[SAMLIB]

[reactos.git] / reactos / dll / win32 / samsrv / samrpc.c
diff --git a/reactos/dll/win32/samsrv/samrpc.c b/reactos/dll/win32/samsrv/samrpc.c

index 7ec81e1..9bf3075 100644 (file)
--- a/reactos/dll/win32/samsrv/samrpc.c
+++ b/reactos/dll/win32/samsrv/samrpc.c
@@ -7,19 +7,73 @@
   * PROGRAMMERS:     Eric Kohl
   */
  
-/* INCLUDES ******************************************************************/
-
  #include "samsrv.h"
  
-WINE_DEFAULT_DEBUG_CHANNEL(samsrv);
-
  /* GLOBALS *******************************************************************/
  
  static SID_IDENTIFIER_AUTHORITY NtSidAuthority = {SECURITY_NT_AUTHORITY};
  
+static GENERIC_MAPPING ServerMapping =
+{
+    SAM_SERVER_READ,
+    SAM_SERVER_WRITE,
+    SAM_SERVER_EXECUTE,
+    SAM_SERVER_ALL_ACCESS
+};
+
+static GENERIC_MAPPING DomainMapping =
+{
+    DOMAIN_READ,
+    DOMAIN_WRITE,
+    DOMAIN_EXECUTE,
+    DOMAIN_ALL_ACCESS
+};
+
+static GENERIC_MAPPING AliasMapping =
+{
+    ALIAS_READ,
+    ALIAS_WRITE,
+    ALIAS_EXECUTE,
+    ALIAS_ALL_ACCESS
+};
+
+static GENERIC_MAPPING GroupMapping =
+{
+    GROUP_READ,
+    GROUP_WRITE,
+    GROUP_EXECUTE,
+    GROUP_ALL_ACCESS
+};
+
+static GENERIC_MAPPING UserMapping =
+{
+    USER_READ,
+    USER_WRITE,
+    USER_EXECUTE,
+    USER_ALL_ACCESS
+};
+
+PGENERIC_MAPPING pServerMapping = &ServerMapping;
+
  
  /* FUNCTIONS *****************************************************************/
  
+static
+LARGE_INTEGER
+SampAddRelativeTimeToTime(IN LARGE_INTEGER AbsoluteTime,
+                          IN LARGE_INTEGER RelativeTime)
+{
+    LARGE_INTEGER NewTime;
+
+    NewTime.QuadPart = AbsoluteTime.QuadPart - RelativeTime.QuadPart;
+
+    if (NewTime.QuadPart < 0)
+        NewTime.QuadPart = 0;
+
+    return NewTime;
+}
+
+
  VOID
  SampStartRpcServer(VOID)
  {
@@ -68,10 +122,12 @@ void __RPC_USER midl_user_free(void __RPC_FAR * ptr)
      HeapFree(GetProcessHeap(), 0, ptr);
  }
  
+
  void __RPC_USER SAMPR_HANDLE_rundown(SAMPR_HANDLE hHandle)
  {
  }
  
+
  /* Function 0 */
  NTSTATUS
  NTAPI
@@ -85,20 +141,32 @@ SamrConnect(IN PSAMPR_SERVER_NAME ServerName,
      TRACE("SamrConnect(%p %p %lx)\n",
            ServerName, ServerHandle, DesiredAccess);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
+    /* Map generic access rights */
+    RtlMapGenericMask(&DesiredAccess,
+                      &ServerMapping);
+
+    /* Open the Server Object */
      Status = SampOpenDbObject(NULL,
                                NULL,
                                L"SAM",
+                              0,
                                SamDbServerObject,
                                DesiredAccess,
                                &ServerObject);
      if (NT_SUCCESS(Status))
          *ServerHandle = (SAMPR_HANDLE)ServerObject;
  
+    RtlReleaseResource(&SampResource);
+
      TRACE("SamrConnect done (Status 0x%08lx)\n", Status);
  
      return Status;
  }
  
+
  /* Function 1 */
  NTSTATUS
  NTAPI
@@ -109,6 +177,9 @@ SamrCloseHandle(IN OUT SAMPR_HANDLE *SamHandle)
  
      TRACE("SamrCloseHandle(%p)\n", SamHandle);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      Status = SampValidateDbObject(*SamHandle,
                                    SamDbIgnoreObject,
                                    0,
@@ -119,11 +190,14 @@ SamrCloseHandle(IN OUT SAMPR_HANDLE *SamHandle)
          *SamHandle = NULL;
      }
  
+    RtlReleaseResource(&SampResource);
+
      TRACE("SamrCloseHandle done (Status 0x%08lx)\n", Status);
  
      return Status;
  }
  
+
  /* Function 2 */
  NTSTATUS
  NTAPI
@@ -135,24 +209,136 @@ SamrSetSecurityObject(IN SAMPR_HANDLE ObjectHandle,
      return STATUS_NOT_IMPLEMENTED;
  }
  
+
  /* Function 3 */
  NTSTATUS
  NTAPI
  SamrQuerySecurityObject(IN SAMPR_HANDLE ObjectHandle,
                          IN SECURITY_INFORMATION SecurityInformation,
-                        OUT PSAMPR_SR_SECURITY_DESCRIPTOR * SecurityDescriptor)
+                        OUT PSAMPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    PSAM_DB_OBJECT SamObject;
+    PSAMPR_SR_SECURITY_DESCRIPTOR SamSD = NULL;
+    PSECURITY_DESCRIPTOR SdBuffer = NULL;
+    ACCESS_MASK DesiredAccess = 0;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    TRACE("(%p %lx %p)\n",
+          ObjectHandle, SecurityInformation, SecurityDescriptor);
+
+    *SecurityDescriptor = NULL;
+
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
+    if (SecurityInformation & (DACL_SECURITY_INFORMATION |
+                               OWNER_SECURITY_INFORMATION |
+                               GROUP_SECURITY_INFORMATION))
+        DesiredAccess |= READ_CONTROL;
+
+    if (SecurityInformation & SACL_SECURITY_INFORMATION)
+        DesiredAccess |= ACCESS_SYSTEM_SECURITY;
+
+    /* Validate the server handle */
+    Status = SampValidateDbObject(ObjectHandle,
+                                  SamDbIgnoreObject,
+                                  DesiredAccess,
+                                  &SamObject);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    SamSD = midl_user_allocate(sizeof(SAMPR_SR_SECURITY_DESCRIPTOR));
+    if (SamSD == NULL)
+    {
+        Status = STATUS_INSUFFICIENT_RESOURCES;
+        goto done;
+    }
+
+    Status = SampGetObjectAttribute(SamObject,
+                                    L"SecDesc",
+                                    NULL,
+                                    NULL,
+                                    &Length);
+    if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
+    {
+        TRACE("Status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    TRACE("SD Length: %lu\n", Length);
+
+    SdBuffer = midl_user_allocate(Length);
+    if (SdBuffer == NULL)
+    {
+        Status = STATUS_INSUFFICIENT_RESOURCES;
+        goto done;
+    }
+
+    Status = SampGetObjectAttribute(SamObject,
+                                    L"SecDesc",
+                                    NULL,
+                                    SdBuffer,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("Status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* FIXME: Use SecurityInformation to return only the requested information */
+
+    SamSD->Length = Length;
+    SamSD->SecurityDescriptor = SdBuffer;
+
+done:
+    RtlReleaseResource(&SampResource);
+
+    if (NT_SUCCESS(Status))
+    {
+        *SecurityDescriptor = SamSD;
+    }
+    else
+    {
+        if (SdBuffer != NULL)
+            midl_user_free(SdBuffer);
+
+        if (SamSD != NULL)
+            midl_user_free(SamSD);
+    }
+
+    return Status;
  }
  
+
  /* Function 4 */
  NTSTATUS
  NTAPI
  SamrShutdownSamServer(IN SAMPR_HANDLE ServerHandle)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    PSAM_DB_OBJECT ServerObject;
+    NTSTATUS Status;
+
+    TRACE("(%p)\n", ServerHandle);
+
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
+    /* Validate the server handle */
+    Status = SampValidateDbObject(ServerHandle,
+                                  SamDbServerObject,
+                                  SAM_SERVER_SHUTDOWN,
+                                  &ServerObject);
+
+    RtlReleaseResource(&SampResource);
+
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    /* Shut the server down */
+    RpcMgmtStopServerListening(0);
+
+    return STATUS_SUCCESS;
  }
  
  
@@ -177,13 +363,16 @@ SamrLookupDomainInSamServer(IN SAMPR_HANDLE ServerHandle,
      TRACE("SamrLookupDomainInSamServer(%p %p %p)\n",
            ServerHandle, Name, DomainId);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the server handle */
      Status = SampValidateDbObject(ServerHandle,
                                    SamDbServerObject,
                                    SAM_SERVER_LOOKUP_DOMAIN,
                                    &ServerObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      *DomainId = NULL;
  
@@ -192,7 +381,7 @@ SamrLookupDomainInSamServer(IN SAMPR_HANDLE ServerHandle,
                              KEY_READ,
                              &DomainsKeyHandle);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      Index = 0;
      while (Found == FALSE)
@@ -254,13 +443,17 @@ SamrLookupDomainInSamServer(IN SAMPR_HANDLE ServerHandle,
                  }
              }
  
-            NtClose(DomainKeyHandle);
+            SampRegCloseKey(&DomainKeyHandle);
          }
  
          Index++;
      }
  
-    NtClose(DomainsKeyHandle);
+done:
+    SampRegCloseKey(&DomainKeyHandle);
+    SampRegCloseKey(&DomainsKeyHandle);
+
+    RtlReleaseResource(&SampResource);
  
      return Status;
  }
@@ -277,8 +470,8 @@ SamrEnumerateDomainsInSamServer(IN SAMPR_HANDLE ServerHandle,
  {
      PSAM_DB_OBJECT ServerObject;
      WCHAR DomainKeyName[64];
-    HANDLE DomainsKeyHandle;
-    HANDLE DomainKeyHandle;
+    HANDLE DomainsKeyHandle = NULL;
+    HANDLE DomainKeyHandle = NULL;
      ULONG EnumIndex;
      ULONG EnumCount;
      ULONG RequiredLength;
@@ -291,20 +484,23 @@ SamrEnumerateDomainsInSamServer(IN SAMPR_HANDLE ServerHandle,
            ServerHandle, EnumerationContext, Buffer, PreferedMaximumLength,
            CountReturned);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the server handle */
      Status = SampValidateDbObject(ServerHandle,
                                    SamDbServerObject,
                                    SAM_SERVER_ENUMERATE_DOMAINS,
                                    &ServerObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      Status = SampRegOpenKey(ServerObject->KeyHandle,
                              L"Domains",
                              KEY_READ,
                              &DomainsKeyHandle);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      EnumIndex = *EnumerationContext;
      EnumCount = 0;
@@ -347,7 +543,7 @@ SamrEnumerateDomainsInSamServer(IN SAMPR_HANDLE ServerHandle,
                  EnumCount++;
              }
  
-            NtClose(DomainKeyHandle);
+            SampRegCloseKey(&DomainKeyHandle);
          }
  
          EnumIndex++;
@@ -406,7 +602,7 @@ SamrEnumerateDomainsInSamServer(IN SAMPR_HANDLE ServerHandle,
                  EnumBuffer->Buffer[i].Name.Buffer = midl_user_allocate(DataLength);
                  if (EnumBuffer->Buffer[i].Name.Buffer == NULL)
                  {
-                    NtClose(DomainKeyHandle);
+                    SampRegCloseKey(&DomainKeyHandle);
                      Status = STATUS_INSUFFICIENT_RESOURCES;
                      goto done;
                  }
@@ -423,7 +619,7 @@ SamrEnumerateDomainsInSamServer(IN SAMPR_HANDLE ServerHandle,
                  }
              }
  
-            NtClose(DomainKeyHandle);
+            SampRegCloseKey(&DomainKeyHandle);
  
              if (!NT_SUCCESS(Status))
                  goto done;
@@ -438,6 +634,9 @@ SamrEnumerateDomainsInSamServer(IN SAMPR_HANDLE ServerHandle,
      }
  
  done:
+    SampRegCloseKey(&DomainKeyHandle);
+    SampRegCloseKey(&DomainsKeyHandle);
+
      if (!NT_SUCCESS(Status))
      {
          *EnumerationContext = 0;
@@ -464,7 +663,7 @@ done:
          }
      }
  
-    NtClose(DomainsKeyHandle);
+    RtlReleaseResource(&SampResource);
  
      return Status;
  }
@@ -485,6 +684,13 @@ SamrOpenDomain(IN SAMPR_HANDLE ServerHandle,
      TRACE("SamrOpenDomain(%p %lx %p %p)\n",
            ServerHandle, DesiredAccess, DomainId, DomainHandle);
  
+    /* Map generic access rights */
+    RtlMapGenericMask(&DesiredAccess,
+                      &DomainMapping);
+
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the server handle */
      Status = SampValidateDbObject(ServerHandle,
                                    SamDbServerObject,
@@ -509,6 +715,7 @@ SamrOpenDomain(IN SAMPR_HANDLE ServerHandle,
          Status = SampOpenDbObject(ServerObject,
                                    L"Domains",
                                    L"Builtin",
+                                  0,
                                    SamDbDomainObject,
                                    DesiredAccess,
                                    &DomainObject);
@@ -524,6 +731,7 @@ SamrOpenDomain(IN SAMPR_HANDLE ServerHandle,
          Status = SampOpenDbObject(ServerObject,
                                    L"Domains",
                                    L"Account",
+                                  0,
                                    SamDbDomainObject,
                                    DesiredAccess,
                                    &DomainObject);
@@ -537,6 +745,8 @@ SamrOpenDomain(IN SAMPR_HANDLE ServerHandle,
      if (NT_SUCCESS(Status))
          *DomainHandle = (SAMPR_HANDLE)DomainObject;
  
+    RtlReleaseResource(&SampResource);
+
      TRACE("SamrOpenDomain done (Status 0x%08lx)\n", Status);
  
      return Status;
@@ -618,12 +828,10 @@ SampGetNumberOfAccounts(PSAM_DB_OBJECT DomainObject,
      Status = SampRegQueryKeyInfo(NamesKeyHandle,
                                   NULL,
                                   Count);
-done:
-    if (NamesKeyHandle != NULL)
-        SampRegCloseKey(NamesKeyHandle);
  
-    if (AccountKeyHandle != NULL)
-        SampRegCloseKey(AccountKeyHandle);
+done:
+    SampRegCloseKey(&NamesKeyHandle);
+    SampRegCloseKey(&AccountKeyHandle);
  
      return Status;
  }
@@ -1287,13 +1495,16 @@ SamrQueryInformationDomain(IN SAMPR_HANDLE DomainHandle,
              return STATUS_INVALID_INFO_CLASS;
      }
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the server handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
                                    DesiredAccess,
                                    &DomainObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      switch (DomainInformationClass)
      {
@@ -1361,6 +1572,9 @@ SamrQueryInformationDomain(IN SAMPR_HANDLE DomainHandle,
              Status = STATUS_NOT_IMPLEMENTED;
      }
  
+done:
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
@@ -1561,13 +1775,16 @@ SamrSetInformationDomain(IN SAMPR_HANDLE DomainHandle,
              return STATUS_INVALID_INFO_CLASS;
      }
  
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
      /* Validate the server handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
                                    DesiredAccess,
                                    &DomainObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      switch (DomainInformationClass)
      {
@@ -1582,27 +1799,21 @@ SamrSetInformationDomain(IN SAMPR_HANDLE DomainHandle,
              break;
  
          case DomainOemInformation:
-            Status = SampSetObjectAttribute(DomainObject,
-                                            L"OemInformation",
-                                            REG_SZ,
-                                            DomainInformation->Oem.OemInformation.Buffer,
-                                            DomainInformation->Oem.OemInformation.Length + sizeof(WCHAR));
+            Status = SampSetObjectAttributeString(DomainObject,
+                                                  L"OemInformation",
+                                                  &DomainInformation->Oem.OemInformation);
              break;
  
          case DomainNameInformation:
-            Status = SampSetObjectAttribute(DomainObject,
-                                            L"Name",
-                                            REG_SZ,
-                                            DomainInformation->Name.DomainName.Buffer,
-                                            DomainInformation->Name.DomainName.Length + sizeof(WCHAR));
+            Status = SampSetObjectAttributeString(DomainObject,
+                                                  L"Name",
+                                                  &DomainInformation->Name.DomainName);
              break;
  
          case DomainReplicationInformation:
-            Status = SampSetObjectAttribute(DomainObject,
-                                            L"ReplicaSourceNodeName",
-                                            REG_SZ,
-                                            DomainInformation->Replication.ReplicaSourceNodeName.Buffer,
-                                            DomainInformation->Replication.ReplicaSourceNodeName.Length + sizeof(WCHAR));
+            Status = SampSetObjectAttributeString(DomainObject,
+                                                  L"ReplicaSourceNodeName",
+                                                  &DomainInformation->Replication.ReplicaSourceNodeName);
              break;
  
          case DomainServerRoleInformation:
@@ -1624,6 +1835,9 @@ SamrSetInformationDomain(IN SAMPR_HANDLE DomainHandle,
              Status = STATUS_NOT_IMPLEMENTED;
      }
  
+done:
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
@@ -1637,11 +1851,12 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
                          OUT SAMPR_HANDLE *GroupHandle,
                          OUT unsigned long *RelativeId)
  {
-    UNICODE_STRING EmptyString = RTL_CONSTANT_STRING(L"");
      SAM_DOMAIN_FIXED_DATA FixedDomainData;
      SAM_GROUP_FIXED_DATA FixedGroupData;
      PSAM_DB_OBJECT DomainObject;
      PSAM_DB_OBJECT GroupObject;
+    PSECURITY_DESCRIPTOR Sd = NULL;
+    ULONG SdSize = 0;
      ULONG ulSize;
      ULONG ulRid;
      WCHAR szRid[9];
@@ -1650,6 +1865,13 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
      TRACE("SamrCreateGroupInDomain(%p %p %lx %p %p)\n",
            DomainHandle, Name, DesiredAccess, GroupHandle, RelativeId);
  
+    /* Map generic access rights */
+    RtlMapGenericMask(&DesiredAccess,
+                      &GroupMapping);
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
@@ -1658,7 +1880,15 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
+    }
+
+    /* Check the group account name */
+    Status = SampCheckAccountName(Name, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        goto done;
      }
  
      /* Check if the group name already exists in the domain */
@@ -1668,7 +1898,16 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
      {
          TRACE("Group name \'%S\' already exists in domain (Status 0x%08lx)\n",
                Name->Buffer, Status);
-        return Status;
+        goto done;
+    }
+
+    /* Create the security descriptor */
+    Status = SampCreateGroupSD(&Sd,
+                               &SdSize);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCreateGroupSD failed (Status 0x%08lx)\n", Status);
+        goto done;
      }
  
      /* Get the fixed domain attributes */
@@ -1681,7 +1920,7 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Increment the NextRid attribute */
@@ -1690,14 +1929,14 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
  
      /* Store the fixed domain attributes */
      Status = SampSetObjectAttribute(DomainObject,
-                           L"F",
-                           REG_BINARY,
-                           &FixedDomainData,
-                           ulSize);
+                                    L"F",
+                                    REG_BINARY,
+                                    &FixedDomainData,
+                                    ulSize);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      TRACE("RID: %lx\n", ulRid);
@@ -1709,13 +1948,14 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
      Status = SampCreateDbObject(DomainObject,
                                  L"Groups",
                                  szRid,
+                                ulRid,
                                  SamDbGroupObject,
                                  DesiredAccess,
                                  &GroupObject);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Add the account name of the user object */
@@ -1726,13 +1966,12 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Initialize fixed user data */
      memset(&FixedGroupData, 0, sizeof(SAM_GROUP_FIXED_DATA));
      FixedGroupData.Version = 1;
-
      FixedGroupData.GroupId = ulRid;
  
      /* Set fixed user data attribute */
@@ -1744,31 +1983,39 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the Name attribute */
-    Status = SampSetObjectAttribute(GroupObject,
-                                    L"Name",
-                                    REG_SZ,
-                                    (LPVOID)Name->Buffer,
-                                    Name->MaximumLength);
+    Status = SampSetObjectAttributeString(GroupObject,
+                                          L"Name",
+                                          Name);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the AdminComment attribute */
+    Status = SampSetObjectAttributeString(GroupObject,
+                                          L"AdminComment",
+                                          NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set the SecDesc attribute*/
      Status = SampSetObjectAttribute(GroupObject,
-                                    L"AdminComment",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+                                    L"SecDesc",
+                                    REG_BINARY,
+                                    Sd,
+                                    SdSize);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      if (NT_SUCCESS(Status))
@@ -1777,6 +2024,12 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
          *RelativeId = ulRid;
      }
  
+done:
+    if (Sd != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Sd);
+
+    RtlReleaseResource(&SampResource);
+
      TRACE("returns with status 0x%08lx\n", Status);
  
      return Status;
@@ -1811,20 +2064,23 @@ SamrEnumerateGroupsInDomain(IN SAMPR_HANDLE DomainHandle,
            DomainHandle, EnumerationContext, Buffer,
            PreferedMaximumLength, CountReturned);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
                                    DOMAIN_LIST_ACCOUNTS,
                                    &DomainObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      Status = SampRegOpenKey(DomainObject->KeyHandle,
                              L"Groups",
                              KEY_READ,
                              &GroupsKeyHandle);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      Status = SampRegOpenKey(GroupsKeyHandle,
                              L"Names",
@@ -1973,15 +2229,14 @@ done:
          }
      }
  
-    if (NamesKeyHandle != NULL)
-        SampRegCloseKey(NamesKeyHandle);
-
-    if (GroupsKeyHandle != NULL)
-        SampRegCloseKey(GroupsKeyHandle);
+    SampRegCloseKey(&NamesKeyHandle);
+    SampRegCloseKey(&GroupsKeyHandle);
  
      if ((Status == STATUS_SUCCESS) && (MoreEntries == TRUE))
          Status = STATUS_MORE_ENTRIES;
  
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
@@ -1995,14 +2250,18 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
                         OUT SAMPR_HANDLE *UserHandle,
                         OUT unsigned long *RelativeId)
  {
-    UNICODE_STRING EmptyString = RTL_CONSTANT_STRING(L"");
      SAM_DOMAIN_FIXED_DATA FixedDomainData;
      SAM_USER_FIXED_DATA FixedUserData;
      PSAM_DB_OBJECT DomainObject;
      PSAM_DB_OBJECT UserObject;
+    GROUP_MEMBERSHIP GroupMembership;
+    UCHAR LogonHours[23];
      ULONG ulSize;
      ULONG ulRid;
      WCHAR szRid[9];
+    PSECURITY_DESCRIPTOR Sd = NULL;
+    ULONG SdSize = 0;
+    PSID UserSid = NULL;
      NTSTATUS Status;
  
      TRACE("SamrCreateUserInDomain(%p %p %lx %p %p)\n",
@@ -2015,6 +2274,13 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
          RelativeId == NULL)
          return STATUS_INVALID_PARAMETER;
  
+    /* Map generic access rights */
+    RtlMapGenericMask(&DesiredAccess,
+                      &UserMapping);
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
@@ -2023,7 +2289,15 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
+    }
+
+    /* Check the user account name */
+    Status = SampCheckAccountName(Name, 20);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        goto done;
      }
  
      /* Check if the user name already exists in the domain */
@@ -2033,7 +2307,7 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
      {
          TRACE("User name \'%S\' already exists in domain (Status 0x%08lx)\n",
                Name->Buffer, Status);
-        return Status;
+        goto done;
      }
  
      /* Get the fixed domain attributes */
@@ -2046,13 +2320,35 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Increment the NextRid attribute */
      ulRid = FixedDomainData.NextRid;
      FixedDomainData.NextRid++;
  
+    TRACE("RID: %lx\n", ulRid);
+
+    /* Create the user SID */
+    Status = SampCreateAccountSid(DomainObject,
+                                  ulRid,
+                                  &UserSid);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCreateAccountSid failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Create the security descriptor */
+    Status = SampCreateUserSD(UserSid,
+                              &Sd,
+                              &SdSize);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCreateUserSD failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
      /* Store the fixed domain attributes */
      Status = SampSetObjectAttribute(DomainObject,
                             L"F",
@@ -2062,11 +2358,9 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
-    TRACE("RID: %lx\n", ulRid);
-
      /* Convert the RID into a string (hex) */
      swprintf(szRid, L"%08lX", ulRid);
  
@@ -2074,13 +2368,14 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
      Status = SampCreateDbObject(DomainObject,
                                  L"Users",
                                  szRid,
+                                ulRid,
                                  SamDbUserObject,
                                  DesiredAccess,
                                  &UserObject);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Add the account name for the user object */
@@ -2091,12 +2386,13 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Initialize fixed user data */
      memset(&FixedUserData, 0, sizeof(SAM_USER_FIXED_DATA));
      FixedUserData.Version = 1;
+    FixedUserData.Reserved = 0;
      FixedUserData.LastLogon.QuadPart = 0;
      FixedUserData.LastLogoff.QuadPart = 0;
      FixedUserData.PasswordLastSet.QuadPart = 0;
@@ -2108,6 +2404,12 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
      FixedUserData.UserAccountControl = USER_ACCOUNT_DISABLED |
                                         USER_PASSWORD_NOT_REQUIRED |
                                         USER_NORMAL_ACCOUNT;
+    FixedUserData.CountryCode = 0;
+    FixedUserData.CodePage = 0;
+    FixedUserData.BadPasswordCount = 0;
+    FixedUserData.LogonCount = 0;
+    FixedUserData.AdminCount = 0;
+    FixedUserData.OperatorCount = 0;
  
      /* Set fixed user data attribute */
      Status = SampSetObjectAttribute(UserObject,
@@ -2118,118 +2420,210 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the Name attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"Name",
-                                    REG_SZ,
-                                    (LPVOID)Name->Buffer,
-                                    Name->MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"Name",
+                                          Name);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the FullName attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"FullName",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"FullName",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the HomeDirectory attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"HomeDirectory",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"HomeDirectory",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the HomeDirectoryDrive attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"HomeDirectoryDrive",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"HomeDirectoryDrive",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the ScriptPath attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"ScriptPath",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"ScriptPath",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the ProfilePath attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"ProfilePath",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"ProfilePath",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the AdminComment attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"AdminComment",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"AdminComment",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the UserComment attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"UserComment",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"UserComment",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the WorkStations attribute */
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"WorkStations",
+                                          NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set the Parameters attribute */
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"Parameters",
+                                          NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set LogonHours attribute*/
+    *((PUSHORT)LogonHours) = 168;
+    memset(&(LogonHours[2]), 0xff, 21);
+
      Status = SampSetObjectAttribute(UserObject,
-                                    L"WorkStations",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+                                    L"LogonHours",
+                                    REG_BINARY,
+                                    &LogonHours,
+                                    sizeof(LogonHours));
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
+    }
+
+    /* Set Groups attribute*/
+    GroupMembership.RelativeId = DOMAIN_GROUP_RID_USERS;
+    GroupMembership.Attributes = SE_GROUP_MANDATORY |
+                                 SE_GROUP_ENABLED |
+                                 SE_GROUP_ENABLED_BY_DEFAULT;
+
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"Groups",
+                                    REG_BINARY,
+                                    &GroupMembership,
+                                    sizeof(GROUP_MEMBERSHIP));
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set LMPwd attribute*/
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"LMPwd",
+                                    REG_BINARY,
+                                    &EmptyLmHash,
+                                    sizeof(ENCRYPTED_LM_OWF_PASSWORD));
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set NTPwd attribute*/
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"NTPwd",
+                                    REG_BINARY,
+                                    &EmptyNtHash,
+                                    sizeof(ENCRYPTED_NT_OWF_PASSWORD));
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set LMPwdHistory attribute*/
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"LMPwdHistory",
+                                    REG_BINARY,
+                                    NULL,
+                                    0);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set NTPwdHistory attribute*/
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"NTPwdHistory",
+                                    REG_BINARY,
+                                    NULL,
+                                    0);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set the PrivateData attribute */
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"PrivateData",
+                                          NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
      }
  
-    /* FIXME: Set default user attributes */
+    /* Set the SecDesc attribute*/
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"SecDesc",
+                                    REG_BINARY,
+                                    Sd,
+                                    SdSize);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
  
      if (NT_SUCCESS(Status))
      {
@@ -2237,6 +2631,15 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
          *RelativeId = ulRid;
      }
  
+done:
+    if (Sd != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Sd);
+
+    if (UserSid != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, UserSid);
+
+    RtlReleaseResource(&SampResource);
+
      TRACE("returns with status 0x%08lx\n", Status);
  
      return Status;
@@ -2272,20 +2675,23 @@ SamrEnumerateUsersInDomain(IN SAMPR_HANDLE DomainHandle,
            DomainHandle, EnumerationContext, UserAccountControl, Buffer,
            PreferedMaximumLength, CountReturned);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
                                    DOMAIN_LIST_ACCOUNTS,
                                    &DomainObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      Status = SampRegOpenKey(DomainObject->KeyHandle,
                              L"Users",
                              KEY_READ,
                              &UsersKeyHandle);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      Status = SampRegOpenKey(UsersKeyHandle,
                              L"Names",
@@ -2434,15 +2840,14 @@ done:
          }
      }
  
-    if (NamesKeyHandle != NULL)
-        SampRegCloseKey(NamesKeyHandle);
-
-    if (UsersKeyHandle != NULL)
-        SampRegCloseKey(UsersKeyHandle);
+    SampRegCloseKey(&NamesKeyHandle);
+    SampRegCloseKey(&UsersKeyHandle);
  
      if ((Status == STATUS_SUCCESS) && (MoreEntries == TRUE))
          Status = STATUS_MORE_ENTRIES;
  
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
@@ -2459,7 +2864,8 @@ SamrCreateAliasInDomain(IN SAMPR_HANDLE DomainHandle,
      SAM_DOMAIN_FIXED_DATA FixedDomainData;
      PSAM_DB_OBJECT DomainObject;
      PSAM_DB_OBJECT AliasObject;
-    UNICODE_STRING EmptyString = RTL_CONSTANT_STRING(L"");
+    PSECURITY_DESCRIPTOR Sd = NULL;
+    ULONG SdSize = 0;
      ULONG ulSize;
      ULONG ulRid;
      WCHAR szRid[9];
@@ -2468,6 +2874,13 @@ SamrCreateAliasInDomain(IN SAMPR_HANDLE DomainHandle,
      TRACE("SamrCreateAliasInDomain(%p %p %lx %p %p)\n",
            DomainHandle, AccountName, DesiredAccess, AliasHandle, RelativeId);
  
+    /* Map generic access rights */
+    RtlMapGenericMask(&DesiredAccess,
+                      &AliasMapping);
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
@@ -2476,7 +2889,15 @@ SamrCreateAliasInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
+    }
+
+    /* Check the alias acoount name */
+    Status = SampCheckAccountName(AccountName, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        goto done;
      }
  
      /* Check if the alias name already exists in the domain */
@@ -2486,7 +2907,16 @@ SamrCreateAliasInDomain(IN SAMPR_HANDLE DomainHandle,
      {
          TRACE("Alias name \'%S\' already exists in domain (Status 0x%08lx)\n",
                AccountName->Buffer, Status);
-        return Status;
+        goto done;
+    }
+
+    /* Create the security descriptor */
+    Status = SampCreateAliasSD(&Sd,
+                               &SdSize);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCreateAliasSD failed (Status 0x%08lx)\n", Status);
+        goto done;
      }
  
      /* Get the fixed domain attributes */
@@ -2499,7 +2929,7 @@ SamrCreateAliasInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Increment the NextRid attribute */
@@ -2515,7 +2945,7 @@ SamrCreateAliasInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      TRACE("RID: %lx\n", ulRid);
@@ -2527,13 +2957,14 @@ SamrCreateAliasInDomain(IN SAMPR_HANDLE DomainHandle,
      Status = SampCreateDbObject(DomainObject,
                                  L"Aliases",
                                  szRid,
+                                ulRid,
                                  SamDbAliasObject,
                                  DesiredAccess,
                                  &AliasObject);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Add the account name for the alias object */
@@ -2544,31 +2975,39 @@ SamrCreateAliasInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the Name attribute */
-    Status = SampSetObjectAttribute(AliasObject,
-                                    L"Name",
-                                    REG_SZ,
-                                    (LPVOID)AccountName->Buffer,
-                                    AccountName->MaximumLength);
+    Status = SampSetObjectAttributeString(AliasObject,
+                                          L"Name",
+                                          AccountName);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the Description attribute */
+    Status = SampSetObjectAttributeString(AliasObject,
+                                          L"Description",
+                                          NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set the SecDesc attribute*/
      Status = SampSetObjectAttribute(AliasObject,
-                                    L"Description",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+                                    L"SecDesc",
+                                    REG_BINARY,
+                                    Sd,
+                                    SdSize);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      if (NT_SUCCESS(Status))
@@ -2577,6 +3016,12 @@ SamrCreateAliasInDomain(IN SAMPR_HANDLE DomainHandle,
          *RelativeId = ulRid;
      }
  
+done:
+    if (Sd != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Sd);
+
+    RtlReleaseResource(&SampResource);
+
      TRACE("returns with status 0x%08lx\n", Status);
  
      return Status;
@@ -2611,20 +3056,23 @@ SamrEnumerateAliasesInDomain(IN SAMPR_HANDLE DomainHandle,
            DomainHandle, EnumerationContext, Buffer,
            PreferedMaximumLength, CountReturned);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
                                    DOMAIN_LIST_ACCOUNTS,
                                    &DomainObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      Status = SampRegOpenKey(DomainObject->KeyHandle,
                              L"Aliases",
                              KEY_READ,
                              &AliasesKeyHandle);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      Status = SampRegOpenKey(AliasesKeyHandle,
                              L"Names",
@@ -2773,15 +3221,14 @@ done:
          }
      }
  
-    if (NamesKeyHandle != NULL)
-        SampRegCloseKey(NamesKeyHandle);
-
-    if (AliasesKeyHandle != NULL)
-        SampRegCloseKey(AliasesKeyHandle);
+    SampRegCloseKey(&NamesKeyHandle);
+    SampRegCloseKey(&AliasesKeyHandle);
  
      if ((Status == STATUS_SUCCESS) && (MoreEntries == TRUE))
          Status = STATUS_MORE_ENTRIES;
  
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
@@ -2803,18 +3250,23 @@ SamrGetAliasMembership(IN SAMPR_HANDLE DomainHandle,
      ULONG ValueCount;
      ULONG DataLength;
      ULONG i, j;
+    ULONG RidIndex;
      NTSTATUS Status;
+    WCHAR NameBuffer[9];
  
      TRACE("SamrGetAliasMembership(%p %p %p)\n",
            DomainHandle, SidArray, Membership);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
-                                  DOMAIN_LOOKUP,
+                                  DOMAIN_GET_ALIAS_MEMBERSHIP,
                                    &DomainObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      Status = SampRegOpenKey(DomainObject->KeyHandle,
                              L"Aliases",
@@ -2829,6 +3281,13 @@ SamrGetAliasMembership(IN SAMPR_HANDLE DomainHandle,
                              KEY_READ,
                              &MembersKeyHandle);
      TRACE("SampRegOpenKey returned %08lX\n", Status);
+
+    if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
+    {
+        Status = STATUS_SUCCESS;
+        goto done;
+    }
+
      if (!NT_SUCCESS(Status))
          goto done;
  
@@ -2853,13 +3312,21 @@ TRACE("Open %S\n", MemberSidString);
                  MaxSidCount += ValueCount;
              }
  
-
-            NtClose(MemberKeyHandle);
+            SampRegCloseKey(&MemberKeyHandle);
          }
  
+        if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
+            Status = STATUS_SUCCESS;
+
          LocalFree(MemberSidString);
      }
  
+    if (MaxSidCount == 0)
+    {
+        Status = STATUS_SUCCESS;
+        goto done;
+    }
+
      TRACE("Maximum sid count: %lu\n", MaxSidCount);
      RidArray = midl_user_allocate(MaxSidCount * sizeof(ULONG));
      if (RidArray == NULL)
@@ -2868,6 +3335,7 @@ TRACE("Open %S\n", MemberSidString);
          goto done;
      }
  
+    RidIndex = 0;
      for (i = 0; i < SidArray->Count; i++)
      {
          ConvertSidToStringSid(SidArray->Sids[i].SidPointer, &MemberSidString);
@@ -2889,25 +3357,33 @@ TRACE("Open %S\n", MemberSidString);
  
                  for (j = 0; j < ValueCount; j++)
                  {
-                    DataLength = sizeof(ULONG);
+                    DataLength = 9 * sizeof(WCHAR);
                      Status = SampRegEnumerateValue(MemberKeyHandle,
                                                     j,
-                      NULL,
-                      NULL,
-                      NULL,
-                      (PVOID)&RidArray[j],
-                      &DataLength);
+                                                   NameBuffer,
+                                                   &DataLength,
+                                                   NULL,
+                                                   NULL,
+                                                   NULL);
+                    if (NT_SUCCESS(Status))
+                    {
+                        /* FIXME: Do not return each RID more than once. */
+                        RidArray[RidIndex] = wcstoul(NameBuffer, NULL, 16);
+                        RidIndex++;
+                    }
                  }
              }
  
-            NtClose(MemberKeyHandle);
+            SampRegCloseKey(&MemberKeyHandle);
          }
  
          LocalFree(MemberSidString);
      }
  
-
  done:
+    SampRegCloseKey(&MembersKeyHandle);
+    SampRegCloseKey(&AliasesKeyHandle);
+
      if (NT_SUCCESS(Status))
      {
          Membership->Count = MaxSidCount;
@@ -2919,14 +3395,7 @@ done:
              midl_user_free(RidArray);
      }
  
-    if (MembersKeyHandle != NULL)
-        NtClose(MembersKeyHandle);
-
-    if (MembersKeyHandle != NULL)
-        NtClose(MembersKeyHandle);
-
-    if (AliasesKeyHandle != NULL)
-        NtClose(AliasesKeyHandle);
+    RtlReleaseResource(&SampResource);
  
      return Status;
  }
@@ -2942,8 +3411,8 @@ SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle,
                          OUT PSAMPR_ULONG_ARRAY Use)
  {
      PSAM_DB_OBJECT DomainObject;
-    HANDLE AccountsKeyHandle;
-    HANDLE NamesKeyHandle;
+    HANDLE AccountsKeyHandle = NULL;
+    HANDLE NamesKeyHandle = NULL;
      ULONG MappedCount = 0;
      ULONG DataLength;
      ULONG i;
@@ -2953,6 +3422,9 @@ SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle,
      TRACE("SamrLookupNamesInDomain(%p %lu %p %p %p)\n",
            DomainHandle, Count, Names, RelativeIds, Use);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
@@ -2961,14 +3433,17 @@ SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      RelativeIds->Count = 0;
      Use->Count = 0;
  
      if (Count == 0)
-        return STATUS_SUCCESS;
+    {
+        Status = STATUS_SUCCESS;
+        goto done;
+    }
  
      /* Allocate the relative IDs array */
      RelativeIds->Element = midl_user_allocate(Count * sizeof(ULONG));
@@ -3015,10 +3490,10 @@ SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle,
                                             &RelativeId,
                                             &DataLength);
  
-                SampRegCloseKey(NamesKeyHandle);
+                SampRegCloseKey(&NamesKeyHandle);
              }
  
-            SampRegCloseKey(AccountsKeyHandle);
+            SampRegCloseKey(&AccountsKeyHandle);
          }
  
          if (!NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND)
@@ -3054,10 +3529,10 @@ SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle,
                                             &RelativeId,
                                             &DataLength);
  
-                SampRegCloseKey(NamesKeyHandle);
+                SampRegCloseKey(&NamesKeyHandle);
              }
  
-            SampRegCloseKey(AccountsKeyHandle);
+            SampRegCloseKey(&AccountsKeyHandle);
          }
  
          if (!NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND)
@@ -3093,10 +3568,10 @@ SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle,
                                             &RelativeId,
                                             &DataLength);
  
-                SampRegCloseKey(NamesKeyHandle);
+                SampRegCloseKey(&NamesKeyHandle);
              }
  
-            SampRegCloseKey(AccountsKeyHandle);
+            SampRegCloseKey(&AccountsKeyHandle);
          }
  
          if (!NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND)
@@ -3147,6 +3622,8 @@ done:
          Use->Count = 0;
      }
  
+    RtlReleaseResource(&SampResource);
+
      TRACE("Returned Status %lx\n", Status);
  
      return Status;
@@ -3164,8 +3641,8 @@ SamrLookupIdsInDomain(IN SAMPR_HANDLE DomainHandle,
  {
      PSAM_DB_OBJECT DomainObject;
      WCHAR RidString[9];
-    HANDLE AccountsKeyHandle;
-    HANDLE AccountKeyHandle;
+    HANDLE AccountsKeyHandle = NULL;
+    HANDLE AccountKeyHandle = NULL;
      ULONG MappedCount = 0;
      ULONG DataLength;
      ULONG i;
@@ -3174,6 +3651,9 @@ SamrLookupIdsInDomain(IN SAMPR_HANDLE DomainHandle,
      TRACE("SamrLookupIdsInDomain(%p %lu %p %p %p)\n",
            DomainHandle, Count, RelativeIds, Names, Use);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
@@ -3182,17 +3662,20 @@ SamrLookupIdsInDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      Names->Count = 0;
      Use->Count = 0;
  
      if (Count == 0)
-        return STATUS_SUCCESS;
+    {
+        Status = STATUS_SUCCESS;
+        goto done;
+    }
  
      /* Allocate the names array */
-    Names->Element = midl_user_allocate(Count * sizeof(ULONG));
+    Names->Element = midl_user_allocate(Count * sizeof(*Names->Element));
      if (Names->Element == NULL)
      {
          Status = STATUS_INSUFFICIENT_RESOURCES;
@@ -3200,7 +3683,7 @@ SamrLookupIdsInDomain(IN SAMPR_HANDLE DomainHandle,
      }
  
      /* Allocate the use array */
-    Use->Element = midl_user_allocate(Count * sizeof(ULONG));
+    Use->Element = midl_user_allocate(Count * sizeof(*Use->Element));
      if (Use->Element == NULL)
      {
          Status = STATUS_INSUFFICIENT_RESOURCES;
@@ -3254,10 +3737,10 @@ SamrLookupIdsInDomain(IN SAMPR_HANDLE DomainHandle,
                      }
                  }
  
-                SampRegCloseKey(AccountKeyHandle);
+                SampRegCloseKey(&AccountKeyHandle);
              }
  
-            SampRegCloseKey(AccountsKeyHandle);
+            SampRegCloseKey(&AccountsKeyHandle);
          }
  
          if (!NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND)
@@ -3310,10 +3793,10 @@ SamrLookupIdsInDomain(IN SAMPR_HANDLE DomainHandle,
                      }
                  }
  
-                SampRegCloseKey(AccountKeyHandle);
+                SampRegCloseKey(&AccountKeyHandle);
              }
  
-            SampRegCloseKey(AccountsKeyHandle);
+            SampRegCloseKey(&AccountsKeyHandle);
          }
  
          if (!NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND)
@@ -3368,10 +3851,10 @@ SamrLookupIdsInDomain(IN SAMPR_HANDLE DomainHandle,
                      }
                  }
  
-                SampRegCloseKey(AccountKeyHandle);
+                SampRegCloseKey(&AccountKeyHandle);
              }
  
-            SampRegCloseKey(AccountsKeyHandle);
+            SampRegCloseKey(&AccountsKeyHandle);
          }
  
          if (!NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND)
@@ -3426,6 +3909,8 @@ done:
          Use->Count = 0;
      }
  
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
@@ -3446,6 +3931,13 @@ SamrOpenGroup(IN SAMPR_HANDLE DomainHandle,
      TRACE("SamrOpenGroup(%p %lx %lx %p)\n",
            DomainHandle, DesiredAccess, GroupId, GroupHandle);
  
+    /* Map generic access rights */
+    RtlMapGenericMask(&DesiredAccess,
+                      &GroupMapping);
+
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
@@ -3454,7 +3946,7 @@ SamrOpenGroup(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Convert the RID into a string (hex) */
@@ -3464,18 +3956,22 @@ SamrOpenGroup(IN SAMPR_HANDLE DomainHandle,
      Status = SampOpenDbObject(DomainObject,
                                L"Groups",
                                szRid,
+                              GroupId,
                                SamDbGroupObject,
                                DesiredAccess,
                                &GroupObject);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      *GroupHandle = (SAMPR_HANDLE)GroupObject;
  
-    return STATUS_SUCCESS;
+done:
+    RtlReleaseResource(&SampResource);
+
+    return Status;
  }
  
  
@@ -3484,8 +3980,8 @@ SampQueryGroupGeneral(PSAM_DB_OBJECT GroupObject,
                        PSAMPR_GROUP_INFO_BUFFER *Buffer)
  {
      PSAMPR_GROUP_INFO_BUFFER InfoBuffer = NULL;
-    HANDLE MembersKeyHandle = NULL;
      SAM_GROUP_FIXED_DATA FixedData;
+    ULONG MembersLength = 0;
      ULONG Length = 0;
      NTSTATUS Status;
  
@@ -3524,33 +4020,22 @@ SampQueryGroupGeneral(PSAM_DB_OBJECT GroupObject,
  
      InfoBuffer->General.Attributes = FixedData.Attributes;
  
-    /* Open the Members subkey */
-    Status = SampRegOpenKey(GroupObject->KeyHandle,
-                            L"Members",
-                            KEY_READ,
-                            &MembersKeyHandle);
-    if (!NT_SUCCESS(Status))
-    {
-        TRACE("Status 0x%08lx\n", Status);
+    Status = SampGetObjectAttribute(GroupObject,
+                                    L"Members",
+                                    NULL,
+                                    NULL,
+                                    &MembersLength);
+    if (!NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND)
          goto done;
-    }
  
-    /* Retrieve the number of members of the alias */
-    Status = SampRegQueryKeyInfo(MembersKeyHandle,
-                                 NULL,
-                                 &InfoBuffer->General.MemberCount);
-    if (!NT_SUCCESS(Status))
-    {
-        TRACE("Status 0x%08lx\n", Status);
-        goto done;
-    }
+    if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
+        InfoBuffer->General.MemberCount = 0;
+    else
+        InfoBuffer->General.MemberCount = MembersLength / sizeof(ULONG);
  
      *Buffer = InfoBuffer;
  
  done:
-    if (MembersKeyHandle != NULL)
-        SampRegCloseKey(MembersKeyHandle);
-
      if (!NT_SUCCESS(Status))
      {
          if (InfoBuffer != NULL)
@@ -3703,13 +4188,16 @@ SamrQueryInformationGroup(IN SAMPR_HANDLE GroupHandle,
      TRACE("SamrQueryInformationGroup(%p %lu %p)\n",
            GroupHandle, GroupInformationClass, Buffer);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the group handle */
      Status = SampValidateDbObject(GroupHandle,
                                    SamDbGroupObject,
                                    GROUP_READ_INFORMATION,
                                    &GroupObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      switch (GroupInformationClass)
      {
@@ -3738,38 +4226,117 @@ SamrQueryInformationGroup(IN SAMPR_HANDLE GroupHandle,
              break;
      }
  
+done:
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
  
  static NTSTATUS
-SampSetGroupAttribute(PSAM_DB_OBJECT GroupObject,
-                      PSAMPR_GROUP_INFO_BUFFER Buffer)
+SampSetGroupName(PSAM_DB_OBJECT GroupObject,
+                 PSAMPR_GROUP_INFO_BUFFER Buffer)
  {
-    SAM_GROUP_FIXED_DATA FixedData;
-    ULONG Length = 0;
+    UNICODE_STRING OldGroupName = {0, 0, NULL};
+    UNICODE_STRING NewGroupName;
      NTSTATUS Status;
  
-    Length = sizeof(SAM_GROUP_FIXED_DATA);
-    Status = SampGetObjectAttribute(GroupObject,
-                                    L"F",
-                                    NULL,
-                                    (PVOID)&FixedData,
-                                    &Length);
+    Status = SampGetObjectAttributeString(GroupObject,
+                                          L"Name",
+                                          (PRPC_UNICODE_STRING)&OldGroupName);
      if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampGetObjectAttributeString failed (Status 0x%08lx)\n", Status);
          goto done;
+    }
  
-    FixedData.Attributes = Buffer->Attribute.Attributes;
-
-    Status = SampSetObjectAttribute(GroupObject,
-                                    L"F",
-                                    REG_BINARY,
-                                    &FixedData,
-                                    Length);
+    /* Check the new account name */
+    Status = SampCheckAccountName(&Buffer->Name.Name, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
  
-done:
-    return Status;
-}
+    NewGroupName.Length = Buffer->Name.Name.Length;
+    NewGroupName.MaximumLength = Buffer->Name.Name.MaximumLength;
+    NewGroupName.Buffer = Buffer->Name.Name.Buffer;
+
+    if (!RtlEqualUnicodeString(&OldGroupName, &NewGroupName, TRUE))
+    {
+        Status = SampCheckAccountNameInDomain(GroupObject->ParentObject,
+                                              NewGroupName.Buffer);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Group name \'%S\' already exists in domain (Status 0x%08lx)\n",
+                  NewGroupName.Buffer, Status);
+            goto done;
+        }
+    }
+
+    Status = SampSetAccountNameInDomain(GroupObject->ParentObject,
+                                        L"Groups",
+                                        NewGroupName.Buffer,
+                                        GroupObject->RelativeId);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampSetAccountNameInDomain failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    Status = SampRemoveAccountNameFromDomain(GroupObject->ParentObject,
+                                             L"Groups",
+                                             OldGroupName.Buffer);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampRemoveAccountNameFromDomain failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    Status = SampSetObjectAttributeString(GroupObject,
+                                          L"Name",
+                                          (PRPC_UNICODE_STRING)&NewGroupName);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampSetObjectAttribute failed (Status 0x%08lx)\n", Status);
+    }
+
+done:
+    if (OldGroupName.Buffer != NULL)
+        midl_user_free(OldGroupName.Buffer);
+
+    return Status;
+}
+
+
+static NTSTATUS
+SampSetGroupAttribute(PSAM_DB_OBJECT GroupObject,
+                      PSAMPR_GROUP_INFO_BUFFER Buffer)
+{
+    SAM_GROUP_FIXED_DATA FixedData;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    Length = sizeof(SAM_GROUP_FIXED_DATA);
+    Status = SampGetObjectAttribute(GroupObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&FixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    FixedData.Attributes = Buffer->Attribute.Attributes;
+
+    Status = SampSetObjectAttribute(GroupObject,
+                                    L"F",
+                                    REG_BINARY,
+                                    &FixedData,
+                                    Length);
+
+done:
+    return Status;
+}
  
  
  /* Function 21 */
@@ -3785,22 +4352,22 @@ SamrSetInformationGroup(IN SAMPR_HANDLE GroupHandle,
      TRACE("SamrSetInformationGroup(%p %lu %p)\n",
            GroupHandle, GroupInformationClass, Buffer);
  
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
      /* Validate the group handle */
      Status = SampValidateDbObject(GroupHandle,
                                    SamDbGroupObject,
                                    GROUP_WRITE_ACCOUNT,
                                    &GroupObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      switch (GroupInformationClass)
      {
          case GroupNameInformation:
-            Status = SampSetObjectAttribute(GroupObject,
-                                            L"Name",
-                                            REG_SZ,
-                                            Buffer->Name.Name.Buffer,
-                                            Buffer->Name.Name.Length + sizeof(WCHAR));
+            Status = SampSetGroupName(GroupObject,
+                                      Buffer);
              break;
  
          case GroupAttributeInformation:
@@ -3809,11 +4376,9 @@ SamrSetInformationGroup(IN SAMPR_HANDLE GroupHandle,
              break;
  
          case GroupAdminCommentInformation:
-            Status = SampSetObjectAttribute(GroupObject,
-                                            L"Description",
-                                            REG_SZ,
-                                            Buffer->AdminComment.AdminComment.Buffer,
-                                            Buffer->AdminComment.AdminComment.Length + sizeof(WCHAR));
+            Status = SampSetObjectAttributeString(GroupObject,
+                                                  L"Description",
+                                                  &Buffer->AdminComment.AdminComment);
              break;
  
          default:
@@ -3821,6 +4386,9 @@ SamrSetInformationGroup(IN SAMPR_HANDLE GroupHandle,
              break;
      }
  
+done:
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
@@ -3832,39 +4400,304 @@ SamrAddMemberToGroup(IN SAMPR_HANDLE GroupHandle,
                       IN unsigned long MemberId,
                       IN unsigned long Attributes)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    PSAM_DB_OBJECT GroupObject;
+    PSAM_DB_OBJECT UserObject = NULL;
+    NTSTATUS Status;
+
+    TRACE("(%p %lu %lx)\n",
+          GroupHandle, MemberId, Attributes);
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
+    /* Validate the group handle */
+    Status = SampValidateDbObject(GroupHandle,
+                                  SamDbGroupObject,
+                                  GROUP_ADD_MEMBER,
+                                  &GroupObject);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    /* Open the user object in the same domain */
+    Status = SampOpenUserObject(GroupObject->ParentObject,
+                                MemberId,
+                                0,
+                                &UserObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampOpenUserObject() failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Add group membership to the user object */
+    Status = SampAddGroupMembershipToUser(UserObject,
+                                          GroupObject->RelativeId,
+                                          Attributes);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampAddGroupMembershipToUser() failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Add the member to the group object */
+    Status = SampAddMemberToGroup(GroupObject,
+                                  MemberId);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampAddMemberToGroup() failed (Status 0x%08lx)\n", Status);
+    }
+
+done:
+    if (UserObject)
+        SampCloseDbObject(UserObject);
+
+    RtlReleaseResource(&SampResource);
+
+    return Status;
  }
  
-/* Function 21 */
+
+/* Function 23 */
  NTSTATUS
  NTAPI
  SamrDeleteGroup(IN OUT SAMPR_HANDLE *GroupHandle)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    PSAM_DB_OBJECT GroupObject;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    TRACE("(%p)\n", GroupHandle);
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
+    /* Validate the group handle */
+    Status = SampValidateDbObject(*GroupHandle,
+                                  SamDbGroupObject,
+                                  DELETE,
+                                  &GroupObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampValidateDbObject() failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Fail, if the group is built-in */
+    if (GroupObject->RelativeId < 1000)
+    {
+        TRACE("You can not delete a special account!\n");
+        Status = STATUS_SPECIAL_ACCOUNT;
+        goto done;
+    }
+
+    /* Get the length of the Members attribute */
+    SampGetObjectAttribute(GroupObject,
+                           L"Members",
+                           NULL,
+                           NULL,
+                           &Length);
+
+    /* Fail, if the group has members */
+    if (Length != 0)
+    {
+        TRACE("There are still members in the group!\n");
+        Status = STATUS_MEMBER_IN_GROUP;
+        goto done;
+    }
+
+    /* FIXME: Remove the group from all aliases */
+
+    /* Delete the group from the database */
+    Status = SampDeleteAccountDbObject(GroupObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampDeleteAccountDbObject() failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Invalidate the handle */
+    *GroupHandle = NULL;
+
+done:
+    RtlReleaseResource(&SampResource);
+
+    return Status;
  }
  
+
  /* Function 24 */
  NTSTATUS
  NTAPI
  SamrRemoveMemberFromGroup(IN SAMPR_HANDLE GroupHandle,
                            IN unsigned long MemberId)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    PSAM_DB_OBJECT GroupObject;
+    PSAM_DB_OBJECT UserObject = NULL;
+    NTSTATUS Status;
+
+    TRACE("(%p %lu)\n",
+          GroupHandle, MemberId);
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
+    /* Validate the group handle */
+    Status = SampValidateDbObject(GroupHandle,
+                                  SamDbGroupObject,
+                                  GROUP_REMOVE_MEMBER,
+                                  &GroupObject);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    /* Open the user object in the same domain */
+    Status = SampOpenUserObject(GroupObject->ParentObject,
+                                MemberId,
+                                0,
+                                &UserObject);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("SampOpenUserObject() failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Remove group membership from the user object */
+    Status = SampRemoveGroupMembershipFromUser(UserObject,
+                                               GroupObject->RelativeId);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("SampAddGroupMembershipToUser() failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Remove the member from the group object */
+    Status = SampRemoveMemberFromGroup(GroupObject,
+                                       MemberId);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("SampRemoveMemberFromGroup() failed (Status 0x%08lx)\n", Status);
+    }
+
+done:
+    if (UserObject)
+        SampCloseDbObject(UserObject);
+
+    RtlReleaseResource(&SampResource);
+
+    return Status;
  }
  
+
  /* Function 25 */
  NTSTATUS
  NTAPI
  SamrGetMembersInGroup(IN SAMPR_HANDLE GroupHandle,
                        OUT PSAMPR_GET_MEMBERS_BUFFER *Members)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    PSAMPR_GET_MEMBERS_BUFFER MembersBuffer = NULL;
+    PSAM_DB_OBJECT GroupObject;
+    ULONG Length = 0;
+    ULONG i;
+    NTSTATUS Status;
+
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
+    /* Validate the group handle */
+    Status = SampValidateDbObject(GroupHandle,
+                                  SamDbGroupObject,
+                                  GROUP_LIST_MEMBERS,
+                                  &GroupObject);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    MembersBuffer = midl_user_allocate(sizeof(SAMPR_GET_MEMBERS_BUFFER));
+    if (MembersBuffer == NULL)
+    {
+        Status = STATUS_INSUFFICIENT_RESOURCES;
+        goto done;
+    }
+
+    SampGetObjectAttribute(GroupObject,
+                           L"Members",
+                           NULL,
+                           NULL,
+                           &Length);
+
+    if (Length == 0)
+    {
+        MembersBuffer->MemberCount = 0;
+        MembersBuffer->Members = NULL;
+        MembersBuffer->Attributes = NULL;
+
+        *Members = MembersBuffer;
+
+        Status = STATUS_SUCCESS;
+        goto done;
+    }
+
+    MembersBuffer->Members = midl_user_allocate(Length);
+    if (MembersBuffer->Members == NULL)
+    {
+        Status = STATUS_INSUFFICIENT_RESOURCES;
+        goto done;
+    }
+
+    MembersBuffer->Attributes = midl_user_allocate(Length);
+    if (MembersBuffer->Attributes == NULL)
+    {
+        Status = STATUS_INSUFFICIENT_RESOURCES;
+        goto done;
+    }
+
+    Status = SampGetObjectAttribute(GroupObject,
+                                    L"Members",
+                                    NULL,
+                                    MembersBuffer->Members,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampGetObjectAttributes() failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    MembersBuffer->MemberCount = Length / sizeof(ULONG);
+
+    for (i = 0; i < MembersBuffer->MemberCount; i++)
+    {
+        Status = SampGetUserGroupAttributes(GroupObject->ParentObject,
+                                            MembersBuffer->Members[i],
+                                            GroupObject->RelativeId,
+                                            &(MembersBuffer->Attributes[i]));
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("SampGetUserGroupAttributes() failed (Status 0x%08lx)\n", Status);
+            goto done;
+        }
+    }
+
+    *Members = MembersBuffer;
+
+done:
+    if (!NT_SUCCESS(Status))
+    {
+        if (MembersBuffer != NULL)
+        {
+            if (MembersBuffer->Members != NULL)
+                midl_user_free(MembersBuffer->Members);
+
+            if (MembersBuffer->Attributes != NULL)
+                midl_user_free(MembersBuffer->Attributes);
+
+            midl_user_free(MembersBuffer);
+        }
+    }
+
+    RtlReleaseResource(&SampResource);
+
+    return Status;
  }
  
+
  /* Function 26 */
  NTSTATUS
  NTAPI
@@ -3872,8 +4705,36 @@ SamrSetMemberAttributesOfGroup(IN SAMPR_HANDLE GroupHandle,
                                 IN unsigned long MemberId,
                                 IN unsigned long Attributes)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    PSAM_DB_OBJECT GroupObject;
+    NTSTATUS Status;
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
+    /* Validate the group handle */
+    Status = SampValidateDbObject(GroupHandle,
+                                  SamDbGroupObject,
+                                  GROUP_ADD_MEMBER,
+                                  &GroupObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampValidateDbObject failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    Status = SampSetUserGroupAttributes(GroupObject->ParentObject,
+                                        MemberId,
+                                        GroupObject->RelativeId,
+                                        Attributes);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampSetUserGroupAttributes failed with status 0x%08lx\n", Status);
+    }
+
+done:
+    RtlReleaseResource(&SampResource);
+
+    return Status;
  }
  
  
@@ -3893,6 +4754,13 @@ SamrOpenAlias(IN SAMPR_HANDLE DomainHandle,
      TRACE("SamrOpenAlias(%p %lx %lx %p)\n",
            DomainHandle, DesiredAccess, AliasId, AliasHandle);
  
+    /* Map generic access rights */
+    RtlMapGenericMask(&DesiredAccess,
+                      &AliasMapping);
+
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
@@ -3901,7 +4769,7 @@ SamrOpenAlias(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Convert the RID into a string (hex) */
@@ -3911,18 +4779,22 @@ SamrOpenAlias(IN SAMPR_HANDLE DomainHandle,
      Status = SampOpenDbObject(DomainObject,
                                L"Aliases",
                                szRid,
+                              AliasId,
                                SamDbAliasObject,
                                DesiredAccess,
                                &AliasObject);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      *AliasHandle = (SAMPR_HANDLE)AliasObject;
  
-    return STATUS_SUCCESS;
+done:
+    RtlReleaseResource(&SampResource);
+
+    return Status;
  }
  
  
@@ -3989,8 +4861,7 @@ SampQueryAliasGeneral(PSAM_DB_OBJECT AliasObject,
      *Buffer = InfoBuffer;
  
  done:
-    if (MembersKeyHandle != NULL)
-        SampRegCloseKey(MembersKeyHandle);
+    SampRegCloseKey(&MembersKeyHandle);
  
      if (!NT_SUCCESS(Status))
      {
@@ -4103,13 +4974,16 @@ SamrQueryInformationAlias(IN SAMPR_HANDLE AliasHandle,
      TRACE("SamrQueryInformationAlias(%p %lu %p)\n",
            AliasHandle, AliasInformationClass, Buffer);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the alias handle */
      Status = SampValidateDbObject(AliasHandle,
                                    SamDbAliasObject,
                                    ALIAS_READ_INFORMATION,
                                    &AliasObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      switch (AliasInformationClass)
      {
@@ -4133,6 +5007,85 @@ SamrQueryInformationAlias(IN SAMPR_HANDLE AliasHandle,
              break;
      }
  
+done:
+    RtlReleaseResource(&SampResource);
+
+    return Status;
+}
+
+
+static NTSTATUS
+SampSetAliasName(PSAM_DB_OBJECT AliasObject,
+                 PSAMPR_ALIAS_INFO_BUFFER Buffer)
+{
+    UNICODE_STRING OldAliasName = {0, 0, NULL};
+    UNICODE_STRING NewAliasName;
+    NTSTATUS Status;
+
+    Status = SampGetObjectAttributeString(AliasObject,
+                                          L"Name",
+                                          (PRPC_UNICODE_STRING)&OldAliasName);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampGetObjectAttributeString failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Check the new account name */
+    Status = SampCheckAccountName(&Buffer->Name.Name, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
+    NewAliasName.Length = Buffer->Name.Name.Length;
+    NewAliasName.MaximumLength = Buffer->Name.Name.MaximumLength;
+    NewAliasName.Buffer = Buffer->Name.Name.Buffer;
+
+    if (!RtlEqualUnicodeString(&OldAliasName, &NewAliasName, TRUE))
+    {
+        Status = SampCheckAccountNameInDomain(AliasObject->ParentObject,
+                                              NewAliasName.Buffer);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Alias name \'%S\' already exists in domain (Status 0x%08lx)\n",
+                  NewAliasName.Buffer, Status);
+            goto done;
+        }
+    }
+
+    Status = SampSetAccountNameInDomain(AliasObject->ParentObject,
+                                        L"Aliases",
+                                        NewAliasName.Buffer,
+                                        AliasObject->RelativeId);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampSetAccountNameInDomain failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    Status = SampRemoveAccountNameFromDomain(AliasObject->ParentObject,
+                                             L"Aliases",
+                                             OldAliasName.Buffer);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampRemoveAccountNameFromDomain failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    Status = SampSetObjectAttributeString(AliasObject,
+                                          L"Name",
+                                          (PRPC_UNICODE_STRING)&NewAliasName);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampSetObjectAttribute failed (Status 0x%08lx)\n", Status);
+    }
+
+done:
+    if (OldAliasName.Buffer != NULL)
+        midl_user_free(OldAliasName.Buffer);
+
      return Status;
  }
  
@@ -4150,30 +5103,28 @@ SamrSetInformationAlias(IN SAMPR_HANDLE AliasHandle,
      TRACE("SamrSetInformationAlias(%p %lu %p)\n",
            AliasHandle, AliasInformationClass, Buffer);
  
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
      /* Validate the alias handle */
      Status = SampValidateDbObject(AliasHandle,
                                    SamDbAliasObject,
                                    ALIAS_WRITE_ACCOUNT,
                                    &AliasObject);
      if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
  
      switch (AliasInformationClass)
      {
          case AliasNameInformation:
-            Status = SampSetObjectAttribute(AliasObject,
-                                            L"Name",
-                                            REG_SZ,
-                                            Buffer->Name.Name.Buffer,
-                                            Buffer->Name.Name.Length + sizeof(WCHAR));
+            Status = SampSetAliasName(AliasObject,
+                                      Buffer);
              break;
  
          case AliasAdminCommentInformation:
-            Status = SampSetObjectAttribute(AliasObject,
-                                            L"Description",
-                                            REG_SZ,
-                                            Buffer->AdminComment.AdminComment.Buffer,
-                                            Buffer->AdminComment.AdminComment.Length + sizeof(WCHAR));
+            Status = SampSetObjectAttributeString(AliasObject,
+                                                  L"Description",
+                                                  &Buffer->AdminComment.AdminComment);
              break;
  
          default:
@@ -4181,6 +5132,9 @@ SamrSetInformationAlias(IN SAMPR_HANDLE AliasHandle,
              break;
      }
  
+done:
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
@@ -4189,221 +5143,131 @@ SamrSetInformationAlias(IN SAMPR_HANDLE AliasHandle,
  NTSTATUS
  NTAPI
  SamrDeleteAlias(IN OUT SAMPR_HANDLE *AliasHandle)
-{
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
-}
-
-
-/* Function 31 */
-NTSTATUS
-NTAPI
-SamrAddMemberToAlias(IN SAMPR_HANDLE AliasHandle,
-                     IN PRPC_SID MemberId)
  {
      PSAM_DB_OBJECT AliasObject;
-    LPWSTR MemberIdString = NULL;
-    HANDLE MembersKeyHandle = NULL;
-    HANDLE MemberKeyHandle = NULL;
-    ULONG MemberIdLength;
      NTSTATUS Status;
  
-    TRACE("SamrAddMemberToAlias(%p %p)\n",
-          AliasHandle, MemberId);
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
  
      /* Validate the alias handle */
-    Status = SampValidateDbObject(AliasHandle,
+    Status = SampValidateDbObject(*AliasHandle,
                                    SamDbAliasObject,
-                                  ALIAS_ADD_MEMBER,
+                                  DELETE,
                                    &AliasObject);
      if (!NT_SUCCESS(Status))
      {
-        TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
-    }
-
-    ConvertSidToStringSidW(MemberId, &MemberIdString);
-    TRACE("Member SID: %S\n", MemberIdString);
-
-    MemberIdLength = RtlLengthSid(MemberId);
-
-    Status = SampRegCreateKey(AliasObject->KeyHandle,
-                              L"Members",
-                              KEY_WRITE,
-                              &MembersKeyHandle);
-    if (!NT_SUCCESS(Status))
-    {
-        TRACE("SampRegCreateKey failed with status 0x%08lx\n", Status);
+        TRACE("SampValidateDbObject failed (Status 0x%08lx)\n", Status);
          goto done;
      }
  
-    Status = SampRegSetValue(MembersKeyHandle,
-                             MemberIdString,
-                             REG_BINARY,
-                             MemberId,
-                             MemberIdLength);
-    if (!NT_SUCCESS(Status))
+    /* Fail, if the alias is built-in */
+    if (AliasObject->RelativeId < 1000)
      {
-        TRACE("SampRegSetValue failed with status 0x%08lx\n", Status);
+        TRACE("You can not delete a special account!\n");
+        Status = STATUS_SPECIAL_ACCOUNT;
          goto done;
      }
  
-    Status = SampRegCreateKey(AliasObject->MembersKeyHandle,
-                              MemberIdString,
-                              KEY_WRITE,
-                              &MemberKeyHandle);
+    /* Remove all members from the alias */
+    Status = SampRemoveAllMembersFromAlias(AliasObject);
      if (!NT_SUCCESS(Status))
      {
-        TRACE("SampRegCreateKey failed with status 0x%08lx\n", Status);
+        TRACE("SampRemoveAllMembersFromAlias() failed (Status 0x%08lx)\n", Status);
          goto done;
      }
  
-    Status = SampRegSetValue(MemberKeyHandle,
-                             AliasObject->Name,
-                             REG_BINARY,
-                             MemberId,
-                             MemberIdLength);
+    /* Delete the alias from the database */
+    Status = SampDeleteAccountDbObject(AliasObject);
      if (!NT_SUCCESS(Status))
      {
-        TRACE("SampRegSetValue failed with status 0x%08lx\n", Status);
+        TRACE("SampDeleteAccountDbObject() failed (Status 0x%08lx)\n", Status);
          goto done;
      }
  
-done:
-    if (MemberKeyHandle != NULL)
-        SampRegCloseKey(MemberKeyHandle);
-
-    if (MembersKeyHandle != NULL)
-        SampRegCloseKey(MembersKeyHandle);
+    /* Invalidate the handle */
+    *AliasHandle = NULL;
  
-    if (MemberIdString != NULL)
-        LocalFree(MemberIdString);
+done:
+    RtlReleaseResource(&SampResource);
  
      return Status;
  }
  
  
-/* Function 32 */
+/* Function 31 */
  NTSTATUS
  NTAPI
-SamrRemoveMemberFromAlias(IN SAMPR_HANDLE AliasHandle,
-                          IN PRPC_SID MemberId)
+SamrAddMemberToAlias(IN SAMPR_HANDLE AliasHandle,
+                     IN PRPC_SID MemberId)
  {
      PSAM_DB_OBJECT AliasObject;
-    LPWSTR MemberIdString = NULL;
-    HANDLE MembersKeyHandle = NULL;
-    HANDLE MemberKeyHandle = NULL;
-    ULONG ulValueCount;
      NTSTATUS Status;
  
-    TRACE("SamrRemoveMemberFromAlias(%p %p)\n",
-          AliasHandle, MemberId);
+    TRACE("(%p %p)\n", AliasHandle, MemberId);
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
  
      /* Validate the alias handle */
      Status = SampValidateDbObject(AliasHandle,
                                    SamDbAliasObject,
-                                  ALIAS_REMOVE_MEMBER,
+                                  ALIAS_ADD_MEMBER,
                                    &AliasObject);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
-    }
-
-    ConvertSidToStringSidW(MemberId, &MemberIdString);
-    TRACE("Member SID: %S\n", MemberIdString);
-
-    Status = SampRegOpenKey(AliasObject->MembersKeyHandle,
-                            MemberIdString,
-                            KEY_WRITE | KEY_QUERY_VALUE,
-                            &MemberKeyHandle);
-    if (!NT_SUCCESS(Status))
-    {
-        TRACE("SampRegOpenKey failed with status 0x%08lx\n", Status);
          goto done;
      }
  
-    Status = SampRegDeleteValue(MemberKeyHandle,
-                                AliasObject->Name);
+    Status = SampAddMemberToAlias(AliasObject,
+                                  MemberId);
      if (!NT_SUCCESS(Status))
      {
-        TRACE("SampRegDeleteValue failed with status 0x%08lx\n", Status);
-        goto done;
+        TRACE("failed with status 0x%08lx\n", Status);
      }
  
-    Status = SampRegQueryKeyInfo(MemberKeyHandle,
-                                 NULL,
-                                 &ulValueCount);
-    if (!NT_SUCCESS(Status))
-    {
-        TRACE("SampRegQueryKeyInfo failed with status 0x%08lx\n", Status);
-        goto done;
-    }
+done:
+    RtlReleaseResource(&SampResource);
  
-    if (ulValueCount == 0)
-    {
-        SampRegCloseKey(MemberKeyHandle);
-        MemberKeyHandle = NULL;
+    return Status;
+}
  
-        Status = SampRegDeleteKey(AliasObject->MembersKeyHandle,
-                                  MemberIdString);
-        if (!NT_SUCCESS(Status))
-        {
-            TRACE("SampRegDeleteKey failed with status 0x%08lx\n", Status);
-            goto done;
-        }
-    }
  
-    Status = SampRegOpenKey(AliasObject->KeyHandle,
-                            L"Members",
-                            KEY_WRITE | KEY_QUERY_VALUE,
-                            &MembersKeyHandle);
-    if (!NT_SUCCESS(Status))
-    {
-        TRACE("SampRegOpenKey failed with status 0x%08lx\n", Status);
-        goto done;
-    }
+/* Function 32 */
+NTSTATUS
+NTAPI
+SamrRemoveMemberFromAlias(IN SAMPR_HANDLE AliasHandle,
+                          IN PRPC_SID MemberId)
+{
+    PSAM_DB_OBJECT AliasObject;
+    NTSTATUS Status;
  
-    Status = SampRegDeleteValue(MembersKeyHandle,
-                                MemberIdString);
-    if (!NT_SUCCESS(Status))
-    {
-        TRACE("SampRegDeleteValue failed with status 0x%08lx\n", Status);
-        goto done;
-    }
+    TRACE("(%p %p)\n", AliasHandle, MemberId);
  
-    Status = SampRegQueryKeyInfo(MembersKeyHandle,
-                                 NULL,
-                                 &ulValueCount);
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
+    /* Validate the alias handle */
+    Status = SampValidateDbObject(AliasHandle,
+                                  SamDbAliasObject,
+                                  ALIAS_REMOVE_MEMBER,
+                                  &AliasObject);
      if (!NT_SUCCESS(Status))
      {
-        TRACE("SampRegQueryKeyInfo failed with status 0x%08lx\n", Status);
+        TRACE("failed with status 0x%08lx\n", Status);
          goto done;
      }
  
-    if (ulValueCount == 0)
+    Status = SampRemoveMemberFromAlias(AliasObject,
+                                       MemberId);
+    if (!NT_SUCCESS(Status))
      {
-        SampRegCloseKey(MembersKeyHandle);
-        MembersKeyHandle = NULL;
-
-        Status = SampRegDeleteKey(AliasObject->KeyHandle,
-                                  L"Members");
-        if (!NT_SUCCESS(Status))
-        {
-            TRACE("SampRegDeleteKey failed with status 0x%08lx\n", Status);
-            goto done;
-        }
+        TRACE("failed with status 0x%08lx\n", Status);
      }
  
  done:
-    if (MemberKeyHandle != NULL)
-        SampRegCloseKey(MemberKeyHandle);
-
-    if (MembersKeyHandle != NULL)
-        SampRegCloseKey(MembersKeyHandle);
-
-    if (MemberIdString != NULL)
-        LocalFree(MemberIdString);
+    RtlReleaseResource(&SampResource);
  
      return Status;
  }
@@ -4416,16 +5280,17 @@ SamrGetMembersInAlias(IN SAMPR_HANDLE AliasHandle,
                        OUT PSAMPR_PSID_ARRAY_OUT Members)
  {
      PSAM_DB_OBJECT AliasObject;
-    HANDLE MembersKeyHandle = NULL;
      PSAMPR_SID_INFORMATION MemberArray = NULL;
-    ULONG ValueCount = 0;
-    ULONG DataLength;
+    ULONG MemberCount = 0;
      ULONG Index;
      NTSTATUS Status;
  
      TRACE("SamrGetMembersInAlias(%p %p %p)\n",
            AliasHandle, Members);
  
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the alias handle */
      Status = SampValidateDbObject(AliasHandle,
                                    SamDbAliasObject,
@@ -4434,86 +5299,17 @@ SamrGetMembersInAlias(IN SAMPR_HANDLE AliasHandle,
      if (!NT_SUCCESS(Status))
      {
          ERR("failed with status 0x%08lx\n", Status);
-        return Status;
-    }
-
-    /* Open the members key of the alias objct */
-    Status = SampRegOpenKey(AliasObject->KeyHandle,
-                            L"Members",
-                            KEY_READ,
-                            &MembersKeyHandle);
-    if (!NT_SUCCESS(Status))
-    {
-        ERR("SampRegOpenKey failed with status 0x%08lx\n", Status);
-        return Status;
-    }
-
-    /* Get the number of members */
-    Status = SampRegQueryKeyInfo(MembersKeyHandle,
-                                 NULL,
-                                 &ValueCount);
-    if (!NT_SUCCESS(Status))
-    {
-        ERR("SampRegQueryKeyInfo failed with status 0x%08lx\n", Status);
-        goto done;
-    }
-
-    /* Allocate the member array */
-    MemberArray = midl_user_allocate(ValueCount * sizeof(SAMPR_SID_INFORMATION));
-    if (MemberArray == NULL)
-    {
-        Status = STATUS_INSUFFICIENT_RESOURCES;
          goto done;
      }
  
-    /* Enumerate the members */
-    Index = 0;
-    while (TRUE)
-    {
-        /* Get the size of the next SID */
-        DataLength = 0;
-        Status = SampRegEnumerateValue(MembersKeyHandle,
-                                       Index,
-                                       NULL,
-                                       NULL,
-                                       NULL,
-                                       NULL,
-                                       &DataLength);
-        if (!NT_SUCCESS(Status))
-        {
-            if (Status == STATUS_NO_MORE_ENTRIES)
-                Status = STATUS_SUCCESS;
-            break;
-        }
-
-        /* Allocate a buffer for the SID */
-        MemberArray[Index].SidPointer = midl_user_allocate(DataLength);
-        if (MemberArray[Index].SidPointer == NULL)
-        {
-            Status = STATUS_INSUFFICIENT_RESOURCES;
-            goto done;
-        }
-
-        /* Read the SID into the buffer */
-        Status = SampRegEnumerateValue(MembersKeyHandle,
-                                       Index,
-                                       NULL,
-                                       NULL,
-                                       NULL,
-                                       (PVOID)MemberArray[Index].SidPointer,
-                                       &DataLength);
-        if (!NT_SUCCESS(Status))
-        {
-            goto done;
-        }
-
-        Index++;
-    }
+    Status = SampGetMembersInAlias(AliasObject,
+                                   &MemberCount,
+                                   &MemberArray);
  
      /* Return the number of members and the member array */
      if (NT_SUCCESS(Status))
      {
-        Members->Count = ValueCount;
+        Members->Count = MemberCount;
          Members->Sids = MemberArray;
      }
  
@@ -4523,7 +5319,7 @@ done:
      {
          if (MemberArray != NULL)
          {
-            for (Index = 0; Index < ValueCount; Index++)
+            for (Index = 0; Index < MemberCount; Index++)
              {
                  if (MemberArray[Index].SidPointer != NULL)
                      midl_user_free(MemberArray[Index].SidPointer);
@@ -4533,9 +5329,7 @@ done:
          }
      }
  
-    /* Close the members key */
-    if (MembersKeyHandle != NULL)
-        SampRegCloseKey(MembersKeyHandle);
+    RtlReleaseResource(&SampResource);
  
      return Status;
  }
@@ -4557,6 +5351,13 @@ SamrOpenUser(IN SAMPR_HANDLE DomainHandle,
      TRACE("SamrOpenUser(%p %lx %lx %p)\n",
            DomainHandle, DesiredAccess, UserId, UserHandle);
  
+    /* Map generic access rights */
+    RtlMapGenericMask(&DesiredAccess,
+                      &UserMapping);
+
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
@@ -4565,7 +5366,7 @@ SamrOpenUser(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Convert the RID into a string (hex) */
@@ -4575,18 +5376,22 @@ SamrOpenUser(IN SAMPR_HANDLE DomainHandle,
      Status = SampOpenDbObject(DomainObject,
                                L"Users",
                                szRid,
+                              UserId,
                                SamDbUserObject,
                                DesiredAccess,
                                &UserObject);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      *UserHandle = (SAMPR_HANDLE)UserObject;
  
-    return STATUS_SUCCESS;
+done:
+    RtlReleaseResource(&SampResource);
+
+    return Status;
  }
  
  
@@ -4595,39 +5400,95 @@ NTSTATUS
  NTAPI
  SamrDeleteUser(IN OUT SAMPR_HANDLE *UserHandle)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
-}
-
-
-static
-NTSTATUS
-SampQueryUserGeneral(PSAM_DB_OBJECT UserObject,
-                     PSAMPR_USER_INFO_BUFFER *Buffer)
-{
-    PSAMPR_USER_INFO_BUFFER InfoBuffer = NULL;
-    SAM_USER_FIXED_DATA FixedData;
-    ULONG Length = 0;
+    PSAM_DB_OBJECT UserObject;
      NTSTATUS Status;
  
-    *Buffer = NULL;
+    TRACE("(%p)\n", UserHandle);
  
-    InfoBuffer = midl_user_allocate(sizeof(SAMPR_USER_INFO_BUFFER));
-    if (InfoBuffer == NULL)
-        return STATUS_INSUFFICIENT_RESOURCES;
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
  
-    Length = sizeof(SAM_USER_FIXED_DATA);
-    Status = SampGetObjectAttribute(UserObject,
-                                    L"F",
-                                    NULL,
-                                    (PVOID)&FixedData,
-                                    &Length);
+    /* Validate the user handle */
+    Status = SampValidateDbObject(*UserHandle,
+                                  SamDbUserObject,
+                                  DELETE,
+                                  &UserObject);
      if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampValidateDbObject() failed (Status 0x%08lx)\n", Status);
          goto done;
+    }
  
-    InfoBuffer->General.PrimaryGroupId = FixedData.PrimaryGroupId;
+    /* Fail, if the user is built-in */
+    if (UserObject->RelativeId < 1000)
+    {
+        TRACE("You can not delete a special account!\n");
+        Status = STATUS_SPECIAL_ACCOUNT;
+        goto done;
+    }
  
-    /* Get the Name string */
+    /* Remove the user from all groups */
+    Status = SampRemoveUserFromAllGroups(UserObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampRemoveUserFromAllGroups() failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Remove the user from all aliases */
+    Status = SampRemoveUserFromAllAliases(UserObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampRemoveUserFromAllAliases() failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Delete the user from the database */
+    Status = SampDeleteAccountDbObject(UserObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampDeleteAccountDbObject() failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Invalidate the handle */
+    *UserHandle = NULL;
+
+done:
+    RtlReleaseResource(&SampResource);
+
+    return Status;
+}
+
+
+static
+NTSTATUS
+SampQueryUserGeneral(PSAM_DB_OBJECT UserObject,
+                     PSAMPR_USER_INFO_BUFFER *Buffer)
+{
+    PSAMPR_USER_INFO_BUFFER InfoBuffer = NULL;
+    SAM_USER_FIXED_DATA FixedData;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    *Buffer = NULL;
+
+    InfoBuffer = midl_user_allocate(sizeof(SAMPR_USER_INFO_BUFFER));
+    if (InfoBuffer == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    Length = sizeof(SAM_USER_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&FixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    InfoBuffer->General.PrimaryGroupId = FixedData.PrimaryGroupId;
+
+    /* Get the Name string */
      Status = SampGetObjectAttributeString(UserObject,
                                            L"Name",
                                            &InfoBuffer->General.UserName);
@@ -4756,7 +5617,10 @@ SampQueryUserLogon(PSAM_DB_OBJECT UserObject,
                     PSAMPR_USER_INFO_BUFFER *Buffer)
  {
      PSAMPR_USER_INFO_BUFFER InfoBuffer = NULL;
+    SAM_DOMAIN_FIXED_DATA DomainFixedData;
      SAM_USER_FIXED_DATA FixedData;
+    LARGE_INTEGER PasswordCanChange;
+    LARGE_INTEGER PasswordMustChange;
      ULONG Length = 0;
      NTSTATUS Status;
  
@@ -4766,6 +5630,17 @@ SampQueryUserLogon(PSAM_DB_OBJECT UserObject,
      if (InfoBuffer == NULL)
          return STATUS_INSUFFICIENT_RESOURCES;
  
+    /* Get the fixed size domain data */
+    Length = sizeof(SAM_DOMAIN_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject->ParentObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&DomainFixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    /* Get the fixed size user data */
      Length = sizeof(SAM_USER_FIXED_DATA);
      Status = SampGetObjectAttribute(UserObject,
                                      L"F",
@@ -4787,8 +5662,15 @@ SampQueryUserLogon(PSAM_DB_OBJECT UserObject,
      InfoBuffer->Logon.LogonCount = FixedData.LogonCount;
      InfoBuffer->Logon.UserAccountControl = FixedData.UserAccountControl;
  
-//  OLD_LARGE_INTEGER PasswordCanChange;
-//  OLD_LARGE_INTEGER PasswordMustChange;
+    PasswordCanChange = SampAddRelativeTimeToTime(FixedData.PasswordLastSet,
+                                                  DomainFixedData.MinPasswordAge);
+    InfoBuffer->Logon.PasswordCanChange.LowPart = PasswordCanChange.LowPart;
+    InfoBuffer->Logon.PasswordCanChange.HighPart = PasswordCanChange.HighPart;
+
+    PasswordMustChange = SampAddRelativeTimeToTime(FixedData.PasswordLastSet,
+                                                   DomainFixedData.MaxPasswordAge);
+    InfoBuffer->Logon.PasswordMustChange.LowPart = PasswordMustChange.LowPart;
+    InfoBuffer->Logon.PasswordMustChange.HighPart = PasswordMustChange.HighPart;
  
      /* Get the Name string */
      Status = SampGetObjectAttributeString(UserObject,
@@ -4860,7 +5742,14 @@ SampQueryUserLogon(PSAM_DB_OBJECT UserObject,
          goto done;
      }
  
-    /* FIXME: LogonHours */
+    /* Get the LogonHours attribute */
+    Status = SampGetLogonHoursAttrbute(UserObject,
+                                       &InfoBuffer->Logon.LogonHours);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("Status 0x%08lx\n", Status);
+        goto done;
+    }
  
      *Buffer = InfoBuffer;
  
@@ -5020,7 +5909,14 @@ SampQueryUserAccount(PSAM_DB_OBJECT UserObject,
          goto done;
      }
  
-    /* FIXME: LogonHours */
+    /* Get the LogonHours attribute */
+    Status = SampGetLogonHoursAttrbute(UserObject,
+                                       &InfoBuffer->Account.LogonHours);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("Status 0x%08lx\n", Status);
+        goto done;
+    }
  
      *Buffer = InfoBuffer;
  
@@ -5063,7 +5959,51 @@ done:
      return Status;
  }
  
-/* FIXME: SampQueryUserLogonHours */
+
+static
+NTSTATUS
+SampQueryUserLogonHours(PSAM_DB_OBJECT UserObject,
+                        PSAMPR_USER_INFO_BUFFER *Buffer)
+{
+    PSAMPR_USER_INFO_BUFFER InfoBuffer = NULL;
+    NTSTATUS Status;
+
+    TRACE("(%p %p)\n", UserObject, Buffer);
+
+    *Buffer = NULL;
+
+    InfoBuffer = midl_user_allocate(sizeof(SAMPR_USER_INFO_BUFFER));
+    if (InfoBuffer == NULL)
+    {
+        TRACE("Failed to allocate InfoBuffer!\n");
+        return STATUS_INSUFFICIENT_RESOURCES;
+    }
+
+    Status = SampGetLogonHoursAttrbute(UserObject,
+                                       &InfoBuffer->LogonHours.LogonHours);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampGetLogonHoursAttrbute failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    *Buffer = InfoBuffer;
+
+done:
+    if (!NT_SUCCESS(Status))
+    {
+        if (InfoBuffer != NULL)
+        {
+            if (InfoBuffer->LogonHours.LogonHours.LogonHours != NULL)
+                midl_user_free(InfoBuffer->LogonHours.LogonHours.LogonHours);
+
+            midl_user_free(InfoBuffer);
+        }
+    }
+
+    return Status;
+}
+
  
  static
  NTSTATUS
@@ -5547,634 +6487,2063 @@ done:
  }
  
  
-/* Function 36 */
+static
  NTSTATUS
-NTAPI
-SamrQueryInformationUser(IN SAMPR_HANDLE UserHandle,
-                         IN USER_INFORMATION_CLASS UserInformationClass,
-                         OUT PSAMPR_USER_INFO_BUFFER *Buffer)
+SampQueryUserInternal1(PSAM_DB_OBJECT UserObject,
+                       PSAMPR_USER_INFO_BUFFER *Buffer)
  {
-    PSAM_DB_OBJECT UserObject;
-    ACCESS_MASK DesiredAccess;
-    NTSTATUS Status;
+    PSAMPR_USER_INFO_BUFFER InfoBuffer = NULL;
+    ULONG Length = 0;
+    NTSTATUS Status = STATUS_SUCCESS;
  
-    TRACE("SamrQueryInformationUser(%p %lu %p)\n",
-          UserHandle, UserInformationClass, Buffer);
+    /* Fail, if the caller is not a trusted caller */
+    if (UserObject->Trusted == FALSE)
+        return STATUS_INVALID_INFO_CLASS;
  
-    switch (UserInformationClass)
-    {
-        case UserGeneralInformation:
-        case UserNameInformation:
-        case UserAccountNameInformation:
-        case UserFullNameInformation:
-        case UserPrimaryGroupInformation:
-        case UserAdminCommentInformation:
-            DesiredAccess = USER_READ_GENERAL;
-            break;
+    *Buffer = NULL;
  
-        case UserLogonHoursInformation:
-        case UserHomeInformation:
-        case UserScriptInformation:
-        case UserProfileInformation:
-        case UserWorkStationsInformation:
-            DesiredAccess = USER_READ_LOGON;
-            break;
+    InfoBuffer = midl_user_allocate(sizeof(SAMPR_USER_INFO_BUFFER));
+    if (InfoBuffer == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
  
-        case UserControlInformation:
-        case UserExpiresInformation:
-            DesiredAccess = USER_READ_ACCOUNT;
-            break;
+    InfoBuffer->Internal1.LmPasswordPresent = FALSE;
+    InfoBuffer->Internal1.NtPasswordPresent = FALSE;
  
-        case UserPreferencesInformation:
-            DesiredAccess = USER_READ_GENERAL |
-                            USER_READ_PREFERENCES;
-            break;
+    /* Get the NT password */
+    Length = 0;
+    SampGetObjectAttribute(UserObject,
+                           L"NTPwd",
+                           NULL,
+                           NULL,
+                           &Length);
  
-        case UserLogonInformation:
-        case UserAccountInformation:
-            DesiredAccess = USER_READ_GENERAL |
-                            USER_READ_PREFERENCES |
-                            USER_READ_LOGON |
-                            USER_READ_ACCOUNT;
-            break;
+    if (Length == sizeof(ENCRYPTED_NT_OWF_PASSWORD))
+    {
+        Status = SampGetObjectAttribute(UserObject,
+                                        L"NTPwd",
+                                        NULL,
+                                        (PVOID)&InfoBuffer->Internal1.EncryptedNtOwfPassword,
+                                        &Length);
+        if (!NT_SUCCESS(Status))
+            goto done;
  
-        default:
-            return STATUS_INVALID_INFO_CLASS;
+        if (memcmp(&InfoBuffer->Internal1.EncryptedNtOwfPassword,
+                   &EmptyNtHash,
+                   sizeof(ENCRYPTED_NT_OWF_PASSWORD)))
+            InfoBuffer->Internal1.NtPasswordPresent = TRUE;
      }
  
-    /* Validate the domain handle */
-    Status = SampValidateDbObject(UserHandle,
-                                  SamDbUserObject,
-                                  DesiredAccess,
-                                  &UserObject);
-    if (!NT_SUCCESS(Status))
+
+    /* Get the LM password */
+    Length = 0;
+    SampGetObjectAttribute(UserObject,
+                           L"LMPwd",
+                           NULL,
+                           NULL,
+                           &Length);
+
+    if (Length == sizeof(ENCRYPTED_LM_OWF_PASSWORD))
      {
-        TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        Status = SampGetObjectAttribute(UserObject,
+                                        L"LMPwd",
+                                        NULL,
+                                        (PVOID)&InfoBuffer->Internal1.EncryptedLmOwfPassword,
+                                        &Length);
+        if (!NT_SUCCESS(Status))
+            goto done;
+
+        if (memcmp(&InfoBuffer->Internal1.EncryptedLmOwfPassword,
+                   &EmptyLmHash,
+                   sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
+            InfoBuffer->Internal1.LmPasswordPresent = TRUE;
      }
  
-    switch (UserInformationClass)
+    InfoBuffer->Internal1.PasswordExpired = FALSE;
+
+    *Buffer = InfoBuffer;
+
+done:
+    if (!NT_SUCCESS(Status))
      {
-        case UserGeneralInformation:
-            Status = SampQueryUserGeneral(UserObject,
-                                          Buffer);
-            break;
+        if (InfoBuffer != NULL)
+        {
+            midl_user_free(InfoBuffer);
+        }
+    }
  
-        case UserPreferencesInformation:
-            Status = SampQueryUserPreferences(UserObject,
-                                              Buffer);
-            break;
+    return Status;
+}
  
-        case UserLogonInformation:
-            Status = SampQueryUserLogon(UserObject,
-                                        Buffer);
-            break;
  
-//        case UserLogonHoursInformation:
-//            Status = SampQueryUserLogonHours(UserObject,
-//                                             Buffer);
-//            break;
+static NTSTATUS
+SampQueryUserParameters(PSAM_DB_OBJECT UserObject,
+                        PSAMPR_USER_INFO_BUFFER *Buffer)
+{
+    PSAMPR_USER_INFO_BUFFER InfoBuffer = NULL;
+    NTSTATUS Status;
  
-        case UserAccountInformation:
-            Status = SampQueryUserAccount(UserObject,
-                                          Buffer);
-            break;
+    *Buffer = NULL;
  
-        case UserNameInformation:
-            Status = SampQueryUserName(UserObject,
-                                       Buffer);
-            break;
+    InfoBuffer = midl_user_allocate(sizeof(SAMPR_USER_INFO_BUFFER));
+    if (InfoBuffer == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
  
-        case UserAccountNameInformation:
-            Status = SampQueryUserAccountName(UserObject,
-                                              Buffer);
-            break;
+    /* Get the Parameters string */
+    Status = SampGetObjectAttributeString(UserObject,
+                                          L"Parameters",
+                                          &InfoBuffer->Parameters.Parameters);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("Status 0x%08lx\n", Status);
+        goto done;
+    }
  
-        case UserFullNameInformation:
-            Status = SampQueryUserFullName(UserObject,
-                                           Buffer);
-            break;
+    *Buffer = InfoBuffer;
  
-        case UserPrimaryGroupInformation:
-            Status = SampQueryUserPrimaryGroup(UserObject,
-                                               Buffer);
-            break;
+done:
+    if (!NT_SUCCESS(Status))
+    {
+        if (InfoBuffer != NULL)
+        {
+            if (InfoBuffer->Parameters.Parameters.Buffer != NULL)
+                midl_user_free(InfoBuffer->Parameters.Parameters.Buffer);
  
-        case UserHomeInformation:
-            Status = SampQueryUserHome(UserObject,
-                                       Buffer);
+            midl_user_free(InfoBuffer);
+        }
+    }
  
-        case UserScriptInformation:
-            Status = SampQueryUserScript(UserObject,
-                                         Buffer);
-            break;
+    return Status;
+}
  
-        case UserProfileInformation:
-            Status = SampQueryUserProfile(UserObject,
-                                          Buffer);
-            break;
  
-        case UserAdminCommentInformation:
-            Status = SampQueryUserAdminComment(UserObject,
-                                               Buffer);
+static NTSTATUS
+SampQueryUserAll(PSAM_DB_OBJECT UserObject,
+                 PSAMPR_USER_INFO_BUFFER *Buffer)
+{
+    PSAMPR_USER_INFO_BUFFER InfoBuffer = NULL;
+    SAM_DOMAIN_FIXED_DATA DomainFixedData;
+    SAM_USER_FIXED_DATA FixedData;
+    LARGE_INTEGER PasswordCanChange;
+    LARGE_INTEGER PasswordMustChange;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    *Buffer = NULL;
+
+    InfoBuffer = midl_user_allocate(sizeof(SAMPR_USER_INFO_BUFFER));
+    if (InfoBuffer == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    /* Get the fixed size domain data */
+    Length = sizeof(SAM_DOMAIN_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject->ParentObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&DomainFixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    /* Get the fixed size user data */
+    Length = sizeof(SAM_USER_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&FixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    /* Set the fields to be returned */
+    if (UserObject->Trusted)
+    {
+        InfoBuffer->All.WhichFields = USER_ALL_READ_GENERAL_MASK |
+                                      USER_ALL_READ_LOGON_MASK |
+                                      USER_ALL_READ_ACCOUNT_MASK |
+                                      USER_ALL_READ_PREFERENCES_MASK |
+                                      USER_ALL_READ_TRUSTED_MASK;
+    }
+    else
+    {
+        InfoBuffer->All.WhichFields = 0;
+
+        if (UserObject->Access & USER_READ_GENERAL)
+            InfoBuffer->All.WhichFields |= USER_ALL_READ_GENERAL_MASK;
+
+        if (UserObject->Access & USER_READ_LOGON)
+            InfoBuffer->All.WhichFields |= USER_ALL_READ_LOGON_MASK;
+
+        if (UserObject->Access & USER_READ_ACCOUNT)
+            InfoBuffer->All.WhichFields |= USER_ALL_READ_ACCOUNT_MASK;
+
+        if (UserObject->Access & USER_READ_PREFERENCES)
+            InfoBuffer->All.WhichFields |= USER_ALL_READ_PREFERENCES_MASK;
+    }
+
+    /* Fail, if no fields are to be returned */
+    if (InfoBuffer->All.WhichFields == 0)
+    {
+        Status = STATUS_ACCESS_DENIED;
+        goto done;
+    }
+
+    /* Get the UserName attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_USERNAME)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"Name",
+                                              &InfoBuffer->All.UserName);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the FullName attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_FULLNAME)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"FullName",
+                                              &InfoBuffer->All.FullName);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the UserId attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_USERID)
+    {
+        InfoBuffer->All.UserId = FixedData.UserId;
+    }
+
+    /* Get the PrimaryGroupId attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_PRIMARYGROUPID)
+    {
+        InfoBuffer->All.PrimaryGroupId = FixedData.PrimaryGroupId;
+    }
+
+    /* Get the AdminComment attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_ADMINCOMMENT)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"AdminComment",
+                                              &InfoBuffer->All.AdminComment);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the UserComment attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_USERCOMMENT)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"UserComment",
+                                              &InfoBuffer->All.UserComment);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the HomeDirectory attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_HOMEDIRECTORY)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"HomeDirectory",
+                                              &InfoBuffer->All.HomeDirectory);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the HomeDirectoryDrive attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_HOMEDIRECTORYDRIVE)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"HomeDirectoryDrive",
+                                              &InfoBuffer->Home.HomeDirectoryDrive);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the ScriptPath attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_SCRIPTPATH)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"ScriptPath",
+                                              &InfoBuffer->All.ScriptPath);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the ProfilePath attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_PROFILEPATH)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"ProfilePath",
+                                              &InfoBuffer->All.ProfilePath);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the WorkStations attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_WORKSTATIONS)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"WorkStations",
+                                              &InfoBuffer->All.WorkStations);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the LastLogon attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_LASTLOGON)
+    {
+        InfoBuffer->All.LastLogon.LowPart = FixedData.LastLogon.LowPart;
+        InfoBuffer->All.LastLogon.HighPart = FixedData.LastLogon.HighPart;
+    }
+
+    /* Get the LastLogoff attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_LASTLOGOFF)
+    {
+        InfoBuffer->All.LastLogoff.LowPart = FixedData.LastLogoff.LowPart;
+        InfoBuffer->All.LastLogoff.HighPart = FixedData.LastLogoff.HighPart;
+    }
+
+    /* Get the LogonHours attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_LOGONHOURS)
+    {
+        Status = SampGetLogonHoursAttrbute(UserObject,
+                                           &InfoBuffer->All.LogonHours);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the BadPasswordCount attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_BADPASSWORDCOUNT)
+    {
+        InfoBuffer->All.BadPasswordCount = FixedData.BadPasswordCount;
+    }
+
+    /* Get the LogonCount attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_LOGONCOUNT)
+    {
+        InfoBuffer->All.LogonCount = FixedData.LogonCount;
+    }
+
+    /* Get the PasswordCanChange attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_PASSWORDCANCHANGE)
+    {
+        PasswordCanChange = SampAddRelativeTimeToTime(FixedData.PasswordLastSet,
+                                                      DomainFixedData.MinPasswordAge);
+        InfoBuffer->All.PasswordCanChange.LowPart = PasswordCanChange.LowPart;
+        InfoBuffer->All.PasswordCanChange.HighPart = PasswordCanChange.HighPart;
+    }
+
+    /* Get the PasswordMustChange attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_PASSWORDMUSTCHANGE)
+    {
+        PasswordMustChange = SampAddRelativeTimeToTime(FixedData.PasswordLastSet,
+                                                       DomainFixedData.MaxPasswordAge);
+        InfoBuffer->All.PasswordMustChange.LowPart = PasswordMustChange.LowPart;
+        InfoBuffer->All.PasswordMustChange.HighPart = PasswordMustChange.HighPart;
+    }
+
+    /* Get the PasswordLastSet attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_PASSWORDLASTSET)
+    {
+        InfoBuffer->All.PasswordLastSet.LowPart = FixedData.PasswordLastSet.LowPart;
+        InfoBuffer->All.PasswordLastSet.HighPart = FixedData.PasswordLastSet.HighPart;
+    }
+
+    /* Get the AccountExpires attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_ACCOUNTEXPIRES)
+    {
+        InfoBuffer->All.AccountExpires.LowPart = FixedData.AccountExpires.LowPart;
+        InfoBuffer->All.AccountExpires.HighPart = FixedData.AccountExpires.HighPart;
+    }
+
+    /* Get the UserAccountControl attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_USERACCOUNTCONTROL)
+    {
+        InfoBuffer->All.UserAccountControl = FixedData.UserAccountControl;
+    }
+
+    /* Get the Parameters attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_PARAMETERS)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"Parameters",
+                                              &InfoBuffer->All.Parameters);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    /* Get the CountryCode attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_COUNTRYCODE)
+    {
+        InfoBuffer->All.CountryCode = FixedData.CountryCode;
+    }
+
+    /* Get the CodePage attribute */
+    if (InfoBuffer->All.WhichFields & USER_ALL_CODEPAGE)
+    {
+        InfoBuffer->All.CodePage = FixedData.CodePage;
+    }
+
+    /* Get the LmPassword and NtPassword attributes */
+    if (InfoBuffer->All.WhichFields & (USER_ALL_NTPASSWORDPRESENT | USER_ALL_LMPASSWORDPRESENT))
+    {
+        InfoBuffer->All.LmPasswordPresent = FALSE;
+        InfoBuffer->All.NtPasswordPresent = FALSE;
+
+        /* Get the NT password */
+        Length = 0;
+        SampGetObjectAttribute(UserObject,
+                               L"NTPwd",
+                               NULL,
+                               NULL,
+                               &Length);
+
+        if (Length == sizeof(ENCRYPTED_NT_OWF_PASSWORD))
+        {
+            InfoBuffer->All.NtOwfPassword.Buffer = midl_user_allocate(sizeof(ENCRYPTED_NT_OWF_PASSWORD));
+            if (InfoBuffer->All.NtOwfPassword.Buffer == NULL)
+            {
+                Status = STATUS_INSUFFICIENT_RESOURCES;
+                goto done;
+            }
+
+            InfoBuffer->All.NtOwfPassword.Length = sizeof(ENCRYPTED_NT_OWF_PASSWORD);
+            InfoBuffer->All.NtOwfPassword.MaximumLength = sizeof(ENCRYPTED_NT_OWF_PASSWORD);
+
+            Status = SampGetObjectAttribute(UserObject,
+                                            L"NTPwd",
+                                            NULL,
+                                            (PVOID)InfoBuffer->All.NtOwfPassword.Buffer,
+                                            &Length);
+            if (!NT_SUCCESS(Status))
+                goto done;
+
+            if (memcmp(InfoBuffer->All.NtOwfPassword.Buffer,
+                       &EmptyNtHash,
+                       sizeof(ENCRYPTED_NT_OWF_PASSWORD)))
+                InfoBuffer->All.NtPasswordPresent = TRUE;
+        }
+
+        /* Get the LM password */
+        Length = 0;
+        SampGetObjectAttribute(UserObject,
+                               L"LMPwd",
+                               NULL,
+                               NULL,
+                               &Length);
+
+        if (Length == sizeof(ENCRYPTED_LM_OWF_PASSWORD))
+        {
+            InfoBuffer->All.LmOwfPassword.Buffer = midl_user_allocate(sizeof(ENCRYPTED_LM_OWF_PASSWORD));
+            if (InfoBuffer->All.LmOwfPassword.Buffer == NULL)
+            {
+                Status = STATUS_INSUFFICIENT_RESOURCES;
+                goto done;
+            }
+
+            InfoBuffer->All.LmOwfPassword.Length = sizeof(ENCRYPTED_LM_OWF_PASSWORD);
+            InfoBuffer->All.LmOwfPassword.MaximumLength = sizeof(ENCRYPTED_LM_OWF_PASSWORD);
+
+            Status = SampGetObjectAttribute(UserObject,
+                                            L"LMPwd",
+                                            NULL,
+                                            (PVOID)InfoBuffer->All.LmOwfPassword.Buffer,
+                                            &Length);
+            if (!NT_SUCCESS(Status))
+                goto done;
+
+            if (memcmp(InfoBuffer->All.LmOwfPassword.Buffer,
+                       &EmptyLmHash,
+                       sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
+                InfoBuffer->All.LmPasswordPresent = TRUE;
+        }
+    }
+
+    if (InfoBuffer->All.WhichFields & USER_ALL_PRIVATEDATA)
+    {
+        Status = SampGetObjectAttributeString(UserObject,
+                                              L"PrivateData",
+                                              &InfoBuffer->All.PrivateData);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("Status 0x%08lx\n", Status);
+            goto done;
+        }
+    }
+
+    if (InfoBuffer->All.WhichFields & USER_ALL_PASSWORDEXPIRED)
+    {
+        /* FIXME */
+    }
+
+    if (InfoBuffer->All.WhichFields & USER_ALL_SECURITYDESCRIPTOR)
+    {
+        Length = 0;
+        SampGetObjectAttribute(UserObject,
+                               L"SecDesc",
+                               NULL,
+                               NULL,
+                               &Length);
+
+        if (Length > 0)
+        {
+            InfoBuffer->All.SecurityDescriptor.SecurityDescriptor = midl_user_allocate(Length);
+            if (InfoBuffer->All.SecurityDescriptor.SecurityDescriptor == NULL)
+            {
+                Status = STATUS_INSUFFICIENT_RESOURCES;
+                goto done;
+            }
+
+            InfoBuffer->All.SecurityDescriptor.Length = Length;
+
+            Status = SampGetObjectAttribute(UserObject,
+                                            L"SecDesc",
+                                            NULL,
+                                            (PVOID)InfoBuffer->All.SecurityDescriptor.SecurityDescriptor,
+                                            &Length);
+            if (!NT_SUCCESS(Status))
+                goto done;
+        }
+    }
+
+    *Buffer = InfoBuffer;
+
+done:
+    if (!NT_SUCCESS(Status))
+    {
+        if (InfoBuffer != NULL)
+        {
+            if (InfoBuffer->All.UserName.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.UserName.Buffer);
+
+            if (InfoBuffer->All.FullName.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.FullName.Buffer);
+
+            if (InfoBuffer->All.AdminComment.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.AdminComment.Buffer);
+
+            if (InfoBuffer->All.UserComment.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.UserComment.Buffer);
+
+            if (InfoBuffer->All.HomeDirectory.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.HomeDirectory.Buffer);
+
+            if (InfoBuffer->All.HomeDirectoryDrive.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.HomeDirectoryDrive.Buffer);
+
+            if (InfoBuffer->All.ScriptPath.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.ScriptPath.Buffer);
+
+            if (InfoBuffer->All.ProfilePath.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.ProfilePath.Buffer);
+
+            if (InfoBuffer->All.WorkStations.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.WorkStations.Buffer);
+
+            if (InfoBuffer->All.LogonHours.LogonHours != NULL)
+                midl_user_free(InfoBuffer->All.LogonHours.LogonHours);
+
+            if (InfoBuffer->All.Parameters.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.Parameters.Buffer);
+
+            if (InfoBuffer->All.LmOwfPassword.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.LmOwfPassword.Buffer);
+
+            if (InfoBuffer->All.NtOwfPassword.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.NtOwfPassword.Buffer);
+
+            if (InfoBuffer->All.PrivateData.Buffer != NULL)
+                midl_user_free(InfoBuffer->All.PrivateData.Buffer);
+
+            if (InfoBuffer->All.SecurityDescriptor.SecurityDescriptor != NULL)
+                midl_user_free(InfoBuffer->All.SecurityDescriptor.SecurityDescriptor);
+
+            midl_user_free(InfoBuffer);
+        }
+    }
+
+    return Status;
+}
+
+
+/* Function 36 */
+NTSTATUS
+NTAPI
+SamrQueryInformationUser(IN SAMPR_HANDLE UserHandle,
+                         IN USER_INFORMATION_CLASS UserInformationClass,
+                         OUT PSAMPR_USER_INFO_BUFFER *Buffer)
+{
+    PSAM_DB_OBJECT UserObject;
+    ACCESS_MASK DesiredAccess;
+    NTSTATUS Status;
+
+    TRACE("SamrQueryInformationUser(%p %lu %p)\n",
+          UserHandle, UserInformationClass, Buffer);
+
+    switch (UserInformationClass)
+    {
+        case UserGeneralInformation:
+        case UserNameInformation:
+        case UserAccountNameInformation:
+        case UserFullNameInformation:
+        case UserPrimaryGroupInformation:
+        case UserAdminCommentInformation:
+            DesiredAccess = USER_READ_GENERAL;
+            break;
+
+        case UserLogonHoursInformation:
+        case UserHomeInformation:
+        case UserScriptInformation:
+        case UserProfileInformation:
+        case UserWorkStationsInformation:
+            DesiredAccess = USER_READ_LOGON;
+            break;
+
+        case UserControlInformation:
+        case UserExpiresInformation:
+        case UserParametersInformation:
+            DesiredAccess = USER_READ_ACCOUNT;
+            break;
+
+        case UserPreferencesInformation:
+            DesiredAccess = USER_READ_GENERAL |
+                            USER_READ_PREFERENCES;
+            break;
+
+        case UserLogonInformation:
+        case UserAccountInformation:
+            DesiredAccess = USER_READ_GENERAL |
+                            USER_READ_PREFERENCES |
+                            USER_READ_LOGON |
+                            USER_READ_ACCOUNT;
+            break;
+
+        case UserInternal1Information:
+        case UserAllInformation:
+            DesiredAccess = 0;
+            break;
+
+        default:
+            return STATUS_INVALID_INFO_CLASS;
+    }
+
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
+    /* Validate the domain handle */
+    Status = SampValidateDbObject(UserHandle,
+                                  SamDbUserObject,
+                                  DesiredAccess,
+                                  &UserObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    switch (UserInformationClass)
+    {
+        case UserGeneralInformation:
+            Status = SampQueryUserGeneral(UserObject,
+                                          Buffer);
+            break;
+
+        case UserPreferencesInformation:
+            Status = SampQueryUserPreferences(UserObject,
+                                              Buffer);
+            break;
+
+        case UserLogonInformation:
+            Status = SampQueryUserLogon(UserObject,
+                                        Buffer);
+            break;
+
+        case UserLogonHoursInformation:
+            Status = SampQueryUserLogonHours(UserObject,
+                                             Buffer);
+            break;
+
+        case UserAccountInformation:
+            Status = SampQueryUserAccount(UserObject,
+                                          Buffer);
+            break;
+
+        case UserNameInformation:
+            Status = SampQueryUserName(UserObject,
+                                       Buffer);
+            break;
+
+        case UserAccountNameInformation:
+            Status = SampQueryUserAccountName(UserObject,
+                                              Buffer);
+            break;
+
+        case UserFullNameInformation:
+            Status = SampQueryUserFullName(UserObject,
+                                           Buffer);
+            break;
+
+        case UserPrimaryGroupInformation:
+            Status = SampQueryUserPrimaryGroup(UserObject,
+                                               Buffer);
+            break;
+
+        case UserHomeInformation:
+            Status = SampQueryUserHome(UserObject,
+                                       Buffer);
+
+        case UserScriptInformation:
+            Status = SampQueryUserScript(UserObject,
+                                         Buffer);
+            break;
+
+        case UserProfileInformation:
+            Status = SampQueryUserProfile(UserObject,
+                                          Buffer);
+            break;
+
+        case UserAdminCommentInformation:
+            Status = SampQueryUserAdminComment(UserObject,
+                                               Buffer);
+            break;
+
+        case UserWorkStationsInformation:
+            Status = SampQueryUserWorkStations(UserObject,
+                                               Buffer);
+            break;
+
+        case UserControlInformation:
+            Status = SampQueryUserControl(UserObject,
+                                          Buffer);
+            break;
+
+        case UserExpiresInformation:
+            Status = SampQueryUserExpires(UserObject,
+                                          Buffer);
+            break;
+
+        case UserInternal1Information:
+            Status = SampQueryUserInternal1(UserObject,
+                                            Buffer);
+            break;
+
+        case UserParametersInformation:
+            Status = SampQueryUserParameters(UserObject,
+                                             Buffer);
+            break;
+
+        case UserAllInformation:
+            Status = SampQueryUserAll(UserObject,
+                                      Buffer);
+            break;
+
+//        case UserInternal4Information:
+//        case UserInternal5Information:
+//        case UserInternal4InformationNew:
+//        case UserInternal5InformationNew:
+
+        default:
+            Status = STATUS_INVALID_INFO_CLASS;
+    }
+
+done:
+    RtlReleaseResource(&SampResource);
+
+    return Status;
+}
+
+
+static NTSTATUS
+SampSetUserName(PSAM_DB_OBJECT UserObject,
+                PRPC_UNICODE_STRING NewUserName)
+{
+    UNICODE_STRING OldUserName = {0, 0, NULL};
+    NTSTATUS Status;
+
+    /* Check the account name */
+    Status = SampCheckAccountName(NewUserName, 20);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
+    Status = SampGetObjectAttributeString(UserObject,
+                                          L"Name",
+                                          (PRPC_UNICODE_STRING)&OldUserName);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampGetObjectAttributeString failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    if (!RtlEqualUnicodeString(&OldUserName, (PCUNICODE_STRING)NewUserName, TRUE))
+    {
+        Status = SampCheckAccountNameInDomain(UserObject->ParentObject,
+                                              NewUserName->Buffer);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("User name \'%S\' already exists in domain (Status 0x%08lx)\n",
+                  NewUserName->Buffer, Status);
+            goto done;
+        }
+    }
+
+    Status = SampSetAccountNameInDomain(UserObject->ParentObject,
+                                        L"Users",
+                                        NewUserName->Buffer,
+                                        UserObject->RelativeId);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampSetAccountNameInDomain failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    Status = SampRemoveAccountNameFromDomain(UserObject->ParentObject,
+                                             L"Users",
+                                             OldUserName.Buffer);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampRemoveAccountNameFromDomain failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"Name",
+                                          NewUserName);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampSetObjectAttribute failed (Status 0x%08lx)\n", Status);
+    }
+
+done:
+    if (OldUserName.Buffer != NULL)
+        midl_user_free(OldUserName.Buffer);
+
+    return Status;
+}
+
+
+static NTSTATUS
+SampSetUserGeneral(PSAM_DB_OBJECT UserObject,
+                   PSAMPR_USER_INFO_BUFFER Buffer)
+{
+    SAM_USER_FIXED_DATA FixedData;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    Length = sizeof(SAM_USER_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&FixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    FixedData.PrimaryGroupId = Buffer->General.PrimaryGroupId;
+
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"F",
+                                    REG_BINARY,
+                                    &FixedData,
+                                    Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    Status = SampSetUserName(UserObject,
+                             &Buffer->General.UserName);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"FullName",
+                                          &Buffer->General.FullName);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"AdminComment",
+                                          &Buffer->General.AdminComment);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"UserComment",
+                                          &Buffer->General.UserComment);
+
+done:
+    return Status;
+}
+
+
+static NTSTATUS
+SampSetUserPreferences(PSAM_DB_OBJECT UserObject,
+                       PSAMPR_USER_INFO_BUFFER Buffer)
+{
+    SAM_USER_FIXED_DATA FixedData;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    Length = sizeof(SAM_USER_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&FixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    FixedData.CountryCode = Buffer->Preferences.CountryCode;
+    FixedData.CodePage = Buffer->Preferences.CodePage;
+
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"F",
+                                    REG_BINARY,
+                                    &FixedData,
+                                    Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"UserComment",
+                                          &Buffer->Preferences.UserComment);
+
+done:
+    return Status;
+}
+
+
+static NTSTATUS
+SampSetUserPrimaryGroup(PSAM_DB_OBJECT UserObject,
+                        PSAMPR_USER_INFO_BUFFER Buffer)
+{
+    SAM_USER_FIXED_DATA FixedData;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    Length = sizeof(SAM_USER_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&FixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    FixedData.PrimaryGroupId = Buffer->PrimaryGroup.PrimaryGroupId;
+
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"F",
+                                    REG_BINARY,
+                                    &FixedData,
+                                    Length);
+
+done:
+    return Status;
+}
+
+
+static NTSTATUS
+SampSetUserControl(PSAM_DB_OBJECT UserObject,
+                   PSAMPR_USER_INFO_BUFFER Buffer)
+{
+    SAM_USER_FIXED_DATA FixedData;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    Length = sizeof(SAM_USER_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&FixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    FixedData.UserAccountControl = Buffer->Control.UserAccountControl;
+
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"F",
+                                    REG_BINARY,
+                                    &FixedData,
+                                    Length);
+
+done:
+    return Status;
+}
+
+
+static NTSTATUS
+SampSetUserExpires(PSAM_DB_OBJECT UserObject,
+                   PSAMPR_USER_INFO_BUFFER Buffer)
+{
+    SAM_USER_FIXED_DATA FixedData;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    Length = sizeof(SAM_USER_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&FixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    FixedData.AccountExpires.LowPart = Buffer->Expires.AccountExpires.LowPart;
+    FixedData.AccountExpires.HighPart = Buffer->Expires.AccountExpires.HighPart;
+
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"F",
+                                    REG_BINARY,
+                                    &FixedData,
+                                    Length);
+
+done:
+    return Status;
+}
+
+
+static NTSTATUS
+SampSetUserInternal1(PSAM_DB_OBJECT UserObject,
+                     PSAMPR_USER_INFO_BUFFER Buffer)
+{
+    SAM_USER_FIXED_DATA FixedData;
+    ULONG Length = 0;
+    NTSTATUS Status = STATUS_SUCCESS;
+
+    /* FIXME: Decrypt NT password */
+    /* FIXME: Decrypt LM password */
+
+    Status = SampSetUserPassword(UserObject,
+                                 &Buffer->Internal1.EncryptedNtOwfPassword,
+                                 Buffer->Internal1.NtPasswordPresent,
+                                 &Buffer->Internal1.EncryptedLmOwfPassword,
+                                 Buffer->Internal1.LmPasswordPresent);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    /* Get the fixed user attributes */
+    Length = sizeof(SAM_USER_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&FixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    if (Buffer->Internal1.PasswordExpired)
+    {
+        /* The password was last set ages ago */
+        FixedData.PasswordLastSet.LowPart = 0;
+        FixedData.PasswordLastSet.HighPart = 0;
+    }
+    else
+    {
+        /* The password was last set right now */
+        Status = NtQuerySystemTime(&FixedData.PasswordLastSet);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    /* Set the fixed user attributes */
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"F",
+                                    REG_BINARY,
+                                    &FixedData,
+                                    Length);
+
+done:
+    return Status;
+}
+
+
+static NTSTATUS
+SampSetUserAll(PSAM_DB_OBJECT UserObject,
+               PSAMPR_USER_INFO_BUFFER Buffer)
+{
+    SAM_USER_FIXED_DATA FixedData;
+    ULONG Length = 0;
+    ULONG WhichFields;
+    PENCRYPTED_NT_OWF_PASSWORD NtPassword = NULL;
+    PENCRYPTED_LM_OWF_PASSWORD LmPassword = NULL;
+    BOOLEAN NtPasswordPresent = FALSE;
+    BOOLEAN LmPasswordPresent = FALSE;
+    BOOLEAN WriteFixedData = FALSE;
+    NTSTATUS Status = STATUS_SUCCESS;
+
+    WhichFields = Buffer->All.WhichFields;
+
+    /* Get the fixed size attributes */
+    Length = sizeof(SAM_USER_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&FixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+        goto done;
+
+    if (WhichFields & USER_ALL_USERNAME)
+    {
+        Status = SampSetUserName(UserObject,
+                                 &Buffer->All.UserName);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_FULLNAME)
+    {
+        Status = SampSetObjectAttributeString(UserObject,
+                                              L"FullName",
+                                              &Buffer->All.FullName);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_ADMINCOMMENT)
+    {
+        Status = SampSetObjectAttributeString(UserObject,
+                                              L"AdminComment",
+                                              &Buffer->All.AdminComment);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_USERCOMMENT)
+    {
+        Status = SampSetObjectAttributeString(UserObject,
+                                              L"UserComment",
+                                              &Buffer->All.UserComment);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_HOMEDIRECTORY)
+    {
+        Status = SampSetObjectAttributeString(UserObject,
+                                              L"HomeDirectory",
+                                              &Buffer->All.HomeDirectory);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_HOMEDIRECTORYDRIVE)
+    {
+        Status = SampSetObjectAttributeString(UserObject,
+                                              L"HomeDirectoryDrive",
+                                              &Buffer->All.HomeDirectoryDrive);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_SCRIPTPATH)
+    {
+        Status = SampSetObjectAttributeString(UserObject,
+                                              L"ScriptPath",
+                                              &Buffer->All.ScriptPath);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_PROFILEPATH)
+    {
+        Status = SampSetObjectAttributeString(UserObject,
+                                              L"ProfilePath",
+                                              &Buffer->All.ProfilePath);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_WORKSTATIONS)
+    {
+        Status = SampSetObjectAttributeString(UserObject,
+                                              L"WorkStations",
+                                              &Buffer->All.WorkStations);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_PARAMETERS)
+    {
+        Status = SampSetObjectAttributeString(UserObject,
+                                              L"Parameters",
+                                              &Buffer->All.Parameters);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_LOGONHOURS)
+    {
+        Status = SampSetLogonHoursAttrbute(UserObject,
+                                           &Buffer->All.LogonHours);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_PRIMARYGROUPID)
+    {
+        FixedData.PrimaryGroupId = Buffer->All.PrimaryGroupId;
+        WriteFixedData = TRUE;
+    }
+
+    if (WhichFields & USER_ALL_ACCOUNTEXPIRES)
+    {
+        FixedData.AccountExpires.LowPart = Buffer->All.AccountExpires.LowPart;
+        FixedData.AccountExpires.HighPart = Buffer->All.AccountExpires.HighPart;
+        WriteFixedData = TRUE;
+    }
+
+    if (WhichFields & USER_ALL_USERACCOUNTCONTROL)
+    {
+        FixedData.UserAccountControl = Buffer->All.UserAccountControl;
+        WriteFixedData = TRUE;
+    }
+
+    if (WhichFields & USER_ALL_COUNTRYCODE)
+    {
+        FixedData.CountryCode = Buffer->All.CountryCode;
+        WriteFixedData = TRUE;
+    }
+
+    if (WhichFields & USER_ALL_CODEPAGE)
+    {
+        FixedData.CodePage = Buffer->All.CodePage;
+        WriteFixedData = TRUE;
+    }
+
+    if (WhichFields & (USER_ALL_NTPASSWORDPRESENT |
+                       USER_ALL_LMPASSWORDPRESENT))
+    {
+        if (WhichFields & USER_ALL_NTPASSWORDPRESENT)
+        {
+            NtPassword = (PENCRYPTED_NT_OWF_PASSWORD)Buffer->All.NtOwfPassword.Buffer;
+            NtPasswordPresent = Buffer->All.NtPasswordPresent;
+        }
+
+        if (WhichFields & USER_ALL_LMPASSWORDPRESENT)
+        {
+            LmPassword = (PENCRYPTED_LM_OWF_PASSWORD)Buffer->All.LmOwfPassword.Buffer;
+            LmPasswordPresent = Buffer->All.LmPasswordPresent;
+        }
+
+        Status = SampSetUserPassword(UserObject,
+                                     NtPassword,
+                                     NtPasswordPresent,
+                                     LmPassword,
+                                     LmPasswordPresent);
+        if (!NT_SUCCESS(Status))
+            goto done;
+
+        /* The password has just been set */
+        Status = NtQuerySystemTime(&FixedData.PasswordLastSet);
+        if (!NT_SUCCESS(Status))
+            goto done;
+
+        WriteFixedData = TRUE;
+    }
+
+    if (WhichFields & USER_ALL_PRIVATEDATA)
+    {
+        Status = SampSetObjectAttributeString(UserObject,
+                                              L"PrivateData",
+                                              &Buffer->All.PrivateData);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+    if (WhichFields & USER_ALL_PASSWORDEXPIRED)
+    {
+        if (Buffer->All.PasswordExpired)
+        {
+            /* The pasword was last set ages ago */
+            FixedData.PasswordLastSet.LowPart = 0;
+            FixedData.PasswordLastSet.HighPart = 0;
+        }
+        else
+        {
+            /* The pasword was last set right now */
+            Status = NtQuerySystemTime(&FixedData.PasswordLastSet);
+            if (!NT_SUCCESS(Status))
+                goto done;
+        }
+
+        WriteFixedData = TRUE;
+    }
+
+    if (WhichFields & USER_ALL_SECURITYDESCRIPTOR)
+    {
+        Status = SampSetObjectAttribute(UserObject,
+                                        L"SecDesc",
+                                        REG_BINARY,
+                                        Buffer->All.SecurityDescriptor.SecurityDescriptor,
+                                        Buffer->All.SecurityDescriptor.Length);
+    }
+
+    if (WriteFixedData == TRUE)
+    {
+        Status = SampSetObjectAttribute(UserObject,
+                                        L"F",
+                                        REG_BINARY,
+                                        &FixedData,
+                                        Length);
+        if (!NT_SUCCESS(Status))
+            goto done;
+    }
+
+done:
+    return Status;
+}
+
+
+/* Function 37 */
+NTSTATUS
+NTAPI
+SamrSetInformationUser(IN SAMPR_HANDLE UserHandle,
+                       IN USER_INFORMATION_CLASS UserInformationClass,
+                       IN PSAMPR_USER_INFO_BUFFER Buffer)
+{
+    PSAM_DB_OBJECT UserObject;
+    ACCESS_MASK DesiredAccess;
+    NTSTATUS Status;
+
+    TRACE("SamrSetInformationUser(%p %lu %p)\n",
+          UserHandle, UserInformationClass, Buffer);
+
+    switch (UserInformationClass)
+    {
+        case UserLogonHoursInformation:
+        case UserNameInformation:
+        case UserAccountNameInformation:
+        case UserFullNameInformation:
+        case UserPrimaryGroupInformation:
+        case UserHomeInformation:
+        case UserScriptInformation:
+        case UserProfileInformation:
+        case UserAdminCommentInformation:
+        case UserWorkStationsInformation:
+        case UserControlInformation:
+        case UserExpiresInformation:
+        case UserParametersInformation:
+            DesiredAccess = USER_WRITE_ACCOUNT;
+            break;
+
+        case UserGeneralInformation:
+            DesiredAccess = USER_WRITE_ACCOUNT |
+                            USER_WRITE_PREFERENCES;
+            break;
+
+        case UserPreferencesInformation:
+            DesiredAccess = USER_WRITE_PREFERENCES;
+            break;
+
+        case UserSetPasswordInformation:
+        case UserInternal1Information:
+            DesiredAccess = USER_FORCE_PASSWORD_CHANGE;
+            break;
+
+        case UserAllInformation:
+            DesiredAccess = 0; /* FIXME */
+            break;
+
+        default:
+            return STATUS_INVALID_INFO_CLASS;
+    }
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
+    /* Validate the domain handle */
+    Status = SampValidateDbObject(UserHandle,
+                                  SamDbUserObject,
+                                  DesiredAccess,
+                                  &UserObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    switch (UserInformationClass)
+    {
+        case UserGeneralInformation:
+            Status = SampSetUserGeneral(UserObject,
+                                        Buffer);
+            break;
+
+        case UserPreferencesInformation:
+            Status = SampSetUserPreferences(UserObject,
+                                            Buffer);
+            break;
+
+        case UserLogonHoursInformation:
+            Status = SampSetLogonHoursAttrbute(UserObject,
+                                               &Buffer->LogonHours.LogonHours);
+            break;
+
+        case UserNameInformation:
+            Status = SampSetUserName(UserObject,
+                                     &Buffer->Name.UserName);
+            if (!NT_SUCCESS(Status))
+                break;
+
+            Status = SampSetObjectAttributeString(UserObject,
+                                                  L"FullName",
+                                                  &Buffer->Name.FullName);
+            break;
+
+        case UserAccountNameInformation:
+            Status = SampSetUserName(UserObject,
+                                     &Buffer->AccountName.UserName);
+            break;
+
+        case UserFullNameInformation:
+            Status = SampSetObjectAttributeString(UserObject,
+                                                  L"FullName",
+                                                  &Buffer->FullName.FullName);
+            break;
+
+        case UserPrimaryGroupInformation:
+            Status = SampSetUserPrimaryGroup(UserObject,
+                                             Buffer);
+            break;
+
+        case UserHomeInformation:
+            Status = SampSetObjectAttributeString(UserObject,
+                                                  L"HomeDirectory",
+                                                  &Buffer->Home.HomeDirectory);
+            if (!NT_SUCCESS(Status))
+                break;
+
+            Status = SampSetObjectAttributeString(UserObject,
+                                                  L"HomeDirectoryDrive",
+                                                  &Buffer->Home.HomeDirectoryDrive);
+            break;
+
+        case UserScriptInformation:
+            Status = SampSetObjectAttributeString(UserObject,
+                                                  L"ScriptPath",
+                                                  &Buffer->Script.ScriptPath);
+            break;
+
+        case UserProfileInformation:
+            Status = SampSetObjectAttributeString(UserObject,
+                                                  L"ProfilePath",
+                                                  &Buffer->Profile.ProfilePath);
+            break;
+
+        case UserAdminCommentInformation:
+            Status = SampSetObjectAttributeString(UserObject,
+                                                  L"AdminComment",
+                                                  &Buffer->AdminComment.AdminComment);
              break;
  
          case UserWorkStationsInformation:
-            Status = SampQueryUserWorkStations(UserObject,
-                                               Buffer);
+            Status = SampSetObjectAttributeString(UserObject,
+                                                  L"WorkStations",
+                                                  &Buffer->WorkStations.WorkStations);
+            break;
+
+        case UserSetPasswordInformation:
+            TRACE("Password: %S\n", Buffer->SetPassword.Password.Buffer);
+            TRACE("PasswordExpired: %d\n", Buffer->SetPassword.PasswordExpired);
+
+            Status = SampSetObjectAttributeString(UserObject,
+                                                  L"Password",
+                                                  &Buffer->SetPassword.Password);
              break;
  
          case UserControlInformation:
-            Status = SampQueryUserControl(UserObject,
-                                          Buffer);
+            Status = SampSetUserControl(UserObject,
+                                        Buffer);
              break;
  
          case UserExpiresInformation:
-            Status = SampQueryUserExpires(UserObject,
+            Status = SampSetUserExpires(UserObject,
+                                        Buffer);
+            break;
+
+        case UserInternal1Information:
+            Status = SampSetUserInternal1(UserObject,
                                            Buffer);
              break;
  
+        case UserParametersInformation:
+            Status = SampSetObjectAttributeString(UserObject,
+                                                  L"Parameters",
+                                                  &Buffer->Parameters.Parameters);
+            break;
+
+        case UserAllInformation:
+            Status = SampSetUserAll(UserObject,
+                                    Buffer);
+            break;
+
+//        case UserInternal4Information:
+//        case UserInternal5Information:
+//        case UserInternal4InformationNew:
+//        case UserInternal5InformationNew:
+
          default:
              Status = STATUS_INVALID_INFO_CLASS;
      }
  
+done:
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
  
-static NTSTATUS
-SampSetUserGeneral(PSAM_DB_OBJECT UserObject,
-                   PSAMPR_USER_INFO_BUFFER Buffer)
+/* Function 38 */
+NTSTATUS
+NTAPI
+SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle,
+                       IN unsigned char LmPresent,
+                       IN PENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm,
+                       IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm,
+                       IN unsigned char NtPresent,
+                       IN PENCRYPTED_NT_OWF_PASSWORD OldNtEncryptedWithNewNt,
+                       IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithOldNt,
+                       IN unsigned char NtCrossEncryptionPresent,
+                       IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithNewLm,
+                       IN unsigned char LmCrossEncryptionPresent,
+                       IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithNewNt)
  {
-    SAM_USER_FIXED_DATA FixedData;
-    ULONG Length = 0;
+    ENCRYPTED_LM_OWF_PASSWORD StoredLmPassword;
+    ENCRYPTED_NT_OWF_PASSWORD StoredNtPassword;
+    ENCRYPTED_LM_OWF_PASSWORD OldLmPassword;
+    ENCRYPTED_LM_OWF_PASSWORD NewLmPassword;
+    ENCRYPTED_NT_OWF_PASSWORD OldNtPassword;
+    ENCRYPTED_NT_OWF_PASSWORD NewNtPassword;
+    BOOLEAN StoredLmPresent = FALSE;
+    BOOLEAN StoredNtPresent = FALSE;
+    BOOLEAN StoredLmEmpty = TRUE;
+    BOOLEAN StoredNtEmpty = TRUE;
+    PSAM_DB_OBJECT UserObject;
+    ULONG Length;
+    SAM_USER_FIXED_DATA UserFixedData;
+    SAM_DOMAIN_FIXED_DATA DomainFixedData;
+    LARGE_INTEGER SystemTime;
      NTSTATUS Status;
  
-    Length = sizeof(SAM_USER_FIXED_DATA);
-    Status = SampGetObjectAttribute(UserObject,
-                                    L"F",
-                                    NULL,
-                                    (PVOID)&FixedData,
-                                    &Length);
-    if (!NT_SUCCESS(Status))
-        goto done;
-
-    FixedData.PrimaryGroupId = Buffer->General.PrimaryGroupId;
-
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"F",
-                                    REG_BINARY,
-                                    &FixedData,
-                                    Length);
-    if (!NT_SUCCESS(Status))
-        goto done;
+    TRACE("(%p %u %p %p %u %p %p %u %p %u %p)\n",
+          UserHandle, LmPresent, OldLmEncryptedWithNewLm, NewLmEncryptedWithOldLm,
+          NtPresent, OldNtEncryptedWithNewNt, NewNtEncryptedWithOldNt, NtCrossEncryptionPresent,
+          NewNtEncryptedWithNewLm, LmCrossEncryptionPresent, NewLmEncryptedWithNewNt);
  
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"Name",
-                                    REG_SZ,
-                                    Buffer->General.UserName.Buffer,
-                                    Buffer->General.UserName.MaximumLength);
-    if (!NT_SUCCESS(Status))
-        goto done;
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
  
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"FullName",
-                                    REG_SZ,
-                                    Buffer->General.FullName.Buffer,
-                                    Buffer->General.FullName.MaximumLength);
+    /* Validate the user handle */
+    Status = SampValidateDbObject(UserHandle,
+                                  SamDbUserObject,
+                                  USER_CHANGE_PASSWORD,
+                                  &UserObject);
      if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampValidateDbObject failed with status 0x%08lx\n", Status);
          goto done;
+    }
  
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"AdminComment",
-                                    REG_SZ,
-                                    Buffer->General.AdminComment.Buffer,
-                                    Buffer->General.AdminComment.MaximumLength);
+    /* Get the current time */
+    Status = NtQuerySystemTime(&SystemTime);
      if (!NT_SUCCESS(Status))
+    {
+        TRACE("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
          goto done;
+    }
  
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"UserComment",
-                                    REG_SZ,
-                                    Buffer->General.UserComment.Buffer,
-                                    Buffer->General.UserComment.MaximumLength);
-
-done:
-    return Status;
-}
-
-
-static NTSTATUS
-SampSetUserPreferences(PSAM_DB_OBJECT UserObject,
-                       PSAMPR_USER_INFO_BUFFER Buffer)
-{
-    SAM_USER_FIXED_DATA FixedData;
-    ULONG Length = 0;
-    NTSTATUS Status;
-
-    Length = sizeof(SAM_USER_FIXED_DATA);
+    /* Retrieve the LM password */
+    Length = sizeof(ENCRYPTED_LM_OWF_PASSWORD);
      Status = SampGetObjectAttribute(UserObject,
-                                    L"F",
+                                    L"LMPwd",
                                      NULL,
-                                    (PVOID)&FixedData,
+                                    &StoredLmPassword,
                                      &Length);
-    if (!NT_SUCCESS(Status))
-        goto done;
-
-    FixedData.CountryCode = Buffer->Preferences.CountryCode;
-    FixedData.CodePage = Buffer->Preferences.CodePage;
-
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"F",
-                                    REG_BINARY,
-                                    &FixedData,
-                                    Length);
-    if (!NT_SUCCESS(Status))
-        goto done;
-
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"UserComment",
-                                    REG_SZ,
-                                    Buffer->Preferences.UserComment.Buffer,
-                                    Buffer->Preferences.UserComment.MaximumLength);
-
-done:
-    return Status;
-}
-
-
-static NTSTATUS
-SampSetUserPrimaryGroup(PSAM_DB_OBJECT UserObject,
-                        PSAMPR_USER_INFO_BUFFER Buffer)
-{
-    SAM_USER_FIXED_DATA FixedData;
-    ULONG Length = 0;
-    NTSTATUS Status;
+    if (NT_SUCCESS(Status))
+    {
+        if (Length == sizeof(ENCRYPTED_LM_OWF_PASSWORD))
+        {
+            StoredLmPresent = TRUE;
+            if (!RtlEqualMemory(&StoredLmPassword,
+                                &EmptyLmHash,
+                                sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
+                StoredLmEmpty = FALSE;
+        }
+    }
  
-    Length = sizeof(SAM_USER_FIXED_DATA);
+    /* Retrieve the NT password */
+    Length = sizeof(ENCRYPTED_NT_OWF_PASSWORD);
      Status = SampGetObjectAttribute(UserObject,
-                                    L"F",
+                                    L"NTPwd",
                                      NULL,
-                                    (PVOID)&FixedData,
+                                    &StoredNtPassword,
                                      &Length);
-    if (!NT_SUCCESS(Status))
-        goto done;
-
-    FixedData.PrimaryGroupId = Buffer->PrimaryGroup.PrimaryGroupId;
-
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"F",
-                                    REG_BINARY,
-                                    &FixedData,
-                                    Length);
-
-done:
-    return Status;
-}
-
-
-static NTSTATUS
-SampSetUserControl(PSAM_DB_OBJECT UserObject,
-                   PSAMPR_USER_INFO_BUFFER Buffer)
-{
-    SAM_USER_FIXED_DATA FixedData;
-    ULONG Length = 0;
-    NTSTATUS Status;
+    if (NT_SUCCESS(Status))
+    {
+        if (Length == sizeof(ENCRYPTED_NT_OWF_PASSWORD))
+        {
+            StoredNtPresent = TRUE;
+            if (!RtlEqualMemory(&StoredNtPassword,
+                                &EmptyNtHash,
+                                sizeof(ENCRYPTED_NT_OWF_PASSWORD)))
+                StoredNtEmpty = FALSE;
+        }
+    }
  
+    /* Retrieve the fixed size user data */
      Length = sizeof(SAM_USER_FIXED_DATA);
      Status = SampGetObjectAttribute(UserObject,
                                      L"F",
                                      NULL,
-                                    (PVOID)&FixedData,
+                                    &UserFixedData,
                                      &Length);
      if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampGetObjectAttribute failed to retrieve the fixed user data (Status 0x%08lx)\n", Status);
          goto done;
+    }
  
-    FixedData.UserAccountControl = Buffer->Control.UserAccountControl;
+    /* Check if we can change the password at this time */
+    if ((StoredNtEmpty == FALSE) || (StoredNtEmpty == FALSE))
+    {
+        /* Get fixed domain data */
+        Length = sizeof(SAM_DOMAIN_FIXED_DATA);
+        Status = SampGetObjectAttribute(UserObject->ParentObject,
+                                        L"F",
+                                        NULL,
+                                        &DomainFixedData,
+                                        &Length);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("SampGetObjectAttribute failed to retrieve the fixed domain data (Status 0x%08lx)\n", Status);
+            goto done;
+        }
  
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"F",
-                                    REG_BINARY,
-                                    &FixedData,
-                                    Length);
+        if (DomainFixedData.MinPasswordAge.QuadPart > 0)
+        {
+            if (SystemTime.QuadPart < (UserFixedData.PasswordLastSet.QuadPart + DomainFixedData.MinPasswordAge.QuadPart))
+            {
+                Status = STATUS_ACCOUNT_RESTRICTION;
+                goto done;
+            }
+        }
+    }
  
-done:
-    return Status;
-}
+    /* Decrypt the LM passwords, if present */
+    if (LmPresent)
+    {
+        Status = SystemFunction013((const BYTE *)NewLmEncryptedWithOldLm,
+                                   (const BYTE *)&StoredLmPassword,
+                                   (LPBYTE)&NewLmPassword);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("SystemFunction013 failed (Status 0x%08lx)\n", Status);
+            goto done;
+        }
  
+        Status = SystemFunction013((const BYTE *)OldLmEncryptedWithNewLm,
+                                   (const BYTE *)&NewLmPassword,
+                                   (LPBYTE)&OldLmPassword);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("SystemFunction013 failed (Status 0x%08lx)\n", Status);
+            goto done;
+        }
+    }
  
-static NTSTATUS
-SampSetUserExpires(PSAM_DB_OBJECT UserObject,
-                   PSAMPR_USER_INFO_BUFFER Buffer)
-{
-    SAM_USER_FIXED_DATA FixedData;
-    ULONG Length = 0;
-    NTSTATUS Status;
+    /* Decrypt the NT passwords, if present */
+    if (NtPresent)
+    {
+        Status = SystemFunction013((const BYTE *)NewNtEncryptedWithOldNt,
+                                   (const BYTE *)&StoredNtPassword,
+                                   (LPBYTE)&NewNtPassword);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("SystemFunction013 failed (Status 0x%08lx)\n", Status);
+            goto done;
+        }
  
-    Length = sizeof(SAM_USER_FIXED_DATA);
-    Status = SampGetObjectAttribute(UserObject,
-                                    L"F",
-                                    NULL,
-                                    (PVOID)&FixedData,
-                                    &Length);
-    if (!NT_SUCCESS(Status))
-        goto done;
+        Status = SystemFunction013((const BYTE *)OldNtEncryptedWithNewNt,
+                                   (const BYTE *)&NewNtPassword,
+                                   (LPBYTE)&OldNtPassword);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("SystemFunction013 failed (Status 0x%08lx)\n", Status);
+            goto done;
+        }
+    }
+
+    /* Check if the old passwords match the stored ones */
+    if (NtPresent)
+    {
+        if (LmPresent)
+        {
+            if (!RtlEqualMemory(&StoredLmPassword,
+                                &OldLmPassword,
+                                sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
+            {
+                TRACE("Old LM Password does not match!\n");
+                Status = STATUS_WRONG_PASSWORD;
+            }
+            else
+            {
+                if (!RtlEqualMemory(&StoredNtPassword,
+                                    &OldNtPassword,
+                                    sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
+                {
+                    TRACE("Old NT Password does not match!\n");
+                    Status = STATUS_WRONG_PASSWORD;
+                }
+            }
+        }
+        else
+        {
+            if (!RtlEqualMemory(&StoredNtPassword,
+                                &OldNtPassword,
+                                sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
+            {
+                TRACE("Old NT Password does not match!\n");
+                Status = STATUS_WRONG_PASSWORD;
+            }
+        }
+    }
+    else
+    {
+        if (LmPresent)
+        {
+            if (!RtlEqualMemory(&StoredLmPassword,
+                                &OldLmPassword,
+                                sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
+            {
+                TRACE("Old LM Password does not match!\n");
+                Status = STATUS_WRONG_PASSWORD;
+            }
+        }
+        else
+        {
+            Status = STATUS_INVALID_PARAMETER;
+        }
+    }
+
+    /* Store the new password hashes */
+    if (NT_SUCCESS(Status))
+    {
+        Status = SampSetUserPassword(UserObject,
+                                     &NewNtPassword,
+                                     NtPresent,
+                                     &NewLmPassword,
+                                     LmPresent);
+        if (NT_SUCCESS(Status))
+        {
+            /* Update PasswordLastSet */
+            UserFixedData.PasswordLastSet.QuadPart = SystemTime.QuadPart;
  
-    FixedData.AccountExpires.LowPart = Buffer->Expires.AccountExpires.LowPart;
-    FixedData.AccountExpires.HighPart = Buffer->Expires.AccountExpires.HighPart;
+            /* Set the fixed size user data */
+            Length = sizeof(SAM_USER_FIXED_DATA);
+            Status = SampSetObjectAttribute(UserObject,
+                                            L"F",
+                                            REG_BINARY,
+                                            &UserFixedData,
+                                            Length);
+        }
+    }
  
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"F",
-                                    REG_BINARY,
-                                    &FixedData,
-                                    Length);
+    if (Status == STATUS_WRONG_PASSWORD)
+    {
+        /* Update BadPasswordCount and LastBadPasswordTime */
+        UserFixedData.BadPasswordCount++;
+        UserFixedData.LastBadPasswordTime.QuadPart = SystemTime.QuadPart;
+
+        /* Set the fixed size user data */
+        Length = sizeof(SAM_USER_FIXED_DATA);
+        Status = SampSetObjectAttribute(UserObject,
+                                        L"F",
+                                        REG_BINARY,
+                                        &UserFixedData,
+                                        Length);
+    }
  
  done:
+    RtlReleaseResource(&SampResource);
+
      return Status;
  }
  
  
-/* Function 37 */
+/* Function 39 */
  NTSTATUS
  NTAPI
-SamrSetInformationUser(IN SAMPR_HANDLE UserHandle,
-                       IN USER_INFORMATION_CLASS UserInformationClass,
-                       IN PSAMPR_USER_INFO_BUFFER Buffer)
+SamrGetGroupsForUser(IN SAMPR_HANDLE UserHandle,
+                     OUT PSAMPR_GET_GROUPS_BUFFER *Groups)
  {
+    PSAMPR_GET_GROUPS_BUFFER GroupsBuffer = NULL;
      PSAM_DB_OBJECT UserObject;
-    ACCESS_MASK DesiredAccess;
+    ULONG Length = 0;
      NTSTATUS Status;
  
-    TRACE("SamrSetInformationUser(%p %lu %p)\n",
-          UserHandle, UserInformationClass, Buffer);
-
-    switch (UserInformationClass)
-    {
-        case UserLogonHoursInformation:
-        case UserNameInformation:
-        case UserAccountNameInformation:
-        case UserFullNameInformation:
-        case UserPrimaryGroupInformation:
-        case UserHomeInformation:
-        case UserScriptInformation:
-        case UserProfileInformation:
-        case UserAdminCommentInformation:
-        case UserWorkStationsInformation:
-        case UserControlInformation:
-        case UserExpiresInformation:
-            DesiredAccess = USER_WRITE_ACCOUNT;
-            break;
-
-        case UserGeneralInformation:
-            DesiredAccess = USER_WRITE_ACCOUNT |
-                            USER_WRITE_PREFERENCES;
-            break;
-
-        case UserPreferencesInformation:
-            DesiredAccess = USER_WRITE_PREFERENCES;
-            break;
-
-        case UserSetPasswordInformation:
-            DesiredAccess = USER_FORCE_PASSWORD_CHANGE;
-            break;
+    TRACE("SamrGetGroupsForUser(%p %p)\n",
+          UserHandle, Groups);
  
-        default:
-            return STATUS_INVALID_INFO_CLASS;
-    }
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
  
-    /* Validate the domain handle */
+    /* Validate the user handle */
      Status = SampValidateDbObject(UserHandle,
                                    SamDbUserObject,
-                                  DesiredAccess,
+                                  USER_LIST_GROUPS,
                                    &UserObject);
      if (!NT_SUCCESS(Status))
      {
-        TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        TRACE("SampValidateDbObject failed with status 0x%08lx\n", Status);
+        goto done;
      }
  
-    switch (UserInformationClass)
+    /* Allocate the groups buffer */
+    GroupsBuffer = midl_user_allocate(sizeof(SAMPR_GET_GROUPS_BUFFER));
+    if (GroupsBuffer == NULL)
      {
-        case UserGeneralInformation:
-            Status = SampSetUserGeneral(UserObject,
-                                        Buffer);
-            break;
-
-        case UserPreferencesInformation:
-            Status = SampSetUserPreferences(UserObject,
-                                            Buffer);
-            break;
-/*
-        case UserLogonHoursInformation:
-            Status = SampSetUserLogonHours(UserObject,
-                                           Buffer);
-            break;
-*/
-        case UserNameInformation:
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"Name",
-                                            REG_SZ,
-                                            Buffer->Name.UserName.Buffer,
-                                            Buffer->Name.UserName.MaximumLength);
-            if (!NT_SUCCESS(Status))
-                break;
-
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"FullName",
-                                            REG_SZ,
-                                            Buffer->Name.FullName.Buffer,
-                                            Buffer->Name.FullName.MaximumLength);
-            break;
-
-        case UserAccountNameInformation:
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"Name",
-                                            REG_SZ,
-                                            Buffer->AccountName.UserName.Buffer,
-                                            Buffer->AccountName.UserName.MaximumLength);
-            break;
-
-        case UserFullNameInformation:
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"FullName",
-                                            REG_SZ,
-                                            Buffer->FullName.FullName.Buffer,
-                                            Buffer->FullName.FullName.MaximumLength);
-            break;
+        Status = STATUS_INSUFFICIENT_RESOURCES;
+        goto done;
+    }
  
-        case UserPrimaryGroupInformation:
-            Status = SampSetUserPrimaryGroup(UserObject,
-                                             Buffer);
-            break;
+    /*
+     * Get the size of the Groups attribute.
+     * Do not check the status code because in case of an error
+     * Length will be 0. And that is all we need.
+     */
+    SampGetObjectAttribute(UserObject,
+                           L"Groups",
+                           NULL,
+                           NULL,
+                           &Length);
  
-        case UserHomeInformation:
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"HomeDirectory",
-                                            REG_SZ,
-                                            Buffer->Home.HomeDirectory.Buffer,
-                                            Buffer->Home.HomeDirectory.MaximumLength);
-            if (!NT_SUCCESS(Status))
-                break;
+    /* If there is no Groups attribute, return a groups buffer without an array */
+    if (Length == 0)
+    {
+        GroupsBuffer->MembershipCount = 0;
+        GroupsBuffer->Groups = NULL;
  
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"HomeDirectoryDrive",
-                                            REG_SZ,
-                                            Buffer->Home.HomeDirectoryDrive.Buffer,
-                                            Buffer->Home.HomeDirectoryDrive.MaximumLength);
-            break;
+        *Groups = GroupsBuffer;
  
-        case UserScriptInformation:
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"ScriptPath",
-                                            REG_SZ,
-                                            Buffer->Script.ScriptPath.Buffer,
-                                            Buffer->Script.ScriptPath.MaximumLength);
-            break;
+        Status = STATUS_SUCCESS;
+        goto done;
+    }
  
-        case UserProfileInformation:
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"ProfilePath",
-                                            REG_SZ,
-                                            Buffer->Profile.ProfilePath.Buffer,
-                                            Buffer->Profile.ProfilePath.MaximumLength);
-            break;
+    /* Allocate a buffer for the Groups attribute */
+    GroupsBuffer->Groups = midl_user_allocate(Length);
+    if (GroupsBuffer->Groups == NULL)
+    {
+        Status = STATUS_INSUFFICIENT_RESOURCES;
+        goto done;
+    }
  
-        case UserAdminCommentInformation:
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"AdminComment",
-                                            REG_SZ,
-                                            Buffer->AdminComment.AdminComment.Buffer,
-                                            Buffer->AdminComment.AdminComment.MaximumLength);
-            break;
+    /* Retrieve the Grous attribute */
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"Groups",
+                                    NULL,
+                                    GroupsBuffer->Groups,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampGetObjectAttribute failed with status 0x%08lx\n", Status);
+        goto done;
+    }
  
-        case UserWorkStationsInformation:
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"WorkStations",
-                                            REG_SZ,
-                                            Buffer->WorkStations.WorkStations.Buffer,
-                                            Buffer->WorkStations.WorkStations.MaximumLength);
-            break;
+    /* Calculate the membership count */
+    GroupsBuffer->MembershipCount = Length / sizeof(GROUP_MEMBERSHIP);
  
-        case UserSetPasswordInformation:
-            TRACE("Password: %S\n", Buffer->SetPassword.Password.Buffer);
-            TRACE("PasswordExpired: %d\n", Buffer->SetPassword.PasswordExpired);
+    /* Return the groups buffer to the caller */
+    *Groups = GroupsBuffer;
  
-            Status = SampSetObjectAttribute(UserObject,
-                                            L"Password",
-                                            REG_SZ,
-                                            Buffer->SetPassword.Password.Buffer,
-                                            Buffer->SetPassword.Password.MaximumLength);
-            break;
+done:
+    if (!NT_SUCCESS(Status))
+    {
+        if (GroupsBuffer != NULL)
+        {
+            if (GroupsBuffer->Groups != NULL)
+                midl_user_free(GroupsBuffer->Groups);
  
-        case UserControlInformation:
-            Status = SampSetUserControl(UserObject,
-                                        Buffer);
-            break;
+            midl_user_free(GroupsBuffer);
+        }
+    }
  
-        case UserExpiresInformation:
-            Status = SampSetUserExpires(UserObject,
-                                        Buffer);
-            break;
+    RtlReleaseResource(&SampResource);
  
-//        case UserInternal1Information:
-//        case UserParametersInformation:
-//        case UserAllInformation:
-//        case UserInternal4Information:
-//        case UserInternal5Information:
-//        case UserInternal4InformationNew:
-//        case UserInternal5InformationNew:
+    return Status;
+}
  
-        default:
-            Status = STATUS_INVALID_INFO_CLASS;
-    }
  
-    return Status;
+/* Function 40 */
+NTSTATUS
+NTAPI
+SamrQueryDisplayInformation(IN SAMPR_HANDLE DomainHandle,
+                            IN DOMAIN_DISPLAY_INFORMATION DisplayInformationClass,
+                            IN unsigned long Index,
+                            IN unsigned long EntryCount,
+                            IN unsigned long PreferredMaximumLength,
+                            OUT unsigned long *TotalAvailable,
+                            OUT unsigned long *TotalReturned,
+                            OUT PSAMPR_DISPLAY_INFO_BUFFER Buffer)
+{
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
  }
  
-/* Function 38 */
+/* Function 41 */
  NTSTATUS
  NTAPI
-SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle,
-                       IN unsigned char LmPresent,
-                       IN PENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm,
-                       IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm,
-                       IN unsigned char NtPresent,
-                       IN PENCRYPTED_NT_OWF_PASSWORD OldNtEncryptedWithNewNt,
-                       IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithOldNt,
-                       IN unsigned char NtCrossEncryptionPresent,
-                       IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithNewLm,
-                       IN unsigned char LmCrossEncryptionPresent,
-                       IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithNewNt)
+SamrGetDisplayEnumerationIndex(IN SAMPR_HANDLE DomainHandle,
+                               IN DOMAIN_DISPLAY_INFORMATION DisplayInformationClass,
+                               IN PRPC_UNICODE_STRING Prefix,
+                               OUT unsigned long *Index)
  {
      UNIMPLEMENTED;
      return STATUS_NOT_IMPLEMENTED;
  }
  
-/* Function 39 */
+/* Function 42 */
  NTSTATUS
  NTAPI
-SamrGetGroupsForUser(IN SAMPR_HANDLE UserHandle,
-                     OUT PSAMPR_GET_GROUPS_BUFFER *Groups)
+SamrTestPrivateFunctionsDomain(IN SAMPR_HANDLE DomainHandle)
  {
      UNIMPLEMENTED;
      return STATUS_NOT_IMPLEMENTED;
  }
  
-/* Function 40 */
+/* Function 43 */
  NTSTATUS
  NTAPI
-SamrQueryDisplayInformation(IN SAMPR_HANDLE DomainHandle,
-                            IN DOMAIN_DISPLAY_INFORMATION DisplayInformationClass,
-                            IN unsigned long Index,
-                            IN unsigned long EntryCount,
-                            IN unsigned long PreferredMaximumLength,
-                            OUT unsigned long *TotalAvailable,
-                            OUT unsigned long *TotalReturned,
-                            OUT PSAMPR_DISPLAY_INFO_BUFFER Buffer)
+SamrTestPrivateFunctionsUser(IN SAMPR_HANDLE UserHandle)
  {
      UNIMPLEMENTED;
      return STATUS_NOT_IMPLEMENTED;
  }
  
-/* Function 41 */
-NTSTATUS
-NTAPI
-SamrGetDisplayEnumerationIndex(IN SAMPR_HANDLE DomainHandle,
-                               IN DOMAIN_DISPLAY_INFORMATION DisplayInformationClass,
-                               IN PRPC_UNICODE_STRING Prefix,
-                               OUT unsigned long *Index)
-{
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
-}
  
-/* Function 42 */
-NTSTATUS
-NTAPI
-SamrTestPrivateFunctionsDomain(IN SAMPR_HANDLE DomainHandle)
-{
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
-}
+/* Function 44 */
+NTSTATUS
+NTAPI
+SamrGetUserDomainPasswordInformation(IN SAMPR_HANDLE UserHandle,
+                                     OUT PUSER_DOMAIN_PASSWORD_INFORMATION PasswordInformation)
+{
+    SAM_DOMAIN_FIXED_DATA DomainFixedData;
+    SAM_USER_FIXED_DATA UserFixedData;
+    PSAM_DB_OBJECT DomainObject;
+    PSAM_DB_OBJECT UserObject;
+    ULONG Length = 0;
+    NTSTATUS Status;
+
+    TRACE("(%p %p)\n",
+          UserHandle, PasswordInformation);
+
+    RtlAcquireResourceShared(&SampResource,
+                             TRUE);
+
+    /* Validate the user handle */
+    Status = SampValidateDbObject(UserHandle,
+                                  SamDbUserObject,
+                                  0,
+                                  &UserObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampValidateDbObject failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Validate the domain object */
+    Status = SampValidateDbObject((SAMPR_HANDLE)UserObject->ParentObject,
+                                  SamDbDomainObject,
+                                  DOMAIN_READ_PASSWORD_PARAMETERS,
+                                  &DomainObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampValidateDbObject failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Get fixed user data */
+    Length = sizeof(SAM_USER_FIXED_DATA);
+    Status = SampGetObjectAttribute(UserObject,
+                                    L"F",
+                                    NULL,
+                                    (PVOID)&UserFixedData,
+                                    &Length);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampGetObjectAttribute failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    if ((UserObject->RelativeId == DOMAIN_USER_RID_KRBTGT) ||
+        (UserFixedData.UserAccountControl & (USER_INTERDOMAIN_TRUST_ACCOUNT |
+                                             USER_WORKSTATION_TRUST_ACCOUNT |
+                                             USER_SERVER_TRUST_ACCOUNT)))
+    {
+        PasswordInformation->MinPasswordLength = 0;
+        PasswordInformation->PasswordProperties = 0;
+    }
+    else
+    {
+        /* Get fixed domain data */
+        Length = sizeof(SAM_DOMAIN_FIXED_DATA);
+        Status = SampGetObjectAttribute(DomainObject,
+                                        L"F",
+                                        NULL,
+                                        (PVOID)&DomainFixedData,
+                                        &Length);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("SampGetObjectAttribute failed with status 0x%08lx\n", Status);
+            goto done;
+        }
+
+        PasswordInformation->MinPasswordLength = DomainFixedData.MinPasswordLength;
+        PasswordInformation->PasswordProperties = DomainFixedData.PasswordProperties;
+    }
+
+done:
+    RtlReleaseResource(&SampResource);
  
-/* Function 43 */
-NTSTATUS
-NTAPI
-SamrTestPrivateFunctionsUser(IN SAMPR_HANDLE UserHandle)
-{
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    return STATUS_SUCCESS;
  }
  
-/* Function 44 */
-NTSTATUS
-NTAPI
-SamrGetUserDomainPasswordInformation(IN SAMPR_HANDLE UserHandle,
-                                     OUT PUSER_DOMAIN_PASSWORD_INFORMATION PasswordInformation)
-{
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
-}
  
  /* Function 45 */
  NTSTATUS
@@ -6182,10 +8551,59 @@ NTAPI
  SamrRemoveMemberFromForeignDomain(IN SAMPR_HANDLE DomainHandle,
                                    IN PRPC_SID MemberSid)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    PSAM_DB_OBJECT DomainObject;
+    ULONG Rid = 0;
+    NTSTATUS Status;
+
+    TRACE("(%p %p)\n",
+          DomainHandle, MemberSid);
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
+    /* Validate the domain object */
+    Status = SampValidateDbObject(DomainHandle,
+                                  SamDbDomainObject,
+                                  DOMAIN_LOOKUP,
+                                  &DomainObject);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampValidateDbObject failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Retrieve the RID from the MemberSID */
+    Status = SampGetRidFromSid((PSID)MemberSid,
+                               &Rid);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampGetRidFromSid failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Fail, if the RID represents a special account */
+    if (Rid < 1000)
+    {
+        TRACE("Cannot remove a special account (RID: %lu)\n", Rid);
+        Status = STATUS_SPECIAL_ACCOUNT;
+        goto done;
+    }
+
+    /* Remove the member from all aliases in the domain */
+    Status = SampRemoveMemberFromAllAliases(DomainObject,
+                                            MemberSid);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampRemoveMemberFromAllAliases failed with status 0x%08lx\n", Status);
+    }
+
+done:
+    RtlReleaseResource(&SampResource);
+
+    return Status;
  }
  
+
  /* Function 46 */
  NTSTATUS
  NTAPI
@@ -6193,10 +8611,14 @@ SamrQueryInformationDomain2(IN SAMPR_HANDLE DomainHandle,
                              IN DOMAIN_INFORMATION_CLASS DomainInformationClass,
                              OUT PSAMPR_DOMAIN_INFO_BUFFER *Buffer)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    TRACE("(%p %lu %p)\n", DomainHandle, DomainInformationClass, Buffer);
+
+    return SamrQueryInformationDomain(DomainHandle,
+                                      DomainInformationClass,
+                                      Buffer);
  }
  
+
  /* Function 47 */
  NTSTATUS
  NTAPI
@@ -6204,10 +8626,14 @@ SamrQueryInformationUser2(IN SAMPR_HANDLE UserHandle,
                            IN USER_INFORMATION_CLASS UserInformationClass,
                            OUT PSAMPR_USER_INFO_BUFFER *Buffer)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    TRACE("(%p %lu %p)\n", UserHandle, UserInformationClass, Buffer);
+
+    return SamrQueryInformationUser(UserHandle,
+                                    UserInformationClass,
+                                    Buffer);
  }
  
+
  /* Function 48 */
  NTSTATUS
  NTAPI
@@ -6220,10 +8646,22 @@ SamrQueryDisplayInformation2(IN SAMPR_HANDLE DomainHandle,
                               OUT unsigned long *TotalReturned,
                               OUT PSAMPR_DISPLAY_INFO_BUFFER Buffer)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    TRACE("%p %lu %lu %lu %lu %p %p %p\n",
+          DomainHandle, DisplayInformationClass, Index,
+          EntryCount, PreferredMaximumLength, TotalAvailable,
+          TotalReturned, Buffer);
+
+    return SamrQueryDisplayInformation(DomainHandle,
+                                       DisplayInformationClass,
+                                       Index,
+                                       EntryCount,
+                                       PreferredMaximumLength,
+                                       TotalAvailable,
+                                       TotalReturned,
+                                       Buffer);
  }
  
+
  /* Function 49 */
  NTSTATUS
  NTAPI
@@ -6232,8 +8670,13 @@ SamrGetDisplayEnumerationIndex2(IN SAMPR_HANDLE DomainHandle,
                                  IN PRPC_UNICODE_STRING Prefix,
                                  OUT unsigned long *Index)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    TRACE("(%p %lu %p %p)\n",
+           DomainHandle, DisplayInformationClass, Prefix, Index);
+
+    return SamrGetDisplayEnumerationIndex(DomainHandle,
+                                          DisplayInformationClass,
+                                          Prefix,
+                                          Index);
  }
  
  
@@ -6248,14 +8691,18 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
                          OUT unsigned long *GrantedAccess,
                          OUT unsigned long *RelativeId)
  {
-    UNICODE_STRING EmptyString = RTL_CONSTANT_STRING(L"");
      SAM_DOMAIN_FIXED_DATA FixedDomainData;
      SAM_USER_FIXED_DATA FixedUserData;
      PSAM_DB_OBJECT DomainObject;
      PSAM_DB_OBJECT UserObject;
+    GROUP_MEMBERSHIP GroupMembership;
+    UCHAR LogonHours[23];
      ULONG ulSize;
      ULONG ulRid;
      WCHAR szRid[9];
+    PSECURITY_DESCRIPTOR Sd = NULL;
+    ULONG SdSize = 0;
+    PSID UserSid = NULL;
      NTSTATUS Status;
  
      TRACE("SamrCreateUserInDomain(%p %p %lx %p %p)\n",
@@ -6276,6 +8723,13 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
          AccountType != USER_TEMP_DUPLICATE_ACCOUNT)
          return STATUS_INVALID_PARAMETER;
  
+    /* Map generic access rights */
+    RtlMapGenericMask(&DesiredAccess,
+                      &UserMapping);
+
+    RtlAcquireResourceExclusive(&SampResource,
+                                TRUE);
+
      /* Validate the domain handle */
      Status = SampValidateDbObject(DomainHandle,
                                    SamDbDomainObject,
@@ -6284,7 +8738,15 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
+    }
+
+    /* Check the user account name */
+    Status = SampCheckAccountName(Name, 20);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        goto done;
      }
  
      /* Check if the user name already exists in the domain */
@@ -6294,7 +8756,7 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
      {
          TRACE("User name \'%S\' already exists in domain (Status 0x%08lx)\n",
                Name->Buffer, Status);
-        return Status;
+        goto done;
      }
  
      /* Get the fixed domain attributes */
@@ -6307,27 +8769,47 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Increment the NextRid attribute */
      ulRid = FixedDomainData.NextRid;
      FixedDomainData.NextRid++;
  
+    TRACE("RID: %lx\n", ulRid);
+
+    /* Create the user SID */
+    Status = SampCreateAccountSid(DomainObject,
+                                  ulRid,
+                                  &UserSid);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCreateAccountSid failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    /* Create the security descriptor */
+    Status = SampCreateUserSD(UserSid,
+                              &Sd,
+                              &SdSize);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCreateUserSD failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
      /* Store the fixed domain attributes */
      Status = SampSetObjectAttribute(DomainObject,
-                           L"F",
-                           REG_BINARY,
-                           &FixedDomainData,
-                           ulSize);
+                                    L"F",
+                                    REG_BINARY,
+                                    &FixedDomainData,
+                                    ulSize);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
-    TRACE("RID: %lx\n", ulRid);
-
      /* Convert the RID into a string (hex) */
      swprintf(szRid, L"%08lX", ulRid);
  
@@ -6335,13 +8817,14 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
      Status = SampCreateDbObject(DomainObject,
                                  L"Users",
                                  szRid,
+                                ulRid,
                                  SamDbUserObject,
                                  DesiredAccess,
                                  &UserObject);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Add the account name for the user object */
@@ -6352,12 +8835,12 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Initialize fixed user data */
-    memset(&FixedUserData, 0, sizeof(SAM_USER_FIXED_DATA));
      FixedUserData.Version = 1;
+    FixedUserData.Reserved = 0;
      FixedUserData.LastLogon.QuadPart = 0;
      FixedUserData.LastLogoff.QuadPart = 0;
      FixedUserData.PasswordLastSet.QuadPart = 0;
@@ -6369,6 +8852,12 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
      FixedUserData.UserAccountControl = USER_ACCOUNT_DISABLED |
                                         USER_PASSWORD_NOT_REQUIRED |
                                         AccountType;
+    FixedUserData.CountryCode = 0;
+    FixedUserData.CodePage = 0;
+    FixedUserData.BadPasswordCount = 0;
+    FixedUserData.LogonCount = 0;
+    FixedUserData.AdminCount = 0;
+    FixedUserData.OperatorCount = 0;
  
      /* Set fixed user data attribute */
      Status = SampSetObjectAttribute(UserObject,
@@ -6379,118 +8868,210 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the Name attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"Name",
-                                    REG_SZ,
-                                    (LPVOID)Name->Buffer,
-                                    Name->MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"Name",
+                                          Name);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the FullName attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"FullName",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"FullName",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the HomeDirectory attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"HomeDirectory",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"HomeDirectory",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the HomeDirectoryDrive attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"HomeDirectoryDrive",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"HomeDirectoryDrive",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the ScriptPath attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"ScriptPath",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"ScriptPath",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the ProfilePath attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"ProfilePath",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"ProfilePath",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the AdminComment attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"AdminComment",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"AdminComment",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the UserComment attribute */
-    Status = SampSetObjectAttribute(UserObject,
-                                    L"UserComment",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"UserComment",
+                                          NULL);
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
      }
  
      /* Set the WorkStations attribute */
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"WorkStations",
+                                          NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set the Parameters attribute */
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"Parameters",
+                                          NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set LogonHours attribute*/
+    *((PUSHORT)LogonHours) = 168;
+    memset(&(LogonHours[2]), 0xff, 21);
+
      Status = SampSetObjectAttribute(UserObject,
-                                    L"WorkStations",
-                                    REG_SZ,
-                                    EmptyString.Buffer,
-                                    EmptyString.MaximumLength);
+                                    L"LogonHours",
+                                    REG_BINARY,
+                                    &LogonHours,
+                                    sizeof(LogonHours));
      if (!NT_SUCCESS(Status))
      {
          TRACE("failed with status 0x%08lx\n", Status);
-        return Status;
+        goto done;
+    }
+
+    /* Set Groups attribute*/
+    GroupMembership.RelativeId = DOMAIN_GROUP_RID_USERS;
+    GroupMembership.Attributes = SE_GROUP_MANDATORY |
+                                 SE_GROUP_ENABLED |
+                                 SE_GROUP_ENABLED_BY_DEFAULT;
+
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"Groups",
+                                    REG_BINARY,
+                                    &GroupMembership,
+                                    sizeof(GROUP_MEMBERSHIP));
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set LMPwd attribute*/
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"LMPwd",
+                                    REG_BINARY,
+                                    NULL,
+                                    0);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set NTPwd attribute*/
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"NTPwd",
+                                    REG_BINARY,
+                                    NULL,
+                                    0);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set LMPwdHistory attribute*/
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"LMPwdHistory",
+                                    REG_BINARY,
+                                    NULL,
+                                    0);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set NTPwdHistory attribute*/
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"NTPwdHistory",
+                                    REG_BINARY,
+                                    NULL,
+                                    0);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
+
+    /* Set the PrivateData attribute */
+    Status = SampSetObjectAttributeString(UserObject,
+                                          L"PrivateData",
+                                          NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
      }
  
-    /* FIXME: Set default user attributes */
+    /* Set the SecDesc attribute*/
+    Status = SampSetObjectAttribute(UserObject,
+                                    L"SecDesc",
+                                    REG_BINARY,
+                                    Sd,
+                                    SdSize);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("failed with status 0x%08lx\n", Status);
+        goto done;
+    }
  
      if (NT_SUCCESS(Status))
      {
@@ -6499,6 +9080,15 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
          *GrantedAccess = UserObject->Access;
      }
  
+done:
+    if (Sd != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Sd);
+
+    if (UserSid != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, UserSid);
+
+    RtlReleaseResource(&SampResource);
+
      TRACE("returns with status 0x%08lx\n", Status);
  
      return Status;
@@ -6517,8 +9107,19 @@ SamrQueryDisplayInformation3(IN SAMPR_HANDLE DomainHandle,
                               OUT unsigned long *TotalReturned,
                               OUT PSAMPR_DISPLAY_INFO_BUFFER Buffer)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    TRACE("%p %lu %lu %lu %lu %p %p %p\n",
+          DomainHandle, DisplayInformationClass, Index,
+          EntryCount, PreferredMaximumLength, TotalAvailable,
+          TotalReturned, Buffer);
+
+    return SamrQueryDisplayInformation(DomainHandle,
+                                       DisplayInformationClass,
+                                       Index,
+                                       EntryCount,
+                                       PreferredMaximumLength,
+                                       TotalAvailable,
+                                       TotalReturned,
+                                       Buffer);
  }
  
  
@@ -6618,6 +9219,7 @@ SamrGetDomainPasswordInformation(IN handle_t BindingHandle,
      return STATUS_NOT_IMPLEMENTED;
  }
  
+
  /* Function 57 */
  NTSTATUS
  NTAPI
@@ -6625,10 +9227,14 @@ SamrConnect2(IN PSAMPR_SERVER_NAME ServerName,
               OUT SAMPR_HANDLE *ServerHandle,
               IN ACCESS_MASK DesiredAccess)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    TRACE("(%p %p %lx)\n", ServerName, ServerHandle, DesiredAccess);
+
+    return SamrConnect(ServerName,
+                       ServerHandle,
+                       DesiredAccess);
  }
  
+
  /* Function 58 */
  NTSTATUS
  NTAPI
@@ -6636,10 +9242,14 @@ SamrSetInformationUser2(IN SAMPR_HANDLE UserHandle,
                          IN USER_INFORMATION_CLASS UserInformationClass,
                          IN PSAMPR_USER_INFO_BUFFER Buffer)
  {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    TRACE("(%p %lu %p)\n", UserHandle, UserInformationClass, Buffer);
+
+    return SamrSetInformationUser(UserHandle,
+                                  UserInformationClass,
+                                  Buffer);
  }
  
+
  /* Function 59 */
  NTSTATUS
  NTAPI