01/01: [LSASRV] Return STATUS_DIRECTORY_SERVICE_REQUIRED for all trusted domain functions that use a policy handle and a domain name or domain SID when the machine is not a domain controller.
4 Nov
2018
4 Nov
'18
2:48 p.m.
https://git.reactos.org/?p=reactos.git;a=commitdiff;h=ee90e7f608ead823adbc2…
commit ee90e7f608ead823adbc2470910455d250cebafe
Author: Eric Kohl <eric.kohl(a)reactos.org>
AuthorDate: Sun Nov 4 15:27:57 2018 +0100
Commit: Eric Kohl <eric.kohl(a)reactos.org>
CommitDate: Sun Nov 4 15:27:57 2018 +0100
[LSASRV] Return STATUS_DIRECTORY_SERVICE_REQUIRED for all trusted domain functions
that use a policy handle and a domain name or domain SID when the machine is not a domain
controller.
---
dll/win32/lsasrv/lsarpc.c | 72 ++++++++++++++++++++++++++++++++++++++---------
dll/win32/lsasrv/lsasrv.c | 10 +++++--
dll/win32/lsasrv/lsasrv.h | 3 ++
3 files changed, 69 insertions(+), 16 deletions(-)
diff --git a/dll/win32/lsasrv/lsarpc.c b/dll/win32/lsasrv/lsarpc.c
index 54afdf380f..62d245b9d4 100644
--- a/dll/win32/lsasrv/lsarpc.c
+++ b/dll/win32/lsasrv/lsarpc.c
@@ -1161,8 +1161,12 @@ LsarCreateTrustedDomain(
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *TrustedDomainHandle)
{
- /* FIXME: We are not running an AD yet */
- return STATUS_DIRECTORY_SERVICE_REQUIRED;
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
}
@@ -2045,6 +2049,10 @@ LsarOpenTrustedDomain(
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *TrustedDomainHandle)
{
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
}
@@ -3405,8 +3413,12 @@ LsarQueryTrustedDomainInfo(
TRUSTED_INFORMATION_CLASS InformationClass,
PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation)
{
- /* FIXME: We are not running an AD yet */
- return STATUS_DIRECTORY_SERVICE_REQUIRED;
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
}
@@ -3419,8 +3431,12 @@ LsarSetTrustedDomainInfo(
TRUSTED_INFORMATION_CLASS InformationClass,
PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation)
{
- /* FIXME: We are not running an AD yet */
- return STATUS_DIRECTORY_SERVICE_REQUIRED;
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
}
@@ -3431,8 +3447,12 @@ LsarDeleteTrustedDomain(
LSAPR_HANDLE PolicyHandle,
PRPC_SID TrustedDomainSid)
{
- /* FIXME: We are not running an AD yet */
- return STATUS_DIRECTORY_SERVICE_REQUIRED;
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
}
@@ -3763,6 +3783,10 @@ LsarQueryTrustedDomainInfoByName(
POLICY_INFORMATION_CLASS InformationClass,
PLSAPR_TRUSTED_DOMAIN_INFO *PolicyInformation)
{
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
/* FIXME: We are not running an AD yet */
return STATUS_OBJECT_NAME_NOT_FOUND;
}
@@ -3777,6 +3801,10 @@ LsarSetTrustedDomainInfoByName(
POLICY_INFORMATION_CLASS InformationClass,
PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation)
{
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
/* FIXME: We are not running an AD yet */
return STATUS_OBJECT_NAME_NOT_FOUND;
}
@@ -3791,6 +3819,10 @@ LsarEnumerateTrustedDomainsEx(
PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer,
DWORD PreferedMaximumLength)
{
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
/* FIXME: We are not running an AD yet */
EnumerationBuffer->EntriesRead = 0;
EnumerationBuffer->EnumerationBuffer = NULL;
@@ -3808,8 +3840,12 @@ LsarCreateTrustedDomainEx(
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *TrustedDomainHandle)
{
- /* FIXME: We are not running an AD yet */
- return STATUS_DIRECTORY_SERVICE_REQUIRED;
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
}
@@ -3859,8 +3895,12 @@ LsarOpenTrustedDomainByName(
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *TrustedDomainHandle)
{
- /* FIXME: We are not running an AD yet */
- return STATUS_OBJECT_NAME_NOT_FOUND;
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
}
@@ -3989,8 +4029,12 @@ LsarCreateTrustedDomainEx2(
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *TrustedDomainHandle)
{
- /* FIXME: We are not running an AD yet */
- return STATUS_DIRECTORY_SERVICE_REQUIRED;
+ /* Fail, if we are not a domain controller */
+ if (LsapProductType != NtProductLanManNt)
+ return STATUS_DIRECTORY_SERVICE_REQUIRED;
+
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
}
diff --git a/dll/win32/lsasrv/lsasrv.c b/dll/win32/lsasrv/lsasrv.c
index b92e0e6ff9..7b09751fdc 100644
--- a/dll/win32/lsasrv/lsasrv.c
+++ b/dll/win32/lsasrv/lsasrv.c
@@ -10,6 +10,8 @@
#include "lsasrv.h"
+NT_PRODUCT_TYPE LsapProductType = NtProductWinNt;
+
/* FUNCTIONS ***************************************************************/
VOID
@@ -268,13 +270,17 @@ LsaIFree_LSAPR_TRANSLATED_SIDS(
}
-NTSTATUS WINAPI
+NTSTATUS
+WINAPI
LsapInitLsa(VOID)
{
NTSTATUS Status;
BOOLEAN PrivilegeEnabled;
- TRACE("LsapInitLsa() called\n");
+ TRACE("LsapInitLsa()\n");
+
+ /* Get the product type */
+ RtlGetNtProductType(&LsapProductType);
/* Initialize the well known SIDs */
LsapInitSids();
diff --git a/dll/win32/lsasrv/lsasrv.h b/dll/win32/lsasrv/lsasrv.h
index 174a8fb6f4..62c7fdd236 100644
--- a/dll/win32/lsasrv/lsasrv.h
+++ b/dll/win32/lsasrv/lsasrv.h
@@ -28,6 +28,7 @@
#include <ndk/obfuncs.h>
#include <ndk/psfuncs.h>
#include <ndk/rtlfuncs.h>
+#include <ndk/ketypes.h>
#include <ndk/setypes.h>
#include <ntsam.h>
@@ -85,6 +86,8 @@ typedef struct _SAMPR_ULONG_ARRAY
unsigned long *Element;
} SAMPR_ULONG_ARRAY, *PSAMPR_ULONG_ARRAY;
+extern NT_PRODUCT_TYPE LsapProductType;
+
extern SID_IDENTIFIER_AUTHORITY NullSidAuthority;
extern SID_IDENTIFIER_AUTHORITY WorldSidAuthority;
extern SID_IDENTIFIER_AUTHORITY LocalSidAuthority;
2146
days inactive
2146
days old
0 comments
1 participants
participants (1)
-
Eric Kohl