ACCESS_REASON Data[32];
} ACCESS_REASONS, *PACCESS_REASONS;
-#define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
-#define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
-#define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
+#define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
+#define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
+#define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
typedef struct _SE_SECURITY_DESCRIPTOR {
$ULONG Size;
PSECURITY_DESCRIPTOR SecurityDescriptor;
} SE_SECURITY_DESCRIPTOR, *PSE_SECURITY_DESCRIPTOR;
-$endif(_NTIFS_ || _WINNT_)
-$if(_NTIFS_)
-
typedef struct _SE_ACCESS_REQUEST {
- ULONG Size;
+ $ULONG Size;
PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor;
ACCESS_MASK DesiredAccess;
ACCESS_MASK PreviouslyGrantedAccess;
PSID PrincipalSelfSid;
PGENERIC_MAPPING GenericMapping;
- ULONG ObjectTypeListCount;
+ $ULONG ObjectTypeListCount;
POBJECT_TYPE_LIST ObjectTypeList;
} SE_ACCESS_REQUEST, *PSE_ACCESS_REQUEST;
-typedef struct _SE_ACCESS_REPLY {
- ULONG Size;
- ULONG ResultListCount;
- PACCESS_MASK GrantedAccess;
- PNTSTATUS AccessStatus;
- PACCESS_REASONS AccessReason;
- PPRIVILEGE_SET* Privileges;
-} SE_ACCESS_REPLY, *PSE_ACCESS_REPLY;
-
-typedef enum _SE_AUDIT_OPERATION {
- AuditPrivilegeObject,
- AuditPrivilegeService,
- AuditAccessCheck,
- AuditOpenObject,
- AuditOpenObjectWithTransaction,
- AuditCloseObject,
- AuditDeleteObject,
- AuditOpenObjectForDelete,
- AuditOpenObjectForDeleteWithTransaction,
- AuditCloseNonObject,
- AuditOpenNonObject,
- AuditObjectReference,
- AuditHandleCreation,
-} SE_AUDIT_OPERATION, *PSE_AUDIT_OPERATION;
-
-typedef struct _SE_AUDIT_INFO {
- ULONG Size;
- AUDIT_EVENT_TYPE AuditType;
- SE_AUDIT_OPERATION AuditOperation;
- ULONG AuditFlags;
- UNICODE_STRING SubsystemName;
- UNICODE_STRING ObjectTypeName;
- UNICODE_STRING ObjectName;
- PVOID HandleId;
- GUID* TransactionId;
- LUID* OperationId;
- BOOLEAN ObjectCreation;
- BOOLEAN GenerateOnClose;
-} SE_AUDIT_INFO, *PSE_AUDIT_INFO;
-
-#define TOKEN_ASSIGN_PRIMARY (0x0001)
-#define TOKEN_DUPLICATE (0x0002)
-#define TOKEN_IMPERSONATE (0x0004)
-#define TOKEN_QUERY (0x0008)
-#define TOKEN_QUERY_SOURCE (0x0010)
-#define TOKEN_ADJUST_PRIVILEGES (0x0020)
-#define TOKEN_ADJUST_GROUPS (0x0040)
-#define TOKEN_ADJUST_DEFAULT (0x0080)
-#define TOKEN_ADJUST_SESSIONID (0x0100)
-
-#define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
- TOKEN_ASSIGN_PRIMARY |\
- TOKEN_DUPLICATE |\
- TOKEN_IMPERSONATE |\
- TOKEN_QUERY |\
- TOKEN_QUERY_SOURCE |\
- TOKEN_ADJUST_PRIVILEGES |\
- TOKEN_ADJUST_GROUPS |\
- TOKEN_ADJUST_DEFAULT )
+#define TOKEN_ASSIGN_PRIMARY (0x0001)
+#define TOKEN_DUPLICATE (0x0002)
+#define TOKEN_IMPERSONATE (0x0004)
+#define TOKEN_QUERY (0x0008)
+#define TOKEN_QUERY_SOURCE (0x0010)
+#define TOKEN_ADJUST_PRIVILEGES (0x0020)
+#define TOKEN_ADJUST_GROUPS (0x0040)
+#define TOKEN_ADJUST_DEFAULT (0x0080)
+#define TOKEN_ADJUST_SESSIONID (0x0100)
+
+#define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
+ TOKEN_ASSIGN_PRIMARY |\
+ TOKEN_DUPLICATE |\
+ TOKEN_IMPERSONATE |\
+ TOKEN_QUERY |\
+ TOKEN_QUERY_SOURCE |\
+ TOKEN_ADJUST_PRIVILEGES |\
+ TOKEN_ADJUST_GROUPS |\
+ TOKEN_ADJUST_DEFAULT)
#if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
-#define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P |\
- TOKEN_ADJUST_SESSIONID )
+#define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P | TOKEN_ADJUST_SESSIONID)
#else
-#define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
+#define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
#endif
-#define TOKEN_READ (STANDARD_RIGHTS_READ |\
- TOKEN_QUERY)
+#define TOKEN_READ (STANDARD_RIGHTS_READ | TOKEN_QUERY)
-#define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
- TOKEN_ADJUST_PRIVILEGES |\
- TOKEN_ADJUST_GROUPS |\
- TOKEN_ADJUST_DEFAULT)
+#define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
+ TOKEN_ADJUST_PRIVILEGES |\
+ TOKEN_ADJUST_GROUPS |\
+ TOKEN_ADJUST_DEFAULT)
-#define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
+#define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
typedef enum _TOKEN_TYPE {
TokenPrimary = 1,
TokenImpersonation
-} TOKEN_TYPE,*PTOKEN_TYPE;
+} TOKEN_TYPE, *PTOKEN_TYPE;
typedef enum _TOKEN_INFORMATION_CLASS {
TokenUser = 1,
} TOKEN_USER, *PTOKEN_USER;
typedef struct _TOKEN_GROUPS {
- ULONG GroupCount;
+ $ULONG GroupCount;
#ifdef MIDL_PASS
[size_is(GroupCount)] SID_AND_ATTRIBUTES Groups[*];
#else
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
#endif
-} TOKEN_GROUPS,*PTOKEN_GROUPS,*LPTOKEN_GROUPS;
+} TOKEN_GROUPS, *PTOKEN_GROUPS, *LPTOKEN_GROUPS;
typedef struct _TOKEN_PRIVILEGES {
- ULONG PrivilegeCount;
+ $ULONG PrivilegeCount;
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
-} TOKEN_PRIVILEGES,*PTOKEN_PRIVILEGES,*LPTOKEN_PRIVILEGES;
+} TOKEN_PRIVILEGES, *PTOKEN_PRIVILEGES, *LPTOKEN_PRIVILEGES;
typedef struct _TOKEN_OWNER {
PSID Owner;
-} TOKEN_OWNER,*PTOKEN_OWNER;
+} TOKEN_OWNER, *PTOKEN_OWNER;
typedef struct _TOKEN_PRIMARY_GROUP {
PSID PrimaryGroup;
-} TOKEN_PRIMARY_GROUP,*PTOKEN_PRIMARY_GROUP;
+} TOKEN_PRIMARY_GROUP, *PTOKEN_PRIMARY_GROUP;
typedef struct _TOKEN_DEFAULT_DACL {
PACL DefaultDacl;
-} TOKEN_DEFAULT_DACL,*PTOKEN_DEFAULT_DACL;
+} TOKEN_DEFAULT_DACL, *PTOKEN_DEFAULT_DACL;
typedef struct _TOKEN_GROUPS_AND_PRIVILEGES {
- ULONG SidCount;
- ULONG SidLength;
+ $ULONG SidCount;
+ $ULONG SidLength;
PSID_AND_ATTRIBUTES Sids;
- ULONG RestrictedSidCount;
- ULONG RestrictedSidLength;
+ $ULONG RestrictedSidCount;
+ $ULONG RestrictedSidLength;
PSID_AND_ATTRIBUTES RestrictedSids;
- ULONG PrivilegeCount;
- ULONG PrivilegeLength;
+ $ULONG PrivilegeCount;
+ $ULONG PrivilegeLength;
PLUID_AND_ATTRIBUTES Privileges;
LUID AuthenticationId;
} TOKEN_GROUPS_AND_PRIVILEGES, *PTOKEN_GROUPS_AND_PRIVILEGES;
} TOKEN_LINKED_TOKEN, *PTOKEN_LINKED_TOKEN;
typedef struct _TOKEN_ELEVATION {
- ULONG TokenIsElevated;
+ $ULONG TokenIsElevated;
} TOKEN_ELEVATION, *PTOKEN_ELEVATION;
typedef struct _TOKEN_MANDATORY_LABEL {
#define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
#define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
-#define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
- TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
+#define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
+ TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
-typedef struct _TOKEN_MANDATORY_POLICY {
- ULONG Policy;
-} TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
-
-typedef struct _TOKEN_ACCESS_INFORMATION {
- PSID_AND_ATTRIBUTES_HASH SidHash;
- PSID_AND_ATTRIBUTES_HASH RestrictedSidHash;
- PTOKEN_PRIVILEGES Privileges;
- LUID AuthenticationId;
- TOKEN_TYPE TokenType;
- SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
- TOKEN_MANDATORY_POLICY MandatoryPolicy;
- ULONG Flags;
-} TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
-
-#define POLICY_AUDIT_SUBCATEGORY_COUNT (53)
+#define POLICY_AUDIT_SUBCATEGORY_COUNT (56)
typedef struct _TOKEN_AUDIT_POLICY {
- UCHAR PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT) >> 1) + 1];
+ $UCHAR PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT) >> 1) + 1];
} TOKEN_AUDIT_POLICY, *PTOKEN_AUDIT_POLICY;
#define TOKEN_SOURCE_LENGTH 8
typedef struct _TOKEN_SOURCE {
CHAR SourceName[TOKEN_SOURCE_LENGTH];
LUID SourceIdentifier;
-} TOKEN_SOURCE,*PTOKEN_SOURCE;
+} TOKEN_SOURCE, *PTOKEN_SOURCE;
typedef struct _TOKEN_STATISTICS {
LUID TokenId;
LARGE_INTEGER ExpirationTime;
TOKEN_TYPE TokenType;
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
- ULONG DynamicCharged;
- ULONG DynamicAvailable;
- ULONG GroupCount;
- ULONG PrivilegeCount;
+ $ULONG DynamicCharged;
+ $ULONG DynamicAvailable;
+ $ULONG GroupCount;
+ $ULONG PrivilegeCount;
LUID ModifiedId;
} TOKEN_STATISTICS, *PTOKEN_STATISTICS;
LUID AuthenticationId;
LUID ModifiedId;
TOKEN_SOURCE TokenSource;
-} TOKEN_CONTROL,*PTOKEN_CONTROL;
+} TOKEN_CONTROL, *PTOKEN_CONTROL;
typedef struct _TOKEN_ORIGIN {
LUID OriginatingLogonSession;
MandatoryLevelCount
} MANDATORY_LEVEL, *PMANDATORY_LEVEL;
+$endif(_NTIFS_ || _WINNT_)
+$if(_NTIFS_)
+
+typedef struct _SE_ACCESS_REPLY {
+ $ULONG Size;
+ $ULONG ResultListCount;
+ PACCESS_MASK GrantedAccess;
+ PNTSTATUS AccessStatus;
+ PACCESS_REASONS AccessReason;
+ PPRIVILEGE_SET* Privileges;
+} SE_ACCESS_REPLY, *PSE_ACCESS_REPLY;
+
+typedef enum _SE_AUDIT_OPERATION {
+ AuditPrivilegeObject,
+ AuditPrivilegeService,
+ AuditAccessCheck,
+ AuditOpenObject,
+ AuditOpenObjectWithTransaction,
+ AuditCloseObject,
+ AuditDeleteObject,
+ AuditOpenObjectForDelete,
+ AuditOpenObjectForDeleteWithTransaction,
+ AuditCloseNonObject,
+ AuditOpenNonObject,
+ AuditObjectReference,
+ AuditHandleCreation,
+} SE_AUDIT_OPERATION, *PSE_AUDIT_OPERATION;
+
+typedef struct _SE_AUDIT_INFO {
+ ULONG Size;
+ AUDIT_EVENT_TYPE AuditType;
+ SE_AUDIT_OPERATION AuditOperation;
+ ULONG AuditFlags;
+ UNICODE_STRING SubsystemName;
+ UNICODE_STRING ObjectTypeName;
+ UNICODE_STRING ObjectName;
+ PVOID HandleId;
+ GUID* TransactionId;
+ LUID* OperationId;
+ BOOLEAN ObjectCreation;
+ BOOLEAN GenerateOnClose;
+} SE_AUDIT_INFO, *PSE_AUDIT_INFO;
+
+typedef struct _TOKEN_MANDATORY_POLICY {
+ $ULONG Policy;
+} TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
+
+typedef struct _TOKEN_ACCESS_INFORMATION {
+ PSID_AND_ATTRIBUTES_HASH SidHash;
+ PSID_AND_ATTRIBUTES_HASH RestrictedSidHash;
+ PTOKEN_PRIVILEGES Privileges;
+ LUID AuthenticationId;
+ TOKEN_TYPE TokenType;
+ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
+ TOKEN_MANDATORY_POLICY MandatoryPolicy;
+ $ULONG Flags;
+} TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;
+
#define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x0001
#define TOKEN_HAS_BACKUP_PRIVILEGE 0x0002
#define TOKEN_HAS_RESTORE_PRIVILEGE 0x0004