📄 gpedit.pas
字号:
// Group Policy Object option flags
//
const
GPO_OPTION_DISABLE_USER = $00000001; // The user portion of this GPO is disabled
{$EXTERNALSYM GPO_OPTION_DISABLE_USER}
GPO_OPTION_DISABLE_MACHINE = $00000002; // The machine portion of this GPO is disabled
{$EXTERNALSYM GPO_OPTION_DISABLE_MACHINE}
type
IGroupPolicyObject = interface (IUnknown)
['{EA502723-A23D-11d1-A7D3-0000F87571E3}']
// *** IGroupPolicyObject methods ***
//
// Creates a new GPO in the Active Directory with the given friendly name
// and opens it via OpenDSGPO(). If pszDomainName contains a domain
// controller name, the GPO will be created on that DC. If it does not
// specify a domain controller name, the method will select a DC on
// the callers behalf.
//
// pszDomainName contains the ADSI path of the domain root
// pszDisplayName contains the friendly display name
// dwFlags is a bitmask of GPO open / creation flags listed above
//
function New(pszDomainName, pszDisplayName: LPOLESTR; dwFlags: DWORD): HRESULT; stdcall;
//
// Opens the specified Group Policy Object in the Active Directory
// based upon the passed in flags. If pszPath contains a domain
// controller name, the GPO will be opened on that DC. If it does
// not contain a domain controller name, the method will select a
// DC on the callers behalf. If the registry is not loaded,
// GetRegistryKey() will return E_FAIL.
//
// pszPath contains the ADSI path to the GPO to open
// dwFlags is a bitmask of GPO open / creation flags listed above
//
function OpenDSGPO(pszPath: LPOLESTR; dwFlags: DWORD): HRESULT; stdcall;
//
// Opens the default Group Policy Object on this machine with the
// dwFlags options listed above. If the registry is not loaded,
// GetRegistryKey() will return E_FAIL.
//
// dwFlags is a bitmask of GPO open / creation flags listed above
//
function OpenLocalMachineGPO(dwFlags: DWORD): HRESULT; stdcall;
//
// Opens the default Group Policy Object on a remote machine with the
// dwFlags options listed above. If the registry is not loaded,
// GetRegistryKey() will return E_FAIL.
//
// pszComputerName contains the machine name in \\machine format
// dwFlags is a bitmask of GPO open / creation flags listed above
//
function OpenRemoteMachineGPO(pszComputerName: LPOLESTR; dwFlags: DWORD): HRESULT; stdcall;
//
// Flushes the registry settings to disk and updates the revision
// number of the GPO.
//
// bMachine specifies if machine or user should be saved.
// bAdd specifies whether this is an add or delete.
// pGuidExtension is the guid or unique name of extension that
// will process this GPO.
// pGuid is a guid
//
function Save(bMachine, bAdd: BOOL; const pGuidExtension, pGuid: GUID): HRESULT; stdcall;
//
// Deletes this Group Policy Object.
//
// After calling this method, no other methods are valid to call
// since the data will have been deleted.
//
function Delete: HRESULT; stdcall;
//
// Returns the unique Group Policy Object name
//
// For Active Directory policy objects, this is a GUID
// For the local policy object, it is the string "Local"
// For remote policy objects, it is the computername
//
// pszName contains the name on return
// cchMaxLength is the max number of characters that can be stored in pszName
//
function GetName(pszName: LPOLESTR; cchMaxLength: Integer): HRESULT; stdcall;
//
// Returns the friendly display name for this Group Policy Object
//
// pszName contains the name on return
// cchMaxLength is the max number of characters that can be stored in pszName
//
function GetDisplayName(pszName: LPOLESTR; cchMaxLength: Integer): HRESULT; stdcall;
//
// Sets the friendly display name for this Group Policy Object
//
// pszName is the new display name
//
function SetDisplayName(pszName: LPOLESTR): HRESULT; stdcall;
//
// Returns the path to the Group Policy Object
//
//
// If the GPO is an Active Directory object, the path is in ADSI name format.
// If the GPO is a machine object, it is a file system path
//
// pszPath contains the path on return
// cchMaxPath is the max number of characters that can be stored in pszPath
//
function GetPath(pszPath: LPOLESTR; cchMaxPath: Integer): HRESULT; stdcall;
//
// Returns the Active Directory path to the root of the request section.
// The path is in DN name format.
//
// dwSection is one of the GPO_SECTION_* flags
// pszPath contains the path on return
// cchMaxPath is the max number of characters that can be stored in pszPath
//
function GetDSPath(dwSection: DWORD; pszPath: LPOLESTR; cchMaxPath: Integer): HRESULT; stdcall;
//
// Returns the UNC path to the root of the requested section.
//
// dwSection is one of the GPO_SECTION_* flags
// pszPath contains the path on return
// cchMaxPath is the number of characters that can be stored in pszPath.
//
function GetFileSysPath(dwSection: DWORD; pszPath: LPOLESTR; cchMaxPath: Integer): HRESULT; stdcall;
//
// Returns a registry key handle for the requested section. The returned
// key is the root of the registry, not the Policies subkey. To set / read
// a value in the Policies subkey, you will need to call RegOpenKeyEx to
// open Software\Policies subkey first.
//
// The handle has been opened with ALL ACCESS rights. Call RegCloseKey
// on the handle when finished.
//
// If the GPO was loaded / created without the registry being loaded
// this method will return E_FAIL.
//
// dwSection is either GPO_SECTION_USER or GPO_SECTION_MACHINE
// hKey contains the registry key on return
//
function GetRegistryKey(dwSection: DWORD; var hKey: HKEY): HRESULT; stdcall;
//
// Returns any options for this Group Policy Object
//
// dwOptions receives the GPO_OPTION_* flags
//
function GetOptions(var dwOptions: DWORD): HRESULT; stdcall;
//
// Sets any options for this Group Policy Object
//
// This method sets any options for this GPO. To change
// an option, that flag must be set in the mask field.
// If the flag is in the mask field, then the dwOptions
// field is read for the current state.
//
// For example: to disable the GPO, make this call
//
// SetOptions (GPO_OPTION_DISABLED, GPO_OPTION_DISABLED);
//
// dwOptions specifies one or more GPO_OPTION_* flags
// dwMask specificies which of the dwOptions to change
//
function SetOptions(dwOptions, dwMask: DWORD): HRESULT; stdcall;
//
// Returns the type of GPO being edited.
//
// The three types are: a GPO in the Active Directory, the GPO on the local machine,
// and the GPO on a remote machine.
//
// Machine GPOs only have file system storage (no Active Directory storage available).
// If GetDSPath is called for a machine GPO, the function will succeed
// and the returned buffer will be the empty string ""
//
// Active Directory GPOs have both file system and Active Directory storage available to them.
//
// gpoType receives one of the type flags
//
function GetType(var gpoType: GROUP_POLICY_OBJECT_TYPE): HRESULT; stdcall;
//
// Returns the machine name of the remote GPO
//
// This method returns the name passed to OpenRemoteMachineGPO.
//
// pszName contains the name on return
// cchMaxLength is the max number of characters that can be stored in pszName
//
function GetMachineName(pszName: LPOLESTR; cchMaxLength: Integer): HRESULT; stdcall;
//
// Returns an array of property sheet pages and the number of pages
// in the array
//
// Note, this method will allocate memory for the array with
// LocalAlloc. When finished, the caller should free the array
// with LocalFree
//
// hPages address of the pointer for the array of property sheet pages
// uPageCount receives the number of pages in the array
//
function GetPropertySheetPages(var hPages: PHPROPSHEETPAGE; var uPageCount: UINT): HRESULT; stdcall;
end;
{$EXTERNALSYM IGroupPolicyObject}
LPGROUPPOLICYOBJECT = ^IGroupPolicyObject;
{$EXTERNALSYM LPGROUPPOLICYOBJECT}
//=============================================================================
//
// CreateGPOLink
//
// Creates a link to a GPO for the specified Site, Domain, or Organizational Unit
//
// lpGPO - ADSI path to the GPO
// lpContainer - ADSI path to the Site, Domain, or Organizational Unit
// fHighPriority - Create the link as the highest or lowest priority
//
// Returns: S_OK if successful
//
//=============================================================================
function CreateGPOLink(lpGPO, lpContainer: LPOLESTR; fHighPriority: BOOL): HRESULT; stdcall;
{$EXTERNALSYM CreateGPOLink}
//=============================================================================
//
// DeleteGPOLink
//
// Deletes a link to a GPO for the specified Site, Domain, or Organizational Unit
//
// lpGPO - ADSI path to the GPO
// lpContainer - ADSI path to the Site, Domain, or Organizational Unit
//
// Returns: S_OK if successful
//
//=============================================================================
function DeleteGPOLink(lpGPO, lpContainer: LPOLESTR): HRESULT; stdcall;
{$EXTERNALSYM DeleteGPOLink}
//=============================================================================
//
// DeleteAllGPOLinks
//
// Deletes all GPO links for the specified Site, Domain, or Organizational Unit
//
// lpContainer - ADSI path to the Site, Domain, or Organizational Unit
//
// Returns: S_OK if successful
//
//=============================================================================
function DeleteAllGPOLinks(lpContainer: LPOLESTR): HRESULT; stdcall;
{$EXTERNALSYM DeleteAllGPOLinks}
//=============================================================================
//
// BrowseForGPO
//
// Displays the GPO browser dialog
//
// lpBrowseInfo - Address of a GPOBROWSEINFO structure
//
// Returns: S_OK if successful
//
//=============================================================================
//
// Flags passed in the dwFlags field of the GPOBROWSEINFO structure
//
const
GPO_BROWSE_DISABLENEW = $00000001; // Disables the New GPO functionality on all pages except "All"
{$EXTERNALSYM GPO_BROWSE_DISABLENEW}
GPO_BROWSE_NOCOMPUTERS = $00000002; // Removes the Computers tab
{$EXTERNALSYM GPO_BROWSE_NOCOMPUTERS}
GPO_BROWSE_NODSGPOS = $00000004; // Removes the Domain/OU and Sites tabs
{$EXTERNALSYM GPO_BROWSE_NODSGPOS}
GPO_BROWSE_OPENBUTTON = $00000008; // Change the Ok button to say Open
{$EXTERNALSYM GPO_BROWSE_OPENBUTTON}
type
tag_GPOBROWSEINFO = record
dwSize: DWORD; // [in] Initialized to the size of this structure
dwFlags: DWORD; // [in] Flags defined above
hwndOwner: HWND; // [in] Parent window handle (can be NULL)
lpTitle: LPOLESTR; // [in] Title bar text. If NULL, "Browse for a Group Policy Object" will be the default text
lpInitialOU: LPOLESTR; // [in] Initial Domain/Organizational Unit to open focus on
lpDSPath: LPOLESTR; // [in/out] Pointer to the buffer that receives the Active Directory GPO path
dwDSPathSize: DWORD; // [in] Size in characters of buffer given in lpDSPath
lpName: LPOLESTR; // [in/out] Pointer to a buffer that receives either the computer name or
// the friendly name of the GPO (can be NULL)
dwNameSize: DWORD; // [in] Size in characters of buffer given in lpName
gpoType: GROUP_POLICY_OBJECT_TYPE; // [out] Specifies the type of GPO
gpoHint: GROUP_POLICY_HINT_TYPE; // [out] Specifies a hint of the GPO association
end;
{$EXTERNALSYM tag_GPOBROWSEINFO}
GPOBROWSEINFO = tag_GPOBROWSEINFO;
{$EXTERNALSYM GPOBROWSEINFO}
LPGPOBROWSEINFO = ^GPOBROWSEINFO;
TGpoBrowseInfo = GPOBROWSEINFO;
PGpoBrowseInfo = LPGPOBROWSEINFO;
function BrowseForGPO(var lpBrowseInfo: GPOBROWSEINFO): HRESULT; stdcall;
{$EXTERNALSYM BrowseForGPO}
implementation
const
gpeditlib = 'gpedit.dll';
function CreateGPOLink; external gpeditlib name 'CreateGPOLink';
function DeleteGPOLink; external gpeditlib name 'DeleteGPOLink';
function DeleteAllGPOLinks; external gpeditlib name 'DeleteAllGPOLinks';
function BrowseForGPO; external gpeditlib name 'BrowseForGPO';
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -