2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
7 * PROGRAMMERS: Eric Kohl
10 /* INCLUDES ****************************************************************/
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv
);
17 /* GLOBALS *****************************************************************/
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock
;
22 /* FUNCTIONS ***************************************************************/
25 LsarStartRpcServer(VOID
)
29 RtlInitializeCriticalSection(&PolicyHandleTableLock
);
31 TRACE("LsarStartRpcServer() called\n");
33 Status
= RpcServerUseProtseqEpW(L
"ncacn_np",
37 if (Status
!= RPC_S_OK
)
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status
);
43 Status
= RpcServerRegisterIf(lsarpc_v0_0_s_ifspec
,
46 if (Status
!= RPC_S_OK
)
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status
);
52 Status
= RpcServerListen(1, 20, TRUE
);
53 if (Status
!= RPC_S_OK
)
55 WARN("RpcServerListen() failed (Status %lx)\n", Status
);
59 TRACE("LsarStartRpcServer() done\n");
63 void __RPC_USER
LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle
)
70 NTSTATUS WINAPI
LsarClose(
71 LSAPR_HANDLE
*ObjectHandle
)
73 PLSA_DB_OBJECT DbObject
;
74 NTSTATUS Status
= STATUS_SUCCESS
;
76 TRACE("0x%p\n", ObjectHandle
);
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
80 Status
= LsapValidateDbObject(*ObjectHandle
,
84 if (Status
== STATUS_SUCCESS
)
86 Status
= LsapCloseDbObject(DbObject
);
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
97 NTSTATUS WINAPI
LsarDelete(
98 LSAPR_HANDLE ObjectHandle
)
101 return STATUS_NOT_SUPPORTED
;
106 NTSTATUS WINAPI
LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle
,
108 DWORD
*EnumerationContext
,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer
,
110 DWORD PreferedMaximumLength
)
113 return STATUS_NOT_IMPLEMENTED
;
118 NTSTATUS WINAPI
LsarQuerySecurityObject(
119 LSAPR_HANDLE ObjectHandle
,
120 SECURITY_INFORMATION SecurityInformation
,
121 PLSAPR_SR_SECURITY_DESCRIPTOR
*SecurityDescriptor
)
124 return STATUS_NOT_IMPLEMENTED
;
129 NTSTATUS WINAPI
LsarSetSecurityObject(
130 LSAPR_HANDLE ObjectHandle
,
131 SECURITY_INFORMATION SecurityInformation
,
132 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor
)
135 return STATUS_NOT_IMPLEMENTED
;
140 NTSTATUS WINAPI
LsarChangePassword(
142 PRPC_UNICODE_STRING String1
,
143 PRPC_UNICODE_STRING String2
,
144 PRPC_UNICODE_STRING String3
,
145 PRPC_UNICODE_STRING String4
,
146 PRPC_UNICODE_STRING String5
)
149 return STATUS_NOT_IMPLEMENTED
;
154 NTSTATUS WINAPI
LsarOpenPolicy(
156 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
157 ACCESS_MASK DesiredAccess
,
158 LSAPR_HANDLE
*PolicyHandle
)
160 PLSA_DB_OBJECT PolicyObject
;
163 TRACE("LsarOpenPolicy called!\n");
165 RtlEnterCriticalSection(&PolicyHandleTableLock
);
167 Status
= LsapOpenDbObject(NULL
,
173 RtlLeaveCriticalSection(&PolicyHandleTableLock
);
175 if (NT_SUCCESS(Status
))
176 *PolicyHandle
= (LSAPR_HANDLE
)PolicyObject
;
178 TRACE("LsarOpenPolicy done!\n");
185 NTSTATUS WINAPI
LsarQueryInformationPolicy(
186 LSAPR_HANDLE PolicyHandle
,
187 POLICY_INFORMATION_CLASS InformationClass
,
188 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
190 PLSA_DB_OBJECT DbObject
;
191 ACCESS_MASK DesiredAccess
= 0;
194 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
195 PolicyHandle
, InformationClass
, PolicyInformation
);
197 if (PolicyInformation
)
199 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
202 switch (InformationClass
)
204 case PolicyAuditLogInformation
:
205 case PolicyAuditEventsInformation
:
206 case PolicyAuditFullQueryInformation
:
207 DesiredAccess
= POLICY_VIEW_AUDIT_INFORMATION
;
210 case PolicyPrimaryDomainInformation
:
211 case PolicyAccountDomainInformation
:
212 case PolicyLsaServerRoleInformation
:
213 case PolicyReplicaSourceInformation
:
214 case PolicyDefaultQuotaInformation
:
215 case PolicyModificationInformation
:
216 case PolicyDnsDomainInformation
:
217 case PolicyDnsDomainInformationInt
:
218 case PolicyLocalAccountDomainInformation
:
219 DesiredAccess
= POLICY_VIEW_LOCAL_INFORMATION
;
222 case PolicyPdAccountInformation
:
223 DesiredAccess
= POLICY_GET_PRIVATE_INFORMATION
;
227 ERR("Invalid InformationClass!\n");
228 return STATUS_INVALID_PARAMETER
;
231 Status
= LsapValidateDbObject(PolicyHandle
,
235 if (!NT_SUCCESS(Status
))
238 switch (InformationClass
)
240 case PolicyAuditLogInformation
: /* 1 */
241 Status
= LsarQueryAuditLog(PolicyHandle
,
244 case PolicyAuditEventsInformation
: /* 2 */
245 Status
= LsarQueryAuditEvents(PolicyHandle
,
249 case PolicyPrimaryDomainInformation
: /* 3 */
250 Status
= LsarQueryPrimaryDomain(PolicyHandle
,
254 case PolicyPdAccountInformation
: /* 4 */
255 Status
= LsarQueryPdAccount(PolicyHandle
,
258 case PolicyAccountDomainInformation
: /* 5 */
259 Status
= LsarQueryAccountDomain(PolicyHandle
,
263 case PolicyLsaServerRoleInformation
: /* 6 */
264 Status
= LsarQueryServerRole(PolicyHandle
,
268 case PolicyReplicaSourceInformation
: /* 7 */
269 Status
= LsarQueryReplicaSource(PolicyHandle
,
272 case PolicyDefaultQuotaInformation
: /* 8 */
273 Status
= LsarQueryDefaultQuota(PolicyHandle
,
277 case PolicyModificationInformation
: /* 9 */
278 Status
= LsarQueryModification(PolicyHandle
,
282 case PolicyAuditFullQueryInformation
: /* 11 (0xB) */
283 Status
= LsarQueryAuditFull(PolicyHandle
,
287 case PolicyDnsDomainInformation
: /* 12 (0xC) */
288 Status
= LsarQueryDnsDomain(PolicyHandle
,
292 case PolicyDnsDomainInformationInt
: /* 13 (0xD) */
293 Status
= LsarQueryDnsDomainInt(PolicyHandle
,
297 case PolicyLocalAccountDomainInformation
: /* 14 (0xE) */
298 Status
= LsarQueryLocalAccountDomain(PolicyHandle
,
303 ERR("Invalid InformationClass!\n");
304 Status
= STATUS_INVALID_PARAMETER
;
312 NTSTATUS WINAPI
LsarSetInformationPolicy(
313 LSAPR_HANDLE PolicyHandle
,
314 POLICY_INFORMATION_CLASS InformationClass
,
315 PLSAPR_POLICY_INFORMATION PolicyInformation
)
317 PLSA_DB_OBJECT DbObject
;
318 ACCESS_MASK DesiredAccess
= 0;
321 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
322 PolicyHandle
, InformationClass
, PolicyInformation
);
324 if (PolicyInformation
)
326 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
329 switch (InformationClass
)
331 case PolicyAuditLogInformation
:
332 case PolicyAuditFullSetInformation
:
333 DesiredAccess
= POLICY_AUDIT_LOG_ADMIN
;
336 case PolicyAuditEventsInformation
:
337 DesiredAccess
= POLICY_SET_AUDIT_REQUIREMENTS
;
340 case PolicyPrimaryDomainInformation
:
341 case PolicyAccountDomainInformation
:
342 case PolicyDnsDomainInformation
:
343 case PolicyDnsDomainInformationInt
:
344 case PolicyLocalAccountDomainInformation
:
345 DesiredAccess
= POLICY_TRUST_ADMIN
;
348 case PolicyLsaServerRoleInformation
:
349 case PolicyReplicaSourceInformation
:
350 DesiredAccess
= POLICY_SERVER_ADMIN
;
353 case PolicyDefaultQuotaInformation
:
354 DesiredAccess
= POLICY_SET_DEFAULT_QUOTA_LIMITS
;
358 ERR("Invalid InformationClass!\n");
359 return STATUS_INVALID_PARAMETER
;
362 Status
= LsapValidateDbObject(PolicyHandle
,
366 if (!NT_SUCCESS(Status
))
369 switch (InformationClass
)
371 case PolicyAuditEventsInformation
:
372 Status
= STATUS_NOT_IMPLEMENTED
;
375 case PolicyPrimaryDomainInformation
:
376 Status
= LsarSetPrimaryDomain(PolicyHandle
,
377 (PLSAPR_POLICY_PRIMARY_DOM_INFO
)PolicyInformation
);
380 case PolicyAccountDomainInformation
:
381 Status
= LsarSetAccountDomain(PolicyHandle
,
382 (PLSAPR_POLICY_ACCOUNT_DOM_INFO
)PolicyInformation
);
385 case PolicyDnsDomainInformation
:
386 Status
= LsarSetDnsDomain(PolicyHandle
,
387 (PLSAPR_POLICY_DNS_DOMAIN_INFO
)PolicyInformation
);
390 case PolicyLsaServerRoleInformation
:
391 Status
= STATUS_NOT_IMPLEMENTED
;
395 Status
= STATUS_INVALID_PARAMETER
;
404 NTSTATUS WINAPI
LsarClearAuditLog(
405 LSAPR_HANDLE ObjectHandle
)
408 return STATUS_NOT_IMPLEMENTED
;
413 NTSTATUS WINAPI
LsarCreateAccount(
414 LSAPR_HANDLE PolicyHandle
,
416 ACCESS_MASK DesiredAccess
,
417 LSAPR_HANDLE
*AccountHandle
)
419 PLSA_DB_OBJECT PolicyObject
;
420 PLSA_DB_OBJECT AccountsObject
= NULL
;
421 PLSA_DB_OBJECT AccountObject
= NULL
;
422 LPWSTR SidString
= NULL
;
423 NTSTATUS Status
= STATUS_SUCCESS
;
425 /* Validate the PolicyHandle */
426 Status
= LsapValidateDbObject(PolicyHandle
,
428 POLICY_CREATE_ACCOUNT
,
430 if (!NT_SUCCESS(Status
))
432 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
436 /* Open the Accounts object */
437 Status
= LsapOpenDbObject(PolicyObject
,
439 LsaDbContainerObject
,
442 if (!NT_SUCCESS(Status
))
444 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status
);
448 /* Create SID string */
449 if (!ConvertSidToStringSid((PSID
)AccountSid
,
452 ERR("ConvertSidToStringSid failed\n");
453 Status
= STATUS_INVALID_PARAMETER
;
457 /* Create the Account object */
458 Status
= LsapCreateDbObject(AccountsObject
,
463 if (!NT_SUCCESS(Status
))
465 ERR("LsapCreateDbObject (Account) failed (Status 0x%08lx)\n", Status
);
469 /* Set the Sid attribute */
470 Status
= LsapSetObjectAttribute(AccountObject
,
473 GetLengthSid(AccountSid
));
476 if (SidString
!= NULL
)
477 LocalFree(SidString
);
479 if (!NT_SUCCESS(Status
))
481 if (AccountObject
!= NULL
)
482 LsapCloseDbObject(AccountObject
);
486 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
489 if (AccountsObject
!= NULL
)
490 LsapCloseDbObject(AccountsObject
);
492 return STATUS_SUCCESS
;
497 NTSTATUS WINAPI
LsarEnumerateAccounts(
498 LSAPR_HANDLE PolicyHandle
,
499 DWORD
*EnumerationContext
,
500 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
,
501 DWORD PreferedMaximumLength
)
504 return STATUS_NOT_IMPLEMENTED
;
509 NTSTATUS WINAPI
LsarCreateTrustedDomain(
510 LSAPR_HANDLE PolicyHandle
,
511 PLSAPR_TRUST_INFORMATION TrustedDomainInformation
,
512 ACCESS_MASK DesiredAccess
,
513 LSAPR_HANDLE
*TrustedDomainHandle
)
516 return STATUS_NOT_IMPLEMENTED
;
521 NTSTATUS WINAPI
LsarEnumerateTrustedDomains(
522 LSAPR_HANDLE PolicyHandle
,
523 DWORD
*EnumerationContext
,
524 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer
,
525 DWORD PreferedMaximumLength
)
528 return STATUS_NOT_IMPLEMENTED
;
533 NTSTATUS WINAPI
LsarLookupNames(
534 LSAPR_HANDLE PolicyHandle
,
536 PRPC_UNICODE_STRING Names
,
537 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
538 PLSAPR_TRANSLATED_SIDS TranslatedSids
,
539 LSAP_LOOKUP_LEVEL LookupLevel
,
542 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
543 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
544 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
545 PLSA_TRANSLATED_SID OutputSids
= NULL
;
546 ULONG OutputSidsLength
;
552 TRACE("LsarLookupNames(%p, %lu, %p, %p, %p, %d, %p)\n",
553 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
554 LookupLevel
, MappedCount
);
556 TranslatedSids
->Entries
= Count
;
557 TranslatedSids
->Sids
= NULL
;
558 *ReferencedDomains
= NULL
;
560 OutputSidsLength
= Count
* sizeof(LSA_TRANSLATED_SID
);
561 OutputSids
= MIDL_user_allocate(OutputSidsLength
);
562 if (OutputSids
== NULL
)
564 return STATUS_INSUFFICIENT_RESOURCES
;
567 RtlZeroMemory(OutputSids
, OutputSidsLength
);
569 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
570 if (OutputDomains
== NULL
)
572 MIDL_user_free(OutputSids
);
573 return STATUS_INSUFFICIENT_RESOURCES
;
576 OutputDomains
->Entries
= Count
;
577 OutputDomains
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
578 if (OutputDomains
->Domains
== NULL
)
580 MIDL_user_free(OutputDomains
);
581 MIDL_user_free(OutputSids
);
582 return STATUS_INSUFFICIENT_RESOURCES
;
585 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
587 SECURITY_BUILTIN_DOMAIN_RID
,
588 DOMAIN_ALIAS_RID_ADMINS
,
591 if (!NT_SUCCESS(Status
))
593 MIDL_user_free(OutputDomains
->Domains
);
594 MIDL_user_free(OutputDomains
);
595 MIDL_user_free(OutputSids
);
599 SidLength
= RtlLengthSid(Sid
);
601 for (i
= 0; i
< Count
; i
++)
603 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
604 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
606 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
607 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
608 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
609 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
612 for (i
= 0; i
< Count
; i
++)
614 OutputSids
[i
].Use
= SidTypeWellKnownGroup
;
615 OutputSids
[i
].RelativeId
= DOMAIN_USER_RID_ADMIN
; //DOMAIN_ALIAS_RID_ADMINS;
616 OutputSids
[i
].DomainIndex
= i
;
619 *ReferencedDomains
= OutputDomains
;
621 *MappedCount
= Count
;
623 TranslatedSids
->Entries
= Count
;
624 TranslatedSids
->Sids
= OutputSids
;
626 return STATUS_SUCCESS
;
631 NTSTATUS WINAPI
LsarLookupSids(
632 LSAPR_HANDLE PolicyHandle
,
633 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
634 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
635 PLSAPR_TRANSLATED_NAMES TranslatedNames
,
636 LSAP_LOOKUP_LEVEL LookupLevel
,
639 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
640 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
641 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
642 PLSAPR_TRANSLATED_NAME OutputNames
= NULL
;
643 ULONG OutputNamesLength
;
649 TRACE("LsarLookupSids(%p, %p, %p, %p, %d, %p)\n",
650 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
651 LookupLevel
, MappedCount
);
653 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
654 TranslatedNames
->Names
= NULL
;
655 *ReferencedDomains
= NULL
;
657 OutputNamesLength
= SidEnumBuffer
->Entries
* sizeof(LSA_TRANSLATED_NAME
);
658 OutputNames
= MIDL_user_allocate(OutputNamesLength
);
659 if (OutputNames
== NULL
)
661 return STATUS_INSUFFICIENT_RESOURCES
;
664 RtlZeroMemory(OutputNames
, OutputNamesLength
);
666 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
667 if (OutputDomains
== NULL
)
669 MIDL_user_free(OutputNames
);
670 return STATUS_INSUFFICIENT_RESOURCES
;
673 OutputDomains
->Entries
= SidEnumBuffer
->Entries
;
674 OutputDomains
->Domains
= MIDL_user_allocate(SidEnumBuffer
->Entries
* sizeof(LSA_TRUST_INFORMATION
));
675 if (OutputDomains
->Domains
== NULL
)
677 MIDL_user_free(OutputDomains
);
678 MIDL_user_free(OutputNames
);
679 return STATUS_INSUFFICIENT_RESOURCES
;
682 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
684 SECURITY_BUILTIN_DOMAIN_RID
,
685 DOMAIN_ALIAS_RID_ADMINS
,
688 if (!NT_SUCCESS(Status
))
690 MIDL_user_free(OutputDomains
->Domains
);
691 MIDL_user_free(OutputDomains
);
692 MIDL_user_free(OutputNames
);
696 SidLength
= RtlLengthSid(Sid
);
698 for (i
= 0; i
< SidEnumBuffer
->Entries
; i
++)
700 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
701 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
703 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
704 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
705 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
706 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
709 Status
= LsapLookupSids(SidEnumBuffer
,
712 *ReferencedDomains
= OutputDomains
;
714 *MappedCount
= SidEnumBuffer
->Entries
;
716 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
717 TranslatedNames
->Names
= OutputNames
;
724 NTSTATUS WINAPI
LsarCreateSecret(
725 LSAPR_HANDLE PolicyHandle
,
726 PRPC_UNICODE_STRING SecretName
,
727 ACCESS_MASK DesiredAccess
,
728 LSAPR_HANDLE
*SecretHandle
)
730 PLSA_DB_OBJECT PolicyObject
;
731 PLSA_DB_OBJECT SecretsObject
= NULL
;
732 PLSA_DB_OBJECT SecretObject
= NULL
;
734 NTSTATUS Status
= STATUS_SUCCESS
;
736 /* Validate the PolicyHandle */
737 Status
= LsapValidateDbObject(PolicyHandle
,
739 POLICY_CREATE_SECRET
,
741 if (!NT_SUCCESS(Status
))
743 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
747 /* Open the Secrets object */
748 Status
= LsapOpenDbObject(PolicyObject
,
750 LsaDbContainerObject
,
753 if (!NT_SUCCESS(Status
))
755 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status
);
759 /* Get the current time */
760 Status
= NtQuerySystemTime(&Time
);
761 if (!NT_SUCCESS(Status
))
763 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
767 /* Create the Secret object */
768 Status
= LsapCreateDbObject(SecretsObject
,
773 if (!NT_SUCCESS(Status
))
775 ERR("LsapCreateDbObject (Secret) failed (Status 0x%08lx)\n", Status
);
779 /* Set the CurrentTime attribute */
780 Status
= LsapSetObjectAttribute(SecretObject
,
783 sizeof(LARGE_INTEGER
));
784 if (!NT_SUCCESS(Status
))
786 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status
);
790 /* Set the OldTime attribute */
791 Status
= LsapSetObjectAttribute(SecretObject
,
794 sizeof(LARGE_INTEGER
));
797 if (!NT_SUCCESS(Status
))
799 if (SecretObject
!= NULL
)
800 LsapCloseDbObject(SecretObject
);
804 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
807 if (SecretsObject
!= NULL
)
808 LsapCloseDbObject(SecretsObject
);
810 return STATUS_SUCCESS
;
815 NTSTATUS WINAPI
LsarOpenAccount(
816 LSAPR_HANDLE PolicyHandle
,
818 ACCESS_MASK DesiredAccess
,
819 LSAPR_HANDLE
*AccountHandle
)
821 PLSA_DB_OBJECT PolicyObject
;
822 PLSA_DB_OBJECT AccountsObject
= NULL
;
823 PLSA_DB_OBJECT AccountObject
= NULL
;
824 LPWSTR SidString
= NULL
;
825 NTSTATUS Status
= STATUS_SUCCESS
;
827 /* Validate the PolicyHandle */
828 Status
= LsapValidateDbObject(PolicyHandle
,
830 POLICY_CREATE_ACCOUNT
,
832 if (!NT_SUCCESS(Status
))
834 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
838 /* Open the Accounts object */
839 Status
= LsapOpenDbObject(PolicyObject
,
841 LsaDbContainerObject
,
844 if (!NT_SUCCESS(Status
))
846 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status
);
850 /* Create SID string */
851 if (!ConvertSidToStringSid((PSID
)AccountSid
,
854 ERR("ConvertSidToStringSid failed\n");
855 Status
= STATUS_INVALID_PARAMETER
;
859 /* Create the Account object */
860 Status
= LsapOpenDbObject(AccountsObject
,
865 if (!NT_SUCCESS(Status
))
867 ERR("LsapOpenDbObject (Account) failed (Status 0x%08lx)\n", Status
);
871 /* Set the Sid attribute */
872 Status
= LsapSetObjectAttribute(AccountObject
,
875 GetLengthSid(AccountSid
));
878 if (SidString
!= NULL
)
879 LocalFree(SidString
);
881 if (!NT_SUCCESS(Status
))
883 if (AccountObject
!= NULL
)
884 LsapCloseDbObject(AccountObject
);
888 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
891 if (AccountsObject
!= NULL
)
892 LsapCloseDbObject(AccountsObject
);
894 return STATUS_SUCCESS
;
899 NTSTATUS WINAPI
LsarEnumeratePrivilegesAccount(
900 LSAPR_HANDLE AccountHandle
,
901 PLSAPR_PRIVILEGE_SET
*Privileges
)
903 PLSA_DB_OBJECT AccountObject
;
904 ULONG PrivilegeSetSize
= 0;
905 PLSAPR_PRIVILEGE_SET PrivilegeSet
= NULL
;
910 /* Validate the AccountHandle */
911 Status
= LsapValidateDbObject(AccountHandle
,
915 if (!NT_SUCCESS(Status
))
917 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
921 /* Get the size of the privilege set */
922 Status
= LsapGetObjectAttribute(AccountObject
,
926 if (!NT_SUCCESS(Status
))
929 /* Allocate a buffer for the privilege set */
930 PrivilegeSet
= MIDL_user_allocate(PrivilegeSetSize
);
931 if (PrivilegeSet
== NULL
)
932 return STATUS_NO_MEMORY
;
934 /* Get the privilege set */
935 Status
= LsapGetObjectAttribute(AccountObject
,
939 if (!NT_SUCCESS(Status
))
941 MIDL_user_free(PrivilegeSet
);
945 /* Return a pointer to the privilege set */
946 *Privileges
= PrivilegeSet
;
948 return STATUS_SUCCESS
;
953 NTSTATUS WINAPI
LsarAddPrivilegesToAccount(
954 LSAPR_HANDLE AccountHandle
,
955 PLSAPR_PRIVILEGE_SET Privileges
)
957 PLSA_DB_OBJECT AccountObject
;
958 PPRIVILEGE_SET CurrentPrivileges
= NULL
;
959 PPRIVILEGE_SET NewPrivileges
= NULL
;
960 ULONG PrivilegeSetSize
= 0;
961 ULONG PrivilegeCount
;
966 /* Validate the AccountHandle */
967 Status
= LsapValidateDbObject(AccountHandle
,
969 ACCOUNT_ADJUST_PRIVILEGES
,
971 if (!NT_SUCCESS(Status
))
973 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
977 Status
= LsapGetObjectAttribute(AccountObject
,
981 if (!NT_SUCCESS(Status
) || PrivilegeSetSize
== 0)
983 /* The Privilgs attribute does not exist */
985 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
986 (Privileges
->PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
987 Status
= LsapSetObjectAttribute(AccountObject
,
994 /* The Privilgs attribute exists */
996 /* Allocate memory for the stored privilege set */
997 CurrentPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
998 if (CurrentPrivileges
== NULL
)
999 return STATUS_NO_MEMORY
;
1001 /* Get the current privilege set */
1002 Status
= LsapGetObjectAttribute(AccountObject
,
1006 if (!NT_SUCCESS(Status
))
1008 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status
);
1012 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1013 TRACE("Current privilege count: %lu\n", PrivilegeCount
);
1015 /* Calculate the number privileges in the combined privilege set */
1016 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1019 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1021 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1022 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1029 if (bFound
== FALSE
)
1031 TRACE("Found new privilege\n");
1035 TRACE("New privilege count: %lu\n", PrivilegeCount
);
1037 /* Calculate the size of the new privilege set and allocate it */
1038 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1039 (PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1040 NewPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1041 if (NewPrivileges
== NULL
)
1043 Status
= STATUS_NO_MEMORY
;
1047 /* Initialize the new privilege set */
1048 NewPrivileges
->PrivilegeCount
= PrivilegeCount
;
1049 NewPrivileges
->Control
= 0;
1051 /* Copy all privileges from the current privilege set */
1052 RtlCopyLuidAndAttributesArray(CurrentPrivileges
->PrivilegeCount
,
1053 &(CurrentPrivileges
->Privilege
[0]),
1054 &(NewPrivileges
->Privilege
[0]));
1056 /* Add new privileges to the new privilege set */
1057 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1058 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1061 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1063 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1064 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1066 /* Overwrite attributes if a matching privilege was found */
1067 NewPrivileges
->Privilege
[j
].Attributes
= Privileges
->Privilege
[i
].Attributes
;
1074 if (bFound
== FALSE
)
1076 /* Copy the new privilege */
1077 RtlCopyLuidAndAttributesArray(1,
1078 (PLUID_AND_ATTRIBUTES
)&(Privileges
->Privilege
[i
]),
1079 &(NewPrivileges
->Privilege
[PrivilegeCount
]));
1084 /* Set the new priivliege set */
1085 Status
= LsapSetObjectAttribute(AccountObject
,
1092 if (CurrentPrivileges
!= NULL
)
1093 MIDL_user_free(CurrentPrivileges
);
1095 if (NewPrivileges
!= NULL
)
1096 MIDL_user_free(NewPrivileges
);
1103 NTSTATUS WINAPI
LsarRemovePrivilegesFromAccount(
1104 LSAPR_HANDLE AccountHandle
,
1106 PLSAPR_PRIVILEGE_SET Privileges
)
1109 return STATUS_NOT_IMPLEMENTED
;
1114 NTSTATUS WINAPI
LsarGetQuotasForAccount(
1115 LSAPR_HANDLE AccountHandle
,
1116 PQUOTA_LIMITS QuotaLimits
)
1119 return STATUS_NOT_IMPLEMENTED
;
1124 NTSTATUS WINAPI
LsarSetQuotasForAccount(
1125 LSAPR_HANDLE AccountHandle
,
1126 PQUOTA_LIMITS QuotaLimits
)
1129 return STATUS_NOT_IMPLEMENTED
;
1134 NTSTATUS WINAPI
LsarGetSystemAccessAccount(
1135 LSAPR_HANDLE AccountHandle
,
1136 ACCESS_MASK
*SystemAccess
)
1138 PLSA_DB_OBJECT AccountObject
;
1142 /* Validate the account handle */
1143 Status
= LsapValidateDbObject(AccountHandle
,
1147 if (!NT_SUCCESS(Status
))
1149 ERR("Invalid handle (Status %lx)\n", Status
);
1153 /* Get the system access flags */
1154 Status
= LsapGetObjectAttribute(AccountObject
,
1164 NTSTATUS WINAPI
LsarSetSystemAccessAccount(
1165 LSAPR_HANDLE AccountHandle
,
1166 ACCESS_MASK SystemAccess
)
1168 PLSA_DB_OBJECT AccountObject
;
1171 /* Validate the account handle */
1172 Status
= LsapValidateDbObject(AccountHandle
,
1174 ACCOUNT_ADJUST_SYSTEM_ACCESS
,
1176 if (!NT_SUCCESS(Status
))
1178 ERR("Invalid handle (Status %lx)\n", Status
);
1182 /* Set the system access flags */
1183 Status
= LsapSetObjectAttribute(AccountObject
,
1186 sizeof(ACCESS_MASK
));
1193 NTSTATUS WINAPI
LsarOpenTrustedDomain(
1194 LSAPR_HANDLE PolicyHandle
,
1195 PRPC_SID TrustedDomainSid
,
1196 ACCESS_MASK DesiredAccess
,
1197 LSAPR_HANDLE
*TrustedDomainHandle
)
1200 return STATUS_NOT_IMPLEMENTED
;
1205 NTSTATUS WINAPI
LsarQueryInfoTrustedDomain(
1206 LSAPR_HANDLE TrustedDomainHandle
,
1207 TRUSTED_INFORMATION_CLASS InformationClass
,
1208 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1211 return STATUS_NOT_IMPLEMENTED
;
1216 NTSTATUS WINAPI
LsarSetInformationTrustedDomain(
1217 LSAPR_HANDLE TrustedDomainHandle
,
1218 TRUSTED_INFORMATION_CLASS InformationClass
,
1219 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1222 return STATUS_NOT_IMPLEMENTED
;
1227 NTSTATUS WINAPI
LsarOpenSecret(
1228 LSAPR_HANDLE PolicyHandle
,
1229 PRPC_UNICODE_STRING SecretName
,
1230 ACCESS_MASK DesiredAccess
,
1231 LSAPR_HANDLE
*SecretHandle
)
1233 PLSA_DB_OBJECT PolicyObject
;
1234 PLSA_DB_OBJECT SecretsObject
= NULL
;
1235 PLSA_DB_OBJECT SecretObject
= NULL
;
1236 NTSTATUS Status
= STATUS_SUCCESS
;
1238 /* Validate the PolicyHandle */
1239 Status
= LsapValidateDbObject(PolicyHandle
,
1241 POLICY_CREATE_SECRET
,
1243 if (!NT_SUCCESS(Status
))
1245 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1249 /* Open the Secrets object */
1250 Status
= LsapOpenDbObject(PolicyObject
,
1252 LsaDbContainerObject
,
1255 if (!NT_SUCCESS(Status
))
1257 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status
);
1261 /* Create the secret object */
1262 Status
= LsapOpenDbObject(SecretsObject
,
1267 if (!NT_SUCCESS(Status
))
1269 ERR("LsapOpenDbObject (Secret) failed (Status 0x%08lx)\n", Status
);
1274 if (!NT_SUCCESS(Status
))
1276 if (SecretObject
!= NULL
)
1277 LsapCloseDbObject(SecretObject
);
1281 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
1284 if (SecretsObject
!= NULL
)
1285 LsapCloseDbObject(SecretsObject
);
1287 return STATUS_SUCCESS
;
1292 NTSTATUS WINAPI
LsarSetSecret(
1293 LSAPR_HANDLE SecretHandle
,
1294 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue
,
1295 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue
)
1297 PLSA_DB_OBJECT SecretObject
;
1298 PBYTE CurrentValue
= NULL
;
1299 PBYTE OldValue
= NULL
;
1300 ULONG CurrentValueLength
= 0;
1301 ULONG OldValueLength
= 0;
1305 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle
,
1306 EncryptedCurrentValue
, EncryptedOldValue
);
1308 /* Validate the SecretHandle */
1309 Status
= LsapValidateDbObject(SecretHandle
,
1313 if (!NT_SUCCESS(Status
))
1315 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1319 if (EncryptedCurrentValue
!= NULL
)
1321 /* FIXME: Decrypt the current value */
1322 CurrentValue
= EncryptedCurrentValue
->Buffer
;
1323 CurrentValueLength
= EncryptedCurrentValue
->MaximumLength
;
1326 /* Set the current value */
1327 Status
= LsapSetObjectAttribute(SecretObject
,
1330 CurrentValueLength
);
1331 if (!NT_SUCCESS(Status
))
1333 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1337 /* Get the current time */
1338 Status
= NtQuerySystemTime(&Time
);
1339 if (!NT_SUCCESS(Status
))
1341 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
1345 /* Set the current time */
1346 Status
= LsapSetObjectAttribute(SecretObject
,
1349 sizeof(LARGE_INTEGER
));
1350 if (!NT_SUCCESS(Status
))
1352 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1356 if (EncryptedOldValue
!= NULL
)
1358 /* FIXME: Decrypt the old value */
1359 OldValue
= EncryptedOldValue
->Buffer
;
1360 OldValueLength
= EncryptedOldValue
->MaximumLength
;
1363 /* Set the old value */
1364 Status
= LsapSetObjectAttribute(SecretObject
,
1368 if (!NT_SUCCESS(Status
))
1370 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1374 /* Set the old time */
1375 Status
= LsapSetObjectAttribute(SecretObject
,
1378 sizeof(LARGE_INTEGER
));
1379 if (!NT_SUCCESS(Status
))
1381 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1390 NTSTATUS WINAPI
LsarQuerySecret(
1391 LSAPR_HANDLE SecretHandle
,
1392 PLSAPR_CR_CIPHER_VALUE
*EncryptedCurrentValue
,
1393 PLARGE_INTEGER CurrentValueSetTime
,
1394 PLSAPR_CR_CIPHER_VALUE
*EncryptedOldValue
,
1395 PLARGE_INTEGER OldValueSetTime
)
1397 PLSA_DB_OBJECT SecretObject
;
1398 PLSAPR_CR_CIPHER_VALUE EncCurrentValue
= NULL
;
1399 PLSAPR_CR_CIPHER_VALUE EncOldValue
= NULL
;
1400 PBYTE CurrentValue
= NULL
;
1401 PBYTE OldValue
= NULL
;
1402 ULONG CurrentValueLength
= 0;
1403 ULONG OldValueLength
= 0;
1407 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle
,
1408 EncryptedCurrentValue
, CurrentValueSetTime
,
1409 EncryptedOldValue
, OldValueSetTime
);
1411 /* Validate the SecretHandle */
1412 Status
= LsapValidateDbObject(SecretHandle
,
1416 if (!NT_SUCCESS(Status
))
1418 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1422 if (EncryptedCurrentValue
!= NULL
)
1424 CurrentValueLength
= 0;
1426 /* Get the size of the current value */
1427 Status
= LsapGetObjectAttribute(SecretObject
,
1430 &CurrentValueLength
);
1431 if (!NT_SUCCESS(Status
))
1434 /* Allocate a buffer for the current value */
1435 CurrentValue
= midl_user_allocate(CurrentValueLength
);
1436 if (CurrentValue
== NULL
)
1438 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1442 /* Get the current value */
1443 Status
= LsapGetObjectAttribute(SecretObject
,
1446 &CurrentValueLength
);
1447 if (!NT_SUCCESS(Status
))
1450 /* Allocate a buffer for the encrypted current value */
1451 EncCurrentValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
));
1452 if (EncCurrentValue
== NULL
)
1454 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1458 /* FIXME: Encrypt the current value */
1459 EncCurrentValue
->Length
= (USHORT
)(CurrentValueLength
- sizeof(WCHAR
));
1460 EncCurrentValue
->MaximumLength
= (USHORT
)CurrentValueLength
;
1461 EncCurrentValue
->Buffer
= (PBYTE
)CurrentValue
;
1464 if (CurrentValueSetTime
!= NULL
)
1466 BufferSize
= sizeof(LARGE_INTEGER
);
1468 /* Get the current value time */
1469 Status
= LsapGetObjectAttribute(SecretObject
,
1471 (PBYTE
)CurrentValueSetTime
,
1473 if (!NT_SUCCESS(Status
))
1477 if (EncryptedOldValue
!= NULL
)
1481 /* Get the size of the old value */
1482 Status
= LsapGetObjectAttribute(SecretObject
,
1486 if (!NT_SUCCESS(Status
))
1489 /* Allocate a buffer for the old value */
1490 OldValue
= midl_user_allocate(OldValueLength
);
1491 if (OldValue
== NULL
)
1493 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1497 /* Get the old value */
1498 Status
= LsapGetObjectAttribute(SecretObject
,
1502 if (!NT_SUCCESS(Status
))
1505 /* Allocate a buffer for the encrypted old value */
1506 EncOldValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
) + OldValueLength
);
1507 if (EncOldValue
== NULL
)
1509 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1513 /* FIXME: Encrypt the old value */
1514 EncOldValue
->Length
= (USHORT
)(OldValueLength
- sizeof(WCHAR
));
1515 EncOldValue
->MaximumLength
= (USHORT
)OldValueLength
;
1516 EncOldValue
->Buffer
= (PBYTE
)OldValue
;
1519 if (OldValueSetTime
!= NULL
)
1521 BufferSize
= sizeof(LARGE_INTEGER
);
1523 /* Get the old value time */
1524 Status
= LsapGetObjectAttribute(SecretObject
,
1526 (PBYTE
)OldValueSetTime
,
1528 if (!NT_SUCCESS(Status
))
1534 if (NT_SUCCESS(Status
))
1536 if (EncryptedCurrentValue
!= NULL
)
1537 *EncryptedCurrentValue
= EncCurrentValue
;
1539 if (EncryptedOldValue
!= NULL
)
1540 *EncryptedOldValue
= EncOldValue
;
1544 if (EncryptedCurrentValue
!= NULL
)
1545 *EncryptedCurrentValue
= NULL
;
1547 if (EncryptedOldValue
!= NULL
)
1548 *EncryptedOldValue
= NULL
;
1550 if (EncCurrentValue
!= NULL
)
1551 midl_user_free(EncCurrentValue
);
1553 if (EncOldValue
!= NULL
)
1554 midl_user_free(EncOldValue
);
1556 if (CurrentValue
!= NULL
)
1557 midl_user_free(CurrentValue
);
1559 if (OldValue
!= NULL
)
1560 midl_user_free(OldValue
);
1563 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status
);
1570 NTSTATUS WINAPI
LsarLookupPrivilegeValue(
1571 LSAPR_HANDLE PolicyHandle
,
1572 PRPC_UNICODE_STRING Name
,
1577 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1578 PolicyHandle
, Name
, Value
);
1580 Status
= LsapValidateDbObject(PolicyHandle
,
1582 POLICY_LOOKUP_NAMES
,
1584 if (!NT_SUCCESS(Status
))
1586 ERR("Invalid handle (Status %lx)\n", Status
);
1590 TRACE("Privilege: %wZ\n", Name
);
1592 Status
= LsarpLookupPrivilegeValue((PUNICODE_STRING
)Name
,
1600 NTSTATUS WINAPI
LsarLookupPrivilegeName(
1601 LSAPR_HANDLE PolicyHandle
,
1603 PRPC_UNICODE_STRING
*Name
)
1607 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1608 PolicyHandle
, Value
, Name
);
1610 Status
= LsapValidateDbObject(PolicyHandle
,
1612 POLICY_LOOKUP_NAMES
,
1614 if (!NT_SUCCESS(Status
))
1616 ERR("Invalid handle\n");
1620 Status
= LsarpLookupPrivilegeName(Value
, (PUNICODE_STRING
*)Name
);
1627 NTSTATUS WINAPI
LsarLookupPrivilegeDisplayName(
1628 LSAPR_HANDLE PolicyHandle
,
1629 PRPC_UNICODE_STRING Name
,
1630 USHORT ClientLanguage
,
1631 USHORT ClientSystemDefaultLanguage
,
1632 PRPC_UNICODE_STRING
*DisplayName
,
1633 USHORT
*LanguageReturned
)
1636 return STATUS_NOT_IMPLEMENTED
;
1641 NTSTATUS WINAPI
LsarDeleteObject(
1642 LSAPR_HANDLE
*ObjectHandle
)
1645 return STATUS_NOT_IMPLEMENTED
;
1650 NTSTATUS WINAPI
LsarEnumerateAccountsWithUserRight(
1651 LSAPR_HANDLE PolicyHandle
,
1652 PRPC_UNICODE_STRING UserRight
,
1653 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
)
1656 return STATUS_NOT_IMPLEMENTED
;
1661 NTSTATUS WINAPI
LsarEnmuerateAccountRights(
1662 LSAPR_HANDLE PolicyHandle
,
1663 PRPC_SID AccountSid
,
1664 PLSAPR_USER_RIGHT_SET UserRights
)
1666 PLSA_DB_OBJECT PolicyObject
;
1669 FIXME("(%p,%p,%p) stub\n", PolicyHandle
, AccountSid
, UserRights
);
1671 Status
= LsapValidateDbObject(PolicyHandle
,
1675 if (!NT_SUCCESS(Status
))
1678 UserRights
->Entries
= 0;
1679 UserRights
->UserRights
= NULL
;
1680 return STATUS_OBJECT_NAME_NOT_FOUND
;
1685 NTSTATUS WINAPI
LsarAddAccountRights(
1686 LSAPR_HANDLE PolicyHandle
,
1687 PRPC_SID AccountSid
,
1688 PLSAPR_USER_RIGHT_SET UserRights
)
1691 return STATUS_NOT_IMPLEMENTED
;
1696 NTSTATUS WINAPI
LsarRemoveAccountRights(
1697 LSAPR_HANDLE PolicyHandle
,
1698 PRPC_SID AccountSid
,
1700 PLSAPR_USER_RIGHT_SET UserRights
)
1703 return STATUS_NOT_IMPLEMENTED
;
1708 NTSTATUS WINAPI
LsarQueryTrustedDomainInfo(
1709 LSAPR_HANDLE PolicyHandle
,
1710 PRPC_SID TrustedDomainSid
,
1711 TRUSTED_INFORMATION_CLASS InformationClass
,
1712 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1715 return STATUS_NOT_IMPLEMENTED
;
1720 NTSTATUS WINAPI
LsarSetTrustedDomainInfo(
1721 LSAPR_HANDLE PolicyHandle
,
1722 PRPC_SID TrustedDomainSid
,
1723 TRUSTED_INFORMATION_CLASS InformationClass
,
1724 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1727 return STATUS_NOT_IMPLEMENTED
;
1732 NTSTATUS WINAPI
LsarDeleteTrustedDomain(
1733 LSAPR_HANDLE PolicyHandle
,
1734 PRPC_SID TrustedDomainSid
)
1737 return STATUS_NOT_IMPLEMENTED
;
1742 NTSTATUS WINAPI
LsarStorePrivateData(
1743 LSAPR_HANDLE PolicyHandle
,
1744 PRPC_UNICODE_STRING KeyName
,
1745 PLSAPR_CR_CIPHER_VALUE EncryptedData
)
1748 return STATUS_NOT_IMPLEMENTED
;
1753 NTSTATUS WINAPI
LsarRetrievePrivateData(
1754 LSAPR_HANDLE PolicyHandle
,
1755 PRPC_UNICODE_STRING KeyName
,
1756 PLSAPR_CR_CIPHER_VALUE
*EncryptedData
)
1759 return STATUS_NOT_IMPLEMENTED
;
1764 NTSTATUS WINAPI
LsarOpenPolicy2(
1766 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
1767 ACCESS_MASK DesiredAccess
,
1768 LSAPR_HANDLE
*PolicyHandle
)
1771 return STATUS_NOT_IMPLEMENTED
;
1776 NTSTATUS WINAPI
LsarGetUserName(
1778 PRPC_UNICODE_STRING
*UserName
,
1779 PRPC_UNICODE_STRING
*DomainName
)
1782 return STATUS_NOT_IMPLEMENTED
;
1787 NTSTATUS WINAPI
LsarQueryInformationPolicy2(
1788 LSAPR_HANDLE PolicyHandle
,
1789 POLICY_INFORMATION_CLASS InformationClass
,
1790 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
1792 return LsarQueryInformationPolicy(PolicyHandle
,
1799 NTSTATUS WINAPI
LsarSetInformationPolicy2(
1800 LSAPR_HANDLE PolicyHandle
,
1801 POLICY_INFORMATION_CLASS InformationClass
,
1802 PLSAPR_POLICY_INFORMATION PolicyInformation
)
1804 return LsarSetInformationPolicy(PolicyHandle
,
1811 NTSTATUS WINAPI
LsarQueryTrustedDomainInfoByName(
1812 LSAPR_HANDLE PolicyHandle
,
1813 PRPC_UNICODE_STRING TrustedDomainName
,
1814 POLICY_INFORMATION_CLASS InformationClass
,
1815 unsigned long *PolicyInformation
)
1818 return STATUS_NOT_IMPLEMENTED
;
1823 NTSTATUS WINAPI
LsarSetTrustedDomainInfoByName(
1824 LSAPR_HANDLE PolicyHandle
,
1825 PRPC_UNICODE_STRING TrustedDomainName
,
1826 POLICY_INFORMATION_CLASS InformationClass
,
1827 unsigned long PolicyInformation
)
1830 return STATUS_NOT_IMPLEMENTED
;
1835 NTSTATUS WINAPI
LsarEnumerateTrustedDomainsEx(
1836 LSAPR_HANDLE PolicyHandle
,
1837 DWORD
*EnumerationContext
,
1838 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer
,
1839 DWORD PreferedMaximumLength
)
1842 return STATUS_NOT_IMPLEMENTED
;
1847 NTSTATUS WINAPI
LsarCreateTrustedDomainEx(
1848 LSAPR_HANDLE PolicyHandle
,
1849 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1850 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation
,
1851 ACCESS_MASK DesiredAccess
,
1852 LSAPR_HANDLE
*TrustedDomainHandle
)
1855 return STATUS_NOT_IMPLEMENTED
;
1860 NTSTATUS WINAPI
LsarSetPolicyReplicationHandle(
1861 PLSAPR_HANDLE PolicyHandle
)
1864 return STATUS_NOT_IMPLEMENTED
;
1869 NTSTATUS WINAPI
LsarQueryDomainInformationPolicy(
1870 LSAPR_HANDLE PolicyHandle
,
1871 POLICY_INFORMATION_CLASS InformationClass
,
1872 unsigned long *PolicyInformation
)
1875 return STATUS_NOT_IMPLEMENTED
;
1880 NTSTATUS WINAPI
LsarSetDomainInformationPolicy(
1881 LSAPR_HANDLE PolicyHandle
,
1882 POLICY_INFORMATION_CLASS InformationClass
,
1883 unsigned long PolicyInformation
)
1886 return STATUS_NOT_IMPLEMENTED
;
1891 NTSTATUS WINAPI
LsarOpenTrustedDomainByName(
1892 LSAPR_HANDLE PolicyHandle
,
1893 PRPC_UNICODE_STRING TrustedDomainName
,
1894 ACCESS_MASK DesiredAccess
,
1895 LSAPR_HANDLE
*TrustedDomainHandle
)
1898 return STATUS_NOT_IMPLEMENTED
;
1903 NTSTATUS WINAPI
LsarTestCall(
1907 return STATUS_NOT_IMPLEMENTED
;
1912 NTSTATUS WINAPI
LsarLookupSids2(
1913 LSAPR_HANDLE PolicyHandle
,
1914 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
1915 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1916 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
1917 LSAP_LOOKUP_LEVEL LookupLevel
,
1919 DWORD LookupOptions
,
1920 DWORD ClientRevision
)
1923 return STATUS_NOT_IMPLEMENTED
;
1928 NTSTATUS WINAPI
LsarLookupNames2(
1929 LSAPR_HANDLE PolicyHandle
,
1931 PRPC_UNICODE_STRING Names
,
1932 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1933 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids
,
1934 LSAP_LOOKUP_LEVEL LookupLevel
,
1936 DWORD LookupOptions
,
1937 DWORD ClientRevision
)
1940 return STATUS_NOT_IMPLEMENTED
;
1945 NTSTATUS WINAPI
LsarCreateTrustedDomainEx2(
1946 LSAPR_HANDLE PolicyHandle
,
1947 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1948 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation
,
1949 ACCESS_MASK DesiredAccess
,
1950 LSAPR_HANDLE
*TrustedDomainHandle
)
1953 return STATUS_NOT_IMPLEMENTED
;
1958 NTSTATUS WINAPI
CredrWrite(
1962 return STATUS_NOT_IMPLEMENTED
;
1967 NTSTATUS WINAPI
CredrRead(
1971 return STATUS_NOT_IMPLEMENTED
;
1976 NTSTATUS WINAPI
CredrEnumerate(
1980 return STATUS_NOT_IMPLEMENTED
;
1985 NTSTATUS WINAPI
CredrWriteDomainCredentials(
1989 return STATUS_NOT_IMPLEMENTED
;
1994 NTSTATUS WINAPI
CredrReadDomainCredentials(
1998 return STATUS_NOT_IMPLEMENTED
;
2003 NTSTATUS WINAPI
CredrDelete(
2007 return STATUS_NOT_IMPLEMENTED
;
2012 NTSTATUS WINAPI
CredrGetTargetInfo(
2016 return STATUS_NOT_IMPLEMENTED
;
2021 NTSTATUS WINAPI
CredrProfileLoaded(
2025 return STATUS_NOT_IMPLEMENTED
;
2030 NTSTATUS WINAPI
LsarLookupNames3(
2031 LSAPR_HANDLE PolicyHandle
,
2033 PRPC_UNICODE_STRING Names
,
2034 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2035 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2036 LSAP_LOOKUP_LEVEL LookupLevel
,
2038 DWORD LookupOptions
,
2039 DWORD ClientRevision
)
2041 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
2042 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
2043 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
= NULL
;
2044 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
= NULL
;
2045 ULONG SidsBufferLength
;
2046 ULONG DomainSidLength
;
2047 ULONG AccountSidLength
;
2053 TRACE("LsarLookupNames3(%p, %lu, %p, %p, %p, %d, %p, %lu, %lu)\n",
2054 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2055 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2058 return STATUS_NONE_MAPPED
;
2060 TranslatedSids
->Entries
= Count
;
2061 TranslatedSids
->Sids
= NULL
;
2062 *ReferencedDomains
= NULL
;
2064 SidsBufferLength
= Count
* sizeof(LSAPR_TRANSLATED_SID_EX2
);
2065 SidsBuffer
= MIDL_user_allocate(SidsBufferLength
);
2066 if (SidsBuffer
== NULL
)
2067 return STATUS_INSUFFICIENT_RESOURCES
;
2069 for (i
= 0; i
< Count
; i
++)
2071 SidsBuffer
[i
].Use
= SidTypeUser
;
2072 SidsBuffer
[i
].Sid
= NULL
;
2073 SidsBuffer
[i
].DomainIndex
= -1;
2074 SidsBuffer
[i
].Flags
= 0;
2077 DomainsBuffer
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
2078 if (DomainsBuffer
== NULL
)
2080 MIDL_user_free(SidsBuffer
);
2081 return STATUS_INSUFFICIENT_RESOURCES
;
2084 DomainsBuffer
->Entries
= Count
;
2085 DomainsBuffer
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
2086 if (DomainsBuffer
->Domains
== NULL
)
2088 MIDL_user_free(DomainsBuffer
);
2089 MIDL_user_free(SidsBuffer
);
2090 return STATUS_INSUFFICIENT_RESOURCES
;
2093 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2095 SECURITY_BUILTIN_DOMAIN_RID
,
2096 DOMAIN_ALIAS_RID_ADMINS
,
2099 if (!NT_SUCCESS(Status
))
2101 MIDL_user_free(DomainsBuffer
->Domains
);
2102 MIDL_user_free(DomainsBuffer
);
2103 MIDL_user_free(SidsBuffer
);
2107 DomainSidLength
= RtlLengthSid(DomainSid
);
2109 for (i
= 0; i
< Count
; i
++)
2111 DomainsBuffer
->Domains
[i
].Sid
= MIDL_user_allocate(DomainSidLength
);
2112 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Sid
,
2116 DomainsBuffer
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
2117 DomainsBuffer
->Domains
[i
].Name
.Length
= DomainName
.Length
;
2118 DomainsBuffer
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
2119 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Name
.Buffer
,
2121 DomainName
.MaximumLength
);
2124 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2126 SECURITY_BUILTIN_DOMAIN_RID
,
2127 DOMAIN_ALIAS_RID_ADMINS
,
2128 DOMAIN_USER_RID_ADMIN
,
2131 if (!NT_SUCCESS(Status
))
2133 MIDL_user_free(DomainsBuffer
->Domains
);
2134 MIDL_user_free(DomainsBuffer
);
2135 MIDL_user_free(SidsBuffer
);
2139 AccountSidLength
= RtlLengthSid(AccountSid
);
2141 for (i
= 0; i
< Count
; i
++)
2143 SidsBuffer
[i
].Use
= SidTypeWellKnownGroup
;
2144 SidsBuffer
[i
].Sid
= MIDL_user_allocate(AccountSidLength
);
2146 RtlCopyMemory(SidsBuffer
[i
].Sid
,
2150 SidsBuffer
[i
].DomainIndex
= i
;
2151 SidsBuffer
[i
].Flags
= 0;
2154 *ReferencedDomains
= DomainsBuffer
;
2155 *MappedCount
= Count
;
2157 TranslatedSids
->Entries
= Count
;
2158 TranslatedSids
->Sids
= SidsBuffer
;
2160 return STATUS_SUCCESS
;
2165 NTSTATUS WINAPI
CredrGetSessionTypes(
2169 return STATUS_NOT_IMPLEMENTED
;
2174 NTSTATUS WINAPI
LsarRegisterAuditEvent(
2178 return STATUS_NOT_IMPLEMENTED
;
2183 NTSTATUS WINAPI
LsarGenAuditEvent(
2187 return STATUS_NOT_IMPLEMENTED
;
2192 NTSTATUS WINAPI
LsarUnregisterAuditEvent(
2196 return STATUS_NOT_IMPLEMENTED
;
2201 NTSTATUS WINAPI
LsarQueryForestTrustInformation(
2202 LSAPR_HANDLE PolicyHandle
,
2203 PLSA_UNICODE_STRING TrustedDomainName
,
2204 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2205 PLSA_FOREST_TRUST_INFORMATION
*ForestTrustInfo
)
2208 return STATUS_NOT_IMPLEMENTED
;
2213 NTSTATUS WINAPI
LsarSetForestTrustInformation(
2214 LSAPR_HANDLE PolicyHandle
,
2215 PLSA_UNICODE_STRING TrustedDomainName
,
2216 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2217 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo
,
2219 PLSA_FOREST_TRUST_COLLISION_INFORMATION
*CollisionInfo
)
2222 return STATUS_NOT_IMPLEMENTED
;
2227 NTSTATUS WINAPI
CredrRename(
2231 return STATUS_NOT_IMPLEMENTED
;
2236 NTSTATUS WINAPI
LsarLookupSids3(
2237 LSAPR_HANDLE PolicyHandle
,
2238 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2239 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2240 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2241 LSAP_LOOKUP_LEVEL LookupLevel
,
2243 DWORD LookupOptions
,
2244 DWORD ClientRevision
)
2247 return STATUS_NOT_IMPLEMENTED
;
2252 NTSTATUS WINAPI
LsarLookupNames4(
2255 PRPC_UNICODE_STRING Names
,
2256 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2257 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2258 LSAP_LOOKUP_LEVEL LookupLevel
,
2260 DWORD LookupOptions
,
2261 DWORD ClientRevision
)
2264 return STATUS_NOT_IMPLEMENTED
;
2269 NTSTATUS WINAPI
LsarOpenPolicySce(
2273 return STATUS_NOT_IMPLEMENTED
;
2278 NTSTATUS WINAPI
LsarAdtRegisterSecurityEventSource(
2282 return STATUS_NOT_IMPLEMENTED
;
2287 NTSTATUS WINAPI
LsarAdtUnregisterSecurityEventSource(
2291 return STATUS_NOT_IMPLEMENTED
;
2296 NTSTATUS WINAPI
LsarAdtReportSecurityEvent(
2300 return STATUS_NOT_IMPLEMENTED
;
2305 NTSTATUS WINAPI
CredrFindBestCredential(
2309 return STATUS_NOT_IMPLEMENTED
;
2314 NTSTATUS WINAPI
LsarSetAuditPolicy(
2318 return STATUS_NOT_IMPLEMENTED
;
2323 NTSTATUS WINAPI
LsarQueryAuditPolicy(
2327 return STATUS_NOT_IMPLEMENTED
;
2332 NTSTATUS WINAPI
LsarEnumerateAuditPolicy(
2336 return STATUS_NOT_IMPLEMENTED
;
2341 NTSTATUS WINAPI
LsarEnumerateAuditCategories(
2345 return STATUS_NOT_IMPLEMENTED
;
2350 NTSTATUS WINAPI
LsarEnumerateAuditSubCategories(
2354 return STATUS_NOT_IMPLEMENTED
;
2359 NTSTATUS WINAPI
LsarLookupAuditCategoryName(
2363 return STATUS_NOT_IMPLEMENTED
;
2368 NTSTATUS WINAPI
LsarLookupAuditSubCategoryName(
2372 return STATUS_NOT_IMPLEMENTED
;
2377 NTSTATUS WINAPI
LsarSetAuditSecurity(
2381 return STATUS_NOT_IMPLEMENTED
;
2386 NTSTATUS WINAPI
LsarQueryAuditSecurity(
2390 return STATUS_NOT_IMPLEMENTED
;
2395 NTSTATUS WINAPI
CredReadByTokenHandle(
2399 return STATUS_NOT_IMPLEMENTED
;
2404 NTSTATUS WINAPI
CredrRestoreCredentials(
2408 return STATUS_NOT_IMPLEMENTED
;
2413 NTSTATUS WINAPI
CredrBackupCredentials(
2417 return STATUS_NOT_IMPLEMENTED
;