ReactOS 0.4.16-dev-401-g45b008d
setypes.h
Go to the documentation of this file.
1/******************************************************************************
2 * Security Manager Types *
3 ******************************************************************************/
5
6/* Simple types */
9typedef $ULONG ACCESS_MASK, *PACCESS_MASK;
10
12typedef PVOID PSID;
13
14#define DELETE 0x00010000L
15#define READ_CONTROL 0x00020000L
16#define WRITE_DAC 0x00040000L
17#define WRITE_OWNER 0x00080000L
18#define SYNCHRONIZE 0x00100000L
19#define STANDARD_RIGHTS_REQUIRED 0x000F0000L
20#define STANDARD_RIGHTS_READ READ_CONTROL
21#define STANDARD_RIGHTS_WRITE READ_CONTROL
22#define STANDARD_RIGHTS_EXECUTE READ_CONTROL
23#define STANDARD_RIGHTS_ALL 0x001F0000L
24#define SPECIFIC_RIGHTS_ALL 0x0000FFFFL
25#define ACCESS_SYSTEM_SECURITY 0x01000000L
26#define MAXIMUM_ALLOWED 0x02000000L
27#define GENERIC_READ 0x80000000L
28#define GENERIC_WRITE 0x40000000L
29#define GENERIC_EXECUTE 0x20000000L
30#define GENERIC_ALL 0x10000000L
31
32typedef struct _GENERIC_MAPPING {
38
39#define ACL_REVISION 2
40#define ACL_REVISION_DS 4
41
42#define ACL_REVISION1 1
43#define ACL_REVISION2 2
44#define ACL_REVISION3 3
45#define ACL_REVISION4 4
46#define MIN_ACL_REVISION ACL_REVISION2
47#define MAX_ACL_REVISION ACL_REVISION4
48
49typedef struct _ACL {
51 $UCHAR Sbz1;
52 $USHORT AclSize;
53 $USHORT AceCount;
54 $USHORT Sbz2;
56
57/* Current security descriptor revision value */
58#define SECURITY_DESCRIPTOR_REVISION (1)
59#define SECURITY_DESCRIPTOR_REVISION1 (1)
60
61/* Privilege attributes */
62#define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x00000001L)
63#define SE_PRIVILEGE_ENABLED (0x00000002L)
64#define SE_PRIVILEGE_REMOVED (0x00000004L)
65#define SE_PRIVILEGE_USED_FOR_ACCESS (0x80000000L)
66
67#define SE_PRIVILEGE_VALID_ATTRIBUTES (SE_PRIVILEGE_ENABLED_BY_DEFAULT | \
68 SE_PRIVILEGE_ENABLED | \
69 SE_PRIVILEGE_REMOVED | \
70 SE_PRIVILEGE_USED_FOR_ACCESS)
71
72#include <pshpack4.h>
73typedef struct _LUID_AND_ATTRIBUTES {
75 $ULONG Attributes;
77#include <poppack.h>
78
81
82/* Privilege sets */
83#define PRIVILEGE_SET_ALL_NECESSARY (1)
84
85typedef struct _PRIVILEGE_SET {
87 $ULONG Control;
90
97
98#define SECURITY_MAX_IMPERSONATION_LEVEL SecurityDelegation
99#define SECURITY_MIN_IMPERSONATION_LEVEL SecurityAnonymous
100#define DEFAULT_IMPERSONATION_LEVEL SecurityImpersonation
101#define VALID_IMPERSONATION_LEVEL(Level) (((Level) >= SECURITY_MIN_IMPERSONATION_LEVEL) && ((Level) <= SECURITY_MAX_IMPERSONATION_LEVEL))
102
103#define SECURITY_DYNAMIC_TRACKING (TRUE)
104#define SECURITY_STATIC_TRACKING (FALSE)
105
107
108typedef struct _SECURITY_QUALITY_OF_SERVICE {
109 $ULONG Length;
114
121
122
123#define OWNER_SECURITY_INFORMATION (0x00000001L)
124#define GROUP_SECURITY_INFORMATION (0x00000002L)
125#define DACL_SECURITY_INFORMATION (0x00000004L)
126#define SACL_SECURITY_INFORMATION (0x00000008L)
127#define LABEL_SECURITY_INFORMATION (0x00000010L)
128
129#define PROTECTED_DACL_SECURITY_INFORMATION (0x80000000L)
130#define PROTECTED_SACL_SECURITY_INFORMATION (0x40000000L)
131#define UNPROTECTED_DACL_SECURITY_INFORMATION (0x20000000L)
132#define UNPROTECTED_SACL_SECURITY_INFORMATION (0x10000000L)
133
134/* Auto inherit ACE flags */
135#define SEF_DACL_AUTO_INHERIT 0x01
136#define SEF_SACL_AUTO_INHERIT 0x02
137#define SEF_DEFAULT_DESCRIPTOR_FOR_OBJECT 0x04
138#define SEF_AVOID_PRIVILEGE_CHECK 0x08
139#define SEF_AVOID_OWNER_CHECK 0x10
140#define SEF_DEFAULT_OWNER_FROM_PARENT 0x20
141#define SEF_DEFAULT_GROUP_FROM_PARENT 0x40
142#define SEF_MACL_NO_WRITE_UP 0x100
143#define SEF_MACL_NO_READ_UP 0x200
144#define SEF_MACL_NO_EXECUTE_UP 0x400
145#define SEF_AI_USE_EXTRA_PARAMS 0x800
146#define SEF_AVOID_OWNER_RESTRICTION 0x1000
147#define SEF_MACL_VALID_FLAGS (SEF_MACL_NO_WRITE_UP | SEF_MACL_NO_READ_UP | SEF_MACL_NO_EXECUTE_UP)
148
150
151$if (_WINNT_)
152
153/* Privilege token filtering flags */
154#define DISABLE_MAX_PRIVILEGE 0x1
155#define SANDBOX_INERT 0x2
156#if (NTDDI_VERSION >= NTDDI_LONGHORN)
157#define LUA_TOKEN 0x4
158#define WRITE_RESTRICTED 0x8
159#endif
160
162
164
165typedef enum _SECURITY_OPERATION_CODE {
166 SetSecurityDescriptor,
167 QuerySecurityDescriptor,
168 DeleteSecurityDescriptor,
169 AssignSecurityDescriptor
171
172#define INITIAL_PRIVILEGE_COUNT 3
173
179
180#define SE_MIN_WELL_KNOWN_PRIVILEGE 2
181#define SE_CREATE_TOKEN_PRIVILEGE 2
182#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE 3
183#define SE_LOCK_MEMORY_PRIVILEGE 4
184#define SE_INCREASE_QUOTA_PRIVILEGE 5
185#define SE_MACHINE_ACCOUNT_PRIVILEGE 6
186#define SE_TCB_PRIVILEGE 7
187#define SE_SECURITY_PRIVILEGE 8
188#define SE_TAKE_OWNERSHIP_PRIVILEGE 9
189#define SE_LOAD_DRIVER_PRIVILEGE 10
190#define SE_SYSTEM_PROFILE_PRIVILEGE 11
191#define SE_SYSTEMTIME_PRIVILEGE 12
192#define SE_PROF_SINGLE_PROCESS_PRIVILEGE 13
193#define SE_INC_BASE_PRIORITY_PRIVILEGE 14
194#define SE_CREATE_PAGEFILE_PRIVILEGE 15
195#define SE_CREATE_PERMANENT_PRIVILEGE 16
196#define SE_BACKUP_PRIVILEGE 17
197#define SE_RESTORE_PRIVILEGE 18
198#define SE_SHUTDOWN_PRIVILEGE 19
199#define SE_DEBUG_PRIVILEGE 20
200#define SE_AUDIT_PRIVILEGE 21
201#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE 22
202#define SE_CHANGE_NOTIFY_PRIVILEGE 23
203#define SE_REMOTE_SHUTDOWN_PRIVILEGE 24
204#define SE_UNDOCK_PRIVILEGE 25
205#define SE_SYNC_AGENT_PRIVILEGE 26
206#define SE_ENABLE_DELEGATION_PRIVILEGE 27
207#define SE_MANAGE_VOLUME_PRIVILEGE 28
208#define SE_IMPERSONATE_PRIVILEGE 29
209#define SE_CREATE_GLOBAL_PRIVILEGE 30
210#define SE_TRUSTED_CREDMAN_ACCESS_PRIVILEGE 31
211#define SE_RELABEL_PRIVILEGE 32
212#define SE_INC_WORKING_SET_PRIVILEGE 33
213#define SE_TIME_ZONE_PRIVILEGE 34
214#define SE_CREATE_SYMBOLIC_LINK_PRIVILEGE 35
215#define SE_MAX_WELL_KNOWN_PRIVILEGE SE_CREATE_SYMBOLIC_LINK_PRIVILEGE
216
223
224typedef struct _ACCESS_STATE {
237 union {
245
246typedef VOID
248 _In_ PVOID Vcb,
250
251#ifndef _NTLSA_IFS_
252
253#ifndef _NTLSA_AUDIT_
254#define _NTLSA_AUDIT_
255
256#define SE_MAX_AUDIT_PARAMETERS 32
257#define SE_MAX_GENERIC_AUDIT_PARAMETERS 28
258
259#define SE_ADT_OBJECT_ONLY 0x1
260
261#define SE_ADT_PARAMETERS_SELF_RELATIVE 0x00000001
262#define SE_ADT_PARAMETERS_SEND_TO_LSA 0x00000002
263#define SE_ADT_PARAMETER_EXTENSIBLE_AUDIT 0x00000004
264#define SE_ADT_PARAMETER_GENERIC_AUDIT 0x00000008
265#define SE_ADT_PARAMETER_WRITE_SYNCHRONOUS 0x00000010
266
267#define LSAP_SE_ADT_PARAMETER_ARRAY_TRUE_SIZE(Parameters) \
268 ( sizeof(SE_ADT_PARAMETER_ARRAY) - sizeof(SE_ADT_PARAMETER_ARRAY_ENTRY) * \
269 (SE_MAX_AUDIT_PARAMETERS - Parameters->ParameterCount) )
270
303
304typedef struct _SE_ADT_OBJECT_TYPE {
310
317
318typedef struct _SE_ADT_ACCESS_REASON {
325
336
337#endif /* !_NTLSA_AUDIT_ */
338#endif /* !_NTLSA_IFS_ */
340$if (_NTDDK_)
341#define SE_UNSOLICITED_INPUT_PRIVILEGE 6
342
345
346typedef enum _WELL_KNOWN_SID_TYPE {
347 WinNullSid = 0,
348 WinWorldSid = 1,
349 WinLocalSid = 2,
350 WinCreatorOwnerSid = 3,
351 WinCreatorGroupSid = 4,
352 WinCreatorOwnerServerSid = 5,
353 WinCreatorGroupServerSid = 6,
354 WinNtAuthoritySid = 7,
355 WinDialupSid = 8,
356 WinNetworkSid = 9,
357 WinBatchSid = 10,
358 WinInteractiveSid = 11,
359 WinServiceSid = 12,
360 WinAnonymousSid = 13,
361 WinProxySid = 14,
362 WinEnterpriseControllersSid = 15,
363 WinSelfSid = 16,
364 WinAuthenticatedUserSid = 17,
365 WinRestrictedCodeSid = 18,
366 WinTerminalServerSid = 19,
367 WinRemoteLogonIdSid = 20,
368 WinLogonIdsSid = 21,
369 WinLocalSystemSid = 22,
370 WinLocalServiceSid = 23,
371 WinNetworkServiceSid = 24,
372 WinBuiltinDomainSid = 25,
373 WinBuiltinAdministratorsSid = 26,
374 WinBuiltinUsersSid = 27,
375 WinBuiltinGuestsSid = 28,
376 WinBuiltinPowerUsersSid = 29,
377 WinBuiltinAccountOperatorsSid = 30,
378 WinBuiltinSystemOperatorsSid = 31,
379 WinBuiltinPrintOperatorsSid = 32,
380 WinBuiltinBackupOperatorsSid = 33,
381 WinBuiltinReplicatorSid = 34,
382 WinBuiltinPreWindows2000CompatibleAccessSid = 35,
383 WinBuiltinRemoteDesktopUsersSid = 36,
384 WinBuiltinNetworkConfigurationOperatorsSid = 37,
385 WinAccountAdministratorSid = 38,
386 WinAccountGuestSid = 39,
387 WinAccountKrbtgtSid = 40,
388 WinAccountDomainAdminsSid = 41,
389 WinAccountDomainUsersSid = 42,
390 WinAccountDomainGuestsSid = 43,
391 WinAccountComputersSid = 44,
392 WinAccountControllersSid = 45,
393 WinAccountCertAdminsSid = 46,
394 WinAccountSchemaAdminsSid = 47,
395 WinAccountEnterpriseAdminsSid = 48,
396 WinAccountPolicyAdminsSid = 49,
397 WinAccountRasAndIasServersSid = 50,
398 WinNTLMAuthenticationSid = 51,
399 WinDigestAuthenticationSid = 52,
400 WinSChannelAuthenticationSid = 53,
401 WinThisOrganizationSid = 54,
402 WinOtherOrganizationSid = 55,
403 WinBuiltinIncomingForestTrustBuildersSid = 56,
404 WinBuiltinPerfMonitoringUsersSid = 57,
405 WinBuiltinPerfLoggingUsersSid = 58,
406 WinBuiltinAuthorizationAccessSid = 59,
407 WinBuiltinTerminalServerLicenseServersSid = 60,
408 WinBuiltinDCOMUsersSid = 61,
409 WinBuiltinIUsersSid = 62,
410 WinIUserSid = 63,
411 WinBuiltinCryptoOperatorsSid = 64,
412 WinUntrustedLabelSid = 65,
413 WinLowLabelSid = 66,
414 WinMediumLabelSid = 67,
415 WinHighLabelSid = 68,
416 WinSystemLabelSid = 69,
417 WinWriteRestrictedCodeSid = 70,
418 WinCreatorOwnerRightsSid = 71,
419 WinCacheablePrincipalsGroupSid = 72,
420 WinNonCacheablePrincipalsGroupSid = 73,
421 WinEnterpriseReadonlyControllersSid = 74,
422 WinAccountReadonlyControllersSid = 75,
423 WinBuiltinEventLogReadersGroup = 76,
424 WinNewEnterpriseReadonlyControllersSid = 77,
425 WinBuiltinCertSvcDComAccessGroup = 78,
426 WinMediumPlusLabelSid = 79,
427 WinLocalLogonSid = 80,
428 WinConsoleLogonSid = 81,
429 WinThisOrganizationCertificateSid = 82,
430 WinApplicationPackageAuthoritySid = 83,
431 WinBuiltinAnyPackageSid = 84,
432 WinCapabilityInternetClientSid = 85,
433 WinCapabilityInternetClientServerSid = 86,
434 WinCapabilityPrivateNetworkClientServerSid = 87,
435 WinCapabilityPicturesLibrarySid = 88,
436 WinCapabilityVideosLibrarySid = 89,
437 WinCapabilityMusicLibrarySid = 90,
438 WinCapabilityDocumentsLibrarySid = 91,
439 WinCapabilitySharedUserCertificatesSid = 92,
440 WinCapabilityEnterpriseAuthenticationSid = 93,
441 WinCapabilityRemovableStorageSid = 94,
442 WinBuiltinRDSRemoteAccessServersSid = 95,
443 WinBuiltinRDSEndpointServersSid = 96,
444 WinBuiltinRDSManagementServersSid = 97,
445 WinUserModeDriversSid = 98,
446 WinBuiltinHyperVAdminsSid = 99,
447 WinAccountCloneableControllersSid = 100,
448 WinBuiltinAccessControlAssistanceOperatorsSid = 101,
449 WinBuiltinRemoteManagementUsersSid = 102,
450 WinAuthenticationAuthorityAssertedSid = 103,
451 WinAuthenticationServiceAssertedSid = 104,
452 WinLocalAccountSid = 105,
453 WinLocalAccountAndAdministratorSid = 106,
454 WinAccountProtectedUsersSid = 107,
456
459
460#ifndef SID_IDENTIFIER_AUTHORITY_DEFINED
461#define SID_IDENTIFIER_AUTHORITY_DEFINED
462typedef struct _SID_IDENTIFIER_AUTHORITY {
463 $UCHAR Value[6];
465#endif
466
467#ifndef SID_DEFINED
468#define SID_DEFINED
469typedef struct _SID {
470 $UCHAR Revision;
473#ifdef MIDL_PASS
474 [size_is(SubAuthorityCount)] $ULONG SubAuthority[*];
475#else
477#endif
479#endif
480
481#define SID_REVISION 1
482#define SID_MAX_SUB_AUTHORITIES 15
483#define SID_RECOMMENDED_SUB_AUTHORITIES 1
484
485#ifndef MIDL_PASS
486#define SECURITY_MAX_SID_SIZE (sizeof(SID) - sizeof($ULONG) + (SID_MAX_SUB_AUTHORITIES * sizeof($ULONG)))
487#endif
488
489typedef enum _SID_NAME_USE {
501
502typedef struct _SID_AND_ATTRIBUTES {
503#ifdef MIDL_PASS
504 PISID Sid;
505#else
507#endif
512
513#define SID_HASH_SIZE 32
515
517 $ULONG SidCount;
521
522/* Universal well-known SIDs */
523
524#define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
525
526/* S-1-1 */
527#define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
528
529/* S-1-2 */
530#define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2}
531
532/* S-1-3 */
533#define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3}
534
535/* S-1-4 */
536#define SECURITY_NON_UNIQUE_AUTHORITY {0,0,0,0,0,4}
537
538#define SECURITY_RESOURCE_MANAGER_AUTHORITY {0,0,0,0,0,9}
539
540#define SECURITY_NULL_RID (0x00000000L)
541#define SECURITY_WORLD_RID (0x00000000L)
542#define SECURITY_LOCAL_RID (0x00000000L)
543#define SECURITY_LOCAL_LOGON_RID (0x00000001L)
544
545#define SECURITY_CREATOR_OWNER_RID (0x00000000L)
546#define SECURITY_CREATOR_GROUP_RID (0x00000001L)
547#define SECURITY_CREATOR_OWNER_SERVER_RID (0x00000002L)
548#define SECURITY_CREATOR_GROUP_SERVER_RID (0x00000003L)
549#define SECURITY_CREATOR_OWNER_RIGHTS_RID (0x00000004L)
550
551/* NT well-known SIDs */
552
553/* S-1-5 */
554#define SECURITY_NT_AUTHORITY {0,0,0,0,0,5}
555
556#define SECURITY_DIALUP_RID (0x00000001L)
557#define SECURITY_NETWORK_RID (0x00000002L)
558#define SECURITY_BATCH_RID (0x00000003L)
559#define SECURITY_INTERACTIVE_RID (0x00000004L)
560#define SECURITY_LOGON_IDS_RID (0x00000005L)
561#define SECURITY_LOGON_IDS_RID_COUNT (3L)
562#define SECURITY_SERVICE_RID (0x00000006L)
563#define SECURITY_ANONYMOUS_LOGON_RID (0x00000007L)
564#define SECURITY_PROXY_RID (0x00000008L)
565#define SECURITY_ENTERPRISE_CONTROLLERS_RID (0x00000009L)
566#define SECURITY_SERVER_LOGON_RID SECURITY_ENTERPRISE_CONTROLLERS_RID
567#define SECURITY_PRINCIPAL_SELF_RID (0x0000000AL)
568#define SECURITY_AUTHENTICATED_USER_RID (0x0000000BL)
569#define SECURITY_RESTRICTED_CODE_RID (0x0000000CL)
570#define SECURITY_TERMINAL_SERVER_RID (0x0000000DL)
571#define SECURITY_REMOTE_LOGON_RID (0x0000000EL)
572#define SECURITY_THIS_ORGANIZATION_RID (0x0000000FL)
573#define SECURITY_IUSER_RID (0x00000011L)
574#define SECURITY_LOCAL_SYSTEM_RID (0x00000012L)
575#define SECURITY_LOCAL_SERVICE_RID (0x00000013L)
576#define SECURITY_NETWORK_SERVICE_RID (0x00000014L)
577#define SECURITY_NT_NON_UNIQUE (0x00000015L)
578#define SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT (3L)
579#define SECURITY_ENTERPRISE_READONLY_CONTROLLERS_RID (0x00000016L)
580
581#define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L)
582#define SECURITY_WRITE_RESTRICTED_CODE_RID (0x00000021L)
583
584
585#define SECURITY_PACKAGE_BASE_RID (0x00000040L)
586#define SECURITY_PACKAGE_RID_COUNT (2L)
587#define SECURITY_PACKAGE_NTLM_RID (0x0000000AL)
588#define SECURITY_PACKAGE_SCHANNEL_RID (0x0000000EL)
589#define SECURITY_PACKAGE_DIGEST_RID (0x00000015L)
590
591#define SECURITY_CRED_TYPE_BASE_RID (0x00000041L)
592#define SECURITY_CRED_TYPE_RID_COUNT (2L)
593#define SECURITY_CRED_TYPE_THIS_ORG_CERT_RID (0x00000001L)
594
595#define SECURITY_MIN_BASE_RID (0x00000050L)
596#define SECURITY_SERVICE_ID_BASE_RID (0x00000050L)
597#define SECURITY_SERVICE_ID_RID_COUNT (6L)
598#define SECURITY_RESERVED_ID_BASE_RID (0x00000051L)
599#define SECURITY_APPPOOL_ID_BASE_RID (0x00000052L)
600#define SECURITY_APPPOOL_ID_RID_COUNT (6L)
601#define SECURITY_VIRTUALSERVER_ID_BASE_RID (0x00000053L)
602#define SECURITY_VIRTUALSERVER_ID_RID_COUNT (6L)
603#define SECURITY_USERMODEDRIVERHOST_ID_BASE_RID (0x00000054L)
604#define SECURITY_USERMODEDRIVERHOST_ID_RID_COUNT (6L)
605#define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_BASE_RID (0x00000055L)
606#define SECURITY_CLOUD_INFRASTRUCTURE_SERVICES_ID_RID_COUNT (6L)
607#define SECURITY_WMIHOST_ID_BASE_RID (0x00000056L)
608#define SECURITY_WMIHOST_ID_RID_COUNT (6L)
609#define SECURITY_TASK_ID_BASE_RID (0x00000057L)
610#define SECURITY_NFS_ID_BASE_RID (0x00000058L)
611#define SECURITY_COM_ID_BASE_RID (0x00000059L)
612#define SECURITY_VIRTUALACCOUNT_ID_RID_COUNT (6L)
613
614#define SECURITY_MAX_BASE_RID (0x0000006FL)
615
616#define SECURITY_MAX_ALWAYS_FILTERED (0x000003E7L)
617#define SECURITY_MIN_NEVER_FILTERED (0x000003E8L)
618
619#define SECURITY_OTHER_ORGANIZATION_RID (0x000003E8L)
620
621#define SECURITY_WINDOWSMOBILE_ID_BASE_RID (0x00000070L)
622
623/* Well-known domain relative sub-authority values (RIDs) */
624
625#define DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS (0x000001F2L)
626
627#define FOREST_USER_RID_MAX (0x000001F3L)
628
629/* Well-known users */
630
631#define DOMAIN_USER_RID_ADMIN (0x000001F4L)
632#define DOMAIN_USER_RID_GUEST (0x000001F5L)
633#define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
634
635#define DOMAIN_USER_RID_MAX (0x000003E7L)
636
637/* Well-known groups */
638
639#define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
640#define DOMAIN_GROUP_RID_USERS (0x00000201L)
641#define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
642#define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
643#define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
644#define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
645#define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
646#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
647#define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
648#define DOMAIN_GROUP_RID_READONLY_CONTROLLERS (0x00000209L)
649
650/* Well-known aliases */
651
652#define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
653#define DOMAIN_ALIAS_RID_USERS (0x00000221L)
654#define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
655#define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
656
657#define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
658#define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
659#define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
660#define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
661
662#define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
663#define DOMAIN_ALIAS_RID_RAS_SERVERS (0x00000229L)
664#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS (0x0000022AL)
665#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022BL)
666#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS (0x0000022CL)
667#define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS (0x0000022DL)
668
669#define DOMAIN_ALIAS_RID_MONITORING_USERS (0x0000022EL)
670#define DOMAIN_ALIAS_RID_LOGGING_USERS (0x0000022FL)
671#define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS (0x00000230L)
672#define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L)
673#define DOMAIN_ALIAS_RID_DCOM_USERS (0x00000232L)
674
675#define DOMAIN_ALIAS_RID_IUSERS (0x00000238L)
676#define DOMAIN_ALIAS_RID_CRYPTO_OPERATORS (0x00000239L)
677#define DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP (0x0000023BL)
678#define DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP (0x0000023CL)
679#define DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP (0x0000023DL)
680#define DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP (0x0000023EL)
681
682#define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
683#define SECURITY_MANDATORY_UNTRUSTED_RID (0x00000000L)
684#define SECURITY_MANDATORY_LOW_RID (0x00001000L)
685#define SECURITY_MANDATORY_MEDIUM_RID (0x00002000L)
686#define SECURITY_MANDATORY_HIGH_RID (0x00003000L)
687#define SECURITY_MANDATORY_SYSTEM_RID (0x00004000L)
688#define SECURITY_MANDATORY_PROTECTED_PROCESS_RID (0x00005000L)
689
690/* SECURITY_MANDATORY_MAXIMUM_USER_RID is the highest RID that
691 can be set by a usermode caller.*/
692
693#define SECURITY_MANDATORY_MAXIMUM_USER_RID SECURITY_MANDATORY_SYSTEM_RID
694
695#define MANDATORY_LEVEL_TO_MANDATORY_RID(IL) (IL * 0x1000)
696
697/* Allocate the System Luid. The first 1000 LUIDs are reserved.
698 Use #999 here (0x3e7 = 999) */
699
700#define SYSTEM_LUID {0x3e7, 0x0}
701#define ANONYMOUS_LOGON_LUID {0x3e6, 0x0}
702#define LOCALSERVICE_LUID {0x3e5, 0x0}
703#define NETWORKSERVICE_LUID {0x3e4, 0x0}
704#define IUSER_LUID {0x3e3, 0x0}
705
706/* Logon session reference flags */
707
708#define SEP_LOGON_SESSION_TERMINATION_NOTIFY 0x0001
709
710typedef struct _ACE_HEADER {
711 $UCHAR AceType;
712 $UCHAR AceFlags;
713 $USHORT AceSize;
715
716#define ACCESS_MIN_MS_ACE_TYPE (0x0)
717#define ACCESS_ALLOWED_ACE_TYPE (0x0)
718#define ACCESS_DENIED_ACE_TYPE (0x1)
719#define SYSTEM_AUDIT_ACE_TYPE (0x2)
720#define SYSTEM_ALARM_ACE_TYPE (0x3)
721#define ACCESS_MAX_MS_V2_ACE_TYPE (0x3)
722#define ACCESS_ALLOWED_COMPOUND_ACE_TYPE (0x4)
723#define ACCESS_MAX_MS_V3_ACE_TYPE (0x4)
724#define ACCESS_MIN_MS_OBJECT_ACE_TYPE (0x5)
725#define ACCESS_ALLOWED_OBJECT_ACE_TYPE (0x5)
726#define ACCESS_DENIED_OBJECT_ACE_TYPE (0x6)
727#define SYSTEM_AUDIT_OBJECT_ACE_TYPE (0x7)
728#define SYSTEM_ALARM_OBJECT_ACE_TYPE (0x8)
729#define ACCESS_MAX_MS_OBJECT_ACE_TYPE (0x8)
730#define ACCESS_MAX_MS_V4_ACE_TYPE (0x8)
731#define ACCESS_MAX_MS_ACE_TYPE (0x8)
732#define ACCESS_ALLOWED_CALLBACK_ACE_TYPE (0x9)
733#define ACCESS_DENIED_CALLBACK_ACE_TYPE (0xA)
734#define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (0xB)
735#define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE (0xC)
736#define SYSTEM_AUDIT_CALLBACK_ACE_TYPE (0xD)
737#define SYSTEM_ALARM_CALLBACK_ACE_TYPE (0xE)
738#define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE (0xF)
739#define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE (0x10)
740#define ACCESS_MAX_MS_V5_ACE_TYPE (0x11)
741#define SYSTEM_MANDATORY_LABEL_ACE_TYPE (0x11)
742
743/* The following are the inherit flags that go into the AceFlags field
744 of an Ace header. */
745
746#define OBJECT_INHERIT_ACE (0x1)
747#define CONTAINER_INHERIT_ACE (0x2)
748#define NO_PROPAGATE_INHERIT_ACE (0x4)
749#define INHERIT_ONLY_ACE (0x8)
750#define INHERITED_ACE (0x10)
751#define VALID_INHERIT_FLAGS (0x1F)
752
753#define SUCCESSFUL_ACCESS_ACE_FLAG (0x40)
754#define FAILED_ACCESS_ACE_FLAG (0x80)
755
756typedef struct _ACCESS_ALLOWED_ACE {
759 $ULONG SidStart;
761
762typedef struct _ACCESS_DENIED_ACE {
765 $ULONG SidStart;
767
768typedef struct _ACCESS_ALLOWED_OBJECT_ACE {
771 $ULONG Flags;
774 $ULONG SidStart;
776
780 $ULONG Flags;
783 $ULONG SidStart;
785
786typedef struct _SYSTEM_AUDIT_ACE {
789 $ULONG SidStart;
791
792typedef struct _SYSTEM_ALARM_ACE {
795 $ULONG SidStart;
797
798typedef struct _SYSTEM_MANDATORY_LABEL_ACE {
801 $ULONG SidStart;
803
804/* Object ACE flags */
805#define ACE_OBJECT_TYPE_PRESENT 0x00000001
806#define ACE_INHERITED_OBJECT_TYPE_PRESENT 0x00000002
807
808#define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1
809#define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2
810#define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4
811#define SYSTEM_MANDATORY_LABEL_VALID_MASK (SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | \
812 SYSTEM_MANDATORY_LABEL_NO_READ_UP | \
813 SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP)
814
815#define SECURITY_DESCRIPTOR_MIN_LENGTH (sizeof(SECURITY_DESCRIPTOR))
816
818
819#define SE_OWNER_DEFAULTED 0x0001
820#define SE_GROUP_DEFAULTED 0x0002
821#define SE_DACL_PRESENT 0x0004
822#define SE_DACL_DEFAULTED 0x0008
823#define SE_SACL_PRESENT 0x0010
824#define SE_SACL_DEFAULTED 0x0020
825#define SE_DACL_UNTRUSTED 0x0040
826#define SE_SERVER_SECURITY 0x0080
827#define SE_DACL_AUTO_INHERIT_REQ 0x0100
828#define SE_SACL_AUTO_INHERIT_REQ 0x0200
829#define SE_DACL_AUTO_INHERITED 0x0400
830#define SE_SACL_AUTO_INHERITED 0x0800
831#define SE_DACL_PROTECTED 0x1000
832#define SE_SACL_PROTECTED 0x2000
833#define SE_RM_CONTROL_VALID 0x4000
834#define SE_SELF_RELATIVE 0x8000
835
837 $UCHAR Revision;
838 $UCHAR Sbz1;
840 $ULONG Owner;
841 $ULONG Group;
842 $ULONG Sacl;
843 $ULONG Dacl;
845
846typedef struct _SECURITY_DESCRIPTOR {
847 $UCHAR Revision;
848 $UCHAR Sbz1;
855
856typedef struct _OBJECT_TYPE_LIST {
857 $USHORT Level;
858 $USHORT Sbz;
861
862#define ACCESS_OBJECT_GUID 0
863#define ACCESS_PROPERTY_SET_GUID 1
864#define ACCESS_PROPERTY_GUID 2
865#define ACCESS_MAX_LEVEL 4
866
867typedef enum _AUDIT_EVENT_TYPE {
871
872#define AUDIT_ALLOW_NO_PRIVILEGE 0x1
873
874#define ACCESS_DS_SOURCE_A "DS"
875#define ACCESS_DS_SOURCE_W L"DS"
876#define ACCESS_DS_OBJECT_TYPE_NAME_A "Directory Service Object"
877#define ACCESS_DS_OBJECT_TYPE_NAME_W L"Directory Service Object"
878
879#define ACCESS_REASON_TYPE_MASK 0xffff0000
880#define ACCESS_REASON_DATA_MASK 0x0000ffff
881
883 AccessReasonNone = 0x00000000,
894 AccessReasonNoSD = 0x00700000,
895 AccessReasonNoGrant = 0x00800000
897
898typedef $ULONG ACCESS_REASON;
899
900typedef struct _ACCESS_REASONS {
903
904#define SE_SECURITY_DESCRIPTOR_FLAG_NO_OWNER_ACE 0x00000001
905#define SE_SECURITY_DESCRIPTOR_FLAG_NO_LABEL_ACE 0x00000002
906#define SE_SECURITY_DESCRIPTOR_VALID_FLAGS 0x00000003
907
909 $ULONG Size;
910 $ULONG Flags;
913
914typedef struct _SE_ACCESS_REQUEST {
915 $ULONG Size;
924
925#define TOKEN_ASSIGN_PRIMARY (0x0001)
926#define TOKEN_DUPLICATE (0x0002)
927#define TOKEN_IMPERSONATE (0x0004)
928#define TOKEN_QUERY (0x0008)
929#define TOKEN_QUERY_SOURCE (0x0010)
930#define TOKEN_ADJUST_PRIVILEGES (0x0020)
931#define TOKEN_ADJUST_GROUPS (0x0040)
932#define TOKEN_ADJUST_DEFAULT (0x0080)
933#define TOKEN_ADJUST_SESSIONID (0x0100)
934
935#define TOKEN_ALL_ACCESS_P (STANDARD_RIGHTS_REQUIRED |\
936 TOKEN_ASSIGN_PRIMARY |\
937 TOKEN_DUPLICATE |\
938 TOKEN_IMPERSONATE |\
939 TOKEN_QUERY |\
940 TOKEN_QUERY_SOURCE |\
941 TOKEN_ADJUST_PRIVILEGES |\
942 TOKEN_ADJUST_GROUPS |\
943 TOKEN_ADJUST_DEFAULT)
944
945#if ((defined(_WIN32_WINNT) && (_WIN32_WINNT > 0x0400)) || (!defined(_WIN32_WINNT)))
946#define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P | TOKEN_ADJUST_SESSIONID)
947#else
948#define TOKEN_ALL_ACCESS (TOKEN_ALL_ACCESS_P)
949#endif
950
951#define TOKEN_READ (STANDARD_RIGHTS_READ | TOKEN_QUERY)
952
953#define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\
954 TOKEN_ADJUST_PRIVILEGES |\
955 TOKEN_ADJUST_GROUPS |\
956 TOKEN_ADJUST_DEFAULT)
957
958#define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE)
959
960typedef enum _TOKEN_TYPE {
964
1008
1009typedef struct _TOKEN_USER {
1012
1013typedef struct _TOKEN_GROUPS {
1015#ifdef MIDL_PASS
1016 [size_is(GroupCount)] SID_AND_ATTRIBUTES Groups[*];
1017#else
1019#endif
1021
1022typedef struct _TOKEN_PRIVILEGES {
1026
1027typedef struct _TOKEN_OWNER {
1030
1031typedef struct _TOKEN_PRIMARY_GROUP {
1034
1035typedef struct _TOKEN_DEFAULT_DACL {
1038
1040 $ULONG SidCount;
1051
1052typedef struct _TOKEN_LINKED_TOKEN {
1055
1056typedef struct _TOKEN_ELEVATION {
1059
1063
1064#define TOKEN_MANDATORY_POLICY_OFF 0x0
1065#define TOKEN_MANDATORY_POLICY_NO_WRITE_UP 0x1
1066#define TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN 0x2
1067
1068#define TOKEN_MANDATORY_POLICY_VALID_MASK (TOKEN_MANDATORY_POLICY_NO_WRITE_UP | \
1069 TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN)
1070
1071#define POLICY_AUDIT_SUBCATEGORY_COUNT (56)
1072
1073typedef struct _TOKEN_AUDIT_POLICY {
1076
1077#define TOKEN_SOURCE_LENGTH 8
1078
1079typedef struct _TOKEN_SOURCE {
1083
1084#include <pshpack4.h>
1085typedef struct _TOKEN_STATISTICS {
1097#include <poppack.h>
1098
1099typedef struct _TOKEN_CONTROL {
1100 LUID TokenId;
1105
1106typedef struct _TOKEN_ORIGIN {
1109
1110typedef enum _MANDATORY_LEVEL {
1119
1121$if(_NTIFS_)
1122
1123typedef struct _SE_ACCESS_REPLY {
1124 $ULONG Size;
1125 $ULONG ResultListCount;
1128 PACCESS_REASONS AccessReason;
1131
1147
1148typedef struct _SE_AUDIT_INFO {
1162
1164 $ULONG Policy;
1166
1175 $ULONG Flags;
1177
1178#define TOKEN_HAS_TRAVERSE_PRIVILEGE 0x0001
1179#define TOKEN_HAS_BACKUP_PRIVILEGE 0x0002
1180#define TOKEN_HAS_RESTORE_PRIVILEGE 0x0004
1181#define TOKEN_WRITE_RESTRICTED 0x0008
1182#define TOKEN_HAS_ADMIN_GROUP TOKEN_WRITE_RESTRICTED
1183#define TOKEN_IS_RESTRICTED 0x0010
1184#define TOKEN_SESSION_NOT_REFERENCED 0x0020
1185#define TOKEN_SANDBOX_INERT 0x0040
1186#define TOKEN_HAS_IMPERSONATE_PRIVILEGE 0x0080
1187#define SE_BACKUP_PRIVILEGES_CHECKED 0x0100
1188#define TOKEN_VIRTUALIZE_ALLOWED 0x0200
1189#define TOKEN_VIRTUALIZE_ENABLED 0x0400
1190#define TOKEN_IS_FILTERED 0x0800
1191#define TOKEN_UIACCESS 0x1000
1192#define TOKEN_NOT_LOW 0x2000
1193
1194typedef struct _SE_EXPORTS {
1261
1264 IN PLUID LogonId);
1265
1266typedef struct _SECURITY_CLIENT_CONTEXT {
1274
unsigned char BOOLEAN
#define VOID
Definition: acefi.h:82
#define NTSTATUS
Definition: precomp.h:19
#define _NTIFS_
Definition: ifssupp.h:20
_SECURITY_IMPERSONATION_LEVEL
Definition: lsa.idl:54
_SID_NAME_USE
Definition: lsa.idl:117
_TOKEN_TYPE
Definition: imports.h:272
* PNTSTATUS
Definition: strlen.c:14
struct _SECURITY_DESCRIPTOR * PSECURITY_DESCRIPTOR
Definition: security.c:98
#define _In_
Definition: no_sal2.h:158
ULONG ACCESS_MASK
Definition: nt_native.h:40
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
#define _NTDDK_
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
unsigned short USHORT
Definition: pedump.c:61
#define Vcb
Definition: cdprocs.h:1415
ACE_HEADER Header
Definition: ms-dtyp.idl:216
ACCESS_MASK Mask
Definition: ms-dtyp.idl:217
ACE_HEADER Header
Definition: ms-dtyp.idl:231
ACCESS_MASK Mask
Definition: ms-dtyp.idl:232
union _ACCESS_STATE::@4187 Privileges
UNICODE_STRING ObjectName
Definition: setypes.h:242
ULONG Flags
Definition: setypes.h:230
ACCESS_MASK PreviouslyGrantedAccess
Definition: setypes.h:232
INITIAL_PRIVILEGE_SET InitialPrivilegeSet
Definition: setypes.h:238
PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: setypes.h:235
ACCESS_MASK OriginalDesiredAccess
Definition: setypes.h:233
BOOLEAN AuditPrivileges
Definition: setypes.h:241
ACCESS_MASK RemainingDesiredAccess
Definition: setypes.h:231
PVOID AuxData
Definition: setypes.h:236
PRIVILEGE_SET PrivilegeSet
Definition: setypes.h:239
BOOLEAN SecurityEvaluated
Definition: setypes.h:226
BOOLEAN GenerateOnClose
Definition: setypes.h:228
SECURITY_SUBJECT_CONTEXT SubjectSecurityContext
Definition: setypes.h:234
BOOLEAN GenerateAudit
Definition: setypes.h:227
LUID OperationID
Definition: setypes.h:225
UNICODE_STRING ObjectTypeName
Definition: setypes.h:243
BOOLEAN PrivilegesAllocated
Definition: setypes.h:229
$UCHAR AceType
Definition: setypes.h:711
$USHORT AceSize
Definition: setypes.h:713
$UCHAR AceFlags
Definition: setypes.h:712
$UCHAR AclRevision
Definition: setypes.h:50
$USHORT Sbz2
Definition: setypes.h:54
$UCHAR Sbz1
Definition: setypes.h:51
$USHORT AclSize
Definition: setypes.h:52
$USHORT AceCount
Definition: setypes.h:53
ACCESS_MASK GenericExecute
Definition: nt_native.h:567
ACCESS_MASK GenericRead
Definition: nt_native.h:565
ACCESS_MASK GenericAll
Definition: nt_native.h:568
ACCESS_MASK GenericWrite
Definition: nt_native.h:566
LUID_AND_ATTRIBUTES Privilege[INITIAL_PRIVILEGE_COUNT]
Definition: setypes.h:177
$USHORT Level
Definition: setypes.h:857
GUID * ObjectType
Definition: setypes.h:859
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
$ULONG Control
Definition: setypes.h:87
$ULONG PrivilegeCount
Definition: setypes.h:86
TOKEN_CONTROL ClientTokenControl
Definition: imports.h:295
PACCESS_TOKEN ClientToken
Definition: imports.h:291
SECURITY_QUALITY_OF_SERVICE SecurityQos
Definition: imports.h:290
BOOLEAN DirectlyAccessClientToken
Definition: imports.h:292
BOOLEAN DirectAccessEffectiveOnly
Definition: imports.h:293
SECURITY_DESCRIPTOR_CONTROL Control
Definition: setypes.h:839
SECURITY_DESCRIPTOR_CONTROL Control
Definition: setypes.h:849
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:219
PACCESS_TOKEN ClientToken
Definition: setypes.h:218
PACCESS_TOKEN PrimaryToken
Definition: setypes.h:220
$ULONG ObjectTypeListCount
Definition: setypes.h:921
PSID PrincipalSelfSid
Definition: setypes.h:919
POBJECT_TYPE_LIST ObjectTypeList
Definition: setypes.h:922
PSE_SECURITY_DESCRIPTOR SeSecurityDescriptor
Definition: setypes.h:916
ACCESS_MASK DesiredAccess
Definition: setypes.h:917
PGENERIC_MAPPING GenericMapping
Definition: setypes.h:920
ACCESS_MASK PreviouslyGrantedAccess
Definition: setypes.h:918
ULONG AccessReasons[32]
Definition: setypes.h:320
PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: setypes.h:323
ACCESS_MASK AccessMask
Definition: setypes.h:319
ACCESS_MASK AccessMask
Definition: setypes.h:308
Definition: setypes.h:311
ULONG Length
Definition: setypes.h:313
SE_ADT_PARAMETER_TYPE Type
Definition: setypes.h:312
PVOID Address
Definition: setypes.h:315
GUID * TransactionId
Definition: setypes.h:1157
PVOID HandleId
Definition: setypes.h:1156
ULONG AuditFlags
Definition: setypes.h:1152
UNICODE_STRING ObjectName
Definition: setypes.h:1155
UNICODE_STRING SubsystemName
Definition: setypes.h:1153
LUID * OperationId
Definition: setypes.h:1158
UNICODE_STRING ObjectTypeName
Definition: setypes.h:1154
AUDIT_EVENT_TYPE AuditType
Definition: setypes.h:1150
SE_AUDIT_OPERATION AuditOperation
Definition: setypes.h:1151
BOOLEAN ObjectCreation
Definition: setypes.h:1159
BOOLEAN GenerateOnClose
Definition: setypes.h:1160
LUID SeCreateSymbolicLinkPrivilege
Definition: setypes.h:1252
PSID SeSystemMandatorySid
Definition: setypes.h:1258
PSID SeInteractiveSid
Definition: setypes.h:1227
PSID SeCreatorGroupSid
Definition: setypes.h:1222
LUID SeUnsolicitedInputPrivilege
Definition: setypes.h:1199
PSID SeIUserSid
Definition: setypes.h:1253
LUID SeIncreaseBasePriorityPrivilege
Definition: setypes.h:1205
LUID SeRelabelPrivilege
Definition: setypes.h:1249
LUID SeAssignPrimaryTokenPrivilege
Definition: setypes.h:1196
PSID SeAliasAdminsSid
Definition: setypes.h:1229
LUID SeUndockPrivilege
Definition: setypes.h:1240
LUID SeTrustedCredManAccessPrivilege
Definition: setypes.h:1248
LUID SeLoadDriverPrivilege
Definition: setypes.h:1203
LUID SeLockMemoryPrivilege
Definition: setypes.h:1197
PSID SeAliasUsersSid
Definition: setypes.h:1230
PSID SeNetworkSid
Definition: setypes.h:1225
LUID SeProfileSingleProcessPrivilege
Definition: setypes.h:1208
LUID SeIncreaseQuotaPrivilege
Definition: setypes.h:1198
PSID SeNullSid
Definition: setypes.h:1218
LUID SeEnableDelegationPrivilege
Definition: setypes.h:1242
PSID SeAliasSystemOpsSid
Definition: setypes.h:1234
PSID SeCreatorOwnerSid
Definition: setypes.h:1221
LUID SeAuditPrivilege
Definition: setypes.h:1214
LUID SeRestorePrivilege
Definition: setypes.h:1211
LUID SeTakeOwnershipPrivilege
Definition: setypes.h:1202
LUID SeSystemtimePrivilege
Definition: setypes.h:1207
LUID SeSecurityPrivilege
Definition: setypes.h:1201
PSID SeAliasGuestsSid
Definition: setypes.h:1231
PSID SeUntrustedMandatorySid
Definition: setypes.h:1254
PSID SeAuthenticatedUsersSid
Definition: setypes.h:1237
PSID SeMediumMandatorySid
Definition: setypes.h:1256
PSID SeAliasPrintOpsSid
Definition: setypes.h:1235
LUID SeTcbPrivilege
Definition: setypes.h:1200
LUID SeSystemProfilePrivilege
Definition: setypes.h:1206
PSID SeDialupSid
Definition: setypes.h:1224
PSID SeHighMandatorySid
Definition: setypes.h:1257
PSID SeAnonymousLogonSid
Definition: setypes.h:1239
LUID SeBackupPrivilege
Definition: setypes.h:1210
PSID SeRestrictedSid
Definition: setypes.h:1238
LUID SeTimeZonePrivilege
Definition: setypes.h:1251
PSID SeAliasAccountOpsSid
Definition: setypes.h:1233
PSID SeLocalSid
Definition: setypes.h:1220
LUID SeDebugPrivilege
Definition: setypes.h:1213
PSID SeNetworkServiceSid
Definition: setypes.h:1244
LUID SeCreateGlobalPrivilege
Definition: setypes.h:1247
LUID SeCreatePagefilePrivilege
Definition: setypes.h:1204
LUID SeIncreaseWorkingSetPrivilege
Definition: setypes.h:1250
LUID SeShutdownPrivilege
Definition: setypes.h:1212
PSID SeWorldSid
Definition: setypes.h:1219
LUID SeImpersonatePrivilege
Definition: setypes.h:1246
PSID SeNtAuthoritySid
Definition: setypes.h:1223
PSID SeOwnerRightsSid
Definition: setypes.h:1259
LUID SeChangeNotifyPrivilege
Definition: setypes.h:1216
PSID SeBatchSid
Definition: setypes.h:1226
PSID SeAliasBackupOpsSid
Definition: setypes.h:1236
LUID SeSyncAgentPrivilege
Definition: setypes.h:1241
LUID SeSystemEnvironmentPrivilege
Definition: setypes.h:1215
PSID SeLowMandatorySid
Definition: setypes.h:1255
LUID SeCreateTokenPrivilege
Definition: setypes.h:1195
PSID SeLocalServiceSid
Definition: setypes.h:1243
PSID SeAliasPowerUsersSid
Definition: setypes.h:1232
LUID SeManageVolumePrivilege
Definition: setypes.h:1245
PSID SeLocalSystemSid
Definition: setypes.h:1228
LUID SeCreatePermanentPrivilege
Definition: setypes.h:1209
LUID SeRemoteShutdownPrivilege
Definition: setypes.h:1217
PACCESS_TOKEN Token
Definition: setypes.h:116
SECURITY_IMPERSONATION_LEVEL Level
Definition: setypes.h:119
PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: setypes.h:911
PSID_AND_ATTRIBUTES SidAttr
Definition: setypes.h:518
SID_HASH_ENTRY Hash[SID_HASH_SIZE]
Definition: setypes.h:519
$UCHAR SubAuthorityCount
Definition: setypes.h:471
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
$UCHAR Revision
Definition: setypes.h:470
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: ms-dtyp.idl:201
ACCESS_MASK Mask
Definition: setypes.h:794
ACE_HEADER Header
Definition: setypes.h:793
$ULONG SidStart
Definition: setypes.h:795
ACE_HEADER Header
Definition: ms-dtyp.idl:267
$ULONG SidStart
Definition: setypes.h:789
ACCESS_MASK Mask
Definition: ms-dtyp.idl:268
PSID_AND_ATTRIBUTES_HASH SidHash
Definition: setypes.h:1168
PTOKEN_PRIVILEGES Privileges
Definition: setypes.h:1170
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:1173
PSID_AND_ATTRIBUTES_HASH RestrictedSidHash
Definition: setypes.h:1169
TOKEN_MANDATORY_POLICY MandatoryPolicy
Definition: setypes.h:1174
$UCHAR PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT) > > 1)+1]
Definition: setypes.h:1074
LUID TokenId
Definition: imports.h:283
LUID AuthenticationId
Definition: imports.h:284
LUID ModifiedId
Definition: imports.h:285
TOKEN_SOURCE TokenSource
Definition: imports.h:286
$ULONG TokenIsElevated
Definition: setypes.h:1057
PSID_AND_ATTRIBUTES Sids
Definition: setypes.h:1042
PSID_AND_ATTRIBUTES RestrictedSids
Definition: setypes.h:1045
PLUID_AND_ATTRIBUTES Privileges
Definition: setypes.h:1048
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:1018
$ULONG GroupCount
Definition: setypes.h:1014
SID_AND_ATTRIBUTES Label
Definition: setypes.h:1061
LUID OriginatingLogonSession
Definition: setypes.h:1107
PSID Owner
Definition: setypes.h:1028
$ULONG PrivilegeCount
Definition: setypes.h:1023
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:1024
CCHAR SourceName[TOKEN_SOURCE_LENGTH]
Definition: imports.h:278
LUID SourceIdentifier
Definition: imports.h:279
LUID AuthenticationId
Definition: setypes.h:1087
TOKEN_TYPE TokenType
Definition: setypes.h:1089
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: setypes.h:1090
LARGE_INTEGER ExpirationTime
Definition: setypes.h:1088
$ULONG DynamicAvailable
Definition: setypes.h:1092
$ULONG PrivilegeCount
Definition: setypes.h:1094
$ULONG DynamicCharged
Definition: setypes.h:1091
$ULONG GroupCount
Definition: setypes.h:1093
SID_AND_ATTRIBUTES User
Definition: setypes.h:1010
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
#define NTAPI
Definition: typedefs.h:36
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define IN
Definition: typedefs.h:39
uint32_t ULONG
Definition: typedefs.h:59
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4533
_Must_inspect_result_ _In_ WDFQUEUE _In_opt_ WDFREQUEST _In_opt_ WDFFILEOBJECT _Inout_opt_ PWDF_REQUEST_PARAMETERS Parameters
Definition: wdfio.h:869
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING _Out_opt_ PUSHORT _Inout_opt_ PUNICODE_STRING Value
Definition: wdfregistry.h:413
#define _WDMDDK_
Definition: wdm.template.h:26
#define _WINNT_
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:21
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:20
struct _SE_AUDIT_INFO * PSE_AUDIT_INFO
struct _SYSTEM_ALARM_ACE * PSYSTEM_ALARM_ACE
struct _SE_EXPORTS * PSE_EXPORTS
ULONG_PTR * PSID_HASH_ENTRY
Definition: setypes.h:514
struct _TOKEN_PRIMARY_GROUP TOKEN_PRIMARY_GROUP
struct _ACCESS_STATE ACCESS_STATE
SE_ACCESS_REPLY
Definition: setypes.h:1130
struct _SE_SECURITY_DESCRIPTOR SE_SECURITY_DESCRIPTOR
struct _SECURITY_CLIENT_CONTEXT SECURITY_CLIENT_CONTEXT
struct _SID_AND_ATTRIBUTES * PSID_AND_ATTRIBUTES
Definition: security.c:130
struct _TOKEN_SOURCE * PTOKEN_SOURCE
struct _TOKEN_GROUPS * LPTOKEN_GROUPS
struct _SECURITY_SUBJECT_CONTEXT * PSECURITY_SUBJECT_CONTEXT
struct _SE_ACCESS_REQUEST SE_ACCESS_REQUEST
struct _TOKEN_GROUPS * PTOKEN_GROUPS
SID_AND_ATTRIBUTES_ARRAY * PSID_AND_ATTRIBUTES_ARRAY
Definition: setypes.h:511
struct _INITIAL_PRIVILEGE_SET INITIAL_PRIVILEGE_SET
enum _SE_AUDIT_OPERATION SE_AUDIT_OPERATION
struct _OBJECT_TYPE_LIST * POBJECT_TYPE_LIST
enum _MANDATORY_LEVEL * PMANDATORY_LEVEL
@ TokenImpersonation
Definition: setypes.h:962
@ TokenPrimary
Definition: setypes.h:961
struct _SID SID
struct _TOKEN_CONTROL TOKEN_CONTROL
_ACCESS_REASON_TYPE
Definition: setypes.h:882
@ AccessReasonDeniedAce
Definition: setypes.h:885
@ AccessReasonNoSD
Definition: setypes.h:894
@ AccessReasonNullDacl
Definition: setypes.h:892
@ AccessReasonDeniedParentAce
Definition: setypes.h:887
@ AccessReasonEmptyDacl
Definition: setypes.h:893
@ AccessReasonNoGrant
Definition: setypes.h:895
@ AccessReasonAllowedParentAce
Definition: setypes.h:886
@ AccessReasonMissingPrivilege
Definition: setypes.h:888
@ AccessReasonFromPrivilege
Definition: setypes.h:889
@ AccessReasonNone
Definition: setypes.h:883
@ AccessReasonOwnership
Definition: setypes.h:891
@ AccessReasonAllowedAce
Definition: setypes.h:884
@ AccessReasonIntegrityLevel
Definition: setypes.h:890
struct _TOKEN_AUDIT_POLICY TOKEN_AUDIT_POLICY
struct _TOKEN_PRIMARY_GROUP * PTOKEN_PRIMARY_GROUP
* LPSID_IDENTIFIER_AUTHORITY
Definition: setypes.h:464
struct _SYSTEM_MANDATORY_LABEL_ACE SYSTEM_MANDATORY_LABEL_ACE
struct _SYSTEM_ALARM_ACE SYSTEM_ALARM_ACE
struct _TOKEN_USER TOKEN_USER
$ULONG SECURITY_INFORMATION
Definition: setypes.h:8
struct _TOKEN_SOURCE TOKEN_SOURCE
#define TOKEN_SOURCE_LENGTH
Definition: setypes.h:1077
struct _TOKEN_STATISTICS * PTOKEN_STATISTICS
struct _TOKEN_DEFAULT_DACL * PTOKEN_DEFAULT_DACL
enum _SE_ADT_PARAMETER_TYPE * PSE_ADT_PARAMETER_TYPE
struct _INITIAL_PRIVILEGE_SET * PINITIAL_PRIVILEGE_SET
enum _SID_NAME_USE SID_NAME_USE
ULONG_PTR SID_HASH_ENTRY
Definition: setypes.h:514
struct _TOKEN_PRIVILEGES TOKEN_PRIVILEGES
struct _ACCESS_STATE * PACCESS_STATE
struct _TOKEN_USER * PTOKEN_USER
struct _ACCESS_DENIED_OBJECT_ACE * PACCESS_DENIED_OBJECT_ACE
SECURITY_OPERATION_CODE
Definition: setypes.h:170
struct _ACCESS_DENIED_ACE ACCESS_DENIED_ACE
_MANDATORY_LEVEL
Definition: setypes.h:1110
@ MandatoryLevelUntrusted
Definition: setypes.h:1111
@ MandatoryLevelLow
Definition: setypes.h:1112
@ MandatoryLevelCount
Definition: setypes.h:1117
@ MandatoryLevelSecureProcess
Definition: setypes.h:1116
@ MandatoryLevelMedium
Definition: setypes.h:1113
@ MandatoryLevelSystem
Definition: setypes.h:1115
@ MandatoryLevelHigh
Definition: setypes.h:1114
struct _SE_IMPERSONATION_STATE * PSE_IMPERSONATION_STATE
struct _ACCESS_REASONS * PACCESS_REASONS
struct _ACCESS_ALLOWED_OBJECT_ACE * PACCESS_ALLOWED_OBJECT_ACE
struct _TOKEN_MANDATORY_LABEL TOKEN_MANDATORY_LABEL
struct _TOKEN_ORIGIN TOKEN_ORIGIN
struct _ACCESS_ALLOWED_OBJECT_ACE ACCESS_ALLOWED_OBJECT_ACE
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
struct _SECURITY_CLIENT_CONTEXT * PSECURITY_CLIENT_CONTEXT
struct _TOKEN_ORIGIN * PTOKEN_ORIGIN
struct _SYSTEM_MANDATORY_LABEL_ACE * PSYSTEM_MANDATORY_LABEL_ACE
#define POLICY_AUDIT_SUBCATEGORY_COUNT
Definition: setypes.h:1071
struct _GENERIC_MAPPING GENERIC_MAPPING
struct _SYSTEM_AUDIT_ACE SYSTEM_AUDIT_ACE
$USHORT * PSECURITY_DESCRIPTOR_CONTROL
Definition: setypes.h:817
_SE_ADT_PARAMETER_TYPE
Definition: setypes.h:271
@ SeAdtParmTypeLogonIdNoSid
Definition: setypes.h:298
@ SeAdtParmTypeMessage
Definition: setypes.h:293
@ SeAdtParmTypeSockAddrNoPort
Definition: setypes.h:300
@ SeAdtParmTypeLogonId
Definition: setypes.h:277
@ SeAdtParmTypeNoUac
Definition: setypes.h:292
@ SeAdtParmTypeSid
Definition: setypes.h:276
@ SeAdtParmTypeGuid
Definition: setypes.h:285
@ SeAdtParmTypeLogonHours
Definition: setypes.h:297
@ SeAdtParmTypePrivs
Definition: setypes.h:280
@ SeAdtParmTypeNone
Definition: setypes.h:272
@ SeAdtParmTypePtr
Definition: setypes.h:283
@ SeAdtParmTypeSockAddr
Definition: setypes.h:295
@ SeAdtParmTypeSidList
Definition: setypes.h:289
@ SeAdtParmTypeLuid
Definition: setypes.h:286
@ SeAdtParmTypeAccessReason
Definition: setypes.h:301
@ SeAdtParmTypeDuration
Definition: setypes.h:290
@ SeAdtParmTypeDateTime
Definition: setypes.h:294
@ SeAdtParmTypeSD
Definition: setypes.h:296
@ SeAdtParmTypeAccessMask
Definition: setypes.h:279
@ SeAdtParmTypeUserAccountControl
Definition: setypes.h:291
@ SeAdtParmTypeNoLogonId
Definition: setypes.h:278
@ SeAdtParmTypeHexUlong
Definition: setypes.h:282
@ SeAdtParmTypeFileSpec
Definition: setypes.h:274
@ SeAdtParmTypeStringList
Definition: setypes.h:288
@ SeAdtParmTypeUlong
Definition: setypes.h:275
@ SeAdtParmTypeHexInt64
Definition: setypes.h:287
@ SeAdtParmTypeUlongNoConv
Definition: setypes.h:299
@ SeAdtParmTypeObjectTypes
Definition: setypes.h:281
@ SeAdtParmTypeTime
Definition: setypes.h:284
@ SeAdtParmTypeString
Definition: setypes.h:273
struct _SECURITY_SUBJECT_CONTEXT SECURITY_SUBJECT_CONTEXT
struct _TOKEN_PRIVILEGES * LPTOKEN_PRIVILEGES
struct _TOKEN_CONTROL * PTOKEN_CONTROL
struct _SECURITY_DESCRIPTOR_RELATIVE * PISECURITY_DESCRIPTOR_RELATIVE
BOOLEAN SECURITY_CONTEXT_TRACKING_MODE
Definition: setypes.h:106
struct _SECURITY_DESCRIPTOR * PISECURITY_DESCRIPTOR
struct _SE_SECURITY_DESCRIPTOR * PSE_SECURITY_DESCRIPTOR
struct _SE_ADT_OBJECT_TYPE SE_ADT_OBJECT_TYPE
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
struct _SE_ADT_OBJECT_TYPE * PSE_ADT_OBJECT_TYPE
struct _ACL ACL
* PSE_ACCESS_REPLY
Definition: setypes.h:1130
$endif(_WDMDDK_||_WINNT_) $if(_WINNT_) $endif(_WINNT_) $if(_WDMDDK_) typedef enum _SECURITY_OPERATION_CODE
Definition: setypes.h:149
@ SecurityImpersonation
Definition: setypes.h:94
@ SecurityAnonymous
Definition: setypes.h:92
@ SecurityDelegation
Definition: setypes.h:95
@ SecurityIdentification
Definition: setypes.h:93
struct _SECURITY_DESCRIPTOR SECURITY_DESCRIPTOR
struct _TOKEN_GROUPS_AND_PRIVILEGES * PTOKEN_GROUPS_AND_PRIVILEGES
struct _SECURITY_DESCRIPTOR_RELATIVE SECURITY_DESCRIPTOR_RELATIVE
struct _LUID_AND_ATTRIBUTES * PLUID_AND_ATTRIBUTES
struct _ACCESS_REASONS ACCESS_REASONS
* PSECURITY_OPERATION_CODE
Definition: setypes.h:170
enum _SECURITY_IMPERSONATION_LEVEL * PSECURITY_IMPERSONATION_LEVEL
$ULONG * PSECURITY_INFORMATION
Definition: setypes.h:8
enum _MANDATORY_LEVEL MANDATORY_LEVEL
PVOID PSID
Definition: setypes.h:12
struct _SE_ADT_PARAMETER_ARRAY_ENTRY SE_ADT_PARAMETER_ARRAY_ENTRY
struct _TOKEN_ACCESS_INFORMATION TOKEN_ACCESS_INFORMATION
struct _TOKEN_LINKED_TOKEN TOKEN_LINKED_TOKEN
struct _TOKEN_ELEVATION * PTOKEN_ELEVATION
struct _SE_ADT_PARAMETER_ARRAY_ENTRY * PSE_ADT_PARAMETER_ARRAY_ENTRY
$ULONG * PACCESS_MASK
Definition: setypes.h:9
struct _ACE_HEADER ACE_HEADER
struct _ACL * PACL
struct _SID_AND_ATTRIBUTES_HASH * PSID_AND_ATTRIBUTES_HASH
enum _SID_NAME_USE * PSID_NAME_USE
_TOKEN_INFORMATION_CLASS
Definition: setypes.h:965
@ TokenUIAccess
Definition: setypes.h:991
@ TokenSecurityAttributes
Definition: setypes.h:1004
@ TokenDefaultDacl
Definition: setypes.h:971
@ TokenGroupsAndPrivileges
Definition: setypes.h:978
@ TokenAuditPolicy
Definition: setypes.h:981
@ TokenRestrictedDeviceClaimAttributes
Definition: setypes.h:1001
@ TokenLogonSid
Definition: setypes.h:993
@ TokenVirtualizationAllowed
Definition: setypes.h:988
@ TokenSource
Definition: setypes.h:972
@ TokenAccessInformation
Definition: setypes.h:987
@ TokenStatistics
Definition: setypes.h:975
@ TokenImpersonationLevel
Definition: setypes.h:974
@ TokenIntegrityLevel
Definition: setypes.h:990
@ TokenCapabilities
Definition: setypes.h:995
@ MaxTokenInfoClass
Definition: setypes.h:1006
@ TokenIsRestricted
Definition: setypes.h:1005
@ TokenSandBoxInert
Definition: setypes.h:980
@ TokenDeviceClaimAttributes
Definition: setypes.h:999
@ TokenDeviceGroups
Definition: setypes.h:1002
@ TokenRestrictedSids
Definition: setypes.h:976
@ TokenRestrictedDeviceGroups
Definition: setypes.h:1003
@ TokenType
Definition: setypes.h:973
@ TokenMandatoryPolicy
Definition: setypes.h:992
@ TokenHasRestrictions
Definition: setypes.h:986
@ TokenGroups
Definition: setypes.h:967
@ TokenPrivileges
Definition: setypes.h:968
@ TokenUser
Definition: setypes.h:966
@ TokenIsAppContainer
Definition: setypes.h:994
@ TokenOrigin
Definition: setypes.h:982
@ TokenPrimaryGroup
Definition: setypes.h:970
@ TokenSessionId
Definition: setypes.h:977
@ TokenRestrictedUserClaimAttributes
Definition: setypes.h:1000
@ TokenSessionReference
Definition: setypes.h:979
@ TokenAppContainerSid
Definition: setypes.h:996
@ TokenVirtualizationEnabled
Definition: setypes.h:989
@ TokenAppContainerNumber
Definition: setypes.h:997
@ TokenElevation
Definition: setypes.h:985
@ TokenElevationType
Definition: setypes.h:983
@ TokenOwner
Definition: setypes.h:969
@ TokenLinkedToken
Definition: setypes.h:984
@ TokenUserClaimAttributes
Definition: setypes.h:998
struct _SID_AND_ATTRIBUTES_HASH SID_AND_ATTRIBUTES_HASH
SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY]
Definition: setypes.h:510
struct _SE_AUDIT_INFO SE_AUDIT_INFO
$if(_WDMDDK_||_WINNT_) typedef PVOID PSECURITY_DESCRIPTOR
Definition: extypes.h:1
struct _SYSTEM_AUDIT_ACE * PSYSTEM_AUDIT_ACE
LUID_AND_ATTRIBUTES_ARRAY * PLUID_AND_ATTRIBUTES_ARRAY
Definition: setypes.h:80
struct _TOKEN_STATISTICS TOKEN_STATISTICS
struct _SE_ACCESS_REQUEST * PSE_ACCESS_REQUEST
struct _TOKEN_MANDATORY_POLICY * PTOKEN_MANDATORY_POLICY
enum _TOKEN_INFORMATION_CLASS * PTOKEN_INFORMATION_CLASS
struct _ACCESS_DENIED_ACE * PACCESS_DENIED_ACE
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES
enum _ACCESS_REASON_TYPE ACCESS_REASON_TYPE
struct _ACE_HEADER * PACE_HEADER
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
* PSID_IDENTIFIER_AUTHORITY
Definition: setypes.h:464
struct _TOKEN_MANDATORY_POLICY TOKEN_MANDATORY_POLICY
struct _ACCESS_DENIED_OBJECT_ACE ACCESS_DENIED_OBJECT_ACE
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
struct _SECURITY_QUALITY_OF_SERVICE * PSECURITY_QUALITY_OF_SERVICE
struct _TOKEN_MANDATORY_LABEL * PTOKEN_MANDATORY_LABEL
struct _SE_ADT_ACCESS_REASON * PSE_ADT_ACCESS_REASON
_SE_AUDIT_OPERATION
Definition: setypes.h:1132
@ AuditOpenObject
Definition: setypes.h:1136
@ AuditOpenNonObject
Definition: setypes.h:1143
@ AuditHandleCreation
Definition: setypes.h:1145
@ AuditDeleteObject
Definition: setypes.h:1139
@ AuditOpenObjectForDelete
Definition: setypes.h:1140
@ AuditPrivilegeObject
Definition: setypes.h:1133
@ AuditObjectReference
Definition: setypes.h:1144
@ AuditOpenObjectWithTransaction
Definition: setypes.h:1137
@ AuditCloseObject
Definition: setypes.h:1138
@ AuditCloseNonObject
Definition: setypes.h:1142
@ AuditPrivilegeService
Definition: setypes.h:1134
@ AuditOpenObjectForDeleteWithTransaction
Definition: setypes.h:1141
@ AuditAccessCheck
Definition: setypes.h:1135
struct _TOKEN_LINKED_TOKEN * PTOKEN_LINKED_TOKEN
_AUDIT_EVENT_TYPE
Definition: setypes.h:867
@ AuditEventDirectoryServiceAccess
Definition: setypes.h:869
@ AuditEventObjectAccess
Definition: setypes.h:868
$ULONG ACCESS_MASK
Definition: setypes.h:9
NTSTATUS(NTAPI * PSE_LOGON_SESSION_TERMINATED_ROUTINE)(IN PLUID LogonId)
Definition: setypes.h:1263
enum _TOKEN_TYPE * PTOKEN_TYPE
VOID(NTAPI * PNTFS_DEREF_EXPORTED_SECURITY_DESCRIPTOR)(_In_ PVOID Vcb, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: setypes.h:247
$ULONG ACCESS_REASON
Definition: setypes.h:898
enum _SE_AUDIT_OPERATION * PSE_AUDIT_OPERATION
struct _TOKEN_ACCESS_INFORMATION * PTOKEN_ACCESS_INFORMATION
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
$USHORT SECURITY_DESCRIPTOR_CONTROL
Definition: setypes.h:817
struct _TOKEN_DEFAULT_DACL TOKEN_DEFAULT_DACL
struct _OBJECT_TYPE_LIST OBJECT_TYPE_LIST
struct _SID * PISID
struct _TOKEN_ELEVATION TOKEN_ELEVATION
struct _SE_EXPORTS SE_EXPORTS
LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY]
Definition: setypes.h:79
WELL_KNOWN_SID_TYPE
Definition: setypes.h:455
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
enum _AUDIT_EVENT_TYPE AUDIT_EVENT_TYPE
SID_IDENTIFIER_AUTHORITY
Definition: setypes.h:464
PVOID PACCESS_TOKEN
Definition: setypes.h:11
struct _SE_ADT_PARAMETER_ARRAY * PSE_ADT_PARAMETER_ARRAY
#define SID_HASH_SIZE
Definition: setypes.h:513
struct _PRIVILEGE_SET * PPRIVILEGE_SET
struct _SE_ADT_ACCESS_REASON SE_ADT_ACCESS_REASON
struct _TOKEN_GROUPS TOKEN_GROUPS
#define INITIAL_PRIVILEGE_COUNT
Definition: setypes.h:172
enum _AUDIT_EVENT_TYPE * PAUDIT_EVENT_TYPE
struct _ACCESS_ALLOWED_ACE * PACCESS_ALLOWED_ACE
struct _TOKEN_AUDIT_POLICY * PTOKEN_AUDIT_POLICY
struct _SE_IMPERSONATION_STATE SE_IMPERSONATION_STATE
struct _PRIVILEGE_SET PRIVILEGE_SET
BOOLEAN * PSECURITY_CONTEXT_TRACKING_MODE
Definition: setypes.h:106
struct _GENERIC_MAPPING * PGENERIC_MAPPING
@ SidTypeUnknown
Definition: setypes.h:497
@ SidTypeAlias
Definition: setypes.h:493
@ SidTypeDomain
Definition: setypes.h:492
@ SidTypeGroup
Definition: setypes.h:491
@ SidTypeDeletedAccount
Definition: setypes.h:495
@ SidTypeUser
Definition: setypes.h:490
@ SidTypeWellKnownGroup
Definition: setypes.h:494
@ SidTypeInvalid
Definition: setypes.h:496
@ SidTypeLabel
Definition: setypes.h:499
@ SidTypeComputer
Definition: setypes.h:498
struct _TOKEN_GROUPS_AND_PRIVILEGES TOKEN_GROUPS_AND_PRIVILEGES
struct _SE_ADT_PARAMETER_ARRAY SE_ADT_PARAMETER_ARRAY
enum _SE_ADT_PARAMETER_TYPE SE_ADT_PARAMETER_TYPE
struct _TOKEN_OWNER TOKEN_OWNER
enum _TOKEN_TYPE TOKEN_TYPE
struct _TOKEN_OWNER * PTOKEN_OWNER
#define SE_MAX_AUDIT_PARAMETERS
Definition: setypes.h:256
char CHAR
Definition: xmlstorage.h:175