2 * Windows API header module
4 * Translated from MinGW Windows headers
6 * Authors: Stewart Gordon
7 * License: $(LINK2 http://www.boost.org/LICENSE_1_0.txt, Boost License 1.0)
8 * Source: $(DRUNTIMESRC core/sys/windows/_ntsecapi.d)
10 module core
.sys
.windows
.ntsecapi
;
13 pragma(lib
, "advapi32");
15 version (ANSI
) {} else version = Unicode
;
18 core
.sys
.windows
.basetyps
, core
.sys
.windows
.ntdef
, core
.sys
.windows
.windef
, core
.sys
.windows
.winnt
, core
.sys
.windows
.w32api
;
20 // FIXME: check types and grouping of constants
21 // FIXME: check Windows version support
23 enum KERB_WRAP_NO_ENCRYPT
= 0x80000001;
25 enum LOGON_GUEST
= 0x00000001;
26 enum LOGON_NOENCRYPTION
= 0x00000002;
27 enum LOGON_CACHED_ACCOUNT
= 0x00000004;
28 enum LOGON_USED_LM_PASSWORD
= 0x00000008;
29 enum LOGON_EXTRA_SIDS
= 0x00000020;
30 enum LOGON_SUBAUTH_SESSION_KEY
= 0x00000040;
31 enum LOGON_SERVER_TRUST_ACCOUNT
= 0x00000080;
32 enum LOGON_NTLMV2_ENABLED
= 0x00000100;
33 enum LOGON_RESOURCE_GROUPS
= 0x00000200;
34 enum LOGON_PROFILE_PATH_RETURNED
= 0x00000400;
35 enum LOGON_GRACE_LOGON
= 0x01000000;
38 LSA_MODE_PASSWORD_PROTECTED
= 1,
39 LSA_MODE_INDIVIDUAL_ACCOUNTS
,
40 LSA_MODE_MANDATORY_ACCESS
,
44 bool LSA_SUCCESS(int x
) { return x
>= 0; }
46 /* TOTHINKABOUT: These constants don't have ANSI/Unicode versioned
47 * aliases. Should we merge them anyway?
49 const char[] MICROSOFT_KERBEROS_NAME_A
= "Kerberos";
50 const wchar[] MICROSOFT_KERBEROS_NAME_W
= "Kerberos";
51 const char[] MSV1_0_PACKAGE_NAME
= "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0";
52 const wchar[] MSV1_0_PACKAGE_NAMEW
= "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0";
54 enum MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
= 32;
55 enum MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT
= 2048;
56 enum MSV1_0_CLEARTEXT_PASSWORD_ALLOWED
= 2;
57 enum MSV1_0_CRED_LM_PRESENT
= 1;
58 enum MSV1_0_CRED_NT_PRESENT
= 2;
59 enum MSV1_0_CRED_VERSION
= 0;
60 enum MSV1_0_DONT_TRY_GUEST_ACCOUNT
= 16;
61 enum MSV1_0_MAX_NTLM3_LIFE
= 1800;
62 enum MSV1_0_MAX_AVL_SIZE
= 64000;
63 enum MSV1_0_MNS_LOGON
= 16777216;
66 MSV1_0_CHALLENGE_LENGTH
= 8,
67 MSV1_0_LANMAN_SESSION_KEY_LENGTH
= 8,
68 MSV1_0_NTLM3_RESPONSE_LENGTH
= 16,
69 MSV1_0_NTLM3_OWF_LENGTH
= 16,
70 MSV1_0_NTLM3_INPUT_LENGTH
= MSV1_0_NTLM3_RESPONSE
.sizeof
71 - MSV1_0_NTLM3_RESPONSE_LENGTH
,
72 MSV1_0_OWF_PASSWORD_LENGTH
= 16,
73 MSV1_0_PACKAGE_NAMEW_LENGTH
= MSV1_0_PACKAGE_NAMEW
.sizeof
76 enum MSV1_0_RETURN_USER_PARAMETERS
= 8;
77 enum MSV1_0_RETURN_PASSWORD_EXPIRY
= 64;
78 enum MSV1_0_RETURN_PROFILE_PATH
= 512;
79 enum MSV1_0_SUBAUTHENTICATION_DLL_EX
= 1048576;
80 enum MSV1_0_SUBAUTHENTICATION_DLL
= 0xff000000;
81 enum MSV1_0_SUBAUTHENTICATION_DLL_SHIFT
= 24;
82 enum MSV1_0_SUBAUTHENTICATION_DLL_RAS
= 2;
83 enum MSV1_0_SUBAUTHENTICATION_DLL_IIS
= 132;
84 enum MSV1_0_SUBAUTHENTICATION_FLAGS
= 0xff000000;
85 enum MSV1_0_TRY_GUEST_ACCOUNT_ONLY
= 256;
86 enum MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY
= 1024;
87 enum MSV1_0_UPDATE_LOGON_STATISTICS
= 4;
88 enum MSV1_0_USE_CLIENT_CHALLENGE
= 128;
89 enum MSV1_0_USER_SESSION_KEY_LENGTH
= 16;
92 MSV1_0_SUBAUTHENTICATION_KEY
93 = `System\CurrentControlSet\Control\Lsa\MSV1_0`,
94 MSV1_0_SUBAUTHENTICATION_VALUE
= "Auth";
97 POLICY_VIEW_LOCAL_INFORMATION
= 0x0001,
98 POLICY_VIEW_AUDIT_INFORMATION
= 0x0002,
99 POLICY_GET_PRIVATE_INFORMATION
= 0x0004,
100 POLICY_TRUST_ADMIN
= 0x0008,
101 POLICY_CREATE_ACCOUNT
= 0x0010,
102 POLICY_CREATE_SECRET
= 0x0020,
103 POLICY_CREATE_PRIVILEGE
= 0x0040,
104 POLICY_SET_DEFAULT_QUOTA_LIMITS
= 0x0080,
105 POLICY_SET_AUDIT_REQUIREMENTS
= 0x0100,
106 POLICY_AUDIT_LOG_ADMIN
= 0x0200,
107 POLICY_SERVER_ADMIN
= 0x0400,
108 POLICY_LOOKUP_NAMES
= 0x0800,
110 POLICY_READ
= STANDARD_RIGHTS_READ |
0x0006,
111 POLICY_WRITE
= STANDARD_RIGHTS_WRITE |
0x07F8,
112 POLICY_EXECUTE
= STANDARD_RIGHTS_EXECUTE |
0x0801,
113 POLICY_ALL_ACCESS
= STANDARD_RIGHTS_REQUIRED |
0x0FFF;
115 enum POLICY_AUDIT_EVENT_UNCHANGED
= 0;
116 enum POLICY_AUDIT_EVENT_SUCCESS
= 1;
117 enum POLICY_AUDIT_EVENT_FAILURE
= 2;
118 enum POLICY_AUDIT_EVENT_NONE
= 4;
119 enum POLICY_AUDIT_EVENT_MASK
= 7;
122 POLICY_LOCATION_LOCAL
= 1,
127 POLICY_MACHINE_POLICY_LOCAL
= 0,
128 POLICY_MACHINE_POLICY_DEFAULTED
,
129 POLICY_MACHINE_POLICY_EXPLICIT
,
130 POLICY_MACHINE_POLICY_UNKNOWN
= 0xFFFFFFFF
134 enum POLICY_QOS_SCHANEL_REQUIRED
= 0x0001;
135 enum POLICY_QOS_OUTBOUND_INTEGRITY
= 0x0002;
136 enum POLICY_QOS_OUTBOUND_CONFIDENTIALITY
= 0x0004;
137 enum POLICY_QOS_INBOUND_INTEGREITY
= 0x0008;
138 enum POLICY_QOS_INBOUND_CONFIDENTIALITY
= 0x0010;
139 enum POLICY_QOS_ALLOW_LOCAL_ROOT_CERT_STORE
= 0x0020;
140 enum POLICY_QOS_RAS_SERVER_ALLOWED
= 0x0040;
141 enum POLICY_QOS_DHCP_SERVER_ALLOWD
= 0x0080;
143 enum POLICY_KERBEROS_FORWARDABLE
= 1;
144 enum POLICY_KERBEROS_PROXYABLE
= 2;
145 enum POLICY_KERBEROS_RENEWABLE
= 4;
146 enum POLICY_KERBEROS_POSTDATEABLE
= 8;
149 SAM_PASSWORD_CHANGE_NOTIFY_ROUTINE
= "PasswordChangeNotify",
150 SAM_INIT_NOTIFICATION_ROUTINE
= "InitializeChangeNotify",
151 SAM_PASSWORD_FILTER_ROUTINE
= "PasswordFilter";
154 SE_INTERACTIVE_LOGON_NAME
= "SeInteractiveLogonRight",
155 SE_NETWORK_LOGON_NAME
= "SeNetworkLogonRight",
156 SE_BATCH_LOGON_NAME
= "SeBatchLogonRight",
157 SE_SERVICE_LOGON_NAME
= "SeServiceLogonRight";
160 TRUST_ATTRIBUTE_NON_TRANSITIVE
= 1,
161 TRUST_ATTRIBUTE_UPLEVEL_ONLY
= 2,
162 TRUST_ATTRIBUTE_TREE_PARENT
= 4194304,
163 TRUST_ATTRIBUTES_VALID
= -16580609
167 TRUST_AUTH_TYPE_NONE
,
168 TRUST_AUTH_TYPE_NT4OWF
,
169 TRUST_AUTH_TYPE_CLEAR
173 TRUST_DIRECTION_DISABLED
,
174 TRUST_DIRECTION_INBOUND
,
175 TRUST_DIRECTION_OUTBOUND
,
176 TRUST_DIRECTION_BIDIRECTIONAL
180 TRUST_TYPE_DOWNLEVEL
= 1,
186 alias UNICODE_STRING LSA_UNICODE_STRING
;
187 alias UNICODE_STRING
* PLSA_UNICODE_STRING
;
188 alias STRING LSA_STRING
;
189 alias STRING
* PLSA_STRING
;
191 enum MSV1_0_LOGON_SUBMIT_TYPE
{
192 MsV1_0InteractiveLogon
= 2,
196 MsV1_0WorkstationUnlockLogon
= 7
198 alias MSV1_0_LOGON_SUBMIT_TYPE
* PMSV1_0_LOGON_SUBMIT_TYPE
;
200 enum MSV1_0_PROFILE_BUFFER_TYPE
{
201 MsV1_0InteractiveProfile
= 2,
202 MsV1_0Lm20LogonProfile
,
203 MsV1_0SmartCardProfile
205 alias MSV1_0_PROFILE_BUFFER_TYPE
* PMSV1_0_PROFILE_BUFFER_TYPE
;
212 MsvAvDnsComputerName
,
216 enum MSV1_0_PROTOCOL_MESSAGE_TYPE
{
217 MsV1_0Lm20ChallengeRequest
= 0,
218 MsV1_0Lm20GetChallengeResponse
,
219 MsV1_0EnumerateUsers
,
222 MsV1_0ChangePassword
,
223 MsV1_0ChangeCachedPassword
,
224 MsV1_0GenericPassthrough
,
227 MsV1_0DeriveCredential
,
230 alias MSV1_0_PROTOCOL_MESSAGE_TYPE
* PMSV1_0_PROTOCOL_MESSAGE_TYPE
;
232 enum POLICY_LSA_SERVER_ROLE
{
233 PolicyServerRoleBackup
= 2,
234 PolicyServerRolePrimary
236 alias POLICY_LSA_SERVER_ROLE
* PPOLICY_LSA_SERVER_ROLE
;
238 enum POLICY_SERVER_ENABLE_STATE
{
239 PolicyServerEnabled
= 2,
242 alias POLICY_SERVER_ENABLE_STATE
* PPOLICY_SERVER_ENABLE_STATE
;
244 enum POLICY_INFORMATION_CLASS
{
245 PolicyAuditLogInformation
= 1,
246 PolicyAuditEventsInformation
,
247 PolicyPrimaryDomainInformation
,
248 PolicyPdAccountInformation
,
249 PolicyAccountDomainInformation
,
250 PolicyLsaServerRoleInformation
,
251 PolicyReplicaSourceInformation
,
252 PolicyDefaultQuotaInformation
,
253 PolicyModificationInformation
,
254 PolicyAuditFullSetInformation
,
255 PolicyAuditFullQueryInformation
,
256 PolicyDnsDomainInformation
,
259 alias POLICY_INFORMATION_CLASS
* PPOLICY_INFORMATION_CLASS
;
261 enum POLICY_AUDIT_EVENT_TYPE
{
264 AuditCategoryObjectAccess
,
265 AuditCategoryPrivilegeUse
,
266 AuditCategoryDetailedTracking
,
267 AuditCategoryPolicyChange
,
268 AuditCategoryAccountManagement
,
269 AuditCategoryDirectoryServiceAccess
,
270 AuditCategoryAccountLogon
272 alias POLICY_AUDIT_EVENT_TYPE
* PPOLICY_AUDIT_EVENT_TYPE
;
274 enum POLICY_LOCAL_INFORMATION_CLASS
{
275 PolicyLocalAuditEventsInformation
= 1,
276 PolicyLocalPdAccountInformation
,
277 PolicyLocalAccountDomainInformation
,
278 PolicyLocalLsaServerRoleInformation
,
279 PolicyLocalReplicaSourceInformation
,
280 PolicyLocalModificationInformation
,
281 PolicyLocalAuditFullSetInformation
,
282 PolicyLocalAuditFullQueryInformation
,
283 PolicyLocalDnsDomainInformation
,
284 PolicyLocalIPSecReferenceInformation
,
285 PolicyLocalMachinePasswordInformation
,
286 PolicyLocalQualityOfServiceInformation
,
287 PolicyLocalPolicyLocationInformation
289 alias POLICY_LOCAL_INFORMATION_CLASS
* PPOLICY_LOCAL_INFORMATION_CLASS
;
291 enum POLICY_DOMAIN_INFORMATION_CLASS
{
292 PolicyDomainIPSecReferenceInformation
= 1,
293 PolicyDomainQualityOfServiceInformation
,
294 PolicyDomainEfsInformation
,
295 PolicyDomainPublicKeyInformation
,
296 PolicyDomainPasswordPolicyInformation
,
297 PolicyDomainLockoutInformation
,
298 PolicyDomainKerberosTicketInformation
300 alias POLICY_DOMAIN_INFORMATION_CLASS
* PPOLICY_DOMAIN_INFORMATION_CLASS
;
302 enum SECURITY_LOGON_TYPE
{
310 alias SECURITY_LOGON_TYPE
* PSECURITY_LOGON_TYPE
;
312 enum TRUSTED_INFORMATION_CLASS
{
313 TrustedDomainNameInformation
= 1,
314 TrustedControllersInformation
,
315 TrustedPosixOffsetInformation
,
316 TrustedPasswordInformation
,
317 TrustedDomainInformationBasic
,
318 TrustedDomainInformationEx
,
319 TrustedDomainAuthInformation
,
320 TrustedDomainFullInformation
322 alias TRUSTED_INFORMATION_CLASS
* PTRUSTED_INFORMATION_CLASS
;
324 struct DOMAIN_PASSWORD_INFORMATION
{
325 USHORT MinPasswordLength
;
326 USHORT PasswordHistoryLength
;
327 ULONG PasswordProperties
;
328 LARGE_INTEGER MaxPasswordAge
;
329 LARGE_INTEGER MinPasswordAge
;
331 alias DOMAIN_PASSWORD_INFORMATION
* PDOMAIN_PASSWORD_INFORMATION
;
333 struct LSA_ENUMERATION_INFORMATION
{
336 alias LSA_ENUMERATION_INFORMATION
* PLSA_ENUMERATION_INFORMATION
;
338 alias OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES
;
339 alias OBJECT_ATTRIBUTES
* PLSA_OBJECT_ATTRIBUTES
;
341 struct LSA_TRUST_INFORMATION
{
342 LSA_UNICODE_STRING Name
;
345 alias LSA_TRUST_INFORMATION TRUSTED_DOMAIN_INFORMATION_BASIC
;
346 alias LSA_TRUST_INFORMATION
* PLSA_TRUST_INFORMATION
;
347 /* in MinGW (further down the code):
348 * typedef PLSA_TRUST_INFORMATION *PTRUSTED_DOMAIN_INFORMATION_BASIC;
349 * but it doesn't look right....
351 alias LSA_TRUST_INFORMATION
** PTRUSTED_DOMAIN_INFORMATION_BASIC
;
353 struct LSA_REFERENCED_DOMAIN_LIST
{
355 PLSA_TRUST_INFORMATION Domains
;
357 alias LSA_REFERENCED_DOMAIN_LIST
* PLSA_REFERENCED_DOMAIN_LIST
;
359 struct LSA_TRANSLATED_SID
{
364 alias LSA_TRANSLATED_SID
* PLSA_TRANSLATED_SID
;
366 struct LSA_TRANSLATED_NAME
{
368 LSA_UNICODE_STRING Name
;
371 alias LSA_TRANSLATED_NAME
* PLSA_TRANSLATED_NAME
;
373 struct MSV1_0_INTERACTIVE_LOGON
{
374 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
375 UNICODE_STRING LogonDomainName
;
376 UNICODE_STRING UserName
;
377 UNICODE_STRING Password
;
379 alias MSV1_0_INTERACTIVE_LOGON
* PMSV1_0_INTERACTIVE_LOGON
;
381 struct MSV1_0_INTERACTIVE_PROFILE
{
382 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
384 USHORT BadPasswordCount
;
385 LARGE_INTEGER LogonTime
;
386 LARGE_INTEGER LogoffTime
;
387 LARGE_INTEGER KickOffTime
;
388 LARGE_INTEGER PasswordLastSet
;
389 LARGE_INTEGER PasswordCanChange
;
390 LARGE_INTEGER PasswordMustChange
;
391 UNICODE_STRING LogonScript
;
392 UNICODE_STRING HomeDirectory
;
393 UNICODE_STRING FullName
;
394 UNICODE_STRING ProfilePath
;
395 UNICODE_STRING HomeDirectoryDrive
;
396 UNICODE_STRING LogonServer
;
399 alias MSV1_0_INTERACTIVE_PROFILE
* PMSV1_0_INTERACTIVE_PROFILE
;
401 struct MSV1_0_LM20_LOGON
{
402 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
403 UNICODE_STRING LogonDomainName
;
404 UNICODE_STRING UserName
;
405 UNICODE_STRING Workstation
;
406 UCHAR
[MSV1_0_CHALLENGE_LENGTH
] ChallengeToClient
;
407 STRING CaseSensitiveChallengeResponse
;
408 STRING CaseInsensitiveChallengeResponse
;
409 ULONG ParameterControl
;
411 alias MSV1_0_LM20_LOGON
* PMSV1_0_LM20_LOGON
;
413 //static if (_WIN32_WINNT >= 0x500) {
414 struct MSV1_0_SUBAUTH_LOGON
{
415 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
416 UNICODE_STRING LogonDomainName
;
417 UNICODE_STRING UserName
;
418 UNICODE_STRING Workstation
;
419 UCHAR
[MSV1_0_CHALLENGE_LENGTH
] ChallengeToClient
;
420 STRING AuthenticationInfo1
;
421 STRING AuthenticationInfo2
;
422 ULONG ParameterControl
;
423 ULONG SubAuthPackageId
;
425 alias MSV1_0_SUBAUTH_LOGON
* PMSV1_0_SUBAUTH_LOGON
;
428 struct MSV1_0_LM20_LOGON_PROFILE
{
429 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
430 LARGE_INTEGER KickOffTime
;
431 LARGE_INTEGER LogoffTime
;
433 UCHAR
[MSV1_0_USER_SESSION_KEY_LENGTH
] UserSessionKey
;
434 UNICODE_STRING LogonDomainName
;
435 UCHAR
[MSV1_0_LANMAN_SESSION_KEY_LENGTH
] LanmanSessionKey
;
436 UNICODE_STRING LogonServer
;
437 UNICODE_STRING UserParameters
;
439 alias MSV1_0_LM20_LOGON_PROFILE
* PMSV1_0_LM20_LOGON_PROFILE
;
441 struct MSV1_0_SUPPLEMENTAL_CREDENTIAL
{
444 UCHAR
[MSV1_0_OWF_PASSWORD_LENGTH
] LmPassword
;
445 UCHAR
[MSV1_0_OWF_PASSWORD_LENGTH
] NtPassword
;
447 alias MSV1_0_SUPPLEMENTAL_CREDENTIAL
* PMSV1_0_SUPPLEMENTAL_CREDENTIAL
;
449 struct MSV1_0_NTLM3_RESPONSE
{
450 UCHAR
[MSV1_0_NTLM3_RESPONSE_LENGTH
] Response
;
456 UCHAR
[MSV1_0_CHALLENGE_LENGTH
] ChallengeFromClient
;
459 UCHAR
* Buffer() return { return &_Buffer
; }
461 alias MSV1_0_NTLM3_RESPONSE
* PMSV1_0_NTLM3_RESPONSE
;
463 struct MSV1_0_AV_PAIR
{
467 alias MSV1_0_AV_PAIR
* PMSV1_0_AV_PAIR
;
469 struct MSV1_0_CHANGEPASSWORD_REQUEST
{
470 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
471 UNICODE_STRING DomainName
;
472 UNICODE_STRING AccountName
;
473 UNICODE_STRING OldPassword
;
474 UNICODE_STRING NewPassword
;
475 BOOLEAN Impersonating
;
477 alias MSV1_0_CHANGEPASSWORD_REQUEST
* PMSV1_0_CHANGEPASSWORD_REQUEST
;
479 struct MSV1_0_CHANGEPASSWORD_RESPONSE
{
480 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
481 BOOLEAN PasswordInfoValid
;
482 DOMAIN_PASSWORD_INFORMATION DomainPasswordInfo
;
484 alias MSV1_0_CHANGEPASSWORD_RESPONSE
* PMSV1_0_CHANGEPASSWORD_RESPONSE
;
486 struct MSV1_0_SUBAUTH_REQUEST
{
487 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
488 ULONG SubAuthPackageId
;
489 ULONG SubAuthInfoLength
;
490 PUCHAR SubAuthSubmitBuffer
;
492 alias MSV1_0_SUBAUTH_REQUEST
* PMSV1_0_SUBAUTH_REQUEST
;
494 struct MSV1_0_SUBAUTH_RESPONSE
{
495 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
496 ULONG SubAuthInfoLength
;
497 PUCHAR SubAuthReturnBuffer
;
499 alias MSV1_0_SUBAUTH_RESPONSE
* PMSV1_0_SUBAUTH_RESPONSE
;
501 enum MSV1_0_DERIVECRED_TYPE_SHA1
= 0;
503 struct MSV1_0_DERIVECRED_REQUEST
{
504 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
506 ULONG DeriveCredType
;
507 ULONG DeriveCredInfoLength
;
508 UCHAR _DeriveCredSubmitBuffer
;
509 UCHAR
* DeriveCredSubmitBuffer() return { return &_DeriveCredSubmitBuffer
; }
511 alias MSV1_0_DERIVECRED_REQUEST
* PMSV1_0_DERIVECRED_REQUEST
;
513 struct MSV1_0_DERIVECRED_RESPONSE
{
514 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
515 ULONG DeriveCredInfoLength
;
516 UCHAR _DeriveCredReturnBuffer
;
517 UCHAR
* DeriveCredReturnBuffer() return { return &_DeriveCredReturnBuffer
; }
519 alias MSV1_0_DERIVECRED_RESPONSE
* PMSV1_0_DERIVECRED_RESPONSE
;
521 alias uint LSA_ENUMERATION_HANDLE
, LSA_OPERATIONAL_MODE
,
522 POLICY_AUDIT_EVENT_OPTIONS
;
523 alias uint* PLSA_ENUMERATION_HANDLE
, PLSA_OPERATIONAL_MODE
,
524 PPOLICY_AUDIT_EVENT_OPTIONS
;
526 struct POLICY_PRIVILEGE_DEFINITION
{
527 LSA_UNICODE_STRING Name
;
530 alias POLICY_PRIVILEGE_DEFINITION
* PPOLICY_PRIVILEGE_DEFINITION
;
532 struct POLICY_AUDIT_LOG_INFO
{
533 ULONG AuditLogPercentFull
;
534 ULONG MaximumLogSize
;
535 LARGE_INTEGER AuditRetentionPeriod
;
536 BOOLEAN AuditLogFullShutdownInProgress
;
537 LARGE_INTEGER TimeToShutdown
;
538 ULONG NextAuditRecordId
;
540 alias POLICY_AUDIT_LOG_INFO
* PPOLICY_AUDIT_LOG_INFO
;
542 struct POLICY_AUDIT_EVENTS_INFO
{
543 BOOLEAN AuditingMode
;
544 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions
;
545 ULONG MaximumAuditEventCount
;
547 alias POLICY_AUDIT_EVENTS_INFO
* PPOLICY_AUDIT_EVENTS_INFO
;
549 struct POLICY_ACCOUNT_DOMAIN_INFO
{
550 LSA_UNICODE_STRING DomainName
;
553 alias POLICY_ACCOUNT_DOMAIN_INFO
* PPOLICY_ACCOUNT_DOMAIN_INFO
;
555 struct POLICY_PRIMARY_DOMAIN_INFO
{
556 LSA_UNICODE_STRING Name
;
559 alias POLICY_PRIMARY_DOMAIN_INFO
* PPOLICY_PRIMARY_DOMAIN_INFO
;
561 struct POLICY_DNS_DOMAIN_INFO
{
562 LSA_UNICODE_STRING Name
;
563 LSA_UNICODE_STRING DnsDomainName
;
564 LSA_UNICODE_STRING DnsTreeName
;
568 alias POLICY_DNS_DOMAIN_INFO
* PPOLICY_DNS_DOMAIN_INFO
;
570 struct POLICY_PD_ACCOUNT_INFO
{
571 LSA_UNICODE_STRING Name
;
573 alias POLICY_PD_ACCOUNT_INFO
* PPOLICY_PD_ACCOUNT_INFO
;
575 struct POLICY_LSA_SERVER_ROLE_INFO
{
576 POLICY_LSA_SERVER_ROLE LsaServerRole
;
578 alias POLICY_LSA_SERVER_ROLE_INFO
* PPOLICY_LSA_SERVER_ROLE_INFO
;
580 struct POLICY_REPLICA_SOURCE_INFO
{
581 LSA_UNICODE_STRING ReplicaSource
;
582 LSA_UNICODE_STRING ReplicaAccountName
;
584 alias POLICY_REPLICA_SOURCE_INFO
* PPOLICY_REPLICA_SOURCE_INFO
;
586 struct POLICY_DEFAULT_QUOTA_INFO
{
587 QUOTA_LIMITS QuotaLimits
;
589 alias POLICY_DEFAULT_QUOTA_INFO
* PPOLICY_DEFAULT_QUOTA_INFO
;
591 struct POLICY_MODIFICATION_INFO
{
592 LARGE_INTEGER ModifiedId
;
593 LARGE_INTEGER DatabaseCreationTime
;
595 alias POLICY_MODIFICATION_INFO
* PPOLICY_MODIFICATION_INFO
;
597 struct POLICY_AUDIT_FULL_SET_INFO
{
598 BOOLEAN ShutDownOnFull
;
600 alias POLICY_AUDIT_FULL_SET_INFO
* PPOLICY_AUDIT_FULL_SET_INFO
;
602 struct POLICY_AUDIT_FULL_QUERY_INFO
{
603 BOOLEAN ShutDownOnFull
;
606 alias POLICY_AUDIT_FULL_QUERY_INFO
* PPOLICY_AUDIT_FULL_QUERY_INFO
;
608 struct POLICY_EFS_INFO
{
612 alias POLICY_EFS_INFO
* PPOLICY_EFS_INFO
;
614 struct POLICY_LOCAL_IPSEC_REFERENCE_INFO
{
615 LSA_UNICODE_STRING ObjectPath
;
617 alias POLICY_LOCAL_IPSEC_REFERENCE_INFO
* PPOLICY_LOCAL_IPSEC_REFERENCE_INFO
;
619 struct POLICY_LOCAL_MACHINE_PASSWORD_INFO
{
620 LARGE_INTEGER PasswordChangeInterval
;
622 alias POLICY_LOCAL_MACHINE_PASSWORD_INFO
* PPOLICY_LOCAL_MACHINE_PASSWORD_INFO
;
624 struct POLICY_LOCAL_POLICY_LOCATION_INFO
{
625 ULONG PolicyLocation
;
627 alias POLICY_LOCAL_POLICY_LOCATION_INFO
* PPOLICY_LOCAL_POLICY_LOCATION_INFO
;
629 struct POLICY_LOCAL_QUALITY_OF_SERVICE_INFO
{
630 ULONG QualityOfService
;
632 alias POLICY_LOCAL_QUALITY_OF_SERVICE_INFO
633 POLICY_DOMAIN_QUALITY_OF_SERVICE_INFO
;
634 alias POLICY_LOCAL_QUALITY_OF_SERVICE_INFO
*
635 PPOLICY_LOCAL_QUALITY_OF_SERVICE_INFO
,
636 PPOLICY_DOMAIN_QUALITY_OF_SERVICE_INFO
;
638 struct POLICY_DOMAIN_PUBLIC_KEY_INFO
{
640 PUCHAR PublicKeyInfo
;
642 alias POLICY_DOMAIN_PUBLIC_KEY_INFO
* PPOLICY_DOMAIN_PUBLIC_KEY_INFO
;
644 struct POLICY_DOMAIN_LOCKOUT_INFO
{
645 LARGE_INTEGER LockoutDuration
;
646 LARGE_INTEGER LockoutObservationWindow
;
647 USHORT LockoutThreshold
;
649 alias POLICY_DOMAIN_LOCKOUT_INFO
* PPOLICY_DOMAIN_LOCKOUT_INFO
;
651 struct POLICY_DOMAIN_PASSWORD_INFO
{
652 USHORT MinPasswordLength
;
653 USHORT PasswordHistoryLength
;
654 ULONG PasswordProperties
;
655 LARGE_INTEGER MaxPasswordAge
;
656 LARGE_INTEGER MinPasswordAge
;
658 alias POLICY_DOMAIN_PASSWORD_INFO
* PPOLICY_DOMAIN_PASSWORD_INFO
;
660 struct POLICY_DOMAIN_KERBEROS_TICKET_INFO
{
661 ULONG AuthenticationOptions
;
662 LARGE_INTEGER MinTicketAge
;
663 LARGE_INTEGER MaxTicketAge
;
664 LARGE_INTEGER MaxRenewAge
;
665 LARGE_INTEGER ProxyLifetime
;
666 LARGE_INTEGER ForceLogoff
;
668 alias POLICY_DOMAIN_KERBEROS_TICKET_INFO
* PPOLICY_DOMAIN_KERBEROS_TICKET_INFO
;
670 mixin DECLARE_HANDLE
!("LSA_HANDLE");
671 alias LSA_HANDLE
* PLSA_HANDLE
;
673 struct TRUSTED_DOMAIN_NAME_INFO
{
674 LSA_UNICODE_STRING Name
;
676 alias TRUSTED_DOMAIN_NAME_INFO
* PTRUSTED_DOMAIN_NAME_INFO
;
678 struct TRUSTED_CONTROLLERS_INFO
{
680 PLSA_UNICODE_STRING Names
;
682 alias TRUSTED_CONTROLLERS_INFO
* PTRUSTED_CONTROLLERS_INFO
;
684 struct TRUSTED_POSIX_OFFSET_INFO
{
687 alias TRUSTED_POSIX_OFFSET_INFO
* PTRUSTED_POSIX_OFFSET_INFO
;
689 struct TRUSTED_PASSWORD_INFO
{
690 LSA_UNICODE_STRING Password
;
691 LSA_UNICODE_STRING OldPassword
;
693 alias TRUSTED_PASSWORD_INFO
* PTRUSTED_PASSWORD_INFO
;
695 struct TRUSTED_DOMAIN_INFORMATION_EX
{
696 LSA_UNICODE_STRING Name
;
697 LSA_UNICODE_STRING FlatName
;
699 ULONG TrustDirection
;
701 ULONG TrustAttributes
;
703 alias TRUSTED_DOMAIN_INFORMATION_EX
* PTRUSTED_DOMAIN_INFORMATION_EX
;
705 struct LSA_AUTH_INFORMATION
{
706 LARGE_INTEGER LastUpdateTime
;
708 ULONG AuthInfoLength
;
711 alias LSA_AUTH_INFORMATION
* PLSA_AUTH_INFORMATION
;
713 struct TRUSTED_DOMAIN_AUTH_INFORMATION
{
714 ULONG IncomingAuthInfos
;
715 PLSA_AUTH_INFORMATION IncomingAuthenticationInformation
;
716 PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation
;
717 ULONG OutgoingAuthInfos
;
718 PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation
;
719 PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation
;
721 alias TRUSTED_DOMAIN_AUTH_INFORMATION
* PTRUSTED_DOMAIN_AUTH_INFORMATION
;
723 struct TRUSTED_DOMAIN_FULL_INFORMATION
{
724 TRUSTED_DOMAIN_INFORMATION_EX Information
;
725 TRUSTED_POSIX_OFFSET_INFO PosixOffset
;
726 TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation
;
728 alias TRUSTED_DOMAIN_FULL_INFORMATION
* PTRUSTED_DOMAIN_FULL_INFORMATION
;
731 NTSTATUS
LsaAddAccountRights(LSA_HANDLE
, PSID
, PLSA_UNICODE_STRING
,
733 NTSTATUS
LsaCallAuthenticationPackage(HANDLE
, ULONG
, PVOID
, ULONG
,
734 PVOID
*, PULONG
, PNTSTATUS
);
735 NTSTATUS
LsaClose(LSA_HANDLE
);
736 NTSTATUS
LsaConnectUntrusted(PHANDLE
);
737 NTSTATUS
LsaCreateTrustedDomainEx(LSA_HANDLE
,
738 PTRUSTED_DOMAIN_INFORMATION_EX
, PTRUSTED_DOMAIN_AUTH_INFORMATION
,
739 ACCESS_MASK
, PLSA_HANDLE
);
740 NTSTATUS
LsaDeleteTrustedDomain(LSA_HANDLE
, PSID
);
741 NTSTATUS
LsaDeregisterLogonProcess(HANDLE
);
742 NTSTATUS
LsaEnumerateAccountRights(LSA_HANDLE
, PSID
, PLSA_UNICODE_STRING
*,
744 NTSTATUS
LsaEnumerateAccountsWithUserRight(LSA_HANDLE
,
745 PLSA_UNICODE_STRING
, PVOID
*, PULONG
);
746 NTSTATUS
LsaEnumerateTrustedDomains(LSA_HANDLE
, PLSA_ENUMERATION_HANDLE
,
747 PVOID
*, ULONG
, PULONG
);
748 NTSTATUS
LsaEnumerateTrustedDomainsEx(LSA_HANDLE
, PLSA_ENUMERATION_HANDLE
,
749 TRUSTED_INFORMATION_CLASS
, PVOID
*, ULONG
, PULONG
);
750 NTSTATUS
LsaFreeMemory(PVOID
);
751 NTSTATUS
LsaFreeReturnBuffer(PVOID
);
752 NTSTATUS
LsaLogonUser(HANDLE
, PLSA_STRING
, SECURITY_LOGON_TYPE
, ULONG
,
753 PVOID
, ULONG
, PTOKEN_GROUPS
, PTOKEN_SOURCE
, PVOID
*, PULONG
, PLUID
,
754 PHANDLE
, PQUOTA_LIMITS
, PNTSTATUS
);
755 NTSTATUS
LsaLookupAuthenticationPackage(HANDLE
, PLSA_STRING
, PULONG
);
756 NTSTATUS
LsaLookupNames(LSA_HANDLE
, ULONG
, PLSA_UNICODE_STRING
,
757 PLSA_REFERENCED_DOMAIN_LIST
*, PLSA_TRANSLATED_SID
*);
758 NTSTATUS
LsaLookupSids(LSA_HANDLE
, ULONG
, PSID
*,
759 PLSA_REFERENCED_DOMAIN_LIST
*, PLSA_TRANSLATED_NAME
*);
760 ULONG
LsaNtStatusToWinError(NTSTATUS
);
761 NTSTATUS
LsaOpenPolicy(PLSA_UNICODE_STRING
, PLSA_OBJECT_ATTRIBUTES
,
762 ACCESS_MASK
, PLSA_HANDLE
);
763 NTSTATUS
LsaQueryDomainInformationPolicy(LSA_HANDLE
,
764 POLICY_DOMAIN_INFORMATION_CLASS
, PVOID
*);
765 NTSTATUS
LsaQueryInformationPolicy(LSA_HANDLE
, POLICY_INFORMATION_CLASS
,
767 NTSTATUS
LsaQueryLocalInformationPolicy(LSA_HANDLE
,
768 POLICY_LOCAL_INFORMATION_CLASS
, PVOID
*);
769 NTSTATUS
LsaQueryTrustedDomainInfo(LSA_HANDLE
, PSID
,
770 TRUSTED_INFORMATION_CLASS
, PVOID
*);
771 NTSTATUS
LsaQueryTrustedDomainInfoByName(LSA_HANDLE
, PLSA_UNICODE_STRING
,
772 TRUSTED_INFORMATION_CLASS
, PVOID
*);
773 NTSTATUS
LsaRegisterLogonProcess(PLSA_STRING
, PHANDLE
,
774 PLSA_OPERATIONAL_MODE
);
775 NTSTATUS
LsaRemoveAccountRights(LSA_HANDLE
, PSID
, BOOLEAN
,
776 PLSA_UNICODE_STRING
, ULONG
);
777 NTSTATUS
LsaRetrievePrivateData(LSA_HANDLE
, PLSA_UNICODE_STRING
,
778 PLSA_UNICODE_STRING
*);
779 NTSTATUS
LsaSetDomainInformationPolicy(LSA_HANDLE
,
780 POLICY_DOMAIN_INFORMATION_CLASS
, PVOID
);
781 NTSTATUS
LsaSetInformationPolicy(LSA_HANDLE
, POLICY_INFORMATION_CLASS
,
783 NTSTATUS
LsaSetLocalInformationPolicy(LSA_HANDLE
,
784 POLICY_LOCAL_INFORMATION_CLASS
, PVOID
);
785 NTSTATUS
LsaSetTrustedDomainInformation(LSA_HANDLE
, PSID
,
786 TRUSTED_INFORMATION_CLASS
, PVOID
);
787 NTSTATUS
LsaSetTrustedDomainInfoByName(LSA_HANDLE
, PLSA_UNICODE_STRING
,
788 TRUSTED_INFORMATION_CLASS
, PVOID
);
789 NTSTATUS
LsaStorePrivateData(LSA_HANDLE
, PLSA_UNICODE_STRING
,
790 PLSA_UNICODE_STRING
);
793 alias NTSTATUS
function(PUNICODE_STRING
, ULONG
, PUNICODE_STRING
)
794 PSAM_PASSWORD_NOTIFICATION_ROUTINE
;
795 alias BOOLEAN
function() PSAM_INIT_NOTIFICATION_ROUTINE
;
796 alias BOOLEAN
function(PUNICODE_STRING
, PUNICODE_STRING
,
797 PUNICODE_STRING
, BOOLEAN
) PSAM_PASSWORD_FILTER_ROUTINE
;