*
* PROGRAMMERS: Eric Kohl
*/
+
#include "lsasrv.h"
-WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
+#include "resources.h"
+
+/* GLOBALS *****************************************************************/
typedef wchar_t *PSAMPR_SERVER_NAME;
typedef void *SAMPR_HANDLE;
LIST_ENTRY WellKnownSidListHead;
+PSID LsapWorldSid = NULL;
+PSID LsapNetworkSid = NULL;
+PSID LsapBatchSid = NULL;
+PSID LsapInteractiveSid = NULL;
+PSID LsapServiceSid = NULL;
+PSID LsapLocalSystemSid = NULL;
+PSID LsapAdministratorsSid = NULL;
-#if 0
-typedef struct _AccountSid
-{
- WELL_KNOWN_SID_TYPE type;
- LPCWSTR account;
- LPCWSTR domain;
- SID_NAME_USE name_use;
-} AccountSid;
-
-static const WCHAR Account_Operators[] = { 'A','c','c','o','u','n','t',' ','O','p','e','r','a','t','o','r','s',0 };
-static const WCHAR Administrator[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0 };
-static const WCHAR Administrators[] = { 'A','d','m','i','n','i','s','t','r','a','t','o','r','s',0 };
-static const WCHAR ANONYMOUS_LOGON[] = { 'A','N','O','N','Y','M','O','U','S',' ','L','O','G','O','N',0 };
-static const WCHAR Authenticated_Users[] = { 'A','u','t','h','e','n','t','i','c','a','t','e','d',' ','U','s','e','r','s',0 };
-static const WCHAR Backup_Operators[] = { 'B','a','c','k','u','p',' ','O','p','e','r','a','t','o','r','s',0 };
-static const WCHAR BATCH[] = { 'B','A','T','C','H',0 };
-static const WCHAR Blank[] = { 0 };
-static const WCHAR BUILTIN[] = { 'B','U','I','L','T','I','N',0 };
-static const WCHAR Cert_Publishers[] = { 'C','e','r','t',' ','P','u','b','l','i','s','h','e','r','s',0 };
-static const WCHAR CREATOR_GROUP[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',0 };
-static const WCHAR CREATOR_GROUP_SERVER[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',' ','S','E','R','V','E','R',0 };
-static const WCHAR CREATOR_OWNER[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',0 };
-static const WCHAR CREATOR_OWNER_SERVER[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',' ','S','E','R','V','E','R',0 };
-static const WCHAR DIALUP[] = { 'D','I','A','L','U','P',0 };
-static const WCHAR Digest_Authentication[] = { 'D','i','g','e','s','t',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 };
-static const WCHAR DOMAIN[] = {'D','O','M','A','I','N',0};
-static const WCHAR Domain_Admins[] = { 'D','o','m','a','i','n',' ','A','d','m','i','n','s',0 };
-static const WCHAR Domain_Computers[] = { 'D','o','m','a','i','n',' ','C','o','m','p','u','t','e','r','s',0 };
-static const WCHAR Domain_Controllers[] = { 'D','o','m','a','i','n',' ','C','o','n','t','r','o','l','l','e','r','s',0 };
-static const WCHAR Domain_Guests[] = { 'D','o','m','a','i','n',' ','G','u','e','s','t','s',0 };
-static const WCHAR Domain_Users[] = { 'D','o','m','a','i','n',' ','U','s','e','r','s',0 };
-static const WCHAR Enterprise_Admins[] = { 'E','n','t','e','r','p','r','i','s','e',' ','A','d','m','i','n','s',0 };
-static const WCHAR ENTERPRISE_DOMAIN_CONTROLLERS[] = { 'E','N','T','E','R','P','R','I','S','E',' ','D','O','M','A','I','N',' ','C','O','N','T','R','O','L','L','E','R','S',0 };
-static const WCHAR Everyone[] = { 'E','v','e','r','y','o','n','e',0 };
-static const WCHAR Group_Policy_Creator_Owners[] = { 'G','r','o','u','p',' ','P','o','l','i','c','y',' ','C','r','e','a','t','o','r',' ','O','w','n','e','r','s',0 };
-static const WCHAR Guest[] = { 'G','u','e','s','t',0 };
-static const WCHAR Guests[] = { 'G','u','e','s','t','s',0 };
-static const WCHAR INTERACTIVE[] = { 'I','N','T','E','R','A','C','T','I','V','E',0 };
-static const WCHAR LOCAL[] = { 'L','O','C','A','L',0 };
-static const WCHAR LOCAL_SERVICE[] = { 'L','O','C','A','L',' ','S','E','R','V','I','C','E',0 };
-static const WCHAR NETWORK[] = { 'N','E','T','W','O','R','K',0 };
-static const WCHAR Network_Configuration_Operators[] = { 'N','e','t','w','o','r','k',' ','C','o','n','f','i','g','u','r','a','t','i','o','n',' ','O','p','e','r','a','t','o','r','s',0 };
-static const WCHAR NETWORK_SERVICE[] = { 'N','E','T','W','O','R','K',' ','S','E','R','V','I','C','E',0 };
-static const WCHAR NT_AUTHORITY[] = { 'N','T',' ','A','U','T','H','O','R','I','T','Y',0 };
-static const WCHAR NT_Pseudo_Domain[] = { 'N','T',' ','P','s','e','u','d','o',' ','D','o','m','a','i','n',0 };
-static const WCHAR NTML_Authentication[] = { 'N','T','M','L',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 };
-static const WCHAR NULL_SID[] = { 'N','U','L','L',' ','S','I','D',0 };
-static const WCHAR Other_Organization[] = { 'O','t','h','e','r',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 };
-static const WCHAR Performance_Log_Users[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','L','o','g',' ','U','s','e','r','s',0 };
-static const WCHAR Performance_Monitor_Users[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','M','o','n','i','t','o','r',' ','U','s','e','r','s',0 };
-static const WCHAR Power_Users[] = { 'P','o','w','e','r',' ','U','s','e','r','s',0 };
-static const WCHAR Pre_Windows_2000_Compatible_Access[] = { 'P','r','e','-','W','i','n','d','o','w','s',' ','2','0','0','0',' ','C','o','m','p','a','t','i','b','l','e',' ','A','c','c','e','s','s',0 };
-static const WCHAR Print_Operators[] = { 'P','r','i','n','t',' ','O','p','e','r','a','t','o','r','s',0 };
-static const WCHAR PROXY[] = { 'P','R','O','X','Y',0 };
-static const WCHAR RAS_and_IAS_Servers[] = { 'R','A','S',' ','a','n','d',' ','I','A','S',' ','S','e','r','v','e','r','s',0 };
-static const WCHAR Remote_Desktop_Users[] = { 'R','e','m','o','t','e',' ','D','e','s','k','t','o','p',' ','U','s','e','r','s',0 };
-static const WCHAR REMOTE_INTERACTIVE_LOGON[] = { 'R','E','M','O','T','E',' ','I','N','T','E','R','A','C','T','I','V','E',' ','L','O','G','O','N',0 };
-static const WCHAR Replicators[] = { 'R','e','p','l','i','c','a','t','o','r','s',0 };
-static const WCHAR RESTRICTED[] = { 'R','E','S','T','R','I','C','T','E','D',0 };
-static const WCHAR SChannel_Authentication[] = { 'S','C','h','a','n','n','e','l',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 };
-static const WCHAR Schema_Admins[] = { 'S','c','h','e','m','a',' ','A','d','m','i','n','s',0 };
-static const WCHAR SELF[] = { 'S','E','L','F',0 };
-static const WCHAR Server_Operators[] = { 'S','e','r','v','e','r',' ','O','p','e','r','a','t','o','r','s',0 };
-static const WCHAR SERVICE[] = { 'S','E','R','V','I','C','E',0 };
-static const WCHAR SYSTEM[] = { 'S','Y','S','T','E','M',0 };
-static const WCHAR TERMINAL_SERVER_USER[] = { 'T','E','R','M','I','N','A','L',' ','S','E','R','V','E','R',' ','U','S','E','R',0 };
-static const WCHAR This_Organization[] = { 'T','h','i','s',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 };
-static const WCHAR Users[] = { 'U','s','e','r','s',0 };
-
-static const AccountSid ACCOUNT_SIDS[] = {
-// { WinNullSid, NULL_SID, Blank, SidTypeWellKnownGroup },
-// { WinWorldSid, Everyone, Blank, SidTypeWellKnownGroup },
-// { WinLocalSid, LOCAL, Blank, SidTypeWellKnownGroup },
-// { WinCreatorOwnerSid, CREATOR_OWNER, Blank, SidTypeWellKnownGroup },
-// { WinCreatorGroupSid, CREATOR_GROUP, Blank, SidTypeWellKnownGroup },
-// { WinCreatorOwnerServerSid, CREATOR_OWNER_SERVER, Blank, SidTypeWellKnownGroup },
-// { WinCreatorGroupServerSid, CREATOR_GROUP_SERVER, Blank, SidTypeWellKnownGroup },
-// { WinNtAuthoritySid, NT_Pseudo_Domain, NT_Pseudo_Domain, SidTypeDomain },
-// { WinDialupSid, DIALUP, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinNetworkSid, NETWORK, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinBatchSid, BATCH, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinInteractiveSid, INTERACTIVE, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinServiceSid, SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinAnonymousSid, ANONYMOUS_LOGON, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinProxySid, PROXY, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinEnterpriseControllersSid, ENTERPRISE_DOMAIN_CONTROLLERS, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinSelfSid, SELF, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinAuthenticatedUserSid, Authenticated_Users, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinRestrictedCodeSid, RESTRICTED, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinTerminalServerSid, TERMINAL_SERVER_USER, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinRemoteLogonIdSid, REMOTE_INTERACTIVE_LOGON, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinLocalSystemSid, SYSTEM, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinLocalServiceSid, LOCAL_SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinNetworkServiceSid, NETWORK_SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinBuiltinDomainSid, BUILTIN, BUILTIN, SidTypeDomain },
-// { WinBuiltinAdministratorsSid, Administrators, BUILTIN, SidTypeAlias },
-// { WinBuiltinUsersSid, Users, BUILTIN, SidTypeAlias },
-// { WinBuiltinGuestsSid, Guests, BUILTIN, SidTypeAlias },
-// { WinBuiltinPowerUsersSid, Power_Users, BUILTIN, SidTypeAlias },
-// { WinBuiltinAccountOperatorsSid, Account_Operators, BUILTIN, SidTypeAlias },
-// { WinBuiltinSystemOperatorsSid, Server_Operators, BUILTIN, SidTypeAlias },
-// { WinBuiltinPrintOperatorsSid, Print_Operators, BUILTIN, SidTypeAlias },
-// { WinBuiltinBackupOperatorsSid, Backup_Operators, BUILTIN, SidTypeAlias },
-// { WinBuiltinReplicatorSid, Replicators, BUILTIN, SidTypeAlias },
-// { WinBuiltinPreWindows2000CompatibleAccessSid, Pre_Windows_2000_Compatible_Access, BUILTIN, SidTypeAlias },
-// { WinBuiltinRemoteDesktopUsersSid, Remote_Desktop_Users, BUILTIN, SidTypeAlias },
-// { WinBuiltinNetworkConfigurationOperatorsSid, Network_Configuration_Operators, BUILTIN, SidTypeAlias },
- { WinNTLMAuthenticationSid, NTML_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup },
- { WinDigestAuthenticationSid, Digest_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup },
- { WinSChannelAuthenticationSid, SChannel_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup },
-// { WinThisOrganizationSid, This_Organization, NT_AUTHORITY, SidTypeWellKnownGroup },
- { WinOtherOrganizationSid, Other_Organization, NT_AUTHORITY, SidTypeWellKnownGroup },
- { WinBuiltinPerfMonitoringUsersSid, Performance_Monitor_Users, BUILTIN, SidTypeAlias },
- { WinBuiltinPerfLoggingUsersSid, Performance_Log_Users, BUILTIN, SidTypeAlias },
-};
-#endif
+/* FUNCTIONS ***************************************************************/
BOOLEAN
LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
PULONG SubAuthorities,
PWSTR AccountName,
PWSTR DomainName,
- SID_NAME_USE Use)
+ SID_NAME_USE Use,
+ PSID *SidPtr)
{
PWELL_KNOWN_SID SidEntry;
PULONG p;
*p = SubAuthorities[i];
}
- RtlInitUnicodeString(&SidEntry->AccountName,
- AccountName);
+// RtlInitUnicodeString(&SidEntry->AccountName,
+// AccountName);
+ SidEntry->AccountName.Length = wcslen(AccountName) * sizeof(WCHAR);
+ SidEntry->AccountName.MaximumLength = SidEntry->AccountName.Length + sizeof(WCHAR);
+ SidEntry->AccountName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ SidEntry->AccountName.MaximumLength);
+ if (SidEntry->AccountName.Buffer == NULL)
+ {
+ RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry->Sid);
+ RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry);
+ return FALSE;
+ }
- RtlInitUnicodeString(&SidEntry->DomainName,
- DomainName);
+ wcscpy(SidEntry->AccountName.Buffer,
+ AccountName);
+
+// RtlInitUnicodeString(&SidEntry->DomainName,
+// DomainName);
+ SidEntry->DomainName.Length = wcslen(DomainName) * sizeof(WCHAR);
+ SidEntry->DomainName.MaximumLength = SidEntry->DomainName.Length + sizeof(WCHAR);
+ SidEntry->DomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ SidEntry->DomainName.MaximumLength);
+ if (SidEntry->DomainName.Buffer == NULL)
+ {
+ RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry->AccountName.Buffer);
+ RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry->Sid);
+ RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry);
+ return FALSE;
+ }
+
+ wcscpy(SidEntry->DomainName.Buffer,
+ DomainName);
SidEntry->Use = Use;
InsertTailList(&WellKnownSidListHead,
&SidEntry->ListEntry);
+ if (SidPtr != NULL)
+ *SidPtr = SidEntry->Sid;
+
return TRUE;
}
NTSTATUS
LsapInitSids(VOID)
{
+ WCHAR szAccountName[80];
+ WCHAR szDomainName[80];
ULONG SubAuthorities[8];
+ HINSTANCE hInstance;
InitializeListHead(&WellKnownSidListHead);
+ hInstance = GetModuleHandleW(L"lsasrv.dll");
+
/* NT Authority */
+
+ LsapLoadString(hInstance, IDS_NT_AUTHORITY, szAccountName, ARRAYSIZE(szAccountName));
+ LsapLoadString(hInstance, IDS_NT_AUTHORITY, szDomainName, ARRAYSIZE(szDomainName));
LsapCreateSid(&NtAuthority,
0,
NULL,
- L"NT AUTHORITY",
- L"NT AUTHORITY",
- SidTypeDomain);
+ szAccountName,
+ szDomainName,
+ SidTypeDomain,
+ NULL);
/* Null Sid */
+ LsapLoadString(hInstance, IDS_NULL_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_NULL_RID;
LsapCreateSid(&NullSidAuthority,
1,
SubAuthorities,
- L"NULL SID",
+ szAccountName,
L"",
- SidTypeWellKnownGroup);
+ SidTypeWellKnownGroup,
+ NULL);
/* World Sid */
+ LsapLoadString(hInstance, IDS_WORLD_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_WORLD_RID;
LsapCreateSid(&WorldSidAuthority,
1,
SubAuthorities,
- L"Everyone",
+ szAccountName,
L"",
- SidTypeWellKnownGroup);
+ SidTypeWellKnownGroup,
+ &LsapWorldSid);
/* Local Sid */
+ LsapLoadString(hInstance, IDS_LOCAL_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_LOCAL_RID;
LsapCreateSid(&LocalSidAuthority,
1,
SubAuthorities,
- L"LOCAL",
+ szAccountName,
L"",
- SidTypeWellKnownGroup);
+ SidTypeWellKnownGroup,
+ NULL);
/* Creator Owner Sid */
+ LsapLoadString(hInstance, IDS_CREATOR_OWNER_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_CREATOR_OWNER_RID;
LsapCreateSid(&CreatorSidAuthority,
1,
SubAuthorities,
- L"CREATOR OWNER",
+ szAccountName,
L"",
- SidTypeWellKnownGroup);
+ SidTypeWellKnownGroup,
+ NULL);
/* Creator Group Sid */
+ LsapLoadString(hInstance, IDS_CREATOR_GROUP_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_CREATOR_GROUP_RID;
LsapCreateSid(&CreatorSidAuthority,
1,
SubAuthorities,
- L"CREATOR GROUP",
+ szAccountName,
L"",
- SidTypeWellKnownGroup);
+ SidTypeWellKnownGroup,
+ NULL);
/* Creator Owner Server Sid */
+ LsapLoadString(hInstance, IDS_CREATOR_OWNER_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_CREATOR_OWNER_SERVER_RID;
LsapCreateSid(&CreatorSidAuthority,
1,
SubAuthorities,
- L"CREATOR OWNER SERVER",
+ szAccountName,
L"",
- SidTypeWellKnownGroup);
+ SidTypeWellKnownGroup,
+ NULL);
/* Creator Group Server Sid */
+ LsapLoadString(hInstance, IDS_CREATOR_GROUP_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_CREATOR_GROUP_SERVER_RID;
LsapCreateSid(&CreatorSidAuthority,
1,
SubAuthorities,
- L"CREATOR GROUP SERVER",
+ szAccountName,
L"",
- SidTypeWellKnownGroup);
+ SidTypeWellKnownGroup,
+ NULL);
/* Dialup Sid */
+ LsapLoadString(hInstance, IDS_DIALUP_RID, szAccountName, ARRAYSIZE(szAccountName));
+ LsapLoadString(hInstance, IDS_NT_AUTHORITY, szDomainName, ARRAYSIZE(szDomainName));
+
SubAuthorities[0] = SECURITY_DIALUP_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"DIALUP",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
/* Network Sid */
+ LsapLoadString(hInstance, IDS_NETWORK_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_NETWORK_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"NETWORK",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ &LsapNetworkSid);
/* Batch Sid*/
+ LsapLoadString(hInstance, IDS_BATCH_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BATCH_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"BATCH",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ &LsapBatchSid);
/* Interactive Sid */
+ LsapLoadString(hInstance, IDS_INTERACTIVE_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_INTERACTIVE_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"INTERACTIVE",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ &LsapInteractiveSid);
/* Service Sid */
+ LsapLoadString(hInstance, IDS_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_SERVICE_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"SERVICE",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ &LsapServiceSid);
/* Anonymous Logon Sid */
+ LsapLoadString(hInstance, IDS_ANONYMOUS_LOGON_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_ANONYMOUS_LOGON_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"ANONYMOUS LOGON",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
/* Proxy Sid */
+ LsapLoadString(hInstance, IDS_PROXY_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_PROXY_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"PROXY",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
/* Enterprise Controllers Sid */
+ LsapLoadString(hInstance, IDS_ENTERPRISE_CONTROLLERS_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_ENTERPRISE_CONTROLLERS_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"ENTERPRISE DOMAIN CONTROLLERS",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
/* Principal Self Sid */
+ LsapLoadString(hInstance, IDS_PRINCIPAL_SELF_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_PRINCIPAL_SELF_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"SELF",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
/* Authenticated Users Sid */
+ LsapLoadString(hInstance, IDS_AUTHENTICATED_USER_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_AUTHENTICATED_USER_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"Authenticated Users",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
/* Restricted Code Sid */
+ LsapLoadString(hInstance, IDS_RESTRICTED_CODE_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_RESTRICTED_CODE_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"RESTRICTED",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
/* Terminal Server Sid */
+ LsapLoadString(hInstance, IDS_TERMINAL_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_TERMINAL_SERVER_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"TERMINAL SERVER USER",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
/* Remote Logon Sid */
+ LsapLoadString(hInstance, IDS_REMOTE_LOGON_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_REMOTE_LOGON_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"REMOTE INTERACTIVE LOGON",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
/* This Organization Sid */
+ LsapLoadString(hInstance, IDS_THIS_ORGANIZATION_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_THIS_ORGANIZATION_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"This Organization",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
/* Local System Sid */
+ LsapLoadString(hInstance, IDS_LOCAL_SYSTEM_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_LOCAL_SYSTEM_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"SYSTEM",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ &LsapLocalSystemSid);
/* Local Service Sid */
+ LsapLoadString(hInstance, IDS_LOCAL_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_LOCAL_SERVICE_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"LOCAL SERVICE",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
L"LOCALSERVICE",
L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ SidTypeWellKnownGroup,
+ NULL);
/* Network Service Sid */
+ LsapLoadString(hInstance, IDS_NETWORK_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_NETWORK_SERVICE_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"NETWORK SERVICE",
- L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ szAccountName,
+ szDomainName,
+ SidTypeWellKnownGroup,
+ NULL);
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
L"NETWORKSERVICE",
L"NT AUTHORITY",
- SidTypeWellKnownGroup);
+ SidTypeWellKnownGroup,
+ NULL);
/* Builtin Domain Sid */
+ LsapLoadString(hInstance, IDS_BUILTIN_DOMAIN_RID, szAccountName, ARRAYSIZE(szAccountName));
+ LsapLoadString(hInstance, IDS_BUILTIN_DOMAIN_RID, szDomainName, ARRAYSIZE(szDomainName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
LsapCreateSid(&NtAuthority,
1,
SubAuthorities,
- L"BUILTIN",
- L"BUILTIN",
- SidTypeDomain);
+ szAccountName,
+ szDomainName,
+ SidTypeDomain,
+ NULL);
/* Administrators Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_ADMINS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_ADMINS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Administrators",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ &LsapAdministratorsSid);
/* Users Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_USERS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_USERS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Users",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* Guests Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_GUESTS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_GUESTS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Guests",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* Power User Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_POWER_USERS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_POWER_USERS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Power User",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* Account Operators Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_ACCOUNT_OPS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Account Operators",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* System Operators Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_SYSTEM_OPS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_SYSTEM_OPS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Server Operators",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* Print Operators Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_PRINT_OPS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_PRINT_OPS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Print Operators",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* Backup Operators Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_BACKUP_OPS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_BACKUP_OPS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Backup Operators",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* Replicators Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_REPLICATOR, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_REPLICATOR;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Replicators",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
-#if 0
/* RAS Servers Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_RAS_SERVERS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_RAS_SERVERS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Backup Operators",
- L"BUILTIN",
- SidTypeAlias);
-#endif
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* Pre-Windows 2000 Compatible Access Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_PREW2KCOMPACCESS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_PREW2KCOMPACCESS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Pre-Windows 2000 Compatible Access",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* Remote Desktop Users Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_REMOTE_DESKTOP_USERS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Remote Desktop Users",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* Network Configuration Operators Alias Sid */
+ LsapLoadString(hInstance, IDS_ALIAS_RID_NETWORK_CONFIGURATION_OPS, szAccountName, ARRAYSIZE(szAccountName));
+
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS;
LsapCreateSid(&NtAuthority,
2,
SubAuthorities,
- L"Network Configuration Operators",
- L"BUILTIN",
- SidTypeAlias);
+ szAccountName,
+ szDomainName,
+ SidTypeAlias,
+ NULL);
/* FIXME: Add more well known sids */
ReferencedDomains->Domains[i].Name.Length = Name->Length;
ReferencedDomains->Domains[i].Name.MaximumLength = Name->MaximumLength;
ReferencedDomains->Domains[i].Name.Buffer = MIDL_user_allocate(Name->MaximumLength);
- if (ReferencedDomains->Domains[i].Sid == NULL)
+ if (ReferencedDomains->Domains[i].Name.Buffer == NULL)
{
MIDL_user_free(ReferencedDomains->Domains[i].Sid);
ReferencedDomains->Domains[i].Sid = NULL;