|
|
/*++
Copyright (c) 1997 Microsoft Corporation
Module Name:
lsads.h
Abstract:
Private macros/definitions/prototypes for implementing portions of the LSA store in the DS and in the registry, simultaneously
Author:
Mac McLain (MacM) Jan 17, 1997
Environment:
User Mode
Revision History:
--*/
#ifndef __LSADS_H__
#define __LSADS_H__
#include <ntdsa.h>
#include <dsysdbg.h>
#include <safelock.h>
#if DBG == 1
#ifdef ASSERT
#undef ASSERT
#endif
#define ASSERT DsysAssert
#define DEB_UPGRADE 0x10
#define DEB_POLICY 0x20
#define DEB_FIXUP 0x80
#define DEB_NOTIFY 0x100
#define DEB_DSNOTIFY 0x200
#define DEB_FTRACE 0x400
#define DEB_LOOKUP 0x800
#define DEB_HANDLE 0x1000
#define DEB_FTINFO 0x2000
#define DEB_SIDFILTER 0x4000
#ifdef __cplusplus
extern "C" {#endif // __cplusplus
DECLARE_DEBUG2( LsaDs )
#ifdef __cplusplus
}#endif // __cplusplus
#define LsapDsDebugOut( args ) LsaDsDebugPrint args
#define LsapEnterFunc( x ) \
LsaDsDebugPrint( DEB_FTRACE, "0x%lx: Entering %s\n", GetCurrentThreadId(), x );
#define LsapExitFunc( x, y ) \
LsaDsDebugPrint( DEB_FTRACE, "0x%lx: Leaving %s: 0x%lx\n", GetCurrentThreadId(), x, y );
#else
#define LsapDsDebugOut(args)
#define LsapEnterFunc( x )
#define LsapExitFunc( x, y )
#endif // DBG
//
// These function prototypes control how the Ds transactioning is done. In
// the Ds case, the pointers are initialized to routines that actually do
// transactioning. In the non-Ds case, they point to dummy rountines that
// do nothing.
//
typedef NTSTATUS ( *pfDsOpenTransaction ) ( ULONG );typedef NTSTATUS ( *pfDsApplyTransaction ) ( ULONG );typedef NTSTATUS ( *pfDsAbortTransaction ) ( ULONG );
//
// Ds functions that behave differently for the Ds and non-Ds case exist
// in this function table.
//
typedef struct _LSADS_DS_FUNC_TABLE {
pfDsOpenTransaction pOpenTransaction; pfDsApplyTransaction pApplyTransaction; pfDsAbortTransaction pAbortTransaction;
} LSADS_DS_FUNC_TABLE, *PLSADS_DS_FUNC_TABLE;
typedef struct _LSADS_DS_SYSTEM_CONTAINER_ITEMS {
PDSNAME TrustedDomainObject; PDSNAME SecretObject;
} LSADS_DS_SYSTEM_CONTAINER_ITEMS, *PLSADS_DS_SYSTEM_CONTAINER_ITEMS;
//
// Basic LsaDs information structure
//
typedef struct _LSADS_DS_STATE_INFO {
PDSNAME DsRoot; // DSNAME of the root of the Ds
PDSNAME DsPartitionsContainer; // DSNAME of the partitions container
PDSNAME DsSystemContainer; // DSNAME of the system container
PDSNAME DsConfigurationContainer; // DSNAME of the configuration container
ULONG DsDomainHandle; // DS Handle of the domain
LSADS_DS_FUNC_TABLE DsFuncTable; // Function table for Ds specific
// functions
LSADS_DS_SYSTEM_CONTAINER_ITEMS SystemContainerItems; PVOID SavedThreadState; // Results from THSave
BOOLEAN DsTransactionSave; BOOLEAN DsTHStateSave; BOOLEAN DsOperationSave; BOOLEAN WriteLocal; // Can we write to the registry?
BOOLEAN UseDs; // Is the Ds active?
BOOLEAN FunctionTableInitialized; // Is the function table initialized
BOOLEAN DsInitializedAndRunning; // Has the Ds started
BOOLEAN Nt4UpgradeInProgress; // Is this the case of an upgrade from NT4
} LSADS_DS_STATE_INFO, *PLSADS_DS_STATE_INFO;
typedef struct _LSADS_PER_THREAD_INFO {
BOOLEAN SavedTransactionValid; ULONG UseCount; ULONG DsThreadStateUseCount; ULONG DsTransUseCount; ULONG DsOperationCount; PVOID SavedThreadState; PVOID InitialThreadState; ULONG OldTrustDirection; ULONG OldTrustType;
} LSADS_PER_THREAD_INFO, *PLSADS_PER_THREAD_INFO;
#if DBG
typedef struct _LSADS_THREAD_INFO_NODE { PLSADS_PER_THREAD_INFO ThreadInfo; ULONG ThreadId;} LSADS_THREAD_INFO_NODE, *PLSADS_THREAD_INFO_NODE;
#define LSAP_THREAD_INFO_LIST_MAX 15
extern LSADS_THREAD_INFO_NODE LsapDsThreadInfoList[ LSAP_THREAD_INFO_LIST_MAX ];extern SAFE_RESOURCE LsapDsThreadInfoListResource;#endif
//
// Extern definitions
//
extern LSADS_DS_STATE_INFO LsaDsStateInfo;
#ifdef __cplusplus
extern "C" {#endif // __cplusplus
extern DWORD LsapDsThreadState;
#ifdef __cplusplus
}#endif // __cplusplus
//
// Implemented as a macro for performance reasons
//
// PLSADS_PER_THREAD_INFO
// LsapQueryThreadInfo(
// VOID
// );
#define LsapQueryThreadInfo( ) TlsGetValue( LsapDsThreadState )
VOIDLsapDsDebugInitialize( VOID );
//
// Registry specific functions
//
NTSTATUSLsapRegReadObjectSD( IN LSAPR_HANDLE ObjectHandle, OUT PSECURITY_DESCRIPTOR *ppSD );
NTSTATUSLsapRegGetPhysicalObjectName( IN PLSAP_DB_OBJECT_INFORMATION ObjectInformation, IN PUNICODE_STRING LogicalNameU, OUT OPTIONAL PUNICODE_STRING PhysicalNameU );
NTSTATUSLsapRegOpenObject( IN LSAP_DB_HANDLE ObjectHandle, IN ULONG OpenMode, OUT PVOID *pvKey );
NTSTATUSLsapRegOpenTransaction( );
NTSTATUSLsapRegApplyTransaction( );
NTSTATUSLsapRegAbortTransaction( );
NTSTATUSLsapRegCreateObject( IN PUNICODE_STRING ObjectPath, IN LSAP_DB_OBJECT_TYPE_ID ObjectType );
NTSTATUSLsapRegDeleteObject( IN PUNICODE_STRING ObjectPath );
NTSTATUSLsapRegWriteAttribute( IN PUNICODE_STRING AttributePath, IN PVOID pvAttribute, IN ULONG AttributeLength );
NTSTATUSLsapRegDeleteAttribute( IN PUNICODE_STRING AttributePath, IN BOOLEAN DeleteSecurely, IN ULONG AttributeLength );
NTSTATUSLsapRegReadAttribute( IN LSAPR_HANDLE ObjectHandle, IN PUNICODE_STRING AttributeName, IN OPTIONAL PVOID AttributeValue, IN OUT PULONG AttributeValueLength );
//
// Counterpart Ds functions
//
NTSTATUSLsapDsReadObjectSD( IN LSAPR_HANDLE ObjectHandle, OUT PSECURITY_DESCRIPTOR *ppSD );
NTSTATUSLsapDsGetPhysicalObjectName( IN PLSAP_DB_OBJECT_INFORMATION ObjectInformation, IN BOOLEAN DefaultName, IN PUNICODE_STRING LogicalNameU, OUT OPTIONAL PUNICODE_STRING PhysicalNameU );
NTSTATUSLsapDsOpenObject( IN LSAP_DB_HANDLE ObjectHandle, IN ULONG OpenMode, OUT PVOID *pvKey );
NTSTATUSLsapDsVerifyObjectExistenceByDsName( IN PDSNAME DsName );
NTSTATUSLsapDsOpenTransaction( IN ULONG Options );
//
// Assert that there is a DS transaction open
//
#define LsapAssertDsTransactionOpen() \
{ \ PLSADS_PER_THREAD_INFO CurrentThreadInfo; \ CurrentThreadInfo = LsapQueryThreadInfo(); \ \ ASSERT( CurrentThreadInfo != NULL ); \ if ( CurrentThreadInfo != NULL ) { \ ASSERT( CurrentThreadInfo->DsTransUseCount > 0 ); \ } \}
NTSTATUSLsapDsOpenTransactionDummy( IN ULONG Options );
NTSTATUSLsapDsApplyTransaction( IN ULONG Options );
NTSTATUSLsapDsApplyTransactionDummy( IN ULONG Options );
NTSTATUSLsapDsAbortTransaction( IN ULONG Options );
NTSTATUSLsapDsAbortTransactionDummy( IN ULONG Options );
NTSTATUSLsapDsCreateObject( IN PUNICODE_STRING ObjectPath, IN ULONG Flags, IN LSAP_DB_OBJECT_TYPE_ID ObjectType );
NTSTATUSLsapDsDeleteObject( IN PUNICODE_STRING ObjectPath );
NTSTATUSLsapDsWriteAttributes( IN PUNICODE_STRING ObjectPath, IN PLSAP_DB_ATTRIBUTE Attributes, IN ULONG AttributeCount, IN ULONG Options );
NTSTATUSLsapDsWriteAttributesByDsName( IN PDSNAME ObjectPath, IN PLSAP_DB_ATTRIBUTE Attributes, IN ULONG AttributeCount, IN ULONG Options );
NTSTATUSLsapDsReadAttributes( IN PUNICODE_STRING ObjectPath, IN ULONG Options, IN OUT PLSAP_DB_ATTRIBUTE Attributes, IN ULONG AttributeCount );
NTSTATUSLsapDsReadAttributesByDsName( IN PDSNAME ObjectPath, IN ULONG Options, IN OUT PLSAP_DB_ATTRIBUTE Attributes, IN ULONG AttributeCount );
NTSTATUSLsapDsRenameObject( IN PDSNAME OldObject, IN PDSNAME NewParent, IN ULONG AttrType, IN PUNICODE_STRING NewObject );
NTSTATUSLsapDsDeleteAttributes( IN PUNICODE_STRING ObjectPath, IN OUT PLSAP_DB_ATTRIBUTE Attributes, IN ULONG AttributeCount );
//
// Interesting or global functions
//
PVOIDLsapDsAlloc( IN DWORD dwLen );
VOIDLsapDsFree( IN PVOID pvMemory );
NTSTATUSLsapDsInitializePromoteInterface( VOID );
BOOLEANLsapDsIsValidSid( IN PSID Sid, IN BOOLEAN DsSid );
NTSTATUSLsapDsTruncateNameToFitCN( IN PUNICODE_STRING OriginalName, OUT PUNICODE_STRING TruncatedName );
BOOLEANLsapDsIsNtStatusResourceError( NTSTATUS NtStatus );
NTSTATUSLsapDsReadObjectSDByDsName( IN DSNAME* Object, OUT PSECURITY_DESCRIPTOR *pSD );
NTSTATUSLsapDsGetDefaultSecurityDescriptor( IN ULONG ClassId, OUT PSECURITY_DESCRIPTOR *ppSD, OUT ULONG *cbSD );
#endif
|
