master
1/**
2 * This file has no copyright assigned and is placed in the Public Domain.
3 * This file is part of the mingw-w64 runtime package.
4 * No warranty is given; refer to the file DISCLAIMER.PD within this package.
5 */
6
7#ifdef DEFINE_GUID
8
9#if !defined(INITGUID) || !defined(Audit_System_SecurityStateChange_defined)
10DEFINE_GUID(Audit_System_SecurityStateChange, 0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
11#ifdef INITGUID
12#define Audit_System_SecurityStateChange_defined
13#endif
14#endif
15
16#if !defined(INITGUID) || !defined(Audit_System_SecuritySubsystemExtension_defined)
17DEFINE_GUID(Audit_System_SecuritySubsystemExtension, 0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
18#ifdef INITGUID
19#define Audit_System_SecuritySubsystemExtension_defined
20#endif
21#endif
22
23#if !defined(INITGUID) || !defined(Audit_System_Integrity_defined)
24DEFINE_GUID(Audit_System_Integrity, 0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
25#ifdef INITGUID
26#define Audit_System_Integrity_defined
27#endif
28#endif
29
30#if !defined(INITGUID) || !defined(Audit_System_IPSecDriverEvents_defined)
31DEFINE_GUID(Audit_System_IPSecDriverEvents, 0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
32#ifdef INITGUID
33#define Audit_System_IPSecDriverEvents_defined
34#endif
35#endif
36
37#if !defined(INITGUID) || !defined(Audit_System_Others_defined)
38DEFINE_GUID(Audit_System_Others, 0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
39#ifdef INITGUID
40#define Audit_System_Others_defined
41#endif
42#endif
43
44#if !defined(INITGUID) || !defined(Audit_Logon_Logon_defined)
45DEFINE_GUID(Audit_Logon_Logon, 0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
46#ifdef INITGUID
47#define Audit_Logon_Logon_defined
48#endif
49#endif
50
51#if !defined(INITGUID) || !defined(Audit_Logon_Logoff_defined)
52DEFINE_GUID(Audit_Logon_Logoff, 0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
53#ifdef INITGUID
54#define Audit_Logon_Logoff_defined
55#endif
56#endif
57
58#if !defined(INITGUID) || !defined(Audit_Logon_AccountLockout_defined)
59DEFINE_GUID(Audit_Logon_AccountLockout, 0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
60#ifdef INITGUID
61#define Audit_Logon_AccountLockout_defined
62#endif
63#endif
64
65#if !defined(INITGUID) || !defined(Audit_Logon_IPSecMainMode_defined)
66DEFINE_GUID(Audit_Logon_IPSecMainMode, 0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
67#ifdef INITGUID
68#define Audit_Logon_IPSecMainMode_defined
69#endif
70#endif
71
72#if !defined(INITGUID) || !defined(Audit_Logon_IPSecQuickMode_defined)
73DEFINE_GUID(Audit_Logon_IPSecQuickMode, 0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
74#ifdef INITGUID
75#define Audit_Logon_IPSecQuickMode_defined
76#endif
77#endif
78
79#if !defined(INITGUID) || !defined(Audit_Logon_IPSecUserMode_defined)
80DEFINE_GUID(Audit_Logon_IPSecUserMode, 0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
81#ifdef INITGUID
82#define Audit_Logon_IPSecUserMode_defined
83#endif
84#endif
85
86#if !defined(INITGUID) || !defined(Audit_Logon_SpecialLogon_defined)
87DEFINE_GUID(Audit_Logon_SpecialLogon, 0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
88#ifdef INITGUID
89#define Audit_Logon_SpecialLogon_defined
90#endif
91#endif
92
93#if !defined(INITGUID) || !defined(Audit_Logon_Others_defined)
94DEFINE_GUID(Audit_Logon_Others, 0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
95#ifdef INITGUID
96#define Audit_Logon_Others_defined
97#endif
98#endif
99
100#if !defined(INITGUID) || !defined(Audit_ObjectAccess_FileSystem_defined)
101DEFINE_GUID(Audit_ObjectAccess_FileSystem, 0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
102#ifdef INITGUID
103#define Audit_ObjectAccess_FileSystem_defined
104#endif
105#endif
106
107#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Registry_defined)
108DEFINE_GUID(Audit_ObjectAccess_Registry, 0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
109#ifdef INITGUID
110#define Audit_ObjectAccess_Registry_defined
111#endif
112#endif
113
114#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Kernel_defined)
115DEFINE_GUID(Audit_ObjectAccess_Kernel, 0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
116#ifdef INITGUID
117#define Audit_ObjectAccess_Kernel_defined
118#endif
119#endif
120
121#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Sam_defined)
122DEFINE_GUID(Audit_ObjectAccess_Sam, 0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
123#ifdef INITGUID
124#define Audit_ObjectAccess_Sam_defined
125#endif
126#endif
127
128#if !defined(INITGUID) || !defined(Audit_ObjectAccess_CertificationServices_defined)
129DEFINE_GUID(Audit_ObjectAccess_CertificationServices, 0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
130#ifdef INITGUID
131#define Audit_ObjectAccess_CertificationServices_defined
132#endif
133#endif
134
135#if !defined(INITGUID) || !defined(Audit_ObjectAccess_ApplicationGenerated_defined)
136DEFINE_GUID(Audit_ObjectAccess_ApplicationGenerated, 0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
137#ifdef INITGUID
138#define Audit_ObjectAccess_ApplicationGenerated_defined
139#endif
140#endif
141#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Handle_defined)
142DEFINE_GUID(Audit_ObjectAccess_Handle, 0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
143#ifdef INITGUID
144#define Audit_ObjectAccess_Handle_defined
145#endif
146#endif
147
148#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Share_defined)
149DEFINE_GUID(Audit_ObjectAccess_Share, 0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
150#ifdef INITGUID
151#define Audit_ObjectAccess_Share_defined
152#endif
153#endif
154
155#if !defined(INITGUID) || !defined(Audit_ObjectAccess_FirewallPacketDrops_defined)
156DEFINE_GUID(Audit_ObjectAccess_FirewallPacketDrops, 0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
157#ifdef INITGUID
158#define Audit_ObjectAccess_FirewallPacketDrops_defined
159#endif
160#endif
161
162#if !defined(INITGUID) || !defined(Audit_ObjectAccess_FirewallConnection_defined)
163DEFINE_GUID(Audit_ObjectAccess_FirewallConnection, 0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
164#ifdef INITGUID
165#define Audit_ObjectAccess_FirewallConnection_defined
166#endif
167#endif
168
169#if !defined(INITGUID) || !defined(Audit_ObjectAccess_Other_defined)
170DEFINE_GUID(Audit_ObjectAccess_Other, 0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
171#ifdef INITGUID
172#define Audit_ObjectAccess_Other_defined
173#endif
174#endif
175
176#if !defined(INITGUID) || !defined(Audit_PrivilegeUse_Sensitive_defined)
177DEFINE_GUID(Audit_PrivilegeUse_Sensitive, 0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
178#ifdef INITGUID
179#define Audit_PrivilegeUse_Sensitive_defined
180#endif
181#endif
182
183#if !defined(INITGUID) || !defined(Audit_PrivilegeUse_NonSensitive_defined)
184DEFINE_GUID(Audit_PrivilegeUse_NonSensitive, 0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
185#ifdef INITGUID
186#define Audit_PrivilegeUse_NonSensitive_defined
187#endif
188#endif
189
190#if !defined(INITGUID) || !defined(Audit_PrivilegeUse_Others_defined)
191DEFINE_GUID(Audit_PrivilegeUse_Others, 0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
192#ifdef INITGUID
193#define Audit_PrivilegeUse_Others_defined
194#endif
195#endif
196
197#if !defined(INITGUID) || !defined(Audit_DetailedTracking_ProcessCreation_defined)
198DEFINE_GUID(Audit_DetailedTracking_ProcessCreation, 0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
199#ifdef INITGUID
200#define Audit_DetailedTracking_ProcessCreation_defined
201#endif
202#endif
203
204#if !defined(INITGUID) || !defined(Audit_DetailedTracking_ProcessTermination_defined)
205DEFINE_GUID(Audit_DetailedTracking_ProcessTermination, 0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
206#ifdef INITGUID
207#define Audit_DetailedTracking_ProcessTermination_defined
208#endif
209#endif
210
211#if !defined(INITGUID) || !defined(Audit_DetailedTracking_DpapiActivity_defined)
212DEFINE_GUID(Audit_DetailedTracking_DpapiActivity, 0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
213#ifdef INITGUID
214#define Audit_DetailedTracking_DpapiActivity_defined
215#endif
216#endif
217
218#if !defined(INITGUID) || !defined(Audit_DetailedTracking_RpcCall_defined)
219DEFINE_GUID(Audit_DetailedTracking_RpcCall, 0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
220#ifdef INITGUID
221#define Audit_DetailedTracking_RpcCall_defined
222#endif
223#endif
224
225#if !defined(INITGUID) || !defined(Audit_PolicyChange_AuditPolicy_defined)
226DEFINE_GUID(Audit_PolicyChange_AuditPolicy, 0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
227#ifdef INITGUID
228#define Audit_PolicyChange_AuditPolicy_defined
229#endif
230#endif
231
232#if !defined(INITGUID) || !defined(Audit_PolicyChange_AuthenticationPolicy_defined)
233DEFINE_GUID(Audit_PolicyChange_AuthenticationPolicy, 0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
234#ifdef INITGUID
235#define Audit_PolicyChange_AuthenticationPolicy_defined
236#endif
237#endif
238
239#if !defined(INITGUID) || !defined(Audit_PolicyChange_AuthorizationPolicy_defined)
240DEFINE_GUID(Audit_PolicyChange_AuthorizationPolicy, 0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
241#ifdef INITGUID
242#define Audit_PolicyChange_AuthorizationPolicy_defined
243#endif
244#endif
245
246#if !defined(INITGUID) || !defined(Audit_PolicyChange_MpsscvRulePolicy_defined)
247DEFINE_GUID(Audit_PolicyChange_MpsscvRulePolicy, 0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
248#ifdef INITGUID
249#define Audit_PolicyChange_MpsscvRulePolicy_defined
250#endif
251#endif
252
253#if !defined(INITGUID) || !defined(Audit_PolicyChange_WfpIPSecPolicy_defined)
254DEFINE_GUID(Audit_PolicyChange_WfpIPSecPolicy, 0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
255#ifdef INITGUID
256#define Audit_PolicyChange_WfpIPSecPolicy_defined
257#endif
258#endif
259
260#if !defined(INITGUID) || !defined(Audit_PolicyChange_Others_defined)
261DEFINE_GUID(Audit_PolicyChange_Others, 0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
262#ifdef INITGUID
263#define Audit_PolicyChange_Others_defined
264#endif
265#endif
266
267#if !defined(INITGUID) || !defined(Audit_AccountManagement_UserAccount_defined)
268DEFINE_GUID(Audit_AccountManagement_UserAccount, 0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
269#ifdef INITGUID
270#define Audit_AccountManagement_UserAccount_defined
271#endif
272#endif
273
274#if !defined(INITGUID) || !defined(Audit_AccountManagement_ComputerAccount_defined)
275DEFINE_GUID(Audit_AccountManagement_ComputerAccount, 0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
276#ifdef INITGUID
277#define Audit_AccountManagement_ComputerAccount_defined
278#endif
279#endif
280
281#if !defined(INITGUID) || !defined(Audit_AccountManagement_SecurityGroup_defined)
282DEFINE_GUID(Audit_AccountManagement_SecurityGroup, 0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
283#ifdef INITGUID
284#define Audit_AccountManagement_SecurityGroup_defined
285#endif
286#endif
287
288#if !defined(INITGUID) || !defined(Audit_AccountManagement_DistributionGroup_defined)
289DEFINE_GUID(Audit_AccountManagement_DistributionGroup, 0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
290#ifdef INITGUID
291#define Audit_AccountManagement_DistributionGroup_defined
292#endif
293#endif
294
295#if !defined(INITGUID) || !defined(Audit_AccountManagement_ApplicationGroup_defined)
296DEFINE_GUID(Audit_AccountManagement_ApplicationGroup, 0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
297#ifdef INITGUID
298#define Audit_AccountManagement_ApplicationGroup_defined
299#endif
300#endif
301
302#if !defined(INITGUID) || !defined(Audit_AccountManagement_Others_defined)
303DEFINE_GUID(Audit_AccountManagement_Others, 0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
304#ifdef INITGUID
305#define Audit_AccountManagement_Others_defined
306#endif
307#endif
308
309#if !defined(INITGUID) || !defined(Audit_DSAccess_DSAccess_defined)
310DEFINE_GUID(Audit_DSAccess_DSAccess, 0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
311#ifdef INITGUID
312#define Audit_DSAccess_DSAccess_defined
313#endif
314#endif
315
316#if !defined(INITGUID) || !defined(Audit_DsAccess_AdAuditChanges_defined)
317DEFINE_GUID(Audit_DsAccess_AdAuditChanges, 0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
318#ifdef INITGUID
319#define Audit_DsAccess_AdAuditChanges_defined
320#endif
321#endif
322
323#if !defined(INITGUID) || !defined(Audit_Ds_Replication_defined)
324DEFINE_GUID(Audit_Ds_Replication, 0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
325#ifdef INITGUID
326#define Audit_Ds_Replication_defined
327#endif
328#endif
329
330#if !defined(INITGUID) || !defined(Audit_Ds_DetailedReplication_defined)
331DEFINE_GUID(Audit_Ds_DetailedReplication, 0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
332#ifdef INITGUID
333#define Audit_Ds_DetailedReplication_defined
334#endif
335#endif
336
337#if !defined(INITGUID) || !defined(Audit_AccountLogon_CredentialValidation_defined)
338DEFINE_GUID(Audit_AccountLogon_CredentialValidation, 0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
339#ifdef INITGUID
340#define Audit_AccountLogon_CredentialValidation_defined
341#endif
342#endif
343
344#if !defined(INITGUID) || !defined(Audit_AccountLogon_Kerberos_defined)
345DEFINE_GUID(Audit_AccountLogon_Kerberos, 0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
346#ifdef INITGUID
347#define Audit_AccountLogon_Kerberos_defined
348#endif
349#endif
350
351#if !defined(INITGUID) || !defined(Audit_AccountLogon_Others_defined)
352DEFINE_GUID(Audit_AccountLogon_Others, 0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
353#ifdef INITGUID
354#define Audit_AccountLogon_Others_defined
355#endif
356#endif
357
358#if !defined(INITGUID) || !defined(Audit_AccountLogon_KerbCredentialValidation_defined)
359DEFINE_GUID(Audit_AccountLogon_KerbCredentialValidation, 0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
360#ifdef INITGUID
361#define Audit_AccountLogon_KerbCredentialValidation_defined
362#endif
363#endif
364
365#if !defined(INITGUID) || !defined(Audit_Logon_NPS_defined)
366DEFINE_GUID(Audit_Logon_NPS, 0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
367#ifdef INITGUID
368#define Audit_Logon_NPS_defined
369#endif
370#endif
371
372#if !defined(INITGUID) || !defined(Audit_ObjectAccess_DetailedFileShare_defined)
373DEFINE_GUID(Audit_ObjectAccess_DetailedFileShare, 0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
374#ifdef INITGUID
375#define Audit_ObjectAccess_DetailedFileShare_defined
376#endif
377#endif
378
379#if !defined(INITGUID) || !defined(Audit_ObjectAccess_RemovableStorage_defined)
380DEFINE_GUID(Audit_ObjectAccess_RemovableStorage, 0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
381#ifdef INITGUID
382#define Audit_ObjectAccess_RemovableStorage_defined
383#endif
384#endif
385
386#if !defined(INITGUID) || !defined(Audit_ObjectAccess_CbacStaging_defined)
387DEFINE_GUID(Audit_ObjectAccess_CbacStaging, 0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
388#ifdef INITGUID
389#define Audit_ObjectAccess_CbacStaging_defined
390#endif
391#endif
392
393#if !defined(INITGUID) || !defined(Audit_Logon_Claims_defined)
394DEFINE_GUID(Audit_Logon_Claims, 0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
395#ifdef INITGUID
396#define Audit_Logon_Claims_defined
397#endif
398#endif
399
400#if !defined(INITGUID) || !defined(Audit_DetailedTracking_PnpActivity_defined)
401DEFINE_GUID(Audit_DetailedTracking_PnpActivity, 0x0cce9248, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
402#ifdef INITGUID
403#define Audit_DetailedTracking_PnpActivity_defined
404#endif
405#endif
406
407#if !defined(INITGUID) || !defined(Audit_Logon_Groups_defined)
408DEFINE_GUID(Audit_Logon_Groups, 0x0cce9249, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
409#ifdef INITGUID
410#define Audit_Logon_Groups_defined
411#endif
412#endif
413
414#if !defined(INITGUID) || !defined(Audit_DetailedTracking_TokenRightAdjusted_defined)
415DEFINE_GUID(Audit_DetailedTracking_TokenRightAdjusted, 0x0cce924a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
416#ifdef INITGUID
417#define Audit_DetailedTracking_TokenRightAdjusted_defined
418#endif
419#endif
420
421#if !defined(INITGUID) || !defined(Audit_System_defined)
422DEFINE_GUID(Audit_System, 0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
423#ifdef INITGUID
424#define Audit_System_defined
425#endif
426#endif
427
428#if !defined(INITGUID) || !defined(Audit_Logon_defined)
429DEFINE_GUID(Audit_Logon, 0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
430#ifdef INITGUID
431#define Audit_Logon_defined
432#endif
433#endif
434
435#if !defined(INITGUID) || !defined(Audit_ObjectAccess_defined)
436DEFINE_GUID(Audit_ObjectAccess, 0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
437#ifdef INITGUID
438#define Audit_ObjectAccess_defined
439#endif
440#endif
441
442#if !defined(INITGUID) || !defined(Audit_PrivilegeUse_defined)
443DEFINE_GUID(Audit_PrivilegeUse, 0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
444#ifdef INITGUID
445#define Audit_PrivilegeUse_defined
446#endif
447#endif
448
449#if !defined(INITGUID) || !defined(Audit_DetailedTracking_defined)
450DEFINE_GUID(Audit_DetailedTracking, 0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
451#ifdef INITGUID
452#define Audit_DetailedTracking_defined
453#endif
454#endif
455
456#if !defined(INITGUID) || !defined(Audit_PolicyChange_defined)
457DEFINE_GUID(Audit_PolicyChange, 0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
458#ifdef INITGUID
459#define Audit_PolicyChange_defined
460#endif
461#endif
462
463#if !defined(INITGUID) || !defined(Audit_AccountManagement_defined)
464DEFINE_GUID(Audit_AccountManagement, 0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
465#ifdef INITGUID
466#define Audit_AccountManagement_defined
467#endif
468#endif
469
470#if !defined(INITGUID) || !defined(Audit_DirectoryServiceAccess_defined)
471DEFINE_GUID(Audit_DirectoryServiceAccess, 0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
472#ifdef INITGUID
473#define Audit_DirectoryServiceAccess_defined
474#endif
475#endif
476
477#if !defined(INITGUID) || !defined(Audit_AccountLogon_defined)
478DEFINE_GUID(Audit_AccountLogon, 0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
479#ifdef INITGUID
480#define Audit_AccountLogon_defined
481#endif
482#endif
483#endif
484
485#ifndef _NTSECAPI_
486#define _NTSECAPI_
487
488#ifdef __cplusplus
489extern "C" {
490#endif
491
492#if !defined (_NTDEF_) && !defined (_NTSTATUS_PSDK)
493#define _NTSTATUS_PSDK
494 typedef LONG NTSTATUS,*PNTSTATUS;
495#endif
496
497#ifndef _NTLSA_IFS_
498 typedef ULONG LSA_OPERATIONAL_MODE,*PLSA_OPERATIONAL_MODE;
499#endif
500
501#define LSA_MODE_PASSWORD_PROTECTED (__MSABI_LONG(0x00000001))
502#define LSA_MODE_INDIVIDUAL_ACCOUNTS (__MSABI_LONG(0x00000002))
503#define LSA_MODE_MANDATORY_ACCESS (__MSABI_LONG(0x00000004))
504#define LSA_MODE_LOG_FULL (__MSABI_LONG(0x00000008))
505
506#ifndef _NTLSA_IFS_
507 typedef enum _SECURITY_LOGON_TYPE {
508 UndefinedLogonType = 0,
509 Interactive = 2,
510 Network,
511 Batch,
512 Service,
513 Proxy,
514 Unlock,
515 NetworkCleartext,
516 NewCredentials
517#if _WIN32_WINNT >= 0x0501
518 ,RemoteInteractive
519 ,CachedInteractive
520#endif
521#if _WIN32_WINNT >= 0x0502
522 ,CachedRemoteInteractive
523 ,CachedUnlock
524#endif
525 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
526
527#endif
528
529#ifndef _NTLSA_IFS_
530
531#ifndef _NTLSA_AUDIT_
532#define _NTLSA_AUDIT_
533
534typedef enum _SE_ADT_PARAMETER_TYPE {
535 SeAdtParmTypeNone = 0,
536 SeAdtParmTypeString,
537 SeAdtParmTypeFileSpec,
538 SeAdtParmTypeUlong,
539 SeAdtParmTypeSid,
540 SeAdtParmTypeLogonId,
541 SeAdtParmTypeNoLogonId,
542 SeAdtParmTypeAccessMask,
543 SeAdtParmTypePrivs,
544 SeAdtParmTypeObjectTypes,
545 SeAdtParmTypeHexUlong,
546 SeAdtParmTypePtr,
547 SeAdtParmTypeTime,
548 SeAdtParmTypeGuid,
549 SeAdtParmTypeLuid,
550 SeAdtParmTypeHexInt64,
551 SeAdtParmTypeStringList,
552 SeAdtParmTypeSidList,
553 SeAdtParmTypeDuration,
554 SeAdtParmTypeUserAccountControl,
555 SeAdtParmTypeNoUac,
556 SeAdtParmTypeMessage,
557 SeAdtParmTypeDateTime,
558 SeAdtParmTypeSockAddr,
559 SeAdtParmTypeSD,
560 SeAdtParmTypeLogonHours,
561 SeAdtParmTypeLogonIdNoSid,
562 SeAdtParmTypeUlongNoConv,
563 SeAdtParmTypeSockAddrNoPort,
564 SeAdtParmTypeAccessReason,
565 SeAdtParmTypeStagingReason,
566 SeAdtParmTypeResourceAttribute,
567 SeAdtParmTypeClaims,
568 SeAdtParmTypeLogonIdAsSid,
569 SeAdtParmTypeMultiSzString,
570 SeAdtParmTypeLogonIdEx
571 } SE_ADT_PARAMETER_TYPE, *PSE_ADT_PARAMETER_TYPE;
572
573#include <guiddef.h>
574
575#define SE_ADT_OBJECT_ONLY 0x1
576
577 typedef struct _SE_ADT_OBJECT_TYPE {
578 GUID ObjectType;
579 USHORT Flags;
580 USHORT Level;
581 ACCESS_MASK AccessMask;
582 } SE_ADT_OBJECT_TYPE,*PSE_ADT_OBJECT_TYPE;
583
584 typedef struct _SE_ADT_PARAMETER_ARRAY_ENTRY {
585 SE_ADT_PARAMETER_TYPE Type;
586 ULONG Length;
587 ULONG_PTR Data[2];
588 PVOID Address;
589 } SE_ADT_PARAMETER_ARRAY_ENTRY,*PSE_ADT_PARAMETER_ARRAY_ENTRY;
590
591 typedef struct _SE_ADT_ACCESS_REASON {
592 ACCESS_MASK AccessMask;
593 ULONG AccessReasons[32];
594 ULONG ObjectTypeIndex;
595 ULONG AccessGranted;
596 PSECURITY_DESCRIPTOR SecurityDescriptor;
597 } SE_ADT_ACCESS_REASON, *PSE_ADT_ACCESS_REASON;
598
599 typedef struct _SE_ADT_CLAIMS {
600 ULONG Length;
601 PCLAIMS_BLOB Claims;
602 } SE_ADT_CLAIMS, *PSE_ADT_CLAIMS;
603
604#define SE_MAX_AUDIT_PARAMETERS 32
605#define SE_MAX_GENERIC_AUDIT_PARAMETERS 28
606
607 typedef struct _SE_ADT_PARAMETER_ARRAY {
608 ULONG CategoryId;
609 ULONG AuditId;
610 ULONG ParameterCount;
611 ULONG Length;
612 USHORT Type;
613 ULONG Flags;
614 SE_ADT_PARAMETER_ARRAY_ENTRY Parameters[SE_MAX_AUDIT_PARAMETERS];
615 } SE_ADT_PARAMETER_ARRAY,*PSE_ADT_PARAMETER_ARRAY;
616
617 typedef struct _SE_ADT_PARAMETER_ARRAY_EX {
618 ULONG CategoryId;
619 ULONG AuditId;
620 ULONG Version;
621 ULONG ParameterCount;
622 ULONG Length;
623 USHORT FlatSubCategoryId;
624 USHORT Type;
625 ULONG Flags;
626 SE_ADT_PARAMETER_ARRAY_ENTRY Parameters[SE_MAX_AUDIT_PARAMETERS];
627 } SE_ADT_PARAMETER_ARRAY_EX, *PSE_ADT_PARAMETER_ARRAY_EX;
628
629#define SE_ADT_PARAMETERS_SELF_RELATIVE 0x00000001
630#define SE_ADT_PARAMETERS_SEND_TO_LSA 0x00000002
631#define SE_ADT_PARAMETER_EXTENSIBLE_AUDIT 0x00000004
632#define SE_ADT_PARAMETER_GENERIC_AUDIT 0x00000008
633#define SE_ADT_PARAMETER_WRITE_SYNCHRONOUS 0x00000010
634
635#define LSAP_SE_ADT_PARAMETER_ARRAY_TRUE_SIZE(AuditParameters) (sizeof(SE_ADT_PARAMETER_ARRAY) - sizeof(SE_ADT_PARAMETER_ARRAY_ENTRY) * (SE_MAX_AUDIT_PARAMETERS - AuditParameters->ParameterCount))
636
637#endif /* _NTLSA_AUDIT_ */
638#endif /* _NTLSA_IFS_ */
639
640 typedef enum _POLICY_AUDIT_EVENT_TYPE {
641 AuditCategorySystem = 0,AuditCategoryLogon,AuditCategoryObjectAccess,AuditCategoryPrivilegeUse,AuditCategoryDetailedTracking,
642 AuditCategoryPolicyChange,AuditCategoryAccountManagement,AuditCategoryDirectoryServiceAccess,AuditCategoryAccountLogon
643 } POLICY_AUDIT_EVENT_TYPE,*PPOLICY_AUDIT_EVENT_TYPE;
644
645#define POLICY_AUDIT_EVENT_UNCHANGED (__MSABI_LONG(0x00000000))
646#define POLICY_AUDIT_EVENT_SUCCESS (__MSABI_LONG(0x00000001))
647#define POLICY_AUDIT_EVENT_FAILURE (__MSABI_LONG(0x00000002))
648#define POLICY_AUDIT_EVENT_NONE (__MSABI_LONG(0x00000004))
649#define POLICY_AUDIT_EVENT_MASK (POLICY_AUDIT_EVENT_SUCCESS | POLICY_AUDIT_EVENT_FAILURE | POLICY_AUDIT_EVENT_UNCHANGED | POLICY_AUDIT_EVENT_NONE)
650
651#ifdef _NTDEF_
652 typedef UNICODE_STRING LSA_UNICODE_STRING,*PLSA_UNICODE_STRING;
653 typedef STRING LSA_STRING,*PLSA_STRING;
654 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES,*PLSA_OBJECT_ATTRIBUTES;
655#else
656
657#ifndef _NO_W32_PSEUDO_MODIFIERS
658#ifndef IN
659#define IN
660#endif
661#ifndef OUT
662#define OUT
663#endif
664#ifndef OPTIONAL
665#define OPTIONAL
666#endif
667#endif
668
669 typedef struct _LSA_UNICODE_STRING {
670 USHORT Length;
671 USHORT MaximumLength;
672 PWSTR Buffer;
673 } LSA_UNICODE_STRING,*PLSA_UNICODE_STRING;
674
675 typedef struct _LSA_STRING {
676 USHORT Length;
677 USHORT MaximumLength;
678 PCHAR Buffer;
679 } LSA_STRING,*PLSA_STRING;
680
681 typedef struct _LSA_OBJECT_ATTRIBUTES {
682 ULONG Length;
683 HANDLE RootDirectory;
684 PLSA_UNICODE_STRING ObjectName;
685 ULONG Attributes;
686 PVOID SecurityDescriptor;
687 PVOID SecurityQualityOfService;
688 } LSA_OBJECT_ATTRIBUTES,*PLSA_OBJECT_ATTRIBUTES;
689#endif
690
691#define LSA_SUCCESS(Error) ((LONG)(Error) >= 0)
692
693#ifndef _NTLSA_IFS_
694 NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING LogonProcessName,PHANDLE LsaHandle,PLSA_OPERATIONAL_MODE SecurityMode);
695 NTSTATUS NTAPI LsaLogonUser(HANDLE LsaHandle,PLSA_STRING OriginName,SECURITY_LOGON_TYPE LogonType,ULONG AuthenticationPackage,PVOID AuthenticationInformation,ULONG AuthenticationInformationLength,PTOKEN_GROUPS LocalGroups,PTOKEN_SOURCE SourceContext,PVOID *ProfileBuffer,PULONG ProfileBufferLength,PLUID LogonId,PHANDLE Token,PQUOTA_LIMITS Quotas,PNTSTATUS SubStatus);
696 NTSTATUS NTAPI LsaLookupAuthenticationPackage(HANDLE LsaHandle,PLSA_STRING PackageName,PULONG AuthenticationPackage);
697 NTSTATUS NTAPI LsaFreeReturnBuffer (PVOID Buffer);
698 NTSTATUS NTAPI LsaCallAuthenticationPackage(HANDLE LsaHandle,ULONG AuthenticationPackage,PVOID ProtocolSubmitBuffer,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus);
699 NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE LsaHandle);
700 NTSTATUS NTAPI LsaConnectUntrusted(PHANDLE LsaHandle);
701 NTSTATUS NTAPI LsaInsertProtectedProcessAddress(PVOID BufferAddress,ULONG BufferSize);
702 NTSTATUS NTAPI LsaRemoveProtectedProcessAddress(PVOID BufferAddress,ULONG BufferSize);
703#endif
704
705#define POLICY_VIEW_LOCAL_INFORMATION __MSABI_LONG(0x00000001)
706#define POLICY_VIEW_AUDIT_INFORMATION __MSABI_LONG(0x00000002)
707#define POLICY_GET_PRIVATE_INFORMATION __MSABI_LONG(0x00000004)
708#define POLICY_TRUST_ADMIN __MSABI_LONG(0x00000008)
709#define POLICY_CREATE_ACCOUNT __MSABI_LONG(0x00000010)
710#define POLICY_CREATE_SECRET __MSABI_LONG(0x00000020)
711#define POLICY_CREATE_PRIVILEGE __MSABI_LONG(0x00000040)
712#define POLICY_SET_DEFAULT_QUOTA_LIMITS __MSABI_LONG(0x00000080)
713#define POLICY_SET_AUDIT_REQUIREMENTS __MSABI_LONG(0x00000100)
714#define POLICY_AUDIT_LOG_ADMIN __MSABI_LONG(0x00000200)
715#define POLICY_SERVER_ADMIN __MSABI_LONG(0x00000400)
716#define POLICY_LOOKUP_NAMES __MSABI_LONG(0x00000800)
717#define POLICY_NOTIFICATION __MSABI_LONG(0x00001000)
718
719#define POLICY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | POLICY_VIEW_LOCAL_INFORMATION | POLICY_VIEW_AUDIT_INFORMATION | POLICY_GET_PRIVATE_INFORMATION | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN | POLICY_LOOKUP_NAMES)
720#define POLICY_READ (STANDARD_RIGHTS_READ | POLICY_VIEW_AUDIT_INFORMATION | POLICY_GET_PRIVATE_INFORMATION)
721#define POLICY_WRITE (STANDARD_RIGHTS_WRITE | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN)
722#define POLICY_EXECUTE (STANDARD_RIGHTS_EXECUTE | POLICY_VIEW_LOCAL_INFORMATION | POLICY_LOOKUP_NAMES)
723
724 typedef struct _LSA_TRUST_INFORMATION {
725 LSA_UNICODE_STRING Name;
726 PSID Sid;
727 } LSA_TRUST_INFORMATION,*PLSA_TRUST_INFORMATION;
728
729 typedef struct _LSA_REFERENCED_DOMAIN_LIST {
730 ULONG Entries;
731 PLSA_TRUST_INFORMATION Domains;
732 } LSA_REFERENCED_DOMAIN_LIST,*PLSA_REFERENCED_DOMAIN_LIST;
733
734 typedef struct _LSA_TRANSLATED_SID {
735 SID_NAME_USE Use;
736 ULONG RelativeId;
737 LONG DomainIndex;
738 } LSA_TRANSLATED_SID,*PLSA_TRANSLATED_SID;
739
740 typedef struct _LSA_TRANSLATED_SID2 {
741 SID_NAME_USE Use;
742 PSID Sid;
743 LONG DomainIndex;
744 ULONG Flags;
745 } LSA_TRANSLATED_SID2,*PLSA_TRANSLATED_SID2;
746
747 typedef struct _LSA_TRANSLATED_NAME {
748 SID_NAME_USE Use;
749 LSA_UNICODE_STRING Name;
750 LONG DomainIndex;
751 } LSA_TRANSLATED_NAME,*PLSA_TRANSLATED_NAME;
752
753 typedef enum _POLICY_LSA_SERVER_ROLE {
754 PolicyServerRoleBackup = 2,PolicyServerRolePrimary
755 } POLICY_LSA_SERVER_ROLE,*PPOLICY_LSA_SERVER_ROLE;
756
757 typedef ULONG POLICY_AUDIT_EVENT_OPTIONS,*PPOLICY_AUDIT_EVENT_OPTIONS;
758
759 typedef enum _POLICY_INFORMATION_CLASS {
760 PolicyAuditLogInformation = 1,
761 PolicyAuditEventsInformation,
762 PolicyPrimaryDomainInformation,
763 PolicyPdAccountInformation,
764 PolicyAccountDomainInformation,
765 PolicyLsaServerRoleInformation,
766 PolicyReplicaSourceInformation,
767 PolicyDefaultQuotaInformation,
768 PolicyModificationInformation,
769 PolicyAuditFullSetInformation,
770 PolicyAuditFullQueryInformation,
771 PolicyDnsDomainInformation,
772 PolicyDnsDomainInformationInt,
773 PolicyLocalAccountDomainInformation,
774 PolicyMachineAccountInformation,
775 PolicyMachineAccountInformation2,
776 PolicyLastEntry
777 } POLICY_INFORMATION_CLASS, *PPOLICY_INFORMATION_CLASS;
778
779 typedef struct _POLICY_AUDIT_LOG_INFO {
780 ULONG AuditLogPercentFull;
781 ULONG MaximumLogSize;
782 LARGE_INTEGER AuditRetentionPeriod;
783 BOOLEAN AuditLogFullShutdownInProgress;
784 LARGE_INTEGER TimeToShutdown;
785 ULONG NextAuditRecordId;
786 } POLICY_AUDIT_LOG_INFO,*PPOLICY_AUDIT_LOG_INFO;
787
788 typedef struct _POLICY_AUDIT_EVENTS_INFO {
789 BOOLEAN AuditingMode;
790 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions;
791 ULONG MaximumAuditEventCount;
792 } POLICY_AUDIT_EVENTS_INFO,*PPOLICY_AUDIT_EVENTS_INFO;
793
794 typedef struct _POLICY_AUDIT_SUBCATEGORIES_INFO {
795 ULONG MaximumSubCategoryCount;
796 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions;
797 } POLICY_AUDIT_SUBCATEGORIES_INFO, *PPOLICY_AUDIT_SUBCATEGORIES_INFO;
798
799 typedef struct _POLICY_AUDIT_CATEGORIES_INFO {
800 ULONG MaximumCategoryCount;
801 PPOLICY_AUDIT_SUBCATEGORIES_INFO SubCategoriesInfo;
802 } POLICY_AUDIT_CATEGORIES_INFO, *PPOLICY_AUDIT_CATEGORIES_INFO;
803
804 typedef struct _POLICY_ACCOUNT_DOMAIN_INFO {
805 LSA_UNICODE_STRING DomainName;
806 PSID DomainSid;
807 } POLICY_ACCOUNT_DOMAIN_INFO,*PPOLICY_ACCOUNT_DOMAIN_INFO;
808
809 typedef struct _POLICY_PRIMARY_DOMAIN_INFO {
810 LSA_UNICODE_STRING Name;
811 PSID Sid;
812 } POLICY_PRIMARY_DOMAIN_INFO,*PPOLICY_PRIMARY_DOMAIN_INFO;
813
814 typedef struct _POLICY_DNS_DOMAIN_INFO {
815 LSA_UNICODE_STRING Name;
816 LSA_UNICODE_STRING DnsDomainName;
817 LSA_UNICODE_STRING DnsForestName;
818 GUID DomainGuid;
819 PSID Sid;
820 } POLICY_DNS_DOMAIN_INFO,*PPOLICY_DNS_DOMAIN_INFO;
821
822 typedef struct _POLICY_PD_ACCOUNT_INFO {
823 LSA_UNICODE_STRING Name;
824 } POLICY_PD_ACCOUNT_INFO,*PPOLICY_PD_ACCOUNT_INFO;
825
826 typedef struct _POLICY_LSA_SERVER_ROLE_INFO {
827 POLICY_LSA_SERVER_ROLE LsaServerRole;
828 } POLICY_LSA_SERVER_ROLE_INFO,*PPOLICY_LSA_SERVER_ROLE_INFO;
829
830 typedef struct _POLICY_REPLICA_SOURCE_INFO {
831 LSA_UNICODE_STRING ReplicaSource;
832 LSA_UNICODE_STRING ReplicaAccountName;
833 } POLICY_REPLICA_SOURCE_INFO,*PPOLICY_REPLICA_SOURCE_INFO;
834
835 typedef struct _POLICY_DEFAULT_QUOTA_INFO {
836 QUOTA_LIMITS QuotaLimits;
837 } POLICY_DEFAULT_QUOTA_INFO,*PPOLICY_DEFAULT_QUOTA_INFO;
838
839 typedef struct _POLICY_MODIFICATION_INFO {
840 LARGE_INTEGER ModifiedId;
841 LARGE_INTEGER DatabaseCreationTime;
842 } POLICY_MODIFICATION_INFO,*PPOLICY_MODIFICATION_INFO;
843
844 typedef struct _POLICY_AUDIT_FULL_SET_INFO {
845 BOOLEAN ShutDownOnFull;
846 } POLICY_AUDIT_FULL_SET_INFO,*PPOLICY_AUDIT_FULL_SET_INFO;
847
848 typedef struct _POLICY_AUDIT_FULL_QUERY_INFO {
849 BOOLEAN ShutDownOnFull;
850 BOOLEAN LogIsFull;
851 } POLICY_AUDIT_FULL_QUERY_INFO,*PPOLICY_AUDIT_FULL_QUERY_INFO;
852
853 typedef enum _POLICY_DOMAIN_INFORMATION_CLASS {
854#if _WIN32_WINNT <= 0x0500
855 PolicyDomainQualityOfServiceInformation = 1,
856#endif
857 PolicyDomainEfsInformation = 2
858 ,PolicyDomainKerberosTicketInformation
859 } POLICY_DOMAIN_INFORMATION_CLASS, *PPOLICY_DOMAIN_INFORMATION_CLASS;
860
861 typedef struct _POLICY_DOMAIN_EFS_INFO {
862 ULONG InfoLength;
863 PUCHAR EfsBlob;
864 } POLICY_DOMAIN_EFS_INFO,*PPOLICY_DOMAIN_EFS_INFO;
865
866#define POLICY_KERBEROS_VALIDATE_CLIENT 0x00000080
867
868 typedef struct _POLICY_DOMAIN_KERBEROS_TICKET_INFO {
869 ULONG AuthenticationOptions;
870 LARGE_INTEGER MaxServiceTicketAge;
871 LARGE_INTEGER MaxTicketAge;
872 LARGE_INTEGER MaxRenewAge;
873 LARGE_INTEGER MaxClockSkew;
874 LARGE_INTEGER Reserved;
875 } POLICY_DOMAIN_KERBEROS_TICKET_INFO,*PPOLICY_DOMAIN_KERBEROS_TICKET_INFO;
876
877 typedef struct _POLICY_MACHINE_ACCT_INFO {
878 ULONG Rid;
879 PSID Sid;
880 } POLICY_MACHINE_ACCT_INFO, *PPOLICY_MACHINE_ACCT_INFO;
881
882 typedef struct _POLICY_MACHINE_ACCT_INFO2 {
883 ULONG Rid;
884 PSID Sid;
885 GUID ObjectGuid;
886 } POLICY_MACHINE_ACCT_INFO2, *PPOLICY_MACHINE_ACCT_INFO2;
887
888 typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS {
889 PolicyNotifyAuditEventsInformation = 1,
890 PolicyNotifyAccountDomainInformation,
891 PolicyNotifyServerRoleInformation,
892 PolicyNotifyDnsDomainInformation,
893 PolicyNotifyDomainEfsInformation,
894 PolicyNotifyDomainKerberosTicketInformation,
895 PolicyNotifyMachineAccountPasswordInformation,
896 PolicyNotifyGlobalSaclInformation,
897 PolicyNotifyMax
898 } POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS;
899
900 typedef PVOID LSA_HANDLE,*PLSA_HANDLE;
901
902#define LSAD_AES_CRYPT_SHA512_HASH_SIZE 64
903#define LSAD_AES_KEY_SIZE 16
904#define LSAD_AES_SALT_SIZE 16
905#define LSAD_AES_BLOCK_SIZE 16
906
907 typedef enum _TRUSTED_INFORMATION_CLASS {
908 TrustedDomainNameInformation = 1,
909 TrustedControllersInformation,
910 TrustedPosixOffsetInformation,
911 TrustedPasswordInformation,
912 TrustedDomainInformationBasic,
913 TrustedDomainInformationEx,
914 TrustedDomainAuthInformation,
915 TrustedDomainFullInformation,
916 TrustedDomainAuthInformationInternal,
917 TrustedDomainFullInformationInternal,
918 TrustedDomainInformationEx2Internal,
919 TrustedDomainFullInformation2Internal,
920 TrustedDomainSupportedEncryptionTypes,
921 TrustedDomainAuthInformationInternalAes,
922 TrustedDomainFullInformationInternalAes
923 } TRUSTED_INFORMATION_CLASS,*PTRUSTED_INFORMATION_CLASS;
924
925 typedef struct _TRUSTED_DOMAIN_NAME_INFO {
926 LSA_UNICODE_STRING Name;
927 } TRUSTED_DOMAIN_NAME_INFO,*PTRUSTED_DOMAIN_NAME_INFO;
928
929 typedef struct _TRUSTED_CONTROLLERS_INFO {
930 ULONG Entries;
931 PLSA_UNICODE_STRING Names;
932 } TRUSTED_CONTROLLERS_INFO,*PTRUSTED_CONTROLLERS_INFO;
933
934 typedef struct _TRUSTED_POSIX_OFFSET_INFO {
935 ULONG Offset;
936 } TRUSTED_POSIX_OFFSET_INFO,*PTRUSTED_POSIX_OFFSET_INFO;
937
938 typedef struct _TRUSTED_PASSWORD_INFO {
939 LSA_UNICODE_STRING Password;
940 LSA_UNICODE_STRING OldPassword;
941 } TRUSTED_PASSWORD_INFO,*PTRUSTED_PASSWORD_INFO;
942
943 typedef LSA_TRUST_INFORMATION TRUSTED_DOMAIN_INFORMATION_BASIC;
944 typedef PLSA_TRUST_INFORMATION PTRUSTED_DOMAIN_INFORMATION_BASIC;
945
946#define TRUST_DIRECTION_DISABLED 0x00000000
947#define TRUST_DIRECTION_INBOUND 0x00000001
948#define TRUST_DIRECTION_OUTBOUND 0x00000002
949#define TRUST_DIRECTION_BIDIRECTIONAL (TRUST_DIRECTION_INBOUND | TRUST_DIRECTION_OUTBOUND)
950
951#define TRUST_TYPE_DOWNLEVEL 0x00000001
952#define TRUST_TYPE_UPLEVEL 0x00000002
953#define TRUST_TYPE_MIT 0x00000003
954#define TRUST_TYPE_AAD 0x00000005
955
956#define TRUST_ATTRIBUTE_NON_TRANSITIVE 0x00000001
957#define TRUST_ATTRIBUTE_UPLEVEL_ONLY 0x00000002
958#define TRUST_ATTRIBUTE_QUARANTINED_DOMAIN 0x00000004
959#define TRUST_ATTRIBUTE_FOREST_TRANSITIVE 0x00000008
960#define TRUST_ATTRIBUTE_CROSS_ORGANIZATION 0x00000010
961#define TRUST_ATTRIBUTE_WITHIN_FOREST 0x00000020
962#define TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL 0x00000040
963
964#if _WIN32_WINNT >= 0x0600
965#define TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION 0x00000080
966#define TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS 0x00000100
967#endif
968
969#if _WIN32_WINNT >= 0x0602
970#define TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION 0x00000200
971#define TRUST_ATTRIBUTE_PIM_TRUST 0x00000400
972#endif
973
974#if _WIN32_WINNT >= 0x0603
975#define TRUST_ATTRIBUTE_CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION 0x00000800
976#endif
977
978#define TRUST_ATTRIBUTES_VALID 0xFF03FFFF
979#define TRUST_ATTRIBUTES_USER 0xFF000000
980
981 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX {
982 LSA_UNICODE_STRING Name;
983 LSA_UNICODE_STRING FlatName;
984 PSID Sid;
985 ULONG TrustDirection;
986 ULONG TrustType;
987 ULONG TrustAttributes;
988 } TRUSTED_DOMAIN_INFORMATION_EX,*PTRUSTED_DOMAIN_INFORMATION_EX;
989
990 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX2 {
991 LSA_UNICODE_STRING Name;
992 LSA_UNICODE_STRING FlatName;
993 PSID Sid;
994 ULONG TrustDirection;
995 ULONG TrustType;
996 ULONG TrustAttributes;
997 ULONG ForestTrustLength;
998 PUCHAR ForestTrustInfo;
999 } TRUSTED_DOMAIN_INFORMATION_EX2,*PTRUSTED_DOMAIN_INFORMATION_EX2;
1000
1001#define TRUST_AUTH_TYPE_NONE 0
1002#define TRUST_AUTH_TYPE_NT4OWF 1
1003#define TRUST_AUTH_TYPE_CLEAR 2
1004#define TRUST_AUTH_TYPE_VERSION 3
1005
1006 typedef struct _LSA_AUTH_INFORMATION {
1007 LARGE_INTEGER LastUpdateTime;
1008 ULONG AuthType;
1009 ULONG AuthInfoLength;
1010 PUCHAR AuthInfo;
1011 } LSA_AUTH_INFORMATION,*PLSA_AUTH_INFORMATION;
1012
1013 typedef struct _TRUSTED_DOMAIN_AUTH_INFORMATION {
1014 ULONG IncomingAuthInfos;
1015 PLSA_AUTH_INFORMATION IncomingAuthenticationInformation;
1016 PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation;
1017 ULONG OutgoingAuthInfos;
1018 PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation;
1019 PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation;
1020 } TRUSTED_DOMAIN_AUTH_INFORMATION,*PTRUSTED_DOMAIN_AUTH_INFORMATION;
1021
1022 typedef struct _TRUSTED_DOMAIN_FULL_INFORMATION {
1023 TRUSTED_DOMAIN_INFORMATION_EX Information;
1024 TRUSTED_POSIX_OFFSET_INFO PosixOffset;
1025 TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation;
1026 } TRUSTED_DOMAIN_FULL_INFORMATION,*PTRUSTED_DOMAIN_FULL_INFORMATION;
1027
1028 typedef struct _TRUSTED_DOMAIN_FULL_INFORMATION2 {
1029 TRUSTED_DOMAIN_INFORMATION_EX2 Information;
1030 TRUSTED_POSIX_OFFSET_INFO PosixOffset;
1031 TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation;
1032 } TRUSTED_DOMAIN_FULL_INFORMATION2,*PTRUSTED_DOMAIN_FULL_INFORMATION2;
1033
1034 typedef struct _TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES {
1035 ULONG SupportedEncryptionTypes;
1036 } TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES,*PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES;
1037
1038 typedef enum {
1039 ForestTrustTopLevelName,
1040 ForestTrustTopLevelNameEx,
1041 ForestTrustDomainInfo,
1042 ForestTrustBinaryInfo,
1043 ForestTrustScannerInfo,
1044 ForestTrustRecordTypeLast = ForestTrustScannerInfo
1045 } LSA_FOREST_TRUST_RECORD_TYPE;
1046
1047#define LSA_FTRECORD_DISABLED_REASONS (__MSABI_LONG(0x0000FFFF))
1048
1049#define LSA_TLN_DISABLED_NEW (__MSABI_LONG(0x00000001))
1050#define LSA_TLN_DISABLED_ADMIN (__MSABI_LONG(0x00000002))
1051#define LSA_TLN_DISABLED_CONFLICT (__MSABI_LONG(0x00000004))
1052
1053#define LSA_SID_DISABLED_ADMIN (__MSABI_LONG(0x00000001))
1054#define LSA_SID_DISABLED_CONFLICT (__MSABI_LONG(0x00000002))
1055#define LSA_NB_DISABLED_ADMIN (__MSABI_LONG(0x00000004))
1056#define LSA_NB_DISABLED_CONFLICT (__MSABI_LONG(0x00000008))
1057
1058#define LSA_SCANNER_INFO_DISABLE_AUTH_TARGET_VALIDATION (__MSABI_LONG(0x00000001))
1059#define LSA_SCANNER_INFO_ADMIN_ALL_FLAGS (LSA_SCANNER_INFO_DISABLE_AUTH_TARGET_VALIDATION)
1060
1061 typedef struct _LSA_FOREST_TRUST_DOMAIN_INFO {
1062 PSID Sid;
1063 LSA_UNICODE_STRING DnsName;
1064 LSA_UNICODE_STRING NetbiosName;
1065 } LSA_FOREST_TRUST_DOMAIN_INFO,*PLSA_FOREST_TRUST_DOMAIN_INFO;
1066
1067 typedef struct _LSA_FOREST_TRUST_SCANNER_INFO {
1068#ifdef __WIDL__
1069 [unique] PISID DomainSid;
1070#else
1071 PSID DomainSid;
1072#endif
1073 LSA_UNICODE_STRING DnsName;
1074 LSA_UNICODE_STRING NetbiosName;
1075 } LSA_FOREST_TRUST_SCANNER_INFO,*PLSA_FOREST_TRUST_SCANNER_INFO;
1076
1077#define MAX_FOREST_TRUST_BINARY_DATA_SIZE (128*1024)
1078
1079 typedef struct _LSA_FOREST_TRUST_BINARY_DATA {
1080 ULONG Length;
1081 PUCHAR Buffer;
1082 } LSA_FOREST_TRUST_BINARY_DATA,*PLSA_FOREST_TRUST_BINARY_DATA;
1083
1084 typedef struct _LSA_FOREST_TRUST_RECORD {
1085 ULONG Flags;
1086 LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType;
1087 LARGE_INTEGER Time;
1088 union {
1089 LSA_UNICODE_STRING TopLevelName;
1090 LSA_FOREST_TRUST_DOMAIN_INFO DomainInfo;
1091 LSA_FOREST_TRUST_BINARY_DATA Data;
1092 } ForestTrustData;
1093 } LSA_FOREST_TRUST_RECORD,*PLSA_FOREST_TRUST_RECORD;
1094
1095 typedef struct _LSA_FOREST_TRUST_RECORD2 {
1096 ULONG Flags;
1097 LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType;
1098 LARGE_INTEGER Time;
1099#ifdef __WIDL__
1100 [switch_type(LSA_FOREST_TRUST_RECORD_TYPE), switch_is(ForestTrustType)]
1101#endif
1102 union {
1103#ifdef __WIDL__
1104 [case(ForestTrustTopLevelName, ForestTrustTopLevelNameEx)] LSA_UNICODE_STRING TopLevelName;
1105 [case(ForestTrustDomainInfo)] LSA_FOREST_TRUST_DOMAIN_INFO DomainInfo;
1106 [case(ForestTrustBinaryInfo)] LSA_FOREST_TRUST_BINARY_DATA BinaryData;
1107 [case(ForestTrustScannerInfo)] LSA_FOREST_TRUST_SCANNER_INFO ScannerInfo;
1108#else
1109 LSA_UNICODE_STRING TopLevelName;
1110 LSA_FOREST_TRUST_DOMAIN_INFO DomainInfo;
1111 LSA_FOREST_TRUST_BINARY_DATA BinaryData;
1112 LSA_FOREST_TRUST_SCANNER_INFO ScannerInfo;
1113#endif
1114 } ForestTrustData;
1115 } LSA_FOREST_TRUST_RECORD2,*PLSA_FOREST_TRUST_RECORD2;
1116
1117#define MAX_RECORDS_IN_FOREST_TRUST_INFO 4000
1118
1119 typedef struct _LSA_FOREST_TRUST_INFORMATION {
1120 ULONG RecordCount;
1121 PLSA_FOREST_TRUST_RECORD *Entries;
1122 } LSA_FOREST_TRUST_INFORMATION,*PLSA_FOREST_TRUST_INFORMATION;
1123
1124 typedef struct _LSA_FOREST_TRUST_INFORMATION2 {
1125#ifdef __WIDL__
1126 [range(0, MAX_RECORDS_IN_FOREST_TRUST_INFO)] ULONG RecordCount;
1127 [size_is(RecordCount)] PLSA_FOREST_TRUST_RECORD2 *Entries;
1128#else
1129 ULONG RecordCount;
1130 PLSA_FOREST_TRUST_RECORD2 *Entries;
1131#endif
1132 } LSA_FOREST_TRUST_INFORMATION2,*PLSA_FOREST_TRUST_INFORMATION2;
1133
1134 typedef enum {
1135 CollisionTdo,CollisionXref,CollisionOther
1136 } LSA_FOREST_TRUST_COLLISION_RECORD_TYPE;
1137
1138 typedef struct _LSA_FOREST_TRUST_COLLISION_RECORD {
1139 ULONG Index;
1140 LSA_FOREST_TRUST_COLLISION_RECORD_TYPE Type;
1141 ULONG Flags;
1142 LSA_UNICODE_STRING Name;
1143 } LSA_FOREST_TRUST_COLLISION_RECORD,*PLSA_FOREST_TRUST_COLLISION_RECORD;
1144
1145 typedef struct _LSA_FOREST_TRUST_COLLISION_INFORMATION {
1146 ULONG RecordCount;
1147 PLSA_FOREST_TRUST_COLLISION_RECORD *Entries;
1148 } LSA_FOREST_TRUST_COLLISION_INFORMATION,*PLSA_FOREST_TRUST_COLLISION_INFORMATION;
1149
1150 typedef ULONG LSA_ENUMERATION_HANDLE,*PLSA_ENUMERATION_HANDLE;
1151
1152 typedef struct _LSA_ENUMERATION_INFORMATION {
1153 PSID Sid;
1154 } LSA_ENUMERATION_INFORMATION,*PLSA_ENUMERATION_INFORMATION;
1155
1156 NTSTATUS NTAPI LsaFreeMemory(PVOID Buffer);
1157 NTSTATUS NTAPI LsaClose(LSA_HANDLE ObjectHandle);
1158
1159 #if (_WIN32_WINNT >= 0x0600)
1160 typedef struct _LSA_LAST_INTER_LOGON_INFO {
1161 LARGE_INTEGER LastSuccessfulLogon;
1162 LARGE_INTEGER LastFailedLogon;
1163 ULONG FailedAttemptCountSinceLastSuccessfulLogon;
1164 } LSA_LAST_INTER_LOGON_INFO,*PLSA_LAST_INTER_LOGON_INFO;
1165 #endif
1166
1167 typedef struct _SECURITY_LOGON_SESSION_DATA {
1168 ULONG Size;
1169 LUID LogonId;
1170 LSA_UNICODE_STRING UserName;
1171 LSA_UNICODE_STRING LogonDomain;
1172 LSA_UNICODE_STRING AuthenticationPackage;
1173 ULONG LogonType;
1174 ULONG Session;
1175 PSID Sid;
1176 LARGE_INTEGER LogonTime;
1177 LSA_UNICODE_STRING LogonServer;
1178 LSA_UNICODE_STRING DnsDomainName;
1179 LSA_UNICODE_STRING Upn;
1180 #if (_WIN32_WINNT >= 0x0600)
1181 ULONG UserFlags;
1182 LSA_LAST_INTER_LOGON_INFO LastLogonInfo;
1183 LSA_UNICODE_STRING LogonScript;
1184 LSA_UNICODE_STRING ProfilePath;
1185 LSA_UNICODE_STRING HomeDirectory;
1186 LSA_UNICODE_STRING HomeDirectoryDrive;
1187 LARGE_INTEGER LogoffTime;
1188 LARGE_INTEGER KickOffTime;
1189 LARGE_INTEGER PasswordLastSet;
1190 LARGE_INTEGER PasswordCanChange;
1191 LARGE_INTEGER PasswordMustChange;
1192 #endif
1193 } SECURITY_LOGON_SESSION_DATA,*PSECURITY_LOGON_SESSION_DATA;
1194
1195 NTSTATUS NTAPI LsaEnumerateLogonSessions(PULONG LogonSessionCount,PLUID *LogonSessionList);
1196 NTSTATUS NTAPI LsaGetLogonSessionData(PLUID LogonId,PSECURITY_LOGON_SESSION_DATA *ppLogonSessionData);
1197 NTSTATUS NTAPI LsaOpenPolicy(PLSA_UNICODE_STRING SystemName,PLSA_OBJECT_ATTRIBUTES ObjectAttributes,ACCESS_MASK DesiredAccess,PLSA_HANDLE PolicyHandle);
1198 NTSTATUS NTAPI LsaQueryInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_INFORMATION_CLASS InformationClass,PVOID *Buffer);
1199 NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_INFORMATION_CLASS InformationClass,PVOID Buffer);
1200 NTSTATUS NTAPI LsaQueryDomainInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_DOMAIN_INFORMATION_CLASS InformationClass,PVOID *Buffer);
1201 NTSTATUS NTAPI LsaSetDomainInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_DOMAIN_INFORMATION_CLASS InformationClass,PVOID Buffer);
1202 NTSTATUS NTAPI LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,HANDLE NotificationEventHandle);
1203 NTSTATUS NTAPI LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,HANDLE NotificationEventHandle);
1204 NTSTATUS NTAPI LsaEnumerateTrustedDomains(LSA_HANDLE PolicyHandle,PLSA_ENUMERATION_HANDLE EnumerationContext,PVOID *Buffer,ULONG PreferedMaximumLength,PULONG CountReturned);
1205 NTSTATUS NTAPI LsaLookupNames(LSA_HANDLE PolicyHandle,ULONG Count,PLSA_UNICODE_STRING Names,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_SID *Sids);
1206 NTSTATUS NTAPI LsaLookupNames2(LSA_HANDLE PolicyHandle,ULONG Flags,ULONG Count,PLSA_UNICODE_STRING Names,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_SID2 *Sids);
1207 NTSTATUS NTAPI LsaLookupSids(LSA_HANDLE PolicyHandle,ULONG Count,PSID *Sids,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_NAME *Names);
1208 NTSTATUS NTAPI LsaLookupSids2(LSA_HANDLE PolicyHandle,ULONG LookupOptions,ULONG Count,PSID *Sids,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_NAME *Names);
1209 NTSTATUS NTAPI LsaSetCAPs(PLSA_UNICODE_STRING CAPDNs,ULONG CAPDNCount,ULONG Flags);
1210 NTSTATUS NTAPI LsaGetAppliedCAPIDs(PLSA_UNICODE_STRING SystemName,PSID **CAPIDs,PULONG CAPIDCount);
1211
1212 #define MAXIMUM_CAPES_PER_CAP 0x7f
1213
1214 #define CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG 0x00000001
1215 #define CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG 0x00000100
1216 #define CENTRAL_ACCESS_POLICY_STAGED_FLAG 0x00010000
1217 #define STAGING_FLAG(Effective) ((Effective & 0xf) << 8)
1218
1219 #define CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK (CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG | \
1220 CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG | \
1221 CENTRAL_ACCESS_POLICY_STAGED_FLAG)
1222
1223 #define LSASETCAPS_RELOAD_FLAG 0x00000001
1224 #define LSASETCAPS_VALID_FLAG_MASK LSASETCAPS_RELOAD_FLAG
1225
1226 typedef struct _CENTRAL_ACCESS_POLICY_ENTRY {
1227 LSA_UNICODE_STRING Name;
1228 LSA_UNICODE_STRING Description;
1229 LSA_UNICODE_STRING ChangeId;
1230 ULONG LengthAppliesTo;
1231 PUCHAR AppliesTo;
1232 ULONG LengthSD;
1233 PSECURITY_DESCRIPTOR SD;
1234 ULONG LengthStagedSD;
1235 PSECURITY_DESCRIPTOR StagedSD;
1236 ULONG Flags;
1237 } CENTRAL_ACCESS_POLICY_ENTRY, *PCENTRAL_ACCESS_POLICY_ENTRY;
1238
1239 typedef const CENTRAL_ACCESS_POLICY_ENTRY *PCCENTRAL_ACCESS_POLICY_ENTRY;
1240
1241 typedef struct _CENTRAL_ACCESS_POLICY {
1242 PSID CAPID;
1243 LSA_UNICODE_STRING Name;
1244 LSA_UNICODE_STRING Description;
1245 LSA_UNICODE_STRING ChangeId;
1246 ULONG Flags;
1247 ULONG CAPECount;
1248 PCENTRAL_ACCESS_POLICY_ENTRY *CAPEs;
1249 } CENTRAL_ACCESS_POLICY, *PCENTRAL_ACCESS_POLICY;
1250
1251 typedef const CENTRAL_ACCESS_POLICY *PCCENTRAL_ACCESS_POLICY;
1252
1253 NTSTATUS NTAPI LsaQueryCAPs(PSID *CAPIDs,ULONG CAPIDCount,PCENTRAL_ACCESS_POLICY *CAPs,PULONG CAPCount);
1254
1255#define SE_INTERACTIVE_LOGON_NAME TEXT("SeInteractiveLogonRight")
1256#define SE_NETWORK_LOGON_NAME TEXT("SeNetworkLogonRight")
1257#define SE_BATCH_LOGON_NAME TEXT("SeBatchLogonRight")
1258#define SE_SERVICE_LOGON_NAME TEXT("SeServiceLogonRight")
1259#define SE_DENY_INTERACTIVE_LOGON_NAME TEXT("SeDenyInteractiveLogonRight")
1260#define SE_DENY_NETWORK_LOGON_NAME TEXT("SeDenyNetworkLogonRight")
1261#define SE_DENY_BATCH_LOGON_NAME TEXT("SeDenyBatchLogonRight")
1262#define SE_DENY_SERVICE_LOGON_NAME TEXT("SeDenyServiceLogonRight")
1263#define SE_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeRemoteInteractiveLogonRight")
1264#define SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeDenyRemoteInteractiveLogonRight")
1265
1266 NTSTATUS NTAPI LsaEnumerateAccountsWithUserRight(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING UserRight,PVOID *Buffer,PULONG CountReturned);
1267 NTSTATUS NTAPI LsaEnumerateAccountRights(LSA_HANDLE PolicyHandle,PSID AccountSid,PLSA_UNICODE_STRING *UserRights,PULONG CountOfRights);
1268 NTSTATUS NTAPI LsaAddAccountRights(LSA_HANDLE PolicyHandle,PSID AccountSid,PLSA_UNICODE_STRING UserRights,ULONG CountOfRights);
1269 NTSTATUS NTAPI LsaRemoveAccountRights(LSA_HANDLE PolicyHandle,PSID AccountSid,BOOLEAN AllRights,PLSA_UNICODE_STRING UserRights,ULONG CountOfRights);
1270 NTSTATUS NTAPI LsaOpenTrustedDomainByName(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,ACCESS_MASK DesiredAccess,PLSA_HANDLE TrustedDomainHandle);
1271 NTSTATUS NTAPI LsaQueryTrustedDomainInfo(LSA_HANDLE PolicyHandle,PSID TrustedDomainSid,TRUSTED_INFORMATION_CLASS InformationClass,PVOID *Buffer);
1272 NTSTATUS NTAPI LsaSetTrustedDomainInformation(LSA_HANDLE PolicyHandle,PSID TrustedDomainSid,TRUSTED_INFORMATION_CLASS InformationClass,PVOID Buffer);
1273 NTSTATUS NTAPI LsaDeleteTrustedDomain(LSA_HANDLE PolicyHandle,PSID TrustedDomainSid);
1274 NTSTATUS NTAPI LsaQueryTrustedDomainInfoByName(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,TRUSTED_INFORMATION_CLASS InformationClass,PVOID *Buffer);
1275 NTSTATUS NTAPI LsaSetTrustedDomainInfoByName(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,TRUSTED_INFORMATION_CLASS InformationClass,PVOID Buffer);
1276 NTSTATUS NTAPI LsaEnumerateTrustedDomainsEx(LSA_HANDLE PolicyHandle,PLSA_ENUMERATION_HANDLE EnumerationContext,PVOID *Buffer,ULONG PreferedMaximumLength,PULONG CountReturned);
1277 NTSTATUS NTAPI LsaCreateTrustedDomainEx(LSA_HANDLE PolicyHandle,PTRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,PTRUSTED_DOMAIN_AUTH_INFORMATION AuthenticationInformation,ACCESS_MASK DesiredAccess,PLSA_HANDLE TrustedDomainHandle);
1278 NTSTATUS NTAPI LsaQueryForestTrustInformation(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,PLSA_FOREST_TRUST_INFORMATION *ForestTrustInfo);
1279 NTSTATUS NTAPI LsaSetForestTrustInformation(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo,BOOLEAN CheckOnly,PLSA_FOREST_TRUST_COLLISION_INFORMATION *CollisionInfo);
1280
1281#ifdef TESTING_MATCHING_ROUTINE
1282 NTSTATUS NTAPI LsaForestTrustFindMatch(LSA_HANDLE PolicyHandle,ULONG Type,PLSA_UNICODE_STRING Name,PLSA_UNICODE_STRING *Match);
1283#endif
1284
1285 NTSTATUS NTAPI LsaStorePrivateData(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING KeyName,PLSA_UNICODE_STRING PrivateData);
1286 NTSTATUS NTAPI LsaRetrievePrivateData(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING KeyName,PLSA_UNICODE_STRING *PrivateData);
1287 ULONG NTAPI LsaNtStatusToWinError(NTSTATUS Status);
1288 NTSTATUS NTAPI LsaQueryForestTrustInformation2(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,PLSA_FOREST_TRUST_INFORMATION2 *ForestTrustInfo);
1289 NTSTATUS NTAPI LsaSetForestTrustInformation2(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,LSA_FOREST_TRUST_RECORD_TYPE HighestRecordType,PLSA_FOREST_TRUST_INFORMATION2 ForestTrustInfo,BOOLEAN CheckOnly,PLSA_FOREST_TRUST_COLLISION_INFORMATION *CollisionInfo);
1290
1291#ifndef _NTLSA_IFS_
1292#define _NTLSA_IFS_
1293#endif
1294
1295 enum NEGOTIATE_MESSAGES {
1296 NegEnumPackagePrefixes = 0,
1297 NegGetCallerName = 1,
1298 NegTransferCredentials = 2,
1299 NegMsgReserved1 = 3,
1300 NegCallPackageMax
1301 };
1302
1303#define NEGOTIATE_MAX_PREFIX 32
1304
1305 typedef struct _NEGOTIATE_PACKAGE_PREFIX {
1306 ULONG_PTR PackageId;
1307 PVOID PackageDataA;
1308 PVOID PackageDataW;
1309 ULONG_PTR PrefixLen;
1310 UCHAR Prefix[NEGOTIATE_MAX_PREFIX ];
1311 } NEGOTIATE_PACKAGE_PREFIX,*PNEGOTIATE_PACKAGE_PREFIX;
1312
1313 typedef struct _NEGOTIATE_PACKAGE_PREFIXES {
1314 ULONG MessageType;
1315 ULONG PrefixCount;
1316 ULONG Offset;
1317 ULONG Pad;
1318 } NEGOTIATE_PACKAGE_PREFIXES,*PNEGOTIATE_PACKAGE_PREFIXES;
1319
1320 typedef struct _NEGOTIATE_CALLER_NAME_REQUEST {
1321 ULONG MessageType;
1322 LUID LogonId;
1323 } NEGOTIATE_CALLER_NAME_REQUEST,*PNEGOTIATE_CALLER_NAME_REQUEST;
1324
1325 typedef struct _NEGOTIATE_CALLER_NAME_RESPONSE {
1326 ULONG MessageType;
1327 PWSTR CallerName;
1328 } NEGOTIATE_CALLER_NAME_RESPONSE,*PNEGOTIATE_CALLER_NAME_RESPONSE;
1329
1330#ifndef _NTDEF_
1331#ifndef __UNICODE_STRING_DEFINED
1332#define __UNICODE_STRING_DEFINED
1333 typedef LSA_UNICODE_STRING UNICODE_STRING,*PUNICODE_STRING;
1334#endif
1335#ifndef __STRING_DEFINED
1336#define __STRING_DEFINED
1337 typedef LSA_STRING STRING,*PSTRING;
1338#endif
1339#endif
1340
1341#ifndef _DOMAIN_PASSWORD_INFORMATION_DEFINED
1342#define _DOMAIN_PASSWORD_INFORMATION_DEFINED
1343 typedef struct _DOMAIN_PASSWORD_INFORMATION {
1344 USHORT MinPasswordLength;
1345 USHORT PasswordHistoryLength;
1346 ULONG PasswordProperties;
1347 LARGE_INTEGER MaxPasswordAge;
1348 LARGE_INTEGER MinPasswordAge;
1349 } DOMAIN_PASSWORD_INFORMATION,*PDOMAIN_PASSWORD_INFORMATION;
1350#endif
1351
1352#define DOMAIN_PASSWORD_COMPLEX __MSABI_LONG(0x00000001)
1353#define DOMAIN_PASSWORD_NO_ANON_CHANGE __MSABI_LONG(0x00000002)
1354#define DOMAIN_PASSWORD_NO_CLEAR_CHANGE __MSABI_LONG(0x00000004)
1355#define DOMAIN_LOCKOUT_ADMINS __MSABI_LONG(0x00000008)
1356#define DOMAIN_PASSWORD_STORE_CLEARTEXT __MSABI_LONG(0x00000010)
1357#define DOMAIN_REFUSE_PASSWORD_CHANGE __MSABI_LONG(0x00000020)
1358
1359#if _WIN32_WINNT >= 0x0502
1360#define DOMAIN_NO_LM_OWF_CHANGE __MSABI_LONG(0x00000040)
1361#endif
1362
1363#ifndef _PASSWORD_NOTIFICATION_DEFINED
1364#define _PASSWORD_NOTIFICATION_DEFINED
1365 typedef NTSTATUS (*PSAM_PASSWORD_NOTIFICATION_ROUTINE)(PUNICODE_STRING UserName,ULONG RelativeId,PUNICODE_STRING NewPassword);
1366
1367#define SAM_PASSWORD_CHANGE_NOTIFY_ROUTINE "PasswordChangeNotify"
1368
1369 typedef BOOLEAN (*PSAM_INIT_NOTIFICATION_ROUTINE)();
1370
1371#define SAM_INIT_NOTIFICATION_ROUTINE "InitializeChangeNotify"
1372#define SAM_PASSWORD_FILTER_ROUTINE "PasswordFilter"
1373
1374 typedef BOOLEAN (*PSAM_PASSWORD_FILTER_ROUTINE)(PUNICODE_STRING AccountName,PUNICODE_STRING FullName,PUNICODE_STRING Password,BOOLEAN SetOperation);
1375#endif
1376
1377#define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
1378#define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
1379#define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
1380
1381#define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
1382#define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
1383
1384 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
1385 MsV1_0InteractiveLogon = 2,
1386 MsV1_0Lm20Logon,
1387 MsV1_0NetworkLogon,
1388 MsV1_0SubAuthLogon,
1389 MsV1_0WorkstationUnlockLogon = 7,
1390 MsV1_0S4ULogon = 12,
1391 MsV1_0VirtualLogon = 82,
1392 MsV1_0NoElevationLogon,
1393 MsV1_0LuidLogon
1394 } MSV1_0_LOGON_SUBMIT_TYPE,*PMSV1_0_LOGON_SUBMIT_TYPE;
1395
1396 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
1397 MsV1_0InteractiveProfile = 2,MsV1_0Lm20LogonProfile,MsV1_0SmartCardProfile
1398 } MSV1_0_PROFILE_BUFFER_TYPE,*PMSV1_0_PROFILE_BUFFER_TYPE;
1399
1400 typedef struct _MSV1_0_INTERACTIVE_LOGON {
1401 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
1402 UNICODE_STRING LogonDomainName;
1403 UNICODE_STRING UserName;
1404 UNICODE_STRING Password;
1405 } MSV1_0_INTERACTIVE_LOGON,*PMSV1_0_INTERACTIVE_LOGON;
1406
1407 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
1408 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
1409 USHORT LogonCount;
1410 USHORT BadPasswordCount;
1411 LARGE_INTEGER LogonTime;
1412 LARGE_INTEGER LogoffTime;
1413 LARGE_INTEGER KickOffTime;
1414 LARGE_INTEGER PasswordLastSet;
1415 LARGE_INTEGER PasswordCanChange;
1416 LARGE_INTEGER PasswordMustChange;
1417 UNICODE_STRING LogonScript;
1418 UNICODE_STRING HomeDirectory;
1419 UNICODE_STRING FullName;
1420 UNICODE_STRING ProfilePath;
1421 UNICODE_STRING HomeDirectoryDrive;
1422 UNICODE_STRING LogonServer;
1423 ULONG UserFlags;
1424 } MSV1_0_INTERACTIVE_PROFILE,*PMSV1_0_INTERACTIVE_PROFILE;
1425
1426#define MSV1_0_CHALLENGE_LENGTH 8
1427#define MSV1_0_USER_SESSION_KEY_LENGTH 16
1428#define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
1429
1430#define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
1431#define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
1432#define MSV1_0_RETURN_USER_PARAMETERS 0x08
1433#define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
1434#define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
1435#define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
1436
1437#define MSV1_0_USE_CLIENT_CHALLENGE 0x80
1438#define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
1439#define MSV1_0_RETURN_PROFILE_PATH 0x200
1440#define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
1441#define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
1442#define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
1443#define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
1444#define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
1445#define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
1446#define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
1447#define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
1448
1449#if _WIN32_WINNT >= 0x0600
1450#define MSV1_0_S4U2SELF 0x00020000
1451#define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
1452#endif
1453
1454#if _WIN32_WINNT >= 0x0602
1455#define MSV1_0_INTERNET_DOMAIN 0x00080000
1456#endif
1457
1458#define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
1459#define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
1460#define MSV1_0_MNS_LOGON 0x01000000
1461
1462#define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
1463#define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
1464
1465 typedef struct _MSV1_0_LM20_LOGON {
1466 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
1467 UNICODE_STRING LogonDomainName;
1468 UNICODE_STRING UserName;
1469 UNICODE_STRING Workstation;
1470 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1471 STRING CaseSensitiveChallengeResponse;
1472 STRING CaseInsensitiveChallengeResponse;
1473 ULONG ParameterControl;
1474 } MSV1_0_LM20_LOGON,*PMSV1_0_LM20_LOGON;
1475
1476 typedef struct _MSV1_0_SUBAUTH_LOGON{
1477 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
1478 UNICODE_STRING LogonDomainName;
1479 UNICODE_STRING UserName;
1480 UNICODE_STRING Workstation;
1481 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1482 STRING AuthenticationInfo1;
1483 STRING AuthenticationInfo2;
1484 ULONG ParameterControl;
1485 ULONG SubAuthPackageId;
1486 } MSV1_0_SUBAUTH_LOGON,*PMSV1_0_SUBAUTH_LOGON;
1487
1488#if _WIN32_WINNT >= 0x0600
1489
1490#define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
1491
1492 typedef struct _MSV1_0_S4U_LOGON {
1493 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
1494 ULONG Flags;
1495 UNICODE_STRING UserPrincipalName;
1496 UNICODE_STRING DomainName;
1497 } MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
1498
1499#endif
1500
1501#define LOGON_GUEST 0x01
1502#define LOGON_NOENCRYPTION 0x02
1503#define LOGON_CACHED_ACCOUNT 0x04
1504#define LOGON_USED_LM_PASSWORD 0x08
1505#define LOGON_EXTRA_SIDS 0x20
1506#define LOGON_SUBAUTH_SESSION_KEY 0x40
1507#define LOGON_SERVER_TRUST_ACCOUNT 0x80
1508#define LOGON_NTLMV2_ENABLED 0x100
1509#define LOGON_RESOURCE_GROUPS 0x200
1510#define LOGON_PROFILE_PATH_RETURNED 0x400
1511#define LOGON_NT_V2 0x800
1512#define LOGON_LM_V2 0x1000
1513#define LOGON_NTLM_V2 0x2000
1514
1515#if _WIN32_WINNT >= 0x0600
1516#define LOGON_OPTIMIZED 0x4000
1517#define LOGON_WINLOGON 0x8000
1518#define LOGON_PKINIT 0x10000
1519#define LOGON_NO_OPTIMIZED 0x20000
1520#endif
1521
1522#if _WIN32_WINNT >= 0x0602
1523#define LOGON_NO_ELEVATION 0x40000
1524#define LOGON_MANAGED_SERVICE 0x80000
1525#endif
1526
1527#define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
1528
1529#define LOGON_GRACE_LOGON 0x01000000
1530
1531 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
1532 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
1533 LARGE_INTEGER KickOffTime;
1534 LARGE_INTEGER LogoffTime;
1535 ULONG UserFlags;
1536 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
1537 UNICODE_STRING LogonDomainName;
1538 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
1539 UNICODE_STRING LogonServer;
1540 UNICODE_STRING UserParameters;
1541 } MSV1_0_LM20_LOGON_PROFILE,*PMSV1_0_LM20_LOGON_PROFILE;
1542
1543#define MSV1_0_OWF_PASSWORD_LENGTH 16
1544#define MSV1_0_SHA_PASSWORD_LENGTH 20
1545#define MSV1_0_CREDENTIAL_KEY_LENGTH 20
1546#define MSV1_0_CRED_LM_PRESENT 0x1
1547#define MSV1_0_CRED_NT_PRESENT 0x2
1548#define MSV1_0_CRED_REMOVED 0x4
1549#define MSV1_0_CRED_CREDKEY_PRESENT 0x8
1550#define MSV1_0_CRED_SHA_PRESENT 0x10
1551
1552#define MSV1_0_CRED_VERSION 0
1553#define MSV1_0_CRED_VERSION_V2 2
1554#define MSV1_0_CRED_VERSION_V3 4
1555#define MSV1_0_CRED_VERSION_IUM 0xffff0001
1556#define MSV1_0_CRED_VERSION_REMOTE 0xffff0002
1557#define MSV1_0_CRED_VERSION_ARSO 0xffff0003
1558#define MSV1_0_CRED_VERSION_RESERVED_1 0xfffffffe
1559#define MSV1_0_CRED_VERSION_INVALID 0xffffffff
1560
1561 typedef enum _MSV1_0_CREDENTIAL_KEY_TYPE {
1562 InvalidCredKey,
1563 DeprecatedIUMCredKey,
1564 DomainUserCredKey,
1565 LocalUserCredKey,
1566 ExternallySuppliedCredKey
1567 } MSV1_0_CREDENTIAL_KEY_TYPE;
1568
1569 typedef struct _MSV1_0_CREDENTIAL_KEY {
1570 UCHAR Data[MSV1_0_CREDENTIAL_KEY_LENGTH];
1571 } MSV1_0_CREDENTIAL_KEY, *PMSV1_0_CREDENTIAL_KEY;
1572
1573 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
1574 ULONG Version;
1575 ULONG Flags;
1576 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
1577 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
1578 } MSV1_0_SUPPLEMENTAL_CREDENTIAL,*PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
1579
1580 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL_V2 {
1581 ULONG Version;
1582 ULONG Flags;
1583 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
1584 MSV1_0_CREDENTIAL_KEY CredentialKey;
1585 } MSV1_0_SUPPLEMENTAL_CREDENTIAL_V2, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL_V2;
1586
1587 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL_V3 {
1588 ULONG Version;
1589 ULONG Flags;
1590 MSV1_0_CREDENTIAL_KEY_TYPE CredentialKeyType;
1591 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
1592 MSV1_0_CREDENTIAL_KEY CredentialKey;
1593 UCHAR ShaPassword[MSV1_0_SHA_PASSWORD_LENGTH];
1594 } MSV1_0_SUPPLEMENTAL_CREDENTIAL_V3, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL_V3;
1595
1596 typedef struct _MSV1_0_IUM_SUPPLEMENTAL_CREDENTIAL {
1597 ULONG Version;
1598 ULONG EncryptedCredsSize;
1599 UCHAR EncryptedCreds[1];
1600 } MSV1_0_IUM_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_IUM_SUPPLEMENTAL_CREDENTIAL;
1601
1602#define MSV1_0_IUM_SUPPLEMENTAL_CREDENTIAL_SIZE(Creds) \
1603 (FIELD_OFFSET(MSV1_0_IUM_SUPPLEMENTAL_CREDENTIAL, EncryptedCreds) + (Creds)->EncryptedCredsSize)
1604
1605 typedef struct _MSV1_0_REMOTE_SUPPLEMENTAL_CREDENTIAL {
1606 ULONG Version;
1607 ULONG Flags;
1608 MSV1_0_CREDENTIAL_KEY CredentialKey;
1609 MSV1_0_CREDENTIAL_KEY_TYPE CredentialKeyType;
1610 ULONG EncryptedCredsSize;
1611 UCHAR EncryptedCreds[1];
1612 } MSV1_0_REMOTE_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_REMOTE_SUPPLEMENTAL_CREDENTIAL;
1613
1614#define MSV1_0_NTLM3_RESPONSE_LENGTH 16
1615#define MSV1_0_NTLM3_OWF_LENGTH 16
1616
1617#define MSV1_0_MAX_NTLM3_LIFE 129600
1618#define MSV1_0_MAX_AVL_SIZE 64000
1619
1620#define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
1621
1622#if _WIN32_WINNT >= 0x0600
1623#define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
1624#endif
1625
1626#if _WIN32_WINNT >= 0x0601
1627#define MSV1_0_AV_FLAG_UNVERIFIED_TARGET 0x00000004
1628#endif
1629
1630 typedef struct _MSV1_0_NTLM3_RESPONSE {
1631 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
1632 UCHAR RespType;
1633 UCHAR HiRespType;
1634 USHORT Flags;
1635 ULONG MsgWord;
1636 ULONGLONG TimeStamp;
1637 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
1638 ULONG AvPairsOff;
1639 UCHAR Buffer[1];
1640 } MSV1_0_NTLM3_RESPONSE,*PMSV1_0_NTLM3_RESPONSE;
1641
1642#define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
1643#define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE,AvPairsOff)
1644
1645/* MsvAvSingleHost present in MS-NLMP specifications but not in WinSDK */
1646 typedef enum {
1647 MsvAvEOL,
1648 MsvAvNbComputerName,
1649 MsvAvNbDomainName,
1650 MsvAvDnsComputerName,
1651 MsvAvDnsDomainName
1652#if _WIN32_WINNT >= 0x0501
1653 ,MsvAvDnsTreeName
1654 ,MsvAvFlags
1655#if _WIN32_WINNT >= 0x0600
1656 ,MsvAvTimestamp
1657 ,MsvAvRestrictions
1658 ,MsvAvSingleHost = MsvAvRestrictions
1659 ,MsvAvTargetName
1660 ,MsvAvChannelBindings
1661#endif
1662#endif
1663 } MSV1_0_AVID;
1664
1665 typedef struct _MSV1_0_AV_PAIR {
1666 USHORT AvId;
1667 USHORT AvLen;
1668 } MSV1_0_AV_PAIR,*PMSV1_0_AV_PAIR;
1669
1670 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
1671 MsV1_0Lm20ChallengeRequest = 0,
1672 MsV1_0Lm20GetChallengeResponse,
1673 MsV1_0EnumerateUsers,
1674 MsV1_0GetUserInfo,
1675 MsV1_0ReLogonUsers,
1676 MsV1_0ChangePassword,
1677 MsV1_0ChangeCachedPassword,
1678 MsV1_0GenericPassthrough,
1679 MsV1_0CacheLogon,
1680 MsV1_0SubAuth,
1681 MsV1_0DeriveCredential,
1682 MsV1_0CacheLookup,
1683#if _WIN32_WINNT >= 0x0501
1684 MsV1_0SetProcessOption,
1685#endif
1686#if _WIN32_WINNT >= 0x0600
1687 MsV1_0ConfigLocalAliases,
1688 MsV1_0ClearCachedCredentials,
1689#endif
1690#if _WIN32_WINNT >= 0x0601
1691 MsV1_0LookupToken,
1692#endif
1693#if _WIN32_WINNT >= 0x0602
1694 MsV1_0ValidateAuth,
1695 MsV1_0CacheLookupEx,
1696 MsV1_0GetCredentialKey,
1697 MsV1_0SetThreadOption,
1698#endif
1699#if _WIN32_WINNT >= 0x0A00
1700 MsV1_0DecryptDpapiMasterKey,
1701 MsV1_0GetStrongCredentialKey,
1702 MsV1_0TransferCred,
1703 MsV1_0ProvisionTbal,
1704 MsV1_0DeleteTbalSecrets
1705#endif
1706 } MSV1_0_PROTOCOL_MESSAGE_TYPE,*PMSV1_0_PROTOCOL_MESSAGE_TYPE;
1707
1708 typedef struct _MSV1_0_CHANGEPASSWORD_REQUEST {
1709 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1710 UNICODE_STRING DomainName;
1711 UNICODE_STRING AccountName;
1712 UNICODE_STRING OldPassword;
1713 UNICODE_STRING NewPassword;
1714 BOOLEAN Impersonating;
1715 } MSV1_0_CHANGEPASSWORD_REQUEST,*PMSV1_0_CHANGEPASSWORD_REQUEST;
1716
1717 typedef struct _MSV1_0_CHANGEPASSWORD_RESPONSE {
1718 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1719 BOOLEAN PasswordInfoValid;
1720 DOMAIN_PASSWORD_INFORMATION DomainPasswordInfo;
1721 } MSV1_0_CHANGEPASSWORD_RESPONSE,*PMSV1_0_CHANGEPASSWORD_RESPONSE;
1722
1723 typedef struct _MSV1_0_PASSTHROUGH_REQUEST {
1724 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1725 UNICODE_STRING DomainName;
1726 UNICODE_STRING PackageName;
1727 ULONG DataLength;
1728 PUCHAR LogonData;
1729 ULONG Pad;
1730 } MSV1_0_PASSTHROUGH_REQUEST,*PMSV1_0_PASSTHROUGH_REQUEST;
1731
1732 typedef struct _MSV1_0_PASSTHROUGH_RESPONSE {
1733 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1734 ULONG Pad;
1735 ULONG DataLength;
1736 PUCHAR ValidationData;
1737 } MSV1_0_PASSTHROUGH_RESPONSE,*PMSV1_0_PASSTHROUGH_RESPONSE;
1738
1739 typedef struct _MSV1_0_SUBAUTH_REQUEST{
1740 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1741 ULONG SubAuthPackageId;
1742 ULONG SubAuthInfoLength;
1743 PUCHAR SubAuthSubmitBuffer;
1744 } MSV1_0_SUBAUTH_REQUEST,*PMSV1_0_SUBAUTH_REQUEST;
1745
1746 typedef struct _MSV1_0_SUBAUTH_RESPONSE{
1747 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1748 ULONG SubAuthInfoLength;
1749 PUCHAR SubAuthReturnBuffer;
1750 } MSV1_0_SUBAUTH_RESPONSE,*PMSV1_0_SUBAUTH_RESPONSE;
1751
1752#define RtlGenRandom SystemFunction036
1753#define RtlEncryptMemory SystemFunction040
1754#define RtlDecryptMemory SystemFunction041
1755
1756 BOOLEAN WINAPI RtlGenRandom(PVOID RandomBuffer,ULONG RandomBufferLength);
1757
1758#define RTL_ENCRYPT_MEMORY_SIZE 8
1759#define RTL_ENCRYPT_OPTION_CROSS_PROCESS 0x01
1760#define RTL_ENCRYPT_OPTION_SAME_LOGON 0x02
1761#define RTL_ENCRYPT_OPTION_FOR_SYSTEM 0x04
1762
1763 NTSTATUS WINAPI RtlEncryptMemory(PVOID Memory,ULONG MemorySize,ULONG OptionFlags);
1764 NTSTATUS WINAPI RtlDecryptMemory(PVOID Memory,ULONG MemorySize,ULONG OptionFlags);
1765
1766#define KERBEROS_VERSION 5
1767#define KERBEROS_REVISION 6
1768
1769#define KERB_ETYPE_NULL 0
1770#define KERB_ETYPE_DES_CBC_CRC 1
1771#define KERB_ETYPE_DES_CBC_MD4 2
1772#define KERB_ETYPE_DES_CBC_MD5 3
1773#define KERB_ETYPE_AES128_CTS_HMAC_SHA1_96 17
1774#define KERB_ETYPE_AES256_CTS_HMAC_SHA1_96 18
1775
1776#define KERB_ETYPE_RC4_MD4 -128
1777#define KERB_ETYPE_RC4_PLAIN2 -129
1778#define KERB_ETYPE_RC4_LM -130
1779#define KERB_ETYPE_RC4_SHA -131
1780#define KERB_ETYPE_DES_PLAIN -132
1781#define KERB_ETYPE_RC4_HMAC_OLD -133
1782#define KERB_ETYPE_RC4_PLAIN_OLD -134
1783#define KERB_ETYPE_RC4_HMAC_OLD_EXP -135
1784#define KERB_ETYPE_RC4_PLAIN_OLD_EXP -136
1785#define KERB_ETYPE_RC4_PLAIN -140
1786#define KERB_ETYPE_RC4_PLAIN_EXP -141
1787#define KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN -148
1788#define KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN -149
1789
1790#define KERB_ETYPE_DSA_SHA1_CMS 9
1791#define KERB_ETYPE_RSA_MD5_CMS 10
1792#define KERB_ETYPE_RSA_SHA1_CMS 11
1793#define KERB_ETYPE_RC2_CBC_ENV 12
1794#define KERB_ETYPE_RSA_ENV 13
1795#define KERB_ETYPE_RSA_ES_OEAP_ENV 14
1796#define KERB_ETYPE_DES_EDE3_CBC_ENV 15
1797
1798#define KERB_ETYPE_DSA_SIGN 8
1799#define KERB_ETYPE_RSA_PRIV 9
1800#define KERB_ETYPE_RSA_PUB 10
1801#define KERB_ETYPE_RSA_PUB_MD5 11
1802#define KERB_ETYPE_RSA_PUB_SHA1 12
1803#define KERB_ETYPE_PKCS7_PUB 13
1804
1805#define KERB_ETYPE_DES3_CBC_MD5 5
1806#define KERB_ETYPE_DES3_CBC_SHA1 7
1807#define KERB_ETYPE_DES3_CBC_SHA1_KD 16
1808
1809#define KERB_ETYPE_DES_CBC_MD5_NT 20
1810#define KERB_ETYPE_RC4_HMAC_NT 23
1811#define KERB_ETYPE_RC4_HMAC_NT_EXP 24
1812
1813#define KERB_CHECKSUM_NONE 0
1814#define KERB_CHECKSUM_CRC32 1
1815#define KERB_CHECKSUM_MD4 2
1816#define KERB_CHECKSUM_KRB_DES_MAC 4
1817#define KERB_CHECKSUM_KRB_DES_MAC_K 5
1818#define KERB_CHECKSUM_MD5 7
1819#define KERB_CHECKSUM_MD5_DES 8
1820#define KERB_CHECKSUM_SHA1_NEW 14
1821#define KERB_CHECKSUM_HMAC_SHA1_96_AES128 15
1822#define KERB_CHECKSUM_HMAC_SHA1_96_AES256 16
1823
1824#define KERB_CHECKSUM_LM -130
1825#define KERB_CHECKSUM_SHA1 -131
1826#define KERB_CHECKSUM_REAL_CRC32 -132
1827#define KERB_CHECKSUM_DES_MAC -133
1828#define KERB_CHECKSUM_DES_MAC_MD5 -134
1829#define KERB_CHECKSUM_MD25 -135
1830#define KERB_CHECKSUM_RC4_MD5 -136
1831#define KERB_CHECKSUM_MD5_HMAC -137
1832#define KERB_CHECKSUM_HMAC_MD5 -138
1833#define KERB_CHECKSUM_SHA256 -139
1834#define KERB_CHECKSUM_SHA384 -140
1835#define KERB_CHECKSUM_SHA512 -141
1836#define KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki -150
1837#define KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki -151
1838
1839#define AUTH_REQ_ALLOW_FORWARDABLE 0x00000001
1840#define AUTH_REQ_ALLOW_PROXIABLE 0x00000002
1841#define AUTH_REQ_ALLOW_POSTDATE 0x00000004
1842#define AUTH_REQ_ALLOW_RENEWABLE 0x00000008
1843#define AUTH_REQ_ALLOW_NOADDRESS 0x00000010
1844#define AUTH_REQ_ALLOW_ENC_TKT_IN_SKEY 0x00000020
1845#define AUTH_REQ_ALLOW_VALIDATE 0x00000040
1846#define AUTH_REQ_VALIDATE_CLIENT 0x00000080
1847#define AUTH_REQ_OK_AS_DELEGATE 0x00000100
1848#define AUTH_REQ_PREAUTH_REQUIRED 0x00000200
1849#define AUTH_REQ_TRANSITIVE_TRUST 0x00000400
1850#define AUTH_REQ_ALLOW_S4U_DELEGATE 0x00000800
1851
1852#define AUTH_REQ_PER_USER_FLAGS (AUTH_REQ_ALLOW_FORWARDABLE | AUTH_REQ_ALLOW_PROXIABLE | AUTH_REQ_ALLOW_POSTDATE | AUTH_REQ_ALLOW_RENEWABLE | AUTH_REQ_ALLOW_VALIDATE)
1853
1854#define KERB_TICKET_FLAGS_reserved 0x80000000
1855#define KERB_TICKET_FLAGS_forwardable 0x40000000
1856#define KERB_TICKET_FLAGS_forwarded 0x20000000
1857#define KERB_TICKET_FLAGS_proxiable 0x10000000
1858#define KERB_TICKET_FLAGS_proxy 0x08000000
1859#define KERB_TICKET_FLAGS_may_postdate 0x04000000
1860#define KERB_TICKET_FLAGS_postdated 0x02000000
1861#define KERB_TICKET_FLAGS_invalid 0x01000000
1862#define KERB_TICKET_FLAGS_renewable 0x00800000
1863#define KERB_TICKET_FLAGS_initial 0x00400000
1864#define KERB_TICKET_FLAGS_pre_authent 0x00200000
1865#define KERB_TICKET_FLAGS_hw_authent 0x00100000
1866#define KERB_TICKET_FLAGS_ok_as_delegate 0x00040000
1867#define KERB_TICKET_FLAGS_name_canonicalize 0x00010000
1868#if _WIN32_WINNT == 0x0501
1869#define KERB_TICKET_FLAGS_cname_in_pa_data 0x00040000
1870#endif
1871#define KERB_TICKET_FLAGS_enc_pa_rep 0x00010000
1872#define KERB_TICKET_FLAGS_reserved1 0x00000001
1873
1874#define KRB_NT_UNKNOWN 0
1875#define KRB_NT_PRINCIPAL 1
1876#define KRB_NT_PRINCIPAL_AND_ID -131
1877#define KRB_NT_SRV_INST 2
1878#define KRB_NT_SRV_INST_AND_ID -132
1879#define KRB_NT_SRV_HST 3
1880#define KRB_NT_SRV_XHST 4
1881#define KRB_NT_UID 5
1882#define KRB_NT_ENTERPRISE_PRINCIPAL 10
1883#define KRB_NT_WELLKNOWN 11
1884#define KRB_NT_MS_BRANCH_ID -133
1885#define KRB_NT_ENT_PRINCIPAL_AND_ID -130
1886#define KRB_NT_MS_PRINCIPAL -128
1887#define KRB_NT_MS_PRINCIPAL_AND_ID -129
1888
1889#define KERB_IS_MS_PRINCIPAL(_x_) (((_x_) <= KRB_NT_MS_PRINCIPAL) || ((_x_) >= KRB_NT_ENTERPRISE_PRINCIPAL))
1890
1891#if _WIN32_WINNT >= 0x0600
1892#define KRB_NT_X500_PRINCIPAL 6
1893#endif
1894
1895#define KRB_WELLKNOWN_STRING L"WELLKNOWN"
1896#define KRB_ANONYMOUS_STRING L"ANONYMOUS"
1897
1898#ifndef MICROSOFT_KERBEROS_NAME_A
1899
1900#define MICROSOFT_KERBEROS_NAME_A "Kerberos"
1901#define MICROSOFT_KERBEROS_NAME_W L"Kerberos"
1902#ifdef WIN32_CHICAGO
1903#define MICROSOFT_KERBEROS_NAME MICROSOFT_KERBEROS_NAME_A
1904#else
1905#define MICROSOFT_KERBEROS_NAME MICROSOFT_KERBEROS_NAME_W
1906#endif
1907#endif
1908
1909#define KERB_WRAP_NO_ENCRYPT 0x80000001
1910
1911 typedef enum _KERB_LOGON_SUBMIT_TYPE {
1912 KerbInteractiveLogon = 2,
1913 KerbSmartCardLogon = 6,
1914 KerbWorkstationUnlockLogon = 7,
1915 KerbSmartCardUnlockLogon = 8,
1916 KerbProxyLogon = 9,
1917 KerbTicketLogon = 10,
1918 KerbTicketUnlockLogon = 11,
1919 KerbS4ULogon = 12,
1920#if (_WIN32_WINNT >= 0x0600)
1921 KerbCertificateLogon = 13,
1922 KerbCertificateS4ULogon = 14,
1923 KerbCertificateUnlockLogon = 15,
1924#endif
1925#if (_WIN32_WINNT >= 0x0602)
1926 KerbNoElevationLogon = 83,
1927 KerbLuidLogon = 84
1928#endif
1929 } KERB_LOGON_SUBMIT_TYPE,*PKERB_LOGON_SUBMIT_TYPE;
1930
1931 typedef struct _KERB_INTERACTIVE_LOGON {
1932 KERB_LOGON_SUBMIT_TYPE MessageType;
1933 UNICODE_STRING LogonDomainName;
1934 UNICODE_STRING UserName;
1935 UNICODE_STRING Password;
1936 } KERB_INTERACTIVE_LOGON,*PKERB_INTERACTIVE_LOGON;
1937
1938 typedef struct _KERB_INTERACTIVE_UNLOCK_LOGON {
1939 KERB_INTERACTIVE_LOGON Logon;
1940 LUID LogonId;
1941 } KERB_INTERACTIVE_UNLOCK_LOGON,*PKERB_INTERACTIVE_UNLOCK_LOGON;
1942
1943 typedef struct _KERB_SMART_CARD_LOGON {
1944 KERB_LOGON_SUBMIT_TYPE MessageType;
1945 UNICODE_STRING Pin;
1946 ULONG CspDataLength;
1947 PUCHAR CspData;
1948 } KERB_SMART_CARD_LOGON,*PKERB_SMART_CARD_LOGON;
1949
1950 typedef struct _KERB_SMART_CARD_UNLOCK_LOGON {
1951 KERB_SMART_CARD_LOGON Logon;
1952 LUID LogonId;
1953 } KERB_SMART_CARD_UNLOCK_LOGON,*PKERB_SMART_CARD_UNLOCK_LOGON;
1954
1955 typedef struct _KERB_TICKET_LOGON {
1956 KERB_LOGON_SUBMIT_TYPE MessageType;
1957 ULONG Flags;
1958 ULONG ServiceTicketLength;
1959 ULONG TicketGrantingTicketLength;
1960 PUCHAR ServiceTicket;
1961 PUCHAR TicketGrantingTicket;
1962 } KERB_TICKET_LOGON,*PKERB_TICKET_LOGON;
1963
1964#define KERB_LOGON_FLAG_ALLOW_EXPIRED_TICKET 0x1
1965#define KERB_LOGON_FLAG_REDIRECTED 0x2
1966
1967 typedef struct _KERB_TICKET_UNLOCK_LOGON {
1968 KERB_TICKET_LOGON Logon;
1969 LUID LogonId;
1970 } KERB_TICKET_UNLOCK_LOGON,*PKERB_TICKET_UNLOCK_LOGON;
1971
1972#if _WIN32_WINNT >= 0x0600
1973#define KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
1974#define KERB_S4U_LOGON_FLAG_IDENTIFY 0x8
1975#endif
1976
1977 typedef struct _KERB_S4U_LOGON {
1978 KERB_LOGON_SUBMIT_TYPE MessageType;
1979 ULONG Flags;
1980 UNICODE_STRING ClientUpn;
1981 UNICODE_STRING ClientRealm;
1982 } KERB_S4U_LOGON,*PKERB_S4U_LOGON;
1983
1984 typedef enum _KERB_PROFILE_BUFFER_TYPE {
1985 KerbInteractiveProfile = 2,KerbSmartCardProfile = 4,KerbTicketProfile = 6
1986 } KERB_PROFILE_BUFFER_TYPE,*PKERB_PROFILE_BUFFER_TYPE;
1987
1988 typedef struct _KERB_INTERACTIVE_PROFILE {
1989 KERB_PROFILE_BUFFER_TYPE MessageType;
1990 USHORT LogonCount;
1991 USHORT BadPasswordCount;
1992 LARGE_INTEGER LogonTime;
1993 LARGE_INTEGER LogoffTime;
1994 LARGE_INTEGER KickOffTime;
1995 LARGE_INTEGER PasswordLastSet;
1996 LARGE_INTEGER PasswordCanChange;
1997 LARGE_INTEGER PasswordMustChange;
1998 UNICODE_STRING LogonScript;
1999 UNICODE_STRING HomeDirectory;
2000 UNICODE_STRING FullName;
2001 UNICODE_STRING ProfilePath;
2002 UNICODE_STRING HomeDirectoryDrive;
2003 UNICODE_STRING LogonServer;
2004 ULONG UserFlags;
2005 } KERB_INTERACTIVE_PROFILE,*PKERB_INTERACTIVE_PROFILE;
2006
2007 typedef struct _KERB_SMART_CARD_PROFILE {
2008 KERB_INTERACTIVE_PROFILE Profile;
2009 ULONG CertificateSize;
2010 PUCHAR CertificateData;
2011 } KERB_SMART_CARD_PROFILE,*PKERB_SMART_CARD_PROFILE;
2012
2013 typedef struct KERB_CRYPTO_KEY {
2014 LONG KeyType;
2015 ULONG Length;
2016 PUCHAR Value;
2017 } KERB_CRYPTO_KEY,*PKERB_CRYPTO_KEY;
2018
2019 typedef struct KERB_CRYPTO_KEY32 {
2020 LONG KeyType;
2021 ULONG Length;
2022 ULONG Offset;
2023 } KERB_CRYPTO_KEY32,*PKERB_CRYPTO_KEY32;
2024
2025 typedef struct _KERB_TICKET_PROFILE {
2026 KERB_INTERACTIVE_PROFILE Profile;
2027 KERB_CRYPTO_KEY SessionKey;
2028 } KERB_TICKET_PROFILE,*PKERB_TICKET_PROFILE;
2029
2030 typedef enum _KERB_PROTOCOL_MESSAGE_TYPE {
2031 KerbDebugRequestMessage = 0,
2032 KerbQueryTicketCacheMessage,
2033 KerbChangeMachinePasswordMessage,
2034 KerbVerifyPacMessage,
2035 KerbRetrieveTicketMessage,
2036 KerbUpdateAddressesMessage,
2037 KerbPurgeTicketCacheMessage,
2038 KerbChangePasswordMessage,
2039 KerbRetrieveEncodedTicketMessage,
2040 KerbDecryptDataMessage,
2041 KerbAddBindingCacheEntryMessage,
2042 KerbSetPasswordMessage,
2043 KerbSetPasswordExMessage,
2044#if _WIN32_WINNT >= 0x0501
2045 KerbVerifyCredentialsMessage,
2046 KerbQueryTicketCacheExMessage,
2047 KerbPurgeTicketCacheExMessage,
2048#endif
2049#if _WIN32_WINNT >= 0x0502
2050 KerbRefreshSmartcardCredentialsMessage,
2051 KerbAddExtraCredentialsMessage,
2052 KerbQuerySupplementalCredentialsMessage,
2053#endif
2054#if _WIN32_WINNT >= 0x0600
2055 KerbTransferCredentialsMessage,
2056 KerbQueryTicketCacheEx2Message,
2057 KerbSubmitTicketMessage,
2058 KerbAddExtraCredentialsExMessage,
2059#endif
2060#if _WIN32_WINNT >= 0x0602
2061 KerbQueryKdcProxyCacheMessage,
2062 KerbPurgeKdcProxyCacheMessage,
2063 KerbQueryTicketCacheEx3Message,
2064 KerbCleanupMachinePkinitCredsMessage,
2065 KerbAddBindingCacheEntryExMessage,
2066 KerbQueryBindingCacheMessage,
2067 KerbPurgeBindingCacheMessage,
2068 KerbPinKdcMessage,
2069 KerbUnpinAllKdcsMessage,
2070 KerbQueryDomainExtendedPoliciesMessage,
2071 KerbQueryS4U2ProxyCacheMessage
2072#endif
2073#if _WIN32_WINNT >= 0x0A00
2074 ,KerbRetrieveKeyTabMessage
2075 ,KerbRefreshPolicyMessage
2076 ,KerbPrintCloudKerberosDebugMessage
2077#endif
2078 } KERB_PROTOCOL_MESSAGE_TYPE,*PKERB_PROTOCOL_MESSAGE_TYPE;
2079
2080 typedef struct _KERB_QUERY_TKT_CACHE_REQUEST {
2081 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2082 LUID LogonId;
2083 } KERB_QUERY_TKT_CACHE_REQUEST,*PKERB_QUERY_TKT_CACHE_REQUEST;
2084
2085 typedef struct _KERB_TICKET_CACHE_INFO {
2086 UNICODE_STRING ServerName;
2087 UNICODE_STRING RealmName;
2088 LARGE_INTEGER StartTime;
2089 LARGE_INTEGER EndTime;
2090 LARGE_INTEGER RenewTime;
2091 LONG EncryptionType;
2092 ULONG TicketFlags;
2093 } KERB_TICKET_CACHE_INFO,*PKERB_TICKET_CACHE_INFO;
2094
2095 typedef struct _KERB_TICKET_CACHE_INFO_EX {
2096 UNICODE_STRING ClientName;
2097 UNICODE_STRING ClientRealm;
2098 UNICODE_STRING ServerName;
2099 UNICODE_STRING ServerRealm;
2100 LARGE_INTEGER StartTime;
2101 LARGE_INTEGER EndTime;
2102 LARGE_INTEGER RenewTime;
2103 LONG EncryptionType;
2104 ULONG TicketFlags;
2105 } KERB_TICKET_CACHE_INFO_EX,*PKERB_TICKET_CACHE_INFO_EX;
2106
2107 typedef struct _KERB_TICKET_CACHE_INFO_EX2 {
2108 UNICODE_STRING ClientName;
2109 UNICODE_STRING ClientRealm;
2110 UNICODE_STRING ServerName;
2111 UNICODE_STRING ServerRealm;
2112 LARGE_INTEGER StartTime;
2113 LARGE_INTEGER EndTime;
2114 LARGE_INTEGER RenewTime;
2115 LONG EncryptionType;
2116 ULONG TicketFlags;
2117 ULONG SessionKeyType;
2118 } KERB_TICKET_CACHE_INFO_EX2,*PKERB_TICKET_CACHE_INFO_EX2;
2119
2120#if _WIN32_WINNT >= 0x0602
2121 typedef struct _KERB_TICKET_CACHE_INFO_EX3 {
2122 UNICODE_STRING ClientName;
2123 UNICODE_STRING ClientRealm;
2124 UNICODE_STRING ServerName;
2125 UNICODE_STRING ServerRealm;
2126 LARGE_INTEGER StartTime;
2127 LARGE_INTEGER EndTime;
2128 LARGE_INTEGER RenewTime;
2129 LONG EncryptionType;
2130 ULONG TicketFlags;
2131 ULONG SessionKeyType;
2132 ULONG BranchId;
2133 ULONG CacheFlags;
2134 UNICODE_STRING KdcCalled;
2135 } KERB_TICKET_CACHE_INFO_EX3, *PKERB_TICKET_CACHE_INFO_EX3;
2136#endif
2137
2138 typedef struct _KERB_QUERY_TKT_CACHE_RESPONSE {
2139 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2140 ULONG CountOfTickets;
2141 KERB_TICKET_CACHE_INFO Tickets[ANYSIZE_ARRAY];
2142 } KERB_QUERY_TKT_CACHE_RESPONSE,*PKERB_QUERY_TKT_CACHE_RESPONSE;
2143
2144 typedef struct _KERB_QUERY_TKT_CACHE_EX_RESPONSE {
2145 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2146 ULONG CountOfTickets;
2147 KERB_TICKET_CACHE_INFO_EX Tickets[ANYSIZE_ARRAY];
2148 } KERB_QUERY_TKT_CACHE_EX_RESPONSE,*PKERB_QUERY_TKT_CACHE_EX_RESPONSE;
2149
2150 typedef struct _KERB_QUERY_TKT_CACHE_EX2_RESPONSE {
2151 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2152 ULONG CountOfTickets;
2153 KERB_TICKET_CACHE_INFO_EX2 Tickets[ANYSIZE_ARRAY];
2154 } KERB_QUERY_TKT_CACHE_EX2_RESPONSE,*PKERB_QUERY_TKT_CACHE_EX2_RESPONSE;
2155
2156#if _WIN32_WINNT >= 0x0602
2157 typedef struct _KERB_QUERY_TKT_CACHE_EX3_RESPONSE {
2158 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2159 ULONG CountOfTickets;
2160 KERB_TICKET_CACHE_INFO_EX3 Tickets[ANYSIZE_ARRAY];
2161 } KERB_QUERY_TKT_CACHE_EX3_RESPONSE, *PKERB_QUERY_TKT_CACHE_EX3_RESPONSE;
2162#endif
2163
2164#ifndef __SECHANDLE_DEFINED__
2165 typedef struct _SecHandle {
2166 ULONG_PTR dwLower;
2167 ULONG_PTR dwUpper;
2168 } SecHandle,*PSecHandle;
2169
2170#define __SECHANDLE_DEFINED__
2171#endif
2172
2173#define KERB_USE_DEFAULT_TICKET_FLAGS 0x0
2174
2175#define KERB_RETRIEVE_TICKET_DEFAULT 0x0
2176#define KERB_RETRIEVE_TICKET_DONT_USE_CACHE 0x1
2177#define KERB_RETRIEVE_TICKET_USE_CACHE_ONLY 0x2
2178#define KERB_RETRIEVE_TICKET_USE_CREDHANDLE 0x4
2179#define KERB_RETRIEVE_TICKET_AS_KERB_CRED 0x8
2180#define KERB_RETRIEVE_TICKET_WITH_SEC_CRED 0x10
2181
2182#if _WIN32_WINNT >= 0x0600
2183#define KERB_RETRIEVE_TICKET_CACHE_TICKET 0x20
2184#endif
2185
2186#if _WIN32_WINNT >= 0x0601
2187#define KERB_RETRIEVE_TICKET_MAX_LIFETIME 0x40
2188#endif
2189
2190#define KERB_ETYPE_DEFAULT 0x0
2191
2192 typedef struct _KERB_AUTH_DATA {
2193 ULONG Type;
2194 ULONG Length;
2195 PUCHAR Data;
2196 } KERB_AUTH_DATA,*PKERB_AUTH_DATA;
2197
2198 typedef struct _KERB_NET_ADDRESS {
2199 ULONG Family;
2200 ULONG Length;
2201 PCHAR Address;
2202 } KERB_NET_ADDRESS,*PKERB_NET_ADDRESS;
2203
2204 typedef struct _KERB_NET_ADDRESSES {
2205 ULONG Number;
2206 KERB_NET_ADDRESS Addresses[ANYSIZE_ARRAY];
2207 } KERB_NET_ADDRESSES,*PKERB_NET_ADDRESSES;
2208
2209 typedef struct _KERB_EXTERNAL_NAME {
2210 SHORT NameType;
2211 USHORT NameCount;
2212 UNICODE_STRING Names[ANYSIZE_ARRAY];
2213 } KERB_EXTERNAL_NAME,*PKERB_EXTERNAL_NAME;
2214
2215 typedef struct _KERB_EXTERNAL_TICKET {
2216 PKERB_EXTERNAL_NAME ServiceName;
2217 PKERB_EXTERNAL_NAME TargetName;
2218 PKERB_EXTERNAL_NAME ClientName;
2219 UNICODE_STRING DomainName;
2220 UNICODE_STRING TargetDomainName;
2221 UNICODE_STRING AltTargetDomainName;
2222 KERB_CRYPTO_KEY SessionKey;
2223 ULONG TicketFlags;
2224 ULONG Flags;
2225 LARGE_INTEGER KeyExpirationTime;
2226 LARGE_INTEGER StartTime;
2227 LARGE_INTEGER EndTime;
2228 LARGE_INTEGER RenewUntil;
2229 LARGE_INTEGER TimeSkew;
2230 ULONG EncodedTicketSize;
2231 PUCHAR EncodedTicket;
2232 } KERB_EXTERNAL_TICKET,*PKERB_EXTERNAL_TICKET;
2233
2234 typedef struct _KERB_RETRIEVE_TKT_REQUEST {
2235 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2236 LUID LogonId;
2237 UNICODE_STRING TargetName;
2238 ULONG TicketFlags;
2239 ULONG CacheOptions;
2240 LONG EncryptionType;
2241 SecHandle CredentialsHandle;
2242 } KERB_RETRIEVE_TKT_REQUEST,*PKERB_RETRIEVE_TKT_REQUEST;
2243
2244 typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
2245 KERB_EXTERNAL_TICKET Ticket;
2246 } KERB_RETRIEVE_TKT_RESPONSE,*PKERB_RETRIEVE_TKT_RESPONSE;
2247
2248 typedef struct _KERB_PURGE_TKT_CACHE_REQUEST {
2249 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2250 LUID LogonId;
2251 UNICODE_STRING ServerName;
2252 UNICODE_STRING RealmName;
2253 } KERB_PURGE_TKT_CACHE_REQUEST,*PKERB_PURGE_TKT_CACHE_REQUEST;
2254
2255#define KERB_PURGE_ALL_TICKETS 1
2256
2257 typedef struct _KERB_PURGE_TKT_CACHE_EX_REQUEST {
2258 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2259 LUID LogonId;
2260 ULONG Flags;
2261 KERB_TICKET_CACHE_INFO_EX TicketTemplate;
2262 } KERB_PURGE_TKT_CACHE_EX_REQUEST,*PKERB_PURGE_TKT_CACHE_EX_REQUEST;
2263
2264 typedef struct _KERB_SUBMIT_TKT_REQUEST {
2265 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2266 LUID LogonId;
2267 ULONG Flags;
2268 KERB_CRYPTO_KEY32 Key;
2269 ULONG KerbCredSize;
2270 ULONG KerbCredOffset;
2271 } KERB_SUBMIT_TKT_REQUEST, *PKERB_SUBMIT_TKT_REQUEST;
2272
2273#if _WIN32_WINNT >= 0x0602
2274
2275 typedef struct _KERB_QUERY_KDC_PROXY_CACHE_REQUEST {
2276 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2277 ULONG Flags;
2278 LUID LogonId;
2279 } KERB_QUERY_KDC_PROXY_CACHE_REQUEST, *PKERB_QUERY_KDC_PROXY_CACHE_REQUEST;
2280
2281 typedef struct _KDC_PROXY_CACHE_ENTRY_DATA {
2282 ULONG64 SinceLastUsed;
2283 UNICODE_STRING DomainName;
2284 UNICODE_STRING ProxyServerName;
2285 UNICODE_STRING ProxyServerVdir;
2286 USHORT ProxyServerPort;
2287 LUID LogonId;
2288 UNICODE_STRING CredUserName;
2289 UNICODE_STRING CredDomainName;
2290 BOOLEAN GlobalCache;
2291 } KDC_PROXY_CACHE_ENTRY_DATA, *PKDC_PROXY_CACHE_ENTRY_DATA;
2292
2293 typedef struct _KERB_QUERY_KDC_PROXY_CACHE_RESPONSE {
2294 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2295 ULONG CountOfEntries;
2296 PKDC_PROXY_CACHE_ENTRY_DATA Entries;
2297 } KERB_QUERY_KDC_PROXY_CACHE_RESPONSE, *PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE;
2298
2299 typedef struct _KERB_PURGE_KDC_PROXY_CACHE_REQUEST {
2300 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2301 ULONG Flags;
2302 LUID LogonId;
2303 } KERB_PURGE_KDC_PROXY_CACHE_REQUEST, *PKERB_PURGE_KDC_PROXY_CACHE_REQUEST;
2304
2305 typedef struct _KERB_PURGE_KDC_PROXY_CACHE_RESPONSE {
2306 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2307 ULONG CountOfPurged;
2308 } KERB_PURGE_KDC_PROXY_CACHE_RESPONSE, *PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE;
2309
2310#define KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE 0x1
2311
2312 typedef struct _KERB_S4U2PROXY_CACHE_ENTRY_INFO {
2313 UNICODE_STRING ServerName;
2314 ULONG Flags;
2315 NTSTATUS LastStatus;
2316 LARGE_INTEGER Expiry;
2317 } KERB_S4U2PROXY_CACHE_ENTRY_INFO, *PKERB_S4U2PROXY_CACHE_ENTRY_INFO;
2318
2319#define KERB_S4U2PROXY_CRED_FLAG_NEGATIVE 0x1
2320
2321 typedef struct _KERB_S4U2PROXY_CRED {
2322 UNICODE_STRING UserName;
2323 UNICODE_STRING DomainName;
2324 ULONG Flags;
2325 NTSTATUS LastStatus;
2326 LARGE_INTEGER Expiry;
2327 ULONG CountOfEntries;
2328 PKERB_S4U2PROXY_CACHE_ENTRY_INFO Entries;
2329 } KERB_S4U2PROXY_CRED, *PKERB_S4U2PROXY_CRED;
2330
2331 typedef struct _KERB_QUERY_S4U2PROXY_CACHE_REQUEST {
2332 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2333 ULONG Flags;
2334 LUID LogonId;
2335 } KERB_QUERY_S4U2PROXY_CACHE_REQUEST, *PKERB_QUERY_S4U2PROXY_CACHE_REQUEST;
2336
2337 typedef struct _KERB_QUERY_S4U2PROXY_CACHE_RESPONSE {
2338 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2339 ULONG CountOfCreds;
2340 PKERB_S4U2PROXY_CRED Creds;
2341 } KERB_QUERY_S4U2PROXY_CACHE_RESPONSE, *PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE;
2342
2343#endif
2344
2345#if _WIN32_WINNT >= 0x0A00
2346
2347 typedef struct _KERB_RETRIEVE_KEY_TAB_REQUEST {
2348 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2349 ULONG Flags;
2350 UNICODE_STRING UserName;
2351 UNICODE_STRING DomainName;
2352 UNICODE_STRING Password;
2353 } KERB_RETRIEVE_KEY_TAB_REQUEST, *PKERB_RETRIEVE_KEY_TAB_REQUEST;
2354
2355 typedef struct _KERB_RETRIEVE_KEY_TAB_RESPONSE {
2356 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2357 ULONG KeyTabLength;
2358 PUCHAR KeyTab;
2359 } KERB_RETRIEVE_KEY_TAB_RESPONSE, *PKERB_RETRIEVE_KEY_TAB_RESPONSE;
2360
2361#define KERB_REFRESH_POLICY_KERBEROS 0x1
2362#define KERB_REFRESH_POLICY_KDC 0x2
2363
2364 typedef struct _KERB_REFRESH_POLICY_REQUEST {
2365 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2366 ULONG Flags;
2367 } KERB_REFRESH_POLICY_REQUEST, *PKERB_REFRESH_POLICY_REQUEST;
2368
2369 typedef struct _KERB_REFRESH_POLICY_RESPONSE {
2370 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2371 ULONG Flags;
2372 } KERB_REFRESH_POLICY_RESPONSE, *PKERB_REFRESH_POLICY_RESPONSE;
2373
2374 typedef struct _KERB_CLOUD_KERBEROS_DEBUG_REQUEST {
2375 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2376 LUID LogonId;
2377 } KERB_CLOUD_KERBEROS_DEBUG_REQUEST, *PKERB_CLOUD_KERBEROS_DEBUG_REQUEST;
2378
2379 typedef struct _KERB_CLOUD_KERBEROS_DEBUG_RESPONSE {
2380 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2381 ULONG Version;
2382 ULONG Length;
2383 ULONG Data[ANYSIZE_ARRAY];
2384 } KERB_CLOUD_KERBEROS_DEBUG_RESPONSE, *PKERB_CLOUD_KERBEROS_DEBUG_RESPONSE;
2385
2386#define KERB_CLOUD_KERBEROS_DEBUG_DATA_VERSION 1
2387
2388 typedef struct _KERB_CLOUD_KERBEROS_DEBUG_DATA_V0 {
2389 unsigned int EnabledByPolicy : 1;
2390 unsigned int AsRepCallbackPresent : 1;
2391 unsigned int AsRepCallbackUsed : 1;
2392 unsigned int CloudReferralTgtAvailable : 1;
2393 unsigned int SpnOracleConfigured : 1;
2394 unsigned int KdcProxyPresent : 1;
2395 } KERB_CLOUD_KERBEROS_DEBUG_DATA_V0, *PKERB_CLOUD_KERBEROS_DEBUG_DATA_V0;
2396
2397 typedef struct _KERB_CLOUD_KERBEROS_DEBUG_DATA {
2398 unsigned int EnabledByPolicy : 1;
2399 unsigned int AsRepCallbackPresent : 1;
2400 unsigned int AsRepCallbackUsed : 1;
2401 unsigned int CloudReferralTgtAvailable : 1;
2402 unsigned int SpnOracleConfigured : 1;
2403 unsigned int KdcProxyPresent : 1;
2404 unsigned int PublicKeyCredsPresent : 1;
2405 unsigned int PasswordKeysPresent : 1;
2406 unsigned int PasswordPresent : 1;
2407 unsigned int AsRepSourceCred : 8;
2408 } KERB_CLOUD_KERBEROS_DEBUG_DATA, *PKERB_CLOUD_KERBEROS_DEBUG_DATA;
2409
2410#endif /* _WIN32_WINNT >= 0x0A00 */
2411
2412 typedef struct _KERB_CHANGEPASSWORD_REQUEST {
2413 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2414 UNICODE_STRING DomainName;
2415 UNICODE_STRING AccountName;
2416 UNICODE_STRING OldPassword;
2417 UNICODE_STRING NewPassword;
2418 BOOLEAN Impersonating;
2419 } KERB_CHANGEPASSWORD_REQUEST,*PKERB_CHANGEPASSWORD_REQUEST;
2420
2421 typedef struct _KERB_SETPASSWORD_REQUEST {
2422 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2423 LUID LogonId;
2424 SecHandle CredentialsHandle;
2425 ULONG Flags;
2426 UNICODE_STRING DomainName;
2427 UNICODE_STRING AccountName;
2428 UNICODE_STRING Password;
2429 } KERB_SETPASSWORD_REQUEST,*PKERB_SETPASSWORD_REQUEST;
2430
2431 typedef struct _KERB_SETPASSWORD_EX_REQUEST {
2432 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2433 LUID LogonId;
2434 SecHandle CredentialsHandle;
2435 ULONG Flags;
2436 UNICODE_STRING AccountRealm;
2437 UNICODE_STRING AccountName;
2438 UNICODE_STRING Password;
2439 UNICODE_STRING ClientRealm;
2440 UNICODE_STRING ClientName;
2441 BOOLEAN Impersonating;
2442 UNICODE_STRING KdcAddress;
2443 ULONG KdcAddressType;
2444 } KERB_SETPASSWORD_EX_REQUEST,*PKERB_SETPASSWORD_EX_REQUEST;
2445
2446#define DS_UNKNOWN_ADDRESS_TYPE 0
2447#define KERB_SETPASS_USE_LOGONID 1
2448#define KERB_SETPASS_USE_CREDHANDLE 2
2449
2450 typedef struct _KERB_DECRYPT_REQUEST {
2451 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2452 LUID LogonId;
2453 ULONG Flags;
2454 LONG CryptoType;
2455 LONG KeyUsage;
2456 KERB_CRYPTO_KEY Key;
2457 ULONG EncryptedDataSize;
2458 ULONG InitialVectorSize;
2459 PUCHAR InitialVector;
2460 PUCHAR EncryptedData;
2461 } KERB_DECRYPT_REQUEST,*PKERB_DECRYPT_REQUEST;
2462
2463#define KERB_DECRYPT_FLAG_DEFAULT_KEY 0x00000001
2464
2465 typedef struct _KERB_DECRYPT_RESPONSE {
2466 UCHAR DecryptedData[ANYSIZE_ARRAY];
2467 } KERB_DECRYPT_RESPONSE,*PKERB_DECRYPT_RESPONSE;
2468
2469 typedef struct _KERB_ADD_BINDING_CACHE_ENTRY_REQUEST {
2470 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2471 UNICODE_STRING RealmName;
2472 UNICODE_STRING KdcAddress;
2473 ULONG AddressType;
2474 } KERB_ADD_BINDING_CACHE_ENTRY_REQUEST,*PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST;
2475
2476 typedef struct _KERB_REFRESH_SCCRED_REQUEST {
2477 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2478 UNICODE_STRING CredentialBlob;
2479 LUID LogonId;
2480 ULONG Flags;
2481 } KERB_REFRESH_SCCRED_REQUEST,*PKERB_REFRESH_SCCRED_REQUEST;
2482
2483#define KERB_REFRESH_SCCRED_RELEASE 0x0
2484#define KERB_REFRESH_SCCRED_GETTGT 0x1
2485
2486 typedef struct _KERB_ADD_CREDENTIALS_REQUEST {
2487 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2488 UNICODE_STRING UserName;
2489 UNICODE_STRING DomainName;
2490 UNICODE_STRING Password;
2491 LUID LogonId;
2492 ULONG Flags;
2493 } KERB_ADD_CREDENTIALS_REQUEST,*PKERB_ADD_CREDENTIALS_REQUEST;
2494
2495#define KERB_REQUEST_ADD_CREDENTIAL 1
2496#define KERB_REQUEST_REPLACE_CREDENTIAL 2
2497#define KERB_REQUEST_REMOVE_CREDENTIAL 4
2498
2499#if _WIN32_WINNT >= 0x0600
2500
2501 typedef struct _KERB_ADD_CREDENTIALS_REQUEST_EX {
2502 KERB_ADD_CREDENTIALS_REQUEST Credentials;
2503 ULONG PrincipalNameCount;
2504 UNICODE_STRING PrincipalNames[1];
2505 } KERB_ADD_CREDENTIALS_REQUEST_EX, *PKERB_ADD_CREDENTIALS_REQUEST_EX;
2506
2507#endif
2508
2509 typedef struct _KERB_TRANSFER_CRED_REQUEST {
2510 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2511 LUID OriginLogonId;
2512 LUID DestinationLogonId;
2513 ULONG Flags;
2514 } KERB_TRANSFER_CRED_REQUEST,*PKERB_TRANSFER_CRED_REQUEST;
2515
2516#define KERB_TRANSFER_CRED_WITH_TICKETS 1
2517#define KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS 2
2518
2519#if _WIN32_WINNT >= 0x0602
2520
2521 typedef struct _KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST {
2522 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2523 LUID LogonId;
2524 } KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST, *PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST;
2525
2526 typedef struct _KERB_BINDING_CACHE_ENTRY_DATA {
2527 ULONG64 DiscoveryTime;
2528 UNICODE_STRING RealmName;
2529 UNICODE_STRING KdcAddress;
2530 ULONG AddressType;
2531 ULONG Flags;
2532 ULONG DcFlags;
2533 ULONG CacheFlags;
2534 UNICODE_STRING KdcName;
2535 } KERB_BINDING_CACHE_ENTRY_DATA, *PKERB_BINDING_CACHE_ENTRY_DATA;
2536
2537 typedef struct _KERB_QUERY_BINDING_CACHE_RESPONSE {
2538 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2539 ULONG CountOfEntries;
2540 PKERB_BINDING_CACHE_ENTRY_DATA Entries;
2541 } KERB_QUERY_BINDING_CACHE_RESPONSE, *PKERB_QUERY_BINDING_CACHE_RESPONSE;
2542
2543 typedef struct _KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST {
2544 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2545 UNICODE_STRING RealmName;
2546 UNICODE_STRING KdcAddress;
2547 ULONG AddressType;
2548 ULONG DcFlags;
2549 } KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST, *PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST;
2550
2551 typedef struct _KERB_QUERY_BINDING_CACHE_REQUEST {
2552 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2553 } KERB_QUERY_BINDING_CACHE_REQUEST, *PKERB_QUERY_BINDING_CACHE_REQUEST;
2554
2555 typedef struct _KERB_PURGE_BINDING_CACHE_REQUEST {
2556 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2557 } KERB_PURGE_BINDING_CACHE_REQUEST, *PKERB_PURGE_BINDING_CACHE_REQUEST;
2558
2559 typedef struct _KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST {
2560 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2561 ULONG Flags;
2562 UNICODE_STRING DomainName;
2563 } KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST, *PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST;
2564
2565#define KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE_FLAG_DAC_DISABLED 1
2566
2567 typedef struct _KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE {
2568 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
2569 ULONG Flags;
2570 ULONG ExtendedPolicies;
2571 ULONG DsFlags;
2572 } KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE, *PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE;
2573
2574 typedef enum _KERB_CERTIFICATE_INFO_TYPE {
2575 CertHashInfo = 1
2576 } KERB_CERTIFICATE_INFO_TYPE, *PKERB_CERTIFICATE_INFO_TYPE;
2577
2578 typedef struct _KERB_CERTIFICATE_HASHINFO {
2579 USHORT StoreNameLength;
2580 USHORT HashLength;
2581 } KERB_CERTIFICATE_HASHINFO, *PKERB_CERTIFICATE_HASHINFO;
2582
2583 typedef struct _KERB_CERTIFICATE_INFO {
2584 ULONG CertInfoSize;
2585 ULONG InfoType;
2586 } KERB_CERTIFICATE_INFO, *PKERB_CERTIFICATE_INFO;
2587
2588#endif
2589
2590#define PER_USER_POLICY_UNCHANGED 0x00
2591#define PER_USER_AUDIT_SUCCESS_INCLUDE 0x01
2592#define PER_USER_AUDIT_SUCCESS_EXCLUDE 0x02
2593#define PER_USER_AUDIT_FAILURE_INCLUDE 0x04
2594#define PER_USER_AUDIT_FAILURE_EXCLUDE 0x08
2595#define PER_USER_AUDIT_NONE 0x10
2596
2597#define VALID_PER_USER_AUDIT_POLICY_FLAG (PER_USER_AUDIT_SUCCESS_INCLUDE | PER_USER_AUDIT_SUCCESS_EXCLUDE | PER_USER_AUDIT_FAILURE_INCLUDE | PER_USER_AUDIT_FAILURE_EXCLUDE | PER_USER_AUDIT_NONE)
2598
2599 typedef struct _AUDIT_POLICY_INFORMATION {
2600 GUID AuditSubCategoryGuid;
2601 ULONG AuditingInformation;
2602 GUID AuditCategoryGuid;
2603 } AUDIT_POLICY_INFORMATION, *PAUDIT_POLICY_INFORMATION;
2604 typedef const PAUDIT_POLICY_INFORMATION PCAUDIT_POLICY_INFORMATION, LPCAUDIT_POLICY_INFORMATION;
2605
2606#define AUDIT_SET_SYSTEM_POLICY 0x0001
2607#define AUDIT_QUERY_SYSTEM_POLICY 0x0002
2608#define AUDIT_SET_USER_POLICY 0x0004
2609#define AUDIT_QUERY_USER_POLICY 0x0008
2610#define AUDIT_ENUMERATE_USERS 0x0010
2611#define AUDIT_SET_MISC_POLICY 0x0020
2612#define AUDIT_QUERY_MISC_POLICY 0x0040
2613
2614#define AUDIT_GENERIC_ALL (STANDARD_RIGHTS_REQUIRED | AUDIT_SET_SYSTEM_POLICY | AUDIT_QUERY_SYSTEM_POLICY | \
2615 AUDIT_SET_USER_POLICY | AUDIT_QUERY_USER_POLICY | AUDIT_ENUMERATE_USERS | \
2616 AUDIT_SET_MISC_POLICY | AUDIT_QUERY_MISC_POLICY)
2617
2618#define AUDIT_GENERIC_READ (STANDARD_RIGHTS_READ | AUDIT_QUERY_SYSTEM_POLICY | AUDIT_QUERY_USER_POLICY | \
2619 AUDIT_ENUMERATE_USERS | AUDIT_QUERY_MISC_POLICY)
2620
2621#define AUDIT_GENERIC_WRITE (STANDARD_RIGHTS_WRITE | AUDIT_SET_USER_POLICY | AUDIT_SET_MISC_POLICY | \
2622 AUDIT_SET_SYSTEM_POLICY)
2623
2624#define AUDIT_GENERIC_EXECUTE STANDARD_RIGHTS_EXECUTE
2625
2626 typedef struct _POLICY_AUDIT_SID_ARRAY {
2627 ULONG UsersCount;
2628 PSID *UserSidArray;
2629 } POLICY_AUDIT_SID_ARRAY, *PPOLICY_AUDIT_SID_ARRAY;
2630
2631#if _WIN32_WINNT >= 0x0600
2632
2633#define KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES 0x1
2634#define KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO 0x2
2635
2636 typedef struct _KERB_CERTIFICATE_LOGON {
2637 KERB_LOGON_SUBMIT_TYPE MessageType;
2638 UNICODE_STRING DomainName;
2639 UNICODE_STRING UserName;
2640 UNICODE_STRING Pin;
2641 ULONG Flags;
2642 ULONG CspDataLength;
2643 PUCHAR CspData;
2644 } KERB_CERTIFICATE_LOGON, *PKERB_CERTIFICATE_LOGON;
2645
2646 typedef struct _KERB_CERTIFICATE_UNLOCK_LOGON {
2647 KERB_CERTIFICATE_LOGON Logon;
2648 LUID LogonId;
2649 } KERB_CERTIFICATE_UNLOCK_LOGON, *PKERB_CERTIFICATE_UNLOCK_LOGON;
2650
2651#define KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES 0x1
2652#define KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
2653#define KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED 0x4
2654#define KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY 0x8
2655
2656 typedef struct _KERB_CERTIFICATE_S4U_LOGON {
2657 KERB_LOGON_SUBMIT_TYPE MessageType;
2658 ULONG Flags;
2659 UNICODE_STRING UserPrincipalName;
2660 UNICODE_STRING DomainName;
2661 ULONG CertificateLength;
2662 PUCHAR Certificate;
2663 } KERB_CERTIFICATE_S4U_LOGON, *PKERB_CERTIFICATE_S4U_LOGON;
2664
2665 typedef struct _KERB_SMARTCARD_CSP_INFO {
2666 DWORD dwCspInfoLen;
2667 DWORD MessageType;
2668 __C89_NAMELESS union {
2669 PVOID ContextInformation;
2670 ULONG64 SpaceHolderForWow64;
2671 };
2672 DWORD flags;
2673 DWORD KeySpec;
2674 ULONG nCardNameOffset;
2675 ULONG nReaderNameOffset;
2676 ULONG nContainerNameOffset;
2677 ULONG nCSPNameOffset;
2678 TCHAR bBuffer;
2679 } KERB_SMARTCARD_CSP_INFO, *PKERB_SMARTCARD_CSP_INFO;
2680
2681#endif
2682
2683 BOOLEAN WINAPI AuditComputeEffectivePolicyBySid(
2684 const PSID pSid,
2685 const GUID *pSubCategoryGuids,
2686 ULONG PolicyCount,
2687 PAUDIT_POLICY_INFORMATION *ppAuditPolicy
2688 );
2689
2690 VOID WINAPI AuditFree(
2691 PVOID Buffer
2692 );
2693
2694 BOOLEAN WINAPI AuditSetSystemPolicy(
2695 PCAUDIT_POLICY_INFORMATION pAuditPolicy,
2696 ULONG PolicyCount
2697 );
2698
2699 BOOLEAN WINAPI AuditQuerySystemPolicy(
2700 const GUID *pSubCategoryGuids,
2701 ULONG PolicyCount,
2702 PAUDIT_POLICY_INFORMATION *ppAuditPolicy
2703 );
2704
2705 BOOLEAN WINAPI AuditSetPerUserPolicy(
2706 const PSID pSid,
2707 PCAUDIT_POLICY_INFORMATION pAuditPolicy,
2708 ULONG PolicyCount
2709 );
2710
2711 BOOLEAN WINAPI AuditQueryPerUserPolicy(
2712 const PSID pSid,
2713 const GUID *pSubCategoryGuids,
2714 ULONG PolicyCount,
2715 PAUDIT_POLICY_INFORMATION *ppAuditPolicy
2716 );
2717
2718 BOOLEAN WINAPI AuditComputeEffectivePolicyByToken(
2719 HANDLE hTokenHandle,
2720 const GUID *pSubCategoryGuids,
2721 ULONG PolicyCount,
2722 PAUDIT_POLICY_INFORMATION *ppAuditPolicy
2723 );
2724
2725 BOOLEAN WINAPI AuditEnumerateCategories(
2726 GUID **ppAuditCategoriesArray,
2727 PULONG pCountReturned
2728 );
2729
2730 BOOLEAN WINAPI AuditEnumeratePerUserPolicy(
2731 PPOLICY_AUDIT_SID_ARRAY *ppAuditSidArray
2732 );
2733
2734 BOOLEAN WINAPI AuditEnumerateSubCategories(
2735 const GUID *pAuditCategoryGuid,
2736 BOOLEAN bRetrieveAllSubCategories,
2737 GUID **ppAuditSubCategoriesArray,
2738 PULONG pCountReturned
2739 );
2740
2741 BOOLEAN WINAPI AuditLookupCategoryGuidFromCategoryId(
2742 POLICY_AUDIT_EVENT_TYPE AuditCategoryId,
2743 GUID *pAuditCategoryGuid
2744 );
2745
2746 BOOLEAN WINAPI AuditQuerySecurity(
2747 SECURITY_INFORMATION SecurityInformation,
2748 PSECURITY_DESCRIPTOR *ppSecurityDescriptor
2749 );
2750
2751#define AuditLookupSubCategoryName __MINGW_NAME_AW(AuditLookupSubCategoryName)
2752#define AuditLookupCategoryName __MINGW_NAME_AW(AuditLookupCategoryName)
2753
2754 BOOLEAN WINAPI AuditLookupSubCategoryNameA(
2755 const GUID *pAuditSubCategoryGuid,
2756 LPSTR *ppszSubCategoryName
2757 );
2758
2759 BOOLEAN WINAPI AuditLookupSubCategoryNameW(
2760 const GUID *pAuditSubCategoryGuid,
2761 LPWSTR *ppszSubCategoryName
2762 );
2763
2764 BOOLEAN WINAPI AuditLookupCategoryNameA(
2765 const GUID *pAuditCategoryGuid,
2766 LPSTR *ppszCategoryName
2767 );
2768
2769 BOOLEAN WINAPI AuditLookupCategoryNameW(
2770 const GUID *pAuditCategoryGuid,
2771 LPWSTR *ppszCategoryName
2772 );
2773
2774 BOOLEAN WINAPI AuditLookupCategoryIdFromCategoryGuid(
2775 const GUID *pAuditCategoryGuid,
2776 PPOLICY_AUDIT_EVENT_TYPE pAuditCategoryId
2777 );
2778
2779 BOOLEAN WINAPI AuditSetSecurity(
2780 SECURITY_INFORMATION SecurityInformation,
2781 PSECURITY_DESCRIPTOR pSecurityDescriptor
2782 );
2783
2784 BOOLEAN NTAPI AuditSetGlobalSaclW(
2785 PCWSTR ObjectTypeName,
2786 PACL Acl
2787 );
2788
2789 BOOLEAN NTAPI AuditSetGlobalSaclA(
2790 PCSTR ObjectTypeName,
2791 PACL Acl
2792 );
2793
2794#define AuditSetGlobalSacl __MINGW_NAME_AW(AuditSetGlobalSacl)
2795
2796 BOOLEAN NTAPI AuditQueryGlobalSaclW(
2797 PCWSTR ObjectTypeName,
2798 PACL *Acl
2799 );
2800
2801 BOOLEAN NTAPI AuditQueryGlobalSaclA(
2802 PCSTR ObjectTypeName,
2803 PACL *Acl
2804 );
2805
2806#define AuditQueryGlobalSacl __MINGW_NAME_AW(AuditQueryGlobalSacl)
2807
2808#if _WIN32_WINNT >= 0x0601
2809
2810#define PKU2U_PACKAGE_NAME_A "pku2u"
2811#define PKU2U_PACKAGE_NAME L"pku2u"
2812#define PKU2U_PACKAGE_NAME_W PKU2U_PACKAGE_NAME
2813
2814 typedef struct _PKU2U_CERT_BLOB {
2815 ULONG CertOffset;
2816 USHORT CertLength;
2817 } PKU2U_CERT_BLOB, *PPKU2U_CERT_BLOB;
2818
2819#define PKU2U_CREDUI_CONTEXT_VERSION 0x4154414454524543
2820
2821 typedef struct _PKU2U_CREDUI_CONTEXT {
2822 ULONG64 Version;
2823 USHORT cbHeaderLength;
2824 ULONG cbStructureLength;
2825 USHORT CertArrayCount;
2826 ULONG CertArrayOffset;
2827 } PKU2U_CREDUI_CONTEXT, *PPKU2U_CREDUI_CONTEXT;
2828
2829 typedef enum _PKU2U_LOGON_SUBMIT_TYPE {
2830 Pku2uCertificateS4ULogon = 14
2831 } PKU2U_LOGON_SUBMIT_TYPE, *PPKU2U_LOGON_SUBMIT_TYPE;
2832
2833 typedef struct _PKU2U_CERTIFICATE_S4U_LOGON {
2834 PKU2U_LOGON_SUBMIT_TYPE MessageType;
2835 ULONG Flags;
2836 UNICODE_STRING UserPrincipalName;
2837 UNICODE_STRING DomainName;
2838 ULONG CertificateLength;
2839 PUCHAR Certificate;
2840 } PKU2U_CERTIFICATE_S4U_LOGON, *PPKU2U_CERTIFICATE_S4U_LOGON;
2841
2842#endif
2843
2844#ifdef __cplusplus
2845}
2846#endif
2847#endif