Definition: msvc.h:6

_SECPKG_FUNCTION_TABLE::CallPackagePassthrough
PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough
Definition: ntsecpkg.h:430

DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95

MsvpCheckPassword
static NTSTATUS MsvpCheckPassword(PUNICODE_STRING UserPassword, PSAMPR_USER_INFO_BUFFER UserInfo)
Definition: msv1_0.c:789

STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145

Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101

SE_GROUP_MANDATORY
#define SE_GROUP_MANDATORY
Definition: setypes.h:90

_MSV1_0_INTERACTIVE_PROFILE::LogonServer
UNICODE_STRING LogonServer
Definition: ntsecapi.h:451

_SAMPR_USER_ALL_INFORMATION::LogonHours
SAMPR_LOGON_HOURS LogonHours
Definition: msv1_0.h:135

LSA_DISPATCH_TABLE::DeleteLogonSession
PLSA_DELETE_LOGON_SESSION DeleteLogonSession
Definition: authpackage.c:56

USER_LOGON_SUCCESS
#define USER_LOGON_SUCCESS
Definition: msv1_0.h:98

LsarClose
NTSTATUS WINAPI LsarClose(LSAPR_HANDLE *ObjectHandle)
Definition: lsarpc.c:125

_SAMPR_USER_ALL_INFORMATION::PrimaryGroupId
unsigned long PrimaryGroupId
Definition: msv1_0.h:132

ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)

SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:512

USER_LOGON_BAD_PASSWORD
#define USER_LOGON_BAD_PASSWORD
Definition: msv1_0.h:97

_TOKEN_USER
Definition: setypes.h:955

LSA_DISPATCH_TABLE::CopyFromClientBuffer
PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
Definition: authpackage.c:65

UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181

STATUS_BAD_VALIDATION_CLASS
#define STATUS_BAD_VALIDATION_CLASS
Definition: ntstatus.h:389

wcscpy
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)

L
static const WCHAR L[]
Definition: oid.c:1250

USER_ACCOUNT_AUTO_LOCKED
#define USER_ACCOUNT_AUTO_LOCKED
Definition: ntsam.h:177

_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194

ProfileBuffer
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
Definition: ntifs.template.h:711

_LARGE_INTEGER::LowPart
ULONG LowPart
Definition: typedefs.h:104

memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878

BYTE
unsigned char BYTE
Definition: mem.h:68

_TIME_FIELDS
Definition: env_spec_w32.h:710

_MSV1_0_CHANGEPASSWORD_REQUEST::DomainName
UNICODE_STRING DomainName
Definition: ntsecapi.h:509

_SAMPR_USER_ALL_INFORMATION::LmPasswordPresent
unsigned char LmPasswordPresent
Definition: msv1_0.h:140

SpUserModeInitialize
NTSTATUS WINAPI SpUserModeInitialize(_In_ ULONG LsaVersion, _Out_ PULONG PackageVersion, _Out_ PSECPKG_USER_FUNCTION_TABLE *ppTables, _Out_ PULONG pcTables)
Definition: msv1_0.c:1741

MsV1_0ReLogonUsers
Definition: ntsecapi.h:222

LSA_DISPATCH_TABLE::AddCredential
PLSA_ADD_CREDENTIAL AddCredential
Definition: authpackage.c:57

SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:548

_OLD_LARGE_INTEGER::HighPart
long HighPart
Definition: msv1_0.h:64

SamIFree_SAMPR_USER_INFO_BUFFER
VOID NTAPI SamIFree_SAMPR_USER_INFO_BUFFER(PSAMPR_USER_INFO_BUFFER Ptr, USER_INFORMATION_CLASS InformationClass)
Definition: samsrv.c:531

Status
Status
Definition: gdiplustypes.h:24

MsvpChangePassword
static NTSTATUS MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:491

ERR
#define ERR(fmt,...)
Definition: debug.h:109

_In_
#define _In_
Definition: no_sal2.h:204

MsV1_0SubAuth
Definition: ntsecapi.h:227

MAX_COMPUTERNAME_LENGTH
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:240

_UNICODE_STRING
Definition: env_spec_w32.h:368

_MSV1_0_INTERACTIVE_PROFILE::UserFlags
ULONG UserFlags
Definition: ntsecapi.h:452

_RPC_SID
Definition: msv1_0.h:43

SamIFree_SAMPR_ULONG_ARRAY
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr)
Definition: samsrv.c:515

STATUS_INVALID_WORKSTATION
#define STATUS_INVALID_WORKSTATION
Definition: ntstatus.h:334

LsaApCallPackagePassthrough
NTSTATUS NTAPI LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:1034

LSA_DISPATCH_TABLE::AllocateClientBuffer
PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
Definition: authpackage.c:62

LsaApCallPackageUntrusted
NTSTATUS NTAPI LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:1052

_MSV1_0_INTERACTIVE_PROFILE::PasswordCanChange
LARGE_INTEGER PasswordCanChange
Definition: ntsecapi.h:444

DOMAIN_ALIAS_RID_USERS
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:625

USHORT
unsigned short USHORT
Definition: pedump.c:61

LogonType
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
Definition: ntifs.template.h:707

STATUS_PASSWORD_MUST_CHANGE
#define STATUS_PASSWORD_MUST_CHANGE
Definition: ntstatus.h:666

_SAMPR_USER_ALL_INFORMATION::UserAccountControl
unsigned long UserAccountControl
Definition: msv1_0.h:133

_MSV1_0_INTERACTIVE_PROFILE::MessageType
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:437

_OLD_LARGE_INTEGER::LowPart
unsigned long LowPart
Definition: msv1_0.h:63

SamrSetInformationUser
NTSTATUS NTAPI SamrSetInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, IN PSAMPR_USER_INFO_BUFFER Buffer)
Definition: samrpc.c:8128

SECURITY_LOGON_TYPE
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE

SamrCloseHandle
NTSTATUS __stdcall SamrCloseHandle(SAMPR_HANDLE *SamHandle)

_MSV1_0_INTERACTIVE_PROFILE::HomeDirectoryDrive
UNICODE_STRING HomeDirectoryDrive
Definition: ntsecapi.h:450

wcscat
_CRTIMP wchar_t *__cdecl wcscat(_Inout_updates_z_(_String_length_(_Dest)+_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)

DOMAIN_GROUP_RID_USERS
#define DOMAIN_GROUP_RID_USERS
Definition: setypes.h:612

PULONG
unsigned int * PULONG
Definition: retypes.h:1

_SECPKG_PRIMARY_CRED
Definition: ntsecpkg.h:84

_MSV1_0_INTERACTIVE_PROFILE::BadPasswordCount
USHORT BadPasswordCount
Definition: ntsecapi.h:439

LogonId
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
Definition: ntifs.template.h:711

PLSA_STRING
struct _LSA_STRING * PLSA_STRING

msv1_0.h

HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:123

SamrOpenUser
NTSTATUS NTAPI SamrOpenUser(IN SAMPR_HANDLE DomainHandle, IN ACCESS_MASK DesiredAccess, IN ULONG UserId, OUT SAMPR_HANDLE *UserHandle)

_LARGE_INTEGER
Definition: typedefs.h:100

USER_READ_PREFERENCES
#define USER_READ_PREFERENCES
Definition: ntsam.h:127

_SAMPR_USER_ALL_INFORMATION::NtOwfPassword
RPC_SHORT_BLOB NtOwfPassword
Definition: msv1_0.h:128

MsV1_0ChangePassword
Definition: ntsecapi.h:223

OUT
#define OUT
Definition: typedefs.h:39

_MSV1_0_CHANGEPASSWORD_REQUEST::OldPassword
UNICODE_STRING OldPassword
Definition: ntsecapi.h:511

Service
Definition: ntsecapi.h:289

strcpy
char * strcpy(char *DstString, const char *SrcString)
Definition: utclib.c:388

ULONG
unsigned int ULONG
Definition: retypes.h:1

DOMAIN_LOOKUP
#define DOMAIN_LOOKUP
Definition: ntsam.h:42

RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261

_SAMPR_USER_INFO_BUFFER::Internal2
SAMPR_USER_INTERNAL2_INFORMATION Internal2
Definition: msv1_0.h:168

ULONG_PTR
#define ULONG_PTR
Definition: config.h:101

NtQuerySystemTime
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:417

AccountDomainSid
PSID AccountDomainSid
Definition: database.c:22

MsV1_0GenericPassthrough
Definition: ntsecapi.h:225

LsaApLogonUserEx2
NTSTATUS NTAPI LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest, IN SECURITY_LOGON_TYPE LogonType, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferSize, OUT PVOID *ProfileBuffer, OUT PULONG ProfileBufferSize, OUT PLUID LogonId, OUT PNTSTATUS SubStatus, OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType, OUT PVOID *TokenInformation, OUT PUNICODE_STRING *AccountName, OUT PUNICODE_STRING *AuthenticatingAuthority, OUT PUNICODE_STRING *MachineName, OUT PSECPKG_PRIMARY_CRED PrimaryCredentials, OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials)
Definition: msv1_0.c:1157

_LSA_TOKEN_INFORMATION_V1
Definition: authpackage.c:26

MSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE MSV1_0_PROTOCOL_MESSAGE_TYPE

_LSA_STRING
Definition: ntsecapi.h:171

MsV1_0ChangeCachedPassword
Definition: ntsecapi.h:224

SamrQueryInformationUser
NTSTATUS NTAPI SamrQueryInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, OUT PSAMPR_USER_INFO_BUFFER *Buffer)
Definition: samrpc.c:7337

LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

PolicyAccountDomainInformation
Definition: ntsecapi.h:244

void
Definition: nsiface.idl:2306

Buffer
IN BOOLEAN OUT PSTR Buffer
Definition: progress.h:34

TimeFields
static PTIME_FIELDS TimeFields
Definition: time.c:104

STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2938

MsV1_0EnumerateUsers
Definition: ntsecapi.h:220

MsvpCheckLogonHours
static BOOL MsvpCheckLogonHours(_In_ PSAMPR_LOGON_HOURS LogonHours, _In_ PLARGE_INTEGER LogonTime)
Definition: msv1_0.c:879

BuildTokenPrimaryGroup
static NTSTATUS BuildTokenPrimaryGroup(OUT PTOKEN_PRIMARY_GROUP PrimaryGroup, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:292

RtlEqualUnicodeString
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)

_SECPKG_FUNCTION_TABLE::LogonTerminated
PLSA_AP_LOGON_TERMINATED LogonTerminated
Definition: ntsecpkg.h:428

USER_READ_LOGON
#define USER_READ_LOGON
Definition: ntsam.h:129

wcslen
size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)

BuildTokenUser
static NTSTATUS BuildTokenUser(OUT PTOKEN_USER User, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:272

_MSV1_0_INTERACTIVE_LOGON
Definition: ntsecapi.h:430

_wcsicmp
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)

STATUS_LOGON_FAILURE
#define STATUS_LOGON_FAILURE
Definition: ntstatus.h:331

MsV1_0Lm20ChallengeRequest
Definition: ntsecapi.h:218

_SAMPR_USER_ALL_INFORMATION::NtPasswordPresent
unsigned char NtPasswordPresent
Definition: msv1_0.h:141

_SAMPR_USER_ALL_INFORMATION::WorkStations
RPC_UNICODE_STRING WorkStations
Definition: msv1_0.h:124

NtAuthority
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:19

_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:112

_MSV1_0_INTERACTIVE_LOGON::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:432

RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54

USER_CHANGE_PASSWORD
#define USER_CHANGE_PASSWORD
Definition: ntsam.h:132

SystemAuthority
static SID_IDENTIFIER_AUTHORITY SystemAuthority
Definition: msgina.c:38

_RPC_UNICODE_STRING::Buffer
wchar_t * Buffer
Definition: msv1_0.h:55

RTL_CONSTANT_STRING
#define RTL_CONSTANT_STRING(s)
Definition: tunneltest.c:14

OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68