archive
/
windows-nt-4.0
mirror of https://github.com/lianthony/NT4.0
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Windows NT 4.0 source code leak
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
184 MiB
 
 
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-nt-4.0/private/lsa/server/dbp.h

870 lines
22 KiB
Raw Permalink Blame History

/*++
Copyright (c) 1991 Microsoft Corporation
Module Name:
dbp.h
Abstract:
LSA Database Private Functions, Datatypes and Defines
Author:
Scott Birrell (ScottBi) May 29, 1991
Environment:
Revision History:
--*/
#ifndef _LSADBP_
#define _LSADBP_
//
// LSA revisions
//
// NT 1.0 ==> 1.0
// NT 1.0A ==> 1.1
//
#define LSAP_DB_REVISION_1_0 0x00010000
#define LSAP_DB_REVISION_1_1 0x00010001
#define LSAP_DB_REVISION LSAP_DB_REVISION_1_1
//
// Uncomment the define LSA_SAM_ACCOUNTS_DOMAIN_TEST to enable the
// code needed for the ctsamdb test program. Recompile dbsamtst.c,
// dbpolicy.c. rebuild lsasrv.dll and nmake UMTYPE=console UMTEST=ctsamdb.
//
// #define LSA_SAM_ACCOUNTS_DOMAIN_TEST
//
//
// Prefered Maximum Length of data used for internal enumerations.
//
#define LSAP_DB_ENUM_DOMAIN_LENGTH ((ULONG) 0x00000100L)
//
// Write operations are not allowed on Backup controllers (except
// for trusted clients).
//
#define LSAP_POLICY_WRITE_OPS (DELETE |\
WRITE_OWNER |\
WRITE_DAC |\
POLICY_TRUST_ADMIN |\
POLICY_CREATE_ACCOUNT |\
POLICY_CREATE_SECRET |\
POLICY_CREATE_PRIVILEGE |\
POLICY_SET_DEFAULT_QUOTA_LIMITS |\
POLICY_SET_AUDIT_REQUIREMENTS |\
POLICY_AUDIT_LOG_ADMIN |\
POLICY_SERVER_ADMIN)
#define LSAP_ACCOUNT_WRITE_OPS (DELETE |\
WRITE_OWNER |\
WRITE_DAC |\
ACCOUNT_ADJUST_PRIVILEGES |\
ACCOUNT_ADJUST_QUOTAS |\
ACCOUNT_ADJUST_SYSTEM_ACCESS)
#define LSAP_TRUSTED_WRITE_OPS (DELETE |\
WRITE_OWNER |\
WRITE_DAC |\
TRUSTED_SET_CONTROLLERS |\
TRUSTED_SET_POSIX)
#define LSAP_SECRET_WRITE_OPS (DELETE |\
WRITE_OWNER |\
WRITE_DAC |\
SECRET_SET_VALUE)
//
// Maximum number of attributes an object can have
//
#define LSAP_DB_MAX_ATTRIBUTES (0x00000020)
//
// LSA Absolute Minimum and Maximum Quota Limit values
//
// These values represent the endpoints of the range of permitted values
// which a quota limit may be set via the LsaSetQuotaLimitsForLsa() API
//
// FIX, FIX - get real values from Loup
//
#define LSAP_DB_WINNT_PAGED_POOL (0x02000000L)
#define LSAP_DB_WINNT_NON_PAGED_POOL (0x00100000L)
#define LSAP_DB_WINNT_MIN_WORKING_SET (0x00010000L)
#define LSAP_DB_WINNT_MAX_WORKING_SET (0x0f000000L)
#define LSAP_DB_WINNT_PAGEFILE (0x0f000000L)
#define LSAP_DB_LANMANNT_PAGED_POOL (0x02000000L)
#define LSAP_DB_LANMANNT_NON_PAGED_POOL (0x00100000L)
#define LSAP_DB_LANMANNT_MIN_WORKING_SET (0x00010000L)
#define LSAP_DB_LANMANNT_MAX_WORKING_SET (0x0f000000L)
#define LSAP_DB_LANMANNT_PAGEFILE (0x0f000000L)
#define LSAP_DB_ABS_MIN_PAGED_POOL (0x00010000L)
#define LSAP_DB_ABS_MIN_NON_PAGED_POOL (0x00010000L)
#define LSAP_DB_ABS_MIN_MIN_WORKING_SET (0x00000001L)
#define LSAP_DB_ABS_MIN_MAX_WORKING_SET (0x00001000L)
#define LSAP_DB_ABS_MIN_PAGEFILE (0x00001000L)
#define LSAP_DB_ABS_MAX_PAGED_POOL (0xffffffffL)
#define LSAP_DB_ABS_MAX_NON_PAGED_POOL (0xffffffffL)
#define LSAP_DB_ABS_MAX_MIN_WORKING_SET (0xffffffffL)
#define LSAP_DB_ABS_MAX_MAX_WORKING_SET (0xffffffffL)
#define LSAP_DB_ABS_MAX_PAGEFILE (0xffffffffL)
//
// NOTES on Logical and Physical Names
//
// LogicalName - Unicode String containing the Logical Name of the object.
// The Logical Name of an object is the name by which it is known
// to the outside world, e.g, SCOTTBI might be a typical name for
// a user account object
// PhysicalName - Unicode String containing the Physical name of the object.
// This is a name internal to the Lsa Database and is dependent on the
// implementation. For the current implementation of the LSA Database
// as a subtree of keys within the Configuration Registry, the
// PhysicalName is the name of the Registry Key for the object relative
// to the container object, e.g, ACCOUNTS\SCOTTBI is the Physical Name
// for the user account object with Logical Name SCOTTBI.
//
//
// LSA Database Object Containing Directories
//
UNICODE_STRING LsapDbContDirs[DummyLastObject];
typedef enum _LSAP_DB_CACHE_STATE {
LsapDbCacheNotSupported = 1,
LsapDbCacheInvalid,
LsapDbCacheBuilding,
LsapDbCacheValid
} LSAP_DB_CACHE_STATE, *PLSAP_DB_CACHE_STATE;
//
// LSA Database Object Type Structure
//
typedef struct _LSAP_DB_OBJECT_TYPE {
GENERIC_MAPPING GenericMapping;
ULONG ObjectCount;
NTSTATUS ObjectCountError;
ULONG MaximumObjectCount;
ACCESS_MASK WriteOperations;
ACCESS_MASK AliasAdminsAccess;
ACCESS_MASK WorldAccess;
ACCESS_MASK InvalidMappedAccess;
PSID InitialOwnerSid;
BOOLEAN ObjectCountLimited;
BOOLEAN AccessedBySid;
BOOLEAN AccessedByName;
LSAP_DB_CACHE_STATE CacheState;
PVOID ObjectCache;
} LSAP_DB_OBJECT_TYPE, *PLSAP_DB_OBJECT_TYPE;
//
// LSA Database Object Name types
//
typedef enum _LSAP_DB_OBJECT_NAME_TYPE {
LsapDbObjectPhysicalName = 1,
LsapDbObjectLogicalName
} LSAP_DB_OBJECT_NAME_TYPE, *PLSAP_DB_OBJECT_NAME_TYPE;
#define LsapDbMakeCacheUnsupported( ObjectTypeId ) \
\
{ \
LsapDbState.DbObjectTypes[ ObjectTypeId ].CacheState = LsapDbCacheInvalid; \
}
#define LsapDbMakeCacheInvalid( ObjectTypeId ) \
\
{ \
LsapDbState.DbObjectTypes[ ObjectTypeId ].CacheState = LsapDbCacheInvalid; \
}
#define LsapDbMakeCacheBuilding( ObjectTypeId ) \
\
{ \
LsapDbState.DbObjectTypes[ ObjectTypeId ].CacheState = LsapDbCacheBuilding; \
}
#define LsapDbMakeCacheValid( ObjectTypeId ) \
\
{ \
LsapDbState.DbObjectTypes[ ObjectTypeId ].CacheState = LsapDbCacheValid; \
}
#define LsapDbIsCacheValid( ObjectTypeId ) \
(LsapDbState.DbObjectTypes[ ObjectTypeId ].CacheState == LsapDbCacheValid)
#define LsapDbIsCacheSupported( ObjectTypeId ) \
(LsapDbState.DbObjectTypes[ ObjectTypeId ].CacheState != LsapDbCacheNotSupported)
#define LsapDbIsCacheBuilding( ObjectTypeId ) \
(LsapDbState.DbObjectTypes[ ObjectTypeId ].CacheState == LsapDbCacheBuilding)
//
// LSA Database Local State Information. This structure contains various
// global variables containing dynamic state information.
//
typedef struct _LSAP_DB_STATE {
POLICY_MODIFICATION_INFO PolicyModificationInfo;
LARGE_INTEGER ModifiedIdAtLastPromotion;
HANDLE DbRootRegKeyHandle; // Lsa Database Root Dir Reg Key Handle
PSID PrimaryDomainSid;
ULONG SecretObjectCount;
ULONG OpenHandleCount;
POLICY_LSA_SERVER_ROLE_INFO PolicyLsaServerRoleInfo;
BOOLEAN DbServerInitialized;
BOOLEAN TransactionOpen;
BOOLEAN ReplicatorNotificationEnabled;
LSAP_DB_OBJECT_TYPE DbObjectTypes[LSAP_DB_OBJECT_TYPE_COUNT];
RTL_CRITICAL_SECTION DbLock;
PRTL_RXACT_CONTEXT RXactContext;
} LSAP_DB_STATE, *PLSAP_DB_STATE;
extern LSAP_DB_STATE LsapDbState;
//
// LSA Database Private Data. This Data is eligible for replication,
// unlike the Local State Information above which is meaningful on
// the local machine only.
//
typedef struct _LSAP_DB_POLICY_PRIVATE_DATA {
ULONG NoneDefinedYet;
} LSAP_DB_POLICY_PRIVATE_DATA, *PLSAP_DB_POLICY_PRIVATE_DATA;
PLSAP_CR_CIPHER_KEY LsapDbCipherKey;
//
// Object Enumeration Element Structure
//
typedef struct _LSAP_DB_ENUMERATION_ELEMENT {
struct _LSAP_DB_ENUMERATION_ELEMENT *Next;
LSAP_DB_OBJECT_INFORMATION ObjectInformation;
PSID Sid;
UNICODE_STRING Name;
} LSAP_DB_ENUMERATION_ELEMENT, *PLSAP_DB_ENUMERATION_ELEMENT;
//
// Handle Table Entry
//
typedef struct _LSAP_DB_HANDLE_ENTRY {
BOOLEAN Allocated;
HANDLE KeyHandle;
ACCESS_MASK GrantedAccess;
} LSAP_DB_HANDLE_ENTRY, *PLSAP_DB_HANDLE_ENTRY;
//
// Handle Table Handle Block
//
#define LSAP_DB_MAX_HANDLES_PER_BLOCK 0x00000040L
typedef struct _LSAP_DB_HANDLE_BLOCK {
struct _LSAP_DB_HANDLE_BLOCK *NextBlock;
ULONG FreeCount;
LSAP_DB_HANDLE_ENTRY Handles[LSAP_DB_MAX_HANDLES_PER_BLOCK];
} LSAP_DB_HANDLE_BLOCK, *PLSAP_DB_HANDLE_BLOCK;
//
// Handle Table Header Block
//
// One of these structures exists for each Handle Table
//
typedef struct _LSAP_DB_HANDLE_TABLE {
BOOLEAN Lock;
PLSAP_DB_HANDLE_BLOCK FirstBlock;
PLSAP_DB_HANDLE_BLOCK LastBlock;
} LSAP_DB_HANDLE_TABLE, *PLSAP_DB_HANDLE_TABLE;
//
// Trusted Domain List. This list caches the Trust Information for
// all Trusted Domains in the Policy Database, and enables lookup
// operations to locate Trusted Domains by Sid or Name without recourse
// to the Trusted Domain objects themselves.
//
typedef struct _LSAP_DB_TRUSTED_DOMAIN_LIST_SECTION {
LIST_ENTRY Links;
ULONG UsedCount;
ULONG MaximumCount;
PLSAPR_TRUST_INFORMATION Domains;
} LSAP_DB_TRUSTED_DOMAIN_LIST_SECTION, *PLSAP_DB_TRUSTED_DOMAIN_LIST_SECTION;
typedef struct _LSAP_DB_TRUSTED_DOMAIN_LIST {
BOOLEAN Valid;
PLSAP_DB_TRUSTED_DOMAIN_LIST_SECTION AnchorListSection;
LSAP_DB_TRUSTED_DOMAIN_LIST_SECTION DummyAnchorListSection;
RTL_RESOURCE Resource;
} LSAP_DB_TRUSTED_DOMAIN_LIST, *PLSAP_DB_TRUSTED_DOMAIN_LIST;
//
// Account List. This list caches the Account Information for
// all Account Objects in the Policy database, and enables accounts
// to queried by Sid without recourse to teh Account objects themselves.
//
typedef struct _LSAP_DB_ACCOUNT {
LIST_ENTRY Links;
PLSAPR_SID Sid;
LSAP_DB_ACCOUNT_TYPE_SPECIFIC_INFO Info;
} LSAP_DB_ACCOUNT, *PLSAP_DB_ACCOUNT;
typedef struct _LSAP_DB_ACCOUNT_LIST {
LIST_ENTRY Links;
ULONG AccountCount;
} LSAP_DB_ACCOUNT_LIST, *PLSAP_DB_ACCOUNT_LIST;
//
// Cached information for the Policy Object.
//
typedef struct _LSAP_DB_POLICY_ENTRY {
ULONG AttributeLength;
PLSAPR_POLICY_INFORMATION Attribute;
} LSAP_DB_POLICY_ENTRY, *PLSAP_DB_POLICY_ENTRY;
//
// Cached policy Object - Initially only Quota Limits is cached.
//
typedef struct _LSAP_DB_POLICY {
LSAP_DB_POLICY_ENTRY Info[ PolicyAuditFullQueryInformation + 1];
} LSAP_DB_POLICY, *PLSAP_DB_POLICY;
extern LSAP_DB_POLICY LsapDbPolicy;
NTSTATUS
LsapDbQueryInformationPolicy(
IN LSAPR_HANDLE PolicyHandle,
IN POLICY_INFORMATION_CLASS InformationClass,
IN OUT PLSAPR_POLICY_INFORMATION *Buffer
);
NTSTATUS
LsapDbSlowQueryInformationPolicy(
IN LSAPR_HANDLE PolicyHandle,
IN POLICY_INFORMATION_CLASS InformationClass,
IN OUT PLSAPR_POLICY_INFORMATION *Buffer
);
NTSTATUS
LsapDbBuildPolicyCache(
);
NTSTATUS
LsapDbBuildAccountCache(
);
NTSTATUS
LsapDbBuildTrustedDomainCache(
);
NTSTATUS
LsapDbBuildSecretCache(
);
NTSTATUS
LsapDbRebuildCache(
IN LSAP_DB_OBJECT_TYPE_ID ObjectTypeId
);
NTSTATUS
LsapDbCreateAccount(
IN PLSAPR_SID AccountSid,
OUT OPTIONAL PLSAP_DB_ACCOUNT *Account
);
NTSTATUS
LsapDbDeleteAccount(
IN PLSAPR_SID AccountSid
);
NTSTATUS
LsapDbEnumerateTrustedDomains(
IN LSAPR_HANDLE PolicyHandle,
IN OUT PLSA_ENUMERATION_HANDLE EnumerationContext,
OUT PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
IN ULONG PreferedMaximumLength
);
NTSTATUS
LsapDbSlowEnumerateTrustedDomains(
IN LSAPR_HANDLE PolicyHandle,
IN OUT PLSA_ENUMERATION_HANDLE EnumerationContext,
OUT PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
IN ULONG PreferedMaximumLength
);
NTSTATUS
LsapDbEnumerateTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList,
IN OUT PLSA_ENUMERATION_HANDLE EnumerationContext,
OUT PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
IN ULONG PreferedMaximumLength
);
NTSTATUS
LsapDbBuildTrustedDomainList(
IN OPTIONAL LSA_HANDLE PolicyHandle,
OUT OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList
);
NTSTATUS
LsapDbDestroyTrustedDomainList(
IN PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList
);
NTSTATUS
LsapDbLookupSidTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList,
IN PLSAPR_SID DomainSid,
OUT PLSAPR_TRUST_INFORMATION *TrustInformation
);
NTSTATUS
LsapDbLookupNameTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList,
IN PLSAPR_UNICODE_STRING DomainName,
OUT PLSAPR_TRUST_INFORMATION *TrustInformation
);
NTSTATUS
LsapDbLookupEntryTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList,
IN PLSAPR_TRUST_INFORMATION TrustInformation,
OUT PLSAP_DB_TRUSTED_DOMAIN_LIST_SECTION *TrustedDomainListSection,
OUT PULONG SectionIndex
);
NTSTATUS
LsapDbTraverseTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList,
IN OUT PLSAP_DB_TRUSTED_DOMAIN_LIST_SECTION *TrustedDomainListSection,
IN OUT PULONG SectionIndex,
OUT OPTIONAL PLSAPR_TRUST_INFORMATION *TrustInformation
);
NTSTATUS
LsapDbLocateEntryNumberTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList,
IN ULONG EntryNumber,
OUT PLSAP_DB_TRUSTED_DOMAIN_LIST_SECTION *TrustedDomainListSection,
OUT PULONG SectionIndex,
OUT OPTIONAL PLSAPR_TRUST_INFORMATION *TrustInformation
);
NTSTATUS
LsapDbEnumerateTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList,
IN OUT PLSA_ENUMERATION_HANDLE EnumerationContext,
OUT PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer,
IN ULONG PreferedMaximumLength
);
NTSTATUS
LsapDbInsertTrustedDomainList(
IN ULONG Count,
IN PLSAPR_TRUST_INFORMATION Domains
);
NTSTATUS
LsapDbDeleteTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList,
IN PLSAPR_TRUST_INFORMATION TrustInformation
);
BOOLEAN
LsapDbIsValidTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList
);
NTSTATUS
LsapDbAcquireReadLockTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList
);
NTSTATUS
LsapDbAcquireWriteLockTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList
);
VOID
LsapDbReleaseReadLockTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList
);
VOID
LsapDbReleaseWriteLockTrustedDomainList(
IN OPTIONAL PLSAP_DB_TRUSTED_DOMAIN_LIST TrustedDomainList
);
NTSTATUS
LsapDbOpenPolicyTrustedDomain(
IN PLSAPR_TRUST_INFORMATION TrustInformation,
IN ACCESS_MASK DesiredAccess,
OUT PLSA_HANDLE ControllerPolicyHandle
);
NTSTATUS
LsapDbInitializeHandleTable(
);
NTSTATUS
LsapDbInitializeWellKnownPrivs(
);
NTSTATUS
LsapDbInitializeCipherKey(
);
LSAPR_HANDLE
LsapDbCreateHandle(
IN PLSAP_DB_OBJECT_INFORMATION ObjectInformation,
IN ULONG Options
);
BOOLEAN LsapDbLookupHandle(
IN LSAPR_HANDLE ObjectHandle
);
NTSTATUS
LsapDbCloseHandle(
IN LSAPR_HANDLE ObjectHandle
);
VOID
LsapDbFreeHandle(
IN LSAPR_HANDLE ObjectHandle
);
NTSTATUS
LsapDbReferencesHandle(
IN LSAPR_HANDLE ObjectHandle,
OUT PULONG ReferenceCount
);
NTSTATUS
LsapDbMarkDeletedObjectHandles(
IN LSAPR_HANDLE ObjectHandle,
IN BOOLEAN MarkSelf
);
/*++
BOOLEAN
LsapDbTrustedHandle(
IN LSAPR_HANDLE ObjectHandle
)
Routine Description:
This macro function checks if a given handle is Trusted and returns
the result.
Arguments:
ObjectHandle - Valid handle. It is the caller's responsibility
to verify that the given handle is valid.
Return Value:
BOOLEAN - TRUE if handle is Trusted, else FALSE.
--*/
#define LsapDbIsTrustedHandle(ObjectHandle) \
(((LSAP_DB_HANDLE) ObjectHandle)->Trusted)
#define LsapDbSidFromHandle(ObjectHandle) \
((PLSAPR_SID)(((LSAP_DB_HANDLE)(ObjectHandle))->Sid))
#define LsapDbObjectTypeIdFromHandle(ObjectHandle) \
(((LSAP_DB_HANDLE)(ObjectHandle))->ObjectTypeId)
#define LsapDbRegKeyFromHandle(ObjectHandle) \
(((LSAP_DB_HANDLE)(ObjectHandle))->KeyHandle)
#define LsapDbContainerFromHandle(ObjectHandle) \
(((LSAP_DB_HANDLE) ObjectHandle)->ContainerHandle)
NTSTATUS
LsapDbRequestAccessObject(
IN OUT LSAPR_HANDLE ObjectHandle,
IN PLSAP_DB_OBJECT_INFORMATION ObjectInformation,
IN ACCESS_MASK DesiredAccess,
IN ULONG Options
);
NTSTATUS
LsapDbRequestAccessNewObject(
IN OUT LSAPR_HANDLE ObjectHandle,
IN PLSAP_DB_OBJECT_INFORMATION ObjectInformation,
IN ACCESS_MASK DesiredAccess,
IN ULONG Options
);
NTSTATUS
LsapDbInitializeObjectTypes();
NTSTATUS
LsapDbInitializeUnicodeNames();
NTSTATUS
LsapDbInitializeObjectLinkList();
NTSTATUS
LsapDbInitializeContainingDirs();
NTSTATUS
LsapDbInitializeDefaultQuotaLimits();
NTSTATUS
LsapDbInitializeReplication();
NTSTATUS
LsapDbInitializeObjectTypes();
NTSTATUS
LsapDbInitializePrivilegeObject();
NTSTATUS
LsapDbInitializeLock();
NTSTATUS
LsapDbOpenRootRegistryKey();
NTSTATUS
LsapDbInstallLsaDatabase(
IN ULONG Pass
);
NTSTATUS
LsapDbInstallPolicyObject(
IN ULONG Pass
);
NTSTATUS
LsapDbInstallAccountObjects(
VOID
);
NTSTATUS
LsapDbNotifyChangeObject(
IN LSAPR_HANDLE ObjectHandle,
IN SECURITY_DB_DELTA_TYPE SecurityDbDeltaType
);
NTSTATUS
LsapDbLogicalToPhysicalNameU(
IN PLSAP_DB_OBJECT_INFORMATION ObjectInformation,
OUT PUNICODE_STRING PhysicalNameU
);
NTSTATUS
LsapDbLogicalToPhysicalSubKey(
IN LSAPR_HANDLE ObjectHandle,
OUT PUNICODE_STRING PhysicalSubKeyNameU,
IN PUNICODE_STRING LogicalSubKeyNameU
);
NTSTATUS
LsapDbJoinSubPaths(
IN PUNICODE_STRING MajorSubPath,
IN PUNICODE_STRING MinorSubPath,
OUT PUNICODE_STRING JoinedPath
);
VOID
LsapDbFreePhysicalSubKeyObject(
IN PUNICODE_STRING PhysicalSubKeyNameU
);
NTSTATUS
LsapDbGetNamesObject(
IN PLSAP_DB_OBJECT_INFORMATION ObjectInformation,
OUT OPTIONAL PUNICODE_STRING LogicalNameU,
OUT OPTIONAL PUNICODE_STRING PhysicalNameU
);
NTSTATUS
LsapDbCheckCountObject(
IN LSAP_DB_OBJECT_TYPE_ID ObjectTypeId
);
#define LsapDbIncrementCountObject(ObjectTypeId) \
{ \
LsapDbState.DbObjectTypes[ObjectTypeId].ObjectCount++; \
}
#define LsapDbDecrementCountObject(ObjectTypeId) \
{ \
LsapDbState.DbObjectTypes[ObjectTypeId].ObjectCount--; \
}
NTSTATUS
LsapDbCreateSDAttributeObject(
IN LSAPR_HANDLE ObjectHandle,
IN PLSAP_DB_OBJECT_INFORMATION ObjectInformation
);
/*++
Routine Description:
This macro function determines if a given Object Type Id requires
a Sid to be specified in ObjectInformation describing it.
Arguments:
ObjectTypeId - Object Type Id which must be valid.
Return Values:
BOOLEAN - TRUE if objects of the given type require a Sid, else FALSE.
#define LsapDbRequiresSidObject(ObjectTypeId) \
(LsapDbRequiresSidInfo[ObjectTypeId])
--*/
/*++
Routine Description:
This macro function determines if a given Object Type Id requires
a name to be specified in ObjectInformation describing it.
Arguments:
ObjectTypeId - Object Type Id which must be valid.
Return Values:
BOOLEAN - TRUE if objects of the given type require a name, else FALSE.
#define LsapDbRequiresNameObject(ObjectTypeId) \
(LsapDbRequiresNameInfo[ObjectTypeId])
--*/
NTSTATUS
LsapDbSetSidNameValue(
IN ULONG SidIndex,
IN PANSI_STRING AnsiName,
IN PANSI_STRING AnsiDomainName,
OUT PUNICODE_STRING Name,
OUT OPTIONAL PUNICODE_STRING DomainName
);
NTSTATUS
LsapDbQueryValueSecret(
IN LSAPR_HANDLE SecretHandle,
IN PUNICODE_STRING ValueName,
IN OPTIONAL PLSAP_CR_CIPHER_KEY SessionKey,
OUT PLSAP_CR_CIPHER_VALUE *CipherValue
);
NTSTATUS
LsapDbGetScopeSecret(
IN PLSAPR_UNICODE_STRING SecretName,
OUT PBOOLEAN GlobalSecret
);
VOID
LsapDbResetStatesError(
IN LSAPR_HANDLE ObjectHandle,
IN NTSTATUS PreliminaryStatus,
IN ULONG DesiredStatesReset,
IN SECURITY_DB_DELTA_TYPE SecurityDbDeltaType,
IN ULONG StatesResetAttempted
);
VOID
LsapDbMakeInvalidInformationPolicy(
IN ULONG InformationClass
);
NTSTATUS
LsapDbObjectNameFromHandle(
IN LSAPR_HANDLE ObjectHandle,
IN BOOLEAN MakeCopy,
IN LSAP_DB_OBJECT_NAME_TYPE ObjectNameType,
OUT PLSAPR_UNICODE_STRING ObjectName
);
NTSTATUS
LsapDbPhysicalNameFromHandle(
IN LSAPR_HANDLE ObjectHandle,
IN BOOLEAN MakeCopy,
OUT PLSAPR_UNICODE_STRING ObjectName
);
VOID
LsapDbMarkTrustedHandle(
IN OUT LSAPR_HANDLE ObjectHandle
);
VOID
LsapDbDecrementReferenceCountHandle(
IN OUT LSAPR_HANDLE ObjectHandle
);
#endif //_LSADBP_