#define POLICY_AUDIT_LOG_ADMIN 512
#define POLICY_SERVER_ADMIN 1024
#define POLICY_LOOKUP_NAMES 2048
+#define POLICY_NOTIFICATION 4096
#define POLICY_READ (STANDARD_RIGHTS_READ|6)
#define POLICY_WRITE (STANDARD_RIGHTS_WRITE|2040)
#define POLICY_EXECUTE (STANDARD_RIGHTS_EXECUTE|2049)
#define SE_NETWORK_LOGON_NAME TEXT("SeNetworkLogonRight")
#define SE_BATCH_LOGON_NAME TEXT("SeBatchLogonRight")
#define SE_SERVICE_LOGON_NAME TEXT("SeServiceLogonRight")
+#define SE_DENY_INTERACTIVE_LOGON_NAME TEXT("SeDenyInteractiveLogonRight")
+#define SE_DENY_NETWORK_LOGON_NAME TEXT("SeDenyNetworkLogonRight")
+#define SE_DENY_BATCH_LOGON_NAME TEXT("SeDenyBatchLogonRight")
+#define SE_DENY_SERVICE_LOGON_NAME TEXT("SeDenyServiceLogonRight")
+#define SE_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeRemoteInteractiveLogonRight")
+#define SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeDenyRemoteInteractiveLogonRight")
#define TRUST_ATTRIBUTE_NON_TRANSITIVE 1
#define TRUST_ATTRIBUTE_UPLEVEL_ONLY 2
#define TRUST_ATTRIBUTE_TREE_PARENT 4194304
PolicyAuditFullSetInformation,
PolicyAuditFullQueryInformation,
PolicyDnsDomainInformation,
- PolicyEfsInformation
+ PolicyDnsDomainInformationInt,
+ PolicyLocalAccountDomainInformation,
+ PolicyLastEntry
} POLICY_INFORMATION_CLASS, *PPOLICY_INFORMATION_CLASS;
typedef enum _POLICY_AUDIT_EVENT_TYPE {
AuditCategorySystem,
AuditCategoryDirectoryServiceAccess,
AuditCategoryAccountLogon
} POLICY_AUDIT_EVENT_TYPE, *PPOLICY_AUDIT_EVENT_TYPE;
-typedef enum _POLICY_LOCAL_INFORMATION_CLASS {
- PolicyLocalAuditEventsInformation = 1,
- PolicyLocalPdAccountInformation,
- PolicyLocalAccountDomainInformation,
- PolicyLocalLsaServerRoleInformation,
- PolicyLocalReplicaSourceInformation,
- PolicyLocalModificationInformation,
- PolicyLocalAuditFullSetInformation,
- PolicyLocalAuditFullQueryInformation,
- PolicyLocalDnsDomainInformation,
- PolicyLocalIPSecReferenceInformation,
- PolicyLocalMachinePasswordInformation,
- PolicyLocalQualityOfServiceInformation,
- PolicyLocalPolicyLocationInformation
-} POLICY_LOCAL_INFORMATION_CLASS, *PPOLICY_LOCAL_INFORMATION_CLASS;
typedef enum _POLICY_DOMAIN_INFORMATION_CLASS {
PolicyDomainIPSecReferenceInformation = 1,
PolicyDomainQualityOfServiceInformation,
CollisionXref,
CollisionOther
} LSA_FOREST_TRUST_COLLISION_RECORD_TYPE;
+#ifndef _DOMAIN_PASSWORD_INFORMATION_DEFINED
+#define _DOMAIN_PASSWORD_INFORMATION_DEFINED
typedef struct _DOMAIN_PASSWORD_INFORMATION {
USHORT MinPasswordLength;
USHORT PasswordHistoryLength;
LARGE_INTEGER MaxPasswordAge;
LARGE_INTEGER MinPasswordAge;
} DOMAIN_PASSWORD_INFORMATION, *PDOMAIN_PASSWORD_INFORMATION;
+#endif
typedef ULONG LSA_ENUMERATION_HANDLE, *PLSA_ENUMERATION_HANDLE;
typedef struct _LSA_ENUMERATION_INFORMATION {
PSID Sid;
} TRUSTED_DOMAIN_FULL_INFORMATION, *PTRUSTED_DOMAIN_FULL_INFORMATION;
#define RtlGenRandom SystemFunction036
+#define RtlEncryptMemory SystemFunction040
+#define RtlDecryptMemory SystemFunction041
BOOLEAN WINAPI RtlGenRandom(PVOID,ULONG);
+NTSTATUS WINAPI RtlEncryptMemory(PVOID Memory, ULONG MemorySize, ULONG OptionFlags);
+NTSTATUS WINAPI RtlDecryptMemory(PVOID Memory, ULONG MemorySize, ULONG OptionFlags);
+
+#define RTL_ENCRYPT_MEMORY_SIZE 8
+#define RTL_ENCRYPT_OPTION_SAME_PROCESS 0x00
+#define RTL_ENCRYPT_OPTION_CROSS_PROCESS 0x01
+#define RTL_ENCRYPT_OPTION_SAME_LOGON 0x02
NTSTATUS NTAPI LsaAddAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING,ULONG);
NTSTATUS NTAPI LsaAddPrivilegesToAccount(LSA_HANDLE, PPRIVILEGE_SET);
NTSTATUS NTAPI LsaCallAuthenticationPackage(HANDLE,ULONG,PVOID,ULONG,PVOID*,
PULONG,PNTSTATUS);
+NTSTATUS NTAPI LsaClearAuditLog(LSA_HANDLE);
NTSTATUS NTAPI LsaClose(LSA_HANDLE);
NTSTATUS NTAPI LsaConnectUntrusted(PHANDLE);
-NTSTATUS NTAPI LsaCreateAccount(LSA_HANDLE, PSID, ACCESS_MASK, PLSA_HANDLE);
-NTSTATUS NTAPI LsaCreateSecret(LSA_HANDLE, PLSA_UNICODE_STRING, ACCESS_MASK, PLSA_HANDLE);
-NTSTATUS NTAPI LsaCreateTrustedDomain(LSA_HANDLE, PLSA_TRUST_INFORMATION,
- ACCESS_MASK, PLSA_HANDLE);
-NTSTATUS NTAPI LsaCreateTrustedDomainEx(LSA_HANDLE, PTRUSTED_DOMAIN_INFORMATION_EX,
- PTRUSTED_DOMAIN_AUTH_INFORMATION, ACCESS_MASK, PLSA_HANDLE);
+NTSTATUS NTAPI LsaCreateAccount(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE);
+NTSTATUS NTAPI LsaCreateSecret(LSA_HANDLE,PLSA_UNICODE_STRING,ACCESS_MASK,PLSA_HANDLE);
+NTSTATUS NTAPI LsaCreateTrustedDomain(LSA_HANDLE,PLSA_TRUST_INFORMATION,
+ ACCESS_MASK,PLSA_HANDLE);
+NTSTATUS NTAPI LsaCreateTrustedDomainEx(LSA_HANDLE,PTRUSTED_DOMAIN_INFORMATION_EX,
+ PTRUSTED_DOMAIN_AUTH_INFORMATION,ACCESS_MASK,PLSA_HANDLE);
+NTSTATUS NTAPI LsaDelete(LSA_HANDLE);
NTSTATUS NTAPI LsaDeleteTrustedDomain(LSA_HANDLE,PSID);
NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE);
NTSTATUS NTAPI LsaEnumerateAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING*,PULONG);
+NTSTATUS NTAPI LsaEnumerateAccounts(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,PVOID*,
+ ULONG,PULONG);
NTSTATUS NTAPI LsaEnumerateAccountsWithUserRight(LSA_HANDLE,PLSA_UNICODE_STRING,
PVOID*,PULONG);
-NTSTATUS NTAPI LsaEnumeratePrivilegesOfAccount(LSA_HANDLE, PPRIVILEGE_SET*);
+NTSTATUS NTAPI LsaEnumeratePrivileges(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,
+ PVOID*,ULONG,PULONG);
+NTSTATUS NTAPI LsaEnumeratePrivilegesOfAccount(LSA_HANDLE,PPRIVILEGE_SET*);
NTSTATUS NTAPI LsaEnumerateTrustedDomains(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,
PVOID*,ULONG,PULONG);
NTSTATUS NTAPI LsaEnumerateTrustedDomainsEx(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,
PVOID*,ULONG,PULONG);
NTSTATUS NTAPI LsaFreeMemory(PVOID);
NTSTATUS NTAPI LsaFreeReturnBuffer(PVOID);
+NTSTATUS NTAPI LsaGetQuotasForAccount(LSA_HANDLE,PQUOTA_LIMITS);
+NTSTATUS NTAPI LsaGetRemoteUserName(PLSA_UNICODE_STRING, PLSA_UNICODE_STRING*,
+ PLSA_UNICODE_STRING*);
NTSTATUS NTAPI LsaGetSystemAccessAccount(LSA_HANDLE, PULONG);
+NTSTATUS NTAPI LsaGetUserName(PUNICODE_STRING*,PUNICODE_STRING*);
NTSTATUS NTAPI LsaLogonUser(HANDLE,PLSA_STRING,SECURITY_LOGON_TYPE,ULONG,PVOID,
ULONG,PTOKEN_GROUPS,PTOKEN_SOURCE,PVOID*,PULONG,
PLUID,PHANDLE,PQUOTA_LIMITS,PNTSTATUS);
PLSA_REFERENCED_DOMAIN_LIST*,PLSA_TRANSLATED_SID*);
NTSTATUS NTAPI LsaLookupNames2(LSA_HANDLE,ULONG,ULONG,PLSA_UNICODE_STRING,
PLSA_REFERENCED_DOMAIN_LIST*,PLSA_TRANSLATED_SID2*);
-NTSTATUS NTAPI LsaLookupPrivilegeName(LSA_HANDLE, PLUID, PLSA_UNICODE_STRING*);
-NTSTATUS NTAPI LsaLookupPrivilegeValue(LSA_HANDLE, PLSA_UNICODE_STRING, PLUID);
+NTSTATUS NTAPI LsaLookupPrivilegeDisplayName(LSA_HANDLE,PLSA_UNICODE_STRING,
+ PLSA_UNICODE_STRING*,PSHORT);
+NTSTATUS NTAPI LsaLookupPrivilegeName(LSA_HANDLE,PLUID,PLSA_UNICODE_STRING*);
+NTSTATUS NTAPI LsaLookupPrivilegeValue(LSA_HANDLE,PLSA_UNICODE_STRING,PLUID);
NTSTATUS NTAPI LsaLookupSids(LSA_HANDLE,ULONG,PSID*,
PLSA_REFERENCED_DOMAIN_LIST*,PLSA_TRANSLATED_NAME*);
ULONG NTAPI LsaNtStatusToWinError(NTSTATUS);
-NTSTATUS NTAPI LsaOpenAccount(LSA_HANDLE, PSID, ACCESS_MASK, PLSA_HANDLE);
+NTSTATUS NTAPI LsaOpenAccount(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE);
NTSTATUS NTAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,
ACCESS_MASK,PLSA_HANDLE);
+NTSTATUS NTAPI LsaOpenPolicySce(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,
+ ACCESS_MASK,PLSA_HANDLE);
NTSTATUS NTAPI LsaOpenSecret(LSA_HANDLE, PLSA_UNICODE_STRING, ACCESS_MASK, PLSA_HANDLE);
-NTSTATUS NTAPI LsaOpenTrustedDomainByName(LSA_HANDLE, PLSA_UNICODE_STRING,
- ACCESS_MASK, PLSA_HANDLE);
+NTSTATUS NTAPI LsaQuerySecurityObject(LSA_HANDLE,SECURITY_INFORMATION,PSECURITY_DESCRIPTOR*);
+NTSTATUS NTAPI LsaOpenTrustedDomain(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE);
+NTSTATUS NTAPI LsaOpenTrustedDomainByName(LSA_HANDLE,PLSA_UNICODE_STRING,
+ ACCESS_MASK,PLSA_HANDLE);
NTSTATUS NTAPI LsaQueryDomainInformationPolicy(LSA_HANDLE,
POLICY_DOMAIN_INFORMATION_CLASS,PVOID*);
NTSTATUS NTAPI LsaQueryInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID*);
-NTSTATUS NTAPI LsaQueryLocalInformationPolicy(LSA_HANDLE,
- POLICY_LOCAL_INFORMATION_CLASS,PVOID*);
+NTSTATUS NTAPI LsaQuerySecret(LSA_HANDLE,PLSA_UNICODE_STRING*,PLARGE_INTEGER,
+ PLSA_UNICODE_STRING*,PLARGE_INTEGER);
NTSTATUS NTAPI LsaQueryTrustedDomainInfo(LSA_HANDLE,PSID,
TRUSTED_INFORMATION_CLASS,PVOID*);
NTSTATUS NTAPI LsaQueryTrustedDomainInfoByName(LSA_HANDLE,PLSA_UNICODE_STRING,
NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING,PHANDLE,PLSA_OPERATIONAL_MODE);
NTSTATUS NTAPI LsaRemoveAccountRights(LSA_HANDLE,PSID,BOOLEAN,
PLSA_UNICODE_STRING,ULONG);
+NTSTATUS NTAPI LsaRemovePrivilegesFromAccount(LSA_HANDLE,BOOLEAN,PPRIVILEGE_SET);
NTSTATUS NTAPI LsaRetrievePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING,
PLSA_UNICODE_STRING*);
NTSTATUS NTAPI LsaSetDomainInformationPolicy(LSA_HANDLE,
POLICY_DOMAIN_INFORMATION_CLASS,PVOID);
-NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS, PVOID);
-NTSTATUS NTAPI LsaSetLocalInformationPolicy(LSA_HANDLE,
- POLICY_LOCAL_INFORMATION_CLASS,PVOID);
-NTSTATUS NTAPI LsaSetSecret(LSA_HANDLE, PLSA_UNICODE_STRING, PLSA_UNICODE_STRING);
-NTSTATUS NTAPI LsaSetSystemAccessAccount(LSA_HANDLE, ULONG);
+NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID);
+NTSTATUS NTAPI LsaSetInformationTrustedDomain(LSA_HANDLE,TRUSTED_INFORMATION_CLASS,
+ PVOID);
+NTSTATUS NTAPI LsaSetQuotasForAccount(LSA_HANDLE,PQUOTA_LIMITS);
+NTSTATUS NTAPI LsaSetSecret(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING);
+NTSTATUS NTAPI LsaSetSecurityObject(LSA_HANDLE,SECURITY_INFORMATION,PSECURITY_DESCRIPTOR);
+NTSTATUS NTAPI LsaSetSystemAccessAccount(LSA_HANDLE,ULONG);
NTSTATUS NTAPI LsaSetTrustedDomainInformation(LSA_HANDLE,PSID,
TRUSTED_INFORMATION_CLASS,PVOID);
NTSTATUS NTAPI LsaSetTrustedDomainInfoByName(LSA_HANDLE,PLSA_UNICODE_STRING,
PLSA_UNICODE_STRING);
typedef NTSTATUS (NTAPI *PSAM_PASSWORD_NOTIFICATION_ROUTINE)(PUNICODE_STRING,
ULONG,PUNICODE_STRING);
-typedef BOOLEAN (NTAPI *PSAM_INIT_NOTIFICATION_ROUTINE)(void);
+typedef BOOLEAN (NTAPI *PSAM_INIT_NOTIFICATION_ROUTINE)(VOID);
typedef BOOLEAN (NTAPI *PSAM_PASSWORD_FILTER_ROUTINE)(PUNICODE_STRING,PUNICODE_STRING,
PUNICODE_STRING,BOOLEAN);
#ifdef __cplusplus