NTSTATUS
SetAuditEvent(
LSA_HANDLE PolicyHandle,
POLICY_AUDIT_EVENT_TYPE EventType,
POLICY_AUDIT_EVENT_OPTIONS EventOption
)
{
PPOLICY_AUDIT_EVENTS_INFO pae;
NTSTATUS Status;
DWORD i; // index into EventAuditingOptions
//
// obtain AuditEvents
//
Status = LsaQueryInformationPolicy(
PolicyHandle,
PolicyAuditEventsInformation,
&pae
);
if(Status != STATUS_SUCCESS) return Status;
//
// insure we were passed a valid EventType and EventOption
//
if((ULONG)EventType > pae->MaximumAuditEventCount ||
(!EventOption & POLICY_AUDIT_EVENT_MASK) ) {
LsaFreeMemory(pae);
return STATUS_INVALID_PARAMETER;
}
//
// set all auditevents to the unchanged status...
//
for(i = 0 ; i < pae->MaximumAuditEventCount ; i++) {
pae->EventAuditingOptions[i] = POLICY_AUDIT_EVENT_UNCHANGED;
}
//
// ...and update only the specified EventType
//
pae->EventAuditingOptions[EventType] = EventOption;
//
// set the new AuditEvents
//
Status = LsaSetInformationPolicy(
PolicyHandle,
PolicyAuditEventsInformation,
pae
);
//
// free allocated memory
//
LsaFreeMemory(pae);
return Status;
}
NTSTATUS
SetAuditMode(
LSA_HANDLE PolicyHandle,
BOOL bEnable
)
{
PPOLICY_AUDIT_EVENTS_INFO AuditEvents;
NTSTATUS Status;
DWORD i;
//
// obtain current AuditEvents
//
Status = LsaQueryInformationPolicy(
PolicyHandle,
PolicyAuditEventsInformation,
&AuditEvents
);
if(Status != STATUS_SUCCESS) return Status;
//
// update the relevant member
//
AuditEvents->AuditingMode = bEnable;
//
// set all auditevents to the unchanged status...
//
for(i = 0 ; i < AuditEvents->MaximumAuditEventCount ; i++) {
AuditEvents->EventAuditingOptions[i] = POLICY_AUDIT_EVENT_UNCHANGED;
}
//
// set the new auditing mode (enabled or disabled)
//
Status = LsaSetInformationPolicy(
PolicyHandle,
PolicyAuditEventsInformation,
AuditEvents
);
LsaFreeMemory(AuditEvents);
return Status;
}
NTSTATUS
SetAccountDomain(LPCWSTR DomainName,
PSID DomainSid)
{
PPOLICY_ACCOUNT_DOMAIN_INFO OrigInfo = NULL;
POLICY_ACCOUNT_DOMAIN_INFO Info;
LSA_OBJECT_ATTRIBUTES ObjectAttributes;
LSA_HANDLE PolicyHandle;
SAM_HANDLE ServerHandle = NULL;
SAM_HANDLE DomainHandle = NULL;
DOMAIN_NAME_INFORMATION DomainNameInfo;
NTSTATUS Status;
DPRINT1("SYSSETUP: SetAccountDomain\n");
memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
Status = LsaOpenPolicy(NULL,
&ObjectAttributes,
POLICY_VIEW_LOCAL_INFORMATION | POLICY_TRUST_ADMIN,
&PolicyHandle);
if (Status != STATUS_SUCCESS)
{
DPRINT("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status);
return Status;
}
Status = LsaQueryInformationPolicy(PolicyHandle,
PolicyAccountDomainInformation,
(PVOID *)&OrigInfo);
if (Status == STATUS_SUCCESS && OrigInfo != NULL)
{
if (DomainName == NULL)
{
Info.DomainName.Buffer = OrigInfo->DomainName.Buffer;
Info.DomainName.Length = OrigInfo->DomainName.Length;
Info.DomainName.MaximumLength = OrigInfo->DomainName.MaximumLength;
}
else
{
Info.DomainName.Buffer = (LPWSTR)DomainName;
Info.DomainName.Length = wcslen(DomainName) * sizeof(WCHAR);
Info.DomainName.MaximumLength = Info.DomainName.Length + sizeof(WCHAR);
}
if (DomainSid == NULL)
Info.DomainSid = OrigInfo->DomainSid;
else
Info.DomainSid = DomainSid;
}
else
{
Info.DomainName.Buffer = (LPWSTR)DomainName;
Info.DomainName.Length = wcslen(DomainName) * sizeof(WCHAR);
Info.DomainName.MaximumLength = Info.DomainName.Length + sizeof(WCHAR);
Info.DomainSid = DomainSid;
}
Status = LsaSetInformationPolicy(PolicyHandle,
PolicyAccountDomainInformation,
(PVOID)&Info);
if (Status != STATUS_SUCCESS)
{
DPRINT("LsaSetInformationPolicy failed (Status: 0x%08lx)\n", Status);
}
if (OrigInfo != NULL)
LsaFreeMemory(OrigInfo);
LsaClose(PolicyHandle);
DomainNameInfo.DomainName.Length = wcslen(DomainName) * sizeof(WCHAR);
DomainNameInfo.DomainName.MaximumLength = (wcslen(DomainName) + 1) * sizeof(WCHAR);
DomainNameInfo.DomainName.Buffer = (LPWSTR)DomainName;
Status = SamConnect(NULL,
&ServerHandle,
SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
NULL);
if (NT_SUCCESS(Status))
{
Status = SamOpenDomain(ServerHandle,
DOMAIN_WRITE_OTHER_PARAMETERS,
Info.DomainSid,
&DomainHandle);
if (NT_SUCCESS(Status))
{
Status = SamSetInformationDomain(DomainHandle,
DomainNameInformation,
(PVOID)&DomainNameInfo);
if (!NT_SUCCESS(Status))
{
DPRINT1("SamSetInformationDomain failed (Status: 0x%08lx)\n", Status);
}
SamCloseHandle(DomainHandle);
}
else
{
DPRINT1("SamOpenDomain failed (Status: 0x%08lx)\n", Status);
}
SamCloseHandle(ServerHandle);
}
return Status;
}
/* Hack */
static
NTSTATUS
SetPrimaryDomain(LPCWSTR DomainName,
PSID DomainSid)
{
PPOLICY_PRIMARY_DOMAIN_INFO OrigInfo = NULL;
POLICY_PRIMARY_DOMAIN_INFO Info;
LSA_OBJECT_ATTRIBUTES ObjectAttributes;
LSA_HANDLE PolicyHandle;
NTSTATUS Status;
DPRINT1("SYSSETUP: SetPrimaryDomain()\n");
memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
Status = LsaOpenPolicy(NULL,
&ObjectAttributes,
POLICY_VIEW_LOCAL_INFORMATION | POLICY_TRUST_ADMIN,
&PolicyHandle);
if (Status != STATUS_SUCCESS)
{
DPRINT("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status);
return Status;
}
Status = LsaQueryInformationPolicy(PolicyHandle,
PolicyPrimaryDomainInformation,
(PVOID *)&OrigInfo);
if (Status == STATUS_SUCCESS && OrigInfo != NULL)
{
if (DomainName == NULL)
{
Info.Name.Buffer = OrigInfo->Name.Buffer;
Info.Name.Length = OrigInfo->Name.Length;
Info.Name.MaximumLength = OrigInfo->Name.MaximumLength;
}
else
{
Info.Name.Buffer = (LPWSTR)DomainName;
Info.Name.Length = wcslen(DomainName) * sizeof(WCHAR);
Info.Name.MaximumLength = Info.Name.Length + sizeof(WCHAR);
}
if (DomainSid == NULL)
Info.Sid = OrigInfo->Sid;
else
Info.Sid = DomainSid;
}
else
{
Info.Name.Buffer = (LPWSTR)DomainName;
Info.Name.Length = wcslen(DomainName) * sizeof(WCHAR);
Info.Name.MaximumLength = Info.Name.Length + sizeof(WCHAR);
Info.Sid = DomainSid;
}
Status = LsaSetInformationPolicy(PolicyHandle,
PolicyPrimaryDomainInformation,
(PVOID)&Info);
if (Status != STATUS_SUCCESS)
{
DPRINT("LsaSetInformationPolicy failed (Status: 0x%08lx)\n", Status);
}
if (OrigInfo != NULL)
LsaFreeMemory(OrigInfo);
LsaClose(PolicyHandle);
return Status;
}
