2 * Implementation of the Local Security Authority API
4 * Copyright 1999 Juergen Schmied
5 * Copyright 2002 Andriy Palamarchuk
6 * Copyright 2004 Mike McCormack
7 * Copyright 2005 Hans Leidekker
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
27 #define WIN32_NO_STATUS
33 #include "advapi32_misc.h"
35 #include "wine/debug.h"
37 WINE_DEFAULT_DEBUG_CHANNEL(advapi
);
39 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
40 if (!ADVAPI_IsLocalComputer(ServerName)) \
42 FIXME("Action Implemented for local computer only. " \
43 "Requested for server %s\n", debugstr_w(ServerName)); \
47 static void dumpLsaAttributes(PLSA_OBJECT_ATTRIBUTES oa
)
51 TRACE("\n\tlength=%u, rootdir=%p, objectname=%s\n\tattr=0x%08x, sid=%s qos=%p\n",
52 oa
->Length
, oa
->RootDirectory
,
53 oa
->ObjectName
?debugstr_w(oa
->ObjectName
->Buffer
):"null",
54 oa
->Attributes
, debugstr_sid(oa
->SecurityDescriptor
),
55 oa
->SecurityQualityOfService
);
59 static void* ADVAPI_GetDomainName(unsigned sz
, unsigned ofs
)
62 BOOL useDefault
= TRUE
;
67 static const WCHAR wVNETSUP
[] = {
68 'S','y','s','t','e','m','\\',
69 'C','u','r','r','e','n','t','C','o','n','t','r','o','l','S','e','t','\\',
70 'S','e','r','v','i','c','e','s','\\',
71 'V','x','D','\\','V','N','E','T','S','U','P','\0'};
73 ret
= RegOpenKeyExW(HKEY_LOCAL_MACHINE
, wVNETSUP
, 0, KEY_READ
, &key
);
74 if (ret
== ERROR_SUCCESS
)
77 static const WCHAR wg
[] = { 'W','o','r','k','g','r','o','u','p',0 };
79 ret
= RegQueryValueExW(key
, wg
, NULL
, NULL
, NULL
, &size
);
80 if (ret
== ERROR_MORE_DATA
|| ret
== ERROR_SUCCESS
)
82 ptr
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sz
+ size
);
83 if (!ptr
) return NULL
;
84 ustr
= (UNICODE_STRING
*)(ptr
+ ofs
);
85 ustr
->MaximumLength
= size
;
86 ustr
->Buffer
= (WCHAR
*)(ptr
+ sz
);
87 if ((ret
= RegQueryValueExW(key
, wg
, NULL
, NULL
,
88 (LPBYTE
)ustr
->Buffer
, &size
)) == ERROR_SUCCESS
)
90 ustr
->Length
= (USHORT
)(size
- sizeof(WCHAR
));
94 HeapFree(GetProcessHeap(), 0, ptr
);
100 static const WCHAR wDomain
[] = {'D','O','M','A','I','N','\0'};
101 ptr
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
,
102 sz
+ sizeof(wDomain
));
103 ustr
= (UNICODE_STRING
*)(ptr
+ ofs
);
104 ustr
->MaximumLength
= sizeof(wDomain
);
105 ustr
->Buffer
= (WCHAR
*)(ptr
+ sz
);
106 ustr
->Length
= (USHORT
)(sizeof(wDomain
) - sizeof(WCHAR
));
107 memcpy(ustr
->Buffer
, wDomain
, sizeof(wDomain
));
112 /******************************************************************************
113 * LsaAddAccountRights [ADVAPI32.@]
116 NTSTATUS WINAPI
LsaAddAccountRights(
119 PLSA_UNICODE_STRING rights
,
122 FIXME("(%p,%p,%p,0x%08x) stub\n", policy
, sid
, rights
, count
);
123 return STATUS_OBJECT_NAME_NOT_FOUND
;
126 /******************************************************************************
127 * LsaClose [ADVAPI32.@]
129 * Closes a handle to a Policy or TrustedDomain.
132 * ObjectHandle [I] Handle to a Policy or TrustedDomain.
135 * Success: STATUS_SUCCESS.
136 * Failure: NTSTATUS code.
138 NTSTATUS WINAPI
LsaClose(IN LSA_HANDLE ObjectHandle
)
140 FIXME("(%p) stub\n", ObjectHandle
);
141 return STATUS_SUCCESS
;
144 /******************************************************************************
145 * LsaCreateTrustedDomainEx [ADVAPI32.@]
148 NTSTATUS WINAPI
LsaCreateTrustedDomainEx(
150 PTRUSTED_DOMAIN_INFORMATION_EX domain_info
,
151 PTRUSTED_DOMAIN_AUTH_INFORMATION auth_info
,
155 FIXME("(%p,%p,%p,0x%08x,%p) stub\n", policy
, domain_info
, auth_info
,
157 return STATUS_SUCCESS
;
160 /******************************************************************************
161 * LsaDeleteTrustedDomain [ADVAPI32.@]
164 NTSTATUS WINAPI
LsaDeleteTrustedDomain(LSA_HANDLE policy
, PSID sid
)
166 FIXME("(%p,%p) stub\n", policy
, sid
);
167 return STATUS_SUCCESS
;
170 /******************************************************************************
171 * LsaEnumerateAccountRights [ADVAPI32.@]
174 NTSTATUS WINAPI
LsaEnumerateAccountRights(
177 PLSA_UNICODE_STRING
*rights
,
180 FIXME("(%p,%p,%p,%p) stub\n", policy
, sid
, rights
, count
);
181 return STATUS_OBJECT_NAME_NOT_FOUND
;
184 /******************************************************************************
185 * LsaEnumerateAccountsWithUserRight [ADVAPI32.@]
188 NTSTATUS WINAPI
LsaEnumerateAccountsWithUserRight(
190 PLSA_UNICODE_STRING rights
,
194 FIXME("(%p,%p,%p,%p) stub\n", policy
, rights
, buffer
, count
);
195 return STATUS_NO_MORE_ENTRIES
;
198 /******************************************************************************
199 * LsaEnumerateTrustedDomains [ADVAPI32.@]
201 * Returns the names and SIDs of trusted domains.
204 * PolicyHandle [I] Handle to a Policy object.
205 * EnumerationContext [I] Pointer to an enumeration handle.
206 * Buffer [O] Contains the names and SIDs of trusted domains.
207 * PreferredMaximumLength[I] Preferred maximum size in bytes of Buffer.
208 * CountReturned [O] Number of elements in Buffer.
211 * Success: STATUS_SUCCESS,
212 * STATUS_MORE_ENTRIES,
213 * STATUS_NO_MORE_ENTRIES
214 * Failure: NTSTATUS code.
217 * LsaEnumerateTrustedDomains can be called multiple times to enumerate
218 * all trusted domains.
220 NTSTATUS WINAPI
LsaEnumerateTrustedDomains(
221 IN LSA_HANDLE PolicyHandle
,
222 IN PLSA_ENUMERATION_HANDLE EnumerationContext
,
224 IN ULONG PreferredMaximumLength
,
225 OUT PULONG CountReturned
)
227 FIXME("(%p,%p,%p,0x%08x,%p) stub\n", PolicyHandle
, EnumerationContext
,
228 Buffer
, PreferredMaximumLength
, CountReturned
);
230 if (CountReturned
) *CountReturned
= 0;
231 return STATUS_SUCCESS
;
234 /******************************************************************************
235 * LsaEnumerateTrustedDomainsEx [ADVAPI32.@]
238 NTSTATUS WINAPI
LsaEnumerateTrustedDomainsEx(
240 PLSA_ENUMERATION_HANDLE context
,
245 FIXME("(%p,%p,%p,0x%08x,%p) stub\n", policy
, context
, buffer
, length
, count
);
247 if (count
) *count
= 0;
248 return STATUS_SUCCESS
;
251 /******************************************************************************
252 * LsaFreeMemory [ADVAPI32.@]
254 * Frees memory allocated by a LSA function.
257 * Buffer [I] Memory buffer to free.
260 * Success: STATUS_SUCCESS.
261 * Failure: NTSTATUS code.
263 NTSTATUS WINAPI
LsaFreeMemory(IN PVOID Buffer
)
265 TRACE("(%p)\n", Buffer
);
266 return HeapFree(GetProcessHeap(), 0, Buffer
);
269 /******************************************************************************
270 * LsaLookupNames [ADVAPI32.@]
272 * Returns the SIDs of an array of user, group, or local group names.
275 * PolicyHandle [I] Handle to a Policy object.
276 * Count [I] Number of names in Names.
277 * Names [I] Array of names to lookup.
278 * ReferencedDomains [O] Array of domains where the names were found.
279 * Sids [O] Array of SIDs corresponding to Names.
282 * Success: STATUS_SUCCESS,
283 * STATUS_SOME_NOT_MAPPED
284 * Failure: STATUS_NONE_MAPPED or NTSTATUS code.
286 NTSTATUS WINAPI
LsaLookupNames(
287 IN LSA_HANDLE PolicyHandle
,
289 IN PLSA_UNICODE_STRING Names
,
290 OUT PLSA_REFERENCED_DOMAIN_LIST
* ReferencedDomains
,
291 OUT PLSA_TRANSLATED_SID
* Sids
)
293 FIXME("(%p,0x%08x,%p,%p,%p) stub\n", PolicyHandle
, Count
, Names
,
294 ReferencedDomains
, Sids
);
296 return STATUS_NONE_MAPPED
;
299 /******************************************************************************
300 * LsaLookupNames2 [ADVAPI32.@]
303 NTSTATUS WINAPI
LsaLookupNames2(
307 PLSA_UNICODE_STRING names
,
308 PLSA_REFERENCED_DOMAIN_LIST
*domains
,
309 PLSA_TRANSLATED_SID2
*sids
)
311 FIXME("(%p,0x%08x,0x%08x,%p,%p,%p) stub\n", policy
, flags
, count
, names
, domains
, sids
);
312 return STATUS_NONE_MAPPED
;
315 /******************************************************************************
316 * LsaLookupSids [ADVAPI32.@]
318 * Looks up the names that correspond to an array of SIDs.
321 * PolicyHandle [I] Handle to a Policy object.
322 * Count [I] Number of SIDs in the Sids array.
323 * Sids [I] Array of SIDs to lookup.
324 * ReferencedDomains [O] Array of domains where the sids were found.
325 * Names [O] Array of names corresponding to Sids.
328 * Success: STATUS_SUCCESS,
329 * STATUS_SOME_NOT_MAPPED
330 * Failure: STATUS_NONE_MAPPED or NTSTATUS code.
332 NTSTATUS WINAPI
LsaLookupSids(
333 IN LSA_HANDLE PolicyHandle
,
336 OUT PLSA_REFERENCED_DOMAIN_LIST
*ReferencedDomains
,
337 OUT PLSA_TRANSLATED_NAME
*Names
)
339 FIXME("(%p,%u,%p,%p,%p) stub\n", PolicyHandle
, Count
, Sids
,
340 ReferencedDomains
, Names
);
342 return STATUS_NONE_MAPPED
;
345 /******************************************************************************
346 * LsaNtStatusToWinError [ADVAPI32.@]
348 * Converts an LSA NTSTATUS code to a Windows error code.
351 * Status [I] NTSTATUS code.
354 * Success: Corresponding Windows error code.
355 * Failure: ERROR_MR_MID_NOT_FOUND.
357 ULONG WINAPI
LsaNtStatusToWinError(NTSTATUS Status
)
359 return RtlNtStatusToDosError(Status
);
362 /******************************************************************************
363 * LsaOpenPolicy [ADVAPI32.@]
365 * Opens a handle to the Policy object on a local or remote system.
368 * SystemName [I] Name of the target system.
369 * ObjectAttributes [I] Connection attributes.
370 * DesiredAccess [I] Requested access rights.
371 * PolicyHandle [I/O] Handle to the Policy object.
374 * Success: STATUS_SUCCESS.
375 * Failure: NTSTATUS code.
378 * Set SystemName to NULL to open the local Policy object.
380 NTSTATUS WINAPI
LsaOpenPolicy(
381 IN PLSA_UNICODE_STRING SystemName
,
382 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes
,
383 IN ACCESS_MASK DesiredAccess
,
384 IN OUT PLSA_HANDLE PolicyHandle
)
386 FIXME("(%s,%p,0x%08x,%p) stub\n",
387 SystemName
?debugstr_w(SystemName
->Buffer
):"(null)",
388 ObjectAttributes
, DesiredAccess
, PolicyHandle
);
390 ADVAPI_ForceLocalComputer(SystemName
? SystemName
->Buffer
: NULL
,
391 STATUS_ACCESS_VIOLATION
);
392 dumpLsaAttributes(ObjectAttributes
);
394 if(PolicyHandle
) *PolicyHandle
= (LSA_HANDLE
)0xcafe;
395 return STATUS_SUCCESS
;
398 /******************************************************************************
399 * LsaOpenTrustedDomainByName [ADVAPI32.@]
402 NTSTATUS WINAPI
LsaOpenTrustedDomainByName(
404 PLSA_UNICODE_STRING name
,
408 FIXME("(%p,%p,0x%08x,%p) stub\n", policy
, name
, access
, handle
);
409 return STATUS_OBJECT_NAME_NOT_FOUND
;
412 /******************************************************************************
413 * LsaQueryInformationPolicy [ADVAPI32.@]
415 * Returns information about a Policy object.
418 * PolicyHandle [I] Handle to a Policy object.
419 * InformationClass [I] Type of information to retrieve.
420 * Buffer [O] Pointer to the requested information.
423 * Success: STATUS_SUCCESS.
424 * Failure: NTSTATUS code.
426 NTSTATUS WINAPI
LsaQueryInformationPolicy(
427 IN LSA_HANDLE PolicyHandle
,
428 IN POLICY_INFORMATION_CLASS InformationClass
,
431 TRACE("(%p,0x%08x,%p)\n", PolicyHandle
, InformationClass
, Buffer
);
433 if(!Buffer
) return STATUS_INVALID_PARAMETER
;
434 switch (InformationClass
)
436 case PolicyAuditEventsInformation
: /* 2 */
438 PPOLICY_AUDIT_EVENTS_INFO p
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
,
439 sizeof(POLICY_AUDIT_EVENTS_INFO
));
440 p
->AuditingMode
= FALSE
; /* no auditing */
444 case PolicyPrimaryDomainInformation
: /* 3 */
446 /* Only the domain name is valid for the local computer.
447 * All other fields are zero.
449 PPOLICY_PRIMARY_DOMAIN_INFO pinfo
;
450 pinfo
= ADVAPI_GetDomainName(sizeof(*pinfo
), (char*)&pinfo
->Name
- (char*)pinfo
);
452 TRACE("setting domain to %s\n", debugstr_w(pinfo
->Name
.Buffer
));
457 case PolicyAccountDomainInformation
: /* 5 */
461 POLICY_ACCOUNT_DOMAIN_INFO info
;
464 WCHAR domain
[MAX_COMPUTERNAME_LENGTH
+ 1];
467 DWORD dwSize
= MAX_COMPUTERNAME_LENGTH
+ 1;
468 struct di
* xdi
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sizeof(*xdi
));
470 xdi
->info
.DomainName
.MaximumLength
= dwSize
* sizeof(WCHAR
);
471 xdi
->info
.DomainName
.Buffer
= xdi
->domain
;
472 if (GetComputerNameW(xdi
->info
.DomainName
.Buffer
, &dwSize
))
473 xdi
->info
.DomainName
.Length
= dwSize
* sizeof(WCHAR
);
475 TRACE("setting name to %s\n", debugstr_w(xdi
->info
.DomainName
.Buffer
));
477 xdi
->info
.DomainSid
= &xdi
->sid
;
479 /* read the computer SID from the registry */
480 if (!ADVAPI_GetComputerSid(&xdi
->sid
))
482 HeapFree(GetProcessHeap(), 0, xdi
);
484 WARN("Computer SID not found\n");
486 return STATUS_UNSUCCESSFUL
;
489 TRACE("setting SID to %s\n", debugstr_sid(&xdi
->sid
));
494 case PolicyDnsDomainInformation
: /* 12 (0xc) */
496 /* Only the domain name is valid for the local computer.
497 * All other fields are zero.
499 PPOLICY_DNS_DOMAIN_INFO pinfo
;
501 pinfo
= ADVAPI_GetDomainName(sizeof(*pinfo
), (char*)&pinfo
->Name
- (char*)pinfo
);
503 TRACE("setting domain to %s\n", debugstr_w(pinfo
->Name
.Buffer
));
508 case PolicyAuditLogInformation
:
509 case PolicyPdAccountInformation
:
510 case PolicyLsaServerRoleInformation
:
511 case PolicyReplicaSourceInformation
:
512 case PolicyDefaultQuotaInformation
:
513 case PolicyModificationInformation
:
514 case PolicyAuditFullSetInformation
:
515 case PolicyAuditFullQueryInformation
:
517 FIXME("category %d not implemented\n", InformationClass
);
518 return STATUS_UNSUCCESSFUL
;
521 return STATUS_SUCCESS
;
524 /******************************************************************************
525 * LsaQueryTrustedDomainInfo [ADVAPI32.@]
528 NTSTATUS WINAPI
LsaQueryTrustedDomainInfo(
531 TRUSTED_INFORMATION_CLASS
class,
534 FIXME("(%p,%p,%d,%p) stub\n", policy
, sid
, class, buffer
);
535 return STATUS_OBJECT_NAME_NOT_FOUND
;
538 /******************************************************************************
539 * LsaQueryTrustedDomainInfoByName [ADVAPI32.@]
542 NTSTATUS WINAPI
LsaQueryTrustedDomainInfoByName(
544 PLSA_UNICODE_STRING name
,
545 TRUSTED_INFORMATION_CLASS
class,
548 FIXME("(%p,%p,%d,%p) stub\n", policy
, name
, class, buffer
);
549 return STATUS_OBJECT_NAME_NOT_FOUND
;
552 /******************************************************************************
553 * LsaRegisterPolicyChangeNotification [ADVAPI32.@]
556 NTSTATUS WINAPI
LsaRegisterPolicyChangeNotification(
557 POLICY_NOTIFICATION_INFORMATION_CLASS
class,
560 FIXME("(%d,%p) stub\n", class, event
);
561 return STATUS_UNSUCCESSFUL
;
564 /******************************************************************************
565 * LsaRemoveAccountRights [ADVAPI32.@]
568 NTSTATUS WINAPI
LsaRemoveAccountRights(
572 PLSA_UNICODE_STRING rights
,
575 FIXME("(%p,%p,%d,%p,0x%08x) stub\n", policy
, sid
, all
, rights
, count
);
576 return STATUS_SUCCESS
;
579 /******************************************************************************
580 * LsaRetrievePrivateData [ADVAPI32.@]
582 * Retrieves data stored by LsaStorePrivateData.
585 * PolicyHandle [I] Handle to a Policy object.
586 * KeyName [I] Name of the key where the data is stored.
587 * PrivateData [O] Pointer to the private data.
590 * Success: STATUS_SUCCESS.
591 * Failure: STATUS_OBJECT_NAME_NOT_FOUND or NTSTATUS code.
593 NTSTATUS WINAPI
LsaRetrievePrivateData(
594 IN LSA_HANDLE PolicyHandle
,
595 IN PLSA_UNICODE_STRING KeyName
,
596 OUT PLSA_UNICODE_STRING
* PrivateData
)
598 FIXME("(%p,%p,%p) stub\n", PolicyHandle
, KeyName
, PrivateData
);
599 return STATUS_OBJECT_NAME_NOT_FOUND
;
602 /******************************************************************************
603 * LsaSetInformationPolicy [ADVAPI32.@]
605 * Modifies information in a Policy object.
608 * PolicyHandle [I] Handle to a Policy object.
609 * InformationClass [I] Type of information to set.
610 * Buffer [I] Pointer to the information to set.
613 * Success: STATUS_SUCCESS.
614 * Failure: NTSTATUS code.
616 NTSTATUS WINAPI
LsaSetInformationPolicy(
617 IN LSA_HANDLE PolicyHandle
,
618 IN POLICY_INFORMATION_CLASS InformationClass
,
621 FIXME("(%p,0x%08x,%p) stub\n", PolicyHandle
, InformationClass
, Buffer
);
623 return STATUS_UNSUCCESSFUL
;
626 /******************************************************************************
627 * LsaSetTrustedDomainInfoByName [ADVAPI32.@]
630 NTSTATUS WINAPI
LsaSetTrustedDomainInfoByName(
632 PLSA_UNICODE_STRING name
,
633 TRUSTED_INFORMATION_CLASS
class,
636 FIXME("(%p,%p,%d,%p) stub\n", policy
, name
, class, buffer
);
637 return STATUS_SUCCESS
;
640 /******************************************************************************
641 * LsaSetTrustedDomainInformation [ADVAPI32.@]
644 NTSTATUS WINAPI
LsaSetTrustedDomainInformation(
647 TRUSTED_INFORMATION_CLASS
class,
650 FIXME("(%p,%p,%d,%p) stub\n", policy
, sid
, class, buffer
);
651 return STATUS_SUCCESS
;
654 /******************************************************************************
655 * LsaStorePrivateData [ADVAPI32.@]
657 * Stores or deletes a Policy object's data under the specified reg key.
660 * PolicyHandle [I] Handle to a Policy object.
661 * KeyName [I] Name of the key where the data will be stored.
662 * PrivateData [O] Pointer to the private data.
665 * Success: STATUS_SUCCESS.
666 * Failure: STATUS_OBJECT_NAME_NOT_FOUND or NTSTATUS code.
668 NTSTATUS WINAPI
LsaStorePrivateData(
669 IN LSA_HANDLE PolicyHandle
,
670 IN PLSA_UNICODE_STRING KeyName
,
671 IN PLSA_UNICODE_STRING PrivateData
)
673 FIXME("(%p,%p,%p) stub\n", PolicyHandle
, KeyName
, PrivateData
);
674 return STATUS_OBJECT_NAME_NOT_FOUND
;
677 /******************************************************************************
678 * LsaUnregisterPolicyChangeNotification [ADVAPI32.@]
681 NTSTATUS WINAPI
LsaUnregisterPolicyChangeNotification(
682 POLICY_NOTIFICATION_INFORMATION_CLASS
class,
685 FIXME("(%d,%p) stub\n", class, event
);
686 return STATUS_SUCCESS
;