able/windows-nt
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
windows-nt/Source/XPSP1/NT/ds/published/inc/secedit.w
CryptoAlgo Inc b3cac27891 Add source files
2020-09-26 16:20:57 +08:00

1113 lines
28 KiB
OpenEdge ABL
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*++
Copyright (c) 1996 Microsoft Corporation
Module Name:
secedit.h
Abstract:
This module defines the exported data structures and function prototypes
for the security managment utility
Author:
Jin Huang (jinhuang) 28-Oct-1996
Revision History:
--*/
#ifndef _secedit_
#define _secedit_
#ifdef __cplusplus
extern "C"{
#endif
//
// definition for areas
//
#ifndef SCE_AREA_DEFINED
#define SCE_AREA_DEFINED
typedef DWORD AREA_INFORMATION;
#define AREA_SECURITY_POLICY 0x0001L
#define AREA_USER_SETTINGS 0x0002L
#define AREA_GROUP_MEMBERSHIP 0x0004L
#define AREA_PRIVILEGES 0x0008L
#define AREA_DS_OBJECTS 0x0010L
#define AREA_REGISTRY_SECURITY 0x0020L
#define AREA_FILE_SECURITY 0x0040L
#define AREA_SYSTEM_SERVICE 0x0080L
#define AREA_ATTACHMENTS 0x8000L
#define AREA_ALL 0xFFFFL
#endif
//
// Other constants
//
#define AREA_PASSWORD_POLICY 0x0100L
#define AREA_LOCKOUT_POLICY 0x0200L
#define AREA_KERBEROS_POLICY 0x0400L
#define AREA_ACCOUNT_POLICY (AREA_PASSWORD_POLICY | \
AREA_LOCKOUT_POLICY | \
AREA_KERBEROS_POLICY)
#define AREA_AUDIT_POLICY 0x0800L
#define AREA_SECURITY_OPTIONS 0x1000L
#define AREA_LOCAL_POLICY (AREA_AUDIT_POLICY |\
AREA_PRIVILEGES |\
AREA_SECURITY_OPTIONS)
#define AREA_LOG_POLICY 0x2000L
#define SCE_STATUS_CHECK 0
#define SCE_STATUS_IGNORE 1
#define SCE_STATUS_OVERWRITE 2
#define SCE_STATUS_NO_AUTO_INHERIT 4
#define SCE_STATUS_IN 0
#define SCE_STATUS_NOT_IN 1
#define SCE_STATUS_NO_ACL_SUPPORT 3
#define SCE_STATUS_GOOD 0
#define SCE_STATUS_MISMATCH 1
#define SCE_STATUS_CHILDREN_CONFIGURED 2
#define SCE_STATUS_NOT_CONFIGURED 4
#define SCE_STATUS_ERROR_NOT_AVAILABLE 5
#define SCE_STATUS_NEW_SERVICE 6
#define SCE_STATUS_NOT_ANALYZED 7
#define SCE_STATUS_PERMISSION_MISMATCH 0x40
#define SCE_STATUS_AUDIT_MISMATCH 0x80
#ifdef _WIN64
#define SCE_SETUP_32KEY 0x2000L
#endif
typedef enum _SCE_TYPE {
SCE_ENGINE_SYSTEM=300,
SCE_ENGINE_GPO,
SCE_ENGINE_SCP, // effective table
SCE_ENGINE_SAP, // analysis table
SCE_ENGINE_SCP_INTERNAL,
SCE_ENGINE_SMP_INTERNAL,
SCE_ENGINE_SMP, // local table
SCE_STRUCT_INF,
SCE_STRUCT_PROFILE,
SCE_STRUCT_USER,
SCE_STRUCT_NAME_LIST,
SCE_STRUCT_NAME_STATUS_LIST,
SCE_STRUCT_PRIVILEGE,
SCE_STRUCT_GROUP,
SCE_STRUCT_OBJECT_LIST,
SCE_STRUCT_OBJECT_CHILDREN,
SCE_STRUCT_OBJECT_SECURITY,
SCE_STRUCT_OBJECT_ARRAY,
SCE_STRUCT_ERROR_LOG_INFO,
SCE_STRUCT_SERVICES,
SCE_STRUCT_PRIVILEGE_VALUE_LIST
} SCETYPE;
typedef enum _SCE_FORMAT_TYPE_ {
SCE_INF_FORMAT=1,
SCE_JET_FORMAT,
SCE_JET_ANALYSIS_REQUIRED
} SCE_FORMAT_TYPE, *PSCE_FORMAT_TYPE;
static const WCHAR szMembers[] = L"__Members";
static const WCHAR szMemberof[] = L"__Memberof";
static const WCHAR szPrivileges[] = L"__Privileges";
#define SCE_BUF_LEN 1024
#define SCE_FOREVER_VALUE (DWORD)-1
#define SCE_NO_VALUE (DWORD)-2
#define SCE_KERBEROS_OFF_VALUE (DWORD)-3
#define SCE_DELETE_VALUE (DWORD)-4
#define SCE_SNAPSHOT_VALUE (DWORD)-5
#define SCE_NOT_ANALYZED_VALUE (DWORD)-6
#define SCE_ERROR_VALUE (DWORD)-7
#ifndef _SCE_SHARED_HEADER
#define _SCE_SHARED_HEADER
typedef DWORD SCESTATUS;
#define SCESTATUS_SUCCESS 0L
#define SCESTATUS_INVALID_PARAMETER 1L
#define SCESTATUS_RECORD_NOT_FOUND 2L
#define SCESTATUS_INVALID_DATA 3L
#define SCESTATUS_OBJECT_EXIST 4L
#define SCESTATUS_BUFFER_TOO_SMALL 5L
#define SCESTATUS_PROFILE_NOT_FOUND 6L
#define SCESTATUS_BAD_FORMAT 7L
#define SCESTATUS_NOT_ENOUGH_RESOURCE 8L
#define SCESTATUS_ACCESS_DENIED 9L
#define SCESTATUS_CANT_DELETE 10L
#define SCESTATUS_PREFIX_OVERFLOW 11L
#define SCESTATUS_OTHER_ERROR 12L
#define SCESTATUS_ALREADY_RUNNING 13L
#define SCESTATUS_SERVICE_NOT_SUPPORT 14L
#define SCESTATUS_MOD_NOT_FOUND 15L
#define SCESTATUS_EXCEPTION_IN_SERVER 16L
#define SCESTATUS_NO_TEMPLATE_GIVEN 17L
#define SCESTATUS_NO_MAPPING 18L
#define SCESTATUS_TRUST_FAIL 19L
#define SCESTATUS_JET_DATABASE_ERROR 20L
#define SCESTATUS_TIMEOUT 21L
#define SCESTATUS_PENDING_IGNORE 22L
#define SCESTATUS_SPECIAL_ACCOUNT 23L
//
// defined for services
//
typedef struct _SCESVC_CONFIGURATION_LINE_ {
LPTSTR Key;
LPTSTR Value;
DWORD ValueLen; // number of bytes
} SCESVC_CONFIGURATION_LINE, *PSCESVC_CONFIGURATION_LINE;
typedef struct _SCESVC_CONFIGURATION_INFO_ {
DWORD Count;
PSCESVC_CONFIGURATION_LINE Lines;
} SCESVC_CONFIGURATION_INFO, *PSCESVC_CONFIGURATION_INFO;
typedef PVOID SCE_HANDLE;
typedef ULONG SCE_ENUMERATION_CONTEXT, *PSCE_ENUMERATION_CONTEXT;
#define SCESVC_ENUMERATION_MAX 100L
typedef enum _SCESVC_INFO_TYPE {
SceSvcConfigurationInfo,
SceSvcMergedPolicyInfo,
SceSvcAnalysisInfo,
SceSvcInternalUse // !!!do not use this type!!!
} SCESVC_INFO_TYPE;
// root path for SCE key
#define SCE_ROOT_PATH TEXT("Software\\Microsoft\\Windows NT\\CurrentVersion\\SeCEdit")
#define SCE_ROOT_SERVICE_PATH \
SCE_ROOT_PATH TEXT("\\SvcEngs")
#endif
//
// All section names defined in the SCP/SAP profiles.
//
static const WCHAR szDescription[] = L"Profile Description";
static const WCHAR szAttachments[] = L"Attachment Sections";
static const WCHAR szSystemAccess[] = L"System Access";
static const WCHAR szPrivilegeRights[] = L"Privilege Rights";
static const WCHAR szGroupMembership[] = L"Group Membership";
static const WCHAR szAccountProfiles[] = L"Account Profiles";
static const WCHAR szRegistryKeys[] = L"Registry Keys";
static const WCHAR szFileSecurity[] = L"File Security";
static const WCHAR szDSSecurity[] = L"DS Security";
static const WCHAR szAuditSystemLog[] = L"System Log";
static const WCHAR szAuditSecurityLog[] = L"Security Log";
static const WCHAR szAuditApplicationLog[] = L"Application Log";
static const WCHAR szAuditEvent[] = L"Event Audit";
static const WCHAR szUserList[] = L"User List";
static const WCHAR szServiceGeneral[] = L"Service General Setting";
static const WCHAR szKerberosPolicy[] = L"Kerberos Policy";
static const WCHAR szRegistryValues[] = L"Registry Values";
//
// A list of names (e.g., users, groups, machines, and etc)
//
typedef struct _SCE_NAME_LIST {
PWSTR Name;
struct _SCE_NAME_LIST *Next;
}SCE_NAME_LIST, *PSCE_NAME_LIST;
//
// a list of accounts with privileges held
//
typedef struct _SCE_PRIVILEGE_VALUE_LIST {
PWSTR Name;
DWORD PrivLowPart;
DWORD PrivHighPart;
struct _SCE_PRIVILEGE_VALUE_LIST *Next;
}SCE_PRIVILEGE_VALUE_LIST, *PSCE_PRIVILEGE_VALUE_LIST;
//
// structure for error info
//
typedef struct _SCE_ERROR_LOG_INFO{
PWSTR buffer;
DWORD rc;
struct _SCE_ERROR_LOG_INFO *next;
} SCE_ERROR_LOG_INFO, *PSCE_ERROR_LOG_INFO;
//
// The privileges/rights each user/group holds are saved into a INT field -
// PrivilegeRights. The first bit in this field is the first right defined
// in the SCE_Privileges array as above. The second bit is the second right
// defined in that array, and so on.
//
#define cPrivCnt 37
#define cPrivW2k 34
typedef struct _SCE_PRIVILEGE_ASSIGNMENT {
PWSTR Name;
DWORD Value;
// This value could be translated by SceLookupPrivByValue
// The reason we define another set of privilege values is
// we include both privilege and user rights into one set
// (user rights do not have priv value on NT system).
PSCE_NAME_LIST AssignedTo;
// SCE_STATUS_GOOD
// SCE_STATUS_MISMATCH
// SCE_STATUS_NOT_CONFIGURED
// SCE_DELETE_VALUE indicates that this priv is deleted from local table
DWORD Status;
struct _SCE_PRIVILEGE_ASSIGNMENT *Next;
} SCE_PRIVILEGE_ASSIGNMENT, *PSCE_PRIVILEGE_ASSIGNMENT;
//
// A list of log on hours range
//
typedef struct _SCE_LOGON_HOUR {
DWORD Start;
DWORD End;
struct _SCE_LOGON_HOUR *Next;
}SCE_LOGON_HOUR, *PSCE_LOGON_HOUR;
//
// A list of names (e.g., users, groups, machines, and etc)
// with a status (e.g., disabled )
//
typedef struct _SCE_NAME_STATUS_LIST {
PWSTR Name;
DWORD Status;
struct _SCE_NAME_STATUS_LIST *Next;
}SCE_NAME_STATUS_LIST, *PSCE_NAME_STATUS_LIST;
//
// Structure definition for service list (service dll)
//
#define SCE_STARTUP_BOOT 0x00
#define SCE_STARTUP_SYSTEM 0x01
#define SCE_STARTUP_AUTOMATIC 0x02
#define SCE_STARTUP_MANUAL 0x03
#define SCE_STARTUP_DISABLED 0x04
typedef struct _SCE_SERVICES_ {
PWSTR ServiceName;
PWSTR DisplayName;
BYTE Status;
BYTE Startup;
union {
PSECURITY_DESCRIPTOR pSecurityDescriptor;
PWSTR ServiceEngineName;
} General;
SECURITY_INFORMATION SeInfo;
struct _SCE_SERVICES_ *Next;
}SCE_SERVICES, *PSCE_SERVICES;
//
// Group memberships
//
#define SCE_GROUP_STATUS_MEMBERS_MISMATCH 0x01
#define SCE_GROUP_STATUS_MEMBEROF_MISMATCH 0x02
#define SCE_GROUP_STATUS_NC_MEMBERS 0x04
#define SCE_GROUP_STATUS_NC_MEMBEROF 0x08
#define SCE_GROUP_STATUS_NOT_ANALYZED 0x10
#define SCE_GROUP_STATUS_ERROR_ANALYZED 0x20
typedef struct _SCE_GROUP_MEMBERSHIP {
PWSTR GroupName;
PSCE_NAME_LIST pMembers;
PSCE_NAME_LIST pMemberOf;
DWORD Status;
//
// pPrivilegesHeld is for analysis only.
// The format of each entry in this list is:
// [PrivValue NULL] (directly assigned), or
// [PrivValue Name] (via group "Name")
// To configure privileges, use AREA_PRIVILEGES area
//
// This PrivValue could be translated by SceLookupPrivByValue
// The reason we define another set of privilege values is
// we include both privilege and user rights into one set
// (user rights do not have priv value on NT system).
PSCE_NAME_STATUS_LIST pPrivilegesHeld;
struct _SCE_GROUP_MEMBERSHIP *Next;
}SCE_GROUP_MEMBERSHIP, *PSCE_GROUP_MEMBERSHIP;
//
// Definition of Registry and file security
//
typedef struct _SCE_OBJECT_SECURITY {
PWSTR Name;
BYTE Status;
BOOL IsContainer;
PSECURITY_DESCRIPTOR pSecurityDescriptor;
SECURITY_INFORMATION SeInfo;
// PWSTR SDspec;
// DWORD SDsize;
}SCE_OBJECT_SECURITY, *PSCE_OBJECT_SECURITY;
//
// A list of objects (e.g., files, registry keys, and etc)
//
typedef struct _SCE_OBJECT_LIST {
PWSTR Name;
BYTE Status;
// Status could be the status (mismatched/unknown) of the object
// or, it could be a flag to ignore/check this ojbect
//
BOOL IsContainer;
DWORD Count;
// Total count of mismatched/unknown objects under this object
struct _SCE_OBJECT_LIST *Next;
}SCE_OBJECT_LIST, *PSCE_OBJECT_LIST;
typedef struct _SCE_OBJECT_ARRAY_ {
DWORD Count;
PSCE_OBJECT_SECURITY *pObjectArray;
} SCE_OBJECT_ARRAY, *PSCE_OBJECT_ARRAY;
typedef union _SCE_OBJECTS_ {
// for Jet databases
PSCE_OBJECT_LIST pOneLevel;
// for Inf files
PSCE_OBJECT_ARRAY pAllNodes;
} SCE_OBJECTS, *PSCE_OBJECTS;
typedef struct _SCE_OBJECT_CHILDREN_NODE {
PWSTR Name;
BYTE Status;
BOOL IsContainer;
DWORD Count;
} SCE_OBJECT_CHILDREN_NODE, *PSCE_OBJECT_CHILDREN_NODE;
typedef struct _SCE_OBJECT_CHILDREN {
DWORD nCount;
DWORD MaxCount;
PSCE_OBJECT_CHILDREN_NODE arrObject;
} SCE_OBJECT_CHILDREN, *PSCE_OBJECT_CHILDREN;
typedef struct _SCE_KERBEROS_TICKET_INFO_ {
DWORD MaxTicketAge; // in hours (default 10), SCE_NO_VALUE, SCE_FOREVER_VALUE, no 0
DWORD MaxRenewAge; // in days (default 7), SCE_NO_VALUE, SCE_FOREVER_VALUE, no 0
DWORD MaxServiceAge; // in minutes (default 60), SCE_NO_VALUE, 10-MaxTicketAge
DWORD MaxClockSkew; // in minutes (default 5), SCE_NO_VALUE
// options
DWORD TicketValidateClient; // 0, 1, or SCE_NO_VALUE
//
// all other options are not configurable.
//
} SCE_KERBEROS_TICKET_INFO, *PSCE_KERBEROS_TICKET_INFO;
typedef struct _SCE_REGISTRY_VALUE_INFO_ {
LPTSTR FullValueName;
LPTSTR Value;
DWORD ValueType;
DWORD Status; // match, mismatch, not analyzed, error
} SCE_REGISTRY_VALUE_INFO, *PSCE_REGISTRY_VALUE_INFO;
//
// Profile structure
//
typedef struct _SCE_PROFILE_INFO {
// Type is used to free the structure by SceFreeMemory
SCETYPE Type;
//
// Area: System access
//
DWORD MinimumPasswordAge;
DWORD MaximumPasswordAge;
DWORD MinimumPasswordLength;
DWORD PasswordComplexity;
DWORD PasswordHistorySize;
DWORD LockoutBadCount;
DWORD ResetLockoutCount;
DWORD LockoutDuration;
DWORD RequireLogonToChangePassword;
DWORD ForceLogoffWhenHourExpire;
PWSTR NewAdministratorName;
PWSTR NewGuestName;
DWORD SecureSystemPartition;
DWORD ClearTextPassword;
DWORD LSAAnonymousNameLookup;
union {
struct {
// Area : user settings (scp)
PSCE_NAME_LIST pAccountProfiles;
// Area: privileges
// Name field is the user/group name, Status field is the privilege(s)
// assigned to the user/group
union {
// PSCE_NAME_STATUS_LIST pPrivilegeAssignedTo;
PSCE_PRIVILEGE_VALUE_LIST pPrivilegeAssignedTo;
PSCE_PRIVILEGE_ASSIGNMENT pInfPrivilegeAssignedTo;
} u;
} scp;
struct {
// Area: user settings (sap)
PSCE_NAME_LIST pUserList;
// Area: privileges
PSCE_PRIVILEGE_ASSIGNMENT pPrivilegeAssignedTo;
} sap;
struct {
// Area: user settings (smp)
PSCE_NAME_LIST pUserList;
// Area: privileges
// See sap structure for pPrivilegeAssignedTo
PSCE_PRIVILEGE_ASSIGNMENT pPrivilegeAssignedTo;
} smp;
} OtherInfo;
// Area: group membership
PSCE_GROUP_MEMBERSHIP pGroupMembership;
// Area: Registry
SCE_OBJECTS pRegistryKeys;
// Area: System Services
PSCE_SERVICES pServices;
// System storage
SCE_OBJECTS pFiles;
//
// ds object
//
SCE_OBJECTS pDsObjects;
//
// kerberos policy settings
//
PSCE_KERBEROS_TICKET_INFO pKerberosInfo;
//
// System audit 0-system 1-security 2-application
//
DWORD MaximumLogSize[3];
DWORD AuditLogRetentionPeriod[3];
DWORD RetentionDays[3];
DWORD RestrictGuestAccess[3];
DWORD AuditSystemEvents;
DWORD AuditLogonEvents;
DWORD AuditObjectAccess;
DWORD AuditPrivilegeUse;
DWORD AuditPolicyChange;
DWORD AuditAccountManage;
DWORD AuditProcessTracking;
DWORD AuditDSAccess;
DWORD AuditAccountLogon;
DWORD CrashOnAuditFull;
//
// registry values
//
DWORD RegValueCount;
PSCE_REGISTRY_VALUE_INFO aRegValues;
DWORD EnableAdminAccount;
DWORD EnableGuestAccount;
}SCE_PROFILE_INFO, *PSCE_PROFILE_INFO;
//
// The definition for security user profile which is used to assign common
// user settings to a group of users/groups in the security manager.
//
typedef struct _SCE_USER_PROFILE {
SCETYPE Type;
// Type is used to free the structure by SceFreeMemory
DWORD ForcePasswordChange;
DWORD DisallowPasswordChange;
DWORD NeverExpirePassword;
DWORD AccountDisabled;
PWSTR UserProfile;
PWSTR LogonScript;
PWSTR HomeDir;
PSCE_LOGON_HOUR pLogonHours;
UNICODE_STRING pWorkstations;
PSCE_NAME_LIST pGroupsBelongsTo;
PSCE_NAME_LIST pAssignToUsers;
PSECURITY_DESCRIPTOR pHomeDirSecurity;
SECURITY_INFORMATION HomeSeInfo;
PSECURITY_DESCRIPTOR pTempDirSecurity;
SECURITY_INFORMATION TempSeInfo;
} SCE_USER_PROFILE, *PSCE_USER_PROFILE;
//
// The definition for each user's setting
//
typedef struct _SCE_USER_SETTING {
SCETYPE Type;
// Type is used to free the structure by SceFreeMemory
DWORD ForcePasswordChange;
DWORD DisallowPasswordChange;
DWORD NeverExpirePassword;
DWORD AccountDisabled;
PSCE_NAME_LIST pGroupsBelongsTo;
PWSTR UserProfile;
PSECURITY_DESCRIPTOR pProfileSecurity;
PWSTR LogonScript;
PSECURITY_DESCRIPTOR pLogonScriptSecurity;
PWSTR HomeDir;
PSECURITY_DESCRIPTOR pHomeDirSecurity;
SECURITY_INFORMATION HomeDirSeInfo;
PWSTR TempDir;
PSECURITY_DESCRIPTOR pTempDirSecurity;
SECURITY_INFORMATION TempDirSeInfo;
PSCE_LOGON_HOUR pLogonHours;
UNICODE_STRING pWorkstations;
PSCE_NAME_STATUS_LIST pPrivilegesHeld;
DWORD BadPasswordAttempt;
} SCE_USER_SETTING, *PSCE_USER_SETTING;
//
// prototypes defined in sceclnt.cpp
//
SCESTATUS
WINAPI
SceGetSecurityProfileInfo(
IN PVOID hProfile OPTIONAL,
IN SCETYPE ProfileType,
IN AREA_INFORMATION Area,
IN OUT PSCE_PROFILE_INFO *ppInfoBuffer,
OUT PSCE_ERROR_LOG_INFO *Errlog OPTIONAL
);
SCESTATUS
WINAPI
SceGetObjectChildren(
IN PVOID hProfile,
IN SCETYPE ProfileType,
IN AREA_INFORMATION Area,
IN PWSTR ObjectPrefix,
OUT PSCE_OBJECT_CHILDREN *Buffer,
OUT PSCE_ERROR_LOG_INFO *Errlog OPTIONAL
);
SCESTATUS
WINAPI
SceOpenProfile(
IN PCWSTR ProfileName,
IN SCE_FORMAT_TYPE ProfileFormat,
OUT PVOID *hProfile
);
SCESTATUS
WINAPI
SceCloseProfile(
IN PVOID *hProfile
);
SCESTATUS
WINAPI
SceGetScpProfileDescription(
IN PVOID hProfile,
OUT PWSTR *Description
);
SCESTATUS
WINAPI
SceGetTimeStamp(
IN PVOID hProfile,
OUT PWSTR *ConfigTimeStamp,
OUT PWSTR *AnalyzeTimeStamp
);
SCESTATUS
WINAPI
SceGetDbTime(
IN PVOID hProfile,
OUT SYSTEMTIME *ConfigTime,
OUT SYSTEMTIME *AnalyzeTime
);
SCESTATUS
WINAPI
SceGetObjectSecurity(
IN PVOID hProfile,
IN SCETYPE ProfileType,
IN AREA_INFORMATION Area,
IN PWSTR ObjectName,
OUT PSCE_OBJECT_SECURITY *ObjSecurity
);
SCESTATUS
WINAPI
SceGetAnalysisAreaSummary(
IN PVOID hProfile,
IN AREA_INFORMATION Area,
OUT PDWORD pCount
);
SCESTATUS
WINAPI
SceCopyBaseProfile(
IN PVOID hProfile,
IN SCETYPE ProfileType,
IN PWSTR InfFileName,
IN AREA_INFORMATION Area,
OUT PSCE_ERROR_LOG_INFO *pErrlog OPTIONAL
);
#define SCE_OVERWRITE_DB 0x01L
#define SCE_UPDATE_DB 0x02L
#define SCE_CALLBACK_DELTA 0x04L
#define SCE_CALLBACK_TOTAL 0x08L
#define SCE_VERBOSE_LOG 0x10L
#define SCE_DISABLE_LOG 0x20L
#define SCE_NO_CONFIG 0x40L
#define SCE_DEBUG_LOG 0x80L
typedef
BOOL(CALLBACK *PSCE_AREA_CALLBACK_ROUTINE)(
IN HANDLE CallbackHandle,
IN AREA_INFORMATION Area,
IN DWORD TotalTicks,
IN DWORD CurrentTicks
);
typedef
BOOL(CALLBACK *PSCE_BROWSE_CALLBACK_ROUTINE)(
IN LONG GpoID,
IN PWSTR KeyName OPTIONAL,
IN PWSTR GpoName OPTIONAL,
IN PWSTR Value OPTIONAL,
IN DWORD Len
);
SCESTATUS
WINAPI
SceConfigureSystem(
IN LPTSTR SystemName OPTIONAL,
IN PCWSTR InfFileName OPTIONAL,
IN PCWSTR DatabaseName,
IN PCWSTR LogFileName OPTIONAL,
IN DWORD ConfigOptions,
IN AREA_INFORMATION Area,
IN PSCE_AREA_CALLBACK_ROUTINE pCallback OPTIONAL,
IN HANDLE hCallbackWnd OPTIONAL,
OUT PDWORD pdWarning OPTIONAL
);
SCESTATUS
WINAPI
SceAnalyzeSystem(
IN LPTSTR SystemName OPTIONAL,
IN PCWSTR InfFileName OPTIONAL,
IN PCWSTR DatabaseName,
IN PCWSTR LogFileName OPTIONAL,
IN DWORD AnalyzeOptions,
IN AREA_INFORMATION Area,
IN PSCE_AREA_CALLBACK_ROUTINE pCallback OPTIONAL,
IN HANDLE hCallbackWnd OPTIONAL,
OUT PDWORD pdWarning OPTIONAL
);
SCESTATUS
WINAPI
SceGenerateRollback(
IN LPTSTR SystemName OPTIONAL,
IN PCWSTR InfFileName,
IN PCWSTR InfRollback,
IN PCWSTR LogFileName OPTIONAL,
IN DWORD Options,
IN AREA_INFORMATION Area,
OUT PDWORD pdWarning OPTIONAL
);
#define SCE_UPDATE_LOCAL_POLICY 0x1L
#define SCE_UPDATE_DIRTY_ONLY 0x2L
#define SCE_UPDATE_SYSTEM 0x4L
SCESTATUS
WINAPI
SceUpdateSecurityProfile(
IN PVOID hProfile OPTIONAL,
IN AREA_INFORMATION Area,
IN PSCE_PROFILE_INFO pInfo,
IN DWORD dwMode
);
SCESTATUS
WINAPI
SceUpdateObjectInfo(
IN PVOID hProfile,
IN AREA_INFORMATION Area,
IN PWSTR ObjectName,
IN DWORD NameLen, // number of characters
IN BYTE ConfigStatus,
IN BOOL IsContainer,
IN PSECURITY_DESCRIPTOR pSD,
IN SECURITY_INFORMATION SeInfo,
OUT PBYTE pAnalysisStatus
);
SCESTATUS
WINAPI
SceStartTransaction(
IN PVOID cxtProfile
);
SCESTATUS
WINAPI
SceCommitTransaction(
IN PVOID cxtProfile
);
SCESTATUS
WINAPI
SceRollbackTransaction(
IN PVOID cxtProfile
);
typedef enum _SCE_SERVER_TYPE_ {
SCESVR_UNKNOWN = 0,
SCESVR_DC_WITH_DS,
SCESVR_DC,
SCESVR_NT5_SERVER,
SCESVR_NT4_SERVER,
SCESVR_NT5_WKS,
SCESVR_NT4_WKS
} SCE_SERVER_TYPE, *PSCE_SERVER_TYPE;
SCESTATUS
WINAPI
SceGetServerProductType(
IN LPTSTR SystemName OPTIONAL,
OUT PSCE_SERVER_TYPE pServerType
);
SCESTATUS
WINAPI
SceLookupPrivRightName(
IN INT Priv,
OUT PWSTR Name,
OUT PINT NameLen
);
SCESTATUS
WINAPI
SceSvcUpdateInfo(
IN PVOID hProfile,
IN PCWSTR ServiceName,
IN PSCESVC_CONFIGURATION_INFO Info
);
//
// prototype defined in infget.c
//
SCESTATUS
WINAPI
SceSvcGetInformationTemplate(
IN LPCTSTR TemplateName,
IN LPCTSTR ServiceName,
IN LPCTSTR Key OPTIONAL,
OUT PSCESVC_CONFIGURATION_INFO *ServiceInfo
);
//
// prototypes defined in infwrite.c
//
SCESTATUS
WINAPI
SceWriteSecurityProfileInfo(
IN PCWSTR InfProfileName,
IN AREA_INFORMATION Area,
IN PSCE_PROFILE_INFO ppInfoBuffer,
OUT PSCE_ERROR_LOG_INFO *Errlog OPTIONAL
);
SCESTATUS
WINAPI
SceAppendSecurityProfileInfo(
IN PCWSTR InfProfileName,
IN AREA_INFORMATION Area,
IN PSCE_PROFILE_INFO ppInfoBuffer,
OUT PSCE_ERROR_LOG_INFO *Errlog OPTIONAL
);
SCESTATUS
WINAPI
SceSvcSetInformationTemplate(
IN LPCTSTR TemplateName,
IN LPCTSTR ServiceName,
IN BOOL bExact,
IN PSCESVC_CONFIGURATION_INFO ServiceInfo
);
//
// prototypes defined in common.cpp
//
SCESTATUS
WINAPI
SceFreeMemory(
IN PVOID smInfo,
IN DWORD Category
);
BOOL
WINAPI
SceCompareNameList(
IN PSCE_NAME_LIST pList1,
IN PSCE_NAME_LIST pList2
);
SCESTATUS
WINAPI
SceCompareSecurityDescriptors(
IN AREA_INFORMATION Area,
IN PSECURITY_DESCRIPTOR pSD1,
IN PSECURITY_DESCRIPTOR pSD2,
IN SECURITY_INFORMATION SeInfo,
OUT PBOOL IsDifferent
);
SCESTATUS
WINAPI
SceCreateDirectory(
IN PCWSTR ProfileLocation,
IN BOOL FileOrDir,
PSECURITY_DESCRIPTOR pSecurityDescriptor
);
SCESTATUS
WINAPI
SceFreeProfileMemory(
PSCE_PROFILE_INFO pProfile
);
SCESTATUS
WINAPI
SceAddToNameStatusList(
IN OUT PSCE_NAME_STATUS_LIST *pNameStatusList,
IN PWSTR Name,
IN ULONG Len,
IN DWORD Status
);
SCESTATUS
WINAPI
SceAddToNameList(
IN OUT PSCE_NAME_LIST *pNameList,
IN PWSTR Name,
IN ULONG Len
);
#define SCE_CHECK_DUP 0x01
#define SCE_INCREASE_COUNT 0x02
SCESTATUS
WINAPI
SceAddToObjectList(
IN OUT PSCE_OBJECT_LIST *pObjectList,
IN PWSTR Name,
IN ULONG Len,
IN BOOL IsContainer,
IN BYTE Status,
IN BYTE byFlags
);
DWORD
WINAPI
SceEnumerateServices(
OUT PSCE_SERVICES *pServiceList,
IN BOOL bServiceNameOnly
);
DWORD
WINAPI
SceSetupGenerateTemplate(
IN LPTSTR SystemName OPTIONAL,
IN LPTSTR JetDbName OPTIONAL,
IN BOOL bFromMergedTable,
IN LPTSTR InfTemplateName,
IN LPTSTR LogFileName OPTIONAL,
IN AREA_INFORMATION Area
);
#define SCE_REG_DISPLAY_NAME TEXT("DisplayName")
#define SCE_REG_DISPLAY_TYPE TEXT("DisplayType")
#define SCE_REG_VALUE_TYPE TEXT("ValueType")
#define SCE_REG_DISPLAY_UNIT TEXT("DisplayUnit")
#define SCE_REG_DISPLAY_CHOICES TEXT("DisplayChoices")
#define SCE_REG_DISPLAY_FLAGLIST TEXT("DisplayFlags")
#define SCE_REG_DISPLAY_ENABLE 0
#define SCE_REG_DISPLAY_NUMBER 1
#define SCE_REG_DISPLAY_STRING 2
#define SCE_REG_DISPLAY_CHOICE 3
#define SCE_REG_DISPLAY_MULTISZ 4
#define SCE_REG_DISPLAY_FLAGS 5
DWORD
WINAPI
SceRegisterRegValues(
IN LPTSTR InfFileName
);
//
// for service attachments
//
SCESTATUS
WINAPI
SceSvcQueryInfo(
IN SCE_HANDLE sceHandle,
IN SCESVC_INFO_TYPE sceType,
IN LPTSTR lpPrefix OPTIONAL,
IN BOOL bExact,
OUT PVOID *ppvInfo,
OUT PSCE_ENUMERATION_CONTEXT psceEnumHandle
);
SCESTATUS
WINAPI
SceSvcSetInfo(
IN SCE_HANDLE sceHandle,
IN SCESVC_INFO_TYPE sceType,
IN LPTSTR lpPrefix OPTIONAL,
IN BOOL bExact,
IN PVOID pvInfo
);
SCESTATUS
WINAPI
SceSvcFree(
IN PVOID pvServiceInfo
);
SCESTATUS
WINAPI
SceSvcConvertTextToSD (
IN PWSTR pwszTextSD,
OUT PSECURITY_DESCRIPTOR *ppSD,
OUT PULONG pulSDSize,
OUT PSECURITY_INFORMATION psiSeInfo
);
SCESTATUS
WINAPI
SceSvcConvertSDToText (
IN PSECURITY_DESCRIPTOR pSD,
IN SECURITY_INFORMATION siSecurityInfo,
OUT PWSTR *ppwszTextSD,
OUT PULONG pulTextSize
);
//
// check service.cpp if the following constants are changed because
// it has a buffer length dependency
//
#define SCE_ROOT_POLICY_PATH \
SCE_ROOT_PATH TEXT("\\Policies")
#define SCE_ROOT_REGVALUE_PATH \
SCE_ROOT_PATH TEXT("\\Reg Values")
// define for GPT integration
#define GPTSCE_PATH TEXT("Software\\Policies\\Microsoft\\Windows NT\\SecEdit")
#define GPTSCE_PERIOD_NAME TEXT("ConfigurePeriod")
#define GPTSCE_TEMPLATE TEXT("Microsoft\\Windows NT\\SecEdit\\GptTmpl.inf")
AREA_INFORMATION
SceGetAreas(
LPTSTR InfName
);
BOOL
SceIsSystemDatabase(
IN LPCTSTR DatabaseName
);
SCESTATUS
SceBrowseDatabaseTable(
IN PWSTR DatabaseName OPTIONAL,
IN SCETYPE ProfileType,
IN AREA_INFORMATION Area,
IN BOOL bDomainPolicyOnly,
IN PSCE_BROWSE_CALLBACK_ROUTINE pCallback OPTIONAL
);
SCESTATUS
WINAPI
SceGetDatabaseSetting(
IN PVOID hProfile,
IN SCETYPE ProfileType,
IN PWSTR SectionName,
IN PWSTR KeyName,
OUT PWSTR *Value,
OUT DWORD *pnBytes OPTIONAL
);
SCESTATUS
WINAPI
SceSetDatabaseSetting(
IN PVOID hProfile,
IN SCETYPE ProfileType,
IN PWSTR SectionName,
IN PWSTR KeyName,
IN PWSTR Value OPTIONAL,
IN DWORD nBytes
);
#ifdef __cplusplus
}
#endif
#endif
Reference in a new issue View git blame Copy permalink