7 #define REVISED_AUDIT_ENTRY_STRUCT
8 #define LOGFLAGS_FORWARD 0
9 #define LOGFLAGS_BACKWARD 1
10 #define LOGFLAGS_SEEK 2
11 #define ACTION_LOCKOUT 0
12 #define ACTION_ADMINUNLOCK 1
17 #define AE_USERLIMIT 0
24 #define AE_ADMINPRIVREQD 2
26 #define AE_NOACCESSPERM 3
27 #define AE_ACCRESTRICT 4
28 #define AE_NORMAL_CLOSE 0
29 #define AE_SES_CLOSE 1
30 #define AE_ADMIN_CLOSE 2
31 #define AE_LIM_UNKNOWN 0
32 #define AE_LIM_LOGONHOURS 1
33 #define AE_LIM_EXPIRED 2
34 #define AE_LIM_INVAL_WKSTA 3
35 #define AE_LIM_DISABLED 4
36 #define AE_LIM_DELETED 5
41 #define AE_UAS_GROUP 1
42 #define AE_UAS_MODALS 2
43 #define SVAUD_SERVICE 1
44 #define SVAUD_GOODSESSLOGON 6
45 #define SVAUD_BADSESSLOGON 24
46 #define SVAUD_SESSLOGON (SVAUD_GOODSESSLOGON|SVAUD_BADSESSLOGON)
47 #define SVAUD_GOODNETLOGON 96
48 #define SVAUD_BADNETLOGON 384
49 #define SVAUD_NETLOGON (SVAUD_GOODNETLOGON|SVAUD_BADNETLOGON)
50 #define SVAUD_LOGON (SVAUD_NETLOGON|SVAUD_SESSLOGON)
51 #define SVAUD_GOODUSE 0x600
52 #define SVAUD_BADUSE 0x1800
53 #define SVAUD_USE (SVAUD_GOODUSE|SVAUD_BADUSE)
54 #define SVAUD_USERLIST 8192
55 #define SVAUD_PERMISSIONS 16384
56 #define SVAUD_RESOURCE 32768
57 #define SVAUD_LOGONLIM 65536
58 #define AA_AUDIT_ALL 1
63 #define AA_S_CREATE 32
64 #define AA_S_DELETE 64
68 #define AA_F_WRITE 512
69 #define AA_F_CREATE 512
70 #define AA_F_DELETE 1024
72 #define AA_F_ALL (AA_F_OPEN|AA_F_WRITE|AA_F_DELETE|AA_F_ACL)
73 #define AA_A_OPEN 2048
74 #define AA_A_WRITE 4096
75 #define AA_A_CREATE 8192
76 #define AA_A_DELETE 16384
77 #define AA_A_ACL 32768
78 #define AA_A_ALL (AA_F_OPEN|AA_F_WRITE|AA_F_DELETE|AA_F_ACL)
79 typedef struct _AUDIT_ENTRY
{
86 } AUDIT_ENTRY
,*PAUDIT_ENTRY
,*LPAUDIT_ENTRY
;
87 typedef struct _HLOG
{
92 } HLOG
,*PHLOG
,*LPHLOG
;
93 typedef struct _AE_SRVSTATUS
{
95 } AE_SRVSTATUS
,*PAE_SRVSTATUS
,*LPAE_SRVSTATUS
;
96 typedef struct _AE_SESSLOGON
{
99 DWORD ae_so_privilege
;
100 } AE_SESSLOGON
,*PAE_SESSLOGON
,*LPAE_SESSLOGON
;
101 typedef struct _AE_SESSLOGOFF
{
102 DWORD ae_sf_compname
;
103 DWORD ae_sf_username
;
105 } AE_SESSLOGOFF
,*PAE_SESSLOGOFF
,*LPAE_SESSLOGOFF
;
106 typedef struct _AE_SESSPWERR
{
107 DWORD ae_sp_compname
;
108 DWORD ae_sp_username
;
109 } AE_SESSPWERR
,*PAE_SESSPWERR
,*LPAE_SESSPWERR
;
110 typedef struct _AE_CONNSTART
{
111 DWORD ae_ct_compname
;
112 DWORD ae_ct_username
;
115 } AE_CONNSTART
,*PAE_CONNSTART
,*LPAE_CONNSTART
;
116 typedef struct _AE_CONNSTOP
{
117 DWORD ae_cp_compname
;
118 DWORD ae_cp_username
;
122 } AE_CONNSTOP
,*PAE_CONNSTOP
,*LPAE_CONNSTOP
;
123 typedef struct _AE_CONNREJ
{
124 DWORD ae_cr_compname
;
125 DWORD ae_cr_username
;
128 } AE_CONNREJ
,*PAE_CONNREJ
,*LPAE_CONNREJ
;
129 typedef struct _AE_RESACCESS
{
130 DWORD ae_ra_compname
;
131 DWORD ae_ra_username
;
133 DWORD ae_ra_operation
;
134 DWORD ae_ra_returncode
;
137 } AE_RESACCESS
,*PAE_RESACCESS
,*LPAE_RESACCESS
;
138 typedef struct _AE_RESACCESSREJ
{
139 DWORD ae_rr_compname
;
140 DWORD ae_rr_username
;
142 DWORD ae_rr_operation
;
143 } AE_RESACCESSREJ
,*PAE_RESACCESSREJ
,*LPAE_RESACCESSREJ
;
144 typedef struct _AE_CLOSEFILE
{
145 DWORD ae_cf_compname
;
146 DWORD ae_cf_username
;
149 DWORD ae_cf_duration
;
151 } AE_CLOSEFILE
,*PAE_CLOSEFILE
,*LPAE_CLOSEFILE
;
152 typedef struct _AE_SERVICESTAT
{
153 DWORD ae_ss_compname
;
154 DWORD ae_ss_username
;
159 DWORD ae_ss_returnval
;
160 } AE_SERVICESTAT
,*PAE_SERVICESTAT
,*LPAE_SERVICESTAT
;
161 typedef struct _AE_ACLMOD
{
162 DWORD ae_am_compname
;
163 DWORD ae_am_username
;
167 } AE_ACLMOD
,*PAE_ACLMOD
,*LPAE_ACLMOD
;
168 typedef struct _AE_UASMOD
{
169 DWORD ae_um_compname
;
170 DWORD ae_um_username
;
175 } AE_UASMOD
,*PAE_UASMOD
,*LPAE_UASMOD
;
176 typedef struct _AE_NETLOGON
{
177 DWORD ae_no_compname
;
178 DWORD ae_no_username
;
179 DWORD ae_no_privilege
;
180 DWORD ae_no_authflags
;
181 } AE_NETLOGON
,*PAE_NETLOGON
,*LPAE_NETLOGON
;
182 typedef struct _AE_NETLOGOFF
{
183 DWORD ae_nf_compname
;
184 DWORD ae_nf_username
;
185 DWORD ae_nf_reserved1
;
186 DWORD ae_nf_reserved2
;
187 } AE_NETLOGOFF
,*PAE_NETLOGOFF
,*LPAE_NETLOGOFF
;
188 typedef struct _AE_ACCLIM
{
189 DWORD ae_al_compname
;
190 DWORD ae_al_username
;
193 } AE_ACCLIM
,*PAE_ACCLIM
,*LPAE_ACCLIM
;
194 typedef struct _AE_LOCKOUT
{
195 DWORD ae_lk_compname
;
196 DWORD ae_lk_username
;
198 DWORD ae_lk_bad_pw_count
;
199 } AE_LOCKOUT
,*PAE_LOCKOUT
,*LPAE_LOCKOUT
;
200 typedef struct _AE_GENERIC
{
213 } AE_GENERIC
,*PAE_GENERIC
,*LPAE_GENERIC
;
214 NET_API_STATUS WINAPI
NetAuditClear(LPCWSTR
,LPCWSTR
,LPCWSTR
);
215 NET_API_STATUS WINAPI
NetAuditRead(LPTSTR
,LPTSTR
,LPHLOG
,DWORD
,PDWORD
,DWORD
,DWORD
,PBYTE
*,DWORD
,PDWORD
,PDWORD
);
216 NET_API_STATUS WINAPI
NetAuditWrite(DWORD
,PBYTE
,DWORD
,LPTSTR
,PBYTE
);
218 /* These conflict with struct typedefs, why? */
219 #define AE_SRVSTATUS 0
220 #define AE_SESSLOGON 1
221 #define AE_SESSLOGOFF 2
222 #define AE_SESSPWERR 3
223 #define AE_CONNSTART 4
224 #define AE_CONNSTOP 5
226 #define AE_RESACCESS 7
227 #define AE_RESACCESSREJ 8
228 #define AE_CLOSEFILE 9
229 #define AE_SERVICESTAT 11
232 #define AE_NETLOGON 14
233 #define AE_NETLOGOFF 15
234 #define AE_NETLOGDENIED 16
235 #define AE_ACCLIMITEXCD 17
236 #define AE_RESACCESS2 18
237 #define AE_ACLMODFAIL 19
238 #define AE_LOCKOUT 20
239 #define AE_GENERIC_TYPE 21
240 #define AE_SRVSTART 0
241 #define AE_SRVPAUSED 1