9 #define ALIAS_ADD_MEMBER 0x00000001
10 #define ALIAS_REMOVE_MEMBER 0x00000002
11 #define ALIAS_LIST_MEMBERS 0x00000004
12 #define ALIAS_READ_INFORMATION 0x00000008
13 #define ALIAS_WRITE_ACCOUNT 0x00000010
15 #define ALIAS_READ (STANDARD_RIGHTS_READ |\
18 #define ALIAS_WRITE (STANDARD_RIGHTS_WRITE |\
20 ALIAS_REMOVE_MEMBER |\
23 #define ALIAS_EXECUTE (STANDARD_RIGHTS_EXECUTE |\
24 ALIAS_READ_INFORMATION)
26 #define ALIAS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED |\
28 ALIAS_REMOVE_MEMBER |\
30 ALIAS_READ_INFORMATION |\
33 #define DOMAIN_READ_PASSWORD_PARAMETERS 0x00000001
34 #define DOMAIN_WRITE_PASSWORD_PARAMS 0x00000002
35 #define DOMAIN_READ_OTHER_PARAMETERS 0x00000004
36 #define DOMAIN_WRITE_OTHER_PARAMETERS 0x00000008
37 #define DOMAIN_CREATE_USER 0x00000010
38 #define DOMAIN_CREATE_GROUP 0x00000020
39 #define DOMAIN_CREATE_ALIAS 0x00000040
40 #define DOMAIN_GET_ALIAS_MEMBERSHIP 0x00000080
41 #define DOMAIN_LIST_ACCOUNTS 0x00000100
42 #define DOMAIN_LOOKUP 0x00000200
43 #define DOMAIN_ADMINISTER_SERVER 0x00000400
45 #define DOMAIN_READ (STANDARD_RIGHTS_READ |\
46 DOMAIN_READ_OTHER_PARAMETERS |\
47 DOMAIN_GET_ALIAS_MEMBERSHIP)
49 #define DOMAIN_WRITE (STANDARD_RIGHTS_WRITE |\
50 DOMAIN_WRITE_PASSWORD_PARAMS |\
51 DOMAIN_WRITE_OTHER_PARAMETERS |\
53 DOMAIN_CREATE_GROUP |\
54 DOMAIN_CREATE_ALIAS |\
55 DOMAIN_ADMINISTER_SERVER)
57 #define DOMAIN_EXECUTE (STANDARD_RIGHTS_EXECUTE |\
58 DOMAIN_READ_PASSWORD_PARAMETERS |\
59 DOMAIN_LIST_ACCOUNTS |\
62 #define DOMAIN_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED |\
63 DOMAIN_READ_PASSWORD_PARAMETERS |\
64 DOMAIN_WRITE_PASSWORD_PARAMS |\
65 DOMAIN_READ_OTHER_PARAMETERS |\
66 DOMAIN_WRITE_OTHER_PARAMETERS |\
68 DOMAIN_CREATE_GROUP |\
69 DOMAIN_CREATE_ALIAS |\
70 DOMAIN_GET_ALIAS_MEMBERSHIP |\
71 DOMAIN_LIST_ACCOUNTS |\
73 DOMAIN_ADMINISTER_SERVER)
75 #define GROUP_READ_INFORMATION 0x00000001
76 #define GROUP_WRITE_ACCOUNT 0x00000002
77 #define GROUP_ADD_MEMBER 0x00000004
78 #define GROUP_REMOVE_MEMBER 0x00000008
79 #define GROUP_LIST_MEMBERS 0x00000010
81 #define GROUP_READ (STANDARD_RIGHTS_READ |\
84 #define GROUP_WRITE (STANDARD_RIGHTS_WRITE |\
85 GROUP_WRITE_ACCOUNT |\
89 #define GROUP_EXECUTE (STANDARD_RIGHTS_EXECUTE |\
90 GROUP_READ_INFORMATION)
92 #define GROUP_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED |\
93 GROUP_READ_INFORMATION |\
94 GROUP_WRITE_ACCOUNT |\
96 GROUP_REMOVE_MEMBER |\
99 #define SAM_SERVER_CONNECT 0x00000001
100 #define SAM_SERVER_SHUTDOWN 0x00000002
101 #define SAM_SERVER_INITIALIZE 0x00000004
102 #define SAM_SERVER_CREATE_DOMAIN 0x00000008
103 #define SAM_SERVER_ENUMERATE_DOMAINS 0x00000010
104 #define SAM_SERVER_LOOKUP_DOMAIN 0x00000020
106 #define SAM_SERVER_READ (STANDARD_RIGHTS_READ |\
107 SAM_SERVER_ENUMERATE_DOMAINS)
109 #define SAM_SERVER_WRITE (STANDARD_RIGHTS_WRITE |\
110 SAM_SERVER_SHUTDOWN |\
111 SAM_SERVER_INITIALIZE |\
112 SAM_SERVER_CREATE_DOMAIN)
114 #define SAM_SERVER_EXECUTE (STANDARD_RIGHTS_EXECUTE |\
115 SAM_SERVER_CONNECT |\
116 SAM_SERVER_LOOKUP_DOMAIN)
118 #define SAM_SERVER_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED |\
119 SAM_SERVER_CONNECT |\
120 SAM_SERVER_SHUTDOWN |\
121 SAM_SERVER_INITIALIZE |\
122 SAM_SERVER_CREATE_DOMAIN |\
123 SAM_SERVER_ENUMERATE_DOMAINS |\
124 SAM_SERVER_LOOKUP_DOMAIN)
126 #define USER_READ_GENERAL 0x00000001
127 #define USER_READ_PREFERENCES 0x00000002
128 #define USER_WRITE_PREFERENCES 0x00000004
129 #define USER_READ_LOGON 0x00000008
130 #define USER_READ_ACCOUNT 0x00000010
131 #define USER_WRITE_ACCOUNT 0x00000020
132 #define USER_CHANGE_PASSWORD 0x00000040
133 #define USER_FORCE_PASSWORD_CHANGE 0x00000080
134 #define USER_LIST_GROUPS 0x00000100
135 #define USER_READ_GROUP_INFORMATION 0x00000200
136 #define USER_WRITE_GROUP_INFORMATION 0x00000400
138 #define USER_READ (STANDARD_RIGHTS_READ |\
139 USER_READ_PREFERENCES |\
143 USER_READ_GROUP_INFORMATION)
145 #define USER_WRITE (STANDARD_RIGHTS_WRITE |\
146 USER_WRITE_PREFERENCES |\
147 USER_CHANGE_PASSWORD)
149 #define USER_EXECUTE (STANDARD_RIGHTS_EXECUTE |\
151 USER_CHANGE_PASSWORD)
153 #define USER_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED |\
155 USER_READ_PREFERENCES |\
156 USER_WRITE_PREFERENCES |\
159 USER_WRITE_ACCOUNT |\
160 USER_CHANGE_PASSWORD |\
161 USER_FORCE_PASSWORD_CHANGE |\
163 USER_READ_GROUP_INFORMATION |\
164 USER_WRITE_GROUP_INFORMATION)
166 typedef PVOID SAM_HANDLE
, *PSAM_HANDLE
;
167 typedef ULONG SAM_ENUMERATE_HANDLE
, *PSAM_ENUMERATE_HANDLE
;
169 typedef struct _SAM_RID_ENUMERATION
173 } SAM_RID_ENUMERATION
, *PSAM_RID_ENUMERATION
;
175 typedef struct _SAM_SID_ENUMERATION
179 } SAM_SID_ENUMERATION
, *PSAM_SID_ENUMERATION
;
181 typedef enum _ALIAS_INFORMATION_CLASS
183 AliasGeneralInformation
= 1,
184 AliasNameInformation
,
185 AliasAdminCommentInformation
186 } ALIAS_INFORMATION_CLASS
, *PALIAS_INFORMATION_CLASS
;
188 typedef struct _ALIAS_GENERAL_INFORMATION
192 UNICODE_STRING AdminComment
;
193 } ALIAS_GENERAL_INFORMATION
, *PALIAS_GENERAL_INFORMATION
;
195 typedef struct _ALIAS_NAME_INFORMATION
198 } ALIAS_NAME_INFORMATION
, *PALIAS_NAME_INFORMATION
;
200 typedef struct _ALIAS_ADM_COMMENT_INFORMATION
202 UNICODE_STRING AdminComment
;
203 } ALIAS_ADM_COMMENT_INFORMATION
, *PALIAS_ADM_COMMENT_INFORMATION
;
206 typedef enum _DOMAIN_INFORMATION_CLASS
208 DomainPasswordInformation
= 1,
209 DomainGeneralInformation
,
210 DomainLogoffInformation
,
211 DomainOemInformation
,
212 DomainNameInformation
,
213 DomainReplicationInformation
,
214 DomainServerRoleInformation
,
215 DomainModifiedInformation
,
216 DomainStateInformation
,
217 DomainUasInformation
,
218 DomainGeneralInformation2
,
219 DomainLockoutInformation
,
220 DomainModifiedInformation2
221 } DOMAIN_INFORMATION_CLASS
;
223 typedef enum _DOMAIN_SERVER_ENABLE_STATE
225 DomainServerEnabled
= 1,
227 } DOMAIN_SERVER_ENABLE_STATE
, *PDOMAIN_SERVER_ENABLE_STATE
;
229 typedef enum _DOMAIN_SERVER_ROLE
231 DomainServerRoleBackup
= 2,
232 DomainServerRolePrimary
233 } DOMAIN_SERVER_ROLE
, *PDOMAIN_SERVER_ROLE
;
235 typedef struct _DOMAIN_NAME_INFORMATION
237 UNICODE_STRING DomainName
;
238 } DOMAIN_NAME_INFORMATION
, *PDOMAIN_NAME_INFORMATION
;
240 typedef enum _GROUP_INFORMATION_CLASS
242 GroupGeneralInformation
= 1,
243 GroupNameInformation
,
244 GroupAttributeInformation
,
245 GroupAdminCommentInformation
,
246 GroupReplicationInformation
247 } GROUP_INFORMATION_CLASS
;
249 typedef enum _USER_INFORMATION_CLASS
251 UserGeneralInformation
= 1,
252 UserPreferencesInformation
,
253 UserLogonInformation
,
254 UserLogonHoursInformation
,
255 UserAccountInformation
,
257 UserAccountNameInformation
,
258 UserFullNameInformation
,
259 UserPrimaryGroupInformation
,
261 UserScriptInformation
,
262 UserProfileInformation
,
263 UserAdminCommentInformation
,
264 UserWorkStationsInformation
,
265 UserSetPasswordInformation
,
266 UserControlInformation
,
267 UserExpiresInformation
,
268 UserInternal1Information
,
269 UserInternal2Information
,
270 UserParametersInformation
,
272 UserInternal3Information
,
273 UserInternal4Information
,
274 UserInternal5Information
,
275 UserInternal4InformationNew
,
276 UserInternal5InformationNew
,
277 UserInternal6Information
,
278 UserExtendedInformation
,
279 UserLogonUIInformation
,
280 } USER_INFORMATION_CLASS
, *PUSER_INFORMATION_CLASS
;
282 typedef struct _USER_SET_PASSWORD_INFORMATION
284 UNICODE_STRING Password
;
285 BOOLEAN PasswordExpired
;
286 } USER_SET_PASSWORD_INFORMATION
, *PUSER_SET_PASSWORD_INFORMATION
;
291 SamAddMemberToAlias(IN SAM_HANDLE AliasHandle
,
296 SamCloseHandle(IN SAM_HANDLE SamHandle
);
300 SamConnect(IN OUT PUNICODE_STRING ServerName
,
301 OUT PSAM_HANDLE ServerHandle
,
302 IN ACCESS_MASK DesiredAccess
,
303 IN POBJECT_ATTRIBUTES ObjectAttributes
);
307 SamCreateAliasInDomain(IN SAM_HANDLE DomainHandle
,
308 IN PUNICODE_STRING AccountName
,
309 IN ACCESS_MASK DesiredAccess
,
310 OUT PSAM_HANDLE AliasHandle
,
311 OUT PULONG RelativeId
);
315 SamCreateGroupInDomain(IN SAM_HANDLE DomainHandle
,
316 IN PUNICODE_STRING AccountName
,
317 IN ACCESS_MASK DesiredAccess
,
318 OUT PSAM_HANDLE GroupHandle
,
319 OUT PULONG RelativeId
);
323 SamCreateUserInDomain(IN SAM_HANDLE DomainHandle
,
324 IN PUNICODE_STRING AccountName
,
325 IN ACCESS_MASK DesiredAccess
,
326 OUT PSAM_HANDLE UserHandle
,
327 OUT PULONG RelativeId
);
331 SamEnumerateAliasesInDomain(IN SAM_HANDLE DomainHandle
,
332 IN OUT PSAM_ENUMERATE_HANDLE EnumerationContext
,
334 IN ULONG PreferedMaximumLength
,
335 OUT PULONG CountReturned
);
339 SamEnumerateDomainsInSamServer(IN SAM_HANDLE ServerHandle
,
340 IN OUT PSAM_ENUMERATE_HANDLE EnumerationContext
,
342 IN ULONG PreferedMaximumLength
,
343 OUT PULONG CountReturned
);
347 SamFreeMemory(IN PVOID Buffer
);
351 SamGetAliasMembership(IN SAM_HANDLE DomainHandle
,
352 IN ULONG PassedCount
,
354 OUT PULONG MembershipCount
,
355 OUT PULONG
*Aliases
);
359 SamGetMembersInAlias(IN SAM_HANDLE AliasHandle
,
360 OUT PSID
**MemberIds
,
361 OUT PULONG MemberCount
);
365 SamLookupDomainInSamServer(IN SAM_HANDLE ServerHandle
,
366 IN PUNICODE_STRING Name
,
371 SamLookupNamesInDomain(IN SAM_HANDLE DomainHandle
,
373 IN PUNICODE_STRING Names
,
374 OUT PULONG
*RelativeIds
,
375 OUT PSID_NAME_USE
*Use
);
379 SamOpenAlias(IN SAM_HANDLE DomainHandle
,
380 IN ACCESS_MASK DesiredAccess
,
382 OUT PSAM_HANDLE AliasHandle
);
386 SamOpenDomain(IN SAM_HANDLE ServerHandle
,
387 IN ACCESS_MASK DesiredAccess
,
389 OUT PSAM_HANDLE DomainHandle
);
393 SamOpenGroup(IN SAM_HANDLE DomainHandle
,
394 IN ACCESS_MASK DesiredAccess
,
396 OUT PSAM_HANDLE GroupHandle
);
400 SamOpenUser(IN SAM_HANDLE DomainHandle
,
401 IN ACCESS_MASK DesiredAccess
,
403 OUT PSAM_HANDLE UserHandle
);
407 SamQueryInformationAlias(IN SAM_HANDLE AliasHandle
,
408 IN ALIAS_INFORMATION_CLASS AliasInformationClass
,
413 SamQueryInformationDomain(IN SAM_HANDLE DomainHandle
,
414 IN DOMAIN_INFORMATION_CLASS DomainInformationClass
,
419 SamQueryInformationUser(IN SAM_HANDLE UserHandle
,
420 IN USER_INFORMATION_CLASS UserInformationClass
,
425 SamRemoveMemberFromAlias(IN SAM_HANDLE AliasHandle
,
430 SamSetInformationAlias(IN SAM_HANDLE AliasHandle
,
431 IN ALIAS_INFORMATION_CLASS AliasInformationClass
,
436 SamSetInformationDomain(IN SAM_HANDLE DomainHandle
,
437 IN DOMAIN_INFORMATION_CLASS DomainInformationClass
,
438 IN PVOID DomainInformation
);
442 SamSetInformationUser(IN SAM_HANDLE UserHandle
,
443 IN USER_INFORMATION_CLASS UserInformationClass
,
448 SamShutdownSamServer(IN SAM_HANDLE ServerHandle
);