ntsecapi.pas

详细Windows API大全有关知识以及相关问题

    PolicyNotifyDomainEfsInformation,
    PolicyNotifyDomainKerberosTicketInformation,
    PolicyNotifyMachineAccountPasswordInformation);
  {$EXTERNALSYM _POLICY_NOTIFICATION_INFORMATION_CLASS}
  POLICY_NOTIFICATION_INFORMATION_CLASS = _POLICY_NOTIFICATION_INFORMATION_CLASS;
  {$EXTERNALSYM POLICY_NOTIFICATION_INFORMATION_CLASS}
  PPOLICY_NOTIFICATION_INFORMATION_CLASS = ^POLICY_NOTIFICATION_INFORMATION_CLASS;
  {$EXTERNALSYM PPOLICY_NOTIFICATION_INFORMATION_CLASS}
  TPolicyNotificationInformationClass = POLICY_NOTIFICATION_INFORMATION_CLASS;
  PPolicyNotificationInformationClass = PPOLICY_NOTIFICATION_INFORMATION_CLASS;  

//
// LSA RPC Context Handle (Opaque form).  Note that a Context Handle is
// always a pointer type unlike regular handles.
//

  LSA_HANDLE = PVOID;
  {$EXTERNALSYM LSA_HANDLE}
  PLSA_HANDLE = ^LSA_HANDLE;
  {$EXTERNALSYM PLSA_HANDLE}

//
// Trusted Domain Object specific data types
//

//
// This data type defines the following information classes that may be
// queried or set.
//

  _TRUSTED_INFORMATION_CLASS = (
    ticFiller0,
    TrustedDomainNameInformation,
    TrustedControllersInformation,
    TrustedPosixOffsetInformation,
    TrustedPasswordInformation,
    TrustedDomainInformationBasic,
    TrustedDomainInformationEx,
    TrustedDomainAuthInformation,
    TrustedDomainFullInformation,
    TrustedDomainAuthInformationInternal,
    TrustedDomainFullInformationInternal);
  {$EXTERNALSYM _TRUSTED_INFORMATION_CLASS}
  TRUSTED_INFORMATION_CLASS = _TRUSTED_INFORMATION_CLASS;
  {$EXTERNALSYM TRUSTED_INFORMATION_CLASS}
  PTRUSTED_INFORMATION_CLASS = ^TRUSTED_INFORMATION_CLASS;
  {$EXTERNALSYM PTRUSTED_INFORMATION_CLASS}
  TTrustedInfomationClass = TRUSTED_INFORMATION_CLASS;
  PTrustedInfomationClass = PTRUSTED_INFORMATION_CLASS;  

//
// The following data type corresponds to the TrustedDomainNameInformation
// information class.
//

  PTRUSTED_DOMAIN_NAME_INFO = ^TRUSTED_DOMAIN_NAME_INFO;
  {$EXTERNALSYM PTRUSTED_DOMAIN_NAME_INFO}
  _TRUSTED_DOMAIN_NAME_INFO = record
    Name: LSA_UNICODE_STRING;
  end;
  {$EXTERNALSYM _TRUSTED_DOMAIN_NAME_INFO}
  TRUSTED_DOMAIN_NAME_INFO = _TRUSTED_DOMAIN_NAME_INFO;
  {$EXTERNALSYM TRUSTED_DOMAIN_NAME_INFO}
  TTrustedDomainNameInfo = TRUSTED_DOMAIN_NAME_INFO;
  PTrustedDomainNameInfo = PTRUSTED_DOMAIN_NAME_INFO;

// where members have the following meaning:
//
// Name - The name of the Trusted Domain.
//

//
// The following data type corresponds to the TrustedControllersInformation
// information class.
//

  PTRUSTED_CONTROLLERS_INFO = ^TRUSTED_CONTROLLERS_INFO;
  {$EXTERNALSYM PTRUSTED_CONTROLLERS_INFO}
  _TRUSTED_CONTROLLERS_INFO = record
    Entries: ULONG;
    Names: PLSA_UNICODE_STRING;
  end;
  {$EXTERNALSYM _TRUSTED_CONTROLLERS_INFO}
  TRUSTED_CONTROLLERS_INFO = _TRUSTED_CONTROLLERS_INFO;
  {$EXTERNALSYM TRUSTED_CONTROLLERS_INFO}
  TTrustedControllersInfo = TRUSTED_CONTROLLERS_INFO;
  PTrustedControllersInfo = PTRUSTED_CONTROLLERS_INFO;

// where members have the following meaning:
//
// Entries - Indicate how mamy entries there are in the Names array.
//
// Names - Pointer to an array of LSA_UNICODE_STRING structures containing the
//     names of domain controllers of the domain.  This information may not
//     be accurate and should be used only as a hint.  The order of this
//     list is considered significant and will be maintained.
//
//     By convention, the first name in this list is assumed to be the
//     Primary Domain Controller of the domain.  If the Primary Domain
//     Controller is not known, the first name should be set to the NULL
//     string.
//


//
// The following data type corresponds to the TrustedPosixOffsetInformation
// information class.
//

  PTRUSTED_POSIX_OFFSET_INFO = ^TRUSTED_POSIX_OFFSET_INFO;
  {$EXTERNALSYM PTRUSTED_POSIX_OFFSET_INFO}
  _TRUSTED_POSIX_OFFSET_INFO = record
    Offset: ULONG;
  end;
  {$EXTERNALSYM _TRUSTED_POSIX_OFFSET_INFO}
  TRUSTED_POSIX_OFFSET_INFO = _TRUSTED_POSIX_OFFSET_INFO;
  {$EXTERNALSYM TRUSTED_POSIX_OFFSET_INFO}
  TTrustedPosixOffsetInfo = TRUSTED_POSIX_OFFSET_INFO;
  PTrustedPosixOffsetInfo = PTRUSTED_POSIX_OFFSET_INFO;

// where members have the following meaning:
//
// Offset - Is an offset to use for the generation of Posix user and group
//     IDs from SIDs.  The Posix ID corresponding to any particular SID is
//     generated by adding the RID of that SID to the Offset of the SID's
//     corresponding TrustedDomain object.
//

//
// The following data type corresponds to the TrustedPasswordInformation
// information class.
//

  PTRUSTED_PASSWORD_INFO = ^TRUSTED_PASSWORD_INFO;
  {$EXTERNALSYM PTRUSTED_PASSWORD_INFO}
  _TRUSTED_PASSWORD_INFO = record
    Password: LSA_UNICODE_STRING;
    OldPassword: LSA_UNICODE_STRING;
  end;
  {$EXTERNALSYM _TRUSTED_PASSWORD_INFO}
  TRUSTED_PASSWORD_INFO = _TRUSTED_PASSWORD_INFO;
  {$EXTERNALSYM TRUSTED_PASSWORD_INFO}
  TTrustedPasswordInfo = TRUSTED_PASSWORD_INFO;
  PTrustedPasswordInfo = PTRUSTED_PASSWORD_INFO;

  TRUSTED_DOMAIN_INFORMATION_BASIC = LSA_TRUST_INFORMATION;
  {$EXTERNALSYM TRUSTED_DOMAIN_INFORMATION_BASIC}
  PTRUSTED_DOMAIN_INFORMATION_BASIC = PLSA_TRUST_INFORMATION;
  {$EXTERNALSYM PTRUSTED_DOMAIN_INFORMATION_BASIC}
  TTrustedDomainInformationBasic = TRUSTED_DOMAIN_INFORMATION_BASIC;
  PTrustedDomainInformationBasic = PTRUSTED_DOMAIN_INFORMATION_BASIC;

//
// Direction of the trust
//

const
  TRUST_DIRECTION_DISABLED      = $00000000;
  {$EXTERNALSYM TRUST_DIRECTION_DISABLED}
  TRUST_DIRECTION_INBOUND       = $00000001;
  {$EXTERNALSYM TRUST_DIRECTION_INBOUND}
  TRUST_DIRECTION_OUTBOUND      = $00000002;
  {$EXTERNALSYM TRUST_DIRECTION_OUTBOUND}
  TRUST_DIRECTION_BIDIRECTIONAL = (TRUST_DIRECTION_INBOUND or TRUST_DIRECTION_OUTBOUND);
  {$EXTERNALSYM TRUST_DIRECTION_BIDIRECTIONAL}

  TRUST_TYPE_DOWNLEVEL = $00000001; // NT4 and before
  {$EXTERNALSYM TRUST_TYPE_DOWNLEVEL}
  TRUST_TYPE_UPLEVEL   = $00000002; // NT5
  {$EXTERNALSYM TRUST_TYPE_UPLEVEL}
  TRUST_TYPE_MIT       = $00000003; // Trust with a MIT Kerberos realm
  {$EXTERNALSYM TRUST_TYPE_MIT}
  TRUST_TYPE_DCE       = $00000004; // Trust with a DCE realm
  {$EXTERNALSYM TRUST_TYPE_DCE}

// Levels 0x5 - 0x000FFFFF reserved for future use
// Provider specific trust levels are from 0x00100000 to 0xFFF00000

  TRUST_ATTRIBUTE_NON_TRANSITIVE = $00000001; // Disallow transitivity
  {$EXTERNALSYM TRUST_ATTRIBUTE_NON_TRANSITIVE}
  TRUST_ATTRIBUTE_UPLEVEL_ONLY   = $00000002; // Trust link only valid
  {$EXTERNALSYM TRUST_ATTRIBUTE_UPLEVEL_ONLY} // for uplevel client

  TRUST_ATTRIBUTE_TREE_PARENT = $00400000;   // Denotes that we are setting the trust
  {$EXTERNALSYM TRUST_ATTRIBUTE_TREE_PARENT} // to our parent in the org tree...
  TRUST_ATTRIBUTE_TREE_ROOT = $00800000;     // Denotes that we are setting the trust
  {$EXTERNALSYM TRUST_ATTRIBUTE_TREE_ROOT}   //to another tree root in a forest...

// Trust attributes 0x00000004 through 0x004FFFFF reserved for future use
// Trust attributes 0x00F00000 through 0x00400000 are reserved for internal use
// Trust attributes 0x01000000 through 0xFF000000 are reserved for user
// defined values

  TRUST_ATTRIBUTES_VALID = DWORD($FF02FFFF);
  {$EXTERNALSYM TRUST_ATTRIBUTES_VALID}
  TRUST_ATTRIBUTES_USER  = DWORD($FF000000);
  {$EXTERNALSYM TRUST_ATTRIBUTES_USER}

type
  PTRUSTED_DOMAIN_INFORMATION_EX = ^TRUSTED_DOMAIN_INFORMATION_EX;
  {$EXTERNALSYM PTRUSTED_DOMAIN_INFORMATION_EX}
  _TRUSTED_DOMAIN_INFORMATION_EX = record
    Name: LSA_UNICODE_STRING;
    FlatName: LSA_UNICODE_STRING;
    Sid: PSID;
    TrustDirection: ULONG;
    TrustType: ULONG;
    TrustAttributes: ULONG;
  end;
  {$EXTERNALSYM _TRUSTED_DOMAIN_INFORMATION_EX}
  TRUSTED_DOMAIN_INFORMATION_EX = _TRUSTED_DOMAIN_INFORMATION_EX;
  {$EXTERNALSYM TRUSTED_DOMAIN_INFORMATION_EX}
  TTrustedDomainInformationEx = TRUSTED_DOMAIN_INFORMATION_EX;
  PTrustedDomainInformationEx = PTRUSTED_DOMAIN_INFORMATION_EX;

//
// Type of authentication information
//

const
  TRUST_AUTH_TYPE_NONE    = 0; // Ignore this entry
  {$EXTERNALSYM TRUST_AUTH_TYPE_NONE}
  TRUST_AUTH_TYPE_NT4OWF  = 1; // NT4 OWF password
  {$EXTERNALSYM TRUST_AUTH_TYPE_NT4OWF}
  TRUST_AUTH_TYPE_CLEAR   = 2; // Cleartext password
  {$EXTERNALSYM TRUST_AUTH_TYPE_CLEAR}
  TRUST_AUTH_TYPE_VERSION = 3; // Cleartext password version number
  {$EXTERNALSYM TRUST_AUTH_TYPE_VERSION}

type
  PLSA_AUTH_INFORMATION = ^LSA_AUTH_INFORMATION;
  {$EXTERNALSYM PLSA_AUTH_INFORMATION}
  _LSA_AUTH_INFORMATION = record
    LastUpdateTime: LARGE_INTEGER;
    AuthType: ULONG;
    AuthInfoLength: ULONG;
    AuthInfo: PUCHAR;
  end;
  {$EXTERNALSYM _LSA_AUTH_INFORMATION}
  LSA_AUTH_INFORMATION = _LSA_AUTH_INFORMATION;
  {$EXTERNALSYM LSA_AUTH_INFORMATION}
  TLsaAuthInformation = LSA_AUTH_INFORMATION;
  PLsaAuthInformation = PLSA_AUTH_INFORMATION;

  PTRUSTED_DOMAIN_AUTH_INFORMATION = ^TRUSTED_DOMAIN_AUTH_INFORMATION;
  {$EXTERNALSYM PTRUSTED_DOMAIN_AUTH_INFORMATION}
  _TRUSTED_DOMAIN_AUTH_INFORMATION = record
    IncomingAuthInfos: ULONG;
    IncomingAuthenticationInformation: PLSA_AUTH_INFORMATION;
    IncomingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION;
    OutgoingAuthInfos: ULONG;
    OutgoingAuthenticationInformation: PLSA_AUTH_INFORMATION;
    OutgoingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION;
  end;
  {$EXTERNALSYM _TRUSTED_DOMAIN_AUTH_INFORMATION}
  TRUSTED_DOMAIN_AUTH_INFORMATION = _TRUSTED_DOMAIN_AUTH_INFORMATION;
  {$EXTERNALSYM TRUSTED_DOMAIN_AUTH_INFORMATION}
  TTrustedDomainAuthInformation = TRUSTED_DOMAIN_AUTH_INFORMATION;
  PTrustedDomainAuthInformation = PTRUSTED_DOMAIN_AUTH_INFORMATION;

  PTRUSTED_DOMAIN_FULL_INFORMATION = ^TRUSTED_DOMAIN_FULL_INFORMATION;
  {$EXTERNALSYM PTRUSTED_DOMAIN_FULL_INFORMATION}
  _TRUSTED_DOMAIN_FULL_INFORMATION = record
    Information: TRUSTED_DOMAIN_INFORMATION_EX;
    PosixOffset: TRUSTED_POSIX_OFFSET_INFO;
    AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION;
  end;
  {$EXTERNALSYM _TRUSTED_DOMAIN_FULL_INFORMATION}
  TRUSTED_DOMAIN_FULL_INFORMATION = _TRUSTED_DOMAIN_FULL_INFORMATION;
  {$EXTERNALSYM TRUSTED_DOMAIN_FULL_INFORMATION}
  TTrustedDomainFullInformation = TRUSTED_DOMAIN_FULL_INFORMATION;
  PTrustedDomainFullInformation = PTRUSTED_DOMAIN_FULL_INFORMATION;

//
// LSA Enumeration Context
//

  LSA_ENUMERATION_HANDLE = ULONG;
  {$EXTERNALSYM LSA_ENUMERATION_HANDLE}
  PLSA_ENUMERATION_HANDLE = LSA_ENUMERATION_HANDLE;
  {$EXTERNALSYM PLSA_ENUMERATION_HANDLE}

//
// LSA Enumeration Information
//

  PLSA_ENUMERATION_INFORMATION = ^LSA_ENUMERATION_INFORMATION;
  {$EXTERNALSYM PLSA_ENUMERATION_INFORMATION}
  _LSA_ENUMERATION_INFORMATION = record
    Sid: PSID;
  end;
  {$EXTERNALSYM _LSA_ENUMERATION_INFORMATION}
  LSA_ENUMERATION_INFORMATION = _LSA_ENUMERATION_INFORMATION;
  {$EXTERNALSYM LSA_ENUMERATION_INFORMATION}
  TLsaEnumerationInformation = LSA_ENUMERATION_INFORMATION;
  PLsaEnumerationInformation = PLSA_ENUMERATION_INFORMATION;

////////////////////////////////////////////////////////////////////////////
//                                                                        //
// Local Security Policy - Miscellaneous API function prototypes          //
//                                                                        //
////////////////////////////////////////////////////////////////////////////


function LsaFreeMemory(Buffer: PVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaFreeMemory}

function LsaClose(ObjectHandle: LSA_HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaClose}

function LsaOpenPolicy(SystemName: PLSA_UNICODE_STRING;
  var ObjectAttributes: LSA_OBJECT_ATTRIBUTES; DesiredAccess: ACCESS_MASK;
  var PolicyHandle: LSA_HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaOpenPolicy}

function LsaQueryInformationPolicy(PolicyHandle: LSA_HANDLE;
  InformationClass: POLICY_INFORMATION_CLASS; var Buffer: PVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaQueryInformationPolicy}

function LsaSetInformationPolicy(PolicyHandle: LSA_HANDLE;
  InformationClass: POLICY_INFORMATION_CLASS; Buffer: PVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaSetInformationPolicy}

function LsaQueryDomainInformationPolicy(PolicyHandle: LSA_HANDLE;
  InformationClass: POLICY_DOMAIN_INFORMATION_CLASS; Buffer: PPVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaQueryDomainInformationPolicy}

function LsaSetDomainInformationPolicy(PolicyHandle: LSA_HANDLE;
  InformationClass: POLICY_DOMAIN_INFORMATION_CLASS; Buffer: PVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaSetDomainInformationPolicy}

function LsaRegisterPolicyChangeNotification(InformationClass: POLICY_NOTIFICATION_INFORMATION_CLASS;
  NotificationEventHandle: HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaRegisterPolicyChangeNotification}

function LsaUnregisterPolicyChangeNotification(InformationClass: POLICY_NOTIFICATION_INFORMATION_CLASS;
  NotificationEventHandle: HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaUnregisterPolicyChangeNotification}

function LsaEnumerateTrustedDomains(PolicyHandle: LSA_HANDLE;
  var EnumerationContext: LSA_ENUMERATION_HANDLE; Buffer: PPVOID;
  PreferedMaximumLength: ULONG; var CountReturned: ULONG): NTSTATUS; stdcall;
{$EXTERNALSYM LsaEnumerateTrustedDomains}