projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[LSASRV]
[reactos.git] / reactos / dll / win32 / lsasrv / lsarpc.c
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: Local Security Authority (LSA) Server
4 * FILE: reactos/dll/win32/lsasrv/lsarpc.h
5 * PURPOSE: RPC interface functions
6 *
7 * PROGRAMMERS: Eric Kohl
8 */
9
10 /* INCLUDES ****************************************************************/
11
12 #include "lsasrv.h"
13
14 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
15
16
17 /* GLOBALS *****************************************************************/
18
19 static RTL_CRITICAL_SECTION PolicyHandleTableLock;
20
21
22 /* FUNCTIONS ***************************************************************/
23
24 VOID
25 LsarStartRpcServer(VOID)
26 {
27 RPC_STATUS Status;
28
29 RtlInitializeCriticalSection(&PolicyHandleTableLock);
30
31 TRACE("LsarStartRpcServer() called\n");
32
33 Status = RpcServerUseProtseqEpW(L"ncacn_np",
34 10,
35 L"\\pipe\\lsarpc",
36 NULL);
37 if (Status != RPC_S_OK)
38 {
39 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status);
40 return;
41 }
42
43 Status = RpcServerRegisterIf(lsarpc_v0_0_s_ifspec,
44 NULL,
45 NULL);
46 if (Status != RPC_S_OK)
47 {
48 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status);
49 return;
50 }
51
52 Status = RpcServerListen(1, 20, TRUE);
53 if (Status != RPC_S_OK)
54 {
55 WARN("RpcServerListen() failed (Status %lx)\n", Status);
56 return;
57 }
58
59 TRACE("LsarStartRpcServer() done\n");
60 }
61
62
63 void __RPC_USER LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle)
64 {
65
66 }
67
68
69 /* Function 0 */
70 NTSTATUS WINAPI LsarClose(
71 LSAPR_HANDLE *ObjectHandle)
72 {
73 PLSA_DB_OBJECT DbObject;
74 NTSTATUS Status = STATUS_SUCCESS;
75
76 TRACE("0x%p\n", ObjectHandle);
77
78 // RtlEnterCriticalSection(&PolicyHandleTableLock);
79
80 Status = LsapValidateDbObject(*ObjectHandle,
81 LsaDbIgnoreObject,
82 0,
83 &DbObject);
84 if (Status == STATUS_SUCCESS)
85 {
86 Status = LsapCloseDbObject(DbObject);
87 *ObjectHandle = NULL;
88 }
89
90 // RtlLeaveCriticalSection(&PolicyHandleTableLock);
91
92 return Status;
93 }
94
95
96 /* Function 1 */
97 NTSTATUS WINAPI LsarDelete(
98 LSAPR_HANDLE ObjectHandle)
99 {
100 /* Deprecated */
101 return STATUS_NOT_SUPPORTED;
102 }
103
104
105 /* Function 2 */
106 NTSTATUS WINAPI LsarEnumeratePrivileges(
107 LSAPR_HANDLE PolicyHandle,
108 DWORD *EnumerationContext,
109 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer,
110 DWORD PreferedMaximumLength)
111 {
112 UNIMPLEMENTED;
113 return STATUS_NOT_IMPLEMENTED;
114 }
115
116
117 /* Function 3 */
118 NTSTATUS WINAPI LsarQuerySecurityObject(
119 LSAPR_HANDLE ObjectHandle,
120 SECURITY_INFORMATION SecurityInformation,
121 PLSAPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor)
122 {
123 UNIMPLEMENTED;
124 return STATUS_NOT_IMPLEMENTED;
125 }
126
127
128 /* Function 4 */
129 NTSTATUS WINAPI LsarSetSecurityObject(
130 LSAPR_HANDLE ObjectHandle,
131 SECURITY_INFORMATION SecurityInformation,
132 PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor)
133 {
134 UNIMPLEMENTED;
135 return STATUS_NOT_IMPLEMENTED;
136 }
137
138
139 /* Function 5 */
140 NTSTATUS WINAPI LsarChangePassword(
141 handle_t IDL_handle,
142 PRPC_UNICODE_STRING String1,
143 PRPC_UNICODE_STRING String2,
144 PRPC_UNICODE_STRING String3,
145 PRPC_UNICODE_STRING String4,
146 PRPC_UNICODE_STRING String5)
147 {
148 /* Deprecated */
149 return STATUS_NOT_IMPLEMENTED;
150 }
151
152
153 /* Function 6 */
154 NTSTATUS WINAPI LsarOpenPolicy(
155 LPWSTR SystemName,
156 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
157 ACCESS_MASK DesiredAccess,
158 LSAPR_HANDLE *PolicyHandle)
159 {
160 PLSA_DB_OBJECT PolicyObject;
161 NTSTATUS Status;
162
163 TRACE("LsarOpenPolicy called!\n");
164
165 RtlEnterCriticalSection(&PolicyHandleTableLock);
166
167 Status = LsapOpenDbObject(NULL,
168 L"Policy",
169 LsaDbPolicyObject,
170 DesiredAccess,
171 &PolicyObject);
172
173 RtlLeaveCriticalSection(&PolicyHandleTableLock);
174
175 if (NT_SUCCESS(Status))
176 *PolicyHandle = (LSAPR_HANDLE)PolicyObject;
177
178 TRACE("LsarOpenPolicy done!\n");
179
180 return Status;
181 }
182
183
184 /* Function 7 */
185 NTSTATUS WINAPI LsarQueryInformationPolicy(
186 LSAPR_HANDLE PolicyHandle,
187 POLICY_INFORMATION_CLASS InformationClass,
188 PLSAPR_POLICY_INFORMATION *PolicyInformation)
189 {
190 PLSA_DB_OBJECT DbObject;
191 ACCESS_MASK DesiredAccess = 0;
192 NTSTATUS Status;
193
194 TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
195 PolicyHandle, InformationClass, PolicyInformation);
196
197 if (PolicyInformation)
198 {
199 TRACE("*PolicyInformation %p\n", *PolicyInformation);
200 }
201
202 switch (InformationClass)
203 {
204 case PolicyAuditLogInformation:
205 case PolicyAuditEventsInformation:
206 case PolicyAuditFullQueryInformation:
207 DesiredAccess = POLICY_VIEW_AUDIT_INFORMATION;
208 break;
209
210 case PolicyPrimaryDomainInformation:
211 case PolicyAccountDomainInformation:
212 case PolicyLsaServerRoleInformation:
213 case PolicyReplicaSourceInformation:
214 case PolicyDefaultQuotaInformation:
215 case PolicyDnsDomainInformation:
216 case PolicyDnsDomainInformationInt:
217 case PolicyLocalAccountDomainInformation:
218 DesiredAccess = POLICY_VIEW_LOCAL_INFORMATION;
219 break;
220
221 case PolicyPdAccountInformation:
222 DesiredAccess = POLICY_GET_PRIVATE_INFORMATION;
223 break;
224
225 default:
226 ERR("Invalid InformationClass!\n");
227 return STATUS_INVALID_PARAMETER;
228 }
229
230 Status = LsapValidateDbObject(PolicyHandle,
231 LsaDbPolicyObject,
232 DesiredAccess,
233 &DbObject);
234 if (!NT_SUCCESS(Status))
235 return Status;
236
237 switch (InformationClass)
238 {
239 case PolicyAuditLogInformation: /* 1 */
240 Status = LsarQueryAuditLog(PolicyHandle,
241 PolicyInformation);
242
243 case PolicyAuditEventsInformation: /* 2 */
244 Status = LsarQueryAuditEvents(PolicyHandle,
245 PolicyInformation);
246 break;
247
248 case PolicyPrimaryDomainInformation: /* 3 */
249 Status = LsarQueryPrimaryDomain(PolicyHandle,
250 PolicyInformation);
251 break;
252
253 case PolicyPdAccountInformation: /* 4 */
254 Status = LsarQueryPdAccount(PolicyHandle,
255 PolicyInformation);
256
257 case PolicyAccountDomainInformation: /* 5 */
258 Status = LsarQueryAccountDomain(PolicyHandle,
259 PolicyInformation);
260 break;
261
262 case PolicyLsaServerRoleInformation: /* 6 */
263 Status = LsarQueryServerRole(PolicyHandle,
264 PolicyInformation);
265 break;
266
267 case PolicyReplicaSourceInformation: /* 7 */
268 Status = LsarQueryReplicaSource(PolicyHandle,
269 PolicyInformation);
270
271 case PolicyDefaultQuotaInformation: /* 8 */
272 Status = LsarQueryDefaultQuota(PolicyHandle,
273 PolicyInformation);
274 break;
275
276 case PolicyModificationInformation: /* 9 */
277 Status = LsarQueryModification(PolicyHandle,
278 PolicyInformation);
279 break;
280
281 case PolicyAuditFullQueryInformation: /* 11 (0xB) */
282 Status = LsarQueryAuditFull(PolicyHandle,
283 PolicyInformation);
284 break;
285
286 case PolicyDnsDomainInformation: /* 12 (0xC) */
287 Status = LsarQueryDnsDomain(PolicyHandle,
288 PolicyInformation);
289 break;
290
291 case PolicyDnsDomainInformationInt: /* 13 (0xD) */
292 Status = LsarQueryDnsDomainInt(PolicyHandle,
293 PolicyInformation);
294 break;
295
296 case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
297 Status = LsarQueryLocalAccountDomain(PolicyHandle,
298 PolicyInformation);
299 break;
300
301 default:
302 ERR("Invalid InformationClass!\n");
303 Status = STATUS_INVALID_PARAMETER;
304 }
305
306 return Status;
307 }
308
309
310 /* Function 8 */
311 NTSTATUS WINAPI LsarSetInformationPolicy(
312 LSAPR_HANDLE PolicyHandle,
313 POLICY_INFORMATION_CLASS InformationClass,
314 PLSAPR_POLICY_INFORMATION PolicyInformation)
315 {
316 PLSA_DB_OBJECT DbObject;
317 ACCESS_MASK DesiredAccess = 0;
318 NTSTATUS Status;
319
320 TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
321 PolicyHandle, InformationClass, PolicyInformation);
322
323 if (PolicyInformation)
324 {
325 TRACE("*PolicyInformation %p\n", *PolicyInformation);
326 }
327
328 switch (InformationClass)
329 {
330 case PolicyAuditLogInformation:
331 case PolicyAuditFullSetInformation:
332 DesiredAccess = POLICY_AUDIT_LOG_ADMIN;
333 break;
334
335 case PolicyAuditEventsInformation:
336 DesiredAccess = POLICY_SET_AUDIT_REQUIREMENTS;
337 break;
338
339 case PolicyPrimaryDomainInformation:
340 case PolicyAccountDomainInformation:
341 case PolicyDnsDomainInformation:
342 case PolicyDnsDomainInformationInt:
343 case PolicyLocalAccountDomainInformation:
344 DesiredAccess = POLICY_TRUST_ADMIN;
345 break;
346
347 case PolicyLsaServerRoleInformation:
348 case PolicyReplicaSourceInformation:
349 DesiredAccess = POLICY_SERVER_ADMIN;
350 break;
351
352 case PolicyDefaultQuotaInformation:
353 DesiredAccess = POLICY_SET_DEFAULT_QUOTA_LIMITS;
354 break;
355
356 default:
357 ERR("Invalid InformationClass!\n");
358 return STATUS_INVALID_PARAMETER;
359 }
360
361 Status = LsapValidateDbObject(PolicyHandle,
362 LsaDbPolicyObject,
363 DesiredAccess,
364 &DbObject);
365 if (!NT_SUCCESS(Status))
366 return Status;
367
368 switch (InformationClass)
369 {
370 case PolicyAuditEventsInformation:
371 Status = STATUS_NOT_IMPLEMENTED;
372 break;
373
374 case PolicyPrimaryDomainInformation:
375 Status = LsarSetPrimaryDomain(PolicyHandle,
376 (PLSAPR_POLICY_PRIMARY_DOM_INFO)PolicyInformation);
377 break;
378
379 case PolicyAccountDomainInformation:
380 Status = LsarSetAccountDomain(PolicyHandle,
381 (PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
382 break;
383
384 case PolicyDnsDomainInformation:
385 Status = LsarSetDnsDomain(PolicyHandle,
386 (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
387 break;
388
389 case PolicyLsaServerRoleInformation:
390 Status = STATUS_NOT_IMPLEMENTED;
391 break;
392
393 default:
394 Status = STATUS_INVALID_PARAMETER;
395 break;
396 }
397
398 return Status;
399 }
400
401
402 /* Function 9 */
403 NTSTATUS WINAPI LsarClearAuditLog(
404 LSAPR_HANDLE ObjectHandle)
405 {
406 /* Deprecated */
407 return STATUS_NOT_IMPLEMENTED;
408 }
409
410
411 /* Function 10 */
412 NTSTATUS WINAPI LsarCreateAccount(
413 LSAPR_HANDLE PolicyHandle,
414 PRPC_SID AccountSid,
415 ACCESS_MASK DesiredAccess,
416 LSAPR_HANDLE *AccountHandle)
417 {
418 PLSA_DB_OBJECT PolicyObject;
419 PLSA_DB_OBJECT AccountsObject = NULL;
420 PLSA_DB_OBJECT AccountObject = NULL;
421 LPWSTR SidString = NULL;
422 NTSTATUS Status = STATUS_SUCCESS;
423
424 /* Validate the PolicyHandle */
425 Status = LsapValidateDbObject(PolicyHandle,
426 LsaDbPolicyObject,
427 POLICY_CREATE_ACCOUNT,
428 &PolicyObject);
429 if (!NT_SUCCESS(Status))
430 {
431 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
432 return Status;
433 }
434
435 /* Open the Accounts object */
436 Status = LsapOpenDbObject(PolicyObject,
437 L"Accounts",
438 LsaDbContainerObject,
439 0,
440 &AccountsObject);
441 if (!NT_SUCCESS(Status))
442 {
443 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status);
444 goto done;
445 }
446
447 /* Create SID string */
448 if (!ConvertSidToStringSid((PSID)AccountSid,
449 &SidString))
450 {
451 ERR("ConvertSidToStringSid failed\n");
452 Status = STATUS_INVALID_PARAMETER;
453 goto done;
454 }
455
456 /* Create the Account object */
457 Status = LsapCreateDbObject(AccountsObject,
458 SidString,
459 LsaDbAccountObject,
460 DesiredAccess,
461 &AccountObject);
462 if (!NT_SUCCESS(Status))
463 {
464 ERR("LsapCreateDbObject (Account) failed (Status 0x%08lx)\n", Status);
465 goto done;
466 }
467
468 /* Set the Sid attribute */
469 Status = LsapSetObjectAttribute(AccountObject,
470 L"Sid",
471 (PVOID)AccountSid,
472 GetLengthSid(AccountSid));
473
474 done:
475 if (SidString != NULL)
476 LocalFree(SidString);
477
478 if (!NT_SUCCESS(Status))
479 {
480 if (AccountObject != NULL)
481 LsapCloseDbObject(AccountObject);
482 }
483 else
484 {
485 *AccountHandle = (LSAPR_HANDLE)AccountObject;
486 }
487
488 if (AccountsObject != NULL)
489 LsapCloseDbObject(AccountsObject);
490
491 return STATUS_SUCCESS;
492 }
493
494
495 /* Function 11 */
496 NTSTATUS WINAPI LsarEnumerateAccounts(
497 LSAPR_HANDLE PolicyHandle,
498 DWORD *EnumerationContext,
499 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer,
500 DWORD PreferedMaximumLength)
501 {
502 UNIMPLEMENTED;
503 return STATUS_NOT_IMPLEMENTED;
504 }
505
506
507 /* Function 12 */
508 NTSTATUS WINAPI LsarCreateTrustedDomain(
509 LSAPR_HANDLE PolicyHandle,
510 PLSAPR_TRUST_INFORMATION TrustedDomainInformation,
511 ACCESS_MASK DesiredAccess,
512 LSAPR_HANDLE *TrustedDomainHandle)
513 {
514 UNIMPLEMENTED;
515 return STATUS_NOT_IMPLEMENTED;
516 }
517
518
519 /* Function 13 */
520 NTSTATUS WINAPI LsarEnumerateTrustedDomains(
521 LSAPR_HANDLE PolicyHandle,
522 DWORD *EnumerationContext,
523 PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
524 DWORD PreferedMaximumLength)
525 {
526 UNIMPLEMENTED;
527 return STATUS_NOT_IMPLEMENTED;
528 }
529
530
531 /* Function 14 */
532 NTSTATUS WINAPI LsarLookupNames(
533 LSAPR_HANDLE PolicyHandle,
534 DWORD Count,
535 PRPC_UNICODE_STRING Names,
536 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
537 PLSAPR_TRANSLATED_SIDS TranslatedSids,
538 LSAP_LOOKUP_LEVEL LookupLevel,
539 DWORD *MappedCount)
540 {
541 SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
542 static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
543 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains = NULL;
544 PLSA_TRANSLATED_SID OutputSids = NULL;
545 ULONG OutputSidsLength;
546 ULONG i;
547 PSID Sid;
548 ULONG SidLength;
549 NTSTATUS Status;
550
551 TRACE("LsarLookupNames(%p, %lu, %p, %p, %p, %d, %p)\n",
552 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
553 LookupLevel, MappedCount);
554
555 TranslatedSids->Entries = Count;
556 TranslatedSids->Sids = NULL;
557 *ReferencedDomains = NULL;
558
559 OutputSidsLength = Count * sizeof(LSA_TRANSLATED_SID);
560 OutputSids = MIDL_user_allocate(OutputSidsLength);
561 if (OutputSids == NULL)
562 {
563 return STATUS_INSUFFICIENT_RESOURCES;
564 }
565
566 RtlZeroMemory(OutputSids, OutputSidsLength);
567
568 OutputDomains = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
569 if (OutputDomains == NULL)
570 {
571 MIDL_user_free(OutputSids);
572 return STATUS_INSUFFICIENT_RESOURCES;
573 }
574
575 OutputDomains->Entries = Count;
576 OutputDomains->Domains = MIDL_user_allocate(Count * sizeof(LSA_TRUST_INFORMATION));
577 if (OutputDomains->Domains == NULL)
578 {
579 MIDL_user_free(OutputDomains);
580 MIDL_user_free(OutputSids);
581 return STATUS_INSUFFICIENT_RESOURCES;
582 }
583
584 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
585 2,
586 SECURITY_BUILTIN_DOMAIN_RID,
587 DOMAIN_ALIAS_RID_ADMINS,
588 0, 0, 0, 0, 0, 0,
589 &Sid);
590 if (!NT_SUCCESS(Status))
591 {
592 MIDL_user_free(OutputDomains->Domains);
593 MIDL_user_free(OutputDomains);
594 MIDL_user_free(OutputSids);
595 return Status;
596 }
597
598 SidLength = RtlLengthSid(Sid);
599
600 for (i = 0; i < Count; i++)
601 {
602 OutputDomains->Domains[i].Sid = MIDL_user_allocate(SidLength);
603 RtlCopyMemory(OutputDomains->Domains[i].Sid, Sid, SidLength);
604
605 OutputDomains->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength);
606 OutputDomains->Domains[i].Name.Length = DomainName.Length;
607 OutputDomains->Domains[i].Name.MaximumLength = DomainName.MaximumLength;
608 RtlCopyMemory(OutputDomains->Domains[i].Name.Buffer, DomainName.Buffer, DomainName.MaximumLength);
609 }
610
611 for (i = 0; i < Count; i++)
612 {
613 OutputSids[i].Use = SidTypeWellKnownGroup;
614 OutputSids[i].RelativeId = DOMAIN_USER_RID_ADMIN; //DOMAIN_ALIAS_RID_ADMINS;
615 OutputSids[i].DomainIndex = i;
616 }
617
618 *ReferencedDomains = OutputDomains;
619
620 *MappedCount = Count;
621
622 TranslatedSids->Entries = Count;
623 TranslatedSids->Sids = OutputSids;
624
625 return STATUS_SUCCESS;
626 }
627
628
629 /* Function 15 */
630 NTSTATUS WINAPI LsarLookupSids(
631 LSAPR_HANDLE PolicyHandle,
632 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
633 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
634 PLSAPR_TRANSLATED_NAMES TranslatedNames,
635 LSAP_LOOKUP_LEVEL LookupLevel,
636 DWORD *MappedCount)
637 {
638 SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
639 static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
640 PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains = NULL;
641 PLSAPR_TRANSLATED_NAME OutputNames = NULL;
642 ULONG OutputNamesLength;
643 ULONG i;
644 PSID Sid;
645 ULONG SidLength;
646 NTSTATUS Status;
647
648 TRACE("LsarLookupSids(%p, %p, %p, %p, %d, %p)\n",
649 PolicyHandle, SidEnumBuffer, ReferencedDomains, TranslatedNames,
650 LookupLevel, MappedCount);
651
652 TranslatedNames->Entries = SidEnumBuffer->Entries;
653 TranslatedNames->Names = NULL;
654 *ReferencedDomains = NULL;
655
656 OutputNamesLength = SidEnumBuffer->Entries * sizeof(LSA_TRANSLATED_NAME);
657 OutputNames = MIDL_user_allocate(OutputNamesLength);
658 if (OutputNames == NULL)
659 {
660 return STATUS_INSUFFICIENT_RESOURCES;
661 }
662
663 RtlZeroMemory(OutputNames, OutputNamesLength);
664
665 OutputDomains = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
666 if (OutputDomains == NULL)
667 {
668 MIDL_user_free(OutputNames);
669 return STATUS_INSUFFICIENT_RESOURCES;
670 }
671
672 OutputDomains->Entries = SidEnumBuffer->Entries;
673 OutputDomains->Domains = MIDL_user_allocate(SidEnumBuffer->Entries * sizeof(LSA_TRUST_INFORMATION));
674 if (OutputDomains->Domains == NULL)
675 {
676 MIDL_user_free(OutputDomains);
677 MIDL_user_free(OutputNames);
678 return STATUS_INSUFFICIENT_RESOURCES;
679 }
680
681 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
682 2,
683 SECURITY_BUILTIN_DOMAIN_RID,
684 DOMAIN_ALIAS_RID_ADMINS,
685 0, 0, 0, 0, 0, 0,
686 &Sid);
687 if (!NT_SUCCESS(Status))
688 {
689 MIDL_user_free(OutputDomains->Domains);
690 MIDL_user_free(OutputDomains);
691 MIDL_user_free(OutputNames);
692 return Status;
693 }
694
695 SidLength = RtlLengthSid(Sid);
696
697 for (i = 0; i < SidEnumBuffer->Entries; i++)
698 {
699 OutputDomains->Domains[i].Sid = MIDL_user_allocate(SidLength);
700 RtlCopyMemory(OutputDomains->Domains[i].Sid, Sid, SidLength);
701
702 OutputDomains->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength);
703 OutputDomains->Domains[i].Name.Length = DomainName.Length;
704 OutputDomains->Domains[i].Name.MaximumLength = DomainName.MaximumLength;
705 RtlCopyMemory(OutputDomains->Domains[i].Name.Buffer, DomainName.Buffer, DomainName.MaximumLength);
706 }
707
708 Status = LsapLookupSids(SidEnumBuffer,
709 OutputNames);
710
711 *ReferencedDomains = OutputDomains;
712
713 *MappedCount = SidEnumBuffer->Entries;
714
715 TranslatedNames->Entries = SidEnumBuffer->Entries;
716 TranslatedNames->Names = OutputNames;
717
718 return Status;
719 }
720
721
722 /* Function 16 */
723 NTSTATUS WINAPI LsarCreateSecret(
724 LSAPR_HANDLE PolicyHandle,
725 PRPC_UNICODE_STRING SecretName,
726 ACCESS_MASK DesiredAccess,
727 LSAPR_HANDLE *SecretHandle)
728 {
729 PLSA_DB_OBJECT PolicyObject;
730 PLSA_DB_OBJECT SecretsObject = NULL;
731 PLSA_DB_OBJECT SecretObject = NULL;
732 LARGE_INTEGER Time;
733 NTSTATUS Status = STATUS_SUCCESS;
734
735 /* Validate the PolicyHandle */
736 Status = LsapValidateDbObject(PolicyHandle,
737 LsaDbPolicyObject,
738 POLICY_CREATE_SECRET,
739 &PolicyObject);
740 if (!NT_SUCCESS(Status))
741 {
742 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
743 return Status;
744 }
745
746 /* Open the Secrets object */
747 Status = LsapOpenDbObject(PolicyObject,
748 L"Secrets",
749 LsaDbContainerObject,
750 0,
751 &SecretsObject);
752 if (!NT_SUCCESS(Status))
753 {
754 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status);
755 goto done;
756 }
757
758 /* Get the current time */
759 Status = NtQuerySystemTime(&Time);
760 if (!NT_SUCCESS(Status))
761 {
762 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
763 goto done;
764 }
765
766 /* Create the Secret object */
767 Status = LsapCreateDbObject(SecretsObject,
768 SecretName->Buffer,
769 LsaDbSecretObject,
770 DesiredAccess,
771 &SecretObject);
772 if (!NT_SUCCESS(Status))
773 {
774 ERR("LsapCreateDbObject (Secret) failed (Status 0x%08lx)\n", Status);
775 goto done;
776 }
777
778 /* Set the CurrentTime attribute */
779 Status = LsapSetObjectAttribute(SecretObject,
780 L"CurrentTime",
781 (PVOID)&Time,
782 sizeof(LARGE_INTEGER));
783 if (!NT_SUCCESS(Status))
784 {
785 ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status);
786 goto done;
787 }
788
789 /* Set the OldTime attribute */
790 Status = LsapSetObjectAttribute(SecretObject,
791 L"OldTime",
792 (PVOID)&Time,
793 sizeof(LARGE_INTEGER));
794
795 done:
796 if (!NT_SUCCESS(Status))
797 {
798 if (SecretObject != NULL)
799 LsapCloseDbObject(SecretObject);
800 }
801 else
802 {
803 *SecretHandle = (LSAPR_HANDLE)SecretObject;
804 }
805
806 if (SecretsObject != NULL)
807 LsapCloseDbObject(SecretsObject);
808
809 return STATUS_SUCCESS;
810 }
811
812
813 /* Function 17 */
814 NTSTATUS WINAPI LsarOpenAccount(
815 LSAPR_HANDLE PolicyHandle,
816 PRPC_SID AccountSid,
817 ACCESS_MASK DesiredAccess,
818 LSAPR_HANDLE *AccountHandle)
819 {
820 PLSA_DB_OBJECT PolicyObject;
821 PLSA_DB_OBJECT AccountsObject = NULL;
822 PLSA_DB_OBJECT AccountObject = NULL;
823 LPWSTR SidString = NULL;
824 NTSTATUS Status = STATUS_SUCCESS;
825
826 /* Validate the PolicyHandle */
827 Status = LsapValidateDbObject(PolicyHandle,
828 LsaDbPolicyObject,
829 POLICY_CREATE_ACCOUNT,
830 &PolicyObject);
831 if (!NT_SUCCESS(Status))
832 {
833 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
834 return Status;
835 }
836
837 /* Open the Accounts object */
838 Status = LsapOpenDbObject(PolicyObject,
839 L"Accounts",
840 LsaDbContainerObject,
841 0,
842 &AccountsObject);
843 if (!NT_SUCCESS(Status))
844 {
845 ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status);
846 goto done;
847 }
848
849 /* Create SID string */
850 if (!ConvertSidToStringSid((PSID)AccountSid,
851 &SidString))
852 {
853 ERR("ConvertSidToStringSid failed\n");
854 Status = STATUS_INVALID_PARAMETER;
855 goto done;
856 }
857
858 /* Create the Account object */
859 Status = LsapOpenDbObject(AccountsObject,
860 SidString,
861 LsaDbAccountObject,
862 DesiredAccess,
863 &AccountObject);
864 if (!NT_SUCCESS(Status))
865 {
866 ERR("LsapOpenDbObject (Account) failed (Status 0x%08lx)\n", Status);
867 goto done;
868 }
869
870 /* Set the Sid attribute */
871 Status = LsapSetObjectAttribute(AccountObject,
872 L"Sid",
873 (PVOID)AccountSid,
874 GetLengthSid(AccountSid));
875
876 done:
877 if (SidString != NULL)
878 LocalFree(SidString);
879
880 if (!NT_SUCCESS(Status))
881 {
882 if (AccountObject != NULL)
883 LsapCloseDbObject(AccountObject);
884 }
885 else
886 {
887 *AccountHandle = (LSAPR_HANDLE)AccountObject;
888 }
889
890 if (AccountsObject != NULL)
891 LsapCloseDbObject(AccountsObject);
892
893 return STATUS_SUCCESS;
894 }
895
896
897 /* Function 18 */
898 NTSTATUS WINAPI LsarEnumeratePrivilegesAccount(
899 LSAPR_HANDLE AccountHandle,
900 PLSAPR_PRIVILEGE_SET *Privileges)
901 {
902 PLSA_DB_OBJECT AccountObject;
903 ULONG PrivilegeSetSize = 0;
904 PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
905 NTSTATUS Status;
906
907 *Privileges = NULL;
908
909 /* Validate the AccountHandle */
910 Status = LsapValidateDbObject(AccountHandle,
911 LsaDbAccountObject,
912 ACCOUNT_VIEW,
913 &AccountObject);
914 if (!NT_SUCCESS(Status))
915 {
916 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
917 return Status;
918 }
919
920 /* Get the size of the privilege set */
921 Status = LsapGetObjectAttribute(AccountObject,
922 L"Privilgs",
923 NULL,
924 &PrivilegeSetSize);
925 if (!NT_SUCCESS(Status))
926 return Status;
927
928 /* Allocate a buffer for the privilege set */
929 PrivilegeSet = MIDL_user_allocate(PrivilegeSetSize);
930 if (PrivilegeSet == NULL)
931 return STATUS_NO_MEMORY;
932
933 /* Get the privilege set */
934 Status = LsapGetObjectAttribute(AccountObject,
935 L"Privilgs",
936 PrivilegeSet,
937 &PrivilegeSetSize);
938 if (!NT_SUCCESS(Status))
939 {
940 MIDL_user_free(PrivilegeSet);
941 return Status;
942 }
943
944 /* Return a pointer to the privilege set */
945 *Privileges = PrivilegeSet;
946
947 return STATUS_SUCCESS;
948 }
949
950
951 /* Function 19 */
952 NTSTATUS WINAPI LsarAddPrivilegesToAccount(
953 LSAPR_HANDLE AccountHandle,
954 PLSAPR_PRIVILEGE_SET Privileges)
955 {
956 PLSA_DB_OBJECT AccountObject;
957 PPRIVILEGE_SET CurrentPrivileges = NULL;
958 PPRIVILEGE_SET NewPrivileges = NULL;
959 ULONG PrivilegeSetSize = 0;
960 ULONG PrivilegeCount;
961 ULONG i, j;
962 BOOL bFound;
963 NTSTATUS Status;
964
965 /* Validate the AccountHandle */
966 Status = LsapValidateDbObject(AccountHandle,
967 LsaDbAccountObject,
968 ACCOUNT_ADJUST_PRIVILEGES,
969 &AccountObject);
970 if (!NT_SUCCESS(Status))
971 {
972 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
973 return Status;
974 }
975
976 Status = LsapGetObjectAttribute(AccountObject,
977 L"Privilgs",
978 NULL,
979 &PrivilegeSetSize);
980 if (!NT_SUCCESS(Status) || PrivilegeSetSize == 0)
981 {
982 /* The Privilgs attribute does not exist */
983
984 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
985 (Privileges->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
986 Status = LsapSetObjectAttribute(AccountObject,
987 L"Privilgs",
988 Privileges,
989 PrivilegeSetSize);
990 }
991 else
992 {
993 /* The Privilgs attribute exists */
994
995 /* Allocate memory for the stored privilege set */
996 CurrentPrivileges = MIDL_user_allocate(PrivilegeSetSize);
997 if (CurrentPrivileges == NULL)
998 return STATUS_NO_MEMORY;
999
1000 /* Get the current privilege set */
1001 Status = LsapGetObjectAttribute(AccountObject,
1002 L"Privilgs",
1003 CurrentPrivileges,
1004 &PrivilegeSetSize);
1005 if (!NT_SUCCESS(Status))
1006 {
1007 TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
1008 goto done;
1009 }
1010
1011 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1012 TRACE("Current privilege count: %lu\n", PrivilegeCount);
1013
1014 /* Calculate the number privileges in the combined privilege set */
1015 for (i = 0; i < Privileges->PrivilegeCount; i++)
1016 {
1017 bFound = FALSE;
1018 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1019 {
1020 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1021 &(CurrentPrivileges->Privilege[i].Luid)))
1022 {
1023 bFound = TRUE;
1024 break;
1025 }
1026 }
1027
1028 if (bFound == FALSE)
1029 {
1030 TRACE("Found new privilege\n");
1031 PrivilegeCount++;
1032 }
1033 }
1034 TRACE("New privilege count: %lu\n", PrivilegeCount);
1035
1036 /* Calculate the size of the new privilege set and allocate it */
1037 PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
1038 (PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
1039 NewPrivileges = MIDL_user_allocate(PrivilegeSetSize);
1040 if (NewPrivileges == NULL)
1041 {
1042 Status = STATUS_NO_MEMORY;
1043 goto done;
1044 }
1045
1046 /* Initialize the new privilege set */
1047 NewPrivileges->PrivilegeCount = PrivilegeCount;
1048 NewPrivileges->Control = 0;
1049
1050 /* Copy all privileges from the current privilege set */
1051 RtlCopyLuidAndAttributesArray(CurrentPrivileges->PrivilegeCount,
1052 &(CurrentPrivileges->Privilege[0]),
1053 &(NewPrivileges->Privilege[0]));
1054
1055 /* Add new privileges to the new privilege set */
1056 PrivilegeCount = CurrentPrivileges->PrivilegeCount;
1057 for (i = 0; i < Privileges->PrivilegeCount; i++)
1058 {
1059 bFound = FALSE;
1060 for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
1061 {
1062 if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
1063 &(CurrentPrivileges->Privilege[i].Luid)))
1064 {
1065 /* Overwrite attributes if a matching privilege was found */
1066 NewPrivileges->Privilege[j].Attributes = Privileges->Privilege[i].Attributes;
1067
1068 bFound = TRUE;
1069 break;
1070 }
1071 }
1072
1073 if (bFound == FALSE)
1074 {
1075 /* Copy the new privilege */
1076 RtlCopyLuidAndAttributesArray(1,
1077 (PLUID_AND_ATTRIBUTES)&(Privileges->Privilege[i]),
1078 &(NewPrivileges->Privilege[PrivilegeCount]));
1079 PrivilegeCount++;
1080 }
1081 }
1082
1083 /* Set the new priivliege set */
1084 Status = LsapSetObjectAttribute(AccountObject,
1085 L"Privilgs",
1086 NewPrivileges,
1087 PrivilegeSetSize);
1088 }
1089
1090 done:
1091 if (CurrentPrivileges != NULL)
1092 MIDL_user_free(CurrentPrivileges);
1093
1094 if (NewPrivileges != NULL)
1095 MIDL_user_free(NewPrivileges);
1096
1097 return Status;
1098 }
1099
1100
1101 /* Function 20 */
1102 NTSTATUS WINAPI LsarRemovePrivilegesFromAccount(
1103 LSAPR_HANDLE AccountHandle,
1104 BOOL AllPrivileges,
1105 PLSAPR_PRIVILEGE_SET Privileges)
1106 {
1107 UNIMPLEMENTED;
1108 return STATUS_NOT_IMPLEMENTED;
1109 }
1110
1111
1112 /* Function 21 */
1113 NTSTATUS WINAPI LsarGetQuotasForAccount(
1114 LSAPR_HANDLE AccountHandle,
1115 PQUOTA_LIMITS QuotaLimits)
1116 {
1117 UNIMPLEMENTED;
1118 return STATUS_NOT_IMPLEMENTED;
1119 }
1120
1121
1122 /* Function 22 */
1123 NTSTATUS WINAPI LsarSetQuotasForAccount(
1124 LSAPR_HANDLE AccountHandle,
1125 PQUOTA_LIMITS QuotaLimits)
1126 {
1127 UNIMPLEMENTED;
1128 return STATUS_NOT_IMPLEMENTED;
1129 }
1130
1131
1132 /* Function 23 */
1133 NTSTATUS WINAPI LsarGetSystemAccessAccount(
1134 LSAPR_HANDLE AccountHandle,
1135 ACCESS_MASK *SystemAccess)
1136 {
1137 PLSA_DB_OBJECT AccountObject;
1138 ULONG Size;
1139 NTSTATUS Status;
1140
1141 /* Validate the account handle */
1142 Status = LsapValidateDbObject(AccountHandle,
1143 LsaDbAccountObject,
1144 ACCOUNT_VIEW,
1145 &AccountObject);
1146 if (!NT_SUCCESS(Status))
1147 {
1148 ERR("Invalid handle (Status %lx)\n", Status);
1149 return Status;
1150 }
1151
1152 /* Get the system access flags */
1153 Status = LsapGetObjectAttribute(AccountObject,
1154 L"ActSysAc",
1155 SystemAccess,
1156 &Size);
1157
1158 return Status;
1159 }
1160
1161
1162 /* Function 24 */
1163 NTSTATUS WINAPI LsarSetSystemAccessAccount(
1164 LSAPR_HANDLE AccountHandle,
1165 ACCESS_MASK SystemAccess)
1166 {
1167 PLSA_DB_OBJECT AccountObject;
1168 NTSTATUS Status;
1169
1170 /* Validate the account handle */
1171 Status = LsapValidateDbObject(AccountHandle,
1172 LsaDbAccountObject,
1173 ACCOUNT_ADJUST_SYSTEM_ACCESS,
1174 &AccountObject);
1175 if (!NT_SUCCESS(Status))
1176 {
1177 ERR("Invalid handle (Status %lx)\n", Status);
1178 return Status;
1179 }
1180
1181 /* Set the system access flags */
1182 Status = LsapSetObjectAttribute(AccountObject,
1183 L"ActSysAc",
1184 &SystemAccess,
1185 sizeof(ACCESS_MASK));
1186
1187 return Status;
1188 }
1189
1190
1191 /* Function 25 */
1192 NTSTATUS WINAPI LsarOpenTrustedDomain(
1193 LSAPR_HANDLE PolicyHandle,
1194 PRPC_SID TrustedDomainSid,
1195 ACCESS_MASK DesiredAccess,
1196 LSAPR_HANDLE *TrustedDomainHandle)
1197 {
1198 UNIMPLEMENTED;
1199 return STATUS_NOT_IMPLEMENTED;
1200 }
1201
1202
1203 /* Function 26 */
1204 NTSTATUS WINAPI LsarQueryInfoTrustedDomain(
1205 LSAPR_HANDLE TrustedDomainHandle,
1206 TRUSTED_INFORMATION_CLASS InformationClass,
1207 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
1208 {
1209 UNIMPLEMENTED;
1210 return STATUS_NOT_IMPLEMENTED;
1211 }
1212
1213
1214 /* Function 27 */
1215 NTSTATUS WINAPI LsarSetInformationTrustedDomain(
1216 LSAPR_HANDLE TrustedDomainHandle,
1217 TRUSTED_INFORMATION_CLASS InformationClass,
1218 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
1219 {
1220 UNIMPLEMENTED;
1221 return STATUS_NOT_IMPLEMENTED;
1222 }
1223
1224
1225 /* Function 28 */
1226 NTSTATUS WINAPI LsarOpenSecret(
1227 LSAPR_HANDLE PolicyHandle,
1228 PRPC_UNICODE_STRING SecretName,
1229 ACCESS_MASK DesiredAccess,
1230 LSAPR_HANDLE *SecretHandle)
1231 {
1232 PLSA_DB_OBJECT PolicyObject;
1233 PLSA_DB_OBJECT SecretsObject = NULL;
1234 PLSA_DB_OBJECT SecretObject = NULL;
1235 NTSTATUS Status = STATUS_SUCCESS;
1236
1237 /* Validate the PolicyHandle */
1238 Status = LsapValidateDbObject(PolicyHandle,
1239 LsaDbPolicyObject,
1240 POLICY_CREATE_SECRET,
1241 &PolicyObject);
1242 if (!NT_SUCCESS(Status))
1243 {
1244 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1245 return Status;
1246 }
1247
1248 /* Open the Secrets object */
1249 Status = LsapOpenDbObject(PolicyObject,
1250 L"Secrets",
1251 LsaDbContainerObject,
1252 0,
1253 &SecretsObject);
1254 if (!NT_SUCCESS(Status))
1255 {
1256 ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status);
1257 goto done;
1258 }
1259
1260 /* Create the secret object */
1261 Status = LsapOpenDbObject(SecretsObject,
1262 SecretName->Buffer,
1263 LsaDbSecretObject,
1264 DesiredAccess,
1265 &SecretObject);
1266 if (!NT_SUCCESS(Status))
1267 {
1268 ERR("LsapOpenDbObject (Secret) failed (Status 0x%08lx)\n", Status);
1269 goto done;
1270 }
1271
1272 done:
1273 if (!NT_SUCCESS(Status))
1274 {
1275 if (SecretObject != NULL)
1276 LsapCloseDbObject(SecretObject);
1277 }
1278 else
1279 {
1280 *SecretHandle = (LSAPR_HANDLE)SecretObject;
1281 }
1282
1283 if (SecretsObject != NULL)
1284 LsapCloseDbObject(SecretsObject);
1285
1286 return STATUS_SUCCESS;
1287 }
1288
1289
1290 /* Function 29 */
1291 NTSTATUS WINAPI LsarSetSecret(
1292 LSAPR_HANDLE SecretHandle,
1293 PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue,
1294 PLSAPR_CR_CIPHER_VALUE EncryptedOldValue)
1295 {
1296 PLSA_DB_OBJECT SecretObject;
1297 PBYTE CurrentValue = NULL;
1298 PBYTE OldValue = NULL;
1299 ULONG CurrentValueLength = 0;
1300 ULONG OldValueLength = 0;
1301 LARGE_INTEGER Time;
1302 NTSTATUS Status;
1303
1304 TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle,
1305 EncryptedCurrentValue, EncryptedOldValue);
1306
1307 /* Validate the SecretHandle */
1308 Status = LsapValidateDbObject(SecretHandle,
1309 LsaDbSecretObject,
1310 SECRET_SET_VALUE,
1311 &SecretObject);
1312 if (!NT_SUCCESS(Status))
1313 {
1314 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1315 return Status;
1316 }
1317
1318 if (EncryptedCurrentValue != NULL)
1319 {
1320 /* FIXME: Decrypt the current value */
1321 CurrentValue = EncryptedCurrentValue->Buffer;
1322 CurrentValueLength = EncryptedCurrentValue->MaximumLength;
1323 }
1324
1325 /* Set the current value */
1326 Status = LsapSetObjectAttribute(SecretObject,
1327 L"CurrentValue",
1328 CurrentValue,
1329 CurrentValueLength);
1330 if (!NT_SUCCESS(Status))
1331 {
1332 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1333 goto done;
1334 }
1335
1336 /* Get the current time */
1337 Status = NtQuerySystemTime(&Time);
1338 if (!NT_SUCCESS(Status))
1339 {
1340 ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
1341 goto done;
1342 }
1343
1344 /* Set the current time */
1345 Status = LsapSetObjectAttribute(SecretObject,
1346 L"CurrentTime",
1347 &Time,
1348 sizeof(LARGE_INTEGER));
1349 if (!NT_SUCCESS(Status))
1350 {
1351 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1352 goto done;
1353 }
1354
1355 if (EncryptedOldValue != NULL)
1356 {
1357 /* FIXME: Decrypt the old value */
1358 OldValue = EncryptedOldValue->Buffer;
1359 OldValueLength = EncryptedOldValue->MaximumLength;
1360 }
1361
1362 /* Set the old value */
1363 Status = LsapSetObjectAttribute(SecretObject,
1364 L"OldValue",
1365 OldValue,
1366 OldValueLength);
1367 if (!NT_SUCCESS(Status))
1368 {
1369 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1370 goto done;
1371 }
1372
1373 /* Set the old time */
1374 Status = LsapSetObjectAttribute(SecretObject,
1375 L"OldTime",
1376 &Time,
1377 sizeof(LARGE_INTEGER));
1378 if (!NT_SUCCESS(Status))
1379 {
1380 ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
1381 }
1382
1383 done:
1384 return Status;
1385 }
1386
1387
1388 /* Function 30 */
1389 NTSTATUS WINAPI LsarQuerySecret(
1390 LSAPR_HANDLE SecretHandle,
1391 PLSAPR_CR_CIPHER_VALUE *EncryptedCurrentValue,
1392 PLARGE_INTEGER CurrentValueSetTime,
1393 PLSAPR_CR_CIPHER_VALUE *EncryptedOldValue,
1394 PLARGE_INTEGER OldValueSetTime)
1395 {
1396 PLSA_DB_OBJECT SecretObject;
1397 PLSAPR_CR_CIPHER_VALUE EncCurrentValue = NULL;
1398 PLSAPR_CR_CIPHER_VALUE EncOldValue = NULL;
1399 PBYTE CurrentValue = NULL;
1400 PBYTE OldValue = NULL;
1401 ULONG CurrentValueLength = 0;
1402 ULONG OldValueLength = 0;
1403 ULONG BufferSize;
1404 NTSTATUS Status;
1405
1406 TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle,
1407 EncryptedCurrentValue, CurrentValueSetTime,
1408 EncryptedOldValue, OldValueSetTime);
1409
1410 /* Validate the SecretHandle */
1411 Status = LsapValidateDbObject(SecretHandle,
1412 LsaDbSecretObject,
1413 SECRET_QUERY_VALUE,
1414 &SecretObject);
1415 if (!NT_SUCCESS(Status))
1416 {
1417 ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
1418 return Status;
1419 }
1420
1421 if (EncryptedCurrentValue != NULL)
1422 {
1423 CurrentValueLength = 0;
1424
1425 /* Get the size of the current value */
1426 Status = LsapGetObjectAttribute(SecretObject,
1427 L"CurrentValue",
1428 NULL,
1429 &CurrentValueLength);
1430 if (!NT_SUCCESS(Status))
1431 goto done;
1432
1433 /* Allocate a buffer for the current value */
1434 CurrentValue = midl_user_allocate(CurrentValueLength);
1435 if (CurrentValue == NULL)
1436 {
1437 Status = STATUS_INSUFFICIENT_RESOURCES;
1438 goto done;
1439 }
1440
1441 /* Get the current value */
1442 Status = LsapGetObjectAttribute(SecretObject,
1443 L"CurrentValue",
1444 CurrentValue,
1445 &CurrentValueLength);
1446 if (!NT_SUCCESS(Status))
1447 goto done;
1448
1449 /* Allocate a buffer for the encrypted current value */
1450 EncCurrentValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE));
1451 if (EncCurrentValue == NULL)
1452 {
1453 Status = STATUS_INSUFFICIENT_RESOURCES;
1454 goto done;
1455 }
1456
1457 /* FIXME: Encrypt the current value */
1458 EncCurrentValue->Length = (USHORT)(CurrentValueLength - sizeof(WCHAR));
1459 EncCurrentValue->MaximumLength = (USHORT)CurrentValueLength;
1460 EncCurrentValue->Buffer = (PBYTE)CurrentValue;
1461 }
1462
1463 if (CurrentValueSetTime != NULL)
1464 {
1465 BufferSize = sizeof(LARGE_INTEGER);
1466
1467 /* Get the current value time */
1468 Status = LsapGetObjectAttribute(SecretObject,
1469 L"CurrentTime",
1470 (PBYTE)CurrentValueSetTime,
1471 &BufferSize);
1472 if (!NT_SUCCESS(Status))
1473 goto done;
1474 }
1475
1476 if (EncryptedOldValue != NULL)
1477 {
1478 OldValueLength = 0;
1479
1480 /* Get the size of the old value */
1481 Status = LsapGetObjectAttribute(SecretObject,
1482 L"OldValue",
1483 NULL,
1484 &OldValueLength);
1485 if (!NT_SUCCESS(Status))
1486 goto done;
1487
1488 /* Allocate a buffer for the old value */
1489 OldValue = midl_user_allocate(OldValueLength);
1490 if (OldValue == NULL)
1491 {
1492 Status = STATUS_INSUFFICIENT_RESOURCES;
1493 goto done;
1494 }
1495
1496 /* Get the old value */
1497 Status = LsapGetObjectAttribute(SecretObject,
1498 L"OldValue",
1499 OldValue,
1500 &OldValueLength);
1501 if (!NT_SUCCESS(Status))
1502 goto done;
1503
1504 /* Allocate a buffer for the encrypted old value */
1505 EncOldValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE) + OldValueLength);
1506 if (EncOldValue == NULL)
1507 {
1508 Status = STATUS_INSUFFICIENT_RESOURCES;
1509 goto done;
1510 }
1511
1512 /* FIXME: Encrypt the old value */
1513 EncOldValue->Length = (USHORT)(OldValueLength - sizeof(WCHAR));
1514 EncOldValue->MaximumLength = (USHORT)OldValueLength;
1515 EncOldValue->Buffer = (PBYTE)OldValue;
1516 }
1517
1518 if (OldValueSetTime != NULL)
1519 {
1520 BufferSize = sizeof(LARGE_INTEGER);
1521
1522 /* Get the old value time */
1523 Status = LsapGetObjectAttribute(SecretObject,
1524 L"OldTime",
1525 (PBYTE)OldValueSetTime,
1526 &BufferSize);
1527 if (!NT_SUCCESS(Status))
1528 goto done;
1529 }
1530
1531
1532 done:
1533 if (NT_SUCCESS(Status))
1534 {
1535 if (EncryptedCurrentValue != NULL)
1536 *EncryptedCurrentValue = EncCurrentValue;
1537
1538 if (EncryptedOldValue != NULL)
1539 *EncryptedOldValue = EncOldValue;
1540 }
1541 else
1542 {
1543 if (EncryptedCurrentValue != NULL)
1544 *EncryptedCurrentValue = NULL;
1545
1546 if (EncryptedOldValue != NULL)
1547 *EncryptedOldValue = NULL;
1548
1549 if (EncCurrentValue != NULL)
1550 midl_user_free(EncCurrentValue);
1551
1552 if (EncOldValue != NULL)
1553 midl_user_free(EncOldValue);
1554
1555 if (CurrentValue != NULL)
1556 midl_user_free(CurrentValue);
1557
1558 if (OldValue != NULL)
1559 midl_user_free(OldValue);
1560 }
1561
1562 TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status);
1563
1564 return Status;
1565 }
1566
1567
1568 /* Function 31 */
1569 NTSTATUS WINAPI LsarLookupPrivilegeValue(
1570 LSAPR_HANDLE PolicyHandle,
1571 PRPC_UNICODE_STRING Name,
1572 PLUID Value)
1573 {
1574 NTSTATUS Status;
1575
1576 TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
1577 PolicyHandle, Name, Value);
1578
1579 Status = LsapValidateDbObject(PolicyHandle,
1580 LsaDbPolicyObject,
1581 POLICY_LOOKUP_NAMES,
1582 NULL);
1583 if (!NT_SUCCESS(Status))
1584 {
1585 ERR("Invalid handle (Status %lx)\n", Status);
1586 return Status;
1587 }
1588
1589 TRACE("Privilege: %wZ\n", Name);
1590
1591 Status = LsarpLookupPrivilegeValue((PUNICODE_STRING)Name,
1592 Value);
1593
1594 return Status;
1595 }
1596
1597
1598 /* Function 32 */
1599 NTSTATUS WINAPI LsarLookupPrivilegeName(
1600 LSAPR_HANDLE PolicyHandle,
1601 PLUID Value,
1602 PRPC_UNICODE_STRING *Name)
1603 {
1604 NTSTATUS Status;
1605
1606 TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
1607 PolicyHandle, Value, Name);
1608
1609 Status = LsapValidateDbObject(PolicyHandle,
1610 LsaDbPolicyObject,
1611 POLICY_LOOKUP_NAMES,
1612 NULL);
1613 if (!NT_SUCCESS(Status))
1614 {
1615 ERR("Invalid handle\n");
1616 return Status;
1617 }
1618
1619 Status = LsarpLookupPrivilegeName(Value, (PUNICODE_STRING*)Name);
1620
1621 return Status;
1622 }
1623
1624
1625 /* Function 33 */
1626 NTSTATUS WINAPI LsarLookupPrivilegeDisplayName(
1627 LSAPR_HANDLE PolicyHandle,
1628 PRPC_UNICODE_STRING Name,
1629 USHORT ClientLanguage,
1630 USHORT ClientSystemDefaultLanguage,
1631 PRPC_UNICODE_STRING *DisplayName,
1632 USHORT *LanguageReturned)
1633 {
1634 UNIMPLEMENTED;
1635 return STATUS_NOT_IMPLEMENTED;
1636 }
1637
1638
1639 /* Function 34 */
1640 NTSTATUS WINAPI LsarDeleteObject(
1641 LSAPR_HANDLE *ObjectHandle)
1642 {
1643 UNIMPLEMENTED;
1644 return STATUS_NOT_IMPLEMENTED;
1645 }
1646
1647
1648 /* Function 35 */
1649 NTSTATUS WINAPI LsarEnumerateAccountsWithUserRight(
1650 LSAPR_HANDLE PolicyHandle,
1651 PRPC_UNICODE_STRING UserRight,
1652 PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer)
1653 {
1654 UNIMPLEMENTED;
1655 return STATUS_NOT_IMPLEMENTED;
1656 }
1657
1658
1659 /* Function 36 */
1660 NTSTATUS WINAPI LsarEnmuerateAccountRights(
1661 LSAPR_HANDLE PolicyHandle,
1662 PRPC_SID AccountSid,
1663 PLSAPR_USER_RIGHT_SET UserRights)
1664 {
1665 PLSA_DB_OBJECT PolicyObject;
1666 NTSTATUS Status;
1667
1668 FIXME("(%p,%p,%p) stub\n", PolicyHandle, AccountSid, UserRights);
1669
1670 Status = LsapValidateDbObject(PolicyHandle,
1671 LsaDbPolicyObject,
1672 ACCOUNT_VIEW,
1673 &PolicyObject);
1674 if (!NT_SUCCESS(Status))
1675 return Status;
1676
1677 UserRights->Entries = 0;
1678 UserRights->UserRights = NULL;
1679 return STATUS_OBJECT_NAME_NOT_FOUND;
1680 }
1681
1682
1683 /* Function 37 */
1684 NTSTATUS WINAPI LsarAddAccountRights(
1685 LSAPR_HANDLE PolicyHandle,
1686 PRPC_SID AccountSid,
1687 PLSAPR_USER_RIGHT_SET UserRights)
1688 {
1689 UNIMPLEMENTED;
1690 return STATUS_NOT_IMPLEMENTED;
1691 }
1692
1693
1694 /* Function 38 */
1695 NTSTATUS WINAPI LsarRemoveAccountRights(
1696 LSAPR_HANDLE PolicyHandle,
1697 PRPC_SID AccountSid,
1698 BOOL AllRights,
1699 PLSAPR_USER_RIGHT_SET UserRights)
1700 {
1701 UNIMPLEMENTED;
1702 return STATUS_NOT_IMPLEMENTED;
1703 }
1704
1705
1706 /* Function 39 */
1707 NTSTATUS WINAPI LsarQueryTrustedDomainInfo(
1708 LSAPR_HANDLE PolicyHandle,
1709 PRPC_SID TrustedDomainSid,
1710 TRUSTED_INFORMATION_CLASS InformationClass,
1711 PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
1712 {
1713 UNIMPLEMENTED;
1714 return STATUS_NOT_IMPLEMENTED;
1715 }
1716
1717
1718 /* Function 40 */
1719 NTSTATUS WINAPI LsarSetTrustedDomainInfo(
1720 LSAPR_HANDLE PolicyHandle,
1721 PRPC_SID TrustedDomainSid,
1722 TRUSTED_INFORMATION_CLASS InformationClass,
1723 PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
1724 {
1725 UNIMPLEMENTED;
1726 return STATUS_NOT_IMPLEMENTED;
1727 }
1728
1729
1730 /* Function 41 */
1731 NTSTATUS WINAPI LsarDeleteTrustedDomain(
1732 LSAPR_HANDLE PolicyHandle,
1733 PRPC_SID TrustedDomainSid)
1734 {
1735 UNIMPLEMENTED;
1736 return STATUS_NOT_IMPLEMENTED;
1737 }
1738
1739
1740 /* Function 42 */
1741 NTSTATUS WINAPI LsarStorePrivateData(
1742 LSAPR_HANDLE PolicyHandle,
1743 PRPC_UNICODE_STRING KeyName,
1744 PLSAPR_CR_CIPHER_VALUE EncryptedData)
1745 {
1746 UNIMPLEMENTED;
1747 return STATUS_NOT_IMPLEMENTED;
1748 }
1749
1750
1751 /* Function 43 */
1752 NTSTATUS WINAPI LsarRetrievePrivateData(
1753 LSAPR_HANDLE PolicyHandle,
1754 PRPC_UNICODE_STRING KeyName,
1755 PLSAPR_CR_CIPHER_VALUE *EncryptedData)
1756 {
1757 UNIMPLEMENTED;
1758 return STATUS_NOT_IMPLEMENTED;
1759 }
1760
1761
1762 /* Function 44 */
1763 NTSTATUS WINAPI LsarOpenPolicy2(
1764 LPWSTR SystemName,
1765 PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
1766 ACCESS_MASK DesiredAccess,
1767 LSAPR_HANDLE *PolicyHandle)
1768 {
1769 UNIMPLEMENTED;
1770 return STATUS_NOT_IMPLEMENTED;
1771 }
1772
1773
1774 /* Function 45 */
1775 NTSTATUS WINAPI LsarGetUserName(
1776 LPWSTR SystemName,
1777 PRPC_UNICODE_STRING *UserName,
1778 PRPC_UNICODE_STRING *DomainName)
1779 {
1780 UNIMPLEMENTED;
1781 return STATUS_NOT_IMPLEMENTED;
1782 }
1783
1784
1785 /* Function 46 */
1786 NTSTATUS WINAPI LsarQueryInformationPolicy2(
1787 LSAPR_HANDLE PolicyHandle,
1788 POLICY_INFORMATION_CLASS InformationClass,
1789 PLSAPR_POLICY_INFORMATION *PolicyInformation)
1790 {
1791 return LsarQueryInformationPolicy(PolicyHandle,
1792 InformationClass,
1793 PolicyInformation);
1794 }
1795
1796
1797 /* Function 47 */
1798 NTSTATUS WINAPI LsarSetInformationPolicy2(
1799 LSAPR_HANDLE PolicyHandle,
1800 POLICY_INFORMATION_CLASS InformationClass,
1801 PLSAPR_POLICY_INFORMATION PolicyInformation)
1802 {
1803 return LsarSetInformationPolicy(PolicyHandle,
1804 InformationClass,
1805 PolicyInformation);
1806 }
1807
1808
1809 /* Function 48 */
1810 NTSTATUS WINAPI LsarQueryTrustedDomainInfoByName(
1811 LSAPR_HANDLE PolicyHandle,
1812 PRPC_UNICODE_STRING TrustedDomainName,
1813 POLICY_INFORMATION_CLASS InformationClass,
1814 unsigned long *PolicyInformation)
1815 {
1816 UNIMPLEMENTED;
1817 return STATUS_NOT_IMPLEMENTED;
1818 }
1819
1820
1821 /* Function 49 */
1822 NTSTATUS WINAPI LsarSetTrustedDomainInfoByName(
1823 LSAPR_HANDLE PolicyHandle,
1824 PRPC_UNICODE_STRING TrustedDomainName,
1825 POLICY_INFORMATION_CLASS InformationClass,
1826 unsigned long PolicyInformation)
1827 {
1828 UNIMPLEMENTED;
1829 return STATUS_NOT_IMPLEMENTED;
1830 }
1831
1832
1833 /* Function 50 */
1834 NTSTATUS WINAPI LsarEnumerateTrustedDomainsEx(
1835 LSAPR_HANDLE PolicyHandle,
1836 DWORD *EnumerationContext,
1837 PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer,
1838 DWORD PreferedMaximumLength)
1839 {
1840 UNIMPLEMENTED;
1841 return STATUS_NOT_IMPLEMENTED;
1842 }
1843
1844
1845 /* Function 51 */
1846 NTSTATUS WINAPI LsarCreateTrustedDomainEx(
1847 LSAPR_HANDLE PolicyHandle,
1848 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
1849 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation,
1850 ACCESS_MASK DesiredAccess,
1851 LSAPR_HANDLE *TrustedDomainHandle)
1852 {
1853 UNIMPLEMENTED;
1854 return STATUS_NOT_IMPLEMENTED;
1855 }
1856
1857
1858 /* Function 52 */
1859 NTSTATUS WINAPI LsarSetPolicyReplicationHandle(
1860 PLSAPR_HANDLE PolicyHandle)
1861 {
1862 /* Deprecated */
1863 return STATUS_NOT_IMPLEMENTED;
1864 }
1865
1866
1867 /* Function 53 */
1868 NTSTATUS WINAPI LsarQueryDomainInformationPolicy(
1869 LSAPR_HANDLE PolicyHandle,
1870 POLICY_INFORMATION_CLASS InformationClass,
1871 unsigned long *PolicyInformation)
1872 {
1873 UNIMPLEMENTED;
1874 return STATUS_NOT_IMPLEMENTED;
1875 }
1876
1877
1878 /* Function 54 */
1879 NTSTATUS WINAPI LsarSetDomainInformationPolicy(
1880 LSAPR_HANDLE PolicyHandle,
1881 POLICY_INFORMATION_CLASS InformationClass,
1882 unsigned long PolicyInformation)
1883 {
1884 UNIMPLEMENTED;
1885 return STATUS_NOT_IMPLEMENTED;
1886 }
1887
1888
1889 /* Function 55 */
1890 NTSTATUS WINAPI LsarOpenTrustedDomainByName(
1891 LSAPR_HANDLE PolicyHandle,
1892 PRPC_UNICODE_STRING TrustedDomainName,
1893 ACCESS_MASK DesiredAccess,
1894 LSAPR_HANDLE *TrustedDomainHandle)
1895 {
1896 UNIMPLEMENTED;
1897 return STATUS_NOT_IMPLEMENTED;
1898 }
1899
1900
1901 /* Function 56 */
1902 NTSTATUS WINAPI LsarTestCall(
1903 handle_t hBinding)
1904 {
1905 UNIMPLEMENTED;
1906 return STATUS_NOT_IMPLEMENTED;
1907 }
1908
1909
1910 /* Function 57 */
1911 NTSTATUS WINAPI LsarLookupSids2(
1912 LSAPR_HANDLE PolicyHandle,
1913 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
1914 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1915 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
1916 LSAP_LOOKUP_LEVEL LookupLevel,
1917 DWORD *MappedCount,
1918 DWORD LookupOptions,
1919 DWORD ClientRevision)
1920 {
1921 UNIMPLEMENTED;
1922 return STATUS_NOT_IMPLEMENTED;
1923 }
1924
1925
1926 /* Function 58 */
1927 NTSTATUS WINAPI LsarLookupNames2(
1928 LSAPR_HANDLE PolicyHandle,
1929 DWORD Count,
1930 PRPC_UNICODE_STRING Names,
1931 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1932 PLSAPR_TRANSLATED_SIDS_EX TranslatedSids,
1933 LSAP_LOOKUP_LEVEL LookupLevel,
1934 DWORD *MappedCount,
1935 DWORD LookupOptions,
1936 DWORD ClientRevision)
1937 {
1938 UNIMPLEMENTED;
1939 return STATUS_NOT_IMPLEMENTED;
1940 }
1941
1942
1943 /* Function 59 */
1944 NTSTATUS WINAPI LsarCreateTrustedDomainEx2(
1945 LSAPR_HANDLE PolicyHandle,
1946 PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
1947 PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation,
1948 ACCESS_MASK DesiredAccess,
1949 LSAPR_HANDLE *TrustedDomainHandle)
1950 {
1951 UNIMPLEMENTED;
1952 return STATUS_NOT_IMPLEMENTED;
1953 }
1954
1955
1956 /* Function 60 */
1957 NTSTATUS WINAPI CredrWrite(
1958 handle_t hBinding)
1959 {
1960 UNIMPLEMENTED;
1961 return STATUS_NOT_IMPLEMENTED;
1962 }
1963
1964
1965 /* Function 61 */
1966 NTSTATUS WINAPI CredrRead(
1967 handle_t hBinding)
1968 {
1969 UNIMPLEMENTED;
1970 return STATUS_NOT_IMPLEMENTED;
1971 }
1972
1973
1974 /* Function 62 */
1975 NTSTATUS WINAPI CredrEnumerate(
1976 handle_t hBinding)
1977 {
1978 UNIMPLEMENTED;
1979 return STATUS_NOT_IMPLEMENTED;
1980 }
1981
1982
1983 /* Function 63 */
1984 NTSTATUS WINAPI CredrWriteDomainCredentials(
1985 handle_t hBinding)
1986 {
1987 UNIMPLEMENTED;
1988 return STATUS_NOT_IMPLEMENTED;
1989 }
1990
1991
1992 /* Function 64 */
1993 NTSTATUS WINAPI CredrReadDomainCredentials(
1994 handle_t hBinding)
1995 {
1996 UNIMPLEMENTED;
1997 return STATUS_NOT_IMPLEMENTED;
1998 }
1999
2000
2001 /* Function 65 */
2002 NTSTATUS WINAPI CredrDelete(
2003 handle_t hBinding)
2004 {
2005 UNIMPLEMENTED;
2006 return STATUS_NOT_IMPLEMENTED;
2007 }
2008
2009
2010 /* Function 66 */
2011 NTSTATUS WINAPI CredrGetTargetInfo(
2012 handle_t hBinding)
2013 {
2014 UNIMPLEMENTED;
2015 return STATUS_NOT_IMPLEMENTED;
2016 }
2017
2018
2019 /* Function 67 */
2020 NTSTATUS WINAPI CredrProfileLoaded(
2021 handle_t hBinding)
2022 {
2023 UNIMPLEMENTED;
2024 return STATUS_NOT_IMPLEMENTED;
2025 }
2026
2027
2028 /* Function 68 */
2029 NTSTATUS WINAPI LsarLookupNames3(
2030 LSAPR_HANDLE PolicyHandle,
2031 DWORD Count,
2032 PRPC_UNICODE_STRING Names,
2033 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2034 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
2035 LSAP_LOOKUP_LEVEL LookupLevel,
2036 DWORD *MappedCount,
2037 DWORD LookupOptions,
2038 DWORD ClientRevision)
2039 {
2040 SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
2041 static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
2042 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer = NULL;
2043 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer = NULL;
2044 ULONG SidsBufferLength;
2045 ULONG DomainSidLength;
2046 ULONG AccountSidLength;
2047 PSID DomainSid;
2048 PSID AccountSid;
2049 ULONG i;
2050 NTSTATUS Status;
2051
2052 TRACE("LsarLookupNames3(%p, %lu, %p, %p, %p, %d, %p, %lu, %lu)\n",
2053 PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
2054 LookupLevel, MappedCount, LookupOptions, ClientRevision);
2055
2056 if (Count == 0)
2057 return STATUS_NONE_MAPPED;
2058
2059 TranslatedSids->Entries = Count;
2060 TranslatedSids->Sids = NULL;
2061 *ReferencedDomains = NULL;
2062
2063 SidsBufferLength = Count * sizeof(LSAPR_TRANSLATED_SID_EX2);
2064 SidsBuffer = MIDL_user_allocate(SidsBufferLength);
2065 if (SidsBuffer == NULL)
2066 return STATUS_INSUFFICIENT_RESOURCES;
2067
2068 for (i = 0; i < Count; i++)
2069 {
2070 SidsBuffer[i].Use = SidTypeUser;
2071 SidsBuffer[i].Sid = NULL;
2072 SidsBuffer[i].DomainIndex = -1;
2073 SidsBuffer[i].Flags = 0;
2074 }
2075
2076 DomainsBuffer = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
2077 if (DomainsBuffer == NULL)
2078 {
2079 MIDL_user_free(SidsBuffer);
2080 return STATUS_INSUFFICIENT_RESOURCES;
2081 }
2082
2083 DomainsBuffer->Entries = Count;
2084 DomainsBuffer->Domains = MIDL_user_allocate(Count * sizeof(LSA_TRUST_INFORMATION));
2085 if (DomainsBuffer->Domains == NULL)
2086 {
2087 MIDL_user_free(DomainsBuffer);
2088 MIDL_user_free(SidsBuffer);
2089 return STATUS_INSUFFICIENT_RESOURCES;
2090 }
2091
2092 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
2093 2,
2094 SECURITY_BUILTIN_DOMAIN_RID,
2095 DOMAIN_ALIAS_RID_ADMINS,
2096 0, 0, 0, 0, 0, 0,
2097 &DomainSid);
2098 if (!NT_SUCCESS(Status))
2099 {
2100 MIDL_user_free(DomainsBuffer->Domains);
2101 MIDL_user_free(DomainsBuffer);
2102 MIDL_user_free(SidsBuffer);
2103 return Status;
2104 }
2105
2106 DomainSidLength = RtlLengthSid(DomainSid);
2107
2108 for (i = 0; i < Count; i++)
2109 {
2110 DomainsBuffer->Domains[i].Sid = MIDL_user_allocate(DomainSidLength);
2111 RtlCopyMemory(DomainsBuffer->Domains[i].Sid,
2112 DomainSid,
2113 DomainSidLength);
2114
2115 DomainsBuffer->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength);
2116 DomainsBuffer->Domains[i].Name.Length = DomainName.Length;
2117 DomainsBuffer->Domains[i].Name.MaximumLength = DomainName.MaximumLength;
2118 RtlCopyMemory(DomainsBuffer->Domains[i].Name.Buffer,
2119 DomainName.Buffer,
2120 DomainName.MaximumLength);
2121 }
2122
2123 Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
2124 3,
2125 SECURITY_BUILTIN_DOMAIN_RID,
2126 DOMAIN_ALIAS_RID_ADMINS,
2127 DOMAIN_USER_RID_ADMIN,
2128 0, 0, 0, 0, 0,
2129 &AccountSid);
2130 if (!NT_SUCCESS(Status))
2131 {
2132 MIDL_user_free(DomainsBuffer->Domains);
2133 MIDL_user_free(DomainsBuffer);
2134 MIDL_user_free(SidsBuffer);
2135 return Status;
2136 }
2137
2138 AccountSidLength = RtlLengthSid(AccountSid);
2139
2140 for (i = 0; i < Count; i++)
2141 {
2142 SidsBuffer[i].Use = SidTypeWellKnownGroup;
2143 SidsBuffer[i].Sid = MIDL_user_allocate(AccountSidLength);
2144
2145 RtlCopyMemory(SidsBuffer[i].Sid,
2146 AccountSid,
2147 AccountSidLength);
2148
2149 SidsBuffer[i].DomainIndex = i;
2150 SidsBuffer[i].Flags = 0;
2151 }
2152
2153 *ReferencedDomains = DomainsBuffer;
2154 *MappedCount = Count;
2155
2156 TranslatedSids->Entries = Count;
2157 TranslatedSids->Sids = SidsBuffer;
2158
2159 return STATUS_SUCCESS;
2160 }
2161
2162
2163 /* Function 69 */
2164 NTSTATUS WINAPI CredrGetSessionTypes(
2165 handle_t hBinding)
2166 {
2167 UNIMPLEMENTED;
2168 return STATUS_NOT_IMPLEMENTED;
2169 }
2170
2171
2172 /* Function 70 */
2173 NTSTATUS WINAPI LsarRegisterAuditEvent(
2174 handle_t hBinding)
2175 {
2176 UNIMPLEMENTED;
2177 return STATUS_NOT_IMPLEMENTED;
2178 }
2179
2180
2181 /* Function 71 */
2182 NTSTATUS WINAPI LsarGenAuditEvent(
2183 handle_t hBinding)
2184 {
2185 UNIMPLEMENTED;
2186 return STATUS_NOT_IMPLEMENTED;
2187 }
2188
2189
2190 /* Function 72 */
2191 NTSTATUS WINAPI LsarUnregisterAuditEvent(
2192 handle_t hBinding)
2193 {
2194 UNIMPLEMENTED;
2195 return STATUS_NOT_IMPLEMENTED;
2196 }
2197
2198
2199 /* Function 73 */
2200 NTSTATUS WINAPI LsarQueryForestTrustInformation(
2201 LSAPR_HANDLE PolicyHandle,
2202 PLSA_UNICODE_STRING TrustedDomainName,
2203 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
2204 PLSA_FOREST_TRUST_INFORMATION *ForestTrustInfo)
2205 {
2206 UNIMPLEMENTED;
2207 return STATUS_NOT_IMPLEMENTED;
2208 }
2209
2210
2211 /* Function 74 */
2212 NTSTATUS WINAPI LsarSetForestTrustInformation(
2213 LSAPR_HANDLE PolicyHandle,
2214 PLSA_UNICODE_STRING TrustedDomainName,
2215 LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
2216 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo,
2217 BOOL CheckOnly,
2218 PLSA_FOREST_TRUST_COLLISION_INFORMATION *CollisionInfo)
2219 {
2220 UNIMPLEMENTED;
2221 return STATUS_NOT_IMPLEMENTED;
2222 }
2223
2224
2225 /* Function 75 */
2226 NTSTATUS WINAPI CredrRename(
2227 handle_t hBinding)
2228 {
2229 UNIMPLEMENTED;
2230 return STATUS_NOT_IMPLEMENTED;
2231 }
2232
2233
2234 /* Function 76 */
2235 NTSTATUS WINAPI LsarLookupSids3(
2236 LSAPR_HANDLE PolicyHandle,
2237 PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
2238 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2239 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
2240 LSAP_LOOKUP_LEVEL LookupLevel,
2241 DWORD *MappedCount,
2242 DWORD LookupOptions,
2243 DWORD ClientRevision)
2244 {
2245 UNIMPLEMENTED;
2246 return STATUS_NOT_IMPLEMENTED;
2247 }
2248
2249
2250 /* Function 77 */
2251 NTSTATUS WINAPI LsarLookupNames4(
2252 handle_t RpcHandle,
2253 DWORD Count,
2254 PRPC_UNICODE_STRING Names,
2255 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
2256 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
2257 LSAP_LOOKUP_LEVEL LookupLevel,
2258 DWORD *MappedCount,
2259 DWORD LookupOptions,
2260 DWORD ClientRevision)
2261 {
2262 UNIMPLEMENTED;
2263 return STATUS_NOT_IMPLEMENTED;
2264 }
2265
2266
2267 /* Function 78 */
2268 NTSTATUS WINAPI LsarOpenPolicySce(
2269 handle_t hBinding)
2270 {
2271 UNIMPLEMENTED;
2272 return STATUS_NOT_IMPLEMENTED;
2273 }
2274
2275
2276 /* Function 79 */
2277 NTSTATUS WINAPI LsarAdtRegisterSecurityEventSource(
2278 handle_t hBinding)
2279 {
2280 UNIMPLEMENTED;
2281 return STATUS_NOT_IMPLEMENTED;
2282 }
2283
2284
2285 /* Function 80 */
2286 NTSTATUS WINAPI LsarAdtUnregisterSecurityEventSource(
2287 handle_t hBinding)
2288 {
2289 UNIMPLEMENTED;
2290 return STATUS_NOT_IMPLEMENTED;
2291 }
2292
2293
2294 /* Function 81 */
2295 NTSTATUS WINAPI LsarAdtReportSecurityEvent(
2296 handle_t hBinding)
2297 {
2298 UNIMPLEMENTED;
2299 return STATUS_NOT_IMPLEMENTED;
2300 }
2301
2302
2303 /* Function 82 */
2304 NTSTATUS WINAPI CredrFindBestCredential(
2305 handle_t hBinding)
2306 {
2307 UNIMPLEMENTED;
2308 return STATUS_NOT_IMPLEMENTED;
2309 }
2310
2311
2312 /* Function 83 */
2313 NTSTATUS WINAPI LsarSetAuditPolicy(
2314 handle_t hBinding)
2315 {
2316 UNIMPLEMENTED;
2317 return STATUS_NOT_IMPLEMENTED;
2318 }
2319
2320
2321 /* Function 84 */
2322 NTSTATUS WINAPI LsarQueryAuditPolicy(
2323 handle_t hBinding)
2324 {
2325 UNIMPLEMENTED;
2326 return STATUS_NOT_IMPLEMENTED;
2327 }
2328
2329
2330 /* Function 85 */
2331 NTSTATUS WINAPI LsarEnumerateAuditPolicy(
2332 handle_t hBinding)
2333 {
2334 UNIMPLEMENTED;
2335 return STATUS_NOT_IMPLEMENTED;
2336 }
2337
2338
2339 /* Function 86 */
2340 NTSTATUS WINAPI LsarEnumerateAuditCategories(
2341 handle_t hBinding)
2342 {
2343 UNIMPLEMENTED;
2344 return STATUS_NOT_IMPLEMENTED;
2345 }
2346
2347
2348 /* Function 87 */
2349 NTSTATUS WINAPI LsarEnumerateAuditSubCategories(
2350 handle_t hBinding)
2351 {
2352 UNIMPLEMENTED;
2353 return STATUS_NOT_IMPLEMENTED;
2354 }
2355
2356
2357 /* Function 88 */
2358 NTSTATUS WINAPI LsarLookupAuditCategoryName(
2359 handle_t hBinding)
2360 {
2361 UNIMPLEMENTED;
2362 return STATUS_NOT_IMPLEMENTED;
2363 }
2364
2365
2366 /* Function 89 */
2367 NTSTATUS WINAPI LsarLookupAuditSubCategoryName(
2368 handle_t hBinding)
2369 {
2370 UNIMPLEMENTED;
2371 return STATUS_NOT_IMPLEMENTED;
2372 }
2373
2374
2375 /* Function 90 */
2376 NTSTATUS WINAPI LsarSetAuditSecurity(
2377 handle_t hBinding)
2378 {
2379 UNIMPLEMENTED;
2380 return STATUS_NOT_IMPLEMENTED;
2381 }
2382
2383
2384 /* Function 91 */
2385 NTSTATUS WINAPI LsarQueryAuditSecurity(
2386 handle_t hBinding)
2387 {
2388 UNIMPLEMENTED;
2389 return STATUS_NOT_IMPLEMENTED;
2390 }
2391
2392
2393 /* Function 92 */
2394 NTSTATUS WINAPI CredReadByTokenHandle(
2395 handle_t hBinding)
2396 {
2397 UNIMPLEMENTED;
2398 return STATUS_NOT_IMPLEMENTED;
2399 }
2400
2401
2402 /* Function 93 */
2403 NTSTATUS WINAPI CredrRestoreCredentials(
2404 handle_t hBinding)
2405 {
2406 UNIMPLEMENTED;
2407 return STATUS_NOT_IMPLEMENTED;
2408 }
2409
2410
2411 /* Function 94 */
2412 NTSTATUS WINAPI CredrBackupCredentials(
2413 handle_t hBinding)
2414 {
2415 UNIMPLEMENTED;
2416 return STATUS_NOT_IMPLEMENTED;
2417 }
2418
2419 /* EOF */
A free Windows-compatible Operating System