2167 lines
62 KiB
C
2167 lines
62 KiB
C
/*++
|
||
|
||
Copyright (c) 1992 Microsoft Corporation
|
||
|
||
Module Name:
|
||
|
||
alias.c
|
||
|
||
Abstract:
|
||
|
||
NetLocalGroup API functions
|
||
|
||
Author:
|
||
|
||
Cliff Van Dyke (cliffv) 05-Mar-1991 Original group.c
|
||
Rita Wong (ritaw) 27-Nov-1992 Adapted for alias.c
|
||
|
||
Environment:
|
||
|
||
User mode only.
|
||
Contains NT-specific code.
|
||
Requires ANSI C extensions: slash-slash comments, long external names.
|
||
|
||
Revision History:
|
||
|
||
--*/
|
||
|
||
#include <nt.h>
|
||
#include <ntrtl.h>
|
||
#include <nturtl.h>
|
||
#undef DOMAIN_ALL_ACCESS // defined in both ntsam.h and ntwinapi.h
|
||
#include <ntsam.h>
|
||
#include <ntlsa.h>
|
||
|
||
#include <windef.h>
|
||
#include <winbase.h>
|
||
#include <lmcons.h>
|
||
|
||
#include <access.h>
|
||
#include <align.h>
|
||
#include <lmapibuf.h>
|
||
#include <lmaccess.h>
|
||
#include <lmerr.h>
|
||
#include <netdebug.h>
|
||
#include <netlib.h>
|
||
#include <netlibnt.h>
|
||
#include <rpcutil.h>
|
||
#include <rxgroup.h>
|
||
#include <prefix.h>
|
||
#include <stddef.h>
|
||
#include <uasp.h>
|
||
#include <stdlib.h>
|
||
|
||
/*lint -e614 */ /* Auto aggregate initializers need not be constant */
|
||
|
||
// Lint complains about casts of one structure type to another.
|
||
// That is done frequently in the code below.
|
||
/*lint -e740 */ /* don't complain about unusual cast */ \
|
||
|
||
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupAdd(
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN DWORD Level,
|
||
IN LPBYTE Buffer,
|
||
OUT LPDWORD ParmError OPTIONAL // Name required by NetpSetParmError
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Create a local group (alias) account in the user account database.
|
||
This local group is created in the account domain.
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
Level - Level of information provided. Must be 0, or 1.
|
||
|
||
Buffer - A pointer to the buffer containing the group information
|
||
structure.
|
||
|
||
ParmError - Optional pointer to a DWORD to return the index of the
|
||
first parameter in error when ERROR_INVALID_PARAMETER is returned.
|
||
If NULL, the parameter is not returned on error.
|
||
|
||
Return Value:
|
||
|
||
Error code for the operation.
|
||
|
||
--*/
|
||
|
||
{
|
||
NET_API_STATUS NetStatus;
|
||
NTSTATUS Status;
|
||
|
||
LPWSTR AliasName;
|
||
UNICODE_STRING AliasNameString;
|
||
LPWSTR AliasComment;
|
||
SAM_HANDLE SamServerHandle = NULL;
|
||
SAM_HANDLE DomainHandle = NULL;
|
||
SAM_HANDLE AliasHandle = NULL;
|
||
ULONG RelativeId;
|
||
|
||
|
||
//
|
||
// Initialize
|
||
//
|
||
|
||
NetpSetParmError( PARM_ERROR_NONE );
|
||
|
||
//
|
||
// Validate Level parameter and fields of structures.
|
||
//
|
||
|
||
switch (Level) {
|
||
case 0:
|
||
AliasName = ((PLOCALGROUP_INFO_0) Buffer)->lgrpi0_name;
|
||
AliasComment = NULL;
|
||
break;
|
||
|
||
case 1:
|
||
AliasName = ((PLOCALGROUP_INFO_1) Buffer)->lgrpi1_name;
|
||
AliasComment = ((PLOCALGROUP_INFO_1) Buffer)->lgrpi1_comment;
|
||
break;
|
||
|
||
default:
|
||
return ERROR_INVALID_LEVEL;
|
||
}
|
||
|
||
//
|
||
// Connect to the SAM server
|
||
//
|
||
|
||
NetStatus = UaspOpenSam( ServerName,
|
||
FALSE, // Don't try null session
|
||
&SamServerHandle );
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupAdd: Cannot UaspOpenSam %ld\n", NetStatus ));
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Make sure that the alias does not already exist in the builtin
|
||
// domain.
|
||
//
|
||
|
||
NetStatus = AliaspOpenAliasInDomain( SamServerHandle,
|
||
AliaspBuiltinDomain,
|
||
ALIAS_READ_INFORMATION,
|
||
AliasName,
|
||
&AliasHandle );
|
||
|
||
if ( NetStatus == NERR_Success ) {
|
||
|
||
//
|
||
// We found it in builtin domain. Cannot create same one in
|
||
// account domain.
|
||
//
|
||
(VOID) SamCloseHandle( AliasHandle );
|
||
NetStatus = ERROR_ALIAS_EXISTS;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Open the Domain asking for DOMAIN_CREATE_ALIAS access.
|
||
//
|
||
NetStatus = UaspOpenDomain( SamServerHandle,
|
||
DOMAIN_CREATE_ALIAS | DOMAIN_LOOKUP,
|
||
TRUE, // Account Domain
|
||
&DomainHandle,
|
||
NULL); // DomainId
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupAdd: Cannot UaspOpenDomain %ld\n", NetStatus ));
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
|
||
//
|
||
// Create the LocalGroup with the specified group name
|
||
// (and a default security descriptor).
|
||
//
|
||
RtlInitUnicodeString( &AliasNameString, AliasName );
|
||
|
||
Status = SamCreateAliasInDomain( DomainHandle,
|
||
&AliasNameString,
|
||
DELETE | ALIAS_WRITE_ACCOUNT,
|
||
&AliasHandle,
|
||
&RelativeId );
|
||
|
||
|
||
if ( !NT_SUCCESS(Status) ) {
|
||
NetStatus = NetpNtStatusToApiStatus( Status );
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Set the Admin Comment on the group.
|
||
//
|
||
if (Level == 1) {
|
||
|
||
ALIAS_ADM_COMMENT_INFORMATION AdminComment;
|
||
|
||
|
||
RtlInitUnicodeString( &AdminComment.AdminComment, AliasComment );
|
||
|
||
Status = SamSetInformationAlias( AliasHandle,
|
||
AliasAdminCommentInformation,
|
||
&AdminComment );
|
||
|
||
if ( !NT_SUCCESS(Status) ) {
|
||
NetStatus = NetpNtStatusToApiStatus( Status );
|
||
|
||
Status = SamDeleteAlias( AliasHandle );
|
||
|
||
goto Cleanup;
|
||
}
|
||
|
||
}
|
||
|
||
//
|
||
// Close the created alias.
|
||
//
|
||
(VOID) SamCloseHandle( AliasHandle );
|
||
NetStatus = NERR_Success;
|
||
|
||
//
|
||
// Clean up
|
||
//
|
||
|
||
Cleanup:
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupAdd: returns %lu\n", NetStatus ));
|
||
}
|
||
UaspCloseDomain( DomainHandle );
|
||
if ( SamServerHandle != NULL ) {
|
||
(VOID) SamCloseHandle( SamServerHandle );
|
||
}
|
||
return NetStatus;
|
||
|
||
} // NetLocalGroupAdd
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupAddMember(
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN LPCWSTR LocalGroupName,
|
||
IN PSID MemberSid
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Give an existing user or global group account membership in an existing
|
||
local group.
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
LocalGroupName - Name of the local group to which the user or global
|
||
group is to be given membership.
|
||
|
||
MemberName - SID of the user or global group to be given local group
|
||
membership.
|
||
|
||
Return Value:
|
||
|
||
Error code for the operation.
|
||
|
||
--*/
|
||
|
||
{
|
||
NET_API_STATUS NetStatus;
|
||
|
||
|
||
//
|
||
// Call the routine shared by NetLocalGroupAddMember and
|
||
// NetLocalGroupDelMember
|
||
//
|
||
|
||
NetStatus = AliaspChangeMember( ServerName, LocalGroupName, MemberSid, TRUE);
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( PREFIX_NETAPI
|
||
"NetLocalGroupAddMember: returns %lu\n", NetStatus ));
|
||
}
|
||
|
||
return NetStatus;
|
||
|
||
} // NetLocalGroupAddMember
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupDel(
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN LPCWSTR LocalGroupName
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Delete a localgroup (alias).
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
LocalGroupName - Name of the local group (alias) to delete.
|
||
|
||
Return Value:
|
||
|
||
Error code for the operation.
|
||
|
||
--*/
|
||
|
||
{
|
||
NET_API_STATUS NetStatus;
|
||
NTSTATUS Status;
|
||
SAM_HANDLE SamServerHandle = NULL;
|
||
SAM_HANDLE AliasHandle = NULL;
|
||
|
||
//
|
||
// Connect to the SAM server
|
||
//
|
||
|
||
NetStatus = UaspOpenSam( ServerName,
|
||
FALSE, // Don't try null session
|
||
&SamServerHandle );
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupDel: Cannot UaspOpenSam %ld\n", NetStatus ));
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
|
||
//
|
||
// Look for the specified alias in either the builtin or account
|
||
// domain.
|
||
//
|
||
NetStatus = AliaspOpenAliasInDomain(
|
||
SamServerHandle,
|
||
AliaspBuiltinOrAccountDomain,
|
||
DELETE,
|
||
LocalGroupName,
|
||
&AliasHandle );
|
||
|
||
if (NetStatus != NERR_Success) {
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Delete it.
|
||
//
|
||
Status = SamDeleteAlias(AliasHandle);
|
||
|
||
if (! NT_SUCCESS(Status)) {
|
||
NetpKdPrint((PREFIX_NETAPI
|
||
"NetLocalGroupDel: SamDeleteAlias returns %lX\n",
|
||
Status));
|
||
|
||
NetStatus = NetpNtStatusToApiStatus(Status);
|
||
AliasHandle = NULL;
|
||
goto Cleanup;
|
||
} else {
|
||
//
|
||
// Don't touch the handle once it has been deleted
|
||
//
|
||
AliasHandle = NULL;
|
||
}
|
||
|
||
|
||
NetStatus = NERR_Success;
|
||
|
||
Cleanup:
|
||
if ( AliasHandle != NULL ) {
|
||
(void) SamCloseHandle(AliasHandle);
|
||
}
|
||
|
||
if ( SamServerHandle != NULL ) {
|
||
(VOID) SamCloseHandle( SamServerHandle );
|
||
}
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupDel: returns %lu\n", NetStatus ));
|
||
}
|
||
|
||
return NetStatus;
|
||
|
||
} // NetLocalGroupDel
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupDelMember(
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN LPCWSTR LocalGroupName,
|
||
IN PSID MemberSid
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Remove a user from a particular local group.
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
LocalGroupName - Name of the local group (alias) from which the
|
||
user is to be removed.
|
||
|
||
MemberSid - SID of the user to be removed from the alias.
|
||
|
||
Return Value:
|
||
|
||
Error code for the operation.
|
||
|
||
--*/
|
||
|
||
{
|
||
//
|
||
// Call the routine shared by NetAliasAddMember and NetAliasDelMember
|
||
//
|
||
|
||
return AliaspChangeMember( ServerName, LocalGroupName, MemberSid, FALSE );
|
||
|
||
} // NetLocalGroupDelMember
|
||
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupEnum(
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN DWORD Level,
|
||
OUT LPBYTE *Buffer,
|
||
IN DWORD PrefMaxLen,
|
||
OUT LPDWORD EntriesRead,
|
||
OUT LPDWORD EntriesLeft,
|
||
IN OUT PDWORD_PTR ResumeHandle OPTIONAL
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Retrieve information about each local group on a server.
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
Level - Level of information required. 0, 1 and 2 are valid.
|
||
|
||
Buffer - Returns a pointer to the return information structure.
|
||
Caller must deallocate buffer using NetApiBufferFree.
|
||
|
||
PrefMaxLen - Prefered maximum length of returned data.
|
||
|
||
EntriesRead - Returns the actual enumerated element count.
|
||
|
||
EntriesLeft - Returns the total entries available to be enumerated.
|
||
|
||
ResumeHandle - Used to continue an existing search. The handle should
|
||
be zero on the first call and left unchanged for subsequent calls.
|
||
|
||
Return Value:
|
||
|
||
Error code for the operation.
|
||
|
||
--*/
|
||
|
||
{
|
||
NET_API_STATUS NetStatus;
|
||
NTSTATUS Status;
|
||
|
||
PSAM_RID_ENUMERATION SamEnum; // Sam returned buffer
|
||
PLOCALGROUP_INFO_0 lgrpi0;
|
||
PLOCALGROUP_INFO_0 lgrpi0_temp = NULL;
|
||
SAM_HANDLE SamServerHandle = NULL;
|
||
|
||
BUFFER_DESCRIPTOR BufferDescriptor;
|
||
PDOMAIN_GENERAL_INFORMATION DomainGeneral;
|
||
|
||
//
|
||
// Declare Opaque group enumeration handle.
|
||
//
|
||
|
||
struct _UAS_ENUM_HANDLE {
|
||
SAM_HANDLE DomainHandleBuiltin; // Enumerate built in domain first
|
||
SAM_HANDLE DomainHandleAccounts; // Aliases in the accounts domain
|
||
SAM_HANDLE DomainHandleCurrent; // where to get info from
|
||
|
||
SAM_ENUMERATE_HANDLE SamEnumHandle; // Current Sam Enum Handle
|
||
PSAM_RID_ENUMERATION SamEnum; // Sam returned buffer
|
||
ULONG Index; // Index to current entry
|
||
ULONG Count; // Total Number of entries
|
||
ULONG TotalRemaining;
|
||
|
||
BOOL SamDoneWithBuiltin ; // Set to TRUE after all of
|
||
// builtin domain is enumerated
|
||
BOOL SamAllDone; // True if both the accounts
|
||
// and builtin have been
|
||
// enumerated
|
||
|
||
} *UasEnumHandle = NULL;
|
||
|
||
|
||
//
|
||
// If this is a resume, get the resume handle that the caller passed in.
|
||
//
|
||
|
||
BufferDescriptor.Buffer = NULL;
|
||
*EntriesRead = 0;
|
||
*EntriesLeft = 0;
|
||
*Buffer = NULL;
|
||
|
||
if ( ARGUMENT_PRESENT( ResumeHandle ) && *ResumeHandle != 0 ) {
|
||
/*lint -e511 */ /* Size incompatibility */
|
||
UasEnumHandle = (struct _UAS_ENUM_HANDLE *) *ResumeHandle;
|
||
/*lint +e511 */ /* Size incompatibility */
|
||
|
||
//
|
||
// If this is not a resume, allocate and initialize a resume handle.
|
||
//
|
||
|
||
} else {
|
||
|
||
//
|
||
// Allocate a resume handle.
|
||
//
|
||
|
||
UasEnumHandle = NetpMemoryAllocate( sizeof(struct _UAS_ENUM_HANDLE) );
|
||
|
||
if ( UasEnumHandle == NULL ) {
|
||
NetStatus = ERROR_NOT_ENOUGH_MEMORY;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Initialize all the fields in the newly allocated resume handle
|
||
// to indicate that SAM has never yet been called.
|
||
//
|
||
UasEnumHandle->DomainHandleAccounts = NULL;
|
||
UasEnumHandle->DomainHandleBuiltin = NULL;
|
||
UasEnumHandle->DomainHandleCurrent = NULL;
|
||
UasEnumHandle->SamEnumHandle = 0;
|
||
UasEnumHandle->SamEnum = NULL;
|
||
UasEnumHandle->Index = 0;
|
||
UasEnumHandle->Count = 0;
|
||
UasEnumHandle->TotalRemaining = 0;
|
||
UasEnumHandle->SamDoneWithBuiltin = FALSE;
|
||
UasEnumHandle->SamAllDone = FALSE;
|
||
|
||
//
|
||
// Connect to the SAM server
|
||
//
|
||
|
||
NetStatus = UaspOpenSam( ServerName,
|
||
FALSE, // Don't try null session
|
||
&SamServerHandle );
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupEnum: Cannot UaspOpenSam %ld\n", NetStatus ));
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Open the Domains.
|
||
//
|
||
|
||
NetStatus = UaspOpenDomain( SamServerHandle,
|
||
DOMAIN_LOOKUP |
|
||
DOMAIN_LIST_ACCOUNTS |
|
||
DOMAIN_READ_OTHER_PARAMETERS,
|
||
FALSE, // Builtin Domain
|
||
&UasEnumHandle->DomainHandleBuiltin,
|
||
NULL );
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
goto Cleanup;
|
||
}
|
||
|
||
NetStatus = UaspOpenDomain( SamServerHandle,
|
||
DOMAIN_LOOKUP |
|
||
DOMAIN_LIST_ACCOUNTS |
|
||
DOMAIN_READ_OTHER_PARAMETERS,
|
||
TRUE, // Account Domain
|
||
&UasEnumHandle->DomainHandleAccounts,
|
||
NULL );
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Get the total number of aliases from SAM
|
||
//
|
||
Status = SamQueryInformationDomain( UasEnumHandle->DomainHandleBuiltin,
|
||
DomainGeneralInformation,
|
||
(PVOID *)&DomainGeneral );
|
||
|
||
if ( !NT_SUCCESS(Status) ) {
|
||
NetStatus = NetpNtStatusToApiStatus( Status );
|
||
goto Cleanup;
|
||
}
|
||
|
||
UasEnumHandle->TotalRemaining = DomainGeneral->AliasCount;
|
||
(void) SamFreeMemory( DomainGeneral );
|
||
|
||
Status = SamQueryInformationDomain( UasEnumHandle->DomainHandleAccounts,
|
||
DomainGeneralInformation,
|
||
(PVOID *)&DomainGeneral );
|
||
|
||
if ( !NT_SUCCESS(Status) ) {
|
||
NetStatus = NetpNtStatusToApiStatus( Status );
|
||
goto Cleanup;
|
||
}
|
||
|
||
UasEnumHandle->TotalRemaining += DomainGeneral->AliasCount;
|
||
(void) SamFreeMemory( DomainGeneral );
|
||
}
|
||
|
||
|
||
//
|
||
// Loop for each alias
|
||
//
|
||
// Each iteration of the loop below puts one more entry into the array
|
||
// returned to the caller. The algorithm is split into 3 parts. The
|
||
// first part checks to see if we need to retrieve more information from
|
||
// SAM. We then get the description of several aliases from SAM in a single
|
||
// call. The second part sees if there is room for this entry in the
|
||
// buffer we'll return to the caller. If not, a larger buffer is allocated
|
||
// for return to the caller. The third part puts the entry in the
|
||
// buffer.
|
||
//
|
||
|
||
for ( ;; ) {
|
||
DWORD FixedSize;
|
||
DWORD Size;
|
||
|
||
//
|
||
// Get more alias information from SAM
|
||
//
|
||
// Handle when we've already consumed all of the information
|
||
// returned on a previous call to SAM. This is a 'while' rather
|
||
// than an if to handle the case where SAM returns zero entries.
|
||
//
|
||
|
||
while ( UasEnumHandle->Index >= UasEnumHandle->Count ) {
|
||
|
||
//
|
||
// If we've already gotten everything from SAM,
|
||
// return all done status to our caller.
|
||
//
|
||
|
||
if ( UasEnumHandle->SamAllDone ) {
|
||
NetStatus = NERR_Success;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Free any previous buffer returned from SAM.
|
||
//
|
||
|
||
if ( UasEnumHandle->SamEnum != NULL ) {
|
||
Status = SamFreeMemory( UasEnumHandle->SamEnum );
|
||
NetpAssert( NT_SUCCESS(Status) );
|
||
|
||
UasEnumHandle->SamEnum = NULL;
|
||
}
|
||
|
||
//
|
||
// Do the actual enumeration
|
||
//
|
||
|
||
UasEnumHandle->DomainHandleCurrent =
|
||
UasEnumHandle->SamDoneWithBuiltin ?
|
||
UasEnumHandle->DomainHandleAccounts :
|
||
UasEnumHandle->DomainHandleBuiltin,
|
||
Status = SamEnumerateAliasesInDomain(
|
||
UasEnumHandle->DomainHandleCurrent,
|
||
&UasEnumHandle->SamEnumHandle,
|
||
(PVOID *)&UasEnumHandle->SamEnum,
|
||
PrefMaxLen,
|
||
&UasEnumHandle->Count );
|
||
|
||
if ( !NT_SUCCESS( Status ) ) {
|
||
NetStatus = NetpNtStatusToApiStatus( Status );
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Adjust TotalRemaining as we get better information
|
||
//
|
||
|
||
if (UasEnumHandle->TotalRemaining < UasEnumHandle->Count) {
|
||
UasEnumHandle->TotalRemaining = UasEnumHandle->Count;
|
||
}
|
||
|
||
//
|
||
// If SAM says there is more information, just ensure he returned
|
||
// something to us on this call.
|
||
//
|
||
|
||
if ( Status == STATUS_MORE_ENTRIES ) {
|
||
if ( UasEnumHandle->Count == 0 ) {
|
||
NetStatus = NERR_BufTooSmall;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// If SAM says he's returned all of the information for this domain,
|
||
// check if we still have to do the accounts domain.
|
||
//
|
||
|
||
} else {
|
||
|
||
if ( UasEnumHandle->SamDoneWithBuiltin ) {
|
||
|
||
UasEnumHandle->SamAllDone = TRUE;
|
||
|
||
} else {
|
||
|
||
UasEnumHandle->SamDoneWithBuiltin = TRUE ;
|
||
UasEnumHandle->SamEnumHandle = 0;
|
||
}
|
||
}
|
||
|
||
UasEnumHandle->Index = 0;
|
||
}
|
||
|
||
//
|
||
// ASSERT: UasEnumHandle identifies the next entry to return
|
||
// from SAM.
|
||
//
|
||
|
||
SamEnum = &UasEnumHandle->SamEnum[UasEnumHandle->Index];
|
||
|
||
|
||
//
|
||
// Place this entry into the return buffer.
|
||
//
|
||
// Determine the size of the data passed back to the caller
|
||
//
|
||
|
||
switch (Level) {
|
||
case 0:
|
||
FixedSize = sizeof(LOCALGROUP_INFO_0);
|
||
Size = sizeof(LOCALGROUP_INFO_0) +
|
||
SamEnum->Name.Length + sizeof(WCHAR);
|
||
break;
|
||
|
||
case 1:
|
||
{
|
||
SAM_HANDLE AliasHandle ;
|
||
NetStatus = AliaspOpenAlias2(
|
||
UasEnumHandle->DomainHandleCurrent,
|
||
ALIAS_READ_INFORMATION,
|
||
SamEnum->RelativeId,
|
||
&AliasHandle ) ;
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
goto Cleanup;
|
||
}
|
||
|
||
NetStatus = AliaspGetInfo( AliasHandle,
|
||
Level,
|
||
(PVOID *)&lgrpi0_temp);
|
||
|
||
(void) SamCloseHandle( AliasHandle ) ;
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
goto Cleanup;
|
||
}
|
||
|
||
FixedSize = sizeof(LOCALGROUP_INFO_1);
|
||
Size = sizeof(LOCALGROUP_INFO_1) +
|
||
SamEnum->Name.Length + sizeof(WCHAR) +
|
||
(wcslen(((PLOCALGROUP_INFO_1)lgrpi0_temp)->lgrpi1_comment) +
|
||
1) * sizeof(WCHAR);
|
||
}
|
||
break;
|
||
|
||
default:
|
||
NetStatus = ERROR_INVALID_LEVEL;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Ensure there is buffer space for this information.
|
||
//
|
||
|
||
Size = ROUND_UP_COUNT( Size, ALIGN_WCHAR );
|
||
|
||
NetStatus = NetpAllocateEnumBuffer(
|
||
&BufferDescriptor,
|
||
FALSE, // Not a 'get' operation
|
||
PrefMaxLen,
|
||
Size,
|
||
AliaspRelocationRoutine,
|
||
Level );
|
||
|
||
if (NetStatus != NERR_Success) {
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Fill in the information. The array of fixed entries is
|
||
// placed at the beginning of the allocated buffer. The strings
|
||
// pointed to by these fixed entries are allocated starting at
|
||
// the end of the allocate buffer.
|
||
//
|
||
|
||
//
|
||
// Copy the common group name
|
||
//
|
||
|
||
NetpAssert( offsetof( LOCALGROUP_INFO_0, lgrpi0_name ) ==
|
||
offsetof( LOCALGROUP_INFO_1, lgrpi1_name ) );
|
||
|
||
lgrpi0 = (PLOCALGROUP_INFO_0)(BufferDescriptor.FixedDataEnd);
|
||
BufferDescriptor.FixedDataEnd += FixedSize;
|
||
|
||
//
|
||
// Fill in the Level dependent fields
|
||
//
|
||
|
||
switch ( Level ) {
|
||
|
||
case 1:
|
||
if ( !NetpCopyStringToBuffer(
|
||
((PLOCALGROUP_INFO_1)lgrpi0_temp)->lgrpi1_comment,
|
||
wcslen(((PLOCALGROUP_INFO_1)lgrpi0_temp)->lgrpi1_comment),
|
||
BufferDescriptor.FixedDataEnd,
|
||
(LPWSTR *)&BufferDescriptor.EndOfVariableData,
|
||
&((PLOCALGROUP_INFO_1)lgrpi0)->lgrpi1_comment) ) {
|
||
|
||
NetStatus = NERR_InternalError;
|
||
goto Cleanup;
|
||
}
|
||
|
||
MIDL_user_free( lgrpi0_temp );
|
||
lgrpi0_temp = NULL;
|
||
|
||
/* FALL THROUGH FOR THE NAME FIELD */
|
||
|
||
case 0:
|
||
|
||
if ( !NetpCopyStringToBuffer(
|
||
SamEnum->Name.Buffer,
|
||
SamEnum->Name.Length/sizeof(WCHAR),
|
||
BufferDescriptor.FixedDataEnd,
|
||
(LPWSTR *)&BufferDescriptor.EndOfVariableData,
|
||
&(lgrpi0->lgrpi0_name))){
|
||
|
||
NetStatus = NERR_InternalError;
|
||
goto Cleanup;
|
||
}
|
||
|
||
break;
|
||
|
||
|
||
default:
|
||
NetStatus = ERROR_INVALID_LEVEL;
|
||
goto Cleanup;
|
||
|
||
}
|
||
|
||
//
|
||
// ASSERT: The current entry has been completely copied to the
|
||
// return buffer.
|
||
//
|
||
|
||
(*EntriesRead)++;
|
||
|
||
UasEnumHandle->Index ++;
|
||
UasEnumHandle->TotalRemaining --;
|
||
}
|
||
|
||
//
|
||
// Clean up.
|
||
//
|
||
|
||
Cleanup:
|
||
if ( SamServerHandle != NULL ) {
|
||
(VOID) SamCloseHandle( SamServerHandle );
|
||
}
|
||
|
||
//
|
||
// Free any locally used resources.
|
||
//
|
||
|
||
if ( lgrpi0_temp != NULL ) {
|
||
MIDL_user_free( lgrpi0_temp );
|
||
}
|
||
|
||
//
|
||
// Set EntriesLeft to the number left to return plus those that
|
||
// we returned on this call.
|
||
//
|
||
|
||
if ( UasEnumHandle != NULL ) {
|
||
*EntriesLeft = UasEnumHandle->TotalRemaining + *EntriesRead;
|
||
}
|
||
|
||
//
|
||
// If we're done or the caller doesn't want an enumeration handle,
|
||
// free the enumeration handle.
|
||
//
|
||
|
||
if ( NetStatus != ERROR_MORE_DATA || !ARGUMENT_PRESENT( ResumeHandle ) ) {
|
||
|
||
if ( UasEnumHandle != NULL ) {
|
||
if ( UasEnumHandle->DomainHandleAccounts != NULL ) {
|
||
UaspCloseDomain( UasEnumHandle->DomainHandleAccounts );
|
||
}
|
||
|
||
if ( UasEnumHandle->DomainHandleBuiltin != NULL ) {
|
||
UaspCloseDomain( UasEnumHandle->DomainHandleBuiltin );
|
||
}
|
||
|
||
if ( UasEnumHandle->SamEnum != NULL ) {
|
||
Status = SamFreeMemory( UasEnumHandle->SamEnum );
|
||
NetpAssert( NT_SUCCESS(Status) );
|
||
}
|
||
|
||
NetpMemoryFree( UasEnumHandle );
|
||
UasEnumHandle = NULL;
|
||
}
|
||
|
||
}
|
||
|
||
//
|
||
// If we're not returning data to the caller,
|
||
// free the return buffer.
|
||
//
|
||
|
||
if ( NetStatus != ERROR_MORE_DATA && NetStatus != NERR_Success ) {
|
||
if ( BufferDescriptor.Buffer != NULL ) {
|
||
MIDL_user_free( BufferDescriptor.Buffer );
|
||
BufferDescriptor.Buffer = NULL;
|
||
}
|
||
*EntriesRead = 0;
|
||
*EntriesLeft = 0;
|
||
}
|
||
|
||
//
|
||
// Set the output parameters
|
||
//
|
||
|
||
*Buffer = BufferDescriptor.Buffer;
|
||
if ( ARGUMENT_PRESENT( ResumeHandle ) ) {
|
||
*ResumeHandle = (DWORD_PTR) UasEnumHandle;
|
||
}
|
||
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupEnum: returns %ld\n", NetStatus ));
|
||
}
|
||
|
||
return NetStatus;
|
||
}
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupGetInfo(
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN LPCWSTR LocalGroupName,
|
||
IN DWORD Level,
|
||
OUT LPBYTE *Buffer
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Retrieve information about a particular local group (alias).
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
LocalGroupName - Name of the group to get information about.
|
||
|
||
Level - Level of information required. 0, 1 and 2 are valid.
|
||
|
||
Buffer - Returns a pointer to the return information structure.
|
||
Caller must deallocate buffer using NetApiBufferFree.
|
||
|
||
Return Value:
|
||
|
||
Error code for the operation.
|
||
|
||
--*/
|
||
|
||
{
|
||
NET_API_STATUS NetStatus;
|
||
SAM_HANDLE SamServerHandle = NULL;
|
||
SAM_HANDLE AliasHandle = NULL;
|
||
|
||
//
|
||
// Connect to the SAM server
|
||
//
|
||
|
||
NetStatus = UaspOpenSam( ServerName,
|
||
FALSE, // Don't try null session
|
||
&SamServerHandle );
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupGetInfo: Cannot UaspOpenSam %ld\n", NetStatus ));
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
|
||
//
|
||
// Look for the specified alias in either the builtin or account
|
||
// domain.
|
||
//
|
||
NetStatus = AliaspOpenAliasInDomain(
|
||
SamServerHandle,
|
||
AliaspBuiltinOrAccountDomain,
|
||
ALIAS_READ_INFORMATION,
|
||
LocalGroupName,
|
||
&AliasHandle );
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Get the information about the alias.
|
||
//
|
||
NetStatus = AliaspGetInfo( AliasHandle,
|
||
Level,
|
||
(PVOID *)Buffer);
|
||
|
||
|
||
Cleanup:
|
||
if ( AliasHandle != NULL ) {
|
||
(void) SamCloseHandle( AliasHandle );
|
||
}
|
||
|
||
if ( SamServerHandle != NULL ) {
|
||
(VOID) SamCloseHandle( SamServerHandle );
|
||
}
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupGetInfo: returns %lu\n", NetStatus ));
|
||
}
|
||
|
||
return NetStatus;
|
||
|
||
} // NetLocalGroupGetInfo
|
||
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupGetMembers(
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN LPCWSTR LocalGroupName,
|
||
IN DWORD Level,
|
||
OUT LPBYTE *Buffer,
|
||
IN DWORD PrefMaxLen,
|
||
OUT LPDWORD EntriesRead,
|
||
OUT LPDWORD EntriesLeft,
|
||
IN OUT PDWORD_PTR ResumeHandle
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Enumerate the users which are members of a particular group.
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
LocalGroupName - The name of the local group whose members are to be listed.
|
||
|
||
Level - Level of information required. 0 and 1 are valid.
|
||
|
||
Buffer - Returns a pointer to the return information structure.
|
||
Caller must deallocate buffer using NetApiBufferFree.
|
||
|
||
PrefMaxLen - Prefered maximum length of returned data.
|
||
|
||
EntriesRead - Returns the actual enumerated element count.
|
||
|
||
EntriesLeft - Returns the total entries available to be enumerated.
|
||
|
||
ResumeHandle - Used to continue an existing search. The handle should
|
||
be zero on the first call and left unchanged for subsequent calls.
|
||
|
||
Return Value:
|
||
|
||
Error code for the operation.
|
||
|
||
--*/
|
||
{
|
||
NET_API_STATUS NetStatus;
|
||
NTSTATUS Status;
|
||
|
||
DWORD FixedSize; // The fixed size of each new entry.
|
||
DWORD Size;
|
||
BUFFER_DESCRIPTOR BufferDescriptor;
|
||
SAM_HANDLE SamServerHandle = NULL;
|
||
|
||
PLOCALGROUP_MEMBERS_INFO_0 lgrmi0;
|
||
LPWSTR MemberName;
|
||
|
||
//
|
||
// Declare Opaque group member enumeration handle.
|
||
//
|
||
|
||
struct _UAS_ENUM_HANDLE {
|
||
LSA_HANDLE LsaHandle ; // For looking up the Sids
|
||
SAM_HANDLE AliasHandle;
|
||
|
||
PSID * MemberSids ; // Sid for each member
|
||
PLSA_TRANSLATED_NAME Names; // Names of each member
|
||
PLSA_REFERENCED_DOMAIN_LIST RefDomains; // Domains of each member
|
||
|
||
ULONG Index; // Index to current entry
|
||
ULONG Count; // Total Number of entries
|
||
|
||
} *UasEnumHandle = NULL;
|
||
|
||
|
||
//
|
||
// Validate Parameters
|
||
//
|
||
|
||
BufferDescriptor.Buffer = NULL;
|
||
*Buffer = NULL;
|
||
*EntriesRead = 0;
|
||
*EntriesLeft = 0;
|
||
switch (Level) {
|
||
case 0:
|
||
FixedSize = sizeof(LOCALGROUP_MEMBERS_INFO_0);
|
||
break;
|
||
|
||
case 1:
|
||
FixedSize = sizeof(LOCALGROUP_MEMBERS_INFO_1);
|
||
break;
|
||
|
||
case 2:
|
||
FixedSize = sizeof(LOCALGROUP_MEMBERS_INFO_2);
|
||
break;
|
||
|
||
case 3:
|
||
FixedSize = sizeof(LOCALGROUP_MEMBERS_INFO_3);
|
||
break;
|
||
|
||
default:
|
||
NetStatus = ERROR_INVALID_LEVEL;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// If this is a resume, get the resume handle that the caller passed in.
|
||
//
|
||
|
||
if ( ARGUMENT_PRESENT( ResumeHandle ) && *ResumeHandle != 0 ) {
|
||
/*lint -e511 */ /* Size incompatibility */
|
||
UasEnumHandle = (struct _UAS_ENUM_HANDLE *) *ResumeHandle;
|
||
/*lint +e511 */ /* Size incompatibility */
|
||
|
||
//
|
||
// If this is not a resume, allocate and initialize a resume handle.
|
||
//
|
||
|
||
} else {
|
||
|
||
//
|
||
// Allocate a resume handle.
|
||
//
|
||
|
||
UasEnumHandle = NetpMemoryAllocate( sizeof(struct _UAS_ENUM_HANDLE) );
|
||
|
||
if ( UasEnumHandle == NULL ) {
|
||
NetStatus = ERROR_NOT_ENOUGH_MEMORY;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Initialize all the fields in the newly allocated resume handle
|
||
// to indicate that SAM has never yet been called.
|
||
//
|
||
|
||
UasEnumHandle->LsaHandle = NULL;
|
||
UasEnumHandle->AliasHandle= NULL;
|
||
|
||
UasEnumHandle->MemberSids = NULL;
|
||
UasEnumHandle->Names = NULL;
|
||
UasEnumHandle->RefDomains = NULL;
|
||
UasEnumHandle->Index = 0;
|
||
UasEnumHandle->Count = 0;
|
||
|
||
//
|
||
// Connect to the SAM server
|
||
//
|
||
|
||
NetStatus = UaspOpenSam( ServerName,
|
||
FALSE, // Don't try null session
|
||
&SamServerHandle );
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupGetMembers: Cannot UaspOpenSam %ld\n", NetStatus ));
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Open the Domain
|
||
//
|
||
|
||
NetStatus = AliaspOpenAliasInDomain(
|
||
SamServerHandle,
|
||
AliaspBuiltinOrAccountDomain,
|
||
ALIAS_READ | ALIAS_EXECUTE,
|
||
LocalGroupName,
|
||
&UasEnumHandle->AliasHandle );
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint((
|
||
"NetLocalGroupGetMembers: AliaspOpenAliasInDomain returns %ld\n",
|
||
NetStatus ));
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Get the group membership information from SAM
|
||
//
|
||
|
||
Status = SamGetMembersInAlias( UasEnumHandle->AliasHandle,
|
||
&UasEnumHandle->MemberSids,
|
||
&UasEnumHandle->Count );
|
||
|
||
if ( !NT_SUCCESS( Status ) ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint((
|
||
"NetLocalGroupGetMembers: SamGetMembersInAlias returned %lX\n",
|
||
Status ));
|
||
}
|
||
NetStatus = NetpNtStatusToApiStatus( Status );
|
||
goto Cleanup;
|
||
}
|
||
|
||
if ( UasEnumHandle->Count == 0 ) {
|
||
NetStatus = NERR_Success;
|
||
goto Cleanup;
|
||
}
|
||
|
||
if ( Level > 0 ) {
|
||
|
||
//
|
||
// Determine the names and name usage for all the returned SIDs
|
||
//
|
||
|
||
OBJECT_ATTRIBUTES ObjectAttributes ;
|
||
UNICODE_STRING ServerNameString ;
|
||
|
||
RtlInitUnicodeString( &ServerNameString, ServerName ) ;
|
||
InitializeObjectAttributes( &ObjectAttributes, NULL, 0, 0, NULL ) ;
|
||
|
||
Status = LsaOpenPolicy( &ServerNameString,
|
||
&ObjectAttributes,
|
||
POLICY_EXECUTE,
|
||
&UasEnumHandle->LsaHandle ) ;
|
||
|
||
if ( !NT_SUCCESS( Status ) ) {
|
||
|
||
NetStatus = NetpNtStatusToApiStatus( Status );
|
||
goto Cleanup;
|
||
}
|
||
|
||
Status = LsaLookupSids( UasEnumHandle->LsaHandle,
|
||
UasEnumHandle->Count,
|
||
UasEnumHandle->MemberSids,
|
||
&UasEnumHandle->RefDomains,
|
||
&UasEnumHandle->Names );
|
||
|
||
if ( !NT_SUCCESS( Status ) ) {
|
||
|
||
if( Status == STATUS_NONE_MAPPED ||
|
||
Status == STATUS_TRUSTED_RELATIONSHIP_FAILURE ||
|
||
Status == STATUS_TRUSTED_DOMAIN_FAILURE ||
|
||
Status == STATUS_DS_GC_NOT_AVAILABLE ) {
|
||
|
||
//
|
||
// LsaLookupSids may return any of these error codes in Win2K, and STATUS_NONE_MAPPED alone in newer
|
||
// versions of server side LsaLookupSids call. The function returns null in RefDomains and Names
|
||
// on these errors, but we still have to copy over the SIDs in MemberSids to the return Buffers.
|
||
// Ignore the status and fall through.
|
||
//
|
||
Status = STATUS_SUCCESS;
|
||
}
|
||
|
||
if ( !NT_SUCCESS( Status ) ) {
|
||
|
||
NetStatus = NetpNtStatusToApiStatus( Status );
|
||
goto Cleanup;
|
||
}
|
||
|
||
}
|
||
}
|
||
}
|
||
|
||
|
||
//
|
||
// Loop for each member
|
||
//
|
||
|
||
while ( UasEnumHandle->Index < UasEnumHandle->Count ) {
|
||
|
||
DWORD cbMemberSid;
|
||
PUNICODE_STRING DomainName, UserName;
|
||
UNICODE_STRING tempDomain, tempUser;
|
||
//
|
||
// ASSERT: UasEnumHandle identifies the next entry to return
|
||
//
|
||
|
||
#if 0
|
||
//
|
||
// Ignore members which aren't a user.
|
||
//
|
||
|
||
if ( UasEnumHandle->NameUse[UasEnumHandle->Index] != SidTypeUser ) {
|
||
continue;
|
||
}
|
||
#endif
|
||
//
|
||
// Place this entry into the return buffer.
|
||
// Compute the total size of this entry. Both info levels have the
|
||
// member's SID. Cache the member sid size for copying
|
||
//
|
||
|
||
cbMemberSid = RtlLengthSid( UasEnumHandle->MemberSids[UasEnumHandle->Index] ) ;
|
||
|
||
Size = FixedSize;
|
||
|
||
if( UasEnumHandle->Names == NULL || UasEnumHandle->RefDomains == NULL )
|
||
{
|
||
RtlInitUnicodeString( &tempDomain, L"" );
|
||
DomainName = &tempDomain;
|
||
|
||
RtlInitUnicodeString( &tempUser, L"" );
|
||
UserName = &tempUser;
|
||
}
|
||
else
|
||
{
|
||
//
|
||
// If the domain is unknown, set to the empty string.
|
||
//
|
||
if (UasEnumHandle->Names[UasEnumHandle->Index].DomainIndex == LSA_UNKNOWN_INDEX) {
|
||
RtlInitUnicodeString( &tempDomain, L"" );
|
||
DomainName = &tempDomain;
|
||
} else {
|
||
DomainName = &UasEnumHandle->RefDomains->Domains[UasEnumHandle->Names[UasEnumHandle->Index].DomainIndex].Name;
|
||
}
|
||
UserName = &UasEnumHandle->Names[UasEnumHandle->Index].Name;
|
||
}
|
||
switch ( Level )
|
||
{
|
||
case 0:
|
||
Size += cbMemberSid;
|
||
break ;
|
||
|
||
case 1:
|
||
Size += cbMemberSid +
|
||
UserName->Length +
|
||
sizeof( WCHAR );
|
||
break ;
|
||
|
||
case 2:
|
||
Size += cbMemberSid +
|
||
DomainName->Length + sizeof(WCHAR) +
|
||
UserName->Length +
|
||
sizeof( WCHAR );
|
||
break ;
|
||
|
||
case 3:
|
||
Size += DomainName->Length + sizeof(WCHAR) +
|
||
UserName->Length +
|
||
sizeof( WCHAR );
|
||
break ;
|
||
|
||
default:
|
||
NetStatus = ERROR_INVALID_LEVEL;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Ensure there is buffer space for this information.
|
||
//
|
||
|
||
Size = ROUND_UP_COUNT( Size, ALIGN_DWORD );
|
||
|
||
NetStatus = NetpAllocateEnumBuffer(
|
||
&BufferDescriptor,
|
||
FALSE, // Not a 'get' operation
|
||
PrefMaxLen,
|
||
Size,
|
||
AliaspMemberRelocationRoutine,
|
||
Level );
|
||
|
||
if (NetStatus != NERR_Success) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint((
|
||
"NetLocalGroupGetMembers: NetpAllocateEnumBuffer returns %ld\n",
|
||
NetStatus ));
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Copy the common member sid
|
||
//
|
||
|
||
lgrmi0 = (PLOCALGROUP_MEMBERS_INFO_0)BufferDescriptor.FixedDataEnd;
|
||
BufferDescriptor.FixedDataEnd += FixedSize;
|
||
|
||
if ( Level == 0 || Level == 1 || Level == 2 ) {
|
||
NetpAssert( offsetof( LOCALGROUP_MEMBERS_INFO_0, lgrmi0_sid ) ==
|
||
offsetof( LOCALGROUP_MEMBERS_INFO_1, lgrmi1_sid ) );
|
||
NetpAssert( offsetof( LOCALGROUP_MEMBERS_INFO_0, lgrmi0_sid ) ==
|
||
offsetof( LOCALGROUP_MEMBERS_INFO_2, lgrmi2_sid ) );
|
||
NetpAssert( offsetof( LOCALGROUP_MEMBERS_INFO_0, lgrmi0_sid ) ==
|
||
offsetof( LOCALGROUP_MEMBERS_INFO_2, lgrmi2_sid ) );
|
||
|
||
if ( ! NetpCopyDataToBuffer(
|
||
(LPBYTE) UasEnumHandle->MemberSids[UasEnumHandle->Index],
|
||
cbMemberSid,
|
||
BufferDescriptor.FixedDataEnd,
|
||
(LPBYTE *)&BufferDescriptor.EndOfVariableData,
|
||
(LPBYTE *)&lgrmi0->lgrmi0_sid,
|
||
ALIGN_DWORD ) ) {
|
||
|
||
NetStatus = NERR_InternalError;
|
||
goto Cleanup;
|
||
}
|
||
}
|
||
|
||
//
|
||
// Copy DomainName\MemberName
|
||
//
|
||
|
||
if ( Level == 2 || Level == 3 ) {
|
||
LPWSTR TempString;
|
||
|
||
|
||
//
|
||
// Copy the terminating zero after domain\membername
|
||
//
|
||
// It might seem you'd want to copy the domain name first,
|
||
// but the strings are being copied to the tail of the allocated
|
||
// buffer.
|
||
//
|
||
|
||
if ( ! NetpCopyDataToBuffer(
|
||
(LPBYTE) L"",
|
||
sizeof(WCHAR),
|
||
BufferDescriptor.FixedDataEnd,
|
||
(LPBYTE *)&BufferDescriptor.EndOfVariableData,
|
||
(LPBYTE *)&TempString,
|
||
ALIGN_WCHAR) ) {
|
||
|
||
NetStatus = NERR_InternalError;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Copy the member name portion of domain\membername
|
||
//
|
||
|
||
if ( ! NetpCopyDataToBuffer(
|
||
(LPBYTE) UserName->Buffer,
|
||
UserName->Length,
|
||
BufferDescriptor.FixedDataEnd,
|
||
(LPBYTE *)&BufferDescriptor.EndOfVariableData,
|
||
(LPBYTE *)&MemberName,
|
||
ALIGN_WCHAR) ) {
|
||
|
||
NetStatus = NERR_InternalError;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Only prepend the dommain name if it is there.
|
||
//
|
||
|
||
if ( DomainName->Length > 0 ) {
|
||
//
|
||
// Copy the separating \ between domain\membername
|
||
//
|
||
|
||
if ( ! NetpCopyDataToBuffer(
|
||
(LPBYTE) L"\\",
|
||
sizeof(WCHAR),
|
||
BufferDescriptor.FixedDataEnd,
|
||
(LPBYTE *)&BufferDescriptor.EndOfVariableData,
|
||
(LPBYTE *)&TempString,
|
||
ALIGN_WCHAR) ) {
|
||
|
||
NetStatus = NERR_InternalError;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Copy the domain name onto the front of the domain\membername.
|
||
//
|
||
|
||
if ( ! NetpCopyDataToBuffer(
|
||
(LPBYTE) DomainName->Buffer,
|
||
DomainName->Length,
|
||
BufferDescriptor.FixedDataEnd,
|
||
(LPBYTE *)&BufferDescriptor.EndOfVariableData,
|
||
(LPBYTE *)&MemberName,
|
||
ALIGN_WCHAR) ) {
|
||
|
||
NetStatus = NERR_InternalError;
|
||
goto Cleanup;
|
||
}
|
||
}
|
||
}
|
||
|
||
//
|
||
// Fill in the Level dependent fields
|
||
//
|
||
|
||
switch ( Level ) {
|
||
case 0:
|
||
break ;
|
||
|
||
case 1:
|
||
//
|
||
// Copy the Member name and sid usage
|
||
//
|
||
|
||
if ( ! NetpCopyStringToBuffer(
|
||
UserName->Buffer,
|
||
UserName->Length /sizeof(WCHAR),
|
||
BufferDescriptor.FixedDataEnd,
|
||
(LPWSTR *)&BufferDescriptor.EndOfVariableData,
|
||
&((PLOCALGROUP_MEMBERS_INFO_1)lgrmi0)->lgrmi1_name) ) {
|
||
|
||
NetStatus = NERR_InternalError;
|
||
goto Cleanup;
|
||
}
|
||
|
||
((PLOCALGROUP_MEMBERS_INFO_1)lgrmi0)->lgrmi1_sidusage =
|
||
UasEnumHandle->Names ?
|
||
UasEnumHandle->Names[UasEnumHandle->Index].Use :
|
||
SidTypeUnknown;
|
||
|
||
break ;
|
||
|
||
case 2:
|
||
//
|
||
// Copy the Member name and sid usage
|
||
//
|
||
|
||
((PLOCALGROUP_MEMBERS_INFO_2)lgrmi0)->lgrmi2_domainandname = MemberName;
|
||
|
||
((PLOCALGROUP_MEMBERS_INFO_2)lgrmi0)->lgrmi2_sidusage =
|
||
UasEnumHandle->Names ?
|
||
UasEnumHandle->Names[UasEnumHandle->Index].Use :
|
||
SidTypeUnknown;
|
||
break ;
|
||
|
||
case 3:
|
||
//
|
||
// Copy the Member name and sid usage
|
||
//
|
||
|
||
((PLOCALGROUP_MEMBERS_INFO_3)lgrmi0)->lgrmi3_domainandname = MemberName;
|
||
break;
|
||
|
||
default:
|
||
NetStatus = ERROR_INVALID_LEVEL;
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// ASSERT: The current entry has been completely copied to the
|
||
// return buffer.
|
||
//
|
||
|
||
UasEnumHandle->Index ++;
|
||
(*EntriesRead)++;
|
||
}
|
||
|
||
//
|
||
// All entries have been returned to the caller.
|
||
//
|
||
|
||
NetStatus = NERR_Success;
|
||
|
||
|
||
//
|
||
// Clean up.
|
||
//
|
||
|
||
Cleanup:
|
||
|
||
//
|
||
// Set EntriesLeft to the number left to return plus those that
|
||
// we returned on this call.
|
||
//
|
||
|
||
if ( UasEnumHandle != NULL ) {
|
||
*EntriesLeft = (UasEnumHandle->Count - UasEnumHandle->Index)
|
||
+ *EntriesRead;
|
||
}
|
||
|
||
//
|
||
// If we're done or the caller doesn't want an enumeration handle,
|
||
// free the enumeration handle.
|
||
//
|
||
|
||
if ( NetStatus != ERROR_MORE_DATA || !ARGUMENT_PRESENT( ResumeHandle ) ) {
|
||
|
||
if ( UasEnumHandle != NULL ) {
|
||
if ( UasEnumHandle->LsaHandle != NULL ) {
|
||
(void) LsaClose( UasEnumHandle->LsaHandle );
|
||
}
|
||
|
||
if ( UasEnumHandle->AliasHandle != NULL ) {
|
||
(void) SamCloseHandle( UasEnumHandle->AliasHandle );
|
||
}
|
||
|
||
if ( UasEnumHandle->Names != NULL ) {
|
||
(void) LsaFreeMemory( UasEnumHandle->Names );
|
||
}
|
||
|
||
if ( UasEnumHandle->RefDomains != NULL ) {
|
||
(void) LsaFreeMemory( UasEnumHandle->RefDomains );
|
||
}
|
||
|
||
if ( UasEnumHandle->MemberSids != NULL ) {
|
||
(void) SamFreeMemory( UasEnumHandle->MemberSids );
|
||
}
|
||
|
||
NetpMemoryFree( UasEnumHandle );
|
||
UasEnumHandle = NULL;
|
||
}
|
||
}
|
||
|
||
//
|
||
// If we're not returning data to the caller,
|
||
// free the return buffer.
|
||
//
|
||
|
||
if ( NetStatus != NERR_Success && NetStatus != ERROR_MORE_DATA ) {
|
||
if ( BufferDescriptor.Buffer != NULL ) {
|
||
MIDL_user_free( BufferDescriptor.Buffer );
|
||
}
|
||
BufferDescriptor.Buffer = NULL;
|
||
|
||
}
|
||
|
||
//
|
||
// Set the output parameters
|
||
//
|
||
|
||
*Buffer = BufferDescriptor.Buffer;
|
||
if ( ARGUMENT_PRESENT( ResumeHandle ) ) {
|
||
NetpAssert( sizeof(UasEnumHandle) <= sizeof(DWORD_PTR) );
|
||
*ResumeHandle = (DWORD_PTR) UasEnumHandle;
|
||
}
|
||
|
||
if ( SamServerHandle != NULL ) {
|
||
(VOID) SamCloseHandle( SamServerHandle );
|
||
}
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupGetMembers: returns %ld\n", NetStatus ));
|
||
}
|
||
|
||
return NetStatus;
|
||
|
||
} // NetLocalGroupGetMembers
|
||
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupSetInfo(
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN LPCWSTR LocalGroupName,
|
||
IN DWORD Level,
|
||
IN LPBYTE Buffer,
|
||
OUT LPDWORD ParmError OPTIONAL // Name required by NetpSetParmError
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Set the parameters on a local group account in the user accounts database.
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
GroupName - Name of the group to modify.
|
||
|
||
Level - Level of information provided. Must be 1.
|
||
|
||
Buffer - A pointer to the buffer containing the local group
|
||
information structure.
|
||
|
||
ParmError - Optional pointer to a DWORD to return the index of the
|
||
first parameter in error when ERROR_INVALID_PARAMETER is returned.
|
||
If NULL, the parameter is not returned on error.
|
||
|
||
Return Value:
|
||
|
||
Error code for the operation.
|
||
|
||
--*/
|
||
|
||
{
|
||
NET_API_STATUS NetStatus;
|
||
NTSTATUS Status;
|
||
SAM_HANDLE SamServerHandle = NULL;
|
||
SAM_HANDLE AliasHandle = NULL;
|
||
|
||
|
||
//
|
||
// Initialize
|
||
//
|
||
NetpSetParmError( PARM_ERROR_NONE );
|
||
|
||
//
|
||
// Connect to the SAM server
|
||
//
|
||
|
||
NetStatus = UaspOpenSam( ServerName,
|
||
FALSE, // Don't try null session
|
||
&SamServerHandle );
|
||
|
||
if ( NetStatus != NERR_Success ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupSetInfo: Cannot UaspOpenSam %ld\n", NetStatus ));
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Look for the specified alias in either the builtin or account
|
||
// domain.
|
||
//
|
||
NetStatus = AliaspOpenAliasInDomain(
|
||
SamServerHandle,
|
||
AliaspBuiltinOrAccountDomain,
|
||
ALIAS_WRITE_ACCOUNT,
|
||
LocalGroupName,
|
||
&AliasHandle );
|
||
|
||
if (NetStatus != NERR_Success) {
|
||
goto Cleanup;
|
||
}
|
||
|
||
//
|
||
// Change the alias
|
||
//
|
||
switch (Level) {
|
||
|
||
case 0:
|
||
//
|
||
// Set alias name
|
||
//
|
||
{
|
||
LPWSTR NewAliasName;
|
||
ALIAS_NAME_INFORMATION NewSamAliasName;
|
||
|
||
|
||
NewAliasName = ((PLOCALGROUP_INFO_0)Buffer)->lgrpi0_name;
|
||
|
||
if (NewAliasName == NULL) {
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupSetInfo: Alias Name is NULL\n" ));
|
||
}
|
||
NetStatus = NERR_Success;
|
||
goto Cleanup;
|
||
}
|
||
|
||
RtlInitUnicodeString( &NewSamAliasName.Name, NewAliasName );
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalAliasSetInfo: Renaming Alias Account to %wZ\n",
|
||
&NewSamAliasName.Name));
|
||
}
|
||
|
||
Status = SamSetInformationAlias( AliasHandle,
|
||
AliasNameInformation,
|
||
&NewSamAliasName );
|
||
|
||
if ( !NT_SUCCESS(Status) ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupSetInfo: SamSetInformationAlias %lX\n",
|
||
Status ));
|
||
}
|
||
NetStatus = NetpNtStatusToApiStatus( Status );
|
||
|
||
if (NetStatus == ERROR_INVALID_PARAMETER) {
|
||
NetpSetParmError(LOCALGROUP_NAME_PARMNUM);
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
break;
|
||
}
|
||
|
||
|
||
case 1:
|
||
case 1002:
|
||
//
|
||
// Set the alias comment
|
||
//
|
||
{
|
||
LPWSTR AliasComment;
|
||
ALIAS_ADM_COMMENT_INFORMATION AdminComment;
|
||
|
||
//
|
||
// Get the new alias comment
|
||
//
|
||
if ( Level == 1002 ) {
|
||
AliasComment = ((PLOCALGROUP_INFO_1002)Buffer)->lgrpi1002_comment;
|
||
} else {
|
||
AliasComment = ((PLOCALGROUP_INFO_1)Buffer)->lgrpi1_comment;
|
||
}
|
||
|
||
if ( AliasComment == NULL ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupSetInfo: Alias comment is NULL\n" ));
|
||
}
|
||
NetStatus = NERR_Success;
|
||
goto Cleanup;
|
||
}
|
||
|
||
RtlInitUnicodeString( &AdminComment.AdminComment, AliasComment );
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupSetInfo: Setting AdminComment to %wZ\n",
|
||
&AdminComment.AdminComment ));
|
||
}
|
||
|
||
Status = SamSetInformationAlias( AliasHandle,
|
||
AliasAdminCommentInformation,
|
||
&AdminComment );
|
||
|
||
if ( !NT_SUCCESS(Status) ) {
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupSetInfo: SamSetInformationAlias %lX\n",
|
||
Status ));
|
||
}
|
||
NetStatus = NetpNtStatusToApiStatus( Status );
|
||
|
||
if (NetStatus == ERROR_INVALID_PARAMETER) {
|
||
NetpSetParmError(LOCALGROUP_COMMENT_PARMNUM);
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
break;
|
||
}
|
||
|
||
default:
|
||
NetStatus = ERROR_INVALID_LEVEL;
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupSetInfo: Invalid Level %lu\n", Level ));
|
||
}
|
||
goto Cleanup;
|
||
}
|
||
|
||
NetStatus = NERR_Success;
|
||
|
||
//
|
||
// Clean up.
|
||
//
|
||
|
||
Cleanup:
|
||
if (AliasHandle != NULL) {
|
||
(VOID) SamCloseHandle( AliasHandle );
|
||
}
|
||
if ( SamServerHandle != NULL ) {
|
||
(VOID) SamCloseHandle( SamServerHandle );
|
||
}
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupSetInfo: returns %lu\n", NetStatus ));
|
||
}
|
||
|
||
return NetStatus;
|
||
|
||
} // NetLocalGroupSetInfo
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupSetMembers (
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN LPCWSTR LocalGroupName,
|
||
IN DWORD Level,
|
||
IN LPBYTE Buffer,
|
||
IN DWORD NewMemberCount
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Set the list of members of a local group.
|
||
|
||
The SAM API allows only one member to be added or deleted at a time.
|
||
This API allows all of the members of a alias to be specified en-masse.
|
||
This API is careful to always leave the alias membership in the SAM
|
||
database in a reasonable state. It does by mergeing the list of
|
||
old and new members, then only changing those memberships which absolutely
|
||
need changing.
|
||
|
||
Alias membership is restored to its previous state (if possible) if
|
||
an error occurs during changing the alias membership.
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
LocalGroupName - Name of the alias to modify.
|
||
|
||
Level - Level of information provided. Must be 0 or 3.
|
||
|
||
Buffer - A pointer to the buffer containing an array of NewMemberCount
|
||
the alias membership information structures.
|
||
|
||
NewMemberCount - Number of entries in Buffer.
|
||
|
||
Return Value:
|
||
|
||
Error code for the operation.
|
||
|
||
NERR_GroupNotFound - The specified LocalGroupName does not exist
|
||
|
||
ERROR_NO_SUCH_MEMBER - One or more of the members doesn't exist. Therefore,
|
||
the local group membership was not changed.
|
||
|
||
ERROR_INVALID_MEMBER - one or more of the members cannot be added because
|
||
it has an invalid account type. Therefore, the local group membership
|
||
was not changed.
|
||
|
||
--*/
|
||
|
||
{
|
||
NET_API_STATUS NetStatus;
|
||
|
||
|
||
NetStatus = AliaspSetMembers( ServerName,
|
||
LocalGroupName,
|
||
Level,
|
||
Buffer,
|
||
NewMemberCount,
|
||
SetMembers );
|
||
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupSetMembers: returns %lu\n", NetStatus ));
|
||
}
|
||
|
||
return NetStatus;
|
||
|
||
} // NetLocalGroupSetMembers
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupAddMembers (
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN LPCWSTR LocalGroupName,
|
||
IN DWORD Level,
|
||
IN LPBYTE Buffer,
|
||
IN DWORD NewMemberCount
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Add the list of members of a local group. Any previous members of the
|
||
local group are preserved.
|
||
|
||
The SAM API allows only one member to be added at a time.
|
||
This API allows several new members of a alias to be specified en-masse.
|
||
This API is careful to always leave the alias membership in the SAM
|
||
database in a reasonable state.
|
||
|
||
Alias membership is restored to its previous state (if possible) if
|
||
an error occurs during changing the alias membership.
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
LocalGroupName - Name of the alias to modify.
|
||
|
||
Level - Level of information provided. Must be 0 or 3.
|
||
|
||
Buffer - A pointer to the buffer containing an array of NewMemberCount
|
||
the alias membership information structures.
|
||
|
||
NewMemberCount - Number of entries in Buffer.
|
||
|
||
Return Value:
|
||
|
||
NERR_Success - Members were added successfully
|
||
|
||
NERR_GroupNotFound - The specified LocalGroupName does not exist
|
||
|
||
ERROR_NO_SUCH_MEMBER - One or more of the members doesn't exist. Therefore,
|
||
no new members were added.
|
||
|
||
ERROR_MEMBER_IN_ALIAS - one or more of the members specified were already
|
||
members of the local group. Therefore, no new members were added.
|
||
|
||
ERROR_INVALID_MEMBER - one or more of the members cannot be added because
|
||
it has an invalid account type. Therefore, no new members were added.
|
||
|
||
|
||
--*/
|
||
|
||
{
|
||
NET_API_STATUS NetStatus;
|
||
|
||
|
||
NetStatus = AliaspSetMembers( ServerName,
|
||
LocalGroupName,
|
||
Level,
|
||
Buffer,
|
||
NewMemberCount,
|
||
AddMembers );
|
||
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupAddMembers: returns %lu\n", NetStatus ));
|
||
}
|
||
|
||
return NetStatus;
|
||
|
||
} // NetLocalGroupAddMembers
|
||
|
||
|
||
NET_API_STATUS NET_API_FUNCTION
|
||
NetLocalGroupDelMembers (
|
||
IN LPCWSTR ServerName OPTIONAL,
|
||
IN LPCWSTR LocalGroupName,
|
||
IN DWORD Level,
|
||
IN LPBYTE Buffer,
|
||
IN DWORD NewMemberCount
|
||
)
|
||
|
||
/*++
|
||
|
||
Routine Description:
|
||
|
||
Delete the list of members of a local group.
|
||
|
||
The SAM API allows only one member to be deleted at a time.
|
||
This API allows several members of a alias to be specified en-masse.
|
||
This API is careful to always leave the alias membership in the SAM
|
||
database in a reasonable state.
|
||
|
||
Alias membership is restored to its previous state (if possible) if
|
||
an error occurs during changing the alias membership.
|
||
|
||
|
||
Arguments:
|
||
|
||
ServerName - A pointer to a string containing the name of the remote
|
||
server on which the function is to execute. A NULL pointer
|
||
or string specifies the local machine.
|
||
|
||
LocalGroupName - Name of the alias to modify.
|
||
|
||
Level - Level of information provided. Must be 0 or 3.
|
||
|
||
Buffer - A pointer to the buffer containing an array of NewMemberCount
|
||
the alias membership information structures.
|
||
|
||
NewMemberCount - Number of entries in Buffer.
|
||
|
||
Return Value:
|
||
|
||
NERR_Success - Members were added successfully
|
||
|
||
NERR_GroupNotFound - The specified LocalGroupName does not exist
|
||
|
||
ERROR_MEMBER_NOT_IN_ALIAS - one or more of the members specified were not
|
||
in the local group. Therefore, no members were deleted.
|
||
|
||
ERROR_NO_SUCH_MEMBER - One or more of the members doesn't exist. Therefore,
|
||
no new members were added.
|
||
|
||
--*/
|
||
|
||
{
|
||
NET_API_STATUS NetStatus;
|
||
|
||
|
||
NetStatus = AliaspSetMembers( ServerName,
|
||
LocalGroupName,
|
||
Level,
|
||
Buffer,
|
||
NewMemberCount,
|
||
DelMembers );
|
||
|
||
|
||
IF_DEBUG( UAS_DEBUG_ALIAS ) {
|
||
NetpKdPrint(( "NetLocalGroupDelMembers: returns %lu\n", NetStatus ));
|
||
}
|
||
|
||
return NetStatus;
|
||
|
||
} // NetLocalGroupDelMembers
|
||
/*lint +e614 */
|
||
/*lint +e740 */
|