Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

876 lines
26 KiB

/**********************************************************************/
/** Microsoft Windows NT **/
/** Copyright(c) Microsoft Corp., 1992 **/
/**********************************************************************/
/*
* This module contains the wrappers for LSA objects.
*
* Two Hierarchies are presented in this file.
*
* The first is the LSA_MEMORY hierarchy. These are a set of classes
* used to wrap the various structures returned by LSA Apis. This
* allows easy access to the members of each of the array of structures
* which LSA returns. Also, it automatically frees the memory
* allocated by LSA when the MT_MEMORY object is destructed. Clients will
* generally create the appropriate MEM object, and pass a pointer to
* it into the appropriate method of the desired LSA_OBJECT class.
*
* BASE
* |
* NT_MEMORY
* |
* LSA_MEMORY
* |
* +--------+-----------------------------------------------+
* | | | | |
* LSA_TRANSLATED_NAME_MEM | LSA_TRUST_INFO_MEM | LSA_AUDIT_EVENT_INFO_MEM
* | |
* LSA_REF_DOMAIN_MEM LSA_ACCT_DOM_INFO_MEM
* LSA_PRIMARY_DOM_INFO_MEM
*
* Second, the LSA_OBJECT hierarchy is a thin wrapper around the
* LSA apis. These classes store the appropriate LSA handle, and
* provide access to the SAM apis which operate on that handle.
*
* BASE
* |
* LSA_OBJECT
* |
* +-----------------------------------------+
* | | |
* LSA_POLICY LSA_SECRET LSA_TRUSTED_DOMAIN
*
*
* History
* thomaspa 03/03/92 Split from ntsam.hxx
* thomaspa 03/30/92 Code review changes
* DavidHov 04/10/92 Secret object, trusted
* domain and other added.
* Yi-HsinS 04/15/92 Add methods to retrieve info. about
* auditing
* Yi-HsinS 06/10/92 Removed LSA_AUDIT_FULL_SET_INFO
* and added method CheckIfShutDownOnFull
* and SetShutDownOnFull to LSA_POLICY
*/
#ifndef _UINTLSA_HXX_
#define _UINTLSA_HXX_
#include "uiassert.hxx"
#include "uintmem.hxx"
// Default access masks
#define DEF_LSA_POLICY_ACCESS GENERIC_EXECUTE
// Forward declarations
DLL_CLASS LSA_MEMORY ;
DLL_CLASS LSA_TRANSLATED_NAME_MEM ;
DLL_CLASS LSA_TRANSLATED_SID_MEM ;
DLL_CLASS LSA_TRUST_INFO_MEM ;
DLL_CLASS LSA_REF_DOMAIN_MEM ;
DLL_CLASS LSA_ACCT_DOM_INFO_MEM ;
DLL_CLASS LSA_PRIMARY_DOM_INFO_MEM ;
DLL_CLASS LSA_AUDIT_EVENT_INFO_MEM ;
DLL_CLASS LSA_OBJECT ;
DLL_CLASS LSA_POLICY ;
DLL_CLASS LSA_SERVER_ROLE_INFO_MEM ;
/**********************************************************\
NAME: LSA_MEMORY
SYNOPSIS: Specialized buffer object for storing data returned
from LSA APIs.
INTERFACE: LSA_MEMORY(): constructor
~LSA_MEMORY(): destructor
PARENT: NT_MEMORY
NOTES: This class supplies the FreeBuffer() method which
calls LsaFreeMemory() to free memory allocated by
LSA calls. FreeBuffer() is called by ~LSA_MEMORY().
HISTORY:
thomaspa 03/03/92 Created
DavidHov 04/10/92 Extended LSA_POLICY
DavidHov 04/10/92 Extended LSA_POLICY
\**********************************************************/
DLL_CLASS LSA_MEMORY : public NT_MEMORY
{
private:
BOOL _fOwnerAlloc;
protected:
LSA_MEMORY( BOOL fOwnerAlloc = FALSE );
~LSA_MEMORY();
/*
* Frees an LSA allocated buffer
*/
inline virtual void FreeBuffer()
{
if ( QueryBuffer() != NULL )
{
REQUIRE( ::LsaFreeMemory( QueryBuffer() ) == STATUS_SUCCESS );
}
}
public:
/*
* Frees the existing buffer and sets a new buffer and count of items
*/
inline virtual void Set( VOID * pvBuffer, ULONG cItems )
{
if ( !_fOwnerAlloc )
FreeBuffer();
NT_MEMORY::Set( pvBuffer, cItems );
}
};
/**********************************************************\
NAME: LSA_TRANSLATED_NAME_MEM (lsatnm)
SYNOPSIS: Wrapper for LSA_TRANSLATED_NAME
INTERFACE: (public)
LSA_TRANSLATED_NAME_MEM(): constructor
~LSA_TRANSLATED_NAME_MEM(): destructor
QueryName(): Query name (NLS_STR *)
QueryUse(); Query type of account (group/user/alias)
QueryDomainIndex(): Query index into LSA_REFERENCED_DOMAIN_LIST
and therefore LSA_REF_DOMAIN_MEM
PARENT: LSA_MEMORY
HISTORY:
thomaspa 02/27/92 Created
\**********************************************************/
DLL_CLASS LSA_TRANSLATED_NAME_MEM : public LSA_MEMORY
{
private:
/*
* Returns the ith UNICODE_STRING name in the buffer
*/
inline const UNICODE_STRING * QueryUnicodeName( ULONG i ) const
{
ASSERT( IsInRange( i ) );
return &(QueryPtr()[i].Name);
}
/*
* Returns a properly casted pointer to the buffer
*/
inline const LSA_TRANSLATED_NAME * QueryPtr() const
{
return (LSA_TRANSLATED_NAME *)QueryBuffer();
}
public:
LSA_TRANSLATED_NAME_MEM( BOOL fOwnerAlloc = FALSE );
~LSA_TRANSLATED_NAME_MEM();
/*
* returns the ith NLS_STR name in the buffer
*/
inline APIERR QueryName( ULONG i, NLS_STR *pnlsName ) const
{
ASSERT( pnlsName != NULL );
return pnlsName->MapCopyFrom( QueryUnicodeName( i )->Buffer,
QueryUnicodeName( i )->Length );
}
/*
* returns the ith SID_NAME_USE in the buffer
*/
inline SID_NAME_USE QueryUse( ULONG i ) const
{
ASSERT( IsInRange( i ) );
return QueryPtr()[i].Use;
}
/*
* returns the domain index for the ith item in the buffer
* This is the index into the corresponding REFERENCED_DOMAIN_LIST
*/
inline LONG QueryDomainIndex( ULONG i ) const
{
ASSERT( IsInRange( i ) );
return QueryPtr()[i].DomainIndex;
}
};
/**********************************************************\
NAME: LSA_TRANSLATED_SID_MEM (lsatsm)
SYNOPSIS: Wrapper for LSA_TRANSLATED_SID
INTERFACE: (public)
LSA_TRANSLATED_SID_MEM(): constructor
~LSA_TRANSLATED_SID_MEM(): destructor
QueryRID(): Query RID
QueryUse(); Query type of account (group/user/alias)
QueryDomainIndex(): Query index into LSA_REFERENCED_DOMAIN_LIST
and therefore LSA_REF_DOMAIN_MEM
PARENT: LSA_MEMORY
HISTORY:
thomaspa 02/27/92 Created
\**********************************************************/
DLL_CLASS LSA_TRANSLATED_SID_MEM : public LSA_MEMORY
{
private:
/*
* Returns a properly casted pointer to a LSA_TRANSLATED_SID
*/
inline const LSA_TRANSLATED_SID * QueryPtr() const
{
return (LSA_TRANSLATED_SID *)QueryBuffer();
}
public:
LSA_TRANSLATED_SID_MEM( BOOL fOwnerAlloc = FALSE );
~LSA_TRANSLATED_SID_MEM();
/*
* returns the RID for the ith entry in the buffer
*/
inline ULONG QueryRID( ULONG i ) const
{
ASSERT( IsInRange( i ) );
return QueryPtr()[i].RelativeId;
}
/*
* Returns the SID_NAME_USE for the ith entry in the buffer
*/
inline SID_NAME_USE QueryUse( ULONG i ) const
{
ASSERT( IsInRange( i ) );
return QueryPtr()[i].Use;
}
/*
* Returns the domain index for the ith entry in the buffer.
* This is the index into the corresponding REFERENCED_DOMAIN_LIST
*/
inline LONG QueryDomainIndex( ULONG i ) const
{
ASSERT( IsInRange( i ) );
return QueryPtr()[i].DomainIndex;
}
//
// Retrieves the index of the first name that we failed to lookup
//
// TRUE is returned if we found one, FALSE otherwise
// pi - Receives first failing index if TRUE is returned
//
BOOL QueryFailingNameIndex( ULONG * pi ) ;
};
/**********************************************************\
NAME: LSA_TRUST_INFO_MEM (lsatim)
SYNOPSIS: Wrapper for LSA_TRUST_INFORMATION
INTERFACE: LSA_TRUST_INFO_MEM(): constructor
~LSA_TRUST_INFO_MEM(): destructor
QueryPSID(): Query SID
QueryName(): Query the NLS_STR * name for the domain
PARENT: LSA_MEMORY
HISTORY:
thomaspa 02/27/92 Created
\**********************************************************/
DLL_CLASS LSA_TRUST_INFO_MEM : public LSA_MEMORY
{
public:
LSA_TRUST_INFO_MEM( BOOL fOwnerAlloc = FALSE );
~LSA_TRUST_INFO_MEM();
/*
* Returns a properly casted pointer to the buffer
*/
inline const LSA_TRUST_INFORMATION * QueryPtr() const
{
return (LSA_TRUST_INFORMATION *)QueryBuffer();
}
/*
* returns the UNICODE_STRING name for the ith entry in the buffer
*/
inline const UNICODE_STRING * QueryUnicodeName( ULONG i ) const
{
ASSERT( IsInRange( i ) );
return &(QueryPtr()[i].Name);
}
/*
* returns the PSID for the ith entry in the buffer
*/
inline PSID QueryPSID( ULONG i ) const
{
ASSERT( IsInRange( i ) );
return QueryPtr()[i].Sid;
}
/*
* returns the NLS_STR name for the ith entry in the buffer
*/
inline APIERR QueryName( ULONG i, NLS_STR *pnlsName ) const
{
ASSERT( pnlsName != NULL );
return pnlsName->MapCopyFrom( QueryUnicodeName( i )->Buffer,
QueryUnicodeName( i )->Length );
}
};
/**********************************************************\
NAME: LSA_REF_DOMAIN_MEM (lsardm)
SYNOPSIS: Wrapper for LSA_REFERENCED_DOMAIN_LIST
INTERFACE: LSA_REF_DOMAIN_MEM(): constructor
~LSA_REF_DOMAIN_MEM(): destructor
QueryPSID(): Query SID
QueryName(): Query the NLS_STR * name for the domain
PARENT: LSA_MEMORY
HISTORY:
thomaspa 02/27/92 Created
\**********************************************************/
DLL_CLASS LSA_REF_DOMAIN_MEM : public LSA_MEMORY
{
private:
/*
* Returns a properly casted pointer to a LSA_TRUST_INFORMATION
*
* NOTES: This returns a pointer to a LSA_TRUST_INFORMATION instead
* of a LSA_REFERENCED_DOMAIN_LIST. This is because the
* LSA_REFERENCED_DOMAIN_LIST begins with a count, followed by
* count LSA_TRUST_INFORMATION structs which contain the information
* we really want.
*/
inline const LSA_TRUST_INFORMATION * QueryPtr() const
{
return (PLSA_TRUST_INFORMATION)
(((PLSA_REFERENCED_DOMAIN_LIST)QueryBuffer())->Domains);
}
/*
* returns the UNICODE_STRING name for the ith entry in the buffer
*/
inline const UNICODE_STRING * QueryUnicodeName( ULONG i ) const
{
ASSERT( IsInRange( i ) );
return &(QueryPtr()[i].Name);
}
public:
LSA_REF_DOMAIN_MEM( BOOL fOwnerAlloc = FALSE );
~LSA_REF_DOMAIN_MEM();
/*
* Returns the PSID for the ith entry in the buffer
*/
inline PSID QueryPSID( ULONG i ) const
{
ASSERT( IsInRange( i ) );
return QueryPtr()[i].Sid;
}
/*
* Returns the NLS_STR name for the ith entry in the buffer
*/
inline APIERR QueryName( ULONG i, NLS_STR *pnlsName ) const
{
ASSERT( pnlsName != NULL );
return pnlsName->MapCopyFrom( QueryUnicodeName( i )->Buffer,
QueryUnicodeName( i )->Length );
}
};
/**********************************************************\
NAME: LSA_ACCT_DOM_INFO_MEM (lsaadim)
SYNOPSIS: Wrapper for POLICY_ACCOUNT_DOMAIN_INFO
INTERFACE: LSA_ACCT_DOM_INFO_MEM(): constructor
~LSA_ACCT_DOM_INFO_MEM(): destructor
QueryPSID(): Query SID
QueryName(): Query the NLS_STR * name for the domain
PARENT: LSA_MEMORY
NOTES: This MEM class is slightly different from the other
MEM classes in that it will only contain zero or one item. Thus,
the index is not needed for the accessors.
HISTORY:
thomaspa 02/27/92 Created
\**********************************************************/
DLL_CLASS LSA_ACCT_DOM_INFO_MEM : public LSA_MEMORY
{
public:
/*
* Returns a properly casted pointer the the buffer
*/
inline const POLICY_ACCOUNT_DOMAIN_INFO * QueryPtr() const
{
return (POLICY_ACCOUNT_DOMAIN_INFO *)QueryBuffer();
}
/*
* Returns the UNICODE_STRING name for the account domain
*/
inline const UNICODE_STRING * QueryUnicodeName() const
{
return &QueryPtr()->DomainName;
}
LSA_ACCT_DOM_INFO_MEM( BOOL fOwnerAlloc = FALSE );
~LSA_ACCT_DOM_INFO_MEM();
/*
* Returns the PSID of the account domain
*/
inline PSID QueryPSID() const
{
return QueryPtr()->DomainSid;
}
/*
* Returns the name of the accounts domain
*/
inline APIERR QueryName( NLS_STR *pnlsName ) const
{
ASSERT( pnlsName != NULL );
return pnlsName->MapCopyFrom( QueryUnicodeName( )->Buffer,
QueryUnicodeName( )->Length );
}
};
/**********************************************************\
NAME: LSA_PRIMARY_DOM_INFO_MEM (lsaprim)
SYNOPSIS: Wrapper for POLICY_PRIMARY_DOMAIN_INFO
INTERFACE: LSA_PRIMARY_DOM_INFO_MEM(): constructor
~LSA_PRIMARY_DOM_INFO_MEM(): destructor
QueryPSID(): Query SID
QueryName(): Query the NLS_STR * name for the domain
PARENT: LSA_MEMORY
NOTES: This MEM class is slightly different from the other
MEM classes in that it will only contain zero or one item. Thus,
the index is not needed for the accessors.
HISTORY:
Davidhov 4/9/92 Created
\**********************************************************/
DLL_CLASS LSA_PRIMARY_DOM_INFO_MEM : public LSA_MEMORY
{
public:
/*
* Returns a properly casted pointer the the buffer
*/
inline const POLICY_PRIMARY_DOMAIN_INFO * QueryPtr() const
{
return (POLICY_PRIMARY_DOMAIN_INFO *)QueryBuffer();
}
/*
* Returns the UNICODE_STRING name for the account domain
*/
inline const UNICODE_STRING * QueryUnicodeName() const
{
return &QueryPtr()->Name;
}
LSA_PRIMARY_DOM_INFO_MEM( BOOL fOwnerAlloc = FALSE );
~LSA_PRIMARY_DOM_INFO_MEM();
/*
* Returns the PSID of the account domain
*/
inline PSID QueryPSID() const
{
return QueryPtr()->Sid;
}
/*
* Returns the name of the accounts domain
*/
inline APIERR QueryName( NLS_STR *pnlsName ) const
{
ASSERT( pnlsName != NULL );
return pnlsName->MapCopyFrom( QueryUnicodeName( )->Buffer,
QueryUnicodeName( )->Length );
}
};
/**********************************************************\
NAME: LSA_SERVER_ROLE_INFO_MEM (lsasrim)
SYNOPSIS: Wrapper for POLICY_LSA_SERVER_ROLE_INFO
INTERFACE: LSA_SERVER_ROLE_INFO_MEM(): constructor
~LSA_SERVER_ROLE_INFO_MEM(): destructor
QueryPrimary(): Return TRUE if PDC
PARENT: LSA_MEMORY
NOTES:
HISTORY: Davidhov 5/16/92 Created
\**********************************************************/
DLL_CLASS LSA_SERVER_ROLE_INFO_MEM : public LSA_MEMORY
{
private:
POLICY_LSA_SERVER_ROLE_INFO * QueryUpdatePtr () const
{
return (POLICY_LSA_SERVER_ROLE_INFO *) QueryBuffer() ;
}
public:
/*
* Returns a properly casted pointer the the buffer
*/
const POLICY_LSA_SERVER_ROLE_INFO * QueryPtr () const
{
return (POLICY_LSA_SERVER_ROLE_INFO *) QueryBuffer();
}
BOOL QueryPrimary () const
{
return QueryPtr()->LsaServerRole == PolicyServerRolePrimary ;
}
VOID SetRole ( BOOL fPrimary )
{
QueryUpdatePtr()->LsaServerRole = fPrimary
? PolicyServerRolePrimary
: PolicyServerRoleBackup ;
}
LSA_SERVER_ROLE_INFO_MEM ( BOOL fOwnerAlloc = FALSE,
BOOL fPrimary = FALSE ) ;
~ LSA_SERVER_ROLE_INFO_MEM ();
};
/**********************************************************\
NAME: LSA_AUDIT_EVENT_INFO_MEM ( lsaaeim )
SYNOPSIS: Wrapper for POLICY_AUDIT_EVENTS_INFO
INTERFACE: LSA_AUDIT_EVENT_INFO_MEM(): constructor
~LSA_AUDIT_EVENT_INFO_MEM(): destructor
QueryPtr() : Query the pointer to the buffer
QueryAuditEventCount(): return the number of audit event types
QueryAuditOptions(): return the array of
POLICY_AUDIT_EVENT_OPTIONS
IsAuditingOn(): TRUE if auditing is on, FALSE otherwise
SetAuditingMode(): Set the auditing mode
PARENT: LSA_MEMORY
NOTES: This MEM class is slightly different from the other
MEM classes in that it will only contain zero or one item. Thus,
the index is not needed for the accessors.
HISTORY:
Yi-HsinS 04/01/92 Created
\**********************************************************/
DLL_CLASS LSA_AUDIT_EVENT_INFO_MEM : public LSA_MEMORY
{
public:
LSA_AUDIT_EVENT_INFO_MEM( BOOL fOwnerAlloc = FALSE );
~LSA_AUDIT_EVENT_INFO_MEM();
POLICY_AUDIT_EVENTS_INFO *QueryPtr() const
{ return (POLICY_AUDIT_EVENTS_INFO *) QueryBuffer(); }
ULONG QueryAuditEventCount( VOID ) const
{ return QueryPtr()->MaximumAuditEventCount; }
POLICY_AUDIT_EVENT_OPTIONS *QueryAuditingOptions( VOID )
{ return QueryPtr()->EventAuditingOptions; }
BOOL IsAuditingOn( VOID )
{ return QueryPtr()->AuditingMode; }
VOID SetAuditingMode( BOOL fAuditingMode )
{ QueryPtr()->AuditingMode = (fAuditingMode != FALSE); }
};
/**********************************************************\
NAME: LSA_OBJECT (lsaobj)
SYNOPSIS: Wrapper for LSA handle-based C++ objects.
INTERFACE: (protected)
LSA_OBJECT(): constructor
~LSA_OBJECT(): destructor
QueryHandle():
SetHandle():
PARENT: BASE
NOTE: This class must be subclassed. It simply provides
a wrapper for the LSA_HANDLE.
HISTORY:
thomaspa 02/20/92 Created
\**********************************************************/
DLL_CLASS LSA_OBJECT : public BASE
{
private:
LSA_HANDLE _hlsa;
BOOL _fHandleValid ;
protected:
LSA_OBJECT();
~LSA_OBJECT();
/*
* Sets the handle for a LSA_OBJECT. Should only be
* called once for any object
*/
inline void SetHandle( LSA_HANDLE hlsa )
{
ASSERT( !_fHandleValid );
ASSERT( hlsa != NULL );
_hlsa = hlsa;
_fHandleValid = TRUE ;
}
inline void ResetHandle ( )
{
_fHandleValid = FALSE ;
_hlsa = NULL ;
}
public:
// Returns TRUE if handle is present and valid
inline BOOL IsHandleValid () const
{ return _fHandleValid ; }
// Returns the LSA_HANDLE for this object
inline LSA_HANDLE QueryHandle() const
{
return _fHandleValid ? _hlsa : NULL ;
}
// Close (or delete) the handle and invalidate it.
APIERR CloseHandle ( BOOL fDelete = FALSE ) ;
} ;
/**********************************************************\
NAME: LSA_POLICY (lsapol)
SYNOPSIS: Wrapper for LSA Policy apis.
INTERFACE: (public)
LSA_POLICY(): constructor
~LSA_POLICY(): destructor
EnumerateTrustedDomains():
GetAccountDomain():
TranslateSidsToNames():
GetAuditEventInfo():
SetAuditEventInfo():
CheckIfShutDownOnFull():
SetShutDownOnFull():
PARENT: BASE
HISTORY:
thomaspa 03/05/92 Created
JohnL 03/08/92 Added TranslateNamesToSids
\**********************************************************/
enum LSPL_PROD_TYPE
{
LSPL_PROD_NONE,
LSPL_PROD_WIN_NT,
LSPL_PROD_LANMAN_NT,
LSPL_PROD_MAX
};
DLL_CLASS LSA_POLICY : public LSA_OBJECT
{
private:
LSPL_PROD_TYPE _lsplType ; // Cached product type
static APIERR MakeNetLogonSecretName ( NLS_STR * pnlsLogonName ) ;
static VOID InitObjectAttributes( POBJECT_ATTRIBUTES poa,
PSECURITY_QUALITY_OF_SERVICE psqos );
// Create the name of the shared secret depending upon its type
static APIERR MakeSecretName ( const NLS_STR & nlsDomainName,
BOOL fPrimary,
NLS_STR * pnlsSecretName ) ;
protected:
APIERR TcharArrayToUnistrArray( const TCHAR * const * apsz,
PUNICODE_STRING aUniStr,
ULONG cElements ) ;
void CleanupUnistrArray( PUNICODE_STRING aUniStr,
ULONG cElementsAllocated ) ;
APIERR DeleteAllTrustedDomains () ;
public:
LSA_POLICY( const TCHAR * pszServerName,
ACCESS_MASK accessDesired = DEF_LSA_POLICY_ACCESS );
~LSA_POLICY();
// Re/open the policy handle
APIERR Open ( const TCHAR * pszServerName,
ACCESS_MASK accessDesired = DEF_LSA_POLICY_ACCESS );
APIERR EnumerateTrustedDomains( LSA_TRUST_INFO_MEM * plsatim,
PLSA_ENUMERATION_HANDLE plsaenumh,
ULONG cbRequested = sizeof(LSA_TRUST_INFORMATION) * 1000 ) ;
APIERR GetAccountDomain( LSA_ACCT_DOM_INFO_MEM * plsaadim ) const ;
APIERR GetPrimaryDomain( LSA_PRIMARY_DOM_INFO_MEM * plsapdim ) const ;
// Set Primary and Account Domain information
APIERR SetAccountDomain( const LSA_ACCT_DOM_INFO_MEM * plsaadim ) ;
APIERR SetPrimaryDomain( const LSA_PRIMARY_DOM_INFO_MEM * plsapdim ) ;
// Set the name and/or SID of the primary or accounts domain
APIERR SetAccountDomainName ( const NLS_STR * pnlsDomainName,
const PSID * ppsidDomain = NULL ) ;
APIERR SetPrimaryDomainName ( const NLS_STR * pnlsDomainName,
const PSID * ppsidDomain = NULL ) ;
// Get/Set the server role
APIERR GetServerRole ( LSA_SERVER_ROLE_INFO_MEM * plsasrim ) const ;
APIERR SetServerRole ( const LSA_SERVER_ROLE_INFO_MEM * plsasrim ) ;
APIERR GetAuditEventInfo( LSA_AUDIT_EVENT_INFO_MEM *plsaaeim );
APIERR SetAuditEventInfo( LSA_AUDIT_EVENT_INFO_MEM *plsaaeim );
APIERR CheckIfShutDownOnFull( BOOL *pfShutDownOnFull );
APIERR SetShutDownOnFull( BOOL fShutDownOnFull = TRUE );
APIERR TranslateSidsToNames( const PSID *ppsids,
ULONG cSids,
LSA_TRANSLATED_NAME_MEM *plsatnm,
LSA_REF_DOMAIN_MEM *plsardm);
APIERR TranslateNamesToSids( const TCHAR * const * apszAccountNames,
ULONG cAccountNames,
LSA_TRANSLATED_SID_MEM * plsatsidmem,
LSA_REF_DOMAIN_MEM * plsardm ) ;
// Verify the usability of the LSA, and optionally the name
// of the primary domain. Also, if non-NULL, return primary
// domain information.
APIERR VerifyLsa ( LSA_PRIMARY_DOM_INFO_MEM * plsapdim,
const NLS_STR * pnlsDomainName ) const ;
// Return the product type of the local platform
static APIERR QueryProductType ( LSPL_PROD_TYPE * lsplProd ) ;
// Return other standard info
APIERR QueryCurrentUser ( NLS_STR * pnlsUserName ) const ;
APIERR QueryPrimaryDomainName ( NLS_STR * pnlsDomainName ) const ;
APIERR QueryPrimaryBrowserGroup ( NLS_STR * pnlsBrowserGroup ) const ;
// Modification routines
// Change the primary browser group
APIERR SetPrimaryBrowserGroup ( const NLS_STR & nlsBrowserGroup ) ;
// Establish a trust relationship with an extant domain;
// if the DC name is provide it executes faster.
APIERR TrustDomain ( const NLS_STR & nlsDomainName,
const PSID psid,
const NLS_STR & nlsPassword,
BOOL fAsPrimary = TRUE,
const TCHAR * pszTrustedDcHint = NULL,
BOOL fAsDc = FALSE ) ;
// Establish a trust relationshiop with the primary domain of
// the given DC.
APIERR TrustDomain ( LSA_POLICY & lsapolDC,
const NLS_STR & nlsPassword,
BOOL fAsPrimary = TRUE,
const TCHAR * pszTrustedDcHint = NULL ) ;
// Destroy an existing trust relationship.
APIERR DistrustDomain ( const PSID psid,
const NLS_STR & nlsDomain,
BOOL fAsPrimary = TRUE ) ;
// Join an extant domain as a workstation or member server
APIERR JoinDomain ( const NLS_STR & nlsDomainName,
const NLS_STR & nlsPassword,
BOOL fAsDc = FALSE,
const NLS_STR * pnlsDcName = NULL,
const TCHAR * pszTrustedDcHint = NULL ) ;
// Leave the primary domain
APIERR LeaveDomain () ;
};
#endif // _UINTLSA_HXX_