windows-nt/Source/XPSP1/NT/ds/security/services/scerpc/idl/scerpc.idl

780 lines
18 KiB
Plaintext
Raw Normal View History

2020-09-26 03:20:57 -05:00
/*++
Copyright (c) 1998 Microsoft Corporation
Module Name:
scerpc.idl
Abstract:
Security Configuration Editor (SCE ) Engine RPC Interface Definition File
This file contains the RPC Interface Definition Language file for
the SCE Engine. This file includes all of the prototypes for the SCE
functions that are callable via RPC. These functions are internal versions
of API and are NOT visible to clients of the SCE Engine. An SCE Engine
client calls the SCE engine API defined in file secedit.h/scesvc.h/scesetup.h.
These API are wrappers which call client RPC stubs generated from this idl
file by the RPC compiler.
///////////////////////////////////////////////////////////////////////////
// Please note:
//
// structure definitions in private\inc\secedit.h, scesetup.h and
// public\sdk\inc\scesvc.h must be in ssync with this IDL defition.
//
///////////////////////////////////////////////////////////////////////////
Author:
Jin Huang (JinHuang) Jan 26, 1998
Environment:
User Mode
Revision History:
--*/
[
uuid(93149ca2-973b-11d1-8c39-00c04fb984f9),
version(0.0),
#ifdef __midl
ms_union,
#endif // __midl
pointer_default(unique),
]
interface scerpc
{
//
// Import a dummy interface containing #includes for public .h files. This
// trick is necessary so that midl will only generate marshalling routines
// for subtypes that are relevant to the parameters specified on the RPC
// interface. midl also ingores function prototypes contained therein.
//
import "sceimp.idl" ;
//
// The parens have to be omitted from the operand
// because midl grammar does not support them.
//
//
// SCE RPC Context Handle
//
typedef [context_handle] PVOID SCEPR_CONTEXT;
typedef SCEPR_CONTEXT *PSCEPR_CONTEXT;
typedef DWORD SCEPR_STATUS;
typedef DWORD AREAPR;
//
// RPC'able Self-Relative Security Descriptor Definition.
//
typedef struct _SCEPR_SR_SECURITY_DESCRIPTOR {
ULONG Length;
[size_is(Length)] UCHAR *SecurityDescriptor;
} SCEPR_SR_SECURITY_DESCRIPTOR, *PSCEPR_SR_SECURITY_DESCRIPTOR;
typedef enum _SCEPR_SERVER_TYPE_ {
SCEPR_UNKNOWN = 0,
SCEPR_DC_WITH_DS,
SCEPR_DC,
SCEPR_NT5_SERVER,
SCEPR_NT4_SERVER,
SCEPR_NT5_WKS,
SCEPR_NT4_WKS
} SCEPR_SERVER_TYPE, *PSCEPR_SERVER_TYPE;
//
// service info type (scesvc)
//
typedef enum _SCEPR_SVCINFO_TYPE {
SceprConfigurationInfo,
SceprMergedPolicyInfo,
SceprAnalysisInfo,
SceprInternalUse
} SCEPR_SVCINFO_TYPE;
//
// SVC enumeration type
//
typedef ULONG SCEPR_ENUM_CONTEXT, *PSCEPR_ENUM_CONTEXT;
//
// SVC info structure
//
typedef struct _SCEPR_SVCINFO_LINE {
[string] wchar_t *Key;
[size_is(ValueLen)] byte *Value;
DWORD ValueLen;
} SCEPR_SVCINFO_LINE, *PSCEPR_SVCINFO_LINE;
typedef struct _SCEPR_SVCINFO {
DWORD Count;
[size_is(Count)] SCEPR_SVCINFO_LINE *Lines;
} SCEPR_SVCINFO, *PSCEPR_SVCINFO;
typedef struct _SCEPR_VALUEINFO {
DWORD ValueLen;
[size_is(ValueLen)] byte *Value;
} SCEPR_VALUEINFO, *PSCEPR_VALUEINFO;
//
// secedit definitions
//
typedef enum _SCEPR_TYPE {
SCEPR_SYSTEM = 300,
SCEPR_GPO,
SCEPR_SCP,
SCEPR_SAP,
SCEPR_SCP_I, // internal type
SCEPR_SMP_I, // internal type
SCEPR_SMP,
SCEPR_INF
} SCEPR_TYPE;
//
// link list is marshlled automatically by RPCRT
//
typedef struct _SCEPR_ERROR_LOG_INFO {
[string,unique] wchar_t *buffer;
DWORD rc;
struct _SCEPR_ERROR_LOG_INFO *next;
} SCEPR_ERROR_LOG_INFO, *PSCEPR_ERROR_LOG_INFO;
typedef struct _SCEPR_NAME_LIST {
[string] wchar_t *Name;
struct _SCEPR_NAME_LIST *Next;
} SCEPR_NAME_LIST, *PSCEPR_NAME_LIST;
typedef struct _SCEPR_NAME_STATUS_LIST {
[string] wchar_t *Name;
DWORD Status;
struct _SCEPR_NAME_STATUS_LIST *Next;
} SCEPR_NAME_STATUS_LIST, *PSCEPR_NAME_STATUS_LIST;
//
// privilege assignment
//
typedef struct _SCEPR_PRIV_ASSIGN {
[string] wchar_t *Name;
DWORD Value;
SCEPR_NAME_LIST *AssignedTo;
DWORD Status;
struct _SCEPR_PRIV_ASSIGN *Next;
} SCEPR_PRIV_ASSIGN, *PSCEPR_PRIV_ASSIGN;
//
// structures within the union
//
/*
typedef struct _SCEPR_UNION_STRUCT_SCP {
SCEPR_NAME_LIST *pAccountProfiles;
SCEPR_NAME_STATUS_LIST *pPrivilegeAssignedTo;
} SCEPR_UNION_STRUCT_SCP;
*/
typedef struct _SCEPR_UNION_STRUCT_SMP {
SCEPR_NAME_LIST *pUserList;
SCEPR_PRIV_ASSIGN *pPrivilegeAssignedTo;
} SCEPR_UNION_STRUCT_SMP;
//
// union of otherinfo (scp/smp/sap)
//
// [case(SCEPR_SCP_I,SCEPR_SMP_I)] SCEPR_UNION_STRUCT_SCP scp;
typedef [switch_type(SCEPR_TYPE)] union
_SCEPR_UNION_OTHERINFO {
[case(SCEPR_SCP,SCEPR_SMP,SCEPR_SYSTEM)] SCEPR_UNION_STRUCT_SMP smp;
[case(SCEPR_SAP)] SCEPR_UNION_STRUCT_SMP sap;
} SCEPR_UNION_OTHERINFO;
//
// group membership structure
//
typedef struct _SCEPR_GROUPS {
[string] wchar_t *GroupName;
SCEPR_NAME_LIST *pMembers;
SCEPR_NAME_LIST *pMemberOf;
DWORD Status;
SCEPR_NAME_STATUS_LIST *pPrivilegesHeld;
struct _SCEPR_GROUPS *Next;
} SCEPR_GROUPS, *PSCEPR_GROUPS;
//
// services structure
//
typedef struct _SCEPR_SERVICES {
[string] wchar_t *ServiceName;
[string] wchar_t *DisplayName;
BYTE Status;
BYTE Startup;
[unique] SCEPR_SR_SECURITY_DESCRIPTOR *pSecurityDescriptor;
SECURITY_INFORMATION SeInfo;
struct _SCEPR_SERVICES *Next;
} SCEPR_SERVICES, *PSCEPR_SERVICES;
//
// object list structure
//
typedef struct _SCEPR_OBJECT_LIST {
[string] wchar_t *Name;
BYTE Status;
BOOL IsContainer;
DWORD Count;
struct _SCEPR_OBJECT_LIST *Next;
} SCEPR_OBJECT_LIST, *PSCEPR_OBJECT_LIST;
typedef struct _SCEPR_OBJECT_LIST_NODE {
[string] wchar_t *Name;
BYTE Status;
BOOL IsContainer;
DWORD Count;
} SCEPR_OBJECT_LIST_NODE, *PSCEPR_OBJECT_LIST_NODE;
typedef struct _SCEPR_OBJECT_CHILDREN {
DWORD nCount;
DWORD MaxCount;
[size_is(nCount)] PSCEPR_OBJECT_LIST_NODE arrObject[*];
} SCEPR_OBJECT_CHILDREN, *PSCEPR_OBJECT_CHILDREN;
//
// kerberos structure
//
typedef struct _SCEPR_KERBEROS {
DWORD MaxTicketAge;
DWORD MaxRenewAge;
DWORD MaxServiceAge;
DWORD MaxClockSkew;
DWORD TicketValidateClient;
} SCEPR_KERBEROS, *PSCEPR_KERBEROS;
//
// registry values
//
typedef struct _SCEPR_REGISTRY_VALUES {
[string] wchar_t *FullValueName;
[string,unique] wchar_t *Value;
DWORD ValueType;
DWORD Status; // match, mismatch, not analyzed, error
} SCEPR_REGISTRY_VALUES, *PSCEPR_REGISTRY_VALUES;
//
// profile info structure
//
typedef struct _SCEPR_PROFILE_INFO {
SCEPR_TYPE Type;
DWORD MinimumPasswordAge;
DWORD MaximumPasswordAge;
DWORD MinimumPasswordLength;
DWORD PasswordComplexity;
DWORD PasswordHistorySize;
DWORD LockoutBadCount;
DWORD ResetLockoutCount;
DWORD LockoutDuration;
DWORD RequireLogonToChangePassword;
DWORD ForceLogoffWhenHourExpire;
[string] wchar_t *NewAdministratorName;
[string] wchar_t *NewGuestName;
DWORD SecureSystemPartition;
DWORD ClearTextPassword;
DWORD LSAAnonymousNameLookup;
//
// union type
//
[switch_is(Type)] SCEPR_UNION_OTHERINFO OtherInfo;
SCEPR_GROUPS *pGroupMembership;
//
// objects
//
SCEPR_OBJECT_LIST *pRegistryKeys;
SCEPR_SERVICES *pServices;
SCEPR_OBJECT_LIST *pFiles;
SCEPR_OBJECT_LIST *pDsObjects;
// kerberos info
SCEPR_KERBEROS *pKerberosInfo;
DWORD MaximumLogSize[3];
DWORD AuditLogRetentionPeriod[3];
DWORD RetentionDays[3];
DWORD RestrictGuestAccess[3];
DWORD AuditSystemEvents;
DWORD AuditLogonEvents;
DWORD AuditObjectAccess;
DWORD AuditPrivilegeUse;
DWORD AuditPolicyChange;
DWORD AuditAccountManage;
DWORD AuditProcessTracking;
DWORD AuditDSSAccess;
DWORD AuditAccountLogon;
DWORD CrashOnAuditFull;
DWORD RegValueCount;
[size_is(RegValueCount)] SCEPR_REGISTRY_VALUES *aRegValues;
DWORD EnableAdminAccount;
DWORD EnableGuestAccount;
} SCEPR_PROFILE_INFO, *PSCEPR_PROFILE_INFO;
//
// object security structure
//
typedef struct _SCEPR_OBJECT_SECURITY {
[string] wchar_t *Name;
BYTE Status;
BOOL IsContainer;
[unique] SCEPR_SR_SECURITY_DESCRIPTOR *pSecurityDescriptor;
SECURITY_INFORMATION SeInfo;
} SCEPR_OBJECT_SECURITY, *PSCEPR_OBJECT_SECURITY;
//
// SVC prototypes
//
SCEPR_STATUS
SceSvcRpcQueryInfo(
[in] SCEPR_CONTEXT Context,
[in] SCEPR_SVCINFO_TYPE SceSvcType,
[in,string] wchar_t *ServiceName,
[in,string,unique] wchar_t *Prefix,
[in] BOOL bExact,
[out] SCEPR_SVCINFO **ppvInfo,
[in,out] SCEPR_ENUM_CONTEXT *psceEnumHandle
);
SCEPR_STATUS
SceSvcRpcSetInfo(
[in] SCEPR_CONTEXT Context,
[in] SCEPR_SVCINFO_TYPE SceSvcType,
[in,string] wchar_t *ServiceName,
[in,string,unique] wchar_t *Prefix,
[in] BOOL bExact,
[in] SCEPR_SVCINFO *pvInfo
);
//
// scesetup prototypes
//
DWORD
SceRpcSetupUpdateObject(
[in] SCEPR_CONTEXT Context,
[in,string] wchar_t *ObjectFullName,
[in] DWORD ObjectType,
[in] UINT nFlag,
[in,string] wchar_t *SDText
);
DWORD
SceRpcSetupMoveFile(
[in] SCEPR_CONTEXT Context,
[in,string] wchar_t *OldName,
[in,string,unique] wchar_t *NewName,
[in,string,unique] wchar_t *SDText
);
DWORD
SceRpcGenerateTemplate(
[in] handle_t binding_h,
[in,string,unique] wchar_t *JetDbName,
[in,string,unique] wchar_t *LogFileName,
[out] SCEPR_CONTEXT *pContext
);
//
// configure system
//
SCEPR_STATUS
SceRpcConfigureSystem(
[in] handle_t binding_h,
[in,string,unique] wchar_t *InfFileName,
[in,string,unique] wchar_t *DatabaseName,
[in,string,unique] wchar_t *LogFileName,
[in] DWORD ConfigOptions,
[in] AREAPR Area,
[in] DWORD pebSize,
[in,size_is(pebSize),unique] UCHAR *pebClient,
[out] DWORD *pdWarning
);
//
// secedit prototypes
//
SCEPR_STATUS
SceRpcGetDatabaseInfo(
[in] SCEPR_CONTEXT Context,
[in] SCEPR_TYPE ProfileType,
[in] AREAPR Area,
[out] SCEPR_PROFILE_INFO **ppInfoBuffer,
[out] SCEPR_ERROR_LOG_INFO **Errlog
);
SCEPR_STATUS
SceRpcGetObjectChildren(
[in] SCEPR_CONTEXT Context,
[in] SCEPR_TYPE ProfileType,
[in] AREAPR Area,
[in,string] wchar_t *ObjectPrefix,
[out] SCEPR_OBJECT_CHILDREN **Buffer,
[out] SCEPR_ERROR_LOG_INFO **Errlog
);
SCEPR_STATUS
SceRpcOpenDatabase(
[in] handle_t binding_h,
[in,string] wchar_t *DatabaseName,
[in] DWORD OpenOption,
[out] SCEPR_CONTEXT *pContext
);
SCEPR_STATUS
SceRpcCloseDatabase(
[in,out] SCEPR_CONTEXT *Context
);
SCEPR_STATUS
SceRpcGetDatabaseDescription(
[in] SCEPR_CONTEXT Context,
[out,string] wchar_t **Description
);
SCEPR_STATUS
SceRpcGetDBTimeStamp(
[in] SCEPR_CONTEXT Context,
[out] PLARGE_INTEGER ptsConfig,
[out] PLARGE_INTEGER ptsAnalysis
);
SCEPR_STATUS
SceRpcGetObjectSecurity(
[in] SCEPR_CONTEXT Context,
[in] SCEPR_TYPE DbProfileType,
[in] AREAPR Area,
[in,string] wchar_t *ObjectName,
[out] SCEPR_OBJECT_SECURITY **ObjSecurity
);
SCEPR_STATUS
SceRpcGetAnalysisSummary(
[in] SCEPR_CONTEXT Context,
[in] AREAPR Area,
[out] DWORD *pCount
);
SCEPR_STATUS
SceRpcAnalyzeSystem(
[in] handle_t binding_h,
[in,string,unique] wchar_t *InfFileName,
[in,string,unique] wchar_t *DatabaseName,
[in,string,unique] wchar_t *LogFileName,
[in] AREAPR Area,
[in] DWORD AnalyzeOptions,
[in] DWORD pebSize,
[in,size_is(pebSize),unique] UCHAR *pebClient,
[out] DWORD *pdWarning
);
SCEPR_STATUS
SceRpcUpdateDatabaseInfo(
[in] SCEPR_CONTEXT Context,
[in] SCEPR_TYPE ProfileType,
[in] AREAPR Area,
[in] SCEPR_PROFILE_INFO *pInfo,
[in] DWORD dwMode
);
SCEPR_STATUS
SceRpcUpdateObjectInfo(
[in] SCEPR_CONTEXT Context,
[in] AREAPR Area,
[in,string] wchar_t *ObjectName,
[in] DWORD NameLen,
[in] BYTE ConfigStatus,
[in] BOOL IsContainer,
[in,unique] SCEPR_SR_SECURITY_DESCRIPTOR *pSD,
[in] SECURITY_INFORMATION SeInfo,
[out, size_is(1)] BYTE *pAnalysisStatus
);
SCEPR_STATUS
SceRpcStartTransaction(
[in] SCEPR_CONTEXT Context
);
SCEPR_STATUS
SceRpcCommitTransaction(
[in] SCEPR_CONTEXT Context
);
SCEPR_STATUS
SceRpcRollbackTransaction(
[in] SCEPR_CONTEXT Context
);
//
// get product type of the server (DS DC, NT4 DC, wks)
//
SCEPR_STATUS
SceRpcGetServerProductType(
[in] handle_t binding_h,
[out] SCEPR_SERVER_TYPE *srvProduct
);
SCEPR_STATUS
SceSvcRpcUpdateInfo(
[in] SCEPR_CONTEXT Context,
[in,string] wchar_t *ServiceName,
[in] SCEPR_SVCINFO *Info
);
SCEPR_STATUS
SceRpcCopyObjects(
[in] SCEPR_CONTEXT Context,
[in] SCEPR_TYPE ProfileType,
[in,string] wchar_t *InfFileName,
[in] AREAPR Area,
[out] SCEPR_ERROR_LOG_INFO **pErrlog
);
SCEPR_STATUS
SceRpcSetupResetLocalPolicy(
[in] SCEPR_CONTEXT Context,
[in] AREAPR Area,
[in,string,unique] wchar_t *OneSectionName,
[in] DWORD PolicyOptions
);
//
// the filter interface - policy change notification
//
typedef struct _SCEPR_SID {
UCHAR Revision;
UCHAR SubAuthorityCount;
SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
[size_is(SubAuthorityCount)] ULONG SubAuthority[*];
} SCEPR_SID, *PSCEPR_SID, **PPSCEPR_SID;
DWORD
SceRpcNotifySaveChangesInGP(
[in] handle_t binding_h,
[in] DWORD DbType,
[in] DWORD DeltaType,
[in] DWORD ObjectType,
[in,unique] SCEPR_SID *ObjectSid,
[in] DWORD ExplicitLowRight,
[in] DWORD ExplicitHighRight
);
DWORD
SceRpcControlNotificationQProcess(
[in] handle_t binding_h,
[in] DWORD Flag
);
//
// register the client callback
//
[callback] SCEPR_STATUS
SceClientCallback(
[in] DWORD ncbTicks,
[in] DWORD ncbTotalTicks,
[in] AREAPR cbArea,
[in,string,unique] wchar_t *szcbName
);
[callback] SCEPR_STATUS
SceClientBrowseCallback(
[in] LONG GpoID,
[in,string,unique] wchar_t *KeyName,
[in,string,unique] wchar_t *GpoName,
[in,unique] SCEPR_SR_SECURITY_DESCRIPTOR *Value
);
SCEPR_STATUS
SceRpcBrowseDatabaseTable(
[in] handle_t binding_h,
[in,string,unique] wchar_t *DatabaseName,
[in] SCEPR_TYPE ProfileType,
[in] AREAPR Area,
[in] BOOL bDomainPolicyOnly
);
[callback] SCEPR_STATUS
SceClientCallbackRsopLog(
[in] AREAPR cbArea,
[in] DWORD ncbErrorStatus,
[in,string,unique] wchar_t *pSettingInfo,
[in] DWORD dwPrivLow,
[in] DWORD dwPrivHigh
);
//
// set/get info to/from system directly
//
SCEPR_STATUS
SceRpcGetSystemSecurityFromHandle(
[in] SCEPR_CONTEXT Context,
[in] AREAPR Area,
[in] DWORD Options,
[out] SCEPR_PROFILE_INFO **ppInfoBuffer,
[out] SCEPR_ERROR_LOG_INFO **Errlog
);
SCEPR_STATUS
SceRpcGetSystemSecurity(
[in] handle_t binding_h,
[in] AREAPR Area,
[in] DWORD Options,
[out] SCEPR_PROFILE_INFO **ppInfoBuffer,
[out] SCEPR_ERROR_LOG_INFO **Errlog
);
SCEPR_STATUS
SceRpcSetSystemSecurityFromHandle(
[in] SCEPR_CONTEXT Context,
[in] AREAPR Area,
[in] DWORD Options,
[in] SCEPR_PROFILE_INFO *pInfoBuffer,
[out] SCEPR_ERROR_LOG_INFO **Errlog
);
SCEPR_STATUS
SceRpcSetSystemSecurity(
[in] handle_t binding_h,
[in] AREAPR Area,
[in] DWORD Options,
[in] SCEPR_PROFILE_INFO *pInfoBuffer,
[out] SCEPR_ERROR_LOG_INFO **Errlog
);
//
// allow get/set/delete a single key
//
SCEPR_STATUS
SceRpcSetDatabaseSetting(
[in] SCEPR_CONTEXT Context,
[in] SCEPR_TYPE ProfileType,
[in,string] wchar_t *SectionName,
[in,string] wchar_t *KeyName,
[in,unique] PSCEPR_VALUEINFO pValueInfo
);
SCEPR_STATUS
SceRpcGetDatabaseSetting(
[in] SCEPR_CONTEXT Context,
[in] SCEPR_TYPE ProfileType,
[in,string] wchar_t *SectionName,
[in,string] wchar_t *KeyName,
[out] PSCEPR_VALUEINFO *pValueInfo
);
DWORD
SceRpcConfigureConvertedFileSecurityImmediately(
[in] handle_t binding_h,
[in,string] wchar_t *pszDriveName
);
////////////////////////////////////////////////////////////////////////////
// //
// END RPC INTERFACE //
// //
////////////////////////////////////////////////////////////////////////////
}