32 "User32LogonProcess");
39 TRACE(
"LsaRegisterLogonProcess failed (Status 0x%08lx)\n",
Status);
51 TRACE(
"LsaLookupAuthenticationPackage failed (Status 0x%08lx)\n",
Status);
65 TRACE(
"LsaDeregisterLogonProcess failed (Status 0x%08lx)\n",
Status);
84 TRACE(
"LsaDeregisterLogonProcess failed (Status 0x%08lx)\n",
Status);
157 ERR(
"CreateDefaultProcessSecurityCommon(): Unexpected status code returned, must be STATUS_BUFFER_TOO_SMALL (Status 0x%08lx)\n",
Status);
165 if (OwnerOfToken ==
NULL)
167 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to allocate buffer for token owner!\n");
179 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to query the token owner (Status 0x%08lx)\n",
Status);
192 ERR(
"CreateDefaultProcessSecurityCommon(): Unexpected status code returned, must be STATUS_BUFFER_TOO_SMALL (Status 0x%08lx)\n",
Status);
201 if (PrimaryGroupOfToken ==
NULL)
203 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to allocate buffer for primary group token!\n");
216 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to query the token owner (Status 0x%08lx)\n",
Status);
228 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to create Local System SID (error code %d)\n",
GetLastError());
234 OwnerSid = OwnerOfToken->
Owner;
248 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to allocate buffer for DACL!\n");
256 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to initialize DACL (error code %d)\n",
GetLastError());
267 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to set up ACE for owner (error code %d)\n",
GetLastError());
278 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to set up ACE for SYSTEM (error code %d)\n",
GetLastError());
286 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to initialize absolute security descriptor (error code %d)\n",
GetLastError());
294 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to set up DACL to absolute security descriptor (error code %d)\n",
GetLastError());
302 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to set up owner to absolute security descriptor (error code %d)\n",
GetLastError());
310 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to set up group to absolute security descriptor (error code %d)\n",
GetLastError());
323 ERR(
"CreateDefaultProcessSecurityCommon(): Unexpected error code (error code %d -- must be ERROR_INSUFFICIENT_BUFFER)\n",
GetLastError());
332 if (RelativeSD ==
NULL)
334 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to allocate buffer for self relative descriptor!\n");
342 ERR(
"CreateDefaultProcessSecurityCommon(): Failed to allocate relative SD, buffer too smal (error code %d)\n",
GetLastError());
353 if (OwnerOfToken !=
NULL)
356 if (PrimaryGroupOfToken !=
NULL)
357 RtlFreeHeap(RtlGetProcessHeap(), 0, PrimaryGroupOfToken);
359 if (SystemSid !=
NULL)
367 if (RelativeSD !=
NULL)
415 ERR(
"InsertProcessSecurityCommon(): Failed to set security for process (error code %d)\n",
GetLastError());
424 ERR(
"InsertProcessSecurityCommon(): Failed to set security for thread (error code %d)\n",
GetLastError());
497 PrivilegeSet =
FALSE;
506 if (ImpersonateAsSelf)
511 ERR(
"RtlImpersonateSelf(SecurityImpersonation) failed, Status 0x%08x\n",
Status);
538 ERR(
"RtlAdjustPrivilege(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE) failed, Status 0x%08lx, " 539 "attempting to continue without it...\n",
Status);
548 AccessToken.
Token = DuplicatedTokenHandle;
549 AccessToken.
Thread = ThreadHandle;
555 sizeof(AccessToken));
561 PrivilegeSet,
TRUE, &PrivilegeSet);
569 if (ImpersonateAsSelf)
582 ERR(
"Failed to assign primary token to the process (Status 0x%08lx)\n",
Status);
673 ERR(
"NtQueryInformationToken() failed, Status 0x%08x\n",
Status);
680 ERR(
"Wrong token type for token 0x%p, expected TokenPrimary, got %ld\n", hToken,
Type);
695 &OriginalImpersonationToken);
699 OriginalImpersonationToken =
NULL;
707 ERR(
"Failed to open thread token with 0x%08lx\n",
Status);
721 ERR(
"Failed to stop impersonation with 0x%08lx\n",
Status);
733 ERR(
"Failed to create common security descriptor for the token for new process!\n");
756 ERR(
"NtDuplicateToken() failed, Status 0x%08x\n",
Status);
768 lpProcessInformation->hProcess,
769 lpProcessInformation->hThread,
782 &OriginalImpersonationToken,
783 sizeof(OriginalImpersonationToken));
786 ERR(
"Failed to restore impersonation token for setting process token, Status 0x%08lx\n",
Status);
794 lpProcessInformation->hProcess,
795 lpProcessInformation->hThread,
800 ERR(
"Failed to insert the primary token into process, Status 0x%08lx\n",
Status);
813 ERR(
"Failed to unset impersonationg token after setting process token, Status 0x%08lx\n",
Status);
844 if (lpProcessAttributes && lpProcessAttributes->lpSecurityDescriptor)
846 ProcessSd = lpProcessAttributes->lpSecurityDescriptor;
850 ProcessSd = DefaultSd;
853 if (lpThreadAttributes && lpThreadAttributes->lpSecurityDescriptor)
855 ThreadSd = lpThreadAttributes->lpSecurityDescriptor;
859 ThreadSd = DefaultSd;
864 lpProcessInformation->hThread,
868 ERR(
"Failed to set new security information for process and thread!\n");
884 TRACE(
"No token supplied, the process will use default security context!\n");
894 if (OriginalImpersonationToken !=
NULL)
898 &OriginalImpersonationToken,
899 sizeof(OriginalImpersonationToken));
913 NtClose(OriginalImpersonationToken);
930 if (DefaultSd !=
NULL)
958 TRACE(
"%p %s %s %p %p %d 0x%08x %p %s %p %p\n", hToken,
debugstr_a(lpApplicationName),
959 debugstr_a(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
960 dwCreationFlags, lpEnvironment,
debugstr_a(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
972 lpProcessInformation))
983 lpProcessInformation);
1006 TRACE(
"%p %s %s %p %p %d 0x%08x %p %s %p %p\n", hToken,
debugstr_w(lpApplicationName),
1007 debugstr_w(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
1008 dwCreationFlags, lpEnvironment,
debugstr_w(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
1013 lpProcessAttributes,
1020 lpProcessInformation))
1029 lpProcessAttributes,
1031 lpProcessInformation);
1184 ULONG AuthInfoLength;
1265 if (AuthInfo ==
NULL)
1376 ERR(
"LsaLogonUser failed (Status 0x%08lx)\n",
Status);
1420 if (LogonSid !=
NULL)
1423 if (AuthInfo !=
NULL)
static BOOL CreateProcessAsUserCommon(_In_opt_ HANDLE hToken, _In_ DWORD dwCreationFlags, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _Inout_ LPPROCESS_INFORMATION lpProcessInformation)
Internal function that serves as a helper for CreateProcessAsUserW/A routines on creating a process w...
#define ERROR_INVALID_PARAMETER
NTSTATUS NTAPI LsaLogonUser(HANDLE, PLSA_STRING, SECURITY_LOGON_TYPE, ULONG, PVOID, ULONG, PTOKEN_GROUPS, PTOKEN_SOURCE, PVOID *, PULONG, PLUID, PHANDLE, PQUOTA_LIMITS, PNTSTATUS)
BOOL WINAPI LogonUserExA(_In_ LPSTR lpszUsername, _In_opt_ LPSTR lpszDomain, _In_opt_ LPSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
BOOL WINAPI LogonUserExW(_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
#define RTL_FIELD_SIZE(type, field)
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
#define SECURITY_LOCAL_SYSTEM_RID
#define MSV1_0_PACKAGE_NAME
#define STATUS_INSUFFICIENT_RESOURCES
BOOL WINAPI MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, LPDWORD lpdwBufferLength)
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
MSV1_0_LOGON_SUBMIT_TYPE MessageType
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
#define LOGON32_LOGON_BATCH
#define STATUS_INVALID_PARAMETER
BOOL WINAPI RevertToSelf(VOID)
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
BOOL WINAPI AddAccessAllowedAce(PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
SIZE_T LPPROCESS_INFORMATION
#define NtCurrentThread()
#define ERROR_NOT_ENOUGH_MEMORY
DWORD WINAPI GetLastError(VOID)
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
NTSYSAPI NTSTATUS NTAPI RtlAdjustPrivilege(_In_ ULONG Privilege, _In_ BOOLEAN NewValue, _In_ BOOLEAN ForThread, _Out_ PBOOLEAN OldValue)
_In_opt_ LPSTR _In_opt_ LPSTR lpszPassword
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
#define GROUP_SECURITY_INFORMATION
#define TOKEN_IMPERSONATE
WINE_DEFAULT_DEBUG_CHANNEL(advapi)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
_IRQL_requires_same_ _In_ PLSA_STRING OriginName
BOOL WINAPI SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID pOwner, BOOL bOwnerDefaulted)
#define STATUS_BUFFER_TOO_SMALL
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID _Inout_ PULONG PrimaryGroupSize
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
static BOOL CreateDefaultProcessSecurityCommon(_In_ HANDLE TokenHandle, _Out_ PSECURITY_DESCRIPTOR *Sd)
Creates a default security descriptor that is going to be used by both the newly created process and ...
#define SECURITY_LOGON_IDS_RID_COUNT
#define SECURITY_DESCRIPTOR_REVISION
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
BOOL WINAPI LogonUserA(_In_ LPSTR lpszUsername, _In_opt_ LPSTR lpszDomain, _In_opt_ LPSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
#define SECURITY_LOCAL_SID_AUTHORITY
PVOID WINAPI FreeSid(PSID pSid)
BOOL WINAPI LogonUserW(_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken)
_IRQL_requires_same_ _Out_ PHANDLE _Out_ PLSA_OPERATIONAL_MODE SecurityMode
BOOL WINAPI SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID pGroup, BOOL bGroupDefaulted)
#define STATUS_BAD_TOKEN_TYPE
#define SE_GROUP_ENABLED_BY_DEFAULT
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
static NTSTATUS OpenLogonLsaHandle(VOID)
ULONG LSA_OPERATIONAL_MODE
#define LOGON32_LOGON_SERVICE
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
#define SECURITY_NT_AUTHORITY
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW(LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
#define DECLSPEC_HOTPATCH
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
struct _MSV1_0_INTERACTIVE_LOGON MSV1_0_INTERACTIVE_LOGON
NTSTATUS NTAPI NtOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
#define NT_SUCCESS(StatCode)
DWORD WINAPI GetLengthSid(PSID pSid)
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA(LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFOA lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
static BOOL InsertProcessSecurityCommon(_In_ HANDLE ProcessHandle, _In_ HANDLE ThreadHandle, _In_ PSECURITY_DESCRIPTOR ProcessSecurity, _In_ PSECURITY_DESCRIPTOR ThreadSecurity)
Changes the object security information of a process and thread that belongs to the process with new ...
#define SECURITY_LOCAL_RID
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SE_GROUP_MANDATORY
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID _Out_opt_ LPDWORD _Out_opt_ PQUOTA_LIMITS pQuotaLimits
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID * ppLogonSid
#define SECURITY_NULL_RID
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE)
static SID_IDENTIFIER_AUTHORITY NtAuthority
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
ULONG AuthenticationPackage
C_ASSERT(sizeof(AdvapiTokenSourceName)==RTL_FIELD_SIZE(TOKEN_SOURCE, SourceName)+1)
NTSYSAPI NTSTATUS NTAPI RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
#define LOGON32_LOGON_INTERACTIVE
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserW(_In_opt_ HANDLE hToken, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
#define SE_GROUP_LOGON_ID
BOOL WINAPI SetKernelObjectSecurity(HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
#define LOGON32_LOGON_NETWORK
NTSTATUS NTAPI LsaLookupAuthenticationPackage(HANDLE, PLSA_STRING, PULONG)
NTSTATUS NTAPI NtSetInformationProcess(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
BOOL WINAPI TerminateProcess(IN HANDLE hProcess, IN UINT uExitCode)
BOOL WINAPI AllocateLocallyUniqueId(PLUID Luid)
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
static NTSTATUS InsertTokenToProcessCommon(_In_ BOOL ImpersonateAsSelf, _In_ HANDLE ProcessHandle, _In_ HANDLE ThreadHandle, _In_ HANDLE DuplicatedTokenHandle)
Sets a primary token to the newly created process. The primary token that gets assigned to is a token...
_In_opt_ LPSTR lpszDomain
#define OWNER_SECURITY_INFORMATION
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD dwLogonType
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD dwLogonProvider
#define SECURITY_LOGON_IDS_RID
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
NTSTATUS NTAPI LsaFreeReturnBuffer(PVOID)
DWORD WINAPI ResumeThread(IN HANDLE hThread)
NTSTATUS CloseLogonLsaHandle(VOID)
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID * ppProfileBuffer
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE
static const CHAR AdvapiTokenSourceName[]
NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING, PHANDLE, PLSA_OPERATIONAL_MODE)
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define InitializeObjectAttributes(p, n, a, r, s)
#define RtlCopyMemory(Destination, Source, Length)
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID _Out_opt_ LPDWORD pdwProfileLength
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserA(_In_opt_ HANDLE hToken, _In_opt_ LPCSTR lpApplicationName, _Inout_opt_ LPSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCSTR lpCurrentDirectory, _In_ LPSTARTUPINFOA lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
_In_ HANDLE ProcessHandle
#define DACL_SECURITY_INFORMATION
UNICODE_STRING LogonDomainName
BOOL WINAPI AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
static SID_IDENTIFIER_AUTHORITY SystemAuthority
#define ERROR_INSUFFICIENT_BUFFER