Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

233 lines
8.6 KiB

  1. /**********************************************************************/
  2. /** Microsoft Windows NT **/
  3. /** Copyright(c) Microsoft Corp., 1992 **/
  4. /**********************************************************************/
  5. /*
  6. NTAcUtil.hxx
  7. This file contains the definitions for the NT Accounts Utility class
  8. and spurious other things.
  9. FILE HISTORY:
  10. JohnL 13-Mar-1992 Created
  11. thomaspa 14-May-1992 Added GetQualifiedAccountNames
  12. KeithMo 20-Jul-1992 Added ValidateQualifiedAccountName.
  13. DavidHov 18-Aug-1992 Added UI_SID_Replicator
  14. Johnl 09-Feb-1993 Added UI_SID_CurrentProcessUser
  15. */
  16. #ifndef _NTACUTIL_HXX_
  17. #define _NTACUTIL_HXX_
  18. /* It is this character that separates the domain and account name.
  19. */
  20. #define QUALIFIED_ACCOUNT_SEPARATOR TCH('\\')
  21. // Forward declarations
  22. DLL_CLASS STRLIST;
  23. DLL_CLASS LSA_POLICY;
  24. DLL_CLASS LSA_TRANSLATED_NAME_MEM;
  25. DLL_CLASS LSA_REF_DOMAIN_MEM;
  26. DLL_CLASS SAM_DOMAIN;
  27. /* Possible SIDs that can be retrieved using QuerySystemSid.
  28. */
  29. enum UI_SystemSid
  30. {
  31. /* Well known SIDs
  32. */
  33. UI_SID_Null = 0,
  34. UI_SID_World,
  35. UI_SID_Local,
  36. UI_SID_CreatorOwner,
  37. UI_SID_CreatorGroup,
  38. UI_SID_NTAuthority,
  39. UI_SID_Dialup,
  40. UI_SID_Network,
  41. UI_SID_Batch,
  42. UI_SID_Interactive,
  43. UI_SID_Service,
  44. UI_SID_BuiltIn,
  45. UI_SID_System,
  46. UI_SID_Restricted,
  47. UI_SID_Admins,
  48. UI_SID_Users,
  49. UI_SID_Guests,
  50. UI_SID_PowerUsers,
  51. UI_SID_AccountOperators,
  52. UI_SID_SystemOperators,
  53. UI_SID_PrintOperators,
  54. UI_SID_BackupOperators,
  55. /* Other miscellaneous useful SIDs
  56. */
  57. UI_SID_CurrentProcessOwner, // Generally logged on user SID, maybe
  58. // special like Administrators
  59. UI_SID_CurrentProcessPrimaryGroup,
  60. UI_SID_Replicator,
  61. UI_SID_CurrentProcessUser, // Always the logged on user SID
  62. /* This special value can be used for initializing enum UI_SystemSid
  63. * variables with a known unused quantity. This value should never
  64. * be passed to QuerySystemSid.
  65. */
  66. UI_SID_Invalid = -1
  67. } ;
  68. /*************************************************************************
  69. NAME: NT_ACCOUNTS_UTILITY
  70. SYNOPSIS: This class provides a wrapper for some common utility
  71. functions
  72. INTERFACE:
  73. BuildQualifedAccountName()
  74. Builds a fully qualified Account name of the form
  75. "NtProject\JohnL" or "NtProject\JohnL (Ludeman, John)"
  76. CrackQualifiedAccountName()
  77. Breaks a qualified Account name into its components
  78. QuerySystemSid()
  79. Retrieves the requested UI_SystemSid's PSID.
  80. GetQualifiedAccountNames()
  81. returns a list of qualifed account names, including
  82. getting the Full Name for users if desired.
  83. ValidateQualifiedAccountName()
  84. Validates the (optional) domain name and the user
  85. name. Uses ::I_MNetNameValidate for name validation.
  86. PARENT: None (non-instantiable)
  87. USES: OS_SID, NLS_STR
  88. CAVEATS:
  89. NOTES:
  90. HISTORY:
  91. Johnl 13-Mar-1992 Created
  92. Thomaspa 07-May-1992 Added GetQualifiedAccountNames()
  93. KeithMo 20-Jul-1992 Added ValidateQualifiedAccountName.
  94. **************************************************************************/
  95. DLL_CLASS NT_ACCOUNTS_UTILITY
  96. {
  97. private:
  98. static APIERR W_BuildQualifiedAccountName(
  99. NLS_STR * pnlsQualifiedAccountName,
  100. const NLS_STR & nlsAccountName,
  101. const NLS_STR * pnlsFullName,
  102. SID_NAME_USE sidType );
  103. public:
  104. static APIERR BuildQualifiedAccountName(
  105. NLS_STR * pnlsQualifedAccountName,
  106. const NLS_STR & nlsAccountName,
  107. const NLS_STR & nlsDomainName,
  108. const NLS_STR * pnlsFullName = NULL,
  109. const NLS_STR * pnlsCurrentDomain = NULL,
  110. SID_NAME_USE sidType = SidTypeUser ) ;
  111. static APIERR BuildQualifiedAccountName(
  112. NLS_STR * pnlsQualifedAccountName,
  113. const NLS_STR & nlsAccountName,
  114. PSID psidDomain,
  115. const NLS_STR & nlsDomainName,
  116. const NLS_STR * pnlsFullName = NULL,
  117. PSID psidCurrentDomain = NULL,
  118. SID_NAME_USE sidType = SidTypeUser ) ;
  119. static APIERR CrackQualifiedAccountName(
  120. const NLS_STR & nlsQualifedAccountName,
  121. NLS_STR * pnlsAccountName,
  122. NLS_STR * pnlsDomainName = NULL ) ;
  123. static APIERR ValidateQualifiedAccountName(
  124. const NLS_STR & nlsQualifiedAccountName,
  125. BOOL * pfInvalidDomain = NULL );
  126. static APIERR QuerySystemSid( enum UI_SystemSid SystemSid,
  127. OS_SID * possidWellKnownSid,
  128. const TCHAR * pszServer = NULL ) ;
  129. #if 0 // uncomment if needed
  130. static APIERR IsEqualToSystemSid( BOOL * pfIsEqual,
  131. enum UI_SystemSid SystemSid,
  132. const OS_SID & ossidCompare,
  133. const TCHAR * pszServer = NULL ) ;
  134. #endif
  135. /* Wrapper around RtlAllocateAndInitializeSid
  136. */
  137. static APIERR BuildAndCopySysSid(
  138. OS_SID *possid,
  139. PSID_IDENTIFIER_AUTHORITY pIDAuthority,
  140. UCHAR cSubAuthorities,
  141. ULONG ulSubAuthority0 = 0,
  142. ULONG ulSubAuthority1 = 0,
  143. ULONG ulSubAuthority2 = 0,
  144. ULONG ulSubAuthority3 = 0,
  145. ULONG ulSubAuthority4 = 0,
  146. ULONG ulSubAuthority5 = 0,
  147. ULONG ulSubAuthority6 = 0,
  148. ULONG ulSubAuthority7 = 0);
  149. //
  150. // Note that the only difference between the following two methods is
  151. // that the first takes a PSID for the focused SAM_DOMAIN, the second
  152. // takes a SAM_DOMAIN object and derefernces its PSID.
  153. //
  154. static APIERR GetQualifiedAccountNames(
  155. LSA_POLICY & lsapol,
  156. const PSID psidSamDomainFocus,
  157. const PSID * ppsids,
  158. ULONG cSids,
  159. BOOL fFullNames,
  160. STRLIST * pstrlistQualifiedNames = NULL,
  161. ULONG * afUserFlags = NULL,
  162. SID_NAME_USE * aSidType = NULL,
  163. APIERR * perrNonFatal = NULL,
  164. const TCHAR * pszServer = NULL,
  165. STRLIST * pstrlistAccountNames = NULL,
  166. STRLIST * pstrlistFullNames = NULL,
  167. STRLIST * pstrlistComments = NULL,
  168. STRLIST * pstrlistDomainNames = NULL ) ;
  169. static APIERR GetQualifiedAccountNames(
  170. LSA_POLICY & lsapol,
  171. const SAM_DOMAIN & samdomFocus,
  172. const PSID * ppsids,
  173. ULONG cSids,
  174. BOOL fFullNames,
  175. STRLIST * pstrlistQualifiedNames = NULL,
  176. ULONG * afUserFlags = NULL,
  177. SID_NAME_USE * aSidType = NULL,
  178. APIERR * perrNonFatal = NULL,
  179. const TCHAR * pszServer = NULL,
  180. STRLIST * pstrlistAccountNames = NULL,
  181. STRLIST * pstrlistFullNames = NULL,
  182. STRLIST * pstrlistComments = NULL,
  183. STRLIST * pstrlistDomainNames = NULL ) ;
  184. } ;
  185. #endif //_NTACUTIL_HXX_