able/windows-nt
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
windows-nt/Source/XPSP1/NT/ds/security/services/scerpc/server/scep.h
CryptoAlgo Inc b3cac27891 Add source files
2020-09-26 16:20:57 +08:00

437 lines
8.1 KiB
C
Raw Permalink Blame History

/*++
Copyright (c) 1996 Microsoft Corporation
Module Name:
scep.h
Abstract:
This module defines the data structures and function prototypes
for the security managment utility
Author:
Jin Huang (jinhuang) 28-Oct-1996
Revision History:
--*/
#ifndef _scep_
#define _scep_
#include "splay.h"
#ifdef __cplusplus
extern "C" {
#endif
//
// system variables
//
#define SCE_RENAME_ADMIN 1
#define SCE_RENAME_GUEST 2
#define SCE_DISABLE_ADMIN 3
#define SCE_DISABLE_GUEST 4
#define SCE_CASE_DONT_CARE 0
#define SCE_CASE_REQUIRED 1
#define SCE_CASE_PREFERED 2
typedef struct _LOCAL_ROOT {
TCHAR drive[5];
BOOL boot;
BOOL aclSupport;
} LOCAL_ROOT;
typedef enum _SCE_ATTACHMENT_TYPE_ {
SCE_ATTACHMENT_SERVICE,
SCE_ATTACHMENT_POLICY
} SCE_ATTACHMENT_TYPE;
typedef enum _SECURITY_OPEN_TYPE
{
READ_ACCESS_RIGHTS = 0,
WRITE_ACCESS_RIGHTS,
MODIFY_ACCESS_RIGHTS,
} SECURITY_OPEN_TYPE, *PSECURITY_OPEN_TYPE;
//
// data structures used for secmgr
//
typedef struct _SCE_OBJECT_TREE {
PWSTR Name;
PWSTR ObjectFullName;
BOOL IsContainer;
BYTE Status;
SECURITY_INFORMATION SeInfo;
PSECURITY_DESCRIPTOR pSecurityDescriptor;
PSECURITY_DESCRIPTOR pApplySecurityDescriptor;
PWSTR *aChildNames;
DWORD dwSize_aChildNames;
struct _SCE_OBJECT_CHILD_LIST *ChildList;
struct _SCE_OBJECT_TREE *Parent;
}SCE_OBJECT_TREE, *PSCE_OBJECT_TREE;
typedef struct _SCE_OBJECT_CHILD_LIST {
PSCE_OBJECT_TREE Node;
struct _SCE_OBJECT_CHILD_LIST *Next;
} SCE_OBJECT_CHILD_LIST, *PSCE_OBJECT_CHILD_LIST;
typedef enum _SCE_SUBOBJECT_TYPE {
SCE_ALL_CHILDREN,
SCE_IMMEDIATE_CHILDREN
} SCE_SUBOBJECT_TYPE;
//
// prototypes defined in misc.c
//
NTSTATUS
ScepOpenSamDomain(
IN ACCESS_MASK ServerAccess,
IN ACCESS_MASK DomainAccess,
OUT PSAM_HANDLE pServerHandle,
OUT PSAM_HANDLE pDomainHanele,
OUT PSID *DomainSid,
OUT PSAM_HANDLE pBuiltinDomainHandle OPTIONAL,
OUT PSID *BuiltinDomainSid OPTIONAL
);
NTSTATUS
ScepLookupNamesInDomain(
IN SAM_HANDLE DomainHandle,
IN PSCE_NAME_LIST NameList,
OUT PUNICODE_STRING *Names,
OUT PULONG *RIDs,
OUT PSID_NAME_USE *Use,
OUT PULONG CountOfName
);
NTSTATUS
ScepGetLsaDomainInfo(
PPOLICY_ACCOUNT_DOMAIN_INFO *PolicyAccountDomainInfo,
PPOLICY_PRIMARY_DOMAIN_INFO *PolicyPrimaryDomainInfo
);
DWORD
ScepGetTempDirectory(
IN PWSTR HomeDir,
OUT PWSTR TempDirectory
);
VOID
ScepConvertLogonHours(
IN PSCE_LOGON_HOUR pLogonHours,
OUT PUCHAR LogonHourBitMask
);
DWORD
ScepConvertToSceLogonHour(
IN PUCHAR LogonHourBitMask,
OUT PSCE_LOGON_HOUR *pLogonHours
);
NTSTATUS
ScepGetGroupsForAccount(
IN SAM_HANDLE DomainHandle,
IN SAM_HANDLE BuiltinDomainHandle,
IN SAM_HANDLE UserHandle,
IN PSID AccountSid,
OUT PSCE_NAME_LIST *GroupList
);
ACCESS_MASK
ScepGetDesiredAccess(
IN SECURITY_OPEN_TYPE OpenType,
IN SECURITY_INFORMATION SecurityInfo
);
#define SCE_ACCOUNT_SID 0x1
#define SCE_ACCOUNT_SID_STRING 0x2
SCESTATUS
ScepGetProfileOneArea(
IN PSCECONTEXT hProfile,
IN SCETYPE ProfileType,
IN AREA_INFORMATION Area,
IN DWORD dwAccountFormat,
OUT PSCE_PROFILE_INFO *ppInfoBuffer
);
SCESTATUS
ScepGetOneSection(
IN PSCECONTEXT hProfile,
IN AREA_INFORMATION Area,
IN PWSTR Name,
IN SCETYPE ProfileType,
OUT PVOID *ppInfo
);
NTSTATUS
ScepGetUserAccessAddress(
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
IN PSID AccountSid,
OUT PACCESS_MASK *pUserAccess,
OUT PACCESS_MASK *pEveryone
);
BOOL
ScepLastBackSlash(
IN PWSTR Name
);
DWORD
ScepGetUsersHomeDirectory(
IN UNICODE_STRING AssignedHomeDir,
IN PWSTR UserProfileName,
OUT PWSTR *UserHomeDir
);
DWORD
ScepGetUsersTempDirectory(
IN PWSTR UserProfileName,
OUT PWSTR *UserTempDir
);
DWORD
ScepGetUsersProfileName(
IN UNICODE_STRING AssignedProfile,
IN PSID AccountSid,
IN BOOL bDefault,
OUT PWSTR *UserProfilePath
);
SCESTATUS
ScepGetRegKeyCase(
IN PWSTR ObjName,
IN DWORD BufOffset,
IN DWORD BufLen
);
SCESTATUS
ScepGetFileCase(
IN PWSTR ObjName,
IN DWORD BufOffset,
IN DWORD BufLen
);
SCESTATUS
ScepGetGroupCase(
IN OUT PWSTR GroupName,
IN DWORD Length
);
//
// prototypes defined in pfget.c
//
SCESTATUS
ScepGetUserSection(
IN PSCECONTEXT hProfile,
IN SCETYPE ProfileType,
IN PWSTR Name,
OUT PVOID *ppInfo,
OUT PSCE_ERROR_LOG_INFO *Errlog OPTIONAL
);
SCESTATUS
ScepWriteObjectSecurity(
IN PSCECONTEXT hProfile,
IN SCETYPE ProfileType,
IN AREA_INFORMATION Area,
IN PSCE_OBJECT_SECURITY ObjSecurity
);
//
// function defined in inftojet.c
//
SCESTATUS
SceJetConvertInfToJet(
IN PCWSTR InfFile,
IN LPSTR JetDbName,
IN SCEJET_CREATE_TYPE Flags,
IN DWORD Options,
IN AREA_INFORMATION Area
);
SCESTATUS
ScepDeleteInfoForAreas(
IN PSCECONTEXT hProfile,
IN SCETYPE tblType,
IN AREA_INFORMATION Area
);
//
// analyze.cpp
//
DWORD
ScepCompareAndAddObject(
IN PWSTR ObjectFullName,
IN SE_OBJECT_TYPE ObjectType,
IN BOOL IsContainer,
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
IN PSECURITY_DESCRIPTOR ProfileSD,
IN SECURITY_INFORMATION ProfileSeInfo,
IN BOOL AddObject,
OUT PBYTE IsDifferent OPTIONAL
);
DWORD
ScepGetNamedSecurityInfo(
IN PWSTR ObjectFullName,
IN SE_OBJECT_TYPE ObjectType,
IN SECURITY_INFORMATION ProfileSeInfo,
OUT PSECURITY_DESCRIPTOR *ppSecurityDescriptor
);
DWORD
ScepSaveDsStatusToSection(
IN PWSTR ObjectName,
IN BOOL IsContainer,
IN BYTE Flag,
IN PWSTR Value,
IN DWORD ValueLen
);
SCESTATUS
ScepSaveMemberMembershipList(
IN LSA_HANDLE LsaPolicy,
IN PCWSTR szSuffix,
IN PWSTR GroupName,
IN DWORD GroupLen,
IN PSCE_NAME_LIST pList,
IN INT Status
);
SCESTATUS
ScepRaiseErrorString(
IN PSCESECTION hSectionIn OPTIONAL,
IN PWSTR KeyName,
IN PCWSTR szSuffix OPTIONAL
);
// DsObject.cpp
SCESTATUS
ScepConfigureDsSecurity(
IN PSCE_OBJECT_TREE pObject
);
DWORD
ScepAnalyzeDsSecurity(
IN PSCE_OBJECT_TREE pObject
);
SCESTATUS
ScepEnumerateDsObjectRoots(
IN PLDAP pLdap OPTIONAL,
OUT PSCE_OBJECT_LIST *pRoots
);
DWORD
ScepConvertJetNameToLdapCase(
IN PWSTR JetName,
IN BOOL bLastComponent,
IN BYTE bCase,
OUT PWSTR *LdapName
);
SCESTATUS
ScepLdapOpen(
OUT PLDAP *pLdap OPTIONAL
);
SCESTATUS
ScepLdapClose(
IN OUT PLDAP *pLdap OPTIONAL
);
SCESTATUS
ScepDsObjectExist(
IN PWSTR ObjectName
);
SCESTATUS
ScepEnumerateDsOneLevel(
IN PWSTR ObjectName,
OUT PSCE_NAME_LIST *pNameList
);
// dsgroups.cpp
SCESTATUS
ScepConfigDsGroups(
IN PSCE_GROUP_MEMBERSHIP pGroupMembership,
IN DWORD ConfigOptions
);
SCESTATUS
ScepAnalyzeDsGroups(
IN PSCE_GROUP_MEMBERSHIP pGroupMembership
);
//
// editsave.cpp
//
BYTE
ScepGetObjectAnalysisStatus(
IN PSCESECTION hSection,
IN PWSTR KeyName,
IN BOOL bLookForParent
);
//
// config.cpp
//
#define SCE_BUILD_IGNORE_UNKNOWN 0x1
#define SCE_BUILD_ACCOUNT_SID 0x2
#define SCE_BUILD_ENUMERATE_PRIV 0x4
#define SCE_BUILD_ACCOUNT_SID_STRING 0x8
NTSTATUS
ScepBuildAccountsToRemove(
IN LSA_HANDLE PolicyHandle,
IN DWORD PrivLowMask,
IN DWORD PrivHighMask,
IN DWORD dwBuildRule,
IN PSCE_PRIVILEGE_VALUE_LIST pTemplateList OPTIONAL,
IN DWORD Options OPTIONAL,
IN OUT PSCEP_SPLAY_TREE pIgnoreAccounts OPTIONAL,
OUT PSCE_PRIVILEGE_VALUE_LIST *pRemoveList
);
SCESTATUS
ScepEnumAttachmentSections(
IN PSCECONTEXT cxtProfile,
OUT PSCE_NAME_LIST *ppList
);
SCESTATUS
ScepConvertFreeTextAccountToSid(
IN OUT LSA_HANDLE *pPolicyHandle,
IN PWSTR mszAccounts,
IN ULONG dwLen,
OUT PWSTR *pmszNewAccounts,
OUT DWORD *pNewLen
);
#ifdef __cplusplus
}
#endif
#endif
Reference in a new issue View git blame Copy permalink