static NTSTATUS LsapGetDomainInfo(VOID) { PLSA_DB_OBJECT PolicyObject = NULL; PUNICODE_STRING DomainName = NULL; ULONG AttributeSize; LPWSTR SidString = NULL; NTSTATUS Status; /* Get the built-in domain SID and name */ Status = RtlAllocateAndInitializeSid(&NtAuthority, 1, SECURITY_BUILTIN_DOMAIN_RID, 0, 0, 0, 0, 0, 0, 0, &BuiltinDomainSid); if (!NT_SUCCESS(Status)) return Status; /**/ RtlInitUnicodeString(&BuiltinDomainName, L"BUILTIN"); /* Open the 'Policy' object */ Status = LsapOpenDbObject(NULL, NULL, L"Policy", LsaDbPolicyObject, 0, TRUE, &PolicyObject); if (!NT_SUCCESS(Status)) goto done; /* Get the account domain SID */ AttributeSize = 0; Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmS", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; if (AttributeSize > 0) { AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, AttributeSize); if (AccountDomainSid == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmS", AccountDomainSid, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; } /* Get the account domain name */ AttributeSize = 0; Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmN", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; if (AttributeSize > 0) { DomainName = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, AttributeSize); if (DomainName == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmN", DomainName, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer); AccountDomainName.Length = DomainName->Length; AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR); AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, AccountDomainName.MaximumLength); if (AccountDomainName.Buffer == NULL) { ERR("Failed to allocate the account domain name buffer\n"); Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } RtlCopyMemory(AccountDomainName.Buffer, DomainName->Buffer, DomainName->Length); } ConvertSidToStringSidW(BuiltinDomainSid, &SidString); TRACE("Builtin Domain SID: %S\n", SidString); LocalFree(SidString); SidString = NULL; TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName); ConvertSidToStringSidW(AccountDomainSid, &SidString); TRACE("Account Domain SID: %S\n", SidString); LocalFree(SidString); SidString = NULL; TRACE("Account Domain Name: %wZ\n", &AccountDomainName); done: if (DomainName != NULL) RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName); if (PolicyObject != NULL) LsapCloseDbObject(PolicyObject); return Status; }
NTSTATUS WINAPI LsaIOpenPolicyTrusted(OUT LSAPR_HANDLE *PolicyHandle) { PLSA_DB_OBJECT PolicyObject; NTSTATUS Status; TRACE("(%p)\n", PolicyHandle); Status = LsapOpenDbObject(NULL, NULL, L"Policy", LsaDbPolicyObject, POLICY_ALL_ACCESS, TRUE, &PolicyObject); if (NT_SUCCESS(Status)) *PolicyHandle = (LSAPR_HANDLE)PolicyObject; return Status; }
static NTSTATUS LsapCreateDatabaseObjects(VOID) { PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL; POLICY_DEFAULT_QUOTA_INFO QuotaInfo; POLICY_MODIFICATION_INFO ModificationInfo; POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE}; POLICY_AUDIT_LOG_INFO AuditLogInfo; GUID DnsDomainGuid; PLSA_DB_OBJECT PolicyObject = NULL; PSID AccountDomainSid = NULL; PSECURITY_DESCRIPTOR PolicySd = NULL; ULONG PolicySdSize = 0; ULONG AuditEventsCount; ULONG AuditEventsSize; ULONG i; NTSTATUS Status; /* Initialize the default quota limits */ QuotaInfo.QuotaLimits.PagedPoolLimit = 0x2000000; QuotaInfo.QuotaLimits.NonPagedPoolLimit = 0x100000; QuotaInfo.QuotaLimits.MinimumWorkingSetSize = 0x10000; QuotaInfo.QuotaLimits.MaximumWorkingSetSize = 0xF000000; QuotaInfo.QuotaLimits.PagefileLimit = 0; QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0; /* Initialize the audit log attribute */ AuditLogInfo.AuditLogPercentFull = 0; AuditLogInfo.MaximumLogSize = 0; // DWORD AuditLogInfo.AuditRetentionPeriod.QuadPart = 0; // LARGE_INTEGER AuditLogInfo.AuditLogFullShutdownInProgress = 0; // BYTE AuditLogInfo.TimeToShutdown.QuadPart = 0; // LARGE_INTEGER AuditLogInfo.NextAuditRecordId = 0; // DWORD /* Initialize the Audit Events attribute */ AuditEventsCount = AuditCategoryAccountLogon - AuditCategorySystem + 1; AuditEventsSize = sizeof(LSAP_POLICY_AUDIT_EVENTS_DATA) + AuditEventsCount * sizeof(DWORD); AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, AuditEventsSize); if (AuditEventsInfo == NULL) return STATUS_INSUFFICIENT_RESOURCES; AuditEventsInfo->AuditingMode = FALSE; AuditEventsInfo->MaximumAuditEventCount = AuditEventsCount; for (i = 0; i < AuditEventsCount; i++) AuditEventsInfo->AuditEvents[i] = 0; /* Initialize the DNS Domain GUID attribute */ memset(&DnsDomainGuid, 0, sizeof(GUID)); /* Initialize the modification attribute */ ModificationInfo.ModifiedId.QuadPart = 0; NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime); /* Create a random domain SID */ Status = LsapCreateRandomDomainSid(&AccountDomainSid); if (!NT_SUCCESS(Status)) goto done; Status = LsapCreatePolicySd(&PolicySd, &PolicySdSize); if (!NT_SUCCESS(Status)) goto done; /* Open the 'Policy' object */ Status = LsapOpenDbObject(NULL, NULL, L"Policy", LsaDbPolicyObject, 0, TRUE, &PolicyObject); if (!NT_SUCCESS(Status)) goto done; LsapSetObjectAttribute(PolicyObject, L"PolPrDmN", NULL, 0); LsapSetObjectAttribute(PolicyObject, L"PolPrDmS", NULL, 0); LsapSetObjectAttribute(PolicyObject, L"PolAcDmN", NULL, 0); LsapSetObjectAttribute(PolicyObject, L"PolAcDmS", AccountDomainSid, RtlLengthSid(AccountDomainSid)); /* Set the default quota limits attribute */ LsapSetObjectAttribute(PolicyObject, L"DefQuota", &QuotaInfo, sizeof(POLICY_DEFAULT_QUOTA_INFO)); /* Set the modification attribute */ LsapSetObjectAttribute(PolicyObject, L"PolMod", &ModificationInfo, sizeof(POLICY_MODIFICATION_INFO)); /* Set the audit full attribute */ LsapSetObjectAttribute(PolicyObject, L"PolAdtFl", &AuditFullInfo, sizeof(POLICY_AUDIT_FULL_QUERY_INFO)); /* Set the audit log attribute */ LsapSetObjectAttribute(PolicyObject, L"PolAdtLg", &AuditLogInfo, sizeof(POLICY_AUDIT_LOG_INFO)); /* Set the audit events attribute */ LsapSetObjectAttribute(PolicyObject, L"PolAdtEv", AuditEventsInfo, AuditEventsSize); /* Set the DNS Domain Name attribute */ LsapSetObjectAttribute(PolicyObject, L"PolDnDDN", NULL, 0); /* Set the DNS Forest Name attribute */ LsapSetObjectAttribute(PolicyObject, L"PolDnTrN", NULL, 0); /* Set the DNS Domain GUID attribute */ LsapSetObjectAttribute(PolicyObject, L"PolDnDmG", &DnsDomainGuid, sizeof(GUID)); /* Set the Sceurity Descriptor */ LsapSetObjectAttribute(PolicyObject, L"SecDesc", PolicySd, PolicySdSize); done: if (AuditEventsInfo != NULL) RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo); if (PolicyObject != NULL) LsapCloseDbObject(PolicyObject); if (AccountDomainSid != NULL) RtlFreeSid(AccountDomainSid); if (PolicySd != NULL) RtlFreeHeap(RtlGetProcessHeap(), 0, PolicySd); return Status; }