2 * PROJECT: Authentication Package DLL
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: dll/win32/msv1_0/msv1_0.c
6 * COPYRIGHT: Copyright 2013 Eric Kohl
9 /* INCLUDES ****************************************************************/
13 WINE_DEFAULT_DEBUG_CHANNEL(msv1_0
);
16 /* GLOBALS *****************************************************************/
18 LSA_DISPATCH_TABLE DispatchTable
;
21 /* FUNCTIONS ***************************************************************/
25 GetAccountDomainSid(PRPC_SID
*Sid
)
27 LSAPR_HANDLE PolicyHandle
= NULL
;
28 PLSAPR_POLICY_INFORMATION PolicyInfo
= NULL
;
32 Status
= LsaIOpenPolicyTrusted(&PolicyHandle
);
33 if (!NT_SUCCESS(Status
))
35 TRACE("LsaIOpenPolicyTrusted() failed (Status 0x%08lx)\n", Status
);
39 Status
= LsarQueryInformationPolicy(PolicyHandle
,
40 PolicyAccountDomainInformation
,
42 if (!NT_SUCCESS(Status
))
44 TRACE("LsarQueryInformationPolicy() failed (Status 0x%08lx)\n", Status
);
48 Length
= RtlLengthSid(PolicyInfo
->PolicyAccountDomainInfo
.Sid
);
50 *Sid
= RtlAllocateHeap(RtlGetProcessHeap(), 0, Length
);
53 ERR("Failed to allocate SID\n");
54 Status
= STATUS_INSUFFICIENT_RESOURCES
;
58 memcpy(*Sid
, PolicyInfo
->PolicyAccountDomainInfo
.Sid
, Length
);
61 if (PolicyInfo
!= NULL
)
62 LsaIFree_LSAPR_POLICY_INFORMATION(PolicyAccountDomainInformation
,
65 if (PolicyHandle
!= NULL
)
66 LsarClose(&PolicyHandle
);
74 GetNtAuthorityDomainSid(PRPC_SID
*Sid
)
76 SID_IDENTIFIER_AUTHORITY NtAuthority
= {SECURITY_NT_AUTHORITY
};
79 Length
= RtlLengthRequiredSid(0);
80 *Sid
= RtlAllocateHeap(RtlGetProcessHeap(), 0, Length
);
83 ERR("Failed to allocate SID\n");
84 return STATUS_INSUFFICIENT_RESOURCES
;
87 RtlInitializeSid(*Sid
,&NtAuthority
, 0);
89 return STATUS_SUCCESS
;
95 BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest
,
96 IN PSAMPR_USER_INFO_BUFFER UserInfo
,
97 IN PUNICODE_STRING LogonServer
,
98 OUT PMSV1_0_INTERACTIVE_PROFILE
*ProfileBuffer
,
99 OUT PULONG ProfileBufferLength
)
101 PMSV1_0_INTERACTIVE_PROFILE LocalBuffer
= NULL
;
102 PVOID ClientBaseAddress
= NULL
;
105 NTSTATUS Status
= STATUS_SUCCESS
;
107 *ProfileBuffer
= NULL
;
108 *ProfileBufferLength
= 0;
110 BufferLength
= sizeof(MSV1_0_INTERACTIVE_PROFILE
) +
111 UserInfo
->All
.FullName
.Length
+ sizeof(WCHAR
) +
112 UserInfo
->All
.HomeDirectory
.Length
+ sizeof(WCHAR
) +
113 UserInfo
->All
.HomeDirectoryDrive
.Length
+ sizeof(WCHAR
) +
114 UserInfo
->All
.ScriptPath
.Length
+ sizeof(WCHAR
) +
115 UserInfo
->All
.ProfilePath
.Length
+ sizeof(WCHAR
) +
116 LogonServer
->Length
+ sizeof(WCHAR
);
118 LocalBuffer
= DispatchTable
.AllocateLsaHeap(BufferLength
);
119 if (LocalBuffer
== NULL
)
121 TRACE("Failed to allocate the local buffer!\n");
122 Status
= STATUS_INSUFFICIENT_RESOURCES
;
126 Status
= DispatchTable
.AllocateClientBuffer(ClientRequest
,
129 if (!NT_SUCCESS(Status
))
131 TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status
);
135 TRACE("ClientBaseAddress: %p\n", ClientBaseAddress
);
137 Ptr
= (LPWSTR
)((ULONG_PTR
)LocalBuffer
+ sizeof(MSV1_0_INTERACTIVE_PROFILE
));
139 LocalBuffer
->MessageType
= MsV1_0InteractiveProfile
;
140 LocalBuffer
->LogonCount
= UserInfo
->All
.LogonCount
;
141 LocalBuffer
->BadPasswordCount
= UserInfo
->All
.BadPasswordCount
;
143 LocalBuffer
->LogonTime
.LowPart
= UserInfo
->All
.LastLogon
.LowPart
;
144 LocalBuffer
->LogonTime
.HighPart
= UserInfo
->All
.LastLogon
.HighPart
;
146 LocalBuffer
->LogoffTime
.LowPart
= UserInfo
->All
.AccountExpires
.LowPart
;
147 LocalBuffer
->LogoffTime
.HighPart
= UserInfo
->All
.AccountExpires
.HighPart
;
149 LocalBuffer
->KickOffTime
.LowPart
= UserInfo
->All
.AccountExpires
.LowPart
;
150 LocalBuffer
->KickOffTime
.HighPart
= UserInfo
->All
.AccountExpires
.HighPart
;
152 LocalBuffer
->PasswordLastSet
.LowPart
= UserInfo
->All
.PasswordLastSet
.LowPart
;
153 LocalBuffer
->PasswordLastSet
.HighPart
= UserInfo
->All
.PasswordLastSet
.HighPart
;
155 LocalBuffer
->PasswordCanChange
.LowPart
= UserInfo
->All
.PasswordCanChange
.LowPart
;
156 LocalBuffer
->PasswordCanChange
.HighPart
= UserInfo
->All
.PasswordCanChange
.HighPart
;
158 LocalBuffer
->PasswordMustChange
.LowPart
= UserInfo
->All
.PasswordMustChange
.LowPart
;
159 LocalBuffer
->PasswordMustChange
.HighPart
= UserInfo
->All
.PasswordMustChange
.HighPart
;
161 LocalBuffer
->LogonScript
.Length
= UserInfo
->All
.ScriptPath
.Length
;
162 LocalBuffer
->LogonScript
.MaximumLength
= UserInfo
->All
.ScriptPath
.Length
+ sizeof(WCHAR
);
163 LocalBuffer
->LogonScript
.Buffer
= (LPWSTR
)((ULONG_PTR
)ClientBaseAddress
+ (ULONG_PTR
)Ptr
- (ULONG_PTR
)LocalBuffer
);
165 UserInfo
->All
.ScriptPath
.Buffer
,
166 UserInfo
->All
.ScriptPath
.Length
);
168 Ptr
= (LPWSTR
)((ULONG_PTR
)Ptr
+ LocalBuffer
->LogonScript
.MaximumLength
);
170 LocalBuffer
->HomeDirectory
.Length
= UserInfo
->All
.HomeDirectory
.Length
;
171 LocalBuffer
->HomeDirectory
.MaximumLength
= UserInfo
->All
.HomeDirectory
.Length
+ sizeof(WCHAR
);
172 LocalBuffer
->HomeDirectory
.Buffer
= (LPWSTR
)((ULONG_PTR
)ClientBaseAddress
+ (ULONG_PTR
)Ptr
- (ULONG_PTR
)LocalBuffer
);
174 UserInfo
->All
.HomeDirectory
.Buffer
,
175 UserInfo
->All
.HomeDirectory
.Length
);
177 Ptr
= (LPWSTR
)((ULONG_PTR
)Ptr
+ LocalBuffer
->HomeDirectory
.MaximumLength
);
179 LocalBuffer
->FullName
.Length
= UserInfo
->All
.FullName
.Length
;
180 LocalBuffer
->FullName
.MaximumLength
= UserInfo
->All
.FullName
.Length
+ sizeof(WCHAR
);
181 LocalBuffer
->FullName
.Buffer
= (LPWSTR
)((ULONG_PTR
)ClientBaseAddress
+ (ULONG_PTR
)Ptr
- (ULONG_PTR
)LocalBuffer
);
183 UserInfo
->All
.FullName
.Buffer
,
184 UserInfo
->All
.FullName
.Length
);
185 TRACE("FullName.Buffer: %p\n", LocalBuffer
->FullName
.Buffer
);
187 Ptr
= (LPWSTR
)((ULONG_PTR
)Ptr
+ LocalBuffer
->FullName
.MaximumLength
);
189 LocalBuffer
->ProfilePath
.Length
= UserInfo
->All
.ProfilePath
.Length
;
190 LocalBuffer
->ProfilePath
.MaximumLength
= UserInfo
->All
.ProfilePath
.Length
+ sizeof(WCHAR
);
191 LocalBuffer
->ProfilePath
.Buffer
= (LPWSTR
)((ULONG_PTR
)ClientBaseAddress
+ (ULONG_PTR
)Ptr
- (ULONG_PTR
)LocalBuffer
);
193 UserInfo
->All
.ProfilePath
.Buffer
,
194 UserInfo
->All
.ProfilePath
.Length
);
196 Ptr
= (LPWSTR
)((ULONG_PTR
)Ptr
+ LocalBuffer
->ProfilePath
.MaximumLength
);
198 LocalBuffer
->HomeDirectoryDrive
.Length
= UserInfo
->All
.HomeDirectoryDrive
.Length
;
199 LocalBuffer
->HomeDirectoryDrive
.MaximumLength
= UserInfo
->All
.HomeDirectoryDrive
.Length
+ sizeof(WCHAR
);
200 LocalBuffer
->HomeDirectoryDrive
.Buffer
= (LPWSTR
)((ULONG_PTR
)ClientBaseAddress
+ (ULONG_PTR
)Ptr
- (ULONG_PTR
)LocalBuffer
);
202 UserInfo
->All
.HomeDirectoryDrive
.Buffer
,
203 UserInfo
->All
.HomeDirectoryDrive
.Length
);
205 Ptr
= (LPWSTR
)((ULONG_PTR
)Ptr
+ LocalBuffer
->HomeDirectoryDrive
.MaximumLength
);
207 LocalBuffer
->LogonServer
.Length
= LogonServer
->Length
;
208 LocalBuffer
->LogonServer
.MaximumLength
= LogonServer
->Length
+ sizeof(WCHAR
);
209 LocalBuffer
->LogonServer
.Buffer
= (LPWSTR
)((ULONG_PTR
)ClientBaseAddress
+ (ULONG_PTR
)Ptr
- (ULONG_PTR
)LocalBuffer
);
212 LogonServer
->Length
);
214 LocalBuffer
->UserFlags
= 0;
216 Status
= DispatchTable
.CopyToClientBuffer(ClientRequest
,
220 if (!NT_SUCCESS(Status
))
222 TRACE("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status
);
226 *ProfileBuffer
= (PMSV1_0_INTERACTIVE_PROFILE
)ClientBaseAddress
;
227 *ProfileBufferLength
= BufferLength
;
230 if (LocalBuffer
!= NULL
)
231 DispatchTable
.FreeLsaHeap(LocalBuffer
);
233 if (!NT_SUCCESS(Status
))
235 if (ClientBaseAddress
!= NULL
)
236 DispatchTable
.FreeClientBuffer(ClientRequest
,
246 AppendRidToSid(PSID SrcSid
,
252 RidCount
= *RtlSubAuthorityCountSid(SrcSid
);
256 DstSid
= DispatchTable
.AllocateLsaHeap(RtlLengthRequiredSid(RidCount
+ 1));
260 RtlCopyMemory(DstSid
,
262 RtlLengthRequiredSid(RidCount
));
264 *RtlSubAuthorityCountSid(DstSid
) = RidCount
+ 1;
265 *RtlSubAuthoritySid(DstSid
, RidCount
) = Rid
;
273 BuildTokenUser(OUT PTOKEN_USER User
,
274 IN PSID AccountDomainSid
,
277 User
->User
.Sid
= AppendRidToSid(AccountDomainSid
,
279 if (User
->User
.Sid
== NULL
)
281 ERR("Could not create the user SID\n");
282 return STATUS_INSUFFICIENT_RESOURCES
;
285 User
->User
.Attributes
= 0;
287 return STATUS_SUCCESS
;
293 BuildTokenPrimaryGroup(OUT PTOKEN_PRIMARY_GROUP PrimaryGroup
,
294 IN PSID AccountDomainSid
,
297 PrimaryGroup
->PrimaryGroup
= AppendRidToSid(AccountDomainSid
,
299 if (PrimaryGroup
->PrimaryGroup
== NULL
)
301 ERR("Could not create the primary group SID\n");
302 return STATUS_INSUFFICIENT_RESOURCES
;
305 return STATUS_SUCCESS
;
311 BuildTokenGroups(OUT PTOKEN_GROUPS
*Groups
,
312 IN PSID AccountDomainSid
,
314 IN BOOL SpecialAccount
)
316 SID_IDENTIFIER_AUTHORITY SystemAuthority
= {SECURITY_NT_AUTHORITY
};
317 PTOKEN_GROUPS TokenGroups
;
318 DWORD GroupCount
= 0;
321 NTSTATUS Status
= STATUS_SUCCESS
;
326 TokenGroups
= DispatchTable
.AllocateLsaHeap(sizeof(TOKEN_GROUPS
) +
327 MaxGroups
* sizeof(SID_AND_ATTRIBUTES
));
328 if (TokenGroups
== NULL
)
330 return STATUS_INSUFFICIENT_RESOURCES
;
336 Sid
= AppendRidToSid(AccountDomainSid
, RelativeId
);
342 TokenGroups
->Groups
[GroupCount
].Sid
= Sid
;
343 TokenGroups
->Groups
[GroupCount
].Attributes
=
344 SE_GROUP_ENABLED
| SE_GROUP_ENABLED_BY_DEFAULT
| SE_GROUP_MANDATORY
;
347 /* Member of 'Users' alias */
348 RtlAllocateAndInitializeSid(&SystemAuthority
,
350 SECURITY_BUILTIN_DOMAIN_RID
,
351 DOMAIN_ALIAS_RID_USERS
,
359 TokenGroups
->Groups
[GroupCount
].Sid
= Sid
;
360 TokenGroups
->Groups
[GroupCount
].Attributes
=
361 SE_GROUP_ENABLED
| SE_GROUP_ENABLED_BY_DEFAULT
| SE_GROUP_MANDATORY
;
366 /* Member of the domains users group */
367 Sid
= AppendRidToSid(AccountDomainSid
, DOMAIN_GROUP_RID_USERS
);
373 TokenGroups
->Groups
[GroupCount
].Sid
= Sid
;
374 TokenGroups
->Groups
[GroupCount
].Attributes
=
375 SE_GROUP_ENABLED
| SE_GROUP_ENABLED_BY_DEFAULT
| SE_GROUP_MANDATORY
;
379 /* Member of 'Authenticated users' */
380 RtlAllocateAndInitializeSid(&SystemAuthority
,
382 SECURITY_AUTHENTICATED_USER_RID
,
391 TokenGroups
->Groups
[GroupCount
].Sid
= Sid
;
392 TokenGroups
->Groups
[GroupCount
].Attributes
=
393 SE_GROUP_ENABLED
| SE_GROUP_ENABLED_BY_DEFAULT
| SE_GROUP_MANDATORY
;
396 TokenGroups
->GroupCount
= GroupCount
;
397 ASSERT(TokenGroups
->GroupCount
<= MaxGroups
);
399 *Groups
= TokenGroups
;
407 BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1
*TokenInformation
,
408 PRPC_SID AccountDomainSid
,
409 PSAMPR_USER_INFO_BUFFER UserInfo
,
412 PLSA_TOKEN_INFORMATION_V1 Buffer
= NULL
;
414 NTSTATUS Status
= STATUS_SUCCESS
;
416 Buffer
= DispatchTable
.AllocateLsaHeap(sizeof(LSA_TOKEN_INFORMATION_V1
));
419 WARN("Failed to allocate the local buffer!\n");
420 Status
= STATUS_INSUFFICIENT_RESOURCES
;
424 Buffer
->ExpirationTime
.LowPart
= UserInfo
->All
.AccountExpires
.LowPart
;
425 Buffer
->ExpirationTime
.HighPart
= UserInfo
->All
.AccountExpires
.HighPart
;
427 Status
= BuildTokenUser(&Buffer
->User
,
428 (PSID
)AccountDomainSid
,
429 UserInfo
->All
.UserId
);
430 if (!NT_SUCCESS(Status
))
432 WARN("BuildTokenUser() failed (Status 0x%08lx)\n", Status
);
436 Status
= BuildTokenPrimaryGroup(&Buffer
->PrimaryGroup
,
437 (PSID
)AccountDomainSid
,
438 UserInfo
->All
.PrimaryGroupId
);
439 if (!NT_SUCCESS(Status
))
441 WARN("BuildTokenPrimaryGroup() failed (Status 0x%08lx)\n", Status
);
445 Status
= BuildTokenGroups(&Buffer
->Groups
,
446 (PSID
)AccountDomainSid
,
447 UserInfo
->All
.UserId
,
449 if (!NT_SUCCESS(Status
))
451 WARN("BuildTokenGroups() failed (Status 0x%08lx)\n", Status
);
455 *TokenInformation
= Buffer
;
458 if (!NT_SUCCESS(Status
))
462 if (Buffer
->User
.User
.Sid
!= NULL
)
463 DispatchTable
.FreeLsaHeap(Buffer
->User
.User
.Sid
);
465 if (Buffer
->Groups
!= NULL
)
467 for (i
= 0; i
< Buffer
->Groups
->GroupCount
; i
++)
469 if (Buffer
->Groups
->Groups
[i
].Sid
!= NULL
)
470 DispatchTable
.FreeLsaHeap(Buffer
->Groups
->Groups
[i
].Sid
);
473 DispatchTable
.FreeLsaHeap(Buffer
->Groups
);
476 if (Buffer
->PrimaryGroup
.PrimaryGroup
!= NULL
)
477 DispatchTable
.FreeLsaHeap(Buffer
->PrimaryGroup
.PrimaryGroup
);
479 if (Buffer
->DefaultDacl
.DefaultDacl
!= NULL
)
480 DispatchTable
.FreeLsaHeap(Buffer
->DefaultDacl
.DefaultDacl
);
482 DispatchTable
.FreeLsaHeap(Buffer
);
492 MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest
,
493 IN PVOID ProtocolSubmitBuffer
,
494 IN PVOID ClientBufferBase
,
495 IN ULONG SubmitBufferLength
,
496 OUT PVOID
*ProtocolReturnBuffer
,
497 OUT PULONG ReturnBufferLength
,
498 OUT PNTSTATUS ProtocolStatus
)
500 PMSV1_0_CHANGEPASSWORD_REQUEST RequestBuffer
;
503 SAMPR_HANDLE ServerHandle
= NULL
;
504 SAMPR_HANDLE DomainHandle
= NULL
;
505 SAMPR_HANDLE UserHandle
= NULL
;
506 PRPC_SID DomainSid
= NULL
;
507 RPC_UNICODE_STRING Names
[1];
508 SAMPR_ULONG_ARRAY RelativeIds
= {0, NULL
};
509 SAMPR_ULONG_ARRAY Use
= {0, NULL
};
512 ENCRYPTED_NT_OWF_PASSWORD OldNtPassword
;
513 ENCRYPTED_NT_OWF_PASSWORD NewNtPassword
;
514 ENCRYPTED_LM_OWF_PASSWORD OldLmPassword
;
515 ENCRYPTED_LM_OWF_PASSWORD NewLmPassword
;
516 OEM_STRING LmPwdString
;
517 CHAR LmPwdBuffer
[15];
518 BOOLEAN OldLmPasswordPresent
= FALSE
;
519 BOOLEAN NewLmPasswordPresent
= FALSE
;
521 ENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm
;
522 ENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm
;
523 ENCRYPTED_LM_OWF_PASSWORD OldNtEncryptedWithNewNt
;
524 ENCRYPTED_LM_OWF_PASSWORD NewNtEncryptedWithOldNt
;
525 PENCRYPTED_LM_OWF_PASSWORD pOldLmEncryptedWithNewLm
= NULL
;
526 PENCRYPTED_LM_OWF_PASSWORD pNewLmEncryptedWithOldLm
= NULL
;
530 RequestBuffer
= (PMSV1_0_CHANGEPASSWORD_REQUEST
)ProtocolSubmitBuffer
;
532 /* Fix-up pointers in the request buffer info */
533 PtrOffset
= (ULONG_PTR
)ProtocolSubmitBuffer
- (ULONG_PTR
)ClientBufferBase
;
535 RequestBuffer
->DomainName
.Buffer
= FIXUP_POINTER(RequestBuffer
->DomainName
.Buffer
, PtrOffset
);
536 RequestBuffer
->AccountName
.Buffer
= FIXUP_POINTER(RequestBuffer
->AccountName
.Buffer
, PtrOffset
);
537 RequestBuffer
->OldPassword
.Buffer
= FIXUP_POINTER(RequestBuffer
->OldPassword
.Buffer
, PtrOffset
);
538 RequestBuffer
->NewPassword
.Buffer
= FIXUP_POINTER(RequestBuffer
->NewPassword
.Buffer
, PtrOffset
);
540 TRACE("Domain: %S\n", RequestBuffer
->DomainName
.Buffer
);
541 TRACE("Account: %S\n", RequestBuffer
->AccountName
.Buffer
);
542 TRACE("Old Password: %S\n", RequestBuffer
->OldPassword
.Buffer
);
543 TRACE("New Password: %S\n", RequestBuffer
->NewPassword
.Buffer
);
545 /* Connect to the SAM server */
546 Status
= SamIConnect(NULL
,
548 SAM_SERVER_CONNECT
| SAM_SERVER_LOOKUP_DOMAIN
,
550 if (!NT_SUCCESS(Status
))
552 TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status
);
556 /* Get the domain SID */
557 Status
= SamrLookupDomainInSamServer(ServerHandle
,
558 (PRPC_UNICODE_STRING
)&RequestBuffer
->DomainName
,
560 if (!NT_SUCCESS(Status
))
562 TRACE("SamrLookupDomainInSamServer failed (Status %08lx)\n", Status
);
566 /* Open the domain */
567 Status
= SamrOpenDomain(ServerHandle
,
571 if (!NT_SUCCESS(Status
))
573 TRACE("SamrOpenDomain failed (Status %08lx)\n", Status
);
577 Names
[0].Length
= RequestBuffer
->AccountName
.Length
;
578 Names
[0].MaximumLength
= RequestBuffer
->AccountName
.MaximumLength
;
579 Names
[0].Buffer
= RequestBuffer
->AccountName
.Buffer
;
581 /* Try to get the RID for the user name */
582 Status
= SamrLookupNamesInDomain(DomainHandle
,
587 if (!NT_SUCCESS(Status
))
589 TRACE("SamrLookupNamesInDomain failed (Status %08lx)\n", Status
);
590 Status
= STATUS_NO_SUCH_USER
;
594 /* Fail, if it is not a user account */
595 if (Use
.Element
[0] != SidTypeUser
)
597 TRACE("Account is not a user account!\n");
598 Status
= STATUS_NO_SUCH_USER
;
602 /* Open the user object */
603 Status
= SamrOpenUser(DomainHandle
,
604 USER_CHANGE_PASSWORD
,
605 RelativeIds
.Element
[0],
607 if (!NT_SUCCESS(Status
))
609 TRACE("SamrOpenUser failed (Status %08lx)\n", Status
);
614 /* Calculate the NT hash for the old password */
615 Status
= SystemFunction007(&RequestBuffer
->OldPassword
,
616 (LPBYTE
)&OldNtPassword
);
617 if (!NT_SUCCESS(Status
))
619 TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status
);
623 /* Calculate the NT hash for the new password */
624 Status
= SystemFunction007(&RequestBuffer
->NewPassword
,
625 (LPBYTE
)&NewNtPassword
);
626 if (!NT_SUCCESS(Status
))
628 TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status
);
632 /* Calculate the LM password and hash for the old password */
633 LmPwdString
.Length
= 15;
634 LmPwdString
.MaximumLength
= 15;
635 LmPwdString
.Buffer
= LmPwdBuffer
;
636 ZeroMemory(LmPwdString
.Buffer
, LmPwdString
.MaximumLength
);
638 Status
= RtlUpcaseUnicodeStringToOemString(&LmPwdString
,
639 &RequestBuffer
->OldPassword
,
641 if (NT_SUCCESS(Status
))
643 /* Calculate the LM hash value of the password */
644 Status
= SystemFunction006(LmPwdString
.Buffer
,
645 (LPSTR
)&OldLmPassword
);
646 if (NT_SUCCESS(Status
))
648 OldLmPasswordPresent
= TRUE
;
652 /* Calculate the LM password and hash for the new password */
653 LmPwdString
.Length
= 15;
654 LmPwdString
.MaximumLength
= 15;
655 LmPwdString
.Buffer
= LmPwdBuffer
;
656 ZeroMemory(LmPwdString
.Buffer
, LmPwdString
.MaximumLength
);
658 Status
= RtlUpcaseUnicodeStringToOemString(&LmPwdString
,
659 &RequestBuffer
->NewPassword
,
661 if (NT_SUCCESS(Status
))
663 /* Calculate the LM hash value of the password */
664 Status
= SystemFunction006(LmPwdString
.Buffer
,
665 (LPSTR
)&NewLmPassword
);
666 if (NT_SUCCESS(Status
))
668 NewLmPasswordPresent
= TRUE
;
672 /* Encrypt the old and new LM passwords, if they exist */
673 if (OldLmPasswordPresent
&& NewLmPasswordPresent
)
675 /* Encrypt the old LM password */
676 Status
= SystemFunction012((const BYTE
*)&OldLmPassword
,
677 (const BYTE
*)&NewLmPassword
,
678 (LPBYTE
)&OldLmEncryptedWithNewLm
);
679 if (!NT_SUCCESS(Status
))
681 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status
);
685 /* Encrypt the new LM password */
686 Status
= SystemFunction012((const BYTE
*)&NewLmPassword
,
687 (const BYTE
*)&OldLmPassword
,
688 (LPBYTE
)&NewLmEncryptedWithOldLm
);
689 if (!NT_SUCCESS(Status
))
691 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status
);
695 pOldLmEncryptedWithNewLm
= &OldLmEncryptedWithNewLm
;
696 pNewLmEncryptedWithOldLm
= &NewLmEncryptedWithOldLm
;
699 /* Encrypt the old NT password */
700 Status
= SystemFunction012((const BYTE
*)&OldNtPassword
,
701 (const BYTE
*)&NewNtPassword
,
702 (LPBYTE
)&OldNtEncryptedWithNewNt
);
703 if (!NT_SUCCESS(Status
))
705 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status
);
709 /* Encrypt the new NT password */
710 Status
= SystemFunction012((const BYTE
*)&NewNtPassword
,
711 (const BYTE
*)&OldNtPassword
,
712 (LPBYTE
)&NewNtEncryptedWithOldNt
);
713 if (!NT_SUCCESS(Status
))
715 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status
);
719 /* Change the password */
720 Status
= SamrChangePasswordUser(UserHandle
,
721 OldLmPasswordPresent
&& NewLmPasswordPresent
,
722 pOldLmEncryptedWithNewLm
,
723 pNewLmEncryptedWithOldLm
,
725 &OldNtEncryptedWithNewNt
,
726 &NewNtEncryptedWithOldNt
,
731 if (!NT_SUCCESS(Status
))
733 TRACE("SamrChangePasswordUser failed (Status %08lx)\n", Status
);
738 if (UserHandle
!= NULL
)
739 SamrCloseHandle(&UserHandle
);
741 SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds
);
742 SamIFree_SAMPR_ULONG_ARRAY(&Use
);
744 if (DomainHandle
!= NULL
)
745 SamrCloseHandle(&DomainHandle
);
747 if (DomainSid
!= NULL
)
748 SamIFreeVoid(DomainSid
);
750 if (ServerHandle
!= NULL
)
751 SamrCloseHandle(&ServerHandle
);
759 MsvpCheckPassword(PUNICODE_STRING UserPassword
,
760 PSAMPR_USER_INFO_BUFFER UserInfo
)
762 ENCRYPTED_NT_OWF_PASSWORD UserNtPassword
;
763 ENCRYPTED_LM_OWF_PASSWORD UserLmPassword
;
764 BOOLEAN UserLmPasswordPresent
= FALSE
;
765 BOOLEAN UserNtPasswordPresent
= FALSE
;
766 OEM_STRING LmPwdString
;
767 CHAR LmPwdBuffer
[15];
770 TRACE("(%p %p)\n", UserPassword
, UserInfo
);
772 /* Calculate the LM password and hash for the users password */
773 LmPwdString
.Length
= 15;
774 LmPwdString
.MaximumLength
= 15;
775 LmPwdString
.Buffer
= LmPwdBuffer
;
776 ZeroMemory(LmPwdString
.Buffer
, LmPwdString
.MaximumLength
);
778 Status
= RtlUpcaseUnicodeStringToOemString(&LmPwdString
,
781 if (NT_SUCCESS(Status
))
783 /* Calculate the LM hash value of the users password */
784 Status
= SystemFunction006(LmPwdString
.Buffer
,
785 (LPSTR
)&UserLmPassword
);
786 if (NT_SUCCESS(Status
))
788 UserLmPasswordPresent
= TRUE
;
792 /* Calculate the NT hash of the users password */
793 Status
= SystemFunction007(UserPassword
,
794 (LPBYTE
)&UserNtPassword
);
795 if (NT_SUCCESS(Status
))
797 UserNtPasswordPresent
= TRUE
;
800 Status
= STATUS_WRONG_PASSWORD
;
802 /* Succeed, if no password has been set */
803 if (UserInfo
->All
.NtPasswordPresent
== FALSE
&&
804 UserInfo
->All
.LmPasswordPresent
== FALSE
)
806 TRACE("No password check!\n");
807 Status
= STATUS_SUCCESS
;
811 /* Succeed, if NT password matches */
812 if (UserNtPasswordPresent
&& UserInfo
->All
.NtPasswordPresent
)
814 TRACE("Check NT password hashes:\n");
815 if (RtlEqualMemory(&UserNtPassword
,
816 UserInfo
->All
.NtOwfPassword
.Buffer
,
817 sizeof(ENCRYPTED_NT_OWF_PASSWORD
)))
819 TRACE(" success!\n");
820 Status
= STATUS_SUCCESS
;
827 /* Succeed, if LM password matches */
828 if (UserLmPasswordPresent
&& UserInfo
->All
.LmPasswordPresent
)
830 TRACE("Check LM password hashes:\n");
831 if (RtlEqualMemory(&UserLmPassword
,
832 UserInfo
->All
.LmOwfPassword
.Buffer
,
833 sizeof(ENCRYPTED_LM_OWF_PASSWORD
)))
835 TRACE(" success!\n");
836 Status
= STATUS_SUCCESS
;
852 LsaApCallPackage(IN PLSA_CLIENT_REQUEST ClientRequest
,
853 IN PVOID ProtocolSubmitBuffer
,
854 IN PVOID ClientBufferBase
,
855 IN ULONG SubmitBufferLength
,
856 OUT PVOID
*ProtocolReturnBuffer
,
857 OUT PULONG ReturnBufferLength
,
858 OUT PNTSTATUS ProtocolStatus
)
865 if (SubmitBufferLength
< sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE
))
866 return STATUS_INVALID_PARAMETER
;
868 MessageType
= (ULONG
)*((PMSV1_0_PROTOCOL_MESSAGE_TYPE
)ProtocolSubmitBuffer
);
870 *ProtocolReturnBuffer
= NULL
;
871 *ReturnBufferLength
= 0;
875 case MsV1_0Lm20ChallengeRequest
:
876 case MsV1_0Lm20GetChallengeResponse
:
877 case MsV1_0EnumerateUsers
:
878 case MsV1_0GetUserInfo
:
879 case MsV1_0ReLogonUsers
:
880 Status
= STATUS_NOT_IMPLEMENTED
;
883 case MsV1_0ChangePassword
:
884 Status
= MsvpChangePassword(ClientRequest
,
885 ProtocolSubmitBuffer
,
888 ProtocolReturnBuffer
,
893 case MsV1_0ChangeCachedPassword
:
894 case MsV1_0GenericPassthrough
:
895 case MsV1_0CacheLogon
:
897 case MsV1_0DeriveCredential
:
898 case MsV1_0CacheLookup
:
899 Status
= STATUS_NOT_IMPLEMENTED
;
903 return STATUS_INVALID_PARAMETER
;
915 LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest
,
916 IN PVOID ProtocolSubmitBuffer
,
917 IN PVOID ClientBufferBase
,
918 IN ULONG SubmitBufferLength
,
919 OUT PVOID
*ProtocolReturnBuffer
,
920 OUT PULONG ReturnBufferLength
,
921 OUT PNTSTATUS ProtocolStatus
)
924 return STATUS_NOT_IMPLEMENTED
;
933 LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest
,
934 IN PVOID ProtocolSubmitBuffer
,
935 IN PVOID ClientBufferBase
,
936 IN ULONG SubmitBufferLength
,
937 OUT PVOID
*ProtocolReturnBuffer
,
938 OUT PULONG ReturnBufferLength
,
939 OUT PNTSTATUS ProtocolStatus
)
942 return STATUS_NOT_IMPLEMENTED
;
951 LsaApInitializePackage(IN ULONG AuthenticationPackageId
,
952 IN PLSA_DISPATCH_TABLE LsaDispatchTable
,
953 IN PLSA_STRING Database OPTIONAL
,
954 IN PLSA_STRING Confidentiality OPTIONAL
,
955 OUT PLSA_STRING
*AuthenticationPackageName
)
957 PANSI_STRING NameString
;
960 TRACE("(%lu %p %p %p %p)\n",
961 AuthenticationPackageId
, LsaDispatchTable
, Database
,
962 Confidentiality
, AuthenticationPackageName
);
964 /* Get the dispatch table entries */
965 DispatchTable
.CreateLogonSession
= LsaDispatchTable
->CreateLogonSession
;
966 DispatchTable
.DeleteLogonSession
= LsaDispatchTable
->DeleteLogonSession
;
967 DispatchTable
.AddCredential
= LsaDispatchTable
->AddCredential
;
968 DispatchTable
.GetCredentials
= LsaDispatchTable
->GetCredentials
;
969 DispatchTable
.DeleteCredential
= LsaDispatchTable
->DeleteCredential
;
970 DispatchTable
.AllocateLsaHeap
= LsaDispatchTable
->AllocateLsaHeap
;
971 DispatchTable
.FreeLsaHeap
= LsaDispatchTable
->FreeLsaHeap
;
972 DispatchTable
.AllocateClientBuffer
= LsaDispatchTable
->AllocateClientBuffer
;
973 DispatchTable
.FreeClientBuffer
= LsaDispatchTable
->FreeClientBuffer
;
974 DispatchTable
.CopyToClientBuffer
= LsaDispatchTable
->CopyToClientBuffer
;
975 DispatchTable
.CopyFromClientBuffer
= LsaDispatchTable
->CopyFromClientBuffer
;
977 /* Return the package name */
978 NameString
= DispatchTable
.AllocateLsaHeap(sizeof(LSA_STRING
));
979 if (NameString
== NULL
)
980 return STATUS_INSUFFICIENT_RESOURCES
;
982 NameBuffer
= DispatchTable
.AllocateLsaHeap(sizeof(MSV1_0_PACKAGE_NAME
));
983 if (NameBuffer
== NULL
)
985 DispatchTable
.FreeLsaHeap(NameString
);
986 return STATUS_INSUFFICIENT_RESOURCES
;
989 strcpy(NameBuffer
, MSV1_0_PACKAGE_NAME
);
991 RtlInitAnsiString(NameString
, NameBuffer
);
993 *AuthenticationPackageName
= (PLSA_STRING
)NameString
;
995 return STATUS_SUCCESS
;
1004 LsaApLogonTerminated(IN PLUID LogonId
)
1015 LsaApLogonUser(IN PLSA_CLIENT_REQUEST ClientRequest
,
1016 IN SECURITY_LOGON_TYPE LogonType
,
1017 IN PVOID AuthenticationInformation
,
1018 IN PVOID ClientAuthenticationBase
,
1019 IN ULONG AuthenticationInformationLength
,
1020 OUT PVOID
*ProfileBuffer
,
1021 OUT PULONG ProfileBufferLength
,
1023 OUT PNTSTATUS SubStatus
,
1024 OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType
,
1025 OUT PVOID
*TokenInformation
,
1026 OUT PLSA_UNICODE_STRING
*AccountName
,
1027 OUT PLSA_UNICODE_STRING
*AuthenticatingAuthority
)
1029 PMSV1_0_INTERACTIVE_LOGON LogonInfo
;
1031 SAMPR_HANDLE ServerHandle
= NULL
;
1032 SAMPR_HANDLE DomainHandle
= NULL
;
1033 SAMPR_HANDLE UserHandle
= NULL
;
1034 PRPC_SID AccountDomainSid
= NULL
;
1035 RPC_UNICODE_STRING Names
[1];
1036 SAMPR_ULONG_ARRAY RelativeIds
= {0, NULL
};
1037 SAMPR_ULONG_ARRAY Use
= {0, NULL
};
1038 PSAMPR_USER_INFO_BUFFER UserInfo
= NULL
;
1039 UNICODE_STRING LogonServer
;
1040 BOOLEAN SessionCreated
= FALSE
;
1041 LARGE_INTEGER LogonTime
;
1042 LARGE_INTEGER AccountExpires
;
1043 LARGE_INTEGER PasswordMustChange
;
1044 LARGE_INTEGER PasswordLastSet
;
1045 BOOL SpecialAccount
= FALSE
;
1048 TRACE("LsaApLogonUser()\n");
1050 TRACE("LogonType: %lu\n", LogonType
);
1051 TRACE("AuthenticationInformation: %p\n", AuthenticationInformation
);
1052 TRACE("AuthenticationInformationLength: %lu\n", AuthenticationInformationLength
);
1054 *ProfileBuffer
= NULL
;
1055 *ProfileBufferLength
= 0;
1056 *SubStatus
= STATUS_SUCCESS
;
1058 if (LogonType
== Interactive
||
1059 LogonType
== Batch
||
1060 LogonType
== Service
)
1062 ULONG_PTR PtrOffset
;
1064 LogonInfo
= (PMSV1_0_INTERACTIVE_LOGON
)AuthenticationInformation
;
1066 /* Fix-up pointers in the authentication info */
1067 PtrOffset
= (ULONG_PTR
)AuthenticationInformation
- (ULONG_PTR
)ClientAuthenticationBase
;
1069 LogonInfo
->LogonDomainName
.Buffer
= FIXUP_POINTER(LogonInfo
->LogonDomainName
.Buffer
, PtrOffset
);
1070 LogonInfo
->UserName
.Buffer
= FIXUP_POINTER(LogonInfo
->UserName
.Buffer
, PtrOffset
);
1071 LogonInfo
->Password
.Buffer
= FIXUP_POINTER(LogonInfo
->Password
.Buffer
, PtrOffset
);
1073 TRACE("Domain: %S\n", LogonInfo
->LogonDomainName
.Buffer
);
1074 TRACE("User: %S\n", LogonInfo
->UserName
.Buffer
);
1075 TRACE("Password: %S\n", LogonInfo
->Password
.Buffer
);
1077 RtlInitUnicodeString(&LogonServer
, L
"Testserver");
1081 FIXME("LogonType %lu is not supported yet!\n", LogonType
);
1082 return STATUS_NOT_IMPLEMENTED
;
1085 /* Get the logon time */
1086 NtQuerySystemTime(&LogonTime
);
1088 /* Check for special accounts */
1089 if (_wcsicmp(LogonInfo
->LogonDomainName
.Buffer
, L
"NT AUTHORITY") == 0)
1091 SpecialAccount
= TRUE
;
1093 /* Get the authority domain SID */
1094 Status
= GetNtAuthorityDomainSid(&AccountDomainSid
);
1095 if (!NT_SUCCESS(Status
))
1097 ERR("GetNtAuthorityDomainSid() failed (Status 0x%08lx)\n", Status
);
1101 if (_wcsicmp(LogonInfo
->UserName
.Buffer
, L
"LocalService") == 0)
1103 TRACE("SpecialAccount: LocalService\n");
1105 if (LogonType
!= Service
)
1106 return STATUS_LOGON_FAILURE
;
1108 UserInfo
= RtlAllocateHeap(RtlGetProcessHeap(),
1110 sizeof(SAMPR_USER_ALL_INFORMATION
));
1111 if (UserInfo
== NULL
)
1113 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1117 UserInfo
->All
.UserId
= SECURITY_LOCAL_SERVICE_RID
;
1118 UserInfo
->All
.PrimaryGroupId
= SECURITY_LOCAL_SERVICE_RID
;
1120 else if (_wcsicmp(LogonInfo
->UserName
.Buffer
, L
"NetworkService") == 0)
1122 TRACE("SpecialAccount: NetworkService\n");
1124 if (LogonType
!= Service
)
1125 return STATUS_LOGON_FAILURE
;
1127 UserInfo
= RtlAllocateHeap(RtlGetProcessHeap(),
1129 sizeof(SAMPR_USER_ALL_INFORMATION
));
1130 if (UserInfo
== NULL
)
1132 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1136 UserInfo
->All
.UserId
= SECURITY_NETWORK_SERVICE_RID
;
1137 UserInfo
->All
.PrimaryGroupId
= SECURITY_NETWORK_SERVICE_RID
;
1141 Status
= STATUS_NO_SUCH_USER
;
1147 TRACE("NormalAccount\n");
1149 /* Get the account domain SID */
1150 Status
= GetAccountDomainSid(&AccountDomainSid
);
1151 if (!NT_SUCCESS(Status
))
1153 ERR("GetAccountDomainSid() failed (Status 0x%08lx)\n", Status
);
1157 /* Connect to the SAM server */
1158 Status
= SamIConnect(NULL
,
1160 SAM_SERVER_CONNECT
| SAM_SERVER_LOOKUP_DOMAIN
,
1162 if (!NT_SUCCESS(Status
))
1164 TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status
);
1168 /* Open the account domain */
1169 Status
= SamrOpenDomain(ServerHandle
,
1173 if (!NT_SUCCESS(Status
))
1175 ERR("SamrOpenDomain failed (Status %08lx)\n", Status
);
1179 Names
[0].Length
= LogonInfo
->UserName
.Length
;
1180 Names
[0].MaximumLength
= LogonInfo
->UserName
.MaximumLength
;
1181 Names
[0].Buffer
= LogonInfo
->UserName
.Buffer
;
1183 /* Try to get the RID for the user name */
1184 Status
= SamrLookupNamesInDomain(DomainHandle
,
1189 if (!NT_SUCCESS(Status
))
1191 ERR("SamrLookupNamesInDomain failed (Status %08lx)\n", Status
);
1192 Status
= STATUS_NO_SUCH_USER
;
1196 /* Fail, if it is not a user account */
1197 if (Use
.Element
[0] != SidTypeUser
)
1199 ERR("Account is not a user account!\n");
1200 Status
= STATUS_NO_SUCH_USER
;
1204 /* Open the user object */
1205 Status
= SamrOpenUser(DomainHandle
,
1206 USER_READ_GENERAL
| USER_READ_LOGON
|
1207 USER_READ_ACCOUNT
| USER_READ_PREFERENCES
, /* FIXME */
1208 RelativeIds
.Element
[0],
1210 if (!NT_SUCCESS(Status
))
1212 ERR("SamrOpenUser failed (Status %08lx)\n", Status
);
1216 Status
= SamrQueryInformationUser(UserHandle
,
1219 if (!NT_SUCCESS(Status
))
1221 ERR("SamrQueryInformationUser failed (Status %08lx)\n", Status
);
1225 TRACE("UserName: %S\n", UserInfo
->All
.UserName
.Buffer
);
1227 /* Check the password */
1228 if ((UserInfo
->All
.UserAccountControl
& USER_PASSWORD_NOT_REQUIRED
) == 0)
1230 Status
= MsvpCheckPassword(&(LogonInfo
->Password
),
1232 if (!NT_SUCCESS(Status
))
1234 ERR("MsvpCheckPassword failed (Status %08lx)\n", Status
);
1239 /* Check account restrictions for non-administrator accounts */
1240 if (RelativeIds
.Element
[0] != DOMAIN_USER_RID_ADMIN
)
1242 /* Check if the account has been disabled */
1243 if (UserInfo
->All
.UserAccountControl
& USER_ACCOUNT_DISABLED
)
1245 ERR("Account disabled!\n");
1246 *SubStatus
= STATUS_ACCOUNT_DISABLED
;
1247 Status
= STATUS_ACCOUNT_RESTRICTION
;
1251 /* Check if the account has been locked */
1252 if (UserInfo
->All
.UserAccountControl
& USER_ACCOUNT_AUTO_LOCKED
)
1254 ERR("Account locked!\n");
1255 *SubStatus
= STATUS_ACCOUNT_LOCKED_OUT
;
1256 Status
= STATUS_ACCOUNT_RESTRICTION
;
1260 /* Check if the account expired */
1261 AccountExpires
.LowPart
= UserInfo
->All
.AccountExpires
.LowPart
;
1262 AccountExpires
.HighPart
= UserInfo
->All
.AccountExpires
.HighPart
;
1263 if (LogonTime
.QuadPart
>= AccountExpires
.QuadPart
)
1265 ERR("Account expired!\n");
1266 *SubStatus
= STATUS_ACCOUNT_EXPIRED
;
1267 Status
= STATUS_ACCOUNT_RESTRICTION
;
1271 /* Check if the password expired */
1272 PasswordMustChange
.LowPart
= UserInfo
->All
.PasswordMustChange
.LowPart
;
1273 PasswordMustChange
.HighPart
= UserInfo
->All
.PasswordMustChange
.HighPart
;
1274 PasswordLastSet
.LowPart
= UserInfo
->All
.PasswordLastSet
.LowPart
;
1275 PasswordLastSet
.HighPart
= UserInfo
->All
.PasswordLastSet
.HighPart
;
1277 if (LogonTime
.QuadPart
>= PasswordMustChange
.QuadPart
)
1279 ERR("Password expired!\n");
1280 if (PasswordLastSet
.QuadPart
== 0)
1281 *SubStatus
= STATUS_PASSWORD_MUST_CHANGE
;
1283 *SubStatus
= STATUS_PASSWORD_EXPIRED
;
1285 Status
= STATUS_ACCOUNT_RESTRICTION
;
1289 /* FIXME: more checks */
1290 // STATUS_INVALID_LOGON_HOURS;
1291 // STATUS_INVALID_WORKSTATION;
1295 /* Return logon information */
1297 /* Create and return a new logon id */
1298 Status
= NtAllocateLocallyUniqueId(LogonId
);
1299 if (!NT_SUCCESS(Status
))
1301 TRACE("NtAllocateLocallyUniqueId failed (Status %08lx)\n", Status
);
1305 /* Create the logon session */
1306 Status
= DispatchTable
.CreateLogonSession(LogonId
);
1307 if (!NT_SUCCESS(Status
))
1309 TRACE("CreateLogonSession failed (Status %08lx)\n", Status
);
1313 SessionCreated
= TRUE
;
1315 /* Build and fill the interactive profile buffer */
1316 Status
= BuildInteractiveProfileBuffer(ClientRequest
,
1319 (PMSV1_0_INTERACTIVE_PROFILE
*)ProfileBuffer
,
1320 ProfileBufferLength
);
1321 if (!NT_SUCCESS(Status
))
1323 TRACE("BuildInteractiveProfileBuffer failed (Status %08lx)\n", Status
);
1327 /* Return the token information type */
1328 *TokenInformationType
= LsaTokenInformationV1
;
1330 /* Build and fill the token information buffer */
1331 Status
= BuildTokenInformationBuffer((PLSA_TOKEN_INFORMATION_V1
*)TokenInformation
,
1335 if (!NT_SUCCESS(Status
))
1337 TRACE("BuildTokenInformationBuffer failed (Status %08lx)\n", Status
);
1342 /* Return the account name */
1343 *AccountName
= DispatchTable
.AllocateLsaHeap(sizeof(UNICODE_STRING
));
1344 if (*AccountName
!= NULL
)
1346 (*AccountName
)->Buffer
= DispatchTable
.AllocateLsaHeap(LogonInfo
->UserName
.Length
+
1347 sizeof(UNICODE_NULL
));
1348 if ((*AccountName
)->Buffer
!= NULL
)
1350 (*AccountName
)->MaximumLength
= LogonInfo
->UserName
.Length
+
1351 sizeof(UNICODE_NULL
);
1352 RtlCopyUnicodeString(*AccountName
, &LogonInfo
->UserName
);
1356 if (!NT_SUCCESS(Status
))
1358 if (SessionCreated
!= FALSE
)
1359 DispatchTable
.DeleteLogonSession(LogonId
);
1361 if (*ProfileBuffer
!= NULL
)
1363 DispatchTable
.FreeClientBuffer(ClientRequest
,
1365 *ProfileBuffer
= NULL
;
1369 if (UserHandle
!= NULL
)
1370 SamrCloseHandle(&UserHandle
);
1372 SamIFree_SAMPR_USER_INFO_BUFFER(UserInfo
,
1373 UserAllInformation
);
1374 SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds
);
1375 SamIFree_SAMPR_ULONG_ARRAY(&Use
);
1377 if (DomainHandle
!= NULL
)
1378 SamrCloseHandle(&DomainHandle
);
1380 if (ServerHandle
!= NULL
)
1381 SamrCloseHandle(&ServerHandle
);
1383 if (AccountDomainSid
!= NULL
)
1384 RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid
);
1386 if (Status
== STATUS_NO_SUCH_USER
||
1387 Status
== STATUS_WRONG_PASSWORD
)
1389 *SubStatus
= Status
;
1390 Status
= STATUS_LOGON_FAILURE
;
1393 TRACE("LsaApLogonUser done (Status 0x%08lx SubStatus 0x%08lx)\n", Status
, *SubStatus
);
1405 LsaApLogonUserEx(IN PLSA_CLIENT_REQUEST ClientRequest
,
1406 IN SECURITY_LOGON_TYPE LogonType
,
1407 IN PVOID AuthenticationInformation
,
1408 IN PVOID ClientAuthenticationBase
,
1409 IN ULONG AuthenticationInformationLength
,
1410 OUT PVOID
*ProfileBuffer
,
1411 OUT PULONG ProfileBufferLength
,
1413 OUT PNTSTATUS SubStatus
,
1414 OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType
,
1415 OUT PVOID
*TokenInformation
,
1416 OUT PUNICODE_STRING
*AccountName
,
1417 OUT PUNICODE_STRING
*AuthenticatingAuthority
,
1418 OUT PUNICODE_STRING
*MachineName
)
1422 TRACE("LogonType: %lu\n", LogonType
);
1423 TRACE("AuthenticationInformation: %p\n", AuthenticationInformation
);
1424 TRACE("AuthenticationInformationLength: %lu\n", AuthenticationInformationLength
);
1426 return STATUS_NOT_IMPLEMENTED
;
1435 LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest
,
1436 IN SECURITY_LOGON_TYPE LogonType
,
1437 IN PVOID ProtocolSubmitBuffer
,
1438 IN PVOID ClientBufferBase
,
1439 IN ULONG SubmitBufferSize
,
1440 OUT PVOID
*ProfileBuffer
,
1441 OUT PULONG ProfileBufferSize
,
1443 OUT PNTSTATUS SubStatus
,
1444 OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType
,
1445 OUT PVOID
*TokenInformation
,
1446 OUT PUNICODE_STRING
*AccountName
,
1447 OUT PUNICODE_STRING
*AuthenticatingAuthority
,
1448 OUT PUNICODE_STRING
*MachineName
,
1449 OUT PSECPKG_PRIMARY_CRED PrimaryCredentials
,
1450 OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY
*SupplementalCredentials
)
1454 TRACE("LogonType: %lu\n", LogonType
);
1455 TRACE("ProtocolSubmitBuffer: %p\n", ProtocolSubmitBuffer
);
1456 TRACE("SubmitBufferSize: %lu\n", SubmitBufferSize
);
1459 return STATUS_NOT_IMPLEMENTED
;