2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
7 * PROGRAMMERS: Eric Kohl
10 /* INCLUDES ****************************************************************/
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv
);
17 /* GLOBALS *****************************************************************/
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock
;
22 /* FUNCTIONS ***************************************************************/
25 LsarStartRpcServer(VOID
)
29 RtlInitializeCriticalSection(&PolicyHandleTableLock
);
31 TRACE("LsarStartRpcServer() called\n");
33 Status
= RpcServerUseProtseqEpW(L
"ncacn_np",
37 if (Status
!= RPC_S_OK
)
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status
);
43 Status
= RpcServerRegisterIf(lsarpc_v0_0_s_ifspec
,
46 if (Status
!= RPC_S_OK
)
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status
);
52 Status
= RpcServerListen(1, 20, TRUE
);
53 if (Status
!= RPC_S_OK
)
55 WARN("RpcServerListen() failed (Status %lx)\n", Status
);
59 TRACE("LsarStartRpcServer() done\n");
63 void __RPC_USER
LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle
)
70 NTSTATUS WINAPI
LsarClose(
71 LSAPR_HANDLE
*ObjectHandle
)
73 PLSA_DB_OBJECT DbObject
;
74 NTSTATUS Status
= STATUS_SUCCESS
;
76 TRACE("0x%p\n", ObjectHandle
);
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
80 Status
= LsapValidateDbObject(*ObjectHandle
,
84 if (Status
== STATUS_SUCCESS
)
86 Status
= LsapCloseDbObject(DbObject
);
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
97 NTSTATUS WINAPI
LsarDelete(
98 LSAPR_HANDLE ObjectHandle
)
101 return STATUS_NOT_SUPPORTED
;
106 NTSTATUS WINAPI
LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle
,
108 DWORD
*EnumerationContext
,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer
,
110 DWORD PreferedMaximumLength
)
113 return STATUS_NOT_IMPLEMENTED
;
118 NTSTATUS WINAPI
LsarQuerySecurityObject(
119 LSAPR_HANDLE ObjectHandle
,
120 SECURITY_INFORMATION SecurityInformation
,
121 PLSAPR_SR_SECURITY_DESCRIPTOR
*SecurityDescriptor
)
124 return STATUS_NOT_IMPLEMENTED
;
129 NTSTATUS WINAPI
LsarSetSecurityObject(
130 LSAPR_HANDLE ObjectHandle
,
131 SECURITY_INFORMATION SecurityInformation
,
132 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor
)
135 return STATUS_NOT_IMPLEMENTED
;
140 NTSTATUS WINAPI
LsarChangePassword(
142 PRPC_UNICODE_STRING String1
,
143 PRPC_UNICODE_STRING String2
,
144 PRPC_UNICODE_STRING String3
,
145 PRPC_UNICODE_STRING String4
,
146 PRPC_UNICODE_STRING String5
)
149 return STATUS_NOT_IMPLEMENTED
;
154 NTSTATUS WINAPI
LsarOpenPolicy(
156 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
157 ACCESS_MASK DesiredAccess
,
158 LSAPR_HANDLE
*PolicyHandle
)
160 PLSA_DB_OBJECT PolicyObject
;
163 TRACE("LsarOpenPolicy called!\n");
165 RtlEnterCriticalSection(&PolicyHandleTableLock
);
167 Status
= LsapOpenDbObject(NULL
,
173 RtlLeaveCriticalSection(&PolicyHandleTableLock
);
175 if (NT_SUCCESS(Status
))
176 *PolicyHandle
= (LSAPR_HANDLE
)PolicyObject
;
178 TRACE("LsarOpenPolicy done!\n");
185 NTSTATUS WINAPI
LsarQueryInformationPolicy(
186 LSAPR_HANDLE PolicyHandle
,
187 POLICY_INFORMATION_CLASS InformationClass
,
188 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
190 PLSA_DB_OBJECT DbObject
;
191 ACCESS_MASK DesiredAccess
= 0;
194 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
195 PolicyHandle
, InformationClass
, PolicyInformation
);
197 if (PolicyInformation
)
199 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
202 switch (InformationClass
)
204 case PolicyAuditLogInformation
:
205 case PolicyAuditEventsInformation
:
206 case PolicyAuditFullQueryInformation
:
207 DesiredAccess
= POLICY_VIEW_AUDIT_INFORMATION
;
210 case PolicyPrimaryDomainInformation
:
211 case PolicyAccountDomainInformation
:
212 case PolicyLsaServerRoleInformation
:
213 case PolicyReplicaSourceInformation
:
214 case PolicyDefaultQuotaInformation
:
215 case PolicyDnsDomainInformation
:
216 case PolicyDnsDomainInformationInt
:
217 case PolicyLocalAccountDomainInformation
:
218 DesiredAccess
= POLICY_VIEW_LOCAL_INFORMATION
;
221 case PolicyPdAccountInformation
:
222 DesiredAccess
= POLICY_GET_PRIVATE_INFORMATION
;
225 case PolicyLastEntry
:
227 ERR("Invalid InformationClass!\n");
228 return STATUS_INVALID_PARAMETER
;
231 Status
= LsapValidateDbObject(PolicyHandle
,
235 if (!NT_SUCCESS(Status
))
238 switch (InformationClass
)
240 case PolicyAuditEventsInformation
: /* 2 */
241 Status
= LsarQueryAuditEvents(PolicyHandle
,
245 case PolicyPrimaryDomainInformation
: /* 3 */
246 Status
= LsarQueryPrimaryDomain(PolicyHandle
,
250 case PolicyAccountDomainInformation
: /* 5 */
251 Status
= LsarQueryAccountDomain(PolicyHandle
,
255 case PolicyDefaultQuotaInformation
: /* 8 */
256 Status
= LsarQueryDefaultQuota(PolicyHandle
,
260 case PolicyDnsDomainInformation
: /* 12 (0xc) */
261 Status
= LsarQueryDnsDomain(PolicyHandle
,
265 case PolicyAuditLogInformation
:
266 case PolicyPdAccountInformation
:
267 case PolicyLsaServerRoleInformation
:
268 case PolicyReplicaSourceInformation
:
269 case PolicyModificationInformation
:
270 case PolicyAuditFullSetInformation
:
271 case PolicyAuditFullQueryInformation
:
272 case PolicyDnsDomainInformationInt
:
273 case PolicyLocalAccountDomainInformation
:
274 FIXME("Information class not implemented\n");
275 Status
= STATUS_UNSUCCESSFUL
;
278 case PolicyLastEntry
:
280 ERR("Invalid InformationClass!\n");
281 Status
= STATUS_INVALID_PARAMETER
;
289 NTSTATUS WINAPI
LsarSetInformationPolicy(
290 LSAPR_HANDLE PolicyHandle
,
291 POLICY_INFORMATION_CLASS InformationClass
,
292 PLSAPR_POLICY_INFORMATION PolicyInformation
)
294 PLSA_DB_OBJECT DbObject
;
295 ACCESS_MASK DesiredAccess
= 0;
298 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
299 PolicyHandle
, InformationClass
, PolicyInformation
);
301 if (PolicyInformation
)
303 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
306 switch (InformationClass
)
308 case PolicyAuditLogInformation
:
309 case PolicyAuditFullSetInformation
:
310 DesiredAccess
= POLICY_AUDIT_LOG_ADMIN
;
313 case PolicyAuditEventsInformation
:
314 DesiredAccess
= POLICY_SET_AUDIT_REQUIREMENTS
;
317 case PolicyPrimaryDomainInformation
:
318 case PolicyAccountDomainInformation
:
319 DesiredAccess
= POLICY_TRUST_ADMIN
;
322 case PolicyLsaServerRoleInformation
:
323 case PolicyReplicaSourceInformation
:
324 DesiredAccess
= POLICY_SERVER_ADMIN
;
327 case PolicyDefaultQuotaInformation
:
328 DesiredAccess
= POLICY_SET_DEFAULT_QUOTA_LIMITS
;
332 ERR("Invalid InformationClass!\n");
333 return STATUS_INVALID_PARAMETER
;
336 Status
= LsapValidateDbObject(PolicyHandle
,
340 if (!NT_SUCCESS(Status
))
343 switch (InformationClass
)
345 case PolicyAuditEventsInformation
:
346 Status
= STATUS_NOT_IMPLEMENTED
;
349 case PolicyPrimaryDomainInformation
:
350 Status
= LsarSetPrimaryDomain(PolicyHandle
,
351 (PLSAPR_POLICY_PRIMARY_DOM_INFO
)PolicyInformation
);
354 case PolicyAccountDomainInformation
:
355 Status
= LsarSetAccountDomain(PolicyHandle
,
356 (PLSAPR_POLICY_ACCOUNT_DOM_INFO
)PolicyInformation
);
359 case PolicyDnsDomainInformation
:
360 Status
= LsarSetDnsDomain(PolicyHandle
,
361 (PLSAPR_POLICY_DNS_DOMAIN_INFO
)PolicyInformation
);
364 case PolicyLsaServerRoleInformation
:
365 Status
= STATUS_NOT_IMPLEMENTED
;
369 Status
= STATUS_INVALID_PARAMETER
;
378 NTSTATUS WINAPI
LsarClearAuditLog(
379 LSAPR_HANDLE ObjectHandle
)
382 return STATUS_NOT_IMPLEMENTED
;
387 NTSTATUS WINAPI
LsarCreateAccount(
388 LSAPR_HANDLE PolicyHandle
,
390 ACCESS_MASK DesiredAccess
,
391 LSAPR_HANDLE
*AccountHandle
)
393 PLSA_DB_OBJECT PolicyObject
;
394 PLSA_DB_OBJECT AccountsObject
= NULL
;
395 PLSA_DB_OBJECT AccountObject
= NULL
;
396 LPWSTR SidString
= NULL
;
397 NTSTATUS Status
= STATUS_SUCCESS
;
399 /* Validate the PolicyHandle */
400 Status
= LsapValidateDbObject(PolicyHandle
,
402 POLICY_CREATE_ACCOUNT
,
404 if (!NT_SUCCESS(Status
))
406 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
410 /* Open the Accounts object */
411 Status
= LsapOpenDbObject(PolicyObject
,
413 LsaDbContainerObject
,
416 if (!NT_SUCCESS(Status
))
418 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status
);
422 /* Create SID string */
423 if (!ConvertSidToStringSid((PSID
)AccountSid
,
426 ERR("ConvertSidToStringSid failed\n");
427 Status
= STATUS_INVALID_PARAMETER
;
431 /* Create the Account object */
432 Status
= LsapCreateDbObject(AccountsObject
,
437 if (!NT_SUCCESS(Status
))
439 ERR("LsapCreateDbObject (Account) failed (Status 0x%08lx)\n", Status
);
443 /* Set the Sid attribute */
444 Status
= LsapSetObjectAttribute(AccountObject
,
447 GetLengthSid(AccountSid
));
450 if (SidString
!= NULL
)
451 LocalFree(SidString
);
453 if (!NT_SUCCESS(Status
))
455 if (AccountObject
!= NULL
)
456 LsapCloseDbObject(AccountObject
);
460 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
463 if (AccountsObject
!= NULL
)
464 LsapCloseDbObject(AccountsObject
);
466 return STATUS_SUCCESS
;
471 NTSTATUS WINAPI
LsarEnumerateAccounts(
472 LSAPR_HANDLE PolicyHandle
,
473 DWORD
*EnumerationContext
,
474 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
,
475 DWORD PreferedMaximumLength
)
478 return STATUS_NOT_IMPLEMENTED
;
483 NTSTATUS WINAPI
LsarCreateTrustedDomain(
484 LSAPR_HANDLE PolicyHandle
,
485 PLSAPR_TRUST_INFORMATION TrustedDomainInformation
,
486 ACCESS_MASK DesiredAccess
,
487 LSAPR_HANDLE
*TrustedDomainHandle
)
490 return STATUS_NOT_IMPLEMENTED
;
495 NTSTATUS WINAPI
LsarEnumerateTrustedDomains(
496 LSAPR_HANDLE PolicyHandle
,
497 DWORD
*EnumerationContext
,
498 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer
,
499 DWORD PreferedMaximumLength
)
502 return STATUS_NOT_IMPLEMENTED
;
507 NTSTATUS WINAPI
LsarLookupNames(
508 LSAPR_HANDLE PolicyHandle
,
510 PRPC_UNICODE_STRING Names
,
511 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
512 PLSAPR_TRANSLATED_SIDS TranslatedSids
,
513 LSAP_LOOKUP_LEVEL LookupLevel
,
516 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
517 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
518 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
519 PLSA_TRANSLATED_SID OutputSids
= NULL
;
520 ULONG OutputSidsLength
;
526 TRACE("LsarLookupNames(%p, %lu, %p, %p, %p, %d, %p)\n",
527 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
528 LookupLevel
, MappedCount
);
530 TranslatedSids
->Entries
= Count
;
531 TranslatedSids
->Sids
= NULL
;
532 *ReferencedDomains
= NULL
;
534 OutputSidsLength
= Count
* sizeof(LSA_TRANSLATED_SID
);
535 OutputSids
= MIDL_user_allocate(OutputSidsLength
);
536 if (OutputSids
== NULL
)
538 return STATUS_INSUFFICIENT_RESOURCES
;
541 RtlZeroMemory(OutputSids
, OutputSidsLength
);
543 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
544 if (OutputDomains
== NULL
)
546 MIDL_user_free(OutputSids
);
547 return STATUS_INSUFFICIENT_RESOURCES
;
550 OutputDomains
->Entries
= Count
;
551 OutputDomains
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
552 if (OutputDomains
->Domains
== NULL
)
554 MIDL_user_free(OutputDomains
);
555 MIDL_user_free(OutputSids
);
556 return STATUS_INSUFFICIENT_RESOURCES
;
559 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
561 SECURITY_BUILTIN_DOMAIN_RID
,
562 DOMAIN_ALIAS_RID_ADMINS
,
565 if (!NT_SUCCESS(Status
))
567 MIDL_user_free(OutputDomains
->Domains
);
568 MIDL_user_free(OutputDomains
);
569 MIDL_user_free(OutputSids
);
573 SidLength
= RtlLengthSid(Sid
);
575 for (i
= 0; i
< Count
; i
++)
577 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
578 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
580 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
581 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
582 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
583 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
586 for (i
= 0; i
< Count
; i
++)
588 OutputSids
[i
].Use
= SidTypeWellKnownGroup
;
589 OutputSids
[i
].RelativeId
= DOMAIN_USER_RID_ADMIN
; //DOMAIN_ALIAS_RID_ADMINS;
590 OutputSids
[i
].DomainIndex
= i
;
593 *ReferencedDomains
= OutputDomains
;
595 *MappedCount
= Count
;
597 TranslatedSids
->Entries
= Count
;
598 TranslatedSids
->Sids
= OutputSids
;
600 return STATUS_SUCCESS
;
605 NTSTATUS WINAPI
LsarLookupSids(
606 LSAPR_HANDLE PolicyHandle
,
607 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
608 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
609 PLSAPR_TRANSLATED_NAMES TranslatedNames
,
610 LSAP_LOOKUP_LEVEL LookupLevel
,
613 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
614 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
615 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
616 PLSAPR_TRANSLATED_NAME OutputNames
= NULL
;
617 ULONG OutputNamesLength
;
623 TRACE("LsarLookupSids(%p, %p, %p, %p, %d, %p)\n",
624 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
625 LookupLevel
, MappedCount
);
627 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
628 TranslatedNames
->Names
= NULL
;
629 *ReferencedDomains
= NULL
;
631 OutputNamesLength
= SidEnumBuffer
->Entries
* sizeof(LSA_TRANSLATED_NAME
);
632 OutputNames
= MIDL_user_allocate(OutputNamesLength
);
633 if (OutputNames
== NULL
)
635 return STATUS_INSUFFICIENT_RESOURCES
;
638 RtlZeroMemory(OutputNames
, OutputNamesLength
);
640 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
641 if (OutputDomains
== NULL
)
643 MIDL_user_free(OutputNames
);
644 return STATUS_INSUFFICIENT_RESOURCES
;
647 OutputDomains
->Entries
= SidEnumBuffer
->Entries
;
648 OutputDomains
->Domains
= MIDL_user_allocate(SidEnumBuffer
->Entries
* sizeof(LSA_TRUST_INFORMATION
));
649 if (OutputDomains
->Domains
== NULL
)
651 MIDL_user_free(OutputDomains
);
652 MIDL_user_free(OutputNames
);
653 return STATUS_INSUFFICIENT_RESOURCES
;
656 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
658 SECURITY_BUILTIN_DOMAIN_RID
,
659 DOMAIN_ALIAS_RID_ADMINS
,
662 if (!NT_SUCCESS(Status
))
664 MIDL_user_free(OutputDomains
->Domains
);
665 MIDL_user_free(OutputDomains
);
666 MIDL_user_free(OutputNames
);
670 SidLength
= RtlLengthSid(Sid
);
672 for (i
= 0; i
< SidEnumBuffer
->Entries
; i
++)
674 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
675 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
677 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
678 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
679 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
680 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
683 Status
= LsapLookupSids(SidEnumBuffer
,
686 *ReferencedDomains
= OutputDomains
;
688 *MappedCount
= SidEnumBuffer
->Entries
;
690 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
691 TranslatedNames
->Names
= OutputNames
;
698 NTSTATUS WINAPI
LsarCreateSecret(
699 LSAPR_HANDLE PolicyHandle
,
700 PRPC_UNICODE_STRING SecretName
,
701 ACCESS_MASK DesiredAccess
,
702 LSAPR_HANDLE
*SecretHandle
)
704 PLSA_DB_OBJECT PolicyObject
;
705 PLSA_DB_OBJECT SecretsObject
= NULL
;
706 PLSA_DB_OBJECT SecretObject
= NULL
;
708 NTSTATUS Status
= STATUS_SUCCESS
;
710 /* Validate the PolicyHandle */
711 Status
= LsapValidateDbObject(PolicyHandle
,
713 POLICY_CREATE_SECRET
,
715 if (!NT_SUCCESS(Status
))
717 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
721 /* Open the Secrets object */
722 Status
= LsapOpenDbObject(PolicyObject
,
724 LsaDbContainerObject
,
727 if (!NT_SUCCESS(Status
))
729 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status
);
733 /* Get the current time */
734 Status
= NtQuerySystemTime(&Time
);
735 if (!NT_SUCCESS(Status
))
737 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
741 /* Create the Secret object */
742 Status
= LsapCreateDbObject(SecretsObject
,
747 if (!NT_SUCCESS(Status
))
749 ERR("LsapCreateDbObject (Secret) failed (Status 0x%08lx)\n", Status
);
753 /* Set the CurrentTime attribute */
754 Status
= LsapSetObjectAttribute(SecretObject
,
757 sizeof(LARGE_INTEGER
));
758 if (!NT_SUCCESS(Status
))
760 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status
);
764 /* Set the OldTime attribute */
765 Status
= LsapSetObjectAttribute(SecretObject
,
768 sizeof(LARGE_INTEGER
));
771 if (!NT_SUCCESS(Status
))
773 if (SecretObject
!= NULL
)
774 LsapCloseDbObject(SecretObject
);
778 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
781 if (SecretsObject
!= NULL
)
782 LsapCloseDbObject(SecretsObject
);
784 return STATUS_SUCCESS
;
789 NTSTATUS WINAPI
LsarOpenAccount(
790 LSAPR_HANDLE PolicyHandle
,
792 ACCESS_MASK DesiredAccess
,
793 LSAPR_HANDLE
*AccountHandle
)
795 PLSA_DB_OBJECT PolicyObject
;
796 PLSA_DB_OBJECT AccountsObject
= NULL
;
797 PLSA_DB_OBJECT AccountObject
= NULL
;
798 LPWSTR SidString
= NULL
;
799 NTSTATUS Status
= STATUS_SUCCESS
;
801 /* Validate the PolicyHandle */
802 Status
= LsapValidateDbObject(PolicyHandle
,
804 POLICY_CREATE_ACCOUNT
,
806 if (!NT_SUCCESS(Status
))
808 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
812 /* Open the Accounts object */
813 Status
= LsapOpenDbObject(PolicyObject
,
815 LsaDbContainerObject
,
818 if (!NT_SUCCESS(Status
))
820 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status
);
824 /* Create SID string */
825 if (!ConvertSidToStringSid((PSID
)AccountSid
,
828 ERR("ConvertSidToStringSid failed\n");
829 Status
= STATUS_INVALID_PARAMETER
;
833 /* Create the Account object */
834 Status
= LsapOpenDbObject(AccountsObject
,
839 if (!NT_SUCCESS(Status
))
841 ERR("LsapOpenDbObject (Account) failed (Status 0x%08lx)\n", Status
);
845 /* Set the Sid attribute */
846 Status
= LsapSetObjectAttribute(AccountObject
,
849 GetLengthSid(AccountSid
));
852 if (SidString
!= NULL
)
853 LocalFree(SidString
);
855 if (!NT_SUCCESS(Status
))
857 if (AccountObject
!= NULL
)
858 LsapCloseDbObject(AccountObject
);
862 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
865 if (AccountsObject
!= NULL
)
866 LsapCloseDbObject(AccountsObject
);
868 return STATUS_SUCCESS
;
873 NTSTATUS WINAPI
LsarEnumeratePrivilegesAccount(
874 LSAPR_HANDLE AccountHandle
,
875 PLSAPR_PRIVILEGE_SET
*Privileges
)
877 PLSA_DB_OBJECT AccountObject
;
878 ULONG PrivilegeSetSize
= 0;
879 PLSAPR_PRIVILEGE_SET PrivilegeSet
= NULL
;
884 /* Validate the AccountHandle */
885 Status
= LsapValidateDbObject(AccountHandle
,
889 if (!NT_SUCCESS(Status
))
891 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
895 /* Get the size of the privilege set */
896 Status
= LsapGetObjectAttribute(AccountObject
,
900 if (!NT_SUCCESS(Status
))
903 /* Allocate a buffer for the privilege set */
904 PrivilegeSet
= MIDL_user_allocate(PrivilegeSetSize
);
905 if (PrivilegeSet
== NULL
)
906 return STATUS_NO_MEMORY
;
908 /* Get the privilege set */
909 Status
= LsapGetObjectAttribute(AccountObject
,
913 if (!NT_SUCCESS(Status
))
915 MIDL_user_free(PrivilegeSet
);
919 /* Return a pointer to the privilege set */
920 *Privileges
= PrivilegeSet
;
922 return STATUS_SUCCESS
;
927 NTSTATUS WINAPI
LsarAddPrivilegesToAccount(
928 LSAPR_HANDLE AccountHandle
,
929 PLSAPR_PRIVILEGE_SET Privileges
)
931 PLSA_DB_OBJECT AccountObject
;
932 PPRIVILEGE_SET CurrentPrivileges
= NULL
;
933 PPRIVILEGE_SET NewPrivileges
= NULL
;
934 ULONG PrivilegeSetSize
= 0;
935 ULONG PrivilegeCount
;
940 /* Validate the AccountHandle */
941 Status
= LsapValidateDbObject(AccountHandle
,
943 ACCOUNT_ADJUST_PRIVILEGES
,
945 if (!NT_SUCCESS(Status
))
947 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
951 Status
= LsapGetObjectAttribute(AccountObject
,
955 if (!NT_SUCCESS(Status
) || PrivilegeSetSize
== 0)
957 /* The Privilgs attribute does not exist */
959 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
960 (Privileges
->PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
961 Status
= LsapSetObjectAttribute(AccountObject
,
968 /* The Privilgs attribute exists */
970 /* Allocate memory for the stored privilege set */
971 CurrentPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
972 if (CurrentPrivileges
== NULL
)
973 return STATUS_NO_MEMORY
;
975 /* Get the current privilege set */
976 Status
= LsapGetObjectAttribute(AccountObject
,
980 if (!NT_SUCCESS(Status
))
982 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status
);
986 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
987 TRACE("Current privilege count: %lu\n", PrivilegeCount
);
989 /* Calculate the number privileges in the combined privilege set */
990 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
993 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
995 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
996 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1003 if (bFound
== FALSE
)
1005 TRACE("Found new privilege\n");
1009 TRACE("New privilege count: %lu\n", PrivilegeCount
);
1011 /* Calculate the size of the new privilege set and allocate it */
1012 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1013 (PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1014 NewPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1015 if (NewPrivileges
== NULL
)
1017 Status
= STATUS_NO_MEMORY
;
1021 /* Initialize the new privilege set */
1022 NewPrivileges
->PrivilegeCount
= PrivilegeCount
;
1023 NewPrivileges
->Control
= 0;
1025 /* Copy all privileges from the current privilege set */
1026 RtlCopyLuidAndAttributesArray(CurrentPrivileges
->PrivilegeCount
,
1027 &(CurrentPrivileges
->Privilege
[0]),
1028 &(NewPrivileges
->Privilege
[0]));
1030 /* Add new privileges to the new privilege set */
1031 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1032 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1035 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1037 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1038 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1040 /* Overwrite attributes if a matching privilege was found */
1041 NewPrivileges
->Privilege
[j
].Attributes
= Privileges
->Privilege
[i
].Attributes
;
1048 if (bFound
== FALSE
)
1050 /* Copy the new privilege */
1051 RtlCopyLuidAndAttributesArray(1,
1052 (PLUID_AND_ATTRIBUTES
)&(Privileges
->Privilege
[i
]),
1053 &(NewPrivileges
->Privilege
[PrivilegeCount
]));
1058 /* Set the new priivliege set */
1059 Status
= LsapSetObjectAttribute(AccountObject
,
1066 if (CurrentPrivileges
!= NULL
)
1067 MIDL_user_free(CurrentPrivileges
);
1069 if (NewPrivileges
!= NULL
)
1070 MIDL_user_free(NewPrivileges
);
1077 NTSTATUS WINAPI
LsarRemovePrivilegesFromAccount(
1078 LSAPR_HANDLE AccountHandle
,
1080 PLSAPR_PRIVILEGE_SET Privileges
)
1083 return STATUS_NOT_IMPLEMENTED
;
1088 NTSTATUS WINAPI
LsarGetQuotasForAccount(
1089 LSAPR_HANDLE AccountHandle
,
1090 PQUOTA_LIMITS QuotaLimits
)
1093 return STATUS_NOT_IMPLEMENTED
;
1098 NTSTATUS WINAPI
LsarSetQuotasForAccount(
1099 LSAPR_HANDLE AccountHandle
,
1100 PQUOTA_LIMITS QuotaLimits
)
1103 return STATUS_NOT_IMPLEMENTED
;
1108 NTSTATUS WINAPI
LsarGetSystemAccessAccount(
1109 LSAPR_HANDLE AccountHandle
,
1110 ACCESS_MASK
*SystemAccess
)
1112 PLSA_DB_OBJECT AccountObject
;
1116 /* Validate the account handle */
1117 Status
= LsapValidateDbObject(AccountHandle
,
1121 if (!NT_SUCCESS(Status
))
1123 ERR("Invalid handle (Status %lx)\n", Status
);
1127 /* Get the system access flags */
1128 Status
= LsapGetObjectAttribute(AccountObject
,
1138 NTSTATUS WINAPI
LsarSetSystemAccessAccount(
1139 LSAPR_HANDLE AccountHandle
,
1140 ACCESS_MASK SystemAccess
)
1142 PLSA_DB_OBJECT AccountObject
;
1145 /* Validate the account handle */
1146 Status
= LsapValidateDbObject(AccountHandle
,
1148 ACCOUNT_ADJUST_SYSTEM_ACCESS
,
1150 if (!NT_SUCCESS(Status
))
1152 ERR("Invalid handle (Status %lx)\n", Status
);
1156 /* Set the system access flags */
1157 Status
= LsapSetObjectAttribute(AccountObject
,
1160 sizeof(ACCESS_MASK
));
1167 NTSTATUS WINAPI
LsarOpenTrustedDomain(
1168 LSAPR_HANDLE PolicyHandle
,
1169 PRPC_SID TrustedDomainSid
,
1170 ACCESS_MASK DesiredAccess
,
1171 LSAPR_HANDLE
*TrustedDomainHandle
)
1174 return STATUS_NOT_IMPLEMENTED
;
1179 NTSTATUS WINAPI
LsarQueryInfoTrustedDomain(
1180 LSAPR_HANDLE TrustedDomainHandle
,
1181 TRUSTED_INFORMATION_CLASS InformationClass
,
1182 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1185 return STATUS_NOT_IMPLEMENTED
;
1190 NTSTATUS WINAPI
LsarSetInformationTrustedDomain(
1191 LSAPR_HANDLE TrustedDomainHandle
,
1192 TRUSTED_INFORMATION_CLASS InformationClass
,
1193 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1196 return STATUS_NOT_IMPLEMENTED
;
1201 NTSTATUS WINAPI
LsarOpenSecret(
1202 LSAPR_HANDLE PolicyHandle
,
1203 PRPC_UNICODE_STRING SecretName
,
1204 ACCESS_MASK DesiredAccess
,
1205 LSAPR_HANDLE
*SecretHandle
)
1207 PLSA_DB_OBJECT PolicyObject
;
1208 PLSA_DB_OBJECT SecretsObject
= NULL
;
1209 PLSA_DB_OBJECT SecretObject
= NULL
;
1210 NTSTATUS Status
= STATUS_SUCCESS
;
1212 /* Validate the PolicyHandle */
1213 Status
= LsapValidateDbObject(PolicyHandle
,
1215 POLICY_CREATE_SECRET
,
1217 if (!NT_SUCCESS(Status
))
1219 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1223 /* Open the Secrets object */
1224 Status
= LsapOpenDbObject(PolicyObject
,
1226 LsaDbContainerObject
,
1229 if (!NT_SUCCESS(Status
))
1231 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status
);
1235 /* Create the secret object */
1236 Status
= LsapOpenDbObject(SecretsObject
,
1241 if (!NT_SUCCESS(Status
))
1243 ERR("LsapOpenDbObject (Secret) failed (Status 0x%08lx)\n", Status
);
1248 if (!NT_SUCCESS(Status
))
1250 if (SecretObject
!= NULL
)
1251 LsapCloseDbObject(SecretObject
);
1255 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
1258 if (SecretsObject
!= NULL
)
1259 LsapCloseDbObject(SecretsObject
);
1261 return STATUS_SUCCESS
;
1266 NTSTATUS WINAPI
LsarSetSecret(
1267 LSAPR_HANDLE SecretHandle
,
1268 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue
,
1269 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue
)
1271 PLSA_DB_OBJECT SecretObject
;
1272 PBYTE CurrentValue
= NULL
;
1273 PBYTE OldValue
= NULL
;
1274 ULONG CurrentValueLength
= 0;
1275 ULONG OldValueLength
= 0;
1279 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle
,
1280 EncryptedCurrentValue
, EncryptedOldValue
);
1282 /* Validate the SecretHandle */
1283 Status
= LsapValidateDbObject(SecretHandle
,
1287 if (!NT_SUCCESS(Status
))
1289 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1293 if (EncryptedCurrentValue
!= NULL
)
1295 /* FIXME: Decrypt the current value */
1296 CurrentValue
= EncryptedCurrentValue
->Buffer
;
1297 CurrentValueLength
= EncryptedCurrentValue
->MaximumLength
;
1300 /* Set the current value */
1301 Status
= LsapSetObjectAttribute(SecretObject
,
1304 CurrentValueLength
);
1305 if (!NT_SUCCESS(Status
))
1307 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1311 /* Get the current time */
1312 Status
= NtQuerySystemTime(&Time
);
1313 if (!NT_SUCCESS(Status
))
1315 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
1319 /* Set the current time */
1320 Status
= LsapSetObjectAttribute(SecretObject
,
1323 sizeof(LARGE_INTEGER
));
1324 if (!NT_SUCCESS(Status
))
1326 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1330 if (EncryptedOldValue
!= NULL
)
1332 /* FIXME: Decrypt the old value */
1333 OldValue
= EncryptedOldValue
->Buffer
;
1334 OldValueLength
= EncryptedOldValue
->MaximumLength
;
1337 /* Set the old value */
1338 Status
= LsapSetObjectAttribute(SecretObject
,
1342 if (!NT_SUCCESS(Status
))
1344 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1348 /* Set the old time */
1349 Status
= LsapSetObjectAttribute(SecretObject
,
1352 sizeof(LARGE_INTEGER
));
1353 if (!NT_SUCCESS(Status
))
1355 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1364 NTSTATUS WINAPI
LsarQuerySecret(
1365 LSAPR_HANDLE SecretHandle
,
1366 PLSAPR_CR_CIPHER_VALUE
*EncryptedCurrentValue
,
1367 PLARGE_INTEGER CurrentValueSetTime
,
1368 PLSAPR_CR_CIPHER_VALUE
*EncryptedOldValue
,
1369 PLARGE_INTEGER OldValueSetTime
)
1371 PLSA_DB_OBJECT SecretObject
;
1372 PLSAPR_CR_CIPHER_VALUE EncCurrentValue
= NULL
;
1373 PLSAPR_CR_CIPHER_VALUE EncOldValue
= NULL
;
1374 PBYTE CurrentValue
= NULL
;
1375 PBYTE OldValue
= NULL
;
1376 ULONG CurrentValueLength
= 0;
1377 ULONG OldValueLength
= 0;
1381 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle
,
1382 EncryptedCurrentValue
, CurrentValueSetTime
,
1383 EncryptedOldValue
, OldValueSetTime
);
1385 /* Validate the SecretHandle */
1386 Status
= LsapValidateDbObject(SecretHandle
,
1390 if (!NT_SUCCESS(Status
))
1392 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1396 if (EncryptedCurrentValue
!= NULL
)
1398 CurrentValueLength
= 0;
1400 /* Get the size of the current value */
1401 Status
= LsapGetObjectAttribute(SecretObject
,
1404 &CurrentValueLength
);
1405 if (!NT_SUCCESS(Status
))
1408 /* Allocate a buffer for the current value */
1409 CurrentValue
= midl_user_allocate(CurrentValueLength
);
1410 if (CurrentValue
== NULL
)
1412 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1416 /* Get the current value */
1417 Status
= LsapGetObjectAttribute(SecretObject
,
1420 &CurrentValueLength
);
1421 if (!NT_SUCCESS(Status
))
1424 /* Allocate a buffer for the encrypted current value */
1425 EncCurrentValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
));
1426 if (EncCurrentValue
== NULL
)
1428 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1432 /* FIXME: Encrypt the current value */
1433 EncCurrentValue
->Length
= (USHORT
)(CurrentValueLength
- sizeof(WCHAR
));
1434 EncCurrentValue
->MaximumLength
= (USHORT
)CurrentValueLength
;
1435 EncCurrentValue
->Buffer
= (PBYTE
)CurrentValue
;
1438 if (CurrentValueSetTime
!= NULL
)
1440 BufferSize
= sizeof(LARGE_INTEGER
);
1442 /* Get the current value time */
1443 Status
= LsapGetObjectAttribute(SecretObject
,
1445 (PBYTE
)CurrentValueSetTime
,
1447 if (!NT_SUCCESS(Status
))
1451 if (EncryptedOldValue
!= NULL
)
1455 /* Get the size of the old value */
1456 Status
= LsapGetObjectAttribute(SecretObject
,
1460 if (!NT_SUCCESS(Status
))
1463 /* Allocate a buffer for the old value */
1464 OldValue
= midl_user_allocate(OldValueLength
);
1465 if (OldValue
== NULL
)
1467 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1471 /* Get the old value */
1472 Status
= LsapGetObjectAttribute(SecretObject
,
1476 if (!NT_SUCCESS(Status
))
1479 /* Allocate a buffer for the encrypted old value */
1480 EncOldValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
) + OldValueLength
);
1481 if (EncOldValue
== NULL
)
1483 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1487 /* FIXME: Encrypt the old value */
1488 EncOldValue
->Length
= (USHORT
)(OldValueLength
- sizeof(WCHAR
));
1489 EncOldValue
->MaximumLength
= (USHORT
)OldValueLength
;
1490 EncOldValue
->Buffer
= (PBYTE
)OldValue
;
1493 if (OldValueSetTime
!= NULL
)
1495 BufferSize
= sizeof(LARGE_INTEGER
);
1497 /* Get the old value time */
1498 Status
= LsapGetObjectAttribute(SecretObject
,
1500 (PBYTE
)OldValueSetTime
,
1502 if (!NT_SUCCESS(Status
))
1508 if (NT_SUCCESS(Status
))
1510 if (EncryptedCurrentValue
!= NULL
)
1511 *EncryptedCurrentValue
= EncCurrentValue
;
1513 if (EncryptedOldValue
!= NULL
)
1514 *EncryptedOldValue
= EncOldValue
;
1518 if (EncryptedCurrentValue
!= NULL
)
1519 *EncryptedCurrentValue
= NULL
;
1521 if (EncryptedOldValue
!= NULL
)
1522 *EncryptedOldValue
= NULL
;
1524 if (EncCurrentValue
!= NULL
)
1525 midl_user_free(EncCurrentValue
);
1527 if (EncOldValue
!= NULL
)
1528 midl_user_free(EncOldValue
);
1530 if (CurrentValue
!= NULL
)
1531 midl_user_free(CurrentValue
);
1533 if (OldValue
!= NULL
)
1534 midl_user_free(OldValue
);
1537 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status
);
1544 NTSTATUS WINAPI
LsarLookupPrivilegeValue(
1545 LSAPR_HANDLE PolicyHandle
,
1546 PRPC_UNICODE_STRING Name
,
1551 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1552 PolicyHandle
, Name
, Value
);
1554 Status
= LsapValidateDbObject(PolicyHandle
,
1556 POLICY_LOOKUP_NAMES
,
1558 if (!NT_SUCCESS(Status
))
1560 ERR("Invalid handle (Status %lx)\n", Status
);
1564 TRACE("Privilege: %wZ\n", Name
);
1566 Status
= LsarpLookupPrivilegeValue((PUNICODE_STRING
)Name
,
1574 NTSTATUS WINAPI
LsarLookupPrivilegeName(
1575 LSAPR_HANDLE PolicyHandle
,
1577 PRPC_UNICODE_STRING
*Name
)
1581 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1582 PolicyHandle
, Value
, Name
);
1584 Status
= LsapValidateDbObject(PolicyHandle
,
1586 POLICY_LOOKUP_NAMES
,
1588 if (!NT_SUCCESS(Status
))
1590 ERR("Invalid handle\n");
1594 Status
= LsarpLookupPrivilegeName(Value
, (PUNICODE_STRING
*)Name
);
1601 NTSTATUS WINAPI
LsarLookupPrivilegeDisplayName(
1602 LSAPR_HANDLE PolicyHandle
,
1603 PRPC_UNICODE_STRING Name
,
1604 USHORT ClientLanguage
,
1605 USHORT ClientSystemDefaultLanguage
,
1606 PRPC_UNICODE_STRING
*DisplayName
,
1607 USHORT
*LanguageReturned
)
1610 return STATUS_NOT_IMPLEMENTED
;
1615 NTSTATUS WINAPI
LsarDeleteObject(
1616 LSAPR_HANDLE
*ObjectHandle
)
1619 return STATUS_NOT_IMPLEMENTED
;
1624 NTSTATUS WINAPI
LsarEnumerateAccountsWithUserRight(
1625 LSAPR_HANDLE PolicyHandle
,
1626 PRPC_UNICODE_STRING UserRight
,
1627 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
)
1630 return STATUS_NOT_IMPLEMENTED
;
1635 NTSTATUS WINAPI
LsarEnmuerateAccountRights(
1636 LSAPR_HANDLE PolicyHandle
,
1637 PRPC_SID AccountSid
,
1638 PLSAPR_USER_RIGHT_SET UserRights
)
1640 PLSA_DB_OBJECT PolicyObject
;
1643 FIXME("(%p,%p,%p) stub\n", PolicyHandle
, AccountSid
, UserRights
);
1645 Status
= LsapValidateDbObject(PolicyHandle
,
1649 if (!NT_SUCCESS(Status
))
1652 UserRights
->Entries
= 0;
1653 UserRights
->UserRights
= NULL
;
1654 return STATUS_OBJECT_NAME_NOT_FOUND
;
1659 NTSTATUS WINAPI
LsarAddAccountRights(
1660 LSAPR_HANDLE PolicyHandle
,
1661 PRPC_SID AccountSid
,
1662 PLSAPR_USER_RIGHT_SET UserRights
)
1665 return STATUS_NOT_IMPLEMENTED
;
1670 NTSTATUS WINAPI
LsarRemoveAccountRights(
1671 LSAPR_HANDLE PolicyHandle
,
1672 PRPC_SID AccountSid
,
1674 PLSAPR_USER_RIGHT_SET UserRights
)
1677 return STATUS_NOT_IMPLEMENTED
;
1682 NTSTATUS WINAPI
LsarQueryTrustedDomainInfo(
1683 LSAPR_HANDLE PolicyHandle
,
1684 PRPC_SID TrustedDomainSid
,
1685 TRUSTED_INFORMATION_CLASS InformationClass
,
1686 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1689 return STATUS_NOT_IMPLEMENTED
;
1694 NTSTATUS WINAPI
LsarSetTrustedDomainInfo(
1695 LSAPR_HANDLE PolicyHandle
,
1696 PRPC_SID TrustedDomainSid
,
1697 TRUSTED_INFORMATION_CLASS InformationClass
,
1698 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1701 return STATUS_NOT_IMPLEMENTED
;
1706 NTSTATUS WINAPI
LsarDeleteTrustedDomain(
1707 LSAPR_HANDLE PolicyHandle
,
1708 PRPC_SID TrustedDomainSid
)
1711 return STATUS_NOT_IMPLEMENTED
;
1716 NTSTATUS WINAPI
LsarStorePrivateData(
1717 LSAPR_HANDLE PolicyHandle
,
1718 PRPC_UNICODE_STRING KeyName
,
1719 PLSAPR_CR_CIPHER_VALUE EncryptedData
)
1722 return STATUS_NOT_IMPLEMENTED
;
1727 NTSTATUS WINAPI
LsarRetrievePrivateData(
1728 LSAPR_HANDLE PolicyHandle
,
1729 PRPC_UNICODE_STRING KeyName
,
1730 PLSAPR_CR_CIPHER_VALUE
*EncryptedData
)
1733 return STATUS_NOT_IMPLEMENTED
;
1738 NTSTATUS WINAPI
LsarOpenPolicy2(
1740 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
1741 ACCESS_MASK DesiredAccess
,
1742 LSAPR_HANDLE
*PolicyHandle
)
1745 return STATUS_NOT_IMPLEMENTED
;
1750 NTSTATUS WINAPI
LsarGetUserName(
1752 PRPC_UNICODE_STRING
*UserName
,
1753 PRPC_UNICODE_STRING
*DomainName
)
1756 return STATUS_NOT_IMPLEMENTED
;
1761 NTSTATUS WINAPI
LsarQueryInformationPolicy2(
1762 LSAPR_HANDLE PolicyHandle
,
1763 POLICY_INFORMATION_CLASS InformationClass
,
1764 unsigned long *PolicyInformation
)
1767 return STATUS_NOT_IMPLEMENTED
;
1772 NTSTATUS WINAPI
LsarSetInformationPolicy2(
1773 LSAPR_HANDLE PolicyHandle
,
1774 POLICY_INFORMATION_CLASS InformationClass
,
1775 unsigned long PolicyInformation
)
1778 return STATUS_NOT_IMPLEMENTED
;
1783 NTSTATUS WINAPI
LsarQueryTrustedDomainInfoByName(
1784 LSAPR_HANDLE PolicyHandle
,
1785 PRPC_UNICODE_STRING TrustedDomainName
,
1786 POLICY_INFORMATION_CLASS InformationClass
,
1787 unsigned long *PolicyInformation
)
1790 return STATUS_NOT_IMPLEMENTED
;
1795 NTSTATUS WINAPI
LsarSetTrustedDomainInfoByName(
1796 LSAPR_HANDLE PolicyHandle
,
1797 PRPC_UNICODE_STRING TrustedDomainName
,
1798 POLICY_INFORMATION_CLASS InformationClass
,
1799 unsigned long PolicyInformation
)
1802 return STATUS_NOT_IMPLEMENTED
;
1807 NTSTATUS WINAPI
LsarEnumerateTrustedDomainsEx(
1808 LSAPR_HANDLE PolicyHandle
,
1809 DWORD
*EnumerationContext
,
1810 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer
,
1811 DWORD PreferedMaximumLength
)
1814 return STATUS_NOT_IMPLEMENTED
;
1819 NTSTATUS WINAPI
LsarCreateTrustedDomainEx(
1820 LSAPR_HANDLE PolicyHandle
,
1821 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1822 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation
,
1823 ACCESS_MASK DesiredAccess
,
1824 LSAPR_HANDLE
*TrustedDomainHandle
)
1827 return STATUS_NOT_IMPLEMENTED
;
1832 NTSTATUS WINAPI
LsarSetPolicyReplicationHandle(
1833 PLSAPR_HANDLE PolicyHandle
)
1836 return STATUS_NOT_IMPLEMENTED
;
1841 NTSTATUS WINAPI
LsarQueryDomainInformationPolicy(
1842 LSAPR_HANDLE PolicyHandle
,
1843 POLICY_INFORMATION_CLASS InformationClass
,
1844 unsigned long *PolicyInformation
)
1847 return STATUS_NOT_IMPLEMENTED
;
1852 NTSTATUS WINAPI
LsarSetDomainInformationPolicy(
1853 LSAPR_HANDLE PolicyHandle
,
1854 POLICY_INFORMATION_CLASS InformationClass
,
1855 unsigned long PolicyInformation
)
1858 return STATUS_NOT_IMPLEMENTED
;
1863 NTSTATUS WINAPI
LsarOpenTrustedDomainByName(
1864 LSAPR_HANDLE PolicyHandle
,
1865 PRPC_UNICODE_STRING TrustedDomainName
,
1866 ACCESS_MASK DesiredAccess
,
1867 LSAPR_HANDLE
*TrustedDomainHandle
)
1870 return STATUS_NOT_IMPLEMENTED
;
1875 NTSTATUS WINAPI
LsarTestCall(
1879 return STATUS_NOT_IMPLEMENTED
;
1884 NTSTATUS WINAPI
LsarLookupSids2(
1885 LSAPR_HANDLE PolicyHandle
,
1886 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
1887 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1888 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
1889 LSAP_LOOKUP_LEVEL LookupLevel
,
1891 DWORD LookupOptions
,
1892 DWORD ClientRevision
)
1895 return STATUS_NOT_IMPLEMENTED
;
1900 NTSTATUS WINAPI
LsarLookupNames2(
1901 LSAPR_HANDLE PolicyHandle
,
1903 PRPC_UNICODE_STRING Names
,
1904 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1905 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids
,
1906 LSAP_LOOKUP_LEVEL LookupLevel
,
1908 DWORD LookupOptions
,
1909 DWORD ClientRevision
)
1912 return STATUS_NOT_IMPLEMENTED
;
1917 NTSTATUS WINAPI
LsarCreateTrustedDomainEx2(
1918 LSAPR_HANDLE PolicyHandle
,
1919 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1920 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation
,
1921 ACCESS_MASK DesiredAccess
,
1922 LSAPR_HANDLE
*TrustedDomainHandle
)
1925 return STATUS_NOT_IMPLEMENTED
;
1930 NTSTATUS WINAPI
CredrWrite(
1934 return STATUS_NOT_IMPLEMENTED
;
1939 NTSTATUS WINAPI
CredrRead(
1943 return STATUS_NOT_IMPLEMENTED
;
1948 NTSTATUS WINAPI
CredrEnumerate(
1952 return STATUS_NOT_IMPLEMENTED
;
1957 NTSTATUS WINAPI
CredrWriteDomainCredentials(
1961 return STATUS_NOT_IMPLEMENTED
;
1966 NTSTATUS WINAPI
CredrReadDomainCredentials(
1970 return STATUS_NOT_IMPLEMENTED
;
1975 NTSTATUS WINAPI
CredrDelete(
1979 return STATUS_NOT_IMPLEMENTED
;
1984 NTSTATUS WINAPI
CredrGetTargetInfo(
1988 return STATUS_NOT_IMPLEMENTED
;
1993 NTSTATUS WINAPI
CredrProfileLoaded(
1997 return STATUS_NOT_IMPLEMENTED
;
2002 NTSTATUS WINAPI
LsarLookupNames3(
2003 LSAPR_HANDLE PolicyHandle
,
2005 PRPC_UNICODE_STRING Names
,
2006 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2007 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2008 LSAP_LOOKUP_LEVEL LookupLevel
,
2010 DWORD LookupOptions
,
2011 DWORD ClientRevision
)
2013 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
2014 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
2015 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
= NULL
;
2016 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
= NULL
;
2017 ULONG SidsBufferLength
;
2018 ULONG DomainSidLength
;
2019 ULONG AccountSidLength
;
2025 TRACE("LsarLookupNames3(%p, %lu, %p, %p, %p, %d, %p, %lu, %lu)\n",
2026 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2027 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2030 return STATUS_NONE_MAPPED
;
2032 TranslatedSids
->Entries
= Count
;
2033 TranslatedSids
->Sids
= NULL
;
2034 *ReferencedDomains
= NULL
;
2036 SidsBufferLength
= Count
* sizeof(LSAPR_TRANSLATED_SID_EX2
);
2037 SidsBuffer
= MIDL_user_allocate(SidsBufferLength
);
2038 if (SidsBuffer
== NULL
)
2039 return STATUS_INSUFFICIENT_RESOURCES
;
2041 for (i
= 0; i
< Count
; i
++)
2043 SidsBuffer
[i
].Use
= SidTypeUser
;
2044 SidsBuffer
[i
].Sid
= NULL
;
2045 SidsBuffer
[i
].DomainIndex
= -1;
2046 SidsBuffer
[i
].Flags
= 0;
2049 DomainsBuffer
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
2050 if (DomainsBuffer
== NULL
)
2052 MIDL_user_free(SidsBuffer
);
2053 return STATUS_INSUFFICIENT_RESOURCES
;
2056 DomainsBuffer
->Entries
= Count
;
2057 DomainsBuffer
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
2058 if (DomainsBuffer
->Domains
== NULL
)
2060 MIDL_user_free(DomainsBuffer
);
2061 MIDL_user_free(SidsBuffer
);
2062 return STATUS_INSUFFICIENT_RESOURCES
;
2065 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2067 SECURITY_BUILTIN_DOMAIN_RID
,
2068 DOMAIN_ALIAS_RID_ADMINS
,
2071 if (!NT_SUCCESS(Status
))
2073 MIDL_user_free(DomainsBuffer
->Domains
);
2074 MIDL_user_free(DomainsBuffer
);
2075 MIDL_user_free(SidsBuffer
);
2079 DomainSidLength
= RtlLengthSid(DomainSid
);
2081 for (i
= 0; i
< Count
; i
++)
2083 DomainsBuffer
->Domains
[i
].Sid
= MIDL_user_allocate(DomainSidLength
);
2084 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Sid
,
2088 DomainsBuffer
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
2089 DomainsBuffer
->Domains
[i
].Name
.Length
= DomainName
.Length
;
2090 DomainsBuffer
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
2091 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Name
.Buffer
,
2093 DomainName
.MaximumLength
);
2096 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2098 SECURITY_BUILTIN_DOMAIN_RID
,
2099 DOMAIN_ALIAS_RID_ADMINS
,
2100 DOMAIN_USER_RID_ADMIN
,
2103 if (!NT_SUCCESS(Status
))
2105 MIDL_user_free(DomainsBuffer
->Domains
);
2106 MIDL_user_free(DomainsBuffer
);
2107 MIDL_user_free(SidsBuffer
);
2111 AccountSidLength
= RtlLengthSid(AccountSid
);
2113 for (i
= 0; i
< Count
; i
++)
2115 SidsBuffer
[i
].Use
= SidTypeWellKnownGroup
;
2116 SidsBuffer
[i
].Sid
= MIDL_user_allocate(AccountSidLength
);
2118 RtlCopyMemory(SidsBuffer
[i
].Sid
,
2122 SidsBuffer
[i
].DomainIndex
= i
;
2123 SidsBuffer
[i
].Flags
= 0;
2126 *ReferencedDomains
= DomainsBuffer
;
2127 *MappedCount
= Count
;
2129 TranslatedSids
->Entries
= Count
;
2130 TranslatedSids
->Sids
= SidsBuffer
;
2132 return STATUS_SUCCESS
;
2137 NTSTATUS WINAPI
CredrGetSessionTypes(
2141 return STATUS_NOT_IMPLEMENTED
;
2146 NTSTATUS WINAPI
LsarRegisterAuditEvent(
2150 return STATUS_NOT_IMPLEMENTED
;
2155 NTSTATUS WINAPI
LsarGenAuditEvent(
2159 return STATUS_NOT_IMPLEMENTED
;
2164 NTSTATUS WINAPI
LsarUnregisterAuditEvent(
2168 return STATUS_NOT_IMPLEMENTED
;
2173 NTSTATUS WINAPI
LsarQueryForestTrustInformation(
2174 LSAPR_HANDLE PolicyHandle
,
2175 PLSA_UNICODE_STRING TrustedDomainName
,
2176 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2177 PLSA_FOREST_TRUST_INFORMATION
*ForestTrustInfo
)
2180 return STATUS_NOT_IMPLEMENTED
;
2185 NTSTATUS WINAPI
LsarSetForestTrustInformation(
2186 LSAPR_HANDLE PolicyHandle
,
2187 PLSA_UNICODE_STRING TrustedDomainName
,
2188 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2189 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo
,
2191 PLSA_FOREST_TRUST_COLLISION_INFORMATION
*CollisionInfo
)
2194 return STATUS_NOT_IMPLEMENTED
;
2199 NTSTATUS WINAPI
CredrRename(
2203 return STATUS_NOT_IMPLEMENTED
;
2208 NTSTATUS WINAPI
LsarLookupSids3(
2209 LSAPR_HANDLE PolicyHandle
,
2210 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2211 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2212 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2213 LSAP_LOOKUP_LEVEL LookupLevel
,
2215 DWORD LookupOptions
,
2216 DWORD ClientRevision
)
2219 return STATUS_NOT_IMPLEMENTED
;
2224 NTSTATUS WINAPI
LsarLookupNames4(
2227 PRPC_UNICODE_STRING Names
,
2228 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2229 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2230 LSAP_LOOKUP_LEVEL LookupLevel
,
2232 DWORD LookupOptions
,
2233 DWORD ClientRevision
)
2236 return STATUS_NOT_IMPLEMENTED
;
2241 NTSTATUS WINAPI
LsarOpenPolicySce(
2245 return STATUS_NOT_IMPLEMENTED
;
2250 NTSTATUS WINAPI
LsarAdtRegisterSecurityEventSource(
2254 return STATUS_NOT_IMPLEMENTED
;
2259 NTSTATUS WINAPI
LsarAdtUnregisterSecurityEventSource(
2263 return STATUS_NOT_IMPLEMENTED
;
2268 NTSTATUS WINAPI
LsarAdtReportSecurityEvent(
2272 return STATUS_NOT_IMPLEMENTED
;
2277 NTSTATUS WINAPI
CredrFindBestCredential(
2281 return STATUS_NOT_IMPLEMENTED
;
2286 NTSTATUS WINAPI
LsarSetAuditPolicy(
2290 return STATUS_NOT_IMPLEMENTED
;
2295 NTSTATUS WINAPI
LsarQueryAuditPolicy(
2299 return STATUS_NOT_IMPLEMENTED
;
2304 NTSTATUS WINAPI
LsarEnumerateAuditPolicy(
2308 return STATUS_NOT_IMPLEMENTED
;
2313 NTSTATUS WINAPI
LsarEnumerateAuditCategories(
2317 return STATUS_NOT_IMPLEMENTED
;
2322 NTSTATUS WINAPI
LsarEnumerateAuditSubCategories(
2326 return STATUS_NOT_IMPLEMENTED
;
2331 NTSTATUS WINAPI
LsarLookupAuditCategoryName(
2335 return STATUS_NOT_IMPLEMENTED
;
2340 NTSTATUS WINAPI
LsarLookupAuditSubCategoryName(
2344 return STATUS_NOT_IMPLEMENTED
;
2349 NTSTATUS WINAPI
LsarSetAuditSecurity(
2353 return STATUS_NOT_IMPLEMENTED
;
2358 NTSTATUS WINAPI
LsarQueryAuditSecurity(
2362 return STATUS_NOT_IMPLEMENTED
;
2367 NTSTATUS WINAPI
CredReadByTokenHandle(
2371 return STATUS_NOT_IMPLEMENTED
;
2376 NTSTATUS WINAPI
CredrRestoreCredentials(
2380 return STATUS_NOT_IMPLEMENTED
;
2385 NTSTATUS WINAPI
CredrBackupCredentials(
2389 return STATUS_NOT_IMPLEMENTED
;