27 TRACE(
"LsaIOpenPolicyTrusted() failed (Status 0x%08lx)\n",
Status);
36 TRACE(
"LsarQueryInformationPolicy() failed (Status 0x%08lx)\n",
Status);
45 ERR(
"Failed to allocate SID\n");
53 if (PolicyInfo !=
NULL)
57 if (PolicyHandle !=
NULL)
78 TRACE(
"(%p %p)\n", UserPwdData, UserInfo);
81 LmPwdString.Length = 15;
82 LmPwdString.MaximumLength = 15;
83 LmPwdString.Buffer = LmPwdBuffer;
84 ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
87 UserPwdData->PlainPwd,
93 (
LPSTR)&UserLmPassword);
96 UserLmPasswordPresent =
TRUE;
105 UserNtPasswordPresent =
TRUE;
111 if (UserInfo->All.NtPasswordPresent ==
FALSE &&
112 UserInfo->All.LmPasswordPresent ==
FALSE)
114 TRACE(
"No password check!\n");
120 if (UserNtPasswordPresent && UserInfo->All.NtPasswordPresent)
122 TRACE(
"Check NT password hashes:\n");
124 UserInfo->All.NtOwfPassword.Buffer,
127 TRACE(
" success!\n");
136 if (UserLmPasswordPresent && UserInfo->All.LmPasswordPresent)
138 TRACE(
"Check LM password hashes:\n");
140 UserInfo->All.LmOwfPassword.Buffer,
143 TRACE(
" success!\n");
167 FIXME(
"MsvpCheckLogonHours(%p %llx)\n", LogonHours, LogonTime);
169 if (LogonHours->UnitsPerWeek == 0 || LogonHours->LogonHours ==
NULL)
171 FIXME(
"No logon hours!\n");
178 FIXME(
"UnitsPerWeek: %u\n", LogonHours->UnitsPerWeek);
179 MinutesPerUnit = 10080 / LogonHours->UnitsPerWeek;
185 FIXME(
"Logon permitted: %s\n", bFound ?
"Yes" :
"No");
202 TRACE(
"MsvpCheckWorkstations(%p %S)\n", WorkStations, ComputerName);
204 if (WorkStations->Length == 0 || WorkStations->Buffer ==
NULL)
206 TRACE(
"No workstations!\n");
210 TRACE(
"Workstations: %wZ\n", WorkStations);
212 pStart = WorkStations->Buffer;
219 TRACE(
"Comparing '%S' and '%S'\n", ComputerName, pStart);
220 if (
_wcsicmp(ComputerName, pStart) == 0)
235 TRACE(
"Found allowed workstation: %s\n", (bFound) ?
"Yes" :
"No");
270 ERR(
"GetAccountDomainSid() failed (Status 0x%08lx)\n",
Status);
278 TRACE(
"SamIConnect() failed (Status 0x%08lx)\n",
Status);
286 ERR(
"SamrOpenDomain failed (Status %08lx)\n",
Status);
290 Names[0].Length = UserName->Length;
291 Names[0].MaximumLength = UserName->MaximumLength;
292 Names[0].Buffer = UserName->Buffer;
298 ERR(
"SamrLookupNamesInDomain failed (Status %08lx)\n",
Status);
307 ERR(
"Account is not a user account!\n");
320 ERR(
"SamrOpenUser failed (Status %08lx)\n",
Status);
327 ERR(
"SamrQueryInformationUser failed (Status %08lx)\n",
Status);
339 ERR(
"MsvpCheckPassword failed (Status %08lx)\n",
Status);
350 ERR(
"Account disabled!\n");
359 ERR(
"Account locked!\n");
368 ERR(
"Account expired!\n");
377 ERR(
"Password expired!\n");
390 ERR(
"Invalid logon hours!\n");
399 ERR(
"Invalid workstation!\n");
408 *UserHandlePtr = UserHandle;
410 *UserInfoPtr = UserInfo;
417 if (UserHandle !=
NULL)
427 if (DomainHandle !=
NULL)
430 if (ServerHandle !=
NULL)
449 ERR(
"Failed to allocate SID\n");
478 *SpecialAccount =
FALSE;
486 *SpecialAccount =
TRUE;
492 ERR(
"GetNtAuthorityDomainSid() failed (Status 0x%08lx)\n",
Status);
498 TRACE(
"SpecialAccount: LocalService\n");
506 if (*UserInfoPtr ==
NULL)
514 TRACE(
"SpecialAccount: NetworkService\n");
522 if (*UserInfoPtr ==
NULL)
535 TRACE(
"NormalAccount\n");
545 ERR(
"SamValidateNormalUser() failed (Status 0x%08lx)\n",
Status);
unsigned long long UINT64
NTSTATUS __stdcall SamrOpenDomain(SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr)
NTSTATUS __stdcall SamrCloseHandle(SAMPR_HANDLE *SamHandle)
NTSTATUS NTAPI SamIConnect(PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)
#define WINE_DEFAULT_DEBUG_CHANNEL(t)
static SID_IDENTIFIER_AUTHORITY NtAuthority
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
#define NT_SUCCESS(StatCode)
NTSTATUS WINAPI SystemFunction006(LPCSTR password, LPSTR hash)
NTSTATUS NTAPI SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle, IN ULONG Count, IN RPC_UNICODE_STRING Names[], OUT PSAMPR_ULONG_ARRAY RelativeIds, OUT PSAMPR_ULONG_ARRAY Use)
NTSTATUS WINAPI LsaIOpenPolicyTrusted(OUT LSAPR_HANDLE *PolicyHandle)
BOOLEAN RtlTimeToTimeFields(IN PLARGE_INTEGER Time, IN PTIME_FIELDS TimeFields)
#define RtlEqualMemory(dst, src, len)
NTSTATUS WINAPI LsarClose(LSAPR_HANDLE *ObjectHandle)
NTSTATUS WINAPI LsarQueryInformationPolicy(LSAPR_HANDLE PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, PLSAPR_POLICY_INFORMATION *PolicyInformation)
VOID NTAPI LsaIFree_LSAPR_POLICY_INFORMATION(IN POLICY_INFORMATION_CLASS InformationClass, IN PLSAPR_POLICY_INFORMATION PolicyInformation)
#define memcpy(s1, s2, n)
static PTIME_FIELDS TimeFields
VOID NTAPI SamIFree_SAMPR_USER_INFO_BUFFER(PSAMPR_USER_INFO_BUFFER Ptr, USER_INFORMATION_CLASS InformationClass)
NTSTATUS NTAPI SamrOpenUser(IN SAMPR_HANDLE DomainHandle, IN ACCESS_MASK DesiredAccess, IN ULONG UserId, OUT SAMPR_HANDLE *UserHandle)
NTSTATUS NTAPI SamrQueryInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, OUT PSAMPR_USER_INFO_BUFFER *Buffer)
NTSYSAPI NTSTATUS NTAPI RtlUpcaseUnicodeStringToOemString(POEM_STRING DestinationString, PCUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
NTSYSAPI NTSTATUS NTAPI RtlSystemTimeToLocalTime(_In_ PLARGE_INTEGER SystemTime, _Out_ PLARGE_INTEGER LocalTime)
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)
_In_ ULONG _In_ ULONG Offset
_In_ ULONG _In_ ULONG _In_ ULONG Length
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
#define USER_READ_GENERAL
#define USER_PASSWORD_NOT_REQUIRED
#define USER_READ_PREFERENCES
#define USER_READ_ACCOUNT
#define SAM_SERVER_LOOKUP_DOMAIN
#define SAM_SERVER_CONNECT
#define USER_ACCOUNT_AUTO_LOCKED
#define USER_ACCOUNT_DISABLED
@ PolicyAccountDomainInformation
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
#define STATUS_WRONG_PASSWORD
#define STATUS_INVALID_LOGON_HOURS
#define STATUS_ACCOUNT_DISABLED
#define STATUS_NO_SUCH_USER
#define STATUS_PASSWORD_MUST_CHANGE
#define STATUS_PASSWORD_EXPIRED
#define STATUS_INVALID_WORKSTATION
#define STATUS_ACCOUNT_EXPIRED
#define STATUS_ACCOUNT_LOCKED_OUT
#define STATUS_LOGON_FAILURE
#define STATUS_ACCOUNT_RESTRICTION
static NTSTATUS GetNtAuthorityDomainSid(_In_ PRPC_SID *Sid)
static bool MsvpCheckWorkstations(_In_ PRPC_UNICODE_STRING WorkStations, _In_ PWSTR ComputerName)
static NTSTATUS GetAccountDomainSid(_In_ PRPC_SID *Sid)
static NTSTATUS MsvpCheckPassword(_In_ PLSA_SAM_PWD_DATA UserPwdData, _In_ PSAMPR_USER_INFO_BUFFER UserInfo)
static NTSTATUS SamValidateNormalUser(_In_ PUNICODE_STRING UserName, _In_ PLSA_SAM_PWD_DATA PwdData, _In_ PUNICODE_STRING ComputerName, _Out_ PRPC_SID *AccountDomainSidPtr, _Out_ SAMPR_HANDLE *UserHandlePtr, _Out_ PSAMPR_USER_INFO_BUFFER *UserInfoPtr, _Out_ PNTSTATUS SubStatus)
NTSTATUS SamValidateUser(_In_ SECURITY_LOGON_TYPE LogonType, _In_ PUNICODE_STRING LogonUserName, _In_ PUNICODE_STRING LogonDomain, _In_ PLSA_SAM_PWD_DATA LogonPwdData, _In_ PUNICODE_STRING ComputerName, _Out_ PBOOL SpecialAccount, _Out_ PRPC_SID *AccountDomainSidPtr, _Out_ SAMPR_HANDLE *UserHandlePtr, _Out_ PSAMPR_USER_INFO_BUFFER *UserInfoPtr, _Out_ PNTSTATUS SubStatus)
Validates a user by checking if it exists in the sam database. Some other checks are done further.
static bool MsvpCheckLogonHours(_In_ PSAMPR_LOGON_HOURS LogonHours, _In_ LARGE_INTEGER LogonTime)
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
NTSTATUS WINAPI SystemFunction007(const UNICODE_STRING *string, LPBYTE hash)
#define RTL_CONSTANT_STRING(s)
#define STATUS_INSUFFICIENT_RESOURCES
SAMPR_USER_ALL_INFORMATION All
#define DOMAIN_USER_RID_ADMIN
#define SECURITY_NT_AUTHORITY
#define SECURITY_LOCAL_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID