2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
7 * PROGRAMMERS: Eric Kohl
10 /* INCLUDES ****************************************************************/
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv
);
17 /* GLOBALS *****************************************************************/
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock
;
22 /* FUNCTIONS ***************************************************************/
25 LsarStartRpcServer(VOID
)
29 RtlInitializeCriticalSection(&PolicyHandleTableLock
);
31 TRACE("LsarStartRpcServer() called\n");
33 Status
= RpcServerUseProtseqEpW(L
"ncacn_np",
37 if (Status
!= RPC_S_OK
)
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status
);
43 Status
= RpcServerRegisterIf(lsarpc_v0_0_s_ifspec
,
46 if (Status
!= RPC_S_OK
)
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status
);
52 Status
= RpcServerListen(1, 20, TRUE
);
53 if (Status
!= RPC_S_OK
)
55 WARN("RpcServerListen() failed (Status %lx)\n", Status
);
59 TRACE("LsarStartRpcServer() done\n");
63 void __RPC_USER
LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle
)
70 NTSTATUS WINAPI
LsarClose(
71 LSAPR_HANDLE
*ObjectHandle
)
73 PLSA_DB_OBJECT DbObject
;
74 NTSTATUS Status
= STATUS_SUCCESS
;
76 TRACE("0x%p\n", ObjectHandle
);
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
80 Status
= LsapValidateDbObject(*ObjectHandle
,
84 if (Status
== STATUS_SUCCESS
)
86 Status
= LsapCloseDbObject(DbObject
);
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
97 NTSTATUS WINAPI
LsarDelete(
98 LSAPR_HANDLE ObjectHandle
)
101 return STATUS_NOT_SUPPORTED
;
106 NTSTATUS WINAPI
LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle
,
108 DWORD
*EnumerationContext
,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer
,
110 DWORD PreferedMaximumLength
)
113 return STATUS_NOT_IMPLEMENTED
;
118 NTSTATUS WINAPI
LsarQuerySecurityObject(
119 LSAPR_HANDLE ObjectHandle
,
120 SECURITY_INFORMATION SecurityInformation
,
121 PLSAPR_SR_SECURITY_DESCRIPTOR
*SecurityDescriptor
)
124 return STATUS_NOT_IMPLEMENTED
;
129 NTSTATUS WINAPI
LsarSetSecurityObject(
130 LSAPR_HANDLE ObjectHandle
,
131 SECURITY_INFORMATION SecurityInformation
,
132 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor
)
135 return STATUS_NOT_IMPLEMENTED
;
140 NTSTATUS WINAPI
LsarChangePassword(
142 PRPC_UNICODE_STRING String1
,
143 PRPC_UNICODE_STRING String2
,
144 PRPC_UNICODE_STRING String3
,
145 PRPC_UNICODE_STRING String4
,
146 PRPC_UNICODE_STRING String5
)
149 return STATUS_NOT_IMPLEMENTED
;
154 NTSTATUS WINAPI
LsarOpenPolicy(
156 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
157 ACCESS_MASK DesiredAccess
,
158 LSAPR_HANDLE
*PolicyHandle
)
160 PLSA_DB_OBJECT PolicyObject
;
163 TRACE("LsarOpenPolicy called!\n");
165 RtlEnterCriticalSection(&PolicyHandleTableLock
);
167 Status
= LsapOpenDbObject(NULL
,
173 RtlLeaveCriticalSection(&PolicyHandleTableLock
);
175 if (NT_SUCCESS(Status
))
176 *PolicyHandle
= (LSAPR_HANDLE
)PolicyObject
;
178 TRACE("LsarOpenPolicy done!\n");
185 NTSTATUS WINAPI
LsarQueryInformationPolicy(
186 LSAPR_HANDLE PolicyHandle
,
187 POLICY_INFORMATION_CLASS InformationClass
,
188 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
190 PLSA_DB_OBJECT DbObject
;
191 ACCESS_MASK DesiredAccess
= 0;
194 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
195 PolicyHandle
, InformationClass
, PolicyInformation
);
197 if (PolicyInformation
)
199 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
202 switch (InformationClass
)
204 case PolicyAuditLogInformation
:
205 case PolicyAuditEventsInformation
:
206 case PolicyAuditFullQueryInformation
:
207 DesiredAccess
= POLICY_VIEW_AUDIT_INFORMATION
;
210 case PolicyPrimaryDomainInformation
:
211 case PolicyAccountDomainInformation
:
212 case PolicyLsaServerRoleInformation
:
213 case PolicyReplicaSourceInformation
:
214 case PolicyDefaultQuotaInformation
:
215 case PolicyDnsDomainInformation
:
216 case PolicyDnsDomainInformationInt
:
217 case PolicyLocalAccountDomainInformation
:
218 DesiredAccess
= POLICY_VIEW_LOCAL_INFORMATION
;
221 case PolicyPdAccountInformation
:
222 DesiredAccess
= POLICY_GET_PRIVATE_INFORMATION
;
226 ERR("Invalid InformationClass!\n");
227 return STATUS_INVALID_PARAMETER
;
230 Status
= LsapValidateDbObject(PolicyHandle
,
234 if (!NT_SUCCESS(Status
))
237 switch (InformationClass
)
239 case PolicyAuditLogInformation
: /* 1 */
240 Status
= LsarQueryAuditLog(PolicyHandle
,
243 case PolicyAuditEventsInformation
: /* 2 */
244 Status
= LsarQueryAuditEvents(PolicyHandle
,
248 case PolicyPrimaryDomainInformation
: /* 3 */
249 Status
= LsarQueryPrimaryDomain(PolicyHandle
,
253 case PolicyPdAccountInformation
: /* 4 */
254 Status
= LsarQueryPdAccount(PolicyHandle
,
257 case PolicyAccountDomainInformation
: /* 5 */
258 Status
= LsarQueryAccountDomain(PolicyHandle
,
262 case PolicyLsaServerRoleInformation
: /* 6 */
263 Status
= LsarQueryServerRole(PolicyHandle
,
267 case PolicyReplicaSourceInformation
: /* 7 */
268 Status
= LsarQueryReplicaSource(PolicyHandle
,
271 case PolicyDefaultQuotaInformation
: /* 8 */
272 Status
= LsarQueryDefaultQuota(PolicyHandle
,
276 case PolicyModificationInformation
: /* 9 */
277 Status
= LsarQueryModification(PolicyHandle
,
281 case PolicyAuditFullQueryInformation
: /* 11 (0xB) */
282 Status
= LsarQueryAuditFull(PolicyHandle
,
286 case PolicyDnsDomainInformation
: /* 12 (0xC) */
287 Status
= LsarQueryDnsDomain(PolicyHandle
,
291 case PolicyDnsDomainInformationInt
: /* 13 (0xD) */
292 Status
= LsarQueryDnsDomainInt(PolicyHandle
,
296 case PolicyLocalAccountDomainInformation
: /* 14 (0xE) */
297 Status
= LsarQueryLocalAccountDomain(PolicyHandle
,
302 ERR("Invalid InformationClass!\n");
303 Status
= STATUS_INVALID_PARAMETER
;
311 NTSTATUS WINAPI
LsarSetInformationPolicy(
312 LSAPR_HANDLE PolicyHandle
,
313 POLICY_INFORMATION_CLASS InformationClass
,
314 PLSAPR_POLICY_INFORMATION PolicyInformation
)
316 PLSA_DB_OBJECT DbObject
;
317 ACCESS_MASK DesiredAccess
= 0;
320 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
321 PolicyHandle
, InformationClass
, PolicyInformation
);
323 if (PolicyInformation
)
325 TRACE("*PolicyInformation %p\n", *PolicyInformation
);
328 switch (InformationClass
)
330 case PolicyAuditLogInformation
:
331 case PolicyAuditFullSetInformation
:
332 DesiredAccess
= POLICY_AUDIT_LOG_ADMIN
;
335 case PolicyAuditEventsInformation
:
336 DesiredAccess
= POLICY_SET_AUDIT_REQUIREMENTS
;
339 case PolicyPrimaryDomainInformation
:
340 case PolicyAccountDomainInformation
:
341 case PolicyDnsDomainInformation
:
342 case PolicyDnsDomainInformationInt
:
343 case PolicyLocalAccountDomainInformation
:
344 DesiredAccess
= POLICY_TRUST_ADMIN
;
347 case PolicyLsaServerRoleInformation
:
348 case PolicyReplicaSourceInformation
:
349 DesiredAccess
= POLICY_SERVER_ADMIN
;
352 case PolicyDefaultQuotaInformation
:
353 DesiredAccess
= POLICY_SET_DEFAULT_QUOTA_LIMITS
;
357 ERR("Invalid InformationClass!\n");
358 return STATUS_INVALID_PARAMETER
;
361 Status
= LsapValidateDbObject(PolicyHandle
,
365 if (!NT_SUCCESS(Status
))
368 switch (InformationClass
)
370 case PolicyAuditEventsInformation
:
371 Status
= STATUS_NOT_IMPLEMENTED
;
374 case PolicyPrimaryDomainInformation
:
375 Status
= LsarSetPrimaryDomain(PolicyHandle
,
376 (PLSAPR_POLICY_PRIMARY_DOM_INFO
)PolicyInformation
);
379 case PolicyAccountDomainInformation
:
380 Status
= LsarSetAccountDomain(PolicyHandle
,
381 (PLSAPR_POLICY_ACCOUNT_DOM_INFO
)PolicyInformation
);
384 case PolicyDnsDomainInformation
:
385 Status
= LsarSetDnsDomain(PolicyHandle
,
386 (PLSAPR_POLICY_DNS_DOMAIN_INFO
)PolicyInformation
);
389 case PolicyLsaServerRoleInformation
:
390 Status
= STATUS_NOT_IMPLEMENTED
;
394 Status
= STATUS_INVALID_PARAMETER
;
403 NTSTATUS WINAPI
LsarClearAuditLog(
404 LSAPR_HANDLE ObjectHandle
)
407 return STATUS_NOT_IMPLEMENTED
;
412 NTSTATUS WINAPI
LsarCreateAccount(
413 LSAPR_HANDLE PolicyHandle
,
415 ACCESS_MASK DesiredAccess
,
416 LSAPR_HANDLE
*AccountHandle
)
418 PLSA_DB_OBJECT PolicyObject
;
419 PLSA_DB_OBJECT AccountsObject
= NULL
;
420 PLSA_DB_OBJECT AccountObject
= NULL
;
421 LPWSTR SidString
= NULL
;
422 NTSTATUS Status
= STATUS_SUCCESS
;
424 /* Validate the PolicyHandle */
425 Status
= LsapValidateDbObject(PolicyHandle
,
427 POLICY_CREATE_ACCOUNT
,
429 if (!NT_SUCCESS(Status
))
431 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
435 /* Open the Accounts object */
436 Status
= LsapOpenDbObject(PolicyObject
,
438 LsaDbContainerObject
,
441 if (!NT_SUCCESS(Status
))
443 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status
);
447 /* Create SID string */
448 if (!ConvertSidToStringSid((PSID
)AccountSid
,
451 ERR("ConvertSidToStringSid failed\n");
452 Status
= STATUS_INVALID_PARAMETER
;
456 /* Create the Account object */
457 Status
= LsapCreateDbObject(AccountsObject
,
462 if (!NT_SUCCESS(Status
))
464 ERR("LsapCreateDbObject (Account) failed (Status 0x%08lx)\n", Status
);
468 /* Set the Sid attribute */
469 Status
= LsapSetObjectAttribute(AccountObject
,
472 GetLengthSid(AccountSid
));
475 if (SidString
!= NULL
)
476 LocalFree(SidString
);
478 if (!NT_SUCCESS(Status
))
480 if (AccountObject
!= NULL
)
481 LsapCloseDbObject(AccountObject
);
485 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
488 if (AccountsObject
!= NULL
)
489 LsapCloseDbObject(AccountsObject
);
491 return STATUS_SUCCESS
;
496 NTSTATUS WINAPI
LsarEnumerateAccounts(
497 LSAPR_HANDLE PolicyHandle
,
498 DWORD
*EnumerationContext
,
499 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
,
500 DWORD PreferedMaximumLength
)
503 return STATUS_NOT_IMPLEMENTED
;
508 NTSTATUS WINAPI
LsarCreateTrustedDomain(
509 LSAPR_HANDLE PolicyHandle
,
510 PLSAPR_TRUST_INFORMATION TrustedDomainInformation
,
511 ACCESS_MASK DesiredAccess
,
512 LSAPR_HANDLE
*TrustedDomainHandle
)
515 return STATUS_NOT_IMPLEMENTED
;
520 NTSTATUS WINAPI
LsarEnumerateTrustedDomains(
521 LSAPR_HANDLE PolicyHandle
,
522 DWORD
*EnumerationContext
,
523 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer
,
524 DWORD PreferedMaximumLength
)
527 return STATUS_NOT_IMPLEMENTED
;
532 NTSTATUS WINAPI
LsarLookupNames(
533 LSAPR_HANDLE PolicyHandle
,
535 PRPC_UNICODE_STRING Names
,
536 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
537 PLSAPR_TRANSLATED_SIDS TranslatedSids
,
538 LSAP_LOOKUP_LEVEL LookupLevel
,
541 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
542 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
543 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
544 PLSA_TRANSLATED_SID OutputSids
= NULL
;
545 ULONG OutputSidsLength
;
551 TRACE("LsarLookupNames(%p, %lu, %p, %p, %p, %d, %p)\n",
552 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
553 LookupLevel
, MappedCount
);
555 TranslatedSids
->Entries
= Count
;
556 TranslatedSids
->Sids
= NULL
;
557 *ReferencedDomains
= NULL
;
559 OutputSidsLength
= Count
* sizeof(LSA_TRANSLATED_SID
);
560 OutputSids
= MIDL_user_allocate(OutputSidsLength
);
561 if (OutputSids
== NULL
)
563 return STATUS_INSUFFICIENT_RESOURCES
;
566 RtlZeroMemory(OutputSids
, OutputSidsLength
);
568 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
569 if (OutputDomains
== NULL
)
571 MIDL_user_free(OutputSids
);
572 return STATUS_INSUFFICIENT_RESOURCES
;
575 OutputDomains
->Entries
= Count
;
576 OutputDomains
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
577 if (OutputDomains
->Domains
== NULL
)
579 MIDL_user_free(OutputDomains
);
580 MIDL_user_free(OutputSids
);
581 return STATUS_INSUFFICIENT_RESOURCES
;
584 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
586 SECURITY_BUILTIN_DOMAIN_RID
,
587 DOMAIN_ALIAS_RID_ADMINS
,
590 if (!NT_SUCCESS(Status
))
592 MIDL_user_free(OutputDomains
->Domains
);
593 MIDL_user_free(OutputDomains
);
594 MIDL_user_free(OutputSids
);
598 SidLength
= RtlLengthSid(Sid
);
600 for (i
= 0; i
< Count
; i
++)
602 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
603 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
605 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
606 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
607 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
608 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
611 for (i
= 0; i
< Count
; i
++)
613 OutputSids
[i
].Use
= SidTypeWellKnownGroup
;
614 OutputSids
[i
].RelativeId
= DOMAIN_USER_RID_ADMIN
; //DOMAIN_ALIAS_RID_ADMINS;
615 OutputSids
[i
].DomainIndex
= i
;
618 *ReferencedDomains
= OutputDomains
;
620 *MappedCount
= Count
;
622 TranslatedSids
->Entries
= Count
;
623 TranslatedSids
->Sids
= OutputSids
;
625 return STATUS_SUCCESS
;
630 NTSTATUS WINAPI
LsarLookupSids(
631 LSAPR_HANDLE PolicyHandle
,
632 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
633 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
634 PLSAPR_TRANSLATED_NAMES TranslatedNames
,
635 LSAP_LOOKUP_LEVEL LookupLevel
,
638 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
639 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
640 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains
= NULL
;
641 PLSAPR_TRANSLATED_NAME OutputNames
= NULL
;
642 ULONG OutputNamesLength
;
648 TRACE("LsarLookupSids(%p, %p, %p, %p, %d, %p)\n",
649 PolicyHandle
, SidEnumBuffer
, ReferencedDomains
, TranslatedNames
,
650 LookupLevel
, MappedCount
);
652 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
653 TranslatedNames
->Names
= NULL
;
654 *ReferencedDomains
= NULL
;
656 OutputNamesLength
= SidEnumBuffer
->Entries
* sizeof(LSA_TRANSLATED_NAME
);
657 OutputNames
= MIDL_user_allocate(OutputNamesLength
);
658 if (OutputNames
== NULL
)
660 return STATUS_INSUFFICIENT_RESOURCES
;
663 RtlZeroMemory(OutputNames
, OutputNamesLength
);
665 OutputDomains
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
666 if (OutputDomains
== NULL
)
668 MIDL_user_free(OutputNames
);
669 return STATUS_INSUFFICIENT_RESOURCES
;
672 OutputDomains
->Entries
= SidEnumBuffer
->Entries
;
673 OutputDomains
->Domains
= MIDL_user_allocate(SidEnumBuffer
->Entries
* sizeof(LSA_TRUST_INFORMATION
));
674 if (OutputDomains
->Domains
== NULL
)
676 MIDL_user_free(OutputDomains
);
677 MIDL_user_free(OutputNames
);
678 return STATUS_INSUFFICIENT_RESOURCES
;
681 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
683 SECURITY_BUILTIN_DOMAIN_RID
,
684 DOMAIN_ALIAS_RID_ADMINS
,
687 if (!NT_SUCCESS(Status
))
689 MIDL_user_free(OutputDomains
->Domains
);
690 MIDL_user_free(OutputDomains
);
691 MIDL_user_free(OutputNames
);
695 SidLength
= RtlLengthSid(Sid
);
697 for (i
= 0; i
< SidEnumBuffer
->Entries
; i
++)
699 OutputDomains
->Domains
[i
].Sid
= MIDL_user_allocate(SidLength
);
700 RtlCopyMemory(OutputDomains
->Domains
[i
].Sid
, Sid
, SidLength
);
702 OutputDomains
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
703 OutputDomains
->Domains
[i
].Name
.Length
= DomainName
.Length
;
704 OutputDomains
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
705 RtlCopyMemory(OutputDomains
->Domains
[i
].Name
.Buffer
, DomainName
.Buffer
, DomainName
.MaximumLength
);
708 Status
= LsapLookupSids(SidEnumBuffer
,
711 *ReferencedDomains
= OutputDomains
;
713 *MappedCount
= SidEnumBuffer
->Entries
;
715 TranslatedNames
->Entries
= SidEnumBuffer
->Entries
;
716 TranslatedNames
->Names
= OutputNames
;
723 NTSTATUS WINAPI
LsarCreateSecret(
724 LSAPR_HANDLE PolicyHandle
,
725 PRPC_UNICODE_STRING SecretName
,
726 ACCESS_MASK DesiredAccess
,
727 LSAPR_HANDLE
*SecretHandle
)
729 PLSA_DB_OBJECT PolicyObject
;
730 PLSA_DB_OBJECT SecretsObject
= NULL
;
731 PLSA_DB_OBJECT SecretObject
= NULL
;
733 NTSTATUS Status
= STATUS_SUCCESS
;
735 /* Validate the PolicyHandle */
736 Status
= LsapValidateDbObject(PolicyHandle
,
738 POLICY_CREATE_SECRET
,
740 if (!NT_SUCCESS(Status
))
742 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
746 /* Open the Secrets object */
747 Status
= LsapOpenDbObject(PolicyObject
,
749 LsaDbContainerObject
,
752 if (!NT_SUCCESS(Status
))
754 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status
);
758 /* Get the current time */
759 Status
= NtQuerySystemTime(&Time
);
760 if (!NT_SUCCESS(Status
))
762 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
766 /* Create the Secret object */
767 Status
= LsapCreateDbObject(SecretsObject
,
772 if (!NT_SUCCESS(Status
))
774 ERR("LsapCreateDbObject (Secret) failed (Status 0x%08lx)\n", Status
);
778 /* Set the CurrentTime attribute */
779 Status
= LsapSetObjectAttribute(SecretObject
,
782 sizeof(LARGE_INTEGER
));
783 if (!NT_SUCCESS(Status
))
785 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status
);
789 /* Set the OldTime attribute */
790 Status
= LsapSetObjectAttribute(SecretObject
,
793 sizeof(LARGE_INTEGER
));
796 if (!NT_SUCCESS(Status
))
798 if (SecretObject
!= NULL
)
799 LsapCloseDbObject(SecretObject
);
803 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
806 if (SecretsObject
!= NULL
)
807 LsapCloseDbObject(SecretsObject
);
809 return STATUS_SUCCESS
;
814 NTSTATUS WINAPI
LsarOpenAccount(
815 LSAPR_HANDLE PolicyHandle
,
817 ACCESS_MASK DesiredAccess
,
818 LSAPR_HANDLE
*AccountHandle
)
820 PLSA_DB_OBJECT PolicyObject
;
821 PLSA_DB_OBJECT AccountsObject
= NULL
;
822 PLSA_DB_OBJECT AccountObject
= NULL
;
823 LPWSTR SidString
= NULL
;
824 NTSTATUS Status
= STATUS_SUCCESS
;
826 /* Validate the PolicyHandle */
827 Status
= LsapValidateDbObject(PolicyHandle
,
829 POLICY_CREATE_ACCOUNT
,
831 if (!NT_SUCCESS(Status
))
833 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
837 /* Open the Accounts object */
838 Status
= LsapOpenDbObject(PolicyObject
,
840 LsaDbContainerObject
,
843 if (!NT_SUCCESS(Status
))
845 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status
);
849 /* Create SID string */
850 if (!ConvertSidToStringSid((PSID
)AccountSid
,
853 ERR("ConvertSidToStringSid failed\n");
854 Status
= STATUS_INVALID_PARAMETER
;
858 /* Create the Account object */
859 Status
= LsapOpenDbObject(AccountsObject
,
864 if (!NT_SUCCESS(Status
))
866 ERR("LsapOpenDbObject (Account) failed (Status 0x%08lx)\n", Status
);
870 /* Set the Sid attribute */
871 Status
= LsapSetObjectAttribute(AccountObject
,
874 GetLengthSid(AccountSid
));
877 if (SidString
!= NULL
)
878 LocalFree(SidString
);
880 if (!NT_SUCCESS(Status
))
882 if (AccountObject
!= NULL
)
883 LsapCloseDbObject(AccountObject
);
887 *AccountHandle
= (LSAPR_HANDLE
)AccountObject
;
890 if (AccountsObject
!= NULL
)
891 LsapCloseDbObject(AccountsObject
);
893 return STATUS_SUCCESS
;
898 NTSTATUS WINAPI
LsarEnumeratePrivilegesAccount(
899 LSAPR_HANDLE AccountHandle
,
900 PLSAPR_PRIVILEGE_SET
*Privileges
)
902 PLSA_DB_OBJECT AccountObject
;
903 ULONG PrivilegeSetSize
= 0;
904 PLSAPR_PRIVILEGE_SET PrivilegeSet
= NULL
;
909 /* Validate the AccountHandle */
910 Status
= LsapValidateDbObject(AccountHandle
,
914 if (!NT_SUCCESS(Status
))
916 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
920 /* Get the size of the privilege set */
921 Status
= LsapGetObjectAttribute(AccountObject
,
925 if (!NT_SUCCESS(Status
))
928 /* Allocate a buffer for the privilege set */
929 PrivilegeSet
= MIDL_user_allocate(PrivilegeSetSize
);
930 if (PrivilegeSet
== NULL
)
931 return STATUS_NO_MEMORY
;
933 /* Get the privilege set */
934 Status
= LsapGetObjectAttribute(AccountObject
,
938 if (!NT_SUCCESS(Status
))
940 MIDL_user_free(PrivilegeSet
);
944 /* Return a pointer to the privilege set */
945 *Privileges
= PrivilegeSet
;
947 return STATUS_SUCCESS
;
952 NTSTATUS WINAPI
LsarAddPrivilegesToAccount(
953 LSAPR_HANDLE AccountHandle
,
954 PLSAPR_PRIVILEGE_SET Privileges
)
956 PLSA_DB_OBJECT AccountObject
;
957 PPRIVILEGE_SET CurrentPrivileges
= NULL
;
958 PPRIVILEGE_SET NewPrivileges
= NULL
;
959 ULONG PrivilegeSetSize
= 0;
960 ULONG PrivilegeCount
;
965 /* Validate the AccountHandle */
966 Status
= LsapValidateDbObject(AccountHandle
,
968 ACCOUNT_ADJUST_PRIVILEGES
,
970 if (!NT_SUCCESS(Status
))
972 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
976 Status
= LsapGetObjectAttribute(AccountObject
,
980 if (!NT_SUCCESS(Status
) || PrivilegeSetSize
== 0)
982 /* The Privilgs attribute does not exist */
984 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
985 (Privileges
->PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
986 Status
= LsapSetObjectAttribute(AccountObject
,
993 /* The Privilgs attribute exists */
995 /* Allocate memory for the stored privilege set */
996 CurrentPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
997 if (CurrentPrivileges
== NULL
)
998 return STATUS_NO_MEMORY
;
1000 /* Get the current privilege set */
1001 Status
= LsapGetObjectAttribute(AccountObject
,
1005 if (!NT_SUCCESS(Status
))
1007 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status
);
1011 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1012 TRACE("Current privilege count: %lu\n", PrivilegeCount
);
1014 /* Calculate the number privileges in the combined privilege set */
1015 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1018 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1020 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1021 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1028 if (bFound
== FALSE
)
1030 TRACE("Found new privilege\n");
1034 TRACE("New privilege count: %lu\n", PrivilegeCount
);
1036 /* Calculate the size of the new privilege set and allocate it */
1037 PrivilegeSetSize
= sizeof(PRIVILEGE_SET
) +
1038 (PrivilegeCount
- 1) * sizeof(LUID_AND_ATTRIBUTES
);
1039 NewPrivileges
= MIDL_user_allocate(PrivilegeSetSize
);
1040 if (NewPrivileges
== NULL
)
1042 Status
= STATUS_NO_MEMORY
;
1046 /* Initialize the new privilege set */
1047 NewPrivileges
->PrivilegeCount
= PrivilegeCount
;
1048 NewPrivileges
->Control
= 0;
1050 /* Copy all privileges from the current privilege set */
1051 RtlCopyLuidAndAttributesArray(CurrentPrivileges
->PrivilegeCount
,
1052 &(CurrentPrivileges
->Privilege
[0]),
1053 &(NewPrivileges
->Privilege
[0]));
1055 /* Add new privileges to the new privilege set */
1056 PrivilegeCount
= CurrentPrivileges
->PrivilegeCount
;
1057 for (i
= 0; i
< Privileges
->PrivilegeCount
; i
++)
1060 for (j
= 0; j
< CurrentPrivileges
->PrivilegeCount
; j
++)
1062 if (RtlEqualLuid(&(Privileges
->Privilege
[i
].Luid
),
1063 &(CurrentPrivileges
->Privilege
[i
].Luid
)))
1065 /* Overwrite attributes if a matching privilege was found */
1066 NewPrivileges
->Privilege
[j
].Attributes
= Privileges
->Privilege
[i
].Attributes
;
1073 if (bFound
== FALSE
)
1075 /* Copy the new privilege */
1076 RtlCopyLuidAndAttributesArray(1,
1077 (PLUID_AND_ATTRIBUTES
)&(Privileges
->Privilege
[i
]),
1078 &(NewPrivileges
->Privilege
[PrivilegeCount
]));
1083 /* Set the new priivliege set */
1084 Status
= LsapSetObjectAttribute(AccountObject
,
1091 if (CurrentPrivileges
!= NULL
)
1092 MIDL_user_free(CurrentPrivileges
);
1094 if (NewPrivileges
!= NULL
)
1095 MIDL_user_free(NewPrivileges
);
1102 NTSTATUS WINAPI
LsarRemovePrivilegesFromAccount(
1103 LSAPR_HANDLE AccountHandle
,
1105 PLSAPR_PRIVILEGE_SET Privileges
)
1108 return STATUS_NOT_IMPLEMENTED
;
1113 NTSTATUS WINAPI
LsarGetQuotasForAccount(
1114 LSAPR_HANDLE AccountHandle
,
1115 PQUOTA_LIMITS QuotaLimits
)
1118 return STATUS_NOT_IMPLEMENTED
;
1123 NTSTATUS WINAPI
LsarSetQuotasForAccount(
1124 LSAPR_HANDLE AccountHandle
,
1125 PQUOTA_LIMITS QuotaLimits
)
1128 return STATUS_NOT_IMPLEMENTED
;
1133 NTSTATUS WINAPI
LsarGetSystemAccessAccount(
1134 LSAPR_HANDLE AccountHandle
,
1135 ACCESS_MASK
*SystemAccess
)
1137 PLSA_DB_OBJECT AccountObject
;
1141 /* Validate the account handle */
1142 Status
= LsapValidateDbObject(AccountHandle
,
1146 if (!NT_SUCCESS(Status
))
1148 ERR("Invalid handle (Status %lx)\n", Status
);
1152 /* Get the system access flags */
1153 Status
= LsapGetObjectAttribute(AccountObject
,
1163 NTSTATUS WINAPI
LsarSetSystemAccessAccount(
1164 LSAPR_HANDLE AccountHandle
,
1165 ACCESS_MASK SystemAccess
)
1167 PLSA_DB_OBJECT AccountObject
;
1170 /* Validate the account handle */
1171 Status
= LsapValidateDbObject(AccountHandle
,
1173 ACCOUNT_ADJUST_SYSTEM_ACCESS
,
1175 if (!NT_SUCCESS(Status
))
1177 ERR("Invalid handle (Status %lx)\n", Status
);
1181 /* Set the system access flags */
1182 Status
= LsapSetObjectAttribute(AccountObject
,
1185 sizeof(ACCESS_MASK
));
1192 NTSTATUS WINAPI
LsarOpenTrustedDomain(
1193 LSAPR_HANDLE PolicyHandle
,
1194 PRPC_SID TrustedDomainSid
,
1195 ACCESS_MASK DesiredAccess
,
1196 LSAPR_HANDLE
*TrustedDomainHandle
)
1199 return STATUS_NOT_IMPLEMENTED
;
1204 NTSTATUS WINAPI
LsarQueryInfoTrustedDomain(
1205 LSAPR_HANDLE TrustedDomainHandle
,
1206 TRUSTED_INFORMATION_CLASS InformationClass
,
1207 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1210 return STATUS_NOT_IMPLEMENTED
;
1215 NTSTATUS WINAPI
LsarSetInformationTrustedDomain(
1216 LSAPR_HANDLE TrustedDomainHandle
,
1217 TRUSTED_INFORMATION_CLASS InformationClass
,
1218 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1221 return STATUS_NOT_IMPLEMENTED
;
1226 NTSTATUS WINAPI
LsarOpenSecret(
1227 LSAPR_HANDLE PolicyHandle
,
1228 PRPC_UNICODE_STRING SecretName
,
1229 ACCESS_MASK DesiredAccess
,
1230 LSAPR_HANDLE
*SecretHandle
)
1232 PLSA_DB_OBJECT PolicyObject
;
1233 PLSA_DB_OBJECT SecretsObject
= NULL
;
1234 PLSA_DB_OBJECT SecretObject
= NULL
;
1235 NTSTATUS Status
= STATUS_SUCCESS
;
1237 /* Validate the PolicyHandle */
1238 Status
= LsapValidateDbObject(PolicyHandle
,
1240 POLICY_CREATE_SECRET
,
1242 if (!NT_SUCCESS(Status
))
1244 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1248 /* Open the Secrets object */
1249 Status
= LsapOpenDbObject(PolicyObject
,
1251 LsaDbContainerObject
,
1254 if (!NT_SUCCESS(Status
))
1256 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status
);
1260 /* Create the secret object */
1261 Status
= LsapOpenDbObject(SecretsObject
,
1266 if (!NT_SUCCESS(Status
))
1268 ERR("LsapOpenDbObject (Secret) failed (Status 0x%08lx)\n", Status
);
1273 if (!NT_SUCCESS(Status
))
1275 if (SecretObject
!= NULL
)
1276 LsapCloseDbObject(SecretObject
);
1280 *SecretHandle
= (LSAPR_HANDLE
)SecretObject
;
1283 if (SecretsObject
!= NULL
)
1284 LsapCloseDbObject(SecretsObject
);
1286 return STATUS_SUCCESS
;
1291 NTSTATUS WINAPI
LsarSetSecret(
1292 LSAPR_HANDLE SecretHandle
,
1293 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue
,
1294 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue
)
1296 PLSA_DB_OBJECT SecretObject
;
1297 PBYTE CurrentValue
= NULL
;
1298 PBYTE OldValue
= NULL
;
1299 ULONG CurrentValueLength
= 0;
1300 ULONG OldValueLength
= 0;
1304 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle
,
1305 EncryptedCurrentValue
, EncryptedOldValue
);
1307 /* Validate the SecretHandle */
1308 Status
= LsapValidateDbObject(SecretHandle
,
1312 if (!NT_SUCCESS(Status
))
1314 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1318 if (EncryptedCurrentValue
!= NULL
)
1320 /* FIXME: Decrypt the current value */
1321 CurrentValue
= EncryptedCurrentValue
->Buffer
;
1322 CurrentValueLength
= EncryptedCurrentValue
->MaximumLength
;
1325 /* Set the current value */
1326 Status
= LsapSetObjectAttribute(SecretObject
,
1329 CurrentValueLength
);
1330 if (!NT_SUCCESS(Status
))
1332 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1336 /* Get the current time */
1337 Status
= NtQuerySystemTime(&Time
);
1338 if (!NT_SUCCESS(Status
))
1340 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status
);
1344 /* Set the current time */
1345 Status
= LsapSetObjectAttribute(SecretObject
,
1348 sizeof(LARGE_INTEGER
));
1349 if (!NT_SUCCESS(Status
))
1351 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1355 if (EncryptedOldValue
!= NULL
)
1357 /* FIXME: Decrypt the old value */
1358 OldValue
= EncryptedOldValue
->Buffer
;
1359 OldValueLength
= EncryptedOldValue
->MaximumLength
;
1362 /* Set the old value */
1363 Status
= LsapSetObjectAttribute(SecretObject
,
1367 if (!NT_SUCCESS(Status
))
1369 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1373 /* Set the old time */
1374 Status
= LsapSetObjectAttribute(SecretObject
,
1377 sizeof(LARGE_INTEGER
));
1378 if (!NT_SUCCESS(Status
))
1380 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status
);
1389 NTSTATUS WINAPI
LsarQuerySecret(
1390 LSAPR_HANDLE SecretHandle
,
1391 PLSAPR_CR_CIPHER_VALUE
*EncryptedCurrentValue
,
1392 PLARGE_INTEGER CurrentValueSetTime
,
1393 PLSAPR_CR_CIPHER_VALUE
*EncryptedOldValue
,
1394 PLARGE_INTEGER OldValueSetTime
)
1396 PLSA_DB_OBJECT SecretObject
;
1397 PLSAPR_CR_CIPHER_VALUE EncCurrentValue
= NULL
;
1398 PLSAPR_CR_CIPHER_VALUE EncOldValue
= NULL
;
1399 PBYTE CurrentValue
= NULL
;
1400 PBYTE OldValue
= NULL
;
1401 ULONG CurrentValueLength
= 0;
1402 ULONG OldValueLength
= 0;
1406 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle
,
1407 EncryptedCurrentValue
, CurrentValueSetTime
,
1408 EncryptedOldValue
, OldValueSetTime
);
1410 /* Validate the SecretHandle */
1411 Status
= LsapValidateDbObject(SecretHandle
,
1415 if (!NT_SUCCESS(Status
))
1417 ERR("LsapValidateDbObject returned 0x%08lx\n", Status
);
1421 if (EncryptedCurrentValue
!= NULL
)
1423 CurrentValueLength
= 0;
1425 /* Get the size of the current value */
1426 Status
= LsapGetObjectAttribute(SecretObject
,
1429 &CurrentValueLength
);
1430 if (!NT_SUCCESS(Status
))
1433 /* Allocate a buffer for the current value */
1434 CurrentValue
= midl_user_allocate(CurrentValueLength
);
1435 if (CurrentValue
== NULL
)
1437 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1441 /* Get the current value */
1442 Status
= LsapGetObjectAttribute(SecretObject
,
1445 &CurrentValueLength
);
1446 if (!NT_SUCCESS(Status
))
1449 /* Allocate a buffer for the encrypted current value */
1450 EncCurrentValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
));
1451 if (EncCurrentValue
== NULL
)
1453 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1457 /* FIXME: Encrypt the current value */
1458 EncCurrentValue
->Length
= (USHORT
)(CurrentValueLength
- sizeof(WCHAR
));
1459 EncCurrentValue
->MaximumLength
= (USHORT
)CurrentValueLength
;
1460 EncCurrentValue
->Buffer
= (PBYTE
)CurrentValue
;
1463 if (CurrentValueSetTime
!= NULL
)
1465 BufferSize
= sizeof(LARGE_INTEGER
);
1467 /* Get the current value time */
1468 Status
= LsapGetObjectAttribute(SecretObject
,
1470 (PBYTE
)CurrentValueSetTime
,
1472 if (!NT_SUCCESS(Status
))
1476 if (EncryptedOldValue
!= NULL
)
1480 /* Get the size of the old value */
1481 Status
= LsapGetObjectAttribute(SecretObject
,
1485 if (!NT_SUCCESS(Status
))
1488 /* Allocate a buffer for the old value */
1489 OldValue
= midl_user_allocate(OldValueLength
);
1490 if (OldValue
== NULL
)
1492 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1496 /* Get the old value */
1497 Status
= LsapGetObjectAttribute(SecretObject
,
1501 if (!NT_SUCCESS(Status
))
1504 /* Allocate a buffer for the encrypted old value */
1505 EncOldValue
= midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE
) + OldValueLength
);
1506 if (EncOldValue
== NULL
)
1508 Status
= STATUS_INSUFFICIENT_RESOURCES
;
1512 /* FIXME: Encrypt the old value */
1513 EncOldValue
->Length
= (USHORT
)(OldValueLength
- sizeof(WCHAR
));
1514 EncOldValue
->MaximumLength
= (USHORT
)OldValueLength
;
1515 EncOldValue
->Buffer
= (PBYTE
)OldValue
;
1518 if (OldValueSetTime
!= NULL
)
1520 BufferSize
= sizeof(LARGE_INTEGER
);
1522 /* Get the old value time */
1523 Status
= LsapGetObjectAttribute(SecretObject
,
1525 (PBYTE
)OldValueSetTime
,
1527 if (!NT_SUCCESS(Status
))
1533 if (NT_SUCCESS(Status
))
1535 if (EncryptedCurrentValue
!= NULL
)
1536 *EncryptedCurrentValue
= EncCurrentValue
;
1538 if (EncryptedOldValue
!= NULL
)
1539 *EncryptedOldValue
= EncOldValue
;
1543 if (EncryptedCurrentValue
!= NULL
)
1544 *EncryptedCurrentValue
= NULL
;
1546 if (EncryptedOldValue
!= NULL
)
1547 *EncryptedOldValue
= NULL
;
1549 if (EncCurrentValue
!= NULL
)
1550 midl_user_free(EncCurrentValue
);
1552 if (EncOldValue
!= NULL
)
1553 midl_user_free(EncOldValue
);
1555 if (CurrentValue
!= NULL
)
1556 midl_user_free(CurrentValue
);
1558 if (OldValue
!= NULL
)
1559 midl_user_free(OldValue
);
1562 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status
);
1569 NTSTATUS WINAPI
LsarLookupPrivilegeValue(
1570 LSAPR_HANDLE PolicyHandle
,
1571 PRPC_UNICODE_STRING Name
,
1576 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1577 PolicyHandle
, Name
, Value
);
1579 Status
= LsapValidateDbObject(PolicyHandle
,
1581 POLICY_LOOKUP_NAMES
,
1583 if (!NT_SUCCESS(Status
))
1585 ERR("Invalid handle (Status %lx)\n", Status
);
1589 TRACE("Privilege: %wZ\n", Name
);
1591 Status
= LsarpLookupPrivilegeValue((PUNICODE_STRING
)Name
,
1599 NTSTATUS WINAPI
LsarLookupPrivilegeName(
1600 LSAPR_HANDLE PolicyHandle
,
1602 PRPC_UNICODE_STRING
*Name
)
1606 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1607 PolicyHandle
, Value
, Name
);
1609 Status
= LsapValidateDbObject(PolicyHandle
,
1611 POLICY_LOOKUP_NAMES
,
1613 if (!NT_SUCCESS(Status
))
1615 ERR("Invalid handle\n");
1619 Status
= LsarpLookupPrivilegeName(Value
, (PUNICODE_STRING
*)Name
);
1626 NTSTATUS WINAPI
LsarLookupPrivilegeDisplayName(
1627 LSAPR_HANDLE PolicyHandle
,
1628 PRPC_UNICODE_STRING Name
,
1629 USHORT ClientLanguage
,
1630 USHORT ClientSystemDefaultLanguage
,
1631 PRPC_UNICODE_STRING
*DisplayName
,
1632 USHORT
*LanguageReturned
)
1635 return STATUS_NOT_IMPLEMENTED
;
1640 NTSTATUS WINAPI
LsarDeleteObject(
1641 LSAPR_HANDLE
*ObjectHandle
)
1644 return STATUS_NOT_IMPLEMENTED
;
1649 NTSTATUS WINAPI
LsarEnumerateAccountsWithUserRight(
1650 LSAPR_HANDLE PolicyHandle
,
1651 PRPC_UNICODE_STRING UserRight
,
1652 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
)
1655 return STATUS_NOT_IMPLEMENTED
;
1660 NTSTATUS WINAPI
LsarEnmuerateAccountRights(
1661 LSAPR_HANDLE PolicyHandle
,
1662 PRPC_SID AccountSid
,
1663 PLSAPR_USER_RIGHT_SET UserRights
)
1665 PLSA_DB_OBJECT PolicyObject
;
1668 FIXME("(%p,%p,%p) stub\n", PolicyHandle
, AccountSid
, UserRights
);
1670 Status
= LsapValidateDbObject(PolicyHandle
,
1674 if (!NT_SUCCESS(Status
))
1677 UserRights
->Entries
= 0;
1678 UserRights
->UserRights
= NULL
;
1679 return STATUS_OBJECT_NAME_NOT_FOUND
;
1684 NTSTATUS WINAPI
LsarAddAccountRights(
1685 LSAPR_HANDLE PolicyHandle
,
1686 PRPC_SID AccountSid
,
1687 PLSAPR_USER_RIGHT_SET UserRights
)
1690 return STATUS_NOT_IMPLEMENTED
;
1695 NTSTATUS WINAPI
LsarRemoveAccountRights(
1696 LSAPR_HANDLE PolicyHandle
,
1697 PRPC_SID AccountSid
,
1699 PLSAPR_USER_RIGHT_SET UserRights
)
1702 return STATUS_NOT_IMPLEMENTED
;
1707 NTSTATUS WINAPI
LsarQueryTrustedDomainInfo(
1708 LSAPR_HANDLE PolicyHandle
,
1709 PRPC_SID TrustedDomainSid
,
1710 TRUSTED_INFORMATION_CLASS InformationClass
,
1711 PLSAPR_TRUSTED_DOMAIN_INFO
*TrustedDomainInformation
)
1714 return STATUS_NOT_IMPLEMENTED
;
1719 NTSTATUS WINAPI
LsarSetTrustedDomainInfo(
1720 LSAPR_HANDLE PolicyHandle
,
1721 PRPC_SID TrustedDomainSid
,
1722 TRUSTED_INFORMATION_CLASS InformationClass
,
1723 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
)
1726 return STATUS_NOT_IMPLEMENTED
;
1731 NTSTATUS WINAPI
LsarDeleteTrustedDomain(
1732 LSAPR_HANDLE PolicyHandle
,
1733 PRPC_SID TrustedDomainSid
)
1736 return STATUS_NOT_IMPLEMENTED
;
1741 NTSTATUS WINAPI
LsarStorePrivateData(
1742 LSAPR_HANDLE PolicyHandle
,
1743 PRPC_UNICODE_STRING KeyName
,
1744 PLSAPR_CR_CIPHER_VALUE EncryptedData
)
1747 return STATUS_NOT_IMPLEMENTED
;
1752 NTSTATUS WINAPI
LsarRetrievePrivateData(
1753 LSAPR_HANDLE PolicyHandle
,
1754 PRPC_UNICODE_STRING KeyName
,
1755 PLSAPR_CR_CIPHER_VALUE
*EncryptedData
)
1758 return STATUS_NOT_IMPLEMENTED
;
1763 NTSTATUS WINAPI
LsarOpenPolicy2(
1765 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes
,
1766 ACCESS_MASK DesiredAccess
,
1767 LSAPR_HANDLE
*PolicyHandle
)
1770 return STATUS_NOT_IMPLEMENTED
;
1775 NTSTATUS WINAPI
LsarGetUserName(
1777 PRPC_UNICODE_STRING
*UserName
,
1778 PRPC_UNICODE_STRING
*DomainName
)
1781 return STATUS_NOT_IMPLEMENTED
;
1786 NTSTATUS WINAPI
LsarQueryInformationPolicy2(
1787 LSAPR_HANDLE PolicyHandle
,
1788 POLICY_INFORMATION_CLASS InformationClass
,
1789 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
1791 return LsarQueryInformationPolicy(PolicyHandle
,
1798 NTSTATUS WINAPI
LsarSetInformationPolicy2(
1799 LSAPR_HANDLE PolicyHandle
,
1800 POLICY_INFORMATION_CLASS InformationClass
,
1801 PLSAPR_POLICY_INFORMATION PolicyInformation
)
1803 return LsarSetInformationPolicy(PolicyHandle
,
1810 NTSTATUS WINAPI
LsarQueryTrustedDomainInfoByName(
1811 LSAPR_HANDLE PolicyHandle
,
1812 PRPC_UNICODE_STRING TrustedDomainName
,
1813 POLICY_INFORMATION_CLASS InformationClass
,
1814 unsigned long *PolicyInformation
)
1817 return STATUS_NOT_IMPLEMENTED
;
1822 NTSTATUS WINAPI
LsarSetTrustedDomainInfoByName(
1823 LSAPR_HANDLE PolicyHandle
,
1824 PRPC_UNICODE_STRING TrustedDomainName
,
1825 POLICY_INFORMATION_CLASS InformationClass
,
1826 unsigned long PolicyInformation
)
1829 return STATUS_NOT_IMPLEMENTED
;
1834 NTSTATUS WINAPI
LsarEnumerateTrustedDomainsEx(
1835 LSAPR_HANDLE PolicyHandle
,
1836 DWORD
*EnumerationContext
,
1837 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer
,
1838 DWORD PreferedMaximumLength
)
1841 return STATUS_NOT_IMPLEMENTED
;
1846 NTSTATUS WINAPI
LsarCreateTrustedDomainEx(
1847 LSAPR_HANDLE PolicyHandle
,
1848 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1849 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation
,
1850 ACCESS_MASK DesiredAccess
,
1851 LSAPR_HANDLE
*TrustedDomainHandle
)
1854 return STATUS_NOT_IMPLEMENTED
;
1859 NTSTATUS WINAPI
LsarSetPolicyReplicationHandle(
1860 PLSAPR_HANDLE PolicyHandle
)
1863 return STATUS_NOT_IMPLEMENTED
;
1868 NTSTATUS WINAPI
LsarQueryDomainInformationPolicy(
1869 LSAPR_HANDLE PolicyHandle
,
1870 POLICY_INFORMATION_CLASS InformationClass
,
1871 unsigned long *PolicyInformation
)
1874 return STATUS_NOT_IMPLEMENTED
;
1879 NTSTATUS WINAPI
LsarSetDomainInformationPolicy(
1880 LSAPR_HANDLE PolicyHandle
,
1881 POLICY_INFORMATION_CLASS InformationClass
,
1882 unsigned long PolicyInformation
)
1885 return STATUS_NOT_IMPLEMENTED
;
1890 NTSTATUS WINAPI
LsarOpenTrustedDomainByName(
1891 LSAPR_HANDLE PolicyHandle
,
1892 PRPC_UNICODE_STRING TrustedDomainName
,
1893 ACCESS_MASK DesiredAccess
,
1894 LSAPR_HANDLE
*TrustedDomainHandle
)
1897 return STATUS_NOT_IMPLEMENTED
;
1902 NTSTATUS WINAPI
LsarTestCall(
1906 return STATUS_NOT_IMPLEMENTED
;
1911 NTSTATUS WINAPI
LsarLookupSids2(
1912 LSAPR_HANDLE PolicyHandle
,
1913 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
1914 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1915 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
1916 LSAP_LOOKUP_LEVEL LookupLevel
,
1918 DWORD LookupOptions
,
1919 DWORD ClientRevision
)
1922 return STATUS_NOT_IMPLEMENTED
;
1927 NTSTATUS WINAPI
LsarLookupNames2(
1928 LSAPR_HANDLE PolicyHandle
,
1930 PRPC_UNICODE_STRING Names
,
1931 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
1932 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids
,
1933 LSAP_LOOKUP_LEVEL LookupLevel
,
1935 DWORD LookupOptions
,
1936 DWORD ClientRevision
)
1939 return STATUS_NOT_IMPLEMENTED
;
1944 NTSTATUS WINAPI
LsarCreateTrustedDomainEx2(
1945 LSAPR_HANDLE PolicyHandle
,
1946 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation
,
1947 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation
,
1948 ACCESS_MASK DesiredAccess
,
1949 LSAPR_HANDLE
*TrustedDomainHandle
)
1952 return STATUS_NOT_IMPLEMENTED
;
1957 NTSTATUS WINAPI
CredrWrite(
1961 return STATUS_NOT_IMPLEMENTED
;
1966 NTSTATUS WINAPI
CredrRead(
1970 return STATUS_NOT_IMPLEMENTED
;
1975 NTSTATUS WINAPI
CredrEnumerate(
1979 return STATUS_NOT_IMPLEMENTED
;
1984 NTSTATUS WINAPI
CredrWriteDomainCredentials(
1988 return STATUS_NOT_IMPLEMENTED
;
1993 NTSTATUS WINAPI
CredrReadDomainCredentials(
1997 return STATUS_NOT_IMPLEMENTED
;
2002 NTSTATUS WINAPI
CredrDelete(
2006 return STATUS_NOT_IMPLEMENTED
;
2011 NTSTATUS WINAPI
CredrGetTargetInfo(
2015 return STATUS_NOT_IMPLEMENTED
;
2020 NTSTATUS WINAPI
CredrProfileLoaded(
2024 return STATUS_NOT_IMPLEMENTED
;
2029 NTSTATUS WINAPI
LsarLookupNames3(
2030 LSAPR_HANDLE PolicyHandle
,
2032 PRPC_UNICODE_STRING Names
,
2033 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2034 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2035 LSAP_LOOKUP_LEVEL LookupLevel
,
2037 DWORD LookupOptions
,
2038 DWORD ClientRevision
)
2040 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
= {SECURITY_NT_AUTHORITY
};
2041 static const UNICODE_STRING DomainName
= RTL_CONSTANT_STRING(L
"DOMAIN");
2042 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer
= NULL
;
2043 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer
= NULL
;
2044 ULONG SidsBufferLength
;
2045 ULONG DomainSidLength
;
2046 ULONG AccountSidLength
;
2052 TRACE("LsarLookupNames3(%p, %lu, %p, %p, %p, %d, %p, %lu, %lu)\n",
2053 PolicyHandle
, Count
, Names
, ReferencedDomains
, TranslatedSids
,
2054 LookupLevel
, MappedCount
, LookupOptions
, ClientRevision
);
2057 return STATUS_NONE_MAPPED
;
2059 TranslatedSids
->Entries
= Count
;
2060 TranslatedSids
->Sids
= NULL
;
2061 *ReferencedDomains
= NULL
;
2063 SidsBufferLength
= Count
* sizeof(LSAPR_TRANSLATED_SID_EX2
);
2064 SidsBuffer
= MIDL_user_allocate(SidsBufferLength
);
2065 if (SidsBuffer
== NULL
)
2066 return STATUS_INSUFFICIENT_RESOURCES
;
2068 for (i
= 0; i
< Count
; i
++)
2070 SidsBuffer
[i
].Use
= SidTypeUser
;
2071 SidsBuffer
[i
].Sid
= NULL
;
2072 SidsBuffer
[i
].DomainIndex
= -1;
2073 SidsBuffer
[i
].Flags
= 0;
2076 DomainsBuffer
= MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST
));
2077 if (DomainsBuffer
== NULL
)
2079 MIDL_user_free(SidsBuffer
);
2080 return STATUS_INSUFFICIENT_RESOURCES
;
2083 DomainsBuffer
->Entries
= Count
;
2084 DomainsBuffer
->Domains
= MIDL_user_allocate(Count
* sizeof(LSA_TRUST_INFORMATION
));
2085 if (DomainsBuffer
->Domains
== NULL
)
2087 MIDL_user_free(DomainsBuffer
);
2088 MIDL_user_free(SidsBuffer
);
2089 return STATUS_INSUFFICIENT_RESOURCES
;
2092 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2094 SECURITY_BUILTIN_DOMAIN_RID
,
2095 DOMAIN_ALIAS_RID_ADMINS
,
2098 if (!NT_SUCCESS(Status
))
2100 MIDL_user_free(DomainsBuffer
->Domains
);
2101 MIDL_user_free(DomainsBuffer
);
2102 MIDL_user_free(SidsBuffer
);
2106 DomainSidLength
= RtlLengthSid(DomainSid
);
2108 for (i
= 0; i
< Count
; i
++)
2110 DomainsBuffer
->Domains
[i
].Sid
= MIDL_user_allocate(DomainSidLength
);
2111 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Sid
,
2115 DomainsBuffer
->Domains
[i
].Name
.Buffer
= MIDL_user_allocate(DomainName
.MaximumLength
);
2116 DomainsBuffer
->Domains
[i
].Name
.Length
= DomainName
.Length
;
2117 DomainsBuffer
->Domains
[i
].Name
.MaximumLength
= DomainName
.MaximumLength
;
2118 RtlCopyMemory(DomainsBuffer
->Domains
[i
].Name
.Buffer
,
2120 DomainName
.MaximumLength
);
2123 Status
= RtlAllocateAndInitializeSid(&IdentifierAuthority
,
2125 SECURITY_BUILTIN_DOMAIN_RID
,
2126 DOMAIN_ALIAS_RID_ADMINS
,
2127 DOMAIN_USER_RID_ADMIN
,
2130 if (!NT_SUCCESS(Status
))
2132 MIDL_user_free(DomainsBuffer
->Domains
);
2133 MIDL_user_free(DomainsBuffer
);
2134 MIDL_user_free(SidsBuffer
);
2138 AccountSidLength
= RtlLengthSid(AccountSid
);
2140 for (i
= 0; i
< Count
; i
++)
2142 SidsBuffer
[i
].Use
= SidTypeWellKnownGroup
;
2143 SidsBuffer
[i
].Sid
= MIDL_user_allocate(AccountSidLength
);
2145 RtlCopyMemory(SidsBuffer
[i
].Sid
,
2149 SidsBuffer
[i
].DomainIndex
= i
;
2150 SidsBuffer
[i
].Flags
= 0;
2153 *ReferencedDomains
= DomainsBuffer
;
2154 *MappedCount
= Count
;
2156 TranslatedSids
->Entries
= Count
;
2157 TranslatedSids
->Sids
= SidsBuffer
;
2159 return STATUS_SUCCESS
;
2164 NTSTATUS WINAPI
CredrGetSessionTypes(
2168 return STATUS_NOT_IMPLEMENTED
;
2173 NTSTATUS WINAPI
LsarRegisterAuditEvent(
2177 return STATUS_NOT_IMPLEMENTED
;
2182 NTSTATUS WINAPI
LsarGenAuditEvent(
2186 return STATUS_NOT_IMPLEMENTED
;
2191 NTSTATUS WINAPI
LsarUnregisterAuditEvent(
2195 return STATUS_NOT_IMPLEMENTED
;
2200 NTSTATUS WINAPI
LsarQueryForestTrustInformation(
2201 LSAPR_HANDLE PolicyHandle
,
2202 PLSA_UNICODE_STRING TrustedDomainName
,
2203 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2204 PLSA_FOREST_TRUST_INFORMATION
*ForestTrustInfo
)
2207 return STATUS_NOT_IMPLEMENTED
;
2212 NTSTATUS WINAPI
LsarSetForestTrustInformation(
2213 LSAPR_HANDLE PolicyHandle
,
2214 PLSA_UNICODE_STRING TrustedDomainName
,
2215 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType
,
2216 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo
,
2218 PLSA_FOREST_TRUST_COLLISION_INFORMATION
*CollisionInfo
)
2221 return STATUS_NOT_IMPLEMENTED
;
2226 NTSTATUS WINAPI
CredrRename(
2230 return STATUS_NOT_IMPLEMENTED
;
2235 NTSTATUS WINAPI
LsarLookupSids3(
2236 LSAPR_HANDLE PolicyHandle
,
2237 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer
,
2238 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2239 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames
,
2240 LSAP_LOOKUP_LEVEL LookupLevel
,
2242 DWORD LookupOptions
,
2243 DWORD ClientRevision
)
2246 return STATUS_NOT_IMPLEMENTED
;
2251 NTSTATUS WINAPI
LsarLookupNames4(
2254 PRPC_UNICODE_STRING Names
,
2255 PLSAPR_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
2256 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids
,
2257 LSAP_LOOKUP_LEVEL LookupLevel
,
2259 DWORD LookupOptions
,
2260 DWORD ClientRevision
)
2263 return STATUS_NOT_IMPLEMENTED
;
2268 NTSTATUS WINAPI
LsarOpenPolicySce(
2272 return STATUS_NOT_IMPLEMENTED
;
2277 NTSTATUS WINAPI
LsarAdtRegisterSecurityEventSource(
2281 return STATUS_NOT_IMPLEMENTED
;
2286 NTSTATUS WINAPI
LsarAdtUnregisterSecurityEventSource(
2290 return STATUS_NOT_IMPLEMENTED
;
2295 NTSTATUS WINAPI
LsarAdtReportSecurityEvent(
2299 return STATUS_NOT_IMPLEMENTED
;
2304 NTSTATUS WINAPI
CredrFindBestCredential(
2308 return STATUS_NOT_IMPLEMENTED
;
2313 NTSTATUS WINAPI
LsarSetAuditPolicy(
2317 return STATUS_NOT_IMPLEMENTED
;
2322 NTSTATUS WINAPI
LsarQueryAuditPolicy(
2326 return STATUS_NOT_IMPLEMENTED
;
2331 NTSTATUS WINAPI
LsarEnumerateAuditPolicy(
2335 return STATUS_NOT_IMPLEMENTED
;
2340 NTSTATUS WINAPI
LsarEnumerateAuditCategories(
2344 return STATUS_NOT_IMPLEMENTED
;
2349 NTSTATUS WINAPI
LsarEnumerateAuditSubCategories(
2353 return STATUS_NOT_IMPLEMENTED
;
2358 NTSTATUS WINAPI
LsarLookupAuditCategoryName(
2362 return STATUS_NOT_IMPLEMENTED
;
2367 NTSTATUS WINAPI
LsarLookupAuditSubCategoryName(
2371 return STATUS_NOT_IMPLEMENTED
;
2376 NTSTATUS WINAPI
LsarSetAuditSecurity(
2380 return STATUS_NOT_IMPLEMENTED
;
2385 NTSTATUS WINAPI
LsarQueryAuditSecurity(
2389 return STATUS_NOT_IMPLEMENTED
;
2394 NTSTATUS WINAPI
CredReadByTokenHandle(
2398 return STATUS_NOT_IMPLEMENTED
;
2403 NTSTATUS WINAPI
CredrRestoreCredentials(
2407 return STATUS_NOT_IMPLEMENTED
;
2412 NTSTATUS WINAPI
CredrBackupCredentials(
2416 return STATUS_NOT_IMPLEMENTED
;