ntsecapi.d

Revision 155, 25.5 kB (checked in by Don Clugston, 6 years ago)
Committed on behalf of Stewart.
Property svn:eol-style set to `native`

Line
1	/***********************************************************************\
2	* ntsecapi.d *
3	* *
4	* Windows API header module *
5	* *
6	* Translated from MinGW Windows headers *
7	* by Stewart Gordon *
8	* *
9	* Placed into public domain *
10	\***********************************************************************/
11	module win32.ntsecapi;
12
13	private import
14	win32.basetyps, win32.ntdef, win32.windef, win32.winnt, win32.w32api;
15
16	// FIXME: check types and grouping of constants
17	// FIXME: check Windows version support
18
19	const KERB_WRAP_NO_ENCRYPT = 0x80000001;
20
21	const LOGON_GUEST = 0x00000001;
22	const LOGON_NOENCRYPTION = 0x00000002;
23	const LOGON_CACHED_ACCOUNT = 0x00000004;
24	const LOGON_USED_LM_PASSWORD = 0x00000008;
25	const LOGON_EXTRA_SIDS = 0x00000020;
26	const LOGON_SUBAUTH_SESSION_KEY = 0x00000040;
27	const LOGON_SERVER_TRUST_ACCOUNT = 0x00000080;
28	const LOGON_NTLMV2_ENABLED = 0x00000100;
29	const LOGON_RESOURCE_GROUPS = 0x00000200;
30	const LOGON_PROFILE_PATH_RETURNED = 0x00000400;
31	const LOGON_GRACE_LOGON = 0x01000000;
32
33	enum {
34	LSA_MODE_PASSWORD_PROTECTED = 1,
35	LSA_MODE_INDIVIDUAL_ACCOUNTS,
36	LSA_MODE_MANDATORY_ACCESS,
37	LSA_MODE_LOG_FULL
38	}
39
40	bool LSA_SUCCESS(int x) { return x >= 0; }
41
42	/* TOTHINKABOUT: These constants don't have ANSI/Unicode versioned
43	* aliases. Should we merge them anyway?
44	*/
45	const char[] MICROSOFT_KERBEROS_NAME_A = "Kerberos";
46	const wchar[] MICROSOFT_KERBEROS_NAME_W = "Kerberos";
47	const char[] MSV1_0_PACKAGE_NAME = "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0";
48	const wchar[] MSV1_0_PACKAGE_NAMEW = "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0";
49
50	const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT = 32;
51	const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT = 2048;
52	const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED = 2;
53	const MSV1_0_CRED_LM_PRESENT = 1;
54	const MSV1_0_CRED_NT_PRESENT = 2;
55	const MSV1_0_CRED_VERSION = 0;
56	const MSV1_0_DONT_TRY_GUEST_ACCOUNT = 16;
57	const MSV1_0_MAX_NTLM3_LIFE = 1800;
58	const MSV1_0_MAX_AVL_SIZE = 64000;
59	const MSV1_0_MNS_LOGON = 16777216;
60
61	const size_t
62	MSV1_0_CHALLENGE_LENGTH = 8,
63	MSV1_0_LANMAN_SESSION_KEY_LENGTH = 8,
64	MSV1_0_NTLM3_RESPONSE_LENGTH = 16,
65	MSV1_0_NTLM3_OWF_LENGTH = 16,
66	MSV1_0_NTLM3_INPUT_LENGTH = MSV1_0_NTLM3_RESPONSE.sizeof
67	- MSV1_0_NTLM3_RESPONSE_LENGTH,
68	MSV1_0_OWF_PASSWORD_LENGTH = 16,
69	MSV1_0_PACKAGE_NAMEW_LENGTH = MSV1_0_PACKAGE_NAMEW.sizeof
70	- WCHAR.sizeof;
71
72	const MSV1_0_RETURN_USER_PARAMETERS = 8;
73	const MSV1_0_RETURN_PASSWORD_EXPIRY = 64;
74	const MSV1_0_RETURN_PROFILE_PATH = 512;
75	const MSV1_0_SUBAUTHENTICATION_DLL_EX = 1048576;
76	const MSV1_0_SUBAUTHENTICATION_DLL = 0xff000000;
77	const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT = 24;
78	const MSV1_0_SUBAUTHENTICATION_DLL_RAS = 2;
79	const MSV1_0_SUBAUTHENTICATION_DLL_IIS = 132;
80	const MSV1_0_SUBAUTHENTICATION_FLAGS = 0xff000000;
81	const MSV1_0_TRY_GUEST_ACCOUNT_ONLY = 256;
82	const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY = 1024;
83	const MSV1_0_UPDATE_LOGON_STATISTICS = 4;
84	const MSV1_0_USE_CLIENT_CHALLENGE = 128;
85	const MSV1_0_USER_SESSION_KEY_LENGTH = 16;
86
87	const char[]
88	MSV1_0_SUBAUTHENTICATION_KEY
89	= `System\CurrentControlSet\Control\Lsa\MSV1_0`,
90	MSV1_0_SUBAUTHENTICATION_VALUE = "Auth";
91
92	const ACCESS_MASK
93	POLICY_VIEW_LOCAL_INFORMATION = 0x0001,
94	POLICY_VIEW_AUDIT_INFORMATION = 0x0002,
95	POLICY_GET_PRIVATE_INFORMATION = 0x0004,
96	POLICY_TRUST_ADMIN = 0x0008,
97	POLICY_CREATE_ACCOUNT = 0x0010,
98	POLICY_CREATE_SECRET = 0x0020,
99	POLICY_CREATE_PRIVILEGE = 0x0040,
100	POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x0080,
101	POLICY_SET_AUDIT_REQUIREMENTS = 0x0100,
102	POLICY_AUDIT_LOG_ADMIN = 0x0200,
103	POLICY_SERVER_ADMIN = 0x0400,
104	POLICY_LOOKUP_NAMES = 0x0800,
105
106	POLICY_READ = STANDARD_RIGHTS_READ \| 0x0006,
107	POLICY_WRITE = STANDARD_RIGHTS_WRITE \| 0x07F8,
108	POLICY_EXECUTE = STANDARD_RIGHTS_EXECUTE \| 0x0801,
109	POLICY_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED \| 0x0FFF;
110
111	const POLICY_AUDIT_EVENT_UNCHANGED = 0;
112	const POLICY_AUDIT_EVENT_SUCCESS = 1;
113	const POLICY_AUDIT_EVENT_FAILURE = 2;
114	const POLICY_AUDIT_EVENT_NONE = 4;
115	const POLICY_AUDIT_EVENT_MASK = 7;
116
117	enum {
118	POLICY_LOCATION_LOCAL = 1,
119	POLICY_LOCATION_DS
120	}
121
122	enum : uint {
123	POLICY_MACHINE_POLICY_LOCAL = 0,
124	POLICY_MACHINE_POLICY_DEFAULTED,
125	POLICY_MACHINE_POLICY_EXPLICIT,
126	POLICY_MACHINE_POLICY_UNKNOWN = 0xFFFFFFFF
127	}
128
129
130	const POLICY_QOS_SCHANEL_REQUIRED = 0x0001;
131	const POLICY_QOS_OUTBOUND_INTEGRITY = 0x0002;
132	const POLICY_QOS_OUTBOUND_CONFIDENTIALITY = 0x0004;
133	const POLICY_QOS_INBOUND_INTEGREITY = 0x0008;
134	const POLICY_QOS_INBOUND_CONFIDENTIALITY = 0x0010;
135	const POLICY_QOS_ALLOW_LOCAL_ROOT_CERT_STORE = 0x0020;
136	const POLICY_QOS_RAS_SERVER_ALLOWED = 0x0040;
137	const POLICY_QOS_DHCP_SERVER_ALLOWD = 0x0080;
138
139	const POLICY_KERBEROS_FORWARDABLE = 1;
140	const POLICY_KERBEROS_PROXYABLE = 2;
141	const POLICY_KERBEROS_RENEWABLE = 4;
142	const POLICY_KERBEROS_POSTDATEABLE = 8;
143
144	const char[]
145	SAM_PASSWORD_CHANGE_NOTIFY_ROUTINE = "PasswordChangeNotify",
146	SAM_INIT_NOTIFICATION_ROUTINE = "InitializeChangeNotify",
147	SAM_PASSWORD_FILTER_ROUTINE = "PasswordFilter";
148
149	const TCHAR[]
150	SE_INTERACTIVE_LOGON_NAME = "SeInteractiveLogonRight",
151	SE_NETWORK_LOGON_NAME = "SeNetworkLogonRight",
152	SE_BATCH_LOGON_NAME = "SeBatchLogonRight",
153	SE_SERVICE_LOGON_NAME = "SeServiceLogonRight";
154
155	enum {
156	TRUST_ATTRIBUTE_NON_TRANSITIVE = 1,
157	TRUST_ATTRIBUTE_UPLEVEL_ONLY = 2,
158	TRUST_ATTRIBUTE_TREE_PARENT = 4194304,
159	TRUST_ATTRIBUTES_VALID = -16580609
160	}
161
162	enum {
163	TRUST_AUTH_TYPE_NONE,
164	TRUST_AUTH_TYPE_NT4OWF,
165	TRUST_AUTH_TYPE_CLEAR
166	}
167
168	enum {
169	TRUST_DIRECTION_DISABLED,
170	TRUST_DIRECTION_INBOUND,
171	TRUST_DIRECTION_OUTBOUND,
172	TRUST_DIRECTION_BIDIRECTIONAL
173	}
174
175	enum {
176	TRUST_TYPE_DOWNLEVEL = 1,
177	TRUST_TYPE_UPLEVEL,
178	TRUST_TYPE_MIT,
179	TRUST_TYPE_DCE
180	}
181
182	alias UNICODE_STRING LSA_UNICODE_STRING;
183	alias UNICODE_STRING* PLSA_UNICODE_STRING;
184	alias STRING LSA_STRING;
185	alias STRING* PLSA_STRING;
186
187	enum MSV1_0_LOGON_SUBMIT_TYPE {
188	MsV1_0InteractiveLogon = 2,
189	MsV1_0Lm20Logon,
190	MsV1_0NetworkLogon,
191	MsV1_0SubAuthLogon,
192	MsV1_0WorkstationUnlockLogon = 7
193	}
194	alias MSV1_0_LOGON_SUBMIT_TYPE* PMSV1_0_LOGON_SUBMIT_TYPE;
195
196	enum MSV1_0_PROFILE_BUFFER_TYPE {
197	MsV1_0InteractiveProfile = 2,
198	MsV1_0Lm20LogonProfile,
199	MsV1_0SmartCardProfile
200	}
201	alias MSV1_0_PROFILE_BUFFER_TYPE* PMSV1_0_PROFILE_BUFFER_TYPE;
202
203
204	enum MSV1_0_AVID {
205	MsvAvEOL,
206	MsvAvNbComputerName,
207	MsvAvNbDomainName,
208	MsvAvDnsComputerName,
209	MsvAvDnsDomainName
210	}
211
212	enum MSV1_0_PROTOCOL_MESSAGE_TYPE {
213	MsV1_0Lm20ChallengeRequest = 0,
214	MsV1_0Lm20GetChallengeResponse,
215	MsV1_0EnumerateUsers,
216	MsV1_0GetUserInfo,
217	MsV1_0ReLogonUsers,
218	MsV1_0ChangePassword,
219	MsV1_0ChangeCachedPassword,
220	MsV1_0GenericPassthrough,
221	MsV1_0CacheLogon,
222	MsV1_0SubAuth,
223	MsV1_0DeriveCredential,
224	MsV1_0CacheLookup
225	}
226	alias MSV1_0_PROTOCOL_MESSAGE_TYPE* PMSV1_0_PROTOCOL_MESSAGE_TYPE;
227
228	enum POLICY_LSA_SERVER_ROLE {
229	PolicyServerRoleBackup = 2,
230	PolicyServerRolePrimary
231	}
232	alias POLICY_LSA_SERVER_ROLE* PPOLICY_LSA_SERVER_ROLE;
233
234	enum POLICY_SERVER_ENABLE_STATE {
235	PolicyServerEnabled = 2,
236	PolicyServerDisabled
237	}
238	alias POLICY_SERVER_ENABLE_STATE* PPOLICY_SERVER_ENABLE_STATE;
239
240	enum POLICY_INFORMATION_CLASS {
241	PolicyAuditLogInformation = 1,
242	PolicyAuditEventsInformation,
243	PolicyPrimaryDomainInformation,
244	PolicyPdAccountInformation,
245	PolicyAccountDomainInformation,
246	PolicyLsaServerRoleInformation,
247	PolicyReplicaSourceInformation,
248	PolicyDefaultQuotaInformation,
249	PolicyModificationInformation,
250	PolicyAuditFullSetInformation,
251	PolicyAuditFullQueryInformation,
252	PolicyDnsDomainInformation,
253	PolicyEfsInformation
254	}
255	alias POLICY_INFORMATION_CLASS* PPOLICY_INFORMATION_CLASS;
256
257	enum POLICY_AUDIT_EVENT_TYPE {
258	AuditCategorySystem,
259	AuditCategoryLogon,
260	AuditCategoryObjectAccess,
261	AuditCategoryPrivilegeUse,
262	AuditCategoryDetailedTracking,
263	AuditCategoryPolicyChange,
264	AuditCategoryAccountManagement,
265	AuditCategoryDirectoryServiceAccess,
266	AuditCategoryAccountLogon
267	}
268	alias POLICY_AUDIT_EVENT_TYPE* PPOLICY_AUDIT_EVENT_TYPE;
269
270	enum POLICY_LOCAL_INFORMATION_CLASS {
271	PolicyLocalAuditEventsInformation = 1,
272	PolicyLocalPdAccountInformation,
273	PolicyLocalAccountDomainInformation,
274	PolicyLocalLsaServerRoleInformation,
275	PolicyLocalReplicaSourceInformation,
276	PolicyLocalModificationInformation,
277	PolicyLocalAuditFullSetInformation,
278	PolicyLocalAuditFullQueryInformation,
279	PolicyLocalDnsDomainInformation,
280	PolicyLocalIPSecReferenceInformation,
281	PolicyLocalMachinePasswordInformation,
282	PolicyLocalQualityOfServiceInformation,
283	PolicyLocalPolicyLocationInformation
284	}
285	alias POLICY_LOCAL_INFORMATION_CLASS* PPOLICY_LOCAL_INFORMATION_CLASS;
286
287	enum POLICY_DOMAIN_INFORMATION_CLASS {
288	PolicyDomainIPSecReferenceInformation = 1,
289	PolicyDomainQualityOfServiceInformation,
290	PolicyDomainEfsInformation,
291	PolicyDomainPublicKeyInformation,
292	PolicyDomainPasswordPolicyInformation,
293	PolicyDomainLockoutInformation,
294	PolicyDomainKerberosTicketInformation
295	}
296	alias POLICY_DOMAIN_INFORMATION_CLASS* PPOLICY_DOMAIN_INFORMATION_CLASS;
297
298	enum SECURITY_LOGON_TYPE {
299	Interactive = 2,
300	Network,
301	Batch,
302	Service,
303	Proxy,
304	Unlock
305	}
306	alias SECURITY_LOGON_TYPE* PSECURITY_LOGON_TYPE;
307
308	enum TRUSTED_INFORMATION_CLASS {
309	TrustedDomainNameInformation = 1,
310	TrustedControllersInformation,
311	TrustedPosixOffsetInformation,
312	TrustedPasswordInformation,
313	TrustedDomainInformationBasic,
314	TrustedDomainInformationEx,
315	TrustedDomainAuthInformation,
316	TrustedDomainFullInformation
317	}
318	alias TRUSTED_INFORMATION_CLASS* PTRUSTED_INFORMATION_CLASS;
319
320	struct DOMAIN_PASSWORD_INFORMATION {
321	USHORT MinPasswordLength;
322	USHORT PasswordHistoryLength;
323	ULONG PasswordProperties;
324	LARGE_INTEGER MaxPasswordAge;
325	LARGE_INTEGER MinPasswordAge;
326	}
327	alias DOMAIN_PASSWORD_INFORMATION* PDOMAIN_PASSWORD_INFORMATION;
328
329	struct LSA_ENUMERATION_INFORMATION {
330	PSID Sid;
331	}
332	alias LSA_ENUMERATION_INFORMATION* PLSA_ENUMERATION_INFORMATION;
333
334	alias OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES;
335	alias OBJECT_ATTRIBUTES* PLSA_OBJECT_ATTRIBUTES;
336
337	struct LSA_TRUST_INFORMATION {
338	LSA_UNICODE_STRING Name;
339	PSID Sid;
340	}
341	alias LSA_TRUST_INFORMATION TRUSTED_DOMAIN_INFORMATION_BASIC;
342	alias LSA_TRUST_INFORMATION* PLSA_TRUST_INFORMATION;
343	/* in MinGW (further down the code):
344	* typedef PLSA_TRUST_INFORMATION *PTRUSTED_DOMAIN_INFORMATION_BASIC;
345	* but it doesn't look right....
346	*/
347	alias LSA_TRUST_INFORMATION** PTRUSTED_DOMAIN_INFORMATION_BASIC;
348
349	struct LSA_REFERENCED_DOMAIN_LIST {
350	ULONG Entries;
351	PLSA_TRUST_INFORMATION Domains;
352	}
353	alias LSA_REFERENCED_DOMAIN_LIST* PLSA_REFERENCED_DOMAIN_LIST;
354
355	struct LSA_TRANSLATED_SID {
356	SID_NAME_USE Use;
357	ULONG RelativeId;
358	LONG DomainIndex;
359	}
360	alias LSA_TRANSLATED_SID* PLSA_TRANSLATED_SID;
361
362	struct LSA_TRANSLATED_NAME {
363	SID_NAME_USE Use;
364	LSA_UNICODE_STRING Name;
365	LONG DomainIndex;
366	}
367	alias LSA_TRANSLATED_NAME* PLSA_TRANSLATED_NAME;
368
369	struct MSV1_0_INTERACTIVE_LOGON {
370	MSV1_0_LOGON_SUBMIT_TYPE MessageType;
371	UNICODE_STRING LogonDomainName;
372	UNICODE_STRING UserName;
373	UNICODE_STRING Password;
374	}
375	alias MSV1_0_INTERACTIVE_LOGON* PMSV1_0_INTERACTIVE_LOGON;
376
377	struct MSV1_0_INTERACTIVE_PROFILE {
378	MSV1_0_PROFILE_BUFFER_TYPE MessageType;
379	USHORT LogonCount;
380	USHORT BadPasswordCount;
381	LARGE_INTEGER LogonTime;
382	LARGE_INTEGER LogoffTime;
383	LARGE_INTEGER KickOffTime;
384	LARGE_INTEGER PasswordLastSet;
385	LARGE_INTEGER PasswordCanChange;
386	LARGE_INTEGER PasswordMustChange;
387	UNICODE_STRING LogonScript;
388	UNICODE_STRING HomeDirectory;
389	UNICODE_STRING FullName;
390	UNICODE_STRING ProfilePath;
391	UNICODE_STRING HomeDirectoryDrive;
392	UNICODE_STRING LogonServer;
393	ULONG UserFlags;
394	}
395	alias MSV1_0_INTERACTIVE_PROFILE* PMSV1_0_INTERACTIVE_PROFILE;
396
397	struct MSV1_0_LM20_LOGON {
398	MSV1_0_LOGON_SUBMIT_TYPE MessageType;
399	UNICODE_STRING LogonDomainName;
400	UNICODE_STRING UserName;
401	UNICODE_STRING Workstation;
402	UCHAR[MSV1_0_CHALLENGE_LENGTH] ChallengeToClient;
403	STRING CaseSensitiveChallengeResponse;
404	STRING CaseInsensitiveChallengeResponse;
405	ULONG ParameterControl;
406	}
407	alias MSV1_0_LM20_LOGON* PMSV1_0_LM20_LOGON;
408
409	static if (_WIN32_WINNT_ONLY && _WIN32_WINNT >= 0x500) {
410	struct MSV1_0_SUBAUTH_LOGON {
411	MSV1_0_LOGON_SUBMIT_TYPE MessageType;
412	UNICODE_STRING LogonDomainName;
413	UNICODE_STRING UserName;
414	UNICODE_STRING Workstation;
415	UCHAR[MSV1_0_CHALLENGE_LENGTH] ChallengeToClient;
416	STRING AuthenticationInfo1;
417	STRING AuthenticationInfo2;
418	ULONG ParameterControl;
419	ULONG SubAuthPackageId;
420	}
421	alias MSV1_0_SUBAUTH_LOGON* PMSV1_0_SUBAUTH_LOGON;
422	}
423
424	struct MSV1_0_LM20_LOGON_PROFILE {
425	MSV1_0_PROFILE_BUFFER_TYPE MessageType;
426	LARGE_INTEGER KickOffTime;
427	LARGE_INTEGER LogoffTime;
428	ULONG UserFlags;
429	UCHAR[MSV1_0_USER_SESSION_KEY_LENGTH] UserSessionKey;
430	UNICODE_STRING LogonDomainName;
431	UCHAR[MSV1_0_LANMAN_SESSION_KEY_LENGTH] LanmanSessionKey;
432	UNICODE_STRING LogonServer;
433	UNICODE_STRING UserParameters;
434	}
435	alias MSV1_0_LM20_LOGON_PROFILE* PMSV1_0_LM20_LOGON_PROFILE;
436
437	struct MSV1_0_SUPPLEMENTAL_CREDENTIAL {
438	ULONG Version;
439	ULONG Flags;
440	UCHAR[MSV1_0_OWF_PASSWORD_LENGTH] LmPassword;
441	UCHAR[MSV1_0_OWF_PASSWORD_LENGTH] NtPassword;
442	}
443	alias MSV1_0_SUPPLEMENTAL_CREDENTIAL* PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
444
445	struct MSV1_0_NTLM3_RESPONSE {
446	UCHAR[MSV1_0_NTLM3_RESPONSE_LENGTH] Response;
447	UCHAR RespType;
448	UCHAR HiRespType;
449	USHORT Flags;
450	ULONG MsgWord;
451	ULONGLONG TimeStamp;
452	UCHAR[MSV1_0_CHALLENGE_LENGTH] ChallengeFromClient;
453	ULONG AvPairsOff;
454	UCHAR _Buffer;
455	UCHAR* Buffer() { return &_Buffer; }
456	}
457	alias MSV1_0_NTLM3_RESPONSE* PMSV1_0_NTLM3_RESPONSE;
458
459	struct MSV1_0_AV_PAIR {
460	USHORT AvId;
461	USHORT AvLen;
462	}
463	alias MSV1_0_AV_PAIR* PMSV1_0_AV_PAIR;
464
465	struct MSV1_0_CHANGEPASSWORD_REQUEST {
466	MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
467	UNICODE_STRING DomainName;
468	UNICODE_STRING AccountName;
469	UNICODE_STRING OldPassword;
470	UNICODE_STRING NewPassword;
471	BOOLEAN Impersonating;
472	}
473	alias MSV1_0_CHANGEPASSWORD_REQUEST* PMSV1_0_CHANGEPASSWORD_REQUEST;
474
475	struct MSV1_0_CHANGEPASSWORD_RESPONSE {
476	MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
477	BOOLEAN PasswordInfoValid;
478	DOMAIN_PASSWORD_INFORMATION DomainPasswordInfo;
479	}
480	alias MSV1_0_CHANGEPASSWORD_RESPONSE* PMSV1_0_CHANGEPASSWORD_RESPONSE;
481
482	struct MSV1_0_SUBAUTH_REQUEST {
483	MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
484	ULONG SubAuthPackageId;
485	ULONG SubAuthInfoLength;
486	PUCHAR SubAuthSubmitBuffer;
487	}
488	alias MSV1_0_SUBAUTH_REQUEST* PMSV1_0_SUBAUTH_REQUEST;
489
490	struct MSV1_0_SUBAUTH_RESPONSE {
491	MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
492	ULONG SubAuthInfoLength;
493	PUCHAR SubAuthReturnBuffer;
494	}
495	alias MSV1_0_SUBAUTH_RESPONSE* PMSV1_0_SUBAUTH_RESPONSE;
496
497	const MSV1_0_DERIVECRED_TYPE_SHA1 = 0;
498
499	struct MSV1_0_DERIVECRED_REQUEST {
500	MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
501	LUID LogonId;
502	ULONG DeriveCredType;
503	ULONG DeriveCredInfoLength;
504	UCHAR _DeriveCredSubmitBuffer;
505	UCHAR* DeriveCredSubmitBuffer() { return &_DeriveCredSubmitBuffer; }
506	}
507	alias MSV1_0_DERIVECRED_REQUEST* PMSV1_0_DERIVECRED_REQUEST;
508
509	struct MSV1_0_DERIVECRED_RESPONSE {
510	MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
511	ULONG DeriveCredInfoLength;
512	UCHAR _DeriveCredReturnBuffer;
513	UCHAR* DeriveCredReturnBuffer() { return &_DeriveCredReturnBuffer; }
514	}
515	alias MSV1_0_DERIVECRED_RESPONSE* PMSV1_0_DERIVECRED_RESPONSE;
516
517	alias uint LSA_ENUMERATION_HANDLE, LSA_OPERATIONAL_MODE,
518	POLICY_AUDIT_EVENT_OPTIONS;
519	alias uint* PLSA_ENUMERATION_HANDLE, PLSA_OPERATIONAL_MODE,
520	PPOLICY_AUDIT_EVENT_OPTIONS;
521
522	struct POLICY_PRIVILEGE_DEFINITION {
523	LSA_UNICODE_STRING Name;
524	LUID LocalValue;
525	}
526	alias POLICY_PRIVILEGE_DEFINITION* PPOLICY_PRIVILEGE_DEFINITION;
527
528	struct POLICY_AUDIT_LOG_INFO {
529	ULONG AuditLogPercentFull;
530	ULONG MaximumLogSize;
531	LARGE_INTEGER AuditRetentionPeriod;
532	BOOLEAN AuditLogFullShutdownInProgress;
533	LARGE_INTEGER TimeToShutdown;
534	ULONG NextAuditRecordId;
535	}
536	alias POLICY_AUDIT_LOG_INFO* PPOLICY_AUDIT_LOG_INFO;
537
538	struct POLICY_AUDIT_EVENTS_INFO {
539	BOOLEAN AuditingMode;
540	PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions;
541	ULONG MaximumAuditEventCount;
542	}
543	alias POLICY_AUDIT_EVENTS_INFO* PPOLICY_AUDIT_EVENTS_INFO;
544
545	struct POLICY_ACCOUNT_DOMAIN_INFO {
546	LSA_UNICODE_STRING DomainName;
547	PSID DomainSid;
548	}
549	alias POLICY_ACCOUNT_DOMAIN_INFO* PPOLICY_ACCOUNT_DOMAIN_INFO;
550
551	struct POLICY_PRIMARY_DOMAIN_INFO {
552	LSA_UNICODE_STRING Name;
553	PSID Sid;
554	}
555	alias POLICY_PRIMARY_DOMAIN_INFO* PPOLICY_PRIMARY_DOMAIN_INFO;
556
557	struct POLICY_DNS_DOMAIN_INFO {
558	LSA_UNICODE_STRING Name;
559	LSA_UNICODE_STRING DnsDomainName;
560	LSA_UNICODE_STRING DnsTreeName;
561	GUID DomainGuid;
562	PSID Sid;
563	}
564	alias POLICY_DNS_DOMAIN_INFO* PPOLICY_DNS_DOMAIN_INFO;
565
566	struct POLICY_PD_ACCOUNT_INFO {
567	LSA_UNICODE_STRING Name;
568	}
569	alias POLICY_PD_ACCOUNT_INFO* PPOLICY_PD_ACCOUNT_INFO;
570
571	struct POLICY_LSA_SERVER_ROLE_INFO {
572	POLICY_LSA_SERVER_ROLE LsaServerRole;
573	}
574	alias POLICY_LSA_SERVER_ROLE_INFO* PPOLICY_LSA_SERVER_ROLE_INFO;
575
576	struct POLICY_REPLICA_SOURCE_INFO {
577	LSA_UNICODE_STRING ReplicaSource;
578	LSA_UNICODE_STRING ReplicaAccountName;
579	}
580	alias POLICY_REPLICA_SOURCE_INFO* PPOLICY_REPLICA_SOURCE_INFO;
581
582	struct POLICY_DEFAULT_QUOTA_INFO {
583	QUOTA_LIMITS QuotaLimits;
584	}
585	alias POLICY_DEFAULT_QUOTA_INFO* PPOLICY_DEFAULT_QUOTA_INFO;
586
587	struct POLICY_MODIFICATION_INFO {
588	LARGE_INTEGER ModifiedId;
589	LARGE_INTEGER DatabaseCreationTime;
590	}
591	alias POLICY_MODIFICATION_INFO* PPOLICY_MODIFICATION_INFO;
592
593	struct POLICY_AUDIT_FULL_SET_INFO {
594	BOOLEAN ShutDownOnFull;
595	}
596	alias POLICY_AUDIT_FULL_SET_INFO* PPOLICY_AUDIT_FULL_SET_INFO;
597
598	struct POLICY_AUDIT_FULL_QUERY_INFO {
599	BOOLEAN ShutDownOnFull;
600	BOOLEAN LogIsFull;
601	}
602	alias POLICY_AUDIT_FULL_QUERY_INFO* PPOLICY_AUDIT_FULL_QUERY_INFO;
603
604	struct POLICY_EFS_INFO {
605	ULONG InfoLength;
606	PUCHAR EfsBlob;
607	}
608	alias POLICY_EFS_INFO* PPOLICY_EFS_INFO;
609
610	struct POLICY_LOCAL_IPSEC_REFERENCE_INFO {
611	LSA_UNICODE_STRING ObjectPath;
612	}
613	alias POLICY_LOCAL_IPSEC_REFERENCE_INFO* PPOLICY_LOCAL_IPSEC_REFERENCE_INFO;
614
615	struct POLICY_LOCAL_MACHINE_PASSWORD_INFO {
616	LARGE_INTEGER PasswordChangeInterval;
617	}
618	alias POLICY_LOCAL_MACHINE_PASSWORD_INFO* PPOLICY_LOCAL_MACHINE_PASSWORD_INFO;
619
620	struct POLICY_LOCAL_POLICY_LOCATION_INFO {
621	ULONG PolicyLocation;
622	}
623	alias POLICY_LOCAL_POLICY_LOCATION_INFO* PPOLICY_LOCAL_POLICY_LOCATION_INFO;
624
625	struct POLICY_LOCAL_QUALITY_OF_SERVICE_INFO{
626	ULONG QualityOfService;
627	}
628	alias POLICY_LOCAL_QUALITY_OF_SERVICE_INFO
629	POLICY_DOMAIN_QUALITY_OF_SERVICE_INFO;
630	alias POLICY_LOCAL_QUALITY_OF_SERVICE_INFO*
631	PPOLICY_LOCAL_QUALITY_OF_SERVICE_INFO,
632	PPOLICY_DOMAIN_QUALITY_OF_SERVICE_INFO;
633
634	struct POLICY_DOMAIN_PUBLIC_KEY_INFO {
635	ULONG InfoLength;
636	PUCHAR PublicKeyInfo;
637	}
638	alias POLICY_DOMAIN_PUBLIC_KEY_INFO* PPOLICY_DOMAIN_PUBLIC_KEY_INFO;
639
640	struct POLICY_DOMAIN_LOCKOUT_INFO {
641	LARGE_INTEGER LockoutDuration;
642	LARGE_INTEGER LockoutObservationWindow;
643	USHORT LockoutThreshold;
644	}
645	alias POLICY_DOMAIN_LOCKOUT_INFO* PPOLICY_DOMAIN_LOCKOUT_INFO;
646
647	struct POLICY_DOMAIN_PASSWORD_INFO {
648	USHORT MinPasswordLength;
649	USHORT PasswordHistoryLength;
650	ULONG PasswordProperties;
651	LARGE_INTEGER MaxPasswordAge;
652	LARGE_INTEGER MinPasswordAge;
653	}
654	alias POLICY_DOMAIN_PASSWORD_INFO* PPOLICY_DOMAIN_PASSWORD_INFO;
655
656	struct POLICY_DOMAIN_KERBEROS_TICKET_INFO {
657	ULONG AuthenticationOptions;
658	LARGE_INTEGER MinTicketAge;
659	LARGE_INTEGER MaxTicketAge;
660	LARGE_INTEGER MaxRenewAge;
661	LARGE_INTEGER ProxyLifetime;
662	LARGE_INTEGER ForceLogoff;
663	}
664	alias POLICY_DOMAIN_KERBEROS_TICKET_INFO* PPOLICY_DOMAIN_KERBEROS_TICKET_INFO;
665
666	alias HANDLE LSA_HANDLE;
667	alias HANDLE* PLSA_HANDLE;
668
669	struct TRUSTED_DOMAIN_NAME_INFO {
670	LSA_UNICODE_STRING Name;
671	}
672	alias TRUSTED_DOMAIN_NAME_INFO* PTRUSTED_DOMAIN_NAME_INFO;
673
674	struct TRUSTED_CONTROLLERS_INFO {
675	ULONG Entries;
676	PLSA_UNICODE_STRING Names;
677	}
678	alias TRUSTED_CONTROLLERS_INFO* PTRUSTED_CONTROLLERS_INFO;
679
680	struct TRUSTED_POSIX_OFFSET_INFO {
681	ULONG Offset;
682	}
683	alias TRUSTED_POSIX_OFFSET_INFO* PTRUSTED_POSIX_OFFSET_INFO;
684
685	struct TRUSTED_PASSWORD_INFO {
686	LSA_UNICODE_STRING Password;
687	LSA_UNICODE_STRING OldPassword;
688	}
689	alias TRUSTED_PASSWORD_INFO* PTRUSTED_PASSWORD_INFO;
690
691	struct TRUSTED_DOMAIN_INFORMATION_EX {
692	LSA_UNICODE_STRING Name;
693	LSA_UNICODE_STRING FlatName;
694	PSID Sid;
695	ULONG TrustDirection;
696	ULONG TrustType;
697	ULONG TrustAttributes;
698	}
699	alias TRUSTED_DOMAIN_INFORMATION_EX* PTRUSTED_DOMAIN_INFORMATION_EX;
700
701	struct LSA_AUTH_INFORMATION {
702	LARGE_INTEGER LastUpdateTime;
703	ULONG AuthType;
704	ULONG AuthInfoLength;
705	PUCHAR AuthInfo;
706	}
707	alias LSA_AUTH_INFORMATION* PLSA_AUTH_INFORMATION;
708
709	struct TRUSTED_DOMAIN_AUTH_INFORMATION {
710	ULONG IncomingAuthInfos;
711	PLSA_AUTH_INFORMATION IncomingAuthenticationInformation;
712	PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation;
713	ULONG OutgoingAuthInfos;
714	PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation;
715	PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation;
716	}
717	alias TRUSTED_DOMAIN_AUTH_INFORMATION* PTRUSTED_DOMAIN_AUTH_INFORMATION;
718
719	struct TRUSTED_DOMAIN_FULL_INFORMATION {
720	TRUSTED_DOMAIN_INFORMATION_EX Information;
721	TRUSTED_POSIX_OFFSET_INFO PosixOffset;
722	TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation;
723	}
724	alias TRUSTED_DOMAIN_FULL_INFORMATION* PTRUSTED_DOMAIN_FULL_INFORMATION;
725
726	extern (Windows) {
727	NTSTATUS LsaAddAccountRights(LSA_HANDLE, PSID, PLSA_UNICODE_STRING,
728	ULONG);
729	NTSTATUS LsaCallAuthenticationPackage(HANDLE, ULONG, PVOID, ULONG,
730	PVOID*, PULONG, PNTSTATUS);
731	NTSTATUS LsaClose(LSA_HANDLE);
732	NTSTATUS LsaConnectUntrusted(PHANDLE);
733	NTSTATUS LsaCreateTrustedDomainEx(LSA_HANDLE,
734	PTRUSTED_DOMAIN_INFORMATION_EX, PTRUSTED_DOMAIN_AUTH_INFORMATION,
735	ACCESS_MASK, PLSA_HANDLE);
736	NTSTATUS LsaDeleteTrustedDomain(LSA_HANDLE, PSID);
737	NTSTATUS LsaDeregisterLogonProcess(HANDLE);
738	NTSTATUS LsaEnumerateAccountRights(LSA_HANDLE, PSID, PLSA_UNICODE_STRING*,
739	PULONG);
740	NTSTATUS LsaEnumerateAccountsWithUserRight(LSA_HANDLE,
741	PLSA_UNICODE_STRING, PVOID*, PULONG);
742	NTSTATUS LsaEnumerateTrustedDomains(LSA_HANDLE, PLSA_ENUMERATION_HANDLE,
743	PVOID*, ULONG, PULONG);
744	NTSTATUS LsaEnumerateTrustedDomainsEx(LSA_HANDLE, PLSA_ENUMERATION_HANDLE,
745	TRUSTED_INFORMATION_CLASS, PVOID*, ULONG, PULONG);
746	NTSTATUS LsaFreeMemory(PVOID);
747	NTSTATUS LsaFreeReturnBuffer(PVOID);
748	NTSTATUS LsaLogonUser(HANDLE, PLSA_STRING, SECURITY_LOGON_TYPE, ULONG,
749	PVOID, ULONG, PTOKEN_GROUPS, PTOKEN_SOURCE, PVOID*, PULONG, PLUID,
750	PHANDLE, PQUOTA_LIMITS, PNTSTATUS);
751	NTSTATUS LsaLookupAuthenticationPackage(HANDLE, PLSA_STRING, PULONG);
752	NTSTATUS LsaLookupNames(LSA_HANDLE, ULONG, PLSA_UNICODE_STRING,
753	PLSA_REFERENCED_DOMAIN_LIST, PLSA_TRANSLATED_SID);
754	NTSTATUS LsaLookupSids(LSA_HANDLE, ULONG, PSID*,
755	PLSA_REFERENCED_DOMAIN_LIST, PLSA_TRANSLATED_NAME);
756	ULONG LsaNtStatusToWinError(NTSTATUS);
757	NTSTATUS LsaOpenPolicy(PLSA_UNICODE_STRING, PLSA_OBJECT_ATTRIBUTES,
758	ACCESS_MASK, PLSA_HANDLE);
759	NTSTATUS LsaQueryDomainInformationPolicy(LSA_HANDLE,
760	POLICY_DOMAIN_INFORMATION_CLASS, PVOID*);
761	NTSTATUS LsaQueryInformationPolicy(LSA_HANDLE, POLICY_INFORMATION_CLASS,
762	PVOID*);
763	NTSTATUS LsaQueryLocalInformationPolicy(LSA_HANDLE,
764	POLICY_LOCAL_INFORMATION_CLASS, PVOID*);
765	NTSTATUS LsaQueryTrustedDomainInfo(LSA_HANDLE, PSID,
766	TRUSTED_INFORMATION_CLASS, PVOID*);
767	NTSTATUS LsaQueryTrustedDomainInfoByName(LSA_HANDLE, PLSA_UNICODE_STRING,
768	TRUSTED_INFORMATION_CLASS, PVOID*);
769	NTSTATUS LsaRegisterLogonProcess(PLSA_STRING, PHANDLE,
770	PLSA_OPERATIONAL_MODE);
771	NTSTATUS LsaRemoveAccountRights(LSA_HANDLE, PSID, BOOLEAN,
772	PLSA_UNICODE_STRING, ULONG);
773	NTSTATUS LsaRetrievePrivateData(LSA_HANDLE, PLSA_UNICODE_STRING,
774	PLSA_UNICODE_STRING*);
775	NTSTATUS LsaSetDomainInformationPolicy(LSA_HANDLE,
776	POLICY_DOMAIN_INFORMATION_CLASS, PVOID);
777	NTSTATUS LsaSetInformationPolicy(LSA_HANDLE, POLICY_INFORMATION_CLASS,
778	PVOID);
779	NTSTATUS LsaSetLocalInformationPolicy(LSA_HANDLE,
780	POLICY_LOCAL_INFORMATION_CLASS, PVOID);
781	NTSTATUS LsaSetTrustedDomainInformation(LSA_HANDLE, PSID,
782	TRUSTED_INFORMATION_CLASS, PVOID);
783	NTSTATUS LsaSetTrustedDomainInfoByName(LSA_HANDLE, PLSA_UNICODE_STRING,
784	TRUSTED_INFORMATION_CLASS, PVOID);
785	NTSTATUS LsaStorePrivateData(LSA_HANDLE, PLSA_UNICODE_STRING,
786	PLSA_UNICODE_STRING);
787	}
788
789	alias NTSTATUS function(PUNICODE_STRING, ULONG, PUNICODE_STRING)
790	PSAM_PASSWORD_NOTIFICATION_ROUTINE;
791	alias BOOLEAN function() PSAM_INIT_NOTIFICATION_ROUTINE;
792	alias BOOLEAN function(PUNICODE_STRING, PUNICODE_STRING,
793	PUNICODE_STRING, BOOLEAN) PSAM_PASSWORD_FILTER_ROUTINE;

Note: See TracBrowser for help on using the browser.

bindings

root/trunk/win32/ntsecapi.d

Download in other formats: