archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/netapi/netlib/domainid.c

300 lines
9.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1992 Microsoft Corporation
  5. Module Name:
  7. DomainId.c
  9. Abstract:
  11. This file contains NetpGetLocalDomainId(). This will eventually
  12. replace NetpGetDomainId().
  14. Author:
  16. John Rogers (JohnRo) 06-May-1992
  18. Environment:
  20. Interface is portable to any flat, 32-bit environment. (Uses Win32
  21. typedefs.) Requires ANSI C extensions: slash-slash comments, long
  22. external names. Code itself only runs under NT.
  24. Revision History:
  26. 06-May-1992 JohnRo
  27. Created. (Borrowed most code from DanHi's SDKTools/AddUser/AddUser.c.
  28. 08-May-1992 JohnRo
  29. Use <prefix.h> equates.
  30. 09-Jun-1992 JohnRo
  31. RAID 10139: PortUAS should add to admin group/alias.
  33. --*/
  36. // These must be included first:
  38. #include <nt.h> // IN, LPVOID, etc.
  39. #include <ntsam.h>
  40. #include <ntlsa.h>
  41. #include <ntrtl.h>
  42. #include <nturtl.h> // (Needed for ntrtl.h and windows.h to coexist.)
  43. #include <windows.h> // LocalAlloc(), LMEM_ equates, etc.
  44. #include <lmcons.h> // NET_API_STATUS, needed by <netlibnt.h>
  46. // These may be included in any order:
  48. #include <debuglib.h> // IF_DEBUG().
  49. #include <lmerr.h> // NO_ERROR, ERROR_, and NERR_ equates.
  50. #include <netdebug.h> // NetpAssert, FORMAT_ equates, etc.
  51. #include <netlib.h> // LOCAL_DOMAIN_TYPE, my prototype.
  52. #include <netlibnt.h> // NetpNtStatusToApiStatus().
  53. #include <prefix.h> // PREFIX_ equates.
  56. static SID_IDENTIFIER_AUTHORITY NetpBuiltinIdentifierAuthority
  57. = SECURITY_NT_AUTHORITY;
  60. NET_API_STATUS
  61. NetpGetLocalDomainId (
  62. IN LOCAL_DOMAIN_TYPE TypeWanted,
  63. OUT PSID *RetDomainId
  64. )
  66. /*++
  68. Routine Description:
  70. This routine obtains the domain id from LSA for the local domain.
  71. The routine is a superset of NetpGetDomainId().
  73. Arguments:
  75. TypeWanted - Indicates which type of local domain ID is wanted:
  76. the primary one or the accounts one.
  78. RetDomainId - This is a pointer to the location where the pointer
  79. to the domain id is to be placed. This must be freed via LocalFree().
  81. Return Value:
  83. NERR_Success - If the operation was successful.
  85. It will return assorted Net or Win32 error messages if not.
  87. --*/
  88. {
  89. NET_API_STATUS ApiStatus;
  90. LSA_HANDLE LsaHandle = NULL;
  91. NTSTATUS NtStatus;
  92. LPVOID PolicyInfo = NULL;
  93. DWORD SidSize;
  95. if (RetDomainId == NULL) {
  96. ApiStatus = ERROR_INVALID_PARAMETER;
  97. goto cleanupandexit;
  98. }
  99. *RetDomainId = NULL; // make error paths easy to code.
  101. //
  102. // The type of domain the caller wants determines the information class
  103. // we have to get LSA to deal with. So use one to get the other.
  104. //
  105. switch (TypeWanted) {
  107. case LOCAL_DOMAIN_TYPE_ACCOUNTS : /*FALLTHROUGH*/
  108. case LOCAL_DOMAIN_TYPE_PRIMARY :
  109. {
  110. OBJECT_ATTRIBUTES ObjectAttributes;
  111. POLICY_INFORMATION_CLASS PolicyInfoClass;
  112. LPVOID SourceDomainId;
  114. if (TypeWanted == LOCAL_DOMAIN_TYPE_ACCOUNTS) {
  115. PolicyInfoClass = PolicyAccountDomainInformation;
  116. } else {
  117. PolicyInfoClass = PolicyPrimaryDomainInformation;
  118. }
  119. //
  120. // Get LSA to open its local policy database.
  121. //
  123. InitializeObjectAttributes( &ObjectAttributes, NULL, 0, 0, NULL );
  124. NtStatus = LsaOpenPolicy(
  125. NULL,
  126. &ObjectAttributes,
  127. POLICY_VIEW_LOCAL_INFORMATION,
  128. &LsaHandle);
  129. if ( !NT_SUCCESS(NtStatus)) {
  130. ApiStatus = NetpNtStatusToApiStatus( NtStatus );
  131. IF_DEBUG( DOMAINID ) {
  132. NetpKdPrint((PREFIX_NETLIB "NetpGetLocalDomainId:\n"
  133. " Couldn't _open Lsa Policy database, nt status = "
  134. FORMAT_NTSTATUS "\n", NtStatus));
  135. }
  136. NetpAssert( ApiStatus != NO_ERROR );
  137. goto cleanupandexit;
  138. }
  139. NetpAssert( LsaHandle != NULL );
  141. //
  142. // Get the appropriate domain SID from LSA
  143. //
  144. NtStatus = LsaQueryInformationPolicy(
  145. LsaHandle,
  146. PolicyInfoClass,
  147. &PolicyInfo);
  148. if ( !NT_SUCCESS(NtStatus)) {
  149. ApiStatus = NetpNtStatusToApiStatus( NtStatus );
  150. IF_DEBUG( DOMAINID ) {
  151. NetpKdPrint((PREFIX_NETLIB "NetpGetLocalDomainId:\n"
  152. " Couldn't query Lsa Policy database, nt status = "
  153. FORMAT_NTSTATUS "\n", NtStatus));
  154. }
  155. NetpAssert( ApiStatus != NO_ERROR );
  156. goto cleanupandexit;
  157. }
  159. //
  160. // Find source domain ID in the appropriate structure.
  161. //
  162. if (TypeWanted == LOCAL_DOMAIN_TYPE_ACCOUNTS) {
  163. PPOLICY_ACCOUNT_DOMAIN_INFO PolicyAccountDomainInfo
  164. = PolicyInfo;
  165. SourceDomainId = PolicyAccountDomainInfo->DomainSid;
  166. NetpAssert( SourceDomainId != NULL );
  167. NetpAssert( RtlValidSid( SourceDomainId ) );
  168. } else {
  170. PPOLICY_PRIMARY_DOMAIN_INFO PolicyPrimaryDomainInfo
  171. = PolicyInfo;
  172. NetpAssert( TypeWanted == LOCAL_DOMAIN_TYPE_PRIMARY );
  173. SourceDomainId = PolicyPrimaryDomainInfo->Sid;
  174. if ( SourceDomainId != NULL ) {
  175. NetpAssert( RtlValidSid( SourceDomainId ) );
  176. }
  177. }
  179. //
  180. // If there was a domain ID, copy it now
  181. //
  183. if (SourceDomainId != NULL) {
  185. //
  186. // Compute size and alloc destination SID.
  187. //
  189. NetpAssert( sizeof(ULONG) <= sizeof(DWORD) );
  191. SidSize = (DWORD) RtlLengthSid( SourceDomainId );
  192. NetpAssert( SidSize != 0 );
  194. *RetDomainId = LocalAlloc( LMEM_FIXED, SidSize );
  196. if ( *RetDomainId == NULL ) {
  197. IF_DEBUG( DOMAINID ) {
  198. NetpKdPrint((PREFIX_NETLIB "NetpGetLocalDomainId:\n"
  199. " not enough memory (need " FORMAT_DWORD
  200. ")\n", SidSize));
  201. }
  202. ApiStatus = ERROR_NOT_ENOUGH_MEMORY;
  203. goto cleanupandexit;
  204. }
  206. //
  207. // Copy the SID (domain ID).
  208. //
  210. NtStatus = RtlCopySid(
  211. SidSize, // dest size in bytes
  212. *RetDomainId, // dest sid
  213. SourceDomainId); // src sid
  214. if ( !NT_SUCCESS(NtStatus)) {
  215. ApiStatus = NetpNtStatusToApiStatus( NtStatus );
  216. IF_DEBUG( DOMAINID ) {
  217. NetpKdPrint((PREFIX_NETLIB "NetpGetLocalDomainId:\n"
  218. " RtlCopySid failed, nt status = "
  219. FORMAT_NTSTATUS "\n", NtStatus));
  220. }
  221. NetpAssert( ApiStatus != NO_ERROR );
  222. goto cleanupandexit;
  223. }
  225. NetpAssert( RtlValidSid( SourceDomainId ) );
  226. NetpAssert( RtlEqualSid( SourceDomainId, *RetDomainId ) );
  227. } else {
  228. //
  229. // Just return the NULL domain id.
  230. //
  232. *RetDomainId = NULL;
  233. }
  235. }
  236. break;
  238. case LOCAL_DOMAIN_TYPE_BUILTIN :
  240. #define SUBAUTHORITIES_FOR_BUILTIN_DOMAIN 1
  242. SidSize = (DWORD)
  243. RtlLengthRequiredSid( SUBAUTHORITIES_FOR_BUILTIN_DOMAIN );
  244. NetpAssert( SidSize != 0 );
  246. *RetDomainId = LocalAlloc( LMEM_FIXED, SidSize );
  248. if ( *RetDomainId == NULL ) {
  249. IF_DEBUG( DOMAINID ) {
  250. NetpKdPrint((PREFIX_NETLIB "NetpGetLocalDomainId:\n"
  251. " not enough memory (need " FORMAT_DWORD
  252. ")\n", SidSize));
  253. }
  254. ApiStatus = ERROR_NOT_ENOUGH_MEMORY;
  255. goto cleanupandexit;
  256. }
  258. NtStatus = RtlInitializeSid(
  259. *RetDomainId, // SID being built
  260. &NetpBuiltinIdentifierAuthority, // identifier authority
  261. (UCHAR)SUBAUTHORITIES_FOR_BUILTIN_DOMAIN ); // subauth. count
  262. NetpAssert( NT_SUCCESS( NtStatus ) );
  265. NetpAssert( SUBAUTHORITIES_FOR_BUILTIN_DOMAIN == 1 );
  266. *(RtlSubAuthoritySid(*RetDomainId, 0)) = SECURITY_BUILTIN_DOMAIN_RID;
  268. NetpAssert( RtlValidSid( *RetDomainId ) );
  269. break;
  271. default :
  272. ApiStatus = ERROR_INVALID_PARAMETER;
  273. goto cleanupandexit;
  274. }
  278. ApiStatus = NO_ERROR;
  280. cleanupandexit:
  282. //
  283. // Clean up (either error or success).
  284. //
  286. if (PolicyInfo) {
  287. (VOID) LsaFreeMemory(PolicyInfo);
  288. }
  289. if (LsaHandle) {
  290. (VOID) LsaClose(LsaHandle);
  291. }
  292. if ((ApiStatus!=NO_ERROR) && (RetDomainId!=NULL) && (*RetDomainId!=NULL)) {
  293. (VOID) LocalFree( *RetDomainId );
  294. *RetDomainId = NULL;
  295. }
  297. return (ApiStatus);
  299. }