You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
107 lines
3.3 KiB
107 lines
3.3 KiB
//******************************************************************************
|
|
//
|
|
// Microsoft Confidential. Copyright (c) Microsoft Corporation 1999. All rights reserved
|
|
//
|
|
// File: RsopSec.h
|
|
//
|
|
// Description: RSOP Namespace Security functions
|
|
//
|
|
// History: 8-26-99 leonardm Created
|
|
//
|
|
//******************************************************************************
|
|
|
|
#ifndef _RSOPSEC_H__89DD6583_B442_41d6_B300_EFE4326A6752__INCLUDED
|
|
#define _RSOPSEC_H__89DD6583_B442_41d6_B300_EFE4326A6752__INCLUDED
|
|
|
|
#include "smartptr.h"
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
HRESULT SetNamespaceSecurity(const WCHAR* pszNamespace,
|
|
long lSecurityLevel,
|
|
IWbemServices* pWbemServices=NULL);
|
|
|
|
HRESULT SetNamespaceSD( SECURITY_DESCRIPTOR* pSD, IWbemServices* pWbemServices);
|
|
HRESULT GetNamespaceSD( IWbemServices* pWbemServices, SECURITY_DESCRIPTOR** ppSD);
|
|
HRESULT RSoPMakeAbsoluteSD(SECURITY_DESCRIPTOR* pSelfRelativeSD, SECURITY_DESCRIPTOR** ppAbsoluteSD);
|
|
HRESULT FreeAbsoluteSD(SECURITY_DESCRIPTOR* pAbsoluteSD);
|
|
|
|
LPWSTR GetSOM( LPCWSTR szAccount );
|
|
DWORD GetDomain( LPCWSTR szSOM, LPWSTR *pszDomain );
|
|
|
|
|
|
HRESULT AuthenticateUser(HANDLE hToken,
|
|
LPCWSTR szMachSOM,
|
|
LPCWSTR szUserSOM,
|
|
BOOL bLogging,
|
|
DWORD *pdwExtendedInfo);
|
|
|
|
|
|
//
|
|
// lSecurityLevels
|
|
//
|
|
|
|
const long NAMESPACE_SECURITY_DIAGNOSTIC = 0;
|
|
const long NAMESPACE_SECURITY_PLANNING = 1;
|
|
|
|
PSID GetUserSid (HANDLE UserToken);
|
|
VOID DeleteUserSid(PSID Sid);
|
|
|
|
#ifdef __cplusplus
|
|
} // extern "C" {
|
|
#endif
|
|
|
|
|
|
typedef struct _SidStruct {
|
|
PSID pSid;
|
|
DWORD dwAccess;
|
|
BOOL bUseLocalFree;
|
|
DWORD AceFlags;
|
|
} SidStruct;
|
|
|
|
|
|
// need to add code for inheritted aces..
|
|
class CSecDesc
|
|
{
|
|
private:
|
|
XPtrLF<SidStruct> m_xpSidList;
|
|
DWORD m_cAces;
|
|
DWORD m_cAllocated;
|
|
BOOL m_bInitialised;
|
|
BOOL m_bFailed;
|
|
XPtrLF<SID> m_xpOwnerSid;
|
|
XPtrLF<SID> m_xpGrpSid;
|
|
|
|
|
|
// Not implemented.
|
|
CSecDesc(const CSecDesc& x);
|
|
CSecDesc& operator=(const CSecDesc& x);
|
|
|
|
BOOL ReAllocSidList();
|
|
|
|
public:
|
|
CSecDesc();
|
|
~CSecDesc();
|
|
BOOL AddLocalSystem(DWORD dwAccess=GENERIC_ALL, DWORD AceFlags=0);
|
|
BOOL AddAdministrators(DWORD dwAccess=GENERIC_ALL, DWORD AceFlags=0);
|
|
BOOL AddNetworkService(DWORD dwAccess=GENERIC_ALL, DWORD AceFlags=0);
|
|
BOOL AddEveryOne(DWORD dwAccess, DWORD AceFlags=0);
|
|
BOOL AddAdministratorsAsOwner();
|
|
BOOL AddAdministratorsAsGroup();
|
|
|
|
// BOOL AddThisUser(HANDLE hToken, DWORD dwAccess, BYTE AceFlags=0);
|
|
|
|
// This cannot be implemented here currently because it needs to call
|
|
// GetUserSid which is in userenv\sid.c. To add that code we need to add the
|
|
// common headers..
|
|
|
|
BOOL AddUsers(DWORD dwAccess, DWORD AceFlags=0);
|
|
BOOL AddAuthUsers(DWORD dwAccess, DWORD AceFlags=0);
|
|
BOOL AddSid(PSID pSid, DWORD dwAccess, DWORD AceFlags=0);
|
|
PISECURITY_DESCRIPTOR MakeSD();
|
|
PISECURITY_DESCRIPTOR MakeSelfRelativeSD();
|
|
};
|
|
|
|
#endif // _RSOPSEC_H__89DD6583_B442_41d6_B300_EFE4326A6752__INCLUDED
|