https://git.reactos.org/?p=reactos.git;a=commitdiff;h=ee90e7f608ead823adbc2470910455d250cebafe
commit ee90e7f608ead823adbc2470910455d250cebafe Author: Eric Kohl <[email protected]> AuthorDate: Sun Nov 4 15:27:57 2018 +0100 Commit: Eric Kohl <[email protected]> CommitDate: Sun Nov 4 15:27:57 2018 +0100 [LSASRV] Return STATUS_DIRECTORY_SERVICE_REQUIRED for all trusted domain functions that use a policy handle and a domain name or domain SID when the machine is not a domain controller. --- dll/win32/lsasrv/lsarpc.c | 72 ++++++++++++++++++++++++++++++++++++++--------- dll/win32/lsasrv/lsasrv.c | 10 +++++-- dll/win32/lsasrv/lsasrv.h | 3 ++ 3 files changed, 69 insertions(+), 16 deletions(-) diff --git a/dll/win32/lsasrv/lsarpc.c b/dll/win32/lsasrv/lsarpc.c index 54afdf380f..62d245b9d4 100644 --- a/dll/win32/lsasrv/lsarpc.c +++ b/dll/win32/lsasrv/lsarpc.c @@ -1161,8 +1161,12 @@ LsarCreateTrustedDomain( ACCESS_MASK DesiredAccess, LSAPR_HANDLE *TrustedDomainHandle) { - /* FIXME: We are not running an AD yet */ - return STATUS_DIRECTORY_SERVICE_REQUIRED; + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; } @@ -2045,6 +2049,10 @@ LsarOpenTrustedDomain( ACCESS_MASK DesiredAccess, LSAPR_HANDLE *TrustedDomainHandle) { + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + UNIMPLEMENTED; return STATUS_NOT_IMPLEMENTED; } @@ -3405,8 +3413,12 @@ LsarQueryTrustedDomainInfo( TRUSTED_INFORMATION_CLASS InformationClass, PLSAPR_TRUSTED_DOMAIN_INFO *TrustedDomainInformation) { - /* FIXME: We are not running an AD yet */ - return STATUS_DIRECTORY_SERVICE_REQUIRED; + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; } @@ -3419,8 +3431,12 @@ LsarSetTrustedDomainInfo( TRUSTED_INFORMATION_CLASS InformationClass, PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation) { - /* FIXME: We are not running an AD yet */ - return STATUS_DIRECTORY_SERVICE_REQUIRED; + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; } @@ -3431,8 +3447,12 @@ LsarDeleteTrustedDomain( LSAPR_HANDLE PolicyHandle, PRPC_SID TrustedDomainSid) { - /* FIXME: We are not running an AD yet */ - return STATUS_DIRECTORY_SERVICE_REQUIRED; + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; } @@ -3763,6 +3783,10 @@ LsarQueryTrustedDomainInfoByName( POLICY_INFORMATION_CLASS InformationClass, PLSAPR_TRUSTED_DOMAIN_INFO *PolicyInformation) { + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + /* FIXME: We are not running an AD yet */ return STATUS_OBJECT_NAME_NOT_FOUND; } @@ -3777,6 +3801,10 @@ LsarSetTrustedDomainInfoByName( POLICY_INFORMATION_CLASS InformationClass, PLSAPR_TRUSTED_DOMAIN_INFO PolicyInformation) { + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + /* FIXME: We are not running an AD yet */ return STATUS_OBJECT_NAME_NOT_FOUND; } @@ -3791,6 +3819,10 @@ LsarEnumerateTrustedDomainsEx( PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer, DWORD PreferedMaximumLength) { + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + /* FIXME: We are not running an AD yet */ EnumerationBuffer->EntriesRead = 0; EnumerationBuffer->EnumerationBuffer = NULL; @@ -3808,8 +3840,12 @@ LsarCreateTrustedDomainEx( ACCESS_MASK DesiredAccess, LSAPR_HANDLE *TrustedDomainHandle) { - /* FIXME: We are not running an AD yet */ - return STATUS_DIRECTORY_SERVICE_REQUIRED; + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; } @@ -3859,8 +3895,12 @@ LsarOpenTrustedDomainByName( ACCESS_MASK DesiredAccess, LSAPR_HANDLE *TrustedDomainHandle) { - /* FIXME: We are not running an AD yet */ - return STATUS_OBJECT_NAME_NOT_FOUND; + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; } @@ -3989,8 +4029,12 @@ LsarCreateTrustedDomainEx2( ACCESS_MASK DesiredAccess, LSAPR_HANDLE *TrustedDomainHandle) { - /* FIXME: We are not running an AD yet */ - return STATUS_DIRECTORY_SERVICE_REQUIRED; + /* Fail, if we are not a domain controller */ + if (LsapProductType != NtProductLanManNt) + return STATUS_DIRECTORY_SERVICE_REQUIRED; + + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; } diff --git a/dll/win32/lsasrv/lsasrv.c b/dll/win32/lsasrv/lsasrv.c index b92e0e6ff9..7b09751fdc 100644 --- a/dll/win32/lsasrv/lsasrv.c +++ b/dll/win32/lsasrv/lsasrv.c @@ -10,6 +10,8 @@ #include "lsasrv.h" +NT_PRODUCT_TYPE LsapProductType = NtProductWinNt; + /* FUNCTIONS ***************************************************************/ VOID @@ -268,13 +270,17 @@ LsaIFree_LSAPR_TRANSLATED_SIDS( } -NTSTATUS WINAPI +NTSTATUS +WINAPI LsapInitLsa(VOID) { NTSTATUS Status; BOOLEAN PrivilegeEnabled; - TRACE("LsapInitLsa() called\n"); + TRACE("LsapInitLsa()\n"); + + /* Get the product type */ + RtlGetNtProductType(&LsapProductType); /* Initialize the well known SIDs */ LsapInitSids(); diff --git a/dll/win32/lsasrv/lsasrv.h b/dll/win32/lsasrv/lsasrv.h index 174a8fb6f4..62c7fdd236 100644 --- a/dll/win32/lsasrv/lsasrv.h +++ b/dll/win32/lsasrv/lsasrv.h @@ -28,6 +28,7 @@ #include <ndk/obfuncs.h> #include <ndk/psfuncs.h> #include <ndk/rtlfuncs.h> +#include <ndk/ketypes.h> #include <ndk/setypes.h> #include <ntsam.h> @@ -85,6 +86,8 @@ typedef struct _SAMPR_ULONG_ARRAY unsigned long *Element; } SAMPR_ULONG_ARRAY, *PSAMPR_ULONG_ARRAY; +extern NT_PRODUCT_TYPE LsapProductType; + extern SID_IDENTIFIER_AUTHORITY NullSidAuthority; extern SID_IDENTIFIER_AUTHORITY WorldSidAuthority; extern SID_IDENTIFIER_AUTHORITY LocalSidAuthority;
