mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
191 lines
3.9 KiB
191 lines
3.9 KiB
//*********************************************
|
|
// *** Active Directory Service Provider: KDC
|
|
//*********************************************
|
|
#pragma classflags("forceupdate")
|
|
#pragma namespace ("\\\\.\\Root\\WMI")
|
|
|
|
[Dynamic,
|
|
Description("Active Directory: Kerberos") : amended,
|
|
Guid("{24db8964-e6bc-11d1-916a-0000f8045b04}"),
|
|
locale("MS\\0x409")]
|
|
class MSKdcTrace:EventTrace
|
|
{
|
|
};
|
|
|
|
|
|
[Dynamic,
|
|
Description("Kdc GetASTicket") : amended,
|
|
Guid("{50af5304-e6bc-11d1-916a-0000f8045b04}"),
|
|
DisplayName("GetASTicket"),
|
|
locale("MS\\0x409")
|
|
]
|
|
class GetASTicket:MSKdcTrace
|
|
{
|
|
|
|
};
|
|
|
|
[Dynamic,
|
|
Description("Kdc GetASTicket") : amended,
|
|
EventType(1),
|
|
EventTypeName("Start"),
|
|
locale("MS\\0x409")
|
|
]
|
|
class GetASTicket_Start:GetASTicket
|
|
{
|
|
[WmiDataId(1),
|
|
Description("KdcOption") : amended,
|
|
format("x"),
|
|
read]
|
|
uint32 KdcOption;
|
|
};
|
|
|
|
[Dynamic,
|
|
Description("Kdc GetASTicket") : amended,
|
|
EventType(2),
|
|
EventTypeName("End"),
|
|
locale("MS\\0x409")
|
|
]
|
|
class GetASTicket_End:GetASTicket
|
|
{
|
|
[WmiDataId(1),
|
|
Description("Error Code") : amended,
|
|
format("x"),
|
|
read]
|
|
uint32 KerbErr;
|
|
[WmiDataId(2),
|
|
Description("Client Name") : amended,
|
|
StringTermination("Counted"),
|
|
format("w"),
|
|
read]
|
|
string Client;
|
|
[WmiDataId(3),
|
|
Description("Server Name") : amended,
|
|
StringTermination("Counted"),
|
|
format("w"),
|
|
read]
|
|
string Server;
|
|
[WmiDataId(4),
|
|
Description("Client Source Realm") : amended,
|
|
StringTermination("Counted"),
|
|
format("w"),
|
|
read]
|
|
string RequestRealm;
|
|
};
|
|
|
|
[Dynamic,
|
|
Description("Kdc TGSRequest") : amended,
|
|
Guid("{c11cf384-e6bd-11d1-916a-0000f8045b04}"),
|
|
DisplayName("TGSRequest"),
|
|
locale("MS\\0x409")
|
|
]
|
|
class TGSRequest:MSKdcTrace
|
|
{
|
|
|
|
};
|
|
|
|
[Dynamic,
|
|
Description("Kdc TGSRequest") : amended,
|
|
EventType(1),
|
|
EventTypeName("Start"),
|
|
locale("MS\\0x409")
|
|
]
|
|
class TGSRequest_Start:TGSRequest
|
|
{
|
|
[WmiDataId(1),
|
|
Description("KdcOption") : amended,
|
|
format("x"),
|
|
read]
|
|
uint32 KdcOption;
|
|
};
|
|
|
|
[Dynamic,
|
|
Description("Kdc TGSRequest") : amended,
|
|
EventType(2),
|
|
EventTypeName("End"),
|
|
locale("MS\\0x409")
|
|
]
|
|
class TGSRequest_End:TGSRequest
|
|
{
|
|
[WmiDataId(1),
|
|
Description("Error Code") : amended,
|
|
format("x"),
|
|
read]
|
|
uint32 KerbErr;
|
|
[WmiDataId(2),
|
|
Description("Client Name") : amended,
|
|
StringTermination("Counted"),
|
|
format("w"),
|
|
read]
|
|
string Client;
|
|
[WmiDataId(3),
|
|
Description("Server Name") : amended,
|
|
StringTermination("Counted"),
|
|
format("w"),
|
|
read]
|
|
string ServerAcct;
|
|
[WmiDataId(4),
|
|
Description("Client Source Realm") : amended,
|
|
StringTermination("Counted"),
|
|
format("w"),
|
|
read]
|
|
string ClientRealm;
|
|
};
|
|
|
|
[Dynamic,
|
|
Description("KDC Password Change") : amended,
|
|
Guid("{a34d7f52-1dd0-434e-88a1-423e2a199946}"),
|
|
DisplayName("KdcChangePass"),
|
|
locale("MS\\0x409")
|
|
]
|
|
class KdcChangePass:MSKdcTrace
|
|
{
|
|
|
|
};
|
|
|
|
[Dynamic,
|
|
Description("KDC Password Change") : amended,
|
|
EventType(1),
|
|
EventTypeName("Start"),
|
|
locale("MS\\0x409")
|
|
]
|
|
class KdcChangePass_Start:KdcChangePass
|
|
{
|
|
};
|
|
|
|
[Dynamic,
|
|
Description("KDC Password Change") : amended,
|
|
EventType(2),
|
|
EventTypeName("End"),
|
|
locale("MS\\0x409")
|
|
]
|
|
class KdcChangePass_End:KdcChangePass
|
|
{
|
|
[WmiDataId(1),
|
|
Description("KerbError code") : amended,
|
|
format("x"),
|
|
read]
|
|
uint32 KerbErr;
|
|
[WmiDataId(2),
|
|
Description("Extended Error Status") : amended,
|
|
format("x"),
|
|
read]
|
|
uint32 ExtErr;
|
|
[WmiDataId(3),
|
|
Description("Extended Error klininfo") : amended,
|
|
format("x"),
|
|
read]
|
|
uint32 Klininfo;
|
|
[WmiDataId(4),
|
|
Description("Client Realm") : amended,
|
|
StringTermination("Counted"),
|
|
format("w"),
|
|
read]
|
|
string ClientRealm;
|
|
[WmiDataId(5),
|
|
Description("Account Name") : amended,
|
|
StringTermination("Counted"),
|
|
format("w"),
|
|
read]
|
|
string AccountName;
|
|
};
|
|
|