diff --git a/reactos/dll/win32/lsasrv/database.c b/reactos/dll/win32/lsasrv/database.c index ef410625d37..c7b770c7131 100644 --- a/reactos/dll/win32/lsasrv/database.c +++ b/reactos/dll/win32/lsasrv/database.c @@ -202,40 +202,40 @@ Done: static NTSTATUS LsapCreateDatabaseObjects(VOID) { - PLSA_DB_OBJECT DbObject = NULL; + PLSA_DB_OBJECT PolicyObject; + NTSTATUS Status; /* Open the 'Policy' object */ - DbObject = (PLSA_DB_OBJECT)LsapCreateDbObject(NULL, - L"Policy", - TRUE, - LsaDbPolicyObject, - 0); - if (DbObject != NULL) - { - LsapSetObjectAttribute(DbObject, - L"PolPrDmN", - NULL, - 0); + Status = LsapOpenDbObject(NULL, + L"Policy", + LsaDbPolicyObject, + 0, + &PolicyObject); + if (!NT_SUCCESS(Status)) + return Status; - LsapSetObjectAttribute(DbObject, - L"PolPrDmS", - NULL, - 0); + LsapSetObjectAttribute(PolicyObject, + L"PolPrDmN", + NULL, + 0); - LsapSetObjectAttribute(DbObject, - L"PolAcDmN", - NULL, - 0); + LsapSetObjectAttribute(PolicyObject, + L"PolPrDmS", + NULL, + 0); - LsapSetObjectAttribute(DbObject, - L"PolAcDmS", - NULL, - 0); + LsapSetObjectAttribute(PolicyObject, + L"PolAcDmN", + NULL, + 0); + LsapSetObjectAttribute(PolicyObject, + L"PolAcDmS", + NULL, + 0); - /* Close the 'Policy' object */ - LsapCloseDbObject((LSAPR_HANDLE)DbObject); - } + /* Close the 'Policy' object */ + LsapCloseDbObject(PolicyObject); return STATUS_SUCCESS; } @@ -294,25 +294,27 @@ LsapInitDatabase(VOID) } -LSAPR_HANDLE -LsapCreateDbObject(LSAPR_HANDLE ParentHandle, - LPWSTR ObjectName, - BOOLEAN Open, - LSA_DB_OBJECT_TYPE ObjectType, - ACCESS_MASK DesiredAccess) +NTSTATUS +LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject, + IN LPWSTR ObjectName, + IN LSA_DB_OBJECT_TYPE ObjectType, + IN ACCESS_MASK DesiredAccess, + OUT PLSA_DB_OBJECT *DbObject) { - PLSA_DB_OBJECT ParentObject = (PLSA_DB_OBJECT)ParentHandle; - PLSA_DB_OBJECT DbObject; + PLSA_DB_OBJECT NewObject; OBJECT_ATTRIBUTES ObjectAttributes; UNICODE_STRING KeyName; HANDLE ParentKeyHandle; HANDLE ObjectKeyHandle; NTSTATUS Status; - if (ParentHandle != NULL) - ParentKeyHandle = ParentObject->KeyHandle; - else + if (DbObject == NULL) + return STATUS_INVALID_PARAMETER; + + if (ParentObject == NULL) ParentKeyHandle = SecurityKeyHandle; + else + ParentKeyHandle = ParentObject->KeyHandle; RtlInitUnicodeString(&KeyName, ObjectName); @@ -323,65 +325,122 @@ LsapCreateDbObject(LSAPR_HANDLE ParentHandle, ParentKeyHandle, NULL); - if (Open == TRUE) - { - Status = NtOpenKey(&ObjectKeyHandle, - KEY_ALL_ACCESS, - &ObjectAttributes); - } - else - { - Status = NtCreateKey(&ObjectKeyHandle, - KEY_ALL_ACCESS, - &ObjectAttributes, - 0, - NULL, - 0, - NULL); - } - + Status = NtCreateKey(&ObjectKeyHandle, + KEY_ALL_ACCESS, + &ObjectAttributes, + 0, + NULL, + 0, + NULL); if (!NT_SUCCESS(Status)) { - return NULL; + return Status; } - DbObject = (PLSA_DB_OBJECT)RtlAllocateHeap(RtlGetProcessHeap(), - 0, - sizeof(LSA_DB_OBJECT)); - if (DbObject == NULL) + NewObject = RtlAllocateHeap(RtlGetProcessHeap(), + 0, + sizeof(LSA_DB_OBJECT)); + if (NewObject == NULL) { NtClose(ObjectKeyHandle); - return NULL; + return STATUS_NO_MEMORY; } - DbObject->Signature = LSAP_DB_SIGNATURE; - DbObject->RefCount = 0; - DbObject->ObjectType = ObjectType; - DbObject->Access = DesiredAccess; - DbObject->KeyHandle = ObjectKeyHandle; - DbObject->ParentObject = ParentObject; + NewObject->Signature = LSAP_DB_SIGNATURE; + NewObject->RefCount = 1; + NewObject->ObjectType = ObjectType; + NewObject->Access = DesiredAccess; + NewObject->KeyHandle = ObjectKeyHandle; + NewObject->ParentObject = ParentObject; if (ParentObject != NULL) ParentObject->RefCount++; - return (LSAPR_HANDLE)DbObject; + *DbObject = NewObject; + + return STATUS_SUCCESS; +} + + +NTSTATUS +LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, + IN LPWSTR ObjectName, + IN LSA_DB_OBJECT_TYPE ObjectType, + IN ACCESS_MASK DesiredAccess, + OUT PLSA_DB_OBJECT *DbObject) +{ + PLSA_DB_OBJECT NewObject; + OBJECT_ATTRIBUTES ObjectAttributes; + UNICODE_STRING KeyName; + HANDLE ParentKeyHandle; + HANDLE ObjectKeyHandle; + NTSTATUS Status; + + if (DbObject == NULL) + return STATUS_INVALID_PARAMETER; + + if (ParentObject == NULL) + ParentKeyHandle = SecurityKeyHandle; + else + ParentKeyHandle = ParentObject->KeyHandle; + + RtlInitUnicodeString(&KeyName, + ObjectName); + + InitializeObjectAttributes(&ObjectAttributes, + &KeyName, + OBJ_CASE_INSENSITIVE, + ParentKeyHandle, + NULL); + + Status = NtOpenKey(&ObjectKeyHandle, + KEY_ALL_ACCESS, + &ObjectAttributes); + if (!NT_SUCCESS(Status)) + { + return Status; + } + + NewObject = RtlAllocateHeap(RtlGetProcessHeap(), + 0, + sizeof(LSA_DB_OBJECT)); + if (NewObject == NULL) + { + NtClose(ObjectKeyHandle); + return STATUS_NO_MEMORY; + } + + NewObject->Signature = LSAP_DB_SIGNATURE; + NewObject->RefCount = 1; + NewObject->ObjectType = ObjectType; + NewObject->Access = DesiredAccess; + NewObject->KeyHandle = ObjectKeyHandle; + NewObject->ParentObject = ParentObject; + + if (ParentObject != NULL) + ParentObject->RefCount++; + + *DbObject = NewObject; + + return STATUS_SUCCESS; } NTSTATUS LsapValidateDbObject(LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, - ACCESS_MASK GrantedAccess) + ACCESS_MASK DesiredAccess, + PLSA_DB_OBJECT *DbObject) { - PLSA_DB_OBJECT DbObject = (PLSA_DB_OBJECT)Handle; + PLSA_DB_OBJECT LocalObject = (PLSA_DB_OBJECT)Handle; BOOLEAN bValid = FALSE; _SEH2_TRY { - if (DbObject->Signature == LSAP_DB_SIGNATURE) + if (LocalObject->Signature == LSAP_DB_SIGNATURE) { if ((ObjectType == LsaDbIgnoreObject) || - (DbObject->ObjectType == ObjectType)) + (LocalObject->ObjectType == ObjectType)) bValid = TRUE; } } @@ -394,32 +453,52 @@ LsapValidateDbObject(LSAPR_HANDLE Handle, if (bValid == FALSE) return STATUS_INVALID_HANDLE; - if (GrantedAccess != 0) + if (DesiredAccess != 0) { - /* FIXME: Check for granted access rights */ + /* Check for granted access rights */ + if ((LocalObject->Access & DesiredAccess) != DesiredAccess) + { + ERR("LsapValidateDbObject access check failed %08lx %08lx\n", + LocalObject->Access, DesiredAccess); + return STATUS_ACCESS_DENIED; + } } + if (DbObject != NULL) + *DbObject = LocalObject; + return STATUS_SUCCESS; } NTSTATUS -LsapCloseDbObject(LSAPR_HANDLE Handle) +LsapCloseDbObject(PLSA_DB_OBJECT DbObject) { - PLSA_DB_OBJECT DbObject = (PLSA_DB_OBJECT)Handle; + PLSA_DB_OBJECT ParentObject = NULL; + NTSTATUS Status = STATUS_SUCCESS; - if (DbObject->RefCount != 0) - return STATUS_UNSUCCESSFUL; + DbObject->RefCount--; - if (DbObject->ParentObject != NULL) - DbObject->ParentObject->RefCount--; + if (DbObject->RefCount > 0) + return STATUS_SUCCESS; if (DbObject->KeyHandle != NULL) NtClose(DbObject->KeyHandle); + if (DbObject->ParentObject != NULL) + ParentObject = DbObject->ParentObject; + RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject); - return STATUS_SUCCESS; + if (ParentObject != NULL) + { + ParentObject->RefCount--; + + if (ParentObject->RefCount == 0) + Status = LsapCloseDbObject(ParentObject); + } + + return Status; } diff --git a/reactos/dll/win32/lsasrv/lsarpc.c b/reactos/dll/win32/lsasrv/lsarpc.c index 2fe2d66ece8..3cbd3c92e8f 100644 --- a/reactos/dll/win32/lsasrv/lsarpc.c +++ b/reactos/dll/win32/lsasrv/lsarpc.c @@ -69,6 +69,7 @@ void __RPC_USER LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle) NTSTATUS WINAPI LsarClose( LSAPR_HANDLE *ObjectHandle) { + PLSA_DB_OBJECT DbObject; NTSTATUS Status = STATUS_SUCCESS; TRACE("0x%p\n", ObjectHandle); @@ -77,10 +78,11 @@ NTSTATUS WINAPI LsarClose( Status = LsapValidateDbObject(*ObjectHandle, LsaDbIgnoreObject, - 0); + 0, + &DbObject); if (Status == STATUS_SUCCESS) { - Status = LsapCloseDbObject(*ObjectHandle); + Status = LsapCloseDbObject(DbObject); *ObjectHandle = NULL; } @@ -154,22 +156,24 @@ NTSTATUS WINAPI LsarOpenPolicy( ACCESS_MASK DesiredAccess, LSAPR_HANDLE *PolicyHandle) { - NTSTATUS Status = STATUS_SUCCESS; + PLSA_DB_OBJECT PolicyObject; + NTSTATUS Status; TRACE("LsarOpenPolicy called!\n"); RtlEnterCriticalSection(&PolicyHandleTableLock); - *PolicyHandle = LsapCreateDbObject(NULL, - L"Policy", - TRUE, - LsaDbPolicyObject, - DesiredAccess); - if (*PolicyHandle == NULL) - Status = STATUS_INSUFFICIENT_RESOURCES; + Status = LsapOpenDbObject(NULL, + L"Policy", + LsaDbPolicyObject, + DesiredAccess, + &PolicyObject); RtlLeaveCriticalSection(&PolicyHandleTableLock); + if (NT_SUCCESS(Status)) + *PolicyHandle = (LSAPR_HANDLE)PolicyObject; + TRACE("LsarOpenPolicy done!\n"); return Status; @@ -182,6 +186,7 @@ NTSTATUS WINAPI LsarQueryInformationPolicy( POLICY_INFORMATION_CLASS InformationClass, PLSAPR_POLICY_INFORMATION *PolicyInformation) { + PLSA_DB_OBJECT DbObject; NTSTATUS Status; TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n", @@ -194,7 +199,8 @@ NTSTATUS WINAPI LsarQueryInformationPolicy( Status = LsapValidateDbObject(PolicyHandle, LsaDbPolicyObject, - 0); /* FIXME */ + 0, /* FIXME */ + &DbObject); if (!NT_SUCCESS(Status)) return Status; @@ -244,6 +250,7 @@ NTSTATUS WINAPI LsarSetInformationPolicy( POLICY_INFORMATION_CLASS InformationClass, PLSAPR_POLICY_INFORMATION PolicyInformation) { + PLSA_DB_OBJECT DbObject; NTSTATUS Status; TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n", @@ -256,7 +263,8 @@ NTSTATUS WINAPI LsarSetInformationPolicy( Status = LsapValidateDbObject(PolicyHandle, LsaDbPolicyObject, - 0); /* FIXME */ + 0, /* FIXME */ + &DbObject); if (!NT_SUCCESS(Status)) return Status; @@ -310,15 +318,17 @@ NTSTATUS WINAPI LsarCreateAccount( ACCESS_MASK DesiredAccess, LSAPR_HANDLE *AccountHandle) { - LSAPR_HANDLE AccountsHandle; - LSAPR_HANDLE Account; - LPWSTR SidString; - NTSTATUS Status; + PLSA_DB_OBJECT PolicyObject; + PLSA_DB_OBJECT AccountsObject = NULL; + PLSA_DB_OBJECT AccountObject = NULL; + LPWSTR SidString = NULL; + NTSTATUS Status = STATUS_SUCCESS; /* Validate the PolicyHandle */ Status = LsapValidateDbObject(PolicyHandle, LsaDbPolicyObject, - POLICY_CREATE_ACCOUNT); + POLICY_CREATE_ACCOUNT, + &PolicyObject); if (!NT_SUCCESS(Status)) { ERR("LsapValidateDbObject returned 0x%08lx\n", Status); @@ -326,15 +336,15 @@ NTSTATUS WINAPI LsarCreateAccount( } /* Open the Accounts object */ - AccountsHandle = LsapCreateDbObject(PolicyHandle, - L"Accounts", - TRUE, - LsaDbContainerObject, - 0); - if (AccountsHandle == NULL) + Status = LsapOpenDbObject(PolicyObject, + L"Accounts", + LsaDbContainerObject, + 0, + &AccountsObject); + if (!NT_SUCCESS(Status)) { - ERR("LsapCreateDbObject (Accounts) failed\n"); - return STATUS_UNSUCCESSFUL; + ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status); + goto done; } /* Create SID string */ @@ -342,31 +352,44 @@ NTSTATUS WINAPI LsarCreateAccount( &SidString)) { ERR("ConvertSidToStringSid failed\n"); - return STATUS_UNSUCCESSFUL; + Status = STATUS_INVALID_PARAMETER; + goto done; } /* Create the Account object */ - Account = LsapCreateDbObject(AccountsHandle, - SidString, - FALSE, - LsaDbAccountObject, - DesiredAccess); - if (Account != NULL) + Status = LsapCreateDbObject(AccountsObject, + SidString, + LsaDbAccountObject, + DesiredAccess, + &AccountObject); + if (!NT_SUCCESS(Status)) { - /* Set the Sid attribute */ - Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)Account, - L"Sid", - (PVOID)AccountSid, - GetLengthSid(AccountSid)); - if (NT_SUCCESS(Status)) - { - *AccountHandle = Account; - } + ERR("LsapCreateDbObject (Account) failed (Status 0x%08lx)\n", Status); + goto done; } - LocalFree(SidString); + /* Set the Sid attribute */ + Status = LsapSetObjectAttribute(AccountObject, + L"Sid", + (PVOID)AccountSid, + GetLengthSid(AccountSid)); - LsapCloseDbObject(AccountsHandle); +done: + if (SidString != NULL) + LocalFree(SidString); + + if (!NT_SUCCESS(Status)) + { + if (AccountObject != NULL) + LsapCloseDbObject(AccountObject); + } + else + { + *AccountHandle = (LSAPR_HANDLE)AccountObject; + } + + if (AccountsObject != NULL) + LsapCloseDbObject(AccountsObject); return STATUS_SUCCESS; } @@ -777,7 +800,8 @@ NTSTATUS WINAPI LsarLookupPrivilegeValue( Status = LsapValidateDbObject(PolicyHandle, LsaDbPolicyObject, - 0); /* FIXME */ + 0, /* FIXME */ + NULL); if (!NT_SUCCESS(Status)) { ERR("Invalid handle (Status %lx)\n", Status); @@ -806,7 +830,8 @@ NTSTATUS WINAPI LsarLookupPrivilegeName( Status = LsapValidateDbObject(PolicyHandle, LsaDbPolicyObject, - 0); /* FIXME */ + 0, /* FIXME */ + NULL); if (!NT_SUCCESS(Status)) { ERR("Invalid handle\n"); @@ -859,13 +884,15 @@ NTSTATUS WINAPI LsarEnmuerateAccountRights( PRPC_SID AccountSid, PLSAPR_USER_RIGHT_SET UserRights) { + PLSA_DB_OBJECT PolicyObject; NTSTATUS Status; FIXME("(%p,%p,%p) stub\n", PolicyHandle, AccountSid, UserRights); Status = LsapValidateDbObject(PolicyHandle, LsaDbPolicyObject, - 0); /* FIXME */ + 0, /* FIXME */ + &PolicyObject); if (!NT_SUCCESS(Status)) return Status; diff --git a/reactos/dll/win32/lsasrv/lsasrv.h b/reactos/dll/win32/lsasrv/lsasrv.h index 3e17f36f31a..efed11c5839 100644 --- a/reactos/dll/win32/lsasrv/lsasrv.h +++ b/reactos/dll/win32/lsasrv/lsasrv.h @@ -59,20 +59,28 @@ StartAuthenticationPort(VOID); NTSTATUS LsapInitDatabase(VOID); -LSAPR_HANDLE -LsapCreateDbObject(LSAPR_HANDLE ParentHandle, - LPWSTR ObjectName, - BOOLEAN Open, - LSA_DB_OBJECT_TYPE HandleType, - ACCESS_MASK DesiredAccess); +NTSTATUS +LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject, + IN LPWSTR ObjectName, + IN LSA_DB_OBJECT_TYPE HandleType, + IN ACCESS_MASK DesiredAccess, + OUT PLSA_DB_OBJECT *DbObject); NTSTATUS -LsapValidateDbObject(LSAPR_HANDLE Handle, - LSA_DB_OBJECT_TYPE HandleType, - ACCESS_MASK GrantedAccess); +LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, + IN LPWSTR ObjectName, + IN LSA_DB_OBJECT_TYPE ObjectType, + IN ACCESS_MASK DesiredAccess, + OUT PLSA_DB_OBJECT *DbObject); NTSTATUS -LsapCloseDbObject(LSAPR_HANDLE Handle); +LsapValidateDbObject(IN LSAPR_HANDLE Handle, + IN LSA_DB_OBJECT_TYPE HandleType, + IN ACCESS_MASK GrantedAccess, + OUT PLSA_DB_OBJECT *DbObject); + +NTSTATUS +LsapCloseDbObject(IN PLSA_DB_OBJECT DbObject); NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, @@ -92,31 +100,31 @@ LsarStartRpcServer(VOID); /* policy.c */ NTSTATUS -LsarQueryAuditEvents(LSAPR_HANDLE PolicyHandle, +LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation); NTSTATUS -LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle, +LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation); NTSTATUS -LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle, +LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation); NTSTATUS -LsarQueryDnsDomain(LSAPR_HANDLE PolicyHandle, +LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation); NTSTATUS -LsarSetPrimaryDomain(LSAPR_HANDLE PolicyObject, +LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_PRIMARY_DOM_INFO Info); NTSTATUS -LsarSetAccountDomain(LSAPR_HANDLE PolicyObject, +LsarSetAccountDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_ACCOUNT_DOM_INFO Info); NTSTATUS -LsarSetDnsDomain(LSAPR_HANDLE PolicyObject, +LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_DNS_DOMAIN_INFO Info); /* privileges.c */ diff --git a/reactos/dll/win32/lsasrv/policy.c b/reactos/dll/win32/lsasrv/policy.c index 384dc6edf7e..ecece84dfe1 100644 --- a/reactos/dll/win32/lsasrv/policy.c +++ b/reactos/dll/win32/lsasrv/policy.c @@ -16,7 +16,7 @@ WINE_DEFAULT_DEBUG_CHANNEL(lsasrv); /* FUNCTIONS ***************************************************************/ NTSTATUS -LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle, +LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_PRIMARY_DOM_INFO Info) { PUNICODE_STRING Buffer; @@ -24,7 +24,7 @@ LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle, NTSTATUS Status; LPWSTR Ptr; - TRACE("LsarSetPrimaryDomain(%p, %p)\n", PolicyHandle, Info); + TRACE("LsarSetPrimaryDomain(%p, %p)\n", PolicyObject, Info); Length = sizeof(UNICODE_STRING) + Info->Name.MaximumLength; Buffer = RtlAllocateHeap(RtlGetProcessHeap(), @@ -39,9 +39,10 @@ LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle, Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING)); memcpy(Ptr, Info->Name.Buffer, Info->Name.MaximumLength); - Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapSetObjectAttribute(PolicyObject, L"PolPrDmN", - Buffer, Length); + Buffer, + Length); RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer); @@ -52,7 +53,7 @@ LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle, if (Info->Sid != NULL) Length = RtlLengthSid(Info->Sid); - Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapSetObjectAttribute(PolicyObject, L"PolPrDmS", (LPBYTE)Info->Sid, Length); @@ -62,7 +63,7 @@ LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle, NTSTATUS -LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle, +LsarSetAccountDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_ACCOUNT_DOM_INFO Info) { PUNICODE_STRING Buffer; @@ -70,7 +71,7 @@ LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle, NTSTATUS Status; LPWSTR Ptr; - TRACE("LsarSetAccountDomain(%p, %p)\n", PolicyHandle, Info); + TRACE("LsarSetAccountDomain(%p, %p)\n", PolicyObject, Info); Length = sizeof(UNICODE_STRING) + Info->DomainName.MaximumLength; Buffer = RtlAllocateHeap(RtlGetProcessHeap(), @@ -85,9 +86,10 @@ LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle, Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING)); memcpy(Ptr, Info->DomainName.Buffer, Info->DomainName.MaximumLength); - Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapSetObjectAttribute(PolicyObject, L"PolAcDmN", - Buffer, Length); + Buffer, + Length); RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer); @@ -98,7 +100,7 @@ LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle, if (Info->Sid != NULL) Length = RtlLengthSid(Info->Sid); - Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapSetObjectAttribute(PolicyObject, L"PolAcDmS", (LPBYTE)Info->Sid, Length); @@ -108,7 +110,7 @@ LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle, NTSTATUS -LsarSetDnsDomain(LSAPR_HANDLE PolicyHandle, +LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_DNS_DOMAIN_INFO Info) { @@ -117,7 +119,7 @@ LsarSetDnsDomain(LSAPR_HANDLE PolicyHandle, NTSTATUS -LsarQueryAuditEvents(LSAPR_HANDLE PolicyHandle, +LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PLSAPR_POLICY_AUDIT_EVENTS_INFO p = NULL; @@ -137,7 +139,7 @@ LsarQueryAuditEvents(LSAPR_HANDLE PolicyHandle, NTSTATUS -LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle, +LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PLSAPR_POLICY_PRIMARY_DOM_INFO p = NULL; @@ -153,7 +155,7 @@ LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle, /* Domain Name */ AttributeSize = 0; - Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapGetObjectAttribute(PolicyObject, L"PolPrDmN", NULL, &AttributeSize); @@ -171,7 +173,7 @@ LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle, goto Done; } - Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapGetObjectAttribute(PolicyObject, L"PolPrDmN", DomainName, &AttributeSize); @@ -201,7 +203,7 @@ LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle, /* Domain SID */ AttributeSize = 0; - Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapGetObjectAttribute(PolicyObject, L"PolPrDmS", NULL, &AttributeSize); @@ -219,7 +221,7 @@ LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle, goto Done; } - Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapGetObjectAttribute(PolicyObject, L"PolPrDmS", p->Sid, &AttributeSize); @@ -247,7 +249,7 @@ Done: NTSTATUS -LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle, +LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PLSAPR_POLICY_ACCOUNT_DOM_INFO p = NULL; @@ -262,7 +264,7 @@ LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle, return STATUS_INSUFFICIENT_RESOURCES; /* Domain Name */ - Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmN", NULL, &AttributeSize); @@ -280,7 +282,7 @@ LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle, goto Done; } - Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmN", DomainName, &AttributeSize); @@ -310,7 +312,7 @@ LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle, /* Domain SID */ AttributeSize = 0; - Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmS", NULL, &AttributeSize); @@ -328,7 +330,7 @@ LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle, goto Done; } - Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, + Status = LsapGetObjectAttribute(PolicyObject, L"PolAcDmS", p->Sid, &AttributeSize); @@ -356,7 +358,7 @@ Done: NTSTATUS -LsarQueryDnsDomain(LSAPR_HANDLE PolicyHandle, +LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { PLSAPR_POLICY_DNS_DOMAIN_INFO p = NULL;