2 * Implementation of the Local Security Authority API
4 * Copyright 1999 Juergen Schmied
5 * Copyright 2002 Andriy Palamarchuk
6 * Copyright 2004 Mike McCormack
7 * Copyright 2005 Hans Leidekker
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
27 #define WIN32_NO_STATUS
33 #include "advapi32_misc.h"
35 #include "wine/debug.h"
37 WINE_DEFAULT_DEBUG_CHANNEL(advapi
);
39 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
40 if (!ADVAPI_IsLocalComputer(ServerName)) \
42 FIXME("Action Implemented for local computer only. " \
43 "Requested for server %s\n", debugstr_w(ServerName)); \
47 static void dumpLsaAttributes(const LSA_OBJECT_ATTRIBUTES
*oa
)
51 TRACE("\n\tlength=%u, rootdir=%p, objectname=%s\n\tattr=0x%08x, sid=%s qos=%p\n",
52 oa
->Length
, oa
->RootDirectory
,
53 oa
->ObjectName
?debugstr_w(oa
->ObjectName
->Buffer
):"null",
54 oa
->Attributes
, debugstr_sid(oa
->SecurityDescriptor
),
55 oa
->SecurityQualityOfService
);
59 static void* ADVAPI_GetDomainName(unsigned sz
, unsigned ofs
)
66 static const WCHAR wVNETSUP
[] = {
67 'S','y','s','t','e','m','\\',
68 'C','u','r','r','e','n','t','C','o','n','t','r','o','l','S','e','t','\\',
69 'S','e','r','v','i','c','e','s','\\',
70 'V','x','D','\\','V','N','E','T','S','U','P','\0'};
72 ret
= RegOpenKeyExW(HKEY_LOCAL_MACHINE
, wVNETSUP
, 0, KEY_READ
, &key
);
73 if (ret
== ERROR_SUCCESS
)
76 static const WCHAR wg
[] = { 'W','o','r','k','g','r','o','u','p',0 };
78 ret
= RegQueryValueExW(key
, wg
, NULL
, NULL
, NULL
, &size
);
79 if (ret
== ERROR_MORE_DATA
|| ret
== ERROR_SUCCESS
)
81 ptr
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sz
+ size
);
82 if (!ptr
) return NULL
;
83 ustr
= (UNICODE_STRING
*)(ptr
+ ofs
);
84 ustr
->MaximumLength
= size
;
85 ustr
->Buffer
= (WCHAR
*)(ptr
+ sz
);
86 ret
= RegQueryValueExW(key
, wg
, NULL
, NULL
, (LPBYTE
)ustr
->Buffer
, &size
);
87 if (ret
!= ERROR_SUCCESS
)
89 HeapFree(GetProcessHeap(), 0, ptr
);
92 else ustr
->Length
= size
- sizeof(WCHAR
);
98 static const WCHAR wDomain
[] = {'D','O','M','A','I','N','\0'};
99 ptr
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
,
100 sz
+ sizeof(wDomain
));
101 if (!ptr
) return NULL
;
102 ustr
= (UNICODE_STRING
*)(ptr
+ ofs
);
103 ustr
->MaximumLength
= sizeof(wDomain
);
104 ustr
->Buffer
= (WCHAR
*)(ptr
+ sz
);
105 ustr
->Length
= sizeof(wDomain
) - sizeof(WCHAR
);
106 memcpy(ustr
->Buffer
, wDomain
, sizeof(wDomain
));
111 /******************************************************************************
112 * LsaAddAccountRights [ADVAPI32.@]
115 NTSTATUS WINAPI
LsaAddAccountRights(
118 PLSA_UNICODE_STRING rights
,
121 FIXME("(%p,%p,%p,0x%08x) stub\n", policy
, sid
, rights
, count
);
122 return STATUS_OBJECT_NAME_NOT_FOUND
;
125 /******************************************************************************
126 * LsaClose [ADVAPI32.@]
128 * Closes a handle to a Policy or TrustedDomain.
131 * ObjectHandle [I] Handle to a Policy or TrustedDomain.
134 * Success: STATUS_SUCCESS.
135 * Failure: NTSTATUS code.
137 NTSTATUS WINAPI
LsaClose(IN LSA_HANDLE ObjectHandle
)
139 FIXME("(%p) stub\n", ObjectHandle
);
140 return STATUS_SUCCESS
;
143 /******************************************************************************
144 * LsaCreateTrustedDomainEx [ADVAPI32.@]
147 NTSTATUS WINAPI
LsaCreateTrustedDomainEx(
149 PTRUSTED_DOMAIN_INFORMATION_EX domain_info
,
150 PTRUSTED_DOMAIN_AUTH_INFORMATION auth_info
,
154 FIXME("(%p,%p,%p,0x%08x,%p) stub\n", policy
, domain_info
, auth_info
,
156 return STATUS_SUCCESS
;
159 /******************************************************************************
160 * LsaDeleteTrustedDomain [ADVAPI32.@]
163 NTSTATUS WINAPI
LsaDeleteTrustedDomain(LSA_HANDLE policy
, PSID sid
)
165 FIXME("(%p,%p) stub\n", policy
, sid
);
166 return STATUS_SUCCESS
;
169 /******************************************************************************
170 * LsaEnumerateAccountRights [ADVAPI32.@]
173 NTSTATUS WINAPI
LsaEnumerateAccountRights(
176 PLSA_UNICODE_STRING
*rights
,
179 FIXME("(%p,%p,%p,%p) stub\n", policy
, sid
, rights
, count
);
182 return STATUS_OBJECT_NAME_NOT_FOUND
;
185 /******************************************************************************
186 * LsaEnumerateAccountsWithUserRight [ADVAPI32.@]
189 NTSTATUS WINAPI
LsaEnumerateAccountsWithUserRight(
191 PLSA_UNICODE_STRING rights
,
195 FIXME("(%p,%p,%p,%p) stub\n", policy
, rights
, buffer
, count
);
196 return STATUS_NO_MORE_ENTRIES
;
199 /******************************************************************************
200 * LsaEnumerateTrustedDomains [ADVAPI32.@]
202 * Returns the names and SIDs of trusted domains.
205 * PolicyHandle [I] Handle to a Policy object.
206 * EnumerationContext [I] Pointer to an enumeration handle.
207 * Buffer [O] Contains the names and SIDs of trusted domains.
208 * PreferredMaximumLength[I] Preferred maximum size in bytes of Buffer.
209 * CountReturned [O] Number of elements in Buffer.
212 * Success: STATUS_SUCCESS,
213 * STATUS_MORE_ENTRIES,
214 * STATUS_NO_MORE_ENTRIES
215 * Failure: NTSTATUS code.
218 * LsaEnumerateTrustedDomains can be called multiple times to enumerate
219 * all trusted domains.
221 NTSTATUS WINAPI
LsaEnumerateTrustedDomains(
222 IN LSA_HANDLE PolicyHandle
,
223 IN PLSA_ENUMERATION_HANDLE EnumerationContext
,
225 IN ULONG PreferredMaximumLength
,
226 OUT PULONG CountReturned
)
228 FIXME("(%p,%p,%p,0x%08x,%p) stub\n", PolicyHandle
, EnumerationContext
,
229 Buffer
, PreferredMaximumLength
, CountReturned
);
231 if (CountReturned
) *CountReturned
= 0;
232 return STATUS_SUCCESS
;
235 /******************************************************************************
236 * LsaEnumerateTrustedDomainsEx [ADVAPI32.@]
239 NTSTATUS WINAPI
LsaEnumerateTrustedDomainsEx(
241 PLSA_ENUMERATION_HANDLE context
,
246 FIXME("(%p,%p,%p,0x%08x,%p) stub\n", policy
, context
, buffer
, length
, count
);
248 if (count
) *count
= 0;
249 return STATUS_SUCCESS
;
252 /******************************************************************************
253 * LsaFreeMemory [ADVAPI32.@]
255 * Frees memory allocated by a LSA function.
258 * Buffer [I] Memory buffer to free.
261 * Success: STATUS_SUCCESS.
262 * Failure: NTSTATUS code.
264 NTSTATUS WINAPI
LsaFreeMemory(IN PVOID Buffer
)
266 TRACE("(%p)\n", Buffer
);
267 return HeapFree(GetProcessHeap(), 0, Buffer
);
270 /******************************************************************************
271 * LsaLookupNames [ADVAPI32.@]
273 * Returns the SIDs of an array of user, group, or local group names.
276 * PolicyHandle [I] Handle to a Policy object.
277 * Count [I] Number of names in Names.
278 * Names [I] Array of names to lookup.
279 * ReferencedDomains [O] Array of domains where the names were found.
280 * Sids [O] Array of SIDs corresponding to Names.
283 * Success: STATUS_SUCCESS,
284 * STATUS_SOME_NOT_MAPPED
285 * Failure: STATUS_NONE_MAPPED or NTSTATUS code.
287 NTSTATUS WINAPI
LsaLookupNames(
288 IN LSA_HANDLE PolicyHandle
,
290 IN PLSA_UNICODE_STRING Names
,
291 OUT PLSA_REFERENCED_DOMAIN_LIST
* ReferencedDomains
,
292 OUT PLSA_TRANSLATED_SID
* Sids
)
294 FIXME("(%p,0x%08x,%p,%p,%p) stub\n", PolicyHandle
, Count
, Names
,
295 ReferencedDomains
, Sids
);
297 return STATUS_NONE_MAPPED
;
300 /******************************************************************************
301 * LsaLookupNames2 [ADVAPI32.@]
304 NTSTATUS WINAPI
LsaLookupNames2(
308 PLSA_UNICODE_STRING names
,
309 PLSA_REFERENCED_DOMAIN_LIST
*domains
,
310 PLSA_TRANSLATED_SID2
*sids
)
312 FIXME("(%p,0x%08x,0x%08x,%p,%p,%p) stub\n", policy
, flags
, count
, names
, domains
, sids
);
313 return STATUS_NONE_MAPPED
;
316 /******************************************************************************
317 * LsaLookupSids [ADVAPI32.@]
319 * Looks up the names that correspond to an array of SIDs.
322 * PolicyHandle [I] Handle to a Policy object.
323 * Count [I] Number of SIDs in the Sids array.
324 * Sids [I] Array of SIDs to lookup.
325 * ReferencedDomains [O] Array of domains where the sids were found.
326 * Names [O] Array of names corresponding to Sids.
329 * Success: STATUS_SUCCESS,
330 * STATUS_SOME_NOT_MAPPED
331 * Failure: STATUS_NONE_MAPPED or NTSTATUS code.
333 NTSTATUS WINAPI
LsaLookupSids(
334 IN LSA_HANDLE PolicyHandle
,
337 OUT PLSA_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
338 OUT PLSA_TRANSLATED_NAME
*Names
)
340 FIXME("(%p,%u,%p,%p,%p) stub\n", PolicyHandle
, Count
, Sids
,
341 ReferencedDomains
, Names
);
343 return STATUS_NONE_MAPPED
;
346 /******************************************************************************
347 * LsaNtStatusToWinError [ADVAPI32.@]
349 * Converts an LSA NTSTATUS code to a Windows error code.
352 * Status [I] NTSTATUS code.
355 * Success: Corresponding Windows error code.
356 * Failure: ERROR_MR_MID_NOT_FOUND.
358 ULONG WINAPI
LsaNtStatusToWinError(NTSTATUS Status
)
360 return RtlNtStatusToDosError(Status
);
363 /******************************************************************************
364 * LsaOpenPolicy [ADVAPI32.@]
366 * Opens a handle to the Policy object on a local or remote system.
369 * SystemName [I] Name of the target system.
370 * ObjectAttributes [I] Connection attributes.
371 * DesiredAccess [I] Requested access rights.
372 * PolicyHandle [I/O] Handle to the Policy object.
375 * Success: STATUS_SUCCESS.
376 * Failure: NTSTATUS code.
379 * Set SystemName to NULL to open the local Policy object.
381 NTSTATUS WINAPI
LsaOpenPolicy(
382 IN PLSA_UNICODE_STRING SystemName
,
383 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes
,
384 IN ACCESS_MASK DesiredAccess
,
385 IN OUT PLSA_HANDLE PolicyHandle
)
387 FIXME("(%s,%p,0x%08x,%p) stub\n",
388 SystemName
?debugstr_w(SystemName
->Buffer
):"(null)",
389 ObjectAttributes
, DesiredAccess
, PolicyHandle
);
391 ADVAPI_ForceLocalComputer(SystemName
? SystemName
->Buffer
: NULL
,
392 STATUS_ACCESS_VIOLATION
);
393 dumpLsaAttributes(ObjectAttributes
);
395 if(PolicyHandle
) *PolicyHandle
= (LSA_HANDLE
)0xcafe;
396 return STATUS_SUCCESS
;
399 /******************************************************************************
400 * LsaOpenTrustedDomainByName [ADVAPI32.@]
403 NTSTATUS WINAPI
LsaOpenTrustedDomainByName(
405 PLSA_UNICODE_STRING name
,
409 FIXME("(%p,%p,0x%08x,%p) stub\n", policy
, name
, access
, handle
);
410 return STATUS_OBJECT_NAME_NOT_FOUND
;
413 /******************************************************************************
414 * LsaQueryInformationPolicy [ADVAPI32.@]
416 * Returns information about a Policy object.
419 * PolicyHandle [I] Handle to a Policy object.
420 * InformationClass [I] Type of information to retrieve.
421 * Buffer [O] Pointer to the requested information.
424 * Success: STATUS_SUCCESS.
425 * Failure: NTSTATUS code.
427 NTSTATUS WINAPI
LsaQueryInformationPolicy(
428 IN LSA_HANDLE PolicyHandle
,
429 IN POLICY_INFORMATION_CLASS InformationClass
,
432 TRACE("(%p,0x%08x,%p)\n", PolicyHandle
, InformationClass
, Buffer
);
434 if(!Buffer
) return STATUS_INVALID_PARAMETER
;
435 switch (InformationClass
)
437 case PolicyAuditEventsInformation
: /* 2 */
439 PPOLICY_AUDIT_EVENTS_INFO p
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
,
440 sizeof(POLICY_AUDIT_EVENTS_INFO
));
441 p
->AuditingMode
= FALSE
; /* no auditing */
445 case PolicyPrimaryDomainInformation
: /* 3 */
447 /* Only the domain name is valid for the local computer.
448 * All other fields are zero.
450 PPOLICY_PRIMARY_DOMAIN_INFO pinfo
;
452 pinfo
= ADVAPI_GetDomainName(sizeof(*pinfo
), offsetof(POLICY_PRIMARY_DOMAIN_INFO
, Name
));
454 TRACE("setting domain to %s\n", debugstr_w(pinfo
->Name
.Buffer
));
459 case PolicyAccountDomainInformation
: /* 5 */
463 POLICY_ACCOUNT_DOMAIN_INFO info
;
466 WCHAR domain
[MAX_COMPUTERNAME_LENGTH
+ 1];
469 DWORD dwSize
= MAX_COMPUTERNAME_LENGTH
+ 1;
470 struct di
* xdi
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sizeof(*xdi
));
472 xdi
->info
.DomainName
.MaximumLength
= dwSize
* sizeof(WCHAR
);
473 xdi
->info
.DomainName
.Buffer
= xdi
->domain
;
474 if (GetComputerNameW(xdi
->info
.DomainName
.Buffer
, &dwSize
))
475 xdi
->info
.DomainName
.Length
= dwSize
* sizeof(WCHAR
);
477 TRACE("setting name to %s\n", debugstr_w(xdi
->info
.DomainName
.Buffer
));
479 xdi
->info
.DomainSid
= &xdi
->sid
;
481 /* read the computer SID from the registry */
482 if (!ADVAPI_GetComputerSid(&xdi
->sid
))
484 HeapFree(GetProcessHeap(), 0, xdi
);
486 WARN("Computer SID not found\n");
488 return STATUS_UNSUCCESSFUL
;
491 TRACE("setting SID to %s\n", debugstr_sid(&xdi
->sid
));
496 case PolicyDnsDomainInformation
: /* 12 (0xc) */
498 /* Only the domain name is valid for the local computer.
499 * All other fields are zero.
501 PPOLICY_DNS_DOMAIN_INFO pinfo
;
503 pinfo
= ADVAPI_GetDomainName(sizeof(*pinfo
), offsetof(POLICY_DNS_DOMAIN_INFO
, Name
));
505 TRACE("setting domain to %s\n", debugstr_w(pinfo
->Name
.Buffer
));
510 case PolicyAuditLogInformation
:
511 case PolicyPdAccountInformation
:
512 case PolicyLsaServerRoleInformation
:
513 case PolicyReplicaSourceInformation
:
514 case PolicyDefaultQuotaInformation
:
515 case PolicyModificationInformation
:
516 case PolicyAuditFullSetInformation
:
517 case PolicyAuditFullQueryInformation
:
519 FIXME("category %d not implemented\n", InformationClass
);
520 return STATUS_UNSUCCESSFUL
;
523 return STATUS_SUCCESS
;
526 /******************************************************************************
527 * LsaQueryTrustedDomainInfo [ADVAPI32.@]
530 NTSTATUS WINAPI
LsaQueryTrustedDomainInfo(
533 TRUSTED_INFORMATION_CLASS
class,
536 FIXME("(%p,%p,%d,%p) stub\n", policy
, sid
, class, buffer
);
537 return STATUS_OBJECT_NAME_NOT_FOUND
;
540 /******************************************************************************
541 * LsaQueryTrustedDomainInfoByName [ADVAPI32.@]
544 NTSTATUS WINAPI
LsaQueryTrustedDomainInfoByName(
546 PLSA_UNICODE_STRING name
,
547 TRUSTED_INFORMATION_CLASS
class,
550 FIXME("(%p,%p,%d,%p) stub\n", policy
, name
, class, buffer
);
551 return STATUS_OBJECT_NAME_NOT_FOUND
;
554 /******************************************************************************
555 * LsaRegisterPolicyChangeNotification [ADVAPI32.@]
558 NTSTATUS WINAPI
LsaRegisterPolicyChangeNotification(
559 POLICY_NOTIFICATION_INFORMATION_CLASS
class,
562 FIXME("(%d,%p) stub\n", class, event
);
563 return STATUS_UNSUCCESSFUL
;
566 /******************************************************************************
567 * LsaRemoveAccountRights [ADVAPI32.@]
570 NTSTATUS WINAPI
LsaRemoveAccountRights(
574 PLSA_UNICODE_STRING rights
,
577 FIXME("(%p,%p,%d,%p,0x%08x) stub\n", policy
, sid
, all
, rights
, count
);
578 return STATUS_SUCCESS
;
581 /******************************************************************************
582 * LsaRetrievePrivateData [ADVAPI32.@]
584 * Retrieves data stored by LsaStorePrivateData.
587 * PolicyHandle [I] Handle to a Policy object.
588 * KeyName [I] Name of the key where the data is stored.
589 * PrivateData [O] Pointer to the private data.
592 * Success: STATUS_SUCCESS.
593 * Failure: STATUS_OBJECT_NAME_NOT_FOUND or NTSTATUS code.
595 NTSTATUS WINAPI
LsaRetrievePrivateData(
596 IN LSA_HANDLE PolicyHandle
,
597 IN PLSA_UNICODE_STRING KeyName
,
598 OUT PLSA_UNICODE_STRING
* PrivateData
)
600 FIXME("(%p,%p,%p) stub\n", PolicyHandle
, KeyName
, PrivateData
);
601 return STATUS_OBJECT_NAME_NOT_FOUND
;
604 /******************************************************************************
605 * LsaSetInformationPolicy [ADVAPI32.@]
607 * Modifies information in a Policy object.
610 * PolicyHandle [I] Handle to a Policy object.
611 * InformationClass [I] Type of information to set.
612 * Buffer [I] Pointer to the information to set.
615 * Success: STATUS_SUCCESS.
616 * Failure: NTSTATUS code.
618 NTSTATUS WINAPI
LsaSetInformationPolicy(
619 IN LSA_HANDLE PolicyHandle
,
620 IN POLICY_INFORMATION_CLASS InformationClass
,
623 FIXME("(%p,0x%08x,%p) stub\n", PolicyHandle
, InformationClass
, Buffer
);
625 return STATUS_UNSUCCESSFUL
;
628 /******************************************************************************
629 * LsaSetSecret [ADVAPI32.@]
631 * Set old and new values on a secret handle
634 * SecretHandle [I] Handle to a secret object.
635 * EncryptedCurrentValue [I] Pointer to encrypted new value, can be NULL
636 * EncryptedOldValue [I] Pointer to encrypted old value, can be NULL
639 * Success: STATUS_SUCCESS
640 * Failure: NTSTATUS code.
642 NTSTATUS WINAPI
LsaSetSecret(
643 IN LSA_HANDLE SecretHandle
,
644 IN PLSA_UNICODE_STRING EncryptedCurrentValue
,
645 IN PLSA_UNICODE_STRING EncryptedOldValue
)
647 FIXME("(%p,%p,%p) stub\n", SecretHandle
, EncryptedCurrentValue
,
649 return STATUS_SUCCESS
;
652 /******************************************************************************
653 * LsaSetTrustedDomainInfoByName [ADVAPI32.@]
656 NTSTATUS WINAPI
LsaSetTrustedDomainInfoByName(
658 PLSA_UNICODE_STRING name
,
659 TRUSTED_INFORMATION_CLASS
class,
662 FIXME("(%p,%p,%d,%p) stub\n", policy
, name
, class, buffer
);
663 return STATUS_SUCCESS
;
666 /******************************************************************************
667 * LsaSetTrustedDomainInformation [ADVAPI32.@]
670 NTSTATUS WINAPI
LsaSetTrustedDomainInformation(
673 TRUSTED_INFORMATION_CLASS
class,
676 FIXME("(%p,%p,%d,%p) stub\n", policy
, sid
, class, buffer
);
677 return STATUS_SUCCESS
;
680 /******************************************************************************
681 * LsaStorePrivateData [ADVAPI32.@]
683 * Stores or deletes a Policy object's data under the specified reg key.
686 * PolicyHandle [I] Handle to a Policy object.
687 * KeyName [I] Name of the key where the data will be stored.
688 * PrivateData [O] Pointer to the private data.
691 * Success: STATUS_SUCCESS.
692 * Failure: STATUS_OBJECT_NAME_NOT_FOUND or NTSTATUS code.
694 NTSTATUS WINAPI
LsaStorePrivateData(
695 IN LSA_HANDLE PolicyHandle
,
696 IN PLSA_UNICODE_STRING KeyName
,
697 IN PLSA_UNICODE_STRING PrivateData
)
699 FIXME("(%p,%p,%p) stub\n", PolicyHandle
, KeyName
, PrivateData
);
700 return STATUS_OBJECT_NAME_NOT_FOUND
;
703 /******************************************************************************
704 * LsaUnregisterPolicyChangeNotification [ADVAPI32.@]
707 NTSTATUS WINAPI
LsaUnregisterPolicyChangeNotification(
708 POLICY_NOTIFICATION_INFORMATION_CLASS
class,
711 FIXME("(%d,%p) stub\n", class, event
);
712 return STATUS_SUCCESS
;