1 // Licensed under the Apache License, Version 2.0
2 // <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
3 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
4 // All files in the project carrying such notice may not be copied, modified, or distributed
5 // except according to those terms.
6 //! This module defines the Local Security Authority APIs.
7 use shared
::basetsd
::{ULONG64, ULONG_PTR}
;
8 use shared
::guiddef
::GUID
;
9 use shared
::minwindef
::{PUCHAR, PULONG, UCHAR, ULONG, USHORT}
;
10 use shared
::ntdef
::NTSTATUS
;
11 use shared
::sspi
::SecHandle
;
13 LSA_TRUST_INFORMATION
, LSA_UNICODE_STRING
, PLSA_TRUST_INFORMATION
, PLSA_UNICODE_STRING
15 use um
::subauth
::{PUNICODE_STRING, STRING, UNICODE_STRING}
;
17 ACCESS_MASK
, ANYSIZE_ARRAY
, BOOLEAN
, HANDLE
, LARGE_INTEGER
, LONG
, LUID
, PACL
, PCSTR
, PCWSTR
,
18 PSECURITY_DESCRIPTOR
, PSID
, PSTR
, PVOID
, PWSTR
, QUOTA_LIMITS
, SECURITY_INFORMATION
, SHORT
, SID
,
19 SID_NAME_USE
, STANDARD_RIGHTS_EXECUTE
, STANDARD_RIGHTS_READ
, STANDARD_RIGHTS_REQUIRED
,
20 STANDARD_RIGHTS_WRITE
, ULONGLONG
22 DEFINE_GUID
!{Audit_System_SecurityStateChange
,
23 0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
24 DEFINE_GUID
!{Audit_System_SecuritySubsystemExtension
,
25 0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
26 DEFINE_GUID
!{Audit_System_Integrity
,
27 0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
28 DEFINE_GUID
!{Audit_System_IPSecDriverEvents
,
29 0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
30 DEFINE_GUID
!{Audit_System_Others
,
31 0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
32 DEFINE_GUID
!{Audit_Logon_Logon
,
33 0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
34 DEFINE_GUID
!{Audit_Logon_Logoff
,
35 0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
36 DEFINE_GUID
!{Audit_Logon_AccountLockout
,
37 0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
38 DEFINE_GUID
!{Audit_Logon_IPSecMainMode
,
39 0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
40 DEFINE_GUID
!{Audit_Logon_IPSecQuickMode
,
41 0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
42 DEFINE_GUID
!{Audit_Logon_IPSecUserMode
,
43 0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
44 DEFINE_GUID
!{Audit_Logon_SpecialLogon
,
45 0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
46 DEFINE_GUID
!{Audit_Logon_Others
,
47 0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
48 DEFINE_GUID
!{Audit_ObjectAccess_FileSystem
,
49 0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
50 DEFINE_GUID
!{Audit_ObjectAccess_Registry
,
51 0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
52 DEFINE_GUID
!{Audit_ObjectAccess_Kernel
,
53 0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
54 DEFINE_GUID
!{Audit_ObjectAccess_Sam
,
55 0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
56 DEFINE_GUID
!{Audit_ObjectAccess_CertificationServices
,
57 0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
58 DEFINE_GUID
!{Audit_ObjectAccess_ApplicationGenerated
,
59 0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
60 DEFINE_GUID
!{Audit_ObjectAccess_Handle
,
61 0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
62 DEFINE_GUID
!{Audit_ObjectAccess_Share
,
63 0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
64 DEFINE_GUID
!{Audit_ObjectAccess_FirewallPacketDrops
,
65 0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
66 DEFINE_GUID
!{Audit_ObjectAccess_FirewallConnection
,
67 0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
68 DEFINE_GUID
!{Audit_ObjectAccess_Other
,
69 0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
70 DEFINE_GUID
!{Audit_PrivilegeUse_Sensitive
,
71 0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
72 DEFINE_GUID
!{Audit_PrivilegeUse_NonSensitive
,
73 0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
74 DEFINE_GUID
!{Audit_PrivilegeUse_Others
,
75 0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
76 DEFINE_GUID
!{Audit_DetailedTracking_ProcessCreation
,
77 0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
78 DEFINE_GUID
!{Audit_DetailedTracking_ProcessTermination
,
79 0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
80 DEFINE_GUID
!{Audit_DetailedTracking_DpapiActivity
,
81 0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
82 DEFINE_GUID
!{Audit_DetailedTracking_RpcCall
,
83 0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
84 DEFINE_GUID
!{Audit_PolicyChange_AuditPolicy
,
85 0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
86 DEFINE_GUID
!{Audit_PolicyChange_AuthenticationPolicy
,
87 0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
88 DEFINE_GUID
!{Audit_PolicyChange_AuthorizationPolicy
,
89 0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
90 DEFINE_GUID
!{Audit_PolicyChange_MpsscvRulePolicy
,
91 0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
92 DEFINE_GUID
!{Audit_PolicyChange_WfpIPSecPolicy
,
93 0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
94 DEFINE_GUID
!{Audit_PolicyChange_Others
,
95 0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
96 DEFINE_GUID
!{Audit_AccountManagement_UserAccount
,
97 0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
98 DEFINE_GUID
!{Audit_AccountManagement_ComputerAccount
,
99 0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
100 DEFINE_GUID
!{Audit_AccountManagement_SecurityGroup
,
101 0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
102 DEFINE_GUID
!{Audit_AccountManagement_DistributionGroup
,
103 0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
104 DEFINE_GUID
!{Audit_AccountManagement_ApplicationGroup
,
105 0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
106 DEFINE_GUID
!{Audit_AccountManagement_Others
,
107 0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
108 DEFINE_GUID
!{Audit_DSAccess_DSAccess
,
109 0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
110 DEFINE_GUID
!{Audit_DsAccess_AdAuditChanges
,
111 0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
112 DEFINE_GUID
!{Audit_Ds_Replication
,
113 0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
114 DEFINE_GUID
!{Audit_Ds_DetailedReplication
,
115 0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
116 DEFINE_GUID
!{Audit_AccountLogon_CredentialValidation
,
117 0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
118 DEFINE_GUID
!{Audit_AccountLogon_Kerberos
,
119 0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
120 DEFINE_GUID
!{Audit_AccountLogon_Others
,
121 0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
122 DEFINE_GUID
!{Audit_AccountLogon_KerbCredentialValidation
,
123 0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
124 DEFINE_GUID
!{Audit_Logon_NPS
,
125 0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
126 DEFINE_GUID
!{Audit_ObjectAccess_DetailedFileShare
,
127 0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
128 DEFINE_GUID
!{Audit_ObjectAccess_RemovableStorage
,
129 0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
130 DEFINE_GUID
!{Audit_ObjectAccess_CbacStaging
,
131 0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
132 DEFINE_GUID
!{Audit_Logon_Claims
,
133 0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
134 DEFINE_GUID
!{Audit_System
,
135 0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
136 DEFINE_GUID
!{Audit_Logon
,
137 0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
138 DEFINE_GUID
!{Audit_ObjectAccess
,
139 0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
140 DEFINE_GUID
!{Audit_PrivilegeUse
,
141 0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
142 DEFINE_GUID
!{Audit_DetailedTracking
,
143 0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
144 DEFINE_GUID
!{Audit_PolicyChange
,
145 0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
146 DEFINE_GUID
!{Audit_AccountManagement
,
147 0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
148 DEFINE_GUID
!{Audit_DirectoryServiceAccess
,
149 0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
150 DEFINE_GUID
!{Audit_AccountLogon
,
151 0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
152 ENUM
!{enum POLICY_AUDIT_EVENT_TYPE
{
153 AuditCategorySystem
= 0,
155 AuditCategoryObjectAccess
,
156 AuditCategoryPrivilegeUse
,
157 AuditCategoryDetailedTracking
,
158 AuditCategoryPolicyChange
,
159 AuditCategoryAccountManagement
,
160 AuditCategoryDirectoryServiceAccess
,
161 AuditCategoryAccountLogon
,
163 pub type PPOLICY_AUDIT_EVENT_TYPE
= *mut POLICY_AUDIT_EVENT_TYPE
;
164 pub const POLICY_AUDIT_EVENT_UNCHANGED
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000000;
165 pub const POLICY_AUDIT_EVENT_SUCCESS
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000001;
166 pub const POLICY_AUDIT_EVENT_FAILURE
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000002;
167 pub const POLICY_AUDIT_EVENT_NONE
: POLICY_AUDIT_EVENT_OPTIONS
= 0x00000004;
168 pub const POLICY_AUDIT_EVENT_MASK
: POLICY_AUDIT_EVENT_OPTIONS
= POLICY_AUDIT_EVENT_SUCCESS
169 | POLICY_AUDIT_EVENT_FAILURE
| POLICY_AUDIT_EVENT_UNCHANGED
| POLICY_AUDIT_EVENT_NONE
;
170 pub const POLICY_VIEW_LOCAL_INFORMATION
: ACCESS_MASK
= 0x00000001;
171 pub const POLICY_VIEW_AUDIT_INFORMATION
: ACCESS_MASK
= 0x00000002;
172 pub const POLICY_GET_PRIVATE_INFORMATION
: ACCESS_MASK
= 0x00000004;
173 pub const POLICY_TRUST_ADMIN
: ACCESS_MASK
= 0x00000008;
174 pub const POLICY_CREATE_ACCOUNT
: ACCESS_MASK
= 0x00000010;
175 pub const POLICY_CREATE_SECRET
: ACCESS_MASK
= 0x00000020;
176 pub const POLICY_CREATE_PRIVILEGE
: ACCESS_MASK
= 0x00000040;
177 pub const POLICY_SET_DEFAULT_QUOTA_LIMITS
: ACCESS_MASK
= 0x00000080;
178 pub const POLICY_SET_AUDIT_REQUIREMENTS
: ACCESS_MASK
= 0x00000100;
179 pub const POLICY_AUDIT_LOG_ADMIN
: ACCESS_MASK
= 0x00000200;
180 pub const POLICY_SERVER_ADMIN
: ACCESS_MASK
= 0x00000400;
181 pub const POLICY_LOOKUP_NAMES
: ACCESS_MASK
= 0x00000800;
182 pub const POLICY_NOTIFICATION
: ACCESS_MASK
= 0x00001000;
183 pub const POLICY_ALL_ACCESS
: ACCESS_MASK
= STANDARD_RIGHTS_REQUIRED
184 | POLICY_VIEW_LOCAL_INFORMATION
| POLICY_VIEW_AUDIT_INFORMATION
185 | POLICY_GET_PRIVATE_INFORMATION
| POLICY_TRUST_ADMIN
| POLICY_CREATE_ACCOUNT
186 | POLICY_CREATE_SECRET
| POLICY_CREATE_PRIVILEGE
| POLICY_SET_DEFAULT_QUOTA_LIMITS
187 | POLICY_SET_AUDIT_REQUIREMENTS
| POLICY_AUDIT_LOG_ADMIN
| POLICY_SERVER_ADMIN
188 | POLICY_LOOKUP_NAMES
;
189 pub const POLICY_READ
: ACCESS_MASK
= STANDARD_RIGHTS_READ
| POLICY_VIEW_AUDIT_INFORMATION
190 | POLICY_GET_PRIVATE_INFORMATION
;
191 pub const POLICY_WRITE
: ACCESS_MASK
= STANDARD_RIGHTS_WRITE
| POLICY_TRUST_ADMIN
192 | POLICY_CREATE_ACCOUNT
| POLICY_CREATE_SECRET
| POLICY_CREATE_PRIVILEGE
193 | POLICY_SET_DEFAULT_QUOTA_LIMITS
| POLICY_SET_AUDIT_REQUIREMENTS
| POLICY_AUDIT_LOG_ADMIN
194 | POLICY_SERVER_ADMIN
;
195 pub const POLICY_EXECUTE
: ACCESS_MASK
= STANDARD_RIGHTS_EXECUTE
196 | POLICY_VIEW_LOCAL_INFORMATION
| POLICY_LOOKUP_NAMES
;
197 STRUCT
!{struct LSA_TRANSLATED_SID
{
202 pub type PLSA_TRANSLATED_SID
= *mut LSA_TRANSLATED_SID
;
203 ENUM
!{enum POLICY_LSA_SERVER_ROLE
{
204 PolicyServerRoleBackup
= 2,
205 PolicyServerRolePrimary
,
207 pub type PPOLICY_LSA_SERVER_ROLE
= *mut POLICY_LSA_SERVER_ROLE
;
208 pub type POLICY_AUDIT_EVENT_OPTIONS
= ULONG
;
209 pub type PPOLICY_AUDIT_EVENT_OPTIONS
= *mut ULONG
;
210 ENUM
!{enum POLICY_INFORMATION_CLASS
{
211 PolicyAuditLogInformation
= 1,
212 PolicyAuditEventsInformation
,
213 PolicyPrimaryDomainInformation
,
214 PolicyPdAccountInformation
,
215 PolicyAccountDomainInformation
,
216 PolicyLsaServerRoleInformation
,
217 PolicyReplicaSourceInformation
,
218 PolicyDefaultQuotaInformation
,
219 PolicyModificationInformation
,
220 PolicyAuditFullSetInformation
,
221 PolicyAuditFullQueryInformation
,
222 PolicyDnsDomainInformation
,
223 PolicyDnsDomainInformationInt
,
224 PolicyLocalAccountDomainInformation
,
227 pub type PPOLICY_INFORMATION_CLASS
= *mut POLICY_INFORMATION_CLASS
;
228 STRUCT
!{struct POLICY_AUDIT_LOG_INFO
{
229 AuditLogPercentFull
: ULONG
,
230 MaximumLogSize
: ULONG
,
231 AuditRetentionPeriod
: LARGE_INTEGER
,
232 AuditLogFullShutdownInProgress
: BOOLEAN
,
233 TimeToShutdown
: LARGE_INTEGER
,
234 NextAuditRecordId
: ULONG
,
236 pub type PPOLICY_AUDIT_LOG_INFO
= *mut POLICY_AUDIT_LOG_INFO
;
237 STRUCT
!{struct POLICY_AUDIT_EVENTS_INFO
{
238 AuditingMode
: BOOLEAN
,
239 EventAuditingOptions
: PPOLICY_AUDIT_EVENT_OPTIONS
,
240 MaximumAuditEventCount
: ULONG
,
242 pub type PPOLICY_AUDIT_EVENTS_INFO
= *mut POLICY_AUDIT_EVENTS_INFO
;
243 STRUCT
!{struct POLICY_AUDIT_SUBCATEGORIES_INFO
{
244 MaximumSubCategoryCount
: ULONG
,
245 EventAuditingOptions
: PPOLICY_AUDIT_EVENT_OPTIONS
,
247 pub type PPOLICY_AUDIT_SUBCATEGORIES_INFO
= *mut POLICY_AUDIT_SUBCATEGORIES_INFO
;
248 STRUCT
!{struct POLICY_AUDIT_CATEGORIES_INFO
{
249 MaximumSubCategoryCount
: ULONG
,
250 SubCategoriesInfo
: PPOLICY_AUDIT_SUBCATEGORIES_INFO
,
252 pub type PPOLICY_AUDIT_CATEGORIES_INFO
= *mut POLICY_AUDIT_CATEGORIES_INFO
;
253 pub const PER_USER_POLICY_UNCHANGED
: ULONG
= 0x00;
254 pub const PER_USER_AUDIT_SUCCESS_INCLUDE
: ULONG
= 0x01;
255 pub const PER_USER_AUDIT_SUCCESS_EXCLUDE
: ULONG
= 0x02;
256 pub const PER_USER_AUDIT_FAILURE_INCLUDE
: ULONG
= 0x04;
257 pub const PER_USER_AUDIT_FAILURE_EXCLUDE
: ULONG
= 0x08;
258 pub const PER_USER_AUDIT_NONE
: ULONG
= 0x10;
259 pub const VALID_PER_USER_AUDIT_POLICY_FLAG
: ULONG
= PER_USER_AUDIT_SUCCESS_INCLUDE
260 | PER_USER_AUDIT_SUCCESS_EXCLUDE
| PER_USER_AUDIT_FAILURE_INCLUDE
261 | PER_USER_AUDIT_FAILURE_EXCLUDE
| PER_USER_AUDIT_NONE
;
262 STRUCT
!{struct POLICY_PRIMARY_DOMAIN_INFO
{
263 Name
: LSA_UNICODE_STRING
,
266 pub type PPOLICY_PRIMARY_DOMAIN_INFO
= *mut POLICY_PRIMARY_DOMAIN_INFO
;
267 STRUCT
!{struct POLICY_PD_ACCOUNT_INFO
{
268 Name
: LSA_UNICODE_STRING
,
270 pub type PPOLICY_PD_ACCOUNT_INFO
= *mut POLICY_PD_ACCOUNT_INFO
;
271 STRUCT
!{struct POLICY_LSA_SERVER_ROLE_INFO
{
272 LsaServerRole
: POLICY_LSA_SERVER_ROLE
,
274 pub type PPOLICY_LSA_SERVER_ROLE_INFO
= *mut POLICY_LSA_SERVER_ROLE_INFO
;
275 STRUCT
!{struct POLICY_REPLICA_SOURCE_INFO
{
276 ReplicaSource
: LSA_UNICODE_STRING
,
277 ReplicaAccountName
: LSA_UNICODE_STRING
,
279 pub type PPOLICY_REPLICA_SOURCE_INFO
= *mut POLICY_REPLICA_SOURCE_INFO
;
280 STRUCT
!{struct POLICY_DEFAULT_QUOTA_INFO
{
281 QuotaLimits
: QUOTA_LIMITS
,
283 pub type PPOLICY_DEFAULT_QUOTA_INFO
= *mut POLICY_DEFAULT_QUOTA_INFO
;
284 STRUCT
!{struct POLICY_MODIFICATION_INFO
{
285 ModifiedId
: LARGE_INTEGER
,
286 DatabaseCreationTime
: LARGE_INTEGER
,
288 pub type PPOLICY_MODIFICATION_INFO
= *mut POLICY_MODIFICATION_INFO
;
289 STRUCT
!{struct POLICY_AUDIT_FULL_SET_INFO
{
290 ShutDownOnFull
: BOOLEAN
,
292 pub type PPOLICY_AUDIT_FULL_SET_INFO
= *mut POLICY_AUDIT_FULL_SET_INFO
;
293 STRUCT
!{struct POLICY_AUDIT_FULL_QUERY_INFO
{
294 ShutDownOnFull
: BOOLEAN
,
297 pub type PPOLICY_AUDIT_FULL_QUERY_INFO
= *mut POLICY_AUDIT_FULL_QUERY_INFO
;
298 ENUM
!{enum POLICY_DOMAIN_INFORMATION_CLASS
{
299 PolicyDomainEfsInformation
= 2,
300 PolicyDomainKerberosTicketInformation
,
302 pub type PPOLICY_DOMAIN_INFORMATION_CLASS
= *mut POLICY_DOMAIN_INFORMATION_CLASS
;
303 STRUCT
!{struct POLICY_DOMAIN_EFS_INFO
{
307 pub type PPOLICY_DOMAIN_EFS_INFO
= *mut POLICY_DOMAIN_EFS_INFO
;
308 STRUCT
!{struct POLICY_DOMAIN_KERBEROS_TICKET_INFO
{
309 AuthenticationOptions
: ULONG
,
310 MaxServiceTicketAge
: LARGE_INTEGER
,
311 MaxTicketAge
: LARGE_INTEGER
,
312 MaxRenewAge
: LARGE_INTEGER
,
313 MaxClockSkew
: LARGE_INTEGER
,
314 Reserved
: LARGE_INTEGER
,
316 pub type PPOLICY_DOMAIN_KERBEROS_TICKET_INFO
= *mut POLICY_DOMAIN_KERBEROS_TICKET_INFO
;
317 ENUM
!{enum POLICY_NOTIFICATION_INFORMATION_CLASS
{
318 PolicyNotifyAuditEventsInformation
= 1,
319 PolicyNotifyAccountDomainInformation
,
320 PolicyNotifyServerRoleInformation
,
321 PolicyNotifyDnsDomainInformation
,
322 PolicyNotifyDomainEfsInformation
,
323 PolicyNotifyDomainKerberosTicketInformation
,
324 PolicyNotifyMachineAccountPasswordInformation
,
325 PolicyNotifyGlobalSaclInformation
,
328 pub type PPOLICY_NOTIFICATION_INFORMATION_CLASS
= *mut POLICY_NOTIFICATION_INFORMATION_CLASS
;
329 pub type LSA_HANDLE
= PVOID
;
330 pub type PLSA_HANDLE
= *mut PVOID
;
331 ENUM
!{enum TRUSTED_INFORMATION_CLASS
{
332 TrustedDomainNameInformation
= 1,
333 TrustedControllersInformation
,
334 TrustedPosixOffsetInformation
,
335 TrustedPasswordInformation
,
336 TrustedDomainInformationBasic
,
337 TrustedDomainInformationEx
,
338 TrustedDomainAuthInformation
,
339 TrustedDomainFullInformation
,
340 TrustedDomainAuthInformationInternal
,
341 TrustedDomainFullInformationInternal
,
342 TrustedDomainInformationEx2Internal
,
343 TrustedDomainFullInformation2Internal
,
344 TrustedDomainSupportedEncryptionTypes
,
346 pub type PTRUSTED_INFORMATION_CLASS
= *mut TRUSTED_INFORMATION_CLASS
;
347 STRUCT
!{struct TRUSTED_DOMAIN_NAME_INFO
{
348 Name
: LSA_UNICODE_STRING
,
350 pub type PTRUSTED_DOMAIN_NAME_INFO
= *mut TRUSTED_DOMAIN_NAME_INFO
;
351 STRUCT
!{struct TRUSTED_CONTROLLERS_INFO
{
353 Names
: PLSA_UNICODE_STRING
,
355 pub type PTRUSTED_CONTROLLERS_INFO
= *mut TRUSTED_CONTROLLERS_INFO
;
356 STRUCT
!{struct TRUSTED_POSIX_OFFSET_INFO
{
359 pub type PTRUSTED_POSIX_OFFSET_INFO
= *mut TRUSTED_POSIX_OFFSET_INFO
;
360 STRUCT
!{struct TRUSTED_PASSWORD_INFO
{
361 Password
: LSA_UNICODE_STRING
,
362 OldPassword
: LSA_UNICODE_STRING
,
364 pub type PTRUSTED_PASSWORD_INFO
= *mut TRUSTED_PASSWORD_INFO
;
365 pub type TRUSTED_DOMAIN_INFORMATION_BASIC
= LSA_TRUST_INFORMATION
;
366 pub type PTRUSTED_DOMAIN_INFORMATION_BASIC
= PLSA_TRUST_INFORMATION
;
367 pub const TRUST_DIRECTION_DISABLED
: ULONG
= 0x00000000;
368 pub const TRUST_DIRECTION_INBOUND
: ULONG
= 0x00000001;
369 pub const TRUST_DIRECTION_OUTBOUND
: ULONG
= 0x00000002;
370 pub const TRUST_DIRECTION_BIDIRECTIONAL
: ULONG
= TRUST_DIRECTION_INBOUND
371 | TRUST_DIRECTION_OUTBOUND
;
372 pub const TRUST_TYPE_DOWNLEVEL
: ULONG
= 0x00000001;
373 pub const TRUST_TYPE_UPLEVEL
: ULONG
= 0x00000002;
374 pub const TRUST_TYPE_MIT
: ULONG
= 0x00000003;
375 pub const TRUST_ATTRIBUTE_NON_TRANSITIVE
: ULONG
= 0x00000001;
376 pub const TRUST_ATTRIBUTE_UPLEVEL_ONLY
: ULONG
= 0x00000002;
377 pub const TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
: ULONG
= 0x00000004;
378 pub const TRUST_ATTRIBUTE_FOREST_TRANSITIVE
: ULONG
= 0x00000008;
379 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION
: ULONG
= 0x00000010;
380 pub const TRUST_ATTRIBUTE_WITHIN_FOREST
: ULONG
= 0x00000020;
381 pub const TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
: ULONG
= 0x00000040;
382 pub const TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION
: ULONG
= 0x00000080;
383 pub const TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS
: ULONG
= 0x00000100;
384 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION
: ULONG
= 0x00000200;
385 pub const TRUST_ATTRIBUTES_VALID
: ULONG
= 0xFF03FFFF;
386 pub const TRUST_ATTRIBUTES_USER
: ULONG
= 0xFF000000;
387 STRUCT
!{struct TRUSTED_DOMAIN_INFORMATION_EX
{
388 Name
: LSA_UNICODE_STRING
,
389 FlatName
: LSA_UNICODE_STRING
,
391 TrustDirection
: ULONG
,
393 TrustAttributes
: ULONG
,
395 pub type PTRUSTED_DOMAIN_INFORMATION_EX
= *mut TRUSTED_DOMAIN_INFORMATION_EX
;
396 STRUCT
!{struct TRUSTED_DOMAIN_INFORMATION_EX2
{
397 Name
: LSA_UNICODE_STRING
,
398 FlatName
: LSA_UNICODE_STRING
,
400 TrustDirection
: ULONG
,
402 TrustAttributes
: ULONG
,
403 ForestTrustLength
: ULONG
,
404 ForestTrustInfo
: PUCHAR
,
406 pub type PTRUSTED_DOMAIN_INFORMATION_EX2
= *mut TRUSTED_DOMAIN_INFORMATION_EX2
;
407 pub const TRUST_AUTH_TYPE_NONE
: ULONG
= 0;
408 pub const TRUST_AUTH_TYPE_NT4OWF
: ULONG
= 1;
409 pub const TRUST_AUTH_TYPE_CLEAR
: ULONG
= 2;
410 pub const TRUST_AUTH_TYPE_VERSION
: ULONG
= 3;
411 STRUCT
!{struct LSA_AUTH_INFORMATION
{
412 LastUpdateTime
: LARGE_INTEGER
,
414 AuthInfoLength
: ULONG
,
417 pub type PLSA_AUTH_INFORMATION
= *mut LSA_AUTH_INFORMATION
;
418 STRUCT
!{struct TRUSTED_DOMAIN_AUTH_INFORMATION
{
419 IncomingAuthInfos
: ULONG
,
420 IncomingAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
421 IncomingPreviousAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
422 OutgoingAuthInfos
: ULONG
,
423 OutgoingAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
424 OutgoingPreviousAuthenticationInformation
: PLSA_AUTH_INFORMATION
,
426 pub type PTRUSTED_DOMAIN_AUTH_INFORMATION
= *mut TRUSTED_DOMAIN_AUTH_INFORMATION
;
427 STRUCT
!{struct TRUSTED_DOMAIN_FULL_INFORMATION
{
428 Information
: TRUSTED_DOMAIN_INFORMATION_EX
,
429 PosixOffset
: TRUSTED_POSIX_OFFSET_INFO
,
430 AuthInformation
: TRUSTED_DOMAIN_AUTH_INFORMATION
,
432 pub type PTRUSTED_DOMAIN_FULL_INFORMATION
= *mut TRUSTED_DOMAIN_FULL_INFORMATION
;
433 STRUCT
!{struct TRUSTED_DOMAIN_FULL_INFORMATION2
{
434 Information
: TRUSTED_DOMAIN_INFORMATION_EX2
,
435 PosixOffset
: TRUSTED_POSIX_OFFSET_INFO
,
436 AuthInformation
: TRUSTED_DOMAIN_AUTH_INFORMATION
,
438 pub type PTRUSTED_DOMAIN_FULL_INFORMATION2
= *mut TRUSTED_DOMAIN_FULL_INFORMATION2
;
439 STRUCT
!{struct TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES
{
440 SupportedEncryptionTypes
: ULONG
,
442 pub type PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES
=
443 *mut TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES
;
444 ENUM
!{enum LSA_FOREST_TRUST_RECORD_TYPE
{
445 ForestTrustTopLevelName
,
446 ForestTrustTopLevelNameEx
,
447 ForestTrustDomainInfo
,
448 ForestTrustRecordTypeLast
, // = ForestTrustDomainInfo,
450 pub const LSA_FTRECORD_DISABLED_REASONS
: ULONG
= 0x0000FFFF;
451 pub const LSA_TLN_DISABLED_NEW
: ULONG
= 0x00000001;
452 pub const LSA_TLN_DISABLED_ADMIN
: ULONG
= 0x00000002;
453 pub const LSA_TLN_DISABLED_CONFLICT
: ULONG
= 0x00000004;
454 pub const LSA_SID_DISABLED_ADMIN
: ULONG
= 0x00000001;
455 pub const LSA_SID_DISABLED_CONFLICT
: ULONG
= 0x00000002;
456 pub const LSA_NB_DISABLED_ADMIN
: ULONG
= 0x00000004;
457 pub const LSA_NB_DISABLED_CONFLICT
: ULONG
= 0x00000008;
458 STRUCT
!{struct LSA_FOREST_TRUST_DOMAIN_INFO
{
460 DnsName
: LSA_UNICODE_STRING
,
461 NetbiosName
: LSA_UNICODE_STRING
,
463 pub type PLSA_FOREST_TRUST_DOMAIN_INFO
= *mut LSA_FOREST_TRUST_DOMAIN_INFO
;
464 pub const MAX_FOREST_TRUST_BINARY_DATA_SIZE
: ULONG
= 128 * 1024;
465 STRUCT
!{struct LSA_FOREST_TRUST_BINARY_DATA
{
469 pub type PLSA_FOREST_TRUST_BINARY_DATA
= *mut LSA_FOREST_TRUST_BINARY_DATA
;
470 UNION
!{union LSA_FOREST_TRUST_RECORD_ForestTrustData
{
472 TopLevelName TopLevelName_mut
: LSA_UNICODE_STRING
,
473 DomainInfo DomainInfo_mut
: LSA_FOREST_TRUST_DOMAIN_INFO
,
474 Data Data_mut
: LSA_FOREST_TRUST_BINARY_DATA
,
476 STRUCT
!{struct LSA_FOREST_TRUST_RECORD
{
478 ForestTrustType
: LSA_FOREST_TRUST_RECORD_TYPE
,
480 ForestTrustData
: LSA_FOREST_TRUST_RECORD_ForestTrustData
,
482 pub type PLSA_FOREST_TRUST_RECORD
= *mut LSA_FOREST_TRUST_RECORD
;
483 pub const MAX_RECORDS_IN_FOREST_TRUST_INFO
: ULONG
= 4000;
484 STRUCT
!{struct LSA_FOREST_TRUST_INFORMATION
{
486 Entries
: *mut PLSA_FOREST_TRUST_RECORD
,
488 pub type PLSA_FOREST_TRUST_INFORMATION
= *mut LSA_FOREST_TRUST_INFORMATION
;
489 ENUM
!{enum LSA_FOREST_TRUST_COLLISION_RECORD_TYPE
{
494 STRUCT
!{struct LSA_FOREST_TRUST_COLLISION_RECORD
{
496 Type
: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE
,
498 Name
: LSA_UNICODE_STRING
,
500 pub type PLSA_FOREST_TRUST_COLLISION_RECORD
= *mut LSA_FOREST_TRUST_COLLISION_RECORD
;
501 STRUCT
!{struct LSA_FOREST_TRUST_COLLISION_INFORMATION
{
503 Entries
: *mut PLSA_FOREST_TRUST_COLLISION_RECORD
,
505 pub type PLSA_FOREST_TRUST_COLLISION_INFORMATION
= *mut LSA_FOREST_TRUST_COLLISION_INFORMATION
;
506 pub type LSA_ENUMERATION_HANDLE
= ULONG
;
507 pub type PLSA_ENUMERATION_HANDLE
= *mut ULONG
;
508 STRUCT
!{struct LSA_ENUMERATION_INFORMATION
{
511 pub type PLSA_ENUMERATION_INFORMATION
= *mut LSA_ENUMERATION_INFORMATION
;
512 STRUCT
!{struct LSA_LAST_INTER_LOGON_INFO
{
513 LastSuccessfulLogon
: LARGE_INTEGER
,
514 LastFailedLogon
: LARGE_INTEGER
,
515 FailedAttemptCountSinceLastSuccessfulLogon
: ULONG
,
517 pub type PLSA_LAST_INTER_LOGON_INFO
= *mut LSA_LAST_INTER_LOGON_INFO
;
518 STRUCT
!{struct SECURITY_LOGON_SESSION_DATA
{
521 UserName
: LSA_UNICODE_STRING
,
522 LogonDomain
: LSA_UNICODE_STRING
,
523 AuthenticationPackage
: LSA_UNICODE_STRING
,
527 LogonTime
: LARGE_INTEGER
,
528 LogonServer
: LSA_UNICODE_STRING
,
529 DnsDomainName
: LSA_UNICODE_STRING
,
530 Upn
: LSA_UNICODE_STRING
,
532 LastLogonInfo
: LSA_LAST_INTER_LOGON_INFO
,
533 LogonScript
: LSA_UNICODE_STRING
,
534 ProfilePath
: LSA_UNICODE_STRING
,
535 HomeDirectory
: LSA_UNICODE_STRING
,
536 HomeDirectoryDrive
: LSA_UNICODE_STRING
,
537 LogoffTime
: LARGE_INTEGER
,
538 KickOffTime
: LARGE_INTEGER
,
539 PasswordLastSet
: LARGE_INTEGER
,
540 PasswordCanChange
: LARGE_INTEGER
,
541 PasswordMustChange
: LARGE_INTEGER
,
543 pub type PSECURITY_LOGON_SESSION_DATA
= *mut SECURITY_LOGON_SESSION_DATA
;
544 pub const CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
: ULONG
= 0x00000001;
545 pub const CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
: ULONG
= 0x00000100;
546 pub const CENTRAL_ACCESS_POLICY_STAGED_FLAG
: ULONG
= 0x00010000;
547 pub const CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK
: ULONG
=
548 CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
549 | CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
550 | CENTRAL_ACCESS_POLICY_STAGED_FLAG
;
551 pub const LSASETCAPS_RELOAD_FLAG
: ULONG
= 0x00000001;
552 pub const LSASETCAPS_VALID_FLAG_MASK
: ULONG
= LSASETCAPS_RELOAD_FLAG
;
553 STRUCT
!{struct CENTRAL_ACCESS_POLICY_ENTRY
{
554 Name
: LSA_UNICODE_STRING
,
555 Description
: LSA_UNICODE_STRING
,
556 ChangeId
: LSA_UNICODE_STRING
,
557 LengthAppliesTo
: ULONG
,
560 SD
: PSECURITY_DESCRIPTOR
,
561 LengthStagedSD
: ULONG
,
562 StagedSD
: PSECURITY_DESCRIPTOR
,
565 pub type PCENTRAL_ACCESS_POLICY_ENTRY
= *mut CENTRAL_ACCESS_POLICY_ENTRY
;
566 pub type PCCENTRAL_ACCESS_POLICY_ENTRY
= *const CENTRAL_ACCESS_POLICY_ENTRY
;
567 STRUCT
!{struct CENTRAL_ACCESS_POLICY
{
569 Name
: LSA_UNICODE_STRING
,
570 Description
: LSA_UNICODE_STRING
,
571 ChangeId
: LSA_UNICODE_STRING
,
574 CAPEs
: *mut PCENTRAL_ACCESS_POLICY_ENTRY
,
576 pub type PCENTRAL_ACCESS_POLICY
= *mut CENTRAL_ACCESS_POLICY
;
577 pub type PCCENTRAL_ACCESS_POLICY
= *const CENTRAL_ACCESS_POLICY
;
578 ENUM
!{enum NEGOTIATE_MESSAGES
{
579 NegEnumPackagePrefixes
= 0,
580 NegGetCallerName
= 1,
581 NegTransferCredentials
= 2,
584 pub const NEGOTIATE_MAX_PREFIX
: usize = 32;
585 STRUCT
!{struct NEGOTIATE_PACKAGE_PREFIX
{
586 PackageId
: ULONG_PTR
,
589 PrefixLen
: ULONG_PTR
,
590 Prefix
: [UCHAR
; NEGOTIATE_MAX_PREFIX
],
592 pub type PNEGOTIATE_PACKAGE_PREFIX
= *mut NEGOTIATE_PACKAGE_PREFIX
;
593 STRUCT
!{struct NEGOTIATE_PACKAGE_PREFIXES
{
599 pub type PNEGOTIATE_PACKAGE_PREFIXES
= *mut NEGOTIATE_PACKAGE_PREFIXES
;
600 STRUCT
!{struct NEGOTIATE_CALLER_NAME_REQUEST
{
604 pub type PNEGOTIATE_CALLER_NAME_REQUEST
= *mut NEGOTIATE_CALLER_NAME_REQUEST
;
605 STRUCT
!{struct NEGOTIATE_CALLER_NAME_RESPONSE
{
609 pub type PNEGOTIATE_CALLER_NAME_RESPONSE
= *mut NEGOTIATE_CALLER_NAME_RESPONSE
;
610 STRUCT
!{struct DOMAIN_PASSWORD_INFORMATION
{
611 MinPasswordLength
: USHORT
,
612 PasswordHistoryLength
: USHORT
,
613 PasswordProperties
: ULONG
,
614 MaxPasswordAge
: LARGE_INTEGER
,
615 MinPasswordAge
: LARGE_INTEGER
,
617 pub type PDOMAIN_PASSWORD_INFORMATION
= *mut DOMAIN_PASSWORD_INFORMATION
;
618 pub const DOMAIN_PASSWORD_COMPLEX
: ULONG
= 0x00000001;
619 pub const DOMAIN_PASSWORD_NO_ANON_CHANGE
: ULONG
= 0x00000002;
620 pub const DOMAIN_PASSWORD_NO_CLEAR_CHANGE
: ULONG
= 0x00000004;
621 pub const DOMAIN_LOCKOUT_ADMINS
: ULONG
= 0x00000008;
622 pub const DOMAIN_PASSWORD_STORE_CLEARTEXT
: ULONG
= 0x00000010;
623 pub const DOMAIN_REFUSE_PASSWORD_CHANGE
: ULONG
= 0x00000020;
624 pub const DOMAIN_NO_LM_OWF_CHANGE
: ULONG
= 0x00000040;
625 FN
!{stdcall
PSAM_PASSWORD_NOTIFICATION_ROUTINE(
626 UserName
: PUNICODE_STRING
,
628 NewPassword
: PUNICODE_STRING
,
630 FN
!{stdcall PSAM_INIT_NOTIFICATION_ROUTINE() -> BOOLEAN}
631 FN
!{stdcall
PSAM_PASSWORD_FILTER_ROUTINE(
632 AccountName
: PUNICODE_STRING
,
633 FullName
: PUNICODE_STRING
,
634 Password
: PUNICODE_STRING
,
635 SetOperation
: BOOLEAN
,
637 ENUM
!{enum MSV1_0_LOGON_SUBMIT_TYPE
{
638 MsV1_0InteractiveLogon
= 2,
642 MsV1_0WorkstationUnlockLogon
= 7,
644 MsV1_0VirtualLogon
= 82,
645 MsV1_0NoElevationLogon
= 83,
646 MsV1_0LuidLogon
= 84,
648 pub type PMSV1_0_LOGON_SUBMIT_TYPE
= *mut MSV1_0_LOGON_SUBMIT_TYPE
;
649 ENUM
!{enum MSV1_0_PROFILE_BUFFER_TYPE
{
650 MsV1_0InteractiveProfile
= 2,
651 MsV1_0Lm20LogonProfile
,
652 MsV1_0SmartCardProfile
,
654 pub type PMSV1_0_PROFILE_BUFFER_TYPE
= *mut MSV1_0_PROFILE_BUFFER_TYPE
;
655 STRUCT
!{struct MSV1_0_INTERACTIVE_LOGON
{
656 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
657 LogonDomainName
: UNICODE_STRING
,
658 UserName
: UNICODE_STRING
,
659 Password
: UNICODE_STRING
,
661 pub type PMSV1_0_INTERACTIVE_LOGON
= *mut MSV1_0_INTERACTIVE_LOGON
;
662 STRUCT
!{struct MSV1_0_INTERACTIVE_PROFILE
{
663 MessageType
: MSV1_0_PROFILE_BUFFER_TYPE
,
665 BadPasswordCount
: USHORT
,
666 LogonTime
: LARGE_INTEGER
,
667 LogoffTime
: LARGE_INTEGER
,
668 KickOffTime
: LARGE_INTEGER
,
669 PasswordLastSet
: LARGE_INTEGER
,
670 PasswordCanChange
: LARGE_INTEGER
,
671 PasswordMustChange
: LARGE_INTEGER
,
672 LogonScript
: UNICODE_STRING
,
673 HomeDirectory
: UNICODE_STRING
,
674 FullName
: UNICODE_STRING
,
675 ProfilePath
: UNICODE_STRING
,
676 HomeDirectoryDrive
: UNICODE_STRING
,
677 LogonServer
: UNICODE_STRING
,
680 pub type PMSV1_0_INTERACTIVE_PROFILE
= *mut MSV1_0_INTERACTIVE_PROFILE
;
681 pub const MSV1_0_CHALLENGE_LENGTH
: usize = 8;
682 pub const MSV1_0_USER_SESSION_KEY_LENGTH
: usize = 16;
683 pub const MSV1_0_LANMAN_SESSION_KEY_LENGTH
: usize = 8;
684 pub const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED
: ULONG
= 0x02;
685 pub const MSV1_0_UPDATE_LOGON_STATISTICS
: ULONG
= 0x04;
686 pub const MSV1_0_RETURN_USER_PARAMETERS
: ULONG
= 0x08;
687 pub const MSV1_0_DONT_TRY_GUEST_ACCOUNT
: ULONG
= 0x10;
688 pub const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
: ULONG
= 0x20;
689 pub const MSV1_0_RETURN_PASSWORD_EXPIRY
: ULONG
= 0x40;
690 pub const MSV1_0_USE_CLIENT_CHALLENGE
: ULONG
= 0x80;
691 pub const MSV1_0_TRY_GUEST_ACCOUNT_ONLY
: ULONG
= 0x100;
692 pub const MSV1_0_RETURN_PROFILE_PATH
: ULONG
= 0x200;
693 pub const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY
: ULONG
= 0x400;
694 pub const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT
: ULONG
= 0x800;
695 pub const MSV1_0_DISABLE_PERSONAL_FALLBACK
: ULONG
= 0x00001000;
696 pub const MSV1_0_ALLOW_FORCE_GUEST
: ULONG
= 0x00002000;
697 pub const MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED
: ULONG
= 0x00004000;
698 pub const MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY
: ULONG
= 0x00008000;
699 pub const MSV1_0_SUBAUTHENTICATION_DLL_EX
: ULONG
= 0x00100000;
700 pub const MSV1_0_ALLOW_MSVCHAPV2
: ULONG
= 0x00010000;
701 pub const MSV1_0_S4U2SELF
: ULONG
= 0x00020000;
702 pub const MSV1_0_CHECK_LOGONHOURS_FOR_S4U
: ULONG
= 0x00040000;
703 pub const MSV1_0_INTERNET_DOMAIN
: ULONG
= 0x00080000;
704 pub const MSV1_0_SUBAUTHENTICATION_DLL
: ULONG
= 0xFF000000;
705 pub const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT
: ULONG
= 24;
706 pub const MSV1_0_MNS_LOGON
: ULONG
= 0x01000000;
707 pub const MSV1_0_SUBAUTHENTICATION_DLL_RAS
: ULONG
= 2;
708 pub const MSV1_0_SUBAUTHENTICATION_DLL_IIS
: ULONG
= 132;
709 STRUCT
!{struct MSV1_0_LM20_LOGON
{
710 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
711 LogonDomainName
: UNICODE_STRING
,
712 UserName
: UNICODE_STRING
,
713 Workstation
: UNICODE_STRING
,
714 ChallengeToClient
: [UCHAR
; MSV1_0_CHALLENGE_LENGTH
],
715 CaseSensitiveChallengeResponse
: STRING
,
716 CaseInsensitiveChallengeResponse
: STRING
,
717 ParameterControl
: ULONG
,
719 pub type PMSV1_0_LM20_LOGON
= *mut MSV1_0_LM20_LOGON
;
720 STRUCT
!{struct MSV1_0_SUBAUTH_LOGON
{
721 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
722 LogonDomainName
: UNICODE_STRING
,
723 UserName
: UNICODE_STRING
,
724 Workstation
: UNICODE_STRING
,
725 ChallengeToClient
: [UCHAR
; MSV1_0_CHALLENGE_LENGTH
],
726 AuthenticationInfo1
: STRING
,
727 AuthenticationInfo2
: STRING
,
728 ParameterControl
: ULONG
,
729 SubAuthPackageId
: ULONG
,
731 pub type PMSV1_0_SUBAUTH_LOGON
= *mut MSV1_0_SUBAUTH_LOGON
;
732 STRUCT
!{struct MSV1_0_S4U_LOGON
{
733 MessageType
: MSV1_0_LOGON_SUBMIT_TYPE
,
734 MSV1_0_LOGON_SUBMIT_TYPE
: ULONG
,
735 UserPrincipalName
: UNICODE_STRING
,
736 DomainName
: UNICODE_STRING
,
738 pub type PMSV1_0_S4U_LOGON
= *mut MSV1_0_S4U_LOGON
;
739 pub const LOGON_GUEST
: ULONG
= 0x01;
740 pub const LOGON_NOENCRYPTION
: ULONG
= 0x02;
741 pub const LOGON_CACHED_ACCOUNT
: ULONG
= 0x04;
742 pub const LOGON_USED_LM_PASSWORD
: ULONG
= 0x08;
743 pub const LOGON_EXTRA_SIDS
: ULONG
= 0x20;
744 pub const LOGON_SUBAUTH_SESSION_KEY
: ULONG
= 0x40;
745 pub const LOGON_SERVER_TRUST_ACCOUNT
: ULONG
= 0x80;
746 pub const LOGON_NTLMV2_ENABLED
: ULONG
= 0x100;
747 pub const LOGON_RESOURCE_GROUPS
: ULONG
= 0x200;
748 pub const LOGON_PROFILE_PATH_RETURNED
: ULONG
= 0x400;
749 pub const LOGON_NT_V2
: ULONG
= 0x800;
750 pub const LOGON_LM_V2
: ULONG
= 0x1000;
751 pub const LOGON_NTLM_V2
: ULONG
= 0x2000;
752 pub const LOGON_OPTIMIZED
: ULONG
= 0x4000;
753 pub const LOGON_WINLOGON
: ULONG
= 0x8000;
754 pub const LOGON_PKINIT
: ULONG
= 0x10000;
755 pub const LOGON_NO_OPTIMIZED
: ULONG
= 0x20000;
756 pub const LOGON_NO_ELEVATION
: ULONG
= 0x40000;
757 pub const LOGON_MANAGED_SERVICE
: ULONG
= 0x80000;
758 pub const LOGON_GRACE_LOGON
: ULONG
= 0x01000000;
759 STRUCT
!{struct MSV1_0_LM20_LOGON_PROFILE
{
760 MessageType
: MSV1_0_PROFILE_BUFFER_TYPE
,
761 KickOffTime
: LARGE_INTEGER
,
762 LogoffTime
: LARGE_INTEGER
,
764 UserSessionKey
: [UCHAR
; MSV1_0_USER_SESSION_KEY_LENGTH
],
765 LogonDomainName
: UNICODE_STRING
,
766 LanmanSessionKey
: [UCHAR
; MSV1_0_LANMAN_SESSION_KEY_LENGTH
],
767 LogonServer
: UNICODE_STRING
,
768 UserParameters
: UNICODE_STRING
,
770 pub type PMSV1_0_LM20_LOGON_PROFILE
= *mut MSV1_0_LM20_LOGON_PROFILE
;
771 pub const MSV1_0_OWF_PASSWORD_LENGTH
: usize = 16;
772 STRUCT
!{struct MSV1_0_SUPPLEMENTAL_CREDENTIAL
{
775 LmPassword
: [UCHAR
; MSV1_0_OWF_PASSWORD_LENGTH
],
776 NtPassword
: [UCHAR
; MSV1_0_OWF_PASSWORD_LENGTH
],
778 pub type PMSV1_0_SUPPLEMENTAL_CREDENTIAL
= *mut MSV1_0_SUPPLEMENTAL_CREDENTIAL
;
779 pub const MSV1_0_NTLM3_RESPONSE_LENGTH
: usize = 16;
780 pub const MSV1_0_NTLM3_OWF_LENGTH
: usize = 16;
781 STRUCT
!{struct MSV1_0_NTLM3_RESPONSE
{
782 Response
: [UCHAR
; MSV1_0_NTLM3_RESPONSE_LENGTH
],
787 TimeStamp
: ULONGLONG
,
788 ChallengeFromClient
: [UCHAR
; MSV1_0_CHALLENGE_LENGTH
],
792 pub type PMSV1_0_NTLM3_RESPONSE
= *mut MSV1_0_NTLM3_RESPONSE
;
793 ENUM
!{enum MSV1_0_AVID
{
797 MsvAvDnsComputerName
,
804 MsvAvChannelBindings
,
806 STRUCT
!{struct MSV1_0_AV_PAIR
{
810 pub type PMSV1_0_AV_PAIR
= *mut MSV1_0_AV_PAIR
;
811 ENUM
!{enum MSV1_0_PROTOCOL_MESSAGE_TYPE
{
812 MsV1_0Lm20ChallengeRequest
= 0,
813 MsV1_0Lm20GetChallengeResponse
,
814 MsV1_0EnumerateUsers
,
817 MsV1_0ChangePassword
,
818 MsV1_0ChangeCachedPassword
,
819 MsV1_0GenericPassthrough
,
822 MsV1_0DeriveCredential
,
824 MsV1_0SetProcessOption
,
825 MsV1_0ConfigLocalAliases
,
826 MsV1_0ClearCachedCredentials
,
830 MsV1_0GetCredentialKey
,
831 MsV1_0SetThreadOption
,
833 pub type PMSV1_0_PROTOCOL_MESSAGE_TYPE
= *mut MSV1_0_PROTOCOL_MESSAGE_TYPE
;
834 STRUCT
!{struct MSV1_0_CHANGEPASSWORD_REQUEST
{
835 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
836 DomainName
: UNICODE_STRING
,
837 AccountName
: UNICODE_STRING
,
838 OldPassword
: UNICODE_STRING
,
839 NewPassword
: UNICODE_STRING
,
840 Impersonating
: BOOLEAN
,
842 pub type PMSV1_0_CHANGEPASSWORD_REQUEST
= *mut MSV1_0_CHANGEPASSWORD_REQUEST
;
843 STRUCT
!{struct MSV1_0_CHANGEPASSWORD_RESPONSE
{
844 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
845 PasswordInfoValid
: BOOLEAN
,
846 DomainPasswordInfo
: DOMAIN_PASSWORD_INFORMATION
,
848 pub type PMSV1_0_CHANGEPASSWORD_RESPONSE
= *mut MSV1_0_CHANGEPASSWORD_RESPONSE
;
849 STRUCT
!{struct MSV1_0_PASSTHROUGH_REQUEST
{
850 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
851 DomainName
: UNICODE_STRING
,
852 PackageName
: UNICODE_STRING
,
857 pub type PMSV1_0_PASSTHROUGH_REQUEST
= *mut MSV1_0_PASSTHROUGH_REQUEST
;
858 STRUCT
!{struct MSV1_0_PASSTHROUGH_RESPONSE
{
859 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
862 ValidationData
: PUCHAR
,
864 pub type PMSV1_0_PASSTHROUGH_RESPONSE
= *mut MSV1_0_PASSTHROUGH_RESPONSE
;
865 STRUCT
!{struct MSV1_0_SUBAUTH_REQUEST
{
866 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
867 SubAuthPackageId
: ULONG
,
868 SubAuthInfoLength
: ULONG
,
869 SubAuthSubmitBuffer
: PUCHAR
,
871 pub type PMSV1_0_SUBAUTH_REQUEST
= *mut MSV1_0_SUBAUTH_REQUEST
;
872 STRUCT
!{struct MSV1_0_SUBAUTH_RESPONSE
{
873 MessageType
: MSV1_0_PROTOCOL_MESSAGE_TYPE
,
874 SubAuthInfoLength
: ULONG
,
875 SubAuthReturnBuffer
: PUCHAR
,
877 pub type PMSV1_0_SUBAUTH_RESPONSE
= *mut MSV1_0_SUBAUTH_RESPONSE
;
878 pub use self::SystemFunction036
as RtlGenRandom
;
879 pub use self::SystemFunction040
as RtlEncryptMemory
;
880 pub use self::SystemFunction041
as RtlDecryptMemory
;
882 pub fn SystemFunction036(
884 RandomBufferLength
: ULONG
,
887 pub const RTL_ENCRYPT_MEMORY_SIZE
: ULONG
= 8;
888 pub const RTL_ENCRYPT_OPTION_CROSS_PROCESS
: ULONG
= 0x01;
889 pub const RTL_ENCRYPT_OPTION_SAME_LOGON
: ULONG
= 0x02;
891 pub fn SystemFunction040(
896 pub fn SystemFunction041(
902 pub const KERBEROS_VERSION
: ULONG
= 5;
903 pub const KERBEROS_REVISION
: ULONG
= 6;
904 pub const KERB_ETYPE_NULL
: LONG
= 0;
905 pub const KERB_ETYPE_DES_CBC_CRC
: LONG
= 1;
906 pub const KERB_ETYPE_DES_CBC_MD4
: LONG
= 2;
907 pub const KERB_ETYPE_DES_CBC_MD5
: LONG
= 3;
908 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96
: LONG
= 17;
909 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96
: LONG
= 18;
910 pub const KERB_ETYPE_RC4_MD4
: LONG
= -128;
911 pub const KERB_ETYPE_RC4_PLAIN2
: LONG
= -129;
912 pub const KERB_ETYPE_RC4_LM
: LONG
= -130;
913 pub const KERB_ETYPE_RC4_SHA
: LONG
= -131;
914 pub const KERB_ETYPE_DES_PLAIN
: LONG
= -132;
915 pub const KERB_ETYPE_RC4_HMAC_OLD
: LONG
= -133;
916 pub const KERB_ETYPE_RC4_PLAIN_OLD
: LONG
= -134;
917 pub const KERB_ETYPE_RC4_HMAC_OLD_EXP
: LONG
= -135;
918 pub const KERB_ETYPE_RC4_PLAIN_OLD_EXP
: LONG
= -136;
919 pub const KERB_ETYPE_RC4_PLAIN
: LONG
= -140;
920 pub const KERB_ETYPE_RC4_PLAIN_EXP
: LONG
= -141;
921 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN
: LONG
= -148;
922 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN
: LONG
= -149;
923 pub const KERB_ETYPE_DSA_SHA1_CMS
: LONG
= 9;
924 pub const KERB_ETYPE_RSA_MD5_CMS
: LONG
= 10;
925 pub const KERB_ETYPE_RSA_SHA1_CMS
: LONG
= 11;
926 pub const KERB_ETYPE_RC2_CBC_ENV
: LONG
= 12;
927 pub const KERB_ETYPE_RSA_ENV
: LONG
= 13;
928 pub const KERB_ETYPE_RSA_ES_OEAP_ENV
: LONG
= 14;
929 pub const KERB_ETYPE_DES_EDE3_CBC_ENV
: LONG
= 15;
930 pub const KERB_ETYPE_DSA_SIGN
: LONG
= 8;
931 pub const KERB_ETYPE_RSA_PRIV
: LONG
= 9;
932 pub const KERB_ETYPE_RSA_PUB
: LONG
= 10;
933 pub const KERB_ETYPE_RSA_PUB_MD5
: LONG
= 11;
934 pub const KERB_ETYPE_RSA_PUB_SHA1
: LONG
= 12;
935 pub const KERB_ETYPE_PKCS7_PUB
: LONG
= 13;
936 pub const KERB_ETYPE_DES3_CBC_MD5
: LONG
= 5;
937 pub const KERB_ETYPE_DES3_CBC_SHA1
: LONG
= 7;
938 pub const KERB_ETYPE_DES3_CBC_SHA1_KD
: LONG
= 16;
939 pub const KERB_ETYPE_DES_CBC_MD5_NT
: LONG
= 20;
940 pub const KERB_ETYPE_RC4_HMAC_NT
: LONG
= 23;
941 pub const KERB_ETYPE_RC4_HMAC_NT_EXP
: LONG
= 24;
942 pub const KERB_CHECKSUM_NONE
: LONG
= 0;
943 pub const KERB_CHECKSUM_CRC32
: LONG
= 1;
944 pub const KERB_CHECKSUM_MD4
: LONG
= 2;
945 pub const KERB_CHECKSUM_KRB_DES_MAC
: LONG
= 4;
946 pub const KERB_CHECKSUM_KRB_DES_MAC_K
: LONG
= 5;
947 pub const KERB_CHECKSUM_MD5
: LONG
= 7;
948 pub const KERB_CHECKSUM_MD5_DES
: LONG
= 8;
949 pub const KERB_CHECKSUM_SHA1_NEW
: LONG
= 14;
950 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128
: LONG
= 15;
951 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256
: LONG
= 16;
952 pub const KERB_CHECKSUM_LM
: LONG
= -130;
953 pub const KERB_CHECKSUM_SHA1
: LONG
= -131;
954 pub const KERB_CHECKSUM_REAL_CRC32
: LONG
= -132;
955 pub const KERB_CHECKSUM_DES_MAC
: LONG
= -133;
956 pub const KERB_CHECKSUM_DES_MAC_MD5
: LONG
= -134;
957 pub const KERB_CHECKSUM_MD25
: LONG
= -135;
958 pub const KERB_CHECKSUM_RC4_MD5
: LONG
= -136;
959 pub const KERB_CHECKSUM_MD5_HMAC
: LONG
= -137;
960 pub const KERB_CHECKSUM_HMAC_MD5
: LONG
= -138;
961 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki
: LONG
= -150;
962 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki
: LONG
= -151;
963 pub const KERB_TICKET_FLAGS_reserved
: ULONG
= 0x80000000;
964 pub const KERB_TICKET_FLAGS_forwardable
: ULONG
= 0x40000000;
965 pub const KERB_TICKET_FLAGS_forwarded
: ULONG
= 0x20000000;
966 pub const KERB_TICKET_FLAGS_proxiable
: ULONG
= 0x10000000;
967 pub const KERB_TICKET_FLAGS_proxy
: ULONG
= 0x08000000;
968 pub const KERB_TICKET_FLAGS_may_postdate
: ULONG
= 0x04000000;
969 pub const KERB_TICKET_FLAGS_postdated
: ULONG
= 0x02000000;
970 pub const KERB_TICKET_FLAGS_invalid
: ULONG
= 0x01000000;
971 pub const KERB_TICKET_FLAGS_renewable
: ULONG
= 0x00800000;
972 pub const KERB_TICKET_FLAGS_initial
: ULONG
= 0x00400000;
973 pub const KERB_TICKET_FLAGS_pre_authent
: ULONG
= 0x00200000;
974 pub const KERB_TICKET_FLAGS_hw_authent
: ULONG
= 0x00100000;
975 pub const KERB_TICKET_FLAGS_ok_as_delegate
: ULONG
= 0x00040000;
976 pub const KERB_TICKET_FLAGS_name_canonicalize
: ULONG
= 0x00010000;
977 pub const KERB_TICKET_FLAGS_cname_in_pa_data
: ULONG
= 0x00040000;
978 pub const KERB_TICKET_FLAGS_enc_pa_rep
: ULONG
= 0x00010000;
979 pub const KERB_TICKET_FLAGS_reserved1
: ULONG
= 0x00000001;
980 pub const KRB_NT_UNKNOWN
: LONG
= 0;
981 pub const KRB_NT_PRINCIPAL
: LONG
= 1;
982 pub const KRB_NT_PRINCIPAL_AND_ID
: LONG
= -131;
983 pub const KRB_NT_SRV_INST
: LONG
= 2;
984 pub const KRB_NT_SRV_INST_AND_ID
: LONG
= -132;
985 pub const KRB_NT_SRV_HST
: LONG
= 3;
986 pub const KRB_NT_SRV_XHST
: LONG
= 4;
987 pub const KRB_NT_UID
: LONG
= 5;
988 pub const KRB_NT_ENTERPRISE_PRINCIPAL
: LONG
= 10;
989 pub const KRB_NT_WELLKNOWN
: LONG
= 11;
990 pub const KRB_NT_ENT_PRINCIPAL_AND_ID
: LONG
= -130;
991 pub const KRB_NT_MS_PRINCIPAL
: LONG
= -128;
992 pub const KRB_NT_MS_PRINCIPAL_AND_ID
: LONG
= -129;
993 pub const KRB_NT_MS_BRANCH_ID
: LONG
= -133;
994 pub const KRB_NT_X500_PRINCIPAL
: LONG
= 6;
995 pub const KERB_WRAP_NO_ENCRYPT
: ULONG
= 0x80000001;
996 ENUM
!{enum KERB_LOGON_SUBMIT_TYPE
{
997 KerbInteractiveLogon
= 2,
998 KerbSmartCardLogon
= 6,
999 KerbWorkstationUnlockLogon
= 7,
1000 KerbSmartCardUnlockLogon
= 8,
1002 KerbTicketLogon
= 10,
1003 KerbTicketUnlockLogon
= 11,
1005 KerbCertificateLogon
= 13,
1006 KerbCertificateS4ULogon
= 14,
1007 KerbCertificateUnlockLogon
= 15,
1008 KerbNoElevationLogon
= 83,
1011 pub type PKERB_LOGON_SUBMIT_TYPE
= *mut KERB_LOGON_SUBMIT_TYPE
;
1012 STRUCT
!{struct KERB_INTERACTIVE_LOGON
{
1013 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1014 LogonDomainName
: UNICODE_STRING
,
1015 UserName
: UNICODE_STRING
,
1016 Password
: UNICODE_STRING
,
1018 pub type PKERB_INTERACTIVE_LOGON
= *mut KERB_INTERACTIVE_LOGON
;
1019 STRUCT
!{struct KERB_INTERACTIVE_UNLOCK_LOGON
{
1020 Logon
: KERB_INTERACTIVE_LOGON
,
1023 pub type PKERB_INTERACTIVE_UNLOCK_LOGON
= *mut KERB_INTERACTIVE_UNLOCK_LOGON
;
1024 STRUCT
!{struct KERB_SMART_CARD_LOGON
{
1025 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1026 Pin
: UNICODE_STRING
,
1027 CspDataLength
: ULONG
,
1030 pub type PKERB_SMART_CARD_LOGON
= *mut KERB_SMART_CARD_LOGON
;
1031 STRUCT
!{struct KERB_SMART_CARD_UNLOCK_LOGON
{
1032 Logon
: KERB_SMART_CARD_LOGON
,
1035 pub type PKERB_SMART_CARD_UNLOCK_LOGON
= *mut KERB_SMART_CARD_UNLOCK_LOGON
;
1036 pub const KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES
: ULONG
= 0x1;
1037 pub const KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO
: ULONG
= 0x2;
1038 STRUCT
!{struct KERB_CERTIFICATE_LOGON
{
1039 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1040 DomainName
: UNICODE_STRING
,
1041 UserName
: UNICODE_STRING
,
1042 Pin
: UNICODE_STRING
,
1044 CspDataLength
: ULONG
,
1047 pub type PKERB_CERTIFICATE_LOGON
= *mut KERB_CERTIFICATE_LOGON
;
1048 STRUCT
!{struct KERB_CERTIFICATE_UNLOCK_LOGON
{
1049 Logon
: KERB_CERTIFICATE_LOGON
,
1052 pub type PKERB_CERTIFICATE_UNLOCK_LOGON
= *mut KERB_CERTIFICATE_UNLOCK_LOGON
;
1053 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES
: ULONG
= 0x1;
1054 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS
: ULONG
= 0x2;
1055 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED
: ULONG
= 0x4;
1056 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY
: ULONG
= 0x8;
1057 STRUCT
!{struct KERB_CERTIFICATE_S4U_LOGON
{
1058 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1060 UserPrincipalName
: UNICODE_STRING
,
1061 DomainName
: UNICODE_STRING
,
1062 CertificateLength
: ULONG
,
1063 Certificate
: PUCHAR
,
1065 pub type PKERB_CERTIFICATE_S4U_LOGON
= *mut KERB_CERTIFICATE_S4U_LOGON
;
1066 STRUCT
!{struct KERB_TICKET_LOGON
{
1067 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1069 ServiceTicketLength
: ULONG
,
1070 TicketGrantingTicketLength
: ULONG
,
1071 ServiceTicket
: PUCHAR
,
1072 TicketGrantingTicket
: PUCHAR
,
1074 pub type PKERB_TICKET_LOGON
= *mut KERB_TICKET_LOGON
;
1075 STRUCT
!{struct KERB_TICKET_UNLOCK_LOGON
{
1076 Logon
: KERB_TICKET_LOGON
,
1079 pub type PKERB_TICKET_UNLOCK_LOGON
= *mut KERB_TICKET_UNLOCK_LOGON
;
1080 pub const KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS
: ULONG
= 0x2;
1081 pub const KERB_S4U_LOGON_FLAG_IDENTIFY
: ULONG
= 0x8;
1082 STRUCT
!{struct KERB_S4U_LOGON
{
1083 MessageType
: KERB_LOGON_SUBMIT_TYPE
,
1085 ClientUpn
: UNICODE_STRING
,
1086 ClientRealm
: UNICODE_STRING
,
1088 pub type PKERB_S4U_LOGON
= *mut KERB_S4U_LOGON
;
1089 ENUM
!{enum KERB_PROFILE_BUFFER_TYPE
{
1090 KerbInteractiveProfile
= 2,
1091 KerbSmartCardProfile
= 4,
1092 KerbTicketProfile
= 6,
1094 pub type PKERB_PROFILE_BUFFER_TYPE
= *mut KERB_PROFILE_BUFFER_TYPE
;
1095 STRUCT
!{struct KERB_INTERACTIVE_PROFILE
{
1096 MessageType
: KERB_PROFILE_BUFFER_TYPE
,
1098 BadPasswordCount
: USHORT
,
1099 LogonTime
: LARGE_INTEGER
,
1100 LogoffTime
: LARGE_INTEGER
,
1101 KickOffTime
: LARGE_INTEGER
,
1102 PasswordLastSet
: LARGE_INTEGER
,
1103 PasswordCanChange
: LARGE_INTEGER
,
1104 PasswordMustChange
: LARGE_INTEGER
,
1105 LogonScript
: UNICODE_STRING
,
1106 HomeDirectory
: UNICODE_STRING
,
1107 FullName
: UNICODE_STRING
,
1108 ProfilePath
: UNICODE_STRING
,
1109 HomeDirectoryDrive
: UNICODE_STRING
,
1110 LogonServer
: UNICODE_STRING
,
1113 pub type PKERB_INTERACTIVE_PROFILE
= *mut KERB_INTERACTIVE_PROFILE
;
1114 STRUCT
!{struct KERB_SMART_CARD_PROFILE
{
1115 Profile
: KERB_INTERACTIVE_PROFILE
,
1116 CertificateSize
: ULONG
,
1117 CertificateData
: PUCHAR
,
1119 pub type PKERB_SMART_CARD_PROFILE
= *mut KERB_SMART_CARD_PROFILE
;
1120 STRUCT
!{struct KERB_CRYPTO_KEY
{
1125 pub type PKERB_CRYPTO_KEY
= *mut KERB_CRYPTO_KEY
;
1126 STRUCT
!{struct KERB_CRYPTO_KEY32
{
1131 pub type PKERB_CRYPTO_KEY32
= *mut KERB_CRYPTO_KEY32
;
1132 STRUCT
!{struct KERB_TICKET_PROFILE
{
1133 Profile
: KERB_INTERACTIVE_PROFILE
,
1134 SessionKey
: KERB_CRYPTO_KEY
,
1136 pub type PKERB_TICKET_PROFILE
= *mut KERB_TICKET_PROFILE
;
1137 ENUM
!{enum KERB_PROTOCOL_MESSAGE_TYPE
{
1138 KerbDebugRequestMessage
= 0,
1139 KerbQueryTicketCacheMessage
,
1140 KerbChangeMachinePasswordMessage
,
1141 KerbVerifyPacMessage
,
1142 KerbRetrieveTicketMessage
,
1143 KerbUpdateAddressesMessage
,
1144 KerbPurgeTicketCacheMessage
,
1145 KerbChangePasswordMessage
,
1146 KerbRetrieveEncodedTicketMessage
,
1147 KerbDecryptDataMessage
,
1148 KerbAddBindingCacheEntryMessage
,
1149 KerbSetPasswordMessage
,
1150 KerbSetPasswordExMessage
,
1151 KerbVerifyCredentialsMessage
,
1152 KerbQueryTicketCacheExMessage
,
1153 KerbPurgeTicketCacheExMessage
,
1154 KerbRefreshSmartcardCredentialsMessage
,
1155 KerbAddExtraCredentialsMessage
,
1156 KerbQuerySupplementalCredentialsMessage
,
1157 KerbTransferCredentialsMessage
,
1158 KerbQueryTicketCacheEx2Message
,
1159 KerbSubmitTicketMessage
,
1160 KerbAddExtraCredentialsExMessage
,
1161 KerbQueryKdcProxyCacheMessage
,
1162 KerbPurgeKdcProxyCacheMessage
,
1163 KerbQueryTicketCacheEx3Message
,
1164 KerbCleanupMachinePkinitCredsMessage
,
1165 KerbAddBindingCacheEntryExMessage
,
1166 KerbQueryBindingCacheMessage
,
1167 KerbPurgeBindingCacheMessage
,
1169 KerbUnpinAllKdcsMessage
,
1170 KerbQueryDomainExtendedPoliciesMessage
,
1171 KerbQueryS4U2ProxyCacheMessage
,
1173 pub type PKERB_PROTOCOL_MESSAGE_TYPE
= *mut KERB_PROTOCOL_MESSAGE_TYPE
;
1174 STRUCT
!{struct KERB_QUERY_TKT_CACHE_REQUEST
{
1175 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1178 pub type PKERB_QUERY_TKT_CACHE_REQUEST
= *mut KERB_QUERY_TKT_CACHE_REQUEST
;
1179 STRUCT
!{struct KERB_TICKET_CACHE_INFO
{
1180 ServerName
: UNICODE_STRING
,
1181 RealmName
: UNICODE_STRING
,
1182 StartTime
: LARGE_INTEGER
,
1183 EndTime
: LARGE_INTEGER
,
1184 RenewTime
: LARGE_INTEGER
,
1185 EncryptionType
: LONG
,
1188 pub type PKERB_TICKET_CACHE_INFO
= *mut KERB_TICKET_CACHE_INFO
;
1189 STRUCT
!{struct KERB_TICKET_CACHE_INFO_EX
{
1190 ClientName
: UNICODE_STRING
,
1191 ClientRealm
: UNICODE_STRING
,
1192 ServerName
: UNICODE_STRING
,
1193 ServerRealm
: UNICODE_STRING
,
1194 StartTime
: LARGE_INTEGER
,
1195 EndTime
: LARGE_INTEGER
,
1196 RenewTime
: LARGE_INTEGER
,
1197 EncryptionType
: LONG
,
1200 pub type PKERB_TICKET_CACHE_INFO_EX
= *mut KERB_TICKET_CACHE_INFO_EX
;
1201 STRUCT
!{struct KERB_TICKET_CACHE_INFO_EX2
{
1202 ClientName
: UNICODE_STRING
,
1203 ClientRealm
: UNICODE_STRING
,
1204 ServerName
: UNICODE_STRING
,
1205 ServerRealm
: UNICODE_STRING
,
1206 StartTime
: LARGE_INTEGER
,
1207 EndTime
: LARGE_INTEGER
,
1208 RenewTime
: LARGE_INTEGER
,
1209 EncryptionType
: LONG
,
1211 SessionKeyType
: ULONG
,
1214 pub type PKERB_TICKET_CACHE_INFO_EX2
= *mut KERB_TICKET_CACHE_INFO_EX2
;
1215 STRUCT
!{struct KERB_TICKET_CACHE_INFO_EX3
{
1216 ClientName
: UNICODE_STRING
,
1217 ClientRealm
: UNICODE_STRING
,
1218 ServerName
: UNICODE_STRING
,
1219 ServerRealm
: UNICODE_STRING
,
1220 StartTime
: LARGE_INTEGER
,
1221 EndTime
: LARGE_INTEGER
,
1222 RenewTime
: LARGE_INTEGER
,
1223 EncryptionType
: LONG
,
1225 SessionKeyType
: ULONG
,
1228 KdcCalled
: UNICODE_STRING
,
1230 pub type PKERB_TICKET_CACHE_INFO_EX3
= *mut KERB_TICKET_CACHE_INFO_EX3
;
1231 STRUCT
!{struct KERB_QUERY_TKT_CACHE_RESPONSE
{
1232 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1233 CountOfTickets
: ULONG
,
1234 Tickets
: [KERB_TICKET_CACHE_INFO
; ANYSIZE_ARRAY
],
1236 pub type PKERB_QUERY_TKT_CACHE_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_RESPONSE
;
1237 STRUCT
!{struct KERB_QUERY_TKT_CACHE_EX_RESPONSE
{
1238 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1239 CountOfTickets
: ULONG
,
1240 Tickets
: [KERB_TICKET_CACHE_INFO_EX
; ANYSIZE_ARRAY
],
1242 pub type PKERB_QUERY_TKT_CACHE_EX_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_EX_RESPONSE
;
1243 STRUCT
!{struct KERB_QUERY_TKT_CACHE_EX2_RESPONSE
{
1244 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1245 CountOfTickets
: ULONG
,
1246 Tickets
: [KERB_TICKET_CACHE_INFO_EX2
; ANYSIZE_ARRAY
],
1248 pub type PKERB_QUERY_TKT_CACHE_EX2_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_EX2_RESPONSE
;
1249 STRUCT
!{struct KERB_QUERY_TKT_CACHE_EX3_RESPONSE
{
1250 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1251 CountOfTickets
: ULONG
,
1252 Tickets
: [KERB_TICKET_CACHE_INFO_EX3
; ANYSIZE_ARRAY
],
1254 pub type PKERB_QUERY_TKT_CACHE_EX3_RESPONSE
= *mut KERB_QUERY_TKT_CACHE_EX3_RESPONSE
;
1255 pub const KERB_USE_DEFAULT_TICKET_FLAGS
: ULONG
= 0x0;
1256 pub const KERB_RETRIEVE_TICKET_DEFAULT
: ULONG
= 0x0;
1257 pub const KERB_RETRIEVE_TICKET_DONT_USE_CACHE
: ULONG
= 0x1;
1258 pub const KERB_RETRIEVE_TICKET_USE_CACHE_ONLY
: ULONG
= 0x2;
1259 pub const KERB_RETRIEVE_TICKET_USE_CREDHANDLE
: ULONG
= 0x4;
1260 pub const KERB_RETRIEVE_TICKET_AS_KERB_CRED
: ULONG
= 0x8;
1261 pub const KERB_RETRIEVE_TICKET_WITH_SEC_CRED
: ULONG
= 0x10;
1262 pub const KERB_RETRIEVE_TICKET_CACHE_TICKET
: ULONG
= 0x20;
1263 pub const KERB_RETRIEVE_TICKET_MAX_LIFETIME
: ULONG
= 0x40;
1264 STRUCT
!{struct KERB_AUTH_DATA
{
1269 pub type PKERB_AUTH_DATA
= *mut KERB_AUTH_DATA
;
1270 STRUCT
!{struct KERB_NET_ADDRESS
{
1275 pub type PKERB_NET_ADDRESS
= *mut KERB_NET_ADDRESS
;
1276 STRUCT
!{struct KERB_NET_ADDRESSES
{
1278 Addresses
: [KERB_NET_ADDRESS
; ANYSIZE_ARRAY
],
1280 pub type PKERB_NET_ADDRESSES
= *mut KERB_NET_ADDRESSES
;
1281 STRUCT
!{struct KERB_EXTERNAL_NAME
{
1284 Names
: [UNICODE_STRING
; ANYSIZE_ARRAY
],
1286 pub type PKERB_EXTERNAL_NAME
= *mut KERB_EXTERNAL_NAME
;
1287 STRUCT
!{struct KERB_EXTERNAL_TICKET
{
1288 ServiceName
: PKERB_EXTERNAL_NAME
,
1289 TargetName
: PKERB_EXTERNAL_NAME
,
1290 ClientName
: PKERB_EXTERNAL_NAME
,
1291 DomainName
: UNICODE_STRING
,
1292 TargetDomainName
: UNICODE_STRING
,
1293 AltTargetDomainName
: UNICODE_STRING
,
1294 SessionKey
: KERB_CRYPTO_KEY
,
1297 KeyExpirationTime
: LARGE_INTEGER
,
1298 StartTime
: LARGE_INTEGER
,
1299 EndTime
: LARGE_INTEGER
,
1300 RenewUntil
: LARGE_INTEGER
,
1301 TimeSkew
: LARGE_INTEGER
,
1302 EncodedTicketSize
: ULONG
,
1303 EncodedTicket
: PUCHAR
,
1305 pub type PKERB_EXTERNAL_TICKET
= *mut KERB_EXTERNAL_TICKET
;
1306 STRUCT
!{struct KERB_RETRIEVE_TKT_REQUEST
{
1307 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1309 TargetName
: UNICODE_STRING
,
1311 CacheOptions
: ULONG
,
1312 EncryptionType
: LONG
,
1313 CredentialsHandle
: SecHandle
,
1315 pub type PKERB_RETRIEVE_TKT_REQUEST
= *mut KERB_RETRIEVE_TKT_REQUEST
;
1316 STRUCT
!{struct KERB_RETRIEVE_TKT_RESPONSE
{
1317 Ticket
: KERB_EXTERNAL_TICKET
,
1319 pub type PKERB_RETRIEVE_TKT_RESPONSE
= *mut KERB_RETRIEVE_TKT_RESPONSE
;
1320 STRUCT
!{struct KERB_PURGE_TKT_CACHE_REQUEST
{
1321 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1323 ServerName
: UNICODE_STRING
,
1324 RealmName
: UNICODE_STRING
,
1326 pub type PKERB_PURGE_TKT_CACHE_REQUEST
= *mut KERB_PURGE_TKT_CACHE_REQUEST
;
1327 pub const KERB_PURGE_ALL_TICKETS
: ULONG
= 1;
1328 STRUCT
!{struct KERB_PURGE_TKT_CACHE_EX_REQUEST
{
1329 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1332 TicketTemplate
: KERB_TICKET_CACHE_INFO_EX
,
1334 pub type PKERB_PURGE_TKT_CACHE_EX_REQUEST
= *mut KERB_PURGE_TKT_CACHE_EX_REQUEST
;
1335 STRUCT
!{struct KERB_SUBMIT_TKT_REQUEST
{
1336 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1339 Key
: KERB_CRYPTO_KEY32
,
1340 KerbCredSize
: ULONG
,
1341 KerbCredOffset
: ULONG
,
1343 pub type PKERB_SUBMIT_TKT_REQUEST
= *mut KERB_SUBMIT_TKT_REQUEST
;
1344 STRUCT
!{struct KERB_QUERY_KDC_PROXY_CACHE_REQUEST
{
1345 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1349 pub type PKERB_QUERY_KDC_PROXY_CACHE_REQUEST
= *mut KERB_QUERY_KDC_PROXY_CACHE_REQUEST
;
1350 STRUCT
!{struct KDC_PROXY_CACHE_ENTRY_DATA
{
1351 SinceLastUsed
: ULONG64
,
1352 DomainName
: UNICODE_STRING
,
1353 ProxyServerName
: UNICODE_STRING
,
1354 ProxyServerVdir
: UNICODE_STRING
,
1355 ProxyServerPort
: USHORT
,
1357 CredUserName
: UNICODE_STRING
,
1358 CredDomainName
: UNICODE_STRING
,
1359 GlobalCache
: BOOLEAN
,
1361 pub type PKDC_PROXY_CACHE_ENTRY_DATA
= *mut KDC_PROXY_CACHE_ENTRY_DATA
;
1362 STRUCT
!{struct KERB_QUERY_KDC_PROXY_CACHE_RESPONSE
{
1363 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1364 CountOfEntries
: ULONG
,
1365 Entries
: PKDC_PROXY_CACHE_ENTRY_DATA
,
1367 pub type PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE
= *mut KERB_QUERY_KDC_PROXY_CACHE_RESPONSE
;
1368 STRUCT
!{struct KERB_PURGE_KDC_PROXY_CACHE_REQUEST
{
1369 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1373 pub type PKERB_PURGE_KDC_PROXY_CACHE_REQUEST
= *mut KERB_PURGE_KDC_PROXY_CACHE_REQUEST
;
1374 STRUCT
!{struct KERB_PURGE_KDC_PROXY_CACHE_RESPONSE
{
1375 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1376 CountOfPurged
: ULONG
,
1378 pub type PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE
= *mut KERB_PURGE_KDC_PROXY_CACHE_RESPONSE
;
1379 pub const KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE
: ULONG
= 0x1;
1380 STRUCT
!{struct KERB_S4U2PROXY_CACHE_ENTRY_INFO
{
1381 ServerName
: UNICODE_STRING
,
1383 LastStatus
: NTSTATUS
,
1384 Expiry
: LARGE_INTEGER
,
1386 pub type PKERB_S4U2PROXY_CACHE_ENTRY_INFO
= *mut KERB_S4U2PROXY_CACHE_ENTRY_INFO
;
1387 pub const KERB_S4U2PROXY_CRED_FLAG_NEGATIVE
: ULONG
= 0x1;
1388 STRUCT
!{struct KERB_S4U2PROXY_CRED
{
1389 UserName
: UNICODE_STRING
,
1390 DomainName
: UNICODE_STRING
,
1392 LastStatus
: NTSTATUS
,
1393 Expiry
: LARGE_INTEGER
,
1394 CountOfEntries
: ULONG
,
1395 Entries
: PKERB_S4U2PROXY_CACHE_ENTRY_INFO
,
1397 pub type PKERB_S4U2PROXY_CRED
= *mut KERB_S4U2PROXY_CRED
;
1398 STRUCT
!{struct KERB_QUERY_S4U2PROXY_CACHE_REQUEST
{
1399 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1403 pub type PKERB_QUERY_S4U2PROXY_CACHE_REQUEST
= *mut KERB_QUERY_S4U2PROXY_CACHE_REQUEST
;
1404 STRUCT
!{struct KERB_QUERY_S4U2PROXY_CACHE_RESPONSE
{
1405 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1406 CountOfCreds
: ULONG
,
1407 Creds
: PKERB_S4U2PROXY_CRED
,
1409 pub type PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE
= *mut KERB_QUERY_S4U2PROXY_CACHE_RESPONSE
;
1410 STRUCT
!{struct KERB_CHANGEPASSWORD_REQUEST
{
1411 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1412 DomainName
: UNICODE_STRING
,
1413 AccountName
: UNICODE_STRING
,
1414 OldPassword
: UNICODE_STRING
,
1415 NewPassword
: UNICODE_STRING
,
1416 Impersonating
: BOOLEAN
,
1418 pub type PKERB_CHANGEPASSWORD_REQUEST
= *mut KERB_CHANGEPASSWORD_REQUEST
;
1419 STRUCT
!{struct KERB_SETPASSWORD_REQUEST
{
1420 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1422 CredentialsHandle
: SecHandle
,
1424 DomainName
: UNICODE_STRING
,
1425 AccountName
: UNICODE_STRING
,
1426 Password
: UNICODE_STRING
,
1428 pub type PKERB_SETPASSWORD_REQUEST
= *mut KERB_SETPASSWORD_REQUEST
;
1429 STRUCT
!{struct KERB_SETPASSWORD_EX_REQUEST
{
1430 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1432 CredentialsHandle
: SecHandle
,
1434 AccountRealm
: UNICODE_STRING
,
1435 AccountName
: UNICODE_STRING
,
1436 Password
: UNICODE_STRING
,
1437 ClientRealm
: UNICODE_STRING
,
1438 ClientName
: UNICODE_STRING
,
1439 Impersonating
: BOOLEAN
,
1440 KdcAddress
: UNICODE_STRING
,
1441 KdcAddressType
: ULONG
,
1443 pub type PKERB_SETPASSWORD_EX_REQUEST
= *mut KERB_SETPASSWORD_EX_REQUEST
;
1444 pub const DS_UNKNOWN_ADDRESS_TYPE
: ULONG
= 0;
1445 pub const KERB_SETPASS_USE_LOGONID
: ULONG
= 1;
1446 pub const KERB_SETPASS_USE_CREDHANDLE
: ULONG
= 2;
1447 STRUCT
!{struct KERB_DECRYPT_REQUEST
{
1448 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1453 Key
: KERB_CRYPTO_KEY
,
1454 EncryptedDataSize
: ULONG
,
1455 InitialVectorSize
: ULONG
,
1456 InitialVector
: PUCHAR
,
1457 EncryptedData
: PUCHAR
,
1459 pub type PKERB_DECRYPT_REQUEST
= *mut KERB_DECRYPT_REQUEST
;
1460 pub const KERB_DECRYPT_FLAG_DEFAULT_KEY
: ULONG
= 0x00000001;
1461 STRUCT
!{struct KERB_DECRYPT_RESPONSE
{
1462 DecryptedData
: [UCHAR
; ANYSIZE_ARRAY
],
1464 pub type PKERB_DECRYPT_RESPONSE
= *mut KERB_DECRYPT_RESPONSE
;
1465 STRUCT
!{struct KERB_ADD_BINDING_CACHE_ENTRY_REQUEST
{
1466 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1467 RealmName
: UNICODE_STRING
,
1468 KdcAddress
: UNICODE_STRING
,
1471 pub type PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST
= *mut KERB_ADD_BINDING_CACHE_ENTRY_REQUEST
;
1472 STRUCT
!{struct KERB_REFRESH_SCCRED_REQUEST
{
1473 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1474 CredentialBlob
: UNICODE_STRING
,
1478 pub type PKERB_REFRESH_SCCRED_REQUEST
= *mut KERB_REFRESH_SCCRED_REQUEST
;
1479 pub const KERB_REFRESH_SCCRED_RELEASE
: ULONG
= 0x0;
1480 pub const KERB_REFRESH_SCCRED_GETTGT
: ULONG
= 0x1;
1481 STRUCT
!{struct KERB_ADD_CREDENTIALS_REQUEST
{
1482 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1483 UserName
: UNICODE_STRING
,
1484 DomainName
: UNICODE_STRING
,
1485 Password
: UNICODE_STRING
,
1489 pub type PKERB_ADD_CREDENTIALS_REQUEST
= *mut KERB_ADD_CREDENTIALS_REQUEST
;
1490 pub const KERB_REQUEST_ADD_CREDENTIAL
: ULONG
= 1;
1491 pub const KERB_REQUEST_REPLACE_CREDENTIAL
: ULONG
= 2;
1492 pub const KERB_REQUEST_REMOVE_CREDENTIAL
: ULONG
= 4;
1493 STRUCT
!{struct KERB_ADD_CREDENTIALS_REQUEST_EX
{
1494 Credentials
: KERB_ADD_CREDENTIALS_REQUEST
,
1495 PrincipalNameCount
: ULONG
,
1496 PrincipalNames
: [UNICODE_STRING
; ANYSIZE_ARRAY
],
1498 pub type PKERB_ADD_CREDENTIALS_REQUEST_EX
= *mut KERB_ADD_CREDENTIALS_REQUEST_EX
;
1499 STRUCT
!{struct KERB_TRANSFER_CRED_REQUEST
{
1500 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1501 OriginLogonId
: LUID
,
1502 DestinationLogonId
: LUID
,
1505 pub type PKERB_TRANSFER_CRED_REQUEST
= *mut KERB_TRANSFER_CRED_REQUEST
;
1506 pub const KERB_TRANSFER_CRED_WITH_TICKETS
: ULONG
= 0x1;
1507 pub const KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS
: ULONG
= 0x2;
1508 STRUCT
!{struct KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST
{
1509 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1512 pub type PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST
=
1513 *mut KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST
;
1514 STRUCT
!{struct KERB_BINDING_CACHE_ENTRY_DATA
{
1515 DiscoveryTime
: ULONG64
,
1516 RealmName
: UNICODE_STRING
,
1517 KdcAddress
: UNICODE_STRING
,
1522 KdcName
: UNICODE_STRING
,
1524 pub type PKERB_BINDING_CACHE_ENTRY_DATA
= *mut KERB_BINDING_CACHE_ENTRY_DATA
;
1525 STRUCT
!{struct KERB_QUERY_BINDING_CACHE_RESPONSE
{
1526 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1527 CountOfEntries
: ULONG
,
1528 Entries
: PKERB_BINDING_CACHE_ENTRY_DATA
,
1530 pub type PKERB_QUERY_BINDING_CACHE_RESPONSE
= *mut KERB_QUERY_BINDING_CACHE_RESPONSE
;
1531 STRUCT
!{struct KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST
{
1532 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1533 RealmName
: UNICODE_STRING
,
1534 KdcAddress
: UNICODE_STRING
,
1538 pub type PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST
= *mut KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST
;
1539 STRUCT
!{struct KERB_QUERY_BINDING_CACHE_REQUEST
{
1540 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1542 pub type PKERB_QUERY_BINDING_CACHE_REQUEST
= *mut KERB_QUERY_BINDING_CACHE_REQUEST
;
1543 STRUCT
!{struct KERB_PURGE_BINDING_CACHE_REQUEST
{
1544 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1546 pub type PKERB_PURGE_BINDING_CACHE_REQUEST
= *mut KERB_PURGE_BINDING_CACHE_REQUEST
;
1547 STRUCT
!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST
{
1548 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1550 DomainName
: UNICODE_STRING
,
1552 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST
=
1553 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST
;
1554 STRUCT
!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE
{
1555 MessageType
: KERB_PROTOCOL_MESSAGE_TYPE
,
1557 ExtendedPolicies
: ULONG
,
1560 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE
=
1561 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE
;
1562 ENUM
!{enum KERB_CERTIFICATE_INFO_TYPE
{
1565 pub type PKERB_CERTIFICATE_INFO_TYPE
= *mut KERB_CERTIFICATE_INFO_TYPE
;
1566 STRUCT
!{struct KERB_CERTIFICATE_HASHINFO
{
1567 StoreNameLength
: USHORT
,
1570 pub type PKERB_CERTIFICATE_HASHINFO
= *mut KERB_CERTIFICATE_HASHINFO
;
1571 STRUCT
!{struct KERB_CERTIFICATE_INFO
{
1572 CertInfoSize
: ULONG
,
1575 pub type PKERB_CERTIFICATE_INFO
= *mut KERB_CERTIFICATE_INFO
;
1576 STRUCT
!{struct POLICY_AUDIT_SID_ARRAY
{
1578 UserSidArray
: *mut PSID
,
1580 pub type PPOLICY_AUDIT_SID_ARRAY
= *mut POLICY_AUDIT_SID_ARRAY
;
1581 STRUCT
!{struct AUDIT_POLICY_INFORMATION
{
1582 AuditSubCategoryGuid
: GUID
,
1583 AuditingInformation
: ULONG
,
1584 AuditCategoryGuid
: GUID
,
1586 pub type PAUDIT_POLICY_INFORMATION
= *mut AUDIT_POLICY_INFORMATION
;
1587 pub type LPAUDIT_POLICY_INFORMATION
= PAUDIT_POLICY_INFORMATION
;
1588 pub type PCAUDIT_POLICY_INFORMATION
= *const AUDIT_POLICY_INFORMATION
;
1589 pub const AUDIT_SET_SYSTEM_POLICY
: ULONG
= 0x0001;
1590 pub const AUDIT_QUERY_SYSTEM_POLICY
: ULONG
= 0x0002;
1591 pub const AUDIT_SET_USER_POLICY
: ULONG
= 0x0004;
1592 pub const AUDIT_QUERY_USER_POLICY
: ULONG
= 0x0008;
1593 pub const AUDIT_ENUMERATE_USERS
: ULONG
= 0x0010;
1594 pub const AUDIT_SET_MISC_POLICY
: ULONG
= 0x0020;
1595 pub const AUDIT_QUERY_MISC_POLICY
: ULONG
= 0x0040;
1596 pub const AUDIT_GENERIC_ALL
: ULONG
= STANDARD_RIGHTS_REQUIRED
| AUDIT_SET_SYSTEM_POLICY
1597 | AUDIT_QUERY_SYSTEM_POLICY
| AUDIT_SET_USER_POLICY
| AUDIT_QUERY_USER_POLICY
1598 | AUDIT_ENUMERATE_USERS
| AUDIT_SET_MISC_POLICY
| AUDIT_QUERY_MISC_POLICY
;
1599 pub const AUDIT_GENERIC_READ
: ULONG
= STANDARD_RIGHTS_READ
| AUDIT_QUERY_SYSTEM_POLICY
1600 | AUDIT_QUERY_USER_POLICY
| AUDIT_ENUMERATE_USERS
| AUDIT_QUERY_MISC_POLICY
;
1601 pub const AUDIT_GENERIC_WRITE
: ULONG
= STANDARD_RIGHTS_WRITE
| AUDIT_SET_USER_POLICY
1602 | AUDIT_SET_MISC_POLICY
| AUDIT_SET_SYSTEM_POLICY
;
1603 pub const AUDIT_GENERIC_EXECUTE
: ULONG
= STANDARD_RIGHTS_EXECUTE
;
1605 pub fn AuditSetSystemPolicy(
1606 pAuditPolicy
: PCAUDIT_POLICY_INFORMATION
,
1609 pub fn AuditSetPerUserPolicy(
1611 pAuditPolicy
: PCAUDIT_POLICY_INFORMATION
,
1614 pub fn AuditQuerySystemPolicy(
1615 pSubCategoryGuids
: *const GUID
,
1617 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1619 pub fn AuditQueryPerUserPolicy(
1621 pSubCategoryGuids
: *const GUID
,
1623 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1625 pub fn AuditEnumeratePerUserPolicy(
1626 ppAuditSidArray
: *mut PPOLICY_AUDIT_SID_ARRAY
,
1628 pub fn AuditComputeEffectivePolicyBySid(
1630 pSubCategoryGuids
: *const GUID
,
1631 dwPolicyCount
: ULONG
,
1632 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1634 pub fn AuditComputeEffectivePolicyByToken(
1635 hTokenHandle
: HANDLE
,
1636 pSubCategoryGuids
: *const GUID
,
1637 dwPolicyCount
: ULONG
,
1638 ppAuditPolicy
: *mut PAUDIT_POLICY_INFORMATION
,
1640 pub fn AuditEnumerateCategories(
1641 ppAuditCategoriesArray
: *mut *mut GUID
,
1642 pdwCountReturned
: PULONG
,
1644 pub fn AuditEnumerateSubCategories(
1645 pAuditCategoryGuid
: *const GUID
,
1646 bRetrieveAllSubCategories
: BOOLEAN
,
1647 ppAuditSubCategoriesArray
: *mut *mut GUID
,
1648 pdwCountReturned
: PULONG
,
1650 pub fn AuditLookupCategoryNameW(
1651 pAuditCategoryGuid
: *const GUID
,
1652 ppszCategoryName
: *mut PWSTR
,
1654 pub fn AuditLookupCategoryNameA(
1655 pAuditCategoryGuid
: *const GUID
,
1656 ppszCategoryName
: *mut PSTR
,
1658 pub fn AuditLookupSubCategoryNameW(
1659 pAuditSubCategoryGuid
: *const GUID
,
1660 ppszSubCategoryName
: *mut PWSTR
,
1662 pub fn AuditLookupSubCategoryNameA(
1663 pAuditSubCategoryGuid
: *const GUID
,
1664 ppszSubCategoryName
: *mut PSTR
,
1666 pub fn AuditLookupCategoryIdFromCategoryGuid(
1667 pAuditCategoryGuid
: *const GUID
,
1668 pAuditCategoryId
: PPOLICY_AUDIT_EVENT_TYPE
,
1670 pub fn AuditLookupCategoryGuidFromCategoryId(
1671 AuditCategoryId
: POLICY_AUDIT_EVENT_TYPE
,
1672 pAuditCategoryGuid
: *mut GUID
,
1674 pub fn AuditSetSecurity(
1675 SecurityInformation
: SECURITY_INFORMATION
,
1676 pSecurityDescriptor
: PSECURITY_DESCRIPTOR
,
1678 pub fn AuditQuerySecurity(
1679 SecurityInformation
: SECURITY_INFORMATION
,
1680 ppSecurityDescriptor
: *mut PSECURITY_DESCRIPTOR
,
1682 pub fn AuditSetGlobalSaclW(
1683 ObjectTypeName
: PCWSTR
,
1686 pub fn AuditSetGlobalSaclA(
1687 ObjectTypeName
: PCSTR
,
1690 pub fn AuditQueryGlobalSaclW(
1691 ObjectTypeName
: PCWSTR
,
1694 pub fn AuditQueryGlobalSaclA(
1695 ObjectTypeName
: PCSTR
,
1702 STRUCT
!{struct PKU2U_CERT_BLOB
{
1706 pub type PPKU2U_CERT_BLOB
= *mut PKU2U_CERT_BLOB
;
1707 pub const PKU2U_CREDUI_CONTEXT_VERSION
: ULONG64
= 0x4154414454524543;
1708 STRUCT
!{struct PKU2U_CREDUI_CONTEXT
{
1710 cbHeaderLength
: USHORT
,
1711 cbStructureLength
: ULONG
,
1712 CertArrayCount
: USHORT
,
1713 CertArrayOffset
: ULONG
,
1715 pub type PPKU2U_CREDUI_CONTEXT
= *mut PKU2U_CREDUI_CONTEXT
;
1716 ENUM
!{enum PKU2U_LOGON_SUBMIT_TYPE
{
1717 Pku2uCertificateS4ULogon
= 14,
1719 pub type PPKU2U_LOGON_SUBMIT_TYPE
= *mut PKU2U_LOGON_SUBMIT_TYPE
;
1720 STRUCT
!{struct PKU2U_CERTIFICATE_S4U_LOGON
{
1721 MessageType
: PKU2U_LOGON_SUBMIT_TYPE
,
1723 UserPrincipalName
: UNICODE_STRING
,
1724 DomainName
: UNICODE_STRING
,
1725 CertificateLength
: ULONG
,
1726 Certificate
: PUCHAR
,
1728 pub type PPKU2U_CERTIFICATE_S4U_LOGON
= *mut PKU2U_CERTIFICATE_S4U_LOGON
;