2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * PURPOSE: System setup
5 * FILE: dll/win32/syssetup/security.c
9 /* INCLUDES *****************************************************************/
21 /* FUNCTIONS ****************************************************************/
29 PPOLICY_ACCOUNT_DOMAIN_INFO OrigInfo
= NULL
;
30 POLICY_ACCOUNT_DOMAIN_INFO Info
;
31 LSA_OBJECT_ATTRIBUTES ObjectAttributes
;
32 LSA_HANDLE PolicyHandle
;
34 SAM_HANDLE ServerHandle
= NULL
;
35 SAM_HANDLE DomainHandle
= NULL
;
36 DOMAIN_NAME_INFORMATION DomainNameInfo
;
40 DPRINT("SYSSETUP: SetAccountsDomainSid\n");
42 memset(&ObjectAttributes
, 0, sizeof(LSA_OBJECT_ATTRIBUTES
));
43 ObjectAttributes
.Length
= sizeof(LSA_OBJECT_ATTRIBUTES
);
45 Status
= LsaOpenPolicy(NULL
,
47 POLICY_VIEW_LOCAL_INFORMATION
| POLICY_TRUST_ADMIN
,
49 if (Status
!= STATUS_SUCCESS
)
51 DPRINT("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status
);
55 Status
= LsaQueryInformationPolicy(PolicyHandle
,
56 PolicyAccountDomainInformation
,
58 if (Status
== STATUS_SUCCESS
&& OrigInfo
!= NULL
)
60 if (DomainName
== NULL
)
62 Info
.DomainName
.Buffer
= OrigInfo
->DomainName
.Buffer
;
63 Info
.DomainName
.Length
= OrigInfo
->DomainName
.Length
;
64 Info
.DomainName
.MaximumLength
= OrigInfo
->DomainName
.MaximumLength
;
68 Info
.DomainName
.Buffer
= (LPWSTR
)DomainName
;
69 Info
.DomainName
.Length
= wcslen(DomainName
) * sizeof(WCHAR
);
70 Info
.DomainName
.MaximumLength
= Info
.DomainName
.Length
+ sizeof(WCHAR
);
73 if (DomainSid
== NULL
)
74 Info
.DomainSid
= OrigInfo
->DomainSid
;
76 Info
.DomainSid
= DomainSid
;
80 Info
.DomainName
.Buffer
= (LPWSTR
)DomainName
;
81 Info
.DomainName
.Length
= wcslen(DomainName
) * sizeof(WCHAR
);
82 Info
.DomainName
.MaximumLength
= Info
.DomainName
.Length
+ sizeof(WCHAR
);
83 Info
.DomainSid
= DomainSid
;
86 Status
= LsaSetInformationPolicy(PolicyHandle
,
87 PolicyAccountDomainInformation
,
89 if (Status
!= STATUS_SUCCESS
)
91 DPRINT("LsaSetInformationPolicy failed (Status: 0x%08lx)\n", Status
);
95 LsaFreeMemory(OrigInfo
);
97 LsaClose(PolicyHandle
);
99 DomainNameInfo
.DomainName
.Length
= wcslen(DomainName
) * sizeof(WCHAR
);
100 DomainNameInfo
.DomainName
.MaximumLength
= (wcslen(DomainName
) + 1) * sizeof(WCHAR
);
101 DomainNameInfo
.DomainName
.Buffer
= (LPWSTR
)DomainName
;
103 Status
= SamConnect(NULL
,
105 SAM_SERVER_CONNECT
| SAM_SERVER_LOOKUP_DOMAIN
,
107 if (NT_SUCCESS(Status
))
109 Status
= SamOpenDomain(ServerHandle
,
110 DOMAIN_WRITE_OTHER_PARAMETERS
,
113 if (NT_SUCCESS(Status
))
115 Status
= SamSetInformationDomain(DomainHandle
,
116 DomainNameInformation
,
117 (PVOID
)&DomainNameInfo
);
118 if (!NT_SUCCESS(Status
))
120 DPRINT1("SamSetInformationDomain failed (Status: 0x%08lx)\n", Status
);
123 SamCloseHandle(DomainHandle
);
127 DPRINT1("SamOpenDomain failed (Status: 0x%08lx)\n", Status
);
130 SamCloseHandle(ServerHandle
);
140 SetPrimaryDomain(LPCWSTR DomainName
,
143 PPOLICY_PRIMARY_DOMAIN_INFO OrigInfo
= NULL
;
144 POLICY_PRIMARY_DOMAIN_INFO Info
;
145 LSA_OBJECT_ATTRIBUTES ObjectAttributes
;
146 LSA_HANDLE PolicyHandle
;
149 DPRINT1("SYSSETUP: SetPrimaryDomain()\n");
151 memset(&ObjectAttributes
, 0, sizeof(LSA_OBJECT_ATTRIBUTES
));
152 ObjectAttributes
.Length
= sizeof(LSA_OBJECT_ATTRIBUTES
);
154 Status
= LsaOpenPolicy(NULL
,
156 POLICY_VIEW_LOCAL_INFORMATION
| POLICY_TRUST_ADMIN
,
158 if (Status
!= STATUS_SUCCESS
)
160 DPRINT("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status
);
164 Status
= LsaQueryInformationPolicy(PolicyHandle
,
165 PolicyPrimaryDomainInformation
,
167 if (Status
== STATUS_SUCCESS
&& OrigInfo
!= NULL
)
169 if (DomainName
== NULL
)
171 Info
.Name
.Buffer
= OrigInfo
->Name
.Buffer
;
172 Info
.Name
.Length
= OrigInfo
->Name
.Length
;
173 Info
.Name
.MaximumLength
= OrigInfo
->Name
.MaximumLength
;
177 Info
.Name
.Buffer
= (LPWSTR
)DomainName
;
178 Info
.Name
.Length
= wcslen(DomainName
) * sizeof(WCHAR
);
179 Info
.Name
.MaximumLength
= Info
.Name
.Length
+ sizeof(WCHAR
);
182 if (DomainSid
== NULL
)
183 Info
.Sid
= OrigInfo
->Sid
;
185 Info
.Sid
= DomainSid
;
189 Info
.Name
.Buffer
= (LPWSTR
)DomainName
;
190 Info
.Name
.Length
= wcslen(DomainName
) * sizeof(WCHAR
);
191 Info
.Name
.MaximumLength
= Info
.Name
.Length
+ sizeof(WCHAR
);
192 Info
.Sid
= DomainSid
;
195 Status
= LsaSetInformationPolicy(PolicyHandle
,
196 PolicyPrimaryDomainInformation
,
198 if (Status
!= STATUS_SUCCESS
)
200 DPRINT("LsaSetInformationPolicy failed (Status: 0x%08lx)\n", Status
);
203 if (OrigInfo
!= NULL
)
204 LsaFreeMemory(OrigInfo
);
206 LsaClose(PolicyHandle
);
214 InstallBuiltinAccounts(VOID
)
216 LPWSTR BuiltinAccounts
[] = {
217 L
"S-1-1-0", /* Everyone */
218 L
"S-1-5-4", /* Interactive */
219 L
"S-1-5-6", /* Service */
220 L
"S-1-5-19", /* Local Service */
221 L
"S-1-5-20", /* Network Service */
222 L
"S-1-5-32-544", /* Administrators */
223 L
"S-1-5-32-545", /* Users */
224 L
"S-1-5-32-547", /* Power Users */
225 L
"S-1-5-32-551", /* Backup Operators */
226 L
"S-1-5-32-555"}; /* Remote Desktop Users */
227 LSA_OBJECT_ATTRIBUTES ObjectAttributes
;
229 LSA_HANDLE PolicyHandle
= NULL
;
230 LSA_HANDLE AccountHandle
= NULL
;
234 DPRINT("InstallBuiltinAccounts()\n");
236 memset(&ObjectAttributes
, 0, sizeof(LSA_OBJECT_ATTRIBUTES
));
238 Status
= LsaOpenPolicy(NULL
,
240 POLICY_CREATE_ACCOUNT
,
242 if (!NT_SUCCESS(Status
))
244 DPRINT1("LsaOpenPolicy failed (Status %08lx)\n", Status
);
248 for (i
= 0; i
< ARRAYSIZE(BuiltinAccounts
); i
++)
250 if (!ConvertStringSidToSid(BuiltinAccounts
[i
], &AccountSid
))
252 DPRINT1("ConvertStringSidToSid(%S) failed: %lu\n", BuiltinAccounts
[i
], GetLastError());
256 Status
= LsaCreateAccount(PolicyHandle
,
260 if (NT_SUCCESS(Status
))
262 LsaClose(AccountHandle
);
265 LocalFree(AccountSid
);
268 LsaClose(PolicyHandle
);
277 LSA_OBJECT_ATTRIBUTES ObjectAttributes
;
278 WCHAR szPrivilegeString
[256];
279 WCHAR szSidString
[256];
280 INFCONTEXT InfContext
;
282 PSID AccountSid
= NULL
;
284 LSA_HANDLE PolicyHandle
= NULL
;
285 LSA_UNICODE_STRING RightString
, AccountName
;
286 PLSA_REFERENCED_DOMAIN_LIST ReferencedDomains
= NULL
;
287 PLSA_TRANSLATED_SID2 Sids
= NULL
;
289 DPRINT("InstallPrivileges()\n");
291 memset(&ObjectAttributes
, 0, sizeof(LSA_OBJECT_ATTRIBUTES
));
293 Status
= LsaOpenPolicy(NULL
,
295 POLICY_CREATE_ACCOUNT
| POLICY_LOOKUP_NAMES
,
297 if (!NT_SUCCESS(Status
))
299 DPRINT1("LsaOpenPolicy failed (Status %08lx)\n", Status
);
303 if (!SetupFindFirstLineW(hSecurityInf
,
308 DPRINT1("SetupFindFirstLineW failed\n");
314 /* Retrieve the privilege name */
315 if (!SetupGetStringFieldW(&InfContext
,
318 ARRAYSIZE(szPrivilegeString
),
321 DPRINT1("SetupGetStringFieldW() failed\n");
324 DPRINT("Privilege: %S\n", szPrivilegeString
);
326 for (i
= 0; i
< SetupGetFieldCount(&InfContext
); i
++)
328 if (!SetupGetStringFieldW(&InfContext
,
331 ARRAYSIZE(szSidString
),
334 DPRINT1("SetupGetStringFieldW() failed\n");
337 DPRINT("SID: %S\n", szSidString
);
339 if (szSidString
[0] == UNICODE_NULL
)
342 if (szSidString
[0] == L
'*')
344 DPRINT("Account Sid: %S\n", &szSidString
[1]);
346 if (!ConvertStringSidToSid(&szSidString
[1], &AccountSid
))
348 DPRINT1("ConvertStringSidToSid(%S) failed: %lu\n", szSidString
, GetLastError());
354 DPRINT("Account name: %S\n", szSidString
);
356 ReferencedDomains
= NULL
;
358 RtlInitUnicodeString(&AccountName
, szSidString
);
359 Status
= LsaLookupNames2(PolicyHandle
,
365 if (ReferencedDomains
!= NULL
)
367 LsaFreeMemory(ReferencedDomains
);
370 if (!NT_SUCCESS(Status
))
372 DPRINT1("LsaLookupNames2() failed (Status 0x%08lx)\n", Status
);
384 RtlInitUnicodeString(&RightString
, szPrivilegeString
);
385 Status
= LsaAddAccountRights(PolicyHandle
,
386 (AccountSid
!= NULL
) ? AccountSid
: Sids
[0].Sid
,
389 if (!NT_SUCCESS(Status
))
391 DPRINT1("LsaAddAccountRights() failed (Status %08lx)\n", Status
);
400 if (AccountSid
!= NULL
)
402 LocalFree(AccountSid
);
408 while (SetupFindNextLine(&InfContext
, &InfContext
));
411 if (PolicyHandle
!= NULL
)
412 LsaClose(PolicyHandle
);
421 WCHAR szRegistryPath
[MAX_PATH
];
422 WCHAR szRootName
[MAX_PATH
];
423 WCHAR szKeyName
[MAX_PATH
];
424 WCHAR szValueName
[MAX_PATH
];
425 INFCONTEXT InfContext
;
426 DWORD dwLength
, dwType
;
432 DPRINT("ApplyRegistryValues()\n");
434 if (!SetupFindFirstLineW(hSecurityInf
,
439 DPRINT1("SetupFindFirstLineW failed\n");
445 /* Retrieve the privilege name */
446 if (!SetupGetStringFieldW(&InfContext
,
449 ARRAYSIZE(szRegistryPath
),
452 DPRINT1("SetupGetStringFieldW() failed\n");
456 DPRINT("RegistryPath: %S\n", szRegistryPath
);
458 Ptr1
= wcschr(szRegistryPath
, L
'\\');
459 Ptr2
= wcsrchr(szRegistryPath
, L
'\\');
460 if (Ptr1
!= NULL
&& Ptr2
!= NULL
&& Ptr1
!= Ptr2
)
462 dwLength
= (DWORD
)(((ULONG_PTR
)Ptr1
- (ULONG_PTR
)szRegistryPath
) / sizeof(WCHAR
));
463 wcsncpy(szRootName
, szRegistryPath
, dwLength
);
464 szRootName
[dwLength
] = UNICODE_NULL
;
467 dwLength
= (DWORD
)(((ULONG_PTR
)Ptr2
- (ULONG_PTR
)Ptr1
) / sizeof(WCHAR
));
468 wcsncpy(szKeyName
, Ptr1
, dwLength
);
469 szKeyName
[dwLength
] = UNICODE_NULL
;
472 wcscpy(szValueName
, Ptr2
);
474 DPRINT("RootName: %S\n", szRootName
);
475 DPRINT("KeyName: %S\n", szKeyName
);
476 DPRINT("ValueName: %S\n", szValueName
);
478 if (_wcsicmp(szRootName
, L
"Machine") == 0)
480 hRootKey
= HKEY_LOCAL_MACHINE
;
484 DPRINT1("Unsupported root key %S\n", szRootName
);
488 if (!SetupGetIntField(&InfContext
,
492 DPRINT1("Failed to get key type (Error %lu)\n", GetLastError());
496 if (dwType
!= REG_SZ
&& dwType
!= REG_EXPAND_SZ
&& dwType
!= REG_BINARY
&&
497 dwType
!= REG_DWORD
&& dwType
!= REG_MULTI_SZ
)
499 DPRINT1("Invalid value type %lu\n", dwType
);
508 SetupGetStringField(&InfContext
,
513 dwLength
*= sizeof(WCHAR
);
517 SetupGetBinaryField(&InfContext
,
525 dwLength
= sizeof(INT
);
529 SetupGetMultiSzField(&InfContext
,
534 dwLength
*= sizeof(WCHAR
);
540 DPRINT1("Failed to determine the required buffer size!\n");
544 dwError
= RegCreateKeyExW(hRootKey
,
548 REG_OPTION_NON_VOLATILE
,
553 if (dwError
!= ERROR_SUCCESS
)
555 DPRINT1("Failed to create the key %S (Error %lu)\n", szKeyName
, dwError
);
559 pBuffer
= HeapAlloc(GetProcessHeap(), 0, dwLength
);
566 SetupGetStringField(&InfContext
,
569 dwLength
/ sizeof(WCHAR
),
571 dwLength
*= sizeof(WCHAR
);
575 SetupGetBinaryField(&InfContext
,
583 SetupGetIntField(&InfContext
,
589 SetupGetMultiSzField(&InfContext
,
592 dwLength
/ sizeof(WCHAR
),
594 dwLength
*= sizeof(WCHAR
);
605 HeapFree(GetProcessHeap(), 0, pBuffer
);
611 while (SetupFindNextLine(&InfContext
, &InfContext
));
617 ApplyEventlogSettings(
618 _In_ HINF hSecurityInf
,
619 _In_ PWSTR pszSectionName
,
620 _In_ PWSTR pszLogName
)
622 INFCONTEXT InfContext
;
623 HKEY hServiceKey
= NULL
, hLogKey
= NULL
;
624 DWORD dwValue
, dwError
;
627 DPRINT("ApplyEventlogSettings(%p %S %S)\n",
628 hSecurityInf
, pszSectionName
, pszLogName
);
630 dwError
= RegCreateKeyExW(HKEY_LOCAL_MACHINE
,
631 L
"System\\CurrentControlSet\\Services\\Eventlog",
634 REG_OPTION_NON_VOLATILE
,
639 if (dwError
!= ERROR_SUCCESS
)
641 DPRINT1("Failed to create the Eventlog Service key (Error %lu)\n", dwError
);
645 dwError
= RegCreateKeyExW(hServiceKey
,
649 REG_OPTION_NON_VOLATILE
,
654 if (dwError
!= ERROR_SUCCESS
)
656 DPRINT1("Failed to create the key %S (Error %lu)\n", pszLogName
, dwError
);
657 RegCloseKey(hServiceKey
);
661 if (SetupFindFirstLineW(hSecurityInf
,
666 DPRINT("MaximumLogSize\n");
668 SetupGetIntField(&InfContext
,
672 DPRINT("MaximumLogSize: %lu (kByte)\n", dwValue
);
673 if (dwValue
>= 64 && dwValue
<= 4194240)
677 DPRINT("MaxSize: %lu\n", dwValue
);
678 RegSetValueEx(hLogKey
,
687 if (SetupFindFirstLineW(hSecurityInf
,
689 L
"AuditLogRetentionPeriod",
694 SetupGetIntField(&InfContext
,
701 else if (dwValue
== 1)
703 if (SetupFindFirstLineW(hSecurityInf
,
708 SetupGetIntField(&InfContext
,
715 else if (dwValue
== 2)
723 DPRINT("Retention: %lu\n", dwValue
);
724 RegSetValueEx(hLogKey
,
733 if (SetupFindFirstLineW(hSecurityInf
,
735 L
"RestrictGuestAccess",
739 SetupGetIntField(&InfContext
,
742 if (dwValue
== 0 || dwValue
== 1)
744 DPRINT("RestrictGuestAccess: %lu\n", dwValue
);
745 RegSetValueEx(hLogKey
,
746 L
"RestrictGuestAccess",
754 RegCloseKey(hLogKey
);
755 RegCloseKey(hServiceKey
);
762 _In_ HINF hSecurityInf
)
764 LSA_OBJECT_ATTRIBUTES ObjectAttributes
;
765 INFCONTEXT InfContext
;
766 WCHAR szOptionName
[256];
768 LSA_HANDLE PolicyHandle
= NULL
;
769 POLICY_AUDIT_EVENTS_INFO AuditInfo
;
770 PULONG AuditOptions
= NULL
;
773 DPRINT("ApplyAuditEvents(%p)\n", hSecurityInf
);
775 if (!SetupFindFirstLineW(hSecurityInf
,
780 DPRINT1("SetupFindFirstLineW failed\n");
784 ZeroMemory(&ObjectAttributes
, sizeof(LSA_OBJECT_ATTRIBUTES
));
786 Status
= LsaOpenPolicy(NULL
,
788 POLICY_SET_AUDIT_REQUIREMENTS
,
790 if (!NT_SUCCESS(Status
))
792 DPRINT1("LsaOpenPolicy failed (Status %08lx)\n", Status
);
796 AuditOptions
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
,
797 (AuditCategoryAccountLogon
+ 1) * sizeof(ULONG
));
798 if (AuditOptions
== NULL
)
800 DPRINT1("Failed to allocate the auditiing options array!\n");
804 AuditInfo
.AuditingMode
= TRUE
;
805 AuditInfo
.EventAuditingOptions
= AuditOptions
;
806 AuditInfo
.MaximumAuditEventCount
= AuditCategoryAccountLogon
+ 1;
810 /* Retrieve the group name */
811 if (!SetupGetStringFieldW(&InfContext
,
814 ARRAYSIZE(szOptionName
),
817 DPRINT1("SetupGetStringFieldW() failed\n");
821 DPRINT("Option: '%S'\n", szOptionName
);
823 if (!SetupGetIntField(&InfContext
,
827 DPRINT1("SetupGetStringFieldW() failed\n");
831 DPRINT("Value: %d\n", nValue
);
833 if ((nValue
< POLICY_AUDIT_EVENT_UNCHANGED
) || (nValue
> POLICY_AUDIT_EVENT_NONE
))
835 DPRINT1("Invalid audit option!\n");
839 if (_wcsicmp(szOptionName
, L
"AuditSystemEvents") == 0)
841 AuditOptions
[AuditCategorySystem
] = (ULONG
)nValue
;
843 else if (_wcsicmp(szOptionName
, L
"AuditLogonEvents") == 0)
845 AuditOptions
[AuditCategoryLogon
] = (ULONG
)nValue
;
847 else if (_wcsicmp(szOptionName
, L
"AuditObjectAccess") == 0)
849 AuditOptions
[AuditCategoryObjectAccess
] = (ULONG
)nValue
;
851 else if (_wcsicmp(szOptionName
, L
"AuditPrivilegeUse") == 0)
853 AuditOptions
[AuditCategoryPrivilegeUse
] = (ULONG
)nValue
;
855 else if (_wcsicmp(szOptionName
, L
"AuditProcessTracking") == 0)
857 AuditOptions
[AuditCategoryDetailedTracking
] = (ULONG
)nValue
;
859 else if (_wcsicmp(szOptionName
, L
"AuditPolicyChange") == 0)
861 AuditOptions
[AuditCategoryPolicyChange
] = (ULONG
)nValue
;
863 else if (_wcsicmp(szOptionName
, L
"AuditAccountManage") == 0)
865 AuditOptions
[AuditCategoryAccountManagement
] = (ULONG
)nValue
;
867 else if (_wcsicmp(szOptionName
, L
"AuditDSAccess") == 0)
869 AuditOptions
[AuditCategoryDirectoryServiceAccess
] = (ULONG
)nValue
;
871 else if (_wcsicmp(szOptionName
, L
"AuditAccountLogon") == 0)
873 AuditOptions
[AuditCategoryAccountLogon
] = (ULONG
)nValue
;
877 DPRINT1("Invalid auditing option '%S'\n", szOptionName
);
880 while (SetupFindNextLine(&InfContext
, &InfContext
));
882 Status
= LsaSetInformationPolicy(PolicyHandle
,
883 PolicyAuditEventsInformation
,
885 if (Status
!= STATUS_SUCCESS
)
887 DPRINT1("LsaSetInformationPolicy() failed (Status 0x%08lx)\n", Status
);
891 if (AuditOptions
!= NULL
)
892 HeapFree(GetProcessHeap(), 0, AuditOptions
);
894 if (PolicyHandle
!= NULL
)
895 LsaClose(PolicyHandle
);
900 InstallSecurity(VOID
)
903 PWSTR pszSecurityInf
;
906 // pszSecurityInf = L"defltsv.inf";
908 pszSecurityInf
= L
"defltwk.inf";
910 InstallBuiltinAccounts();
912 hSecurityInf
= SetupOpenInfFileW(pszSecurityInf
,
916 if (hSecurityInf
!= INVALID_HANDLE_VALUE
)
918 InstallPrivileges(hSecurityInf
);
919 ApplyRegistryValues(hSecurityInf
);
921 ApplyEventlogSettings(hSecurityInf
, L
"Application Log", L
"Application");
922 ApplyEventlogSettings(hSecurityInf
, L
"Security Log", L
"Security");
923 ApplyEventlogSettings(hSecurityInf
, L
"System Log", L
"System");
925 ApplyAuditEvents(hSecurityInf
);
927 SetupCloseInfFile(hSecurityInf
);
931 SetPrimaryDomain(L
"WORKGROUP", NULL
);
936 SetAdministratorPassword(LPCWSTR Password
)
938 PPOLICY_ACCOUNT_DOMAIN_INFO OrigInfo
= NULL
;
939 PUSER_ACCOUNT_NAME_INFORMATION AccountNameInfo
= NULL
;
940 USER_SET_PASSWORD_INFORMATION PasswordInfo
;
941 LSA_OBJECT_ATTRIBUTES ObjectAttributes
;
942 LSA_HANDLE PolicyHandle
= NULL
;
943 SAM_HANDLE ServerHandle
= NULL
;
944 SAM_HANDLE DomainHandle
= NULL
;
945 SAM_HANDLE UserHandle
= NULL
;
948 DPRINT("SYSSETUP: SetAdministratorPassword(%p)\n", Password
);
950 memset(&ObjectAttributes
, 0, sizeof(LSA_OBJECT_ATTRIBUTES
));
951 ObjectAttributes
.Length
= sizeof(LSA_OBJECT_ATTRIBUTES
);
953 Status
= LsaOpenPolicy(NULL
,
955 POLICY_VIEW_LOCAL_INFORMATION
| POLICY_TRUST_ADMIN
,
957 if (Status
!= STATUS_SUCCESS
)
959 DPRINT1("LsaOpenPolicy() failed (Status: 0x%08lx)\n", Status
);
963 Status
= LsaQueryInformationPolicy(PolicyHandle
,
964 PolicyAccountDomainInformation
,
966 if (!NT_SUCCESS(Status
))
968 DPRINT1("LsaQueryInformationPolicy() failed (Status: 0x%08lx)\n", Status
);
972 Status
= SamConnect(NULL
,
974 SAM_SERVER_CONNECT
| SAM_SERVER_LOOKUP_DOMAIN
,
976 if (!NT_SUCCESS(Status
))
978 DPRINT1("SamConnect() failed (Status: 0x%08lx)\n", Status
);
982 Status
= SamOpenDomain(ServerHandle
,
986 if (!NT_SUCCESS(Status
))
988 DPRINT1("SamOpenDomain() failed (Status: 0x%08lx)\n", Status
);
992 Status
= SamOpenUser(DomainHandle
,
993 USER_FORCE_PASSWORD_CHANGE
| USER_READ_GENERAL
,
994 DOMAIN_USER_RID_ADMIN
,
996 if (!NT_SUCCESS(Status
))
998 DPRINT1("SamOpenUser() failed (Status %08lx)\n", Status
);
1002 RtlInitUnicodeString(&PasswordInfo
.Password
, Password
);
1003 PasswordInfo
.PasswordExpired
= FALSE
;
1005 Status
= SamSetInformationUser(UserHandle
,
1006 UserSetPasswordInformation
,
1007 (PVOID
)&PasswordInfo
);
1008 if (!NT_SUCCESS(Status
))
1010 DPRINT1("SamSetInformationUser() failed (Status %08lx)\n", Status
);
1014 Status
= SamQueryInformationUser(UserHandle
,
1015 UserAccountNameInformation
,
1016 (PVOID
*)&AccountNameInfo
);
1017 if (!NT_SUCCESS(Status
))
1019 DPRINT1("SamSetInformationUser() failed (Status %08lx)\n", Status
);
1023 AdminInfo
.Name
= RtlAllocateHeap(RtlGetProcessHeap(),
1025 AccountNameInfo
->UserName
.Length
+ sizeof(WCHAR
));
1026 if (AdminInfo
.Name
!= NULL
)
1027 RtlCopyMemory(AdminInfo
.Name
,
1028 AccountNameInfo
->UserName
.Buffer
,
1029 AccountNameInfo
->UserName
.Length
);
1031 AdminInfo
.Domain
= RtlAllocateHeap(RtlGetProcessHeap(),
1033 OrigInfo
->DomainName
.Length
+ sizeof(WCHAR
));
1034 if (AdminInfo
.Domain
!= NULL
)
1035 RtlCopyMemory(AdminInfo
.Domain
,
1036 OrigInfo
->DomainName
.Buffer
,
1037 OrigInfo
->DomainName
.Length
);
1039 AdminInfo
.Password
= RtlAllocateHeap(RtlGetProcessHeap(),
1041 (wcslen(Password
) + 1) * sizeof(WCHAR
));
1042 if (AdminInfo
.Password
!= NULL
)
1043 wcscpy(AdminInfo
.Password
, Password
);
1045 DPRINT("Administrator Name: %S\n", AdminInfo
.Name
);
1046 DPRINT("Administrator Domain: %S\n", AdminInfo
.Domain
);
1047 DPRINT("Administrator Password: %S\n", AdminInfo
.Password
);
1050 if (AccountNameInfo
!= NULL
)
1051 SamFreeMemory(AccountNameInfo
);
1053 if (OrigInfo
!= NULL
)
1054 LsaFreeMemory(OrigInfo
);
1056 if (PolicyHandle
!= NULL
)
1057 LsaClose(PolicyHandle
);
1059 if (UserHandle
!= NULL
)
1060 SamCloseHandle(UserHandle
);
1062 if (DomainHandle
!= NULL
)
1063 SamCloseHandle(DomainHandle
);
1065 if (ServerHandle
!= NULL
)
1066 SamCloseHandle(ServerHandle
);
1068 DPRINT1("SYSSETUP: SetAdministratorPassword() done (Status %08lx)\n", Status
);
1075 SetAutoAdminLogon(VOID
)
1077 WCHAR szAutoAdminLogon
[2];
1083 lError
= RegOpenKeyExW(HKEY_LOCAL_MACHINE
,
1084 L
"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon",
1086 KEY_READ
| KEY_WRITE
,
1088 if (lError
!= ERROR_SUCCESS
)
1091 dwSize
= 2 * sizeof(WCHAR
);
1092 lError
= RegQueryValueExW(hKey
,
1096 (LPBYTE
)szAutoAdminLogon
,
1098 if (lError
!= ERROR_SUCCESS
)
1101 if (wcscmp(szAutoAdminLogon
, L
"1") == 0)
1103 RegSetValueExW(hKey
,
1104 L
"DefaultDomainName",
1107 (LPBYTE
)AdminInfo
.Domain
,
1108 (wcslen(AdminInfo
.Domain
) + 1) * sizeof(WCHAR
));
1110 RegSetValueExW(hKey
,
1114 (LPBYTE
)AdminInfo
.Name
,
1115 (wcslen(AdminInfo
.Name
) + 1) * sizeof(WCHAR
));
1117 RegSetValueExW(hKey
,
1121 (LPBYTE
)AdminInfo
.Password
,
1122 (wcslen(AdminInfo
.Password
) + 1) * sizeof(WCHAR
));