static NTSTATUS
LsapGetDomainInfo(VOID)
{
PLSA_DB_OBJECT PolicyObject = NULL;
PUNICODE_STRING DomainName = NULL;
ULONG AttributeSize;
LPWSTR SidString = NULL;
NTSTATUS Status;
/* Get the built-in domain SID and name */
Status = RtlAllocateAndInitializeSid(&NtAuthority,
1,
SECURITY_BUILTIN_DOMAIN_RID,
0, 0, 0, 0, 0, 0, 0,
&BuiltinDomainSid);
if (!NT_SUCCESS(Status))
return Status;
/**/
RtlInitUnicodeString(&BuiltinDomainName,
L"BUILTIN");
/* Open the 'Policy' object */
Status = LsapOpenDbObject(NULL,
NULL,
L"Policy",
LsaDbPolicyObject,
0,
TRUE,
&PolicyObject);
if (!NT_SUCCESS(Status))
goto done;
/* Get the account domain SID */
AttributeSize = 0;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmS",
NULL,
&AttributeSize);
if (!NT_SUCCESS(Status))
goto done;
if (AttributeSize > 0)
{
AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(),
HEAP_ZERO_MEMORY,
AttributeSize);
if (AccountDomainSid == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmS",
AccountDomainSid,
&AttributeSize);
if (!NT_SUCCESS(Status))
goto done;
}
/* Get the account domain name */
AttributeSize = 0;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmN",
NULL,
&AttributeSize);
if (!NT_SUCCESS(Status))
goto done;
if (AttributeSize > 0)
{
DomainName = RtlAllocateHeap(RtlGetProcessHeap(),
HEAP_ZERO_MEMORY,
AttributeSize);
if (DomainName == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmN",
DomainName,
&AttributeSize);
if (!NT_SUCCESS(Status))
goto done;
DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
AccountDomainName.Length = DomainName->Length;
AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR);
AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
HEAP_ZERO_MEMORY,
AccountDomainName.MaximumLength);
if (AccountDomainName.Buffer == NULL)
{
ERR("Failed to allocate the account domain name buffer\n");
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
RtlCopyMemory(AccountDomainName.Buffer,
DomainName->Buffer,
DomainName->Length);
}
ConvertSidToStringSidW(BuiltinDomainSid, &SidString);
TRACE("Builtin Domain SID: %S\n", SidString);
LocalFree(SidString);
SidString = NULL;
TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName);
ConvertSidToStringSidW(AccountDomainSid, &SidString);
TRACE("Account Domain SID: %S\n", SidString);
LocalFree(SidString);
SidString = NULL;
TRACE("Account Domain Name: %wZ\n", &AccountDomainName);
done:
if (DomainName != NULL)
RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName);
if (PolicyObject != NULL)
LsapCloseDbObject(PolicyObject);
return Status;
}
NTSTATUS
LsarSetAuditFull(PLSA_DB_OBJECT PolicyObject,
PPOLICY_AUDIT_FULL_QUERY_INFO Info)
{
PPOLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = NULL;
ULONG AttributeSize;
NTSTATUS Status;
TRACE("(%p %p)\n", PolicyObject, Info);
AttributeSize = sizeof(POLICY_AUDIT_FULL_QUERY_INFO);
AuditFullInfo = MIDL_user_allocate(AttributeSize);
if (AuditFullInfo == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAdtFl",
AuditFullInfo,
&AttributeSize);
if (!NT_SUCCESS(Status))
goto done;
AuditFullInfo->ShutDownOnFull = Info->ShutDownOnFull;
Status = LsapSetObjectAttribute(PolicyObject,
L"PolAdtFl",
AuditFullInfo,
AttributeSize);
done:
if (AuditFullInfo != NULL)
MIDL_user_free(AuditFullInfo);
return Status;
}
NTSTATUS
LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PPOLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = NULL;
ULONG AttributeSize;
NTSTATUS Status;
*PolicyInformation = NULL;
AttributeSize = sizeof(POLICY_AUDIT_FULL_QUERY_INFO);
AuditFullInfo = MIDL_user_allocate(AttributeSize);
if (AuditFullInfo == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAdtFl",
AuditFullInfo,
&AttributeSize);
if (!NT_SUCCESS(Status))
{
MIDL_user_free(AuditFullInfo);
}
else
{
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)AuditFullInfo;
}
return Status;
}
NTSTATUS
LsarQueryModification(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PPOLICY_MODIFICATION_INFO Info = NULL;
ULONG AttributeSize;
NTSTATUS Status;
*PolicyInformation = NULL;
AttributeSize = sizeof(POLICY_MODIFICATION_INFO);
Info = MIDL_user_allocate(AttributeSize);
if (Info == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolMod",
Info,
&AttributeSize);
if (!NT_SUCCESS(Status))
{
MIDL_user_free(Info);
}
else
{
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)Info;
}
return Status;
}
NTSTATUS
LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PPOLICY_DEFAULT_QUOTA_INFO QuotaInfo = NULL;
ULONG AttributeSize;
NTSTATUS Status;
*PolicyInformation = NULL;
AttributeSize = sizeof(POLICY_DEFAULT_QUOTA_INFO);
QuotaInfo = MIDL_user_allocate(AttributeSize);
if (QuotaInfo == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"DefQuota",
QuotaInfo,
&AttributeSize);
if (!NT_SUCCESS(Status))
{
MIDL_user_free(QuotaInfo);
}
else
{
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)QuotaInfo;
}
return Status;
}
NTSTATUS
LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PPOLICY_LSA_SERVER_ROLE_INFO ServerRoleInfo = NULL;
ULONG AttributeSize;
NTSTATUS Status;
*PolicyInformation = NULL;
AttributeSize = sizeof(POLICY_LSA_SERVER_ROLE_INFO);
ServerRoleInfo = MIDL_user_allocate(AttributeSize);
if (ServerRoleInfo == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolSrvRo",
ServerRoleInfo,
&AttributeSize);
if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
{
ServerRoleInfo->LsaServerRole = PolicyServerRolePrimary;
Status = STATUS_SUCCESS;
}
if (!NT_SUCCESS(Status))
{
MIDL_user_free(ServerRoleInfo);
}
else
{
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)ServerRoleInfo;
}
return Status;
}
NTSTATUS
LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PLSAP_POLICY_AUDIT_EVENTS_DATA AuditData = NULL;
PLSAPR_POLICY_AUDIT_EVENTS_INFO p = NULL;
ULONG AttributeSize;
NTSTATUS Status = STATUS_SUCCESS;
*PolicyInformation = NULL;
AttributeSize = 0;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAdtEv",
NULL,
&AttributeSize);
if (!NT_SUCCESS(Status))
return Status;
TRACE("Attribute size: %lu\n", AttributeSize);
if (AttributeSize > 0)
{
AuditData = MIDL_user_allocate(AttributeSize);
if (AuditData == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAdtEv",
AuditData,
&AttributeSize);
if (!NT_SUCCESS(Status))
goto done;
}
p = MIDL_user_allocate(sizeof(LSAPR_POLICY_AUDIT_EVENTS_INFO));
if (p == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
if (AuditData == NULL)
{
p->AuditingMode = FALSE;
p->MaximumAuditEventCount = 0;
p->EventAuditingOptions = NULL;
}
else
{
p->AuditingMode = AuditData->AuditingMode;
p->MaximumAuditEventCount = AuditData->MaximumAuditEventCount;
p->EventAuditingOptions = MIDL_user_allocate(AuditData->MaximumAuditEventCount * sizeof(DWORD));
if (p->EventAuditingOptions == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
memcpy(p->EventAuditingOptions,
&(AuditData->AuditEvents[0]),
AuditData->MaximumAuditEventCount * sizeof(DWORD));
}
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)p;
done:
TRACE("Status: 0x%lx\n", Status);
if (!NT_SUCCESS(Status))
{
if (p != NULL)
{
if (p->EventAuditingOptions != NULL)
MIDL_user_free(p->EventAuditingOptions);
MIDL_user_free(p);
}
}
if (AuditData != NULL)
MIDL_user_free(AuditData);
return Status;
}
NTSTATUS
LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PLSAPR_POLICY_DNS_DOMAIN_INFO p = NULL;
PUNICODE_STRING DomainName;
ULONG AttributeSize;
NTSTATUS Status;
*PolicyInformation = NULL;
p = MIDL_user_allocate(sizeof(LSAPR_POLICY_DNS_DOMAIN_INFO));
if (p == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
/* Primary Domain Name */
AttributeSize = 0;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolPrDmN",
NULL,
&AttributeSize);
if (!NT_SUCCESS(Status))
{
goto done;
}
if (AttributeSize > 0)
{
DomainName = MIDL_user_allocate(AttributeSize);
if (DomainName == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
Status = LsapGetObjectAttribute(PolicyObject,
L"PolPrDmN",
DomainName,
&AttributeSize);
if (Status == STATUS_SUCCESS)
{
DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
TRACE("PrimaryDomainName: %wZ\n", DomainName);
p->Name.Buffer = MIDL_user_allocate(DomainName->MaximumLength);
if (p->Name.Buffer == NULL)
{
MIDL_user_free(DomainName);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
p->Name.Length = DomainName->Length;
p->Name.MaximumLength = DomainName->MaximumLength;
memcpy(p->Name.Buffer,
DomainName->Buffer,
DomainName->MaximumLength);
}
MIDL_user_free(DomainName);
}
/* Primary Domain SID */
AttributeSize = 0;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolPrDmS",
NULL,
&AttributeSize);
if (!NT_SUCCESS(Status))
{
goto done;
}
if (AttributeSize > 0)
{
p->Sid = MIDL_user_allocate(AttributeSize);
if (p->Sid == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
Status = LsapGetObjectAttribute(PolicyObject,
L"PolPrDmS",
p->Sid,
&AttributeSize);
}
/* DNS Domain Name */
AttributeSize = 0;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolDnDDN",
NULL,
&AttributeSize);
if (!NT_SUCCESS(Status))
goto done;
if (AttributeSize > 0)
{
DomainName = MIDL_user_allocate(AttributeSize);
if (DomainName == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
Status = LsapGetObjectAttribute(PolicyObject,
L"PolDnDDN",
DomainName,
&AttributeSize);
if (Status == STATUS_SUCCESS)
{
DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
TRACE("DNS Domain Name: %wZ\n", DomainName);
p->DnsDomainName.Buffer = MIDL_user_allocate(DomainName->MaximumLength);
if (p->DnsDomainName.Buffer == NULL)
{
MIDL_user_free(DomainName);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
p->DnsDomainName.Length = DomainName->Length;
p->DnsDomainName.MaximumLength = DomainName->MaximumLength;
memcpy(p->DnsDomainName.Buffer,
DomainName->Buffer,
DomainName->MaximumLength);
}
MIDL_user_free(DomainName);
}
/* DNS Forest Name */
AttributeSize = 0;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolDnTrN",
NULL,
&AttributeSize);
if (!NT_SUCCESS(Status))
goto done;
if (AttributeSize > 0)
{
DomainName = MIDL_user_allocate(AttributeSize);
if (DomainName == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
Status = LsapGetObjectAttribute(PolicyObject,
L"PolDnTrN",
DomainName,
&AttributeSize);
if (Status == STATUS_SUCCESS)
{
DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
TRACE("DNS Forest Name: %wZ\n", DomainName);
p->DnsForestName.Buffer = MIDL_user_allocate(DomainName->MaximumLength);
if (p->DnsForestName.Buffer == NULL)
{
MIDL_user_free(DomainName);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
p->DnsForestName.Length = DomainName->Length;
p->DnsForestName.MaximumLength = DomainName->MaximumLength;
memcpy(p->DnsForestName.Buffer,
DomainName->Buffer,
DomainName->MaximumLength);
}
MIDL_user_free(DomainName);
}
/* DNS Domain GUID */
AttributeSize = sizeof(GUID);
Status = LsapGetObjectAttribute(PolicyObject,
L"PolDnDmG",
&(p->DomainGuid),
&AttributeSize);
if (!NT_SUCCESS(Status))
goto done;
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)p;
done:
if (!NT_SUCCESS(Status))
{
if (p)
{
if (p->Name.Buffer)
MIDL_user_free(p->Name.Buffer);
if (p->DnsDomainName.Buffer)
MIDL_user_free(p->DnsDomainName.Buffer);
if (p->DnsForestName.Buffer)
MIDL_user_free(p->DnsForestName.Buffer);
if (p->Sid)
MIDL_user_free(p->Sid);
MIDL_user_free(p);
}
}
return Status;
}
NTSTATUS
LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PLSAPR_POLICY_ACCOUNT_DOM_INFO p = NULL;
PUNICODE_STRING DomainName;
ULONG AttributeSize = 0;
NTSTATUS Status;
*PolicyInformation = NULL;
p = MIDL_user_allocate(sizeof(LSAPR_POLICY_ACCOUNT_DOM_INFO));
if (p == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
/* Domain Name */
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmN",
NULL,
&AttributeSize);
if (!NT_SUCCESS(Status))
{
goto Done;
}
if (AttributeSize > 0)
{
DomainName = MIDL_user_allocate(AttributeSize);
if (DomainName == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Done;
}
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmN",
DomainName,
&AttributeSize);
if (Status == STATUS_SUCCESS)
{
DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
TRACE("AccountDomainName: %wZ\n", DomainName);
p->DomainName.Buffer = MIDL_user_allocate(DomainName->MaximumLength);
if (p->DomainName.Buffer == NULL)
{
MIDL_user_free(DomainName);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Done;
}
p->DomainName.Length = DomainName->Length;
p->DomainName.MaximumLength = DomainName->MaximumLength;
memcpy(p->DomainName.Buffer,
DomainName->Buffer,
DomainName->MaximumLength);
}
MIDL_user_free(DomainName);
}
/* Domain SID */
AttributeSize = 0;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmS",
NULL,
&AttributeSize);
if (!NT_SUCCESS(Status))
{
goto Done;
}
if (AttributeSize > 0)
{
p->Sid = MIDL_user_allocate(AttributeSize);
if (p->Sid == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Done;
}
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmS",
p->Sid,
&AttributeSize);
}
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)p;
Done:
if (!NT_SUCCESS(Status))
{
if (p)
{
if (p->DomainName.Buffer)
MIDL_user_free(p->DomainName.Buffer);
if (p->Sid)
MIDL_user_free(p->Sid);
MIDL_user_free(p);
}
}
return Status;
}
