xref: /reactos/sdk/include/psdk/ntsecapi.h (revision 8a978a17)
1 #ifndef _NTSECAPI_H
2 #define _NTSECAPI_H
3 
4 #ifdef __cplusplus
5 extern "C" {
6 #endif
7 #define KERB_WRAP_NO_ENCRYPT 0x80000001
8 #define LOGON_GUEST 1
9 #define LOGON_NOENCRYPTION 2
10 #define LOGON_CACHED_ACCOUNT 4
11 #define LOGON_USED_LM_PASSWORD 8
12 #define LOGON_EXTRA_SIDS 32
13 #define LOGON_SUBAUTH_SESSION_KEY 64
14 #define LOGON_SERVER_TRUST_ACCOUNT 128
15 #define LOGON_NTLMV2_ENABLED 256
16 #define LOGON_RESOURCE_GROUPS 512
17 #define LOGON_PROFILE_PATH_RETURNED 1024
18 #define LOGON_GRACE_LOGON 16777216
19 #define LSA_MODE_PASSWORD_PROTECTED 1
20 #define LSA_MODE_INDIVIDUAL_ACCOUNTS 2
21 #define LSA_MODE_MANDATORY_ACCESS 3
22 #define LSA_MODE_LOG_FULL 4
23 #define LSA_SUCCESS(x) ((LONG)(x)>=0)
24 #define MICROSOFT_KERBEROS_NAME_A "Kerberos"
25 #define MICROSOFT_KERBEROS_NAME_W L"Kerberos"
26 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 32
27 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 2048
28 #define MSV1_0_CHALLENGE_LENGTH 8
29 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 2
30 #define MSV1_0_CRED_LM_PRESENT 1
31 #define MSV1_0_CRED_NT_PRESENT 2
32 #define MSV1_0_CRED_VERSION 0
33 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 16
34 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
35 #define MSV1_0_MAX_NTLM3_LIFE 1800
36 #define MSV1_0_MAX_AVL_SIZE 64000
37 #define MSV1_0_MNS_LOGON 16777216
38 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
39 #define MSV1_0_NTLM3_OWF_LENGTH 16
40 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE)-MSV1_0_NTLM3_RESPONSE_LENGTH)
41 #define MSV1_0_OWF_PASSWORD_LENGTH 16
42 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
43 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
44 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW)-sizeof(WCHAR)
45 #define MSV1_0_RETURN_USER_PARAMETERS 8
46 #define MSV1_0_RETURN_PASSWORD_EXPIRY 64
47 #define MSV1_0_RETURN_PROFILE_PATH 512
48 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 1048576
49 #define MSV1_0_SUBAUTHENTICATION_DLL 0xff000000
50 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
51 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
52 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
53 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xff000000
54 #define MSV1_0_SUBAUTHENTICATION_KEY "System\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
55 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
56 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 256
57 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 1024
58 #define MSV1_0_UPDATE_LOGON_STATISTICS 4
59 #define MSV1_0_USE_CLIENT_CHALLENGE 128
60 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
61 #define POLICY_VIEW_LOCAL_INFORMATION 1
62 #define POLICY_VIEW_AUDIT_INFORMATION 2
63 #define POLICY_GET_PRIVATE_INFORMATION 4
64 #define POLICY_TRUST_ADMIN 8
65 #define POLICY_CREATE_ACCOUNT 16
66 #define POLICY_CREATE_SECRET 32
67 #define POLICY_CREATE_PRIVILEGE 64
68 #define POLICY_SET_DEFAULT_QUOTA_LIMITS 128
69 #define POLICY_SET_AUDIT_REQUIREMENTS 256
70 #define POLICY_AUDIT_LOG_ADMIN 512
71 #define POLICY_SERVER_ADMIN 1024
72 #define POLICY_LOOKUP_NAMES 2048
73 #define POLICY_NOTIFICATION 4096
74 #define POLICY_READ (STANDARD_RIGHTS_READ|6)
75 #define POLICY_WRITE (STANDARD_RIGHTS_WRITE|2040)
76 #define POLICY_EXECUTE (STANDARD_RIGHTS_EXECUTE|2049)
77 #define POLICY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|4095)
78 #define POLICY_AUDIT_EVENT_UNCHANGED 0
79 #define POLICY_AUDIT_EVENT_SUCCESS 1
80 #define POLICY_AUDIT_EVENT_FAILURE 2
81 #define POLICY_AUDIT_EVENT_NONE 4
82 #define POLICY_AUDIT_EVENT_MASK 7
83 #define POLICY_LOCATION_LOCAL 1
84 #define POLICY_LOCATION_DS 2
85 #define POLICY_MACHINE_POLICY_LOCAL 0
86 #define POLICY_MACHINE_POLICY_DEFAULTED 1
87 #define POLICY_MACHINE_POLICY_EXPLICIT 2
88 #define POLICY_MACHINE_POLICY_UNKNOWN 0xFFFFFFFF
89 #define POLICY_QOS_SCHANEL_REQUIRED 1
90 #define POLICY_QOS_OUTBOUND_INTEGRITY 2
91 #define POLICY_QOS_OUTBOUND_CONFIDENTIALITY 4
92 #define POLICY_QOS_INBOUND_INTEGREITY 8
93 #define POLICY_QOS_INBOUND_CONFIDENTIALITY 16
94 #define POLICY_QOS_ALLOW_LOCAL_ROOT_CERT_STORE 32
95 #define POLICY_QOS_RAS_SERVER_ALLOWED 64
96 #define POLICY_QOS_DHCP_SERVER_ALLOWD 128
97 #define POLICY_KERBEROS_FORWARDABLE 1
98 #define POLICY_KERBEROS_PROXYABLE 2
99 #define POLICY_KERBEROS_RENEWABLE 4
100 #define POLICY_KERBEROS_POSTDATEABLE 8
101 #define SAM_PASSWORD_CHANGE_NOTIFY_ROUTINE "PasswordChangeNotify"
102 #define SAM_INIT_NOTIFICATION_ROUTINE "InitializeChangeNotify"
103 #define SAM_PASSWORD_FILTER_ROUTINE "PasswordFilter"
104 #define SE_INTERACTIVE_LOGON_NAME TEXT("SeInteractiveLogonRight")
105 #define SE_NETWORK_LOGON_NAME TEXT("SeNetworkLogonRight")
106 #define SE_BATCH_LOGON_NAME TEXT("SeBatchLogonRight")
107 #define SE_SERVICE_LOGON_NAME TEXT("SeServiceLogonRight")
108 #define SE_DENY_INTERACTIVE_LOGON_NAME TEXT("SeDenyInteractiveLogonRight")
109 #define SE_DENY_NETWORK_LOGON_NAME TEXT("SeDenyNetworkLogonRight")
110 #define SE_DENY_BATCH_LOGON_NAME TEXT("SeDenyBatchLogonRight")
111 #define SE_DENY_SERVICE_LOGON_NAME TEXT("SeDenyServiceLogonRight")
112 #define SE_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeRemoteInteractiveLogonRight")
113 #define SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeDenyRemoteInteractiveLogonRight")
114 #define TRUST_ATTRIBUTE_NON_TRANSITIVE 1
115 #define TRUST_ATTRIBUTE_UPLEVEL_ONLY 2
116 #define TRUST_ATTRIBUTE_TREE_PARENT 4194304
117 #define TRUST_ATTRIBUTES_VALID  -16580609
118 #define TRUST_AUTH_TYPE_NONE 0
119 #define TRUST_AUTH_TYPE_NT4OWF 1
120 #define TRUST_AUTH_TYPE_CLEAR 2
121 #define TRUST_DIRECTION_DISABLED 0
122 #define TRUST_DIRECTION_INBOUND 1
123 #define TRUST_DIRECTION_OUTBOUND 2
124 #define TRUST_DIRECTION_BIDIRECTIONAL 3
125 #define TRUST_TYPE_DOWNLEVEL 1
126 #define TRUST_TYPE_UPLEVEL 2
127 #define TRUST_TYPE_MIT 3
128 #define TRUST_TYPE_DCE 4
129 
130 #define SCESTATUS_SUCCESS             0L
131 #define SCESTATUS_INVALID_PARAMETER   1L
132 #define SCESTATUS_RECORD_NOT_FOUND    2L
133 #define SCESTATUS_INVALID_DATA        3L
134 #define SCESTATUS_OBJECT_EXISTS       4L
135 #define SCESTATUS_BUFFER_TOO_SMALL    5L
136 #define SCESTATUS_PROFILE_NOT_FOUND   6L
137 #define SCESTATUS_BAD_FORMAT          7L
138 #define SCESTATUS_NOT_ENOUGH_RESOURCE 8L
139 #define SCESTATUS_ACCESS_DENIED       9L
140 #define SCESTATUS_CANT_DELETE         10L
141 #define SCESTATUS_PREFIX_OVERFLOW     11L
142 #define SCESTATUS_OTHER_ERROR         12L
143 #define SCESTATUS_ALREADY_RUNNING     13L
144 #define SCESTATUS_SERVICE_NOT_SUPPORT 14L
145 #define SCESTATUS_MOD_NOT_FOUND       15L
146 #define SCESTATUS_EXCEPTION_IN_SERVER 16L
147 #define SCESTATUS_NO_TEMPLATE_GIVEN   17L
148 #define SCESTATUS_NO_MAPPING          18L
149 #define SCESTATUS_TRUST_FAIL          19L
150 
151 #if !defined(_NTDEF_) && !defined(__WINE_WINTERNL_H)
152 typedef LONG NTSTATUS, *PNTSTATUS;
153 #endif
154 
155 #if defined (_NTDEF_) || defined(__WINE_WINTERNL_H)
156 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
157 typedef STRING LSA_STRING, *PLSA_STRING;
158 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
159 
160 #else
161 
162 typedef struct _LSA_UNICODE_STRING {
163   USHORT Length;
164   USHORT MaximumLength;
165 #ifdef MIDL_PASS
166   [size_is(MaximumLength / 2), length_is(Length / 2)]
167 #endif
168   PWSTR  Buffer;
169 } LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
170 
171 typedef struct _LSA_STRING {
172   USHORT Length;
173   USHORT MaximumLength;
174   PCHAR Buffer;
175 } LSA_STRING, *PLSA_STRING;
176 
177 typedef struct _LSA_OBJECT_ATTRIBUTES {
178   ULONG Length;
179   HANDLE RootDirectory;
180   PLSA_UNICODE_STRING ObjectName;
181   ULONG Attributes;
182   PVOID SecurityDescriptor;
183   PVOID SecurityQualityOfService;
184 } LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
185 
186 typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
187 typedef LSA_STRING STRING, *PSTRING ;
188 
189 #endif
190 
191 typedef enum _KERB_LOGON_SUBMIT_TYPE
192 {
193   KerbInteractiveLogon = 2,
194   KerbS4ULogon = 12,
195   KerbTicketLogon = 10,
196   KerbTicketUnlockLogon = 11
197 } KERB_LOGON_SUBMIT_TYPE, *PKERB_LOGON_SUBMIT_TYPE;
198 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
199   MsV1_0InteractiveLogon = 2,
200   MsV1_0Lm20Logon,
201   MsV1_0NetworkLogon,
202   MsV1_0SubAuthLogon,
203   MsV1_0WorkstationUnlockLogon = 7
204 } MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
205 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
206   MsV1_0InteractiveProfile = 2,
207   MsV1_0Lm20LogonProfile,
208   MsV1_0SmartCardProfile
209 } MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
210 typedef enum {
211   MsvAvEOL,
212   MsvAvNbComputerName,
213   MsvAvNbDomainName,
214   MsvAvDnsComputerName,
215   MsvAvDnsDomainName
216 } MSV1_0_AVID;
217 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
218   MsV1_0Lm20ChallengeRequest = 0,
219   MsV1_0Lm20GetChallengeResponse,
220   MsV1_0EnumerateUsers,
221   MsV1_0GetUserInfo,
222   MsV1_0ReLogonUsers,
223   MsV1_0ChangePassword,
224   MsV1_0ChangeCachedPassword,
225   MsV1_0GenericPassthrough,
226   MsV1_0CacheLogon,
227   MsV1_0SubAuth,
228   MsV1_0DeriveCredential,
229   MsV1_0CacheLookup,
230 #if (_WIN32_WINNT >= _WIN32_WINNT_WINXP)
231   MsV1_0SetProcessOption,
232 #endif
233 } MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
234 typedef enum _POLICY_LSA_SERVER_ROLE {
235   PolicyServerRoleBackup = 2,
236   PolicyServerRolePrimary
237 } POLICY_LSA_SERVER_ROLE, *PPOLICY_LSA_SERVER_ROLE;
238 typedef enum _POLICY_SERVER_ENABLE_STATE {
239   PolicyServerEnabled = 2,
240   PolicyServerDisabled
241 } POLICY_SERVER_ENABLE_STATE, *PPOLICY_SERVER_ENABLE_STATE;
242 typedef enum _POLICY_INFORMATION_CLASS {
243   PolicyAuditLogInformation = 1,
244   PolicyAuditEventsInformation,
245   PolicyPrimaryDomainInformation,
246   PolicyPdAccountInformation,
247   PolicyAccountDomainInformation,
248   PolicyLsaServerRoleInformation,
249   PolicyReplicaSourceInformation,
250   PolicyDefaultQuotaInformation,
251   PolicyModificationInformation,
252   PolicyAuditFullSetInformation,
253   PolicyAuditFullQueryInformation,
254   PolicyDnsDomainInformation,
255   PolicyDnsDomainInformationInt,
256   PolicyLocalAccountDomainInformation,
257   PolicyLastEntry
258 } POLICY_INFORMATION_CLASS, *PPOLICY_INFORMATION_CLASS;
259 typedef enum _POLICY_AUDIT_EVENT_TYPE {
260   AuditCategorySystem,
261   AuditCategoryLogon,
262   AuditCategoryObjectAccess,
263   AuditCategoryPrivilegeUse,
264   AuditCategoryDetailedTracking,
265   AuditCategoryPolicyChange,
266   AuditCategoryAccountManagement,
267   AuditCategoryDirectoryServiceAccess,
268   AuditCategoryAccountLogon
269 } POLICY_AUDIT_EVENT_TYPE, *PPOLICY_AUDIT_EVENT_TYPE;
270 typedef enum _POLICY_DOMAIN_INFORMATION_CLASS {
271   PolicyDomainIPSecReferenceInformation = 1,
272   PolicyDomainQualityOfServiceInformation,
273   PolicyDomainEfsInformation,
274   PolicyDomainPublicKeyInformation,
275   PolicyDomainPasswordPolicyInformation,
276   PolicyDomainLockoutInformation,
277   PolicyDomainKerberosTicketInformation
278 } POLICY_DOMAIN_INFORMATION_CLASS, *PPOLICY_DOMAIN_INFORMATION_CLASS;
279 typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS {
280   PolicyNotifyAuditEventsInformation = 1,
281   PolicyNotifyAccountDomainInformation,
282   PolicyNotifyServerRoleInformation,
283   PolicyNotifyDnsDomainInformation,
284   PolicyNotifyDomainEfsInformation,
285   PolicyNotifyDomainKerberosTicketInformation,
286   PolicyNotifyMachineAccountPasswordInformation
287 } POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS;
288 typedef enum _SECURITY_LOGON_TYPE {
289   Interactive = 2,
290   Network,
291   Batch,
292   Service,
293   Proxy,
294   Unlock
295 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
296 #if (_WIN32_WINNT >= 0x0600)
297 typedef struct _LSA_LAST_INTER_LOGON_INFO {
298   LARGE_INTEGER LastSuccessfulLogon;
299   LARGE_INTEGER LastFailedLogon;
300   ULONG FailedAttemptCountSinceLastSuccessfulLogon;
301 } LSA_LAST_INTER_LOGON_INFO, *PLSA_LAST_INTER_LOGON_INFO;
302 #endif
303 typedef struct _SECURITY_LOGON_SESSION_DATA {
304   ULONG Size;
305   LUID LogonId;
306   LSA_UNICODE_STRING UserName;
307   LSA_UNICODE_STRING LogonDomain;
308   LSA_UNICODE_STRING AuthenticationPackage;
309   ULONG LogonType;
310   ULONG Session;
311   PSID Sid;
312   LARGE_INTEGER LogonTime;
313   LSA_UNICODE_STRING LogonServer;
314   LSA_UNICODE_STRING DnsDomainName;
315   LSA_UNICODE_STRING Upn;
316 #if (_WIN32_WINNT >= 0x0600)
317   ULONG UserFlags;
318   LSA_LAST_INTER_LOGON_INFO LastLogonInfo;
319   LSA_UNICODE_STRING LogonScript;
320   LSA_UNICODE_STRING ProfilePath;
321   LSA_UNICODE_STRING HomeDirectory;
322   LSA_UNICODE_STRING HomeDirectoryDrive;
323   LARGE_INTEGER LogoffTime;
324   LARGE_INTEGER KickOffTime;
325   LARGE_INTEGER PasswordLastSet;
326   LARGE_INTEGER PasswordCanChange;
327   LARGE_INTEGER PasswordMustChange;
328 #endif
329 } SECURITY_LOGON_SESSION_DATA, *PSECURITY_LOGON_SESSION_DATA;
330 typedef enum _TRUSTED_INFORMATION_CLASS {
331   TrustedDomainNameInformation = 1,
332   TrustedControllersInformation,
333   TrustedPosixOffsetInformation,
334   TrustedPasswordInformation,
335   TrustedDomainInformationBasic,
336   TrustedDomainInformationEx,
337   TrustedDomainAuthInformation,
338   TrustedDomainFullInformation,
339   TrustedDomainAuthInformationInternal,
340   TrustedDomainFullInformationInternal
341 } TRUSTED_INFORMATION_CLASS, *PTRUSTED_INFORMATION_CLASS;
342 typedef enum _LSA_FOREST_TRUST_RECORD_TYPE {
343   ForestTrustTopLevelName,
344   ForestTrustTopLevelNameEx,
345   ForestTrustDomainInfo,
346   ForestTrustRecordTypeLast = ForestTrustDomainInfo
347 } LSA_FOREST_TRUST_RECORD_TYPE;
348 typedef enum _LSA_FOREST_TRUST_COLLISION_RECORD_TYPE {
349   CollisionTdo,
350   CollisionXref,
351   CollisionOther
352 } LSA_FOREST_TRUST_COLLISION_RECORD_TYPE;
353 #ifndef _DOMAIN_PASSWORD_INFORMATION_DEFINED
354 #define _DOMAIN_PASSWORD_INFORMATION_DEFINED
355 typedef struct _DOMAIN_PASSWORD_INFORMATION {
356   USHORT MinPasswordLength;
357   USHORT PasswordHistoryLength;
358   ULONG PasswordProperties;
359   LARGE_INTEGER MaxPasswordAge;
360   LARGE_INTEGER MinPasswordAge;
361 } DOMAIN_PASSWORD_INFORMATION, *PDOMAIN_PASSWORD_INFORMATION;
362 #endif
363 typedef ULONG LSA_ENUMERATION_HANDLE, *PLSA_ENUMERATION_HANDLE;
364 typedef struct _LSA_ENUMERATION_INFORMATION {
365   PSID Sid;
366 } LSA_ENUMERATION_INFORMATION, *PLSA_ENUMERATION_INFORMATION;
367 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
368 
369 typedef struct _LSA_FOREST_TRUST_DOMAIN_INFO {
370   PSID Sid;
371   LSA_UNICODE_STRING DnsName;
372   LSA_UNICODE_STRING NetbiosName;
373 } LSA_FOREST_TRUST_DOMAIN_INFO, *PLSA_FOREST_TRUST_DOMAIN_INFO;
374 typedef struct _LSA_FOREST_TRUST_BINARY_DATA {
375   ULONG Length;
376   PUCHAR Buffer;
377 } LSA_FOREST_TRUST_BINARY_DATA, *PLSA_FOREST_TRUST_BINARY_DATA;
378 typedef struct _LSA_FOREST_TRUST_RECORD {
379   ULONG Flags;
380   LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType;
381   LARGE_INTEGER Time;
382   union {
383     LSA_UNICODE_STRING TopLevelName;
384     LSA_FOREST_TRUST_DOMAIN_INFO DomainInfo;
385     LSA_FOREST_TRUST_BINARY_DATA Data;
386   } ForestTrustData;
387 } LSA_FOREST_TRUST_RECORD, *PLSA_FOREST_TRUST_RECORD;
388 typedef struct _LSA_FOREST_TRUST_INFORMATION {
389   ULONG RecordCount;
390   PLSA_FOREST_TRUST_RECORD *Entries;
391 } LSA_FOREST_TRUST_INFORMATION, *PLSA_FOREST_TRUST_INFORMATION;
392 typedef struct _LSA_FOREST_TRUST_COLLISION_RECORD {
393   ULONG Index;
394   LSA_FOREST_TRUST_COLLISION_RECORD_TYPE Type;
395   ULONG Flags;
396   LSA_UNICODE_STRING Name;
397 } LSA_FOREST_TRUST_COLLISION_RECORD, *PLSA_FOREST_TRUST_COLLISION_RECORD;
398 typedef struct _LSA_FOREST_TRUST_COLLISION_INFORMATION {
399   ULONG RecordCount;
400   PLSA_FOREST_TRUST_COLLISION_RECORD *Entries;
401 } LSA_FOREST_TRUST_COLLISION_INFORMATION, *PLSA_FOREST_TRUST_COLLISION_INFORMATION;
402 typedef struct _LSA_TRUST_INFORMATION {
403   LSA_UNICODE_STRING Name;
404   PSID Sid;
405 } LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION;
406 typedef struct _LSA_REFERENCED_DOMAIN_LIST {
407   ULONG Entries;
408   PLSA_TRUST_INFORMATION Domains;
409 } LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST;
410 typedef struct _LSA_TRANSLATED_SID {
411   SID_NAME_USE Use;
412   ULONG RelativeId;
413   LONG DomainIndex;
414 } LSA_TRANSLATED_SID, *PLSA_TRANSLATED_SID;
415 typedef struct _LSA_TRANSLATED_SID2 {
416   SID_NAME_USE Use;
417   PSID Sid;
418   LONG DomainIndex;
419   ULONG Flags;
420 } LSA_TRANSLATED_SID2, *PLSA_TRANSLATED_SID2;
421 typedef struct _LSA_TRANSLATED_NAME {
422   SID_NAME_USE Use;
423   LSA_UNICODE_STRING Name;
424   LONG DomainIndex;
425 } LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME;
426 
427 typedef struct _KERB_INTERACTIVE_LOGON {
428   KERB_LOGON_SUBMIT_TYPE MessageType;
429   UNICODE_STRING LogonDomainName;
430   UNICODE_STRING UserName;
431   UNICODE_STRING Password;
432 } KERB_INTERACTIVE_LOGON, *PKERB_INTERACTIVE_LOGON;
433 typedef struct _MSV1_0_INTERACTIVE_LOGON {
434   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
435   UNICODE_STRING LogonDomainName;
436   UNICODE_STRING UserName;
437   UNICODE_STRING Password;
438 } MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
439 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
440   MSV1_0_PROFILE_BUFFER_TYPE MessageType;
441   USHORT LogonCount;
442   USHORT BadPasswordCount;
443   LARGE_INTEGER LogonTime;
444   LARGE_INTEGER LogoffTime;
445   LARGE_INTEGER KickOffTime;
446   LARGE_INTEGER PasswordLastSet;
447   LARGE_INTEGER PasswordCanChange;
448   LARGE_INTEGER PasswordMustChange;
449   UNICODE_STRING LogonScript;
450   UNICODE_STRING HomeDirectory;
451   UNICODE_STRING FullName;
452   UNICODE_STRING ProfilePath;
453   UNICODE_STRING HomeDirectoryDrive;
454   UNICODE_STRING LogonServer;
455   ULONG UserFlags;
456 } MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
457 typedef struct _MSV1_0_LM20_LOGON {
458   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
459   UNICODE_STRING LogonDomainName;
460   UNICODE_STRING UserName;
461   UNICODE_STRING Workstation;
462   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
463   STRING CaseSensitiveChallengeResponse;
464   STRING CaseInsensitiveChallengeResponse;
465   ULONG ParameterControl;
466 } MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
467 typedef struct _MSV1_0_SUBAUTH_LOGON{ /* W2K only */
468   MSV1_0_LOGON_SUBMIT_TYPE MessageType;
469   UNICODE_STRING LogonDomainName;
470   UNICODE_STRING UserName;
471   UNICODE_STRING Workstation;
472   UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
473   STRING AuthenticationInfo1;
474   STRING AuthenticationInfo2;
475   ULONG ParameterControl;
476   ULONG SubAuthPackageId;
477 } MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
478 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
479   MSV1_0_PROFILE_BUFFER_TYPE MessageType;
480   LARGE_INTEGER KickOffTime;
481   LARGE_INTEGER LogoffTime;
482   ULONG UserFlags;
483   UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
484   UNICODE_STRING LogonDomainName;
485   UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
486   UNICODE_STRING LogonServer;
487   UNICODE_STRING UserParameters;
488 } MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
489 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
490   ULONG Version;
491   ULONG Flags;
492   UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
493   UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
494 } MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
495 typedef struct _MSV1_0_NTLM3_RESPONSE {
496   UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
497   UCHAR RespType;
498   UCHAR HiRespType;
499   USHORT Flags;
500   ULONG MsgWord;
501   ULONGLONG TimeStamp;
502   UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
503   ULONG AvPairsOff;
504   UCHAR Buffer[1];
505 } MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
506 typedef struct  _MSV1_0_AV_PAIR {
507   USHORT AvId;
508   USHORT AvLen;
509 } MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
510 typedef struct _MSV1_0_CHANGEPASSWORD_REQUEST {
511   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
512   UNICODE_STRING DomainName;
513   UNICODE_STRING AccountName;
514   UNICODE_STRING OldPassword;
515   UNICODE_STRING NewPassword;
516   BOOLEAN Impersonating;
517 } MSV1_0_CHANGEPASSWORD_REQUEST, *PMSV1_0_CHANGEPASSWORD_REQUEST;
518 typedef struct _MSV1_0_CHANGEPASSWORD_RESPONSE {
519   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
520   BOOLEAN PasswordInfoValid;
521   DOMAIN_PASSWORD_INFORMATION DomainPasswordInfo;
522 } MSV1_0_CHANGEPASSWORD_RESPONSE, *PMSV1_0_CHANGEPASSWORD_RESPONSE;
523 typedef struct _MSV1_0_SUBAUTH_REQUEST{
524   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
525   ULONG SubAuthPackageId;
526   ULONG SubAuthInfoLength;
527   PUCHAR SubAuthSubmitBuffer;
528 } MSV1_0_SUBAUTH_REQUEST, *PMSV1_0_SUBAUTH_REQUEST;
529 typedef struct _MSV1_0_SUBAUTH_RESPONSE{
530   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
531   ULONG SubAuthInfoLength;
532   PUCHAR SubAuthReturnBuffer;
533 } MSV1_0_SUBAUTH_RESPONSE, *PMSV1_0_SUBAUTH_RESPONSE;
534 #define MSV1_0_DERIVECRED_TYPE_SHA1 0
535 typedef struct _MSV1_0_DERIVECRED_REQUEST {
536   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
537   LUID LogonId;
538   ULONG DeriveCredType;
539   ULONG DeriveCredInfoLength;
540   UCHAR DeriveCredSubmitBuffer[1];
541 } MSV1_0_DERIVECRED_REQUEST, *PMSV1_0_DERIVECRED_REQUEST;
542 typedef struct _MSV1_0_DERIVECRED_RESPONSE {
543   MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
544   ULONG DeriveCredInfoLength;
545   UCHAR DeriveCredReturnBuffer[1];
546 } MSV1_0_DERIVECRED_RESPONSE, *PMSV1_0_DERIVECRED_RESPONSE;
547 typedef ULONG POLICY_AUDIT_EVENT_OPTIONS, *PPOLICY_AUDIT_EVENT_OPTIONS;
548 typedef struct _POLICY_PRIVILEGE_DEFINITION {
549   LSA_UNICODE_STRING Name;
550   LUID LocalValue;
551 } POLICY_PRIVILEGE_DEFINITION, *PPOLICY_PRIVILEGE_DEFINITION;
552 typedef struct _POLICY_AUDIT_LOG_INFO {
553   ULONG AuditLogPercentFull;
554   ULONG MaximumLogSize;
555   LARGE_INTEGER AuditRetentionPeriod;
556   BOOLEAN AuditLogFullShutdownInProgress;
557   LARGE_INTEGER TimeToShutdown;
558   ULONG NextAuditRecordId;
559 } POLICY_AUDIT_LOG_INFO, *PPOLICY_AUDIT_LOG_INFO;
560 typedef struct _POLICY_AUDIT_EVENTS_INFO {
561   BOOLEAN AuditingMode;
562   PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions;
563   ULONG MaximumAuditEventCount;
564 } POLICY_AUDIT_EVENTS_INFO, *PPOLICY_AUDIT_EVENTS_INFO;
565 typedef struct _POLICY_ACCOUNT_DOMAIN_INFO {
566   LSA_UNICODE_STRING DomainName;
567   PSID DomainSid;
568 } POLICY_ACCOUNT_DOMAIN_INFO, *PPOLICY_ACCOUNT_DOMAIN_INFO;
569 typedef struct _POLICY_PRIMARY_DOMAIN_INFO {
570   LSA_UNICODE_STRING Name;
571   PSID Sid;
572 } POLICY_PRIMARY_DOMAIN_INFO, *PPOLICY_PRIMARY_DOMAIN_INFO;
573 typedef struct _POLICY_DNS_DOMAIN_INFO {
574   LSA_UNICODE_STRING Name;
575   LSA_UNICODE_STRING DnsDomainName;
576   LSA_UNICODE_STRING DnsForestName;
577   GUID DomainGuid;
578   PSID Sid;
579 } POLICY_DNS_DOMAIN_INFO, *PPOLICY_DNS_DOMAIN_INFO;
580 typedef struct _POLICY_PD_ACCOUNT_INFO {
581   LSA_UNICODE_STRING Name;
582 } POLICY_PD_ACCOUNT_INFO, *PPOLICY_PD_ACCOUNT_INFO;
583 typedef struct _POLICY_LSA_SERVER_ROLE_INFO {
584   POLICY_LSA_SERVER_ROLE LsaServerRole;
585 } POLICY_LSA_SERVER_ROLE_INFO, *PPOLICY_LSA_SERVER_ROLE_INFO;
586 typedef struct _POLICY_REPLICA_SOURCE_INFO {
587   LSA_UNICODE_STRING ReplicaSource;
588   LSA_UNICODE_STRING ReplicaAccountName;
589 } POLICY_REPLICA_SOURCE_INFO, *PPOLICY_REPLICA_SOURCE_INFO;
590 typedef struct _POLICY_DEFAULT_QUOTA_INFO {
591   QUOTA_LIMITS QuotaLimits;
592 } POLICY_DEFAULT_QUOTA_INFO, *PPOLICY_DEFAULT_QUOTA_INFO;
593 typedef struct _POLICY_MODIFICATION_INFO {
594   LARGE_INTEGER ModifiedId;
595   LARGE_INTEGER DatabaseCreationTime;
596 } POLICY_MODIFICATION_INFO, *PPOLICY_MODIFICATION_INFO;
597 typedef struct _POLICY_AUDIT_FULL_SET_INFO {
598   BOOLEAN ShutDownOnFull;
599 } POLICY_AUDIT_FULL_SET_INFO, *PPOLICY_AUDIT_FULL_SET_INFO;
600 typedef struct _POLICY_AUDIT_FULL_QUERY_INFO {
601   BOOLEAN ShutDownOnFull;
602   BOOLEAN LogIsFull;
603 } POLICY_AUDIT_FULL_QUERY_INFO, *PPOLICY_AUDIT_FULL_QUERY_INFO;
604 typedef struct _POLICY_EFS_INFO {
605   ULONG InfoLength;
606   PUCHAR EfsBlob;
607 } POLICY_EFS_INFO, *PPOLICY_EFS_INFO;
608 typedef struct _POLICY_LOCAL_IPSEC_REFERENCE_INFO {
609   LSA_UNICODE_STRING ObjectPath;
610 } POLICY_LOCAL_IPSEC_REFERENCE_INFO, *PPOLICY_LOCAL_IPSEC_REFERENCE_INFO;
611 typedef struct _POLICY_LOCAL_MACHINE_PASSWORD_INFO {
612   LARGE_INTEGER PasswordChangeInterval;
613 } POLICY_LOCAL_MACHINE_PASSWORD_INFO, *PPOLICY_LOCAL_MACHINE_PASSWORD_INFO;
614 typedef struct _POLICY_LOCAL_POLICY_LOCATION_INFO {
615   ULONG PolicyLocation;
616 } POLICY_LOCAL_POLICY_LOCATION_INFO, *PPOLICY_LOCAL_POLICY_LOCATION_INFO;
617 typedef struct _POLICY_LOCAL_QUALITY_OF_SERVICE_INFO {
618   ULONG QualityOfService;
619 } POLICY_LOCAL_QUALITY_OF_SERVICE_INFO, *PPOLICY_LOCAL_QUALITY_OF_SERVICE_INFO;
620 typedef struct _POLICY_LOCAL_QUALITY_OF_SERVICE_INFO POLICY_DOMAIN_QUALITY_OF_SERVICE_INFO;
621 typedef struct _POLICY_LOCAL_QUALITY_OF_SERVICE_INFO *PPOLICY_DOMAIN_QUALITY_OF_SERVICE_INFO;
622 typedef struct _POLICY_DOMAIN_PUBLIC_KEY_INFO {
623   ULONG InfoLength;
624   PUCHAR PublicKeyInfo;
625 } POLICY_DOMAIN_PUBLIC_KEY_INFO, *PPOLICY_DOMAIN_PUBLIC_KEY_INFO;
626 typedef struct _POLICY_DOMAIN_LOCKOUT_INFO {
627   LARGE_INTEGER LockoutDuration;
628   LARGE_INTEGER LockoutObservationWindow;
629   USHORT LockoutThreshold;
630 } POLICY_DOMAIN_LOCKOUT_INFO, *PPOLICY_DOMAIN_LOCKOUT_INFO;
631 typedef struct _POLICY_DOMAIN_PASSWORD_INFO {
632   USHORT MinPasswordLength;
633   USHORT PasswordHistoryLength;
634   ULONG PasswordProperties;
635   LARGE_INTEGER MaxPasswordAge;
636   LARGE_INTEGER MinPasswordAge;
637 } POLICY_DOMAIN_PASSWORD_INFO, *PPOLICY_DOMAIN_PASSWORD_INFO;
638 typedef struct _POLICY_DOMAIN_KERBEROS_TICKET_INFO {
639   ULONG AuthenticationOptions;
640   LARGE_INTEGER MinTicketAge;
641   LARGE_INTEGER MaxTicketAge;
642   LARGE_INTEGER MaxRenewAge;
643   LARGE_INTEGER ProxyLifetime;
644   LARGE_INTEGER ForceLogoff;
645 } POLICY_DOMAIN_KERBEROS_TICKET_INFO, *PPOLICY_DOMAIN_KERBEROS_TICKET_INFO;
646 typedef PVOID LSA_HANDLE, *PLSA_HANDLE;
647 typedef struct _TRUSTED_DOMAIN_NAME_INFO {
648   LSA_UNICODE_STRING Name;
649 } TRUSTED_DOMAIN_NAME_INFO, *PTRUSTED_DOMAIN_NAME_INFO;
650 typedef struct _TRUSTED_CONTROLLERS_INFO {
651   ULONG Entries;
652   PLSA_UNICODE_STRING Names;
653 } TRUSTED_CONTROLLERS_INFO, *PTRUSTED_CONTROLLERS_INFO;
654 typedef struct _TRUSTED_POSIX_OFFSET_INFO {
655   ULONG Offset;
656 } TRUSTED_POSIX_OFFSET_INFO, *PTRUSTED_POSIX_OFFSET_INFO;
657 typedef struct _TRUSTED_PASSWORD_INFO {
658   LSA_UNICODE_STRING Password;
659   LSA_UNICODE_STRING OldPassword;
660 } TRUSTED_PASSWORD_INFO, *PTRUSTED_PASSWORD_INFO;
661 typedef  LSA_TRUST_INFORMATION TRUSTED_DOMAIN_INFORMATION_BASIC;
662 typedef PLSA_TRUST_INFORMATION *PTRUSTED_DOMAIN_INFORMATION_BASIC;
663 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX {
664   LSA_UNICODE_STRING Name;
665   LSA_UNICODE_STRING FlatName;
666   PSID Sid;
667   ULONG TrustDirection;
668   ULONG TrustType;
669   ULONG TrustAttributes;
670 } TRUSTED_DOMAIN_INFORMATION_EX, *PTRUSTED_DOMAIN_INFORMATION_EX;
671 typedef struct _LSA_AUTH_INFORMATION {
672   LARGE_INTEGER LastUpdateTime;
673   ULONG AuthType;
674   ULONG AuthInfoLength;
675   PUCHAR AuthInfo;
676 } LSA_AUTH_INFORMATION, *PLSA_AUTH_INFORMATION;
677 typedef struct _TRUSTED_DOMAIN_AUTH_INFORMATION {
678   ULONG IncomingAuthInfos;
679   PLSA_AUTH_INFORMATION IncomingAuthenticationInformation;
680   PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation;
681   ULONG OutgoingAuthInfos;
682   PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation;
683   PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation;
684 } TRUSTED_DOMAIN_AUTH_INFORMATION, *PTRUSTED_DOMAIN_AUTH_INFORMATION;
685 typedef struct _TRUSTED_DOMAIN_FULL_INFORMATION {
686   TRUSTED_DOMAIN_INFORMATION_EX Information;
687   TRUSTED_POSIX_OFFSET_INFO PosixOffset;
688   TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation;
689 } TRUSTED_DOMAIN_FULL_INFORMATION, *PTRUSTED_DOMAIN_FULL_INFORMATION;
690 
691 #define RtlGenRandom                    SystemFunction036
692 #define RtlEncryptMemory                SystemFunction040
693 #define RtlDecryptMemory                SystemFunction041
694 
695 BOOLEAN WINAPI RtlGenRandom(PVOID,ULONG);
696 NTSTATUS WINAPI RtlEncryptMemory(PVOID Memory, ULONG MemorySize, ULONG OptionFlags);
697 NTSTATUS WINAPI RtlDecryptMemory(PVOID Memory, ULONG MemorySize, ULONG OptionFlags);
698 
699 #define RTL_ENCRYPT_MEMORY_SIZE           8
700 #define RTL_ENCRYPT_OPTION_SAME_PROCESS   0x00
701 #define RTL_ENCRYPT_OPTION_CROSS_PROCESS  0x01
702 #define RTL_ENCRYPT_OPTION_SAME_LOGON     0x02
703 
704 NTSTATUS NTAPI LsaAddAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING,ULONG);
705 NTSTATUS NTAPI LsaAddPrivilegesToAccount(LSA_HANDLE, PPRIVILEGE_SET);
706 NTSTATUS NTAPI LsaCallAuthenticationPackage(HANDLE,ULONG,PVOID,ULONG,PVOID*,
707                             PULONG,PNTSTATUS);
708 NTSTATUS NTAPI LsaClearAuditLog(LSA_HANDLE);
709 NTSTATUS NTAPI LsaClose(LSA_HANDLE);
710 NTSTATUS NTAPI LsaConnectUntrusted(PHANDLE);
711 NTSTATUS NTAPI LsaCreateAccount(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE);
712 NTSTATUS NTAPI LsaCreateSecret(LSA_HANDLE,PLSA_UNICODE_STRING,ACCESS_MASK,PLSA_HANDLE);
713 NTSTATUS NTAPI LsaCreateTrustedDomain(LSA_HANDLE,PLSA_TRUST_INFORMATION,
714                             ACCESS_MASK,PLSA_HANDLE);
715 NTSTATUS NTAPI LsaCreateTrustedDomainEx(LSA_HANDLE,PTRUSTED_DOMAIN_INFORMATION_EX,
716                             PTRUSTED_DOMAIN_AUTH_INFORMATION,ACCESS_MASK,PLSA_HANDLE);
717 NTSTATUS NTAPI LsaDelete(LSA_HANDLE);
718 NTSTATUS NTAPI LsaDeleteTrustedDomain(LSA_HANDLE,PSID);
719 NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE);
720 NTSTATUS NTAPI LsaEnumerateAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING*,PULONG);
721 NTSTATUS NTAPI LsaEnumerateAccounts(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,PVOID*,
722                             ULONG,PULONG);
723 NTSTATUS NTAPI LsaEnumerateAccountsWithUserRight(LSA_HANDLE,PLSA_UNICODE_STRING,
724                             PVOID*,PULONG);
725 NTSTATUS NTAPI LsaEnumerateLogonSessions(PULONG,PLUID*);
726 NTSTATUS NTAPI LsaEnumeratePrivileges(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,
727                                       PVOID*,ULONG,PULONG);
728 NTSTATUS NTAPI LsaEnumeratePrivilegesOfAccount(LSA_HANDLE,PPRIVILEGE_SET*);
729 NTSTATUS NTAPI LsaEnumerateTrustedDomains(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,
730                             PVOID*,ULONG,PULONG);
731 NTSTATUS NTAPI LsaEnumerateTrustedDomainsEx(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,
732                             PVOID*,ULONG,PULONG);
733 NTSTATUS NTAPI LsaFreeMemory(PVOID);
734 NTSTATUS NTAPI LsaFreeReturnBuffer(PVOID);
735 NTSTATUS NTAPI LsaGetLogonSessionData(PLUID,PSECURITY_LOGON_SESSION_DATA*);
736 NTSTATUS NTAPI LsaGetQuotasForAccount(LSA_HANDLE,PQUOTA_LIMITS);
737 NTSTATUS NTAPI LsaGetRemoteUserName(PLSA_UNICODE_STRING, PLSA_UNICODE_STRING*,
738                             PLSA_UNICODE_STRING*);
739 NTSTATUS NTAPI LsaGetSystemAccessAccount(LSA_HANDLE, PULONG);
740 NTSTATUS NTAPI LsaGetUserName(PUNICODE_STRING*,PUNICODE_STRING*);
741 NTSTATUS NTAPI LsaLogonUser(HANDLE,PLSA_STRING,SECURITY_LOGON_TYPE,ULONG,PVOID,
742                             ULONG,PTOKEN_GROUPS,PTOKEN_SOURCE,PVOID*,PULONG,
743                             PLUID,PHANDLE,PQUOTA_LIMITS,PNTSTATUS);
744 NTSTATUS NTAPI LsaLookupAuthenticationPackage(HANDLE,PLSA_STRING,PULONG);
745 NTSTATUS NTAPI LsaLookupNames(LSA_HANDLE,ULONG,PLSA_UNICODE_STRING,
746                             PLSA_REFERENCED_DOMAIN_LIST*,PLSA_TRANSLATED_SID*);
747 NTSTATUS NTAPI LsaLookupNames2(LSA_HANDLE,ULONG,ULONG,PLSA_UNICODE_STRING,
748                             PLSA_REFERENCED_DOMAIN_LIST*,PLSA_TRANSLATED_SID2*);
749 NTSTATUS NTAPI LsaLookupPrivilegeDisplayName(LSA_HANDLE,PLSA_UNICODE_STRING,
750                             PLSA_UNICODE_STRING*,PUSHORT);
751 NTSTATUS NTAPI LsaLookupPrivilegeName(LSA_HANDLE,PLUID,PLSA_UNICODE_STRING*);
752 NTSTATUS NTAPI LsaLookupPrivilegeValue(LSA_HANDLE,PLSA_UNICODE_STRING,PLUID);
753 NTSTATUS NTAPI LsaLookupSids(LSA_HANDLE,ULONG,PSID*,
754                             PLSA_REFERENCED_DOMAIN_LIST*,PLSA_TRANSLATED_NAME*);
755 ULONG NTAPI LsaNtStatusToWinError(NTSTATUS);
756 NTSTATUS NTAPI LsaOpenAccount(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE);
757 NTSTATUS NTAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,
758                             ACCESS_MASK,PLSA_HANDLE);
759 NTSTATUS NTAPI LsaOpenPolicySce(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,
760                             ACCESS_MASK,PLSA_HANDLE);
761 NTSTATUS NTAPI LsaOpenSecret(LSA_HANDLE, PLSA_UNICODE_STRING, ACCESS_MASK, PLSA_HANDLE);
762 NTSTATUS NTAPI LsaQuerySecurityObject(LSA_HANDLE,SECURITY_INFORMATION,PSECURITY_DESCRIPTOR*);
763 NTSTATUS NTAPI LsaOpenTrustedDomain(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE);
764 NTSTATUS NTAPI LsaOpenTrustedDomainByName(LSA_HANDLE,PLSA_UNICODE_STRING,
765                             ACCESS_MASK,PLSA_HANDLE);
766 NTSTATUS NTAPI LsaQueryDomainInformationPolicy(LSA_HANDLE,
767                             POLICY_DOMAIN_INFORMATION_CLASS,PVOID*);
768 NTSTATUS NTAPI LsaQueryInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID*);
769 NTSTATUS NTAPI LsaQuerySecret(LSA_HANDLE,PLSA_UNICODE_STRING*,PLARGE_INTEGER,
770                               PLSA_UNICODE_STRING*,PLARGE_INTEGER);
771 NTSTATUS NTAPI LsaQueryTrustedDomainInfo(LSA_HANDLE,PSID,
772                             TRUSTED_INFORMATION_CLASS,PVOID*);
773 NTSTATUS NTAPI LsaQueryTrustedDomainInfoByName(LSA_HANDLE,PLSA_UNICODE_STRING,
774                             TRUSTED_INFORMATION_CLASS,PVOID*);
775 NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING,PHANDLE,PLSA_OPERATIONAL_MODE);
776 NTSTATUS NTAPI LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS,
777                             HANDLE);
778 NTSTATUS NTAPI LsaRemoveAccountRights(LSA_HANDLE,PSID,BOOLEAN,
779                             PLSA_UNICODE_STRING,ULONG);
780 NTSTATUS NTAPI LsaRemovePrivilegesFromAccount(LSA_HANDLE,BOOLEAN,PPRIVILEGE_SET);
781 NTSTATUS NTAPI LsaRetrievePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING,
782                             PLSA_UNICODE_STRING*);
783 NTSTATUS NTAPI LsaSetDomainInformationPolicy(LSA_HANDLE,
784                             POLICY_DOMAIN_INFORMATION_CLASS,PVOID);
785 NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID);
786 NTSTATUS NTAPI LsaSetInformationTrustedDomain(LSA_HANDLE,TRUSTED_INFORMATION_CLASS,
787                             PVOID);
788 NTSTATUS NTAPI LsaSetQuotasForAccount(LSA_HANDLE,PQUOTA_LIMITS);
789 NTSTATUS NTAPI LsaSetSecret(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING);
790 NTSTATUS NTAPI LsaSetSecurityObject(LSA_HANDLE,SECURITY_INFORMATION,PSECURITY_DESCRIPTOR);
791 NTSTATUS NTAPI LsaSetSystemAccessAccount(LSA_HANDLE,ULONG);
792 NTSTATUS NTAPI LsaSetTrustedDomainInformation(LSA_HANDLE,PSID,
793                             TRUSTED_INFORMATION_CLASS,PVOID);
794 NTSTATUS NTAPI LsaSetTrustedDomainInfoByName(LSA_HANDLE,PLSA_UNICODE_STRING,
795                             TRUSTED_INFORMATION_CLASS,PVOID);
796 NTSTATUS NTAPI LsaStorePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING,
797                             PLSA_UNICODE_STRING);
798 NTSTATUS NTAPI LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS,
799                             HANDLE);
800 typedef NTSTATUS (NTAPI *PSAM_PASSWORD_NOTIFICATION_ROUTINE)(PUNICODE_STRING,
801                             ULONG,PUNICODE_STRING);
802 typedef BOOLEAN (NTAPI *PSAM_INIT_NOTIFICATION_ROUTINE)(VOID);
803 typedef BOOLEAN (NTAPI *PSAM_PASSWORD_FILTER_ROUTINE)(PUNICODE_STRING,PUNICODE_STRING,
804                             PUNICODE_STRING,BOOLEAN);
805 #ifdef __cplusplus
806 }
807 #endif
808 #endif /* _NTSECAPI_H */
809