X-Git-Url: http://git.samba.org/samba.git/?a=blobdiff_plain;f=packet-dcerpc-lsa.c;h=494de0918ee6c25afe814417c539ba27e35f3a89;hb=404ac984f539cda172c4af764d071b42656f52b0;hp=efa8ca9c6a81361ceee448d47c9461ce78c476ed;hpb=6d9959b8e4508b28c2013aad64e828a17bea21f6;p=obnox%2Fwireshark%2Fwip.git

diff --git a/packet-dcerpc-lsa.c b/packet-dcerpc-lsa.c
index efa8ca9c6a..494de0918e 100644
--- a/packet-dcerpc-lsa.c
+++ b/packet-dcerpc-lsa.c
@@ -3,22 +3,22 @@
  * Copyright 2001, Tim Potter <tpot@samba.org>
  *  2002  Added LSA command dissectors  Ronnie Sahlberg
  *
- * $Id: packet-dcerpc-lsa.c,v 1.46 2002/05/02 08:47:23 sahlberg Exp $
+ * $Id: packet-dcerpc-lsa.c,v 1.60 2002/10/28 20:12:30 guy Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@ethereal.com>
  * Copyright 1998 Gerald Combs
- * 
+ *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License
  * as published by the Free Software Foundation; either version 2
  * of the License, or (at your option) any later version.
- * 
+ *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
- * 
+ *
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
@@ -40,6 +40,7 @@
 
 static int proto_dcerpc_lsa = -1;
 
+static int hf_lsa_opnum = -1;
 static int hf_lsa_rc = -1;
 static int hf_lsa_hnd = -1;
 static int hf_lsa_server = -1;
@@ -159,8 +160,8 @@ static gint ett_lsa_auth_information = -1;
 
 
 static int
-lsa_dissect_pointer_NTTIME(tvbuff_t *tvb, int offset, 
-                             packet_info *pinfo, proto_tree *tree, 
+lsa_dissect_pointer_NTTIME(tvbuff_t *tvb, int offset,
+                             packet_info *pinfo, proto_tree *tree,
                              char *drep)
 {
 	dcerpc_info *di;
@@ -178,8 +179,8 @@ lsa_dissect_pointer_NTTIME(tvbuff_t *tvb, int offset,
 }
 
 static int
-lsa_dissect_pointer_UNICODE_STRING(tvbuff_t *tvb, int offset, 
-                             packet_info *pinfo, proto_tree *tree, 
+lsa_dissect_pointer_UNICODE_STRING(tvbuff_t *tvb, int offset,
+                             packet_info *pinfo, proto_tree *tree,
                              char *drep)
 {
 	dcerpc_info *di;
@@ -196,8 +197,8 @@ lsa_dissect_pointer_UNICODE_STRING(tvbuff_t *tvb, int offset,
 }
 
 static int
-lsa_dissect_pointer_pointer_UNICODE_STRING(tvbuff_t *tvb, int offset, 
-                             packet_info *pinfo, proto_tree *tree, 
+lsa_dissect_pointer_pointer_UNICODE_STRING(tvbuff_t *tvb, int offset,
+                             packet_info *pinfo, proto_tree *tree,
                              char *drep)
 {
 	dcerpc_info *di;
@@ -216,8 +217,8 @@ lsa_dissect_pointer_pointer_UNICODE_STRING(tvbuff_t *tvb, int offset,
 }
 
 static int
-lsa_dissect_pointer_STRING(tvbuff_t *tvb, int offset, 
-                             packet_info *pinfo, proto_tree *tree, 
+lsa_dissect_pointer_STRING(tvbuff_t *tvb, int offset,
+                             packet_info *pinfo, proto_tree *tree,
                              char *drep)
 {
 	dcerpc_info *di;
@@ -235,7 +236,7 @@ lsa_dissect_pointer_STRING(tvbuff_t *tvb, int offset,
 
 
 static int
-lsa_dissect_LSA_SECRET_data(tvbuff_t *tvb, int offset, 
+lsa_dissect_LSA_SECRET_data(tvbuff_t *tvb, int offset,
                              packet_info *pinfo, proto_tree *tree,
                              char *drep)
 {
@@ -293,14 +294,14 @@ lsa_dissect_LSA_SECRET_pointer(tvbuff_t *tvb, int offset,
 	return offset;
 }
 
-static int
-lsa_dissect_LSA_SECURITY_DESCRIPTOR_data(tvbuff_t *tvb, int offset, 
+int
+lsa_dissect_LSA_SECURITY_DESCRIPTOR_data(tvbuff_t *tvb, int offset,
                              packet_info *pinfo, proto_tree *tree,
                              char *drep)
 {
 	guint32 len;
 	dcerpc_info *di;
-	
+
 	di=pinfo->private_data;
 	if(di->conformant_run){
 		/*just a run to handle conformant arrays, nothing to dissect */
@@ -383,23 +384,111 @@ lsa_dissect_SECURITY_QUALITY_OF_SERVICE(tvbuff_t *tvb, int offset,
 	return offset;
 }
 
+/* Dissect LSA specific access rights */
+
+static gint hf_view_local_info = -1;
+static gint hf_view_audit_info = -1;
+static gint hf_get_private_info = -1;
+static gint hf_trust_admin = -1;
+static gint hf_create_account = -1;
+static gint hf_create_secret = -1;
+static gint hf_create_priv = -1;
+static gint hf_set_default_quota_limits = -1;
+static gint hf_set_audit_requirements = -1;
+static gint hf_server_admin = -1;
+static gint hf_lookup_names = -1;
+
+static void
+lsa_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree,
+		    guint32 access)
+{
+	proto_tree_add_boolean(
+		tree, hf_lookup_names,
+		tvb, offset, 4, access);
+
+	proto_tree_add_boolean(
+		tree, hf_server_admin,
+		tvb, offset, 4, access);
+
+	proto_tree_add_boolean(
+		tree, hf_set_audit_requirements,
+		tvb, offset, 4, access);
+
+	proto_tree_add_boolean(
+		tree, hf_set_default_quota_limits,
+		tvb, offset, 4, access);
+
+	proto_tree_add_boolean(
+		tree, hf_create_priv,
+		tvb, offset, 4, access);
+
+	proto_tree_add_boolean(
+		tree, hf_create_secret,
+		tvb, offset, 4, access);
+
+	proto_tree_add_boolean(
+		tree, hf_create_account,
+		tvb, offset, 4, access);
+
+	proto_tree_add_boolean(
+		tree, hf_trust_admin,
+		tvb, offset, 4, access);
+
+	proto_tree_add_boolean(
+		tree, hf_get_private_info,
+		tvb, offset, 4, access);
+
+	proto_tree_add_boolean(
+		tree, hf_view_audit_info,
+		tvb, offset, 4, access);
+
+	proto_tree_add_boolean(
+		tree, hf_view_local_info,
+		tvb, offset, 4, access);
+}
+
 static int
 lsa_dissect_ACCESS_MASK(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
-	/* XXX is this some bitmask ?*/
-	offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
-			hf_lsa_access_mask, NULL);
+	offset = dissect_nt_access_mask(
+		tvb, offset, pinfo, tree, drep, hf_lsa_access_mask,
+		lsa_specific_rights);
 
 	return offset;
 }
 
+/*
+ * XXX - it'd be nice if we could arrange that this be passed
+ * some out-of-band indication of whether the handle is being opened,
+ * closed, or just used.
+ */
 static int
 lsa_dissect_LSA_HANDLE(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
 	offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
-			hf_lsa_hnd, NULL);
+			hf_lsa_hnd, NULL, FALSE, FALSE);
+
+	return offset;
+}
+
+static int
+lsa_dissect_LSA_HANDLE_open(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, char *drep)
+{
+	offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
+			hf_lsa_hnd, NULL, TRUE, FALSE);
+
+	return offset;
+}
+
+static int
+lsa_dissect_LSA_HANDLE_close(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, char *drep)
+{
+	offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
+			hf_lsa_hnd, NULL, FALSE, TRUE);
 
 	return offset;
 }
@@ -427,7 +516,7 @@ lsa_dissect_LSA_OBJECT_ATTRIBUTES(tvbuff_t *tvb, int offset,
 		lsa_dissect_LPSTR, NDR_POINTER_UNIQUE,
 		"LSPTR pointer: ", -1, 0);
 
-	/* attribute name */	
+	/* attribute name */
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_pointer_STRING, NDR_POINTER_UNIQUE,
 		"NAME pointer: ", hf_lsa_obj_attr_name, 0);
@@ -441,7 +530,7 @@ lsa_dissect_LSA_OBJECT_ATTRIBUTES(tvbuff_t *tvb, int offset,
 		lsa_dissect_LSA_SECURITY_DESCRIPTOR, NDR_POINTER_UNIQUE,
 		"LSA_SECURITY_DESCRIPTOR pointer: ", -1, 0);
 
-	/* security quality of service */	
+	/* security quality of service */
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_SECURITY_QUALITY_OF_SERVICE, NDR_POINTER_UNIQUE,
 		"LSA_SECURITY_QUALITY_OF_SERVICE pointer: ", -1, 0);
@@ -455,8 +544,8 @@ lsa_dissect_lsaclose_rqst(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: hnd", -1, 0);
+		lsa_dissect_LSA_HANDLE_close, NDR_POINTER_REF,
+		"LSA_HANDLE", -1, 0);
 	return offset;
 }
 
@@ -467,7 +556,7 @@ lsa_dissect_lsaclose_reply(tvbuff_t *tvb, int offset,
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: hnd", -1, 0);
+		"LSA_HANDLE", -1, 0);
 	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
 		hf_lsa_rc, NULL);
 
@@ -478,11 +567,11 @@ lsa_dissect_lsaclose_reply(tvbuff_t *tvb, int offset,
    character of the server name which is always '\'.  This is fixed in lsa
    openpolicy2 but the function remains for backwards compatibility. */
 
-static int dissect_lsa_openpolicy_server(tvbuff_t *tvb, int offset, 
-					     packet_info *pinfo, 
+static int dissect_lsa_openpolicy_server(tvbuff_t *tvb, int offset,
+					     packet_info *pinfo,
 					     proto_tree *tree, char *drep)
 {
-	return dissect_ndr_uint16(tvb, offset, pinfo, tree, drep, 
+	return dissect_ndr_uint16(tvb, offset, pinfo, tree, drep,
 				  hf_lsa_server, NULL);
 }
 
@@ -496,7 +585,7 @@ lsa_dissect_lsaopenpolicy_rqst(tvbuff_t *tvb, int offset,
 
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_OBJECT_ATTRIBUTES, NDR_POINTER_REF,
-		"", -1, 0);
+		"OBJECT_ATTRIBUTES", -1, 0);
 
 	offset = lsa_dissect_ACCESS_MASK(tvb, offset,
 		pinfo, tree, drep);
@@ -509,8 +598,8 @@ lsa_dissect_lsaopenpolicy_reply(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: hnd", -1, 0);
+		lsa_dissect_LSA_HANDLE_open, NDR_POINTER_REF,
+		"LSA_HANDLE", -1, 0);
 	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
 		hf_lsa_rc, NULL);
 
@@ -527,7 +616,7 @@ lsa_dissect_lsaopenpolicy2_rqst(tvbuff_t *tvb, int offset,
 
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_OBJECT_ATTRIBUTES, NDR_POINTER_REF,
-		"", -1, 0);
+		"OBJECT_ATTRIBUTES", -1, 0);
 
 	offset = lsa_dissect_ACCESS_MASK(tvb, offset,
 		pinfo, tree, drep);
@@ -540,8 +629,8 @@ lsa_dissect_lsaopenpolicy2_reply(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: hnd", -1, 0);
+		lsa_dissect_LSA_HANDLE_open, NDR_POINTER_REF,
+		"LSA_HANDLE", -1, 0);
 	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
 		hf_lsa_rc, NULL);
 
@@ -570,7 +659,7 @@ lsa_dissect_lsaqueryinformationpolicy_rqst(tvbuff_t *tvb, int offset,
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: hnd", -1, 0);
+		"LSA_HANDLE", -1, 0);
 
 	offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep,
 		hf_lsa_policy_information_class, NULL);
@@ -901,7 +990,7 @@ lsa_dissect_POLICY_AUDIT_FULL_QUERY_INFO(tvbuff_t *tvb, int offset,
 }
 
 
-static int
+int
 lsa_dissect_POLICY_DNS_DOMAIN_INFO(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *parent_tree, char *drep)
 {
@@ -958,7 +1047,7 @@ lsa_dissect_POLICY_INFORMATION(tvbuff_t *tvb, int offset,
 
 	ALIGN_TO_4_BYTES;  /* all union arms aligned to 4 bytes, case 7 and 9 need this  */
 	switch(level){
-	case 1:	
+	case 1:
 		offset = lsa_dissect_POLICY_AUDIT_LOG_INFO(
 				tvb, offset, pinfo, tree, drep);
 		break;
@@ -1033,7 +1122,7 @@ lsa_dissect_lsadelete_rqst(tvbuff_t *tvb, int offset,
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: hnd", -1, 0);
+		"LSA_HANDLE", -1, 0);
 
 	return offset;
 }
@@ -1232,7 +1321,7 @@ lsa_dissect_lsalookupsids_rqst(tvbuff_t *tvb, int offset,
 
         offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 			dissect_ndr_nt_PSID_ARRAY, NDR_POINTER_REF,
-			"", -1, 0);
+			"PSID_ARRAY", -1, 0);
 
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_TRANSLATED_NAMES, NDR_POINTER_REF,
@@ -1305,7 +1394,7 @@ static const true_false_string tfs_trust_attr_tree_root = {
 	"Tree root is NOT set"
 };
 static int
-lsa_dissect_trust_attr(tvbuff_t *tvb, int offset, packet_info *pinfo, 
+lsa_dissect_trust_attr(tvbuff_t *tvb, int offset, packet_info *pinfo,
 			proto_tree *parent_tree, char *drep)
 {
 	guint32 mask;
@@ -1366,7 +1455,7 @@ lsa_dissect_LSA_TRUST_INFORMATION_EX(tvbuff_t *tvb, int offset,
 	/* type */
         offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
                                      hf_lsa_trust_type, NULL);
-	
+
 	/* attributes */
 	offset = lsa_dissect_trust_attr(tvb, offset, pinfo, tree, drep);
 
@@ -1789,7 +1878,7 @@ lsa_dissect_LSA_PRIVILEGE(tvbuff_t *tvb, int offset,
 		tree = proto_item_add_subtree(item, ett_LSA_PRIVILEGE);
 	}
 
-	/* privilege name */	
+	/* privilege name */
 	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
 			hf_lsa_privilege_name, 0);
 
@@ -1876,7 +1965,7 @@ lsa_dissect_lsalookupprivilegevalue_rqst(tvbuff_t *tvb, int offset,
 	offset = lsa_dissect_LSA_HANDLE(tvb, offset,
 		pinfo, tree, drep);
 
-	/* privilege name */	
+	/* privilege name */
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_pointer_UNICODE_STRING, NDR_POINTER_UNIQUE,
 		"NAME pointer: ", hf_lsa_privilege_name, 0);
@@ -2107,7 +2196,7 @@ lsa_dissect_lsaenumerateaccounts_reply(tvbuff_t *tvb, int offset,
 	/* [out, ref] PSID_ARRAY **accounts */
         offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 			dissect_ndr_nt_PSID_ARRAY, NDR_POINTER_REF,
-			"", -1, 0);
+			"PSID_ARRAY", -1, 0);
 
 	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
 		hf_lsa_rc, NULL);
@@ -2291,7 +2380,7 @@ lsa_dissect_LSA_UNICODE_STRING_ARRAY(tvbuff_t *tvb, int offset,
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_UNICODE_STRING_array, NDR_POINTER_UNIQUE,
 		"UNICODE_STRING pointer: ", di->hf_index, 0);
-	
+
 	return offset;
 }
 
@@ -2509,7 +2598,7 @@ lsa_dissect_TRUSTED_DOMAIN_INFORMATION(tvbuff_t *tvb, int offset,
 
 	ALIGN_TO_4_BYTES;  /* all union arms aligned to 4 bytes, case 7 and 9 need this  */
 	switch(level){
-	case 1:	
+	case 1:
 		offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
 			hf_lsa_domain, 0);
 		break;
@@ -3080,12 +3169,12 @@ lsa_dissect_lsasettrusteddomaininfo_reply(tvbuff_t *tvb, int offset,
 }
 
 static int
-lsa_dissect_lsafunction_2e_rqst(tvbuff_t *tvb, int offset,
+lsa_dissect_lsaqueryinformationpolicy2_rqst(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: hnd", -1, 0);
+		"LSA_HANDLE", -1, 0);
 
 	offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep,
 		hf_lsa_policy_information_class, NULL);
@@ -3094,11 +3183,13 @@ lsa_dissect_lsafunction_2e_rqst(tvbuff_t *tvb, int offset,
 }
 
 static int
-lsa_dissect_lsafunction_2e_reply(tvbuff_t *tvb, int offset,
+lsa_dissect_lsaqueryinformationpolicy2_reply(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
+	/* This is really a pointer to a pointer though the first level is REF
+	  so we just ignore that one */
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-		lsa_dissect_POLICY_INFORMATION, NDR_POINTER_REF,
+		lsa_dissect_POLICY_INFORMATION, NDR_POINTER_UNIQUE,
 		"POLICY_INFORMATION pointer: info", -1, 0);
 
 	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
@@ -3108,12 +3199,12 @@ lsa_dissect_lsafunction_2e_reply(tvbuff_t *tvb, int offset,
 }
 
 static int
-lsa_dissect_lsafunction_2f_rqst(tvbuff_t *tvb, int offset,
+lsa_dissect_lsasetinformationpolicy2_rqst(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: hnd", -1, 0);
+		"LSA_HANDLE", -1, 0);
 
 	offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep,
 		hf_lsa_policy_information_class, NULL);
@@ -3126,7 +3217,7 @@ lsa_dissect_lsafunction_2f_rqst(tvbuff_t *tvb, int offset,
 }
 
 static int
-lsa_dissect_lsafunction_2f_reply(tvbuff_t *tvb, int offset,
+lsa_dissect_lsasetinformationpolicy2_reply(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
 	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
@@ -3141,7 +3232,7 @@ lsa_dissect_lsaquerydomaininformationpolicy_rqst(tvbuff_t *tvb, int offset,
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: hnd", -1, 0);
+		"LSA_HANDLE", -1, 0);
 
 	offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep,
 		hf_lsa_policy_information_class, NULL);
@@ -3169,7 +3260,7 @@ lsa_dissect_lsasetdomaininformationpolicy_rqst(tvbuff_t *tvb, int offset,
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: hnd", -1, 0);
+		"LSA_HANDLE", -1, 0);
 
 	offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep,
 		hf_lsa_policy_information_class, NULL);
@@ -3406,7 +3497,7 @@ lsa_dissect_lsaclosetrusteddomainex_rqst(tvbuff_t *tvb, int offset,
 	/* [in, out] LSA_HANDLE *tdHnd */
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: tdHnd", -1, 0);
+		"LSA_HANDLE", -1, 0);
 
 	return offset;
 }
@@ -3420,7 +3511,7 @@ lsa_dissect_lsaclosetrusteddomainex_reply(tvbuff_t *tvb, int offset,
 	/* [in, out] LSA_HANDLE *tdHnd */
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
-		"LSA_HANDLE pointer: tdHnd", -1, 0);
+		"LSA_HANDLE", -1, 0);
 
 	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
 		hf_lsa_rc, NULL);
@@ -3496,7 +3587,7 @@ lsa_dissect_lsalookupsids2_rqst(tvbuff_t *tvb, int offset,
 
         offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 			dissect_ndr_nt_PSID_ARRAY, NDR_POINTER_REF,
-			"", -1, 0);
+			"PSID_ARRAY", -1, 0);
 
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		lsa_dissect_LSA_TRANSLATED_NAMES_EX, NDR_POINTER_REF,
@@ -3524,7 +3615,7 @@ lsa_dissect_lsalookupsids2_reply(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-		lsa_dissect_LSA_REFERENCED_DOMAIN_LIST, NDR_POINTER_REF,
+		lsa_dissect_LSA_REFERENCED_DOMAIN_LIST, NDR_POINTER_UNIQUE,
 		"LSA_REFERENCED_DOMAIN_LIST pointer: domains", -1, 0);
 
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
@@ -3769,199 +3860,268 @@ lsa_dissect_lsafunction_3b_reply(tvbuff_t *tvb, int offset,
 
 
 static dcerpc_sub_dissector dcerpc_lsa_dissectors[] = {
-	{ LSA_LSACLOSE, "LSACLOSE",
+	{ LSA_LSACLOSE, "Close",
 		lsa_dissect_lsaclose_rqst,
 		lsa_dissect_lsaclose_reply },
-	{ LSA_LSADELETE, "LSADELETE",
+	{ LSA_LSADELETE, "Delete",
 		lsa_dissect_lsadelete_rqst,
 		lsa_dissect_lsadelete_reply },
-	{ LSA_LSAENUMERATEPRIVILEGES, "LSAENUMERATEPRIVILEGES",
+	{ LSA_LSAENUMERATEPRIVILEGES, "EnumPrivs",
 		lsa_dissect_lsaenumerateprivileges_rqst,
 		lsa_dissect_lsaenumerateprivileges_reply },
-	{ LSA_LSAQUERYSECURITYOBJECT, "LSAQUERYSECURITYOBJECT",
+	{ LSA_LSAQUERYSECURITYOBJECT, "QuerySecObject",
 		lsa_dissect_lsaquerysecurityobject_rqst,
 		lsa_dissect_lsaquerysecurityobject_reply },
-	{ LSA_LSASETSECURITYOBJECT, "LSASETSECURITYOBJECT",
+	{ LSA_LSASETSECURITYOBJECT, "SetSecObject",
 		lsa_dissect_lsasetsecurityobject_rqst,
 		lsa_dissect_lsasetsecurityobject_reply },
-	{ LSA_LSACHANGEPASSWORD, "LSACHANGEPASSWORD",
+	{ LSA_LSACHANGEPASSWORD, "ChangePassword",
 		lsa_dissect_lsachangepassword_rqst,
 		lsa_dissect_lsachangepassword_reply },
-	{ LSA_LSAOPENPOLICY, "LSAOPENPOLICY",
+	{ LSA_LSAOPENPOLICY, "OpenPolicy",
 		lsa_dissect_lsaopenpolicy_rqst,
 		lsa_dissect_lsaopenpolicy_reply },
-	{ LSA_LSAQUERYINFORMATIONPOLICY, "LSAQUERYINFORMATIONPOLICY",
+	{ LSA_LSAQUERYINFORMATIONPOLICY, "QueryInfoPolicy",
 		lsa_dissect_lsaqueryinformationpolicy_rqst,
 		lsa_dissect_lsaqueryinformationpolicy_reply },
-	{ LSA_LSASETINFORMATIONPOLICY, "LSASETINFORMATIONPOLICY",
+	{ LSA_LSASETINFORMATIONPOLICY, "SetInfoPolicy",
 		lsa_dissect_lsasetinformationpolicy_rqst,
 		lsa_dissect_lsasetinformationpolicy_reply },
-	{ LSA_LSACLEARAUDITLOG, "LSACLEARAUDITLOG",
+	{ LSA_LSACLEARAUDITLOG, "ClearAuditLog",
 		lsa_dissect_lsaclearauditlog_rqst,
 		lsa_dissect_lsaclearauditlog_reply },
-	{ LSA_LSACREATEACCOUNT, "LSACREATEACCOUNT",
+	{ LSA_LSACREATEACCOUNT, "CreateAccount",
 		lsa_dissect_lsacreateaccount_rqst,
 		lsa_dissect_lsacreateaccount_reply },
-	{ LSA_LSAENUMERATEACCOUNTS, "LSAENUMERATEACCOUNTS",
+	{ LSA_LSAENUMERATEACCOUNTS, "EnumAccounts",
 		lsa_dissect_lsaenumerateaccounts_rqst,
 		lsa_dissect_lsaenumerateaccounts_reply },
-	{ LSA_LSACREATETRUSTEDDOMAIN, "LSACREATETRUSTEDDOMAIN",
+	{ LSA_LSACREATETRUSTEDDOMAIN, "CreateTrustedDomain",
 		lsa_dissect_lsacreatetrusteddomain_rqst,
 		lsa_dissect_lsacreatetrusteddomain_reply },
-	{ LSA_LSAENUMERATETRUSTEDDOMAINS, "LSAENUMERATETRUSTEDDOMAINS",
+	{ LSA_LSAENUMERATETRUSTEDDOMAINS, "EnumTrustedDomains",
 		lsa_dissect_lsaenumeratetrusteddomains_rqst,
 		lsa_dissect_lsaenumeratetrusteddomains_reply },
-	{ LSA_LSALOOKUPNAMES, "LSALOOKUPNAMES",
+	{ LSA_LSALOOKUPNAMES, "LookupNames",
 		lsa_dissect_lsalookupnames_rqst,
 		lsa_dissect_lsalookupnames_reply },
-	{ LSA_LSALOOKUPSIDS, "LSALOOKUPSIDS",
+	{ LSA_LSALOOKUPSIDS, "LookupSIDs",
 		lsa_dissect_lsalookupsids_rqst,
 		lsa_dissect_lsalookupsids_reply },
-	{ LSA_LSACREATESECRET, "LSACREATESECRET",  /*0x10*/
+	{ LSA_LSACREATESECRET, "CreateSecret",
 		lsa_dissect_lsacreatesecret_rqst,
 		lsa_dissect_lsacreatesecret_reply },
-	{ LSA_LSAOPENACCOUNT, "LSAOPENACCOUNT",
+	{ LSA_LSAOPENACCOUNT, "OpenAccount",
 		lsa_dissect_lsaopenaccount_rqst,
 		lsa_dissect_lsaopenaccount_reply },
-	{ LSA_LSAENUMERATEPRIVILEGESACCOUNT, "LSAENUMERATEPRIVILEGESACCOUNT",
+	{ LSA_LSAENUMERATEPRIVILEGESACCOUNT, "EnumPrivsAccount",
 		lsa_dissect_lsaenumerateprivilegesaccount_rqst,
 		lsa_dissect_lsaenumerateprivilegesaccount_reply },
-	{ LSA_LSAADDPRIVILEGESTOACCOUNT, "LSAADDPRIVILEGESTOACCOUNT",
+	{ LSA_LSAADDPRIVILEGESTOACCOUNT, "AddPrivsToAccount",
 		lsa_dissect_lsaaddprivilegestoaccount_rqst,
 		lsa_dissect_lsaaddprivilegestoaccount_reply },
-	{ LSA_LSAREMOVEPRIVILEGESFROMACCOUNT, "LSAREMOVEPRIVILEGESFROMACCOUNT",
+	{ LSA_LSAREMOVEPRIVILEGESFROMACCOUNT, "MovePrivsFromAccount",
 		lsa_dissect_lsaremoveprivilegesfromaccount_rqst,
 		lsa_dissect_lsaremoveprivilegesfromaccount_reply },
-	{ LSA_LSAGETQUOTASFORACCOUNT, "LSAGETQUOTASFORACCOUNT",
+	{ LSA_LSAGETQUOTASFORACCOUNT, "GetQuotasForAccount",
 		lsa_dissect_lsagetquotasforaccount_rqst,
 		lsa_dissect_lsagetquotasforaccount_reply },
-	{ LSA_LSASETQUOTASFORACCOUNT, "LSASETQUOTASFORACCOUNT",
+	{ LSA_LSASETQUOTASFORACCOUNT, "SetQuotasForAccount",
 		lsa_dissect_lsasetquotasforaccount_rqst,
 		lsa_dissect_lsasetquotasforaccount_reply },
-	{ LSA_LSAGETSYSTEMACCESSACCOUNT, "LSAGETSYSTEMACCESSACCOUNT",
+	{ LSA_LSAGETSYSTEMACCESSACCOUNT, "GetSystemAccessAccount",
 		lsa_dissect_lsagetsystemaccessaccount_rqst,
 		lsa_dissect_lsagetsystemaccessaccount_reply },
-	{ LSA_LSASETSYSTEMACCESSACCOUNT, "LSASETSYSTEMACCESSACCOUNT",
+	{ LSA_LSASETSYSTEMACCESSACCOUNT, "SetSystemAccessAccount",
 		lsa_dissect_lsasetsystemaccessaccount_rqst,
 		lsa_dissect_lsasetsystemaccessaccount_reply },
-	{ LSA_LSAOPENTRUSTEDDOMAIN, "LSAOPENTRUSTEDDOMAIN",
+	{ LSA_LSAOPENTRUSTEDDOMAIN, "OpenTrustedDomain",
 		lsa_dissect_lsaopentrusteddomain_rqst,
 		lsa_dissect_lsaopentrusteddomain_reply },
-	{ LSA_LSAQUERYINFOTRUSTEDDOMAIN, "LSAQUERYINFOTRUSTEDDOMAIN",
+	{ LSA_LSAQUERYINFOTRUSTEDDOMAIN, "QueryInfoTrustedDomain",
 		lsa_dissect_lsaqueryinfotrusteddomain_rqst,
 		lsa_dissect_lsaqueryinfotrusteddomain_reply },
-	{ LSA_LSASETINFORMATIONTRUSTEDDOMAIN, "LSASETINFORMATIONTRUSTEDDOMAIN",
+	{ LSA_LSASETINFORMATIONTRUSTEDDOMAIN, "SetInfoTrustedDomain",
 		lsa_dissect_lsasetinformationtrusteddomain_rqst,
 		lsa_dissect_lsasetinformationtrusteddomain_reply },
-	{ LSA_LSAOPENSECRET, "LSAOPENSECRET",
+	{ LSA_LSAOPENSECRET, "OpenSecret",
 		lsa_dissect_lsaopensecret_rqst,
 		lsa_dissect_lsaopensecret_reply },
-	{ LSA_LSASETSECRET, "LSASETSECRET",
+	{ LSA_LSASETSECRET, "SetSecret",
 		lsa_dissect_lsasetsecret_rqst,
 		lsa_dissect_lsasetsecret_reply },
-	{ LSA_LSAQUERYSECRET, "LSAQUERYSECRET",
+	{ LSA_LSAQUERYSECRET, "QuerySecret",
 		lsa_dissect_lsaquerysecret_rqst,
 		lsa_dissect_lsaquerysecret_reply },
-	{ LSA_LSALOOKUPPRIVILEGEVALUE, "LSALOOKUPPRIVILEGEVALUE",
+	{ LSA_LSALOOKUPPRIVILEGEVALUE, "LookupPrivValue",
 		lsa_dissect_lsalookupprivilegevalue_rqst,
 		lsa_dissect_lsalookupprivilegevalue_reply },
-	{ LSA_LSALOOKUPPRIVILEGENAME, "LSALOOKUPPRIVILEGENAME",
+	{ LSA_LSALOOKUPPRIVILEGENAME, "LookupPrivName",
 		lsa_dissect_lsalookupprivilegename_rqst,
 		lsa_dissect_lsalookupprivilegename_reply },
-	{ LSA_LSALOOKUPPRIVILEGEDISPLAYNAME, "LSALOOKUPPRIVILEGEDISPLAYNAME",
+	{ LSA_LSALOOKUPPRIVILEGEDISPLAYNAME, "LookupPrivDispName",
 		lsa_dissect_lsalookupprivilegedisplayname_rqst,
 		lsa_dissect_lsalookupprivilegedisplayname_reply },
-	{ LSA_LSADELETEOBJECT, "LSADELETEOBJECT",
+	{ LSA_LSADELETEOBJECT, "DeleteObject",
 		lsa_dissect_lsadeleteobject_rqst,
 		lsa_dissect_lsadeleteobject_reply },
-	{ LSA_LSAENUMERATEACCOUNTSWITHUSERRIGHT, "LSAENUMERATEACCOUNTSWITHUSERRIGHT",
+	{ LSA_LSAENUMERATEACCOUNTSWITHUSERRIGHT, "EnumAccountsWithUserRight",
 		lsa_dissect_lsaenumerateaccountswithuserright_rqst,
 		lsa_dissect_lsaenumerateaccountswithuserright_reply },
-	{ LSA_LSAENUMERATEACCOUNTRIGHTS, "LSAENUMERATEACCOUNTRIGHTS",
+	{ LSA_LSAENUMERATEACCOUNTRIGHTS, "EnumAccountRights",
 		lsa_dissect_lsaenumerateaccountrights_rqst,
 		lsa_dissect_lsaenumerateaccountrights_reply },
-	{ LSA_LSAADDACCOUNTRIGHTS, "LSAADDACCOUNTRIGHTS",
+	{ LSA_LSAADDACCOUNTRIGHTS, "AddAccountRights",
 		lsa_dissect_lsaaddaccountrights_rqst,
 		lsa_dissect_lsaaddaccountrights_reply },
-	{ LSA_LSAREMOVEACCOUNTRIGHTS, "LSAREMOVEACCOUNTRIGHTS",
+	{ LSA_LSAREMOVEACCOUNTRIGHTS, "RemoveAccountRights",
 		lsa_dissect_lsaremoveaccountrights_rqst,
 		lsa_dissect_lsaremoveaccountrights_reply },
-	{ LSA_LSAQUERYTRUSTEDDOMAININFO, "LSAQUERYTRUSTEDDOMAININFO",
+	{ LSA_LSAQUERYTRUSTEDDOMAININFO, "QueryTrustedDomainInfo",
 		lsa_dissect_lsaquerytrusteddomaininfo_rqst,
 		lsa_dissect_lsaquerytrusteddomaininfo_reply },
-	{ LSA_LSASETTRUSTEDDOMAININFO, "LSASETTRUSTEDDOMAININFO",
+	{ LSA_LSASETTRUSTEDDOMAININFO, "SetTrustedDomainInfo",
 		lsa_dissect_lsasettrusteddomaininfo_rqst,
 		lsa_dissect_lsasettrusteddomaininfo_reply },
-	{ LSA_LSADELETETRUSTEDDOMAIN, "LSADELETETRUSTEDDOMAIN",
+	{ LSA_LSADELETETRUSTEDDOMAIN, "DeleteTrsutedDomain",
 		lsa_dissect_lsadeletetrusteddomain_rqst,
 		lsa_dissect_lsadeletetrusteddomain_reply },
-	{ LSA_LSASTOREPRIVATEDATA, "LSASTOREPRIVATEDATA",
+	{ LSA_LSASTOREPRIVATEDATA, "StorePrivateData",
 		lsa_dissect_lsastoreprivatedata_rqst,
 		lsa_dissect_lsastoreprivatedata_reply },
-	{ LSA_LSARETRIEVEPRIVATEDATA, "LSARETRIEVEPRIVATEDATA",
+	{ LSA_LSARETRIEVEPRIVATEDATA, "RetrievePrivateData",
 		lsa_dissect_lsaretrieveprivatedata_rqst,
 		lsa_dissect_lsaretrieveprivatedata_reply },
-	{ LSA_LSAOPENPOLICY2, "LSAOPENPOLICY2",
+	{ LSA_LSAOPENPOLICY2, "OpenPolicy2",
 		lsa_dissect_lsaopenpolicy2_rqst,
 		lsa_dissect_lsaopenpolicy2_reply },
-	{ LSA_LSAGETUSERNAME, "LSAGETUSERNAME",
+	{ LSA_LSAGETUSERNAME, "GetUsername",
 		lsa_dissect_lsagetusername_rqst,
 		lsa_dissect_lsagetusername_reply },
-	{ LSA_LSAFUNCTION_2E, "LSAFUNCTION_2E",
-		lsa_dissect_lsafunction_2e_rqst,
-		lsa_dissect_lsafunction_2e_reply },
-	{ LSA_LSAFUNCTION_2F, "LSAFUNCTION_2F",
-		lsa_dissect_lsafunction_2f_rqst,
-		lsa_dissect_lsafunction_2f_reply },
-	{ LSA_LSAQUERYTRUSTEDDOMAININFOBYNAME, "LSAQUERYTRUSTEDDOMAININFOBYNAME",
+	{ LSA_LSAQUERYINFORMATIONPOLICY2, "QueryInformationPolicy2",
+		lsa_dissect_lsaqueryinformationpolicy2_rqst,
+		lsa_dissect_lsaqueryinformationpolicy2_reply },
+	{ LSA_LSASETINFORMATIONPOLICY2, "SetInformationPolicy2",
+		lsa_dissect_lsasetinformationpolicy2_rqst,
+		lsa_dissect_lsasetinformationpolicy2_reply },
+	{ LSA_LSAQUERYTRUSTEDDOMAININFOBYNAME, "QueryTrustedDomainInfoByName",
 		lsa_dissect_lsaquerytrusteddomaininfobyname_rqst,
 		lsa_dissect_lsaquerytrusteddomaininfobyname_reply },
-	{ LSA_LSASETTRUSTEDDOMAININFOBYNAME, "LSASETTRUSTEDDOMAININFOBYNAME",
+	{ LSA_LSASETTRUSTEDDOMAININFOBYNAME, "SetTrustedDomainInfoByName",
 		lsa_dissect_lsasettrusteddomaininfobyname_rqst,
 		lsa_dissect_lsasettrusteddomaininfobyname_reply },
-	{ LSA_LSAENUMERATETRUSTEDDOMAINSEX, "LSAENUMERATETRUSTEDDOMAINSEX",
+	{ LSA_LSAENUMERATETRUSTEDDOMAINSEX, "EnumTrustedDomainsEx",
 		lsa_dissect_lsaenumeratetrusteddomainsex_rqst,
 		lsa_dissect_lsaenumeratetrusteddomainsex_reply },
-	{ LSA_LSACREATETRUSTEDDOMAINEX, "LSACREATETRUSTEDDOMAINEX",
+	{ LSA_LSACREATETRUSTEDDOMAINEX, "CreateTrustedDomainEx",
 		lsa_dissect_lsacreatetrusteddomainex_rqst,
 		lsa_dissect_lsacreatetrusteddomainex_reply },
-	{ LSA_LSACLOSETRUSTEDDOMAINEX, "LSACLOSETRUSTEDDOMAINEX",
+	{ LSA_LSACLOSETRUSTEDDOMAINEX, "CloseTrustedDomainEx",
 		lsa_dissect_lsaclosetrusteddomainex_rqst,
 		lsa_dissect_lsaclosetrusteddomainex_reply },
-	{ LSA_LSAQUERYDOMAININFORMATIONPOLICY, "LSAQUERYDOMAININFORMATIONPOLICY",
+	{ LSA_LSAQUERYDOMAININFORMATIONPOLICY, "QueryDomainInfoPolicy",
 		lsa_dissect_lsaquerydomaininformationpolicy_rqst,
 		lsa_dissect_lsaquerydomaininformationpolicy_reply },
-	{ LSA_LSASETDOMAININFORMATIONPOLICY, "LSASETDOMAININFORMATIONPOLICY",
+	{ LSA_LSASETDOMAININFORMATIONPOLICY, "SetDomainInfoPolicy",
 		lsa_dissect_lsasetdomaininformationpolicy_rqst,
 		lsa_dissect_lsasetdomaininformationpolicy_reply },
-	{ LSA_LSAOPENTRUSTEDDOMAINBYNAME, "LSAOPENTRUSTEDDOMAINBYNAME",
+	{ LSA_LSAOPENTRUSTEDDOMAINBYNAME, "OpenTrustedDomainByName",
 		lsa_dissect_lsaopentrusteddomainbyname_rqst,
 		lsa_dissect_lsaopentrusteddomainbyname_reply },
 	{ LSA_LSAFUNCTION_38, "LSAFUNCTION_38",
 		lsa_dissect_lsafunction_38_rqst,
 		lsa_dissect_lsafunction_38_reply },
-	{ LSA_LSALOOKUPSIDS2, "LSALOOKUPSIDS2",
+	{ LSA_LSALOOKUPSIDS2, "LookupSIDs2",
 		lsa_dissect_lsalookupsids2_rqst,
 		lsa_dissect_lsalookupsids2_reply },
-	{ LSA_LSALOOKUPNAMES2, "LSALOOKUPNAMES2",
+	{ LSA_LSALOOKUPNAMES2, "LookupNames2",
 		lsa_dissect_lsalookupnames2_rqst,
 		lsa_dissect_lsalookupnames2_reply },
 	{ LSA_LSAFUNCTION_3B, "LSAFUNCTION_3B",
 		lsa_dissect_lsafunction_3b_rqst,
 		lsa_dissect_lsafunction_3b_reply },
-	{0, NULL, NULL, NULL},
+	{0, NULL, NULL, NULL}
 };
 
-void 
+static const value_string lsa_opnum_vals[] = {
+	{ LSA_LSACLOSE, "Close" },
+	{ LSA_LSADELETE, "Delete" },
+	{ LSA_LSAENUMERATEPRIVILEGES, "EnumPrivs" },
+	{ LSA_LSAQUERYSECURITYOBJECT, "QuerySecObject" },
+	{ LSA_LSASETSECURITYOBJECT, "SetSecObject" },
+	{ LSA_LSACHANGEPASSWORD, "ChangePassword" },
+	{ LSA_LSAOPENPOLICY, "OpenPolicy" },
+	{ LSA_LSAQUERYINFORMATIONPOLICY, "QueryInfoPolicy" },
+	{ LSA_LSASETINFORMATIONPOLICY, "SetInfoPolicy" },
+	{ LSA_LSACLEARAUDITLOG, "ClearAuditLog" },
+	{ LSA_LSACREATEACCOUNT, "CreateAccount" },
+	{ LSA_LSAENUMERATEACCOUNTS, "EnumAccounts" },
+	{ LSA_LSACREATETRUSTEDDOMAIN, "CreateTrustedDomain" },
+	{ LSA_LSAENUMERATETRUSTEDDOMAINS, "EnumTrustedDomains" },
+	{ LSA_LSALOOKUPNAMES, "LookupNames" },
+	{ LSA_LSALOOKUPSIDS, "LookupSIDs" },
+	{ LSA_LSACREATESECRET, "CreateSecret" },
+	{ LSA_LSAOPENACCOUNT, "OpenAccount" },
+	{ LSA_LSAENUMERATEPRIVILEGESACCOUNT, "EnumPrivsAccount" },
+	{ LSA_LSAADDPRIVILEGESTOACCOUNT, "AddPrivsToAccount" },
+	{ LSA_LSAREMOVEPRIVILEGESFROMACCOUNT, "MovePrivsFromAccount" },
+	{ LSA_LSAGETQUOTASFORACCOUNT, "GetQuotasForAccount" },
+	{ LSA_LSASETQUOTASFORACCOUNT, "SetQuotasForAccount" },
+	{ LSA_LSAGETSYSTEMACCESSACCOUNT, "GetSystemAccessAccount" },
+	{ LSA_LSASETSYSTEMACCESSACCOUNT, "SetSystemAccessAccount" },
+	{ LSA_LSAOPENTRUSTEDDOMAIN, "OpenTrustedDomain" },
+	{ LSA_LSAQUERYINFOTRUSTEDDOMAIN, "QueryInfoTrustedDomain" },
+	{ LSA_LSASETINFORMATIONTRUSTEDDOMAIN, "SetInfoTrustedDomain" },
+	{ LSA_LSAOPENSECRET, "OpenSecret" },
+	{ LSA_LSASETSECRET, "SetSecret" },
+	{ LSA_LSAQUERYSECRET, "QuerySecret" },
+	{ LSA_LSALOOKUPPRIVILEGEVALUE, "LookupPrivValue" },
+	{ LSA_LSALOOKUPPRIVILEGENAME, "LookupPrivName" },
+	{ LSA_LSALOOKUPPRIVILEGEDISPLAYNAME, "LookupPrivDispName" },
+	{ LSA_LSADELETEOBJECT, "DeleteObject" },
+	{ LSA_LSAENUMERATEACCOUNTSWITHUSERRIGHT, "EnumAccountsWithUserRight" },
+	{ LSA_LSAENUMERATEACCOUNTRIGHTS, "EnumAccountRights" },
+	{ LSA_LSAADDACCOUNTRIGHTS, "AddAccountRights" },
+	{ LSA_LSAREMOVEACCOUNTRIGHTS, "RemoveAccountRights" },
+	{ LSA_LSAQUERYTRUSTEDDOMAININFO, "QueryTrustedDomainInfo" },
+	{ LSA_LSASETTRUSTEDDOMAININFO, "SetTrustedDomainInfo" },
+	{ LSA_LSADELETETRUSTEDDOMAIN, "DeleteTrsutedDomain" },
+	{ LSA_LSASTOREPRIVATEDATA, "StorePrivateData" },
+	{ LSA_LSARETRIEVEPRIVATEDATA, "RetrievePrivateData" },
+	{ LSA_LSAOPENPOLICY2, "OpenPolicy2" },
+	{ LSA_LSAGETUSERNAME, "GetUsername" },
+	{ LSA_LSAQUERYINFORMATIONPOLICY2, "QueryInformationPolicy2" },
+	{ LSA_LSASETINFORMATIONPOLICY2, "SetInformationPolicy2" },
+	{ LSA_LSAQUERYTRUSTEDDOMAININFOBYNAME, "QueryTrustedDomainInfoByName" },
+	{ LSA_LSASETTRUSTEDDOMAININFOBYNAME, "SetTrustedDomainInfoByName" },
+	{ LSA_LSAENUMERATETRUSTEDDOMAINSEX, "EnumTrustedDomainsEx" },
+	{ LSA_LSACREATETRUSTEDDOMAINEX, "CreateTrustedDomainEx" },
+	{ LSA_LSACLOSETRUSTEDDOMAINEX, "CloseTrustedDomainEx" },
+	{ LSA_LSAQUERYDOMAININFORMATIONPOLICY, "QueryDomainInfoPolicy" },
+	{ LSA_LSASETDOMAININFORMATIONPOLICY, "SetDomainInfoPolicy" },
+	{ LSA_LSAOPENTRUSTEDDOMAINBYNAME, "OpenTrustedDomainByName" },
+	{ LSA_LSAFUNCTION_38, "LSAFUNCTION_38" },
+	{ LSA_LSALOOKUPSIDS2, "LookupSIDs2" },
+	{ LSA_LSALOOKUPNAMES2, "LookupNames2" },
+	{ LSA_LSAFUNCTION_3B, "LSAFUNCTION_3B" },
+	{ 0, NULL }
+};
+
+void
 proto_register_dcerpc_lsa(void)
 {
         static hf_register_info hf[] = {
+
+        { &hf_lsa_opnum,
+	  { "Operation", "lsa.opnum", FT_UINT16, BASE_DEC,
+	    VALS(lsa_opnum_vals), 0x0, "Operation", HFILL }},
+
 	{ &hf_lsa_unknown_string,
 		{ "Unknown string", "lsa.unknown_string", FT_STRING, BASE_NONE,
 		NULL, 0, "Unknown string. If you know what this is, contact ethereal developers.", HFILL }},
 
 	{ &hf_lsa_hnd,
-		{ "Context Handle", "lsa.hnd", FT_BYTES, BASE_NONE, 
+		{ "Context Handle", "lsa.hnd", FT_BYTES, BASE_NONE,
 		NULL, 0x0, "LSA policy handle", HFILL }},
 
 	{ &hf_lsa_server,
@@ -3973,211 +4133,211 @@ proto_register_dcerpc_lsa(void)
 		NULL, 0, "Name of Domain Controller", HFILL }},
 
 	{ &hf_lsa_unknown_hyper,
-		{ "Unknown hyper", "lsa.unknown.hyper", FT_UINT64, BASE_HEX, 
+		{ "Unknown hyper", "lsa.unknown.hyper", FT_UINT64, BASE_HEX,
 		NULL, 0x0, "Unknown hyper. If you know what this is, contact ethereal developers.", HFILL }},
 
 	{ &hf_lsa_unknown_long,
-		{ "Unknown long", "lsa.unknown.long", FT_UINT32, BASE_HEX, 
+		{ "Unknown long", "lsa.unknown.long", FT_UINT32, BASE_HEX,
 		NULL, 0x0, "Unknown long. If you know what this is, contact ethereal developers.", HFILL }},
 
 	{ &hf_lsa_unknown_short,
-		{ "Unknown short", "lsa.unknown.short", FT_UINT16, BASE_HEX, 
+		{ "Unknown short", "lsa.unknown.short", FT_UINT16, BASE_HEX,
 		NULL, 0x0, "Unknown short. If you know what this is, contact ethereal developers.", HFILL }},
 
 	{ &hf_lsa_unknown_char,
-		{ "Unknown char", "lsa.unknown.char", FT_UINT8, BASE_HEX, 
+		{ "Unknown char", "lsa.unknown.char", FT_UINT8, BASE_HEX,
 		NULL, 0x0, "Unknown char. If you know what this is, contact ethereal developers.", HFILL }},
 
 	{ &hf_lsa_rc,
-		{ "Return code", "lsa.rc", FT_UINT32, BASE_HEX, 
+		{ "Return code", "lsa.rc", FT_UINT32, BASE_HEX,
 		VALS (NT_errors), 0x0, "LSA return status code", HFILL }},
 
 	{ &hf_lsa_obj_attr,
-		{ "Attributes", "lsa.obj_attr", FT_UINT32, BASE_HEX, 
+		{ "Attributes", "lsa.obj_attr", FT_UINT32, BASE_HEX,
 		NULL, 0x0, "LSA Attributes", HFILL }},
 
 	{ &hf_lsa_obj_attr_len,
-		{ "Length", "lsa.obj_attr.len", FT_UINT32, BASE_DEC, 
+		{ "Length", "lsa.obj_attr.len", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Length of object attribute structure", HFILL }},
 
 	{ &hf_lsa_obj_attr_name,
-		{ "Name", "lsa.obj_attr.name", FT_STRING, BASE_NONE, 
+		{ "Name", "lsa.obj_attr.name", FT_STRING, BASE_NONE,
 		NULL, 0x0, "Name of object attribute", HFILL }},
 
 	{ &hf_lsa_access_mask,
-		{ "Access Mask", "lsa.access_mask", FT_UINT32, BASE_HEX, 
+		{ "Access Mask", "lsa.access_mask", FT_UINT32, BASE_HEX,
 		NULL, 0x0, "LSA Access Mask", HFILL }},
 
 	{ &hf_lsa_info_level,
-		{ "Level", "lsa.info.level", FT_UINT16, BASE_DEC, 
+		{ "Level", "lsa.info.level", FT_UINT16, BASE_DEC,
 		NULL, 0x0, "Information level of requested data", HFILL }},
 
 	{ &hf_lsa_trusted_info_level,
-		{ "Info Level", "lsa.trusted.info_level", FT_UINT16, BASE_DEC, 
+		{ "Info Level", "lsa.trusted.info_level", FT_UINT16, BASE_DEC,
 		VALS(trusted_info_level_vals), 0x0, "Information level of requested Trusted Domain Information", HFILL }},
 
 	{ &hf_lsa_sd_size,
-		{ "Size", "lsa.sd_size", FT_UINT32, BASE_DEC, 
+		{ "Size", "lsa.sd_size", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Size of lsa security descriptor", HFILL }},
 
 	{ &hf_lsa_qos_len,
-		{ "Length", "lsa.qos.len", FT_UINT32, BASE_DEC, 
+		{ "Length", "lsa.qos.len", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Length of quality of service structure", HFILL }},
 
 	{ &hf_lsa_qos_impersonation_level,
-		{ "Impersonation level", "lsa.qos.imp_lev", FT_UINT16, BASE_DEC, 
+		{ "Impersonation level", "lsa.qos.imp_lev", FT_UINT16, BASE_DEC,
 		VALS(lsa_impersonation_level_vals), 0x0, "QOS Impersonation Level", HFILL }},
 
 	{ &hf_lsa_qos_track_context,
-		{ "Context Tracking", "lsa.qos.track_ctx", FT_UINT8, BASE_DEC, 
+		{ "Context Tracking", "lsa.qos.track_ctx", FT_UINT8, BASE_DEC,
 		NULL, 0x0, "QOS Context Tracking Mode", HFILL }},
 
 	{ &hf_lsa_qos_effective_only,
-		{ "Effective only", "lsa.qos.effective_only", FT_UINT8, BASE_DEC, 
+		{ "Effective only", "lsa.qos.effective_only", FT_UINT8, BASE_DEC,
 		NULL, 0x0, "QOS Flag whether this is Effective Only or not", HFILL }},
 
 	{ &hf_lsa_pali_percent_full,
-		{ "Percent Full", "lsa.pali.percent_full", FT_UINT32, BASE_DEC, 
+		{ "Percent Full", "lsa.pali.percent_full", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "How full audit log is in percentage", HFILL }},
 
 	{ &hf_lsa_pali_log_size,
-		{ "Log Size", "lsa.pali.log_size", FT_UINT32, BASE_DEC, 
+		{ "Log Size", "lsa.pali.log_size", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Size of audit log", HFILL }},
 
 	{ &hf_lsa_pali_retention_period,
-		{ "Retention Period", "lsa.pali.retention_period", FT_RELATIVE_TIME, BASE_NONE, 
+		{ "Retention Period", "lsa.pali.retention_period", FT_RELATIVE_TIME, BASE_NONE,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_pali_time_to_shutdown,
-		{ "Time to shutdown", "lsa.pali.time_to_shutdown", FT_RELATIVE_TIME, BASE_NONE, 
+		{ "Time to shutdown", "lsa.pali.time_to_shutdown", FT_RELATIVE_TIME, BASE_NONE,
 		NULL, 0x0, "Time to shutdown", HFILL }},
 
-	{ &hf_lsa_pali_shutdown_in_progress,	
-		{ "Shutdown in progress", "lsa.pali.shutdown_in_progress", FT_UINT8, BASE_DEC, 
+	{ &hf_lsa_pali_shutdown_in_progress,
+		{ "Shutdown in progress", "lsa.pali.shutdown_in_progress", FT_UINT8, BASE_DEC,
 		NULL, 0x0, "Flag whether shutdown is in progress or not", HFILL }},
 
 	{ &hf_lsa_pali_next_audit_record,
-		{ "Next Audit Record", "lsa.pali.next_audit_record", FT_UINT32, BASE_HEX, 
+		{ "Next Audit Record", "lsa.pali.next_audit_record", FT_UINT32, BASE_HEX,
 		NULL, 0x0, "Next audit record", HFILL }},
 
 	{ &hf_lsa_paei_enabled,
-		{ "Enabled", "lsa.paei.enabled", FT_UINT8, BASE_DEC, 
+		{ "Enabled", "lsa.paei.enabled", FT_UINT8, BASE_DEC,
 		NULL, 0x0, "If Audit Events Information is Enabled or not", HFILL }},
 
 	{ &hf_lsa_paei_settings,
-		{ "Settings", "lsa.paei.settings", FT_UINT32, BASE_HEX, 
+		{ "Settings", "lsa.paei.settings", FT_UINT32, BASE_HEX,
 		NULL, 0x0, "Audit Events Information settings", HFILL }},
 
 	{ &hf_lsa_count,
-		{ "Count", "lsa.count", FT_UINT32, BASE_DEC, 
+		{ "Count", "lsa.count", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Count of objects", HFILL }},
 
 	{ &hf_lsa_max_count,
-		{ "Max Count", "lsa.max_count", FT_UINT32, BASE_DEC, 
+		{ "Max Count", "lsa.max_count", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_domain,
-		{ "Domain", "lsa.domain", FT_STRING, BASE_NONE, 
+		{ "Domain", "lsa.domain", FT_STRING, BASE_NONE,
 		NULL, 0x0, "Domain", HFILL }},
 
 	{ &hf_lsa_acct,
-		{ "Account", "lsa.acct", FT_STRING, BASE_NONE, 
+		{ "Account", "lsa.acct", FT_STRING, BASE_NONE,
 		NULL, 0x0, "Account", HFILL }},
 
 	{ &hf_lsa_source,
-		{ "Source", "lsa.source", FT_STRING, BASE_NONE, 
+		{ "Source", "lsa.source", FT_STRING, BASE_NONE,
 		NULL, 0x0, "Replica Source", HFILL }},
 
 	{ &hf_lsa_server_role,
-		{ "Role", "lsa.server_role", FT_UINT16, BASE_DEC, 
+		{ "Role", "lsa.server_role", FT_UINT16, BASE_DEC,
 		VALS(server_role_vals), 0x0, "LSA Server Role", HFILL }},
 
 	{ &hf_lsa_quota_paged_pool,
-		{ "Paged Pool", "lsa.quota.paged_pool", FT_UINT32, BASE_DEC, 
+		{ "Paged Pool", "lsa.quota.paged_pool", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Size of Quota Paged Pool", HFILL }},
 
 	{ &hf_lsa_quota_non_paged_pool,
-		{ "Non Paged Pool", "lsa.quota.non_paged_pool", FT_UINT32, BASE_DEC, 
+		{ "Non Paged Pool", "lsa.quota.non_paged_pool", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Size of Quota non-Paged Pool", HFILL }},
 
 	{ &hf_lsa_quota_min_wss,
-		{ "Min WSS", "lsa.quota.min_wss", FT_UINT32, BASE_DEC, 
+		{ "Min WSS", "lsa.quota.min_wss", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Size of Quota Min WSS", HFILL }},
 
 	{ &hf_lsa_quota_max_wss,
-		{ "Max WSS", "lsa.quota.max_wss", FT_UINT32, BASE_DEC, 
+		{ "Max WSS", "lsa.quota.max_wss", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Size of Quota Max WSS", HFILL }},
 
 	{ &hf_lsa_quota_pagefile,
-		{ "Pagefile", "lsa.quota.pagefile", FT_UINT32, BASE_DEC, 
+		{ "Pagefile", "lsa.quota.pagefile", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Size of quota pagefile usage", HFILL }},
 
 	{ &hf_lsa_mod_seq_no,
-		{ "Seq No", "lsa.mod.seq_no", FT_UINT64, BASE_DEC, 
+		{ "Seq No", "lsa.mod.seq_no", FT_UINT64, BASE_DEC,
 		NULL, 0x0, "Sequence number for this modification", HFILL }},
 
 	{ &hf_lsa_mod_mtime,
-		{ "MTime", "lsa.mod.mtime", FT_ABSOLUTE_TIME, BASE_NONE, 
+		{ "MTime", "lsa.mod.mtime", FT_ABSOLUTE_TIME, BASE_NONE,
 		NULL, 0x0, "Time when this modification occured", HFILL }},
 
 	{ &hf_lsa_cur_mtime,
-		{ "Current MTime", "lsa.cur.mtime", FT_ABSOLUTE_TIME, BASE_NONE, 
+		{ "Current MTime", "lsa.cur.mtime", FT_ABSOLUTE_TIME, BASE_NONE,
 		NULL, 0x0, "Current MTime to set", HFILL }},
 
 	{ &hf_lsa_old_mtime,
-		{ "Old MTime", "lsa.old.mtime", FT_ABSOLUTE_TIME, BASE_NONE, 
+		{ "Old MTime", "lsa.old.mtime", FT_ABSOLUTE_TIME, BASE_NONE,
 		NULL, 0x0, "Old MTime for this object", HFILL }},
 
 	{ &hf_lsa_name,
-		{ "Name", "lsa.name", FT_STRING, BASE_NONE, 
+		{ "Name", "lsa.name", FT_STRING, BASE_NONE,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_key,
-		{ "Key", "lsa.key", FT_BYTES, BASE_NONE, 
+		{ "Key", "lsa.key", FT_STRING, BASE_NONE,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_flat_name,
-		{ "Flat Name", "lsa.flat_name", FT_STRING, BASE_NONE, 
+		{ "Flat Name", "lsa.flat_name", FT_STRING, BASE_NONE,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_forest,
-		{ "Forest", "lsa.forest", FT_STRING, BASE_NONE, 
+		{ "Forest", "lsa.forest", FT_STRING, BASE_NONE,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_info_type,
-		{ "Info Type", "lsa.info_type", FT_UINT32, BASE_DEC, 
+		{ "Info Type", "lsa.info_type", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_new_pwd,
-		{ "New Password", "lsa.new_pwd", FT_BYTES, BASE_HEX, 
+		{ "New Password", "lsa.new_pwd", FT_BYTES, BASE_HEX,
 		NULL, 0x0, "New password", HFILL }},
 
 	{ &hf_lsa_old_pwd,
-		{ "Old Password", "lsa.old_pwd", FT_BYTES, BASE_HEX, 
+		{ "Old Password", "lsa.old_pwd", FT_BYTES, BASE_HEX,
 		NULL, 0x0, "Old password", HFILL }},
 
 	{ &hf_lsa_sid_type,
-		{ "SID Type", "lsa.sid_type", FT_UINT16, BASE_DEC, 
+		{ "SID Type", "lsa.sid_type", FT_UINT16, BASE_DEC,
 		VALS(sid_type_vals), 0x0, "Type of SID", HFILL }},
 
 	{ &hf_lsa_rid,
-		{ "RID", "lsa.rid", FT_UINT32, BASE_HEX, 
+		{ "RID", "lsa.rid", FT_UINT32, BASE_HEX,
 		NULL, 0x0, "RID", HFILL }},
 
 	{ &hf_lsa_rid_offset,
-		{ "RID Offset", "lsa.rid.offset", FT_UINT32, BASE_HEX, 
+		{ "RID Offset", "lsa.rid.offset", FT_UINT32, BASE_HEX,
 		NULL, 0x0, "RID Offset", HFILL }},
 
 	{ &hf_lsa_index,
-		{ "Index", "lsa.index", FT_UINT32, BASE_DEC, 
+		{ "Index", "lsa.index", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_num_mapped,
-		{ "Num Mapped", "lsa.num_mapped", FT_UINT32, BASE_DEC, 
+		{ "Num Mapped", "lsa.num_mapped", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_policy_information_class,
-		{ "Info Class", "lsa.policy.info", FT_UINT16, BASE_DEC, 
+		{ "Info Class", "lsa.policy.info", FT_UINT16, BASE_DEC,
 		VALS(policy_information_class_vals), 0x0, "Policy information class", HFILL }},
 
 	{ &hf_lsa_secret,
@@ -4189,55 +4349,55 @@ proto_register_dcerpc_lsa(void)
 		NULL, 0, "", HFILL }},
 
 	{ &hf_nt_luid_high,
-		{ "High", "nt.luid.high", FT_UINT32, BASE_HEX, 
+		{ "High", "nt.luid.high", FT_UINT32, BASE_HEX,
 		NULL, 0x0, "LUID High component", HFILL }},
 
 	{ &hf_nt_luid_low,
-		{ "Low", "nt.luid.low", FT_UINT32, BASE_HEX, 
+		{ "Low", "nt.luid.low", FT_UINT32, BASE_HEX,
 		NULL, 0x0, "LUID Low component", HFILL }},
 
 	{ &hf_lsa_size,
-		{ "Size", "lsa.size", FT_UINT32, BASE_DEC, 
+		{ "Size", "lsa.size", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_size16,
-		{ "Size", "lsa.size", FT_UINT16, BASE_DEC, 
+		{ "Size", "lsa.size", FT_UINT16, BASE_DEC,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_size_needed,
-		{ "Size Needed", "lsa.size_needed", FT_UINT16, BASE_DEC, 
+		{ "Size Needed", "lsa.size_needed", FT_UINT16, BASE_DEC,
 		NULL, 0x0, "", HFILL }},
 
 	{ &hf_lsa_privilege_name,
-		{ "Name", "lsa.privilege.name", FT_STRING, BASE_NONE, 
+		{ "Name", "lsa.privilege.name", FT_STRING, BASE_NONE,
 		NULL, 0x0, "LSA Privilege Name", HFILL }},
 
 	{ &hf_lsa_rights,
-		{ "Rights", "lsa.rights", FT_STRING, BASE_NONE, 
+		{ "Rights", "lsa.rights", FT_STRING, BASE_NONE,
 		NULL, 0x0, "Account Rights", HFILL }},
 
 	{ &hf_lsa_attr,
-		{ "Attr", "lsa.attr", FT_UINT64, BASE_HEX, 
+		{ "Attr", "lsa.attr", FT_UINT64, BASE_HEX,
 		NULL, 0x0, "LSA Attributes", HFILL }},
 
 	{ &hf_lsa_auth_update,
-		{ "Update", "lsa.auth.update", FT_UINT64, BASE_HEX, 
+		{ "Update", "lsa.auth.update", FT_UINT64, BASE_HEX,
 		NULL, 0x0, "LSA Auth Info update", HFILL }},
 
 	{ &hf_lsa_resume_handle,
-		{ "Resume Handle", "lsa.resume_handle", FT_UINT32, BASE_DEC, 
+		{ "Resume Handle", "lsa.resume_handle", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Resume Handle", HFILL }},
 
 	{ &hf_lsa_trust_direction,
-		{ "Trust Direction", "lsa.trust.direction", FT_UINT32, BASE_DEC, 
+		{ "Trust Direction", "lsa.trust.direction", FT_UINT32, BASE_DEC,
 		VALS(trusted_direction_vals), 0x0, "Trust direction", HFILL }},
 
 	{ &hf_lsa_trust_type,
-		{ "Trust Type", "lsa.trust.type", FT_UINT32, BASE_DEC, 
+		{ "Trust Type", "lsa.trust.type", FT_UINT32, BASE_DEC,
 		VALS(trusted_type_vals), 0x0, "Trust type", HFILL }},
 
 	{ &hf_lsa_trust_attr,
-		{ "Trust Attr", "lsa.trust.attr", FT_UINT32, BASE_HEX, 
+		{ "Trust Attr", "lsa.trust.attr", FT_UINT32, BASE_HEX,
 		NULL, 0x0, "Trust attributes", HFILL }},
 
 	{ &hf_lsa_trust_attr_non_trans,
@@ -4257,19 +4417,72 @@ proto_register_dcerpc_lsa(void)
 		TFS(&tfs_trust_attr_tree_root), 0x00800000, "Tree Root trust", HFILL }},
 
 	{ &hf_lsa_auth_type,
-		{ "Auth Type", "lsa.auth.type", FT_UINT32, BASE_DEC, 
+		{ "Auth Type", "lsa.auth.type", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Auth Info type", HFILL }},
 
 	{ &hf_lsa_auth_len,
-		{ "Auth Len", "lsa.auth.len", FT_UINT32, BASE_DEC, 
+		{ "Auth Len", "lsa.auth.len", FT_UINT32, BASE_DEC,
 		NULL, 0x0, "Auth Info len", HFILL }},
 
 	{ &hf_lsa_remove_all,
-		{ "Remove All", "lsa.remove_all", FT_UINT8, BASE_DEC, 
+		{ "Remove All", "lsa.remove_all", FT_UINT8, BASE_DEC,
 		NULL, 0x0, "Flag whether all rights should be removed or only the specified ones", HFILL }},
 
-
-	};
+	{ &hf_view_local_info,
+	        { "View local info", "lsa.access_mask.view_local_info",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_VIEW_LOCAL_INFORMATION,
+		  "View local info", HFILL }},
+
+	{ &hf_view_audit_info,
+	        { "View audit info", "lsa.access_mask.view_audit_info",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_VIEW_AUDIT_INFORMATION,
+		  "View audit info", HFILL }},
+
+	{ &hf_get_private_info,
+	        { "Get private info", "lsa.access_mask.get_privateinfo",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_GET_PRIVATE_INFORMATION,
+		  "Get private info", HFILL }},
+
+	{ &hf_trust_admin,
+	        { "Trust admin", "lsa.access_mask.trust_admin",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_TRUST_ADMIN,
+		  "Trust admin", HFILL }},
+
+	{ &hf_create_account,
+	        { "Create account", "lsa.access_mask.create_account",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_CREATE_ACCOUNT,
+		  "Create account", HFILL }},
+
+	{ &hf_create_secret,
+	        { "Create secret", "lsa.access_mask.create_secret",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_CREATE_SECRET,
+		  "Create secret", HFILL }},
+
+	{ &hf_create_priv,
+	        { "Create privilege", "lsa.access_mask.create_priv",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_CREATE_PRIVILEGE,
+		  "Create privilege", HFILL }},
+
+	{ &hf_set_default_quota_limits,
+	        { "Set default quota limits", "lsa.access_mask.set_default_quota_limits",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_SET_DEFAULT_QUOTA_LIMITS,
+		  "Set default quota limits", HFILL }},
+
+	{ &hf_set_audit_requirements,
+	        { "Set audit requirements", "lsa.access_mask.set_audit_requirements",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_SET_AUDIT_REQUIREMENTS,
+		  "Set audit requirements", HFILL }},
+
+	{ &hf_server_admin,
+	        { "Server admin", "lsa.access_mask.server_admin",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_SERVER_ADMIN,
+		  "Server admin", HFILL }},
+
+	{ &hf_lookup_names,
+	        { "Lookup names", "lsa.access_mask.lookup_names",
+		  FT_BOOLEAN, 32, TFS(&flags_set_truth), POLICY_LOOKUP_NAMES,
+		  "Lookup names", HFILL }}
+};
 
         static gint *ett[] = {
 		&ett_dcerpc_lsa,
@@ -4303,7 +4516,7 @@ proto_register_dcerpc_lsa(void)
 		&ett_lsa_trusted_domain_info,
 		&ett_lsa_trust_attr,
 		&ett_lsa_trusted_domain_auth_information,
-		&ett_lsa_auth_information,
+		&ett_lsa_auth_information
         };
 
         proto_dcerpc_lsa = proto_register_protocol(
@@ -4316,7 +4529,7 @@ proto_register_dcerpc_lsa(void)
 /* Protocol handoff */
 
 static e_uuid_t uuid_dcerpc_lsa = {
-        0x12345778, 0x1234, 0xabcd, 
+        0x12345778, 0x1234, 0xabcd,
         { 0xef, 0x00, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab}
 };
 
@@ -4328,5 +4541,5 @@ proto_reg_handoff_dcerpc_lsa(void)
         /* Register protocol as dcerpc */
 
         dcerpc_init_uuid(proto_dcerpc_lsa, ett_dcerpc_lsa, &uuid_dcerpc_lsa,
-                         ver_dcerpc_lsa, dcerpc_lsa_dissectors);
+                         ver_dcerpc_lsa, dcerpc_lsa_dissectors, hf_lsa_opnum);
 }