2002-03-10 00:29:33 +01:00
|
|
|
/*
|
|
|
|
* Copyright (C) 1999 Juergen Schmied
|
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
* License along with this library; if not, write to the Free Software
|
2006-05-18 14:49:52 +02:00
|
|
|
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
2002-03-10 00:29:33 +01:00
|
|
|
*/
|
|
|
|
|
1999-07-04 13:01:21 +02:00
|
|
|
#ifndef __WINE_NTSECAPI_H
|
|
|
|
#define __WINE_NTSECAPI_H
|
|
|
|
|
2011-12-20 09:18:07 +01:00
|
|
|
#ifndef GUID_DEFINED
|
|
|
|
# include <guiddef.h>
|
|
|
|
#endif
|
|
|
|
|
1999-07-04 13:01:21 +02:00
|
|
|
#ifdef __cplusplus
|
|
|
|
extern "C" {
|
|
|
|
#endif /* defined(__cplusplus) */
|
|
|
|
|
2002-09-11 02:48:26 +02:00
|
|
|
/* Policy access rights */
|
2011-11-22 00:59:59 +01:00
|
|
|
#define POLICY_VIEW_LOCAL_INFORMATION __MSABI_LONG(0x00000001)
|
|
|
|
#define POLICY_VIEW_AUDIT_INFORMATION __MSABI_LONG(0x00000002)
|
|
|
|
#define POLICY_GET_PRIVATE_INFORMATION __MSABI_LONG(0x00000004)
|
|
|
|
#define POLICY_TRUST_ADMIN __MSABI_LONG(0x00000008)
|
|
|
|
#define POLICY_CREATE_ACCOUNT __MSABI_LONG(0x00000010)
|
|
|
|
#define POLICY_CREATE_SECRET __MSABI_LONG(0x00000020)
|
|
|
|
#define POLICY_CREATE_PRIVILEGE __MSABI_LONG(0x00000040)
|
|
|
|
#define POLICY_SET_DEFAULT_QUOTA_LIMITS __MSABI_LONG(0x00000080)
|
|
|
|
#define POLICY_SET_AUDIT_REQUIREMENTS __MSABI_LONG(0x00000100)
|
|
|
|
#define POLICY_AUDIT_LOG_ADMIN __MSABI_LONG(0x00000200)
|
|
|
|
#define POLICY_SERVER_ADMIN __MSABI_LONG(0x00000400)
|
|
|
|
#define POLICY_LOOKUP_NAMES __MSABI_LONG(0x00000800)
|
|
|
|
#define POLICY_NOTIFICATION __MSABI_LONG(0x00001000)
|
2002-09-11 02:48:26 +02:00
|
|
|
|
|
|
|
#define POLICY_ALL_ACCESS ( \
|
|
|
|
STANDARD_RIGHTS_REQUIRED | \
|
|
|
|
POLICY_VIEW_LOCAL_INFORMATION | \
|
|
|
|
POLICY_VIEW_AUDIT_INFORMATION | \
|
|
|
|
POLICY_GET_PRIVATE_INFORMATION | \
|
|
|
|
POLICY_TRUST_ADMIN | \
|
|
|
|
POLICY_CREATE_ACCOUNT | \
|
|
|
|
POLICY_CREATE_SECRET | \
|
|
|
|
POLICY_CREATE_PRIVILEGE | \
|
|
|
|
POLICY_SET_DEFAULT_QUOTA_LIMITS | \
|
|
|
|
POLICY_SET_AUDIT_REQUIREMENTS | \
|
|
|
|
POLICY_AUDIT_LOG_ADMIN | \
|
|
|
|
POLICY_SERVER_ADMIN | \
|
|
|
|
POLICY_LOOKUP_NAMES)
|
|
|
|
|
|
|
|
|
|
|
|
#define POLICY_READ ( \
|
|
|
|
STANDARD_RIGHTS_READ | \
|
|
|
|
POLICY_VIEW_AUDIT_INFORMATION | \
|
|
|
|
POLICY_GET_PRIVATE_INFORMATION)
|
|
|
|
|
|
|
|
#define POLICY_WRITE ( \
|
|
|
|
STANDARD_RIGHTS_WRITE | \
|
|
|
|
POLICY_TRUST_ADMIN | \
|
|
|
|
POLICY_CREATE_ACCOUNT | \
|
|
|
|
POLICY_CREATE_SECRET | \
|
|
|
|
POLICY_CREATE_PRIVILEGE | \
|
|
|
|
POLICY_SET_DEFAULT_QUOTA_LIMITS | \
|
|
|
|
POLICY_SET_AUDIT_REQUIREMENTS | \
|
|
|
|
POLICY_AUDIT_LOG_ADMIN | \
|
|
|
|
POLICY_SERVER_ADMIN)
|
|
|
|
|
|
|
|
#define POLICY_EXECUTE ( \
|
|
|
|
STANDARD_RIGHTS_EXECUTE | \
|
|
|
|
POLICY_VIEW_LOCAL_INFORMATION | \
|
|
|
|
POLICY_LOOKUP_NAMES)
|
|
|
|
|
2011-11-22 00:59:59 +01:00
|
|
|
#define POLICY_AUDIT_EVENT_UNCHANGED __MSABI_LONG(0x00000000)
|
|
|
|
#define POLICY_AUDIT_EVENT_SUCCESS __MSABI_LONG(0x00000001)
|
|
|
|
#define POLICY_AUDIT_EVENT_FAILURE __MSABI_LONG(0x00000002)
|
|
|
|
#define POLICY_AUDIT_EVENT_NONE __MSABI_LONG(0x00000004)
|
2005-01-21 11:15:50 +01:00
|
|
|
|
|
|
|
#define POLICY_AUDIT_EVENT_MASK (POLICY_AUDIT_EVENT_SUCCESS | \
|
|
|
|
POLICY_AUDIT_EVENT_FAILURE | \
|
|
|
|
POLICY_AUDIT_EVENT_NONE)
|
|
|
|
|
|
|
|
/* logon rights names */
|
|
|
|
#define SE_BATCH_LOGON_NAME \
|
|
|
|
TEXT("SeBatchLogonRight")
|
|
|
|
#define SE_INTERACTIVE_LOGON_NAME \
|
|
|
|
TEXT("SeInteractiveLogonRight")
|
|
|
|
#define SE_NETWORK_LOGON_NAME \
|
|
|
|
TEXT("SeNetworkLogonRight")
|
|
|
|
#define SE_REMOTE_INTERACTIVE_LOGON_NAME \
|
|
|
|
TEXT("SeRemoteInteractiveLogonRight")
|
|
|
|
#define SE_SERVICE_LOGON_NAME \
|
|
|
|
TEXT("SeServiceLogonRight")
|
|
|
|
#define SE_DENY_BATCH_LOGON_NAME \
|
|
|
|
TEXT("SeDenyBatchLogonRight")
|
|
|
|
#define SE_DENY_INTERACTIVE_LOGON_NAME \
|
|
|
|
TEXT("SeDenyInteractiveLogonRight")
|
|
|
|
#define SE_DENY_NETWORK_LOGON_NAME \
|
|
|
|
TEXT("SeDenyNetworkLogonRight")
|
|
|
|
#define SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME \
|
|
|
|
TEXT("SeDenyRemoteInteractiveLogonRight")
|
|
|
|
#define SE_DENY_SERVICE_LOGON_NAME \
|
|
|
|
TEXT("SeDenyServiceLogonRight")
|
|
|
|
|
2005-08-16 18:01:49 +02:00
|
|
|
#ifndef WINE_NTSTATUS_DECLARED
|
|
|
|
#define WINE_NTSTATUS_DECLARED
|
|
|
|
typedef LONG NTSTATUS;
|
|
|
|
#endif
|
|
|
|
#ifndef WINE_PNTSTATUS_DECLARED
|
|
|
|
#define WINE_PNTSTATUS_DECLARED
|
|
|
|
typedef NTSTATUS *PNTSTATUS;
|
|
|
|
#endif
|
|
|
|
|
2005-01-21 11:15:50 +01:00
|
|
|
typedef enum _SECURITY_LOGON_TYPE
|
|
|
|
{
|
|
|
|
Interactive = 2,
|
|
|
|
Network,
|
|
|
|
Batch,
|
|
|
|
Service,
|
|
|
|
Proxy
|
|
|
|
} SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
|
|
|
|
|
|
|
|
typedef enum _POLICY_AUDIT_EVENT_TYPE
|
|
|
|
{
|
|
|
|
AuditCategorySystem,
|
|
|
|
AuditCategoryLogon,
|
|
|
|
AuditCategoryObjectAccess,
|
|
|
|
AuditCategoryPrivilegeUse,
|
|
|
|
AuditCategoryDetailedTracking,
|
|
|
|
AuditCategoryPolicyChange,
|
|
|
|
AuditCategoryAccountManagement
|
|
|
|
} POLICY_AUDIT_EVENT_TYPE, *PPOLICY_AUDIT_EVENT_TYPE;
|
|
|
|
|
2006-11-08 01:20:40 +01:00
|
|
|
#ifndef __STRING_DEFINED__
|
|
|
|
#define __STRING_DEFINED__
|
|
|
|
typedef struct _STRING {
|
|
|
|
USHORT Length;
|
|
|
|
USHORT MaximumLength;
|
|
|
|
PCHAR Buffer;
|
|
|
|
} STRING, *PSTRING;
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifndef __UNICODE_STRING_DEFINED__
|
|
|
|
#define __UNICODE_STRING_DEFINED__
|
|
|
|
typedef struct _UNICODE_STRING {
|
|
|
|
USHORT Length; /* bytes */
|
|
|
|
USHORT MaximumLength; /* bytes */
|
|
|
|
PWSTR Buffer;
|
|
|
|
} UNICODE_STRING, *PUNICODE_STRING;
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifndef __OBJECT_ATTRIBUTES_DEFINED__
|
|
|
|
#define __OBJECT_ATTRIBUTES_DEFINED__
|
|
|
|
typedef struct _OBJECT_ATTRIBUTES {
|
|
|
|
ULONG Length;
|
|
|
|
HANDLE RootDirectory;
|
|
|
|
PUNICODE_STRING ObjectName;
|
|
|
|
ULONG Attributes;
|
|
|
|
PVOID SecurityDescriptor; /* type SECURITY_DESCRIPTOR */
|
|
|
|
PVOID SecurityQualityOfService; /* type SECURITY_QUALITY_OF_SERVICE */
|
|
|
|
} OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES;
|
|
|
|
#endif
|
|
|
|
|
2018-01-29 04:10:06 +01:00
|
|
|
#ifndef __SECHANDLE_DEFINED__
|
|
|
|
#define __SECHANDLE_DEFINED__
|
|
|
|
typedef struct _SecHandle
|
|
|
|
{
|
|
|
|
ULONG_PTR dwLower;
|
|
|
|
ULONG_PTR dwUpper;
|
|
|
|
} SecHandle, *PSecHandle;
|
|
|
|
#endif
|
|
|
|
|
1999-07-04 13:01:21 +02:00
|
|
|
typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
|
|
|
|
typedef STRING LSA_STRING, *PLSA_STRING;
|
|
|
|
typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
|
|
|
|
|
|
|
|
typedef PVOID LSA_HANDLE, *PLSA_HANDLE;
|
Stub implementations for GetKernelObjectSecurity,
GetPrivateObjectSecurity, GetServiceKeyName{A,W},
ImpersonateNamedPipeClient, InitiateSystemShutdown{A,W},
IsTokenRestricted, LogonUser{A,W}, LookupAccountNameW,
LookupPrivilegeDisplayName{A,W}, MapGenericMask,
ObjectCloseAuditAlarm{A,W}, ObjectOpenAuditAlarm{A,W},
ObjectPrivilegeAuditAlarm{A,W}, PrivilegedServiceAuditAlarm{A,W},
QueryServiceLockStatus{A,W}, SetAclInformation,
SetPrivateObjectSecurity, SetSecurityDescriptorControl,
SetServiceBits, LsaSetInformationPolicy, LsaLookupNames,
LsaEnumerateTrustedDomains.
2005-01-03 18:12:51 +01:00
|
|
|
typedef ULONG LSA_ENUMERATION_HANDLE, *PLSA_ENUMERATION_HANDLE;
|
2007-08-30 19:58:15 +02:00
|
|
|
typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
|
1999-07-04 13:01:21 +02:00
|
|
|
|
2002-06-01 01:06:46 +02:00
|
|
|
typedef enum
|
1999-12-12 00:19:54 +01:00
|
|
|
{
|
|
|
|
PolicyAuditLogInformation = 1,
|
|
|
|
PolicyAuditEventsInformation,
|
|
|
|
PolicyPrimaryDomainInformation,
|
|
|
|
PolicyPdAccountInformation,
|
|
|
|
PolicyAccountDomainInformation,
|
|
|
|
PolicyLsaServerRoleInformation,
|
|
|
|
PolicyReplicaSourceInformation,
|
|
|
|
PolicyDefaultQuotaInformation,
|
|
|
|
PolicyModificationInformation,
|
|
|
|
PolicyAuditFullSetInformation,
|
|
|
|
PolicyAuditFullQueryInformation,
|
|
|
|
PolicyDnsDomainInformation
|
|
|
|
} POLICY_INFORMATION_CLASS, *PPOLICY_INFORMATION_CLASS;
|
|
|
|
|
- implementation of RtlReg* (read access), RtlEvent*, RtlSemaphore*,
NtAllocateLocallyUniqueId
- implementation or stubs for NtAccessCheck, NtSetSecurityObject,
RtlClearBits, RtlEqualPrefixSid, RtlFindClearBits,
RtlFormatCurrentUserKeyPath, RtlGetControlSecurityDescriptor,
RtlIdentifierAuthoritySid, RtlImpersonateSelf, RtlInitializeBitMap,
RtlInitializeGenericTable, RtlMakeSelfRelativeSD,
RtlPrefixUnicodeString, RtlSetBits, RtlUnicodeToMultiByteN,
RtlUpcaseUnicodeStringToOemString, RtlUpcaseUnicodeToOemN,
RtlValidSid, RtlxUnicodeStringToOemSize
- corrected most RtlString* functions, added documentation
- more fixes and partial implementations
2000-01-23 23:35:33 +01:00
|
|
|
typedef ULONG POLICY_AUDIT_EVENT_OPTIONS, *PPOLICY_AUDIT_EVENT_OPTIONS;
|
|
|
|
|
2002-09-11 02:48:26 +02:00
|
|
|
typedef struct _POLICY_AUDIT_EVENTS_INFO
|
- implementation of RtlReg* (read access), RtlEvent*, RtlSemaphore*,
NtAllocateLocallyUniqueId
- implementation or stubs for NtAccessCheck, NtSetSecurityObject,
RtlClearBits, RtlEqualPrefixSid, RtlFindClearBits,
RtlFormatCurrentUserKeyPath, RtlGetControlSecurityDescriptor,
RtlIdentifierAuthoritySid, RtlImpersonateSelf, RtlInitializeBitMap,
RtlInitializeGenericTable, RtlMakeSelfRelativeSD,
RtlPrefixUnicodeString, RtlSetBits, RtlUnicodeToMultiByteN,
RtlUpcaseUnicodeStringToOemString, RtlUpcaseUnicodeToOemN,
RtlValidSid, RtlxUnicodeStringToOemSize
- corrected most RtlString* functions, added documentation
- more fixes and partial implementations
2000-01-23 23:35:33 +01:00
|
|
|
{
|
|
|
|
BOOLEAN AuditingMode;
|
|
|
|
PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions;
|
|
|
|
ULONG MaximumAuditEventCount;
|
|
|
|
} POLICY_AUDIT_EVENTS_INFO, *PPOLICY_AUDIT_EVENTS_INFO;
|
|
|
|
|
2002-09-11 02:48:26 +02:00
|
|
|
typedef struct _POLICY_PRIMARY_DOMAIN_INFO
|
- implementation of RtlReg* (read access), RtlEvent*, RtlSemaphore*,
NtAllocateLocallyUniqueId
- implementation or stubs for NtAccessCheck, NtSetSecurityObject,
RtlClearBits, RtlEqualPrefixSid, RtlFindClearBits,
RtlFormatCurrentUserKeyPath, RtlGetControlSecurityDescriptor,
RtlIdentifierAuthoritySid, RtlImpersonateSelf, RtlInitializeBitMap,
RtlInitializeGenericTable, RtlMakeSelfRelativeSD,
RtlPrefixUnicodeString, RtlSetBits, RtlUnicodeToMultiByteN,
RtlUpcaseUnicodeStringToOemString, RtlUpcaseUnicodeToOemN,
RtlValidSid, RtlxUnicodeStringToOemSize
- corrected most RtlString* functions, added documentation
- more fixes and partial implementations
2000-01-23 23:35:33 +01:00
|
|
|
{
|
|
|
|
LSA_UNICODE_STRING Name;
|
|
|
|
PSID Sid;
|
|
|
|
} POLICY_PRIMARY_DOMAIN_INFO, *PPOLICY_PRIMARY_DOMAIN_INFO;
|
|
|
|
|
2002-09-11 02:48:26 +02:00
|
|
|
typedef struct _POLICY_ACCOUNT_DOMAIN_INFO
|
|
|
|
{
|
|
|
|
LSA_UNICODE_STRING DomainName;
|
|
|
|
PSID DomainSid;
|
|
|
|
} POLICY_ACCOUNT_DOMAIN_INFO, *PPOLICY_ACCOUNT_DOMAIN_INFO;
|
|
|
|
|
2006-07-11 13:10:36 +02:00
|
|
|
typedef struct _POLICY_DNS_DOMAIN_INFO
|
|
|
|
{
|
|
|
|
LSA_UNICODE_STRING Name;
|
|
|
|
LSA_UNICODE_STRING DnsDomainName;
|
|
|
|
LSA_UNICODE_STRING DnsForestName;
|
|
|
|
GUID DomainGuid;
|
|
|
|
PSID Sid;
|
|
|
|
} POLICY_DNS_DOMAIN_INFO, *PPOLICY_DNS_DOMAIN_INFO;
|
|
|
|
|
|
|
|
typedef enum _POLICY_LSA_SERVER_ROLE
|
|
|
|
{
|
|
|
|
PolicyServerRoleBackup = 2,
|
|
|
|
PolicyServerRolePrimary
|
|
|
|
} POLICY_LSA_SERVER_ROLE, *PPOLICY_LSA_SERVER_ROLE;
|
|
|
|
|
|
|
|
typedef struct _POLICY_LSA_SERVER_ROLE_INFO
|
|
|
|
{
|
|
|
|
POLICY_LSA_SERVER_ROLE LsaServerRole;
|
|
|
|
} POLICY_LSA_SERVER_ROLE_INFO, *PPOLICY_LSA_SERVER_ROLE_INFO;
|
|
|
|
|
|
|
|
typedef struct _POLICY_MODIFICATION_INFO
|
|
|
|
{
|
|
|
|
LARGE_INTEGER ModifiedId;
|
|
|
|
LARGE_INTEGER DatabaseCreationTime;
|
|
|
|
} POLICY_MODIFICATION_INFO, *PPOLICY_MODIFICATION_INFO;
|
|
|
|
|
2007-08-29 22:18:54 +02:00
|
|
|
typedef struct _SECURITY_LOGON_SESSION_DATA {
|
|
|
|
ULONG Size;
|
|
|
|
LUID LogonId;
|
|
|
|
LSA_UNICODE_STRING UserName;
|
|
|
|
LSA_UNICODE_STRING LogonDomain;
|
|
|
|
LSA_UNICODE_STRING AuthenticationPackage;
|
|
|
|
ULONG LogonType;
|
|
|
|
ULONG Session;
|
|
|
|
PSID Sid;
|
|
|
|
LARGE_INTEGER LogonTime;
|
|
|
|
LSA_UNICODE_STRING LogonServer;
|
|
|
|
LSA_UNICODE_STRING DnsDomainName;
|
|
|
|
LSA_UNICODE_STRING Upn;
|
|
|
|
} SECURITY_LOGON_SESSION_DATA, *PSECURITY_LOGON_SESSION_DATA;
|
|
|
|
|
2004-08-16 21:47:21 +02:00
|
|
|
typedef struct
|
|
|
|
{
|
|
|
|
SID_NAME_USE Use;
|
|
|
|
LSA_UNICODE_STRING Name;
|
|
|
|
LONG DomainIndex;
|
|
|
|
} LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME;
|
|
|
|
|
|
|
|
typedef struct
|
|
|
|
{
|
|
|
|
LSA_UNICODE_STRING Name;
|
|
|
|
PSID Sid;
|
|
|
|
} LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION;
|
|
|
|
|
|
|
|
typedef struct
|
|
|
|
{
|
|
|
|
ULONG Entries;
|
|
|
|
PLSA_TRUST_INFORMATION Domains;
|
|
|
|
} LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST;
|
- implementation of RtlReg* (read access), RtlEvent*, RtlSemaphore*,
NtAllocateLocallyUniqueId
- implementation or stubs for NtAccessCheck, NtSetSecurityObject,
RtlClearBits, RtlEqualPrefixSid, RtlFindClearBits,
RtlFormatCurrentUserKeyPath, RtlGetControlSecurityDescriptor,
RtlIdentifierAuthoritySid, RtlImpersonateSelf, RtlInitializeBitMap,
RtlInitializeGenericTable, RtlMakeSelfRelativeSD,
RtlPrefixUnicodeString, RtlSetBits, RtlUnicodeToMultiByteN,
RtlUpcaseUnicodeStringToOemString, RtlUpcaseUnicodeToOemN,
RtlValidSid, RtlxUnicodeStringToOemSize
- corrected most RtlString* functions, added documentation
- more fixes and partial implementations
2000-01-23 23:35:33 +01:00
|
|
|
|
Stub implementations for GetKernelObjectSecurity,
GetPrivateObjectSecurity, GetServiceKeyName{A,W},
ImpersonateNamedPipeClient, InitiateSystemShutdown{A,W},
IsTokenRestricted, LogonUser{A,W}, LookupAccountNameW,
LookupPrivilegeDisplayName{A,W}, MapGenericMask,
ObjectCloseAuditAlarm{A,W}, ObjectOpenAuditAlarm{A,W},
ObjectPrivilegeAuditAlarm{A,W}, PrivilegedServiceAuditAlarm{A,W},
QueryServiceLockStatus{A,W}, SetAclInformation,
SetPrivateObjectSecurity, SetSecurityDescriptorControl,
SetServiceBits, LsaSetInformationPolicy, LsaLookupNames,
LsaEnumerateTrustedDomains.
2005-01-03 18:12:51 +01:00
|
|
|
typedef struct _LSA_TRANSLATED_SID
|
|
|
|
{
|
|
|
|
SID_NAME_USE Use;
|
|
|
|
ULONG RelativeId;
|
|
|
|
LONG DomainIndex;
|
|
|
|
} LSA_TRANSLATED_SID, *PLSA_TRANSLATED_SID;
|
1999-12-12 00:19:54 +01:00
|
|
|
|
2006-03-11 11:54:54 +01:00
|
|
|
typedef struct _TRUSTED_DOMAIN_INFORMATION_EX
|
|
|
|
{
|
|
|
|
LSA_UNICODE_STRING Name;
|
|
|
|
LSA_UNICODE_STRING FlatName;
|
|
|
|
PSID Sid;
|
|
|
|
ULONG TrustDirection;
|
|
|
|
ULONG TrustType;
|
|
|
|
ULONG TrustAttributes;
|
|
|
|
} TRUSTED_DOMAIN_INFORMATION_EX, *PTRUSTED_DOMAIN_INFORMATION_EX;
|
|
|
|
|
|
|
|
typedef struct _LSA_AUTH_INFORMATION
|
|
|
|
{
|
|
|
|
LARGE_INTEGER LastUpdateTime;
|
|
|
|
ULONG AuthType;
|
|
|
|
ULONG AuthInfoLength;
|
|
|
|
PUCHAR AuthInfo;
|
|
|
|
} LSA_AUTH_INFORMATION, *PLSA_AUTH_INFORMATION;
|
|
|
|
|
|
|
|
typedef struct _TRUSTED_DOMAIN_AUTH_INFORMATION
|
|
|
|
{
|
|
|
|
ULONG IncomingAuthInfos;
|
|
|
|
PLSA_AUTH_INFORMATION IncomingAuthenticationInformation;
|
|
|
|
PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation;
|
|
|
|
ULONG OutgoingAuthInfos;
|
|
|
|
PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation;
|
|
|
|
PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation;
|
|
|
|
} TRUSTED_DOMAIN_AUTH_INFORMATION, *PTRUSTED_DOMAIN_AUTH_INFORMATION;
|
|
|
|
|
|
|
|
typedef struct _LSA_TRANSLATED_SID2
|
|
|
|
{
|
|
|
|
SID_NAME_USE Use;
|
|
|
|
PSID Sid;
|
|
|
|
LONG DomainIndex;
|
|
|
|
ULONG Flags;
|
|
|
|
} LSA_TRANSLATED_SID2, *PLSA_TRANSLATED_SID2;
|
|
|
|
|
|
|
|
typedef enum _TRUSTED_INFORMATION_CLASS
|
|
|
|
{
|
|
|
|
TrustedDomainNameInformation = 1,
|
|
|
|
TrustedControllersInformation,
|
|
|
|
TrustedPosixOffsetInformation,
|
|
|
|
TrustedPasswordInformation,
|
|
|
|
TrustedDomainInformationBasic,
|
|
|
|
TrustedDomainInformationEx,
|
|
|
|
TrustedDomainAuthInformation,
|
|
|
|
TrustedDomainFullInformation
|
|
|
|
} TRUSTED_INFORMATION_CLASS, *PTRUSTED_INFORMATION_CLASS;
|
|
|
|
|
|
|
|
typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS
|
|
|
|
{
|
|
|
|
PolicyNotifyAuditEventsInformation = 1,
|
|
|
|
PolicyNotifyAccountDomainInformation,
|
|
|
|
PolicyNotifyServerRoleInformation,
|
|
|
|
PolicyNotifyDnsDomainInformation,
|
|
|
|
PolicyNotifyDomainEfsInformation,
|
|
|
|
PolicyNotifyDomainKerberosTicketInformation,
|
|
|
|
PolicyNotifyMachineAccountPasswordInformation
|
|
|
|
} POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS;
|
|
|
|
|
2018-01-18 16:50:56 +01:00
|
|
|
#define MICROSOFT_KERBEROS_NAME_A "Kerberos"
|
2017-10-18 04:42:13 +02:00
|
|
|
#if defined(_MSC_VER)
|
|
|
|
#define MICROSOFT_KERBEROS_NAME_W L"Kerberos"
|
|
|
|
#elif defined(__GNUC__)
|
|
|
|
#define MICROSOFT_KERBEROS_NAME_W (const WCHAR []){ 'K','e','r','b','e','r','o','s',0 }
|
|
|
|
#else /* _MSC_VER/__GNUC__ */
|
|
|
|
static const WCHAR MICROSOFT_KERBEROS_NAME_W[] = { 'K','e','r','b','e','r','o','s',0 };
|
|
|
|
#endif
|
|
|
|
|
2018-01-29 04:10:06 +01:00
|
|
|
#define KERB_TICKET_FLAGS_reserved 0x80000000
|
|
|
|
#define KERB_TICKET_FLAGS_forwardable 0x40000000
|
|
|
|
#define KERB_TICKET_FLAGS_forwarded 0x20000000
|
|
|
|
#define KERB_TICKET_FLAGS_proxiable 0x10000000
|
|
|
|
#define KERB_TICKET_FLAGS_proxy 0x08000000
|
|
|
|
#define KERB_TICKET_FLAGS_may_postdate 0x04000000
|
|
|
|
#define KERB_TICKET_FLAGS_postdated 0x02000000
|
|
|
|
#define KERB_TICKET_FLAGS_invalid 0x01000000
|
|
|
|
#define KERB_TICKET_FLAGS_renewable 0x00800000
|
|
|
|
#define KERB_TICKET_FLAGS_initial 0x00400000
|
|
|
|
#define KERB_TICKET_FLAGS_pre_authent 0x00200000
|
|
|
|
#define KERB_TICKET_FLAGS_hw_authent 0x00100000
|
|
|
|
#define KERB_TICKET_FLAGS_ok_as_delegate 0x00040000
|
|
|
|
#define KERB_TICKET_FLAGS_name_canonicalize 0x00010000
|
|
|
|
#define KERB_TICKET_FLAGS_cname_in_pa_data 0x00040000
|
|
|
|
#define KERB_TICKET_FLAGS_reserved1 0x00000001
|
|
|
|
|
|
|
|
typedef enum _KERB_PROTOCOL_MESSAGE_TYPE
|
|
|
|
{
|
|
|
|
KerbDebugRequestMessage = 0,
|
|
|
|
KerbQueryTicketCacheMessage,
|
|
|
|
KerbChangeMachinePasswordMessage,
|
|
|
|
KerbVerifyPacMessage,
|
|
|
|
KerbRetrieveTicketMessage,
|
|
|
|
KerbUpdateAddressesMessage,
|
|
|
|
KerbPurgeTicketCacheMessage,
|
|
|
|
KerbChangePasswordMessage,
|
|
|
|
KerbRetrieveEncodedTicketMessage,
|
|
|
|
KerbDecryptDataMessage,
|
|
|
|
KerbAddBindingCacheEntryMessage,
|
|
|
|
KerbSetPasswordMessage,
|
|
|
|
KerbSetPasswordExMessage,
|
|
|
|
KerbVerifyCredentialsMessage,
|
|
|
|
KerbQueryTicketCacheExMessage,
|
|
|
|
KerbPurgeTicketCacheExMessage,
|
|
|
|
KerbRefreshSmartcardCredentialsMessage,
|
|
|
|
KerbAddExtraCredentialsMessage,
|
|
|
|
KerbQuerySupplementalCredentialsMessage,
|
|
|
|
KerbTransferCredentialsMessage,
|
|
|
|
KerbQueryTicketCacheEx2Message,
|
|
|
|
KerbSubmitTicketMessage,
|
|
|
|
KerbAddExtraCredentialsExMessage,
|
|
|
|
KerbQueryKdcProxyCacheMessage,
|
|
|
|
KerbPurgeKdcProxyCacheMessage,
|
|
|
|
KerbQueryTicketCacheEx3Message,
|
|
|
|
KerbCleanupMachinePkinitCredsMessage,
|
|
|
|
KerbAddBindingCacheEntryExMessage,
|
|
|
|
KerbQueryBindingCacheMessage,
|
|
|
|
KerbPurgeBindingCacheMessage,
|
|
|
|
KerbQueryDomainExtendedPoliciesMessage,
|
|
|
|
KerbQueryS4U2ProxyCacheMessage
|
|
|
|
} KERB_PROTOCOL_MESSAGE_TYPE, *PKERB_PROTOCOL_MESSAGE_TYPE;
|
|
|
|
|
|
|
|
typedef struct _KERB_TICKET_CACHE_INFO
|
|
|
|
{
|
|
|
|
UNICODE_STRING ServerName;
|
|
|
|
UNICODE_STRING RealmName;
|
|
|
|
LARGE_INTEGER StartTime;
|
|
|
|
LARGE_INTEGER EndTime;
|
|
|
|
LARGE_INTEGER RenewTime;
|
|
|
|
LONG EncryptionType;
|
|
|
|
ULONG TicketFlags;
|
|
|
|
} KERB_TICKET_CACHE_INFO, *PKERB_TICKET_CACHE_INFO;
|
|
|
|
|
|
|
|
typedef struct _KERB_QUERY_TKT_CACHE_REQUEST
|
|
|
|
{
|
|
|
|
KERB_PROTOCOL_MESSAGE_TYPE MessageType;
|
|
|
|
LUID LogonId;
|
|
|
|
} KERB_QUERY_TKT_CACHE_REQUEST, *PKERB_QUERY_TKT_CACHE_REQUEST;
|
|
|
|
|
|
|
|
typedef struct _KERB_QUERY_TKT_CACHE_RESPONSE
|
|
|
|
{
|
|
|
|
KERB_PROTOCOL_MESSAGE_TYPE MessageType;
|
|
|
|
ULONG CountOfTickets;
|
|
|
|
KERB_TICKET_CACHE_INFO Tickets[ANYSIZE_ARRAY];
|
|
|
|
} KERB_QUERY_TKT_CACHE_RESPONSE, *PKERB_QUERY_TKT_CACHE_RESPONSE;
|
|
|
|
|
|
|
|
typedef struct _KERB_RETRIEVE_TKT_REQUEST
|
|
|
|
{
|
|
|
|
KERB_PROTOCOL_MESSAGE_TYPE MessageType;
|
|
|
|
LUID LogonId;
|
|
|
|
UNICODE_STRING TargetName;
|
|
|
|
ULONG TicketFlags;
|
|
|
|
ULONG CacheOptions;
|
|
|
|
LONG EncryptionType;
|
|
|
|
SecHandle CredentialsHandle;
|
|
|
|
} KERB_RETRIEVE_TKT_REQUEST, *PKERB_RETRIEVE_TKT_REQUEST;
|
|
|
|
|
|
|
|
typedef struct _KERB_PURGE_TKT_CACHE_REQUEST
|
|
|
|
{
|
|
|
|
KERB_PROTOCOL_MESSAGE_TYPE MessageType;
|
|
|
|
LUID LogonId;
|
|
|
|
UNICODE_STRING ServerName;
|
|
|
|
UNICODE_STRING RealmName;
|
|
|
|
} KERB_PURGE_TKT_CACHE_REQUEST, *PKERB_PURGE_TKT_CACHE_REQUEST;
|
|
|
|
|
2006-08-04 03:47:50 +02:00
|
|
|
#define RtlGenRandom SystemFunction036
|
2010-03-21 16:31:02 +01:00
|
|
|
#define RtlEncryptMemory SystemFunction040
|
|
|
|
#define RtlDecryptMemory SystemFunction041
|
2006-08-04 03:47:50 +02:00
|
|
|
|
|
|
|
BOOLEAN WINAPI RtlGenRandom(PVOID,ULONG);
|
2010-03-21 16:31:02 +01:00
|
|
|
NTSTATUS WINAPI RtlEncryptMemory(PVOID,ULONG,ULONG);
|
|
|
|
NTSTATUS WINAPI RtlDecryptMemory(PVOID,ULONG,ULONG);
|
2006-08-04 03:47:50 +02:00
|
|
|
|
2006-03-11 11:54:54 +01:00
|
|
|
NTSTATUS WINAPI LsaAddAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING,ULONG);
|
2005-08-16 18:01:49 +02:00
|
|
|
NTSTATUS WINAPI LsaCallAuthenticationPackage(HANDLE,ULONG,PVOID,ULONG,PVOID*,PULONG,PNTSTATUS);
|
Stub implementations for GetKernelObjectSecurity,
GetPrivateObjectSecurity, GetServiceKeyName{A,W},
ImpersonateNamedPipeClient, InitiateSystemShutdown{A,W},
IsTokenRestricted, LogonUser{A,W}, LookupAccountNameW,
LookupPrivilegeDisplayName{A,W}, MapGenericMask,
ObjectCloseAuditAlarm{A,W}, ObjectOpenAuditAlarm{A,W},
ObjectPrivilegeAuditAlarm{A,W}, PrivilegedServiceAuditAlarm{A,W},
QueryServiceLockStatus{A,W}, SetAclInformation,
SetPrivateObjectSecurity, SetSecurityDescriptorControl,
SetServiceBits, LsaSetInformationPolicy, LsaLookupNames,
LsaEnumerateTrustedDomains.
2005-01-03 18:12:51 +01:00
|
|
|
NTSTATUS WINAPI LsaClose(LSA_HANDLE);
|
2005-07-18 11:11:14 +02:00
|
|
|
NTSTATUS WINAPI LsaConnectUntrusted(PHANDLE);
|
2006-03-11 11:54:54 +01:00
|
|
|
NTSTATUS WINAPI LsaCreateTrustedDomainEx(LSA_HANDLE,PTRUSTED_DOMAIN_INFORMATION_EX,
|
|
|
|
PTRUSTED_DOMAIN_AUTH_INFORMATION,ACCESS_MASK,PLSA_HANDLE);
|
|
|
|
NTSTATUS WINAPI LsaDeleteTrustedDomain(LSA_HANDLE,PSID);
|
2005-07-18 11:11:14 +02:00
|
|
|
NTSTATUS WINAPI LsaDeregisterLogonProcess(HANDLE);
|
2006-03-11 11:54:54 +01:00
|
|
|
NTSTATUS WINAPI LsaEnumerateAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING*,PULONG);
|
|
|
|
NTSTATUS WINAPI LsaEnumerateAccountsWithUserRight(LSA_HANDLE,PLSA_UNICODE_STRING,PVOID*,PULONG);
|
2007-09-01 02:45:33 +02:00
|
|
|
NTSTATUS WINAPI LsaEnumerateLogonSessions(PULONG,PLUID*);
|
Stub implementations for GetKernelObjectSecurity,
GetPrivateObjectSecurity, GetServiceKeyName{A,W},
ImpersonateNamedPipeClient, InitiateSystemShutdown{A,W},
IsTokenRestricted, LogonUser{A,W}, LookupAccountNameW,
LookupPrivilegeDisplayName{A,W}, MapGenericMask,
ObjectCloseAuditAlarm{A,W}, ObjectOpenAuditAlarm{A,W},
ObjectPrivilegeAuditAlarm{A,W}, PrivilegedServiceAuditAlarm{A,W},
QueryServiceLockStatus{A,W}, SetAclInformation,
SetPrivateObjectSecurity, SetSecurityDescriptorControl,
SetServiceBits, LsaSetInformationPolicy, LsaLookupNames,
LsaEnumerateTrustedDomains.
2005-01-03 18:12:51 +01:00
|
|
|
NTSTATUS WINAPI LsaEnumerateTrustedDomains(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,PVOID*,ULONG,PULONG);
|
2006-03-11 11:54:54 +01:00
|
|
|
NTSTATUS WINAPI LsaEnumerateTrustedDomainsEx(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,PVOID*,ULONG,PULONG);
|
1999-12-12 00:19:54 +01:00
|
|
|
NTSTATUS WINAPI LsaFreeMemory(PVOID);
|
2007-09-01 02:45:33 +02:00
|
|
|
NTSTATUS WINAPI LsaFreeReturnBuffer(PVOID);
|
|
|
|
NTSTATUS WINAPI LsaGetLogonSessionData(PLUID,PSECURITY_LOGON_SESSION_DATA*);
|
|
|
|
NTSTATUS WINAPI LsaLogonUser(HANDLE,PLSA_STRING,SECURITY_LOGON_TYPE,ULONG,PVOID,ULONG,PTOKEN_GROUPS,PTOKEN_SOURCE,PVOID*,PULONG,PLUID,PHANDLE,PQUOTA_LIMITS,PNTSTATUS);
|
|
|
|
NTSTATUS WINAPI LsaLookupAuthenticationPackage(HANDLE,PLSA_STRING,PULONG);
|
2006-03-21 18:16:47 +01:00
|
|
|
NTSTATUS WINAPI LsaLookupNames(LSA_HANDLE,ULONG,PLSA_UNICODE_STRING,PLSA_REFERENCED_DOMAIN_LIST*,
|
Stub implementations for GetKernelObjectSecurity,
GetPrivateObjectSecurity, GetServiceKeyName{A,W},
ImpersonateNamedPipeClient, InitiateSystemShutdown{A,W},
IsTokenRestricted, LogonUser{A,W}, LookupAccountNameW,
LookupPrivilegeDisplayName{A,W}, MapGenericMask,
ObjectCloseAuditAlarm{A,W}, ObjectOpenAuditAlarm{A,W},
ObjectPrivilegeAuditAlarm{A,W}, PrivilegedServiceAuditAlarm{A,W},
QueryServiceLockStatus{A,W}, SetAclInformation,
SetPrivateObjectSecurity, SetSecurityDescriptorControl,
SetServiceBits, LsaSetInformationPolicy, LsaLookupNames,
LsaEnumerateTrustedDomains.
2005-01-03 18:12:51 +01:00
|
|
|
PLSA_TRANSLATED_SID*);
|
2006-03-11 11:54:54 +01:00
|
|
|
NTSTATUS WINAPI LsaLookupNames2(LSA_HANDLE,ULONG,ULONG,PLSA_UNICODE_STRING,PLSA_REFERENCED_DOMAIN_LIST*,
|
|
|
|
PLSA_TRANSLATED_SID2*);
|
2005-01-21 11:15:50 +01:00
|
|
|
NTSTATUS WINAPI LsaLookupSids(LSA_HANDLE,ULONG,PSID *,PLSA_REFERENCED_DOMAIN_LIST *,PLSA_TRANSLATED_NAME *);
|
Stub implementations for GetKernelObjectSecurity,
GetPrivateObjectSecurity, GetServiceKeyName{A,W},
ImpersonateNamedPipeClient, InitiateSystemShutdown{A,W},
IsTokenRestricted, LogonUser{A,W}, LookupAccountNameW,
LookupPrivilegeDisplayName{A,W}, MapGenericMask,
ObjectCloseAuditAlarm{A,W}, ObjectOpenAuditAlarm{A,W},
ObjectPrivilegeAuditAlarm{A,W}, PrivilegedServiceAuditAlarm{A,W},
QueryServiceLockStatus{A,W}, SetAclInformation,
SetPrivateObjectSecurity, SetSecurityDescriptorControl,
SetServiceBits, LsaSetInformationPolicy, LsaLookupNames,
LsaEnumerateTrustedDomains.
2005-01-03 18:12:51 +01:00
|
|
|
ULONG WINAPI LsaNtStatusToWinError(NTSTATUS);
|
|
|
|
NTSTATUS WINAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,ACCESS_MASK,PLSA_HANDLE);
|
2006-03-11 11:54:54 +01:00
|
|
|
NTSTATUS WINAPI LsaOpenTrustedDomainByName(LSA_HANDLE,PLSA_UNICODE_STRING,ACCESS_MASK,PLSA_HANDLE);
|
Stub implementations for GetKernelObjectSecurity,
GetPrivateObjectSecurity, GetServiceKeyName{A,W},
ImpersonateNamedPipeClient, InitiateSystemShutdown{A,W},
IsTokenRestricted, LogonUser{A,W}, LookupAccountNameW,
LookupPrivilegeDisplayName{A,W}, MapGenericMask,
ObjectCloseAuditAlarm{A,W}, ObjectOpenAuditAlarm{A,W},
ObjectPrivilegeAuditAlarm{A,W}, PrivilegedServiceAuditAlarm{A,W},
QueryServiceLockStatus{A,W}, SetAclInformation,
SetPrivateObjectSecurity, SetSecurityDescriptorControl,
SetServiceBits, LsaSetInformationPolicy, LsaLookupNames,
LsaEnumerateTrustedDomains.
2005-01-03 18:12:51 +01:00
|
|
|
NTSTATUS WINAPI LsaQueryInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID*);
|
2006-03-11 11:54:54 +01:00
|
|
|
NTSTATUS WINAPI LsaQueryTrustedDomainInfo(LSA_HANDLE,PSID,TRUSTED_INFORMATION_CLASS,PVOID*);
|
|
|
|
NTSTATUS WINAPI LsaQueryTrustedDomainInfoByName(LSA_HANDLE,PLSA_UNICODE_STRING,TRUSTED_INFORMATION_CLASS,PVOID*);
|
2007-09-01 02:45:33 +02:00
|
|
|
NTSTATUS WINAPI LsaRegisterLogonProcess(PLSA_STRING,PHANDLE,PLSA_OPERATIONAL_MODE);
|
2006-03-11 11:54:54 +01:00
|
|
|
NTSTATUS WINAPI LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS,HANDLE);
|
|
|
|
NTSTATUS WINAPI LsaRemoveAccountRights(LSA_HANDLE,PSID,BOOLEAN,PLSA_UNICODE_STRING,ULONG);
|
2005-06-13 12:04:20 +02:00
|
|
|
NTSTATUS WINAPI LsaRetrievePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING*);
|
Stub implementations for GetKernelObjectSecurity,
GetPrivateObjectSecurity, GetServiceKeyName{A,W},
ImpersonateNamedPipeClient, InitiateSystemShutdown{A,W},
IsTokenRestricted, LogonUser{A,W}, LookupAccountNameW,
LookupPrivilegeDisplayName{A,W}, MapGenericMask,
ObjectCloseAuditAlarm{A,W}, ObjectOpenAuditAlarm{A,W},
ObjectPrivilegeAuditAlarm{A,W}, PrivilegedServiceAuditAlarm{A,W},
QueryServiceLockStatus{A,W}, SetAclInformation,
SetPrivateObjectSecurity, SetSecurityDescriptorControl,
SetServiceBits, LsaSetInformationPolicy, LsaLookupNames,
LsaEnumerateTrustedDomains.
2005-01-03 18:12:51 +01:00
|
|
|
NTSTATUS WINAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID);
|
2006-03-11 11:54:54 +01:00
|
|
|
NTSTATUS WINAPI LsaSetTrustedDomainInfoByName(LSA_HANDLE,PLSA_UNICODE_STRING,TRUSTED_INFORMATION_CLASS,PVOID);
|
|
|
|
NTSTATUS WINAPI LsaSetTrustedDomainInformation(LSA_HANDLE,PSID,TRUSTED_INFORMATION_CLASS,PVOID);
|
2005-06-13 12:04:20 +02:00
|
|
|
NTSTATUS WINAPI LsaStorePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING);
|
2006-03-11 11:54:54 +01:00
|
|
|
NTSTATUS WINAPI LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS,HANDLE);
|
1999-12-12 00:19:54 +01:00
|
|
|
|
1999-07-04 13:01:21 +02:00
|
|
|
#ifdef __cplusplus
|
|
|
|
} /* extern "C" */
|
|
|
|
#endif /* defined(__cplusplus) */
|
|
|
|
|
|
|
|
#endif /* !defined(__WINE_NTSECAPI_H) */
|