1 /******************************************************************************
2 * Security Manager Types *
3 ******************************************************************************/
7 typedef PVOID PSECURITY_DESCRIPTOR
;
8 typedef ULONG SECURITY_INFORMATION
, *PSECURITY_INFORMATION
;
9 typedef ULONG ACCESS_MASK
, *PACCESS_MASK
;
10 typedef PVOID PACCESS_TOKEN
;
13 #define DELETE 0x00010000L
14 #define READ_CONTROL 0x00020000L
15 #define WRITE_DAC 0x00040000L
16 #define WRITE_OWNER 0x00080000L
17 #define SYNCHRONIZE 0x00100000L
18 #define STANDARD_RIGHTS_REQUIRED 0x000F0000L
19 #define STANDARD_RIGHTS_READ READ_CONTROL
20 #define STANDARD_RIGHTS_WRITE READ_CONTROL
21 #define STANDARD_RIGHTS_EXECUTE READ_CONTROL
22 #define STANDARD_RIGHTS_ALL 0x001F0000L
23 #define SPECIFIC_RIGHTS_ALL 0x0000FFFFL
24 #define ACCESS_SYSTEM_SECURITY 0x01000000L
25 #define MAXIMUM_ALLOWED 0x02000000L
26 #define GENERIC_READ 0x80000000L
27 #define GENERIC_WRITE 0x40000000L
28 #define GENERIC_EXECUTE 0x20000000L
29 #define GENERIC_ALL 0x10000000L
31 typedef struct _GENERIC_MAPPING
{
32 ACCESS_MASK GenericRead
;
33 ACCESS_MASK GenericWrite
;
34 ACCESS_MASK GenericExecute
;
35 ACCESS_MASK GenericAll
;
36 } GENERIC_MAPPING
, *PGENERIC_MAPPING
;
38 #define ACL_REVISION 2
39 #define ACL_REVISION_DS 4
41 #define ACL_REVISION1 1
42 #define ACL_REVISION2 2
43 #define ACL_REVISION3 3
44 #define ACL_REVISION4 4
45 #define MIN_ACL_REVISION ACL_REVISION2
46 #define MAX_ACL_REVISION ACL_REVISION4
56 /* Current security descriptor revision value */
57 #define SECURITY_DESCRIPTOR_REVISION (1)
58 #define SECURITY_DESCRIPTOR_REVISION1 (1)
60 /* Privilege attributes */
61 #define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x00000001L)
62 #define SE_PRIVILEGE_ENABLED (0x00000002L)
63 #define SE_PRIVILEGE_REMOVED (0X00000004L)
64 #define SE_PRIVILEGE_USED_FOR_ACCESS (0x80000000L)
66 #define SE_PRIVILEGE_VALID_ATTRIBUTES (SE_PRIVILEGE_ENABLED_BY_DEFAULT | \
67 SE_PRIVILEGE_ENABLED | \
68 SE_PRIVILEGE_REMOVED | \
69 SE_PRIVILEGE_USED_FOR_ACCESS)
72 typedef struct _LUID_AND_ATTRIBUTES
{
75 } LUID_AND_ATTRIBUTES
, *PLUID_AND_ATTRIBUTES
;
78 typedef LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES_ARRAY
[ANYSIZE_ARRAY
];
79 typedef LUID_AND_ATTRIBUTES_ARRAY
*PLUID_AND_ATTRIBUTES_ARRAY
;
82 #define PRIVILEGE_SET_ALL_NECESSARY (1)
84 typedef struct _PRIVILEGE_SET
{
87 LUID_AND_ATTRIBUTES Privilege
[ANYSIZE_ARRAY
];
88 } PRIVILEGE_SET
,*PPRIVILEGE_SET
;
90 typedef enum _SECURITY_IMPERSONATION_LEVEL
{
92 SecurityIdentification
,
93 SecurityImpersonation
,
95 } SECURITY_IMPERSONATION_LEVEL
, * PSECURITY_IMPERSONATION_LEVEL
;
97 #define SECURITY_MAX_IMPERSONATION_LEVEL SecurityDelegation
98 #define SECURITY_MIN_IMPERSONATION_LEVEL SecurityAnonymous
99 #define DEFAULT_IMPERSONATION_LEVEL SecurityImpersonation
100 #define VALID_IMPERSONATION_LEVEL(Level) (((Level) >= SECURITY_MIN_IMPERSONATION_LEVEL) && ((Level) <= SECURITY_MAX_IMPERSONATION_LEVEL))
102 #define SECURITY_DYNAMIC_TRACKING (TRUE)
103 #define SECURITY_STATIC_TRACKING (FALSE)
105 typedef BOOLEAN SECURITY_CONTEXT_TRACKING_MODE
, *PSECURITY_CONTEXT_TRACKING_MODE
;
107 typedef struct _SECURITY_QUALITY_OF_SERVICE
{
109 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
110 SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
;
111 BOOLEAN EffectiveOnly
;
112 } SECURITY_QUALITY_OF_SERVICE
, *PSECURITY_QUALITY_OF_SERVICE
;
114 typedef struct _SE_IMPERSONATION_STATE
{
117 BOOLEAN EffectiveOnly
;
118 SECURITY_IMPERSONATION_LEVEL Level
;
119 } SE_IMPERSONATION_STATE
, *PSE_IMPERSONATION_STATE
;
121 #define OWNER_SECURITY_INFORMATION (0x00000001L)
122 #define GROUP_SECURITY_INFORMATION (0x00000002L)
123 #define DACL_SECURITY_INFORMATION (0x00000004L)
124 #define SACL_SECURITY_INFORMATION (0x00000008L)
125 #define LABEL_SECURITY_INFORMATION (0x00000010L)
127 #define PROTECTED_DACL_SECURITY_INFORMATION (0x80000000L)
128 #define PROTECTED_SACL_SECURITY_INFORMATION (0x40000000L)
129 #define UNPROTECTED_DACL_SECURITY_INFORMATION (0x20000000L)
130 #define UNPROTECTED_SACL_SECURITY_INFORMATION (0x10000000L)
132 typedef enum _SECURITY_OPERATION_CODE
{
133 SetSecurityDescriptor
,
134 QuerySecurityDescriptor
,
135 DeleteSecurityDescriptor
,
136 AssignSecurityDescriptor
137 } SECURITY_OPERATION_CODE
, *PSECURITY_OPERATION_CODE
;
139 #define INITIAL_PRIVILEGE_COUNT 3
141 typedef struct _INITIAL_PRIVILEGE_SET
{
142 ULONG PrivilegeCount
;
144 LUID_AND_ATTRIBUTES Privilege
[INITIAL_PRIVILEGE_COUNT
];
145 } INITIAL_PRIVILEGE_SET
, * PINITIAL_PRIVILEGE_SET
;
147 #define SE_MIN_WELL_KNOWN_PRIVILEGE 2
148 #define SE_CREATE_TOKEN_PRIVILEGE 2
149 #define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE 3
150 #define SE_LOCK_MEMORY_PRIVILEGE 4
151 #define SE_INCREASE_QUOTA_PRIVILEGE 5
152 #define SE_MACHINE_ACCOUNT_PRIVILEGE 6
153 #define SE_TCB_PRIVILEGE 7
154 #define SE_SECURITY_PRIVILEGE 8
155 #define SE_TAKE_OWNERSHIP_PRIVILEGE 9
156 #define SE_LOAD_DRIVER_PRIVILEGE 10
157 #define SE_SYSTEM_PROFILE_PRIVILEGE 11
158 #define SE_SYSTEMTIME_PRIVILEGE 12
159 #define SE_PROF_SINGLE_PROCESS_PRIVILEGE 13
160 #define SE_INC_BASE_PRIORITY_PRIVILEGE 14
161 #define SE_CREATE_PAGEFILE_PRIVILEGE 15
162 #define SE_CREATE_PERMANENT_PRIVILEGE 16
163 #define SE_BACKUP_PRIVILEGE 17
164 #define SE_RESTORE_PRIVILEGE 18
165 #define SE_SHUTDOWN_PRIVILEGE 19
166 #define SE_DEBUG_PRIVILEGE 20
167 #define SE_AUDIT_PRIVILEGE 21
168 #define SE_SYSTEM_ENVIRONMENT_PRIVILEGE 22
169 #define SE_CHANGE_NOTIFY_PRIVILEGE 23
170 #define SE_REMOTE_SHUTDOWN_PRIVILEGE 24
171 #define SE_UNDOCK_PRIVILEGE 25
172 #define SE_SYNC_AGENT_PRIVILEGE 26
173 #define SE_ENABLE_DELEGATION_PRIVILEGE 27
174 #define SE_MANAGE_VOLUME_PRIVILEGE 28
175 #define SE_IMPERSONATE_PRIVILEGE 29
176 #define SE_CREATE_GLOBAL_PRIVILEGE 30
177 #define SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE 31
178 #define SE_RELABEL_PRIVILEGE 32
179 #define SE_INC_WORKING_SET_PRIVILEGE 33
180 #define SE_TIME_ZONE_PRIVILEGE 34
181 #define SE_CREATE_SYMBOLIC_LINK_PRIVILEGE 35
182 #define SE_MAX_WELL_KNOWN_PRIVILEGE SE_CREATE_SYMBOLIC_LINK_PRIVILEGE
184 typedef struct _SECURITY_SUBJECT_CONTEXT
{
185 PACCESS_TOKEN ClientToken
;
186 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
187 PACCESS_TOKEN PrimaryToken
;
188 PVOID ProcessAuditId
;
189 } SECURITY_SUBJECT_CONTEXT
, *PSECURITY_SUBJECT_CONTEXT
;
191 typedef struct _ACCESS_STATE
{
193 BOOLEAN SecurityEvaluated
;
194 BOOLEAN GenerateAudit
;
195 BOOLEAN GenerateOnClose
;
196 BOOLEAN PrivilegesAllocated
;
198 ACCESS_MASK RemainingDesiredAccess
;
199 ACCESS_MASK PreviouslyGrantedAccess
;
200 ACCESS_MASK OriginalDesiredAccess
;
201 SECURITY_SUBJECT_CONTEXT SubjectSecurityContext
;
202 PSECURITY_DESCRIPTOR SecurityDescriptor
;
205 INITIAL_PRIVILEGE_SET InitialPrivilegeSet
;
206 PRIVILEGE_SET PrivilegeSet
;
208 BOOLEAN AuditPrivileges
;
209 UNICODE_STRING ObjectName
;
210 UNICODE_STRING ObjectTypeName
;
211 } ACCESS_STATE
, *PACCESS_STATE
;
214 (NTAPI
*PNTFS_DEREF_EXPORTED_SECURITY_DESCRIPTOR
)(
216 IN PSECURITY_DESCRIPTOR SecurityDescriptor
);
220 #ifndef _NTLSA_AUDIT_
221 #define _NTLSA_AUDIT_
223 #define SE_MAX_AUDIT_PARAMETERS 32
224 #define SE_MAX_GENERIC_AUDIT_PARAMETERS 28
226 #define SE_ADT_OBJECT_ONLY 0x1
228 #define SE_ADT_PARAMETERS_SELF_RELATIVE 0x00000001
229 #define SE_ADT_PARAMETERS_SEND_TO_LSA 0x00000002
230 #define SE_ADT_PARAMETER_EXTENSIBLE_AUDIT 0x00000004
231 #define SE_ADT_PARAMETER_GENERIC_AUDIT 0x00000008
232 #define SE_ADT_PARAMETER_WRITE_SYNCHRONOUS 0x00000010
234 #define LSAP_SE_ADT_PARAMETER_ARRAY_TRUE_SIZE(Parameters) \
235 ( sizeof(SE_ADT_PARAMETER_ARRAY) - sizeof(SE_ADT_PARAMETER_ARRAY_ENTRY) * \
236 (SE_MAX_AUDIT_PARAMETERS - Parameters->ParameterCount) )
238 typedef enum _SE_ADT_PARAMETER_TYPE
{
239 SeAdtParmTypeNone
= 0,
241 SeAdtParmTypeFileSpec
,
244 SeAdtParmTypeLogonId
,
245 SeAdtParmTypeNoLogonId
,
246 SeAdtParmTypeAccessMask
,
248 SeAdtParmTypeObjectTypes
,
249 SeAdtParmTypeHexUlong
,
254 SeAdtParmTypeHexInt64
,
255 SeAdtParmTypeStringList
,
256 SeAdtParmTypeSidList
,
257 SeAdtParmTypeDuration
,
258 SeAdtParmTypeUserAccountControl
,
260 SeAdtParmTypeMessage
,
261 SeAdtParmTypeDateTime
,
262 SeAdtParmTypeSockAddr
,
264 SeAdtParmTypeLogonHours
,
265 SeAdtParmTypeLogonIdNoSid
,
266 SeAdtParmTypeUlongNoConv
,
267 SeAdtParmTypeSockAddrNoPort
,
268 SeAdtParmTypeAccessReason
269 } SE_ADT_PARAMETER_TYPE
, *PSE_ADT_PARAMETER_TYPE
;
271 typedef struct _SE_ADT_OBJECT_TYPE
{
275 ACCESS_MASK AccessMask
;
276 } SE_ADT_OBJECT_TYPE
, *PSE_ADT_OBJECT_TYPE
;
278 typedef struct _SE_ADT_PARAMETER_ARRAY_ENTRY
{
279 SE_ADT_PARAMETER_TYPE Type
;
283 } SE_ADT_PARAMETER_ARRAY_ENTRY
, *PSE_ADT_PARAMETER_ARRAY_ENTRY
;
285 typedef struct _SE_ADT_ACCESS_REASON
{
286 ACCESS_MASK AccessMask
;
287 ULONG AccessReasons
[32];
288 ULONG ObjectTypeIndex
;
290 PSECURITY_DESCRIPTOR SecurityDescriptor
;
291 } SE_ADT_ACCESS_REASON
, *PSE_ADT_ACCESS_REASON
;
293 typedef struct _SE_ADT_PARAMETER_ARRAY
{
296 ULONG ParameterCount
;
298 USHORT FlatSubCategoryId
;
301 SE_ADT_PARAMETER_ARRAY_ENTRY Parameters
[ SE_MAX_AUDIT_PARAMETERS
];
302 } SE_ADT_PARAMETER_ARRAY
, *PSE_ADT_PARAMETER_ARRAY
;
304 #endif /* !_NTLSA_AUDIT_ */
305 #endif /* !_NTLSA_IFS_ */
308 #define SE_UNSOLICITED_INPUT_PRIVILEGE 6
310 typedef enum _WELL_KNOWN_SID_TYPE
{
314 WinCreatorOwnerSid
= 3,
315 WinCreatorGroupSid
= 4,
316 WinCreatorOwnerServerSid
= 5,
317 WinCreatorGroupServerSid
= 6,
318 WinNtAuthoritySid
= 7,
322 WinInteractiveSid
= 11,
324 WinAnonymousSid
= 13,
326 WinEnterpriseControllersSid
= 15,
328 WinAuthenticatedUserSid
= 17,
329 WinRestrictedCodeSid
= 18,
330 WinTerminalServerSid
= 19,
331 WinRemoteLogonIdSid
= 20,
333 WinLocalSystemSid
= 22,
334 WinLocalServiceSid
= 23,
335 WinNetworkServiceSid
= 24,
336 WinBuiltinDomainSid
= 25,
337 WinBuiltinAdministratorsSid
= 26,
338 WinBuiltinUsersSid
= 27,
339 WinBuiltinGuestsSid
= 28,
340 WinBuiltinPowerUsersSid
= 29,
341 WinBuiltinAccountOperatorsSid
= 30,
342 WinBuiltinSystemOperatorsSid
= 31,
343 WinBuiltinPrintOperatorsSid
= 32,
344 WinBuiltinBackupOperatorsSid
= 33,
345 WinBuiltinReplicatorSid
= 34,
346 WinBuiltinPreWindows2000CompatibleAccessSid
= 35,
347 WinBuiltinRemoteDesktopUsersSid
= 36,
348 WinBuiltinNetworkConfigurationOperatorsSid
= 37,
349 WinAccountAdministratorSid
= 38,
350 WinAccountGuestSid
= 39,
351 WinAccountKrbtgtSid
= 40,
352 WinAccountDomainAdminsSid
= 41,
353 WinAccountDomainUsersSid
= 42,
354 WinAccountDomainGuestsSid
= 43,
355 WinAccountComputersSid
= 44,
356 WinAccountControllersSid
= 45,
357 WinAccountCertAdminsSid
= 46,
358 WinAccountSchemaAdminsSid
= 47,
359 WinAccountEnterpriseAdminsSid
= 48,
360 WinAccountPolicyAdminsSid
= 49,
361 WinAccountRasAndIasServersSid
= 50,
362 WinNTLMAuthenticationSid
= 51,
363 WinDigestAuthenticationSid
= 52,
364 WinSChannelAuthenticationSid
= 53,
365 WinThisOrganizationSid
= 54,
366 WinOtherOrganizationSid
= 55,
367 WinBuiltinIncomingForestTrustBuildersSid
= 56,
368 WinBuiltinPerfMonitoringUsersSid
= 57,
369 WinBuiltinPerfLoggingUsersSid
= 58,
370 WinBuiltinAuthorizationAccessSid
= 59,
371 WinBuiltinTerminalServerLicenseServersSid
= 60,
372 WinBuiltinDCOMUsersSid
= 61,
373 WinBuiltinIUsersSid
= 62,
375 WinBuiltinCryptoOperatorsSid
= 64,
376 WinUntrustedLabelSid
= 65,
378 WinMediumLabelSid
= 67,
379 WinHighLabelSid
= 68,
380 WinSystemLabelSid
= 69,
381 WinWriteRestrictedCodeSid
= 70,
382 WinCreatorOwnerRightsSid
= 71,
383 WinCacheablePrincipalsGroupSid
= 72,
384 WinNonCacheablePrincipalsGroupSid
= 73,
385 WinEnterpriseReadonlyControllersSid
= 74,
386 WinAccountReadonlyControllersSid
= 75,
387 WinBuiltinEventLogReadersGroup
= 76,
388 WinNewEnterpriseReadonlyControllersSid
= 77,
389 WinBuiltinCertSvcDComAccessGroup
= 78,
390 WinMediumPlusLabelSid
= 79,
391 WinLocalLogonSid
= 80,
392 WinConsoleLogonSid
= 81,
393 WinThisOrganizationCertificateSid
= 82,
394 } WELL_KNOWN_SID_TYPE
;
397 #ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
398 #define SID_IDENTIFIER_AUTHORITY_DEFINED
399 typedef struct _SID_IDENTIFIER_AUTHORITY
{
401 } SID_IDENTIFIER_AUTHORITY
,*PSID_IDENTIFIER_AUTHORITY
,*LPSID_IDENTIFIER_AUTHORITY
;
406 typedef struct _SID
{
408 UCHAR SubAuthorityCount
;
409 SID_IDENTIFIER_AUTHORITY IdentifierAuthority
;
410 ULONG SubAuthority
[ANYSIZE_ARRAY
];
414 #define SID_REVISION 1
415 #define SID_MAX_SUB_AUTHORITIES 15
416 #define SID_RECOMMENDED_SUB_AUTHORITIES 1
418 typedef enum _SID_NAME_USE
{
423 SidTypeWellKnownGroup
,
424 SidTypeDeletedAccount
,
429 } SID_NAME_USE
, *PSID_NAME_USE
;
431 typedef struct _SID_AND_ATTRIBUTES
{
434 } SID_AND_ATTRIBUTES
, *PSID_AND_ATTRIBUTES
;
435 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY
[ANYSIZE_ARRAY
];
436 typedef SID_AND_ATTRIBUTES_ARRAY
*PSID_AND_ATTRIBUTES_ARRAY
;
438 #define SID_HASH_SIZE 32
439 typedef ULONG_PTR SID_HASH_ENTRY
, *PSID_HASH_ENTRY
;
441 typedef struct _SID_AND_ATTRIBUTES_HASH
{
443 PSID_AND_ATTRIBUTES SidAttr
;
444 SID_HASH_ENTRY Hash
[SID_HASH_SIZE
];
445 } SID_AND_ATTRIBUTES_HASH
, *PSID_AND_ATTRIBUTES_HASH
;
447 /* Universal well-known SIDs */
449 #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
450 #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
451 #define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2}
452 #define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3}
453 #define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4}
454 #define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
456 #define SECURITY_NULL_RID (0x00000000L)
457 #define SECURITY_WORLD_RID (0x00000000L)
458 #define SECURITY_LOCAL_RID (0x00000000L)
459 #define SECURITY_LOCAL_LOGON_RID (0x00000001L)
461 #define SECURITY_CREATOR_OWNER_RID (0x00000000L)
462 #define SECURITY_CREATOR_GROUP_RID (0x00000001L)
463 #define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
464 #define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
465 #define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
467 /* NT well-known SIDs */
469 #define SECURITY_NT_AUTHORITY {0,0,0,0,0,5}
471 #define SECURITY_DIALUP_RID (0x00000001L)
472 #define SECURITY_NETWORK_RID (0x00000002L)
473 #define SECURITY_BATCH_RID (0x00000003L)
474 #define SECURITY_INTERACTIVE_RID (0x00000004L)
475 #define SECURITY_LOGON_IDS_RID (0x00000005L)
476 #define SECURITY_LOGON_IDS_RID_COUNT (3L)
477 #define SECURITY_SERVICE_RID (0x00000006L)
478 #define SECURITY_ANONYMOUS_LOGON_RID (0x00000007L)
479 #define SECURITY_PROXY_RID (0x00000008L)
480 #define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
481 #define SECURITY_SERVER_LOGON_RID SECURITY_ENTERPRISE_CONTROLLERS_RID
482 #define SECURITY_PRINCIPAL_SELF_RID (0x0000000AL)
483 #define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
484 #define SECURITY_RESTRICTED_CODE_RID (0x0000000CL)
485 #define SECURITY_TERMINAL_SERVER_RID (0x0000000DL)
486 #define SECURITY_REMOTE_LOGON_RID (0x0000000EL)
487 #define SECURITY_THIS_ORGANIZATION_RID (0x0000000FL)
488 #define SECURITY_IUSER_RID (0x00000011L)
489 #define SECURITY_LOCAL_SYSTEM_RID (0x00000012L)
490 #define SECURITY_LOCAL_SERVICE_RID (0x00000013L)
491 #define SECURITY_NETWORK_SERVICE_RID (0x00000014L)
492 #define SECURITY_NT_NON_UNIQUE (0x00000015L)
493 #define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT (3L)
494 #define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
496 #define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L)
497 #define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
500 #define SECURITY_PACKAGE_BASE_RID (0x00000040L)
501 #define SECURITY_PACKAGE_RID_COUNT (2L)
502 #define SECURITY_PACKAGE_NTLM_RID (0x0000000AL)
503 #define SECURITY_PACKAGE_SCHANNEL_RID (0x0000000EL)
504 #define SECURITY_PACKAGE_DIGEST_RID (0x00000015L)
506 #define SECURITY_CRED_TYPE_BASE_RID (0x00000041L)
507 #define SECURITY_CRED_TYPE_RID_COUNT (2L)
508 #define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID (0x00000001L)
510 #define SECURITY_MIN_BASE_RID (0x00000050L)
511 #define SECURITY_SERVICE_ID_BASE_RID (0x00000050L)
512 #define SECURITY_SERVICE_ID_RID_COUNT (6L)
513 #define SECURITY_RESERVED_ID_BASE_RID (0x00000051L)
514 #define SECURITY_APPPOOL_ID_BASE_RID (0x00000052L)
515 #define SECURITY_APPPOOL_ID_RID_COUNT (6L)
516 #define SECURITY_VIRTUALSERVER_ID_BASE_RID (0x00000053L)
517 #define SECURITY_VIRTUALSERVER_ID_RID_COUNT (6L)
518 #define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID (0x00000054L)
519 #define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
520 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID (0x00000055L)
521 #define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
522 #define SECURITY_WMIHOST_ID_BASE_RID (0x00000056L)
523 #define SECURITY_WMIHOST_ID_RID_COUNT (6L)
524 #define SECURITY_TASK_ID_BASE_RID (0x00000057L)
525 #define SECURITY_NFS_ID_BASE_RID (0x00000058L)
526 #define SECURITY_COM_ID_BASE_RID (0x00000059L)
527 #define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT (6L)
529 #define SECURITY_MAX_BASE_RID (0x0000006FL)
531 #define SECURITY_MAX_ALWAYS_FILTERED (0x000003E7L)
532 #define SECURITY_MIN_NEVER_FILTERED (0x000003E8L)
534 #define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
536 #define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
538 /* Well-known domain relative sub-authority values (RIDs) */
540 #define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
542 #define FOREST_USER_RID_MAX (0x000001F3L)
544 /* Well-known users */
546 #define DOMAIN_USER_RID_ADMIN (0x000001F4L)
547 #define DOMAIN_USER_RID_GUEST (0x000001F5L)
548 #define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
550 #define DOMAIN_USER_RID_MAX (0x000003E7L)
552 /* Well-known groups */
554 #define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
555 #define DOMAIN_GROUP_RID_USERS (0x00000201L)
556 #define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
557 #define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
558 #define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
559 #define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
560 #define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
561 #define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
562 #define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
563 #define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
565 /* Well-known aliases */
567 #define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
568 #define DOMAIN_ALIAS_RID_USERS (0x00000221L)
569 #define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
570 #define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
572 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
573 #define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
574 #define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
575 #define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
577 #define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
578 #define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L)
579 #define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL)
580 #define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL)
581 #define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL)
582 #define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
584 #define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL)
585 #define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL)
586 #define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L)
587 #define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L)
588 #define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L)
589 #define DOMAIN_ALIAS_RID_IUSERS (0x00000238L)
590 #define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L)
591 #define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL)
592 #define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
593 #define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL)
594 #define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL)
596 #define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
597 #define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L)
598 #define SECURITY_MANDATORY_LOW_RID (0x00001000L)
599 #define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L)
600 #define SECURITY_MANDATORY_HIGH_RID (0x00003000L)
601 #define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L)
602 #define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L)
604 /* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
605 can be set by a usermode caller.*/
607 #define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID
609 #define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
611 /* Allocate the System Luid. The first 1000 LUIDs are reserved.
612 Use #999 here (0x3e7 = 999) */
614 #define SYSTEM_LUID { 0x3e7, 0x0 }
615 #define ANONYMOUS_LOGON_LUID { 0x3e6, 0x0 }
616 #define LOCALSERVICE_LUID { 0x3e5, 0x0 }
617 #define NETWORKSERVICE_LUID { 0x3e4, 0x0 }
618 #define IUSER_LUID { 0x3e3, 0x0 }
620 typedef struct _ACE_HEADER
{
624 } ACE_HEADER
, *PACE_HEADER
;
626 /* also in winnt.h */
627 #define ACCESS_MIN_MS_ACE_TYPE (0x0)
628 #define ACCESS_ALLOWED_ACE_TYPE (0x0)
629 #define ACCESS_DENIED_ACE_TYPE (0x1)
630 #define SYSTEM_AUDIT_ACE_TYPE (0x2)
631 #define SYSTEM_ALARM_ACE_TYPE (0x3)
632 #define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
633 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
634 #define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
635 #define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
636 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
637 #define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
638 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
639 #define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
640 #define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
641 #define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
642 #define ACCESS_MAX_MS_ACE_TYPE (0x8)
643 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
644 #define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
645 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
646 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
647 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
648 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
649 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
650 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
651 #define ACCESS_MAX_MS_V5_ACE_TYPE (0x11)
652 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11)
654 /* The following are the inherit flags that go into the AceFlags field
657 #define OBJECT_INHERIT_ACE (0x1)
658 #define CONTAINER_INHERIT_ACE (0x2)
659 #define NO_PROPAGATE_INHERIT_ACE (0x4)
660 #define INHERIT_ONLY_ACE (0x8)
661 #define INHERITED_ACE (0x10)
662 #define VALID_INHERIT_FLAGS (0x1F)
664 #define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
665 #define FAILED_ACCESS_ACE_FLAG (0x80)
667 typedef struct _ACCESS_ALLOWED_ACE
{
671 } ACCESS_ALLOWED_ACE
, *PACCESS_ALLOWED_ACE
;
673 typedef struct _ACCESS_DENIED_ACE
{
677 } ACCESS_DENIED_ACE
, *PACCESS_DENIED_ACE
;
679 typedef struct _SYSTEM_AUDIT_ACE
{
683 } SYSTEM_AUDIT_ACE
, *PSYSTEM_AUDIT_ACE
;
685 typedef struct _SYSTEM_ALARM_ACE
{
689 } SYSTEM_ALARM_ACE
, *PSYSTEM_ALARM_ACE
;
691 typedef struct _SYSTEM_MANDATORY_LABEL_ACE
{
695 } SYSTEM_MANDATORY_LABEL_ACE
, *PSYSTEM_MANDATORY_LABEL_ACE
;
697 #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1
698 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2
699 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4
700 #define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \
701 SYSTEM_MANDATORY_LABEL_NO_READ_UP | \
702 SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
704 #define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR))
706 typedef USHORT SECURITY_DESCRIPTOR_CONTROL
,*PSECURITY_DESCRIPTOR_CONTROL
;
708 #define SE_OWNER_DEFAULTED 0x0001
709 #define SE_GROUP_DEFAULTED 0x0002
710 #define SE_DACL_PRESENT 0x0004
711 #define SE_DACL_DEFAULTED 0x0008
712 #define SE_SACL_PRESENT 0x0010
713 #define SE_SACL_DEFAULTED 0x0020
714 #define SE_DACL_UNTRUSTED 0x0040
715 #define SE_SERVER_SECURITY 0x0080
716 #define SE_DACL_AUTO_INHERIT_REQ 0x0100
717 #define SE_SACL_AUTO_INHERIT_REQ 0x0200
718 #define SE_DACL_AUTO_INHERITED 0x0400
719 #define SE_SACL_AUTO_INHERITED 0x0800
720 #define SE_DACL_PROTECTED 0x1000
721 #define SE_SACL_PROTECTED 0x2000
722 #define SE_RM_CONTROL_VALID 0x4000
723 #define SE_SELF_RELATIVE 0x8000
725 typedef struct _SECURITY_DESCRIPTOR_RELATIVE
{
728 SECURITY_DESCRIPTOR_CONTROL Control
;
733 } SECURITY_DESCRIPTOR_RELATIVE
, *PISECURITY_DESCRIPTOR_RELATIVE
;
735 typedef struct _SECURITY_DESCRIPTOR
{
738 SECURITY_DESCRIPTOR_CONTROL Control
;
743 } SECURITY_DESCRIPTOR
, *PISECURITY_DESCRIPTOR
;
745 typedef struct _OBJECT_TYPE_LIST
{
749 } OBJECT_TYPE_LIST
, *POBJECT_TYPE_LIST
;
751 #define ACCESS_OBJECT_GUID 0
752 #define ACCESS_PROPERTY_SET_GUID 1
753 #define ACCESS_PROPERTY_GUID 2
754 #define ACCESS_MAX_LEVEL 4
756 typedef enum _AUDIT_EVENT_TYPE
{
757 AuditEventObjectAccess
,
758 AuditEventDirectoryServiceAccess
759 } AUDIT_EVENT_TYPE
, *PAUDIT_EVENT_TYPE
;
761 #define AUDIT_ALLOW_NO_PRIVILEGE 0x1
763 #define ACCESS_DS_SOURCE_A "DS"
764 #define ACCESS_DS_SOURCE_W L"DS"
765 #define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
766 #define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
768 #define ACCESS_REASON_TYPE_MASK 0xffff0000
769 #define ACCESS_REASON_DATA_MASK 0x0000ffff
771 typedef enum _ACCESS_REASON_TYPE
{
772 AccessReasonNone
= 0x00000000,
773 AccessReasonAllowedAce
= 0x00010000,
774 AccessReasonDeniedAce
= 0x00020000,
775 AccessReasonAllowedParentAce
= 0x00030000,
776 AccessReasonDeniedParentAce
= 0x00040000,
777 AccessReasonMissingPrivilege
= 0x00100000,
778 AccessReasonFromPrivilege
= 0x00200000,
779 AccessReasonIntegrityLevel
= 0x00300000,
780 AccessReasonOwnership
= 0x00400000,
781 AccessReasonNullDacl
= 0x00500000,
782 AccessReasonEmptyDacl
= 0x00600000,
783 AccessReasonNoSD
= 0x00700000,
784 AccessReasonNoGrant
= 0x00800000
785 } ACCESS_REASON_TYPE
;
787 typedef ULONG ACCESS_REASON
;
789 typedef struct _ACCESS_REASONS
{
790 ACCESS_REASON Data
[32];
791 } ACCESS_REASONS
, *PACCESS_REASONS
;
793 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
794 #define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
795 #define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
797 typedef struct _SE_SECURITY_DESCRIPTOR
{
800 PSECURITY_DESCRIPTOR SecurityDescriptor
;
801 } SE_SECURITY_DESCRIPTOR
, *PSE_SECURITY_DESCRIPTOR
;
803 typedef struct _SE_ACCESS_REQUEST
{
805 PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor
;
806 ACCESS_MASK DesiredAccess
;
807 ACCESS_MASK PreviouslyGrantedAccess
;
808 PSID PrincipalSelfSid
;
809 PGENERIC_MAPPING GenericMapping
;
810 ULONG ObjectTypeListCount
;
811 POBJECT_TYPE_LIST ObjectTypeList
;
812 } SE_ACCESS_REQUEST
, *PSE_ACCESS_REQUEST
;
814 typedef struct _SE_ACCESS_REPLY
{
816 ULONG ResultListCount
;
817 PACCESS_MASK GrantedAccess
;
818 PNTSTATUS AccessStatus
;
819 PACCESS_REASONS AccessReason
;
820 PPRIVILEGE_SET
* Privileges
;
821 } SE_ACCESS_REPLY
, *PSE_ACCESS_REPLY
;
823 typedef enum _SE_AUDIT_OPERATION
{
824 AuditPrivilegeObject
,
825 AuditPrivilegeService
,
828 AuditOpenObjectWithTransaction
,
831 AuditOpenObjectForDelete
,
832 AuditOpenObjectForDeleteWithTransaction
,
835 AuditObjectReference
,
837 } SE_AUDIT_OPERATION
, *PSE_AUDIT_OPERATION
;
839 typedef struct _SE_AUDIT_INFO
{
841 AUDIT_EVENT_TYPE AuditType
;
842 SE_AUDIT_OPERATION AuditOperation
;
844 UNICODE_STRING SubsystemName
;
845 UNICODE_STRING ObjectTypeName
;
846 UNICODE_STRING ObjectName
;
850 BOOLEAN ObjectCreation
;
851 BOOLEAN GenerateOnClose
;
852 } SE_AUDIT_INFO
, *PSE_AUDIT_INFO
;
854 #define TOKEN_ASSIGN_PRIMARY (0x0001)
855 #define TOKEN_DUPLICATE (0x0002)
856 #define TOKEN_IMPERSONATE (0x0004)
857 #define TOKEN_QUERY (0x0008)
858 #define TOKEN_QUERY_SOURCE (0x0010)
859 #define TOKEN_ADJUST_PRIVILEGES (0x0020)
860 #define TOKEN_ADJUST_GROUPS (0x0040)
861 #define TOKEN_ADJUST_DEFAULT (0x0080)
862 #define TOKEN_ADJUST_SESSIONID (0x0100)
864 #define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
865 TOKEN_ASSIGN_PRIMARY |\
869 TOKEN_QUERY_SOURCE |\
870 TOKEN_ADJUST_PRIVILEGES |\
871 TOKEN_ADJUST_GROUPS |\
872 TOKEN_ADJUST_DEFAULT )
874 #if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
875 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P |\
876 TOKEN_ADJUST_SESSIONID )
878 #define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
881 #define TOKEN_READ (STANDARD_RIGHTS_READ |\
884 #define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
885 TOKEN_ADJUST_PRIVILEGES |\
886 TOKEN_ADJUST_GROUPS |\
887 TOKEN_ADJUST_DEFAULT)
889 #define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
891 typedef enum _TOKEN_TYPE
{
894 } TOKEN_TYPE
,*PTOKEN_TYPE
;
896 typedef enum _TOKEN_INFORMATION_CLASS
{
905 TokenImpersonationLevel
,
909 TokenGroupsAndPrivileges
,
910 TokenSessionReference
,
917 TokenHasRestrictions
,
918 TokenAccessInformation
,
919 TokenVirtualizationAllowed
,
920 TokenVirtualizationEnabled
,
923 TokenMandatoryPolicy
,
926 } TOKEN_INFORMATION_CLASS
, *PTOKEN_INFORMATION_CLASS
;
928 typedef struct _TOKEN_USER
{
929 SID_AND_ATTRIBUTES User
;
930 } TOKEN_USER
, *PTOKEN_USER
;
932 typedef struct _TOKEN_GROUPS
{
934 SID_AND_ATTRIBUTES Groups
[ANYSIZE_ARRAY
];
935 } TOKEN_GROUPS
,*PTOKEN_GROUPS
,*LPTOKEN_GROUPS
;
937 typedef struct _TOKEN_PRIVILEGES
{
938 ULONG PrivilegeCount
;
939 LUID_AND_ATTRIBUTES Privileges
[ANYSIZE_ARRAY
];
940 } TOKEN_PRIVILEGES
,*PTOKEN_PRIVILEGES
,*LPTOKEN_PRIVILEGES
;
942 typedef struct _TOKEN_OWNER
{
944 } TOKEN_OWNER
,*PTOKEN_OWNER
;
946 typedef struct _TOKEN_PRIMARY_GROUP
{
948 } TOKEN_PRIMARY_GROUP
,*PTOKEN_PRIMARY_GROUP
;
950 typedef struct _TOKEN_DEFAULT_DACL
{
952 } TOKEN_DEFAULT_DACL
,*PTOKEN_DEFAULT_DACL
;
954 typedef struct _TOKEN_GROUPS_AND_PRIVILEGES
{
957 PSID_AND_ATTRIBUTES Sids
;
958 ULONG RestrictedSidCount
;
959 ULONG RestrictedSidLength
;
960 PSID_AND_ATTRIBUTES RestrictedSids
;
961 ULONG PrivilegeCount
;
962 ULONG PrivilegeLength
;
963 PLUID_AND_ATTRIBUTES Privileges
;
964 LUID AuthenticationId
;
965 } TOKEN_GROUPS_AND_PRIVILEGES
, *PTOKEN_GROUPS_AND_PRIVILEGES
;
967 typedef struct _TOKEN_LINKED_TOKEN
{
969 } TOKEN_LINKED_TOKEN
, *PTOKEN_LINKED_TOKEN
;
971 typedef struct _TOKEN_ELEVATION
{
972 ULONG TokenIsElevated
;
973 } TOKEN_ELEVATION
, *PTOKEN_ELEVATION
;
975 typedef struct _TOKEN_MANDATORY_LABEL
{
976 SID_AND_ATTRIBUTES Label
;
977 } TOKEN_MANDATORY_LABEL
, *PTOKEN_MANDATORY_LABEL
;
979 #define TOKEN_MANDATORY_POLICY_OFF 0x0
980 #define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
981 #define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
983 #define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
984 TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
986 typedef struct _TOKEN_MANDATORY_POLICY
{
988 } TOKEN_MANDATORY_POLICY
, *PTOKEN_MANDATORY_POLICY
;
990 typedef struct _TOKEN_ACCESS_INFORMATION
{
991 PSID_AND_ATTRIBUTES_HASH SidHash
;
992 PSID_AND_ATTRIBUTES_HASH RestrictedSidHash
;
993 PTOKEN_PRIVILEGES Privileges
;
994 LUID AuthenticationId
;
995 TOKEN_TYPE TokenType
;
996 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
997 TOKEN_MANDATORY_POLICY MandatoryPolicy
;
999 } TOKEN_ACCESS_INFORMATION
, *PTOKEN_ACCESS_INFORMATION
;
1001 #define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
1003 typedef struct _TOKEN_AUDIT_POLICY
{
1004 UCHAR PerUserPolicy
[((POLICY_AUDIT_SUBCATEGORY_COUNT
) >> 1) + 1];
1005 } TOKEN_AUDIT_POLICY
, *PTOKEN_AUDIT_POLICY
;
1007 #define TOKEN_SOURCE_LENGTH 8
1009 typedef struct _TOKEN_SOURCE
{
1010 CHAR SourceName
[TOKEN_SOURCE_LENGTH
];
1011 LUID SourceIdentifier
;
1012 } TOKEN_SOURCE
,*PTOKEN_SOURCE
;
1014 typedef struct _TOKEN_STATISTICS
{
1016 LUID AuthenticationId
;
1017 LARGE_INTEGER ExpirationTime
;
1018 TOKEN_TYPE TokenType
;
1019 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
;
1020 ULONG DynamicCharged
;
1021 ULONG DynamicAvailable
;
1023 ULONG PrivilegeCount
;
1025 } TOKEN_STATISTICS
, *PTOKEN_STATISTICS
;
1027 typedef struct _TOKEN_CONTROL
{
1029 LUID AuthenticationId
;
1031 TOKEN_SOURCE TokenSource
;
1032 } TOKEN_CONTROL
,*PTOKEN_CONTROL
;
1034 typedef struct _TOKEN_ORIGIN
{
1035 LUID OriginatingLogonSession
;
1036 } TOKEN_ORIGIN
, *PTOKEN_ORIGIN
;
1038 typedef enum _MANDATORY_LEVEL
{
1039 MandatoryLevelUntrusted
= 0,
1041 MandatoryLevelMedium
,
1043 MandatoryLevelSystem
,
1044 MandatoryLevelSecureProcess
,
1046 } MANDATORY_LEVEL
, *PMANDATORY_LEVEL
;
1048 #define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x0001
1049 #define TOKEN_HAS_BACKUP_PRIVILEGE 0x0002
1050 #define TOKEN_HAS_RESTORE_PRIVILEGE 0x0004
1051 #define TOKEN_WRITE_RESTRICTED 0x0008
1052 #define TOKEN_IS_RESTRICTED 0x0010
1053 #define TOKEN_SESSION_NOT_REFERENCED 0x0020
1054 #define TOKEN_SANDBOX_INERT 0x0040
1055 #define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
1056 #define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
1057 #define TOKEN_VIRTUALIZE_ALLOWED 0x0200
1058 #define TOKEN_VIRTUALIZE_ENABLED 0x0400
1059 #define TOKEN_IS_FILTERED 0x0800
1060 #define TOKEN_UIACCESS 0x1000
1061 #define TOKEN_NOT_LOW 0x2000
1063 typedef struct _SE_EXPORTS
{
1064 LUID SeCreateTokenPrivilege
;
1065 LUID SeAssignPrimaryTokenPrivilege
;
1066 LUID SeLockMemoryPrivilege
;
1067 LUID SeIncreaseQuotaPrivilege
;
1068 LUID SeUnsolicitedInputPrivilege
;
1069 LUID SeTcbPrivilege
;
1070 LUID SeSecurityPrivilege
;
1071 LUID SeTakeOwnershipPrivilege
;
1072 LUID SeLoadDriverPrivilege
;
1073 LUID SeCreatePagefilePrivilege
;
1074 LUID SeIncreaseBasePriorityPrivilege
;
1075 LUID SeSystemProfilePrivilege
;
1076 LUID SeSystemtimePrivilege
;
1077 LUID SeProfileSingleProcessPrivilege
;
1078 LUID SeCreatePermanentPrivilege
;
1079 LUID SeBackupPrivilege
;
1080 LUID SeRestorePrivilege
;
1081 LUID SeShutdownPrivilege
;
1082 LUID SeDebugPrivilege
;
1083 LUID SeAuditPrivilege
;
1084 LUID SeSystemEnvironmentPrivilege
;
1085 LUID SeChangeNotifyPrivilege
;
1086 LUID SeRemoteShutdownPrivilege
;
1090 PSID SeCreatorOwnerSid
;
1091 PSID SeCreatorGroupSid
;
1092 PSID SeNtAuthoritySid
;
1096 PSID SeInteractiveSid
;
1097 PSID SeLocalSystemSid
;
1098 PSID SeAliasAdminsSid
;
1099 PSID SeAliasUsersSid
;
1100 PSID SeAliasGuestsSid
;
1101 PSID SeAliasPowerUsersSid
;
1102 PSID SeAliasAccountOpsSid
;
1103 PSID SeAliasSystemOpsSid
;
1104 PSID SeAliasPrintOpsSid
;
1105 PSID SeAliasBackupOpsSid
;
1106 PSID SeAuthenticatedUsersSid
;
1107 PSID SeRestrictedSid
;
1108 PSID SeAnonymousLogonSid
;
1109 LUID SeUndockPrivilege
;
1110 LUID SeSyncAgentPrivilege
;
1111 LUID SeEnableDelegationPrivilege
;
1112 PSID SeLocalServiceSid
;
1113 PSID SeNetworkServiceSid
;
1114 LUID SeManageVolumePrivilege
;
1115 LUID SeImpersonatePrivilege
;
1116 LUID SeCreateGlobalPrivilege
;
1117 LUID SeTrustedCredManAccessPrivilege
;
1118 LUID SeRelabelPrivilege
;
1119 LUID SeIncreaseWorkingSetPrivilege
;
1120 LUID SeTimeZonePrivilege
;
1121 LUID SeCreateSymbolicLinkPrivilege
;
1123 PSID SeUntrustedMandatorySid
;
1124 PSID SeLowMandatorySid
;
1125 PSID SeMediumMandatorySid
;
1126 PSID SeHighMandatorySid
;
1127 PSID SeSystemMandatorySid
;
1128 PSID SeOwnerRightsSid
;
1129 } SE_EXPORTS
, *PSE_EXPORTS
;
1132 (NTAPI
*PSE_LOGON_SESSION_TERMINATED_ROUTINE
)(