⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 ntsecapi.pas

📁 详细Windows API大全有关知识以及相关问题
💻 PAS
📖 第 1 页 / 共 5 页
字号:
🔍
12345 
{******************************************************************}
{                                                       	   }
{       Borland Delphi Runtime Library                  	   }
{       LSA interface unit                                         }
{ 								   }
{ Portions created by Microsoft are 				   }
{ Copyright (C) 1995-1999 Microsoft Corporation. 		   }
{ All Rights Reserved. 						   }
{ 								   }
{ The original file is: ntsecapi.h, released June 2000. 	   }
{ The original Pascal code is: NtSecApi.pas, released Dec 2000     }
{ The initial developer of the Pascal code is Marcel van Brakel    }
{ (brakelm@bart.nl).                      			   }
{ 								   }
{ Portions created by Marcel van Brakel are			   }
{ Copyright (C) 1999 Marcel van Brakel.				   }
{ 								   }
{ Obtained through:                               	           }
{ Joint Endeavour of Delphi Innovators (Project JEDI)              }
{								   }
{ You may retrieve the latest version of this file at the Project  }
{ JEDI home page, located at http://delphi-jedi.org                }
{								   }
{ The contents of this file are used with permission, subject to   }
{ the Mozilla Public License Version 1.1 (the "License"); you may  }
{ not use this file except in compliance with the License. You may }
{ obtain a copy of the License at                                  }
{ http://www.mozilla.org/MPL/MPL-1.1.html 	                   }
{                                                                  }
{ Software distributed under the License is distributed on an 	   }
{ "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or   }
{ implied. See the License for the specific language governing     }
{ rights and limitations under the License. 			   }
{ 								   }
{******************************************************************}

unit NtSecApi;

{$WEAKPACKAGEUNIT}

{$HPPEMIT ''}
{$HPPEMIT '#include "ntsecapi.h"'}
{$HPPEMIT ''}

{$I WINDEFINES.INC}

interface

uses
  WinType, Nt_Status, WinNT;

//
// Security operation mode of the system is held in a control
// longword.
//

type
  LSA_OPERATIONAL_MODE = ULONG;
  {$EXTERNALSYM LSA_OPERATIONAL_MODE}
  PLSA_OPERATIONAL_MODE = ^LSA_OPERATIONAL_MODE;
  {$EXTERNALSYM PLSA_OPERATIONAL_MODE}

//
// The flags in the security operational mode are defined
// as:
//
//    PasswordProtected - Some level of authentication (such as
//        a password) must be provided by users before they are
//        allowed to use the system.  Once set, this value will
//        not be cleared without re-booting the system.
//
//    IndividualAccounts - Each user must identify an account to
//        logon to.  This flag is only meaningful if the
//        PasswordProtected flag is also set.  If this flag is
//        not set and the PasswordProtected flag is set, then all
//        users may logon to the same account.  Once set, this value
//        will not be cleared without re-booting the system.
//
//    MandatoryAccess - Indicates the system is running in a mandatory
//        access control mode (e.g., B-level as defined by the U.S.A's
//        Department of Defense's "Orange Book").  This is not utilized
//        in the current release of NT.  This flag is only meaningful
//        if both the PasswordProtected and IndividualAccounts flags are
//        set.  Once set, this value will not be cleared without
//        re-booting the system.
//
//    LogFull - Indicates the system has been brought up in a mode in
//        which if must perform security auditing, but its audit log
//        is full.  This may (should) restrict the operations that
//        can occur until the audit log is made not-full again.  THIS
//        VALUE MAY BE CLEARED WHILE THE SYSTEM IS RUNNING (I.E., WITHOUT
//        REBOOTING).
//
// If the PasswordProtected flag is not set, then the system is running
// without security, and user interface should be adjusted appropriately.
//

const
  LSA_MODE_PASSWORD_PROTECTED  = ($00000001);
  {$EXTERNALSYM LSA_MODE_PASSWORD_PROTECTED}
  LSA_MODE_INDIVIDUAL_ACCOUNTS = ($00000002);
  {$EXTERNALSYM LSA_MODE_INDIVIDUAL_ACCOUNTS}
  LSA_MODE_MANDATORY_ACCESS    = ($00000004);
  {$EXTERNALSYM LSA_MODE_MANDATORY_ACCESS}
  LSA_MODE_LOG_FULL            = ($00000008);
  {$EXTERNALSYM LSA_MODE_LOG_FULL}

//
// Used by a logon process to indicate what type of logon is being
// requested.
//

type
  _SECURITY_LOGON_TYPE = (
    seltFiller0, seltFiller1,
    Interactive,        // Interactively logged on (locally or remotely)
    Network,            // Accessing system via network
    Batch,              // Started via a batch queue
    Service,            // Service started by service controller
    Proxy,              // Proxy logon
    Unlock,             // Unlock workstation
    NetworkCleartext,   // Network logon with cleartext credentials
    NewCredentials);    // Clone caller, new default credentials
  {$EXTERNALSYM _SECURITY_LOGON_TYPE}
  SECURITY_LOGON_TYPE = _SECURITY_LOGON_TYPE;
  {$EXTERNALSYM SECURITY_LOGON_TYPE}
  PSECURITY_LOGON_TYPE = ^SECURITY_LOGON_TYPE;
  {$EXTERNALSYM PSECURITY_LOGON_TYPE}
  TSecurityLogonType = SECURITY_LOGON_TYPE;
  PSecurityLogonType = PSECURITY_LOGON_TYPE;

//
// Audit Event Categories
//
// The following are the built-in types or Categories of audit event.
// WARNING!  This structure is subject to expansion.  The user should not
// compute the number of elements of this type directly, but instead
// should obtain the count of elements by calling LsaQueryInformationPolicy()
// for the PolicyAuditEventsInformation class and extracting the count from
// the MaximumAuditEventCount field of the returned structure.
//

  _POLICY_AUDIT_EVENT_TYPE = (
    AuditCategorySystem,
    AuditCategoryLogon,
    AuditCategoryObjectAccess,
    AuditCategoryPrivilegeUse,
    AuditCategoryDetailedTracking,
    AuditCategoryPolicyChange,
    AuditCategoryAccountManagement,
    AuditCategoryDirectoryServiceAccess,
    AuditCategoryAccountLogon);
  {$EXTERNALSYM _POLICY_AUDIT_EVENT_TYPE}
  POLICY_AUDIT_EVENT_TYPE = _POLICY_AUDIT_EVENT_TYPE;
  {$EXTERNALSYM POLICY_AUDIT_EVENT_TYPE}
  PPOLICY_AUDIT_EVENT_TYPE = ^POLICY_AUDIT_EVENT_TYPE;
  {$EXTERNALSYM PPOLICY_AUDIT_EVENT_TYPE}
  TPolicyAuditEventType = POLICY_AUDIT_EVENT_TYPE;
  PPolicyAuditEventType = PPOLICY_AUDIT_EVENT_TYPE;  

//
// The following defines describe the auditing options for each
// event type
//

const

// Leave options specified for this event unchanged

  POLICY_AUDIT_EVENT_UNCHANGED = ($00000000);
  {$EXTERNALSYM POLICY_AUDIT_EVENT_UNCHANGED}

// Audit successful occurrences of events of this type

  POLICY_AUDIT_EVENT_SUCCESS = ($00000001);
  {$EXTERNALSYM POLICY_AUDIT_EVENT_SUCCESS}

// Audit failed attempts to cause an event of this type to occur

  POLICY_AUDIT_EVENT_FAILURE = ($00000002);
  {$EXTERNALSYM POLICY_AUDIT_EVENT_FAILURE}

  POLICY_AUDIT_EVENT_NONE    = ($00000004);
  {$EXTERNALSYM POLICY_AUDIT_EVENT_NONE}

// Mask of valid event auditing options

  POLICY_AUDIT_EVENT_MASK = (POLICY_AUDIT_EVENT_SUCCESS or POLICY_AUDIT_EVENT_FAILURE or
    POLICY_AUDIT_EVENT_UNCHANGED or POLICY_AUDIT_EVENT_NONE);
  {$EXTERNALSYM POLICY_AUDIT_EVENT_MASK}
  TPolicyAuditEventMask = POLICY_AUDIT_EVENT_MASK;

type
  PLSA_UNICODE_STRING = ^LSA_UNICODE_STRING;
  {$EXTERNALSYM PLSA_UNICODE_STRING}
  _LSA_UNICODE_STRING = record
    Length: USHORT;
    MaximumLength: USHORT;
    Buffer: PWSTR;
  end;
  {$EXTERNALSYM _LSA_UNICODE_STRING}
  LSA_UNICODE_STRING = _LSA_UNICODE_STRING;
  {$EXTERNALSYM LSA_UNICODE_STRING}
  TLsaUnicodeString = LSA_UNICODE_STRING;
  PLsaUnicodeString = PLSA_UNICODE_STRING;

  PLSA_STRING = ^LSA_STRING;
  {$EXTERNALSYM PLSA_STRING}
  _LSA_STRING = record
    Length: USHORT;
    MaximumLength: USHORT;
    Buffer: PCHAR;
  end;
  {$EXTERNALSYM _LSA_STRING}
  LSA_STRING = _LSA_STRING;
  {$EXTERNALSYM LSA_STRING}
  TLsaString = LSA_STRING;
  PLsaString = PLSA_STRING;

  PLSA_OBJECT_ATTRIBUTES = ^LSA_OBJECT_ATTRIBUTES;
  {$EXTERNALSYM PLSA_OBJECT_ATTRIBUTES}
  _LSA_OBJECT_ATTRIBUTES = record
    Length: ULONG;
    RootDirectory: HANDLE;
    ObjectName: PLSA_UNICODE_STRING;
    Attributes: ULONG;
    SecurityDescriptor: PVOID; // Points to type SECURITY_DESCRIPTOR
    SecurityQualityOfService: PVOID; // Points to type SECURITY_QUALITY_OF_SERVICE
  end;
  {$EXTERNALSYM _LSA_OBJECT_ATTRIBUTES}
  LSA_OBJECT_ATTRIBUTES = _LSA_OBJECT_ATTRIBUTES;
  {$EXTERNALSYM LSA_OBJECT_ATTRIBUTES}
  TLsaObjectAttributes = LSA_OBJECT_ATTRIBUTES;
  PLsaObjectAttributes = PLSA_OBJECT_ATTRIBUTES;

//
// Macro for determining whether an API succeeded.
//

function LSA_SUCCESS(Error: NTSTATUS): BOOL;
{$EXTERNALSYM LSA_SUCCESS}

function LsaRegisterLogonProcess(const LogonProcessName: LSA_STRING;
  var LsaHandle: HANDLE; SecurityMode: PLSA_OPERATIONAL_MODE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaRegisterLogonProcess}

function LsaLogonUser(LsaHandle: HANDLE; const OriginName: LSA_STRING;
  LogonType: SECURITY_LOGON_TYPE; AuthenticationPackage: ULONG;
  AuthenticationInformation: PVOID; AuthenticationInformationLength: ULONG;
  LocalGroups: PTOKEN_GROUPS; SourceContext: PTOKEN_SOURCE;
  var ProfileBuffer: PVOID; var ProfileBufferLength: ULONG; var LogonId: LUID;
  var Token: HANDLE; var Quotas: QUOTA_LIMITS; var SubStatus: NTSTATUS): NTSTATUS; stdcall;
{$EXTERNALSYM LsaLogonUser}

function LsaLookupAuthenticationPackage(LsaHandle: HANDLE;
  const PackageName: LSA_STRING; var AuthenticationPackage: ULONG): NTSTATUS; stdcall;
{$EXTERNALSYM LsaLookupAuthenticationPackage}

function LsaFreeReturnBuffer(Buffer: PVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaFreeReturnBuffer}

function LsaCallAuthenticationPackage(LsaHandle: HANDLE;
  AuthenticationPackage: ULONG; ProtocolSubmitBuffer: PVOID;
  SubmitBufferLength: ULONG; var ProtocolReturnBuffer: PVOID;
  var ReturnBufferLength: ULONG; var ProtocolStatus: NTSTATUS): NTSTATUS; stdcall;
{$EXTERNALSYM LsaCallAuthenticationPackage}

function LsaDeregisterLogonProcess(LsaHandle: HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaDeregisterLogonProcess}

function LsaConnectUntrusted(var LsaHandle: HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaConnectUntrusted}

////////////////////////////////////////////////////////////////////////////
//                                                                        //
// Local Security Policy Administration API datatypes and defines         //
//                                                                        //
////////////////////////////////////////////////////////////////////////////

//
// Access types for the Policy object
//

const
  POLICY_VIEW_LOCAL_INFORMATION   = $00000001;
  {$EXTERNALSYM POLICY_VIEW_LOCAL_INFORMATION}
  POLICY_VIEW_AUDIT_INFORMATION   = $00000002;
  {$EXTERNALSYM POLICY_VIEW_AUDIT_INFORMATION}
  POLICY_GET_PRIVATE_INFORMATION  = $00000004;
  {$EXTERNALSYM POLICY_GET_PRIVATE_INFORMATION}
  POLICY_TRUST_ADMIN              = $00000008;
  {$EXTERNALSYM POLICY_TRUST_ADMIN}
  POLICY_CREATE_ACCOUNT           = $00000010;
  {$EXTERNALSYM POLICY_CREATE_ACCOUNT}
  POLICY_CREATE_SECRET            = $00000020;
  {$EXTERNALSYM POLICY_CREATE_SECRET}
  POLICY_CREATE_PRIVILEGE         = $00000040;
  {$EXTERNALSYM POLICY_CREATE_PRIVILEGE}
  POLICY_SET_DEFAULT_QUOTA_LIMITS = $00000080;
  {$EXTERNALSYM POLICY_SET_DEFAULT_QUOTA_LIMITS}
  POLICY_SET_AUDIT_REQUIREMENTS   = $00000100;
  {$EXTERNALSYM POLICY_SET_AUDIT_REQUIREMENTS}
  POLICY_AUDIT_LOG_ADMIN          = $00000200;
  {$EXTERNALSYM POLICY_AUDIT_LOG_ADMIN}
  POLICY_SERVER_ADMIN             = $00000400;
  {$EXTERNALSYM POLICY_SERVER_ADMIN}
  POLICY_LOOKUP_NAMES             = $00000800;
  {$EXTERNALSYM POLICY_LOOKUP_NAMES}
  POLICY_NOTIFICATION             = $00001000;
  {$EXTERNALSYM POLICY_NOTIFICATION}

  POLICY_ALL_ACCESS =         (STANDARD_RIGHTS_REQUIRED         or
                               POLICY_VIEW_LOCAL_INFORMATION    or
                               POLICY_VIEW_AUDIT_INFORMATION    or
                               POLICY_GET_PRIVATE_INFORMATION   or
                               POLICY_TRUST_ADMIN               or
                               POLICY_CREATE_ACCOUNT            or
                               POLICY_CREATE_SECRET             or
                               POLICY_CREATE_PRIVILEGE          or
                               POLICY_SET_DEFAULT_QUOTA_LIMITS  or
                               POLICY_SET_AUDIT_REQUIREMENTS    or
                               POLICY_AUDIT_LOG_ADMIN           or
                               POLICY_SERVER_ADMIN              or
                               POLICY_LOOKUP_NAMES);
  {$EXTERNALSYM POLICY_ALL_ACCESS}

  POLICY_READ =               (STANDARD_RIGHTS_READ or
                               POLICY_VIEW_AUDIT_INFORMATION or
                               POLICY_GET_PRIVATE_INFORMATION);
  {$EXTERNALSYM POLICY_READ}

  POLICY_WRITE =              (STANDARD_RIGHTS_WRITE            or
                               POLICY_TRUST_ADMIN               or
                               POLICY_CREATE_ACCOUNT            or
                               POLICY_CREATE_SECRET             or
                               POLICY_CREATE_PRIVILEGE          or
                               POLICY_SET_DEFAULT_QUOTA_LIMITS  or
                               POLICY_SET_AUDIT_REQUIREMENTS    or
                               POLICY_AUDIT_LOG_ADMIN           or
                               POLICY_SERVER_ADMIN);
  {$EXTERNALSYM POLICY_WRITE}

  POLICY_EXECUTE =            (STANDARD_RIGHTS_EXECUTE          or
                               POLICY_VIEW_LOCAL_INFORMATION    or
12345

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -