2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
7 * PROGRAMMERS: Eric Kohl
10 /* INCLUDES ****************************************************************/
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv
);
17 /* GLOBALS *****************************************************************/
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock
;
22 /* FUNCTIONS ***************************************************************/
25 LsarStartRpcServer(VOID
)
29 RtlInitializeCriticalSection(&PolicyHandleTableLock
);
31 TRACE("LsarStartRpcServer() called\n");
33 Status
= RpcServerUseProtseqEpW(L
"ncacn_np",
37 if (Status
!= RPC_S_OK
)
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status
);
43 Status
= RpcServerRegisterIf(lsarpc_v0_0_s_ifspec
,
46 if (Status
!= RPC_S_OK
)
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status
);
52 Status
= RpcServerListen(1, 20, TRUE
);
53 if (Status
!= RPC_S_OK
)
55 WARN("RpcServerListen() failed (Status %lx)\n", Status
);
59 TRACE("LsarStartRpcServer() done\n");
63 void __RPC_USER
LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle
)
70 NTSTATUS WINAPI
LsarClose(
71 LSAPR_HANDLE
*ObjectHandle
)
73 PLSA_DB_OBJECT DbObject
;
74 NTSTATUS Status
= STATUS_SUCCESS
;
76 TRACE("0x%p\n", ObjectHandle
);
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
80 Status
= LsapValidateDbObject(*ObjectHandle
,
84 if (Status
== STATUS_SUCCESS
)
86 Status
= LsapCloseDbObject(DbObject
);
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
97 NTSTATUS WINAPI
LsarDelete(
98 LSAPR_HANDLE ObjectHandle
)
101 return STATUS_NOT_SUPPORTED
;
106 NTSTATUS WINAPI
LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle
,
108 DWORD
*EnumerationContext
,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer
,
110 DWORD PreferedMaximumLength
)
112 PLSA_DB_OBJECT PolicyObject
;
115 TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
116 PolicyHandle
, EnumerationContext
, EnumerationBuffer
,
117 PreferedMaximumLength
);
119 Status
= LsapValidateDbObject(PolicyHandle
,
121 POLICY_VIEW_LOCAL_INFORMATION
,
123 if (!NT_SUCCESS(Status
))
126 if (EnumerationContext
== NULL
)
127 return STATUS_INVALID_PARAMETER
;
129 return LsarpEnumeratePrivileges(EnumerationContext
,
131 PreferedMaximumLength
);
136 NTSTATUS WINAPI
LsarQuerySecurityObject(
137 LSAPR_HANDLE ObjectHandle
,
138 SECURITY_INFORMATION SecurityInformation
,
139 PLSAPR_SR_SECURITY_DESCRIPTOR
*SecurityDescriptor
)
142 return STATUS_NOT_IMPLEMENTED
;
147 NTSTATUS WINAPI
LsarSetSecurityObject(
148 LSAPR_HANDLE ObjectHandle
,
149 SECURITY_INFORMATION SecurityInformation
,
150 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor
)
153 return STATUS_NOT_IMPLEMENTED
;
158 NTSTATUS WINAPI
LsarChangePassword(
160 PRPC_UNICODE_STRING String1
,
161 PRPC_UNICODE_STRING String2
,
162 PRPC_UNICODE_STRING String3
,
163 PRPC_UNICODE_STRING String4
,
164 PRPC_UNICODE_STRING String5
)
167 return STATUS_NOT_IMPLEMENTED
;
172 NTSTATUS WINAPI
LsarOpenPolicy(
174 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
175 ACCESS_MASK DesiredAccess
,
176 LSAPR_HANDLE
*PolicyHandle
)
178 PLSA_DB_OBJECT PolicyObject
;
181 TRACE("LsarOpenPolicy called!\n");
183 RtlEnterCriticalSection(&PolicyHandleTableLock
);
185 Status
= LsapOpenDbObject(NULL
,
191 RtlLeaveCriticalSection(&PolicyHandleTableLock
);
193 if (NT_SUCCESS(Status
))
194 *PolicyHandle
= (LSAPR_HANDLE
)PolicyObject
;
196 TRACE("LsarOpenPolicy done!\n");
203 NTSTATUS WINAPI
LsarQueryInformationPolicy(
204 LSAPR_HANDLE PolicyHandle
,
205 POLICY_INFORMATION_CLASS InformationClass
,
206 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
208 PLSA_DB_OBJECT DbObject
;
209 ACCESS_MASK DesiredAccess
= 0;
212 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
213 PolicyHandle
, InformationClass
, PolicyInformation
);
215 if (PolicyInformation
)
217 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
220 switch (InformationClass
)
222 case PolicyAuditLogInformation
:
223 case PolicyAuditEventsInformation
:
224 case PolicyAuditFullQueryInformation
:
225 DesiredAccess
= POLICY_VIEW_AUDIT_INFORMATION
;
228 case PolicyPrimaryDomainInformation
:
229 case PolicyAccountDomainInformation
:
230 case PolicyLsaServerRoleInformation
:
231 case PolicyReplicaSourceInformation
:
232 case PolicyDefaultQuotaInformation
:
233 case PolicyModificationInformation
:
234 case PolicyDnsDomainInformation
:
235 case PolicyDnsDomainInformationInt
:
236 case PolicyLocalAccountDomainInformation
:
237 DesiredAccess
= POLICY_VIEW_LOCAL_INFORMATION
;
240 case PolicyPdAccountInformation
:
241 DesiredAccess
= POLICY_GET_PRIVATE_INFORMATION
;
245 ERR("Invalid InformationClass!\n");
246 return STATUS_INVALID_PARAMETER
;
249 Status
= LsapValidateDbObject(PolicyHandle
,
253 if (!NT_SUCCESS(Status
))
256 switch (InformationClass
)
258 case PolicyAuditLogInformation
: /* 1 */
259 Status
= LsarQueryAuditLog(PolicyHandle
,
262 case PolicyAuditEventsInformation
: /* 2 */
263 Status
= LsarQueryAuditEvents(PolicyHandle
,
267 case PolicyPrimaryDomainInformation
: /* 3 */
268 Status
= LsarQueryPrimaryDomain(PolicyHandle
,
272 case PolicyPdAccountInformation
: /* 4 */
273 Status
= LsarQueryPdAccount(PolicyHandle
,
276 case PolicyAccountDomainInformation
: /* 5 */
277 Status
= LsarQueryAccountDomain(PolicyHandle
,
281 case PolicyLsaServerRoleInformation
: /* 6 */
282 Status
= LsarQueryServerRole(PolicyHandle
,
286 case PolicyReplicaSourceInformation
: /* 7 */
287 Status
= LsarQueryReplicaSource(PolicyHandle
,
290 case PolicyDefaultQuotaInformation
: /* 8 */
291 Status
= LsarQueryDefaultQuota(PolicyHandle
,
295 case PolicyModificationInformation
: /* 9 */
296 Status
= LsarQueryModification(PolicyHandle
,
300 case PolicyAuditFullQueryInformation
: /* 11 (0xB) */
301 Status
= LsarQueryAuditFull(PolicyHandle
,
305 case PolicyDnsDomainInformation
: /* 12 (0xC) */
306 Status
= LsarQueryDnsDomain(PolicyHandle
,
310 case PolicyDnsDomainInformationInt
: /* 13 (0xD) */
311 Status
= LsarQueryDnsDomainInt(PolicyHandle
,
315 case PolicyLocalAccountDomainInformation
: /* 14 (0xE) */
316 Status
= LsarQueryLocalAccountDomain(PolicyHandle
,
321 ERR("Invalid InformationClass!\n");
322 Status
= STATUS_INVALID_PARAMETER
;
330 NTSTATUS WINAPI
LsarSetInformationPolicy(
331 LSAPR_HANDLE PolicyHandle
,
332 POLICY_INFORMATION_CLASS InformationClass
,
333 PLSAPR_POLICY_INFORMATION PolicyInformation
)
335 PLSA_DB_OBJECT DbObject
;
336 ACCESS_MASK DesiredAccess
= 0;
339 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
340 PolicyHandle
, InformationClass
, PolicyInformation
);
342 if (PolicyInformation
)
344 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
347 switch (InformationClass
)
349 case PolicyAuditLogInformation
:
350 case PolicyAuditFullSetInformation
:
351 DesiredAccess
= POLICY_AUDIT_LOG_ADMIN
;
354 case PolicyAuditEventsInformation
:
355 DesiredAccess
= POLICY_SET_AUDIT_REQUIREMENTS
;
358 case PolicyPrimaryDomainInformation
:
359 case PolicyAccountDomainInformation
:
360 case PolicyDnsDomainInformation
:
361 case PolicyDnsDomainInformationInt
:
362 case PolicyLocalAccountDomainInformation
:
363 DesiredAccess
= POLICY_TRUST_ADMIN
;
366 case PolicyLsaServerRoleInformation
:
367 case PolicyReplicaSourceInformation
:
368 DesiredAccess
= POLICY_SERVER_ADMIN
;
371 case PolicyDefaultQuotaInformation
:
372 DesiredAccess
= POLICY_SET_DEFAULT_QUOTA_LIMITS
;
376 ERR("Invalid InformationClass!\n");
377 return STATUS_INVALID_PARAMETER
;
380 Status
= LsapValidateDbObject(PolicyHandle
,
384 if (!NT_SUCCESS(Status
))
387 switch (InformationClass
)
389 case PolicyAuditEventsInformation
:
390 Status
= STATUS_NOT_IMPLEMENTED
;
393 case PolicyPrimaryDomainInformation
:
394 Status
= LsarSetPrimaryDomain(PolicyHandle
,
395 (PLSAPR_POLICY_PRIMARY_DOM_INFO
)PolicyInformation
);
398 case PolicyAccountDomainInformation
:
399 Status
= LsarSetAccountDomain(PolicyHandle
,
400 (PLSAPR_POLICY_ACCOUNT_DOM_INFO
)PolicyInformation
);
403 case PolicyDnsDomainInformation
:
404 Status
= LsarSetDnsDomain(PolicyHandle
,
405 (PLSAPR_POLICY_DNS_DOMAIN_INFO
)PolicyInformation
);
408 case PolicyLsaServerRoleInformation
:
409 Status
= STATUS_NOT_IMPLEMENTED
;
413 Status
= STATUS_INVALID_PARAMETER
;
422 NTSTATUS WINAPI
LsarClearAuditLog(
423 LSAPR_HANDLE ObjectHandle
)
426 return STATUS_NOT_IMPLEMENTED
;
431 NTSTATUS WINAPI
LsarCreateAccount(
432 LSAPR_HANDLE PolicyHandle
,
434 ACCESS_MASK DesiredAccess
,
435 LSAPR_HANDLE
*AccountHandle
)
437 PLSA_DB_OBJECT PolicyObject
;
438 PLSA_DB_OBJECT AccountsObject
= NULL
;
439 PLSA_DB_OBJECT AccountObject
= NULL
;
440 LPWSTR SidString
= NULL
;
441 NTSTATUS Status
= STATUS_SUCCESS
;
443 /* Validate the PolicyHandle */
444 Status
= LsapValidateDbObject(PolicyHandle
,
446 POLICY_CREATE_ACCOUNT
,
448 if (!NT_SUCCESS(Status
))
450 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
454 /* Open the Accounts object */
455 Status
= LsapOpenDbObject(PolicyObject
,
457 LsaDbContainerObject
,
460 if (!NT_SUCCESS(Status
))
462 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status
);
466 /* Create SID string */
467 if (!ConvertSidToStringSid((PSID
)AccountSid
,
470 ERR("ConvertSidToStringSid failed\n");
471 Status
= STATUS_INVALID_PARAMETER
;
475 /* Create the Account object */
476 Status
= LsapCreateDbObject(AccountsObject
,
481 if (!NT_SUCCESS(Status
))
483 ERR("LsapCreateDbObject (Account) failed (Status 0x%08lx)\n", Status
);
487 /* Set the Sid attribute */
488 Status
= LsapSetObjectAttribute(AccountObject
,
491 GetLengthSid(AccountSid
));
494 if (SidString
!= NULL
)
495 LocalFree(SidString
);
497 if (!NT_SUCCESS(Status
))
499 if (AccountObject
!= NULL
)
500 LsapCloseDbObject(AccountObject
);
504 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
507 if (AccountsObject
!= NULL
)
508 LsapCloseDbObject(AccountsObject
);
510 return STATUS_SUCCESS
;
515 NTSTATUS WINAPI
LsarEnumerateAccounts(
516 LSAPR_HANDLE PolicyHandle
,
517 DWORD
*EnumerationContext
,
518 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
,
519 DWORD PreferedMaximumLength
)
522 return STATUS_NOT_IMPLEMENTED
;
527 NTSTATUS WINAPI
LsarCreateTrustedDomain(
528 LSAPR_HANDLE PolicyHandle
,
529 PLSAPR_TRUST_INFORMATION TrustedDomainInformation
,
530 ACCESS_MASK DesiredAccess
,
531 LSAPR_HANDLE
*TrustedDomainHandle
)
534 return STATUS_NOT_IMPLEMENTED
;
539 NTSTATUS WINAPI
LsarEnumerateTrustedDomains(
540 LSAPR_HANDLE PolicyHandle
,
541 DWORD
*EnumerationContext
,
542 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer
,
543 DWORD PreferedMaximumLength
)
546 return STATUS_NOT_IMPLEMENTED
;
551 NTSTATUS WINAPI
LsarLookupNames(
552 LSAPR_HANDLE PolicyHandle
,
554 PRPC_UNICODE_STRING Names
,
555 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
556 PLSAPR_TRANSLATED_SIDS TranslatedSids
,
557 LSAP_LOOKUP_LEVEL LookupLevel
,
560 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
561 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
562 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
563 PLSA_TRANSLATED_SID OutputSids
= NULL
;
564 ULONG OutputSidsLength
;
570 TRACE("LsarLookupNames(%p, %lu, %p, %p, %p, %d, %p)\n",
571 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
572 LookupLevel
, MappedCount
);
574 TranslatedSids
->Entries
= Count
;
575 TranslatedSids
->Sids
= NULL
;
576 *ReferencedDomains
= NULL
;
578 OutputSidsLength
= Count
* sizeof(LSA_TRANSLATED_SID
);
579 OutputSids
= MIDL_user_allocate(OutputSidsLength
);
580 if (OutputSids
== NULL
)
582 return STATUS_INSUFFICIENT_RESOURCES
;
585 RtlZeroMemory(OutputSids
, OutputSidsLength
);
587 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
588 if (OutputDomains
== NULL
)
590 MIDL_user_free(OutputSids
);
591 return STATUS_INSUFFICIENT_RESOURCES
;
594 OutputDomains
->Entries
= Count
;
595 OutputDomains
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
596 if (OutputDomains
->Domains
== NULL
)
598 MIDL_user_free(OutputDomains
);
599 MIDL_user_free(OutputSids
);
600 return STATUS_INSUFFICIENT_RESOURCES
;
603 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
605 SECURITY_BUILTIN_DOMAIN_RID
,
606 DOMAIN_ALIAS_RID_ADMINS
,
609 if (!NT_SUCCESS(Status
))
611 MIDL_user_free(OutputDomains
->Domains
);
612 MIDL_user_free(OutputDomains
);
613 MIDL_user_free(OutputSids
);
617 SidLength
= RtlLengthSid(Sid
);
619 for (i
= 0; i
< Count
; i
++)
621 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
622 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
624 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
625 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
626 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
627 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
630 for (i
= 0; i
< Count
; i
++)
632 OutputSids
[i
].Use
= SidTypeWellKnownGroup
;
633 OutputSids
[i
].RelativeId
= DOMAIN_USER_RID_ADMIN
; //DOMAIN_ALIAS_RID_ADMINS;
634 OutputSids
[i
].DomainIndex
= i
;
637 *ReferencedDomains
= OutputDomains
;
639 *MappedCount
= Count
;
641 TranslatedSids
->Entries
= Count
;
642 TranslatedSids
->Sids
= OutputSids
;
644 return STATUS_SUCCESS
;
649 NTSTATUS WINAPI
LsarLookupSids(
650 LSAPR_HANDLE PolicyHandle
,
651 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
652 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
653 PLSAPR_TRANSLATED_NAMES TranslatedNames
,
654 LSAP_LOOKUP_LEVEL LookupLevel
,
657 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
658 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
659 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
660 PLSAPR_TRANSLATED_NAME OutputNames
= NULL
;
661 ULONG OutputNamesLength
;
667 TRACE("LsarLookupSids(%p, %p, %p, %p, %d, %p)\n",
668 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
669 LookupLevel
, MappedCount
);
671 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
672 TranslatedNames
->Names
= NULL
;
673 *ReferencedDomains
= NULL
;
675 OutputNamesLength
= SidEnumBuffer
->Entries
* sizeof(LSA_TRANSLATED_NAME
);
676 OutputNames
= MIDL_user_allocate(OutputNamesLength
);
677 if (OutputNames
== NULL
)
679 return STATUS_INSUFFICIENT_RESOURCES
;
682 RtlZeroMemory(OutputNames
, OutputNamesLength
);
684 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
685 if (OutputDomains
== NULL
)
687 MIDL_user_free(OutputNames
);
688 return STATUS_INSUFFICIENT_RESOURCES
;
691 OutputDomains
->Entries
= SidEnumBuffer
->Entries
;
692 OutputDomains
->Domains
= MIDL_user_allocate(SidEnumBuffer
->Entries
* sizeof(LSA_TRUST_INFORMATION
));
693 if (OutputDomains
->Domains
== NULL
)
695 MIDL_user_free(OutputDomains
);
696 MIDL_user_free(OutputNames
);
697 return STATUS_INSUFFICIENT_RESOURCES
;
700 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
702 SECURITY_BUILTIN_DOMAIN_RID
,
703 DOMAIN_ALIAS_RID_ADMINS
,
706 if (!NT_SUCCESS(Status
))
708 MIDL_user_free(OutputDomains
->Domains
);
709 MIDL_user_free(OutputDomains
);
710 MIDL_user_free(OutputNames
);
714 SidLength
= RtlLengthSid(Sid
);
716 for (i
= 0; i
< SidEnumBuffer
->Entries
; i
++)
718 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
719 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
721 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
722 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
723 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
724 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
727 Status
= LsapLookupSids(SidEnumBuffer
,
730 *ReferencedDomains
= OutputDomains
;
732 *MappedCount
= SidEnumBuffer
->Entries
;
734 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
735 TranslatedNames
->Names
= OutputNames
;
742 NTSTATUS WINAPI
LsarCreateSecret(
743 LSAPR_HANDLE PolicyHandle
,
744 PRPC_UNICODE_STRING SecretName
,
745 ACCESS_MASK DesiredAccess
,
746 LSAPR_HANDLE
*SecretHandle
)
748 PLSA_DB_OBJECT PolicyObject
;
749 PLSA_DB_OBJECT SecretsObject
= NULL
;
750 PLSA_DB_OBJECT SecretObject
= NULL
;
752 NTSTATUS Status
= STATUS_SUCCESS
;
754 /* Validate the PolicyHandle */
755 Status
= LsapValidateDbObject(PolicyHandle
,
757 POLICY_CREATE_SECRET
,
759 if (!NT_SUCCESS(Status
))
761 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
765 /* Open the Secrets object */
766 Status
= LsapOpenDbObject(PolicyObject
,
768 LsaDbContainerObject
,
771 if (!NT_SUCCESS(Status
))
773 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status
);
777 /* Get the current time */
778 Status
= NtQuerySystemTime(&Time
);
779 if (!NT_SUCCESS(Status
))
781 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
785 /* Create the Secret object */
786 Status
= LsapCreateDbObject(SecretsObject
,
791 if (!NT_SUCCESS(Status
))
793 ERR("LsapCreateDbObject (Secret) failed (Status 0x%08lx)\n", Status
);
797 /* Set the CurrentTime attribute */
798 Status
= LsapSetObjectAttribute(SecretObject
,
801 sizeof(LARGE_INTEGER
));
802 if (!NT_SUCCESS(Status
))
804 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status
);
808 /* Set the OldTime attribute */
809 Status
= LsapSetObjectAttribute(SecretObject
,
812 sizeof(LARGE_INTEGER
));
815 if (!NT_SUCCESS(Status
))
817 if (SecretObject
!= NULL
)
818 LsapCloseDbObject(SecretObject
);
822 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
825 if (SecretsObject
!= NULL
)
826 LsapCloseDbObject(SecretsObject
);
828 return STATUS_SUCCESS
;
833 NTSTATUS WINAPI
LsarOpenAccount(
834 LSAPR_HANDLE PolicyHandle
,
836 ACCESS_MASK DesiredAccess
,
837 LSAPR_HANDLE
*AccountHandle
)
839 PLSA_DB_OBJECT PolicyObject
;
840 PLSA_DB_OBJECT AccountsObject
= NULL
;
841 PLSA_DB_OBJECT AccountObject
= NULL
;
842 LPWSTR SidString
= NULL
;
843 NTSTATUS Status
= STATUS_SUCCESS
;
845 /* Validate the PolicyHandle */
846 Status
= LsapValidateDbObject(PolicyHandle
,
848 POLICY_CREATE_ACCOUNT
,
850 if (!NT_SUCCESS(Status
))
852 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
856 /* Open the Accounts object */
857 Status
= LsapOpenDbObject(PolicyObject
,
859 LsaDbContainerObject
,
862 if (!NT_SUCCESS(Status
))
864 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status
);
868 /* Create SID string */
869 if (!ConvertSidToStringSid((PSID
)AccountSid
,
872 ERR("ConvertSidToStringSid failed\n");
873 Status
= STATUS_INVALID_PARAMETER
;
877 /* Create the Account object */
878 Status
= LsapOpenDbObject(AccountsObject
,
883 if (!NT_SUCCESS(Status
))
885 ERR("LsapOpenDbObject (Account) failed (Status 0x%08lx)\n", Status
);
889 /* Set the Sid attribute */
890 Status
= LsapSetObjectAttribute(AccountObject
,
893 GetLengthSid(AccountSid
));
896 if (SidString
!= NULL
)
897 LocalFree(SidString
);
899 if (!NT_SUCCESS(Status
))
901 if (AccountObject
!= NULL
)
902 LsapCloseDbObject(AccountObject
);
906 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
909 if (AccountsObject
!= NULL
)
910 LsapCloseDbObject(AccountsObject
);
912 return STATUS_SUCCESS
;
917 NTSTATUS WINAPI
LsarEnumeratePrivilegesAccount(
918 LSAPR_HANDLE AccountHandle
,
919 PLSAPR_PRIVILEGE_SET
*Privileges
)
921 PLSA_DB_OBJECT AccountObject
;
922 ULONG PrivilegeSetSize
= 0;
923 PLSAPR_PRIVILEGE_SET PrivilegeSet
= NULL
;
928 /* Validate the AccountHandle */
929 Status
= LsapValidateDbObject(AccountHandle
,
933 if (!NT_SUCCESS(Status
))
935 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
939 /* Get the size of the privilege set */
940 Status
= LsapGetObjectAttribute(AccountObject
,
944 if (!NT_SUCCESS(Status
))
947 /* Allocate a buffer for the privilege set */
948 PrivilegeSet
= MIDL_user_allocate(PrivilegeSetSize
);
949 if (PrivilegeSet
== NULL
)
950 return STATUS_NO_MEMORY
;
952 /* Get the privilege set */
953 Status
= LsapGetObjectAttribute(AccountObject
,
957 if (!NT_SUCCESS(Status
))
959 MIDL_user_free(PrivilegeSet
);
963 /* Return a pointer to the privilege set */
964 *Privileges
= PrivilegeSet
;
966 return STATUS_SUCCESS
;
971 NTSTATUS WINAPI
LsarAddPrivilegesToAccount(
972 LSAPR_HANDLE AccountHandle
,
973 PLSAPR_PRIVILEGE_SET Privileges
)
975 PLSA_DB_OBJECT AccountObject
;
976 PPRIVILEGE_SET CurrentPrivileges
= NULL
;
977 PPRIVILEGE_SET NewPrivileges
= NULL
;
978 ULONG PrivilegeSetSize
= 0;
979 ULONG PrivilegeCount
;
984 /* Validate the AccountHandle */
985 Status
= LsapValidateDbObject(AccountHandle
,
987 ACCOUNT_ADJUST_PRIVILEGES
,
989 if (!NT_SUCCESS(Status
))
991 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
995 Status
= LsapGetObjectAttribute(AccountObject
,
999 if (!NT_SUCCESS(Status
) || PrivilegeSetSize
== 0)
1001 /* The Privilgs attribute does not exist */
1003 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1004 (Privileges
->PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1005 Status
= LsapSetObjectAttribute(AccountObject
,
1012 /* The Privilgs attribute exists */
1014 /* Allocate memory for the stored privilege set */
1015 CurrentPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1016 if (CurrentPrivileges
== NULL
)
1017 return STATUS_NO_MEMORY
;
1019 /* Get the current privilege set */
1020 Status
= LsapGetObjectAttribute(AccountObject
,
1024 if (!NT_SUCCESS(Status
))
1026 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status
);
1030 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1031 TRACE("Current privilege count: %lu\n", PrivilegeCount
);
1033 /* Calculate the number privileges in the combined privilege set */
1034 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1037 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1039 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1040 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1047 if (bFound
== FALSE
)
1049 TRACE("Found new privilege\n");
1053 TRACE("New privilege count: %lu\n", PrivilegeCount
);
1055 /* Calculate the size of the new privilege set and allocate it */
1056 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1057 (PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1058 NewPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1059 if (NewPrivileges
== NULL
)
1061 Status
= STATUS_NO_MEMORY
;
1065 /* Initialize the new privilege set */
1066 NewPrivileges
->PrivilegeCount
= PrivilegeCount
;
1067 NewPrivileges
->Control
= 0;
1069 /* Copy all privileges from the current privilege set */
1070 RtlCopyLuidAndAttributesArray(CurrentPrivileges
->PrivilegeCount
,
1071 &(CurrentPrivileges
->Privilege
[0]),
1072 &(NewPrivileges
->Privilege
[0]));
1074 /* Add new privileges to the new privilege set */
1075 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1076 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1079 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1081 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1082 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1084 /* Overwrite attributes if a matching privilege was found */
1085 NewPrivileges
->Privilege
[j
].Attributes
= Privileges
->Privilege
[i
].Attributes
;
1092 if (bFound
== FALSE
)
1094 /* Copy the new privilege */
1095 RtlCopyLuidAndAttributesArray(1,
1096 (PLUID_AND_ATTRIBUTES
)&(Privileges
->Privilege
[i
]),
1097 &(NewPrivileges
->Privilege
[PrivilegeCount
]));
1102 /* Set the new priivliege set */
1103 Status
= LsapSetObjectAttribute(AccountObject
,
1110 if (CurrentPrivileges
!= NULL
)
1111 MIDL_user_free(CurrentPrivileges
);
1113 if (NewPrivileges
!= NULL
)
1114 MIDL_user_free(NewPrivileges
);
1121 NTSTATUS WINAPI
LsarRemovePrivilegesFromAccount(
1122 LSAPR_HANDLE AccountHandle
,
1124 PLSAPR_PRIVILEGE_SET Privileges
)
1127 return STATUS_NOT_IMPLEMENTED
;
1132 NTSTATUS WINAPI
LsarGetQuotasForAccount(
1133 LSAPR_HANDLE AccountHandle
,
1134 PQUOTA_LIMITS QuotaLimits
)
1137 return STATUS_NOT_IMPLEMENTED
;
1142 NTSTATUS WINAPI
LsarSetQuotasForAccount(
1143 LSAPR_HANDLE AccountHandle
,
1144 PQUOTA_LIMITS QuotaLimits
)
1147 return STATUS_NOT_IMPLEMENTED
;
1152 NTSTATUS WINAPI
LsarGetSystemAccessAccount(
1153 LSAPR_HANDLE AccountHandle
,
1154 ACCESS_MASK
*SystemAccess
)
1156 PLSA_DB_OBJECT AccountObject
;
1160 /* Validate the account handle */
1161 Status
= LsapValidateDbObject(AccountHandle
,
1165 if (!NT_SUCCESS(Status
))
1167 ERR("Invalid handle (Status %lx)\n", Status
);
1171 /* Get the system access flags */
1172 Status
= LsapGetObjectAttribute(AccountObject
,
1182 NTSTATUS WINAPI
LsarSetSystemAccessAccount(
1183 LSAPR_HANDLE AccountHandle
,
1184 ACCESS_MASK SystemAccess
)
1186 PLSA_DB_OBJECT AccountObject
;
1189 /* Validate the account handle */
1190 Status
= LsapValidateDbObject(AccountHandle
,
1192 ACCOUNT_ADJUST_SYSTEM_ACCESS
,
1194 if (!NT_SUCCESS(Status
))
1196 ERR("Invalid handle (Status %lx)\n", Status
);
1200 /* Set the system access flags */
1201 Status
= LsapSetObjectAttribute(AccountObject
,
1204 sizeof(ACCESS_MASK
));
1211 NTSTATUS WINAPI
LsarOpenTrustedDomain(
1212 LSAPR_HANDLE PolicyHandle
,
1213 PRPC_SID TrustedDomainSid
,
1214 ACCESS_MASK DesiredAccess
,
1215 LSAPR_HANDLE
*TrustedDomainHandle
)
1218 return STATUS_NOT_IMPLEMENTED
;
1223 NTSTATUS WINAPI
LsarQueryInfoTrustedDomain(
1224 LSAPR_HANDLE TrustedDomainHandle
,
1225 TRUSTED_INFORMATION_CLASS InformationClass
,
1226 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1229 return STATUS_NOT_IMPLEMENTED
;
1234 NTSTATUS WINAPI
LsarSetInformationTrustedDomain(
1235 LSAPR_HANDLE TrustedDomainHandle
,
1236 TRUSTED_INFORMATION_CLASS InformationClass
,
1237 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1240 return STATUS_NOT_IMPLEMENTED
;
1245 NTSTATUS WINAPI
LsarOpenSecret(
1246 LSAPR_HANDLE PolicyHandle
,
1247 PRPC_UNICODE_STRING SecretName
,
1248 ACCESS_MASK DesiredAccess
,
1249 LSAPR_HANDLE
*SecretHandle
)
1251 PLSA_DB_OBJECT PolicyObject
;
1252 PLSA_DB_OBJECT SecretsObject
= NULL
;
1253 PLSA_DB_OBJECT SecretObject
= NULL
;
1254 NTSTATUS Status
= STATUS_SUCCESS
;
1256 /* Validate the PolicyHandle */
1257 Status
= LsapValidateDbObject(PolicyHandle
,
1259 POLICY_CREATE_SECRET
,
1261 if (!NT_SUCCESS(Status
))
1263 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1267 /* Open the Secrets object */
1268 Status
= LsapOpenDbObject(PolicyObject
,
1270 LsaDbContainerObject
,
1273 if (!NT_SUCCESS(Status
))
1275 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status
);
1279 /* Create the secret object */
1280 Status
= LsapOpenDbObject(SecretsObject
,
1285 if (!NT_SUCCESS(Status
))
1287 ERR("LsapOpenDbObject (Secret) failed (Status 0x%08lx)\n", Status
);
1292 if (!NT_SUCCESS(Status
))
1294 if (SecretObject
!= NULL
)
1295 LsapCloseDbObject(SecretObject
);
1299 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
1302 if (SecretsObject
!= NULL
)
1303 LsapCloseDbObject(SecretsObject
);
1305 return STATUS_SUCCESS
;
1310 NTSTATUS WINAPI
LsarSetSecret(
1311 LSAPR_HANDLE SecretHandle
,
1312 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue
,
1313 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue
)
1315 PLSA_DB_OBJECT SecretObject
;
1316 PBYTE CurrentValue
= NULL
;
1317 PBYTE OldValue
= NULL
;
1318 ULONG CurrentValueLength
= 0;
1319 ULONG OldValueLength
= 0;
1323 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle
,
1324 EncryptedCurrentValue
, EncryptedOldValue
);
1326 /* Validate the SecretHandle */
1327 Status
= LsapValidateDbObject(SecretHandle
,
1331 if (!NT_SUCCESS(Status
))
1333 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1337 if (EncryptedCurrentValue
!= NULL
)
1339 /* FIXME: Decrypt the current value */
1340 CurrentValue
= EncryptedCurrentValue
->Buffer
;
1341 CurrentValueLength
= EncryptedCurrentValue
->MaximumLength
;
1344 /* Set the current value */
1345 Status
= LsapSetObjectAttribute(SecretObject
,
1348 CurrentValueLength
);
1349 if (!NT_SUCCESS(Status
))
1351 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1355 /* Get the current time */
1356 Status
= NtQuerySystemTime(&Time
);
1357 if (!NT_SUCCESS(Status
))
1359 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
1363 /* Set the current time */
1364 Status
= LsapSetObjectAttribute(SecretObject
,
1367 sizeof(LARGE_INTEGER
));
1368 if (!NT_SUCCESS(Status
))
1370 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1374 if (EncryptedOldValue
!= NULL
)
1376 /* FIXME: Decrypt the old value */
1377 OldValue
= EncryptedOldValue
->Buffer
;
1378 OldValueLength
= EncryptedOldValue
->MaximumLength
;
1381 /* Set the old value */
1382 Status
= LsapSetObjectAttribute(SecretObject
,
1386 if (!NT_SUCCESS(Status
))
1388 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1392 /* Set the old time */
1393 Status
= LsapSetObjectAttribute(SecretObject
,
1396 sizeof(LARGE_INTEGER
));
1397 if (!NT_SUCCESS(Status
))
1399 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1408 NTSTATUS WINAPI
LsarQuerySecret(
1409 LSAPR_HANDLE SecretHandle
,
1410 PLSAPR_CR_CIPHER_VALUE
*EncryptedCurrentValue
,
1411 PLARGE_INTEGER CurrentValueSetTime
,
1412 PLSAPR_CR_CIPHER_VALUE
*EncryptedOldValue
,
1413 PLARGE_INTEGER OldValueSetTime
)
1415 PLSA_DB_OBJECT SecretObject
;
1416 PLSAPR_CR_CIPHER_VALUE EncCurrentValue
= NULL
;
1417 PLSAPR_CR_CIPHER_VALUE EncOldValue
= NULL
;
1418 PBYTE CurrentValue
= NULL
;
1419 PBYTE OldValue
= NULL
;
1420 ULONG CurrentValueLength
= 0;
1421 ULONG OldValueLength
= 0;
1425 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle
,
1426 EncryptedCurrentValue
, CurrentValueSetTime
,
1427 EncryptedOldValue
, OldValueSetTime
);
1429 /* Validate the SecretHandle */
1430 Status
= LsapValidateDbObject(SecretHandle
,
1434 if (!NT_SUCCESS(Status
))
1436 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1440 if (EncryptedCurrentValue
!= NULL
)
1442 CurrentValueLength
= 0;
1444 /* Get the size of the current value */
1445 Status
= LsapGetObjectAttribute(SecretObject
,
1448 &CurrentValueLength
);
1449 if (!NT_SUCCESS(Status
))
1452 /* Allocate a buffer for the current value */
1453 CurrentValue
= midl_user_allocate(CurrentValueLength
);
1454 if (CurrentValue
== NULL
)
1456 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1460 /* Get the current value */
1461 Status
= LsapGetObjectAttribute(SecretObject
,
1464 &CurrentValueLength
);
1465 if (!NT_SUCCESS(Status
))
1468 /* Allocate a buffer for the encrypted current value */
1469 EncCurrentValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
));
1470 if (EncCurrentValue
== NULL
)
1472 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1476 /* FIXME: Encrypt the current value */
1477 EncCurrentValue
->Length
= (USHORT
)(CurrentValueLength
- sizeof(WCHAR
));
1478 EncCurrentValue
->MaximumLength
= (USHORT
)CurrentValueLength
;
1479 EncCurrentValue
->Buffer
= (PBYTE
)CurrentValue
;
1482 if (CurrentValueSetTime
!= NULL
)
1484 BufferSize
= sizeof(LARGE_INTEGER
);
1486 /* Get the current value time */
1487 Status
= LsapGetObjectAttribute(SecretObject
,
1489 (PBYTE
)CurrentValueSetTime
,
1491 if (!NT_SUCCESS(Status
))
1495 if (EncryptedOldValue
!= NULL
)
1499 /* Get the size of the old value */
1500 Status
= LsapGetObjectAttribute(SecretObject
,
1504 if (!NT_SUCCESS(Status
))
1507 /* Allocate a buffer for the old value */
1508 OldValue
= midl_user_allocate(OldValueLength
);
1509 if (OldValue
== NULL
)
1511 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1515 /* Get the old value */
1516 Status
= LsapGetObjectAttribute(SecretObject
,
1520 if (!NT_SUCCESS(Status
))
1523 /* Allocate a buffer for the encrypted old value */
1524 EncOldValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
) + OldValueLength
);
1525 if (EncOldValue
== NULL
)
1527 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1531 /* FIXME: Encrypt the old value */
1532 EncOldValue
->Length
= (USHORT
)(OldValueLength
- sizeof(WCHAR
));
1533 EncOldValue
->MaximumLength
= (USHORT
)OldValueLength
;
1534 EncOldValue
->Buffer
= (PBYTE
)OldValue
;
1537 if (OldValueSetTime
!= NULL
)
1539 BufferSize
= sizeof(LARGE_INTEGER
);
1541 /* Get the old value time */
1542 Status
= LsapGetObjectAttribute(SecretObject
,
1544 (PBYTE
)OldValueSetTime
,
1546 if (!NT_SUCCESS(Status
))
1552 if (NT_SUCCESS(Status
))
1554 if (EncryptedCurrentValue
!= NULL
)
1555 *EncryptedCurrentValue
= EncCurrentValue
;
1557 if (EncryptedOldValue
!= NULL
)
1558 *EncryptedOldValue
= EncOldValue
;
1562 if (EncryptedCurrentValue
!= NULL
)
1563 *EncryptedCurrentValue
= NULL
;
1565 if (EncryptedOldValue
!= NULL
)
1566 *EncryptedOldValue
= NULL
;
1568 if (EncCurrentValue
!= NULL
)
1569 midl_user_free(EncCurrentValue
);
1571 if (EncOldValue
!= NULL
)
1572 midl_user_free(EncOldValue
);
1574 if (CurrentValue
!= NULL
)
1575 midl_user_free(CurrentValue
);
1577 if (OldValue
!= NULL
)
1578 midl_user_free(OldValue
);
1581 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status
);
1588 NTSTATUS WINAPI
LsarLookupPrivilegeValue(
1589 LSAPR_HANDLE PolicyHandle
,
1590 PRPC_UNICODE_STRING Name
,
1595 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1596 PolicyHandle
, Name
, Value
);
1598 Status
= LsapValidateDbObject(PolicyHandle
,
1600 POLICY_LOOKUP_NAMES
,
1602 if (!NT_SUCCESS(Status
))
1604 ERR("Invalid handle (Status %lx)\n", Status
);
1608 TRACE("Privilege: %wZ\n", Name
);
1610 Status
= LsarpLookupPrivilegeValue((PUNICODE_STRING
)Name
,
1618 NTSTATUS WINAPI
LsarLookupPrivilegeName(
1619 LSAPR_HANDLE PolicyHandle
,
1621 PRPC_UNICODE_STRING
*Name
)
1625 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1626 PolicyHandle
, Value
, Name
);
1628 Status
= LsapValidateDbObject(PolicyHandle
,
1630 POLICY_LOOKUP_NAMES
,
1632 if (!NT_SUCCESS(Status
))
1634 ERR("Invalid handle\n");
1638 Status
= LsarpLookupPrivilegeName(Value
, (PUNICODE_STRING
*)Name
);
1645 NTSTATUS WINAPI
LsarLookupPrivilegeDisplayName(
1646 LSAPR_HANDLE PolicyHandle
,
1647 PRPC_UNICODE_STRING Name
,
1648 USHORT ClientLanguage
,
1649 USHORT ClientSystemDefaultLanguage
,
1650 PRPC_UNICODE_STRING
*DisplayName
,
1651 USHORT
*LanguageReturned
)
1654 return STATUS_NOT_IMPLEMENTED
;
1659 NTSTATUS WINAPI
LsarDeleteObject(
1660 LSAPR_HANDLE
*ObjectHandle
)
1663 return STATUS_NOT_IMPLEMENTED
;
1668 NTSTATUS WINAPI
LsarEnumerateAccountsWithUserRight(
1669 LSAPR_HANDLE PolicyHandle
,
1670 PRPC_UNICODE_STRING UserRight
,
1671 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
)
1674 return STATUS_NOT_IMPLEMENTED
;
1679 NTSTATUS WINAPI
LsarEnumerateAccountRights(
1680 LSAPR_HANDLE PolicyHandle
,
1681 PRPC_SID AccountSid
,
1682 PLSAPR_USER_RIGHT_SET UserRights
)
1684 PLSA_DB_OBJECT PolicyObject
;
1687 TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
1688 PolicyHandle
, AccountSid
, UserRights
);
1690 Status
= LsapValidateDbObject(PolicyHandle
,
1694 if (!NT_SUCCESS(Status
))
1697 UserRights
->Entries
= 0;
1698 UserRights
->UserRights
= NULL
;
1699 return STATUS_OBJECT_NAME_NOT_FOUND
;
1704 NTSTATUS WINAPI
LsarAddAccountRights(
1705 LSAPR_HANDLE PolicyHandle
,
1706 PRPC_SID AccountSid
,
1707 PLSAPR_USER_RIGHT_SET UserRights
)
1710 return STATUS_NOT_IMPLEMENTED
;
1715 NTSTATUS WINAPI
LsarRemoveAccountRights(
1716 LSAPR_HANDLE PolicyHandle
,
1717 PRPC_SID AccountSid
,
1719 PLSAPR_USER_RIGHT_SET UserRights
)
1722 return STATUS_NOT_IMPLEMENTED
;
1727 NTSTATUS WINAPI
LsarQueryTrustedDomainInfo(
1728 LSAPR_HANDLE PolicyHandle
,
1729 PRPC_SID TrustedDomainSid
,
1730 TRUSTED_INFORMATION_CLASS InformationClass
,
1731 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1734 return STATUS_NOT_IMPLEMENTED
;
1739 NTSTATUS WINAPI
LsarSetTrustedDomainInfo(
1740 LSAPR_HANDLE PolicyHandle
,
1741 PRPC_SID TrustedDomainSid
,
1742 TRUSTED_INFORMATION_CLASS InformationClass
,
1743 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1746 return STATUS_NOT_IMPLEMENTED
;
1751 NTSTATUS WINAPI
LsarDeleteTrustedDomain(
1752 LSAPR_HANDLE PolicyHandle
,
1753 PRPC_SID TrustedDomainSid
)
1756 return STATUS_NOT_IMPLEMENTED
;
1761 NTSTATUS WINAPI
LsarStorePrivateData(
1762 LSAPR_HANDLE PolicyHandle
,
1763 PRPC_UNICODE_STRING KeyName
,
1764 PLSAPR_CR_CIPHER_VALUE EncryptedData
)
1767 return STATUS_NOT_IMPLEMENTED
;
1772 NTSTATUS WINAPI
LsarRetrievePrivateData(
1773 LSAPR_HANDLE PolicyHandle
,
1774 PRPC_UNICODE_STRING KeyName
,
1775 PLSAPR_CR_CIPHER_VALUE
*EncryptedData
)
1778 return STATUS_NOT_IMPLEMENTED
;
1783 NTSTATUS WINAPI
LsarOpenPolicy2(
1785 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
1786 ACCESS_MASK DesiredAccess
,
1787 LSAPR_HANDLE
*PolicyHandle
)
1790 return STATUS_NOT_IMPLEMENTED
;
1795 NTSTATUS WINAPI
LsarGetUserName(
1797 PRPC_UNICODE_STRING
*UserName
,
1798 PRPC_UNICODE_STRING
*DomainName
)
1801 return STATUS_NOT_IMPLEMENTED
;
1806 NTSTATUS WINAPI
LsarQueryInformationPolicy2(
1807 LSAPR_HANDLE PolicyHandle
,
1808 POLICY_INFORMATION_CLASS InformationClass
,
1809 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
1811 return LsarQueryInformationPolicy(PolicyHandle
,
1818 NTSTATUS WINAPI
LsarSetInformationPolicy2(
1819 LSAPR_HANDLE PolicyHandle
,
1820 POLICY_INFORMATION_CLASS InformationClass
,
1821 PLSAPR_POLICY_INFORMATION PolicyInformation
)
1823 return LsarSetInformationPolicy(PolicyHandle
,
1830 NTSTATUS WINAPI
LsarQueryTrustedDomainInfoByName(
1831 LSAPR_HANDLE PolicyHandle
,
1832 PRPC_UNICODE_STRING TrustedDomainName
,
1833 POLICY_INFORMATION_CLASS InformationClass
,
1834 PLSAPR_TRUSTED_DOMAIN_INFO
*PolicyInformation
)
1837 return STATUS_NOT_IMPLEMENTED
;
1842 NTSTATUS WINAPI
LsarSetTrustedDomainInfoByName(
1843 LSAPR_HANDLE PolicyHandle
,
1844 PRPC_UNICODE_STRING TrustedDomainName
,
1845 POLICY_INFORMATION_CLASS InformationClass
,
1846 PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation
)
1849 return STATUS_NOT_IMPLEMENTED
;
1854 NTSTATUS WINAPI
LsarEnumerateTrustedDomainsEx(
1855 LSAPR_HANDLE PolicyHandle
,
1856 DWORD
*EnumerationContext
,
1857 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer
,
1858 DWORD PreferedMaximumLength
)
1861 return STATUS_NOT_IMPLEMENTED
;
1866 NTSTATUS WINAPI
LsarCreateTrustedDomainEx(
1867 LSAPR_HANDLE PolicyHandle
,
1868 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1869 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation
,
1870 ACCESS_MASK DesiredAccess
,
1871 LSAPR_HANDLE
*TrustedDomainHandle
)
1874 return STATUS_NOT_IMPLEMENTED
;
1879 NTSTATUS WINAPI
LsarSetPolicyReplicationHandle(
1880 PLSAPR_HANDLE PolicyHandle
)
1883 return STATUS_NOT_IMPLEMENTED
;
1888 NTSTATUS WINAPI
LsarQueryDomainInformationPolicy(
1889 LSAPR_HANDLE PolicyHandle
,
1890 POLICY_INFORMATION_CLASS InformationClass
,
1891 PLSAPR_POLICY_DOMAIN_INFORMATION
*PolicyInformation
)
1894 return STATUS_NOT_IMPLEMENTED
;
1899 NTSTATUS WINAPI
LsarSetDomainInformationPolicy(
1900 LSAPR_HANDLE PolicyHandle
,
1901 POLICY_INFORMATION_CLASS InformationClass
,
1902 PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation
)
1905 return STATUS_NOT_IMPLEMENTED
;
1910 NTSTATUS WINAPI
LsarOpenTrustedDomainByName(
1911 LSAPR_HANDLE PolicyHandle
,
1912 PRPC_UNICODE_STRING TrustedDomainName
,
1913 ACCESS_MASK DesiredAccess
,
1914 LSAPR_HANDLE
*TrustedDomainHandle
)
1917 return STATUS_NOT_IMPLEMENTED
;
1922 NTSTATUS WINAPI
LsarTestCall(
1926 return STATUS_NOT_IMPLEMENTED
;
1931 NTSTATUS WINAPI
LsarLookupSids2(
1932 LSAPR_HANDLE PolicyHandle
,
1933 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
1934 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1935 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
1936 LSAP_LOOKUP_LEVEL LookupLevel
,
1938 DWORD LookupOptions
,
1939 DWORD ClientRevision
)
1942 return STATUS_NOT_IMPLEMENTED
;
1947 NTSTATUS WINAPI
LsarLookupNames2(
1948 LSAPR_HANDLE PolicyHandle
,
1950 PRPC_UNICODE_STRING Names
,
1951 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1952 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids
,
1953 LSAP_LOOKUP_LEVEL LookupLevel
,
1955 DWORD LookupOptions
,
1956 DWORD ClientRevision
)
1959 return STATUS_NOT_IMPLEMENTED
;
1964 NTSTATUS WINAPI
LsarCreateTrustedDomainEx2(
1965 LSAPR_HANDLE PolicyHandle
,
1966 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1967 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation
,
1968 ACCESS_MASK DesiredAccess
,
1969 LSAPR_HANDLE
*TrustedDomainHandle
)
1972 return STATUS_NOT_IMPLEMENTED
;
1977 NTSTATUS WINAPI
CredrWrite(
1981 return STATUS_NOT_IMPLEMENTED
;
1986 NTSTATUS WINAPI
CredrRead(
1990 return STATUS_NOT_IMPLEMENTED
;
1995 NTSTATUS WINAPI
CredrEnumerate(
1999 return STATUS_NOT_IMPLEMENTED
;
2004 NTSTATUS WINAPI
CredrWriteDomainCredentials(
2008 return STATUS_NOT_IMPLEMENTED
;
2013 NTSTATUS WINAPI
CredrReadDomainCredentials(
2017 return STATUS_NOT_IMPLEMENTED
;
2022 NTSTATUS WINAPI
CredrDelete(
2026 return STATUS_NOT_IMPLEMENTED
;
2031 NTSTATUS WINAPI
CredrGetTargetInfo(
2035 return STATUS_NOT_IMPLEMENTED
;
2040 NTSTATUS WINAPI
CredrProfileLoaded(
2044 return STATUS_NOT_IMPLEMENTED
;
2049 NTSTATUS WINAPI
LsarLookupNames3(
2050 LSAPR_HANDLE PolicyHandle
,
2052 PRPC_UNICODE_STRING Names
,
2053 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2054 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2055 LSAP_LOOKUP_LEVEL LookupLevel
,
2057 DWORD LookupOptions
,
2058 DWORD ClientRevision
)
2060 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
2061 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
2062 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
= NULL
;
2063 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
= NULL
;
2064 ULONG SidsBufferLength
;
2065 ULONG DomainSidLength
;
2066 ULONG AccountSidLength
;
2072 TRACE("LsarLookupNames3(%p, %lu, %p, %p, %p, %d, %p, %lu, %lu)\n",
2073 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2074 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2077 return STATUS_NONE_MAPPED
;
2079 TranslatedSids
->Entries
= Count
;
2080 TranslatedSids
->Sids
= NULL
;
2081 *ReferencedDomains
= NULL
;
2083 SidsBufferLength
= Count
* sizeof(LSAPR_TRANSLATED_SID_EX2
);
2084 SidsBuffer
= MIDL_user_allocate(SidsBufferLength
);
2085 if (SidsBuffer
== NULL
)
2086 return STATUS_INSUFFICIENT_RESOURCES
;
2088 for (i
= 0; i
< Count
; i
++)
2090 SidsBuffer
[i
].Use
= SidTypeUser
;
2091 SidsBuffer
[i
].Sid
= NULL
;
2092 SidsBuffer
[i
].DomainIndex
= -1;
2093 SidsBuffer
[i
].Flags
= 0;
2096 DomainsBuffer
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
2097 if (DomainsBuffer
== NULL
)
2099 MIDL_user_free(SidsBuffer
);
2100 return STATUS_INSUFFICIENT_RESOURCES
;
2103 DomainsBuffer
->Entries
= Count
;
2104 DomainsBuffer
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
2105 if (DomainsBuffer
->Domains
== NULL
)
2107 MIDL_user_free(DomainsBuffer
);
2108 MIDL_user_free(SidsBuffer
);
2109 return STATUS_INSUFFICIENT_RESOURCES
;
2112 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2114 SECURITY_BUILTIN_DOMAIN_RID
,
2115 DOMAIN_ALIAS_RID_ADMINS
,
2118 if (!NT_SUCCESS(Status
))
2120 MIDL_user_free(DomainsBuffer
->Domains
);
2121 MIDL_user_free(DomainsBuffer
);
2122 MIDL_user_free(SidsBuffer
);
2126 DomainSidLength
= RtlLengthSid(DomainSid
);
2128 for (i
= 0; i
< Count
; i
++)
2130 DomainsBuffer
->Domains
[i
].Sid
= MIDL_user_allocate(DomainSidLength
);
2131 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Sid
,
2135 DomainsBuffer
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
2136 DomainsBuffer
->Domains
[i
].Name
.Length
= DomainName
.Length
;
2137 DomainsBuffer
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
2138 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Name
.Buffer
,
2140 DomainName
.MaximumLength
);
2143 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2145 SECURITY_BUILTIN_DOMAIN_RID
,
2146 DOMAIN_ALIAS_RID_ADMINS
,
2147 DOMAIN_USER_RID_ADMIN
,
2150 if (!NT_SUCCESS(Status
))
2152 MIDL_user_free(DomainsBuffer
->Domains
);
2153 MIDL_user_free(DomainsBuffer
);
2154 MIDL_user_free(SidsBuffer
);
2158 AccountSidLength
= RtlLengthSid(AccountSid
);
2160 for (i
= 0; i
< Count
; i
++)
2162 SidsBuffer
[i
].Use
= SidTypeWellKnownGroup
;
2163 SidsBuffer
[i
].Sid
= MIDL_user_allocate(AccountSidLength
);
2165 RtlCopyMemory(SidsBuffer
[i
].Sid
,
2169 SidsBuffer
[i
].DomainIndex
= i
;
2170 SidsBuffer
[i
].Flags
= 0;
2173 *ReferencedDomains
= DomainsBuffer
;
2174 *MappedCount
= Count
;
2176 TranslatedSids
->Entries
= Count
;
2177 TranslatedSids
->Sids
= SidsBuffer
;
2179 return STATUS_SUCCESS
;
2184 NTSTATUS WINAPI
CredrGetSessionTypes(
2188 return STATUS_NOT_IMPLEMENTED
;
2193 NTSTATUS WINAPI
LsarRegisterAuditEvent(
2197 return STATUS_NOT_IMPLEMENTED
;
2202 NTSTATUS WINAPI
LsarGenAuditEvent(
2206 return STATUS_NOT_IMPLEMENTED
;
2211 NTSTATUS WINAPI
LsarUnregisterAuditEvent(
2215 return STATUS_NOT_IMPLEMENTED
;
2220 NTSTATUS WINAPI
LsarQueryForestTrustInformation(
2221 LSAPR_HANDLE PolicyHandle
,
2222 PLSA_UNICODE_STRING TrustedDomainName
,
2223 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2224 PLSA_FOREST_TRUST_INFORMATION
*ForestTrustInfo
)
2227 return STATUS_NOT_IMPLEMENTED
;
2232 NTSTATUS WINAPI
LsarSetForestTrustInformation(
2233 LSAPR_HANDLE PolicyHandle
,
2234 PLSA_UNICODE_STRING TrustedDomainName
,
2235 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2236 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo
,
2238 PLSA_FOREST_TRUST_COLLISION_INFORMATION
*CollisionInfo
)
2241 return STATUS_NOT_IMPLEMENTED
;
2246 NTSTATUS WINAPI
CredrRename(
2250 return STATUS_NOT_IMPLEMENTED
;
2255 NTSTATUS WINAPI
LsarLookupSids3(
2256 LSAPR_HANDLE PolicyHandle
,
2257 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2258 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2259 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2260 LSAP_LOOKUP_LEVEL LookupLevel
,
2262 DWORD LookupOptions
,
2263 DWORD ClientRevision
)
2266 return STATUS_NOT_IMPLEMENTED
;
2271 NTSTATUS WINAPI
LsarLookupNames4(
2274 PRPC_UNICODE_STRING Names
,
2275 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2276 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2277 LSAP_LOOKUP_LEVEL LookupLevel
,
2279 DWORD LookupOptions
,
2280 DWORD ClientRevision
)
2283 return STATUS_NOT_IMPLEMENTED
;
2288 NTSTATUS WINAPI
LsarOpenPolicySce(
2292 return STATUS_NOT_IMPLEMENTED
;
2297 NTSTATUS WINAPI
LsarAdtRegisterSecurityEventSource(
2301 return STATUS_NOT_IMPLEMENTED
;
2306 NTSTATUS WINAPI
LsarAdtUnregisterSecurityEventSource(
2310 return STATUS_NOT_IMPLEMENTED
;
2315 NTSTATUS WINAPI
LsarAdtReportSecurityEvent(
2319 return STATUS_NOT_IMPLEMENTED
;
2324 NTSTATUS WINAPI
CredrFindBestCredential(
2328 return STATUS_NOT_IMPLEMENTED
;
2333 NTSTATUS WINAPI
LsarSetAuditPolicy(
2337 return STATUS_NOT_IMPLEMENTED
;
2342 NTSTATUS WINAPI
LsarQueryAuditPolicy(
2346 return STATUS_NOT_IMPLEMENTED
;
2351 NTSTATUS WINAPI
LsarEnumerateAuditPolicy(
2355 return STATUS_NOT_IMPLEMENTED
;
2360 NTSTATUS WINAPI
LsarEnumerateAuditCategories(
2364 return STATUS_NOT_IMPLEMENTED
;
2369 NTSTATUS WINAPI
LsarEnumerateAuditSubCategories(
2373 return STATUS_NOT_IMPLEMENTED
;
2378 NTSTATUS WINAPI
LsarLookupAuditCategoryName(
2382 return STATUS_NOT_IMPLEMENTED
;
2387 NTSTATUS WINAPI
LsarLookupAuditSubCategoryName(
2391 return STATUS_NOT_IMPLEMENTED
;
2396 NTSTATUS WINAPI
LsarSetAuditSecurity(
2400 return STATUS_NOT_IMPLEMENTED
;
2405 NTSTATUS WINAPI
LsarQueryAuditSecurity(
2409 return STATUS_NOT_IMPLEMENTED
;
2414 NTSTATUS WINAPI
CredReadByTokenHandle(
2418 return STATUS_NOT_IMPLEMENTED
;
2423 NTSTATUS WINAPI
CredrRestoreCredentials(
2427 return STATUS_NOT_IMPLEMENTED
;
2432 NTSTATUS WINAPI
CredrBackupCredentials(
2436 return STATUS_NOT_IMPLEMENTED
;