- Implement most missing information classes of LsarQueryInformationPolicy.
- Add initialization code for new attributes of the policy object.
- Implement LsarQueryInformationPolicy2 and LsarSetInformationPolicy2.

svn path=/trunk/; revision=57391
This commit is contained in:
Eric Kohl 2012-09-26 16:15:29 +00:00
parent 2e2e4fca4e
commit c7dbcac228
5 changed files with 395 additions and 34 deletions

View file

@ -226,9 +226,17 @@ LsapCreateRandomDomainSid(OUT PSID *Sid)
static NTSTATUS
LsapCreateDatabaseObjects(VOID)
{
PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL;
POLICY_DEFAULT_QUOTA_INFO QuotaInfo;
POLICY_MODIFICATION_INFO ModificationInfo;
POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE};
POLICY_AUDIT_LOG_INFO AuditLogInfo;
PLSA_DB_OBJECT PolicyObject = NULL;
PSID AccountDomainSid = NULL;
ULONG AuditEventsCount;
ULONG AuditEventsSize;
ULONG i;
NTSTATUS Status;
/* Initialize the default quota limits */
@ -239,10 +247,35 @@ LsapCreateDatabaseObjects(VOID)
QuotaInfo.QuotaLimits.PagefileLimit = 0;
QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0;
/* Initialize the audit log attribute */
AuditLogInfo.AuditLogPercentFull = 0;
AuditLogInfo.MaximumLogSize = 0; // DWORD
AuditLogInfo.AuditRetentionPeriod.QuadPart = 0; // LARGE_INTEGER
AuditLogInfo.AuditLogFullShutdownInProgress = 0; // BYTE
AuditLogInfo.TimeToShutdown.QuadPart = 0; // LARGE_INTEGER
AuditLogInfo.NextAuditRecordId = 0; // DWORD
AuditEventsCount = AuditCategoryAccountLogon - AuditCategorySystem + 1;
AuditEventsSize = sizeof(LSAP_POLICY_AUDIT_EVENTS_DATA) + AuditEventsCount * sizeof(DWORD);
AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(),
0,
AuditEventsSize);
if (AuditEventsInfo == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
AuditEventsInfo->AuditingMode = FALSE;
AuditEventsInfo->MaximumAuditEventCount = AuditEventsCount;
for (i = 0; i < AuditEventsCount; i++)
AuditEventsInfo->AuditEvents[i] = 0;
/* Initialize the modification attribute */
ModificationInfo.ModifiedId.QuadPart = 0;
NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime);
/* Create a random domain SID */
Status = LsapCreateRandomDomainSid(&AccountDomainSid);
if (!NT_SUCCESS(Status))
return Status;
goto done;
/* Open the 'Policy' object */
Status = LsapOpenDbObject(NULL,
@ -279,7 +312,34 @@ LsapCreateDatabaseObjects(VOID)
&QuotaInfo,
sizeof(POLICY_DEFAULT_QUOTA_INFO));
/* Set the modification attribute */
LsapSetObjectAttribute(PolicyObject,
L"PolMod",
&ModificationInfo,
sizeof(POLICY_MODIFICATION_INFO));
/* Set the audit full attribute */
LsapSetObjectAttribute(PolicyObject,
L"PolAdtFl",
&AuditFullInfo,
sizeof(POLICY_AUDIT_FULL_QUERY_INFO));
/* Set the audit log attribute */
LsapSetObjectAttribute(PolicyObject,
L"PolAdtLg",
&AuditLogInfo,
sizeof(POLICY_AUDIT_LOG_INFO));
/* Set the audit events attribute */
LsapSetObjectAttribute(PolicyObject,
L"PolAdtEv",
&AuditEventsInfo,
AuditEventsSize);
done:
if (AuditEventsInfo != NULL)
RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);
if (PolicyObject != NULL)
LsapCloseDbObject(PolicyObject);

View file

@ -222,7 +222,6 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
DesiredAccess = POLICY_GET_PRIVATE_INFORMATION;
break;
case PolicyLastEntry:
default:
ERR("Invalid InformationClass!\n");
return STATUS_INVALID_PARAMETER;
@ -237,6 +236,10 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
switch (InformationClass)
{
case PolicyAuditLogInformation: /* 1 */
Status = LsarQueryAuditLog(PolicyHandle,
PolicyInformation);
case PolicyAuditEventsInformation: /* 2 */
Status = LsarQueryAuditEvents(PolicyHandle,
PolicyInformation);
@ -247,35 +250,54 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
PolicyInformation);
break;
case PolicyPdAccountInformation: /* 4 */
Status = LsarQueryPdAccount(PolicyHandle,
PolicyInformation);
case PolicyAccountDomainInformation: /* 5 */
Status = LsarQueryAccountDomain(PolicyHandle,
PolicyInformation);
break;
case PolicyLsaServerRoleInformation: /* 6 */
Status = LsarQueryServerRole(PolicyHandle,
PolicyInformation);
break;
case PolicyReplicaSourceInformation: /* 7 */
Status = LsarQueryReplicaSource(PolicyHandle,
PolicyInformation);
case PolicyDefaultQuotaInformation: /* 8 */
Status = LsarQueryDefaultQuota(PolicyHandle,
PolicyInformation);
break;
case PolicyDnsDomainInformation: /* 12 (0xc) */
case PolicyModificationInformation: /* 9 */
Status = LsarQueryModification(PolicyHandle,
PolicyInformation);
break;
case PolicyAuditFullQueryInformation: /* 11 (0xB) */
Status = LsarQueryAuditFull(PolicyHandle,
PolicyInformation);
break;
case PolicyDnsDomainInformation: /* 12 (0xC) */
Status = LsarQueryDnsDomain(PolicyHandle,
PolicyInformation);
break;
case PolicyAuditLogInformation:
case PolicyPdAccountInformation:
case PolicyLsaServerRoleInformation:
case PolicyReplicaSourceInformation:
case PolicyModificationInformation:
case PolicyAuditFullSetInformation:
case PolicyAuditFullQueryInformation:
case PolicyDnsDomainInformationInt:
case PolicyLocalAccountDomainInformation:
FIXME("Information class not implemented\n");
Status = STATUS_UNSUCCESSFUL;
case PolicyDnsDomainInformationInt: /* 13 (0xD) */
Status = LsarQueryDnsDomainInt(PolicyHandle,
PolicyInformation);
break;
case PolicyLocalAccountDomainInformation: /* 14 (0xE) */
Status = LsarQueryLocalAccountDomain(PolicyHandle,
PolicyInformation);
break;
case PolicyLastEntry:
default:
ERR("Invalid InformationClass!\n");
Status = STATUS_INVALID_PARAMETER;
@ -316,6 +338,9 @@ NTSTATUS WINAPI LsarSetInformationPolicy(
case PolicyPrimaryDomainInformation:
case PolicyAccountDomainInformation:
case PolicyDnsDomainInformation:
case PolicyDnsDomainInformationInt:
case PolicyLocalAccountDomainInformation:
DesiredAccess = POLICY_TRUST_ADMIN;
break;
@ -1761,10 +1786,11 @@ NTSTATUS WINAPI LsarGetUserName(
NTSTATUS WINAPI LsarQueryInformationPolicy2(
LSAPR_HANDLE PolicyHandle,
POLICY_INFORMATION_CLASS InformationClass,
unsigned long *PolicyInformation)
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
return LsarQueryInformationPolicy(PolicyHandle,
InformationClass,
PolicyInformation);
}
@ -1772,10 +1798,11 @@ NTSTATUS WINAPI LsarQueryInformationPolicy2(
NTSTATUS WINAPI LsarSetInformationPolicy2(
LSAPR_HANDLE PolicyHandle,
POLICY_INFORMATION_CLASS InformationClass,
unsigned long PolicyInformation)
PLSAPR_POLICY_INFORMATION PolicyInformation)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
return LsarSetInformationPolicy(PolicyHandle,
InformationClass,
PolicyInformation);
}

View file

@ -53,6 +53,14 @@ typedef struct _LSA_DB_OBJECT
#define LSAP_DB_SIGNATURE 0x12345678
typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATA
{
BOOLEAN AuditingMode;
DWORD MaximumAuditEventCount;
DWORD AuditEvents[0];
} LSAP_POLICY_AUDIT_EVENTS_DATA, *PLSAP_POLICY_AUDIT_EVENTS_DATA;
/* authport.c */
NTSTATUS
StartAuthenticationPort(VOID);
@ -101,6 +109,10 @@ VOID
LsarStartRpcServer(VOID);
/* policy.c */
NTSTATUS
LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
@ -109,18 +121,46 @@ NTSTATUS
LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryModification(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS
LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_PRIMARY_DOM_INFO Info);

View file

@ -118,22 +118,107 @@ LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject,
}
NTSTATUS
LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PPOLICY_AUDIT_LOG_INFO AuditLogInfo = NULL;
ULONG AttributeSize;
NTSTATUS Status;
*PolicyInformation = NULL;
AttributeSize = sizeof(POLICY_AUDIT_LOG_INFO);
AuditLogInfo = MIDL_user_allocate(AttributeSize);
if (AuditLogInfo == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAdtLg",
AuditLogInfo,
&AttributeSize);
if (!NT_SUCCESS(Status))
{
MIDL_user_free(AuditLogInfo);
}
else
{
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)AuditLogInfo;
}
return Status;
}
NTSTATUS
LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PLSAP_POLICY_AUDIT_EVENTS_DATA AuditData = NULL;
PLSAPR_POLICY_AUDIT_EVENTS_INFO p = NULL;
ULONG AttributeSize;
NTSTATUS Status = STATUS_SUCCESS;
*PolicyInformation = NULL;
AttributeSize = 0;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAdtEv",
NULL,
&AttributeSize);
if (!NT_SUCCESS(Status))
return Status;
if (AttributeSize > 0)
{
AuditData = MIDL_user_allocate(AttributeSize);
if (AuditData == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAdtEv",
AuditData,
&AttributeSize);
if (!NT_SUCCESS(Status))
goto done;
p = MIDL_user_allocate(sizeof(LSAPR_POLICY_AUDIT_EVENTS_INFO));
if (p == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
p->AuditingMode = FALSE; /* no auditing */
p->EventAuditingOptions = NULL;
p->MaximumAuditEventCount = 0;
p->AuditingMode = AuditData->AuditingMode;
p->MaximumAuditEventCount = AuditData->MaximumAuditEventCount;
p->EventAuditingOptions = MIDL_user_allocate(AuditData->MaximumAuditEventCount * sizeof(DWORD));
if (p->EventAuditingOptions == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
memcpy(p->EventAuditingOptions,
&(AuditData->AuditEvents[0]),
AuditData->MaximumAuditEventCount * sizeof(DWORD));
}
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)p;
done:
if (!NT_SUCCESS(Status))
{
if (p->EventAuditingOptions != NULL)
MIDL_user_free(p->EventAuditingOptions);
if (p != NULL)
MIDL_user_free(p);
}
if (AuditData != NULL)
MIDL_user_free(AuditData);
return STATUS_SUCCESS;
}
@ -248,6 +333,28 @@ Done:
}
NTSTATUS
LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PLSAPR_POLICY_PD_ACCOUNT_INFO PdAccountInfo = NULL;
*PolicyInformation = NULL;
PdAccountInfo = MIDL_user_allocate(sizeof(LSAPR_POLICY_PD_ACCOUNT_INFO));
if (PdAccountInfo == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
PdAccountInfo->Name.Length = 0;
PdAccountInfo->Name.MaximumLength = 0;
PdAccountInfo->Name.Buffer = NULL;
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)PdAccountInfo;
return STATUS_SUCCESS;
}
NTSTATUS
LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
@ -357,6 +464,44 @@ Done:
}
NTSTATUS
LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PPOLICY_LSA_SERVER_ROLE_INFO ServerRoleInfo = NULL;
ULONG AttributeSize;
NTSTATUS Status;
*PolicyInformation = NULL;
AttributeSize = sizeof(POLICY_LSA_SERVER_ROLE_INFO);
ServerRoleInfo = MIDL_user_allocate(AttributeSize);
if (ServerRoleInfo == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolSrvRo",
ServerRoleInfo,
&AttributeSize);
if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
{
ServerRoleInfo->LsaServerRole = PolicyServerRolePrimary;
Status = STATUS_SUCCESS;
}
if (!NT_SUCCESS(Status))
{
MIDL_user_free(ServerRoleInfo);
}
else
{
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)ServerRoleInfo;
}
return Status;
}
NTSTATUS
LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
@ -389,6 +534,79 @@ LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject,
}
NTSTATUS
LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
*PolicyInformation = NULL;
return STATUS_NOT_IMPLEMENTED;
}
NTSTATUS
LsarQueryModification(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PPOLICY_MODIFICATION_INFO Info = NULL;
ULONG AttributeSize;
NTSTATUS Status;
*PolicyInformation = NULL;
AttributeSize = sizeof(POLICY_MODIFICATION_INFO);
Info = MIDL_user_allocate(AttributeSize);
if (Info == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolMod",
Info,
&AttributeSize);
if (!NT_SUCCESS(Status))
{
MIDL_user_free(Info);
}
else
{
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)Info;
}
return Status;
}
NTSTATUS
LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
PPOLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = NULL;
ULONG AttributeSize;
NTSTATUS Status;
*PolicyInformation = NULL;
AttributeSize = sizeof(POLICY_AUDIT_FULL_QUERY_INFO);
AuditFullInfo = MIDL_user_allocate(AttributeSize);
if (AuditFullInfo == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
Status = LsapGetObjectAttribute(PolicyObject,
L"PolAdtFl",
AuditFullInfo,
&AttributeSize);
if (!NT_SUCCESS(Status))
{
MIDL_user_free(AuditFullInfo);
}
else
{
*PolicyInformation = (PLSAPR_POLICY_INFORMATION)AuditFullInfo;
}
return Status;
}
NTSTATUS
LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
@ -432,4 +650,22 @@ LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
return STATUS_SUCCESS;
}
NTSTATUS
LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
*PolicyInformation = NULL;
return STATUS_NOT_IMPLEMENTED;
}
NTSTATUS
LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation)
{
*PolicyInformation = NULL;
return STATUS_NOT_IMPLEMENTED;
}
/* EOF */

View file

@ -240,14 +240,14 @@ typedef struct _POLICY_AUDIT_LOG_INFO {
DWORD AuditLogPercentFull;
DWORD MaximumLogSize;
LARGE_INTEGER AuditRetentionPeriod;
BYTE AuditLogFullShutdownInProgress;
BOOLEAN AuditLogFullShutdownInProgress;
LARGE_INTEGER TimeToShutdown;
DWORD NextAuditRecordId;
} POLICY_AUDIT_LOG_INFO, *PPOLICY_AUDIT_LOG_INFO;
cpp_quote("#endif")
typedef struct _LSAPR_POLICY_AUDIT_EVENTS_INFO {
BYTE AuditingMode;
BOOLEAN AuditingMode;
[size_is(MaximumAuditEventCount)] DWORD *EventAuditingOptions;
DWORD MaximumAuditEventCount;
} LSAPR_POLICY_AUDIT_EVENTS_INFO, *PLSAPR_POLICY_AUDIT_EVENTS_INFO;
@ -889,15 +889,13 @@ cpp_quote("#if _WIN32_WINNT >= 0x0500")
NTSTATUS __stdcall LsarQueryInformationPolicy2(
[in] LSAPR_HANDLE PolicyHandle,
[in] POLICY_INFORMATION_CLASS InformationClass,
[out] unsigned long *PolicyInformation);
/* FIXME: should be [out, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION *PolicyInformation); */
[out, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION *PolicyInformation);
/* Function 47 */
NTSTATUS __stdcall LsarSetInformationPolicy2(
[in] LSAPR_HANDLE PolicyHandle,
[in] POLICY_INFORMATION_CLASS InformationClass,
[in] unsigned long PolicyInformation);
/* FIXME: should be [in, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION PolicyInformation); */
[in, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION PolicyInformation);
/* Function 48 */
NTSTATUS __stdcall LsarQueryTrustedDomainInfoByName(