2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
7 * PROGRAMMERS: Eric Kohl
10 /* INCLUDES ****************************************************************/
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv
);
17 /* GLOBALS *****************************************************************/
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock
;
22 /* FUNCTIONS ***************************************************************/
25 LsarStartRpcServer(VOID
)
29 RtlInitializeCriticalSection(&PolicyHandleTableLock
);
31 TRACE("LsarStartRpcServer() called\n");
33 Status
= RpcServerUseProtseqEpW(L
"ncacn_np",
37 if (Status
!= RPC_S_OK
)
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status
);
43 Status
= RpcServerRegisterIf(lsarpc_v0_0_s_ifspec
,
46 if (Status
!= RPC_S_OK
)
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status
);
52 Status
= RpcServerListen(1, 20, TRUE
);
53 if (Status
!= RPC_S_OK
)
55 WARN("RpcServerListen() failed (Status %lx)\n", Status
);
59 TRACE("LsarStartRpcServer() done\n");
63 void __RPC_USER
LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle
)
70 NTSTATUS WINAPI
LsarClose(
71 LSAPR_HANDLE
*ObjectHandle
)
73 PLSA_DB_OBJECT DbObject
;
74 NTSTATUS Status
= STATUS_SUCCESS
;
76 TRACE("0x%p\n", ObjectHandle
);
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
80 Status
= LsapValidateDbObject(*ObjectHandle
,
84 if (Status
== STATUS_SUCCESS
)
86 Status
= LsapCloseDbObject(DbObject
);
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
97 NTSTATUS WINAPI
LsarDelete(
98 LSAPR_HANDLE ObjectHandle
)
101 return STATUS_NOT_SUPPORTED
;
106 NTSTATUS WINAPI
LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle
,
108 DWORD
*EnumerationContext
,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer
,
110 DWORD PreferedMaximumLength
)
112 PLSA_DB_OBJECT PolicyObject
;
115 TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
116 PolicyHandle
, EnumerationContext
, EnumerationBuffer
,
117 PreferedMaximumLength
);
119 Status
= LsapValidateDbObject(PolicyHandle
,
121 POLICY_VIEW_LOCAL_INFORMATION
,
123 if (!NT_SUCCESS(Status
))
126 if (EnumerationContext
== NULL
)
127 return STATUS_INVALID_PARAMETER
;
129 return LsarpEnumeratePrivileges(EnumerationContext
,
131 PreferedMaximumLength
);
136 NTSTATUS WINAPI
LsarQuerySecurityObject(
137 LSAPR_HANDLE ObjectHandle
,
138 SECURITY_INFORMATION SecurityInformation
,
139 PLSAPR_SR_SECURITY_DESCRIPTOR
*SecurityDescriptor
)
141 PLSA_DB_OBJECT DbObject
= NULL
;
142 PSECURITY_DESCRIPTOR RelativeSd
= NULL
;
143 PLSAPR_SR_SECURITY_DESCRIPTOR SdData
= NULL
;
144 ACCESS_MASK DesiredAccess
= 0;
145 ULONG RelativeSdSize
= 0;
148 if (SecurityDescriptor
== NULL
)
149 return STATUS_INVALID_PARAMETER
;
151 if ((SecurityInformation
& OWNER_SECURITY_INFORMATION
) ||
152 (SecurityInformation
& GROUP_SECURITY_INFORMATION
) ||
153 (SecurityInformation
& DACL_SECURITY_INFORMATION
))
154 DesiredAccess
|= READ_CONTROL
;
156 if (SecurityInformation
& SACL_SECURITY_INFORMATION
)
157 DesiredAccess
|= ACCESS_SYSTEM_SECURITY
;
159 /* Validate the ObjectHandle */
160 Status
= LsapValidateDbObject(ObjectHandle
,
164 if (!NT_SUCCESS(Status
))
167 /* Get the size of the SD */
168 Status
= LsapGetObjectAttribute(DbObject
,
172 if (!NT_SUCCESS(Status
))
175 /* Allocate a buffer for the SD */
176 RelativeSd
= MIDL_user_allocate(RelativeSdSize
);
177 if (RelativeSd
== NULL
)
178 return STATUS_INSUFFICIENT_RESOURCES
;
181 Status
= LsapGetObjectAttribute(DbObject
,
185 if (!NT_SUCCESS(Status
))
189 * FIXME: Invalidate the SD information that was not requested.
190 * (see SecurityInformation)
193 /* Allocate the SD data buffer */
194 SdData
= MIDL_user_allocate(sizeof(LSAPR_SR_SECURITY_DESCRIPTOR
));
197 Status
= STATUS_INSUFFICIENT_RESOURCES
;
201 /* Fill the SD data buffer and return it to the caller */
202 SdData
->Length
= RelativeSdSize
;
203 SdData
->SecurityDescriptor
= (PBYTE
)RelativeSd
;
205 *SecurityDescriptor
= SdData
;
208 if (!NT_SUCCESS(Status
))
210 if (RelativeSd
!= NULL
)
211 MIDL_user_free(RelativeSd
);
219 NTSTATUS WINAPI
LsarSetSecurityObject(
220 LSAPR_HANDLE ObjectHandle
,
221 SECURITY_INFORMATION SecurityInformation
,
222 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor
)
225 return STATUS_NOT_IMPLEMENTED
;
230 NTSTATUS WINAPI
LsarChangePassword(
232 PRPC_UNICODE_STRING String1
,
233 PRPC_UNICODE_STRING String2
,
234 PRPC_UNICODE_STRING String3
,
235 PRPC_UNICODE_STRING String4
,
236 PRPC_UNICODE_STRING String5
)
239 return STATUS_NOT_IMPLEMENTED
;
244 NTSTATUS WINAPI
LsarOpenPolicy(
246 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
247 ACCESS_MASK DesiredAccess
,
248 LSAPR_HANDLE
*PolicyHandle
)
250 PLSA_DB_OBJECT PolicyObject
;
253 TRACE("LsarOpenPolicy called!\n");
255 RtlEnterCriticalSection(&PolicyHandleTableLock
);
257 Status
= LsapOpenDbObject(NULL
,
264 RtlLeaveCriticalSection(&PolicyHandleTableLock
);
266 if (NT_SUCCESS(Status
))
267 *PolicyHandle
= (LSAPR_HANDLE
)PolicyObject
;
269 TRACE("LsarOpenPolicy done!\n");
276 NTSTATUS WINAPI
LsarQueryInformationPolicy(
277 LSAPR_HANDLE PolicyHandle
,
278 POLICY_INFORMATION_CLASS InformationClass
,
279 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
281 PLSA_DB_OBJECT PolicyObject
;
282 ACCESS_MASK DesiredAccess
= 0;
285 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
286 PolicyHandle
, InformationClass
, PolicyInformation
);
288 if (PolicyInformation
)
290 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
293 switch (InformationClass
)
295 case PolicyAuditLogInformation
:
296 case PolicyAuditEventsInformation
:
297 case PolicyAuditFullQueryInformation
:
298 DesiredAccess
= POLICY_VIEW_AUDIT_INFORMATION
;
301 case PolicyPrimaryDomainInformation
:
302 case PolicyAccountDomainInformation
:
303 case PolicyLsaServerRoleInformation
:
304 case PolicyReplicaSourceInformation
:
305 case PolicyDefaultQuotaInformation
:
306 case PolicyModificationInformation
:
307 case PolicyDnsDomainInformation
:
308 case PolicyDnsDomainInformationInt
:
309 case PolicyLocalAccountDomainInformation
:
310 DesiredAccess
= POLICY_VIEW_LOCAL_INFORMATION
;
313 case PolicyPdAccountInformation
:
314 DesiredAccess
= POLICY_GET_PRIVATE_INFORMATION
;
318 ERR("Invalid InformationClass!\n");
319 return STATUS_INVALID_PARAMETER
;
322 Status
= LsapValidateDbObject(PolicyHandle
,
326 if (!NT_SUCCESS(Status
))
329 switch (InformationClass
)
331 case PolicyAuditLogInformation
: /* 1 */
332 Status
= LsarQueryAuditLog(PolicyObject
,
336 case PolicyAuditEventsInformation
: /* 2 */
337 Status
= LsarQueryAuditEvents(PolicyObject
,
341 case PolicyPrimaryDomainInformation
: /* 3 */
342 Status
= LsarQueryPrimaryDomain(PolicyObject
,
346 case PolicyPdAccountInformation
: /* 4 */
347 Status
= LsarQueryPdAccount(PolicyObject
,
351 case PolicyAccountDomainInformation
: /* 5 */
352 Status
= LsarQueryAccountDomain(PolicyObject
,
356 case PolicyLsaServerRoleInformation
: /* 6 */
357 Status
= LsarQueryServerRole(PolicyObject
,
361 case PolicyReplicaSourceInformation
: /* 7 */
362 Status
= LsarQueryReplicaSource(PolicyObject
,
366 case PolicyDefaultQuotaInformation
: /* 8 */
367 Status
= LsarQueryDefaultQuota(PolicyObject
,
371 case PolicyModificationInformation
: /* 9 */
372 Status
= LsarQueryModification(PolicyObject
,
376 case PolicyAuditFullQueryInformation
: /* 11 (0xB) */
377 Status
= LsarQueryAuditFull(PolicyObject
,
381 case PolicyDnsDomainInformation
: /* 12 (0xC) */
382 Status
= LsarQueryDnsDomain(PolicyObject
,
386 case PolicyDnsDomainInformationInt
: /* 13 (0xD) */
387 Status
= LsarQueryDnsDomainInt(PolicyObject
,
391 case PolicyLocalAccountDomainInformation
: /* 14 (0xE) */
392 Status
= LsarQueryLocalAccountDomain(PolicyObject
,
397 ERR("Invalid InformationClass!\n");
398 Status
= STATUS_INVALID_PARAMETER
;
406 NTSTATUS WINAPI
LsarSetInformationPolicy(
407 LSAPR_HANDLE PolicyHandle
,
408 POLICY_INFORMATION_CLASS InformationClass
,
409 PLSAPR_POLICY_INFORMATION PolicyInformation
)
411 PLSA_DB_OBJECT PolicyObject
;
412 ACCESS_MASK DesiredAccess
= 0;
415 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
416 PolicyHandle
, InformationClass
, PolicyInformation
);
418 if (PolicyInformation
)
420 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
423 switch (InformationClass
)
425 case PolicyAuditLogInformation
:
426 case PolicyAuditFullSetInformation
:
427 DesiredAccess
= POLICY_AUDIT_LOG_ADMIN
;
430 case PolicyAuditEventsInformation
:
431 DesiredAccess
= POLICY_SET_AUDIT_REQUIREMENTS
;
434 case PolicyPrimaryDomainInformation
:
435 case PolicyAccountDomainInformation
:
436 case PolicyDnsDomainInformation
:
437 case PolicyDnsDomainInformationInt
:
438 case PolicyLocalAccountDomainInformation
:
439 DesiredAccess
= POLICY_TRUST_ADMIN
;
442 case PolicyLsaServerRoleInformation
:
443 case PolicyReplicaSourceInformation
:
444 DesiredAccess
= POLICY_SERVER_ADMIN
;
447 case PolicyDefaultQuotaInformation
:
448 DesiredAccess
= POLICY_SET_DEFAULT_QUOTA_LIMITS
;
452 ERR("Invalid InformationClass!\n");
453 return STATUS_INVALID_PARAMETER
;
456 Status
= LsapValidateDbObject(PolicyHandle
,
460 if (!NT_SUCCESS(Status
))
463 switch (InformationClass
)
465 case PolicyAuditLogInformation
: /* 1 */
466 Status
= LsarSetAuditLog(PolicyObject
,
467 (PPOLICY_AUDIT_LOG_INFO
)PolicyInformation
);
470 case PolicyAuditEventsInformation
: /* 2 */
471 Status
= LsarSetAuditEvents(PolicyObject
,
472 (PLSAPR_POLICY_AUDIT_EVENTS_INFO
)PolicyInformation
);
475 case PolicyPrimaryDomainInformation
: /* 3 */
476 Status
= LsarSetPrimaryDomain(PolicyObject
,
477 (PLSAPR_POLICY_PRIMARY_DOM_INFO
)PolicyInformation
);
480 case PolicyAccountDomainInformation
: /* 5 */
481 Status
= LsarSetAccountDomain(PolicyObject
,
482 (PLSAPR_POLICY_ACCOUNT_DOM_INFO
)PolicyInformation
);
485 case PolicyLsaServerRoleInformation
: /* 6 */
486 Status
= LsarSetServerRole(PolicyObject
,
487 (PPOLICY_LSA_SERVER_ROLE_INFO
)PolicyInformation
);
490 case PolicyReplicaSourceInformation
: /* 7 */
491 Status
= LsarSetReplicaSource(PolicyObject
,
492 (PPOLICY_LSA_REPLICA_SRCE_INFO
)PolicyInformation
);
495 case PolicyDefaultQuotaInformation
: /* 8 */
496 Status
= LsarSetDefaultQuota(PolicyObject
,
497 (PPOLICY_DEFAULT_QUOTA_INFO
)PolicyInformation
);
500 case PolicyModificationInformation
: /* 9 */
501 Status
= LsarSetModification(PolicyObject
,
502 (PPOLICY_MODIFICATION_INFO
)PolicyInformation
);
505 case PolicyAuditFullSetInformation
: /* 10 (0xA) */
506 Status
= LsarSetAuditFull(PolicyObject
,
507 (PPOLICY_AUDIT_FULL_QUERY_INFO
)PolicyInformation
);
510 case PolicyDnsDomainInformation
: /* 12 (0xC) */
511 Status
= LsarSetDnsDomain(PolicyObject
,
512 (PLSAPR_POLICY_DNS_DOMAIN_INFO
)PolicyInformation
);
515 case PolicyDnsDomainInformationInt
: /* 13 (0xD) */
516 Status
= LsarSetDnsDomainInt(PolicyObject
,
517 (PLSAPR_POLICY_DNS_DOMAIN_INFO
)PolicyInformation
);
520 case PolicyLocalAccountDomainInformation
: /* 14 (0xE) */
521 Status
= LsarSetLocalAccountDomain(PolicyObject
,
522 (PLSAPR_POLICY_ACCOUNT_DOM_INFO
)PolicyInformation
);
526 Status
= STATUS_INVALID_PARAMETER
;
535 NTSTATUS WINAPI
LsarClearAuditLog(
536 LSAPR_HANDLE ObjectHandle
)
539 return STATUS_NOT_IMPLEMENTED
;
544 NTSTATUS WINAPI
LsarCreateAccount(
545 LSAPR_HANDLE PolicyHandle
,
547 ACCESS_MASK DesiredAccess
,
548 LSAPR_HANDLE
*AccountHandle
)
550 PLSA_DB_OBJECT PolicyObject
;
551 PLSA_DB_OBJECT AccountObject
= NULL
;
552 LPWSTR SidString
= NULL
;
553 PSECURITY_DESCRIPTOR AccountSd
= NULL
;
555 NTSTATUS Status
= STATUS_SUCCESS
;
557 /* Validate the AccountSid */
558 if (!RtlValidSid(AccountSid
))
559 return STATUS_INVALID_PARAMETER
;
561 /* Validate the PolicyHandle */
562 Status
= LsapValidateDbObject(PolicyHandle
,
564 POLICY_CREATE_ACCOUNT
,
566 if (!NT_SUCCESS(Status
))
568 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
572 /* Create SID string */
573 if (!ConvertSidToStringSid((PSID
)AccountSid
,
576 ERR("ConvertSidToStringSid failed\n");
577 Status
= STATUS_INVALID_PARAMETER
;
581 /* Create a security descriptor for the account */
582 Status
= LsapCreateAccountSd(&AccountSd
,
584 if (!NT_SUCCESS(Status
))
586 ERR("LsapCreateAccountSd returned 0x%08lx\n", Status
);
590 /* Create the Account object */
591 Status
= LsapCreateDbObject(PolicyObject
,
597 if (!NT_SUCCESS(Status
))
599 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status
);
603 /* Set the Sid attribute */
604 Status
= LsapSetObjectAttribute(AccountObject
,
607 GetLengthSid(AccountSid
));
608 if (!NT_SUCCESS(Status
))
611 /* Set the SecDesc attribute */
612 Status
= LsapSetObjectAttribute(AccountObject
,
618 if (SidString
!= NULL
)
619 LocalFree(SidString
);
621 if (AccountSd
!= NULL
)
622 RtlFreeHeap(RtlGetProcessHeap(), 0, AccountSd
);
624 if (!NT_SUCCESS(Status
))
626 if (AccountObject
!= NULL
)
627 LsapCloseDbObject(AccountObject
);
631 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
634 return STATUS_SUCCESS
;
639 NTSTATUS WINAPI
LsarEnumerateAccounts(
640 LSAPR_HANDLE PolicyHandle
,
641 DWORD
*EnumerationContext
,
642 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
,
643 DWORD PreferedMaximumLength
)
646 return STATUS_NOT_IMPLEMENTED
;
651 NTSTATUS WINAPI
LsarCreateTrustedDomain(
652 LSAPR_HANDLE PolicyHandle
,
653 PLSAPR_TRUST_INFORMATION TrustedDomainInformation
,
654 ACCESS_MASK DesiredAccess
,
655 LSAPR_HANDLE
*TrustedDomainHandle
)
658 return STATUS_NOT_IMPLEMENTED
;
663 NTSTATUS WINAPI
LsarEnumerateTrustedDomains(
664 LSAPR_HANDLE PolicyHandle
,
665 DWORD
*EnumerationContext
,
666 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer
,
667 DWORD PreferedMaximumLength
)
670 return STATUS_NOT_IMPLEMENTED
;
675 NTSTATUS WINAPI
LsarLookupNames(
676 LSAPR_HANDLE PolicyHandle
,
678 PRPC_UNICODE_STRING Names
,
679 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
680 PLSAPR_TRANSLATED_SIDS TranslatedSids
,
681 LSAP_LOOKUP_LEVEL LookupLevel
,
684 LSAPR_TRANSLATED_SIDS_EX2 TranslatedSidsEx2
;
688 TRACE("(%p %lu %p %p %p %d %p)\n",
689 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
690 LookupLevel
, MappedCount
);
692 TranslatedSids
->Entries
= 0;
693 TranslatedSids
->Sids
= NULL
;
694 *ReferencedDomains
= NULL
;
697 return STATUS_NONE_MAPPED
;
699 TranslatedSidsEx2
.Entries
= 0;
700 TranslatedSidsEx2
.Sids
= NULL
;
702 Status
= LsapLookupNames(Count
,
710 if (!NT_SUCCESS(Status
))
713 TranslatedSids
->Entries
= TranslatedSidsEx2
.Entries
;
714 TranslatedSids
->Sids
= MIDL_user_allocate(TranslatedSids
->Entries
* sizeof(LSA_TRANSLATED_SID
));
715 if (TranslatedSids
->Sids
== NULL
)
717 MIDL_user_free(TranslatedSidsEx2
.Sids
);
718 MIDL_user_free(*ReferencedDomains
);
719 *ReferencedDomains
= NULL
;
720 return STATUS_INSUFFICIENT_RESOURCES
;
723 for (i
= 0; i
< TranslatedSidsEx2
.Entries
; i
++)
725 TranslatedSids
->Sids
[i
].Use
= TranslatedSidsEx2
.Sids
[i
].Use
;
726 TranslatedSids
->Sids
[i
].RelativeId
= LsapGetRelativeIdFromSid(TranslatedSidsEx2
.Sids
[i
].Sid
);
727 TranslatedSids
->Sids
[i
].DomainIndex
= TranslatedSidsEx2
.Sids
[i
].DomainIndex
;
730 MIDL_user_free(TranslatedSidsEx2
.Sids
);
732 return STATUS_SUCCESS
;
737 NTSTATUS WINAPI
LsarLookupSids(
738 LSAPR_HANDLE PolicyHandle
,
739 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
740 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
741 PLSAPR_TRANSLATED_NAMES TranslatedNames
,
742 LSAP_LOOKUP_LEVEL LookupLevel
,
745 LSAPR_TRANSLATED_NAMES_EX TranslatedNamesEx
;
749 TRACE("(%p %p %p %p %d %p)\n",
750 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
751 LookupLevel
, MappedCount
);
753 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
755 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
756 TranslatedNames
->Names
= NULL
;
757 *ReferencedDomains
= NULL
;
759 TranslatedNamesEx
.Entries
= SidEnumBuffer
->Entries
;
760 TranslatedNamesEx
.Names
= NULL
;
762 Status
= LsapLookupSids(SidEnumBuffer
,
769 if (!NT_SUCCESS(Status
))
772 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
773 TranslatedNames
->Names
= MIDL_user_allocate(SidEnumBuffer
->Entries
* sizeof(LSAPR_TRANSLATED_NAME
));
774 if (TranslatedNames
->Names
== NULL
)
776 MIDL_user_free(TranslatedNamesEx
.Names
);
777 MIDL_user_free(*ReferencedDomains
);
778 *ReferencedDomains
= NULL
;
779 return STATUS_INSUFFICIENT_RESOURCES
;
782 for (i
= 0; i
< TranslatedNamesEx
.Entries
; i
++)
784 TranslatedNames
->Names
[i
].Use
= TranslatedNamesEx
.Names
[i
].Use
;
785 TranslatedNames
->Names
[i
].Name
.Length
= TranslatedNamesEx
.Names
[i
].Name
.Length
;
786 TranslatedNames
->Names
[i
].Name
.MaximumLength
= TranslatedNamesEx
.Names
[i
].Name
.MaximumLength
;
787 TranslatedNames
->Names
[i
].Name
.Buffer
= TranslatedNamesEx
.Names
[i
].Name
.Buffer
;
788 TranslatedNames
->Names
[i
].DomainIndex
= TranslatedNamesEx
.Names
[i
].DomainIndex
;
791 MIDL_user_free(TranslatedNamesEx
.Names
);
798 NTSTATUS WINAPI
LsarCreateSecret(
799 LSAPR_HANDLE PolicyHandle
,
800 PRPC_UNICODE_STRING SecretName
,
801 ACCESS_MASK DesiredAccess
,
802 LSAPR_HANDLE
*SecretHandle
)
804 PLSA_DB_OBJECT PolicyObject
;
805 PLSA_DB_OBJECT SecretObject
= NULL
;
807 PSECURITY_DESCRIPTOR SecretSd
= NULL
;
809 NTSTATUS Status
= STATUS_SUCCESS
;
811 /* Validate the PolicyHandle */
812 Status
= LsapValidateDbObject(PolicyHandle
,
814 POLICY_CREATE_SECRET
,
816 if (!NT_SUCCESS(Status
))
818 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
822 /* Get the current time */
823 Status
= NtQuerySystemTime(&Time
);
824 if (!NT_SUCCESS(Status
))
826 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
830 /* Create a security descriptor for the secret */
831 Status
= LsapCreateSecretSd(&SecretSd
,
833 if (!NT_SUCCESS(Status
))
835 ERR("LsapCreateAccountSd returned 0x%08lx\n", Status
);
839 /* Create the Secret object */
840 Status
= LsapCreateDbObject(PolicyObject
,
846 if (!NT_SUCCESS(Status
))
848 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status
);
852 /* Set the CurrentTime attribute */
853 Status
= LsapSetObjectAttribute(SecretObject
,
856 sizeof(LARGE_INTEGER
));
857 if (!NT_SUCCESS(Status
))
859 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status
);
863 /* Set the OldTime attribute */
864 Status
= LsapSetObjectAttribute(SecretObject
,
867 sizeof(LARGE_INTEGER
));
868 if (!NT_SUCCESS(Status
))
870 ERR("LsapSetObjectAttribute (OldTime) failed (Status 0x%08lx)\n", Status
);
874 /* Set the SecDesc attribute */
875 Status
= LsapSetObjectAttribute(SecretObject
,
881 if (SecretSd
!= NULL
)
882 RtlFreeHeap(RtlGetProcessHeap(), 0, SecretSd
);
884 if (!NT_SUCCESS(Status
))
886 if (SecretObject
!= NULL
)
887 LsapCloseDbObject(SecretObject
);
891 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
894 return STATUS_SUCCESS
;
899 NTSTATUS WINAPI
LsarOpenAccount(
900 LSAPR_HANDLE PolicyHandle
,
902 ACCESS_MASK DesiredAccess
,
903 LSAPR_HANDLE
*AccountHandle
)
905 PLSA_DB_OBJECT PolicyObject
;
906 PLSA_DB_OBJECT AccountObject
= NULL
;
907 LPWSTR SidString
= NULL
;
908 NTSTATUS Status
= STATUS_SUCCESS
;
910 /* Validate the AccountSid */
911 if (!RtlValidSid(AccountSid
))
912 return STATUS_INVALID_PARAMETER
;
914 /* Validate the PolicyHandle */
915 Status
= LsapValidateDbObject(PolicyHandle
,
919 if (!NT_SUCCESS(Status
))
921 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
925 /* Create SID string */
926 if (!ConvertSidToStringSid((PSID
)AccountSid
,
929 ERR("ConvertSidToStringSid failed\n");
930 Status
= STATUS_INVALID_PARAMETER
;
934 /* Create the Account object */
935 Status
= LsapOpenDbObject(PolicyObject
,
941 if (!NT_SUCCESS(Status
))
943 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status
);
947 /* Set the Sid attribute */
948 Status
= LsapSetObjectAttribute(AccountObject
,
951 GetLengthSid(AccountSid
));
954 if (SidString
!= NULL
)
955 LocalFree(SidString
);
957 if (!NT_SUCCESS(Status
))
959 if (AccountObject
!= NULL
)
960 LsapCloseDbObject(AccountObject
);
964 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
972 NTSTATUS WINAPI
LsarEnumeratePrivilegesAccount(
973 LSAPR_HANDLE AccountHandle
,
974 PLSAPR_PRIVILEGE_SET
*Privileges
)
976 PLSA_DB_OBJECT AccountObject
;
977 ULONG PrivilegeSetSize
= 0;
978 PLSAPR_PRIVILEGE_SET PrivilegeSet
= NULL
;
983 /* Validate the AccountHandle */
984 Status
= LsapValidateDbObject(AccountHandle
,
988 if (!NT_SUCCESS(Status
))
990 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
994 /* Get the size of the privilege set */
995 Status
= LsapGetObjectAttribute(AccountObject
,
999 if (!NT_SUCCESS(Status
))
1002 /* Allocate a buffer for the privilege set */
1003 PrivilegeSet
= MIDL_user_allocate(PrivilegeSetSize
);
1004 if (PrivilegeSet
== NULL
)
1005 return STATUS_NO_MEMORY
;
1007 /* Get the privilege set */
1008 Status
= LsapGetObjectAttribute(AccountObject
,
1012 if (!NT_SUCCESS(Status
))
1014 MIDL_user_free(PrivilegeSet
);
1018 /* Return a pointer to the privilege set */
1019 *Privileges
= PrivilegeSet
;
1021 return STATUS_SUCCESS
;
1026 NTSTATUS WINAPI
LsarAddPrivilegesToAccount(
1027 LSAPR_HANDLE AccountHandle
,
1028 PLSAPR_PRIVILEGE_SET Privileges
)
1030 PLSA_DB_OBJECT AccountObject
;
1031 PPRIVILEGE_SET CurrentPrivileges
= NULL
;
1032 PPRIVILEGE_SET NewPrivileges
= NULL
;
1033 ULONG PrivilegeSetSize
= 0;
1034 ULONG PrivilegeCount
;
1039 /* Validate the AccountHandle */
1040 Status
= LsapValidateDbObject(AccountHandle
,
1042 ACCOUNT_ADJUST_PRIVILEGES
,
1044 if (!NT_SUCCESS(Status
))
1046 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1050 Status
= LsapGetObjectAttribute(AccountObject
,
1054 if (!NT_SUCCESS(Status
) || PrivilegeSetSize
== 0)
1056 /* The Privilgs attribute does not exist */
1058 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1059 (Privileges
->PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1060 Status
= LsapSetObjectAttribute(AccountObject
,
1067 /* The Privilgs attribute exists */
1069 /* Allocate memory for the stored privilege set */
1070 CurrentPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1071 if (CurrentPrivileges
== NULL
)
1072 return STATUS_NO_MEMORY
;
1074 /* Get the current privilege set */
1075 Status
= LsapGetObjectAttribute(AccountObject
,
1079 if (!NT_SUCCESS(Status
))
1081 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status
);
1085 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1086 TRACE("Current privilege count: %lu\n", PrivilegeCount
);
1088 /* Calculate the number privileges in the combined privilege set */
1089 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1092 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1094 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1095 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1102 if (bFound
== FALSE
)
1104 TRACE("Found new privilege\n");
1108 TRACE("New privilege count: %lu\n", PrivilegeCount
);
1110 /* Calculate the size of the new privilege set and allocate it */
1111 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1112 (PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1113 NewPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1114 if (NewPrivileges
== NULL
)
1116 Status
= STATUS_NO_MEMORY
;
1120 /* Initialize the new privilege set */
1121 NewPrivileges
->PrivilegeCount
= PrivilegeCount
;
1122 NewPrivileges
->Control
= 0;
1124 /* Copy all privileges from the current privilege set */
1125 RtlCopyLuidAndAttributesArray(CurrentPrivileges
->PrivilegeCount
,
1126 &(CurrentPrivileges
->Privilege
[0]),
1127 &(NewPrivileges
->Privilege
[0]));
1129 /* Add new privileges to the new privilege set */
1130 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1131 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1134 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1136 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1137 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1139 /* Overwrite attributes if a matching privilege was found */
1140 NewPrivileges
->Privilege
[j
].Attributes
= Privileges
->Privilege
[i
].Attributes
;
1147 if (bFound
== FALSE
)
1149 /* Copy the new privilege */
1150 RtlCopyLuidAndAttributesArray(1,
1151 (PLUID_AND_ATTRIBUTES
)&(Privileges
->Privilege
[i
]),
1152 &(NewPrivileges
->Privilege
[PrivilegeCount
]));
1157 /* Set the new priivliege set */
1158 Status
= LsapSetObjectAttribute(AccountObject
,
1165 if (CurrentPrivileges
!= NULL
)
1166 MIDL_user_free(CurrentPrivileges
);
1168 if (NewPrivileges
!= NULL
)
1169 MIDL_user_free(NewPrivileges
);
1176 NTSTATUS WINAPI
LsarRemovePrivilegesFromAccount(
1177 LSAPR_HANDLE AccountHandle
,
1179 PLSAPR_PRIVILEGE_SET Privileges
)
1182 return STATUS_NOT_IMPLEMENTED
;
1187 NTSTATUS WINAPI
LsarGetQuotasForAccount(
1188 LSAPR_HANDLE AccountHandle
,
1189 PQUOTA_LIMITS QuotaLimits
)
1192 return STATUS_NOT_IMPLEMENTED
;
1197 NTSTATUS WINAPI
LsarSetQuotasForAccount(
1198 LSAPR_HANDLE AccountHandle
,
1199 PQUOTA_LIMITS QuotaLimits
)
1202 return STATUS_NOT_IMPLEMENTED
;
1207 NTSTATUS WINAPI
LsarGetSystemAccessAccount(
1208 LSAPR_HANDLE AccountHandle
,
1209 ACCESS_MASK
*SystemAccess
)
1211 PLSA_DB_OBJECT AccountObject
;
1215 /* Validate the account handle */
1216 Status
= LsapValidateDbObject(AccountHandle
,
1220 if (!NT_SUCCESS(Status
))
1222 ERR("Invalid handle (Status %lx)\n", Status
);
1226 /* Get the system access flags */
1227 Status
= LsapGetObjectAttribute(AccountObject
,
1237 NTSTATUS WINAPI
LsarSetSystemAccessAccount(
1238 LSAPR_HANDLE AccountHandle
,
1239 ACCESS_MASK SystemAccess
)
1241 PLSA_DB_OBJECT AccountObject
;
1244 /* Validate the account handle */
1245 Status
= LsapValidateDbObject(AccountHandle
,
1247 ACCOUNT_ADJUST_SYSTEM_ACCESS
,
1249 if (!NT_SUCCESS(Status
))
1251 ERR("Invalid handle (Status %lx)\n", Status
);
1255 /* Set the system access flags */
1256 Status
= LsapSetObjectAttribute(AccountObject
,
1259 sizeof(ACCESS_MASK
));
1266 NTSTATUS WINAPI
LsarOpenTrustedDomain(
1267 LSAPR_HANDLE PolicyHandle
,
1268 PRPC_SID TrustedDomainSid
,
1269 ACCESS_MASK DesiredAccess
,
1270 LSAPR_HANDLE
*TrustedDomainHandle
)
1273 return STATUS_NOT_IMPLEMENTED
;
1278 NTSTATUS WINAPI
LsarQueryInfoTrustedDomain(
1279 LSAPR_HANDLE TrustedDomainHandle
,
1280 TRUSTED_INFORMATION_CLASS InformationClass
,
1281 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1284 return STATUS_NOT_IMPLEMENTED
;
1289 NTSTATUS WINAPI
LsarSetInformationTrustedDomain(
1290 LSAPR_HANDLE TrustedDomainHandle
,
1291 TRUSTED_INFORMATION_CLASS InformationClass
,
1292 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1295 return STATUS_NOT_IMPLEMENTED
;
1300 NTSTATUS WINAPI
LsarOpenSecret(
1301 LSAPR_HANDLE PolicyHandle
,
1302 PRPC_UNICODE_STRING SecretName
,
1303 ACCESS_MASK DesiredAccess
,
1304 LSAPR_HANDLE
*SecretHandle
)
1306 PLSA_DB_OBJECT PolicyObject
;
1307 PLSA_DB_OBJECT SecretObject
= NULL
;
1308 NTSTATUS Status
= STATUS_SUCCESS
;
1310 /* Validate the PolicyHandle */
1311 Status
= LsapValidateDbObject(PolicyHandle
,
1315 if (!NT_SUCCESS(Status
))
1317 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1321 /* Create the secret object */
1322 Status
= LsapOpenDbObject(PolicyObject
,
1328 if (!NT_SUCCESS(Status
))
1330 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status
);
1335 if (!NT_SUCCESS(Status
))
1337 if (SecretObject
!= NULL
)
1338 LsapCloseDbObject(SecretObject
);
1342 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
1350 NTSTATUS WINAPI
LsarSetSecret(
1351 LSAPR_HANDLE SecretHandle
,
1352 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue
,
1353 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue
)
1355 PLSA_DB_OBJECT SecretObject
;
1356 PBYTE CurrentValue
= NULL
;
1357 PBYTE OldValue
= NULL
;
1358 ULONG CurrentValueLength
= 0;
1359 ULONG OldValueLength
= 0;
1363 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle
,
1364 EncryptedCurrentValue
, EncryptedOldValue
);
1366 /* Validate the SecretHandle */
1367 Status
= LsapValidateDbObject(SecretHandle
,
1371 if (!NT_SUCCESS(Status
))
1373 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1377 if (EncryptedCurrentValue
!= NULL
)
1379 /* FIXME: Decrypt the current value */
1380 CurrentValue
= EncryptedCurrentValue
->Buffer
;
1381 CurrentValueLength
= EncryptedCurrentValue
->MaximumLength
;
1384 /* Set the current value */
1385 Status
= LsapSetObjectAttribute(SecretObject
,
1388 CurrentValueLength
);
1389 if (!NT_SUCCESS(Status
))
1391 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1395 /* Get the current time */
1396 Status
= NtQuerySystemTime(&Time
);
1397 if (!NT_SUCCESS(Status
))
1399 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
1403 /* Set the current time */
1404 Status
= LsapSetObjectAttribute(SecretObject
,
1407 sizeof(LARGE_INTEGER
));
1408 if (!NT_SUCCESS(Status
))
1410 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1414 if (EncryptedOldValue
!= NULL
)
1416 /* FIXME: Decrypt the old value */
1417 OldValue
= EncryptedOldValue
->Buffer
;
1418 OldValueLength
= EncryptedOldValue
->MaximumLength
;
1421 /* Set the old value */
1422 Status
= LsapSetObjectAttribute(SecretObject
,
1426 if (!NT_SUCCESS(Status
))
1428 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1432 /* Set the old time */
1433 Status
= LsapSetObjectAttribute(SecretObject
,
1436 sizeof(LARGE_INTEGER
));
1437 if (!NT_SUCCESS(Status
))
1439 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1448 NTSTATUS WINAPI
LsarQuerySecret(
1449 LSAPR_HANDLE SecretHandle
,
1450 PLSAPR_CR_CIPHER_VALUE
*EncryptedCurrentValue
,
1451 PLARGE_INTEGER CurrentValueSetTime
,
1452 PLSAPR_CR_CIPHER_VALUE
*EncryptedOldValue
,
1453 PLARGE_INTEGER OldValueSetTime
)
1455 PLSA_DB_OBJECT SecretObject
;
1456 PLSAPR_CR_CIPHER_VALUE EncCurrentValue
= NULL
;
1457 PLSAPR_CR_CIPHER_VALUE EncOldValue
= NULL
;
1458 PBYTE CurrentValue
= NULL
;
1459 PBYTE OldValue
= NULL
;
1460 ULONG CurrentValueLength
= 0;
1461 ULONG OldValueLength
= 0;
1465 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle
,
1466 EncryptedCurrentValue
, CurrentValueSetTime
,
1467 EncryptedOldValue
, OldValueSetTime
);
1469 /* Validate the SecretHandle */
1470 Status
= LsapValidateDbObject(SecretHandle
,
1474 if (!NT_SUCCESS(Status
))
1476 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1480 if (EncryptedCurrentValue
!= NULL
)
1482 CurrentValueLength
= 0;
1484 /* Get the size of the current value */
1485 Status
= LsapGetObjectAttribute(SecretObject
,
1488 &CurrentValueLength
);
1489 if (!NT_SUCCESS(Status
))
1492 /* Allocate a buffer for the current value */
1493 CurrentValue
= midl_user_allocate(CurrentValueLength
);
1494 if (CurrentValue
== NULL
)
1496 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1500 /* Get the current value */
1501 Status
= LsapGetObjectAttribute(SecretObject
,
1504 &CurrentValueLength
);
1505 if (!NT_SUCCESS(Status
))
1508 /* Allocate a buffer for the encrypted current value */
1509 EncCurrentValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
));
1510 if (EncCurrentValue
== NULL
)
1512 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1516 /* FIXME: Encrypt the current value */
1517 EncCurrentValue
->Length
= (USHORT
)(CurrentValueLength
- sizeof(WCHAR
));
1518 EncCurrentValue
->MaximumLength
= (USHORT
)CurrentValueLength
;
1519 EncCurrentValue
->Buffer
= (PBYTE
)CurrentValue
;
1522 if (CurrentValueSetTime
!= NULL
)
1524 BufferSize
= sizeof(LARGE_INTEGER
);
1526 /* Get the current value time */
1527 Status
= LsapGetObjectAttribute(SecretObject
,
1529 (PBYTE
)CurrentValueSetTime
,
1531 if (!NT_SUCCESS(Status
))
1535 if (EncryptedOldValue
!= NULL
)
1539 /* Get the size of the old value */
1540 Status
= LsapGetObjectAttribute(SecretObject
,
1544 if (!NT_SUCCESS(Status
))
1547 /* Allocate a buffer for the old value */
1548 OldValue
= midl_user_allocate(OldValueLength
);
1549 if (OldValue
== NULL
)
1551 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1555 /* Get the old value */
1556 Status
= LsapGetObjectAttribute(SecretObject
,
1560 if (!NT_SUCCESS(Status
))
1563 /* Allocate a buffer for the encrypted old value */
1564 EncOldValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
) + OldValueLength
);
1565 if (EncOldValue
== NULL
)
1567 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1571 /* FIXME: Encrypt the old value */
1572 EncOldValue
->Length
= (USHORT
)(OldValueLength
- sizeof(WCHAR
));
1573 EncOldValue
->MaximumLength
= (USHORT
)OldValueLength
;
1574 EncOldValue
->Buffer
= (PBYTE
)OldValue
;
1577 if (OldValueSetTime
!= NULL
)
1579 BufferSize
= sizeof(LARGE_INTEGER
);
1581 /* Get the old value time */
1582 Status
= LsapGetObjectAttribute(SecretObject
,
1584 (PBYTE
)OldValueSetTime
,
1586 if (!NT_SUCCESS(Status
))
1592 if (NT_SUCCESS(Status
))
1594 if (EncryptedCurrentValue
!= NULL
)
1595 *EncryptedCurrentValue
= EncCurrentValue
;
1597 if (EncryptedOldValue
!= NULL
)
1598 *EncryptedOldValue
= EncOldValue
;
1602 if (EncryptedCurrentValue
!= NULL
)
1603 *EncryptedCurrentValue
= NULL
;
1605 if (EncryptedOldValue
!= NULL
)
1606 *EncryptedOldValue
= NULL
;
1608 if (EncCurrentValue
!= NULL
)
1609 midl_user_free(EncCurrentValue
);
1611 if (EncOldValue
!= NULL
)
1612 midl_user_free(EncOldValue
);
1614 if (CurrentValue
!= NULL
)
1615 midl_user_free(CurrentValue
);
1617 if (OldValue
!= NULL
)
1618 midl_user_free(OldValue
);
1621 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status
);
1628 NTSTATUS WINAPI
LsarLookupPrivilegeValue(
1629 LSAPR_HANDLE PolicyHandle
,
1630 PRPC_UNICODE_STRING Name
,
1635 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1636 PolicyHandle
, Name
, Value
);
1638 Status
= LsapValidateDbObject(PolicyHandle
,
1640 POLICY_LOOKUP_NAMES
,
1642 if (!NT_SUCCESS(Status
))
1644 ERR("Invalid handle (Status %lx)\n", Status
);
1648 TRACE("Privilege: %wZ\n", Name
);
1650 Status
= LsarpLookupPrivilegeValue((PUNICODE_STRING
)Name
,
1658 NTSTATUS WINAPI
LsarLookupPrivilegeName(
1659 LSAPR_HANDLE PolicyHandle
,
1661 PRPC_UNICODE_STRING
*Name
)
1665 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1666 PolicyHandle
, Value
, Name
);
1668 Status
= LsapValidateDbObject(PolicyHandle
,
1670 POLICY_LOOKUP_NAMES
,
1672 if (!NT_SUCCESS(Status
))
1674 ERR("Invalid handle\n");
1678 Status
= LsarpLookupPrivilegeName(Value
, (PUNICODE_STRING
*)Name
);
1685 NTSTATUS WINAPI
LsarLookupPrivilegeDisplayName(
1686 LSAPR_HANDLE PolicyHandle
,
1687 PRPC_UNICODE_STRING Name
,
1688 USHORT ClientLanguage
,
1689 USHORT ClientSystemDefaultLanguage
,
1690 PRPC_UNICODE_STRING
*DisplayName
,
1691 USHORT
*LanguageReturned
)
1694 return STATUS_NOT_IMPLEMENTED
;
1699 NTSTATUS WINAPI
LsarDeleteObject(
1700 LSAPR_HANDLE
*ObjectHandle
)
1703 return STATUS_NOT_IMPLEMENTED
;
1708 NTSTATUS WINAPI
LsarEnumerateAccountsWithUserRight(
1709 LSAPR_HANDLE PolicyHandle
,
1710 PRPC_UNICODE_STRING UserRight
,
1711 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
)
1714 return STATUS_NOT_IMPLEMENTED
;
1719 NTSTATUS WINAPI
LsarEnumerateAccountRights(
1720 LSAPR_HANDLE PolicyHandle
,
1721 PRPC_SID AccountSid
,
1722 PLSAPR_USER_RIGHT_SET UserRights
)
1724 LSAPR_HANDLE AccountHandle
;
1725 PLSAPR_PRIVILEGE_SET PrivilegeSet
= NULL
;
1726 PRPC_UNICODE_STRING RightsBuffer
= NULL
;
1727 PRPC_UNICODE_STRING PrivilegeString
;
1733 TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
1734 PolicyHandle
, AccountSid
, UserRights
);
1736 /* Open the account */
1737 Status
= LsarOpenAccount(PolicyHandle
,
1741 if (!NT_SUCCESS(Status
))
1743 ERR("LsarOpenAccount returned 0x%08lx\n", Status
);
1747 /* Enumerate the privileges */
1748 Status
= LsarEnumeratePrivilegesAccount(AccountHandle
,
1750 if (!NT_SUCCESS(Status
))
1752 ERR("LsarEnumeratePrivilegesAccount returned 0x%08lx\n", Status
);
1756 /* FIXME: Get account rights */
1759 RightsCount
= PrivilegeSet
->PrivilegeCount
;
1761 /* FIXME: Count account rights */
1764 /* We are done if there are no rights to be enumerated */
1765 if (RightsCount
== 0)
1767 UserRights
->Entries
= 0;
1768 UserRights
->UserRights
= NULL
;
1769 Status
= STATUS_SUCCESS
;
1773 /* Allocate a buffer for the account rights */
1774 RightsBuffer
= MIDL_user_allocate(RightsCount
* sizeof(RPC_UNICODE_STRING
));
1775 if (RightsBuffer
== NULL
)
1777 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1781 /* Copy the privileges into the buffer */
1783 for (PrivIndex
= 0; PrivIndex
< PrivilegeSet
->PrivilegeCount
; PrivIndex
++)
1785 PrivilegeString
= NULL
;
1786 Status
= LsarLookupPrivilegeName(PolicyHandle
,
1787 (PLUID
)&PrivilegeSet
->Privilege
[PrivIndex
].Luid
,
1788 (PRPC_UNICODE_STRING
*)&PrivilegeString
);
1789 if (!NT_SUCCESS(Status
))
1792 RightsBuffer
[RightsIndex
].Length
= PrivilegeString
->Length
;
1793 RightsBuffer
[RightsIndex
].MaximumLength
= PrivilegeString
->MaximumLength
;
1794 RightsBuffer
[RightsIndex
].Buffer
= PrivilegeString
->Buffer
;
1796 MIDL_user_free(PrivilegeString
);
1800 /* FIXME: Copy account rights into the buffer */
1803 UserRights
->Entries
= RightsCount
;
1804 UserRights
->UserRights
= (PRPC_UNICODE_STRING
)RightsBuffer
;
1807 if (!NT_SUCCESS(Status
))
1809 if (RightsBuffer
!= NULL
)
1811 for (RightsIndex
= 0; RightsIndex
< RightsCount
; RightsIndex
++)
1813 if (RightsBuffer
[RightsIndex
].Buffer
!= NULL
)
1814 MIDL_user_free(RightsBuffer
[RightsIndex
].Buffer
);
1817 MIDL_user_free(RightsBuffer
);
1821 if (PrivilegeSet
!= NULL
)
1822 MIDL_user_free(PrivilegeSet
);
1824 LsarClose(&AccountHandle
);
1831 NTSTATUS WINAPI
LsarAddAccountRights(
1832 LSAPR_HANDLE PolicyHandle
,
1833 PRPC_SID AccountSid
,
1834 PLSAPR_USER_RIGHT_SET UserRights
)
1837 return STATUS_NOT_IMPLEMENTED
;
1842 NTSTATUS WINAPI
LsarRemoveAccountRights(
1843 LSAPR_HANDLE PolicyHandle
,
1844 PRPC_SID AccountSid
,
1846 PLSAPR_USER_RIGHT_SET UserRights
)
1849 return STATUS_NOT_IMPLEMENTED
;
1854 NTSTATUS WINAPI
LsarQueryTrustedDomainInfo(
1855 LSAPR_HANDLE PolicyHandle
,
1856 PRPC_SID TrustedDomainSid
,
1857 TRUSTED_INFORMATION_CLASS InformationClass
,
1858 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1861 return STATUS_NOT_IMPLEMENTED
;
1866 NTSTATUS WINAPI
LsarSetTrustedDomainInfo(
1867 LSAPR_HANDLE PolicyHandle
,
1868 PRPC_SID TrustedDomainSid
,
1869 TRUSTED_INFORMATION_CLASS InformationClass
,
1870 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1873 return STATUS_NOT_IMPLEMENTED
;
1878 NTSTATUS WINAPI
LsarDeleteTrustedDomain(
1879 LSAPR_HANDLE PolicyHandle
,
1880 PRPC_SID TrustedDomainSid
)
1883 return STATUS_NOT_IMPLEMENTED
;
1888 NTSTATUS WINAPI
LsarStorePrivateData(
1889 LSAPR_HANDLE PolicyHandle
,
1890 PRPC_UNICODE_STRING KeyName
,
1891 PLSAPR_CR_CIPHER_VALUE EncryptedData
)
1894 return STATUS_NOT_IMPLEMENTED
;
1899 NTSTATUS WINAPI
LsarRetrievePrivateData(
1900 LSAPR_HANDLE PolicyHandle
,
1901 PRPC_UNICODE_STRING KeyName
,
1902 PLSAPR_CR_CIPHER_VALUE
*EncryptedData
)
1905 return STATUS_NOT_IMPLEMENTED
;
1910 NTSTATUS WINAPI
LsarOpenPolicy2(
1912 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
1913 ACCESS_MASK DesiredAccess
,
1914 LSAPR_HANDLE
*PolicyHandle
)
1917 return STATUS_NOT_IMPLEMENTED
;
1922 NTSTATUS WINAPI
LsarGetUserName(
1924 PRPC_UNICODE_STRING
*UserName
,
1925 PRPC_UNICODE_STRING
*DomainName
)
1928 return STATUS_NOT_IMPLEMENTED
;
1933 NTSTATUS WINAPI
LsarQueryInformationPolicy2(
1934 LSAPR_HANDLE PolicyHandle
,
1935 POLICY_INFORMATION_CLASS InformationClass
,
1936 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
1938 return LsarQueryInformationPolicy(PolicyHandle
,
1945 NTSTATUS WINAPI
LsarSetInformationPolicy2(
1946 LSAPR_HANDLE PolicyHandle
,
1947 POLICY_INFORMATION_CLASS InformationClass
,
1948 PLSAPR_POLICY_INFORMATION PolicyInformation
)
1950 return LsarSetInformationPolicy(PolicyHandle
,
1957 NTSTATUS WINAPI
LsarQueryTrustedDomainInfoByName(
1958 LSAPR_HANDLE PolicyHandle
,
1959 PRPC_UNICODE_STRING TrustedDomainName
,
1960 POLICY_INFORMATION_CLASS InformationClass
,
1961 PLSAPR_TRUSTED_DOMAIN_INFO
*PolicyInformation
)
1964 return STATUS_NOT_IMPLEMENTED
;
1969 NTSTATUS WINAPI
LsarSetTrustedDomainInfoByName(
1970 LSAPR_HANDLE PolicyHandle
,
1971 PRPC_UNICODE_STRING TrustedDomainName
,
1972 POLICY_INFORMATION_CLASS InformationClass
,
1973 PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation
)
1976 return STATUS_NOT_IMPLEMENTED
;
1981 NTSTATUS WINAPI
LsarEnumerateTrustedDomainsEx(
1982 LSAPR_HANDLE PolicyHandle
,
1983 DWORD
*EnumerationContext
,
1984 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer
,
1985 DWORD PreferedMaximumLength
)
1988 return STATUS_NOT_IMPLEMENTED
;
1993 NTSTATUS WINAPI
LsarCreateTrustedDomainEx(
1994 LSAPR_HANDLE PolicyHandle
,
1995 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1996 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation
,
1997 ACCESS_MASK DesiredAccess
,
1998 LSAPR_HANDLE
*TrustedDomainHandle
)
2001 return STATUS_NOT_IMPLEMENTED
;
2006 NTSTATUS WINAPI
LsarSetPolicyReplicationHandle(
2007 PLSAPR_HANDLE PolicyHandle
)
2010 return STATUS_NOT_IMPLEMENTED
;
2015 NTSTATUS WINAPI
LsarQueryDomainInformationPolicy(
2016 LSAPR_HANDLE PolicyHandle
,
2017 POLICY_INFORMATION_CLASS InformationClass
,
2018 PLSAPR_POLICY_DOMAIN_INFORMATION
*PolicyInformation
)
2021 return STATUS_NOT_IMPLEMENTED
;
2026 NTSTATUS WINAPI
LsarSetDomainInformationPolicy(
2027 LSAPR_HANDLE PolicyHandle
,
2028 POLICY_INFORMATION_CLASS InformationClass
,
2029 PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation
)
2032 return STATUS_NOT_IMPLEMENTED
;
2037 NTSTATUS WINAPI
LsarOpenTrustedDomainByName(
2038 LSAPR_HANDLE PolicyHandle
,
2039 PRPC_UNICODE_STRING TrustedDomainName
,
2040 ACCESS_MASK DesiredAccess
,
2041 LSAPR_HANDLE
*TrustedDomainHandle
)
2044 return STATUS_NOT_IMPLEMENTED
;
2049 NTSTATUS WINAPI
LsarTestCall(
2053 return STATUS_NOT_IMPLEMENTED
;
2058 NTSTATUS WINAPI
LsarLookupSids2(
2059 LSAPR_HANDLE PolicyHandle
,
2060 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2061 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2062 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2063 LSAP_LOOKUP_LEVEL LookupLevel
,
2065 DWORD LookupOptions
,
2066 DWORD ClientRevision
)
2070 TRACE("(%p %p %p %p %d %p %lu %lu)\n",
2071 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
2072 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2074 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
2075 TranslatedNames
->Names
= NULL
;
2076 *ReferencedDomains
= NULL
;
2078 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
2080 Status
= LsapLookupSids(SidEnumBuffer
,
2093 NTSTATUS WINAPI
LsarLookupNames2(
2094 LSAPR_HANDLE PolicyHandle
,
2096 PRPC_UNICODE_STRING Names
,
2097 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2098 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids
,
2099 LSAP_LOOKUP_LEVEL LookupLevel
,
2101 DWORD LookupOptions
,
2102 DWORD ClientRevision
)
2104 LSAPR_TRANSLATED_SIDS_EX2 TranslatedSidsEx2
;
2108 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2109 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2110 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2112 TranslatedSids
->Entries
= 0;
2113 TranslatedSids
->Sids
= NULL
;
2114 *ReferencedDomains
= NULL
;
2117 return STATUS_NONE_MAPPED
;
2119 TranslatedSidsEx2
.Entries
= 0;
2120 TranslatedSidsEx2
.Sids
= NULL
;
2122 Status
= LsapLookupNames(Count
,
2130 if (!NT_SUCCESS(Status
))
2133 TranslatedSids
->Entries
= TranslatedSidsEx2
.Entries
;
2134 TranslatedSids
->Sids
= MIDL_user_allocate(TranslatedSids
->Entries
* sizeof(LSA_TRANSLATED_SID
));
2135 if (TranslatedSids
->Sids
== NULL
)
2137 MIDL_user_free(TranslatedSidsEx2
.Sids
);
2138 MIDL_user_free(*ReferencedDomains
);
2139 *ReferencedDomains
= NULL
;
2140 return STATUS_INSUFFICIENT_RESOURCES
;
2143 for (i
= 0; i
< TranslatedSidsEx2
.Entries
; i
++)
2145 TranslatedSids
->Sids
[i
].Use
= TranslatedSidsEx2
.Sids
[i
].Use
;
2146 TranslatedSids
->Sids
[i
].RelativeId
= LsapGetRelativeIdFromSid(TranslatedSidsEx2
.Sids
[i
].Sid
);
2147 TranslatedSids
->Sids
[i
].DomainIndex
= TranslatedSidsEx2
.Sids
[i
].DomainIndex
;
2148 TranslatedSids
->Sids
[i
].Flags
= TranslatedSidsEx2
.Sids
[i
].Flags
;
2151 MIDL_user_free(TranslatedSidsEx2
.Sids
);
2153 return STATUS_SUCCESS
;
2158 NTSTATUS WINAPI
LsarCreateTrustedDomainEx2(
2159 LSAPR_HANDLE PolicyHandle
,
2160 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
2161 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation
,
2162 ACCESS_MASK DesiredAccess
,
2163 LSAPR_HANDLE
*TrustedDomainHandle
)
2166 return STATUS_NOT_IMPLEMENTED
;
2171 NTSTATUS WINAPI
CredrWrite(
2175 return STATUS_NOT_IMPLEMENTED
;
2180 NTSTATUS WINAPI
CredrRead(
2184 return STATUS_NOT_IMPLEMENTED
;
2189 NTSTATUS WINAPI
CredrEnumerate(
2193 return STATUS_NOT_IMPLEMENTED
;
2198 NTSTATUS WINAPI
CredrWriteDomainCredentials(
2202 return STATUS_NOT_IMPLEMENTED
;
2207 NTSTATUS WINAPI
CredrReadDomainCredentials(
2211 return STATUS_NOT_IMPLEMENTED
;
2216 NTSTATUS WINAPI
CredrDelete(
2220 return STATUS_NOT_IMPLEMENTED
;
2225 NTSTATUS WINAPI
CredrGetTargetInfo(
2229 return STATUS_NOT_IMPLEMENTED
;
2234 NTSTATUS WINAPI
CredrProfileLoaded(
2238 return STATUS_NOT_IMPLEMENTED
;
2243 NTSTATUS WINAPI
LsarLookupNames3(
2244 LSAPR_HANDLE PolicyHandle
,
2246 PRPC_UNICODE_STRING Names
,
2247 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2248 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2249 LSAP_LOOKUP_LEVEL LookupLevel
,
2251 DWORD LookupOptions
,
2252 DWORD ClientRevision
)
2256 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2257 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2258 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2260 TranslatedSids
->Entries
= 0;
2261 TranslatedSids
->Sids
= NULL
;
2262 *ReferencedDomains
= NULL
;
2265 return STATUS_NONE_MAPPED
;
2267 Status
= LsapLookupNames(Count
,
2281 NTSTATUS WINAPI
CredrGetSessionTypes(
2285 return STATUS_NOT_IMPLEMENTED
;
2290 NTSTATUS WINAPI
LsarRegisterAuditEvent(
2294 return STATUS_NOT_IMPLEMENTED
;
2299 NTSTATUS WINAPI
LsarGenAuditEvent(
2303 return STATUS_NOT_IMPLEMENTED
;
2308 NTSTATUS WINAPI
LsarUnregisterAuditEvent(
2312 return STATUS_NOT_IMPLEMENTED
;
2317 NTSTATUS WINAPI
LsarQueryForestTrustInformation(
2318 LSAPR_HANDLE PolicyHandle
,
2319 PLSA_UNICODE_STRING TrustedDomainName
,
2320 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2321 PLSA_FOREST_TRUST_INFORMATION
*ForestTrustInfo
)
2324 return STATUS_NOT_IMPLEMENTED
;
2329 NTSTATUS WINAPI
LsarSetForestTrustInformation(
2330 LSAPR_HANDLE PolicyHandle
,
2331 PLSA_UNICODE_STRING TrustedDomainName
,
2332 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2333 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo
,
2335 PLSA_FOREST_TRUST_COLLISION_INFORMATION
*CollisionInfo
)
2338 return STATUS_NOT_IMPLEMENTED
;
2343 NTSTATUS WINAPI
CredrRename(
2347 return STATUS_NOT_IMPLEMENTED
;
2352 NTSTATUS WINAPI
LsarLookupSids3(
2353 LSAPR_HANDLE PolicyHandle
,
2354 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2355 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2356 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2357 LSAP_LOOKUP_LEVEL LookupLevel
,
2359 DWORD LookupOptions
,
2360 DWORD ClientRevision
)
2364 TRACE("(%p %p %p %p %d %p %lu %lu)\n",
2365 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
2366 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2368 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
2369 TranslatedNames
->Names
= NULL
;
2370 *ReferencedDomains
= NULL
;
2372 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
2374 Status
= LsapLookupSids(SidEnumBuffer
,
2387 NTSTATUS WINAPI
LsarLookupNames4(
2390 PRPC_UNICODE_STRING Names
,
2391 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2392 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2393 LSAP_LOOKUP_LEVEL LookupLevel
,
2395 DWORD LookupOptions
,
2396 DWORD ClientRevision
)
2400 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2401 RpcHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2402 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2404 TranslatedSids
->Entries
= 0;
2405 TranslatedSids
->Sids
= NULL
;
2406 *ReferencedDomains
= NULL
;
2409 return STATUS_NONE_MAPPED
;
2411 Status
= LsapLookupNames(Count
,
2425 NTSTATUS WINAPI
LsarOpenPolicySce(
2429 return STATUS_NOT_IMPLEMENTED
;
2434 NTSTATUS WINAPI
LsarAdtRegisterSecurityEventSource(
2438 return STATUS_NOT_IMPLEMENTED
;
2443 NTSTATUS WINAPI
LsarAdtUnregisterSecurityEventSource(
2447 return STATUS_NOT_IMPLEMENTED
;
2452 NTSTATUS WINAPI
LsarAdtReportSecurityEvent(
2456 return STATUS_NOT_IMPLEMENTED
;
2461 NTSTATUS WINAPI
CredrFindBestCredential(
2465 return STATUS_NOT_IMPLEMENTED
;
2470 NTSTATUS WINAPI
LsarSetAuditPolicy(
2474 return STATUS_NOT_IMPLEMENTED
;
2479 NTSTATUS WINAPI
LsarQueryAuditPolicy(
2483 return STATUS_NOT_IMPLEMENTED
;
2488 NTSTATUS WINAPI
LsarEnumerateAuditPolicy(
2492 return STATUS_NOT_IMPLEMENTED
;
2497 NTSTATUS WINAPI
LsarEnumerateAuditCategories(
2501 return STATUS_NOT_IMPLEMENTED
;
2506 NTSTATUS WINAPI
LsarEnumerateAuditSubCategories(
2510 return STATUS_NOT_IMPLEMENTED
;
2515 NTSTATUS WINAPI
LsarLookupAuditCategoryName(
2519 return STATUS_NOT_IMPLEMENTED
;
2524 NTSTATUS WINAPI
LsarLookupAuditSubCategoryName(
2528 return STATUS_NOT_IMPLEMENTED
;
2533 NTSTATUS WINAPI
LsarSetAuditSecurity(
2537 return STATUS_NOT_IMPLEMENTED
;
2542 NTSTATUS WINAPI
LsarQueryAuditSecurity(
2546 return STATUS_NOT_IMPLEMENTED
;
2551 NTSTATUS WINAPI
CredReadByTokenHandle(
2555 return STATUS_NOT_IMPLEMENTED
;
2560 NTSTATUS WINAPI
CredrRestoreCredentials(
2564 return STATUS_NOT_IMPLEMENTED
;
2569 NTSTATUS WINAPI
CredrBackupCredentials(
2573 return STATUS_NOT_IMPLEMENTED
;