|
|
//>-------------------------------------------------------------------------------<
//
// File: Actldb.h
//
// Synopsis: All defs and declarations for actldb.cpp, including the following
// sysop API's for accout/group/token maintenance in security DB:
//
// AddAcct
// DeleteAcct
// DeleteAcctByLogin
// SetPassword
// GetHandle
// GetAcctInfo
//
// EnumUserGroups
// EnumUserGroupsEx
// GetUserGroupDetails
// FindUserGroup
// AddUserGroup
// UpdateUserGroup
// DeleteUserGroup
// EnumGroupMembers
// EnumGroupMembersEx
// EnumGroupMembersExpire
// EnumGroupMembersExpireEx
// AddAcctToGroup
// AddAcctToGroupExpire
// RemoveAcctFromGroup
// RemoveExpiredAcctsFromGroup
//
// EnumTokens
// EnumTokensEx
// CreateToken
// ModifyToken
// DeleteToken
// EnumAcctPrivateTokens
// EnumAcctPrivateTokensEx
// EnumGroupsWithToken
// EnumGroupsWithTokenEx
// EnumGroupsWithTokenExpire
// EnumGroupsWithTokenExpireEx
// AddGroupToToken
// AddGroupToTokenExpire
// EnumAcctsWithToken
// RemoveGroupFromToken
// RemoveExpiredGroupsFromToken
// EnumAcctsWithToken
// EnumAcctsWithTokenEx
// EnumAcctsWithTokenExpire
// EnumAcctsWithTokenExpireEx
// AddAcctToToken
// AddAcctToTokenExpire
// RemoveAcctFromToken
// RemoveExpiredAcctsFromToken
// GetTokenDetails
// TokenIdFromTokenName
// UiIsAccountInGroup
// EnumExcludedAccts
// EnumExcludedAcctsEx
// AddExclusion
// AddExclusionEx
// RemoveExclusion
// GetMaxTokenId
//
// AddAccessPlan
// UpdateAccessPlan
// DeleteAccessPlan
// EnumAccessPlans
// EnumAccessPlansEx
//
// SearchAcctsWithToken
// SearchExcludedAcctsWithToken
// SearchGroupMembers
// SearchGroupsWithToken
// SearchTokens
// SearchUserGroups
// TotalAcctsWithToken
// TotalExcludedAcctsWithToken
// TotalGroupMembers
// TotalGroupsWithToken
// TotalTokens
// TotalUserGroups
//
// History: DanielLi Ported to 2.x tree 03/22/96
//
// Copyright (C) 1994-1996 Microsoft Corporation
// All rights reserved
//
//>-------------------------------------------------------------------------------<
#if !defined(__ACTLDB_H__)
#define __ACTLDB_H__
#include <acsctl.h>
#if !defined(_ACTLDB_DLL_DEFINED)
#if defined(WIN32)
#if defined(_ACTLDBDLL)
#define ActlDBDLL DllExport __stdcall
#else
#define ActlDBDLL DllImport __stdcall
#endif
#else
#define ActlDBDLL
#endif
#define _ACTLDB_DLL_DEFINED
#endif
//
// Structures to manipulate token, group, account info
//
typedef struct _ACCOUNT_INFO{ HACCT hAcct; CHAR szLoginName[AC_MAX_LOGIN_NAME_LENGTH+1]; CHAR szDomainName[AC_MAX_DOMAIN_NAME_LENGTH+1]; // reserved
CHAR szFirstName[AC_MAX_FIRST_NAME_LENGTH+1]; CHAR szLastName[AC_MAX_LAST_NAME_LENGTH+1]; WORD wAcctType; CHAR szPassword[AC_MAX_PASSWORD_LENGTH+1]; WORD wAcctStatus; SYSTEMTIME tmExpired;
} ACCOUNT_INFO, *PACCOUNT_INFO;
typedef struct _ACCOUNT_INFO_RIGHT{ HACCT hAcct; CHAR szLoginName[AC_MAX_LOGIN_NAME_LENGTH+1]; CHAR szFirstName[AC_MAX_FIRST_NAME_LENGTH+1]; CHAR szLastName[AC_MAX_LAST_NAME_LENGTH+1]; AR arRight; SYSTEMTIME tmExpired;
} ACCOUNT_INFO_RIGHT, *PACCOUNT_INFO_RIGHT;
typedef struct _USER_GROUP{ HGROUP hGroup; CHAR szName[AC_MAX_GROUP_NAME_LENGTH];} USER_GROUP, *PUSER_GROUP;
typedef struct _USER_GROUP_RIGHT{ HGROUP hGroup; CHAR szName[AC_MAX_GROUP_NAME_LENGTH+1]; AR arRight; SYSTEMTIME tmExpired;
} USER_GROUP_RIGHT, *PUSER_GROUP_RIGHT;
typedef struct _USER_GROUP_DETAILS{ HGROUP hGroup; CHAR szName[AC_MAX_GROUP_NAME_LENGTH]; TOKEN token;} USER_GROUP_DETAILS, *PUSER_GROUP_DETAILS;
typedef struct _TOKEN_DETAILS{ TOKEN token; CHAR szName[AC_MAX_TOKEN_NAME_LENGTH+1]; CHAR szDesc[AC_MAX_TOKEN_DESC_LENGTH+1]; HGROUP hOwnerGroup;
} TOKEN_DETAILS, *PTOKEN_DETAILS;
typedef struct _TOKEN_RIGHT{ TOKEN token; AR arRight; SYSTEMTIME tmExpired;
} TOKEN_RIGHT, *PTOKEN_RIGHT;
typedef struct _ACCESS_PLAN{ HGROUP hGroup; // group id used as plan id
HACCT hAcct; // proxy account for this group
HACCT hOwner; // reserved for owner id
} ACCESS_PLAN, *PACCESS_PLAN;
//--------------------------------------------------------------------------------
//
// Prototypes of caller-defined callback functions passed into EnumXXXXEx API's
//
//--------------------------------------------------------------------------------
typedef UINT (__cdecl *PGROUPENUMPROC)( PUSER_GROUP pGroup, LPARAM lParam );typedef UINT (__cdecl *PACCTENUMPROC)( PACCOUNT_INFO pAcct, LPARAM lParam );typedef UINT (__cdecl *PTOKENENUMPROC)( PTOKEN_DETAILS pToken, LPARAM lParam );typedef UINT (__cdecl *PTOKENRITENUMPROC)( PTOKEN_RIGHT pTokenRit, LPARAM lParam );typedef UINT (__cdecl *PACCTRITENUMPROC)( PACCOUNT_INFO_RIGHT pAcctRit, LPARAM lParam );typedef UINT (__cdecl *PGROUPRITENUMPROC)( PUSER_GROUP_RIGHT pGroupRit, LPARAM lParam );typedef UINT (__cdecl *PPLANENUMPROC)( PACCESS_PLAN pPlan, LPARAM lParam );
//--------------------------------------------------------------------------------
//
// Performance counters
//
//--------------------------------------------------------------------------------
typedef struct _SECURITY_STATISTICS{ //
// number of AddAcct are called
//
DWORD dwAddAcct; //
// number of AddAcct failed
//
DWORD dwAddAcctFailures;
DWORD dwDeleteAcct; DWORD dwDeleteAcctFailures;
DWORD dwSetPassword; DWORD dwSetPasswordFailures;
DWORD dwGetHandle; DWORD dwGetHandleFailures;
DWORD dwAddAcctToToken; DWORD dwAddAcctToTokenFailures;
DWORD dwRemoveAcctFromToken; DWORD dwRemoveAcctFromTokenFailures;
DWORD dwGetTokenDetails; DWORD dwGetTokenDetailsFailures;
DWORD dwEnumAcctPrivateTokens; DWORD dwEnumAcctPrivateTokensFailures;
DWORD dwGetAcctInfo; DWORD dwGetAcctInfoFailures;
} SECURITY_STATISTICS, *PSECURITY_STATISTICS;
#define INC_SECURITY_COUNTER(counter) (InterlockedIncrement((LPLONG)&g_statSecurity.##counter))
#define DEC_SECURITY_COUNTER(counter) (InterlockedDecrement((LPLONG)&g_statSecurity.##counter))
extern "C"{BOOL ActlDBDLL FInitSecurityLib(BOOL fCacheExisted);VOID ActlDBDLL TerminateSecurityLib();
UINT ActlDBDLL UiGetSecurityPerfmonBlock(PSECURITY_STATISTICS *ppStat);
UINT ActlDBDLL UiRegisterSecurityDB(CHAR *szServerName, CHAR *szDBName, CHAR *szLogin, CHAR *szPassword);
UINT ActlDBDLLAddAcct ( PACCOUNT_INFO pAcctInfo );
UINT ActlDBDLL DeleteAcct ( HACCT hAcct );
UINT ActlDBDLL DeleteAcctByLogin ( CHAR *szLoginName );
UINT ActlDBDLL SetPassword ( HACCT hAcct, PCHAR szOldPassword, PCHAR szNewPassword );
UINT ActlDBDLL GetHandle ( PCHAR szLoginName, PHACCT phAcct );
UINT ActlDBDLL GetAcctInfo ( HACCT hAcct, PACCOUNT_INFO pAcctInfo );
UINT ActlDBDLL EnumUserGroups ( PUSER_GROUP pGroups, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumUserGroupsEx ( PGROUPENUMPROC lpGroupEnumFunc, LPARAM lParam );
UINT ActlDBDLL GetUserGroupDetails ( HGROUP hGroup, PUSER_GROUP_DETAILS pDetails );
UINT ActlDBDLL FindUserGroup ( PSTR szName, PUSER_GROUP_DETAILS pDetails );
UINT ActlDBDLL AddUserGroup ( PUSER_GROUP_DETAILS pDetails );
UINT ActlDBDLL UpdateUserGroup ( PUSER_GROUP_DETAILS pDetails );
UINT ActlDBDLL DeleteUserGroup ( HGROUP hGroup );
UINT ActlDBDLL EnumGroupMembers ( HGROUP hGroup, PACCOUNT_INFO pAccts, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumGroupMembersEx ( HGROUP hGroup, PACCTENUMPROC lpAcctEnumFunc, LPARAM lParam );
UINT ActlDBDLL EnumGroupMembersExpire ( HGROUP hGroup, LPSYSTEMTIME lptmExpired, PACCOUNT_INFO pAccts, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumGroupMembersExpireEx ( HGROUP hGroup, LPSYSTEMTIME lptmExpired, PACCTENUMPROC lpAcctEnumFunc, LPARAM lParam );
UINT ActlDBDLL AddAcctToGroup ( HGROUP hGroup, HACCT hAcct );
UINT ActlDBDLL AddAcctToGroupExpire ( HGROUP hGroup, HACCT hAcct, LPSYSTEMTIME lptmExpired );
UINT ActlDBDLL RemoveAcctFromGroup ( HGROUP hGroup, HACCT hAcct );
UINT ActlDBDLL RemoveExpiredAcctsFromGroup ( HGROUP hGroup );
UINT ActlDBDLL EnumTokens ( PTOKEN_DETAILS pTokens, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumTokensEx ( PTOKENENUMPROC lpTokenEnumFunc, LPARAM lParam );
UINT ActlDBDLL CreateToken ( PTOKEN_DETAILS pToken );
UINT ActlDBDLL ModifyToken ( PTOKEN_DETAILS pToken );
UINT ActlDBDLL DeleteToken ( TOKEN token );
UINT ActlDBDLL EnumAcctPrivateTokens ( HACCT hAcct, AR arRight, PTOKEN_RIGHT pTokenRit, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumAcctPrivateTokensEx ( HACCT hAcct, AR arRight, PTOKENRITENUMPROC lpTokenRitEnumFunc, LPARAM lParam );
UINT ActlDBDLL EnumGroupsWithToken ( TOKEN token, PUSER_GROUP_RIGHT pGroups, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumGroupsWithTokenEx ( TOKEN token, PGROUPRITENUMPROC lpGroupRitEnumFunc, LPARAM lParam );
UINT ActlDBDLL EnumGroupsWithTokenExpire ( TOKEN token, LPSYSTEMTIME lptmExpired, PUSER_GROUP_RIGHT pGroups, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumGroupsWithTokenExpireEx ( TOKEN token, LPSYSTEMTIME lptmExpired, PGROUPRITENUMPROC lpGroupRitEnumFunc, LPARAM lParam );
UINT ActlDBDLL AddGroupToToken ( TOKEN token, HGROUP hGroup, AR wRights );
UINT ActlDBDLL AddGroupToTokenExpire ( TOKEN token, HGROUP hGroup, AR wRights, LPSYSTEMTIME lptmExpired );
UINT ActlDBDLL RemoveGroupFromToken ( TOKEN token, HGROUP hGroup );
UINT ActlDBDLL RemoveExpiredGroupsFromToken ( TOKEN token );
UINT ActlDBDLL EnumAcctsWithToken ( TOKEN token, PACCOUNT_INFO_RIGHT pAcctRits, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumAcctsWithTokenEx ( TOKEN token, PACCTRITENUMPROC lpAcctRitEnumFunc, LPARAM lParam );
UINT ActlDBDLL EnumAcctsWithTokenExpire ( TOKEN token, LPSYSTEMTIME lptmExpired, PACCOUNT_INFO_RIGHT pAcctRits, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumAcctsWithTokenExpireEx ( TOKEN token, LPSYSTEMTIME lptmExpired, PACCTRITENUMPROC lpAcctRitEnumFunc, LPARAM lParam );
UINT ActlDBDLL AddAcctToToken ( TOKEN token, HACCT hAcct, AR arRights );
UINT ActlDBDLL AddAcctToTokenExpire ( TOKEN token, HACCT hAcct, AR arRights, LPSYSTEMTIME lptmExpired );
UINT ActlDBDLL RemoveAcctFromToken ( TOKEN token, HACCT hAcct );
UINT ActlDBDLL RemoveExpiredAcctsFromToken ( TOKEN token );
UINT ActlDBDLL GetTokenDetails ( TOKEN token, PTOKEN_DETAILS pDetails );
UINT ActlDBDLL TokenIdFromTokenName ( PSTR szName, TOKEN *ptoken );
UINT ActlDBDLL UiIsAccountInGroup ( HACCT hAcct, HGROUP hGroup, PBOOL pfRet );
UINT ActlDBDLL EnumExcludedAccts ( TOKEN token, PACCOUNT_INFO_RIGHT pAcctRits, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumExcludedAcctsEx ( TOKEN token, PACCTRITENUMPROC lpAcctRitEnumFunc, LPARAM lParam );
UINT ActlDBDLL AddExclusion ( TOKEN token, HACCT hAcct );
UINT ActlDBDLL AddExclusionEx ( TOKEN token, HACCT hAcct, AR arRights );
UINT ActlDBDLL RemoveExclusion ( TOKEN token, HACCT hAcct );
UINT ActlDBDLL GetMaxTokenId ( PTOKEN plMaxTokenId );
BOOL ActlDBDLLIsLegalPassword ( CHAR *szOldPassword, CHAR *szNewPassword );
BOOL ActlDBDLLIsLegalLoginName ( CHAR *szLoginName );
UINT ActlDBDLLAddAccessPlan ( PACCESS_PLAN pPlan );
UINT ActlDBDLLDeleteAccessPlan ( HGROUP hGroup );
UINT ActlDBDLLUpdateAccessPlan ( PACCESS_PLAN pPlan );
UINT ActlDBDLL EnumAccessPlans ( PACCESS_PLAN pPlan, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned );
UINT ActlDBDLL EnumAccessPlansEx ( PPLANENUMPROC lpPlanEnumFunc, LPARAM lParam );
UINT ActlDBDLLSearchUserGroups ( PUSER_GROUP_DETAILS pGroupsDetails, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned, LPCSTR szGroupName, BOOL fForward );
UINT ActlDBDLLSearchGroupMembers ( HGROUP hGroup, ACCOUNT_INFO *pAccts, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned, LPCSTR szGroupMemberName, BOOL fForward );
UINT ActlDBDLLSearchTokens ( TOKEN_DETAILS *pTokenDetails, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned, LPCSTR szTokenName, BOOL fForward );
UINT ActlDBDLLSearchGroupsWithToken ( TOKEN token, USER_GROUP_RIGHT *pGroups, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned, LPCSTR szGroupName, BOOL fForward );
UINT ActlDBDLLSearchAcctsWithToken ( TOKEN token, ACCOUNT_INFO_RIGHT *pAcctRits, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned, LPCSTR szAcctName, BOOL fForward );
UINT ActlDBDLLSearchExcludedAcctsWithToken ( TOKEN token, ACCOUNT_INFO_RIGHT *pAcctRits, DWORD cBuf, LPDWORD pcTotal, LPDWORD pcReturned, LPCSTR szAcctName, BOOL fForward );
UINT ActlDBDLLTotalUserGroups ( LPDWORD pcTotal );
UINT ActlDBDLLTotalGroupMembers ( HGROUP hGroup, LPDWORD pcTotal );
UINT ActlDBDLLTotalTokens ( LPDWORD pcTotal );
UINT ActlDBDLLTotalGroupsWithToken ( TOKEN token, LPDWORD pcTotal );
UINT ActlDBDLLTotalAcctsWithToken ( TOKEN token, LPDWORD pcTotal );
UINT ActlDBDLLTotalExcludedAcctsWithToken ( TOKEN token, LPDWORD pcTotal );
} //---- end of extern "C" ---------
#endif // #if !defined(__ACTLDB_H__)
|
