/* * Copyright (C) 1999 Juergen Schmied * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ #ifndef __WINE_NTSECAPI_H #define __WINE_NTSECAPI_H #ifdef __cplusplus extern "C" { #endif /* defined(__cplusplus) */ typedef enum _SECURITY_LOGON_TYPE { Interactive = 2, Network, Batch, Service, Proxy, Unlock, NetworkCleartext, NewCredentials, RemoteInteractive, CachedInteractive, CachedRemoteInteractive, CachedUnlock } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE; typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS { PolicyNotifyAuditEventsInformation = 1, PolicyNotifyAccountDomainInformation, PolicyNotifyServerRoleInformation, PolicyNotifyDnsDomainInformation, PolicyNotifyDomainEfsInformation, PolicyNotifyDomainKerberosTicketInformation, PolicyNotifyMachineAccountPasswordInformation } POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS; typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE; /* Policy access rights */ #define POLICY_VIEW_LOCAL_INFORMATION 0x00000001L #define POLICY_VIEW_AUDIT_INFORMATION 0x00000002L #define POLICY_GET_PRIVATE_INFORMATION 0x00000004L #define POLICY_TRUST_ADMIN 0x00000008L #define POLICY_CREATE_ACCOUNT 0x00000010L #define POLICY_CREATE_SECRET 0x00000020L #define POLICY_CREATE_PRIVILEGE 0x00000040L #define POLICY_SET_DEFAULT_QUOTA_LIMITS 0x00000080L #define POLICY_SET_AUDIT_REQUIREMENTS 0x00000100L #define POLICY_AUDIT_LOG_ADMIN 0x00000200L #define POLICY_SERVER_ADMIN 0x00000400L #define POLICY_LOOKUP_NAMES 0x00000800L #define POLICY_NOTIFICATION 0x00001000L #define POLICY_ALL_ACCESS ( \ STANDARD_RIGHTS_REQUIRED | \ POLICY_VIEW_LOCAL_INFORMATION | \ POLICY_VIEW_AUDIT_INFORMATION | \ POLICY_GET_PRIVATE_INFORMATION | \ POLICY_TRUST_ADMIN | \ POLICY_CREATE_ACCOUNT | \ POLICY_CREATE_SECRET | \ POLICY_CREATE_PRIVILEGE | \ POLICY_SET_DEFAULT_QUOTA_LIMITS | \ POLICY_SET_AUDIT_REQUIREMENTS | \ POLICY_AUDIT_LOG_ADMIN | \ POLICY_SERVER_ADMIN | \ POLICY_LOOKUP_NAMES) #define POLICY_READ ( \ STANDARD_RIGHTS_READ | \ POLICY_VIEW_AUDIT_INFORMATION | \ POLICY_GET_PRIVATE_INFORMATION) #define POLICY_WRITE ( \ STANDARD_RIGHTS_WRITE | \ POLICY_TRUST_ADMIN | \ POLICY_CREATE_ACCOUNT | \ POLICY_CREATE_SECRET | \ POLICY_CREATE_PRIVILEGE | \ POLICY_SET_DEFAULT_QUOTA_LIMITS | \ POLICY_SET_AUDIT_REQUIREMENTS | \ POLICY_AUDIT_LOG_ADMIN | \ POLICY_SERVER_ADMIN) #define POLICY_EXECUTE ( \ STANDARD_RIGHTS_EXECUTE | \ POLICY_VIEW_LOCAL_INFORMATION | \ POLICY_LOOKUP_NAMES) typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING; /* FIXME: Microsoft declares an LSA_STRING as ascii but changing this breaks secur32.dll so someone will need to figure out what to do here */ typedef struct _LSA_STRING { USHORT Length; USHORT MaximumLength; PWSTR Buffer; } LSA_STRING, *PLSA_STRING; typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES; typedef PVOID LSA_HANDLE, *PLSA_HANDLE; typedef enum { PolicyAuditLogInformation = 1, PolicyAuditEventsInformation, PolicyPrimaryDomainInformation, PolicyPdAccountInformation, PolicyAccountDomainInformation, PolicyLsaServerRoleInformation, PolicyReplicaSourceInformation, PolicyDefaultQuotaInformation, PolicyModificationInformation, PolicyAuditFullSetInformation, PolicyAuditFullQueryInformation, PolicyDnsDomainInformation } POLICY_INFORMATION_CLASS, *PPOLICY_INFORMATION_CLASS; typedef ULONG POLICY_AUDIT_EVENT_OPTIONS, *PPOLICY_AUDIT_EVENT_OPTIONS; typedef struct _POLICY_AUDIT_EVENTS_INFO { WINBOOL AuditingMode; PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions; ULONG MaximumAuditEventCount; } POLICY_AUDIT_EVENTS_INFO, *PPOLICY_AUDIT_EVENTS_INFO; typedef struct _LSA_FOREST_TRUST_DOMAIN_INFO { PSID Sid; LSA_UNICODE_STRING DnsName; LSA_UNICODE_STRING NetbiosName; } LSA_FOREST_TRUST_DOMAIN_INFO, *PLSA_FOREST_TRUST_DOMAIN_INFO; #define MAX_FOREST_TRUST_BINARY_DATA_SIZE ( 128 * 1024 ) typedef struct _LSA_FOREST_TRUST_BINARY_DATA { ULONG Length; PUCHAR Buffer; } LSA_FOREST_TRUST_BINARY_DATA, *PLSA_FOREST_TRUST_BINARY_DATA; typedef enum { ForestTrustTopLevelName, ForestTrustTopLevelNameEx, ForestTrustDomainInfo, ForestTrustRecordTypeLast = ForestTrustDomainInfo } LSA_FOREST_TRUST_RECORD_TYPE; typedef struct _LSA_AUTH_INFORMATION { LARGE_INTEGER LastUpdateTime; ULONG AuthType; ULONG AuthInfoLength; PUCHAR AuthInfo; } LSA_AUTH_INFORMATION, *PLSA_AUTH_INFORMATION; typedef struct _TRUSTED_DOMAIN_AUTH_INFORMATION { ULONG IncomingAuthInfos; PLSA_AUTH_INFORMATION IncomingAuthenticationInformation; PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation; ULONG OutgoingAuthInfos; PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation; PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation; } TRUSTED_DOMAIN_AUTH_INFORMATION, *PTRUSTED_DOMAIN_AUTH_INFORMATION; typedef struct _LSA_FOREST_TRUST_RECORD { ULONG Flags; LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType; LARGE_INTEGER Time; union { LSA_UNICODE_STRING TopLevelName; LSA_FOREST_TRUST_DOMAIN_INFO DomainInfo; LSA_FOREST_TRUST_BINARY_DATA Data; } ForestTrustData; } LSA_FOREST_TRUST_RECORD, *PLSA_FOREST_TRUST_RECORD; typedef struct _LSA_TRANSLATED_SID { SID_NAME_USE Use; ULONG RelativeId; LONG DomainIndex; } LSA_TRANSLATED_SID, *PLSA_TRANSLATED_SID; typedef struct _LSA_TRANSLATED_SID2 { SID_NAME_USE Use; PSID Sid; LONG DomainIndex; ULONG Flags; } LSA_TRANSLATED_SID2, *PLSA_TRANSLATED_SID2; typedef struct _LSA_TRANSLATED_NAME { SID_NAME_USE Use; LSA_UNICODE_STRING Name; LONG DomainIndex; } LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME; typedef enum { CollisionTdo, CollisionXref, CollisionOther } LSA_FOREST_TRUST_COLLISION_RECORD_TYPE; typedef struct _LSA_FOREST_TRUST_COLLISION_RECORD { ULONG Index; LSA_FOREST_TRUST_COLLISION_RECORD_TYPE Type; ULONG Flags; LSA_UNICODE_STRING Name; } LSA_FOREST_TRUST_COLLISION_RECORD, *PLSA_FOREST_TRUST_COLLISION_RECORD; typedef struct _LSA_FOREST_TRUST_COLLISION_INFORMATION { ULONG RecordCount; PLSA_FOREST_TRUST_COLLISION_RECORD * Entries; } LSA_FOREST_TRUST_COLLISION_INFORMATION, *PLSA_FOREST_TRUST_COLLISION_INFORMATION; typedef struct _TRUSTED_DOMAIN_INFORMATION_EX { LSA_UNICODE_STRING Name; LSA_UNICODE_STRING FlatName; PSID Sid; ULONG TrustDirection; ULONG TrustType; ULONG TrustAttributes; } TRUSTED_DOMAIN_INFORMATION_EX, *PTRUSTED_DOMAIN_INFORMATION_EX; typedef ULONG LSA_ENUMERATION_HANDLE, *PLSA_ENUMERATION_HANDLE; typedef struct _LSA_TRUST_INFORMATION { LSA_UNICODE_STRING Name; PSID Sid; } LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION; typedef struct _LSA_REFERENCED_DOMAIN_LIST { ULONG Entries; PLSA_TRUST_INFORMATION Domains; } LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST; typedef enum _POLICY_DOMAIN_INFORMATION_CLASS { PolicyDomainEfsInformation = 2, PolicyDomainKerberosTicketInformation } POLICY_DOMAIN_INFORMATION_CLASS, *PPOLICY_DOMAIN_INFORMATION_CLASS; typedef struct _POLICY_PRIMARY_DOMAIN_INFO { LSA_UNICODE_STRING Name; PSID Sid; } POLICY_PRIMARY_DOMAIN_INFO, *PPOLICY_PRIMARY_DOMAIN_INFO; typedef struct _POLICY_ACCOUNT_DOMAIN_INFO { LSA_UNICODE_STRING DomainName; PSID DomainSid; } POLICY_ACCOUNT_DOMAIN_INFO, *PPOLICY_ACCOUNT_DOMAIN_INFO; typedef struct _LSA_FOREST_TRUST_INFORMATION { ULONG RecordCount; PLSA_FOREST_TRUST_RECORD * Entries; } LSA_FOREST_TRUST_INFORMATION, *PLSA_FOREST_TRUST_INFORMATION; typedef struct _SECURITY_LOGON_SESSION_DATA { ULONG Size ; LUID LogonId ; LSA_UNICODE_STRING UserName ; LSA_UNICODE_STRING LogonDomain ; LSA_UNICODE_STRING AuthenticationPackage ; ULONG LogonType ; ULONG Session ; PSID Sid ; LARGE_INTEGER LogonTime ; LSA_UNICODE_STRING LogonServer ; LSA_UNICODE_STRING DnsDomainName ; LSA_UNICODE_STRING Upn ; } SECURITY_LOGON_SESSION_DATA, * PSECURITY_LOGON_SESSION_DATA ; typedef enum _TRUSTED_INFORMATION_CLASS { TrustedDomainNameInformation = 1, TrustedControllersInformation, TrustedPosixOffsetInformation, TrustedPasswordInformation, TrustedDomainInformationBasic, TrustedDomainInformationEx, TrustedDomainAuthInformation, TrustedDomainFullInformation, TrustedDomainAuthInformationInternal, TrustedDomainFullInformationInternal, TrustedDomainInformationEx2Internal, TrustedDomainFullInformation2Internal, } TRUSTED_INFORMATION_CLASS, *PTRUSTED_INFORMATION_CLASS; ULONG STDCALL LsaNtStatusToWinError(NTSTATUS Status); NTSTATUS STDCALL LsaOpenPolicy(PLSA_UNICODE_STRING lsaucs,PLSA_OBJECT_ATTRIBUTES lsaoa,ACCESS_MASK access,PLSA_HANDLE lsah); NTSTATUS STDCALL LsaQueryInformationPolicy(LSA_HANDLE lsah,POLICY_INFORMATION_CLASS pic,PVOID* pv); NTSTATUS STDCALL LsaFreeMemory(PVOID pv); NTSTATUS STDCALL LsaClose(LSA_HANDLE ObjectHandle); NTSTATUS STDCALL LsaAddAccountRights( LSA_HANDLE PolicyHandle, PSID AccountSid, PLSA_UNICODE_STRING UserRights, ULONG CountOfRights ); NTSTATUS STDCALL LsaCreateTrustedDomainEx( LSA_HANDLE PolicyHandle, PTRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation, PTRUSTED_DOMAIN_AUTH_INFORMATION AuthenticationInformation, ACCESS_MASK DesiredAccess, PLSA_HANDLE TrustedDomainHandle ); NTSTATUS STDCALL LsaDeleteTrustedDomain( LSA_HANDLE PolicyHandle, PSID TrustedDomainSid ); NTSTATUS STDCALL LsaEnumerateAccountRights( LSA_HANDLE PolicyHandle, PSID AccountSid, PLSA_UNICODE_STRING *UserRights, PULONG CountOfRights ); NTSTATUS STDCALL LsaEnumerateAccountsWithUserRight( LSA_HANDLE PolicyHandle, OPTIONAL PLSA_UNICODE_STRING UserRights, PVOID *EnumerationBuffer, PULONG CountReturned ); NTSTATUS STDCALL LsaEnumerateTrustedDomains( LSA_HANDLE PolicyHandle, PLSA_ENUMERATION_HANDLE EnumerationContext, PVOID *Buffer, ULONG PreferedMaximumLength, PULONG CountReturned ); NTSTATUS STDCALL LsaEnumerateTrustedDomainsEx( LSA_HANDLE PolicyHandle, PLSA_ENUMERATION_HANDLE EnumerationContext, PVOID *Buffer, ULONG PreferedMaximumLength, PULONG CountReturned ); NTSTATUS STDCALL LsaLookupNames( LSA_HANDLE PolicyHandle, ULONG Count, PLSA_UNICODE_STRING Names, PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSA_TRANSLATED_SID *Sids ); NTSTATUS STDCALL LsaLookupNames2( LSA_HANDLE PolicyHandle, ULONG Flags, ULONG Count, PLSA_UNICODE_STRING Names, PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSA_TRANSLATED_SID2 *Sids ); NTSTATUS STDCALL LsaLookupSids( LSA_HANDLE PolicyHandle, ULONG Count, PSID *Sids, PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSA_TRANSLATED_NAME *Names ); NTSTATUS STDCALL LsaOpenTrustedDomainByName( LSA_HANDLE PolicyHandle, PLSA_UNICODE_STRING TrustedDomainName, ACCESS_MASK DesiredAccess, PLSA_HANDLE TrustedDomainHandle ); NTSTATUS STDCALL LsaQueryDomainInformationPolicy( LSA_HANDLE PolicyHandle, POLICY_DOMAIN_INFORMATION_CLASS InformationClass, PVOID *Buffer ); NTSTATUS STDCALL LsaQueryForestTrustInformation( LSA_HANDLE PolicyHandle, PLSA_UNICODE_STRING TrustedDomainName, PLSA_FOREST_TRUST_INFORMATION * ForestTrustInfo ); NTSTATUS STDCALL LsaQueryTrustedDomainInfoByName( LSA_HANDLE PolicyHandle, PLSA_UNICODE_STRING TrustedDomainName, TRUSTED_INFORMATION_CLASS InformationClass, PVOID *Buffer ); NTSTATUS STDCALL LsaQueryTrustedDomainInfo( LSA_HANDLE PolicyHandle, PSID TrustedDomainSid, TRUSTED_INFORMATION_CLASS InformationClass, PVOID *Buffer ); NTSTATUS STDCALL LsaRemoveAccountRights( LSA_HANDLE PolicyHandle, PSID AccountSid, WINBOOL AllRights, PLSA_UNICODE_STRING UserRights, ULONG CountOfRights ); NTSTATUS STDCALL LsaRetrievePrivateData( LSA_HANDLE PolicyHandle, PLSA_UNICODE_STRING KeyName, PLSA_UNICODE_STRING * PrivateData ); NTSTATUS STDCALL LsaSetDomainInformationPolicy( LSA_HANDLE PolicyHandle, POLICY_DOMAIN_INFORMATION_CLASS InformationClass, PVOID Buffer ); NTSTATUS STDCALL LsaSetInformationPolicy( LSA_HANDLE PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, PVOID Buffer ); NTSTATUS STDCALL LsaSetForestTrustInformation( LSA_HANDLE PolicyHandle, PLSA_UNICODE_STRING TrustedDomainName, PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo, WINBOOL CheckOnly, PLSA_FOREST_TRUST_COLLISION_INFORMATION * CollisionInfo ); NTSTATUS STDCALL LsaSetTrustedDomainInfoByName( LSA_HANDLE PolicyHandle, PLSA_UNICODE_STRING TrustedDomainName, TRUSTED_INFORMATION_CLASS InformationClass, PVOID Buffer ); NTSTATUS STDCALL LsaSetTrustedDomainInformation( LSA_HANDLE PolicyHandle, PSID TrustedDomainSid, TRUSTED_INFORMATION_CLASS InformationClass, PVOID Buffer ); NTSTATUS STDCALL LsaStorePrivateData( LSA_HANDLE PolicyHandle, PLSA_UNICODE_STRING KeyName, PLSA_UNICODE_STRING PrivateData ); NTSTATUS STDCALL LsaEnumerateLogonSessions( PULONG LogonSessionCount, PLUID * LogonSessionList ); NTSTATUS STDCALL LsaGetLogonSessionData( PLUID LogonId, PSECURITY_LOGON_SESSION_DATA * ppLogonSessionData ); NTSTATUS STDCALL LsaRegisterPolicyChangeNotification( POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass, HANDLE NotificationEventHandle ); NTSTATUS STDCALL LsaUnregisterPolicyChangeNotification( POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass, HANDLE NotificationEventHandle ); #ifdef __cplusplus } /* extern "C" */ #endif /* defined(__cplusplus) */ #endif /* !defined(__WINE_NTSECAPI_H) */