1 #ifndef _LMAUDIT_H 2 #define _LMAUDIT_H 3 4 #ifdef __cplusplus 5 extern "C" { 6 #endif 7 #define REVISED_AUDIT_ENTRY_STRUCT 8 #define LOGFLAGS_FORWARD 0 9 #define LOGFLAGS_BACKWARD 1 10 #define LOGFLAGS_SEEK 2 11 #define ACTION_LOCKOUT 0 12 #define ACTION_ADMINUNLOCK 1 13 #define AE_GUEST 0 14 #define AE_USER 1 15 #define AE_ADMIN 2 16 #define AE_NORMAL 0 17 #define AE_USERLIMIT 0 18 #define AE_GENERAL 0 19 #define AE_ERROR 1 20 #define AE_SESSDIS 1 21 #define AE_BADPW 1 22 #define AE_AUTODIS 2 23 #define AE_UNSHARE 2 24 #define AE_ADMINPRIVREQD 2 25 #define AE_ADMINDIS 3 26 #define AE_NOACCESSPERM 3 27 #define AE_ACCRESTRICT 4 28 #define AE_NORMAL_CLOSE 0 29 #define AE_SES_CLOSE 1 30 #define AE_ADMIN_CLOSE 2 31 #define AE_LIM_UNKNOWN 0 32 #define AE_LIM_LOGONHOURS 1 33 #define AE_LIM_EXPIRED 2 34 #define AE_LIM_INVAL_WKSTA 3 35 #define AE_LIM_DISABLED 4 36 #define AE_LIM_DELETED 5 37 #define AE_MOD 0 38 #define AE_DELETE 1 39 #define AE_ADD 2 40 #define AE_UAS_USER 0 41 #define AE_UAS_GROUP 1 42 #define AE_UAS_MODALS 2 43 #define SVAUD_SERVICE 1 44 #define SVAUD_GOODSESSLOGON 6 45 #define SVAUD_BADSESSLOGON 24 46 #define SVAUD_SESSLOGON (SVAUD_GOODSESSLOGON|SVAUD_BADSESSLOGON) 47 #define SVAUD_GOODNETLOGON 96 48 #define SVAUD_BADNETLOGON 384 49 #define SVAUD_NETLOGON (SVAUD_GOODNETLOGON|SVAUD_BADNETLOGON) 50 #define SVAUD_LOGON (SVAUD_NETLOGON|SVAUD_SESSLOGON) 51 #define SVAUD_GOODUSE 0x600 52 #define SVAUD_BADUSE 0x1800 53 #define SVAUD_USE (SVAUD_GOODUSE|SVAUD_BADUSE) 54 #define SVAUD_USERLIST 8192 55 #define SVAUD_PERMISSIONS 16384 56 #define SVAUD_RESOURCE 32768 57 #define SVAUD_LOGONLIM 65536 58 #define AA_AUDIT_ALL 1 59 #define AA_A_OWNER 4 60 #define AA_CLOSE 8 61 #define AA_S_OPEN 16 62 #define AA_S_WRITE 32 63 #define AA_S_CREATE 32 64 #define AA_S_DELETE 64 65 #define AA_S_ACL 128 66 #define AA_S_ALL 253 67 #define AA_F_OPEN 256 68 #define AA_F_WRITE 512 69 #define AA_F_CREATE 512 70 #define AA_F_DELETE 1024 71 #define AA_F_ACL 2048 72 #define AA_F_ALL (AA_F_OPEN|AA_F_WRITE|AA_F_DELETE|AA_F_ACL) 73 #define AA_A_OPEN 2048 74 #define AA_A_WRITE 4096 75 #define AA_A_CREATE 8192 76 #define AA_A_DELETE 16384 77 #define AA_A_ACL 32768 78 #define AA_A_ALL (AA_F_OPEN|AA_F_WRITE|AA_F_DELETE|AA_F_ACL) 79 typedef struct _AUDIT_ENTRY { 80 DWORD ae_len; 81 DWORD ae_reserved; 82 DWORD ae_time; 83 DWORD ae_type; 84 DWORD ae_data_offset; 85 DWORD ae_data_size; 86 } AUDIT_ENTRY,*PAUDIT_ENTRY,*LPAUDIT_ENTRY; 87 typedef struct _HLOG { 88 DWORD time; 89 DWORD last_flags; 90 DWORD offset; 91 DWORD rec_offset; 92 } HLOG,*PHLOG,*LPHLOG; 93 typedef struct _AE_SRVSTATUS { 94 DWORD ae_sv_status; 95 } AE_SRVSTATUS,*PAE_SRVSTATUS,*LPAE_SRVSTATUS; 96 typedef struct _AE_SESSLOGON { 97 DWORD ae_so_compname; 98 DWORD ae_so_username; 99 DWORD ae_so_privilege; 100 } AE_SESSLOGON,*PAE_SESSLOGON,*LPAE_SESSLOGON; 101 typedef struct _AE_SESSLOGOFF { 102 DWORD ae_sf_compname; 103 DWORD ae_sf_username; 104 DWORD ae_sf_reason; 105 } AE_SESSLOGOFF,*PAE_SESSLOGOFF,*LPAE_SESSLOGOFF; 106 typedef struct _AE_SESSPWERR { 107 DWORD ae_sp_compname; 108 DWORD ae_sp_username; 109 } AE_SESSPWERR,*PAE_SESSPWERR,*LPAE_SESSPWERR; 110 typedef struct _AE_CONNSTART { 111 DWORD ae_ct_compname; 112 DWORD ae_ct_username; 113 DWORD ae_ct_netname; 114 DWORD ae_ct_connid; 115 } AE_CONNSTART,*PAE_CONNSTART,*LPAE_CONNSTART; 116 typedef struct _AE_CONNSTOP { 117 DWORD ae_cp_compname; 118 DWORD ae_cp_username; 119 DWORD ae_cp_netname; 120 DWORD ae_cp_connid; 121 DWORD ae_cp_reason; 122 } AE_CONNSTOP,*PAE_CONNSTOP,*LPAE_CONNSTOP; 123 typedef struct _AE_CONNREJ { 124 DWORD ae_cr_compname; 125 DWORD ae_cr_username; 126 DWORD ae_cr_netname; 127 DWORD ae_cr_reason; 128 } AE_CONNREJ,*PAE_CONNREJ,*LPAE_CONNREJ; 129 typedef struct _AE_RESACCESS { 130 DWORD ae_ra_compname; 131 DWORD ae_ra_username; 132 DWORD ae_ra_resname; 133 DWORD ae_ra_operation; 134 DWORD ae_ra_returncode; 135 DWORD ae_ra_restype; 136 DWORD ae_ra_fileid; 137 } AE_RESACCESS,*PAE_RESACCESS,*LPAE_RESACCESS; 138 typedef struct _AE_RESACCESSREJ { 139 DWORD ae_rr_compname; 140 DWORD ae_rr_username; 141 DWORD ae_rr_resname; 142 DWORD ae_rr_operation; 143 } AE_RESACCESSREJ,*PAE_RESACCESSREJ,*LPAE_RESACCESSREJ; 144 typedef struct _AE_CLOSEFILE { 145 DWORD ae_cf_compname; 146 DWORD ae_cf_username; 147 DWORD ae_cf_resname; 148 DWORD ae_cf_fileid; 149 DWORD ae_cf_duration; 150 DWORD ae_cf_reason; 151 } AE_CLOSEFILE,*PAE_CLOSEFILE,*LPAE_CLOSEFILE; 152 typedef struct _AE_SERVICESTAT { 153 DWORD ae_ss_compname; 154 DWORD ae_ss_username; 155 DWORD ae_ss_svcname; 156 DWORD ae_ss_status; 157 DWORD ae_ss_code; 158 DWORD ae_ss_text; 159 DWORD ae_ss_returnval; 160 } AE_SERVICESTAT,*PAE_SERVICESTAT,*LPAE_SERVICESTAT; 161 typedef struct _AE_ACLMOD { 162 DWORD ae_am_compname; 163 DWORD ae_am_username; 164 DWORD ae_am_resname; 165 DWORD ae_am_action; 166 DWORD ae_am_datalen; 167 } AE_ACLMOD,*PAE_ACLMOD,*LPAE_ACLMOD; 168 typedef struct _AE_UASMOD { 169 DWORD ae_um_compname; 170 DWORD ae_um_username; 171 DWORD ae_um_resname; 172 DWORD ae_um_rectype; 173 DWORD ae_um_action; 174 DWORD ae_um_datalen; 175 } AE_UASMOD,*PAE_UASMOD,*LPAE_UASMOD; 176 typedef struct _AE_NETLOGON { 177 DWORD ae_no_compname; 178 DWORD ae_no_username; 179 DWORD ae_no_privilege; 180 DWORD ae_no_authflags; 181 } AE_NETLOGON,*PAE_NETLOGON,*LPAE_NETLOGON; 182 typedef struct _AE_NETLOGOFF { 183 DWORD ae_nf_compname; 184 DWORD ae_nf_username; 185 DWORD ae_nf_reserved1; 186 DWORD ae_nf_reserved2; 187 } AE_NETLOGOFF,*PAE_NETLOGOFF,*LPAE_NETLOGOFF; 188 typedef struct _AE_ACCLIM { 189 DWORD ae_al_compname; 190 DWORD ae_al_username; 191 DWORD ae_al_resname; 192 DWORD ae_al_limit; 193 } AE_ACCLIM,*PAE_ACCLIM,*LPAE_ACCLIM; 194 typedef struct _AE_LOCKOUT { 195 DWORD ae_lk_compname; 196 DWORD ae_lk_username; 197 DWORD ae_lk_action; 198 DWORD ae_lk_bad_pw_count; 199 } AE_LOCKOUT,*PAE_LOCKOUT,*LPAE_LOCKOUT; 200 typedef struct _AE_GENERIC { 201 DWORD ae_ge_msgfile; 202 DWORD ae_ge_msgnum; 203 DWORD ae_ge_params; 204 DWORD ae_ge_param1; 205 DWORD ae_ge_param2; 206 DWORD ae_ge_param3; 207 DWORD ae_ge_param4; 208 DWORD ae_ge_param5; 209 DWORD ae_ge_param6; 210 DWORD ae_ge_param7; 211 DWORD ae_ge_param8; 212 DWORD ae_ge_param9; 213 } AE_GENERIC,*PAE_GENERIC,*LPAE_GENERIC; 214 NET_API_STATUS WINAPI NetAuditClear(LPCWSTR,LPCWSTR,LPCWSTR); 215 NET_API_STATUS WINAPI NetAuditRead(LPCWSTR,LPCWSTR,LPHLOG,DWORD,PDWORD,DWORD,DWORD,PBYTE*,DWORD,PDWORD,PDWORD); 216 NET_API_STATUS WINAPI NetAuditWrite(DWORD,PBYTE,DWORD,LPCWSTR,PBYTE); 217 218 /* These conflict with struct typedefs, why? */ 219 #define AE_SRVSTATUS 0 220 #define AE_SESSLOGON 1 221 #define AE_SESSLOGOFF 2 222 #define AE_SESSPWERR 3 223 #define AE_CONNSTART 4 224 #define AE_CONNSTOP 5 225 #define AE_CONNREJ 6 226 #define AE_RESACCESS 7 227 #define AE_RESACCESSREJ 8 228 #define AE_CLOSEFILE 9 229 #define AE_SERVICESTAT 11 230 #define AE_ACLMOD 12 231 #define AE_UASMOD 13 232 #define AE_NETLOGON 14 233 #define AE_NETLOGOFF 15 234 #define AE_NETLOGDENIED 16 235 #define AE_ACCLIMITEXCD 17 236 #define AE_RESACCESS2 18 237 #define AE_ACLMODFAIL 19 238 #define AE_LOCKOUT 20 239 #define AE_GENERIC_TYPE 21 240 #define AE_SRVSTART 0 241 #define AE_SRVPAUSED 1 242 #define AE_SRVCONT 2 243 #define AE_SRVSTOP 3 244 #ifdef __cplusplus 245 } 246 #endif 247 #endif 248