Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

93 lines
3.3 KiB

  1. //******************************************************************************
  2. //
  3. // Microsoft Confidential. Copyright (c) Microsoft Corporation 1999. All rights reserved
  4. //
  5. // File: ChkAcc.h
  6. //
  7. // Description: RSOP Security functions
  8. //
  9. // History: 31-Jul-99 leonardm Created
  10. //
  11. //******************************************************************************
  12. #ifndef CHKACC_H__85EE6A51_C327_4453_ACBE_FEC6F0010740__INCLUDED_
  13. #define CHKACC_H__85EE6A51_C327_4453_ACBE_FEC6F0010740__INCLUDED_
  14. #include <windows.h>
  15. #include <accctrl.h>
  16. #include <aclapi.h>
  17. #include <sddl.h>
  18. #include <lm.h>
  19. #include <oaidl.h>
  20. #include <authz.h>
  21. //******************************************************************************
  22. //
  23. // Structure: CRsopToken
  24. //
  25. // Description: This reprents a pseudo-token containing an arbitrary
  26. // combination of SIDs which
  27. // can be used to check access to objects protected with security descriptors.
  28. //
  29. // History: 7/30/99 leonardm Created.
  30. //
  31. //******************************************************************************
  32. #if defined(__cplusplus)
  33. extern "C"{
  34. #endif
  35. typedef void* PRSOPTOKEN;
  36. //******************************************************************************
  37. //
  38. // Function: RsopCreateToken
  39. //
  40. // Description: Creates a pseudo-token using an exisitng user or machine account plus
  41. // the accounts of which that user is currently a member of.
  42. // The returned pseudo-token can be used subsequently in call
  43. // to other RSOP security functions to check access to
  44. // objects protected by security descriptors.
  45. //
  46. // Parameters: - accountName: Pointer to a user or machine account name.
  47. // - psaSecurity: Pointer ta SAFEARRAY of BSTRs representing
  48. // security groups.
  49. // If NULL, then all the current security groups for the
  50. // szaccountName are added to the RsopToken.
  51. // If not NULL but pointing to an empty array,
  52. // only the szaccountName is added to the RsopToken.
  53. // - ppRsopToken: Address of a PRSOPTOKEN that receives the newly
  54. // created pseudo-token
  55. //
  56. //
  57. // Return: S_OK if successful. An HRESULT error code on failure.
  58. //
  59. // History: 8/7/99 leonardm Created.
  60. //
  61. //******************************************************************************
  62. HRESULT RsopCreateToken( WCHAR* szAccountName,
  63. SAFEARRAY *psaUserSecurityGroups,
  64. PRSOPTOKEN* ppRsopToken );
  65. //******************************************************************************
  66. //
  67. // Function: RsopDeleteToken
  68. //
  69. // Description: Destroys a pseudo-token previously created by any of the overloaded
  70. // forms of RSOPCreateRsopToken
  71. //
  72. // Parameters: - pRsopToken: Pointer to a valid PRSOPTOKEN
  73. //
  74. // Return: S_OK on success. An HRESULT error code on failure.
  75. //
  76. // History: 7/30/99 leonardm Created.
  77. //
  78. //******************************************************************************
  79. HRESULT RsopDeleteToken(PRSOPTOKEN pRsopToken);
  80. #if defined(__cplusplus)
  81. }
  82. #endif
  83. #endif // #ifndef CHKACC_H__85EE6A51_C327_4453_ACBE_FEC6F0010740__INCLUDED_