static NTSTATUS LsapGetDomainInfo(VOID) { PLSA_DB_OBJECT PolicyObject = NULL; PUNICODE_STRING DomainName = NULL; ULONG AttributeSize; LPWSTR SidString = NULL; NTSTATUS Status; /* Get the built-in domain SID and name */ Status = RtlAllocateAndInitializeSid(&NtAuthority, 1, SECURITY_BUILTIN_DOMAIN_RID, 0, 0, 0, 0, 0, 0, 0, &BuiltinDomainSid); if (!NT_SUCCESS(Status)) return Status; /**/ RtlInitUnicodeString(&BuiltinDomainName, L"BUILTIN"); /* Open the 'Policy' object */ Status = LsapOpenDbObject(NULL, NULL, L"Policy", LsaDbPolicyObject, 0, TRUE, &PolicyObject); if (!NT_SUCCESS(Status)) goto done; /* Get the account domain SID */ AttributeSize = 0; Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmS", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; if (AttributeSize > 0) { AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, AttributeSize); if (AccountDomainSid == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmS", AccountDomainSid, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; } /* Get the account domain name */ AttributeSize = 0; Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmN", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; if (AttributeSize > 0) { DomainName = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, AttributeSize); if (DomainName == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmN", DomainName, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer); AccountDomainName.Length = DomainName->Length; AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR); AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, AccountDomainName.MaximumLength); if (AccountDomainName.Buffer == NULL) { ERR("Failed to allocate the account domain name buffer\n"); Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } RtlCopyMemory(AccountDomainName.Buffer, DomainName->Buffer, DomainName->Length); } ConvertSidToStringSidW(BuiltinDomainSid, &SidString); TRACE("Builtin Domain SID: %S\n", SidString); LocalFree(SidString); SidString = NULL; TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName); ConvertSidToStringSidW(AccountDomainSid, &SidString); TRACE("Account Domain SID: %S\n", SidString); LocalFree(SidString); SidString = NULL; TRACE("Account Domain Name: %wZ\n", &AccountDomainName); done: if (DomainName != NULL) RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName); if (PolicyObject != NULL) LsapCloseDbObject(PolicyObject); return Status; }
NTSTATUS LsarSetAuditFull(PLSA_DB_OBJECT PolicyObject, PPOLICY_AUDIT_FULL_QUERY_INFO Info) { PPOLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = NULL; ULONG AttributeSize; NTSTATUS Status; TRACE("(%p %p)\n", PolicyObject, Info); AttributeSize = sizeof(POLICY_AUDIT_FULL_QUERY_INFO); AuditFullInfo = MIDL_user_allocate(AttributeSize); if (AuditFullInfo == NULL) return STATUS_INSUFFICIENT_RESOURCES; Status = LsapGetObjectAttribute(PolicyObject, L"PolAdtFl", AuditFullInfo, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; AuditFullInfo->ShutDownOnFull = Info->ShutDownOnFull; Status = LsapSetObjectAttribute(PolicyObject, L"PolAdtFl", AuditFullInfo, AttributeSize); done: if (AuditFullInfo != NULL) MIDL_user_free(AuditFullInfo); return Status; }
NTSTATUS LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PPOLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = NULL; ULONG AttributeSize; NTSTATUS Status; *PolicyInformation = NULL; AttributeSize = sizeof(POLICY_AUDIT_FULL_QUERY_INFO); AuditFullInfo = MIDL_user_allocate(AttributeSize); if (AuditFullInfo == NULL) return STATUS_INSUFFICIENT_RESOURCES; Status = LsapGetObjectAttribute(PolicyObject, L"PolAdtFl", AuditFullInfo, &AttributeSize); if (!NT_SUCCESS(Status)) { MIDL_user_free(AuditFullInfo); } else { *PolicyInformation = (PLSAPR_POLICY_INFORMATION)AuditFullInfo; } return Status; }
NTSTATUS LsarQueryModification(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PPOLICY_MODIFICATION_INFO Info = NULL; ULONG AttributeSize; NTSTATUS Status; *PolicyInformation = NULL; AttributeSize = sizeof(POLICY_MODIFICATION_INFO); Info = MIDL_user_allocate(AttributeSize); if (Info == NULL) return STATUS_INSUFFICIENT_RESOURCES; Status = LsapGetObjectAttribute(PolicyObject, L"PolMod", Info, &AttributeSize); if (!NT_SUCCESS(Status)) { MIDL_user_free(Info); } else { *PolicyInformation = (PLSAPR_POLICY_INFORMATION)Info; } return Status; }
NTSTATUS LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PPOLICY_DEFAULT_QUOTA_INFO QuotaInfo = NULL; ULONG AttributeSize; NTSTATUS Status; *PolicyInformation = NULL; AttributeSize = sizeof(POLICY_DEFAULT_QUOTA_INFO); QuotaInfo = MIDL_user_allocate(AttributeSize); if (QuotaInfo == NULL) return STATUS_INSUFFICIENT_RESOURCES; Status = LsapGetObjectAttribute(PolicyObject, L"DefQuota", QuotaInfo, &AttributeSize); if (!NT_SUCCESS(Status)) { MIDL_user_free(QuotaInfo); } else { *PolicyInformation = (PLSAPR_POLICY_INFORMATION)QuotaInfo; } return Status; }
NTSTATUS LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PPOLICY_LSA_SERVER_ROLE_INFO ServerRoleInfo = NULL; ULONG AttributeSize; NTSTATUS Status; *PolicyInformation = NULL; AttributeSize = sizeof(POLICY_LSA_SERVER_ROLE_INFO); ServerRoleInfo = MIDL_user_allocate(AttributeSize); if (ServerRoleInfo == NULL) return STATUS_INSUFFICIENT_RESOURCES; Status = LsapGetObjectAttribute(PolicyObject, L"PolSrvRo", ServerRoleInfo, &AttributeSize); if (Status == STATUS_OBJECT_NAME_NOT_FOUND) { ServerRoleInfo->LsaServerRole = PolicyServerRolePrimary; Status = STATUS_SUCCESS; } if (!NT_SUCCESS(Status)) { MIDL_user_free(ServerRoleInfo); } else { *PolicyInformation = (PLSAPR_POLICY_INFORMATION)ServerRoleInfo; } return Status; }
NTSTATUS LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PLSAP_POLICY_AUDIT_EVENTS_DATA AuditData = NULL; PLSAPR_POLICY_AUDIT_EVENTS_INFO p = NULL; ULONG AttributeSize; NTSTATUS Status = STATUS_SUCCESS; *PolicyInformation = NULL; AttributeSize = 0; Status = LsapGetObjectAttribute(PolicyObject, L"PolAdtEv", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) return Status; TRACE("Attribute size: %lu\n", AttributeSize); if (AttributeSize > 0) { AuditData = MIDL_user_allocate(AttributeSize); if (AuditData == NULL) return STATUS_INSUFFICIENT_RESOURCES; Status = LsapGetObjectAttribute(PolicyObject, L"PolAdtEv", AuditData, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; } p = MIDL_user_allocate(sizeof(LSAPR_POLICY_AUDIT_EVENTS_INFO)); if (p == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } if (AuditData == NULL) { p->AuditingMode = FALSE; p->MaximumAuditEventCount = 0; p->EventAuditingOptions = NULL; } else { p->AuditingMode = AuditData->AuditingMode; p->MaximumAuditEventCount = AuditData->MaximumAuditEventCount; p->EventAuditingOptions = MIDL_user_allocate(AuditData->MaximumAuditEventCount * sizeof(DWORD)); if (p->EventAuditingOptions == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } memcpy(p->EventAuditingOptions, &(AuditData->AuditEvents[0]), AuditData->MaximumAuditEventCount * sizeof(DWORD)); } *PolicyInformation = (PLSAPR_POLICY_INFORMATION)p; done: TRACE("Status: 0x%lx\n", Status); if (!NT_SUCCESS(Status)) { if (p != NULL) { if (p->EventAuditingOptions != NULL) MIDL_user_free(p->EventAuditingOptions); MIDL_user_free(p); } } if (AuditData != NULL) MIDL_user_free(AuditData); return Status; }
NTSTATUS LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PLSAPR_POLICY_DNS_DOMAIN_INFO p = NULL; PUNICODE_STRING DomainName; ULONG AttributeSize; NTSTATUS Status; *PolicyInformation = NULL; p = MIDL_user_allocate(sizeof(LSAPR_POLICY_DNS_DOMAIN_INFO)); if (p == NULL) return STATUS_INSUFFICIENT_RESOURCES; /* Primary Domain Name */ AttributeSize = 0; Status = LsapGetObjectAttribute(PolicyObject, L"PolPrDmN", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) { goto done; } if (AttributeSize > 0) { DomainName = MIDL_user_allocate(AttributeSize); if (DomainName == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } Status = LsapGetObjectAttribute(PolicyObject, L"PolPrDmN", DomainName, &AttributeSize); if (Status == STATUS_SUCCESS) { DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer); TRACE("PrimaryDomainName: %wZ\n", DomainName); p->Name.Buffer = MIDL_user_allocate(DomainName->MaximumLength); if (p->Name.Buffer == NULL) { MIDL_user_free(DomainName); Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } p->Name.Length = DomainName->Length; p->Name.MaximumLength = DomainName->MaximumLength; memcpy(p->Name.Buffer, DomainName->Buffer, DomainName->MaximumLength); } MIDL_user_free(DomainName); } /* Primary Domain SID */ AttributeSize = 0; Status = LsapGetObjectAttribute(PolicyObject, L"PolPrDmS", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) { goto done; } if (AttributeSize > 0) { p->Sid = MIDL_user_allocate(AttributeSize); if (p->Sid == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } Status = LsapGetObjectAttribute(PolicyObject, L"PolPrDmS", p->Sid, &AttributeSize); } /* DNS Domain Name */ AttributeSize = 0; Status = LsapGetObjectAttribute(PolicyObject, L"PolDnDDN", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; if (AttributeSize > 0) { DomainName = MIDL_user_allocate(AttributeSize); if (DomainName == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } Status = LsapGetObjectAttribute(PolicyObject, L"PolDnDDN", DomainName, &AttributeSize); if (Status == STATUS_SUCCESS) { DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer); TRACE("DNS Domain Name: %wZ\n", DomainName); p->DnsDomainName.Buffer = MIDL_user_allocate(DomainName->MaximumLength); if (p->DnsDomainName.Buffer == NULL) { MIDL_user_free(DomainName); Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } p->DnsDomainName.Length = DomainName->Length; p->DnsDomainName.MaximumLength = DomainName->MaximumLength; memcpy(p->DnsDomainName.Buffer, DomainName->Buffer, DomainName->MaximumLength); } MIDL_user_free(DomainName); } /* DNS Forest Name */ AttributeSize = 0; Status = LsapGetObjectAttribute(PolicyObject, L"PolDnTrN", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) goto done; if (AttributeSize > 0) { DomainName = MIDL_user_allocate(AttributeSize); if (DomainName == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } Status = LsapGetObjectAttribute(PolicyObject, L"PolDnTrN", DomainName, &AttributeSize); if (Status == STATUS_SUCCESS) { DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer); TRACE("DNS Forest Name: %wZ\n", DomainName); p->DnsForestName.Buffer = MIDL_user_allocate(DomainName->MaximumLength); if (p->DnsForestName.Buffer == NULL) { MIDL_user_free(DomainName); Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } p->DnsForestName.Length = DomainName->Length; p->DnsForestName.MaximumLength = DomainName->MaximumLength; memcpy(p->DnsForestName.Buffer, DomainName->Buffer, DomainName->MaximumLength); } MIDL_user_free(DomainName); } /* DNS Domain GUID */ AttributeSize = sizeof(GUID); Status = LsapGetObjectAttribute(PolicyObject, L"PolDnDmG", &(p->DomainGuid), &AttributeSize); if (!NT_SUCCESS(Status)) goto done; *PolicyInformation = (PLSAPR_POLICY_INFORMATION)p; done: if (!NT_SUCCESS(Status)) { if (p) { if (p->Name.Buffer) MIDL_user_free(p->Name.Buffer); if (p->DnsDomainName.Buffer) MIDL_user_free(p->DnsDomainName.Buffer); if (p->DnsForestName.Buffer) MIDL_user_free(p->DnsForestName.Buffer); if (p->Sid) MIDL_user_free(p->Sid); MIDL_user_free(p); } } return Status; }
NTSTATUS LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PLSAPR_POLICY_ACCOUNT_DOM_INFO p = NULL; PUNICODE_STRING DomainName; ULONG AttributeSize = 0; NTSTATUS Status; *PolicyInformation = NULL; p = MIDL_user_allocate(sizeof(LSAPR_POLICY_ACCOUNT_DOM_INFO)); if (p == NULL) return STATUS_INSUFFICIENT_RESOURCES; /* Domain Name */ Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmN", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) { goto Done; } if (AttributeSize > 0) { DomainName = MIDL_user_allocate(AttributeSize); if (DomainName == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto Done; } Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmN", DomainName, &AttributeSize); if (Status == STATUS_SUCCESS) { DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer); TRACE("AccountDomainName: %wZ\n", DomainName); p->DomainName.Buffer = MIDL_user_allocate(DomainName->MaximumLength); if (p->DomainName.Buffer == NULL) { MIDL_user_free(DomainName); Status = STATUS_INSUFFICIENT_RESOURCES; goto Done; } p->DomainName.Length = DomainName->Length; p->DomainName.MaximumLength = DomainName->MaximumLength; memcpy(p->DomainName.Buffer, DomainName->Buffer, DomainName->MaximumLength); } MIDL_user_free(DomainName); } /* Domain SID */ AttributeSize = 0; Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmS", NULL, &AttributeSize); if (!NT_SUCCESS(Status)) { goto Done; } if (AttributeSize > 0) { p->Sid = MIDL_user_allocate(AttributeSize); if (p->Sid == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto Done; } Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmS", p->Sid, &AttributeSize); } *PolicyInformation = (PLSAPR_POLICY_INFORMATION)p; Done: if (!NT_SUCCESS(Status)) { if (p) { if (p->DomainName.Buffer) MIDL_user_free(p->DomainName.Buffer); if (p->Sid) MIDL_user_free(p->Sid); MIDL_user_free(p); } } return Status; }