mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
250 lines
13 KiB
250 lines
13 KiB
//*************************************************************
|
|
//
|
|
// Group Policy Processing
|
|
//
|
|
// Microsoft Confidential
|
|
// Copyright (c) Microsoft Corporation 1997-1998
|
|
// All rights reserved
|
|
//
|
|
// History: 28-Oct-98 SitaramR Created
|
|
//
|
|
//*************************************************************
|
|
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
void InitializeGPOCriticalSection();
|
|
void CloseGPOCriticalSection();
|
|
BOOL InitializePolicyProcessing(BOOL bMachine);
|
|
|
|
#define ECP_FAIL_ON_WAIT_TIMEOUT 1
|
|
|
|
HANDLE WINAPI EnterCriticalPolicySectionEx (BOOL bMachine, DWORD dwTimeOut, DWORD dwFlags );
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
//
|
|
// These keys are used in gpt.c. The per user per machine keys will
|
|
// be deleted when profile gets deleted. Changes in the following keys
|
|
// should be reflected in the prefixes as well...
|
|
//
|
|
|
|
#define GP_SHADOW_KEY TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\Shadow\\%ws")
|
|
#define GP_HISTORY_KEY TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\History\\%ws")
|
|
#define GP_STATE_KEY TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\State\\%ws")
|
|
#define GP_STATE_ROOT_KEY TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\State")
|
|
|
|
#define GP_SHADOW_SID_KEY TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\%ws\\Shadow\\%ws")
|
|
#define GP_HISTORY_SID_KEY TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\%ws\\History\\%ws")
|
|
|
|
#define GP_EXTENSIONS_KEY TEXT("Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\GPExtensions\\%ws")
|
|
#define GP_EXTENSIONS_SID_KEY TEXT("Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\%ws\\GPExtensions\\%ws")
|
|
|
|
#define GP_HISTORY_SID_ROOT_KEY TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\%ws\\History")
|
|
#define GP_MEMBERSHIP_KEY TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\%ws\\GroupMembership")
|
|
#define GP_EXTENSIONS_SID_ROOT_KEY TEXT("Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\%ws\\GPExtensions")
|
|
|
|
#define GP_POLICY_SID_KEY TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy\\%ws")
|
|
#define GP_LOGON_SID_KEY TEXT("Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\%ws")
|
|
|
|
#define GPCORE_GUID TEXT("{00000000-0000-0000-0000-000000000000}")
|
|
|
|
|
|
//
|
|
// Comon prefix for both history and shadow
|
|
//
|
|
|
|
#define GP_XXX_SID_PREFIX TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Group Policy")
|
|
#define GP_EXTENSIONS_SID_PREFIX TEXT("Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon")
|
|
|
|
|
|
|
|
//
|
|
// Structures
|
|
//
|
|
|
|
//
|
|
// Structure used to represent GP status from the previous policy run.
|
|
//
|
|
|
|
typedef struct _GPEXTSTATUS {
|
|
DWORD dwSlowLink; // Slow link when policy applied previously ?
|
|
DWORD dwRsopLogging; // Rsop Logging when policy applied previously ?
|
|
DWORD dwStatus; // Status returned previously
|
|
HRESULT dwRsopStatus; // Rsop Status returned previously
|
|
DWORD dwTime; // Time when the policy was applied previously
|
|
BOOL bStatus; // If we failed to read the per ext status data
|
|
BOOL bForceRefresh; // force refresh in this foreground prcessing..
|
|
} GPEXTSTATUS, *LPGPEXTSTATUS;
|
|
|
|
|
|
typedef struct _GPEXT {
|
|
LPTSTR lpDisplayName; // Display name
|
|
LPTSTR lpKeyName; // Extension name
|
|
LPTSTR lpDllName; // Dll name
|
|
LPSTR lpFunctionName; // Entry point name
|
|
LPSTR lpRsopFunctionName; // Rsop entry point name
|
|
HMODULE hInstance; // Handle to dll
|
|
PFNPROCESSGROUPPOLICY pEntryPoint; // Entry point for ProcessGPO
|
|
PFNPROCESSGROUPPOLICYEX pEntryPointEx; // Diagnostic mode or Ex entry point
|
|
PFNGENERATEGROUPPOLICY pRsopEntryPoint; // Entry point for Rsop planning mode
|
|
BOOL bNewInterface; // Are we using the new Ex entry point interface ?
|
|
DWORD dwNoMachPolicy; // Mach policy setting
|
|
DWORD dwNoUserPolicy; // User policy setting
|
|
DWORD dwNoSlowLink; // Slow link setting
|
|
DWORD dwNoBackgroundPolicy; // Background policy setting
|
|
DWORD dwNoGPOChanges; // GPO changes setting
|
|
DWORD dwUserLocalSetting; // Per user per machine setting
|
|
DWORD dwRequireRegistry; // RequireSuccReg setting
|
|
DWORD dwEnableAsynch; // Enable asynchronous processing setting
|
|
DWORD dwLinkTransition; // Link speed transition setting
|
|
DWORD dwMaxChangesInterval; // Max interval (mins) for which NoGpoChanges is adhered to
|
|
BOOL bRegistryExt; // Is this the psuedo reg extension ?
|
|
BOOL bSkipped; // Should processing be skipped for this extension ?
|
|
BOOL bHistoryProcessing; // Is processing needed to clean up cached Gpos ?
|
|
BOOL bForcedRefreshNextFG; // Forced refresh next time it is processed in foreground.
|
|
BOOL bRsopTransition; // Rsop Transition ?
|
|
GUID guid; // Guid of extension
|
|
LPGPEXTSTATUS lpPrevStatus; // Previous Status
|
|
LPTSTR szEventLogSources; // "(userenv,Application)\0(print,System)\0....\0"
|
|
struct _GPEXT *pNext; // Singly linked list pointer
|
|
} GPEXT, *LPGPEXT;
|
|
|
|
|
|
typedef struct _GPOPROCDATA { // Data that is needed while processing the data
|
|
BOOL bProcessGPO; // Actually add the GPOs to the processing list
|
|
PLDAP pLdapHandle; // LDAP handle corresponding to the query
|
|
} GPOPROCDATA, *LPGPOPROCDATA;
|
|
|
|
|
|
typedef struct _EXTLIST {
|
|
GUID guid; // Extension guid
|
|
struct _EXTLIST *pNext; // Singly linked list pointer
|
|
} EXTLIST, *LPEXTLIST;
|
|
|
|
|
|
|
|
typedef struct _EXTFILTERLIST {
|
|
PGROUP_POLICY_OBJECT lpGPO; // GPO
|
|
LPEXTLIST lpExtList; // List of extension guids that apply to lpGPO
|
|
BOOL bLogged; // Is this link logged to RSoP db ?
|
|
struct _EXTFILTERLIST *pNext; // Singly linked list pointer
|
|
} EXTFILTERLIST, *LPEXTFILTERLIST;
|
|
|
|
|
|
typedef struct _GPLINK {
|
|
LPWSTR pwszGPO; // DS path to Gpo
|
|
BOOL bEnabled; // Is this link disabled ?
|
|
BOOL bNoOverride; // Is Gpo enforced ?
|
|
struct _GPLINK *pNext; // Gpo linked in SOM order
|
|
} GPLINK, *LPGPLINK;
|
|
|
|
|
|
typedef struct _SCOPEOFMGMT {
|
|
LPWSTR pwszSOMId; // Dn name of SOM
|
|
DWORD dwType; // Type of SOM
|
|
BOOL bBlocking; // Does SOM have policies blocked from above ?
|
|
BOOL bBlocked; // This SOM is blocked by a SOM below ?
|
|
LPGPLINK pGpLinkList; // List of GPOs linked to this SOM
|
|
struct _SCOPEOFMGMT *pNext;
|
|
} SCOPEOFMGMT, *LPSCOPEOFMGMT;
|
|
|
|
|
|
typedef struct _GPCONTAINER {
|
|
LPWSTR pwszDSPath; // DS path to Gpo
|
|
LPWSTR pwszGPOName; // Guid from of Gpo name
|
|
LPWSTR pwszDisplayName; // Friendly name
|
|
LPWSTR pwszFileSysPath; // Sysvol path to Gpo
|
|
BOOL bFound; // Gpo found ?
|
|
BOOL bAccessDenied; // Access denied ?
|
|
BOOL bUserDisabled; // Disabled for user policy ?
|
|
BOOL bMachDisabled; // Disabled for machine policy ?
|
|
DWORD dwUserVersion; // Version # for user policy
|
|
DWORD dwMachVersion; // Version # for machine policy
|
|
PSECURITY_DESCRIPTOR pSD; // ACL on Gpo
|
|
DWORD cbSDLen; // Length of security descriptor in bytes
|
|
BOOL bFilterAllowed; // Does Gpo pass filter check ?
|
|
WCHAR *pwszFilterId; // Filter id
|
|
LPWSTR szSOM; // SOM that this GPO is linked to
|
|
DWORD dwOptions; // GPO options
|
|
struct _GPCONTAINER *pNext; // Linked list ptr
|
|
} GPCONTAINER, *LPGPCONTAINER;
|
|
|
|
|
|
typedef struct _GPOINFO {
|
|
DWORD dwFlags;
|
|
INT iMachineRole;
|
|
HANDLE hToken;
|
|
PRSOPTOKEN pRsopToken;
|
|
WCHAR * lpDNName;
|
|
HANDLE hEvent;
|
|
HKEY hKeyRoot;
|
|
BOOL bXferToExtList; // Has the ownership been transferred from lpGPOList to lpExtFilterList ?
|
|
LPEXTFILTERLIST lpExtFilterList; // List of extensions to be filtered, cardinality is same as GetGPOList's list
|
|
PGROUP_POLICY_OBJECT lpGPOList; // Filtered GPO List, can vary from one extension to next
|
|
LPTSTR lpwszSidUser; // Sid of user in string form
|
|
HANDLE hTriggerEvent;
|
|
HANDLE hForceTriggerEvent; // force trigger event
|
|
HANDLE hNotifyEvent;
|
|
HANDLE hNeedFGEvent;
|
|
HANDLE hDoneEvent;
|
|
HANDLE hCritSection;
|
|
LPGPEXT lpExtensions;
|
|
BOOL bMemChanged; // Has security group membership has changed ?
|
|
BOOL bUserLocalMemChanged; // Has membership changed on per user local basis ?
|
|
BOOL bSidChanged; // Has the Sid changed since the last policy run?
|
|
PFNSTATUSMESSAGECALLBACK pStatusCallback;
|
|
LPSCOPEOFMGMT lpSOMList; // LSDOU list
|
|
LPGPCONTAINER lpGpContainerList; // GP container list for Rsop logging
|
|
LPSCOPEOFMGMT lpLoopbackSOMList; // Loopback LSDOU list
|
|
LPGPCONTAINER lpLoopbackGpContainerList; // Loopback container list for Rsop logging
|
|
BOOL bFGCoInitialized; // CoInitialize called on foreground thread ?
|
|
BOOL bBGCoInitialized; // CoInitialize called on background thread ?
|
|
IWbemServices * pWbemServices; // Namespace pointer for Rsop logging
|
|
LPTSTR szName; // Full Name of the User/Computer
|
|
LPTSTR szTargetName; // Rsop TargetName
|
|
BOOL bRsopLogging; // Is Rsop Logging turned on ?
|
|
BOOL bRsopCreated; // Rsop Name Space was created now ?
|
|
LPWSTR szSiteName; // site name of the target
|
|
} GPOINFO, *LPGPOINFO;
|
|
|
|
|
|
typedef struct _ADMFILEINFO {
|
|
WCHAR * pwszFile; // Adm file path
|
|
WCHAR * pwszGPO; // Gpo that the adm file is in
|
|
FILETIME ftWrite; // Last write time of Adm file
|
|
struct _ADMFILEINFO * pNext; // Singly linked list pointer
|
|
} ADMFILEINFO;
|
|
|
|
|
|
typedef struct _RSOPSESSIONDATA {
|
|
WCHAR * pwszTargetName; // Target user or computer
|
|
WCHAR * pwszSOM; // New group of target
|
|
PTOKEN_GROUPS pSecurityGroups; // Security IDs of the new groups for target
|
|
BOOL bLogSecurityGroup; // Log the security groups
|
|
WCHAR * pwszSite; // Site of target
|
|
BOOL bMachine; // Machine or user policy processing ?
|
|
BOOL bSlowLink; // policy applied over slow link?
|
|
} RSOPSESSIONDATA, *LPRSOPSESSIONDATA;
|
|
|
|
|
|
typedef struct _RSOPEXTSTATUS {
|
|
FILETIME ftStartTime; // times between which the associated
|
|
FILETIME ftEndTime; // extension was processed
|
|
DWORD dwStatus; // Processing status
|
|
DWORD dwLoggingStatus; // Logging Status
|
|
BOOL bValid; // this struct is valid and can be used
|
|
} RSOPEXTSTATUS, *LPRSOPEXTSTATUS;
|
|
|
|
|
|
|
|
BOOL RsopDeleteUserNameSpace(LPTSTR szComputer, LPTSTR lpSid);
|
|
|
|
DWORD SaveLoggingStatus(LPWSTR szSid, LPGPEXT lpExt, RSOPEXTSTATUS *lpRsopExtStatus);
|
|
DWORD ReadLoggingStatus(LPWSTR szSid, LPWSTR szExtId, RSOPEXTSTATUS *lpRsopExtStatus);
|
|
|
|
|