/**********************************************************************/ /** Microsoft Windows NT **/ /** Copyright(c) Microsoft Corp., 1992 **/ /**********************************************************************/ /* NTAcUtil.hxx This file contains the definitions for the NT Accounts Utility class and spurious other things. FILE HISTORY: JohnL 13-Mar-1992 Created thomaspa 14-May-1992 Added GetQualifiedAccountNames KeithMo 20-Jul-1992 Added ValidateQualifiedAccountName. DavidHov 18-Aug-1992 Added UI_SID_Replicator Johnl 09-Feb-1993 Added UI_SID_CurrentProcessUser */ #ifndef _NTACUTIL_HXX_ #define _NTACUTIL_HXX_ /* It is this character that separates the domain and account name. */ #define QUALIFIED_ACCOUNT_SEPARATOR TCH('\\') // Forward declarations DLL_CLASS STRLIST; DLL_CLASS LSA_POLICY; DLL_CLASS LSA_TRANSLATED_NAME_MEM; DLL_CLASS LSA_REF_DOMAIN_MEM; DLL_CLASS SAM_DOMAIN; /* Possible SIDs that can be retrieved using QuerySystemSid. */ enum UI_SystemSid { /* Well known SIDs */ UI_SID_Null = 0, UI_SID_World, UI_SID_Local, UI_SID_CreatorOwner, UI_SID_CreatorGroup, UI_SID_NTAuthority, UI_SID_Dialup, UI_SID_Network, UI_SID_Batch, UI_SID_Interactive, UI_SID_Service, UI_SID_BuiltIn, UI_SID_System, UI_SID_Restricted, UI_SID_Admins, UI_SID_Users, UI_SID_Guests, UI_SID_PowerUsers, UI_SID_AccountOperators, UI_SID_SystemOperators, UI_SID_PrintOperators, UI_SID_BackupOperators, /* Other miscellaneous useful SIDs */ UI_SID_CurrentProcessOwner, // Generally logged on user SID, maybe // special like Administrators UI_SID_CurrentProcessPrimaryGroup, UI_SID_Replicator, UI_SID_CurrentProcessUser, // Always the logged on user SID /* This special value can be used for initializing enum UI_SystemSid * variables with a known unused quantity. This value should never * be passed to QuerySystemSid. */ UI_SID_Invalid = -1 } ; /************************************************************************* NAME: NT_ACCOUNTS_UTILITY SYNOPSIS: This class provides a wrapper for some common utility functions INTERFACE: BuildQualifedAccountName() Builds a fully qualified Account name of the form "NtProject\JohnL" or "NtProject\JohnL (Ludeman, John)" CrackQualifiedAccountName() Breaks a qualified Account name into its components QuerySystemSid() Retrieves the requested UI_SystemSid's PSID. GetQualifiedAccountNames() returns a list of qualifed account names, including getting the Full Name for users if desired. ValidateQualifiedAccountName() Validates the (optional) domain name and the user name. Uses ::I_MNetNameValidate for name validation. PARENT: None (non-instantiable) USES: OS_SID, NLS_STR CAVEATS: NOTES: HISTORY: Johnl 13-Mar-1992 Created Thomaspa 07-May-1992 Added GetQualifiedAccountNames() KeithMo 20-Jul-1992 Added ValidateQualifiedAccountName. **************************************************************************/ DLL_CLASS NT_ACCOUNTS_UTILITY { private: static APIERR W_BuildQualifiedAccountName( NLS_STR * pnlsQualifiedAccountName, const NLS_STR & nlsAccountName, const NLS_STR * pnlsFullName, SID_NAME_USE sidType ); public: static APIERR BuildQualifiedAccountName( NLS_STR * pnlsQualifedAccountName, const NLS_STR & nlsAccountName, const NLS_STR & nlsDomainName, const NLS_STR * pnlsFullName = NULL, const NLS_STR * pnlsCurrentDomain = NULL, SID_NAME_USE sidType = SidTypeUser ) ; static APIERR BuildQualifiedAccountName( NLS_STR * pnlsQualifedAccountName, const NLS_STR & nlsAccountName, PSID psidDomain, const NLS_STR & nlsDomainName, const NLS_STR * pnlsFullName = NULL, PSID psidCurrentDomain = NULL, SID_NAME_USE sidType = SidTypeUser ) ; static APIERR CrackQualifiedAccountName( const NLS_STR & nlsQualifedAccountName, NLS_STR * pnlsAccountName, NLS_STR * pnlsDomainName = NULL ) ; static APIERR ValidateQualifiedAccountName( const NLS_STR & nlsQualifiedAccountName, BOOL * pfInvalidDomain = NULL ); static APIERR QuerySystemSid( enum UI_SystemSid SystemSid, OS_SID * possidWellKnownSid, const TCHAR * pszServer = NULL ) ; #if 0 // uncomment if needed static APIERR IsEqualToSystemSid( BOOL * pfIsEqual, enum UI_SystemSid SystemSid, const OS_SID & ossidCompare, const TCHAR * pszServer = NULL ) ; #endif /* Wrapper around RtlAllocateAndInitializeSid */ static APIERR BuildAndCopySysSid( OS_SID *possid, PSID_IDENTIFIER_AUTHORITY pIDAuthority, UCHAR cSubAuthorities, ULONG ulSubAuthority0 = 0, ULONG ulSubAuthority1 = 0, ULONG ulSubAuthority2 = 0, ULONG ulSubAuthority3 = 0, ULONG ulSubAuthority4 = 0, ULONG ulSubAuthority5 = 0, ULONG ulSubAuthority6 = 0, ULONG ulSubAuthority7 = 0); // // Note that the only difference between the following two methods is // that the first takes a PSID for the focused SAM_DOMAIN, the second // takes a SAM_DOMAIN object and derefernces its PSID. // static APIERR GetQualifiedAccountNames( LSA_POLICY & lsapol, const PSID psidSamDomainFocus, const PSID * ppsids, ULONG cSids, BOOL fFullNames, STRLIST * pstrlistQualifiedNames = NULL, ULONG * afUserFlags = NULL, SID_NAME_USE * aSidType = NULL, APIERR * perrNonFatal = NULL, const TCHAR * pszServer = NULL, STRLIST * pstrlistAccountNames = NULL, STRLIST * pstrlistFullNames = NULL, STRLIST * pstrlistComments = NULL, STRLIST * pstrlistDomainNames = NULL ) ; static APIERR GetQualifiedAccountNames( LSA_POLICY & lsapol, const SAM_DOMAIN & samdomFocus, const PSID * ppsids, ULONG cSids, BOOL fFullNames, STRLIST * pstrlistQualifiedNames = NULL, ULONG * afUserFlags = NULL, SID_NAME_USE * aSidType = NULL, APIERR * perrNonFatal = NULL, const TCHAR * pszServer = NULL, STRLIST * pstrlistAccountNames = NULL, STRLIST * pstrlistFullNames = NULL, STRLIST * pstrlistComments = NULL, STRLIST * pstrlistDomainNames = NULL ) ; } ; #endif //_NTACUTIL_HXX_