[ADVAPI32/LSASRV]

- Implement LsaEnumeratePrivilegesOfAccount and LsarEnumeratePrivilegesAccount.
- Implement parts of LsarAddPrivilegesToAccount.

svn path=/trunk/; revision=56527
This commit is contained in:
Eric Kohl 2012-05-06 20:57:21 +00:00
parent 497e2b9709
commit 686b87d7d2
4 changed files with 115 additions and 6 deletions

View file

@ -358,7 +358,7 @@
@ stub LsaEnumerateAccounts
@ stdcall LsaEnumerateAccountsWithUserRight(ptr ptr ptr ptr)
@ stub LsaEnumeratePrivileges
@ stub LsaEnumeratePrivilegesOfAccount
@ stdcall LsaEnumeratePrivilegesOfAccount(ptr ptr)
@ stdcall LsaEnumerateTrustedDomains(ptr ptr ptr long ptr)
@ stdcall LsaEnumerateTrustedDomainsEx(ptr ptr ptr long ptr)
@ stdcall LsaFreeMemory(ptr)

View file

@ -366,6 +366,34 @@ LsaEnumerateAccountsWithUserRight(
return STATUS_NO_MORE_ENTRIES;
}
/*
* @implemented
*/
NTSTATUS
WINAPI
LsaEnumeratePrivilegesOfAccount(IN LSA_HANDLE AccountHandle,
OUT PPRIVILEGE_SET *Privileges)
{
NTSTATUS Status;
TRACE("(%p,%p) stub\n", AccountHandle, Privileges);
RpcTryExcept
{
Status = LsarEnumeratePrivilegesAccount((LSAPR_HANDLE)AccountHandle,
(LSAPR_PRIVILEGE_SET **)Privileges);
}
RpcExcept(EXCEPTION_EXECUTE_HANDLER)
{
Status = I_RpcMapWin32Status(RpcExceptionCode());
}
RpcEndExcept;
return Status;
}
/*
* @unimplemented
*/

View file

@ -723,8 +723,52 @@ NTSTATUS WINAPI LsarEnumeratePrivilegesAccount(
LSAPR_HANDLE AccountHandle,
PLSAPR_PRIVILEGE_SET *Privileges)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
PLSA_DB_OBJECT AccountObject;
ULONG PrivilegeSetSize = 0;
PLSAPR_PRIVILEGE_SET PrivilegeSet = NULL;
NTSTATUS Status;
*Privileges = NULL;
/* Validate the AccountHandle */
Status = LsapValidateDbObject(AccountHandle,
LsaDbAccountObject,
0,
&AccountObject);
if (!NT_SUCCESS(Status))
{
ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
return Status;
}
/* Get the size of the privilege set */
Status = LsapGetObjectAttribute(AccountObject,
L"Privilgs",
NULL,
&PrivilegeSetSize);
if (!NT_SUCCESS(Status))
return Status;
/* Allocate a buffer for the privilege set */
PrivilegeSet = MIDL_user_allocate(PrivilegeSetSize);
if (PrivilegeSet == NULL)
return STATUS_NO_MEMORY;
/* Get the privilege set */
Status = LsapGetObjectAttribute(AccountObject,
L"Privilgs",
PrivilegeSet,
&PrivilegeSetSize);
if (!NT_SUCCESS(Status))
{
MIDL_user_free(PrivilegeSet);
return Status;
}
/* Return a pointer to the privilege set */
*Privileges = PrivilegeSet;
return STATUS_SUCCESS;
}
@ -733,8 +777,44 @@ NTSTATUS WINAPI LsarAddPrivilegesToAccount(
LSAPR_HANDLE AccountHandle,
PLSAPR_PRIVILEGE_SET Privileges)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
PLSA_DB_OBJECT AccountObject;
ULONG PrivilegeSetSize = 0;
NTSTATUS Status;
/* Validate the AccountHandle */
Status = LsapValidateDbObject(AccountHandle,
LsaDbAccountObject,
0,
&AccountObject);
if (!NT_SUCCESS(Status))
{
ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
return Status;
}
Status = LsapGetObjectAttribute(AccountObject,
L"Privilgs",
NULL,
&PrivilegeSetSize);
if (!NT_SUCCESS(Status) || PrivilegeSetSize == 0)
{
/* The Privilgs attribute does not exist */
PrivilegeSetSize = sizeof(PRIVILEGE_SET) +
(Privileges->PrivilegeCount - 1) * sizeof(LUID_AND_ATTRIBUTES);
Status = LsapSetObjectAttribute(AccountObject,
L"Privilgs",
Privileges,
PrivilegeSetSize);
}
else
{
/* The Privilgs attribute exists */
Status = STATUS_NOT_IMPLEMENTED;
}
return Status;
}

View file

@ -688,6 +688,7 @@ NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE);
NTSTATUS NTAPI LsaEnumerateAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING*,PULONG);
NTSTATUS NTAPI LsaEnumerateAccountsWithUserRight(LSA_HANDLE,PLSA_UNICODE_STRING,
PVOID*,PULONG);
NTSTATUS NTAPI LsaEnumeratePrivilegesOfAccount(LSA_HANDLE, PPRIVILEGE_SET*);
NTSTATUS NTAPI LsaEnumerateTrustedDomains(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,
PVOID*,ULONG,PULONG);
NTSTATUS NTAPI LsaEnumerateTrustedDomainsEx(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,