1 // Copyright © 2015-2017 winapi-rs developers
2 // Licensed under the Apache License, Version 2.0
3 // <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
4 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
5 // All files in the project carrying such notice may not be copied, modified, or distributed
6 // except according to those terms.
7 //! This module defines the Local Security Authority APIs.
9 use shared
::basetsd
::{ULONG64, ULONG_PTR}
;
10 use shared
::guiddef
::GUID
;
11 use shared
::minwindef
::{PUCHAR, PULONG, UCHAR, ULONG, USHORT}
;
12 use shared
::ntdef
::NTSTATUS
;
13 use shared
::sspi
::SecHandle
;
15 LSA_TRUST_INFORMATION
, LSA_UNICODE_STRING
, PLSA_TRUST_INFORMATION
, PLSA_UNICODE_STRING
17 use um
::subauth
::{PUNICODE_STRING, STRING, UNICODE_STRING}
;
19 ACCESS_MASK
, ANYSIZE_ARRAY
, BOOLEAN
, HANDLE
, LARGE_INTEGER
, LONG
, LUID
, PACL
, PCSTR
, PCWSTR
,
20 PSECURITY_DESCRIPTOR
, PSID
, PSTR
, PVOID
, PWSTR
, QUOTA_LIMITS
, SECURITY_INFORMATION
, SHORT
, SID
,
21 SID_NAME_USE
, STANDARD_RIGHTS_EXECUTE
, STANDARD_RIGHTS_READ
, STANDARD_RIGHTS_REQUIRED
,
22 STANDARD_RIGHTS_WRITE
, ULONGLONG
25 DEFINE_GUID
!(Audit_System_SecurityStateChange
,
26 0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
27 DEFINE_GUID
!(Audit_System_SecuritySubsystemExtension
,
28 0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
29 DEFINE_GUID
!(Audit_System_Integrity
,
30 0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
31 DEFINE_GUID
!(Audit_System_IPSecDriverEvents
,
32 0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
33 DEFINE_GUID
!(Audit_System_Others
,
34 0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
35 DEFINE_GUID
!(Audit_Logon_Logon
,
36 0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
37 DEFINE_GUID
!(Audit_Logon_Logoff
,
38 0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
39 DEFINE_GUID
!(Audit_Logon_AccountLockout
,
40 0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
41 DEFINE_GUID
!(Audit_Logon_IPSecMainMode
,
42 0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
43 DEFINE_GUID
!(Audit_Logon_IPSecQuickMode
,
44 0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
45 DEFINE_GUID
!(Audit_Logon_IPSecUserMode
,
46 0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
47 DEFINE_GUID
!(Audit_Logon_SpecialLogon
,
48 0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
49 DEFINE_GUID
!(Audit_Logon_Others
,
50 0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
51 DEFINE_GUID
!(Audit_ObjectAccess_FileSystem
,
52 0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
53 DEFINE_GUID
!(Audit_ObjectAccess_Registry
,
54 0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
55 DEFINE_GUID
!(Audit_ObjectAccess_Kernel
,
56 0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
57 DEFINE_GUID
!(Audit_ObjectAccess_Sam
,
58 0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
59 DEFINE_GUID
!(Audit_ObjectAccess_CertificationServices
,
60 0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
61 DEFINE_GUID
!(Audit_ObjectAccess_ApplicationGenerated
,
62 0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
63 DEFINE_GUID
!(Audit_ObjectAccess_Handle
,
64 0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
65 DEFINE_GUID
!(Audit_ObjectAccess_Share
,
66 0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
67 DEFINE_GUID
!(Audit_ObjectAccess_FirewallPacketDrops
,
68 0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
69 DEFINE_GUID
!(Audit_ObjectAccess_FirewallConnection
,
70 0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
71 DEFINE_GUID
!(Audit_ObjectAccess_Other
,
72 0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
73 DEFINE_GUID
!(Audit_PrivilegeUse_Sensitive
,
74 0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
75 DEFINE_GUID
!(Audit_PrivilegeUse_NonSensitive
,
76 0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
77 DEFINE_GUID
!(Audit_PrivilegeUse_Others
,
78 0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
79 DEFINE_GUID
!(Audit_DetailedTracking_ProcessCreation
,
80 0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
81 DEFINE_GUID
!(Audit_DetailedTracking_ProcessTermination
,
82 0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
83 DEFINE_GUID
!(Audit_DetailedTracking_DpapiActivity
,
84 0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
85 DEFINE_GUID
!(Audit_DetailedTracking_RpcCall
,
86 0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
87 DEFINE_GUID
!(Audit_PolicyChange_AuditPolicy
,
88 0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
89 DEFINE_GUID
!(Audit_PolicyChange_AuthenticationPolicy
,
90 0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
91 DEFINE_GUID
!(Audit_PolicyChange_AuthorizationPolicy
,
92 0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
93 DEFINE_GUID
!(Audit_PolicyChange_MpsscvRulePolicy
,
94 0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
95 DEFINE_GUID
!(Audit_PolicyChange_WfpIPSecPolicy
,
96 0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
97 DEFINE_GUID
!(Audit_PolicyChange_Others
,
98 0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
99 DEFINE_GUID
!(Audit_AccountManagement_UserAccount
,
100 0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
101 DEFINE_GUID
!(Audit_AccountManagement_ComputerAccount
,
102 0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
103 DEFINE_GUID
!(Audit_AccountManagement_SecurityGroup
,
104 0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
105 DEFINE_GUID
!(Audit_AccountManagement_DistributionGroup
,
106 0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
107 DEFINE_GUID
!(Audit_AccountManagement_ApplicationGroup
,
108 0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
109 DEFINE_GUID
!(Audit_AccountManagement_Others
,
110 0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
111 DEFINE_GUID
!(Audit_DSAccess_DSAccess
,
112 0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
113 DEFINE_GUID
!(Audit_DsAccess_AdAuditChanges
,
114 0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
115 DEFINE_GUID
!(Audit_Ds_Replication
,
116 0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
117 DEFINE_GUID
!(Audit_Ds_DetailedReplication
,
118 0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
119 DEFINE_GUID
!(Audit_AccountLogon_CredentialValidation
,
120 0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
121 DEFINE_GUID
!(Audit_AccountLogon_Kerberos
,
122 0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
123 DEFINE_GUID
!(Audit_AccountLogon_Others
,
124 0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
125 DEFINE_GUID
!(Audit_AccountLogon_KerbCredentialValidation
,
126 0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
127 DEFINE_GUID
!(Audit_Logon_NPS
,
128 0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
129 DEFINE_GUID
!(Audit_ObjectAccess_DetailedFileShare
,
130 0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
131 DEFINE_GUID
!(Audit_ObjectAccess_RemovableStorage
,
132 0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
133 DEFINE_GUID
!(Audit_ObjectAccess_CbacStaging
,
134 0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
135 DEFINE_GUID
!(Audit_Logon_Claims
,
136 0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
137 DEFINE_GUID
!(Audit_System
,
138 0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
139 DEFINE_GUID
!(Audit_Logon
,
140 0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
141 DEFINE_GUID
!(Audit_ObjectAccess
,
142 0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
143 DEFINE_GUID
!(Audit_PrivilegeUse
,
144 0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
145 DEFINE_GUID
!(Audit_DetailedTracking
,
146 0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
147 DEFINE_GUID
!(Audit_PolicyChange
,
148 0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
149 DEFINE_GUID
!(Audit_AccountManagement
,
150 0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
151 DEFINE_GUID
!(Audit_DirectoryServiceAccess
,
152 0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
153 DEFINE_GUID
!(Audit_AccountLogon
,
154 0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
155 ENUM
!{enum POLICY_AUDIT_EVENT_TYPE
{
156 AuditCategorySystem
= 0,
158 AuditCategoryObjectAccess
,
159 AuditCategoryPrivilegeUse
,
160 AuditCategoryDetailedTracking
,
161 AuditCategoryPolicyChange
,
162 AuditCategoryAccountManagement
,
163 AuditCategoryDirectoryServiceAccess
,
164 AuditCategoryAccountLogon
,
166 pub type PPOLICY_AUDIT_EVENT_TYPE
= *mut POLICY_AUDIT_EVENT_TYPE
;
167 pub const POLICY_AUDIT_EVENT_UNCHANGED
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000000;
168 pub const POLICY_AUDIT_EVENT_SUCCESS
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000001;
169 pub const POLICY_AUDIT_EVENT_FAILURE
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000002;
170 pub const POLICY_AUDIT_EVENT_NONE
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000004;
171 pub const POLICY_AUDIT_EVENT_MASK
: POLICY_AUDIT_EVENT_OPTIONS
= POLICY_AUDIT_EVENT_SUCCESS
172 | POLICY_AUDIT_EVENT_FAILURE
| POLICY_AUDIT_EVENT_UNCHANGED
| POLICY_AUDIT_EVENT_NONE
;
173 pub const POLICY_VIEW_LOCAL_INFORMATION
: ACCESS_MASK
= 0x00000001;
174 pub const POLICY_VIEW_AUDIT_INFORMATION
: ACCESS_MASK
= 0x00000002;
175 pub const POLICY_GET_PRIVATE_INFORMATION
: ACCESS_MASK
= 0x00000004;
176 pub const POLICY_TRUST_ADMIN
: ACCESS_MASK
= 0x00000008;
177 pub const POLICY_CREATE_ACCOUNT
: ACCESS_MASK
= 0x00000010;
178 pub const POLICY_CREATE_SECRET
: ACCESS_MASK
= 0x00000020;
179 pub const POLICY_CREATE_PRIVILEGE
: ACCESS_MASK
= 0x00000040;
180 pub const POLICY_SET_DEFAULT_QUOTA_LIMITS
: ACCESS_MASK
= 0x00000080;
181 pub const POLICY_SET_AUDIT_REQUIREMENTS
: ACCESS_MASK
= 0x00000100;
182 pub const POLICY_AUDIT_LOG_ADMIN
: ACCESS_MASK
= 0x00000200;
183 pub const POLICY_SERVER_ADMIN
: ACCESS_MASK
= 0x00000400;
184 pub const POLICY_LOOKUP_NAMES
: ACCESS_MASK
= 0x00000800;
185 pub const POLICY_NOTIFICATION
: ACCESS_MASK
= 0x00001000;
186 pub const POLICY_ALL_ACCESS
: ACCESS_MASK
= STANDARD_RIGHTS_REQUIRED
187 | POLICY_VIEW_LOCAL_INFORMATION
| POLICY_VIEW_AUDIT_INFORMATION
188 | POLICY_GET_PRIVATE_INFORMATION
| POLICY_TRUST_ADMIN
| POLICY_CREATE_ACCOUNT
189 | POLICY_CREATE_SECRET
| POLICY_CREATE_PRIVILEGE
| POLICY_SET_DEFAULT_QUOTA_LIMITS
190 | POLICY_SET_AUDIT_REQUIREMENTS
| POLICY_AUDIT_LOG_ADMIN
| POLICY_SERVER_ADMIN
191 | POLICY_LOOKUP_NAMES
;
192 pub const POLICY_READ
: ACCESS_MASK
= STANDARD_RIGHTS_READ
| POLICY_VIEW_AUDIT_INFORMATION
193 | POLICY_GET_PRIVATE_INFORMATION
;
194 pub const POLICY_WRITE
: ACCESS_MASK
= STANDARD_RIGHTS_WRITE
| POLICY_TRUST_ADMIN
195 | POLICY_CREATE_ACCOUNT
| POLICY_CREATE_SECRET
| POLICY_CREATE_PRIVILEGE
196 | POLICY_SET_DEFAULT_QUOTA_LIMITS
| POLICY_SET_AUDIT_REQUIREMENTS
| POLICY_AUDIT_LOG_ADMIN
197 | POLICY_SERVER_ADMIN
;
198 pub const POLICY_EXECUTE
: ACCESS_MASK
= STANDARD_RIGHTS_EXECUTE
199 | POLICY_VIEW_LOCAL_INFORMATION
| POLICY_LOOKUP_NAMES
;
200 STRUCT
!{struct LSA_TRANSLATED_SID
{
205 pub type PLSA_TRANSLATED_SID
= *mut LSA_TRANSLATED_SID
;
206 ENUM
!{enum POLICY_LSA_SERVER_ROLE
{
207 PolicyServerRoleBackup
= 2,
208 PolicyServerRolePrimary
,
210 pub type PPOLICY_LSA_SERVER_ROLE
= *mut POLICY_LSA_SERVER_ROLE
;
211 pub type POLICY_AUDIT_EVENT_OPTIONS
= ULONG
;
212 pub type PPOLICY_AUDIT_EVENT_OPTIONS
= *mut ULONG
;
213 ENUM
!{enum POLICY_INFORMATION_CLASS
{
214 PolicyAuditLogInformation
= 1,
215 PolicyAuditEventsInformation
,
216 PolicyPrimaryDomainInformation
,
217 PolicyPdAccountInformation
,
218 PolicyAccountDomainInformation
,
219 PolicyLsaServerRoleInformation
,
220 PolicyReplicaSourceInformation
,
221 PolicyDefaultQuotaInformation
,
222 PolicyModificationInformation
,
223 PolicyAuditFullSetInformation
,
224 PolicyAuditFullQueryInformation
,
225 PolicyDnsDomainInformation
,
226 PolicyDnsDomainInformationInt
,
227 PolicyLocalAccountDomainInformation
,
230 pub type PPOLICY_INFORMATION_CLASS
= *mut POLICY_INFORMATION_CLASS
;
231 STRUCT
!{struct POLICY_AUDIT_LOG_INFO
{
232 AuditLogPercentFull
: ULONG
,
233 MaximumLogSize
: ULONG
,
234 AuditRetentionPeriod
: LARGE_INTEGER
,
235 AuditLogFullShutdownInProgress
: BOOLEAN
,
236 TimeToShutdown
: LARGE_INTEGER
,
237 NextAuditRecordId
: ULONG
,
239 pub type PPOLICY_AUDIT_LOG_INFO
= *mut POLICY_AUDIT_LOG_INFO
;
240 STRUCT
!{struct POLICY_AUDIT_EVENTS_INFO
{
241 AuditingMode
: BOOLEAN
,
242 EventAuditingOptions
: PPOLICY_AUDIT_EVENT_OPTIONS
,
243 MaximumAuditEventCount
: ULONG
,
245 pub type PPOLICY_AUDIT_EVENTS_INFO
= *mut POLICY_AUDIT_EVENTS_INFO
;
246 STRUCT
!{struct POLICY_AUDIT_SUBCATEGORIES_INFO
{
247 MaximumSubCategoryCount
: ULONG
,
248 EventAuditingOptions
: PPOLICY_AUDIT_EVENT_OPTIONS
,
250 pub type PPOLICY_AUDIT_SUBCATEGORIES_INFO
= *mut POLICY_AUDIT_SUBCATEGORIES_INFO
;
251 STRUCT
!{struct POLICY_AUDIT_CATEGORIES_INFO
{
252 MaximumSubCategoryCount
: ULONG
,
253 SubCategoriesInfo
: PPOLICY_AUDIT_SUBCATEGORIES_INFO
,
255 pub type PPOLICY_AUDIT_CATEGORIES_INFO
= *mut POLICY_AUDIT_CATEGORIES_INFO
;
256 pub const PER_USER_POLICY_UNCHANGED
: ULONG
= 0x00;
257 pub const PER_USER_AUDIT_SUCCESS_INCLUDE
: ULONG
= 0x01;
258 pub const PER_USER_AUDIT_SUCCESS_EXCLUDE
: ULONG
= 0x02;
259 pub const PER_USER_AUDIT_FAILURE_INCLUDE
: ULONG
= 0x04;
260 pub const PER_USER_AUDIT_FAILURE_EXCLUDE
: ULONG
= 0x08;
261 pub const PER_USER_AUDIT_NONE
: ULONG
= 0x10;
262 pub const VALID_PER_USER_AUDIT_POLICY_FLAG
: ULONG
= PER_USER_AUDIT_SUCCESS_INCLUDE
263 | PER_USER_AUDIT_SUCCESS_EXCLUDE
| PER_USER_AUDIT_FAILURE_INCLUDE
264 | PER_USER_AUDIT_FAILURE_EXCLUDE
| PER_USER_AUDIT_NONE
;
265 STRUCT
!{struct POLICY_PRIMARY_DOMAIN_INFO
{
266 Name
: LSA_UNICODE_STRING
,
269 pub type PPOLICY_PRIMARY_DOMAIN_INFO
= *mut POLICY_PRIMARY_DOMAIN_INFO
;
270 STRUCT
!{struct POLICY_PD_ACCOUNT_INFO
{
271 Name
: LSA_UNICODE_STRING
,
273 pub type PPOLICY_PD_ACCOUNT_INFO
= *mut POLICY_PD_ACCOUNT_INFO
;
274 STRUCT
!{struct POLICY_LSA_SERVER_ROLE_INFO
{
275 LsaServerRole
: POLICY_LSA_SERVER_ROLE
,
277 pub type PPOLICY_LSA_SERVER_ROLE_INFO
= *mut POLICY_LSA_SERVER_ROLE_INFO
;
278 STRUCT
!{struct POLICY_REPLICA_SOURCE_INFO
{
279 ReplicaSource
: LSA_UNICODE_STRING
,
280 ReplicaAccountName
: LSA_UNICODE_STRING
,
282 pub type PPOLICY_REPLICA_SOURCE_INFO
= *mut POLICY_REPLICA_SOURCE_INFO
;
283 STRUCT
!{struct POLICY_DEFAULT_QUOTA_INFO
{
284 QuotaLimits
: QUOTA_LIMITS
,
286 pub type PPOLICY_DEFAULT_QUOTA_INFO
= *mut POLICY_DEFAULT_QUOTA_INFO
;
287 STRUCT
!{struct POLICY_MODIFICATION_INFO
{
288 ModifiedId
: LARGE_INTEGER
,
289 DatabaseCreationTime
: LARGE_INTEGER
,
291 pub type PPOLICY_MODIFICATION_INFO
= *mut POLICY_MODIFICATION_INFO
;
292 STRUCT
!{struct POLICY_AUDIT_FULL_SET_INFO
{
293 ShutDownOnFull
: BOOLEAN
,
295 pub type PPOLICY_AUDIT_FULL_SET_INFO
= *mut POLICY_AUDIT_FULL_SET_INFO
;
296 STRUCT
!{struct POLICY_AUDIT_FULL_QUERY_INFO
{
297 ShutDownOnFull
: BOOLEAN
,
300 pub type PPOLICY_AUDIT_FULL_QUERY_INFO
= *mut POLICY_AUDIT_FULL_QUERY_INFO
;
301 ENUM
!{enum POLICY_DOMAIN_INFORMATION_CLASS
{
302 PolicyDomainEfsInformation
= 2,
303 PolicyDomainKerberosTicketInformation
,
305 pub type PPOLICY_DOMAIN_INFORMATION_CLASS
= *mut POLICY_DOMAIN_INFORMATION_CLASS
;
306 STRUCT
!{struct POLICY_DOMAIN_EFS_INFO
{
310 pub type PPOLICY_DOMAIN_EFS_INFO
= *mut POLICY_DOMAIN_EFS_INFO
;
311 STRUCT
!{struct POLICY_DOMAIN_KERBEROS_TICKET_INFO
{
312 AuthenticationOptions
: ULONG
,
313 MaxServiceTicketAge
: LARGE_INTEGER
,
314 MaxTicketAge
: LARGE_INTEGER
,
315 MaxRenewAge
: LARGE_INTEGER
,
316 MaxClockSkew
: LARGE_INTEGER
,
317 Reserved
: LARGE_INTEGER
,
319 pub type PPOLICY_DOMAIN_KERBEROS_TICKET_INFO
= *mut POLICY_DOMAIN_KERBEROS_TICKET_INFO
;
320 ENUM
!{enum POLICY_NOTIFICATION_INFORMATION_CLASS
{
321 PolicyNotifyAuditEventsInformation
= 1,
322 PolicyNotifyAccountDomainInformation
,
323 PolicyNotifyServerRoleInformation
,
324 PolicyNotifyDnsDomainInformation
,
325 PolicyNotifyDomainEfsInformation
,
326 PolicyNotifyDomainKerberosTicketInformation
,
327 PolicyNotifyMachineAccountPasswordInformation
,
328 PolicyNotifyGlobalSaclInformation
,
331 pub type PPOLICY_NOTIFICATION_INFORMATION_CLASS
= *mut POLICY_NOTIFICATION_INFORMATION_CLASS
;
332 pub type LSA_HANDLE
= PVOID
;
333 pub type PLSA_HANDLE
= *mut PVOID
;
334 ENUM
!{enum TRUSTED_INFORMATION_CLASS
{
335 TrustedDomainNameInformation
= 1,
336 TrustedControllersInformation
,
337 TrustedPosixOffsetInformation
,
338 TrustedPasswordInformation
,
339 TrustedDomainInformationBasic
,
340 TrustedDomainInformationEx
,
341 TrustedDomainAuthInformation
,
342 TrustedDomainFullInformation
,
343 TrustedDomainAuthInformationInternal
,
344 TrustedDomainFullInformationInternal
,
345 TrustedDomainInformationEx2Internal
,
346 TrustedDomainFullInformation2Internal
,
347 TrustedDomainSupportedEncryptionTypes
,
349 pub type PTRUSTED_INFORMATION_CLASS
= *mut TRUSTED_INFORMATION_CLASS
;
350 STRUCT
!{struct TRUSTED_DOMAIN_NAME_INFO
{
351 Name
: LSA_UNICODE_STRING
,
353 pub type PTRUSTED_DOMAIN_NAME_INFO
= *mut TRUSTED_DOMAIN_NAME_INFO
;
354 STRUCT
!{struct TRUSTED_CONTROLLERS_INFO
{
356 Names
: PLSA_UNICODE_STRING
,
358 pub type PTRUSTED_CONTROLLERS_INFO
= *mut TRUSTED_CONTROLLERS_INFO
;
359 STRUCT
!{struct TRUSTED_POSIX_OFFSET_INFO
{
362 pub type PTRUSTED_POSIX_OFFSET_INFO
= *mut TRUSTED_POSIX_OFFSET_INFO
;
363 STRUCT
!{struct TRUSTED_PASSWORD_INFO
{
364 Password
: LSA_UNICODE_STRING
,
365 OldPassword
: LSA_UNICODE_STRING
,
367 pub type PTRUSTED_PASSWORD_INFO
= *mut TRUSTED_PASSWORD_INFO
;
368 pub type TRUSTED_DOMAIN_INFORMATION_BASIC
= LSA_TRUST_INFORMATION
;
369 pub type PTRUSTED_DOMAIN_INFORMATION_BASIC
= PLSA_TRUST_INFORMATION
;
370 pub const TRUST_DIRECTION_DISABLED
: ULONG
= 0x00000000;
371 pub const TRUST_DIRECTION_INBOUND
: ULONG
= 0x00000001;
372 pub const TRUST_DIRECTION_OUTBOUND
: ULONG
= 0x00000002;
373 pub const TRUST_DIRECTION_BIDIRECTIONAL
: ULONG
= TRUST_DIRECTION_INBOUND
374 | TRUST_DIRECTION_OUTBOUND
;
375 pub const TRUST_TYPE_DOWNLEVEL
: ULONG
= 0x00000001;
376 pub const TRUST_TYPE_UPLEVEL
: ULONG
= 0x00000002;
377 pub const TRUST_TYPE_MIT
: ULONG
= 0x00000003;
378 pub const TRUST_ATTRIBUTE_NON_TRANSITIVE
: ULONG
= 0x00000001;
379 pub const TRUST_ATTRIBUTE_UPLEVEL_ONLY
: ULONG
= 0x00000002;
380 pub const TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
: ULONG
= 0x00000004;
381 pub const TRUST_ATTRIBUTE_FOREST_TRANSITIVE
: ULONG
= 0x00000008;
382 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION
: ULONG
= 0x00000010;
383 pub const TRUST_ATTRIBUTE_WITHIN_FOREST
: ULONG
= 0x00000020;
384 pub const TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
: ULONG
= 0x00000040;
385 pub const TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION
: ULONG
= 0x00000080;
386 pub const TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS
: ULONG
= 0x00000100;
387 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION
: ULONG
= 0x00000200;
388 pub const TRUST_ATTRIBUTES_VALID
: ULONG
= 0xFF03FFFF;
389 pub const TRUST_ATTRIBUTES_USER
: ULONG
= 0xFF000000;
390 STRUCT
!{struct TRUSTED_DOMAIN_INFORMATION_EX
{
391 Name
: LSA_UNICODE_STRING
,
392 FlatName
: LSA_UNICODE_STRING
,
394 TrustDirection
: ULONG
,
396 TrustAttributes
: ULONG
,
398 pub type PTRUSTED_DOMAIN_INFORMATION_EX
= *mut TRUSTED_DOMAIN_INFORMATION_EX
;
399 STRUCT
!{struct TRUSTED_DOMAIN_INFORMATION_EX2
{
400 Name
: LSA_UNICODE_STRING
,
401 FlatName
: LSA_UNICODE_STRING
,
403 TrustDirection
: ULONG
,
405 TrustAttributes
: ULONG
,
406 ForestTrustLength
: ULONG
,
407 ForestTrustInfo
: PUCHAR
,
409 pub type PTRUSTED_DOMAIN_INFORMATION_EX2
= *mut TRUSTED_DOMAIN_INFORMATION_EX2
;
410 pub const TRUST_AUTH_TYPE_NONE
: ULONG
= 0;
411 pub const TRUST_AUTH_TYPE_NT4OWF
: ULONG
= 1;
412 pub const TRUST_AUTH_TYPE_CLEAR
: ULONG
= 2;
413 pub const TRUST_AUTH_TYPE_VERSION
: ULONG
= 3;
414 STRUCT
!{struct LSA_AUTH_INFORMATION
{
415 LastUpdateTime
: LARGE_INTEGER
,
417 AuthInfoLength
: ULONG
,
420 pub type PLSA_AUTH_INFORMATION
= *mut LSA_AUTH_INFORMATION
;
421 STRUCT
!{struct TRUSTED_DOMAIN_AUTH_INFORMATION
{
422 IncomingAuthInfos
: ULONG
,
423 IncomingAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
424 IncomingPreviousAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
425 OutgoingAuthInfos
: ULONG
,
426 OutgoingAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
427 OutgoingPreviousAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
429 pub type PTRUSTED_DOMAIN_AUTH_INFORMATION
= *mut TRUSTED_DOMAIN_AUTH_INFORMATION
;
430 STRUCT
!{struct TRUSTED_DOMAIN_FULL_INFORMATION
{
431 Information
: TRUSTED_DOMAIN_INFORMATION_EX
,
432 PosixOffset
: TRUSTED_POSIX_OFFSET_INFO
,
433 AuthInformation
: TRUSTED_DOMAIN_AUTH_INFORMATION
,
435 pub type PTRUSTED_DOMAIN_FULL_INFORMATION
= *mut TRUSTED_DOMAIN_FULL_INFORMATION
;
436 STRUCT
!{struct TRUSTED_DOMAIN_FULL_INFORMATION2
{
437 Information
: TRUSTED_DOMAIN_INFORMATION_EX2
,
438 PosixOffset
: TRUSTED_POSIX_OFFSET_INFO
,
439 AuthInformation
: TRUSTED_DOMAIN_AUTH_INFORMATION
,
441 pub type PTRUSTED_DOMAIN_FULL_INFORMATION2
= *mut TRUSTED_DOMAIN_FULL_INFORMATION2
;
442 STRUCT
!{struct TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES
{
443 SupportedEncryptionTypes
: ULONG
,
445 pub type PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES
=
446 *mut TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES
;
447 ENUM
!{enum LSA_FOREST_TRUST_RECORD_TYPE
{
448 ForestTrustTopLevelName
,
449 ForestTrustTopLevelNameEx
,
450 ForestTrustDomainInfo
,
451 ForestTrustRecordTypeLast
, // = ForestTrustDomainInfo,
453 pub const LSA_FTRECORD_DISABLED_REASONS
: ULONG
= 0x0000FFFF;
454 pub const LSA_TLN_DISABLED_NEW
: ULONG
= 0x00000001;
455 pub const LSA_TLN_DISABLED_ADMIN
: ULONG
= 0x00000002;
456 pub const LSA_TLN_DISABLED_CONFLICT
: ULONG
= 0x00000004;
457 pub const LSA_SID_DISABLED_ADMIN
: ULONG
= 0x00000001;
458 pub const LSA_SID_DISABLED_CONFLICT
: ULONG
= 0x00000002;
459 pub const LSA_NB_DISABLED_ADMIN
: ULONG
= 0x00000004;
460 pub const LSA_NB_DISABLED_CONFLICT
: ULONG
= 0x00000008;
461 STRUCT
!{struct LSA_FOREST_TRUST_DOMAIN_INFO
{
463 DnsName
: LSA_UNICODE_STRING
,
464 NetbiosName
: LSA_UNICODE_STRING
,
466 pub type PLSA_FOREST_TRUST_DOMAIN_INFO
= *mut LSA_FOREST_TRUST_DOMAIN_INFO
;
467 pub const MAX_FOREST_TRUST_BINARY_DATA_SIZE
: ULONG
= 128 * 1024;
468 STRUCT
!{struct LSA_FOREST_TRUST_BINARY_DATA
{
472 pub type PLSA_FOREST_TRUST_BINARY_DATA
= *mut LSA_FOREST_TRUST_BINARY_DATA
;
473 UNION
!{union LSA_FOREST_TRUST_RECORD_ForestTrustData
{
475 TopLevelName TopLevelName_mut
: LSA_UNICODE_STRING
,
476 DomainInfo DomainInfo_mut
: LSA_FOREST_TRUST_DOMAIN_INFO
,
477 Data Data_mut
: LSA_FOREST_TRUST_BINARY_DATA
,
479 STRUCT
!{struct LSA_FOREST_TRUST_RECORD
{
481 ForestTrustType
: LSA_FOREST_TRUST_RECORD_TYPE
,
483 ForestTrustData
: LSA_FOREST_TRUST_RECORD_ForestTrustData
,
485 pub type PLSA_FOREST_TRUST_RECORD
= *mut LSA_FOREST_TRUST_RECORD
;
486 pub const MAX_RECORDS_IN_FOREST_TRUST_INFO
: ULONG
= 4000;
487 STRUCT
!{struct LSA_FOREST_TRUST_INFORMATION
{
489 Entries
: *mut PLSA_FOREST_TRUST_RECORD
,
491 pub type PLSA_FOREST_TRUST_INFORMATION
= *mut LSA_FOREST_TRUST_INFORMATION
;
492 ENUM
!{enum LSA_FOREST_TRUST_COLLISION_RECORD_TYPE
{
497 STRUCT
!{struct LSA_FOREST_TRUST_COLLISION_RECORD
{
499 Type
: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE
,
501 Name
: LSA_UNICODE_STRING
,
503 pub type PLSA_FOREST_TRUST_COLLISION_RECORD
= *mut LSA_FOREST_TRUST_COLLISION_RECORD
;
504 STRUCT
!{struct LSA_FOREST_TRUST_COLLISION_INFORMATION
{
506 Entries
: *mut PLSA_FOREST_TRUST_COLLISION_RECORD
,
508 pub type PLSA_FOREST_TRUST_COLLISION_INFORMATION
= *mut LSA_FOREST_TRUST_COLLISION_INFORMATION
;
509 pub type LSA_ENUMERATION_HANDLE
= ULONG
;
510 pub type PLSA_ENUMERATION_HANDLE
= *mut ULONG
;
511 STRUCT
!{struct LSA_ENUMERATION_INFORMATION
{
514 pub type PLSA_ENUMERATION_INFORMATION
= *mut LSA_ENUMERATION_INFORMATION
;
515 STRUCT
!{struct LSA_LAST_INTER_LOGON_INFO
{
516 LastSuccessfulLogon
: LARGE_INTEGER
,
517 LastFailedLogon
: LARGE_INTEGER
,
518 FailedAttemptCountSinceLastSuccessfulLogon
: ULONG
,
520 pub type PLSA_LAST_INTER_LOGON_INFO
= *mut LSA_LAST_INTER_LOGON_INFO
;
521 STRUCT
!{struct SECURITY_LOGON_SESSION_DATA
{
524 UserName
: LSA_UNICODE_STRING
,
525 LogonDomain
: LSA_UNICODE_STRING
,
526 AuthenticationPackage
: LSA_UNICODE_STRING
,
530 LogonTime
: LARGE_INTEGER
,
531 LogonServer
: LSA_UNICODE_STRING
,
532 DnsDomainName
: LSA_UNICODE_STRING
,
533 Upn
: LSA_UNICODE_STRING
,
535 LastLogonInfo
: LSA_LAST_INTER_LOGON_INFO
,
536 LogonScript
: LSA_UNICODE_STRING
,
537 ProfilePath
: LSA_UNICODE_STRING
,
538 HomeDirectory
: LSA_UNICODE_STRING
,
539 HomeDirectoryDrive
: LSA_UNICODE_STRING
,
540 LogoffTime
: LARGE_INTEGER
,
541 KickOffTime
: LARGE_INTEGER
,
542 PasswordLastSet
: LARGE_INTEGER
,
543 PasswordCanChange
: LARGE_INTEGER
,
544 PasswordMustChange
: LARGE_INTEGER
,
546 pub type PSECURITY_LOGON_SESSION_DATA
= *mut SECURITY_LOGON_SESSION_DATA
;
547 pub const CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
: ULONG
= 0x00000001;
548 pub const CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
: ULONG
= 0x00000100;
549 pub const CENTRAL_ACCESS_POLICY_STAGED_FLAG
: ULONG
= 0x00010000;
550 pub const CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK
: ULONG
=
551 CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
552 | CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
553 | CENTRAL_ACCESS_POLICY_STAGED_FLAG
;
554 pub const LSASETCAPS_RELOAD_FLAG
: ULONG
= 0x00000001;
555 pub const LSASETCAPS_VALID_FLAG_MASK
: ULONG
= LSASETCAPS_RELOAD_FLAG
;
556 STRUCT
!{struct CENTRAL_ACCESS_POLICY_ENTRY
{
557 Name
: LSA_UNICODE_STRING
,
558 Description
: LSA_UNICODE_STRING
,
559 ChangeId
: LSA_UNICODE_STRING
,
560 LengthAppliesTo
: ULONG
,
563 SD
: PSECURITY_DESCRIPTOR
,
564 LengthStagedSD
: ULONG
,
565 StagedSD
: PSECURITY_DESCRIPTOR
,
568 pub type PCENTRAL_ACCESS_POLICY_ENTRY
= *mut CENTRAL_ACCESS_POLICY_ENTRY
;
569 pub type PCCENTRAL_ACCESS_POLICY_ENTRY
= *const CENTRAL_ACCESS_POLICY_ENTRY
;
570 STRUCT
!{struct CENTRAL_ACCESS_POLICY
{
572 Name
: LSA_UNICODE_STRING
,
573 Description
: LSA_UNICODE_STRING
,
574 ChangeId
: LSA_UNICODE_STRING
,
577 CAPEs
: *mut PCENTRAL_ACCESS_POLICY_ENTRY
,
579 pub type PCENTRAL_ACCESS_POLICY
= *mut CENTRAL_ACCESS_POLICY
;
580 pub type PCCENTRAL_ACCESS_POLICY
= *const CENTRAL_ACCESS_POLICY
;
581 ENUM
!{enum NEGOTIATE_MESSAGES
{
582 NegEnumPackagePrefixes
= 0,
583 NegGetCallerName
= 1,
584 NegTransferCredentials
= 2,
587 pub const NEGOTIATE_MAX_PREFIX
: usize = 32;
588 STRUCT
!{struct NEGOTIATE_PACKAGE_PREFIX
{
589 PackageId
: ULONG_PTR
,
592 PrefixLen
: ULONG_PTR
,
593 Prefix
: [UCHAR
; NEGOTIATE_MAX_PREFIX
],
595 pub type PNEGOTIATE_PACKAGE_PREFIX
= *mut NEGOTIATE_PACKAGE_PREFIX
;
596 STRUCT
!{struct NEGOTIATE_PACKAGE_PREFIXES
{
602 pub type PNEGOTIATE_PACKAGE_PREFIXES
= *mut NEGOTIATE_PACKAGE_PREFIXES
;
603 STRUCT
!{struct NEGOTIATE_CALLER_NAME_REQUEST
{
607 pub type PNEGOTIATE_CALLER_NAME_REQUEST
= *mut NEGOTIATE_CALLER_NAME_REQUEST
;
608 STRUCT
!{struct NEGOTIATE_CALLER_NAME_RESPONSE
{
612 pub type PNEGOTIATE_CALLER_NAME_RESPONSE
= *mut NEGOTIATE_CALLER_NAME_RESPONSE
;
613 STRUCT
!{struct DOMAIN_PASSWORD_INFORMATION
{
614 MinPasswordLength
: USHORT
,
615 PasswordHistoryLength
: USHORT
,
616 PasswordProperties
: ULONG
,
617 MaxPasswordAge
: LARGE_INTEGER
,
618 MinPasswordAge
: LARGE_INTEGER
,
620 pub type PDOMAIN_PASSWORD_INFORMATION
= *mut DOMAIN_PASSWORD_INFORMATION
;
621 pub const DOMAIN_PASSWORD_COMPLEX
: ULONG
= 0x00000001;
622 pub const DOMAIN_PASSWORD_NO_ANON_CHANGE
: ULONG
= 0x00000002;
623 pub const DOMAIN_PASSWORD_NO_CLEAR_CHANGE
: ULONG
= 0x00000004;
624 pub const DOMAIN_LOCKOUT_ADMINS
: ULONG
= 0x00000008;
625 pub const DOMAIN_PASSWORD_STORE_CLEARTEXT
: ULONG
= 0x00000010;
626 pub const DOMAIN_REFUSE_PASSWORD_CHANGE
: ULONG
= 0x00000020;
627 pub const DOMAIN_NO_LM_OWF_CHANGE
: ULONG
= 0x00000040;
628 FN
!{stdcall
PSAM_PASSWORD_NOTIFICATION_ROUTINE(
629 UserName
: PUNICODE_STRING
,
631 NewPassword
: PUNICODE_STRING
,
633 FN
!{stdcall PSAM_INIT_NOTIFICATION_ROUTINE() -> BOOLEAN}
634 FN
!{stdcall
PSAM_PASSWORD_FILTER_ROUTINE(
635 AccountName
: PUNICODE_STRING
,
636 FullName
: PUNICODE_STRING
,
637 Password
: PUNICODE_STRING
,
638 SetOperation
: BOOLEAN
,
640 ENUM
!{enum MSV1_0_LOGON_SUBMIT_TYPE
{
641 MsV1_0InteractiveLogon
= 2,
645 MsV1_0WorkstationUnlockLogon
= 7,
647 MsV1_0VirtualLogon
= 82,
648 MsV1_0NoElevationLogon
= 83,
649 MsV1_0LuidLogon
= 84,
651 pub type PMSV1_0_LOGON_SUBMIT_TYPE
= *mut MSV1_0_LOGON_SUBMIT_TYPE
;
652 ENUM
!{enum MSV1_0_PROFILE_BUFFER_TYPE
{
653 MsV1_0InteractiveProfile
= 2,
654 MsV1_0Lm20LogonProfile
,
655 MsV1_0SmartCardProfile
,
657 pub type PMSV1_0_PROFILE_BUFFER_TYPE
= *mut MSV1_0_PROFILE_BUFFER_TYPE
;
658 STRUCT
!{struct MSV1_0_INTERACTIVE_LOGON
{
659 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
660 LogonDomainName
: UNICODE_STRING
,
661 UserName
: UNICODE_STRING
,
662 Password
: UNICODE_STRING
,
664 pub type PMSV1_0_INTERACTIVE_LOGON
= *mut MSV1_0_INTERACTIVE_LOGON
;
665 STRUCT
!{struct MSV1_0_INTERACTIVE_PROFILE
{
666 MessageType
: MSV1_0_PROFILE_BUFFER_TYPE
,
668 BadPasswordCount
: USHORT
,
669 LogonTime
: LARGE_INTEGER
,
670 LogoffTime
: LARGE_INTEGER
,
671 KickOffTime
: LARGE_INTEGER
,
672 PasswordLastSet
: LARGE_INTEGER
,
673 PasswordCanChange
: LARGE_INTEGER
,
674 PasswordMustChange
: LARGE_INTEGER
,
675 LogonScript
: UNICODE_STRING
,
676 HomeDirectory
: UNICODE_STRING
,
677 FullName
: UNICODE_STRING
,
678 ProfilePath
: UNICODE_STRING
,
679 HomeDirectoryDrive
: UNICODE_STRING
,
680 LogonServer
: UNICODE_STRING
,
683 pub type PMSV1_0_INTERACTIVE_PROFILE
= *mut MSV1_0_INTERACTIVE_PROFILE
;
684 pub const MSV1_0_CHALLENGE_LENGTH
: usize = 8;
685 pub const MSV1_0_USER_SESSION_KEY_LENGTH
: usize = 16;
686 pub const MSV1_0_LANMAN_SESSION_KEY_LENGTH
: usize = 8;
687 pub const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED
: ULONG
= 0x02;
688 pub const MSV1_0_UPDATE_LOGON_STATISTICS
: ULONG
= 0x04;
689 pub const MSV1_0_RETURN_USER_PARAMETERS
: ULONG
= 0x08;
690 pub const MSV1_0_DONT_TRY_GUEST_ACCOUNT
: ULONG
= 0x10;
691 pub const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
: ULONG
= 0x20;
692 pub const MSV1_0_RETURN_PASSWORD_EXPIRY
: ULONG
= 0x40;
693 pub const MSV1_0_USE_CLIENT_CHALLENGE
: ULONG
= 0x80;
694 pub const MSV1_0_TRY_GUEST_ACCOUNT_ONLY
: ULONG
= 0x100;
695 pub const MSV1_0_RETURN_PROFILE_PATH
: ULONG
= 0x200;
696 pub const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY
: ULONG
= 0x400;
697 pub const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT
: ULONG
= 0x800;
698 pub const MSV1_0_DISABLE_PERSONAL_FALLBACK
: ULONG
= 0x00001000;
699 pub const MSV1_0_ALLOW_FORCE_GUEST
: ULONG
= 0x00002000;
700 pub const MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED
: ULONG
= 0x00004000;
701 pub const MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY
: ULONG
= 0x00008000;
702 pub const MSV1_0_SUBAUTHENTICATION_DLL_EX
: ULONG
= 0x00100000;
703 pub const MSV1_0_ALLOW_MSVCHAPV2
: ULONG
= 0x00010000;
704 pub const MSV1_0_S4U2SELF
: ULONG
= 0x00020000;
705 pub const MSV1_0_CHECK_LOGONHOURS_FOR_S4U
: ULONG
= 0x00040000;
706 pub const MSV1_0_INTERNET_DOMAIN
: ULONG
= 0x00080000;
707 pub const MSV1_0_SUBAUTHENTICATION_DLL
: ULONG
= 0xFF000000;
708 pub const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT
: ULONG
= 24;
709 pub const MSV1_0_MNS_LOGON
: ULONG
= 0x01000000;
710 pub const MSV1_0_SUBAUTHENTICATION_DLL_RAS
: ULONG
= 2;
711 pub const MSV1_0_SUBAUTHENTICATION_DLL_IIS
: ULONG
= 132;
712 STRUCT
!{struct MSV1_0_LM20_LOGON
{
713 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
714 LogonDomainName
: UNICODE_STRING
,
715 UserName
: UNICODE_STRING
,
716 Workstation
: UNICODE_STRING
,
717 ChallengeToClient
: [UCHAR
; MSV1_0_CHALLENGE_LENGTH
],
718 CaseSensitiveChallengeResponse
: STRING
,
719 CaseInsensitiveChallengeResponse
: STRING
,
720 ParameterControl
: ULONG
,
722 pub type PMSV1_0_LM20_LOGON
= *mut MSV1_0_LM20_LOGON
;
723 STRUCT
!{struct MSV1_0_SUBAUTH_LOGON
{
724 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
725 LogonDomainName
: UNICODE_STRING
,
726 UserName
: UNICODE_STRING
,
727 Workstation
: UNICODE_STRING
,
728 ChallengeToClient
: [UCHAR
; MSV1_0_CHALLENGE_LENGTH
],
729 AuthenticationInfo1
: STRING
,
730 AuthenticationInfo2
: STRING
,
731 ParameterControl
: ULONG
,
732 SubAuthPackageId
: ULONG
,
734 pub type PMSV1_0_SUBAUTH_LOGON
= *mut MSV1_0_SUBAUTH_LOGON
;
735 STRUCT
!{struct MSV1_0_S4U_LOGON
{
736 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
737 MSV1_0_LOGON_SUBMIT_TYPE
: ULONG
,
738 UserPrincipalName
: UNICODE_STRING
,
739 DomainName
: UNICODE_STRING
,
741 pub type PMSV1_0_S4U_LOGON
= *mut MSV1_0_S4U_LOGON
;
742 pub const LOGON_GUEST
: ULONG
= 0x01;
743 pub const LOGON_NOENCRYPTION
: ULONG
= 0x02;
744 pub const LOGON_CACHED_ACCOUNT
: ULONG
= 0x04;
745 pub const LOGON_USED_LM_PASSWORD
: ULONG
= 0x08;
746 pub const LOGON_EXTRA_SIDS
: ULONG
= 0x20;
747 pub const LOGON_SUBAUTH_SESSION_KEY
: ULONG
= 0x40;
748 pub const LOGON_SERVER_TRUST_ACCOUNT
: ULONG
= 0x80;
749 pub const LOGON_NTLMV2_ENABLED
: ULONG
= 0x100;
750 pub const LOGON_RESOURCE_GROUPS
: ULONG
= 0x200;
751 pub const LOGON_PROFILE_PATH_RETURNED
: ULONG
= 0x400;
752 pub const LOGON_NT_V2
: ULONG
= 0x800;
753 pub const LOGON_LM_V2
: ULONG
= 0x1000;
754 pub const LOGON_NTLM_V2
: ULONG
= 0x2000;
755 pub const LOGON_OPTIMIZED
: ULONG
= 0x4000;
756 pub const LOGON_WINLOGON
: ULONG
= 0x8000;
757 pub const LOGON_PKINIT
: ULONG
= 0x10000;
758 pub const LOGON_NO_OPTIMIZED
: ULONG
= 0x20000;
759 pub const LOGON_NO_ELEVATION
: ULONG
= 0x40000;
760 pub const LOGON_MANAGED_SERVICE
: ULONG
= 0x80000;
761 pub const LOGON_GRACE_LOGON
: ULONG
= 0x01000000;
762 STRUCT
!{struct MSV1_0_LM20_LOGON_PROFILE
{
763 MessageType
: MSV1_0_PROFILE_BUFFER_TYPE
,
764 KickOffTime
: LARGE_INTEGER
,
765 LogoffTime
: LARGE_INTEGER
,
767 UserSessionKey
: [UCHAR
; MSV1_0_USER_SESSION_KEY_LENGTH
],
768 LogonDomainName
: UNICODE_STRING
,
769 LanmanSessionKey
: [UCHAR
; MSV1_0_LANMAN_SESSION_KEY_LENGTH
],
770 LogonServer
: UNICODE_STRING
,
771 UserParameters
: UNICODE_STRING
,
773 pub type PMSV1_0_LM20_LOGON_PROFILE
= *mut MSV1_0_LM20_LOGON_PROFILE
;
774 pub const MSV1_0_OWF_PASSWORD_LENGTH
: usize = 16;
775 STRUCT
!{struct MSV1_0_SUPPLEMENTAL_CREDENTIAL
{
778 LmPassword
: [UCHAR
; MSV1_0_OWF_PASSWORD_LENGTH
],
779 NtPassword
: [UCHAR
; MSV1_0_OWF_PASSWORD_LENGTH
],
781 pub type PMSV1_0_SUPPLEMENTAL_CREDENTIAL
= *mut MSV1_0_SUPPLEMENTAL_CREDENTIAL
;
782 pub const MSV1_0_NTLM3_RESPONSE_LENGTH
: usize = 16;
783 pub const MSV1_0_NTLM3_OWF_LENGTH
: usize = 16;
784 STRUCT
!{struct MSV1_0_NTLM3_RESPONSE
{
785 Response
: [UCHAR
; MSV1_0_NTLM3_RESPONSE_LENGTH
],
790 TimeStamp
: ULONGLONG
,
791 ChallengeFromClient
: [UCHAR
; MSV1_0_CHALLENGE_LENGTH
],
795 pub type PMSV1_0_NTLM3_RESPONSE
= *mut MSV1_0_NTLM3_RESPONSE
;
796 ENUM
!{enum MSV1_0_AVID
{
800 MsvAvDnsComputerName
,
807 MsvAvChannelBindings
,
809 STRUCT
!{struct MSV1_0_AV_PAIR
{
813 pub type PMSV1_0_AV_PAIR
= *mut MSV1_0_AV_PAIR
;
814 ENUM
!{enum MSV1_0_PROTOCOL_MESSAGE_TYPE
{
815 MsV1_0Lm20ChallengeRequest
= 0,
816 MsV1_0Lm20GetChallengeResponse
,
817 MsV1_0EnumerateUsers
,
820 MsV1_0ChangePassword
,
821 MsV1_0ChangeCachedPassword
,
822 MsV1_0GenericPassthrough
,
825 MsV1_0DeriveCredential
,
827 MsV1_0SetProcessOption
,
828 MsV1_0ConfigLocalAliases
,
829 MsV1_0ClearCachedCredentials
,
833 MsV1_0GetCredentialKey
,
834 MsV1_0SetThreadOption
,
836 pub type PMSV1_0_PROTOCOL_MESSAGE_TYPE
= *mut MSV1_0_PROTOCOL_MESSAGE_TYPE
;
837 STRUCT
!{struct MSV1_0_CHANGEPASSWORD_REQUEST
{
838 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
839 DomainName
: UNICODE_STRING
,
840 AccountName
: UNICODE_STRING
,
841 OldPassword
: UNICODE_STRING
,
842 NewPassword
: UNICODE_STRING
,
843 Impersonating
: BOOLEAN
,
845 pub type PMSV1_0_CHANGEPASSWORD_REQUEST
= *mut MSV1_0_CHANGEPASSWORD_REQUEST
;
846 STRUCT
!{struct MSV1_0_CHANGEPASSWORD_RESPONSE
{
847 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
848 PasswordInfoValid
: BOOLEAN
,
849 DomainPasswordInfo
: DOMAIN_PASSWORD_INFORMATION
,
851 pub type PMSV1_0_CHANGEPASSWORD_RESPONSE
= *mut MSV1_0_CHANGEPASSWORD_RESPONSE
;
852 STRUCT
!{struct MSV1_0_PASSTHROUGH_REQUEST
{
853 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
854 DomainName
: UNICODE_STRING
,
855 PackageName
: UNICODE_STRING
,
860 pub type PMSV1_0_PASSTHROUGH_REQUEST
= *mut MSV1_0_PASSTHROUGH_REQUEST
;
861 STRUCT
!{struct MSV1_0_PASSTHROUGH_RESPONSE
{
862 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
865 ValidationData
: PUCHAR
,
867 pub type PMSV1_0_PASSTHROUGH_RESPONSE
= *mut MSV1_0_PASSTHROUGH_RESPONSE
;
868 STRUCT
!{struct MSV1_0_SUBAUTH_REQUEST
{
869 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
870 SubAuthPackageId
: ULONG
,
871 SubAuthInfoLength
: ULONG
,
872 SubAuthSubmitBuffer
: PUCHAR
,
874 pub type PMSV1_0_SUBAUTH_REQUEST
= *mut MSV1_0_SUBAUTH_REQUEST
;
875 STRUCT
!{struct MSV1_0_SUBAUTH_RESPONSE
{
876 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
877 SubAuthInfoLength
: ULONG
,
878 SubAuthReturnBuffer
: PUCHAR
,
880 pub type PMSV1_0_SUBAUTH_RESPONSE
= *mut MSV1_0_SUBAUTH_RESPONSE
;
881 pub use self::SystemFunction036
as RtlGenRandom
;
882 pub use self::SystemFunction040
as RtlEncryptMemory
;
883 pub use self::SystemFunction041
as RtlDecryptMemory
;
885 pub fn SystemFunction036(
887 RandomBufferLength
: ULONG
,
890 pub const RTL_ENCRYPT_MEMORY_SIZE
: ULONG
= 8;
891 pub const RTL_ENCRYPT_OPTION_CROSS_PROCESS
: ULONG
= 0x01;
892 pub const RTL_ENCRYPT_OPTION_SAME_LOGON
: ULONG
= 0x02;
894 pub fn SystemFunction040(
899 pub fn SystemFunction041(
905 pub const KERBEROS_VERSION
: ULONG
= 5;
906 pub const KERBEROS_REVISION
: ULONG
= 6;
907 pub const KERB_ETYPE_NULL
: LONG
= 0;
908 pub const KERB_ETYPE_DES_CBC_CRC
: LONG
= 1;
909 pub const KERB_ETYPE_DES_CBC_MD4
: LONG
= 2;
910 pub const KERB_ETYPE_DES_CBC_MD5
: LONG
= 3;
911 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96
: LONG
= 17;
912 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96
: LONG
= 18;
913 pub const KERB_ETYPE_RC4_MD4
: LONG
= -128;
914 pub const KERB_ETYPE_RC4_PLAIN2
: LONG
= -129;
915 pub const KERB_ETYPE_RC4_LM
: LONG
= -130;
916 pub const KERB_ETYPE_RC4_SHA
: LONG
= -131;
917 pub const KERB_ETYPE_DES_PLAIN
: LONG
= -132;
918 pub const KERB_ETYPE_RC4_HMAC_OLD
: LONG
= -133;
919 pub const KERB_ETYPE_RC4_PLAIN_OLD
: LONG
= -134;
920 pub const KERB_ETYPE_RC4_HMAC_OLD_EXP
: LONG
= -135;
921 pub const KERB_ETYPE_RC4_PLAIN_OLD_EXP
: LONG
= -136;
922 pub const KERB_ETYPE_RC4_PLAIN
: LONG
= -140;
923 pub const KERB_ETYPE_RC4_PLAIN_EXP
: LONG
= -141;
924 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN
: LONG
= -148;
925 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN
: LONG
= -149;
926 pub const KERB_ETYPE_DSA_SHA1_CMS
: LONG
= 9;
927 pub const KERB_ETYPE_RSA_MD5_CMS
: LONG
= 10;
928 pub const KERB_ETYPE_RSA_SHA1_CMS
: LONG
= 11;
929 pub const KERB_ETYPE_RC2_CBC_ENV
: LONG
= 12;
930 pub const KERB_ETYPE_RSA_ENV
: LONG
= 13;
931 pub const KERB_ETYPE_RSA_ES_OEAP_ENV
: LONG
= 14;
932 pub const KERB_ETYPE_DES_EDE3_CBC_ENV
: LONG
= 15;
933 pub const KERB_ETYPE_DSA_SIGN
: LONG
= 8;
934 pub const KERB_ETYPE_RSA_PRIV
: LONG
= 9;
935 pub const KERB_ETYPE_RSA_PUB
: LONG
= 10;
936 pub const KERB_ETYPE_RSA_PUB_MD5
: LONG
= 11;
937 pub const KERB_ETYPE_RSA_PUB_SHA1
: LONG
= 12;
938 pub const KERB_ETYPE_PKCS7_PUB
: LONG
= 13;
939 pub const KERB_ETYPE_DES3_CBC_MD5
: LONG
= 5;
940 pub const KERB_ETYPE_DES3_CBC_SHA1
: LONG
= 7;
941 pub const KERB_ETYPE_DES3_CBC_SHA1_KD
: LONG
= 16;
942 pub const KERB_ETYPE_DES_CBC_MD5_NT
: LONG
= 20;
943 pub const KERB_ETYPE_RC4_HMAC_NT
: LONG
= 23;
944 pub const KERB_ETYPE_RC4_HMAC_NT_EXP
: LONG
= 24;
945 pub const KERB_CHECKSUM_NONE
: LONG
= 0;
946 pub const KERB_CHECKSUM_CRC32
: LONG
= 1;
947 pub const KERB_CHECKSUM_MD4
: LONG
= 2;
948 pub const KERB_CHECKSUM_KRB_DES_MAC
: LONG
= 4;
949 pub const KERB_CHECKSUM_KRB_DES_MAC_K
: LONG
= 5;
950 pub const KERB_CHECKSUM_MD5
: LONG
= 7;
951 pub const KERB_CHECKSUM_MD5_DES
: LONG
= 8;
952 pub const KERB_CHECKSUM_SHA1_NEW
: LONG
= 14;
953 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128
: LONG
= 15;
954 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256
: LONG
= 16;
955 pub const KERB_CHECKSUM_LM
: LONG
= -130;
956 pub const KERB_CHECKSUM_SHA1
: LONG
= -131;
957 pub const KERB_CHECKSUM_REAL_CRC32
: LONG
= -132;
958 pub const KERB_CHECKSUM_DES_MAC
: LONG
= -133;
959 pub const KERB_CHECKSUM_DES_MAC_MD5
: LONG
= -134;
960 pub const KERB_CHECKSUM_MD25
: LONG
= -135;
961 pub const KERB_CHECKSUM_RC4_MD5
: LONG
= -136;
962 pub const KERB_CHECKSUM_MD5_HMAC
: LONG
= -137;
963 pub const KERB_CHECKSUM_HMAC_MD5
: LONG
= -138;
964 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki
: LONG
= -150;
965 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki
: LONG
= -151;
966 pub const KERB_TICKET_FLAGS_reserved
: ULONG
= 0x80000000;
967 pub const KERB_TICKET_FLAGS_forwardable
: ULONG
= 0x40000000;
968 pub const KERB_TICKET_FLAGS_forwarded
: ULONG
= 0x20000000;
969 pub const KERB_TICKET_FLAGS_proxiable
: ULONG
= 0x10000000;
970 pub const KERB_TICKET_FLAGS_proxy
: ULONG
= 0x08000000;
971 pub const KERB_TICKET_FLAGS_may_postdate
: ULONG
= 0x04000000;
972 pub const KERB_TICKET_FLAGS_postdated
: ULONG
= 0x02000000;
973 pub const KERB_TICKET_FLAGS_invalid
: ULONG
= 0x01000000;
974 pub const KERB_TICKET_FLAGS_renewable
: ULONG
= 0x00800000;
975 pub const KERB_TICKET_FLAGS_initial
: ULONG
= 0x00400000;
976 pub const KERB_TICKET_FLAGS_pre_authent
: ULONG
= 0x00200000;
977 pub const KERB_TICKET_FLAGS_hw_authent
: ULONG
= 0x00100000;
978 pub const KERB_TICKET_FLAGS_ok_as_delegate
: ULONG
= 0x00040000;
979 pub const KERB_TICKET_FLAGS_name_canonicalize
: ULONG
= 0x00010000;
980 pub const KERB_TICKET_FLAGS_cname_in_pa_data
: ULONG
= 0x00040000;
981 pub const KERB_TICKET_FLAGS_enc_pa_rep
: ULONG
= 0x00010000;
982 pub const KERB_TICKET_FLAGS_reserved1
: ULONG
= 0x00000001;
983 pub const KRB_NT_UNKNOWN
: LONG
= 0;
984 pub const KRB_NT_PRINCIPAL
: LONG
= 1;
985 pub const KRB_NT_PRINCIPAL_AND_ID
: LONG
= -131;
986 pub const KRB_NT_SRV_INST
: LONG
= 2;
987 pub const KRB_NT_SRV_INST_AND_ID
: LONG
= -132;
988 pub const KRB_NT_SRV_HST
: LONG
= 3;
989 pub const KRB_NT_SRV_XHST
: LONG
= 4;
990 pub const KRB_NT_UID
: LONG
= 5;
991 pub const KRB_NT_ENTERPRISE_PRINCIPAL
: LONG
= 10;
992 pub const KRB_NT_WELLKNOWN
: LONG
= 11;
993 pub const KRB_NT_ENT_PRINCIPAL_AND_ID
: LONG
= -130;
994 pub const KRB_NT_MS_PRINCIPAL
: LONG
= -128;
995 pub const KRB_NT_MS_PRINCIPAL_AND_ID
: LONG
= -129;
996 pub const KRB_NT_MS_BRANCH_ID
: LONG
= -133;
997 pub const KRB_NT_X500_PRINCIPAL
: LONG
= 6;
998 pub const KERB_WRAP_NO_ENCRYPT
: ULONG
= 0x80000001;
999 ENUM
!{enum KERB_LOGON_SUBMIT_TYPE
{
1000 KerbInteractiveLogon
= 2,
1001 KerbSmartCardLogon
= 6,
1002 KerbWorkstationUnlockLogon
= 7,
1003 KerbSmartCardUnlockLogon
= 8,
1005 KerbTicketLogon
= 10,
1006 KerbTicketUnlockLogon
= 11,
1008 KerbCertificateLogon
= 13,
1009 KerbCertificateS4ULogon
= 14,
1010 KerbCertificateUnlockLogon
= 15,
1011 KerbNoElevationLogon
= 83,
1014 pub type PKERB_LOGON_SUBMIT_TYPE
= *mut KERB_LOGON_SUBMIT_TYPE
;
1015 STRUCT
!{struct KERB_INTERACTIVE_LOGON
{
1016 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1017 LogonDomainName
: UNICODE_STRING
,
1018 UserName
: UNICODE_STRING
,
1019 Password
: UNICODE_STRING
,
1021 pub type PKERB_INTERACTIVE_LOGON
= *mut KERB_INTERACTIVE_LOGON
;
1022 STRUCT
!{struct KERB_INTERACTIVE_UNLOCK_LOGON
{
1023 Logon
: KERB_INTERACTIVE_LOGON
,
1026 pub type PKERB_INTERACTIVE_UNLOCK_LOGON
= *mut KERB_INTERACTIVE_UNLOCK_LOGON
;
1027 STRUCT
!{struct KERB_SMART_CARD_LOGON
{
1028 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1029 Pin
: UNICODE_STRING
,
1030 CspDataLength
: ULONG
,
1033 pub type PKERB_SMART_CARD_LOGON
= *mut KERB_SMART_CARD_LOGON
;
1034 STRUCT
!{struct KERB_SMART_CARD_UNLOCK_LOGON
{
1035 Logon
: KERB_SMART_CARD_LOGON
,
1038 pub type PKERB_SMART_CARD_UNLOCK_LOGON
= *mut KERB_SMART_CARD_UNLOCK_LOGON
;
1039 pub const KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES
: ULONG
= 0x1;
1040 pub const KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO
: ULONG
= 0x2;
1041 STRUCT
!{struct KERB_CERTIFICATE_LOGON
{
1042 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1043 DomainName
: UNICODE_STRING
,
1044 UserName
: UNICODE_STRING
,
1045 Pin
: UNICODE_STRING
,
1047 CspDataLength
: ULONG
,
1050 pub type PKERB_CERTIFICATE_LOGON
= *mut KERB_CERTIFICATE_LOGON
;
1051 STRUCT
!{struct KERB_CERTIFICATE_UNLOCK_LOGON
{
1052 Logon
: KERB_CERTIFICATE_LOGON
,
1055 pub type PKERB_CERTIFICATE_UNLOCK_LOGON
= *mut KERB_CERTIFICATE_UNLOCK_LOGON
;
1056 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES
: ULONG
= 0x1;
1057 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS
: ULONG
= 0x2;
1058 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED
: ULONG
= 0x4;
1059 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY
: ULONG
= 0x8;
1060 STRUCT
!{struct KERB_CERTIFICATE_S4U_LOGON
{
1061 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1063 UserPrincipalName
: UNICODE_STRING
,
1064 DomainName
: UNICODE_STRING
,
1065 CertificateLength
: ULONG
,
1066 Certificate
: PUCHAR
,
1068 pub type PKERB_CERTIFICATE_S4U_LOGON
= *mut KERB_CERTIFICATE_S4U_LOGON
;
1069 STRUCT
!{struct KERB_TICKET_LOGON
{
1070 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1072 ServiceTicketLength
: ULONG
,
1073 TicketGrantingTicketLength
: ULONG
,
1074 ServiceTicket
: PUCHAR
,
1075 TicketGrantingTicket
: PUCHAR
,
1077 pub type PKERB_TICKET_LOGON
= *mut KERB_TICKET_LOGON
;
1078 STRUCT
!{struct KERB_TICKET_UNLOCK_LOGON
{
1079 Logon
: KERB_TICKET_LOGON
,
1082 pub type PKERB_TICKET_UNLOCK_LOGON
= *mut KERB_TICKET_UNLOCK_LOGON
;
1083 pub const KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS
: ULONG
= 0x2;
1084 pub const KERB_S4U_LOGON_FLAG_IDENTIFY
: ULONG
= 0x8;
1085 STRUCT
!{struct KERB_S4U_LOGON
{
1086 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1088 ClientUpn
: UNICODE_STRING
,
1089 ClientRealm
: UNICODE_STRING
,
1091 pub type PKERB_S4U_LOGON
= *mut KERB_S4U_LOGON
;
1092 ENUM
!{enum KERB_PROFILE_BUFFER_TYPE
{
1093 KerbInteractiveProfile
= 2,
1094 KerbSmartCardProfile
= 4,
1095 KerbTicketProfile
= 6,
1097 pub type PKERB_PROFILE_BUFFER_TYPE
= *mut KERB_PROFILE_BUFFER_TYPE
;
1098 STRUCT
!{struct KERB_INTERACTIVE_PROFILE
{
1099 MessageType
: KERB_PROFILE_BUFFER_TYPE
,
1101 BadPasswordCount
: USHORT
,
1102 LogonTime
: LARGE_INTEGER
,
1103 LogoffTime
: LARGE_INTEGER
,
1104 KickOffTime
: LARGE_INTEGER
,
1105 PasswordLastSet
: LARGE_INTEGER
,
1106 PasswordCanChange
: LARGE_INTEGER
,
1107 PasswordMustChange
: LARGE_INTEGER
,
1108 LogonScript
: UNICODE_STRING
,
1109 HomeDirectory
: UNICODE_STRING
,
1110 FullName
: UNICODE_STRING
,
1111 ProfilePath
: UNICODE_STRING
,
1112 HomeDirectoryDrive
: UNICODE_STRING
,
1113 LogonServer
: UNICODE_STRING
,
1116 pub type PKERB_INTERACTIVE_PROFILE
= *mut KERB_INTERACTIVE_PROFILE
;
1117 STRUCT
!{struct KERB_SMART_CARD_PROFILE
{
1118 Profile
: KERB_INTERACTIVE_PROFILE
,
1119 CertificateSize
: ULONG
,
1120 CertificateData
: PUCHAR
,
1122 pub type PKERB_SMART_CARD_PROFILE
= *mut KERB_SMART_CARD_PROFILE
;
1123 STRUCT
!{struct KERB_CRYPTO_KEY
{
1128 pub type PKERB_CRYPTO_KEY
= *mut KERB_CRYPTO_KEY
;
1129 STRUCT
!{struct KERB_CRYPTO_KEY32
{
1134 pub type PKERB_CRYPTO_KEY32
= *mut KERB_CRYPTO_KEY32
;
1135 STRUCT
!{struct KERB_TICKET_PROFILE
{
1136 Profile
: KERB_INTERACTIVE_PROFILE
,
1137 SessionKey
: KERB_CRYPTO_KEY
,
1139 pub type PKERB_TICKET_PROFILE
= *mut KERB_TICKET_PROFILE
;
1140 ENUM
!{enum KERB_PROTOCOL_MESSAGE_TYPE
{
1141 KerbDebugRequestMessage
= 0,
1142 KerbQueryTicketCacheMessage
,
1143 KerbChangeMachinePasswordMessage
,
1144 KerbVerifyPacMessage
,
1145 KerbRetrieveTicketMessage
,
1146 KerbUpdateAddressesMessage
,
1147 KerbPurgeTicketCacheMessage
,
1148 KerbChangePasswordMessage
,
1149 KerbRetrieveEncodedTicketMessage
,
1150 KerbDecryptDataMessage
,
1151 KerbAddBindingCacheEntryMessage
,
1152 KerbSetPasswordMessage
,
1153 KerbSetPasswordExMessage
,
1154 KerbVerifyCredentialsMessage
,
1155 KerbQueryTicketCacheExMessage
,
1156 KerbPurgeTicketCacheExMessage
,
1157 KerbRefreshSmartcardCredentialsMessage
,
1158 KerbAddExtraCredentialsMessage
,
1159 KerbQuerySupplementalCredentialsMessage
,
1160 KerbTransferCredentialsMessage
,
1161 KerbQueryTicketCacheEx2Message
,
1162 KerbSubmitTicketMessage
,
1163 KerbAddExtraCredentialsExMessage
,
1164 KerbQueryKdcProxyCacheMessage
,
1165 KerbPurgeKdcProxyCacheMessage
,
1166 KerbQueryTicketCacheEx3Message
,
1167 KerbCleanupMachinePkinitCredsMessage
,
1168 KerbAddBindingCacheEntryExMessage
,
1169 KerbQueryBindingCacheMessage
,
1170 KerbPurgeBindingCacheMessage
,
1172 KerbUnpinAllKdcsMessage
,
1173 KerbQueryDomainExtendedPoliciesMessage
,
1174 KerbQueryS4U2ProxyCacheMessage
,
1176 pub type PKERB_PROTOCOL_MESSAGE_TYPE
= *mut KERB_PROTOCOL_MESSAGE_TYPE
;
1177 STRUCT
!{struct KERB_QUERY_TKT_CACHE_REQUEST
{
1178 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1181 pub type PKERB_QUERY_TKT_CACHE_REQUEST
= *mut KERB_QUERY_TKT_CACHE_REQUEST
;
1182 STRUCT
!{struct KERB_TICKET_CACHE_INFO
{
1183 ServerName
: UNICODE_STRING
,
1184 RealmName
: UNICODE_STRING
,
1185 StartTime
: LARGE_INTEGER
,
1186 EndTime
: LARGE_INTEGER
,
1187 RenewTime
: LARGE_INTEGER
,
1188 EncryptionType
: LONG
,
1191 pub type PKERB_TICKET_CACHE_INFO
= *mut KERB_TICKET_CACHE_INFO
;
1192 STRUCT
!{struct KERB_TICKET_CACHE_INFO_EX
{
1193 ClientName
: UNICODE_STRING
,
1194 ClientRealm
: UNICODE_STRING
,
1195 ServerName
: UNICODE_STRING
,
1196 ServerRealm
: UNICODE_STRING
,
1197 StartTime
: LARGE_INTEGER
,
1198 EndTime
: LARGE_INTEGER
,
1199 RenewTime
: LARGE_INTEGER
,
1200 EncryptionType
: LONG
,
1203 pub type PKERB_TICKET_CACHE_INFO_EX
= *mut KERB_TICKET_CACHE_INFO_EX
;
1204 STRUCT
!{struct KERB_TICKET_CACHE_INFO_EX2
{
1205 ClientName
: UNICODE_STRING
,
1206 ClientRealm
: UNICODE_STRING
,
1207 ServerName
: UNICODE_STRING
,
1208 ServerRealm
: UNICODE_STRING
,
1209 StartTime
: LARGE_INTEGER
,
1210 EndTime
: LARGE_INTEGER
,
1211 RenewTime
: LARGE_INTEGER
,
1212 EncryptionType
: LONG
,
1214 SessionKeyType
: ULONG
,
1217 pub type PKERB_TICKET_CACHE_INFO_EX2
= *mut KERB_TICKET_CACHE_INFO_EX2
;
1218 STRUCT
!{struct KERB_TICKET_CACHE_INFO_EX3
{
1219 ClientName
: UNICODE_STRING
,
1220 ClientRealm
: UNICODE_STRING
,
1221 ServerName
: UNICODE_STRING
,
1222 ServerRealm
: UNICODE_STRING
,
1223 StartTime
: LARGE_INTEGER
,
1224 EndTime
: LARGE_INTEGER
,
1225 RenewTime
: LARGE_INTEGER
,
1226 EncryptionType
: LONG
,
1228 SessionKeyType
: ULONG
,
1231 KdcCalled
: UNICODE_STRING
,
1233 pub type PKERB_TICKET_CACHE_INFO_EX3
= *mut KERB_TICKET_CACHE_INFO_EX3
;
1234 STRUCT
!{struct KERB_QUERY_TKT_CACHE_RESPONSE
{
1235 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1236 CountOfTickets
: ULONG
,
1237 Tickets
: [KERB_TICKET_CACHE_INFO
; ANYSIZE_ARRAY
],
1239 pub type PKERB_QUERY_TKT_CACHE_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_RESPONSE
;
1240 STRUCT
!{struct KERB_QUERY_TKT_CACHE_EX_RESPONSE
{
1241 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1242 CountOfTickets
: ULONG
,
1243 Tickets
: [KERB_TICKET_CACHE_INFO_EX
; ANYSIZE_ARRAY
],
1245 pub type PKERB_QUERY_TKT_CACHE_EX_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_EX_RESPONSE
;
1246 STRUCT
!{struct KERB_QUERY_TKT_CACHE_EX2_RESPONSE
{
1247 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1248 CountOfTickets
: ULONG
,
1249 Tickets
: [KERB_TICKET_CACHE_INFO_EX2
; ANYSIZE_ARRAY
],
1251 pub type PKERB_QUERY_TKT_CACHE_EX2_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_EX2_RESPONSE
;
1252 STRUCT
!{struct KERB_QUERY_TKT_CACHE_EX3_RESPONSE
{
1253 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1254 CountOfTickets
: ULONG
,
1255 Tickets
: [KERB_TICKET_CACHE_INFO_EX3
; ANYSIZE_ARRAY
],
1257 pub type PKERB_QUERY_TKT_CACHE_EX3_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_EX3_RESPONSE
;
1258 pub const KERB_USE_DEFAULT_TICKET_FLAGS
: ULONG
= 0x0;
1259 pub const KERB_RETRIEVE_TICKET_DEFAULT
: ULONG
= 0x0;
1260 pub const KERB_RETRIEVE_TICKET_DONT_USE_CACHE
: ULONG
= 0x1;
1261 pub const KERB_RETRIEVE_TICKET_USE_CACHE_ONLY
: ULONG
= 0x2;
1262 pub const KERB_RETRIEVE_TICKET_USE_CREDHANDLE
: ULONG
= 0x4;
1263 pub const KERB_RETRIEVE_TICKET_AS_KERB_CRED
: ULONG
= 0x8;
1264 pub const KERB_RETRIEVE_TICKET_WITH_SEC_CRED
: ULONG
= 0x10;
1265 pub const KERB_RETRIEVE_TICKET_CACHE_TICKET
: ULONG
= 0x20;
1266 pub const KERB_RETRIEVE_TICKET_MAX_LIFETIME
: ULONG
= 0x40;
1267 STRUCT
!{struct KERB_AUTH_DATA
{
1272 pub type PKERB_AUTH_DATA
= *mut KERB_AUTH_DATA
;
1273 STRUCT
!{struct KERB_NET_ADDRESS
{
1278 pub type PKERB_NET_ADDRESS
= *mut KERB_NET_ADDRESS
;
1279 STRUCT
!{struct KERB_NET_ADDRESSES
{
1281 Addresses
: [KERB_NET_ADDRESS
; ANYSIZE_ARRAY
],
1283 pub type PKERB_NET_ADDRESSES
= *mut KERB_NET_ADDRESSES
;
1284 STRUCT
!{struct KERB_EXTERNAL_NAME
{
1287 Names
: [UNICODE_STRING
; ANYSIZE_ARRAY
],
1289 pub type PKERB_EXTERNAL_NAME
= *mut KERB_EXTERNAL_NAME
;
1290 STRUCT
!{struct KERB_EXTERNAL_TICKET
{
1291 ServiceName
: PKERB_EXTERNAL_NAME
,
1292 TargetName
: PKERB_EXTERNAL_NAME
,
1293 ClientName
: PKERB_EXTERNAL_NAME
,
1294 DomainName
: UNICODE_STRING
,
1295 TargetDomainName
: UNICODE_STRING
,
1296 AltTargetDomainName
: UNICODE_STRING
,
1297 SessionKey
: KERB_CRYPTO_KEY
,
1300 KeyExpirationTime
: LARGE_INTEGER
,
1301 StartTime
: LARGE_INTEGER
,
1302 EndTime
: LARGE_INTEGER
,
1303 RenewUntil
: LARGE_INTEGER
,
1304 TimeSkew
: LARGE_INTEGER
,
1305 EncodedTicketSize
: ULONG
,
1306 EncodedTicket
: PUCHAR
,
1308 pub type PKERB_EXTERNAL_TICKET
= *mut KERB_EXTERNAL_TICKET
;
1309 STRUCT
!{struct KERB_RETRIEVE_TKT_REQUEST
{
1310 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1312 TargetName
: UNICODE_STRING
,
1314 CacheOptions
: ULONG
,
1315 EncryptionType
: LONG
,
1316 CredentialsHandle
: SecHandle
,
1318 pub type PKERB_RETRIEVE_TKT_REQUEST
= *mut KERB_RETRIEVE_TKT_REQUEST
;
1319 STRUCT
!{struct KERB_RETRIEVE_TKT_RESPONSE
{
1320 Ticket
: KERB_EXTERNAL_TICKET
,
1322 pub type PKERB_RETRIEVE_TKT_RESPONSE
= *mut KERB_RETRIEVE_TKT_RESPONSE
;
1323 STRUCT
!{struct KERB_PURGE_TKT_CACHE_REQUEST
{
1324 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1326 ServerName
: UNICODE_STRING
,
1327 RealmName
: UNICODE_STRING
,
1329 pub type PKERB_PURGE_TKT_CACHE_REQUEST
= *mut KERB_PURGE_TKT_CACHE_REQUEST
;
1330 pub const KERB_PURGE_ALL_TICKETS
: ULONG
= 1;
1331 STRUCT
!{struct KERB_PURGE_TKT_CACHE_EX_REQUEST
{
1332 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1335 TicketTemplate
: KERB_TICKET_CACHE_INFO_EX
,
1337 pub type PKERB_PURGE_TKT_CACHE_EX_REQUEST
= *mut KERB_PURGE_TKT_CACHE_EX_REQUEST
;
1338 STRUCT
!{struct KERB_SUBMIT_TKT_REQUEST
{
1339 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1342 Key
: KERB_CRYPTO_KEY32
,
1343 KerbCredSize
: ULONG
,
1344 KerbCredOffset
: ULONG
,
1346 pub type PKERB_SUBMIT_TKT_REQUEST
= *mut KERB_SUBMIT_TKT_REQUEST
;
1347 STRUCT
!{struct KERB_QUERY_KDC_PROXY_CACHE_REQUEST
{
1348 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1352 pub type PKERB_QUERY_KDC_PROXY_CACHE_REQUEST
= *mut KERB_QUERY_KDC_PROXY_CACHE_REQUEST
;
1353 STRUCT
!{struct KDC_PROXY_CACHE_ENTRY_DATA
{
1354 SinceLastUsed
: ULONG64
,
1355 DomainName
: UNICODE_STRING
,
1356 ProxyServerName
: UNICODE_STRING
,
1357 ProxyServerVdir
: UNICODE_STRING
,
1358 ProxyServerPort
: USHORT
,
1360 CredUserName
: UNICODE_STRING
,
1361 CredDomainName
: UNICODE_STRING
,
1362 GlobalCache
: BOOLEAN
,
1364 pub type PKDC_PROXY_CACHE_ENTRY_DATA
= *mut KDC_PROXY_CACHE_ENTRY_DATA
;
1365 STRUCT
!{struct KERB_QUERY_KDC_PROXY_CACHE_RESPONSE
{
1366 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1367 CountOfEntries
: ULONG
,
1368 Entries
: PKDC_PROXY_CACHE_ENTRY_DATA
,
1370 pub type PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE
= *mut KERB_QUERY_KDC_PROXY_CACHE_RESPONSE
;
1371 STRUCT
!{struct KERB_PURGE_KDC_PROXY_CACHE_REQUEST
{
1372 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1376 pub type PKERB_PURGE_KDC_PROXY_CACHE_REQUEST
= *mut KERB_PURGE_KDC_PROXY_CACHE_REQUEST
;
1377 STRUCT
!{struct KERB_PURGE_KDC_PROXY_CACHE_RESPONSE
{
1378 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1379 CountOfPurged
: ULONG
,
1381 pub type PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE
= *mut KERB_PURGE_KDC_PROXY_CACHE_RESPONSE
;
1382 pub const KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE
: ULONG
= 0x1;
1383 STRUCT
!{struct KERB_S4U2PROXY_CACHE_ENTRY_INFO
{
1384 ServerName
: UNICODE_STRING
,
1386 LastStatus
: NTSTATUS
,
1387 Expiry
: LARGE_INTEGER
,
1389 pub type PKERB_S4U2PROXY_CACHE_ENTRY_INFO
= *mut KERB_S4U2PROXY_CACHE_ENTRY_INFO
;
1390 pub const KERB_S4U2PROXY_CRED_FLAG_NEGATIVE
: ULONG
= 0x1;
1391 STRUCT
!{struct KERB_S4U2PROXY_CRED
{
1392 UserName
: UNICODE_STRING
,
1393 DomainName
: UNICODE_STRING
,
1395 LastStatus
: NTSTATUS
,
1396 Expiry
: LARGE_INTEGER
,
1397 CountOfEntries
: ULONG
,
1398 Entries
: PKERB_S4U2PROXY_CACHE_ENTRY_INFO
,
1400 pub type PKERB_S4U2PROXY_CRED
= *mut KERB_S4U2PROXY_CRED
;
1401 STRUCT
!{struct KERB_QUERY_S4U2PROXY_CACHE_REQUEST
{
1402 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1406 pub type PKERB_QUERY_S4U2PROXY_CACHE_REQUEST
= *mut KERB_QUERY_S4U2PROXY_CACHE_REQUEST
;
1407 STRUCT
!{struct KERB_QUERY_S4U2PROXY_CACHE_RESPONSE
{
1408 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1409 CountOfCreds
: ULONG
,
1410 Creds
: PKERB_S4U2PROXY_CRED
,
1412 pub type PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE
= *mut KERB_QUERY_S4U2PROXY_CACHE_RESPONSE
;
1413 STRUCT
!{struct KERB_CHANGEPASSWORD_REQUEST
{
1414 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1415 DomainName
: UNICODE_STRING
,
1416 AccountName
: UNICODE_STRING
,
1417 OldPassword
: UNICODE_STRING
,
1418 NewPassword
: UNICODE_STRING
,
1419 Impersonating
: BOOLEAN
,
1421 pub type PKERB_CHANGEPASSWORD_REQUEST
= *mut KERB_CHANGEPASSWORD_REQUEST
;
1422 STRUCT
!{struct KERB_SETPASSWORD_REQUEST
{
1423 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1425 CredentialsHandle
: SecHandle
,
1427 DomainName
: UNICODE_STRING
,
1428 AccountName
: UNICODE_STRING
,
1429 Password
: UNICODE_STRING
,
1431 pub type PKERB_SETPASSWORD_REQUEST
= *mut KERB_SETPASSWORD_REQUEST
;
1432 STRUCT
!{struct KERB_SETPASSWORD_EX_REQUEST
{
1433 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1435 CredentialsHandle
: SecHandle
,
1437 AccountRealm
: UNICODE_STRING
,
1438 AccountName
: UNICODE_STRING
,
1439 Password
: UNICODE_STRING
,
1440 ClientRealm
: UNICODE_STRING
,
1441 ClientName
: UNICODE_STRING
,
1442 Impersonating
: BOOLEAN
,
1443 KdcAddress
: UNICODE_STRING
,
1444 KdcAddressType
: ULONG
,
1446 pub type PKERB_SETPASSWORD_EX_REQUEST
= *mut KERB_SETPASSWORD_EX_REQUEST
;
1447 pub const DS_UNKNOWN_ADDRESS_TYPE
: ULONG
= 0;
1448 pub const KERB_SETPASS_USE_LOGONID
: ULONG
= 1;
1449 pub const KERB_SETPASS_USE_CREDHANDLE
: ULONG
= 2;
1450 STRUCT
!{struct KERB_DECRYPT_REQUEST
{
1451 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1456 Key
: KERB_CRYPTO_KEY
,
1457 EncryptedDataSize
: ULONG
,
1458 InitialVectorSize
: ULONG
,
1459 InitialVector
: PUCHAR
,
1460 EncryptedData
: PUCHAR
,
1462 pub type PKERB_DECRYPT_REQUEST
= *mut KERB_DECRYPT_REQUEST
;
1463 pub const KERB_DECRYPT_FLAG_DEFAULT_KEY
: ULONG
= 0x00000001;
1464 STRUCT
!{struct KERB_DECRYPT_RESPONSE
{
1465 DecryptedData
: [UCHAR
; ANYSIZE_ARRAY
],
1467 pub type PKERB_DECRYPT_RESPONSE
= *mut KERB_DECRYPT_RESPONSE
;
1468 STRUCT
!{struct KERB_ADD_BINDING_CACHE_ENTRY_REQUEST
{
1469 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1470 RealmName
: UNICODE_STRING
,
1471 KdcAddress
: UNICODE_STRING
,
1474 pub type PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST
= *mut KERB_ADD_BINDING_CACHE_ENTRY_REQUEST
;
1475 STRUCT
!{struct KERB_REFRESH_SCCRED_REQUEST
{
1476 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1477 CredentialBlob
: UNICODE_STRING
,
1481 pub type PKERB_REFRESH_SCCRED_REQUEST
= *mut KERB_REFRESH_SCCRED_REQUEST
;
1482 pub const KERB_REFRESH_SCCRED_RELEASE
: ULONG
= 0x0;
1483 pub const KERB_REFRESH_SCCRED_GETTGT
: ULONG
= 0x1;
1484 STRUCT
!{struct KERB_ADD_CREDENTIALS_REQUEST
{
1485 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1486 UserName
: UNICODE_STRING
,
1487 DomainName
: UNICODE_STRING
,
1488 Password
: UNICODE_STRING
,
1492 pub type PKERB_ADD_CREDENTIALS_REQUEST
= *mut KERB_ADD_CREDENTIALS_REQUEST
;
1493 pub const KERB_REQUEST_ADD_CREDENTIAL
: ULONG
= 1;
1494 pub const KERB_REQUEST_REPLACE_CREDENTIAL
: ULONG
= 2;
1495 pub const KERB_REQUEST_REMOVE_CREDENTIAL
: ULONG
= 4;
1496 STRUCT
!{struct KERB_ADD_CREDENTIALS_REQUEST_EX
{
1497 Credentials
: KERB_ADD_CREDENTIALS_REQUEST
,
1498 PrincipalNameCount
: ULONG
,
1499 PrincipalNames
: [UNICODE_STRING
; ANYSIZE_ARRAY
],
1501 pub type PKERB_ADD_CREDENTIALS_REQUEST_EX
= *mut KERB_ADD_CREDENTIALS_REQUEST_EX
;
1502 STRUCT
!{struct KERB_TRANSFER_CRED_REQUEST
{
1503 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1504 OriginLogonId
: LUID
,
1505 DestinationLogonId
: LUID
,
1508 pub type PKERB_TRANSFER_CRED_REQUEST
= *mut KERB_TRANSFER_CRED_REQUEST
;
1509 pub const KERB_TRANSFER_CRED_WITH_TICKETS
: ULONG
= 0x1;
1510 pub const KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS
: ULONG
= 0x2;
1511 STRUCT
!{struct KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST
{
1512 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1515 pub type PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST
=
1516 *mut KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST
;
1517 STRUCT
!{struct KERB_BINDING_CACHE_ENTRY_DATA
{
1518 DiscoveryTime
: ULONG64
,
1519 RealmName
: UNICODE_STRING
,
1520 KdcAddress
: UNICODE_STRING
,
1525 KdcName
: UNICODE_STRING
,
1527 pub type PKERB_BINDING_CACHE_ENTRY_DATA
= *mut KERB_BINDING_CACHE_ENTRY_DATA
;
1528 STRUCT
!{struct KERB_QUERY_BINDING_CACHE_RESPONSE
{
1529 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1530 CountOfEntries
: ULONG
,
1531 Entries
: PKERB_BINDING_CACHE_ENTRY_DATA
,
1533 pub type PKERB_QUERY_BINDING_CACHE_RESPONSE
= *mut KERB_QUERY_BINDING_CACHE_RESPONSE
;
1534 STRUCT
!{struct KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST
{
1535 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1536 RealmName
: UNICODE_STRING
,
1537 KdcAddress
: UNICODE_STRING
,
1541 pub type PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST
= *mut KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST
;
1542 STRUCT
!{struct KERB_QUERY_BINDING_CACHE_REQUEST
{
1543 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1545 pub type PKERB_QUERY_BINDING_CACHE_REQUEST
= *mut KERB_QUERY_BINDING_CACHE_REQUEST
;
1546 STRUCT
!{struct KERB_PURGE_BINDING_CACHE_REQUEST
{
1547 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1549 pub type PKERB_PURGE_BINDING_CACHE_REQUEST
= *mut KERB_PURGE_BINDING_CACHE_REQUEST
;
1550 STRUCT
!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST
{
1551 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1553 DomainName
: UNICODE_STRING
,
1555 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST
=
1556 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST
;
1557 STRUCT
!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE
{
1558 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1560 ExtendedPolicies
: ULONG
,
1563 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE
=
1564 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE
;
1565 ENUM
!{enum KERB_CERTIFICATE_INFO_TYPE
{
1568 pub type PKERB_CERTIFICATE_INFO_TYPE
= *mut KERB_CERTIFICATE_INFO_TYPE
;
1569 STRUCT
!{struct KERB_CERTIFICATE_HASHINFO
{
1570 StoreNameLength
: USHORT
,
1573 pub type PKERB_CERTIFICATE_HASHINFO
= *mut KERB_CERTIFICATE_HASHINFO
;
1574 STRUCT
!{struct KERB_CERTIFICATE_INFO
{
1575 CertInfoSize
: ULONG
,
1578 pub type PKERB_CERTIFICATE_INFO
= *mut KERB_CERTIFICATE_INFO
;
1579 STRUCT
!{struct POLICY_AUDIT_SID_ARRAY
{
1581 UserSidArray
: *mut PSID
,
1583 pub type PPOLICY_AUDIT_SID_ARRAY
= *mut POLICY_AUDIT_SID_ARRAY
;
1584 STRUCT
!{struct AUDIT_POLICY_INFORMATION
{
1585 AuditSubCategoryGuid
: GUID
,
1586 AuditingInformation
: ULONG
,
1587 AuditCategoryGuid
: GUID
,
1589 pub type PAUDIT_POLICY_INFORMATION
= *mut AUDIT_POLICY_INFORMATION
;
1590 pub type LPAUDIT_POLICY_INFORMATION
= PAUDIT_POLICY_INFORMATION
;
1591 pub type PCAUDIT_POLICY_INFORMATION
= *const AUDIT_POLICY_INFORMATION
;
1592 pub const AUDIT_SET_SYSTEM_POLICY
: ULONG
= 0x0001;
1593 pub const AUDIT_QUERY_SYSTEM_POLICY
: ULONG
= 0x0002;
1594 pub const AUDIT_SET_USER_POLICY
: ULONG
= 0x0004;
1595 pub const AUDIT_QUERY_USER_POLICY
: ULONG
= 0x0008;
1596 pub const AUDIT_ENUMERATE_USERS
: ULONG
= 0x0010;
1597 pub const AUDIT_SET_MISC_POLICY
: ULONG
= 0x0020;
1598 pub const AUDIT_QUERY_MISC_POLICY
: ULONG
= 0x0040;
1599 pub const AUDIT_GENERIC_ALL
: ULONG
= STANDARD_RIGHTS_REQUIRED
| AUDIT_SET_SYSTEM_POLICY
1600 | AUDIT_QUERY_SYSTEM_POLICY
| AUDIT_SET_USER_POLICY
| AUDIT_QUERY_USER_POLICY
1601 | AUDIT_ENUMERATE_USERS
| AUDIT_SET_MISC_POLICY
| AUDIT_QUERY_MISC_POLICY
;
1602 pub const AUDIT_GENERIC_READ
: ULONG
= STANDARD_RIGHTS_READ
| AUDIT_QUERY_SYSTEM_POLICY
1603 | AUDIT_QUERY_USER_POLICY
| AUDIT_ENUMERATE_USERS
| AUDIT_QUERY_MISC_POLICY
;
1604 pub const AUDIT_GENERIC_WRITE
: ULONG
= STANDARD_RIGHTS_WRITE
| AUDIT_SET_USER_POLICY
1605 | AUDIT_SET_MISC_POLICY
| AUDIT_SET_SYSTEM_POLICY
;
1606 pub const AUDIT_GENERIC_EXECUTE
: ULONG
= STANDARD_RIGHTS_EXECUTE
;
1608 pub fn AuditSetSystemPolicy(
1609 pAuditPolicy
: PCAUDIT_POLICY_INFORMATION
,
1612 pub fn AuditSetPerUserPolicy(
1614 pAuditPolicy
: PCAUDIT_POLICY_INFORMATION
,
1617 pub fn AuditQuerySystemPolicy(
1618 pSubCategoryGuids
: *const GUID
,
1620 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1622 pub fn AuditQueryPerUserPolicy(
1624 pSubCategoryGuids
: *const GUID
,
1626 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1628 pub fn AuditEnumeratePerUserPolicy(
1629 ppAuditSidArray
: *mut PPOLICY_AUDIT_SID_ARRAY
1631 pub fn AuditComputeEffectivePolicyBySid(
1633 pSubCategoryGuids
: *const GUID
,
1634 dwPolicyCount
: ULONG
,
1635 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1637 pub fn AuditComputeEffectivePolicyByToken(
1638 hTokenHandle
: HANDLE
,
1639 pSubCategoryGuids
: *const GUID
,
1640 dwPolicyCount
: ULONG
,
1641 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1643 pub fn AuditEnumerateCategories(
1644 ppAuditCategoriesArray
: *mut *mut GUID
,
1645 pdwCountReturned
: PULONG
,
1647 pub fn AuditEnumerateSubCategories(
1648 pAuditCategoryGuid
: *const GUID
,
1649 bRetrieveAllSubCategories
: BOOLEAN
,
1650 ppAuditSubCategoriesArray
: *mut *mut GUID
,
1651 pdwCountReturned
: PULONG
,
1653 pub fn AuditLookupCategoryNameW(
1654 pAuditCategoryGuid
: *const GUID
,
1655 ppszCategoryName
: *mut PWSTR
,
1657 pub fn AuditLookupCategoryNameA(
1658 pAuditCategoryGuid
: *const GUID
,
1659 ppszCategoryName
: *mut PSTR
,
1661 pub fn AuditLookupSubCategoryNameW(
1662 pAuditSubCategoryGuid
: *const GUID
,
1663 ppszSubCategoryName
: *mut PWSTR
,
1665 pub fn AuditLookupSubCategoryNameA(
1666 pAuditSubCategoryGuid
: *const GUID
,
1667 ppszSubCategoryName
: *mut PSTR
,
1669 pub fn AuditLookupCategoryIdFromCategoryGuid(
1670 pAuditCategoryGuid
: *const GUID
,
1671 pAuditCategoryId
: PPOLICY_AUDIT_EVENT_TYPE
,
1673 pub fn AuditLookupCategoryGuidFromCategoryId(
1674 AuditCategoryId
: POLICY_AUDIT_EVENT_TYPE
,
1675 pAuditCategoryGuid
: *mut GUID
,
1677 pub fn AuditSetSecurity(
1678 SecurityInformation
: SECURITY_INFORMATION
,
1679 pSecurityDescriptor
: PSECURITY_DESCRIPTOR
,
1681 pub fn AuditQuerySecurity(
1682 SecurityInformation
: SECURITY_INFORMATION
,
1683 ppSecurityDescriptor
: *mut PSECURITY_DESCRIPTOR
,
1685 pub fn AuditSetGlobalSaclW(
1686 ObjectTypeName
: PCWSTR
,
1689 pub fn AuditSetGlobalSaclA(
1690 ObjectTypeName
: PCSTR
,
1693 pub fn AuditQueryGlobalSaclW(
1694 ObjectTypeName
: PCWSTR
,
1697 pub fn AuditQueryGlobalSaclA(
1698 ObjectTypeName
: PCSTR
,
1705 STRUCT
!{struct PKU2U_CERT_BLOB
{
1709 pub type PPKU2U_CERT_BLOB
= *mut PKU2U_CERT_BLOB
;
1710 pub const PKU2U_CREDUI_CONTEXT_VERSION
: ULONG64
= 0x4154414454524543;
1711 STRUCT
!{struct PKU2U_CREDUI_CONTEXT
{
1713 cbHeaderLength
: USHORT
,
1714 cbStructureLength
: ULONG
,
1715 CertArrayCount
: USHORT
,
1716 CertArrayOffset
: ULONG
,
1718 pub type PPKU2U_CREDUI_CONTEXT
= *mut PKU2U_CREDUI_CONTEXT
;
1719 ENUM
!{enum PKU2U_LOGON_SUBMIT_TYPE
{
1720 Pku2uCertificateS4ULogon
= 14,
1722 pub type PPKU2U_LOGON_SUBMIT_TYPE
= *mut PKU2U_LOGON_SUBMIT_TYPE
;
1723 STRUCT
!{struct PKU2U_CERTIFICATE_S4U_LOGON
{
1724 MessageType
: PKU2U_LOGON_SUBMIT_TYPE
,
1726 UserPrincipalName
: UNICODE_STRING
,
1727 DomainName
: UNICODE_STRING
,
1728 CertificateLength
: ULONG
,
1729 Certificate
: PUCHAR
,
1731 pub type PPKU2U_CERTIFICATE_S4U_LOGON
= *mut PKU2U_CERTIFICATE_S4U_LOGON
;