2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
7 * PROGRAMMERS: Eric Kohl
10 /* INCLUDES ****************************************************************/
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv
);
17 /* GLOBALS *****************************************************************/
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock
;
22 /* FUNCTIONS ***************************************************************/
25 LsarStartRpcServer(VOID
)
29 RtlInitializeCriticalSection(&PolicyHandleTableLock
);
31 TRACE("LsarStartRpcServer() called\n");
33 Status
= RpcServerUseProtseqEpW(L
"ncacn_np",
37 if (Status
!= RPC_S_OK
)
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status
);
43 Status
= RpcServerRegisterIf(lsarpc_v0_0_s_ifspec
,
46 if (Status
!= RPC_S_OK
)
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status
);
52 Status
= RpcServerListen(1, 20, TRUE
);
53 if (Status
!= RPC_S_OK
)
55 WARN("RpcServerListen() failed (Status %lx)\n", Status
);
59 TRACE("LsarStartRpcServer() done\n");
63 void __RPC_USER
LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle
)
70 NTSTATUS WINAPI
LsarClose(
71 LSAPR_HANDLE
*ObjectHandle
)
73 PLSA_DB_OBJECT DbObject
;
74 NTSTATUS Status
= STATUS_SUCCESS
;
76 TRACE("0x%p\n", ObjectHandle
);
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
80 Status
= LsapValidateDbObject(*ObjectHandle
,
84 if (Status
== STATUS_SUCCESS
)
86 Status
= LsapCloseDbObject(DbObject
);
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
97 NTSTATUS WINAPI
LsarDelete(
98 LSAPR_HANDLE ObjectHandle
)
101 return STATUS_NOT_SUPPORTED
;
106 NTSTATUS WINAPI
LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle
,
108 DWORD
*EnumerationContext
,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer
,
110 DWORD PreferedMaximumLength
)
112 PLSA_DB_OBJECT PolicyObject
;
115 TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
116 PolicyHandle
, EnumerationContext
, EnumerationBuffer
,
117 PreferedMaximumLength
);
119 Status
= LsapValidateDbObject(PolicyHandle
,
121 POLICY_VIEW_LOCAL_INFORMATION
,
123 if (!NT_SUCCESS(Status
))
126 if (EnumerationContext
== NULL
)
127 return STATUS_INVALID_PARAMETER
;
129 return LsarpEnumeratePrivileges(EnumerationContext
,
131 PreferedMaximumLength
);
136 NTSTATUS WINAPI
LsarQuerySecurityObject(
137 LSAPR_HANDLE ObjectHandle
,
138 SECURITY_INFORMATION SecurityInformation
,
139 PLSAPR_SR_SECURITY_DESCRIPTOR
*SecurityDescriptor
)
142 return STATUS_NOT_IMPLEMENTED
;
147 NTSTATUS WINAPI
LsarSetSecurityObject(
148 LSAPR_HANDLE ObjectHandle
,
149 SECURITY_INFORMATION SecurityInformation
,
150 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor
)
153 return STATUS_NOT_IMPLEMENTED
;
158 NTSTATUS WINAPI
LsarChangePassword(
160 PRPC_UNICODE_STRING String1
,
161 PRPC_UNICODE_STRING String2
,
162 PRPC_UNICODE_STRING String3
,
163 PRPC_UNICODE_STRING String4
,
164 PRPC_UNICODE_STRING String5
)
167 return STATUS_NOT_IMPLEMENTED
;
172 NTSTATUS WINAPI
LsarOpenPolicy(
174 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
175 ACCESS_MASK DesiredAccess
,
176 LSAPR_HANDLE
*PolicyHandle
)
178 PLSA_DB_OBJECT PolicyObject
;
181 TRACE("LsarOpenPolicy called!\n");
183 RtlEnterCriticalSection(&PolicyHandleTableLock
);
185 Status
= LsapOpenDbObject(NULL
,
191 RtlLeaveCriticalSection(&PolicyHandleTableLock
);
193 if (NT_SUCCESS(Status
))
194 *PolicyHandle
= (LSAPR_HANDLE
)PolicyObject
;
196 TRACE("LsarOpenPolicy done!\n");
203 NTSTATUS WINAPI
LsarQueryInformationPolicy(
204 LSAPR_HANDLE PolicyHandle
,
205 POLICY_INFORMATION_CLASS InformationClass
,
206 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
208 PLSA_DB_OBJECT DbObject
;
209 ACCESS_MASK DesiredAccess
= 0;
212 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
213 PolicyHandle
, InformationClass
, PolicyInformation
);
215 if (PolicyInformation
)
217 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
220 switch (InformationClass
)
222 case PolicyAuditLogInformation
:
223 case PolicyAuditEventsInformation
:
224 case PolicyAuditFullQueryInformation
:
225 DesiredAccess
= POLICY_VIEW_AUDIT_INFORMATION
;
228 case PolicyPrimaryDomainInformation
:
229 case PolicyAccountDomainInformation
:
230 case PolicyLsaServerRoleInformation
:
231 case PolicyReplicaSourceInformation
:
232 case PolicyDefaultQuotaInformation
:
233 case PolicyModificationInformation
:
234 case PolicyDnsDomainInformation
:
235 case PolicyDnsDomainInformationInt
:
236 case PolicyLocalAccountDomainInformation
:
237 DesiredAccess
= POLICY_VIEW_LOCAL_INFORMATION
;
240 case PolicyPdAccountInformation
:
241 DesiredAccess
= POLICY_GET_PRIVATE_INFORMATION
;
245 ERR("Invalid InformationClass!\n");
246 return STATUS_INVALID_PARAMETER
;
249 Status
= LsapValidateDbObject(PolicyHandle
,
253 if (!NT_SUCCESS(Status
))
256 switch (InformationClass
)
258 case PolicyAuditLogInformation
: /* 1 */
259 Status
= LsarQueryAuditLog(PolicyHandle
,
262 case PolicyAuditEventsInformation
: /* 2 */
263 Status
= LsarQueryAuditEvents(PolicyHandle
,
267 case PolicyPrimaryDomainInformation
: /* 3 */
268 Status
= LsarQueryPrimaryDomain(PolicyHandle
,
272 case PolicyPdAccountInformation
: /* 4 */
273 Status
= LsarQueryPdAccount(PolicyHandle
,
276 case PolicyAccountDomainInformation
: /* 5 */
277 Status
= LsarQueryAccountDomain(PolicyHandle
,
281 case PolicyLsaServerRoleInformation
: /* 6 */
282 Status
= LsarQueryServerRole(PolicyHandle
,
286 case PolicyReplicaSourceInformation
: /* 7 */
287 Status
= LsarQueryReplicaSource(PolicyHandle
,
290 case PolicyDefaultQuotaInformation
: /* 8 */
291 Status
= LsarQueryDefaultQuota(PolicyHandle
,
295 case PolicyModificationInformation
: /* 9 */
296 Status
= LsarQueryModification(PolicyHandle
,
300 case PolicyAuditFullQueryInformation
: /* 11 (0xB) */
301 Status
= LsarQueryAuditFull(PolicyHandle
,
305 case PolicyDnsDomainInformation
: /* 12 (0xC) */
306 Status
= LsarQueryDnsDomain(PolicyHandle
,
310 case PolicyDnsDomainInformationInt
: /* 13 (0xD) */
311 Status
= LsarQueryDnsDomainInt(PolicyHandle
,
315 case PolicyLocalAccountDomainInformation
: /* 14 (0xE) */
316 Status
= LsarQueryLocalAccountDomain(PolicyHandle
,
321 ERR("Invalid InformationClass!\n");
322 Status
= STATUS_INVALID_PARAMETER
;
330 NTSTATUS WINAPI
LsarSetInformationPolicy(
331 LSAPR_HANDLE PolicyHandle
,
332 POLICY_INFORMATION_CLASS InformationClass
,
333 PLSAPR_POLICY_INFORMATION PolicyInformation
)
335 PLSA_DB_OBJECT DbObject
;
336 ACCESS_MASK DesiredAccess
= 0;
339 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
340 PolicyHandle
, InformationClass
, PolicyInformation
);
342 if (PolicyInformation
)
344 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
347 switch (InformationClass
)
349 case PolicyAuditLogInformation
:
350 case PolicyAuditFullSetInformation
:
351 DesiredAccess
= POLICY_AUDIT_LOG_ADMIN
;
354 case PolicyAuditEventsInformation
:
355 DesiredAccess
= POLICY_SET_AUDIT_REQUIREMENTS
;
358 case PolicyPrimaryDomainInformation
:
359 case PolicyAccountDomainInformation
:
360 case PolicyDnsDomainInformation
:
361 case PolicyDnsDomainInformationInt
:
362 case PolicyLocalAccountDomainInformation
:
363 DesiredAccess
= POLICY_TRUST_ADMIN
;
366 case PolicyLsaServerRoleInformation
:
367 case PolicyReplicaSourceInformation
:
368 DesiredAccess
= POLICY_SERVER_ADMIN
;
371 case PolicyDefaultQuotaInformation
:
372 DesiredAccess
= POLICY_SET_DEFAULT_QUOTA_LIMITS
;
376 ERR("Invalid InformationClass!\n");
377 return STATUS_INVALID_PARAMETER
;
380 Status
= LsapValidateDbObject(PolicyHandle
,
384 if (!NT_SUCCESS(Status
))
387 switch (InformationClass
)
389 case PolicyAuditEventsInformation
:
390 Status
= STATUS_NOT_IMPLEMENTED
;
393 case PolicyPrimaryDomainInformation
:
394 Status
= LsarSetPrimaryDomain(PolicyHandle
,
395 (PLSAPR_POLICY_PRIMARY_DOM_INFO
)PolicyInformation
);
398 case PolicyAccountDomainInformation
:
399 Status
= LsarSetAccountDomain(PolicyHandle
,
400 (PLSAPR_POLICY_ACCOUNT_DOM_INFO
)PolicyInformation
);
403 case PolicyDnsDomainInformation
:
404 Status
= LsarSetDnsDomain(PolicyHandle
,
405 (PLSAPR_POLICY_DNS_DOMAIN_INFO
)PolicyInformation
);
408 case PolicyLsaServerRoleInformation
:
409 Status
= STATUS_NOT_IMPLEMENTED
;
413 Status
= STATUS_INVALID_PARAMETER
;
422 NTSTATUS WINAPI
LsarClearAuditLog(
423 LSAPR_HANDLE ObjectHandle
)
426 return STATUS_NOT_IMPLEMENTED
;
431 NTSTATUS WINAPI
LsarCreateAccount(
432 LSAPR_HANDLE PolicyHandle
,
434 ACCESS_MASK DesiredAccess
,
435 LSAPR_HANDLE
*AccountHandle
)
437 PLSA_DB_OBJECT PolicyObject
;
438 PLSA_DB_OBJECT AccountsObject
= NULL
;
439 PLSA_DB_OBJECT AccountObject
= NULL
;
440 LPWSTR SidString
= NULL
;
441 NTSTATUS Status
= STATUS_SUCCESS
;
443 /* Validate the AccountSid */
444 if (!RtlValidSid(AccountSid
))
445 return STATUS_INVALID_PARAMETER
;
447 /* Validate the PolicyHandle */
448 Status
= LsapValidateDbObject(PolicyHandle
,
450 POLICY_CREATE_ACCOUNT
,
452 if (!NT_SUCCESS(Status
))
454 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
458 /* Open the Accounts object */
459 Status
= LsapOpenDbObject(PolicyObject
,
461 LsaDbContainerObject
,
464 if (!NT_SUCCESS(Status
))
466 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status
);
470 /* Create SID string */
471 if (!ConvertSidToStringSid((PSID
)AccountSid
,
474 ERR("ConvertSidToStringSid failed\n");
475 Status
= STATUS_INVALID_PARAMETER
;
479 /* Create the Account object */
480 Status
= LsapCreateDbObject(AccountsObject
,
485 if (!NT_SUCCESS(Status
))
487 ERR("LsapCreateDbObject (Account) failed (Status 0x%08lx)\n", Status
);
491 /* Set the Sid attribute */
492 Status
= LsapSetObjectAttribute(AccountObject
,
495 GetLengthSid(AccountSid
));
498 if (SidString
!= NULL
)
499 LocalFree(SidString
);
501 if (!NT_SUCCESS(Status
))
503 if (AccountObject
!= NULL
)
504 LsapCloseDbObject(AccountObject
);
508 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
511 if (AccountsObject
!= NULL
)
512 LsapCloseDbObject(AccountsObject
);
514 return STATUS_SUCCESS
;
519 NTSTATUS WINAPI
LsarEnumerateAccounts(
520 LSAPR_HANDLE PolicyHandle
,
521 DWORD
*EnumerationContext
,
522 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
,
523 DWORD PreferedMaximumLength
)
526 return STATUS_NOT_IMPLEMENTED
;
531 NTSTATUS WINAPI
LsarCreateTrustedDomain(
532 LSAPR_HANDLE PolicyHandle
,
533 PLSAPR_TRUST_INFORMATION TrustedDomainInformation
,
534 ACCESS_MASK DesiredAccess
,
535 LSAPR_HANDLE
*TrustedDomainHandle
)
538 return STATUS_NOT_IMPLEMENTED
;
543 NTSTATUS WINAPI
LsarEnumerateTrustedDomains(
544 LSAPR_HANDLE PolicyHandle
,
545 DWORD
*EnumerationContext
,
546 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer
,
547 DWORD PreferedMaximumLength
)
550 return STATUS_NOT_IMPLEMENTED
;
555 NTSTATUS WINAPI
LsarLookupNames(
556 LSAPR_HANDLE PolicyHandle
,
558 PRPC_UNICODE_STRING Names
,
559 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
560 PLSAPR_TRANSLATED_SIDS TranslatedSids
,
561 LSAP_LOOKUP_LEVEL LookupLevel
,
564 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
565 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
566 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
567 PLSA_TRANSLATED_SID OutputSids
= NULL
;
568 ULONG OutputSidsLength
;
574 TRACE("LsarLookupNames(%p, %lu, %p, %p, %p, %d, %p)\n",
575 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
576 LookupLevel
, MappedCount
);
578 TranslatedSids
->Entries
= Count
;
579 TranslatedSids
->Sids
= NULL
;
580 *ReferencedDomains
= NULL
;
582 OutputSidsLength
= Count
* sizeof(LSA_TRANSLATED_SID
);
583 OutputSids
= MIDL_user_allocate(OutputSidsLength
);
584 if (OutputSids
== NULL
)
586 return STATUS_INSUFFICIENT_RESOURCES
;
589 RtlZeroMemory(OutputSids
, OutputSidsLength
);
591 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
592 if (OutputDomains
== NULL
)
594 MIDL_user_free(OutputSids
);
595 return STATUS_INSUFFICIENT_RESOURCES
;
598 OutputDomains
->Entries
= Count
;
599 OutputDomains
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
600 if (OutputDomains
->Domains
== NULL
)
602 MIDL_user_free(OutputDomains
);
603 MIDL_user_free(OutputSids
);
604 return STATUS_INSUFFICIENT_RESOURCES
;
607 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
609 SECURITY_BUILTIN_DOMAIN_RID
,
610 DOMAIN_ALIAS_RID_ADMINS
,
613 if (!NT_SUCCESS(Status
))
615 MIDL_user_free(OutputDomains
->Domains
);
616 MIDL_user_free(OutputDomains
);
617 MIDL_user_free(OutputSids
);
621 SidLength
= RtlLengthSid(Sid
);
623 for (i
= 0; i
< Count
; i
++)
625 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
626 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
628 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
629 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
630 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
631 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
634 for (i
= 0; i
< Count
; i
++)
636 OutputSids
[i
].Use
= SidTypeWellKnownGroup
;
637 OutputSids
[i
].RelativeId
= DOMAIN_USER_RID_ADMIN
; //DOMAIN_ALIAS_RID_ADMINS;
638 OutputSids
[i
].DomainIndex
= i
;
641 *ReferencedDomains
= OutputDomains
;
643 *MappedCount
= Count
;
645 TranslatedSids
->Entries
= Count
;
646 TranslatedSids
->Sids
= OutputSids
;
648 return STATUS_SUCCESS
;
653 NTSTATUS WINAPI
LsarLookupSids(
654 LSAPR_HANDLE PolicyHandle
,
655 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
656 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
657 PLSAPR_TRANSLATED_NAMES TranslatedNames
,
658 LSAP_LOOKUP_LEVEL LookupLevel
,
661 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
662 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
663 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
664 PLSAPR_TRANSLATED_NAME OutputNames
= NULL
;
665 ULONG OutputNamesLength
;
671 TRACE("LsarLookupSids(%p, %p, %p, %p, %d, %p)\n",
672 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
673 LookupLevel
, MappedCount
);
675 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
676 TranslatedNames
->Names
= NULL
;
677 *ReferencedDomains
= NULL
;
679 OutputNamesLength
= SidEnumBuffer
->Entries
* sizeof(LSA_TRANSLATED_NAME
);
680 OutputNames
= MIDL_user_allocate(OutputNamesLength
);
681 if (OutputNames
== NULL
)
683 return STATUS_INSUFFICIENT_RESOURCES
;
686 RtlZeroMemory(OutputNames
, OutputNamesLength
);
688 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
689 if (OutputDomains
== NULL
)
691 MIDL_user_free(OutputNames
);
692 return STATUS_INSUFFICIENT_RESOURCES
;
695 OutputDomains
->Entries
= SidEnumBuffer
->Entries
;
696 OutputDomains
->Domains
= MIDL_user_allocate(SidEnumBuffer
->Entries
* sizeof(LSA_TRUST_INFORMATION
));
697 if (OutputDomains
->Domains
== NULL
)
699 MIDL_user_free(OutputDomains
);
700 MIDL_user_free(OutputNames
);
701 return STATUS_INSUFFICIENT_RESOURCES
;
704 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
706 SECURITY_BUILTIN_DOMAIN_RID
,
707 DOMAIN_ALIAS_RID_ADMINS
,
710 if (!NT_SUCCESS(Status
))
712 MIDL_user_free(OutputDomains
->Domains
);
713 MIDL_user_free(OutputDomains
);
714 MIDL_user_free(OutputNames
);
718 SidLength
= RtlLengthSid(Sid
);
720 for (i
= 0; i
< SidEnumBuffer
->Entries
; i
++)
722 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
723 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
725 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
726 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
727 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
728 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
731 Status
= LsapLookupSids(SidEnumBuffer
,
734 *ReferencedDomains
= OutputDomains
;
736 *MappedCount
= SidEnumBuffer
->Entries
;
738 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
739 TranslatedNames
->Names
= OutputNames
;
746 NTSTATUS WINAPI
LsarCreateSecret(
747 LSAPR_HANDLE PolicyHandle
,
748 PRPC_UNICODE_STRING SecretName
,
749 ACCESS_MASK DesiredAccess
,
750 LSAPR_HANDLE
*SecretHandle
)
752 PLSA_DB_OBJECT PolicyObject
;
753 PLSA_DB_OBJECT SecretsObject
= NULL
;
754 PLSA_DB_OBJECT SecretObject
= NULL
;
756 NTSTATUS Status
= STATUS_SUCCESS
;
758 /* Validate the PolicyHandle */
759 Status
= LsapValidateDbObject(PolicyHandle
,
761 POLICY_CREATE_SECRET
,
763 if (!NT_SUCCESS(Status
))
765 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
769 /* Open the Secrets object */
770 Status
= LsapOpenDbObject(PolicyObject
,
772 LsaDbContainerObject
,
775 if (!NT_SUCCESS(Status
))
777 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status
);
781 /* Get the current time */
782 Status
= NtQuerySystemTime(&Time
);
783 if (!NT_SUCCESS(Status
))
785 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
789 /* Create the Secret object */
790 Status
= LsapCreateDbObject(SecretsObject
,
795 if (!NT_SUCCESS(Status
))
797 ERR("LsapCreateDbObject (Secret) failed (Status 0x%08lx)\n", Status
);
801 /* Set the CurrentTime attribute */
802 Status
= LsapSetObjectAttribute(SecretObject
,
805 sizeof(LARGE_INTEGER
));
806 if (!NT_SUCCESS(Status
))
808 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status
);
812 /* Set the OldTime attribute */
813 Status
= LsapSetObjectAttribute(SecretObject
,
816 sizeof(LARGE_INTEGER
));
819 if (!NT_SUCCESS(Status
))
821 if (SecretObject
!= NULL
)
822 LsapCloseDbObject(SecretObject
);
826 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
829 if (SecretsObject
!= NULL
)
830 LsapCloseDbObject(SecretsObject
);
832 return STATUS_SUCCESS
;
837 NTSTATUS WINAPI
LsarOpenAccount(
838 LSAPR_HANDLE PolicyHandle
,
840 ACCESS_MASK DesiredAccess
,
841 LSAPR_HANDLE
*AccountHandle
)
843 PLSA_DB_OBJECT PolicyObject
;
844 PLSA_DB_OBJECT AccountsObject
= NULL
;
845 PLSA_DB_OBJECT AccountObject
= NULL
;
846 LPWSTR SidString
= NULL
;
847 NTSTATUS Status
= STATUS_SUCCESS
;
849 /* Validate the AccountSid */
850 if (!RtlValidSid(AccountSid
))
851 return STATUS_INVALID_PARAMETER
;
853 /* Validate the PolicyHandle */
854 Status
= LsapValidateDbObject(PolicyHandle
,
858 if (!NT_SUCCESS(Status
))
860 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
864 /* Open the Accounts object */
865 Status
= LsapOpenDbObject(PolicyObject
,
867 LsaDbContainerObject
,
870 if (!NT_SUCCESS(Status
))
872 ERR("LsapOpenDbObject (Accounts) failed (Status 0x%08lx)\n", Status
);
876 /* Create SID string */
877 if (!ConvertSidToStringSid((PSID
)AccountSid
,
880 ERR("ConvertSidToStringSid failed\n");
881 Status
= STATUS_INVALID_PARAMETER
;
885 /* Create the Account object */
886 Status
= LsapOpenDbObject(AccountsObject
,
891 if (!NT_SUCCESS(Status
))
893 ERR("LsapOpenDbObject (Account) failed (Status 0x%08lx)\n", Status
);
897 /* Set the Sid attribute */
898 Status
= LsapSetObjectAttribute(AccountObject
,
901 GetLengthSid(AccountSid
));
904 if (SidString
!= NULL
)
905 LocalFree(SidString
);
907 if (!NT_SUCCESS(Status
))
909 if (AccountObject
!= NULL
)
910 LsapCloseDbObject(AccountObject
);
914 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
917 if (AccountsObject
!= NULL
)
918 LsapCloseDbObject(AccountsObject
);
925 NTSTATUS WINAPI
LsarEnumeratePrivilegesAccount(
926 LSAPR_HANDLE AccountHandle
,
927 PLSAPR_PRIVILEGE_SET
*Privileges
)
929 PLSA_DB_OBJECT AccountObject
;
930 ULONG PrivilegeSetSize
= 0;
931 PLSAPR_PRIVILEGE_SET PrivilegeSet
= NULL
;
936 /* Validate the AccountHandle */
937 Status
= LsapValidateDbObject(AccountHandle
,
941 if (!NT_SUCCESS(Status
))
943 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
947 /* Get the size of the privilege set */
948 Status
= LsapGetObjectAttribute(AccountObject
,
952 if (!NT_SUCCESS(Status
))
955 /* Allocate a buffer for the privilege set */
956 PrivilegeSet
= MIDL_user_allocate(PrivilegeSetSize
);
957 if (PrivilegeSet
== NULL
)
958 return STATUS_NO_MEMORY
;
960 /* Get the privilege set */
961 Status
= LsapGetObjectAttribute(AccountObject
,
965 if (!NT_SUCCESS(Status
))
967 MIDL_user_free(PrivilegeSet
);
971 /* Return a pointer to the privilege set */
972 *Privileges
= PrivilegeSet
;
974 return STATUS_SUCCESS
;
979 NTSTATUS WINAPI
LsarAddPrivilegesToAccount(
980 LSAPR_HANDLE AccountHandle
,
981 PLSAPR_PRIVILEGE_SET Privileges
)
983 PLSA_DB_OBJECT AccountObject
;
984 PPRIVILEGE_SET CurrentPrivileges
= NULL
;
985 PPRIVILEGE_SET NewPrivileges
= NULL
;
986 ULONG PrivilegeSetSize
= 0;
987 ULONG PrivilegeCount
;
992 /* Validate the AccountHandle */
993 Status
= LsapValidateDbObject(AccountHandle
,
995 ACCOUNT_ADJUST_PRIVILEGES
,
997 if (!NT_SUCCESS(Status
))
999 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1003 Status
= LsapGetObjectAttribute(AccountObject
,
1007 if (!NT_SUCCESS(Status
) || PrivilegeSetSize
== 0)
1009 /* The Privilgs attribute does not exist */
1011 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1012 (Privileges
->PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1013 Status
= LsapSetObjectAttribute(AccountObject
,
1020 /* The Privilgs attribute exists */
1022 /* Allocate memory for the stored privilege set */
1023 CurrentPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1024 if (CurrentPrivileges
== NULL
)
1025 return STATUS_NO_MEMORY
;
1027 /* Get the current privilege set */
1028 Status
= LsapGetObjectAttribute(AccountObject
,
1032 if (!NT_SUCCESS(Status
))
1034 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status
);
1038 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1039 TRACE("Current privilege count: %lu\n", PrivilegeCount
);
1041 /* Calculate the number privileges in the combined privilege set */
1042 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1045 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1047 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1048 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1055 if (bFound
== FALSE
)
1057 TRACE("Found new privilege\n");
1061 TRACE("New privilege count: %lu\n", PrivilegeCount
);
1063 /* Calculate the size of the new privilege set and allocate it */
1064 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1065 (PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1066 NewPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1067 if (NewPrivileges
== NULL
)
1069 Status
= STATUS_NO_MEMORY
;
1073 /* Initialize the new privilege set */
1074 NewPrivileges
->PrivilegeCount
= PrivilegeCount
;
1075 NewPrivileges
->Control
= 0;
1077 /* Copy all privileges from the current privilege set */
1078 RtlCopyLuidAndAttributesArray(CurrentPrivileges
->PrivilegeCount
,
1079 &(CurrentPrivileges
->Privilege
[0]),
1080 &(NewPrivileges
->Privilege
[0]));
1082 /* Add new privileges to the new privilege set */
1083 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1084 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1087 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1089 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1090 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1092 /* Overwrite attributes if a matching privilege was found */
1093 NewPrivileges
->Privilege
[j
].Attributes
= Privileges
->Privilege
[i
].Attributes
;
1100 if (bFound
== FALSE
)
1102 /* Copy the new privilege */
1103 RtlCopyLuidAndAttributesArray(1,
1104 (PLUID_AND_ATTRIBUTES
)&(Privileges
->Privilege
[i
]),
1105 &(NewPrivileges
->Privilege
[PrivilegeCount
]));
1110 /* Set the new priivliege set */
1111 Status
= LsapSetObjectAttribute(AccountObject
,
1118 if (CurrentPrivileges
!= NULL
)
1119 MIDL_user_free(CurrentPrivileges
);
1121 if (NewPrivileges
!= NULL
)
1122 MIDL_user_free(NewPrivileges
);
1129 NTSTATUS WINAPI
LsarRemovePrivilegesFromAccount(
1130 LSAPR_HANDLE AccountHandle
,
1132 PLSAPR_PRIVILEGE_SET Privileges
)
1135 return STATUS_NOT_IMPLEMENTED
;
1140 NTSTATUS WINAPI
LsarGetQuotasForAccount(
1141 LSAPR_HANDLE AccountHandle
,
1142 PQUOTA_LIMITS QuotaLimits
)
1145 return STATUS_NOT_IMPLEMENTED
;
1150 NTSTATUS WINAPI
LsarSetQuotasForAccount(
1151 LSAPR_HANDLE AccountHandle
,
1152 PQUOTA_LIMITS QuotaLimits
)
1155 return STATUS_NOT_IMPLEMENTED
;
1160 NTSTATUS WINAPI
LsarGetSystemAccessAccount(
1161 LSAPR_HANDLE AccountHandle
,
1162 ACCESS_MASK
*SystemAccess
)
1164 PLSA_DB_OBJECT AccountObject
;
1168 /* Validate the account handle */
1169 Status
= LsapValidateDbObject(AccountHandle
,
1173 if (!NT_SUCCESS(Status
))
1175 ERR("Invalid handle (Status %lx)\n", Status
);
1179 /* Get the system access flags */
1180 Status
= LsapGetObjectAttribute(AccountObject
,
1190 NTSTATUS WINAPI
LsarSetSystemAccessAccount(
1191 LSAPR_HANDLE AccountHandle
,
1192 ACCESS_MASK SystemAccess
)
1194 PLSA_DB_OBJECT AccountObject
;
1197 /* Validate the account handle */
1198 Status
= LsapValidateDbObject(AccountHandle
,
1200 ACCOUNT_ADJUST_SYSTEM_ACCESS
,
1202 if (!NT_SUCCESS(Status
))
1204 ERR("Invalid handle (Status %lx)\n", Status
);
1208 /* Set the system access flags */
1209 Status
= LsapSetObjectAttribute(AccountObject
,
1212 sizeof(ACCESS_MASK
));
1219 NTSTATUS WINAPI
LsarOpenTrustedDomain(
1220 LSAPR_HANDLE PolicyHandle
,
1221 PRPC_SID TrustedDomainSid
,
1222 ACCESS_MASK DesiredAccess
,
1223 LSAPR_HANDLE
*TrustedDomainHandle
)
1226 return STATUS_NOT_IMPLEMENTED
;
1231 NTSTATUS WINAPI
LsarQueryInfoTrustedDomain(
1232 LSAPR_HANDLE TrustedDomainHandle
,
1233 TRUSTED_INFORMATION_CLASS InformationClass
,
1234 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1237 return STATUS_NOT_IMPLEMENTED
;
1242 NTSTATUS WINAPI
LsarSetInformationTrustedDomain(
1243 LSAPR_HANDLE TrustedDomainHandle
,
1244 TRUSTED_INFORMATION_CLASS InformationClass
,
1245 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1248 return STATUS_NOT_IMPLEMENTED
;
1253 NTSTATUS WINAPI
LsarOpenSecret(
1254 LSAPR_HANDLE PolicyHandle
,
1255 PRPC_UNICODE_STRING SecretName
,
1256 ACCESS_MASK DesiredAccess
,
1257 LSAPR_HANDLE
*SecretHandle
)
1259 PLSA_DB_OBJECT PolicyObject
;
1260 PLSA_DB_OBJECT SecretsObject
= NULL
;
1261 PLSA_DB_OBJECT SecretObject
= NULL
;
1262 NTSTATUS Status
= STATUS_SUCCESS
;
1264 /* Validate the PolicyHandle */
1265 Status
= LsapValidateDbObject(PolicyHandle
,
1267 POLICY_CREATE_SECRET
,
1269 if (!NT_SUCCESS(Status
))
1271 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1275 /* Open the Secrets object */
1276 Status
= LsapOpenDbObject(PolicyObject
,
1278 LsaDbContainerObject
,
1281 if (!NT_SUCCESS(Status
))
1283 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status
);
1287 /* Create the secret object */
1288 Status
= LsapOpenDbObject(SecretsObject
,
1293 if (!NT_SUCCESS(Status
))
1295 ERR("LsapOpenDbObject (Secret) failed (Status 0x%08lx)\n", Status
);
1300 if (!NT_SUCCESS(Status
))
1302 if (SecretObject
!= NULL
)
1303 LsapCloseDbObject(SecretObject
);
1307 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
1310 if (SecretsObject
!= NULL
)
1311 LsapCloseDbObject(SecretsObject
);
1313 return STATUS_SUCCESS
;
1318 NTSTATUS WINAPI
LsarSetSecret(
1319 LSAPR_HANDLE SecretHandle
,
1320 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue
,
1321 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue
)
1323 PLSA_DB_OBJECT SecretObject
;
1324 PBYTE CurrentValue
= NULL
;
1325 PBYTE OldValue
= NULL
;
1326 ULONG CurrentValueLength
= 0;
1327 ULONG OldValueLength
= 0;
1331 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle
,
1332 EncryptedCurrentValue
, EncryptedOldValue
);
1334 /* Validate the SecretHandle */
1335 Status
= LsapValidateDbObject(SecretHandle
,
1339 if (!NT_SUCCESS(Status
))
1341 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1345 if (EncryptedCurrentValue
!= NULL
)
1347 /* FIXME: Decrypt the current value */
1348 CurrentValue
= EncryptedCurrentValue
->Buffer
;
1349 CurrentValueLength
= EncryptedCurrentValue
->MaximumLength
;
1352 /* Set the current value */
1353 Status
= LsapSetObjectAttribute(SecretObject
,
1356 CurrentValueLength
);
1357 if (!NT_SUCCESS(Status
))
1359 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1363 /* Get the current time */
1364 Status
= NtQuerySystemTime(&Time
);
1365 if (!NT_SUCCESS(Status
))
1367 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
1371 /* Set the current time */
1372 Status
= LsapSetObjectAttribute(SecretObject
,
1375 sizeof(LARGE_INTEGER
));
1376 if (!NT_SUCCESS(Status
))
1378 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1382 if (EncryptedOldValue
!= NULL
)
1384 /* FIXME: Decrypt the old value */
1385 OldValue
= EncryptedOldValue
->Buffer
;
1386 OldValueLength
= EncryptedOldValue
->MaximumLength
;
1389 /* Set the old value */
1390 Status
= LsapSetObjectAttribute(SecretObject
,
1394 if (!NT_SUCCESS(Status
))
1396 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1400 /* Set the old time */
1401 Status
= LsapSetObjectAttribute(SecretObject
,
1404 sizeof(LARGE_INTEGER
));
1405 if (!NT_SUCCESS(Status
))
1407 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1416 NTSTATUS WINAPI
LsarQuerySecret(
1417 LSAPR_HANDLE SecretHandle
,
1418 PLSAPR_CR_CIPHER_VALUE
*EncryptedCurrentValue
,
1419 PLARGE_INTEGER CurrentValueSetTime
,
1420 PLSAPR_CR_CIPHER_VALUE
*EncryptedOldValue
,
1421 PLARGE_INTEGER OldValueSetTime
)
1423 PLSA_DB_OBJECT SecretObject
;
1424 PLSAPR_CR_CIPHER_VALUE EncCurrentValue
= NULL
;
1425 PLSAPR_CR_CIPHER_VALUE EncOldValue
= NULL
;
1426 PBYTE CurrentValue
= NULL
;
1427 PBYTE OldValue
= NULL
;
1428 ULONG CurrentValueLength
= 0;
1429 ULONG OldValueLength
= 0;
1433 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle
,
1434 EncryptedCurrentValue
, CurrentValueSetTime
,
1435 EncryptedOldValue
, OldValueSetTime
);
1437 /* Validate the SecretHandle */
1438 Status
= LsapValidateDbObject(SecretHandle
,
1442 if (!NT_SUCCESS(Status
))
1444 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1448 if (EncryptedCurrentValue
!= NULL
)
1450 CurrentValueLength
= 0;
1452 /* Get the size of the current value */
1453 Status
= LsapGetObjectAttribute(SecretObject
,
1456 &CurrentValueLength
);
1457 if (!NT_SUCCESS(Status
))
1460 /* Allocate a buffer for the current value */
1461 CurrentValue
= midl_user_allocate(CurrentValueLength
);
1462 if (CurrentValue
== NULL
)
1464 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1468 /* Get the current value */
1469 Status
= LsapGetObjectAttribute(SecretObject
,
1472 &CurrentValueLength
);
1473 if (!NT_SUCCESS(Status
))
1476 /* Allocate a buffer for the encrypted current value */
1477 EncCurrentValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
));
1478 if (EncCurrentValue
== NULL
)
1480 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1484 /* FIXME: Encrypt the current value */
1485 EncCurrentValue
->Length
= (USHORT
)(CurrentValueLength
- sizeof(WCHAR
));
1486 EncCurrentValue
->MaximumLength
= (USHORT
)CurrentValueLength
;
1487 EncCurrentValue
->Buffer
= (PBYTE
)CurrentValue
;
1490 if (CurrentValueSetTime
!= NULL
)
1492 BufferSize
= sizeof(LARGE_INTEGER
);
1494 /* Get the current value time */
1495 Status
= LsapGetObjectAttribute(SecretObject
,
1497 (PBYTE
)CurrentValueSetTime
,
1499 if (!NT_SUCCESS(Status
))
1503 if (EncryptedOldValue
!= NULL
)
1507 /* Get the size of the old value */
1508 Status
= LsapGetObjectAttribute(SecretObject
,
1512 if (!NT_SUCCESS(Status
))
1515 /* Allocate a buffer for the old value */
1516 OldValue
= midl_user_allocate(OldValueLength
);
1517 if (OldValue
== NULL
)
1519 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1523 /* Get the old value */
1524 Status
= LsapGetObjectAttribute(SecretObject
,
1528 if (!NT_SUCCESS(Status
))
1531 /* Allocate a buffer for the encrypted old value */
1532 EncOldValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
) + OldValueLength
);
1533 if (EncOldValue
== NULL
)
1535 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1539 /* FIXME: Encrypt the old value */
1540 EncOldValue
->Length
= (USHORT
)(OldValueLength
- sizeof(WCHAR
));
1541 EncOldValue
->MaximumLength
= (USHORT
)OldValueLength
;
1542 EncOldValue
->Buffer
= (PBYTE
)OldValue
;
1545 if (OldValueSetTime
!= NULL
)
1547 BufferSize
= sizeof(LARGE_INTEGER
);
1549 /* Get the old value time */
1550 Status
= LsapGetObjectAttribute(SecretObject
,
1552 (PBYTE
)OldValueSetTime
,
1554 if (!NT_SUCCESS(Status
))
1560 if (NT_SUCCESS(Status
))
1562 if (EncryptedCurrentValue
!= NULL
)
1563 *EncryptedCurrentValue
= EncCurrentValue
;
1565 if (EncryptedOldValue
!= NULL
)
1566 *EncryptedOldValue
= EncOldValue
;
1570 if (EncryptedCurrentValue
!= NULL
)
1571 *EncryptedCurrentValue
= NULL
;
1573 if (EncryptedOldValue
!= NULL
)
1574 *EncryptedOldValue
= NULL
;
1576 if (EncCurrentValue
!= NULL
)
1577 midl_user_free(EncCurrentValue
);
1579 if (EncOldValue
!= NULL
)
1580 midl_user_free(EncOldValue
);
1582 if (CurrentValue
!= NULL
)
1583 midl_user_free(CurrentValue
);
1585 if (OldValue
!= NULL
)
1586 midl_user_free(OldValue
);
1589 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status
);
1596 NTSTATUS WINAPI
LsarLookupPrivilegeValue(
1597 LSAPR_HANDLE PolicyHandle
,
1598 PRPC_UNICODE_STRING Name
,
1603 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1604 PolicyHandle
, Name
, Value
);
1606 Status
= LsapValidateDbObject(PolicyHandle
,
1608 POLICY_LOOKUP_NAMES
,
1610 if (!NT_SUCCESS(Status
))
1612 ERR("Invalid handle (Status %lx)\n", Status
);
1616 TRACE("Privilege: %wZ\n", Name
);
1618 Status
= LsarpLookupPrivilegeValue((PUNICODE_STRING
)Name
,
1626 NTSTATUS WINAPI
LsarLookupPrivilegeName(
1627 LSAPR_HANDLE PolicyHandle
,
1629 PRPC_UNICODE_STRING
*Name
)
1633 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1634 PolicyHandle
, Value
, Name
);
1636 Status
= LsapValidateDbObject(PolicyHandle
,
1638 POLICY_LOOKUP_NAMES
,
1640 if (!NT_SUCCESS(Status
))
1642 ERR("Invalid handle\n");
1646 Status
= LsarpLookupPrivilegeName(Value
, (PUNICODE_STRING
*)Name
);
1653 NTSTATUS WINAPI
LsarLookupPrivilegeDisplayName(
1654 LSAPR_HANDLE PolicyHandle
,
1655 PRPC_UNICODE_STRING Name
,
1656 USHORT ClientLanguage
,
1657 USHORT ClientSystemDefaultLanguage
,
1658 PRPC_UNICODE_STRING
*DisplayName
,
1659 USHORT
*LanguageReturned
)
1662 return STATUS_NOT_IMPLEMENTED
;
1667 NTSTATUS WINAPI
LsarDeleteObject(
1668 LSAPR_HANDLE
*ObjectHandle
)
1671 return STATUS_NOT_IMPLEMENTED
;
1676 NTSTATUS WINAPI
LsarEnumerateAccountsWithUserRight(
1677 LSAPR_HANDLE PolicyHandle
,
1678 PRPC_UNICODE_STRING UserRight
,
1679 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
)
1682 return STATUS_NOT_IMPLEMENTED
;
1687 NTSTATUS WINAPI
LsarEnumerateAccountRights(
1688 LSAPR_HANDLE PolicyHandle
,
1689 PRPC_SID AccountSid
,
1690 PLSAPR_USER_RIGHT_SET UserRights
)
1692 PLSA_DB_OBJECT PolicyObject
;
1695 TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
1696 PolicyHandle
, AccountSid
, UserRights
);
1698 Status
= LsapValidateDbObject(PolicyHandle
,
1702 if (!NT_SUCCESS(Status
))
1705 UserRights
->Entries
= 0;
1706 UserRights
->UserRights
= NULL
;
1707 return STATUS_OBJECT_NAME_NOT_FOUND
;
1712 NTSTATUS WINAPI
LsarAddAccountRights(
1713 LSAPR_HANDLE PolicyHandle
,
1714 PRPC_SID AccountSid
,
1715 PLSAPR_USER_RIGHT_SET UserRights
)
1718 return STATUS_NOT_IMPLEMENTED
;
1723 NTSTATUS WINAPI
LsarRemoveAccountRights(
1724 LSAPR_HANDLE PolicyHandle
,
1725 PRPC_SID AccountSid
,
1727 PLSAPR_USER_RIGHT_SET UserRights
)
1730 return STATUS_NOT_IMPLEMENTED
;
1735 NTSTATUS WINAPI
LsarQueryTrustedDomainInfo(
1736 LSAPR_HANDLE PolicyHandle
,
1737 PRPC_SID TrustedDomainSid
,
1738 TRUSTED_INFORMATION_CLASS InformationClass
,
1739 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1742 return STATUS_NOT_IMPLEMENTED
;
1747 NTSTATUS WINAPI
LsarSetTrustedDomainInfo(
1748 LSAPR_HANDLE PolicyHandle
,
1749 PRPC_SID TrustedDomainSid
,
1750 TRUSTED_INFORMATION_CLASS InformationClass
,
1751 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1754 return STATUS_NOT_IMPLEMENTED
;
1759 NTSTATUS WINAPI
LsarDeleteTrustedDomain(
1760 LSAPR_HANDLE PolicyHandle
,
1761 PRPC_SID TrustedDomainSid
)
1764 return STATUS_NOT_IMPLEMENTED
;
1769 NTSTATUS WINAPI
LsarStorePrivateData(
1770 LSAPR_HANDLE PolicyHandle
,
1771 PRPC_UNICODE_STRING KeyName
,
1772 PLSAPR_CR_CIPHER_VALUE EncryptedData
)
1775 return STATUS_NOT_IMPLEMENTED
;
1780 NTSTATUS WINAPI
LsarRetrievePrivateData(
1781 LSAPR_HANDLE PolicyHandle
,
1782 PRPC_UNICODE_STRING KeyName
,
1783 PLSAPR_CR_CIPHER_VALUE
*EncryptedData
)
1786 return STATUS_NOT_IMPLEMENTED
;
1791 NTSTATUS WINAPI
LsarOpenPolicy2(
1793 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
1794 ACCESS_MASK DesiredAccess
,
1795 LSAPR_HANDLE
*PolicyHandle
)
1798 return STATUS_NOT_IMPLEMENTED
;
1803 NTSTATUS WINAPI
LsarGetUserName(
1805 PRPC_UNICODE_STRING
*UserName
,
1806 PRPC_UNICODE_STRING
*DomainName
)
1809 return STATUS_NOT_IMPLEMENTED
;
1814 NTSTATUS WINAPI
LsarQueryInformationPolicy2(
1815 LSAPR_HANDLE PolicyHandle
,
1816 POLICY_INFORMATION_CLASS InformationClass
,
1817 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
1819 return LsarQueryInformationPolicy(PolicyHandle
,
1826 NTSTATUS WINAPI
LsarSetInformationPolicy2(
1827 LSAPR_HANDLE PolicyHandle
,
1828 POLICY_INFORMATION_CLASS InformationClass
,
1829 PLSAPR_POLICY_INFORMATION PolicyInformation
)
1831 return LsarSetInformationPolicy(PolicyHandle
,
1838 NTSTATUS WINAPI
LsarQueryTrustedDomainInfoByName(
1839 LSAPR_HANDLE PolicyHandle
,
1840 PRPC_UNICODE_STRING TrustedDomainName
,
1841 POLICY_INFORMATION_CLASS InformationClass
,
1842 PLSAPR_TRUSTED_DOMAIN_INFO
*PolicyInformation
)
1845 return STATUS_NOT_IMPLEMENTED
;
1850 NTSTATUS WINAPI
LsarSetTrustedDomainInfoByName(
1851 LSAPR_HANDLE PolicyHandle
,
1852 PRPC_UNICODE_STRING TrustedDomainName
,
1853 POLICY_INFORMATION_CLASS InformationClass
,
1854 PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation
)
1857 return STATUS_NOT_IMPLEMENTED
;
1862 NTSTATUS WINAPI
LsarEnumerateTrustedDomainsEx(
1863 LSAPR_HANDLE PolicyHandle
,
1864 DWORD
*EnumerationContext
,
1865 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer
,
1866 DWORD PreferedMaximumLength
)
1869 return STATUS_NOT_IMPLEMENTED
;
1874 NTSTATUS WINAPI
LsarCreateTrustedDomainEx(
1875 LSAPR_HANDLE PolicyHandle
,
1876 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1877 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation
,
1878 ACCESS_MASK DesiredAccess
,
1879 LSAPR_HANDLE
*TrustedDomainHandle
)
1882 return STATUS_NOT_IMPLEMENTED
;
1887 NTSTATUS WINAPI
LsarSetPolicyReplicationHandle(
1888 PLSAPR_HANDLE PolicyHandle
)
1891 return STATUS_NOT_IMPLEMENTED
;
1896 NTSTATUS WINAPI
LsarQueryDomainInformationPolicy(
1897 LSAPR_HANDLE PolicyHandle
,
1898 POLICY_INFORMATION_CLASS InformationClass
,
1899 PLSAPR_POLICY_DOMAIN_INFORMATION
*PolicyInformation
)
1902 return STATUS_NOT_IMPLEMENTED
;
1907 NTSTATUS WINAPI
LsarSetDomainInformationPolicy(
1908 LSAPR_HANDLE PolicyHandle
,
1909 POLICY_INFORMATION_CLASS InformationClass
,
1910 PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation
)
1913 return STATUS_NOT_IMPLEMENTED
;
1918 NTSTATUS WINAPI
LsarOpenTrustedDomainByName(
1919 LSAPR_HANDLE PolicyHandle
,
1920 PRPC_UNICODE_STRING TrustedDomainName
,
1921 ACCESS_MASK DesiredAccess
,
1922 LSAPR_HANDLE
*TrustedDomainHandle
)
1925 return STATUS_NOT_IMPLEMENTED
;
1930 NTSTATUS WINAPI
LsarTestCall(
1934 return STATUS_NOT_IMPLEMENTED
;
1939 NTSTATUS WINAPI
LsarLookupSids2(
1940 LSAPR_HANDLE PolicyHandle
,
1941 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
1942 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1943 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
1944 LSAP_LOOKUP_LEVEL LookupLevel
,
1946 DWORD LookupOptions
,
1947 DWORD ClientRevision
)
1950 return STATUS_NOT_IMPLEMENTED
;
1955 NTSTATUS WINAPI
LsarLookupNames2(
1956 LSAPR_HANDLE PolicyHandle
,
1958 PRPC_UNICODE_STRING Names
,
1959 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1960 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids
,
1961 LSAP_LOOKUP_LEVEL LookupLevel
,
1963 DWORD LookupOptions
,
1964 DWORD ClientRevision
)
1967 return STATUS_NOT_IMPLEMENTED
;
1972 NTSTATUS WINAPI
LsarCreateTrustedDomainEx2(
1973 LSAPR_HANDLE PolicyHandle
,
1974 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1975 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation
,
1976 ACCESS_MASK DesiredAccess
,
1977 LSAPR_HANDLE
*TrustedDomainHandle
)
1980 return STATUS_NOT_IMPLEMENTED
;
1985 NTSTATUS WINAPI
CredrWrite(
1989 return STATUS_NOT_IMPLEMENTED
;
1994 NTSTATUS WINAPI
CredrRead(
1998 return STATUS_NOT_IMPLEMENTED
;
2003 NTSTATUS WINAPI
CredrEnumerate(
2007 return STATUS_NOT_IMPLEMENTED
;
2012 NTSTATUS WINAPI
CredrWriteDomainCredentials(
2016 return STATUS_NOT_IMPLEMENTED
;
2021 NTSTATUS WINAPI
CredrReadDomainCredentials(
2025 return STATUS_NOT_IMPLEMENTED
;
2030 NTSTATUS WINAPI
CredrDelete(
2034 return STATUS_NOT_IMPLEMENTED
;
2039 NTSTATUS WINAPI
CredrGetTargetInfo(
2043 return STATUS_NOT_IMPLEMENTED
;
2048 NTSTATUS WINAPI
CredrProfileLoaded(
2052 return STATUS_NOT_IMPLEMENTED
;
2057 NTSTATUS WINAPI
LsarLookupNames3(
2058 LSAPR_HANDLE PolicyHandle
,
2060 PRPC_UNICODE_STRING Names
,
2061 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2062 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2063 LSAP_LOOKUP_LEVEL LookupLevel
,
2065 DWORD LookupOptions
,
2066 DWORD ClientRevision
)
2068 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
2069 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
2070 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
= NULL
;
2071 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
= NULL
;
2072 ULONG SidsBufferLength
;
2073 ULONG DomainSidLength
;
2074 ULONG AccountSidLength
;
2080 TRACE("LsarLookupNames3(%p, %lu, %p, %p, %p, %d, %p, %lu, %lu)\n",
2081 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2082 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2085 return STATUS_NONE_MAPPED
;
2087 TranslatedSids
->Entries
= Count
;
2088 TranslatedSids
->Sids
= NULL
;
2089 *ReferencedDomains
= NULL
;
2091 SidsBufferLength
= Count
* sizeof(LSAPR_TRANSLATED_SID_EX2
);
2092 SidsBuffer
= MIDL_user_allocate(SidsBufferLength
);
2093 if (SidsBuffer
== NULL
)
2094 return STATUS_INSUFFICIENT_RESOURCES
;
2096 for (i
= 0; i
< Count
; i
++)
2098 SidsBuffer
[i
].Use
= SidTypeUser
;
2099 SidsBuffer
[i
].Sid
= NULL
;
2100 SidsBuffer
[i
].DomainIndex
= -1;
2101 SidsBuffer
[i
].Flags
= 0;
2104 DomainsBuffer
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
2105 if (DomainsBuffer
== NULL
)
2107 MIDL_user_free(SidsBuffer
);
2108 return STATUS_INSUFFICIENT_RESOURCES
;
2111 DomainsBuffer
->Entries
= Count
;
2112 DomainsBuffer
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
2113 if (DomainsBuffer
->Domains
== NULL
)
2115 MIDL_user_free(DomainsBuffer
);
2116 MIDL_user_free(SidsBuffer
);
2117 return STATUS_INSUFFICIENT_RESOURCES
;
2120 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2122 SECURITY_BUILTIN_DOMAIN_RID
,
2123 DOMAIN_ALIAS_RID_ADMINS
,
2126 if (!NT_SUCCESS(Status
))
2128 MIDL_user_free(DomainsBuffer
->Domains
);
2129 MIDL_user_free(DomainsBuffer
);
2130 MIDL_user_free(SidsBuffer
);
2134 DomainSidLength
= RtlLengthSid(DomainSid
);
2136 for (i
= 0; i
< Count
; i
++)
2138 DomainsBuffer
->Domains
[i
].Sid
= MIDL_user_allocate(DomainSidLength
);
2139 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Sid
,
2143 DomainsBuffer
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
2144 DomainsBuffer
->Domains
[i
].Name
.Length
= DomainName
.Length
;
2145 DomainsBuffer
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
2146 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Name
.Buffer
,
2148 DomainName
.MaximumLength
);
2151 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2153 SECURITY_BUILTIN_DOMAIN_RID
,
2154 DOMAIN_ALIAS_RID_ADMINS
,
2155 DOMAIN_USER_RID_ADMIN
,
2158 if (!NT_SUCCESS(Status
))
2160 MIDL_user_free(DomainsBuffer
->Domains
);
2161 MIDL_user_free(DomainsBuffer
);
2162 MIDL_user_free(SidsBuffer
);
2166 AccountSidLength
= RtlLengthSid(AccountSid
);
2168 for (i
= 0; i
< Count
; i
++)
2170 SidsBuffer
[i
].Use
= SidTypeWellKnownGroup
;
2171 SidsBuffer
[i
].Sid
= MIDL_user_allocate(AccountSidLength
);
2173 RtlCopyMemory(SidsBuffer
[i
].Sid
,
2177 SidsBuffer
[i
].DomainIndex
= i
;
2178 SidsBuffer
[i
].Flags
= 0;
2181 *ReferencedDomains
= DomainsBuffer
;
2182 *MappedCount
= Count
;
2184 TranslatedSids
->Entries
= Count
;
2185 TranslatedSids
->Sids
= SidsBuffer
;
2187 return STATUS_SUCCESS
;
2192 NTSTATUS WINAPI
CredrGetSessionTypes(
2196 return STATUS_NOT_IMPLEMENTED
;
2201 NTSTATUS WINAPI
LsarRegisterAuditEvent(
2205 return STATUS_NOT_IMPLEMENTED
;
2210 NTSTATUS WINAPI
LsarGenAuditEvent(
2214 return STATUS_NOT_IMPLEMENTED
;
2219 NTSTATUS WINAPI
LsarUnregisterAuditEvent(
2223 return STATUS_NOT_IMPLEMENTED
;
2228 NTSTATUS WINAPI
LsarQueryForestTrustInformation(
2229 LSAPR_HANDLE PolicyHandle
,
2230 PLSA_UNICODE_STRING TrustedDomainName
,
2231 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2232 PLSA_FOREST_TRUST_INFORMATION
*ForestTrustInfo
)
2235 return STATUS_NOT_IMPLEMENTED
;
2240 NTSTATUS WINAPI
LsarSetForestTrustInformation(
2241 LSAPR_HANDLE PolicyHandle
,
2242 PLSA_UNICODE_STRING TrustedDomainName
,
2243 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2244 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo
,
2246 PLSA_FOREST_TRUST_COLLISION_INFORMATION
*CollisionInfo
)
2249 return STATUS_NOT_IMPLEMENTED
;
2254 NTSTATUS WINAPI
CredrRename(
2258 return STATUS_NOT_IMPLEMENTED
;
2263 NTSTATUS WINAPI
LsarLookupSids3(
2264 LSAPR_HANDLE PolicyHandle
,
2265 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2266 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2267 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2268 LSAP_LOOKUP_LEVEL LookupLevel
,
2270 DWORD LookupOptions
,
2271 DWORD ClientRevision
)
2274 return STATUS_NOT_IMPLEMENTED
;
2279 NTSTATUS WINAPI
LsarLookupNames4(
2282 PRPC_UNICODE_STRING Names
,
2283 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2284 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2285 LSAP_LOOKUP_LEVEL LookupLevel
,
2287 DWORD LookupOptions
,
2288 DWORD ClientRevision
)
2291 return STATUS_NOT_IMPLEMENTED
;
2296 NTSTATUS WINAPI
LsarOpenPolicySce(
2300 return STATUS_NOT_IMPLEMENTED
;
2305 NTSTATUS WINAPI
LsarAdtRegisterSecurityEventSource(
2309 return STATUS_NOT_IMPLEMENTED
;
2314 NTSTATUS WINAPI
LsarAdtUnregisterSecurityEventSource(
2318 return STATUS_NOT_IMPLEMENTED
;
2323 NTSTATUS WINAPI
LsarAdtReportSecurityEvent(
2327 return STATUS_NOT_IMPLEMENTED
;
2332 NTSTATUS WINAPI
CredrFindBestCredential(
2336 return STATUS_NOT_IMPLEMENTED
;
2341 NTSTATUS WINAPI
LsarSetAuditPolicy(
2345 return STATUS_NOT_IMPLEMENTED
;
2350 NTSTATUS WINAPI
LsarQueryAuditPolicy(
2354 return STATUS_NOT_IMPLEMENTED
;
2359 NTSTATUS WINAPI
LsarEnumerateAuditPolicy(
2363 return STATUS_NOT_IMPLEMENTED
;
2368 NTSTATUS WINAPI
LsarEnumerateAuditCategories(
2372 return STATUS_NOT_IMPLEMENTED
;
2377 NTSTATUS WINAPI
LsarEnumerateAuditSubCategories(
2381 return STATUS_NOT_IMPLEMENTED
;
2386 NTSTATUS WINAPI
LsarLookupAuditCategoryName(
2390 return STATUS_NOT_IMPLEMENTED
;
2395 NTSTATUS WINAPI
LsarLookupAuditSubCategoryName(
2399 return STATUS_NOT_IMPLEMENTED
;
2404 NTSTATUS WINAPI
LsarSetAuditSecurity(
2408 return STATUS_NOT_IMPLEMENTED
;
2413 NTSTATUS WINAPI
LsarQueryAuditSecurity(
2417 return STATUS_NOT_IMPLEMENTED
;
2422 NTSTATUS WINAPI
CredReadByTokenHandle(
2426 return STATUS_NOT_IMPLEMENTED
;
2431 NTSTATUS WINAPI
CredrRestoreCredentials(
2435 return STATUS_NOT_IMPLEMENTED
;
2440 NTSTATUS WINAPI
CredrBackupCredentials(
2444 return STATUS_NOT_IMPLEMENTED
;