| // Licensed under the Apache License, Version 2.0 |
| // <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license |
| // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option. |
| // All files in the project carrying such notice may not be copied, modified, or distributed |
| // except according to those terms. |
| //! This module defines the Local Security Authority APIs. |
| use shared::basetsd::{ULONG64, ULONG_PTR}; |
| use shared::guiddef::GUID; |
| use shared::minwindef::{PUCHAR, PULONG, UCHAR, ULONG, USHORT}; |
| use shared::ntdef::NTSTATUS; |
| use shared::sspi::SecHandle; |
| use um::lsalookup::{ |
| LSA_TRUST_INFORMATION, LSA_UNICODE_STRING, PLSA_TRUST_INFORMATION, PLSA_UNICODE_STRING |
| }; |
| use um::subauth::{PUNICODE_STRING, STRING, UNICODE_STRING}; |
| use um::winnt::{ |
| ACCESS_MASK, ANYSIZE_ARRAY, BOOLEAN, HANDLE, LARGE_INTEGER, LONG, LUID, PACL, PCSTR, PCWSTR, |
| PSECURITY_DESCRIPTOR, PSID, PSTR, PVOID, PWSTR, QUOTA_LIMITS, SECURITY_INFORMATION, SHORT, SID, |
| SID_NAME_USE, STANDARD_RIGHTS_EXECUTE, STANDARD_RIGHTS_READ, STANDARD_RIGHTS_REQUIRED, |
| STANDARD_RIGHTS_WRITE, ULONGLONG |
| }; |
| DEFINE_GUID!{Audit_System_SecurityStateChange, |
| 0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_System_SecuritySubsystemExtension, |
| 0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_System_Integrity, |
| 0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_System_IPSecDriverEvents, |
| 0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_System_Others, |
| 0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon_Logon, |
| 0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon_Logoff, |
| 0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon_AccountLockout, |
| 0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon_IPSecMainMode, |
| 0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon_IPSecQuickMode, |
| 0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon_IPSecUserMode, |
| 0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon_SpecialLogon, |
| 0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon_Others, |
| 0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_FileSystem, |
| 0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_Registry, |
| 0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_Kernel, |
| 0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_Sam, |
| 0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_CertificationServices, |
| 0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_ApplicationGenerated, |
| 0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_Handle, |
| 0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_Share, |
| 0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_FirewallPacketDrops, |
| 0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_FirewallConnection, |
| 0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_Other, |
| 0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PrivilegeUse_Sensitive, |
| 0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PrivilegeUse_NonSensitive, |
| 0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PrivilegeUse_Others, |
| 0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_DetailedTracking_ProcessCreation, |
| 0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_DetailedTracking_ProcessTermination, |
| 0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_DetailedTracking_DpapiActivity, |
| 0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_DetailedTracking_RpcCall, |
| 0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PolicyChange_AuditPolicy, |
| 0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PolicyChange_AuthenticationPolicy, |
| 0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PolicyChange_AuthorizationPolicy, |
| 0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PolicyChange_MpsscvRulePolicy, |
| 0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PolicyChange_WfpIPSecPolicy, |
| 0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PolicyChange_Others, |
| 0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountManagement_UserAccount, |
| 0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountManagement_ComputerAccount, |
| 0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountManagement_SecurityGroup, |
| 0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountManagement_DistributionGroup, |
| 0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountManagement_ApplicationGroup, |
| 0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountManagement_Others, |
| 0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_DSAccess_DSAccess, |
| 0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_DsAccess_AdAuditChanges, |
| 0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Ds_Replication, |
| 0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Ds_DetailedReplication, |
| 0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountLogon_CredentialValidation, |
| 0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountLogon_Kerberos, |
| 0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountLogon_Others, |
| 0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountLogon_KerbCredentialValidation, |
| 0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon_NPS, |
| 0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_DetailedFileShare, |
| 0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_RemovableStorage, |
| 0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess_CbacStaging, |
| 0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon_Claims, |
| 0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_System, |
| 0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_Logon, |
| 0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_ObjectAccess, |
| 0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PrivilegeUse, |
| 0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_DetailedTracking, |
| 0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_PolicyChange, |
| 0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountManagement, |
| 0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_DirectoryServiceAccess, |
| 0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| DEFINE_GUID!{Audit_AccountLogon, |
| 0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30} |
| ENUM!{enum POLICY_AUDIT_EVENT_TYPE { |
| AuditCategorySystem = 0, |
| AuditCategoryLogon, |
| AuditCategoryObjectAccess, |
| AuditCategoryPrivilegeUse, |
| AuditCategoryDetailedTracking, |
| AuditCategoryPolicyChange, |
| AuditCategoryAccountManagement, |
| AuditCategoryDirectoryServiceAccess, |
| AuditCategoryAccountLogon, |
| }} |
| pub type PPOLICY_AUDIT_EVENT_TYPE = *mut POLICY_AUDIT_EVENT_TYPE; |
| pub const POLICY_AUDIT_EVENT_UNCHANGED: POLICY_AUDIT_EVENT_OPTIONS = 0x00000000; |
| pub const POLICY_AUDIT_EVENT_SUCCESS: POLICY_AUDIT_EVENT_OPTIONS = 0x00000001; |
| pub const POLICY_AUDIT_EVENT_FAILURE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000002; |
| pub const POLICY_AUDIT_EVENT_NONE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000004; |
| pub const POLICY_AUDIT_EVENT_MASK: POLICY_AUDIT_EVENT_OPTIONS = POLICY_AUDIT_EVENT_SUCCESS |
| | POLICY_AUDIT_EVENT_FAILURE | POLICY_AUDIT_EVENT_UNCHANGED | POLICY_AUDIT_EVENT_NONE; |
| pub const POLICY_VIEW_LOCAL_INFORMATION: ACCESS_MASK = 0x00000001; |
| pub const POLICY_VIEW_AUDIT_INFORMATION: ACCESS_MASK = 0x00000002; |
| pub const POLICY_GET_PRIVATE_INFORMATION: ACCESS_MASK = 0x00000004; |
| pub const POLICY_TRUST_ADMIN: ACCESS_MASK = 0x00000008; |
| pub const POLICY_CREATE_ACCOUNT: ACCESS_MASK = 0x00000010; |
| pub const POLICY_CREATE_SECRET: ACCESS_MASK = 0x00000020; |
| pub const POLICY_CREATE_PRIVILEGE: ACCESS_MASK = 0x00000040; |
| pub const POLICY_SET_DEFAULT_QUOTA_LIMITS: ACCESS_MASK = 0x00000080; |
| pub const POLICY_SET_AUDIT_REQUIREMENTS: ACCESS_MASK = 0x00000100; |
| pub const POLICY_AUDIT_LOG_ADMIN: ACCESS_MASK = 0x00000200; |
| pub const POLICY_SERVER_ADMIN: ACCESS_MASK = 0x00000400; |
| pub const POLICY_LOOKUP_NAMES: ACCESS_MASK = 0x00000800; |
| pub const POLICY_NOTIFICATION: ACCESS_MASK = 0x00001000; |
| pub const POLICY_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED |
| | POLICY_VIEW_LOCAL_INFORMATION | POLICY_VIEW_AUDIT_INFORMATION |
| | POLICY_GET_PRIVATE_INFORMATION | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT |
| | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS |
| | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN |
| | POLICY_LOOKUP_NAMES; |
| pub const POLICY_READ: ACCESS_MASK = STANDARD_RIGHTS_READ | POLICY_VIEW_AUDIT_INFORMATION |
| | POLICY_GET_PRIVATE_INFORMATION; |
| pub const POLICY_WRITE: ACCESS_MASK = STANDARD_RIGHTS_WRITE | POLICY_TRUST_ADMIN |
| | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE |
| | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN |
| | POLICY_SERVER_ADMIN; |
| pub const POLICY_EXECUTE: ACCESS_MASK = STANDARD_RIGHTS_EXECUTE |
| | POLICY_VIEW_LOCAL_INFORMATION | POLICY_LOOKUP_NAMES; |
| STRUCT!{struct LSA_TRANSLATED_SID { |
| Use: SID_NAME_USE, |
| RelativeId: ULONG, |
| DomainIndex: LONG, |
| }} |
| pub type PLSA_TRANSLATED_SID = *mut LSA_TRANSLATED_SID; |
| ENUM!{enum POLICY_LSA_SERVER_ROLE { |
| PolicyServerRoleBackup = 2, |
| PolicyServerRolePrimary, |
| }} |
| pub type PPOLICY_LSA_SERVER_ROLE = *mut POLICY_LSA_SERVER_ROLE; |
| pub type POLICY_AUDIT_EVENT_OPTIONS = ULONG; |
| pub type PPOLICY_AUDIT_EVENT_OPTIONS = *mut ULONG; |
| ENUM!{enum POLICY_INFORMATION_CLASS { |
| PolicyAuditLogInformation = 1, |
| PolicyAuditEventsInformation, |
| PolicyPrimaryDomainInformation, |
| PolicyPdAccountInformation, |
| PolicyAccountDomainInformation, |
| PolicyLsaServerRoleInformation, |
| PolicyReplicaSourceInformation, |
| PolicyDefaultQuotaInformation, |
| PolicyModificationInformation, |
| PolicyAuditFullSetInformation, |
| PolicyAuditFullQueryInformation, |
| PolicyDnsDomainInformation, |
| PolicyDnsDomainInformationInt, |
| PolicyLocalAccountDomainInformation, |
| PolicyLastEntry, |
| }} |
| pub type PPOLICY_INFORMATION_CLASS = *mut POLICY_INFORMATION_CLASS; |
| STRUCT!{struct POLICY_AUDIT_LOG_INFO { |
| AuditLogPercentFull: ULONG, |
| MaximumLogSize: ULONG, |
| AuditRetentionPeriod: LARGE_INTEGER, |
| AuditLogFullShutdownInProgress: BOOLEAN, |
| TimeToShutdown: LARGE_INTEGER, |
| NextAuditRecordId: ULONG, |
| }} |
| pub type PPOLICY_AUDIT_LOG_INFO = *mut POLICY_AUDIT_LOG_INFO; |
| STRUCT!{struct POLICY_AUDIT_EVENTS_INFO { |
| AuditingMode: BOOLEAN, |
| EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS, |
| MaximumAuditEventCount: ULONG, |
| }} |
| pub type PPOLICY_AUDIT_EVENTS_INFO = *mut POLICY_AUDIT_EVENTS_INFO; |
| STRUCT!{struct POLICY_AUDIT_SUBCATEGORIES_INFO { |
| MaximumSubCategoryCount: ULONG, |
| EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS, |
| }} |
| pub type PPOLICY_AUDIT_SUBCATEGORIES_INFO = *mut POLICY_AUDIT_SUBCATEGORIES_INFO; |
| STRUCT!{struct POLICY_AUDIT_CATEGORIES_INFO { |
| MaximumSubCategoryCount: ULONG, |
| SubCategoriesInfo: PPOLICY_AUDIT_SUBCATEGORIES_INFO, |
| }} |
| pub type PPOLICY_AUDIT_CATEGORIES_INFO = *mut POLICY_AUDIT_CATEGORIES_INFO; |
| pub const PER_USER_POLICY_UNCHANGED: ULONG = 0x00; |
| pub const PER_USER_AUDIT_SUCCESS_INCLUDE: ULONG = 0x01; |
| pub const PER_USER_AUDIT_SUCCESS_EXCLUDE: ULONG = 0x02; |
| pub const PER_USER_AUDIT_FAILURE_INCLUDE: ULONG = 0x04; |
| pub const PER_USER_AUDIT_FAILURE_EXCLUDE: ULONG = 0x08; |
| pub const PER_USER_AUDIT_NONE: ULONG = 0x10; |
| pub const VALID_PER_USER_AUDIT_POLICY_FLAG: ULONG = PER_USER_AUDIT_SUCCESS_INCLUDE |
| | PER_USER_AUDIT_SUCCESS_EXCLUDE | PER_USER_AUDIT_FAILURE_INCLUDE |
| | PER_USER_AUDIT_FAILURE_EXCLUDE | PER_USER_AUDIT_NONE; |
| STRUCT!{struct POLICY_PRIMARY_DOMAIN_INFO { |
| Name: LSA_UNICODE_STRING, |
| Sid: PSID, |
| }} |
| pub type PPOLICY_PRIMARY_DOMAIN_INFO = *mut POLICY_PRIMARY_DOMAIN_INFO; |
| STRUCT!{struct POLICY_PD_ACCOUNT_INFO { |
| Name: LSA_UNICODE_STRING, |
| }} |
| pub type PPOLICY_PD_ACCOUNT_INFO = *mut POLICY_PD_ACCOUNT_INFO; |
| STRUCT!{struct POLICY_LSA_SERVER_ROLE_INFO { |
| LsaServerRole: POLICY_LSA_SERVER_ROLE, |
| }} |
| pub type PPOLICY_LSA_SERVER_ROLE_INFO = *mut POLICY_LSA_SERVER_ROLE_INFO; |
| STRUCT!{struct POLICY_REPLICA_SOURCE_INFO { |
| ReplicaSource: LSA_UNICODE_STRING, |
| ReplicaAccountName: LSA_UNICODE_STRING, |
| }} |
| pub type PPOLICY_REPLICA_SOURCE_INFO = *mut POLICY_REPLICA_SOURCE_INFO; |
| STRUCT!{struct POLICY_DEFAULT_QUOTA_INFO { |
| QuotaLimits: QUOTA_LIMITS, |
| }} |
| pub type PPOLICY_DEFAULT_QUOTA_INFO = *mut POLICY_DEFAULT_QUOTA_INFO; |
| STRUCT!{struct POLICY_MODIFICATION_INFO { |
| ModifiedId: LARGE_INTEGER, |
| DatabaseCreationTime: LARGE_INTEGER, |
| }} |
| pub type PPOLICY_MODIFICATION_INFO = *mut POLICY_MODIFICATION_INFO; |
| STRUCT!{struct POLICY_AUDIT_FULL_SET_INFO { |
| ShutDownOnFull: BOOLEAN, |
| }} |
| pub type PPOLICY_AUDIT_FULL_SET_INFO = *mut POLICY_AUDIT_FULL_SET_INFO; |
| STRUCT!{struct POLICY_AUDIT_FULL_QUERY_INFO { |
| ShutDownOnFull: BOOLEAN, |
| LogIsFull: BOOLEAN, |
| }} |
| pub type PPOLICY_AUDIT_FULL_QUERY_INFO = *mut POLICY_AUDIT_FULL_QUERY_INFO; |
| ENUM!{enum POLICY_DOMAIN_INFORMATION_CLASS { |
| PolicyDomainEfsInformation = 2, |
| PolicyDomainKerberosTicketInformation, |
| }} |
| pub type PPOLICY_DOMAIN_INFORMATION_CLASS = *mut POLICY_DOMAIN_INFORMATION_CLASS; |
| STRUCT!{struct POLICY_DOMAIN_EFS_INFO { |
| InfoLength: ULONG, |
| EfsBlob: PUCHAR, |
| }} |
| pub type PPOLICY_DOMAIN_EFS_INFO = *mut POLICY_DOMAIN_EFS_INFO; |
| STRUCT!{struct POLICY_DOMAIN_KERBEROS_TICKET_INFO { |
| AuthenticationOptions: ULONG, |
| MaxServiceTicketAge: LARGE_INTEGER, |
| MaxTicketAge: LARGE_INTEGER, |
| MaxRenewAge: LARGE_INTEGER, |
| MaxClockSkew: LARGE_INTEGER, |
| Reserved: LARGE_INTEGER, |
| }} |
| pub type PPOLICY_DOMAIN_KERBEROS_TICKET_INFO = *mut POLICY_DOMAIN_KERBEROS_TICKET_INFO; |
| ENUM!{enum POLICY_NOTIFICATION_INFORMATION_CLASS { |
| PolicyNotifyAuditEventsInformation = 1, |
| PolicyNotifyAccountDomainInformation, |
| PolicyNotifyServerRoleInformation, |
| PolicyNotifyDnsDomainInformation, |
| PolicyNotifyDomainEfsInformation, |
| PolicyNotifyDomainKerberosTicketInformation, |
| PolicyNotifyMachineAccountPasswordInformation, |
| PolicyNotifyGlobalSaclInformation, |
| PolicyNotifyMax, |
| }} |
| pub type PPOLICY_NOTIFICATION_INFORMATION_CLASS = *mut POLICY_NOTIFICATION_INFORMATION_CLASS; |
| pub type LSA_HANDLE = PVOID; |
| pub type PLSA_HANDLE = *mut PVOID; |
| ENUM!{enum TRUSTED_INFORMATION_CLASS { |
| TrustedDomainNameInformation = 1, |
| TrustedControllersInformation, |
| TrustedPosixOffsetInformation, |
| TrustedPasswordInformation, |
| TrustedDomainInformationBasic, |
| TrustedDomainInformationEx, |
| TrustedDomainAuthInformation, |
| TrustedDomainFullInformation, |
| TrustedDomainAuthInformationInternal, |
| TrustedDomainFullInformationInternal, |
| TrustedDomainInformationEx2Internal, |
| TrustedDomainFullInformation2Internal, |
| TrustedDomainSupportedEncryptionTypes, |
| }} |
| pub type PTRUSTED_INFORMATION_CLASS = *mut TRUSTED_INFORMATION_CLASS; |
| STRUCT!{struct TRUSTED_DOMAIN_NAME_INFO { |
| Name: LSA_UNICODE_STRING, |
| }} |
| pub type PTRUSTED_DOMAIN_NAME_INFO = *mut TRUSTED_DOMAIN_NAME_INFO; |
| STRUCT!{struct TRUSTED_CONTROLLERS_INFO { |
| Entries: ULONG, |
| Names: PLSA_UNICODE_STRING, |
| }} |
| pub type PTRUSTED_CONTROLLERS_INFO = *mut TRUSTED_CONTROLLERS_INFO; |
| STRUCT!{struct TRUSTED_POSIX_OFFSET_INFO { |
| Offset: ULONG, |
| }} |
| pub type PTRUSTED_POSIX_OFFSET_INFO = *mut TRUSTED_POSIX_OFFSET_INFO; |
| STRUCT!{struct TRUSTED_PASSWORD_INFO { |
| Password: LSA_UNICODE_STRING, |
| OldPassword: LSA_UNICODE_STRING, |
| }} |
| pub type PTRUSTED_PASSWORD_INFO = *mut TRUSTED_PASSWORD_INFO; |
| pub type TRUSTED_DOMAIN_INFORMATION_BASIC = LSA_TRUST_INFORMATION; |
| pub type PTRUSTED_DOMAIN_INFORMATION_BASIC = PLSA_TRUST_INFORMATION; |
| pub const TRUST_DIRECTION_DISABLED: ULONG = 0x00000000; |
| pub const TRUST_DIRECTION_INBOUND: ULONG = 0x00000001; |
| pub const TRUST_DIRECTION_OUTBOUND: ULONG = 0x00000002; |
| pub const TRUST_DIRECTION_BIDIRECTIONAL: ULONG = TRUST_DIRECTION_INBOUND |
| | TRUST_DIRECTION_OUTBOUND; |
| pub const TRUST_TYPE_DOWNLEVEL: ULONG = 0x00000001; |
| pub const TRUST_TYPE_UPLEVEL: ULONG = 0x00000002; |
| pub const TRUST_TYPE_MIT: ULONG = 0x00000003; |
| pub const TRUST_ATTRIBUTE_NON_TRANSITIVE: ULONG = 0x00000001; |
| pub const TRUST_ATTRIBUTE_UPLEVEL_ONLY: ULONG = 0x00000002; |
| pub const TRUST_ATTRIBUTE_QUARANTINED_DOMAIN: ULONG = 0x00000004; |
| pub const TRUST_ATTRIBUTE_FOREST_TRANSITIVE: ULONG = 0x00000008; |
| pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION: ULONG = 0x00000010; |
| pub const TRUST_ATTRIBUTE_WITHIN_FOREST: ULONG = 0x00000020; |
| pub const TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL: ULONG = 0x00000040; |
| pub const TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION: ULONG = 0x00000080; |
| pub const TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS: ULONG = 0x00000100; |
| pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION: ULONG = 0x00000200; |
| pub const TRUST_ATTRIBUTES_VALID: ULONG = 0xFF03FFFF; |
| pub const TRUST_ATTRIBUTES_USER: ULONG = 0xFF000000; |
| STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX { |
| Name: LSA_UNICODE_STRING, |
| FlatName: LSA_UNICODE_STRING, |
| Sid: PSID, |
| TrustDirection: ULONG, |
| TrustType: ULONG, |
| TrustAttributes: ULONG, |
| }} |
| pub type PTRUSTED_DOMAIN_INFORMATION_EX = *mut TRUSTED_DOMAIN_INFORMATION_EX; |
| STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX2 { |
| Name: LSA_UNICODE_STRING, |
| FlatName: LSA_UNICODE_STRING, |
| Sid: PSID, |
| TrustDirection: ULONG, |
| TrustType: ULONG, |
| TrustAttributes: ULONG, |
| ForestTrustLength: ULONG, |
| ForestTrustInfo: PUCHAR, |
| }} |
| pub type PTRUSTED_DOMAIN_INFORMATION_EX2 = *mut TRUSTED_DOMAIN_INFORMATION_EX2; |
| pub const TRUST_AUTH_TYPE_NONE: ULONG = 0; |
| pub const TRUST_AUTH_TYPE_NT4OWF: ULONG = 1; |
| pub const TRUST_AUTH_TYPE_CLEAR: ULONG = 2; |
| pub const TRUST_AUTH_TYPE_VERSION: ULONG = 3; |
| STRUCT!{struct LSA_AUTH_INFORMATION { |
| LastUpdateTime: LARGE_INTEGER, |
| AuthType: ULONG, |
| AuthInfoLength: ULONG, |
| AuthInfo: PUCHAR, |
| }} |
| pub type PLSA_AUTH_INFORMATION = *mut LSA_AUTH_INFORMATION; |
| STRUCT!{struct TRUSTED_DOMAIN_AUTH_INFORMATION { |
| IncomingAuthInfos: ULONG, |
| IncomingAuthenticationInformation: PLSA_AUTH_INFORMATION, |
| IncomingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION, |
| OutgoingAuthInfos: ULONG, |
| OutgoingAuthenticationInformation: PLSA_AUTH_INFORMATION, |
| OutgoingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION, |
| }} |
| pub type PTRUSTED_DOMAIN_AUTH_INFORMATION = *mut TRUSTED_DOMAIN_AUTH_INFORMATION; |
| STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION { |
| Information: TRUSTED_DOMAIN_INFORMATION_EX, |
| PosixOffset: TRUSTED_POSIX_OFFSET_INFO, |
| AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION, |
| }} |
| pub type PTRUSTED_DOMAIN_FULL_INFORMATION = *mut TRUSTED_DOMAIN_FULL_INFORMATION; |
| STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION2 { |
| Information: TRUSTED_DOMAIN_INFORMATION_EX2, |
| PosixOffset: TRUSTED_POSIX_OFFSET_INFO, |
| AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION, |
| }} |
| pub type PTRUSTED_DOMAIN_FULL_INFORMATION2 = *mut TRUSTED_DOMAIN_FULL_INFORMATION2; |
| STRUCT!{struct TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES { |
| SupportedEncryptionTypes: ULONG, |
| }} |
| pub type PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES = |
| *mut TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES; |
| ENUM!{enum LSA_FOREST_TRUST_RECORD_TYPE { |
| ForestTrustTopLevelName, |
| ForestTrustTopLevelNameEx, |
| ForestTrustDomainInfo, |
| ForestTrustRecordTypeLast, // = ForestTrustDomainInfo, |
| }} |
| pub const LSA_FTRECORD_DISABLED_REASONS: ULONG = 0x0000FFFF; |
| pub const LSA_TLN_DISABLED_NEW: ULONG = 0x00000001; |
| pub const LSA_TLN_DISABLED_ADMIN: ULONG = 0x00000002; |
| pub const LSA_TLN_DISABLED_CONFLICT: ULONG = 0x00000004; |
| pub const LSA_SID_DISABLED_ADMIN: ULONG = 0x00000001; |
| pub const LSA_SID_DISABLED_CONFLICT: ULONG = 0x00000002; |
| pub const LSA_NB_DISABLED_ADMIN: ULONG = 0x00000004; |
| pub const LSA_NB_DISABLED_CONFLICT: ULONG = 0x00000008; |
| STRUCT!{struct LSA_FOREST_TRUST_DOMAIN_INFO { |
| Sid: PSID, |
| DnsName: LSA_UNICODE_STRING, |
| NetbiosName: LSA_UNICODE_STRING, |
| }} |
| pub type PLSA_FOREST_TRUST_DOMAIN_INFO = *mut LSA_FOREST_TRUST_DOMAIN_INFO; |
| pub const MAX_FOREST_TRUST_BINARY_DATA_SIZE: ULONG = 128 * 1024; |
| STRUCT!{struct LSA_FOREST_TRUST_BINARY_DATA { |
| Length: ULONG, |
| Buffer: PUCHAR, |
| }} |
| pub type PLSA_FOREST_TRUST_BINARY_DATA = *mut LSA_FOREST_TRUST_BINARY_DATA; |
| UNION!{union LSA_FOREST_TRUST_RECORD_ForestTrustData { |
| [usize; 5], |
| TopLevelName TopLevelName_mut: LSA_UNICODE_STRING, |
| DomainInfo DomainInfo_mut: LSA_FOREST_TRUST_DOMAIN_INFO, |
| Data Data_mut: LSA_FOREST_TRUST_BINARY_DATA, |
| }} |
| STRUCT!{struct LSA_FOREST_TRUST_RECORD { |
| Flags: ULONG, |
| ForestTrustType: LSA_FOREST_TRUST_RECORD_TYPE, |
| Time: LARGE_INTEGER, |
| ForestTrustData: LSA_FOREST_TRUST_RECORD_ForestTrustData, |
| }} |
| pub type PLSA_FOREST_TRUST_RECORD = *mut LSA_FOREST_TRUST_RECORD; |
| pub const MAX_RECORDS_IN_FOREST_TRUST_INFO: ULONG = 4000; |
| STRUCT!{struct LSA_FOREST_TRUST_INFORMATION { |
| RecordCount: ULONG, |
| Entries: *mut PLSA_FOREST_TRUST_RECORD, |
| }} |
| pub type PLSA_FOREST_TRUST_INFORMATION = *mut LSA_FOREST_TRUST_INFORMATION; |
| ENUM!{enum LSA_FOREST_TRUST_COLLISION_RECORD_TYPE { |
| CollisionTdo, |
| CollisionXref, |
| CollisionOther, |
| }} |
| STRUCT!{struct LSA_FOREST_TRUST_COLLISION_RECORD { |
| Index: ULONG, |
| Type: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE, |
| Flags: ULONG, |
| Name: LSA_UNICODE_STRING, |
| }} |
| pub type PLSA_FOREST_TRUST_COLLISION_RECORD = *mut LSA_FOREST_TRUST_COLLISION_RECORD; |
| STRUCT!{struct LSA_FOREST_TRUST_COLLISION_INFORMATION { |
| RecordCount: ULONG, |
| Entries: *mut PLSA_FOREST_TRUST_COLLISION_RECORD, |
| }} |
| pub type PLSA_FOREST_TRUST_COLLISION_INFORMATION = *mut LSA_FOREST_TRUST_COLLISION_INFORMATION; |
| pub type LSA_ENUMERATION_HANDLE = ULONG; |
| pub type PLSA_ENUMERATION_HANDLE = *mut ULONG; |
| STRUCT!{struct LSA_ENUMERATION_INFORMATION { |
| Sid: PSID, |
| }} |
| pub type PLSA_ENUMERATION_INFORMATION = *mut LSA_ENUMERATION_INFORMATION; |
| STRUCT!{struct LSA_LAST_INTER_LOGON_INFO { |
| LastSuccessfulLogon: LARGE_INTEGER, |
| LastFailedLogon: LARGE_INTEGER, |
| FailedAttemptCountSinceLastSuccessfulLogon: ULONG, |
| }} |
| pub type PLSA_LAST_INTER_LOGON_INFO = *mut LSA_LAST_INTER_LOGON_INFO; |
| STRUCT!{struct SECURITY_LOGON_SESSION_DATA { |
| Size: ULONG, |
| LogonId: LUID, |
| UserName: LSA_UNICODE_STRING, |
| LogonDomain: LSA_UNICODE_STRING, |
| AuthenticationPackage: LSA_UNICODE_STRING, |
| LogonType: ULONG, |
| Session: ULONG, |
| Sid: PSID, |
| LogonTime: LARGE_INTEGER, |
| LogonServer: LSA_UNICODE_STRING, |
| DnsDomainName: LSA_UNICODE_STRING, |
| Upn: LSA_UNICODE_STRING, |
| UserFlags: ULONG, |
| LastLogonInfo: LSA_LAST_INTER_LOGON_INFO, |
| LogonScript: LSA_UNICODE_STRING, |
| ProfilePath: LSA_UNICODE_STRING, |
| HomeDirectory: LSA_UNICODE_STRING, |
| HomeDirectoryDrive: LSA_UNICODE_STRING, |
| LogoffTime: LARGE_INTEGER, |
| KickOffTime: LARGE_INTEGER, |
| PasswordLastSet: LARGE_INTEGER, |
| PasswordCanChange: LARGE_INTEGER, |
| PasswordMustChange: LARGE_INTEGER, |
| }} |
| pub type PSECURITY_LOGON_SESSION_DATA = *mut SECURITY_LOGON_SESSION_DATA; |
| pub const CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000001; |
| pub const CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000100; |
| pub const CENTRAL_ACCESS_POLICY_STAGED_FLAG: ULONG = 0x00010000; |
| pub const CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK: ULONG = |
| CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG |
| | CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG |
| | CENTRAL_ACCESS_POLICY_STAGED_FLAG; |
| pub const LSASETCAPS_RELOAD_FLAG: ULONG = 0x00000001; |
| pub const LSASETCAPS_VALID_FLAG_MASK: ULONG = LSASETCAPS_RELOAD_FLAG; |
| STRUCT!{struct CENTRAL_ACCESS_POLICY_ENTRY { |
| Name: LSA_UNICODE_STRING, |
| Description: LSA_UNICODE_STRING, |
| ChangeId: LSA_UNICODE_STRING, |
| LengthAppliesTo: ULONG, |
| AppliesTo: PUCHAR, |
| LengthSD: ULONG, |
| SD: PSECURITY_DESCRIPTOR, |
| LengthStagedSD: ULONG, |
| StagedSD: PSECURITY_DESCRIPTOR, |
| Flags: ULONG, |
| }} |
| pub type PCENTRAL_ACCESS_POLICY_ENTRY = *mut CENTRAL_ACCESS_POLICY_ENTRY; |
| pub type PCCENTRAL_ACCESS_POLICY_ENTRY = *const CENTRAL_ACCESS_POLICY_ENTRY; |
| STRUCT!{struct CENTRAL_ACCESS_POLICY { |
| CAPID: PSID, |
| Name: LSA_UNICODE_STRING, |
| Description: LSA_UNICODE_STRING, |
| ChangeId: LSA_UNICODE_STRING, |
| Flags: ULONG, |
| CAPECount: ULONG, |
| CAPEs: *mut PCENTRAL_ACCESS_POLICY_ENTRY, |
| }} |
| pub type PCENTRAL_ACCESS_POLICY = *mut CENTRAL_ACCESS_POLICY; |
| pub type PCCENTRAL_ACCESS_POLICY = *const CENTRAL_ACCESS_POLICY; |
| ENUM!{enum NEGOTIATE_MESSAGES { |
| NegEnumPackagePrefixes = 0, |
| NegGetCallerName = 1, |
| NegTransferCredentials = 2, |
| NegCallPackageMax, |
| }} |
| pub const NEGOTIATE_MAX_PREFIX: usize = 32; |
| STRUCT!{struct NEGOTIATE_PACKAGE_PREFIX { |
| PackageId: ULONG_PTR, |
| PackageDataA: PVOID, |
| PackageDataW: PVOID, |
| PrefixLen: ULONG_PTR, |
| Prefix: [UCHAR; NEGOTIATE_MAX_PREFIX], |
| }} |
| pub type PNEGOTIATE_PACKAGE_PREFIX = *mut NEGOTIATE_PACKAGE_PREFIX; |
| STRUCT!{struct NEGOTIATE_PACKAGE_PREFIXES { |
| MessageType: ULONG, |
| PrefixCount: ULONG, |
| Offset: ULONG, |
| Pad: ULONG, |
| }} |
| pub type PNEGOTIATE_PACKAGE_PREFIXES = *mut NEGOTIATE_PACKAGE_PREFIXES; |
| STRUCT!{struct NEGOTIATE_CALLER_NAME_REQUEST { |
| MessageType: ULONG, |
| LogonId: LUID, |
| }} |
| pub type PNEGOTIATE_CALLER_NAME_REQUEST = *mut NEGOTIATE_CALLER_NAME_REQUEST; |
| STRUCT!{struct NEGOTIATE_CALLER_NAME_RESPONSE { |
| MessageType: ULONG, |
| CallerName: PWSTR, |
| }} |
| pub type PNEGOTIATE_CALLER_NAME_RESPONSE = *mut NEGOTIATE_CALLER_NAME_RESPONSE; |
| STRUCT!{struct DOMAIN_PASSWORD_INFORMATION { |
| MinPasswordLength: USHORT, |
| PasswordHistoryLength: USHORT, |
| PasswordProperties: ULONG, |
| MaxPasswordAge: LARGE_INTEGER, |
| MinPasswordAge: LARGE_INTEGER, |
| }} |
| pub type PDOMAIN_PASSWORD_INFORMATION = *mut DOMAIN_PASSWORD_INFORMATION; |
| pub const DOMAIN_PASSWORD_COMPLEX: ULONG = 0x00000001; |
| pub const DOMAIN_PASSWORD_NO_ANON_CHANGE: ULONG = 0x00000002; |
| pub const DOMAIN_PASSWORD_NO_CLEAR_CHANGE: ULONG = 0x00000004; |
| pub const DOMAIN_LOCKOUT_ADMINS: ULONG = 0x00000008; |
| pub const DOMAIN_PASSWORD_STORE_CLEARTEXT: ULONG = 0x00000010; |
| pub const DOMAIN_REFUSE_PASSWORD_CHANGE: ULONG = 0x00000020; |
| pub const DOMAIN_NO_LM_OWF_CHANGE: ULONG = 0x00000040; |
| FN!{stdcall PSAM_PASSWORD_NOTIFICATION_ROUTINE( |
| UserName: PUNICODE_STRING, |
| RelativeId: ULONG, |
| NewPassword: PUNICODE_STRING, |
| ) -> NTSTATUS} |
| FN!{stdcall PSAM_INIT_NOTIFICATION_ROUTINE() -> BOOLEAN} |
| FN!{stdcall PSAM_PASSWORD_FILTER_ROUTINE( |
| AccountName: PUNICODE_STRING, |
| FullName: PUNICODE_STRING, |
| Password: PUNICODE_STRING, |
| SetOperation: BOOLEAN, |
| ) -> BOOLEAN} |
| ENUM!{enum MSV1_0_LOGON_SUBMIT_TYPE { |
| MsV1_0InteractiveLogon = 2, |
| MsV1_0Lm20Logon, |
| MsV1_0NetworkLogon, |
| MsV1_0SubAuthLogon, |
| MsV1_0WorkstationUnlockLogon = 7, |
| MsV1_0S4ULogon = 12, |
| MsV1_0VirtualLogon = 82, |
| MsV1_0NoElevationLogon = 83, |
| MsV1_0LuidLogon = 84, |
| }} |
| pub type PMSV1_0_LOGON_SUBMIT_TYPE = *mut MSV1_0_LOGON_SUBMIT_TYPE; |
| ENUM!{enum MSV1_0_PROFILE_BUFFER_TYPE { |
| MsV1_0InteractiveProfile = 2, |
| MsV1_0Lm20LogonProfile, |
| MsV1_0SmartCardProfile, |
| }} |
| pub type PMSV1_0_PROFILE_BUFFER_TYPE = *mut MSV1_0_PROFILE_BUFFER_TYPE; |
| STRUCT!{struct MSV1_0_INTERACTIVE_LOGON { |
| MessageType: MSV1_0_LOGON_SUBMIT_TYPE, |
| LogonDomainName: UNICODE_STRING, |
| UserName: UNICODE_STRING, |
| Password: UNICODE_STRING, |
| }} |
| pub type PMSV1_0_INTERACTIVE_LOGON = *mut MSV1_0_INTERACTIVE_LOGON; |
| STRUCT!{struct MSV1_0_INTERACTIVE_PROFILE { |
| MessageType: MSV1_0_PROFILE_BUFFER_TYPE, |
| LogonCount: USHORT, |
| BadPasswordCount: USHORT, |
| LogonTime: LARGE_INTEGER, |
| LogoffTime: LARGE_INTEGER, |
| KickOffTime: LARGE_INTEGER, |
| PasswordLastSet: LARGE_INTEGER, |
| PasswordCanChange: LARGE_INTEGER, |
| PasswordMustChange: LARGE_INTEGER, |
| LogonScript: UNICODE_STRING, |
| HomeDirectory: UNICODE_STRING, |
| FullName: UNICODE_STRING, |
| ProfilePath: UNICODE_STRING, |
| HomeDirectoryDrive: UNICODE_STRING, |
| LogonServer: UNICODE_STRING, |
| UserFlags: ULONG, |
| }} |
| pub type PMSV1_0_INTERACTIVE_PROFILE = *mut MSV1_0_INTERACTIVE_PROFILE; |
| pub const MSV1_0_CHALLENGE_LENGTH: usize = 8; |
| pub const MSV1_0_USER_SESSION_KEY_LENGTH: usize = 16; |
| pub const MSV1_0_LANMAN_SESSION_KEY_LENGTH: usize = 8; |
| pub const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED: ULONG = 0x02; |
| pub const MSV1_0_UPDATE_LOGON_STATISTICS: ULONG = 0x04; |
| pub const MSV1_0_RETURN_USER_PARAMETERS: ULONG = 0x08; |
| pub const MSV1_0_DONT_TRY_GUEST_ACCOUNT: ULONG = 0x10; |
| pub const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT: ULONG = 0x20; |
| pub const MSV1_0_RETURN_PASSWORD_EXPIRY: ULONG = 0x40; |
| pub const MSV1_0_USE_CLIENT_CHALLENGE: ULONG = 0x80; |
| pub const MSV1_0_TRY_GUEST_ACCOUNT_ONLY: ULONG = 0x100; |
| pub const MSV1_0_RETURN_PROFILE_PATH: ULONG = 0x200; |
| pub const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY: ULONG = 0x400; |
| pub const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT: ULONG = 0x800; |
| pub const MSV1_0_DISABLE_PERSONAL_FALLBACK: ULONG = 0x00001000; |
| pub const MSV1_0_ALLOW_FORCE_GUEST: ULONG = 0x00002000; |
| pub const MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED: ULONG = 0x00004000; |
| pub const MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY: ULONG = 0x00008000; |
| pub const MSV1_0_SUBAUTHENTICATION_DLL_EX: ULONG = 0x00100000; |
| pub const MSV1_0_ALLOW_MSVCHAPV2: ULONG = 0x00010000; |
| pub const MSV1_0_S4U2SELF: ULONG = 0x00020000; |
| pub const MSV1_0_CHECK_LOGONHOURS_FOR_S4U: ULONG = 0x00040000; |
| pub const MSV1_0_INTERNET_DOMAIN: ULONG = 0x00080000; |
| pub const MSV1_0_SUBAUTHENTICATION_DLL: ULONG = 0xFF000000; |
| pub const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT: ULONG = 24; |
| pub const MSV1_0_MNS_LOGON: ULONG = 0x01000000; |
| pub const MSV1_0_SUBAUTHENTICATION_DLL_RAS: ULONG = 2; |
| pub const MSV1_0_SUBAUTHENTICATION_DLL_IIS: ULONG = 132; |
| STRUCT!{struct MSV1_0_LM20_LOGON { |
| MessageType: MSV1_0_LOGON_SUBMIT_TYPE, |
| LogonDomainName: UNICODE_STRING, |
| UserName: UNICODE_STRING, |
| Workstation: UNICODE_STRING, |
| ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH], |
| CaseSensitiveChallengeResponse: STRING, |
| CaseInsensitiveChallengeResponse: STRING, |
| ParameterControl: ULONG, |
| }} |
| pub type PMSV1_0_LM20_LOGON = *mut MSV1_0_LM20_LOGON; |
| STRUCT!{struct MSV1_0_SUBAUTH_LOGON { |
| MessageType: MSV1_0_LOGON_SUBMIT_TYPE, |
| LogonDomainName: UNICODE_STRING, |
| UserName: UNICODE_STRING, |
| Workstation: UNICODE_STRING, |
| ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH], |
| AuthenticationInfo1: STRING, |
| AuthenticationInfo2: STRING, |
| ParameterControl: ULONG, |
| SubAuthPackageId: ULONG, |
| }} |
| pub type PMSV1_0_SUBAUTH_LOGON = *mut MSV1_0_SUBAUTH_LOGON; |
| STRUCT!{struct MSV1_0_S4U_LOGON { |
| MessageType: MSV1_0_LOGON_SUBMIT_TYPE, |
| MSV1_0_LOGON_SUBMIT_TYPE: ULONG, |
| UserPrincipalName: UNICODE_STRING, |
| DomainName: UNICODE_STRING, |
| }} |
| pub type PMSV1_0_S4U_LOGON = *mut MSV1_0_S4U_LOGON; |
| pub const LOGON_GUEST: ULONG = 0x01; |
| pub const LOGON_NOENCRYPTION: ULONG = 0x02; |
| pub const LOGON_CACHED_ACCOUNT: ULONG = 0x04; |
| pub const LOGON_USED_LM_PASSWORD: ULONG = 0x08; |
| pub const LOGON_EXTRA_SIDS: ULONG = 0x20; |
| pub const LOGON_SUBAUTH_SESSION_KEY: ULONG = 0x40; |
| pub const LOGON_SERVER_TRUST_ACCOUNT: ULONG = 0x80; |
| pub const LOGON_NTLMV2_ENABLED: ULONG = 0x100; |
| pub const LOGON_RESOURCE_GROUPS: ULONG = 0x200; |
| pub const LOGON_PROFILE_PATH_RETURNED: ULONG = 0x400; |
| pub const LOGON_NT_V2: ULONG = 0x800; |
| pub const LOGON_LM_V2: ULONG = 0x1000; |
| pub const LOGON_NTLM_V2: ULONG = 0x2000; |
| pub const LOGON_OPTIMIZED: ULONG = 0x4000; |
| pub const LOGON_WINLOGON: ULONG = 0x8000; |
| pub const LOGON_PKINIT: ULONG = 0x10000; |
| pub const LOGON_NO_OPTIMIZED: ULONG = 0x20000; |
| pub const LOGON_NO_ELEVATION: ULONG = 0x40000; |
| pub const LOGON_MANAGED_SERVICE: ULONG = 0x80000; |
| pub const LOGON_GRACE_LOGON: ULONG = 0x01000000; |
| STRUCT!{struct MSV1_0_LM20_LOGON_PROFILE { |
| MessageType: MSV1_0_PROFILE_BUFFER_TYPE, |
| KickOffTime: LARGE_INTEGER, |
| LogoffTime: LARGE_INTEGER, |
| UserFlags: ULONG, |
| UserSessionKey: [UCHAR; MSV1_0_USER_SESSION_KEY_LENGTH], |
| LogonDomainName: UNICODE_STRING, |
| LanmanSessionKey: [UCHAR; MSV1_0_LANMAN_SESSION_KEY_LENGTH], |
| LogonServer: UNICODE_STRING, |
| UserParameters: UNICODE_STRING, |
| }} |
| pub type PMSV1_0_LM20_LOGON_PROFILE = *mut MSV1_0_LM20_LOGON_PROFILE; |
| pub const MSV1_0_OWF_PASSWORD_LENGTH: usize = 16; |
| STRUCT!{struct MSV1_0_SUPPLEMENTAL_CREDENTIAL { |
| Version: ULONG, |
| Flags: ULONG, |
| LmPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH], |
| NtPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH], |
| }} |
| pub type PMSV1_0_SUPPLEMENTAL_CREDENTIAL = *mut MSV1_0_SUPPLEMENTAL_CREDENTIAL; |
| pub const MSV1_0_NTLM3_RESPONSE_LENGTH: usize = 16; |
| pub const MSV1_0_NTLM3_OWF_LENGTH: usize = 16; |
| STRUCT!{struct MSV1_0_NTLM3_RESPONSE { |
| Response: [UCHAR; MSV1_0_NTLM3_RESPONSE_LENGTH], |
| RespType: UCHAR, |
| HiRespType: UCHAR, |
| Flags: USHORT, |
| MsgWord: ULONG, |
| TimeStamp: ULONGLONG, |
| ChallengeFromClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH], |
| AvPairsOff: ULONG, |
| Buffer: [UCHAR; 1], |
| }} |
| pub type PMSV1_0_NTLM3_RESPONSE = *mut MSV1_0_NTLM3_RESPONSE; |
| ENUM!{enum MSV1_0_AVID { |
| MsvAvEOL, |
| MsvAvNbComputerName, |
| MsvAvNbDomainName, |
| MsvAvDnsComputerName, |
| MsvAvDnsDomainName, |
| MsvAvDnsTreeName, |
| MsvAvFlags, |
| MsvAvTimestamp, |
| MsvAvRestrictions, |
| MsvAvTargetName, |
| MsvAvChannelBindings, |
| }} |
| STRUCT!{struct MSV1_0_AV_PAIR { |
| AvId: USHORT, |
| AvLen: USHORT, |
| }} |
| pub type PMSV1_0_AV_PAIR = *mut MSV1_0_AV_PAIR; |
| ENUM!{enum MSV1_0_PROTOCOL_MESSAGE_TYPE { |
| MsV1_0Lm20ChallengeRequest = 0, |
| MsV1_0Lm20GetChallengeResponse, |
| MsV1_0EnumerateUsers, |
| MsV1_0GetUserInfo, |
| MsV1_0ReLogonUsers, |
| MsV1_0ChangePassword, |
| MsV1_0ChangeCachedPassword, |
| MsV1_0GenericPassthrough, |
| MsV1_0CacheLogon, |
| MsV1_0SubAuth, |
| MsV1_0DeriveCredential, |
| MsV1_0CacheLookup, |
| MsV1_0SetProcessOption, |
| MsV1_0ConfigLocalAliases, |
| MsV1_0ClearCachedCredentials, |
| MsV1_0LookupToken, |
| MsV1_0ValidateAuth, |
| MsV1_0CacheLookupEx, |
| MsV1_0GetCredentialKey, |
| MsV1_0SetThreadOption, |
| }} |
| pub type PMSV1_0_PROTOCOL_MESSAGE_TYPE = *mut MSV1_0_PROTOCOL_MESSAGE_TYPE; |
| STRUCT!{struct MSV1_0_CHANGEPASSWORD_REQUEST { |
| MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE, |
| DomainName: UNICODE_STRING, |
| AccountName: UNICODE_STRING, |
| OldPassword: UNICODE_STRING, |
| NewPassword: UNICODE_STRING, |
| Impersonating: BOOLEAN, |
| }} |
| pub type PMSV1_0_CHANGEPASSWORD_REQUEST = *mut MSV1_0_CHANGEPASSWORD_REQUEST; |
| STRUCT!{struct MSV1_0_CHANGEPASSWORD_RESPONSE { |
| MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE, |
| PasswordInfoValid: BOOLEAN, |
| DomainPasswordInfo: DOMAIN_PASSWORD_INFORMATION, |
| }} |
| pub type PMSV1_0_CHANGEPASSWORD_RESPONSE = *mut MSV1_0_CHANGEPASSWORD_RESPONSE; |
| STRUCT!{struct MSV1_0_PASSTHROUGH_REQUEST { |
| MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE, |
| DomainName: UNICODE_STRING, |
| PackageName: UNICODE_STRING, |
| DataLength: ULONG, |
| LogonData: PUCHAR, |
| Pad: ULONG, |
| }} |
| pub type PMSV1_0_PASSTHROUGH_REQUEST = *mut MSV1_0_PASSTHROUGH_REQUEST; |
| STRUCT!{struct MSV1_0_PASSTHROUGH_RESPONSE { |
| MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE, |
| Pad: ULONG, |
| DataLength: ULONG, |
| ValidationData: PUCHAR, |
| }} |
| pub type PMSV1_0_PASSTHROUGH_RESPONSE = *mut MSV1_0_PASSTHROUGH_RESPONSE; |
| STRUCT!{struct MSV1_0_SUBAUTH_REQUEST { |
| MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE, |
| SubAuthPackageId: ULONG, |
| SubAuthInfoLength: ULONG, |
| SubAuthSubmitBuffer: PUCHAR, |
| }} |
| pub type PMSV1_0_SUBAUTH_REQUEST = *mut MSV1_0_SUBAUTH_REQUEST; |
| STRUCT!{struct MSV1_0_SUBAUTH_RESPONSE { |
| MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE, |
| SubAuthInfoLength: ULONG, |
| SubAuthReturnBuffer: PUCHAR, |
| }} |
| pub type PMSV1_0_SUBAUTH_RESPONSE = *mut MSV1_0_SUBAUTH_RESPONSE; |
| pub use self::SystemFunction036 as RtlGenRandom; |
| pub use self::SystemFunction040 as RtlEncryptMemory; |
| pub use self::SystemFunction041 as RtlDecryptMemory; |
| extern "system" { |
| pub fn SystemFunction036( |
| RandomBuffer: PVOID, |
| RandomBufferLength: ULONG, |
| ) -> BOOLEAN; |
| } |
| pub const RTL_ENCRYPT_MEMORY_SIZE: ULONG = 8; |
| pub const RTL_ENCRYPT_OPTION_CROSS_PROCESS: ULONG = 0x01; |
| pub const RTL_ENCRYPT_OPTION_SAME_LOGON: ULONG = 0x02; |
| extern "system" { |
| pub fn SystemFunction040( |
| Memory: PVOID, |
| MemorySize: ULONG, |
| OptionFlags: ULONG, |
| ) -> NTSTATUS; |
| pub fn SystemFunction041( |
| Memory: PVOID, |
| MemorySize: ULONG, |
| OptionFlags: ULONG, |
| ) -> NTSTATUS; |
| } |
| pub const KERBEROS_VERSION: ULONG = 5; |
| pub const KERBEROS_REVISION: ULONG = 6; |
| pub const KERB_ETYPE_NULL: LONG = 0; |
| pub const KERB_ETYPE_DES_CBC_CRC: LONG = 1; |
| pub const KERB_ETYPE_DES_CBC_MD4: LONG = 2; |
| pub const KERB_ETYPE_DES_CBC_MD5: LONG = 3; |
| pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96: LONG = 17; |
| pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96: LONG = 18; |
| pub const KERB_ETYPE_RC4_MD4: LONG = -128; |
| pub const KERB_ETYPE_RC4_PLAIN2: LONG = -129; |
| pub const KERB_ETYPE_RC4_LM: LONG = -130; |
| pub const KERB_ETYPE_RC4_SHA: LONG = -131; |
| pub const KERB_ETYPE_DES_PLAIN: LONG = -132; |
| pub const KERB_ETYPE_RC4_HMAC_OLD: LONG = -133; |
| pub const KERB_ETYPE_RC4_PLAIN_OLD: LONG = -134; |
| pub const KERB_ETYPE_RC4_HMAC_OLD_EXP: LONG = -135; |
| pub const KERB_ETYPE_RC4_PLAIN_OLD_EXP: LONG = -136; |
| pub const KERB_ETYPE_RC4_PLAIN: LONG = -140; |
| pub const KERB_ETYPE_RC4_PLAIN_EXP: LONG = -141; |
| pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN: LONG = -148; |
| pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN: LONG = -149; |
| pub const KERB_ETYPE_DSA_SHA1_CMS: LONG = 9; |
| pub const KERB_ETYPE_RSA_MD5_CMS: LONG = 10; |
| pub const KERB_ETYPE_RSA_SHA1_CMS: LONG = 11; |
| pub const KERB_ETYPE_RC2_CBC_ENV: LONG = 12; |
| pub const KERB_ETYPE_RSA_ENV: LONG = 13; |
| pub const KERB_ETYPE_RSA_ES_OEAP_ENV: LONG = 14; |
| pub const KERB_ETYPE_DES_EDE3_CBC_ENV: LONG = 15; |
| pub const KERB_ETYPE_DSA_SIGN: LONG = 8; |
| pub const KERB_ETYPE_RSA_PRIV: LONG = 9; |
| pub const KERB_ETYPE_RSA_PUB: LONG = 10; |
| pub const KERB_ETYPE_RSA_PUB_MD5: LONG = 11; |
| pub const KERB_ETYPE_RSA_PUB_SHA1: LONG = 12; |
| pub const KERB_ETYPE_PKCS7_PUB: LONG = 13; |
| pub const KERB_ETYPE_DES3_CBC_MD5: LONG = 5; |
| pub const KERB_ETYPE_DES3_CBC_SHA1: LONG = 7; |
| pub const KERB_ETYPE_DES3_CBC_SHA1_KD: LONG = 16; |
| pub const KERB_ETYPE_DES_CBC_MD5_NT: LONG = 20; |
| pub const KERB_ETYPE_RC4_HMAC_NT: LONG = 23; |
| pub const KERB_ETYPE_RC4_HMAC_NT_EXP: LONG = 24; |
| pub const KERB_CHECKSUM_NONE: LONG = 0; |
| pub const KERB_CHECKSUM_CRC32: LONG = 1; |
| pub const KERB_CHECKSUM_MD4: LONG = 2; |
| pub const KERB_CHECKSUM_KRB_DES_MAC: LONG = 4; |
| pub const KERB_CHECKSUM_KRB_DES_MAC_K: LONG = 5; |
| pub const KERB_CHECKSUM_MD5: LONG = 7; |
| pub const KERB_CHECKSUM_MD5_DES: LONG = 8; |
| pub const KERB_CHECKSUM_SHA1_NEW: LONG = 14; |
| pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128: LONG = 15; |
| pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256: LONG = 16; |
| pub const KERB_CHECKSUM_LM: LONG = -130; |
| pub const KERB_CHECKSUM_SHA1: LONG = -131; |
| pub const KERB_CHECKSUM_REAL_CRC32: LONG = -132; |
| pub const KERB_CHECKSUM_DES_MAC: LONG = -133; |
| pub const KERB_CHECKSUM_DES_MAC_MD5: LONG = -134; |
| pub const KERB_CHECKSUM_MD25: LONG = -135; |
| pub const KERB_CHECKSUM_RC4_MD5: LONG = -136; |
| pub const KERB_CHECKSUM_MD5_HMAC: LONG = -137; |
| pub const KERB_CHECKSUM_HMAC_MD5: LONG = -138; |
| pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki: LONG = -150; |
| pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki: LONG = -151; |
| pub const KERB_TICKET_FLAGS_reserved: ULONG = 0x80000000; |
| pub const KERB_TICKET_FLAGS_forwardable: ULONG = 0x40000000; |
| pub const KERB_TICKET_FLAGS_forwarded: ULONG = 0x20000000; |
| pub const KERB_TICKET_FLAGS_proxiable: ULONG = 0x10000000; |
| pub const KERB_TICKET_FLAGS_proxy: ULONG = 0x08000000; |
| pub const KERB_TICKET_FLAGS_may_postdate: ULONG = 0x04000000; |
| pub const KERB_TICKET_FLAGS_postdated: ULONG = 0x02000000; |
| pub const KERB_TICKET_FLAGS_invalid: ULONG = 0x01000000; |
| pub const KERB_TICKET_FLAGS_renewable: ULONG = 0x00800000; |
| pub const KERB_TICKET_FLAGS_initial: ULONG = 0x00400000; |
| pub const KERB_TICKET_FLAGS_pre_authent: ULONG = 0x00200000; |
| pub const KERB_TICKET_FLAGS_hw_authent: ULONG = 0x00100000; |
| pub const KERB_TICKET_FLAGS_ok_as_delegate: ULONG = 0x00040000; |
| pub const KERB_TICKET_FLAGS_name_canonicalize: ULONG = 0x00010000; |
| pub const KERB_TICKET_FLAGS_cname_in_pa_data: ULONG = 0x00040000; |
| pub const KERB_TICKET_FLAGS_enc_pa_rep: ULONG = 0x00010000; |
| pub const KERB_TICKET_FLAGS_reserved1: ULONG = 0x00000001; |
| pub const KRB_NT_UNKNOWN: LONG = 0; |
| pub const KRB_NT_PRINCIPAL: LONG = 1; |
| pub const KRB_NT_PRINCIPAL_AND_ID: LONG = -131; |
| pub const KRB_NT_SRV_INST: LONG = 2; |
| pub const KRB_NT_SRV_INST_AND_ID: LONG = -132; |
| pub const KRB_NT_SRV_HST: LONG = 3; |
| pub const KRB_NT_SRV_XHST: LONG = 4; |
| pub const KRB_NT_UID: LONG = 5; |
| pub const KRB_NT_ENTERPRISE_PRINCIPAL: LONG = 10; |
| pub const KRB_NT_WELLKNOWN: LONG = 11; |
| pub const KRB_NT_ENT_PRINCIPAL_AND_ID: LONG = -130; |
| pub const KRB_NT_MS_PRINCIPAL: LONG = -128; |
| pub const KRB_NT_MS_PRINCIPAL_AND_ID: LONG = -129; |
| pub const KRB_NT_MS_BRANCH_ID: LONG = -133; |
| pub const KRB_NT_X500_PRINCIPAL: LONG = 6; |
| pub const KERB_WRAP_NO_ENCRYPT: ULONG = 0x80000001; |
| ENUM!{enum KERB_LOGON_SUBMIT_TYPE { |
| KerbInteractiveLogon = 2, |
| KerbSmartCardLogon = 6, |
| KerbWorkstationUnlockLogon = 7, |
| KerbSmartCardUnlockLogon = 8, |
| KerbProxyLogon = 9, |
| KerbTicketLogon = 10, |
| KerbTicketUnlockLogon = 11, |
| KerbS4ULogon = 12, |
| KerbCertificateLogon = 13, |
| KerbCertificateS4ULogon = 14, |
| KerbCertificateUnlockLogon = 15, |
| KerbNoElevationLogon = 83, |
| KerbLuidLogon = 84, |
| }} |
| pub type PKERB_LOGON_SUBMIT_TYPE = *mut KERB_LOGON_SUBMIT_TYPE; |
| STRUCT!{struct KERB_INTERACTIVE_LOGON { |
| MessageType: KERB_LOGON_SUBMIT_TYPE, |
| LogonDomainName: UNICODE_STRING, |
| UserName: UNICODE_STRING, |
| Password: UNICODE_STRING, |
| }} |
| pub type PKERB_INTERACTIVE_LOGON = *mut KERB_INTERACTIVE_LOGON; |
| STRUCT!{struct KERB_INTERACTIVE_UNLOCK_LOGON { |
| Logon: KERB_INTERACTIVE_LOGON, |
| LogonId: LUID, |
| }} |
| pub type PKERB_INTERACTIVE_UNLOCK_LOGON = *mut KERB_INTERACTIVE_UNLOCK_LOGON; |
| STRUCT!{struct KERB_SMART_CARD_LOGON { |
| MessageType: KERB_LOGON_SUBMIT_TYPE, |
| Pin: UNICODE_STRING, |
| CspDataLength: ULONG, |
| CspData: PUCHAR, |
| }} |
| pub type PKERB_SMART_CARD_LOGON = *mut KERB_SMART_CARD_LOGON; |
| STRUCT!{struct KERB_SMART_CARD_UNLOCK_LOGON { |
| Logon: KERB_SMART_CARD_LOGON, |
| LogonId: LUID, |
| }} |
| pub type PKERB_SMART_CARD_UNLOCK_LOGON = *mut KERB_SMART_CARD_UNLOCK_LOGON; |
| pub const KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1; |
| pub const KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO: ULONG = 0x2; |
| STRUCT!{struct KERB_CERTIFICATE_LOGON { |
| MessageType: KERB_LOGON_SUBMIT_TYPE, |
| DomainName: UNICODE_STRING, |
| UserName: UNICODE_STRING, |
| Pin: UNICODE_STRING, |
| Flags: ULONG, |
| CspDataLength: ULONG, |
| CspData: PUCHAR, |
| }} |
| pub type PKERB_CERTIFICATE_LOGON = *mut KERB_CERTIFICATE_LOGON; |
| STRUCT!{struct KERB_CERTIFICATE_UNLOCK_LOGON { |
| Logon: KERB_CERTIFICATE_LOGON, |
| LogonId: LUID, |
| }} |
| pub type PKERB_CERTIFICATE_UNLOCK_LOGON = *mut KERB_CERTIFICATE_UNLOCK_LOGON; |
| pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1; |
| pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2; |
| pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED: ULONG = 0x4; |
| pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8; |
| STRUCT!{struct KERB_CERTIFICATE_S4U_LOGON { |
| MessageType: KERB_LOGON_SUBMIT_TYPE, |
| Flags: ULONG, |
| UserPrincipalName: UNICODE_STRING, |
| DomainName: UNICODE_STRING, |
| CertificateLength: ULONG, |
| Certificate: PUCHAR, |
| }} |
| pub type PKERB_CERTIFICATE_S4U_LOGON = *mut KERB_CERTIFICATE_S4U_LOGON; |
| STRUCT!{struct KERB_TICKET_LOGON { |
| MessageType: KERB_LOGON_SUBMIT_TYPE, |
| Flags: ULONG, |
| ServiceTicketLength: ULONG, |
| TicketGrantingTicketLength: ULONG, |
| ServiceTicket: PUCHAR, |
| TicketGrantingTicket: PUCHAR, |
| }} |
| pub type PKERB_TICKET_LOGON = *mut KERB_TICKET_LOGON; |
| STRUCT!{struct KERB_TICKET_UNLOCK_LOGON { |
| Logon: KERB_TICKET_LOGON, |
| LogonId: LUID, |
| }} |
| pub type PKERB_TICKET_UNLOCK_LOGON = *mut KERB_TICKET_UNLOCK_LOGON; |
| pub const KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2; |
| pub const KERB_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8; |
| STRUCT!{struct KERB_S4U_LOGON { |
| MessageType: KERB_LOGON_SUBMIT_TYPE, |
| Flags: ULONG, |
| ClientUpn: UNICODE_STRING, |
| ClientRealm: UNICODE_STRING, |
| }} |
| pub type PKERB_S4U_LOGON = *mut KERB_S4U_LOGON; |
| ENUM!{enum KERB_PROFILE_BUFFER_TYPE { |
| KerbInteractiveProfile = 2, |
| KerbSmartCardProfile = 4, |
| KerbTicketProfile = 6, |
| }} |
| pub type PKERB_PROFILE_BUFFER_TYPE = *mut KERB_PROFILE_BUFFER_TYPE; |
| STRUCT!{struct KERB_INTERACTIVE_PROFILE { |
| MessageType: KERB_PROFILE_BUFFER_TYPE, |
| LogonCount: USHORT, |
| BadPasswordCount: USHORT, |
| LogonTime: LARGE_INTEGER, |
| LogoffTime: LARGE_INTEGER, |
| KickOffTime: LARGE_INTEGER, |
| PasswordLastSet: LARGE_INTEGER, |
| PasswordCanChange: LARGE_INTEGER, |
| PasswordMustChange: LARGE_INTEGER, |
| LogonScript: UNICODE_STRING, |
| HomeDirectory: UNICODE_STRING, |
| FullName: UNICODE_STRING, |
| ProfilePath: UNICODE_STRING, |
| HomeDirectoryDrive: UNICODE_STRING, |
| LogonServer: UNICODE_STRING, |
| UserFlags: ULONG, |
| }} |
| pub type PKERB_INTERACTIVE_PROFILE = *mut KERB_INTERACTIVE_PROFILE; |
| STRUCT!{struct KERB_SMART_CARD_PROFILE { |
| Profile: KERB_INTERACTIVE_PROFILE, |
| CertificateSize: ULONG, |
| CertificateData: PUCHAR, |
| }} |
| pub type PKERB_SMART_CARD_PROFILE = *mut KERB_SMART_CARD_PROFILE; |
| STRUCT!{struct KERB_CRYPTO_KEY { |
| KeyType: LONG, |
| Length: ULONG, |
| Value: PUCHAR, |
| }} |
| pub type PKERB_CRYPTO_KEY = *mut KERB_CRYPTO_KEY; |
| STRUCT!{struct KERB_CRYPTO_KEY32 { |
| KeyType: LONG, |
| Length: ULONG, |
| Offset: ULONG, |
| }} |
| pub type PKERB_CRYPTO_KEY32 = *mut KERB_CRYPTO_KEY32; |
| STRUCT!{struct KERB_TICKET_PROFILE { |
| Profile: KERB_INTERACTIVE_PROFILE, |
| SessionKey: KERB_CRYPTO_KEY, |
| }} |
| pub type PKERB_TICKET_PROFILE = *mut KERB_TICKET_PROFILE; |
| ENUM!{enum KERB_PROTOCOL_MESSAGE_TYPE { |
| KerbDebugRequestMessage = 0, |
| KerbQueryTicketCacheMessage, |
| KerbChangeMachinePasswordMessage, |
| KerbVerifyPacMessage, |
| KerbRetrieveTicketMessage, |
| KerbUpdateAddressesMessage, |
| KerbPurgeTicketCacheMessage, |
| KerbChangePasswordMessage, |
| KerbRetrieveEncodedTicketMessage, |
| KerbDecryptDataMessage, |
| KerbAddBindingCacheEntryMessage, |
| KerbSetPasswordMessage, |
| KerbSetPasswordExMessage, |
| KerbVerifyCredentialsMessage, |
| KerbQueryTicketCacheExMessage, |
| KerbPurgeTicketCacheExMessage, |
| KerbRefreshSmartcardCredentialsMessage, |
| KerbAddExtraCredentialsMessage, |
| KerbQuerySupplementalCredentialsMessage, |
| KerbTransferCredentialsMessage, |
| KerbQueryTicketCacheEx2Message, |
| KerbSubmitTicketMessage, |
| KerbAddExtraCredentialsExMessage, |
| KerbQueryKdcProxyCacheMessage, |
| KerbPurgeKdcProxyCacheMessage, |
| KerbQueryTicketCacheEx3Message, |
| KerbCleanupMachinePkinitCredsMessage, |
| KerbAddBindingCacheEntryExMessage, |
| KerbQueryBindingCacheMessage, |
| KerbPurgeBindingCacheMessage, |
| KerbPinKdcMessage, |
| KerbUnpinAllKdcsMessage, |
| KerbQueryDomainExtendedPoliciesMessage, |
| KerbQueryS4U2ProxyCacheMessage, |
| }} |
| pub type PKERB_PROTOCOL_MESSAGE_TYPE = *mut KERB_PROTOCOL_MESSAGE_TYPE; |
| STRUCT!{struct KERB_QUERY_TKT_CACHE_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| LogonId: LUID, |
| }} |
| pub type PKERB_QUERY_TKT_CACHE_REQUEST = *mut KERB_QUERY_TKT_CACHE_REQUEST; |
| STRUCT!{struct KERB_TICKET_CACHE_INFO { |
| ServerName: UNICODE_STRING, |
| RealmName: UNICODE_STRING, |
| StartTime: LARGE_INTEGER, |
| EndTime: LARGE_INTEGER, |
| RenewTime: LARGE_INTEGER, |
| EncryptionType: LONG, |
| TicketFlags: ULONG, |
| }} |
| pub type PKERB_TICKET_CACHE_INFO = *mut KERB_TICKET_CACHE_INFO; |
| STRUCT!{struct KERB_TICKET_CACHE_INFO_EX { |
| ClientName: UNICODE_STRING, |
| ClientRealm: UNICODE_STRING, |
| ServerName: UNICODE_STRING, |
| ServerRealm: UNICODE_STRING, |
| StartTime: LARGE_INTEGER, |
| EndTime: LARGE_INTEGER, |
| RenewTime: LARGE_INTEGER, |
| EncryptionType: LONG, |
| TicketFlags: ULONG, |
| }} |
| pub type PKERB_TICKET_CACHE_INFO_EX = *mut KERB_TICKET_CACHE_INFO_EX; |
| STRUCT!{struct KERB_TICKET_CACHE_INFO_EX2 { |
| ClientName: UNICODE_STRING, |
| ClientRealm: UNICODE_STRING, |
| ServerName: UNICODE_STRING, |
| ServerRealm: UNICODE_STRING, |
| StartTime: LARGE_INTEGER, |
| EndTime: LARGE_INTEGER, |
| RenewTime: LARGE_INTEGER, |
| EncryptionType: LONG, |
| TicketFlags: ULONG, |
| SessionKeyType: ULONG, |
| BranchId: ULONG, |
| }} |
| pub type PKERB_TICKET_CACHE_INFO_EX2 = *mut KERB_TICKET_CACHE_INFO_EX2; |
| STRUCT!{struct KERB_TICKET_CACHE_INFO_EX3 { |
| ClientName: UNICODE_STRING, |
| ClientRealm: UNICODE_STRING, |
| ServerName: UNICODE_STRING, |
| ServerRealm: UNICODE_STRING, |
| StartTime: LARGE_INTEGER, |
| EndTime: LARGE_INTEGER, |
| RenewTime: LARGE_INTEGER, |
| EncryptionType: LONG, |
| TicketFlags: ULONG, |
| SessionKeyType: ULONG, |
| BranchId: ULONG, |
| CacheFlags: ULONG, |
| KdcCalled: UNICODE_STRING, |
| }} |
| pub type PKERB_TICKET_CACHE_INFO_EX3 = *mut KERB_TICKET_CACHE_INFO_EX3; |
| STRUCT!{struct KERB_QUERY_TKT_CACHE_RESPONSE { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| CountOfTickets: ULONG, |
| Tickets: [KERB_TICKET_CACHE_INFO; ANYSIZE_ARRAY], |
| }} |
| pub type PKERB_QUERY_TKT_CACHE_RESPONSE = *mut KERB_QUERY_TKT_CACHE_RESPONSE; |
| STRUCT!{struct KERB_QUERY_TKT_CACHE_EX_RESPONSE { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| CountOfTickets: ULONG, |
| Tickets: [KERB_TICKET_CACHE_INFO_EX; ANYSIZE_ARRAY], |
| }} |
| pub type PKERB_QUERY_TKT_CACHE_EX_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX_RESPONSE; |
| STRUCT!{struct KERB_QUERY_TKT_CACHE_EX2_RESPONSE { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| CountOfTickets: ULONG, |
| Tickets: [KERB_TICKET_CACHE_INFO_EX2; ANYSIZE_ARRAY], |
| }} |
| pub type PKERB_QUERY_TKT_CACHE_EX2_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX2_RESPONSE; |
| STRUCT!{struct KERB_QUERY_TKT_CACHE_EX3_RESPONSE { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| CountOfTickets: ULONG, |
| Tickets: [KERB_TICKET_CACHE_INFO_EX3; ANYSIZE_ARRAY], |
| }} |
| pub type PKERB_QUERY_TKT_CACHE_EX3_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX3_RESPONSE; |
| pub const KERB_USE_DEFAULT_TICKET_FLAGS: ULONG = 0x0; |
| pub const KERB_RETRIEVE_TICKET_DEFAULT: ULONG = 0x0; |
| pub const KERB_RETRIEVE_TICKET_DONT_USE_CACHE: ULONG = 0x1; |
| pub const KERB_RETRIEVE_TICKET_USE_CACHE_ONLY: ULONG = 0x2; |
| pub const KERB_RETRIEVE_TICKET_USE_CREDHANDLE: ULONG = 0x4; |
| pub const KERB_RETRIEVE_TICKET_AS_KERB_CRED: ULONG = 0x8; |
| pub const KERB_RETRIEVE_TICKET_WITH_SEC_CRED: ULONG = 0x10; |
| pub const KERB_RETRIEVE_TICKET_CACHE_TICKET: ULONG = 0x20; |
| pub const KERB_RETRIEVE_TICKET_MAX_LIFETIME: ULONG = 0x40; |
| STRUCT!{struct KERB_AUTH_DATA { |
| Type: ULONG, |
| Length: ULONG, |
| Data: PUCHAR, |
| }} |
| pub type PKERB_AUTH_DATA = *mut KERB_AUTH_DATA; |
| STRUCT!{struct KERB_NET_ADDRESS { |
| Family: ULONG, |
| Length: ULONG, |
| Address: PUCHAR, |
| }} |
| pub type PKERB_NET_ADDRESS = *mut KERB_NET_ADDRESS; |
| STRUCT!{struct KERB_NET_ADDRESSES { |
| Number: ULONG, |
| Addresses: [KERB_NET_ADDRESS; ANYSIZE_ARRAY], |
| }} |
| pub type PKERB_NET_ADDRESSES = *mut KERB_NET_ADDRESSES; |
| STRUCT!{struct KERB_EXTERNAL_NAME { |
| NameType: SHORT, |
| NameCount: USHORT, |
| Names: [UNICODE_STRING; ANYSIZE_ARRAY], |
| }} |
| pub type PKERB_EXTERNAL_NAME = *mut KERB_EXTERNAL_NAME; |
| STRUCT!{struct KERB_EXTERNAL_TICKET { |
| ServiceName: PKERB_EXTERNAL_NAME, |
| TargetName: PKERB_EXTERNAL_NAME, |
| ClientName: PKERB_EXTERNAL_NAME, |
| DomainName: UNICODE_STRING, |
| TargetDomainName: UNICODE_STRING, |
| AltTargetDomainName: UNICODE_STRING, |
| SessionKey: KERB_CRYPTO_KEY, |
| TicketFlags: ULONG, |
| Flags: ULONG, |
| KeyExpirationTime: LARGE_INTEGER, |
| StartTime: LARGE_INTEGER, |
| EndTime: LARGE_INTEGER, |
| RenewUntil: LARGE_INTEGER, |
| TimeSkew: LARGE_INTEGER, |
| EncodedTicketSize: ULONG, |
| EncodedTicket: PUCHAR, |
| }} |
| pub type PKERB_EXTERNAL_TICKET = *mut KERB_EXTERNAL_TICKET; |
| STRUCT!{struct KERB_RETRIEVE_TKT_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| LogonId: LUID, |
| TargetName: UNICODE_STRING, |
| TicketFlags: ULONG, |
| CacheOptions: ULONG, |
| EncryptionType: LONG, |
| CredentialsHandle: SecHandle, |
| }} |
| pub type PKERB_RETRIEVE_TKT_REQUEST = *mut KERB_RETRIEVE_TKT_REQUEST; |
| STRUCT!{struct KERB_RETRIEVE_TKT_RESPONSE { |
| Ticket: KERB_EXTERNAL_TICKET, |
| }} |
| pub type PKERB_RETRIEVE_TKT_RESPONSE = *mut KERB_RETRIEVE_TKT_RESPONSE; |
| STRUCT!{struct KERB_PURGE_TKT_CACHE_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| LogonId: LUID, |
| ServerName: UNICODE_STRING, |
| RealmName: UNICODE_STRING, |
| }} |
| pub type PKERB_PURGE_TKT_CACHE_REQUEST = *mut KERB_PURGE_TKT_CACHE_REQUEST; |
| pub const KERB_PURGE_ALL_TICKETS: ULONG = 1; |
| STRUCT!{struct KERB_PURGE_TKT_CACHE_EX_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| LogonId: LUID, |
| Flags: ULONG, |
| TicketTemplate: KERB_TICKET_CACHE_INFO_EX, |
| }} |
| pub type PKERB_PURGE_TKT_CACHE_EX_REQUEST = *mut KERB_PURGE_TKT_CACHE_EX_REQUEST; |
| STRUCT!{struct KERB_SUBMIT_TKT_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| LogonId: LUID, |
| Flags: ULONG, |
| Key: KERB_CRYPTO_KEY32, |
| KerbCredSize: ULONG, |
| KerbCredOffset: ULONG, |
| }} |
| pub type PKERB_SUBMIT_TKT_REQUEST = *mut KERB_SUBMIT_TKT_REQUEST; |
| STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| Flags: ULONG, |
| LogonId: LUID, |
| }} |
| pub type PKERB_QUERY_KDC_PROXY_CACHE_REQUEST = *mut KERB_QUERY_KDC_PROXY_CACHE_REQUEST; |
| STRUCT!{struct KDC_PROXY_CACHE_ENTRY_DATA { |
| SinceLastUsed: ULONG64, |
| DomainName: UNICODE_STRING, |
| ProxyServerName: UNICODE_STRING, |
| ProxyServerVdir: UNICODE_STRING, |
| ProxyServerPort: USHORT, |
| LogonId: LUID, |
| CredUserName: UNICODE_STRING, |
| CredDomainName: UNICODE_STRING, |
| GlobalCache: BOOLEAN, |
| }} |
| pub type PKDC_PROXY_CACHE_ENTRY_DATA = *mut KDC_PROXY_CACHE_ENTRY_DATA; |
| STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_RESPONSE { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| CountOfEntries: ULONG, |
| Entries: PKDC_PROXY_CACHE_ENTRY_DATA, |
| }} |
| pub type PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE = *mut KERB_QUERY_KDC_PROXY_CACHE_RESPONSE; |
| STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| Flags: ULONG, |
| LogonId: LUID, |
| }} |
| pub type PKERB_PURGE_KDC_PROXY_CACHE_REQUEST = *mut KERB_PURGE_KDC_PROXY_CACHE_REQUEST; |
| STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_RESPONSE { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| CountOfPurged: ULONG, |
| }} |
| pub type PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE = *mut KERB_PURGE_KDC_PROXY_CACHE_RESPONSE; |
| pub const KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE: ULONG = 0x1; |
| STRUCT!{struct KERB_S4U2PROXY_CACHE_ENTRY_INFO { |
| ServerName: UNICODE_STRING, |
| Flags: ULONG, |
| LastStatus: NTSTATUS, |
| Expiry: LARGE_INTEGER, |
| }} |
| pub type PKERB_S4U2PROXY_CACHE_ENTRY_INFO = *mut KERB_S4U2PROXY_CACHE_ENTRY_INFO; |
| pub const KERB_S4U2PROXY_CRED_FLAG_NEGATIVE: ULONG = 0x1; |
| STRUCT!{struct KERB_S4U2PROXY_CRED { |
| UserName: UNICODE_STRING, |
| DomainName: UNICODE_STRING, |
| Flags: ULONG, |
| LastStatus: NTSTATUS, |
| Expiry: LARGE_INTEGER, |
| CountOfEntries: ULONG, |
| Entries: PKERB_S4U2PROXY_CACHE_ENTRY_INFO, |
| }} |
| pub type PKERB_S4U2PROXY_CRED = *mut KERB_S4U2PROXY_CRED; |
| STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| Flags: ULONG, |
| LogonId: LUID, |
| }} |
| pub type PKERB_QUERY_S4U2PROXY_CACHE_REQUEST = *mut KERB_QUERY_S4U2PROXY_CACHE_REQUEST; |
| STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_RESPONSE { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| CountOfCreds: ULONG, |
| Creds: PKERB_S4U2PROXY_CRED, |
| }} |
| pub type PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE = *mut KERB_QUERY_S4U2PROXY_CACHE_RESPONSE; |
| STRUCT!{struct KERB_CHANGEPASSWORD_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| DomainName: UNICODE_STRING, |
| AccountName: UNICODE_STRING, |
| OldPassword: UNICODE_STRING, |
| NewPassword: UNICODE_STRING, |
| Impersonating: BOOLEAN, |
| }} |
| pub type PKERB_CHANGEPASSWORD_REQUEST = *mut KERB_CHANGEPASSWORD_REQUEST; |
| STRUCT!{struct KERB_SETPASSWORD_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| LogonId: LUID, |
| CredentialsHandle: SecHandle, |
| Flags: ULONG, |
| DomainName: UNICODE_STRING, |
| AccountName: UNICODE_STRING, |
| Password: UNICODE_STRING, |
| }} |
| pub type PKERB_SETPASSWORD_REQUEST = *mut KERB_SETPASSWORD_REQUEST; |
| STRUCT!{struct KERB_SETPASSWORD_EX_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| LogonId: LUID, |
| CredentialsHandle: SecHandle, |
| Flags: ULONG, |
| AccountRealm: UNICODE_STRING, |
| AccountName: UNICODE_STRING, |
| Password: UNICODE_STRING, |
| ClientRealm: UNICODE_STRING, |
| ClientName: UNICODE_STRING, |
| Impersonating: BOOLEAN, |
| KdcAddress: UNICODE_STRING, |
| KdcAddressType: ULONG, |
| }} |
| pub type PKERB_SETPASSWORD_EX_REQUEST = *mut KERB_SETPASSWORD_EX_REQUEST; |
| pub const DS_UNKNOWN_ADDRESS_TYPE: ULONG = 0; |
| pub const KERB_SETPASS_USE_LOGONID: ULONG = 1; |
| pub const KERB_SETPASS_USE_CREDHANDLE: ULONG = 2; |
| STRUCT!{struct KERB_DECRYPT_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| LogonId: LUID, |
| Flags: ULONG, |
| CryptoType: LONG, |
| KeyUsage: LONG, |
| Key: KERB_CRYPTO_KEY, |
| EncryptedDataSize: ULONG, |
| InitialVectorSize: ULONG, |
| InitialVector: PUCHAR, |
| EncryptedData: PUCHAR, |
| }} |
| pub type PKERB_DECRYPT_REQUEST = *mut KERB_DECRYPT_REQUEST; |
| pub const KERB_DECRYPT_FLAG_DEFAULT_KEY: ULONG = 0x00000001; |
| STRUCT!{struct KERB_DECRYPT_RESPONSE { |
| DecryptedData: [UCHAR; ANYSIZE_ARRAY], |
| }} |
| pub type PKERB_DECRYPT_RESPONSE = *mut KERB_DECRYPT_RESPONSE; |
| STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| RealmName: UNICODE_STRING, |
| KdcAddress: UNICODE_STRING, |
| AddressType: ULONG, |
| }} |
| pub type PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_REQUEST; |
| STRUCT!{struct KERB_REFRESH_SCCRED_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| CredentialBlob: UNICODE_STRING, |
| LogonId: LUID, |
| Flags: ULONG, |
| }} |
| pub type PKERB_REFRESH_SCCRED_REQUEST = *mut KERB_REFRESH_SCCRED_REQUEST; |
| pub const KERB_REFRESH_SCCRED_RELEASE: ULONG = 0x0; |
| pub const KERB_REFRESH_SCCRED_GETTGT: ULONG = 0x1; |
| STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| UserName: UNICODE_STRING, |
| DomainName: UNICODE_STRING, |
| Password: UNICODE_STRING, |
| LogonId: LUID, |
| Flags: ULONG, |
| }} |
| pub type PKERB_ADD_CREDENTIALS_REQUEST = *mut KERB_ADD_CREDENTIALS_REQUEST; |
| pub const KERB_REQUEST_ADD_CREDENTIAL: ULONG = 1; |
| pub const KERB_REQUEST_REPLACE_CREDENTIAL: ULONG = 2; |
| pub const KERB_REQUEST_REMOVE_CREDENTIAL: ULONG = 4; |
| STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST_EX { |
| Credentials: KERB_ADD_CREDENTIALS_REQUEST, |
| PrincipalNameCount: ULONG, |
| PrincipalNames: [UNICODE_STRING; ANYSIZE_ARRAY], |
| }} |
| pub type PKERB_ADD_CREDENTIALS_REQUEST_EX = *mut KERB_ADD_CREDENTIALS_REQUEST_EX; |
| STRUCT!{struct KERB_TRANSFER_CRED_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| OriginLogonId: LUID, |
| DestinationLogonId: LUID, |
| Flags: ULONG, |
| }} |
| pub type PKERB_TRANSFER_CRED_REQUEST = *mut KERB_TRANSFER_CRED_REQUEST; |
| pub const KERB_TRANSFER_CRED_WITH_TICKETS: ULONG = 0x1; |
| pub const KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS: ULONG = 0x2; |
| STRUCT!{struct KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| LogonId: LUID, |
| }} |
| pub type PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST = |
| *mut KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST; |
| STRUCT!{struct KERB_BINDING_CACHE_ENTRY_DATA { |
| DiscoveryTime: ULONG64, |
| RealmName: UNICODE_STRING, |
| KdcAddress: UNICODE_STRING, |
| AddressType: ULONG, |
| Flags: ULONG, |
| DcFlags: ULONG, |
| CacheFlags: ULONG, |
| KdcName: UNICODE_STRING, |
| }} |
| pub type PKERB_BINDING_CACHE_ENTRY_DATA = *mut KERB_BINDING_CACHE_ENTRY_DATA; |
| STRUCT!{struct KERB_QUERY_BINDING_CACHE_RESPONSE { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| CountOfEntries: ULONG, |
| Entries: PKERB_BINDING_CACHE_ENTRY_DATA, |
| }} |
| pub type PKERB_QUERY_BINDING_CACHE_RESPONSE = *mut KERB_QUERY_BINDING_CACHE_RESPONSE; |
| STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| RealmName: UNICODE_STRING, |
| KdcAddress: UNICODE_STRING, |
| AddressType: ULONG, |
| DcFlags: ULONG, |
| }} |
| pub type PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST; |
| STRUCT!{struct KERB_QUERY_BINDING_CACHE_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| }} |
| pub type PKERB_QUERY_BINDING_CACHE_REQUEST = *mut KERB_QUERY_BINDING_CACHE_REQUEST; |
| STRUCT!{struct KERB_PURGE_BINDING_CACHE_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| }} |
| pub type PKERB_PURGE_BINDING_CACHE_REQUEST = *mut KERB_PURGE_BINDING_CACHE_REQUEST; |
| STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| Flags: ULONG, |
| DomainName: UNICODE_STRING, |
| }} |
| pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST = |
| *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST; |
| STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE { |
| MessageType: KERB_PROTOCOL_MESSAGE_TYPE, |
| Flags: ULONG, |
| ExtendedPolicies: ULONG, |
| DsFlags: ULONG, |
| }} |
| pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE = |
| *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE; |
| ENUM!{enum KERB_CERTIFICATE_INFO_TYPE { |
| CertHashInfo = 1, |
| }} |
| pub type PKERB_CERTIFICATE_INFO_TYPE = *mut KERB_CERTIFICATE_INFO_TYPE; |
| STRUCT!{struct KERB_CERTIFICATE_HASHINFO { |
| StoreNameLength: USHORT, |
| HashLength: USHORT, |
| }} |
| pub type PKERB_CERTIFICATE_HASHINFO = *mut KERB_CERTIFICATE_HASHINFO; |
| STRUCT!{struct KERB_CERTIFICATE_INFO { |
| CertInfoSize: ULONG, |
| InfoType: ULONG, |
| }} |
| pub type PKERB_CERTIFICATE_INFO = *mut KERB_CERTIFICATE_INFO; |
| STRUCT!{struct POLICY_AUDIT_SID_ARRAY { |
| UsersCount: ULONG, |
| UserSidArray: *mut PSID, |
| }} |
| pub type PPOLICY_AUDIT_SID_ARRAY = *mut POLICY_AUDIT_SID_ARRAY; |
| STRUCT!{struct AUDIT_POLICY_INFORMATION { |
| AuditSubCategoryGuid: GUID, |
| AuditingInformation: ULONG, |
| AuditCategoryGuid: GUID, |
| }} |
| pub type PAUDIT_POLICY_INFORMATION = *mut AUDIT_POLICY_INFORMATION; |
| pub type LPAUDIT_POLICY_INFORMATION = PAUDIT_POLICY_INFORMATION; |
| pub type PCAUDIT_POLICY_INFORMATION = *const AUDIT_POLICY_INFORMATION; |
| pub const AUDIT_SET_SYSTEM_POLICY: ULONG = 0x0001; |
| pub const AUDIT_QUERY_SYSTEM_POLICY: ULONG = 0x0002; |
| pub const AUDIT_SET_USER_POLICY: ULONG = 0x0004; |
| pub const AUDIT_QUERY_USER_POLICY: ULONG = 0x0008; |
| pub const AUDIT_ENUMERATE_USERS: ULONG = 0x0010; |
| pub const AUDIT_SET_MISC_POLICY: ULONG = 0x0020; |
| pub const AUDIT_QUERY_MISC_POLICY: ULONG = 0x0040; |
| pub const AUDIT_GENERIC_ALL: ULONG = STANDARD_RIGHTS_REQUIRED | AUDIT_SET_SYSTEM_POLICY |
| | AUDIT_QUERY_SYSTEM_POLICY | AUDIT_SET_USER_POLICY | AUDIT_QUERY_USER_POLICY |
| | AUDIT_ENUMERATE_USERS | AUDIT_SET_MISC_POLICY | AUDIT_QUERY_MISC_POLICY; |
| pub const AUDIT_GENERIC_READ: ULONG = STANDARD_RIGHTS_READ | AUDIT_QUERY_SYSTEM_POLICY |
| | AUDIT_QUERY_USER_POLICY | AUDIT_ENUMERATE_USERS | AUDIT_QUERY_MISC_POLICY; |
| pub const AUDIT_GENERIC_WRITE: ULONG = STANDARD_RIGHTS_WRITE | AUDIT_SET_USER_POLICY |
| | AUDIT_SET_MISC_POLICY | AUDIT_SET_SYSTEM_POLICY; |
| pub const AUDIT_GENERIC_EXECUTE: ULONG = STANDARD_RIGHTS_EXECUTE; |
| extern "system" { |
| pub fn AuditSetSystemPolicy( |
| pAuditPolicy: PCAUDIT_POLICY_INFORMATION, |
| PolicyCount: ULONG, |
| ) -> BOOLEAN; |
| pub fn AuditSetPerUserPolicy( |
| pSid: *const SID, |
| pAuditPolicy: PCAUDIT_POLICY_INFORMATION, |
| PolicyCount: ULONG, |
| ) -> BOOLEAN; |
| pub fn AuditQuerySystemPolicy( |
| pSubCategoryGuids: *const GUID, |
| PolicyCount: ULONG, |
| ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION, |
| ) -> BOOLEAN; |
| pub fn AuditQueryPerUserPolicy( |
| pSid: *const SID, |
| pSubCategoryGuids: *const GUID, |
| PolicyCount: ULONG, |
| ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION, |
| ) -> BOOLEAN; |
| pub fn AuditEnumeratePerUserPolicy( |
| ppAuditSidArray: *mut PPOLICY_AUDIT_SID_ARRAY, |
| ) -> BOOLEAN; |
| pub fn AuditComputeEffectivePolicyBySid( |
| pSid: *const SID, |
| pSubCategoryGuids: *const GUID, |
| dwPolicyCount: ULONG, |
| ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION, |
| ) -> BOOLEAN; |
| pub fn AuditComputeEffectivePolicyByToken( |
| hTokenHandle: HANDLE, |
| pSubCategoryGuids: *const GUID, |
| dwPolicyCount: ULONG, |
| ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION, |
| ) -> BOOLEAN; |
| pub fn AuditEnumerateCategories( |
| ppAuditCategoriesArray: *mut *mut GUID, |
| pdwCountReturned: PULONG, |
| ) -> BOOLEAN; |
| pub fn AuditEnumerateSubCategories( |
| pAuditCategoryGuid: *const GUID, |
| bRetrieveAllSubCategories: BOOLEAN, |
| ppAuditSubCategoriesArray: *mut *mut GUID, |
| pdwCountReturned: PULONG, |
| ) -> BOOLEAN; |
| pub fn AuditLookupCategoryNameW( |
| pAuditCategoryGuid: *const GUID, |
| ppszCategoryName: *mut PWSTR, |
| ) -> BOOLEAN; |
| pub fn AuditLookupCategoryNameA( |
| pAuditCategoryGuid: *const GUID, |
| ppszCategoryName: *mut PSTR, |
| ) -> BOOLEAN; |
| pub fn AuditLookupSubCategoryNameW( |
| pAuditSubCategoryGuid: *const GUID, |
| ppszSubCategoryName: *mut PWSTR, |
| ) -> BOOLEAN; |
| pub fn AuditLookupSubCategoryNameA( |
| pAuditSubCategoryGuid: *const GUID, |
| ppszSubCategoryName: *mut PSTR, |
| ) -> BOOLEAN; |
| pub fn AuditLookupCategoryIdFromCategoryGuid( |
| pAuditCategoryGuid: *const GUID, |
| pAuditCategoryId: PPOLICY_AUDIT_EVENT_TYPE, |
| ) -> BOOLEAN; |
| pub fn AuditLookupCategoryGuidFromCategoryId( |
| AuditCategoryId: POLICY_AUDIT_EVENT_TYPE, |
| pAuditCategoryGuid: *mut GUID, |
| ) -> BOOLEAN; |
| pub fn AuditSetSecurity( |
| SecurityInformation: SECURITY_INFORMATION, |
| pSecurityDescriptor: PSECURITY_DESCRIPTOR, |
| ) -> BOOLEAN; |
| pub fn AuditQuerySecurity( |
| SecurityInformation: SECURITY_INFORMATION, |
| ppSecurityDescriptor: *mut PSECURITY_DESCRIPTOR, |
| ) -> BOOLEAN; |
| pub fn AuditSetGlobalSaclW( |
| ObjectTypeName: PCWSTR, |
| Acl: PACL, |
| ) -> BOOLEAN; |
| pub fn AuditSetGlobalSaclA( |
| ObjectTypeName: PCSTR, |
| Acl: PACL, |
| ) -> BOOLEAN; |
| pub fn AuditQueryGlobalSaclW( |
| ObjectTypeName: PCWSTR, |
| Acl: *mut PACL, |
| ) -> BOOLEAN; |
| pub fn AuditQueryGlobalSaclA( |
| ObjectTypeName: PCSTR, |
| Acl: *mut PACL, |
| ) -> BOOLEAN; |
| pub fn AuditFree( |
| Buffer: PVOID, |
| ); |
| } |
| STRUCT!{struct PKU2U_CERT_BLOB { |
| CertOffset: ULONG, |
| CertLength: USHORT, |
| }} |
| pub type PPKU2U_CERT_BLOB = *mut PKU2U_CERT_BLOB; |
| pub const PKU2U_CREDUI_CONTEXT_VERSION: ULONG64 = 0x4154414454524543; |
| STRUCT!{struct PKU2U_CREDUI_CONTEXT { |
| Version: ULONG64, |
| cbHeaderLength: USHORT, |
| cbStructureLength: ULONG, |
| CertArrayCount: USHORT, |
| CertArrayOffset: ULONG, |
| }} |
| pub type PPKU2U_CREDUI_CONTEXT = *mut PKU2U_CREDUI_CONTEXT; |
| ENUM!{enum PKU2U_LOGON_SUBMIT_TYPE { |
| Pku2uCertificateS4ULogon = 14, |
| }} |
| pub type PPKU2U_LOGON_SUBMIT_TYPE = *mut PKU2U_LOGON_SUBMIT_TYPE; |
| STRUCT!{struct PKU2U_CERTIFICATE_S4U_LOGON { |
| MessageType: PKU2U_LOGON_SUBMIT_TYPE, |
| Flags: ULONG, |
| UserPrincipalName: UNICODE_STRING, |
| DomainName: UNICODE_STRING, |
| CertificateLength: ULONG, |
| Certificate: PUCHAR, |
| }} |
| pub type PPKU2U_CERTIFICATE_S4U_LOGON = *mut PKU2U_CERTIFICATE_S4U_LOGON; |