8cf1c5c7f70f87833ae3d2038a832ace8bb340e1
[reactos.git] / reactos / dll / win32 / lsasrv / lsarpc.c
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
6 *
7 * PROGRAMMERS: Eric Kohl
8 */
9
10 /* INCLUDES ****************************************************************/
11
12 #include "lsasrv.h"
13
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
15
16
17 /* GLOBALS *****************************************************************/
18
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock;
20
21
22 /* FUNCTIONS ***************************************************************/
23
24 VOID
25 LsarStartRpcServer(VOID)
26 {
27 RPC_STATUS Status;
28
29 RtlInitializeCriticalSection(&PolicyHandleTableLock);
30
31 TRACE("LsarStartRpcServer() called\n");
32
33 Status = RpcServerUseProtseqEpW(L"ncacn_np",
34 10,
35 L"\\pipe\\lsarpc",
36 NULL);
37 if (Status != RPC_S_OK)
38 {
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status);
40 return;
41 }
42
43 Status = RpcServerRegisterIf(lsarpc_v0_0_s_ifspec,
44 NULL,
45 NULL);
46 if (Status != RPC_S_OK)
47 {
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status);
49 return;
50 }
51
52 Status = RpcServerListen(1, 20, TRUE);
53 if (Status != RPC_S_OK)
54 {
55 WARN("RpcServerListen() failed (Status %lx)\n", Status);
56 return;
57 }
58
59 TRACE("LsarStartRpcServer() done\n");
60 }
61
62
63 void __RPC_USER LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle)
64 {
65
66 }
67
68
69 /* Function 0 */
70 NTSTATUS WINAPI LsarClose(
71 LSAPR_HANDLE *ObjectHandle)
72 {
73 PLSA_DB_OBJECT DbObject;
74 NTSTATUS Status = STATUS_SUCCESS;
75
76 TRACE("0x%p\n", ObjectHandle);
77
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
79
80 Status = LsapValidateDbObject(*ObjectHandle,
81 LsaDbIgnoreObject,
82 0,
83 &DbObject);
84 if (Status == STATUS_SUCCESS)
85 {
86 Status = LsapCloseDbObject(DbObject);
87 *ObjectHandle = NULL;
88 }
89
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
91
92 return Status;
93 }
94
95
96 /* Function 1 */
97 NTSTATUS WINAPI LsarDelete(
98 LSAPR_HANDLE ObjectHandle)
99 {
100 /* Deprecated */
101 return STATUS_NOT_SUPPORTED;
102 }
103
104
105 /* Function 2 */
106 NTSTATUS WINAPI LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle,
108 DWORD *EnumerationContext,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer,
110 DWORD PreferedMaximumLength)
111 {
112 PLSA_DB_OBJECT PolicyObject;
113 NTSTATUS Status;
114
115 TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
116 PolicyHandle, EnumerationContext, EnumerationBuffer,
117 PreferedMaximumLength);
118
119 Status = LsapValidateDbObject(PolicyHandle,
120 LsaDbPolicyObject,
121 POLICY_VIEW_LOCAL_INFORMATION,
122 &PolicyObject);
123 if (!NT_SUCCESS(Status))
124 return Status;
125
126 if (EnumerationContext == NULL)
127 return STATUS_INVALID_PARAMETER;
128
129 return LsarpEnumeratePrivileges(EnumerationContext,
130 EnumerationBuffer,
131 PreferedMaximumLength);
132 }
133
134
135 /* Function 3 */
136 NTSTATUS WINAPI LsarQuerySecurityObject(
137 LSAPR_HANDLE ObjectHandle,
138 SECURITY_INFORMATION SecurityInformation,
139 PLSAPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor)
140 {
141 PLSA_DB_OBJECT DbObject = NULL;
142 PSECURITY_DESCRIPTOR RelativeSd = NULL;
143 PLSAPR_SR_SECURITY_DESCRIPTOR SdData = NULL;
144 ACCESS_MASK DesiredAccess = 0;
145 ULONG RelativeSdSize = 0;
146 NTSTATUS Status;
147
148 if (SecurityDescriptor == NULL)
149 return STATUS_INVALID_PARAMETER;
150
151 if ((SecurityInformation & OWNER_SECURITY_INFORMATION) ||
152 (SecurityInformation & GROUP_SECURITY_INFORMATION) ||
153 (SecurityInformation & DACL_SECURITY_INFORMATION))
154 DesiredAccess |= READ_CONTROL;
155
156 if (SecurityInformation & SACL_SECURITY_INFORMATION)
157 DesiredAccess |= ACCESS_SYSTEM_SECURITY;
158
159 /* Validate the ObjectHandle */
160 Status = LsapValidateDbObject(ObjectHandle,
161 LsaDbIgnoreObject,
162 DesiredAccess,
163 &DbObject);
164 if (!NT_SUCCESS(Status))
165 return Status;
166
167 /* Get the size of the SD */
168 Status = LsapGetObjectAttribute(DbObject,
169 L"SecDesc",
170 NULL,
171 &RelativeSdSize);
172 if (!NT_SUCCESS(Status))
173 return Status;
174
175 /* Allocate a buffer for the SD */
176 RelativeSd = MIDL_user_allocate(RelativeSdSize);
177 if (RelativeSd == NULL)
178 return STATUS_INSUFFICIENT_RESOURCES;
179
180 /* Get the SD */
181 Status = LsapGetObjectAttribute(DbObject,
182 L"SecDesc",
183 RelativeSd,
184 &RelativeSdSize);
185 if (!NT_SUCCESS(Status))
186 goto done;
187
188 /*
189 * FIXME: Invalidate the SD information that was not requested.
190 * (see SecurityInformation)
191 */
192
193 /* Allocate the SD data buffer */
194 SdData = MIDL_user_allocate(sizeof(LSAPR_SR_SECURITY_DESCRIPTOR));
195 if (SdData == NULL)
196 {
197 Status = STATUS_INSUFFICIENT_RESOURCES;
198 goto done;
199 }
200
201 /* Fill the SD data buffer and return it to the caller */
202 SdData->Length = RelativeSdSize;
203 SdData->SecurityDescriptor = (PBYTE)RelativeSd;
204
205 *SecurityDescriptor = SdData;
206
207 done:
208 if (!NT_SUCCESS(Status))
209 {
210 if (RelativeSd != NULL)
211 MIDL_user_free(RelativeSd);
212 }
213
214 return Status;
215 }
216
217
218 /* Function 4 */
219 NTSTATUS WINAPI LsarSetSecurityObject(
220 LSAPR_HANDLE ObjectHandle,
221 SECURITY_INFORMATION SecurityInformation,
222 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor)
223 {
224 UNIMPLEMENTED;
225 return STATUS_NOT_IMPLEMENTED;
226 }
227
228
229 /* Function 5 */
230 NTSTATUS WINAPI LsarChangePassword(
231 handle_t IDL_handle,
232 PRPC_UNICODE_STRING String1,
233 PRPC_UNICODE_STRING String2,
234 PRPC_UNICODE_STRING String3,
235 PRPC_UNICODE_STRING String4,
236 PRPC_UNICODE_STRING String5)
237 {
238 /* Deprecated */
239 return STATUS_NOT_IMPLEMENTED;
240 }
241
242
243 /* Function 6 */
244 NTSTATUS WINAPI LsarOpenPolicy(
245 LPWSTR SystemName,
246 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
247 ACCESS_MASK DesiredAccess,
248 LSAPR_HANDLE *PolicyHandle)
249 {
250 PLSA_DB_OBJECT PolicyObject;
251 NTSTATUS Status;
252
253 TRACE("LsarOpenPolicy called!\n");
254
255 RtlEnterCriticalSection(&PolicyHandleTableLock);
256
257 Status = LsapOpenDbObject(NULL,
258 NULL,
259 L"Policy",
260 LsaDbPolicyObject,
261 DesiredAccess,
262 &PolicyObject);
263
264 RtlLeaveCriticalSection(&PolicyHandleTableLock);
265
266 if (NT_SUCCESS(Status))
267 *PolicyHandle = (LSAPR_HANDLE)PolicyObject;
268
269 TRACE("LsarOpenPolicy done!\n");
270
271 return Status;
272 }
273
274
275 /* Function 7 */
276 NTSTATUS WINAPI LsarQueryInformationPolicy(
277 LSAPR_HANDLE PolicyHandle,
278 POLICY_INFORMATION_CLASS InformationClass,
279 PLSAPR_POLICY_INFORMATION *PolicyInformation)
280 {
281 PLSA_DB_OBJECT DbObject;
282 ACCESS_MASK DesiredAccess = 0;
283 NTSTATUS Status;
284
285 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
286 PolicyHandle, InformationClass, PolicyInformation);
287
288 if (PolicyInformation)
289 {
290 TRACE("*PolicyInformation %p\n", *PolicyInformation);
291 }
292
293 switch (InformationClass)
294 {
295 case PolicyAuditLogInformation:
296 case PolicyAuditEventsInformation:
297 case PolicyAuditFullQueryInformation:
298 DesiredAccess = POLICY_VIEW_AUDIT_INFORMATION;
299 break;
300
301 case PolicyPrimaryDomainInformation:
302 case PolicyAccountDomainInformation:
303 case PolicyLsaServerRoleInformation:
304 case PolicyReplicaSourceInformation:
305 case PolicyDefaultQuotaInformation:
306 case PolicyModificationInformation:
307 case PolicyDnsDomainInformation:
308 case PolicyDnsDomainInformationInt:
309 case PolicyLocalAccountDomainInformation:
310 DesiredAccess = POLICY_VIEW_LOCAL_INFORMATION;
311 break;
312
313 case PolicyPdAccountInformation:
314 DesiredAccess = POLICY_GET_PRIVATE_INFORMATION;
315 break;
316
317 default:
318 ERR("Invalid InformationClass!\n");
319 return STATUS_INVALID_PARAMETER;
320 }
321
322 Status = LsapValidateDbObject(PolicyHandle,
323 LsaDbPolicyObject,
324 DesiredAccess,
325 &DbObject);
326 if (!NT_SUCCESS(Status))
327 return Status;
328
329 switch (InformationClass)
330 {
331 case PolicyAuditLogInformation: /* 1 */
332 Status = LsarQueryAuditLog(PolicyHandle,
333 PolicyInformation);
334 break;
335
336 case PolicyAuditEventsInformation: /* 2 */
337 Status = LsarQueryAuditEvents(PolicyHandle,
338 PolicyInformation);
339 break;
340
341 case PolicyPrimaryDomainInformation: /* 3 */
342 Status = LsarQueryPrimaryDomain(PolicyHandle,
343 PolicyInformation);
344 break;
345
346 case PolicyPdAccountInformation: /* 4 */
347 Status = LsarQueryPdAccount(PolicyHandle,
348 PolicyInformation);
349 break;
350
351 case PolicyAccountDomainInformation: /* 5 */
352 Status = LsarQueryAccountDomain(PolicyHandle,
353 PolicyInformation);
354 break;
355
356 case PolicyLsaServerRoleInformation: /* 6 */
357 Status = LsarQueryServerRole(PolicyHandle,
358 PolicyInformation);
359 break;
360
361 case PolicyReplicaSourceInformation: /* 7 */
362 Status = LsarQueryReplicaSource(PolicyHandle,
363 PolicyInformation);
364 break;
365
366 case PolicyDefaultQuotaInformation: /* 8 */
367 Status = LsarQueryDefaultQuota(PolicyHandle,
368 PolicyInformation);
369 break;
370
371 case PolicyModificationInformation: /* 9 */
372 Status = LsarQueryModification(PolicyHandle,
373 PolicyInformation);
374 break;
375
376 case PolicyAuditFullQueryInformation: /* 11 (0xB) */
377 Status = LsarQueryAuditFull(PolicyHandle,
378 PolicyInformation);
379 break;
380
381 case PolicyDnsDomainInformation: /* 12 (0xC) */
382 Status = LsarQueryDnsDomain(PolicyHandle,
383 PolicyInformation);
384 break;
385
386 case PolicyDnsDomainInformationInt: /* 13 (0xD) */
387 Status = LsarQueryDnsDomainInt(PolicyHandle,
388 PolicyInformation);
389 break;
390
391 case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
392 Status = LsarQueryLocalAccountDomain(PolicyHandle,
393 PolicyInformation);
394 break;
395
396 default:
397 ERR("Invalid InformationClass!\n");
398 Status = STATUS_INVALID_PARAMETER;
399 }
400
401 return Status;
402 }
403
404
405 /* Function 8 */
406 NTSTATUS WINAPI LsarSetInformationPolicy(
407 LSAPR_HANDLE PolicyHandle,
408 POLICY_INFORMATION_CLASS InformationClass,
409 PLSAPR_POLICY_INFORMATION PolicyInformation)
410 {
411 PLSA_DB_OBJECT DbObject;
412 ACCESS_MASK DesiredAccess = 0;
413 NTSTATUS Status;
414
415 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
416 PolicyHandle, InformationClass, PolicyInformation);
417
418 if (PolicyInformation)
419 {
420 TRACE("*PolicyInformation %p\n", *PolicyInformation);
421 }
422
423 switch (InformationClass)
424 {
425 case PolicyAuditLogInformation:
426 case PolicyAuditFullSetInformation:
427 DesiredAccess = POLICY_AUDIT_LOG_ADMIN;
428 break;
429
430 case PolicyAuditEventsInformation:
431 DesiredAccess = POLICY_SET_AUDIT_REQUIREMENTS;
432 break;
433
434 case PolicyPrimaryDomainInformation:
435 case PolicyAccountDomainInformation:
436 case PolicyDnsDomainInformation:
437 case PolicyDnsDomainInformationInt:
438 case PolicyLocalAccountDomainInformation:
439 DesiredAccess = POLICY_TRUST_ADMIN;
440 break;
441
442 case PolicyLsaServerRoleInformation:
443 case PolicyReplicaSourceInformation:
444 DesiredAccess = POLICY_SERVER_ADMIN;
445 break;
446
447 case PolicyDefaultQuotaInformation:
448 DesiredAccess = POLICY_SET_DEFAULT_QUOTA_LIMITS;
449 break;
450
451 default:
452 ERR("Invalid InformationClass!\n");
453 return STATUS_INVALID_PARAMETER;
454 }
455
456 Status = LsapValidateDbObject(PolicyHandle,
457 LsaDbPolicyObject,
458 DesiredAccess,
459 &DbObject);
460 if (!NT_SUCCESS(Status))
461 return Status;
462
463 switch (InformationClass)
464 {
465 case PolicyAuditEventsInformation:
466 Status = STATUS_NOT_IMPLEMENTED;
467 break;
468
469 case PolicyPrimaryDomainInformation:
470 Status = LsarSetPrimaryDomain(PolicyHandle,
471 (PLSAPR_POLICY_PRIMARY_DOM_INFO)PolicyInformation);
472 break;
473
474 case PolicyAccountDomainInformation:
475 Status = LsarSetAccountDomain(PolicyHandle,
476 (PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
477 break;
478
479 case PolicyDnsDomainInformation:
480 Status = LsarSetDnsDomain(PolicyHandle,
481 (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
482 break;
483
484 case PolicyLsaServerRoleInformation:
485 Status = STATUS_NOT_IMPLEMENTED;
486 break;
487
488 default:
489 Status = STATUS_INVALID_PARAMETER;
490 break;
491 }
492
493 return Status;
494 }
495
496
497 /* Function 9 */
498 NTSTATUS WINAPI LsarClearAuditLog(
499 LSAPR_HANDLE ObjectHandle)
500 {
501 /* Deprecated */
502 return STATUS_NOT_IMPLEMENTED;
503 }
504
505
506 /* Function 10 */
507 NTSTATUS WINAPI LsarCreateAccount(
508 LSAPR_HANDLE PolicyHandle,
509 PRPC_SID AccountSid,
510 ACCESS_MASK DesiredAccess,
511 LSAPR_HANDLE *AccountHandle)
512 {
513 PLSA_DB_OBJECT PolicyObject;
514 PLSA_DB_OBJECT AccountObject = NULL;
515 LPWSTR SidString = NULL;
516 PSECURITY_DESCRIPTOR AccountSd = NULL;
517 ULONG AccountSdSize;
518 NTSTATUS Status = STATUS_SUCCESS;
519
520 /* Validate the AccountSid */
521 if (!RtlValidSid(AccountSid))
522 return STATUS_INVALID_PARAMETER;
523
524 /* Validate the PolicyHandle */
525 Status = LsapValidateDbObject(PolicyHandle,
526 LsaDbPolicyObject,
527 POLICY_CREATE_ACCOUNT,
528 &PolicyObject);
529 if (!NT_SUCCESS(Status))
530 {
531 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
532 return Status;
533 }
534
535 /* Create SID string */
536 if (!ConvertSidToStringSid((PSID)AccountSid,
537 &SidString))
538 {
539 ERR("ConvertSidToStringSid failed\n");
540 Status = STATUS_INVALID_PARAMETER;
541 goto done;
542 }
543
544 /* Create a security descriptor for the account */
545 Status = LsapCreateAccountSd(&AccountSd,
546 &AccountSdSize);
547 if (!NT_SUCCESS(Status))
548 {
549 ERR("LsapCreateAccountSd returned 0x%08lx\n", Status);
550 return Status;
551 }
552
553 /* Create the Account object */
554 Status = LsapCreateDbObject(PolicyObject,
555 L"Accounts",
556 SidString,
557 LsaDbAccountObject,
558 DesiredAccess,
559 &AccountObject);
560 if (!NT_SUCCESS(Status))
561 {
562 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
563 goto done;
564 }
565
566 /* Set the Sid attribute */
567 Status = LsapSetObjectAttribute(AccountObject,
568 L"Sid",
569 (PVOID)AccountSid,
570 GetLengthSid(AccountSid));
571 if (!NT_SUCCESS(Status))
572 goto done;
573
574 /* Set the SecDesc attribute */
575 Status = LsapSetObjectAttribute(AccountObject,
576 L"SecDesc",
577 AccountSd,
578 AccountSdSize);
579
580 done:
581 if (SidString != NULL)
582 LocalFree(SidString);
583
584 if (AccountSd != NULL)
585 RtlFreeHeap(RtlGetProcessHeap(), 0, AccountSd);
586
587 if (!NT_SUCCESS(Status))
588 {
589 if (AccountObject != NULL)
590 LsapCloseDbObject(AccountObject);
591 }
592 else
593 {
594 *AccountHandle = (LSAPR_HANDLE)AccountObject;
595 }
596
597 return STATUS_SUCCESS;
598 }
599
600
601 /* Function 11 */
602 NTSTATUS WINAPI LsarEnumerateAccounts(
603 LSAPR_HANDLE PolicyHandle,
604 DWORD *EnumerationContext,
605 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer,
606 DWORD PreferedMaximumLength)
607 {
608 UNIMPLEMENTED;
609 return STATUS_NOT_IMPLEMENTED;
610 }
611
612
613 /* Function 12 */
614 NTSTATUS WINAPI LsarCreateTrustedDomain(
615 LSAPR_HANDLE PolicyHandle,
616 PLSAPR_TRUST_INFORMATION TrustedDomainInformation,
617 ACCESS_MASK DesiredAccess,
618 LSAPR_HANDLE *TrustedDomainHandle)
619 {
620 UNIMPLEMENTED;
621 return STATUS_NOT_IMPLEMENTED;
622 }
623
624
625 /* Function 13 */
626 NTSTATUS WINAPI LsarEnumerateTrustedDomains(
627 LSAPR_HANDLE PolicyHandle,
628 DWORD *EnumerationContext,
629 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
630 DWORD PreferedMaximumLength)
631 {
632 UNIMPLEMENTED;
633 return STATUS_NOT_IMPLEMENTED;
634 }
635
636
637 /* Function 14 */
638 NTSTATUS WINAPI LsarLookupNames(
639 LSAPR_HANDLE PolicyHandle,
640 DWORD Count,
641 PRPC_UNICODE_STRING Names,
642 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
643 PLSAPR_TRANSLATED_SIDS TranslatedSids,
644 LSAP_LOOKUP_LEVEL LookupLevel,
645 DWORD *MappedCount)
646 {
647 LSAPR_TRANSLATED_SIDS_EX2 TranslatedSidsEx2;
648 ULONG i;
649 NTSTATUS Status;
650
651 TRACE("(%p %lu %p %p %p %d %p)\n",
652 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
653 LookupLevel, MappedCount);
654
655 TranslatedSids->Entries = 0;
656 TranslatedSids->Sids = NULL;
657 *ReferencedDomains = NULL;
658
659 if (Count == 0)
660 return STATUS_NONE_MAPPED;
661
662 TranslatedSidsEx2.Entries = 0;
663 TranslatedSidsEx2.Sids = NULL;
664
665 Status = LsapLookupNames(Count,
666 Names,
667 ReferencedDomains,
668 &TranslatedSidsEx2,
669 LookupLevel,
670 MappedCount,
671 0,
672 0);
673 if (!NT_SUCCESS(Status))
674 return Status;
675
676 TranslatedSids->Entries = TranslatedSidsEx2.Entries;
677 TranslatedSids->Sids = MIDL_user_allocate(TranslatedSids->Entries * sizeof(LSA_TRANSLATED_SID));
678 if (TranslatedSids->Sids == NULL)
679 {
680 MIDL_user_free(TranslatedSidsEx2.Sids);
681 MIDL_user_free(*ReferencedDomains);
682 *ReferencedDomains = NULL;
683 return STATUS_INSUFFICIENT_RESOURCES;
684 }
685
686 for (i = 0; i < TranslatedSidsEx2.Entries; i++)
687 {
688 TranslatedSids->Sids[i].Use = TranslatedSidsEx2.Sids[i].Use;
689 TranslatedSids->Sids[i].RelativeId = LsapGetRelativeIdFromSid(TranslatedSidsEx2.Sids[i].Sid);
690 TranslatedSids->Sids[i].DomainIndex = TranslatedSidsEx2.Sids[i].DomainIndex;
691 }
692
693 MIDL_user_free(TranslatedSidsEx2.Sids);
694
695 return STATUS_SUCCESS;
696 }
697
698
699 /* Function 15 */
700 NTSTATUS WINAPI LsarLookupSids(
701 LSAPR_HANDLE PolicyHandle,
702 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
703 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
704 PLSAPR_TRANSLATED_NAMES TranslatedNames,
705 LSAP_LOOKUP_LEVEL LookupLevel,
706 DWORD *MappedCount)
707 {
708 LSAPR_TRANSLATED_NAMES_EX TranslatedNamesEx;
709 ULONG i;
710 NTSTATUS Status;
711
712 TRACE("(%p %p %p %p %d %p)\n",
713 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
714 LookupLevel, MappedCount);
715
716 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
717
718 TranslatedNames->Entries = SidEnumBuffer->Entries;
719 TranslatedNames->Names = NULL;
720 *ReferencedDomains = NULL;
721
722 TranslatedNamesEx.Entries = SidEnumBuffer->Entries;
723 TranslatedNamesEx.Names = NULL;
724
725 Status = LsapLookupSids(SidEnumBuffer,
726 ReferencedDomains,
727 &TranslatedNamesEx,
728 LookupLevel,
729 MappedCount,
730 0,
731 0);
732 if (!NT_SUCCESS(Status))
733 return Status;
734
735 TranslatedNames->Entries = SidEnumBuffer->Entries;
736 TranslatedNames->Names = MIDL_user_allocate(SidEnumBuffer->Entries * sizeof(LSAPR_TRANSLATED_NAME));
737 if (TranslatedNames->Names == NULL)
738 {
739 MIDL_user_free(TranslatedNamesEx.Names);
740 MIDL_user_free(*ReferencedDomains);
741 *ReferencedDomains = NULL;
742 return STATUS_INSUFFICIENT_RESOURCES;
743 }
744
745 for (i = 0; i < TranslatedNamesEx.Entries; i++)
746 {
747 TranslatedNames->Names[i].Use = TranslatedNamesEx.Names[i].Use;
748 TranslatedNames->Names[i].Name.Length = TranslatedNamesEx.Names[i].Name.Length;
749 TranslatedNames->Names[i].Name.MaximumLength = TranslatedNamesEx.Names[i].Name.MaximumLength;
750 TranslatedNames->Names[i].Name.Buffer = TranslatedNamesEx.Names[i].Name.Buffer;
751 TranslatedNames->Names[i].DomainIndex = TranslatedNamesEx.Names[i].DomainIndex;
752 }
753
754 MIDL_user_free(TranslatedNamesEx.Names);
755
756 return Status;
757 }
758
759
760 /* Function 16 */
761 NTSTATUS WINAPI LsarCreateSecret(
762 LSAPR_HANDLE PolicyHandle,
763 PRPC_UNICODE_STRING SecretName,
764 ACCESS_MASK DesiredAccess,
765 LSAPR_HANDLE *SecretHandle)
766 {
767 PLSA_DB_OBJECT PolicyObject;
768 PLSA_DB_OBJECT SecretObject = NULL;
769 LARGE_INTEGER Time;
770 PSECURITY_DESCRIPTOR SecretSd = NULL;
771 ULONG SecretSdSize;
772 NTSTATUS Status = STATUS_SUCCESS;
773
774 /* Validate the PolicyHandle */
775 Status = LsapValidateDbObject(PolicyHandle,
776 LsaDbPolicyObject,
777 POLICY_CREATE_SECRET,
778 &PolicyObject);
779 if (!NT_SUCCESS(Status))
780 {
781 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
782 return Status;
783 }
784
785 /* Get the current time */
786 Status = NtQuerySystemTime(&Time);
787 if (!NT_SUCCESS(Status))
788 {
789 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
790 goto done;
791 }
792
793 /* Create a security descriptor for the secret */
794 Status = LsapCreateSecretSd(&SecretSd,
795 &SecretSdSize);
796 if (!NT_SUCCESS(Status))
797 {
798 ERR("LsapCreateAccountSd returned 0x%08lx\n", Status);
799 return Status;
800 }
801
802 /* Create the Secret object */
803 Status = LsapCreateDbObject(PolicyObject,
804 L"Secrets",
805 SecretName->Buffer,
806 LsaDbSecretObject,
807 DesiredAccess,
808 &SecretObject);
809 if (!NT_SUCCESS(Status))
810 {
811 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
812 goto done;
813 }
814
815 /* Set the CurrentTime attribute */
816 Status = LsapSetObjectAttribute(SecretObject,
817 L"CurrentTime",
818 (PVOID)&Time,
819 sizeof(LARGE_INTEGER));
820 if (!NT_SUCCESS(Status))
821 {
822 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status);
823 goto done;
824 }
825
826 /* Set the OldTime attribute */
827 Status = LsapSetObjectAttribute(SecretObject,
828 L"OldTime",
829 (PVOID)&Time,
830 sizeof(LARGE_INTEGER));
831 if (!NT_SUCCESS(Status))
832 {
833 ERR("LsapSetObjectAttribute (OldTime) failed (Status 0x%08lx)\n", Status);
834 goto done;
835 }
836
837 /* Set the SecDesc attribute */
838 Status = LsapSetObjectAttribute(SecretObject,
839 L"SecDesc",
840 SecretSd,
841 SecretSdSize);
842
843 done:
844 if (SecretSd != NULL)
845 RtlFreeHeap(RtlGetProcessHeap(), 0, SecretSd);
846
847 if (!NT_SUCCESS(Status))
848 {
849 if (SecretObject != NULL)
850 LsapCloseDbObject(SecretObject);
851 }
852 else
853 {
854 *SecretHandle = (LSAPR_HANDLE)SecretObject;
855 }
856
857 return STATUS_SUCCESS;
858 }
859
860
861 /* Function 17 */
862 NTSTATUS WINAPI LsarOpenAccount(
863 LSAPR_HANDLE PolicyHandle,
864 PRPC_SID AccountSid,
865 ACCESS_MASK DesiredAccess,
866 LSAPR_HANDLE *AccountHandle)
867 {
868 PLSA_DB_OBJECT PolicyObject;
869 PLSA_DB_OBJECT AccountObject = NULL;
870 LPWSTR SidString = NULL;
871 NTSTATUS Status = STATUS_SUCCESS;
872
873 /* Validate the AccountSid */
874 if (!RtlValidSid(AccountSid))
875 return STATUS_INVALID_PARAMETER;
876
877 /* Validate the PolicyHandle */
878 Status = LsapValidateDbObject(PolicyHandle,
879 LsaDbPolicyObject,
880 0,
881 &PolicyObject);
882 if (!NT_SUCCESS(Status))
883 {
884 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
885 return Status;
886 }
887
888 /* Create SID string */
889 if (!ConvertSidToStringSid((PSID)AccountSid,
890 &SidString))
891 {
892 ERR("ConvertSidToStringSid failed\n");
893 Status = STATUS_INVALID_PARAMETER;
894 goto done;
895 }
896
897 /* Create the Account object */
898 Status = LsapOpenDbObject(PolicyObject,
899 L"Accounts",
900 SidString,
901 LsaDbAccountObject,
902 DesiredAccess,
903 &AccountObject);
904 if (!NT_SUCCESS(Status))
905 {
906 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
907 goto done;
908 }
909
910 /* Set the Sid attribute */
911 Status = LsapSetObjectAttribute(AccountObject,
912 L"Sid",
913 (PVOID)AccountSid,
914 GetLengthSid(AccountSid));
915
916 done:
917 if (SidString != NULL)
918 LocalFree(SidString);
919
920 if (!NT_SUCCESS(Status))
921 {
922 if (AccountObject != NULL)
923 LsapCloseDbObject(AccountObject);
924 }
925 else
926 {
927 *AccountHandle = (LSAPR_HANDLE)AccountObject;
928 }
929
930 return Status;
931 }
932
933
934 /* Function 18 */
935 NTSTATUS WINAPI LsarEnumeratePrivilegesAccount(
936 LSAPR_HANDLE AccountHandle,
937 PLSAPR_PRIVILEGE_SET *Privileges)
938 {
939 PLSA_DB_OBJECT AccountObject;
940 ULONG PrivilegeSetSize = 0;
941 PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
942 NTSTATUS Status;
943
944 *Privileges = NULL;
945
946 /* Validate the AccountHandle */
947 Status = LsapValidateDbObject(AccountHandle,
948 LsaDbAccountObject,
949 ACCOUNT_VIEW,
950 &AccountObject);
951 if (!NT_SUCCESS(Status))
952 {
953 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
954 return Status;
955 }
956
957 /* Get the size of the privilege set */
958 Status = LsapGetObjectAttribute(AccountObject,
959 L"Privilgs",
960 NULL,
961 &PrivilegeSetSize);
962 if (!NT_SUCCESS(Status))
963 return Status;
964
965 /* Allocate a buffer for the privilege set */
966 PrivilegeSet = MIDL_user_allocate(PrivilegeSetSize);
967 if (PrivilegeSet == NULL)
968 return STATUS_NO_MEMORY;
969
970 /* Get the privilege set */
971 Status = LsapGetObjectAttribute(AccountObject,
972 L"Privilgs",
973 PrivilegeSet,
974 &PrivilegeSetSize);
975 if (!NT_SUCCESS(Status))
976 {
977 MIDL_user_free(PrivilegeSet);
978 return Status;
979 }
980
981 /* Return a pointer to the privilege set */
982 *Privileges = PrivilegeSet;
983
984 return STATUS_SUCCESS;
985 }
986
987
988 /* Function 19 */
989 NTSTATUS WINAPI LsarAddPrivilegesToAccount(
990 LSAPR_HANDLE AccountHandle,
991 PLSAPR_PRIVILEGE_SET Privileges)
992 {
993 PLSA_DB_OBJECT AccountObject;
994 PPRIVILEGE_SET CurrentPrivileges = NULL;
995 PPRIVILEGE_SET NewPrivileges = NULL;
996 ULONG PrivilegeSetSize = 0;
997 ULONG PrivilegeCount;
998 ULONG i, j;
999 BOOL bFound;
1000 NTSTATUS Status;
1001
1002 /* Validate the AccountHandle */
1003 Status = LsapValidateDbObject(AccountHandle,
1004 LsaDbAccountObject,
1005 ACCOUNT_ADJUST_PRIVILEGES,
1006 &AccountObject);
1007 if (!NT_SUCCESS(Status))
1008 {
1009 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1010 return Status;
1011 }
1012
1013 Status = LsapGetObjectAttribute(AccountObject,
1014 L"Privilgs",
1015 NULL,
1016 &PrivilegeSetSize);
1017 if (!NT_SUCCESS(Status) || PrivilegeSetSize == 0)
1018 {
1019 /* The Privilgs attribute does not exist */
1020
1021 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1022 (Privileges->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1023 Status = LsapSetObjectAttribute(AccountObject,
1024 L"Privilgs",
1025 Privileges,
1026 PrivilegeSetSize);
1027 }
1028 else
1029 {
1030 /* The Privilgs attribute exists */
1031
1032 /* Allocate memory for the stored privilege set */
1033 CurrentPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1034 if (CurrentPrivileges == NULL)
1035 return STATUS_NO_MEMORY;
1036
1037 /* Get the current privilege set */
1038 Status = LsapGetObjectAttribute(AccountObject,
1039 L"Privilgs",
1040 CurrentPrivileges,
1041 &PrivilegeSetSize);
1042 if (!NT_SUCCESS(Status))
1043 {
1044 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
1045 goto done;
1046 }
1047
1048 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1049 TRACE("Current privilege count: %lu\n", PrivilegeCount);
1050
1051 /* Calculate the number privileges in the combined privilege set */
1052 for (i = 0; i < Privileges->PrivilegeCount; i++)
1053 {
1054 bFound = FALSE;
1055 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1056 {
1057 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1058 &(CurrentPrivileges->Privilege[i].Luid)))
1059 {
1060 bFound = TRUE;
1061 break;
1062 }
1063 }
1064
1065 if (bFound == FALSE)
1066 {
1067 TRACE("Found new privilege\n");
1068 PrivilegeCount++;
1069 }
1070 }
1071 TRACE("New privilege count: %lu\n", PrivilegeCount);
1072
1073 /* Calculate the size of the new privilege set and allocate it */
1074 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1075 (PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1076 NewPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1077 if (NewPrivileges == NULL)
1078 {
1079 Status = STATUS_NO_MEMORY;
1080 goto done;
1081 }
1082
1083 /* Initialize the new privilege set */
1084 NewPrivileges->PrivilegeCount = PrivilegeCount;
1085 NewPrivileges->Control = 0;
1086
1087 /* Copy all privileges from the current privilege set */
1088 RtlCopyLuidAndAttributesArray(CurrentPrivileges->PrivilegeCount,
1089 &(CurrentPrivileges->Privilege[0]),
1090 &(NewPrivileges->Privilege[0]));
1091
1092 /* Add new privileges to the new privilege set */
1093 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1094 for (i = 0; i < Privileges->PrivilegeCount; i++)
1095 {
1096 bFound = FALSE;
1097 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1098 {
1099 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1100 &(CurrentPrivileges->Privilege[i].Luid)))
1101 {
1102 /* Overwrite attributes if a matching privilege was found */
1103 NewPrivileges->Privilege[j].Attributes = Privileges->Privilege[i].Attributes;
1104
1105 bFound = TRUE;
1106 break;
1107 }
1108 }
1109
1110 if (bFound == FALSE)
1111 {
1112 /* Copy the new privilege */
1113 RtlCopyLuidAndAttributesArray(1,
1114 (PLUID_AND_ATTRIBUTES)&(Privileges->Privilege[i]),
1115 &(NewPrivileges->Privilege[PrivilegeCount]));
1116 PrivilegeCount++;
1117 }
1118 }
1119
1120 /* Set the new priivliege set */
1121 Status = LsapSetObjectAttribute(AccountObject,
1122 L"Privilgs",
1123 NewPrivileges,
1124 PrivilegeSetSize);
1125 }
1126
1127 done:
1128 if (CurrentPrivileges != NULL)
1129 MIDL_user_free(CurrentPrivileges);
1130
1131 if (NewPrivileges != NULL)
1132 MIDL_user_free(NewPrivileges);
1133
1134 return Status;
1135 }
1136
1137
1138 /* Function 20 */
1139 NTSTATUS WINAPI LsarRemovePrivilegesFromAccount(
1140 LSAPR_HANDLE AccountHandle,
1141 BOOL AllPrivileges,
1142 PLSAPR_PRIVILEGE_SET Privileges)
1143 {
1144 UNIMPLEMENTED;
1145 return STATUS_NOT_IMPLEMENTED;
1146 }
1147
1148
1149 /* Function 21 */
1150 NTSTATUS WINAPI LsarGetQuotasForAccount(
1151 LSAPR_HANDLE AccountHandle,
1152 PQUOTA_LIMITS QuotaLimits)
1153 {
1154 UNIMPLEMENTED;
1155 return STATUS_NOT_IMPLEMENTED;
1156 }
1157
1158
1159 /* Function 22 */
1160 NTSTATUS WINAPI LsarSetQuotasForAccount(
1161 LSAPR_HANDLE AccountHandle,
1162 PQUOTA_LIMITS QuotaLimits)
1163 {
1164 UNIMPLEMENTED;
1165 return STATUS_NOT_IMPLEMENTED;
1166 }
1167
1168
1169 /* Function 23 */
1170 NTSTATUS WINAPI LsarGetSystemAccessAccount(
1171 LSAPR_HANDLE AccountHandle,
1172 ACCESS_MASK *SystemAccess)
1173 {
1174 PLSA_DB_OBJECT AccountObject;
1175 ULONG Size;
1176 NTSTATUS Status;
1177
1178 /* Validate the account handle */
1179 Status = LsapValidateDbObject(AccountHandle,
1180 LsaDbAccountObject,
1181 ACCOUNT_VIEW,
1182 &AccountObject);
1183 if (!NT_SUCCESS(Status))
1184 {
1185 ERR("Invalid handle (Status %lx)\n", Status);
1186 return Status;
1187 }
1188
1189 /* Get the system access flags */
1190 Status = LsapGetObjectAttribute(AccountObject,
1191 L"ActSysAc",
1192 SystemAccess,
1193 &Size);
1194
1195 return Status;
1196 }
1197
1198
1199 /* Function 24 */
1200 NTSTATUS WINAPI LsarSetSystemAccessAccount(
1201 LSAPR_HANDLE AccountHandle,
1202 ACCESS_MASK SystemAccess)
1203 {
1204 PLSA_DB_OBJECT AccountObject;
1205 NTSTATUS Status;
1206
1207 /* Validate the account handle */
1208 Status = LsapValidateDbObject(AccountHandle,
1209 LsaDbAccountObject,
1210 ACCOUNT_ADJUST_SYSTEM_ACCESS,
1211 &AccountObject);
1212 if (!NT_SUCCESS(Status))
1213 {
1214 ERR("Invalid handle (Status %lx)\n", Status);
1215 return Status;
1216 }
1217
1218 /* Set the system access flags */
1219 Status = LsapSetObjectAttribute(AccountObject,
1220 L"ActSysAc",
1221 &SystemAccess,
1222 sizeof(ACCESS_MASK));
1223
1224 return Status;
1225 }
1226
1227
1228 /* Function 25 */
1229 NTSTATUS WINAPI LsarOpenTrustedDomain(
1230 LSAPR_HANDLE PolicyHandle,
1231 PRPC_SID TrustedDomainSid,
1232 ACCESS_MASK DesiredAccess,
1233 LSAPR_HANDLE *TrustedDomainHandle)
1234 {
1235 UNIMPLEMENTED;
1236 return STATUS_NOT_IMPLEMENTED;
1237 }
1238
1239
1240 /* Function 26 */
1241 NTSTATUS WINAPI LsarQueryInfoTrustedDomain(
1242 LSAPR_HANDLE TrustedDomainHandle,
1243 TRUSTED_INFORMATION_CLASS InformationClass,
1244 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
1245 {
1246 UNIMPLEMENTED;
1247 return STATUS_NOT_IMPLEMENTED;
1248 }
1249
1250
1251 /* Function 27 */
1252 NTSTATUS WINAPI LsarSetInformationTrustedDomain(
1253 LSAPR_HANDLE TrustedDomainHandle,
1254 TRUSTED_INFORMATION_CLASS InformationClass,
1255 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
1256 {
1257 UNIMPLEMENTED;
1258 return STATUS_NOT_IMPLEMENTED;
1259 }
1260
1261
1262 /* Function 28 */
1263 NTSTATUS WINAPI LsarOpenSecret(
1264 LSAPR_HANDLE PolicyHandle,
1265 PRPC_UNICODE_STRING SecretName,
1266 ACCESS_MASK DesiredAccess,
1267 LSAPR_HANDLE *SecretHandle)
1268 {
1269 PLSA_DB_OBJECT PolicyObject;
1270 PLSA_DB_OBJECT SecretObject = NULL;
1271 NTSTATUS Status = STATUS_SUCCESS;
1272
1273 /* Validate the PolicyHandle */
1274 Status = LsapValidateDbObject(PolicyHandle,
1275 LsaDbPolicyObject,
1276 0,
1277 &PolicyObject);
1278 if (!NT_SUCCESS(Status))
1279 {
1280 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1281 return Status;
1282 }
1283
1284 /* Create the secret object */
1285 Status = LsapOpenDbObject(PolicyObject,
1286 L"Secrets",
1287 SecretName->Buffer,
1288 LsaDbSecretObject,
1289 DesiredAccess,
1290 &SecretObject);
1291 if (!NT_SUCCESS(Status))
1292 {
1293 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
1294 goto done;
1295 }
1296
1297 done:
1298 if (!NT_SUCCESS(Status))
1299 {
1300 if (SecretObject != NULL)
1301 LsapCloseDbObject(SecretObject);
1302 }
1303 else
1304 {
1305 *SecretHandle = (LSAPR_HANDLE)SecretObject;
1306 }
1307
1308 return Status;
1309 }
1310
1311
1312 /* Function 29 */
1313 NTSTATUS WINAPI LsarSetSecret(
1314 LSAPR_HANDLE SecretHandle,
1315 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue,
1316 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue)
1317 {
1318 PLSA_DB_OBJECT SecretObject;
1319 PBYTE CurrentValue = NULL;
1320 PBYTE OldValue = NULL;
1321 ULONG CurrentValueLength = 0;
1322 ULONG OldValueLength = 0;
1323 LARGE_INTEGER Time;
1324 NTSTATUS Status;
1325
1326 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle,
1327 EncryptedCurrentValue, EncryptedOldValue);
1328
1329 /* Validate the SecretHandle */
1330 Status = LsapValidateDbObject(SecretHandle,
1331 LsaDbSecretObject,
1332 SECRET_SET_VALUE,
1333 &SecretObject);
1334 if (!NT_SUCCESS(Status))
1335 {
1336 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1337 return Status;
1338 }
1339
1340 if (EncryptedCurrentValue != NULL)
1341 {
1342 /* FIXME: Decrypt the current value */
1343 CurrentValue = EncryptedCurrentValue->Buffer;
1344 CurrentValueLength = EncryptedCurrentValue->MaximumLength;
1345 }
1346
1347 /* Set the current value */
1348 Status = LsapSetObjectAttribute(SecretObject,
1349 L"CurrentValue",
1350 CurrentValue,
1351 CurrentValueLength);
1352 if (!NT_SUCCESS(Status))
1353 {
1354 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1355 goto done;
1356 }
1357
1358 /* Get the current time */
1359 Status = NtQuerySystemTime(&Time);
1360 if (!NT_SUCCESS(Status))
1361 {
1362 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
1363 goto done;
1364 }
1365
1366 /* Set the current time */
1367 Status = LsapSetObjectAttribute(SecretObject,
1368 L"CurrentTime",
1369 &Time,
1370 sizeof(LARGE_INTEGER));
1371 if (!NT_SUCCESS(Status))
1372 {
1373 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1374 goto done;
1375 }
1376
1377 if (EncryptedOldValue != NULL)
1378 {
1379 /* FIXME: Decrypt the old value */
1380 OldValue = EncryptedOldValue->Buffer;
1381 OldValueLength = EncryptedOldValue->MaximumLength;
1382 }
1383
1384 /* Set the old value */
1385 Status = LsapSetObjectAttribute(SecretObject,
1386 L"OldValue",
1387 OldValue,
1388 OldValueLength);
1389 if (!NT_SUCCESS(Status))
1390 {
1391 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1392 goto done;
1393 }
1394
1395 /* Set the old time */
1396 Status = LsapSetObjectAttribute(SecretObject,
1397 L"OldTime",
1398 &Time,
1399 sizeof(LARGE_INTEGER));
1400 if (!NT_SUCCESS(Status))
1401 {
1402 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1403 }
1404
1405 done:
1406 return Status;
1407 }
1408
1409
1410 /* Function 30 */
1411 NTSTATUS WINAPI LsarQuerySecret(
1412 LSAPR_HANDLE SecretHandle,
1413 PLSAPR_CR_CIPHER_VALUE *EncryptedCurrentValue,
1414 PLARGE_INTEGER CurrentValueSetTime,
1415 PLSAPR_CR_CIPHER_VALUE *EncryptedOldValue,
1416 PLARGE_INTEGER OldValueSetTime)
1417 {
1418 PLSA_DB_OBJECT SecretObject;
1419 PLSAPR_CR_CIPHER_VALUE EncCurrentValue = NULL;
1420 PLSAPR_CR_CIPHER_VALUE EncOldValue = NULL;
1421 PBYTE CurrentValue = NULL;
1422 PBYTE OldValue = NULL;
1423 ULONG CurrentValueLength = 0;
1424 ULONG OldValueLength = 0;
1425 ULONG BufferSize;
1426 NTSTATUS Status;
1427
1428 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle,
1429 EncryptedCurrentValue, CurrentValueSetTime,
1430 EncryptedOldValue, OldValueSetTime);
1431
1432 /* Validate the SecretHandle */
1433 Status = LsapValidateDbObject(SecretHandle,
1434 LsaDbSecretObject,
1435 SECRET_QUERY_VALUE,
1436 &SecretObject);
1437 if (!NT_SUCCESS(Status))
1438 {
1439 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1440 return Status;
1441 }
1442
1443 if (EncryptedCurrentValue != NULL)
1444 {
1445 CurrentValueLength = 0;
1446
1447 /* Get the size of the current value */
1448 Status = LsapGetObjectAttribute(SecretObject,
1449 L"CurrentValue",
1450 NULL,
1451 &CurrentValueLength);
1452 if (!NT_SUCCESS(Status))
1453 goto done;
1454
1455 /* Allocate a buffer for the current value */
1456 CurrentValue = midl_user_allocate(CurrentValueLength);
1457 if (CurrentValue == NULL)
1458 {
1459 Status = STATUS_INSUFFICIENT_RESOURCES;
1460 goto done;
1461 }
1462
1463 /* Get the current value */
1464 Status = LsapGetObjectAttribute(SecretObject,
1465 L"CurrentValue",
1466 CurrentValue,
1467 &CurrentValueLength);
1468 if (!NT_SUCCESS(Status))
1469 goto done;
1470
1471 /* Allocate a buffer for the encrypted current value */
1472 EncCurrentValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE));
1473 if (EncCurrentValue == NULL)
1474 {
1475 Status = STATUS_INSUFFICIENT_RESOURCES;
1476 goto done;
1477 }
1478
1479 /* FIXME: Encrypt the current value */
1480 EncCurrentValue->Length = (USHORT)(CurrentValueLength - sizeof(WCHAR));
1481 EncCurrentValue->MaximumLength = (USHORT)CurrentValueLength;
1482 EncCurrentValue->Buffer = (PBYTE)CurrentValue;
1483 }
1484
1485 if (CurrentValueSetTime != NULL)
1486 {
1487 BufferSize = sizeof(LARGE_INTEGER);
1488
1489 /* Get the current value time */
1490 Status = LsapGetObjectAttribute(SecretObject,
1491 L"CurrentTime",
1492 (PBYTE)CurrentValueSetTime,
1493 &BufferSize);
1494 if (!NT_SUCCESS(Status))
1495 goto done;
1496 }
1497
1498 if (EncryptedOldValue != NULL)
1499 {
1500 OldValueLength = 0;
1501
1502 /* Get the size of the old value */
1503 Status = LsapGetObjectAttribute(SecretObject,
1504 L"OldValue",
1505 NULL,
1506 &OldValueLength);
1507 if (!NT_SUCCESS(Status))
1508 goto done;
1509
1510 /* Allocate a buffer for the old value */
1511 OldValue = midl_user_allocate(OldValueLength);
1512 if (OldValue == NULL)
1513 {
1514 Status = STATUS_INSUFFICIENT_RESOURCES;
1515 goto done;
1516 }
1517
1518 /* Get the old value */
1519 Status = LsapGetObjectAttribute(SecretObject,
1520 L"OldValue",
1521 OldValue,
1522 &OldValueLength);
1523 if (!NT_SUCCESS(Status))
1524 goto done;
1525
1526 /* Allocate a buffer for the encrypted old value */
1527 EncOldValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE) + OldValueLength);
1528 if (EncOldValue == NULL)
1529 {
1530 Status = STATUS_INSUFFICIENT_RESOURCES;
1531 goto done;
1532 }
1533
1534 /* FIXME: Encrypt the old value */
1535 EncOldValue->Length = (USHORT)(OldValueLength - sizeof(WCHAR));
1536 EncOldValue->MaximumLength = (USHORT)OldValueLength;
1537 EncOldValue->Buffer = (PBYTE)OldValue;
1538 }
1539
1540 if (OldValueSetTime != NULL)
1541 {
1542 BufferSize = sizeof(LARGE_INTEGER);
1543
1544 /* Get the old value time */
1545 Status = LsapGetObjectAttribute(SecretObject,
1546 L"OldTime",
1547 (PBYTE)OldValueSetTime,
1548 &BufferSize);
1549 if (!NT_SUCCESS(Status))
1550 goto done;
1551 }
1552
1553
1554 done:
1555 if (NT_SUCCESS(Status))
1556 {
1557 if (EncryptedCurrentValue != NULL)
1558 *EncryptedCurrentValue = EncCurrentValue;
1559
1560 if (EncryptedOldValue != NULL)
1561 *EncryptedOldValue = EncOldValue;
1562 }
1563 else
1564 {
1565 if (EncryptedCurrentValue != NULL)
1566 *EncryptedCurrentValue = NULL;
1567
1568 if (EncryptedOldValue != NULL)
1569 *EncryptedOldValue = NULL;
1570
1571 if (EncCurrentValue != NULL)
1572 midl_user_free(EncCurrentValue);
1573
1574 if (EncOldValue != NULL)
1575 midl_user_free(EncOldValue);
1576
1577 if (CurrentValue != NULL)
1578 midl_user_free(CurrentValue);
1579
1580 if (OldValue != NULL)
1581 midl_user_free(OldValue);
1582 }
1583
1584 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status);
1585
1586 return Status;
1587 }
1588
1589
1590 /* Function 31 */
1591 NTSTATUS WINAPI LsarLookupPrivilegeValue(
1592 LSAPR_HANDLE PolicyHandle,
1593 PRPC_UNICODE_STRING Name,
1594 PLUID Value)
1595 {
1596 NTSTATUS Status;
1597
1598 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1599 PolicyHandle, Name, Value);
1600
1601 Status = LsapValidateDbObject(PolicyHandle,
1602 LsaDbPolicyObject,
1603 POLICY_LOOKUP_NAMES,
1604 NULL);
1605 if (!NT_SUCCESS(Status))
1606 {
1607 ERR("Invalid handle (Status %lx)\n", Status);
1608 return Status;
1609 }
1610
1611 TRACE("Privilege: %wZ\n", Name);
1612
1613 Status = LsarpLookupPrivilegeValue((PUNICODE_STRING)Name,
1614 Value);
1615
1616 return Status;
1617 }
1618
1619
1620 /* Function 32 */
1621 NTSTATUS WINAPI LsarLookupPrivilegeName(
1622 LSAPR_HANDLE PolicyHandle,
1623 PLUID Value,
1624 PRPC_UNICODE_STRING *Name)
1625 {
1626 NTSTATUS Status;
1627
1628 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1629 PolicyHandle, Value, Name);
1630
1631 Status = LsapValidateDbObject(PolicyHandle,
1632 LsaDbPolicyObject,
1633 POLICY_LOOKUP_NAMES,
1634 NULL);
1635 if (!NT_SUCCESS(Status))
1636 {
1637 ERR("Invalid handle\n");
1638 return Status;
1639 }
1640
1641 Status = LsarpLookupPrivilegeName(Value, (PUNICODE_STRING*)Name);
1642
1643 return Status;
1644 }
1645
1646
1647 /* Function 33 */
1648 NTSTATUS WINAPI LsarLookupPrivilegeDisplayName(
1649 LSAPR_HANDLE PolicyHandle,
1650 PRPC_UNICODE_STRING Name,
1651 USHORT ClientLanguage,
1652 USHORT ClientSystemDefaultLanguage,
1653 PRPC_UNICODE_STRING *DisplayName,
1654 USHORT *LanguageReturned)
1655 {
1656 UNIMPLEMENTED;
1657 return STATUS_NOT_IMPLEMENTED;
1658 }
1659
1660
1661 /* Function 34 */
1662 NTSTATUS WINAPI LsarDeleteObject(
1663 LSAPR_HANDLE *ObjectHandle)
1664 {
1665 UNIMPLEMENTED;
1666 return STATUS_NOT_IMPLEMENTED;
1667 }
1668
1669
1670 /* Function 35 */
1671 NTSTATUS WINAPI LsarEnumerateAccountsWithUserRight(
1672 LSAPR_HANDLE PolicyHandle,
1673 PRPC_UNICODE_STRING UserRight,
1674 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer)
1675 {
1676 UNIMPLEMENTED;
1677 return STATUS_NOT_IMPLEMENTED;
1678 }
1679
1680
1681 /* Function 36 */
1682 NTSTATUS WINAPI LsarEnumerateAccountRights(
1683 LSAPR_HANDLE PolicyHandle,
1684 PRPC_SID AccountSid,
1685 PLSAPR_USER_RIGHT_SET UserRights)
1686 {
1687 LSAPR_HANDLE AccountHandle;
1688 PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
1689 PRPC_UNICODE_STRING RightsBuffer = NULL;
1690 PRPC_UNICODE_STRING PrivilegeString;
1691 ULONG RightsCount;
1692 ULONG RightsIndex;
1693 ULONG PrivIndex;
1694 NTSTATUS Status;
1695
1696 TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
1697 PolicyHandle, AccountSid, UserRights);
1698
1699 /* Open the account */
1700 Status = LsarOpenAccount(PolicyHandle,
1701 AccountSid,
1702 ACCOUNT_VIEW,
1703 &AccountHandle);
1704 if (!NT_SUCCESS(Status))
1705 {
1706 ERR("LsarOpenAccount returned 0x%08lx\n", Status);
1707 return Status;
1708 }
1709
1710 /* Enumerate the privileges */
1711 Status = LsarEnumeratePrivilegesAccount(AccountHandle,
1712 &PrivilegeSet);
1713 if (!NT_SUCCESS(Status))
1714 {
1715 ERR("LsarEnumeratePrivilegesAccount returned 0x%08lx\n", Status);
1716 goto done;
1717 }
1718
1719 /* FIXME: Get account rights */
1720
1721
1722 RightsCount = PrivilegeSet->PrivilegeCount;
1723
1724 /* FIXME: Count account rights */
1725
1726
1727 /* We are done if there are no rights to be enumerated */
1728 if (RightsCount == 0)
1729 {
1730 UserRights->Entries = 0;
1731 UserRights->UserRights = NULL;
1732 Status = STATUS_SUCCESS;
1733 goto done;
1734 }
1735
1736 /* Allocate a buffer for the account rights */
1737 RightsBuffer = MIDL_user_allocate(RightsCount * sizeof(RPC_UNICODE_STRING));
1738 if (RightsBuffer == NULL)
1739 {
1740 Status = STATUS_INSUFFICIENT_RESOURCES;
1741 goto done;
1742 }
1743
1744 /* Copy the privileges into the buffer */
1745 RightsIndex = 0;
1746 for (PrivIndex = 0; PrivIndex < PrivilegeSet->PrivilegeCount; PrivIndex++)
1747 {
1748 PrivilegeString = NULL;
1749 Status = LsarLookupPrivilegeName(PolicyHandle,
1750 (PLUID)&PrivilegeSet->Privilege[PrivIndex].Luid,
1751 (PRPC_UNICODE_STRING *)&PrivilegeString);
1752 if (!NT_SUCCESS(Status))
1753 goto done;
1754
1755 RightsBuffer[RightsIndex].Length = PrivilegeString->Length;
1756 RightsBuffer[RightsIndex].MaximumLength = PrivilegeString->MaximumLength;
1757 RightsBuffer[RightsIndex].Buffer = PrivilegeString->Buffer;
1758
1759 MIDL_user_free(PrivilegeString);
1760 RightsIndex++;
1761 }
1762
1763 /* FIXME: Copy account rights into the buffer */
1764
1765
1766 UserRights->Entries = RightsCount;
1767 UserRights->UserRights = (PRPC_UNICODE_STRING)RightsBuffer;
1768
1769 done:
1770 if (!NT_SUCCESS(Status))
1771 {
1772 if (RightsBuffer != NULL)
1773 {
1774 for (RightsIndex = 0; RightsIndex < RightsCount; RightsIndex++)
1775 {
1776 if (RightsBuffer[RightsIndex].Buffer != NULL)
1777 MIDL_user_free(RightsBuffer[RightsIndex].Buffer);
1778 }
1779
1780 MIDL_user_free(RightsBuffer);
1781 }
1782 }
1783
1784 if (PrivilegeSet != NULL)
1785 MIDL_user_free(PrivilegeSet);
1786
1787 LsarClose(&AccountHandle);
1788
1789 return Status;
1790 }
1791
1792
1793 /* Function 37 */
1794 NTSTATUS WINAPI LsarAddAccountRights(
1795 LSAPR_HANDLE PolicyHandle,
1796 PRPC_SID AccountSid,
1797 PLSAPR_USER_RIGHT_SET UserRights)
1798 {
1799 UNIMPLEMENTED;
1800 return STATUS_NOT_IMPLEMENTED;
1801 }
1802
1803
1804 /* Function 38 */
1805 NTSTATUS WINAPI LsarRemoveAccountRights(
1806 LSAPR_HANDLE PolicyHandle,
1807 PRPC_SID AccountSid,
1808 BOOL AllRights,
1809 PLSAPR_USER_RIGHT_SET UserRights)
1810 {
1811 UNIMPLEMENTED;
1812 return STATUS_NOT_IMPLEMENTED;
1813 }
1814
1815
1816 /* Function 39 */
1817 NTSTATUS WINAPI LsarQueryTrustedDomainInfo(
1818 LSAPR_HANDLE PolicyHandle,
1819 PRPC_SID TrustedDomainSid,
1820 TRUSTED_INFORMATION_CLASS InformationClass,
1821 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
1822 {
1823 UNIMPLEMENTED;
1824 return STATUS_NOT_IMPLEMENTED;
1825 }
1826
1827
1828 /* Function 40 */
1829 NTSTATUS WINAPI LsarSetTrustedDomainInfo(
1830 LSAPR_HANDLE PolicyHandle,
1831 PRPC_SID TrustedDomainSid,
1832 TRUSTED_INFORMATION_CLASS InformationClass,
1833 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
1834 {
1835 UNIMPLEMENTED;
1836 return STATUS_NOT_IMPLEMENTED;
1837 }
1838
1839
1840 /* Function 41 */
1841 NTSTATUS WINAPI LsarDeleteTrustedDomain(
1842 LSAPR_HANDLE PolicyHandle,
1843 PRPC_SID TrustedDomainSid)
1844 {
1845 UNIMPLEMENTED;
1846 return STATUS_NOT_IMPLEMENTED;
1847 }
1848
1849
1850 /* Function 42 */
1851 NTSTATUS WINAPI LsarStorePrivateData(
1852 LSAPR_HANDLE PolicyHandle,
1853 PRPC_UNICODE_STRING KeyName,
1854 PLSAPR_CR_CIPHER_VALUE EncryptedData)
1855 {
1856 UNIMPLEMENTED;
1857 return STATUS_NOT_IMPLEMENTED;
1858 }
1859
1860
1861 /* Function 43 */
1862 NTSTATUS WINAPI LsarRetrievePrivateData(
1863 LSAPR_HANDLE PolicyHandle,
1864 PRPC_UNICODE_STRING KeyName,
1865 PLSAPR_CR_CIPHER_VALUE *EncryptedData)
1866 {
1867 UNIMPLEMENTED;
1868 return STATUS_NOT_IMPLEMENTED;
1869 }
1870
1871
1872 /* Function 44 */
1873 NTSTATUS WINAPI LsarOpenPolicy2(
1874 LPWSTR SystemName,
1875 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
1876 ACCESS_MASK DesiredAccess,
1877 LSAPR_HANDLE *PolicyHandle)
1878 {
1879 UNIMPLEMENTED;
1880 return STATUS_NOT_IMPLEMENTED;
1881 }
1882
1883
1884 /* Function 45 */
1885 NTSTATUS WINAPI LsarGetUserName(
1886 LPWSTR SystemName,
1887 PRPC_UNICODE_STRING *UserName,
1888 PRPC_UNICODE_STRING *DomainName)
1889 {
1890 UNIMPLEMENTED;
1891 return STATUS_NOT_IMPLEMENTED;
1892 }
1893
1894
1895 /* Function 46 */
1896 NTSTATUS WINAPI LsarQueryInformationPolicy2(
1897 LSAPR_HANDLE PolicyHandle,
1898 POLICY_INFORMATION_CLASS InformationClass,
1899 PLSAPR_POLICY_INFORMATION *PolicyInformation)
1900 {
1901 return LsarQueryInformationPolicy(PolicyHandle,
1902 InformationClass,
1903 PolicyInformation);
1904 }
1905
1906
1907 /* Function 47 */
1908 NTSTATUS WINAPI LsarSetInformationPolicy2(
1909 LSAPR_HANDLE PolicyHandle,
1910 POLICY_INFORMATION_CLASS InformationClass,
1911 PLSAPR_POLICY_INFORMATION PolicyInformation)
1912 {
1913 return LsarSetInformationPolicy(PolicyHandle,
1914 InformationClass,
1915 PolicyInformation);
1916 }
1917
1918
1919 /* Function 48 */
1920 NTSTATUS WINAPI LsarQueryTrustedDomainInfoByName(
1921 LSAPR_HANDLE PolicyHandle,
1922 PRPC_UNICODE_STRING TrustedDomainName,
1923 POLICY_INFORMATION_CLASS InformationClass,
1924 PLSAPR_TRUSTED_DOMAIN_INFO *PolicyInformation)
1925 {
1926 UNIMPLEMENTED;
1927 return STATUS_NOT_IMPLEMENTED;
1928 }
1929
1930
1931 /* Function 49 */
1932 NTSTATUS WINAPI LsarSetTrustedDomainInfoByName(
1933 LSAPR_HANDLE PolicyHandle,
1934 PRPC_UNICODE_STRING TrustedDomainName,
1935 POLICY_INFORMATION_CLASS InformationClass,
1936 PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation)
1937 {
1938 UNIMPLEMENTED;
1939 return STATUS_NOT_IMPLEMENTED;
1940 }
1941
1942
1943 /* Function 50 */
1944 NTSTATUS WINAPI LsarEnumerateTrustedDomainsEx(
1945 LSAPR_HANDLE PolicyHandle,
1946 DWORD *EnumerationContext,
1947 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer,
1948 DWORD PreferedMaximumLength)
1949 {
1950 UNIMPLEMENTED;
1951 return STATUS_NOT_IMPLEMENTED;
1952 }
1953
1954
1955 /* Function 51 */
1956 NTSTATUS WINAPI LsarCreateTrustedDomainEx(
1957 LSAPR_HANDLE PolicyHandle,
1958 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
1959 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation,
1960 ACCESS_MASK DesiredAccess,
1961 LSAPR_HANDLE *TrustedDomainHandle)
1962 {
1963 UNIMPLEMENTED;
1964 return STATUS_NOT_IMPLEMENTED;
1965 }
1966
1967
1968 /* Function 52 */
1969 NTSTATUS WINAPI LsarSetPolicyReplicationHandle(
1970 PLSAPR_HANDLE PolicyHandle)
1971 {
1972 /* Deprecated */
1973 return STATUS_NOT_IMPLEMENTED;
1974 }
1975
1976
1977 /* Function 53 */
1978 NTSTATUS WINAPI LsarQueryDomainInformationPolicy(
1979 LSAPR_HANDLE PolicyHandle,
1980 POLICY_INFORMATION_CLASS InformationClass,
1981 PLSAPR_POLICY_DOMAIN_INFORMATION *PolicyInformation)
1982 {
1983 UNIMPLEMENTED;
1984 return STATUS_NOT_IMPLEMENTED;
1985 }
1986
1987
1988 /* Function 54 */
1989 NTSTATUS WINAPI LsarSetDomainInformationPolicy(
1990 LSAPR_HANDLE PolicyHandle,
1991 POLICY_INFORMATION_CLASS InformationClass,
1992 PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation)
1993 {
1994 UNIMPLEMENTED;
1995 return STATUS_NOT_IMPLEMENTED;
1996 }
1997
1998
1999 /* Function 55 */
2000 NTSTATUS WINAPI LsarOpenTrustedDomainByName(
2001 LSAPR_HANDLE PolicyHandle,
2002 PRPC_UNICODE_STRING TrustedDomainName,
2003 ACCESS_MASK DesiredAccess,
2004 LSAPR_HANDLE *TrustedDomainHandle)
2005 {
2006 UNIMPLEMENTED;
2007 return STATUS_NOT_IMPLEMENTED;
2008 }
2009
2010
2011 /* Function 56 */
2012 NTSTATUS WINAPI LsarTestCall(
2013 handle_t hBinding)
2014 {
2015 UNIMPLEMENTED;
2016 return STATUS_NOT_IMPLEMENTED;
2017 }
2018
2019
2020 /* Function 57 */
2021 NTSTATUS WINAPI LsarLookupSids2(
2022 LSAPR_HANDLE PolicyHandle,
2023 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
2024 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2025 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
2026 LSAP_LOOKUP_LEVEL LookupLevel,
2027 DWORD *MappedCount,
2028 DWORD LookupOptions,
2029 DWORD ClientRevision)
2030 {
2031 NTSTATUS Status;
2032
2033 TRACE("(%p %p %p %p %d %p %lu %lu)\n",
2034 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
2035 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2036
2037 TranslatedNames->Entries = SidEnumBuffer->Entries;
2038 TranslatedNames->Names = NULL;
2039 *ReferencedDomains = NULL;
2040
2041 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
2042
2043 Status = LsapLookupSids(SidEnumBuffer,
2044 ReferencedDomains,
2045 TranslatedNames,
2046 LookupLevel,
2047 MappedCount,
2048 LookupOptions,
2049 ClientRevision);
2050
2051 return Status;
2052 }
2053
2054
2055 /* Function 58 */
2056 NTSTATUS WINAPI LsarLookupNames2(
2057 LSAPR_HANDLE PolicyHandle,
2058 DWORD Count,
2059 PRPC_UNICODE_STRING Names,
2060 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2061 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids,
2062 LSAP_LOOKUP_LEVEL LookupLevel,
2063 DWORD *MappedCount,
2064 DWORD LookupOptions,
2065 DWORD ClientRevision)
2066 {
2067 LSAPR_TRANSLATED_SIDS_EX2 TranslatedSidsEx2;
2068 ULONG i;
2069 NTSTATUS Status;
2070
2071 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2072 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
2073 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2074
2075 TranslatedSids->Entries = 0;
2076 TranslatedSids->Sids = NULL;
2077 *ReferencedDomains = NULL;
2078
2079 if (Count == 0)
2080 return STATUS_NONE_MAPPED;
2081
2082 TranslatedSidsEx2.Entries = 0;
2083 TranslatedSidsEx2.Sids = NULL;
2084
2085 Status = LsapLookupNames(Count,
2086 Names,
2087 ReferencedDomains,
2088 &TranslatedSidsEx2,
2089 LookupLevel,
2090 MappedCount,
2091 LookupOptions,
2092 ClientRevision);
2093 if (!NT_SUCCESS(Status))
2094 return Status;
2095
2096 TranslatedSids->Entries = TranslatedSidsEx2.Entries;
2097 TranslatedSids->Sids = MIDL_user_allocate(TranslatedSids->Entries * sizeof(LSA_TRANSLATED_SID));
2098 if (TranslatedSids->Sids == NULL)
2099 {
2100 MIDL_user_free(TranslatedSidsEx2.Sids);
2101 MIDL_user_free(*ReferencedDomains);
2102 *ReferencedDomains = NULL;
2103 return STATUS_INSUFFICIENT_RESOURCES;
2104 }
2105
2106 for (i = 0; i < TranslatedSidsEx2.Entries; i++)
2107 {
2108 TranslatedSids->Sids[i].Use = TranslatedSidsEx2.Sids[i].Use;
2109 TranslatedSids->Sids[i].RelativeId = LsapGetRelativeIdFromSid(TranslatedSidsEx2.Sids[i].Sid);
2110 TranslatedSids->Sids[i].DomainIndex = TranslatedSidsEx2.Sids[i].DomainIndex;
2111 TranslatedSids->Sids[i].Flags = TranslatedSidsEx2.Sids[i].Flags;
2112 }
2113
2114 MIDL_user_free(TranslatedSidsEx2.Sids);
2115
2116 return STATUS_SUCCESS;
2117 }
2118
2119
2120 /* Function 59 */
2121 NTSTATUS WINAPI LsarCreateTrustedDomainEx2(
2122 LSAPR_HANDLE PolicyHandle,
2123 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
2124 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation,
2125 ACCESS_MASK DesiredAccess,
2126 LSAPR_HANDLE *TrustedDomainHandle)
2127 {
2128 UNIMPLEMENTED;
2129 return STATUS_NOT_IMPLEMENTED;
2130 }
2131
2132
2133 /* Function 60 */
2134 NTSTATUS WINAPI CredrWrite(
2135 handle_t hBinding)
2136 {
2137 UNIMPLEMENTED;
2138 return STATUS_NOT_IMPLEMENTED;
2139 }
2140
2141
2142 /* Function 61 */
2143 NTSTATUS WINAPI CredrRead(
2144 handle_t hBinding)
2145 {
2146 UNIMPLEMENTED;
2147 return STATUS_NOT_IMPLEMENTED;
2148 }
2149
2150
2151 /* Function 62 */
2152 NTSTATUS WINAPI CredrEnumerate(
2153 handle_t hBinding)
2154 {
2155 UNIMPLEMENTED;
2156 return STATUS_NOT_IMPLEMENTED;
2157 }
2158
2159
2160 /* Function 63 */
2161 NTSTATUS WINAPI CredrWriteDomainCredentials(
2162 handle_t hBinding)
2163 {
2164 UNIMPLEMENTED;
2165 return STATUS_NOT_IMPLEMENTED;
2166 }
2167
2168
2169 /* Function 64 */
2170 NTSTATUS WINAPI CredrReadDomainCredentials(
2171 handle_t hBinding)
2172 {
2173 UNIMPLEMENTED;
2174 return STATUS_NOT_IMPLEMENTED;
2175 }
2176
2177
2178 /* Function 65 */
2179 NTSTATUS WINAPI CredrDelete(
2180 handle_t hBinding)
2181 {
2182 UNIMPLEMENTED;
2183 return STATUS_NOT_IMPLEMENTED;
2184 }
2185
2186
2187 /* Function 66 */
2188 NTSTATUS WINAPI CredrGetTargetInfo(
2189 handle_t hBinding)
2190 {
2191 UNIMPLEMENTED;
2192 return STATUS_NOT_IMPLEMENTED;
2193 }
2194
2195
2196 /* Function 67 */
2197 NTSTATUS WINAPI CredrProfileLoaded(
2198 handle_t hBinding)
2199 {
2200 UNIMPLEMENTED;
2201 return STATUS_NOT_IMPLEMENTED;
2202 }
2203
2204
2205 /* Function 68 */
2206 NTSTATUS WINAPI LsarLookupNames3(
2207 LSAPR_HANDLE PolicyHandle,
2208 DWORD Count,
2209 PRPC_UNICODE_STRING Names,
2210 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2211 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
2212 LSAP_LOOKUP_LEVEL LookupLevel,
2213 DWORD *MappedCount,
2214 DWORD LookupOptions,
2215 DWORD ClientRevision)
2216 {
2217 NTSTATUS Status;
2218
2219 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2220 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
2221 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2222
2223 TranslatedSids->Entries = 0;
2224 TranslatedSids->Sids = NULL;
2225 *ReferencedDomains = NULL;
2226
2227 if (Count == 0)
2228 return STATUS_NONE_MAPPED;
2229
2230 Status = LsapLookupNames(Count,
2231 Names,
2232 ReferencedDomains,
2233 TranslatedSids,
2234 LookupLevel,
2235 MappedCount,
2236 LookupOptions,
2237 ClientRevision);
2238
2239 return Status;
2240 }
2241
2242
2243 /* Function 69 */
2244 NTSTATUS WINAPI CredrGetSessionTypes(
2245 handle_t hBinding)
2246 {
2247 UNIMPLEMENTED;
2248 return STATUS_NOT_IMPLEMENTED;
2249 }
2250
2251
2252 /* Function 70 */
2253 NTSTATUS WINAPI LsarRegisterAuditEvent(
2254 handle_t hBinding)
2255 {
2256 UNIMPLEMENTED;
2257 return STATUS_NOT_IMPLEMENTED;
2258 }
2259
2260
2261 /* Function 71 */
2262 NTSTATUS WINAPI LsarGenAuditEvent(
2263 handle_t hBinding)
2264 {
2265 UNIMPLEMENTED;
2266 return STATUS_NOT_IMPLEMENTED;
2267 }
2268
2269
2270 /* Function 72 */
2271 NTSTATUS WINAPI LsarUnregisterAuditEvent(
2272 handle_t hBinding)
2273 {
2274 UNIMPLEMENTED;
2275 return STATUS_NOT_IMPLEMENTED;
2276 }
2277
2278
2279 /* Function 73 */
2280 NTSTATUS WINAPI LsarQueryForestTrustInformation(
2281 LSAPR_HANDLE PolicyHandle,
2282 PLSA_UNICODE_STRING TrustedDomainName,
2283 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
2284 PLSA_FOREST_TRUST_INFORMATION *ForestTrustInfo)
2285 {
2286 UNIMPLEMENTED;
2287 return STATUS_NOT_IMPLEMENTED;
2288 }
2289
2290
2291 /* Function 74 */
2292 NTSTATUS WINAPI LsarSetForestTrustInformation(
2293 LSAPR_HANDLE PolicyHandle,
2294 PLSA_UNICODE_STRING TrustedDomainName,
2295 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
2296 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo,
2297 BOOL CheckOnly,
2298 PLSA_FOREST_TRUST_COLLISION_INFORMATION *CollisionInfo)
2299 {
2300 UNIMPLEMENTED;
2301 return STATUS_NOT_IMPLEMENTED;
2302 }
2303
2304
2305 /* Function 75 */
2306 NTSTATUS WINAPI CredrRename(
2307 handle_t hBinding)
2308 {
2309 UNIMPLEMENTED;
2310 return STATUS_NOT_IMPLEMENTED;
2311 }
2312
2313
2314 /* Function 76 */
2315 NTSTATUS WINAPI LsarLookupSids3(
2316 LSAPR_HANDLE PolicyHandle,
2317 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
2318 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2319 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
2320 LSAP_LOOKUP_LEVEL LookupLevel,
2321 DWORD *MappedCount,
2322 DWORD LookupOptions,
2323 DWORD ClientRevision)
2324 {
2325 NTSTATUS Status;
2326
2327 TRACE("(%p %p %p %p %d %p %lu %lu)\n",
2328 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
2329 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2330
2331 TranslatedNames->Entries = SidEnumBuffer->Entries;
2332 TranslatedNames->Names = NULL;
2333 *ReferencedDomains = NULL;
2334
2335 /* FIXME: Fail, if there is an invalid SID in the SidEnumBuffer */
2336
2337 Status = LsapLookupSids(SidEnumBuffer,
2338 ReferencedDomains,
2339 TranslatedNames,
2340 LookupLevel,
2341 MappedCount,
2342 LookupOptions,
2343 ClientRevision);
2344
2345 return Status;
2346 }
2347
2348
2349 /* Function 77 */
2350 NTSTATUS WINAPI LsarLookupNames4(
2351 handle_t RpcHandle,
2352 DWORD Count,
2353 PRPC_UNICODE_STRING Names,
2354 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2355 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
2356 LSAP_LOOKUP_LEVEL LookupLevel,
2357 DWORD *MappedCount,
2358 DWORD LookupOptions,
2359 DWORD ClientRevision)
2360 {
2361 NTSTATUS Status;
2362
2363 TRACE("(%p %lu %p %p %p %d %p %lu %lu)\n",
2364 RpcHandle, Count, Names, ReferencedDomains, TranslatedSids,
2365 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2366
2367 TranslatedSids->Entries = 0;
2368 TranslatedSids->Sids = NULL;
2369 *ReferencedDomains = NULL;
2370
2371 if (Count == 0)
2372 return STATUS_NONE_MAPPED;
2373
2374 Status = LsapLookupNames(Count,
2375 Names,
2376 ReferencedDomains,
2377 TranslatedSids,
2378 LookupLevel,
2379 MappedCount,
2380 LookupOptions,
2381 ClientRevision);
2382
2383 return Status;
2384 }
2385
2386
2387 /* Function 78 */
2388 NTSTATUS WINAPI LsarOpenPolicySce(
2389 handle_t hBinding)
2390 {
2391 UNIMPLEMENTED;
2392 return STATUS_NOT_IMPLEMENTED;
2393 }
2394
2395
2396 /* Function 79 */
2397 NTSTATUS WINAPI LsarAdtRegisterSecurityEventSource(
2398 handle_t hBinding)
2399 {
2400 UNIMPLEMENTED;
2401 return STATUS_NOT_IMPLEMENTED;
2402 }
2403
2404
2405 /* Function 80 */
2406 NTSTATUS WINAPI LsarAdtUnregisterSecurityEventSource(
2407 handle_t hBinding)
2408 {
2409 UNIMPLEMENTED;
2410 return STATUS_NOT_IMPLEMENTED;
2411 }
2412
2413
2414 /* Function 81 */
2415 NTSTATUS WINAPI LsarAdtReportSecurityEvent(
2416 handle_t hBinding)
2417 {
2418 UNIMPLEMENTED;
2419 return STATUS_NOT_IMPLEMENTED;
2420 }
2421
2422
2423 /* Function 82 */
2424 NTSTATUS WINAPI CredrFindBestCredential(
2425 handle_t hBinding)
2426 {
2427 UNIMPLEMENTED;
2428 return STATUS_NOT_IMPLEMENTED;
2429 }
2430
2431
2432 /* Function 83 */
2433 NTSTATUS WINAPI LsarSetAuditPolicy(
2434 handle_t hBinding)
2435 {
2436 UNIMPLEMENTED;
2437 return STATUS_NOT_IMPLEMENTED;
2438 }
2439
2440
2441 /* Function 84 */
2442 NTSTATUS WINAPI LsarQueryAuditPolicy(
2443 handle_t hBinding)
2444 {
2445 UNIMPLEMENTED;
2446 return STATUS_NOT_IMPLEMENTED;
2447 }
2448
2449
2450 /* Function 85 */
2451 NTSTATUS WINAPI LsarEnumerateAuditPolicy(
2452 handle_t hBinding)
2453 {
2454 UNIMPLEMENTED;
2455 return STATUS_NOT_IMPLEMENTED;
2456 }
2457
2458
2459 /* Function 86 */
2460 NTSTATUS WINAPI LsarEnumerateAuditCategories(
2461 handle_t hBinding)
2462 {
2463 UNIMPLEMENTED;
2464 return STATUS_NOT_IMPLEMENTED;
2465 }
2466
2467
2468 /* Function 87 */
2469 NTSTATUS WINAPI LsarEnumerateAuditSubCategories(
2470 handle_t hBinding)
2471 {
2472 UNIMPLEMENTED;
2473 return STATUS_NOT_IMPLEMENTED;
2474 }
2475
2476
2477 /* Function 88 */
2478 NTSTATUS WINAPI LsarLookupAuditCategoryName(
2479 handle_t hBinding)
2480 {
2481 UNIMPLEMENTED;
2482 return STATUS_NOT_IMPLEMENTED;
2483 }
2484
2485
2486 /* Function 89 */
2487 NTSTATUS WINAPI LsarLookupAuditSubCategoryName(
2488 handle_t hBinding)
2489 {
2490 UNIMPLEMENTED;
2491 return STATUS_NOT_IMPLEMENTED;
2492 }
2493
2494
2495 /* Function 90 */
2496 NTSTATUS WINAPI LsarSetAuditSecurity(
2497 handle_t hBinding)
2498 {
2499 UNIMPLEMENTED;
2500 return STATUS_NOT_IMPLEMENTED;
2501 }
2502
2503
2504 /* Function 91 */
2505 NTSTATUS WINAPI LsarQueryAuditSecurity(
2506 handle_t hBinding)
2507 {
2508 UNIMPLEMENTED;
2509 return STATUS_NOT_IMPLEMENTED;
2510 }
2511
2512
2513 /* Function 92 */
2514 NTSTATUS WINAPI CredReadByTokenHandle(
2515 handle_t hBinding)
2516 {
2517 UNIMPLEMENTED;
2518 return STATUS_NOT_IMPLEMENTED;
2519 }
2520
2521
2522 /* Function 93 */
2523 NTSTATUS WINAPI CredrRestoreCredentials(
2524 handle_t hBinding)
2525 {
2526 UNIMPLEMENTED;
2527 return STATUS_NOT_IMPLEMENTED;
2528 }
2529
2530
2531 /* Function 94 */
2532 NTSTATUS WINAPI CredrBackupCredentials(
2533 handle_t hBinding)
2534 {
2535 UNIMPLEMENTED;
2536 return STATUS_NOT_IMPLEMENTED;
2537 }
2538
2539 /* EOF */