2 * PROJECT: Local Security Authority Server DLL
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: dll/win32/lsasrv/policy.c
5 * PURPOSE: Policy object routines
6 * COPYRIGHT: Copyright 2011 Eric Kohl
9 /* INCLUDES ****************************************************************/
13 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv
);
16 /* FUNCTIONS ***************************************************************/
19 LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject
,
20 PLSAPR_POLICY_PRIMARY_DOM_INFO Info
)
22 PUNICODE_STRING Buffer
;
27 TRACE("LsarSetPrimaryDomain(%p, %p)\n", PolicyObject
, Info
);
29 Length
= sizeof(UNICODE_STRING
) + Info
->Name
.MaximumLength
;
30 Buffer
= RtlAllocateHeap(RtlGetProcessHeap(),
34 return STATUS_INSUFFICIENT_RESOURCES
;
36 Buffer
->Length
= Info
->Name
.Length
;
37 Buffer
->MaximumLength
= Info
->Name
.MaximumLength
;
38 Buffer
->Buffer
= (LPWSTR
)sizeof(UNICODE_STRING
);
39 Ptr
= (LPWSTR
)((ULONG_PTR
)Buffer
+ sizeof(UNICODE_STRING
));
40 memcpy(Ptr
, Info
->Name
.Buffer
, Info
->Name
.MaximumLength
);
42 Status
= LsapSetObjectAttribute(PolicyObject
,
47 RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer
);
49 if (!NT_SUCCESS(Status
))
53 if (Info
->Sid
!= NULL
)
54 Length
= RtlLengthSid(Info
->Sid
);
56 Status
= LsapSetObjectAttribute(PolicyObject
,
66 LsarSetAccountDomain(PLSA_DB_OBJECT PolicyObject
,
67 PLSAPR_POLICY_ACCOUNT_DOM_INFO Info
)
69 PUNICODE_STRING Buffer
;
74 TRACE("LsarSetAccountDomain(%p, %p)\n", PolicyObject
, Info
);
76 Length
= sizeof(UNICODE_STRING
) + Info
->DomainName
.MaximumLength
;
77 Buffer
= RtlAllocateHeap(RtlGetProcessHeap(),
81 return STATUS_INSUFFICIENT_RESOURCES
;
83 Buffer
->Length
= Info
->DomainName
.Length
;
84 Buffer
->MaximumLength
= Info
->DomainName
.MaximumLength
;
85 Buffer
->Buffer
= (LPWSTR
)sizeof(UNICODE_STRING
);
86 Ptr
= (LPWSTR
)((ULONG_PTR
)Buffer
+ sizeof(UNICODE_STRING
));
87 memcpy(Ptr
, Info
->DomainName
.Buffer
, Info
->DomainName
.MaximumLength
);
89 Status
= LsapSetObjectAttribute(PolicyObject
,
94 RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer
);
96 if (!NT_SUCCESS(Status
))
100 if (Info
->Sid
!= NULL
)
101 Length
= RtlLengthSid(Info
->Sid
);
103 Status
= LsapSetObjectAttribute(PolicyObject
,
113 LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject
,
114 PLSAPR_POLICY_DNS_DOMAIN_INFO Info
)
117 return STATUS_NOT_IMPLEMENTED
;
122 LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject
,
123 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
125 PPOLICY_AUDIT_LOG_INFO AuditLogInfo
= NULL
;
129 *PolicyInformation
= NULL
;
131 AttributeSize
= sizeof(POLICY_AUDIT_LOG_INFO
);
132 AuditLogInfo
= MIDL_user_allocate(AttributeSize
);
133 if (AuditLogInfo
== NULL
)
134 return STATUS_INSUFFICIENT_RESOURCES
;
136 Status
= LsapGetObjectAttribute(PolicyObject
,
140 if (!NT_SUCCESS(Status
))
142 MIDL_user_free(AuditLogInfo
);
146 *PolicyInformation
= (PLSAPR_POLICY_INFORMATION
)AuditLogInfo
;
154 LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject
,
155 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
157 PLSAP_POLICY_AUDIT_EVENTS_DATA AuditData
= NULL
;
158 PLSAPR_POLICY_AUDIT_EVENTS_INFO p
= NULL
;
160 NTSTATUS Status
= STATUS_SUCCESS
;
162 *PolicyInformation
= NULL
;
165 Status
= LsapGetObjectAttribute(PolicyObject
,
169 if (!NT_SUCCESS(Status
))
172 if (AttributeSize
> 0)
174 AuditData
= MIDL_user_allocate(AttributeSize
);
175 if (AuditData
== NULL
)
176 return STATUS_INSUFFICIENT_RESOURCES
;
178 Status
= LsapGetObjectAttribute(PolicyObject
,
182 if (!NT_SUCCESS(Status
))
185 p
= MIDL_user_allocate(sizeof(LSAPR_POLICY_AUDIT_EVENTS_INFO
));
188 Status
= STATUS_INSUFFICIENT_RESOURCES
;
192 p
->AuditingMode
= AuditData
->AuditingMode
;
193 p
->MaximumAuditEventCount
= AuditData
->MaximumAuditEventCount
;
195 p
->EventAuditingOptions
= MIDL_user_allocate(AuditData
->MaximumAuditEventCount
* sizeof(DWORD
));
196 if (p
->EventAuditingOptions
== NULL
)
198 Status
= STATUS_INSUFFICIENT_RESOURCES
;
202 memcpy(p
->EventAuditingOptions
,
203 &(AuditData
->AuditEvents
[0]),
204 AuditData
->MaximumAuditEventCount
* sizeof(DWORD
));
207 *PolicyInformation
= (PLSAPR_POLICY_INFORMATION
)p
;
210 if (!NT_SUCCESS(Status
))
212 if (p
->EventAuditingOptions
!= NULL
)
213 MIDL_user_free(p
->EventAuditingOptions
);
219 if (AuditData
!= NULL
)
220 MIDL_user_free(AuditData
);
222 return STATUS_SUCCESS
;
227 LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject
,
228 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
230 PLSAPR_POLICY_PRIMARY_DOM_INFO p
= NULL
;
231 PUNICODE_STRING DomainName
;
235 *PolicyInformation
= NULL
;
237 p
= MIDL_user_allocate(sizeof(LSAPR_POLICY_PRIMARY_DOM_INFO
));
239 return STATUS_INSUFFICIENT_RESOURCES
;
243 Status
= LsapGetObjectAttribute(PolicyObject
,
247 if (!NT_SUCCESS(Status
))
252 if (AttributeSize
> 0)
254 DomainName
= MIDL_user_allocate(AttributeSize
);
255 if (DomainName
== NULL
)
257 Status
= STATUS_INSUFFICIENT_RESOURCES
;
261 Status
= LsapGetObjectAttribute(PolicyObject
,
265 if (Status
== STATUS_SUCCESS
)
267 DomainName
->Buffer
= (LPWSTR
)((ULONG_PTR
)DomainName
+ (ULONG_PTR
)DomainName
->Buffer
);
269 TRACE("PrimaryDomainName: %wZ\n", DomainName
);
271 p
->Name
.Buffer
= MIDL_user_allocate(DomainName
->MaximumLength
);
272 if (p
->Name
.Buffer
== NULL
)
274 MIDL_user_free(DomainName
);
275 Status
= STATUS_INSUFFICIENT_RESOURCES
;
279 p
->Name
.Length
= DomainName
->Length
;
280 p
->Name
.MaximumLength
= DomainName
->MaximumLength
;
281 memcpy(p
->Name
.Buffer
,
283 DomainName
->MaximumLength
);
286 MIDL_user_free(DomainName
);
291 Status
= LsapGetObjectAttribute(PolicyObject
,
295 if (!NT_SUCCESS(Status
))
300 if (AttributeSize
> 0)
302 p
->Sid
= MIDL_user_allocate(AttributeSize
);
305 Status
= STATUS_INSUFFICIENT_RESOURCES
;
309 Status
= LsapGetObjectAttribute(PolicyObject
,
315 *PolicyInformation
= (PLSAPR_POLICY_INFORMATION
)p
;
318 if (!NT_SUCCESS(Status
))
323 MIDL_user_free(p
->Name
.Buffer
);
326 MIDL_user_free(p
->Sid
);
337 LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject
,
338 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
340 PLSAPR_POLICY_PD_ACCOUNT_INFO PdAccountInfo
= NULL
;
342 *PolicyInformation
= NULL
;
344 PdAccountInfo
= MIDL_user_allocate(sizeof(LSAPR_POLICY_PD_ACCOUNT_INFO
));
345 if (PdAccountInfo
== NULL
)
346 return STATUS_INSUFFICIENT_RESOURCES
;
348 PdAccountInfo
->Name
.Length
= 0;
349 PdAccountInfo
->Name
.MaximumLength
= 0;
350 PdAccountInfo
->Name
.Buffer
= NULL
;
352 *PolicyInformation
= (PLSAPR_POLICY_INFORMATION
)PdAccountInfo
;
354 return STATUS_SUCCESS
;
359 LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject
,
360 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
362 PLSAPR_POLICY_ACCOUNT_DOM_INFO p
= NULL
;
363 PUNICODE_STRING DomainName
;
364 ULONG AttributeSize
= 0;
367 *PolicyInformation
= NULL
;
369 p
= MIDL_user_allocate(sizeof(LSAPR_POLICY_ACCOUNT_DOM_INFO
));
371 return STATUS_INSUFFICIENT_RESOURCES
;
374 Status
= LsapGetObjectAttribute(PolicyObject
,
378 if (!NT_SUCCESS(Status
))
383 if (AttributeSize
> 0)
385 DomainName
= MIDL_user_allocate(AttributeSize
);
386 if (DomainName
== NULL
)
388 Status
= STATUS_INSUFFICIENT_RESOURCES
;
392 Status
= LsapGetObjectAttribute(PolicyObject
,
396 if (Status
== STATUS_SUCCESS
)
398 DomainName
->Buffer
= (LPWSTR
)((ULONG_PTR
)DomainName
+ (ULONG_PTR
)DomainName
->Buffer
);
400 TRACE("AccountDomainName: %wZ\n", DomainName
);
402 p
->DomainName
.Buffer
= MIDL_user_allocate(DomainName
->MaximumLength
);
403 if (p
->DomainName
.Buffer
== NULL
)
405 MIDL_user_free(DomainName
);
406 Status
= STATUS_INSUFFICIENT_RESOURCES
;
410 p
->DomainName
.Length
= DomainName
->Length
;
411 p
->DomainName
.MaximumLength
= DomainName
->MaximumLength
;
412 memcpy(p
->DomainName
.Buffer
,
414 DomainName
->MaximumLength
);
417 MIDL_user_free(DomainName
);
422 Status
= LsapGetObjectAttribute(PolicyObject
,
426 if (!NT_SUCCESS(Status
))
431 if (AttributeSize
> 0)
433 p
->Sid
= MIDL_user_allocate(AttributeSize
);
436 Status
= STATUS_INSUFFICIENT_RESOURCES
;
440 Status
= LsapGetObjectAttribute(PolicyObject
,
446 *PolicyInformation
= (PLSAPR_POLICY_INFORMATION
)p
;
449 if (!NT_SUCCESS(Status
))
453 if (p
->DomainName
.Buffer
)
454 MIDL_user_free(p
->DomainName
.Buffer
);
457 MIDL_user_free(p
->Sid
);
468 LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject
,
469 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
471 PPOLICY_LSA_SERVER_ROLE_INFO ServerRoleInfo
= NULL
;
475 *PolicyInformation
= NULL
;
477 AttributeSize
= sizeof(POLICY_LSA_SERVER_ROLE_INFO
);
478 ServerRoleInfo
= MIDL_user_allocate(AttributeSize
);
479 if (ServerRoleInfo
== NULL
)
480 return STATUS_INSUFFICIENT_RESOURCES
;
482 Status
= LsapGetObjectAttribute(PolicyObject
,
486 if (Status
== STATUS_OBJECT_NAME_NOT_FOUND
)
488 ServerRoleInfo
->LsaServerRole
= PolicyServerRolePrimary
;
489 Status
= STATUS_SUCCESS
;
492 if (!NT_SUCCESS(Status
))
494 MIDL_user_free(ServerRoleInfo
);
498 *PolicyInformation
= (PLSAPR_POLICY_INFORMATION
)ServerRoleInfo
;
506 LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject
,
507 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
509 PPOLICY_DEFAULT_QUOTA_INFO QuotaInfo
= NULL
;
513 *PolicyInformation
= NULL
;
515 AttributeSize
= sizeof(POLICY_DEFAULT_QUOTA_INFO
);
516 QuotaInfo
= MIDL_user_allocate(AttributeSize
);
517 if (QuotaInfo
== NULL
)
518 return STATUS_INSUFFICIENT_RESOURCES
;
520 Status
= LsapGetObjectAttribute(PolicyObject
,
524 if (!NT_SUCCESS(Status
))
526 MIDL_user_free(QuotaInfo
);
530 *PolicyInformation
= (PLSAPR_POLICY_INFORMATION
)QuotaInfo
;
538 LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject
,
539 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
541 *PolicyInformation
= NULL
;
542 return STATUS_NOT_IMPLEMENTED
;
547 LsarQueryModification(PLSA_DB_OBJECT PolicyObject
,
548 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
550 PPOLICY_MODIFICATION_INFO Info
= NULL
;
554 *PolicyInformation
= NULL
;
556 AttributeSize
= sizeof(POLICY_MODIFICATION_INFO
);
557 Info
= MIDL_user_allocate(AttributeSize
);
559 return STATUS_INSUFFICIENT_RESOURCES
;
561 Status
= LsapGetObjectAttribute(PolicyObject
,
565 if (!NT_SUCCESS(Status
))
567 MIDL_user_free(Info
);
571 *PolicyInformation
= (PLSAPR_POLICY_INFORMATION
)Info
;
579 LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject
,
580 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
582 PPOLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo
= NULL
;
586 *PolicyInformation
= NULL
;
588 AttributeSize
= sizeof(POLICY_AUDIT_FULL_QUERY_INFO
);
589 AuditFullInfo
= MIDL_user_allocate(AttributeSize
);
590 if (AuditFullInfo
== NULL
)
591 return STATUS_INSUFFICIENT_RESOURCES
;
593 Status
= LsapGetObjectAttribute(PolicyObject
,
597 if (!NT_SUCCESS(Status
))
599 MIDL_user_free(AuditFullInfo
);
603 *PolicyInformation
= (PLSAPR_POLICY_INFORMATION
)AuditFullInfo
;
611 LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject
,
612 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
614 PLSAPR_POLICY_DNS_DOMAIN_INFO p
= NULL
;
616 p
= MIDL_user_allocate(sizeof(LSAPR_POLICY_DNS_DOMAIN_INFO
));
618 return STATUS_INSUFFICIENT_RESOURCES
;
621 p
->Name
.MaximumLength
= 0;
622 p
->Name
.Buffer
= NULL
;
624 p
->Name
.Length
= wcslen(L
"COMPUTERNAME");
625 p
->Name
.MaximumLength
= p
->Name
.Length
+ sizeof(WCHAR
);
626 p
->Name
.Buffer
= MIDL_user_allocate(p
->Name
.MaximumLength
);
627 if (p
->Name
.Buffer
== NULL
)
630 return STATUS_INSUFFICIENT_RESOURCES
;
633 wcscpy(p
->Name
.Buffer
, L
"COMPUTERNAME");
636 p
->DnsDomainName
.Length
= 0;
637 p
->DnsDomainName
.MaximumLength
= 0;
638 p
->DnsDomainName
.Buffer
= NULL
;
640 p
->DnsForestName
.Length
= 0;
641 p
->DnsForestName
.MaximumLength
= 0;
642 p
->DnsForestName
.Buffer
= 0;
644 memset(&p
->DomainGuid
, 0, sizeof(GUID
));
646 p
->Sid
= NULL
; /* no domain, no workgroup */
648 *PolicyInformation
= (PLSAPR_POLICY_INFORMATION
)p
;
650 return STATUS_SUCCESS
;
655 LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject
,
656 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
658 *PolicyInformation
= NULL
;
659 return STATUS_NOT_IMPLEMENTED
;
664 LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject
,
665 PLSAPR_POLICY_INFORMATION
*PolicyInformation
)
667 *PolicyInformation
= NULL
;
668 return STATUS_NOT_IMPLEMENTED
;