4 #pragma GCC system_header
10 #define KERB_WRAP_NO_ENCRYPT 0x80000001
12 #define LOGON_NOENCRYPTION 2
13 #define LOGON_CACHED_ACCOUNT 4
14 #define LOGON_USED_LM_PASSWORD 8
15 #define LOGON_EXTRA_SIDS 32
16 #define LOGON_SUBAUTH_SESSION_KEY 64
17 #define LOGON_SERVER_TRUST_ACCOUNT 128
18 #define LOGON_NTLMV2_ENABLED 256
19 #define LOGON_RESOURCE_GROUPS 512
20 #define LOGON_PROFILE_PATH_RETURNED 1024
21 #define LOGON_GRACE_LOGON 16777216
22 #define LSA_MODE_PASSWORD_PROTECTED 1
23 #define LSA_MODE_INDIVIDUAL_ACCOUNTS 2
24 #define LSA_MODE_MANDATORY_ACCESS 3
25 #define LSA_MODE_LOG_FULL 4
26 #define LSA_SUCCESS(x) ((LONG)(x)>=0)
27 #define MICROSOFT_KERBEROS_NAME_A "Kerberos"
28 #define MICROSOFT_KERBEROS_NAME_W L"Kerberos"
29 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 32
30 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 2048
31 #define MSV1_0_CHALLENGE_LENGTH 8
32 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 2
33 #define MSV1_0_CRED_LM_PRESENT 1
34 #define MSV1_0_CRED_NT_PRESENT 2
35 #define MSV1_0_CRED_VERSION 0
36 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 16
37 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
38 #define MSV1_0_MAX_NTLM3_LIFE 1800
39 #define MSV1_0_MAX_AVL_SIZE 64000
40 #define MSV1_0_MNS_LOGON 16777216
41 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
42 #define MSV1_0_NTLM3_OWF_LENGTH 16
43 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE)-MSV1_0_NTLM3_RESPONSE_LENGTH)
44 #define MSV1_0_OWF_PASSWORD_LENGTH 16
45 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
46 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
47 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW)-sizeof(WCHAR)
48 #define MSV1_0_RETURN_USER_PARAMETERS 8
49 #define MSV1_0_RETURN_PASSWORD_EXPIRY 64
50 #define MSV1_0_RETURN_PROFILE_PATH 512
51 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 1048576
52 #define MSV1_0_SUBAUTHENTICATION_DLL 0xff000000
53 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
54 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
55 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
56 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xff000000
57 #define MSV1_0_SUBAUTHENTICATION_KEY "System\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
58 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
59 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 256
60 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 1024
61 #define MSV1_0_UPDATE_LOGON_STATISTICS 4
62 #define MSV1_0_USE_CLIENT_CHALLENGE 128
63 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
64 #define POLICY_VIEW_LOCAL_INFORMATION 1
65 #define POLICY_VIEW_AUDIT_INFORMATION 2
66 #define POLICY_GET_PRIVATE_INFORMATION 4
67 #define POLICY_TRUST_ADMIN 8
68 #define POLICY_CREATE_ACCOUNT 16
69 #define POLICY_CREATE_SECRET 32
70 #define POLICY_CREATE_PRIVILEGE 64
71 #define POLICY_SET_DEFAULT_QUOTA_LIMITS 128
72 #define POLICY_SET_AUDIT_REQUIREMENTS 256
73 #define POLICY_AUDIT_LOG_ADMIN 512
74 #define POLICY_SERVER_ADMIN 1024
75 #define POLICY_LOOKUP_NAMES 2048
76 #define POLICY_READ (STANDARD_RIGHTS_READ|6)
77 #define POLICY_WRITE (STANDARD_RIGHTS_WRITE|2040)
78 #define POLICY_EXECUTE (STANDARD_RIGHTS_EXECUTE|2049)
79 #define POLICY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|4095)
80 #define POLICY_AUDIT_EVENT_UNCHANGED 0
81 #define POLICY_AUDIT_EVENT_SUCCESS 1
82 #define POLICY_AUDIT_EVENT_FAILURE 2
83 #define POLICY_AUDIT_EVENT_NONE 4
84 #define POLICY_AUDIT_EVENT_MASK 7
85 #define POLICY_LOCATION_LOCAL 1
86 #define POLICY_LOCATION_DS 2
87 #define POLICY_MACHINE_POLICY_LOCAL 0
88 #define POLICY_MACHINE_POLICY_DEFAULTED 1
89 #define POLICY_MACHINE_POLICY_EXPLICIT 2
90 #define POLICY_MACHINE_POLICY_UNKNOWN 0xFFFFFFFF
91 #define POLICY_QOS_SCHANEL_REQUIRED 1
92 #define POLICY_QOS_OUTBOUND_INTEGRITY 2
93 #define POLICY_QOS_OUTBOUND_CONFIDENTIALITY 4
94 #define POLICY_QOS_INBOUND_INTEGREITY 8
95 #define POLICY_QOS_INBOUND_CONFIDENTIALITY 16
96 #define POLICY_QOS_ALLOW_LOCAL_ROOT_CERT_STORE 32
97 #define POLICY_QOS_RAS_SERVER_ALLOWED 64
98 #define POLICY_QOS_DHCP_SERVER_ALLOWD 128
99 #define POLICY_KERBEROS_FORWARDABLE 1
100 #define POLICY_KERBEROS_PROXYABLE 2
101 #define POLICY_KERBEROS_RENEWABLE 4
102 #define POLICY_KERBEROS_POSTDATEABLE 8
103 #define SAM_PASSWORD_CHANGE_NOTIFY_ROUTINE "PasswordChangeNotify"
104 #define SAM_INIT_NOTIFICATION_ROUTINE "InitializeChangeNotify"
105 #define SAM_PASSWORD_FILTER_ROUTINE "PasswordFilter"
106 #define SE_INTERACTIVE_LOGON_NAME TEXT("SeInteractiveLogonRight")
107 #define SE_NETWORK_LOGON_NAME TEXT("SeNetworkLogonRight")
108 #define SE_BATCH_LOGON_NAME TEXT("SeBatchLogonRight")
109 #define SE_SERVICE_LOGON_NAME TEXT("SeServiceLogonRight")
110 #define TRUST_ATTRIBUTE_NON_TRANSITIVE 1
111 #define TRUST_ATTRIBUTE_UPLEVEL_ONLY 2
112 #define TRUST_ATTRIBUTE_TREE_PARENT 4194304
113 #define TRUST_ATTRIBUTES_VALID -16580609
114 #define TRUST_AUTH_TYPE_NONE 0
115 #define TRUST_AUTH_TYPE_NT4OWF 1
116 #define TRUST_AUTH_TYPE_CLEAR 2
117 #define TRUST_DIRECTION_DISABLED 0
118 #define TRUST_DIRECTION_INBOUND 1
119 #define TRUST_DIRECTION_OUTBOUND 2
120 #define TRUST_DIRECTION_BIDIRECTIONAL 3
121 #define TRUST_TYPE_DOWNLEVEL 1
122 #define TRUST_TYPE_UPLEVEL 2
123 #define TRUST_TYPE_MIT 3
124 #define TRUST_TYPE_DCE 4
126 #define SCESTATUS_SUCCESS 0L
127 #define SCESTATUS_INVALID_PARAMETER 1L
128 #define SCESTATUS_RECORD_NOT_FOUND 2L
129 #define SCESTATUS_INVALID_DATA 3L
130 #define SCESTATUS_OBJECT_EXISTS 4L
131 #define SCESTATUS_BUFFER_TOO_SMALL 5L
132 #define SCESTATUS_PROFILE_NOT_FOUND 6L
133 #define SCESTATUS_BAD_FORMAT 7L
134 #define SCESTATUS_NOT_ENOUGH_RESOURCE 8L
135 #define SCESTATUS_ACCESS_DENIED 9L
136 #define SCESTATUS_CANT_DELETE 10L
137 #define SCESTATUS_PREFIX_OVERFLOW 11L
138 #define SCESTATUS_OTHER_ERROR 12L
139 #define SCESTATUS_ALREADY_RUNNING 13L
140 #define SCESTATUS_SERVICE_NOT_SUPPORT 14L
141 #define SCESTATUS_MOD_NOT_FOUND 15L
142 #define SCESTATUS_EXCEPTION_IN_SERVER 16L
143 #define SCESTATUS_NO_TEMPLATE_GIVEN 17L
144 #define SCESTATUS_NO_MAPPING 18L
145 #define SCESTATUS_TRUST_FAIL 19L
147 #if !defined(_NTDEF_)
148 typedef LONG NTSTATUS
, *PNTSTATUS
;
151 #if defined (_NTDEF_)
152 typedef UNICODE_STRING LSA_UNICODE_STRING
, *PLSA_UNICODE_STRING
;
153 typedef STRING LSA_STRING
, *PLSA_STRING
;
154 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES
, *PLSA_OBJECT_ATTRIBUTES
;
158 typedef struct _LSA_UNICODE_STRING
{
160 USHORT MaximumLength
;
162 [size_is(MaximumLength
/ 2), length_is(Length
/ 2)]
165 } LSA_UNICODE_STRING
, *PLSA_UNICODE_STRING
;
167 typedef struct _LSA_STRING
{
169 USHORT MaximumLength
;
171 } LSA_STRING
, *PLSA_STRING
;
173 typedef struct _LSA_OBJECT_ATTRIBUTES
{
175 HANDLE RootDirectory
;
176 PLSA_UNICODE_STRING ObjectName
;
178 PVOID SecurityDescriptor
;
179 PVOID SecurityQualityOfService
;
180 } LSA_OBJECT_ATTRIBUTES
, *PLSA_OBJECT_ATTRIBUTES
;
182 typedef LSA_UNICODE_STRING UNICODE_STRING
, *PUNICODE_STRING
;
183 typedef LSA_STRING STRING
, *PSTRING
;
187 typedef enum _KERB_LOGON_SUBMIT_TYPE
189 KerbInteractiveLogon
= 2,
191 KerbTicketLogon
= 10,
192 KerbTicketUnlockLogon
= 11
193 } KERB_LOGON_SUBMIT_TYPE
, *PKERB_LOGON_SUBMIT_TYPE
;
194 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE
{
195 MsV1_0InteractiveLogon
= 2,
199 MsV1_0WorkstationUnlockLogon
= 7
200 } MSV1_0_LOGON_SUBMIT_TYPE
, *PMSV1_0_LOGON_SUBMIT_TYPE
;
201 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE
{
202 MsV1_0InteractiveProfile
= 2,
203 MsV1_0Lm20LogonProfile
,
204 MsV1_0SmartCardProfile
205 } MSV1_0_PROFILE_BUFFER_TYPE
, *PMSV1_0_PROFILE_BUFFER_TYPE
;
210 MsvAvDnsComputerName
,
213 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE
{
214 MsV1_0Lm20ChallengeRequest
= 0,
215 MsV1_0Lm20GetChallengeResponse
,
216 MsV1_0EnumerateUsers
,
219 MsV1_0ChangePassword
,
220 MsV1_0ChangeCachedPassword
,
221 MsV1_0GenericPassthrough
,
224 MsV1_0DeriveCredential
,
226 } MSV1_0_PROTOCOL_MESSAGE_TYPE
, *PMSV1_0_PROTOCOL_MESSAGE_TYPE
;
227 typedef enum _POLICY_LSA_SERVER_ROLE
{
228 PolicyServerRoleBackup
= 2,
229 PolicyServerRolePrimary
230 } POLICY_LSA_SERVER_ROLE
, *PPOLICY_LSA_SERVER_ROLE
;
231 typedef enum _POLICY_SERVER_ENABLE_STATE
{
232 PolicyServerEnabled
= 2,
234 } POLICY_SERVER_ENABLE_STATE
, *PPOLICY_SERVER_ENABLE_STATE
;
235 typedef enum _POLICY_INFORMATION_CLASS
{
236 PolicyAuditLogInformation
= 1,
237 PolicyAuditEventsInformation
,
238 PolicyPrimaryDomainInformation
,
239 PolicyPdAccountInformation
,
240 PolicyAccountDomainInformation
,
241 PolicyLsaServerRoleInformation
,
242 PolicyReplicaSourceInformation
,
243 PolicyDefaultQuotaInformation
,
244 PolicyModificationInformation
,
245 PolicyAuditFullSetInformation
,
246 PolicyAuditFullQueryInformation
,
247 PolicyDnsDomainInformation
,
249 } POLICY_INFORMATION_CLASS
, *PPOLICY_INFORMATION_CLASS
;
250 typedef enum _POLICY_AUDIT_EVENT_TYPE
{
253 AuditCategoryObjectAccess
,
254 AuditCategoryPrivilegeUse
,
255 AuditCategoryDetailedTracking
,
256 AuditCategoryPolicyChange
,
257 AuditCategoryAccountManagement
,
258 AuditCategoryDirectoryServiceAccess
,
259 AuditCategoryAccountLogon
260 } POLICY_AUDIT_EVENT_TYPE
, *PPOLICY_AUDIT_EVENT_TYPE
;
261 typedef enum _POLICY_LOCAL_INFORMATION_CLASS
{
262 PolicyLocalAuditEventsInformation
= 1,
263 PolicyLocalPdAccountInformation
,
264 PolicyLocalAccountDomainInformation
,
265 PolicyLocalLsaServerRoleInformation
,
266 PolicyLocalReplicaSourceInformation
,
267 PolicyLocalModificationInformation
,
268 PolicyLocalAuditFullSetInformation
,
269 PolicyLocalAuditFullQueryInformation
,
270 PolicyLocalDnsDomainInformation
,
271 PolicyLocalIPSecReferenceInformation
,
272 PolicyLocalMachinePasswordInformation
,
273 PolicyLocalQualityOfServiceInformation
,
274 PolicyLocalPolicyLocationInformation
275 } POLICY_LOCAL_INFORMATION_CLASS
, *PPOLICY_LOCAL_INFORMATION_CLASS
;
276 typedef enum _POLICY_DOMAIN_INFORMATION_CLASS
{
277 PolicyDomainIPSecReferenceInformation
= 1,
278 PolicyDomainQualityOfServiceInformation
,
279 PolicyDomainEfsInformation
,
280 PolicyDomainPublicKeyInformation
,
281 PolicyDomainPasswordPolicyInformation
,
282 PolicyDomainLockoutInformation
,
283 PolicyDomainKerberosTicketInformation
284 } POLICY_DOMAIN_INFORMATION_CLASS
, *PPOLICY_DOMAIN_INFORMATION_CLASS
;
285 typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS
{
286 PolicyNotifyAuditEventsInformation
= 1,
287 PolicyNotifyAccountDomainInformation
,
288 PolicyNotifyServerRoleInformation
,
289 PolicyNotifyDnsDomainInformation
,
290 PolicyNotifyDomainEfsInformation
,
291 PolicyNotifyDomainKerberosTicketInformation
,
292 PolicyNotifyMachineAccountPasswordInformation
293 } POLICY_NOTIFICATION_INFORMATION_CLASS
, *PPOLICY_NOTIFICATION_INFORMATION_CLASS
;
294 typedef enum _SECURITY_LOGON_TYPE
{
301 } SECURITY_LOGON_TYPE
, *PSECURITY_LOGON_TYPE
;
302 typedef struct _SECURITY_LOGON_SESSION_DATA
{
305 LSA_UNICODE_STRING UserName
;
306 LSA_UNICODE_STRING LogonDomain
;
307 LSA_UNICODE_STRING AuthenticationPackage
;
311 LARGE_INTEGER LogonTime
;
312 LSA_UNICODE_STRING LogonServer
;
313 LSA_UNICODE_STRING DnsDomainName
;
314 LSA_UNICODE_STRING Upn
;
315 } SECURITY_LOGON_SESSION_DATA
, *PSECURITY_LOGON_SESSION_DATA
;
316 typedef enum _TRUSTED_INFORMATION_CLASS
{
317 TrustedDomainNameInformation
= 1,
318 TrustedControllersInformation
,
319 TrustedPosixOffsetInformation
,
320 TrustedPasswordInformation
,
321 TrustedDomainInformationBasic
,
322 TrustedDomainInformationEx
,
323 TrustedDomainAuthInformation
,
324 TrustedDomainFullInformation
325 } TRUSTED_INFORMATION_CLASS
, *PTRUSTED_INFORMATION_CLASS
;
326 typedef enum _LSA_FOREST_TRUST_RECORD_TYPE
{
327 ForestTrustTopLevelName
,
328 ForestTrustTopLevelNameEx
,
329 ForestTrustDomainInfo
,
330 ForestTrustRecordTypeLast
= ForestTrustDomainInfo
331 } LSA_FOREST_TRUST_RECORD_TYPE
;
332 typedef enum _LSA_FOREST_TRUST_COLLISION_RECORD_TYPE
{
336 } LSA_FOREST_TRUST_COLLISION_RECORD_TYPE
;
337 typedef struct _DOMAIN_PASSWORD_INFORMATION
{
338 USHORT MinPasswordLength
;
339 USHORT PasswordHistoryLength
;
340 ULONG PasswordProperties
;
341 LARGE_INTEGER MaxPasswordAge
;
342 LARGE_INTEGER MinPasswordAge
;
343 } DOMAIN_PASSWORD_INFORMATION
, *PDOMAIN_PASSWORD_INFORMATION
;
344 typedef ULONG LSA_ENUMERATION_HANDLE
, *PLSA_ENUMERATION_HANDLE
;
345 typedef struct _LSA_ENUMERATION_INFORMATION
{
347 } LSA_ENUMERATION_INFORMATION
, *PLSA_ENUMERATION_INFORMATION
;
348 typedef ULONG LSA_OPERATIONAL_MODE
, *PLSA_OPERATIONAL_MODE
;
350 typedef struct _LSA_FOREST_TRUST_DOMAIN_INFO
{
352 LSA_UNICODE_STRING DnsName
;
353 LSA_UNICODE_STRING NetbiosName
;
354 } LSA_FOREST_TRUST_DOMAIN_INFO
, *PLSA_FOREST_TRUST_DOMAIN_INFO
;
355 typedef struct _LSA_FOREST_TRUST_BINARY_DATA
{
358 } LSA_FOREST_TRUST_BINARY_DATA
, *PLSA_FOREST_TRUST_BINARY_DATA
;
359 typedef struct _LSA_FOREST_TRUST_RECORD
{
361 LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType
;
364 LSA_UNICODE_STRING TopLevelName
;
365 LSA_FOREST_TRUST_DOMAIN_INFO DomainInfo
;
366 LSA_FOREST_TRUST_BINARY_DATA Data
;
368 } LSA_FOREST_TRUST_RECORD
, *PLSA_FOREST_TRUST_RECORD
;
369 typedef struct _LSA_FOREST_TRUST_INFORMATION
{
371 PLSA_FOREST_TRUST_RECORD
*Entries
;
372 } LSA_FOREST_TRUST_INFORMATION
, *PLSA_FOREST_TRUST_INFORMATION
;
373 typedef struct _LSA_FOREST_TRUST_COLLISION_RECORD
{
375 LSA_FOREST_TRUST_COLLISION_RECORD_TYPE Type
;
377 LSA_UNICODE_STRING Name
;
378 } LSA_FOREST_TRUST_COLLISION_RECORD
, *PLSA_FOREST_TRUST_COLLISION_RECORD
;
379 typedef struct _LSA_FOREST_TRUST_COLLISION_INFORMATION
{
381 PLSA_FOREST_TRUST_COLLISION_RECORD
*Entries
;
382 } LSA_FOREST_TRUST_COLLISION_INFORMATION
, *PLSA_FOREST_TRUST_COLLISION_INFORMATION
;
383 typedef struct _LSA_TRUST_INFORMATION
{
384 LSA_UNICODE_STRING Name
;
386 } LSA_TRUST_INFORMATION
, *PLSA_TRUST_INFORMATION
;
387 typedef struct _LSA_REFERENCED_DOMAIN_LIST
{
389 PLSA_TRUST_INFORMATION Domains
;
390 } LSA_REFERENCED_DOMAIN_LIST
, *PLSA_REFERENCED_DOMAIN_LIST
;
391 typedef struct _LSA_TRANSLATED_SID
{
395 } LSA_TRANSLATED_SID
, *PLSA_TRANSLATED_SID
;
396 typedef struct _LSA_TRANSLATED_SID2
{
401 } LSA_TRANSLATED_SID2
, *PLSA_TRANSLATED_SID2
;
402 typedef struct _LSA_TRANSLATED_NAME
{
404 LSA_UNICODE_STRING Name
;
406 } LSA_TRANSLATED_NAME
, *PLSA_TRANSLATED_NAME
;
408 typedef struct _KERB_INTERACTIVE_LOGON
{
409 KERB_LOGON_SUBMIT_TYPE MessageType
;
410 UNICODE_STRING LogonDomainName
;
411 UNICODE_STRING UserName
;
412 UNICODE_STRING Password
;
413 } KERB_INTERACTIVE_LOGON
, *PKERB_INTERACTIVE_LOGON
;
414 typedef struct _MSV1_0_INTERACTIVE_LOGON
{
415 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
416 UNICODE_STRING LogonDomainName
;
417 UNICODE_STRING UserName
;
418 UNICODE_STRING Password
;
419 } MSV1_0_INTERACTIVE_LOGON
, *PMSV1_0_INTERACTIVE_LOGON
;
420 typedef struct _MSV1_0_INTERACTIVE_PROFILE
{
421 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
423 USHORT BadPasswordCount
;
424 LARGE_INTEGER LogonTime
;
425 LARGE_INTEGER LogoffTime
;
426 LARGE_INTEGER KickOffTime
;
427 LARGE_INTEGER PasswordLastSet
;
428 LARGE_INTEGER PasswordCanChange
;
429 LARGE_INTEGER PasswordMustChange
;
430 UNICODE_STRING LogonScript
;
431 UNICODE_STRING HomeDirectory
;
432 UNICODE_STRING FullName
;
433 UNICODE_STRING ProfilePath
;
434 UNICODE_STRING HomeDirectoryDrive
;
435 UNICODE_STRING LogonServer
;
437 } MSV1_0_INTERACTIVE_PROFILE
, *PMSV1_0_INTERACTIVE_PROFILE
;
438 typedef struct _MSV1_0_LM20_LOGON
{
439 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
440 UNICODE_STRING LogonDomainName
;
441 UNICODE_STRING UserName
;
442 UNICODE_STRING Workstation
;
443 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
444 STRING CaseSensitiveChallengeResponse
;
445 STRING CaseInsensitiveChallengeResponse
;
446 ULONG ParameterControl
;
447 } MSV1_0_LM20_LOGON
, * PMSV1_0_LM20_LOGON
;
448 typedef struct _MSV1_0_SUBAUTH_LOGON
{ /* W2K only */
449 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
450 UNICODE_STRING LogonDomainName
;
451 UNICODE_STRING UserName
;
452 UNICODE_STRING Workstation
;
453 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
454 STRING AuthenticationInfo1
;
455 STRING AuthenticationInfo2
;
456 ULONG ParameterControl
;
457 ULONG SubAuthPackageId
;
458 } MSV1_0_SUBAUTH_LOGON
, * PMSV1_0_SUBAUTH_LOGON
;
459 typedef struct _MSV1_0_LM20_LOGON_PROFILE
{
460 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
461 LARGE_INTEGER KickOffTime
;
462 LARGE_INTEGER LogoffTime
;
464 UCHAR UserSessionKey
[MSV1_0_USER_SESSION_KEY_LENGTH
];
465 UNICODE_STRING LogonDomainName
;
466 UCHAR LanmanSessionKey
[MSV1_0_LANMAN_SESSION_KEY_LENGTH
];
467 UNICODE_STRING LogonServer
;
468 UNICODE_STRING UserParameters
;
469 } MSV1_0_LM20_LOGON_PROFILE
, * PMSV1_0_LM20_LOGON_PROFILE
;
470 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL
{
473 UCHAR LmPassword
[MSV1_0_OWF_PASSWORD_LENGTH
];
474 UCHAR NtPassword
[MSV1_0_OWF_PASSWORD_LENGTH
];
475 } MSV1_0_SUPPLEMENTAL_CREDENTIAL
, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL
;
476 typedef struct _MSV1_0_NTLM3_RESPONSE
{
477 UCHAR Response
[MSV1_0_NTLM3_RESPONSE_LENGTH
];
483 UCHAR ChallengeFromClient
[MSV1_0_CHALLENGE_LENGTH
];
486 } MSV1_0_NTLM3_RESPONSE
, *PMSV1_0_NTLM3_RESPONSE
;
487 typedef struct _MSV1_0_AV_PAIR
{
490 } MSV1_0_AV_PAIR
, *PMSV1_0_AV_PAIR
;
491 typedef struct _MSV1_0_CHANGEPASSWORD_REQUEST
{
492 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
493 UNICODE_STRING DomainName
;
494 UNICODE_STRING AccountName
;
495 UNICODE_STRING OldPassword
;
496 UNICODE_STRING NewPassword
;
497 BOOLEAN Impersonating
;
498 } MSV1_0_CHANGEPASSWORD_REQUEST
, *PMSV1_0_CHANGEPASSWORD_REQUEST
;
499 typedef struct _MSV1_0_CHANGEPASSWORD_RESPONSE
{
500 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
501 BOOLEAN PasswordInfoValid
;
502 DOMAIN_PASSWORD_INFORMATION DomainPasswordInfo
;
503 } MSV1_0_CHANGEPASSWORD_RESPONSE
, *PMSV1_0_CHANGEPASSWORD_RESPONSE
;
504 typedef struct _MSV1_0_SUBAUTH_REQUEST
{
505 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
506 ULONG SubAuthPackageId
;
507 ULONG SubAuthInfoLength
;
508 PUCHAR SubAuthSubmitBuffer
;
509 } MSV1_0_SUBAUTH_REQUEST
, *PMSV1_0_SUBAUTH_REQUEST
;
510 typedef struct _MSV1_0_SUBAUTH_RESPONSE
{
511 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
512 ULONG SubAuthInfoLength
;
513 PUCHAR SubAuthReturnBuffer
;
514 } MSV1_0_SUBAUTH_RESPONSE
, *PMSV1_0_SUBAUTH_RESPONSE
;
515 #define MSV1_0_DERIVECRED_TYPE_SHA1 0
516 typedef struct _MSV1_0_DERIVECRED_REQUEST
{
517 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
519 ULONG DeriveCredType
;
520 ULONG DeriveCredInfoLength
;
521 UCHAR DeriveCredSubmitBuffer
[1];
522 } MSV1_0_DERIVECRED_REQUEST
, *PMSV1_0_DERIVECRED_REQUEST
;
523 typedef struct _MSV1_0_DERIVECRED_RESPONSE
{
524 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
525 ULONG DeriveCredInfoLength
;
526 UCHAR DeriveCredReturnBuffer
[1];
527 } MSV1_0_DERIVECRED_RESPONSE
, *PMSV1_0_DERIVECRED_RESPONSE
;
528 typedef ULONG POLICY_AUDIT_EVENT_OPTIONS
, *PPOLICY_AUDIT_EVENT_OPTIONS
;
529 typedef struct _POLICY_PRIVILEGE_DEFINITION
{
530 LSA_UNICODE_STRING Name
;
532 } POLICY_PRIVILEGE_DEFINITION
, *PPOLICY_PRIVILEGE_DEFINITION
;
533 typedef struct _POLICY_AUDIT_LOG_INFO
{
534 ULONG AuditLogPercentFull
;
535 ULONG MaximumLogSize
;
536 LARGE_INTEGER AuditRetentionPeriod
;
537 BOOLEAN AuditLogFullShutdownInProgress
;
538 LARGE_INTEGER TimeToShutdown
;
539 ULONG NextAuditRecordId
;
540 } POLICY_AUDIT_LOG_INFO
, *PPOLICY_AUDIT_LOG_INFO
;
541 typedef struct _POLICY_AUDIT_EVENTS_INFO
{
542 BOOLEAN AuditingMode
;
543 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions
;
544 ULONG MaximumAuditEventCount
;
545 } POLICY_AUDIT_EVENTS_INFO
, *PPOLICY_AUDIT_EVENTS_INFO
;
546 typedef struct _POLICY_ACCOUNT_DOMAIN_INFO
{
547 LSA_UNICODE_STRING DomainName
;
549 } POLICY_ACCOUNT_DOMAIN_INFO
, *PPOLICY_ACCOUNT_DOMAIN_INFO
;
550 typedef struct _POLICY_PRIMARY_DOMAIN_INFO
{
551 LSA_UNICODE_STRING Name
;
553 } POLICY_PRIMARY_DOMAIN_INFO
, *PPOLICY_PRIMARY_DOMAIN_INFO
;
554 typedef struct _POLICY_DNS_DOMAIN_INFO
{
555 LSA_UNICODE_STRING Name
;
556 LSA_UNICODE_STRING DnsDomainName
;
557 LSA_UNICODE_STRING DnsForestName
;
560 } POLICY_DNS_DOMAIN_INFO
, *PPOLICY_DNS_DOMAIN_INFO
;
561 typedef struct _POLICY_PD_ACCOUNT_INFO
{
562 LSA_UNICODE_STRING Name
;
563 } POLICY_PD_ACCOUNT_INFO
, *PPOLICY_PD_ACCOUNT_INFO
;
564 typedef struct _POLICY_LSA_SERVER_ROLE_INFO
{
565 POLICY_LSA_SERVER_ROLE LsaServerRole
;
566 } POLICY_LSA_SERVER_ROLE_INFO
, *PPOLICY_LSA_SERVER_ROLE_INFO
;
567 typedef struct _POLICY_REPLICA_SOURCE_INFO
{
568 LSA_UNICODE_STRING ReplicaSource
;
569 LSA_UNICODE_STRING ReplicaAccountName
;
570 } POLICY_REPLICA_SOURCE_INFO
, *PPOLICY_REPLICA_SOURCE_INFO
;
571 typedef struct _POLICY_DEFAULT_QUOTA_INFO
{
572 QUOTA_LIMITS QuotaLimits
;
573 } POLICY_DEFAULT_QUOTA_INFO
, *PPOLICY_DEFAULT_QUOTA_INFO
;
574 typedef struct _POLICY_MODIFICATION_INFO
{
575 LARGE_INTEGER ModifiedId
;
576 LARGE_INTEGER DatabaseCreationTime
;
577 } POLICY_MODIFICATION_INFO
, *PPOLICY_MODIFICATION_INFO
;
578 typedef struct _POLICY_AUDIT_FULL_SET_INFO
{
579 BOOLEAN ShutDownOnFull
;
580 } POLICY_AUDIT_FULL_SET_INFO
, *PPOLICY_AUDIT_FULL_SET_INFO
;
581 typedef struct _POLICY_AUDIT_FULL_QUERY_INFO
{
582 BOOLEAN ShutDownOnFull
;
584 } POLICY_AUDIT_FULL_QUERY_INFO
, *PPOLICY_AUDIT_FULL_QUERY_INFO
;
585 typedef struct _POLICY_EFS_INFO
{
588 } POLICY_EFS_INFO
, *PPOLICY_EFS_INFO
;
589 typedef struct _POLICY_LOCAL_IPSEC_REFERENCE_INFO
{
590 LSA_UNICODE_STRING ObjectPath
;
591 } POLICY_LOCAL_IPSEC_REFERENCE_INFO
, *PPOLICY_LOCAL_IPSEC_REFERENCE_INFO
;
592 typedef struct _POLICY_LOCAL_MACHINE_PASSWORD_INFO
{
593 LARGE_INTEGER PasswordChangeInterval
;
594 } POLICY_LOCAL_MACHINE_PASSWORD_INFO
, *PPOLICY_LOCAL_MACHINE_PASSWORD_INFO
;
595 typedef struct _POLICY_LOCAL_POLICY_LOCATION_INFO
{
596 ULONG PolicyLocation
;
597 } POLICY_LOCAL_POLICY_LOCATION_INFO
, *PPOLICY_LOCAL_POLICY_LOCATION_INFO
;
598 typedef struct _POLICY_LOCAL_QUALITY_OF_SERVICE_INFO
{
599 ULONG QualityOfService
;
600 } POLICY_LOCAL_QUALITY_OF_SERVICE_INFO
, *PPOLICY_LOCAL_QUALITY_OF_SERVICE_INFO
;
601 typedef struct _POLICY_LOCAL_QUALITY_OF_SERVICE_INFO POLICY_DOMAIN_QUALITY_OF_SERVICE_INFO
;
602 typedef struct _POLICY_LOCAL_QUALITY_OF_SERVICE_INFO
*PPOLICY_DOMAIN_QUALITY_OF_SERVICE_INFO
;
603 typedef struct _POLICY_DOMAIN_PUBLIC_KEY_INFO
{
605 PUCHAR PublicKeyInfo
;
606 } POLICY_DOMAIN_PUBLIC_KEY_INFO
, *PPOLICY_DOMAIN_PUBLIC_KEY_INFO
;
607 typedef struct _POLICY_DOMAIN_LOCKOUT_INFO
{
608 LARGE_INTEGER LockoutDuration
;
609 LARGE_INTEGER LockoutObservationWindow
;
610 USHORT LockoutThreshold
;
611 } POLICY_DOMAIN_LOCKOUT_INFO
, *PPOLICY_DOMAIN_LOCKOUT_INFO
;
612 typedef struct _POLICY_DOMAIN_PASSWORD_INFO
{
613 USHORT MinPasswordLength
;
614 USHORT PasswordHistoryLength
;
615 ULONG PasswordProperties
;
616 LARGE_INTEGER MaxPasswordAge
;
617 LARGE_INTEGER MinPasswordAge
;
618 } POLICY_DOMAIN_PASSWORD_INFO
, *PPOLICY_DOMAIN_PASSWORD_INFO
;
619 typedef struct _POLICY_DOMAIN_KERBEROS_TICKET_INFO
{
620 ULONG AuthenticationOptions
;
621 LARGE_INTEGER MinTicketAge
;
622 LARGE_INTEGER MaxTicketAge
;
623 LARGE_INTEGER MaxRenewAge
;
624 LARGE_INTEGER ProxyLifetime
;
625 LARGE_INTEGER ForceLogoff
;
626 } POLICY_DOMAIN_KERBEROS_TICKET_INFO
, *PPOLICY_DOMAIN_KERBEROS_TICKET_INFO
;
627 typedef PVOID LSA_HANDLE
, *PLSA_HANDLE
;
628 typedef struct _TRUSTED_DOMAIN_NAME_INFO
{
629 LSA_UNICODE_STRING Name
;
630 } TRUSTED_DOMAIN_NAME_INFO
, *PTRUSTED_DOMAIN_NAME_INFO
;
631 typedef struct _TRUSTED_CONTROLLERS_INFO
{
633 PLSA_UNICODE_STRING Names
;
634 } TRUSTED_CONTROLLERS_INFO
, *PTRUSTED_CONTROLLERS_INFO
;
635 typedef struct _TRUSTED_POSIX_OFFSET_INFO
{
637 } TRUSTED_POSIX_OFFSET_INFO
, *PTRUSTED_POSIX_OFFSET_INFO
;
638 typedef struct _TRUSTED_PASSWORD_INFO
{
639 LSA_UNICODE_STRING Password
;
640 LSA_UNICODE_STRING OldPassword
;
641 } TRUSTED_PASSWORD_INFO
, *PTRUSTED_PASSWORD_INFO
;
642 typedef LSA_TRUST_INFORMATION TRUSTED_DOMAIN_INFORMATION_BASIC
;
643 typedef PLSA_TRUST_INFORMATION
*PTRUSTED_DOMAIN_INFORMATION_BASIC
;
644 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX
{
645 LSA_UNICODE_STRING Name
;
646 LSA_UNICODE_STRING FlatName
;
648 ULONG TrustDirection
;
650 ULONG TrustAttributes
;
651 } TRUSTED_DOMAIN_INFORMATION_EX
, *PTRUSTED_DOMAIN_INFORMATION_EX
;
652 typedef struct _LSA_AUTH_INFORMATION
{
653 LARGE_INTEGER LastUpdateTime
;
655 ULONG AuthInfoLength
;
657 } LSA_AUTH_INFORMATION
, *PLSA_AUTH_INFORMATION
;
658 typedef struct _TRUSTED_DOMAIN_AUTH_INFORMATION
{
659 ULONG IncomingAuthInfos
;
660 PLSA_AUTH_INFORMATION IncomingAuthenticationInformation
;
661 PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation
;
662 ULONG OutgoingAuthInfos
;
663 PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation
;
664 PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation
;
665 } TRUSTED_DOMAIN_AUTH_INFORMATION
, *PTRUSTED_DOMAIN_AUTH_INFORMATION
;
666 typedef struct _TRUSTED_DOMAIN_FULL_INFORMATION
{
667 TRUSTED_DOMAIN_INFORMATION_EX Information
;
668 TRUSTED_POSIX_OFFSET_INFO PosixOffset
;
669 TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation
;
670 } TRUSTED_DOMAIN_FULL_INFORMATION
, *PTRUSTED_DOMAIN_FULL_INFORMATION
;
671 NTSTATUS NTAPI
LsaAddAccountRights(LSA_HANDLE
,PSID
,PLSA_UNICODE_STRING
,ULONG
);
672 NTSTATUS NTAPI
LsaCallAuthenticationPackage(HANDLE
,ULONG
,PVOID
,ULONG
,PVOID
*,
674 NTSTATUS NTAPI
LsaClose(LSA_HANDLE
);
675 NTSTATUS NTAPI
LsaConnectUntrusted(PHANDLE
);
676 NTSTATUS NTAPI
LsaCreateTrustedDomainEx(LSA_HANDLE
,
677 PTRUSTED_DOMAIN_INFORMATION_EX
,
678 PTRUSTED_DOMAIN_AUTH_INFORMATION
,ACCESS_MASK
,
680 NTSTATUS NTAPI
LsaDeleteTrustedDomain(LSA_HANDLE
,PSID
);
681 NTSTATUS NTAPI
LsaDeregisterLogonProcess(HANDLE
);
682 NTSTATUS NTAPI
LsaEnumerateAccountRights(LSA_HANDLE
,PSID
,PLSA_UNICODE_STRING
*,PULONG
);
683 NTSTATUS NTAPI
LsaEnumerateAccountsWithUserRight(LSA_HANDLE
,PLSA_UNICODE_STRING
,
685 NTSTATUS NTAPI
LsaEnumerateTrustedDomains(LSA_HANDLE
,PLSA_ENUMERATION_HANDLE
,
686 PVOID
*,ULONG
,PULONG
);
687 NTSTATUS NTAPI
LsaEnumerateTrustedDomainsEx(LSA_HANDLE
,PLSA_ENUMERATION_HANDLE
,
688 PVOID
*,ULONG
,PULONG
);
689 NTSTATUS NTAPI
LsaFreeMemory(PVOID
);
690 NTSTATUS NTAPI
LsaFreeReturnBuffer(PVOID
);
691 NTSTATUS NTAPI
LsaLogonUser(HANDLE
,PLSA_STRING
,SECURITY_LOGON_TYPE
,ULONG
,PVOID
,
692 ULONG
,PTOKEN_GROUPS
,PTOKEN_SOURCE
,PVOID
*,PULONG
,
693 PLUID
,PHANDLE
,PQUOTA_LIMITS
,PNTSTATUS
);
694 NTSTATUS NTAPI
LsaLookupAuthenticationPackage(HANDLE
,PLSA_STRING
,PULONG
);
695 NTSTATUS NTAPI
LsaLookupNames(LSA_HANDLE
,ULONG
,PLSA_UNICODE_STRING
,
696 PLSA_REFERENCED_DOMAIN_LIST
*,PLSA_TRANSLATED_SID
*);
697 NTSTATUS NTAPI
LsaLookupNames2(LSA_HANDLE
,ULONG
,ULONG
,PLSA_UNICODE_STRING
,
698 PLSA_REFERENCED_DOMAIN_LIST
*,PLSA_TRANSLATED_SID2
*);
699 NTSTATUS NTAPI
LsaLookupSids(LSA_HANDLE
,ULONG
,PSID
*,
700 PLSA_REFERENCED_DOMAIN_LIST
*,PLSA_TRANSLATED_NAME
*);
701 ULONG NTAPI
LsaNtStatusToWinError(NTSTATUS
);
702 NTSTATUS NTAPI
LsaOpenPolicy(PLSA_UNICODE_STRING
,PLSA_OBJECT_ATTRIBUTES
,
703 ACCESS_MASK
,PLSA_HANDLE
);
704 NTSTATUS NTAPI
LsaQueryDomainInformationPolicy(LSA_HANDLE
,
705 POLICY_DOMAIN_INFORMATION_CLASS
,PVOID
*);
706 NTSTATUS NTAPI
LsaQueryInformationPolicy(LSA_HANDLE
,POLICY_INFORMATION_CLASS
,PVOID
*);
707 NTSTATUS NTAPI
LsaQueryLocalInformationPolicy(LSA_HANDLE
,
708 POLICY_LOCAL_INFORMATION_CLASS
,PVOID
*);
709 NTSTATUS NTAPI
LsaQueryTrustedDomainInfo(LSA_HANDLE
,PSID
,
710 TRUSTED_INFORMATION_CLASS
,PVOID
*);
711 NTSTATUS NTAPI
LsaQueryTrustedDomainInfoByName(LSA_HANDLE
,PLSA_UNICODE_STRING
,
712 TRUSTED_INFORMATION_CLASS
,PVOID
*);
713 NTSTATUS NTAPI
LsaRegisterLogonProcess(PLSA_STRING
,PHANDLE
,PLSA_OPERATIONAL_MODE
);
714 NTSTATUS NTAPI
LsaRemoveAccountRights(LSA_HANDLE
,PSID
,BOOLEAN
,
715 PLSA_UNICODE_STRING
,ULONG
);
716 NTSTATUS NTAPI
LsaRetrievePrivateData(LSA_HANDLE
,PLSA_UNICODE_STRING
,
717 PLSA_UNICODE_STRING
*);
718 NTSTATUS NTAPI
LsaSetDomainInformationPolicy(LSA_HANDLE
,
719 POLICY_DOMAIN_INFORMATION_CLASS
,PVOID
);
720 NTSTATUS NTAPI
LsaSetInformationPolicy(LSA_HANDLE
,POLICY_INFORMATION_CLASS
, PVOID
);
721 NTSTATUS NTAPI
LsaSetLocalInformationPolicy(LSA_HANDLE
,
722 POLICY_LOCAL_INFORMATION_CLASS
,PVOID
);
723 NTSTATUS NTAPI
LsaSetTrustedDomainInformation(LSA_HANDLE
,PSID
,
724 TRUSTED_INFORMATION_CLASS
,PVOID
);
725 NTSTATUS NTAPI
LsaSetTrustedDomainInfoByName(LSA_HANDLE
,PLSA_UNICODE_STRING
,
726 TRUSTED_INFORMATION_CLASS
,PVOID
);
727 NTSTATUS NTAPI
LsaStorePrivateData(LSA_HANDLE
,PLSA_UNICODE_STRING
,
728 PLSA_UNICODE_STRING
);
729 typedef NTSTATUS (*PSAM_PASSWORD_NOTIFICATION_ROUTINE
)(PUNICODE_STRING
,
730 ULONG
,PUNICODE_STRING
);
731 typedef BOOLEAN (*PSAM_INIT_NOTIFICATION_ROUTINE
)(void);
732 typedef BOOLEAN (*PSAM_PASSWORD_FILTER_ROUTINE
)(PUNICODE_STRING
,PUNICODE_STRING
,
733 PUNICODE_STRING
,BOOLEAN
);
737 #endif /* _NTSECAPI_H */