2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lookup.c
5 * PURPOSE: Sid / Name lookup functions
7 * PROGRAMMERS: Eric Kohl
10 /* INCLUDES ****************************************************************/
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv
);
17 /* GLOBALS *****************************************************************/
19 typedef wchar_t *PSAMPR_SERVER_NAME
;
20 typedef void *SAMPR_HANDLE
;
22 typedef struct _SAMPR_RETURNED_USTRING_ARRAY
25 PRPC_UNICODE_STRING Element
;
26 } SAMPR_RETURNED_USTRING_ARRAY
, *PSAMPR_RETURNED_USTRING_ARRAY
;
28 typedef struct _SAMPR_ULONG_ARRAY
31 unsigned long *Element
;
32 } SAMPR_ULONG_ARRAY
, *PSAMPR_ULONG_ARRAY
;
37 SamIFree_SAMPR_RETURNED_USTRING_ARRAY(PSAMPR_RETURNED_USTRING_ARRAY Ptr
);
41 SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr
);
45 SamrConnect(IN PSAMPR_SERVER_NAME ServerName
,
46 OUT SAMPR_HANDLE
*ServerHandle
,
47 IN ACCESS_MASK DesiredAccess
);
51 SamrCloseHandle(IN OUT SAMPR_HANDLE
*SamHandle
);
55 SamrOpenDomain(IN SAMPR_HANDLE ServerHandle
,
56 IN ACCESS_MASK DesiredAccess
,
58 OUT SAMPR_HANDLE
*DomainHandle
);
62 SamrLookupIdsInDomain(IN SAMPR_HANDLE DomainHandle
,
64 IN ULONG
*RelativeIds
,
65 OUT PSAMPR_RETURNED_USTRING_ARRAY Names
,
66 OUT PSAMPR_ULONG_ARRAY Use
);
70 SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle
,
72 IN RPC_UNICODE_STRING Names
[],
73 OUT PSAMPR_ULONG_ARRAY RelativeIds
,
74 OUT PSAMPR_ULONG_ARRAY Use
);
77 typedef struct _WELL_KNOWN_SID
81 UNICODE_STRING AccountName
;
82 UNICODE_STRING DomainName
;
84 } WELL_KNOWN_SID
, *PWELL_KNOWN_SID
;
87 LIST_ENTRY WellKnownSidListHead
;
90 /* FUNCTIONS ***************************************************************/
93 LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
,
94 UCHAR SubAuthorityCount
,
95 PULONG SubAuthorities
,
100 PWELL_KNOWN_SID SidEntry
;
104 SidEntry
= RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY
, sizeof(WELL_KNOWN_SID
));
105 if (SidEntry
== NULL
)
108 InitializeListHead(&SidEntry
->ListEntry
);
110 SidEntry
->Sid
= RtlAllocateHeap(RtlGetProcessHeap(),
112 RtlLengthRequiredSid(SubAuthorityCount
));
113 if (SidEntry
->Sid
== NULL
)
115 RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry
);
119 RtlInitializeSid(SidEntry
->Sid
,
123 for (i
= 0; i
< (ULONG
)SubAuthorityCount
; i
++)
125 p
= RtlSubAuthoritySid(SidEntry
->Sid
, i
);
126 *p
= SubAuthorities
[i
];
129 // RtlInitUnicodeString(&SidEntry->AccountName,
131 SidEntry
->AccountName
.Length
= wcslen(AccountName
) * sizeof(WCHAR
);
132 SidEntry
->AccountName
.MaximumLength
= SidEntry
->AccountName
.Length
+ sizeof(WCHAR
);
133 SidEntry
->AccountName
.Buffer
= RtlAllocateHeap(RtlGetProcessHeap(), 0,
134 SidEntry
->AccountName
.MaximumLength
);
135 if (SidEntry
->AccountName
.Buffer
== NULL
)
137 RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry
->Sid
);
138 RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry
);
142 wcscpy(SidEntry
->AccountName
.Buffer
,
145 // RtlInitUnicodeString(&SidEntry->DomainName,
147 SidEntry
->DomainName
.Length
= wcslen(DomainName
) * sizeof(WCHAR
);
148 SidEntry
->DomainName
.MaximumLength
= SidEntry
->DomainName
.Length
+ sizeof(WCHAR
);
149 SidEntry
->DomainName
.Buffer
= RtlAllocateHeap(RtlGetProcessHeap(), 0,
150 SidEntry
->DomainName
.MaximumLength
);
151 if (SidEntry
->DomainName
.Buffer
== NULL
)
153 RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry
->AccountName
.Buffer
);
154 RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry
->Sid
);
155 RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry
);
159 wcscpy(SidEntry
->DomainName
.Buffer
,
164 InsertTailList(&WellKnownSidListHead
,
165 &SidEntry
->ListEntry
);
174 WCHAR szAccountName
[80];
175 WCHAR szDomainName
[80];
176 ULONG SubAuthorities
[8];
179 InitializeListHead(&WellKnownSidListHead
);
181 hInstance
= GetModuleHandleW(L
"lsasrv.dll");
185 LsapLoadString(hInstance
, IDS_NT_AUTHORITY
, szAccountName
, 80);
186 LsapLoadString(hInstance
, IDS_NT_AUTHORITY
, szDomainName
, 80);
187 LsapCreateSid(&NtAuthority
,
195 LsapLoadString(hInstance
, IDS_NULL_RID
, szAccountName
, 80);
197 SubAuthorities
[0] = SECURITY_NULL_RID
;
198 LsapCreateSid(&NullSidAuthority
,
203 SidTypeWellKnownGroup
);
206 LsapLoadString(hInstance
, IDS_WORLD_RID
, szAccountName
, 80);
208 SubAuthorities
[0] = SECURITY_WORLD_RID
;
209 LsapCreateSid(&WorldSidAuthority
,
214 SidTypeWellKnownGroup
);
217 LsapLoadString(hInstance
, IDS_LOCAL_RID
, szAccountName
, 80);
219 SubAuthorities
[0] = SECURITY_LOCAL_RID
;
220 LsapCreateSid(&LocalSidAuthority
,
225 SidTypeWellKnownGroup
);
227 /* Creator Owner Sid */
228 LsapLoadString(hInstance
, IDS_CREATOR_OWNER_RID
, szAccountName
, 80);
230 SubAuthorities
[0] = SECURITY_CREATOR_OWNER_RID
;
231 LsapCreateSid(&CreatorSidAuthority
,
236 SidTypeWellKnownGroup
);
238 /* Creator Group Sid */
239 LsapLoadString(hInstance
, IDS_CREATOR_GROUP_RID
, szAccountName
, 80);
241 SubAuthorities
[0] = SECURITY_CREATOR_GROUP_RID
;
242 LsapCreateSid(&CreatorSidAuthority
,
247 SidTypeWellKnownGroup
);
249 /* Creator Owner Server Sid */
250 LsapLoadString(hInstance
, IDS_CREATOR_OWNER_SERVER_RID
, szAccountName
, 80);
252 SubAuthorities
[0] = SECURITY_CREATOR_OWNER_SERVER_RID
;
253 LsapCreateSid(&CreatorSidAuthority
,
258 SidTypeWellKnownGroup
);
260 /* Creator Group Server Sid */
261 LsapLoadString(hInstance
, IDS_CREATOR_GROUP_SERVER_RID
, szAccountName
, 80);
263 SubAuthorities
[0] = SECURITY_CREATOR_GROUP_SERVER_RID
;
264 LsapCreateSid(&CreatorSidAuthority
,
269 SidTypeWellKnownGroup
);
272 LsapLoadString(hInstance
, IDS_DIALUP_RID
, szAccountName
, 80);
273 LsapLoadString(hInstance
, IDS_NT_AUTHORITY
, szDomainName
, 80);
275 SubAuthorities
[0] = SECURITY_DIALUP_RID
;
276 LsapCreateSid(&NtAuthority
,
281 SidTypeWellKnownGroup
);
284 LsapLoadString(hInstance
, IDS_DIALUP_RID
, szAccountName
, 80);
286 SubAuthorities
[0] = SECURITY_NETWORK_RID
;
287 LsapCreateSid(&NtAuthority
,
292 SidTypeWellKnownGroup
);
295 LsapLoadString(hInstance
, IDS_BATCH_RID
, szAccountName
, 80);
297 SubAuthorities
[0] = SECURITY_BATCH_RID
;
298 LsapCreateSid(&NtAuthority
,
303 SidTypeWellKnownGroup
);
305 /* Interactive Sid */
306 LsapLoadString(hInstance
, IDS_INTERACTIVE_RID
, szAccountName
, 80);
308 SubAuthorities
[0] = SECURITY_INTERACTIVE_RID
;
309 LsapCreateSid(&NtAuthority
,
314 SidTypeWellKnownGroup
);
317 LsapLoadString(hInstance
, IDS_SERVICE_RID
, szAccountName
, 80);
319 SubAuthorities
[0] = SECURITY_SERVICE_RID
;
320 LsapCreateSid(&NtAuthority
,
325 SidTypeWellKnownGroup
);
327 /* Anonymous Logon Sid */
328 LsapLoadString(hInstance
, IDS_ANONYMOUS_LOGON_RID
, szAccountName
, 80);
330 SubAuthorities
[0] = SECURITY_ANONYMOUS_LOGON_RID
;
331 LsapCreateSid(&NtAuthority
,
336 SidTypeWellKnownGroup
);
339 LsapLoadString(hInstance
, IDS_PROXY_RID
, szAccountName
, 80);
341 SubAuthorities
[0] = SECURITY_PROXY_RID
;
342 LsapCreateSid(&NtAuthority
,
347 SidTypeWellKnownGroup
);
349 /* Enterprise Controllers Sid */
350 LsapLoadString(hInstance
, IDS_ENTERPRISE_CONTROLLERS_RID
, szAccountName
, 80);
352 SubAuthorities
[0] = SECURITY_ENTERPRISE_CONTROLLERS_RID
;
353 LsapCreateSid(&NtAuthority
,
358 SidTypeWellKnownGroup
);
360 /* Principal Self Sid */
361 LsapLoadString(hInstance
, IDS_PRINCIPAL_SELF_RID
, szAccountName
, 80);
363 SubAuthorities
[0] = SECURITY_PRINCIPAL_SELF_RID
;
364 LsapCreateSid(&NtAuthority
,
369 SidTypeWellKnownGroup
);
371 /* Authenticated Users Sid */
372 LsapLoadString(hInstance
, IDS_AUTHENTICATED_USER_RID
, szAccountName
, 80);
374 SubAuthorities
[0] = SECURITY_AUTHENTICATED_USER_RID
;
375 LsapCreateSid(&NtAuthority
,
380 SidTypeWellKnownGroup
);
382 /* Restricted Code Sid */
383 LsapLoadString(hInstance
, IDS_RESTRICTED_CODE_RID
, szAccountName
, 80);
385 SubAuthorities
[0] = SECURITY_RESTRICTED_CODE_RID
;
386 LsapCreateSid(&NtAuthority
,
391 SidTypeWellKnownGroup
);
393 /* Terminal Server Sid */
394 LsapLoadString(hInstance
, IDS_TERMINAL_SERVER_RID
, szAccountName
, 80);
396 SubAuthorities
[0] = SECURITY_TERMINAL_SERVER_RID
;
397 LsapCreateSid(&NtAuthority
,
402 SidTypeWellKnownGroup
);
404 /* Remote Logon Sid */
405 LsapLoadString(hInstance
, IDS_REMOTE_LOGON_RID
, szAccountName
, 80);
407 SubAuthorities
[0] = SECURITY_REMOTE_LOGON_RID
;
408 LsapCreateSid(&NtAuthority
,
413 SidTypeWellKnownGroup
);
415 /* This Organization Sid */
416 LsapLoadString(hInstance
, IDS_THIS_ORGANIZATION_RID
, szAccountName
, 80);
418 SubAuthorities
[0] = SECURITY_THIS_ORGANIZATION_RID
;
419 LsapCreateSid(&NtAuthority
,
424 SidTypeWellKnownGroup
);
426 /* Local System Sid */
427 LsapLoadString(hInstance
, IDS_LOCAL_SYSTEM_RID
, szAccountName
, 80);
429 SubAuthorities
[0] = SECURITY_LOCAL_SYSTEM_RID
;
430 LsapCreateSid(&NtAuthority
,
435 SidTypeWellKnownGroup
);
437 /* Local Service Sid */
438 LsapLoadString(hInstance
, IDS_LOCAL_SERVICE_RID
, szAccountName
, 80);
440 SubAuthorities
[0] = SECURITY_LOCAL_SERVICE_RID
;
441 LsapCreateSid(&NtAuthority
,
446 SidTypeWellKnownGroup
);
448 LsapCreateSid(&NtAuthority
,
453 SidTypeWellKnownGroup
);
455 /* Network Service Sid */
456 LsapLoadString(hInstance
, IDS_NETWORK_SERVICE_RID
, szAccountName
, 80);
458 SubAuthorities
[0] = SECURITY_NETWORK_SERVICE_RID
;
459 LsapCreateSid(&NtAuthority
,
464 SidTypeWellKnownGroup
);
466 LsapCreateSid(&NtAuthority
,
471 SidTypeWellKnownGroup
);
473 /* Builtin Domain Sid */
474 LsapLoadString(hInstance
, IDS_BUILTIN_DOMAIN_RID
, szAccountName
, 80);
475 LsapLoadString(hInstance
, IDS_BUILTIN_DOMAIN_RID
, szDomainName
, 80);
477 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
478 LsapCreateSid(&NtAuthority
,
485 /* Administrators Alias Sid */
486 LsapLoadString(hInstance
, IDS_ALIAS_RID_ADMINS
, szAccountName
, 80);
488 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
489 SubAuthorities
[1] = DOMAIN_ALIAS_RID_ADMINS
;
490 LsapCreateSid(&NtAuthority
,
497 /* Users Alias Sid */
498 LsapLoadString(hInstance
, IDS_ALIAS_RID_USERS
, szAccountName
, 80);
500 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
501 SubAuthorities
[1] = DOMAIN_ALIAS_RID_USERS
;
502 LsapCreateSid(&NtAuthority
,
509 /* Guests Alias Sid */
510 LsapLoadString(hInstance
, IDS_ALIAS_RID_GUESTS
, szAccountName
, 80);
512 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
513 SubAuthorities
[1] = DOMAIN_ALIAS_RID_GUESTS
;
514 LsapCreateSid(&NtAuthority
,
521 /* Power User Alias Sid */
522 LsapLoadString(hInstance
, IDS_ALIAS_RID_POWER_USERS
, szAccountName
, 80);
524 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
525 SubAuthorities
[1] = DOMAIN_ALIAS_RID_POWER_USERS
;
526 LsapCreateSid(&NtAuthority
,
533 /* Account Operators Alias Sid */
534 LsapLoadString(hInstance
, IDS_ALIAS_RID_ACCOUNT_OPS
, szAccountName
, 80);
536 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
537 SubAuthorities
[1] = DOMAIN_ALIAS_RID_ACCOUNT_OPS
;
538 LsapCreateSid(&NtAuthority
,
545 /* System Operators Alias Sid */
546 LsapLoadString(hInstance
, IDS_ALIAS_RID_SYSTEM_OPS
, szAccountName
, 80);
548 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
549 SubAuthorities
[1] = DOMAIN_ALIAS_RID_SYSTEM_OPS
;
550 LsapCreateSid(&NtAuthority
,
557 /* Print Operators Alias Sid */
558 LsapLoadString(hInstance
, IDS_ALIAS_RID_PRINT_OPS
, szAccountName
, 80);
560 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
561 SubAuthorities
[1] = DOMAIN_ALIAS_RID_PRINT_OPS
;
562 LsapCreateSid(&NtAuthority
,
569 /* Backup Operators Alias Sid */
570 LsapLoadString(hInstance
, IDS_ALIAS_RID_BACKUP_OPS
, szAccountName
, 80);
572 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
573 SubAuthorities
[1] = DOMAIN_ALIAS_RID_BACKUP_OPS
;
574 LsapCreateSid(&NtAuthority
,
581 /* Replicators Alias Sid */
582 LsapLoadString(hInstance
, IDS_ALIAS_RID_REPLICATOR
, szAccountName
, 80);
584 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
585 SubAuthorities
[1] = DOMAIN_ALIAS_RID_REPLICATOR
;
586 LsapCreateSid(&NtAuthority
,
593 /* RAS Servers Alias Sid */
594 LsapLoadString(hInstance
, IDS_ALIAS_RID_RAS_SERVERS
, szAccountName
, 80);
596 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
597 SubAuthorities
[1] = DOMAIN_ALIAS_RID_RAS_SERVERS
;
598 LsapCreateSid(&NtAuthority
,
605 /* Pre-Windows 2000 Compatible Access Alias Sid */
606 LsapLoadString(hInstance
, IDS_ALIAS_RID_PREW2KCOMPACCESS
, szAccountName
, 80);
608 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
609 SubAuthorities
[1] = DOMAIN_ALIAS_RID_PREW2KCOMPACCESS
;
610 LsapCreateSid(&NtAuthority
,
617 /* Remote Desktop Users Alias Sid */
618 LsapLoadString(hInstance
, IDS_ALIAS_RID_REMOTE_DESKTOP_USERS
, szAccountName
, 80);
620 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
621 SubAuthorities
[1] = DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS
;
622 LsapCreateSid(&NtAuthority
,
629 /* Network Configuration Operators Alias Sid */
630 LsapLoadString(hInstance
, IDS_ALIAS_RID_NETWORK_CONFIGURATION_OPS
, szAccountName
, 80);
632 SubAuthorities
[0] = SECURITY_BUILTIN_DOMAIN_RID
;
633 SubAuthorities
[1] = DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS
;
634 LsapCreateSid(&NtAuthority
,
641 /* FIXME: Add more well known sids */
643 return STATUS_SUCCESS
;
648 LsapLookupWellKnownSid(PSID Sid
)
650 PLIST_ENTRY ListEntry
;
653 ListEntry
= WellKnownSidListHead
.Flink
;
654 while (ListEntry
!= &WellKnownSidListHead
)
656 Ptr
= CONTAINING_RECORD(ListEntry
,
659 if (RtlEqualSid(Sid
, Ptr
->Sid
))
664 ListEntry
= ListEntry
->Flink
;
672 LsapLookupIsolatedWellKnownName(PUNICODE_STRING AccountName
)
674 PLIST_ENTRY ListEntry
;
677 ListEntry
= WellKnownSidListHead
.Flink
;
678 while (ListEntry
!= &WellKnownSidListHead
)
680 Ptr
= CONTAINING_RECORD(ListEntry
,
683 if (RtlEqualUnicodeString(AccountName
, &Ptr
->AccountName
, TRUE
))
688 ListEntry
= ListEntry
->Flink
;
696 LsapLookupFullyQualifiedWellKnownName(PUNICODE_STRING AccountName
,
697 PUNICODE_STRING DomainName
)
699 PLIST_ENTRY ListEntry
;
702 ListEntry
= WellKnownSidListHead
.Flink
;
703 while (ListEntry
!= &WellKnownSidListHead
)
705 Ptr
= CONTAINING_RECORD(ListEntry
,
708 if (RtlEqualUnicodeString(AccountName
, &Ptr
->AccountName
, TRUE
) &&
709 RtlEqualUnicodeString(DomainName
, &Ptr
->DomainName
, TRUE
))
714 ListEntry
= ListEntry
->Flink
;
723 LsapSplitNames(DWORD Count
,
724 PRPC_UNICODE_STRING Names
,
725 PRPC_UNICODE_STRING
*DomainNames
,
726 PRPC_UNICODE_STRING
*AccountNames
)
728 PRPC_UNICODE_STRING DomainsBuffer
= NULL
;
729 PRPC_UNICODE_STRING AccountsBuffer
= NULL
;
734 NTSTATUS Status
= STATUS_SUCCESS
;
736 DomainsBuffer
= MIDL_user_allocate(Count
* sizeof(RPC_UNICODE_STRING
));
737 if (DomainsBuffer
== NULL
)
739 Status
= STATUS_INSUFFICIENT_RESOURCES
;
743 AccountsBuffer
= MIDL_user_allocate(Count
* sizeof(RPC_UNICODE_STRING
));
744 if (AccountsBuffer
== NULL
)
746 Status
= STATUS_INSUFFICIENT_RESOURCES
;
750 for (i
= 0; i
< Count
; i
++)
752 //TRACE("Name: %wZ\n", &Names[i]);
754 Ptr
= wcschr(Names
[i
].Buffer
, L
'\\');
757 AccountLength
= Names
[i
].Length
/ sizeof(WCHAR
);
759 AccountsBuffer
[i
].Length
= Names
[i
].Length
;
760 AccountsBuffer
[i
].MaximumLength
= AccountsBuffer
[i
].Length
+ sizeof(WCHAR
);
761 AccountsBuffer
[i
].Buffer
= MIDL_user_allocate(AccountsBuffer
[i
].MaximumLength
);
762 if (AccountsBuffer
[i
].Buffer
== NULL
)
764 Status
= STATUS_INSUFFICIENT_RESOURCES
;
768 CopyMemory(AccountsBuffer
[i
].Buffer
,
770 AccountsBuffer
[i
].Length
);
771 AccountsBuffer
[i
].Buffer
[AccountLength
] = UNICODE_NULL
;
773 //TRACE("Account name: %wZ\n", &AccountsBuffer[i]);
777 DomainLength
= (ULONG
)(ULONG_PTR
)(Ptr
- Names
[i
].Buffer
);
778 AccountLength
= (Names
[i
].Length
/ sizeof(WCHAR
)) - DomainLength
- 1;
779 //TRACE("DomainLength: %u\n", DomainLength);
780 //TRACE("AccountLength: %u\n", AccountLength);
782 if (DomainLength
> 0)
784 DomainsBuffer
[i
].Length
= (USHORT
)DomainLength
* sizeof(WCHAR
);
785 DomainsBuffer
[i
].MaximumLength
= DomainsBuffer
[i
].Length
+ sizeof(WCHAR
);
786 DomainsBuffer
[i
].Buffer
= MIDL_user_allocate(DomainsBuffer
[i
].MaximumLength
);
787 if (DomainsBuffer
[i
].Buffer
== NULL
)
789 Status
= STATUS_INSUFFICIENT_RESOURCES
;
793 CopyMemory(DomainsBuffer
[i
].Buffer
,
795 DomainsBuffer
[i
].Length
);
796 DomainsBuffer
[i
].Buffer
[DomainLength
] = UNICODE_NULL
;
798 //TRACE("Domain name: %wZ\n", &DomainsBuffer[i]);
801 AccountsBuffer
[i
].Length
= (USHORT
)AccountLength
* sizeof(WCHAR
);
802 AccountsBuffer
[i
].MaximumLength
= AccountsBuffer
[i
].Length
+ sizeof(WCHAR
);
803 AccountsBuffer
[i
].Buffer
= MIDL_user_allocate(AccountsBuffer
[i
].MaximumLength
);
804 if (AccountsBuffer
[i
].Buffer
== NULL
)
806 Status
= STATUS_INSUFFICIENT_RESOURCES
;
810 CopyMemory(AccountsBuffer
[i
].Buffer
,
811 &(Names
[i
].Buffer
[DomainLength
+ 1]),
812 AccountsBuffer
[i
].Length
);
813 AccountsBuffer
[i
].Buffer
[AccountLength
] = UNICODE_NULL
;
815 //TRACE("Account name: %wZ\n", &AccountsBuffer[i]);
820 if (!NT_SUCCESS(Status
))
822 if (AccountsBuffer
!= NULL
)
824 for (i
= 0; i
< Count
; i
++)
826 if (AccountsBuffer
[i
].Buffer
!= NULL
)
827 MIDL_user_free(AccountsBuffer
[i
].Buffer
);
830 MIDL_user_free(AccountsBuffer
);
833 if (DomainsBuffer
!= NULL
)
835 for (i
= 0; i
< Count
; i
++)
837 if (DomainsBuffer
[i
].Buffer
!= NULL
)
838 MIDL_user_free(DomainsBuffer
[i
].Buffer
);
841 MIDL_user_free(DomainsBuffer
);
846 *DomainNames
= DomainsBuffer
;
847 *AccountNames
= AccountsBuffer
;
855 LsapAddDomainToDomainsList(PLSAPR_REFERENCED_DOMAIN_LIST ReferencedDomains
,
856 PUNICODE_STRING Name
,
863 while (i
< ReferencedDomains
->Entries
&&
864 ReferencedDomains
->Domains
[i
].Sid
!= NULL
)
866 if (RtlEqualSid(Sid
, ReferencedDomains
->Domains
[i
].Sid
))
869 return STATUS_SUCCESS
;
875 ReferencedDomains
->Domains
[i
].Sid
= MIDL_user_allocate(RtlLengthSid(Sid
));
876 if (ReferencedDomains
->Domains
[i
].Sid
== NULL
)
877 return STATUS_INSUFFICIENT_RESOURCES
;
879 RtlCopySid(RtlLengthSid(Sid
), ReferencedDomains
->Domains
[i
].Sid
, Sid
);
881 ReferencedDomains
->Domains
[i
].Name
.Length
= Name
->Length
;
882 ReferencedDomains
->Domains
[i
].Name
.MaximumLength
= Name
->MaximumLength
;
883 ReferencedDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(Name
->MaximumLength
);
884 if (ReferencedDomains
->Domains
[i
].Sid
== NULL
)
886 MIDL_user_free(ReferencedDomains
->Domains
[i
].Sid
);
887 ReferencedDomains
->Domains
[i
].Sid
= NULL
;
888 return STATUS_INSUFFICIENT_RESOURCES
;
891 RtlCopyMemory(ReferencedDomains
->Domains
[i
].Name
.Buffer
,
893 Name
->MaximumLength
);
895 ReferencedDomains
->Entries
++;
898 return STATUS_SUCCESS
;
903 LsapIsPrefixSid(IN PSID PrefixSid
,
906 PISID Sid1
= PrefixSid
, Sid2
= Sid
;
909 if (Sid1
->Revision
!= Sid2
->Revision
)
912 if ((Sid1
->IdentifierAuthority
.Value
[0] != Sid2
->IdentifierAuthority
.Value
[0]) ||
913 (Sid1
->IdentifierAuthority
.Value
[1] != Sid2
->IdentifierAuthority
.Value
[1]) ||
914 (Sid1
->IdentifierAuthority
.Value
[2] != Sid2
->IdentifierAuthority
.Value
[2]) ||
915 (Sid1
->IdentifierAuthority
.Value
[3] != Sid2
->IdentifierAuthority
.Value
[3]) ||
916 (Sid1
->IdentifierAuthority
.Value
[4] != Sid2
->IdentifierAuthority
.Value
[4]) ||
917 (Sid1
->IdentifierAuthority
.Value
[5] != Sid2
->IdentifierAuthority
.Value
[5]))
920 if (Sid1
->SubAuthorityCount
>= Sid2
->SubAuthorityCount
)
923 if (Sid1
->SubAuthorityCount
== 0)
926 for (i
= 0; i
< Sid1
->SubAuthorityCount
; i
++)
928 if (Sid1
->SubAuthority
[i
] != Sid2
->SubAuthority
[i
])
937 LsapGetRelativeIdFromSid(PSID Sid_
)
941 if (Sid
->SubAuthorityCount
!= 0)
942 return Sid
->SubAuthority
[Sid
->SubAuthorityCount
- 1];
949 CreateSidFromSidAndRid(PSID SrcSid
,
958 RidCount
= *RtlSubAuthorityCountSid(SrcSid
);
962 DstSidSize
= RtlLengthRequiredSid(RidCount
+ 1);
964 DstSid
= MIDL_user_allocate(DstSidSize
);
968 RtlInitializeSid(DstSid
,
969 RtlIdentifierAuthoritySid(SrcSid
),
972 for (i
= 0; i
< (ULONG
)RidCount
; i
++)
974 p
= RtlSubAuthoritySid(SrcSid
, i
);
975 q
= RtlSubAuthoritySid(DstSid
, i
);
979 q
= RtlSubAuthoritySid(DstSid
, (ULONG
)RidCount
);
987 CreateDomainSidFromAccountSid(PSID AccountSid
)
995 RidCount
= *RtlSubAuthorityCountSid(AccountSid
);
999 DstSidSize
= RtlLengthRequiredSid(RidCount
);
1001 DomainSid
= MIDL_user_allocate(DstSidSize
);
1002 if (DomainSid
== NULL
)
1005 RtlInitializeSid(DomainSid
,
1006 RtlIdentifierAuthoritySid(AccountSid
),
1009 for (i
= 0; i
< (ULONG
)RidCount
; i
++)
1011 p
= RtlSubAuthoritySid(AccountSid
, i
);
1012 q
= RtlSubAuthoritySid(DomainSid
, i
);
1021 LsapCopySid(PSID SrcSid
)
1029 RidCount
= *RtlSubAuthorityCountSid(SrcSid
);
1030 DstSidSize
= RtlLengthRequiredSid(RidCount
);
1032 DstSid
= MIDL_user_allocate(DstSidSize
);
1036 RtlInitializeSid(DstSid
,
1037 RtlIdentifierAuthoritySid(SrcSid
),
1040 for (i
= 0; i
< (ULONG
)RidCount
; i
++)
1042 p
= RtlSubAuthoritySid(SrcSid
, i
);
1043 q
= RtlSubAuthoritySid(DstSid
, i
);
1053 LsapLookupIsolatedNames(DWORD Count
,
1054 PRPC_UNICODE_STRING DomainNames
,
1055 PRPC_UNICODE_STRING AccountNames
,
1056 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
,
1057 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
,
1060 UNICODE_STRING EmptyDomainName
= RTL_CONSTANT_STRING(L
"");
1061 PWELL_KNOWN_SID ptr
, ptr2
;
1065 NTSTATUS Status
= STATUS_SUCCESS
;
1067 for (i
= 0; i
< Count
; i
++)
1069 /* Ignore names which were already mapped */
1070 if (SidsBuffer
[i
].Use
!= SidTypeUnknown
)
1073 /* Ignore fully qualified account names */
1074 if (DomainNames
[i
].Length
!= 0)
1077 TRACE("Mapping name: %wZ\n", &AccountNames
[i
]);
1079 /* Look-up all well-known names */
1080 ptr
= LsapLookupIsolatedWellKnownName((PUNICODE_STRING
)&AccountNames
[i
]);
1083 SidsBuffer
[i
].Use
= ptr
->Use
;
1084 SidsBuffer
[i
].Sid
= LsapCopySid(ptr
->Sid
);
1085 if (SidsBuffer
[i
].Sid
== NULL
)
1087 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1091 SidsBuffer
[i
].DomainIndex
= -1;
1092 SidsBuffer
[i
].Flags
= 0;
1094 if (ptr
->Use
== SidTypeDomain
)
1096 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1100 if (!NT_SUCCESS(Status
))
1103 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1107 ptr2
= LsapLookupIsolatedWellKnownName(&ptr
->DomainName
);
1110 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1114 if (!NT_SUCCESS(Status
))
1117 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1121 DomainSid
= CreateDomainSidFromAccountSid(ptr
->Sid
);
1122 if (DomainSid
== NULL
)
1124 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1128 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1133 if (DomainSid
!= NULL
)
1135 MIDL_user_free(DomainSid
);
1139 if (!NT_SUCCESS(Status
))
1142 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1150 /* Look-up the built-in domain */
1151 if (RtlEqualUnicodeString((PUNICODE_STRING
)&AccountNames
[i
], &BuiltinDomainName
, TRUE
))
1153 SidsBuffer
[i
].Use
= SidTypeDomain
;
1154 SidsBuffer
[i
].Sid
= LsapCopySid(BuiltinDomainSid
);
1155 if (SidsBuffer
[i
].Sid
== NULL
)
1157 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1161 SidsBuffer
[i
].DomainIndex
= -1;
1162 SidsBuffer
[i
].Flags
= 0;
1164 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1168 if (!NT_SUCCESS(Status
))
1171 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1177 /* Look-up the account domain */
1178 if (RtlEqualUnicodeString((PUNICODE_STRING
)&AccountNames
[i
], &AccountDomainName
, TRUE
))
1180 SidsBuffer
[i
].Use
= SidTypeDomain
;
1181 SidsBuffer
[i
].Sid
= LsapCopySid(AccountDomainSid
);
1182 if (SidsBuffer
[i
].Sid
== NULL
)
1184 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1187 SidsBuffer
[i
].DomainIndex
= -1;
1188 SidsBuffer
[i
].Flags
= 0;
1190 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1194 if (!NT_SUCCESS(Status
))
1197 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1203 /* FIXME: Look-up the primary domain */
1205 /* FIXME: Look-up the trusted domains */
1217 LsapLookupIsolatedBuiltinNames(DWORD Count
,
1218 PRPC_UNICODE_STRING DomainNames
,
1219 PRPC_UNICODE_STRING AccountNames
,
1220 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
,
1221 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
,
1224 SAMPR_HANDLE ServerHandle
= NULL
;
1225 SAMPR_HANDLE DomainHandle
= NULL
;
1226 SAMPR_ULONG_ARRAY RelativeIds
= {0, NULL
};
1227 SAMPR_ULONG_ARRAY Use
= {0, NULL
};
1230 NTSTATUS Status
= STATUS_SUCCESS
;
1232 Status
= SamrConnect(NULL
,
1234 SAM_SERVER_CONNECT
| SAM_SERVER_LOOKUP_DOMAIN
);
1235 if (!NT_SUCCESS(Status
))
1237 TRACE("SamrConnect failed (Status %08lx)\n", Status
);
1241 Status
= SamrOpenDomain(ServerHandle
,
1245 if (!NT_SUCCESS(Status
))
1247 TRACE("SamOpenDomain failed (Status %08lx)\n", Status
);
1251 for (i
= 0; i
< Count
; i
++)
1253 /* Ignore names which were already mapped */
1254 if (SidsBuffer
[i
].Use
!= SidTypeUnknown
)
1257 /* Ignore fully qualified account names */
1258 if (DomainNames
[i
].Length
!= 0)
1261 TRACE("Mapping name: %wZ\n", &AccountNames
[i
]);
1263 Status
= SamrLookupNamesInDomain(DomainHandle
,
1268 if (NT_SUCCESS(Status
))
1270 TRACE("Found relative ID: %lu\n", RelativeIds
.Element
[0]);
1272 SidsBuffer
[i
].Use
= Use
.Element
[0];
1273 SidsBuffer
[i
].Sid
= CreateSidFromSidAndRid(BuiltinDomainSid
,
1274 RelativeIds
.Element
[0]);
1275 if (SidsBuffer
[i
].Sid
== NULL
)
1277 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1281 SidsBuffer
[i
].DomainIndex
= -1;
1282 SidsBuffer
[i
].Flags
= 0;
1284 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1288 if (!NT_SUCCESS(Status
))
1291 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1296 SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds
);
1297 SamIFree_SAMPR_ULONG_ARRAY(&Use
);
1301 if (DomainHandle
!= NULL
)
1302 SamrCloseHandle(&DomainHandle
);
1304 if (ServerHandle
!= NULL
)
1305 SamrCloseHandle(&ServerHandle
);
1313 LsapLookupIsolatedAccountNames(DWORD Count
,
1314 PRPC_UNICODE_STRING DomainNames
,
1315 PRPC_UNICODE_STRING AccountNames
,
1316 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
,
1317 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
,
1320 SAMPR_HANDLE ServerHandle
= NULL
;
1321 SAMPR_HANDLE DomainHandle
= NULL
;
1322 SAMPR_ULONG_ARRAY RelativeIds
= {0, NULL
};
1323 SAMPR_ULONG_ARRAY Use
= {0, NULL
};
1326 NTSTATUS Status
= STATUS_SUCCESS
;
1330 Status
= SamrConnect(NULL
,
1332 SAM_SERVER_CONNECT
| SAM_SERVER_LOOKUP_DOMAIN
);
1333 if (!NT_SUCCESS(Status
))
1335 TRACE("SamrConnect failed (Status %08lx)\n", Status
);
1339 Status
= SamrOpenDomain(ServerHandle
,
1343 if (!NT_SUCCESS(Status
))
1345 TRACE("SamOpenDomain failed (Status %08lx)\n", Status
);
1349 for (i
= 0; i
< Count
; i
++)
1351 /* Ignore names which were already mapped */
1352 if (SidsBuffer
[i
].Use
!= SidTypeUnknown
)
1355 /* Ignore fully qualified account names */
1356 if (DomainNames
[i
].Length
!= 0)
1359 TRACE("Mapping name: %wZ\n", &AccountNames
[i
]);
1361 Status
= SamrLookupNamesInDomain(DomainHandle
,
1366 if (NT_SUCCESS(Status
))
1368 TRACE("Found relative ID: %lu\n", RelativeIds
.Element
[0]);
1370 SidsBuffer
[i
].Use
= Use
.Element
[0];
1371 SidsBuffer
[i
].Sid
= CreateSidFromSidAndRid(AccountDomainSid
,
1372 RelativeIds
.Element
[0]);
1373 if (SidsBuffer
[i
].Sid
== NULL
)
1375 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1379 SidsBuffer
[i
].DomainIndex
= -1;
1380 SidsBuffer
[i
].Flags
= 0;
1382 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1386 if (!NT_SUCCESS(Status
))
1389 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1394 SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds
);
1395 SamIFree_SAMPR_ULONG_ARRAY(&Use
);
1399 if (DomainHandle
!= NULL
)
1400 SamrCloseHandle(&DomainHandle
);
1402 if (ServerHandle
!= NULL
)
1403 SamrCloseHandle(&ServerHandle
);
1411 LsapLookupFullyQualifiedWellKnownNames(DWORD Count
,
1412 PRPC_UNICODE_STRING DomainNames
,
1413 PRPC_UNICODE_STRING AccountNames
,
1414 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
,
1415 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
,
1418 UNICODE_STRING EmptyDomainName
= RTL_CONSTANT_STRING(L
"");
1419 PWELL_KNOWN_SID ptr
, ptr2
;
1423 NTSTATUS Status
= STATUS_SUCCESS
;
1425 for (i
= 0; i
< Count
; i
++)
1427 /* Ignore names which were already mapped */
1428 if (SidsBuffer
[i
].Use
!= SidTypeUnknown
)
1431 /* Ignore isolated account names */
1432 if (DomainNames
[i
].Length
== 0)
1435 TRACE("Mapping name: %wZ\\%wZ\n", &DomainNames
[i
], &AccountNames
[i
]);
1437 /* Look-up all well-known names */
1438 ptr
= LsapLookupFullyQualifiedWellKnownName((PUNICODE_STRING
)&AccountNames
[i
],
1439 (PUNICODE_STRING
)&DomainNames
[i
]);
1442 TRACE("Found it! (%wZ\\%wZ)\n", &ptr
->DomainName
, &ptr
->AccountName
);
1444 SidsBuffer
[i
].Use
= ptr
->Use
;
1445 SidsBuffer
[i
].Sid
= LsapCopySid(ptr
->Sid
);
1446 if (SidsBuffer
[i
].Sid
== NULL
)
1448 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1452 SidsBuffer
[i
].DomainIndex
= -1;
1453 SidsBuffer
[i
].Flags
= 0;
1455 if (ptr
->Use
== SidTypeDomain
)
1457 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1461 if (!NT_SUCCESS(Status
))
1464 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1468 ptr2
= LsapLookupIsolatedWellKnownName(&ptr
->DomainName
);
1471 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1475 if (!NT_SUCCESS(Status
))
1478 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1482 DomainSid
= CreateDomainSidFromAccountSid(ptr
->Sid
);
1483 if (DomainSid
== NULL
)
1485 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1489 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1494 if (DomainSid
!= NULL
)
1496 MIDL_user_free(DomainSid
);
1500 if (!NT_SUCCESS(Status
))
1503 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1519 LsapLookupBuiltinNames(DWORD Count
,
1520 PRPC_UNICODE_STRING DomainNames
,
1521 PRPC_UNICODE_STRING AccountNames
,
1522 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
,
1523 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
,
1526 SAMPR_HANDLE ServerHandle
= NULL
;
1527 SAMPR_HANDLE DomainHandle
= NULL
;
1528 SAMPR_ULONG_ARRAY RelativeIds
= {0, NULL
};
1529 SAMPR_ULONG_ARRAY Use
= {0, NULL
};
1532 NTSTATUS Status
= STATUS_SUCCESS
;
1534 Status
= SamrConnect(NULL
,
1536 SAM_SERVER_CONNECT
| SAM_SERVER_LOOKUP_DOMAIN
);
1537 if (!NT_SUCCESS(Status
))
1539 TRACE("SamrConnect failed (Status %08lx)\n", Status
);
1543 Status
= SamrOpenDomain(ServerHandle
,
1547 if (!NT_SUCCESS(Status
))
1549 TRACE("SamOpenDomain failed (Status %08lx)\n", Status
);
1553 for (i
= 0; i
< Count
; i
++)
1555 /* Ignore names which were already mapped */
1556 if (SidsBuffer
[i
].Use
!= SidTypeUnknown
)
1559 /* Ignore isolated account names */
1560 if (DomainNames
[i
].Length
== 0)
1563 if (!RtlEqualUnicodeString((PUNICODE_STRING
)&DomainNames
[i
], &BuiltinDomainName
, TRUE
))
1566 TRACE("Mapping name: %wZ\\%wZ\n", &DomainNames
[i
], &AccountNames
[i
]);
1568 Status
= SamrLookupNamesInDomain(DomainHandle
,
1573 if (NT_SUCCESS(Status
))
1575 SidsBuffer
[i
].Use
= Use
.Element
[0];
1576 SidsBuffer
[i
].Sid
= CreateSidFromSidAndRid(BuiltinDomainSid
,
1577 RelativeIds
.Element
[0]);
1578 if (SidsBuffer
[i
].Sid
== NULL
)
1580 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1584 SidsBuffer
[i
].DomainIndex
= -1;
1585 SidsBuffer
[i
].Flags
= 0;
1587 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1591 if (!NT_SUCCESS(Status
))
1594 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1599 SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds
);
1600 SamIFree_SAMPR_ULONG_ARRAY(&Use
);
1604 if (DomainHandle
!= NULL
)
1605 SamrCloseHandle(&DomainHandle
);
1607 if (ServerHandle
!= NULL
)
1608 SamrCloseHandle(&ServerHandle
);
1616 LsapLookupAccountNames(DWORD Count
,
1617 PRPC_UNICODE_STRING DomainNames
,
1618 PRPC_UNICODE_STRING AccountNames
,
1619 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
,
1620 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
,
1623 SAMPR_HANDLE ServerHandle
= NULL
;
1624 SAMPR_HANDLE DomainHandle
= NULL
;
1625 SAMPR_ULONG_ARRAY RelativeIds
= {0, NULL
};
1626 SAMPR_ULONG_ARRAY Use
= {0, NULL
};
1629 NTSTATUS Status
= STATUS_SUCCESS
;
1631 Status
= SamrConnect(NULL
,
1633 SAM_SERVER_CONNECT
| SAM_SERVER_LOOKUP_DOMAIN
);
1634 if (!NT_SUCCESS(Status
))
1636 TRACE("SamrConnect failed (Status %08lx)\n", Status
);
1640 Status
= SamrOpenDomain(ServerHandle
,
1644 if (!NT_SUCCESS(Status
))
1646 TRACE("SamOpenDomain failed (Status %08lx)\n", Status
);
1650 for (i
= 0; i
< Count
; i
++)
1652 /* Ignore names which were already mapped */
1653 if (SidsBuffer
[i
].Use
!= SidTypeUnknown
)
1656 /* Ignore isolated account names */
1657 if (DomainNames
[i
].Length
== 0)
1660 if (!RtlEqualUnicodeString((PUNICODE_STRING
)&DomainNames
[i
], &AccountDomainName
, TRUE
))
1663 TRACE("Mapping name: %wZ\\%wZ\n", &DomainNames
[i
], &AccountNames
[i
]);
1665 Status
= SamrLookupNamesInDomain(DomainHandle
,
1670 if (NT_SUCCESS(Status
))
1672 SidsBuffer
[i
].Use
= Use
.Element
[0];
1673 SidsBuffer
[i
].Sid
= CreateSidFromSidAndRid(AccountDomainSid
,
1674 RelativeIds
.Element
[0]);
1675 if (SidsBuffer
[i
].Sid
== NULL
)
1677 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1681 SidsBuffer
[i
].DomainIndex
= -1;
1682 SidsBuffer
[i
].Flags
= 0;
1684 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
1688 if (!NT_SUCCESS(Status
))
1691 SidsBuffer
[i
].DomainIndex
= DomainIndex
;
1696 SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds
);
1697 SamIFree_SAMPR_ULONG_ARRAY(&Use
);
1701 if (DomainHandle
!= NULL
)
1702 SamrCloseHandle(&DomainHandle
);
1704 if (ServerHandle
!= NULL
)
1705 SamrCloseHandle(&ServerHandle
);
1712 LsapLookupNames(DWORD Count
,
1713 PRPC_UNICODE_STRING Names
,
1714 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1715 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
1716 LSAP_LOOKUP_LEVEL LookupLevel
,
1718 DWORD LookupOptions
,
1719 DWORD ClientRevision
)
1721 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
= NULL
;
1722 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
= NULL
;
1723 PRPC_UNICODE_STRING DomainNames
= NULL
;
1724 PRPC_UNICODE_STRING AccountNames
= NULL
;
1725 ULONG SidsBufferLength
;
1728 NTSTATUS Status
= STATUS_SUCCESS
;
1732 TranslatedSids
->Entries
= 0;
1733 TranslatedSids
->Sids
= NULL
;
1734 *ReferencedDomains
= NULL
;
1736 SidsBufferLength
= Count
* sizeof(LSAPR_TRANSLATED_SID_EX2
);
1737 SidsBuffer
= MIDL_user_allocate(SidsBufferLength
);
1738 if (SidsBuffer
== NULL
)
1741 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1745 DomainsBuffer
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
1746 if (DomainsBuffer
== NULL
)
1749 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1753 DomainsBuffer
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
1754 if (DomainsBuffer
->Domains
== NULL
)
1757 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1760 DomainsBuffer
->Entries
= 0;
1761 DomainsBuffer
->MaxEntries
= Count
;
1763 for (i
= 0; i
< Count
; i
++)
1765 SidsBuffer
[i
].Use
= SidTypeUnknown
;
1766 SidsBuffer
[i
].Sid
= NULL
;
1767 SidsBuffer
[i
].DomainIndex
= -1;
1768 SidsBuffer
[i
].Flags
= 0;
1771 Status
= LsapSplitNames(Count
,
1775 if (!NT_SUCCESS(Status
))
1777 TRACE("LsapSplitNames failed! (Status %lx)\n", Status
);
1782 Status
= LsapLookupIsolatedNames(Count
,
1788 if (!NT_SUCCESS(Status
) &&
1789 Status
!= STATUS_NONE_MAPPED
&&
1790 Status
!= STATUS_SOME_NOT_MAPPED
)
1792 TRACE("LsapLookupIsolatedNames failed! (Status %lx)\n", Status
);
1796 if (Mapped
== Count
)
1800 Status
= LsapLookupIsolatedBuiltinNames(Count
,
1806 if (!NT_SUCCESS(Status
) &&
1807 Status
!= STATUS_NONE_MAPPED
&&
1808 Status
!= STATUS_SOME_NOT_MAPPED
)
1810 TRACE("LsapLookupIsolatedBuiltinNames failed! (Status %lx)\n", Status
);
1814 if (Mapped
== Count
)
1818 Status
= LsapLookupIsolatedAccountNames(Count
,
1824 if (!NT_SUCCESS(Status
) &&
1825 Status
!= STATUS_NONE_MAPPED
&&
1826 Status
!= STATUS_SOME_NOT_MAPPED
)
1828 TRACE("LsapLookupIsolatedAccountNames failed! (Status %lx)\n", Status
);
1832 if (Mapped
== Count
)
1835 Status
= LsapLookupFullyQualifiedWellKnownNames(Count
,
1841 if (!NT_SUCCESS(Status
) &&
1842 Status
!= STATUS_NONE_MAPPED
&&
1843 Status
!= STATUS_SOME_NOT_MAPPED
)
1845 TRACE("LsapLookupFullyQualifiedWellKnownNames failed! (Status %lx)\n", Status
);
1849 if (Mapped
== Count
)
1852 Status
= LsapLookupBuiltinNames(Count
,
1858 if (!NT_SUCCESS(Status
) &&
1859 Status
!= STATUS_NONE_MAPPED
&&
1860 Status
!= STATUS_SOME_NOT_MAPPED
)
1862 TRACE("LsapLookupBuiltinNames failed! (Status %lx)\n", Status
);
1866 if (Mapped
== Count
)
1870 Status
= LsapLookupAccountNames(Count
,
1876 if (!NT_SUCCESS(Status
) &&
1877 Status
!= STATUS_NONE_MAPPED
&&
1878 Status
!= STATUS_SOME_NOT_MAPPED
)
1880 TRACE("LsapLookupAccountNames failed! (Status %lx)\n", Status
);
1884 if (Mapped
== Count
)
1888 // TRACE("done: Status %lx\n", Status);
1890 if (DomainNames
!= NULL
)
1892 //TRACE("Free DomainNames\n");
1893 for (i
= 0; i
< Count
; i
++)
1895 if (DomainNames
[i
].Buffer
!= NULL
)
1896 MIDL_user_free(DomainNames
[i
].Buffer
);
1899 MIDL_user_free(DomainNames
);
1902 if (AccountNames
!= NULL
)
1904 //TRACE("Free AccountNames\n");
1905 for (i
= 0; i
< Count
; i
++)
1907 //TRACE("i: %lu\n", i);
1908 if (AccountNames
[i
].Buffer
!= NULL
)
1910 MIDL_user_free(AccountNames
[i
].Buffer
);
1914 MIDL_user_free(AccountNames
);
1917 if (!NT_SUCCESS(Status
))
1919 //TRACE("Failure!\n");
1921 //TRACE("Free DomainsBuffer\n");
1922 if (DomainsBuffer
!= NULL
)
1924 if (DomainsBuffer
->Domains
!= NULL
)
1925 MIDL_user_free(DomainsBuffer
->Domains
);
1927 MIDL_user_free(DomainsBuffer
);
1930 //TRACE("Free SidsBuffer\n");
1931 if (SidsBuffer
!= NULL
)
1932 MIDL_user_free(SidsBuffer
);
1936 //TRACE("Success!\n");
1938 *ReferencedDomains
= DomainsBuffer
;
1939 TranslatedSids
->Entries
= Count
;
1940 TranslatedSids
->Sids
= SidsBuffer
;
1941 *MappedCount
= Mapped
;
1944 Status
= STATUS_NONE_MAPPED
;
1945 else if (Mapped
< Count
)
1946 Status
= STATUS_SOME_NOT_MAPPED
;
1949 // TRACE("done: Status %lx\n", Status);
1956 LsapLookupWellKnownSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
1957 PLSAPR_TRANSLATED_NAME_EX NamesBuffer
,
1958 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
,
1961 PWELL_KNOWN_SID ptr
, ptr2
;
1962 LPWSTR SidString
= NULL
;
1965 NTSTATUS Status
= STATUS_SUCCESS
;
1967 for (i
= 0; i
< SidEnumBuffer
->Entries
; i
++)
1969 /* Ignore SIDs which are already mapped */
1970 if (NamesBuffer
[i
].Use
!= SidTypeUnknown
)
1973 ConvertSidToStringSidW(SidEnumBuffer
->SidInfo
[i
].Sid
, &SidString
);
1974 TRACE("Mapping SID: %S\n", SidString
);
1975 LocalFree(SidString
);
1978 ptr
= LsapLookupWellKnownSid(SidEnumBuffer
->SidInfo
[i
].Sid
);
1981 NamesBuffer
[i
].Use
= ptr
->Use
;
1982 NamesBuffer
[i
].Flags
= 0;
1984 NamesBuffer
[i
].Name
.Length
= ptr
->AccountName
.Length
;
1985 NamesBuffer
[i
].Name
.MaximumLength
= ptr
->AccountName
.MaximumLength
;
1986 NamesBuffer
[i
].Name
.Buffer
= MIDL_user_allocate(ptr
->AccountName
.MaximumLength
);
1987 if (NamesBuffer
[i
].Name
.Buffer
== NULL
)
1989 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1993 RtlCopyMemory(NamesBuffer
[i
].Name
.Buffer
, ptr
->AccountName
.Buffer
, ptr
->AccountName
.MaximumLength
);
1995 ptr2
= LsapLookupIsolatedWellKnownName(&ptr
->DomainName
);
1998 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
2002 if (!NT_SUCCESS(Status
))
2005 NamesBuffer
[i
].DomainIndex
= DomainIndex
;
2008 TRACE("Mapped to: %wZ\n", &NamesBuffer
[i
].Name
);
2020 LsapLookupBuiltinDomainSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2021 PLSAPR_TRANSLATED_NAME_EX NamesBuffer
,
2022 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
,
2025 SAMPR_HANDLE ServerHandle
= NULL
;
2026 SAMPR_HANDLE DomainHandle
= NULL
;
2027 SAMPR_RETURNED_USTRING_ARRAY Names
= {0, NULL
};
2028 SAMPR_ULONG_ARRAY Use
= {0, NULL
};
2029 LPWSTR SidString
= NULL
;
2031 ULONG RelativeIds
[1];
2033 NTSTATUS Status
= STATUS_SUCCESS
;
2035 Status
= SamrConnect(NULL
,
2037 SAM_SERVER_CONNECT
| SAM_SERVER_LOOKUP_DOMAIN
);
2038 if (!NT_SUCCESS(Status
))
2040 TRACE("SamrConnect failed (Status %08lx)\n", Status
);
2044 Status
= SamrOpenDomain(ServerHandle
,
2048 if (!NT_SUCCESS(Status
))
2050 TRACE("SamOpenDomain failed (Status %08lx)\n", Status
);
2054 for (i
= 0; i
< SidEnumBuffer
->Entries
; i
++)
2056 /* Ignore SIDs which are already mapped */
2057 if (NamesBuffer
[i
].Use
!= SidTypeUnknown
)
2060 ConvertSidToStringSidW(SidEnumBuffer
->SidInfo
[i
].Sid
, &SidString
);
2061 TRACE("Mapping SID: %S\n", SidString
);
2062 LocalFree(SidString
);
2065 if (RtlEqualSid(BuiltinDomainSid
, SidEnumBuffer
->SidInfo
[i
].Sid
))
2067 TRACE("Found builtin domain!\n");
2069 NamesBuffer
[i
].Use
= SidTypeDomain
;
2070 NamesBuffer
[i
].Flags
= 0;
2072 NamesBuffer
[i
].Name
.Length
= BuiltinDomainName
.Length
;
2073 NamesBuffer
[i
].Name
.MaximumLength
= BuiltinDomainName
.MaximumLength
;
2074 NamesBuffer
[i
].Name
.Buffer
= MIDL_user_allocate(BuiltinDomainName
.MaximumLength
);
2075 if (NamesBuffer
[i
].Name
.Buffer
== NULL
)
2077 Status
= STATUS_INSUFFICIENT_RESOURCES
;
2081 RtlCopyMemory(NamesBuffer
[i
].Name
.Buffer
, BuiltinDomainName
.Buffer
, BuiltinDomainName
.MaximumLength
);
2083 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
2087 if (!NT_SUCCESS(Status
))
2090 NamesBuffer
[i
].DomainIndex
= DomainIndex
;
2092 TRACE("Mapped to: %wZ\n", &NamesBuffer
[i
].Name
);
2096 else if (LsapIsPrefixSid(BuiltinDomainSid
, SidEnumBuffer
->SidInfo
[i
].Sid
))
2098 TRACE("Found builtin domain account!\n");
2100 RelativeIds
[0] = LsapGetRelativeIdFromSid(SidEnumBuffer
->SidInfo
[i
].Sid
);
2102 Status
= SamrLookupIdsInDomain(DomainHandle
,
2107 if (NT_SUCCESS(Status
))
2109 NamesBuffer
[i
].Use
= Use
.Element
[0];
2110 NamesBuffer
[i
].Flags
= 0;
2112 NamesBuffer
[i
].Name
.Length
= Names
.Element
[0].Length
;
2113 NamesBuffer
[i
].Name
.MaximumLength
= Names
.Element
[0].MaximumLength
;
2114 NamesBuffer
[i
].Name
.Buffer
= MIDL_user_allocate(Names
.Element
[0].MaximumLength
);
2115 if (NamesBuffer
[i
].Name
.Buffer
== NULL
)
2117 SamIFree_SAMPR_RETURNED_USTRING_ARRAY(&Names
);
2118 SamIFree_SAMPR_ULONG_ARRAY(&Use
);
2120 Status
= STATUS_INSUFFICIENT_RESOURCES
;
2124 RtlCopyMemory(NamesBuffer
[i
].Name
.Buffer
,
2125 Names
.Element
[0].Buffer
,
2126 Names
.Element
[0].MaximumLength
);
2128 SamIFree_SAMPR_RETURNED_USTRING_ARRAY(&Names
);
2129 SamIFree_SAMPR_ULONG_ARRAY(&Use
);
2131 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
2135 if (!NT_SUCCESS(Status
))
2138 NamesBuffer
[i
].DomainIndex
= DomainIndex
;
2140 TRACE("Mapped to: %wZ\n", &NamesBuffer
[i
].Name
);
2148 if (DomainHandle
!= NULL
)
2149 SamrCloseHandle(&DomainHandle
);
2151 if (ServerHandle
!= NULL
)
2152 SamrCloseHandle(&ServerHandle
);
2159 LsapLookupAccountDomainSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2160 PLSAPR_TRANSLATED_NAME_EX NamesBuffer
,
2161 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
,
2164 SAMPR_HANDLE ServerHandle
= NULL
;
2165 SAMPR_HANDLE DomainHandle
= NULL
;
2166 SAMPR_RETURNED_USTRING_ARRAY Names
= {0, NULL
};
2167 SAMPR_ULONG_ARRAY Use
= {0, NULL
};
2168 LPWSTR SidString
= NULL
;
2170 ULONG RelativeIds
[1];
2172 NTSTATUS Status
= STATUS_SUCCESS
;
2174 Status
= SamrConnect(NULL
,
2176 SAM_SERVER_CONNECT
| SAM_SERVER_LOOKUP_DOMAIN
);
2177 if (!NT_SUCCESS(Status
))
2179 TRACE("SamrConnect failed (Status %08lx)\n", Status
);
2183 Status
= SamrOpenDomain(ServerHandle
,
2187 if (!NT_SUCCESS(Status
))
2189 TRACE("SamOpenDomain failed (Status %08lx)\n", Status
);
2193 for (i
= 0; i
< SidEnumBuffer
->Entries
; i
++)
2195 /* Ignore SIDs which are already mapped */
2196 if (NamesBuffer
[i
].Use
!= SidTypeUnknown
)
2199 ConvertSidToStringSidW(SidEnumBuffer
->SidInfo
[i
].Sid
, &SidString
);
2200 TRACE("Mapping SID: %S\n", SidString
);
2201 LocalFree(SidString
);
2204 if (RtlEqualSid(AccountDomainSid
, SidEnumBuffer
->SidInfo
[i
].Sid
))
2206 TRACE("Found account domain!\n");
2208 NamesBuffer
[i
].Use
= SidTypeDomain
;
2209 NamesBuffer
[i
].Flags
= 0;
2211 NamesBuffer
[i
].Name
.Length
= AccountDomainName
.Length
;
2212 NamesBuffer
[i
].Name
.MaximumLength
= AccountDomainName
.MaximumLength
;
2213 NamesBuffer
[i
].Name
.Buffer
= MIDL_user_allocate(AccountDomainName
.MaximumLength
);
2214 if (NamesBuffer
[i
].Name
.Buffer
== NULL
)
2216 Status
= STATUS_INSUFFICIENT_RESOURCES
;
2220 RtlCopyMemory(NamesBuffer
[i
].Name
.Buffer
, AccountDomainName
.Buffer
, AccountDomainName
.MaximumLength
);
2222 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
2226 if (!NT_SUCCESS(Status
))
2229 NamesBuffer
[i
].DomainIndex
= DomainIndex
;
2231 TRACE("Mapped to: %wZ\n", &NamesBuffer
[i
].Name
);
2235 else if (LsapIsPrefixSid(AccountDomainSid
, SidEnumBuffer
->SidInfo
[i
].Sid
))
2237 TRACE("Found account domain account!\n");
2239 RelativeIds
[0] = LsapGetRelativeIdFromSid(SidEnumBuffer
->SidInfo
[i
].Sid
);
2241 Status
= SamrLookupIdsInDomain(DomainHandle
,
2246 if (NT_SUCCESS(Status
))
2248 NamesBuffer
[i
].Use
= Use
.Element
[0];
2249 NamesBuffer
[i
].Flags
= 0;
2251 NamesBuffer
[i
].Name
.Length
= Names
.Element
[0].Length
;
2252 NamesBuffer
[i
].Name
.MaximumLength
= Names
.Element
[0].MaximumLength
;
2253 NamesBuffer
[i
].Name
.Buffer
= MIDL_user_allocate(Names
.Element
[0].MaximumLength
);
2254 if (NamesBuffer
[i
].Name
.Buffer
== NULL
)
2256 SamIFree_SAMPR_RETURNED_USTRING_ARRAY(&Names
);
2257 SamIFree_SAMPR_ULONG_ARRAY(&Use
);
2259 Status
= STATUS_INSUFFICIENT_RESOURCES
;
2263 RtlCopyMemory(NamesBuffer
[i
].Name
.Buffer
,
2264 Names
.Element
[0].Buffer
,
2265 Names
.Element
[0].MaximumLength
);
2267 SamIFree_SAMPR_RETURNED_USTRING_ARRAY(&Names
);
2268 SamIFree_SAMPR_ULONG_ARRAY(&Use
);
2270 Status
= LsapAddDomainToDomainsList(DomainsBuffer
,
2274 if (!NT_SUCCESS(Status
))
2277 NamesBuffer
[i
].DomainIndex
= DomainIndex
;
2279 TRACE("Mapped to: %wZ\n", &NamesBuffer
[i
].Name
);
2287 if (DomainHandle
!= NULL
)
2288 SamrCloseHandle(&DomainHandle
);
2290 if (ServerHandle
!= NULL
)
2291 SamrCloseHandle(&ServerHandle
);
2298 LsapLookupSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2299 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2300 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2301 LSAP_LOOKUP_LEVEL LookupLevel
,
2303 DWORD LookupOptions
,
2304 DWORD ClientRevision
)
2306 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
= NULL
;
2307 PLSAPR_TRANSLATED_NAME_EX NamesBuffer
= NULL
;
2308 ULONG NamesBufferLength
;
2311 NTSTATUS Status
= STATUS_SUCCESS
;
2313 NamesBufferLength
= SidEnumBuffer
->Entries
* sizeof(LSAPR_TRANSLATED_NAME_EX
);
2314 NamesBuffer
= MIDL_user_allocate(NamesBufferLength
);
2315 if (NamesBuffer
== NULL
)
2317 Status
= STATUS_INSUFFICIENT_RESOURCES
;
2321 DomainsBuffer
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
2322 if (DomainsBuffer
== NULL
)
2324 Status
= STATUS_INSUFFICIENT_RESOURCES
;
2328 DomainsBuffer
->Domains
= MIDL_user_allocate(SidEnumBuffer
->Entries
* sizeof(LSA_TRUST_INFORMATION
));
2329 if (DomainsBuffer
->Domains
== NULL
)
2331 Status
= STATUS_INSUFFICIENT_RESOURCES
;
2335 DomainsBuffer
->Entries
= 0;
2336 DomainsBuffer
->MaxEntries
= SidEnumBuffer
->Entries
;
2338 /* Initialize all name entries */
2339 for (i
= 0; i
< SidEnumBuffer
->Entries
; i
++)
2341 NamesBuffer
[i
].Use
= SidTypeUnknown
;
2342 NamesBuffer
[i
].Name
.Length
= 0;
2343 NamesBuffer
[i
].Name
.MaximumLength
= 0;
2344 NamesBuffer
[i
].Name
.Buffer
= NULL
;
2345 NamesBuffer
[i
].DomainIndex
= -1;
2346 NamesBuffer
[i
].Flags
= 0;
2349 /* Look-up well-known SIDs */
2350 Status
= LsapLookupWellKnownSids(SidEnumBuffer
,
2354 if (!NT_SUCCESS(Status
) &&
2355 Status
!= STATUS_NONE_MAPPED
&&
2356 Status
!= STATUS_SOME_NOT_MAPPED
)
2359 if (Mapped
== SidEnumBuffer
->Entries
)
2362 /* Look-up builtin domain SIDs */
2363 Status
= LsapLookupBuiltinDomainSids(SidEnumBuffer
,
2367 if (!NT_SUCCESS(Status
) &&
2368 Status
!= STATUS_NONE_MAPPED
&&
2369 Status
!= STATUS_SOME_NOT_MAPPED
)
2372 if (Mapped
== SidEnumBuffer
->Entries
)
2375 /* Look-up account domain SIDs */
2376 Status
= LsapLookupAccountDomainSids(SidEnumBuffer
,
2380 if (!NT_SUCCESS(Status
) &&
2381 Status
!= STATUS_NONE_MAPPED
&&
2382 Status
!= STATUS_SOME_NOT_MAPPED
)
2385 if (Mapped
== SidEnumBuffer
->Entries
)
2389 TRACE("done Status: %lx Mapped: %lu\n", Status
, Mapped
);
2391 if (!NT_SUCCESS(Status
))
2393 if (DomainsBuffer
!= NULL
)
2395 if (DomainsBuffer
->Domains
!= NULL
)
2396 MIDL_user_free(DomainsBuffer
->Domains
);
2398 MIDL_user_free(DomainsBuffer
);
2401 if (NamesBuffer
!= NULL
)
2402 MIDL_user_free(NamesBuffer
);
2406 *ReferencedDomains
= DomainsBuffer
;
2407 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
2408 TranslatedNames
->Names
= NamesBuffer
;
2409 *MappedCount
= Mapped
;
2412 Status
= STATUS_NONE_MAPPED
;
2413 else if (Mapped
< SidEnumBuffer
->Entries
)
2414 Status
= STATUS_SOME_NOT_MAPPED
;