projects / reactos.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[NETAPI32]
[reactos.git] / reactos / dll / win32 / netapi32 / user.c
diff --git a/reactos/dll/win32/netapi32/user.c b/reactos/dll/win32/netapi32/user.c
index 46c2bab..0abfc0d 100644 (file)
--- a/reactos/dll/win32/netapi32/user.c
+++ b/reactos/dll/win32/netapi32/user.c
@@ -20,8 +20,7 @@
 
 /*
  *  TODO:
- *    Implement NetUserChangePassword
- *    Implement NetUserGetGroups
+ *    Implement NetUserGetGroups (WIP)
  *    Implement NetUserSetGroups
  *    NetUserGetLocalGroups does not support LG_INCLUDE_INDIRECT yet.
  *    Add missing information levels.
@@ -30,8 +29,10 @@
 
 #include "netapi32.h"
 
-WINE_DEFAULT_DEBUG_CHANNEL(netapi32);
+#include <ndk/kefuncs.h>
+#include <ndk/obfuncs.h>
 
+WINE_DEFAULT_DEBUG_CHANNEL(netapi32);
 
 typedef struct _ENUM_CONTEXT
 {
@@ -50,9 +51,93 @@ typedef struct _ENUM_CONTEXT
 
 static
 ULONG
-GetAccountFlags(ULONG AccountControl)
+DeltaTimeToSeconds(LARGE_INTEGER DeltaTime)
+{
+    LARGE_INTEGER Seconds;
+
+    if (DeltaTime.QuadPart == 0)
+        return 0;
+
+    Seconds.QuadPart = -DeltaTime.QuadPart / 10000000;
+
+    if (Seconds.HighPart != 0)
+        return TIMEQ_FOREVER;
+
+    return Seconds.LowPart;
+}
+
+
+static
+NTSTATUS
+GetAllowedWorldAce(IN PACL Acl,
+                   OUT PACCESS_ALLOWED_ACE *Ace)
+{
+    SID_IDENTIFIER_AUTHORITY WorldAuthority = {SECURITY_WORLD_SID_AUTHORITY};
+    ULONG WorldSid[sizeof(SID) / sizeof(ULONG) + SID_MAX_SUB_AUTHORITIES];
+    ACL_SIZE_INFORMATION AclSize;
+    PVOID LocalAce = NULL;
+    ULONG i;
+    NTSTATUS Status;
+
+    *Ace = NULL;
+
+    RtlInitializeSid((PSID)WorldSid,
+                     &WorldAuthority,
+                     1);
+    *(RtlSubAuthoritySid((PSID)WorldSid, 0)) = SECURITY_WORLD_RID;
+
+    Status = RtlQueryInformationAcl(Acl,
+                                    &AclSize,
+                                    sizeof(AclSize),
+                                    AclSizeInformation);
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    for (i = 0; i < AclSize.AceCount; i++)
+    {
+        Status = RtlGetAce(Acl, i, &LocalAce);
+        if (!NT_SUCCESS(Status))
+            return Status;
+
+        if (((PACE_HEADER)LocalAce)->AceType != ACCESS_ALLOWED_ACE_TYPE)
+            continue;
+
+        if (RtlEqualSid((PSID)WorldSid,
+                        (PSID)&((PACCESS_ALLOWED_ACE)LocalAce)->SidStart))
+        {
+            *Ace = (PACCESS_ALLOWED_ACE)LocalAce;
+            return STATUS_SUCCESS;
+        }
+    }
+
+    return STATUS_SUCCESS;
+}
+
+
+static
+ULONG
+GetAccountFlags(ULONG AccountControl,
+                PACL Dacl)
 {
+    PACCESS_ALLOWED_ACE Ace = NULL;
     ULONG Flags = UF_SCRIPT;
+    NTSTATUS Status;
+
+    if (Dacl != NULL)
+    {
+        Status = GetAllowedWorldAce(Dacl, &Ace);
+        if (NT_SUCCESS(Status))
+        {
+            if (Ace == NULL)
+            {
+                Flags |= UF_PASSWD_CANT_CHANGE;
+            }
+            else if ((Ace->Mask & USER_CHANGE_PASSWORD) == 0)
+            {
+                Flags |= UF_PASSWD_CANT_CHANGE;
+            }
+        }
+    }
 
     if (AccountControl & USER_ACCOUNT_DISABLED)
         Flags |= UF_ACCOUNTDISABLE;
@@ -63,8 +148,6 @@ GetAccountFlags(ULONG AccountControl)
     if (AccountControl & USER_PASSWORD_NOT_REQUIRED)
         Flags |= UF_PASSWD_NOTREQD;
 
-//    UF_PASSWD_CANT_CHANGE
-
     if (AccountControl & USER_ACCOUNT_AUTO_LOCKED)
         Flags |= UF_LOCKOUT;
 
@@ -110,28 +193,255 @@ GetAccountFlags(ULONG AccountControl)
 }
 
 
+static
+ULONG
+GetAccountControl(ULONG Flags)
+{
+    ULONG AccountControl = 0;
+
+    if (Flags & UF_ACCOUNTDISABLE)
+        AccountControl |= USER_ACCOUNT_DISABLED;
+
+    if (Flags & UF_HOMEDIR_REQUIRED)
+        AccountControl |= USER_HOME_DIRECTORY_REQUIRED;
+
+    if (Flags & UF_PASSWD_NOTREQD)
+        AccountControl |= USER_PASSWORD_NOT_REQUIRED;
+
+    if (Flags & UF_LOCKOUT)
+        AccountControl |= USER_ACCOUNT_AUTO_LOCKED;
+
+    if (Flags & UF_DONT_EXPIRE_PASSWD)
+        AccountControl |= USER_DONT_EXPIRE_PASSWORD;
+
+    /* Set account type flags */
+    if (Flags & UF_TEMP_DUPLICATE_ACCOUNT)
+        AccountControl |= USER_TEMP_DUPLICATE_ACCOUNT;
+    else if (Flags & UF_NORMAL_ACCOUNT)
+        AccountControl |= USER_NORMAL_ACCOUNT;
+    else if (Flags & UF_INTERDOMAIN_TRUST_ACCOUNT)
+        AccountControl |= USER_INTERDOMAIN_TRUST_ACCOUNT;
+    else if (Flags & UF_WORKSTATION_TRUST_ACCOUNT)
+        AccountControl |= USER_WORKSTATION_TRUST_ACCOUNT;
+    else if (Flags & UF_SERVER_TRUST_ACCOUNT)
+        AccountControl |= USER_SERVER_TRUST_ACCOUNT;
+
+    return AccountControl;
+}
+
+
+static
+DWORD
+GetPasswordAge(IN PLARGE_INTEGER PasswordLastSet)
+{
+    LARGE_INTEGER SystemTime;
+    ULONG SystemSecondsSince1970;
+    ULONG PasswordSecondsSince1970;
+    NTSTATUS Status;
+
+    Status = NtQuerySystemTime(&SystemTime);
+    if (!NT_SUCCESS(Status))
+        return 0;
+
+    RtlTimeToSecondsSince1970(&SystemTime, &SystemSecondsSince1970);
+    RtlTimeToSecondsSince1970(PasswordLastSet, &PasswordSecondsSince1970);
+
+    return SystemSecondsSince1970 - PasswordSecondsSince1970;
+}
+
+
+static
+VOID
+ChangeUserDacl(IN PACL Dacl,
+               IN ULONG Flags)
+{
+    PACCESS_ALLOWED_ACE Ace = NULL;
+    NTSTATUS Status;
+
+    if (Dacl == NULL)
+        return;
+
+    Status = GetAllowedWorldAce(Dacl, &Ace);
+    if (!NT_SUCCESS(Status))
+        return;
+
+    if (Flags & UF_PASSWD_CANT_CHANGE)
+        Ace->Mask &= ~USER_CHANGE_PASSWORD;
+    else
+        Ace->Mask |= USER_CHANGE_PASSWORD;
+}
+
+
+static
+NET_API_STATUS
+GetUserDacl(IN SAM_HANDLE UserHandle,
+            OUT PACL *Dacl)
+{
+    PSECURITY_DESCRIPTOR SecurityDescriptor = NULL;
+    PACL SamDacl;
+    PACL LocalDacl;
+    BOOLEAN Defaulted;
+    BOOLEAN Present;
+    ACL_SIZE_INFORMATION AclSize;
+    NET_API_STATUS ApiStatus;
+    NTSTATUS Status;
+
+    TRACE("(%p %p)\n", UserHandle, Dacl);
+
+    *Dacl = NULL;
+
+    Status = SamQuerySecurityObject(UserHandle,
+                                    DACL_SECURITY_INFORMATION,
+                                    &SecurityDescriptor);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SamQuerySecurityObject() failed (Status 0x%08lx)\n", Status);
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor,
+                                          &Present,
+                                          &SamDacl,
+                                          &Defaulted);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("RtlGetDaclSecurityDescriptor() failed (Status 0x%08lx)\n", Status);
+        ApiStatus = NERR_InternalError;
+        goto done;
+    }
+
+    if (Present == FALSE)
+    {
+        TRACE("No DACL present\n");
+        ApiStatus = NERR_Success;
+        goto done;
+    }
+
+    Status = RtlQueryInformationAcl(SamDacl,
+                                    &AclSize,
+                                    sizeof(AclSize),
+                                    AclSizeInformation);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("RtlQueryInformationAcl() failed (Status 0x%08lx)\n", Status);
+        ApiStatus = NERR_InternalError;
+        goto done;
+    }
+
+    LocalDacl = HeapAlloc(GetProcessHeap(), 0, AclSize.AclBytesInUse);
+    if (LocalDacl == NULL)
+    {
+        TRACE("Memory allocation failed\n");
+        ApiStatus = ERROR_NOT_ENOUGH_MEMORY;
+        goto done;
+    }
+
+    RtlCopyMemory(LocalDacl, SamDacl, AclSize.AclBytesInUse);
+
+    *Dacl = LocalDacl;
+
+    ApiStatus = NERR_Success;
+
+done:
+    if (SecurityDescriptor != NULL)
+        SamFreeMemory(SecurityDescriptor);
+
+    TRACE("done (ApiStatus: 0x%08lx)\n", ApiStatus);
+
+    return ApiStatus;
+}
+
+
+static
+VOID
+FreeUserInfo(PUSER_ALL_INFORMATION UserInfo)
+{
+    if (UserInfo->UserName.Buffer != NULL)
+        SamFreeMemory(UserInfo->UserName.Buffer);
+
+    if (UserInfo->FullName.Buffer != NULL)
+        SamFreeMemory(UserInfo->FullName.Buffer);
+
+    if (UserInfo->HomeDirectory.Buffer != NULL)
+        SamFreeMemory(UserInfo->HomeDirectory.Buffer);
+
+    if (UserInfo->HomeDirectoryDrive.Buffer != NULL)
+        SamFreeMemory(UserInfo->HomeDirectoryDrive.Buffer);
+
+    if (UserInfo->ScriptPath.Buffer != NULL)
+        SamFreeMemory(UserInfo->ScriptPath.Buffer);
+
+    if (UserInfo->ProfilePath.Buffer != NULL)
+        SamFreeMemory(UserInfo->ProfilePath.Buffer);
+
+    if (UserInfo->AdminComment.Buffer != NULL)
+        SamFreeMemory(UserInfo->AdminComment.Buffer);
+
+    if (UserInfo->WorkStations.Buffer != NULL)
+        SamFreeMemory(UserInfo->WorkStations.Buffer);
+
+    if (UserInfo->UserComment.Buffer != NULL)
+        SamFreeMemory(UserInfo->UserComment.Buffer);
+
+    if (UserInfo->Parameters.Buffer != NULL)
+        SamFreeMemory(UserInfo->Parameters.Buffer);
+
+    if (UserInfo->PrivateData.Buffer != NULL)
+        SamFreeMemory(UserInfo->PrivateData.Buffer);
+
+    if (UserInfo->LogonHours.LogonHours != NULL)
+        SamFreeMemory(UserInfo->LogonHours.LogonHours);
+
+    SamFreeMemory(UserInfo);
+}
+
+
 static
 NET_API_STATUS
-BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
+BuildUserInfoBuffer(SAM_HANDLE UserHandle,
                     DWORD level,
                     ULONG RelativeId,
                     LPVOID *Buffer)
 {
     UNICODE_STRING LogonServer = RTL_CONSTANT_STRING(L"\\\\*");
+    PUSER_ALL_INFORMATION UserInfo = NULL;
     LPVOID LocalBuffer = NULL;
+    PACL Dacl = NULL;
     PUSER_INFO_0 UserInfo0;
     PUSER_INFO_1 UserInfo1;
     PUSER_INFO_2 UserInfo2;
     PUSER_INFO_3 UserInfo3;
+    PUSER_INFO_4 UserInfo4;
     PUSER_INFO_10 UserInfo10;
+    PUSER_INFO_11 UserInfo11;
     PUSER_INFO_20 UserInfo20;
     PUSER_INFO_23 UserInfo23;
     LPWSTR Ptr;
     ULONG Size = 0;
+    NTSTATUS Status;
     NET_API_STATUS ApiStatus = NERR_Success;
 
     *Buffer = NULL;
 
+    Status = SamQueryInformationUser(UserHandle,
+                                     UserAllInformation,
+                                     (PVOID *)&UserInfo);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("SamQueryInformationUser failed (Status %08lx)\n", Status);
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    if ((level == 1) || (level == 2) || (level == 3) ||
+        (level == 4) || (level == 20) || (level == 23))
+    {
+        ApiStatus = GetUserDacl(UserHandle, &Dacl);
+        if (ApiStatus != NERR_Success)
+            goto done;
+    }
+
     switch (level)
     {
         case 0:
@@ -223,7 +533,45 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
                 Size += UserInfo->HomeDirectoryDrive.Length + sizeof(WCHAR);
             break;
 
-//        case 4:
+        case 4:
+            Size = sizeof(USER_INFO_4) +
+                   UserInfo->UserName.Length + sizeof(WCHAR);
+
+            if (UserInfo->HomeDirectory.Length > 0)
+                Size += UserInfo->HomeDirectory.Length + sizeof(WCHAR);
+
+            if (UserInfo->AdminComment.Length > 0)
+                Size += UserInfo->AdminComment.Length + sizeof(WCHAR);
+
+            if (UserInfo->ScriptPath.Length > 0)
+                Size += UserInfo->ScriptPath.Length + sizeof(WCHAR);
+
+            if (UserInfo->FullName.Length > 0)
+                Size += UserInfo->FullName.Length + sizeof(WCHAR);
+
+            if (UserInfo->UserComment.Length > 0)
+                Size += UserInfo->UserComment.Length + sizeof(WCHAR);
+
+            if (UserInfo->Parameters.Length > 0)
+                Size += UserInfo->Parameters.Length + sizeof(WCHAR);
+
+            if (UserInfo->WorkStations.Length > 0)
+                Size += UserInfo->WorkStations.Length + sizeof(WCHAR);
+
+            if (UserInfo->LogonHours.UnitsPerWeek > 0)
+                Size += (((ULONG)UserInfo->LogonHours.UnitsPerWeek) + 7) / 8;
+
+            if (LogonServer.Length > 0)
+                Size += LogonServer.Length + sizeof(WCHAR);
+
+            /* FIXME: usri4_user_sid */
+
+            if (UserInfo->ProfilePath.Length > 0)
+                Size += UserInfo->ProfilePath.Length + sizeof(WCHAR);
+
+            if (UserInfo->HomeDirectoryDrive.Length > 0)
+                Size += UserInfo->HomeDirectoryDrive.Length + sizeof(WCHAR);
+            break;
 
         case 10:
             Size = sizeof(USER_INFO_10) +
@@ -239,7 +587,34 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
                 Size += UserInfo->FullName.Length + sizeof(WCHAR);
             break;
 
-//        case 11:
+        case 11:
+            Size = sizeof(USER_INFO_11) +
+                   UserInfo->UserName.Length + sizeof(WCHAR);
+
+            if (UserInfo->AdminComment.Length > 0)
+                Size += UserInfo->AdminComment.Length + sizeof(WCHAR);
+
+            if (UserInfo->UserComment.Length > 0)
+                Size += UserInfo->UserComment.Length + sizeof(WCHAR);
+
+            if (UserInfo->FullName.Length > 0)
+                Size += UserInfo->FullName.Length + sizeof(WCHAR);
+
+            if (UserInfo->HomeDirectory.Length > 0)
+                Size += UserInfo->HomeDirectory.Length + sizeof(WCHAR);
+
+            if (UserInfo->Parameters.Length > 0)
+                Size += UserInfo->Parameters.Length + sizeof(WCHAR);
+
+            if (LogonServer.Length > 0)
+                Size += LogonServer.Length + sizeof(WCHAR);
+
+            if (UserInfo->WorkStations.Length > 0)
+                Size += UserInfo->WorkStations.Length + sizeof(WCHAR);
+
+            if (UserInfo->LogonHours.UnitsPerWeek > 0)
+                Size += (((ULONG)UserInfo->LogonHours.UnitsPerWeek) + 7) / 8;
+            break;
 
         case 20:
             Size = sizeof(USER_INFO_20) +
@@ -306,7 +681,8 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
 
             UserInfo1->usri1_password = NULL;
 
-            /* FIXME: UserInfo1->usri1_password_age */
+            UserInfo1->usri1_password_age = GetPasswordAge(&UserInfo->PasswordLastSet);
+
             /* FIXME: UserInfo1->usri1_priv */
 
             if (UserInfo->HomeDirectory.Length > 0)
@@ -333,7 +709,8 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
                 Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->AdminComment.Length + sizeof(WCHAR));
             }
 
-            UserInfo1->usri1_flags = GetAccountFlags(UserInfo->UserAccountControl);
+            UserInfo1->usri1_flags = GetAccountFlags(UserInfo->UserAccountControl,
+                                                     Dacl);
 
             if (UserInfo->ScriptPath.Length > 0)
             {
@@ -360,7 +737,8 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
 
             Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->UserName.Length + sizeof(WCHAR));
 
-            /* FIXME: usri2_password_age */
+            UserInfo2->usri2_password_age = GetPasswordAge(&UserInfo->PasswordLastSet);
+
             /* FIXME: usri2_priv */
 
             if (UserInfo->HomeDirectory.Length > 0)
@@ -387,7 +765,8 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
                 Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->AdminComment.Length + sizeof(WCHAR));
             }
 
-            UserInfo2->usri2_flags = GetAccountFlags(UserInfo->UserAccountControl);
+            UserInfo2->usri2_flags = GetAccountFlags(UserInfo->UserAccountControl,
+                                                     Dacl);
 
             if (UserInfo->ScriptPath.Length > 0)
             {
@@ -507,7 +886,8 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
 
             Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->UserName.Length + sizeof(WCHAR));
 
-            /* FIXME: usri3_password_age */
+            UserInfo3->usri3_password_age = GetPasswordAge(&UserInfo->PasswordLastSet);
+
             /* FIXME: usri3_priv */
 
             if (UserInfo->HomeDirectory.Length > 0)
@@ -534,7 +914,8 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
                 Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->AdminComment.Length + sizeof(WCHAR));
             }
 
-            UserInfo3->usri3_flags = GetAccountFlags(UserInfo->UserAccountControl);
+            UserInfo3->usri3_flags = GetAccountFlags(UserInfo->UserAccountControl,
+                                                     Dacl);
 
             if (UserInfo->ScriptPath.Length > 0)
             {
@@ -668,33 +1049,211 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
             UserInfo3->usri3_password_expired = (UserInfo->UserAccountControl & USER_PASSWORD_EXPIRED);
             break;
 
-//        case 4:
-
-        case 10:
-            UserInfo10 = (PUSER_INFO_10)LocalBuffer;
+        case 4:
+            UserInfo4 = (PUSER_INFO_4)LocalBuffer;
 
-            Ptr = (LPWSTR)((ULONG_PTR)UserInfo10 + sizeof(USER_INFO_10));
+            Ptr = (LPWSTR)((ULONG_PTR)UserInfo4 + sizeof(USER_INFO_4));
 
-            UserInfo10->usri10_name = Ptr;
+            UserInfo4->usri4_name = Ptr;
 
-            memcpy(UserInfo10->usri10_name,
+            memcpy(UserInfo4->usri4_name,
                    UserInfo->UserName.Buffer,
                    UserInfo->UserName.Length);
-            UserInfo10->usri10_name[UserInfo->UserName.Length / sizeof(WCHAR)] = UNICODE_NULL;
+            UserInfo4->usri4_name[UserInfo->UserName.Length / sizeof(WCHAR)] = UNICODE_NULL;
 
             Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->UserName.Length + sizeof(WCHAR));
 
-            if (UserInfo->AdminComment.Length > 0)
-            {
-                UserInfo10->usri10_comment = Ptr;
-
-                memcpy(UserInfo10->usri10_comment,
-                       UserInfo->AdminComment.Buffer,
-                       UserInfo->AdminComment.Length);
-                UserInfo10->usri10_comment[UserInfo->AdminComment.Length / sizeof(WCHAR)] = UNICODE_NULL;
+            UserInfo4->usri4_password = NULL;
+            UserInfo4->usri4_password_age = GetPasswordAge(&UserInfo->PasswordLastSet);
 
-                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->AdminComment.Length + sizeof(WCHAR));
-            }
+            /* FIXME: usri4_priv */
+
+            if (UserInfo->HomeDirectory.Length > 0)
+            {
+                UserInfo4->usri4_home_dir = Ptr;
+
+                memcpy(UserInfo4->usri4_home_dir,
+                       UserInfo->HomeDirectory.Buffer,
+                       UserInfo->HomeDirectory.Length);
+                UserInfo4->usri4_home_dir[UserInfo->HomeDirectory.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->HomeDirectory.Length + sizeof(WCHAR));
+            }
+
+            if (UserInfo->AdminComment.Length > 0)
+            {
+                UserInfo4->usri4_comment = Ptr;
+
+                memcpy(UserInfo4->usri4_comment,
+                       UserInfo->AdminComment.Buffer,
+                       UserInfo->AdminComment.Length);
+                UserInfo4->usri4_comment[UserInfo->AdminComment.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->AdminComment.Length + sizeof(WCHAR));
+            }
+
+            UserInfo4->usri4_flags = GetAccountFlags(UserInfo->UserAccountControl,
+                                                     Dacl);
+
+            if (UserInfo->ScriptPath.Length > 0)
+            {
+                UserInfo4->usri4_script_path = Ptr;
+
+                memcpy(UserInfo4->usri4_script_path,
+                       UserInfo->ScriptPath.Buffer,
+                       UserInfo->ScriptPath.Length);
+                UserInfo4->usri4_script_path[UserInfo->ScriptPath.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->ScriptPath.Length + sizeof(WCHAR));
+            }
+
+            /* FIXME: usri4_auth_flags */
+
+            if (UserInfo->FullName.Length > 0)
+            {
+                UserInfo4->usri4_full_name = Ptr;
+
+                memcpy(UserInfo4->usri4_full_name,
+                       UserInfo->FullName.Buffer,
+                       UserInfo->FullName.Length);
+                UserInfo4->usri4_full_name[UserInfo->FullName.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->FullName.Length + sizeof(WCHAR));
+            }
+
+            if (UserInfo->UserComment.Length > 0)
+            {
+                UserInfo4->usri4_usr_comment = Ptr;
+
+                memcpy(UserInfo4->usri4_usr_comment,
+                       UserInfo->UserComment.Buffer,
+                       UserInfo->UserComment.Length);
+                UserInfo4->usri4_usr_comment[UserInfo->UserComment.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->UserComment.Length + sizeof(WCHAR));
+            }
+
+            if (UserInfo->Parameters.Length > 0)
+            {
+                UserInfo4->usri4_parms = Ptr;
+
+                memcpy(UserInfo4->usri4_parms,
+                       UserInfo->Parameters.Buffer,
+                       UserInfo->Parameters.Length);
+                UserInfo4->usri4_parms[UserInfo->Parameters.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->Parameters.Length + sizeof(WCHAR));
+            }
+
+            if (UserInfo->WorkStations.Length > 0)
+            {
+                UserInfo4->usri4_workstations = Ptr;
+
+                memcpy(UserInfo4->usri4_workstations,
+                       UserInfo->WorkStations.Buffer,
+                       UserInfo->WorkStations.Length);
+                UserInfo4->usri4_workstations[UserInfo->WorkStations.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->WorkStations.Length + sizeof(WCHAR));
+            }
+
+            RtlTimeToSecondsSince1970(&UserInfo->LastLogon,
+                                      &UserInfo4->usri4_last_logon);
+
+            RtlTimeToSecondsSince1970(&UserInfo->LastLogoff,
+                                      &UserInfo4->usri4_last_logoff);
+
+            RtlTimeToSecondsSince1970(&UserInfo->AccountExpires,
+                                      &UserInfo4->usri4_acct_expires);
+
+            UserInfo4->usri4_max_storage = USER_MAXSTORAGE_UNLIMITED;
+            UserInfo4->usri4_units_per_week = UserInfo->LogonHours.UnitsPerWeek;
+
+            if (UserInfo->LogonHours.UnitsPerWeek > 0)
+            {
+                UserInfo4->usri4_logon_hours = (PVOID)Ptr;
+
+                memcpy(UserInfo4->usri4_logon_hours,
+                       UserInfo->LogonHours.LogonHours,
+                       (((ULONG)UserInfo->LogonHours.UnitsPerWeek) + 7) / 8);
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + (((ULONG)UserInfo->LogonHours.UnitsPerWeek) + 7) / 8);
+            }
+
+            UserInfo4->usri4_bad_pw_count = UserInfo->BadPasswordCount;
+            UserInfo4->usri4_num_logons = UserInfo->LogonCount;
+
+            if (LogonServer.Length > 0)
+            {
+                UserInfo4->usri4_logon_server = Ptr;
+
+                memcpy(UserInfo4->usri4_logon_server,
+                       LogonServer.Buffer,
+                       LogonServer.Length);
+                UserInfo4->usri4_logon_server[LogonServer.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + LogonServer.Length + sizeof(WCHAR));
+            }
+
+            UserInfo4->usri4_country_code = UserInfo->CountryCode;
+            UserInfo4->usri4_code_page = UserInfo->CodePage;
+
+            /* FIXME: usri4_user_sid */
+
+            UserInfo4->usri4_primary_group_id = UserInfo->PrimaryGroupId;
+
+            if (UserInfo->ProfilePath.Length > 0)
+            {
+                UserInfo4->usri4_profile = Ptr;
+
+                memcpy(UserInfo4->usri4_profile,
+                       UserInfo->ProfilePath.Buffer,
+                       UserInfo->ProfilePath.Length);
+                UserInfo4->usri4_profile[UserInfo->ProfilePath.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->ProfilePath.Length + sizeof(WCHAR));
+            }
+
+            if (UserInfo->HomeDirectoryDrive.Length > 0)
+            {
+                UserInfo4->usri4_home_dir_drive = Ptr;
+
+                memcpy(UserInfo4->usri4_home_dir_drive,
+                       UserInfo->HomeDirectoryDrive.Buffer,
+                       UserInfo->HomeDirectoryDrive.Length);
+                UserInfo4->usri4_home_dir_drive[UserInfo->HomeDirectoryDrive.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->HomeDirectoryDrive.Length + sizeof(WCHAR));
+            }
+
+            UserInfo4->usri4_password_expired = (UserInfo->UserAccountControl & USER_PASSWORD_EXPIRED);
+            break;
+
+        case 10:
+            UserInfo10 = (PUSER_INFO_10)LocalBuffer;
+
+            Ptr = (LPWSTR)((ULONG_PTR)UserInfo10 + sizeof(USER_INFO_10));
+
+            UserInfo10->usri10_name = Ptr;
+
+            memcpy(UserInfo10->usri10_name,
+                   UserInfo->UserName.Buffer,
+                   UserInfo->UserName.Length);
+            UserInfo10->usri10_name[UserInfo->UserName.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+            Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->UserName.Length + sizeof(WCHAR));
+
+            if (UserInfo->AdminComment.Length > 0)
+            {
+                UserInfo10->usri10_comment = Ptr;
+
+                memcpy(UserInfo10->usri10_comment,
+                       UserInfo->AdminComment.Buffer,
+                       UserInfo->AdminComment.Length);
+                UserInfo10->usri10_comment[UserInfo->AdminComment.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->AdminComment.Length + sizeof(WCHAR));
+            }
 
             if (UserInfo->UserComment.Length > 0)
             {
@@ -721,7 +1280,136 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
             }
             break;
 
-//        case 11:
+        case 11:
+            UserInfo11 = (PUSER_INFO_11)LocalBuffer;
+
+            Ptr = (LPWSTR)((ULONG_PTR)UserInfo11 + sizeof(USER_INFO_11));
+
+            UserInfo11->usri11_name = Ptr;
+
+            memcpy(UserInfo11->usri11_name,
+                   UserInfo->UserName.Buffer,
+                   UserInfo->UserName.Length);
+            UserInfo11->usri11_name[UserInfo->UserName.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+            Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->UserName.Length + sizeof(WCHAR));
+
+            if (UserInfo->AdminComment.Length > 0)
+            {
+                UserInfo11->usri11_comment = Ptr;
+
+                memcpy(UserInfo11->usri11_comment,
+                       UserInfo->AdminComment.Buffer,
+                       UserInfo->AdminComment.Length);
+                UserInfo11->usri11_comment[UserInfo->AdminComment.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->AdminComment.Length + sizeof(WCHAR));
+            }
+
+            if (UserInfo->UserComment.Length > 0)
+            {
+                UserInfo11->usri11_usr_comment = Ptr;
+
+                memcpy(UserInfo11->usri11_usr_comment,
+                       UserInfo->UserComment.Buffer,
+                       UserInfo->UserComment.Length);
+                UserInfo11->usri11_usr_comment[UserInfo->UserComment.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->UserComment.Length + sizeof(WCHAR));
+            }
+
+            if (UserInfo->FullName.Length > 0)
+            {
+                UserInfo11->usri11_full_name = Ptr;
+
+                memcpy(UserInfo11->usri11_full_name,
+                       UserInfo->FullName.Buffer,
+                       UserInfo->FullName.Length);
+                UserInfo11->usri11_full_name[UserInfo->FullName.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->FullName.Length + sizeof(WCHAR));
+            }
+
+            /* FIXME: usri11_priv */
+            /* FIXME: usri11_auth_flags */
+
+            UserInfo11->usri11_password_age = GetPasswordAge(&UserInfo->PasswordLastSet);
+
+            if (UserInfo->HomeDirectory.Length > 0)
+            {
+                UserInfo11->usri11_home_dir = Ptr;
+
+                memcpy(UserInfo11->usri11_home_dir,
+                       UserInfo->HomeDirectory.Buffer,
+                       UserInfo->HomeDirectory.Length);
+                UserInfo11->usri11_home_dir[UserInfo->HomeDirectory.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->HomeDirectory.Length + sizeof(WCHAR));
+            }
+
+            if (UserInfo->Parameters.Length > 0)
+            {
+                UserInfo11->usri11_parms = Ptr;
+
+                memcpy(UserInfo11->usri11_parms,
+                       UserInfo->Parameters.Buffer,
+                       UserInfo->Parameters.Length);
+                UserInfo11->usri11_parms[UserInfo->Parameters.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->Parameters.Length + sizeof(WCHAR));
+            }
+
+            RtlTimeToSecondsSince1970(&UserInfo->LastLogon,
+                                      &UserInfo11->usri11_last_logon);
+
+            RtlTimeToSecondsSince1970(&UserInfo->LastLogoff,
+                                      &UserInfo11->usri11_last_logoff);
+
+            UserInfo11->usri11_bad_pw_count = UserInfo->BadPasswordCount;
+            UserInfo11->usri11_num_logons = UserInfo->LogonCount;
+
+            if (LogonServer.Length > 0)
+            {
+                UserInfo11->usri11_logon_server = Ptr;
+
+                memcpy(UserInfo11->usri11_logon_server,
+                       LogonServer.Buffer,
+                       LogonServer.Length);
+                UserInfo11->usri11_logon_server[LogonServer.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + LogonServer.Length + sizeof(WCHAR));
+            }
+
+            UserInfo11->usri11_country_code = UserInfo->CountryCode;
+
+            if (UserInfo->WorkStations.Length > 0)
+            {
+                UserInfo11->usri11_workstations = Ptr;
+
+                memcpy(UserInfo11->usri11_workstations,
+                       UserInfo->WorkStations.Buffer,
+                       UserInfo->WorkStations.Length);
+                UserInfo11->usri11_workstations[UserInfo->WorkStations.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->WorkStations.Length + sizeof(WCHAR));
+            }
+
+            UserInfo11->usri11_max_storage = USER_MAXSTORAGE_UNLIMITED;
+            UserInfo11->usri11_units_per_week = UserInfo->LogonHours.UnitsPerWeek;
+
+            if (UserInfo->LogonHours.UnitsPerWeek > 0)
+            {
+                UserInfo11->usri11_logon_hours = (PVOID)Ptr;
+
+                memcpy(UserInfo11->usri11_logon_hours,
+                       UserInfo->LogonHours.LogonHours,
+                       (((ULONG)UserInfo->LogonHours.UnitsPerWeek) + 7) / 8);
+
+                Ptr = (LPWSTR)((ULONG_PTR)Ptr + (((ULONG)UserInfo->LogonHours.UnitsPerWeek) + 7) / 8);
+            }
+
+            UserInfo11->usri11_code_page = UserInfo->CodePage;
+            break;
 
         case 20:
             UserInfo20 = (PUSER_INFO_20)LocalBuffer;
@@ -761,7 +1449,8 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
                 Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->AdminComment.Length + sizeof(WCHAR));
             }
 
-            UserInfo20->usri20_flags = GetAccountFlags(UserInfo->UserAccountControl);
+            UserInfo20->usri20_flags = GetAccountFlags(UserInfo->UserAccountControl,
+                                                       Dacl);
 
             UserInfo20->usri20_user_id = RelativeId;
             break;
@@ -804,13 +1493,20 @@ BuildUserInfoBuffer(PUSER_ALL_INFORMATION UserInfo,
                 Ptr = (LPWSTR)((ULONG_PTR)Ptr + UserInfo->AdminComment.Length + sizeof(WCHAR));
             }
 
-            UserInfo23->usri23_flags = GetAccountFlags(UserInfo->UserAccountControl);
+            UserInfo23->usri23_flags = GetAccountFlags(UserInfo->UserAccountControl,
+                                                       Dacl);
 
             /* FIXME: usri23_user_sid */
            break;
     }
 
 done:
+    if (UserInfo != NULL)
+        FreeUserInfo(UserInfo);
+
+    if (Dacl != NULL)
+        HeapFree(GetProcessHeap(), 0, Dacl);
+
     if (ApiStatus == NERR_Success)
     {
         *Buffer = LocalBuffer;
@@ -825,50 +1521,6 @@ done:
 }
 
 
-static
-VOID
-FreeUserInfo(PUSER_ALL_INFORMATION UserInfo)
-{
-    if (UserInfo->UserName.Buffer != NULL)
-        SamFreeMemory(UserInfo->UserName.Buffer);
-
-    if (UserInfo->FullName.Buffer != NULL)
-        SamFreeMemory(UserInfo->FullName.Buffer);
-
-    if (UserInfo->HomeDirectory.Buffer != NULL)
-        SamFreeMemory(UserInfo->HomeDirectory.Buffer);
-
-    if (UserInfo->HomeDirectoryDrive.Buffer != NULL)
-        SamFreeMemory(UserInfo->HomeDirectoryDrive.Buffer);
-
-    if (UserInfo->ScriptPath.Buffer != NULL)
-        SamFreeMemory(UserInfo->ScriptPath.Buffer);
-
-    if (UserInfo->ProfilePath.Buffer != NULL)
-        SamFreeMemory(UserInfo->ProfilePath.Buffer);
-
-    if (UserInfo->AdminComment.Buffer != NULL)
-        SamFreeMemory(UserInfo->AdminComment.Buffer);
-
-    if (UserInfo->WorkStations.Buffer != NULL)
-        SamFreeMemory(UserInfo->WorkStations.Buffer);
-
-    if (UserInfo->UserComment.Buffer != NULL)
-        SamFreeMemory(UserInfo->UserComment.Buffer);
-
-    if (UserInfo->Parameters.Buffer != NULL)
-        SamFreeMemory(UserInfo->Parameters.Buffer);
-
-    if (UserInfo->PrivateData.Buffer != NULL)
-        SamFreeMemory(UserInfo->PrivateData.Buffer);
-
-    if (UserInfo->LogonHours.LogonHours != NULL)
-        SamFreeMemory(UserInfo->LogonHours.LogonHours);
-
-    SamFreeMemory(UserInfo);
-}
-
-
 static
 NET_API_STATUS
 SetUserInfo(SAM_HANDLE UserHandle,
@@ -880,21 +1532,38 @@ SetUserInfo(SAM_HANDLE UserHandle,
     PUSER_INFO_1 UserInfo1;
     PUSER_INFO_2 UserInfo2;
     PUSER_INFO_3 UserInfo3;
+    PUSER_INFO_4 UserInfo4;
+    PUSER_INFO_22 UserInfo22;
     PUSER_INFO_1003 UserInfo1003;
     PUSER_INFO_1006 UserInfo1006;
     PUSER_INFO_1007 UserInfo1007;
+    PUSER_INFO_1008 UserInfo1008;
     PUSER_INFO_1009 UserInfo1009;
     PUSER_INFO_1011 UserInfo1011;
     PUSER_INFO_1012 UserInfo1012;
     PUSER_INFO_1013 UserInfo1013;
     PUSER_INFO_1014 UserInfo1014;
+    PUSER_INFO_1017 UserInfo1017;
+    PUSER_INFO_1018 UserInfo1018;
+    PUSER_INFO_1024 UserInfo1024;
+    PUSER_INFO_1025 UserInfo1025;
+    PUSER_INFO_1051 UserInfo1051;
     PUSER_INFO_1052 UserInfo1052;
     PUSER_INFO_1053 UserInfo1053;
+    PACL Dacl = NULL;
     NET_API_STATUS ApiStatus = NERR_Success;
     NTSTATUS Status = STATUS_SUCCESS;
 
     ZeroMemory(&UserAllInfo, sizeof(USER_ALL_INFORMATION));
 
+    if ((Level == 1) || (Level == 2) || (Level == 3) ||
+        (Level == 4) || (Level == 22) || (Level == 1008))
+    {
+        ApiStatus = GetUserDacl(UserHandle, &Dacl);
+        if (ApiStatus != NERR_Success)
+            goto done;
+    }
+
     switch (Level)
     {
         case 0:
@@ -937,8 +1606,9 @@ SetUserInfo(SAM_HANDLE UserHandle,
                 UserAllInfo.WhichFields |= USER_ALL_ADMINCOMMENT;
             }
 
-//          UserInfo1->usri1_flags
-//            UserAllInfo.WhichFields |= USER_ALL_USERACCOUNTCONTROL;
+            ChangeUserDacl(Dacl, UserInfo1->usri1_flags);
+            UserAllInfo.UserAccountControl = GetAccountControl(UserInfo1->usri1_flags);
+            UserAllInfo.WhichFields |= USER_ALL_USERACCOUNTCONTROL;
 
             if (UserInfo1->usri1_script_path != NULL)
             {
@@ -979,7 +1649,9 @@ SetUserInfo(SAM_HANDLE UserHandle,
                 UserAllInfo.WhichFields |= USER_ALL_ADMINCOMMENT;
             }
 
-//          UserInfo2->usri2_flags;
+            ChangeUserDacl(Dacl, UserInfo2->usri2_flags);
+            UserAllInfo.UserAccountControl = GetAccountControl(UserInfo2->usri2_flags);
+            UserAllInfo.WhichFields |= USER_ALL_USERACCOUNTCONTROL;
 
             if (UserInfo2->usri2_script_path != NULL)
             {
@@ -1021,8 +1693,20 @@ SetUserInfo(SAM_HANDLE UserHandle,
             // usri2_last_logon ignored
             // usri2_last_logoff ignored
 
-//          UserInfo2->usri2_acct_expires;
-//          UserInfo2->usri2_max_storage;
+            if (UserInfo2->usri2_acct_expires == TIMEQ_FOREVER)
+            {
+                UserAllInfo.AccountExpires.LowPart = 0;
+                UserAllInfo.AccountExpires.HighPart = 0;
+            }
+            else
+            {
+                RtlSecondsSince1970ToTime(UserInfo2->usri2_acct_expires,
+                                          &UserAllInfo.AccountExpires);
+            }
+            UserAllInfo.WhichFields |= USER_ALL_ACCOUNTEXPIRES;
+
+            // usri2_max_storage ignored
+
 //          UserInfo2->usri2_units_per_week;
 //          UserInfo2->usri2_logon_hours;
 
@@ -1030,8 +1714,11 @@ SetUserInfo(SAM_HANDLE UserHandle,
             // usri2_num_logons ignored
             // usri2_logon_server ignored
 
-//          UserInfo2->usri2_country_code;
-//          UserInfo2->usri2_code_page;
+            UserAllInfo.CountryCode = UserInfo2->usri2_country_code;
+            UserAllInfo.WhichFields |= USER_ALL_COUNTRYCODE;
+
+            UserAllInfo.CodePage = UserInfo2->usri2_code_page;
+            UserAllInfo.WhichFields |= USER_ALL_CODEPAGE;
             break;
 
         case 3:
@@ -1065,85 +1752,324 @@ SetUserInfo(SAM_HANDLE UserHandle,
                 UserAllInfo.WhichFields |= USER_ALL_ADMINCOMMENT;
             }
 
-//          UserInfo3->usri3_flags;
-//              UserAllInfo.WhichFields |= USER_ALL_USERACCOUNTCONTROL;
+            ChangeUserDacl(Dacl, UserInfo3->usri3_flags);
+            UserAllInfo.UserAccountControl = GetAccountControl(UserInfo3->usri3_flags);
+            UserAllInfo.WhichFields |= USER_ALL_USERACCOUNTCONTROL;
 
             if (UserInfo3->usri3_script_path != NULL)
             {
                 RtlInitUnicodeString(&UserAllInfo.ScriptPath,
-                                     UserInfo3->usri3_script_path);
+                                     UserInfo3->usri3_script_path);
+                UserAllInfo.WhichFields |= USER_ALL_SCRIPTPATH;
+            }
+
+//          UserInfo3->usri3_auth_flags;
+
+            if (UserInfo3->usri3_full_name != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.FullName,
+                                     UserInfo3->usri3_full_name);
+                UserAllInfo.WhichFields |= USER_ALL_FULLNAME;
+            }
+
+            if (UserInfo3->usri3_usr_comment != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.UserComment,
+                                     UserInfo3->usri3_usr_comment);
+                UserAllInfo.WhichFields |= USER_ALL_USERCOMMENT;
+            }
+
+            if (UserInfo3->usri3_parms != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.Parameters,
+                                     UserInfo3->usri3_parms);
+                UserAllInfo.WhichFields |= USER_ALL_PARAMETERS;
+            }
+
+            if (UserInfo3->usri3_workstations != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.WorkStations,
+                                     UserInfo3->usri3_workstations);
+                UserAllInfo.WhichFields |= USER_ALL_WORKSTATIONS;
+            }
+
+            // usri3_last_logon ignored
+            // usri3_last_logoff ignored
+
+            if (UserInfo3->usri3_acct_expires == TIMEQ_FOREVER)
+            {
+                UserAllInfo.AccountExpires.LowPart = 0;
+                UserAllInfo.AccountExpires.HighPart = 0;
+            }
+            else
+            {
+                RtlSecondsSince1970ToTime(UserInfo3->usri3_acct_expires,
+                                          &UserAllInfo.AccountExpires);
+            }
+            UserAllInfo.WhichFields |= USER_ALL_ACCOUNTEXPIRES;
+
+            // usri3_max_storage ignored
+
+//          UserInfo3->usri3_units_per_week;
+//          UserInfo3->usri3_logon_hours;
+
+            // usri3_bad_pw_count ignored
+            // usri3_num_logons ignored
+            // usri3_logon_server ignored
+
+            UserAllInfo.CountryCode = UserInfo3->usri3_country_code;
+            UserAllInfo.WhichFields |= USER_ALL_COUNTRYCODE;
+
+            UserAllInfo.CodePage = UserInfo3->usri3_code_page;
+            UserAllInfo.WhichFields |= USER_ALL_CODEPAGE;
+
+            // usri3_user_id ignored
+
+            UserAllInfo.PrimaryGroupId = UserInfo3->usri3_primary_group_id;
+            UserAllInfo.WhichFields |= USER_ALL_PRIMARYGROUPID;
+
+            if (UserInfo3->usri3_profile != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.ProfilePath,
+                                     UserInfo3->usri3_profile);
+                UserAllInfo.WhichFields |= USER_ALL_PROFILEPATH;
+            }
+
+            if (UserInfo3->usri3_home_dir_drive != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.HomeDirectoryDrive,
+                                     UserInfo3->usri3_home_dir_drive);
+                UserAllInfo.WhichFields |= USER_ALL_HOMEDIRECTORYDRIVE;
+            }
+
+            UserAllInfo.PasswordExpired = (UserInfo3->usri3_password_expired != 0);
+            UserAllInfo.WhichFields |= USER_ALL_PASSWORDEXPIRED;
+            break;
+
+        case 4:
+            UserInfo4 = (PUSER_INFO_4)UserInfo;
+
+            // usri4_name ignored
+
+            if (UserInfo4->usri4_password != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.NtPassword,
+                                     UserInfo4->usri4_password);
+                UserAllInfo.NtPasswordPresent = TRUE;
+                UserAllInfo.WhichFields |= USER_ALL_NTPASSWORDPRESENT;
+            }
+
+            // usri4_password_age ignored
+
+//          UserInfo3->usri4_priv;
+
+            if (UserInfo4->usri4_home_dir != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.HomeDirectory,
+                                     UserInfo4->usri4_home_dir);
+                UserAllInfo.WhichFields |= USER_ALL_HOMEDIRECTORY;
+            }
+
+            if (UserInfo4->usri4_comment != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.AdminComment,
+                                     UserInfo4->usri4_comment);
+                UserAllInfo.WhichFields |= USER_ALL_ADMINCOMMENT;
+            }
+
+            ChangeUserDacl(Dacl, UserInfo4->usri4_flags);
+            UserAllInfo.UserAccountControl = GetAccountControl(UserInfo4->usri4_flags);
+            UserAllInfo.WhichFields |= USER_ALL_USERACCOUNTCONTROL;
+
+            if (UserInfo4->usri4_script_path != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.ScriptPath,
+                                     UserInfo4->usri4_script_path);
+                UserAllInfo.WhichFields |= USER_ALL_SCRIPTPATH;
+            }
+
+//          UserInfo4->usri4_auth_flags;
+
+            if (UserInfo4->usri4_full_name != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.FullName,
+                                     UserInfo4->usri4_full_name);
+                UserAllInfo.WhichFields |= USER_ALL_FULLNAME;
+            }
+
+            if (UserInfo4->usri4_usr_comment != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.UserComment,
+                                     UserInfo4->usri4_usr_comment);
+                UserAllInfo.WhichFields |= USER_ALL_USERCOMMENT;
+            }
+
+            if (UserInfo4->usri4_parms != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.Parameters,
+                                     UserInfo4->usri4_parms);
+                UserAllInfo.WhichFields |= USER_ALL_PARAMETERS;
+            }
+
+            if (UserInfo4->usri4_workstations != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.WorkStations,
+                                     UserInfo4->usri4_workstations);
+                UserAllInfo.WhichFields |= USER_ALL_WORKSTATIONS;
+            }
+
+            // usri4_last_logon ignored
+            // usri4_last_logoff ignored
+
+            if (UserInfo4->usri4_acct_expires == TIMEQ_FOREVER)
+            {
+                UserAllInfo.AccountExpires.LowPart = 0;
+                UserAllInfo.AccountExpires.HighPart = 0;
+            }
+            else
+            {
+                RtlSecondsSince1970ToTime(UserInfo4->usri4_acct_expires,
+                                          &UserAllInfo.AccountExpires);
+            }
+            UserAllInfo.WhichFields |= USER_ALL_ACCOUNTEXPIRES;
+
+            // usri4_max_storage ignored
+
+//          UserInfo4->usri4_units_per_week;
+//          UserInfo4->usri4_logon_hours;
+
+            // usri4_bad_pw_count ignored
+            // usri4_num_logons ignored
+            // usri4_logon_server ignored
+
+            UserAllInfo.CountryCode = UserInfo4->usri4_country_code;
+            UserAllInfo.WhichFields |= USER_ALL_COUNTRYCODE;
+
+            UserAllInfo.CodePage = UserInfo4->usri4_code_page;
+            UserAllInfo.WhichFields |= USER_ALL_CODEPAGE;
+
+            // usri4_user_sid ignored
+
+            UserAllInfo.PrimaryGroupId = UserInfo4->usri4_primary_group_id;
+            UserAllInfo.WhichFields |= USER_ALL_PRIMARYGROUPID;
+
+            if (UserInfo4->usri4_profile != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.ProfilePath,
+                                     UserInfo4->usri4_profile);
+                UserAllInfo.WhichFields |= USER_ALL_PROFILEPATH;
+            }
+
+            if (UserInfo4->usri4_home_dir_drive != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.HomeDirectoryDrive,
+                                     UserInfo4->usri4_home_dir_drive);
+                UserAllInfo.WhichFields |= USER_ALL_HOMEDIRECTORYDRIVE;
+            }
+
+            UserAllInfo.PasswordExpired = (UserInfo4->usri4_password_expired != 0);
+            UserAllInfo.WhichFields |= USER_ALL_PASSWORDEXPIRED;
+            break;
+
+//        case 21:
+//            break;
+
+        case 22:
+            UserInfo22 = (PUSER_INFO_22)UserInfo;
+
+            // usri22_name ignored
+
+//          UserInfo22->usri22_password[ENCRYPTED_PWLEN];
+
+            // usri22_password_age ignored
+
+//          UserInfo3->usri3_priv;
+
+            if (UserInfo22->usri22_home_dir != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.HomeDirectory,
+                                     UserInfo22->usri22_home_dir);
+                UserAllInfo.WhichFields |= USER_ALL_HOMEDIRECTORY;
+            }
+
+            if (UserInfo22->usri22_comment != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.AdminComment,
+                                     UserInfo22->usri22_comment);
+                UserAllInfo.WhichFields |= USER_ALL_ADMINCOMMENT;
+            }
+
+            ChangeUserDacl(Dacl, UserInfo22->usri22_flags);
+            UserAllInfo.UserAccountControl = GetAccountControl(UserInfo22->usri22_flags);
+            UserAllInfo.WhichFields |= USER_ALL_USERACCOUNTCONTROL;
+
+            if (UserInfo22->usri22_script_path != NULL)
+            {
+                RtlInitUnicodeString(&UserAllInfo.ScriptPath,
+                                     UserInfo22->usri22_script_path);
                 UserAllInfo.WhichFields |= USER_ALL_SCRIPTPATH;
             }
 
-//          UserInfo3->usri3_auth_flags;
+//          UserInfo22->usri22_auth_flags;
 
-            if (UserInfo3->usri3_full_name != NULL)
+            if (UserInfo22->usri22_full_name != NULL)
             {
                 RtlInitUnicodeString(&UserAllInfo.FullName,
-                                     UserInfo3->usri3_full_name);
+                                     UserInfo22->usri22_full_name);
                 UserAllInfo.WhichFields |= USER_ALL_FULLNAME;
             }
 
-            if (UserInfo3->usri3_usr_comment != NULL)
+            if (UserInfo22->usri22_usr_comment != NULL)
             {
                 RtlInitUnicodeString(&UserAllInfo.UserComment,
-                                     UserInfo3->usri3_usr_comment);
+                                     UserInfo22->usri22_usr_comment);
                 UserAllInfo.WhichFields |= USER_ALL_USERCOMMENT;
             }
 
-            if (UserInfo3->usri3_parms != NULL)
+            if (UserInfo22->usri22_parms != NULL)
             {
                 RtlInitUnicodeString(&UserAllInfo.Parameters,
-                                     UserInfo3->usri3_parms);
+                                     UserInfo22->usri22_parms);
                 UserAllInfo.WhichFields |= USER_ALL_PARAMETERS;
             }
 
-            if (UserInfo3->usri3_workstations != NULL)
+            if (UserInfo22->usri22_workstations != NULL)
             {
                 RtlInitUnicodeString(&UserAllInfo.WorkStations,
-                                     UserInfo3->usri3_workstations);
+                                     UserInfo22->usri22_workstations);
                 UserAllInfo.WhichFields |= USER_ALL_WORKSTATIONS;
             }
 
-            // usri3_last_logon ignored
-            // usri3_last_logoff ignored
-
-//          UserInfo3->usri3_acct_expires;
-//          UserInfo3->usri3_max_storage;
-//          UserInfo3->usri3_units_per_week;
-//          UserInfo3->usri3_logon_hours;
-
-            // usri3_bad_pw_count ignored
-            // usri3_num_logons ignored
-            // usri3_logon_server ignored
-
-//          UserInfo3->usri3_country_code;
-//          UserInfo3->usri3_code_page;
+            // usri22_last_logon ignored
+            // usri22_last_logoff ignored
 
-            // usri3_user_id ignored
-
-//          UserInfo3->usri3_primary_group_id;
-
-            if (UserInfo3->usri3_profile != NULL)
+            if (UserInfo22->usri22_acct_expires == TIMEQ_FOREVER)
             {
-                RtlInitUnicodeString(&UserAllInfo.ProfilePath,
-                                     UserInfo3->usri3_profile);
-                UserAllInfo.WhichFields |= USER_ALL_PROFILEPATH;
+                UserAllInfo.AccountExpires.LowPart = 0;
+                UserAllInfo.AccountExpires.HighPart = 0;
             }
-
-            if (UserInfo3->usri3_home_dir_drive != NULL)
+            else
             {
-                RtlInitUnicodeString(&UserAllInfo.HomeDirectoryDrive,
-                                     UserInfo3->usri3_home_dir_drive);
-                UserAllInfo.WhichFields |= USER_ALL_HOMEDIRECTORYDRIVE;
+                RtlSecondsSince1970ToTime(UserInfo22->usri22_acct_expires,
+                                          &UserAllInfo.AccountExpires);
             }
+            UserAllInfo.WhichFields |= USER_ALL_ACCOUNTEXPIRES;
 
-//          UserInfo3->usri3_password_expired;
-            break;
+            // usri22_max_storage ignored
 
-//        case 4:
-//        case 21:
-//        case 22:
+//          UserInfo22->usri22_units_per_week;
+//          UserInfo22->usri22_logon_hours;
+
+            // usri22_bad_pw_count ignored
+            // usri22_num_logons ignored
+            // usri22_logon_server ignored
+
+            UserAllInfo.CountryCode = UserInfo22->usri22_country_code;
+            UserAllInfo.WhichFields |= USER_ALL_COUNTRYCODE;
+
+            UserAllInfo.CodePage = UserInfo22->usri22_code_page;
+            UserAllInfo.WhichFields |= USER_ALL_CODEPAGE;
+            break;
 
         case 1003:
             UserInfo1003 = (PUSER_INFO_1003)UserInfo;
@@ -1158,6 +2084,7 @@ SetUserInfo(SAM_HANDLE UserHandle,
             break;
 
 //        case 1005:
+//            break;
 
         case 1006:
             UserInfo1006 = (PUSER_INFO_1006)UserInfo;
@@ -1181,7 +2108,12 @@ SetUserInfo(SAM_HANDLE UserHandle,
             }
             break;
 
-//        case 1008:
+        case 1008:
+            UserInfo1008 = (PUSER_INFO_1008)UserInfo;
+            ChangeUserDacl(Dacl, UserInfo1008->usri1008_flags);
+            UserAllInfo.UserAccountControl = GetAccountControl(UserInfo1008->usri1008_flags);
+            UserAllInfo.WhichFields |= USER_ALL_USERACCOUNTCONTROL;
+            break;
 
         case 1009:
             UserInfo1009 = (PUSER_INFO_1009)UserInfo;
@@ -1195,6 +2127,7 @@ SetUserInfo(SAM_HANDLE UserHandle,
             break;
 
 //        case 1010:
+//            break;
 
         case 1011:
             UserInfo1011 = (PUSER_INFO_1011)UserInfo;
@@ -1240,10 +2173,55 @@ SetUserInfo(SAM_HANDLE UserHandle,
             }
             break;
 
-//        case 1017:
+        case 1017:
+            UserInfo1017 = (PUSER_INFO_1017)UserInfo;
+
+            if (UserInfo1017->usri1017_acct_expires == TIMEQ_FOREVER)
+            {
+                UserAllInfo.AccountExpires.LowPart = 0;
+                UserAllInfo.AccountExpires.HighPart = 0;
+            }
+            else
+            {
+                RtlSecondsSince1970ToTime(UserInfo1017->usri1017_acct_expires,
+                                          &UserAllInfo.AccountExpires);
+            }
+            UserAllInfo.WhichFields |= USER_ALL_ACCOUNTEXPIRES;
+            break;
+
+        case 1018:
+            UserInfo1018 = (PUSER_INFO_1018)UserInfo;
+
+            if (UserInfo1018->usri1018_max_storage != USER_MAXSTORAGE_UNLIMITED)
+            {
+                // FIXME: Report error
+                return ERROR_INVALID_PARAMETER;
+            }
+            break;
+
 //        case 1020:
-//        case 1024:
-//        case 1051:
+//            break;
+
+        case 1024:
+            UserInfo1024 = (PUSER_INFO_1024)UserInfo;
+
+            UserAllInfo.CountryCode = UserInfo1024->usri1024_country_code;
+            UserAllInfo.WhichFields |= USER_ALL_COUNTRYCODE;
+            break;
+
+        case 1025:
+            UserInfo1025 = (PUSER_INFO_1025)UserInfo;
+
+            UserAllInfo.CodePage = UserInfo1025->usri1025_code_page;
+            UserAllInfo.WhichFields |= USER_ALL_CODEPAGE;
+            break;
+
+        case 1051:
+            UserInfo1051 = (PUSER_INFO_1051)UserInfo;
+
+            UserAllInfo.PrimaryGroupId = UserInfo1051->usri1051_primary_group_id;
+            UserAllInfo.WhichFields |= USER_ALL_PRIMARYGROUPID;
+            break;
 
         case 1052:
             UserInfo1052 = (PUSER_INFO_1052)UserInfo;
@@ -1283,6 +2261,9 @@ SetUserInfo(SAM_HANDLE UserHandle,
     }
 
 done:
+    if (Dacl != NULL)
+        HeapFree(GetProcessHeap(), 0, Dacl);
+
     return ApiStatus;
 }
 
@@ -1395,7 +2376,7 @@ NetUserAdd(LPCWSTR servername,
     /* Open the Account Domain */
     Status = OpenAccountDomain(ServerHandle,
                                (servername != NULL) ? &ServerName : NULL,
-                               DOMAIN_CREATE_USER | DOMAIN_LOOKUP,
+                               DOMAIN_CREATE_USER | DOMAIN_LOOKUP | DOMAIN_READ_PASSWORD_PARAMETERS,
                                &DomainHandle);
     if (!NT_SUCCESS(Status))
     {
@@ -1435,7 +2416,12 @@ NetUserAdd(LPCWSTR servername,
 
 done:
     if (UserHandle != NULL)
-        SamCloseHandle(UserHandle);
+    {
+        if (ApiStatus != NERR_Success)
+            SamDeleteUser(UserHandle);
+        else
+            SamCloseHandle(UserHandle);
+    }
 
     if (DomainHandle != NULL)
         SamCloseHandle(DomainHandle);
@@ -1469,8 +2455,137 @@ NetUserChangePassword(LPCWSTR domainname,
                       LPCWSTR oldpassword,
                       LPCWSTR newpassword)
 {
+    PMSV1_0_CHANGEPASSWORD_REQUEST RequestBuffer = NULL;
+    PMSV1_0_CHANGEPASSWORD_RESPONSE ResponseBuffer = NULL;
+    ULONG RequestBufferSize;
+    ULONG ResponseBufferSize = 0;
+    LPWSTR Ptr;
+    ANSI_STRING PackageName;
+    ULONG AuthenticationPackage = 0;
+    HANDLE LsaHandle = NULL;
+    NET_API_STATUS ApiStatus = NERR_Success;
+    NTSTATUS Status = STATUS_SUCCESS;
+    NTSTATUS ProtocolStatus;
+
     TRACE("(%s, %s, ..., ...)\n", debugstr_w(domainname), debugstr_w(username));
-    return NERR_Success;
+
+    /* FIXME: handle null domain or user name */
+
+    /* Check the parameters */
+    if ((oldpassword == NULL) ||
+        (newpassword == NULL))
+        return ERROR_INVALID_PARAMETER;
+
+    /* Connect to the LSA server */
+    Status = LsaConnectUntrusted(&LsaHandle);
+    if (!NT_SUCCESS(Status))
+        return NetpNtStatusToApiStatus(Status);
+
+    /* Get the authentication package ID */
+    RtlInitAnsiString(&PackageName,
+                      MSV1_0_PACKAGE_NAME);
+
+    Status = LsaLookupAuthenticationPackage(LsaHandle,
+                                            &PackageName,
+                                            &AuthenticationPackage);
+    if (!NT_SUCCESS(Status))
+    {
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    /* Calculate the request buffer size */
+    RequestBufferSize = sizeof(MSV1_0_CHANGEPASSWORD_REQUEST) +
+                        ((wcslen(domainname) + 1) * sizeof(WCHAR)) +
+                        ((wcslen(username) + 1) * sizeof(WCHAR)) +
+                        ((wcslen(oldpassword) + 1) * sizeof(WCHAR)) +
+                        ((wcslen(newpassword) + 1) * sizeof(WCHAR));
+
+    /* Allocate the request buffer */
+    ApiStatus = NetApiBufferAllocate(RequestBufferSize,
+                                     (PVOID*)&RequestBuffer);
+    if (ApiStatus != NERR_Success)
+        goto done;
+
+    /* Initialize the request buffer */
+    RequestBuffer->MessageType = MsV1_0ChangePassword;
+    RequestBuffer->Impersonating = TRUE;
+
+    Ptr = (LPWSTR)((ULONG_PTR)RequestBuffer + sizeof(MSV1_0_CHANGEPASSWORD_REQUEST));
+
+    /* Pack the domain name */
+    RequestBuffer->DomainName.Length = wcslen(domainname) * sizeof(WCHAR);
+    RequestBuffer->DomainName.MaximumLength = RequestBuffer->DomainName.Length + sizeof(WCHAR);
+    RequestBuffer->DomainName.Buffer = Ptr;
+
+    RtlCopyMemory(RequestBuffer->DomainName.Buffer,
+                  domainname,
+                  RequestBuffer->DomainName.MaximumLength);
+
+    Ptr = (LPWSTR)((ULONG_PTR)Ptr + RequestBuffer->DomainName.MaximumLength);
+
+    /* Pack the user name */
+    RequestBuffer->AccountName.Length = wcslen(username) * sizeof(WCHAR);
+    RequestBuffer->AccountName.MaximumLength = RequestBuffer->AccountName.Length + sizeof(WCHAR);
+    RequestBuffer->AccountName.Buffer = Ptr;
+
+    RtlCopyMemory(RequestBuffer->AccountName.Buffer,
+                  username,
+                  RequestBuffer->AccountName.MaximumLength);
+
+    Ptr = (LPWSTR)((ULONG_PTR)Ptr + RequestBuffer->AccountName.MaximumLength);
+
+    /* Pack the old password */
+    RequestBuffer->OldPassword.Length = wcslen(oldpassword) * sizeof(WCHAR);
+    RequestBuffer->OldPassword.MaximumLength = RequestBuffer->OldPassword.Length + sizeof(WCHAR);
+    RequestBuffer->OldPassword.Buffer = Ptr;
+
+    RtlCopyMemory(RequestBuffer->OldPassword.Buffer,
+                  oldpassword,
+                  RequestBuffer->OldPassword.MaximumLength);
+
+    Ptr = (LPWSTR)((ULONG_PTR)Ptr + RequestBuffer->OldPassword.MaximumLength);
+
+    /* Pack the new password */
+    RequestBuffer->NewPassword.Length = wcslen(newpassword) * sizeof(WCHAR);
+    RequestBuffer->NewPassword.MaximumLength = RequestBuffer->NewPassword.Length + sizeof(WCHAR);
+    RequestBuffer->NewPassword.Buffer = Ptr;
+
+    RtlCopyMemory(RequestBuffer->NewPassword.Buffer,
+                  newpassword,
+                  RequestBuffer->NewPassword.MaximumLength);
+
+    /* Call the authentication package */
+    Status = LsaCallAuthenticationPackage(LsaHandle,
+                                          AuthenticationPackage,
+                                          RequestBuffer,
+                                          RequestBufferSize,
+                                          (PVOID*)&ResponseBuffer,
+                                          &ResponseBufferSize,
+                                          &ProtocolStatus);
+    if (!NT_SUCCESS(Status))
+    {
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    if (!NT_SUCCESS(ProtocolStatus))
+    {
+        ApiStatus = NetpNtStatusToApiStatus(ProtocolStatus);
+        goto done;
+    }
+
+done:
+    if (RequestBuffer != NULL)
+        NetApiBufferFree(RequestBuffer);
+
+    if (ResponseBuffer != NULL)
+        LsaFreeReturnBuffer(ResponseBuffer);
+
+    if (LsaHandle != NULL)
+        NtClose(LsaHandle);
+
+    return ApiStatus;
 }
 
 
@@ -1560,7 +2675,7 @@ NetUserDel(LPCWSTR servername,
         {
             ERR("OpenUserByName failed (ApiStatus %lu)\n", ApiStatus);
             if (ApiStatus == ERROR_NONE_MAPPED)
-                ApiStatus = NERR_GroupNotFound;
+                ApiStatus = NERR_UserNotFound;
             goto done;
         }
     }
@@ -1608,8 +2723,6 @@ NetUserEnum(LPCWSTR servername,
     LPVOID Buffer = NULL;
     ULONG i;
     SAM_HANDLE UserHandle = NULL;
-    PUSER_ALL_INFORMATION UserInfo = NULL;
-
     NET_API_STATUS ApiStatus = NERR_Success;
     NTSTATUS Status = STATUS_SUCCESS;
 
@@ -1722,7 +2835,7 @@ NetUserEnum(LPCWSTR servername,
         TRACE("RID: %lu\n", CurrentUser->RelativeId);
 
         Status = SamOpenUser(EnumContext->AccountDomainHandle, //BuiltinDomainHandle,
-                             USER_READ_GENERAL | USER_READ_PREFERENCES | USER_READ_LOGON | USER_READ_ACCOUNT,
+                             READ_CONTROL | USER_READ_GENERAL | USER_READ_PREFERENCES | USER_READ_LOGON | USER_READ_ACCOUNT,
                              CurrentUser->RelativeId,
                              &UserHandle);
         if (!NT_SUCCESS(Status))
@@ -1732,20 +2845,7 @@ NetUserEnum(LPCWSTR servername,
             goto done;
         }
 
-        Status = SamQueryInformationUser(UserHandle,
-                                         UserAllInformation,
-                                         (PVOID *)&UserInfo);
-        if (!NT_SUCCESS(Status))
-        {
-            ERR("SamQueryInformationUser failed (Status %08lx)\n", Status);
-            ApiStatus = NetpNtStatusToApiStatus(Status);
-            goto done;
-        }
-
-        SamCloseHandle(UserHandle);
-        UserHandle = NULL;
-
-        ApiStatus = BuildUserInfoBuffer(UserInfo,
+        ApiStatus = BuildUserInfoBuffer(UserHandle,
                                         level,
                                         CurrentUser->RelativeId,
                                         &Buffer);
@@ -1755,11 +2855,8 @@ NetUserEnum(LPCWSTR servername,
             goto done;
         }
 
-        if (UserInfo != NULL)
-        {
-            FreeUserInfo(UserInfo);
-            UserInfo = NULL;
-        }
+        SamCloseHandle(UserHandle);
+        UserHandle = NULL;
 
         EnumContext->Index++;
 
@@ -1804,42 +2901,179 @@ done:
     if (UserHandle != NULL)
         SamCloseHandle(UserHandle);
 
-    if (UserInfo != NULL)
-        FreeUserInfo(UserInfo);
-
-    if (resume_handle != NULL)
-        *resume_handle = (DWORD_PTR)EnumContext;
+    if (resume_handle != NULL)
+        *resume_handle = (DWORD_PTR)EnumContext;
+
+    *bufptr = (LPBYTE)Buffer;
+
+    TRACE("return %lu\n", ApiStatus);
+
+    return ApiStatus;
+}
+
+
+/************************************************************
+ * NetUserGetGroups (NETAPI32.@)
+ */
+NET_API_STATUS
+WINAPI
+NetUserGetGroups(LPCWSTR servername,
+                 LPCWSTR username,
+                 DWORD level,
+                 LPBYTE *bufptr,
+                 DWORD prefixmaxlen,
+                 LPDWORD entriesread,
+                 LPDWORD totalentries)
+{
+    UNICODE_STRING ServerName;
+    UNICODE_STRING UserName;
+    SAM_HANDLE ServerHandle = NULL;
+    SAM_HANDLE AccountDomainHandle = NULL;
+    SAM_HANDLE UserHandle = NULL;
+    PSID AccountDomainSid = NULL;
+    PULONG RelativeIds = NULL;
+    PSID_NAME_USE Use = NULL;
+    PGROUP_MEMBERSHIP GroupMembership = NULL;
+    ULONG GroupCount;
+
+    NET_API_STATUS ApiStatus = NERR_Success;
+    NTSTATUS Status = STATUS_SUCCESS;
+
+    TRACE("%s %s %d %p %d %p %p stub\n", debugstr_w(servername),
+          debugstr_w(username), level, bufptr, prefixmaxlen, entriesread,
+          totalentries);
+
+    if (servername != NULL)
+        RtlInitUnicodeString(&ServerName, servername);
+
+    RtlInitUnicodeString(&UserName, username);
+
+    /* Connect to the SAM Server */
+    Status = SamConnect((servername != NULL) ? &ServerName : NULL,
+                        &ServerHandle,
+                        SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
+                        NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("SamConnect failed (Status %08lx)\n", Status);
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    /* Get the Account Domain SID */
+    Status = GetAccountDomainSid((servername != NULL) ? &ServerName : NULL,
+                                 &AccountDomainSid);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("GetAccountDomainSid failed (Status %08lx)\n", Status);
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    /* Open the Account Domain */
+    Status = SamOpenDomain(ServerHandle,
+                           DOMAIN_LOOKUP | DOMAIN_GET_ALIAS_MEMBERSHIP,
+                           AccountDomainSid,
+                           &AccountDomainHandle);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("OpenAccountDomain failed (Status %08lx)\n", Status);
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    /* Get the RID for the given user name */
+    Status = SamLookupNamesInDomain(AccountDomainHandle,
+                                    1,
+                                    &UserName,
+                                    &RelativeIds,
+                                    &Use);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("SamLookupNamesInDomain failed (Status %08lx)\n", Status);
+        if (Status == STATUS_NONE_MAPPED)
+            ApiStatus = NERR_UserNotFound;
+        else
+            ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    /* Fail, if it is not a user account */
+    if (Use[0] != SidTypeUser)
+    {
+        ERR("Account is not a User!\n");
+        ApiStatus = NERR_UserNotFound;
+        goto done;
+    }
+
+    /* Open the user object */
+    Status = SamOpenUser(AccountDomainHandle,
+                         USER_LIST_GROUPS,
+                         RelativeIds[0],
+                         &UserHandle);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("SamOpenUser failed (Status %08lx)\n", Status);
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    /* Get the group memberships of this user */
+    Status = SamGetGroupsForUser(UserHandle,
+                                 &GroupMembership,
+                                 &GroupCount);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("SamGetGroupsForUser failed (Status %08lx)\n", Status);
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    /* If there is no group membership, we're done */
+    if (GroupCount == 0)
+    {
+        ApiStatus = NERR_Success;
+        goto done;
+    }
+
+
+done:
+
+    if (GroupMembership != NULL)
+        SamFreeMemory(GroupMembership);
+
+    if (UserHandle != NULL)
+        SamCloseHandle(UserHandle);
+
+    if (RelativeIds != NULL)
+        SamFreeMemory(RelativeIds);
 
-    *bufptr = (LPBYTE)Buffer;
+    if (Use != NULL)
+        SamFreeMemory(Use);
 
-    TRACE("return %lu\n", ApiStatus);
+    if (AccountDomainSid != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
 
-    return ApiStatus;
-}
+    if (AccountDomainHandle != NULL)
+        SamCloseHandle(AccountDomainHandle);
 
+    if (ServerHandle != NULL)
+        SamCloseHandle(ServerHandle);
 
-/************************************************************
- * NetUserGetGroups (NETAPI32.@)
- */
-NET_API_STATUS
-WINAPI
-NetUserGetGroups(LPCWSTR servername,
-                 LPCWSTR username,
-                 DWORD level,
-                 LPBYTE *bufptr,
-                 DWORD prefixmaxlen,
-                 LPDWORD entriesread,
-                 LPDWORD totalentries)
-{
-    FIXME("%s %s %d %p %d %p %p stub\n", debugstr_w(servername),
-          debugstr_w(username), level, bufptr, prefixmaxlen, entriesread,
-          totalentries);
+    if (ApiStatus != NERR_Success && ApiStatus != ERROR_MORE_DATA)
+    {
+        *entriesread = 0;
+        *totalentries = 0;
+    }
+    else
+    {
+//        *entriesread = Count;
+//        *totalentries = Count;
+    }
 
-    *bufptr = NULL;
-    *entriesread = 0;
-    *totalentries = 0;
+//    *bufptr = (LPBYTE)Buffer;
 
-    return ERROR_INVALID_LEVEL;
+    return ApiStatus;
 }
 
 
@@ -1860,7 +3094,6 @@ NetUserGetInfo(LPCWSTR servername,
     SAM_HANDLE UserHandle = NULL;
     PULONG RelativeIds = NULL;
     PSID_NAME_USE Use = NULL;
-    PUSER_ALL_INFORMATION UserInfo = NULL;
     LPVOID Buffer = NULL;
     NET_API_STATUS ApiStatus = NERR_Success;
     NTSTATUS Status = STATUS_SUCCESS;
@@ -1906,7 +3139,10 @@ NetUserGetInfo(LPCWSTR servername,
     if (!NT_SUCCESS(Status))
     {
         ERR("SamOpenDomain failed (Status %08lx)\n", Status);
-        ApiStatus = NetpNtStatusToApiStatus(Status);
+        if (Status == STATUS_NONE_MAPPED)
+            ApiStatus = NERR_UserNotFound;
+        else
+            ApiStatus = NetpNtStatusToApiStatus(Status);
         goto done;
     }
 
@@ -1922,7 +3158,7 @@ NetUserGetInfo(LPCWSTR servername,
 
     /* Open the user object */
     Status = SamOpenUser(AccountDomainHandle,
-                         USER_READ_GENERAL | USER_READ_PREFERENCES | USER_READ_LOGON | USER_READ_ACCOUNT,
+                         READ_CONTROL | USER_READ_GENERAL | USER_READ_PREFERENCES | USER_READ_LOGON | USER_READ_ACCOUNT,
                          RelativeIds[0],
                          &UserHandle);
     if (!NT_SUCCESS(Status))
@@ -1932,17 +3168,7 @@ NetUserGetInfo(LPCWSTR servername,
         goto done;
     }
 
-    Status = SamQueryInformationUser(UserHandle,
-                                     UserAllInformation,
-                                     (PVOID *)&UserInfo);
-    if (!NT_SUCCESS(Status))
-    {
-        ERR("SamQueryInformationUser failed (Status %08lx)\n", Status);
-        ApiStatus = NetpNtStatusToApiStatus(Status);
-        goto done;
-    }
-
-    ApiStatus = BuildUserInfoBuffer(UserInfo,
+    ApiStatus = BuildUserInfoBuffer(UserHandle,
                                     level,
                                     RelativeIds[0],
                                     &Buffer);
@@ -1953,9 +3179,6 @@ NetUserGetInfo(LPCWSTR servername,
     }
 
 done:
-    if (UserInfo != NULL)
-        FreeUserInfo(UserInfo);
-
     if (UserHandle != NULL)
         SamCloseHandle(UserHandle);
 
@@ -2089,7 +3312,10 @@ NetUserGetLocalGroups(LPCWSTR servername,
     if (!NT_SUCCESS(Status))
     {
         ERR("SamLookupNamesInDomain failed (Status %08lx)\n", Status);
-        ApiStatus = NetpNtStatusToApiStatus(Status);
+        if (Status == STATUS_NONE_MAPPED)
+            ApiStatus = NERR_UserNotFound;
+        else
+            ApiStatus = NetpNtStatusToApiStatus(Status);
         goto done;
     }
 
@@ -2183,7 +3409,7 @@ NetUserGetLocalGroups(LPCWSTR servername,
 
     for (i = 0; i < AccountMemberCount; i++)
     {
-        if (BuiltinNames[i].Length > 0)
+        if (AccountNames[i].Length > 0)
         {
             Size += (sizeof(LOCALGROUP_USERS_INFO_0) + AccountNames[i].Length + sizeof(UNICODE_NULL));
             Count++;
@@ -2286,6 +3512,332 @@ done:
 }
 
 
+/******************************************************************************
+ * NetUserModalsGet  (NETAPI32.@)
+ *
+ * Retrieves global information for all users and global groups in the security
+ * database.
+ *
+ * PARAMS
+ *  servername [I] Specifies the DNS or the NetBIOS name of the remote server
+ *                 on which the function is to execute.
+ *  level      [I] Information level of the data.
+ *     0   Return global passwords parameters. bufptr points to a
+ *         USER_MODALS_INFO_0 struct.
+ *     1   Return logon server and domain controller information. bufptr
+ *         points to a USER_MODALS_INFO_1 struct.
+ *     2   Return domain name and identifier. bufptr points to a 
+ *         USER_MODALS_INFO_2 struct.
+ *     3   Return lockout information. bufptr points to a USER_MODALS_INFO_3
+ *         struct.
+ *  bufptr     [O] Buffer that receives the data.
+ *
+ * RETURNS
+ *  Success: NERR_Success.
+ *  Failure: 
+ *     ERROR_ACCESS_DENIED - the user does not have access to the info.
+ *     NERR_InvalidComputer - computer name is invalid.
+ */
+NET_API_STATUS
+WINAPI
+NetUserModalsGet(LPCWSTR servername,
+                 DWORD level,
+                 LPBYTE *bufptr)
+{
+    UNICODE_STRING ServerName;
+    SAM_HANDLE ServerHandle = NULL;
+    SAM_HANDLE DomainHandle = NULL;
+    PSID DomainSid = NULL;
+    PDOMAIN_PASSWORD_INFORMATION PasswordInfo = NULL;
+    PDOMAIN_LOGOFF_INFORMATION LogoffInfo = NULL;
+    PDOMAIN_SERVER_ROLE_INFORMATION ServerRoleInfo = NULL;
+    PDOMAIN_REPLICATION_INFORMATION ReplicationInfo = NULL;
+    PDOMAIN_NAME_INFORMATION NameInfo = NULL;
+    PDOMAIN_LOCKOUT_INFORMATION LockoutInfo = NULL;
+    ULONG DesiredAccess;
+    ULONG BufferSize;
+    PUSER_MODALS_INFO_0 umi0;
+    PUSER_MODALS_INFO_1 umi1;
+    PUSER_MODALS_INFO_2 umi2;
+    PUSER_MODALS_INFO_3 umi3;
+    NET_API_STATUS ApiStatus = NERR_Success;
+    NTSTATUS Status = STATUS_SUCCESS;
+
+    TRACE("(%s %d %p)\n", debugstr_w(servername), level, bufptr);
+
+    *bufptr = NULL;
+
+    if (servername != NULL)
+        RtlInitUnicodeString(&ServerName, servername);
+
+    /* Connect to the SAM Server */
+    Status = SamConnect((servername != NULL) ? &ServerName : NULL,
+                        &ServerHandle,
+                        SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
+                        NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("SamConnect failed (Status %08lx)\n", Status);
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    /* Get the Account Domain SID */
+    Status = GetAccountDomainSid((servername != NULL) ? &ServerName : NULL,
+                                 &DomainSid);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("GetAccountDomainSid failed (Status %08lx)\n", Status);
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    switch (level)
+    {
+        case 0:
+            DesiredAccess = DOMAIN_READ_OTHER_PARAMETERS | DOMAIN_READ_PASSWORD_PARAMETERS;
+            break;
+
+        case 1:
+            DesiredAccess = DOMAIN_READ_OTHER_PARAMETERS;
+            break;
+
+        case 2:
+            DesiredAccess = DOMAIN_READ_OTHER_PARAMETERS;
+            break;
+
+        case 3:
+            DesiredAccess = DOMAIN_READ_PASSWORD_PARAMETERS;
+            break;
+
+        default:
+            ApiStatus = ERROR_INVALID_LEVEL;
+            goto done;
+    }
+
+    /* Open the Account Domain */
+    Status = SamOpenDomain(ServerHandle,
+                           DesiredAccess,
+                           DomainSid,
+                           &DomainHandle);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("OpenAccountDomain failed (Status %08lx)\n", Status);
+        ApiStatus = NetpNtStatusToApiStatus(Status);
+        goto done;
+    }
+
+    switch (level)
+    {
+        case 0:
+            /* return global passwords parameters */
+            Status = SamQueryInformationDomain(DomainHandle,
+                                               DomainPasswordInformation,
+                                               (PVOID*)&PasswordInfo);
+            if (!NT_SUCCESS(Status))
+            {
+                ApiStatus = NetpNtStatusToApiStatus(Status);
+                goto done;
+            }
+
+            Status = SamQueryInformationDomain(DomainHandle,
+                                               DomainLogoffInformation,
+                                               (PVOID*)&LogoffInfo);
+            if (!NT_SUCCESS(Status))
+            {
+                ApiStatus = NetpNtStatusToApiStatus(Status);
+                goto done;
+            }
+
+            BufferSize = sizeof(USER_MODALS_INFO_0);
+            break;
+
+        case 1:
+            /* return logon server and domain controller info */
+            Status = SamQueryInformationDomain(DomainHandle,
+                                               DomainServerRoleInformation,
+                                               (PVOID*)&ServerRoleInfo);
+            if (!NT_SUCCESS(Status))
+            {
+                ApiStatus = NetpNtStatusToApiStatus(Status);
+                goto done;
+            }
+
+            Status = SamQueryInformationDomain(DomainHandle,
+                                               DomainReplicationInformation,
+                                               (PVOID*)&ReplicationInfo);
+            if (!NT_SUCCESS(Status))
+            {
+                ApiStatus = NetpNtStatusToApiStatus(Status);
+                goto done;
+            }
+
+            BufferSize = sizeof(USER_MODALS_INFO_1) +
+                         ReplicationInfo->ReplicaSourceNodeName.Length + sizeof(WCHAR);
+            break;
+
+        case 2:
+            /* return domain name and identifier */
+            Status = SamQueryInformationDomain(DomainHandle,
+                                               DomainNameInformation,
+                                               (PVOID*)&NameInfo);
+            if (!NT_SUCCESS(Status))
+            {
+                ApiStatus = NetpNtStatusToApiStatus(Status);
+                goto done;
+            }
+
+            BufferSize = sizeof( USER_MODALS_INFO_2 ) +
+                         NameInfo->DomainName.Length + sizeof(WCHAR) +
+                         RtlLengthSid(DomainSid);
+            break;
+
+        case 3:
+            /* return lockout information */
+            Status = SamQueryInformationDomain(DomainHandle,
+                                               DomainLockoutInformation,
+                                               (PVOID*)&LockoutInfo);
+            if (!NT_SUCCESS(Status))
+            {
+                ApiStatus = NetpNtStatusToApiStatus(Status);
+                goto done;
+            }
+
+            BufferSize = sizeof(USER_MODALS_INFO_3);
+            break;
+
+        default:
+            TRACE("Invalid level %d is specified\n", level);
+            ApiStatus = ERROR_INVALID_LEVEL;
+            goto done;
+    }
+
+
+    ApiStatus = NetApiBufferAllocate(BufferSize,
+                                     (LPVOID *)bufptr);
+    if (ApiStatus != NERR_Success)
+    {
+        WARN("NetApiBufferAllocate() failed\n");
+        goto done;
+    }
+
+    switch (level)
+    {
+        case 0:
+            umi0 = (PUSER_MODALS_INFO_0)*bufptr;
+
+            umi0->usrmod0_min_passwd_len = PasswordInfo->MinPasswordLength;
+            umi0->usrmod0_max_passwd_age = (ULONG)(PasswordInfo->MaxPasswordAge.QuadPart / 10000000);
+            umi0->usrmod0_min_passwd_age =
+                DeltaTimeToSeconds(PasswordInfo->MinPasswordAge);
+            umi0->usrmod0_force_logoff =
+                DeltaTimeToSeconds(LogoffInfo->ForceLogoff);
+            umi0->usrmod0_password_hist_len = PasswordInfo->PasswordHistoryLength;
+            break;
+
+        case 1:
+            umi1 = (PUSER_MODALS_INFO_1)*bufptr;
+
+            switch (ServerRoleInfo->DomainServerRole)
+            {
+
+                    umi1->usrmod1_role = UAS_ROLE_STANDALONE;
+                    umi1->usrmod1_role = UAS_ROLE_MEMBER;
+
+                case DomainServerRolePrimary:
+                    umi1->usrmod1_role = UAS_ROLE_PRIMARY;
+                    break;
+
+                case DomainServerRoleBackup:
+                    umi1->usrmod1_role = UAS_ROLE_BACKUP;
+                    break;
+
+                default:
+                    ApiStatus = NERR_InternalError;
+                    goto done;
+            }
+
+            umi1->usrmod1_primary = (LPWSTR)(*bufptr + sizeof(USER_MODALS_INFO_1));
+            RtlCopyMemory(umi1->usrmod1_primary,
+                          ReplicationInfo->ReplicaSourceNodeName.Buffer,
+                          ReplicationInfo->ReplicaSourceNodeName.Length);
+            umi1->usrmod1_primary[ReplicationInfo->ReplicaSourceNodeName.Length / sizeof(WCHAR)] = UNICODE_NULL;
+            break;
+
+        case 2:
+            umi2 = (PUSER_MODALS_INFO_2)*bufptr;
+
+            umi2->usrmod2_domain_name = (LPWSTR)(*bufptr + sizeof(USER_MODALS_INFO_2));
+            RtlCopyMemory(umi2->usrmod2_domain_name,
+                          NameInfo->DomainName.Buffer,
+                          NameInfo->DomainName.Length);
+            umi2->usrmod2_domain_name[NameInfo->DomainName.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
+            umi2->usrmod2_domain_id = *bufptr +
+                                      sizeof(USER_MODALS_INFO_2) +
+                                      NameInfo->DomainName.Length + sizeof(WCHAR);
+            RtlCopyMemory(umi2->usrmod2_domain_id,
+                          DomainSid,
+                          RtlLengthSid(DomainSid));
+            break;
+
+        case 3:
+            umi3 = (PUSER_MODALS_INFO_3)*bufptr;
+            umi3->usrmod3_lockout_duration =
+                DeltaTimeToSeconds(LockoutInfo->LockoutDuration);
+            umi3->usrmod3_lockout_observation_window =
+                DeltaTimeToSeconds(LockoutInfo->LockoutObservationWindow );
+            umi3->usrmod3_lockout_threshold = LockoutInfo->LockoutThreshold;
+            break;
+    }
+
+done:
+    if (LockoutInfo != NULL)
+        SamFreeMemory(LockoutInfo);
+
+    if (NameInfo != NULL)
+        SamFreeMemory(NameInfo);
+
+    if (ReplicationInfo != NULL)
+        SamFreeMemory(ReplicationInfo);
+
+    if (ServerRoleInfo != NULL)
+        SamFreeMemory(ServerRoleInfo);
+
+    if (LogoffInfo != NULL)
+        SamFreeMemory(LogoffInfo);
+
+    if (PasswordInfo != NULL)
+        SamFreeMemory(PasswordInfo);
+
+    if (DomainSid != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, DomainSid);
+
+    if (DomainHandle != NULL)
+        SamCloseHandle(DomainHandle);
+
+    if (ServerHandle != NULL)
+        SamCloseHandle(ServerHandle);
+
+    return ApiStatus;
+}
+
+
+/******************************************************************************
+ * NetUserModalsSet  (NETAPI32.@)
+ */
+NET_API_STATUS
+WINAPI
+NetUserModalsSet(IN LPCWSTR servername,
+                 IN DWORD level,
+                 IN LPBYTE buf,
+                 OUT LPDWORD parm_err)
+{
+    FIXME("(%s %d %p %p)\n", debugstr_w(servername), level, buf, parm_err);
+    return ERROR_ACCESS_DENIED;
+}
+
+
 /******************************************************************************
  * NetUserSetGroups  (NETAPI32.@)
  */
@@ -2335,24 +3887,26 @@ NetUserSetInfo(LPCWSTR servername,
         case 1:
         case 2:
         case 3:
-//        case 4:
+        case 4:
 //        case 21:
-//        case 22:
+        case 22:
         case 1003:
 //        case 1005:
         case 1006:
         case 1007:
-//        case 1008:
+        case 1008:
         case 1009:
 //        case 1010:
         case 1011:
         case 1012:
         case 1013:
         case 1014:
-//        case 1017:
+        case 1017:
+        case 1018:
 //        case 1020:
-//        case 1024:
-//        case 1051:
+        case 1024:
+        case 1025:
+        case 1051:
         case 1052:
         case 1053:
             break;
@@ -2381,7 +3935,7 @@ NetUserSetInfo(LPCWSTR servername,
     /* Open the Account Domain */
     Status = OpenAccountDomain(ServerHandle,
                                (servername != NULL) ? &ServerName : NULL,
-                               DOMAIN_LIST_ACCOUNTS | DOMAIN_LOOKUP,
+                               DOMAIN_LIST_ACCOUNTS | DOMAIN_LOOKUP | DOMAIN_READ_PASSWORD_PARAMETERS,
                                &AccountDomainHandle);
     if (!NT_SUCCESS(Status))
     {
A free Windows-compatible Operating System