[LSASRV]

[reactos.git] / reactos / dll / win32 / lsasrv / lsarpc.c
diff --git a/reactos/dll/win32/lsasrv/lsarpc.c b/reactos/dll/win32/lsasrv/lsarpc.c

index 748ed12..48fcf9a 100644 (file)
--- a/reactos/dll/win32/lsasrv/lsarpc.c
+++ b/reactos/dll/win32/lsasrv/lsarpc.c
@@ -109,8 +109,26 @@ NTSTATUS WINAPI LsarEnumeratePrivileges(
      PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer,
      DWORD PreferedMaximumLength)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    PLSA_DB_OBJECT PolicyObject;
+    NTSTATUS Status;
+
+    TRACE("LsarEnumeratePrivileges(%p %p %p %lu)\n",
+          PolicyHandle, EnumerationContext, EnumerationBuffer,
+          PreferedMaximumLength);
+
+    Status = LsapValidateDbObject(PolicyHandle,
+                                  LsaDbPolicyObject,
+                                  POLICY_VIEW_LOCAL_INFORMATION,
+                                  &PolicyObject);
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    if (EnumerationContext == NULL)
+        return STATUS_INVALID_PARAMETER;
+
+    return LsarpEnumeratePrivileges(EnumerationContext,
+                                    EnumerationBuffer,
+                                    PreferedMaximumLength);
  }
  
  
@@ -165,6 +183,7 @@ NTSTATUS WINAPI LsarOpenPolicy(
      RtlEnterCriticalSection(&PolicyHandleTableLock);
  
      Status = LsapOpenDbObject(NULL,
+                              NULL,
                                L"Policy",
                                LsaDbPolicyObject,
                                DesiredAccess,
@@ -212,6 +231,10 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
          case PolicyLsaServerRoleInformation:
          case PolicyReplicaSourceInformation:
          case PolicyDefaultQuotaInformation:
+        case PolicyModificationInformation:
+        case PolicyDnsDomainInformation:
+        case PolicyDnsDomainInformationInt:
+        case PolicyLocalAccountDomainInformation:
              DesiredAccess = POLICY_VIEW_LOCAL_INFORMATION;
              break;
  
@@ -233,6 +256,10 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
  
      switch (InformationClass)
      {
+        case PolicyAuditLogInformation:      /* 1 */
+            Status = LsarQueryAuditLog(PolicyHandle,
+                                       PolicyInformation);
+
          case PolicyAuditEventsInformation:   /* 2 */
              Status = LsarQueryAuditEvents(PolicyHandle,
                                            PolicyInformation);
@@ -243,28 +270,57 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
                                              PolicyInformation);
              break;
  
+        case PolicyPdAccountInformation:     /* 4 */
+            Status = LsarQueryPdAccount(PolicyHandle,
+                                        PolicyInformation);
+
          case PolicyAccountDomainInformation: /* 5 */
              Status = LsarQueryAccountDomain(PolicyHandle,
                                              PolicyInformation);
              break;
  
-        case PolicyDnsDomainInformation:     /* 12 (0xc) */
+        case PolicyLsaServerRoleInformation: /* 6 */
+            Status = LsarQueryServerRole(PolicyHandle,
+                                         PolicyInformation);
+            break;
+
+        case PolicyReplicaSourceInformation: /* 7 */
+            Status = LsarQueryReplicaSource(PolicyHandle,
+                                            PolicyInformation);
+
+        case PolicyDefaultQuotaInformation:  /* 8 */
+            Status = LsarQueryDefaultQuota(PolicyHandle,
+                                           PolicyInformation);
+            break;
+
+        case PolicyModificationInformation:  /* 9 */
+            Status = LsarQueryModification(PolicyHandle,
+                                           PolicyInformation);
+            break;
+
+        case PolicyAuditFullQueryInformation: /* 11 (0xB) */
+            Status = LsarQueryAuditFull(PolicyHandle,
+                                        PolicyInformation);
+            break;
+
+        case PolicyDnsDomainInformation:      /* 12 (0xC) */
              Status = LsarQueryDnsDomain(PolicyHandle,
                                          PolicyInformation);
              break;
  
-        case PolicyAuditLogInformation:
-        case PolicyPdAccountInformation:
-        case PolicyLsaServerRoleInformation:
-        case PolicyReplicaSourceInformation:
-        case PolicyDefaultQuotaInformation:
-        case PolicyModificationInformation:
-        case PolicyAuditFullSetInformation:
-        case PolicyAuditFullQueryInformation:
-        case PolicyEfsInformation:
-            FIXME("Information class not implemented\n");
-            Status = STATUS_UNSUCCESSFUL;
+        case PolicyDnsDomainInformationInt:   /* 13 (0xD) */
+            Status = LsarQueryDnsDomainInt(PolicyHandle,
+                                           PolicyInformation);
              break;
+
+        case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
+            Status = LsarQueryLocalAccountDomain(PolicyHandle,
+                                                 PolicyInformation);
+            break;
+
+        default:
+            ERR("Invalid InformationClass!\n");
+            Status = STATUS_INVALID_PARAMETER;
      }
  
      return Status;
@@ -278,6 +334,7 @@ NTSTATUS WINAPI LsarSetInformationPolicy(
      PLSAPR_POLICY_INFORMATION PolicyInformation)
  {
      PLSA_DB_OBJECT DbObject;
+    ACCESS_MASK DesiredAccess = 0;
      NTSTATUS Status;
  
      TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
@@ -288,9 +345,42 @@ NTSTATUS WINAPI LsarSetInformationPolicy(
          TRACE("*PolicyInformation %p\n", *PolicyInformation);
      }
  
+    switch (InformationClass)
+    {
+        case PolicyAuditLogInformation:
+        case PolicyAuditFullSetInformation:
+            DesiredAccess = POLICY_AUDIT_LOG_ADMIN;
+            break;
+
+        case PolicyAuditEventsInformation:
+            DesiredAccess = POLICY_SET_AUDIT_REQUIREMENTS;
+            break;
+
+        case PolicyPrimaryDomainInformation:
+        case PolicyAccountDomainInformation:
+        case PolicyDnsDomainInformation:
+        case PolicyDnsDomainInformationInt:
+        case PolicyLocalAccountDomainInformation:
+            DesiredAccess = POLICY_TRUST_ADMIN;
+            break;
+
+        case PolicyLsaServerRoleInformation:
+        case PolicyReplicaSourceInformation:
+            DesiredAccess = POLICY_SERVER_ADMIN;
+            break;
+
+        case PolicyDefaultQuotaInformation:
+            DesiredAccess = POLICY_SET_DEFAULT_QUOTA_LIMITS;
+            break;
+
+        default:
+            ERR("Invalid InformationClass!\n");
+            return STATUS_INVALID_PARAMETER;
+    }
+
      Status = LsapValidateDbObject(PolicyHandle,
                                    LsaDbPolicyObject,
-                                  0, /* FIXME */
+                                  DesiredAccess,
                                    &DbObject);
      if (!NT_SUCCESS(Status))
          return Status;
@@ -346,11 +436,14 @@ NTSTATUS WINAPI LsarCreateAccount(
      LSAPR_HANDLE *AccountHandle)
  {
      PLSA_DB_OBJECT PolicyObject;
-    PLSA_DB_OBJECT AccountsObject = NULL;
      PLSA_DB_OBJECT AccountObject = NULL;
      LPWSTR SidString = NULL;
      NTSTATUS Status = STATUS_SUCCESS;
  
+    /* Validate the AccountSid */
+    if (!RtlValidSid(AccountSid))
+        return STATUS_INVALID_PARAMETER;
+
      /* Validate the PolicyHandle */
      Status = LsapValidateDbObject(PolicyHandle,
                                    LsaDbPolicyObject,
@@ -362,18 +455,6 @@ NTSTATUS WINAPI LsarCreateAccount(
          return Status;
      }
  
-    /* Open the Accounts object */
-    Status = LsapOpenDbObject(PolicyObject,
-                              L"Accounts",
-                              LsaDbContainerObject,
-                              0,
-                              &AccountsObject);
-    if (!NT_SUCCESS(Status))
-    {
-        ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status);
-        goto done;
-    }
-
      /* Create SID string */
      if (!ConvertSidToStringSid((PSID)AccountSid,
                                 &SidString))
@@ -384,14 +465,15 @@ NTSTATUS WINAPI LsarCreateAccount(
      }
  
      /* Create the Account object */
-    Status = LsapCreateDbObject(AccountsObject,
+    Status = LsapCreateDbObject(PolicyObject,
+                                L"Accounts",
                                  SidString,
                                  LsaDbAccountObject,
                                  DesiredAccess,
                                  &AccountObject);
      if (!NT_SUCCESS(Status))
      {
-        ERR("LsapCreateDbObject (Account) failed (Status 0x%08lx)\n", Status);
+        ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
          goto done;
      }
  
@@ -415,9 +497,6 @@ done:
          *AccountHandle = (LSAPR_HANDLE)AccountObject;
      }
  
-    if (AccountsObject != NULL)
-        LsapCloseDbObject(AccountsObject);
-
      return STATUS_SUCCESS;
  }
  
@@ -657,7 +736,6 @@ NTSTATUS WINAPI LsarCreateSecret(
      LSAPR_HANDLE *SecretHandle)
  {
      PLSA_DB_OBJECT PolicyObject;
-    PLSA_DB_OBJECT SecretsObject = NULL;
      PLSA_DB_OBJECT SecretObject = NULL;
      LARGE_INTEGER Time;
      NTSTATUS Status = STATUS_SUCCESS;
@@ -673,18 +751,6 @@ NTSTATUS WINAPI LsarCreateSecret(
          return Status;
      }
  
-    /* Open the Secrets object */
-    Status = LsapOpenDbObject(PolicyObject,
-                              L"Secrets",
-                              LsaDbContainerObject,
-                              0,
-                              &SecretsObject);
-    if (!NT_SUCCESS(Status))
-    {
-        ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status);
-        goto done;
-    }
-
      /* Get the current time */
      Status = NtQuerySystemTime(&Time);
      if (!NT_SUCCESS(Status))
@@ -694,14 +760,15 @@ NTSTATUS WINAPI LsarCreateSecret(
      }
  
      /* Create the Secret object */
-    Status = LsapCreateDbObject(SecretsObject,
+    Status = LsapCreateDbObject(PolicyObject,
+                                L"Secrets",
                                  SecretName->Buffer,
                                  LsaDbSecretObject,
                                  DesiredAccess,
                                  &SecretObject);
      if (!NT_SUCCESS(Status))
      {
-        ERR("LsapCreateDbObject (Secret) failed (Status 0x%08lx)\n", Status);
+        ERR("LsapCreateDbObject failed (Status 0x%08lx)\n", Status);
          goto done;
      }
  
@@ -733,9 +800,6 @@ done:
          *SecretHandle = (LSAPR_HANDLE)SecretObject;
      }
  
-    if (SecretsObject != NULL)
-        LsapCloseDbObject(SecretsObject);
-
      return STATUS_SUCCESS;
  }
  
@@ -748,15 +812,18 @@ NTSTATUS WINAPI LsarOpenAccount(
      LSAPR_HANDLE *AccountHandle)
  {
      PLSA_DB_OBJECT PolicyObject;
-    PLSA_DB_OBJECT AccountsObject = NULL;
      PLSA_DB_OBJECT AccountObject = NULL;
      LPWSTR SidString = NULL;
      NTSTATUS Status = STATUS_SUCCESS;
  
+    /* Validate the AccountSid */
+    if (!RtlValidSid(AccountSid))
+        return STATUS_INVALID_PARAMETER;
+
      /* Validate the PolicyHandle */
      Status = LsapValidateDbObject(PolicyHandle,
                                    LsaDbPolicyObject,
-                                  POLICY_CREATE_ACCOUNT,
+                                  0,
                                    &PolicyObject);
      if (!NT_SUCCESS(Status))
      {
@@ -764,18 +831,6 @@ NTSTATUS WINAPI LsarOpenAccount(
          return Status;
      }
  
-    /* Open the Accounts object */
-    Status = LsapOpenDbObject(PolicyObject,
-                              L"Accounts",
-                              LsaDbContainerObject,
-                              0,
-                              &AccountsObject);
-    if (!NT_SUCCESS(Status))
-    {
-        ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status);
-        goto done;
-    }
-
      /* Create SID string */
      if (!ConvertSidToStringSid((PSID)AccountSid,
                                 &SidString))
@@ -786,14 +841,15 @@ NTSTATUS WINAPI LsarOpenAccount(
      }
  
      /* Create the Account object */
-    Status = LsapOpenDbObject(AccountsObject,
+    Status = LsapOpenDbObject(PolicyObject,
+                              L"Accounts",
                                SidString,
                                LsaDbAccountObject,
                                DesiredAccess,
                                &AccountObject);
      if (!NT_SUCCESS(Status))
      {
-        ERR("LsapOpenDbObject (Account) failed (Status 0x%08lx)\n", Status);
+        ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
          goto done;
      }
  
@@ -817,10 +873,7 @@ done:
          *AccountHandle = (LSAPR_HANDLE)AccountObject;
      }
  
-    if (AccountsObject != NULL)
-        LsapCloseDbObject(AccountsObject);
-
-    return STATUS_SUCCESS;
+    return Status;
  }
  
  
@@ -1160,14 +1213,13 @@ NTSTATUS WINAPI LsarOpenSecret(
      LSAPR_HANDLE *SecretHandle)
  {
      PLSA_DB_OBJECT PolicyObject;
-    PLSA_DB_OBJECT SecretsObject = NULL;
      PLSA_DB_OBJECT SecretObject = NULL;
      NTSTATUS Status = STATUS_SUCCESS;
  
      /* Validate the PolicyHandle */
      Status = LsapValidateDbObject(PolicyHandle,
                                    LsaDbPolicyObject,
-                                  POLICY_CREATE_SECRET,
+                                  0,
                                    &PolicyObject);
      if (!NT_SUCCESS(Status))
      {
@@ -1175,27 +1227,16 @@ NTSTATUS WINAPI LsarOpenSecret(
          return Status;
      }
  
-    /* Open the Secrets object */
+    /* Create the secret object */
      Status = LsapOpenDbObject(PolicyObject,
                                L"Secrets",
-                              LsaDbContainerObject,
-                              0,
-                              &SecretsObject);
-    if (!NT_SUCCESS(Status))
-    {
-        ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status);
-        goto done;
-    }
-
-    /* Create the secret object */
-    Status = LsapOpenDbObject(SecretsObject,
                                SecretName->Buffer,
                                LsaDbSecretObject,
                                DesiredAccess,
                                &SecretObject);
      if (!NT_SUCCESS(Status))
      {
-        ERR("LsapOpenDbObject (Secret) failed (Status 0x%08lx)\n", Status);
+        ERR("LsapOpenDbObject failed (Status 0x%08lx)\n", Status);
          goto done;
      }
  
@@ -1210,10 +1251,7 @@ done:
          *SecretHandle = (LSAPR_HANDLE)SecretObject;
      }
  
-    if (SecretsObject != NULL)
-        LsapCloseDbObject(SecretsObject);
-
-    return STATUS_SUCCESS;
+    return Status;
  }
  
  
@@ -1231,6 +1269,9 @@ NTSTATUS WINAPI LsarSetSecret(
      LARGE_INTEGER Time;
      NTSTATUS Status;
  
+    TRACE("LsarSetSecret(%p %p %p)\n", SecretHandle,
+          EncryptedCurrentValue, EncryptedOldValue);
+
      /* Validate the SecretHandle */
      Status = LsapValidateDbObject(SecretHandle,
                                    LsaDbSecretObject,
@@ -1320,8 +1361,175 @@ NTSTATUS WINAPI LsarQuerySecret(
      PLSAPR_CR_CIPHER_VALUE *EncryptedOldValue,
      PLARGE_INTEGER OldValueSetTime)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    PLSA_DB_OBJECT SecretObject;
+    PLSAPR_CR_CIPHER_VALUE EncCurrentValue = NULL;
+    PLSAPR_CR_CIPHER_VALUE EncOldValue = NULL;
+    PBYTE CurrentValue = NULL;
+    PBYTE OldValue = NULL;
+    ULONG CurrentValueLength = 0;
+    ULONG OldValueLength = 0;
+    ULONG BufferSize;
+    NTSTATUS Status;
+
+    TRACE("LsarQuerySecret(%p %p %p %p %p)\n", SecretHandle,
+          EncryptedCurrentValue, CurrentValueSetTime,
+          EncryptedOldValue, OldValueSetTime);
+
+    /* Validate the SecretHandle */
+    Status = LsapValidateDbObject(SecretHandle,
+                                  LsaDbSecretObject,
+                                  SECRET_QUERY_VALUE,
+                                  &SecretObject);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
+        return Status;
+    }
+
+    if (EncryptedCurrentValue != NULL)
+    {
+        CurrentValueLength = 0;
+
+        /* Get the size of the current value */
+        Status = LsapGetObjectAttribute(SecretObject,
+                                        L"CurrentValue",
+                                        NULL,
+                                        &CurrentValueLength);
+        if (!NT_SUCCESS(Status))
+            goto done;
+
+        /* Allocate a buffer for the current value */
+        CurrentValue = midl_user_allocate(CurrentValueLength);
+        if (CurrentValue == NULL)
+        {
+            Status = STATUS_INSUFFICIENT_RESOURCES;
+            goto done;
+        }
+
+        /* Get the current value */
+        Status = LsapGetObjectAttribute(SecretObject,
+                                        L"CurrentValue",
+                                        CurrentValue,
+                                        &CurrentValueLength);
+        if (!NT_SUCCESS(Status))
+            goto done;
+
+        /* Allocate a buffer for the encrypted current value */
+        EncCurrentValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE));
+        if (EncCurrentValue == NULL)
+        {
+            Status = STATUS_INSUFFICIENT_RESOURCES;
+            goto done;
+        }
+
+        /* FIXME: Encrypt the current value */
+        EncCurrentValue->Length = (USHORT)(CurrentValueLength - sizeof(WCHAR));
+        EncCurrentValue->MaximumLength = (USHORT)CurrentValueLength;
+        EncCurrentValue->Buffer = (PBYTE)CurrentValue;
+    }
+
+    if (CurrentValueSetTime != NULL)
+    {
+        BufferSize = sizeof(LARGE_INTEGER);
+
+        /* Get the current value time */
+        Status = LsapGetObjectAttribute(SecretObject,
+                                        L"CurrentTime",
+                                        (PBYTE)CurrentValueSetTime,
+                                        &BufferSize);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (EncryptedOldValue != NULL)
+    {
+        OldValueLength = 0;
+
+        /* Get the size of the old value */
+        Status = LsapGetObjectAttribute(SecretObject,
+                                        L"OldValue",
+                                        NULL,
+                                        &OldValueLength);
+        if (!NT_SUCCESS(Status))
+            goto done;
+
+        /* Allocate a buffer for the old value */
+        OldValue = midl_user_allocate(OldValueLength);
+        if (OldValue == NULL)
+        {
+            Status = STATUS_INSUFFICIENT_RESOURCES;
+            goto done;
+        }
+
+        /* Get the old value */
+        Status = LsapGetObjectAttribute(SecretObject,
+                                        L"OldValue",
+                                        OldValue,
+                                        &OldValueLength);
+        if (!NT_SUCCESS(Status))
+            goto done;
+
+        /* Allocate a buffer for the encrypted old value */
+        EncOldValue = midl_user_allocate(sizeof(LSAPR_CR_CIPHER_VALUE) + OldValueLength);
+        if (EncOldValue == NULL)
+        {
+            Status = STATUS_INSUFFICIENT_RESOURCES;
+            goto done;
+        }
+
+        /* FIXME: Encrypt the old value */
+        EncOldValue->Length = (USHORT)(OldValueLength - sizeof(WCHAR));
+        EncOldValue->MaximumLength = (USHORT)OldValueLength;
+        EncOldValue->Buffer = (PBYTE)OldValue;
+    }
+
+    if (OldValueSetTime != NULL)
+    {
+        BufferSize = sizeof(LARGE_INTEGER);
+
+        /* Get the old value time */
+        Status = LsapGetObjectAttribute(SecretObject,
+                                        L"OldTime",
+                                        (PBYTE)OldValueSetTime,
+                                        &BufferSize);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+
+done:
+    if (NT_SUCCESS(Status))
+    {
+        if (EncryptedCurrentValue != NULL)
+            *EncryptedCurrentValue = EncCurrentValue;
+
+        if (EncryptedOldValue != NULL)
+            *EncryptedOldValue = EncOldValue;
+    }
+    else
+    {
+        if (EncryptedCurrentValue != NULL)
+            *EncryptedCurrentValue = NULL;
+
+        if (EncryptedOldValue != NULL)
+            *EncryptedOldValue = NULL;
+
+        if (EncCurrentValue != NULL)
+            midl_user_free(EncCurrentValue);
+
+        if (EncOldValue != NULL)
+            midl_user_free(EncOldValue);
+
+        if (CurrentValue != NULL)
+            midl_user_free(CurrentValue);
+
+        if (OldValue != NULL)
+            midl_user_free(OldValue);
+    }
+
+    TRACE("LsarQuerySecret done (Status 0x%08lx)\n", Status);
+
+    return Status;
  }
  
  
@@ -1338,7 +1546,7 @@ NTSTATUS WINAPI LsarLookupPrivilegeValue(
  
      Status = LsapValidateDbObject(PolicyHandle,
                                    LsaDbPolicyObject,
-                                  0, /* FIXME */
+                                  POLICY_LOOKUP_NAMES,
                                    NULL);
      if (!NT_SUCCESS(Status))
      {
@@ -1368,7 +1576,7 @@ NTSTATUS WINAPI LsarLookupPrivilegeName(
  
      Status = LsapValidateDbObject(PolicyHandle,
                                    LsaDbPolicyObject,
-                                  0, /* FIXME */
+                                  POLICY_LOOKUP_NAMES,
                                    NULL);
      if (!NT_SUCCESS(Status))
      {
@@ -1417,7 +1625,7 @@ NTSTATUS WINAPI LsarEnumerateAccountsWithUserRight(
  
  
  /* Function 36 */
-NTSTATUS WINAPI LsarEnmuerateAccountRights(
+NTSTATUS WINAPI LsarEnumerateAccountRights(
      LSAPR_HANDLE PolicyHandle,
      PRPC_SID AccountSid,
      PLSAPR_USER_RIGHT_SET UserRights)
@@ -1425,7 +1633,8 @@ NTSTATUS WINAPI LsarEnmuerateAccountRights(
      PLSA_DB_OBJECT PolicyObject;
      NTSTATUS Status;
  
-    FIXME("(%p,%p,%p) stub\n", PolicyHandle, AccountSid, UserRights);
+    TRACE("LsarEnumerateAccountRights(%p %p %p)\n",
+          PolicyHandle, AccountSid, UserRights);
  
      Status = LsapValidateDbObject(PolicyHandle,
                                    LsaDbPolicyObject,
@@ -1546,10 +1755,11 @@ NTSTATUS WINAPI LsarGetUserName(
  NTSTATUS WINAPI LsarQueryInformationPolicy2(
      LSAPR_HANDLE PolicyHandle,
      POLICY_INFORMATION_CLASS InformationClass,
-    unsigned long *PolicyInformation)
+    PLSAPR_POLICY_INFORMATION *PolicyInformation)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    return LsarQueryInformationPolicy(PolicyHandle,
+                                      InformationClass,
+                                      PolicyInformation);
  }
  
  
@@ -1557,10 +1767,11 @@ NTSTATUS WINAPI LsarQueryInformationPolicy2(
  NTSTATUS WINAPI LsarSetInformationPolicy2(
      LSAPR_HANDLE PolicyHandle,
      POLICY_INFORMATION_CLASS InformationClass,
-    unsigned long PolicyInformation)
+    PLSAPR_POLICY_INFORMATION PolicyInformation)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    return LsarSetInformationPolicy(PolicyHandle,
+                                    InformationClass,
+                                    PolicyInformation);
  }
  
  
@@ -1569,7 +1780,7 @@ NTSTATUS WINAPI LsarQueryTrustedDomainInfoByName(
      LSAPR_HANDLE PolicyHandle,
      PRPC_UNICODE_STRING TrustedDomainName,
      POLICY_INFORMATION_CLASS InformationClass,
-    unsigned long *PolicyInformation)
+    PLSAPR_TRUSTED_DOMAIN_INFO *PolicyInformation)
  {
      UNIMPLEMENTED;
      return STATUS_NOT_IMPLEMENTED;
@@ -1581,7 +1792,7 @@ NTSTATUS WINAPI LsarSetTrustedDomainInfoByName(
      LSAPR_HANDLE PolicyHandle,
      PRPC_UNICODE_STRING TrustedDomainName,
      POLICY_INFORMATION_CLASS InformationClass,
-    unsigned long PolicyInformation)
+    PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation)
  {
      UNIMPLEMENTED;
      return STATUS_NOT_IMPLEMENTED;
@@ -1626,7 +1837,7 @@ NTSTATUS WINAPI LsarSetPolicyReplicationHandle(
  NTSTATUS WINAPI LsarQueryDomainInformationPolicy(
      LSAPR_HANDLE PolicyHandle,
      POLICY_INFORMATION_CLASS InformationClass,
-    unsigned long *PolicyInformation)
+    PLSAPR_POLICY_DOMAIN_INFORMATION *PolicyInformation)
  {
      UNIMPLEMENTED;
      return STATUS_NOT_IMPLEMENTED;
@@ -1637,7 +1848,7 @@ NTSTATUS WINAPI LsarQueryDomainInformationPolicy(
  NTSTATUS WINAPI LsarSetDomainInformationPolicy(
      LSAPR_HANDLE PolicyHandle,
      POLICY_INFORMATION_CLASS InformationClass,
-    unsigned long PolicyInformation)
+    PLSAPR_POLICY_DOMAIN_INFORMATION PolicyInformation)
  {
      UNIMPLEMENTED;
      return STATUS_NOT_IMPLEMENTED;