Search code examples
winapiwindowwin32-processwindows-kernel

SamQueryInformationDomain: get DOMAIN_PASSWORD_COMPLEX using _DOMAIN_PASSWORD_INFORMATION

I am trying to get Password Complexity, looking for WINAPI found SamQueryInformationDomain But seems like there no public MSDN documentation for it. not header files. found soem C# code snippet here but did not find some sample c++ code snipped for SamQueryInformationDomain. Would be great help if can share sample code

Solution

  • Finally after many tryouts and searches I figured out

    NTSTATUS status, enumDomainStatus, enumUserStatus;
UNICODE_STRING serverName;
ACCESS_MASK mask = 0;
mask = SAM_SERVER_CONNECT | SAM_SERVER_ENUMERATE_DOMAINS | SAM_SERVER_LOOKUP_DOMAIN;
SAMPR_HANDLE hServerHandle, hBuiltinHandle = NULL, hDomainHandle, hUserHandle;
DWORD domainEnumerationContext = 0, domainCountRetourned, userEnumerationContext, userCountRetourned, groupsCountRetourned, i, j, k, aliasCountRetourned, *alias;
PSAMPR_RID_ENUMERATION pEnumDomainBuffer, pEnumUsersBuffer;
PSID domainSid, userSid;
SID builtin = { SID_REVISION, 1, SECURITY_NT_AUTHORITY, {SECURITY_BUILTIN_DOMAIN_RID} };
PGROUP_MEMBERSHIP pGroupMemberShip;


PSAMPR_DOMAIN_INFO_BUFFER buff;

RtlInitUnicodeString(&serverName, L"");

status = SamConnect(&serverName, &hServerHandle, SAM_SERVER_ALL_ACCESS, FALSE);
if (0 != status)
{
    printf("SamConnect error (?) %08x\n", status);
    return;
}

status = SamOpenDomain(hServerHandle, DOMAIN_READ_PASSWORD_PARAMETERS, &builtin, &hDomainHandle);
if (0 != status)
{
    printf("SamOpenDomain Builtin (?) %08x\n", status);
    return;
}

status = SamQueryInformationDomain(hDomainHandle, DomainPasswordInformation, &buff);

if (0 != status)
{
    printf("SamQueryInformation failed with %08x\n", status);
    return ;
}

ULONG properties = buff->Password.PasswordProperties;


printf("SamQueryInformation success with password properties value : %ld\n", properties);
printf("SamQueryInformation success with password MaxPasswordAge value : %ld\n", buff->Password.MaxPasswordAge);
printf("SamQueryInformation success with password MinPasswordAge value : %ld\n", buff->Password.MinPasswordAge);
printf("SamQueryInformation success with password MinPasswordLength value : %ld\n", buff->Password.MinPasswordLength);
printf("SamQueryInformation success with password PasswordHistoryLength value : %ld\n", buff->Password.PasswordHistoryLength);