1 /** 2 * Windows API header module 3 * 4 * Translated from MinGW Windows headers 5 * 6 * Authors: Stewart Gordon 7 * License: $(LINK2 http://www.boost.org/LICENSE_1_0.txt, Boost License 1.0) 8 * Source: $(DRUNTIMESRC core/sys/windows/_ntsecapi.d) 9 */ 10 /// Automatically imported and edited from the druntime module 11 /// core.sys.windows.ntsecapi for the auto-generated win32 package. 12 module win32.ntsecapi; 13 //version (Windows): 14 @system: 15 version (Win32_UseLib) pragma(lib, "advapi32"); 16 17 version (ANSI) {} else version = Unicode; 18 19 private import 20 win32.basetyps, win32.ntdef, win32.windef, win32.winnt, win32.w32api; 21 22 // FIXME: check types and grouping of constants 23 // FIXME: check Windows version support 24 25 enum KERB_WRAP_NO_ENCRYPT = 0x80000001; 26 27 enum LOGON_GUEST = 0x00000001; 28 enum LOGON_NOENCRYPTION = 0x00000002; 29 enum LOGON_CACHED_ACCOUNT = 0x00000004; 30 enum LOGON_USED_LM_PASSWORD = 0x00000008; 31 enum LOGON_EXTRA_SIDS = 0x00000020; 32 enum LOGON_SUBAUTH_SESSION_KEY = 0x00000040; 33 enum LOGON_SERVER_TRUST_ACCOUNT = 0x00000080; 34 enum LOGON_NTLMV2_ENABLED = 0x00000100; 35 enum LOGON_RESOURCE_GROUPS = 0x00000200; 36 enum LOGON_PROFILE_PATH_RETURNED = 0x00000400; 37 enum LOGON_GRACE_LOGON = 0x01000000; 38 39 enum { 40 LSA_MODE_PASSWORD_PROTECTED = 1, 41 LSA_MODE_INDIVIDUAL_ACCOUNTS, 42 LSA_MODE_MANDATORY_ACCESS, 43 LSA_MODE_LOG_FULL 44 } 45 46 bool LSA_SUCCESS()(int x) { return x >= 0; } 47 48 /* TOTHINKABOUT: These constants don't have ANSI/Unicode versioned 49 * aliases. Should we merge them anyway? 50 */ 51 const char[] MICROSOFT_KERBEROS_NAME_A = "Kerberos"; 52 const wchar[] MICROSOFT_KERBEROS_NAME_W = "Kerberos"; 53 const char[] MSV1_0_PACKAGE_NAME = "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"; 54 const wchar[] MSV1_0_PACKAGE_NAMEW = "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"; 55 56 enum MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT = 32; 57 enum MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT = 2048; 58 enum MSV1_0_CLEARTEXT_PASSWORD_ALLOWED = 2; 59 enum MSV1_0_CRED_LM_PRESENT = 1; 60 enum MSV1_0_CRED_NT_PRESENT = 2; 61 enum MSV1_0_CRED_VERSION = 0; 62 enum MSV1_0_DONT_TRY_GUEST_ACCOUNT = 16; 63 enum MSV1_0_MAX_NTLM3_LIFE = 1800; 64 enum MSV1_0_MAX_AVL_SIZE = 64000; 65 enum MSV1_0_MNS_LOGON = 16777216; 66 67 enum size_t 68 MSV1_0_CHALLENGE_LENGTH = 8, 69 MSV1_0_LANMAN_SESSION_KEY_LENGTH = 8, 70 MSV1_0_NTLM3_RESPONSE_LENGTH = 16, 71 MSV1_0_NTLM3_OWF_LENGTH = 16, 72 MSV1_0_NTLM3_INPUT_LENGTH = MSV1_0_NTLM3_RESPONSE.sizeof 73 - MSV1_0_NTLM3_RESPONSE_LENGTH, 74 MSV1_0_OWF_PASSWORD_LENGTH = 16, 75 MSV1_0_PACKAGE_NAMEW_LENGTH = MSV1_0_PACKAGE_NAMEW.sizeof 76 - WCHAR.sizeof; 77 78 enum MSV1_0_RETURN_USER_PARAMETERS = 8; 79 enum MSV1_0_RETURN_PASSWORD_EXPIRY = 64; 80 enum MSV1_0_RETURN_PROFILE_PATH = 512; 81 enum MSV1_0_SUBAUTHENTICATION_DLL_EX = 1048576; 82 enum MSV1_0_SUBAUTHENTICATION_DLL = 0xff000000; 83 enum MSV1_0_SUBAUTHENTICATION_DLL_SHIFT = 24; 84 enum MSV1_0_SUBAUTHENTICATION_DLL_RAS = 2; 85 enum MSV1_0_SUBAUTHENTICATION_DLL_IIS = 132; 86 enum MSV1_0_SUBAUTHENTICATION_FLAGS = 0xff000000; 87 enum MSV1_0_TRY_GUEST_ACCOUNT_ONLY = 256; 88 enum MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY = 1024; 89 enum MSV1_0_UPDATE_LOGON_STATISTICS = 4; 90 enum MSV1_0_USE_CLIENT_CHALLENGE = 128; 91 enum MSV1_0_USER_SESSION_KEY_LENGTH = 16; 92 93 const char[] 94 MSV1_0_SUBAUTHENTICATION_KEY 95 = `System\CurrentControlSet\Control\Lsa\MSV1_0`, 96 MSV1_0_SUBAUTHENTICATION_VALUE = "Auth"; 97 98 enum ACCESS_MASK 99 POLICY_VIEW_LOCAL_INFORMATION = 0x0001, 100 POLICY_VIEW_AUDIT_INFORMATION = 0x0002, 101 POLICY_GET_PRIVATE_INFORMATION = 0x0004, 102 POLICY_TRUST_ADMIN = 0x0008, 103 POLICY_CREATE_ACCOUNT = 0x0010, 104 POLICY_CREATE_SECRET = 0x0020, 105 POLICY_CREATE_PRIVILEGE = 0x0040, 106 POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x0080, 107 POLICY_SET_AUDIT_REQUIREMENTS = 0x0100, 108 POLICY_AUDIT_LOG_ADMIN = 0x0200, 109 POLICY_SERVER_ADMIN = 0x0400, 110 POLICY_LOOKUP_NAMES = 0x0800, 111 112 POLICY_READ = STANDARD_RIGHTS_READ | 0x0006, 113 POLICY_WRITE = STANDARD_RIGHTS_WRITE | 0x07F8, 114 POLICY_EXECUTE = STANDARD_RIGHTS_EXECUTE | 0x0801, 115 POLICY_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | 0x0FFF; 116 117 enum POLICY_AUDIT_EVENT_UNCHANGED = 0; 118 enum POLICY_AUDIT_EVENT_SUCCESS = 1; 119 enum POLICY_AUDIT_EVENT_FAILURE = 2; 120 enum POLICY_AUDIT_EVENT_NONE = 4; 121 enum POLICY_AUDIT_EVENT_MASK = 7; 122 123 enum { 124 POLICY_LOCATION_LOCAL = 1, 125 POLICY_LOCATION_DS 126 } 127 128 enum : uint { 129 POLICY_MACHINE_POLICY_LOCAL = 0, 130 POLICY_MACHINE_POLICY_DEFAULTED, 131 POLICY_MACHINE_POLICY_EXPLICIT, 132 POLICY_MACHINE_POLICY_UNKNOWN = 0xFFFFFFFF 133 } 134 135 136 enum POLICY_QOS_SCHANEL_REQUIRED = 0x0001; 137 enum POLICY_QOS_OUTBOUND_INTEGRITY = 0x0002; 138 enum POLICY_QOS_OUTBOUND_CONFIDENTIALITY = 0x0004; 139 enum POLICY_QOS_INBOUND_INTEGREITY = 0x0008; 140 enum POLICY_QOS_INBOUND_CONFIDENTIALITY = 0x0010; 141 enum POLICY_QOS_ALLOW_LOCAL_ROOT_CERT_STORE = 0x0020; 142 enum POLICY_QOS_RAS_SERVER_ALLOWED = 0x0040; 143 enum POLICY_QOS_DHCP_SERVER_ALLOWD = 0x0080; 144 145 enum POLICY_KERBEROS_FORWARDABLE = 1; 146 enum POLICY_KERBEROS_PROXYABLE = 2; 147 enum POLICY_KERBEROS_RENEWABLE = 4; 148 enum POLICY_KERBEROS_POSTDATEABLE = 8; 149 150 const char[] 151 SAM_PASSWORD_CHANGE_NOTIFY_ROUTINE = "PasswordChangeNotify", 152 SAM_INIT_NOTIFICATION_ROUTINE = "InitializeChangeNotify", 153 SAM_PASSWORD_FILTER_ROUTINE = "PasswordFilter"; 154 155 const TCHAR[] 156 SE_INTERACTIVE_LOGON_NAME = "SeInteractiveLogonRight", 157 SE_NETWORK_LOGON_NAME = "SeNetworkLogonRight", 158 SE_BATCH_LOGON_NAME = "SeBatchLogonRight", 159 SE_SERVICE_LOGON_NAME = "SeServiceLogonRight"; 160 161 enum { 162 TRUST_ATTRIBUTE_NON_TRANSITIVE = 1, 163 TRUST_ATTRIBUTE_UPLEVEL_ONLY = 2, 164 TRUST_ATTRIBUTE_TREE_PARENT = 4194304, 165 TRUST_ATTRIBUTES_VALID = -16580609 166 } 167 168 enum { 169 TRUST_AUTH_TYPE_NONE, 170 TRUST_AUTH_TYPE_NT4OWF, 171 TRUST_AUTH_TYPE_CLEAR 172 } 173 174 enum { 175 TRUST_DIRECTION_DISABLED, 176 TRUST_DIRECTION_INBOUND, 177 TRUST_DIRECTION_OUTBOUND, 178 TRUST_DIRECTION_BIDIRECTIONAL 179 } 180 181 enum { 182 TRUST_TYPE_DOWNLEVEL = 1, 183 TRUST_TYPE_UPLEVEL, 184 TRUST_TYPE_MIT, 185 TRUST_TYPE_DCE 186 } 187 188 alias UNICODE_STRING LSA_UNICODE_STRING; 189 alias UNICODE_STRING* PLSA_UNICODE_STRING; 190 alias STRING LSA_STRING; 191 alias STRING* PLSA_STRING; 192 193 enum MSV1_0_LOGON_SUBMIT_TYPE { 194 MsV1_0InteractiveLogon = 2, 195 MsV1_0Lm20Logon, 196 MsV1_0NetworkLogon, 197 MsV1_0SubAuthLogon, 198 MsV1_0WorkstationUnlockLogon = 7 199 } 200 alias MSV1_0_LOGON_SUBMIT_TYPE* PMSV1_0_LOGON_SUBMIT_TYPE; 201 202 enum MSV1_0_PROFILE_BUFFER_TYPE { 203 MsV1_0InteractiveProfile = 2, 204 MsV1_0Lm20LogonProfile, 205 MsV1_0SmartCardProfile 206 } 207 alias MSV1_0_PROFILE_BUFFER_TYPE* PMSV1_0_PROFILE_BUFFER_TYPE; 208 209 210 enum MSV1_0_AVID { 211 MsvAvEOL, 212 MsvAvNbComputerName, 213 MsvAvNbDomainName, 214 MsvAvDnsComputerName, 215 MsvAvDnsDomainName 216 } 217 218 enum MSV1_0_PROTOCOL_MESSAGE_TYPE { 219 MsV1_0Lm20ChallengeRequest = 0, 220 MsV1_0Lm20GetChallengeResponse, 221 MsV1_0EnumerateUsers, 222 MsV1_0GetUserInfo, 223 MsV1_0ReLogonUsers, 224 MsV1_0ChangePassword, 225 MsV1_0ChangeCachedPassword, 226 MsV1_0GenericPassthrough, 227 MsV1_0CacheLogon, 228 MsV1_0SubAuth, 229 MsV1_0DeriveCredential, 230 MsV1_0CacheLookup 231 } 232 alias MSV1_0_PROTOCOL_MESSAGE_TYPE* PMSV1_0_PROTOCOL_MESSAGE_TYPE; 233 234 enum POLICY_LSA_SERVER_ROLE { 235 PolicyServerRoleBackup = 2, 236 PolicyServerRolePrimary 237 } 238 alias POLICY_LSA_SERVER_ROLE* PPOLICY_LSA_SERVER_ROLE; 239 240 enum POLICY_SERVER_ENABLE_STATE { 241 PolicyServerEnabled = 2, 242 PolicyServerDisabled 243 } 244 alias POLICY_SERVER_ENABLE_STATE* PPOLICY_SERVER_ENABLE_STATE; 245 246 enum POLICY_INFORMATION_CLASS { 247 PolicyAuditLogInformation = 1, 248 PolicyAuditEventsInformation, 249 PolicyPrimaryDomainInformation, 250 PolicyPdAccountInformation, 251 PolicyAccountDomainInformation, 252 PolicyLsaServerRoleInformation, 253 PolicyReplicaSourceInformation, 254 PolicyDefaultQuotaInformation, 255 PolicyModificationInformation, 256 PolicyAuditFullSetInformation, 257 PolicyAuditFullQueryInformation, 258 PolicyDnsDomainInformation, 259 PolicyEfsInformation 260 } 261 alias POLICY_INFORMATION_CLASS* PPOLICY_INFORMATION_CLASS; 262 263 enum POLICY_AUDIT_EVENT_TYPE { 264 AuditCategorySystem, 265 AuditCategoryLogon, 266 AuditCategoryObjectAccess, 267 AuditCategoryPrivilegeUse, 268 AuditCategoryDetailedTracking, 269 AuditCategoryPolicyChange, 270 AuditCategoryAccountManagement, 271 AuditCategoryDirectoryServiceAccess, 272 AuditCategoryAccountLogon 273 } 274 alias POLICY_AUDIT_EVENT_TYPE* PPOLICY_AUDIT_EVENT_TYPE; 275 276 enum POLICY_LOCAL_INFORMATION_CLASS { 277 PolicyLocalAuditEventsInformation = 1, 278 PolicyLocalPdAccountInformation, 279 PolicyLocalAccountDomainInformation, 280 PolicyLocalLsaServerRoleInformation, 281 PolicyLocalReplicaSourceInformation, 282 PolicyLocalModificationInformation, 283 PolicyLocalAuditFullSetInformation, 284 PolicyLocalAuditFullQueryInformation, 285 PolicyLocalDnsDomainInformation, 286 PolicyLocalIPSecReferenceInformation, 287 PolicyLocalMachinePasswordInformation, 288 PolicyLocalQualityOfServiceInformation, 289 PolicyLocalPolicyLocationInformation 290 } 291 alias POLICY_LOCAL_INFORMATION_CLASS* PPOLICY_LOCAL_INFORMATION_CLASS; 292 293 enum POLICY_DOMAIN_INFORMATION_CLASS { 294 PolicyDomainIPSecReferenceInformation = 1, 295 PolicyDomainQualityOfServiceInformation, 296 PolicyDomainEfsInformation, 297 PolicyDomainPublicKeyInformation, 298 PolicyDomainPasswordPolicyInformation, 299 PolicyDomainLockoutInformation, 300 PolicyDomainKerberosTicketInformation 301 } 302 alias POLICY_DOMAIN_INFORMATION_CLASS* PPOLICY_DOMAIN_INFORMATION_CLASS; 303 304 enum SECURITY_LOGON_TYPE { 305 Interactive = 2, 306 Network, 307 Batch, 308 Service, 309 Proxy, 310 Unlock 311 } 312 alias SECURITY_LOGON_TYPE* PSECURITY_LOGON_TYPE; 313 314 enum TRUSTED_INFORMATION_CLASS { 315 TrustedDomainNameInformation = 1, 316 TrustedControllersInformation, 317 TrustedPosixOffsetInformation, 318 TrustedPasswordInformation, 319 TrustedDomainInformationBasic, 320 TrustedDomainInformationEx, 321 TrustedDomainAuthInformation, 322 TrustedDomainFullInformation 323 } 324 alias TRUSTED_INFORMATION_CLASS* PTRUSTED_INFORMATION_CLASS; 325 326 struct DOMAIN_PASSWORD_INFORMATION { 327 USHORT MinPasswordLength; 328 USHORT PasswordHistoryLength; 329 ULONG PasswordProperties; 330 LARGE_INTEGER MaxPasswordAge; 331 LARGE_INTEGER MinPasswordAge; 332 } 333 alias DOMAIN_PASSWORD_INFORMATION* PDOMAIN_PASSWORD_INFORMATION; 334 335 struct LSA_ENUMERATION_INFORMATION { 336 PSID Sid; 337 } 338 alias LSA_ENUMERATION_INFORMATION* PLSA_ENUMERATION_INFORMATION; 339 340 alias OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES; 341 alias OBJECT_ATTRIBUTES* PLSA_OBJECT_ATTRIBUTES; 342 343 struct LSA_TRUST_INFORMATION { 344 LSA_UNICODE_STRING Name; 345 PSID Sid; 346 } 347 alias LSA_TRUST_INFORMATION TRUSTED_DOMAIN_INFORMATION_BASIC; 348 alias LSA_TRUST_INFORMATION* PLSA_TRUST_INFORMATION; 349 /* in MinGW (further down the code): 350 * typedef PLSA_TRUST_INFORMATION *PTRUSTED_DOMAIN_INFORMATION_BASIC; 351 * but it doesn't look right.... 352 */ 353 alias LSA_TRUST_INFORMATION** PTRUSTED_DOMAIN_INFORMATION_BASIC; 354 355 struct LSA_REFERENCED_DOMAIN_LIST { 356 ULONG Entries; 357 PLSA_TRUST_INFORMATION Domains; 358 } 359 alias LSA_REFERENCED_DOMAIN_LIST* PLSA_REFERENCED_DOMAIN_LIST; 360 361 struct LSA_TRANSLATED_SID { 362 SID_NAME_USE Use; 363 ULONG RelativeId; 364 LONG DomainIndex; 365 } 366 alias LSA_TRANSLATED_SID* PLSA_TRANSLATED_SID; 367 368 struct LSA_TRANSLATED_NAME { 369 SID_NAME_USE Use; 370 LSA_UNICODE_STRING Name; 371 LONG DomainIndex; 372 } 373 alias LSA_TRANSLATED_NAME* PLSA_TRANSLATED_NAME; 374 375 struct MSV1_0_INTERACTIVE_LOGON { 376 MSV1_0_LOGON_SUBMIT_TYPE MessageType; 377 UNICODE_STRING LogonDomainName; 378 UNICODE_STRING UserName; 379 UNICODE_STRING Password; 380 } 381 alias MSV1_0_INTERACTIVE_LOGON* PMSV1_0_INTERACTIVE_LOGON; 382 383 struct MSV1_0_INTERACTIVE_PROFILE { 384 MSV1_0_PROFILE_BUFFER_TYPE MessageType; 385 USHORT LogonCount; 386 USHORT BadPasswordCount; 387 LARGE_INTEGER LogonTime; 388 LARGE_INTEGER LogoffTime; 389 LARGE_INTEGER KickOffTime; 390 LARGE_INTEGER PasswordLastSet; 391 LARGE_INTEGER PasswordCanChange; 392 LARGE_INTEGER PasswordMustChange; 393 UNICODE_STRING LogonScript; 394 UNICODE_STRING HomeDirectory; 395 UNICODE_STRING FullName; 396 UNICODE_STRING ProfilePath; 397 UNICODE_STRING HomeDirectoryDrive; 398 UNICODE_STRING LogonServer; 399 ULONG UserFlags; 400 } 401 alias MSV1_0_INTERACTIVE_PROFILE* PMSV1_0_INTERACTIVE_PROFILE; 402 403 struct MSV1_0_LM20_LOGON { 404 MSV1_0_LOGON_SUBMIT_TYPE MessageType; 405 UNICODE_STRING LogonDomainName; 406 UNICODE_STRING UserName; 407 UNICODE_STRING Workstation; 408 UCHAR[MSV1_0_CHALLENGE_LENGTH] ChallengeToClient; 409 STRING CaseSensitiveChallengeResponse; 410 STRING CaseInsensitiveChallengeResponse; 411 ULONG ParameterControl; 412 } 413 alias MSV1_0_LM20_LOGON* PMSV1_0_LM20_LOGON; 414 415 //static if (_WIN32_WINNT >= 0x500) { 416 struct MSV1_0_SUBAUTH_LOGON { 417 MSV1_0_LOGON_SUBMIT_TYPE MessageType; 418 UNICODE_STRING LogonDomainName; 419 UNICODE_STRING UserName; 420 UNICODE_STRING Workstation; 421 UCHAR[MSV1_0_CHALLENGE_LENGTH] ChallengeToClient; 422 STRING AuthenticationInfo1; 423 STRING AuthenticationInfo2; 424 ULONG ParameterControl; 425 ULONG SubAuthPackageId; 426 } 427 alias MSV1_0_SUBAUTH_LOGON* PMSV1_0_SUBAUTH_LOGON; 428 //} 429 430 struct MSV1_0_LM20_LOGON_PROFILE { 431 MSV1_0_PROFILE_BUFFER_TYPE MessageType; 432 LARGE_INTEGER KickOffTime; 433 LARGE_INTEGER LogoffTime; 434 ULONG UserFlags; 435 UCHAR[MSV1_0_USER_SESSION_KEY_LENGTH] UserSessionKey; 436 UNICODE_STRING LogonDomainName; 437 UCHAR[MSV1_0_LANMAN_SESSION_KEY_LENGTH] LanmanSessionKey; 438 UNICODE_STRING LogonServer; 439 UNICODE_STRING UserParameters; 440 } 441 alias MSV1_0_LM20_LOGON_PROFILE* PMSV1_0_LM20_LOGON_PROFILE; 442 443 struct MSV1_0_SUPPLEMENTAL_CREDENTIAL { 444 ULONG Version; 445 ULONG Flags; 446 UCHAR[MSV1_0_OWF_PASSWORD_LENGTH] LmPassword; 447 UCHAR[MSV1_0_OWF_PASSWORD_LENGTH] NtPassword; 448 } 449 alias MSV1_0_SUPPLEMENTAL_CREDENTIAL* PMSV1_0_SUPPLEMENTAL_CREDENTIAL; 450 451 struct MSV1_0_NTLM3_RESPONSE { 452 UCHAR[MSV1_0_NTLM3_RESPONSE_LENGTH] Response; 453 UCHAR RespType; 454 UCHAR HiRespType; 455 USHORT Flags; 456 ULONG MsgWord; 457 ULONGLONG TimeStamp; 458 UCHAR[MSV1_0_CHALLENGE_LENGTH] ChallengeFromClient; 459 ULONG AvPairsOff; 460 UCHAR _Buffer; 461 UCHAR* Buffer() return { return &_Buffer; } 462 } 463 alias MSV1_0_NTLM3_RESPONSE* PMSV1_0_NTLM3_RESPONSE; 464 465 struct MSV1_0_AV_PAIR { 466 USHORT AvId; 467 USHORT AvLen; 468 } 469 alias MSV1_0_AV_PAIR* PMSV1_0_AV_PAIR; 470 471 struct MSV1_0_CHANGEPASSWORD_REQUEST { 472 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType; 473 UNICODE_STRING DomainName; 474 UNICODE_STRING AccountName; 475 UNICODE_STRING OldPassword; 476 UNICODE_STRING NewPassword; 477 BOOLEAN Impersonating; 478 } 479 alias MSV1_0_CHANGEPASSWORD_REQUEST* PMSV1_0_CHANGEPASSWORD_REQUEST; 480 481 struct MSV1_0_CHANGEPASSWORD_RESPONSE { 482 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType; 483 BOOLEAN PasswordInfoValid; 484 DOMAIN_PASSWORD_INFORMATION DomainPasswordInfo; 485 } 486 alias MSV1_0_CHANGEPASSWORD_RESPONSE* PMSV1_0_CHANGEPASSWORD_RESPONSE; 487 488 struct MSV1_0_SUBAUTH_REQUEST { 489 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType; 490 ULONG SubAuthPackageId; 491 ULONG SubAuthInfoLength; 492 PUCHAR SubAuthSubmitBuffer; 493 } 494 alias MSV1_0_SUBAUTH_REQUEST* PMSV1_0_SUBAUTH_REQUEST; 495 496 struct MSV1_0_SUBAUTH_RESPONSE { 497 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType; 498 ULONG SubAuthInfoLength; 499 PUCHAR SubAuthReturnBuffer; 500 } 501 alias MSV1_0_SUBAUTH_RESPONSE* PMSV1_0_SUBAUTH_RESPONSE; 502 503 enum MSV1_0_DERIVECRED_TYPE_SHA1 = 0; 504 505 struct MSV1_0_DERIVECRED_REQUEST { 506 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType; 507 LUID LogonId; 508 ULONG DeriveCredType; 509 ULONG DeriveCredInfoLength; 510 UCHAR _DeriveCredSubmitBuffer; 511 UCHAR* DeriveCredSubmitBuffer() return { return &_DeriveCredSubmitBuffer; } 512 } 513 alias MSV1_0_DERIVECRED_REQUEST* PMSV1_0_DERIVECRED_REQUEST; 514 515 struct MSV1_0_DERIVECRED_RESPONSE { 516 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType; 517 ULONG DeriveCredInfoLength; 518 UCHAR _DeriveCredReturnBuffer; 519 UCHAR* DeriveCredReturnBuffer() return { return &_DeriveCredReturnBuffer; } 520 } 521 alias MSV1_0_DERIVECRED_RESPONSE* PMSV1_0_DERIVECRED_RESPONSE; 522 523 alias uint LSA_ENUMERATION_HANDLE, LSA_OPERATIONAL_MODE, 524 POLICY_AUDIT_EVENT_OPTIONS; 525 alias uint* PLSA_ENUMERATION_HANDLE, PLSA_OPERATIONAL_MODE, 526 PPOLICY_AUDIT_EVENT_OPTIONS; 527 528 struct POLICY_PRIVILEGE_DEFINITION { 529 LSA_UNICODE_STRING Name; 530 LUID LocalValue; 531 } 532 alias POLICY_PRIVILEGE_DEFINITION* PPOLICY_PRIVILEGE_DEFINITION; 533 534 struct POLICY_AUDIT_LOG_INFO { 535 ULONG AuditLogPercentFull; 536 ULONG MaximumLogSize; 537 LARGE_INTEGER AuditRetentionPeriod; 538 BOOLEAN AuditLogFullShutdownInProgress; 539 LARGE_INTEGER TimeToShutdown; 540 ULONG NextAuditRecordId; 541 } 542 alias POLICY_AUDIT_LOG_INFO* PPOLICY_AUDIT_LOG_INFO; 543 544 struct POLICY_AUDIT_EVENTS_INFO { 545 BOOLEAN AuditingMode; 546 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions; 547 ULONG MaximumAuditEventCount; 548 } 549 alias POLICY_AUDIT_EVENTS_INFO* PPOLICY_AUDIT_EVENTS_INFO; 550 551 struct POLICY_ACCOUNT_DOMAIN_INFO { 552 LSA_UNICODE_STRING DomainName; 553 PSID DomainSid; 554 } 555 alias POLICY_ACCOUNT_DOMAIN_INFO* PPOLICY_ACCOUNT_DOMAIN_INFO; 556 557 struct POLICY_PRIMARY_DOMAIN_INFO { 558 LSA_UNICODE_STRING Name; 559 PSID Sid; 560 } 561 alias POLICY_PRIMARY_DOMAIN_INFO* PPOLICY_PRIMARY_DOMAIN_INFO; 562 563 struct POLICY_DNS_DOMAIN_INFO { 564 LSA_UNICODE_STRING Name; 565 LSA_UNICODE_STRING DnsDomainName; 566 LSA_UNICODE_STRING DnsTreeName; 567 GUID DomainGuid; 568 PSID Sid; 569 } 570 alias POLICY_DNS_DOMAIN_INFO* PPOLICY_DNS_DOMAIN_INFO; 571 572 struct POLICY_PD_ACCOUNT_INFO { 573 LSA_UNICODE_STRING Name; 574 } 575 alias POLICY_PD_ACCOUNT_INFO* PPOLICY_PD_ACCOUNT_INFO; 576 577 struct POLICY_LSA_SERVER_ROLE_INFO { 578 POLICY_LSA_SERVER_ROLE LsaServerRole; 579 } 580 alias POLICY_LSA_SERVER_ROLE_INFO* PPOLICY_LSA_SERVER_ROLE_INFO; 581 582 struct POLICY_REPLICA_SOURCE_INFO { 583 LSA_UNICODE_STRING ReplicaSource; 584 LSA_UNICODE_STRING ReplicaAccountName; 585 } 586 alias POLICY_REPLICA_SOURCE_INFO* PPOLICY_REPLICA_SOURCE_INFO; 587 588 struct POLICY_DEFAULT_QUOTA_INFO { 589 QUOTA_LIMITS QuotaLimits; 590 } 591 alias POLICY_DEFAULT_QUOTA_INFO* PPOLICY_DEFAULT_QUOTA_INFO; 592 593 struct POLICY_MODIFICATION_INFO { 594 LARGE_INTEGER ModifiedId; 595 LARGE_INTEGER DatabaseCreationTime; 596 } 597 alias POLICY_MODIFICATION_INFO* PPOLICY_MODIFICATION_INFO; 598 599 struct POLICY_AUDIT_FULL_SET_INFO { 600 BOOLEAN ShutDownOnFull; 601 } 602 alias POLICY_AUDIT_FULL_SET_INFO* PPOLICY_AUDIT_FULL_SET_INFO; 603 604 struct POLICY_AUDIT_FULL_QUERY_INFO { 605 BOOLEAN ShutDownOnFull; 606 BOOLEAN LogIsFull; 607 } 608 alias POLICY_AUDIT_FULL_QUERY_INFO* PPOLICY_AUDIT_FULL_QUERY_INFO; 609 610 struct POLICY_EFS_INFO { 611 ULONG InfoLength; 612 PUCHAR EfsBlob; 613 } 614 alias POLICY_EFS_INFO* PPOLICY_EFS_INFO; 615 616 struct POLICY_LOCAL_IPSEC_REFERENCE_INFO { 617 LSA_UNICODE_STRING ObjectPath; 618 } 619 alias POLICY_LOCAL_IPSEC_REFERENCE_INFO* PPOLICY_LOCAL_IPSEC_REFERENCE_INFO; 620 621 struct POLICY_LOCAL_MACHINE_PASSWORD_INFO { 622 LARGE_INTEGER PasswordChangeInterval; 623 } 624 alias POLICY_LOCAL_MACHINE_PASSWORD_INFO* PPOLICY_LOCAL_MACHINE_PASSWORD_INFO; 625 626 struct POLICY_LOCAL_POLICY_LOCATION_INFO { 627 ULONG PolicyLocation; 628 } 629 alias POLICY_LOCAL_POLICY_LOCATION_INFO* PPOLICY_LOCAL_POLICY_LOCATION_INFO; 630 631 struct POLICY_LOCAL_QUALITY_OF_SERVICE_INFO{ 632 ULONG QualityOfService; 633 } 634 alias POLICY_LOCAL_QUALITY_OF_SERVICE_INFO 635 POLICY_DOMAIN_QUALITY_OF_SERVICE_INFO; 636 alias POLICY_LOCAL_QUALITY_OF_SERVICE_INFO* 637 PPOLICY_LOCAL_QUALITY_OF_SERVICE_INFO, 638 PPOLICY_DOMAIN_QUALITY_OF_SERVICE_INFO; 639 640 struct POLICY_DOMAIN_PUBLIC_KEY_INFO { 641 ULONG InfoLength; 642 PUCHAR PublicKeyInfo; 643 } 644 alias POLICY_DOMAIN_PUBLIC_KEY_INFO* PPOLICY_DOMAIN_PUBLIC_KEY_INFO; 645 646 struct POLICY_DOMAIN_LOCKOUT_INFO { 647 LARGE_INTEGER LockoutDuration; 648 LARGE_INTEGER LockoutObservationWindow; 649 USHORT LockoutThreshold; 650 } 651 alias POLICY_DOMAIN_LOCKOUT_INFO* PPOLICY_DOMAIN_LOCKOUT_INFO; 652 653 struct POLICY_DOMAIN_PASSWORD_INFO { 654 USHORT MinPasswordLength; 655 USHORT PasswordHistoryLength; 656 ULONG PasswordProperties; 657 LARGE_INTEGER MaxPasswordAge; 658 LARGE_INTEGER MinPasswordAge; 659 } 660 alias POLICY_DOMAIN_PASSWORD_INFO* PPOLICY_DOMAIN_PASSWORD_INFO; 661 662 struct POLICY_DOMAIN_KERBEROS_TICKET_INFO { 663 ULONG AuthenticationOptions; 664 LARGE_INTEGER MinTicketAge; 665 LARGE_INTEGER MaxTicketAge; 666 LARGE_INTEGER MaxRenewAge; 667 LARGE_INTEGER ProxyLifetime; 668 LARGE_INTEGER ForceLogoff; 669 } 670 alias POLICY_DOMAIN_KERBEROS_TICKET_INFO* PPOLICY_DOMAIN_KERBEROS_TICKET_INFO; 671 672 mixin DECLARE_HANDLE!("LSA_HANDLE"); 673 alias LSA_HANDLE* PLSA_HANDLE; 674 675 struct TRUSTED_DOMAIN_NAME_INFO { 676 LSA_UNICODE_STRING Name; 677 } 678 alias TRUSTED_DOMAIN_NAME_INFO* PTRUSTED_DOMAIN_NAME_INFO; 679 680 struct TRUSTED_CONTROLLERS_INFO { 681 ULONG Entries; 682 PLSA_UNICODE_STRING Names; 683 } 684 alias TRUSTED_CONTROLLERS_INFO* PTRUSTED_CONTROLLERS_INFO; 685 686 struct TRUSTED_POSIX_OFFSET_INFO { 687 ULONG Offset; 688 } 689 alias TRUSTED_POSIX_OFFSET_INFO* PTRUSTED_POSIX_OFFSET_INFO; 690 691 struct TRUSTED_PASSWORD_INFO { 692 LSA_UNICODE_STRING Password; 693 LSA_UNICODE_STRING OldPassword; 694 } 695 alias TRUSTED_PASSWORD_INFO* PTRUSTED_PASSWORD_INFO; 696 697 struct TRUSTED_DOMAIN_INFORMATION_EX { 698 LSA_UNICODE_STRING Name; 699 LSA_UNICODE_STRING FlatName; 700 PSID Sid; 701 ULONG TrustDirection; 702 ULONG TrustType; 703 ULONG TrustAttributes; 704 } 705 alias TRUSTED_DOMAIN_INFORMATION_EX* PTRUSTED_DOMAIN_INFORMATION_EX; 706 707 struct LSA_AUTH_INFORMATION { 708 LARGE_INTEGER LastUpdateTime; 709 ULONG AuthType; 710 ULONG AuthInfoLength; 711 PUCHAR AuthInfo; 712 } 713 alias LSA_AUTH_INFORMATION* PLSA_AUTH_INFORMATION; 714 715 struct TRUSTED_DOMAIN_AUTH_INFORMATION { 716 ULONG IncomingAuthInfos; 717 PLSA_AUTH_INFORMATION IncomingAuthenticationInformation; 718 PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation; 719 ULONG OutgoingAuthInfos; 720 PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation; 721 PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation; 722 } 723 alias TRUSTED_DOMAIN_AUTH_INFORMATION* PTRUSTED_DOMAIN_AUTH_INFORMATION; 724 725 struct TRUSTED_DOMAIN_FULL_INFORMATION { 726 TRUSTED_DOMAIN_INFORMATION_EX Information; 727 TRUSTED_POSIX_OFFSET_INFO PosixOffset; 728 TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation; 729 } 730 alias TRUSTED_DOMAIN_FULL_INFORMATION* PTRUSTED_DOMAIN_FULL_INFORMATION; 731 732 extern (Windows) { 733 NTSTATUS LsaAddAccountRights(LSA_HANDLE, PSID, PLSA_UNICODE_STRING, 734 ULONG); 735 NTSTATUS LsaCallAuthenticationPackage(HANDLE, ULONG, PVOID, ULONG, 736 PVOID*, PULONG, PNTSTATUS); 737 NTSTATUS LsaClose(LSA_HANDLE); 738 NTSTATUS LsaConnectUntrusted(PHANDLE); 739 NTSTATUS LsaCreateTrustedDomainEx(LSA_HANDLE, 740 PTRUSTED_DOMAIN_INFORMATION_EX, PTRUSTED_DOMAIN_AUTH_INFORMATION, 741 ACCESS_MASK, PLSA_HANDLE); 742 NTSTATUS LsaDeleteTrustedDomain(LSA_HANDLE, PSID); 743 NTSTATUS LsaDeregisterLogonProcess(HANDLE); 744 NTSTATUS LsaEnumerateAccountRights(LSA_HANDLE, PSID, PLSA_UNICODE_STRING*, 745 PULONG); 746 NTSTATUS LsaEnumerateAccountsWithUserRight(LSA_HANDLE, 747 PLSA_UNICODE_STRING, PVOID*, PULONG); 748 NTSTATUS LsaEnumerateTrustedDomains(LSA_HANDLE, PLSA_ENUMERATION_HANDLE, 749 PVOID*, ULONG, PULONG); 750 NTSTATUS LsaEnumerateTrustedDomainsEx(LSA_HANDLE, PLSA_ENUMERATION_HANDLE, 751 TRUSTED_INFORMATION_CLASS, PVOID*, ULONG, PULONG); 752 NTSTATUS LsaFreeMemory(PVOID); 753 NTSTATUS LsaFreeReturnBuffer(PVOID); 754 NTSTATUS LsaLogonUser(HANDLE, PLSA_STRING, SECURITY_LOGON_TYPE, ULONG, 755 PVOID, ULONG, PTOKEN_GROUPS, PTOKEN_SOURCE, PVOID*, PULONG, PLUID, 756 PHANDLE, PQUOTA_LIMITS, PNTSTATUS); 757 NTSTATUS LsaLookupAuthenticationPackage(HANDLE, PLSA_STRING, PULONG); 758 NTSTATUS LsaLookupNames(LSA_HANDLE, ULONG, PLSA_UNICODE_STRING, 759 PLSA_REFERENCED_DOMAIN_LIST*, PLSA_TRANSLATED_SID*); 760 NTSTATUS LsaLookupSids(LSA_HANDLE, ULONG, PSID*, 761 PLSA_REFERENCED_DOMAIN_LIST*, PLSA_TRANSLATED_NAME*); 762 ULONG LsaNtStatusToWinError(NTSTATUS); 763 NTSTATUS LsaOpenPolicy(PLSA_UNICODE_STRING, PLSA_OBJECT_ATTRIBUTES, 764 ACCESS_MASK, PLSA_HANDLE); 765 NTSTATUS LsaQueryDomainInformationPolicy(LSA_HANDLE, 766 POLICY_DOMAIN_INFORMATION_CLASS, PVOID*); 767 NTSTATUS LsaQueryInformationPolicy(LSA_HANDLE, POLICY_INFORMATION_CLASS, 768 PVOID*); 769 NTSTATUS LsaQueryLocalInformationPolicy(LSA_HANDLE, 770 POLICY_LOCAL_INFORMATION_CLASS, PVOID*); 771 NTSTATUS LsaQueryTrustedDomainInfo(LSA_HANDLE, PSID, 772 TRUSTED_INFORMATION_CLASS, PVOID*); 773 NTSTATUS LsaQueryTrustedDomainInfoByName(LSA_HANDLE, PLSA_UNICODE_STRING, 774 TRUSTED_INFORMATION_CLASS, PVOID*); 775 NTSTATUS LsaRegisterLogonProcess(PLSA_STRING, PHANDLE, 776 PLSA_OPERATIONAL_MODE); 777 NTSTATUS LsaRemoveAccountRights(LSA_HANDLE, PSID, BOOLEAN, 778 PLSA_UNICODE_STRING, ULONG); 779 NTSTATUS LsaRetrievePrivateData(LSA_HANDLE, PLSA_UNICODE_STRING, 780 PLSA_UNICODE_STRING*); 781 NTSTATUS LsaSetDomainInformationPolicy(LSA_HANDLE, 782 POLICY_DOMAIN_INFORMATION_CLASS, PVOID); 783 NTSTATUS LsaSetInformationPolicy(LSA_HANDLE, POLICY_INFORMATION_CLASS, 784 PVOID); 785 NTSTATUS LsaSetLocalInformationPolicy(LSA_HANDLE, 786 POLICY_LOCAL_INFORMATION_CLASS, PVOID); 787 NTSTATUS LsaSetTrustedDomainInformation(LSA_HANDLE, PSID, 788 TRUSTED_INFORMATION_CLASS, PVOID); 789 NTSTATUS LsaSetTrustedDomainInfoByName(LSA_HANDLE, PLSA_UNICODE_STRING, 790 TRUSTED_INFORMATION_CLASS, PVOID); 791 NTSTATUS LsaStorePrivateData(LSA_HANDLE, PLSA_UNICODE_STRING, 792 PLSA_UNICODE_STRING); 793 } 794 795 alias NTSTATUS function(PUNICODE_STRING, ULONG, PUNICODE_STRING) 796 PSAM_PASSWORD_NOTIFICATION_ROUTINE; 797 alias BOOLEAN function() PSAM_INIT_NOTIFICATION_ROUTINE; 798 alias BOOLEAN function(PUNICODE_STRING, PUNICODE_STRING, 799 PUNICODE_STRING, BOOLEAN) PSAM_PASSWORD_FILTER_ROUTINE;