1 // Copyright © 2015-2017 winapi-rs developers
2 // Licensed under the Apache License, Version 2.0
3 // <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
4 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
5 // All files in the project carrying such notice may not be copied, modified, or distributed
6 // except according to those terms.
7 //! This module defines the Local Security Authority APIs.
8 use shared
::basetsd
::{ULONG64, ULONG_PTR}
;
9 use shared
::guiddef
::GUID
;
10 use shared
::minwindef
::{PUCHAR, PULONG, UCHAR, ULONG, USHORT}
;
11 use shared
::ntdef
::NTSTATUS
;
12 use shared
::sspi
::SecHandle
;
14 LSA_TRUST_INFORMATION
, LSA_UNICODE_STRING
, PLSA_TRUST_INFORMATION
, PLSA_UNICODE_STRING
16 use um
::subauth
::{PUNICODE_STRING, STRING, UNICODE_STRING}
;
18 ACCESS_MASK
, ANYSIZE_ARRAY
, BOOLEAN
, HANDLE
, LARGE_INTEGER
, LONG
, LUID
, PACL
, PCSTR
, PCWSTR
,
19 PSECURITY_DESCRIPTOR
, PSID
, PSTR
, PVOID
, PWSTR
, QUOTA_LIMITS
, SECURITY_INFORMATION
, SHORT
, SID
,
20 SID_NAME_USE
, STANDARD_RIGHTS_EXECUTE
, STANDARD_RIGHTS_READ
, STANDARD_RIGHTS_REQUIRED
,
21 STANDARD_RIGHTS_WRITE
, ULONGLONG
23 DEFINE_GUID
!{Audit_System_SecurityStateChange
,
24 0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
25 DEFINE_GUID
!{Audit_System_SecuritySubsystemExtension
,
26 0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
27 DEFINE_GUID
!{Audit_System_Integrity
,
28 0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
29 DEFINE_GUID
!{Audit_System_IPSecDriverEvents
,
30 0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
31 DEFINE_GUID
!{Audit_System_Others
,
32 0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
33 DEFINE_GUID
!{Audit_Logon_Logon
,
34 0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
35 DEFINE_GUID
!{Audit_Logon_Logoff
,
36 0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
37 DEFINE_GUID
!{Audit_Logon_AccountLockout
,
38 0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
39 DEFINE_GUID
!{Audit_Logon_IPSecMainMode
,
40 0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
41 DEFINE_GUID
!{Audit_Logon_IPSecQuickMode
,
42 0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
43 DEFINE_GUID
!{Audit_Logon_IPSecUserMode
,
44 0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
45 DEFINE_GUID
!{Audit_Logon_SpecialLogon
,
46 0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
47 DEFINE_GUID
!{Audit_Logon_Others
,
48 0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
49 DEFINE_GUID
!{Audit_ObjectAccess_FileSystem
,
50 0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
51 DEFINE_GUID
!{Audit_ObjectAccess_Registry
,
52 0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
53 DEFINE_GUID
!{Audit_ObjectAccess_Kernel
,
54 0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
55 DEFINE_GUID
!{Audit_ObjectAccess_Sam
,
56 0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
57 DEFINE_GUID
!{Audit_ObjectAccess_CertificationServices
,
58 0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
59 DEFINE_GUID
!{Audit_ObjectAccess_ApplicationGenerated
,
60 0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
61 DEFINE_GUID
!{Audit_ObjectAccess_Handle
,
62 0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
63 DEFINE_GUID
!{Audit_ObjectAccess_Share
,
64 0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
65 DEFINE_GUID
!{Audit_ObjectAccess_FirewallPacketDrops
,
66 0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
67 DEFINE_GUID
!{Audit_ObjectAccess_FirewallConnection
,
68 0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
69 DEFINE_GUID
!{Audit_ObjectAccess_Other
,
70 0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
71 DEFINE_GUID
!{Audit_PrivilegeUse_Sensitive
,
72 0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
73 DEFINE_GUID
!{Audit_PrivilegeUse_NonSensitive
,
74 0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
75 DEFINE_GUID
!{Audit_PrivilegeUse_Others
,
76 0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
77 DEFINE_GUID
!{Audit_DetailedTracking_ProcessCreation
,
78 0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
79 DEFINE_GUID
!{Audit_DetailedTracking_ProcessTermination
,
80 0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
81 DEFINE_GUID
!{Audit_DetailedTracking_DpapiActivity
,
82 0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
83 DEFINE_GUID
!{Audit_DetailedTracking_RpcCall
,
84 0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
85 DEFINE_GUID
!{Audit_PolicyChange_AuditPolicy
,
86 0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
87 DEFINE_GUID
!{Audit_PolicyChange_AuthenticationPolicy
,
88 0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
89 DEFINE_GUID
!{Audit_PolicyChange_AuthorizationPolicy
,
90 0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
91 DEFINE_GUID
!{Audit_PolicyChange_MpsscvRulePolicy
,
92 0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
93 DEFINE_GUID
!{Audit_PolicyChange_WfpIPSecPolicy
,
94 0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
95 DEFINE_GUID
!{Audit_PolicyChange_Others
,
96 0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
97 DEFINE_GUID
!{Audit_AccountManagement_UserAccount
,
98 0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
99 DEFINE_GUID
!{Audit_AccountManagement_ComputerAccount
,
100 0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
101 DEFINE_GUID
!{Audit_AccountManagement_SecurityGroup
,
102 0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
103 DEFINE_GUID
!{Audit_AccountManagement_DistributionGroup
,
104 0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
105 DEFINE_GUID
!{Audit_AccountManagement_ApplicationGroup
,
106 0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
107 DEFINE_GUID
!{Audit_AccountManagement_Others
,
108 0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
109 DEFINE_GUID
!{Audit_DSAccess_DSAccess
,
110 0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
111 DEFINE_GUID
!{Audit_DsAccess_AdAuditChanges
,
112 0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
113 DEFINE_GUID
!{Audit_Ds_Replication
,
114 0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
115 DEFINE_GUID
!{Audit_Ds_DetailedReplication
,
116 0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
117 DEFINE_GUID
!{Audit_AccountLogon_CredentialValidation
,
118 0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
119 DEFINE_GUID
!{Audit_AccountLogon_Kerberos
,
120 0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
121 DEFINE_GUID
!{Audit_AccountLogon_Others
,
122 0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
123 DEFINE_GUID
!{Audit_AccountLogon_KerbCredentialValidation
,
124 0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
125 DEFINE_GUID
!{Audit_Logon_NPS
,
126 0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
127 DEFINE_GUID
!{Audit_ObjectAccess_DetailedFileShare
,
128 0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
129 DEFINE_GUID
!{Audit_ObjectAccess_RemovableStorage
,
130 0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
131 DEFINE_GUID
!{Audit_ObjectAccess_CbacStaging
,
132 0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
133 DEFINE_GUID
!{Audit_Logon_Claims
,
134 0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
135 DEFINE_GUID
!{Audit_System
,
136 0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
137 DEFINE_GUID
!{Audit_Logon
,
138 0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
139 DEFINE_GUID
!{Audit_ObjectAccess
,
140 0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
141 DEFINE_GUID
!{Audit_PrivilegeUse
,
142 0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
143 DEFINE_GUID
!{Audit_DetailedTracking
,
144 0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
145 DEFINE_GUID
!{Audit_PolicyChange
,
146 0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
147 DEFINE_GUID
!{Audit_AccountManagement
,
148 0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
149 DEFINE_GUID
!{Audit_DirectoryServiceAccess
,
150 0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
151 DEFINE_GUID
!{Audit_AccountLogon
,
152 0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
153 ENUM
!{enum POLICY_AUDIT_EVENT_TYPE
{
154 AuditCategorySystem
= 0,
156 AuditCategoryObjectAccess
,
157 AuditCategoryPrivilegeUse
,
158 AuditCategoryDetailedTracking
,
159 AuditCategoryPolicyChange
,
160 AuditCategoryAccountManagement
,
161 AuditCategoryDirectoryServiceAccess
,
162 AuditCategoryAccountLogon
,
164 pub type PPOLICY_AUDIT_EVENT_TYPE
= *mut POLICY_AUDIT_EVENT_TYPE
;
165 pub const POLICY_AUDIT_EVENT_UNCHANGED
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000000;
166 pub const POLICY_AUDIT_EVENT_SUCCESS
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000001;
167 pub const POLICY_AUDIT_EVENT_FAILURE
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000002;
168 pub const POLICY_AUDIT_EVENT_NONE
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000004;
169 pub const POLICY_AUDIT_EVENT_MASK
: POLICY_AUDIT_EVENT_OPTIONS
= POLICY_AUDIT_EVENT_SUCCESS
170 | POLICY_AUDIT_EVENT_FAILURE
| POLICY_AUDIT_EVENT_UNCHANGED
| POLICY_AUDIT_EVENT_NONE
;
171 pub const POLICY_VIEW_LOCAL_INFORMATION
: ACCESS_MASK
= 0x00000001;
172 pub const POLICY_VIEW_AUDIT_INFORMATION
: ACCESS_MASK
= 0x00000002;
173 pub const POLICY_GET_PRIVATE_INFORMATION
: ACCESS_MASK
= 0x00000004;
174 pub const POLICY_TRUST_ADMIN
: ACCESS_MASK
= 0x00000008;
175 pub const POLICY_CREATE_ACCOUNT
: ACCESS_MASK
= 0x00000010;
176 pub const POLICY_CREATE_SECRET
: ACCESS_MASK
= 0x00000020;
177 pub const POLICY_CREATE_PRIVILEGE
: ACCESS_MASK
= 0x00000040;
178 pub const POLICY_SET_DEFAULT_QUOTA_LIMITS
: ACCESS_MASK
= 0x00000080;
179 pub const POLICY_SET_AUDIT_REQUIREMENTS
: ACCESS_MASK
= 0x00000100;
180 pub const POLICY_AUDIT_LOG_ADMIN
: ACCESS_MASK
= 0x00000200;
181 pub const POLICY_SERVER_ADMIN
: ACCESS_MASK
= 0x00000400;
182 pub const POLICY_LOOKUP_NAMES
: ACCESS_MASK
= 0x00000800;
183 pub const POLICY_NOTIFICATION
: ACCESS_MASK
= 0x00001000;
184 pub const POLICY_ALL_ACCESS
: ACCESS_MASK
= STANDARD_RIGHTS_REQUIRED
185 | POLICY_VIEW_LOCAL_INFORMATION
| POLICY_VIEW_AUDIT_INFORMATION
186 | POLICY_GET_PRIVATE_INFORMATION
| POLICY_TRUST_ADMIN
| POLICY_CREATE_ACCOUNT
187 | POLICY_CREATE_SECRET
| POLICY_CREATE_PRIVILEGE
| POLICY_SET_DEFAULT_QUOTA_LIMITS
188 | POLICY_SET_AUDIT_REQUIREMENTS
| POLICY_AUDIT_LOG_ADMIN
| POLICY_SERVER_ADMIN
189 | POLICY_LOOKUP_NAMES
;
190 pub const POLICY_READ
: ACCESS_MASK
= STANDARD_RIGHTS_READ
| POLICY_VIEW_AUDIT_INFORMATION
191 | POLICY_GET_PRIVATE_INFORMATION
;
192 pub const POLICY_WRITE
: ACCESS_MASK
= STANDARD_RIGHTS_WRITE
| POLICY_TRUST_ADMIN
193 | POLICY_CREATE_ACCOUNT
| POLICY_CREATE_SECRET
| POLICY_CREATE_PRIVILEGE
194 | POLICY_SET_DEFAULT_QUOTA_LIMITS
| POLICY_SET_AUDIT_REQUIREMENTS
| POLICY_AUDIT_LOG_ADMIN
195 | POLICY_SERVER_ADMIN
;
196 pub const POLICY_EXECUTE
: ACCESS_MASK
= STANDARD_RIGHTS_EXECUTE
197 | POLICY_VIEW_LOCAL_INFORMATION
| POLICY_LOOKUP_NAMES
;
198 STRUCT
!{struct LSA_TRANSLATED_SID
{
203 pub type PLSA_TRANSLATED_SID
= *mut LSA_TRANSLATED_SID
;
204 ENUM
!{enum POLICY_LSA_SERVER_ROLE
{
205 PolicyServerRoleBackup
= 2,
206 PolicyServerRolePrimary
,
208 pub type PPOLICY_LSA_SERVER_ROLE
= *mut POLICY_LSA_SERVER_ROLE
;
209 pub type POLICY_AUDIT_EVENT_OPTIONS
= ULONG
;
210 pub type PPOLICY_AUDIT_EVENT_OPTIONS
= *mut ULONG
;
211 ENUM
!{enum POLICY_INFORMATION_CLASS
{
212 PolicyAuditLogInformation
= 1,
213 PolicyAuditEventsInformation
,
214 PolicyPrimaryDomainInformation
,
215 PolicyPdAccountInformation
,
216 PolicyAccountDomainInformation
,
217 PolicyLsaServerRoleInformation
,
218 PolicyReplicaSourceInformation
,
219 PolicyDefaultQuotaInformation
,
220 PolicyModificationInformation
,
221 PolicyAuditFullSetInformation
,
222 PolicyAuditFullQueryInformation
,
223 PolicyDnsDomainInformation
,
224 PolicyDnsDomainInformationInt
,
225 PolicyLocalAccountDomainInformation
,
228 pub type PPOLICY_INFORMATION_CLASS
= *mut POLICY_INFORMATION_CLASS
;
229 STRUCT
!{struct POLICY_AUDIT_LOG_INFO
{
230 AuditLogPercentFull
: ULONG
,
231 MaximumLogSize
: ULONG
,
232 AuditRetentionPeriod
: LARGE_INTEGER
,
233 AuditLogFullShutdownInProgress
: BOOLEAN
,
234 TimeToShutdown
: LARGE_INTEGER
,
235 NextAuditRecordId
: ULONG
,
237 pub type PPOLICY_AUDIT_LOG_INFO
= *mut POLICY_AUDIT_LOG_INFO
;
238 STRUCT
!{struct POLICY_AUDIT_EVENTS_INFO
{
239 AuditingMode
: BOOLEAN
,
240 EventAuditingOptions
: PPOLICY_AUDIT_EVENT_OPTIONS
,
241 MaximumAuditEventCount
: ULONG
,
243 pub type PPOLICY_AUDIT_EVENTS_INFO
= *mut POLICY_AUDIT_EVENTS_INFO
;
244 STRUCT
!{struct POLICY_AUDIT_SUBCATEGORIES_INFO
{
245 MaximumSubCategoryCount
: ULONG
,
246 EventAuditingOptions
: PPOLICY_AUDIT_EVENT_OPTIONS
,
248 pub type PPOLICY_AUDIT_SUBCATEGORIES_INFO
= *mut POLICY_AUDIT_SUBCATEGORIES_INFO
;
249 STRUCT
!{struct POLICY_AUDIT_CATEGORIES_INFO
{
250 MaximumSubCategoryCount
: ULONG
,
251 SubCategoriesInfo
: PPOLICY_AUDIT_SUBCATEGORIES_INFO
,
253 pub type PPOLICY_AUDIT_CATEGORIES_INFO
= *mut POLICY_AUDIT_CATEGORIES_INFO
;
254 pub const PER_USER_POLICY_UNCHANGED
: ULONG
= 0x00;
255 pub const PER_USER_AUDIT_SUCCESS_INCLUDE
: ULONG
= 0x01;
256 pub const PER_USER_AUDIT_SUCCESS_EXCLUDE
: ULONG
= 0x02;
257 pub const PER_USER_AUDIT_FAILURE_INCLUDE
: ULONG
= 0x04;
258 pub const PER_USER_AUDIT_FAILURE_EXCLUDE
: ULONG
= 0x08;
259 pub const PER_USER_AUDIT_NONE
: ULONG
= 0x10;
260 pub const VALID_PER_USER_AUDIT_POLICY_FLAG
: ULONG
= PER_USER_AUDIT_SUCCESS_INCLUDE
261 | PER_USER_AUDIT_SUCCESS_EXCLUDE
| PER_USER_AUDIT_FAILURE_INCLUDE
262 | PER_USER_AUDIT_FAILURE_EXCLUDE
| PER_USER_AUDIT_NONE
;
263 STRUCT
!{struct POLICY_PRIMARY_DOMAIN_INFO
{
264 Name
: LSA_UNICODE_STRING
,
267 pub type PPOLICY_PRIMARY_DOMAIN_INFO
= *mut POLICY_PRIMARY_DOMAIN_INFO
;
268 STRUCT
!{struct POLICY_PD_ACCOUNT_INFO
{
269 Name
: LSA_UNICODE_STRING
,
271 pub type PPOLICY_PD_ACCOUNT_INFO
= *mut POLICY_PD_ACCOUNT_INFO
;
272 STRUCT
!{struct POLICY_LSA_SERVER_ROLE_INFO
{
273 LsaServerRole
: POLICY_LSA_SERVER_ROLE
,
275 pub type PPOLICY_LSA_SERVER_ROLE_INFO
= *mut POLICY_LSA_SERVER_ROLE_INFO
;
276 STRUCT
!{struct POLICY_REPLICA_SOURCE_INFO
{
277 ReplicaSource
: LSA_UNICODE_STRING
,
278 ReplicaAccountName
: LSA_UNICODE_STRING
,
280 pub type PPOLICY_REPLICA_SOURCE_INFO
= *mut POLICY_REPLICA_SOURCE_INFO
;
281 STRUCT
!{struct POLICY_DEFAULT_QUOTA_INFO
{
282 QuotaLimits
: QUOTA_LIMITS
,
284 pub type PPOLICY_DEFAULT_QUOTA_INFO
= *mut POLICY_DEFAULT_QUOTA_INFO
;
285 STRUCT
!{struct POLICY_MODIFICATION_INFO
{
286 ModifiedId
: LARGE_INTEGER
,
287 DatabaseCreationTime
: LARGE_INTEGER
,
289 pub type PPOLICY_MODIFICATION_INFO
= *mut POLICY_MODIFICATION_INFO
;
290 STRUCT
!{struct POLICY_AUDIT_FULL_SET_INFO
{
291 ShutDownOnFull
: BOOLEAN
,
293 pub type PPOLICY_AUDIT_FULL_SET_INFO
= *mut POLICY_AUDIT_FULL_SET_INFO
;
294 STRUCT
!{struct POLICY_AUDIT_FULL_QUERY_INFO
{
295 ShutDownOnFull
: BOOLEAN
,
298 pub type PPOLICY_AUDIT_FULL_QUERY_INFO
= *mut POLICY_AUDIT_FULL_QUERY_INFO
;
299 ENUM
!{enum POLICY_DOMAIN_INFORMATION_CLASS
{
300 PolicyDomainEfsInformation
= 2,
301 PolicyDomainKerberosTicketInformation
,
303 pub type PPOLICY_DOMAIN_INFORMATION_CLASS
= *mut POLICY_DOMAIN_INFORMATION_CLASS
;
304 STRUCT
!{struct POLICY_DOMAIN_EFS_INFO
{
308 pub type PPOLICY_DOMAIN_EFS_INFO
= *mut POLICY_DOMAIN_EFS_INFO
;
309 STRUCT
!{struct POLICY_DOMAIN_KERBEROS_TICKET_INFO
{
310 AuthenticationOptions
: ULONG
,
311 MaxServiceTicketAge
: LARGE_INTEGER
,
312 MaxTicketAge
: LARGE_INTEGER
,
313 MaxRenewAge
: LARGE_INTEGER
,
314 MaxClockSkew
: LARGE_INTEGER
,
315 Reserved
: LARGE_INTEGER
,
317 pub type PPOLICY_DOMAIN_KERBEROS_TICKET_INFO
= *mut POLICY_DOMAIN_KERBEROS_TICKET_INFO
;
318 ENUM
!{enum POLICY_NOTIFICATION_INFORMATION_CLASS
{
319 PolicyNotifyAuditEventsInformation
= 1,
320 PolicyNotifyAccountDomainInformation
,
321 PolicyNotifyServerRoleInformation
,
322 PolicyNotifyDnsDomainInformation
,
323 PolicyNotifyDomainEfsInformation
,
324 PolicyNotifyDomainKerberosTicketInformation
,
325 PolicyNotifyMachineAccountPasswordInformation
,
326 PolicyNotifyGlobalSaclInformation
,
329 pub type PPOLICY_NOTIFICATION_INFORMATION_CLASS
= *mut POLICY_NOTIFICATION_INFORMATION_CLASS
;
330 pub type LSA_HANDLE
= PVOID
;
331 pub type PLSA_HANDLE
= *mut PVOID
;
332 ENUM
!{enum TRUSTED_INFORMATION_CLASS
{
333 TrustedDomainNameInformation
= 1,
334 TrustedControllersInformation
,
335 TrustedPosixOffsetInformation
,
336 TrustedPasswordInformation
,
337 TrustedDomainInformationBasic
,
338 TrustedDomainInformationEx
,
339 TrustedDomainAuthInformation
,
340 TrustedDomainFullInformation
,
341 TrustedDomainAuthInformationInternal
,
342 TrustedDomainFullInformationInternal
,
343 TrustedDomainInformationEx2Internal
,
344 TrustedDomainFullInformation2Internal
,
345 TrustedDomainSupportedEncryptionTypes
,
347 pub type PTRUSTED_INFORMATION_CLASS
= *mut TRUSTED_INFORMATION_CLASS
;
348 STRUCT
!{struct TRUSTED_DOMAIN_NAME_INFO
{
349 Name
: LSA_UNICODE_STRING
,
351 pub type PTRUSTED_DOMAIN_NAME_INFO
= *mut TRUSTED_DOMAIN_NAME_INFO
;
352 STRUCT
!{struct TRUSTED_CONTROLLERS_INFO
{
354 Names
: PLSA_UNICODE_STRING
,
356 pub type PTRUSTED_CONTROLLERS_INFO
= *mut TRUSTED_CONTROLLERS_INFO
;
357 STRUCT
!{struct TRUSTED_POSIX_OFFSET_INFO
{
360 pub type PTRUSTED_POSIX_OFFSET_INFO
= *mut TRUSTED_POSIX_OFFSET_INFO
;
361 STRUCT
!{struct TRUSTED_PASSWORD_INFO
{
362 Password
: LSA_UNICODE_STRING
,
363 OldPassword
: LSA_UNICODE_STRING
,
365 pub type PTRUSTED_PASSWORD_INFO
= *mut TRUSTED_PASSWORD_INFO
;
366 pub type TRUSTED_DOMAIN_INFORMATION_BASIC
= LSA_TRUST_INFORMATION
;
367 pub type PTRUSTED_DOMAIN_INFORMATION_BASIC
= PLSA_TRUST_INFORMATION
;
368 pub const TRUST_DIRECTION_DISABLED
: ULONG
= 0x00000000;
369 pub const TRUST_DIRECTION_INBOUND
: ULONG
= 0x00000001;
370 pub const TRUST_DIRECTION_OUTBOUND
: ULONG
= 0x00000002;
371 pub const TRUST_DIRECTION_BIDIRECTIONAL
: ULONG
= TRUST_DIRECTION_INBOUND
372 | TRUST_DIRECTION_OUTBOUND
;
373 pub const TRUST_TYPE_DOWNLEVEL
: ULONG
= 0x00000001;
374 pub const TRUST_TYPE_UPLEVEL
: ULONG
= 0x00000002;
375 pub const TRUST_TYPE_MIT
: ULONG
= 0x00000003;
376 pub const TRUST_ATTRIBUTE_NON_TRANSITIVE
: ULONG
= 0x00000001;
377 pub const TRUST_ATTRIBUTE_UPLEVEL_ONLY
: ULONG
= 0x00000002;
378 pub const TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
: ULONG
= 0x00000004;
379 pub const TRUST_ATTRIBUTE_FOREST_TRANSITIVE
: ULONG
= 0x00000008;
380 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION
: ULONG
= 0x00000010;
381 pub const TRUST_ATTRIBUTE_WITHIN_FOREST
: ULONG
= 0x00000020;
382 pub const TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
: ULONG
= 0x00000040;
383 pub const TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION
: ULONG
= 0x00000080;
384 pub const TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS
: ULONG
= 0x00000100;
385 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION
: ULONG
= 0x00000200;
386 pub const TRUST_ATTRIBUTES_VALID
: ULONG
= 0xFF03FFFF;
387 pub const TRUST_ATTRIBUTES_USER
: ULONG
= 0xFF000000;
388 STRUCT
!{struct TRUSTED_DOMAIN_INFORMATION_EX
{
389 Name
: LSA_UNICODE_STRING
,
390 FlatName
: LSA_UNICODE_STRING
,
392 TrustDirection
: ULONG
,
394 TrustAttributes
: ULONG
,
396 pub type PTRUSTED_DOMAIN_INFORMATION_EX
= *mut TRUSTED_DOMAIN_INFORMATION_EX
;
397 STRUCT
!{struct TRUSTED_DOMAIN_INFORMATION_EX2
{
398 Name
: LSA_UNICODE_STRING
,
399 FlatName
: LSA_UNICODE_STRING
,
401 TrustDirection
: ULONG
,
403 TrustAttributes
: ULONG
,
404 ForestTrustLength
: ULONG
,
405 ForestTrustInfo
: PUCHAR
,
407 pub type PTRUSTED_DOMAIN_INFORMATION_EX2
= *mut TRUSTED_DOMAIN_INFORMATION_EX2
;
408 pub const TRUST_AUTH_TYPE_NONE
: ULONG
= 0;
409 pub const TRUST_AUTH_TYPE_NT4OWF
: ULONG
= 1;
410 pub const TRUST_AUTH_TYPE_CLEAR
: ULONG
= 2;
411 pub const TRUST_AUTH_TYPE_VERSION
: ULONG
= 3;
412 STRUCT
!{struct LSA_AUTH_INFORMATION
{
413 LastUpdateTime
: LARGE_INTEGER
,
415 AuthInfoLength
: ULONG
,
418 pub type PLSA_AUTH_INFORMATION
= *mut LSA_AUTH_INFORMATION
;
419 STRUCT
!{struct TRUSTED_DOMAIN_AUTH_INFORMATION
{
420 IncomingAuthInfos
: ULONG
,
421 IncomingAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
422 IncomingPreviousAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
423 OutgoingAuthInfos
: ULONG
,
424 OutgoingAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
425 OutgoingPreviousAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
427 pub type PTRUSTED_DOMAIN_AUTH_INFORMATION
= *mut TRUSTED_DOMAIN_AUTH_INFORMATION
;
428 STRUCT
!{struct TRUSTED_DOMAIN_FULL_INFORMATION
{
429 Information
: TRUSTED_DOMAIN_INFORMATION_EX
,
430 PosixOffset
: TRUSTED_POSIX_OFFSET_INFO
,
431 AuthInformation
: TRUSTED_DOMAIN_AUTH_INFORMATION
,
433 pub type PTRUSTED_DOMAIN_FULL_INFORMATION
= *mut TRUSTED_DOMAIN_FULL_INFORMATION
;
434 STRUCT
!{struct TRUSTED_DOMAIN_FULL_INFORMATION2
{
435 Information
: TRUSTED_DOMAIN_INFORMATION_EX2
,
436 PosixOffset
: TRUSTED_POSIX_OFFSET_INFO
,
437 AuthInformation
: TRUSTED_DOMAIN_AUTH_INFORMATION
,
439 pub type PTRUSTED_DOMAIN_FULL_INFORMATION2
= *mut TRUSTED_DOMAIN_FULL_INFORMATION2
;
440 STRUCT
!{struct TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES
{
441 SupportedEncryptionTypes
: ULONG
,
443 pub type PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES
=
444 *mut TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES
;
445 ENUM
!{enum LSA_FOREST_TRUST_RECORD_TYPE
{
446 ForestTrustTopLevelName
,
447 ForestTrustTopLevelNameEx
,
448 ForestTrustDomainInfo
,
449 ForestTrustRecordTypeLast
, // = ForestTrustDomainInfo,
451 pub const LSA_FTRECORD_DISABLED_REASONS
: ULONG
= 0x0000FFFF;
452 pub const LSA_TLN_DISABLED_NEW
: ULONG
= 0x00000001;
453 pub const LSA_TLN_DISABLED_ADMIN
: ULONG
= 0x00000002;
454 pub const LSA_TLN_DISABLED_CONFLICT
: ULONG
= 0x00000004;
455 pub const LSA_SID_DISABLED_ADMIN
: ULONG
= 0x00000001;
456 pub const LSA_SID_DISABLED_CONFLICT
: ULONG
= 0x00000002;
457 pub const LSA_NB_DISABLED_ADMIN
: ULONG
= 0x00000004;
458 pub const LSA_NB_DISABLED_CONFLICT
: ULONG
= 0x00000008;
459 STRUCT
!{struct LSA_FOREST_TRUST_DOMAIN_INFO
{
461 DnsName
: LSA_UNICODE_STRING
,
462 NetbiosName
: LSA_UNICODE_STRING
,
464 pub type PLSA_FOREST_TRUST_DOMAIN_INFO
= *mut LSA_FOREST_TRUST_DOMAIN_INFO
;
465 pub const MAX_FOREST_TRUST_BINARY_DATA_SIZE
: ULONG
= 128 * 1024;
466 STRUCT
!{struct LSA_FOREST_TRUST_BINARY_DATA
{
470 pub type PLSA_FOREST_TRUST_BINARY_DATA
= *mut LSA_FOREST_TRUST_BINARY_DATA
;
471 UNION
!{union LSA_FOREST_TRUST_RECORD_ForestTrustData
{
473 TopLevelName TopLevelName_mut
: LSA_UNICODE_STRING
,
474 DomainInfo DomainInfo_mut
: LSA_FOREST_TRUST_DOMAIN_INFO
,
475 Data Data_mut
: LSA_FOREST_TRUST_BINARY_DATA
,
477 STRUCT
!{struct LSA_FOREST_TRUST_RECORD
{
479 ForestTrustType
: LSA_FOREST_TRUST_RECORD_TYPE
,
481 ForestTrustData
: LSA_FOREST_TRUST_RECORD_ForestTrustData
,
483 pub type PLSA_FOREST_TRUST_RECORD
= *mut LSA_FOREST_TRUST_RECORD
;
484 pub const MAX_RECORDS_IN_FOREST_TRUST_INFO
: ULONG
= 4000;
485 STRUCT
!{struct LSA_FOREST_TRUST_INFORMATION
{
487 Entries
: *mut PLSA_FOREST_TRUST_RECORD
,
489 pub type PLSA_FOREST_TRUST_INFORMATION
= *mut LSA_FOREST_TRUST_INFORMATION
;
490 ENUM
!{enum LSA_FOREST_TRUST_COLLISION_RECORD_TYPE
{
495 STRUCT
!{struct LSA_FOREST_TRUST_COLLISION_RECORD
{
497 Type
: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE
,
499 Name
: LSA_UNICODE_STRING
,
501 pub type PLSA_FOREST_TRUST_COLLISION_RECORD
= *mut LSA_FOREST_TRUST_COLLISION_RECORD
;
502 STRUCT
!{struct LSA_FOREST_TRUST_COLLISION_INFORMATION
{
504 Entries
: *mut PLSA_FOREST_TRUST_COLLISION_RECORD
,
506 pub type PLSA_FOREST_TRUST_COLLISION_INFORMATION
= *mut LSA_FOREST_TRUST_COLLISION_INFORMATION
;
507 pub type LSA_ENUMERATION_HANDLE
= ULONG
;
508 pub type PLSA_ENUMERATION_HANDLE
= *mut ULONG
;
509 STRUCT
!{struct LSA_ENUMERATION_INFORMATION
{
512 pub type PLSA_ENUMERATION_INFORMATION
= *mut LSA_ENUMERATION_INFORMATION
;
513 STRUCT
!{struct LSA_LAST_INTER_LOGON_INFO
{
514 LastSuccessfulLogon
: LARGE_INTEGER
,
515 LastFailedLogon
: LARGE_INTEGER
,
516 FailedAttemptCountSinceLastSuccessfulLogon
: ULONG
,
518 pub type PLSA_LAST_INTER_LOGON_INFO
= *mut LSA_LAST_INTER_LOGON_INFO
;
519 STRUCT
!{struct SECURITY_LOGON_SESSION_DATA
{
522 UserName
: LSA_UNICODE_STRING
,
523 LogonDomain
: LSA_UNICODE_STRING
,
524 AuthenticationPackage
: LSA_UNICODE_STRING
,
528 LogonTime
: LARGE_INTEGER
,
529 LogonServer
: LSA_UNICODE_STRING
,
530 DnsDomainName
: LSA_UNICODE_STRING
,
531 Upn
: LSA_UNICODE_STRING
,
533 LastLogonInfo
: LSA_LAST_INTER_LOGON_INFO
,
534 LogonScript
: LSA_UNICODE_STRING
,
535 ProfilePath
: LSA_UNICODE_STRING
,
536 HomeDirectory
: LSA_UNICODE_STRING
,
537 HomeDirectoryDrive
: LSA_UNICODE_STRING
,
538 LogoffTime
: LARGE_INTEGER
,
539 KickOffTime
: LARGE_INTEGER
,
540 PasswordLastSet
: LARGE_INTEGER
,
541 PasswordCanChange
: LARGE_INTEGER
,
542 PasswordMustChange
: LARGE_INTEGER
,
544 pub type PSECURITY_LOGON_SESSION_DATA
= *mut SECURITY_LOGON_SESSION_DATA
;
545 pub const CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
: ULONG
= 0x00000001;
546 pub const CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
: ULONG
= 0x00000100;
547 pub const CENTRAL_ACCESS_POLICY_STAGED_FLAG
: ULONG
= 0x00010000;
548 pub const CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK
: ULONG
=
549 CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
550 | CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
551 | CENTRAL_ACCESS_POLICY_STAGED_FLAG
;
552 pub const LSASETCAPS_RELOAD_FLAG
: ULONG
= 0x00000001;
553 pub const LSASETCAPS_VALID_FLAG_MASK
: ULONG
= LSASETCAPS_RELOAD_FLAG
;
554 STRUCT
!{struct CENTRAL_ACCESS_POLICY_ENTRY
{
555 Name
: LSA_UNICODE_STRING
,
556 Description
: LSA_UNICODE_STRING
,
557 ChangeId
: LSA_UNICODE_STRING
,
558 LengthAppliesTo
: ULONG
,
561 SD
: PSECURITY_DESCRIPTOR
,
562 LengthStagedSD
: ULONG
,
563 StagedSD
: PSECURITY_DESCRIPTOR
,
566 pub type PCENTRAL_ACCESS_POLICY_ENTRY
= *mut CENTRAL_ACCESS_POLICY_ENTRY
;
567 pub type PCCENTRAL_ACCESS_POLICY_ENTRY
= *const CENTRAL_ACCESS_POLICY_ENTRY
;
568 STRUCT
!{struct CENTRAL_ACCESS_POLICY
{
570 Name
: LSA_UNICODE_STRING
,
571 Description
: LSA_UNICODE_STRING
,
572 ChangeId
: LSA_UNICODE_STRING
,
575 CAPEs
: *mut PCENTRAL_ACCESS_POLICY_ENTRY
,
577 pub type PCENTRAL_ACCESS_POLICY
= *mut CENTRAL_ACCESS_POLICY
;
578 pub type PCCENTRAL_ACCESS_POLICY
= *const CENTRAL_ACCESS_POLICY
;
579 ENUM
!{enum NEGOTIATE_MESSAGES
{
580 NegEnumPackagePrefixes
= 0,
581 NegGetCallerName
= 1,
582 NegTransferCredentials
= 2,
585 pub const NEGOTIATE_MAX_PREFIX
: usize = 32;
586 STRUCT
!{struct NEGOTIATE_PACKAGE_PREFIX
{
587 PackageId
: ULONG_PTR
,
590 PrefixLen
: ULONG_PTR
,
591 Prefix
: [UCHAR
; NEGOTIATE_MAX_PREFIX
],
593 pub type PNEGOTIATE_PACKAGE_PREFIX
= *mut NEGOTIATE_PACKAGE_PREFIX
;
594 STRUCT
!{struct NEGOTIATE_PACKAGE_PREFIXES
{
600 pub type PNEGOTIATE_PACKAGE_PREFIXES
= *mut NEGOTIATE_PACKAGE_PREFIXES
;
601 STRUCT
!{struct NEGOTIATE_CALLER_NAME_REQUEST
{
605 pub type PNEGOTIATE_CALLER_NAME_REQUEST
= *mut NEGOTIATE_CALLER_NAME_REQUEST
;
606 STRUCT
!{struct NEGOTIATE_CALLER_NAME_RESPONSE
{
610 pub type PNEGOTIATE_CALLER_NAME_RESPONSE
= *mut NEGOTIATE_CALLER_NAME_RESPONSE
;
611 STRUCT
!{struct DOMAIN_PASSWORD_INFORMATION
{
612 MinPasswordLength
: USHORT
,
613 PasswordHistoryLength
: USHORT
,
614 PasswordProperties
: ULONG
,
615 MaxPasswordAge
: LARGE_INTEGER
,
616 MinPasswordAge
: LARGE_INTEGER
,
618 pub type PDOMAIN_PASSWORD_INFORMATION
= *mut DOMAIN_PASSWORD_INFORMATION
;
619 pub const DOMAIN_PASSWORD_COMPLEX
: ULONG
= 0x00000001;
620 pub const DOMAIN_PASSWORD_NO_ANON_CHANGE
: ULONG
= 0x00000002;
621 pub const DOMAIN_PASSWORD_NO_CLEAR_CHANGE
: ULONG
= 0x00000004;
622 pub const DOMAIN_LOCKOUT_ADMINS
: ULONG
= 0x00000008;
623 pub const DOMAIN_PASSWORD_STORE_CLEARTEXT
: ULONG
= 0x00000010;
624 pub const DOMAIN_REFUSE_PASSWORD_CHANGE
: ULONG
= 0x00000020;
625 pub const DOMAIN_NO_LM_OWF_CHANGE
: ULONG
= 0x00000040;
626 FN
!{stdcall
PSAM_PASSWORD_NOTIFICATION_ROUTINE(
627 UserName
: PUNICODE_STRING
,
629 NewPassword
: PUNICODE_STRING
,
631 FN
!{stdcall PSAM_INIT_NOTIFICATION_ROUTINE() -> BOOLEAN}
632 FN
!{stdcall
PSAM_PASSWORD_FILTER_ROUTINE(
633 AccountName
: PUNICODE_STRING
,
634 FullName
: PUNICODE_STRING
,
635 Password
: PUNICODE_STRING
,
636 SetOperation
: BOOLEAN
,
638 ENUM
!{enum MSV1_0_LOGON_SUBMIT_TYPE
{
639 MsV1_0InteractiveLogon
= 2,
643 MsV1_0WorkstationUnlockLogon
= 7,
645 MsV1_0VirtualLogon
= 82,
646 MsV1_0NoElevationLogon
= 83,
647 MsV1_0LuidLogon
= 84,
649 pub type PMSV1_0_LOGON_SUBMIT_TYPE
= *mut MSV1_0_LOGON_SUBMIT_TYPE
;
650 ENUM
!{enum MSV1_0_PROFILE_BUFFER_TYPE
{
651 MsV1_0InteractiveProfile
= 2,
652 MsV1_0Lm20LogonProfile
,
653 MsV1_0SmartCardProfile
,
655 pub type PMSV1_0_PROFILE_BUFFER_TYPE
= *mut MSV1_0_PROFILE_BUFFER_TYPE
;
656 STRUCT
!{struct MSV1_0_INTERACTIVE_LOGON
{
657 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
658 LogonDomainName
: UNICODE_STRING
,
659 UserName
: UNICODE_STRING
,
660 Password
: UNICODE_STRING
,
662 pub type PMSV1_0_INTERACTIVE_LOGON
= *mut MSV1_0_INTERACTIVE_LOGON
;
663 STRUCT
!{struct MSV1_0_INTERACTIVE_PROFILE
{
664 MessageType
: MSV1_0_PROFILE_BUFFER_TYPE
,
666 BadPasswordCount
: USHORT
,
667 LogonTime
: LARGE_INTEGER
,
668 LogoffTime
: LARGE_INTEGER
,
669 KickOffTime
: LARGE_INTEGER
,
670 PasswordLastSet
: LARGE_INTEGER
,
671 PasswordCanChange
: LARGE_INTEGER
,
672 PasswordMustChange
: LARGE_INTEGER
,
673 LogonScript
: UNICODE_STRING
,
674 HomeDirectory
: UNICODE_STRING
,
675 FullName
: UNICODE_STRING
,
676 ProfilePath
: UNICODE_STRING
,
677 HomeDirectoryDrive
: UNICODE_STRING
,
678 LogonServer
: UNICODE_STRING
,
681 pub type PMSV1_0_INTERACTIVE_PROFILE
= *mut MSV1_0_INTERACTIVE_PROFILE
;
682 pub const MSV1_0_CHALLENGE_LENGTH
: usize = 8;
683 pub const MSV1_0_USER_SESSION_KEY_LENGTH
: usize = 16;
684 pub const MSV1_0_LANMAN_SESSION_KEY_LENGTH
: usize = 8;
685 pub const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED
: ULONG
= 0x02;
686 pub const MSV1_0_UPDATE_LOGON_STATISTICS
: ULONG
= 0x04;
687 pub const MSV1_0_RETURN_USER_PARAMETERS
: ULONG
= 0x08;
688 pub const MSV1_0_DONT_TRY_GUEST_ACCOUNT
: ULONG
= 0x10;
689 pub const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
: ULONG
= 0x20;
690 pub const MSV1_0_RETURN_PASSWORD_EXPIRY
: ULONG
= 0x40;
691 pub const MSV1_0_USE_CLIENT_CHALLENGE
: ULONG
= 0x80;
692 pub const MSV1_0_TRY_GUEST_ACCOUNT_ONLY
: ULONG
= 0x100;
693 pub const MSV1_0_RETURN_PROFILE_PATH
: ULONG
= 0x200;
694 pub const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY
: ULONG
= 0x400;
695 pub const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT
: ULONG
= 0x800;
696 pub const MSV1_0_DISABLE_PERSONAL_FALLBACK
: ULONG
= 0x00001000;
697 pub const MSV1_0_ALLOW_FORCE_GUEST
: ULONG
= 0x00002000;
698 pub const MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED
: ULONG
= 0x00004000;
699 pub const MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY
: ULONG
= 0x00008000;
700 pub const MSV1_0_SUBAUTHENTICATION_DLL_EX
: ULONG
= 0x00100000;
701 pub const MSV1_0_ALLOW_MSVCHAPV2
: ULONG
= 0x00010000;
702 pub const MSV1_0_S4U2SELF
: ULONG
= 0x00020000;
703 pub const MSV1_0_CHECK_LOGONHOURS_FOR_S4U
: ULONG
= 0x00040000;
704 pub const MSV1_0_INTERNET_DOMAIN
: ULONG
= 0x00080000;
705 pub const MSV1_0_SUBAUTHENTICATION_DLL
: ULONG
= 0xFF000000;
706 pub const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT
: ULONG
= 24;
707 pub const MSV1_0_MNS_LOGON
: ULONG
= 0x01000000;
708 pub const MSV1_0_SUBAUTHENTICATION_DLL_RAS
: ULONG
= 2;
709 pub const MSV1_0_SUBAUTHENTICATION_DLL_IIS
: ULONG
= 132;
710 STRUCT
!{struct MSV1_0_LM20_LOGON
{
711 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
712 LogonDomainName
: UNICODE_STRING
,
713 UserName
: UNICODE_STRING
,
714 Workstation
: UNICODE_STRING
,
715 ChallengeToClient
: [UCHAR
; MSV1_0_CHALLENGE_LENGTH
],
716 CaseSensitiveChallengeResponse
: STRING
,
717 CaseInsensitiveChallengeResponse
: STRING
,
718 ParameterControl
: ULONG
,
720 pub type PMSV1_0_LM20_LOGON
= *mut MSV1_0_LM20_LOGON
;
721 STRUCT
!{struct MSV1_0_SUBAUTH_LOGON
{
722 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
723 LogonDomainName
: UNICODE_STRING
,
724 UserName
: UNICODE_STRING
,
725 Workstation
: UNICODE_STRING
,
726 ChallengeToClient
: [UCHAR
; MSV1_0_CHALLENGE_LENGTH
],
727 AuthenticationInfo1
: STRING
,
728 AuthenticationInfo2
: STRING
,
729 ParameterControl
: ULONG
,
730 SubAuthPackageId
: ULONG
,
732 pub type PMSV1_0_SUBAUTH_LOGON
= *mut MSV1_0_SUBAUTH_LOGON
;
733 STRUCT
!{struct MSV1_0_S4U_LOGON
{
734 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
735 MSV1_0_LOGON_SUBMIT_TYPE
: ULONG
,
736 UserPrincipalName
: UNICODE_STRING
,
737 DomainName
: UNICODE_STRING
,
739 pub type PMSV1_0_S4U_LOGON
= *mut MSV1_0_S4U_LOGON
;
740 pub const LOGON_GUEST
: ULONG
= 0x01;
741 pub const LOGON_NOENCRYPTION
: ULONG
= 0x02;
742 pub const LOGON_CACHED_ACCOUNT
: ULONG
= 0x04;
743 pub const LOGON_USED_LM_PASSWORD
: ULONG
= 0x08;
744 pub const LOGON_EXTRA_SIDS
: ULONG
= 0x20;
745 pub const LOGON_SUBAUTH_SESSION_KEY
: ULONG
= 0x40;
746 pub const LOGON_SERVER_TRUST_ACCOUNT
: ULONG
= 0x80;
747 pub const LOGON_NTLMV2_ENABLED
: ULONG
= 0x100;
748 pub const LOGON_RESOURCE_GROUPS
: ULONG
= 0x200;
749 pub const LOGON_PROFILE_PATH_RETURNED
: ULONG
= 0x400;
750 pub const LOGON_NT_V2
: ULONG
= 0x800;
751 pub const LOGON_LM_V2
: ULONG
= 0x1000;
752 pub const LOGON_NTLM_V2
: ULONG
= 0x2000;
753 pub const LOGON_OPTIMIZED
: ULONG
= 0x4000;
754 pub const LOGON_WINLOGON
: ULONG
= 0x8000;
755 pub const LOGON_PKINIT
: ULONG
= 0x10000;
756 pub const LOGON_NO_OPTIMIZED
: ULONG
= 0x20000;
757 pub const LOGON_NO_ELEVATION
: ULONG
= 0x40000;
758 pub const LOGON_MANAGED_SERVICE
: ULONG
= 0x80000;
759 pub const LOGON_GRACE_LOGON
: ULONG
= 0x01000000;
760 STRUCT
!{struct MSV1_0_LM20_LOGON_PROFILE
{
761 MessageType
: MSV1_0_PROFILE_BUFFER_TYPE
,
762 KickOffTime
: LARGE_INTEGER
,
763 LogoffTime
: LARGE_INTEGER
,
765 UserSessionKey
: [UCHAR
; MSV1_0_USER_SESSION_KEY_LENGTH
],
766 LogonDomainName
: UNICODE_STRING
,
767 LanmanSessionKey
: [UCHAR
; MSV1_0_LANMAN_SESSION_KEY_LENGTH
],
768 LogonServer
: UNICODE_STRING
,
769 UserParameters
: UNICODE_STRING
,
771 pub type PMSV1_0_LM20_LOGON_PROFILE
= *mut MSV1_0_LM20_LOGON_PROFILE
;
772 pub const MSV1_0_OWF_PASSWORD_LENGTH
: usize = 16;
773 STRUCT
!{struct MSV1_0_SUPPLEMENTAL_CREDENTIAL
{
776 LmPassword
: [UCHAR
; MSV1_0_OWF_PASSWORD_LENGTH
],
777 NtPassword
: [UCHAR
; MSV1_0_OWF_PASSWORD_LENGTH
],
779 pub type PMSV1_0_SUPPLEMENTAL_CREDENTIAL
= *mut MSV1_0_SUPPLEMENTAL_CREDENTIAL
;
780 pub const MSV1_0_NTLM3_RESPONSE_LENGTH
: usize = 16;
781 pub const MSV1_0_NTLM3_OWF_LENGTH
: usize = 16;
782 STRUCT
!{struct MSV1_0_NTLM3_RESPONSE
{
783 Response
: [UCHAR
; MSV1_0_NTLM3_RESPONSE_LENGTH
],
788 TimeStamp
: ULONGLONG
,
789 ChallengeFromClient
: [UCHAR
; MSV1_0_CHALLENGE_LENGTH
],
793 pub type PMSV1_0_NTLM3_RESPONSE
= *mut MSV1_0_NTLM3_RESPONSE
;
794 ENUM
!{enum MSV1_0_AVID
{
798 MsvAvDnsComputerName
,
805 MsvAvChannelBindings
,
807 STRUCT
!{struct MSV1_0_AV_PAIR
{
811 pub type PMSV1_0_AV_PAIR
= *mut MSV1_0_AV_PAIR
;
812 ENUM
!{enum MSV1_0_PROTOCOL_MESSAGE_TYPE
{
813 MsV1_0Lm20ChallengeRequest
= 0,
814 MsV1_0Lm20GetChallengeResponse
,
815 MsV1_0EnumerateUsers
,
818 MsV1_0ChangePassword
,
819 MsV1_0ChangeCachedPassword
,
820 MsV1_0GenericPassthrough
,
823 MsV1_0DeriveCredential
,
825 MsV1_0SetProcessOption
,
826 MsV1_0ConfigLocalAliases
,
827 MsV1_0ClearCachedCredentials
,
831 MsV1_0GetCredentialKey
,
832 MsV1_0SetThreadOption
,
834 pub type PMSV1_0_PROTOCOL_MESSAGE_TYPE
= *mut MSV1_0_PROTOCOL_MESSAGE_TYPE
;
835 STRUCT
!{struct MSV1_0_CHANGEPASSWORD_REQUEST
{
836 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
837 DomainName
: UNICODE_STRING
,
838 AccountName
: UNICODE_STRING
,
839 OldPassword
: UNICODE_STRING
,
840 NewPassword
: UNICODE_STRING
,
841 Impersonating
: BOOLEAN
,
843 pub type PMSV1_0_CHANGEPASSWORD_REQUEST
= *mut MSV1_0_CHANGEPASSWORD_REQUEST
;
844 STRUCT
!{struct MSV1_0_CHANGEPASSWORD_RESPONSE
{
845 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
846 PasswordInfoValid
: BOOLEAN
,
847 DomainPasswordInfo
: DOMAIN_PASSWORD_INFORMATION
,
849 pub type PMSV1_0_CHANGEPASSWORD_RESPONSE
= *mut MSV1_0_CHANGEPASSWORD_RESPONSE
;
850 STRUCT
!{struct MSV1_0_PASSTHROUGH_REQUEST
{
851 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
852 DomainName
: UNICODE_STRING
,
853 PackageName
: UNICODE_STRING
,
858 pub type PMSV1_0_PASSTHROUGH_REQUEST
= *mut MSV1_0_PASSTHROUGH_REQUEST
;
859 STRUCT
!{struct MSV1_0_PASSTHROUGH_RESPONSE
{
860 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
863 ValidationData
: PUCHAR
,
865 pub type PMSV1_0_PASSTHROUGH_RESPONSE
= *mut MSV1_0_PASSTHROUGH_RESPONSE
;
866 STRUCT
!{struct MSV1_0_SUBAUTH_REQUEST
{
867 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
868 SubAuthPackageId
: ULONG
,
869 SubAuthInfoLength
: ULONG
,
870 SubAuthSubmitBuffer
: PUCHAR
,
872 pub type PMSV1_0_SUBAUTH_REQUEST
= *mut MSV1_0_SUBAUTH_REQUEST
;
873 STRUCT
!{struct MSV1_0_SUBAUTH_RESPONSE
{
874 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
875 SubAuthInfoLength
: ULONG
,
876 SubAuthReturnBuffer
: PUCHAR
,
878 pub type PMSV1_0_SUBAUTH_RESPONSE
= *mut MSV1_0_SUBAUTH_RESPONSE
;
879 pub use self::SystemFunction036
as RtlGenRandom
;
880 pub use self::SystemFunction040
as RtlEncryptMemory
;
881 pub use self::SystemFunction041
as RtlDecryptMemory
;
883 pub fn SystemFunction036(
885 RandomBufferLength
: ULONG
,
888 pub const RTL_ENCRYPT_MEMORY_SIZE
: ULONG
= 8;
889 pub const RTL_ENCRYPT_OPTION_CROSS_PROCESS
: ULONG
= 0x01;
890 pub const RTL_ENCRYPT_OPTION_SAME_LOGON
: ULONG
= 0x02;
892 pub fn SystemFunction040(
897 pub fn SystemFunction041(
903 pub const KERBEROS_VERSION
: ULONG
= 5;
904 pub const KERBEROS_REVISION
: ULONG
= 6;
905 pub const KERB_ETYPE_NULL
: LONG
= 0;
906 pub const KERB_ETYPE_DES_CBC_CRC
: LONG
= 1;
907 pub const KERB_ETYPE_DES_CBC_MD4
: LONG
= 2;
908 pub const KERB_ETYPE_DES_CBC_MD5
: LONG
= 3;
909 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96
: LONG
= 17;
910 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96
: LONG
= 18;
911 pub const KERB_ETYPE_RC4_MD4
: LONG
= -128;
912 pub const KERB_ETYPE_RC4_PLAIN2
: LONG
= -129;
913 pub const KERB_ETYPE_RC4_LM
: LONG
= -130;
914 pub const KERB_ETYPE_RC4_SHA
: LONG
= -131;
915 pub const KERB_ETYPE_DES_PLAIN
: LONG
= -132;
916 pub const KERB_ETYPE_RC4_HMAC_OLD
: LONG
= -133;
917 pub const KERB_ETYPE_RC4_PLAIN_OLD
: LONG
= -134;
918 pub const KERB_ETYPE_RC4_HMAC_OLD_EXP
: LONG
= -135;
919 pub const KERB_ETYPE_RC4_PLAIN_OLD_EXP
: LONG
= -136;
920 pub const KERB_ETYPE_RC4_PLAIN
: LONG
= -140;
921 pub const KERB_ETYPE_RC4_PLAIN_EXP
: LONG
= -141;
922 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN
: LONG
= -148;
923 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN
: LONG
= -149;
924 pub const KERB_ETYPE_DSA_SHA1_CMS
: LONG
= 9;
925 pub const KERB_ETYPE_RSA_MD5_CMS
: LONG
= 10;
926 pub const KERB_ETYPE_RSA_SHA1_CMS
: LONG
= 11;
927 pub const KERB_ETYPE_RC2_CBC_ENV
: LONG
= 12;
928 pub const KERB_ETYPE_RSA_ENV
: LONG
= 13;
929 pub const KERB_ETYPE_RSA_ES_OEAP_ENV
: LONG
= 14;
930 pub const KERB_ETYPE_DES_EDE3_CBC_ENV
: LONG
= 15;
931 pub const KERB_ETYPE_DSA_SIGN
: LONG
= 8;
932 pub const KERB_ETYPE_RSA_PRIV
: LONG
= 9;
933 pub const KERB_ETYPE_RSA_PUB
: LONG
= 10;
934 pub const KERB_ETYPE_RSA_PUB_MD5
: LONG
= 11;
935 pub const KERB_ETYPE_RSA_PUB_SHA1
: LONG
= 12;
936 pub const KERB_ETYPE_PKCS7_PUB
: LONG
= 13;
937 pub const KERB_ETYPE_DES3_CBC_MD5
: LONG
= 5;
938 pub const KERB_ETYPE_DES3_CBC_SHA1
: LONG
= 7;
939 pub const KERB_ETYPE_DES3_CBC_SHA1_KD
: LONG
= 16;
940 pub const KERB_ETYPE_DES_CBC_MD5_NT
: LONG
= 20;
941 pub const KERB_ETYPE_RC4_HMAC_NT
: LONG
= 23;
942 pub const KERB_ETYPE_RC4_HMAC_NT_EXP
: LONG
= 24;
943 pub const KERB_CHECKSUM_NONE
: LONG
= 0;
944 pub const KERB_CHECKSUM_CRC32
: LONG
= 1;
945 pub const KERB_CHECKSUM_MD4
: LONG
= 2;
946 pub const KERB_CHECKSUM_KRB_DES_MAC
: LONG
= 4;
947 pub const KERB_CHECKSUM_KRB_DES_MAC_K
: LONG
= 5;
948 pub const KERB_CHECKSUM_MD5
: LONG
= 7;
949 pub const KERB_CHECKSUM_MD5_DES
: LONG
= 8;
950 pub const KERB_CHECKSUM_SHA1_NEW
: LONG
= 14;
951 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128
: LONG
= 15;
952 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256
: LONG
= 16;
953 pub const KERB_CHECKSUM_LM
: LONG
= -130;
954 pub const KERB_CHECKSUM_SHA1
: LONG
= -131;
955 pub const KERB_CHECKSUM_REAL_CRC32
: LONG
= -132;
956 pub const KERB_CHECKSUM_DES_MAC
: LONG
= -133;
957 pub const KERB_CHECKSUM_DES_MAC_MD5
: LONG
= -134;
958 pub const KERB_CHECKSUM_MD25
: LONG
= -135;
959 pub const KERB_CHECKSUM_RC4_MD5
: LONG
= -136;
960 pub const KERB_CHECKSUM_MD5_HMAC
: LONG
= -137;
961 pub const KERB_CHECKSUM_HMAC_MD5
: LONG
= -138;
962 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki
: LONG
= -150;
963 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki
: LONG
= -151;
964 pub const KERB_TICKET_FLAGS_reserved
: ULONG
= 0x80000000;
965 pub const KERB_TICKET_FLAGS_forwardable
: ULONG
= 0x40000000;
966 pub const KERB_TICKET_FLAGS_forwarded
: ULONG
= 0x20000000;
967 pub const KERB_TICKET_FLAGS_proxiable
: ULONG
= 0x10000000;
968 pub const KERB_TICKET_FLAGS_proxy
: ULONG
= 0x08000000;
969 pub const KERB_TICKET_FLAGS_may_postdate
: ULONG
= 0x04000000;
970 pub const KERB_TICKET_FLAGS_postdated
: ULONG
= 0x02000000;
971 pub const KERB_TICKET_FLAGS_invalid
: ULONG
= 0x01000000;
972 pub const KERB_TICKET_FLAGS_renewable
: ULONG
= 0x00800000;
973 pub const KERB_TICKET_FLAGS_initial
: ULONG
= 0x00400000;
974 pub const KERB_TICKET_FLAGS_pre_authent
: ULONG
= 0x00200000;
975 pub const KERB_TICKET_FLAGS_hw_authent
: ULONG
= 0x00100000;
976 pub const KERB_TICKET_FLAGS_ok_as_delegate
: ULONG
= 0x00040000;
977 pub const KERB_TICKET_FLAGS_name_canonicalize
: ULONG
= 0x00010000;
978 pub const KERB_TICKET_FLAGS_cname_in_pa_data
: ULONG
= 0x00040000;
979 pub const KERB_TICKET_FLAGS_enc_pa_rep
: ULONG
= 0x00010000;
980 pub const KERB_TICKET_FLAGS_reserved1
: ULONG
= 0x00000001;
981 pub const KRB_NT_UNKNOWN
: LONG
= 0;
982 pub const KRB_NT_PRINCIPAL
: LONG
= 1;
983 pub const KRB_NT_PRINCIPAL_AND_ID
: LONG
= -131;
984 pub const KRB_NT_SRV_INST
: LONG
= 2;
985 pub const KRB_NT_SRV_INST_AND_ID
: LONG
= -132;
986 pub const KRB_NT_SRV_HST
: LONG
= 3;
987 pub const KRB_NT_SRV_XHST
: LONG
= 4;
988 pub const KRB_NT_UID
: LONG
= 5;
989 pub const KRB_NT_ENTERPRISE_PRINCIPAL
: LONG
= 10;
990 pub const KRB_NT_WELLKNOWN
: LONG
= 11;
991 pub const KRB_NT_ENT_PRINCIPAL_AND_ID
: LONG
= -130;
992 pub const KRB_NT_MS_PRINCIPAL
: LONG
= -128;
993 pub const KRB_NT_MS_PRINCIPAL_AND_ID
: LONG
= -129;
994 pub const KRB_NT_MS_BRANCH_ID
: LONG
= -133;
995 pub const KRB_NT_X500_PRINCIPAL
: LONG
= 6;
996 pub const KERB_WRAP_NO_ENCRYPT
: ULONG
= 0x80000001;
997 ENUM
!{enum KERB_LOGON_SUBMIT_TYPE
{
998 KerbInteractiveLogon
= 2,
999 KerbSmartCardLogon
= 6,
1000 KerbWorkstationUnlockLogon
= 7,
1001 KerbSmartCardUnlockLogon
= 8,
1003 KerbTicketLogon
= 10,
1004 KerbTicketUnlockLogon
= 11,
1006 KerbCertificateLogon
= 13,
1007 KerbCertificateS4ULogon
= 14,
1008 KerbCertificateUnlockLogon
= 15,
1009 KerbNoElevationLogon
= 83,
1012 pub type PKERB_LOGON_SUBMIT_TYPE
= *mut KERB_LOGON_SUBMIT_TYPE
;
1013 STRUCT
!{struct KERB_INTERACTIVE_LOGON
{
1014 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1015 LogonDomainName
: UNICODE_STRING
,
1016 UserName
: UNICODE_STRING
,
1017 Password
: UNICODE_STRING
,
1019 pub type PKERB_INTERACTIVE_LOGON
= *mut KERB_INTERACTIVE_LOGON
;
1020 STRUCT
!{struct KERB_INTERACTIVE_UNLOCK_LOGON
{
1021 Logon
: KERB_INTERACTIVE_LOGON
,
1024 pub type PKERB_INTERACTIVE_UNLOCK_LOGON
= *mut KERB_INTERACTIVE_UNLOCK_LOGON
;
1025 STRUCT
!{struct KERB_SMART_CARD_LOGON
{
1026 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1027 Pin
: UNICODE_STRING
,
1028 CspDataLength
: ULONG
,
1031 pub type PKERB_SMART_CARD_LOGON
= *mut KERB_SMART_CARD_LOGON
;
1032 STRUCT
!{struct KERB_SMART_CARD_UNLOCK_LOGON
{
1033 Logon
: KERB_SMART_CARD_LOGON
,
1036 pub type PKERB_SMART_CARD_UNLOCK_LOGON
= *mut KERB_SMART_CARD_UNLOCK_LOGON
;
1037 pub const KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES
: ULONG
= 0x1;
1038 pub const KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO
: ULONG
= 0x2;
1039 STRUCT
!{struct KERB_CERTIFICATE_LOGON
{
1040 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1041 DomainName
: UNICODE_STRING
,
1042 UserName
: UNICODE_STRING
,
1043 Pin
: UNICODE_STRING
,
1045 CspDataLength
: ULONG
,
1048 pub type PKERB_CERTIFICATE_LOGON
= *mut KERB_CERTIFICATE_LOGON
;
1049 STRUCT
!{struct KERB_CERTIFICATE_UNLOCK_LOGON
{
1050 Logon
: KERB_CERTIFICATE_LOGON
,
1053 pub type PKERB_CERTIFICATE_UNLOCK_LOGON
= *mut KERB_CERTIFICATE_UNLOCK_LOGON
;
1054 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES
: ULONG
= 0x1;
1055 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS
: ULONG
= 0x2;
1056 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED
: ULONG
= 0x4;
1057 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY
: ULONG
= 0x8;
1058 STRUCT
!{struct KERB_CERTIFICATE_S4U_LOGON
{
1059 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1061 UserPrincipalName
: UNICODE_STRING
,
1062 DomainName
: UNICODE_STRING
,
1063 CertificateLength
: ULONG
,
1064 Certificate
: PUCHAR
,
1066 pub type PKERB_CERTIFICATE_S4U_LOGON
= *mut KERB_CERTIFICATE_S4U_LOGON
;
1067 STRUCT
!{struct KERB_TICKET_LOGON
{
1068 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1070 ServiceTicketLength
: ULONG
,
1071 TicketGrantingTicketLength
: ULONG
,
1072 ServiceTicket
: PUCHAR
,
1073 TicketGrantingTicket
: PUCHAR
,
1075 pub type PKERB_TICKET_LOGON
= *mut KERB_TICKET_LOGON
;
1076 STRUCT
!{struct KERB_TICKET_UNLOCK_LOGON
{
1077 Logon
: KERB_TICKET_LOGON
,
1080 pub type PKERB_TICKET_UNLOCK_LOGON
= *mut KERB_TICKET_UNLOCK_LOGON
;
1081 pub const KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS
: ULONG
= 0x2;
1082 pub const KERB_S4U_LOGON_FLAG_IDENTIFY
: ULONG
= 0x8;
1083 STRUCT
!{struct KERB_S4U_LOGON
{
1084 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1086 ClientUpn
: UNICODE_STRING
,
1087 ClientRealm
: UNICODE_STRING
,
1089 pub type PKERB_S4U_LOGON
= *mut KERB_S4U_LOGON
;
1090 ENUM
!{enum KERB_PROFILE_BUFFER_TYPE
{
1091 KerbInteractiveProfile
= 2,
1092 KerbSmartCardProfile
= 4,
1093 KerbTicketProfile
= 6,
1095 pub type PKERB_PROFILE_BUFFER_TYPE
= *mut KERB_PROFILE_BUFFER_TYPE
;
1096 STRUCT
!{struct KERB_INTERACTIVE_PROFILE
{
1097 MessageType
: KERB_PROFILE_BUFFER_TYPE
,
1099 BadPasswordCount
: USHORT
,
1100 LogonTime
: LARGE_INTEGER
,
1101 LogoffTime
: LARGE_INTEGER
,
1102 KickOffTime
: LARGE_INTEGER
,
1103 PasswordLastSet
: LARGE_INTEGER
,
1104 PasswordCanChange
: LARGE_INTEGER
,
1105 PasswordMustChange
: LARGE_INTEGER
,
1106 LogonScript
: UNICODE_STRING
,
1107 HomeDirectory
: UNICODE_STRING
,
1108 FullName
: UNICODE_STRING
,
1109 ProfilePath
: UNICODE_STRING
,
1110 HomeDirectoryDrive
: UNICODE_STRING
,
1111 LogonServer
: UNICODE_STRING
,
1114 pub type PKERB_INTERACTIVE_PROFILE
= *mut KERB_INTERACTIVE_PROFILE
;
1115 STRUCT
!{struct KERB_SMART_CARD_PROFILE
{
1116 Profile
: KERB_INTERACTIVE_PROFILE
,
1117 CertificateSize
: ULONG
,
1118 CertificateData
: PUCHAR
,
1120 pub type PKERB_SMART_CARD_PROFILE
= *mut KERB_SMART_CARD_PROFILE
;
1121 STRUCT
!{struct KERB_CRYPTO_KEY
{
1126 pub type PKERB_CRYPTO_KEY
= *mut KERB_CRYPTO_KEY
;
1127 STRUCT
!{struct KERB_CRYPTO_KEY32
{
1132 pub type PKERB_CRYPTO_KEY32
= *mut KERB_CRYPTO_KEY32
;
1133 STRUCT
!{struct KERB_TICKET_PROFILE
{
1134 Profile
: KERB_INTERACTIVE_PROFILE
,
1135 SessionKey
: KERB_CRYPTO_KEY
,
1137 pub type PKERB_TICKET_PROFILE
= *mut KERB_TICKET_PROFILE
;
1138 ENUM
!{enum KERB_PROTOCOL_MESSAGE_TYPE
{
1139 KerbDebugRequestMessage
= 0,
1140 KerbQueryTicketCacheMessage
,
1141 KerbChangeMachinePasswordMessage
,
1142 KerbVerifyPacMessage
,
1143 KerbRetrieveTicketMessage
,
1144 KerbUpdateAddressesMessage
,
1145 KerbPurgeTicketCacheMessage
,
1146 KerbChangePasswordMessage
,
1147 KerbRetrieveEncodedTicketMessage
,
1148 KerbDecryptDataMessage
,
1149 KerbAddBindingCacheEntryMessage
,
1150 KerbSetPasswordMessage
,
1151 KerbSetPasswordExMessage
,
1152 KerbVerifyCredentialsMessage
,
1153 KerbQueryTicketCacheExMessage
,
1154 KerbPurgeTicketCacheExMessage
,
1155 KerbRefreshSmartcardCredentialsMessage
,
1156 KerbAddExtraCredentialsMessage
,
1157 KerbQuerySupplementalCredentialsMessage
,
1158 KerbTransferCredentialsMessage
,
1159 KerbQueryTicketCacheEx2Message
,
1160 KerbSubmitTicketMessage
,
1161 KerbAddExtraCredentialsExMessage
,
1162 KerbQueryKdcProxyCacheMessage
,
1163 KerbPurgeKdcProxyCacheMessage
,
1164 KerbQueryTicketCacheEx3Message
,
1165 KerbCleanupMachinePkinitCredsMessage
,
1166 KerbAddBindingCacheEntryExMessage
,
1167 KerbQueryBindingCacheMessage
,
1168 KerbPurgeBindingCacheMessage
,
1170 KerbUnpinAllKdcsMessage
,
1171 KerbQueryDomainExtendedPoliciesMessage
,
1172 KerbQueryS4U2ProxyCacheMessage
,
1174 pub type PKERB_PROTOCOL_MESSAGE_TYPE
= *mut KERB_PROTOCOL_MESSAGE_TYPE
;
1175 STRUCT
!{struct KERB_QUERY_TKT_CACHE_REQUEST
{
1176 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1179 pub type PKERB_QUERY_TKT_CACHE_REQUEST
= *mut KERB_QUERY_TKT_CACHE_REQUEST
;
1180 STRUCT
!{struct KERB_TICKET_CACHE_INFO
{
1181 ServerName
: UNICODE_STRING
,
1182 RealmName
: UNICODE_STRING
,
1183 StartTime
: LARGE_INTEGER
,
1184 EndTime
: LARGE_INTEGER
,
1185 RenewTime
: LARGE_INTEGER
,
1186 EncryptionType
: LONG
,
1189 pub type PKERB_TICKET_CACHE_INFO
= *mut KERB_TICKET_CACHE_INFO
;
1190 STRUCT
!{struct KERB_TICKET_CACHE_INFO_EX
{
1191 ClientName
: UNICODE_STRING
,
1192 ClientRealm
: UNICODE_STRING
,
1193 ServerName
: UNICODE_STRING
,
1194 ServerRealm
: UNICODE_STRING
,
1195 StartTime
: LARGE_INTEGER
,
1196 EndTime
: LARGE_INTEGER
,
1197 RenewTime
: LARGE_INTEGER
,
1198 EncryptionType
: LONG
,
1201 pub type PKERB_TICKET_CACHE_INFO_EX
= *mut KERB_TICKET_CACHE_INFO_EX
;
1202 STRUCT
!{struct KERB_TICKET_CACHE_INFO_EX2
{
1203 ClientName
: UNICODE_STRING
,
1204 ClientRealm
: UNICODE_STRING
,
1205 ServerName
: UNICODE_STRING
,
1206 ServerRealm
: UNICODE_STRING
,
1207 StartTime
: LARGE_INTEGER
,
1208 EndTime
: LARGE_INTEGER
,
1209 RenewTime
: LARGE_INTEGER
,
1210 EncryptionType
: LONG
,
1212 SessionKeyType
: ULONG
,
1215 pub type PKERB_TICKET_CACHE_INFO_EX2
= *mut KERB_TICKET_CACHE_INFO_EX2
;
1216 STRUCT
!{struct KERB_TICKET_CACHE_INFO_EX3
{
1217 ClientName
: UNICODE_STRING
,
1218 ClientRealm
: UNICODE_STRING
,
1219 ServerName
: UNICODE_STRING
,
1220 ServerRealm
: UNICODE_STRING
,
1221 StartTime
: LARGE_INTEGER
,
1222 EndTime
: LARGE_INTEGER
,
1223 RenewTime
: LARGE_INTEGER
,
1224 EncryptionType
: LONG
,
1226 SessionKeyType
: ULONG
,
1229 KdcCalled
: UNICODE_STRING
,
1231 pub type PKERB_TICKET_CACHE_INFO_EX3
= *mut KERB_TICKET_CACHE_INFO_EX3
;
1232 STRUCT
!{struct KERB_QUERY_TKT_CACHE_RESPONSE
{
1233 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1234 CountOfTickets
: ULONG
,
1235 Tickets
: [KERB_TICKET_CACHE_INFO
; ANYSIZE_ARRAY
],
1237 pub type PKERB_QUERY_TKT_CACHE_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_RESPONSE
;
1238 STRUCT
!{struct KERB_QUERY_TKT_CACHE_EX_RESPONSE
{
1239 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1240 CountOfTickets
: ULONG
,
1241 Tickets
: [KERB_TICKET_CACHE_INFO_EX
; ANYSIZE_ARRAY
],
1243 pub type PKERB_QUERY_TKT_CACHE_EX_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_EX_RESPONSE
;
1244 STRUCT
!{struct KERB_QUERY_TKT_CACHE_EX2_RESPONSE
{
1245 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1246 CountOfTickets
: ULONG
,
1247 Tickets
: [KERB_TICKET_CACHE_INFO_EX2
; ANYSIZE_ARRAY
],
1249 pub type PKERB_QUERY_TKT_CACHE_EX2_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_EX2_RESPONSE
;
1250 STRUCT
!{struct KERB_QUERY_TKT_CACHE_EX3_RESPONSE
{
1251 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1252 CountOfTickets
: ULONG
,
1253 Tickets
: [KERB_TICKET_CACHE_INFO_EX3
; ANYSIZE_ARRAY
],
1255 pub type PKERB_QUERY_TKT_CACHE_EX3_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_EX3_RESPONSE
;
1256 pub const KERB_USE_DEFAULT_TICKET_FLAGS
: ULONG
= 0x0;
1257 pub const KERB_RETRIEVE_TICKET_DEFAULT
: ULONG
= 0x0;
1258 pub const KERB_RETRIEVE_TICKET_DONT_USE_CACHE
: ULONG
= 0x1;
1259 pub const KERB_RETRIEVE_TICKET_USE_CACHE_ONLY
: ULONG
= 0x2;
1260 pub const KERB_RETRIEVE_TICKET_USE_CREDHANDLE
: ULONG
= 0x4;
1261 pub const KERB_RETRIEVE_TICKET_AS_KERB_CRED
: ULONG
= 0x8;
1262 pub const KERB_RETRIEVE_TICKET_WITH_SEC_CRED
: ULONG
= 0x10;
1263 pub const KERB_RETRIEVE_TICKET_CACHE_TICKET
: ULONG
= 0x20;
1264 pub const KERB_RETRIEVE_TICKET_MAX_LIFETIME
: ULONG
= 0x40;
1265 STRUCT
!{struct KERB_AUTH_DATA
{
1270 pub type PKERB_AUTH_DATA
= *mut KERB_AUTH_DATA
;
1271 STRUCT
!{struct KERB_NET_ADDRESS
{
1276 pub type PKERB_NET_ADDRESS
= *mut KERB_NET_ADDRESS
;
1277 STRUCT
!{struct KERB_NET_ADDRESSES
{
1279 Addresses
: [KERB_NET_ADDRESS
; ANYSIZE_ARRAY
],
1281 pub type PKERB_NET_ADDRESSES
= *mut KERB_NET_ADDRESSES
;
1282 STRUCT
!{struct KERB_EXTERNAL_NAME
{
1285 Names
: [UNICODE_STRING
; ANYSIZE_ARRAY
],
1287 pub type PKERB_EXTERNAL_NAME
= *mut KERB_EXTERNAL_NAME
;
1288 STRUCT
!{struct KERB_EXTERNAL_TICKET
{
1289 ServiceName
: PKERB_EXTERNAL_NAME
,
1290 TargetName
: PKERB_EXTERNAL_NAME
,
1291 ClientName
: PKERB_EXTERNAL_NAME
,
1292 DomainName
: UNICODE_STRING
,
1293 TargetDomainName
: UNICODE_STRING
,
1294 AltTargetDomainName
: UNICODE_STRING
,
1295 SessionKey
: KERB_CRYPTO_KEY
,
1298 KeyExpirationTime
: LARGE_INTEGER
,
1299 StartTime
: LARGE_INTEGER
,
1300 EndTime
: LARGE_INTEGER
,
1301 RenewUntil
: LARGE_INTEGER
,
1302 TimeSkew
: LARGE_INTEGER
,
1303 EncodedTicketSize
: ULONG
,
1304 EncodedTicket
: PUCHAR
,
1306 pub type PKERB_EXTERNAL_TICKET
= *mut KERB_EXTERNAL_TICKET
;
1307 STRUCT
!{struct KERB_RETRIEVE_TKT_REQUEST
{
1308 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1310 TargetName
: UNICODE_STRING
,
1312 CacheOptions
: ULONG
,
1313 EncryptionType
: LONG
,
1314 CredentialsHandle
: SecHandle
,
1316 pub type PKERB_RETRIEVE_TKT_REQUEST
= *mut KERB_RETRIEVE_TKT_REQUEST
;
1317 STRUCT
!{struct KERB_RETRIEVE_TKT_RESPONSE
{
1318 Ticket
: KERB_EXTERNAL_TICKET
,
1320 pub type PKERB_RETRIEVE_TKT_RESPONSE
= *mut KERB_RETRIEVE_TKT_RESPONSE
;
1321 STRUCT
!{struct KERB_PURGE_TKT_CACHE_REQUEST
{
1322 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1324 ServerName
: UNICODE_STRING
,
1325 RealmName
: UNICODE_STRING
,
1327 pub type PKERB_PURGE_TKT_CACHE_REQUEST
= *mut KERB_PURGE_TKT_CACHE_REQUEST
;
1328 pub const KERB_PURGE_ALL_TICKETS
: ULONG
= 1;
1329 STRUCT
!{struct KERB_PURGE_TKT_CACHE_EX_REQUEST
{
1330 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1333 TicketTemplate
: KERB_TICKET_CACHE_INFO_EX
,
1335 pub type PKERB_PURGE_TKT_CACHE_EX_REQUEST
= *mut KERB_PURGE_TKT_CACHE_EX_REQUEST
;
1336 STRUCT
!{struct KERB_SUBMIT_TKT_REQUEST
{
1337 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1340 Key
: KERB_CRYPTO_KEY32
,
1341 KerbCredSize
: ULONG
,
1342 KerbCredOffset
: ULONG
,
1344 pub type PKERB_SUBMIT_TKT_REQUEST
= *mut KERB_SUBMIT_TKT_REQUEST
;
1345 STRUCT
!{struct KERB_QUERY_KDC_PROXY_CACHE_REQUEST
{
1346 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1350 pub type PKERB_QUERY_KDC_PROXY_CACHE_REQUEST
= *mut KERB_QUERY_KDC_PROXY_CACHE_REQUEST
;
1351 STRUCT
!{struct KDC_PROXY_CACHE_ENTRY_DATA
{
1352 SinceLastUsed
: ULONG64
,
1353 DomainName
: UNICODE_STRING
,
1354 ProxyServerName
: UNICODE_STRING
,
1355 ProxyServerVdir
: UNICODE_STRING
,
1356 ProxyServerPort
: USHORT
,
1358 CredUserName
: UNICODE_STRING
,
1359 CredDomainName
: UNICODE_STRING
,
1360 GlobalCache
: BOOLEAN
,
1362 pub type PKDC_PROXY_CACHE_ENTRY_DATA
= *mut KDC_PROXY_CACHE_ENTRY_DATA
;
1363 STRUCT
!{struct KERB_QUERY_KDC_PROXY_CACHE_RESPONSE
{
1364 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1365 CountOfEntries
: ULONG
,
1366 Entries
: PKDC_PROXY_CACHE_ENTRY_DATA
,
1368 pub type PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE
= *mut KERB_QUERY_KDC_PROXY_CACHE_RESPONSE
;
1369 STRUCT
!{struct KERB_PURGE_KDC_PROXY_CACHE_REQUEST
{
1370 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1374 pub type PKERB_PURGE_KDC_PROXY_CACHE_REQUEST
= *mut KERB_PURGE_KDC_PROXY_CACHE_REQUEST
;
1375 STRUCT
!{struct KERB_PURGE_KDC_PROXY_CACHE_RESPONSE
{
1376 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1377 CountOfPurged
: ULONG
,
1379 pub type PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE
= *mut KERB_PURGE_KDC_PROXY_CACHE_RESPONSE
;
1380 pub const KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE
: ULONG
= 0x1;
1381 STRUCT
!{struct KERB_S4U2PROXY_CACHE_ENTRY_INFO
{
1382 ServerName
: UNICODE_STRING
,
1384 LastStatus
: NTSTATUS
,
1385 Expiry
: LARGE_INTEGER
,
1387 pub type PKERB_S4U2PROXY_CACHE_ENTRY_INFO
= *mut KERB_S4U2PROXY_CACHE_ENTRY_INFO
;
1388 pub const KERB_S4U2PROXY_CRED_FLAG_NEGATIVE
: ULONG
= 0x1;
1389 STRUCT
!{struct KERB_S4U2PROXY_CRED
{
1390 UserName
: UNICODE_STRING
,
1391 DomainName
: UNICODE_STRING
,
1393 LastStatus
: NTSTATUS
,
1394 Expiry
: LARGE_INTEGER
,
1395 CountOfEntries
: ULONG
,
1396 Entries
: PKERB_S4U2PROXY_CACHE_ENTRY_INFO
,
1398 pub type PKERB_S4U2PROXY_CRED
= *mut KERB_S4U2PROXY_CRED
;
1399 STRUCT
!{struct KERB_QUERY_S4U2PROXY_CACHE_REQUEST
{
1400 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1404 pub type PKERB_QUERY_S4U2PROXY_CACHE_REQUEST
= *mut KERB_QUERY_S4U2PROXY_CACHE_REQUEST
;
1405 STRUCT
!{struct KERB_QUERY_S4U2PROXY_CACHE_RESPONSE
{
1406 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1407 CountOfCreds
: ULONG
,
1408 Creds
: PKERB_S4U2PROXY_CRED
,
1410 pub type PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE
= *mut KERB_QUERY_S4U2PROXY_CACHE_RESPONSE
;
1411 STRUCT
!{struct KERB_CHANGEPASSWORD_REQUEST
{
1412 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1413 DomainName
: UNICODE_STRING
,
1414 AccountName
: UNICODE_STRING
,
1415 OldPassword
: UNICODE_STRING
,
1416 NewPassword
: UNICODE_STRING
,
1417 Impersonating
: BOOLEAN
,
1419 pub type PKERB_CHANGEPASSWORD_REQUEST
= *mut KERB_CHANGEPASSWORD_REQUEST
;
1420 STRUCT
!{struct KERB_SETPASSWORD_REQUEST
{
1421 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1423 CredentialsHandle
: SecHandle
,
1425 DomainName
: UNICODE_STRING
,
1426 AccountName
: UNICODE_STRING
,
1427 Password
: UNICODE_STRING
,
1429 pub type PKERB_SETPASSWORD_REQUEST
= *mut KERB_SETPASSWORD_REQUEST
;
1430 STRUCT
!{struct KERB_SETPASSWORD_EX_REQUEST
{
1431 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1433 CredentialsHandle
: SecHandle
,
1435 AccountRealm
: UNICODE_STRING
,
1436 AccountName
: UNICODE_STRING
,
1437 Password
: UNICODE_STRING
,
1438 ClientRealm
: UNICODE_STRING
,
1439 ClientName
: UNICODE_STRING
,
1440 Impersonating
: BOOLEAN
,
1441 KdcAddress
: UNICODE_STRING
,
1442 KdcAddressType
: ULONG
,
1444 pub type PKERB_SETPASSWORD_EX_REQUEST
= *mut KERB_SETPASSWORD_EX_REQUEST
;
1445 pub const DS_UNKNOWN_ADDRESS_TYPE
: ULONG
= 0;
1446 pub const KERB_SETPASS_USE_LOGONID
: ULONG
= 1;
1447 pub const KERB_SETPASS_USE_CREDHANDLE
: ULONG
= 2;
1448 STRUCT
!{struct KERB_DECRYPT_REQUEST
{
1449 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1454 Key
: KERB_CRYPTO_KEY
,
1455 EncryptedDataSize
: ULONG
,
1456 InitialVectorSize
: ULONG
,
1457 InitialVector
: PUCHAR
,
1458 EncryptedData
: PUCHAR
,
1460 pub type PKERB_DECRYPT_REQUEST
= *mut KERB_DECRYPT_REQUEST
;
1461 pub const KERB_DECRYPT_FLAG_DEFAULT_KEY
: ULONG
= 0x00000001;
1462 STRUCT
!{struct KERB_DECRYPT_RESPONSE
{
1463 DecryptedData
: [UCHAR
; ANYSIZE_ARRAY
],
1465 pub type PKERB_DECRYPT_RESPONSE
= *mut KERB_DECRYPT_RESPONSE
;
1466 STRUCT
!{struct KERB_ADD_BINDING_CACHE_ENTRY_REQUEST
{
1467 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1468 RealmName
: UNICODE_STRING
,
1469 KdcAddress
: UNICODE_STRING
,
1472 pub type PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST
= *mut KERB_ADD_BINDING_CACHE_ENTRY_REQUEST
;
1473 STRUCT
!{struct KERB_REFRESH_SCCRED_REQUEST
{
1474 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1475 CredentialBlob
: UNICODE_STRING
,
1479 pub type PKERB_REFRESH_SCCRED_REQUEST
= *mut KERB_REFRESH_SCCRED_REQUEST
;
1480 pub const KERB_REFRESH_SCCRED_RELEASE
: ULONG
= 0x0;
1481 pub const KERB_REFRESH_SCCRED_GETTGT
: ULONG
= 0x1;
1482 STRUCT
!{struct KERB_ADD_CREDENTIALS_REQUEST
{
1483 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1484 UserName
: UNICODE_STRING
,
1485 DomainName
: UNICODE_STRING
,
1486 Password
: UNICODE_STRING
,
1490 pub type PKERB_ADD_CREDENTIALS_REQUEST
= *mut KERB_ADD_CREDENTIALS_REQUEST
;
1491 pub const KERB_REQUEST_ADD_CREDENTIAL
: ULONG
= 1;
1492 pub const KERB_REQUEST_REPLACE_CREDENTIAL
: ULONG
= 2;
1493 pub const KERB_REQUEST_REMOVE_CREDENTIAL
: ULONG
= 4;
1494 STRUCT
!{struct KERB_ADD_CREDENTIALS_REQUEST_EX
{
1495 Credentials
: KERB_ADD_CREDENTIALS_REQUEST
,
1496 PrincipalNameCount
: ULONG
,
1497 PrincipalNames
: [UNICODE_STRING
; ANYSIZE_ARRAY
],
1499 pub type PKERB_ADD_CREDENTIALS_REQUEST_EX
= *mut KERB_ADD_CREDENTIALS_REQUEST_EX
;
1500 STRUCT
!{struct KERB_TRANSFER_CRED_REQUEST
{
1501 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1502 OriginLogonId
: LUID
,
1503 DestinationLogonId
: LUID
,
1506 pub type PKERB_TRANSFER_CRED_REQUEST
= *mut KERB_TRANSFER_CRED_REQUEST
;
1507 pub const KERB_TRANSFER_CRED_WITH_TICKETS
: ULONG
= 0x1;
1508 pub const KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS
: ULONG
= 0x2;
1509 STRUCT
!{struct KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST
{
1510 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1513 pub type PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST
=
1514 *mut KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST
;
1515 STRUCT
!{struct KERB_BINDING_CACHE_ENTRY_DATA
{
1516 DiscoveryTime
: ULONG64
,
1517 RealmName
: UNICODE_STRING
,
1518 KdcAddress
: UNICODE_STRING
,
1523 KdcName
: UNICODE_STRING
,
1525 pub type PKERB_BINDING_CACHE_ENTRY_DATA
= *mut KERB_BINDING_CACHE_ENTRY_DATA
;
1526 STRUCT
!{struct KERB_QUERY_BINDING_CACHE_RESPONSE
{
1527 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1528 CountOfEntries
: ULONG
,
1529 Entries
: PKERB_BINDING_CACHE_ENTRY_DATA
,
1531 pub type PKERB_QUERY_BINDING_CACHE_RESPONSE
= *mut KERB_QUERY_BINDING_CACHE_RESPONSE
;
1532 STRUCT
!{struct KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST
{
1533 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1534 RealmName
: UNICODE_STRING
,
1535 KdcAddress
: UNICODE_STRING
,
1539 pub type PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST
= *mut KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST
;
1540 STRUCT
!{struct KERB_QUERY_BINDING_CACHE_REQUEST
{
1541 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1543 pub type PKERB_QUERY_BINDING_CACHE_REQUEST
= *mut KERB_QUERY_BINDING_CACHE_REQUEST
;
1544 STRUCT
!{struct KERB_PURGE_BINDING_CACHE_REQUEST
{
1545 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1547 pub type PKERB_PURGE_BINDING_CACHE_REQUEST
= *mut KERB_PURGE_BINDING_CACHE_REQUEST
;
1548 STRUCT
!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST
{
1549 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1551 DomainName
: UNICODE_STRING
,
1553 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST
=
1554 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST
;
1555 STRUCT
!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE
{
1556 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1558 ExtendedPolicies
: ULONG
,
1561 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE
=
1562 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE
;
1563 ENUM
!{enum KERB_CERTIFICATE_INFO_TYPE
{
1566 pub type PKERB_CERTIFICATE_INFO_TYPE
= *mut KERB_CERTIFICATE_INFO_TYPE
;
1567 STRUCT
!{struct KERB_CERTIFICATE_HASHINFO
{
1568 StoreNameLength
: USHORT
,
1571 pub type PKERB_CERTIFICATE_HASHINFO
= *mut KERB_CERTIFICATE_HASHINFO
;
1572 STRUCT
!{struct KERB_CERTIFICATE_INFO
{
1573 CertInfoSize
: ULONG
,
1576 pub type PKERB_CERTIFICATE_INFO
= *mut KERB_CERTIFICATE_INFO
;
1577 STRUCT
!{struct POLICY_AUDIT_SID_ARRAY
{
1579 UserSidArray
: *mut PSID
,
1581 pub type PPOLICY_AUDIT_SID_ARRAY
= *mut POLICY_AUDIT_SID_ARRAY
;
1582 STRUCT
!{struct AUDIT_POLICY_INFORMATION
{
1583 AuditSubCategoryGuid
: GUID
,
1584 AuditingInformation
: ULONG
,
1585 AuditCategoryGuid
: GUID
,
1587 pub type PAUDIT_POLICY_INFORMATION
= *mut AUDIT_POLICY_INFORMATION
;
1588 pub type LPAUDIT_POLICY_INFORMATION
= PAUDIT_POLICY_INFORMATION
;
1589 pub type PCAUDIT_POLICY_INFORMATION
= *const AUDIT_POLICY_INFORMATION
;
1590 pub const AUDIT_SET_SYSTEM_POLICY
: ULONG
= 0x0001;
1591 pub const AUDIT_QUERY_SYSTEM_POLICY
: ULONG
= 0x0002;
1592 pub const AUDIT_SET_USER_POLICY
: ULONG
= 0x0004;
1593 pub const AUDIT_QUERY_USER_POLICY
: ULONG
= 0x0008;
1594 pub const AUDIT_ENUMERATE_USERS
: ULONG
= 0x0010;
1595 pub const AUDIT_SET_MISC_POLICY
: ULONG
= 0x0020;
1596 pub const AUDIT_QUERY_MISC_POLICY
: ULONG
= 0x0040;
1597 pub const AUDIT_GENERIC_ALL
: ULONG
= STANDARD_RIGHTS_REQUIRED
| AUDIT_SET_SYSTEM_POLICY
1598 | AUDIT_QUERY_SYSTEM_POLICY
| AUDIT_SET_USER_POLICY
| AUDIT_QUERY_USER_POLICY
1599 | AUDIT_ENUMERATE_USERS
| AUDIT_SET_MISC_POLICY
| AUDIT_QUERY_MISC_POLICY
;
1600 pub const AUDIT_GENERIC_READ
: ULONG
= STANDARD_RIGHTS_READ
| AUDIT_QUERY_SYSTEM_POLICY
1601 | AUDIT_QUERY_USER_POLICY
| AUDIT_ENUMERATE_USERS
| AUDIT_QUERY_MISC_POLICY
;
1602 pub const AUDIT_GENERIC_WRITE
: ULONG
= STANDARD_RIGHTS_WRITE
| AUDIT_SET_USER_POLICY
1603 | AUDIT_SET_MISC_POLICY
| AUDIT_SET_SYSTEM_POLICY
;
1604 pub const AUDIT_GENERIC_EXECUTE
: ULONG
= STANDARD_RIGHTS_EXECUTE
;
1606 pub fn AuditSetSystemPolicy(
1607 pAuditPolicy
: PCAUDIT_POLICY_INFORMATION
,
1610 pub fn AuditSetPerUserPolicy(
1612 pAuditPolicy
: PCAUDIT_POLICY_INFORMATION
,
1615 pub fn AuditQuerySystemPolicy(
1616 pSubCategoryGuids
: *const GUID
,
1618 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1620 pub fn AuditQueryPerUserPolicy(
1622 pSubCategoryGuids
: *const GUID
,
1624 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1626 pub fn AuditEnumeratePerUserPolicy(
1627 ppAuditSidArray
: *mut PPOLICY_AUDIT_SID_ARRAY
1629 pub fn AuditComputeEffectivePolicyBySid(
1631 pSubCategoryGuids
: *const GUID
,
1632 dwPolicyCount
: ULONG
,
1633 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1635 pub fn AuditComputeEffectivePolicyByToken(
1636 hTokenHandle
: HANDLE
,
1637 pSubCategoryGuids
: *const GUID
,
1638 dwPolicyCount
: ULONG
,
1639 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1641 pub fn AuditEnumerateCategories(
1642 ppAuditCategoriesArray
: *mut *mut GUID
,
1643 pdwCountReturned
: PULONG
,
1645 pub fn AuditEnumerateSubCategories(
1646 pAuditCategoryGuid
: *const GUID
,
1647 bRetrieveAllSubCategories
: BOOLEAN
,
1648 ppAuditSubCategoriesArray
: *mut *mut GUID
,
1649 pdwCountReturned
: PULONG
,
1651 pub fn AuditLookupCategoryNameW(
1652 pAuditCategoryGuid
: *const GUID
,
1653 ppszCategoryName
: *mut PWSTR
,
1655 pub fn AuditLookupCategoryNameA(
1656 pAuditCategoryGuid
: *const GUID
,
1657 ppszCategoryName
: *mut PSTR
,
1659 pub fn AuditLookupSubCategoryNameW(
1660 pAuditSubCategoryGuid
: *const GUID
,
1661 ppszSubCategoryName
: *mut PWSTR
,
1663 pub fn AuditLookupSubCategoryNameA(
1664 pAuditSubCategoryGuid
: *const GUID
,
1665 ppszSubCategoryName
: *mut PSTR
,
1667 pub fn AuditLookupCategoryIdFromCategoryGuid(
1668 pAuditCategoryGuid
: *const GUID
,
1669 pAuditCategoryId
: PPOLICY_AUDIT_EVENT_TYPE
,
1671 pub fn AuditLookupCategoryGuidFromCategoryId(
1672 AuditCategoryId
: POLICY_AUDIT_EVENT_TYPE
,
1673 pAuditCategoryGuid
: *mut GUID
,
1675 pub fn AuditSetSecurity(
1676 SecurityInformation
: SECURITY_INFORMATION
,
1677 pSecurityDescriptor
: PSECURITY_DESCRIPTOR
,
1679 pub fn AuditQuerySecurity(
1680 SecurityInformation
: SECURITY_INFORMATION
,
1681 ppSecurityDescriptor
: *mut PSECURITY_DESCRIPTOR
,
1683 pub fn AuditSetGlobalSaclW(
1684 ObjectTypeName
: PCWSTR
,
1687 pub fn AuditSetGlobalSaclA(
1688 ObjectTypeName
: PCSTR
,
1691 pub fn AuditQueryGlobalSaclW(
1692 ObjectTypeName
: PCWSTR
,
1695 pub fn AuditQueryGlobalSaclA(
1696 ObjectTypeName
: PCSTR
,
1703 STRUCT
!{struct PKU2U_CERT_BLOB
{
1707 pub type PPKU2U_CERT_BLOB
= *mut PKU2U_CERT_BLOB
;
1708 pub const PKU2U_CREDUI_CONTEXT_VERSION
: ULONG64
= 0x4154414454524543;
1709 STRUCT
!{struct PKU2U_CREDUI_CONTEXT
{
1711 cbHeaderLength
: USHORT
,
1712 cbStructureLength
: ULONG
,
1713 CertArrayCount
: USHORT
,
1714 CertArrayOffset
: ULONG
,
1716 pub type PPKU2U_CREDUI_CONTEXT
= *mut PKU2U_CREDUI_CONTEXT
;
1717 ENUM
!{enum PKU2U_LOGON_SUBMIT_TYPE
{
1718 Pku2uCertificateS4ULogon
= 14,
1720 pub type PPKU2U_LOGON_SUBMIT_TYPE
= *mut PKU2U_LOGON_SUBMIT_TYPE
;
1721 STRUCT
!{struct PKU2U_CERTIFICATE_S4U_LOGON
{
1722 MessageType
: PKU2U_LOGON_SUBMIT_TYPE
,
1724 UserPrincipalName
: UNICODE_STRING
,
1725 DomainName
: UNICODE_STRING
,
1726 CertificateLength
: ULONG
,
1727 Certificate
: PUCHAR
,
1729 pub type PPKU2U_CERTIFICATE_S4U_LOGON
= *mut PKU2U_CERTIFICATE_S4U_LOGON
;