projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Create this branch to work on loading of different Kernel-Debugger DLL providers...
[reactos.git] / dll / win32 / lsasrv / lsarpc.c
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
6 *
7 * PROGRAMMERS: Eric Kohl
8 */
9
10 /* INCLUDES ****************************************************************/
11
12 #include "lsasrv.h"
13
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
15
16
17 /* GLOBALS *****************************************************************/
18
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock;
20
21
22 /* FUNCTIONS ***************************************************************/
23
24 VOID
25 LsarStartRpcServer(VOID)
26 {
27 RPC_STATUS Status;
28
29 RtlInitializeCriticalSection(&PolicyHandleTableLock);
30
31 TRACE("LsarStartRpcServer() called\n");
32
33 Status = RpcServerUseProtseqEpW(L"ncacn_np",
34 10,
35 L"\\pipe\\lsarpc",
36 NULL);
37 if (Status != RPC_S_OK)
38 {
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status);
40 return;
41 }
42
43 Status = RpcServerRegisterIf(lsarpc_v0_0_s_ifspec,
44 NULL,
45 NULL);
46 if (Status != RPC_S_OK)
47 {
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status);
49 return;
50 }
51
52 Status = RpcServerListen(1, 20, TRUE);
53 if (Status != RPC_S_OK)
54 {
55 WARN("RpcServerListen() failed (Status %lx)\n", Status);
56 return;
57 }
58
59 TRACE("LsarStartRpcServer() done\n");
60 }
61
62
63 void __RPC_USER LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle)
64 {
65
66 }
67
68
69 /* Function 0 */
70 NTSTATUS WINAPI LsarClose(
71 LSAPR_HANDLE *ObjectHandle)
72 {
73 PLSA_DB_OBJECT DbObject;
74 NTSTATUS Status = STATUS_SUCCESS;
75
76 TRACE("0x%p\n", ObjectHandle);
77
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
79
80 Status = LsapValidateDbObject(*ObjectHandle,
81 LsaDbIgnoreObject,
82 0,
83 &DbObject);
84 if (Status == STATUS_SUCCESS)
85 {
86 Status = LsapCloseDbObject(DbObject);
87 *ObjectHandle = NULL;
88 }
89
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
91
92 return Status;
93 }
94
95
96 /* Function 1 */
97 NTSTATUS WINAPI LsarDelete(
98 LSAPR_HANDLE ObjectHandle)
99 {
100 return LsarDeleteObject(&ObjectHandle);
101 }
102
103
104 /* Function 2 */
105 NTSTATUS WINAPI LsarEnumeratePrivileges(
106 LSAPR_HANDLE PolicyHandle,
107 DWORD *EnumerationContext,
108 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer,
109 DWORD PreferedMaximumLength)
110 {
111 PLSA_DB_OBJECT PolicyObject;
112 NTSTATUS Status;
113
114 TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
115 PolicyHandle, EnumerationContext, EnumerationBuffer,
116 PreferedMaximumLength);
117
118 Status = LsapValidateDbObject(PolicyHandle,
119 LsaDbPolicyObject,
120 POLICY_VIEW_LOCAL_INFORMATION,
121 &PolicyObject);
122 if (!NT_SUCCESS(Status))
123 return Status;
124
125 if (EnumerationContext == NULL)
126 return STATUS_INVALID_PARAMETER;
127
128 return LsarpEnumeratePrivileges(EnumerationContext,
129 EnumerationBuffer,
130 PreferedMaximumLength);
131 }
132
133
134 /* Function 3 */
135 NTSTATUS WINAPI LsarQuerySecurityObject(
136 LSAPR_HANDLE ObjectHandle,
137 SECURITY_INFORMATION SecurityInformation,
138 PLSAPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor)
139 {
140 PLSA_DB_OBJECT DbObject = NULL;
141 PSECURITY_DESCRIPTOR RelativeSd = NULL;
142 PLSAPR_SR_SECURITY_DESCRIPTOR SdData = NULL;
143 ACCESS_MASK DesiredAccess = 0;
144 ULONG RelativeSdSize = 0;
145 NTSTATUS Status;
146
147 if (SecurityDescriptor == NULL)
148 return STATUS_INVALID_PARAMETER;
149
150 if ((SecurityInformation & OWNER_SECURITY_INFORMATION) ||
151 (SecurityInformation & GROUP_SECURITY_INFORMATION) ||
152 (SecurityInformation & DACL_SECURITY_INFORMATION))
153 DesiredAccess |= READ_CONTROL;
154
155 if (SecurityInformation & SACL_SECURITY_INFORMATION)
156 DesiredAccess |= ACCESS_SYSTEM_SECURITY;
157
158 /* Validate the ObjectHandle */
159 Status = LsapValidateDbObject(ObjectHandle,
160 LsaDbIgnoreObject,
161 DesiredAccess,
162 &DbObject);
163 if (!NT_SUCCESS(Status))
164 return Status;
165
166 /* Get the size of the SD */
167 Status = LsapGetObjectAttribute(DbObject,
168 L"SecDesc",
169 NULL,
170 &RelativeSdSize);
171 if (!NT_SUCCESS(Status))
172 return Status;
173
174 /* Allocate a buffer for the SD */
175 RelativeSd = MIDL_user_allocate(RelativeSdSize);
176 if (RelativeSd == NULL)
177 return STATUS_INSUFFICIENT_RESOURCES;
178
179 /* Get the SD */
180 Status = LsapGetObjectAttribute(DbObject,
181 L"SecDesc",
182 RelativeSd,
183 &RelativeSdSize);
184 if (!NT_SUCCESS(Status))
185 goto done;
186
187 /*
188 * FIXME: Invalidate the SD information that was not requested.
189 * (see SecurityInformation)
190 */
191
192 /* Allocate the SD data buffer */
193 SdData = MIDL_user_allocate(sizeof(LSAPR_SR_SECURITY_DESCRIPTOR));
194 if (SdData == NULL)
195 {
196 Status = STATUS_INSUFFICIENT_RESOURCES;
197 goto done;
198 }
199
200 /* Fill the SD data buffer and return it to the caller */
201 SdData->Length = RelativeSdSize;
202 SdData->SecurityDescriptor = (PBYTE)RelativeSd;
203
204 *SecurityDescriptor = SdData;
205
206 done:
207 if (!NT_SUCCESS(Status))
208 {
209 if (RelativeSd != NULL)
210 MIDL_user_free(RelativeSd);
211 }
212
213 return Status;
214 }
215
216
217 /* Function 4 */
218 NTSTATUS WINAPI LsarSetSecurityObject(
219 LSAPR_HANDLE ObjectHandle,
220 SECURITY_INFORMATION SecurityInformation,
221 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor)
222 {
223 UNIMPLEMENTED;
224 return STATUS_NOT_IMPLEMENTED;
225 }
226
227
228 /* Function 5 */
229 NTSTATUS WINAPI LsarChangePassword(
230 handle_t IDL_handle,
231 PRPC_UNICODE_STRING String1,
232 PRPC_UNICODE_STRING String2,
233 PRPC_UNICODE_STRING String3,
234 PRPC_UNICODE_STRING String4,
235 PRPC_UNICODE_STRING String5)
236 {
237 /* Deprecated */
238 return STATUS_NOT_IMPLEMENTED;
239 }
240
241
242 /* Function 6 */
243 NTSTATUS WINAPI LsarOpenPolicy(
244 LPWSTR SystemName,
245 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
246 ACCESS_MASK DesiredAccess,
247 LSAPR_HANDLE *PolicyHandle)
248 {
249 PLSA_DB_OBJECT PolicyObject;
250 NTSTATUS Status;
251
252 TRACE("LsarOpenPolicy called!\n");
253
254 RtlEnterCriticalSection(&PolicyHandleTableLock);
255
256 Status = LsapOpenDbObject(NULL,
257 NULL,
258 L"Policy",
259 LsaDbPolicyObject,
260 DesiredAccess,
261 FALSE,
262 &PolicyObject);
263
264 RtlLeaveCriticalSection(&PolicyHandleTableLock);
265
266 if (NT_SUCCESS(Status))
267 *PolicyHandle = (LSAPR_HANDLE)PolicyObject;
268
269 TRACE("LsarOpenPolicy done!\n");
270
271 return Status;
272 }
273
274
275 /* Function 7 */
276 NTSTATUS WINAPI LsarQueryInformationPolicy(
277 LSAPR_HANDLE PolicyHandle,
278 POLICY_INFORMATION_CLASS InformationClass,
279 PLSAPR_POLICY_INFORMATION *PolicyInformation)
280 {
281 PLSA_DB_OBJECT PolicyObject;
282 ACCESS_MASK DesiredAccess = 0;
283 NTSTATUS Status;
284
285 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
286 PolicyHandle, InformationClass, PolicyInformation);
287
288 if (PolicyInformation)
289 {
290 TRACE("*PolicyInformation %p\n", *PolicyInformation);
291 }
292
293 switch (InformationClass)
294 {
295 case PolicyAuditLogInformation:
296 case PolicyAuditEventsInformation:
297 case PolicyAuditFullQueryInformation:
298 DesiredAccess = POLICY_VIEW_AUDIT_INFORMATION;
299 break;
300
301 case PolicyPrimaryDomainInformation:
302 case PolicyAccountDomainInformation:
303 case PolicyLsaServerRoleInformation:
304 case PolicyReplicaSourceInformation:
305 case PolicyDefaultQuotaInformation:
306 case PolicyModificationInformation:
307 case PolicyDnsDomainInformation:
308 case PolicyDnsDomainInformationInt:
309 case PolicyLocalAccountDomainInformation:
310 DesiredAccess = POLICY_VIEW_LOCAL_INFORMATION;
311 break;
312
313 case PolicyPdAccountInformation:
314 DesiredAccess = POLICY_GET_PRIVATE_INFORMATION;
315 break;
316
317 default:
318 ERR("Invalid InformationClass!\n");
319 return STATUS_INVALID_PARAMETER;
320 }
321
322 Status = LsapValidateDbObject(PolicyHandle,
323 LsaDbPolicyObject,
324 DesiredAccess,
325 &PolicyObject);
326 if (!NT_SUCCESS(Status))
327 return Status;
328
329 switch (InformationClass)
330 {
331 case PolicyAuditLogInformation: /* 1 */
332 Status = LsarQueryAuditLog(PolicyObject,
333 PolicyInformation);
334 break;
335
336 case PolicyAuditEventsInformation: /* 2 */
337 Status = LsarQueryAuditEvents(PolicyObject,
338 PolicyInformation);
339 break;
340
341 case PolicyPrimaryDomainInformation: /* 3 */
342 Status = LsarQueryPrimaryDomain(PolicyObject,
343 PolicyInformation);
344 break;
345
346 case PolicyPdAccountInformation: /* 4 */
347 Status = LsarQueryPdAccount(PolicyObject,
348 PolicyInformation);
349 break;
350
351 case PolicyAccountDomainInformation: /* 5 */
352 Status = LsarQueryAccountDomain(PolicyObject,
353 PolicyInformation);
354 break;
355
356 case PolicyLsaServerRoleInformation: /* 6 */
357 Status = LsarQueryServerRole(PolicyObject,
358 PolicyInformation);
359 break;
360
361 case PolicyReplicaSourceInformation: /* 7 */
362 Status = LsarQueryReplicaSource(PolicyObject,
363 PolicyInformation);
364 break;
365
366 case PolicyDefaultQuotaInformation: /* 8 */
367 Status = LsarQueryDefaultQuota(PolicyObject,
368 PolicyInformation);
369 break;
370
371 case PolicyModificationInformation: /* 9 */
372 Status = LsarQueryModification(PolicyObject,
373 PolicyInformation);
374 break;
375
376 case PolicyAuditFullQueryInformation: /* 11 (0xB) */
377 Status = LsarQueryAuditFull(PolicyObject,
378 PolicyInformation);
379 break;
380
381 case PolicyDnsDomainInformation: /* 12 (0xC) */
382 Status = LsarQueryDnsDomain(PolicyObject,
383 PolicyInformation);
384 break;
385
386 case PolicyDnsDomainInformationInt: /* 13 (0xD) */
387 Status = LsarQueryDnsDomainInt(PolicyObject,
388 PolicyInformation);
389 break;
390
391 case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
392 Status = LsarQueryLocalAccountDomain(PolicyObject,
393 PolicyInformation);
394 break;
395
396 default:
397 ERR("Invalid InformationClass!\n");
398 Status = STATUS_INVALID_PARAMETER;
399 }
400
401 return Status;
402 }
403
404
405 /* Function 8 */
406 NTSTATUS WINAPI LsarSetInformationPolicy(
407 LSAPR_HANDLE PolicyHandle,
408 POLICY_INFORMATION_CLASS InformationClass,
409 PLSAPR_POLICY_INFORMATION PolicyInformation)
410 {
411 PLSA_DB_OBJECT PolicyObject;
412 ACCESS_MASK DesiredAccess = 0;
413 NTSTATUS Status;
414
415 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
416 PolicyHandle, InformationClass, PolicyInformation);
417
418 if (PolicyInformation)
419 {
420 TRACE("*PolicyInformation %p\n", *PolicyInformation);
421 }
422
423 switch (InformationClass)
424 {
425 case PolicyAuditLogInformation:
426 case PolicyAuditFullSetInformation:
427 DesiredAccess = POLICY_AUDIT_LOG_ADMIN;
428 break;
429
430 case PolicyAuditEventsInformation:
431 DesiredAccess = POLICY_SET_AUDIT_REQUIREMENTS;
432 break;
433
434 case PolicyPrimaryDomainInformation:
435 case PolicyAccountDomainInformation:
436 case PolicyDnsDomainInformation:
437 case PolicyDnsDomainInformationInt:
438 case PolicyLocalAccountDomainInformation:
439 DesiredAccess = POLICY_TRUST_ADMIN;
440 break;
441
442 case PolicyLsaServerRoleInformation:
443 case PolicyReplicaSourceInformation:
444 DesiredAccess = POLICY_SERVER_ADMIN;
445 break;
446
447 case PolicyDefaultQuotaInformation:
448 DesiredAccess = POLICY_SET_DEFAULT_QUOTA_LIMITS;
449 break;
450
451 default:
452 ERR("Invalid InformationClass!\n");
453 return STATUS_INVALID_PARAMETER;
454 }
455
456 Status = LsapValidateDbObject(PolicyHandle,
457 LsaDbPolicyObject,
458 DesiredAccess,
459 &PolicyObject);
460 if (!NT_SUCCESS(Status))
461 return Status;
462
463 switch (InformationClass)
464 {
465 case PolicyAuditLogInformation: /* 1 */
466 Status = LsarSetAuditLog(PolicyObject,
467 (PPOLICY_AUDIT_LOG_INFO)PolicyInformation);
468 break;
469
470 case PolicyAuditEventsInformation: /* 2 */
471 Status = LsarSetAuditEvents(PolicyObject,
472 (PLSAPR_POLICY_AUDIT_EVENTS_INFO)PolicyInformation);
473 break;
474
475 case PolicyPrimaryDomainInformation: /* 3 */
476 Status = LsarSetPrimaryDomain(PolicyObject,
477 (PLSAPR_POLICY_PRIMARY_DOM_INFO)PolicyInformation);
478 break;
479
480 case PolicyAccountDomainInformation: /* 5 */
481 Status = LsarSetAccountDomain(PolicyObject,
482 (PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
483 break;
484
485 case PolicyLsaServerRoleInformation: /* 6 */
486 Status = LsarSetServerRole(PolicyObject,
487 (PPOLICY_LSA_SERVER_ROLE_INFO)PolicyInformation);
488 break;
489
490 case PolicyReplicaSourceInformation: /* 7 */
491 Status = LsarSetReplicaSource(PolicyObject,
492 (PPOLICY_LSA_REPLICA_SRCE_INFO)PolicyInformation);
493 break;
494
495 case PolicyDefaultQuotaInformation: /* 8 */
496 Status = LsarSetDefaultQuota(PolicyObject,
497 (PPOLICY_DEFAULT_QUOTA_INFO)PolicyInformation);
498 break;
499
500 case PolicyModificationInformation: /* 9 */
501 Status = LsarSetModification(PolicyObject,
502 (PPOLICY_MODIFICATION_INFO)PolicyInformation);
503 break;
504
505 case PolicyAuditFullSetInformation: /* 10 (0xA) */
506 Status = LsarSetAuditFull(PolicyObject,
507 (PPOLICY_AUDIT_FULL_QUERY_INFO)PolicyInformation);
508 break;
509
510 case PolicyDnsDomainInformation: /* 12 (0xC) */
511 Status = LsarSetDnsDomain(PolicyObject,
512 (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
513 break;
514
515 case PolicyDnsDomainInformationInt: /* 13 (0xD) */
516 Status = LsarSetDnsDomainInt(PolicyObject,
517 (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
518 break;
519
520 case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
521 Status = LsarSetLocalAccountDomain(PolicyObject,
522 (PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
523 break;
524
525 default:
526 Status = STATUS_INVALID_PARAMETER;
527 break;
528 }
529
530 return Status;
531 }
532
533
534 /* Function 9 */
535 NTSTATUS WINAPI LsarClearAuditLog(
536 LSAPR_HANDLE ObjectHandle)
537 {
538 /* Deprecated */
539 return STATUS_NOT_IMPLEMENTED;
540 }
541
542
543 /* Function 10 */
544 NTSTATUS WINAPI LsarCreateAccount(
545 LSAPR_HANDLE PolicyHandle,
546 PRPC_SID AccountSid,
547 ACCESS_MASK DesiredAccess,
548 LSAPR_HANDLE *AccountHandle)
549 {
550 PLSA_DB_OBJECT PolicyObject;
551 PLSA_DB_OBJECT AccountObject = NULL;
552 LPWSTR SidString = NULL;
553 PSECURITY_DESCRIPTOR AccountSd = NULL;
554 ULONG AccountSdSize;
555 NTSTATUS Status = STATUS_SUCCESS;
556
557 /* Validate the AccountSid */
558 if (!RtlValidSid(AccountSid))
559 return STATUS_INVALID_PARAMETER;
560
561 /* Validate the PolicyHandle */
562 Status = LsapValidateDbObject(PolicyHandle,
563 LsaDbPolicyObject,
564 POLICY_CREATE_ACCOUNT,
565 &PolicyObject);
566 if (!NT_SUCCESS(Status))
567 {
568 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
569 return Status;
570 }
571
572 /* Create SID string */
573 if (!ConvertSidToStringSid((PSID)AccountSid,
574 &SidString))
575 {
576 ERR("ConvertSidToStringSid failed\n");
577 Status = STATUS_INVALID_PARAMETER;
578 goto done;
579 }
580
581 /* Create a security descriptor for the account */
582 Status = LsapCreateAccountSd(&AccountSd,
583 &AccountSdSize);
584 if (!NT_SUCCESS(Status))
585 {
586 ERR("LsapCreateAccountSd returned 0x%08lx\n", Status);
587 return Status;
588 }
589
590 /* Create the Account object */
591 Status = LsapCreateDbObject(PolicyObject,
592 L"Accounts",
593 SidString,
594 LsaDbAccountObject,
595 DesiredAccess,
596 PolicyObject->Trusted,
597 &AccountObject);
598 if (!NT_SUCCESS(Status))
599 {
600 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
601 goto done;
602 }
603
604 /* Set the Sid attribute */
605 Status = LsapSetObjectAttribute(AccountObject,
606 L"Sid",
607 (PVOID)AccountSid,
608 GetLengthSid(AccountSid));
609 if (!NT_SUCCESS(Status))
610 goto done;
611
612 /* Set the SecDesc attribute */
613 Status = LsapSetObjectAttribute(AccountObject,
614 L"SecDesc",
615 AccountSd,
616 AccountSdSize);
617
618 done:
619 if (SidString != NULL)
620 LocalFree(SidString);
621
622 if (AccountSd != NULL)
623 RtlFreeHeap(RtlGetProcessHeap(), 0, AccountSd);
624
625 if (!NT_SUCCESS(Status))
626 {
627 if (AccountObject != NULL)
628 LsapCloseDbObject(AccountObject);
629 }
630 else
631 {
632 *AccountHandle = (LSAPR_HANDLE)AccountObject;
633 }
634
635 return STATUS_SUCCESS;
636 }
637
638
639 /* Function 11 */
640 NTSTATUS WINAPI LsarEnumerateAccounts(
641 LSAPR_HANDLE PolicyHandle,
642 DWORD *EnumerationContext,
643 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer,
644 DWORD PreferedMaximumLength)
645 {
646 LSAPR_ACCOUNT_ENUM_BUFFER EnumBuffer = {0, NULL};
647 PLSA_DB_OBJECT PolicyObject = NULL;
648 WCHAR AccountKeyName[64];
649 HANDLE AccountsKeyHandle = NULL;
650 HANDLE AccountKeyHandle;
651 HANDLE SidKeyHandle;
652 ULONG EnumIndex;
653 ULONG EnumCount;
654 ULONG RequiredLength;
655 ULONG DataLength;
656 ULONG i;
657 NTSTATUS Status = STATUS_SUCCESS;
658
659 TRACE("(%p %p %p %lu)\n", PolicyHandle, EnumerationContext,
660 EnumerationBuffer, PreferedMaximumLength);
661
662 if (EnumerationContext == NULL ||
663 EnumerationBuffer == NULL)
664 return STATUS_INVALID_PARAMETER;
665
666 EnumerationBuffer->EntriesRead = 0;
667 EnumerationBuffer->Information = NULL;
668
669 /* Validate the PolicyHandle */
670 Status = LsapValidateDbObject(PolicyHandle,
671 LsaDbPolicyObject,
672 POLICY_VIEW_LOCAL_INFORMATION,
673 &PolicyObject);
674 if (!NT_SUCCESS(Status))
675 {
676 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
677 return Status;
678 }
679
680 Status = LsapRegOpenKey(PolicyObject->KeyHandle,
681 L"Accounts",
682 KEY_READ,
683 &AccountsKeyHandle);
684 if (!NT_SUCCESS(Status))
685 return Status;
686
687 EnumIndex = *EnumerationContext;
688 EnumCount = 0;
689 RequiredLength = 0;
690
691 while (TRUE)
692 {
693 Status = LsapRegEnumerateSubKey(AccountsKeyHandle,
694 EnumIndex,
695 64 * sizeof(WCHAR),
696 AccountKeyName);
697 if (!NT_SUCCESS(Status))
698 break;
699
700 TRACE("EnumIndex: %lu\n", EnumIndex);
701 TRACE("Account key name: %S\n", AccountKeyName);
702
703 Status = LsapRegOpenKey(AccountsKeyHandle,
704 AccountKeyName,
705 KEY_READ,
706 &AccountKeyHandle);
707 TRACE("LsapRegOpenKey returned %08lX\n", Status);
708 if (NT_SUCCESS(Status))
709 {
710 Status = LsapRegOpenKey(AccountKeyHandle,
711 L"Sid",
712 KEY_READ,
713 &SidKeyHandle);
714 TRACE("LsapRegOpenKey returned %08lX\n", Status);
715 if (NT_SUCCESS(Status))
716 {
717 DataLength = 0;
718 Status = LsapRegQueryValue(SidKeyHandle,
719 NULL,
720 NULL,
721 NULL,
722 &DataLength);
723 TRACE("LsapRegQueryValue returned %08lX\n", Status);
724 if (NT_SUCCESS(Status))
725 {
726 TRACE("Data length: %lu\n", DataLength);
727
728 if ((RequiredLength + DataLength + sizeof(LSAPR_ACCOUNT_INFORMATION)) > PreferedMaximumLength)
729 break;
730
731 RequiredLength += (DataLength + sizeof(LSAPR_ACCOUNT_INFORMATION));
732 EnumCount++;
733 }
734
735 LsapRegCloseKey(SidKeyHandle);
736 }
737
738 LsapRegCloseKey(AccountKeyHandle);
739 }
740
741 EnumIndex++;
742 }
743
744 TRACE("EnumCount: %lu\n", EnumCount);
745 TRACE("RequiredLength: %lu\n", RequiredLength);
746
747 EnumBuffer.EntriesRead = EnumCount;
748 EnumBuffer.Information = midl_user_allocate(EnumCount * sizeof(LSAPR_ACCOUNT_INFORMATION));
749 if (EnumBuffer.Information == NULL)
750 {
751 Status = STATUS_INSUFFICIENT_RESOURCES;
752 goto done;
753 }
754
755 EnumIndex = *EnumerationContext;
756 for (i = 0; i < EnumCount; i++, EnumIndex++)
757 {
758 Status = LsapRegEnumerateSubKey(AccountsKeyHandle,
759 EnumIndex,
760 64 * sizeof(WCHAR),
761 AccountKeyName);
762 if (!NT_SUCCESS(Status))
763 break;
764
765 TRACE("EnumIndex: %lu\n", EnumIndex);
766 TRACE("Account key name: %S\n", AccountKeyName);
767
768 Status = LsapRegOpenKey(AccountsKeyHandle,
769 AccountKeyName,
770 KEY_READ,
771 &AccountKeyHandle);
772 TRACE("LsapRegOpenKey returned %08lX\n", Status);
773 if (NT_SUCCESS(Status))
774 {
775 Status = LsapRegOpenKey(AccountKeyHandle,
776 L"Sid",
777 KEY_READ,
778 &SidKeyHandle);
779 TRACE("LsapRegOpenKey returned %08lX\n", Status);
780 if (NT_SUCCESS(Status))
781 {
782 DataLength = 0;
783 Status = LsapRegQueryValue(SidKeyHandle,
784 NULL,
785 NULL,
786 NULL,
787 &DataLength);
788 TRACE("LsapRegQueryValue returned %08lX\n", Status);
789 if (NT_SUCCESS(Status))
790 {
791 EnumBuffer.Information[i].Sid = midl_user_allocate(DataLength);
792 if (EnumBuffer.Information[i].Sid == NULL)
793 {
794 LsapRegCloseKey(AccountKeyHandle);
795 Status = STATUS_INSUFFICIENT_RESOURCES;
796 goto done;
797 }
798
799 Status = LsapRegQueryValue(SidKeyHandle,
800 NULL,
801 NULL,
802 EnumBuffer.Information[i].Sid,
803 &DataLength);
804 TRACE("SampRegQueryValue returned %08lX\n", Status);
805 }
806
807 LsapRegCloseKey(SidKeyHandle);
808 }
809
810 LsapRegCloseKey(AccountKeyHandle);
811
812 if (!NT_SUCCESS(Status))
813 goto done;
814 }
815 }
816
817 if (NT_SUCCESS(Status))
818 {
819 *EnumerationContext += EnumCount;
820 EnumerationBuffer->EntriesRead = EnumBuffer.EntriesRead;
821 EnumerationBuffer->Information = EnumBuffer.Information;
822 }
823
824 done:
825 if (!NT_SUCCESS(Status))
826 {
827 if (EnumBuffer.Information)
828 {
829 for (i = 0; i < EnumBuffer.EntriesRead; i++)
830 {
831 if (EnumBuffer.Information[i].Sid != NULL)
832 midl_user_free(EnumBuffer.Information[i].Sid);
833 }
834
835 midl_user_free(EnumBuffer.Information);
836 }
837 }
838
839 if (AccountsKeyHandle != NULL)
840 LsapRegCloseKey(AccountsKeyHandle);
841
842 return Status;
843 }
844
845
846 /* Function 12 */
847 NTSTATUS WINAPI LsarCreateTrustedDomain(
848 LSAPR_HANDLE PolicyHandle,
849 PLSAPR_TRUST_INFORMATION TrustedDomainInformation,
850 ACCESS_MASK DesiredAccess,
851 LSAPR_HANDLE *TrustedDomainHandle)
852 {
853 UNIMPLEMENTED;
854 return STATUS_NOT_IMPLEMENTED;
855 }
856
857
858 /* Function 13 */
859 NTSTATUS WINAPI LsarEnumerateTrustedDomains(
860 LSAPR_HANDLE PolicyHandle,
861 DWORD *EnumerationContext,
862 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
863 DWORD PreferedMaximumLength)
864 {
865 UNIMPLEMENTED;
866 return STATUS_NOT_IMPLEMENTED;
867 }
868
869
870 /* Function 14 */
871 NTSTATUS WINAPI LsarLookupNames(
872 LSAPR_HANDLE PolicyHandle,
873 DWORD Count,
874 PRPC_UNICODE_STRING Names,
875 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
876 PLSAPR_TRANSLATED_SIDS TranslatedSids,
877 LSAP_LOOKUP_LEVEL LookupLevel,
878 DWORD *MappedCount)
879 {
880 LSAPR_TRANSLATED_SIDS_EX2 TranslatedSidsEx2;
881 ULONG i;
882 NTSTATUS Status;
883
884 TRACE("(%p %lu %p %p %p %d %p)\n",
885 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
886 LookupLevel, MappedCount);
887
888 TranslatedSids->Entries = 0;
889 TranslatedSids->Sids = NULL;
890 *ReferencedDomains = NULL;
891
892 if (Count == 0)
893 return STATUS_NONE_MAPPED;
894
895 TranslatedSidsEx2.Entries = 0;
896 TranslatedSidsEx2.Sids = NULL;
897
898 Status = LsapLookupNames(Count,
899 Names,
900 ReferencedDomains,
901 &TranslatedSidsEx2,
902 LookupLevel,
903 MappedCount,
904 0,
905 0);
906 if (!NT_SUCCESS(Status))
907 return Status;
908
909 TranslatedSids->Entries = TranslatedSidsEx2.Entries;
910 TranslatedSids->Sids = MIDL_user_allocate(TranslatedSids->Entries * sizeof(LSA_TRANSLATED_SID));
911 if (TranslatedSids->Sids == NULL)
912 {
913 MIDL_user_free(TranslatedSidsEx2.Sids);
914 MIDL_user_free(*ReferencedDomains);
915 *ReferencedDomains = NULL;
916 return STATUS_INSUFFICIENT_RESOURCES;
917 }
918
919 for (i = 0; i < TranslatedSidsEx2.Entries; i++)
920 {
921 TranslatedSids->Sids[i].Use = TranslatedSidsEx2.Sids[i].Use;
922 TranslatedSids->Sids[i].RelativeId = LsapGetRelativeIdFromSid(TranslatedSidsEx2.Sids[i].Sid);
923 TranslatedSids->Sids[i].DomainIndex = TranslatedSidsEx2.Sids[i].DomainIndex;
924 }
925
926 MIDL_user_free(TranslatedSidsEx2.Sids);
927
928 return STATUS_SUCCESS;
929 }
930
931
932 /* Function 15 */
933 NTSTATUS WINAPI LsarLookupSids(
934 LSAPR_HANDLE PolicyHandle,
935 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
936 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
937 PLSAPR_TRANSLATED_NAMES TranslatedNames,
938 LSAP_LOOKUP_LEVEL LookupLevel,
939 DWORD *MappedCount)
940 {
941 LSAPR_TRANSLATED_NAMES_EX TranslatedNamesEx;
942 ULONG i;
943 NTSTATUS Status;
944
945 TRACE("(%p %p %p %p %d %p)\n",
946 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
947 LookupLevel, MappedCount);
948
949 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
950
951 TranslatedNames->Entries = SidEnumBuffer->Entries;
952 TranslatedNames->Names = NULL;
953 *ReferencedDomains = NULL;
954
955 TranslatedNamesEx.Entries = SidEnumBuffer->Entries;
956 TranslatedNamesEx.Names = NULL;
957
958 Status = LsapLookupSids(SidEnumBuffer,
959 ReferencedDomains,
960 &TranslatedNamesEx,
961 LookupLevel,
962 MappedCount,
963 0,
964 0);
965 if (!NT_SUCCESS(Status))
966 return Status;
967
968 TranslatedNames->Entries = SidEnumBuffer->Entries;
969 TranslatedNames->Names = MIDL_user_allocate(SidEnumBuffer->Entries * sizeof(LSAPR_TRANSLATED_NAME));
970 if (TranslatedNames->Names == NULL)
971 {
972 MIDL_user_free(TranslatedNamesEx.Names);
973 MIDL_user_free(*ReferencedDomains);
974 *ReferencedDomains = NULL;
975 return STATUS_INSUFFICIENT_RESOURCES;
976 }
977
978 for (i = 0; i < TranslatedNamesEx.Entries; i++)
979 {
980 TranslatedNames->Names[i].Use = TranslatedNamesEx.Names[i].Use;
981 TranslatedNames->Names[i].Name.Length = TranslatedNamesEx.Names[i].Name.Length;
982 TranslatedNames->Names[i].Name.MaximumLength = TranslatedNamesEx.Names[i].Name.MaximumLength;
983 TranslatedNames->Names[i].Name.Buffer = TranslatedNamesEx.Names[i].Name.Buffer;
984 TranslatedNames->Names[i].DomainIndex = TranslatedNamesEx.Names[i].DomainIndex;
985 }
986
987 MIDL_user_free(TranslatedNamesEx.Names);
988
989 return Status;
990 }
991
992
993 /* Function 16 */
994 NTSTATUS WINAPI LsarCreateSecret(
995 LSAPR_HANDLE PolicyHandle,
996 PRPC_UNICODE_STRING SecretName,
997 ACCESS_MASK DesiredAccess,
998 LSAPR_HANDLE *SecretHandle)
999 {
1000 PLSA_DB_OBJECT PolicyObject;
1001 PLSA_DB_OBJECT SecretObject = NULL;
1002 LARGE_INTEGER Time;
1003 PSECURITY_DESCRIPTOR SecretSd = NULL;
1004 ULONG SecretSdSize;
1005 NTSTATUS Status = STATUS_SUCCESS;
1006
1007 /* Validate the PolicyHandle */
1008 Status = LsapValidateDbObject(PolicyHandle,
1009 LsaDbPolicyObject,
1010 POLICY_CREATE_SECRET,
1011 &PolicyObject);
1012 if (!NT_SUCCESS(Status))
1013 {
1014 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1015 return Status;
1016 }
1017
1018 /* Get the current time */
1019 Status = NtQuerySystemTime(&Time);
1020 if (!NT_SUCCESS(Status))
1021 {
1022 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
1023 goto done;
1024 }
1025
1026 /* Create a security descriptor for the secret */
1027 Status = LsapCreateSecretSd(&SecretSd,
1028 &SecretSdSize);
1029 if (!NT_SUCCESS(Status))
1030 {
1031 ERR("LsapCreateAccountSd returned 0x%08lx\n", Status);
1032 return Status;
1033 }
1034
1035 /* Create the Secret object */
1036 Status = LsapCreateDbObject(PolicyObject,
1037 L"Secrets",
1038 SecretName->Buffer,
1039 LsaDbSecretObject,
1040 DesiredAccess,
1041 PolicyObject->Trusted,
1042 &SecretObject);
1043 if (!NT_SUCCESS(Status))
1044 {
1045 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
1046 goto done;
1047 }
1048
1049 /* Set the CurrentTime attribute */
1050 Status = LsapSetObjectAttribute(SecretObject,
1051 L"CurrentTime",
1052 (PVOID)&Time,
1053 sizeof(LARGE_INTEGER));
1054 if (!NT_SUCCESS(Status))
1055 {
1056 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status);
1057 goto done;
1058 }
1059
1060 /* Set the OldTime attribute */
1061 Status = LsapSetObjectAttribute(SecretObject,
1062 L"OldTime",
1063 (PVOID)&Time,
1064 sizeof(LARGE_INTEGER));
1065 if (!NT_SUCCESS(Status))
1066 {
1067 ERR("LsapSetObjectAttribute (OldTime) failed (Status 0x%08lx)\n", Status);
1068 goto done;
1069 }
1070
1071 /* Set the SecDesc attribute */
1072 Status = LsapSetObjectAttribute(SecretObject,
1073 L"SecDesc",
1074 SecretSd,
1075 SecretSdSize);
1076
1077 done:
1078 if (SecretSd != NULL)
1079 RtlFreeHeap(RtlGetProcessHeap(), 0, SecretSd);
1080
1081 if (!NT_SUCCESS(Status))
1082 {
1083 if (SecretObject != NULL)
1084 LsapCloseDbObject(SecretObject);
1085 }
1086 else
1087 {
1088 *SecretHandle = (LSAPR_HANDLE)SecretObject;
1089 }
1090
1091 return STATUS_SUCCESS;
1092 }
1093
1094
1095 /* Function 17 */
1096 NTSTATUS WINAPI LsarOpenAccount(
1097 LSAPR_HANDLE PolicyHandle,
1098 PRPC_SID AccountSid,
1099 ACCESS_MASK DesiredAccess,
1100 LSAPR_HANDLE *AccountHandle)
1101 {
1102 PLSA_DB_OBJECT PolicyObject;
1103 PLSA_DB_OBJECT AccountObject = NULL;
1104 LPWSTR SidString = NULL;
1105 NTSTATUS Status = STATUS_SUCCESS;
1106
1107 /* Validate the AccountSid */
1108 if (!RtlValidSid(AccountSid))
1109 return STATUS_INVALID_PARAMETER;
1110
1111 /* Validate the PolicyHandle */
1112 Status = LsapValidateDbObject(PolicyHandle,
1113 LsaDbPolicyObject,
1114 0,
1115 &PolicyObject);
1116 if (!NT_SUCCESS(Status))
1117 {
1118 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1119 return Status;
1120 }
1121
1122 /* Create SID string */
1123 if (!ConvertSidToStringSid((PSID)AccountSid,
1124 &SidString))
1125 {
1126 ERR("ConvertSidToStringSid failed\n");
1127 Status = STATUS_INVALID_PARAMETER;
1128 goto done;
1129 }
1130
1131 /* Create the Account object */
1132 Status = LsapOpenDbObject(PolicyObject,
1133 L"Accounts",
1134 SidString,
1135 LsaDbAccountObject,
1136 DesiredAccess,
1137 PolicyObject->Trusted,
1138 &AccountObject);
1139 if (!NT_SUCCESS(Status))
1140 {
1141 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
1142 goto done;
1143 }
1144
1145 /* Set the Sid attribute */
1146 Status = LsapSetObjectAttribute(AccountObject,
1147 L"Sid",
1148 (PVOID)AccountSid,
1149 GetLengthSid(AccountSid));
1150
1151 done:
1152 if (SidString != NULL)
1153 LocalFree(SidString);
1154
1155 if (!NT_SUCCESS(Status))
1156 {
1157 if (AccountObject != NULL)
1158 LsapCloseDbObject(AccountObject);
1159 }
1160 else
1161 {
1162 *AccountHandle = (LSAPR_HANDLE)AccountObject;
1163 }
1164
1165 return Status;
1166 }
1167
1168
1169 /* Function 18 */
1170 NTSTATUS WINAPI LsarEnumeratePrivilegesAccount(
1171 LSAPR_HANDLE AccountHandle,
1172 PLSAPR_PRIVILEGE_SET *Privileges)
1173 {
1174 PLSA_DB_OBJECT AccountObject;
1175 ULONG PrivilegeSetSize = 0;
1176 PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
1177 NTSTATUS Status;
1178
1179 *Privileges = NULL;
1180
1181 /* Validate the AccountHandle */
1182 Status = LsapValidateDbObject(AccountHandle,
1183 LsaDbAccountObject,
1184 ACCOUNT_VIEW,
1185 &AccountObject);
1186 if (!NT_SUCCESS(Status))
1187 {
1188 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1189 return Status;
1190 }
1191
1192 /* Get the size of the privilege set */
1193 Status = LsapGetObjectAttribute(AccountObject,
1194 L"Privilgs",
1195 NULL,
1196 &PrivilegeSetSize);
1197 if (!NT_SUCCESS(Status))
1198 return Status;
1199
1200 /* Allocate a buffer for the privilege set */
1201 PrivilegeSet = MIDL_user_allocate(PrivilegeSetSize);
1202 if (PrivilegeSet == NULL)
1203 return STATUS_NO_MEMORY;
1204
1205 /* Get the privilege set */
1206 Status = LsapGetObjectAttribute(AccountObject,
1207 L"Privilgs",
1208 PrivilegeSet,
1209 &PrivilegeSetSize);
1210 if (!NT_SUCCESS(Status))
1211 {
1212 MIDL_user_free(PrivilegeSet);
1213 return Status;
1214 }
1215
1216 /* Return a pointer to the privilege set */
1217 *Privileges = PrivilegeSet;
1218
1219 return STATUS_SUCCESS;
1220 }
1221
1222
1223 /* Function 19 */
1224 NTSTATUS WINAPI LsarAddPrivilegesToAccount(
1225 LSAPR_HANDLE AccountHandle,
1226 PLSAPR_PRIVILEGE_SET Privileges)
1227 {
1228 PLSA_DB_OBJECT AccountObject;
1229 PPRIVILEGE_SET CurrentPrivileges = NULL;
1230 PPRIVILEGE_SET NewPrivileges = NULL;
1231 ULONG PrivilegeSetSize = 0;
1232 ULONG PrivilegeCount;
1233 ULONG i, j;
1234 BOOL bFound;
1235 NTSTATUS Status;
1236
1237 /* Validate the AccountHandle */
1238 Status = LsapValidateDbObject(AccountHandle,
1239 LsaDbAccountObject,
1240 ACCOUNT_ADJUST_PRIVILEGES,
1241 &AccountObject);
1242 if (!NT_SUCCESS(Status))
1243 {
1244 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1245 return Status;
1246 }
1247
1248 /* Get the size of the Privilgs attribute */
1249 Status = LsapGetObjectAttribute(AccountObject,
1250 L"Privilgs",
1251 NULL,
1252 &PrivilegeSetSize);
1253 if (!NT_SUCCESS(Status) || PrivilegeSetSize == 0)
1254 {
1255 /* The Privilgs attribute does not exist */
1256
1257 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1258 (Privileges->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1259 Status = LsapSetObjectAttribute(AccountObject,
1260 L"Privilgs",
1261 Privileges,
1262 PrivilegeSetSize);
1263 }
1264 else
1265 {
1266 /* The Privilgs attribute exists */
1267
1268 /* Allocate memory for the stored privilege set */
1269 CurrentPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1270 if (CurrentPrivileges == NULL)
1271 return STATUS_NO_MEMORY;
1272
1273 /* Get the current privilege set */
1274 Status = LsapGetObjectAttribute(AccountObject,
1275 L"Privilgs",
1276 CurrentPrivileges,
1277 &PrivilegeSetSize);
1278 if (!NT_SUCCESS(Status))
1279 {
1280 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
1281 goto done;
1282 }
1283
1284 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1285 TRACE("Current privilege count: %lu\n", PrivilegeCount);
1286
1287 /* Calculate the number privileges in the combined privilege set */
1288 for (i = 0; i < Privileges->PrivilegeCount; i++)
1289 {
1290 bFound = FALSE;
1291 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1292 {
1293 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1294 &(CurrentPrivileges->Privilege[i].Luid)))
1295 {
1296 bFound = TRUE;
1297 break;
1298 }
1299 }
1300
1301 if (bFound == FALSE)
1302 {
1303 TRACE("Found new privilege\n");
1304 PrivilegeCount++;
1305 }
1306 }
1307 TRACE("New privilege count: %lu\n", PrivilegeCount);
1308
1309 /* Calculate the size of the new privilege set and allocate it */
1310 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1311 (PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1312 NewPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1313 if (NewPrivileges == NULL)
1314 {
1315 Status = STATUS_NO_MEMORY;
1316 goto done;
1317 }
1318
1319 /* Initialize the new privilege set */
1320 NewPrivileges->PrivilegeCount = PrivilegeCount;
1321 NewPrivileges->Control = 0;
1322
1323 /* Copy all privileges from the current privilege set */
1324 RtlCopyLuidAndAttributesArray(CurrentPrivileges->PrivilegeCount,
1325 &(CurrentPrivileges->Privilege[0]),
1326 &(NewPrivileges->Privilege[0]));
1327
1328 /* Add new privileges to the new privilege set */
1329 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1330 for (i = 0; i < Privileges->PrivilegeCount; i++)
1331 {
1332 bFound = FALSE;
1333 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1334 {
1335 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1336 &(CurrentPrivileges->Privilege[i].Luid)))
1337 {
1338 /* Overwrite attributes if a matching privilege was found */
1339 NewPrivileges->Privilege[j].Attributes = Privileges->Privilege[i].Attributes;
1340
1341 bFound = TRUE;
1342 break;
1343 }
1344 }
1345
1346 if (bFound == FALSE)
1347 {
1348 /* Copy the new privilege */
1349 RtlCopyLuidAndAttributesArray(1,
1350 (PLUID_AND_ATTRIBUTES)&(Privileges->Privilege[i]),
1351 &(NewPrivileges->Privilege[PrivilegeCount]));
1352 PrivilegeCount++;
1353 }
1354 }
1355
1356 /* Set the new privilege set */
1357 Status = LsapSetObjectAttribute(AccountObject,
1358 L"Privilgs",
1359 NewPrivileges,
1360 PrivilegeSetSize);
1361 }
1362
1363 done:
1364 if (CurrentPrivileges != NULL)
1365 MIDL_user_free(CurrentPrivileges);
1366
1367 if (NewPrivileges != NULL)
1368 MIDL_user_free(NewPrivileges);
1369
1370 return Status;
1371 }
1372
1373
1374 /* Function 20 */
1375 NTSTATUS WINAPI LsarRemovePrivilegesFromAccount(
1376 LSAPR_HANDLE AccountHandle,
1377 BOOL AllPrivileges,
1378 PLSAPR_PRIVILEGE_SET Privileges)
1379 {
1380 PLSA_DB_OBJECT AccountObject;
1381 PPRIVILEGE_SET CurrentPrivileges = NULL;
1382 PPRIVILEGE_SET NewPrivileges = NULL;
1383 ULONG PrivilegeSetSize = 0;
1384 ULONG PrivilegeCount;
1385 ULONG i, j, k;
1386 BOOL bFound;
1387 NTSTATUS Status;
1388
1389 TRACE("(%p %u %p)\n", AccountHandle, AllPrivileges, Privileges);
1390
1391 /* */
1392 if ((AllPrivileges == FALSE && Privileges == NULL) ||
1393 (AllPrivileges == TRUE && Privileges != NULL))
1394 return STATUS_INVALID_PARAMETER;
1395
1396 /* Validate the AccountHandle */
1397 Status = LsapValidateDbObject(AccountHandle,
1398 LsaDbAccountObject,
1399 ACCOUNT_ADJUST_PRIVILEGES,
1400 &AccountObject);
1401 if (!NT_SUCCESS(Status))
1402 {
1403 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1404 return Status;
1405 }
1406
1407 if (AllPrivileges == TRUE)
1408 {
1409 /* Delete the Privilgs attribute */
1410 Status = LsapDeleteObjectAttribute(AccountObject,
1411 L"Privilgs");
1412 if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
1413 Status = STATUS_SUCCESS;
1414 }
1415 else
1416 {
1417 /* Get the size of the Privilgs attribute */
1418 Status = LsapGetObjectAttribute(AccountObject,
1419 L"Privilgs",
1420 NULL,
1421 &PrivilegeSetSize);
1422 if (!NT_SUCCESS(Status))
1423 goto done;
1424
1425 /* Succeed, if there is no privilege set to remove privileges from */
1426 if (PrivilegeSetSize == 0)
1427 {
1428 Status = STATUS_SUCCESS;
1429 goto done;
1430 }
1431
1432 /* Allocate memory for the stored privilege set */
1433 CurrentPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1434 if (CurrentPrivileges == NULL)
1435 return STATUS_NO_MEMORY;
1436
1437 /* Get the current privilege set */
1438 Status = LsapGetObjectAttribute(AccountObject,
1439 L"Privilgs",
1440 CurrentPrivileges,
1441 &PrivilegeSetSize);
1442 if (!NT_SUCCESS(Status))
1443 {
1444 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
1445 goto done;
1446 }
1447
1448 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1449 TRACE("Current privilege count: %lu\n", PrivilegeCount);
1450
1451 /* Calculate the number of privileges in the new privilege set */
1452 for (i = 0; i < CurrentPrivileges->PrivilegeCount; i++)
1453 {
1454 for (j = 0; j < Privileges->PrivilegeCount; j++)
1455 {
1456 if (RtlEqualLuid(&(CurrentPrivileges->Privilege[i].Luid),
1457 &(Privileges->Privilege[j].Luid)))
1458 {
1459 if (PrivilegeCount > 0)
1460 PrivilegeCount--;
1461 }
1462 }
1463 }
1464 TRACE("New privilege count: %lu\n", PrivilegeCount);
1465
1466 if (PrivilegeCount == 0)
1467 {
1468 /* Delete the Privilgs attribute */
1469 Status = LsapDeleteObjectAttribute(AccountObject,
1470 L"Privilgs");
1471 if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
1472 Status = STATUS_SUCCESS;
1473 }
1474 else
1475 {
1476 /* Calculate the size of the new privilege set and allocate it */
1477 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1478 (PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1479 NewPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1480 if (NewPrivileges == NULL)
1481 {
1482 Status = STATUS_NO_MEMORY;
1483 goto done;
1484 }
1485
1486 /* Initialize the new privilege set */
1487 NewPrivileges->PrivilegeCount = PrivilegeCount;
1488 NewPrivileges->Control = 0;
1489
1490 /* Copy the privileges which are not to be removed */
1491 for (i = 0, k = 0; i < CurrentPrivileges->PrivilegeCount; i++)
1492 {
1493 bFound = FALSE;
1494 for (j = 0; j < Privileges->PrivilegeCount; j++)
1495 {
1496 if (RtlEqualLuid(&(CurrentPrivileges->Privilege[i].Luid),
1497 &(Privileges->Privilege[j].Luid)))
1498 bFound = TRUE;
1499 }
1500
1501 if (bFound == FALSE)
1502 {
1503 /* Copy the privilege */
1504 RtlCopyLuidAndAttributesArray(1,
1505 &(CurrentPrivileges->Privilege[i]),
1506 &(NewPrivileges->Privilege[k]));
1507 k++;
1508 }
1509 }
1510
1511 /* Set the new privilege set */
1512 Status = LsapSetObjectAttribute(AccountObject,
1513 L"Privilgs",
1514 NewPrivileges,
1515 PrivilegeSetSize);
1516 }
1517 }
1518
1519 done:
1520 if (CurrentPrivileges != NULL)
1521 MIDL_user_free(CurrentPrivileges);
1522
1523 if (NewPrivileges != NULL)
1524 MIDL_user_free(NewPrivileges);
1525
1526 return Status;
1527 }
1528
1529
1530 /* Function 21 */
1531 NTSTATUS WINAPI LsarGetQuotasForAccount(
1532 LSAPR_HANDLE AccountHandle,
1533 PQUOTA_LIMITS QuotaLimits)
1534 {
1535 PLSA_DB_OBJECT AccountObject;
1536 ULONG Size;
1537 NTSTATUS Status;
1538
1539 TRACE("(%p %p)\n", AccountHandle, QuotaLimits);
1540
1541 /* Validate the account handle */
1542 Status = LsapValidateDbObject(AccountHandle,
1543 LsaDbAccountObject,
1544 ACCOUNT_VIEW,
1545 &AccountObject);
1546 if (!NT_SUCCESS(Status))
1547 {
1548 ERR("Invalid handle (Status %lx)\n", Status);
1549 return Status;
1550 }
1551
1552 /* Get the quota attribute */
1553 Status = LsapGetObjectAttribute(AccountObject,
1554 L"DefQuota",
1555 QuotaLimits,
1556 &Size);
1557
1558 return Status;
1559 }
1560
1561
1562 /* Function 22 */
1563 NTSTATUS WINAPI LsarSetQuotasForAccount(
1564 LSAPR_HANDLE AccountHandle,
1565 PQUOTA_LIMITS QuotaLimits)
1566 {
1567 PLSA_DB_OBJECT AccountObject;
1568 QUOTA_LIMITS InternalQuotaLimits;
1569 ULONG Size;
1570 NTSTATUS Status;
1571
1572 TRACE("(%p %p)\n", AccountHandle, QuotaLimits);
1573
1574 /* Validate the account handle */
1575 Status = LsapValidateDbObject(AccountHandle,
1576 LsaDbAccountObject,
1577 ACCOUNT_ADJUST_QUOTAS,
1578 &AccountObject);
1579 if (!NT_SUCCESS(Status))
1580 {
1581 ERR("Invalid handle (Status %lx)\n", Status);
1582 return Status;
1583 }
1584
1585 /* Get the quota limits attribute */
1586 Size = sizeof(QUOTA_LIMITS);
1587 Status = LsapGetObjectAttribute(AccountObject,
1588 L"DefQuota",
1589 &InternalQuotaLimits,
1590 &Size);
1591 if (!NT_SUCCESS(Status))
1592 {
1593 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
1594 return Status;
1595 }
1596
1597 /* Update the quota limits */
1598 if (QuotaLimits->PagedPoolLimit != 0)
1599 InternalQuotaLimits.PagedPoolLimit = QuotaLimits->PagedPoolLimit;
1600
1601 if (QuotaLimits->NonPagedPoolLimit != 0)
1602 InternalQuotaLimits.NonPagedPoolLimit = QuotaLimits->NonPagedPoolLimit;
1603
1604 if (QuotaLimits->MinimumWorkingSetSize != 0)
1605 InternalQuotaLimits.MinimumWorkingSetSize = QuotaLimits->MinimumWorkingSetSize;
1606
1607 if (QuotaLimits->MaximumWorkingSetSize != 0)
1608 InternalQuotaLimits.MaximumWorkingSetSize = QuotaLimits->MaximumWorkingSetSize;
1609
1610 if (QuotaLimits->PagefileLimit != 0)
1611 InternalQuotaLimits.PagefileLimit = QuotaLimits->PagefileLimit;
1612
1613 /* Set the quota limits attribute */
1614 Status = LsapSetObjectAttribute(AccountObject,
1615 L"DefQuota",
1616 &InternalQuotaLimits,
1617 sizeof(QUOTA_LIMITS));
1618
1619 return Status;
1620 }
1621
1622
1623 /* Function 23 */
1624 NTSTATUS WINAPI LsarGetSystemAccessAccount(
1625 LSAPR_HANDLE AccountHandle,
1626 ACCESS_MASK *SystemAccess)
1627 {
1628 PLSA_DB_OBJECT AccountObject;
1629 ULONG Size;
1630 NTSTATUS Status;
1631
1632 /* Validate the account handle */
1633 Status = LsapValidateDbObject(AccountHandle,
1634 LsaDbAccountObject,
1635 ACCOUNT_VIEW,
1636 &AccountObject);
1637 if (!NT_SUCCESS(Status))
1638 {
1639 ERR("Invalid handle (Status %lx)\n", Status);
1640 return Status;
1641 }
1642
1643 /* Get the system access flags */
1644 Status = LsapGetObjectAttribute(AccountObject,
1645 L"ActSysAc",
1646 SystemAccess,
1647 &Size);
1648
1649 return Status;
1650 }
1651
1652
1653 /* Function 24 */
1654 NTSTATUS WINAPI LsarSetSystemAccessAccount(
1655 LSAPR_HANDLE AccountHandle,
1656 ACCESS_MASK SystemAccess)
1657 {
1658 PLSA_DB_OBJECT AccountObject;
1659 NTSTATUS Status;
1660
1661 /* Validate the account handle */
1662 Status = LsapValidateDbObject(AccountHandle,
1663 LsaDbAccountObject,
1664 ACCOUNT_ADJUST_SYSTEM_ACCESS,
1665 &AccountObject);
1666 if (!NT_SUCCESS(Status))
1667 {
1668 ERR("Invalid handle (Status %lx)\n", Status);
1669 return Status;
1670 }
1671
1672 /* Set the system access flags */
1673 Status = LsapSetObjectAttribute(AccountObject,
1674 L"ActSysAc",
1675 &SystemAccess,
1676 sizeof(ACCESS_MASK));
1677
1678 return Status;
1679 }
1680
1681
1682 /* Function 25 */
1683 NTSTATUS WINAPI LsarOpenTrustedDomain(
1684 LSAPR_HANDLE PolicyHandle,
1685 PRPC_SID TrustedDomainSid,
1686 ACCESS_MASK DesiredAccess,
1687 LSAPR_HANDLE *TrustedDomainHandle)
1688 {
1689 UNIMPLEMENTED;
1690 return STATUS_NOT_IMPLEMENTED;
1691 }
1692
1693
1694 /* Function 26 */
1695 NTSTATUS WINAPI LsarQueryInfoTrustedDomain(
1696 LSAPR_HANDLE TrustedDomainHandle,
1697 TRUSTED_INFORMATION_CLASS InformationClass,
1698 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
1699 {
1700 UNIMPLEMENTED;
1701 return STATUS_NOT_IMPLEMENTED;
1702 }
1703
1704
1705 /* Function 27 */
1706 NTSTATUS WINAPI LsarSetInformationTrustedDomain(
1707 LSAPR_HANDLE TrustedDomainHandle,
1708 TRUSTED_INFORMATION_CLASS InformationClass,
1709 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
1710 {
1711 UNIMPLEMENTED;
1712 return STATUS_NOT_IMPLEMENTED;
1713 }
1714
1715
1716 /* Function 28 */
1717 NTSTATUS WINAPI LsarOpenSecret(
1718 LSAPR_HANDLE PolicyHandle,
1719 PRPC_UNICODE_STRING SecretName,
1720 ACCESS_MASK DesiredAccess,
1721 LSAPR_HANDLE *SecretHandle)
1722 {
1723 PLSA_DB_OBJECT PolicyObject;
1724 PLSA_DB_OBJECT SecretObject = NULL;
1725 NTSTATUS Status = STATUS_SUCCESS;
1726
1727 /* Validate the PolicyHandle */
1728 Status = LsapValidateDbObject(PolicyHandle,
1729 LsaDbPolicyObject,
1730 0,
1731 &PolicyObject);
1732 if (!NT_SUCCESS(Status))
1733 {
1734 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1735 return Status;
1736 }
1737
1738 /* Create the secret object */
1739 Status = LsapOpenDbObject(PolicyObject,
1740 L"Secrets",
1741 SecretName->Buffer,
1742 LsaDbSecretObject,
1743 DesiredAccess,
1744 PolicyObject->Trusted,
1745 &SecretObject);
1746 if (!NT_SUCCESS(Status))
1747 {
1748 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
1749 goto done;
1750 }
1751
1752 done:
1753 if (!NT_SUCCESS(Status))
1754 {
1755 if (SecretObject != NULL)
1756 LsapCloseDbObject(SecretObject);
1757 }
1758 else
1759 {
1760 *SecretHandle = (LSAPR_HANDLE)SecretObject;
1761 }
1762
1763 return Status;
1764 }
1765
1766
1767 /* Function 29 */
1768 NTSTATUS WINAPI LsarSetSecret(
1769 LSAPR_HANDLE SecretHandle,
1770 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue,
1771 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue)
1772 {
1773 PLSA_DB_OBJECT SecretObject;
1774 PBYTE CurrentValue = NULL;
1775 PBYTE OldValue = NULL;
1776 ULONG CurrentValueLength = 0;
1777 ULONG OldValueLength = 0;
1778 LARGE_INTEGER Time;
1779 NTSTATUS Status;
1780
1781 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle,
1782 EncryptedCurrentValue, EncryptedOldValue);
1783
1784 /* Validate the SecretHandle */
1785 Status = LsapValidateDbObject(SecretHandle,
1786 LsaDbSecretObject,
1787 SECRET_SET_VALUE,
1788 &SecretObject);
1789 if (!NT_SUCCESS(Status))
1790 {
1791 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1792 return Status;
1793 }
1794
1795 if (EncryptedCurrentValue != NULL)
1796 {
1797 /* FIXME: Decrypt the current value */
1798 CurrentValue = EncryptedCurrentValue->Buffer;
1799 CurrentValueLength = EncryptedCurrentValue->MaximumLength;
1800 }
1801
1802 /* Set the current value */
1803 Status = LsapSetObjectAttribute(SecretObject,
1804 L"CurrentValue",
1805 CurrentValue,
1806 CurrentValueLength);
1807 if (!NT_SUCCESS(Status))
1808 {
1809 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1810 goto done;
1811 }
1812
1813 /* Get the current time */
1814 Status = NtQuerySystemTime(&Time);
1815 if (!NT_SUCCESS(Status))
1816 {
1817 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
1818 goto done;
1819 }
1820
1821 /* Set the current time */
1822 Status = LsapSetObjectAttribute(SecretObject,
1823 L"CurrentTime",
1824 &Time,
1825 sizeof(LARGE_INTEGER));
1826 if (!NT_SUCCESS(Status))
1827 {
1828 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1829 goto done;
1830 }
1831
1832 if (EncryptedOldValue != NULL)
1833 {
1834 /* FIXME: Decrypt the old value */
1835 OldValue = EncryptedOldValue->Buffer;
1836 OldValueLength = EncryptedOldValue->MaximumLength;
1837 }
1838
1839 /* Set the old value */
1840 Status = LsapSetObjectAttribute(SecretObject,
1841 L"OldValue",
1842 OldValue,
1843 OldValueLength);
1844 if (!NT_SUCCESS(Status))
1845 {
1846 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1847 goto done;
1848 }
1849
1850 /* Set the old time */
1851 Status = LsapSetObjectAttribute(SecretObject,
1852 L"OldTime",
1853 &Time,
1854 sizeof(LARGE_INTEGER));
1855 if (!NT_SUCCESS(Status))
1856 {
1857 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1858 }
1859
1860 done:
1861 return Status;
1862 }
1863
1864
1865 /* Function 30 */
1866 NTSTATUS WINAPI LsarQuerySecret(
1867 LSAPR_HANDLE SecretHandle,
1868 PLSAPR_CR_CIPHER_VALUE *EncryptedCurrentValue,
1869 PLARGE_INTEGER CurrentValueSetTime,
1870 PLSAPR_CR_CIPHER_VALUE *EncryptedOldValue,
1871 PLARGE_INTEGER OldValueSetTime)
1872 {
1873 PLSA_DB_OBJECT SecretObject;
1874 PLSAPR_CR_CIPHER_VALUE EncCurrentValue = NULL;
1875 PLSAPR_CR_CIPHER_VALUE EncOldValue = NULL;
1876 PBYTE CurrentValue = NULL;
1877 PBYTE OldValue = NULL;
1878 ULONG CurrentValueLength = 0;
1879 ULONG OldValueLength = 0;
1880 ULONG BufferSize;
1881 NTSTATUS Status;
1882
1883 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle,
1884 EncryptedCurrentValue, CurrentValueSetTime,
1885 EncryptedOldValue, OldValueSetTime);
1886
1887 /* Validate the SecretHandle */
1888 Status = LsapValidateDbObject(SecretHandle,
1889 LsaDbSecretObject,
1890 SECRET_QUERY_VALUE,
1891 &SecretObject);
1892 if (!NT_SUCCESS(Status))
1893 {
1894 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1895 return Status;
1896 }
1897
1898 if (EncryptedCurrentValue != NULL)
1899 {
1900 CurrentValueLength = 0;
1901
1902 /* Get the size of the current value */
1903 Status = LsapGetObjectAttribute(SecretObject,
1904 L"CurrentValue",
1905 NULL,
1906 &CurrentValueLength);
1907 if (!NT_SUCCESS(Status))
1908 goto done;
1909
1910 /* Allocate a buffer for the current value */
1911 CurrentValue = midl_user_allocate(CurrentValueLength);
1912 if (CurrentValue == NULL)
1913 {
1914 Status = STATUS_INSUFFICIENT_RESOURCES;
1915 goto done;
1916 }
1917
1918 /* Get the current value */
1919 Status = LsapGetObjectAttribute(SecretObject,
1920 L"CurrentValue",
1921 CurrentValue,
1922 &CurrentValueLength);
1923 if (!NT_SUCCESS(Status))
1924 goto done;
1925
1926 /* Allocate a buffer for the encrypted current value */
1927 EncCurrentValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE));
1928 if (EncCurrentValue == NULL)
1929 {
1930 Status = STATUS_INSUFFICIENT_RESOURCES;
1931 goto done;
1932 }
1933
1934 /* FIXME: Encrypt the current value */
1935 EncCurrentValue->Length = (USHORT)(CurrentValueLength - sizeof(WCHAR));
1936 EncCurrentValue->MaximumLength = (USHORT)CurrentValueLength;
1937 EncCurrentValue->Buffer = (PBYTE)CurrentValue;
1938 }
1939
1940 if (CurrentValueSetTime != NULL)
1941 {
1942 BufferSize = sizeof(LARGE_INTEGER);
1943
1944 /* Get the current value time */
1945 Status = LsapGetObjectAttribute(SecretObject,
1946 L"CurrentTime",
1947 (PBYTE)CurrentValueSetTime,
1948 &BufferSize);
1949 if (!NT_SUCCESS(Status))
1950 goto done;
1951 }
1952
1953 if (EncryptedOldValue != NULL)
1954 {
1955 OldValueLength = 0;
1956
1957 /* Get the size of the old value */
1958 Status = LsapGetObjectAttribute(SecretObject,
1959 L"OldValue",
1960 NULL,
1961 &OldValueLength);
1962 if (!NT_SUCCESS(Status))
1963 goto done;
1964
1965 /* Allocate a buffer for the old value */
1966 OldValue = midl_user_allocate(OldValueLength);
1967 if (OldValue == NULL)
1968 {
1969 Status = STATUS_INSUFFICIENT_RESOURCES;
1970 goto done;
1971 }
1972
1973 /* Get the old value */
1974 Status = LsapGetObjectAttribute(SecretObject,
1975 L"OldValue",
1976 OldValue,
1977 &OldValueLength);
1978 if (!NT_SUCCESS(Status))
1979 goto done;
1980
1981 /* Allocate a buffer for the encrypted old value */
1982 EncOldValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE) + OldValueLength);
1983 if (EncOldValue == NULL)
1984 {
1985 Status = STATUS_INSUFFICIENT_RESOURCES;
1986 goto done;
1987 }
1988
1989 /* FIXME: Encrypt the old value */
1990 EncOldValue->Length = (USHORT)(OldValueLength - sizeof(WCHAR));
1991 EncOldValue->MaximumLength = (USHORT)OldValueLength;
1992 EncOldValue->Buffer = (PBYTE)OldValue;
1993 }
1994
1995 if (OldValueSetTime != NULL)
1996 {
1997 BufferSize = sizeof(LARGE_INTEGER);
1998
1999 /* Get the old value time */
2000 Status = LsapGetObjectAttribute(SecretObject,
2001 L"OldTime",
2002 (PBYTE)OldValueSetTime,
2003 &BufferSize);
2004 if (!NT_SUCCESS(Status))
2005 goto done;
2006 }
2007
2008
2009 done:
2010 if (NT_SUCCESS(Status))
2011 {
2012 if (EncryptedCurrentValue != NULL)
2013 *EncryptedCurrentValue = EncCurrentValue;
2014
2015 if (EncryptedOldValue != NULL)
2016 *EncryptedOldValue = EncOldValue;
2017 }
2018 else
2019 {
2020 if (EncryptedCurrentValue != NULL)
2021 *EncryptedCurrentValue = NULL;
2022
2023 if (EncryptedOldValue != NULL)
2024 *EncryptedOldValue = NULL;
2025
2026 if (EncCurrentValue != NULL)
2027 midl_user_free(EncCurrentValue);
2028
2029 if (EncOldValue != NULL)
2030 midl_user_free(EncOldValue);
2031
2032 if (CurrentValue != NULL)
2033 midl_user_free(CurrentValue);
2034
2035 if (OldValue != NULL)
2036 midl_user_free(OldValue);
2037 }
2038
2039 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status);
2040
2041 return Status;
2042 }
2043
2044
2045 /* Function 31 */
2046 NTSTATUS WINAPI LsarLookupPrivilegeValue(
2047 LSAPR_HANDLE PolicyHandle,
2048 PRPC_UNICODE_STRING Name,
2049 PLUID Value)
2050 {
2051 NTSTATUS Status;
2052
2053 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
2054 PolicyHandle, Name, Value);
2055
2056 Status = LsapValidateDbObject(PolicyHandle,
2057 LsaDbPolicyObject,
2058 POLICY_LOOKUP_NAMES,
2059 NULL);
2060 if (!NT_SUCCESS(Status))
2061 {
2062 ERR("Invalid handle (Status %lx)\n", Status);
2063 return Status;
2064 }
2065
2066 TRACE("Privilege: %wZ\n", Name);
2067
2068 Status = LsarpLookupPrivilegeValue(Name,
2069 Value);
2070
2071 return Status;
2072 }
2073
2074
2075 /* Function 32 */
2076 NTSTATUS WINAPI LsarLookupPrivilegeName(
2077 LSAPR_HANDLE PolicyHandle,
2078 PLUID Value,
2079 PRPC_UNICODE_STRING *Name)
2080 {
2081 NTSTATUS Status;
2082
2083 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
2084 PolicyHandle, Value, Name);
2085
2086 Status = LsapValidateDbObject(PolicyHandle,
2087 LsaDbPolicyObject,
2088 POLICY_LOOKUP_NAMES,
2089 NULL);
2090 if (!NT_SUCCESS(Status))
2091 {
2092 ERR("Invalid handle\n");
2093 return Status;
2094 }
2095
2096 Status = LsarpLookupPrivilegeName(Value,
2097 Name);
2098
2099 return Status;
2100 }
2101
2102
2103 /* Function 33 */
2104 NTSTATUS WINAPI LsarLookupPrivilegeDisplayName(
2105 LSAPR_HANDLE PolicyHandle,
2106 PRPC_UNICODE_STRING Name,
2107 USHORT ClientLanguage,
2108 USHORT ClientSystemDefaultLanguage,
2109 PRPC_UNICODE_STRING *DisplayName,
2110 USHORT *LanguageReturned)
2111 {
2112 UNIMPLEMENTED;
2113 return STATUS_NOT_IMPLEMENTED;
2114 }
2115
2116
2117 /* Function 34 */
2118 NTSTATUS WINAPI LsarDeleteObject(
2119 LSAPR_HANDLE *ObjectHandle)
2120 {
2121 PLSA_DB_OBJECT DbObject;
2122 NTSTATUS Status;
2123
2124 TRACE("(%p)\n", ObjectHandle);
2125
2126 if (ObjectHandle == NULL)
2127 return STATUS_INVALID_PARAMETER;
2128
2129 /* Validate the ObjectHandle */
2130 Status = LsapValidateDbObject(*ObjectHandle,
2131 LsaDbIgnoreObject,
2132 DELETE,
2133 &DbObject);
2134 if (!NT_SUCCESS(Status))
2135 {
2136 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
2137 return Status;
2138 }
2139
2140 /* You cannot delete the policy object */
2141 if (DbObject->ObjectType == LsaDbPolicyObject)
2142 return STATUS_INVALID_PARAMETER;
2143
2144 /* Delete the database object */
2145 Status = LsapDeleteDbObject(DbObject);
2146 if (!NT_SUCCESS(Status))
2147 {
2148 ERR("LsapDeleteDbObject returned 0x%08lx\n", Status);
2149 return Status;
2150 }
2151
2152 /* Invalidate the object handle */
2153 *ObjectHandle = NULL;
2154
2155 return STATUS_SUCCESS;
2156 }
2157
2158
2159 /* Function 35 */
2160 NTSTATUS WINAPI LsarEnumerateAccountsWithUserRight(
2161 LSAPR_HANDLE PolicyHandle,
2162 PRPC_UNICODE_STRING UserRight,
2163 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer)
2164 {
2165 UNIMPLEMENTED;
2166 return STATUS_NOT_IMPLEMENTED;
2167 }
2168
2169
2170 /* Function 36 */
2171 NTSTATUS WINAPI LsarEnumerateAccountRights(
2172 LSAPR_HANDLE PolicyHandle,
2173 PRPC_SID AccountSid,
2174 PLSAPR_USER_RIGHT_SET UserRights)
2175 {
2176 LSAPR_HANDLE AccountHandle;
2177 PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
2178 PRPC_UNICODE_STRING RightsBuffer = NULL;
2179 PRPC_UNICODE_STRING PrivilegeString;
2180 ACCESS_MASK SystemAccess;
2181 ULONG RightsCount;
2182 ULONG RightsIndex;
2183 ULONG i;
2184 NTSTATUS Status;
2185
2186 TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
2187 PolicyHandle, AccountSid, UserRights);
2188
2189 /* Open the account */
2190 Status = LsarOpenAccount(PolicyHandle,
2191 AccountSid,
2192 ACCOUNT_VIEW,
2193 &AccountHandle);
2194 if (!NT_SUCCESS(Status))
2195 {
2196 ERR("LsarOpenAccount returned 0x%08lx\n", Status);
2197 return Status;
2198 }
2199
2200 /* Enumerate the privileges */
2201 Status = LsarEnumeratePrivilegesAccount(AccountHandle,
2202 &PrivilegeSet);
2203 if (!NT_SUCCESS(Status))
2204 {
2205 ERR("LsarEnumeratePrivilegesAccount returned 0x%08lx\n", Status);
2206 goto done;
2207 }
2208
2209 /* Get account rights */
2210 Status = LsarGetSystemAccessAccount(AccountHandle,
2211 &SystemAccess);
2212 if (!NT_SUCCESS(Status))
2213 {
2214 ERR("LsarGetSystemAccessAccount returned 0x%08lx\n", Status);
2215 goto done;
2216 }
2217
2218 RightsCount = PrivilegeSet->PrivilegeCount;
2219
2220 /* Count account rights */
2221 for (i = 0; i < sizeof(ACCESS_MASK) * 8; i++)
2222 {
2223 if (SystemAccess & (1 << i))
2224 RightsCount++;
2225 }
2226
2227 /* We are done if there are no rights to be enumerated */
2228 if (RightsCount == 0)
2229 {
2230 UserRights->Entries = 0;
2231 UserRights->UserRights = NULL;
2232 Status = STATUS_SUCCESS;
2233 goto done;
2234 }
2235
2236 /* Allocate a buffer for the account rights */
2237 RightsBuffer = MIDL_user_allocate(RightsCount * sizeof(RPC_UNICODE_STRING));
2238 if (RightsBuffer == NULL)
2239 {
2240 Status = STATUS_INSUFFICIENT_RESOURCES;
2241 goto done;
2242 }
2243
2244 /* Copy the privileges into the buffer */
2245 RightsIndex = 0;
2246 for (i = 0; i < PrivilegeSet->PrivilegeCount; i++)
2247 {
2248 PrivilegeString = NULL;
2249 Status = LsarLookupPrivilegeName(PolicyHandle,
2250 (PLUID)&PrivilegeSet->Privilege[i].Luid,
2251 &PrivilegeString);
2252 if (!NT_SUCCESS(Status))
2253 goto done;
2254
2255 RightsBuffer[i].Length = PrivilegeString->Length;
2256 RightsBuffer[i].MaximumLength = PrivilegeString->MaximumLength;
2257 RightsBuffer[i].Buffer = PrivilegeString->Buffer;
2258
2259 MIDL_user_free(PrivilegeString);
2260 RightsIndex++;
2261 }
2262
2263 /* Copy account rights into the buffer */
2264 for (i = 0; i < sizeof(ACCESS_MASK) * 8; i++)
2265 {
2266 if (SystemAccess & (1 << i))
2267 {
2268 Status = LsapLookupAccountRightName(1 << i,
2269 &PrivilegeString);
2270 if (!NT_SUCCESS(Status))
2271 goto done;
2272
2273 RightsBuffer[i].Length = PrivilegeString->Length;
2274 RightsBuffer[i].MaximumLength = PrivilegeString->MaximumLength;
2275 RightsBuffer[i].Buffer = PrivilegeString->Buffer;
2276
2277 MIDL_user_free(PrivilegeString);
2278 RightsIndex++;
2279 }
2280 }
2281
2282 UserRights->Entries = RightsCount;
2283 UserRights->UserRights = (PRPC_UNICODE_STRING)RightsBuffer;
2284
2285 done:
2286 if (!NT_SUCCESS(Status))
2287 {
2288 if (RightsBuffer != NULL)
2289 {
2290 for (RightsIndex = 0; RightsIndex < RightsCount; RightsIndex++)
2291 {
2292 if (RightsBuffer[RightsIndex].Buffer != NULL)
2293 MIDL_user_free(RightsBuffer[RightsIndex].Buffer);
2294 }
2295
2296 MIDL_user_free(RightsBuffer);
2297 }
2298 }
2299
2300 if (PrivilegeSet != NULL)
2301 MIDL_user_free(PrivilegeSet);
2302
2303 LsarClose(&AccountHandle);
2304
2305 return Status;
2306 }
2307
2308
2309 /* Function 37 */
2310 NTSTATUS WINAPI LsarAddAccountRights(
2311 LSAPR_HANDLE PolicyHandle,
2312 PRPC_SID AccountSid,
2313 PLSAPR_USER_RIGHT_SET UserRights)
2314 {
2315 UNIMPLEMENTED;
2316 return STATUS_NOT_IMPLEMENTED;
2317 }
2318
2319
2320 /* Function 38 */
2321 NTSTATUS WINAPI LsarRemoveAccountRights(
2322 LSAPR_HANDLE PolicyHandle,
2323 PRPC_SID AccountSid,
2324 BOOL AllRights,
2325 PLSAPR_USER_RIGHT_SET UserRights)
2326 {
2327 UNIMPLEMENTED;
2328 return STATUS_NOT_IMPLEMENTED;
2329 }
2330
2331
2332 /* Function 39 */
2333 NTSTATUS WINAPI LsarQueryTrustedDomainInfo(
2334 LSAPR_HANDLE PolicyHandle,
2335 PRPC_SID TrustedDomainSid,
2336 TRUSTED_INFORMATION_CLASS InformationClass,
2337 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
2338 {
2339 UNIMPLEMENTED;
2340 return STATUS_NOT_IMPLEMENTED;
2341 }
2342
2343
2344 /* Function 40 */
2345 NTSTATUS WINAPI LsarSetTrustedDomainInfo(
2346 LSAPR_HANDLE PolicyHandle,
2347 PRPC_SID TrustedDomainSid,
2348 TRUSTED_INFORMATION_CLASS InformationClass,
2349 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
2350 {
2351 UNIMPLEMENTED;
2352 return STATUS_NOT_IMPLEMENTED;
2353 }
2354
2355
2356 /* Function 41 */
2357 NTSTATUS WINAPI LsarDeleteTrustedDomain(
2358 LSAPR_HANDLE PolicyHandle,
2359 PRPC_SID TrustedDomainSid)
2360 {
2361 UNIMPLEMENTED;
2362 return STATUS_NOT_IMPLEMENTED;
2363 }
2364
2365
2366 /* Function 42 */
2367 NTSTATUS WINAPI LsarStorePrivateData(
2368 LSAPR_HANDLE PolicyHandle,
2369 PRPC_UNICODE_STRING KeyName,
2370 PLSAPR_CR_CIPHER_VALUE EncryptedData)
2371 {
2372 UNIMPLEMENTED;
2373 return STATUS_NOT_IMPLEMENTED;
2374 }
2375
2376
2377 /* Function 43 */
2378 NTSTATUS WINAPI LsarRetrievePrivateData(
2379 LSAPR_HANDLE PolicyHandle,
2380 PRPC_UNICODE_STRING KeyName,
2381 PLSAPR_CR_CIPHER_VALUE *EncryptedData)
2382 {
2383 UNIMPLEMENTED;
2384 return STATUS_NOT_IMPLEMENTED;
2385 }
2386
2387
2388 /* Function 44 */
2389 NTSTATUS WINAPI LsarOpenPolicy2(
2390 LPWSTR SystemName,
2391 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
2392 ACCESS_MASK DesiredAccess,
2393 LSAPR_HANDLE *PolicyHandle)
2394 {
2395 return LsarOpenPolicy(SystemName,
2396 ObjectAttributes,
2397 DesiredAccess,
2398 PolicyHandle);
2399 }
2400
2401
2402 /* Function 45 */
2403 NTSTATUS WINAPI LsarGetUserName(
2404 LPWSTR SystemName,
2405 PRPC_UNICODE_STRING *UserName,
2406 PRPC_UNICODE_STRING *DomainName)
2407 {
2408 UNIMPLEMENTED;
2409 return STATUS_NOT_IMPLEMENTED;
2410 }
2411
2412
2413 /* Function 46 */
2414 NTSTATUS WINAPI LsarQueryInformationPolicy2(
2415 LSAPR_HANDLE PolicyHandle,
2416 POLICY_INFORMATION_CLASS InformationClass,
2417 PLSAPR_POLICY_INFORMATION *PolicyInformation)
2418 {
2419 return LsarQueryInformationPolicy(PolicyHandle,
2420 InformationClass,
2421 PolicyInformation);
2422 }
2423
2424
2425 /* Function 47 */
2426 NTSTATUS WINAPI LsarSetInformationPolicy2(
2427 LSAPR_HANDLE PolicyHandle,
2428 POLICY_INFORMATION_CLASS InformationClass,
2429 PLSAPR_POLICY_INFORMATION PolicyInformation)
2430 {
2431 return LsarSetInformationPolicy(PolicyHandle,
2432 InformationClass,
2433 PolicyInformation);
2434 }
2435
2436
2437 /* Function 48 */
2438 NTSTATUS WINAPI LsarQueryTrustedDomainInfoByName(
2439 LSAPR_HANDLE PolicyHandle,
2440 PRPC_UNICODE_STRING TrustedDomainName,
2441 POLICY_INFORMATION_CLASS InformationClass,
2442 PLSAPR_TRUSTED_DOMAIN_INFO *PolicyInformation)
2443 {
2444 UNIMPLEMENTED;
2445 return STATUS_NOT_IMPLEMENTED;
2446 }
2447
2448
2449 /* Function 49 */
2450 NTSTATUS WINAPI LsarSetTrustedDomainInfoByName(
2451 LSAPR_HANDLE PolicyHandle,
2452 PRPC_UNICODE_STRING TrustedDomainName,
2453 POLICY_INFORMATION_CLASS InformationClass,
2454 PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation)
2455 {
2456 UNIMPLEMENTED;
2457 return STATUS_NOT_IMPLEMENTED;
2458 }
2459
2460
2461 /* Function 50 */
2462 NTSTATUS WINAPI LsarEnumerateTrustedDomainsEx(
2463 LSAPR_HANDLE PolicyHandle,
2464 DWORD *EnumerationContext,
2465 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer,
2466 DWORD PreferedMaximumLength)
2467 {
2468 UNIMPLEMENTED;
2469 return STATUS_NOT_IMPLEMENTED;
2470 }
2471
2472
2473 /* Function 51 */
2474 NTSTATUS WINAPI LsarCreateTrustedDomainEx(
2475 LSAPR_HANDLE PolicyHandle,
2476 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
2477 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation,
2478 ACCESS_MASK DesiredAccess,
2479 LSAPR_HANDLE *TrustedDomainHandle)
2480 {
2481 UNIMPLEMENTED;
2482 return STATUS_NOT_IMPLEMENTED;
2483 }
2484
2485
2486 /* Function 52 */
2487 NTSTATUS WINAPI LsarSetPolicyReplicationHandle(
2488 PLSAPR_HANDLE PolicyHandle)
2489 {
2490 /* Deprecated */
2491 return STATUS_NOT_IMPLEMENTED;
2492 }
2493
2494
2495 /* Function 53 */
2496 NTSTATUS WINAPI LsarQueryDomainInformationPolicy(
2497 LSAPR_HANDLE PolicyHandle,
2498 POLICY_INFORMATION_CLASS InformationClass,
2499 PLSAPR_POLICY_DOMAIN_INFORMATION *PolicyInformation)
2500 {
2501 UNIMPLEMENTED;
2502 return STATUS_NOT_IMPLEMENTED;
2503 }
2504
2505
2506 /* Function 54 */
2507 NTSTATUS WINAPI LsarSetDomainInformationPolicy(
2508 LSAPR_HANDLE PolicyHandle,
2509 POLICY_INFORMATION_CLASS InformationClass,
2510 PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation)
2511 {
2512 UNIMPLEMENTED;
2513 return STATUS_NOT_IMPLEMENTED;
2514 }
2515
2516
2517 /* Function 55 */
2518 NTSTATUS WINAPI LsarOpenTrustedDomainByName(
2519 LSAPR_HANDLE PolicyHandle,
2520 PRPC_UNICODE_STRING TrustedDomainName,
2521 ACCESS_MASK DesiredAccess,
2522 LSAPR_HANDLE *TrustedDomainHandle)
2523 {
2524 UNIMPLEMENTED;
2525 return STATUS_NOT_IMPLEMENTED;
2526 }
2527
2528
2529 /* Function 56 */
2530 NTSTATUS WINAPI LsarTestCall(
2531 handle_t hBinding)
2532 {
2533 UNIMPLEMENTED;
2534 return STATUS_NOT_IMPLEMENTED;
2535 }
2536
2537
2538 /* Function 57 */
2539 NTSTATUS WINAPI LsarLookupSids2(
2540 LSAPR_HANDLE PolicyHandle,
2541 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
2542 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2543 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
2544 LSAP_LOOKUP_LEVEL LookupLevel,
2545 DWORD *MappedCount,
2546 DWORD LookupOptions,
2547 DWORD ClientRevision)
2548 {
2549 NTSTATUS Status;
2550
2551 TRACE("(%p %p %p %p %d %p %lu %lu)\n",
2552 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
2553 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2554
2555 TranslatedNames->Entries = SidEnumBuffer->Entries;
2556 TranslatedNames->Names = NULL;
2557 *ReferencedDomains = NULL;
2558
2559 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
2560
2561 Status = LsapLookupSids(SidEnumBuffer,
2562 ReferencedDomains,
2563 TranslatedNames,
2564 LookupLevel,
2565 MappedCount,
2566 LookupOptions,
2567 ClientRevision);
2568
2569 return Status;
2570 }
2571
2572
2573 /* Function 58 */
2574 NTSTATUS WINAPI LsarLookupNames2(
2575 LSAPR_HANDLE PolicyHandle,
2576 DWORD Count,
2577 PRPC_UNICODE_STRING Names,
2578 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2579 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids,
2580 LSAP_LOOKUP_LEVEL LookupLevel,
2581 DWORD *MappedCount,
2582 DWORD LookupOptions,
2583 DWORD ClientRevision)
2584 {
2585 LSAPR_TRANSLATED_SIDS_EX2 TranslatedSidsEx2;
2586 ULONG i;
2587 NTSTATUS Status;
2588
2589 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2590 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
2591 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2592
2593 TranslatedSids->Entries = 0;
2594 TranslatedSids->Sids = NULL;
2595 *ReferencedDomains = NULL;
2596
2597 if (Count == 0)
2598 return STATUS_NONE_MAPPED;
2599
2600 TranslatedSidsEx2.Entries = 0;
2601 TranslatedSidsEx2.Sids = NULL;
2602
2603 Status = LsapLookupNames(Count,
2604 Names,
2605 ReferencedDomains,
2606 &TranslatedSidsEx2,
2607 LookupLevel,
2608 MappedCount,
2609 LookupOptions,
2610 ClientRevision);
2611 if (!NT_SUCCESS(Status))
2612 return Status;
2613
2614 TranslatedSids->Entries = TranslatedSidsEx2.Entries;
2615 TranslatedSids->Sids = MIDL_user_allocate(TranslatedSids->Entries * sizeof(LSA_TRANSLATED_SID));
2616 if (TranslatedSids->Sids == NULL)
2617 {
2618 MIDL_user_free(TranslatedSidsEx2.Sids);
2619 MIDL_user_free(*ReferencedDomains);
2620 *ReferencedDomains = NULL;
2621 return STATUS_INSUFFICIENT_RESOURCES;
2622 }
2623
2624 for (i = 0; i < TranslatedSidsEx2.Entries; i++)
2625 {
2626 TranslatedSids->Sids[i].Use = TranslatedSidsEx2.Sids[i].Use;
2627 TranslatedSids->Sids[i].RelativeId = LsapGetRelativeIdFromSid(TranslatedSidsEx2.Sids[i].Sid);
2628 TranslatedSids->Sids[i].DomainIndex = TranslatedSidsEx2.Sids[i].DomainIndex;
2629 TranslatedSids->Sids[i].Flags = TranslatedSidsEx2.Sids[i].Flags;
2630 }
2631
2632 MIDL_user_free(TranslatedSidsEx2.Sids);
2633
2634 return STATUS_SUCCESS;
2635 }
2636
2637
2638 /* Function 59 */
2639 NTSTATUS WINAPI LsarCreateTrustedDomainEx2(
2640 LSAPR_HANDLE PolicyHandle,
2641 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
2642 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation,
2643 ACCESS_MASK DesiredAccess,
2644 LSAPR_HANDLE *TrustedDomainHandle)
2645 {
2646 UNIMPLEMENTED;
2647 return STATUS_NOT_IMPLEMENTED;
2648 }
2649
2650
2651 /* Function 60 */
2652 NTSTATUS WINAPI CredrWrite(
2653 handle_t hBinding)
2654 {
2655 UNIMPLEMENTED;
2656 return STATUS_NOT_IMPLEMENTED;
2657 }
2658
2659
2660 /* Function 61 */
2661 NTSTATUS WINAPI CredrRead(
2662 handle_t hBinding)
2663 {
2664 UNIMPLEMENTED;
2665 return STATUS_NOT_IMPLEMENTED;
2666 }
2667
2668
2669 /* Function 62 */
2670 NTSTATUS WINAPI CredrEnumerate(
2671 handle_t hBinding)
2672 {
2673 UNIMPLEMENTED;
2674 return STATUS_NOT_IMPLEMENTED;
2675 }
2676
2677
2678 /* Function 63 */
2679 NTSTATUS WINAPI CredrWriteDomainCredentials(
2680 handle_t hBinding)
2681 {
2682 UNIMPLEMENTED;
2683 return STATUS_NOT_IMPLEMENTED;
2684 }
2685
2686
2687 /* Function 64 */
2688 NTSTATUS WINAPI CredrReadDomainCredentials(
2689 handle_t hBinding)
2690 {
2691 UNIMPLEMENTED;
2692 return STATUS_NOT_IMPLEMENTED;
2693 }
2694
2695
2696 /* Function 65 */
2697 NTSTATUS WINAPI CredrDelete(
2698 handle_t hBinding)
2699 {
2700 UNIMPLEMENTED;
2701 return STATUS_NOT_IMPLEMENTED;
2702 }
2703
2704
2705 /* Function 66 */
2706 NTSTATUS WINAPI CredrGetTargetInfo(
2707 handle_t hBinding)
2708 {
2709 UNIMPLEMENTED;
2710 return STATUS_NOT_IMPLEMENTED;
2711 }
2712
2713
2714 /* Function 67 */
2715 NTSTATUS WINAPI CredrProfileLoaded(
2716 handle_t hBinding)
2717 {
2718 UNIMPLEMENTED;
2719 return STATUS_NOT_IMPLEMENTED;
2720 }
2721
2722
2723 /* Function 68 */
2724 NTSTATUS WINAPI LsarLookupNames3(
2725 LSAPR_HANDLE PolicyHandle,
2726 DWORD Count,
2727 PRPC_UNICODE_STRING Names,
2728 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2729 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
2730 LSAP_LOOKUP_LEVEL LookupLevel,
2731 DWORD *MappedCount,
2732 DWORD LookupOptions,
2733 DWORD ClientRevision)
2734 {
2735 NTSTATUS Status;
2736
2737 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2738 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
2739 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2740
2741 TranslatedSids->Entries = 0;
2742 TranslatedSids->Sids = NULL;
2743 *ReferencedDomains = NULL;
2744
2745 if (Count == 0)
2746 return STATUS_NONE_MAPPED;
2747
2748 Status = LsapLookupNames(Count,
2749 Names,
2750 ReferencedDomains,
2751 TranslatedSids,
2752 LookupLevel,
2753 MappedCount,
2754 LookupOptions,
2755 ClientRevision);
2756
2757 return Status;
2758 }
2759
2760
2761 /* Function 69 */
2762 NTSTATUS WINAPI CredrGetSessionTypes(
2763 handle_t hBinding)
2764 {
2765 UNIMPLEMENTED;
2766 return STATUS_NOT_IMPLEMENTED;
2767 }
2768
2769
2770 /* Function 70 */
2771 NTSTATUS WINAPI LsarRegisterAuditEvent(
2772 handle_t hBinding)
2773 {
2774 UNIMPLEMENTED;
2775 return STATUS_NOT_IMPLEMENTED;
2776 }
2777
2778
2779 /* Function 71 */
2780 NTSTATUS WINAPI LsarGenAuditEvent(
2781 handle_t hBinding)
2782 {
2783 UNIMPLEMENTED;
2784 return STATUS_NOT_IMPLEMENTED;
2785 }
2786
2787
2788 /* Function 72 */
2789 NTSTATUS WINAPI LsarUnregisterAuditEvent(
2790 handle_t hBinding)
2791 {
2792 UNIMPLEMENTED;
2793 return STATUS_NOT_IMPLEMENTED;
2794 }
2795
2796
2797 /* Function 73 */
2798 NTSTATUS WINAPI LsarQueryForestTrustInformation(
2799 LSAPR_HANDLE PolicyHandle,
2800 PLSA_UNICODE_STRING TrustedDomainName,
2801 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
2802 PLSA_FOREST_TRUST_INFORMATION *ForestTrustInfo)
2803 {
2804 UNIMPLEMENTED;
2805 return STATUS_NOT_IMPLEMENTED;
2806 }
2807
2808
2809 /* Function 74 */
2810 NTSTATUS WINAPI LsarSetForestTrustInformation(
2811 LSAPR_HANDLE PolicyHandle,
2812 PLSA_UNICODE_STRING TrustedDomainName,
2813 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
2814 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo,
2815 BOOL CheckOnly,
2816 PLSA_FOREST_TRUST_COLLISION_INFORMATION *CollisionInfo)
2817 {
2818 UNIMPLEMENTED;
2819 return STATUS_NOT_IMPLEMENTED;
2820 }
2821
2822
2823 /* Function 75 */
2824 NTSTATUS WINAPI CredrRename(
2825 handle_t hBinding)
2826 {
2827 UNIMPLEMENTED;
2828 return STATUS_NOT_IMPLEMENTED;
2829 }
2830
2831
2832 /* Function 76 */
2833 NTSTATUS WINAPI LsarLookupSids3(
2834 LSAPR_HANDLE PolicyHandle,
2835 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
2836 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2837 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
2838 LSAP_LOOKUP_LEVEL LookupLevel,
2839 DWORD *MappedCount,
2840 DWORD LookupOptions,
2841 DWORD ClientRevision)
2842 {
2843 NTSTATUS Status;
2844
2845 TRACE("(%p %p %p %p %d %p %lu %lu)\n",
2846 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
2847 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2848
2849 TranslatedNames->Entries = SidEnumBuffer->Entries;
2850 TranslatedNames->Names = NULL;
2851 *ReferencedDomains = NULL;
2852
2853 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
2854
2855 Status = LsapLookupSids(SidEnumBuffer,
2856 ReferencedDomains,
2857 TranslatedNames,
2858 LookupLevel,
2859 MappedCount,
2860 LookupOptions,
2861 ClientRevision);
2862
2863 return Status;
2864 }
2865
2866
2867 /* Function 77 */
2868 NTSTATUS WINAPI LsarLookupNames4(
2869 handle_t RpcHandle,
2870 DWORD Count,
2871 PRPC_UNICODE_STRING Names,
2872 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2873 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
2874 LSAP_LOOKUP_LEVEL LookupLevel,
2875 DWORD *MappedCount,
2876 DWORD LookupOptions,
2877 DWORD ClientRevision)
2878 {
2879 NTSTATUS Status;
2880
2881 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2882 RpcHandle, Count, Names, ReferencedDomains, TranslatedSids,
2883 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2884
2885 TranslatedSids->Entries = 0;
2886 TranslatedSids->Sids = NULL;
2887 *ReferencedDomains = NULL;
2888
2889 if (Count == 0)
2890 return STATUS_NONE_MAPPED;
2891
2892 Status = LsapLookupNames(Count,
2893 Names,
2894 ReferencedDomains,
2895 TranslatedSids,
2896 LookupLevel,
2897 MappedCount,
2898 LookupOptions,
2899 ClientRevision);
2900
2901 return Status;
2902 }
2903
2904
2905 /* Function 78 */
2906 NTSTATUS WINAPI LsarOpenPolicySce(
2907 handle_t hBinding)
2908 {
2909 UNIMPLEMENTED;
2910 return STATUS_NOT_IMPLEMENTED;
2911 }
2912
2913
2914 /* Function 79 */
2915 NTSTATUS WINAPI LsarAdtRegisterSecurityEventSource(
2916 handle_t hBinding)
2917 {
2918 UNIMPLEMENTED;
2919 return STATUS_NOT_IMPLEMENTED;
2920 }
2921
2922
2923 /* Function 80 */
2924 NTSTATUS WINAPI LsarAdtUnregisterSecurityEventSource(
2925 handle_t hBinding)
2926 {
2927 UNIMPLEMENTED;
2928 return STATUS_NOT_IMPLEMENTED;
2929 }
2930
2931
2932 /* Function 81 */
2933 NTSTATUS WINAPI LsarAdtReportSecurityEvent(
2934 handle_t hBinding)
2935 {
2936 UNIMPLEMENTED;
2937 return STATUS_NOT_IMPLEMENTED;
2938 }
2939
2940 /* EOF */
A free Windows-compatible Operating System