2 * Copyright (C) 1999 Juergen Schmied
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 #ifndef __WINE_NTSECAPI_H
20 #define __WINE_NTSECAPI_H
24 #endif /* defined(__cplusplus) */
26 typedef enum _SECURITY_LOGON_TYPE {
37 CachedRemoteInteractive,
39 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
41 typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS {
43 PolicyNotifyAuditEventsInformation = 1,
44 PolicyNotifyAccountDomainInformation,
45 PolicyNotifyServerRoleInformation,
46 PolicyNotifyDnsDomainInformation,
47 PolicyNotifyDomainEfsInformation,
48 PolicyNotifyDomainKerberosTicketInformation,
49 PolicyNotifyMachineAccountPasswordInformation
51 } POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS;
53 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
55 /* Policy access rights */
56 #define POLICY_VIEW_LOCAL_INFORMATION 0x00000001L
57 #define POLICY_VIEW_AUDIT_INFORMATION 0x00000002L
58 #define POLICY_GET_PRIVATE_INFORMATION 0x00000004L
59 #define POLICY_TRUST_ADMIN 0x00000008L
60 #define POLICY_CREATE_ACCOUNT 0x00000010L
61 #define POLICY_CREATE_SECRET 0x00000020L
62 #define POLICY_CREATE_PRIVILEGE 0x00000040L
63 #define POLICY_SET_DEFAULT_QUOTA_LIMITS 0x00000080L
64 #define POLICY_SET_AUDIT_REQUIREMENTS 0x00000100L
65 #define POLICY_AUDIT_LOG_ADMIN 0x00000200L
66 #define POLICY_SERVER_ADMIN 0x00000400L
67 #define POLICY_LOOKUP_NAMES 0x00000800L
68 #define POLICY_NOTIFICATION 0x00001000L
70 #define POLICY_ALL_ACCESS ( \
71 STANDARD_RIGHTS_REQUIRED | \
72 POLICY_VIEW_LOCAL_INFORMATION | \
73 POLICY_VIEW_AUDIT_INFORMATION | \
74 POLICY_GET_PRIVATE_INFORMATION | \
75 POLICY_TRUST_ADMIN | \
76 POLICY_CREATE_ACCOUNT | \
77 POLICY_CREATE_SECRET | \
78 POLICY_CREATE_PRIVILEGE | \
79 POLICY_SET_DEFAULT_QUOTA_LIMITS | \
80 POLICY_SET_AUDIT_REQUIREMENTS | \
81 POLICY_AUDIT_LOG_ADMIN | \
82 POLICY_SERVER_ADMIN | \
86 #define POLICY_READ ( \
87 STANDARD_RIGHTS_READ | \
88 POLICY_VIEW_AUDIT_INFORMATION | \
89 POLICY_GET_PRIVATE_INFORMATION)
91 #define POLICY_WRITE ( \
92 STANDARD_RIGHTS_WRITE | \
93 POLICY_TRUST_ADMIN | \
94 POLICY_CREATE_ACCOUNT | \
95 POLICY_CREATE_SECRET | \
96 POLICY_CREATE_PRIVILEGE | \
97 POLICY_SET_DEFAULT_QUOTA_LIMITS | \
98 POLICY_SET_AUDIT_REQUIREMENTS | \
99 POLICY_AUDIT_LOG_ADMIN | \
102 #define POLICY_EXECUTE ( \
103 STANDARD_RIGHTS_EXECUTE | \
104 POLICY_VIEW_LOCAL_INFORMATION | \
107 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
108 /* FIXME: Microsoft declares an LSA_STRING as ascii but changing this breaks secur32.dll so someone will need to figure out what to do here */
109 typedef struct _LSA_STRING
112 USHORT MaximumLength;
114 } LSA_STRING, *PLSA_STRING;
115 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
117 typedef PVOID LSA_HANDLE, *PLSA_HANDLE;
121 PolicyAuditLogInformation = 1,
122 PolicyAuditEventsInformation,
123 PolicyPrimaryDomainInformation,
124 PolicyPdAccountInformation,
125 PolicyAccountDomainInformation,
126 PolicyLsaServerRoleInformation,
127 PolicyReplicaSourceInformation,
128 PolicyDefaultQuotaInformation,
129 PolicyModificationInformation,
130 PolicyAuditFullSetInformation,
131 PolicyAuditFullQueryInformation,
132 PolicyDnsDomainInformation
133 } POLICY_INFORMATION_CLASS, *PPOLICY_INFORMATION_CLASS;
135 typedef ULONG POLICY_AUDIT_EVENT_OPTIONS, *PPOLICY_AUDIT_EVENT_OPTIONS;
137 typedef struct _POLICY_AUDIT_EVENTS_INFO
139 WINBOOL AuditingMode;
140 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions;
141 ULONG MaximumAuditEventCount;
142 } POLICY_AUDIT_EVENTS_INFO, *PPOLICY_AUDIT_EVENTS_INFO;
144 typedef struct _LSA_FOREST_TRUST_DOMAIN_INFO {
147 LSA_UNICODE_STRING DnsName;
148 LSA_UNICODE_STRING NetbiosName;
150 } LSA_FOREST_TRUST_DOMAIN_INFO, *PLSA_FOREST_TRUST_DOMAIN_INFO;
153 #define MAX_FOREST_TRUST_BINARY_DATA_SIZE ( 128 * 1024 )
155 typedef struct _LSA_FOREST_TRUST_BINARY_DATA {
160 } LSA_FOREST_TRUST_BINARY_DATA, *PLSA_FOREST_TRUST_BINARY_DATA;
164 ForestTrustTopLevelName,
165 ForestTrustTopLevelNameEx,
166 ForestTrustDomainInfo,
167 ForestTrustRecordTypeLast = ForestTrustDomainInfo
169 } LSA_FOREST_TRUST_RECORD_TYPE;
171 typedef struct _LSA_AUTH_INFORMATION {
173 LARGE_INTEGER LastUpdateTime;
175 ULONG AuthInfoLength;
177 } LSA_AUTH_INFORMATION, *PLSA_AUTH_INFORMATION;
179 typedef struct _TRUSTED_DOMAIN_AUTH_INFORMATION {
181 ULONG IncomingAuthInfos;
182 PLSA_AUTH_INFORMATION IncomingAuthenticationInformation;
183 PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation;
184 ULONG OutgoingAuthInfos;
185 PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation;
186 PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation;
188 } TRUSTED_DOMAIN_AUTH_INFORMATION, *PTRUSTED_DOMAIN_AUTH_INFORMATION;
190 typedef struct _LSA_FOREST_TRUST_RECORD {
193 LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType;
199 LSA_UNICODE_STRING TopLevelName;
200 LSA_FOREST_TRUST_DOMAIN_INFO DomainInfo;
201 LSA_FOREST_TRUST_BINARY_DATA Data;
204 } LSA_FOREST_TRUST_RECORD, *PLSA_FOREST_TRUST_RECORD;
206 typedef struct _LSA_TRANSLATED_SID {
212 } LSA_TRANSLATED_SID, *PLSA_TRANSLATED_SID;
214 typedef struct _LSA_TRANSLATED_SID2 {
221 } LSA_TRANSLATED_SID2, *PLSA_TRANSLATED_SID2;
223 typedef struct _LSA_TRANSLATED_NAME {
226 LSA_UNICODE_STRING Name;
229 } LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME;
237 } LSA_FOREST_TRUST_COLLISION_RECORD_TYPE;
239 typedef struct _LSA_FOREST_TRUST_COLLISION_RECORD {
242 LSA_FOREST_TRUST_COLLISION_RECORD_TYPE Type;
244 LSA_UNICODE_STRING Name;
246 } LSA_FOREST_TRUST_COLLISION_RECORD, *PLSA_FOREST_TRUST_COLLISION_RECORD;
248 typedef struct _LSA_FOREST_TRUST_COLLISION_INFORMATION {
251 PLSA_FOREST_TRUST_COLLISION_RECORD * Entries;
253 } LSA_FOREST_TRUST_COLLISION_INFORMATION, *PLSA_FOREST_TRUST_COLLISION_INFORMATION;
255 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX {
257 LSA_UNICODE_STRING Name;
258 LSA_UNICODE_STRING FlatName;
260 ULONG TrustDirection;
262 ULONG TrustAttributes;
264 } TRUSTED_DOMAIN_INFORMATION_EX, *PTRUSTED_DOMAIN_INFORMATION_EX;
266 typedef ULONG LSA_ENUMERATION_HANDLE, *PLSA_ENUMERATION_HANDLE;
268 typedef struct _LSA_TRUST_INFORMATION {
270 LSA_UNICODE_STRING Name;
273 } LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION;
275 typedef struct _LSA_REFERENCED_DOMAIN_LIST {
278 PLSA_TRUST_INFORMATION Domains;
280 } LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST;
282 typedef enum _POLICY_DOMAIN_INFORMATION_CLASS {
284 PolicyDomainEfsInformation = 2,
285 PolicyDomainKerberosTicketInformation
287 } POLICY_DOMAIN_INFORMATION_CLASS, *PPOLICY_DOMAIN_INFORMATION_CLASS;
289 typedef struct _POLICY_PRIMARY_DOMAIN_INFO
291 LSA_UNICODE_STRING Name;
293 } POLICY_PRIMARY_DOMAIN_INFO, *PPOLICY_PRIMARY_DOMAIN_INFO;
295 typedef struct _POLICY_ACCOUNT_DOMAIN_INFO
297 LSA_UNICODE_STRING DomainName;
299 } POLICY_ACCOUNT_DOMAIN_INFO, *PPOLICY_ACCOUNT_DOMAIN_INFO;
301 typedef struct _LSA_FOREST_TRUST_INFORMATION {
304 PLSA_FOREST_TRUST_RECORD * Entries;
306 } LSA_FOREST_TRUST_INFORMATION, *PLSA_FOREST_TRUST_INFORMATION;
308 typedef struct _SECURITY_LOGON_SESSION_DATA {
311 LSA_UNICODE_STRING UserName ;
312 LSA_UNICODE_STRING LogonDomain ;
313 LSA_UNICODE_STRING AuthenticationPackage ;
317 LARGE_INTEGER LogonTime ;
318 LSA_UNICODE_STRING LogonServer ;
319 LSA_UNICODE_STRING DnsDomainName ;
320 LSA_UNICODE_STRING Upn ;
321 } SECURITY_LOGON_SESSION_DATA, * PSECURITY_LOGON_SESSION_DATA ;
323 typedef enum _TRUSTED_INFORMATION_CLASS {
325 TrustedDomainNameInformation = 1,
326 TrustedControllersInformation,
327 TrustedPosixOffsetInformation,
328 TrustedPasswordInformation,
329 TrustedDomainInformationBasic,
330 TrustedDomainInformationEx,
331 TrustedDomainAuthInformation,
332 TrustedDomainFullInformation,
333 TrustedDomainAuthInformationInternal,
334 TrustedDomainFullInformationInternal,
335 TrustedDomainInformationEx2Internal,
336 TrustedDomainFullInformation2Internal,
338 } TRUSTED_INFORMATION_CLASS, *PTRUSTED_INFORMATION_CLASS;
342 LsaNtStatusToWinError(NTSTATUS Status);
345 LsaOpenPolicy(PLSA_UNICODE_STRING lsaucs,PLSA_OBJECT_ATTRIBUTES lsaoa,ACCESS_MASK access,PLSA_HANDLE lsah);
348 LsaQueryInformationPolicy(LSA_HANDLE lsah,POLICY_INFORMATION_CLASS pic,PVOID* pv);
351 LsaFreeMemory(PVOID pv);
354 LsaClose(LSA_HANDLE ObjectHandle);
358 LSA_HANDLE PolicyHandle,
360 PLSA_UNICODE_STRING UserRights,
365 LsaCreateTrustedDomainEx(
366 LSA_HANDLE PolicyHandle,
367 PTRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,
368 PTRUSTED_DOMAIN_AUTH_INFORMATION AuthenticationInformation,
369 ACCESS_MASK DesiredAccess,
370 PLSA_HANDLE TrustedDomainHandle
374 LsaDeleteTrustedDomain(
375 LSA_HANDLE PolicyHandle,
376 PSID TrustedDomainSid
380 LsaEnumerateAccountRights(
381 LSA_HANDLE PolicyHandle,
383 PLSA_UNICODE_STRING *UserRights,
388 LsaEnumerateAccountsWithUserRight(
389 LSA_HANDLE PolicyHandle,
390 OPTIONAL PLSA_UNICODE_STRING UserRights,
391 PVOID *EnumerationBuffer,
396 LsaEnumerateTrustedDomains(
397 LSA_HANDLE PolicyHandle,
398 PLSA_ENUMERATION_HANDLE EnumerationContext,
400 ULONG PreferedMaximumLength,
405 LsaEnumerateTrustedDomainsEx(
406 LSA_HANDLE PolicyHandle,
407 PLSA_ENUMERATION_HANDLE EnumerationContext,
409 ULONG PreferedMaximumLength,
415 LSA_HANDLE PolicyHandle,
417 PLSA_UNICODE_STRING Names,
418 PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
419 PLSA_TRANSLATED_SID *Sids
424 LSA_HANDLE PolicyHandle,
427 PLSA_UNICODE_STRING Names,
428 PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
429 PLSA_TRANSLATED_SID2 *Sids
434 LSA_HANDLE PolicyHandle,
437 PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
438 PLSA_TRANSLATED_NAME *Names
442 LsaOpenTrustedDomainByName(
443 LSA_HANDLE PolicyHandle,
444 PLSA_UNICODE_STRING TrustedDomainName,
445 ACCESS_MASK DesiredAccess,
446 PLSA_HANDLE TrustedDomainHandle
450 LsaQueryDomainInformationPolicy(
451 LSA_HANDLE PolicyHandle,
452 POLICY_DOMAIN_INFORMATION_CLASS InformationClass,
457 LsaQueryForestTrustInformation(
458 LSA_HANDLE PolicyHandle,
459 PLSA_UNICODE_STRING TrustedDomainName,
460 PLSA_FOREST_TRUST_INFORMATION * ForestTrustInfo
464 LsaQueryTrustedDomainInfoByName(
465 LSA_HANDLE PolicyHandle,
466 PLSA_UNICODE_STRING TrustedDomainName,
467 TRUSTED_INFORMATION_CLASS InformationClass,
472 LsaQueryTrustedDomainInfo(
473 LSA_HANDLE PolicyHandle,
474 PSID TrustedDomainSid,
475 TRUSTED_INFORMATION_CLASS InformationClass,
480 LsaRemoveAccountRights(
481 LSA_HANDLE PolicyHandle,
484 PLSA_UNICODE_STRING UserRights,
489 LsaRetrievePrivateData(
490 LSA_HANDLE PolicyHandle,
491 PLSA_UNICODE_STRING KeyName,
492 PLSA_UNICODE_STRING * PrivateData
496 LsaSetDomainInformationPolicy(
497 LSA_HANDLE PolicyHandle,
498 POLICY_DOMAIN_INFORMATION_CLASS InformationClass,
503 LsaSetInformationPolicy(
504 LSA_HANDLE PolicyHandle,
505 POLICY_INFORMATION_CLASS InformationClass,
510 LsaSetForestTrustInformation(
511 LSA_HANDLE PolicyHandle,
512 PLSA_UNICODE_STRING TrustedDomainName,
513 PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo,
515 PLSA_FOREST_TRUST_COLLISION_INFORMATION * CollisionInfo
519 LsaSetTrustedDomainInfoByName(
520 LSA_HANDLE PolicyHandle,
521 PLSA_UNICODE_STRING TrustedDomainName,
522 TRUSTED_INFORMATION_CLASS InformationClass,
527 LsaSetTrustedDomainInformation(
528 LSA_HANDLE PolicyHandle,
529 PSID TrustedDomainSid,
530 TRUSTED_INFORMATION_CLASS InformationClass,
536 LSA_HANDLE PolicyHandle,
537 PLSA_UNICODE_STRING KeyName,
538 PLSA_UNICODE_STRING PrivateData
542 LsaEnumerateLogonSessions(
543 PULONG LogonSessionCount,
544 PLUID * LogonSessionList
549 LsaGetLogonSessionData(
551 PSECURITY_LOGON_SESSION_DATA * ppLogonSessionData
555 LsaRegisterPolicyChangeNotification(
556 POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,
557 HANDLE NotificationEventHandle
562 LsaUnregisterPolicyChangeNotification(
563 POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,
564 HANDLE NotificationEventHandle
570 #endif /* defined(__cplusplus) */
572 #endif /* !defined(__WINE_NTSECAPI_H) */