You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
813 lines
21 KiB
813 lines
21 KiB
/*++
|
|
|
|
Copyright (c) 1992 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
samisrv.h
|
|
|
|
Abstract:
|
|
|
|
This file contain private routines for use by Trusted SAM clients
|
|
which live in the same process as the SAM server.
|
|
|
|
Included in these routines are services for freeing buffers returned
|
|
by RPC server stub routines (SamrXxx() routines).
|
|
|
|
Author:
|
|
|
|
Cliff Van Dyke (CliffV) 26-Feb-1992
|
|
|
|
Environment:
|
|
|
|
User Mode - Win32
|
|
|
|
Revision History:
|
|
|
|
|
|
--*/
|
|
|
|
#ifndef _SAMISRV_
|
|
#define _SAMISRV_
|
|
|
|
|
|
#define SAMP_SAM_COMPONENT_NAME L"Security Account Manager"
|
|
|
|
/////////////////////////////////////////////////////////////////////////////
|
|
// //
|
|
// Data types used by SAM and Netlogon for database replication //
|
|
// //
|
|
/////////////////////////////////////////////////////////////////////////////
|
|
|
|
typedef enum _SECURITY_DB_TYPE {
|
|
SecurityDbSam = 1,
|
|
SecurityDbLsa
|
|
} SECURITY_DB_TYPE, *PSECURITY_DB_TYPE;
|
|
|
|
//
|
|
// These structures are used to get and set private data. Note that
|
|
// DataType must be the first field of every such structure.
|
|
//
|
|
|
|
typedef enum _SAMI_PRIVATE_DATA_TYPE {
|
|
SamPrivateDataNextRid = 1,
|
|
SamPrivateDataPassword
|
|
} SAMI_PRIVATE_DATA_TYPE, *PSAMI_PRIVATE_DATA_TYPE;
|
|
|
|
|
|
typedef struct _SAMI_PRIVATE_DATA_NEXTRID_TYPE {
|
|
SAMI_PRIVATE_DATA_TYPE DataType;
|
|
ULONG NextRid;
|
|
} SAMI_PRIVATE_DATA_NEXTRID_TYPE, *PSAMI_PRIVATE_DATA_NEXTRID_TYPE;
|
|
|
|
typedef struct _SAMI_PRIVATE_DATA_PASSWORD_TYPE {
|
|
SAMI_PRIVATE_DATA_TYPE DataType;
|
|
UNICODE_STRING CaseInsensitiveDbcs;
|
|
ENCRYPTED_LM_OWF_PASSWORD CaseInsensitiveDbcsBuffer;
|
|
UNICODE_STRING CaseSensitiveUnicode;
|
|
ENCRYPTED_NT_OWF_PASSWORD CaseSensitiveUnicodeBuffer;
|
|
UNICODE_STRING LmPasswordHistory;
|
|
UNICODE_STRING NtPasswordHistory;
|
|
} SAMI_PRIVATE_DATA_PASSWORD_TYPE, *PSAMI_PRIVATE_DATA_PASSWORD_TYPE;
|
|
|
|
|
|
typedef struct _SAMP_UNICODE_STRING_RELATIVE {
|
|
USHORT Length;
|
|
USHORT MaximumLength;
|
|
ULONG Buffer; // note buffer is really an offset
|
|
} SAMP_UNICODE_STRING_RELATIVE , *PSAMP_UNICODE_STRING_RELATIVE;
|
|
|
|
typedef struct _SAMI_PRIVATE_DATA_PASSWORD_TYPE_RELATIVE {
|
|
SAMI_PRIVATE_DATA_TYPE DataType;
|
|
SAMP_UNICODE_STRING_RELATIVE CaseInsensitiveDbcs;
|
|
ENCRYPTED_LM_OWF_PASSWORD CaseInsensitiveDbcsBuffer;
|
|
SAMP_UNICODE_STRING_RELATIVE CaseSensitiveUnicode;
|
|
ENCRYPTED_NT_OWF_PASSWORD CaseSensitiveUnicodeBuffer;
|
|
SAMP_UNICODE_STRING_RELATIVE LmPasswordHistory;
|
|
SAMP_UNICODE_STRING_RELATIVE NtPasswordHistory;
|
|
} SAMI_PRIVATE_DATA_PASSWORD_RELATIVE_TYPE, *PSAMI_PRIVATE_DATA_PASSWORD_RELATIVE_TYPE;
|
|
|
|
#define SAM_CLEARTEXT_CREDENTIAL_NAME L"CLEARTEXT"
|
|
|
|
|
|
NTSTATUS
|
|
SamISetPasswordInfoOnPdc(
|
|
IN SAMPR_HANDLE SamDomainHandle,
|
|
IN PUCHAR OpaqueBuffer,
|
|
IN ULONG BufferLength
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIResetBadPwdCountOnPdc(
|
|
IN SAMPR_HANDLE SamUserHandle
|
|
);
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
// //
|
|
// //
|
|
// Flag Definitions for SamIGetUserLogonInformation //
|
|
// //
|
|
// //
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
|
|
#define SAM_GET_MEMBERSHIPS_NO_GC ((ULONG)0x00000001)
|
|
#define SAM_GET_MEMBERSHIPS_TWO_PHASE ((ULONG)0x00000002)
|
|
#define SAM_GET_MEMBERSHIPS_MIXED_DOMAIN ((ULONG)0x00000004)
|
|
#define SAM_NO_MEMBERSHIPS ((ULONG)0x00000008)
|
|
#define SAM_OPEN_BY_ALTERNATE_ID ((ULONG)0x00000010)
|
|
#define SAM_OPEN_BY_UPN ((ULONG)0x00000020)
|
|
#define SAM_OPEN_BY_SPN ((ULONG)0x00000040)
|
|
#define SAM_OPEN_BY_SID ((ULONG)0x00000080)
|
|
#define SAM_OPEN_BY_GUID ((ULONG)0x00000100)
|
|
#define SAM_OPEN_BY_UPN_OR_ACCOUNTNAME ((ULONG)0x00000200)
|
|
#define SAM_PRESERVE_DBPOS ((ULONG)0x00000400)
|
|
#define SAM_OPEN_BY_DN ((ULONG)0x00000800)
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
// //
|
|
// //
|
|
// Flag Definitions for SamIGetResourceGroupMemberships //
|
|
// //
|
|
// //
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
|
|
#define SAM_SERVICE_TARGET_IS_DC ((ULONG)0x00000001)
|
|
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
// //
|
|
// Data types used by SamIUpdateLogonStatistics //
|
|
// //
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
typedef enum _SAM_CLIENT_INFO_ENUM
|
|
{
|
|
SamClientNoInformation = 0,
|
|
SamClientIpAddr = 1
|
|
|
|
} SAM_CLIENT_INFO_TYPE, *PSAM_CLIENT_INFO_TYPE;
|
|
|
|
typedef struct _SAM_CLIENT_INFO
|
|
{
|
|
SAM_CLIENT_INFO_TYPE Type;
|
|
union {
|
|
ULONG IpAddr; // corresponds to type SamClientIpAddr
|
|
} Data;
|
|
} SAM_CLIENT_INFO, *PSAM_CLIENT_INFO;
|
|
|
|
typedef struct _SAM_LOGON_STATISTICS
|
|
{
|
|
ULONG StatisticsToApply;
|
|
USHORT BadPasswordCount;
|
|
USHORT LogonCount;
|
|
LARGE_INTEGER LastLogon;
|
|
LARGE_INTEGER LastLogoff;
|
|
UNICODE_STRING Workstation;
|
|
SAM_CLIENT_INFO ClientInfo;
|
|
|
|
} SAM_LOGON_STATISTICS, *PSAM_LOGON_STATISTICS;
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
// //
|
|
// Data types used by Reverse Membership Query Routines //
|
|
// //
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
|
|
typedef struct _SID_AND_ATTRIBUTES_LIST {
|
|
ULONG Count;
|
|
PSID_AND_ATTRIBUTES SidAndAttributes;
|
|
} SID_AND_ATTRIBUTES_LIST , *PSID_AND_ATTRIBUTES_LIST;
|
|
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
// //
|
|
// Data types used by Promotion/Demotion operations //
|
|
// //
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
//
|
|
// These flags indicate what type of install
|
|
//
|
|
#define SAMP_PROMOTE_ENTERPRISE ((ULONG)0x00000001)
|
|
#define SAMP_PROMOTE_DOMAIN ((ULONG)0x00000002)
|
|
#define SAMP_PROMOTE_REPLICA ((ULONG)0x00000004)
|
|
|
|
//
|
|
// When a new domain, these flags indicate how to seed the
|
|
// initial security pricipals in the domain
|
|
//
|
|
#define SAMP_PROMOTE_UPGRADE ((ULONG)0x00000008)
|
|
#define SAMP_PROMOTE_MIGRATE ((ULONG)0x00000010)
|
|
#define SAMP_PROMOTE_CREATE ((ULONG)0x00000020)
|
|
#define SAMP_PROMOTE_ALLOW_ANON ((ULONG)0x00000040)
|
|
#define SAMP_PROMOTE_DFLT_REPAIR_PWD ((ULONG)0x00000080)
|
|
|
|
|
|
//
|
|
// Flags for demote
|
|
//
|
|
#define SAMP_DEMOTE_STANDALONE ((ULONG)0x00000040)
|
|
#define SAMP_DEMOTE_MEMBER ((ULONG)0x00000080)
|
|
|
|
// unused
|
|
#define SAMP_DEMOTE_LAST_DOMAIN ((ULONG)0x00000100)
|
|
|
|
#define SAMP_TEMP_UPGRADE ((ULONG)0x00000200)
|
|
|
|
//
|
|
// This flag is not passed into SamIPromote; rather it is used
|
|
// to trigger new NT5 account creations on gui mode setup
|
|
// of NT5 to NT5 upgrades
|
|
//
|
|
#define SAMP_PROMOTE_INTERNAL_UPGRADE ((ULONG)0x00000400)
|
|
|
|
|
|
//
|
|
// Defines the maximum number of well-known (restricted) accounts
|
|
// in the SAM database. Restricted accounts have rids less than this
|
|
// value. User-defined accounts have rids >= this value.
|
|
//
|
|
|
|
#define SAMI_RESTRICTED_ACCOUNT_COUNT 1000
|
|
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
// //
|
|
// The following prototypes are usable throughout the process that SAM //
|
|
// resides in. This may include calls by LAN Manager code that is not //
|
|
// part of SAM but is in the same process as SAM. //
|
|
// //
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
|
|
NTSTATUS
|
|
SamIConnect(
|
|
IN PSAMPR_SERVER_NAME ServerName,
|
|
OUT SAMPR_HANDLE *ServerHandle,
|
|
IN ACCESS_MASK DesiredAccess,
|
|
IN BOOLEAN TrustedClient
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIAccountRestrictions(
|
|
IN SAM_HANDLE UserHandle,
|
|
IN PUNICODE_STRING LogonWorkstation,
|
|
IN PUNICODE_STRING Workstations,
|
|
IN PLOGON_HOURS LogonHours,
|
|
OUT PLARGE_INTEGER LogoffTime,
|
|
OUT PLARGE_INTEGER KickoffTime
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIUpdateLogonStatistics(
|
|
IN SAM_HANDLE UserHandle,
|
|
IN PSAM_LOGON_STATISTICS LogonStats
|
|
);
|
|
|
|
NTSTATUS
|
|
SamICreateAccountByRid(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN SAM_ACCOUNT_TYPE AccountType,
|
|
IN ULONG RelativeId,
|
|
IN PRPC_UNICODE_STRING AccountName,
|
|
IN ACCESS_MASK DesiredAccess,
|
|
OUT SAMPR_HANDLE *AccountHandle,
|
|
OUT ULONG *ConflictingAccountRid
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIGetSerialNumberDomain(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
OUT PLARGE_INTEGER ModifiedCount,
|
|
OUT PLARGE_INTEGER CreationTime
|
|
);
|
|
|
|
NTSTATUS
|
|
SamISetSerialNumberDomain(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN PLARGE_INTEGER ModifiedCount,
|
|
IN PLARGE_INTEGER CreationTime,
|
|
IN BOOLEAN StartOfFullSync
|
|
);
|
|
|
|
|
|
NTSTATUS
|
|
SamIGetPrivateData(
|
|
IN SAMPR_HANDLE SamHandle,
|
|
IN PSAMI_PRIVATE_DATA_TYPE PrivateDataType,
|
|
OUT PBOOLEAN SensitiveData,
|
|
OUT PULONG DataLength,
|
|
OUT PVOID *Data
|
|
);
|
|
|
|
NTSTATUS
|
|
SamISetPrivateData(
|
|
IN SAMPR_HANDLE SamHandle,
|
|
IN ULONG DataLength,
|
|
IN PVOID Data
|
|
);
|
|
|
|
NTSTATUS
|
|
SamISetAuditingInformation(
|
|
IN PPOLICY_AUDIT_EVENTS_INFO PolicyAuditEventsInfo
|
|
);
|
|
|
|
NTSTATUS
|
|
SamINotifyDelta (
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN SECURITY_DB_DELTA_TYPE DeltaType,
|
|
IN SECURITY_DB_OBJECT_TYPE ObjectType,
|
|
IN ULONG ObjectRid,
|
|
IN PUNICODE_STRING ObjectName,
|
|
IN ULONG ReplicateImmediately,
|
|
IN PSAM_DELTA_DATA DeltaData OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIEnumerateAccountRids(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN ULONG AccountTypesMask,
|
|
IN ULONG StartingRid,
|
|
IN ULONG PreferedMaximumLength,
|
|
OUT PULONG ReturnCount,
|
|
OUT PULONG *AccountRids
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIGetUserLogonInformation(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN ULONG Flags,
|
|
IN PUNICODE_STRING AccountName,
|
|
OUT PSAMPR_USER_INFO_BUFFER * Buffer,
|
|
OUT PSID_AND_ATTRIBUTES_LIST ReverseMembership,
|
|
OUT OPTIONAL SAMPR_HANDLE * UserHandle
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIGetUserLogonInformationEx(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN ULONG Flags,
|
|
IN PUNICODE_STRING AccountName,
|
|
IN ULONG WhichFields,
|
|
OUT PSAMPR_USER_INFO_BUFFER * Buffer,
|
|
OUT PSID_AND_ATTRIBUTES_LIST ReverseMembership,
|
|
OUT OPTIONAL SAMPR_HANDLE * UserHandle
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIGetUserLogonInformation2(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN ULONG Flags,
|
|
IN PUNICODE_STRING AccountName,
|
|
IN ULONG WhichFields,
|
|
IN ULONG ExtendedFields,
|
|
OUT PUSER_INTERNAL6_INFORMATION * Buffer,
|
|
OUT PSID_AND_ATTRIBUTES_LIST ReverseMembership,
|
|
OUT OPTIONAL SAMPR_HANDLE * UserHandle
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIGetResourceGroupMembershipsTransitive(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN PSAMPR_PSID_ARRAY SidArray,
|
|
IN ULONG Flags,
|
|
OUT PSAMPR_PSID_ARRAY * Membership
|
|
);
|
|
|
|
|
|
NTSTATUS
|
|
SamIGetAliasMembership(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN PSAMPR_PSID_ARRAY SidArray,
|
|
OUT PSAMPR_ULONG_ARRAY Membership
|
|
);
|
|
|
|
|
|
NTSTATUS
|
|
SamIOpenUserByAlternateId(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN ACCESS_MASK DesiredAccess,
|
|
IN PUNICODE_STRING AlternateId,
|
|
OUT SAMPR_HANDLE *UserHandle
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIOpenAccount(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN ULONG AccountRid,
|
|
IN SECURITY_DB_OBJECT_TYPE ObjectType,
|
|
OUT SAMPR_HANDLE *AccountHandle
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIChangePasswordForeignUser(
|
|
IN PUNICODE_STRING UserName,
|
|
IN PUNICODE_STRING NewPassword,
|
|
IN OPTIONAL HANDLE ClientToken,
|
|
IN ACCESS_MASK DesiredAccess
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIChangePasswordForeignUser2(
|
|
IN PSAM_CLIENT_INFO ClientInfo, OPTIONAL
|
|
IN PUNICODE_STRING UserName,
|
|
IN PUNICODE_STRING NewPassword,
|
|
IN OPTIONAL HANDLE ClientToken,
|
|
IN ACCESS_MASK DesiredAccess
|
|
);
|
|
|
|
NTSTATUS
|
|
SamISetPasswordForeignUser(
|
|
IN PUNICODE_STRING UserName,
|
|
IN PUNICODE_STRING NewPassword,
|
|
IN HANDLE ClientToken
|
|
);
|
|
|
|
NTSTATUS
|
|
SamISetPasswordForeignUser2(
|
|
IN PSAM_CLIENT_INFO ClientInfo, OPTIONAL
|
|
IN PUNICODE_STRING UserName,
|
|
IN PUNICODE_STRING NewPassword,
|
|
IN HANDLE ClientToken
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIGetDefaultComputersContainer(
|
|
OUT PVOID *DefaultComputersContainer
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIPromote(
|
|
IN ULONG PromoteFlags,
|
|
IN PPOLICY_PRIMARY_DOMAIN_INFO NewPrimaryDomainInfo OPTIONAL,
|
|
IN PUNICODE_STRING AdminPassword OPTIONAL,
|
|
IN PUNICODE_STRING SafeModeAdminPassword OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIPromoteUndo(
|
|
VOID
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIDemote(
|
|
IN ULONG DemoteFlags,
|
|
IN PPOLICY_ACCOUNT_DOMAIN_INFO NewAccountDomainInfo,
|
|
IN LPWSTR AdminPassword OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIDemoteUndo(
|
|
VOID
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIReplaceDownlevelDatabase(
|
|
IN PPOLICY_ACCOUNT_DOMAIN_INFO NewAccountDomainInfo,
|
|
IN LPWSTR NewAdminPassword,
|
|
OUT ULONG *ExtendedWinError OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
SamILoadDownlevelDatabase(
|
|
OUT ULONG *ExtendedWinError OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIUnLoadDownlevelDatabase(
|
|
OUT ULONG *ExtendedWinError OPTIONAL
|
|
);
|
|
|
|
BOOLEAN
|
|
SamIMixedDomain(
|
|
IN SAMPR_HANDLE DomainHandle
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIMixedDomain2(
|
|
IN PSID DomainSid,
|
|
OUT BOOLEAN * MixedDomain
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIDoFSMORoleChange(
|
|
IN SAMPR_HANDLE DomainHandle
|
|
);
|
|
|
|
NTSTATUS
|
|
SamINotifyRoleChange(
|
|
IN PSID DomainSid,
|
|
IN DOMAIN_SERVER_ROLE NewRole
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIQueryServerRole(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
OUT DOMAIN_SERVER_ROLE *ServerRole
|
|
);
|
|
|
|
|
|
NTSTATUS
|
|
SamIQueryServerRole2(
|
|
IN PSID DomainSid,
|
|
OUT DOMAIN_SERVER_ROLE *ServerRole
|
|
);
|
|
|
|
NTSTATUS
|
|
SamISameSite(
|
|
OUT BOOLEAN * result
|
|
);
|
|
|
|
//
|
|
// Routines called by the NTDSA
|
|
//
|
|
typedef enum
|
|
{
|
|
SampNotifySiteChanged = 0
|
|
|
|
} SAMP_NOTIFY_SERVER_CHANGE;
|
|
|
|
VOID
|
|
SamINotifyServerDelta(
|
|
IN SAMP_NOTIFY_SERVER_CHANGE Change
|
|
);
|
|
|
|
|
|
///////////////////////////////////////////////////////////////
|
|
// //
|
|
// The following functions are used to support in process //
|
|
// client operations for upgrades from NT4. //
|
|
// //
|
|
///////////////////////////////////////////////////////////////
|
|
|
|
BOOLEAN
|
|
SamINT4UpgradeInProgress(
|
|
VOID
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIEnumerateInterdomainTrustAccountsForUpgrade(
|
|
IN OUT PULONG EnumerationContext,
|
|
OUT PSAMPR_ENUMERATION_BUFFER *Buffer,
|
|
IN ULONG PreferredMaximumLength,
|
|
OUT PULONG CountReturned
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIGetInterdomainTrustAccountPasswordsForUpgrade(
|
|
IN ULONG AccountRid,
|
|
OUT PUCHAR NtOwfPassword,
|
|
OUT BOOLEAN *NtPasswordPresent,
|
|
OUT PUCHAR LmOwfPassword,
|
|
OUT BOOLEAN *LmPasswordPresent
|
|
);
|
|
|
|
//
|
|
// Values to pass in as Options SamIGCLookup*
|
|
//
|
|
|
|
//
|
|
// Indicates to lookup by sid history as well
|
|
//
|
|
#define SAMP_LOOKUP_BY_SID_HISTORY 0x00000001
|
|
|
|
//
|
|
// Indicates to lookp by UPN as well
|
|
//
|
|
#define SAMP_LOOKUP_BY_UPN 0x00000002
|
|
|
|
//
|
|
// Values to be returned in Flags
|
|
//
|
|
|
|
//
|
|
// Indicates the Sid was resolved by Sid History
|
|
//
|
|
#define SAMP_FOUND_BY_SID_HISTORY 0x00000001
|
|
|
|
//
|
|
// Indicates the name passed in was the sam account name (UPN)
|
|
//
|
|
#define SAMP_FOUND_BY_SAM_ACCOUNT_NAME 0x00000002
|
|
|
|
//
|
|
// Indicates that entry was not resolved but does belong to an externally
|
|
// trusted forest
|
|
//
|
|
#define SAMP_FOUND_XFOREST_REF 0x00000004
|
|
|
|
NTSTATUS
|
|
SamIGCLookupSids(
|
|
IN ULONG cSids,
|
|
IN PSID *SidArray,
|
|
IN ULONG Options,
|
|
OUT ULONG *Flags,
|
|
OUT SID_NAME_USE *SidNameUse,
|
|
OUT PSAMPR_RETURNED_USTRING_ARRAY Names
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIGCLookupNames(
|
|
IN ULONG cNames,
|
|
IN PUNICODE_STRING Names,
|
|
IN ULONG Options,
|
|
OUT ULONG *Flags,
|
|
OUT SID_NAME_USE *SidNameUse,
|
|
OUT PSAMPR_PSID_ARRAY *SidArray
|
|
);
|
|
|
|
#ifdef __SECPKG_H__
|
|
|
|
|
|
NTSTATUS
|
|
SamIStorePrimaryCredentials(
|
|
IN SAMPR_HANDLE UserHandle,
|
|
IN PSECPKG_SUPPLEMENTAL_CRED Credentials
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIRetrievePrimaryCredentials(
|
|
IN SAMPR_HANDLE UserHandle,
|
|
IN PUNICODE_STRING PackageName,
|
|
OUT PVOID * Credentials,
|
|
OUT PULONG CredentialSize
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIStoreSupplementalCredentials(
|
|
IN SAMPR_HANDLE UserHandle,
|
|
IN PSECPKG_SUPPLEMENTAL_CRED Credentials
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIRetriveSupplementalCredentials(
|
|
IN SAMPR_HANDLE UserHandle,
|
|
IN PUNICODE_STRING PackageName,
|
|
OUT PVOID * Credentials,
|
|
OUT PULONG CredentialSize
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIRetriveAllSupplementalCredentials(
|
|
IN SAMPR_HANDLE UserHandle,
|
|
OUT PSECPKG_SUPPLEMENTAL_CRED * Credentials,
|
|
OUT PULONG CredentialCount
|
|
);
|
|
#endif
|
|
|
|
VOID
|
|
SamIFree_SAMPR_SR_SECURITY_DESCRIPTOR (
|
|
PSAMPR_SR_SECURITY_DESCRIPTOR Source
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_DOMAIN_INFO_BUFFER (
|
|
PSAMPR_DOMAIN_INFO_BUFFER Source,
|
|
DOMAIN_INFORMATION_CLASS Branch
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_ENUMERATION_BUFFER (
|
|
PSAMPR_ENUMERATION_BUFFER Source
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_PSID_ARRAY (
|
|
PSAMPR_PSID_ARRAY Source
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_ULONG_ARRAY (
|
|
PSAMPR_ULONG_ARRAY Source
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_RETURNED_USTRING_ARRAY (
|
|
PSAMPR_RETURNED_USTRING_ARRAY Source
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_GROUP_INFO_BUFFER (
|
|
PSAMPR_GROUP_INFO_BUFFER Source,
|
|
GROUP_INFORMATION_CLASS Branch
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_ALIAS_INFO_BUFFER (
|
|
PSAMPR_ALIAS_INFO_BUFFER Source,
|
|
ALIAS_INFORMATION_CLASS Branch
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_GET_MEMBERS_BUFFER (
|
|
PSAMPR_GET_MEMBERS_BUFFER Source
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_USER_INFO_BUFFER (
|
|
PSAMPR_USER_INFO_BUFFER Source,
|
|
USER_INFORMATION_CLASS Branch
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_GET_GROUPS_BUFFER (
|
|
PSAMPR_GET_GROUPS_BUFFER Source
|
|
);
|
|
|
|
VOID
|
|
SamIFree_SAMPR_DISPLAY_INFO_BUFFER (
|
|
PSAMPR_DISPLAY_INFO_BUFFER Source,
|
|
DOMAIN_DISPLAY_INFORMATION Branch
|
|
);
|
|
|
|
VOID
|
|
SamIFree_UserInternal6Information (
|
|
PUSER_INTERNAL6_INFORMATION Source
|
|
);
|
|
|
|
VOID
|
|
SamIFreeSidAndAttributesList(
|
|
IN PSID_AND_ATTRIBUTES_LIST List
|
|
);
|
|
|
|
VOID
|
|
SamIFreeSidArray(
|
|
IN PSAMPR_PSID_ARRAY List
|
|
);
|
|
|
|
VOID
|
|
SamIFreeVoid(
|
|
IN PVOID ptr
|
|
);
|
|
|
|
|
|
BOOLEAN
|
|
SampUsingDsData();
|
|
|
|
BOOLEAN
|
|
SamIAmIGC();
|
|
|
|
typedef enum _SAM_PERF_COUNTER_TYPE {
|
|
MsvLogonCounter,
|
|
KerbServerContextCounter,
|
|
KdcAsReqCounter,
|
|
KdcTgsReqCounter
|
|
} SAM_PERF_COUNTER_TYPE, *PSAM_PERF_COUNTER_TYPE;
|
|
|
|
VOID
|
|
SamIIncrementPerformanceCounter(
|
|
IN SAM_PERF_COUNTER_TYPE CounterType
|
|
);
|
|
|
|
|
|
BOOLEAN SamIIsSetupInProgress(
|
|
OUT BOOLEAN * fUpgrade
|
|
);
|
|
|
|
BOOLEAN SamIIsDownlevelDcUpgrade();
|
|
|
|
NTSTATUS
|
|
SamIGetBootKeyInformation(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
OUT PSAMPR_BOOT_TYPE BootOptions
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIGetDefaultAdministratorName(
|
|
OUT LPWSTR Name, OPTIONAL
|
|
IN OUT ULONG *NameLength
|
|
);
|
|
|
|
BOOLEAN
|
|
SamIIsExtendedSidMode(
|
|
IN SAMPR_HANDLE DomainHandle
|
|
);
|
|
|
|
NTSTATUS
|
|
SamINetLogonPing(
|
|
IN SAMPR_HANDLE DomainHandle,
|
|
IN PUNICODE_STRING AccountName,
|
|
OUT BOOLEAN *AccountExists,
|
|
OUT PULONG UserAccountControl
|
|
);
|
|
|
|
NTSTATUS
|
|
SamIUPNFromUserHandle(
|
|
IN SAMPR_HANDLE UserHandle,
|
|
OUT BOOLEAN *UPNDefaulted,
|
|
OUT PUNICODE_STRING UPN
|
|
);
|
|
|
|
BOOLEAN
|
|
SamIIsRebootAfterPromotion(
|
|
);
|
|
|
|
BOOLEAN
|
|
SamIIsAttributeProtected(
|
|
IN GUID *Attribute
|
|
);
|
|
|
|
|
|
|
|
#endif // _SAMISRV_
|