projects / reactos.git / blob
? search:


ce9d48181552204e5a3ec3fb663df82fcb21fd33
[reactos.git] / reactos / dll / win32 / lsasrv / lsarpc.c
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
6 *
7 * PROGRAMMERS: Eric Kohl
8 */
9
10 /* INCLUDES ****************************************************************/
11
12 #include "lsasrv.h"
13
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
15
16
17 /* GLOBALS *****************************************************************/
18
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock;
20
21
22 /* FUNCTIONS ***************************************************************/
23
24 VOID
25 LsarStartRpcServer(VOID)
26 {
27 RPC_STATUS Status;
28
29 RtlInitializeCriticalSection(&PolicyHandleTableLock);
30
31 TRACE("LsarStartRpcServer() called\n");
32
33 Status = RpcServerUseProtseqEpW(L"ncacn_np",
34 10,
35 L"\\pipe\\lsarpc",
36 NULL);
37 if (Status != RPC_S_OK)
38 {
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status);
40 return;
41 }
42
43 Status = RpcServerRegisterIf(lsarpc_v0_0_s_ifspec,
44 NULL,
45 NULL);
46 if (Status != RPC_S_OK)
47 {
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status);
49 return;
50 }
51
52 Status = RpcServerListen(1, 20, TRUE);
53 if (Status != RPC_S_OK)
54 {
55 WARN("RpcServerListen() failed (Status %lx)\n", Status);
56 return;
57 }
58
59 TRACE("LsarStartRpcServer() done\n");
60 }
61
62
63 void __RPC_USER LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle)
64 {
65
66 }
67
68
69 /* Function 0 */
70 NTSTATUS WINAPI LsarClose(
71 LSAPR_HANDLE *ObjectHandle)
72 {
73 PLSA_DB_OBJECT DbObject;
74 NTSTATUS Status = STATUS_SUCCESS;
75
76 TRACE("0x%p\n", ObjectHandle);
77
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
79
80 Status = LsapValidateDbObject(*ObjectHandle,
81 LsaDbIgnoreObject,
82 0,
83 &DbObject);
84 if (Status == STATUS_SUCCESS)
85 {
86 Status = LsapCloseDbObject(DbObject);
87 *ObjectHandle = NULL;
88 }
89
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
91
92 return Status;
93 }
94
95
96 /* Function 1 */
97 NTSTATUS WINAPI LsarDelete(
98 LSAPR_HANDLE ObjectHandle)
99 {
100 /* Deprecated */
101 return STATUS_NOT_SUPPORTED;
102 }
103
104
105 /* Function 2 */
106 NTSTATUS WINAPI LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle,
108 DWORD *EnumerationContext,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer,
110 DWORD PreferedMaximumLength)
111 {
112 PLSA_DB_OBJECT PolicyObject;
113 NTSTATUS Status;
114
115 TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
116 PolicyHandle, EnumerationContext, EnumerationBuffer,
117 PreferedMaximumLength);
118
119 Status = LsapValidateDbObject(PolicyHandle,
120 LsaDbPolicyObject,
121 POLICY_VIEW_LOCAL_INFORMATION,
122 &PolicyObject);
123 if (!NT_SUCCESS(Status))
124 return Status;
125
126 if (EnumerationContext == NULL)
127 return STATUS_INVALID_PARAMETER;
128
129 return LsarpEnumeratePrivileges(EnumerationContext,
130 EnumerationBuffer,
131 PreferedMaximumLength);
132 }
133
134
135 /* Function 3 */
136 NTSTATUS WINAPI LsarQuerySecurityObject(
137 LSAPR_HANDLE ObjectHandle,
138 SECURITY_INFORMATION SecurityInformation,
139 PLSAPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor)
140 {
141 UNIMPLEMENTED;
142 return STATUS_NOT_IMPLEMENTED;
143 }
144
145
146 /* Function 4 */
147 NTSTATUS WINAPI LsarSetSecurityObject(
148 LSAPR_HANDLE ObjectHandle,
149 SECURITY_INFORMATION SecurityInformation,
150 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor)
151 {
152 UNIMPLEMENTED;
153 return STATUS_NOT_IMPLEMENTED;
154 }
155
156
157 /* Function 5 */
158 NTSTATUS WINAPI LsarChangePassword(
159 handle_t IDL_handle,
160 PRPC_UNICODE_STRING String1,
161 PRPC_UNICODE_STRING String2,
162 PRPC_UNICODE_STRING String3,
163 PRPC_UNICODE_STRING String4,
164 PRPC_UNICODE_STRING String5)
165 {
166 /* Deprecated */
167 return STATUS_NOT_IMPLEMENTED;
168 }
169
170
171 /* Function 6 */
172 NTSTATUS WINAPI LsarOpenPolicy(
173 LPWSTR SystemName,
174 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
175 ACCESS_MASK DesiredAccess,
176 LSAPR_HANDLE *PolicyHandle)
177 {
178 PLSA_DB_OBJECT PolicyObject;
179 NTSTATUS Status;
180
181 TRACE("LsarOpenPolicy called!\n");
182
183 RtlEnterCriticalSection(&PolicyHandleTableLock);
184
185 Status = LsapOpenDbObject(NULL,
186 NULL,
187 L"Policy",
188 LsaDbPolicyObject,
189 DesiredAccess,
190 &PolicyObject);
191
192 RtlLeaveCriticalSection(&PolicyHandleTableLock);
193
194 if (NT_SUCCESS(Status))
195 *PolicyHandle = (LSAPR_HANDLE)PolicyObject;
196
197 TRACE("LsarOpenPolicy done!\n");
198
199 return Status;
200 }
201
202
203 /* Function 7 */
204 NTSTATUS WINAPI LsarQueryInformationPolicy(
205 LSAPR_HANDLE PolicyHandle,
206 POLICY_INFORMATION_CLASS InformationClass,
207 PLSAPR_POLICY_INFORMATION *PolicyInformation)
208 {
209 PLSA_DB_OBJECT DbObject;
210 ACCESS_MASK DesiredAccess = 0;
211 NTSTATUS Status;
212
213 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
214 PolicyHandle, InformationClass, PolicyInformation);
215
216 if (PolicyInformation)
217 {
218 TRACE("*PolicyInformation %p\n", *PolicyInformation);
219 }
220
221 switch (InformationClass)
222 {
223 case PolicyAuditLogInformation:
224 case PolicyAuditEventsInformation:
225 case PolicyAuditFullQueryInformation:
226 DesiredAccess = POLICY_VIEW_AUDIT_INFORMATION;
227 break;
228
229 case PolicyPrimaryDomainInformation:
230 case PolicyAccountDomainInformation:
231 case PolicyLsaServerRoleInformation:
232 case PolicyReplicaSourceInformation:
233 case PolicyDefaultQuotaInformation:
234 case PolicyModificationInformation:
235 case PolicyDnsDomainInformation:
236 case PolicyDnsDomainInformationInt:
237 case PolicyLocalAccountDomainInformation:
238 DesiredAccess = POLICY_VIEW_LOCAL_INFORMATION;
239 break;
240
241 case PolicyPdAccountInformation:
242 DesiredAccess = POLICY_GET_PRIVATE_INFORMATION;
243 break;
244
245 default:
246 ERR("Invalid InformationClass!\n");
247 return STATUS_INVALID_PARAMETER;
248 }
249
250 Status = LsapValidateDbObject(PolicyHandle,
251 LsaDbPolicyObject,
252 DesiredAccess,
253 &DbObject);
254 if (!NT_SUCCESS(Status))
255 return Status;
256
257 switch (InformationClass)
258 {
259 case PolicyAuditLogInformation: /* 1 */
260 Status = LsarQueryAuditLog(PolicyHandle,
261 PolicyInformation);
262
263 case PolicyAuditEventsInformation: /* 2 */
264 Status = LsarQueryAuditEvents(PolicyHandle,
265 PolicyInformation);
266 break;
267
268 case PolicyPrimaryDomainInformation: /* 3 */
269 Status = LsarQueryPrimaryDomain(PolicyHandle,
270 PolicyInformation);
271 break;
272
273 case PolicyPdAccountInformation: /* 4 */
274 Status = LsarQueryPdAccount(PolicyHandle,
275 PolicyInformation);
276
277 case PolicyAccountDomainInformation: /* 5 */
278 Status = LsarQueryAccountDomain(PolicyHandle,
279 PolicyInformation);
280 break;
281
282 case PolicyLsaServerRoleInformation: /* 6 */
283 Status = LsarQueryServerRole(PolicyHandle,
284 PolicyInformation);
285 break;
286
287 case PolicyReplicaSourceInformation: /* 7 */
288 Status = LsarQueryReplicaSource(PolicyHandle,
289 PolicyInformation);
290
291 case PolicyDefaultQuotaInformation: /* 8 */
292 Status = LsarQueryDefaultQuota(PolicyHandle,
293 PolicyInformation);
294 break;
295
296 case PolicyModificationInformation: /* 9 */
297 Status = LsarQueryModification(PolicyHandle,
298 PolicyInformation);
299 break;
300
301 case PolicyAuditFullQueryInformation: /* 11 (0xB) */
302 Status = LsarQueryAuditFull(PolicyHandle,
303 PolicyInformation);
304 break;
305
306 case PolicyDnsDomainInformation: /* 12 (0xC) */
307 Status = LsarQueryDnsDomain(PolicyHandle,
308 PolicyInformation);
309 break;
310
311 case PolicyDnsDomainInformationInt: /* 13 (0xD) */
312 Status = LsarQueryDnsDomainInt(PolicyHandle,
313 PolicyInformation);
314 break;
315
316 case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
317 Status = LsarQueryLocalAccountDomain(PolicyHandle,
318 PolicyInformation);
319 break;
320
321 default:
322 ERR("Invalid InformationClass!\n");
323 Status = STATUS_INVALID_PARAMETER;
324 }
325
326 return Status;
327 }
328
329
330 /* Function 8 */
331 NTSTATUS WINAPI LsarSetInformationPolicy(
332 LSAPR_HANDLE PolicyHandle,
333 POLICY_INFORMATION_CLASS InformationClass,
334 PLSAPR_POLICY_INFORMATION PolicyInformation)
335 {
336 PLSA_DB_OBJECT DbObject;
337 ACCESS_MASK DesiredAccess = 0;
338 NTSTATUS Status;
339
340 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
341 PolicyHandle, InformationClass, PolicyInformation);
342
343 if (PolicyInformation)
344 {
345 TRACE("*PolicyInformation %p\n", *PolicyInformation);
346 }
347
348 switch (InformationClass)
349 {
350 case PolicyAuditLogInformation:
351 case PolicyAuditFullSetInformation:
352 DesiredAccess = POLICY_AUDIT_LOG_ADMIN;
353 break;
354
355 case PolicyAuditEventsInformation:
356 DesiredAccess = POLICY_SET_AUDIT_REQUIREMENTS;
357 break;
358
359 case PolicyPrimaryDomainInformation:
360 case PolicyAccountDomainInformation:
361 case PolicyDnsDomainInformation:
362 case PolicyDnsDomainInformationInt:
363 case PolicyLocalAccountDomainInformation:
364 DesiredAccess = POLICY_TRUST_ADMIN;
365 break;
366
367 case PolicyLsaServerRoleInformation:
368 case PolicyReplicaSourceInformation:
369 DesiredAccess = POLICY_SERVER_ADMIN;
370 break;
371
372 case PolicyDefaultQuotaInformation:
373 DesiredAccess = POLICY_SET_DEFAULT_QUOTA_LIMITS;
374 break;
375
376 default:
377 ERR("Invalid InformationClass!\n");
378 return STATUS_INVALID_PARAMETER;
379 }
380
381 Status = LsapValidateDbObject(PolicyHandle,
382 LsaDbPolicyObject,
383 DesiredAccess,
384 &DbObject);
385 if (!NT_SUCCESS(Status))
386 return Status;
387
388 switch (InformationClass)
389 {
390 case PolicyAuditEventsInformation:
391 Status = STATUS_NOT_IMPLEMENTED;
392 break;
393
394 case PolicyPrimaryDomainInformation:
395 Status = LsarSetPrimaryDomain(PolicyHandle,
396 (PLSAPR_POLICY_PRIMARY_DOM_INFO)PolicyInformation);
397 break;
398
399 case PolicyAccountDomainInformation:
400 Status = LsarSetAccountDomain(PolicyHandle,
401 (PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
402 break;
403
404 case PolicyDnsDomainInformation:
405 Status = LsarSetDnsDomain(PolicyHandle,
406 (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
407 break;
408
409 case PolicyLsaServerRoleInformation:
410 Status = STATUS_NOT_IMPLEMENTED;
411 break;
412
413 default:
414 Status = STATUS_INVALID_PARAMETER;
415 break;
416 }
417
418 return Status;
419 }
420
421
422 /* Function 9 */
423 NTSTATUS WINAPI LsarClearAuditLog(
424 LSAPR_HANDLE ObjectHandle)
425 {
426 /* Deprecated */
427 return STATUS_NOT_IMPLEMENTED;
428 }
429
430
431 /* Function 10 */
432 NTSTATUS WINAPI LsarCreateAccount(
433 LSAPR_HANDLE PolicyHandle,
434 PRPC_SID AccountSid,
435 ACCESS_MASK DesiredAccess,
436 LSAPR_HANDLE *AccountHandle)
437 {
438 PLSA_DB_OBJECT PolicyObject;
439 PLSA_DB_OBJECT AccountObject = NULL;
440 LPWSTR SidString = NULL;
441 NTSTATUS Status = STATUS_SUCCESS;
442
443 /* Validate the AccountSid */
444 if (!RtlValidSid(AccountSid))
445 return STATUS_INVALID_PARAMETER;
446
447 /* Validate the PolicyHandle */
448 Status = LsapValidateDbObject(PolicyHandle,
449 LsaDbPolicyObject,
450 POLICY_CREATE_ACCOUNT,
451 &PolicyObject);
452 if (!NT_SUCCESS(Status))
453 {
454 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
455 return Status;
456 }
457
458 /* Create SID string */
459 if (!ConvertSidToStringSid((PSID)AccountSid,
460 &SidString))
461 {
462 ERR("ConvertSidToStringSid failed\n");
463 Status = STATUS_INVALID_PARAMETER;
464 goto done;
465 }
466
467 /* Create the Account object */
468 Status = LsapCreateDbObject(PolicyObject,
469 L"Accounts",
470 SidString,
471 LsaDbAccountObject,
472 DesiredAccess,
473 &AccountObject);
474 if (!NT_SUCCESS(Status))
475 {
476 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
477 goto done;
478 }
479
480 /* Set the Sid attribute */
481 Status = LsapSetObjectAttribute(AccountObject,
482 L"Sid",
483 (PVOID)AccountSid,
484 GetLengthSid(AccountSid));
485
486 done:
487 if (SidString != NULL)
488 LocalFree(SidString);
489
490 if (!NT_SUCCESS(Status))
491 {
492 if (AccountObject != NULL)
493 LsapCloseDbObject(AccountObject);
494 }
495 else
496 {
497 *AccountHandle = (LSAPR_HANDLE)AccountObject;
498 }
499
500 return STATUS_SUCCESS;
501 }
502
503
504 /* Function 11 */
505 NTSTATUS WINAPI LsarEnumerateAccounts(
506 LSAPR_HANDLE PolicyHandle,
507 DWORD *EnumerationContext,
508 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer,
509 DWORD PreferedMaximumLength)
510 {
511 UNIMPLEMENTED;
512 return STATUS_NOT_IMPLEMENTED;
513 }
514
515
516 /* Function 12 */
517 NTSTATUS WINAPI LsarCreateTrustedDomain(
518 LSAPR_HANDLE PolicyHandle,
519 PLSAPR_TRUST_INFORMATION TrustedDomainInformation,
520 ACCESS_MASK DesiredAccess,
521 LSAPR_HANDLE *TrustedDomainHandle)
522 {
523 UNIMPLEMENTED;
524 return STATUS_NOT_IMPLEMENTED;
525 }
526
527
528 /* Function 13 */
529 NTSTATUS WINAPI LsarEnumerateTrustedDomains(
530 LSAPR_HANDLE PolicyHandle,
531 DWORD *EnumerationContext,
532 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
533 DWORD PreferedMaximumLength)
534 {
535 UNIMPLEMENTED;
536 return STATUS_NOT_IMPLEMENTED;
537 }
538
539
540 /* Function 14 */
541 NTSTATUS WINAPI LsarLookupNames(
542 LSAPR_HANDLE PolicyHandle,
543 DWORD Count,
544 PRPC_UNICODE_STRING Names,
545 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
546 PLSAPR_TRANSLATED_SIDS TranslatedSids,
547 LSAP_LOOKUP_LEVEL LookupLevel,
548 DWORD *MappedCount)
549 {
550 SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
551 static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
552 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains = NULL;
553 PLSA_TRANSLATED_SID OutputSids = NULL;
554 ULONG OutputSidsLength;
555 ULONG i;
556 PSID Sid;
557 ULONG SidLength;
558 NTSTATUS Status;
559
560 TRACE("LsarLookupNames(%p, %lu, %p, %p, %p, %d, %p)\n",
561 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
562 LookupLevel, MappedCount);
563
564 TranslatedSids->Entries = Count;
565 TranslatedSids->Sids = NULL;
566 *ReferencedDomains = NULL;
567
568 OutputSidsLength = Count * sizeof(LSA_TRANSLATED_SID);
569 OutputSids = MIDL_user_allocate(OutputSidsLength);
570 if (OutputSids == NULL)
571 {
572 return STATUS_INSUFFICIENT_RESOURCES;
573 }
574
575 RtlZeroMemory(OutputSids, OutputSidsLength);
576
577 OutputDomains = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
578 if (OutputDomains == NULL)
579 {
580 MIDL_user_free(OutputSids);
581 return STATUS_INSUFFICIENT_RESOURCES;
582 }
583
584 OutputDomains->Entries = Count;
585 OutputDomains->Domains = MIDL_user_allocate(Count * sizeof(LSA_TRUST_INFORMATION));
586 if (OutputDomains->Domains == NULL)
587 {
588 MIDL_user_free(OutputDomains);
589 MIDL_user_free(OutputSids);
590 return STATUS_INSUFFICIENT_RESOURCES;
591 }
592
593 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
594 2,
595 SECURITY_BUILTIN_DOMAIN_RID,
596 DOMAIN_ALIAS_RID_ADMINS,
597 0, 0, 0, 0, 0, 0,
598 &Sid);
599 if (!NT_SUCCESS(Status))
600 {
601 MIDL_user_free(OutputDomains->Domains);
602 MIDL_user_free(OutputDomains);
603 MIDL_user_free(OutputSids);
604 return Status;
605 }
606
607 SidLength = RtlLengthSid(Sid);
608
609 for (i = 0; i < Count; i++)
610 {
611 OutputDomains->Domains[i].Sid = MIDL_user_allocate(SidLength);
612 RtlCopyMemory(OutputDomains->Domains[i].Sid, Sid, SidLength);
613
614 OutputDomains->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength);
615 OutputDomains->Domains[i].Name.Length = DomainName.Length;
616 OutputDomains->Domains[i].Name.MaximumLength = DomainName.MaximumLength;
617 RtlCopyMemory(OutputDomains->Domains[i].Name.Buffer, DomainName.Buffer, DomainName.MaximumLength);
618 }
619
620 for (i = 0; i < Count; i++)
621 {
622 OutputSids[i].Use = SidTypeWellKnownGroup;
623 OutputSids[i].RelativeId = DOMAIN_USER_RID_ADMIN; //DOMAIN_ALIAS_RID_ADMINS;
624 OutputSids[i].DomainIndex = i;
625 }
626
627 *ReferencedDomains = OutputDomains;
628
629 *MappedCount = Count;
630
631 TranslatedSids->Entries = Count;
632 TranslatedSids->Sids = OutputSids;
633
634 return STATUS_SUCCESS;
635 }
636
637
638 /* Function 15 */
639 NTSTATUS WINAPI LsarLookupSids(
640 LSAPR_HANDLE PolicyHandle,
641 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
642 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
643 PLSAPR_TRANSLATED_NAMES TranslatedNames,
644 LSAP_LOOKUP_LEVEL LookupLevel,
645 DWORD *MappedCount)
646 {
647 SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
648 static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
649 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains = NULL;
650 PLSAPR_TRANSLATED_NAME OutputNames = NULL;
651 ULONG OutputNamesLength;
652 ULONG i;
653 PSID Sid;
654 ULONG SidLength;
655 NTSTATUS Status;
656
657 TRACE("LsarLookupSids(%p, %p, %p, %p, %d, %p)\n",
658 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
659 LookupLevel, MappedCount);
660
661 TranslatedNames->Entries = SidEnumBuffer->Entries;
662 TranslatedNames->Names = NULL;
663 *ReferencedDomains = NULL;
664
665 OutputNamesLength = SidEnumBuffer->Entries * sizeof(LSA_TRANSLATED_NAME);
666 OutputNames = MIDL_user_allocate(OutputNamesLength);
667 if (OutputNames == NULL)
668 {
669 return STATUS_INSUFFICIENT_RESOURCES;
670 }
671
672 RtlZeroMemory(OutputNames, OutputNamesLength);
673
674 OutputDomains = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
675 if (OutputDomains == NULL)
676 {
677 MIDL_user_free(OutputNames);
678 return STATUS_INSUFFICIENT_RESOURCES;
679 }
680
681 OutputDomains->Entries = SidEnumBuffer->Entries;
682 OutputDomains->Domains = MIDL_user_allocate(SidEnumBuffer->Entries * sizeof(LSA_TRUST_INFORMATION));
683 if (OutputDomains->Domains == NULL)
684 {
685 MIDL_user_free(OutputDomains);
686 MIDL_user_free(OutputNames);
687 return STATUS_INSUFFICIENT_RESOURCES;
688 }
689
690 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
691 2,
692 SECURITY_BUILTIN_DOMAIN_RID,
693 DOMAIN_ALIAS_RID_ADMINS,
694 0, 0, 0, 0, 0, 0,
695 &Sid);
696 if (!NT_SUCCESS(Status))
697 {
698 MIDL_user_free(OutputDomains->Domains);
699 MIDL_user_free(OutputDomains);
700 MIDL_user_free(OutputNames);
701 return Status;
702 }
703
704 SidLength = RtlLengthSid(Sid);
705
706 for (i = 0; i < SidEnumBuffer->Entries; i++)
707 {
708 OutputDomains->Domains[i].Sid = MIDL_user_allocate(SidLength);
709 RtlCopyMemory(OutputDomains->Domains[i].Sid, Sid, SidLength);
710
711 OutputDomains->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength);
712 OutputDomains->Domains[i].Name.Length = DomainName.Length;
713 OutputDomains->Domains[i].Name.MaximumLength = DomainName.MaximumLength;
714 RtlCopyMemory(OutputDomains->Domains[i].Name.Buffer, DomainName.Buffer, DomainName.MaximumLength);
715 }
716
717 Status = LsapLookupSids(SidEnumBuffer,
718 OutputNames);
719
720 *ReferencedDomains = OutputDomains;
721
722 *MappedCount = SidEnumBuffer->Entries;
723
724 TranslatedNames->Entries = SidEnumBuffer->Entries;
725 TranslatedNames->Names = OutputNames;
726
727 return Status;
728 }
729
730
731 /* Function 16 */
732 NTSTATUS WINAPI LsarCreateSecret(
733 LSAPR_HANDLE PolicyHandle,
734 PRPC_UNICODE_STRING SecretName,
735 ACCESS_MASK DesiredAccess,
736 LSAPR_HANDLE *SecretHandle)
737 {
738 PLSA_DB_OBJECT PolicyObject;
739 PLSA_DB_OBJECT SecretObject = NULL;
740 LARGE_INTEGER Time;
741 NTSTATUS Status = STATUS_SUCCESS;
742
743 /* Validate the PolicyHandle */
744 Status = LsapValidateDbObject(PolicyHandle,
745 LsaDbPolicyObject,
746 POLICY_CREATE_SECRET,
747 &PolicyObject);
748 if (!NT_SUCCESS(Status))
749 {
750 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
751 return Status;
752 }
753
754 /* Get the current time */
755 Status = NtQuerySystemTime(&Time);
756 if (!NT_SUCCESS(Status))
757 {
758 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
759 goto done;
760 }
761
762 /* Create the Secret object */
763 Status = LsapCreateDbObject(PolicyObject,
764 L"Secrets",
765 SecretName->Buffer,
766 LsaDbSecretObject,
767 DesiredAccess,
768 &SecretObject);
769 if (!NT_SUCCESS(Status))
770 {
771 ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
772 goto done;
773 }
774
775 /* Set the CurrentTime attribute */
776 Status = LsapSetObjectAttribute(SecretObject,
777 L"CurrentTime",
778 (PVOID)&Time,
779 sizeof(LARGE_INTEGER));
780 if (!NT_SUCCESS(Status))
781 {
782 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status);
783 goto done;
784 }
785
786 /* Set the OldTime attribute */
787 Status = LsapSetObjectAttribute(SecretObject,
788 L"OldTime",
789 (PVOID)&Time,
790 sizeof(LARGE_INTEGER));
791
792 done:
793 if (!NT_SUCCESS(Status))
794 {
795 if (SecretObject != NULL)
796 LsapCloseDbObject(SecretObject);
797 }
798 else
799 {
800 *SecretHandle = (LSAPR_HANDLE)SecretObject;
801 }
802
803 return STATUS_SUCCESS;
804 }
805
806
807 /* Function 17 */
808 NTSTATUS WINAPI LsarOpenAccount(
809 LSAPR_HANDLE PolicyHandle,
810 PRPC_SID AccountSid,
811 ACCESS_MASK DesiredAccess,
812 LSAPR_HANDLE *AccountHandle)
813 {
814 PLSA_DB_OBJECT PolicyObject;
815 PLSA_DB_OBJECT AccountObject = NULL;
816 LPWSTR SidString = NULL;
817 NTSTATUS Status = STATUS_SUCCESS;
818
819 /* Validate the AccountSid */
820 if (!RtlValidSid(AccountSid))
821 return STATUS_INVALID_PARAMETER;
822
823 /* Validate the PolicyHandle */
824 Status = LsapValidateDbObject(PolicyHandle,
825 LsaDbPolicyObject,
826 0,
827 &PolicyObject);
828 if (!NT_SUCCESS(Status))
829 {
830 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
831 return Status;
832 }
833
834 /* Create SID string */
835 if (!ConvertSidToStringSid((PSID)AccountSid,
836 &SidString))
837 {
838 ERR("ConvertSidToStringSid failed\n");
839 Status = STATUS_INVALID_PARAMETER;
840 goto done;
841 }
842
843 /* Create the Account object */
844 Status = LsapOpenDbObject(PolicyObject,
845 L"Accounts",
846 SidString,
847 LsaDbAccountObject,
848 DesiredAccess,
849 &AccountObject);
850 if (!NT_SUCCESS(Status))
851 {
852 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
853 goto done;
854 }
855
856 /* Set the Sid attribute */
857 Status = LsapSetObjectAttribute(AccountObject,
858 L"Sid",
859 (PVOID)AccountSid,
860 GetLengthSid(AccountSid));
861
862 done:
863 if (SidString != NULL)
864 LocalFree(SidString);
865
866 if (!NT_SUCCESS(Status))
867 {
868 if (AccountObject != NULL)
869 LsapCloseDbObject(AccountObject);
870 }
871 else
872 {
873 *AccountHandle = (LSAPR_HANDLE)AccountObject;
874 }
875
876 return Status;
877 }
878
879
880 /* Function 18 */
881 NTSTATUS WINAPI LsarEnumeratePrivilegesAccount(
882 LSAPR_HANDLE AccountHandle,
883 PLSAPR_PRIVILEGE_SET *Privileges)
884 {
885 PLSA_DB_OBJECT AccountObject;
886 ULONG PrivilegeSetSize = 0;
887 PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
888 NTSTATUS Status;
889
890 *Privileges = NULL;
891
892 /* Validate the AccountHandle */
893 Status = LsapValidateDbObject(AccountHandle,
894 LsaDbAccountObject,
895 ACCOUNT_VIEW,
896 &AccountObject);
897 if (!NT_SUCCESS(Status))
898 {
899 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
900 return Status;
901 }
902
903 /* Get the size of the privilege set */
904 Status = LsapGetObjectAttribute(AccountObject,
905 L"Privilgs",
906 NULL,
907 &PrivilegeSetSize);
908 if (!NT_SUCCESS(Status))
909 return Status;
910
911 /* Allocate a buffer for the privilege set */
912 PrivilegeSet = MIDL_user_allocate(PrivilegeSetSize);
913 if (PrivilegeSet == NULL)
914 return STATUS_NO_MEMORY;
915
916 /* Get the privilege set */
917 Status = LsapGetObjectAttribute(AccountObject,
918 L"Privilgs",
919 PrivilegeSet,
920 &PrivilegeSetSize);
921 if (!NT_SUCCESS(Status))
922 {
923 MIDL_user_free(PrivilegeSet);
924 return Status;
925 }
926
927 /* Return a pointer to the privilege set */
928 *Privileges = PrivilegeSet;
929
930 return STATUS_SUCCESS;
931 }
932
933
934 /* Function 19 */
935 NTSTATUS WINAPI LsarAddPrivilegesToAccount(
936 LSAPR_HANDLE AccountHandle,
937 PLSAPR_PRIVILEGE_SET Privileges)
938 {
939 PLSA_DB_OBJECT AccountObject;
940 PPRIVILEGE_SET CurrentPrivileges = NULL;
941 PPRIVILEGE_SET NewPrivileges = NULL;
942 ULONG PrivilegeSetSize = 0;
943 ULONG PrivilegeCount;
944 ULONG i, j;
945 BOOL bFound;
946 NTSTATUS Status;
947
948 /* Validate the AccountHandle */
949 Status = LsapValidateDbObject(AccountHandle,
950 LsaDbAccountObject,
951 ACCOUNT_ADJUST_PRIVILEGES,
952 &AccountObject);
953 if (!NT_SUCCESS(Status))
954 {
955 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
956 return Status;
957 }
958
959 Status = LsapGetObjectAttribute(AccountObject,
960 L"Privilgs",
961 NULL,
962 &PrivilegeSetSize);
963 if (!NT_SUCCESS(Status) || PrivilegeSetSize == 0)
964 {
965 /* The Privilgs attribute does not exist */
966
967 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
968 (Privileges->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
969 Status = LsapSetObjectAttribute(AccountObject,
970 L"Privilgs",
971 Privileges,
972 PrivilegeSetSize);
973 }
974 else
975 {
976 /* The Privilgs attribute exists */
977
978 /* Allocate memory for the stored privilege set */
979 CurrentPrivileges = MIDL_user_allocate(PrivilegeSetSize);
980 if (CurrentPrivileges == NULL)
981 return STATUS_NO_MEMORY;
982
983 /* Get the current privilege set */
984 Status = LsapGetObjectAttribute(AccountObject,
985 L"Privilgs",
986 CurrentPrivileges,
987 &PrivilegeSetSize);
988 if (!NT_SUCCESS(Status))
989 {
990 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
991 goto done;
992 }
993
994 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
995 TRACE("Current privilege count: %lu\n", PrivilegeCount);
996
997 /* Calculate the number privileges in the combined privilege set */
998 for (i = 0; i < Privileges->PrivilegeCount; i++)
999 {
1000 bFound = FALSE;
1001 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1002 {
1003 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1004 &(CurrentPrivileges->Privilege[i].Luid)))
1005 {
1006 bFound = TRUE;
1007 break;
1008 }
1009 }
1010
1011 if (bFound == FALSE)
1012 {
1013 TRACE("Found new privilege\n");
1014 PrivilegeCount++;
1015 }
1016 }
1017 TRACE("New privilege count: %lu\n", PrivilegeCount);
1018
1019 /* Calculate the size of the new privilege set and allocate it */
1020 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1021 (PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1022 NewPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1023 if (NewPrivileges == NULL)
1024 {
1025 Status = STATUS_NO_MEMORY;
1026 goto done;
1027 }
1028
1029 /* Initialize the new privilege set */
1030 NewPrivileges->PrivilegeCount = PrivilegeCount;
1031 NewPrivileges->Control = 0;
1032
1033 /* Copy all privileges from the current privilege set */
1034 RtlCopyLuidAndAttributesArray(CurrentPrivileges->PrivilegeCount,
1035 &(CurrentPrivileges->Privilege[0]),
1036 &(NewPrivileges->Privilege[0]));
1037
1038 /* Add new privileges to the new privilege set */
1039 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1040 for (i = 0; i < Privileges->PrivilegeCount; i++)
1041 {
1042 bFound = FALSE;
1043 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1044 {
1045 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1046 &(CurrentPrivileges->Privilege[i].Luid)))
1047 {
1048 /* Overwrite attributes if a matching privilege was found */
1049 NewPrivileges->Privilege[j].Attributes = Privileges->Privilege[i].Attributes;
1050
1051 bFound = TRUE;
1052 break;
1053 }
1054 }
1055
1056 if (bFound == FALSE)
1057 {
1058 /* Copy the new privilege */
1059 RtlCopyLuidAndAttributesArray(1,
1060 (PLUID_AND_ATTRIBUTES)&(Privileges->Privilege[i]),
1061 &(NewPrivileges->Privilege[PrivilegeCount]));
1062 PrivilegeCount++;
1063 }
1064 }
1065
1066 /* Set the new priivliege set */
1067 Status = LsapSetObjectAttribute(AccountObject,
1068 L"Privilgs",
1069 NewPrivileges,
1070 PrivilegeSetSize);
1071 }
1072
1073 done:
1074 if (CurrentPrivileges != NULL)
1075 MIDL_user_free(CurrentPrivileges);
1076
1077 if (NewPrivileges != NULL)
1078 MIDL_user_free(NewPrivileges);
1079
1080 return Status;
1081 }
1082
1083
1084 /* Function 20 */
1085 NTSTATUS WINAPI LsarRemovePrivilegesFromAccount(
1086 LSAPR_HANDLE AccountHandle,
1087 BOOL AllPrivileges,
1088 PLSAPR_PRIVILEGE_SET Privileges)
1089 {
1090 UNIMPLEMENTED;
1091 return STATUS_NOT_IMPLEMENTED;
1092 }
1093
1094
1095 /* Function 21 */
1096 NTSTATUS WINAPI LsarGetQuotasForAccount(
1097 LSAPR_HANDLE AccountHandle,
1098 PQUOTA_LIMITS QuotaLimits)
1099 {
1100 UNIMPLEMENTED;
1101 return STATUS_NOT_IMPLEMENTED;
1102 }
1103
1104
1105 /* Function 22 */
1106 NTSTATUS WINAPI LsarSetQuotasForAccount(
1107 LSAPR_HANDLE AccountHandle,
1108 PQUOTA_LIMITS QuotaLimits)
1109 {
1110 UNIMPLEMENTED;
1111 return STATUS_NOT_IMPLEMENTED;
1112 }
1113
1114
1115 /* Function 23 */
1116 NTSTATUS WINAPI LsarGetSystemAccessAccount(
1117 LSAPR_HANDLE AccountHandle,
1118 ACCESS_MASK *SystemAccess)
1119 {
1120 PLSA_DB_OBJECT AccountObject;
1121 ULONG Size;
1122 NTSTATUS Status;
1123
1124 /* Validate the account handle */
1125 Status = LsapValidateDbObject(AccountHandle,
1126 LsaDbAccountObject,
1127 ACCOUNT_VIEW,
1128 &AccountObject);
1129 if (!NT_SUCCESS(Status))
1130 {
1131 ERR("Invalid handle (Status %lx)\n", Status);
1132 return Status;
1133 }
1134
1135 /* Get the system access flags */
1136 Status = LsapGetObjectAttribute(AccountObject,
1137 L"ActSysAc",
1138 SystemAccess,
1139 &Size);
1140
1141 return Status;
1142 }
1143
1144
1145 /* Function 24 */
1146 NTSTATUS WINAPI LsarSetSystemAccessAccount(
1147 LSAPR_HANDLE AccountHandle,
1148 ACCESS_MASK SystemAccess)
1149 {
1150 PLSA_DB_OBJECT AccountObject;
1151 NTSTATUS Status;
1152
1153 /* Validate the account handle */
1154 Status = LsapValidateDbObject(AccountHandle,
1155 LsaDbAccountObject,
1156 ACCOUNT_ADJUST_SYSTEM_ACCESS,
1157 &AccountObject);
1158 if (!NT_SUCCESS(Status))
1159 {
1160 ERR("Invalid handle (Status %lx)\n", Status);
1161 return Status;
1162 }
1163
1164 /* Set the system access flags */
1165 Status = LsapSetObjectAttribute(AccountObject,
1166 L"ActSysAc",
1167 &SystemAccess,
1168 sizeof(ACCESS_MASK));
1169
1170 return Status;
1171 }
1172
1173
1174 /* Function 25 */
1175 NTSTATUS WINAPI LsarOpenTrustedDomain(
1176 LSAPR_HANDLE PolicyHandle,
1177 PRPC_SID TrustedDomainSid,
1178 ACCESS_MASK DesiredAccess,
1179 LSAPR_HANDLE *TrustedDomainHandle)
1180 {
1181 UNIMPLEMENTED;
1182 return STATUS_NOT_IMPLEMENTED;
1183 }
1184
1185
1186 /* Function 26 */
1187 NTSTATUS WINAPI LsarQueryInfoTrustedDomain(
1188 LSAPR_HANDLE TrustedDomainHandle,
1189 TRUSTED_INFORMATION_CLASS InformationClass,
1190 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
1191 {
1192 UNIMPLEMENTED;
1193 return STATUS_NOT_IMPLEMENTED;
1194 }
1195
1196
1197 /* Function 27 */
1198 NTSTATUS WINAPI LsarSetInformationTrustedDomain(
1199 LSAPR_HANDLE TrustedDomainHandle,
1200 TRUSTED_INFORMATION_CLASS InformationClass,
1201 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
1202 {
1203 UNIMPLEMENTED;
1204 return STATUS_NOT_IMPLEMENTED;
1205 }
1206
1207
1208 /* Function 28 */
1209 NTSTATUS WINAPI LsarOpenSecret(
1210 LSAPR_HANDLE PolicyHandle,
1211 PRPC_UNICODE_STRING SecretName,
1212 ACCESS_MASK DesiredAccess,
1213 LSAPR_HANDLE *SecretHandle)
1214 {
1215 PLSA_DB_OBJECT PolicyObject;
1216 PLSA_DB_OBJECT SecretObject = NULL;
1217 NTSTATUS Status = STATUS_SUCCESS;
1218
1219 /* Validate the PolicyHandle */
1220 Status = LsapValidateDbObject(PolicyHandle,
1221 LsaDbPolicyObject,
1222 POLICY_CREATE_SECRET,
1223 &PolicyObject);
1224 if (!NT_SUCCESS(Status))
1225 {
1226 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1227 return Status;
1228 }
1229
1230 /* Create the secret object */
1231 Status = LsapOpenDbObject(PolicyObject,
1232 L"Secrets",
1233 SecretName->Buffer,
1234 LsaDbSecretObject,
1235 DesiredAccess,
1236 &SecretObject);
1237 if (!NT_SUCCESS(Status))
1238 {
1239 ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
1240 goto done;
1241 }
1242
1243 done:
1244 if (!NT_SUCCESS(Status))
1245 {
1246 if (SecretObject != NULL)
1247 LsapCloseDbObject(SecretObject);
1248 }
1249 else
1250 {
1251 *SecretHandle = (LSAPR_HANDLE)SecretObject;
1252 }
1253
1254 return STATUS_SUCCESS;
1255 }
1256
1257
1258 /* Function 29 */
1259 NTSTATUS WINAPI LsarSetSecret(
1260 LSAPR_HANDLE SecretHandle,
1261 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue,
1262 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue)
1263 {
1264 PLSA_DB_OBJECT SecretObject;
1265 PBYTE CurrentValue = NULL;
1266 PBYTE OldValue = NULL;
1267 ULONG CurrentValueLength = 0;
1268 ULONG OldValueLength = 0;
1269 LARGE_INTEGER Time;
1270 NTSTATUS Status;
1271
1272 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle,
1273 EncryptedCurrentValue, EncryptedOldValue);
1274
1275 /* Validate the SecretHandle */
1276 Status = LsapValidateDbObject(SecretHandle,
1277 LsaDbSecretObject,
1278 SECRET_SET_VALUE,
1279 &SecretObject);
1280 if (!NT_SUCCESS(Status))
1281 {
1282 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1283 return Status;
1284 }
1285
1286 if (EncryptedCurrentValue != NULL)
1287 {
1288 /* FIXME: Decrypt the current value */
1289 CurrentValue = EncryptedCurrentValue->Buffer;
1290 CurrentValueLength = EncryptedCurrentValue->MaximumLength;
1291 }
1292
1293 /* Set the current value */
1294 Status = LsapSetObjectAttribute(SecretObject,
1295 L"CurrentValue",
1296 CurrentValue,
1297 CurrentValueLength);
1298 if (!NT_SUCCESS(Status))
1299 {
1300 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1301 goto done;
1302 }
1303
1304 /* Get the current time */
1305 Status = NtQuerySystemTime(&Time);
1306 if (!NT_SUCCESS(Status))
1307 {
1308 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
1309 goto done;
1310 }
1311
1312 /* Set the current time */
1313 Status = LsapSetObjectAttribute(SecretObject,
1314 L"CurrentTime",
1315 &Time,
1316 sizeof(LARGE_INTEGER));
1317 if (!NT_SUCCESS(Status))
1318 {
1319 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1320 goto done;
1321 }
1322
1323 if (EncryptedOldValue != NULL)
1324 {
1325 /* FIXME: Decrypt the old value */
1326 OldValue = EncryptedOldValue->Buffer;
1327 OldValueLength = EncryptedOldValue->MaximumLength;
1328 }
1329
1330 /* Set the old value */
1331 Status = LsapSetObjectAttribute(SecretObject,
1332 L"OldValue",
1333 OldValue,
1334 OldValueLength);
1335 if (!NT_SUCCESS(Status))
1336 {
1337 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1338 goto done;
1339 }
1340
1341 /* Set the old time */
1342 Status = LsapSetObjectAttribute(SecretObject,
1343 L"OldTime",
1344 &Time,
1345 sizeof(LARGE_INTEGER));
1346 if (!NT_SUCCESS(Status))
1347 {
1348 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1349 }
1350
1351 done:
1352 return Status;
1353 }
1354
1355
1356 /* Function 30 */
1357 NTSTATUS WINAPI LsarQuerySecret(
1358 LSAPR_HANDLE SecretHandle,
1359 PLSAPR_CR_CIPHER_VALUE *EncryptedCurrentValue,
1360 PLARGE_INTEGER CurrentValueSetTime,
1361 PLSAPR_CR_CIPHER_VALUE *EncryptedOldValue,
1362 PLARGE_INTEGER OldValueSetTime)
1363 {
1364 PLSA_DB_OBJECT SecretObject;
1365 PLSAPR_CR_CIPHER_VALUE EncCurrentValue = NULL;
1366 PLSAPR_CR_CIPHER_VALUE EncOldValue = NULL;
1367 PBYTE CurrentValue = NULL;
1368 PBYTE OldValue = NULL;
1369 ULONG CurrentValueLength = 0;
1370 ULONG OldValueLength = 0;
1371 ULONG BufferSize;
1372 NTSTATUS Status;
1373
1374 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle,
1375 EncryptedCurrentValue, CurrentValueSetTime,
1376 EncryptedOldValue, OldValueSetTime);
1377
1378 /* Validate the SecretHandle */
1379 Status = LsapValidateDbObject(SecretHandle,
1380 LsaDbSecretObject,
1381 SECRET_QUERY_VALUE,
1382 &SecretObject);
1383 if (!NT_SUCCESS(Status))
1384 {
1385 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1386 return Status;
1387 }
1388
1389 if (EncryptedCurrentValue != NULL)
1390 {
1391 CurrentValueLength = 0;
1392
1393 /* Get the size of the current value */
1394 Status = LsapGetObjectAttribute(SecretObject,
1395 L"CurrentValue",
1396 NULL,
1397 &CurrentValueLength);
1398 if (!NT_SUCCESS(Status))
1399 goto done;
1400
1401 /* Allocate a buffer for the current value */
1402 CurrentValue = midl_user_allocate(CurrentValueLength);
1403 if (CurrentValue == NULL)
1404 {
1405 Status = STATUS_INSUFFICIENT_RESOURCES;
1406 goto done;
1407 }
1408
1409 /* Get the current value */
1410 Status = LsapGetObjectAttribute(SecretObject,
1411 L"CurrentValue",
1412 CurrentValue,
1413 &CurrentValueLength);
1414 if (!NT_SUCCESS(Status))
1415 goto done;
1416
1417 /* Allocate a buffer for the encrypted current value */
1418 EncCurrentValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE));
1419 if (EncCurrentValue == NULL)
1420 {
1421 Status = STATUS_INSUFFICIENT_RESOURCES;
1422 goto done;
1423 }
1424
1425 /* FIXME: Encrypt the current value */
1426 EncCurrentValue->Length = (USHORT)(CurrentValueLength - sizeof(WCHAR));
1427 EncCurrentValue->MaximumLength = (USHORT)CurrentValueLength;
1428 EncCurrentValue->Buffer = (PBYTE)CurrentValue;
1429 }
1430
1431 if (CurrentValueSetTime != NULL)
1432 {
1433 BufferSize = sizeof(LARGE_INTEGER);
1434
1435 /* Get the current value time */
1436 Status = LsapGetObjectAttribute(SecretObject,
1437 L"CurrentTime",
1438 (PBYTE)CurrentValueSetTime,
1439 &BufferSize);
1440 if (!NT_SUCCESS(Status))
1441 goto done;
1442 }
1443
1444 if (EncryptedOldValue != NULL)
1445 {
1446 OldValueLength = 0;
1447
1448 /* Get the size of the old value */
1449 Status = LsapGetObjectAttribute(SecretObject,
1450 L"OldValue",
1451 NULL,
1452 &OldValueLength);
1453 if (!NT_SUCCESS(Status))
1454 goto done;
1455
1456 /* Allocate a buffer for the old value */
1457 OldValue = midl_user_allocate(OldValueLength);
1458 if (OldValue == NULL)
1459 {
1460 Status = STATUS_INSUFFICIENT_RESOURCES;
1461 goto done;
1462 }
1463
1464 /* Get the old value */
1465 Status = LsapGetObjectAttribute(SecretObject,
1466 L"OldValue",
1467 OldValue,
1468 &OldValueLength);
1469 if (!NT_SUCCESS(Status))
1470 goto done;
1471
1472 /* Allocate a buffer for the encrypted old value */
1473 EncOldValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE) + OldValueLength);
1474 if (EncOldValue == NULL)
1475 {
1476 Status = STATUS_INSUFFICIENT_RESOURCES;
1477 goto done;
1478 }
1479
1480 /* FIXME: Encrypt the old value */
1481 EncOldValue->Length = (USHORT)(OldValueLength - sizeof(WCHAR));
1482 EncOldValue->MaximumLength = (USHORT)OldValueLength;
1483 EncOldValue->Buffer = (PBYTE)OldValue;
1484 }
1485
1486 if (OldValueSetTime != NULL)
1487 {
1488 BufferSize = sizeof(LARGE_INTEGER);
1489
1490 /* Get the old value time */
1491 Status = LsapGetObjectAttribute(SecretObject,
1492 L"OldTime",
1493 (PBYTE)OldValueSetTime,
1494 &BufferSize);
1495 if (!NT_SUCCESS(Status))
1496 goto done;
1497 }
1498
1499
1500 done:
1501 if (NT_SUCCESS(Status))
1502 {
1503 if (EncryptedCurrentValue != NULL)
1504 *EncryptedCurrentValue = EncCurrentValue;
1505
1506 if (EncryptedOldValue != NULL)
1507 *EncryptedOldValue = EncOldValue;
1508 }
1509 else
1510 {
1511 if (EncryptedCurrentValue != NULL)
1512 *EncryptedCurrentValue = NULL;
1513
1514 if (EncryptedOldValue != NULL)
1515 *EncryptedOldValue = NULL;
1516
1517 if (EncCurrentValue != NULL)
1518 midl_user_free(EncCurrentValue);
1519
1520 if (EncOldValue != NULL)
1521 midl_user_free(EncOldValue);
1522
1523 if (CurrentValue != NULL)
1524 midl_user_free(CurrentValue);
1525
1526 if (OldValue != NULL)
1527 midl_user_free(OldValue);
1528 }
1529
1530 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status);
1531
1532 return Status;
1533 }
1534
1535
1536 /* Function 31 */
1537 NTSTATUS WINAPI LsarLookupPrivilegeValue(
1538 LSAPR_HANDLE PolicyHandle,
1539 PRPC_UNICODE_STRING Name,
1540 PLUID Value)
1541 {
1542 NTSTATUS Status;
1543
1544 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1545 PolicyHandle, Name, Value);
1546
1547 Status = LsapValidateDbObject(PolicyHandle,
1548 LsaDbPolicyObject,
1549 POLICY_LOOKUP_NAMES,
1550 NULL);
1551 if (!NT_SUCCESS(Status))
1552 {
1553 ERR("Invalid handle (Status %lx)\n", Status);
1554 return Status;
1555 }
1556
1557 TRACE("Privilege: %wZ\n", Name);
1558
1559 Status = LsarpLookupPrivilegeValue((PUNICODE_STRING)Name,
1560 Value);
1561
1562 return Status;
1563 }
1564
1565
1566 /* Function 32 */
1567 NTSTATUS WINAPI LsarLookupPrivilegeName(
1568 LSAPR_HANDLE PolicyHandle,
1569 PLUID Value,
1570 PRPC_UNICODE_STRING *Name)
1571 {
1572 NTSTATUS Status;
1573
1574 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1575 PolicyHandle, Value, Name);
1576
1577 Status = LsapValidateDbObject(PolicyHandle,
1578 LsaDbPolicyObject,
1579 POLICY_LOOKUP_NAMES,
1580 NULL);
1581 if (!NT_SUCCESS(Status))
1582 {
1583 ERR("Invalid handle\n");
1584 return Status;
1585 }
1586
1587 Status = LsarpLookupPrivilegeName(Value, (PUNICODE_STRING*)Name);
1588
1589 return Status;
1590 }
1591
1592
1593 /* Function 33 */
1594 NTSTATUS WINAPI LsarLookupPrivilegeDisplayName(
1595 LSAPR_HANDLE PolicyHandle,
1596 PRPC_UNICODE_STRING Name,
1597 USHORT ClientLanguage,
1598 USHORT ClientSystemDefaultLanguage,
1599 PRPC_UNICODE_STRING *DisplayName,
1600 USHORT *LanguageReturned)
1601 {
1602 UNIMPLEMENTED;
1603 return STATUS_NOT_IMPLEMENTED;
1604 }
1605
1606
1607 /* Function 34 */
1608 NTSTATUS WINAPI LsarDeleteObject(
1609 LSAPR_HANDLE *ObjectHandle)
1610 {
1611 UNIMPLEMENTED;
1612 return STATUS_NOT_IMPLEMENTED;
1613 }
1614
1615
1616 /* Function 35 */
1617 NTSTATUS WINAPI LsarEnumerateAccountsWithUserRight(
1618 LSAPR_HANDLE PolicyHandle,
1619 PRPC_UNICODE_STRING UserRight,
1620 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer)
1621 {
1622 UNIMPLEMENTED;
1623 return STATUS_NOT_IMPLEMENTED;
1624 }
1625
1626
1627 /* Function 36 */
1628 NTSTATUS WINAPI LsarEnumerateAccountRights(
1629 LSAPR_HANDLE PolicyHandle,
1630 PRPC_SID AccountSid,
1631 PLSAPR_USER_RIGHT_SET UserRights)
1632 {
1633 PLSA_DB_OBJECT PolicyObject;
1634 NTSTATUS Status;
1635
1636 TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
1637 PolicyHandle, AccountSid, UserRights);
1638
1639 Status = LsapValidateDbObject(PolicyHandle,
1640 LsaDbPolicyObject,
1641 ACCOUNT_VIEW,
1642 &PolicyObject);
1643 if (!NT_SUCCESS(Status))
1644 return Status;
1645
1646 UserRights->Entries = 0;
1647 UserRights->UserRights = NULL;
1648 return STATUS_OBJECT_NAME_NOT_FOUND;
1649 }
1650
1651
1652 /* Function 37 */
1653 NTSTATUS WINAPI LsarAddAccountRights(
1654 LSAPR_HANDLE PolicyHandle,
1655 PRPC_SID AccountSid,
1656 PLSAPR_USER_RIGHT_SET UserRights)
1657 {
1658 UNIMPLEMENTED;
1659 return STATUS_NOT_IMPLEMENTED;
1660 }
1661
1662
1663 /* Function 38 */
1664 NTSTATUS WINAPI LsarRemoveAccountRights(
1665 LSAPR_HANDLE PolicyHandle,
1666 PRPC_SID AccountSid,
1667 BOOL AllRights,
1668 PLSAPR_USER_RIGHT_SET UserRights)
1669 {
1670 UNIMPLEMENTED;
1671 return STATUS_NOT_IMPLEMENTED;
1672 }
1673
1674
1675 /* Function 39 */
1676 NTSTATUS WINAPI LsarQueryTrustedDomainInfo(
1677 LSAPR_HANDLE PolicyHandle,
1678 PRPC_SID TrustedDomainSid,
1679 TRUSTED_INFORMATION_CLASS InformationClass,
1680 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
1681 {
1682 UNIMPLEMENTED;
1683 return STATUS_NOT_IMPLEMENTED;
1684 }
1685
1686
1687 /* Function 40 */
1688 NTSTATUS WINAPI LsarSetTrustedDomainInfo(
1689 LSAPR_HANDLE PolicyHandle,
1690 PRPC_SID TrustedDomainSid,
1691 TRUSTED_INFORMATION_CLASS InformationClass,
1692 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
1693 {
1694 UNIMPLEMENTED;
1695 return STATUS_NOT_IMPLEMENTED;
1696 }
1697
1698
1699 /* Function 41 */
1700 NTSTATUS WINAPI LsarDeleteTrustedDomain(
1701 LSAPR_HANDLE PolicyHandle,
1702 PRPC_SID TrustedDomainSid)
1703 {
1704 UNIMPLEMENTED;
1705 return STATUS_NOT_IMPLEMENTED;
1706 }
1707
1708
1709 /* Function 42 */
1710 NTSTATUS WINAPI LsarStorePrivateData(
1711 LSAPR_HANDLE PolicyHandle,
1712 PRPC_UNICODE_STRING KeyName,
1713 PLSAPR_CR_CIPHER_VALUE EncryptedData)
1714 {
1715 UNIMPLEMENTED;
1716 return STATUS_NOT_IMPLEMENTED;
1717 }
1718
1719
1720 /* Function 43 */
1721 NTSTATUS WINAPI LsarRetrievePrivateData(
1722 LSAPR_HANDLE PolicyHandle,
1723 PRPC_UNICODE_STRING KeyName,
1724 PLSAPR_CR_CIPHER_VALUE *EncryptedData)
1725 {
1726 UNIMPLEMENTED;
1727 return STATUS_NOT_IMPLEMENTED;
1728 }
1729
1730
1731 /* Function 44 */
1732 NTSTATUS WINAPI LsarOpenPolicy2(
1733 LPWSTR SystemName,
1734 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
1735 ACCESS_MASK DesiredAccess,
1736 LSAPR_HANDLE *PolicyHandle)
1737 {
1738 UNIMPLEMENTED;
1739 return STATUS_NOT_IMPLEMENTED;
1740 }
1741
1742
1743 /* Function 45 */
1744 NTSTATUS WINAPI LsarGetUserName(
1745 LPWSTR SystemName,
1746 PRPC_UNICODE_STRING *UserName,
1747 PRPC_UNICODE_STRING *DomainName)
1748 {
1749 UNIMPLEMENTED;
1750 return STATUS_NOT_IMPLEMENTED;
1751 }
1752
1753
1754 /* Function 46 */
1755 NTSTATUS WINAPI LsarQueryInformationPolicy2(
1756 LSAPR_HANDLE PolicyHandle,
1757 POLICY_INFORMATION_CLASS InformationClass,
1758 PLSAPR_POLICY_INFORMATION *PolicyInformation)
1759 {
1760 return LsarQueryInformationPolicy(PolicyHandle,
1761 InformationClass,
1762 PolicyInformation);
1763 }
1764
1765
1766 /* Function 47 */
1767 NTSTATUS WINAPI LsarSetInformationPolicy2(
1768 LSAPR_HANDLE PolicyHandle,
1769 POLICY_INFORMATION_CLASS InformationClass,
1770 PLSAPR_POLICY_INFORMATION PolicyInformation)
1771 {
1772 return LsarSetInformationPolicy(PolicyHandle,
1773 InformationClass,
1774 PolicyInformation);
1775 }
1776
1777
1778 /* Function 48 */
1779 NTSTATUS WINAPI LsarQueryTrustedDomainInfoByName(
1780 LSAPR_HANDLE PolicyHandle,
1781 PRPC_UNICODE_STRING TrustedDomainName,
1782 POLICY_INFORMATION_CLASS InformationClass,
1783 PLSAPR_TRUSTED_DOMAIN_INFO *PolicyInformation)
1784 {
1785 UNIMPLEMENTED;
1786 return STATUS_NOT_IMPLEMENTED;
1787 }
1788
1789
1790 /* Function 49 */
1791 NTSTATUS WINAPI LsarSetTrustedDomainInfoByName(
1792 LSAPR_HANDLE PolicyHandle,
1793 PRPC_UNICODE_STRING TrustedDomainName,
1794 POLICY_INFORMATION_CLASS InformationClass,
1795 PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation)
1796 {
1797 UNIMPLEMENTED;
1798 return STATUS_NOT_IMPLEMENTED;
1799 }
1800
1801
1802 /* Function 50 */
1803 NTSTATUS WINAPI LsarEnumerateTrustedDomainsEx(
1804 LSAPR_HANDLE PolicyHandle,
1805 DWORD *EnumerationContext,
1806 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer,
1807 DWORD PreferedMaximumLength)
1808 {
1809 UNIMPLEMENTED;
1810 return STATUS_NOT_IMPLEMENTED;
1811 }
1812
1813
1814 /* Function 51 */
1815 NTSTATUS WINAPI LsarCreateTrustedDomainEx(
1816 LSAPR_HANDLE PolicyHandle,
1817 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
1818 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation,
1819 ACCESS_MASK DesiredAccess,
1820 LSAPR_HANDLE *TrustedDomainHandle)
1821 {
1822 UNIMPLEMENTED;
1823 return STATUS_NOT_IMPLEMENTED;
1824 }
1825
1826
1827 /* Function 52 */
1828 NTSTATUS WINAPI LsarSetPolicyReplicationHandle(
1829 PLSAPR_HANDLE PolicyHandle)
1830 {
1831 /* Deprecated */
1832 return STATUS_NOT_IMPLEMENTED;
1833 }
1834
1835
1836 /* Function 53 */
1837 NTSTATUS WINAPI LsarQueryDomainInformationPolicy(
1838 LSAPR_HANDLE PolicyHandle,
1839 POLICY_INFORMATION_CLASS InformationClass,
1840 PLSAPR_POLICY_DOMAIN_INFORMATION *PolicyInformation)
1841 {
1842 UNIMPLEMENTED;
1843 return STATUS_NOT_IMPLEMENTED;
1844 }
1845
1846
1847 /* Function 54 */
1848 NTSTATUS WINAPI LsarSetDomainInformationPolicy(
1849 LSAPR_HANDLE PolicyHandle,
1850 POLICY_INFORMATION_CLASS InformationClass,
1851 PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation)
1852 {
1853 UNIMPLEMENTED;
1854 return STATUS_NOT_IMPLEMENTED;
1855 }
1856
1857
1858 /* Function 55 */
1859 NTSTATUS WINAPI LsarOpenTrustedDomainByName(
1860 LSAPR_HANDLE PolicyHandle,
1861 PRPC_UNICODE_STRING TrustedDomainName,
1862 ACCESS_MASK DesiredAccess,
1863 LSAPR_HANDLE *TrustedDomainHandle)
1864 {
1865 UNIMPLEMENTED;
1866 return STATUS_NOT_IMPLEMENTED;
1867 }
1868
1869
1870 /* Function 56 */
1871 NTSTATUS WINAPI LsarTestCall(
1872 handle_t hBinding)
1873 {
1874 UNIMPLEMENTED;
1875 return STATUS_NOT_IMPLEMENTED;
1876 }
1877
1878
1879 /* Function 57 */
1880 NTSTATUS WINAPI LsarLookupSids2(
1881 LSAPR_HANDLE PolicyHandle,
1882 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
1883 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1884 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
1885 LSAP_LOOKUP_LEVEL LookupLevel,
1886 DWORD *MappedCount,
1887 DWORD LookupOptions,
1888 DWORD ClientRevision)
1889 {
1890 UNIMPLEMENTED;
1891 return STATUS_NOT_IMPLEMENTED;
1892 }
1893
1894
1895 /* Function 58 */
1896 NTSTATUS WINAPI LsarLookupNames2(
1897 LSAPR_HANDLE PolicyHandle,
1898 DWORD Count,
1899 PRPC_UNICODE_STRING Names,
1900 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1901 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids,
1902 LSAP_LOOKUP_LEVEL LookupLevel,
1903 DWORD *MappedCount,
1904 DWORD LookupOptions,
1905 DWORD ClientRevision)
1906 {
1907 UNIMPLEMENTED;
1908 return STATUS_NOT_IMPLEMENTED;
1909 }
1910
1911
1912 /* Function 59 */
1913 NTSTATUS WINAPI LsarCreateTrustedDomainEx2(
1914 LSAPR_HANDLE PolicyHandle,
1915 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
1916 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation,
1917 ACCESS_MASK DesiredAccess,
1918 LSAPR_HANDLE *TrustedDomainHandle)
1919 {
1920 UNIMPLEMENTED;
1921 return STATUS_NOT_IMPLEMENTED;
1922 }
1923
1924
1925 /* Function 60 */
1926 NTSTATUS WINAPI CredrWrite(
1927 handle_t hBinding)
1928 {
1929 UNIMPLEMENTED;
1930 return STATUS_NOT_IMPLEMENTED;
1931 }
1932
1933
1934 /* Function 61 */
1935 NTSTATUS WINAPI CredrRead(
1936 handle_t hBinding)
1937 {
1938 UNIMPLEMENTED;
1939 return STATUS_NOT_IMPLEMENTED;
1940 }
1941
1942
1943 /* Function 62 */
1944 NTSTATUS WINAPI CredrEnumerate(
1945 handle_t hBinding)
1946 {
1947 UNIMPLEMENTED;
1948 return STATUS_NOT_IMPLEMENTED;
1949 }
1950
1951
1952 /* Function 63 */
1953 NTSTATUS WINAPI CredrWriteDomainCredentials(
1954 handle_t hBinding)
1955 {
1956 UNIMPLEMENTED;
1957 return STATUS_NOT_IMPLEMENTED;
1958 }
1959
1960
1961 /* Function 64 */
1962 NTSTATUS WINAPI CredrReadDomainCredentials(
1963 handle_t hBinding)
1964 {
1965 UNIMPLEMENTED;
1966 return STATUS_NOT_IMPLEMENTED;
1967 }
1968
1969
1970 /* Function 65 */
1971 NTSTATUS WINAPI CredrDelete(
1972 handle_t hBinding)
1973 {
1974 UNIMPLEMENTED;
1975 return STATUS_NOT_IMPLEMENTED;
1976 }
1977
1978
1979 /* Function 66 */
1980 NTSTATUS WINAPI CredrGetTargetInfo(
1981 handle_t hBinding)
1982 {
1983 UNIMPLEMENTED;
1984 return STATUS_NOT_IMPLEMENTED;
1985 }
1986
1987
1988 /* Function 67 */
1989 NTSTATUS WINAPI CredrProfileLoaded(
1990 handle_t hBinding)
1991 {
1992 UNIMPLEMENTED;
1993 return STATUS_NOT_IMPLEMENTED;
1994 }
1995
1996
1997 /* Function 68 */
1998 NTSTATUS WINAPI LsarLookupNames3(
1999 LSAPR_HANDLE PolicyHandle,
2000 DWORD Count,
2001 PRPC_UNICODE_STRING Names,
2002 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2003 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
2004 LSAP_LOOKUP_LEVEL LookupLevel,
2005 DWORD *MappedCount,
2006 DWORD LookupOptions,
2007 DWORD ClientRevision)
2008 {
2009 SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
2010 static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
2011 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer = NULL;
2012 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer = NULL;
2013 ULONG SidsBufferLength;
2014 ULONG DomainSidLength;
2015 ULONG AccountSidLength;
2016 PSID DomainSid;
2017 PSID AccountSid;
2018 ULONG i;
2019 NTSTATUS Status;
2020
2021 TRACE("LsarLookupNames3(%p, %lu, %p, %p, %p, %d, %p, %lu, %lu)\n",
2022 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
2023 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2024
2025 if (Count == 0)
2026 return STATUS_NONE_MAPPED;
2027
2028 TranslatedSids->Entries = Count;
2029 TranslatedSids->Sids = NULL;
2030 *ReferencedDomains = NULL;
2031
2032 SidsBufferLength = Count * sizeof(LSAPR_TRANSLATED_SID_EX2);
2033 SidsBuffer = MIDL_user_allocate(SidsBufferLength);
2034 if (SidsBuffer == NULL)
2035 return STATUS_INSUFFICIENT_RESOURCES;
2036
2037 for (i = 0; i < Count; i++)
2038 {
2039 SidsBuffer[i].Use = SidTypeUser;
2040 SidsBuffer[i].Sid = NULL;
2041 SidsBuffer[i].DomainIndex = -1;
2042 SidsBuffer[i].Flags = 0;
2043 }
2044
2045 DomainsBuffer = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
2046 if (DomainsBuffer == NULL)
2047 {
2048 MIDL_user_free(SidsBuffer);
2049 return STATUS_INSUFFICIENT_RESOURCES;
2050 }
2051
2052 DomainsBuffer->Entries = Count;
2053 DomainsBuffer->Domains = MIDL_user_allocate(Count * sizeof(LSA_TRUST_INFORMATION));
2054 if (DomainsBuffer->Domains == NULL)
2055 {
2056 MIDL_user_free(DomainsBuffer);
2057 MIDL_user_free(SidsBuffer);
2058 return STATUS_INSUFFICIENT_RESOURCES;
2059 }
2060
2061 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
2062 2,
2063 SECURITY_BUILTIN_DOMAIN_RID,
2064 DOMAIN_ALIAS_RID_ADMINS,
2065 0, 0, 0, 0, 0, 0,
2066 &DomainSid);
2067 if (!NT_SUCCESS(Status))
2068 {
2069 MIDL_user_free(DomainsBuffer->Domains);
2070 MIDL_user_free(DomainsBuffer);
2071 MIDL_user_free(SidsBuffer);
2072 return Status;
2073 }
2074
2075 DomainSidLength = RtlLengthSid(DomainSid);
2076
2077 for (i = 0; i < Count; i++)
2078 {
2079 DomainsBuffer->Domains[i].Sid = MIDL_user_allocate(DomainSidLength);
2080 RtlCopyMemory(DomainsBuffer->Domains[i].Sid,
2081 DomainSid,
2082 DomainSidLength);
2083
2084 DomainsBuffer->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength);
2085 DomainsBuffer->Domains[i].Name.Length = DomainName.Length;
2086 DomainsBuffer->Domains[i].Name.MaximumLength = DomainName.MaximumLength;
2087 RtlCopyMemory(DomainsBuffer->Domains[i].Name.Buffer,
2088 DomainName.Buffer,
2089 DomainName.MaximumLength);
2090 }
2091
2092 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
2093 3,
2094 SECURITY_BUILTIN_DOMAIN_RID,
2095 DOMAIN_ALIAS_RID_ADMINS,
2096 DOMAIN_USER_RID_ADMIN,
2097 0, 0, 0, 0, 0,
2098 &AccountSid);
2099 if (!NT_SUCCESS(Status))
2100 {
2101 MIDL_user_free(DomainsBuffer->Domains);
2102 MIDL_user_free(DomainsBuffer);
2103 MIDL_user_free(SidsBuffer);
2104 return Status;
2105 }
2106
2107 AccountSidLength = RtlLengthSid(AccountSid);
2108
2109 for (i = 0; i < Count; i++)
2110 {
2111 SidsBuffer[i].Use = SidTypeWellKnownGroup;
2112 SidsBuffer[i].Sid = MIDL_user_allocate(AccountSidLength);
2113
2114 RtlCopyMemory(SidsBuffer[i].Sid,
2115 AccountSid,
2116 AccountSidLength);
2117
2118 SidsBuffer[i].DomainIndex = i;
2119 SidsBuffer[i].Flags = 0;
2120 }
2121
2122 *ReferencedDomains = DomainsBuffer;
2123 *MappedCount = Count;
2124
2125 TranslatedSids->Entries = Count;
2126 TranslatedSids->Sids = SidsBuffer;
2127
2128 return STATUS_SUCCESS;
2129 }
2130
2131
2132 /* Function 69 */
2133 NTSTATUS WINAPI CredrGetSessionTypes(
2134 handle_t hBinding)
2135 {
2136 UNIMPLEMENTED;
2137 return STATUS_NOT_IMPLEMENTED;
2138 }
2139
2140
2141 /* Function 70 */
2142 NTSTATUS WINAPI LsarRegisterAuditEvent(
2143 handle_t hBinding)
2144 {
2145 UNIMPLEMENTED;
2146 return STATUS_NOT_IMPLEMENTED;
2147 }
2148
2149
2150 /* Function 71 */
2151 NTSTATUS WINAPI LsarGenAuditEvent(
2152 handle_t hBinding)
2153 {
2154 UNIMPLEMENTED;
2155 return STATUS_NOT_IMPLEMENTED;
2156 }
2157
2158
2159 /* Function 72 */
2160 NTSTATUS WINAPI LsarUnregisterAuditEvent(
2161 handle_t hBinding)
2162 {
2163 UNIMPLEMENTED;
2164 return STATUS_NOT_IMPLEMENTED;
2165 }
2166
2167
2168 /* Function 73 */
2169 NTSTATUS WINAPI LsarQueryForestTrustInformation(
2170 LSAPR_HANDLE PolicyHandle,
2171 PLSA_UNICODE_STRING TrustedDomainName,
2172 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
2173 PLSA_FOREST_TRUST_INFORMATION *ForestTrustInfo)
2174 {
2175 UNIMPLEMENTED;
2176 return STATUS_NOT_IMPLEMENTED;
2177 }
2178
2179
2180 /* Function 74 */
2181 NTSTATUS WINAPI LsarSetForestTrustInformation(
2182 LSAPR_HANDLE PolicyHandle,
2183 PLSA_UNICODE_STRING TrustedDomainName,
2184 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
2185 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo,
2186 BOOL CheckOnly,
2187 PLSA_FOREST_TRUST_COLLISION_INFORMATION *CollisionInfo)
2188 {
2189 UNIMPLEMENTED;
2190 return STATUS_NOT_IMPLEMENTED;
2191 }
2192
2193
2194 /* Function 75 */
2195 NTSTATUS WINAPI CredrRename(
2196 handle_t hBinding)
2197 {
2198 UNIMPLEMENTED;
2199 return STATUS_NOT_IMPLEMENTED;
2200 }
2201
2202
2203 /* Function 76 */
2204 NTSTATUS WINAPI LsarLookupSids3(
2205 LSAPR_HANDLE PolicyHandle,
2206 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
2207 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2208 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
2209 LSAP_LOOKUP_LEVEL LookupLevel,
2210 DWORD *MappedCount,
2211 DWORD LookupOptions,
2212 DWORD ClientRevision)
2213 {
2214 UNIMPLEMENTED;
2215 return STATUS_NOT_IMPLEMENTED;
2216 }
2217
2218
2219 /* Function 77 */
2220 NTSTATUS WINAPI LsarLookupNames4(
2221 handle_t RpcHandle,
2222 DWORD Count,
2223 PRPC_UNICODE_STRING Names,
2224 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2225 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
2226 LSAP_LOOKUP_LEVEL LookupLevel,
2227 DWORD *MappedCount,
2228 DWORD LookupOptions,
2229 DWORD ClientRevision)
2230 {
2231 UNIMPLEMENTED;
2232 return STATUS_NOT_IMPLEMENTED;
2233 }
2234
2235
2236 /* Function 78 */
2237 NTSTATUS WINAPI LsarOpenPolicySce(
2238 handle_t hBinding)
2239 {
2240 UNIMPLEMENTED;
2241 return STATUS_NOT_IMPLEMENTED;
2242 }
2243
2244
2245 /* Function 79 */
2246 NTSTATUS WINAPI LsarAdtRegisterSecurityEventSource(
2247 handle_t hBinding)
2248 {
2249 UNIMPLEMENTED;
2250 return STATUS_NOT_IMPLEMENTED;
2251 }
2252
2253
2254 /* Function 80 */
2255 NTSTATUS WINAPI LsarAdtUnregisterSecurityEventSource(
2256 handle_t hBinding)
2257 {
2258 UNIMPLEMENTED;
2259 return STATUS_NOT_IMPLEMENTED;
2260 }
2261
2262
2263 /* Function 81 */
2264 NTSTATUS WINAPI LsarAdtReportSecurityEvent(
2265 handle_t hBinding)
2266 {
2267 UNIMPLEMENTED;
2268 return STATUS_NOT_IMPLEMENTED;
2269 }
2270
2271
2272 /* Function 82 */
2273 NTSTATUS WINAPI CredrFindBestCredential(
2274 handle_t hBinding)
2275 {
2276 UNIMPLEMENTED;
2277 return STATUS_NOT_IMPLEMENTED;
2278 }
2279
2280
2281 /* Function 83 */
2282 NTSTATUS WINAPI LsarSetAuditPolicy(
2283 handle_t hBinding)
2284 {
2285 UNIMPLEMENTED;
2286 return STATUS_NOT_IMPLEMENTED;
2287 }
2288
2289
2290 /* Function 84 */
2291 NTSTATUS WINAPI LsarQueryAuditPolicy(
2292 handle_t hBinding)
2293 {
2294 UNIMPLEMENTED;
2295 return STATUS_NOT_IMPLEMENTED;
2296 }
2297
2298
2299 /* Function 85 */
2300 NTSTATUS WINAPI LsarEnumerateAuditPolicy(
2301 handle_t hBinding)
2302 {
2303 UNIMPLEMENTED;
2304 return STATUS_NOT_IMPLEMENTED;
2305 }
2306
2307
2308 /* Function 86 */
2309 NTSTATUS WINAPI LsarEnumerateAuditCategories(
2310 handle_t hBinding)
2311 {
2312 UNIMPLEMENTED;
2313 return STATUS_NOT_IMPLEMENTED;
2314 }
2315
2316
2317 /* Function 87 */
2318 NTSTATUS WINAPI LsarEnumerateAuditSubCategories(
2319 handle_t hBinding)
2320 {
2321 UNIMPLEMENTED;
2322 return STATUS_NOT_IMPLEMENTED;
2323 }
2324
2325
2326 /* Function 88 */
2327 NTSTATUS WINAPI LsarLookupAuditCategoryName(
2328 handle_t hBinding)
2329 {
2330 UNIMPLEMENTED;
2331 return STATUS_NOT_IMPLEMENTED;
2332 }
2333
2334
2335 /* Function 89 */
2336 NTSTATUS WINAPI LsarLookupAuditSubCategoryName(
2337 handle_t hBinding)
2338 {
2339 UNIMPLEMENTED;
2340 return STATUS_NOT_IMPLEMENTED;
2341 }
2342
2343
2344 /* Function 90 */
2345 NTSTATUS WINAPI LsarSetAuditSecurity(
2346 handle_t hBinding)
2347 {
2348 UNIMPLEMENTED;
2349 return STATUS_NOT_IMPLEMENTED;
2350 }
2351
2352
2353 /* Function 91 */
2354 NTSTATUS WINAPI LsarQueryAuditSecurity(
2355 handle_t hBinding)
2356 {
2357 UNIMPLEMENTED;
2358 return STATUS_NOT_IMPLEMENTED;
2359 }
2360
2361
2362 /* Function 92 */
2363 NTSTATUS WINAPI CredReadByTokenHandle(
2364 handle_t hBinding)
2365 {
2366 UNIMPLEMENTED;
2367 return STATUS_NOT_IMPLEMENTED;
2368 }
2369
2370
2371 /* Function 93 */
2372 NTSTATUS WINAPI CredrRestoreCredentials(
2373 handle_t hBinding)
2374 {
2375 UNIMPLEMENTED;
2376 return STATUS_NOT_IMPLEMENTED;
2377 }
2378
2379
2380 /* Function 94 */
2381 NTSTATUS WINAPI CredrBackupCredentials(
2382 handle_t hBinding)
2383 {
2384 UNIMPLEMENTED;
2385 return STATUS_NOT_IMPLEMENTED;
2386 }
2387
2388 /* EOF */
A free Windows-compatible Operating System