archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
4.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/published/inc/lsaisrv.w

961 lines
21 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. /*++ BUILD Version: 0001 // Increment this if a change has global effects
  3. Copyright (c) 1992 Microsoft Corporation
  5. Module Name:
  7. lsaisrv.h
  9. Abstract:
  11. This file contains interfaces to internal routines in the Lsa
  12. Server that provide additional functionality not contained in
  13. the Lsar routines. These routines are only used by LSA clients which
  14. live in the same process as the LSA server.
  17. Author:
  19. Scott Birrell (ScottBi) April 8, 1992
  21. Environment:
  23. User Mode - Win32
  25. Revision History:
  28. --*/
  30. #ifndef _LSAISRV_
  31. #define _LSAISRV_
  33. #ifdef __cplusplus
  34. extern "C" {
  35. #endif
  37. //
  38. // The following constants are defined for callers of the LsaIHealthCheckRoutine
  39. //
  40. // 1. LSAI_SAM_STATE_SESS_KEY is used to convey the syskey by SAM to LSA.
  41. // This is used in upgrade cases from NT4 and win2k B3 and RC1.
  42. // SAM in these cases knows the syskey
  43. //
  44. // 2. LSAI_SAM_STATE_UNROLL_SP4_ENCRYPTION is used to convey SAM's password
  45. // encryption key to LSA. This is used to unroll encryption used in NT4 SP4
  46. // ( incorrectly ) using SAM's password encryption key
  47. //
  48. // 3. LSAI_SAM_STATE_RETRIEVE_SESS_KEY is used by SAM/DS to retrieve the
  49. // from LSA to decrypt their respective password encryption keys
  50. //
  51. // 4. LSAI_SAM_GENERATE_SESS_KEY is used by SAM to tell the LSA to generate
  52. // a new Password Encryption key in the case where we are upgrading
  53. // from a NT4 or Win2k B3 or RC1 Machine and the machine is not syskey'd
  54. //
  55. // 5. LSAI_SAM_STATE_CLEAR_SESS_KEY is used by SAM or DS to clear the syskey
  56. // after it has been used for decrypting their respective password
  57. // encryption keys.
  58. //
  59. // 6. LSAI_SAM_STATE_OLD_SESS_KEY This is used to retrieve the old syskey in
  60. // to implement error recovery during syskey change cases.
  61. //
  64. #define LSAI_SAM_STATE_SESS_KEY 0x1
  65. #define LSAI_SAM_STATE_UNROLL_SP4_ENCRYPTION 0x2
  66. #define LSAI_SAM_STATE_RETRIEVE_SESS_KEY 0x3
  67. #define LSAI_SAM_STATE_CLEAR_SESS_KEY 0x4
  68. #define LSAI_SAM_GENERATE_SESS_KEY 0x5
  69. #define LSAI_SAM_STATE_OLD_SESS_KEY 0x6
  72. ///////////////////////////////////////////////////////////////////////////////
  73. // //
  74. // The following prototypes are usable throughout the process that the //
  75. // LSA server resides in. //
  76. // //
  77. ///////////////////////////////////////////////////////////////////////////////
  79. NTSTATUS NTAPI
  80. LsaIHealthCheck(
  81. IN LSAPR_HANDLE DomainHandle OPTIONAL,
  82. IN ULONG StateChange,
  83. IN OUT PVOID StateChangeData,
  84. IN OUT PULONG StateChangeDataLength
  85. );
  87. NTSTATUS NTAPI
  88. LsaIOpenPolicyTrusted(
  89. OUT PLSAPR_HANDLE PolicyHandle
  90. );
  92. NTSTATUS NTAPI
  93. LsaIQueryInformationPolicyTrusted(
  94. IN POLICY_INFORMATION_CLASS InformationClass,
  95. OUT PLSAPR_POLICY_INFORMATION *Buffer
  96. );
  98. NTSTATUS NTAPI
  99. LsaIGetSerialNumberPolicy(
  100. IN LSAPR_HANDLE PolicyHandle,
  101. OUT PLARGE_INTEGER ModifiedCount,
  102. OUT PLARGE_INTEGER CreationTime
  103. );
  105. NTSTATUS NTAPI
  106. LsaISetSerialNumberPolicy(
  107. IN LSAPR_HANDLE PolicyHandle,
  108. IN PLARGE_INTEGER ModifiedCount,
  109. IN PLARGE_INTEGER CreationTime,
  110. IN BOOLEAN StartOfFullSync
  111. );
  113. NTSTATUS NTAPI
  114. LsaIGetSerialNumberPolicy2(
  115. IN LSAPR_HANDLE PolicyHandle,
  116. OUT PLARGE_INTEGER ModifiedCount,
  117. OUT PLARGE_INTEGER ModifiedCountAtLastPromotion,
  118. OUT PLARGE_INTEGER CreationTime
  119. );
  121. NTSTATUS NTAPI
  122. LsaISetSerialNumberPolicy2(
  123. IN LSAPR_HANDLE PolicyHandle,
  124. IN PLARGE_INTEGER ModifiedCount,
  125. IN PLARGE_INTEGER ModifiedCountAtLastPromotion OPTIONAL,
  126. IN PLARGE_INTEGER CreationTime,
  127. IN BOOLEAN StartOfFullSync
  128. );
  130. NTSTATUS NTAPI
  131. LsaIGetPrivateData(
  132. IN LSAPR_HANDLE PolicyHandle,
  133. OUT PULONG DataLength,
  134. OUT PVOID *Data
  135. );
  137. NTSTATUS NTAPI
  138. LsaISetPrivateData(
  139. IN LSAPR_HANDLE PolicyHandle,
  140. IN ULONG DataLength,
  141. IN PVOID Data
  142. );
  144. NTSTATUS NTAPI
  145. LsaIEnumerateSecrets(
  146. IN LSAPR_HANDLE PolicyHandle,
  147. IN OUT PLSA_ENUMERATION_HANDLE EnumerationContext,
  148. OUT PVOID *Buffer,
  149. IN ULONG PreferedMaximumLength,
  150. OUT PULONG CountReturned
  151. );
  153. NTSTATUS NTAPI
  154. LsaISetTimesSecret(
  155. IN LSAPR_HANDLE SecretHandle,
  156. IN PLARGE_INTEGER CurrentValueSetTime,
  157. IN PLARGE_INTEGER OldValueSetTime
  158. );
  160. #ifdef __LOGONMSV_H__ // This API is only of interest to users of logonmsv.h
  162. NTSTATUS NTAPI
  163. LsaIFilterSids(
  164. IN PUNICODE_STRING TrustedDomainName,
  165. IN ULONG TrustDirection,
  166. IN ULONG TrustType,
  167. IN ULONG TrustAttributes,
  168. IN PSID Sid,
  169. IN NETLOGON_VALIDATION_INFO_CLASS InfoClass,
  170. IN OUT PVOID SamInfo
  171. );
  173. #endif
  175. typedef enum {
  177. RoutingMatchDomainSid,
  178. RoutingMatchDomainName,
  179. RoutingMatchUpn,
  180. RoutingMatchSpn,
  182. } LSA_ROUTING_MATCH_TYPE;
  184. NTSTATUS NTAPI
  185. LsaIForestTrustFindMatch(
  186. IN LSA_ROUTING_MATCH_TYPE Type,
  187. IN PVOID Data,
  188. OUT PLSA_UNICODE_STRING Match
  189. );
  191. VOID
  192. LsaIFree_LSA_FOREST_TRUST_INFORMATION(
  193. IN PLSA_FOREST_TRUST_INFORMATION * ForestTrustInfo
  194. );
  196. VOID
  197. LsaIFree_LSA_FOREST_TRUST_COLLISION_INFORMATION(
  198. IN PLSA_FOREST_TRUST_COLLISION_INFORMATION * CollisionInfo
  199. );
  201. BOOLEAN NTAPI
  202. LsaISetupWasRun(
  203. );
  205. BOOLEAN NTAPI
  206. LsaISafeMode(
  207. VOID
  208. );
  210. BOOLEAN NTAPI
  211. LsaILookupWellKnownName(
  212. IN PUNICODE_STRING WellKnownName
  213. );
  215. VOID NTAPI
  216. LsaIFree_LSAPR_ACCOUNT_ENUM_BUFFER (
  217. IN PLSAPR_ACCOUNT_ENUM_BUFFER EnumerationBuffer
  218. );
  220. VOID NTAPI
  221. LsaIFree_LSAPR_TRANSLATED_SIDS (
  222. IN PLSAPR_TRANSLATED_SIDS TranslatedSids
  223. );
  225. VOID NTAPI
  226. LsaIFree_LSAPR_TRANSLATED_NAMES (
  227. IN PLSAPR_TRANSLATED_NAMES TranslatedNames
  228. );
  230. VOID NTAPI
  231. LsaIFree_LSAPR_POLICY_INFORMATION (
  232. IN POLICY_INFORMATION_CLASS InformationClass,
  233. IN PLSAPR_POLICY_INFORMATION PolicyInformation
  234. );
  236. VOID NTAPI
  237. LsaIFree_LSAPR_POLICY_DOMAIN_INFORMATION (
  238. IN POLICY_DOMAIN_INFORMATION_CLASS DomainInformationClass,
  239. IN PLSAPR_POLICY_DOMAIN_INFORMATION PolicyDomainInformation
  240. );
  242. VOID NTAPI
  243. LsaIFree_LSAPR_TRUSTED_DOMAIN_INFO (
  244. IN TRUSTED_INFORMATION_CLASS InformationClass,
  245. IN PLSAPR_TRUSTED_DOMAIN_INFO TrustedDomainInformation
  246. );
  248. VOID NTAPI
  249. LsaIFree_LSAPR_REFERENCED_DOMAIN_LIST (
  250. IN PLSAPR_REFERENCED_DOMAIN_LIST ReferencedDomains
  251. );
  253. VOID NTAPI
  254. LsaIFree_LSAPR_TRUSTED_ENUM_BUFFER (
  255. IN PLSAPR_TRUSTED_ENUM_BUFFER EnumerationBuffer
  256. );
  258. VOID NTAPI
  259. LsaIFree_LSAPR_TRUSTED_ENUM_BUFFER_EX (
  260. PLSAPR_TRUSTED_ENUM_BUFFER_EX EnumerationBuffer
  261. );
  263. VOID NTAPI
  264. LsaIFree_LSAPR_TRUST_INFORMATION (
  265. IN PLSAPR_TRUST_INFORMATION TrustInformation
  266. );
  268. VOID NTAPI
  269. LsaIFree_LSAP_SECRET_ENUM_BUFFER (
  270. IN PVOID Buffer,
  271. IN ULONG Count
  272. );
  274. VOID NTAPI
  275. LsaIFree_LSAPR_PRIVILEGE_ENUM_BUFFER (
  276. PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer
  277. );
  279. VOID NTAPI
  280. LsaIFree_LSAPR_SR_SECURITY_DESCRIPTOR (
  281. IN PLSAPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor
  282. );
  284. VOID
  285. LsaIFree_LSAI_SECRET_ENUM_BUFFER (
  286. IN PVOID Buffer,
  287. IN ULONG Count
  288. );
  290. VOID NTAPI
  291. LsaIFree_LSAI_PRIVATE_DATA (
  292. IN PVOID Data
  293. );
  295. VOID NTAPI
  296. LsaIFree_LSAPR_UNICODE_STRING (
  297. IN PLSAPR_UNICODE_STRING UnicodeName
  298. );
  300. VOID NTAPI
  301. LsaIFree_LSAPR_UNICODE_STRING_BUFFER (
  302. IN PLSAPR_UNICODE_STRING UnicodeName
  303. );
  305. VOID NTAPI
  306. LsaIFree_LSAPR_PRIVILEGE_SET (
  307. IN PLSAPR_PRIVILEGE_SET PrivilegeSet
  308. );
  310. VOID NTAPI
  311. LsaIFree_LSAPR_CR_CIPHER_VALUE (
  312. IN PLSAPR_CR_CIPHER_VALUE CipherValue
  313. );
  316. NTSTATUS NTAPI
  317. LsaIAuditSamEvent(
  318. IN NTSTATUS Status,
  319. IN ULONG AuditId,
  320. IN PSID DomainSid,
  321. IN PUNICODE_STRING AdditionalInfo OPTIONAL,
  322. IN PULONG MemberRid OPTIONAL,
  323. IN PSID MemberSid OPTIONAL,
  324. IN PUNICODE_STRING AccountName OPTIONAL,
  325. IN PUNICODE_STRING DomainName,
  326. IN PULONG AccountRid OPTIONAL,
  327. IN PPRIVILEGE_SET Privileges OPTIONAL
  328. );
  330. VOID NTAPI
  331. LsaIAuditNotifyPackageLoad(
  332. PUNICODE_STRING PackageFileName
  333. );
  335. NTSTATUS NTAPI
  336. LsaIAuditKdcEvent(
  337. IN ULONG AuditId,
  338. IN PUNICODE_STRING ClientName,
  339. IN PUNICODE_STRING ClientDomain,
  340. IN PSID ClientSid,
  341. IN PUNICODE_STRING ServiceName,
  342. IN PSID ServiceSid,
  343. IN PULONG KdcOptions,
  344. IN PULONG KerbStatus,
  345. IN PULONG EncryptionType,
  346. IN PULONG PreAuthType,
  347. IN PBYTE ClientAddress,
  348. IN LPGUID UniqueId OPTIONAL
  349. );
  351. NTSTATUS
  352. LsaIGetLogonGuid(
  353. IN PUNICODE_STRING pUserName,
  354. IN PUNICODE_STRING pUserDomain,
  355. IN PBYTE pBuffer,
  356. IN UINT BufferSize,
  357. OUT LPGUID pLogonGuid
  358. );
  360. NTSTATUS
  361. LsaISetLogonGuidInLogonSession(
  362. IN PLUID LogonId,
  363. IN LPGUID LogonGuid OPTIONAL
  364. );
  366. VOID
  367. LsaIAuditKerberosLogon(
  368. IN NTSTATUS LogonStatus,
  369. IN NTSTATUS LogonSubStatus,
  370. IN PUNICODE_STRING AccountName,
  371. IN PUNICODE_STRING AuthenticatingAuthority,
  372. IN PUNICODE_STRING WorkstationName,
  373. IN PSID UserSid, OPTIONAL
  374. IN SECURITY_LOGON_TYPE LogonType,
  375. IN PTOKEN_SOURCE TokenSource,
  376. IN PLUID LogonId,
  377. IN LPGUID LogonGuid
  378. );
  380. NTSTATUS
  381. LsaIAuditLogonUsingExplicitCreds(
  382. IN USHORT AuditEventType,
  383. IN PSID pUser1Sid,
  384. IN PUNICODE_STRING pUser1Name,
  385. IN PUNICODE_STRING pUser1Domain,
  386. IN PLUID pUser1LogonId,
  387. IN LPGUID pUser1LogonGuid, OPTIONAL
  388. IN PUNICODE_STRING pUser2Name,
  389. IN PUNICODE_STRING pUser2Domain,
  390. IN LPGUID pUser2LogonGuid
  391. );
  393. NTSTATUS
  394. LsaIAuditAccountLogon(
  395. IN ULONG AuditId,
  396. IN BOOLEAN Successful,
  397. IN PUNICODE_STRING Source,
  398. IN PUNICODE_STRING ClientName,
  399. IN PUNICODE_STRING MappedName,
  400. IN NTSTATUS Status OPTIONAL
  401. );
  403. NTSTATUS NTAPI
  404. LsaIAuditDPAPIEvent(
  405. IN ULONG AuditId,
  406. IN PSID UserSid,
  407. IN PUNICODE_STRING MasterKeyID,
  408. IN PUNICODE_STRING RecoveryServer,
  409. IN PULONG Reason,
  410. IN PUNICODE_STRING RecoverykeyID,
  411. IN PULONG FailureReason
  412. );
  415. #define LSA_AUDIT_PARAMETERS_ABSOLUTE 1
  417. NTSTATUS NTAPI
  418. LsaIWriteAuditEvent(
  419. IN PSE_ADT_PARAMETER_ARRAY AuditParameters,
  420. IN ULONG Options
  421. );
  424. NTSTATUS
  425. LsaIAuditPasswordAccessEvent(
  426. IN USHORT EventType,
  427. IN PCWSTR pszTargetUserName,
  428. IN PCWSTR pszTargetUserDomain
  429. );
  432. NTSTATUS NTAPI
  433. LsaICallPackage(
  434. IN PUNICODE_STRING AuthenticationPackage,
  435. IN PVOID ProtocolSubmitBuffer,
  436. IN ULONG SubmitBufferLength,
  437. OUT PVOID *ProtocolReturnBuffer,
  438. OUT PULONG ReturnBufferLength,
  439. OUT PNTSTATUS ProtocolStatus
  440. );
  442. VOID NTAPI
  443. LsaIFreeReturnBuffer(
  444. IN PVOID Buffer
  445. );
  449. //
  450. // NT5 routines for using the Ds for Lsa store
  451. //
  453. #define LSAI_FOREST_ROOT_TRUST 0x00000001
  454. #define LSAI_FOREST_DOMAIN_GUID_PRESENT 0x00000002
  456. //
  457. // These structures correspond to the private interface Kerberos uses
  458. // to build a tree of the domains in an organization.
  459. //
  461. typedef struct _LSAPR_TREE_TRUST_INFO {
  463. UNICODE_STRING DnsDomainName;
  464. UNICODE_STRING FlatName;
  465. GUID DomainGuid;
  466. PSID DomainSid;
  467. ULONG Flags;
  468. ULONG Children;
  469. struct _LSAPR_TREE_TRUST_INFO *ChildDomains;
  470. } LSAPR_TREE_TRUST_INFO, *PLSAPR_TREE_TRUST_INFO;
  472. typedef struct _LSAPR_FOREST_TRUST_INFO {
  474. LSAPR_TREE_TRUST_INFO RootTrust;
  475. PLSAPR_TREE_TRUST_INFO ParentDomainReference;
  477. } LSAPR_FOREST_TRUST_INFO, *PLSAPR_FOREST_TRUST_INFO;
  479. VOID
  480. LsaIFreeForestTrustInfo(
  481. IN PLSAPR_FOREST_TRUST_INFO ForestTrustInfo
  482. );
  484. NTSTATUS
  485. NTAPI
  486. LsaIQueryForestTrustInfo(
  487. IN LSAPR_HANDLE PolicyHandle,
  488. OUT PLSAPR_FOREST_TRUST_INFO *ForestTrustInfo
  489. );
  493. NTSTATUS NTAPI
  494. LsaISetTrustedDomainAuthInfoBlobs(
  495. IN LSAPR_HANDLE PolicyHandle,
  496. IN PLSAPR_UNICODE_STRING TrustedDomainName,
  497. IN PLSAPR_TRUSTED_DOMAIN_AUTH_BLOB IncomingBlob,
  498. IN PLSAPR_TRUSTED_DOMAIN_AUTH_BLOB OutgoingBlob);
  501. NTSTATUS NTAPI
  502. LsaIUpgradeRegistryToDs(
  503. IN BOOLEAN DeleteOnly
  504. );
  506. NTSTATUS NTAPI
  507. LsaIGetTrustedDomainAuthInfoBlobs(
  508. IN LSAPR_HANDLE PolicyHandle,
  509. IN PLSAPR_UNICODE_STRING TrustedDomainName,
  510. OUT PLSAPR_TRUSTED_DOMAIN_AUTH_BLOB IncomingBlob,
  511. OUT PLSAPR_TRUSTED_DOMAIN_AUTH_BLOB OutgoingBlob
  512. );
  514. NTSTATUS NTAPI
  515. LsaISetServerRoleForNextBoot(
  516. IN LSAPR_HANDLE PolicyHandle,
  517. IN POLICY_LSA_SERVER_ROLE ServerRole
  518. );
  521. BOOLEAN NTAPI
  522. LsaIIsClassIdLsaClass(
  523. IN ULONG ClassId,
  524. OUT PULONG LsaClass
  525. );
  528. NTSTATUS NTAPI
  529. LsaIDsNotifiedObjectChange(
  530. IN ULONG Class,
  531. IN PVOID ObjectPath, // This is a DSNAME
  532. IN SECURITY_DB_DELTA_TYPE DeltaType,
  533. IN PSID UserSid,
  534. IN LUID AuthenticationId,
  535. IN BOOLEAN fReplicatedIn,
  536. IN BOOLEAN ChangeOriginatedInLSA
  537. );
  539. typedef NTSTATUS (NTAPI *pfLsaIDsNotifiedObjectChange )(
  540. ULONG, PVOID, SECURITY_DB_DELTA_TYPE, PSID, LUID, BOOLEAN, BOOLEAN );
  542. //
  543. // NT5 routines for moving some SAM domain object properties to the Lsa Ds objects
  544. //
  545. #define LSAI_SAM_NONE 0x00000000
  546. #define LSAI_SAM_TRANSACTION_ACTIVE 0x00000001
  548. #define LSAI_SAM_ADD 0x1
  549. #define LSAI_SAM_REMOVE 0x2
  551. NTSTATUS NTAPI
  552. LsaISamSetDomainObjectProperties(
  553. IN DOMAIN_INFORMATION_CLASS SamInfoClass,
  554. IN PVOID Buffer,
  555. IN ULONG Options
  556. );
  558. NTSTATUS NTAPI
  559. LsaISamSetDomainBuiltinGroupMembership(
  560. IN PSID GroupSid,
  561. IN ULONG Operation,
  562. IN ULONG Users,
  563. IN PVOID UserList, // This is a list of DSNAME pointers
  564. IN ULONG Options
  565. );
  567. NTSTATUS NTAPI
  568. LsaISamIndicatedDsStarted(
  569. IN BOOLEAN PerformDomainRenameCheck
  570. );
  573. //
  574. // Netlogon routines for enumerating subnets
  575. //
  577. typedef struct _LSAP_SUBNET_INFO_ENTRY {
  578. UNICODE_STRING SubnetName;
  579. UNICODE_STRING SiteName;
  580. } LSAP_SUBNET_INFO_ENTRY, *PLSAP_SUBNET_INFO_ENTRY;
  582. typedef struct _LSAP_SUBNET_INFO {
  583. ULONG SiteCount;
  584. ULONG SubnetCount;
  585. LSAP_SUBNET_INFO_ENTRY Subnets[1];
  586. } LSAP_SUBNET_INFO, *PLSAP_SUBNET_INFO;
  588. NTSTATUS NTAPI
  589. LsaIQuerySubnetInfo(
  590. OUT PLSAP_SUBNET_INFO *SubnetInformation
  591. );
  593. VOID NTAPI
  594. LsaIFree_LSAP_SUBNET_INFO(
  595. IN PLSAP_SUBNET_INFO SubnetInfo
  596. );
  599. //
  600. // Netlogon routines for UPN/SPN suffixes
  601. //
  603. typedef struct _LSAP_UPN_SUFFIXES {
  604. ULONG SuffixCount;
  605. UNICODE_STRING Suffixes[1];
  606. } LSAP_UPN_SUFFIXES, *PLSAP_UPN_SUFFIXES;
  608. NTSTATUS
  609. LsaIQueryUpnSuffixes(
  610. OUT PLSAP_UPN_SUFFIXES *UpnSuffixes
  611. );
  613. VOID
  614. LsaIFree_LSAP_UPN_SUFFIXES(
  615. IN PLSAP_UPN_SUFFIXES UpnSuffixes
  616. );
  618. NTSTATUS
  619. LsaIGetForestTrustInformation(
  620. OUT PLSA_FOREST_TRUST_INFORMATION *ForestTrustInfo
  621. );
  623. NTSTATUS
  624. LsaIUpdateForestTrustInformation(
  625. IN LSAPR_HANDLE PolicyHandle,
  626. IN UNICODE_STRING * TrustedDomainName,
  627. IN PLSA_FOREST_TRUST_INFORMATION NewForestTrustInfo
  628. );
  630. //
  631. // Netlogon routines for enumerating sites
  632. //
  634. typedef struct _LSAP_SITE_INFO_ENTRY {
  635. UNICODE_STRING SiteName;
  636. } LSAP_SITE_INFO_ENTRY, *PLSAP_SITE_INFO_ENTRY;
  638. typedef struct _LSAP_SITE_INFO {
  639. ULONG SiteCount;
  640. LSAP_SITE_INFO_ENTRY Sites[1];
  641. } LSAP_SITE_INFO, *PLSAP_SITE_INFO;
  643. NTSTATUS NTAPI
  644. LsaIQuerySiteInfo(
  645. OUT PLSAP_SITE_INFO *SiteInformation
  646. );
  648. VOID NTAPI
  649. LsaIFree_LSAP_SITE_INFO(
  650. IN PLSAP_SITE_INFO SubnetInfo
  651. );
  653. //
  654. // Netlogon routines for getting the name of the site we're in.
  655. //
  657. typedef struct _LSAP_SITENAME_INFO {
  658. UNICODE_STRING SiteName;
  659. GUID DsaGuid;
  660. ULONG DsaOptions;
  661. } LSAP_SITENAME_INFO, *PLSAP_SITENAME_INFO;
  663. NTSTATUS NTAPI
  664. LsaIGetSiteName(
  665. OUT PLSAP_SITENAME_INFO *SiteNameInformation
  666. );
  668. VOID NTAPI
  669. LsaIFree_LSAP_SITENAME_INFO(
  670. IN PLSAP_SITENAME_INFO SiteNameInfo
  671. );
  673. BOOLEAN NTAPI
  674. LsaIIsDsPaused(
  675. VOID
  676. );
  680. //
  681. // Lsa notification routine definitions
  682. //
  684. //
  685. // Notification callback routine prototype
  686. //
  687. typedef VOID ( NTAPI fLsaPolicyChangeNotificationCallback) (
  688. IN POLICY_NOTIFICATION_INFORMATION_CLASS ChangedInfoClass
  689. );
  691. typedef fLsaPolicyChangeNotificationCallback *pfLsaPolicyChangeNotificationCallback;
  693. NTSTATUS NTAPI
  694. LsaIRegisterPolicyChangeNotificationCallback(
  695. IN pfLsaPolicyChangeNotificationCallback Callback,
  696. IN POLICY_NOTIFICATION_INFORMATION_CLASS MonitorInfoClass
  697. );
  699. NTSTATUS NTAPI
  700. LsaIUnregisterPolicyChangeNotificationCallback(
  701. IN pfLsaPolicyChangeNotificationCallback Callback,
  702. IN POLICY_NOTIFICATION_INFORMATION_CLASS MonitorInfoClass
  703. );
  705. NTSTATUS NTAPI
  706. LsaIUnregisterAllPolicyChangeNotificationCallback(
  707. IN pfLsaPolicyChangeNotificationCallback Callback
  708. );
  711. HANDLE NTAPI
  712. LsaIRegisterNotification(
  713. IN PTHREAD_START_ROUTINE StartFunction,
  714. IN PVOID Parameter,
  715. IN ULONG NotificationType,
  716. IN ULONG NotificationClass,
  717. IN ULONG NotificationFlags,
  718. IN ULONG IntervalMinutes,
  719. IN OPTIONAL HANDLE WaitEvent
  720. );
  723. NTSTATUS NTAPI
  724. LsaICancelNotification(
  725. IN HANDLE NotifyHandle
  726. );
  728. BOOLEAN
  729. NTAPI
  730. LsaIEventNotify(
  731. ULONG Class,
  732. ULONG Flags,
  733. ULONG EventSize,
  734. PVOID EventData);
  736. VOID
  737. LsaIAddTouchAddress(
  738. PVOID Address,
  739. SIZE_T Range
  740. );
  742. VOID
  743. LsaIRemoveTouchAddress(
  744. PVOID Address
  745. );
  747. //
  748. // This is the notification Kerberos registers to receive updates on changing trusts
  749. //
  750. typedef VOID (fLsaTrustChangeNotificationCallback) (
  751. IN SECURITY_DB_DELTA_TYPE DeltaType
  752. );
  754. typedef fLsaTrustChangeNotificationCallback *pfLsaTrustChangeNotificationCallback;
  756. typedef enum LSAP_REGISTER {
  758. LsaRegister = 0,
  759. LsaUnregister
  761. } LSAP_REGISTER, *PLSAP_REGISTER;
  763. NTSTATUS NTAPI
  764. LsaIKerberosRegisterTrustNotification(
  765. IN pfLsaTrustChangeNotificationCallback Callback,
  766. IN LSAP_REGISTER Register
  767. );
  769. //
  770. // See secpkg.h : LsaGetCallInfo and SECPKG_CALL_INFO
  771. //
  772. BOOLEAN
  773. NTAPI
  774. LsaIGetCallInfo(
  775. PVOID
  776. );
  778. BOOLEAN
  779. LsaIGetThreadHeap(
  780. VOID
  781. );
  783. VOID
  784. LsaITossThreadHeap(
  785. VOID
  786. );
  788. PVOID
  789. LsaIThreadAlloc(
  790. IN SIZE_T Size
  791. );
  793. VOID
  794. LsaIThreadFree(
  795. IN PVOID Memory
  796. );
  799. NTSTATUS
  800. LsaISetClientDnsHostName(
  801. IN PWSTR ClientName,
  802. IN PWSTR ClientDnsHostName OPTIONAL,
  803. IN POSVERSIONINFOEXW OsVersionInfo OPTIONAL,
  804. IN PWSTR OsName OPTIONAL,
  805. OUT PWSTR *OldDnsHostName OPTIONAL
  806. );
  808. VOID
  809. LsaIManageReplicationSyncLock(
  810. IN BOOLEAN TakeLock
  811. );
  813. NTSTATUS
  814. LsaICallPackageEx(
  815. IN PUNICODE_STRING AuthenticationPackage,
  816. IN PVOID ClientBufferBase,
  817. IN PVOID ProtocolSubmitBuffer,
  818. IN ULONG SubmitBufferLength,
  819. OUT PVOID * ProtocolReturnBuffer,
  820. OUT PULONG ReturnBufferLength,
  821. OUT PNTSTATUS ProtocolStatus
  822. );
  824. NTSTATUS
  825. LsaICallPackagePassthrough(
  826. IN PUNICODE_STRING AuthenticationPackage,
  827. IN PVOID ClientBufferBase,
  828. IN PVOID ProtocolSubmitBuffer,
  829. IN ULONG SubmitBufferLength,
  830. OUT PVOID * ProtocolReturnBuffer,
  831. OUT PULONG ReturnBufferLength,
  832. OUT PNTSTATUS ProtocolStatus
  833. );
  835. NTSTATUS
  836. LsaISetBootOption(
  837. IN ULONG BootOption,
  838. IN PVOID OldKey,
  839. IN ULONG OldKeyLength,
  840. IN PVOID NewKey,
  841. IN ULONG NewKeyLength
  842. );
  844. NTSTATUS
  845. LsaIGetBootOption(
  846. OUT PULONG BootOption
  847. );
  849. VOID
  850. LsaINotifyPasswordChanged(
  851. IN PUNICODE_STRING NetbiosDomainName OPTIONAL,
  852. IN PUNICODE_STRING UserName,
  853. IN PUNICODE_STRING DnsDomainName OPTIONAL,
  854. IN PUNICODE_STRING Upn OPTIONAL,
  855. IN PUNICODE_STRING OldPassword,
  856. IN PUNICODE_STRING NewPassword,
  857. IN BOOLEAN Impersonating
  858. );
  860. NTSTATUS
  861. LsaINotifyChangeNotification(
  862. IN POLICY_NOTIFICATION_INFORMATION_CLASS InfoClass
  863. );
  865. NTSTATUS
  866. LsaIGetNbAndDnsDomainNames(
  867. IN PUNICODE_STRING DomainName,
  868. OUT PUNICODE_STRING DnsDomainName,
  869. OUT PUNICODE_STRING NetbiosDomainName
  870. );
  874. //
  875. // This flag indicates the the protected blob is a system blob, and cannot
  876. // be decrypted by the user-space.
  877. //
  878. #define CRYPTPROTECT_SYSTEM 0x20000000
  881. //
  882. // Local Free should be used to free the returned buffer
  883. //
  884. BOOLEAN
  885. LsaICryptProtectData(
  886. IN PVOID DataIn,
  887. IN ULONG DataInLength,
  888. IN PUNICODE_STRING szDataDescr,
  889. IN PVOID OptionalEntropy,
  890. IN ULONG OptionalEntropyLength,
  891. IN PVOID Reserved,
  892. IN PVOID Reserved2,
  893. IN ULONG Flags,
  894. OUT PVOID * DataOut,
  895. OUT PULONG DataOutLength);
  898. //
  899. // Local Free should be used to free the returned buffer
  900. //
  901. BOOLEAN
  902. LsaICryptUnprotectData(
  903. IN PVOID DataIn,
  904. IN ULONG DataInLength,
  905. IN PVOID OptionalEntropy,
  906. IN ULONG OptionalEntropyLength,
  907. IN PVOID Reserved,
  908. IN PVOID Reserved2,
  909. IN ULONG Flags,
  910. OUT PUNICODE_STRING szDataDescr,
  911. OUT PVOID * DataOut,
  912. OUT PULONG DataOutLength);
  914. //
  915. // Heap allocator for the LSA process
  916. //
  918. PVOID
  919. NTAPI
  920. LsaIAllocateHeapZero(
  921. IN SIZE_T Length
  922. );
  924. PVOID
  925. NTAPI
  926. LsaIAllocateHeap(
  927. IN SIZE_T cbMemory
  928. );
  930. VOID
  931. NTAPI
  932. LsaIFreeHeap(
  933. IN PVOID Base
  934. );
  936. typedef enum LSAP_NETLOGON_PARAMETER {
  938. LsaEmulateNT4,
  940. } LSAP_NETLOGON_PARAMETER;
  942. VOID
  943. NTAPI
  944. LsaINotifyNetlogonParametersChangeW(
  945. IN LSAP_NETLOGON_PARAMETER Parameter,
  946. IN DWORD dwType,
  947. IN PWSTR lpData,
  948. IN DWORD cbData
  949. );
  951. NTSTATUS
  952. NTAPI
  953. LsaIChangeSecretCipherKey(
  954. IN PVOID NewSysKey
  955. );
  957. #ifdef __cplusplus
  958. }
  959. #endif
  961. #endif // _LSAISRV_