2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
7 * PROGRAMMERS: Eric Kohl
12 /* GLOBALS *****************************************************************/
14 static RTL_CRITICAL_SECTION PolicyHandleTableLock
;
17 /* FUNCTIONS ***************************************************************/
20 LsarStartRpcServer(VOID
)
24 RtlInitializeCriticalSection(&PolicyHandleTableLock
);
26 TRACE("LsarStartRpcServer() called\n");
28 Status
= RpcServerUseProtseqEpW(L
"ncacn_np",
32 if (Status
!= RPC_S_OK
)
34 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status
);
38 Status
= RpcServerRegisterIf(lsarpc_v0_0_s_ifspec
,
41 if (Status
!= RPC_S_OK
)
43 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status
);
47 Status
= RpcServerListen(1, 20, TRUE
);
48 if (Status
!= RPC_S_OK
)
50 WARN("RpcServerListen() failed (Status %lx)\n", Status
);
54 TRACE("LsarStartRpcServer() done\n");
58 void __RPC_USER
LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle
)
65 NTSTATUS WINAPI
LsarClose(
66 LSAPR_HANDLE
*ObjectHandle
)
68 PLSA_DB_OBJECT DbObject
;
69 NTSTATUS Status
= STATUS_SUCCESS
;
71 TRACE("0x%p\n", ObjectHandle
);
73 // RtlEnterCriticalSection(&PolicyHandleTableLock);
75 Status
= LsapValidateDbObject(*ObjectHandle
,
79 if (Status
== STATUS_SUCCESS
)
81 Status
= LsapCloseDbObject(DbObject
);
85 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
92 NTSTATUS WINAPI
LsarDelete(
93 LSAPR_HANDLE ObjectHandle
)
95 return LsarDeleteObject(&ObjectHandle
);
100 NTSTATUS WINAPI
LsarEnumeratePrivileges(
101 LSAPR_HANDLE PolicyHandle
,
102 DWORD
*EnumerationContext
,
103 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer
,
104 DWORD PreferedMaximumLength
)
106 PLSA_DB_OBJECT PolicyObject
;
109 TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
110 PolicyHandle
, EnumerationContext
, EnumerationBuffer
,
111 PreferedMaximumLength
);
113 Status
= LsapValidateDbObject(PolicyHandle
,
115 POLICY_VIEW_LOCAL_INFORMATION
,
117 if (!NT_SUCCESS(Status
))
120 if (EnumerationContext
== NULL
)
121 return STATUS_INVALID_PARAMETER
;
123 return LsarpEnumeratePrivileges(EnumerationContext
,
125 PreferedMaximumLength
);
130 NTSTATUS WINAPI
LsarQuerySecurityObject(
131 LSAPR_HANDLE ObjectHandle
,
132 SECURITY_INFORMATION SecurityInformation
,
133 PLSAPR_SR_SECURITY_DESCRIPTOR
*SecurityDescriptor
)
135 PLSA_DB_OBJECT DbObject
= NULL
;
136 PSECURITY_DESCRIPTOR RelativeSd
= NULL
;
137 PLSAPR_SR_SECURITY_DESCRIPTOR SdData
= NULL
;
138 ACCESS_MASK DesiredAccess
= 0;
139 ULONG RelativeSdSize
= 0;
142 if (SecurityDescriptor
== NULL
)
143 return STATUS_INVALID_PARAMETER
;
145 if ((SecurityInformation
& OWNER_SECURITY_INFORMATION
) ||
146 (SecurityInformation
& GROUP_SECURITY_INFORMATION
) ||
147 (SecurityInformation
& DACL_SECURITY_INFORMATION
))
148 DesiredAccess
|= READ_CONTROL
;
150 if (SecurityInformation
& SACL_SECURITY_INFORMATION
)
151 DesiredAccess
|= ACCESS_SYSTEM_SECURITY
;
153 /* Validate the ObjectHandle */
154 Status
= LsapValidateDbObject(ObjectHandle
,
158 if (!NT_SUCCESS(Status
))
161 /* Get the size of the SD */
162 Status
= LsapGetObjectAttribute(DbObject
,
166 if (!NT_SUCCESS(Status
))
169 /* Allocate a buffer for the SD */
170 RelativeSd
= MIDL_user_allocate(RelativeSdSize
);
171 if (RelativeSd
== NULL
)
172 return STATUS_INSUFFICIENT_RESOURCES
;
175 Status
= LsapGetObjectAttribute(DbObject
,
179 if (!NT_SUCCESS(Status
))
183 * FIXME: Invalidate the SD information that was not requested.
184 * (see SecurityInformation)
187 /* Allocate the SD data buffer */
188 SdData
= MIDL_user_allocate(sizeof(LSAPR_SR_SECURITY_DESCRIPTOR
));
191 Status
= STATUS_INSUFFICIENT_RESOURCES
;
195 /* Fill the SD data buffer and return it to the caller */
196 SdData
->Length
= RelativeSdSize
;
197 SdData
->SecurityDescriptor
= (PBYTE
)RelativeSd
;
199 *SecurityDescriptor
= SdData
;
202 if (!NT_SUCCESS(Status
))
204 if (RelativeSd
!= NULL
)
205 MIDL_user_free(RelativeSd
);
213 NTSTATUS WINAPI
LsarSetSecurityObject(
214 LSAPR_HANDLE ObjectHandle
,
215 SECURITY_INFORMATION SecurityInformation
,
216 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor
)
219 return STATUS_NOT_IMPLEMENTED
;
224 NTSTATUS WINAPI
LsarChangePassword(
226 PRPC_UNICODE_STRING String1
,
227 PRPC_UNICODE_STRING String2
,
228 PRPC_UNICODE_STRING String3
,
229 PRPC_UNICODE_STRING String4
,
230 PRPC_UNICODE_STRING String5
)
233 return STATUS_NOT_IMPLEMENTED
;
238 NTSTATUS WINAPI
LsarOpenPolicy(
240 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
241 ACCESS_MASK DesiredAccess
,
242 LSAPR_HANDLE
*PolicyHandle
)
244 PLSA_DB_OBJECT PolicyObject
;
247 TRACE("LsarOpenPolicy called!\n");
249 RtlEnterCriticalSection(&PolicyHandleTableLock
);
251 Status
= LsapOpenDbObject(NULL
,
259 RtlLeaveCriticalSection(&PolicyHandleTableLock
);
261 if (NT_SUCCESS(Status
))
262 *PolicyHandle
= (LSAPR_HANDLE
)PolicyObject
;
264 TRACE("LsarOpenPolicy done!\n");
271 NTSTATUS WINAPI
LsarQueryInformationPolicy(
272 LSAPR_HANDLE PolicyHandle
,
273 POLICY_INFORMATION_CLASS InformationClass
,
274 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
276 PLSA_DB_OBJECT PolicyObject
;
277 ACCESS_MASK DesiredAccess
= 0;
280 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
281 PolicyHandle
, InformationClass
, PolicyInformation
);
283 if (PolicyInformation
)
285 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
288 switch (InformationClass
)
290 case PolicyAuditLogInformation
:
291 case PolicyAuditEventsInformation
:
292 case PolicyAuditFullQueryInformation
:
293 DesiredAccess
= POLICY_VIEW_AUDIT_INFORMATION
;
296 case PolicyPrimaryDomainInformation
:
297 case PolicyAccountDomainInformation
:
298 case PolicyLsaServerRoleInformation
:
299 case PolicyReplicaSourceInformation
:
300 case PolicyDefaultQuotaInformation
:
301 case PolicyModificationInformation
:
302 case PolicyDnsDomainInformation
:
303 case PolicyDnsDomainInformationInt
:
304 case PolicyLocalAccountDomainInformation
:
305 DesiredAccess
= POLICY_VIEW_LOCAL_INFORMATION
;
308 case PolicyPdAccountInformation
:
309 DesiredAccess
= POLICY_GET_PRIVATE_INFORMATION
;
313 ERR("Invalid InformationClass!\n");
314 return STATUS_INVALID_PARAMETER
;
317 Status
= LsapValidateDbObject(PolicyHandle
,
321 if (!NT_SUCCESS(Status
))
324 switch (InformationClass
)
326 case PolicyAuditLogInformation
: /* 1 */
327 Status
= LsarQueryAuditLog(PolicyObject
,
331 case PolicyAuditEventsInformation
: /* 2 */
332 Status
= LsarQueryAuditEvents(PolicyObject
,
336 case PolicyPrimaryDomainInformation
: /* 3 */
337 Status
= LsarQueryPrimaryDomain(PolicyObject
,
341 case PolicyPdAccountInformation
: /* 4 */
342 Status
= LsarQueryPdAccount(PolicyObject
,
346 case PolicyAccountDomainInformation
: /* 5 */
347 Status
= LsarQueryAccountDomain(PolicyObject
,
351 case PolicyLsaServerRoleInformation
: /* 6 */
352 Status
= LsarQueryServerRole(PolicyObject
,
356 case PolicyReplicaSourceInformation
: /* 7 */
357 Status
= LsarQueryReplicaSource(PolicyObject
,
361 case PolicyDefaultQuotaInformation
: /* 8 */
362 Status
= LsarQueryDefaultQuota(PolicyObject
,
366 case PolicyModificationInformation
: /* 9 */
367 Status
= LsarQueryModification(PolicyObject
,
371 case PolicyAuditFullQueryInformation
: /* 11 (0xB) */
372 Status
= LsarQueryAuditFull(PolicyObject
,
376 case PolicyDnsDomainInformation
: /* 12 (0xC) */
377 Status
= LsarQueryDnsDomain(PolicyObject
,
381 case PolicyDnsDomainInformationInt
: /* 13 (0xD) */
382 Status
= LsarQueryDnsDomainInt(PolicyObject
,
386 case PolicyLocalAccountDomainInformation
: /* 14 (0xE) */
387 Status
= LsarQueryLocalAccountDomain(PolicyObject
,
392 ERR("Invalid InformationClass!\n");
393 Status
= STATUS_INVALID_PARAMETER
;
401 NTSTATUS WINAPI
LsarSetInformationPolicy(
402 LSAPR_HANDLE PolicyHandle
,
403 POLICY_INFORMATION_CLASS InformationClass
,
404 PLSAPR_POLICY_INFORMATION PolicyInformation
)
406 PLSA_DB_OBJECT PolicyObject
;
407 ACCESS_MASK DesiredAccess
= 0;
410 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
411 PolicyHandle
, InformationClass
, PolicyInformation
);
413 if (PolicyInformation
)
415 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
418 switch (InformationClass
)
420 case PolicyAuditLogInformation
:
421 case PolicyAuditFullSetInformation
:
422 DesiredAccess
= POLICY_AUDIT_LOG_ADMIN
;
425 case PolicyAuditEventsInformation
:
426 DesiredAccess
= POLICY_SET_AUDIT_REQUIREMENTS
;
429 case PolicyPrimaryDomainInformation
:
430 case PolicyAccountDomainInformation
:
431 case PolicyDnsDomainInformation
:
432 case PolicyDnsDomainInformationInt
:
433 case PolicyLocalAccountDomainInformation
:
434 DesiredAccess
= POLICY_TRUST_ADMIN
;
437 case PolicyLsaServerRoleInformation
:
438 case PolicyReplicaSourceInformation
:
439 DesiredAccess
= POLICY_SERVER_ADMIN
;
442 case PolicyDefaultQuotaInformation
:
443 DesiredAccess
= POLICY_SET_DEFAULT_QUOTA_LIMITS
;
447 ERR("Invalid InformationClass!\n");
448 return STATUS_INVALID_PARAMETER
;
451 Status
= LsapValidateDbObject(PolicyHandle
,
455 if (!NT_SUCCESS(Status
))
458 switch (InformationClass
)
460 case PolicyAuditLogInformation
: /* 1 */
461 Status
= LsarSetAuditLog(PolicyObject
,
462 (PPOLICY_AUDIT_LOG_INFO
)PolicyInformation
);
465 case PolicyAuditEventsInformation
: /* 2 */
466 Status
= LsarSetAuditEvents(PolicyObject
,
467 (PLSAPR_POLICY_AUDIT_EVENTS_INFO
)PolicyInformation
);
470 case PolicyPrimaryDomainInformation
: /* 3 */
471 Status
= LsarSetPrimaryDomain(PolicyObject
,
472 (PLSAPR_POLICY_PRIMARY_DOM_INFO
)PolicyInformation
);
475 case PolicyAccountDomainInformation
: /* 5 */
476 Status
= LsarSetAccountDomain(PolicyObject
,
477 (PLSAPR_POLICY_ACCOUNT_DOM_INFO
)PolicyInformation
);
480 case PolicyLsaServerRoleInformation
: /* 6 */
481 Status
= LsarSetServerRole(PolicyObject
,
482 (PPOLICY_LSA_SERVER_ROLE_INFO
)PolicyInformation
);
485 case PolicyReplicaSourceInformation
: /* 7 */
486 Status
= LsarSetReplicaSource(PolicyObject
,
487 (PPOLICY_LSA_REPLICA_SRCE_INFO
)PolicyInformation
);
490 case PolicyDefaultQuotaInformation
: /* 8 */
491 Status
= LsarSetDefaultQuota(PolicyObject
,
492 (PPOLICY_DEFAULT_QUOTA_INFO
)PolicyInformation
);
495 case PolicyModificationInformation
: /* 9 */
496 Status
= LsarSetModification(PolicyObject
,
497 (PPOLICY_MODIFICATION_INFO
)PolicyInformation
);
500 case PolicyAuditFullSetInformation
: /* 10 (0xA) */
501 Status
= LsarSetAuditFull(PolicyObject
,
502 (PPOLICY_AUDIT_FULL_QUERY_INFO
)PolicyInformation
);
505 case PolicyDnsDomainInformation
: /* 12 (0xC) */
506 Status
= LsarSetDnsDomain(PolicyObject
,
507 (PLSAPR_POLICY_DNS_DOMAIN_INFO
)PolicyInformation
);
510 case PolicyDnsDomainInformationInt
: /* 13 (0xD) */
511 Status
= LsarSetDnsDomainInt(PolicyObject
,
512 (PLSAPR_POLICY_DNS_DOMAIN_INFO
)PolicyInformation
);
515 case PolicyLocalAccountDomainInformation
: /* 14 (0xE) */
516 Status
= LsarSetLocalAccountDomain(PolicyObject
,
517 (PLSAPR_POLICY_ACCOUNT_DOM_INFO
)PolicyInformation
);
521 Status
= STATUS_INVALID_PARAMETER
;
530 NTSTATUS WINAPI
LsarClearAuditLog(
531 LSAPR_HANDLE ObjectHandle
)
534 return STATUS_NOT_IMPLEMENTED
;
539 NTSTATUS WINAPI
LsarCreateAccount(
540 LSAPR_HANDLE PolicyHandle
,
542 ACCESS_MASK DesiredAccess
,
543 LSAPR_HANDLE
*AccountHandle
)
545 PLSA_DB_OBJECT PolicyObject
;
546 PLSA_DB_OBJECT AccountObject
= NULL
;
547 LPWSTR SidString
= NULL
;
548 PSECURITY_DESCRIPTOR AccountSd
= NULL
;
550 NTSTATUS Status
= STATUS_SUCCESS
;
552 /* Validate the AccountSid */
553 if (!RtlValidSid(AccountSid
))
554 return STATUS_INVALID_PARAMETER
;
556 /* Validate the PolicyHandle */
557 Status
= LsapValidateDbObject(PolicyHandle
,
559 POLICY_CREATE_ACCOUNT
,
561 if (!NT_SUCCESS(Status
))
563 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
567 /* Create SID string */
568 if (!ConvertSidToStringSid((PSID
)AccountSid
,
571 ERR("ConvertSidToStringSid failed\n");
572 Status
= STATUS_INVALID_PARAMETER
;
576 /* Create a security descriptor for the account */
577 Status
= LsapCreateAccountSd(&AccountSd
,
579 if (!NT_SUCCESS(Status
))
581 ERR("LsapCreateAccountSd returned 0x%08lx\n", Status
);
585 /* Create the Account object */
586 Status
= LsapCreateDbObject(PolicyObject
,
591 PolicyObject
->Trusted
,
593 if (!NT_SUCCESS(Status
))
595 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status
);
599 /* Set the Sid attribute */
600 Status
= LsapSetObjectAttribute(AccountObject
,
603 GetLengthSid(AccountSid
));
604 if (!NT_SUCCESS(Status
))
607 /* Set the SecDesc attribute */
608 Status
= LsapSetObjectAttribute(AccountObject
,
614 if (SidString
!= NULL
)
615 LocalFree(SidString
);
617 if (AccountSd
!= NULL
)
618 RtlFreeHeap(RtlGetProcessHeap(), 0, AccountSd
);
620 if (!NT_SUCCESS(Status
))
622 if (AccountObject
!= NULL
)
623 LsapCloseDbObject(AccountObject
);
627 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
630 return STATUS_SUCCESS
;
635 NTSTATUS WINAPI
LsarEnumerateAccounts(
636 LSAPR_HANDLE PolicyHandle
,
637 DWORD
*EnumerationContext
,
638 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
,
639 DWORD PreferedMaximumLength
)
641 LSAPR_ACCOUNT_ENUM_BUFFER EnumBuffer
= {0, NULL
};
642 PLSA_DB_OBJECT PolicyObject
= NULL
;
643 WCHAR AccountKeyName
[64];
644 HANDLE AccountsKeyHandle
= NULL
;
645 HANDLE AccountKeyHandle
;
649 ULONG RequiredLength
;
652 NTSTATUS Status
= STATUS_SUCCESS
;
654 TRACE("(%p %p %p %lu)\n", PolicyHandle
, EnumerationContext
,
655 EnumerationBuffer
, PreferedMaximumLength
);
657 if (EnumerationContext
== NULL
||
658 EnumerationBuffer
== NULL
)
659 return STATUS_INVALID_PARAMETER
;
661 EnumerationBuffer
->EntriesRead
= 0;
662 EnumerationBuffer
->Information
= NULL
;
664 /* Validate the PolicyHandle */
665 Status
= LsapValidateDbObject(PolicyHandle
,
667 POLICY_VIEW_LOCAL_INFORMATION
,
669 if (!NT_SUCCESS(Status
))
671 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
675 Status
= LsapRegOpenKey(PolicyObject
->KeyHandle
,
679 if (!NT_SUCCESS(Status
))
682 EnumIndex
= *EnumerationContext
;
688 Status
= LsapRegEnumerateSubKey(AccountsKeyHandle
,
692 if (!NT_SUCCESS(Status
))
695 TRACE("EnumIndex: %lu\n", EnumIndex
);
696 TRACE("Account key name: %S\n", AccountKeyName
);
698 Status
= LsapRegOpenKey(AccountsKeyHandle
,
702 TRACE("LsapRegOpenKey returned %08lX\n", Status
);
703 if (NT_SUCCESS(Status
))
705 Status
= LsapRegOpenKey(AccountKeyHandle
,
709 TRACE("LsapRegOpenKey returned %08lX\n", Status
);
710 if (NT_SUCCESS(Status
))
713 Status
= LsapRegQueryValue(SidKeyHandle
,
718 TRACE("LsapRegQueryValue returned %08lX\n", Status
);
719 if (NT_SUCCESS(Status
))
721 TRACE("Data length: %lu\n", DataLength
);
723 if ((RequiredLength
+ DataLength
+ sizeof(LSAPR_ACCOUNT_INFORMATION
)) > PreferedMaximumLength
)
726 RequiredLength
+= (DataLength
+ sizeof(LSAPR_ACCOUNT_INFORMATION
));
730 LsapRegCloseKey(SidKeyHandle
);
733 LsapRegCloseKey(AccountKeyHandle
);
739 TRACE("EnumCount: %lu\n", EnumCount
);
740 TRACE("RequiredLength: %lu\n", RequiredLength
);
742 EnumBuffer
.EntriesRead
= EnumCount
;
743 EnumBuffer
.Information
= midl_user_allocate(EnumCount
* sizeof(LSAPR_ACCOUNT_INFORMATION
));
744 if (EnumBuffer
.Information
== NULL
)
746 Status
= STATUS_INSUFFICIENT_RESOURCES
;
750 EnumIndex
= *EnumerationContext
;
751 for (i
= 0; i
< EnumCount
; i
++, EnumIndex
++)
753 Status
= LsapRegEnumerateSubKey(AccountsKeyHandle
,
757 if (!NT_SUCCESS(Status
))
760 TRACE("EnumIndex: %lu\n", EnumIndex
);
761 TRACE("Account key name: %S\n", AccountKeyName
);
763 Status
= LsapRegOpenKey(AccountsKeyHandle
,
767 TRACE("LsapRegOpenKey returned %08lX\n", Status
);
768 if (NT_SUCCESS(Status
))
770 Status
= LsapRegOpenKey(AccountKeyHandle
,
774 TRACE("LsapRegOpenKey returned %08lX\n", Status
);
775 if (NT_SUCCESS(Status
))
778 Status
= LsapRegQueryValue(SidKeyHandle
,
783 TRACE("LsapRegQueryValue returned %08lX\n", Status
);
784 if (NT_SUCCESS(Status
))
786 EnumBuffer
.Information
[i
].Sid
= midl_user_allocate(DataLength
);
787 if (EnumBuffer
.Information
[i
].Sid
== NULL
)
789 LsapRegCloseKey(AccountKeyHandle
);
790 Status
= STATUS_INSUFFICIENT_RESOURCES
;
794 Status
= LsapRegQueryValue(SidKeyHandle
,
797 EnumBuffer
.Information
[i
].Sid
,
799 TRACE("SampRegQueryValue returned %08lX\n", Status
);
802 LsapRegCloseKey(SidKeyHandle
);
805 LsapRegCloseKey(AccountKeyHandle
);
807 if (!NT_SUCCESS(Status
))
812 if (NT_SUCCESS(Status
))
814 *EnumerationContext
+= EnumCount
;
815 EnumerationBuffer
->EntriesRead
= EnumBuffer
.EntriesRead
;
816 EnumerationBuffer
->Information
= EnumBuffer
.Information
;
820 if (!NT_SUCCESS(Status
))
822 if (EnumBuffer
.Information
)
824 for (i
= 0; i
< EnumBuffer
.EntriesRead
; i
++)
826 if (EnumBuffer
.Information
[i
].Sid
!= NULL
)
827 midl_user_free(EnumBuffer
.Information
[i
].Sid
);
830 midl_user_free(EnumBuffer
.Information
);
834 if (AccountsKeyHandle
!= NULL
)
835 LsapRegCloseKey(AccountsKeyHandle
);
842 NTSTATUS WINAPI
LsarCreateTrustedDomain(
843 LSAPR_HANDLE PolicyHandle
,
844 PLSAPR_TRUST_INFORMATION TrustedDomainInformation
,
845 ACCESS_MASK DesiredAccess
,
846 LSAPR_HANDLE
*TrustedDomainHandle
)
849 return STATUS_NOT_IMPLEMENTED
;
854 NTSTATUS WINAPI
LsarEnumerateTrustedDomains(
855 LSAPR_HANDLE PolicyHandle
,
856 DWORD
*EnumerationContext
,
857 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer
,
858 DWORD PreferedMaximumLength
)
861 return STATUS_NOT_IMPLEMENTED
;
866 NTSTATUS WINAPI
LsarLookupNames(
867 LSAPR_HANDLE PolicyHandle
,
869 PRPC_UNICODE_STRING Names
,
870 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
871 PLSAPR_TRANSLATED_SIDS TranslatedSids
,
872 LSAP_LOOKUP_LEVEL LookupLevel
,
875 LSAPR_TRANSLATED_SIDS_EX2 TranslatedSidsEx2
;
879 TRACE("(%p %lu %p %p %p %d %p)\n",
880 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
881 LookupLevel
, MappedCount
);
883 TranslatedSids
->Entries
= 0;
884 TranslatedSids
->Sids
= NULL
;
885 *ReferencedDomains
= NULL
;
888 return STATUS_NONE_MAPPED
;
890 TranslatedSidsEx2
.Entries
= 0;
891 TranslatedSidsEx2
.Sids
= NULL
;
893 Status
= LsapLookupNames(Count
,
901 if (!NT_SUCCESS(Status
))
904 TranslatedSids
->Entries
= TranslatedSidsEx2
.Entries
;
905 TranslatedSids
->Sids
= MIDL_user_allocate(TranslatedSids
->Entries
* sizeof(LSA_TRANSLATED_SID
));
906 if (TranslatedSids
->Sids
== NULL
)
908 MIDL_user_free(TranslatedSidsEx2
.Sids
);
909 MIDL_user_free(*ReferencedDomains
);
910 *ReferencedDomains
= NULL
;
911 return STATUS_INSUFFICIENT_RESOURCES
;
914 for (i
= 0; i
< TranslatedSidsEx2
.Entries
; i
++)
916 TranslatedSids
->Sids
[i
].Use
= TranslatedSidsEx2
.Sids
[i
].Use
;
917 TranslatedSids
->Sids
[i
].RelativeId
= LsapGetRelativeIdFromSid(TranslatedSidsEx2
.Sids
[i
].Sid
);
918 TranslatedSids
->Sids
[i
].DomainIndex
= TranslatedSidsEx2
.Sids
[i
].DomainIndex
;
921 MIDL_user_free(TranslatedSidsEx2
.Sids
);
923 return STATUS_SUCCESS
;
928 NTSTATUS WINAPI
LsarLookupSids(
929 LSAPR_HANDLE PolicyHandle
,
930 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
931 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
932 PLSAPR_TRANSLATED_NAMES TranslatedNames
,
933 LSAP_LOOKUP_LEVEL LookupLevel
,
936 LSAPR_TRANSLATED_NAMES_EX TranslatedNamesEx
;
940 TRACE("(%p %p %p %p %d %p)\n",
941 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
942 LookupLevel
, MappedCount
);
944 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
946 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
947 TranslatedNames
->Names
= NULL
;
948 *ReferencedDomains
= NULL
;
950 TranslatedNamesEx
.Entries
= SidEnumBuffer
->Entries
;
951 TranslatedNamesEx
.Names
= NULL
;
953 Status
= LsapLookupSids(SidEnumBuffer
,
960 if (!NT_SUCCESS(Status
))
963 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
964 TranslatedNames
->Names
= MIDL_user_allocate(SidEnumBuffer
->Entries
* sizeof(LSAPR_TRANSLATED_NAME
));
965 if (TranslatedNames
->Names
== NULL
)
967 MIDL_user_free(TranslatedNamesEx
.Names
);
968 MIDL_user_free(*ReferencedDomains
);
969 *ReferencedDomains
= NULL
;
970 return STATUS_INSUFFICIENT_RESOURCES
;
973 for (i
= 0; i
< TranslatedNamesEx
.Entries
; i
++)
975 TranslatedNames
->Names
[i
].Use
= TranslatedNamesEx
.Names
[i
].Use
;
976 TranslatedNames
->Names
[i
].Name
.Length
= TranslatedNamesEx
.Names
[i
].Name
.Length
;
977 TranslatedNames
->Names
[i
].Name
.MaximumLength
= TranslatedNamesEx
.Names
[i
].Name
.MaximumLength
;
978 TranslatedNames
->Names
[i
].Name
.Buffer
= TranslatedNamesEx
.Names
[i
].Name
.Buffer
;
979 TranslatedNames
->Names
[i
].DomainIndex
= TranslatedNamesEx
.Names
[i
].DomainIndex
;
982 MIDL_user_free(TranslatedNamesEx
.Names
);
989 NTSTATUS WINAPI
LsarCreateSecret(
990 LSAPR_HANDLE PolicyHandle
,
991 PRPC_UNICODE_STRING SecretName
,
992 ACCESS_MASK DesiredAccess
,
993 LSAPR_HANDLE
*SecretHandle
)
995 PLSA_DB_OBJECT PolicyObject
;
996 PLSA_DB_OBJECT SecretObject
= NULL
;
998 PSECURITY_DESCRIPTOR SecretSd
= NULL
;
1000 NTSTATUS Status
= STATUS_SUCCESS
;
1002 /* Validate the PolicyHandle */
1003 Status
= LsapValidateDbObject(PolicyHandle
,
1005 POLICY_CREATE_SECRET
,
1007 if (!NT_SUCCESS(Status
))
1009 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1013 /* Get the current time */
1014 Status
= NtQuerySystemTime(&Time
);
1015 if (!NT_SUCCESS(Status
))
1017 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
1021 /* Create a security descriptor for the secret */
1022 Status
= LsapCreateSecretSd(&SecretSd
,
1024 if (!NT_SUCCESS(Status
))
1026 ERR("LsapCreateAccountSd returned 0x%08lx\n", Status
);
1030 /* Create the Secret object */
1031 Status
= LsapCreateDbObject(PolicyObject
,
1036 PolicyObject
->Trusted
,
1038 if (!NT_SUCCESS(Status
))
1040 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status
);
1044 /* Set the CurrentTime attribute */
1045 Status
= LsapSetObjectAttribute(SecretObject
,
1048 sizeof(LARGE_INTEGER
));
1049 if (!NT_SUCCESS(Status
))
1051 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status
);
1055 /* Set the OldTime attribute */
1056 Status
= LsapSetObjectAttribute(SecretObject
,
1059 sizeof(LARGE_INTEGER
));
1060 if (!NT_SUCCESS(Status
))
1062 ERR("LsapSetObjectAttribute (OldTime) failed (Status 0x%08lx)\n", Status
);
1066 /* Set the SecDesc attribute */
1067 Status
= LsapSetObjectAttribute(SecretObject
,
1073 if (SecretSd
!= NULL
)
1074 RtlFreeHeap(RtlGetProcessHeap(), 0, SecretSd
);
1076 if (!NT_SUCCESS(Status
))
1078 if (SecretObject
!= NULL
)
1079 LsapCloseDbObject(SecretObject
);
1083 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
1086 return STATUS_SUCCESS
;
1091 NTSTATUS WINAPI
LsarOpenAccount(
1092 LSAPR_HANDLE PolicyHandle
,
1093 PRPC_SID AccountSid
,
1094 ACCESS_MASK DesiredAccess
,
1095 LSAPR_HANDLE
*AccountHandle
)
1097 PLSA_DB_OBJECT PolicyObject
;
1098 PLSA_DB_OBJECT AccountObject
= NULL
;
1099 LPWSTR SidString
= NULL
;
1100 NTSTATUS Status
= STATUS_SUCCESS
;
1102 /* Validate the AccountSid */
1103 if (!RtlValidSid(AccountSid
))
1104 return STATUS_INVALID_PARAMETER
;
1106 /* Validate the PolicyHandle */
1107 Status
= LsapValidateDbObject(PolicyHandle
,
1111 if (!NT_SUCCESS(Status
))
1113 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1117 /* Create SID string */
1118 if (!ConvertSidToStringSid((PSID
)AccountSid
,
1121 ERR("ConvertSidToStringSid failed\n");
1122 Status
= STATUS_INVALID_PARAMETER
;
1126 /* Create the Account object */
1127 Status
= LsapOpenDbObject(PolicyObject
,
1132 PolicyObject
->Trusted
,
1134 if (!NT_SUCCESS(Status
))
1136 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status
);
1140 /* Set the Sid attribute */
1141 Status
= LsapSetObjectAttribute(AccountObject
,
1144 GetLengthSid(AccountSid
));
1147 if (SidString
!= NULL
)
1148 LocalFree(SidString
);
1150 if (!NT_SUCCESS(Status
))
1152 if (AccountObject
!= NULL
)
1153 LsapCloseDbObject(AccountObject
);
1157 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
1165 NTSTATUS WINAPI
LsarEnumeratePrivilegesAccount(
1166 LSAPR_HANDLE AccountHandle
,
1167 PLSAPR_PRIVILEGE_SET
*Privileges
)
1169 PLSA_DB_OBJECT AccountObject
;
1170 ULONG PrivilegeSetSize
= 0;
1171 PLSAPR_PRIVILEGE_SET PrivilegeSet
= NULL
;
1176 /* Validate the AccountHandle */
1177 Status
= LsapValidateDbObject(AccountHandle
,
1181 if (!NT_SUCCESS(Status
))
1183 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1187 /* Get the size of the privilege set */
1188 Status
= LsapGetObjectAttribute(AccountObject
,
1192 if (!NT_SUCCESS(Status
))
1195 /* Allocate a buffer for the privilege set */
1196 PrivilegeSet
= MIDL_user_allocate(PrivilegeSetSize
);
1197 if (PrivilegeSet
== NULL
)
1198 return STATUS_NO_MEMORY
;
1200 /* Get the privilege set */
1201 Status
= LsapGetObjectAttribute(AccountObject
,
1205 if (!NT_SUCCESS(Status
))
1207 MIDL_user_free(PrivilegeSet
);
1211 /* Return a pointer to the privilege set */
1212 *Privileges
= PrivilegeSet
;
1214 return STATUS_SUCCESS
;
1219 NTSTATUS WINAPI
LsarAddPrivilegesToAccount(
1220 LSAPR_HANDLE AccountHandle
,
1221 PLSAPR_PRIVILEGE_SET Privileges
)
1223 PLSA_DB_OBJECT AccountObject
;
1224 PPRIVILEGE_SET CurrentPrivileges
= NULL
;
1225 PPRIVILEGE_SET NewPrivileges
= NULL
;
1226 ULONG PrivilegeSetSize
= 0;
1227 ULONG PrivilegeCount
;
1232 /* Validate the AccountHandle */
1233 Status
= LsapValidateDbObject(AccountHandle
,
1235 ACCOUNT_ADJUST_PRIVILEGES
,
1237 if (!NT_SUCCESS(Status
))
1239 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1243 /* Get the size of the Privilgs attribute */
1244 Status
= LsapGetObjectAttribute(AccountObject
,
1248 if (!NT_SUCCESS(Status
) || PrivilegeSetSize
== 0)
1250 /* The Privilgs attribute does not exist */
1252 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1253 (Privileges
->PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1254 Status
= LsapSetObjectAttribute(AccountObject
,
1261 /* The Privilgs attribute exists */
1263 /* Allocate memory for the stored privilege set */
1264 CurrentPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1265 if (CurrentPrivileges
== NULL
)
1266 return STATUS_NO_MEMORY
;
1268 /* Get the current privilege set */
1269 Status
= LsapGetObjectAttribute(AccountObject
,
1273 if (!NT_SUCCESS(Status
))
1275 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status
);
1279 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1280 TRACE("Current privilege count: %lu\n", PrivilegeCount
);
1282 /* Calculate the number privileges in the combined privilege set */
1283 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1286 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1288 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1289 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1296 if (bFound
== FALSE
)
1298 TRACE("Found new privilege\n");
1302 TRACE("New privilege count: %lu\n", PrivilegeCount
);
1304 /* Calculate the size of the new privilege set and allocate it */
1305 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1306 (PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1307 NewPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1308 if (NewPrivileges
== NULL
)
1310 Status
= STATUS_NO_MEMORY
;
1314 /* Initialize the new privilege set */
1315 NewPrivileges
->PrivilegeCount
= PrivilegeCount
;
1316 NewPrivileges
->Control
= 0;
1318 /* Copy all privileges from the current privilege set */
1319 RtlCopyLuidAndAttributesArray(CurrentPrivileges
->PrivilegeCount
,
1320 &(CurrentPrivileges
->Privilege
[0]),
1321 &(NewPrivileges
->Privilege
[0]));
1323 /* Add new privileges to the new privilege set */
1324 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1325 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1328 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1330 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1331 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1333 /* Overwrite attributes if a matching privilege was found */
1334 NewPrivileges
->Privilege
[j
].Attributes
= Privileges
->Privilege
[i
].Attributes
;
1341 if (bFound
== FALSE
)
1343 /* Copy the new privilege */
1344 RtlCopyLuidAndAttributesArray(1,
1345 (PLUID_AND_ATTRIBUTES
)&(Privileges
->Privilege
[i
]),
1346 &(NewPrivileges
->Privilege
[PrivilegeCount
]));
1351 /* Set the new privilege set */
1352 Status
= LsapSetObjectAttribute(AccountObject
,
1359 if (CurrentPrivileges
!= NULL
)
1360 MIDL_user_free(CurrentPrivileges
);
1362 if (NewPrivileges
!= NULL
)
1363 MIDL_user_free(NewPrivileges
);
1370 NTSTATUS WINAPI
LsarRemovePrivilegesFromAccount(
1371 LSAPR_HANDLE AccountHandle
,
1373 PLSAPR_PRIVILEGE_SET Privileges
)
1375 PLSA_DB_OBJECT AccountObject
;
1376 PPRIVILEGE_SET CurrentPrivileges
= NULL
;
1377 PPRIVILEGE_SET NewPrivileges
= NULL
;
1378 ULONG PrivilegeSetSize
= 0;
1379 ULONG PrivilegeCount
;
1384 TRACE("(%p %u %p)\n", AccountHandle
, AllPrivileges
, Privileges
);
1387 if ((AllPrivileges
== FALSE
&& Privileges
== NULL
) ||
1388 (AllPrivileges
== TRUE
&& Privileges
!= NULL
))
1389 return STATUS_INVALID_PARAMETER
;
1391 /* Validate the AccountHandle */
1392 Status
= LsapValidateDbObject(AccountHandle
,
1394 ACCOUNT_ADJUST_PRIVILEGES
,
1396 if (!NT_SUCCESS(Status
))
1398 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1402 if (AllPrivileges
== TRUE
)
1404 /* Delete the Privilgs attribute */
1405 Status
= LsapDeleteObjectAttribute(AccountObject
,
1407 if (Status
== STATUS_OBJECT_NAME_NOT_FOUND
)
1408 Status
= STATUS_SUCCESS
;
1412 /* Get the size of the Privilgs attribute */
1413 Status
= LsapGetObjectAttribute(AccountObject
,
1417 if (!NT_SUCCESS(Status
))
1420 /* Succeed, if there is no privilege set to remove privileges from */
1421 if (PrivilegeSetSize
== 0)
1423 Status
= STATUS_SUCCESS
;
1427 /* Allocate memory for the stored privilege set */
1428 CurrentPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1429 if (CurrentPrivileges
== NULL
)
1430 return STATUS_NO_MEMORY
;
1432 /* Get the current privilege set */
1433 Status
= LsapGetObjectAttribute(AccountObject
,
1437 if (!NT_SUCCESS(Status
))
1439 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status
);
1443 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1444 TRACE("Current privilege count: %lu\n", PrivilegeCount
);
1446 /* Calculate the number of privileges in the new privilege set */
1447 for (i
= 0; i
< CurrentPrivileges
->PrivilegeCount
; i
++)
1449 for (j
= 0; j
< Privileges
->PrivilegeCount
; j
++)
1451 if (RtlEqualLuid(&(CurrentPrivileges
->Privilege
[i
].Luid
),
1452 &(Privileges
->Privilege
[j
].Luid
)))
1454 if (PrivilegeCount
> 0)
1459 TRACE("New privilege count: %lu\n", PrivilegeCount
);
1461 if (PrivilegeCount
== 0)
1463 /* Delete the Privilgs attribute */
1464 Status
= LsapDeleteObjectAttribute(AccountObject
,
1466 if (Status
== STATUS_OBJECT_NAME_NOT_FOUND
)
1467 Status
= STATUS_SUCCESS
;
1471 /* Calculate the size of the new privilege set and allocate it */
1472 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1473 (PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1474 NewPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1475 if (NewPrivileges
== NULL
)
1477 Status
= STATUS_NO_MEMORY
;
1481 /* Initialize the new privilege set */
1482 NewPrivileges
->PrivilegeCount
= PrivilegeCount
;
1483 NewPrivileges
->Control
= 0;
1485 /* Copy the privileges which are not to be removed */
1486 for (i
= 0, k
= 0; i
< CurrentPrivileges
->PrivilegeCount
; i
++)
1489 for (j
= 0; j
< Privileges
->PrivilegeCount
; j
++)
1491 if (RtlEqualLuid(&(CurrentPrivileges
->Privilege
[i
].Luid
),
1492 &(Privileges
->Privilege
[j
].Luid
)))
1496 if (bFound
== FALSE
)
1498 /* Copy the privilege */
1499 RtlCopyLuidAndAttributesArray(1,
1500 &(CurrentPrivileges
->Privilege
[i
]),
1501 &(NewPrivileges
->Privilege
[k
]));
1506 /* Set the new privilege set */
1507 Status
= LsapSetObjectAttribute(AccountObject
,
1515 if (CurrentPrivileges
!= NULL
)
1516 MIDL_user_free(CurrentPrivileges
);
1518 if (NewPrivileges
!= NULL
)
1519 MIDL_user_free(NewPrivileges
);
1526 NTSTATUS WINAPI
LsarGetQuotasForAccount(
1527 LSAPR_HANDLE AccountHandle
,
1528 PQUOTA_LIMITS QuotaLimits
)
1530 PLSA_DB_OBJECT AccountObject
;
1534 TRACE("(%p %p)\n", AccountHandle
, QuotaLimits
);
1536 /* Validate the account handle */
1537 Status
= LsapValidateDbObject(AccountHandle
,
1541 if (!NT_SUCCESS(Status
))
1543 ERR("Invalid handle (Status %lx)\n", Status
);
1547 /* Get the quota attribute */
1548 Status
= LsapGetObjectAttribute(AccountObject
,
1558 NTSTATUS WINAPI
LsarSetQuotasForAccount(
1559 LSAPR_HANDLE AccountHandle
,
1560 PQUOTA_LIMITS QuotaLimits
)
1562 PLSA_DB_OBJECT AccountObject
;
1563 QUOTA_LIMITS InternalQuotaLimits
;
1567 TRACE("(%p %p)\n", AccountHandle
, QuotaLimits
);
1569 /* Validate the account handle */
1570 Status
= LsapValidateDbObject(AccountHandle
,
1572 ACCOUNT_ADJUST_QUOTAS
,
1574 if (!NT_SUCCESS(Status
))
1576 ERR("Invalid handle (Status %lx)\n", Status
);
1580 /* Get the quota limits attribute */
1581 Size
= sizeof(QUOTA_LIMITS
);
1582 Status
= LsapGetObjectAttribute(AccountObject
,
1584 &InternalQuotaLimits
,
1586 if (!NT_SUCCESS(Status
))
1588 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status
);
1592 /* Update the quota limits */
1593 if (QuotaLimits
->PagedPoolLimit
!= 0)
1594 InternalQuotaLimits
.PagedPoolLimit
= QuotaLimits
->PagedPoolLimit
;
1596 if (QuotaLimits
->NonPagedPoolLimit
!= 0)
1597 InternalQuotaLimits
.NonPagedPoolLimit
= QuotaLimits
->NonPagedPoolLimit
;
1599 if (QuotaLimits
->MinimumWorkingSetSize
!= 0)
1600 InternalQuotaLimits
.MinimumWorkingSetSize
= QuotaLimits
->MinimumWorkingSetSize
;
1602 if (QuotaLimits
->MaximumWorkingSetSize
!= 0)
1603 InternalQuotaLimits
.MaximumWorkingSetSize
= QuotaLimits
->MaximumWorkingSetSize
;
1605 if (QuotaLimits
->PagefileLimit
!= 0)
1606 InternalQuotaLimits
.PagefileLimit
= QuotaLimits
->PagefileLimit
;
1608 /* Set the quota limits attribute */
1609 Status
= LsapSetObjectAttribute(AccountObject
,
1611 &InternalQuotaLimits
,
1612 sizeof(QUOTA_LIMITS
));
1619 NTSTATUS WINAPI
LsarGetSystemAccessAccount(
1620 LSAPR_HANDLE AccountHandle
,
1621 ACCESS_MASK
*SystemAccess
)
1623 PLSA_DB_OBJECT AccountObject
;
1627 /* Validate the account handle */
1628 Status
= LsapValidateDbObject(AccountHandle
,
1632 if (!NT_SUCCESS(Status
))
1634 ERR("Invalid handle (Status %lx)\n", Status
);
1638 /* Get the system access flags */
1639 Status
= LsapGetObjectAttribute(AccountObject
,
1649 NTSTATUS WINAPI
LsarSetSystemAccessAccount(
1650 LSAPR_HANDLE AccountHandle
,
1651 ACCESS_MASK SystemAccess
)
1653 PLSA_DB_OBJECT AccountObject
;
1656 /* Validate the account handle */
1657 Status
= LsapValidateDbObject(AccountHandle
,
1659 ACCOUNT_ADJUST_SYSTEM_ACCESS
,
1661 if (!NT_SUCCESS(Status
))
1663 ERR("Invalid handle (Status %lx)\n", Status
);
1667 /* Set the system access flags */
1668 Status
= LsapSetObjectAttribute(AccountObject
,
1671 sizeof(ACCESS_MASK
));
1678 NTSTATUS WINAPI
LsarOpenTrustedDomain(
1679 LSAPR_HANDLE PolicyHandle
,
1680 PRPC_SID TrustedDomainSid
,
1681 ACCESS_MASK DesiredAccess
,
1682 LSAPR_HANDLE
*TrustedDomainHandle
)
1685 return STATUS_NOT_IMPLEMENTED
;
1690 NTSTATUS WINAPI
LsarQueryInfoTrustedDomain(
1691 LSAPR_HANDLE TrustedDomainHandle
,
1692 TRUSTED_INFORMATION_CLASS InformationClass
,
1693 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1696 return STATUS_NOT_IMPLEMENTED
;
1701 NTSTATUS WINAPI
LsarSetInformationTrustedDomain(
1702 LSAPR_HANDLE TrustedDomainHandle
,
1703 TRUSTED_INFORMATION_CLASS InformationClass
,
1704 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1707 return STATUS_NOT_IMPLEMENTED
;
1712 NTSTATUS WINAPI
LsarOpenSecret(
1713 LSAPR_HANDLE PolicyHandle
,
1714 PRPC_UNICODE_STRING SecretName
,
1715 ACCESS_MASK DesiredAccess
,
1716 LSAPR_HANDLE
*SecretHandle
)
1718 PLSA_DB_OBJECT PolicyObject
;
1719 PLSA_DB_OBJECT SecretObject
= NULL
;
1720 NTSTATUS Status
= STATUS_SUCCESS
;
1722 /* Validate the PolicyHandle */
1723 Status
= LsapValidateDbObject(PolicyHandle
,
1727 if (!NT_SUCCESS(Status
))
1729 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1733 /* Create the secret object */
1734 Status
= LsapOpenDbObject(PolicyObject
,
1739 PolicyObject
->Trusted
,
1741 if (!NT_SUCCESS(Status
))
1743 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status
);
1748 if (!NT_SUCCESS(Status
))
1750 if (SecretObject
!= NULL
)
1751 LsapCloseDbObject(SecretObject
);
1755 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
1763 NTSTATUS WINAPI
LsarSetSecret(
1764 LSAPR_HANDLE SecretHandle
,
1765 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue
,
1766 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue
)
1768 PLSA_DB_OBJECT SecretObject
;
1769 PBYTE CurrentValue
= NULL
;
1770 PBYTE OldValue
= NULL
;
1771 ULONG CurrentValueLength
= 0;
1772 ULONG OldValueLength
= 0;
1776 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle
,
1777 EncryptedCurrentValue
, EncryptedOldValue
);
1779 /* Validate the SecretHandle */
1780 Status
= LsapValidateDbObject(SecretHandle
,
1784 if (!NT_SUCCESS(Status
))
1786 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1790 if (EncryptedCurrentValue
!= NULL
)
1792 /* FIXME: Decrypt the current value */
1793 CurrentValue
= EncryptedCurrentValue
->Buffer
;
1794 CurrentValueLength
= EncryptedCurrentValue
->MaximumLength
;
1797 /* Set the current value */
1798 Status
= LsapSetObjectAttribute(SecretObject
,
1801 CurrentValueLength
);
1802 if (!NT_SUCCESS(Status
))
1804 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1808 /* Get the current time */
1809 Status
= NtQuerySystemTime(&Time
);
1810 if (!NT_SUCCESS(Status
))
1812 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
1816 /* Set the current time */
1817 Status
= LsapSetObjectAttribute(SecretObject
,
1820 sizeof(LARGE_INTEGER
));
1821 if (!NT_SUCCESS(Status
))
1823 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1827 if (EncryptedOldValue
!= NULL
)
1829 /* FIXME: Decrypt the old value */
1830 OldValue
= EncryptedOldValue
->Buffer
;
1831 OldValueLength
= EncryptedOldValue
->MaximumLength
;
1834 /* Set the old value */
1835 Status
= LsapSetObjectAttribute(SecretObject
,
1839 if (!NT_SUCCESS(Status
))
1841 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1845 /* Set the old time */
1846 Status
= LsapSetObjectAttribute(SecretObject
,
1849 sizeof(LARGE_INTEGER
));
1850 if (!NT_SUCCESS(Status
))
1852 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1861 NTSTATUS WINAPI
LsarQuerySecret(
1862 LSAPR_HANDLE SecretHandle
,
1863 PLSAPR_CR_CIPHER_VALUE
*EncryptedCurrentValue
,
1864 PLARGE_INTEGER CurrentValueSetTime
,
1865 PLSAPR_CR_CIPHER_VALUE
*EncryptedOldValue
,
1866 PLARGE_INTEGER OldValueSetTime
)
1868 PLSA_DB_OBJECT SecretObject
;
1869 PLSAPR_CR_CIPHER_VALUE EncCurrentValue
= NULL
;
1870 PLSAPR_CR_CIPHER_VALUE EncOldValue
= NULL
;
1871 PBYTE CurrentValue
= NULL
;
1872 PBYTE OldValue
= NULL
;
1873 ULONG CurrentValueLength
= 0;
1874 ULONG OldValueLength
= 0;
1878 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle
,
1879 EncryptedCurrentValue
, CurrentValueSetTime
,
1880 EncryptedOldValue
, OldValueSetTime
);
1882 /* Validate the SecretHandle */
1883 Status
= LsapValidateDbObject(SecretHandle
,
1887 if (!NT_SUCCESS(Status
))
1889 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1893 if (EncryptedCurrentValue
!= NULL
)
1895 CurrentValueLength
= 0;
1897 /* Get the size of the current value */
1898 Status
= LsapGetObjectAttribute(SecretObject
,
1901 &CurrentValueLength
);
1902 if (!NT_SUCCESS(Status
))
1905 /* Allocate a buffer for the current value */
1906 CurrentValue
= midl_user_allocate(CurrentValueLength
);
1907 if (CurrentValue
== NULL
)
1909 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1913 /* Get the current value */
1914 Status
= LsapGetObjectAttribute(SecretObject
,
1917 &CurrentValueLength
);
1918 if (!NT_SUCCESS(Status
))
1921 /* Allocate a buffer for the encrypted current value */
1922 EncCurrentValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
));
1923 if (EncCurrentValue
== NULL
)
1925 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1929 /* FIXME: Encrypt the current value */
1930 EncCurrentValue
->Length
= (USHORT
)(CurrentValueLength
- sizeof(WCHAR
));
1931 EncCurrentValue
->MaximumLength
= (USHORT
)CurrentValueLength
;
1932 EncCurrentValue
->Buffer
= (PBYTE
)CurrentValue
;
1935 if (CurrentValueSetTime
!= NULL
)
1937 BufferSize
= sizeof(LARGE_INTEGER
);
1939 /* Get the current value time */
1940 Status
= LsapGetObjectAttribute(SecretObject
,
1942 (PBYTE
)CurrentValueSetTime
,
1944 if (!NT_SUCCESS(Status
))
1948 if (EncryptedOldValue
!= NULL
)
1952 /* Get the size of the old value */
1953 Status
= LsapGetObjectAttribute(SecretObject
,
1957 if (!NT_SUCCESS(Status
))
1960 /* Allocate a buffer for the old value */
1961 OldValue
= midl_user_allocate(OldValueLength
);
1962 if (OldValue
== NULL
)
1964 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1968 /* Get the old value */
1969 Status
= LsapGetObjectAttribute(SecretObject
,
1973 if (!NT_SUCCESS(Status
))
1976 /* Allocate a buffer for the encrypted old value */
1977 EncOldValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
) + OldValueLength
);
1978 if (EncOldValue
== NULL
)
1980 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1984 /* FIXME: Encrypt the old value */
1985 EncOldValue
->Length
= (USHORT
)(OldValueLength
- sizeof(WCHAR
));
1986 EncOldValue
->MaximumLength
= (USHORT
)OldValueLength
;
1987 EncOldValue
->Buffer
= (PBYTE
)OldValue
;
1990 if (OldValueSetTime
!= NULL
)
1992 BufferSize
= sizeof(LARGE_INTEGER
);
1994 /* Get the old value time */
1995 Status
= LsapGetObjectAttribute(SecretObject
,
1997 (PBYTE
)OldValueSetTime
,
1999 if (!NT_SUCCESS(Status
))
2005 if (NT_SUCCESS(Status
))
2007 if (EncryptedCurrentValue
!= NULL
)
2008 *EncryptedCurrentValue
= EncCurrentValue
;
2010 if (EncryptedOldValue
!= NULL
)
2011 *EncryptedOldValue
= EncOldValue
;
2015 if (EncryptedCurrentValue
!= NULL
)
2016 *EncryptedCurrentValue
= NULL
;
2018 if (EncryptedOldValue
!= NULL
)
2019 *EncryptedOldValue
= NULL
;
2021 if (EncCurrentValue
!= NULL
)
2022 midl_user_free(EncCurrentValue
);
2024 if (EncOldValue
!= NULL
)
2025 midl_user_free(EncOldValue
);
2027 if (CurrentValue
!= NULL
)
2028 midl_user_free(CurrentValue
);
2030 if (OldValue
!= NULL
)
2031 midl_user_free(OldValue
);
2034 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status
);
2041 NTSTATUS WINAPI
LsarLookupPrivilegeValue(
2042 LSAPR_HANDLE PolicyHandle
,
2043 PRPC_UNICODE_STRING Name
,
2048 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
2049 PolicyHandle
, Name
, Value
);
2051 Status
= LsapValidateDbObject(PolicyHandle
,
2053 POLICY_LOOKUP_NAMES
,
2055 if (!NT_SUCCESS(Status
))
2057 ERR("Invalid handle (Status %lx)\n", Status
);
2061 TRACE("Privilege: %wZ\n", Name
);
2063 Status
= LsarpLookupPrivilegeValue(Name
,
2071 NTSTATUS WINAPI
LsarLookupPrivilegeName(
2072 LSAPR_HANDLE PolicyHandle
,
2074 PRPC_UNICODE_STRING
*Name
)
2078 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
2079 PolicyHandle
, Value
, Name
);
2081 Status
= LsapValidateDbObject(PolicyHandle
,
2083 POLICY_LOOKUP_NAMES
,
2085 if (!NT_SUCCESS(Status
))
2087 ERR("Invalid handle\n");
2091 Status
= LsarpLookupPrivilegeName(Value
,
2099 NTSTATUS WINAPI
LsarLookupPrivilegeDisplayName(
2100 LSAPR_HANDLE PolicyHandle
,
2101 PRPC_UNICODE_STRING Name
,
2102 USHORT ClientLanguage
,
2103 USHORT ClientSystemDefaultLanguage
,
2104 PRPC_UNICODE_STRING
*DisplayName
,
2105 USHORT
*LanguageReturned
)
2108 return STATUS_NOT_IMPLEMENTED
;
2113 NTSTATUS WINAPI
LsarDeleteObject(
2114 LSAPR_HANDLE
*ObjectHandle
)
2116 PLSA_DB_OBJECT DbObject
;
2119 TRACE("(%p)\n", ObjectHandle
);
2121 if (ObjectHandle
== NULL
)
2122 return STATUS_INVALID_PARAMETER
;
2124 /* Validate the ObjectHandle */
2125 Status
= LsapValidateDbObject(*ObjectHandle
,
2129 if (!NT_SUCCESS(Status
))
2131 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
2135 /* You cannot delete the policy object */
2136 if (DbObject
->ObjectType
== LsaDbPolicyObject
)
2137 return STATUS_INVALID_PARAMETER
;
2139 /* Delete the database object */
2140 Status
= LsapDeleteDbObject(DbObject
);
2141 if (!NT_SUCCESS(Status
))
2143 ERR("LsapDeleteDbObject returned 0x%08lx\n", Status
);
2147 /* Invalidate the object handle */
2148 *ObjectHandle
= NULL
;
2150 return STATUS_SUCCESS
;
2155 NTSTATUS WINAPI
LsarEnumerateAccountsWithUserRight(
2156 LSAPR_HANDLE PolicyHandle
,
2157 PRPC_UNICODE_STRING UserRight
,
2158 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
)
2161 return STATUS_NOT_IMPLEMENTED
;
2166 NTSTATUS WINAPI
LsarEnumerateAccountRights(
2167 LSAPR_HANDLE PolicyHandle
,
2168 PRPC_SID AccountSid
,
2169 PLSAPR_USER_RIGHT_SET UserRights
)
2171 LSAPR_HANDLE AccountHandle
;
2172 PLSAPR_PRIVILEGE_SET PrivilegeSet
= NULL
;
2173 PRPC_UNICODE_STRING RightsBuffer
= NULL
;
2174 PRPC_UNICODE_STRING PrivilegeString
;
2175 ACCESS_MASK SystemAccess
;
2176 ULONG RightsCount
= 0;
2181 TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
2182 PolicyHandle
, AccountSid
, UserRights
);
2184 /* Open the account */
2185 Status
= LsarOpenAccount(PolicyHandle
,
2189 if (!NT_SUCCESS(Status
))
2191 ERR("LsarOpenAccount returned 0x%08lx\n", Status
);
2195 /* Enumerate the privileges */
2196 Status
= LsarEnumeratePrivilegesAccount(AccountHandle
,
2198 if (!NT_SUCCESS(Status
))
2200 ERR("LsarEnumeratePrivilegesAccount returned 0x%08lx\n", Status
);
2204 /* Get account rights */
2205 Status
= LsarGetSystemAccessAccount(AccountHandle
,
2207 if (!NT_SUCCESS(Status
))
2209 ERR("LsarGetSystemAccessAccount returned 0x%08lx\n", Status
);
2213 RightsCount
= PrivilegeSet
->PrivilegeCount
;
2215 /* Count account rights */
2216 for (i
= 0; i
< sizeof(ACCESS_MASK
) * 8; i
++)
2218 if (SystemAccess
& (1 << i
))
2222 /* We are done if there are no rights to be enumerated */
2223 if (RightsCount
== 0)
2225 UserRights
->Entries
= 0;
2226 UserRights
->UserRights
= NULL
;
2227 Status
= STATUS_SUCCESS
;
2231 /* Allocate a buffer for the account rights */
2232 RightsBuffer
= MIDL_user_allocate(RightsCount
* sizeof(RPC_UNICODE_STRING
));
2233 if (RightsBuffer
== NULL
)
2235 Status
= STATUS_INSUFFICIENT_RESOURCES
;
2239 /* Copy the privileges into the buffer */
2241 for (i
= 0; i
< PrivilegeSet
->PrivilegeCount
; i
++)
2243 PrivilegeString
= NULL
;
2244 Status
= LsarLookupPrivilegeName(PolicyHandle
,
2245 (PLUID
)&PrivilegeSet
->Privilege
[i
].Luid
,
2247 if (!NT_SUCCESS(Status
))
2250 RightsBuffer
[i
].Length
= PrivilegeString
->Length
;
2251 RightsBuffer
[i
].MaximumLength
= PrivilegeString
->MaximumLength
;
2252 RightsBuffer
[i
].Buffer
= PrivilegeString
->Buffer
;
2254 MIDL_user_free(PrivilegeString
);
2258 /* Copy account rights into the buffer */
2259 for (i
= 0; i
< sizeof(ACCESS_MASK
) * 8; i
++)
2261 if (SystemAccess
& (1 << i
))
2263 Status
= LsapLookupAccountRightName(1 << i
,
2265 if (!NT_SUCCESS(Status
))
2268 RightsBuffer
[i
].Length
= PrivilegeString
->Length
;
2269 RightsBuffer
[i
].MaximumLength
= PrivilegeString
->MaximumLength
;
2270 RightsBuffer
[i
].Buffer
= PrivilegeString
->Buffer
;
2272 MIDL_user_free(PrivilegeString
);
2277 UserRights
->Entries
= RightsCount
;
2278 UserRights
->UserRights
= (PRPC_UNICODE_STRING
)RightsBuffer
;
2281 if (!NT_SUCCESS(Status
))
2283 if (RightsBuffer
!= NULL
)
2285 for (RightsIndex
= 0; RightsIndex
< RightsCount
; RightsIndex
++)
2287 if (RightsBuffer
[RightsIndex
].Buffer
!= NULL
)
2288 MIDL_user_free(RightsBuffer
[RightsIndex
].Buffer
);
2291 MIDL_user_free(RightsBuffer
);
2295 if (PrivilegeSet
!= NULL
)
2296 MIDL_user_free(PrivilegeSet
);
2298 LsarClose(&AccountHandle
);
2305 NTSTATUS WINAPI
LsarAddAccountRights(
2306 LSAPR_HANDLE PolicyHandle
,
2307 PRPC_SID AccountSid
,
2308 PLSAPR_USER_RIGHT_SET UserRights
)
2311 return STATUS_NOT_IMPLEMENTED
;
2316 NTSTATUS WINAPI
LsarRemoveAccountRights(
2317 LSAPR_HANDLE PolicyHandle
,
2318 PRPC_SID AccountSid
,
2320 PLSAPR_USER_RIGHT_SET UserRights
)
2323 return STATUS_NOT_IMPLEMENTED
;
2328 NTSTATUS WINAPI
LsarQueryTrustedDomainInfo(
2329 LSAPR_HANDLE PolicyHandle
,
2330 PRPC_SID TrustedDomainSid
,
2331 TRUSTED_INFORMATION_CLASS InformationClass
,
2332 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
2335 return STATUS_NOT_IMPLEMENTED
;
2340 NTSTATUS WINAPI
LsarSetTrustedDomainInfo(
2341 LSAPR_HANDLE PolicyHandle
,
2342 PRPC_SID TrustedDomainSid
,
2343 TRUSTED_INFORMATION_CLASS InformationClass
,
2344 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
2347 return STATUS_NOT_IMPLEMENTED
;
2352 NTSTATUS WINAPI
LsarDeleteTrustedDomain(
2353 LSAPR_HANDLE PolicyHandle
,
2354 PRPC_SID TrustedDomainSid
)
2357 return STATUS_NOT_IMPLEMENTED
;
2362 NTSTATUS WINAPI
LsarStorePrivateData(
2363 LSAPR_HANDLE PolicyHandle
,
2364 PRPC_UNICODE_STRING KeyName
,
2365 PLSAPR_CR_CIPHER_VALUE EncryptedData
)
2368 return STATUS_NOT_IMPLEMENTED
;
2373 NTSTATUS WINAPI
LsarRetrievePrivateData(
2374 LSAPR_HANDLE PolicyHandle
,
2375 PRPC_UNICODE_STRING KeyName
,
2376 PLSAPR_CR_CIPHER_VALUE
*EncryptedData
)
2379 return STATUS_NOT_IMPLEMENTED
;
2384 NTSTATUS WINAPI
LsarOpenPolicy2(
2386 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
2387 ACCESS_MASK DesiredAccess
,
2388 LSAPR_HANDLE
*PolicyHandle
)
2390 return LsarOpenPolicy(SystemName
,
2398 NTSTATUS WINAPI
LsarGetUserName(
2400 PRPC_UNICODE_STRING
*UserName
,
2401 PRPC_UNICODE_STRING
*DomainName
)
2404 return STATUS_NOT_IMPLEMENTED
;
2409 NTSTATUS WINAPI
LsarQueryInformationPolicy2(
2410 LSAPR_HANDLE PolicyHandle
,
2411 POLICY_INFORMATION_CLASS InformationClass
,
2412 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
2414 return LsarQueryInformationPolicy(PolicyHandle
,
2421 NTSTATUS WINAPI
LsarSetInformationPolicy2(
2422 LSAPR_HANDLE PolicyHandle
,
2423 POLICY_INFORMATION_CLASS InformationClass
,
2424 PLSAPR_POLICY_INFORMATION PolicyInformation
)
2426 return LsarSetInformationPolicy(PolicyHandle
,
2433 NTSTATUS WINAPI
LsarQueryTrustedDomainInfoByName(
2434 LSAPR_HANDLE PolicyHandle
,
2435 PRPC_UNICODE_STRING TrustedDomainName
,
2436 POLICY_INFORMATION_CLASS InformationClass
,
2437 PLSAPR_TRUSTED_DOMAIN_INFO
*PolicyInformation
)
2440 return STATUS_NOT_IMPLEMENTED
;
2445 NTSTATUS WINAPI
LsarSetTrustedDomainInfoByName(
2446 LSAPR_HANDLE PolicyHandle
,
2447 PRPC_UNICODE_STRING TrustedDomainName
,
2448 POLICY_INFORMATION_CLASS InformationClass
,
2449 PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation
)
2452 return STATUS_NOT_IMPLEMENTED
;
2457 NTSTATUS WINAPI
LsarEnumerateTrustedDomainsEx(
2458 LSAPR_HANDLE PolicyHandle
,
2459 DWORD
*EnumerationContext
,
2460 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer
,
2461 DWORD PreferedMaximumLength
)
2464 return STATUS_NOT_IMPLEMENTED
;
2469 NTSTATUS WINAPI
LsarCreateTrustedDomainEx(
2470 LSAPR_HANDLE PolicyHandle
,
2471 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
2472 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation
,
2473 ACCESS_MASK DesiredAccess
,
2474 LSAPR_HANDLE
*TrustedDomainHandle
)
2477 return STATUS_NOT_IMPLEMENTED
;
2482 NTSTATUS WINAPI
LsarSetPolicyReplicationHandle(
2483 PLSAPR_HANDLE PolicyHandle
)
2486 return STATUS_NOT_IMPLEMENTED
;
2491 NTSTATUS WINAPI
LsarQueryDomainInformationPolicy(
2492 LSAPR_HANDLE PolicyHandle
,
2493 POLICY_INFORMATION_CLASS InformationClass
,
2494 PLSAPR_POLICY_DOMAIN_INFORMATION
*PolicyInformation
)
2497 return STATUS_NOT_IMPLEMENTED
;
2502 NTSTATUS WINAPI
LsarSetDomainInformationPolicy(
2503 LSAPR_HANDLE PolicyHandle
,
2504 POLICY_INFORMATION_CLASS InformationClass
,
2505 PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation
)
2508 return STATUS_NOT_IMPLEMENTED
;
2513 NTSTATUS WINAPI
LsarOpenTrustedDomainByName(
2514 LSAPR_HANDLE PolicyHandle
,
2515 PRPC_UNICODE_STRING TrustedDomainName
,
2516 ACCESS_MASK DesiredAccess
,
2517 LSAPR_HANDLE
*TrustedDomainHandle
)
2520 return STATUS_NOT_IMPLEMENTED
;
2525 NTSTATUS WINAPI
LsarTestCall(
2529 return STATUS_NOT_IMPLEMENTED
;
2534 NTSTATUS WINAPI
LsarLookupSids2(
2535 LSAPR_HANDLE PolicyHandle
,
2536 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2537 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2538 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2539 LSAP_LOOKUP_LEVEL LookupLevel
,
2541 DWORD LookupOptions
,
2542 DWORD ClientRevision
)
2546 TRACE("(%p %p %p %p %d %p %lu %lu)\n",
2547 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
2548 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2550 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
2551 TranslatedNames
->Names
= NULL
;
2552 *ReferencedDomains
= NULL
;
2554 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
2556 Status
= LsapLookupSids(SidEnumBuffer
,
2569 NTSTATUS WINAPI
LsarLookupNames2(
2570 LSAPR_HANDLE PolicyHandle
,
2572 PRPC_UNICODE_STRING Names
,
2573 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2574 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids
,
2575 LSAP_LOOKUP_LEVEL LookupLevel
,
2577 DWORD LookupOptions
,
2578 DWORD ClientRevision
)
2580 LSAPR_TRANSLATED_SIDS_EX2 TranslatedSidsEx2
;
2584 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2585 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2586 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2588 TranslatedSids
->Entries
= 0;
2589 TranslatedSids
->Sids
= NULL
;
2590 *ReferencedDomains
= NULL
;
2593 return STATUS_NONE_MAPPED
;
2595 TranslatedSidsEx2
.Entries
= 0;
2596 TranslatedSidsEx2
.Sids
= NULL
;
2598 Status
= LsapLookupNames(Count
,
2606 if (!NT_SUCCESS(Status
))
2609 TranslatedSids
->Entries
= TranslatedSidsEx2
.Entries
;
2610 TranslatedSids
->Sids
= MIDL_user_allocate(TranslatedSids
->Entries
* sizeof(LSA_TRANSLATED_SID
));
2611 if (TranslatedSids
->Sids
== NULL
)
2613 MIDL_user_free(TranslatedSidsEx2
.Sids
);
2614 MIDL_user_free(*ReferencedDomains
);
2615 *ReferencedDomains
= NULL
;
2616 return STATUS_INSUFFICIENT_RESOURCES
;
2619 for (i
= 0; i
< TranslatedSidsEx2
.Entries
; i
++)
2621 TranslatedSids
->Sids
[i
].Use
= TranslatedSidsEx2
.Sids
[i
].Use
;
2622 TranslatedSids
->Sids
[i
].RelativeId
= LsapGetRelativeIdFromSid(TranslatedSidsEx2
.Sids
[i
].Sid
);
2623 TranslatedSids
->Sids
[i
].DomainIndex
= TranslatedSidsEx2
.Sids
[i
].DomainIndex
;
2624 TranslatedSids
->Sids
[i
].Flags
= TranslatedSidsEx2
.Sids
[i
].Flags
;
2627 MIDL_user_free(TranslatedSidsEx2
.Sids
);
2629 return STATUS_SUCCESS
;
2634 NTSTATUS WINAPI
LsarCreateTrustedDomainEx2(
2635 LSAPR_HANDLE PolicyHandle
,
2636 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
2637 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation
,
2638 ACCESS_MASK DesiredAccess
,
2639 LSAPR_HANDLE
*TrustedDomainHandle
)
2642 return STATUS_NOT_IMPLEMENTED
;
2647 NTSTATUS WINAPI
CredrWrite(
2651 return STATUS_NOT_IMPLEMENTED
;
2656 NTSTATUS WINAPI
CredrRead(
2660 return STATUS_NOT_IMPLEMENTED
;
2665 NTSTATUS WINAPI
CredrEnumerate(
2669 return STATUS_NOT_IMPLEMENTED
;
2674 NTSTATUS WINAPI
CredrWriteDomainCredentials(
2678 return STATUS_NOT_IMPLEMENTED
;
2683 NTSTATUS WINAPI
CredrReadDomainCredentials(
2687 return STATUS_NOT_IMPLEMENTED
;
2692 NTSTATUS WINAPI
CredrDelete(
2696 return STATUS_NOT_IMPLEMENTED
;
2701 NTSTATUS WINAPI
CredrGetTargetInfo(
2705 return STATUS_NOT_IMPLEMENTED
;
2710 NTSTATUS WINAPI
CredrProfileLoaded(
2714 return STATUS_NOT_IMPLEMENTED
;
2719 NTSTATUS WINAPI
LsarLookupNames3(
2720 LSAPR_HANDLE PolicyHandle
,
2722 PRPC_UNICODE_STRING Names
,
2723 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2724 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2725 LSAP_LOOKUP_LEVEL LookupLevel
,
2727 DWORD LookupOptions
,
2728 DWORD ClientRevision
)
2732 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2733 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2734 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2736 TranslatedSids
->Entries
= 0;
2737 TranslatedSids
->Sids
= NULL
;
2738 *ReferencedDomains
= NULL
;
2741 return STATUS_NONE_MAPPED
;
2743 Status
= LsapLookupNames(Count
,
2757 NTSTATUS WINAPI
CredrGetSessionTypes(
2761 return STATUS_NOT_IMPLEMENTED
;
2766 NTSTATUS WINAPI
LsarRegisterAuditEvent(
2770 return STATUS_NOT_IMPLEMENTED
;
2775 NTSTATUS WINAPI
LsarGenAuditEvent(
2779 return STATUS_NOT_IMPLEMENTED
;
2784 NTSTATUS WINAPI
LsarUnregisterAuditEvent(
2788 return STATUS_NOT_IMPLEMENTED
;
2793 NTSTATUS WINAPI
LsarQueryForestTrustInformation(
2794 LSAPR_HANDLE PolicyHandle
,
2795 PLSA_UNICODE_STRING TrustedDomainName
,
2796 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2797 PLSA_FOREST_TRUST_INFORMATION
*ForestTrustInfo
)
2800 return STATUS_NOT_IMPLEMENTED
;
2805 NTSTATUS WINAPI
LsarSetForestTrustInformation(
2806 LSAPR_HANDLE PolicyHandle
,
2807 PLSA_UNICODE_STRING TrustedDomainName
,
2808 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2809 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo
,
2811 PLSA_FOREST_TRUST_COLLISION_INFORMATION
*CollisionInfo
)
2814 return STATUS_NOT_IMPLEMENTED
;
2819 NTSTATUS WINAPI
CredrRename(
2823 return STATUS_NOT_IMPLEMENTED
;
2828 NTSTATUS WINAPI
LsarLookupSids3(
2829 LSAPR_HANDLE PolicyHandle
,
2830 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2831 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2832 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2833 LSAP_LOOKUP_LEVEL LookupLevel
,
2835 DWORD LookupOptions
,
2836 DWORD ClientRevision
)
2840 TRACE("(%p %p %p %p %d %p %lu %lu)\n",
2841 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
2842 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2844 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
2845 TranslatedNames
->Names
= NULL
;
2846 *ReferencedDomains
= NULL
;
2848 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
2850 Status
= LsapLookupSids(SidEnumBuffer
,
2863 NTSTATUS WINAPI
LsarLookupNames4(
2866 PRPC_UNICODE_STRING Names
,
2867 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2868 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2869 LSAP_LOOKUP_LEVEL LookupLevel
,
2871 DWORD LookupOptions
,
2872 DWORD ClientRevision
)
2876 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2877 RpcHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2878 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2880 TranslatedSids
->Entries
= 0;
2881 TranslatedSids
->Sids
= NULL
;
2882 *ReferencedDomains
= NULL
;
2885 return STATUS_NONE_MAPPED
;
2887 Status
= LsapLookupNames(Count
,
2901 NTSTATUS WINAPI
LsarOpenPolicySce(
2905 return STATUS_NOT_IMPLEMENTED
;
2910 NTSTATUS WINAPI
LsarAdtRegisterSecurityEventSource(
2914 return STATUS_NOT_IMPLEMENTED
;
2919 NTSTATUS WINAPI
LsarAdtUnregisterSecurityEventSource(
2923 return STATUS_NOT_IMPLEMENTED
;
2928 NTSTATUS WINAPI
LsarAdtReportSecurityEvent(
2932 return STATUS_NOT_IMPLEMENTED
;