static
NTSTATUS
LwRtlSvcmInitializeInstance(
PLW_SVCM_INSTANCE pInstance,
PCWSTR pServiceName,
PCSTR pModuleName,
LW_SVCM_MODULE_ENTRY_FUNCTION Entry
)
{
NTSTATUS status = STATUS_SUCCESS;
pInstance->pTable = Entry();
status = ValidateModuleTable(pInstance->pTable, pModuleName);
GCOS(status);
status = pInstance->pTable->Init(pServiceName, pInstance);
if (status)
{
LW_RTL_LOG_ERROR(
"Could not initialize service module '%s': %s (0x%lx)",
pModuleName,
LwNtStatusToName(status),
(unsigned long) status);
}
GCOS(status);
cleanup:
return status;
}
static
NTSTATUS
Unload(
PCSTR pszDriverName
)
{
NTSTATUS status = STATUS_SUCCESS;
PWSTR pwszDriverName = NULL;
status = LwRtlWC16StringAllocateFromCString(&pwszDriverName, pszDriverName);
BAIL_ON_NT_STATUS(status);
status = LwIoUnloadDriver(pwszDriverName);
if (status)
{
printf("Could not unload driver: %s\n", LwNtStatusToName(status));
}
else
{
printf("Driver [%s] unloaded successfully\n", pszDriverName);
}
BAIL_ON_NT_STATUS(status);
cleanup:
LWIO_SAFE_FREE_MEMORY(pwszDriverName);
return status;
error:
goto cleanup;
}
static
PVOID
EventThread(
PVOID pContext
)
{
NTSTATUS status = STATUS_SUCCESS;
status = EventLoop((PEPOLL_THREAD) pContext);
if (!NT_SUCCESS(status))
{
LW_RTL_LOG_ERROR(
"Task thread exiting with fatal error: %s (0x%x)",
LwNtStatusToName(status),
status);
abort();
}
return NULL;
}
static
DWORD
ProcessGetAccountSystemAccessRights(
IN PRPC_PARAMETERS pRpcParams,
IN PSTR pszAccountName
)
{
DWORD err = ERROR_SUCCESS;
NTSTATUS ntStatus = STATUS_SUCCESS;
LSA_BINDING hLsa = NULL;
LW_PIO_CREDS pCreds = NULL;
PSID pAccountSid = NULL;
WCHAR wszSysName[] = {'\\', '\\', '\0'};
DWORD policyAccessMask = LSA_ACCESS_LOOKUP_NAMES_SIDS |
LSA_ACCESS_CREATE_PRIVILEGE |
LSA_ACCESS_CREATE_SPECIAL_ACCOUNTS;
POLICY_HANDLE hPolicy = NULL;
DWORD accountAccessMask = LSA_ACCOUNT_VIEW;
LSAR_ACCOUNT_HANDLE hAccount = NULL;
DWORD systemAccess = 0;
err = CreateRpcCredentials(pRpcParams,
&pCreds);
BAIL_ON_LSA_ERROR(err);
err = CreateLsaRpcBinding(pRpcParams,
pCreds,
&hLsa);
BAIL_ON_LSA_ERROR(err);
err = ResolveAccountNameToSid(
hLsa,
pszAccountName,
&pAccountSid);
BAIL_ON_LSA_ERROR(err);
ntStatus = LsaOpenPolicy2(hLsa,
wszSysName,
NULL,
policyAccessMask,
&hPolicy);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = LsaOpenAccount(hLsa,
hPolicy,
pAccountSid,
accountAccessMask,
&hAccount);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = LsaGetSystemAccessAccount(
hLsa,
hAccount,
&systemAccess);
BAIL_ON_NT_STATUS(ntStatus);
fprintf(stdout,
"Account: %s:\n"
"=================================================================="
"==============\n", pszAccountName);
fprintf(stdout, "System Access Rights 0x%08x\n", systemAccess);
error:
if (ntStatus || err)
{
PCSTR errName = LwNtStatusToName(ntStatus);
PCSTR errDescription = LwNtStatusToDescription(ntStatus);
if (ntStatus)
{
errName = LwNtStatusToName(ntStatus);
errDescription = LwNtStatusToDescription(ntStatus);
}
else
{
errName = LwWin32ErrorToName(err);
errDescription = LwWin32ErrorToDescription(err);
}
fprintf(stderr, "Error: %s (%s)\n",
LSA_SAFE_LOG_STRING(errName),
LSA_SAFE_LOG_STRING(errDescription));
}
if (hAccount)
{
LsaClose(hLsa, hAccount);
}
if (hPolicy)
{
LsaClose(hLsa, hPolicy);
}
if (hLsa)
{
LsaFreeBinding(&hLsa);
}
if (pCreds)
{
LwIoDeleteCreds(pCreds);
}
RTL_FREE(&pAccountSid);
if (err == ERROR_SUCCESS &&
ntStatus != STATUS_SUCCESS)
{
err = LwNtStatusToWin32Error(ntStatus);
}
return err;
}
static
NTSTATUS
PvfsRenameFile(
PPVFS_CCB pCcb,
PPVFS_FILE_NAME pNewFileName
)
{
NTSTATUS ntError = STATUS_SUCCESS;
PPVFS_CB_TABLE scbTable = &gPvfsDriverState.ScbTable;
PPVFS_CB_TABLE_ENTRY pTargetBucket = NULL;
PPVFS_CB_TABLE_ENTRY pCurrentBucket = NULL;
BOOLEAN renameLock = FALSE;
BOOLEAN targetBucketLock = FALSE;
BOOLEAN currentBucketLock = FALSE;
PPVFS_FCB pFcb = NULL;
PLW_LIST_LINKS scbCursorLink = NULL;
PPVFS_SCB scbCursor = NULL;
BOOLEAN scbMutexLock = FALSE;
BOOLEAN fcbListLocked = FALSE;
PPVFS_FILE_NAME origTargetFileName = NULL;
PPVFS_FILE_NAME scbCursorFileName = NULL;
PSTR origFullStreamName = NULL;
PSTR newFullStreamName = NULL;
// The CCB holds out reference down the chain so no need to take a new one
pFcb = pCcb->pScb->pOwnerFcb;
ntError = PvfsAllocateFileNameFromScb(&origTargetFileName, pCcb->pScb);
BAIL_ON_NT_STATUS(ntError);
LWIO_LOCK_RWMUTEX_EXCLUSIVE(renameLock, &scbTable->rwLock);
LWIO_LOCK_RWMUTEX_SHARED(fcbListLocked, &pFcb->rwScbLock);
ntError = PvfsRenameFCB(pFcb, pCcb, pNewFileName);
BAIL_ON_NT_STATUS(ntError);
for (scbCursorLink = PvfsListTraverse(pFcb->pScbList, NULL);
scbCursorLink;
scbCursorLink = PvfsListTraverse(pFcb->pScbList, scbCursorLink))
{
scbCursor = LW_STRUCT_FROM_FIELD(
scbCursorLink,
PVFS_SCB,
FcbList);
ntError = PvfsAllocateFileNameFromScb(&scbCursorFileName, scbCursor);
BAIL_ON_NT_STATUS(ntError);
ntError = PvfsAllocateCStringFromFileName(
&newFullStreamName,
scbCursorFileName);
BAIL_ON_NT_STATUS(ntError);
ntError = PvfsRenameBaseFileName(
scbCursorFileName,
PvfsGetCStringBaseFileName(origTargetFileName));
BAIL_ON_NT_STATUS(ntError);
ntError = PvfsAllocateCStringFromFileName(
&origFullStreamName,
scbCursorFileName);
BAIL_ON_NT_STATUS(ntError);
pCurrentBucket = scbCursor->BaseControlBlock.pBucket;
ntError = PvfsCbTableGetBucket(&pTargetBucket, scbTable, newFullStreamName);
BAIL_ON_NT_STATUS(ntError);
LWIO_LOCK_MUTEX(scbMutexLock, &scbCursor->BaseControlBlock.Mutex);
LWIO_LOCK_RWMUTEX_EXCLUSIVE(currentBucketLock, &pCurrentBucket->rwLock);
if (pCurrentBucket != pTargetBucket)
{
// Will be moved to a new bucket in the table
LWIO_LOCK_RWMUTEX_EXCLUSIVE(targetBucketLock, &pTargetBucket->rwLock);
}
ntError = PvfsCbTableRemove_inlock(
(PPVFS_CONTROL_BLOCK)scbCursor,
origFullStreamName);
LWIO_ASSERT(STATUS_SUCCESS == ntError);
ntError = PvfsCbTableAdd_inlock(
pTargetBucket,
newFullStreamName,
(PPVFS_CONTROL_BLOCK)scbCursor);
if (STATUS_SUCCESS != ntError)
{
LWIO_LOG_ERROR(
"Failed to rename stream \"%s\" (%s)\n",
newFullStreamName,
LwNtStatusToName(ntError));
}
LWIO_UNLOCK_RWMUTEX(targetBucketLock, &pTargetBucket->rwLock);
LWIO_UNLOCK_RWMUTEX(currentBucketLock, &pCurrentBucket->rwLock);
LWIO_UNLOCK_MUTEX(scbMutexLock, &scbCursor->BaseControlBlock.Mutex);
if (origFullStreamName)
{
LwRtlCStringFree(&origFullStreamName);
}
if (newFullStreamName)
{
LwRtlCStringFree(&newFullStreamName);
}
}
error:
LWIO_UNLOCK_MUTEX(scbMutexLock, &scbCursor->BaseControlBlock.Mutex);
LWIO_UNLOCK_RWMUTEX(targetBucketLock, &pTargetBucket->rwLock);
LWIO_UNLOCK_RWMUTEX(currentBucketLock, &pCurrentBucket->rwLock);
LWIO_UNLOCK_RWMUTEX(fcbListLocked, &pFcb->rwScbLock);
LWIO_UNLOCK_RWMUTEX(renameLock, &scbTable->rwLock);
if (origTargetFileName)
{
PvfsFreeFileName(origTargetFileName);
}
if (origFullStreamName)
{
LwRtlCStringFree(&origFullStreamName);
}
if (newFullStreamName)
{
LwRtlCStringFree(&newFullStreamName);
}
return ntError;
}
static
DWORD
ProcessDeleteAccount(
IN PRPC_PARAMETERS pRpcParams,
IN PSTR AccountName
)
{
DWORD err = ERROR_SUCCESS;
NTSTATUS ntStatus = STATUS_SUCCESS;
LSA_BINDING hLsa = NULL;
LW_PIO_CREDS pCreds = NULL;
WCHAR wszSysName[] = {'\\', '\\', '\0'};
DWORD policyAccessMask = LSA_ACCESS_LOOKUP_NAMES_SIDS |
LSA_ACCESS_VIEW_POLICY_INFO;
DWORD accountAccessMask = DELETE;
POLICY_HANDLE hPolicy = NULL;
LSAR_ACCOUNT_HANDLE hAccount = NULL;
PSID pAccountSid = NULL;
err = CreateRpcCredentials(pRpcParams,
&pCreds);
BAIL_ON_LSA_ERROR(err);
err = CreateLsaRpcBinding(pRpcParams,
pCreds,
&hLsa);
BAIL_ON_LSA_ERROR(err);
ntStatus = LsaOpenPolicy2(hLsa,
wszSysName,
NULL,
policyAccessMask,
&hPolicy);
BAIL_ON_NT_STATUS(ntStatus);
err = ResolveAccountNameToSid(
hLsa,
AccountName,
&pAccountSid);
BAIL_ON_LSA_ERROR(err);
ntStatus = LsaOpenAccount(
hLsa,
hPolicy,
pAccountSid,
accountAccessMask,
&hAccount);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = LsaRpcDeleteObject(
hLsa,
hAccount);
BAIL_ON_NT_STATUS(ntStatus);
error:
if (ntStatus || err)
{
PCSTR errName = LwNtStatusToName(ntStatus);
PCSTR errDescription = LwNtStatusToDescription(ntStatus);
if (ntStatus)
{
errName = LwNtStatusToName(ntStatus);
errDescription = LwNtStatusToDescription(ntStatus);
}
else
{
errName = LwWin32ErrorToName(err);
errDescription = LwWin32ErrorToDescription(err);
}
fprintf(stderr, "Error: %s (%s)\n",
LSA_SAFE_LOG_STRING(errName),
LSA_SAFE_LOG_STRING(errDescription));
}
if (hPolicy)
{
LsaClose(hLsa, hPolicy);
}
if (hLsa)
{
LsaFreeBinding(&hLsa);
}
if (pCreds)
{
LwIoDeleteCreds(pCreds);
}
if (err == ERROR_SUCCESS &&
ntStatus != STATUS_SUCCESS)
{
err = LwNtStatusToWin32Error(ntStatus);
}
return err;
}
static
DWORD
ProcessAddRemoveAccountRights(
IN PRPC_PARAMETERS pRpcParams,
IN BOOLEAN Add,
IN PSTR AccountRights,
IN BOOLEAN RemoveAll,
IN PSTR AccountName
)
{
DWORD err = ERROR_SUCCESS;
NTSTATUS ntStatus = STATUS_SUCCESS;
LSA_BINDING hLsa = NULL;
LW_PIO_CREDS pCreds = NULL;
WCHAR wszSysName[] = {'\\', '\\', '\0'};
DWORD policyAccessMask = LSA_ACCESS_LOOKUP_NAMES_SIDS |
LSA_ACCESS_CREATE_SPECIAL_ACCOUNTS;
POLICY_HANDLE hPolicy = NULL;
PSID pAccountSid = NULL;
PSTR *ppszAccountRightNames = NULL;
DWORD numAccountRightNames = 0;
PWSTR *ppwszAccountRightNames = NULL;
DWORD i = 0;
err = CreateRpcCredentials(pRpcParams,
&pCreds);
BAIL_ON_LSA_ERROR(err);
err = CreateLsaRpcBinding(pRpcParams,
pCreds,
&hLsa);
BAIL_ON_LSA_ERROR(err);
ntStatus = LsaOpenPolicy2(hLsa,
wszSysName,
NULL,
policyAccessMask,
&hPolicy);
BAIL_ON_NT_STATUS(ntStatus);
err = ResolveAccountNameToSid(
hLsa,
AccountName,
&pAccountSid);
BAIL_ON_LSA_ERROR(err);
if (AccountRights)
{
err = GetStringListFromString(
AccountRights,
SEPARATOR_CHAR,
&ppszAccountRightNames,
&numAccountRightNames);
BAIL_ON_LSA_ERROR(err);
err = LwAllocateMemory(
sizeof(ppwszAccountRightNames[0]) * numAccountRightNames,
OUT_PPVOID(&ppwszAccountRightNames));
BAIL_ON_LSA_ERROR(err);
for (i = 0; i < numAccountRightNames; i++)
{
err = LwMbsToWc16s(ppszAccountRightNames[i],
&ppwszAccountRightNames[i]);
BAIL_ON_LSA_ERROR(err);
}
}
if (Add)
{
ntStatus = LsaAddAccountRights(
hLsa,
hPolicy,
pAccountSid,
ppwszAccountRightNames,
numAccountRightNames);
BAIL_ON_NT_STATUS(ntStatus);
fprintf(stdout, "Successfully added account rights to %s\n", AccountName);
}
else
{
ntStatus = LsaRemoveAccountRights(
hLsa,
hPolicy,
pAccountSid,
RemoveAll,
ppwszAccountRightNames,
numAccountRightNames);
BAIL_ON_NT_STATUS(ntStatus);
fprintf(stdout, "Successfully removed account rights from %s\n", AccountName);
}
error:
if (ntStatus || err)
{
PCSTR errName = LwNtStatusToName(ntStatus);
PCSTR errDescription = LwNtStatusToDescription(ntStatus);
if (ntStatus)
{
errName = LwNtStatusToName(ntStatus);
errDescription = LwNtStatusToDescription(ntStatus);
}
else
{
errName = LwWin32ErrorToName(err);
errDescription = LwWin32ErrorToDescription(err);
}
fprintf(stderr, "Error: %s (%s)\n",
LSA_SAFE_LOG_STRING(errName),
LSA_SAFE_LOG_STRING(errDescription));
}
if (hPolicy)
{
LsaClose(hLsa, hPolicy);
}
if (hLsa)
{
LsaFreeBinding(&hLsa);
}
if (pCreds)
{
LwIoDeleteCreds(pCreds);
}
for (i = 0; i < numAccountRightNames; i++)
{
LW_SAFE_FREE_MEMORY(ppwszAccountRightNames[i]);
LW_SAFE_FREE_MEMORY(ppszAccountRightNames[i]);
}
LW_SAFE_FREE_MEMORY(ppwszAccountRightNames);
LW_SAFE_FREE_MEMORY(ppszAccountRightNames);
if (err == ERROR_SUCCESS &&
ntStatus != STATUS_SUCCESS)
{
err = LwNtStatusToWin32Error(ntStatus);
}
return err;
}
static
DWORD
ProcessEnumerateAccountUserRights(
IN PRPC_PARAMETERS pRpcParams,
IN PSTR AccountName
)
{
DWORD err = ERROR_SUCCESS;
NTSTATUS ntStatus = STATUS_SUCCESS;
LSA_BINDING hLsa = NULL;
LW_PIO_CREDS pCreds = NULL;
WCHAR wszSysName[] = {'\\', '\\', '\0'};
DWORD policyAccessMask = LSA_ACCESS_LOOKUP_NAMES_SIDS |
LSA_ACCESS_VIEW_POLICY_INFO;
POLICY_HANDLE hPolicy = NULL;
PSID pAccountSid = NULL;
PSTR pszSid = NULL;
PWSTR *pAccountRights = NULL;
DWORD numAccountRights = 0;
DWORD i = 0;
PSTR pszAccountRight = NULL;
err = CreateRpcCredentials(pRpcParams,
&pCreds);
BAIL_ON_LSA_ERROR(err);
err = CreateLsaRpcBinding(pRpcParams,
pCreds,
&hLsa);
BAIL_ON_LSA_ERROR(err);
ntStatus = LsaOpenPolicy2(hLsa,
wszSysName,
NULL,
policyAccessMask,
&hPolicy);
BAIL_ON_NT_STATUS(ntStatus);
err = ResolveAccountNameToSid(
hLsa,
AccountName,
&pAccountSid);
BAIL_ON_LSA_ERROR(err);
ntStatus = RtlAllocateCStringFromSid(
&pszSid,
pAccountSid);
BAIL_ON_NT_STATUS(ntStatus);
fprintf(stdout, "%s Account Rights\n:"
"=================================================="
"==============================\n", AccountName);
ntStatus = LsaEnumAccountRights(
hLsa,
hPolicy,
pAccountSid,
&pAccountRights,
&numAccountRights);
BAIL_ON_NT_STATUS(ntStatus);
for (i = 0; i < numAccountRights; i++)
{
err = LwWc16sToMbs(pAccountRights[i],
&pszAccountRight);
BAIL_ON_LSA_ERROR(err);
fprintf(stdout, "%s\n", pszAccountRight);
LW_SAFE_FREE_MEMORY(pszAccountRight);
}
error:
if (ntStatus || err)
{
PCSTR errName = LwNtStatusToName(ntStatus);
PCSTR errDescription = LwNtStatusToDescription(ntStatus);
if (ntStatus)
{
errName = LwNtStatusToName(ntStatus);
errDescription = LwNtStatusToDescription(ntStatus);
}
else
{
errName = LwWin32ErrorToName(err);
errDescription = LwWin32ErrorToDescription(err);
}
fprintf(stderr, "Error: %s (%s)\n",
LSA_SAFE_LOG_STRING(errName),
LSA_SAFE_LOG_STRING(errDescription));
}
if (hPolicy)
{
LsaClose(hLsa, hPolicy);
}
if (hLsa)
{
LsaFreeBinding(&hLsa);
}
if (pCreds)
{
LwIoDeleteCreds(pCreds);
}
if (pAccountRights)
{
LsaRpcFreeMemory(pAccountRights);
}
LW_SAFE_FREE_MEMORY(pszAccountRight);
if (err == ERROR_SUCCESS &&
ntStatus != STATUS_SUCCESS)
{
err = LwNtStatusToWin32Error(ntStatus);
}
return err;
}
static
DWORD
ProcessEnumerateAccounts(
IN PRPC_PARAMETERS pRpcParams,
IN PSTR UserRightName
)
{
DWORD err = ERROR_SUCCESS;
NTSTATUS ntStatus = STATUS_SUCCESS;
LSA_BINDING hLsa = NULL;
LW_PIO_CREDS pCreds = NULL;
WCHAR wszSysName[] = {'\\', '\\', '\0'};
DWORD policyAccessMask = LSA_ACCESS_LOOKUP_NAMES_SIDS |
LSA_ACCESS_VIEW_POLICY_INFO;
POLICY_HANDLE hPolicy = NULL;
PWSTR pwszUserRightName = NULL;
DWORD resume = 0;
PSID *ppSids = NULL;
DWORD numSids = 0;
DWORD prefMaxSize = 64;
DWORD i = 0;
SID_ARRAY sids = {0};
RefDomainList *pDomList = NULL;
TranslatedName *pTransNames = NULL;
DWORD count = 0;
PSTR pszAccountSid = NULL;
PSTR pszAccountDomain = NULL;
PSTR pszAccountName = NULL;
BOOLEAN moreEntries = FALSE;
err = CreateRpcCredentials(pRpcParams,
&pCreds);
BAIL_ON_LSA_ERROR(err);
err = CreateLsaRpcBinding(pRpcParams,
pCreds,
&hLsa);
BAIL_ON_LSA_ERROR(err);
ntStatus = LsaOpenPolicy2(hLsa,
wszSysName,
NULL,
policyAccessMask,
&hPolicy);
BAIL_ON_NT_STATUS(ntStatus);
fprintf(stdout,
"LSA Accounts");
do
{
moreEntries = FALSE;
if (UserRightName)
{
fprintf(stdout, " with AccountRight = %s:\n", UserRightName);
fprintf(stdout,
"=================================================="
"==============================\n");
err = LwMbsToWc16s(UserRightName,
&pwszUserRightName);
BAIL_ON_LSA_ERROR(err);
ntStatus = LsaEnumAccountsWithUserRight(
hLsa,
hPolicy,
pwszUserRightName,
&ppSids,
&numSids);
BAIL_ON_NT_STATUS(ntStatus);
}
else
{
fprintf(stdout, ":\n");
fprintf(stdout,
"=================================================="
"==============================\n");
ntStatus = LsaEnumAccounts(hLsa,
hPolicy,
&resume,
&ppSids,
&numSids,
prefMaxSize);
if (ntStatus == STATUS_MORE_ENTRIES)
{
ntStatus = STATUS_SUCCESS;
moreEntries = TRUE;
}
else if (ntStatus != STATUS_SUCCESS)
{
BAIL_ON_NT_STATUS(ntStatus);
}
}
err = LwAllocateMemory(
sizeof(sids.pSids[0]) * numSids,
OUT_PPVOID(&sids.pSids));
BAIL_ON_LSA_ERROR(err);
sids.dwNumSids = numSids;
for (i = 0; i < sids.dwNumSids; i++)
{
sids.pSids[i].pSid = ppSids[i];
}
ntStatus = LsaLookupSids(hLsa,
hPolicy,
&sids,
&pDomList,
&pTransNames,
LSA_LOOKUP_NAMES_ALL,
&count);
if (ntStatus == STATUS_SOME_NOT_MAPPED ||
ntStatus == STATUS_NONE_MAPPED)
{
ntStatus = STATUS_SUCCESS;
}
else if (ntStatus != STATUS_SUCCESS)
{
BAIL_ON_NT_STATUS(ntStatus);
}
for (i = 0; i < sids.dwNumSids; i++)
{
DWORD domainIndex = 0;
ntStatus = RtlAllocateCStringFromSid(
&pszAccountSid,
sids.pSids[i].pSid);
BAIL_ON_NT_STATUS(ntStatus);
if (pTransNames[i].type == SID_TYPE_USER ||
pTransNames[i].type == SID_TYPE_DOM_GRP ||
pTransNames[i].type == SID_TYPE_DOMAIN ||
pTransNames[i].type == SID_TYPE_ALIAS ||
pTransNames[i].type == SID_TYPE_WKN_GRP)
{
ntStatus = RtlCStringAllocateFromUnicodeString(
&pszAccountName,
&pTransNames[i].name);
BAIL_ON_NT_STATUS(ntStatus);
domainIndex = pTransNames[i].sid_index;
ntStatus = RtlCStringAllocateFromUnicodeString(
&pszAccountDomain,
&pDomList->domains[domainIndex].name);
BAIL_ON_NT_STATUS(ntStatus);
}
if (pszAccountSid)
{
fprintf(stdout, "%s ", pszAccountSid);
}
if (pszAccountDomain && pszAccountName)
{
fprintf(stdout, "(%s\\%s)", pszAccountDomain, pszAccountName);
}
else if (pszAccountDomain && !pszAccountName)
{
fprintf(stdout, "(%s\\)", pszAccountDomain);
}
else if (!pszAccountDomain && pszAccountName)
{
fprintf(stdout, "(%s)", pszAccountName);
}
else
{
fprintf(stdout, "(unknown)");
}
fprintf(stdout, "\n");
RTL_FREE(&pszAccountSid);
RTL_FREE(&pszAccountDomain);
RTL_FREE(&pszAccountName);
}
if (pTransNames)
{
LsaRpcFreeMemory(pTransNames);
pTransNames = NULL;
}
if (pDomList)
{
LsaRpcFreeMemory(pDomList);
pDomList = NULL;
}
if (ppSids)
{
LsaRpcFreeMemory(ppSids);
ppSids = NULL;
}
LW_SAFE_FREE_MEMORY(sids.pSids);
} while (moreEntries && ntStatus == STATUS_SUCCESS);
error:
if (ntStatus || err)
{
PCSTR errName = LwNtStatusToName(ntStatus);
PCSTR errDescription = LwNtStatusToDescription(ntStatus);
if (ntStatus)
{
errName = LwNtStatusToName(ntStatus);
errDescription = LwNtStatusToDescription(ntStatus);
}
else
{
errName = LwWin32ErrorToName(err);
errDescription = LwWin32ErrorToDescription(err);
}
fprintf(stderr, "Error: %s (%s)\n",
LSA_SAFE_LOG_STRING(errName),
LSA_SAFE_LOG_STRING(errDescription));
}
if (hPolicy)
{
LsaClose(hLsa, hPolicy);
}
if (hLsa)
{
LsaFreeBinding(&hLsa);
}
if (pCreds)
{
LwIoDeleteCreds(pCreds);
}
LW_SAFE_FREE_MEMORY(pwszUserRightName);
RTL_FREE(&pszAccountSid);
RTL_FREE(&pszAccountDomain);
RTL_FREE(&pszAccountName);
if (pTransNames)
{
LsaRpcFreeMemory(pTransNames);
}
if (pDomList)
{
LsaRpcFreeMemory(pDomList);
}
if (ppSids)
{
LsaRpcFreeMemory(ppSids);
}
LW_SAFE_FREE_MEMORY(sids.pSids);
if (err == ERROR_SUCCESS &&
ntStatus != STATUS_SUCCESS)
{
err = LwNtStatusToWin32Error(ntStatus);
}
return err;
}
