able/windows-nt
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
windows-nt/Source/XPSP1/NT/ds/security/base/lsa/server/lsawmi.h

312 lines
8.2 KiB
C
Raw Normal View History

Add source files
2020-09-26 03:20:57 -05:00
#ifndef _LSAWMI_H
#define _LSAWMI_H
/*++
copyright (c) 1998 Microsoft Corporation
Module Name:
LSAWMI.H
Abstract:
Implement LSA server event trace by using WMI trace infrastructure.
Author:
16-March-1999 kumarp
Revision History:
--*/
#include <wmistr.h>
#include <evntrace.h>
extern ULONG LsapEventTraceFlag;
extern TRACEHANDLE LsapTraceRegistrationHandle;
extern TRACEHANDLE LsapTraceLoggerHandle;
//
// The following "typedef enum" actually is the index of
// TRACE_GUID_REGISTRATION struct entry in the array LsapTraceGuids[].
// Each enum defines an event that is to be traced using WMI tracing.
//
// To add WMI tracing to a function Foo do the following steps:
// - add an entry (LsaTraceEvent_Foo) to LSA_TRACE_EVENT_TYPE below
// - generate a new guid using uuidgen.exe -s
// - add a DEFINE_GUID entry at the end of this file using this guid
// - add a corresponding entry (LsaTraceEventGuid_Foo) to LsapTraceGuids[]
// - add a corresponding entry to lsasrv.mof file
// - at the beginning of function Foo insert the following call:
// LsapTraceEvent(EVENT_TRACE_TYPE_START, LsaTraceEvent_Foo);
// - at the end of function Foo insert the following call:
// LsapTraceEvent(EVENT_TRACE_TYPE_END, LsaTraceEvent_Foo);
//
// Make sure that Foo returns only from one location, otherwise the
// LsapTraceEvent calls will not be balanced.
//
typedef enum _LSA_TRACE_EVENT_TYPE {
LsaTraceEvent_QuerySecret=0,
LsaTraceEvent_Close,
LsaTraceEvent_OpenPolicy,
LsaTraceEvent_QueryInformationPolicy,
LsaTraceEvent_SetInformationPolicy,
LsaTraceEvent_EnumerateTrustedDomains,
LsaTraceEvent_LookupNames,
LsaTraceEvent_LookupSids,
LsaTraceEvent_OpenTrustedDomain,
LsaTraceEvent_QueryInfoTrustedDomain,
LsaTraceEvent_SetInformationTrustedDomain,
// LsaTraceEvent_QueryInformationPolicy2,
// LsaTraceEvent_SetInformationPolicy2,
LsaTraceEvent_QueryTrustedDomainInfoByName,
LsaTraceEvent_SetTrustedDomainInfoByName,
LsaTraceEvent_EnumerateTrustedDomainsEx,
LsaTraceEvent_CreateTrustedDomainEx,
LsaTraceEvent_QueryDomainInformationPolicy,
LsaTraceEvent_SetDomainInformationPolicy,
LsaTraceEvent_OpenTrustedDomainByName,
LsaTraceEvent_QueryForestTrustInformation,
LsaTraceEvent_SetForestTrustInformation,
LsaTraceEvent_LookupIsolatedNameInTrustedDomains,
} LSA_TRACE_EVENT_TYPE;
NTSTATUS
LsapStartWmiTraceInitThread(void);
#ifdef __cplusplus
extern "C" {
#endif // __cplusplus
VOID
LsapTraceEvent(
IN ULONG WmiEventType,
IN LSA_TRACE_EVENT_TYPE LsaTraceEventType
);
VOID
LsapTraceEventWithData(
IN ULONG WmiEventType,
IN LSA_TRACE_EVENT_TYPE LsaTraceEventType,
IN ULONG ItemCount,
IN PUNICODE_STRING Items OPTIONAL
);
LPWSTR
LsapGetClientNetworkAddress(
VOID
);
#ifdef __cplusplus
}
#endif // __cplusplus
//
// Control GUID for the group of GUIDs that define LSA WMI tracing
//
DEFINE_GUID ( /* cc85922f-db41-11d2-9244-006008269001 */
LsapTraceControlGuid,
0xcc85922f,
0xdb41,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* cc85922e-db41-11d2-9244-006008269001 */
LsapTraceEventGuid_QuerySecret,
0xcc85922e,
0xdb41,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe3b-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_Close,
0x2306fe3b,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe3a-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_OpenPolicy,
0x2306fe3a,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe39-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_QueryInformationPolicy,
0x2306fe39,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe38-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_SetInformationPolicy,
0x2306fe38,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe37-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_EnumerateTrustedDomains,
0x2306fe37,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe36-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_LookupNames,
0x2306fe36,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe35-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_LookupSids,
0x2306fe35,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe34-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_OpenTrustedDomain,
0x2306fe34,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe33-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_QueryInfoTrustedDomain,
0x2306fe33,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe32-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_SetInformationTrustedDomain,
0x2306fe32,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
// DEFINE_GUID ( /* 2306fe31-dbf6-11d2-9244-006008269001 */
// LsaTraceEventGuid_QueryInformationPolicy2,
// 0x2306fe31,
// 0xdbf6,
// 0x11d2,
// 0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
// );
// DEFINE_GUID ( /* 2306fe30-dbf6-11d2-9244-006008269001 */
// LsaTraceEventGuid_SetInformationPolicy2,
// 0x2306fe30,
// 0xdbf6,
// 0x11d2,
// 0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
// );
DEFINE_GUID ( /* 2306fe2f-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_QueryTrustedDomainInfoByName,
0x2306fe2f,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe2e-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_SetTrustedDomainInfoByName,
0x2306fe2e,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe2d-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_EnumerateTrustedDomainsEx,
0x2306fe2d,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe2c-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_CreateTrustedDomainEx,
0x2306fe2c,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe2b-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_QueryDomainInformationPolicy,
0x2306fe2b,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe2a-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_SetDomainInformationPolicy,
0x2306fe2a,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* 2306fe29-dbf6-11d2-9244-006008269001 */
LsaTraceEventGuid_OpenTrustedDomainByName,
0x2306fe29,
0xdbf6,
0x11d2,
0x92, 0x44, 0x00, 0x60, 0x08, 0x26, 0x90, 0x01
);
DEFINE_GUID ( /* e28ee0eb-6181-49df-b859-2f3fd289a2d1 */
LsaTraceEventGuid_QueryForestTrustInformation,
0xe28ee0eb,
0x6181,
0x49df,
0xb8, 0x59, 0x2f, 0x3f, 0xd2, 0x89, 0xa2, 0xd1
);
DEFINE_GUID ( /* 3d2c9e3e-bb19-4617-8489-cabb9787de7d */
LsaTraceEventGuid_SetForestTrustInformation,
0x3d2c9e3e,
0xbb19,
0x4617,
0x84, 0x89, 0xca, 0xbb, 0x97, 0x87, 0xde, 0x7d
);
DEFINE_GUID ( /* 2484dc26-49d3-4085-a6e4-4972115cb3c0 */
LsaTraceEventGuid_LookupIsolatedNameInTrustedDomains,
0x2484dc26,
0x49d3,
0x4085,
0xa6, 0xe4, 0x49, 0x72, 0x11, 0x5c, 0xb3, 0xc0
);
#endif /* _LSAWMI_H */
Reference in a new issue Copy permalink