1 // Copyright © 2015, skdltmxn
2 // Licensed under the MIT License <LICENSE.md>
3 //! This module defines the Local Security Authority APIs.
4 DEFINE_GUID!(Audit_System_SecurityStateChange, 0x0cce9210, 0x69ae, 0x11d9,
5     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
6 DEFINE_GUID!(Audit_System_SecuritySubsystemExtension, 0x0cce9211, 0x69ae, 0x11d9,
7     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
8 DEFINE_GUID!(Audit_System_Integrity, 0x0cce9212, 0x69ae, 0x11d9,
9     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
10 DEFINE_GUID!(Audit_System_IPSecDriverEvents, 0x0cce9213, 0x69ae, 0x11d9,
11     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
12 DEFINE_GUID!(Audit_System_Others, 0x0cce9214, 0x69ae, 0x11d9,
13     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
14 DEFINE_GUID!(Audit_Logon_Logon, 0x0cce9215, 0x69ae, 0x11d9,
15     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
16 DEFINE_GUID!(Audit_Logon_Logoff, 0x0cce9216, 0x69ae, 0x11d9,
17     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
18 DEFINE_GUID!(Audit_Logon_AccountLockout, 0x0cce9217, 0x69ae, 0x11d9,
19     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
20 DEFINE_GUID!(Audit_Logon_IPSecMainMode, 0x0cce9218, 0x69ae, 0x11d9,
21     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
22 DEFINE_GUID!(Audit_Logon_IPSecQuickMode, 0x0cce9219, 0x69ae, 0x11d9,
23     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
24 DEFINE_GUID!(Audit_Logon_IPSecUserMode, 0x0cce921a, 0x69ae, 0x11d9,
25     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
26 DEFINE_GUID!(Audit_Logon_SpecialLogon, 0x0cce921b, 0x69ae, 0x11d9,
27     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
28 DEFINE_GUID!(Audit_Logon_Others, 0x0cce921c, 0x69ae, 0x11d9,
29     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
30 DEFINE_GUID!(Audit_ObjectAccess_FileSystem, 0x0cce921d, 0x69ae, 0x11d9,
31     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
32 DEFINE_GUID!(Audit_ObjectAccess_Registry, 0x0cce921e, 0x69ae, 0x11d9,
33     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
34 DEFINE_GUID!(Audit_ObjectAccess_Kernel, 0x0cce921f, 0x69ae, 0x11d9,
35     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
36 DEFINE_GUID!(Audit_ObjectAccess_Sam, 0x0cce9220, 0x69ae, 0x11d9,
37     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
38 DEFINE_GUID!(Audit_ObjectAccess_CertificationServices, 0x0cce9221, 0x69ae, 0x11d9,
39     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
40 DEFINE_GUID!(Audit_ObjectAccess_ApplicationGenerated, 0x0cce9222, 0x69ae, 0x11d9,
41     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
42 DEFINE_GUID!(Audit_ObjectAccess_Handle, 0x0cce9223, 0x69ae, 0x11d9,
43     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
44 DEFINE_GUID!(Audit_ObjectAccess_Share, 0x0cce9224, 0x69ae, 0x11d9,
45     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
46 DEFINE_GUID!(Audit_ObjectAccess_FirewallPacketDrops, 0x0cce9225, 0x69ae, 0x11d9,
47     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
48 DEFINE_GUID!(Audit_ObjectAccess_FirewallConnection, 0x0cce9226, 0x69ae, 0x11d9,
49     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
50 DEFINE_GUID!(Audit_ObjectAccess_Other, 0x0cce9227, 0x69ae, 0x11d9,
51     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
52 DEFINE_GUID!(Audit_PrivilegeUse_Sensitive, 0x0cce9228, 0x69ae, 0x11d9,
53     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
54 DEFINE_GUID!(Audit_PrivilegeUse_NonSensitive, 0x0cce9229, 0x69ae, 0x11d9,
55     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
56 DEFINE_GUID!(Audit_PrivilegeUse_Others, 0x0cce922a, 0x69ae, 0x11d9,
57     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
58 DEFINE_GUID!(Audit_DetailedTracking_ProcessCreation, 0x0cce922b, 0x69ae, 0x11d9,
59     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
60 DEFINE_GUID!(Audit_DetailedTracking_ProcessTermination, 0x0cce922c, 0x69ae, 0x11d9,
61     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
62 DEFINE_GUID!(Audit_DetailedTracking_DpapiActivity, 0x0cce922d, 0x69ae, 0x11d9,
63     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
64 DEFINE_GUID!(Audit_DetailedTracking_RpcCall, 0x0cce922e, 0x69ae, 0x11d9,
65     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
66 DEFINE_GUID!(Audit_PolicyChange_AuditPolicy, 0x0cce922f, 0x69ae, 0x11d9,
67     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
68 DEFINE_GUID!(Audit_PolicyChange_AuthenticationPolicy, 0x0cce9230, 0x69ae, 0x11d9,
69     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
70 DEFINE_GUID!(Audit_PolicyChange_AuthorizationPolicy, 0x0cce9231, 0x69ae, 0x11d9,
71     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
72 DEFINE_GUID!(Audit_PolicyChange_MpsscvRulePolicy, 0x0cce9232, 0x69ae, 0x11d9,
73     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
74 DEFINE_GUID!(Audit_PolicyChange_WfpIPSecPolicy, 0x0cce9233, 0x69ae, 0x11d9,
75     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
76 DEFINE_GUID!(Audit_PolicyChange_Others, 0x0cce9234, 0x69ae, 0x11d9,
77     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
78 DEFINE_GUID!(Audit_AccountManagement_UserAccount, 0x0cce9235, 0x69ae, 0x11d9,
79     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
80 DEFINE_GUID!(Audit_AccountManagement_ComputerAccount, 0x0cce9236, 0x69ae, 0x11d9,
81     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
82 DEFINE_GUID!(Audit_AccountManagement_SecurityGroup, 0x0cce9237, 0x69ae, 0x11d9,
83     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
84 DEFINE_GUID!(Audit_AccountManagement_DistributionGroup, 0x0cce9238, 0x69ae, 0x11d9,
85     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
86 DEFINE_GUID!(Audit_AccountManagement_ApplicationGroup, 0x0cce9239, 0x69ae, 0x11d9,
87     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
88 DEFINE_GUID!(Audit_AccountManagement_Others, 0x0cce923a, 0x69ae, 0x11d9,
89     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
90 DEFINE_GUID!(Audit_DSAccess_DSAccess, 0x0cce923b, 0x69ae, 0x11d9,
91     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
92 DEFINE_GUID!(Audit_DsAccess_AdAuditChanges, 0x0cce923c, 0x69ae, 0x11d9,
93     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
94 DEFINE_GUID!(Audit_Ds_Replication, 0x0cce923d, 0x69ae, 0x11d9,
95     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
96 DEFINE_GUID!(Audit_Ds_DetailedReplication, 0x0cce923e, 0x69ae, 0x11d9,
97     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
98 DEFINE_GUID!(Audit_AccountLogon_CredentialValidation, 0x0cce923f, 0x69ae, 0x11d9,
99     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
100 DEFINE_GUID!(Audit_AccountLogon_Kerberos, 0x0cce9240, 0x69ae, 0x11d9,
101     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
102 DEFINE_GUID!(Audit_AccountLogon_Others, 0x0cce9241, 0x69ae, 0x11d9,
103     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
104 DEFINE_GUID!(Audit_AccountLogon_KerbCredentialValidation, 0x0cce9242, 0x69ae, 0x11d9,
105     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
106 DEFINE_GUID!(Audit_Logon_NPS, 0x0cce9243, 0x69ae, 0x11d9,
107     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
108 DEFINE_GUID!(Audit_ObjectAccess_DetailedFileShare, 0x0cce9244, 0x69ae, 0x11d9,
109     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
110 DEFINE_GUID!(Audit_ObjectAccess_RemovableStorage, 0x0cce9245, 0x69ae, 0x11d9,
111     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
112 DEFINE_GUID!(Audit_ObjectAccess_CbacStaging, 0x0cce9246, 0x69ae, 0x11d9,
113     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
114 DEFINE_GUID!(Audit_Logon_Claims, 0x0cce9247, 0x69ae, 0x11d9,
115     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
116 DEFINE_GUID!(Audit_System, 0x69979848, 0x797a, 0x11d9,
117     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
118 DEFINE_GUID!(Audit_Logon, 0x69979849, 0x797a, 0x11d9,
119     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
120 DEFINE_GUID!(Audit_ObjectAccess, 0x6997984a, 0x797a, 0x11d9,
121     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
122 DEFINE_GUID!(Audit_PrivilegeUse, 0x6997984b, 0x797a, 0x11d9,
123     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
124 DEFINE_GUID!(Audit_DetailedTracking, 0x6997984c, 0x797a, 0x11d9,
125     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
126 DEFINE_GUID!(Audit_PolicyChange, 0x6997984d, 0x797a, 0x11d9,
127     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
128 DEFINE_GUID!(Audit_AccountManagement, 0x6997984e, 0x797a, 0x11d9,
129     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
130 DEFINE_GUID!(Audit_DirectoryServiceAccess, 0x6997984f, 0x797a, 0x11d9,
131     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
132 DEFINE_GUID!(Audit_AccountLogon, 0x69979850, 0x797a, 0x11d9,
133     0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
134 ENUM!{enum POLICY_AUDIT_EVENT_TYPE {
135     AuditCategorySystem = 0,
136     AuditCategoryLogon,
137     AuditCategoryObjectAccess,
138     AuditCategoryPrivilegeUse,
139     AuditCategoryDetailedTracking,
140     AuditCategoryPolicyChange,
141     AuditCategoryAccountManagement,
142     AuditCategoryDirectoryServiceAccess,
143     AuditCategoryAccountLogon,
144 }}
145 pub type PPOLICY_AUDIT_EVENT_TYPE = *mut POLICY_AUDIT_EVENT_TYPE;
146 pub const POLICY_AUDIT_EVENT_UNCHANGED: POLICY_AUDIT_EVENT_OPTIONS = 0x00000000;
147 pub const POLICY_AUDIT_EVENT_SUCCESS: POLICY_AUDIT_EVENT_OPTIONS = 0x00000001;
148 pub const POLICY_AUDIT_EVENT_FAILURE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000002;
149 pub const POLICY_AUDIT_EVENT_NONE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000004;
150 pub const POLICY_AUDIT_EVENT_MASK: POLICY_AUDIT_EVENT_OPTIONS = POLICY_AUDIT_EVENT_SUCCESS
151     | POLICY_AUDIT_EVENT_FAILURE | POLICY_AUDIT_EVENT_UNCHANGED | POLICY_AUDIT_EVENT_NONE;
152 pub const POLICY_VIEW_LOCAL_INFORMATION: ::ACCESS_MASK = 0x00000001;
153 pub const POLICY_VIEW_AUDIT_INFORMATION: ::ACCESS_MASK = 0x00000002;
154 pub const POLICY_GET_PRIVATE_INFORMATION: ::ACCESS_MASK = 0x00000004;
155 pub const POLICY_TRUST_ADMIN: ::ACCESS_MASK = 0x00000008;
156 pub const POLICY_CREATE_ACCOUNT: ::ACCESS_MASK = 0x00000010;
157 pub const POLICY_CREATE_SECRET: ::ACCESS_MASK = 0x00000020;
158 pub const POLICY_CREATE_PRIVILEGE: ::ACCESS_MASK = 0x00000040;
159 pub const POLICY_SET_DEFAULT_QUOTA_LIMITS: ::ACCESS_MASK = 0x00000080;
160 pub const POLICY_SET_AUDIT_REQUIREMENTS: ::ACCESS_MASK = 0x00000100;
161 pub const POLICY_AUDIT_LOG_ADMIN: ::ACCESS_MASK = 0x00000200;
162 pub const POLICY_SERVER_ADMIN: ::ACCESS_MASK = 0x00000400;
163 pub const POLICY_LOOKUP_NAMES: ::ACCESS_MASK = 0x00000800;
164 pub const POLICY_NOTIFICATION: ::ACCESS_MASK = 0x00001000;
165 pub const POLICY_ALL_ACCESS: ::ACCESS_MASK = ::STANDARD_RIGHTS_REQUIRED
166     | POLICY_VIEW_LOCAL_INFORMATION | POLICY_VIEW_AUDIT_INFORMATION
167     | POLICY_GET_PRIVATE_INFORMATION | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT
168     | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS
169     | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN
170     | POLICY_LOOKUP_NAMES;
171 pub const POLICY_READ: ::ACCESS_MASK = ::STANDARD_RIGHTS_READ | POLICY_VIEW_AUDIT_INFORMATION
172     | POLICY_GET_PRIVATE_INFORMATION;
173 pub const POLICY_WRITE: ::ACCESS_MASK = ::STANDARD_RIGHTS_WRITE | POLICY_TRUST_ADMIN
174     | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE
175     | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN
176     | POLICY_SERVER_ADMIN;
177 pub const POLICY_EXECUTE: ::ACCESS_MASK = ::STANDARD_RIGHTS_EXECUTE
178     | POLICY_VIEW_LOCAL_INFORMATION | POLICY_LOOKUP_NAMES;
179 STRUCT!{struct LSA_TRANSLATED_SID {
180     Use: ::SID_NAME_USE,
181     RelativeId: ::ULONG,
182     DomainIndex: ::LONG,
183 }}
184 pub type PLSA_TRANSLATED_SID = *mut LSA_TRANSLATED_SID;
185 ENUM!{enum POLICY_LSA_SERVER_ROLE {
186     PolicyServerRoleBackup = 2,
187     PolicyServerRolePrimary,
188 }}
189 pub type PPOLICY_LSA_SERVER_ROLE = *mut POLICY_LSA_SERVER_ROLE;
190 pub type POLICY_AUDIT_EVENT_OPTIONS = ::ULONG;
191 pub type PPOLICY_AUDIT_EVENT_OPTIONS = *mut ::ULONG;
192 ENUM!{enum POLICY_INFORMATION_CLASS {
193     PolicyAuditLogInformation = 1,
194     PolicyAuditEventsInformation,
195     PolicyPrimaryDomainInformation,
196     PolicyPdAccountInformation,
197     PolicyAccountDomainInformation,
198     PolicyLsaServerRoleInformation,
199     PolicyReplicaSourceInformation,
200     PolicyDefaultQuotaInformation,
201     PolicyModificationInformation,
202     PolicyAuditFullSetInformation,
203     PolicyAuditFullQueryInformation,
204     PolicyDnsDomainInformation,
205     PolicyDnsDomainInformationInt,
206     PolicyLocalAccountDomainInformation,
207     PolicyLastEntry,
208 }}
209 pub type PPOLICY_INFORMATION_CLASS = *mut POLICY_INFORMATION_CLASS;
210 STRUCT!{struct POLICY_AUDIT_LOG_INFO {
211     AuditLogPercentFull: ::ULONG,
212     MaximumLogSize: ::ULONG,
213     AuditRetentionPeriod: ::LARGE_INTEGER,
214     AuditLogFullShutdownInProgress: ::BOOLEAN,
215     TimeToShutdown: ::LARGE_INTEGER,
216     NextAuditRecordId: ::ULONG,
217 }}
218 pub type PPOLICY_AUDIT_LOG_INFO = *mut POLICY_AUDIT_LOG_INFO;
219 STRUCT!{struct POLICY_AUDIT_EVENTS_INFO {
220     AuditingMode: ::BOOLEAN,
221     EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
222     MaximumAuditEventCount: ::ULONG,
223 }}
224 pub type PPOLICY_AUDIT_EVENTS_INFO = *mut POLICY_AUDIT_EVENTS_INFO;
225 STRUCT!{struct POLICY_AUDIT_SUBCATEGORIES_INFO {
226     MaximumSubCategoryCount: ::ULONG,
227     EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
228 }}
229 pub type PPOLICY_AUDIT_SUBCATEGORIES_INFO = *mut POLICY_AUDIT_SUBCATEGORIES_INFO;
230 STRUCT!{struct POLICY_AUDIT_CATEGORIES_INFO {
231     MaximumSubCategoryCount: ::ULONG,
232     SubCategoriesInfo: PPOLICY_AUDIT_SUBCATEGORIES_INFO,
233 }}
234 pub type PPOLICY_AUDIT_CATEGORIES_INFO = *mut POLICY_AUDIT_CATEGORIES_INFO;
235 pub const PER_USER_POLICY_UNCHANGED: ::ULONG = 0x00;
236 pub const PER_USER_AUDIT_SUCCESS_INCLUDE: ::ULONG = 0x01;
237 pub const PER_USER_AUDIT_SUCCESS_EXCLUDE: ::ULONG = 0x02;
238 pub const PER_USER_AUDIT_FAILURE_INCLUDE: ::ULONG = 0x04;
239 pub const PER_USER_AUDIT_FAILURE_EXCLUDE: ::ULONG = 0x08;
240 pub const PER_USER_AUDIT_NONE: ::ULONG = 0x10;
241 pub const VALID_PER_USER_AUDIT_POLICY_FLAG: ::ULONG = PER_USER_AUDIT_SUCCESS_INCLUDE
242     | PER_USER_AUDIT_SUCCESS_EXCLUDE | PER_USER_AUDIT_FAILURE_INCLUDE
243     | PER_USER_AUDIT_FAILURE_EXCLUDE | PER_USER_AUDIT_NONE;
244 STRUCT!{struct POLICY_PRIMARY_DOMAIN_INFO {
245     Name: ::LSA_UNICODE_STRING,
246     Sid: ::PSID,
247 }}
248 pub type PPOLICY_PRIMARY_DOMAIN_INFO = *mut POLICY_PRIMARY_DOMAIN_INFO;
249 STRUCT!{struct POLICY_PD_ACCOUNT_INFO {
250     Name: ::LSA_UNICODE_STRING,
251 }}
252 pub type PPOLICY_PD_ACCOUNT_INFO = *mut POLICY_PD_ACCOUNT_INFO;
253 STRUCT!{struct POLICY_LSA_SERVER_ROLE_INFO {
254     LsaServerRole: POLICY_LSA_SERVER_ROLE,
255 }}
256 pub type PPOLICY_LSA_SERVER_ROLE_INFO = *mut POLICY_LSA_SERVER_ROLE_INFO;
257 STRUCT!{struct POLICY_REPLICA_SOURCE_INFO {
258     ReplicaSource: ::LSA_UNICODE_STRING,
259     ReplicaAccountName: ::LSA_UNICODE_STRING,
260 }}
261 pub type PPOLICY_REPLICA_SOURCE_INFO = *mut POLICY_REPLICA_SOURCE_INFO;
262 STRUCT!{struct POLICY_DEFAULT_QUOTA_INFO {
263     QuotaLimits: ::QUOTA_LIMITS,
264 }}
265 pub type PPOLICY_DEFAULT_QUOTA_INFO = *mut POLICY_DEFAULT_QUOTA_INFO;
266 STRUCT!{struct POLICY_MODIFICATION_INFO {
267     ModifiedId: ::LARGE_INTEGER,
268     DatabaseCreationTime: ::LARGE_INTEGER,
269 }}
270 pub type PPOLICY_MODIFICATION_INFO = *mut POLICY_MODIFICATION_INFO;
271 STRUCT!{struct POLICY_AUDIT_FULL_SET_INFO {
272     ShutDownOnFull: ::BOOLEAN,
273 }}
274 pub type PPOLICY_AUDIT_FULL_SET_INFO = *mut POLICY_AUDIT_FULL_SET_INFO;
275 STRUCT!{struct POLICY_AUDIT_FULL_QUERY_INFO {
276     ShutDownOnFull: ::BOOLEAN,
277     LogIsFull: ::BOOLEAN,
278 }}
279 pub type PPOLICY_AUDIT_FULL_QUERY_INFO = *mut POLICY_AUDIT_FULL_QUERY_INFO;
280 ENUM!{enum POLICY_DOMAIN_INFORMATION_CLASS {
281     PolicyDomainEfsInformation = 2,
282     PolicyDomainKerberosTicketInformation,
283 }}
284 pub type PPOLICY_DOMAIN_INFORMATION_CLASS = *mut POLICY_DOMAIN_INFORMATION_CLASS;
285 STRUCT!{struct POLICY_DOMAIN_EFS_INFO {
286     InfoLength: ::ULONG,
287     EfsBlob: ::PUCHAR,
288 }}
289 pub type PPOLICY_DOMAIN_EFS_INFO = *mut POLICY_DOMAIN_EFS_INFO;
290 STRUCT!{struct POLICY_DOMAIN_KERBEROS_TICKET_INFO {
291     AuthenticationOptions: ::ULONG,
292     MaxServiceTicketAge: ::LARGE_INTEGER,
293     MaxTicketAge: ::LARGE_INTEGER,
294     MaxRenewAge: ::LARGE_INTEGER,
295     MaxClockSkew: ::LARGE_INTEGER,
296     Reserved: ::LARGE_INTEGER,
297 }}
298 pub type PPOLICY_DOMAIN_KERBEROS_TICKET_INFO = *mut POLICY_DOMAIN_KERBEROS_TICKET_INFO;
299 ENUM!{enum POLICY_NOTIFICATION_INFORMATION_CLASS {
300     PolicyNotifyAuditEventsInformation = 1,
301     PolicyNotifyAccountDomainInformation,
302     PolicyNotifyServerRoleInformation,
303     PolicyNotifyDnsDomainInformation,
304     PolicyNotifyDomainEfsInformation,
305     PolicyNotifyDomainKerberosTicketInformation,
306     PolicyNotifyMachineAccountPasswordInformation,
307     PolicyNotifyGlobalSaclInformation,
308     PolicyNotifyMax,
309 }}
310 pub type PPOLICY_NOTIFICATION_INFORMATION_CLASS = *mut POLICY_NOTIFICATION_INFORMATION_CLASS;
311 pub type LSA_HANDLE = ::PVOID;
312 pub type PLSA_HANDLE = *mut ::PVOID;
313 ENUM!{enum TRUSTED_INFORMATION_CLASS {
314     TrustedDomainNameInformation = 1,
315     TrustedControllersInformation,
316     TrustedPosixOffsetInformation,
317     TrustedPasswordInformation,
318     TrustedDomainInformationBasic,
319     TrustedDomainInformationEx,
320     TrustedDomainAuthInformation,
321     TrustedDomainFullInformation,
322     TrustedDomainAuthInformationInternal,
323     TrustedDomainFullInformationInternal,
324     TrustedDomainInformationEx2Internal,
325     TrustedDomainFullInformation2Internal,
326     TrustedDomainSupportedEncryptionTypes,
327 }}
328 pub type PTRUSTED_INFORMATION_CLASS = *mut TRUSTED_INFORMATION_CLASS;
329 STRUCT!{struct TRUSTED_DOMAIN_NAME_INFO {
330     Name: ::LSA_UNICODE_STRING,
331 }}
332 pub type PTRUSTED_DOMAIN_NAME_INFO = *mut TRUSTED_DOMAIN_NAME_INFO;
333 STRUCT!{struct TRUSTED_CONTROLLERS_INFO {
334     Entries: ::ULONG,
335     Names: ::PLSA_UNICODE_STRING,
336 }}
337 pub type PTRUSTED_CONTROLLERS_INFO = *mut TRUSTED_CONTROLLERS_INFO;
338 STRUCT!{struct TRUSTED_POSIX_OFFSET_INFO {
339     Offset: ::ULONG,
340 }}
341 pub type PTRUSTED_POSIX_OFFSET_INFO = *mut TRUSTED_POSIX_OFFSET_INFO;
342 STRUCT!{struct TRUSTED_PASSWORD_INFO {
343     Password: ::LSA_UNICODE_STRING,
344     OldPassword: ::LSA_UNICODE_STRING,
345 }}
346 pub type PTRUSTED_PASSWORD_INFO = *mut TRUSTED_PASSWORD_INFO;
347 pub type TRUSTED_DOMAIN_INFORMATION_BASIC = ::LSA_TRUST_INFORMATION;
348 pub type PTRUSTED_DOMAIN_INFORMATION_BASIC = ::PLSA_TRUST_INFORMATION;
349 pub const TRUST_DIRECTION_DISABLED: ::ULONG = 0x00000000;
350 pub const TRUST_DIRECTION_INBOUND: ::ULONG = 0x00000001;
351 pub const TRUST_DIRECTION_OUTBOUND: ::ULONG = 0x00000002;
352 pub const TRUST_DIRECTION_BIDIRECTIONAL: ::ULONG = TRUST_DIRECTION_INBOUND
353     | TRUST_DIRECTION_OUTBOUND;
354 pub const TRUST_TYPE_DOWNLEVEL: ::ULONG = 0x00000001;
355 pub const TRUST_TYPE_UPLEVEL: ::ULONG = 0x00000002;
356 pub const TRUST_TYPE_MIT: ::ULONG = 0x00000003;
357 pub const TRUST_ATTRIBUTE_NON_TRANSITIVE: ::ULONG = 0x00000001;
358 pub const TRUST_ATTRIBUTE_UPLEVEL_ONLY: ::ULONG = 0x00000002;
359 pub const TRUST_ATTRIBUTE_QUARANTINED_DOMAIN: ::ULONG = 0x00000004;
360 pub const TRUST_ATTRIBUTE_FOREST_TRANSITIVE: ::ULONG = 0x00000008;
361 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION: ::ULONG = 0x00000010;
362 pub const TRUST_ATTRIBUTE_WITHIN_FOREST: ::ULONG = 0x00000020;
363 pub const TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL: ::ULONG = 0x00000040;
364 pub const TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION: ::ULONG = 0x00000080;
365 pub const TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS: ::ULONG = 0x00000100;
366 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION: ::ULONG = 0x00000200;
367 pub const TRUST_ATTRIBUTES_VALID: ::ULONG = 0xFF03FFFF;
368 pub const TRUST_ATTRIBUTES_USER: ::ULONG = 0xFF000000;
369 STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX {
370     Name: ::LSA_UNICODE_STRING,
371     FlatName: ::LSA_UNICODE_STRING,
372     Sid: ::PSID,
373     TrustDirection: ::ULONG,
374     TrustType: ::ULONG,
375     TrustAttributes: ::ULONG,
376 }}
377 pub type PTRUSTED_DOMAIN_INFORMATION_EX = *mut TRUSTED_DOMAIN_INFORMATION_EX;
378 STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX2 {
379     Name: ::LSA_UNICODE_STRING,
380     FlatName: ::LSA_UNICODE_STRING,
381     Sid: ::PSID,
382     TrustDirection: ::ULONG,
383     TrustType: ::ULONG,
384     TrustAttributes: ::ULONG,
385     ForestTrustLength: ::ULONG,
386     ForestTrustInfo: ::PUCHAR,
387 }}
388 pub type PTRUSTED_DOMAIN_INFORMATION_EX2 = *mut TRUSTED_DOMAIN_INFORMATION_EX2;
389 pub const TRUST_AUTH_TYPE_NONE: ::ULONG = 0;
390 pub const TRUST_AUTH_TYPE_NT4OWF: ::ULONG = 1;
391 pub const TRUST_AUTH_TYPE_CLEAR: ::ULONG = 2;
392 pub const TRUST_AUTH_TYPE_VERSION: ::ULONG = 3;
393 STRUCT!{struct LSA_AUTH_INFORMATION {
394     LastUpdateTime: ::LARGE_INTEGER,
395     AuthType: ::ULONG,
396     AuthInfoLength: ::ULONG,
397     AuthInfo: ::PUCHAR,
398 }}
399 pub type PLSA_AUTH_INFORMATION = *mut LSA_AUTH_INFORMATION;
400 STRUCT!{struct TRUSTED_DOMAIN_AUTH_INFORMATION {
401     IncomingAuthInfos: ::ULONG,
402     IncomingAuthenticationInformation: PLSA_AUTH_INFORMATION,
403     IncomingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
404     OutgoingAuthInfos: ::ULONG,
405     OutgoingAuthenticationInformation: PLSA_AUTH_INFORMATION,
406     OutgoingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
407 }}
408 pub type PTRUSTED_DOMAIN_AUTH_INFORMATION = *mut TRUSTED_DOMAIN_AUTH_INFORMATION;
409 STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION {
410     Information: TRUSTED_DOMAIN_INFORMATION_EX,
411     PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
412     AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
413 }}
414 pub type PTRUSTED_DOMAIN_FULL_INFORMATION = *mut TRUSTED_DOMAIN_FULL_INFORMATION;
415 STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION2 {
416     Information: TRUSTED_DOMAIN_INFORMATION_EX2,
417     PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
418     AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
419 }}
420 pub type PTRUSTED_DOMAIN_FULL_INFORMATION2 = *mut TRUSTED_DOMAIN_FULL_INFORMATION2;
421 STRUCT!{struct TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES {
422     SupportedEncryptionTypes: ::ULONG,
423 }}
424 pub type PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES =
425     *mut TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES;
426 ENUM!{enum LSA_FOREST_TRUST_RECORD_TYPE {
427     ForestTrustTopLevelName,
428     ForestTrustTopLevelNameEx,
429     ForestTrustDomainInfo,
430     ForestTrustRecordTypeLast, // = ForestTrustDomainInfo,
431 }}
432 pub const LSA_FTRECORD_DISABLED_REASONS: ::ULONG = 0x0000FFFF;
433 pub const LSA_TLN_DISABLED_NEW: ::ULONG = 0x00000001;
434 pub const LSA_TLN_DISABLED_ADMIN: ::ULONG = 0x00000002;
435 pub const LSA_TLN_DISABLED_CONFLICT: ::ULONG = 0x00000004;
436 pub const LSA_SID_DISABLED_ADMIN: ::ULONG = 0x00000001;
437 pub const LSA_SID_DISABLED_CONFLICT: ::ULONG = 0x00000002;
438 pub const LSA_NB_DISABLED_ADMIN: ::ULONG = 0x00000004;
439 pub const LSA_NB_DISABLED_CONFLICT: ::ULONG = 0x00000008;
440 STRUCT!{struct LSA_FOREST_TRUST_DOMAIN_INFO {
441     Sid: ::PSID,
442     DnsName: ::LSA_UNICODE_STRING,
443     NetbiosName: ::LSA_UNICODE_STRING,
444 }}
445 pub type PLSA_FOREST_TRUST_DOMAIN_INFO = *mut LSA_FOREST_TRUST_DOMAIN_INFO;
446 pub const MAX_FOREST_TRUST_BINARY_DATA_SIZE: ::ULONG = 128 * 1024;
447 STRUCT!{struct LSA_FOREST_TRUST_BINARY_DATA {
448     Length: ::ULONG,
449     Buffer: ::PUCHAR,
450 }}
451 pub type PLSA_FOREST_TRUST_BINARY_DATA = *mut LSA_FOREST_TRUST_BINARY_DATA;
452 STRUCT!{struct LSA_FOREST_TRUST_RECORD_ForestTrustData {
453     DomainInfo: LSA_FOREST_TRUST_DOMAIN_INFO,
454 }}
455 UNION!(
456     LSA_FOREST_TRUST_RECORD_ForestTrustData, DomainInfo, TopLevelName, TopLevelName_mut,
457     ::LSA_UNICODE_STRING
458 );
459 UNION!(
460     LSA_FOREST_TRUST_RECORD_ForestTrustData, DomainInfo, Data, Data_mut,
461     LSA_FOREST_TRUST_BINARY_DATA
462 );
463 STRUCT!{struct LSA_FOREST_TRUST_RECORD {
464     Flags: ::ULONG,
465     ForestTrustType: LSA_FOREST_TRUST_RECORD_TYPE,
466     Time: ::LARGE_INTEGER,
467     ForestTrustData: LSA_FOREST_TRUST_RECORD_ForestTrustData,
468 }}
469 pub type PLSA_FOREST_TRUST_RECORD = *mut LSA_FOREST_TRUST_RECORD;
470 pub const MAX_RECORDS_IN_FOREST_TRUST_INFO: ::ULONG = 4000;
471 STRUCT!{struct LSA_FOREST_TRUST_INFORMATION {
472     RecordCount: ::ULONG,
473     Entries: *mut PLSA_FOREST_TRUST_RECORD,
474 }}
475 pub type PLSA_FOREST_TRUST_INFORMATION = *mut LSA_FOREST_TRUST_INFORMATION;
476 ENUM!{enum LSA_FOREST_TRUST_COLLISION_RECORD_TYPE {
477     CollisionTdo,
478     CollisionXref,
479     CollisionOther,
480 }}
481 STRUCT!{struct LSA_FOREST_TRUST_COLLISION_RECORD {
482     Index: ::ULONG,
483     Type: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE,
484     Flags: ::ULONG,
485     Name: ::LSA_UNICODE_STRING,
486 }}
487 pub type PLSA_FOREST_TRUST_COLLISION_RECORD = *mut LSA_FOREST_TRUST_COLLISION_RECORD;
488 STRUCT!{struct LSA_FOREST_TRUST_COLLISION_INFORMATION {
489     RecordCount: ::ULONG,
490     Entries: *mut PLSA_FOREST_TRUST_COLLISION_RECORD,
491 }}
492 pub type PLSA_FOREST_TRUST_COLLISION_INFORMATION = *mut LSA_FOREST_TRUST_COLLISION_INFORMATION;
493 pub type LSA_ENUMERATION_HANDLE = ::ULONG;
494 pub type PLSA_ENUMERATION_HANDLE = *mut ::ULONG;
495 STRUCT!{struct LSA_ENUMERATION_INFORMATION {
496     Sid: ::PSID,
497 }}
498 pub type PLSA_ENUMERATION_INFORMATION = *mut LSA_ENUMERATION_INFORMATION;
499 STRUCT!{struct LSA_LAST_INTER_LOGON_INFO {
500     LastSuccessfulLogon: ::LARGE_INTEGER,
501     LastFailedLogon: ::LARGE_INTEGER,
502     FailedAttemptCountSinceLastSuccessfulLogon: ::ULONG,
503 }}
504 pub type PLSA_LAST_INTER_LOGON_INFO = *mut LSA_LAST_INTER_LOGON_INFO;
505 STRUCT!{struct SECURITY_LOGON_SESSION_DATA {
506     Size: ::ULONG,
507     LogonId: ::LUID,
508     UserName: ::LSA_UNICODE_STRING,
509     LogonDomain: ::LSA_UNICODE_STRING,
510     AuthenticationPackage: ::LSA_UNICODE_STRING,
511     LogonType: ::ULONG,
512     Session: ::ULONG,
513     Sid: ::PSID,
514     LogonTime: ::LARGE_INTEGER,
515     LogonServer: ::LSA_UNICODE_STRING,
516     DnsDomainName: ::LSA_UNICODE_STRING,
517     Upn: ::LSA_UNICODE_STRING,
518     UserFlags: ::ULONG,
519     LastLogonInfo: LSA_LAST_INTER_LOGON_INFO,
520     LogonScript: ::LSA_UNICODE_STRING,
521     ProfilePath: ::LSA_UNICODE_STRING,
522     HomeDirectory: ::LSA_UNICODE_STRING,
523     HomeDirectoryDrive: ::LSA_UNICODE_STRING,
524     LogoffTime: ::LARGE_INTEGER,
525     KickOffTime: ::LARGE_INTEGER,
526     PasswordLastSet: ::LARGE_INTEGER,
527     PasswordCanChange: ::LARGE_INTEGER,
528     PasswordMustChange: ::LARGE_INTEGER,
529 }}
530 pub type PSECURITY_LOGON_SESSION_DATA = *mut SECURITY_LOGON_SESSION_DATA;
531 pub const CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG: ::ULONG = 0x00000001;
532 pub const CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG: ::ULONG = 0x00000100;
533 pub const CENTRAL_ACCESS_POLICY_STAGED_FLAG: ::ULONG = 0x00010000;
534 pub const CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK: ::ULONG =
535     CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
536     | CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG | CENTRAL_ACCESS_POLICY_STAGED_FLAG;
537 pub const LSASETCAPS_RELOAD_FLAG: ::ULONG = 0x00000001;
538 pub const LSASETCAPS_VALID_FLAG_MASK: ::ULONG = LSASETCAPS_RELOAD_FLAG;
539 STRUCT!{struct CENTRAL_ACCESS_POLICY_ENTRY {
540     Name: ::LSA_UNICODE_STRING,
541     Description: ::LSA_UNICODE_STRING,
542     ChangeId: ::LSA_UNICODE_STRING,
543     LengthAppliesTo: ::ULONG,
544     AppliesTo: ::PUCHAR,
545     LengthSD: ::ULONG,
546     SD: ::PSECURITY_DESCRIPTOR,
547     LengthStagedSD: ::ULONG,
548     StagedSD: ::PSECURITY_DESCRIPTOR,
549     Flags: ::ULONG,
550 }}
551 pub type PCENTRAL_ACCESS_POLICY_ENTRY = *mut CENTRAL_ACCESS_POLICY_ENTRY;
552 pub type PCCENTRAL_ACCESS_POLICY_ENTRY = *const CENTRAL_ACCESS_POLICY_ENTRY;
553 STRUCT!{struct CENTRAL_ACCESS_POLICY {
554     CAPID: ::PSID,
555     Name: ::LSA_UNICODE_STRING,
556     Description: ::LSA_UNICODE_STRING,
557     ChangeId: ::LSA_UNICODE_STRING,
558     Flags: ::ULONG,
559     CAPECount: ::ULONG,
560     CAPEs: *mut PCENTRAL_ACCESS_POLICY_ENTRY,
561 }}
562 pub type PCENTRAL_ACCESS_POLICY = *mut CENTRAL_ACCESS_POLICY;
563 pub type PCCENTRAL_ACCESS_POLICY = *const CENTRAL_ACCESS_POLICY;
564 ENUM!{enum NEGOTIATE_MESSAGES {
565     NegEnumPackagePrefixes = 0,
566     NegGetCallerName = 1,
567     NegTransferCredentials = 2,
568     NegCallPackageMax,
569 }}
570 pub const NEGOTIATE_MAX_PREFIX: usize = 32;
571 STRUCT!{struct NEGOTIATE_PACKAGE_PREFIX {
572     PackageId: ::ULONG_PTR,
573     PackageDataA: ::PVOID,
574     PackageDataW: ::PVOID,
575     PrefixLen: ::ULONG_PTR,
576     Prefix: [::UCHAR; NEGOTIATE_MAX_PREFIX],
577 }}
578 pub type PNEGOTIATE_PACKAGE_PREFIX = *mut NEGOTIATE_PACKAGE_PREFIX;
579 STRUCT!{struct NEGOTIATE_PACKAGE_PREFIXES {
580     MessageType: ::ULONG,
581     PrefixCount: ::ULONG,
582     Offset: ::ULONG,
583     Pad: ::ULONG,
584 }}
585 pub type PNEGOTIATE_PACKAGE_PREFIXES = *mut NEGOTIATE_PACKAGE_PREFIXES;
586 STRUCT!{struct NEGOTIATE_CALLER_NAME_REQUEST {
587     MessageType: ::ULONG,
588     LogonId: ::LUID,
589 }}
590 pub type PNEGOTIATE_CALLER_NAME_REQUEST = *mut NEGOTIATE_CALLER_NAME_REQUEST;
591 STRUCT!{struct NEGOTIATE_CALLER_NAME_RESPONSE {
592     MessageType: ::ULONG,
593     CallerName: ::PWSTR,
594 }}
595 pub type PNEGOTIATE_CALLER_NAME_RESPONSE = *mut NEGOTIATE_CALLER_NAME_RESPONSE;
596 STRUCT!{struct DOMAIN_PASSWORD_INFORMATION {
597     MinPasswordLength: ::USHORT,
598     PasswordHistoryLength: ::USHORT,
599     PasswordProperties: ::ULONG,
600     MaxPasswordAge: ::LARGE_INTEGER,
601     MinPasswordAge: ::LARGE_INTEGER,
602 }}
603 pub type PDOMAIN_PASSWORD_INFORMATION = *mut DOMAIN_PASSWORD_INFORMATION;
604 pub const DOMAIN_PASSWORD_COMPLEX: ::ULONG = 0x00000001;
605 pub const DOMAIN_PASSWORD_NO_ANON_CHANGE: ::ULONG = 0x00000002;
606 pub const DOMAIN_PASSWORD_NO_CLEAR_CHANGE: ::ULONG = 0x00000004;
607 pub const DOMAIN_LOCKOUT_ADMINS: ::ULONG = 0x00000008;
608 pub const DOMAIN_PASSWORD_STORE_CLEARTEXT: ::ULONG = 0x00000010;
609 pub const DOMAIN_REFUSE_PASSWORD_CHANGE: ::ULONG = 0x00000020;
610 pub const DOMAIN_NO_LM_OWF_CHANGE: ::ULONG = 0x00000040;
611 pub type PSAM_PASSWORD_NOTIFICATION_ROUTINE = Option<unsafe extern "system" fn(
612     UserName: ::PUNICODE_STRING, RelativeId: ::ULONG, NewPassword: ::PUNICODE_STRING,
613 ) -> ::NTSTATUS>;
614 pub type PSAM_INIT_NOTIFICATION_ROUTINE = Option<unsafe extern "system" fn() -> ::BOOLEAN>;
615 pub type PSAM_PASSWORD_FILTER_ROUTINE = Option<unsafe extern "system" fn(
616     AccountName: ::PUNICODE_STRING, FullName: ::PUNICODE_STRING, Password: ::PUNICODE_STRING,
617     SetOperation: ::BOOLEAN,
618 ) -> ::BOOLEAN>;
619 ENUM!{enum MSV1_0_LOGON_SUBMIT_TYPE {
620     MsV1_0InteractiveLogon = 2,
621     MsV1_0Lm20Logon,
622     MsV1_0NetworkLogon,
623     MsV1_0SubAuthLogon,
624     MsV1_0WorkstationUnlockLogon = 7,
625     MsV1_0S4ULogon = 12,
626     MsV1_0VirtualLogon = 82,
627     MsV1_0NoElevationLogon = 83,
628     MsV1_0LuidLogon = 84,
629 }}
630 pub type PMSV1_0_LOGON_SUBMIT_TYPE = *mut MSV1_0_LOGON_SUBMIT_TYPE;
631 ENUM!{enum MSV1_0_PROFILE_BUFFER_TYPE {
632     MsV1_0InteractiveProfile = 2,
633     MsV1_0Lm20LogonProfile,
634     MsV1_0SmartCardProfile,
635 }}
636 pub type PMSV1_0_PROFILE_BUFFER_TYPE = *mut MSV1_0_PROFILE_BUFFER_TYPE;
637 STRUCT!{struct MSV1_0_INTERACTIVE_LOGON {
638     MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
639     LogonDomainName: ::UNICODE_STRING,
640     UserName: ::UNICODE_STRING,
641     Password: ::UNICODE_STRING,
642 }}
643 pub type PMSV1_0_INTERACTIVE_LOGON = *mut MSV1_0_INTERACTIVE_LOGON;
644 STRUCT!{struct MSV1_0_INTERACTIVE_PROFILE {
645     MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
646     LogonCount: ::USHORT,
647     BadPasswordCount: ::USHORT,
648     LogonTime: ::LARGE_INTEGER,
649     LogoffTime: ::LARGE_INTEGER,
650     KickOffTime: ::LARGE_INTEGER,
651     PasswordLastSet: ::LARGE_INTEGER,
652     PasswordCanChange: ::LARGE_INTEGER,
653     PasswordMustChange: ::LARGE_INTEGER,
654     LogonScript: ::UNICODE_STRING,
655     HomeDirectory: ::UNICODE_STRING,
656     FullName: ::UNICODE_STRING,
657     ProfilePath: ::UNICODE_STRING,
658     HomeDirectoryDrive: ::UNICODE_STRING,
659     LogonServer: ::UNICODE_STRING,
660     UserFlags: ::ULONG,
661 }}
662 pub type PMSV1_0_INTERACTIVE_PROFILE = *mut MSV1_0_INTERACTIVE_PROFILE;
663 pub const MSV1_0_CHALLENGE_LENGTH: usize = 8;
664 pub const MSV1_0_USER_SESSION_KEY_LENGTH: usize = 16;
665 pub const MSV1_0_LANMAN_SESSION_KEY_LENGTH: usize = 8;
666 pub const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED: ::ULONG = 0x02;
667 pub const MSV1_0_UPDATE_LOGON_STATISTICS: ::ULONG = 0x04;
668 pub const MSV1_0_RETURN_USER_PARAMETERS: ::ULONG = 0x08;
669 pub const MSV1_0_DONT_TRY_GUEST_ACCOUNT: ::ULONG = 0x10;
670 pub const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT: ::ULONG = 0x20;
671 pub const MSV1_0_RETURN_PASSWORD_EXPIRY: ::ULONG = 0x40;
672 pub const MSV1_0_USE_CLIENT_CHALLENGE: ::ULONG = 0x80;
673 pub const MSV1_0_TRY_GUEST_ACCOUNT_ONLY: ::ULONG = 0x100;
674 pub const MSV1_0_RETURN_PROFILE_PATH: ::ULONG = 0x200;
675 pub const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY: ::ULONG = 0x400;
676 pub const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT: ::ULONG = 0x800;
677 pub const MSV1_0_DISABLE_PERSONAL_FALLBACK: ::ULONG = 0x00001000;
678 pub const MSV1_0_ALLOW_FORCE_GUEST: ::ULONG = 0x00002000;
679 pub const MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED: ::ULONG = 0x00004000;
680 pub const MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY: ::ULONG = 0x00008000;
681 pub const MSV1_0_SUBAUTHENTICATION_DLL_EX: ::ULONG = 0x00100000;
682 pub const MSV1_0_ALLOW_MSVCHAPV2: ::ULONG = 0x00010000;
683 pub const MSV1_0_S4U2SELF: ::ULONG = 0x00020000;
684 pub const MSV1_0_CHECK_LOGONHOURS_FOR_S4U: ::ULONG = 0x00040000;
685 pub const MSV1_0_INTERNET_DOMAIN: ::ULONG = 0x00080000;
686 pub const MSV1_0_SUBAUTHENTICATION_DLL: ::ULONG = 0xFF000000;
687 pub const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT: ::ULONG = 24;
688 pub const MSV1_0_MNS_LOGON: ::ULONG = 0x01000000;
689 pub const MSV1_0_SUBAUTHENTICATION_DLL_RAS: ::ULONG = 2;
690 pub const MSV1_0_SUBAUTHENTICATION_DLL_IIS: ::ULONG = 132;
691 STRUCT!{struct MSV1_0_LM20_LOGON {
692     MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
693     LogonDomainName: ::UNICODE_STRING,
694     UserName: ::UNICODE_STRING,
695     Workstation: ::UNICODE_STRING,
696     ChallengeToClient: [::UCHAR; MSV1_0_CHALLENGE_LENGTH],
697     CaseSensitiveChallengeResponse: ::STRING,
698     CaseInsensitiveChallengeResponse: ::STRING,
699     ParameterControl: ::ULONG,
700 }}
701 pub type PMSV1_0_LM20_LOGON = *mut MSV1_0_LM20_LOGON;
702 STRUCT!{struct MSV1_0_SUBAUTH_LOGON {
703     MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
704     LogonDomainName: ::UNICODE_STRING,
705     UserName: ::UNICODE_STRING,
706     Workstation: ::UNICODE_STRING,
707     ChallengeToClient: [::UCHAR; MSV1_0_CHALLENGE_LENGTH],
708     AuthenticationInfo1: ::STRING,
709     AuthenticationInfo2: ::STRING,
710     ParameterControl: ::ULONG,
711     SubAuthPackageId: ::ULONG,
712 }}
713 pub type PMSV1_0_SUBAUTH_LOGON = *mut MSV1_0_SUBAUTH_LOGON;
714 STRUCT!{struct MSV1_0_S4U_LOGON {
715     MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
716     MSV1_0_LOGON_SUBMIT_TYPE: ::ULONG,
717     UserPrincipalName: ::UNICODE_STRING,
718     DomainName: ::UNICODE_STRING,
719 }}
720 pub type PMSV1_0_S4U_LOGON = *mut MSV1_0_S4U_LOGON;
721 pub const LOGON_GUEST: ::ULONG = 0x01;
722 pub const LOGON_NOENCRYPTION: ::ULONG = 0x02;
723 pub const LOGON_CACHED_ACCOUNT: ::ULONG = 0x04;
724 pub const LOGON_USED_LM_PASSWORD: ::ULONG = 0x08;
725 pub const LOGON_EXTRA_SIDS: ::ULONG = 0x20;
726 pub const LOGON_SUBAUTH_SESSION_KEY: ::ULONG = 0x40;
727 pub const LOGON_SERVER_TRUST_ACCOUNT: ::ULONG = 0x80;
728 pub const LOGON_NTLMV2_ENABLED: ::ULONG = 0x100;
729 pub const LOGON_RESOURCE_GROUPS: ::ULONG = 0x200;
730 pub const LOGON_PROFILE_PATH_RETURNED: ::ULONG = 0x400;
731 pub const LOGON_NT_V2: ::ULONG = 0x800;
732 pub const LOGON_LM_V2: ::ULONG = 0x1000;
733 pub const LOGON_NTLM_V2: ::ULONG = 0x2000;
734 pub const LOGON_OPTIMIZED: ::ULONG = 0x4000;
735 pub const LOGON_WINLOGON: ::ULONG = 0x8000;
736 pub const LOGON_PKINIT: ::ULONG = 0x10000;
737 pub const LOGON_NO_OPTIMIZED: ::ULONG = 0x20000;
738 pub const LOGON_NO_ELEVATION: ::ULONG = 0x40000;
739 pub const LOGON_MANAGED_SERVICE: ::ULONG = 0x80000;
740 pub const LOGON_GRACE_LOGON: ::ULONG = 0x01000000;
741 STRUCT!{struct MSV1_0_LM20_LOGON_PROFILE {
742     MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
743     KickOffTime: ::LARGE_INTEGER,
744     LogoffTime: ::LARGE_INTEGER,
745     UserFlags: ::ULONG,
746     UserSessionKey: [::UCHAR; MSV1_0_USER_SESSION_KEY_LENGTH],
747     LogonDomainName: ::UNICODE_STRING,
748     LanmanSessionKey: [::UCHAR; MSV1_0_LANMAN_SESSION_KEY_LENGTH],
749     LogonServer: ::UNICODE_STRING,
750     UserParameters: ::UNICODE_STRING,
751 }}
752 pub type PMSV1_0_LM20_LOGON_PROFILE = *mut MSV1_0_LM20_LOGON_PROFILE;
753 pub const MSV1_0_OWF_PASSWORD_LENGTH: usize = 16;
754 STRUCT!{struct MSV1_0_SUPPLEMENTAL_CREDENTIAL {
755     Version: ::ULONG,
756     Flags: ::ULONG,
757     LmPassword: [::UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
758     NtPassword: [::UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
759 }}
760 pub type PMSV1_0_SUPPLEMENTAL_CREDENTIAL = *mut MSV1_0_SUPPLEMENTAL_CREDENTIAL;
761 pub const MSV1_0_NTLM3_RESPONSE_LENGTH: usize = 16;
762 pub const MSV1_0_NTLM3_OWF_LENGTH: usize = 16;
763 STRUCT!{struct MSV1_0_NTLM3_RESPONSE {
764     Response: [::UCHAR; MSV1_0_NTLM3_RESPONSE_LENGTH],
765     RespType: ::UCHAR,
766     HiRespType: ::UCHAR,
767     Flags: ::USHORT,
768     MsgWord: ::ULONG,
769     TimeStamp: ::ULONGLONG,
770     ChallengeFromClient: [::UCHAR; MSV1_0_CHALLENGE_LENGTH],
771     AvPairsOff: ::ULONG,
772     Buffer: [::UCHAR; 1],
773 }}
774 pub type PMSV1_0_NTLM3_RESPONSE = *mut MSV1_0_NTLM3_RESPONSE;
775 ENUM!{enum MSV1_0_AVID {
776     MsvAvEOL,
777     MsvAvNbComputerName,
778     MsvAvNbDomainName,
779     MsvAvDnsComputerName,
780     MsvAvDnsDomainName,
781     MsvAvDnsTreeName,
782     MsvAvFlags,
783     MsvAvTimestamp,
784     MsvAvRestrictions,
785     MsvAvTargetName,
786     MsvAvChannelBindings,
787 }}
788 STRUCT!{struct MSV1_0_AV_PAIR {
789     AvId: ::USHORT,
790     AvLen: ::USHORT,
791 }}
792 pub type PMSV1_0_AV_PAIR = *mut MSV1_0_AV_PAIR;
793 ENUM!{enum MSV1_0_PROTOCOL_MESSAGE_TYPE {
794     MsV1_0Lm20ChallengeRequest = 0,
795     MsV1_0Lm20GetChallengeResponse,
796     MsV1_0EnumerateUsers,
797     MsV1_0GetUserInfo,
798     MsV1_0ReLogonUsers,
799     MsV1_0ChangePassword,
800     MsV1_0ChangeCachedPassword,
801     MsV1_0GenericPassthrough,
802     MsV1_0CacheLogon,
803     MsV1_0SubAuth,
804     MsV1_0DeriveCredential,
805     MsV1_0CacheLookup,
806     MsV1_0SetProcessOption,
807     MsV1_0ConfigLocalAliases,
808     MsV1_0ClearCachedCredentials,
809     MsV1_0LookupToken,
810     MsV1_0ValidateAuth,
811     MsV1_0CacheLookupEx,
812     MsV1_0GetCredentialKey,
813     MsV1_0SetThreadOption,
814 }}
815 pub type PMSV1_0_PROTOCOL_MESSAGE_TYPE = *mut MSV1_0_PROTOCOL_MESSAGE_TYPE;
816 STRUCT!{struct MSV1_0_CHANGEPASSWORD_REQUEST {
817     MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
818     DomainName: ::UNICODE_STRING,
819     AccountName: ::UNICODE_STRING,
820     OldPassword: ::UNICODE_STRING,
821     NewPassword: ::UNICODE_STRING,
822     Impersonating: ::BOOLEAN,
823 }}
824 pub type PMSV1_0_CHANGEPASSWORD_REQUEST = *mut MSV1_0_CHANGEPASSWORD_REQUEST;
825 STRUCT!{struct MSV1_0_CHANGEPASSWORD_RESPONSE {
826     MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
827     PasswordInfoValid: ::BOOLEAN,
828     DomainPasswordInfo: DOMAIN_PASSWORD_INFORMATION,
829 }}
830 pub type PMSV1_0_CHANGEPASSWORD_RESPONSE = *mut MSV1_0_CHANGEPASSWORD_RESPONSE;
831 STRUCT!{struct MSV1_0_PASSTHROUGH_REQUEST {
832     MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
833     DomainName: ::UNICODE_STRING,
834     PackageName: ::UNICODE_STRING,
835     DataLength: ::ULONG,
836     LogonData: ::PUCHAR,
837     Pad: ::ULONG,
838 }}
839 pub type PMSV1_0_PASSTHROUGH_REQUEST = *mut MSV1_0_PASSTHROUGH_REQUEST;
840 STRUCT!{struct MSV1_0_PASSTHROUGH_RESPONSE {
841     MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
842     Pad: ::ULONG,
843     DataLength: ::ULONG,
844     ValidationData: ::PUCHAR,
845 }}
846 pub type PMSV1_0_PASSTHROUGH_RESPONSE = *mut MSV1_0_PASSTHROUGH_RESPONSE;
847 STRUCT!{struct MSV1_0_SUBAUTH_REQUEST {
848     MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
849     SubAuthPackageId: ::ULONG,
850     SubAuthInfoLength: ::ULONG,
851     SubAuthSubmitBuffer: ::PUCHAR,
852 }}
853 pub type PMSV1_0_SUBAUTH_REQUEST = *mut MSV1_0_SUBAUTH_REQUEST;
854 STRUCT!{struct MSV1_0_SUBAUTH_RESPONSE {
855     MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
856     SubAuthInfoLength: ::ULONG,
857     SubAuthReturnBuffer: ::PUCHAR,
858 }}
859 pub type PMSV1_0_SUBAUTH_RESPONSE = *mut MSV1_0_SUBAUTH_RESPONSE;
860 pub const RTL_ENCRYPT_MEMORY_SIZE: ::ULONG = 8;
861 pub const RTL_ENCRYPT_OPTION_CROSS_PROCESS: ::ULONG = 0x01;
862 pub const RTL_ENCRYPT_OPTION_SAME_LOGON: ::ULONG = 0x02;
863 pub const KERB_ETYPE_NULL: ::LONG = 0;
864 pub const KERB_ETYPE_DES_CBC_CRC: ::LONG = 1;
865 pub const KERB_ETYPE_DES_CBC_MD4: ::LONG = 2;
866 pub const KERB_ETYPE_DES_CBC_MD5: ::LONG = 3;
867 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96: ::LONG = 17;
868 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96: ::LONG = 18;
869 pub const KERB_ETYPE_RC4_MD4: ::LONG = -128;
870 pub const KERB_ETYPE_RC4_PLAIN2: ::LONG = -129;
871 pub const KERB_ETYPE_RC4_LM: ::LONG = -130;
872 pub const KERB_ETYPE_RC4_SHA: ::LONG = -131;
873 pub const KERB_ETYPE_DES_PLAIN: ::LONG = -132;
874 pub const KERB_ETYPE_RC4_HMAC_OLD: ::LONG = -133;
875 pub const KERB_ETYPE_RC4_PLAIN_OLD: ::LONG = -134;
876 pub const KERB_ETYPE_RC4_HMAC_OLD_EXP: ::LONG = -135;
877 pub const KERB_ETYPE_RC4_PLAIN_OLD_EXP: ::LONG = -136;
878 pub const KERB_ETYPE_RC4_PLAIN: ::LONG = -140;
879 pub const KERB_ETYPE_RC4_PLAIN_EXP: ::LONG = -141;
880 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN: ::LONG = -148;
881 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN: ::LONG = -149;
882 pub const KERB_ETYPE_DSA_SHA1_CMS: ::LONG = 9;
883 pub const KERB_ETYPE_RSA_MD5_CMS: ::LONG = 10;
884 pub const KERB_ETYPE_RSA_SHA1_CMS: ::LONG = 11;
885 pub const KERB_ETYPE_RC2_CBC_ENV: ::LONG = 12;
886 pub const KERB_ETYPE_RSA_ENV: ::LONG = 13;
887 pub const KERB_ETYPE_RSA_ES_OEAP_ENV: ::LONG = 14;
888 pub const KERB_ETYPE_DES_EDE3_CBC_ENV: ::LONG = 15;
889 pub const KERB_ETYPE_DSA_SIGN: ::LONG = 8;
890 pub const KERB_ETYPE_RSA_PRIV: ::LONG = 9;
891 pub const KERB_ETYPE_RSA_PUB: ::LONG = 10;
892 pub const KERB_ETYPE_RSA_PUB_MD5: ::LONG = 11;
893 pub const KERB_ETYPE_RSA_PUB_SHA1: ::LONG = 12;
894 pub const KERB_ETYPE_PKCS7_PUB: ::LONG = 13;
895 pub const KERB_ETYPE_DES3_CBC_MD5: ::LONG = 5;
896 pub const KERB_ETYPE_DES3_CBC_SHA1: ::LONG = 7;
897 pub const KERB_ETYPE_DES3_CBC_SHA1_KD: ::LONG = 16;
898 pub const KERB_ETYPE_DES_CBC_MD5_NT: ::LONG = 20;
899 pub const KERB_ETYPE_RC4_HMAC_NT: ::LONG = 23;
900 pub const KERB_ETYPE_RC4_HMAC_NT_EXP: ::LONG = 24;
901 pub const KERB_CHECKSUM_NONE: ::LONG = 0;
902 pub const KERB_CHECKSUM_CRC32: ::LONG = 1;
903 pub const KERB_CHECKSUM_MD4: ::LONG = 2;
904 pub const KERB_CHECKSUM_KRB_DES_MAC: ::LONG = 4;
905 pub const KERB_CHECKSUM_KRB_DES_MAC_K: ::LONG = 5;
906 pub const KERB_CHECKSUM_MD5: ::LONG = 7;
907 pub const KERB_CHECKSUM_MD5_DES: ::LONG = 8;
908 pub const KERB_CHECKSUM_SHA1_NEW: ::LONG = 14;
909 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128: ::LONG = 15;
910 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256: ::LONG = 16;
911 pub const KERB_CHECKSUM_LM: ::LONG = -130;
912 pub const KERB_CHECKSUM_SHA1: ::LONG = -131;
913 pub const KERB_CHECKSUM_REAL_CRC32: ::LONG = -132;
914 pub const KERB_CHECKSUM_DES_MAC: ::LONG = -133;
915 pub const KERB_CHECKSUM_DES_MAC_MD5: ::LONG = -134;
916 pub const KERB_CHECKSUM_MD25: ::LONG = -135;
917 pub const KERB_CHECKSUM_RC4_MD5: ::LONG = -136;
918 pub const KERB_CHECKSUM_MD5_HMAC: ::LONG = -137;
919 pub const KERB_CHECKSUM_HMAC_MD5: ::LONG = -138;
920 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki: ::LONG = -150;
921 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki: ::LONG = -151;
922 pub const KERB_TICKET_FLAGS_reserved: ::ULONG = 0x80000000;
923 pub const KERB_TICKET_FLAGS_forwardable: ::ULONG = 0x40000000;
924 pub const KERB_TICKET_FLAGS_forwarded: ::ULONG = 0x20000000;
925 pub const KERB_TICKET_FLAGS_proxiable: ::ULONG = 0x10000000;
926 pub const KERB_TICKET_FLAGS_proxy: ::ULONG = 0x08000000;
927 pub const KERB_TICKET_FLAGS_may_postdate: ::ULONG = 0x04000000;
928 pub const KERB_TICKET_FLAGS_postdated: ::ULONG = 0x02000000;
929 pub const KERB_TICKET_FLAGS_invalid: ::ULONG = 0x01000000;
930 pub const KERB_TICKET_FLAGS_renewable: ::ULONG = 0x00800000;
931 pub const KERB_TICKET_FLAGS_initial: ::ULONG = 0x00400000;
932 pub const KERB_TICKET_FLAGS_pre_authent: ::ULONG = 0x00200000;
933 pub const KERB_TICKET_FLAGS_hw_authent: ::ULONG = 0x00100000;
934 pub const KERB_TICKET_FLAGS_ok_as_delegate: ::ULONG = 0x00040000;
935 pub const KERB_TICKET_FLAGS_name_canonicalize: ::ULONG = 0x00010000;
936 pub const KERB_TICKET_FLAGS_cname_in_pa_data: ::ULONG = 0x00040000;
937 pub const KERB_TICKET_FLAGS_enc_pa_rep: ::ULONG = 0x00010000;
938 pub const KERB_TICKET_FLAGS_reserved1: ::ULONG = 0x00000001;
939 pub const KRB_NT_UNKNOWN: ::LONG = 0;
940 pub const KRB_NT_PRINCIPAL: ::LONG = 1;
941 pub const KRB_NT_PRINCIPAL_AND_ID: ::LONG = -131;
942 pub const KRB_NT_SRV_INST: ::LONG = 2;
943 pub const KRB_NT_SRV_INST_AND_ID: ::LONG = -132;
944 pub const KRB_NT_SRV_HST: ::LONG = 3;
945 pub const KRB_NT_SRV_XHST: ::LONG = 4;
946 pub const KRB_NT_UID: ::LONG = 5;
947 pub const KRB_NT_ENTERPRISE_PRINCIPAL: ::LONG = 10;
948 pub const KRB_NT_WELLKNOWN: ::LONG = 11;
949 pub const KRB_NT_ENT_PRINCIPAL_AND_ID: ::LONG = -130;
950 pub const KRB_NT_MS_PRINCIPAL: ::LONG = -128;
951 pub const KRB_NT_MS_PRINCIPAL_AND_ID: ::LONG = -129;
952 pub const KRB_NT_MS_BRANCH_ID: ::LONG = -133;
953 pub const KRB_NT_X500_PRINCIPAL: ::LONG = 6;
954 pub const KERB_WRAP_NO_ENCRYPT: ::ULONG = 0x80000001;
955 ENUM!{enum KERB_LOGON_SUBMIT_TYPE {
956     KerbInteractiveLogon = 2,
957     KerbSmartCardLogon = 6,
958     KerbWorkstationUnlockLogon = 7,
959     KerbSmartCardUnlockLogon = 8,
960     KerbProxyLogon = 9,
961     KerbTicketLogon = 10,
962     KerbTicketUnlockLogon = 11,
963     KerbS4ULogon = 12,
964     KerbCertificateLogon = 13,
965     KerbCertificateS4ULogon = 14,
966     KerbCertificateUnlockLogon = 15,
967     KerbNoElevationLogon = 83,
968     KerbLuidLogon = 84,
969 }}
970 pub type PKERB_LOGON_SUBMIT_TYPE = *mut KERB_LOGON_SUBMIT_TYPE;
971 STRUCT!{struct KERB_INTERACTIVE_LOGON {
972     MessageType: KERB_LOGON_SUBMIT_TYPE,
973     LogonDomainName: ::UNICODE_STRING,
974     UserName: ::UNICODE_STRING,
975     Password: ::UNICODE_STRING,
976 }}
977 pub type PKERB_INTERACTIVE_LOGON = *mut KERB_INTERACTIVE_LOGON;
978 STRUCT!{struct KERB_INTERACTIVE_UNLOCK_LOGON {
979     Logon: KERB_INTERACTIVE_LOGON,
980     LogonId: ::LUID,
981 }}
982 pub type PKERB_INTERACTIVE_UNLOCK_LOGON = *mut KERB_INTERACTIVE_UNLOCK_LOGON;
983 STRUCT!{struct KERB_SMART_CARD_LOGON {
984     MessageType: KERB_LOGON_SUBMIT_TYPE,
985     Pin: ::UNICODE_STRING,
986     CspDataLength: ::ULONG,
987     CspData: ::PUCHAR,
988 }}
989 pub type PKERB_SMART_CARD_LOGON = *mut KERB_SMART_CARD_LOGON;
990 STRUCT!{struct KERB_SMART_CARD_UNLOCK_LOGON {
991     Logon: KERB_SMART_CARD_LOGON,
992     LogonId: ::LUID,
993 }}
994 pub type PKERB_SMART_CARD_UNLOCK_LOGON = *mut KERB_SMART_CARD_UNLOCK_LOGON;
995 pub const KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES: ::ULONG = 0x1;
996 pub const KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO: ::ULONG = 0x2;
997 STRUCT!{struct KERB_CERTIFICATE_LOGON {
998     MessageType: KERB_LOGON_SUBMIT_TYPE,
999     DomainName: ::UNICODE_STRING,
1000     UserName: ::UNICODE_STRING,
1001     Pin: ::UNICODE_STRING,
1002     Flags: ::ULONG,
1003     CspDataLength: ::ULONG,
1004     CspData: ::PUCHAR,
1005 }}
1006 pub type PKERB_CERTIFICATE_LOGON = *mut KERB_CERTIFICATE_LOGON;
1007 STRUCT!{struct KERB_CERTIFICATE_UNLOCK_LOGON {
1008     Logon: KERB_CERTIFICATE_LOGON,
1009     LogonId: ::LUID,
1010 }}
1011 pub type PKERB_CERTIFICATE_UNLOCK_LOGON = *mut KERB_CERTIFICATE_UNLOCK_LOGON;
1012 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES: ::ULONG = 0x1;
1013 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ::ULONG = 0x2;
1014 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED: ::ULONG = 0x4;
1015 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY: ::ULONG = 0x8;
1016 STRUCT!{struct KERB_CERTIFICATE_S4U_LOGON {
1017     MessageType: KERB_LOGON_SUBMIT_TYPE,
1018     Flags: ::ULONG,
1019     UserPrincipalName: ::UNICODE_STRING,
1020     DomainName: ::UNICODE_STRING,
1021     CertificateLength: ::ULONG,
1022     Certificate: ::PUCHAR,
1023 }}
1024 pub type PKERB_CERTIFICATE_S4U_LOGON = *mut KERB_CERTIFICATE_S4U_LOGON;
1025 STRUCT!{struct KERB_TICKET_LOGON {
1026     MessageType: KERB_LOGON_SUBMIT_TYPE,
1027     Flags: ::ULONG,
1028     ServiceTicketLength: ::ULONG,
1029     TicketGrantingTicketLength: ::ULONG,
1030     ServiceTicket: ::PUCHAR,
1031     TicketGrantingTicket: ::PUCHAR,
1032 }}
1033 pub type PKERB_TICKET_LOGON = *mut KERB_TICKET_LOGON;
1034 STRUCT!{struct KERB_TICKET_UNLOCK_LOGON {
1035     Logon: KERB_TICKET_LOGON,
1036     LogonId: ::LUID,
1037 }}
1038 pub type PKERB_TICKET_UNLOCK_LOGON = *mut KERB_TICKET_UNLOCK_LOGON;
1039 pub const KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ::ULONG = 0x2;
1040 pub const KERB_S4U_LOGON_FLAG_IDENTIFY: ::ULONG = 0x8;
1041 STRUCT!{struct KERB_S4U_LOGON {
1042     MessageType: KERB_LOGON_SUBMIT_TYPE,
1043     Flags: ::ULONG,
1044     ClientUpn: ::UNICODE_STRING,
1045     ClientRealm: ::UNICODE_STRING,
1046 }}
1047 pub type PKERB_S4U_LOGON = *mut KERB_S4U_LOGON;
1048 ENUM!{enum KERB_PROFILE_BUFFER_TYPE {
1049     KerbInteractiveProfile = 2,
1050     KerbSmartCardProfile = 4,
1051     KerbTicketProfile = 6,
1052 }}
1053 pub type PKERB_PROFILE_BUFFER_TYPE = *mut KERB_PROFILE_BUFFER_TYPE;
1054 STRUCT!{struct KERB_INTERACTIVE_PROFILE {
1055     MessageType: KERB_PROFILE_BUFFER_TYPE,
1056     LogonCount: ::USHORT,
1057     BadPasswordCount: ::USHORT,
1058     LogonTime: ::LARGE_INTEGER,
1059     LogoffTime: ::LARGE_INTEGER,
1060     KickOffTime: ::LARGE_INTEGER,
1061     PasswordLastSet: ::LARGE_INTEGER,
1062     PasswordCanChange: ::LARGE_INTEGER,
1063     PasswordMustChange: ::LARGE_INTEGER,
1064     LogonScript: ::UNICODE_STRING,
1065     HomeDirectory: ::UNICODE_STRING,
1066     FullName: ::UNICODE_STRING,
1067     ProfilePath: ::UNICODE_STRING,
1068     HomeDirectoryDrive: ::UNICODE_STRING,
1069     LogonServer: ::UNICODE_STRING,
1070     UserFlags: ::ULONG,
1071 }}
1072 pub type PKERB_INTERACTIVE_PROFILE = *mut KERB_INTERACTIVE_PROFILE;
1073 STRUCT!{struct KERB_SMART_CARD_PROFILE {
1074     Profile: KERB_INTERACTIVE_PROFILE,
1075     CertificateSize: ::ULONG,
1076     CertificateData: ::PUCHAR,
1077 }}
1078 pub type PKERB_SMART_CARD_PROFILE = *mut KERB_SMART_CARD_PROFILE;
1079 STRUCT!{struct KERB_CRYPTO_KEY {
1080     KeyType: ::LONG,
1081     Length: ::ULONG,
1082     Value: ::PUCHAR,
1083 }}
1084 pub type PKERB_CRYPTO_KEY = *mut KERB_CRYPTO_KEY;
1085 STRUCT!{struct KERB_CRYPTO_KEY32 {
1086     KeyType: ::LONG,
1087     Length: ::ULONG,
1088     Offset: ::ULONG,
1089 }}
1090 pub type PKERB_CRYPTO_KEY32 = *mut KERB_CRYPTO_KEY32;
1091 STRUCT!{struct KERB_TICKET_PROFILE {
1092     Profile: KERB_INTERACTIVE_PROFILE,
1093     SessionKey: KERB_CRYPTO_KEY,
1094 }}
1095 pub type PKERB_TICKET_PROFILE = *mut KERB_TICKET_PROFILE;
1096 ENUM!{enum KERB_PROTOCOL_MESSAGE_TYPE {
1097     KerbDebugRequestMessage = 0,
1098     KerbQueryTicketCacheMessage,
1099     KerbChangeMachinePasswordMessage,
1100     KerbVerifyPacMessage,
1101     KerbRetrieveTicketMessage,
1102     KerbUpdateAddressesMessage,
1103     KerbPurgeTicketCacheMessage,
1104     KerbChangePasswordMessage,
1105     KerbRetrieveEncodedTicketMessage,
1106     KerbDecryptDataMessage,
1107     KerbAddBindingCacheEntryMessage,
1108     KerbSetPasswordMessage,
1109     KerbSetPasswordExMessage,
1110     KerbVerifyCredentialsMessage,
1111     KerbQueryTicketCacheExMessage,
1112     KerbPurgeTicketCacheExMessage,
1113     KerbRefreshSmartcardCredentialsMessage,
1114     KerbAddExtraCredentialsMessage,
1115     KerbQuerySupplementalCredentialsMessage,
1116     KerbTransferCredentialsMessage,
1117     KerbQueryTicketCacheEx2Message,
1118     KerbSubmitTicketMessage,
1119     KerbAddExtraCredentialsExMessage,
1120     KerbQueryKdcProxyCacheMessage,
1121     KerbPurgeKdcProxyCacheMessage,
1122     KerbQueryTicketCacheEx3Message,
1123     KerbCleanupMachinePkinitCredsMessage,
1124     KerbAddBindingCacheEntryExMessage,
1125     KerbQueryBindingCacheMessage,
1126     KerbPurgeBindingCacheMessage,
1127     KerbPinKdcMessage,
1128     KerbUnpinAllKdcsMessage,
1129     KerbQueryDomainExtendedPoliciesMessage,
1130     KerbQueryS4U2ProxyCacheMessage,
1131 }}
1132 pub type PKERB_PROTOCOL_MESSAGE_TYPE = *mut KERB_PROTOCOL_MESSAGE_TYPE;
1133 STRUCT!{struct KERB_QUERY_TKT_CACHE_REQUEST {
1134     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1135     LogonId: ::LUID,
1136 }}
1137 pub type PKERB_QUERY_TKT_CACHE_REQUEST = *mut KERB_QUERY_TKT_CACHE_REQUEST;
1138 STRUCT!{struct KERB_TICKET_CACHE_INFO {
1139     ServerName: ::UNICODE_STRING,
1140     RealmName: ::UNICODE_STRING,
1141     StartTime: ::LARGE_INTEGER,
1142     EndTime: ::LARGE_INTEGER,
1143     RenewTime: ::LARGE_INTEGER,
1144     EncryptionType: ::LONG,
1145     TicketFlags: ::ULONG,
1146 }}
1147 pub type PKERB_TICKET_CACHE_INFO = *mut KERB_TICKET_CACHE_INFO;
1148 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX {
1149     ClientName: ::UNICODE_STRING,
1150     ClientRealm: ::UNICODE_STRING,
1151     ServerName: ::UNICODE_STRING,
1152     ServerRealm: ::UNICODE_STRING,
1153     StartTime: ::LARGE_INTEGER,
1154     EndTime: ::LARGE_INTEGER,
1155     RenewTime: ::LARGE_INTEGER,
1156     EncryptionType: ::LONG,
1157     TicketFlags: ::ULONG,
1158 }}
1159 pub type PKERB_TICKET_CACHE_INFO_EX = *mut KERB_TICKET_CACHE_INFO_EX;
1160 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX2 {
1161     ClientName: ::UNICODE_STRING,
1162     ClientRealm: ::UNICODE_STRING,
1163     ServerName: ::UNICODE_STRING,
1164     ServerRealm: ::UNICODE_STRING,
1165     StartTime: ::LARGE_INTEGER,
1166     EndTime: ::LARGE_INTEGER,
1167     RenewTime: ::LARGE_INTEGER,
1168     EncryptionType: ::LONG,
1169     TicketFlags: ::ULONG,
1170     SessionKeyType: ::ULONG,
1171     BranchId: ::ULONG,
1172 }}
1173 pub type PKERB_TICKET_CACHE_INFO_EX2 = *mut KERB_TICKET_CACHE_INFO_EX2;
1174 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX3 {
1175     ClientName: ::UNICODE_STRING,
1176     ClientRealm: ::UNICODE_STRING,
1177     ServerName: ::UNICODE_STRING,
1178     ServerRealm: ::UNICODE_STRING,
1179     StartTime: ::LARGE_INTEGER,
1180     EndTime: ::LARGE_INTEGER,
1181     RenewTime: ::LARGE_INTEGER,
1182     EncryptionType: ::LONG,
1183     TicketFlags: ::ULONG,
1184     SessionKeyType: ::ULONG,
1185     BranchId: ::ULONG,
1186     CacheFlags: ::ULONG,
1187     KdcCalled: ::UNICODE_STRING,
1188 }}
1189 pub type PKERB_TICKET_CACHE_INFO_EX3 = *mut KERB_TICKET_CACHE_INFO_EX3;
1190 STRUCT!{struct KERB_QUERY_TKT_CACHE_RESPONSE {
1191     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1192     CountOfTickets: ::ULONG,
1193     Tickets: [KERB_TICKET_CACHE_INFO; ::ANYSIZE_ARRAY],
1194 }}
1195 pub type PKERB_QUERY_TKT_CACHE_RESPONSE = *mut KERB_QUERY_TKT_CACHE_RESPONSE;
1196 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX_RESPONSE {
1197     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1198     CountOfTickets: ::ULONG,
1199     Tickets: [KERB_TICKET_CACHE_INFO_EX; ::ANYSIZE_ARRAY],
1200 }}
1201 pub type PKERB_QUERY_TKT_CACHE_EX_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX_RESPONSE;
1202 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX2_RESPONSE {
1203     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1204     CountOfTickets: ::ULONG,
1205     Tickets: [KERB_TICKET_CACHE_INFO_EX2; ::ANYSIZE_ARRAY],
1206 }}
1207 pub type PKERB_QUERY_TKT_CACHE_EX2_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX2_RESPONSE;
1208 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX3_RESPONSE {
1209     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1210     CountOfTickets: ::ULONG,
1211     Tickets: [KERB_TICKET_CACHE_INFO_EX3; ::ANYSIZE_ARRAY],
1212 }}
1213 pub type PKERB_QUERY_TKT_CACHE_EX3_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX3_RESPONSE;
1214 pub const KERB_USE_DEFAULT_TICKET_FLAGS: ::ULONG = 0x0;
1215 pub const KERB_RETRIEVE_TICKET_DEFAULT: ::ULONG = 0x0;
1216 pub const KERB_RETRIEVE_TICKET_DONT_USE_CACHE: ::ULONG = 0x1;
1217 pub const KERB_RETRIEVE_TICKET_USE_CACHE_ONLY: ::ULONG = 0x2;
1218 pub const KERB_RETRIEVE_TICKET_USE_CREDHANDLE: ::ULONG = 0x4;
1219 pub const KERB_RETRIEVE_TICKET_AS_KERB_CRED: ::ULONG = 0x8;
1220 pub const KERB_RETRIEVE_TICKET_WITH_SEC_CRED: ::ULONG = 0x10;
1221 pub const KERB_RETRIEVE_TICKET_CACHE_TICKET: ::ULONG = 0x20;
1222 pub const KERB_RETRIEVE_TICKET_MAX_LIFETIME: ::ULONG = 0x40;
1223 STRUCT!{struct KERB_AUTH_DATA {
1224     Type: ::ULONG,
1225     Length: ::ULONG,
1226     Data: ::PUCHAR,
1227 }}
1228 pub type PKERB_AUTH_DATA = *mut KERB_AUTH_DATA;
1229 STRUCT!{struct KERB_NET_ADDRESS {
1230     Family: ::ULONG,
1231     Length: ::ULONG,
1232     Address: ::PUCHAR,
1233 }}
1234 pub type PKERB_NET_ADDRESS = *mut KERB_NET_ADDRESS;
1235 STRUCT!{struct KERB_NET_ADDRESSES {
1236     Number: ::ULONG,
1237     Addresses: [KERB_NET_ADDRESS; ::ANYSIZE_ARRAY],
1238 }}
1239 pub type PKERB_NET_ADDRESSES = *mut KERB_NET_ADDRESSES;
1240 STRUCT!{struct KERB_EXTERNAL_NAME {
1241     NameType: ::SHORT,
1242     NameCount: ::USHORT,
1243     Names: [::UNICODE_STRING; ::ANYSIZE_ARRAY],
1244 }}
1245 pub type PKERB_EXTERNAL_NAME = *mut KERB_EXTERNAL_NAME;
1246 STRUCT!{struct KERB_EXTERNAL_TICKET {
1247     ServiceName: PKERB_EXTERNAL_NAME,
1248     TargetName: PKERB_EXTERNAL_NAME,
1249     ClientName: PKERB_EXTERNAL_NAME,
1250     DomainName: ::UNICODE_STRING,
1251     TargetDomainName: ::UNICODE_STRING,
1252     AltTargetDomainName: ::UNICODE_STRING,
1253     SessionKey: KERB_CRYPTO_KEY,
1254     TicketFlags: ::ULONG,
1255     Flags: ::ULONG,
1256     KeyExpirationTime: ::LARGE_INTEGER,
1257     StartTime: ::LARGE_INTEGER,
1258     EndTime: ::LARGE_INTEGER,
1259     RenewUntil: ::LARGE_INTEGER,
1260     TimeSkew: ::LARGE_INTEGER,
1261     EncodedTicketSize: ::ULONG,
1262     EncodedTicket: ::PUCHAR,
1263 }}
1264 pub type PKERB_EXTERNAL_TICKET = *mut KERB_EXTERNAL_TICKET;
1265 STRUCT!{struct KERB_RETRIEVE_TKT_REQUEST {
1266     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1267     LogonId: ::LUID,
1268     TargetName: ::UNICODE_STRING,
1269     TicketFlags: ::ULONG,
1270     CacheOptions: ::ULONG,
1271     EncryptionType: ::LONG,
1272     CredentialsHandle: ::SecHandle,
1273 }}
1274 pub type PKERB_RETRIEVE_TKT_REQUEST = *mut KERB_RETRIEVE_TKT_REQUEST;
1275 STRUCT!{struct KERB_RETRIEVE_TKT_RESPONSE {
1276     Ticket: KERB_EXTERNAL_TICKET,
1277 }}
1278 pub type PKERB_RETRIEVE_TKT_RESPONSE = *mut KERB_RETRIEVE_TKT_RESPONSE;
1279 STRUCT!{struct KERB_PURGE_TKT_CACHE_REQUEST {
1280     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1281     LogonId: ::LUID,
1282     ServerName: ::UNICODE_STRING,
1283     RealmName: ::UNICODE_STRING,
1284 }}
1285 pub type PKERB_PURGE_TKT_CACHE_REQUEST = *mut KERB_PURGE_TKT_CACHE_REQUEST;
1286 pub const KERB_PURGE_ALL_TICKETS: ::ULONG = 1;
1287 STRUCT!{struct KERB_PURGE_TKT_CACHE_EX_REQUEST {
1288     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1289     LogonId: ::LUID,
1290     Flags: ::ULONG,
1291     TicketTemplate: KERB_TICKET_CACHE_INFO_EX,
1292 }}
1293 pub type PKERB_PURGE_TKT_CACHE_EX_REQUEST = *mut KERB_PURGE_TKT_CACHE_EX_REQUEST;
1294 STRUCT!{struct KERB_SUBMIT_TKT_REQUEST {
1295     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1296     LogonId: ::LUID,
1297     Flags: ::ULONG,
1298     Key: KERB_CRYPTO_KEY32,
1299     KerbCredSize: ::ULONG,
1300     KerbCredOffset: ::ULONG,
1301 }}
1302 pub type PKERB_SUBMIT_TKT_REQUEST = *mut KERB_SUBMIT_TKT_REQUEST;
1303 STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_REQUEST {
1304     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1305     Flags: ::ULONG,
1306     LogonId: ::LUID,
1307 }}
1308 pub type PKERB_QUERY_KDC_PROXY_CACHE_REQUEST = *mut KERB_QUERY_KDC_PROXY_CACHE_REQUEST;
1309 STRUCT!{struct KDC_PROXY_CACHE_ENTRY_DATA {
1310     SinceLastUsed: ::ULONG64,
1311     DomainName: ::UNICODE_STRING,
1312     ProxyServerName: ::UNICODE_STRING,
1313     ProxyServerVdir: ::UNICODE_STRING,
1314     ProxyServerPort: ::USHORT,
1315     LogonId: ::LUID,
1316     CredUserName: ::UNICODE_STRING,
1317     CredDomainName: ::UNICODE_STRING,
1318     GlobalCache: ::BOOLEAN,
1319 }}
1320 pub type PKDC_PROXY_CACHE_ENTRY_DATA = *mut KDC_PROXY_CACHE_ENTRY_DATA;
1321 STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_RESPONSE {
1322     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1323     CountOfEntries: ::ULONG,
1324     Entries: PKDC_PROXY_CACHE_ENTRY_DATA,
1325 }}
1326 pub type PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE = *mut KERB_QUERY_KDC_PROXY_CACHE_RESPONSE;
1327 STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_REQUEST {
1328     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1329     Flags: ::ULONG,
1330     LogonId: ::LUID,
1331 }}
1332 pub type PKERB_PURGE_KDC_PROXY_CACHE_REQUEST = *mut KERB_PURGE_KDC_PROXY_CACHE_REQUEST;
1333 STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_RESPONSE {
1334     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1335     CountOfPurged: ::ULONG,
1336 }}
1337 pub type PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE = *mut KERB_PURGE_KDC_PROXY_CACHE_RESPONSE;
1338 pub const KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE: ::ULONG = 0x1;
1339 STRUCT!{struct KERB_S4U2PROXY_CACHE_ENTRY_INFO {
1340     ServerName: ::UNICODE_STRING,
1341     Flags: ::ULONG,
1342     LastStatus: ::NTSTATUS,
1343     Expiry: ::LARGE_INTEGER,
1344 }}
1345 pub type PKERB_S4U2PROXY_CACHE_ENTRY_INFO = *mut KERB_S4U2PROXY_CACHE_ENTRY_INFO;
1346 pub const KERB_S4U2PROXY_CRED_FLAG_NEGATIVE: ::ULONG = 0x1;
1347 STRUCT!{struct KERB_S4U2PROXY_CRED {
1348     UserName: ::UNICODE_STRING,
1349     DomainName: ::UNICODE_STRING,
1350     Flags: ::ULONG,
1351     LastStatus: ::NTSTATUS,
1352     Expiry: ::LARGE_INTEGER,
1353     CountOfEntries: ::ULONG,
1354     Entries: PKERB_S4U2PROXY_CACHE_ENTRY_INFO,
1355 }}
1356 pub type PKERB_S4U2PROXY_CRED = *mut KERB_S4U2PROXY_CRED;
1357 STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_REQUEST {
1358     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1359     Flags: ::ULONG,
1360     LogonId: ::LUID,
1361 }}
1362 pub type PKERB_QUERY_S4U2PROXY_CACHE_REQUEST = *mut KERB_QUERY_S4U2PROXY_CACHE_REQUEST;
1363 STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_RESPONSE {
1364     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1365     CountOfCreds: ::ULONG,
1366     Creds: PKERB_S4U2PROXY_CRED,
1367 }}
1368 pub type PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE = *mut KERB_QUERY_S4U2PROXY_CACHE_RESPONSE;
1369 STRUCT!{struct KERB_CHANGEPASSWORD_REQUEST {
1370     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1371     DomainName: ::UNICODE_STRING,
1372     AccountName: ::UNICODE_STRING,
1373     OldPassword: ::UNICODE_STRING,
1374     NewPassword: ::UNICODE_STRING,
1375     Impersonating: ::BOOLEAN,
1376 }}
1377 pub type PKERB_CHANGEPASSWORD_REQUEST = *mut KERB_CHANGEPASSWORD_REQUEST;
1378 STRUCT!{struct KERB_SETPASSWORD_REQUEST {
1379     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1380     LogonId: ::LUID,
1381     CredentialsHandle: ::SecHandle,
1382     Flags: ::ULONG,
1383     DomainName: ::UNICODE_STRING,
1384     AccountName: ::UNICODE_STRING,
1385     Password: ::UNICODE_STRING,
1386 }}
1387 pub type PKERB_SETPASSWORD_REQUEST = *mut KERB_SETPASSWORD_REQUEST;
1388 STRUCT!{struct KERB_SETPASSWORD_EX_REQUEST {
1389     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1390     LogonId: ::LUID,
1391     CredentialsHandle: ::SecHandle,
1392     Flags: ::ULONG,
1393     AccountRealm: ::UNICODE_STRING,
1394     AccountName: ::UNICODE_STRING,
1395     Password: ::UNICODE_STRING,
1396     ClientRealm: ::UNICODE_STRING,
1397     ClientName: ::UNICODE_STRING,
1398     Impersonating: ::BOOLEAN,
1399     KdcAddress: ::UNICODE_STRING,
1400     KdcAddressType: ::ULONG,
1401 }}
1402 pub type PKERB_SETPASSWORD_EX_REQUEST = *mut KERB_SETPASSWORD_EX_REQUEST;
1403 pub const DS_UNKNOWN_ADDRESS_TYPE: ::ULONG = 0;
1404 pub const KERB_SETPASS_USE_LOGONID: ::ULONG = 1;
1405 pub const KERB_SETPASS_USE_CREDHANDLE: ::ULONG = 2;
1406 STRUCT!{struct KERB_DECRYPT_REQUEST {
1407     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1408     LogonId: ::LUID,
1409     Flags: ::ULONG,
1410     CryptoType: ::LONG,
1411     KeyUsage: ::LONG,
1412     Key: KERB_CRYPTO_KEY,
1413     EncryptedDataSize: ::ULONG,
1414     InitialVectorSize: ::ULONG,
1415     InitialVector: ::PUCHAR,
1416     EncryptedData: ::PUCHAR,
1417 }}
1418 pub type PKERB_DECRYPT_REQUEST = *mut KERB_DECRYPT_REQUEST;
1419 pub const KERB_DECRYPT_FLAG_DEFAULT_KEY: ::ULONG = 0x00000001;
1420 STRUCT!{struct KERB_DECRYPT_RESPONSE {
1421     DecryptedData: [::UCHAR; ::ANYSIZE_ARRAY],
1422 }}
1423 pub type PKERB_DECRYPT_RESPONSE = *mut KERB_DECRYPT_RESPONSE;
1424 STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_REQUEST {
1425     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1426     RealmName: ::UNICODE_STRING,
1427     KdcAddress: ::UNICODE_STRING,
1428     AddressType: ::ULONG,
1429 }}
1430 pub type PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_REQUEST;
1431 STRUCT!{struct KERB_REFRESH_SCCRED_REQUEST {
1432     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1433     CredentialBlob: ::UNICODE_STRING,
1434     LogonId: ::LUID,
1435     Flags: ::ULONG,
1436 }}
1437 pub type PKERB_REFRESH_SCCRED_REQUEST = *mut KERB_REFRESH_SCCRED_REQUEST;
1438 pub const KERB_REFRESH_SCCRED_RELEASE: ::ULONG = 0x0;
1439 pub const KERB_REFRESH_SCCRED_GETTGT: ::ULONG = 0x1;
1440 STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST {
1441     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1442     UserName: ::UNICODE_STRING,
1443     DomainName: ::UNICODE_STRING,
1444     Password: ::UNICODE_STRING,
1445     LogonId: ::LUID,
1446     Flags: ::ULONG,
1447 }}
1448 pub type PKERB_ADD_CREDENTIALS_REQUEST = *mut KERB_ADD_CREDENTIALS_REQUEST;
1449 pub const KERB_REQUEST_ADD_CREDENTIAL: ::ULONG = 1;
1450 pub const KERB_REQUEST_REPLACE_CREDENTIAL: ::ULONG = 2;
1451 pub const KERB_REQUEST_REMOVE_CREDENTIAL: ::ULONG = 4;
1452 STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST_EX {
1453     Credentials: KERB_ADD_CREDENTIALS_REQUEST,
1454     PrincipalNameCount: ::ULONG,
1455     PrincipalNames: [::UNICODE_STRING; ::ANYSIZE_ARRAY],
1456 }}
1457 pub type PKERB_ADD_CREDENTIALS_REQUEST_EX = *mut KERB_ADD_CREDENTIALS_REQUEST_EX;
1458 STRUCT!{struct KERB_TRANSFER_CRED_REQUEST {
1459     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1460     OriginLogonId: ::LUID,
1461     DestinationLogonId: ::LUID,
1462     Flags: ::ULONG,
1463 }}
1464 pub type PKERB_TRANSFER_CRED_REQUEST = *mut KERB_TRANSFER_CRED_REQUEST;
1465 pub const KERB_TRANSFER_CRED_WITH_TICKETS: ::ULONG = 0x1;
1466 pub const KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS: ::ULONG = 0x2;
1467 STRUCT!{struct KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST {
1468     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1469     LogonId: ::LUID,
1470 }}
1471 pub type PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST =
1472     *mut KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST;
1473 STRUCT!{struct KERB_BINDING_CACHE_ENTRY_DATA {
1474     DiscoveryTime: ::ULONG64,
1475     RealmName: ::UNICODE_STRING,
1476     KdcAddress: ::UNICODE_STRING,
1477     AddressType: ::ULONG,
1478     Flags: ::ULONG,
1479     DcFlags: ::ULONG,
1480     CacheFlags: ::ULONG,
1481     KdcName: ::UNICODE_STRING,
1482 }}
1483 pub type PKERB_BINDING_CACHE_ENTRY_DATA = *mut KERB_BINDING_CACHE_ENTRY_DATA;
1484 STRUCT!{struct KERB_QUERY_BINDING_CACHE_RESPONSE {
1485     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1486     CountOfEntries: ::ULONG,
1487     Entries: PKERB_BINDING_CACHE_ENTRY_DATA,
1488 }}
1489 pub type PKERB_QUERY_BINDING_CACHE_RESPONSE = *mut KERB_QUERY_BINDING_CACHE_RESPONSE;
1490 STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST {
1491     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1492     RealmName: ::UNICODE_STRING,
1493     KdcAddress: ::UNICODE_STRING,
1494     AddressType: ::ULONG,
1495     DcFlags: ::ULONG,
1496 }}
1497 pub type PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST;
1498 STRUCT!{struct KERB_QUERY_BINDING_CACHE_REQUEST {
1499     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1500 }}
1501 pub type PKERB_QUERY_BINDING_CACHE_REQUEST = *mut KERB_QUERY_BINDING_CACHE_REQUEST;
1502 STRUCT!{struct KERB_PURGE_BINDING_CACHE_REQUEST {
1503     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1504 }}
1505 pub type PKERB_PURGE_BINDING_CACHE_REQUEST = *mut KERB_PURGE_BINDING_CACHE_REQUEST;
1506 STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST {
1507     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1508     Flags: ::ULONG,
1509     DomainName: ::UNICODE_STRING,
1510 }}
1511 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST =
1512     *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST;
1513 STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE {
1514     MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1515     Flags: ::ULONG,
1516     ExtendedPolicies: ::ULONG,
1517     DsFlags: ::ULONG,
1518 }}
1519 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE =
1520     *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE;
1521 ENUM!{enum KERB_CERTIFICATE_INFO_TYPE {
1522     CertHashInfo = 1,
1523 }}
1524 pub type PKERB_CERTIFICATE_INFO_TYPE = *mut KERB_CERTIFICATE_INFO_TYPE;
1525 STRUCT!{struct KERB_CERTIFICATE_HASHINFO {
1526     StoreNameLength: ::USHORT,
1527     HashLength: ::USHORT,
1528 }}
1529 pub type PKERB_CERTIFICATE_HASHINFO = *mut KERB_CERTIFICATE_HASHINFO;
1530 STRUCT!{struct KERB_CERTIFICATE_INFO {
1531     CertInfoSize: ::ULONG,
1532     InfoType: ::ULONG,
1533 }}
1534 pub type PKERB_CERTIFICATE_INFO = *mut KERB_CERTIFICATE_INFO;
1535 STRUCT!{struct POLICY_AUDIT_SID_ARRAY {
1536     UsersCount: ::ULONG,
1537     UserSidArray: *mut ::PSID,
1538 }}
1539 pub type PPOLICY_AUDIT_SID_ARRAY = *mut POLICY_AUDIT_SID_ARRAY;
1540 STRUCT!{struct AUDIT_POLICY_INFORMATION {
1541     AuditSubCategoryGuid: ::GUID,
1542     AuditingInformation: ::ULONG,
1543     AuditCategoryGuid: ::GUID,
1544 }}
1545 pub type PAUDIT_POLICY_INFORMATION = *mut AUDIT_POLICY_INFORMATION;
1546 pub type LPAUDIT_POLICY_INFORMATION = PAUDIT_POLICY_INFORMATION;
1547 pub type PCAUDIT_POLICY_INFORMATION = *const AUDIT_POLICY_INFORMATION;
1548 pub const AUDIT_SET_SYSTEM_POLICY: ::ULONG = 0x0001;
1549 pub const AUDIT_QUERY_SYSTEM_POLICY: ::ULONG = 0x0002;
1550 pub const AUDIT_SET_USER_POLICY: ::ULONG = 0x0004;
1551 pub const AUDIT_QUERY_USER_POLICY: ::ULONG = 0x0008;
1552 pub const AUDIT_ENUMERATE_USERS: ::ULONG = 0x0010;
1553 pub const AUDIT_SET_MISC_POLICY: ::ULONG = 0x0020;
1554 pub const AUDIT_QUERY_MISC_POLICY: ::ULONG = 0x0040;
1555 pub const AUDIT_GENERIC_ALL: ::ULONG = ::STANDARD_RIGHTS_REQUIRED | AUDIT_SET_SYSTEM_POLICY
1556     | AUDIT_QUERY_SYSTEM_POLICY | AUDIT_SET_USER_POLICY | AUDIT_QUERY_USER_POLICY
1557     | AUDIT_ENUMERATE_USERS | AUDIT_SET_MISC_POLICY | AUDIT_QUERY_MISC_POLICY;
1558 pub const AUDIT_GENERIC_READ: ::ULONG = ::STANDARD_RIGHTS_READ | AUDIT_QUERY_SYSTEM_POLICY
1559     | AUDIT_QUERY_USER_POLICY | AUDIT_ENUMERATE_USERS | AUDIT_QUERY_MISC_POLICY;
1560 pub const AUDIT_GENERIC_WRITE: ::ULONG = ::STANDARD_RIGHTS_WRITE | AUDIT_SET_USER_POLICY
1561     | AUDIT_SET_MISC_POLICY | AUDIT_SET_SYSTEM_POLICY;
1562 pub const AUDIT_GENERIC_EXECUTE: ::ULONG = ::STANDARD_RIGHTS_EXECUTE;
1563 STRUCT!{struct PKU2U_CERT_BLOB {
1564     CertOffset: ::ULONG,
1565     CertLength: ::USHORT,
1566 }}
1567 pub type PPKU2U_CERT_BLOB = *mut PKU2U_CERT_BLOB;
1568 pub const PKU2U_CREDUI_CONTEXT_VERSION: ::ULONG64 = 0x4154414454524543;
1569 STRUCT!{struct PKU2U_CREDUI_CONTEXT {
1570     Version: ::ULONG64,
1571     cbHeaderLength: ::USHORT,
1572     cbStructureLength: ::ULONG,
1573     CertArrayCount: ::USHORT,
1574     CertArrayOffset: ::ULONG,
1575 }}
1576 pub type PPKU2U_CREDUI_CONTEXT = *mut PKU2U_CREDUI_CONTEXT;
1577 ENUM!{enum PKU2U_LOGON_SUBMIT_TYPE {
1578     Pku2uCertificateS4ULogon = 14,
1579 }}
1580 pub type PPKU2U_LOGON_SUBMIT_TYPE = *mut PKU2U_LOGON_SUBMIT_TYPE;
1581 STRUCT!{struct PKU2U_CERTIFICATE_S4U_LOGON {
1582     MessageType: PKU2U_LOGON_SUBMIT_TYPE,
1583     Flags: ::ULONG,
1584     UserPrincipalName: ::UNICODE_STRING,
1585     DomainName: ::UNICODE_STRING,
1586     CertificateLength: ::ULONG,
1587     Certificate: ::PUCHAR,
1588 }}
1589 pub type PPKU2U_CERTIFICATE_S4U_LOGON = *mut PKU2U_CERTIFICATE_S4U_LOGON;
1590