Cleanup SID initialization and fill all SeExports fields.
Modified: trunk/reactos/ntoskrnl/include/internal/se.h
Modified: trunk/reactos/ntoskrnl/se/priv.c
Modified: trunk/reactos/ntoskrnl/se/semgr.c
Modified: trunk/reactos/ntoskrnl/se/sid.c
Modified: trunk/reactos/ntoskrnl/include/internal/se.h
--- trunk/reactos/ntoskrnl/include/internal/se.h	2005-08-01 08:58:15 UTC (rev 16935)
+++ trunk/reactos/ntoskrnl/include/internal/se.h	2005-08-01 09:05:20 UTC (rev 16936)
@@ -37,6 +37,9 @@

 extern PSID SeAliasSystemOpsSid;
 extern PSID SeAliasPrintOpsSid;
 extern PSID SeAliasBackupOpsSid;

+extern PSID SeAuthenticatedUsersSid;
+extern PSID SeRestrictedSid;
+extern PSID SeAnonymousLogonSid;

 
 /* Privileges */
 extern LUID SeCreateTokenPrivilege;
@@ -62,6 +65,9 @@

 extern LUID SeSystemEnvironmentPrivilege;
 extern LUID SeChangeNotifyPrivilege;
 extern LUID SeRemoteShutdownPrivilege;

+extern LUID SeUndockPrivilege;
+extern LUID SeSyncAgentPrivilege;
+extern LUID SeEnableDelegationPrivilege;

 
 /* DACLs */
 extern PACL SePublicDefaultUnrestrictedDacl;
Modified: trunk/reactos/ntoskrnl/se/priv.c
--- trunk/reactos/ntoskrnl/se/priv.c	2005-08-01 08:58:15 UTC (rev 16935)
+++ trunk/reactos/ntoskrnl/se/priv.c	2005-08-01 09:05:20 UTC (rev 16936)
@@ -40,6 +40,9 @@

 LUID SeSystemEnvironmentPrivilege;
 LUID SeChangeNotifyPrivilege;
 LUID SeRemoteShutdownPrivilege;

+LUID SeUndockPrivilege;
+LUID SeSyncAgentPrivilege;
+LUID SeEnableDelegationPrivilege;

 
 
 /* FUNCTIONS ***************************************************************/
@@ -93,6 +96,12 @@

   SeChangeNotifyPrivilege.HighPart = 0;
   SeRemoteShutdownPrivilege.LowPart = SE_REMOTE_SHUTDOWN_PRIVILEGE;
   SeRemoteShutdownPrivilege.HighPart = 0;

+  SeUndockPrivilege.LowPart = SE_UNDOCK_PRIVILEGE;
+  SeUndockPrivilege.HighPart = 0;
+  SeSyncAgentPrivilege.LowPart = SE_SYNC_AGENT_PRIVILEGE;
+  SeSyncAgentPrivilege.HighPart = 0;
+  SeEnableDelegationPrivilege.LowPart = SE_ENABLE_DELEGATION_PRIVILEGE;
+  SeEnableDelegationPrivilege.HighPart = 0;

 }
Modified: trunk/reactos/ntoskrnl/se/semgr.c
--- trunk/reactos/ntoskrnl/se/semgr.c	2005-08-01 08:58:15 UTC (rev 16935)
+++ trunk/reactos/ntoskrnl/se/semgr.c	2005-08-01 09:05:20 UTC (rev 16936)
@@ -165,7 +165,14 @@

   SepExports.SeAliasSystemOpsSid = SeAliasSystemOpsSid;
   SepExports.SeAliasPrintOpsSid = SeAliasPrintOpsSid;
   SepExports.SeAliasBackupOpsSid = SeAliasBackupOpsSid;

+  SepExports.SeAuthenticatedUsersSid = SeAuthenticatedUsersSid;
+  SepExports.SeRestrictedSid = SeRestrictedSid;
+  SepExports.SeAnonymousLogonSid = SeAnonymousLogonSid;

 

+  SepExports.SeUndockPrivilege = SeUndockPrivilege;
+  SepExports.SeSyncAgentPrivilege = SeSyncAgentPrivilege;
+  SepExports.SeEnableDelegationPrivilege = SeEnableDelegationPrivilege;
+  

   SeExports = &SepExports;
   return TRUE;
 }
Modified: trunk/reactos/ntoskrnl/se/sid.c
--- trunk/reactos/ntoskrnl/se/sid.c	2005-08-01 08:58:15 UTC (rev 16935)
+++ trunk/reactos/ntoskrnl/se/sid.c	2005-08-01 09:05:20 UTC (rev 16936)
@@ -36,7 +36,6 @@

 PSID SeBatchSid = NULL;
 PSID SeInteractiveSid = NULL;
 PSID SeServiceSid = NULL;

-PSID SeAnonymousLogonSid = NULL;

 PSID SePrincipalSelfSid = NULL;
 PSID SeLocalSystemSid = NULL;
 PSID SeAuthenticatedUserSid = NULL;
@@ -49,6 +48,9 @@

 PSID SeAliasSystemOpsSid = NULL;
 PSID SeAliasPrintOpsSid = NULL;
 PSID SeAliasBackupOpsSid = NULL;

+PSID SeAuthenticatedUsersSid = NULL;
+PSID SeRestrictedSid = NULL;
+PSID SeAnonymousLogonSid = NULL;

 
 
 /* FUNCTIONS ****************************************************************/
@@ -67,398 +69,153 @@

   SidLength2 = RtlLengthRequiredSid(2);
 
   /* create NullSid */

-  SeNullSid = ExAllocatePoolWithTag(PagedPool,
-				    SidLength1,
-				    TAG_SID);
-  if (SeNullSid == NULL)

+  SeNullSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeWorldSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeLocalSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeCreatorOwnerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeCreatorGroupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeCreatorOwnerServerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeCreatorGroupServerSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeNtAuthoritySid = ExAllocatePoolWithTag(PagedPool, SidLength0, TAG_SID);
+  SeDialupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeNetworkSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeBatchSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeInteractiveSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SePrincipalSelfSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeLocalSystemSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeAuthenticatedUserSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeRestrictedCodeSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeAliasAdminsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
+  SeAliasUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
+  SeAliasGuestsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
+  SeAliasPowerUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
+  SeAliasAccountOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
+  SeAliasSystemOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
+  SeAliasPrintOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
+  SeAliasBackupOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2, TAG_SID);
+  SeAuthenticatedUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeRestrictedSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+  SeAnonymousLogonSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+ 
+  if (SeNullSid == NULL || SeNullSid == NULL || SeWorldSid == NULL ||
+      SeLocalSid == NULL || SeCreatorOwnerSid == NULL ||
+      SeCreatorGroupSid == NULL || SeCreatorOwnerServerSid == NULL ||
+      SeCreatorGroupServerSid == NULL || SeNtAuthoritySid == NULL ||
+      SeDialupSid == NULL || SeNetworkSid == NULL || SeBatchSid == NULL ||
+      SeInteractiveSid == NULL || SeServiceSid == NULL ||
+      SePrincipalSelfSid == NULL || SeLocalSystemSid == NULL ||
+      SeAuthenticatedUserSid == NULL || SeRestrictedCodeSid == NULL ||
+      SeAliasAdminsSid == NULL || SeAliasUsersSid == NULL ||
+      SeAliasGuestsSid == NULL || SeAliasPowerUsersSid == NULL ||
+      SeAliasAccountOpsSid == NULL || SeAliasSystemOpsSid == NULL ||
+      SeAliasPrintOpsSid == NULL || SeAliasBackupOpsSid == NULL ||
+      SeAuthenticatedUsersSid == NULL || SeRestrictedSid == NULL ||
+      SeAnonymousLogonSid == NULL)
+  {
+    /* FIXME: We're leaking memory here. */

     return(FALSE);

+  }

 

-  RtlInitializeSid(SeNullSid,
-		   &SeNullSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeNullSid,
-				    0);
-  *SubAuthority = SECURITY_NULL_RID;

+  RtlInitializeSid(SeNullSid, &SeNullSidAuthority, 1);
+  RtlInitializeSid(SeWorldSid, &SeWorldSidAuthority, 1);
+  RtlInitializeSid(SeLocalSid, &SeLocalSidAuthority, 1);
+  RtlInitializeSid(SeCreatorOwnerSid, &SeCreatorSidAuthority, 1);
+  RtlInitializeSid(SeCreatorGroupSid, &SeCreatorSidAuthority, 1);
+  RtlInitializeSid(SeCreatorOwnerServerSid, &SeCreatorSidAuthority, 1);
+  RtlInitializeSid(SeCreatorGroupServerSid, &SeCreatorSidAuthority, 1);
+  RtlInitializeSid(SeNtAuthoritySid, &SeNtSidAuthority, 0);
+  RtlInitializeSid(SeDialupSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SeNetworkSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SeBatchSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SeInteractiveSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SeServiceSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SePrincipalSelfSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SeLocalSystemSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SeAuthenticatedUserSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SeRestrictedCodeSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SeAliasAdminsSid, &SeNtSidAuthority, 2);
+  RtlInitializeSid(SeAliasUsersSid, &SeNtSidAuthority, 2);
+  RtlInitializeSid(SeAliasGuestsSid, &SeNtSidAuthority, 2);
+  RtlInitializeSid(SeAliasPowerUsersSid, &SeNtSidAuthority, 2);
+  RtlInitializeSid(SeAliasAccountOpsSid, &SeNtSidAuthority, 2);
+  RtlInitializeSid(SeAliasSystemOpsSid, &SeNtSidAuthority, 2);
+  RtlInitializeSid(SeAliasPrintOpsSid, &SeNtSidAuthority, 2);
+  RtlInitializeSid(SeAliasBackupOpsSid, &SeNtSidAuthority, 2);
+  RtlInitializeSid(SeAuthenticatedUsersSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SeRestrictedSid, &SeNtSidAuthority, 1);
+  RtlInitializeSid(SeAnonymousLogonSid, &SeNtSidAuthority, 1);

 

-  /* create WorldSid */
-  SeWorldSid = ExAllocatePoolWithTag(PagedPool,
-				     SidLength1,
-				     TAG_SID);
-  if (SeWorldSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeWorldSid,
-		   &SeWorldSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeWorldSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeNullSid, 0);
+  *SubAuthority = SECURITY_NULL_RID;
+  SubAuthority = RtlSubAuthoritySid(SeWorldSid, 0);

   *SubAuthority = SECURITY_WORLD_RID;

-
-  /* create LocalSid */
-  SeLocalSid = ExAllocatePoolWithTag(PagedPool,
-				     SidLength1,
-				     TAG_SID);
-  if (SeLocalSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeLocalSid,
-		   &SeLocalSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeLocalSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeLocalSid, 0);

   *SubAuthority = SECURITY_LOCAL_RID;

-
-  /* create CreatorOwnerSid */
-  SeCreatorOwnerSid = ExAllocatePoolWithTag(PagedPool,
-					    SidLength1,
-					    TAG_SID);
-  if (SeCreatorOwnerSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeCreatorOwnerSid,
-		   &SeCreatorSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerSid, 0);

   *SubAuthority = SECURITY_CREATOR_OWNER_RID;

-
-  /* create CreatorGroupSid */
-  SeCreatorGroupSid = ExAllocatePoolWithTag(PagedPool,
-					    SidLength1,
-					    TAG_SID);
-  if (SeCreatorGroupSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeCreatorGroupSid,
-		   &SeCreatorSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupSid, 0);

   *SubAuthority = SECURITY_CREATOR_GROUP_RID;

-
-  /* create CreatorOwnerServerSid */
-  SeCreatorOwnerServerSid = ExAllocatePoolWithTag(PagedPool,
-						  SidLength1,
-						  TAG_SID);
-  if (SeCreatorOwnerServerSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeCreatorOwnerServerSid,
-		   &SeCreatorSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerServerSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerServerSid, 0);

   *SubAuthority = SECURITY_CREATOR_OWNER_SERVER_RID;

-
-  /* create CreatorGroupServerSid */
-  SeCreatorGroupServerSid = ExAllocatePoolWithTag(PagedPool,
-						  SidLength1,
-						  TAG_SID);
-  if (SeCreatorGroupServerSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeCreatorGroupServerSid,
-		   &SeCreatorSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupServerSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeCreatorGroupServerSid, 0);

   *SubAuthority = SECURITY_CREATOR_GROUP_SERVER_RID;

-
-
-  /* create NtAuthoritySid */
-  SeNtAuthoritySid = ExAllocatePoolWithTag(PagedPool,
-					   SidLength0,
-					   TAG_SID);
-  if (SeNtAuthoritySid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeNtAuthoritySid,
-		   &SeNtSidAuthority,
-		   0);
-
-  /* create DialupSid */
-  SeDialupSid = ExAllocatePoolWithTag(PagedPool,
-				      SidLength1,
-				      TAG_SID);
-  if (SeDialupSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeDialupSid,
-		   &SeNtSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeDialupSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeDialupSid, 0);

   *SubAuthority = SECURITY_DIALUP_RID;

-
-  /* create NetworkSid */
-  SeNetworkSid = ExAllocatePoolWithTag(PagedPool,
-				       SidLength1,
-				       TAG_SID);
-  if (SeNetworkSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeNetworkSid,
-		   &SeNtSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeNetworkSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeNetworkSid, 0);

   *SubAuthority = SECURITY_NETWORK_RID;

-
-  /* create BatchSid */
-  SeBatchSid = ExAllocatePoolWithTag(PagedPool,
-				     SidLength1,
-				     TAG_SID);
-  if (SeBatchSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeBatchSid,
-		   &SeNtSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeBatchSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeBatchSid, 0);

   *SubAuthority = SECURITY_BATCH_RID;

-
-  /* create InteractiveSid */
-  SeInteractiveSid = ExAllocatePoolWithTag(PagedPool,
-					   SidLength1,
-					   TAG_SID);
-  if (SeInteractiveSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeInteractiveSid,
-		   &SeNtSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeInteractiveSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeInteractiveSid, 0);

   *SubAuthority = SECURITY_INTERACTIVE_RID;

-
-  /* create ServiceSid */
-  SeServiceSid = ExAllocatePoolWithTag(PagedPool,
-				       SidLength1,
-				       TAG_SID);
-  if (SeServiceSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeServiceSid,
-		   &SeNtSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeServiceSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeServiceSid, 0);

   *SubAuthority = SECURITY_SERVICE_RID;

-
-  /* create AnonymousLogonSid */
-  SeAnonymousLogonSid = ExAllocatePoolWithTag(PagedPool,
-					      SidLength1,
-					      TAG_SID);
-  if (SeAnonymousLogonSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeAnonymousLogonSid,
-		   &SeNtSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid,
-				    0);
-  *SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;
-
-  /* create PrincipalSelfSid */
-  SePrincipalSelfSid = ExAllocatePoolWithTag(PagedPool,
-					     SidLength1,
-					     TAG_SID);
-  if (SePrincipalSelfSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SePrincipalSelfSid,
-		   &SeNtSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SePrincipalSelfSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SePrincipalSelfSid, 0);

   *SubAuthority = SECURITY_PRINCIPAL_SELF_RID;

-
-  /* create LocalSystemSid */
-  SeLocalSystemSid = ExAllocatePoolWithTag(PagedPool,
-					   SidLength1,
-					   TAG_SID);
-  if (SeLocalSystemSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeLocalSystemSid,
-		   &SeNtSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeLocalSystemSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeLocalSystemSid, 0);

   *SubAuthority = SECURITY_LOCAL_SYSTEM_RID;

-
-  /* create AuthenticatedUserSid */
-  SeAuthenticatedUserSid = ExAllocatePoolWithTag(PagedPool,
-						 SidLength1,
-						 TAG_SID);
-  if (SeAuthenticatedUserSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeAuthenticatedUserSid,
-		   &SeNtSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUserSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUserSid, 0);

   *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;

-
-  /* create RestrictedCodeSid */
-  SeRestrictedCodeSid = ExAllocatePoolWithTag(PagedPool,
-					      SidLength1,
-					      TAG_SID);
-  if (SeRestrictedCodeSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeRestrictedCodeSid,
-		   &SeNtSidAuthority,
-		   1);
-  SubAuthority = RtlSubAuthoritySid(SeRestrictedCodeSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeRestrictedCodeSid, 0);

   *SubAuthority = SECURITY_RESTRICTED_CODE_RID;

-
-  /* create AliasAdminsSid */
-  SeAliasAdminsSid = ExAllocatePoolWithTag(PagedPool,
-					   SidLength2,
-					   TAG_SID);
-  if (SeAliasAdminsSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeAliasAdminsSid,
-		   &SeNtSidAuthority,
-		   2);
-  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 0);

   *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;

-
-  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid,
-				    1);

+  SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 1);

   *SubAuthority = DOMAIN_ALIAS_RID_ADMINS;

-
-  /* create AliasUsersSid */
-  SeAliasUsersSid = ExAllocatePoolWithTag(PagedPool,
-					  SidLength2,
-					  TAG_SID);
-  if (SeAliasUsersSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeAliasUsersSid,
-		   &SeNtSidAuthority,
-		   2);
-  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 0);

   *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;

-
-  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid,
-				    1);

+  SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 1);

   *SubAuthority = DOMAIN_ALIAS_RID_USERS;

-
-  /* create AliasGuestsSid */
-  SeAliasGuestsSid = ExAllocatePoolWithTag(PagedPool,
-					   SidLength2,
-					   TAG_SID);
-  if (SeAliasGuestsSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeAliasGuestsSid,
-		   &SeNtSidAuthority,
-		   2);
-  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 0);

   *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;

-
-  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid,
-				    1);

+  SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 1);

   *SubAuthority = DOMAIN_ALIAS_RID_GUESTS;

-
-  /* create AliasPowerUsersSid */
-  SeAliasPowerUsersSid = ExAllocatePoolWithTag(PagedPool,
-					       SidLength2,
-					       TAG_SID);
-  if (SeAliasPowerUsersSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeAliasPowerUsersSid,
-		   &SeNtSidAuthority,
-		   2);
-  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 0);

   *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;

-
-  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid,
-				    1);

+  SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 1);

   *SubAuthority = DOMAIN_ALIAS_RID_POWER_USERS;

-
-  /* create AliasAccountOpsSid */
-  SeAliasAccountOpsSid = ExAllocatePoolWithTag(PagedPool,
-					       SidLength2,
-					       TAG_SID);
-  if (SeAliasAccountOpsSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeAliasAccountOpsSid,
-		   &SeNtSidAuthority,
-		   2);
-  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 0);

   *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;

-
-  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid,
-				    1);

+  SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 1);

   *SubAuthority = DOMAIN_ALIAS_RID_ACCOUNT_OPS;

-
-  /* create AliasSystemOpsSid */
-  SeAliasSystemOpsSid = ExAllocatePoolWithTag(PagedPool,
-					      SidLength2,
-					      TAG_SID);
-  if (SeAliasSystemOpsSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeAliasSystemOpsSid,
-		   &SeNtSidAuthority,
-		   2);
-  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 0);

   *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;

-
-  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid,
-				    1);

+  SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 1);

   *SubAuthority = DOMAIN_ALIAS_RID_SYSTEM_OPS;

-
-  /* create AliasPrintOpsSid */
-  SeAliasPrintOpsSid = ExAllocatePoolWithTag(PagedPool,
-					     SidLength2,
-					     TAG_SID);
-  if (SeAliasPrintOpsSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeAliasPrintOpsSid,
-		   &SeNtSidAuthority,
-		   2);
-  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 0);

   *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;

-
-  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid,
-				    1);

+  SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 1);

   *SubAuthority = DOMAIN_ALIAS_RID_PRINT_OPS;

-
-  /* create AliasBackupOpsSid */
-  SeAliasBackupOpsSid = ExAllocatePoolWithTag(PagedPool,
-					      SidLength2,
-					      TAG_SID);
-  if (SeAliasBackupOpsSid == NULL)
-    return(FALSE);
-
-  RtlInitializeSid(SeAliasBackupOpsSid,
-		   &SeNtSidAuthority,
-		   2);
-  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid,
-				    0);

+  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 0);

   *SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;

-
-  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid,
-				    1);

+  SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 1);

   *SubAuthority = DOMAIN_ALIAS_RID_BACKUP_OPS;

+  SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUsersSid, 0);
+  *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
+  SubAuthority = RtlSubAuthoritySid(SeRestrictedSid, 0);
+  *SubAuthority = SECURITY_RESTRICTED_CODE_RID;
+  SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid, 0);
+  *SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;

 
   return(TRUE);
 }