2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
7 * PROGRAMMERS: Eric Kohl
10 /* INCLUDES ****************************************************************/
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv
);
17 /* GLOBALS *****************************************************************/
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock
;
22 /* FUNCTIONS ***************************************************************/
25 LsarStartRpcServer(VOID
)
29 RtlInitializeCriticalSection(&PolicyHandleTableLock
);
31 TRACE("LsarStartRpcServer() called\n");
33 Status
= RpcServerUseProtseqEpW(L
"ncacn_np",
37 if (Status
!= RPC_S_OK
)
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status
);
43 Status
= RpcServerRegisterIf(lsarpc_v0_0_s_ifspec
,
46 if (Status
!= RPC_S_OK
)
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status
);
52 Status
= RpcServerListen(1, 20, TRUE
);
53 if (Status
!= RPC_S_OK
)
55 WARN("RpcServerListen() failed (Status %lx)\n", Status
);
59 TRACE("LsarStartRpcServer() done\n");
63 void __RPC_USER
LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle
)
70 NTSTATUS WINAPI
LsarClose(
71 LSAPR_HANDLE
*ObjectHandle
)
73 PLSA_DB_OBJECT DbObject
;
74 NTSTATUS Status
= STATUS_SUCCESS
;
76 TRACE("0x%p\n", ObjectHandle
);
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
80 Status
= LsapValidateDbObject(*ObjectHandle
,
84 if (Status
== STATUS_SUCCESS
)
86 Status
= LsapCloseDbObject(DbObject
);
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
97 NTSTATUS WINAPI
LsarDelete(
98 LSAPR_HANDLE ObjectHandle
)
101 return STATUS_NOT_SUPPORTED
;
106 NTSTATUS WINAPI
LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle
,
108 DWORD
*EnumerationContext
,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer
,
110 DWORD PreferedMaximumLength
)
112 PLSA_DB_OBJECT PolicyObject
;
115 TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
116 PolicyHandle
, EnumerationContext
, EnumerationBuffer
,
117 PreferedMaximumLength
);
119 Status
= LsapValidateDbObject(PolicyHandle
,
121 POLICY_VIEW_LOCAL_INFORMATION
,
123 if (!NT_SUCCESS(Status
))
126 if (EnumerationContext
== NULL
)
127 return STATUS_INVALID_PARAMETER
;
129 return LsarpEnumeratePrivileges(EnumerationContext
,
131 PreferedMaximumLength
);
136 NTSTATUS WINAPI
LsarQuerySecurityObject(
137 LSAPR_HANDLE ObjectHandle
,
138 SECURITY_INFORMATION SecurityInformation
,
139 PLSAPR_SR_SECURITY_DESCRIPTOR
*SecurityDescriptor
)
142 return STATUS_NOT_IMPLEMENTED
;
147 NTSTATUS WINAPI
LsarSetSecurityObject(
148 LSAPR_HANDLE ObjectHandle
,
149 SECURITY_INFORMATION SecurityInformation
,
150 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor
)
153 return STATUS_NOT_IMPLEMENTED
;
158 NTSTATUS WINAPI
LsarChangePassword(
160 PRPC_UNICODE_STRING String1
,
161 PRPC_UNICODE_STRING String2
,
162 PRPC_UNICODE_STRING String3
,
163 PRPC_UNICODE_STRING String4
,
164 PRPC_UNICODE_STRING String5
)
167 return STATUS_NOT_IMPLEMENTED
;
172 NTSTATUS WINAPI
LsarOpenPolicy(
174 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
175 ACCESS_MASK DesiredAccess
,
176 LSAPR_HANDLE
*PolicyHandle
)
178 PLSA_DB_OBJECT PolicyObject
;
181 TRACE("LsarOpenPolicy called!\n");
183 RtlEnterCriticalSection(&PolicyHandleTableLock
);
185 Status
= LsapOpenDbObject(NULL
,
192 RtlLeaveCriticalSection(&PolicyHandleTableLock
);
194 if (NT_SUCCESS(Status
))
195 *PolicyHandle
= (LSAPR_HANDLE
)PolicyObject
;
197 TRACE("LsarOpenPolicy done!\n");
204 NTSTATUS WINAPI
LsarQueryInformationPolicy(
205 LSAPR_HANDLE PolicyHandle
,
206 POLICY_INFORMATION_CLASS InformationClass
,
207 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
209 PLSA_DB_OBJECT DbObject
;
210 ACCESS_MASK DesiredAccess
= 0;
213 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
214 PolicyHandle
, InformationClass
, PolicyInformation
);
216 if (PolicyInformation
)
218 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
221 switch (InformationClass
)
223 case PolicyAuditLogInformation
:
224 case PolicyAuditEventsInformation
:
225 case PolicyAuditFullQueryInformation
:
226 DesiredAccess
= POLICY_VIEW_AUDIT_INFORMATION
;
229 case PolicyPrimaryDomainInformation
:
230 case PolicyAccountDomainInformation
:
231 case PolicyLsaServerRoleInformation
:
232 case PolicyReplicaSourceInformation
:
233 case PolicyDefaultQuotaInformation
:
234 case PolicyModificationInformation
:
235 case PolicyDnsDomainInformation
:
236 case PolicyDnsDomainInformationInt
:
237 case PolicyLocalAccountDomainInformation
:
238 DesiredAccess
= POLICY_VIEW_LOCAL_INFORMATION
;
241 case PolicyPdAccountInformation
:
242 DesiredAccess
= POLICY_GET_PRIVATE_INFORMATION
;
246 ERR("Invalid InformationClass!\n");
247 return STATUS_INVALID_PARAMETER
;
250 Status
= LsapValidateDbObject(PolicyHandle
,
254 if (!NT_SUCCESS(Status
))
257 switch (InformationClass
)
259 case PolicyAuditLogInformation
: /* 1 */
260 Status
= LsarQueryAuditLog(PolicyHandle
,
263 case PolicyAuditEventsInformation
: /* 2 */
264 Status
= LsarQueryAuditEvents(PolicyHandle
,
268 case PolicyPrimaryDomainInformation
: /* 3 */
269 Status
= LsarQueryPrimaryDomain(PolicyHandle
,
273 case PolicyPdAccountInformation
: /* 4 */
274 Status
= LsarQueryPdAccount(PolicyHandle
,
277 case PolicyAccountDomainInformation
: /* 5 */
278 Status
= LsarQueryAccountDomain(PolicyHandle
,
282 case PolicyLsaServerRoleInformation
: /* 6 */
283 Status
= LsarQueryServerRole(PolicyHandle
,
287 case PolicyReplicaSourceInformation
: /* 7 */
288 Status
= LsarQueryReplicaSource(PolicyHandle
,
291 case PolicyDefaultQuotaInformation
: /* 8 */
292 Status
= LsarQueryDefaultQuota(PolicyHandle
,
296 case PolicyModificationInformation
: /* 9 */
297 Status
= LsarQueryModification(PolicyHandle
,
301 case PolicyAuditFullQueryInformation
: /* 11 (0xB) */
302 Status
= LsarQueryAuditFull(PolicyHandle
,
306 case PolicyDnsDomainInformation
: /* 12 (0xC) */
307 Status
= LsarQueryDnsDomain(PolicyHandle
,
311 case PolicyDnsDomainInformationInt
: /* 13 (0xD) */
312 Status
= LsarQueryDnsDomainInt(PolicyHandle
,
316 case PolicyLocalAccountDomainInformation
: /* 14 (0xE) */
317 Status
= LsarQueryLocalAccountDomain(PolicyHandle
,
322 ERR("Invalid InformationClass!\n");
323 Status
= STATUS_INVALID_PARAMETER
;
331 NTSTATUS WINAPI
LsarSetInformationPolicy(
332 LSAPR_HANDLE PolicyHandle
,
333 POLICY_INFORMATION_CLASS InformationClass
,
334 PLSAPR_POLICY_INFORMATION PolicyInformation
)
336 PLSA_DB_OBJECT DbObject
;
337 ACCESS_MASK DesiredAccess
= 0;
340 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
341 PolicyHandle
, InformationClass
, PolicyInformation
);
343 if (PolicyInformation
)
345 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
348 switch (InformationClass
)
350 case PolicyAuditLogInformation
:
351 case PolicyAuditFullSetInformation
:
352 DesiredAccess
= POLICY_AUDIT_LOG_ADMIN
;
355 case PolicyAuditEventsInformation
:
356 DesiredAccess
= POLICY_SET_AUDIT_REQUIREMENTS
;
359 case PolicyPrimaryDomainInformation
:
360 case PolicyAccountDomainInformation
:
361 case PolicyDnsDomainInformation
:
362 case PolicyDnsDomainInformationInt
:
363 case PolicyLocalAccountDomainInformation
:
364 DesiredAccess
= POLICY_TRUST_ADMIN
;
367 case PolicyLsaServerRoleInformation
:
368 case PolicyReplicaSourceInformation
:
369 DesiredAccess
= POLICY_SERVER_ADMIN
;
372 case PolicyDefaultQuotaInformation
:
373 DesiredAccess
= POLICY_SET_DEFAULT_QUOTA_LIMITS
;
377 ERR("Invalid InformationClass!\n");
378 return STATUS_INVALID_PARAMETER
;
381 Status
= LsapValidateDbObject(PolicyHandle
,
385 if (!NT_SUCCESS(Status
))
388 switch (InformationClass
)
390 case PolicyAuditEventsInformation
:
391 Status
= STATUS_NOT_IMPLEMENTED
;
394 case PolicyPrimaryDomainInformation
:
395 Status
= LsarSetPrimaryDomain(PolicyHandle
,
396 (PLSAPR_POLICY_PRIMARY_DOM_INFO
)PolicyInformation
);
399 case PolicyAccountDomainInformation
:
400 Status
= LsarSetAccountDomain(PolicyHandle
,
401 (PLSAPR_POLICY_ACCOUNT_DOM_INFO
)PolicyInformation
);
404 case PolicyDnsDomainInformation
:
405 Status
= LsarSetDnsDomain(PolicyHandle
,
406 (PLSAPR_POLICY_DNS_DOMAIN_INFO
)PolicyInformation
);
409 case PolicyLsaServerRoleInformation
:
410 Status
= STATUS_NOT_IMPLEMENTED
;
414 Status
= STATUS_INVALID_PARAMETER
;
423 NTSTATUS WINAPI
LsarClearAuditLog(
424 LSAPR_HANDLE ObjectHandle
)
427 return STATUS_NOT_IMPLEMENTED
;
432 NTSTATUS WINAPI
LsarCreateAccount(
433 LSAPR_HANDLE PolicyHandle
,
435 ACCESS_MASK DesiredAccess
,
436 LSAPR_HANDLE
*AccountHandle
)
438 PLSA_DB_OBJECT PolicyObject
;
439 PLSA_DB_OBJECT AccountObject
= NULL
;
440 LPWSTR SidString
= NULL
;
441 NTSTATUS Status
= STATUS_SUCCESS
;
443 /* Validate the AccountSid */
444 if (!RtlValidSid(AccountSid
))
445 return STATUS_INVALID_PARAMETER
;
447 /* Validate the PolicyHandle */
448 Status
= LsapValidateDbObject(PolicyHandle
,
450 POLICY_CREATE_ACCOUNT
,
452 if (!NT_SUCCESS(Status
))
454 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
458 /* Create SID string */
459 if (!ConvertSidToStringSid((PSID
)AccountSid
,
462 ERR("ConvertSidToStringSid failed\n");
463 Status
= STATUS_INVALID_PARAMETER
;
467 /* Create the Account object */
468 Status
= LsapCreateDbObject(PolicyObject
,
474 if (!NT_SUCCESS(Status
))
476 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status
);
480 /* Set the Sid attribute */
481 Status
= LsapSetObjectAttribute(AccountObject
,
484 GetLengthSid(AccountSid
));
487 if (SidString
!= NULL
)
488 LocalFree(SidString
);
490 if (!NT_SUCCESS(Status
))
492 if (AccountObject
!= NULL
)
493 LsapCloseDbObject(AccountObject
);
497 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
500 return STATUS_SUCCESS
;
505 NTSTATUS WINAPI
LsarEnumerateAccounts(
506 LSAPR_HANDLE PolicyHandle
,
507 DWORD
*EnumerationContext
,
508 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
,
509 DWORD PreferedMaximumLength
)
512 return STATUS_NOT_IMPLEMENTED
;
517 NTSTATUS WINAPI
LsarCreateTrustedDomain(
518 LSAPR_HANDLE PolicyHandle
,
519 PLSAPR_TRUST_INFORMATION TrustedDomainInformation
,
520 ACCESS_MASK DesiredAccess
,
521 LSAPR_HANDLE
*TrustedDomainHandle
)
524 return STATUS_NOT_IMPLEMENTED
;
529 NTSTATUS WINAPI
LsarEnumerateTrustedDomains(
530 LSAPR_HANDLE PolicyHandle
,
531 DWORD
*EnumerationContext
,
532 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer
,
533 DWORD PreferedMaximumLength
)
536 return STATUS_NOT_IMPLEMENTED
;
541 NTSTATUS WINAPI
LsarLookupNames(
542 LSAPR_HANDLE PolicyHandle
,
544 PRPC_UNICODE_STRING Names
,
545 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
546 PLSAPR_TRANSLATED_SIDS TranslatedSids
,
547 LSAP_LOOKUP_LEVEL LookupLevel
,
550 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
551 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
552 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
553 PLSA_TRANSLATED_SID OutputSids
= NULL
;
554 ULONG OutputSidsLength
;
560 TRACE("LsarLookupNames(%p, %lu, %p, %p, %p, %d, %p)\n",
561 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
562 LookupLevel
, MappedCount
);
564 TranslatedSids
->Entries
= Count
;
565 TranslatedSids
->Sids
= NULL
;
566 *ReferencedDomains
= NULL
;
568 OutputSidsLength
= Count
* sizeof(LSA_TRANSLATED_SID
);
569 OutputSids
= MIDL_user_allocate(OutputSidsLength
);
570 if (OutputSids
== NULL
)
572 return STATUS_INSUFFICIENT_RESOURCES
;
575 RtlZeroMemory(OutputSids
, OutputSidsLength
);
577 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
578 if (OutputDomains
== NULL
)
580 MIDL_user_free(OutputSids
);
581 return STATUS_INSUFFICIENT_RESOURCES
;
584 OutputDomains
->Entries
= Count
;
585 OutputDomains
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
586 if (OutputDomains
->Domains
== NULL
)
588 MIDL_user_free(OutputDomains
);
589 MIDL_user_free(OutputSids
);
590 return STATUS_INSUFFICIENT_RESOURCES
;
593 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
595 SECURITY_BUILTIN_DOMAIN_RID
,
596 DOMAIN_ALIAS_RID_ADMINS
,
599 if (!NT_SUCCESS(Status
))
601 MIDL_user_free(OutputDomains
->Domains
);
602 MIDL_user_free(OutputDomains
);
603 MIDL_user_free(OutputSids
);
607 SidLength
= RtlLengthSid(Sid
);
609 for (i
= 0; i
< Count
; i
++)
611 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
612 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
614 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
615 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
616 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
617 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
620 for (i
= 0; i
< Count
; i
++)
622 OutputSids
[i
].Use
= SidTypeWellKnownGroup
;
623 OutputSids
[i
].RelativeId
= DOMAIN_USER_RID_ADMIN
; //DOMAIN_ALIAS_RID_ADMINS;
624 OutputSids
[i
].DomainIndex
= i
;
627 *ReferencedDomains
= OutputDomains
;
629 *MappedCount
= Count
;
631 TranslatedSids
->Entries
= Count
;
632 TranslatedSids
->Sids
= OutputSids
;
634 return STATUS_SUCCESS
;
639 NTSTATUS WINAPI
LsarLookupSids(
640 LSAPR_HANDLE PolicyHandle
,
641 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
642 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
643 PLSAPR_TRANSLATED_NAMES TranslatedNames
,
644 LSAP_LOOKUP_LEVEL LookupLevel
,
647 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
648 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
649 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
650 PLSAPR_TRANSLATED_NAME OutputNames
= NULL
;
651 ULONG OutputNamesLength
;
657 TRACE("LsarLookupSids(%p, %p, %p, %p, %d, %p)\n",
658 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
659 LookupLevel
, MappedCount
);
661 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
662 TranslatedNames
->Names
= NULL
;
663 *ReferencedDomains
= NULL
;
665 OutputNamesLength
= SidEnumBuffer
->Entries
* sizeof(LSA_TRANSLATED_NAME
);
666 OutputNames
= MIDL_user_allocate(OutputNamesLength
);
667 if (OutputNames
== NULL
)
669 return STATUS_INSUFFICIENT_RESOURCES
;
672 RtlZeroMemory(OutputNames
, OutputNamesLength
);
674 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
675 if (OutputDomains
== NULL
)
677 MIDL_user_free(OutputNames
);
678 return STATUS_INSUFFICIENT_RESOURCES
;
681 OutputDomains
->Entries
= SidEnumBuffer
->Entries
;
682 OutputDomains
->Domains
= MIDL_user_allocate(SidEnumBuffer
->Entries
* sizeof(LSA_TRUST_INFORMATION
));
683 if (OutputDomains
->Domains
== NULL
)
685 MIDL_user_free(OutputDomains
);
686 MIDL_user_free(OutputNames
);
687 return STATUS_INSUFFICIENT_RESOURCES
;
690 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
692 SECURITY_BUILTIN_DOMAIN_RID
,
693 DOMAIN_ALIAS_RID_ADMINS
,
696 if (!NT_SUCCESS(Status
))
698 MIDL_user_free(OutputDomains
->Domains
);
699 MIDL_user_free(OutputDomains
);
700 MIDL_user_free(OutputNames
);
704 SidLength
= RtlLengthSid(Sid
);
706 for (i
= 0; i
< SidEnumBuffer
->Entries
; i
++)
708 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
709 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
711 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
712 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
713 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
714 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
717 Status
= LsapLookupSids(SidEnumBuffer
,
720 *ReferencedDomains
= OutputDomains
;
722 *MappedCount
= SidEnumBuffer
->Entries
;
724 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
725 TranslatedNames
->Names
= OutputNames
;
732 NTSTATUS WINAPI
LsarCreateSecret(
733 LSAPR_HANDLE PolicyHandle
,
734 PRPC_UNICODE_STRING SecretName
,
735 ACCESS_MASK DesiredAccess
,
736 LSAPR_HANDLE
*SecretHandle
)
738 PLSA_DB_OBJECT PolicyObject
;
739 PLSA_DB_OBJECT SecretObject
= NULL
;
741 NTSTATUS Status
= STATUS_SUCCESS
;
743 /* Validate the PolicyHandle */
744 Status
= LsapValidateDbObject(PolicyHandle
,
746 POLICY_CREATE_SECRET
,
748 if (!NT_SUCCESS(Status
))
750 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
754 /* Get the current time */
755 Status
= NtQuerySystemTime(&Time
);
756 if (!NT_SUCCESS(Status
))
758 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
762 /* Create the Secret object */
763 Status
= LsapCreateDbObject(PolicyObject
,
769 if (!NT_SUCCESS(Status
))
771 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status
);
775 /* Set the CurrentTime attribute */
776 Status
= LsapSetObjectAttribute(SecretObject
,
779 sizeof(LARGE_INTEGER
));
780 if (!NT_SUCCESS(Status
))
782 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status
);
786 /* Set the OldTime attribute */
787 Status
= LsapSetObjectAttribute(SecretObject
,
790 sizeof(LARGE_INTEGER
));
793 if (!NT_SUCCESS(Status
))
795 if (SecretObject
!= NULL
)
796 LsapCloseDbObject(SecretObject
);
800 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
803 return STATUS_SUCCESS
;
808 NTSTATUS WINAPI
LsarOpenAccount(
809 LSAPR_HANDLE PolicyHandle
,
811 ACCESS_MASK DesiredAccess
,
812 LSAPR_HANDLE
*AccountHandle
)
814 PLSA_DB_OBJECT PolicyObject
;
815 PLSA_DB_OBJECT AccountObject
= NULL
;
816 LPWSTR SidString
= NULL
;
817 NTSTATUS Status
= STATUS_SUCCESS
;
819 /* Validate the AccountSid */
820 if (!RtlValidSid(AccountSid
))
821 return STATUS_INVALID_PARAMETER
;
823 /* Validate the PolicyHandle */
824 Status
= LsapValidateDbObject(PolicyHandle
,
828 if (!NT_SUCCESS(Status
))
830 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
834 /* Create SID string */
835 if (!ConvertSidToStringSid((PSID
)AccountSid
,
838 ERR("ConvertSidToStringSid failed\n");
839 Status
= STATUS_INVALID_PARAMETER
;
843 /* Create the Account object */
844 Status
= LsapOpenDbObject(PolicyObject
,
850 if (!NT_SUCCESS(Status
))
852 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status
);
856 /* Set the Sid attribute */
857 Status
= LsapSetObjectAttribute(AccountObject
,
860 GetLengthSid(AccountSid
));
863 if (SidString
!= NULL
)
864 LocalFree(SidString
);
866 if (!NT_SUCCESS(Status
))
868 if (AccountObject
!= NULL
)
869 LsapCloseDbObject(AccountObject
);
873 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
881 NTSTATUS WINAPI
LsarEnumeratePrivilegesAccount(
882 LSAPR_HANDLE AccountHandle
,
883 PLSAPR_PRIVILEGE_SET
*Privileges
)
885 PLSA_DB_OBJECT AccountObject
;
886 ULONG PrivilegeSetSize
= 0;
887 PLSAPR_PRIVILEGE_SET PrivilegeSet
= NULL
;
892 /* Validate the AccountHandle */
893 Status
= LsapValidateDbObject(AccountHandle
,
897 if (!NT_SUCCESS(Status
))
899 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
903 /* Get the size of the privilege set */
904 Status
= LsapGetObjectAttribute(AccountObject
,
908 if (!NT_SUCCESS(Status
))
911 /* Allocate a buffer for the privilege set */
912 PrivilegeSet
= MIDL_user_allocate(PrivilegeSetSize
);
913 if (PrivilegeSet
== NULL
)
914 return STATUS_NO_MEMORY
;
916 /* Get the privilege set */
917 Status
= LsapGetObjectAttribute(AccountObject
,
921 if (!NT_SUCCESS(Status
))
923 MIDL_user_free(PrivilegeSet
);
927 /* Return a pointer to the privilege set */
928 *Privileges
= PrivilegeSet
;
930 return STATUS_SUCCESS
;
935 NTSTATUS WINAPI
LsarAddPrivilegesToAccount(
936 LSAPR_HANDLE AccountHandle
,
937 PLSAPR_PRIVILEGE_SET Privileges
)
939 PLSA_DB_OBJECT AccountObject
;
940 PPRIVILEGE_SET CurrentPrivileges
= NULL
;
941 PPRIVILEGE_SET NewPrivileges
= NULL
;
942 ULONG PrivilegeSetSize
= 0;
943 ULONG PrivilegeCount
;
948 /* Validate the AccountHandle */
949 Status
= LsapValidateDbObject(AccountHandle
,
951 ACCOUNT_ADJUST_PRIVILEGES
,
953 if (!NT_SUCCESS(Status
))
955 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
959 Status
= LsapGetObjectAttribute(AccountObject
,
963 if (!NT_SUCCESS(Status
) || PrivilegeSetSize
== 0)
965 /* The Privilgs attribute does not exist */
967 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
968 (Privileges
->PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
969 Status
= LsapSetObjectAttribute(AccountObject
,
976 /* The Privilgs attribute exists */
978 /* Allocate memory for the stored privilege set */
979 CurrentPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
980 if (CurrentPrivileges
== NULL
)
981 return STATUS_NO_MEMORY
;
983 /* Get the current privilege set */
984 Status
= LsapGetObjectAttribute(AccountObject
,
988 if (!NT_SUCCESS(Status
))
990 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status
);
994 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
995 TRACE("Current privilege count: %lu\n", PrivilegeCount
);
997 /* Calculate the number privileges in the combined privilege set */
998 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1001 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1003 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1004 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1011 if (bFound
== FALSE
)
1013 TRACE("Found new privilege\n");
1017 TRACE("New privilege count: %lu\n", PrivilegeCount
);
1019 /* Calculate the size of the new privilege set and allocate it */
1020 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1021 (PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1022 NewPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1023 if (NewPrivileges
== NULL
)
1025 Status
= STATUS_NO_MEMORY
;
1029 /* Initialize the new privilege set */
1030 NewPrivileges
->PrivilegeCount
= PrivilegeCount
;
1031 NewPrivileges
->Control
= 0;
1033 /* Copy all privileges from the current privilege set */
1034 RtlCopyLuidAndAttributesArray(CurrentPrivileges
->PrivilegeCount
,
1035 &(CurrentPrivileges
->Privilege
[0]),
1036 &(NewPrivileges
->Privilege
[0]));
1038 /* Add new privileges to the new privilege set */
1039 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1040 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1043 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1045 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1046 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1048 /* Overwrite attributes if a matching privilege was found */
1049 NewPrivileges
->Privilege
[j
].Attributes
= Privileges
->Privilege
[i
].Attributes
;
1056 if (bFound
== FALSE
)
1058 /* Copy the new privilege */
1059 RtlCopyLuidAndAttributesArray(1,
1060 (PLUID_AND_ATTRIBUTES
)&(Privileges
->Privilege
[i
]),
1061 &(NewPrivileges
->Privilege
[PrivilegeCount
]));
1066 /* Set the new priivliege set */
1067 Status
= LsapSetObjectAttribute(AccountObject
,
1074 if (CurrentPrivileges
!= NULL
)
1075 MIDL_user_free(CurrentPrivileges
);
1077 if (NewPrivileges
!= NULL
)
1078 MIDL_user_free(NewPrivileges
);
1085 NTSTATUS WINAPI
LsarRemovePrivilegesFromAccount(
1086 LSAPR_HANDLE AccountHandle
,
1088 PLSAPR_PRIVILEGE_SET Privileges
)
1091 return STATUS_NOT_IMPLEMENTED
;
1096 NTSTATUS WINAPI
LsarGetQuotasForAccount(
1097 LSAPR_HANDLE AccountHandle
,
1098 PQUOTA_LIMITS QuotaLimits
)
1101 return STATUS_NOT_IMPLEMENTED
;
1106 NTSTATUS WINAPI
LsarSetQuotasForAccount(
1107 LSAPR_HANDLE AccountHandle
,
1108 PQUOTA_LIMITS QuotaLimits
)
1111 return STATUS_NOT_IMPLEMENTED
;
1116 NTSTATUS WINAPI
LsarGetSystemAccessAccount(
1117 LSAPR_HANDLE AccountHandle
,
1118 ACCESS_MASK
*SystemAccess
)
1120 PLSA_DB_OBJECT AccountObject
;
1124 /* Validate the account handle */
1125 Status
= LsapValidateDbObject(AccountHandle
,
1129 if (!NT_SUCCESS(Status
))
1131 ERR("Invalid handle (Status %lx)\n", Status
);
1135 /* Get the system access flags */
1136 Status
= LsapGetObjectAttribute(AccountObject
,
1146 NTSTATUS WINAPI
LsarSetSystemAccessAccount(
1147 LSAPR_HANDLE AccountHandle
,
1148 ACCESS_MASK SystemAccess
)
1150 PLSA_DB_OBJECT AccountObject
;
1153 /* Validate the account handle */
1154 Status
= LsapValidateDbObject(AccountHandle
,
1156 ACCOUNT_ADJUST_SYSTEM_ACCESS
,
1158 if (!NT_SUCCESS(Status
))
1160 ERR("Invalid handle (Status %lx)\n", Status
);
1164 /* Set the system access flags */
1165 Status
= LsapSetObjectAttribute(AccountObject
,
1168 sizeof(ACCESS_MASK
));
1175 NTSTATUS WINAPI
LsarOpenTrustedDomain(
1176 LSAPR_HANDLE PolicyHandle
,
1177 PRPC_SID TrustedDomainSid
,
1178 ACCESS_MASK DesiredAccess
,
1179 LSAPR_HANDLE
*TrustedDomainHandle
)
1182 return STATUS_NOT_IMPLEMENTED
;
1187 NTSTATUS WINAPI
LsarQueryInfoTrustedDomain(
1188 LSAPR_HANDLE TrustedDomainHandle
,
1189 TRUSTED_INFORMATION_CLASS InformationClass
,
1190 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1193 return STATUS_NOT_IMPLEMENTED
;
1198 NTSTATUS WINAPI
LsarSetInformationTrustedDomain(
1199 LSAPR_HANDLE TrustedDomainHandle
,
1200 TRUSTED_INFORMATION_CLASS InformationClass
,
1201 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1204 return STATUS_NOT_IMPLEMENTED
;
1209 NTSTATUS WINAPI
LsarOpenSecret(
1210 LSAPR_HANDLE PolicyHandle
,
1211 PRPC_UNICODE_STRING SecretName
,
1212 ACCESS_MASK DesiredAccess
,
1213 LSAPR_HANDLE
*SecretHandle
)
1215 PLSA_DB_OBJECT PolicyObject
;
1216 PLSA_DB_OBJECT SecretObject
= NULL
;
1217 NTSTATUS Status
= STATUS_SUCCESS
;
1219 /* Validate the PolicyHandle */
1220 Status
= LsapValidateDbObject(PolicyHandle
,
1222 POLICY_CREATE_SECRET
,
1224 if (!NT_SUCCESS(Status
))
1226 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1230 /* Create the secret object */
1231 Status
= LsapOpenDbObject(PolicyObject
,
1237 if (!NT_SUCCESS(Status
))
1239 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status
);
1244 if (!NT_SUCCESS(Status
))
1246 if (SecretObject
!= NULL
)
1247 LsapCloseDbObject(SecretObject
);
1251 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
1254 return STATUS_SUCCESS
;
1259 NTSTATUS WINAPI
LsarSetSecret(
1260 LSAPR_HANDLE SecretHandle
,
1261 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue
,
1262 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue
)
1264 PLSA_DB_OBJECT SecretObject
;
1265 PBYTE CurrentValue
= NULL
;
1266 PBYTE OldValue
= NULL
;
1267 ULONG CurrentValueLength
= 0;
1268 ULONG OldValueLength
= 0;
1272 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle
,
1273 EncryptedCurrentValue
, EncryptedOldValue
);
1275 /* Validate the SecretHandle */
1276 Status
= LsapValidateDbObject(SecretHandle
,
1280 if (!NT_SUCCESS(Status
))
1282 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1286 if (EncryptedCurrentValue
!= NULL
)
1288 /* FIXME: Decrypt the current value */
1289 CurrentValue
= EncryptedCurrentValue
->Buffer
;
1290 CurrentValueLength
= EncryptedCurrentValue
->MaximumLength
;
1293 /* Set the current value */
1294 Status
= LsapSetObjectAttribute(SecretObject
,
1297 CurrentValueLength
);
1298 if (!NT_SUCCESS(Status
))
1300 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1304 /* Get the current time */
1305 Status
= NtQuerySystemTime(&Time
);
1306 if (!NT_SUCCESS(Status
))
1308 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
1312 /* Set the current time */
1313 Status
= LsapSetObjectAttribute(SecretObject
,
1316 sizeof(LARGE_INTEGER
));
1317 if (!NT_SUCCESS(Status
))
1319 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1323 if (EncryptedOldValue
!= NULL
)
1325 /* FIXME: Decrypt the old value */
1326 OldValue
= EncryptedOldValue
->Buffer
;
1327 OldValueLength
= EncryptedOldValue
->MaximumLength
;
1330 /* Set the old value */
1331 Status
= LsapSetObjectAttribute(SecretObject
,
1335 if (!NT_SUCCESS(Status
))
1337 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1341 /* Set the old time */
1342 Status
= LsapSetObjectAttribute(SecretObject
,
1345 sizeof(LARGE_INTEGER
));
1346 if (!NT_SUCCESS(Status
))
1348 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1357 NTSTATUS WINAPI
LsarQuerySecret(
1358 LSAPR_HANDLE SecretHandle
,
1359 PLSAPR_CR_CIPHER_VALUE
*EncryptedCurrentValue
,
1360 PLARGE_INTEGER CurrentValueSetTime
,
1361 PLSAPR_CR_CIPHER_VALUE
*EncryptedOldValue
,
1362 PLARGE_INTEGER OldValueSetTime
)
1364 PLSA_DB_OBJECT SecretObject
;
1365 PLSAPR_CR_CIPHER_VALUE EncCurrentValue
= NULL
;
1366 PLSAPR_CR_CIPHER_VALUE EncOldValue
= NULL
;
1367 PBYTE CurrentValue
= NULL
;
1368 PBYTE OldValue
= NULL
;
1369 ULONG CurrentValueLength
= 0;
1370 ULONG OldValueLength
= 0;
1374 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle
,
1375 EncryptedCurrentValue
, CurrentValueSetTime
,
1376 EncryptedOldValue
, OldValueSetTime
);
1378 /* Validate the SecretHandle */
1379 Status
= LsapValidateDbObject(SecretHandle
,
1383 if (!NT_SUCCESS(Status
))
1385 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1389 if (EncryptedCurrentValue
!= NULL
)
1391 CurrentValueLength
= 0;
1393 /* Get the size of the current value */
1394 Status
= LsapGetObjectAttribute(SecretObject
,
1397 &CurrentValueLength
);
1398 if (!NT_SUCCESS(Status
))
1401 /* Allocate a buffer for the current value */
1402 CurrentValue
= midl_user_allocate(CurrentValueLength
);
1403 if (CurrentValue
== NULL
)
1405 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1409 /* Get the current value */
1410 Status
= LsapGetObjectAttribute(SecretObject
,
1413 &CurrentValueLength
);
1414 if (!NT_SUCCESS(Status
))
1417 /* Allocate a buffer for the encrypted current value */
1418 EncCurrentValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
));
1419 if (EncCurrentValue
== NULL
)
1421 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1425 /* FIXME: Encrypt the current value */
1426 EncCurrentValue
->Length
= (USHORT
)(CurrentValueLength
- sizeof(WCHAR
));
1427 EncCurrentValue
->MaximumLength
= (USHORT
)CurrentValueLength
;
1428 EncCurrentValue
->Buffer
= (PBYTE
)CurrentValue
;
1431 if (CurrentValueSetTime
!= NULL
)
1433 BufferSize
= sizeof(LARGE_INTEGER
);
1435 /* Get the current value time */
1436 Status
= LsapGetObjectAttribute(SecretObject
,
1438 (PBYTE
)CurrentValueSetTime
,
1440 if (!NT_SUCCESS(Status
))
1444 if (EncryptedOldValue
!= NULL
)
1448 /* Get the size of the old value */
1449 Status
= LsapGetObjectAttribute(SecretObject
,
1453 if (!NT_SUCCESS(Status
))
1456 /* Allocate a buffer for the old value */
1457 OldValue
= midl_user_allocate(OldValueLength
);
1458 if (OldValue
== NULL
)
1460 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1464 /* Get the old value */
1465 Status
= LsapGetObjectAttribute(SecretObject
,
1469 if (!NT_SUCCESS(Status
))
1472 /* Allocate a buffer for the encrypted old value */
1473 EncOldValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
) + OldValueLength
);
1474 if (EncOldValue
== NULL
)
1476 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1480 /* FIXME: Encrypt the old value */
1481 EncOldValue
->Length
= (USHORT
)(OldValueLength
- sizeof(WCHAR
));
1482 EncOldValue
->MaximumLength
= (USHORT
)OldValueLength
;
1483 EncOldValue
->Buffer
= (PBYTE
)OldValue
;
1486 if (OldValueSetTime
!= NULL
)
1488 BufferSize
= sizeof(LARGE_INTEGER
);
1490 /* Get the old value time */
1491 Status
= LsapGetObjectAttribute(SecretObject
,
1493 (PBYTE
)OldValueSetTime
,
1495 if (!NT_SUCCESS(Status
))
1501 if (NT_SUCCESS(Status
))
1503 if (EncryptedCurrentValue
!= NULL
)
1504 *EncryptedCurrentValue
= EncCurrentValue
;
1506 if (EncryptedOldValue
!= NULL
)
1507 *EncryptedOldValue
= EncOldValue
;
1511 if (EncryptedCurrentValue
!= NULL
)
1512 *EncryptedCurrentValue
= NULL
;
1514 if (EncryptedOldValue
!= NULL
)
1515 *EncryptedOldValue
= NULL
;
1517 if (EncCurrentValue
!= NULL
)
1518 midl_user_free(EncCurrentValue
);
1520 if (EncOldValue
!= NULL
)
1521 midl_user_free(EncOldValue
);
1523 if (CurrentValue
!= NULL
)
1524 midl_user_free(CurrentValue
);
1526 if (OldValue
!= NULL
)
1527 midl_user_free(OldValue
);
1530 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status
);
1537 NTSTATUS WINAPI
LsarLookupPrivilegeValue(
1538 LSAPR_HANDLE PolicyHandle
,
1539 PRPC_UNICODE_STRING Name
,
1544 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1545 PolicyHandle
, Name
, Value
);
1547 Status
= LsapValidateDbObject(PolicyHandle
,
1549 POLICY_LOOKUP_NAMES
,
1551 if (!NT_SUCCESS(Status
))
1553 ERR("Invalid handle (Status %lx)\n", Status
);
1557 TRACE("Privilege: %wZ\n", Name
);
1559 Status
= LsarpLookupPrivilegeValue((PUNICODE_STRING
)Name
,
1567 NTSTATUS WINAPI
LsarLookupPrivilegeName(
1568 LSAPR_HANDLE PolicyHandle
,
1570 PRPC_UNICODE_STRING
*Name
)
1574 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1575 PolicyHandle
, Value
, Name
);
1577 Status
= LsapValidateDbObject(PolicyHandle
,
1579 POLICY_LOOKUP_NAMES
,
1581 if (!NT_SUCCESS(Status
))
1583 ERR("Invalid handle\n");
1587 Status
= LsarpLookupPrivilegeName(Value
, (PUNICODE_STRING
*)Name
);
1594 NTSTATUS WINAPI
LsarLookupPrivilegeDisplayName(
1595 LSAPR_HANDLE PolicyHandle
,
1596 PRPC_UNICODE_STRING Name
,
1597 USHORT ClientLanguage
,
1598 USHORT ClientSystemDefaultLanguage
,
1599 PRPC_UNICODE_STRING
*DisplayName
,
1600 USHORT
*LanguageReturned
)
1603 return STATUS_NOT_IMPLEMENTED
;
1608 NTSTATUS WINAPI
LsarDeleteObject(
1609 LSAPR_HANDLE
*ObjectHandle
)
1612 return STATUS_NOT_IMPLEMENTED
;
1617 NTSTATUS WINAPI
LsarEnumerateAccountsWithUserRight(
1618 LSAPR_HANDLE PolicyHandle
,
1619 PRPC_UNICODE_STRING UserRight
,
1620 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
)
1623 return STATUS_NOT_IMPLEMENTED
;
1628 NTSTATUS WINAPI
LsarEnumerateAccountRights(
1629 LSAPR_HANDLE PolicyHandle
,
1630 PRPC_SID AccountSid
,
1631 PLSAPR_USER_RIGHT_SET UserRights
)
1633 PLSA_DB_OBJECT PolicyObject
;
1636 TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
1637 PolicyHandle
, AccountSid
, UserRights
);
1639 Status
= LsapValidateDbObject(PolicyHandle
,
1643 if (!NT_SUCCESS(Status
))
1646 UserRights
->Entries
= 0;
1647 UserRights
->UserRights
= NULL
;
1648 return STATUS_OBJECT_NAME_NOT_FOUND
;
1653 NTSTATUS WINAPI
LsarAddAccountRights(
1654 LSAPR_HANDLE PolicyHandle
,
1655 PRPC_SID AccountSid
,
1656 PLSAPR_USER_RIGHT_SET UserRights
)
1659 return STATUS_NOT_IMPLEMENTED
;
1664 NTSTATUS WINAPI
LsarRemoveAccountRights(
1665 LSAPR_HANDLE PolicyHandle
,
1666 PRPC_SID AccountSid
,
1668 PLSAPR_USER_RIGHT_SET UserRights
)
1671 return STATUS_NOT_IMPLEMENTED
;
1676 NTSTATUS WINAPI
LsarQueryTrustedDomainInfo(
1677 LSAPR_HANDLE PolicyHandle
,
1678 PRPC_SID TrustedDomainSid
,
1679 TRUSTED_INFORMATION_CLASS InformationClass
,
1680 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1683 return STATUS_NOT_IMPLEMENTED
;
1688 NTSTATUS WINAPI
LsarSetTrustedDomainInfo(
1689 LSAPR_HANDLE PolicyHandle
,
1690 PRPC_SID TrustedDomainSid
,
1691 TRUSTED_INFORMATION_CLASS InformationClass
,
1692 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1695 return STATUS_NOT_IMPLEMENTED
;
1700 NTSTATUS WINAPI
LsarDeleteTrustedDomain(
1701 LSAPR_HANDLE PolicyHandle
,
1702 PRPC_SID TrustedDomainSid
)
1705 return STATUS_NOT_IMPLEMENTED
;
1710 NTSTATUS WINAPI
LsarStorePrivateData(
1711 LSAPR_HANDLE PolicyHandle
,
1712 PRPC_UNICODE_STRING KeyName
,
1713 PLSAPR_CR_CIPHER_VALUE EncryptedData
)
1716 return STATUS_NOT_IMPLEMENTED
;
1721 NTSTATUS WINAPI
LsarRetrievePrivateData(
1722 LSAPR_HANDLE PolicyHandle
,
1723 PRPC_UNICODE_STRING KeyName
,
1724 PLSAPR_CR_CIPHER_VALUE
*EncryptedData
)
1727 return STATUS_NOT_IMPLEMENTED
;
1732 NTSTATUS WINAPI
LsarOpenPolicy2(
1734 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
1735 ACCESS_MASK DesiredAccess
,
1736 LSAPR_HANDLE
*PolicyHandle
)
1739 return STATUS_NOT_IMPLEMENTED
;
1744 NTSTATUS WINAPI
LsarGetUserName(
1746 PRPC_UNICODE_STRING
*UserName
,
1747 PRPC_UNICODE_STRING
*DomainName
)
1750 return STATUS_NOT_IMPLEMENTED
;
1755 NTSTATUS WINAPI
LsarQueryInformationPolicy2(
1756 LSAPR_HANDLE PolicyHandle
,
1757 POLICY_INFORMATION_CLASS InformationClass
,
1758 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
1760 return LsarQueryInformationPolicy(PolicyHandle
,
1767 NTSTATUS WINAPI
LsarSetInformationPolicy2(
1768 LSAPR_HANDLE PolicyHandle
,
1769 POLICY_INFORMATION_CLASS InformationClass
,
1770 PLSAPR_POLICY_INFORMATION PolicyInformation
)
1772 return LsarSetInformationPolicy(PolicyHandle
,
1779 NTSTATUS WINAPI
LsarQueryTrustedDomainInfoByName(
1780 LSAPR_HANDLE PolicyHandle
,
1781 PRPC_UNICODE_STRING TrustedDomainName
,
1782 POLICY_INFORMATION_CLASS InformationClass
,
1783 PLSAPR_TRUSTED_DOMAIN_INFO
*PolicyInformation
)
1786 return STATUS_NOT_IMPLEMENTED
;
1791 NTSTATUS WINAPI
LsarSetTrustedDomainInfoByName(
1792 LSAPR_HANDLE PolicyHandle
,
1793 PRPC_UNICODE_STRING TrustedDomainName
,
1794 POLICY_INFORMATION_CLASS InformationClass
,
1795 PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation
)
1798 return STATUS_NOT_IMPLEMENTED
;
1803 NTSTATUS WINAPI
LsarEnumerateTrustedDomainsEx(
1804 LSAPR_HANDLE PolicyHandle
,
1805 DWORD
*EnumerationContext
,
1806 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer
,
1807 DWORD PreferedMaximumLength
)
1810 return STATUS_NOT_IMPLEMENTED
;
1815 NTSTATUS WINAPI
LsarCreateTrustedDomainEx(
1816 LSAPR_HANDLE PolicyHandle
,
1817 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1818 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation
,
1819 ACCESS_MASK DesiredAccess
,
1820 LSAPR_HANDLE
*TrustedDomainHandle
)
1823 return STATUS_NOT_IMPLEMENTED
;
1828 NTSTATUS WINAPI
LsarSetPolicyReplicationHandle(
1829 PLSAPR_HANDLE PolicyHandle
)
1832 return STATUS_NOT_IMPLEMENTED
;
1837 NTSTATUS WINAPI
LsarQueryDomainInformationPolicy(
1838 LSAPR_HANDLE PolicyHandle
,
1839 POLICY_INFORMATION_CLASS InformationClass
,
1840 PLSAPR_POLICY_DOMAIN_INFORMATION
*PolicyInformation
)
1843 return STATUS_NOT_IMPLEMENTED
;
1848 NTSTATUS WINAPI
LsarSetDomainInformationPolicy(
1849 LSAPR_HANDLE PolicyHandle
,
1850 POLICY_INFORMATION_CLASS InformationClass
,
1851 PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation
)
1854 return STATUS_NOT_IMPLEMENTED
;
1859 NTSTATUS WINAPI
LsarOpenTrustedDomainByName(
1860 LSAPR_HANDLE PolicyHandle
,
1861 PRPC_UNICODE_STRING TrustedDomainName
,
1862 ACCESS_MASK DesiredAccess
,
1863 LSAPR_HANDLE
*TrustedDomainHandle
)
1866 return STATUS_NOT_IMPLEMENTED
;
1871 NTSTATUS WINAPI
LsarTestCall(
1875 return STATUS_NOT_IMPLEMENTED
;
1880 NTSTATUS WINAPI
LsarLookupSids2(
1881 LSAPR_HANDLE PolicyHandle
,
1882 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
1883 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1884 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
1885 LSAP_LOOKUP_LEVEL LookupLevel
,
1887 DWORD LookupOptions
,
1888 DWORD ClientRevision
)
1891 return STATUS_NOT_IMPLEMENTED
;
1896 NTSTATUS WINAPI
LsarLookupNames2(
1897 LSAPR_HANDLE PolicyHandle
,
1899 PRPC_UNICODE_STRING Names
,
1900 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1901 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids
,
1902 LSAP_LOOKUP_LEVEL LookupLevel
,
1904 DWORD LookupOptions
,
1905 DWORD ClientRevision
)
1908 return STATUS_NOT_IMPLEMENTED
;
1913 NTSTATUS WINAPI
LsarCreateTrustedDomainEx2(
1914 LSAPR_HANDLE PolicyHandle
,
1915 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1916 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation
,
1917 ACCESS_MASK DesiredAccess
,
1918 LSAPR_HANDLE
*TrustedDomainHandle
)
1921 return STATUS_NOT_IMPLEMENTED
;
1926 NTSTATUS WINAPI
CredrWrite(
1930 return STATUS_NOT_IMPLEMENTED
;
1935 NTSTATUS WINAPI
CredrRead(
1939 return STATUS_NOT_IMPLEMENTED
;
1944 NTSTATUS WINAPI
CredrEnumerate(
1948 return STATUS_NOT_IMPLEMENTED
;
1953 NTSTATUS WINAPI
CredrWriteDomainCredentials(
1957 return STATUS_NOT_IMPLEMENTED
;
1962 NTSTATUS WINAPI
CredrReadDomainCredentials(
1966 return STATUS_NOT_IMPLEMENTED
;
1971 NTSTATUS WINAPI
CredrDelete(
1975 return STATUS_NOT_IMPLEMENTED
;
1980 NTSTATUS WINAPI
CredrGetTargetInfo(
1984 return STATUS_NOT_IMPLEMENTED
;
1989 NTSTATUS WINAPI
CredrProfileLoaded(
1993 return STATUS_NOT_IMPLEMENTED
;
1998 NTSTATUS WINAPI
LsarLookupNames3(
1999 LSAPR_HANDLE PolicyHandle
,
2001 PRPC_UNICODE_STRING Names
,
2002 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2003 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2004 LSAP_LOOKUP_LEVEL LookupLevel
,
2006 DWORD LookupOptions
,
2007 DWORD ClientRevision
)
2009 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
2010 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
2011 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
= NULL
;
2012 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
= NULL
;
2013 ULONG SidsBufferLength
;
2014 ULONG DomainSidLength
;
2015 ULONG AccountSidLength
;
2021 TRACE("LsarLookupNames3(%p, %lu, %p, %p, %p, %d, %p, %lu, %lu)\n",
2022 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2023 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2026 return STATUS_NONE_MAPPED
;
2028 TranslatedSids
->Entries
= Count
;
2029 TranslatedSids
->Sids
= NULL
;
2030 *ReferencedDomains
= NULL
;
2032 SidsBufferLength
= Count
* sizeof(LSAPR_TRANSLATED_SID_EX2
);
2033 SidsBuffer
= MIDL_user_allocate(SidsBufferLength
);
2034 if (SidsBuffer
== NULL
)
2035 return STATUS_INSUFFICIENT_RESOURCES
;
2037 for (i
= 0; i
< Count
; i
++)
2039 SidsBuffer
[i
].Use
= SidTypeUser
;
2040 SidsBuffer
[i
].Sid
= NULL
;
2041 SidsBuffer
[i
].DomainIndex
= -1;
2042 SidsBuffer
[i
].Flags
= 0;
2045 DomainsBuffer
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
2046 if (DomainsBuffer
== NULL
)
2048 MIDL_user_free(SidsBuffer
);
2049 return STATUS_INSUFFICIENT_RESOURCES
;
2052 DomainsBuffer
->Entries
= Count
;
2053 DomainsBuffer
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
2054 if (DomainsBuffer
->Domains
== NULL
)
2056 MIDL_user_free(DomainsBuffer
);
2057 MIDL_user_free(SidsBuffer
);
2058 return STATUS_INSUFFICIENT_RESOURCES
;
2061 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2063 SECURITY_BUILTIN_DOMAIN_RID
,
2064 DOMAIN_ALIAS_RID_ADMINS
,
2067 if (!NT_SUCCESS(Status
))
2069 MIDL_user_free(DomainsBuffer
->Domains
);
2070 MIDL_user_free(DomainsBuffer
);
2071 MIDL_user_free(SidsBuffer
);
2075 DomainSidLength
= RtlLengthSid(DomainSid
);
2077 for (i
= 0; i
< Count
; i
++)
2079 DomainsBuffer
->Domains
[i
].Sid
= MIDL_user_allocate(DomainSidLength
);
2080 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Sid
,
2084 DomainsBuffer
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
2085 DomainsBuffer
->Domains
[i
].Name
.Length
= DomainName
.Length
;
2086 DomainsBuffer
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
2087 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Name
.Buffer
,
2089 DomainName
.MaximumLength
);
2092 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2094 SECURITY_BUILTIN_DOMAIN_RID
,
2095 DOMAIN_ALIAS_RID_ADMINS
,
2096 DOMAIN_USER_RID_ADMIN
,
2099 if (!NT_SUCCESS(Status
))
2101 MIDL_user_free(DomainsBuffer
->Domains
);
2102 MIDL_user_free(DomainsBuffer
);
2103 MIDL_user_free(SidsBuffer
);
2107 AccountSidLength
= RtlLengthSid(AccountSid
);
2109 for (i
= 0; i
< Count
; i
++)
2111 SidsBuffer
[i
].Use
= SidTypeWellKnownGroup
;
2112 SidsBuffer
[i
].Sid
= MIDL_user_allocate(AccountSidLength
);
2114 RtlCopyMemory(SidsBuffer
[i
].Sid
,
2118 SidsBuffer
[i
].DomainIndex
= i
;
2119 SidsBuffer
[i
].Flags
= 0;
2122 *ReferencedDomains
= DomainsBuffer
;
2123 *MappedCount
= Count
;
2125 TranslatedSids
->Entries
= Count
;
2126 TranslatedSids
->Sids
= SidsBuffer
;
2128 return STATUS_SUCCESS
;
2133 NTSTATUS WINAPI
CredrGetSessionTypes(
2137 return STATUS_NOT_IMPLEMENTED
;
2142 NTSTATUS WINAPI
LsarRegisterAuditEvent(
2146 return STATUS_NOT_IMPLEMENTED
;
2151 NTSTATUS WINAPI
LsarGenAuditEvent(
2155 return STATUS_NOT_IMPLEMENTED
;
2160 NTSTATUS WINAPI
LsarUnregisterAuditEvent(
2164 return STATUS_NOT_IMPLEMENTED
;
2169 NTSTATUS WINAPI
LsarQueryForestTrustInformation(
2170 LSAPR_HANDLE PolicyHandle
,
2171 PLSA_UNICODE_STRING TrustedDomainName
,
2172 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2173 PLSA_FOREST_TRUST_INFORMATION
*ForestTrustInfo
)
2176 return STATUS_NOT_IMPLEMENTED
;
2181 NTSTATUS WINAPI
LsarSetForestTrustInformation(
2182 LSAPR_HANDLE PolicyHandle
,
2183 PLSA_UNICODE_STRING TrustedDomainName
,
2184 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2185 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo
,
2187 PLSA_FOREST_TRUST_COLLISION_INFORMATION
*CollisionInfo
)
2190 return STATUS_NOT_IMPLEMENTED
;
2195 NTSTATUS WINAPI
CredrRename(
2199 return STATUS_NOT_IMPLEMENTED
;
2204 NTSTATUS WINAPI
LsarLookupSids3(
2205 LSAPR_HANDLE PolicyHandle
,
2206 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2207 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2208 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2209 LSAP_LOOKUP_LEVEL LookupLevel
,
2211 DWORD LookupOptions
,
2212 DWORD ClientRevision
)
2215 return STATUS_NOT_IMPLEMENTED
;
2220 NTSTATUS WINAPI
LsarLookupNames4(
2223 PRPC_UNICODE_STRING Names
,
2224 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2225 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2226 LSAP_LOOKUP_LEVEL LookupLevel
,
2228 DWORD LookupOptions
,
2229 DWORD ClientRevision
)
2232 return STATUS_NOT_IMPLEMENTED
;
2237 NTSTATUS WINAPI
LsarOpenPolicySce(
2241 return STATUS_NOT_IMPLEMENTED
;
2246 NTSTATUS WINAPI
LsarAdtRegisterSecurityEventSource(
2250 return STATUS_NOT_IMPLEMENTED
;
2255 NTSTATUS WINAPI
LsarAdtUnregisterSecurityEventSource(
2259 return STATUS_NOT_IMPLEMENTED
;
2264 NTSTATUS WINAPI
LsarAdtReportSecurityEvent(
2268 return STATUS_NOT_IMPLEMENTED
;
2273 NTSTATUS WINAPI
CredrFindBestCredential(
2277 return STATUS_NOT_IMPLEMENTED
;
2282 NTSTATUS WINAPI
LsarSetAuditPolicy(
2286 return STATUS_NOT_IMPLEMENTED
;
2291 NTSTATUS WINAPI
LsarQueryAuditPolicy(
2295 return STATUS_NOT_IMPLEMENTED
;
2300 NTSTATUS WINAPI
LsarEnumerateAuditPolicy(
2304 return STATUS_NOT_IMPLEMENTED
;
2309 NTSTATUS WINAPI
LsarEnumerateAuditCategories(
2313 return STATUS_NOT_IMPLEMENTED
;
2318 NTSTATUS WINAPI
LsarEnumerateAuditSubCategories(
2322 return STATUS_NOT_IMPLEMENTED
;
2327 NTSTATUS WINAPI
LsarLookupAuditCategoryName(
2331 return STATUS_NOT_IMPLEMENTED
;
2336 NTSTATUS WINAPI
LsarLookupAuditSubCategoryName(
2340 return STATUS_NOT_IMPLEMENTED
;
2345 NTSTATUS WINAPI
LsarSetAuditSecurity(
2349 return STATUS_NOT_IMPLEMENTED
;
2354 NTSTATUS WINAPI
LsarQueryAuditSecurity(
2358 return STATUS_NOT_IMPLEMENTED
;
2363 NTSTATUS WINAPI
CredReadByTokenHandle(
2367 return STATUS_NOT_IMPLEMENTED
;
2372 NTSTATUS WINAPI
CredrRestoreCredentials(
2376 return STATUS_NOT_IMPLEMENTED
;
2381 NTSTATUS WINAPI
CredrBackupCredentials(
2385 return STATUS_NOT_IMPLEMENTED
;