projects / reactos.git / blob
? search:


07ac20c564f2b2deb1e4d7a5dd574f1eef436899
[reactos.git] / reactos / dll / win32 / lsasrv / lsarpc.c
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
6 *
7 * PROGRAMMERS: Eric Kohl
8 */
9
10 /* INCLUDES ****************************************************************/
11
12 #include "lsasrv.h"
13
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
15
16
17 /* GLOBALS *****************************************************************/
18
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock;
20
21
22 /* FUNCTIONS ***************************************************************/
23
24 VOID
25 LsarStartRpcServer(VOID)
26 {
27 RPC_STATUS Status;
28
29 RtlInitializeCriticalSection(&PolicyHandleTableLock);
30
31 TRACE("LsarStartRpcServer() called\n");
32
33 Status = RpcServerUseProtseqEpW(L"ncacn_np",
34 10,
35 L"\\pipe\\lsarpc",
36 NULL);
37 if (Status != RPC_S_OK)
38 {
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status);
40 return;
41 }
42
43 Status = RpcServerRegisterIf(lsarpc_v0_0_s_ifspec,
44 NULL,
45 NULL);
46 if (Status != RPC_S_OK)
47 {
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status);
49 return;
50 }
51
52 Status = RpcServerListen(1, 20, TRUE);
53 if (Status != RPC_S_OK)
54 {
55 WARN("RpcServerListen() failed (Status %lx)\n", Status);
56 return;
57 }
58
59 TRACE("LsarStartRpcServer() done\n");
60 }
61
62
63 void __RPC_USER LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle)
64 {
65
66 }
67
68
69 /* Function 0 */
70 NTSTATUS WINAPI LsarClose(
71 LSAPR_HANDLE *ObjectHandle)
72 {
73 PLSA_DB_OBJECT DbObject;
74 NTSTATUS Status = STATUS_SUCCESS;
75
76 TRACE("0x%p\n", ObjectHandle);
77
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
79
80 Status = LsapValidateDbObject(*ObjectHandle,
81 LsaDbIgnoreObject,
82 0,
83 &DbObject);
84 if (Status == STATUS_SUCCESS)
85 {
86 Status = LsapCloseDbObject(DbObject);
87 *ObjectHandle = NULL;
88 }
89
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
91
92 return Status;
93 }
94
95
96 /* Function 1 */
97 NTSTATUS WINAPI LsarDelete(
98 LSAPR_HANDLE ObjectHandle)
99 {
100 /* Deprecated */
101 return STATUS_NOT_SUPPORTED;
102 }
103
104
105 /* Function 2 */
106 NTSTATUS WINAPI LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle,
108 DWORD *EnumerationContext,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer,
110 DWORD PreferedMaximumLength)
111 {
112 PLSA_DB_OBJECT PolicyObject;
113 NTSTATUS Status;
114
115 TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
116 PolicyHandle, EnumerationContext, EnumerationBuffer,
117 PreferedMaximumLength);
118
119 Status = LsapValidateDbObject(PolicyHandle,
120 LsaDbPolicyObject,
121 POLICY_VIEW_LOCAL_INFORMATION,
122 &PolicyObject);
123 if (!NT_SUCCESS(Status))
124 return Status;
125
126 if (EnumerationContext == NULL)
127 return STATUS_INVALID_PARAMETER;
128
129 return LsarpEnumeratePrivileges(EnumerationContext,
130 EnumerationBuffer,
131 PreferedMaximumLength);
132 }
133
134
135 /* Function 3 */
136 NTSTATUS WINAPI LsarQuerySecurityObject(
137 LSAPR_HANDLE ObjectHandle,
138 SECURITY_INFORMATION SecurityInformation,
139 PLSAPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor)
140 {
141 UNIMPLEMENTED;
142 return STATUS_NOT_IMPLEMENTED;
143 }
144
145
146 /* Function 4 */
147 NTSTATUS WINAPI LsarSetSecurityObject(
148 LSAPR_HANDLE ObjectHandle,
149 SECURITY_INFORMATION SecurityInformation,
150 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor)
151 {
152 UNIMPLEMENTED;
153 return STATUS_NOT_IMPLEMENTED;
154 }
155
156
157 /* Function 5 */
158 NTSTATUS WINAPI LsarChangePassword(
159 handle_t IDL_handle,
160 PRPC_UNICODE_STRING String1,
161 PRPC_UNICODE_STRING String2,
162 PRPC_UNICODE_STRING String3,
163 PRPC_UNICODE_STRING String4,
164 PRPC_UNICODE_STRING String5)
165 {
166 /* Deprecated */
167 return STATUS_NOT_IMPLEMENTED;
168 }
169
170
171 /* Function 6 */
172 NTSTATUS WINAPI LsarOpenPolicy(
173 LPWSTR SystemName,
174 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
175 ACCESS_MASK DesiredAccess,
176 LSAPR_HANDLE *PolicyHandle)
177 {
178 PLSA_DB_OBJECT PolicyObject;
179 NTSTATUS Status;
180
181 TRACE("LsarOpenPolicy called!\n");
182
183 RtlEnterCriticalSection(&PolicyHandleTableLock);
184
185 Status = LsapOpenDbObject(NULL,
186 L"Policy",
187 LsaDbPolicyObject,
188 DesiredAccess,
189 &PolicyObject);
190
191 RtlLeaveCriticalSection(&PolicyHandleTableLock);
192
193 if (NT_SUCCESS(Status))
194 *PolicyHandle = (LSAPR_HANDLE)PolicyObject;
195
196 TRACE("LsarOpenPolicy done!\n");
197
198 return Status;
199 }
200
201
202 /* Function 7 */
203 NTSTATUS WINAPI LsarQueryInformationPolicy(
204 LSAPR_HANDLE PolicyHandle,
205 POLICY_INFORMATION_CLASS InformationClass,
206 PLSAPR_POLICY_INFORMATION *PolicyInformation)
207 {
208 PLSA_DB_OBJECT DbObject;
209 ACCESS_MASK DesiredAccess = 0;
210 NTSTATUS Status;
211
212 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
213 PolicyHandle, InformationClass, PolicyInformation);
214
215 if (PolicyInformation)
216 {
217 TRACE("*PolicyInformation %p\n", *PolicyInformation);
218 }
219
220 switch (InformationClass)
221 {
222 case PolicyAuditLogInformation:
223 case PolicyAuditEventsInformation:
224 case PolicyAuditFullQueryInformation:
225 DesiredAccess = POLICY_VIEW_AUDIT_INFORMATION;
226 break;
227
228 case PolicyPrimaryDomainInformation:
229 case PolicyAccountDomainInformation:
230 case PolicyLsaServerRoleInformation:
231 case PolicyReplicaSourceInformation:
232 case PolicyDefaultQuotaInformation:
233 case PolicyModificationInformation:
234 case PolicyDnsDomainInformation:
235 case PolicyDnsDomainInformationInt:
236 case PolicyLocalAccountDomainInformation:
237 DesiredAccess = POLICY_VIEW_LOCAL_INFORMATION;
238 break;
239
240 case PolicyPdAccountInformation:
241 DesiredAccess = POLICY_GET_PRIVATE_INFORMATION;
242 break;
243
244 default:
245 ERR("Invalid InformationClass!\n");
246 return STATUS_INVALID_PARAMETER;
247 }
248
249 Status = LsapValidateDbObject(PolicyHandle,
250 LsaDbPolicyObject,
251 DesiredAccess,
252 &DbObject);
253 if (!NT_SUCCESS(Status))
254 return Status;
255
256 switch (InformationClass)
257 {
258 case PolicyAuditLogInformation: /* 1 */
259 Status = LsarQueryAuditLog(PolicyHandle,
260 PolicyInformation);
261
262 case PolicyAuditEventsInformation: /* 2 */
263 Status = LsarQueryAuditEvents(PolicyHandle,
264 PolicyInformation);
265 break;
266
267 case PolicyPrimaryDomainInformation: /* 3 */
268 Status = LsarQueryPrimaryDomain(PolicyHandle,
269 PolicyInformation);
270 break;
271
272 case PolicyPdAccountInformation: /* 4 */
273 Status = LsarQueryPdAccount(PolicyHandle,
274 PolicyInformation);
275
276 case PolicyAccountDomainInformation: /* 5 */
277 Status = LsarQueryAccountDomain(PolicyHandle,
278 PolicyInformation);
279 break;
280
281 case PolicyLsaServerRoleInformation: /* 6 */
282 Status = LsarQueryServerRole(PolicyHandle,
283 PolicyInformation);
284 break;
285
286 case PolicyReplicaSourceInformation: /* 7 */
287 Status = LsarQueryReplicaSource(PolicyHandle,
288 PolicyInformation);
289
290 case PolicyDefaultQuotaInformation: /* 8 */
291 Status = LsarQueryDefaultQuota(PolicyHandle,
292 PolicyInformation);
293 break;
294
295 case PolicyModificationInformation: /* 9 */
296 Status = LsarQueryModification(PolicyHandle,
297 PolicyInformation);
298 break;
299
300 case PolicyAuditFullQueryInformation: /* 11 (0xB) */
301 Status = LsarQueryAuditFull(PolicyHandle,
302 PolicyInformation);
303 break;
304
305 case PolicyDnsDomainInformation: /* 12 (0xC) */
306 Status = LsarQueryDnsDomain(PolicyHandle,
307 PolicyInformation);
308 break;
309
310 case PolicyDnsDomainInformationInt: /* 13 (0xD) */
311 Status = LsarQueryDnsDomainInt(PolicyHandle,
312 PolicyInformation);
313 break;
314
315 case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
316 Status = LsarQueryLocalAccountDomain(PolicyHandle,
317 PolicyInformation);
318 break;
319
320 default:
321 ERR("Invalid InformationClass!\n");
322 Status = STATUS_INVALID_PARAMETER;
323 }
324
325 return Status;
326 }
327
328
329 /* Function 8 */
330 NTSTATUS WINAPI LsarSetInformationPolicy(
331 LSAPR_HANDLE PolicyHandle,
332 POLICY_INFORMATION_CLASS InformationClass,
333 PLSAPR_POLICY_INFORMATION PolicyInformation)
334 {
335 PLSA_DB_OBJECT DbObject;
336 ACCESS_MASK DesiredAccess = 0;
337 NTSTATUS Status;
338
339 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
340 PolicyHandle, InformationClass, PolicyInformation);
341
342 if (PolicyInformation)
343 {
344 TRACE("*PolicyInformation %p\n", *PolicyInformation);
345 }
346
347 switch (InformationClass)
348 {
349 case PolicyAuditLogInformation:
350 case PolicyAuditFullSetInformation:
351 DesiredAccess = POLICY_AUDIT_LOG_ADMIN;
352 break;
353
354 case PolicyAuditEventsInformation:
355 DesiredAccess = POLICY_SET_AUDIT_REQUIREMENTS;
356 break;
357
358 case PolicyPrimaryDomainInformation:
359 case PolicyAccountDomainInformation:
360 case PolicyDnsDomainInformation:
361 case PolicyDnsDomainInformationInt:
362 case PolicyLocalAccountDomainInformation:
363 DesiredAccess = POLICY_TRUST_ADMIN;
364 break;
365
366 case PolicyLsaServerRoleInformation:
367 case PolicyReplicaSourceInformation:
368 DesiredAccess = POLICY_SERVER_ADMIN;
369 break;
370
371 case PolicyDefaultQuotaInformation:
372 DesiredAccess = POLICY_SET_DEFAULT_QUOTA_LIMITS;
373 break;
374
375 default:
376 ERR("Invalid InformationClass!\n");
377 return STATUS_INVALID_PARAMETER;
378 }
379
380 Status = LsapValidateDbObject(PolicyHandle,
381 LsaDbPolicyObject,
382 DesiredAccess,
383 &DbObject);
384 if (!NT_SUCCESS(Status))
385 return Status;
386
387 switch (InformationClass)
388 {
389 case PolicyAuditEventsInformation:
390 Status = STATUS_NOT_IMPLEMENTED;
391 break;
392
393 case PolicyPrimaryDomainInformation:
394 Status = LsarSetPrimaryDomain(PolicyHandle,
395 (PLSAPR_POLICY_PRIMARY_DOM_INFO)PolicyInformation);
396 break;
397
398 case PolicyAccountDomainInformation:
399 Status = LsarSetAccountDomain(PolicyHandle,
400 (PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
401 break;
402
403 case PolicyDnsDomainInformation:
404 Status = LsarSetDnsDomain(PolicyHandle,
405 (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
406 break;
407
408 case PolicyLsaServerRoleInformation:
409 Status = STATUS_NOT_IMPLEMENTED;
410 break;
411
412 default:
413 Status = STATUS_INVALID_PARAMETER;
414 break;
415 }
416
417 return Status;
418 }
419
420
421 /* Function 9 */
422 NTSTATUS WINAPI LsarClearAuditLog(
423 LSAPR_HANDLE ObjectHandle)
424 {
425 /* Deprecated */
426 return STATUS_NOT_IMPLEMENTED;
427 }
428
429
430 /* Function 10 */
431 NTSTATUS WINAPI LsarCreateAccount(
432 LSAPR_HANDLE PolicyHandle,
433 PRPC_SID AccountSid,
434 ACCESS_MASK DesiredAccess,
435 LSAPR_HANDLE *AccountHandle)
436 {
437 PLSA_DB_OBJECT PolicyObject;
438 PLSA_DB_OBJECT AccountsObject = NULL;
439 PLSA_DB_OBJECT AccountObject = NULL;
440 LPWSTR SidString = NULL;
441 NTSTATUS Status = STATUS_SUCCESS;
442
443 /* Validate the PolicyHandle */
444 Status = LsapValidateDbObject(PolicyHandle,
445 LsaDbPolicyObject,
446 POLICY_CREATE_ACCOUNT,
447 &PolicyObject);
448 if (!NT_SUCCESS(Status))
449 {
450 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
451 return Status;
452 }
453
454 /* Open the Accounts object */
455 Status = LsapOpenDbObject(PolicyObject,
456 L"Accounts",
457 LsaDbContainerObject,
458 0,
459 &AccountsObject);
460 if (!NT_SUCCESS(Status))
461 {
462 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status);
463 goto done;
464 }
465
466 /* Create SID string */
467 if (!ConvertSidToStringSid((PSID)AccountSid,
468 &SidString))
469 {
470 ERR("ConvertSidToStringSid failed\n");
471 Status = STATUS_INVALID_PARAMETER;
472 goto done;
473 }
474
475 /* Create the Account object */
476 Status = LsapCreateDbObject(AccountsObject,
477 SidString,
478 LsaDbAccountObject,
479 DesiredAccess,
480 &AccountObject);
481 if (!NT_SUCCESS(Status))
482 {
483 ERR("LsapCreateDbObject (Account) failed (Status 0x%08lx)\n", Status);
484 goto done;
485 }
486
487 /* Set the Sid attribute */
488 Status = LsapSetObjectAttribute(AccountObject,
489 L"Sid",
490 (PVOID)AccountSid,
491 GetLengthSid(AccountSid));
492
493 done:
494 if (SidString != NULL)
495 LocalFree(SidString);
496
497 if (!NT_SUCCESS(Status))
498 {
499 if (AccountObject != NULL)
500 LsapCloseDbObject(AccountObject);
501 }
502 else
503 {
504 *AccountHandle = (LSAPR_HANDLE)AccountObject;
505 }
506
507 if (AccountsObject != NULL)
508 LsapCloseDbObject(AccountsObject);
509
510 return STATUS_SUCCESS;
511 }
512
513
514 /* Function 11 */
515 NTSTATUS WINAPI LsarEnumerateAccounts(
516 LSAPR_HANDLE PolicyHandle,
517 DWORD *EnumerationContext,
518 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer,
519 DWORD PreferedMaximumLength)
520 {
521 UNIMPLEMENTED;
522 return STATUS_NOT_IMPLEMENTED;
523 }
524
525
526 /* Function 12 */
527 NTSTATUS WINAPI LsarCreateTrustedDomain(
528 LSAPR_HANDLE PolicyHandle,
529 PLSAPR_TRUST_INFORMATION TrustedDomainInformation,
530 ACCESS_MASK DesiredAccess,
531 LSAPR_HANDLE *TrustedDomainHandle)
532 {
533 UNIMPLEMENTED;
534 return STATUS_NOT_IMPLEMENTED;
535 }
536
537
538 /* Function 13 */
539 NTSTATUS WINAPI LsarEnumerateTrustedDomains(
540 LSAPR_HANDLE PolicyHandle,
541 DWORD *EnumerationContext,
542 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
543 DWORD PreferedMaximumLength)
544 {
545 UNIMPLEMENTED;
546 return STATUS_NOT_IMPLEMENTED;
547 }
548
549
550 /* Function 14 */
551 NTSTATUS WINAPI LsarLookupNames(
552 LSAPR_HANDLE PolicyHandle,
553 DWORD Count,
554 PRPC_UNICODE_STRING Names,
555 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
556 PLSAPR_TRANSLATED_SIDS TranslatedSids,
557 LSAP_LOOKUP_LEVEL LookupLevel,
558 DWORD *MappedCount)
559 {
560 SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
561 static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
562 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains = NULL;
563 PLSA_TRANSLATED_SID OutputSids = NULL;
564 ULONG OutputSidsLength;
565 ULONG i;
566 PSID Sid;
567 ULONG SidLength;
568 NTSTATUS Status;
569
570 TRACE("LsarLookupNames(%p, %lu, %p, %p, %p, %d, %p)\n",
571 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
572 LookupLevel, MappedCount);
573
574 TranslatedSids->Entries = Count;
575 TranslatedSids->Sids = NULL;
576 *ReferencedDomains = NULL;
577
578 OutputSidsLength = Count * sizeof(LSA_TRANSLATED_SID);
579 OutputSids = MIDL_user_allocate(OutputSidsLength);
580 if (OutputSids == NULL)
581 {
582 return STATUS_INSUFFICIENT_RESOURCES;
583 }
584
585 RtlZeroMemory(OutputSids, OutputSidsLength);
586
587 OutputDomains = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
588 if (OutputDomains == NULL)
589 {
590 MIDL_user_free(OutputSids);
591 return STATUS_INSUFFICIENT_RESOURCES;
592 }
593
594 OutputDomains->Entries = Count;
595 OutputDomains->Domains = MIDL_user_allocate(Count * sizeof(LSA_TRUST_INFORMATION));
596 if (OutputDomains->Domains == NULL)
597 {
598 MIDL_user_free(OutputDomains);
599 MIDL_user_free(OutputSids);
600 return STATUS_INSUFFICIENT_RESOURCES;
601 }
602
603 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
604 2,
605 SECURITY_BUILTIN_DOMAIN_RID,
606 DOMAIN_ALIAS_RID_ADMINS,
607 0, 0, 0, 0, 0, 0,
608 &Sid);
609 if (!NT_SUCCESS(Status))
610 {
611 MIDL_user_free(OutputDomains->Domains);
612 MIDL_user_free(OutputDomains);
613 MIDL_user_free(OutputSids);
614 return Status;
615 }
616
617 SidLength = RtlLengthSid(Sid);
618
619 for (i = 0; i < Count; i++)
620 {
621 OutputDomains->Domains[i].Sid = MIDL_user_allocate(SidLength);
622 RtlCopyMemory(OutputDomains->Domains[i].Sid, Sid, SidLength);
623
624 OutputDomains->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength);
625 OutputDomains->Domains[i].Name.Length = DomainName.Length;
626 OutputDomains->Domains[i].Name.MaximumLength = DomainName.MaximumLength;
627 RtlCopyMemory(OutputDomains->Domains[i].Name.Buffer, DomainName.Buffer, DomainName.MaximumLength);
628 }
629
630 for (i = 0; i < Count; i++)
631 {
632 OutputSids[i].Use = SidTypeWellKnownGroup;
633 OutputSids[i].RelativeId = DOMAIN_USER_RID_ADMIN; //DOMAIN_ALIAS_RID_ADMINS;
634 OutputSids[i].DomainIndex = i;
635 }
636
637 *ReferencedDomains = OutputDomains;
638
639 *MappedCount = Count;
640
641 TranslatedSids->Entries = Count;
642 TranslatedSids->Sids = OutputSids;
643
644 return STATUS_SUCCESS;
645 }
646
647
648 /* Function 15 */
649 NTSTATUS WINAPI LsarLookupSids(
650 LSAPR_HANDLE PolicyHandle,
651 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
652 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
653 PLSAPR_TRANSLATED_NAMES TranslatedNames,
654 LSAP_LOOKUP_LEVEL LookupLevel,
655 DWORD *MappedCount)
656 {
657 SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
658 static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
659 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains = NULL;
660 PLSAPR_TRANSLATED_NAME OutputNames = NULL;
661 ULONG OutputNamesLength;
662 ULONG i;
663 PSID Sid;
664 ULONG SidLength;
665 NTSTATUS Status;
666
667 TRACE("LsarLookupSids(%p, %p, %p, %p, %d, %p)\n",
668 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
669 LookupLevel, MappedCount);
670
671 TranslatedNames->Entries = SidEnumBuffer->Entries;
672 TranslatedNames->Names = NULL;
673 *ReferencedDomains = NULL;
674
675 OutputNamesLength = SidEnumBuffer->Entries * sizeof(LSA_TRANSLATED_NAME);
676 OutputNames = MIDL_user_allocate(OutputNamesLength);
677 if (OutputNames == NULL)
678 {
679 return STATUS_INSUFFICIENT_RESOURCES;
680 }
681
682 RtlZeroMemory(OutputNames, OutputNamesLength);
683
684 OutputDomains = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
685 if (OutputDomains == NULL)
686 {
687 MIDL_user_free(OutputNames);
688 return STATUS_INSUFFICIENT_RESOURCES;
689 }
690
691 OutputDomains->Entries = SidEnumBuffer->Entries;
692 OutputDomains->Domains = MIDL_user_allocate(SidEnumBuffer->Entries * sizeof(LSA_TRUST_INFORMATION));
693 if (OutputDomains->Domains == NULL)
694 {
695 MIDL_user_free(OutputDomains);
696 MIDL_user_free(OutputNames);
697 return STATUS_INSUFFICIENT_RESOURCES;
698 }
699
700 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
701 2,
702 SECURITY_BUILTIN_DOMAIN_RID,
703 DOMAIN_ALIAS_RID_ADMINS,
704 0, 0, 0, 0, 0, 0,
705 &Sid);
706 if (!NT_SUCCESS(Status))
707 {
708 MIDL_user_free(OutputDomains->Domains);
709 MIDL_user_free(OutputDomains);
710 MIDL_user_free(OutputNames);
711 return Status;
712 }
713
714 SidLength = RtlLengthSid(Sid);
715
716 for (i = 0; i < SidEnumBuffer->Entries; i++)
717 {
718 OutputDomains->Domains[i].Sid = MIDL_user_allocate(SidLength);
719 RtlCopyMemory(OutputDomains->Domains[i].Sid, Sid, SidLength);
720
721 OutputDomains->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength);
722 OutputDomains->Domains[i].Name.Length = DomainName.Length;
723 OutputDomains->Domains[i].Name.MaximumLength = DomainName.MaximumLength;
724 RtlCopyMemory(OutputDomains->Domains[i].Name.Buffer, DomainName.Buffer, DomainName.MaximumLength);
725 }
726
727 Status = LsapLookupSids(SidEnumBuffer,
728 OutputNames);
729
730 *ReferencedDomains = OutputDomains;
731
732 *MappedCount = SidEnumBuffer->Entries;
733
734 TranslatedNames->Entries = SidEnumBuffer->Entries;
735 TranslatedNames->Names = OutputNames;
736
737 return Status;
738 }
739
740
741 /* Function 16 */
742 NTSTATUS WINAPI LsarCreateSecret(
743 LSAPR_HANDLE PolicyHandle,
744 PRPC_UNICODE_STRING SecretName,
745 ACCESS_MASK DesiredAccess,
746 LSAPR_HANDLE *SecretHandle)
747 {
748 PLSA_DB_OBJECT PolicyObject;
749 PLSA_DB_OBJECT SecretsObject = NULL;
750 PLSA_DB_OBJECT SecretObject = NULL;
751 LARGE_INTEGER Time;
752 NTSTATUS Status = STATUS_SUCCESS;
753
754 /* Validate the PolicyHandle */
755 Status = LsapValidateDbObject(PolicyHandle,
756 LsaDbPolicyObject,
757 POLICY_CREATE_SECRET,
758 &PolicyObject);
759 if (!NT_SUCCESS(Status))
760 {
761 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
762 return Status;
763 }
764
765 /* Open the Secrets object */
766 Status = LsapOpenDbObject(PolicyObject,
767 L"Secrets",
768 LsaDbContainerObject,
769 0,
770 &SecretsObject);
771 if (!NT_SUCCESS(Status))
772 {
773 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status);
774 goto done;
775 }
776
777 /* Get the current time */
778 Status = NtQuerySystemTime(&Time);
779 if (!NT_SUCCESS(Status))
780 {
781 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
782 goto done;
783 }
784
785 /* Create the Secret object */
786 Status = LsapCreateDbObject(SecretsObject,
787 SecretName->Buffer,
788 LsaDbSecretObject,
789 DesiredAccess,
790 &SecretObject);
791 if (!NT_SUCCESS(Status))
792 {
793 ERR("LsapCreateDbObject (Secret) failed (Status 0x%08lx)\n", Status);
794 goto done;
795 }
796
797 /* Set the CurrentTime attribute */
798 Status = LsapSetObjectAttribute(SecretObject,
799 L"CurrentTime",
800 (PVOID)&Time,
801 sizeof(LARGE_INTEGER));
802 if (!NT_SUCCESS(Status))
803 {
804 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status);
805 goto done;
806 }
807
808 /* Set the OldTime attribute */
809 Status = LsapSetObjectAttribute(SecretObject,
810 L"OldTime",
811 (PVOID)&Time,
812 sizeof(LARGE_INTEGER));
813
814 done:
815 if (!NT_SUCCESS(Status))
816 {
817 if (SecretObject != NULL)
818 LsapCloseDbObject(SecretObject);
819 }
820 else
821 {
822 *SecretHandle = (LSAPR_HANDLE)SecretObject;
823 }
824
825 if (SecretsObject != NULL)
826 LsapCloseDbObject(SecretsObject);
827
828 return STATUS_SUCCESS;
829 }
830
831
832 /* Function 17 */
833 NTSTATUS WINAPI LsarOpenAccount(
834 LSAPR_HANDLE PolicyHandle,
835 PRPC_SID AccountSid,
836 ACCESS_MASK DesiredAccess,
837 LSAPR_HANDLE *AccountHandle)
838 {
839 PLSA_DB_OBJECT PolicyObject;
840 PLSA_DB_OBJECT AccountsObject = NULL;
841 PLSA_DB_OBJECT AccountObject = NULL;
842 LPWSTR SidString = NULL;
843 NTSTATUS Status = STATUS_SUCCESS;
844
845 /* Validate the PolicyHandle */
846 Status = LsapValidateDbObject(PolicyHandle,
847 LsaDbPolicyObject,
848 POLICY_CREATE_ACCOUNT,
849 &PolicyObject);
850 if (!NT_SUCCESS(Status))
851 {
852 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
853 return Status;
854 }
855
856 /* Open the Accounts object */
857 Status = LsapOpenDbObject(PolicyObject,
858 L"Accounts",
859 LsaDbContainerObject,
860 0,
861 &AccountsObject);
862 if (!NT_SUCCESS(Status))
863 {
864 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status);
865 goto done;
866 }
867
868 /* Create SID string */
869 if (!ConvertSidToStringSid((PSID)AccountSid,
870 &SidString))
871 {
872 ERR("ConvertSidToStringSid failed\n");
873 Status = STATUS_INVALID_PARAMETER;
874 goto done;
875 }
876
877 /* Create the Account object */
878 Status = LsapOpenDbObject(AccountsObject,
879 SidString,
880 LsaDbAccountObject,
881 DesiredAccess,
882 &AccountObject);
883 if (!NT_SUCCESS(Status))
884 {
885 ERR("LsapOpenDbObject (Account) failed (Status 0x%08lx)\n", Status);
886 goto done;
887 }
888
889 /* Set the Sid attribute */
890 Status = LsapSetObjectAttribute(AccountObject,
891 L"Sid",
892 (PVOID)AccountSid,
893 GetLengthSid(AccountSid));
894
895 done:
896 if (SidString != NULL)
897 LocalFree(SidString);
898
899 if (!NT_SUCCESS(Status))
900 {
901 if (AccountObject != NULL)
902 LsapCloseDbObject(AccountObject);
903 }
904 else
905 {
906 *AccountHandle = (LSAPR_HANDLE)AccountObject;
907 }
908
909 if (AccountsObject != NULL)
910 LsapCloseDbObject(AccountsObject);
911
912 return STATUS_SUCCESS;
913 }
914
915
916 /* Function 18 */
917 NTSTATUS WINAPI LsarEnumeratePrivilegesAccount(
918 LSAPR_HANDLE AccountHandle,
919 PLSAPR_PRIVILEGE_SET *Privileges)
920 {
921 PLSA_DB_OBJECT AccountObject;
922 ULONG PrivilegeSetSize = 0;
923 PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
924 NTSTATUS Status;
925
926 *Privileges = NULL;
927
928 /* Validate the AccountHandle */
929 Status = LsapValidateDbObject(AccountHandle,
930 LsaDbAccountObject,
931 ACCOUNT_VIEW,
932 &AccountObject);
933 if (!NT_SUCCESS(Status))
934 {
935 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
936 return Status;
937 }
938
939 /* Get the size of the privilege set */
940 Status = LsapGetObjectAttribute(AccountObject,
941 L"Privilgs",
942 NULL,
943 &PrivilegeSetSize);
944 if (!NT_SUCCESS(Status))
945 return Status;
946
947 /* Allocate a buffer for the privilege set */
948 PrivilegeSet = MIDL_user_allocate(PrivilegeSetSize);
949 if (PrivilegeSet == NULL)
950 return STATUS_NO_MEMORY;
951
952 /* Get the privilege set */
953 Status = LsapGetObjectAttribute(AccountObject,
954 L"Privilgs",
955 PrivilegeSet,
956 &PrivilegeSetSize);
957 if (!NT_SUCCESS(Status))
958 {
959 MIDL_user_free(PrivilegeSet);
960 return Status;
961 }
962
963 /* Return a pointer to the privilege set */
964 *Privileges = PrivilegeSet;
965
966 return STATUS_SUCCESS;
967 }
968
969
970 /* Function 19 */
971 NTSTATUS WINAPI LsarAddPrivilegesToAccount(
972 LSAPR_HANDLE AccountHandle,
973 PLSAPR_PRIVILEGE_SET Privileges)
974 {
975 PLSA_DB_OBJECT AccountObject;
976 PPRIVILEGE_SET CurrentPrivileges = NULL;
977 PPRIVILEGE_SET NewPrivileges = NULL;
978 ULONG PrivilegeSetSize = 0;
979 ULONG PrivilegeCount;
980 ULONG i, j;
981 BOOL bFound;
982 NTSTATUS Status;
983
984 /* Validate the AccountHandle */
985 Status = LsapValidateDbObject(AccountHandle,
986 LsaDbAccountObject,
987 ACCOUNT_ADJUST_PRIVILEGES,
988 &AccountObject);
989 if (!NT_SUCCESS(Status))
990 {
991 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
992 return Status;
993 }
994
995 Status = LsapGetObjectAttribute(AccountObject,
996 L"Privilgs",
997 NULL,
998 &PrivilegeSetSize);
999 if (!NT_SUCCESS(Status) || PrivilegeSetSize == 0)
1000 {
1001 /* The Privilgs attribute does not exist */
1002
1003 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1004 (Privileges->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1005 Status = LsapSetObjectAttribute(AccountObject,
1006 L"Privilgs",
1007 Privileges,
1008 PrivilegeSetSize);
1009 }
1010 else
1011 {
1012 /* The Privilgs attribute exists */
1013
1014 /* Allocate memory for the stored privilege set */
1015 CurrentPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1016 if (CurrentPrivileges == NULL)
1017 return STATUS_NO_MEMORY;
1018
1019 /* Get the current privilege set */
1020 Status = LsapGetObjectAttribute(AccountObject,
1021 L"Privilgs",
1022 CurrentPrivileges,
1023 &PrivilegeSetSize);
1024 if (!NT_SUCCESS(Status))
1025 {
1026 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
1027 goto done;
1028 }
1029
1030 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1031 TRACE("Current privilege count: %lu\n", PrivilegeCount);
1032
1033 /* Calculate the number privileges in the combined privilege set */
1034 for (i = 0; i < Privileges->PrivilegeCount; i++)
1035 {
1036 bFound = FALSE;
1037 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1038 {
1039 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1040 &(CurrentPrivileges->Privilege[i].Luid)))
1041 {
1042 bFound = TRUE;
1043 break;
1044 }
1045 }
1046
1047 if (bFound == FALSE)
1048 {
1049 TRACE("Found new privilege\n");
1050 PrivilegeCount++;
1051 }
1052 }
1053 TRACE("New privilege count: %lu\n", PrivilegeCount);
1054
1055 /* Calculate the size of the new privilege set and allocate it */
1056 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1057 (PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1058 NewPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1059 if (NewPrivileges == NULL)
1060 {
1061 Status = STATUS_NO_MEMORY;
1062 goto done;
1063 }
1064
1065 /* Initialize the new privilege set */
1066 NewPrivileges->PrivilegeCount = PrivilegeCount;
1067 NewPrivileges->Control = 0;
1068
1069 /* Copy all privileges from the current privilege set */
1070 RtlCopyLuidAndAttributesArray(CurrentPrivileges->PrivilegeCount,
1071 &(CurrentPrivileges->Privilege[0]),
1072 &(NewPrivileges->Privilege[0]));
1073
1074 /* Add new privileges to the new privilege set */
1075 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1076 for (i = 0; i < Privileges->PrivilegeCount; i++)
1077 {
1078 bFound = FALSE;
1079 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1080 {
1081 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1082 &(CurrentPrivileges->Privilege[i].Luid)))
1083 {
1084 /* Overwrite attributes if a matching privilege was found */
1085 NewPrivileges->Privilege[j].Attributes = Privileges->Privilege[i].Attributes;
1086
1087 bFound = TRUE;
1088 break;
1089 }
1090 }
1091
1092 if (bFound == FALSE)
1093 {
1094 /* Copy the new privilege */
1095 RtlCopyLuidAndAttributesArray(1,
1096 (PLUID_AND_ATTRIBUTES)&(Privileges->Privilege[i]),
1097 &(NewPrivileges->Privilege[PrivilegeCount]));
1098 PrivilegeCount++;
1099 }
1100 }
1101
1102 /* Set the new priivliege set */
1103 Status = LsapSetObjectAttribute(AccountObject,
1104 L"Privilgs",
1105 NewPrivileges,
1106 PrivilegeSetSize);
1107 }
1108
1109 done:
1110 if (CurrentPrivileges != NULL)
1111 MIDL_user_free(CurrentPrivileges);
1112
1113 if (NewPrivileges != NULL)
1114 MIDL_user_free(NewPrivileges);
1115
1116 return Status;
1117 }
1118
1119
1120 /* Function 20 */
1121 NTSTATUS WINAPI LsarRemovePrivilegesFromAccount(
1122 LSAPR_HANDLE AccountHandle,
1123 BOOL AllPrivileges,
1124 PLSAPR_PRIVILEGE_SET Privileges)
1125 {
1126 UNIMPLEMENTED;
1127 return STATUS_NOT_IMPLEMENTED;
1128 }
1129
1130
1131 /* Function 21 */
1132 NTSTATUS WINAPI LsarGetQuotasForAccount(
1133 LSAPR_HANDLE AccountHandle,
1134 PQUOTA_LIMITS QuotaLimits)
1135 {
1136 UNIMPLEMENTED;
1137 return STATUS_NOT_IMPLEMENTED;
1138 }
1139
1140
1141 /* Function 22 */
1142 NTSTATUS WINAPI LsarSetQuotasForAccount(
1143 LSAPR_HANDLE AccountHandle,
1144 PQUOTA_LIMITS QuotaLimits)
1145 {
1146 UNIMPLEMENTED;
1147 return STATUS_NOT_IMPLEMENTED;
1148 }
1149
1150
1151 /* Function 23 */
1152 NTSTATUS WINAPI LsarGetSystemAccessAccount(
1153 LSAPR_HANDLE AccountHandle,
1154 ACCESS_MASK *SystemAccess)
1155 {
1156 PLSA_DB_OBJECT AccountObject;
1157 ULONG Size;
1158 NTSTATUS Status;
1159
1160 /* Validate the account handle */
1161 Status = LsapValidateDbObject(AccountHandle,
1162 LsaDbAccountObject,
1163 ACCOUNT_VIEW,
1164 &AccountObject);
1165 if (!NT_SUCCESS(Status))
1166 {
1167 ERR("Invalid handle (Status %lx)\n", Status);
1168 return Status;
1169 }
1170
1171 /* Get the system access flags */
1172 Status = LsapGetObjectAttribute(AccountObject,
1173 L"ActSysAc",
1174 SystemAccess,
1175 &Size);
1176
1177 return Status;
1178 }
1179
1180
1181 /* Function 24 */
1182 NTSTATUS WINAPI LsarSetSystemAccessAccount(
1183 LSAPR_HANDLE AccountHandle,
1184 ACCESS_MASK SystemAccess)
1185 {
1186 PLSA_DB_OBJECT AccountObject;
1187 NTSTATUS Status;
1188
1189 /* Validate the account handle */
1190 Status = LsapValidateDbObject(AccountHandle,
1191 LsaDbAccountObject,
1192 ACCOUNT_ADJUST_SYSTEM_ACCESS,
1193 &AccountObject);
1194 if (!NT_SUCCESS(Status))
1195 {
1196 ERR("Invalid handle (Status %lx)\n", Status);
1197 return Status;
1198 }
1199
1200 /* Set the system access flags */
1201 Status = LsapSetObjectAttribute(AccountObject,
1202 L"ActSysAc",
1203 &SystemAccess,
1204 sizeof(ACCESS_MASK));
1205
1206 return Status;
1207 }
1208
1209
1210 /* Function 25 */
1211 NTSTATUS WINAPI LsarOpenTrustedDomain(
1212 LSAPR_HANDLE PolicyHandle,
1213 PRPC_SID TrustedDomainSid,
1214 ACCESS_MASK DesiredAccess,
1215 LSAPR_HANDLE *TrustedDomainHandle)
1216 {
1217 UNIMPLEMENTED;
1218 return STATUS_NOT_IMPLEMENTED;
1219 }
1220
1221
1222 /* Function 26 */
1223 NTSTATUS WINAPI LsarQueryInfoTrustedDomain(
1224 LSAPR_HANDLE TrustedDomainHandle,
1225 TRUSTED_INFORMATION_CLASS InformationClass,
1226 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
1227 {
1228 UNIMPLEMENTED;
1229 return STATUS_NOT_IMPLEMENTED;
1230 }
1231
1232
1233 /* Function 27 */
1234 NTSTATUS WINAPI LsarSetInformationTrustedDomain(
1235 LSAPR_HANDLE TrustedDomainHandle,
1236 TRUSTED_INFORMATION_CLASS InformationClass,
1237 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
1238 {
1239 UNIMPLEMENTED;
1240 return STATUS_NOT_IMPLEMENTED;
1241 }
1242
1243
1244 /* Function 28 */
1245 NTSTATUS WINAPI LsarOpenSecret(
1246 LSAPR_HANDLE PolicyHandle,
1247 PRPC_UNICODE_STRING SecretName,
1248 ACCESS_MASK DesiredAccess,
1249 LSAPR_HANDLE *SecretHandle)
1250 {
1251 PLSA_DB_OBJECT PolicyObject;
1252 PLSA_DB_OBJECT SecretsObject = NULL;
1253 PLSA_DB_OBJECT SecretObject = NULL;
1254 NTSTATUS Status = STATUS_SUCCESS;
1255
1256 /* Validate the PolicyHandle */
1257 Status = LsapValidateDbObject(PolicyHandle,
1258 LsaDbPolicyObject,
1259 POLICY_CREATE_SECRET,
1260 &PolicyObject);
1261 if (!NT_SUCCESS(Status))
1262 {
1263 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1264 return Status;
1265 }
1266
1267 /* Open the Secrets object */
1268 Status = LsapOpenDbObject(PolicyObject,
1269 L"Secrets",
1270 LsaDbContainerObject,
1271 0,
1272 &SecretsObject);
1273 if (!NT_SUCCESS(Status))
1274 {
1275 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status);
1276 goto done;
1277 }
1278
1279 /* Create the secret object */
1280 Status = LsapOpenDbObject(SecretsObject,
1281 SecretName->Buffer,
1282 LsaDbSecretObject,
1283 DesiredAccess,
1284 &SecretObject);
1285 if (!NT_SUCCESS(Status))
1286 {
1287 ERR("LsapOpenDbObject (Secret) failed (Status 0x%08lx)\n", Status);
1288 goto done;
1289 }
1290
1291 done:
1292 if (!NT_SUCCESS(Status))
1293 {
1294 if (SecretObject != NULL)
1295 LsapCloseDbObject(SecretObject);
1296 }
1297 else
1298 {
1299 *SecretHandle = (LSAPR_HANDLE)SecretObject;
1300 }
1301
1302 if (SecretsObject != NULL)
1303 LsapCloseDbObject(SecretsObject);
1304
1305 return STATUS_SUCCESS;
1306 }
1307
1308
1309 /* Function 29 */
1310 NTSTATUS WINAPI LsarSetSecret(
1311 LSAPR_HANDLE SecretHandle,
1312 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue,
1313 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue)
1314 {
1315 PLSA_DB_OBJECT SecretObject;
1316 PBYTE CurrentValue = NULL;
1317 PBYTE OldValue = NULL;
1318 ULONG CurrentValueLength = 0;
1319 ULONG OldValueLength = 0;
1320 LARGE_INTEGER Time;
1321 NTSTATUS Status;
1322
1323 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle,
1324 EncryptedCurrentValue, EncryptedOldValue);
1325
1326 /* Validate the SecretHandle */
1327 Status = LsapValidateDbObject(SecretHandle,
1328 LsaDbSecretObject,
1329 SECRET_SET_VALUE,
1330 &SecretObject);
1331 if (!NT_SUCCESS(Status))
1332 {
1333 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1334 return Status;
1335 }
1336
1337 if (EncryptedCurrentValue != NULL)
1338 {
1339 /* FIXME: Decrypt the current value */
1340 CurrentValue = EncryptedCurrentValue->Buffer;
1341 CurrentValueLength = EncryptedCurrentValue->MaximumLength;
1342 }
1343
1344 /* Set the current value */
1345 Status = LsapSetObjectAttribute(SecretObject,
1346 L"CurrentValue",
1347 CurrentValue,
1348 CurrentValueLength);
1349 if (!NT_SUCCESS(Status))
1350 {
1351 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1352 goto done;
1353 }
1354
1355 /* Get the current time */
1356 Status = NtQuerySystemTime(&Time);
1357 if (!NT_SUCCESS(Status))
1358 {
1359 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
1360 goto done;
1361 }
1362
1363 /* Set the current time */
1364 Status = LsapSetObjectAttribute(SecretObject,
1365 L"CurrentTime",
1366 &Time,
1367 sizeof(LARGE_INTEGER));
1368 if (!NT_SUCCESS(Status))
1369 {
1370 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1371 goto done;
1372 }
1373
1374 if (EncryptedOldValue != NULL)
1375 {
1376 /* FIXME: Decrypt the old value */
1377 OldValue = EncryptedOldValue->Buffer;
1378 OldValueLength = EncryptedOldValue->MaximumLength;
1379 }
1380
1381 /* Set the old value */
1382 Status = LsapSetObjectAttribute(SecretObject,
1383 L"OldValue",
1384 OldValue,
1385 OldValueLength);
1386 if (!NT_SUCCESS(Status))
1387 {
1388 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1389 goto done;
1390 }
1391
1392 /* Set the old time */
1393 Status = LsapSetObjectAttribute(SecretObject,
1394 L"OldTime",
1395 &Time,
1396 sizeof(LARGE_INTEGER));
1397 if (!NT_SUCCESS(Status))
1398 {
1399 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1400 }
1401
1402 done:
1403 return Status;
1404 }
1405
1406
1407 /* Function 30 */
1408 NTSTATUS WINAPI LsarQuerySecret(
1409 LSAPR_HANDLE SecretHandle,
1410 PLSAPR_CR_CIPHER_VALUE *EncryptedCurrentValue,
1411 PLARGE_INTEGER CurrentValueSetTime,
1412 PLSAPR_CR_CIPHER_VALUE *EncryptedOldValue,
1413 PLARGE_INTEGER OldValueSetTime)
1414 {
1415 PLSA_DB_OBJECT SecretObject;
1416 PLSAPR_CR_CIPHER_VALUE EncCurrentValue = NULL;
1417 PLSAPR_CR_CIPHER_VALUE EncOldValue = NULL;
1418 PBYTE CurrentValue = NULL;
1419 PBYTE OldValue = NULL;
1420 ULONG CurrentValueLength = 0;
1421 ULONG OldValueLength = 0;
1422 ULONG BufferSize;
1423 NTSTATUS Status;
1424
1425 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle,
1426 EncryptedCurrentValue, CurrentValueSetTime,
1427 EncryptedOldValue, OldValueSetTime);
1428
1429 /* Validate the SecretHandle */
1430 Status = LsapValidateDbObject(SecretHandle,
1431 LsaDbSecretObject,
1432 SECRET_QUERY_VALUE,
1433 &SecretObject);
1434 if (!NT_SUCCESS(Status))
1435 {
1436 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1437 return Status;
1438 }
1439
1440 if (EncryptedCurrentValue != NULL)
1441 {
1442 CurrentValueLength = 0;
1443
1444 /* Get the size of the current value */
1445 Status = LsapGetObjectAttribute(SecretObject,
1446 L"CurrentValue",
1447 NULL,
1448 &CurrentValueLength);
1449 if (!NT_SUCCESS(Status))
1450 goto done;
1451
1452 /* Allocate a buffer for the current value */
1453 CurrentValue = midl_user_allocate(CurrentValueLength);
1454 if (CurrentValue == NULL)
1455 {
1456 Status = STATUS_INSUFFICIENT_RESOURCES;
1457 goto done;
1458 }
1459
1460 /* Get the current value */
1461 Status = LsapGetObjectAttribute(SecretObject,
1462 L"CurrentValue",
1463 CurrentValue,
1464 &CurrentValueLength);
1465 if (!NT_SUCCESS(Status))
1466 goto done;
1467
1468 /* Allocate a buffer for the encrypted current value */
1469 EncCurrentValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE));
1470 if (EncCurrentValue == NULL)
1471 {
1472 Status = STATUS_INSUFFICIENT_RESOURCES;
1473 goto done;
1474 }
1475
1476 /* FIXME: Encrypt the current value */
1477 EncCurrentValue->Length = (USHORT)(CurrentValueLength - sizeof(WCHAR));
1478 EncCurrentValue->MaximumLength = (USHORT)CurrentValueLength;
1479 EncCurrentValue->Buffer = (PBYTE)CurrentValue;
1480 }
1481
1482 if (CurrentValueSetTime != NULL)
1483 {
1484 BufferSize = sizeof(LARGE_INTEGER);
1485
1486 /* Get the current value time */
1487 Status = LsapGetObjectAttribute(SecretObject,
1488 L"CurrentTime",
1489 (PBYTE)CurrentValueSetTime,
1490 &BufferSize);
1491 if (!NT_SUCCESS(Status))
1492 goto done;
1493 }
1494
1495 if (EncryptedOldValue != NULL)
1496 {
1497 OldValueLength = 0;
1498
1499 /* Get the size of the old value */
1500 Status = LsapGetObjectAttribute(SecretObject,
1501 L"OldValue",
1502 NULL,
1503 &OldValueLength);
1504 if (!NT_SUCCESS(Status))
1505 goto done;
1506
1507 /* Allocate a buffer for the old value */
1508 OldValue = midl_user_allocate(OldValueLength);
1509 if (OldValue == NULL)
1510 {
1511 Status = STATUS_INSUFFICIENT_RESOURCES;
1512 goto done;
1513 }
1514
1515 /* Get the old value */
1516 Status = LsapGetObjectAttribute(SecretObject,
1517 L"OldValue",
1518 OldValue,
1519 &OldValueLength);
1520 if (!NT_SUCCESS(Status))
1521 goto done;
1522
1523 /* Allocate a buffer for the encrypted old value */
1524 EncOldValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE) + OldValueLength);
1525 if (EncOldValue == NULL)
1526 {
1527 Status = STATUS_INSUFFICIENT_RESOURCES;
1528 goto done;
1529 }
1530
1531 /* FIXME: Encrypt the old value */
1532 EncOldValue->Length = (USHORT)(OldValueLength - sizeof(WCHAR));
1533 EncOldValue->MaximumLength = (USHORT)OldValueLength;
1534 EncOldValue->Buffer = (PBYTE)OldValue;
1535 }
1536
1537 if (OldValueSetTime != NULL)
1538 {
1539 BufferSize = sizeof(LARGE_INTEGER);
1540
1541 /* Get the old value time */
1542 Status = LsapGetObjectAttribute(SecretObject,
1543 L"OldTime",
1544 (PBYTE)OldValueSetTime,
1545 &BufferSize);
1546 if (!NT_SUCCESS(Status))
1547 goto done;
1548 }
1549
1550
1551 done:
1552 if (NT_SUCCESS(Status))
1553 {
1554 if (EncryptedCurrentValue != NULL)
1555 *EncryptedCurrentValue = EncCurrentValue;
1556
1557 if (EncryptedOldValue != NULL)
1558 *EncryptedOldValue = EncOldValue;
1559 }
1560 else
1561 {
1562 if (EncryptedCurrentValue != NULL)
1563 *EncryptedCurrentValue = NULL;
1564
1565 if (EncryptedOldValue != NULL)
1566 *EncryptedOldValue = NULL;
1567
1568 if (EncCurrentValue != NULL)
1569 midl_user_free(EncCurrentValue);
1570
1571 if (EncOldValue != NULL)
1572 midl_user_free(EncOldValue);
1573
1574 if (CurrentValue != NULL)
1575 midl_user_free(CurrentValue);
1576
1577 if (OldValue != NULL)
1578 midl_user_free(OldValue);
1579 }
1580
1581 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status);
1582
1583 return Status;
1584 }
1585
1586
1587 /* Function 31 */
1588 NTSTATUS WINAPI LsarLookupPrivilegeValue(
1589 LSAPR_HANDLE PolicyHandle,
1590 PRPC_UNICODE_STRING Name,
1591 PLUID Value)
1592 {
1593 NTSTATUS Status;
1594
1595 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1596 PolicyHandle, Name, Value);
1597
1598 Status = LsapValidateDbObject(PolicyHandle,
1599 LsaDbPolicyObject,
1600 POLICY_LOOKUP_NAMES,
1601 NULL);
1602 if (!NT_SUCCESS(Status))
1603 {
1604 ERR("Invalid handle (Status %lx)\n", Status);
1605 return Status;
1606 }
1607
1608 TRACE("Privilege: %wZ\n", Name);
1609
1610 Status = LsarpLookupPrivilegeValue((PUNICODE_STRING)Name,
1611 Value);
1612
1613 return Status;
1614 }
1615
1616
1617 /* Function 32 */
1618 NTSTATUS WINAPI LsarLookupPrivilegeName(
1619 LSAPR_HANDLE PolicyHandle,
1620 PLUID Value,
1621 PRPC_UNICODE_STRING *Name)
1622 {
1623 NTSTATUS Status;
1624
1625 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1626 PolicyHandle, Value, Name);
1627
1628 Status = LsapValidateDbObject(PolicyHandle,
1629 LsaDbPolicyObject,
1630 POLICY_LOOKUP_NAMES,
1631 NULL);
1632 if (!NT_SUCCESS(Status))
1633 {
1634 ERR("Invalid handle\n");
1635 return Status;
1636 }
1637
1638 Status = LsarpLookupPrivilegeName(Value, (PUNICODE_STRING*)Name);
1639
1640 return Status;
1641 }
1642
1643
1644 /* Function 33 */
1645 NTSTATUS WINAPI LsarLookupPrivilegeDisplayName(
1646 LSAPR_HANDLE PolicyHandle,
1647 PRPC_UNICODE_STRING Name,
1648 USHORT ClientLanguage,
1649 USHORT ClientSystemDefaultLanguage,
1650 PRPC_UNICODE_STRING *DisplayName,
1651 USHORT *LanguageReturned)
1652 {
1653 UNIMPLEMENTED;
1654 return STATUS_NOT_IMPLEMENTED;
1655 }
1656
1657
1658 /* Function 34 */
1659 NTSTATUS WINAPI LsarDeleteObject(
1660 LSAPR_HANDLE *ObjectHandle)
1661 {
1662 UNIMPLEMENTED;
1663 return STATUS_NOT_IMPLEMENTED;
1664 }
1665
1666
1667 /* Function 35 */
1668 NTSTATUS WINAPI LsarEnumerateAccountsWithUserRight(
1669 LSAPR_HANDLE PolicyHandle,
1670 PRPC_UNICODE_STRING UserRight,
1671 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer)
1672 {
1673 UNIMPLEMENTED;
1674 return STATUS_NOT_IMPLEMENTED;
1675 }
1676
1677
1678 /* Function 36 */
1679 NTSTATUS WINAPI LsarEnumerateAccountRights(
1680 LSAPR_HANDLE PolicyHandle,
1681 PRPC_SID AccountSid,
1682 PLSAPR_USER_RIGHT_SET UserRights)
1683 {
1684 PLSA_DB_OBJECT PolicyObject;
1685 NTSTATUS Status;
1686
1687 TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
1688 PolicyHandle, AccountSid, UserRights);
1689
1690 Status = LsapValidateDbObject(PolicyHandle,
1691 LsaDbPolicyObject,
1692 ACCOUNT_VIEW,
1693 &PolicyObject);
1694 if (!NT_SUCCESS(Status))
1695 return Status;
1696
1697 UserRights->Entries = 0;
1698 UserRights->UserRights = NULL;
1699 return STATUS_OBJECT_NAME_NOT_FOUND;
1700 }
1701
1702
1703 /* Function 37 */
1704 NTSTATUS WINAPI LsarAddAccountRights(
1705 LSAPR_HANDLE PolicyHandle,
1706 PRPC_SID AccountSid,
1707 PLSAPR_USER_RIGHT_SET UserRights)
1708 {
1709 UNIMPLEMENTED;
1710 return STATUS_NOT_IMPLEMENTED;
1711 }
1712
1713
1714 /* Function 38 */
1715 NTSTATUS WINAPI LsarRemoveAccountRights(
1716 LSAPR_HANDLE PolicyHandle,
1717 PRPC_SID AccountSid,
1718 BOOL AllRights,
1719 PLSAPR_USER_RIGHT_SET UserRights)
1720 {
1721 UNIMPLEMENTED;
1722 return STATUS_NOT_IMPLEMENTED;
1723 }
1724
1725
1726 /* Function 39 */
1727 NTSTATUS WINAPI LsarQueryTrustedDomainInfo(
1728 LSAPR_HANDLE PolicyHandle,
1729 PRPC_SID TrustedDomainSid,
1730 TRUSTED_INFORMATION_CLASS InformationClass,
1731 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
1732 {
1733 UNIMPLEMENTED;
1734 return STATUS_NOT_IMPLEMENTED;
1735 }
1736
1737
1738 /* Function 40 */
1739 NTSTATUS WINAPI LsarSetTrustedDomainInfo(
1740 LSAPR_HANDLE PolicyHandle,
1741 PRPC_SID TrustedDomainSid,
1742 TRUSTED_INFORMATION_CLASS InformationClass,
1743 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
1744 {
1745 UNIMPLEMENTED;
1746 return STATUS_NOT_IMPLEMENTED;
1747 }
1748
1749
1750 /* Function 41 */
1751 NTSTATUS WINAPI LsarDeleteTrustedDomain(
1752 LSAPR_HANDLE PolicyHandle,
1753 PRPC_SID TrustedDomainSid)
1754 {
1755 UNIMPLEMENTED;
1756 return STATUS_NOT_IMPLEMENTED;
1757 }
1758
1759
1760 /* Function 42 */
1761 NTSTATUS WINAPI LsarStorePrivateData(
1762 LSAPR_HANDLE PolicyHandle,
1763 PRPC_UNICODE_STRING KeyName,
1764 PLSAPR_CR_CIPHER_VALUE EncryptedData)
1765 {
1766 UNIMPLEMENTED;
1767 return STATUS_NOT_IMPLEMENTED;
1768 }
1769
1770
1771 /* Function 43 */
1772 NTSTATUS WINAPI LsarRetrievePrivateData(
1773 LSAPR_HANDLE PolicyHandle,
1774 PRPC_UNICODE_STRING KeyName,
1775 PLSAPR_CR_CIPHER_VALUE *EncryptedData)
1776 {
1777 UNIMPLEMENTED;
1778 return STATUS_NOT_IMPLEMENTED;
1779 }
1780
1781
1782 /* Function 44 */
1783 NTSTATUS WINAPI LsarOpenPolicy2(
1784 LPWSTR SystemName,
1785 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
1786 ACCESS_MASK DesiredAccess,
1787 LSAPR_HANDLE *PolicyHandle)
1788 {
1789 UNIMPLEMENTED;
1790 return STATUS_NOT_IMPLEMENTED;
1791 }
1792
1793
1794 /* Function 45 */
1795 NTSTATUS WINAPI LsarGetUserName(
1796 LPWSTR SystemName,
1797 PRPC_UNICODE_STRING *UserName,
1798 PRPC_UNICODE_STRING *DomainName)
1799 {
1800 UNIMPLEMENTED;
1801 return STATUS_NOT_IMPLEMENTED;
1802 }
1803
1804
1805 /* Function 46 */
1806 NTSTATUS WINAPI LsarQueryInformationPolicy2(
1807 LSAPR_HANDLE PolicyHandle,
1808 POLICY_INFORMATION_CLASS InformationClass,
1809 PLSAPR_POLICY_INFORMATION *PolicyInformation)
1810 {
1811 return LsarQueryInformationPolicy(PolicyHandle,
1812 InformationClass,
1813 PolicyInformation);
1814 }
1815
1816
1817 /* Function 47 */
1818 NTSTATUS WINAPI LsarSetInformationPolicy2(
1819 LSAPR_HANDLE PolicyHandle,
1820 POLICY_INFORMATION_CLASS InformationClass,
1821 PLSAPR_POLICY_INFORMATION PolicyInformation)
1822 {
1823 return LsarSetInformationPolicy(PolicyHandle,
1824 InformationClass,
1825 PolicyInformation);
1826 }
1827
1828
1829 /* Function 48 */
1830 NTSTATUS WINAPI LsarQueryTrustedDomainInfoByName(
1831 LSAPR_HANDLE PolicyHandle,
1832 PRPC_UNICODE_STRING TrustedDomainName,
1833 POLICY_INFORMATION_CLASS InformationClass,
1834 PLSAPR_TRUSTED_DOMAIN_INFO *PolicyInformation)
1835 {
1836 UNIMPLEMENTED;
1837 return STATUS_NOT_IMPLEMENTED;
1838 }
1839
1840
1841 /* Function 49 */
1842 NTSTATUS WINAPI LsarSetTrustedDomainInfoByName(
1843 LSAPR_HANDLE PolicyHandle,
1844 PRPC_UNICODE_STRING TrustedDomainName,
1845 POLICY_INFORMATION_CLASS InformationClass,
1846 PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation)
1847 {
1848 UNIMPLEMENTED;
1849 return STATUS_NOT_IMPLEMENTED;
1850 }
1851
1852
1853 /* Function 50 */
1854 NTSTATUS WINAPI LsarEnumerateTrustedDomainsEx(
1855 LSAPR_HANDLE PolicyHandle,
1856 DWORD *EnumerationContext,
1857 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer,
1858 DWORD PreferedMaximumLength)
1859 {
1860 UNIMPLEMENTED;
1861 return STATUS_NOT_IMPLEMENTED;
1862 }
1863
1864
1865 /* Function 51 */
1866 NTSTATUS WINAPI LsarCreateTrustedDomainEx(
1867 LSAPR_HANDLE PolicyHandle,
1868 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
1869 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation,
1870 ACCESS_MASK DesiredAccess,
1871 LSAPR_HANDLE *TrustedDomainHandle)
1872 {
1873 UNIMPLEMENTED;
1874 return STATUS_NOT_IMPLEMENTED;
1875 }
1876
1877
1878 /* Function 52 */
1879 NTSTATUS WINAPI LsarSetPolicyReplicationHandle(
1880 PLSAPR_HANDLE PolicyHandle)
1881 {
1882 /* Deprecated */
1883 return STATUS_NOT_IMPLEMENTED;
1884 }
1885
1886
1887 /* Function 53 */
1888 NTSTATUS WINAPI LsarQueryDomainInformationPolicy(
1889 LSAPR_HANDLE PolicyHandle,
1890 POLICY_INFORMATION_CLASS InformationClass,
1891 PLSAPR_POLICY_DOMAIN_INFORMATION *PolicyInformation)
1892 {
1893 UNIMPLEMENTED;
1894 return STATUS_NOT_IMPLEMENTED;
1895 }
1896
1897
1898 /* Function 54 */
1899 NTSTATUS WINAPI LsarSetDomainInformationPolicy(
1900 LSAPR_HANDLE PolicyHandle,
1901 POLICY_INFORMATION_CLASS InformationClass,
1902 PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation)
1903 {
1904 UNIMPLEMENTED;
1905 return STATUS_NOT_IMPLEMENTED;
1906 }
1907
1908
1909 /* Function 55 */
1910 NTSTATUS WINAPI LsarOpenTrustedDomainByName(
1911 LSAPR_HANDLE PolicyHandle,
1912 PRPC_UNICODE_STRING TrustedDomainName,
1913 ACCESS_MASK DesiredAccess,
1914 LSAPR_HANDLE *TrustedDomainHandle)
1915 {
1916 UNIMPLEMENTED;
1917 return STATUS_NOT_IMPLEMENTED;
1918 }
1919
1920
1921 /* Function 56 */
1922 NTSTATUS WINAPI LsarTestCall(
1923 handle_t hBinding)
1924 {
1925 UNIMPLEMENTED;
1926 return STATUS_NOT_IMPLEMENTED;
1927 }
1928
1929
1930 /* Function 57 */
1931 NTSTATUS WINAPI LsarLookupSids2(
1932 LSAPR_HANDLE PolicyHandle,
1933 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
1934 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1935 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
1936 LSAP_LOOKUP_LEVEL LookupLevel,
1937 DWORD *MappedCount,
1938 DWORD LookupOptions,
1939 DWORD ClientRevision)
1940 {
1941 UNIMPLEMENTED;
1942 return STATUS_NOT_IMPLEMENTED;
1943 }
1944
1945
1946 /* Function 58 */
1947 NTSTATUS WINAPI LsarLookupNames2(
1948 LSAPR_HANDLE PolicyHandle,
1949 DWORD Count,
1950 PRPC_UNICODE_STRING Names,
1951 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1952 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids,
1953 LSAP_LOOKUP_LEVEL LookupLevel,
1954 DWORD *MappedCount,
1955 DWORD LookupOptions,
1956 DWORD ClientRevision)
1957 {
1958 UNIMPLEMENTED;
1959 return STATUS_NOT_IMPLEMENTED;
1960 }
1961
1962
1963 /* Function 59 */
1964 NTSTATUS WINAPI LsarCreateTrustedDomainEx2(
1965 LSAPR_HANDLE PolicyHandle,
1966 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
1967 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation,
1968 ACCESS_MASK DesiredAccess,
1969 LSAPR_HANDLE *TrustedDomainHandle)
1970 {
1971 UNIMPLEMENTED;
1972 return STATUS_NOT_IMPLEMENTED;
1973 }
1974
1975
1976 /* Function 60 */
1977 NTSTATUS WINAPI CredrWrite(
1978 handle_t hBinding)
1979 {
1980 UNIMPLEMENTED;
1981 return STATUS_NOT_IMPLEMENTED;
1982 }
1983
1984
1985 /* Function 61 */
1986 NTSTATUS WINAPI CredrRead(
1987 handle_t hBinding)
1988 {
1989 UNIMPLEMENTED;
1990 return STATUS_NOT_IMPLEMENTED;
1991 }
1992
1993
1994 /* Function 62 */
1995 NTSTATUS WINAPI CredrEnumerate(
1996 handle_t hBinding)
1997 {
1998 UNIMPLEMENTED;
1999 return STATUS_NOT_IMPLEMENTED;
2000 }
2001
2002
2003 /* Function 63 */
2004 NTSTATUS WINAPI CredrWriteDomainCredentials(
2005 handle_t hBinding)
2006 {
2007 UNIMPLEMENTED;
2008 return STATUS_NOT_IMPLEMENTED;
2009 }
2010
2011
2012 /* Function 64 */
2013 NTSTATUS WINAPI CredrReadDomainCredentials(
2014 handle_t hBinding)
2015 {
2016 UNIMPLEMENTED;
2017 return STATUS_NOT_IMPLEMENTED;
2018 }
2019
2020
2021 /* Function 65 */
2022 NTSTATUS WINAPI CredrDelete(
2023 handle_t hBinding)
2024 {
2025 UNIMPLEMENTED;
2026 return STATUS_NOT_IMPLEMENTED;
2027 }
2028
2029
2030 /* Function 66 */
2031 NTSTATUS WINAPI CredrGetTargetInfo(
2032 handle_t hBinding)
2033 {
2034 UNIMPLEMENTED;
2035 return STATUS_NOT_IMPLEMENTED;
2036 }
2037
2038
2039 /* Function 67 */
2040 NTSTATUS WINAPI CredrProfileLoaded(
2041 handle_t hBinding)
2042 {
2043 UNIMPLEMENTED;
2044 return STATUS_NOT_IMPLEMENTED;
2045 }
2046
2047
2048 /* Function 68 */
2049 NTSTATUS WINAPI LsarLookupNames3(
2050 LSAPR_HANDLE PolicyHandle,
2051 DWORD Count,
2052 PRPC_UNICODE_STRING Names,
2053 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2054 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
2055 LSAP_LOOKUP_LEVEL LookupLevel,
2056 DWORD *MappedCount,
2057 DWORD LookupOptions,
2058 DWORD ClientRevision)
2059 {
2060 SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
2061 static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
2062 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer = NULL;
2063 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer = NULL;
2064 ULONG SidsBufferLength;
2065 ULONG DomainSidLength;
2066 ULONG AccountSidLength;
2067 PSID DomainSid;
2068 PSID AccountSid;
2069 ULONG i;
2070 NTSTATUS Status;
2071
2072 TRACE("LsarLookupNames3(%p, %lu, %p, %p, %p, %d, %p, %lu, %lu)\n",
2073 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
2074 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2075
2076 if (Count == 0)
2077 return STATUS_NONE_MAPPED;
2078
2079 TranslatedSids->Entries = Count;
2080 TranslatedSids->Sids = NULL;
2081 *ReferencedDomains = NULL;
2082
2083 SidsBufferLength = Count * sizeof(LSAPR_TRANSLATED_SID_EX2);
2084 SidsBuffer = MIDL_user_allocate(SidsBufferLength);
2085 if (SidsBuffer == NULL)
2086 return STATUS_INSUFFICIENT_RESOURCES;
2087
2088 for (i = 0; i < Count; i++)
2089 {
2090 SidsBuffer[i].Use = SidTypeUser;
2091 SidsBuffer[i].Sid = NULL;
2092 SidsBuffer[i].DomainIndex = -1;
2093 SidsBuffer[i].Flags = 0;
2094 }
2095
2096 DomainsBuffer = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
2097 if (DomainsBuffer == NULL)
2098 {
2099 MIDL_user_free(SidsBuffer);
2100 return STATUS_INSUFFICIENT_RESOURCES;
2101 }
2102
2103 DomainsBuffer->Entries = Count;
2104 DomainsBuffer->Domains = MIDL_user_allocate(Count * sizeof(LSA_TRUST_INFORMATION));
2105 if (DomainsBuffer->Domains == NULL)
2106 {
2107 MIDL_user_free(DomainsBuffer);
2108 MIDL_user_free(SidsBuffer);
2109 return STATUS_INSUFFICIENT_RESOURCES;
2110 }
2111
2112 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
2113 2,
2114 SECURITY_BUILTIN_DOMAIN_RID,
2115 DOMAIN_ALIAS_RID_ADMINS,
2116 0, 0, 0, 0, 0, 0,
2117 &DomainSid);
2118 if (!NT_SUCCESS(Status))
2119 {
2120 MIDL_user_free(DomainsBuffer->Domains);
2121 MIDL_user_free(DomainsBuffer);
2122 MIDL_user_free(SidsBuffer);
2123 return Status;
2124 }
2125
2126 DomainSidLength = RtlLengthSid(DomainSid);
2127
2128 for (i = 0; i < Count; i++)
2129 {
2130 DomainsBuffer->Domains[i].Sid = MIDL_user_allocate(DomainSidLength);
2131 RtlCopyMemory(DomainsBuffer->Domains[i].Sid,
2132 DomainSid,
2133 DomainSidLength);
2134
2135 DomainsBuffer->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength);
2136 DomainsBuffer->Domains[i].Name.Length = DomainName.Length;
2137 DomainsBuffer->Domains[i].Name.MaximumLength = DomainName.MaximumLength;
2138 RtlCopyMemory(DomainsBuffer->Domains[i].Name.Buffer,
2139 DomainName.Buffer,
2140 DomainName.MaximumLength);
2141 }
2142
2143 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
2144 3,
2145 SECURITY_BUILTIN_DOMAIN_RID,
2146 DOMAIN_ALIAS_RID_ADMINS,
2147 DOMAIN_USER_RID_ADMIN,
2148 0, 0, 0, 0, 0,
2149 &AccountSid);
2150 if (!NT_SUCCESS(Status))
2151 {
2152 MIDL_user_free(DomainsBuffer->Domains);
2153 MIDL_user_free(DomainsBuffer);
2154 MIDL_user_free(SidsBuffer);
2155 return Status;
2156 }
2157
2158 AccountSidLength = RtlLengthSid(AccountSid);
2159
2160 for (i = 0; i < Count; i++)
2161 {
2162 SidsBuffer[i].Use = SidTypeWellKnownGroup;
2163 SidsBuffer[i].Sid = MIDL_user_allocate(AccountSidLength);
2164
2165 RtlCopyMemory(SidsBuffer[i].Sid,
2166 AccountSid,
2167 AccountSidLength);
2168
2169 SidsBuffer[i].DomainIndex = i;
2170 SidsBuffer[i].Flags = 0;
2171 }
2172
2173 *ReferencedDomains = DomainsBuffer;
2174 *MappedCount = Count;
2175
2176 TranslatedSids->Entries = Count;
2177 TranslatedSids->Sids = SidsBuffer;
2178
2179 return STATUS_SUCCESS;
2180 }
2181
2182
2183 /* Function 69 */
2184 NTSTATUS WINAPI CredrGetSessionTypes(
2185 handle_t hBinding)
2186 {
2187 UNIMPLEMENTED;
2188 return STATUS_NOT_IMPLEMENTED;
2189 }
2190
2191
2192 /* Function 70 */
2193 NTSTATUS WINAPI LsarRegisterAuditEvent(
2194 handle_t hBinding)
2195 {
2196 UNIMPLEMENTED;
2197 return STATUS_NOT_IMPLEMENTED;
2198 }
2199
2200
2201 /* Function 71 */
2202 NTSTATUS WINAPI LsarGenAuditEvent(
2203 handle_t hBinding)
2204 {
2205 UNIMPLEMENTED;
2206 return STATUS_NOT_IMPLEMENTED;
2207 }
2208
2209
2210 /* Function 72 */
2211 NTSTATUS WINAPI LsarUnregisterAuditEvent(
2212 handle_t hBinding)
2213 {
2214 UNIMPLEMENTED;
2215 return STATUS_NOT_IMPLEMENTED;
2216 }
2217
2218
2219 /* Function 73 */
2220 NTSTATUS WINAPI LsarQueryForestTrustInformation(
2221 LSAPR_HANDLE PolicyHandle,
2222 PLSA_UNICODE_STRING TrustedDomainName,
2223 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
2224 PLSA_FOREST_TRUST_INFORMATION *ForestTrustInfo)
2225 {
2226 UNIMPLEMENTED;
2227 return STATUS_NOT_IMPLEMENTED;
2228 }
2229
2230
2231 /* Function 74 */
2232 NTSTATUS WINAPI LsarSetForestTrustInformation(
2233 LSAPR_HANDLE PolicyHandle,
2234 PLSA_UNICODE_STRING TrustedDomainName,
2235 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
2236 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo,
2237 BOOL CheckOnly,
2238 PLSA_FOREST_TRUST_COLLISION_INFORMATION *CollisionInfo)
2239 {
2240 UNIMPLEMENTED;
2241 return STATUS_NOT_IMPLEMENTED;
2242 }
2243
2244
2245 /* Function 75 */
2246 NTSTATUS WINAPI CredrRename(
2247 handle_t hBinding)
2248 {
2249 UNIMPLEMENTED;
2250 return STATUS_NOT_IMPLEMENTED;
2251 }
2252
2253
2254 /* Function 76 */
2255 NTSTATUS WINAPI LsarLookupSids3(
2256 LSAPR_HANDLE PolicyHandle,
2257 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
2258 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2259 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
2260 LSAP_LOOKUP_LEVEL LookupLevel,
2261 DWORD *MappedCount,
2262 DWORD LookupOptions,
2263 DWORD ClientRevision)
2264 {
2265 UNIMPLEMENTED;
2266 return STATUS_NOT_IMPLEMENTED;
2267 }
2268
2269
2270 /* Function 77 */
2271 NTSTATUS WINAPI LsarLookupNames4(
2272 handle_t RpcHandle,
2273 DWORD Count,
2274 PRPC_UNICODE_STRING Names,
2275 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2276 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
2277 LSAP_LOOKUP_LEVEL LookupLevel,
2278 DWORD *MappedCount,
2279 DWORD LookupOptions,
2280 DWORD ClientRevision)
2281 {
2282 UNIMPLEMENTED;
2283 return STATUS_NOT_IMPLEMENTED;
2284 }
2285
2286
2287 /* Function 78 */
2288 NTSTATUS WINAPI LsarOpenPolicySce(
2289 handle_t hBinding)
2290 {
2291 UNIMPLEMENTED;
2292 return STATUS_NOT_IMPLEMENTED;
2293 }
2294
2295
2296 /* Function 79 */
2297 NTSTATUS WINAPI LsarAdtRegisterSecurityEventSource(
2298 handle_t hBinding)
2299 {
2300 UNIMPLEMENTED;
2301 return STATUS_NOT_IMPLEMENTED;
2302 }
2303
2304
2305 /* Function 80 */
2306 NTSTATUS WINAPI LsarAdtUnregisterSecurityEventSource(
2307 handle_t hBinding)
2308 {
2309 UNIMPLEMENTED;
2310 return STATUS_NOT_IMPLEMENTED;
2311 }
2312
2313
2314 /* Function 81 */
2315 NTSTATUS WINAPI LsarAdtReportSecurityEvent(
2316 handle_t hBinding)
2317 {
2318 UNIMPLEMENTED;
2319 return STATUS_NOT_IMPLEMENTED;
2320 }
2321
2322
2323 /* Function 82 */
2324 NTSTATUS WINAPI CredrFindBestCredential(
2325 handle_t hBinding)
2326 {
2327 UNIMPLEMENTED;
2328 return STATUS_NOT_IMPLEMENTED;
2329 }
2330
2331
2332 /* Function 83 */
2333 NTSTATUS WINAPI LsarSetAuditPolicy(
2334 handle_t hBinding)
2335 {
2336 UNIMPLEMENTED;
2337 return STATUS_NOT_IMPLEMENTED;
2338 }
2339
2340
2341 /* Function 84 */
2342 NTSTATUS WINAPI LsarQueryAuditPolicy(
2343 handle_t hBinding)
2344 {
2345 UNIMPLEMENTED;
2346 return STATUS_NOT_IMPLEMENTED;
2347 }
2348
2349
2350 /* Function 85 */
2351 NTSTATUS WINAPI LsarEnumerateAuditPolicy(
2352 handle_t hBinding)
2353 {
2354 UNIMPLEMENTED;
2355 return STATUS_NOT_IMPLEMENTED;
2356 }
2357
2358
2359 /* Function 86 */
2360 NTSTATUS WINAPI LsarEnumerateAuditCategories(
2361 handle_t hBinding)
2362 {
2363 UNIMPLEMENTED;
2364 return STATUS_NOT_IMPLEMENTED;
2365 }
2366
2367
2368 /* Function 87 */
2369 NTSTATUS WINAPI LsarEnumerateAuditSubCategories(
2370 handle_t hBinding)
2371 {
2372 UNIMPLEMENTED;
2373 return STATUS_NOT_IMPLEMENTED;
2374 }
2375
2376
2377 /* Function 88 */
2378 NTSTATUS WINAPI LsarLookupAuditCategoryName(
2379 handle_t hBinding)
2380 {
2381 UNIMPLEMENTED;
2382 return STATUS_NOT_IMPLEMENTED;
2383 }
2384
2385
2386 /* Function 89 */
2387 NTSTATUS WINAPI LsarLookupAuditSubCategoryName(
2388 handle_t hBinding)
2389 {
2390 UNIMPLEMENTED;
2391 return STATUS_NOT_IMPLEMENTED;
2392 }
2393
2394
2395 /* Function 90 */
2396 NTSTATUS WINAPI LsarSetAuditSecurity(
2397 handle_t hBinding)
2398 {
2399 UNIMPLEMENTED;
2400 return STATUS_NOT_IMPLEMENTED;
2401 }
2402
2403
2404 /* Function 91 */
2405 NTSTATUS WINAPI LsarQueryAuditSecurity(
2406 handle_t hBinding)
2407 {
2408 UNIMPLEMENTED;
2409 return STATUS_NOT_IMPLEMENTED;
2410 }
2411
2412
2413 /* Function 92 */
2414 NTSTATUS WINAPI CredReadByTokenHandle(
2415 handle_t hBinding)
2416 {
2417 UNIMPLEMENTED;
2418 return STATUS_NOT_IMPLEMENTED;
2419 }
2420
2421
2422 /* Function 93 */
2423 NTSTATUS WINAPI CredrRestoreCredentials(
2424 handle_t hBinding)
2425 {
2426 UNIMPLEMENTED;
2427 return STATUS_NOT_IMPLEMENTED;
2428 }
2429
2430
2431 /* Function 94 */
2432 NTSTATUS WINAPI CredrBackupCredentials(
2433 handle_t hBinding)
2434 {
2435 UNIMPLEMENTED;
2436 return STATUS_NOT_IMPLEMENTED;
2437 }
2438
2439 /* EOF */
A free Windows-compatible Operating System