88 lines
1.5 KiB
C++
88 lines
1.5 KiB
C++
/*++
|
|
|
|
Copyright (c) 2000 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
reset.c
|
|
|
|
Abstract:
|
|
|
|
This module contains client side code to handle the reset machine
|
|
credentials operation.
|
|
|
|
Author:
|
|
|
|
John Banes (jbanes) July 5, 2001
|
|
|
|
--*/
|
|
|
|
#include <nt.h>
|
|
#include <ntrtl.h>
|
|
#include <nturtl.h>
|
|
#include <windows.h>
|
|
#include <lm.h>
|
|
|
|
#include <wincrypt.h>
|
|
|
|
extern "C" {
|
|
#include <ntsam.h>
|
|
#include <ntsamp.h>
|
|
}
|
|
#include "passrec.h"
|
|
|
|
DWORD
|
|
WINAPI
|
|
CryptResetMachineCredentials(
|
|
DWORD dwFlags)
|
|
{
|
|
BYTE BufferIn[8] = {0};
|
|
DATA_BLOB DataIn;
|
|
DATA_BLOB DataOut;
|
|
DWORD dwRetVal;
|
|
NTSTATUS Status;
|
|
|
|
//
|
|
// Call SamiChangeKeys to reset syskey and SAM stuff.
|
|
// If this fails, don't bother reseting DPAPI keys.
|
|
//
|
|
|
|
Status = SamiChangeKeys();
|
|
if (!NT_SUCCESS(Status))
|
|
{
|
|
//
|
|
// Convert the ntstatus to a winerror
|
|
//
|
|
|
|
return(RtlNtStatusToDosError(Status));
|
|
}
|
|
|
|
//
|
|
// Reset DPAPI LSA secret and reencrypt all of the local machine
|
|
// master keys.
|
|
//
|
|
|
|
DataIn.pbData = BufferIn;
|
|
DataIn.cbData = sizeof(BufferIn);
|
|
|
|
if(!CryptProtectData(&DataIn,
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
CRYPTPROTECT_CRED_REGENERATE,
|
|
&DataOut))
|
|
{
|
|
dwRetVal = GetLastError();
|
|
return dwRetVal;
|
|
}
|
|
|
|
//
|
|
// Force a flush
|
|
//
|
|
|
|
RegFlushKey(HKEY_LOCAL_MACHINE);
|
|
|
|
return ERROR_SUCCESS;
|
|
}
|