/**********************************************************************/
/** Microsoft Windows NT **/
/** Copyright(c) Microsoft Corp., 1992 **/
/**********************************************************************/
/*
NTAcUtil.hxx
This file contains the definitions for the NT Accounts Utility class
and spurious other things.
FILE HISTORY:
JohnL 13-Mar-1992 Created
thomaspa 14-May-1992 Added GetQualifiedAccountNames
KeithMo 20-Jul-1992 Added ValidateQualifiedAccountName.
DavidHov 18-Aug-1992 Added UI_SID_Replicator
Johnl 09-Feb-1993 Added UI_SID_CurrentProcessUser
*/
#ifndef _NTACUTIL_HXX_
#define _NTACUTIL_HXX_
/* It is this character that separates the domain and account name.
*/
#define QUALIFIED_ACCOUNT_SEPARATOR TCH('\\')
// Forward declarations
DLL_CLASS STRLIST;
DLL_CLASS LSA_POLICY;
DLL_CLASS LSA_TRANSLATED_NAME_MEM;
DLL_CLASS LSA_REF_DOMAIN_MEM;
DLL_CLASS SAM_DOMAIN;
/* Possible SIDs that can be retrieved using QuerySystemSid.
*/
enum UI_SystemSid
{
/* Well known SIDs
*/
UI_SID_Null = 0,
UI_SID_World,
UI_SID_Local,
UI_SID_CreatorOwner,
UI_SID_CreatorGroup,
UI_SID_NTAuthority,
UI_SID_Dialup,
UI_SID_Network,
UI_SID_Batch,
UI_SID_Interactive,
UI_SID_Service,
UI_SID_BuiltIn,
UI_SID_System,
UI_SID_Restricted,
UI_SID_Admins,
UI_SID_Users,
UI_SID_Guests,
UI_SID_PowerUsers,
UI_SID_AccountOperators,
UI_SID_SystemOperators,
UI_SID_PrintOperators,
UI_SID_BackupOperators,
/* Other miscellaneous useful SIDs
*/
UI_SID_CurrentProcessOwner, // Generally logged on user SID, maybe
// special like Administrators
UI_SID_CurrentProcessPrimaryGroup,
UI_SID_Replicator,
UI_SID_CurrentProcessUser, // Always the logged on user SID
/* This special value can be used for initializing enum UI_SystemSid
* variables with a known unused quantity. This value should never
* be passed to QuerySystemSid.
*/
UI_SID_Invalid = -1
} ;
/*************************************************************************
NAME: NT_ACCOUNTS_UTILITY
SYNOPSIS: This class provides a wrapper for some common utility
functions
INTERFACE:
BuildQualifedAccountName()
Builds a fully qualified Account name of the form
"NtProject\JohnL" or "NtProject\JohnL (Ludeman, John)"
CrackQualifiedAccountName()
Breaks a qualified Account name into its components
QuerySystemSid()
Retrieves the requested UI_SystemSid's PSID.
GetQualifiedAccountNames()
returns a list of qualifed account names, including
getting the Full Name for users if desired.
ValidateQualifiedAccountName()
Validates the (optional) domain name and the user
name. Uses ::I_MNetNameValidate for name validation.
PARENT: None (non-instantiable)
USES: OS_SID, NLS_STR
CAVEATS:
NOTES:
HISTORY:
Johnl 13-Mar-1992 Created
Thomaspa 07-May-1992 Added GetQualifiedAccountNames()
KeithMo 20-Jul-1992 Added ValidateQualifiedAccountName.
**************************************************************************/
DLL_CLASS NT_ACCOUNTS_UTILITY
{
private:
static APIERR W_BuildQualifiedAccountName(
NLS_STR * pnlsQualifiedAccountName,
const NLS_STR & nlsAccountName,
const NLS_STR * pnlsFullName,
SID_NAME_USE sidType );
public:
static APIERR BuildQualifiedAccountName(
NLS_STR * pnlsQualifedAccountName,
const NLS_STR & nlsAccountName,
const NLS_STR & nlsDomainName,
const NLS_STR * pnlsFullName = NULL,
const NLS_STR * pnlsCurrentDomain = NULL,
SID_NAME_USE sidType = SidTypeUser ) ;
static APIERR BuildQualifiedAccountName(
NLS_STR * pnlsQualifedAccountName,
const NLS_STR & nlsAccountName,
PSID psidDomain,
const NLS_STR & nlsDomainName,
const NLS_STR * pnlsFullName = NULL,
PSID psidCurrentDomain = NULL,
SID_NAME_USE sidType = SidTypeUser ) ;
static APIERR CrackQualifiedAccountName(
const NLS_STR & nlsQualifedAccountName,
NLS_STR * pnlsAccountName,
NLS_STR * pnlsDomainName = NULL ) ;
static APIERR ValidateQualifiedAccountName(
const NLS_STR & nlsQualifiedAccountName,
BOOL * pfInvalidDomain = NULL );
static APIERR QuerySystemSid( enum UI_SystemSid SystemSid,
OS_SID * possidWellKnownSid,
const TCHAR * pszServer = NULL ) ;
#if 0 // uncomment if needed
static APIERR IsEqualToSystemSid( BOOL * pfIsEqual,
enum UI_SystemSid SystemSid,
const OS_SID & ossidCompare,
const TCHAR * pszServer = NULL ) ;
#endif
/* Wrapper around RtlAllocateAndInitializeSid
*/
static APIERR BuildAndCopySysSid(
OS_SID *possid,
PSID_IDENTIFIER_AUTHORITY pIDAuthority,
UCHAR cSubAuthorities,
ULONG ulSubAuthority0 = 0,
ULONG ulSubAuthority1 = 0,
ULONG ulSubAuthority2 = 0,
ULONG ulSubAuthority3 = 0,
ULONG ulSubAuthority4 = 0,
ULONG ulSubAuthority5 = 0,
ULONG ulSubAuthority6 = 0,
ULONG ulSubAuthority7 = 0);
//
// Note that the only difference between the following two methods is
// that the first takes a PSID for the focused SAM_DOMAIN, the second
// takes a SAM_DOMAIN object and derefernces its PSID.
//
static APIERR GetQualifiedAccountNames(
LSA_POLICY & lsapol,
const PSID psidSamDomainFocus,
const PSID * ppsids,
ULONG cSids,
BOOL fFullNames,
STRLIST * pstrlistQualifiedNames = NULL,
ULONG * afUserFlags = NULL,
SID_NAME_USE * aSidType = NULL,
APIERR * perrNonFatal = NULL,
const TCHAR * pszServer = NULL,
STRLIST * pstrlistAccountNames = NULL,
STRLIST * pstrlistFullNames = NULL,
STRLIST * pstrlistComments = NULL,
STRLIST * pstrlistDomainNames = NULL ) ;
static APIERR GetQualifiedAccountNames(
LSA_POLICY & lsapol,
const SAM_DOMAIN & samdomFocus,
const PSID * ppsids,
ULONG cSids,
BOOL fFullNames,
STRLIST * pstrlistQualifiedNames = NULL,
ULONG * afUserFlags = NULL,
SID_NAME_USE * aSidType = NULL,
APIERR * perrNonFatal = NULL,
const TCHAR * pszServer = NULL,
STRLIST * pstrlistAccountNames = NULL,
STRLIST * pstrlistFullNames = NULL,
STRLIST * pstrlistComments = NULL,
STRLIST * pstrlistDomainNames = NULL ) ;
} ;
#endif //_NTACUTIL_HXX_