4 #pragma GCC system_header
10 #define KERB_WRAP_NO_ENCRYPT 0x80000001
12 #define LOGON_NOENCRYPTION 2
13 #define LOGON_CACHED_ACCOUNT 4
14 #define LOGON_USED_LM_PASSWORD 8
15 #define LOGON_EXTRA_SIDS 32
16 #define LOGON_SUBAUTH_SESSION_KEY 64
17 #define LOGON_SERVER_TRUST_ACCOUNT 128
18 #define LOGON_NTLMV2_ENABLED 256
19 #define LOGON_RESOURCE_GROUPS 512
20 #define LOGON_PROFILE_PATH_RETURNED 1024
21 #define LOGON_GRACE_LOGON 16777216
22 #define LSA_MODE_PASSWORD_PROTECTED 1
23 #define LSA_MODE_INDIVIDUAL_ACCOUNTS 2
24 #define LSA_MODE_MANDATORY_ACCESS 3
25 #define LSA_MODE_LOG_FULL 4
26 #define LSA_SUCCESS(x) ((LONG)(x)>=0)
27 #define MICROSOFT_KERBEROS_NAME_A "Kerberos"
28 #define MICROSOFT_KERBEROS_NAME_W L"Kerberos"
29 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 32
30 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 2048
31 #define MSV1_0_CHALLENGE_LENGTH 8
32 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 2
33 #define MSV1_0_CRED_LM_PRESENT 1
34 #define MSV1_0_CRED_NT_PRESENT 2
35 #define MSV1_0_CRED_VERSION 0
36 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 16
37 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
38 #define MSV1_0_MAX_NTLM3_LIFE 1800
39 #define MSV1_0_MAX_AVL_SIZE 64000
40 #define MSV1_0_MNS_LOGON 16777216
41 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
42 #define MSV1_0_NTLM3_OWF_LENGTH 16
43 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE)-MSV1_0_NTLM3_RESPONSE_LENGTH)
44 #define MSV1_0_OWF_PASSWORD_LENGTH 16
45 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
46 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
47 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW)-sizeof(WCHAR)
48 #define MSV1_0_RETURN_USER_PARAMETERS 8
49 #define MSV1_0_RETURN_PASSWORD_EXPIRY 64
50 #define MSV1_0_RETURN_PROFILE_PATH 512
51 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 1048576
52 #define MSV1_0_SUBAUTHENTICATION_DLL 0xff000000
53 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
54 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
55 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
56 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xff000000
57 #define MSV1_0_SUBAUTHENTICATION_KEY "System\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
58 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
59 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 256
60 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 1024
61 #define MSV1_0_UPDATE_LOGON_STATISTICS 4
62 #define MSV1_0_USE_CLIENT_CHALLENGE 128
63 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
64 #define POLICY_VIEW_LOCAL_INFORMATION 1
65 #define POLICY_VIEW_AUDIT_INFORMATION 2
66 #define POLICY_GET_PRIVATE_INFORMATION 4
67 #define POLICY_TRUST_ADMIN 8
68 #define POLICY_CREATE_ACCOUNT 16
69 #define POLICY_CREATE_SECRET 32
70 #define POLICY_CREATE_PRIVILEGE 64
71 #define POLICY_SET_DEFAULT_QUOTA_LIMITS 128
72 #define POLICY_SET_AUDIT_REQUIREMENTS 256
73 #define POLICY_AUDIT_LOG_ADMIN 512
74 #define POLICY_SERVER_ADMIN 1024
75 #define POLICY_LOOKUP_NAMES 2048
76 #define POLICY_READ (STANDARD_RIGHTS_READ|6)
77 #define POLICY_WRITE (STANDARD_RIGHTS_WRITE|2040)
78 #define POLICY_EXECUTE (STANDARD_RIGHTS_EXECUTE|2049)
79 #define POLICY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|4095)
80 #define POLICY_AUDIT_EVENT_UNCHANGED 0
81 #define POLICY_AUDIT_EVENT_SUCCESS 1
82 #define POLICY_AUDIT_EVENT_FAILURE 2
83 #define POLICY_AUDIT_EVENT_NONE 4
84 #define POLICY_AUDIT_EVENT_MASK 7
85 #define POLICY_LOCATION_LOCAL 1
86 #define POLICY_LOCATION_DS 2
87 #define POLICY_MACHINE_POLICY_LOCAL 0
88 #define POLICY_MACHINE_POLICY_DEFAULTED 1
89 #define POLICY_MACHINE_POLICY_EXPLICIT 2
90 #define POLICY_MACHINE_POLICY_UNKNOWN 0xFFFFFFFF
91 #define POLICY_QOS_SCHANEL_REQUIRED 1
92 #define POLICY_QOS_OUTBOUND_INTEGRITY 2
93 #define POLICY_QOS_OUTBOUND_CONFIDENTIALITY 4
94 #define POLICY_QOS_INBOUND_INTEGREITY 8
95 #define POLICY_QOS_INBOUND_CONFIDENTIALITY 16
96 #define POLICY_QOS_ALLOW_LOCAL_ROOT_CERT_STORE 32
97 #define POLICY_QOS_RAS_SERVER_ALLOWED 64
98 #define POLICY_QOS_DHCP_SERVER_ALLOWD 128
99 #define POLICY_KERBEROS_FORWARDABLE 1
100 #define POLICY_KERBEROS_PROXYABLE 2
101 #define POLICY_KERBEROS_RENEWABLE 4
102 #define POLICY_KERBEROS_POSTDATEABLE 8
103 #define SAM_PASSWORD_CHANGE_NOTIFY_ROUTINE "PasswordChangeNotify"
104 #define SAM_INIT_NOTIFICATION_ROUTINE "InitializeChangeNotify"
105 #define SAM_PASSWORD_FILTER_ROUTINE "PasswordFilter"
106 #define SE_INTERACTIVE_LOGON_NAME TEXT("SeInteractiveLogonRight")
107 #define SE_NETWORK_LOGON_NAME TEXT("SeNetworkLogonRight")
108 #define SE_BATCH_LOGON_NAME TEXT("SeBatchLogonRight")
109 #define SE_SERVICE_LOGON_NAME TEXT("SeServiceLogonRight")
110 #define TRUST_ATTRIBUTE_NON_TRANSITIVE 1
111 #define TRUST_ATTRIBUTE_UPLEVEL_ONLY 2
112 #define TRUST_ATTRIBUTE_TREE_PARENT 4194304
113 #define TRUST_ATTRIBUTES_VALID -16580609
114 #define TRUST_AUTH_TYPE_NONE 0
115 #define TRUST_AUTH_TYPE_NT4OWF 1
116 #define TRUST_AUTH_TYPE_CLEAR 2
117 #define TRUST_DIRECTION_DISABLED 0
118 #define TRUST_DIRECTION_INBOUND 1
119 #define TRUST_DIRECTION_OUTBOUND 2
120 #define TRUST_DIRECTION_BIDIRECTIONAL 3
121 #define TRUST_TYPE_DOWNLEVEL 1
122 #define TRUST_TYPE_UPLEVEL 2
123 #define TRUST_TYPE_MIT 3
124 #define TRUST_TYPE_DCE 4
126 #if !defined(_NTDEF_H) && !defined(_SUBAUTH_H)
127 typedef LONG NTSTATUS
, *PNTSTATUS
;
130 #if defined (_NTDEF_H)
131 typedef UNICODE_STRING LSA_UNICODE_STRING
, *PLSA_UNICODE_STRING
;
132 typedef STRING LSA_STRING
, *PLSA_STRING
;
133 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES
, *PLSA_OBJECT_ATTRIBUTES
;
137 typedef struct _LSA_UNICODE_STRING
{
139 USHORT MaximumLength
;
141 [size_is(MaximumLength
/ 2), length_is(Length
/ 2)]
144 } LSA_UNICODE_STRING
, *PLSA_UNICODE_STRING
;
146 typedef struct _LSA_STRING
{
148 USHORT MaximumLength
;
150 } LSA_STRING
, *PLSA_STRING
;
152 typedef struct _LSA_OBJECT_ATTRIBUTES
{
154 HANDLE RootDirectory
;
155 PLSA_UNICODE_STRING ObjectName
;
157 PVOID SecurityDescriptor
;
158 PVOID SecurityQualityOfService
;
159 } LSA_OBJECT_ATTRIBUTES
, *PLSA_OBJECT_ATTRIBUTES
;
163 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE
{
164 MsV1_0InteractiveLogon
= 2,
168 MsV1_0WorkstationUnlockLogon
= 7
169 } MSV1_0_LOGON_SUBMIT_TYPE
, *PMSV1_0_LOGON_SUBMIT_TYPE
;
170 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE
{
171 MsV1_0InteractiveProfile
= 2,
172 MsV1_0Lm20LogonProfile
,
173 MsV1_0SmartCardProfile
174 } MSV1_0_PROFILE_BUFFER_TYPE
, *PMSV1_0_PROFILE_BUFFER_TYPE
;
179 MsvAvDnsComputerName
,
182 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE
{
183 MsV1_0Lm20ChallengeRequest
= 0,
184 MsV1_0Lm20GetChallengeResponse
,
185 MsV1_0EnumerateUsers
,
188 MsV1_0ChangePassword
,
189 MsV1_0ChangeCachedPassword
,
190 MsV1_0GenericPassthrough
,
193 MsV1_0DeriveCredential
,
195 } MSV1_0_PROTOCOL_MESSAGE_TYPE
, *PMSV1_0_PROTOCOL_MESSAGE_TYPE
;
196 typedef enum _POLICY_LSA_SERVER_ROLE
{
197 PolicyServerRoleBackup
= 2,
198 PolicyServerRolePrimary
199 } POLICY_LSA_SERVER_ROLE
, *PPOLICY_LSA_SERVER_ROLE
;
200 typedef enum _POLICY_SERVER_ENABLE_STATE
{
201 PolicyServerEnabled
= 2,
203 } POLICY_SERVER_ENABLE_STATE
, *PPOLICY_SERVER_ENABLE_STATE
;
204 typedef enum _POLICY_INFORMATION_CLASS
{
205 PolicyAuditLogInformation
= 1,
206 PolicyAuditEventsInformation
,
207 PolicyPrimaryDomainInformation
,
208 PolicyPdAccountInformation
,
209 PolicyAccountDomainInformation
,
210 PolicyLsaServerRoleInformation
,
211 PolicyReplicaSourceInformation
,
212 PolicyDefaultQuotaInformation
,
213 PolicyModificationInformation
,
214 PolicyAuditFullSetInformation
,
215 PolicyAuditFullQueryInformation
,
216 PolicyDnsDomainInformation
,
218 } POLICY_INFORMATION_CLASS
, *PPOLICY_INFORMATION_CLASS
;
219 typedef enum _POLICY_AUDIT_EVENT_TYPE
{
222 AuditCategoryObjectAccess
,
223 AuditCategoryPrivilegeUse
,
224 AuditCategoryDetailedTracking
,
225 AuditCategoryPolicyChange
,
226 AuditCategoryAccountManagement
,
227 AuditCategoryDirectoryServiceAccess
,
228 AuditCategoryAccountLogon
229 } POLICY_AUDIT_EVENT_TYPE
, *PPOLICY_AUDIT_EVENT_TYPE
;
230 typedef enum _POLICY_LOCAL_INFORMATION_CLASS
{
231 PolicyLocalAuditEventsInformation
= 1,
232 PolicyLocalPdAccountInformation
,
233 PolicyLocalAccountDomainInformation
,
234 PolicyLocalLsaServerRoleInformation
,
235 PolicyLocalReplicaSourceInformation
,
236 PolicyLocalModificationInformation
,
237 PolicyLocalAuditFullSetInformation
,
238 PolicyLocalAuditFullQueryInformation
,
239 PolicyLocalDnsDomainInformation
,
240 PolicyLocalIPSecReferenceInformation
,
241 PolicyLocalMachinePasswordInformation
,
242 PolicyLocalQualityOfServiceInformation
,
243 PolicyLocalPolicyLocationInformation
244 } POLICY_LOCAL_INFORMATION_CLASS
, *PPOLICY_LOCAL_INFORMATION_CLASS
;
245 typedef enum _POLICY_DOMAIN_INFORMATION_CLASS
{
246 PolicyDomainIPSecReferenceInformation
= 1,
247 PolicyDomainQualityOfServiceInformation
,
248 PolicyDomainEfsInformation
,
249 PolicyDomainPublicKeyInformation
,
250 PolicyDomainPasswordPolicyInformation
,
251 PolicyDomainLockoutInformation
,
252 PolicyDomainKerberosTicketInformation
253 } POLICY_DOMAIN_INFORMATION_CLASS
, *PPOLICY_DOMAIN_INFORMATION_CLASS
;
254 typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS
{
255 PolicyNotifyAuditEventsInformation
= 1,
256 PolicyNotifyAccountDomainInformation
,
257 PolicyNotifyServerRoleInformation
,
258 PolicyNotifyDnsDomainInformation
,
259 PolicyNotifyDomainEfsInformation
,
260 PolicyNotifyDomainKerberosTicketInformation
,
261 PolicyNotifyMachineAccountPasswordInformation
262 } POLICY_NOTIFICATION_INFORMATION_CLASS
, *PPOLICY_NOTIFICATION_INFORMATION_CLASS
;
263 typedef enum _SECURITY_LOGON_TYPE
{
270 } SECURITY_LOGON_TYPE
, *PSECURITY_LOGON_TYPE
;
271 typedef struct _SECURITY_LOGON_SESSION_DATA
{
274 LSA_UNICODE_STRING UserName
;
275 LSA_UNICODE_STRING LogonDomain
;
276 LSA_UNICODE_STRING AuthenticationPackage
;
280 LARGE_INTEGER LogonTime
;
281 LSA_UNICODE_STRING LogonServer
;
282 LSA_UNICODE_STRING DnsDomainName
;
283 LSA_UNICODE_STRING Upn
;
284 } SECURITY_LOGON_SESSION_DATA
, *PSECURITY_LOGON_SESSION_DATA
;
285 typedef enum _TRUSTED_INFORMATION_CLASS
{
286 TrustedDomainNameInformation
= 1,
287 TrustedControllersInformation
,
288 TrustedPosixOffsetInformation
,
289 TrustedPasswordInformation
,
290 TrustedDomainInformationBasic
,
291 TrustedDomainInformationEx
,
292 TrustedDomainAuthInformation
,
293 TrustedDomainFullInformation
294 } TRUSTED_INFORMATION_CLASS
, *PTRUSTED_INFORMATION_CLASS
;
295 typedef enum _LSA_FOREST_TRUST_RECORD_TYPE
{
296 ForestTrustTopLevelName
,
297 ForestTrustTopLevelNameEx
,
298 ForestTrustDomainInfo
,
299 ForestTrustRecordTypeLast
= ForestTrustDomainInfo
300 } LSA_FOREST_TRUST_RECORD_TYPE
;
301 typedef enum _LSA_FOREST_TRUST_COLLISION_RECORD_TYPE
{
305 } LSA_FOREST_TRUST_COLLISION_RECORD_TYPE
;
306 typedef struct _DOMAIN_PASSWORD_INFORMATION
{
307 USHORT MinPasswordLength
;
308 USHORT PasswordHistoryLength
;
309 ULONG PasswordProperties
;
310 LARGE_INTEGER MaxPasswordAge
;
311 LARGE_INTEGER MinPasswordAge
;
312 } DOMAIN_PASSWORD_INFORMATION
, *PDOMAIN_PASSWORD_INFORMATION
;
313 typedef ULONG LSA_ENUMERATION_HANDLE
, *PLSA_ENUMERATION_HANDLE
;
314 typedef struct _LSA_ENUMERATION_INFORMATION
{
316 } LSA_ENUMERATION_INFORMATION
, *PLSA_ENUMERATION_INFORMATION
;
317 typedef ULONG LSA_OPERATIONAL_MODE
, *PLSA_OPERATIONAL_MODE
;
319 typedef struct _LSA_FOREST_TRUST_DOMAIN_INFO
{
321 LSA_UNICODE_STRING DnsName
;
322 LSA_UNICODE_STRING NetbiosName
;
323 } LSA_FOREST_TRUST_DOMAIN_INFO
, *PLSA_FOREST_TRUST_DOMAIN_INFO
;
324 typedef struct _LSA_FOREST_TRUST_BINARY_DATA
{
327 } LSA_FOREST_TRUST_BINARY_DATA
, *PLSA_FOREST_TRUST_BINARY_DATA
;
328 typedef struct _LSA_FOREST_TRUST_RECORD
{
330 LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType
;
333 LSA_UNICODE_STRING TopLevelName
;
334 LSA_FOREST_TRUST_DOMAIN_INFO DomainInfo
;
335 LSA_FOREST_TRUST_BINARY_DATA Data
;
337 } LSA_FOREST_TRUST_RECORD
, *PLSA_FOREST_TRUST_RECORD
;
338 typedef struct _LSA_FOREST_TRUST_INFORMATION
{
340 PLSA_FOREST_TRUST_RECORD
*Entries
;
341 } LSA_FOREST_TRUST_INFORMATION
, *PLSA_FOREST_TRUST_INFORMATION
;
342 typedef struct _LSA_FOREST_TRUST_COLLISION_RECORD
{
344 LSA_FOREST_TRUST_COLLISION_RECORD_TYPE Type
;
346 LSA_UNICODE_STRING Name
;
347 } LSA_FOREST_TRUST_COLLISION_RECORD
, *PLSA_FOREST_TRUST_COLLISION_RECORD
;
348 typedef struct _LSA_FOREST_TRUST_COLLISION_INFORMATION
{
350 PLSA_FOREST_TRUST_COLLISION_RECORD
*Entries
;
351 } LSA_FOREST_TRUST_COLLISION_INFORMATION
, *PLSA_FOREST_TRUST_COLLISION_INFORMATION
;
352 typedef struct _LSA_TRUST_INFORMATION
{
353 LSA_UNICODE_STRING Name
;
355 } LSA_TRUST_INFORMATION
, *PLSA_TRUST_INFORMATION
;
356 typedef struct _LSA_REFERENCED_DOMAIN_LIST
{
358 PLSA_TRUST_INFORMATION Domains
;
359 } LSA_REFERENCED_DOMAIN_LIST
, *PLSA_REFERENCED_DOMAIN_LIST
;
360 typedef struct _LSA_TRANSLATED_SID
{
364 } LSA_TRANSLATED_SID
, *PLSA_TRANSLATED_SID
;
365 typedef struct _LSA_TRANSLATED_SID2
{
370 } LSA_TRANSLATED_SID2
, *PLSA_TRANSLATED_SID2
;
371 typedef struct _LSA_TRANSLATED_NAME
{
373 LSA_UNICODE_STRING Name
;
375 } LSA_TRANSLATED_NAME
, *PLSA_TRANSLATED_NAME
;
377 #if !defined(_NTDEF_) && !defined(UNICODE_STRING)
378 typedef LSA_UNICODE_STRING UNICODE_STRING
, *PUNICODE_STRING
;
380 #if !defined(_NTDEF_) && !defined(STRING)
381 typedef LSA_STRING STRING
, *PSTRING
;
384 typedef struct _MSV1_0_INTERACTIVE_LOGON
{
385 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
386 UNICODE_STRING LogonDomainName
;
387 UNICODE_STRING UserName
;
388 UNICODE_STRING Password
;
389 } MSV1_0_INTERACTIVE_LOGON
, *PMSV1_0_INTERACTIVE_LOGON
;
390 typedef struct _MSV1_0_INTERACTIVE_PROFILE
{
391 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
393 USHORT BadPasswordCount
;
394 LARGE_INTEGER LogonTime
;
395 LARGE_INTEGER LogoffTime
;
396 LARGE_INTEGER KickOffTime
;
397 LARGE_INTEGER PasswordLastSet
;
398 LARGE_INTEGER PasswordCanChange
;
399 LARGE_INTEGER PasswordMustChange
;
400 UNICODE_STRING LogonScript
;
401 UNICODE_STRING HomeDirectory
;
402 UNICODE_STRING FullName
;
403 UNICODE_STRING ProfilePath
;
404 UNICODE_STRING HomeDirectoryDrive
;
405 UNICODE_STRING LogonServer
;
407 } MSV1_0_INTERACTIVE_PROFILE
, *PMSV1_0_INTERACTIVE_PROFILE
;
408 typedef struct _MSV1_0_LM20_LOGON
{
409 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
410 UNICODE_STRING LogonDomainName
;
411 UNICODE_STRING UserName
;
412 UNICODE_STRING Workstation
;
413 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
414 STRING CaseSensitiveChallengeResponse
;
415 STRING CaseInsensitiveChallengeResponse
;
416 ULONG ParameterControl
;
417 } MSV1_0_LM20_LOGON
, * PMSV1_0_LM20_LOGON
;
418 typedef struct _MSV1_0_SUBAUTH_LOGON
{ /* W2K only */
419 MSV1_0_LOGON_SUBMIT_TYPE MessageType
;
420 UNICODE_STRING LogonDomainName
;
421 UNICODE_STRING UserName
;
422 UNICODE_STRING Workstation
;
423 UCHAR ChallengeToClient
[MSV1_0_CHALLENGE_LENGTH
];
424 STRING AuthenticationInfo1
;
425 STRING AuthenticationInfo2
;
426 ULONG ParameterControl
;
427 ULONG SubAuthPackageId
;
428 } MSV1_0_SUBAUTH_LOGON
, * PMSV1_0_SUBAUTH_LOGON
;
429 typedef struct _MSV1_0_LM20_LOGON_PROFILE
{
430 MSV1_0_PROFILE_BUFFER_TYPE MessageType
;
431 LARGE_INTEGER KickOffTime
;
432 LARGE_INTEGER LogoffTime
;
434 UCHAR UserSessionKey
[MSV1_0_USER_SESSION_KEY_LENGTH
];
435 UNICODE_STRING LogonDomainName
;
436 UCHAR LanmanSessionKey
[MSV1_0_LANMAN_SESSION_KEY_LENGTH
];
437 UNICODE_STRING LogonServer
;
438 UNICODE_STRING UserParameters
;
439 } MSV1_0_LM20_LOGON_PROFILE
, * PMSV1_0_LM20_LOGON_PROFILE
;
440 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL
{
443 UCHAR LmPassword
[MSV1_0_OWF_PASSWORD_LENGTH
];
444 UCHAR NtPassword
[MSV1_0_OWF_PASSWORD_LENGTH
];
445 } MSV1_0_SUPPLEMENTAL_CREDENTIAL
, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL
;
446 typedef struct _MSV1_0_NTLM3_RESPONSE
{
447 UCHAR Response
[MSV1_0_NTLM3_RESPONSE_LENGTH
];
453 UCHAR ChallengeFromClient
[MSV1_0_CHALLENGE_LENGTH
];
456 } MSV1_0_NTLM3_RESPONSE
, *PMSV1_0_NTLM3_RESPONSE
;
457 typedef struct _MSV1_0_AV_PAIR
{
460 } MSV1_0_AV_PAIR
, *PMSV1_0_AV_PAIR
;
461 typedef struct _MSV1_0_CHANGEPASSWORD_REQUEST
{
462 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
463 UNICODE_STRING DomainName
;
464 UNICODE_STRING AccountName
;
465 UNICODE_STRING OldPassword
;
466 UNICODE_STRING NewPassword
;
467 BOOLEAN Impersonating
;
468 } MSV1_0_CHANGEPASSWORD_REQUEST
, *PMSV1_0_CHANGEPASSWORD_REQUEST
;
469 typedef struct _MSV1_0_CHANGEPASSWORD_RESPONSE
{
470 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
471 BOOLEAN PasswordInfoValid
;
472 DOMAIN_PASSWORD_INFORMATION DomainPasswordInfo
;
473 } MSV1_0_CHANGEPASSWORD_RESPONSE
, *PMSV1_0_CHANGEPASSWORD_RESPONSE
;
474 typedef struct _MSV1_0_SUBAUTH_REQUEST
{
475 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
476 ULONG SubAuthPackageId
;
477 ULONG SubAuthInfoLength
;
478 PUCHAR SubAuthSubmitBuffer
;
479 } MSV1_0_SUBAUTH_REQUEST
, *PMSV1_0_SUBAUTH_REQUEST
;
480 typedef struct _MSV1_0_SUBAUTH_RESPONSE
{
481 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
482 ULONG SubAuthInfoLength
;
483 PUCHAR SubAuthReturnBuffer
;
484 } MSV1_0_SUBAUTH_RESPONSE
, *PMSV1_0_SUBAUTH_RESPONSE
;
485 #define MSV1_0_DERIVECRED_TYPE_SHA1 0
486 typedef struct _MSV1_0_DERIVECRED_REQUEST
{
487 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
489 ULONG DeriveCredType
;
490 ULONG DeriveCredInfoLength
;
491 UCHAR DeriveCredSubmitBuffer
[1];
492 } MSV1_0_DERIVECRED_REQUEST
, *PMSV1_0_DERIVECRED_REQUEST
;
493 typedef struct _MSV1_0_DERIVECRED_RESPONSE
{
494 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
;
495 ULONG DeriveCredInfoLength
;
496 UCHAR DeriveCredReturnBuffer
[1];
497 } MSV1_0_DERIVECRED_RESPONSE
, *PMSV1_0_DERIVECRED_RESPONSE
;
498 typedef ULONG POLICY_AUDIT_EVENT_OPTIONS
, *PPOLICY_AUDIT_EVENT_OPTIONS
;
499 typedef struct _POLICY_PRIVILEGE_DEFINITION
{
500 LSA_UNICODE_STRING Name
;
502 } POLICY_PRIVILEGE_DEFINITION
, *PPOLICY_PRIVILEGE_DEFINITION
;
503 typedef struct _POLICY_AUDIT_LOG_INFO
{
504 ULONG AuditLogPercentFull
;
505 ULONG MaximumLogSize
;
506 LARGE_INTEGER AuditRetentionPeriod
;
507 BOOLEAN AuditLogFullShutdownInProgress
;
508 LARGE_INTEGER TimeToShutdown
;
509 ULONG NextAuditRecordId
;
510 } POLICY_AUDIT_LOG_INFO
, *PPOLICY_AUDIT_LOG_INFO
;
511 typedef struct _POLICY_AUDIT_EVENTS_INFO
{
512 BOOLEAN AuditingMode
;
513 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions
;
514 ULONG MaximumAuditEventCount
;
515 } POLICY_AUDIT_EVENTS_INFO
, *PPOLICY_AUDIT_EVENTS_INFO
;
516 typedef struct _POLICY_ACCOUNT_DOMAIN_INFO
{
517 LSA_UNICODE_STRING DomainName
;
519 } POLICY_ACCOUNT_DOMAIN_INFO
, *PPOLICY_ACCOUNT_DOMAIN_INFO
;
520 typedef struct _POLICY_PRIMARY_DOMAIN_INFO
{
521 LSA_UNICODE_STRING Name
;
523 } POLICY_PRIMARY_DOMAIN_INFO
, *PPOLICY_PRIMARY_DOMAIN_INFO
;
524 typedef struct _POLICY_DNS_DOMAIN_INFO
{
525 LSA_UNICODE_STRING Name
;
526 LSA_UNICODE_STRING DnsDomainName
;
527 LSA_UNICODE_STRING DnsTreeName
;
530 } POLICY_DNS_DOMAIN_INFO
, *PPOLICY_DNS_DOMAIN_INFO
;
531 typedef struct _POLICY_PD_ACCOUNT_INFO
{
532 LSA_UNICODE_STRING Name
;
533 } POLICY_PD_ACCOUNT_INFO
, *PPOLICY_PD_ACCOUNT_INFO
;
534 typedef struct _POLICY_LSA_SERVER_ROLE_INFO
{
535 POLICY_LSA_SERVER_ROLE LsaServerRole
;
536 } POLICY_LSA_SERVER_ROLE_INFO
, *PPOLICY_LSA_SERVER_ROLE_INFO
;
537 typedef struct _POLICY_REPLICA_SOURCE_INFO
{
538 LSA_UNICODE_STRING ReplicaSource
;
539 LSA_UNICODE_STRING ReplicaAccountName
;
540 } POLICY_REPLICA_SOURCE_INFO
, *PPOLICY_REPLICA_SOURCE_INFO
;
541 typedef struct _POLICY_DEFAULT_QUOTA_INFO
{
542 QUOTA_LIMITS QuotaLimits
;
543 } POLICY_DEFAULT_QUOTA_INFO
, *PPOLICY_DEFAULT_QUOTA_INFO
;
544 typedef struct _POLICY_MODIFICATION_INFO
{
545 LARGE_INTEGER ModifiedId
;
546 LARGE_INTEGER DatabaseCreationTime
;
547 } POLICY_MODIFICATION_INFO
, *PPOLICY_MODIFICATION_INFO
;
548 typedef struct _POLICY_AUDIT_FULL_SET_INFO
{
549 BOOLEAN ShutDownOnFull
;
550 } POLICY_AUDIT_FULL_SET_INFO
, *PPOLICY_AUDIT_FULL_SET_INFO
;
551 typedef struct _POLICY_AUDIT_FULL_QUERY_INFO
{
552 BOOLEAN ShutDownOnFull
;
554 } POLICY_AUDIT_FULL_QUERY_INFO
, *PPOLICY_AUDIT_FULL_QUERY_INFO
;
555 typedef struct _POLICY_EFS_INFO
{
558 } POLICY_EFS_INFO
, *PPOLICY_EFS_INFO
;
559 typedef struct _POLICY_LOCAL_IPSEC_REFERENCE_INFO
{
560 LSA_UNICODE_STRING ObjectPath
;
561 } POLICY_LOCAL_IPSEC_REFERENCE_INFO
, *PPOLICY_LOCAL_IPSEC_REFERENCE_INFO
;
562 typedef struct _POLICY_LOCAL_MACHINE_PASSWORD_INFO
{
563 LARGE_INTEGER PasswordChangeInterval
;
564 } POLICY_LOCAL_MACHINE_PASSWORD_INFO
, *PPOLICY_LOCAL_MACHINE_PASSWORD_INFO
;
565 typedef struct _POLICY_LOCAL_POLICY_LOCATION_INFO
{
566 ULONG PolicyLocation
;
567 } POLICY_LOCAL_POLICY_LOCATION_INFO
, *PPOLICY_LOCAL_POLICY_LOCATION_INFO
;
568 typedef struct _POLICY_LOCAL_QUALITY_OF_SERVICE_INFO
{
569 ULONG QualityOfService
;
570 } POLICY_LOCAL_QUALITY_OF_SERVICE_INFO
, *PPOLICY_LOCAL_QUALITY_OF_SERVICE_INFO
;
571 typedef struct _POLICY_LOCAL_QUALITY_OF_SERVICE_INFO POLICY_DOMAIN_QUALITY_OF_SERVICE_INFO
;
572 typedef struct _POLICY_LOCAL_QUALITY_OF_SERVICE_INFO
*PPOLICY_DOMAIN_QUALITY_OF_SERVICE_INFO
;
573 typedef struct _POLICY_DOMAIN_PUBLIC_KEY_INFO
{
575 PUCHAR PublicKeyInfo
;
576 } POLICY_DOMAIN_PUBLIC_KEY_INFO
, *PPOLICY_DOMAIN_PUBLIC_KEY_INFO
;
577 typedef struct _POLICY_DOMAIN_LOCKOUT_INFO
{
578 LARGE_INTEGER LockoutDuration
;
579 LARGE_INTEGER LockoutObservationWindow
;
580 USHORT LockoutThreshold
;
581 } POLICY_DOMAIN_LOCKOUT_INFO
, *PPOLICY_DOMAIN_LOCKOUT_INFO
;
582 typedef struct _POLICY_DOMAIN_PASSWORD_INFO
{
583 USHORT MinPasswordLength
;
584 USHORT PasswordHistoryLength
;
585 ULONG PasswordProperties
;
586 LARGE_INTEGER MaxPasswordAge
;
587 LARGE_INTEGER MinPasswordAge
;
588 } POLICY_DOMAIN_PASSWORD_INFO
, *PPOLICY_DOMAIN_PASSWORD_INFO
;
589 typedef struct _POLICY_DOMAIN_KERBEROS_TICKET_INFO
{
590 ULONG AuthenticationOptions
;
591 LARGE_INTEGER MinTicketAge
;
592 LARGE_INTEGER MaxTicketAge
;
593 LARGE_INTEGER MaxRenewAge
;
594 LARGE_INTEGER ProxyLifetime
;
595 LARGE_INTEGER ForceLogoff
;
596 } POLICY_DOMAIN_KERBEROS_TICKET_INFO
, *PPOLICY_DOMAIN_KERBEROS_TICKET_INFO
;
597 typedef PVOID LSA_HANDLE
, *PLSA_HANDLE
;
598 typedef struct _TRUSTED_DOMAIN_NAME_INFO
{
599 LSA_UNICODE_STRING Name
;
600 } TRUSTED_DOMAIN_NAME_INFO
, *PTRUSTED_DOMAIN_NAME_INFO
;
601 typedef struct _TRUSTED_CONTROLLERS_INFO
{
603 PLSA_UNICODE_STRING Names
;
604 } TRUSTED_CONTROLLERS_INFO
, *PTRUSTED_CONTROLLERS_INFO
;
605 typedef struct _TRUSTED_POSIX_OFFSET_INFO
{
607 } TRUSTED_POSIX_OFFSET_INFO
, *PTRUSTED_POSIX_OFFSET_INFO
;
608 typedef struct _TRUSTED_PASSWORD_INFO
{
609 LSA_UNICODE_STRING Password
;
610 LSA_UNICODE_STRING OldPassword
;
611 } TRUSTED_PASSWORD_INFO
, *PTRUSTED_PASSWORD_INFO
;
612 typedef LSA_TRUST_INFORMATION TRUSTED_DOMAIN_INFORMATION_BASIC
;
613 typedef PLSA_TRUST_INFORMATION
*PTRUSTED_DOMAIN_INFORMATION_BASIC
;
614 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX
{
615 LSA_UNICODE_STRING Name
;
616 LSA_UNICODE_STRING FlatName
;
618 ULONG TrustDirection
;
620 ULONG TrustAttributes
;
621 } TRUSTED_DOMAIN_INFORMATION_EX
, *PTRUSTED_DOMAIN_INFORMATION_EX
;
622 typedef struct _LSA_AUTH_INFORMATION
{
623 LARGE_INTEGER LastUpdateTime
;
625 ULONG AuthInfoLength
;
627 } LSA_AUTH_INFORMATION
, *PLSA_AUTH_INFORMATION
;
628 typedef struct _TRUSTED_DOMAIN_AUTH_INFORMATION
{
629 ULONG IncomingAuthInfos
;
630 PLSA_AUTH_INFORMATION IncomingAuthenticationInformation
;
631 PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation
;
632 ULONG OutgoingAuthInfos
;
633 PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation
;
634 PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation
;
635 } TRUSTED_DOMAIN_AUTH_INFORMATION
, *PTRUSTED_DOMAIN_AUTH_INFORMATION
;
636 typedef struct _TRUSTED_DOMAIN_FULL_INFORMATION
{
637 TRUSTED_DOMAIN_INFORMATION_EX Information
;
638 TRUSTED_POSIX_OFFSET_INFO PosixOffset
;
639 TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation
;
640 } TRUSTED_DOMAIN_FULL_INFORMATION
, *PTRUSTED_DOMAIN_FULL_INFORMATION
;
641 NTSTATUS NTAPI
LsaAddAccountRights(LSA_HANDLE
,PSID
,PLSA_UNICODE_STRING
,ULONG
);
642 NTSTATUS NTAPI
LsaCallAuthenticationPackage(HANDLE
,ULONG
,PVOID
,ULONG
,PVOID
*,
644 NTSTATUS NTAPI
LsaClose(LSA_HANDLE
);
645 NTSTATUS NTAPI
LsaConnectUntrusted(PHANDLE
);
646 NTSTATUS NTAPI
LsaCreateTrustedDomainEx(LSA_HANDLE
,
647 PTRUSTED_DOMAIN_INFORMATION_EX
,
648 PTRUSTED_DOMAIN_AUTH_INFORMATION
,ACCESS_MASK
,
650 NTSTATUS NTAPI
LsaDeleteTrustedDomain(LSA_HANDLE
,PSID
);
651 NTSTATUS NTAPI
LsaDeregisterLogonProcess(HANDLE
);
652 NTSTATUS NTAPI
LsaEnumerateAccountRights(LSA_HANDLE
,PSID
,PLSA_UNICODE_STRING
*,PULONG
);
653 NTSTATUS NTAPI
LsaEnumerateAccountsWithUserRight(LSA_HANDLE
,PLSA_UNICODE_STRING
,
655 NTSTATUS NTAPI
LsaEnumerateTrustedDomains(LSA_HANDLE
,PLSA_ENUMERATION_HANDLE
,
656 PVOID
*,ULONG
,PULONG
);
657 NTSTATUS NTAPI
LsaEnumerateTrustedDomainsEx(LSA_HANDLE
,PLSA_ENUMERATION_HANDLE
,
658 PVOID
*,ULONG
,PULONG
);
659 NTSTATUS NTAPI
LsaFreeMemory(PVOID
);
660 NTSTATUS NTAPI
LsaFreeReturnBuffer(PVOID
);
661 NTSTATUS NTAPI
LsaLogonUser(HANDLE
,PLSA_STRING
,SECURITY_LOGON_TYPE
,ULONG
,PVOID
,
662 ULONG
,PTOKEN_GROUPS
,PTOKEN_SOURCE
,PVOID
*,PULONG
,
663 PLUID
,PHANDLE
,PQUOTA_LIMITS
,PNTSTATUS
);
664 NTSTATUS NTAPI
LsaLookupAuthenticationPackage(HANDLE
,PLSA_STRING
,PULONG
);
665 NTSTATUS NTAPI
LsaLookupNames(LSA_HANDLE
,ULONG
,PLSA_UNICODE_STRING
,
666 PLSA_REFERENCED_DOMAIN_LIST
*,PLSA_TRANSLATED_SID
*);
667 NTSTATUS NTAPI
LsaLookupSids(LSA_HANDLE
,ULONG
,PSID
*,
668 PLSA_REFERENCED_DOMAIN_LIST
*,PLSA_TRANSLATED_NAME
*);
669 ULONG NTAPI
LsaNtStatusToWinError(NTSTATUS
);
670 NTSTATUS NTAPI
LsaOpenPolicy(PLSA_UNICODE_STRING
,PLSA_OBJECT_ATTRIBUTES
,
671 ACCESS_MASK
,PLSA_HANDLE
);
672 NTSTATUS NTAPI
LsaQueryDomainInformationPolicy(LSA_HANDLE
,
673 POLICY_DOMAIN_INFORMATION_CLASS
,PVOID
*);
674 NTSTATUS NTAPI
LsaQueryInformationPolicy(LSA_HANDLE
,POLICY_INFORMATION_CLASS
,PVOID
*);
675 NTSTATUS NTAPI
LsaQueryLocalInformationPolicy(LSA_HANDLE
,
676 POLICY_LOCAL_INFORMATION_CLASS
,PVOID
*);
677 NTSTATUS NTAPI
LsaQueryTrustedDomainInfo(LSA_HANDLE
,PSID
,
678 TRUSTED_INFORMATION_CLASS
,PVOID
*);
679 NTSTATUS NTAPI
LsaQueryTrustedDomainInfoByName(LSA_HANDLE
,PLSA_UNICODE_STRING
,
680 TRUSTED_INFORMATION_CLASS
,PVOID
*);
681 NTSTATUS NTAPI
LsaRegisterLogonProcess(PLSA_STRING
,PHANDLE
,PLSA_OPERATIONAL_MODE
);
682 NTSTATUS NTAPI
LsaRemoveAccountRights(LSA_HANDLE
,PSID
,BOOLEAN
,
683 PLSA_UNICODE_STRING
,ULONG
);
684 NTSTATUS NTAPI
LsaRetrievePrivateData(LSA_HANDLE
,PLSA_UNICODE_STRING
,
685 PLSA_UNICODE_STRING
*);
686 NTSTATUS NTAPI
LsaSetDomainInformationPolicy(LSA_HANDLE
,
687 POLICY_DOMAIN_INFORMATION_CLASS
,PVOID
);
688 NTSTATUS NTAPI
LsaSetInformationPolicy(LSA_HANDLE
,POLICY_INFORMATION_CLASS
, PVOID
);
689 NTSTATUS NTAPI
LsaSetLocalInformationPolicy(LSA_HANDLE
,
690 POLICY_LOCAL_INFORMATION_CLASS
,PVOID
);
691 NTSTATUS NTAPI
LsaSetTrustedDomainInformation(LSA_HANDLE
,PSID
,
692 TRUSTED_INFORMATION_CLASS
,PVOID
);
693 NTSTATUS NTAPI
LsaSetTrustedDomainInfoByName(LSA_HANDLE
,PLSA_UNICODE_STRING
,
694 TRUSTED_INFORMATION_CLASS
,PVOID
);
695 NTSTATUS NTAPI
LsaStorePrivateData(LSA_HANDLE
,PLSA_UNICODE_STRING
,
696 PLSA_UNICODE_STRING
);
697 typedef NTSTATUS (*PSAM_PASSWORD_NOTIFICATION_ROUTINE
)(PUNICODE_STRING
,
698 ULONG
,PUNICODE_STRING
);
699 typedef BOOLEAN (*PSAM_INIT_NOTIFICATION_ROUTINE
)(void);
700 typedef BOOLEAN (*PSAM_PASSWORD_FILTER_ROUTINE
)(PUNICODE_STRING
,PUNICODE_STRING
,
701 PUNICODE_STRING
,BOOLEAN
);
705 #endif /* _NTSECAPI_H */