📄 jwantsecapi.pas
字号:
const
ForestTrustRecordTypeLast = ForestTrustDomainInfo;
{$EXTERNALSYM ForestTrustRecordTypeLast}
//
// Bottom 16 bits of the flags are reserved for disablement reasons
//
LSA_FTRECORD_DISABLED_REASONS = $0000FFFF;
{$EXTERNALSYM LSA_FTRECORD_DISABLED_REASONS}
//
// Reasons for a top-level name forest trust record to be disabled
//
LSA_TLN_DISABLED_NEW = $00000001;
{$EXTERNALSYM LSA_TLN_DISABLED_NEW}
LSA_TLN_DISABLED_ADMIN = $00000002;
{$EXTERNALSYM LSA_TLN_DISABLED_ADMIN}
LSA_TLN_DISABLED_CONFLICT = $00000004;
{$EXTERNALSYM LSA_TLN_DISABLED_CONFLICT}
//
// Reasons for a domain information forest trust record to be disabled
//
LSA_SID_DISABLED_ADMIN = $00000001;
{$EXTERNALSYM LSA_SID_DISABLED_ADMIN}
LSA_SID_DISABLED_CONFLICT = $00000002;
{$EXTERNALSYM LSA_SID_DISABLED_CONFLICT}
LSA_NB_DISABLED_ADMIN = $00000004;
{$EXTERNALSYM LSA_NB_DISABLED_ADMIN}
LSA_NB_DISABLED_CONFLICT = $00000008;
{$EXTERNALSYM LSA_NB_DISABLED_CONFLICT}
type
PLSA_FOREST_TRUST_DOMAIN_INFO = ^LSA_FOREST_TRUST_DOMAIN_INFO;
{$EXTERNALSYM PLSA_FOREST_TRUST_DOMAIN_INFO}
_LSA_FOREST_TRUST_DOMAIN_INFO = record
Sid: PSID;
DnsName: LSA_UNICODE_STRING;
NetbiosName: LSA_UNICODE_STRING;
end;
{$EXTERNALSYM _LSA_FOREST_TRUST_DOMAIN_INFO}
LSA_FOREST_TRUST_DOMAIN_INFO = _LSA_FOREST_TRUST_DOMAIN_INFO;
{$EXTERNALSYM LSA_FOREST_TRUST_DOMAIN_INFO}
TLsaForestTrustDomainInfo = LSA_FOREST_TRUST_DOMAIN_INFO;
PLsaForestTrustDomainInfo = PLSA_FOREST_TRUST_DOMAIN_INFO;
//
// To prevent huge data to be passed in, we should put a limit on LSA_FOREST_TRUST_BINARY_DATA.
// 128K is large enough that can't be reached in the near future, and small enough not to
// cause memory problems.
const
MAX_FOREST_TRUST_BINARY_DATA_SIZE = (128 * 1024);
{$EXTERNALSYM MAX_FOREST_TRUST_BINARY_DATA_SIZE}
type
PLSA_FOREST_TRUST_BINARY_DATA = ^LSA_FOREST_TRUST_BINARY_DATA;
{$EXTERNALSYM PLSA_FOREST_TRUST_BINARY_DATA}
_LSA_FOREST_TRUST_BINARY_DATA = record
Length: ULONG;
Buffer: PUCHAR;
end;
{$EXTERNALSYM _LSA_FOREST_TRUST_BINARY_DATA}
LSA_FOREST_TRUST_BINARY_DATA = _LSA_FOREST_TRUST_BINARY_DATA;
{$EXTERNALSYM LSA_FOREST_TRUST_BINARY_DATA}
TLsaForestTrustBinaryData = LSA_FOREST_TRUST_BINARY_DATA;
PLsaForestTrustBinaryData = PLSA_FOREST_TRUST_BINARY_DATA;
PLSA_FOREST_TRUST_RECORD = ^LSA_FOREST_TRUST_RECORD;
{$EXTERNALSYM PLSA_FOREST_TRUST_RECORD}
_LSA_FOREST_TRUST_RECORD = record
Flags: ULONG;
ForestTrustType: LSA_FOREST_TRUST_RECORD_TYPE; // type of record
Time: LARGE_INTEGER;
case Integer of // actual data
0: (TopLevelName: LSA_UNICODE_STRING);
1: (DomainInfo: LSA_FOREST_TRUST_DOMAIN_INFO);
2: (Data: LSA_FOREST_TRUST_BINARY_DATA); // used for unrecognized types
// } ForestTrustData;
end;
{$EXTERNALSYM _LSA_FOREST_TRUST_RECORD}
LSA_FOREST_TRUST_RECORD = _LSA_FOREST_TRUST_RECORD;
{$EXTERNALSYM LSA_FOREST_TRUST_RECORD}
TLsaForestTrustRecord = LSA_FOREST_TRUST_RECORD;
PLsaForestTrustRecord = PLSA_FOREST_TRUST_RECORD;
//
// To prevent forest trust blobs of large size, number of records must be
// smaller than MAX_RECORDS_IN_FOREST_TRUST_INFO
//
const
MAX_RECORDS_IN_FOREST_TRUST_INFO = 4000;
{$EXTERNALSYM MAX_RECORDS_IN_FOREST_TRUST_INFO}
type
PLSA_FOREST_TRUST_INFORMATION = ^LSA_FOREST_TRUST_INFORMATION;
{$EXTERNALSYM PLSA_FOREST_TRUST_INFORMATION}
_LSA_FOREST_TRUST_INFORMATION = record
RecordCount: ULONG;
Entries: ^PLSA_FOREST_TRUST_RECORD;
end;
{$EXTERNALSYM _LSA_FOREST_TRUST_INFORMATION}
LSA_FOREST_TRUST_INFORMATION = _LSA_FOREST_TRUST_INFORMATION;
{$EXTERNALSYM LSA_FOREST_TRUST_INFORMATION}
TLsaForestTrustInformation = LSA_FOREST_TRUST_INFORMATION;
PLsaForestTrustInformation = PLSA_FOREST_TRUST_INFORMATION;
LSA_FOREST_TRUST_COLLISION_RECORD_TYPE = (
CollisionTdo,
CollisionXref,
CollisionOther);
{$EXTERNALSYM LSA_FOREST_TRUST_COLLISION_RECORD_TYPE}
TLsaForestTrustCollisionRecordType = LSA_FOREST_TRUST_COLLISION_RECORD_TYPE;
PLSA_FOREST_TRUST_COLLISION_RECORD = ^LSA_FOREST_TRUST_COLLISION_RECORD;
{$EXTERNALSYM PLSA_FOREST_TRUST_COLLISION_RECORD}
_LSA_FOREST_TRUST_COLLISION_RECORD = record
Index: ULONG;
Type_: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE;
Flags: ULONG;
Name: LSA_UNICODE_STRING;
end;
{$EXTERNALSYM _LSA_FOREST_TRUST_COLLISION_RECORD}
LSA_FOREST_TRUST_COLLISION_RECORD = _LSA_FOREST_TRUST_COLLISION_RECORD;
{$EXTERNALSYM LSA_FOREST_TRUST_COLLISION_RECORD}
TLsaForestTrustCollisionRecord = LSA_FOREST_TRUST_COLLISION_RECORD;
PLsaForestTrustCollisionRecord = PLSA_FOREST_TRUST_COLLISION_RECORD;
PLSA_FOREST_TRUST_COLLISION_INFORMATION = ^LSA_FOREST_TRUST_COLLISION_INFORMATION;
{$EXTERNALSYM PLSA_FOREST_TRUST_COLLISION_INFORMATION}
_LSA_FOREST_TRUST_COLLISION_INFORMATION = record
RecordCount: ULONG;
Entries: ^PLSA_FOREST_TRUST_COLLISION_RECORD;
end;
{$EXTERNALSYM _LSA_FOREST_TRUST_COLLISION_INFORMATION}
LSA_FOREST_TRUST_COLLISION_INFORMATION = _LSA_FOREST_TRUST_COLLISION_INFORMATION;
{$EXTERNALSYM LSA_FOREST_TRUST_COLLISION_INFORMATION}
TLsaForestTrustCollisionInformation = LSA_FOREST_TRUST_COLLISION_INFORMATION;
PLsaForestTrustCollisionInformation = PLSA_FOREST_TRUST_COLLISION_INFORMATION;
//
// LSA Enumeration Context
//
LSA_ENUMERATION_HANDLE = ULONG;
{$EXTERNALSYM LSA_ENUMERATION_HANDLE}
PLSA_ENUMERATION_HANDLE = LSA_ENUMERATION_HANDLE;
{$EXTERNALSYM PLSA_ENUMERATION_HANDLE}
//
// LSA Enumeration Information
//
PLSA_ENUMERATION_INFORMATION = ^LSA_ENUMERATION_INFORMATION;
{$EXTERNALSYM PLSA_ENUMERATION_INFORMATION}
_LSA_ENUMERATION_INFORMATION = record
Sid: PSID;
end;
{$EXTERNALSYM _LSA_ENUMERATION_INFORMATION}
LSA_ENUMERATION_INFORMATION = _LSA_ENUMERATION_INFORMATION;
{$EXTERNALSYM LSA_ENUMERATION_INFORMATION}
TLsaEnumerationInformation = LSA_ENUMERATION_INFORMATION;
PLsaEnumerationInformation = PLSA_ENUMERATION_INFORMATION;
////////////////////////////////////////////////////////////////////////////
// //
// Local Security Policy - Miscellaneous API function prototypes //
// //
////////////////////////////////////////////////////////////////////////////
function LsaFreeMemory(Buffer: PVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaFreeMemory}
function LsaClose(ObjectHandle: LSA_HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaClose}
type
_SECURITY_LOGON_SESSION_DATA = record
Size: ULONG;
LogonId: LUID;
UserName: LSA_UNICODE_STRING;
LogonDomain: LSA_UNICODE_STRING;
AuthenticationPackage: LSA_UNICODE_STRING;
LogonType: SECURITY_LOGON_TYPE;
Session: ULONG;
Sid: PSID;
LogonTime: LARGE_INTEGER;
//
// new for whistler:
//
LogonServer: LSA_UNICODE_STRING;
DnsDomainName: LSA_UNICODE_STRING;
Upn: LSA_UNICODE_STRING;
end;
{$EXTERNALSYM _SECURITY_LOGON_SESSION_DATA}
SECURITY_LOGON_SESSION_DATA = _SECURITY_LOGON_SESSION_DATA;
{$EXTERNALSYM SECURITY_LOGON_SESSION_DATA}
PSECURITY_LOGON_SESSION_DATA = ^SECURITY_LOGON_SESSION_DATA;
{$EXTERNALSYM PSECURITY_LOGON_SESSION_DATA}
TSecurityLogonSessionData = SECURITY_LOGON_SESSION_DATA;
PSecurityLogonSessionData = PSECURITY_LOGON_SESSION_DATA;
function LsaEnumerateLogonSessions(LogonSessionCount: PULONG; var LogonSessionList: PLUID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaEnumerateLogonSessions}
function LsaGetLogonSessionData(LogonId: PLUID; var ppLogonSessionData: PSECURITY_LOGON_SESSION_DATA): NTSTATUS; stdcall;
{$EXTERNALSYM LsaGetLogonSessionData}
function LsaOpenPolicy(SystemName: PLSA_UNICODE_STRING;
var ObjectAttributes: LSA_OBJECT_ATTRIBUTES; DesiredAccess: ACCESS_MASK;
var PolicyHandle: LSA_HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaOpenPolicy}
function LsaQueryInformationPolicy(PolicyHandle: LSA_HANDLE;
InformationClass: POLICY_INFORMATION_CLASS; var Buffer: PVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaQueryInformationPolicy}
function LsaSetInformationPolicy(PolicyHandle: LSA_HANDLE;
InformationClass: POLICY_INFORMATION_CLASS; Buffer: PVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaSetInformationPolicy}
function LsaQueryDomainInformationPolicy(PolicyHandle: LSA_HANDLE;
InformationClass: POLICY_DOMAIN_INFORMATION_CLASS; Buffer: PPVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaQueryDomainInformationPolicy}
function LsaSetDomainInformationPolicy(PolicyHandle: LSA_HANDLE;
InformationClass: POLICY_DOMAIN_INFORMATION_CLASS; Buffer: PVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaSetDomainInformationPolicy}
function LsaRegisterPolicyChangeNotification(InformationClass: POLICY_NOTIFICATION_INFORMATION_CLASS;
NotificationEventHandle: HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaRegisterPolicyChangeNotification}
function LsaUnregisterPolicyChangeNotification(InformationClass: POLICY_NOTIFICATION_INFORMATION_CLASS;
NotificationEventHandle: HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaUnregisterPolicyChangeNotification}
function LsaEnumerateTrustedDomains(PolicyHandle: LSA_HANDLE;
var EnumerationContext: LSA_ENUMERATION_HANDLE; Buffer: PPVOID;
PreferedMaximumLength: ULONG; var CountReturned: ULONG): NTSTATUS; stdcall;
{$EXTERNALSYM LsaEnumerateTrustedDomains}
function LsaLookupNames(PolicyHandle: LSA_HANDLE; Count: ULONG;
Names: PLSA_UNICODE_STRING; var ReferencedDomains: PLSA_REFERENCED_DOMAIN_LIST;
var Sids: PLSA_TRANSLATED_SID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaLookupNames}
function LsaLookupNames2(PolicyHandle: LSA_HANDLE; Flags, Count: ULONG; Names: PLSA_UNICODE_STRING;
var ReferencedDomains: PLSA_REFERENCED_DOMAIN_LIST; var Sids: PLSA_TRANSLATED_SID2): NTSTATUS; stdcall;
{$EXTERNALSYM LsaLookupNames2}
function LsaLookupSids(PolicyHandle: LSA_HANDLE; Count: ULONG; Sids: PPSID;
var ReferencedDomains: PLSA_REFERENCED_DOMAIN_LIST;
var Names: PLSA_TRANSLATED_NAME): NTSTATUS; stdcall;
{$EXTERNALSYM LsaLookupSids}
const
SE_INTERACTIVE_LOGON_NAME = 'SeInteractiveLogonRight';
{$EXTERNALSYM SE_INTERACTIVE_LOGON_NAME}
SE_NETWORK_LOGON_NAME = 'SeNetworkLogonRight';
{$EXTERNALSYM SE_NETWORK_LOGON_NAME}
SE_BATCH_LOGON_NAME = 'SeBatchLogonRight';
{$EXTERNALSYM SE_BATCH_LOGON_NAME}
SE_SERVICE_LOGON_NAME = 'SeServiceLogonRight';
{$EXTERNALSYM SE_SERVICE_LOGON_NAME}
SE_DENY_INTERACTIVE_LOGON_NAME = 'SeDenyInteractiveLogonRight';
{$EXTERNALSYM SE_DENY_INTERACTIVE_LOGON_NAME}
SE_DENY_NETWORK_LOGON_NAME = 'SeDenyNetworkLogonRight';
{$EXTERNALSYM SE_DENY_NETWORK_LOGON_NAME}
SE_DENY_BATCH_LOGON_NAME = 'SeDenyBatchLogonRight';
{$EXTERNALSYM SE_DENY_BATCH_LOGON_NAME}
SE_DENY_SERVICE_LOGON_NAME = 'SeDenyServiceLogonRight';
{$EXTERNALSYM SE_DENY_SERVICE_LOGON_NAME}
SE_REMOTE_INTERACTIVE_LOGON_NAME = 'SeRemoteInteractiveLogonRight';
{$EXTERNALSYM SE_REMOTE_INTERACTIVE_LOGON_NAME}
SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME = 'SeDenyRemoteInteractiveLogonRight';
{$EXTERNALSYM SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME}
//
// This new API returns all the accounts with a certain privilege
//
function LsaEnumerateAccountsWithUserRight(PolicyHandle: LSA_HANDLE;
UserRights: PLSA_UNICODE_STRING; var EnumerationBuffer: PLSA_ENUMERATION_INFORMATION;
var CountReturned: ULONG): NTSTATUS; stdcall;
{$EXTERNALSYM LsaEnumerateAccountsWithUserRight}
//
// These new APIs differ by taking a SID instead of requiring the caller
// to open the account first and passing in an account handle
//
function LsaEnumerateAccountRights(PolicyHandle: LSA_HANDLE; AccountSid: PSID;
var UserRights: PLSA_UNICODE_STRING; var CountOfRights: ULONG): NTSTATUS; stdcall;
{$EXTERNALSYM LsaEnumerateAccountRights}
function LsaAddAccountRights(PolicyHandle: LSA_HANDLE; AccountSid: PSID;
UserRights: PLSA_UNICODE_STRING; CountOfRights: ULONG): NTSTATUS; stdcall;
{$EXTERNALSYM LsaAddAccountRights}
function LsaRemoveAccountRights(PolicyHandle: LSA_HANDLE; AccountSid: PSID;
AllRights: ByteBool; UserRights: PLSA_UNICODE_STRING; CountOfRights: ULONG): NTSTATUS; stdcall;
{$EXTERNALSYM LsaRemoveAccountRights}
///////////////////////////////////////////////////////////////////////////////
// //
// Local Security Policy - Trusted Domain Object API function prototypes //
// //
///////////////////////////////////////////////////////////////////////////////
function LsaOpenTrustedDomainByName(PolicyHandle: LSA_HANDLE;
const TrustedDomainName: LSA_UNICODE_STRING; DesiredAccess: ACCESS_MASK;
var TrustedDomainHandle: LSA_HANDLE): NTSTATUS; stdcall;
{$EXTERNALSYM LsaOpenTrustedDomainByName}
function LsaQueryTrustedDomainInfo(PolicyHandle: LSA_HANDLE; TrustedDomainSid: PSID;
InformationClass: TRUSTED_INFORMATION_CLASS; Buffer: PPVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaQueryTrustedDomainInfo}
function LsaSetTrustedDomainInformation(PolicyHandle: LSA_HANDLE; TrustedDomainSid: PSID;
InformationClass: TRUSTED_INFORMATION_CLASS; Buffer: PVOID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaSetTrustedDomainInformation}
function LsaDeleteTrustedDomain(PolicyHandle: LSA_HANDLE; TrustedDomainSid: PSID): NTSTATUS; stdcall;
{$EXTERNALSYM LsaDeleteTrustedDomain}
function LsaQueryTrustedDomainInfoByName(PolicyHandle: LSA_HANDLE;
con⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -