📄 jwauserenv.pas
字号:
{$EXTERNALSYM GetUserProfileDirectoryW}
{$IFDEF UNICODE}
function GetUserProfileDirectory(hToken: HANDLE; lpProfileDir: LPWSTR;
var lpcchSize: DWORD): BOOL; stdcall;
{$EXTERNALSYM GetUserProfileDirectory}
{$ELSE}
function GetUserProfileDirectory(hToken: HANDLE; lpProfileDir: LPSTR;
var lpcchSize: DWORD): BOOL; stdcall;
{$EXTERNALSYM GetUserProfileDirectory}
{$ENDIF}
//=============================================================================
//
// CreateEnvironmentBlock
//
// Returns the environment variables for the specified user. This block
// can then be passed to CreateProcessAsUser().
//
// lpEnvironment - Receives a pointer to the new environment block
// hToken - User's token returned from LogonUser() (optional, can be NULL)
// bInherit - Inherit from the current process's environment block
// or start from a clean state.
//
// Returns: TRUE if successful
// FALSE if not. Call GetLastError() for more details
//
// Note: If hToken is NULL, the returned environment block will contain
// system variables only.
//
// Call DestroyEnvironmentBlock to free the buffer when finished.
//
// If this block is passed to CreateProcessAsUser, the
// CREATE_UNICODE_ENVIRONMENT flag must also be set.
//
//=============================================================================
function CreateEnvironmentBlock(lpEnvironment: LPLPVOID; hToken: HANDLE;
bInherit: BOOL): BOOL; stdcall;
{$EXTERNALSYM CreateEnvironmentBlock}
//=============================================================================
//
// DestroyEnvironmentBlock
//
// Frees environment variables created by CreateEnvironmentBlock
//
// lpEnvironment - A pointer to the environment block
//
// Returns: TRUE if successful
// FALSE if not. Call GetLastError() for more details
//
//=============================================================================
function DestroyEnvironmentBlock(lpEnvironment: LPVOID): BOOL; stdcall;
{$EXTERNALSYM DestroyEnvironmentBlock}
//=============================================================================
//
// ExpandEnvironmentStringsForUser
//
// Expands the source string using the environment block for the
// specified user. If hToken is null, the system environment block
// will be used (no user environment variables).
//
// hToken - User's token returned from LogonUser() (optional, can be NULL)
// lpSrc - Pointer to the string with environment variables
// lpDest - Buffer that receives the expanded string
// dwSize - Size of lpDest in characters (max chars)
//
// Returns: TRUE if successful
// FALSE if not. Call GetLastError() for more details
//
// Note: If the user profile for hToken is not loaded, this api will fail.
//
//=============================================================================
function ExpandEnvironmentStringsForUserA(hToken: HANDLE; lpSrc: LPCSTR;
lpDest: LPSTR; dwSize: DWORD): BOOL; stdcall;
{$EXTERNALSYM ExpandEnvironmentStringsForUserA}
function ExpandEnvironmentStringsForUserW(hToken: HANDLE; lpSrc: LPCWSTR;
lpDest: LPWSTR; dwSize: DWORD): BOOL; stdcall;
{$EXTERNALSYM ExpandEnvironmentStringsForUserW}
{$IFDEF UNICODE}
function ExpandEnvironmentStringsForUser(hToken: HANDLE; lpSrc: LPCWSTR;
lpDest: LPWSTR; dwSize: DWORD): BOOL; stdcall;
{$EXTERNALSYM ExpandEnvironmentStringsForUser}
{$ELSE}
function ExpandEnvironmentStringsForUser(hToken: HANDLE; lpSrc: LPCSTR;
lpDest: LPSTR; dwSize: DWORD): BOOL; stdcall;
{$EXTERNALSYM ExpandEnvironmentStringsForUser}
{$ENDIF}
//=============================================================================
//
// RefreshPolicy()
//
// Causes group policy to be applied immediately on the client machine
//
// bMachine - Refresh machine or user policy
//
// Returns: TRUE if successful
// FALSE if not. Call GetLastError() for more details
//
//=============================================================================
function RefreshPolicy(bMachine: BOOL): BOOL; stdcall;
{$EXTERNALSYM RefreshPolicy}
//=============================================================================
//
// RefreshPolicyEx()
//
// Causes group policy to be applied immediately on the client machine.
//
// bMachine - Refresh machine or user policy
// dwOptions - Option specifying the kind of refresh that needs to be done.
//
// Returns: TRUE if successful
// FALSE if not. Call GetLastError() for more details
//
//=============================================================================
const
RP_FORCE = 1; // Refresh policies without any optimisations.
{$EXTERNALSYM RP_FORCE}
function RefreshPolicyEx(bMachine: BOOL; dwOptions: DWORD): BOOL; stdcall;
{$EXTERNALSYM RefreshPolicyEx}
//=============================================================================
//
// EnterCriticalPolicySection
//
// Pauses the background application of group policy to allow safe
// reading of the registry. Applications that need to read multiple
// policy entries and ensure that the values are not changed while reading
// them should use this function.
//
// The maximum amount of time an application can hold a critical section
// is 10 minutes. After 10 minutes, policy can be applied again.
//
// bMachine - Pause machine or user policy
//
// Returns: Handle if successful
// NULL if not. Call GetLastError() for more details
//
// Note 1: The handle returned should be passed to LeaveCriticalPolicySection
// when finished. Do not close this handle, LeaveCriticalPolicySection
// will do that.
//
// Note 2: If both user and machine critical sections need to be acquired then
// they should be done in this order: first acquire user critical section and
// then acquire machine critical section.
//
//=============================================================================
function EnterCriticalPolicySection(bMachine: BOOL): HANDLE; stdcall;
{$EXTERNALSYM EnterCriticalPolicySection}
//=============================================================================
//
// LeaveCriticalPolicySection
//
// Resumes the background application of group policy. See
// EnterCriticalPolicySection for more details.
//
// hSection - Handle returned from EnterCriticalPolicySection
//
// Returns: TRUE if successful
// FALSE if not. Call GetLastError() for more details
//
// Note: This function will close the handle.
//
//=============================================================================
function LeaveCriticalPolicySection(hSection: HANDLE): BOOL; stdcall;
{$EXTERNALSYM LeaveCriticalPolicySection}
//=============================================================================
//
// RegisterGPNotification
//
// Entry point for registering for Group Policy change notification.
//
// Parameters: hEvent - Event to be notified, by calling SetEvent(hEvent)
// bMachine - If true, then register machine policy notification
// else register user policy notification
//
// Returns: True if successful
// False if error occurs
//
// Notes: Group Policy Notifications. There are 2 ways an application can
// be notify when Group Policy is finished being applied.
//
// 1) Using the RegisterGPNotifcation function and waiting for the
// event to be signalled.
//
// 2) A WM_SETTINGCHANGE message is broadcast to all desktops.
// wParam - 1 if machine policy was applied, 0 if user policy was applied.
// lParam - Points to the string "Policy"
//
//=============================================================================
function RegisterGPNotification(hEvent: HANDLE; bMachine: BOOL): BOOL; stdcall;
{$EXTERNALSYM RegisterGPNotification}
//=============================================================================
//
// UnregisterGPNotification
//
// Removes registration for a Group Policy change notification.
//
// Parameters: hEvent - Event to be removed
//
// Returns: True if successful
// False if error occurs
//
//=============================================================================
function UnregisterGPNotification(hEvent: HANDLE): BOOL; stdcall;
{$EXTERNALSYM UnregisterGPNotification}
//=============================================================================
//
// GPOptions flags
//
// These are the flags found in the GPOptions property of a DS object
//
// For a given DS object (Site, Domain, OU), the GPOptions property
// contains options that effect all the GPOs link to this SDOU.
//
// This is a DWORD type
//
//=============================================================================
const
GPC_BLOCK_POLICY = $00000001; // Block all non-forced policy from above
{$EXTERNALSYM GPC_BLOCK_POLICY}
//=============================================================================
//
// GPLink flags
//
// These are the flags found on the GPLink property of a DS object after
// the GPO path.
//
// For a given DS object (Site, Domain, OU), the GPLink property will
// be in this text format
//
// [LDAP://CN={E615A0E3-C4F1-11D1-A3A7-00AA00615092},CN=Policies,CN=System,DC=mydomain,DC=Microsoft,DC=Com;1]
//
// The GUID is the GPO name, and the number following the LDAP path are the options
// for that link from this DS object. Note, there can be multiple GPOs
// each in their own square brackets in a prioritized list.
//
//=============================================================================
//
// Options for a GPO link
//
const
GPO_FLAG_DISABLE = $00000001; // This GPO is disabled
{$EXTERNALSYM GPO_FLAG_DISABLE}
GPO_FLAG_FORCE = $00000002; // Don't override the settings in
{$EXTERNALSYM GPO_FLAG_FORCE} // this GPO with settings from a GPO below it.
//=============================================================================
//
// GetGPOList
//
//
// Queries for the list of Group Policy Objects for the specified
// user or machine. This function will return a link list
// of Group Policy Objects. Call FreeGPOList to free the list.
//
// Note, most applications will not need to call this function.
// This will primarily be used by services acting on behalf of
// another user or machine. The caller of this function will
// need to look in each GPO for their specific policy
//
// This function can be called in two different ways. Either the hToken for
// a user or machine can be supplied and the correct name and domain
// controller name will be generated, or hToken is NULL and the caller
// must supply the name and the domain controller name.
//
// Calling this function with an hToken ensures the list of Group Policy
// Objects is correct for the user or machine since security access checking
// can be perfomed. If hToken is not supplied, the security of the caller
// is used instead which means that list may or may not be 100% correct
// for the intended user / machine. However, this is the fastest way
// to call this function.
//
// hToken - User or machine token, if NULL, lpName and lpHostName must be supplied
// lpName - User or machine name in DN format, if hToken is supplied, this must be NULL
// lpHostName - Domain DN name or domain controller name. If hToken is supplied, this must be NULL
// lpComputerName - Computer name to use to determine site location. If NULL,
// the local computer is used as the reference. Format: \\machinename
// dwFlags - Flags field. See flags definition below
// pGPOList - Address of a pointer which receives the link list of GPOs
//
//
// Returns: TRUE if successful
// FALSE if not. Use GetLastError() for more details.
//
// Examples:
//
// Here's how this function will typically be called for
// looking up the list of GPOs for a user:
//
// LPGROUP_POLICY_OBJECT pGPOList;
//
// if (GetGPOList (hToken, NULL, NULL, NULL, 0, &pGPOList))
// {
// // do processing here...
// FreeGPOList (pGPOList);
// }
//
//
// Here's how this function will typically be called for
// looking up the list of GPOs for a machine:
//
// LPGROUP_POLICY_OBJECT pGPOList;
//
// if (GetGPOList (NULL, lpMachineName, lpHostName, lpMachineName,
// GPO_LIST_FLAG_MACHINE, &pGPOList))
// {
// // do processing here...
// FreeGPOList (pGPOList);
// }
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -