[LSASRV]
authorEric Kohl <eric.kohl@reactos.org>
Wed, 26 Sep 2012 16:15:29 +0000 (16:15 +0000)
committerEric Kohl <eric.kohl@reactos.org>
Wed, 26 Sep 2012 16:15:29 +0000 (16:15 +0000)
- Implement most missing information classes of LsarQueryInformationPolicy.
- Add initialization code for new attributes of the policy object.
- Implement LsarQueryInformationPolicy2 and LsarSetInformationPolicy2.

svn path=/trunk/; revision=57391

reactos/dll/win32/lsasrv/database.c
reactos/dll/win32/lsasrv/lsarpc.c
reactos/dll/win32/lsasrv/lsasrv.h
reactos/dll/win32/lsasrv/policy.c
reactos/include/reactos/idl/lsa.idl

index 268074a..b5d4fc7 100644 (file)
@@ -226,9 +226,17 @@ LsapCreateRandomDomainSid(OUT PSID *Sid)
 static NTSTATUS
 LsapCreateDatabaseObjects(VOID)
 {
+    PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL;
     POLICY_DEFAULT_QUOTA_INFO QuotaInfo;
+    POLICY_MODIFICATION_INFO ModificationInfo;
+    POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE};
+    POLICY_AUDIT_LOG_INFO AuditLogInfo;
+
     PLSA_DB_OBJECT PolicyObject = NULL;
     PSID AccountDomainSid = NULL;
+    ULONG AuditEventsCount;
+    ULONG AuditEventsSize;
+    ULONG i;
     NTSTATUS Status;
 
     /* Initialize the default quota limits */
@@ -239,10 +247,35 @@ LsapCreateDatabaseObjects(VOID)
     QuotaInfo.QuotaLimits.PagefileLimit = 0;
     QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0;
 
+    /* Initialize the audit log attribute */
+    AuditLogInfo.AuditLogPercentFull = 0;
+    AuditLogInfo.MaximumLogSize = 0;                   // DWORD
+    AuditLogInfo.AuditRetentionPeriod.QuadPart = 0;    // LARGE_INTEGER
+    AuditLogInfo.AuditLogFullShutdownInProgress = 0;   // BYTE
+    AuditLogInfo.TimeToShutdown.QuadPart = 0;          // LARGE_INTEGER
+    AuditLogInfo.NextAuditRecordId = 0;                        // DWORD
+
+    AuditEventsCount = AuditCategoryAccountLogon - AuditCategorySystem + 1;
+    AuditEventsSize = sizeof(LSAP_POLICY_AUDIT_EVENTS_DATA) + AuditEventsCount * sizeof(DWORD);
+    AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(),
+                                      0,
+                                      AuditEventsSize);
+    if (AuditEventsInfo == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    AuditEventsInfo->AuditingMode = FALSE;
+    AuditEventsInfo->MaximumAuditEventCount = AuditEventsCount;
+    for (i = 0; i < AuditEventsCount; i++)
+        AuditEventsInfo->AuditEvents[i] = 0;
+
+    /* Initialize the modification attribute */
+    ModificationInfo.ModifiedId.QuadPart = 0;
+    NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime);
+
     /* Create a random domain SID */
     Status = LsapCreateRandomDomainSid(&AccountDomainSid);
     if (!NT_SUCCESS(Status))
-        return Status;
+        goto done;
 
     /* Open the 'Policy' object */
     Status = LsapOpenDbObject(NULL,
@@ -279,7 +312,34 @@ LsapCreateDatabaseObjects(VOID)
                            &QuotaInfo,
                            sizeof(POLICY_DEFAULT_QUOTA_INFO));
 
+    /* Set the modification attribute */
+    LsapSetObjectAttribute(PolicyObject,
+                           L"PolMod",
+                           &ModificationInfo,
+                           sizeof(POLICY_MODIFICATION_INFO));
+
+    /* Set the audit full attribute */
+    LsapSetObjectAttribute(PolicyObject,
+                           L"PolAdtFl",
+                           &AuditFullInfo,
+                           sizeof(POLICY_AUDIT_FULL_QUERY_INFO));
+
+    /* Set the audit log attribute */
+    LsapSetObjectAttribute(PolicyObject,
+                           L"PolAdtLg",
+                           &AuditLogInfo,
+                           sizeof(POLICY_AUDIT_LOG_INFO));
+
+    /* Set the audit events attribute */
+    LsapSetObjectAttribute(PolicyObject,
+                           L"PolAdtEv",
+                           &AuditEventsInfo,
+                           AuditEventsSize);
+
 done:
+    if (AuditEventsInfo != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);
+
     if (PolicyObject != NULL)
         LsapCloseDbObject(PolicyObject);
 
index 4f255bc..9ec67ee 100644 (file)
@@ -222,7 +222,6 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
             DesiredAccess = POLICY_GET_PRIVATE_INFORMATION;
             break;
 
-        case PolicyLastEntry:
         default:
             ERR("Invalid InformationClass!\n");
             return STATUS_INVALID_PARAMETER;
@@ -237,6 +236,10 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
 
     switch (InformationClass)
     {
+        case PolicyAuditLogInformation:      /* 1 */
+            Status = LsarQueryAuditLog(PolicyHandle,
+                                       PolicyInformation);
+
         case PolicyAuditEventsInformation:   /* 2 */
             Status = LsarQueryAuditEvents(PolicyHandle,
                                           PolicyInformation);
@@ -247,35 +250,54 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
                                             PolicyInformation);
             break;
 
+        case PolicyPdAccountInformation:     /* 4 */
+            Status = LsarQueryPdAccount(PolicyHandle,
+                                        PolicyInformation);
+
         case PolicyAccountDomainInformation: /* 5 */
             Status = LsarQueryAccountDomain(PolicyHandle,
                                             PolicyInformation);
             break;
 
-        case PolicyDefaultQuotaInformation: /* 8 */
+        case PolicyLsaServerRoleInformation: /* 6 */
+            Status = LsarQueryServerRole(PolicyHandle,
+                                         PolicyInformation);
+            break;
+
+        case PolicyReplicaSourceInformation: /* 7 */
+            Status = LsarQueryReplicaSource(PolicyHandle,
+                                            PolicyInformation);
+
+        case PolicyDefaultQuotaInformation:  /* 8 */
             Status = LsarQueryDefaultQuota(PolicyHandle,
                                            PolicyInformation);
             break;
 
-        case PolicyDnsDomainInformation:     /* 12 (0xc) */
+        case PolicyModificationInformation:  /* 9 */
+            Status = LsarQueryModification(PolicyHandle,
+                                           PolicyInformation);
+            break;
+
+        case PolicyAuditFullQueryInformation: /* 11 (0xB) */
+            Status = LsarQueryAuditFull(PolicyHandle,
+                                        PolicyInformation);
+            break;
+
+        case PolicyDnsDomainInformation:      /* 12 (0xC) */
             Status = LsarQueryDnsDomain(PolicyHandle,
                                         PolicyInformation);
             break;
 
-        case PolicyAuditLogInformation:
-        case PolicyPdAccountInformation:
-        case PolicyLsaServerRoleInformation:
-        case PolicyReplicaSourceInformation:
-        case PolicyModificationInformation:
-        case PolicyAuditFullSetInformation:
-        case PolicyAuditFullQueryInformation:
-        case PolicyDnsDomainInformationInt:
-        case PolicyLocalAccountDomainInformation:
-            FIXME("Information class not implemented\n");
-            Status = STATUS_UNSUCCESSFUL;
+        case PolicyDnsDomainInformationInt:   /* 13 (0xD) */
+            Status = LsarQueryDnsDomainInt(PolicyHandle,
+                                           PolicyInformation);
+            break;
+
+        case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
+            Status = LsarQueryLocalAccountDomain(PolicyHandle,
+                                                 PolicyInformation);
             break;
 
-        case PolicyLastEntry:
         default:
             ERR("Invalid InformationClass!\n");
             Status = STATUS_INVALID_PARAMETER;
@@ -316,6 +338,9 @@ NTSTATUS WINAPI LsarSetInformationPolicy(
 
         case PolicyPrimaryDomainInformation:
         case PolicyAccountDomainInformation:
+        case PolicyDnsDomainInformation:
+        case PolicyDnsDomainInformationInt:
+        case PolicyLocalAccountDomainInformation:
             DesiredAccess = POLICY_TRUST_ADMIN;
             break;
 
@@ -1761,10 +1786,11 @@ NTSTATUS WINAPI LsarGetUserName(
 NTSTATUS WINAPI LsarQueryInformationPolicy2(
     LSAPR_HANDLE PolicyHandle,
     POLICY_INFORMATION_CLASS InformationClass,
-    unsigned long *PolicyInformation)
+    PLSAPR_POLICY_INFORMATION *PolicyInformation)
 {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    return LsarQueryInformationPolicy(PolicyHandle,
+                                      InformationClass,
+                                      PolicyInformation);
 }
 
 
@@ -1772,10 +1798,11 @@ NTSTATUS WINAPI LsarQueryInformationPolicy2(
 NTSTATUS WINAPI LsarSetInformationPolicy2(
     LSAPR_HANDLE PolicyHandle,
     POLICY_INFORMATION_CLASS InformationClass,
-    unsigned long PolicyInformation)
+    PLSAPR_POLICY_INFORMATION PolicyInformation)
 {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    return LsarSetInformationPolicy(PolicyHandle,
+                                    InformationClass,
+                                    PolicyInformation);
 }
 
 
index 126d5cb..1f387ac 100644 (file)
@@ -53,6 +53,14 @@ typedef struct _LSA_DB_OBJECT
 #define LSAP_DB_SIGNATURE 0x12345678
 
 
+typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATA
+{
+    BOOLEAN AuditingMode;
+    DWORD MaximumAuditEventCount;
+    DWORD AuditEvents[0];
+} LSAP_POLICY_AUDIT_EVENTS_DATA, *PLSAP_POLICY_AUDIT_EVENTS_DATA;
+
+
 /* authport.c */
 NTSTATUS
 StartAuthenticationPort(VOID);
@@ -101,6 +109,10 @@ VOID
 LsarStartRpcServer(VOID);
 
 /* policy.c */
+NTSTATUS
+LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject,
+                  PLSAPR_POLICY_INFORMATION *PolicyInformation);
+
 NTSTATUS
 LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
                      PLSAPR_POLICY_INFORMATION *PolicyInformation);
@@ -109,18 +121,46 @@ NTSTATUS
 LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
                        PLSAPR_POLICY_INFORMATION *PolicyInformation);
 
+NTSTATUS
+LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject,
+                   PLSAPR_POLICY_INFORMATION *PolicyInformation);
+
 NTSTATUS
 LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject,
                        PLSAPR_POLICY_INFORMATION *PolicyInformation);
 
+NTSTATUS
+LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject,
+                    PLSAPR_POLICY_INFORMATION *PolicyInformation);
+
+NTSTATUS
+LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject,
+                       PLSAPR_POLICY_INFORMATION *PolicyInformation);
+
 NTSTATUS
 LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject,
                       PLSAPR_POLICY_INFORMATION *PolicyInformation);
 
+NTSTATUS
+LsarQueryModification(PLSA_DB_OBJECT PolicyObject,
+                      PLSAPR_POLICY_INFORMATION *PolicyInformation);
+
+NTSTATUS
+LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject,
+                   PLSAPR_POLICY_INFORMATION *PolicyInformation);
+
 NTSTATUS
 LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
                    PLSAPR_POLICY_INFORMATION *PolicyInformation);
 
+NTSTATUS
+LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject,
+                      PLSAPR_POLICY_INFORMATION *PolicyInformation);
+
+NTSTATUS
+LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject,
+                            PLSAPR_POLICY_INFORMATION *PolicyInformation);
+
 NTSTATUS
 LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
                      PLSAPR_POLICY_PRIMARY_DOM_INFO Info);
index b8bad2e..24cc3ca 100644 (file)
@@ -118,22 +118,107 @@ LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject,
 }
 
 
+NTSTATUS
+LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject,
+                  PLSAPR_POLICY_INFORMATION *PolicyInformation)
+{
+    PPOLICY_AUDIT_LOG_INFO AuditLogInfo = NULL;
+    ULONG AttributeSize;
+    NTSTATUS Status;
+
+    *PolicyInformation = NULL;
+
+    AttributeSize = sizeof(POLICY_AUDIT_LOG_INFO);
+    AuditLogInfo = MIDL_user_allocate(AttributeSize);
+    if (AuditLogInfo == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    Status = LsapGetObjectAttribute(PolicyObject,
+                                    L"PolAdtLg",
+                                    AuditLogInfo,
+                                    &AttributeSize);
+    if (!NT_SUCCESS(Status))
+    {
+        MIDL_user_free(AuditLogInfo);
+    }
+    else
+    {
+        *PolicyInformation = (PLSAPR_POLICY_INFORMATION)AuditLogInfo;
+    }
+
+    return Status;
+}
+
+
 NTSTATUS
 LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
                      PLSAPR_POLICY_INFORMATION *PolicyInformation)
 {
+    PLSAP_POLICY_AUDIT_EVENTS_DATA AuditData = NULL;
     PLSAPR_POLICY_AUDIT_EVENTS_INFO p = NULL;
+    ULONG AttributeSize;
+    NTSTATUS Status = STATUS_SUCCESS;
 
-    p = MIDL_user_allocate(sizeof(LSAPR_POLICY_AUDIT_EVENTS_INFO));
-    if (p == NULL)
-        return STATUS_INSUFFICIENT_RESOURCES;
+    *PolicyInformation = NULL;
+
+    AttributeSize = 0;
+    Status = LsapGetObjectAttribute(PolicyObject,
+                                    L"PolAdtEv",
+                                    NULL,
+                                    &AttributeSize);
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    if (AttributeSize > 0)
+    {
+        AuditData = MIDL_user_allocate(AttributeSize);
+        if (AuditData == NULL)
+            return STATUS_INSUFFICIENT_RESOURCES;
+
+        Status = LsapGetObjectAttribute(PolicyObject,
+                                        L"PolAdtEv",
+                                        AuditData,
+                                        &AttributeSize);
+        if (!NT_SUCCESS(Status))
+            goto done;
+
+        p = MIDL_user_allocate(sizeof(LSAPR_POLICY_AUDIT_EVENTS_INFO));
+        if (p == NULL)
+        {
+            Status = STATUS_INSUFFICIENT_RESOURCES;
+            goto done;
+        }
+
+        p->AuditingMode = AuditData->AuditingMode;
+        p->MaximumAuditEventCount = AuditData->MaximumAuditEventCount;
 
-    p->AuditingMode = FALSE; /* no auditing */
-    p->EventAuditingOptions = NULL;
-    p->MaximumAuditEventCount = 0;
+        p->EventAuditingOptions = MIDL_user_allocate(AuditData->MaximumAuditEventCount * sizeof(DWORD));
+        if (p->EventAuditingOptions == NULL)
+        {
+            Status = STATUS_INSUFFICIENT_RESOURCES;
+            goto done;
+        }
+
+        memcpy(p->EventAuditingOptions,
+               &(AuditData->AuditEvents[0]),
+               AuditData->MaximumAuditEventCount * sizeof(DWORD));
+    }
 
     *PolicyInformation = (PLSAPR_POLICY_INFORMATION)p;
 
+done:
+    if (!NT_SUCCESS(Status))
+    {
+        if (p->EventAuditingOptions != NULL)
+            MIDL_user_free(p->EventAuditingOptions);
+
+        if (p != NULL)
+            MIDL_user_free(p);
+    }
+
+    if (AuditData != NULL)
+        MIDL_user_free(AuditData);
+
     return STATUS_SUCCESS;
 }
 
@@ -248,6 +333,28 @@ Done:
 }
 
 
+NTSTATUS
+LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject,
+                   PLSAPR_POLICY_INFORMATION *PolicyInformation)
+{
+    PLSAPR_POLICY_PD_ACCOUNT_INFO PdAccountInfo = NULL;
+
+    *PolicyInformation = NULL;
+
+    PdAccountInfo = MIDL_user_allocate(sizeof(LSAPR_POLICY_PD_ACCOUNT_INFO));
+    if (PdAccountInfo == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    PdAccountInfo->Name.Length = 0;
+    PdAccountInfo->Name.MaximumLength = 0;
+    PdAccountInfo->Name.Buffer = NULL;
+
+    *PolicyInformation = (PLSAPR_POLICY_INFORMATION)PdAccountInfo;
+
+    return STATUS_SUCCESS;
+}
+
+
 NTSTATUS
 LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject,
                        PLSAPR_POLICY_INFORMATION *PolicyInformation)
@@ -357,6 +464,44 @@ Done:
 }
 
 
+NTSTATUS
+LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject,
+                    PLSAPR_POLICY_INFORMATION *PolicyInformation)
+{
+    PPOLICY_LSA_SERVER_ROLE_INFO ServerRoleInfo = NULL;
+    ULONG AttributeSize;
+    NTSTATUS Status;
+
+    *PolicyInformation = NULL;
+
+    AttributeSize = sizeof(POLICY_LSA_SERVER_ROLE_INFO);
+    ServerRoleInfo = MIDL_user_allocate(AttributeSize);
+    if (ServerRoleInfo == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    Status = LsapGetObjectAttribute(PolicyObject,
+                                    L"PolSrvRo",
+                                    ServerRoleInfo,
+                                    &AttributeSize);
+    if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
+    {
+        ServerRoleInfo->LsaServerRole = PolicyServerRolePrimary;
+        Status = STATUS_SUCCESS;
+    }
+
+    if (!NT_SUCCESS(Status))
+    {
+        MIDL_user_free(ServerRoleInfo);
+    }
+    else
+    {
+        *PolicyInformation = (PLSAPR_POLICY_INFORMATION)ServerRoleInfo;
+    }
+
+    return Status;
+}
+
+
 NTSTATUS
 LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject,
                       PLSAPR_POLICY_INFORMATION *PolicyInformation)
@@ -389,6 +534,79 @@ LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject,
 }
 
 
+NTSTATUS
+LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject,
+                       PLSAPR_POLICY_INFORMATION *PolicyInformation)
+{
+    *PolicyInformation = NULL;
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+
+NTSTATUS
+LsarQueryModification(PLSA_DB_OBJECT PolicyObject,
+                      PLSAPR_POLICY_INFORMATION *PolicyInformation)
+{
+    PPOLICY_MODIFICATION_INFO Info = NULL;
+    ULONG AttributeSize;
+    NTSTATUS Status;
+
+    *PolicyInformation = NULL;
+
+    AttributeSize = sizeof(POLICY_MODIFICATION_INFO);
+    Info = MIDL_user_allocate(AttributeSize);
+    if (Info == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    Status = LsapGetObjectAttribute(PolicyObject,
+                                    L"PolMod",
+                                    Info,
+                                    &AttributeSize);
+    if (!NT_SUCCESS(Status))
+    {
+        MIDL_user_free(Info);
+    }
+    else
+    {
+        *PolicyInformation = (PLSAPR_POLICY_INFORMATION)Info;
+    }
+
+    return Status;
+}
+
+
+NTSTATUS
+LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject,
+                   PLSAPR_POLICY_INFORMATION *PolicyInformation)
+{
+    PPOLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = NULL;
+    ULONG AttributeSize;
+    NTSTATUS Status;
+
+    *PolicyInformation = NULL;
+
+    AttributeSize = sizeof(POLICY_AUDIT_FULL_QUERY_INFO);
+    AuditFullInfo = MIDL_user_allocate(AttributeSize);
+    if (AuditFullInfo == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    Status = LsapGetObjectAttribute(PolicyObject,
+                                    L"PolAdtFl",
+                                    AuditFullInfo,
+                                    &AttributeSize);
+    if (!NT_SUCCESS(Status))
+    {
+        MIDL_user_free(AuditFullInfo);
+    }
+    else
+    {
+        *PolicyInformation = (PLSAPR_POLICY_INFORMATION)AuditFullInfo;
+    }
+
+    return Status;
+}
+
+
 NTSTATUS
 LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
                    PLSAPR_POLICY_INFORMATION *PolicyInformation)
@@ -432,4 +650,22 @@ LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
     return STATUS_SUCCESS;
 }
 
+
+NTSTATUS
+LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject,
+                      PLSAPR_POLICY_INFORMATION *PolicyInformation)
+{
+    *PolicyInformation = NULL;
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+
+NTSTATUS
+LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject,
+                            PLSAPR_POLICY_INFORMATION *PolicyInformation)
+{
+    *PolicyInformation = NULL;
+    return STATUS_NOT_IMPLEMENTED;
+}
+
 /* EOF */
index 453bde8..3edc645 100644 (file)
@@ -240,14 +240,14 @@ typedef struct _POLICY_AUDIT_LOG_INFO {
     DWORD AuditLogPercentFull;
     DWORD MaximumLogSize;
     LARGE_INTEGER AuditRetentionPeriod;
-    BYTE AuditLogFullShutdownInProgress;
+    BOOLEAN AuditLogFullShutdownInProgress;
     LARGE_INTEGER TimeToShutdown;
     DWORD NextAuditRecordId;
 } POLICY_AUDIT_LOG_INFO, *PPOLICY_AUDIT_LOG_INFO;
 cpp_quote("#endif")
 
 typedef struct _LSAPR_POLICY_AUDIT_EVENTS_INFO {
-    BYTE AuditingMode;
+    BOOLEAN AuditingMode;
     [size_is(MaximumAuditEventCount)] DWORD *EventAuditingOptions;
     DWORD MaximumAuditEventCount;
 } LSAPR_POLICY_AUDIT_EVENTS_INFO, *PLSAPR_POLICY_AUDIT_EVENTS_INFO;
@@ -889,15 +889,13 @@ cpp_quote("#if _WIN32_WINNT >= 0x0500")
     NTSTATUS __stdcall LsarQueryInformationPolicy2(
         [in] LSAPR_HANDLE PolicyHandle,
         [in] POLICY_INFORMATION_CLASS InformationClass,
-        [out] unsigned long *PolicyInformation);
-        /* FIXME: should be [out, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION *PolicyInformation); */
+        [out, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION *PolicyInformation);
 
     /* Function 47 */
     NTSTATUS __stdcall LsarSetInformationPolicy2(
         [in] LSAPR_HANDLE PolicyHandle,
         [in] POLICY_INFORMATION_CLASS InformationClass,
-        [in] unsigned long PolicyInformation);
-        /* FIXME: should be [in, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION PolicyInformation); */
+        [in, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION PolicyInformation);
 
     /* Function 48 */
     NTSTATUS __stdcall LsarQueryTrustedDomainInfoByName(