#define POLICY_AUDIT_LOG_ADMIN 512
#define POLICY_SERVER_ADMIN 1024
#define POLICY_LOOKUP_NAMES 2048
+#define POLICY_NOTIFICATION 4096
#define POLICY_READ (STANDARD_RIGHTS_READ|6)
#define POLICY_WRITE (STANDARD_RIGHTS_WRITE|2040)
#define POLICY_EXECUTE (STANDARD_RIGHTS_EXECUTE|2049)
#define SE_NETWORK_LOGON_NAME TEXT("SeNetworkLogonRight")
#define SE_BATCH_LOGON_NAME TEXT("SeBatchLogonRight")
#define SE_SERVICE_LOGON_NAME TEXT("SeServiceLogonRight")
+#define SE_DENY_INTERACTIVE_LOGON_NAME TEXT("SeDenyInteractiveLogonRight")
+#define SE_DENY_NETWORK_LOGON_NAME TEXT("SeDenyNetworkLogonRight")
+#define SE_DENY_BATCH_LOGON_NAME TEXT("SeDenyBatchLogonRight")
+#define SE_DENY_SERVICE_LOGON_NAME TEXT("SeDenyServiceLogonRight")
+#define SE_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeRemoteInteractiveLogonRight")
+#define SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeDenyRemoteInteractiveLogonRight")
#define TRUST_ATTRIBUTE_NON_TRANSITIVE 1
#define TRUST_ATTRIBUTE_UPLEVEL_ONLY 2
#define TRUST_ATTRIBUTE_TREE_PARENT 4194304
CollisionXref,
CollisionOther
} LSA_FOREST_TRUST_COLLISION_RECORD_TYPE;
+#ifndef _DOMAIN_PASSWORD_INFORMATION_DEFINED
+#define _DOMAIN_PASSWORD_INFORMATION_DEFINED
typedef struct _DOMAIN_PASSWORD_INFORMATION {
USHORT MinPasswordLength;
USHORT PasswordHistoryLength;
LARGE_INTEGER MaxPasswordAge;
LARGE_INTEGER MinPasswordAge;
} DOMAIN_PASSWORD_INFORMATION, *PDOMAIN_PASSWORD_INFORMATION;
+#endif
typedef ULONG LSA_ENUMERATION_HANDLE, *PLSA_ENUMERATION_HANDLE;
typedef struct _LSA_ENUMERATION_INFORMATION {
PSID Sid;
} TRUSTED_DOMAIN_FULL_INFORMATION, *PTRUSTED_DOMAIN_FULL_INFORMATION;
#define RtlGenRandom SystemFunction036
+#define RtlEncryptMemory SystemFunction040
+#define RtlDecryptMemory SystemFunction041
BOOLEAN WINAPI RtlGenRandom(PVOID,ULONG);
+NTSTATUS WINAPI RtlEncryptMemory(PVOID Memory, ULONG MemorySize, ULONG OptionFlags);
+NTSTATUS WINAPI RtlDecryptMemory(PVOID Memory, ULONG MemorySize, ULONG OptionFlags);
+
+#define RTL_ENCRYPT_MEMORY_SIZE 8
+#define RTL_ENCRYPT_OPTION_SAME_PROCESS 0x00
+#define RTL_ENCRYPT_OPTION_CROSS_PROCESS 0x01
+#define RTL_ENCRYPT_OPTION_SAME_LOGON 0x02
NTSTATUS NTAPI LsaAddAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING,ULONG);
NTSTATUS NTAPI LsaAddPrivilegesToAccount(LSA_HANDLE, PPRIVILEGE_SET);
NTSTATUS NTAPI LsaFreeMemory(PVOID);
NTSTATUS NTAPI LsaFreeReturnBuffer(PVOID);
NTSTATUS NTAPI LsaGetQuotasForAccount(LSA_HANDLE,PQUOTA_LIMITS);
+NTSTATUS NTAPI LsaGetRemoteUserName(PLSA_UNICODE_STRING, PLSA_UNICODE_STRING*,
+ PLSA_UNICODE_STRING*);
NTSTATUS NTAPI LsaGetSystemAccessAccount(LSA_HANDLE, PULONG);
NTSTATUS NTAPI LsaGetUserName(PUNICODE_STRING*,PUNICODE_STRING*);
NTSTATUS NTAPI LsaLogonUser(HANDLE,PLSA_STRING,SECURITY_LOGON_TYPE,ULONG,PVOID,
PLSA_REFERENCED_DOMAIN_LIST*,PLSA_TRANSLATED_SID*);
NTSTATUS NTAPI LsaLookupNames2(LSA_HANDLE,ULONG,ULONG,PLSA_UNICODE_STRING,
PLSA_REFERENCED_DOMAIN_LIST*,PLSA_TRANSLATED_SID2*);
+NTSTATUS NTAPI LsaLookupPrivilegeDisplayName(LSA_HANDLE,PLSA_UNICODE_STRING,
+ PLSA_UNICODE_STRING*,PSHORT);
NTSTATUS NTAPI LsaLookupPrivilegeName(LSA_HANDLE,PLUID,PLSA_UNICODE_STRING*);
NTSTATUS NTAPI LsaLookupPrivilegeValue(LSA_HANDLE,PLSA_UNICODE_STRING,PLUID);
NTSTATUS NTAPI LsaLookupSids(LSA_HANDLE,ULONG,PSID*,
NTSTATUS NTAPI LsaOpenAccount(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE);
NTSTATUS NTAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,
ACCESS_MASK,PLSA_HANDLE);
+NTSTATUS NTAPI LsaOpenPolicySce(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,
+ ACCESS_MASK,PLSA_HANDLE);
NTSTATUS NTAPI LsaOpenSecret(LSA_HANDLE, PLSA_UNICODE_STRING, ACCESS_MASK, PLSA_HANDLE);
+NTSTATUS NTAPI LsaQuerySecurityObject(LSA_HANDLE,SECURITY_INFORMATION,PSECURITY_DESCRIPTOR*);
NTSTATUS NTAPI LsaOpenTrustedDomain(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE);
NTSTATUS NTAPI LsaOpenTrustedDomainByName(LSA_HANDLE,PLSA_UNICODE_STRING,
ACCESS_MASK,PLSA_HANDLE);
NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING,PHANDLE,PLSA_OPERATIONAL_MODE);
NTSTATUS NTAPI LsaRemoveAccountRights(LSA_HANDLE,PSID,BOOLEAN,
PLSA_UNICODE_STRING,ULONG);
+NTSTATUS NTAPI LsaRemovePrivilegesFromAccount(LSA_HANDLE,BOOLEAN,PPRIVILEGE_SET);
NTSTATUS NTAPI LsaRetrievePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING,
PLSA_UNICODE_STRING*);
NTSTATUS NTAPI LsaSetDomainInformationPolicy(LSA_HANDLE,
POLICY_DOMAIN_INFORMATION_CLASS,PVOID);
-NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS, PVOID);
+NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID);
+NTSTATUS NTAPI LsaSetInformationTrustedDomain(LSA_HANDLE,TRUSTED_INFORMATION_CLASS,
+ PVOID);
NTSTATUS NTAPI LsaSetQuotasForAccount(LSA_HANDLE,PQUOTA_LIMITS);
NTSTATUS NTAPI LsaSetSecret(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING);
+NTSTATUS NTAPI LsaSetSecurityObject(LSA_HANDLE,SECURITY_INFORMATION,PSECURITY_DESCRIPTOR);
NTSTATUS NTAPI LsaSetSystemAccessAccount(LSA_HANDLE,ULONG);
NTSTATUS NTAPI LsaSetTrustedDomainInformation(LSA_HANDLE,PSID,
TRUSTED_INFORMATION_CLASS,PVOID);
PLSA_UNICODE_STRING);
typedef NTSTATUS (NTAPI *PSAM_PASSWORD_NOTIFICATION_ROUTINE)(PUNICODE_STRING,
ULONG,PUNICODE_STRING);
-typedef BOOLEAN (NTAPI *PSAM_INIT_NOTIFICATION_ROUTINE)(void);
+typedef BOOLEAN (NTAPI *PSAM_INIT_NOTIFICATION_ROUTINE)(VOID);
typedef BOOLEAN (NTAPI *PSAM_PASSWORD_FILTER_ROUTINE)(PUNICODE_STRING,PUNICODE_STRING,
PUNICODE_STRING,BOOLEAN);
#ifdef __cplusplus