01/01: [LSASRV] Return STATUS_DIRECTORY_SERVICE_REQUIRED for all trusted domain functions that use a policy handle and a domain name or domain SID when the machine is not a domain controller. - Ros-diffs

4 Nov 2018

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=ee90e7f608ead823adbc24...
commit ee90e7f608ead823adbc2470910455d250cebafe
Author:     Eric Kohl eric.kohl@reactos.org
AuthorDate: Sun Nov 4 15:27:57 2018 +0100
Commit:     Eric Kohl eric.kohl@reactos.org
CommitDate: Sun Nov 4 15:27:57 2018 +0100
[LSASRV] Return STATUS_DIRECTORY_SERVICE_REQUIRED for all trusted domain functions that use a policy handle and a domain name or domain SID when the machine is not a domain controller.
---
 dll/win32/lsasrv/lsarpc.c | 72 ++++++++++++++++++++++++++++++++++++++---------
 dll/win32/lsasrv/lsasrv.c | 10 +++++--
 dll/win32/lsasrv/lsasrv.h |  3 ++
 3 files changed, 69 insertions(+), 16 deletions(-)

diff --git a/dll/win32/lsasrv/lsarpc.c b/dll/win32/lsasrv/lsarpc.c
index 54afdf380f..62d245b9d4 100644
--- a/dll/win32/lsasrv/lsarpc.c
+++ b/dll/win32/lsasrv/lsarpc.c
@@ -1161,8 +1161,12 @@ LsarCreateTrustedDomain(
     ACCESS_MASK DesiredAccess,
     LSAPR_HANDLE *TrustedDomainHandle)
 {
-    /* FIXME: We are not running an AD yet */
-    return STATUS_DIRECTORY_SERVICE_REQUIRED;
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
 }
@@ -2045,6 +2049,10 @@ LsarOpenTrustedDomain(
     ACCESS_MASK DesiredAccess,
     LSAPR_HANDLE *TrustedDomainHandle)
 {
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
     UNIMPLEMENTED;
     return STATUS_NOT_IMPLEMENTED;
 }
@@ -3405,8 +3413,12 @@ LsarQueryTrustedDomainInfo(
     TRUSTED_INFORMATION_CLASS InformationClass,
     PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
 {
-    /* FIXME: We are not running an AD yet */
-    return STATUS_DIRECTORY_SERVICE_REQUIRED;
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
 }
@@ -3419,8 +3431,12 @@ LsarSetTrustedDomainInfo(
     TRUSTED_INFORMATION_CLASS InformationClass,
     PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
 {
-    /* FIXME: We are not running an AD yet */
-    return STATUS_DIRECTORY_SERVICE_REQUIRED;
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
 }
@@ -3431,8 +3447,12 @@ LsarDeleteTrustedDomain(
     LSAPR_HANDLE PolicyHandle,
     PRPC_SID TrustedDomainSid)
 {
-    /* FIXME: We are not running an AD yet */
-    return STATUS_DIRECTORY_SERVICE_REQUIRED;
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
 }
@@ -3763,6 +3783,10 @@ LsarQueryTrustedDomainInfoByName(
     POLICY_INFORMATION_CLASS InformationClass,
     PLSAPR_TRUSTED_DOMAIN_INFO *PolicyInformation)
 {
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
     /* FIXME: We are not running an AD yet */
     return STATUS_OBJECT_NAME_NOT_FOUND;
 }
@@ -3777,6 +3801,10 @@ LsarSetTrustedDomainInfoByName(
     POLICY_INFORMATION_CLASS InformationClass,
     PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation)
 {
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
     /* FIXME: We are not running an AD yet */
     return STATUS_OBJECT_NAME_NOT_FOUND;
 }
@@ -3791,6 +3819,10 @@ LsarEnumerateTrustedDomainsEx(
     PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer,
     DWORD PreferedMaximumLength)
 {
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
     /* FIXME: We are not running an AD yet */
     EnumerationBuffer->EntriesRead = 0;
     EnumerationBuffer->EnumerationBuffer = NULL;
@@ -3808,8 +3840,12 @@ LsarCreateTrustedDomainEx(
     ACCESS_MASK DesiredAccess,
     LSAPR_HANDLE *TrustedDomainHandle)
 {
-    /* FIXME: We are not running an AD yet */
-    return STATUS_DIRECTORY_SERVICE_REQUIRED;
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
 }
@@ -3859,8 +3895,12 @@ LsarOpenTrustedDomainByName(
     ACCESS_MASK DesiredAccess,
     LSAPR_HANDLE *TrustedDomainHandle)
 {
-    /* FIXME: We are not running an AD yet */
-    return STATUS_OBJECT_NAME_NOT_FOUND;
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
 }
@@ -3989,8 +4029,12 @@ LsarCreateTrustedDomainEx2(
     ACCESS_MASK DesiredAccess,
     LSAPR_HANDLE *TrustedDomainHandle)
 {
-    /* FIXME: We are not running an AD yet */
-    return STATUS_DIRECTORY_SERVICE_REQUIRED;
+    /* Fail, if we are not a domain controller */
+    if (LsapProductType != NtProductLanManNt)
+        return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
 }
diff --git a/dll/win32/lsasrv/lsasrv.c b/dll/win32/lsasrv/lsasrv.c
index b92e0e6ff9..7b09751fdc 100644
--- a/dll/win32/lsasrv/lsasrv.c
+++ b/dll/win32/lsasrv/lsasrv.c
@@ -10,6 +10,8 @@
#include "lsasrv.h"
+NT_PRODUCT_TYPE LsapProductType = NtProductWinNt;
+
 /* FUNCTIONS ***************************************************************/
VOID
@@ -268,13 +270,17 @@ LsaIFree_LSAPR_TRANSLATED_SIDS(
 }
-NTSTATUS WINAPI
+NTSTATUS
+WINAPI
 LsapInitLsa(VOID)
 {
     NTSTATUS Status;
     BOOLEAN PrivilegeEnabled;
-    TRACE("LsapInitLsa() called\n");
+    TRACE("LsapInitLsa()\n");
+
+    /* Get the product type */
+    RtlGetNtProductType(&LsapProductType);
/* Initialize the well known SIDs */
     LsapInitSids();
diff --git a/dll/win32/lsasrv/lsasrv.h b/dll/win32/lsasrv/lsasrv.h
index 174a8fb6f4..62c7fdd236 100644
--- a/dll/win32/lsasrv/lsasrv.h
+++ b/dll/win32/lsasrv/lsasrv.h
@@ -28,6 +28,7 @@
 #include <ndk/obfuncs.h>
 #include <ndk/psfuncs.h>
 #include <ndk/rtlfuncs.h>
+#include <ndk/ketypes.h>
 #include <ndk/setypes.h>
#include <ntsam.h>
@@ -85,6 +86,8 @@ typedef struct _SAMPR_ULONG_ARRAY
     unsigned long *Element;
 } SAMPR_ULONG_ARRAY, *PSAMPR_ULONG_ARRAY;
+extern NT_PRODUCT_TYPE LsapProductType;
+
 extern SID_IDENTIFIER_AUTHORITY NullSidAuthority;
 extern SID_IDENTIFIER_AUTHORITY WorldSidAuthority;
 extern SID_IDENTIFIER_AUTHORITY LocalSidAuthority;

    