-/* INCLUDES ****************************************************************/
-
-#define WIN32_NO_STATUS
-#include <windows.h>
-#include <ntsecapi.h>
-#define NTOS_MODE_USER
-#include <ndk/ntndk.h>
+/*
+ * COPYRIGHT: See COPYING in the top level directory
+ * PROJECT: Local Security Authority (LSA) Server
+ * FILE: reactos/dll/win32/lsasrv/lsarpc.h
+ * PURPOSE: RPC interface functions
+ *
+ * PROGRAMMERS: Eric Kohl
+ */
-#include <string.h>
+/* INCLUDES ****************************************************************/
#include "lsasrv.h"
-#include "lsa_s.h"
-
-#include <wine/debug.h>
-typedef enum _LSA_DB_HANDLE_TYPE
-{
- LsaDbIgnoreHandle,
- LsaDbPolicyHandle,
- LsaDbAccountHandle
-} LSA_DB_HANDLE_TYPE, *PLSA_DB_HANDLE_TYPE;
+WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
-typedef struct _LSA_DB_HANDLE
-{
- ULONG Signature;
- LSA_DB_HANDLE_TYPE HandleType;
- LONG RefCount;
- ACCESS_MASK Access;
-} LSA_DB_HANDLE, *PLSA_DB_HANDLE;
-#define LSAP_DB_SIGNATURE 0x12345678
+/* GLOBALS *****************************************************************/
static RTL_CRITICAL_SECTION PolicyHandleTableLock;
-WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
-
/* FUNCTIONS ***************************************************************/
-static LSAPR_HANDLE
-LsapCreateDbHandle(LSA_DB_HANDLE_TYPE HandleType,
- ACCESS_MASK DesiredAccess)
-{
- PLSA_DB_HANDLE DbHandle;
-
-// RtlEnterCriticalSection(&PolicyHandleTableLock);
-
- DbHandle = (PLSA_DB_HANDLE)RtlAllocateHeap(RtlGetProcessHeap(),
- 0,
- sizeof(LSA_DB_HANDLE));
- if (DbHandle != NULL)
- {
- DbHandle->Signature = LSAP_DB_SIGNATURE;
- DbHandle->RefCount = 1;
- DbHandle->HandleType = HandleType;
- DbHandle->Access = DesiredAccess;
- }
-
-// RtlLeaveCriticalSection(&PolicyHandleTableLock);
-
- return (LSAPR_HANDLE)DbHandle;
-}
-
-
-static BOOL
-LsapValidateDbHandle(LSAPR_HANDLE Handle,
- LSA_DB_HANDLE_TYPE HandleType)
-{
- PLSA_DB_HANDLE DbHandle = (PLSA_DB_HANDLE)Handle;
- BOOL bValid = FALSE;
-
- _SEH2_TRY
- {
- if (DbHandle->Signature == LSAP_DB_SIGNATURE)
- {
- if (HandleType == LsaDbIgnoreHandle)
- bValid = TRUE;
- else if (DbHandle->HandleType == HandleType)
- bValid = TRUE;
- }
- }
- _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
- {
- bValid = FALSE;
- }
- _SEH2_END;
-
-
- return bValid;
-}
-
-
-
-
VOID
LsarStartRpcServer(VOID)
{
/* Function 0 */
-NTSTATUS LsarClose(
+NTSTATUS WINAPI LsarClose(
LSAPR_HANDLE *ObjectHandle)
{
+ PLSA_DB_OBJECT DbObject;
NTSTATUS Status = STATUS_SUCCESS;
TRACE("0x%p\n", ObjectHandle);
// RtlEnterCriticalSection(&PolicyHandleTableLock);
- if (LsapValidateDbHandle(*ObjectHandle, LsaDbIgnoreHandle))
+ Status = LsapValidateDbObject(*ObjectHandle,
+ LsaDbIgnoreObject,
+ 0,
+ &DbObject);
+ if (Status == STATUS_SUCCESS)
{
- RtlFreeHeap(RtlGetProcessHeap(), 0, *ObjectHandle);
+ Status = LsapCloseDbObject(DbObject);
*ObjectHandle = NULL;
}
- else
- Status = STATUS_INVALID_HANDLE;
// RtlLeaveCriticalSection(&PolicyHandleTableLock);
/* Function 1 */
-NTSTATUS LsarDelete(
+NTSTATUS WINAPI LsarDelete(
LSAPR_HANDLE ObjectHandle)
{
/* Deprecated */
/* Function 2 */
-NTSTATUS LsarEnumeratePrivileges(
+NTSTATUS WINAPI LsarEnumeratePrivileges(
LSAPR_HANDLE PolicyHandle,
DWORD *EnumerationContext,
PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer,
DWORD PreferedMaximumLength)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT PolicyObject;
+ NTSTATUS Status;
+
+ TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
+ PolicyHandle, EnumerationContext, EnumerationBuffer,
+ PreferedMaximumLength);
+
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ POLICY_VIEW_LOCAL_INFORMATION,
+ &PolicyObject);
+ if (!NT_SUCCESS(Status))
+ return Status;
+
+ if (EnumerationContext == NULL)
+ return STATUS_INVALID_PARAMETER;
+
+ return LsarpEnumeratePrivileges(EnumerationContext,
+ EnumerationBuffer,
+ PreferedMaximumLength);
}
/* Function 3 */
-NTSTATUS LsarQuerySecurityObject(
+NTSTATUS WINAPI LsarQuerySecurityObject(
LSAPR_HANDLE ObjectHandle,
SECURITY_INFORMATION SecurityInformation,
PLSAPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor)
/* Function 4 */
-NTSTATUS LsarSetSecurityObject(
+NTSTATUS WINAPI LsarSetSecurityObject(
LSAPR_HANDLE ObjectHandle,
SECURITY_INFORMATION SecurityInformation,
PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor)
/* Function 5 */
-NTSTATUS LsarChangePassword(
+NTSTATUS WINAPI LsarChangePassword(
handle_t IDL_handle,
PRPC_UNICODE_STRING String1,
PRPC_UNICODE_STRING String2,
/* Function 6 */
-NTSTATUS LsarOpenPolicy(
+NTSTATUS WINAPI LsarOpenPolicy(
LPWSTR SystemName,
PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *PolicyHandle)
{
- NTSTATUS Status = STATUS_SUCCESS;
+ PLSA_DB_OBJECT PolicyObject;
+ NTSTATUS Status;
TRACE("LsarOpenPolicy called!\n");
RtlEnterCriticalSection(&PolicyHandleTableLock);
- *PolicyHandle = LsapCreateDbHandle(LsaDbPolicyHandle,
- DesiredAccess);
- if (*PolicyHandle == NULL)
- Status = STATUS_INSUFFICIENT_RESOURCES;
+ Status = LsapOpenDbObject(NULL,
+ NULL,
+ L"Policy",
+ LsaDbPolicyObject,
+ DesiredAccess,
+ &PolicyObject);
RtlLeaveCriticalSection(&PolicyHandleTableLock);
+ if (NT_SUCCESS(Status))
+ *PolicyHandle = (LSAPR_HANDLE)PolicyObject;
+
TRACE("LsarOpenPolicy done!\n");
return Status;
/* Function 7 */
-NTSTATUS LsarQueryInformationPolicy(
+NTSTATUS WINAPI LsarQueryInformationPolicy(
LSAPR_HANDLE PolicyHandle,
POLICY_INFORMATION_CLASS InformationClass,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT DbObject;
+ ACCESS_MASK DesiredAccess = 0;
+ NTSTATUS Status;
+
+ TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
+ PolicyHandle, InformationClass, PolicyInformation);
+
+ if (PolicyInformation)
+ {
+ TRACE("*PolicyInformation %p\n", *PolicyInformation);
+ }
+
+ switch (InformationClass)
+ {
+ case PolicyAuditLogInformation:
+ case PolicyAuditEventsInformation:
+ case PolicyAuditFullQueryInformation:
+ DesiredAccess = POLICY_VIEW_AUDIT_INFORMATION;
+ break;
+
+ case PolicyPrimaryDomainInformation:
+ case PolicyAccountDomainInformation:
+ case PolicyLsaServerRoleInformation:
+ case PolicyReplicaSourceInformation:
+ case PolicyDefaultQuotaInformation:
+ case PolicyModificationInformation:
+ case PolicyDnsDomainInformation:
+ case PolicyDnsDomainInformationInt:
+ case PolicyLocalAccountDomainInformation:
+ DesiredAccess = POLICY_VIEW_LOCAL_INFORMATION;
+ break;
+
+ case PolicyPdAccountInformation:
+ DesiredAccess = POLICY_GET_PRIVATE_INFORMATION;
+ break;
+
+ default:
+ ERR("Invalid InformationClass!\n");
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ DesiredAccess,
+ &DbObject);
+ if (!NT_SUCCESS(Status))
+ return Status;
+
+ switch (InformationClass)
+ {
+ case PolicyAuditLogInformation: /* 1 */
+ Status = LsarQueryAuditLog(PolicyHandle,
+ PolicyInformation);
+
+ case PolicyAuditEventsInformation: /* 2 */
+ Status = LsarQueryAuditEvents(PolicyHandle,
+ PolicyInformation);
+ break;
+
+ case PolicyPrimaryDomainInformation: /* 3 */
+ Status = LsarQueryPrimaryDomain(PolicyHandle,
+ PolicyInformation);
+ break;
+
+ case PolicyPdAccountInformation: /* 4 */
+ Status = LsarQueryPdAccount(PolicyHandle,
+ PolicyInformation);
+
+ case PolicyAccountDomainInformation: /* 5 */
+ Status = LsarQueryAccountDomain(PolicyHandle,
+ PolicyInformation);
+ break;
+
+ case PolicyLsaServerRoleInformation: /* 6 */
+ Status = LsarQueryServerRole(PolicyHandle,
+ PolicyInformation);
+ break;
+
+ case PolicyReplicaSourceInformation: /* 7 */
+ Status = LsarQueryReplicaSource(PolicyHandle,
+ PolicyInformation);
+
+ case PolicyDefaultQuotaInformation: /* 8 */
+ Status = LsarQueryDefaultQuota(PolicyHandle,
+ PolicyInformation);
+ break;
+
+ case PolicyModificationInformation: /* 9 */
+ Status = LsarQueryModification(PolicyHandle,
+ PolicyInformation);
+ break;
+
+ case PolicyAuditFullQueryInformation: /* 11 (0xB) */
+ Status = LsarQueryAuditFull(PolicyHandle,
+ PolicyInformation);
+ break;
+
+ case PolicyDnsDomainInformation: /* 12 (0xC) */
+ Status = LsarQueryDnsDomain(PolicyHandle,
+ PolicyInformation);
+ break;
+
+ case PolicyDnsDomainInformationInt: /* 13 (0xD) */
+ Status = LsarQueryDnsDomainInt(PolicyHandle,
+ PolicyInformation);
+ break;
+
+ case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
+ Status = LsarQueryLocalAccountDomain(PolicyHandle,
+ PolicyInformation);
+ break;
+
+ default:
+ ERR("Invalid InformationClass!\n");
+ Status = STATUS_INVALID_PARAMETER;
+ }
+
+ return Status;
}
/* Function 8 */
-NTSTATUS LsarSetInformationPolicy(
+NTSTATUS WINAPI LsarSetInformationPolicy(
LSAPR_HANDLE PolicyHandle,
POLICY_INFORMATION_CLASS InformationClass,
PLSAPR_POLICY_INFORMATION PolicyInformation)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT DbObject;
+ ACCESS_MASK DesiredAccess = 0;
+ NTSTATUS Status;
+
+ TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
+ PolicyHandle, InformationClass, PolicyInformation);
+
+ if (PolicyInformation)
+ {
+ TRACE("*PolicyInformation %p\n", *PolicyInformation);
+ }
+
+ switch (InformationClass)
+ {
+ case PolicyAuditLogInformation:
+ case PolicyAuditFullSetInformation:
+ DesiredAccess = POLICY_AUDIT_LOG_ADMIN;
+ break;
+
+ case PolicyAuditEventsInformation:
+ DesiredAccess = POLICY_SET_AUDIT_REQUIREMENTS;
+ break;
+
+ case PolicyPrimaryDomainInformation:
+ case PolicyAccountDomainInformation:
+ case PolicyDnsDomainInformation:
+ case PolicyDnsDomainInformationInt:
+ case PolicyLocalAccountDomainInformation:
+ DesiredAccess = POLICY_TRUST_ADMIN;
+ break;
+
+ case PolicyLsaServerRoleInformation:
+ case PolicyReplicaSourceInformation:
+ DesiredAccess = POLICY_SERVER_ADMIN;
+ break;
+
+ case PolicyDefaultQuotaInformation:
+ DesiredAccess = POLICY_SET_DEFAULT_QUOTA_LIMITS;
+ break;
+
+ default:
+ ERR("Invalid InformationClass!\n");
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ DesiredAccess,
+ &DbObject);
+ if (!NT_SUCCESS(Status))
+ return Status;
+
+ switch (InformationClass)
+ {
+ case PolicyAuditEventsInformation:
+ Status = STATUS_NOT_IMPLEMENTED;
+ break;
+
+ case PolicyPrimaryDomainInformation:
+ Status = LsarSetPrimaryDomain(PolicyHandle,
+ (PLSAPR_POLICY_PRIMARY_DOM_INFO)PolicyInformation);
+ break;
+
+ case PolicyAccountDomainInformation:
+ Status = LsarSetAccountDomain(PolicyHandle,
+ (PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
+ break;
+
+ case PolicyDnsDomainInformation:
+ Status = LsarSetDnsDomain(PolicyHandle,
+ (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
+ break;
+
+ case PolicyLsaServerRoleInformation:
+ Status = STATUS_NOT_IMPLEMENTED;
+ break;
+
+ default:
+ Status = STATUS_INVALID_PARAMETER;
+ break;
+ }
+
+ return Status;
}
/* Function 9 */
-NTSTATUS LsarClearAuditLog(
+NTSTATUS WINAPI LsarClearAuditLog(
LSAPR_HANDLE ObjectHandle)
{
/* Deprecated */
/* Function 10 */
-NTSTATUS LsarCreateAccount(
+NTSTATUS WINAPI LsarCreateAccount(
LSAPR_HANDLE PolicyHandle,
PRPC_SID AccountSid,
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *AccountHandle)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT PolicyObject;
+ PLSA_DB_OBJECT AccountObject = NULL;
+ LPWSTR SidString = NULL;
+ NTSTATUS Status = STATUS_SUCCESS;
+
+ /* Validate the AccountSid */
+ if (!RtlValidSid(AccountSid))
+ return STATUS_INVALID_PARAMETER;
+
+ /* Validate the PolicyHandle */
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ POLICY_CREATE_ACCOUNT,
+ &PolicyObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
+ return Status;
+ }
+
+ /* Create SID string */
+ if (!ConvertSidToStringSid((PSID)AccountSid,
+ &SidString))
+ {
+ ERR("ConvertSidToStringSid failed\n");
+ Status = STATUS_INVALID_PARAMETER;
+ goto done;
+ }
+
+ /* Create the Account object */
+ Status = LsapCreateDbObject(PolicyObject,
+ L"Accounts",
+ SidString,
+ LsaDbAccountObject,
+ DesiredAccess,
+ &AccountObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ /* Set the Sid attribute */
+ Status = LsapSetObjectAttribute(AccountObject,
+ L"Sid",
+ (PVOID)AccountSid,
+ GetLengthSid(AccountSid));
+
+done:
+ if (SidString != NULL)
+ LocalFree(SidString);
+
+ if (!NT_SUCCESS(Status))
+ {
+ if (AccountObject != NULL)
+ LsapCloseDbObject(AccountObject);
+ }
+ else
+ {
+ *AccountHandle = (LSAPR_HANDLE)AccountObject;
+ }
+
+ return STATUS_SUCCESS;
}
/* Function 11 */
-NTSTATUS LsarEnumerateAccounts(
+NTSTATUS WINAPI LsarEnumerateAccounts(
LSAPR_HANDLE PolicyHandle,
DWORD *EnumerationContext,
PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer,
/* Function 12 */
-NTSTATUS LsarCreateTrustedDomain(
+NTSTATUS WINAPI LsarCreateTrustedDomain(
LSAPR_HANDLE PolicyHandle,
PLSAPR_TRUST_INFORMATION TrustedDomainInformation,
ACCESS_MASK DesiredAccess,
/* Function 13 */
-NTSTATUS LsarEnumerateTrustedDomains(
+NTSTATUS WINAPI LsarEnumerateTrustedDomains(
LSAPR_HANDLE PolicyHandle,
DWORD *EnumerationContext,
PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
/* Function 14 */
-NTSTATUS LsarLookupNames(
+NTSTATUS WINAPI LsarLookupNames(
LSAPR_HANDLE PolicyHandle,
DWORD Count,
PRPC_UNICODE_STRING Names,
for (i = 0; i < Count; i++)
{
OutputSids[i].Use = SidTypeWellKnownGroup;
- OutputSids[i].RelativeId = DOMAIN_ALIAS_RID_ADMINS;
+ OutputSids[i].RelativeId = DOMAIN_USER_RID_ADMIN; //DOMAIN_ALIAS_RID_ADMINS;
OutputSids[i].DomainIndex = i;
}
/* Function 15 */
-NTSTATUS LsarLookupSids(
+NTSTATUS WINAPI LsarLookupSids(
LSAPR_HANDLE PolicyHandle,
PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
{
SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
- static const UNICODE_STRING UserName = RTL_CONSTANT_STRING(L"Administrator");
PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains = NULL;
PLSAPR_TRANSLATED_NAME OutputNames = NULL;
ULONG OutputNamesLength;
RtlCopyMemory(OutputDomains->Domains[i].Name.Buffer, DomainName.Buffer, DomainName.MaximumLength);
}
-
- for (i = 0; i < SidEnumBuffer->Entries; i++)
- {
- OutputNames[i].Use = SidTypeWellKnownGroup;
- OutputNames[i].DomainIndex = i;
- OutputNames[i].Name.Buffer = MIDL_user_allocate(UserName.MaximumLength);
- OutputNames[i].Name.Length = UserName.Length;
- OutputNames[i].Name.MaximumLength = UserName.MaximumLength;
- RtlCopyMemory(OutputNames[i].Name.Buffer, UserName.Buffer, UserName.MaximumLength);
- }
+ Status = LsapLookupSids(SidEnumBuffer,
+ OutputNames);
*ReferencedDomains = OutputDomains;
TranslatedNames->Entries = SidEnumBuffer->Entries;
TranslatedNames->Names = OutputNames;
- return STATUS_SUCCESS;
+ return Status;
}
/* Function 16 */
-NTSTATUS LsarCreateSecret(
+NTSTATUS WINAPI LsarCreateSecret(
LSAPR_HANDLE PolicyHandle,
PRPC_UNICODE_STRING SecretName,
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *SecretHandle)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT PolicyObject;
+ PLSA_DB_OBJECT SecretObject = NULL;
+ LARGE_INTEGER Time;
+ NTSTATUS Status = STATUS_SUCCESS;
+
+ /* Validate the PolicyHandle */
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ POLICY_CREATE_SECRET,
+ &PolicyObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
+ return Status;
+ }
+
+ /* Get the current time */
+ Status = NtQuerySystemTime(&Time);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ /* Create the Secret object */
+ Status = LsapCreateDbObject(PolicyObject,
+ L"Secrets",
+ SecretName->Buffer,
+ LsaDbSecretObject,
+ DesiredAccess,
+ &SecretObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ /* Set the CurrentTime attribute */
+ Status = LsapSetObjectAttribute(SecretObject,
+ L"CurrentTime",
+ (PVOID)&Time,
+ sizeof(LARGE_INTEGER));
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ /* Set the OldTime attribute */
+ Status = LsapSetObjectAttribute(SecretObject,
+ L"OldTime",
+ (PVOID)&Time,
+ sizeof(LARGE_INTEGER));
+
+done:
+ if (!NT_SUCCESS(Status))
+ {
+ if (SecretObject != NULL)
+ LsapCloseDbObject(SecretObject);
+ }
+ else
+ {
+ *SecretHandle = (LSAPR_HANDLE)SecretObject;
+ }
+
+ return STATUS_SUCCESS;
}
/* Function 17 */
-NTSTATUS LsarOpenAccount(
+NTSTATUS WINAPI LsarOpenAccount(
LSAPR_HANDLE PolicyHandle,
PRPC_SID AccountSid,
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *AccountHandle)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT PolicyObject;
+ PLSA_DB_OBJECT AccountObject = NULL;
+ LPWSTR SidString = NULL;
+ NTSTATUS Status = STATUS_SUCCESS;
+
+ /* Validate the AccountSid */
+ if (!RtlValidSid(AccountSid))
+ return STATUS_INVALID_PARAMETER;
+
+ /* Validate the PolicyHandle */
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ 0,
+ &PolicyObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
+ return Status;
+ }
+
+ /* Create SID string */
+ if (!ConvertSidToStringSid((PSID)AccountSid,
+ &SidString))
+ {
+ ERR("ConvertSidToStringSid failed\n");
+ Status = STATUS_INVALID_PARAMETER;
+ goto done;
+ }
+
+ /* Create the Account object */
+ Status = LsapOpenDbObject(PolicyObject,
+ L"Accounts",
+ SidString,
+ LsaDbAccountObject,
+ DesiredAccess,
+ &AccountObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ /* Set the Sid attribute */
+ Status = LsapSetObjectAttribute(AccountObject,
+ L"Sid",
+ (PVOID)AccountSid,
+ GetLengthSid(AccountSid));
+
+done:
+ if (SidString != NULL)
+ LocalFree(SidString);
+
+ if (!NT_SUCCESS(Status))
+ {
+ if (AccountObject != NULL)
+ LsapCloseDbObject(AccountObject);
+ }
+ else
+ {
+ *AccountHandle = (LSAPR_HANDLE)AccountObject;
+ }
+
+ return Status;
}
/* Function 18 */
-NTSTATUS LsarEnumeratePrivilegesAccount(
+NTSTATUS WINAPI LsarEnumeratePrivilegesAccount(
LSAPR_HANDLE AccountHandle,
PLSAPR_PRIVILEGE_SET *Privileges)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT AccountObject;
+ ULONG PrivilegeSetSize = 0;
+ PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
+ NTSTATUS Status;
+
+ *Privileges = NULL;
+
+ /* Validate the AccountHandle */
+ Status = LsapValidateDbObject(AccountHandle,
+ LsaDbAccountObject,
+ ACCOUNT_VIEW,
+ &AccountObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
+ return Status;
+ }
+
+ /* Get the size of the privilege set */
+ Status = LsapGetObjectAttribute(AccountObject,
+ L"Privilgs",
+ NULL,
+ &PrivilegeSetSize);
+ if (!NT_SUCCESS(Status))
+ return Status;
+
+ /* Allocate a buffer for the privilege set */
+ PrivilegeSet = MIDL_user_allocate(PrivilegeSetSize);
+ if (PrivilegeSet == NULL)
+ return STATUS_NO_MEMORY;
+
+ /* Get the privilege set */
+ Status = LsapGetObjectAttribute(AccountObject,
+ L"Privilgs",
+ PrivilegeSet,
+ &PrivilegeSetSize);
+ if (!NT_SUCCESS(Status))
+ {
+ MIDL_user_free(PrivilegeSet);
+ return Status;
+ }
+
+ /* Return a pointer to the privilege set */
+ *Privileges = PrivilegeSet;
+
+ return STATUS_SUCCESS;
}
/* Function 19 */
-NTSTATUS LsarAddPrivilegesToAccount(
+NTSTATUS WINAPI LsarAddPrivilegesToAccount(
LSAPR_HANDLE AccountHandle,
PLSAPR_PRIVILEGE_SET Privileges)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT AccountObject;
+ PPRIVILEGE_SET CurrentPrivileges = NULL;
+ PPRIVILEGE_SET NewPrivileges = NULL;
+ ULONG PrivilegeSetSize = 0;
+ ULONG PrivilegeCount;
+ ULONG i, j;
+ BOOL bFound;
+ NTSTATUS Status;
+
+ /* Validate the AccountHandle */
+ Status = LsapValidateDbObject(AccountHandle,
+ LsaDbAccountObject,
+ ACCOUNT_ADJUST_PRIVILEGES,
+ &AccountObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
+ return Status;
+ }
+
+ Status = LsapGetObjectAttribute(AccountObject,
+ L"Privilgs",
+ NULL,
+ &PrivilegeSetSize);
+ if (!NT_SUCCESS(Status) || PrivilegeSetSize == 0)
+ {
+ /* The Privilgs attribute does not exist */
+
+ PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
+ (Privileges->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
+ Status = LsapSetObjectAttribute(AccountObject,
+ L"Privilgs",
+ Privileges,
+ PrivilegeSetSize);
+ }
+ else
+ {
+ /* The Privilgs attribute exists */
+
+ /* Allocate memory for the stored privilege set */
+ CurrentPrivileges = MIDL_user_allocate(PrivilegeSetSize);
+ if (CurrentPrivileges == NULL)
+ return STATUS_NO_MEMORY;
+
+ /* Get the current privilege set */
+ Status = LsapGetObjectAttribute(AccountObject,
+ L"Privilgs",
+ CurrentPrivileges,
+ &PrivilegeSetSize);
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("LsapGetObjectAttribute() failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ PrivilegeCount = CurrentPrivileges->PrivilegeCount;
+ TRACE("Current privilege count: %lu\n", PrivilegeCount);
+
+ /* Calculate the number privileges in the combined privilege set */
+ for (i = 0; i < Privileges->PrivilegeCount; i++)
+ {
+ bFound = FALSE;
+ for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
+ {
+ if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
+ &(CurrentPrivileges->Privilege[i].Luid)))
+ {
+ bFound = TRUE;
+ break;
+ }
+ }
+
+ if (bFound == FALSE)
+ {
+ TRACE("Found new privilege\n");
+ PrivilegeCount++;
+ }
+ }
+ TRACE("New privilege count: %lu\n", PrivilegeCount);
+
+ /* Calculate the size of the new privilege set and allocate it */
+ PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
+ (PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
+ NewPrivileges = MIDL_user_allocate(PrivilegeSetSize);
+ if (NewPrivileges == NULL)
+ {
+ Status = STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ /* Initialize the new privilege set */
+ NewPrivileges->PrivilegeCount = PrivilegeCount;
+ NewPrivileges->Control = 0;
+
+ /* Copy all privileges from the current privilege set */
+ RtlCopyLuidAndAttributesArray(CurrentPrivileges->PrivilegeCount,
+ &(CurrentPrivileges->Privilege[0]),
+ &(NewPrivileges->Privilege[0]));
+
+ /* Add new privileges to the new privilege set */
+ PrivilegeCount = CurrentPrivileges->PrivilegeCount;
+ for (i = 0; i < Privileges->PrivilegeCount; i++)
+ {
+ bFound = FALSE;
+ for (j = 0; j < CurrentPrivileges->PrivilegeCount; j++)
+ {
+ if (RtlEqualLuid(&(Privileges->Privilege[i].Luid),
+ &(CurrentPrivileges->Privilege[i].Luid)))
+ {
+ /* Overwrite attributes if a matching privilege was found */
+ NewPrivileges->Privilege[j].Attributes = Privileges->Privilege[i].Attributes;
+
+ bFound = TRUE;
+ break;
+ }
+ }
+
+ if (bFound == FALSE)
+ {
+ /* Copy the new privilege */
+ RtlCopyLuidAndAttributesArray(1,
+ (PLUID_AND_ATTRIBUTES)&(Privileges->Privilege[i]),
+ &(NewPrivileges->Privilege[PrivilegeCount]));
+ PrivilegeCount++;
+ }
+ }
+
+ /* Set the new priivliege set */
+ Status = LsapSetObjectAttribute(AccountObject,
+ L"Privilgs",
+ NewPrivileges,
+ PrivilegeSetSize);
+ }
+
+done:
+ if (CurrentPrivileges != NULL)
+ MIDL_user_free(CurrentPrivileges);
+
+ if (NewPrivileges != NULL)
+ MIDL_user_free(NewPrivileges);
+
+ return Status;
}
/* Function 20 */
-NTSTATUS LsarRemovePrivilegesFromAccount(
+NTSTATUS WINAPI LsarRemovePrivilegesFromAccount(
LSAPR_HANDLE AccountHandle,
BOOL AllPrivileges,
PLSAPR_PRIVILEGE_SET Privileges)
/* Function 21 */
-NTSTATUS LsarGetQuotasForAccount(
+NTSTATUS WINAPI LsarGetQuotasForAccount(
LSAPR_HANDLE AccountHandle,
PQUOTA_LIMITS QuotaLimits)
{
/* Function 22 */
-NTSTATUS LsarSetQuotasForAccount(
+NTSTATUS WINAPI LsarSetQuotasForAccount(
LSAPR_HANDLE AccountHandle,
PQUOTA_LIMITS QuotaLimits)
{
/* Function 23 */
-NTSTATUS LsarGetSystemAccessAccount(
+NTSTATUS WINAPI LsarGetSystemAccessAccount(
LSAPR_HANDLE AccountHandle,
ACCESS_MASK *SystemAccess)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT AccountObject;
+ ULONG Size;
+ NTSTATUS Status;
+
+ /* Validate the account handle */
+ Status = LsapValidateDbObject(AccountHandle,
+ LsaDbAccountObject,
+ ACCOUNT_VIEW,
+ &AccountObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("Invalid handle (Status %lx)\n", Status);
+ return Status;
+ }
+
+ /* Get the system access flags */
+ Status = LsapGetObjectAttribute(AccountObject,
+ L"ActSysAc",
+ SystemAccess,
+ &Size);
+
+ return Status;
}
/* Function 24 */
-NTSTATUS LsarSetSystemAccessAccount(
+NTSTATUS WINAPI LsarSetSystemAccessAccount(
LSAPR_HANDLE AccountHandle,
ACCESS_MASK SystemAccess)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT AccountObject;
+ NTSTATUS Status;
+
+ /* Validate the account handle */
+ Status = LsapValidateDbObject(AccountHandle,
+ LsaDbAccountObject,
+ ACCOUNT_ADJUST_SYSTEM_ACCESS,
+ &AccountObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("Invalid handle (Status %lx)\n", Status);
+ return Status;
+ }
+
+ /* Set the system access flags */
+ Status = LsapSetObjectAttribute(AccountObject,
+ L"ActSysAc",
+ &SystemAccess,
+ sizeof(ACCESS_MASK));
+
+ return Status;
}
/* Function 25 */
-NTSTATUS LsarOpenTrustedDomain(
+NTSTATUS WINAPI LsarOpenTrustedDomain(
LSAPR_HANDLE PolicyHandle,
PRPC_SID TrustedDomainSid,
ACCESS_MASK DesiredAccess,
/* Function 26 */
-NTSTATUS LsarQueryInfoTrustedDomain(
+NTSTATUS WINAPI LsarQueryInfoTrustedDomain(
LSAPR_HANDLE TrustedDomainHandle,
TRUSTED_INFORMATION_CLASS InformationClass,
PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
/* Function 27 */
-NTSTATUS LsarSetInformationTrustedDomain(
+NTSTATUS WINAPI LsarSetInformationTrustedDomain(
LSAPR_HANDLE TrustedDomainHandle,
TRUSTED_INFORMATION_CLASS InformationClass,
PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
/* Function 28 */
-NTSTATUS LsarOpenSecret(
+NTSTATUS WINAPI LsarOpenSecret(
LSAPR_HANDLE PolicyHandle,
PRPC_UNICODE_STRING SecretName,
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *SecretHandle)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT PolicyObject;
+ PLSA_DB_OBJECT SecretObject = NULL;
+ NTSTATUS Status = STATUS_SUCCESS;
+
+ /* Validate the PolicyHandle */
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ 0,
+ &PolicyObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
+ return Status;
+ }
+
+ /* Create the secret object */
+ Status = LsapOpenDbObject(PolicyObject,
+ L"Secrets",
+ SecretName->Buffer,
+ LsaDbSecretObject,
+ DesiredAccess,
+ &SecretObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+done:
+ if (!NT_SUCCESS(Status))
+ {
+ if (SecretObject != NULL)
+ LsapCloseDbObject(SecretObject);
+ }
+ else
+ {
+ *SecretHandle = (LSAPR_HANDLE)SecretObject;
+ }
+
+ return Status;
}
/* Function 29 */
-NTSTATUS LsarSetSecret(
- LSAPR_HANDLE *SecretHandle,
+NTSTATUS WINAPI LsarSetSecret(
+ LSAPR_HANDLE SecretHandle,
PLSAPR_CR_CIPHER_VALUE EncryptedCurrentValue,
PLSAPR_CR_CIPHER_VALUE EncryptedOldValue)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT SecretObject;
+ PBYTE CurrentValue = NULL;
+ PBYTE OldValue = NULL;
+ ULONG CurrentValueLength = 0;
+ ULONG OldValueLength = 0;
+ LARGE_INTEGER Time;
+ NTSTATUS Status;
+
+ TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle,
+ EncryptedCurrentValue, EncryptedOldValue);
+
+ /* Validate the SecretHandle */
+ Status = LsapValidateDbObject(SecretHandle,
+ LsaDbSecretObject,
+ SECRET_SET_VALUE,
+ &SecretObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
+ return Status;
+ }
+
+ if (EncryptedCurrentValue != NULL)
+ {
+ /* FIXME: Decrypt the current value */
+ CurrentValue = EncryptedCurrentValue->Buffer;
+ CurrentValueLength = EncryptedCurrentValue->MaximumLength;
+ }
+
+ /* Set the current value */
+ Status = LsapSetObjectAttribute(SecretObject,
+ L"CurrentValue",
+ CurrentValue,
+ CurrentValueLength);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ /* Get the current time */
+ Status = NtQuerySystemTime(&Time);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ /* Set the current time */
+ Status = LsapSetObjectAttribute(SecretObject,
+ L"CurrentTime",
+ &Time,
+ sizeof(LARGE_INTEGER));
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ if (EncryptedOldValue != NULL)
+ {
+ /* FIXME: Decrypt the old value */
+ OldValue = EncryptedOldValue->Buffer;
+ OldValueLength = EncryptedOldValue->MaximumLength;
+ }
+
+ /* Set the old value */
+ Status = LsapSetObjectAttribute(SecretObject,
+ L"OldValue",
+ OldValue,
+ OldValueLength);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ /* Set the old time */
+ Status = LsapSetObjectAttribute(SecretObject,
+ L"OldTime",
+ &Time,
+ sizeof(LARGE_INTEGER));
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapSetObjectAttribute failed (Status 0x%08lx)\n", Status);
+ }
+
+done:
+ return Status;
}
/* Function 30 */
-NTSTATUS LsarQuerySecret(
+NTSTATUS WINAPI LsarQuerySecret(
LSAPR_HANDLE SecretHandle,
PLSAPR_CR_CIPHER_VALUE *EncryptedCurrentValue,
PLARGE_INTEGER CurrentValueSetTime,
PLSAPR_CR_CIPHER_VALUE *EncryptedOldValue,
PLARGE_INTEGER OldValueSetTime)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ PLSA_DB_OBJECT SecretObject;
+ PLSAPR_CR_CIPHER_VALUE EncCurrentValue = NULL;
+ PLSAPR_CR_CIPHER_VALUE EncOldValue = NULL;
+ PBYTE CurrentValue = NULL;
+ PBYTE OldValue = NULL;
+ ULONG CurrentValueLength = 0;
+ ULONG OldValueLength = 0;
+ ULONG BufferSize;
+ NTSTATUS Status;
+
+ TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle,
+ EncryptedCurrentValue, CurrentValueSetTime,
+ EncryptedOldValue, OldValueSetTime);
+
+ /* Validate the SecretHandle */
+ Status = LsapValidateDbObject(SecretHandle,
+ LsaDbSecretObject,
+ SECRET_QUERY_VALUE,
+ &SecretObject);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
+ return Status;
+ }
+
+ if (EncryptedCurrentValue != NULL)
+ {
+ CurrentValueLength = 0;
+
+ /* Get the size of the current value */
+ Status = LsapGetObjectAttribute(SecretObject,
+ L"CurrentValue",
+ NULL,
+ &CurrentValueLength);
+ if (!NT_SUCCESS(Status))
+ goto done;
+
+ /* Allocate a buffer for the current value */
+ CurrentValue = midl_user_allocate(CurrentValueLength);
+ if (CurrentValue == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
+ }
+
+ /* Get the current value */
+ Status = LsapGetObjectAttribute(SecretObject,
+ L"CurrentValue",
+ CurrentValue,
+ &CurrentValueLength);
+ if (!NT_SUCCESS(Status))
+ goto done;
+
+ /* Allocate a buffer for the encrypted current value */
+ EncCurrentValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE));
+ if (EncCurrentValue == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
+ }
+
+ /* FIXME: Encrypt the current value */
+ EncCurrentValue->Length = (USHORT)(CurrentValueLength - sizeof(WCHAR));
+ EncCurrentValue->MaximumLength = (USHORT)CurrentValueLength;
+ EncCurrentValue->Buffer = (PBYTE)CurrentValue;
+ }
+
+ if (CurrentValueSetTime != NULL)
+ {
+ BufferSize = sizeof(LARGE_INTEGER);
+
+ /* Get the current value time */
+ Status = LsapGetObjectAttribute(SecretObject,
+ L"CurrentTime",
+ (PBYTE)CurrentValueSetTime,
+ &BufferSize);
+ if (!NT_SUCCESS(Status))
+ goto done;
+ }
+
+ if (EncryptedOldValue != NULL)
+ {
+ OldValueLength = 0;
+
+ /* Get the size of the old value */
+ Status = LsapGetObjectAttribute(SecretObject,
+ L"OldValue",
+ NULL,
+ &OldValueLength);
+ if (!NT_SUCCESS(Status))
+ goto done;
+
+ /* Allocate a buffer for the old value */
+ OldValue = midl_user_allocate(OldValueLength);
+ if (OldValue == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
+ }
+
+ /* Get the old value */
+ Status = LsapGetObjectAttribute(SecretObject,
+ L"OldValue",
+ OldValue,
+ &OldValueLength);
+ if (!NT_SUCCESS(Status))
+ goto done;
+
+ /* Allocate a buffer for the encrypted old value */
+ EncOldValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE) + OldValueLength);
+ if (EncOldValue == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
+ }
+
+ /* FIXME: Encrypt the old value */
+ EncOldValue->Length = (USHORT)(OldValueLength - sizeof(WCHAR));
+ EncOldValue->MaximumLength = (USHORT)OldValueLength;
+ EncOldValue->Buffer = (PBYTE)OldValue;
+ }
+
+ if (OldValueSetTime != NULL)
+ {
+ BufferSize = sizeof(LARGE_INTEGER);
+
+ /* Get the old value time */
+ Status = LsapGetObjectAttribute(SecretObject,
+ L"OldTime",
+ (PBYTE)OldValueSetTime,
+ &BufferSize);
+ if (!NT_SUCCESS(Status))
+ goto done;
+ }
+
+
+done:
+ if (NT_SUCCESS(Status))
+ {
+ if (EncryptedCurrentValue != NULL)
+ *EncryptedCurrentValue = EncCurrentValue;
+
+ if (EncryptedOldValue != NULL)
+ *EncryptedOldValue = EncOldValue;
+ }
+ else
+ {
+ if (EncryptedCurrentValue != NULL)
+ *EncryptedCurrentValue = NULL;
+
+ if (EncryptedOldValue != NULL)
+ *EncryptedOldValue = NULL;
+
+ if (EncCurrentValue != NULL)
+ midl_user_free(EncCurrentValue);
+
+ if (EncOldValue != NULL)
+ midl_user_free(EncOldValue);
+
+ if (CurrentValue != NULL)
+ midl_user_free(CurrentValue);
+
+ if (OldValue != NULL)
+ midl_user_free(OldValue);
+ }
+
+ TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status);
+
+ return Status;
}
/* Function 31 */
-NTSTATUS LsarLookupPrivilegeValue(
+NTSTATUS WINAPI LsarLookupPrivilegeValue(
LSAPR_HANDLE PolicyHandle,
PRPC_UNICODE_STRING Name,
PLUID Value)
TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
PolicyHandle, Name, Value);
- if (!LsapValidateDbHandle(PolicyHandle, LsaDbPolicyHandle))
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ POLICY_LOOKUP_NAMES,
+ NULL);
+ if (!NT_SUCCESS(Status))
{
- ERR("Invalid handle\n");
- return STATUS_INVALID_HANDLE;
+ ERR("Invalid handle (Status %lx)\n", Status);
+ return Status;
}
TRACE("Privilege: %wZ\n", Name);
/* Function 32 */
-NTSTATUS LsarLookupPrivilegeName(
+NTSTATUS WINAPI LsarLookupPrivilegeName(
LSAPR_HANDLE PolicyHandle,
PLUID Value,
PRPC_UNICODE_STRING *Name)
TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
PolicyHandle, Value, Name);
- if (!LsapValidateDbHandle(PolicyHandle, LsaDbPolicyHandle))
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ POLICY_LOOKUP_NAMES,
+ NULL);
+ if (!NT_SUCCESS(Status))
{
ERR("Invalid handle\n");
- return STATUS_INVALID_HANDLE;
+ return Status;
}
Status = LsarpLookupPrivilegeName(Value, (PUNICODE_STRING*)Name);
/* Function 33 */
-NTSTATUS LsarLookupPrivilegeDisplayName(
+NTSTATUS WINAPI LsarLookupPrivilegeDisplayName(
LSAPR_HANDLE PolicyHandle,
PRPC_UNICODE_STRING Name,
USHORT ClientLanguage,
/* Function 34 */
-NTSTATUS LsarDeleteObject(
+NTSTATUS WINAPI LsarDeleteObject(
LSAPR_HANDLE *ObjectHandle)
{
UNIMPLEMENTED;
/* Function 35 */
-NTSTATUS LsarEnumerateAccountsWithUserRight(
+NTSTATUS WINAPI LsarEnumerateAccountsWithUserRight(
LSAPR_HANDLE PolicyHandle,
PRPC_UNICODE_STRING UserRight,
PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer)
/* Function 36 */
-NTSTATUS LsarEnmuerateAccountRights(
+NTSTATUS WINAPI LsarEnumerateAccountRights(
LSAPR_HANDLE PolicyHandle,
PRPC_SID AccountSid,
PLSAPR_USER_RIGHT_SET UserRights)
{
- FIXME("(%p,%p,%p) stub\n", PolicyHandle, AccountSid, UserRights);
+ PLSA_DB_OBJECT PolicyObject;
+ NTSTATUS Status;
- if (!LsapValidateDbHandle(PolicyHandle, LsaDbPolicyHandle))
- return STATUS_INVALID_HANDLE;
+ TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
+ PolicyHandle, AccountSid, UserRights);
+
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ ACCOUNT_VIEW,
+ &PolicyObject);
+ if (!NT_SUCCESS(Status))
+ return Status;
UserRights->Entries = 0;
UserRights->UserRights = NULL;
/* Function 37 */
-NTSTATUS LsarAddAccountRights(
+NTSTATUS WINAPI LsarAddAccountRights(
LSAPR_HANDLE PolicyHandle,
PRPC_SID AccountSid,
PLSAPR_USER_RIGHT_SET UserRights)
/* Function 38 */
-NTSTATUS LsarRemoveAccountRights(
+NTSTATUS WINAPI LsarRemoveAccountRights(
LSAPR_HANDLE PolicyHandle,
PRPC_SID AccountSid,
BOOL AllRights,
/* Function 39 */
-NTSTATUS LsarQueryTrustedDomainInfo(
+NTSTATUS WINAPI LsarQueryTrustedDomainInfo(
LSAPR_HANDLE PolicyHandle,
PRPC_SID TrustedDomainSid,
TRUSTED_INFORMATION_CLASS InformationClass,
/* Function 40 */
-NTSTATUS LsarSetTrustedDomainInfo(
+NTSTATUS WINAPI LsarSetTrustedDomainInfo(
LSAPR_HANDLE PolicyHandle,
PRPC_SID TrustedDomainSid,
TRUSTED_INFORMATION_CLASS InformationClass,
/* Function 41 */
-NTSTATUS LsarDeleteTrustedDomain(
+NTSTATUS WINAPI LsarDeleteTrustedDomain(
LSAPR_HANDLE PolicyHandle,
PRPC_SID TrustedDomainSid)
{
/* Function 42 */
-NTSTATUS LsarStorePrivateData(
+NTSTATUS WINAPI LsarStorePrivateData(
LSAPR_HANDLE PolicyHandle,
PRPC_UNICODE_STRING KeyName,
PLSAPR_CR_CIPHER_VALUE EncryptedData)
/* Function 43 */
-NTSTATUS LsarRetrievePrivateData(
+NTSTATUS WINAPI LsarRetrievePrivateData(
LSAPR_HANDLE PolicyHandle,
PRPC_UNICODE_STRING KeyName,
PLSAPR_CR_CIPHER_VALUE *EncryptedData)
/* Function 44 */
-NTSTATUS LsarOpenPolicy2(
+NTSTATUS WINAPI LsarOpenPolicy2(
LPWSTR SystemName,
PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes,
ACCESS_MASK DesiredAccess,
/* Function 45 */
-NTSTATUS LsarGetUserName(
+NTSTATUS WINAPI LsarGetUserName(
LPWSTR SystemName,
PRPC_UNICODE_STRING *UserName,
PRPC_UNICODE_STRING *DomainName)
/* Function 46 */
-NTSTATUS LsarQueryInformationPolicy2(
+NTSTATUS WINAPI LsarQueryInformationPolicy2(
LSAPR_HANDLE PolicyHandle,
POLICY_INFORMATION_CLASS InformationClass,
- unsigned long *PolicyInformation)
+ PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ return LsarQueryInformationPolicy(PolicyHandle,
+ InformationClass,
+ PolicyInformation);
}
/* Function 47 */
-NTSTATUS LsarSetInformationPolicy2(
+NTSTATUS WINAPI LsarSetInformationPolicy2(
LSAPR_HANDLE PolicyHandle,
POLICY_INFORMATION_CLASS InformationClass,
- unsigned long PolicyInformation)
+ PLSAPR_POLICY_INFORMATION PolicyInformation)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ return LsarSetInformationPolicy(PolicyHandle,
+ InformationClass,
+ PolicyInformation);
}
/* Function 48 */
-NTSTATUS LsarQueryTrustedDomainInfoByName(
+NTSTATUS WINAPI LsarQueryTrustedDomainInfoByName(
LSAPR_HANDLE PolicyHandle,
PRPC_UNICODE_STRING TrustedDomainName,
POLICY_INFORMATION_CLASS InformationClass,
- unsigned long *PolicyInformation)
+ PLSAPR_TRUSTED_DOMAIN_INFO *PolicyInformation)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
/* Function 49 */
-NTSTATUS LsarSetTrustedDomainInfoByName(
+NTSTATUS WINAPI LsarSetTrustedDomainInfoByName(
LSAPR_HANDLE PolicyHandle,
PRPC_UNICODE_STRING TrustedDomainName,
POLICY_INFORMATION_CLASS InformationClass,
- unsigned long PolicyInformation)
+ PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
/* Function 50 */
-NTSTATUS LsarEnumerateTrustedDomainsEx(
+NTSTATUS WINAPI LsarEnumerateTrustedDomainsEx(
LSAPR_HANDLE PolicyHandle,
DWORD *EnumerationContext,
PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer,
/* Function 51 */
-NTSTATUS LsarCreateTrustedDomainEx(
+NTSTATUS WINAPI LsarCreateTrustedDomainEx(
LSAPR_HANDLE PolicyHandle,
PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION AuthentificationInformation,
/* Function 52 */
-NTSTATUS LsarSetPolicyReplicationHandle(
+NTSTATUS WINAPI LsarSetPolicyReplicationHandle(
PLSAPR_HANDLE PolicyHandle)
{
/* Deprecated */
/* Function 53 */
-NTSTATUS LsarQueryDomainInformationPolicy(
+NTSTATUS WINAPI LsarQueryDomainInformationPolicy(
LSAPR_HANDLE PolicyHandle,
POLICY_INFORMATION_CLASS InformationClass,
- unsigned long *PolicyInformation)
+ PLSAPR_POLICY_DOMAIN_INFORMATION *PolicyInformation)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
/* Function 54 */
-NTSTATUS LsarSetDomainInformationPolicy(
+NTSTATUS WINAPI LsarSetDomainInformationPolicy(
LSAPR_HANDLE PolicyHandle,
POLICY_INFORMATION_CLASS InformationClass,
- unsigned long PolicyInformation)
+ PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
/* Function 55 */
-NTSTATUS LsarOpenTrustedDomainByName(
+NTSTATUS WINAPI LsarOpenTrustedDomainByName(
LSAPR_HANDLE PolicyHandle,
PRPC_UNICODE_STRING TrustedDomainName,
ACCESS_MASK DesiredAccess,
/* Function 56 */
-NTSTATUS LsarTestCall(
+NTSTATUS WINAPI LsarTestCall(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 57 */
-NTSTATUS LsarLookupSids2(
+NTSTATUS WINAPI LsarLookupSids2(
LSAPR_HANDLE PolicyHandle,
PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
/* Function 58 */
-NTSTATUS LsarLookupNames2(
+NTSTATUS WINAPI LsarLookupNames2(
LSAPR_HANDLE PolicyHandle,
DWORD Count,
PRPC_UNICODE_STRING Names,
PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
- PLSAPR_TRANSLATED_SID_EX TranslatedSids,
+ PLSAPR_TRANSLATED_SIDS_EX TranslatedSids,
LSAP_LOOKUP_LEVEL LookupLevel,
DWORD *MappedCount,
DWORD LookupOptions,
/* Function 59 */
-NTSTATUS LsarCreateTrustedDomainEx2(
+NTSTATUS WINAPI LsarCreateTrustedDomainEx2(
LSAPR_HANDLE PolicyHandle,
PLSAPR_TRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
PLSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL AuthentificationInformation,
/* Function 60 */
-NTSTATUS CredrWrite(
+NTSTATUS WINAPI CredrWrite(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 61 */
-NTSTATUS CredrRead(
+NTSTATUS WINAPI CredrRead(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 62 */
-NTSTATUS CredrEnumerate(
+NTSTATUS WINAPI CredrEnumerate(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 63 */
-NTSTATUS CredrWriteDomainCredentials(
+NTSTATUS WINAPI CredrWriteDomainCredentials(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 64 */
-NTSTATUS CredrReadDomainCredentials(
+NTSTATUS WINAPI CredrReadDomainCredentials(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 65 */
-NTSTATUS CredrDelete(
+NTSTATUS WINAPI CredrDelete(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 66 */
-NTSTATUS CredrGetTargetInfo(
+NTSTATUS WINAPI CredrGetTargetInfo(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 67 */
-NTSTATUS CredrProfileLoaded(
+NTSTATUS WINAPI CredrProfileLoaded(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 68 */
-NTSTATUS LsarLookupNames3(
+NTSTATUS WINAPI LsarLookupNames3(
LSAPR_HANDLE PolicyHandle,
DWORD Count,
PRPC_UNICODE_STRING Names,
PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
- PLSAPR_TRANSLATED_SID_EX2 TranslatedSids,
+ PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
LSAP_LOOKUP_LEVEL LookupLevel,
DWORD *MappedCount,
DWORD LookupOptions,
DWORD ClientRevision)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
+ static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN");
+ PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer = NULL;
+ PLSAPR_TRANSLATED_SID_EX2 SidsBuffer = NULL;
+ ULONG SidsBufferLength;
+ ULONG DomainSidLength;
+ ULONG AccountSidLength;
+ PSID DomainSid;
+ PSID AccountSid;
+ ULONG i;
+ NTSTATUS Status;
+
+ TRACE("LsarLookupNames3(%p, %lu, %p, %p, %p, %d, %p, %lu, %lu)\n",
+ PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids,
+ LookupLevel, MappedCount, LookupOptions, ClientRevision);
+
+ if (Count == 0)
+ return STATUS_NONE_MAPPED;
+
+ TranslatedSids->Entries = Count;
+ TranslatedSids->Sids = NULL;
+ *ReferencedDomains = NULL;
+
+ SidsBufferLength = Count * sizeof(LSAPR_TRANSLATED_SID_EX2);
+ SidsBuffer = MIDL_user_allocate(SidsBufferLength);
+ if (SidsBuffer == NULL)
+ return STATUS_INSUFFICIENT_RESOURCES;
+
+ for (i = 0; i < Count; i++)
+ {
+ SidsBuffer[i].Use = SidTypeUser;
+ SidsBuffer[i].Sid = NULL;
+ SidsBuffer[i].DomainIndex = -1;
+ SidsBuffer[i].Flags = 0;
+ }
+
+ DomainsBuffer = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
+ if (DomainsBuffer == NULL)
+ {
+ MIDL_user_free(SidsBuffer);
+ return STATUS_INSUFFICIENT_RESOURCES;
+ }
+
+ DomainsBuffer->Entries = Count;
+ DomainsBuffer->Domains = MIDL_user_allocate(Count * sizeof(LSA_TRUST_INFORMATION));
+ if (DomainsBuffer->Domains == NULL)
+ {
+ MIDL_user_free(DomainsBuffer);
+ MIDL_user_free(SidsBuffer);
+ return STATUS_INSUFFICIENT_RESOURCES;
+ }
+
+ Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
+ 2,
+ SECURITY_BUILTIN_DOMAIN_RID,
+ DOMAIN_ALIAS_RID_ADMINS,
+ 0, 0, 0, 0, 0, 0,
+ &DomainSid);
+ if (!NT_SUCCESS(Status))
+ {
+ MIDL_user_free(DomainsBuffer->Domains);
+ MIDL_user_free(DomainsBuffer);
+ MIDL_user_free(SidsBuffer);
+ return Status;
+ }
+
+ DomainSidLength = RtlLengthSid(DomainSid);
+
+ for (i = 0; i < Count; i++)
+ {
+ DomainsBuffer->Domains[i].Sid = MIDL_user_allocate(DomainSidLength);
+ RtlCopyMemory(DomainsBuffer->Domains[i].Sid,
+ DomainSid,
+ DomainSidLength);
+
+ DomainsBuffer->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength);
+ DomainsBuffer->Domains[i].Name.Length = DomainName.Length;
+ DomainsBuffer->Domains[i].Name.MaximumLength = DomainName.MaximumLength;
+ RtlCopyMemory(DomainsBuffer->Domains[i].Name.Buffer,
+ DomainName.Buffer,
+ DomainName.MaximumLength);
+ }
+
+ Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
+ 3,
+ SECURITY_BUILTIN_DOMAIN_RID,
+ DOMAIN_ALIAS_RID_ADMINS,
+ DOMAIN_USER_RID_ADMIN,
+ 0, 0, 0, 0, 0,
+ &AccountSid);
+ if (!NT_SUCCESS(Status))
+ {
+ MIDL_user_free(DomainsBuffer->Domains);
+ MIDL_user_free(DomainsBuffer);
+ MIDL_user_free(SidsBuffer);
+ return Status;
+ }
+
+ AccountSidLength = RtlLengthSid(AccountSid);
+
+ for (i = 0; i < Count; i++)
+ {
+ SidsBuffer[i].Use = SidTypeWellKnownGroup;
+ SidsBuffer[i].Sid = MIDL_user_allocate(AccountSidLength);
+
+ RtlCopyMemory(SidsBuffer[i].Sid,
+ AccountSid,
+ AccountSidLength);
+
+ SidsBuffer[i].DomainIndex = i;
+ SidsBuffer[i].Flags = 0;
+ }
+
+ *ReferencedDomains = DomainsBuffer;
+ *MappedCount = Count;
+
+ TranslatedSids->Entries = Count;
+ TranslatedSids->Sids = SidsBuffer;
+
+ return STATUS_SUCCESS;
}
/* Function 69 */
-NTSTATUS CredrGetSessionTypes(
+NTSTATUS WINAPI CredrGetSessionTypes(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 70 */
-NTSTATUS LsarRegisterAuditEvent(
+NTSTATUS WINAPI LsarRegisterAuditEvent(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 71 */
-NTSTATUS LsarGenAuditEvent(
+NTSTATUS WINAPI LsarGenAuditEvent(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 72 */
-NTSTATUS LsarUnregisterAuditEvent(
+NTSTATUS WINAPI LsarUnregisterAuditEvent(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 73 */
-NTSTATUS LsarQueryForestTrustInformation(
+NTSTATUS WINAPI LsarQueryForestTrustInformation(
LSAPR_HANDLE PolicyHandle,
PLSA_UNICODE_STRING TrustedDomainName,
LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
/* Function 74 */
-NTSTATUS LsarSetForestTrustInformation(
+NTSTATUS WINAPI LsarSetForestTrustInformation(
LSAPR_HANDLE PolicyHandle,
PLSA_UNICODE_STRING TrustedDomainName,
LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,
/* Function 75 */
-NTSTATUS CredrRename(
+NTSTATUS WINAPI CredrRename(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 76 */
-NTSTATUS LsarLookupSids3(
+NTSTATUS WINAPI LsarLookupSids3(
LSAPR_HANDLE PolicyHandle,
PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
/* Function 77 */
-NTSTATUS LsarLookupNames4(
+NTSTATUS WINAPI LsarLookupNames4(
handle_t RpcHandle,
DWORD Count,
PRPC_UNICODE_STRING Names,
PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
- PLSAPR_TRANSLATED_SID_EX2 TranslatedSids,
+ PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
LSAP_LOOKUP_LEVEL LookupLevel,
DWORD *MappedCount,
DWORD LookupOptions,
/* Function 78 */
-NTSTATUS LsarOpenPolicySce(
+NTSTATUS WINAPI LsarOpenPolicySce(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 79 */
-NTSTATUS LsarAdtRegisterSecurityEventSource(
+NTSTATUS WINAPI LsarAdtRegisterSecurityEventSource(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 80 */
-NTSTATUS LsarAdtUnregisterSecurityEventSource(
+NTSTATUS WINAPI LsarAdtUnregisterSecurityEventSource(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 81 */
-NTSTATUS LsarAdtReportSecurityEvent(
+NTSTATUS WINAPI LsarAdtReportSecurityEvent(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 82 */
-NTSTATUS CredrFindBestCredential(
+NTSTATUS WINAPI CredrFindBestCredential(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 83 */
-NTSTATUS LsarSetAuditPolicy(
+NTSTATUS WINAPI LsarSetAuditPolicy(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 84 */
-NTSTATUS LsarQueryAuditPolicy(
+NTSTATUS WINAPI LsarQueryAuditPolicy(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 85 */
-NTSTATUS LsarEnumerateAuditPolicy(
+NTSTATUS WINAPI LsarEnumerateAuditPolicy(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 86 */
-NTSTATUS LsarEnumerateAuditCategories(
+NTSTATUS WINAPI LsarEnumerateAuditCategories(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 87 */
-NTSTATUS LsarEnumerateAuditSubCategories(
+NTSTATUS WINAPI LsarEnumerateAuditSubCategories(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 88 */
-NTSTATUS LsarLookupAuditCategoryName(
+NTSTATUS WINAPI LsarLookupAuditCategoryName(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 89 */
-NTSTATUS LsarLookupAuditSubCategoryName(
+NTSTATUS WINAPI LsarLookupAuditSubCategoryName(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 90 */
-NTSTATUS LsarSetAuditSecurity(
+NTSTATUS WINAPI LsarSetAuditSecurity(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 91 */
-NTSTATUS LsarQueryAuditSecurity(
+NTSTATUS WINAPI LsarQueryAuditSecurity(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 92 */
-NTSTATUS CredReadByTokenHandle(
+NTSTATUS WINAPI CredReadByTokenHandle(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 93 */
-NTSTATUS CredrRestoreCredentials(
+NTSTATUS WINAPI CredrRestoreCredentials(
handle_t hBinding)
{
UNIMPLEMENTED;
/* Function 94 */
-NTSTATUS CredrBackupCredentials(
+NTSTATUS WINAPI CredrBackupCredentials(
handle_t hBinding)
{
UNIMPLEMENTED;