static NTSTATUS LwRtlSvcmInitializeInstance( PLW_SVCM_INSTANCE pInstance, PCWSTR pServiceName, PCSTR pModuleName, LW_SVCM_MODULE_ENTRY_FUNCTION Entry ) { NTSTATUS status = STATUS_SUCCESS; pInstance->pTable = Entry(); status = ValidateModuleTable(pInstance->pTable, pModuleName); GCOS(status); status = pInstance->pTable->Init(pServiceName, pInstance); if (status) { LW_RTL_LOG_ERROR( "Could not initialize service module '%s': %s (0x%lx)", pModuleName, LwNtStatusToName(status), (unsigned long) status); } GCOS(status); cleanup: return status; }
static NTSTATUS Unload( PCSTR pszDriverName ) { NTSTATUS status = STATUS_SUCCESS; PWSTR pwszDriverName = NULL; status = LwRtlWC16StringAllocateFromCString(&pwszDriverName, pszDriverName); BAIL_ON_NT_STATUS(status); status = LwIoUnloadDriver(pwszDriverName); if (status) { printf("Could not unload driver: %s\n", LwNtStatusToName(status)); } else { printf("Driver [%s] unloaded successfully\n", pszDriverName); } BAIL_ON_NT_STATUS(status); cleanup: LWIO_SAFE_FREE_MEMORY(pwszDriverName); return status; error: goto cleanup; }
static PVOID EventThread( PVOID pContext ) { NTSTATUS status = STATUS_SUCCESS; status = EventLoop((PEPOLL_THREAD) pContext); if (!NT_SUCCESS(status)) { LW_RTL_LOG_ERROR( "Task thread exiting with fatal error: %s (0x%x)", LwNtStatusToName(status), status); abort(); } return NULL; }
static DWORD ProcessGetAccountSystemAccessRights( IN PRPC_PARAMETERS pRpcParams, IN PSTR pszAccountName ) { DWORD err = ERROR_SUCCESS; NTSTATUS ntStatus = STATUS_SUCCESS; LSA_BINDING hLsa = NULL; LW_PIO_CREDS pCreds = NULL; PSID pAccountSid = NULL; WCHAR wszSysName[] = {'\\', '\\', '\0'}; DWORD policyAccessMask = LSA_ACCESS_LOOKUP_NAMES_SIDS | LSA_ACCESS_CREATE_PRIVILEGE | LSA_ACCESS_CREATE_SPECIAL_ACCOUNTS; POLICY_HANDLE hPolicy = NULL; DWORD accountAccessMask = LSA_ACCOUNT_VIEW; LSAR_ACCOUNT_HANDLE hAccount = NULL; DWORD systemAccess = 0; err = CreateRpcCredentials(pRpcParams, &pCreds); BAIL_ON_LSA_ERROR(err); err = CreateLsaRpcBinding(pRpcParams, pCreds, &hLsa); BAIL_ON_LSA_ERROR(err); err = ResolveAccountNameToSid( hLsa, pszAccountName, &pAccountSid); BAIL_ON_LSA_ERROR(err); ntStatus = LsaOpenPolicy2(hLsa, wszSysName, NULL, policyAccessMask, &hPolicy); BAIL_ON_NT_STATUS(ntStatus); ntStatus = LsaOpenAccount(hLsa, hPolicy, pAccountSid, accountAccessMask, &hAccount); BAIL_ON_NT_STATUS(ntStatus); ntStatus = LsaGetSystemAccessAccount( hLsa, hAccount, &systemAccess); BAIL_ON_NT_STATUS(ntStatus); fprintf(stdout, "Account: %s:\n" "==================================================================" "==============\n", pszAccountName); fprintf(stdout, "System Access Rights 0x%08x\n", systemAccess); error: if (ntStatus || err) { PCSTR errName = LwNtStatusToName(ntStatus); PCSTR errDescription = LwNtStatusToDescription(ntStatus); if (ntStatus) { errName = LwNtStatusToName(ntStatus); errDescription = LwNtStatusToDescription(ntStatus); } else { errName = LwWin32ErrorToName(err); errDescription = LwWin32ErrorToDescription(err); } fprintf(stderr, "Error: %s (%s)\n", LSA_SAFE_LOG_STRING(errName), LSA_SAFE_LOG_STRING(errDescription)); } if (hAccount) { LsaClose(hLsa, hAccount); } if (hPolicy) { LsaClose(hLsa, hPolicy); } if (hLsa) { LsaFreeBinding(&hLsa); } if (pCreds) { LwIoDeleteCreds(pCreds); } RTL_FREE(&pAccountSid); if (err == ERROR_SUCCESS && ntStatus != STATUS_SUCCESS) { err = LwNtStatusToWin32Error(ntStatus); } return err; }
static NTSTATUS PvfsRenameFile( PPVFS_CCB pCcb, PPVFS_FILE_NAME pNewFileName ) { NTSTATUS ntError = STATUS_SUCCESS; PPVFS_CB_TABLE scbTable = &gPvfsDriverState.ScbTable; PPVFS_CB_TABLE_ENTRY pTargetBucket = NULL; PPVFS_CB_TABLE_ENTRY pCurrentBucket = NULL; BOOLEAN renameLock = FALSE; BOOLEAN targetBucketLock = FALSE; BOOLEAN currentBucketLock = FALSE; PPVFS_FCB pFcb = NULL; PLW_LIST_LINKS scbCursorLink = NULL; PPVFS_SCB scbCursor = NULL; BOOLEAN scbMutexLock = FALSE; BOOLEAN fcbListLocked = FALSE; PPVFS_FILE_NAME origTargetFileName = NULL; PPVFS_FILE_NAME scbCursorFileName = NULL; PSTR origFullStreamName = NULL; PSTR newFullStreamName = NULL; // The CCB holds out reference down the chain so no need to take a new one pFcb = pCcb->pScb->pOwnerFcb; ntError = PvfsAllocateFileNameFromScb(&origTargetFileName, pCcb->pScb); BAIL_ON_NT_STATUS(ntError); LWIO_LOCK_RWMUTEX_EXCLUSIVE(renameLock, &scbTable->rwLock); LWIO_LOCK_RWMUTEX_SHARED(fcbListLocked, &pFcb->rwScbLock); ntError = PvfsRenameFCB(pFcb, pCcb, pNewFileName); BAIL_ON_NT_STATUS(ntError); for (scbCursorLink = PvfsListTraverse(pFcb->pScbList, NULL); scbCursorLink; scbCursorLink = PvfsListTraverse(pFcb->pScbList, scbCursorLink)) { scbCursor = LW_STRUCT_FROM_FIELD( scbCursorLink, PVFS_SCB, FcbList); ntError = PvfsAllocateFileNameFromScb(&scbCursorFileName, scbCursor); BAIL_ON_NT_STATUS(ntError); ntError = PvfsAllocateCStringFromFileName( &newFullStreamName, scbCursorFileName); BAIL_ON_NT_STATUS(ntError); ntError = PvfsRenameBaseFileName( scbCursorFileName, PvfsGetCStringBaseFileName(origTargetFileName)); BAIL_ON_NT_STATUS(ntError); ntError = PvfsAllocateCStringFromFileName( &origFullStreamName, scbCursorFileName); BAIL_ON_NT_STATUS(ntError); pCurrentBucket = scbCursor->BaseControlBlock.pBucket; ntError = PvfsCbTableGetBucket(&pTargetBucket, scbTable, newFullStreamName); BAIL_ON_NT_STATUS(ntError); LWIO_LOCK_MUTEX(scbMutexLock, &scbCursor->BaseControlBlock.Mutex); LWIO_LOCK_RWMUTEX_EXCLUSIVE(currentBucketLock, &pCurrentBucket->rwLock); if (pCurrentBucket != pTargetBucket) { // Will be moved to a new bucket in the table LWIO_LOCK_RWMUTEX_EXCLUSIVE(targetBucketLock, &pTargetBucket->rwLock); } ntError = PvfsCbTableRemove_inlock( (PPVFS_CONTROL_BLOCK)scbCursor, origFullStreamName); LWIO_ASSERT(STATUS_SUCCESS == ntError); ntError = PvfsCbTableAdd_inlock( pTargetBucket, newFullStreamName, (PPVFS_CONTROL_BLOCK)scbCursor); if (STATUS_SUCCESS != ntError) { LWIO_LOG_ERROR( "Failed to rename stream \"%s\" (%s)\n", newFullStreamName, LwNtStatusToName(ntError)); } LWIO_UNLOCK_RWMUTEX(targetBucketLock, &pTargetBucket->rwLock); LWIO_UNLOCK_RWMUTEX(currentBucketLock, &pCurrentBucket->rwLock); LWIO_UNLOCK_MUTEX(scbMutexLock, &scbCursor->BaseControlBlock.Mutex); if (origFullStreamName) { LwRtlCStringFree(&origFullStreamName); } if (newFullStreamName) { LwRtlCStringFree(&newFullStreamName); } } error: LWIO_UNLOCK_MUTEX(scbMutexLock, &scbCursor->BaseControlBlock.Mutex); LWIO_UNLOCK_RWMUTEX(targetBucketLock, &pTargetBucket->rwLock); LWIO_UNLOCK_RWMUTEX(currentBucketLock, &pCurrentBucket->rwLock); LWIO_UNLOCK_RWMUTEX(fcbListLocked, &pFcb->rwScbLock); LWIO_UNLOCK_RWMUTEX(renameLock, &scbTable->rwLock); if (origTargetFileName) { PvfsFreeFileName(origTargetFileName); } if (origFullStreamName) { LwRtlCStringFree(&origFullStreamName); } if (newFullStreamName) { LwRtlCStringFree(&newFullStreamName); } return ntError; }
static DWORD ProcessDeleteAccount( IN PRPC_PARAMETERS pRpcParams, IN PSTR AccountName ) { DWORD err = ERROR_SUCCESS; NTSTATUS ntStatus = STATUS_SUCCESS; LSA_BINDING hLsa = NULL; LW_PIO_CREDS pCreds = NULL; WCHAR wszSysName[] = {'\\', '\\', '\0'}; DWORD policyAccessMask = LSA_ACCESS_LOOKUP_NAMES_SIDS | LSA_ACCESS_VIEW_POLICY_INFO; DWORD accountAccessMask = DELETE; POLICY_HANDLE hPolicy = NULL; LSAR_ACCOUNT_HANDLE hAccount = NULL; PSID pAccountSid = NULL; err = CreateRpcCredentials(pRpcParams, &pCreds); BAIL_ON_LSA_ERROR(err); err = CreateLsaRpcBinding(pRpcParams, pCreds, &hLsa); BAIL_ON_LSA_ERROR(err); ntStatus = LsaOpenPolicy2(hLsa, wszSysName, NULL, policyAccessMask, &hPolicy); BAIL_ON_NT_STATUS(ntStatus); err = ResolveAccountNameToSid( hLsa, AccountName, &pAccountSid); BAIL_ON_LSA_ERROR(err); ntStatus = LsaOpenAccount( hLsa, hPolicy, pAccountSid, accountAccessMask, &hAccount); BAIL_ON_NT_STATUS(ntStatus); ntStatus = LsaRpcDeleteObject( hLsa, hAccount); BAIL_ON_NT_STATUS(ntStatus); error: if (ntStatus || err) { PCSTR errName = LwNtStatusToName(ntStatus); PCSTR errDescription = LwNtStatusToDescription(ntStatus); if (ntStatus) { errName = LwNtStatusToName(ntStatus); errDescription = LwNtStatusToDescription(ntStatus); } else { errName = LwWin32ErrorToName(err); errDescription = LwWin32ErrorToDescription(err); } fprintf(stderr, "Error: %s (%s)\n", LSA_SAFE_LOG_STRING(errName), LSA_SAFE_LOG_STRING(errDescription)); } if (hPolicy) { LsaClose(hLsa, hPolicy); } if (hLsa) { LsaFreeBinding(&hLsa); } if (pCreds) { LwIoDeleteCreds(pCreds); } if (err == ERROR_SUCCESS && ntStatus != STATUS_SUCCESS) { err = LwNtStatusToWin32Error(ntStatus); } return err; }
static DWORD ProcessAddRemoveAccountRights( IN PRPC_PARAMETERS pRpcParams, IN BOOLEAN Add, IN PSTR AccountRights, IN BOOLEAN RemoveAll, IN PSTR AccountName ) { DWORD err = ERROR_SUCCESS; NTSTATUS ntStatus = STATUS_SUCCESS; LSA_BINDING hLsa = NULL; LW_PIO_CREDS pCreds = NULL; WCHAR wszSysName[] = {'\\', '\\', '\0'}; DWORD policyAccessMask = LSA_ACCESS_LOOKUP_NAMES_SIDS | LSA_ACCESS_CREATE_SPECIAL_ACCOUNTS; POLICY_HANDLE hPolicy = NULL; PSID pAccountSid = NULL; PSTR *ppszAccountRightNames = NULL; DWORD numAccountRightNames = 0; PWSTR *ppwszAccountRightNames = NULL; DWORD i = 0; err = CreateRpcCredentials(pRpcParams, &pCreds); BAIL_ON_LSA_ERROR(err); err = CreateLsaRpcBinding(pRpcParams, pCreds, &hLsa); BAIL_ON_LSA_ERROR(err); ntStatus = LsaOpenPolicy2(hLsa, wszSysName, NULL, policyAccessMask, &hPolicy); BAIL_ON_NT_STATUS(ntStatus); err = ResolveAccountNameToSid( hLsa, AccountName, &pAccountSid); BAIL_ON_LSA_ERROR(err); if (AccountRights) { err = GetStringListFromString( AccountRights, SEPARATOR_CHAR, &ppszAccountRightNames, &numAccountRightNames); BAIL_ON_LSA_ERROR(err); err = LwAllocateMemory( sizeof(ppwszAccountRightNames[0]) * numAccountRightNames, OUT_PPVOID(&ppwszAccountRightNames)); BAIL_ON_LSA_ERROR(err); for (i = 0; i < numAccountRightNames; i++) { err = LwMbsToWc16s(ppszAccountRightNames[i], &ppwszAccountRightNames[i]); BAIL_ON_LSA_ERROR(err); } } if (Add) { ntStatus = LsaAddAccountRights( hLsa, hPolicy, pAccountSid, ppwszAccountRightNames, numAccountRightNames); BAIL_ON_NT_STATUS(ntStatus); fprintf(stdout, "Successfully added account rights to %s\n", AccountName); } else { ntStatus = LsaRemoveAccountRights( hLsa, hPolicy, pAccountSid, RemoveAll, ppwszAccountRightNames, numAccountRightNames); BAIL_ON_NT_STATUS(ntStatus); fprintf(stdout, "Successfully removed account rights from %s\n", AccountName); } error: if (ntStatus || err) { PCSTR errName = LwNtStatusToName(ntStatus); PCSTR errDescription = LwNtStatusToDescription(ntStatus); if (ntStatus) { errName = LwNtStatusToName(ntStatus); errDescription = LwNtStatusToDescription(ntStatus); } else { errName = LwWin32ErrorToName(err); errDescription = LwWin32ErrorToDescription(err); } fprintf(stderr, "Error: %s (%s)\n", LSA_SAFE_LOG_STRING(errName), LSA_SAFE_LOG_STRING(errDescription)); } if (hPolicy) { LsaClose(hLsa, hPolicy); } if (hLsa) { LsaFreeBinding(&hLsa); } if (pCreds) { LwIoDeleteCreds(pCreds); } for (i = 0; i < numAccountRightNames; i++) { LW_SAFE_FREE_MEMORY(ppwszAccountRightNames[i]); LW_SAFE_FREE_MEMORY(ppszAccountRightNames[i]); } LW_SAFE_FREE_MEMORY(ppwszAccountRightNames); LW_SAFE_FREE_MEMORY(ppszAccountRightNames); if (err == ERROR_SUCCESS && ntStatus != STATUS_SUCCESS) { err = LwNtStatusToWin32Error(ntStatus); } return err; }
static DWORD ProcessEnumerateAccountUserRights( IN PRPC_PARAMETERS pRpcParams, IN PSTR AccountName ) { DWORD err = ERROR_SUCCESS; NTSTATUS ntStatus = STATUS_SUCCESS; LSA_BINDING hLsa = NULL; LW_PIO_CREDS pCreds = NULL; WCHAR wszSysName[] = {'\\', '\\', '\0'}; DWORD policyAccessMask = LSA_ACCESS_LOOKUP_NAMES_SIDS | LSA_ACCESS_VIEW_POLICY_INFO; POLICY_HANDLE hPolicy = NULL; PSID pAccountSid = NULL; PSTR pszSid = NULL; PWSTR *pAccountRights = NULL; DWORD numAccountRights = 0; DWORD i = 0; PSTR pszAccountRight = NULL; err = CreateRpcCredentials(pRpcParams, &pCreds); BAIL_ON_LSA_ERROR(err); err = CreateLsaRpcBinding(pRpcParams, pCreds, &hLsa); BAIL_ON_LSA_ERROR(err); ntStatus = LsaOpenPolicy2(hLsa, wszSysName, NULL, policyAccessMask, &hPolicy); BAIL_ON_NT_STATUS(ntStatus); err = ResolveAccountNameToSid( hLsa, AccountName, &pAccountSid); BAIL_ON_LSA_ERROR(err); ntStatus = RtlAllocateCStringFromSid( &pszSid, pAccountSid); BAIL_ON_NT_STATUS(ntStatus); fprintf(stdout, "%s Account Rights\n:" "==================================================" "==============================\n", AccountName); ntStatus = LsaEnumAccountRights( hLsa, hPolicy, pAccountSid, &pAccountRights, &numAccountRights); BAIL_ON_NT_STATUS(ntStatus); for (i = 0; i < numAccountRights; i++) { err = LwWc16sToMbs(pAccountRights[i], &pszAccountRight); BAIL_ON_LSA_ERROR(err); fprintf(stdout, "%s\n", pszAccountRight); LW_SAFE_FREE_MEMORY(pszAccountRight); } error: if (ntStatus || err) { PCSTR errName = LwNtStatusToName(ntStatus); PCSTR errDescription = LwNtStatusToDescription(ntStatus); if (ntStatus) { errName = LwNtStatusToName(ntStatus); errDescription = LwNtStatusToDescription(ntStatus); } else { errName = LwWin32ErrorToName(err); errDescription = LwWin32ErrorToDescription(err); } fprintf(stderr, "Error: %s (%s)\n", LSA_SAFE_LOG_STRING(errName), LSA_SAFE_LOG_STRING(errDescription)); } if (hPolicy) { LsaClose(hLsa, hPolicy); } if (hLsa) { LsaFreeBinding(&hLsa); } if (pCreds) { LwIoDeleteCreds(pCreds); } if (pAccountRights) { LsaRpcFreeMemory(pAccountRights); } LW_SAFE_FREE_MEMORY(pszAccountRight); if (err == ERROR_SUCCESS && ntStatus != STATUS_SUCCESS) { err = LwNtStatusToWin32Error(ntStatus); } return err; }
static DWORD ProcessEnumerateAccounts( IN PRPC_PARAMETERS pRpcParams, IN PSTR UserRightName ) { DWORD err = ERROR_SUCCESS; NTSTATUS ntStatus = STATUS_SUCCESS; LSA_BINDING hLsa = NULL; LW_PIO_CREDS pCreds = NULL; WCHAR wszSysName[] = {'\\', '\\', '\0'}; DWORD policyAccessMask = LSA_ACCESS_LOOKUP_NAMES_SIDS | LSA_ACCESS_VIEW_POLICY_INFO; POLICY_HANDLE hPolicy = NULL; PWSTR pwszUserRightName = NULL; DWORD resume = 0; PSID *ppSids = NULL; DWORD numSids = 0; DWORD prefMaxSize = 64; DWORD i = 0; SID_ARRAY sids = {0}; RefDomainList *pDomList = NULL; TranslatedName *pTransNames = NULL; DWORD count = 0; PSTR pszAccountSid = NULL; PSTR pszAccountDomain = NULL; PSTR pszAccountName = NULL; BOOLEAN moreEntries = FALSE; err = CreateRpcCredentials(pRpcParams, &pCreds); BAIL_ON_LSA_ERROR(err); err = CreateLsaRpcBinding(pRpcParams, pCreds, &hLsa); BAIL_ON_LSA_ERROR(err); ntStatus = LsaOpenPolicy2(hLsa, wszSysName, NULL, policyAccessMask, &hPolicy); BAIL_ON_NT_STATUS(ntStatus); fprintf(stdout, "LSA Accounts"); do { moreEntries = FALSE; if (UserRightName) { fprintf(stdout, " with AccountRight = %s:\n", UserRightName); fprintf(stdout, "==================================================" "==============================\n"); err = LwMbsToWc16s(UserRightName, &pwszUserRightName); BAIL_ON_LSA_ERROR(err); ntStatus = LsaEnumAccountsWithUserRight( hLsa, hPolicy, pwszUserRightName, &ppSids, &numSids); BAIL_ON_NT_STATUS(ntStatus); } else { fprintf(stdout, ":\n"); fprintf(stdout, "==================================================" "==============================\n"); ntStatus = LsaEnumAccounts(hLsa, hPolicy, &resume, &ppSids, &numSids, prefMaxSize); if (ntStatus == STATUS_MORE_ENTRIES) { ntStatus = STATUS_SUCCESS; moreEntries = TRUE; } else if (ntStatus != STATUS_SUCCESS) { BAIL_ON_NT_STATUS(ntStatus); } } err = LwAllocateMemory( sizeof(sids.pSids[0]) * numSids, OUT_PPVOID(&sids.pSids)); BAIL_ON_LSA_ERROR(err); sids.dwNumSids = numSids; for (i = 0; i < sids.dwNumSids; i++) { sids.pSids[i].pSid = ppSids[i]; } ntStatus = LsaLookupSids(hLsa, hPolicy, &sids, &pDomList, &pTransNames, LSA_LOOKUP_NAMES_ALL, &count); if (ntStatus == STATUS_SOME_NOT_MAPPED || ntStatus == STATUS_NONE_MAPPED) { ntStatus = STATUS_SUCCESS; } else if (ntStatus != STATUS_SUCCESS) { BAIL_ON_NT_STATUS(ntStatus); } for (i = 0; i < sids.dwNumSids; i++) { DWORD domainIndex = 0; ntStatus = RtlAllocateCStringFromSid( &pszAccountSid, sids.pSids[i].pSid); BAIL_ON_NT_STATUS(ntStatus); if (pTransNames[i].type == SID_TYPE_USER || pTransNames[i].type == SID_TYPE_DOM_GRP || pTransNames[i].type == SID_TYPE_DOMAIN || pTransNames[i].type == SID_TYPE_ALIAS || pTransNames[i].type == SID_TYPE_WKN_GRP) { ntStatus = RtlCStringAllocateFromUnicodeString( &pszAccountName, &pTransNames[i].name); BAIL_ON_NT_STATUS(ntStatus); domainIndex = pTransNames[i].sid_index; ntStatus = RtlCStringAllocateFromUnicodeString( &pszAccountDomain, &pDomList->domains[domainIndex].name); BAIL_ON_NT_STATUS(ntStatus); } if (pszAccountSid) { fprintf(stdout, "%s ", pszAccountSid); } if (pszAccountDomain && pszAccountName) { fprintf(stdout, "(%s\\%s)", pszAccountDomain, pszAccountName); } else if (pszAccountDomain && !pszAccountName) { fprintf(stdout, "(%s\\)", pszAccountDomain); } else if (!pszAccountDomain && pszAccountName) { fprintf(stdout, "(%s)", pszAccountName); } else { fprintf(stdout, "(unknown)"); } fprintf(stdout, "\n"); RTL_FREE(&pszAccountSid); RTL_FREE(&pszAccountDomain); RTL_FREE(&pszAccountName); } if (pTransNames) { LsaRpcFreeMemory(pTransNames); pTransNames = NULL; } if (pDomList) { LsaRpcFreeMemory(pDomList); pDomList = NULL; } if (ppSids) { LsaRpcFreeMemory(ppSids); ppSids = NULL; } LW_SAFE_FREE_MEMORY(sids.pSids); } while (moreEntries && ntStatus == STATUS_SUCCESS); error: if (ntStatus || err) { PCSTR errName = LwNtStatusToName(ntStatus); PCSTR errDescription = LwNtStatusToDescription(ntStatus); if (ntStatus) { errName = LwNtStatusToName(ntStatus); errDescription = LwNtStatusToDescription(ntStatus); } else { errName = LwWin32ErrorToName(err); errDescription = LwWin32ErrorToDescription(err); } fprintf(stderr, "Error: %s (%s)\n", LSA_SAFE_LOG_STRING(errName), LSA_SAFE_LOG_STRING(errDescription)); } if (hPolicy) { LsaClose(hLsa, hPolicy); } if (hLsa) { LsaFreeBinding(&hLsa); } if (pCreds) { LwIoDeleteCreds(pCreds); } LW_SAFE_FREE_MEMORY(pwszUserRightName); RTL_FREE(&pszAccountSid); RTL_FREE(&pszAccountDomain); RTL_FREE(&pszAccountName); if (pTransNames) { LsaRpcFreeMemory(pTransNames); } if (pDomList) { LsaRpcFreeMemory(pDomList); } if (ppSids) { LsaRpcFreeMemory(ppSids); } LW_SAFE_FREE_MEMORY(sids.pSids); if (err == ERROR_SUCCESS && ntStatus != STATUS_SUCCESS) { err = LwNtStatusToWin32Error(ntStatus); } return err; }