2 * Implementation of the Local Security Authority API
4 * Copyright 1999 Juergen Schmied
5 * Copyright 2002 Andriy Palamarchuk
6 * Copyright 2004 Mike McCormack
7 * Copyright 2005 Hans Leidekker
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
27 #define WIN32_NO_STATUS
33 #include "advapi32_misc.h"
35 #include "wine/debug.h"
37 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
39 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
40 if (!ADVAPI_IsLocalComputer(ServerName)) \
42 FIXME("Action Implemented for local computer only. " \
43 "Requested for server %s\n", debugstr_w(ServerName)); \
47 static void dumpLsaAttributes(PLSA_OBJECT_ATTRIBUTES oa)
51 TRACE("\n\tlength=%u, rootdir=%p, objectname=%s\n\tattr=0x%08x, sid=%s qos=%p\n",
52 oa->Length, oa->RootDirectory,
53 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
54 oa->Attributes, debugstr_sid(oa->SecurityDescriptor),
55 oa->SecurityQualityOfService);
59 static void ADVAPI_GetDomainName(UNICODE_STRING * name)
62 BOOL useDefault = TRUE;
65 if ((ret = RegOpenKeyExA(HKEY_LOCAL_MACHINE,
66 "System\\CurrentControlSet\\Services\\VxD\\VNETSUP", 0,
67 KEY_READ, &key)) == ERROR_SUCCESS)
70 static const WCHAR wg[] = { 'W','o','r','k','g','r','o','u','p',0 };
72 ret = RegQueryValueExW(key, wg, NULL, NULL, NULL, &size);
73 if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS)
75 name->Buffer = HeapAlloc(GetProcessHeap(),
76 HEAP_ZERO_MEMORY, size);
78 if ((ret = RegQueryValueExW(key, wg, NULL, NULL,
79 (LPBYTE)name->Buffer, &size)) == ERROR_SUCCESS)
81 name->Length = (USHORT)(size - sizeof(WCHAR));
82 name->MaximumLength = (USHORT)size;
87 HeapFree(GetProcessHeap(), 0, name->Buffer);
94 RtlCreateUnicodeStringFromAsciiz(name, "DOMAIN");
97 /******************************************************************************
98 * LsaAddAccountRights [ADVAPI32.@]
101 NTSTATUS WINAPI LsaAddAccountRights(
104 PLSA_UNICODE_STRING rights,
107 FIXME("(%p,%p,%p,0x%08x) stub\n", policy, sid, rights, count);
108 return STATUS_OBJECT_NAME_NOT_FOUND;
111 /******************************************************************************
112 * LsaClose [ADVAPI32.@]
114 * Closes a handle to a Policy or TrustedDomain.
117 * ObjectHandle [I] Handle to a Policy or TrustedDomain.
120 * Success: STATUS_SUCCESS.
121 * Failure: NTSTATUS code.
123 NTSTATUS WINAPI LsaClose(IN LSA_HANDLE ObjectHandle)
125 FIXME("(%p) stub\n", ObjectHandle);
126 return STATUS_SUCCESS;
129 /******************************************************************************
130 * LsaCreateTrustedDomainEx [ADVAPI32.@]
133 NTSTATUS WINAPI LsaCreateTrustedDomainEx(
135 PTRUSTED_DOMAIN_INFORMATION_EX domain_info,
136 PTRUSTED_DOMAIN_AUTH_INFORMATION auth_info,
140 FIXME("(%p,%p,%p,0x%08x,%p) stub\n", policy, domain_info, auth_info,
142 return STATUS_SUCCESS;
145 /******************************************************************************
146 * LsaDeleteTrustedDomain [ADVAPI32.@]
149 NTSTATUS WINAPI LsaDeleteTrustedDomain(LSA_HANDLE policy, PSID sid)
151 FIXME("(%p,%p) stub\n", policy, sid);
152 return STATUS_SUCCESS;
155 /******************************************************************************
156 * LsaEnumerateAccountRights [ADVAPI32.@]
159 NTSTATUS WINAPI LsaEnumerateAccountRights(
162 PLSA_UNICODE_STRING *rights,
165 FIXME("(%p,%p,%p,%p) stub\n", policy, sid, rights, count);
166 return STATUS_OBJECT_NAME_NOT_FOUND;
169 /******************************************************************************
170 * LsaEnumerateAccountsWithUserRight [ADVAPI32.@]
173 NTSTATUS WINAPI LsaEnumerateAccountsWithUserRight(
175 PLSA_UNICODE_STRING rights,
179 FIXME("(%p,%p,%p,%p) stub\n", policy, rights, buffer, count);
180 return STATUS_NO_MORE_ENTRIES;
183 /******************************************************************************
184 * LsaEnumerateTrustedDomains [ADVAPI32.@]
186 * Returns the names and SIDs of trusted domains.
189 * PolicyHandle [I] Handle to a Policy object.
190 * EnumerationContext [I] Pointer to an enumeration handle.
191 * Buffer [O] Contains the names and SIDs of trusted domains.
192 * PreferredMaximumLength[I] Preferred maximum size in bytes of Buffer.
193 * CountReturned [O] Number of elements in Buffer.
196 * Success: STATUS_SUCCESS,
197 * STATUS_MORE_ENTRIES,
198 * STATUS_NO_MORE_ENTRIES
199 * Failure: NTSTATUS code.
202 * LsaEnumerateTrustedDomains can be called multiple times to enumerate
203 * all trusted domains.
205 NTSTATUS WINAPI LsaEnumerateTrustedDomains(
206 IN LSA_HANDLE PolicyHandle,
207 IN PLSA_ENUMERATION_HANDLE EnumerationContext,
209 IN ULONG PreferredMaximumLength,
210 OUT PULONG CountReturned)
212 FIXME("(%p,%p,%p,0x%08x,%p) stub\n", PolicyHandle, EnumerationContext,
213 Buffer, PreferredMaximumLength, CountReturned);
215 if (CountReturned) *CountReturned = 0;
216 return STATUS_SUCCESS;
219 /******************************************************************************
220 * LsaEnumerateTrustedDomainsEx [ADVAPI32.@]
223 NTSTATUS WINAPI LsaEnumerateTrustedDomainsEx(
225 PLSA_ENUMERATION_HANDLE context,
230 FIXME("(%p,%p,%p,0x%08x,%p) stub\n", policy, context, buffer, length, count);
232 if (count) *count = 0;
233 return STATUS_SUCCESS;
236 /******************************************************************************
237 * LsaFreeMemory [ADVAPI32.@]
239 * Frees memory allocated by a LSA function.
242 * Buffer [I] Memory buffer to free.
245 * Success: STATUS_SUCCESS.
246 * Failure: NTSTATUS code.
248 NTSTATUS WINAPI LsaFreeMemory(IN PVOID Buffer)
250 TRACE("(%p)\n", Buffer);
251 return HeapFree(GetProcessHeap(), 0, Buffer);
254 /******************************************************************************
255 * LsaLookupNames [ADVAPI32.@]
257 * Returns the SIDs of an array of user, group, or local group names.
260 * PolicyHandle [I] Handle to a Policy object.
261 * Count [I] Number of names in Names.
262 * Names [I] Array of names to lookup.
263 * ReferencedDomains [O] Array of domains where the names were found.
264 * Sids [O] Array of SIDs corresponding to Names.
267 * Success: STATUS_SUCCESS,
268 * STATUS_SOME_NOT_MAPPED
269 * Failure: STATUS_NONE_MAPPED or NTSTATUS code.
271 NTSTATUS WINAPI LsaLookupNames(
272 IN LSA_HANDLE PolicyHandle,
274 IN PLSA_UNICODE_STRING Names,
275 OUT PLSA_REFERENCED_DOMAIN_LIST* ReferencedDomains,
276 OUT PLSA_TRANSLATED_SID* Sids)
278 FIXME("(%p,0x%08x,%p,%p,%p) stub\n", PolicyHandle, Count, Names,
279 ReferencedDomains, Sids);
281 return STATUS_NONE_MAPPED;
284 /******************************************************************************
285 * LsaLookupNames2 [ADVAPI32.@]
288 NTSTATUS WINAPI LsaLookupNames2(
292 PLSA_UNICODE_STRING names,
293 PLSA_REFERENCED_DOMAIN_LIST *domains,
294 PLSA_TRANSLATED_SID2 *sids)
296 FIXME("(%p,0x%08x,0x%08x,%p,%p,%p) stub\n", policy, flags, count, names, domains, sids);
297 return STATUS_NONE_MAPPED;
300 /******************************************************************************
301 * LsaLookupSids [ADVAPI32.@]
303 * Looks up the names that correspond to an array of SIDs.
306 * PolicyHandle [I] Handle to a Policy object.
307 * Count [I] Number of SIDs in the Sids array.
308 * Sids [I] Array of SIDs to lookup.
309 * ReferencedDomains [O] Array of domains where the sids were found.
310 * Names [O] Array of names corresponding to Sids.
313 * Success: STATUS_SUCCESS,
314 * STATUS_SOME_NOT_MAPPED
315 * Failure: STATUS_NONE_MAPPED or NTSTATUS code.
317 NTSTATUS WINAPI LsaLookupSids(
318 IN LSA_HANDLE PolicyHandle,
321 OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
322 OUT PLSA_TRANSLATED_NAME *Names )
324 FIXME("(%p,%u,%p,%p,%p) stub\n", PolicyHandle, Count, Sids,
325 ReferencedDomains, Names);
327 return STATUS_NONE_MAPPED;
330 /******************************************************************************
331 * LsaNtStatusToWinError [ADVAPI32.@]
333 * Converts an LSA NTSTATUS code to a Windows error code.
336 * Status [I] NTSTATUS code.
339 * Success: Corresponding Windows error code.
340 * Failure: ERROR_MR_MID_NOT_FOUND.
342 ULONG WINAPI LsaNtStatusToWinError(NTSTATUS Status)
344 return RtlNtStatusToDosError(Status);
347 /******************************************************************************
348 * LsaOpenPolicy [ADVAPI32.@]
350 * Opens a handle to the Policy object on a local or remote system.
353 * SystemName [I] Name of the target system.
354 * ObjectAttributes [I] Connection attributes.
355 * DesiredAccess [I] Requested access rights.
356 * PolicyHandle [I/O] Handle to the Policy object.
359 * Success: STATUS_SUCCESS.
360 * Failure: NTSTATUS code.
363 * Set SystemName to NULL to open the local Policy object.
365 NTSTATUS WINAPI LsaOpenPolicy(
366 IN PLSA_UNICODE_STRING SystemName,
367 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
368 IN ACCESS_MASK DesiredAccess,
369 IN OUT PLSA_HANDLE PolicyHandle)
371 FIXME("(%s,%p,0x%08x,%p) stub\n",
372 SystemName?debugstr_w(SystemName->Buffer):"(null)",
373 ObjectAttributes, DesiredAccess, PolicyHandle);
375 ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
376 STATUS_ACCESS_VIOLATION);
377 dumpLsaAttributes(ObjectAttributes);
379 if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
380 return STATUS_SUCCESS;
383 /******************************************************************************
384 * LsaOpenTrustedDomainByName [ADVAPI32.@]
387 NTSTATUS WINAPI LsaOpenTrustedDomainByName(
389 PLSA_UNICODE_STRING name,
393 FIXME("(%p,%p,0x%08x,%p) stub\n", policy, name, access, handle);
394 return STATUS_OBJECT_NAME_NOT_FOUND;
397 /******************************************************************************
398 * LsaQueryInformationPolicy [ADVAPI32.@]
400 * Returns information about a Policy object.
403 * PolicyHandle [I] Handle to a Policy object.
404 * InformationClass [I] Type of information to retrieve.
405 * Buffer [O] Pointer to the requested information.
408 * Success: STATUS_SUCCESS.
409 * Failure: NTSTATUS code.
411 NTSTATUS WINAPI LsaQueryInformationPolicy(
412 IN LSA_HANDLE PolicyHandle,
413 IN POLICY_INFORMATION_CLASS InformationClass,
416 TRACE("(%p,0x%08x,%p)\n", PolicyHandle, InformationClass, Buffer);
418 if(!Buffer) return STATUS_INVALID_PARAMETER;
419 switch (InformationClass)
421 case PolicyAuditEventsInformation: /* 2 */
423 PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,
424 sizeof(POLICY_AUDIT_EVENTS_INFO));
425 p->AuditingMode = FALSE; /* no auditing */
429 case PolicyPrimaryDomainInformation: /* 3 */
431 /* Only the domain name is valid for the local computer.
432 * All other fields are zero.
434 PPOLICY_PRIMARY_DOMAIN_INFO pinfo = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,
435 sizeof(POLICY_PRIMARY_DOMAIN_INFO));
437 ADVAPI_GetDomainName(&pinfo->Name);
439 TRACE("setting domain to %s\n", debugstr_w(pinfo->Name.Buffer));
444 case PolicyAccountDomainInformation: /* 5 */
448 POLICY_ACCOUNT_DOMAIN_INFO info;
453 struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(*xdi));
454 DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
455 LPWSTR buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwSize * sizeof(WCHAR));
457 xdi->info.DomainName.MaximumLength = dwSize * sizeof(WCHAR);
459 if (GetComputerNameW(buf, &dwSize))
461 xdi->info.DomainName.Buffer = buf;
462 xdi->info.DomainName.Length = dwSize * sizeof(WCHAR);
465 TRACE("setting name to %s\n", debugstr_w(xdi->info.DomainName.Buffer));
467 xdi->info.DomainSid = &(xdi->sid);
469 /* read the computer SID from the registry */
470 if (!ADVAPI_GetComputerSid(&(xdi->sid)))
472 HeapFree(GetProcessHeap(), 0, buf);
473 HeapFree(GetProcessHeap(), 0, xdi);
475 WARN("Computer SID not found\n");
477 return STATUS_UNSUCCESSFUL;
480 TRACE("setting SID to %s\n", debugstr_sid(&xdi->sid));
485 case PolicyDnsDomainInformation: /* 12 (0xc) */
487 /* Only the domain name is valid for the local computer.
488 * All other fields are zero.
490 PPOLICY_DNS_DOMAIN_INFO pinfo = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,
491 sizeof(POLICY_DNS_DOMAIN_INFO));
493 ADVAPI_GetDomainName(&pinfo->Name);
495 TRACE("setting domain to %s\n", debugstr_w(pinfo->Name.Buffer));
500 case PolicyAuditLogInformation:
501 case PolicyPdAccountInformation:
502 case PolicyLsaServerRoleInformation:
503 case PolicyReplicaSourceInformation:
504 case PolicyDefaultQuotaInformation:
505 case PolicyModificationInformation:
506 case PolicyAuditFullSetInformation:
507 case PolicyAuditFullQueryInformation:
509 FIXME("category %d not implemented\n", InformationClass);
510 return STATUS_UNSUCCESSFUL;
513 return STATUS_SUCCESS;
516 /******************************************************************************
517 * LsaQueryTrustedDomainInfo [ADVAPI32.@]
520 NTSTATUS WINAPI LsaQueryTrustedDomainInfo(
523 TRUSTED_INFORMATION_CLASS class,
526 FIXME("(%p,%p,%d,%p) stub\n", policy, sid, class, buffer);
527 return STATUS_OBJECT_NAME_NOT_FOUND;
530 /******************************************************************************
531 * LsaQueryTrustedDomainInfoByName [ADVAPI32.@]
534 NTSTATUS WINAPI LsaQueryTrustedDomainInfoByName(
536 PLSA_UNICODE_STRING name,
537 TRUSTED_INFORMATION_CLASS class,
540 FIXME("(%p,%p,%d,%p) stub\n", policy, name, class, buffer);
541 return STATUS_OBJECT_NAME_NOT_FOUND;
544 /******************************************************************************
545 * LsaRegisterPolicyChangeNotification [ADVAPI32.@]
548 NTSTATUS WINAPI LsaRegisterPolicyChangeNotification(
549 POLICY_NOTIFICATION_INFORMATION_CLASS class,
552 FIXME("(%d,%p) stub\n", class, event);
553 return STATUS_UNSUCCESSFUL;
556 /******************************************************************************
557 * LsaRemoveAccountRights [ADVAPI32.@]
560 NTSTATUS WINAPI LsaRemoveAccountRights(
564 PLSA_UNICODE_STRING rights,
567 FIXME("(%p,%p,%d,%p,0x%08x) stub\n", policy, sid, all, rights, count);
568 return STATUS_SUCCESS;
571 /******************************************************************************
572 * LsaRetrievePrivateData [ADVAPI32.@]
574 * Retrieves data stored by LsaStorePrivateData.
577 * PolicyHandle [I] Handle to a Policy object.
578 * KeyName [I] Name of the key where the data is stored.
579 * PrivateData [O] Pointer to the private data.
582 * Success: STATUS_SUCCESS.
583 * Failure: STATUS_OBJECT_NAME_NOT_FOUND or NTSTATUS code.
585 NTSTATUS WINAPI LsaRetrievePrivateData(
586 IN LSA_HANDLE PolicyHandle,
587 IN PLSA_UNICODE_STRING KeyName,
588 OUT PLSA_UNICODE_STRING* PrivateData)
590 FIXME("(%p,%p,%p) stub\n", PolicyHandle, KeyName, PrivateData);
591 return STATUS_OBJECT_NAME_NOT_FOUND;
594 /******************************************************************************
595 * LsaSetInformationPolicy [ADVAPI32.@]
597 * Modifies information in a Policy object.
600 * PolicyHandle [I] Handle to a Policy object.
601 * InformationClass [I] Type of information to set.
602 * Buffer [I] Pointer to the information to set.
605 * Success: STATUS_SUCCESS.
606 * Failure: NTSTATUS code.
608 NTSTATUS WINAPI LsaSetInformationPolicy(
609 IN LSA_HANDLE PolicyHandle,
610 IN POLICY_INFORMATION_CLASS InformationClass,
613 FIXME("(%p,0x%08x,%p) stub\n", PolicyHandle, InformationClass, Buffer);
615 return STATUS_UNSUCCESSFUL;
618 /******************************************************************************
619 * LsaSetTrustedDomainInfoByName [ADVAPI32.@]
622 NTSTATUS WINAPI LsaSetTrustedDomainInfoByName(
624 PLSA_UNICODE_STRING name,
625 TRUSTED_INFORMATION_CLASS class,
628 FIXME("(%p,%p,%d,%p) stub\n", policy, name, class, buffer);
629 return STATUS_SUCCESS;
632 /******************************************************************************
633 * LsaSetTrustedDomainInformation [ADVAPI32.@]
636 NTSTATUS WINAPI LsaSetTrustedDomainInformation(
639 TRUSTED_INFORMATION_CLASS class,
642 FIXME("(%p,%p,%d,%p) stub\n", policy, sid, class, buffer);
643 return STATUS_SUCCESS;
646 /******************************************************************************
647 * LsaStorePrivateData [ADVAPI32.@]
649 * Stores or deletes a Policy object's data under the specified reg key.
652 * PolicyHandle [I] Handle to a Policy object.
653 * KeyName [I] Name of the key where the data will be stored.
654 * PrivateData [O] Pointer to the private data.
657 * Success: STATUS_SUCCESS.
658 * Failure: STATUS_OBJECT_NAME_NOT_FOUND or NTSTATUS code.
660 NTSTATUS WINAPI LsaStorePrivateData(
661 IN LSA_HANDLE PolicyHandle,
662 IN PLSA_UNICODE_STRING KeyName,
663 IN PLSA_UNICODE_STRING PrivateData)
665 FIXME("(%p,%p,%p) stub\n", PolicyHandle, KeyName, PrivateData);
666 return STATUS_OBJECT_NAME_NOT_FOUND;
669 /******************************************************************************
670 * LsaUnregisterPolicyChangeNotification [ADVAPI32.@]
673 NTSTATUS WINAPI LsaUnregisterPolicyChangeNotification(
674 POLICY_NOTIFICATION_INFORMATION_CLASS class,
677 FIXME("(%d,%p) stub\n", class, event);
678 return STATUS_SUCCESS;