winapi_ui_automation/um/
ntsecapi.rs

1// Licensed under the Apache License, Version 2.0
2// <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
3// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
4// All files in the project carrying such notice may not be copied, modified, or distributed
5// except according to those terms.
6//! This module defines the Local Security Authority APIs.
7use shared::basetsd::{ULONG64, ULONG_PTR};
8use shared::guiddef::GUID;
9use shared::minwindef::{PUCHAR, PULONG, UCHAR, ULONG, USHORT};
10use shared::ntdef::NTSTATUS;
11use shared::sspi::SecHandle;
12use um::lsalookup::{
13    LSA_TRUST_INFORMATION, LSA_UNICODE_STRING, PLSA_TRUST_INFORMATION, PLSA_UNICODE_STRING
14};
15use um::subauth::{PUNICODE_STRING, STRING, UNICODE_STRING};
16use um::winnt::{
17    ACCESS_MASK, ANYSIZE_ARRAY, BOOLEAN, HANDLE, LARGE_INTEGER, LONG, LUID, PACL, PCSTR, PCWSTR,
18    PSECURITY_DESCRIPTOR, PSID, PSTR, PVOID, PWSTR, QUOTA_LIMITS, SECURITY_INFORMATION, SHORT, SID,
19    SID_NAME_USE, STANDARD_RIGHTS_EXECUTE, STANDARD_RIGHTS_READ, STANDARD_RIGHTS_REQUIRED,
20    STANDARD_RIGHTS_WRITE, ULONGLONG
21};
22DEFINE_GUID!{Audit_System_SecurityStateChange,
23    0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
24DEFINE_GUID!{Audit_System_SecuritySubsystemExtension,
25    0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
26DEFINE_GUID!{Audit_System_Integrity,
27    0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
28DEFINE_GUID!{Audit_System_IPSecDriverEvents,
29    0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
30DEFINE_GUID!{Audit_System_Others,
31    0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
32DEFINE_GUID!{Audit_Logon_Logon,
33    0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
34DEFINE_GUID!{Audit_Logon_Logoff,
35    0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
36DEFINE_GUID!{Audit_Logon_AccountLockout,
37    0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
38DEFINE_GUID!{Audit_Logon_IPSecMainMode,
39    0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
40DEFINE_GUID!{Audit_Logon_IPSecQuickMode,
41    0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
42DEFINE_GUID!{Audit_Logon_IPSecUserMode,
43    0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
44DEFINE_GUID!{Audit_Logon_SpecialLogon,
45    0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
46DEFINE_GUID!{Audit_Logon_Others,
47    0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
48DEFINE_GUID!{Audit_ObjectAccess_FileSystem,
49    0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
50DEFINE_GUID!{Audit_ObjectAccess_Registry,
51    0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
52DEFINE_GUID!{Audit_ObjectAccess_Kernel,
53    0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
54DEFINE_GUID!{Audit_ObjectAccess_Sam,
55    0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
56DEFINE_GUID!{Audit_ObjectAccess_CertificationServices,
57    0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
58DEFINE_GUID!{Audit_ObjectAccess_ApplicationGenerated,
59    0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
60DEFINE_GUID!{Audit_ObjectAccess_Handle,
61    0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
62DEFINE_GUID!{Audit_ObjectAccess_Share,
63    0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
64DEFINE_GUID!{Audit_ObjectAccess_FirewallPacketDrops,
65    0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
66DEFINE_GUID!{Audit_ObjectAccess_FirewallConnection,
67    0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
68DEFINE_GUID!{Audit_ObjectAccess_Other,
69    0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
70DEFINE_GUID!{Audit_PrivilegeUse_Sensitive,
71    0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
72DEFINE_GUID!{Audit_PrivilegeUse_NonSensitive,
73    0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
74DEFINE_GUID!{Audit_PrivilegeUse_Others,
75    0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
76DEFINE_GUID!{Audit_DetailedTracking_ProcessCreation,
77    0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
78DEFINE_GUID!{Audit_DetailedTracking_ProcessTermination,
79    0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
80DEFINE_GUID!{Audit_DetailedTracking_DpapiActivity,
81    0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
82DEFINE_GUID!{Audit_DetailedTracking_RpcCall,
83    0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
84DEFINE_GUID!{Audit_PolicyChange_AuditPolicy,
85    0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
86DEFINE_GUID!{Audit_PolicyChange_AuthenticationPolicy,
87    0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
88DEFINE_GUID!{Audit_PolicyChange_AuthorizationPolicy,
89    0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
90DEFINE_GUID!{Audit_PolicyChange_MpsscvRulePolicy,
91    0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
92DEFINE_GUID!{Audit_PolicyChange_WfpIPSecPolicy,
93    0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
94DEFINE_GUID!{Audit_PolicyChange_Others,
95    0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
96DEFINE_GUID!{Audit_AccountManagement_UserAccount,
97    0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
98DEFINE_GUID!{Audit_AccountManagement_ComputerAccount,
99    0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
100DEFINE_GUID!{Audit_AccountManagement_SecurityGroup,
101    0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
102DEFINE_GUID!{Audit_AccountManagement_DistributionGroup,
103    0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
104DEFINE_GUID!{Audit_AccountManagement_ApplicationGroup,
105    0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
106DEFINE_GUID!{Audit_AccountManagement_Others,
107    0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
108DEFINE_GUID!{Audit_DSAccess_DSAccess,
109    0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
110DEFINE_GUID!{Audit_DsAccess_AdAuditChanges,
111    0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
112DEFINE_GUID!{Audit_Ds_Replication,
113    0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
114DEFINE_GUID!{Audit_Ds_DetailedReplication,
115    0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
116DEFINE_GUID!{Audit_AccountLogon_CredentialValidation,
117    0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
118DEFINE_GUID!{Audit_AccountLogon_Kerberos,
119    0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
120DEFINE_GUID!{Audit_AccountLogon_Others,
121    0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
122DEFINE_GUID!{Audit_AccountLogon_KerbCredentialValidation,
123    0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
124DEFINE_GUID!{Audit_Logon_NPS,
125    0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
126DEFINE_GUID!{Audit_ObjectAccess_DetailedFileShare,
127    0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
128DEFINE_GUID!{Audit_ObjectAccess_RemovableStorage,
129    0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
130DEFINE_GUID!{Audit_ObjectAccess_CbacStaging,
131    0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
132DEFINE_GUID!{Audit_Logon_Claims,
133    0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
134DEFINE_GUID!{Audit_System,
135    0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
136DEFINE_GUID!{Audit_Logon,
137    0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
138DEFINE_GUID!{Audit_ObjectAccess,
139    0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
140DEFINE_GUID!{Audit_PrivilegeUse,
141    0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
142DEFINE_GUID!{Audit_DetailedTracking,
143    0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
144DEFINE_GUID!{Audit_PolicyChange,
145    0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
146DEFINE_GUID!{Audit_AccountManagement,
147    0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
148DEFINE_GUID!{Audit_DirectoryServiceAccess,
149    0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
150DEFINE_GUID!{Audit_AccountLogon,
151    0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
152ENUM!{enum POLICY_AUDIT_EVENT_TYPE {
153    AuditCategorySystem = 0,
154    AuditCategoryLogon,
155    AuditCategoryObjectAccess,
156    AuditCategoryPrivilegeUse,
157    AuditCategoryDetailedTracking,
158    AuditCategoryPolicyChange,
159    AuditCategoryAccountManagement,
160    AuditCategoryDirectoryServiceAccess,
161    AuditCategoryAccountLogon,
162}}
163pub type PPOLICY_AUDIT_EVENT_TYPE = *mut POLICY_AUDIT_EVENT_TYPE;
164pub const POLICY_AUDIT_EVENT_UNCHANGED: POLICY_AUDIT_EVENT_OPTIONS = 0x00000000;
165pub const POLICY_AUDIT_EVENT_SUCCESS: POLICY_AUDIT_EVENT_OPTIONS = 0x00000001;
166pub const POLICY_AUDIT_EVENT_FAILURE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000002;
167pub const POLICY_AUDIT_EVENT_NONE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000004;
168pub const POLICY_AUDIT_EVENT_MASK: POLICY_AUDIT_EVENT_OPTIONS = POLICY_AUDIT_EVENT_SUCCESS
169    | POLICY_AUDIT_EVENT_FAILURE | POLICY_AUDIT_EVENT_UNCHANGED | POLICY_AUDIT_EVENT_NONE;
170pub const POLICY_VIEW_LOCAL_INFORMATION: ACCESS_MASK = 0x00000001;
171pub const POLICY_VIEW_AUDIT_INFORMATION: ACCESS_MASK = 0x00000002;
172pub const POLICY_GET_PRIVATE_INFORMATION: ACCESS_MASK = 0x00000004;
173pub const POLICY_TRUST_ADMIN: ACCESS_MASK = 0x00000008;
174pub const POLICY_CREATE_ACCOUNT: ACCESS_MASK = 0x00000010;
175pub const POLICY_CREATE_SECRET: ACCESS_MASK = 0x00000020;
176pub const POLICY_CREATE_PRIVILEGE: ACCESS_MASK = 0x00000040;
177pub const POLICY_SET_DEFAULT_QUOTA_LIMITS: ACCESS_MASK = 0x00000080;
178pub const POLICY_SET_AUDIT_REQUIREMENTS: ACCESS_MASK = 0x00000100;
179pub const POLICY_AUDIT_LOG_ADMIN: ACCESS_MASK = 0x00000200;
180pub const POLICY_SERVER_ADMIN: ACCESS_MASK = 0x00000400;
181pub const POLICY_LOOKUP_NAMES: ACCESS_MASK = 0x00000800;
182pub const POLICY_NOTIFICATION: ACCESS_MASK = 0x00001000;
183pub const POLICY_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED
184    | POLICY_VIEW_LOCAL_INFORMATION | POLICY_VIEW_AUDIT_INFORMATION
185    | POLICY_GET_PRIVATE_INFORMATION | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT
186    | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS
187    | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN
188    | POLICY_LOOKUP_NAMES;
189pub const POLICY_READ: ACCESS_MASK = STANDARD_RIGHTS_READ | POLICY_VIEW_AUDIT_INFORMATION
190    | POLICY_GET_PRIVATE_INFORMATION;
191pub const POLICY_WRITE: ACCESS_MASK = STANDARD_RIGHTS_WRITE | POLICY_TRUST_ADMIN
192    | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE
193    | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN
194    | POLICY_SERVER_ADMIN;
195pub const POLICY_EXECUTE: ACCESS_MASK = STANDARD_RIGHTS_EXECUTE
196    | POLICY_VIEW_LOCAL_INFORMATION | POLICY_LOOKUP_NAMES;
197STRUCT!{struct LSA_TRANSLATED_SID {
198    Use: SID_NAME_USE,
199    RelativeId: ULONG,
200    DomainIndex: LONG,
201}}
202pub type PLSA_TRANSLATED_SID = *mut LSA_TRANSLATED_SID;
203ENUM!{enum POLICY_LSA_SERVER_ROLE {
204    PolicyServerRoleBackup = 2,
205    PolicyServerRolePrimary,
206}}
207pub type PPOLICY_LSA_SERVER_ROLE = *mut POLICY_LSA_SERVER_ROLE;
208pub type POLICY_AUDIT_EVENT_OPTIONS = ULONG;
209pub type PPOLICY_AUDIT_EVENT_OPTIONS = *mut ULONG;
210ENUM!{enum POLICY_INFORMATION_CLASS {
211    PolicyAuditLogInformation = 1,
212    PolicyAuditEventsInformation,
213    PolicyPrimaryDomainInformation,
214    PolicyPdAccountInformation,
215    PolicyAccountDomainInformation,
216    PolicyLsaServerRoleInformation,
217    PolicyReplicaSourceInformation,
218    PolicyDefaultQuotaInformation,
219    PolicyModificationInformation,
220    PolicyAuditFullSetInformation,
221    PolicyAuditFullQueryInformation,
222    PolicyDnsDomainInformation,
223    PolicyDnsDomainInformationInt,
224    PolicyLocalAccountDomainInformation,
225    PolicyLastEntry,
226}}
227pub type PPOLICY_INFORMATION_CLASS = *mut POLICY_INFORMATION_CLASS;
228STRUCT!{struct POLICY_AUDIT_LOG_INFO {
229    AuditLogPercentFull: ULONG,
230    MaximumLogSize: ULONG,
231    AuditRetentionPeriod: LARGE_INTEGER,
232    AuditLogFullShutdownInProgress: BOOLEAN,
233    TimeToShutdown: LARGE_INTEGER,
234    NextAuditRecordId: ULONG,
235}}
236pub type PPOLICY_AUDIT_LOG_INFO = *mut POLICY_AUDIT_LOG_INFO;
237STRUCT!{struct POLICY_AUDIT_EVENTS_INFO {
238    AuditingMode: BOOLEAN,
239    EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
240    MaximumAuditEventCount: ULONG,
241}}
242pub type PPOLICY_AUDIT_EVENTS_INFO = *mut POLICY_AUDIT_EVENTS_INFO;
243STRUCT!{struct POLICY_AUDIT_SUBCATEGORIES_INFO {
244    MaximumSubCategoryCount: ULONG,
245    EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
246}}
247pub type PPOLICY_AUDIT_SUBCATEGORIES_INFO = *mut POLICY_AUDIT_SUBCATEGORIES_INFO;
248STRUCT!{struct POLICY_AUDIT_CATEGORIES_INFO {
249    MaximumSubCategoryCount: ULONG,
250    SubCategoriesInfo: PPOLICY_AUDIT_SUBCATEGORIES_INFO,
251}}
252pub type PPOLICY_AUDIT_CATEGORIES_INFO = *mut POLICY_AUDIT_CATEGORIES_INFO;
253pub const PER_USER_POLICY_UNCHANGED: ULONG = 0x00;
254pub const PER_USER_AUDIT_SUCCESS_INCLUDE: ULONG = 0x01;
255pub const PER_USER_AUDIT_SUCCESS_EXCLUDE: ULONG = 0x02;
256pub const PER_USER_AUDIT_FAILURE_INCLUDE: ULONG = 0x04;
257pub const PER_USER_AUDIT_FAILURE_EXCLUDE: ULONG = 0x08;
258pub const PER_USER_AUDIT_NONE: ULONG = 0x10;
259pub const VALID_PER_USER_AUDIT_POLICY_FLAG: ULONG = PER_USER_AUDIT_SUCCESS_INCLUDE
260    | PER_USER_AUDIT_SUCCESS_EXCLUDE | PER_USER_AUDIT_FAILURE_INCLUDE
261    | PER_USER_AUDIT_FAILURE_EXCLUDE | PER_USER_AUDIT_NONE;
262STRUCT!{struct POLICY_PRIMARY_DOMAIN_INFO {
263    Name: LSA_UNICODE_STRING,
264    Sid: PSID,
265}}
266pub type PPOLICY_PRIMARY_DOMAIN_INFO = *mut POLICY_PRIMARY_DOMAIN_INFO;
267STRUCT!{struct POLICY_PD_ACCOUNT_INFO {
268    Name: LSA_UNICODE_STRING,
269}}
270pub type PPOLICY_PD_ACCOUNT_INFO = *mut POLICY_PD_ACCOUNT_INFO;
271STRUCT!{struct POLICY_LSA_SERVER_ROLE_INFO {
272    LsaServerRole: POLICY_LSA_SERVER_ROLE,
273}}
274pub type PPOLICY_LSA_SERVER_ROLE_INFO = *mut POLICY_LSA_SERVER_ROLE_INFO;
275STRUCT!{struct POLICY_REPLICA_SOURCE_INFO {
276    ReplicaSource: LSA_UNICODE_STRING,
277    ReplicaAccountName: LSA_UNICODE_STRING,
278}}
279pub type PPOLICY_REPLICA_SOURCE_INFO = *mut POLICY_REPLICA_SOURCE_INFO;
280STRUCT!{struct POLICY_DEFAULT_QUOTA_INFO {
281    QuotaLimits: QUOTA_LIMITS,
282}}
283pub type PPOLICY_DEFAULT_QUOTA_INFO = *mut POLICY_DEFAULT_QUOTA_INFO;
284STRUCT!{struct POLICY_MODIFICATION_INFO {
285    ModifiedId: LARGE_INTEGER,
286    DatabaseCreationTime: LARGE_INTEGER,
287}}
288pub type PPOLICY_MODIFICATION_INFO = *mut POLICY_MODIFICATION_INFO;
289STRUCT!{struct POLICY_AUDIT_FULL_SET_INFO {
290    ShutDownOnFull: BOOLEAN,
291}}
292pub type PPOLICY_AUDIT_FULL_SET_INFO = *mut POLICY_AUDIT_FULL_SET_INFO;
293STRUCT!{struct POLICY_AUDIT_FULL_QUERY_INFO {
294    ShutDownOnFull: BOOLEAN,
295    LogIsFull: BOOLEAN,
296}}
297pub type PPOLICY_AUDIT_FULL_QUERY_INFO = *mut POLICY_AUDIT_FULL_QUERY_INFO;
298ENUM!{enum POLICY_DOMAIN_INFORMATION_CLASS {
299    PolicyDomainEfsInformation = 2,
300    PolicyDomainKerberosTicketInformation,
301}}
302pub type PPOLICY_DOMAIN_INFORMATION_CLASS = *mut POLICY_DOMAIN_INFORMATION_CLASS;
303STRUCT!{struct POLICY_DOMAIN_EFS_INFO {
304    InfoLength: ULONG,
305    EfsBlob: PUCHAR,
306}}
307pub type PPOLICY_DOMAIN_EFS_INFO = *mut POLICY_DOMAIN_EFS_INFO;
308STRUCT!{struct POLICY_DOMAIN_KERBEROS_TICKET_INFO {
309    AuthenticationOptions: ULONG,
310    MaxServiceTicketAge: LARGE_INTEGER,
311    MaxTicketAge: LARGE_INTEGER,
312    MaxRenewAge: LARGE_INTEGER,
313    MaxClockSkew: LARGE_INTEGER,
314    Reserved: LARGE_INTEGER,
315}}
316pub type PPOLICY_DOMAIN_KERBEROS_TICKET_INFO = *mut POLICY_DOMAIN_KERBEROS_TICKET_INFO;
317ENUM!{enum POLICY_NOTIFICATION_INFORMATION_CLASS {
318    PolicyNotifyAuditEventsInformation = 1,
319    PolicyNotifyAccountDomainInformation,
320    PolicyNotifyServerRoleInformation,
321    PolicyNotifyDnsDomainInformation,
322    PolicyNotifyDomainEfsInformation,
323    PolicyNotifyDomainKerberosTicketInformation,
324    PolicyNotifyMachineAccountPasswordInformation,
325    PolicyNotifyGlobalSaclInformation,
326    PolicyNotifyMax,
327}}
328pub type PPOLICY_NOTIFICATION_INFORMATION_CLASS = *mut POLICY_NOTIFICATION_INFORMATION_CLASS;
329pub type LSA_HANDLE = PVOID;
330pub type PLSA_HANDLE = *mut PVOID;
331ENUM!{enum TRUSTED_INFORMATION_CLASS {
332    TrustedDomainNameInformation = 1,
333    TrustedControllersInformation,
334    TrustedPosixOffsetInformation,
335    TrustedPasswordInformation,
336    TrustedDomainInformationBasic,
337    TrustedDomainInformationEx,
338    TrustedDomainAuthInformation,
339    TrustedDomainFullInformation,
340    TrustedDomainAuthInformationInternal,
341    TrustedDomainFullInformationInternal,
342    TrustedDomainInformationEx2Internal,
343    TrustedDomainFullInformation2Internal,
344    TrustedDomainSupportedEncryptionTypes,
345}}
346pub type PTRUSTED_INFORMATION_CLASS = *mut TRUSTED_INFORMATION_CLASS;
347STRUCT!{struct TRUSTED_DOMAIN_NAME_INFO {
348    Name: LSA_UNICODE_STRING,
349}}
350pub type PTRUSTED_DOMAIN_NAME_INFO = *mut TRUSTED_DOMAIN_NAME_INFO;
351STRUCT!{struct TRUSTED_CONTROLLERS_INFO {
352    Entries: ULONG,
353    Names: PLSA_UNICODE_STRING,
354}}
355pub type PTRUSTED_CONTROLLERS_INFO = *mut TRUSTED_CONTROLLERS_INFO;
356STRUCT!{struct TRUSTED_POSIX_OFFSET_INFO {
357    Offset: ULONG,
358}}
359pub type PTRUSTED_POSIX_OFFSET_INFO = *mut TRUSTED_POSIX_OFFSET_INFO;
360STRUCT!{struct TRUSTED_PASSWORD_INFO {
361    Password: LSA_UNICODE_STRING,
362    OldPassword: LSA_UNICODE_STRING,
363}}
364pub type PTRUSTED_PASSWORD_INFO = *mut TRUSTED_PASSWORD_INFO;
365pub type TRUSTED_DOMAIN_INFORMATION_BASIC = LSA_TRUST_INFORMATION;
366pub type PTRUSTED_DOMAIN_INFORMATION_BASIC = PLSA_TRUST_INFORMATION;
367pub const TRUST_DIRECTION_DISABLED: ULONG = 0x00000000;
368pub const TRUST_DIRECTION_INBOUND: ULONG = 0x00000001;
369pub const TRUST_DIRECTION_OUTBOUND: ULONG = 0x00000002;
370pub const TRUST_DIRECTION_BIDIRECTIONAL: ULONG = TRUST_DIRECTION_INBOUND
371    | TRUST_DIRECTION_OUTBOUND;
372pub const TRUST_TYPE_DOWNLEVEL: ULONG = 0x00000001;
373pub const TRUST_TYPE_UPLEVEL: ULONG = 0x00000002;
374pub const TRUST_TYPE_MIT: ULONG = 0x00000003;
375pub const TRUST_ATTRIBUTE_NON_TRANSITIVE: ULONG = 0x00000001;
376pub const TRUST_ATTRIBUTE_UPLEVEL_ONLY: ULONG = 0x00000002;
377pub const TRUST_ATTRIBUTE_QUARANTINED_DOMAIN: ULONG = 0x00000004;
378pub const TRUST_ATTRIBUTE_FOREST_TRANSITIVE: ULONG = 0x00000008;
379pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION: ULONG = 0x00000010;
380pub const TRUST_ATTRIBUTE_WITHIN_FOREST: ULONG = 0x00000020;
381pub const TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL: ULONG = 0x00000040;
382pub const TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION: ULONG = 0x00000080;
383pub const TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS: ULONG = 0x00000100;
384pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION: ULONG = 0x00000200;
385pub const TRUST_ATTRIBUTES_VALID: ULONG = 0xFF03FFFF;
386pub const TRUST_ATTRIBUTES_USER: ULONG = 0xFF000000;
387STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX {
388    Name: LSA_UNICODE_STRING,
389    FlatName: LSA_UNICODE_STRING,
390    Sid: PSID,
391    TrustDirection: ULONG,
392    TrustType: ULONG,
393    TrustAttributes: ULONG,
394}}
395pub type PTRUSTED_DOMAIN_INFORMATION_EX = *mut TRUSTED_DOMAIN_INFORMATION_EX;
396STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX2 {
397    Name: LSA_UNICODE_STRING,
398    FlatName: LSA_UNICODE_STRING,
399    Sid: PSID,
400    TrustDirection: ULONG,
401    TrustType: ULONG,
402    TrustAttributes: ULONG,
403    ForestTrustLength: ULONG,
404    ForestTrustInfo: PUCHAR,
405}}
406pub type PTRUSTED_DOMAIN_INFORMATION_EX2 = *mut TRUSTED_DOMAIN_INFORMATION_EX2;
407pub const TRUST_AUTH_TYPE_NONE: ULONG = 0;
408pub const TRUST_AUTH_TYPE_NT4OWF: ULONG = 1;
409pub const TRUST_AUTH_TYPE_CLEAR: ULONG = 2;
410pub const TRUST_AUTH_TYPE_VERSION: ULONG = 3;
411STRUCT!{struct LSA_AUTH_INFORMATION {
412    LastUpdateTime: LARGE_INTEGER,
413    AuthType: ULONG,
414    AuthInfoLength: ULONG,
415    AuthInfo: PUCHAR,
416}}
417pub type PLSA_AUTH_INFORMATION = *mut LSA_AUTH_INFORMATION;
418STRUCT!{struct TRUSTED_DOMAIN_AUTH_INFORMATION {
419    IncomingAuthInfos: ULONG,
420    IncomingAuthenticationInformation: PLSA_AUTH_INFORMATION,
421    IncomingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
422    OutgoingAuthInfos: ULONG,
423    OutgoingAuthenticationInformation: PLSA_AUTH_INFORMATION,
424    OutgoingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
425}}
426pub type PTRUSTED_DOMAIN_AUTH_INFORMATION = *mut TRUSTED_DOMAIN_AUTH_INFORMATION;
427STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION {
428    Information: TRUSTED_DOMAIN_INFORMATION_EX,
429    PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
430    AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
431}}
432pub type PTRUSTED_DOMAIN_FULL_INFORMATION = *mut TRUSTED_DOMAIN_FULL_INFORMATION;
433STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION2 {
434    Information: TRUSTED_DOMAIN_INFORMATION_EX2,
435    PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
436    AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
437}}
438pub type PTRUSTED_DOMAIN_FULL_INFORMATION2 = *mut TRUSTED_DOMAIN_FULL_INFORMATION2;
439STRUCT!{struct TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES {
440    SupportedEncryptionTypes: ULONG,
441}}
442pub type PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES =
443    *mut TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES;
444ENUM!{enum LSA_FOREST_TRUST_RECORD_TYPE {
445    ForestTrustTopLevelName,
446    ForestTrustTopLevelNameEx,
447    ForestTrustDomainInfo,
448    ForestTrustRecordTypeLast, // = ForestTrustDomainInfo,
449}}
450pub const LSA_FTRECORD_DISABLED_REASONS: ULONG = 0x0000FFFF;
451pub const LSA_TLN_DISABLED_NEW: ULONG = 0x00000001;
452pub const LSA_TLN_DISABLED_ADMIN: ULONG = 0x00000002;
453pub const LSA_TLN_DISABLED_CONFLICT: ULONG = 0x00000004;
454pub const LSA_SID_DISABLED_ADMIN: ULONG = 0x00000001;
455pub const LSA_SID_DISABLED_CONFLICT: ULONG = 0x00000002;
456pub const LSA_NB_DISABLED_ADMIN: ULONG = 0x00000004;
457pub const LSA_NB_DISABLED_CONFLICT: ULONG = 0x00000008;
458STRUCT!{struct LSA_FOREST_TRUST_DOMAIN_INFO {
459    Sid: PSID,
460    DnsName: LSA_UNICODE_STRING,
461    NetbiosName: LSA_UNICODE_STRING,
462}}
463pub type PLSA_FOREST_TRUST_DOMAIN_INFO = *mut LSA_FOREST_TRUST_DOMAIN_INFO;
464pub const MAX_FOREST_TRUST_BINARY_DATA_SIZE: ULONG = 128 * 1024;
465STRUCT!{struct LSA_FOREST_TRUST_BINARY_DATA {
466    Length: ULONG,
467    Buffer: PUCHAR,
468}}
469pub type PLSA_FOREST_TRUST_BINARY_DATA = *mut LSA_FOREST_TRUST_BINARY_DATA;
470UNION!{union LSA_FOREST_TRUST_RECORD_ForestTrustData {
471    [usize; 5],
472    TopLevelName TopLevelName_mut: LSA_UNICODE_STRING,
473    DomainInfo DomainInfo_mut: LSA_FOREST_TRUST_DOMAIN_INFO,
474    Data Data_mut: LSA_FOREST_TRUST_BINARY_DATA,
475}}
476STRUCT!{struct LSA_FOREST_TRUST_RECORD {
477    Flags: ULONG,
478    ForestTrustType: LSA_FOREST_TRUST_RECORD_TYPE,
479    Time: LARGE_INTEGER,
480    ForestTrustData: LSA_FOREST_TRUST_RECORD_ForestTrustData,
481}}
482pub type PLSA_FOREST_TRUST_RECORD = *mut LSA_FOREST_TRUST_RECORD;
483pub const MAX_RECORDS_IN_FOREST_TRUST_INFO: ULONG = 4000;
484STRUCT!{struct LSA_FOREST_TRUST_INFORMATION {
485    RecordCount: ULONG,
486    Entries: *mut PLSA_FOREST_TRUST_RECORD,
487}}
488pub type PLSA_FOREST_TRUST_INFORMATION = *mut LSA_FOREST_TRUST_INFORMATION;
489ENUM!{enum LSA_FOREST_TRUST_COLLISION_RECORD_TYPE {
490    CollisionTdo,
491    CollisionXref,
492    CollisionOther,
493}}
494STRUCT!{struct LSA_FOREST_TRUST_COLLISION_RECORD {
495    Index: ULONG,
496    Type: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE,
497    Flags: ULONG,
498    Name: LSA_UNICODE_STRING,
499}}
500pub type PLSA_FOREST_TRUST_COLLISION_RECORD = *mut LSA_FOREST_TRUST_COLLISION_RECORD;
501STRUCT!{struct LSA_FOREST_TRUST_COLLISION_INFORMATION {
502    RecordCount: ULONG,
503    Entries: *mut PLSA_FOREST_TRUST_COLLISION_RECORD,
504}}
505pub type PLSA_FOREST_TRUST_COLLISION_INFORMATION = *mut LSA_FOREST_TRUST_COLLISION_INFORMATION;
506pub type LSA_ENUMERATION_HANDLE = ULONG;
507pub type PLSA_ENUMERATION_HANDLE = *mut ULONG;
508STRUCT!{struct LSA_ENUMERATION_INFORMATION {
509    Sid: PSID,
510}}
511pub type PLSA_ENUMERATION_INFORMATION = *mut LSA_ENUMERATION_INFORMATION;
512STRUCT!{struct LSA_LAST_INTER_LOGON_INFO {
513    LastSuccessfulLogon: LARGE_INTEGER,
514    LastFailedLogon: LARGE_INTEGER,
515    FailedAttemptCountSinceLastSuccessfulLogon: ULONG,
516}}
517pub type PLSA_LAST_INTER_LOGON_INFO = *mut LSA_LAST_INTER_LOGON_INFO;
518STRUCT!{struct SECURITY_LOGON_SESSION_DATA {
519    Size: ULONG,
520    LogonId: LUID,
521    UserName: LSA_UNICODE_STRING,
522    LogonDomain: LSA_UNICODE_STRING,
523    AuthenticationPackage: LSA_UNICODE_STRING,
524    LogonType: ULONG,
525    Session: ULONG,
526    Sid: PSID,
527    LogonTime: LARGE_INTEGER,
528    LogonServer: LSA_UNICODE_STRING,
529    DnsDomainName: LSA_UNICODE_STRING,
530    Upn: LSA_UNICODE_STRING,
531    UserFlags: ULONG,
532    LastLogonInfo: LSA_LAST_INTER_LOGON_INFO,
533    LogonScript: LSA_UNICODE_STRING,
534    ProfilePath: LSA_UNICODE_STRING,
535    HomeDirectory: LSA_UNICODE_STRING,
536    HomeDirectoryDrive: LSA_UNICODE_STRING,
537    LogoffTime: LARGE_INTEGER,
538    KickOffTime: LARGE_INTEGER,
539    PasswordLastSet: LARGE_INTEGER,
540    PasswordCanChange: LARGE_INTEGER,
541    PasswordMustChange: LARGE_INTEGER,
542}}
543pub type PSECURITY_LOGON_SESSION_DATA = *mut SECURITY_LOGON_SESSION_DATA;
544pub const CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000001;
545pub const CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000100;
546pub const CENTRAL_ACCESS_POLICY_STAGED_FLAG: ULONG = 0x00010000;
547pub const CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK: ULONG =
548    CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
549    | CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
550    | CENTRAL_ACCESS_POLICY_STAGED_FLAG;
551pub const LSASETCAPS_RELOAD_FLAG: ULONG = 0x00000001;
552pub const LSASETCAPS_VALID_FLAG_MASK: ULONG = LSASETCAPS_RELOAD_FLAG;
553STRUCT!{struct CENTRAL_ACCESS_POLICY_ENTRY {
554    Name: LSA_UNICODE_STRING,
555    Description: LSA_UNICODE_STRING,
556    ChangeId: LSA_UNICODE_STRING,
557    LengthAppliesTo: ULONG,
558    AppliesTo: PUCHAR,
559    LengthSD: ULONG,
560    SD: PSECURITY_DESCRIPTOR,
561    LengthStagedSD: ULONG,
562    StagedSD: PSECURITY_DESCRIPTOR,
563    Flags: ULONG,
564}}
565pub type PCENTRAL_ACCESS_POLICY_ENTRY = *mut CENTRAL_ACCESS_POLICY_ENTRY;
566pub type PCCENTRAL_ACCESS_POLICY_ENTRY = *const CENTRAL_ACCESS_POLICY_ENTRY;
567STRUCT!{struct CENTRAL_ACCESS_POLICY {
568    CAPID: PSID,
569    Name: LSA_UNICODE_STRING,
570    Description: LSA_UNICODE_STRING,
571    ChangeId: LSA_UNICODE_STRING,
572    Flags: ULONG,
573    CAPECount: ULONG,
574    CAPEs: *mut PCENTRAL_ACCESS_POLICY_ENTRY,
575}}
576pub type PCENTRAL_ACCESS_POLICY = *mut CENTRAL_ACCESS_POLICY;
577pub type PCCENTRAL_ACCESS_POLICY = *const CENTRAL_ACCESS_POLICY;
578ENUM!{enum NEGOTIATE_MESSAGES {
579    NegEnumPackagePrefixes = 0,
580    NegGetCallerName = 1,
581    NegTransferCredentials = 2,
582    NegCallPackageMax,
583}}
584pub const NEGOTIATE_MAX_PREFIX: usize = 32;
585STRUCT!{struct NEGOTIATE_PACKAGE_PREFIX {
586    PackageId: ULONG_PTR,
587    PackageDataA: PVOID,
588    PackageDataW: PVOID,
589    PrefixLen: ULONG_PTR,
590    Prefix: [UCHAR; NEGOTIATE_MAX_PREFIX],
591}}
592pub type PNEGOTIATE_PACKAGE_PREFIX = *mut NEGOTIATE_PACKAGE_PREFIX;
593STRUCT!{struct NEGOTIATE_PACKAGE_PREFIXES {
594    MessageType: ULONG,
595    PrefixCount: ULONG,
596    Offset: ULONG,
597    Pad: ULONG,
598}}
599pub type PNEGOTIATE_PACKAGE_PREFIXES = *mut NEGOTIATE_PACKAGE_PREFIXES;
600STRUCT!{struct NEGOTIATE_CALLER_NAME_REQUEST {
601    MessageType: ULONG,
602    LogonId: LUID,
603}}
604pub type PNEGOTIATE_CALLER_NAME_REQUEST = *mut NEGOTIATE_CALLER_NAME_REQUEST;
605STRUCT!{struct NEGOTIATE_CALLER_NAME_RESPONSE {
606    MessageType: ULONG,
607    CallerName: PWSTR,
608}}
609pub type PNEGOTIATE_CALLER_NAME_RESPONSE = *mut NEGOTIATE_CALLER_NAME_RESPONSE;
610STRUCT!{struct DOMAIN_PASSWORD_INFORMATION {
611    MinPasswordLength: USHORT,
612    PasswordHistoryLength: USHORT,
613    PasswordProperties: ULONG,
614    MaxPasswordAge: LARGE_INTEGER,
615    MinPasswordAge: LARGE_INTEGER,
616}}
617pub type PDOMAIN_PASSWORD_INFORMATION = *mut DOMAIN_PASSWORD_INFORMATION;
618pub const DOMAIN_PASSWORD_COMPLEX: ULONG = 0x00000001;
619pub const DOMAIN_PASSWORD_NO_ANON_CHANGE: ULONG = 0x00000002;
620pub const DOMAIN_PASSWORD_NO_CLEAR_CHANGE: ULONG = 0x00000004;
621pub const DOMAIN_LOCKOUT_ADMINS: ULONG = 0x00000008;
622pub const DOMAIN_PASSWORD_STORE_CLEARTEXT: ULONG = 0x00000010;
623pub const DOMAIN_REFUSE_PASSWORD_CHANGE: ULONG = 0x00000020;
624pub const DOMAIN_NO_LM_OWF_CHANGE: ULONG = 0x00000040;
625FN!{stdcall PSAM_PASSWORD_NOTIFICATION_ROUTINE(
626    UserName: PUNICODE_STRING,
627    RelativeId: ULONG,
628    NewPassword: PUNICODE_STRING,
629) -> NTSTATUS}
630FN!{stdcall PSAM_INIT_NOTIFICATION_ROUTINE() -> BOOLEAN}
631FN!{stdcall PSAM_PASSWORD_FILTER_ROUTINE(
632    AccountName: PUNICODE_STRING,
633    FullName: PUNICODE_STRING,
634    Password: PUNICODE_STRING,
635    SetOperation: BOOLEAN,
636) -> BOOLEAN}
637ENUM!{enum MSV1_0_LOGON_SUBMIT_TYPE {
638    MsV1_0InteractiveLogon = 2,
639    MsV1_0Lm20Logon,
640    MsV1_0NetworkLogon,
641    MsV1_0SubAuthLogon,
642    MsV1_0WorkstationUnlockLogon = 7,
643    MsV1_0S4ULogon = 12,
644    MsV1_0VirtualLogon = 82,
645    MsV1_0NoElevationLogon = 83,
646    MsV1_0LuidLogon = 84,
647}}
648pub type PMSV1_0_LOGON_SUBMIT_TYPE = *mut MSV1_0_LOGON_SUBMIT_TYPE;
649ENUM!{enum MSV1_0_PROFILE_BUFFER_TYPE {
650    MsV1_0InteractiveProfile = 2,
651    MsV1_0Lm20LogonProfile,
652    MsV1_0SmartCardProfile,
653}}
654pub type PMSV1_0_PROFILE_BUFFER_TYPE = *mut MSV1_0_PROFILE_BUFFER_TYPE;
655STRUCT!{struct MSV1_0_INTERACTIVE_LOGON {
656    MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
657    LogonDomainName: UNICODE_STRING,
658    UserName: UNICODE_STRING,
659    Password: UNICODE_STRING,
660}}
661pub type PMSV1_0_INTERACTIVE_LOGON = *mut MSV1_0_INTERACTIVE_LOGON;
662STRUCT!{struct MSV1_0_INTERACTIVE_PROFILE {
663    MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
664    LogonCount: USHORT,
665    BadPasswordCount: USHORT,
666    LogonTime: LARGE_INTEGER,
667    LogoffTime: LARGE_INTEGER,
668    KickOffTime: LARGE_INTEGER,
669    PasswordLastSet: LARGE_INTEGER,
670    PasswordCanChange: LARGE_INTEGER,
671    PasswordMustChange: LARGE_INTEGER,
672    LogonScript: UNICODE_STRING,
673    HomeDirectory: UNICODE_STRING,
674    FullName: UNICODE_STRING,
675    ProfilePath: UNICODE_STRING,
676    HomeDirectoryDrive: UNICODE_STRING,
677    LogonServer: UNICODE_STRING,
678    UserFlags: ULONG,
679}}
680pub type PMSV1_0_INTERACTIVE_PROFILE = *mut MSV1_0_INTERACTIVE_PROFILE;
681pub const MSV1_0_CHALLENGE_LENGTH: usize = 8;
682pub const MSV1_0_USER_SESSION_KEY_LENGTH: usize = 16;
683pub const MSV1_0_LANMAN_SESSION_KEY_LENGTH: usize = 8;
684pub const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED: ULONG = 0x02;
685pub const MSV1_0_UPDATE_LOGON_STATISTICS: ULONG = 0x04;
686pub const MSV1_0_RETURN_USER_PARAMETERS: ULONG = 0x08;
687pub const MSV1_0_DONT_TRY_GUEST_ACCOUNT: ULONG = 0x10;
688pub const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT: ULONG = 0x20;
689pub const MSV1_0_RETURN_PASSWORD_EXPIRY: ULONG = 0x40;
690pub const MSV1_0_USE_CLIENT_CHALLENGE: ULONG = 0x80;
691pub const MSV1_0_TRY_GUEST_ACCOUNT_ONLY: ULONG = 0x100;
692pub const MSV1_0_RETURN_PROFILE_PATH: ULONG = 0x200;
693pub const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY: ULONG = 0x400;
694pub const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT: ULONG = 0x800;
695pub const MSV1_0_DISABLE_PERSONAL_FALLBACK: ULONG = 0x00001000;
696pub const MSV1_0_ALLOW_FORCE_GUEST: ULONG = 0x00002000;
697pub const MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED: ULONG = 0x00004000;
698pub const MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY: ULONG = 0x00008000;
699pub const MSV1_0_SUBAUTHENTICATION_DLL_EX: ULONG = 0x00100000;
700pub const MSV1_0_ALLOW_MSVCHAPV2: ULONG = 0x00010000;
701pub const MSV1_0_S4U2SELF: ULONG = 0x00020000;
702pub const MSV1_0_CHECK_LOGONHOURS_FOR_S4U: ULONG = 0x00040000;
703pub const MSV1_0_INTERNET_DOMAIN: ULONG = 0x00080000;
704pub const MSV1_0_SUBAUTHENTICATION_DLL: ULONG = 0xFF000000;
705pub const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT: ULONG = 24;
706pub const MSV1_0_MNS_LOGON: ULONG = 0x01000000;
707pub const MSV1_0_SUBAUTHENTICATION_DLL_RAS: ULONG = 2;
708pub const MSV1_0_SUBAUTHENTICATION_DLL_IIS: ULONG = 132;
709STRUCT!{struct MSV1_0_LM20_LOGON {
710    MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
711    LogonDomainName: UNICODE_STRING,
712    UserName: UNICODE_STRING,
713    Workstation: UNICODE_STRING,
714    ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
715    CaseSensitiveChallengeResponse: STRING,
716    CaseInsensitiveChallengeResponse: STRING,
717    ParameterControl: ULONG,
718}}
719pub type PMSV1_0_LM20_LOGON = *mut MSV1_0_LM20_LOGON;
720STRUCT!{struct MSV1_0_SUBAUTH_LOGON {
721    MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
722    LogonDomainName: UNICODE_STRING,
723    UserName: UNICODE_STRING,
724    Workstation: UNICODE_STRING,
725    ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
726    AuthenticationInfo1: STRING,
727    AuthenticationInfo2: STRING,
728    ParameterControl: ULONG,
729    SubAuthPackageId: ULONG,
730}}
731pub type PMSV1_0_SUBAUTH_LOGON = *mut MSV1_0_SUBAUTH_LOGON;
732STRUCT!{struct MSV1_0_S4U_LOGON {
733    MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
734    MSV1_0_LOGON_SUBMIT_TYPE: ULONG,
735    UserPrincipalName: UNICODE_STRING,
736    DomainName: UNICODE_STRING,
737}}
738pub type PMSV1_0_S4U_LOGON = *mut MSV1_0_S4U_LOGON;
739pub const LOGON_GUEST: ULONG = 0x01;
740pub const LOGON_NOENCRYPTION: ULONG = 0x02;
741pub const LOGON_CACHED_ACCOUNT: ULONG = 0x04;
742pub const LOGON_USED_LM_PASSWORD: ULONG = 0x08;
743pub const LOGON_EXTRA_SIDS: ULONG = 0x20;
744pub const LOGON_SUBAUTH_SESSION_KEY: ULONG = 0x40;
745pub const LOGON_SERVER_TRUST_ACCOUNT: ULONG = 0x80;
746pub const LOGON_NTLMV2_ENABLED: ULONG = 0x100;
747pub const LOGON_RESOURCE_GROUPS: ULONG = 0x200;
748pub const LOGON_PROFILE_PATH_RETURNED: ULONG = 0x400;
749pub const LOGON_NT_V2: ULONG = 0x800;
750pub const LOGON_LM_V2: ULONG = 0x1000;
751pub const LOGON_NTLM_V2: ULONG = 0x2000;
752pub const LOGON_OPTIMIZED: ULONG = 0x4000;
753pub const LOGON_WINLOGON: ULONG = 0x8000;
754pub const LOGON_PKINIT: ULONG = 0x10000;
755pub const LOGON_NO_OPTIMIZED: ULONG = 0x20000;
756pub const LOGON_NO_ELEVATION: ULONG = 0x40000;
757pub const LOGON_MANAGED_SERVICE: ULONG = 0x80000;
758pub const LOGON_GRACE_LOGON: ULONG = 0x01000000;
759STRUCT!{struct MSV1_0_LM20_LOGON_PROFILE {
760    MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
761    KickOffTime: LARGE_INTEGER,
762    LogoffTime: LARGE_INTEGER,
763    UserFlags: ULONG,
764    UserSessionKey: [UCHAR; MSV1_0_USER_SESSION_KEY_LENGTH],
765    LogonDomainName: UNICODE_STRING,
766    LanmanSessionKey: [UCHAR; MSV1_0_LANMAN_SESSION_KEY_LENGTH],
767    LogonServer: UNICODE_STRING,
768    UserParameters: UNICODE_STRING,
769}}
770pub type PMSV1_0_LM20_LOGON_PROFILE = *mut MSV1_0_LM20_LOGON_PROFILE;
771pub const MSV1_0_OWF_PASSWORD_LENGTH: usize = 16;
772STRUCT!{struct MSV1_0_SUPPLEMENTAL_CREDENTIAL {
773    Version: ULONG,
774    Flags: ULONG,
775    LmPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
776    NtPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
777}}
778pub type PMSV1_0_SUPPLEMENTAL_CREDENTIAL = *mut MSV1_0_SUPPLEMENTAL_CREDENTIAL;
779pub const MSV1_0_NTLM3_RESPONSE_LENGTH: usize = 16;
780pub const MSV1_0_NTLM3_OWF_LENGTH: usize = 16;
781STRUCT!{struct MSV1_0_NTLM3_RESPONSE {
782    Response: [UCHAR; MSV1_0_NTLM3_RESPONSE_LENGTH],
783    RespType: UCHAR,
784    HiRespType: UCHAR,
785    Flags: USHORT,
786    MsgWord: ULONG,
787    TimeStamp: ULONGLONG,
788    ChallengeFromClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
789    AvPairsOff: ULONG,
790    Buffer: [UCHAR; 1],
791}}
792pub type PMSV1_0_NTLM3_RESPONSE = *mut MSV1_0_NTLM3_RESPONSE;
793ENUM!{enum MSV1_0_AVID {
794    MsvAvEOL,
795    MsvAvNbComputerName,
796    MsvAvNbDomainName,
797    MsvAvDnsComputerName,
798    MsvAvDnsDomainName,
799    MsvAvDnsTreeName,
800    MsvAvFlags,
801    MsvAvTimestamp,
802    MsvAvRestrictions,
803    MsvAvTargetName,
804    MsvAvChannelBindings,
805}}
806STRUCT!{struct MSV1_0_AV_PAIR {
807    AvId: USHORT,
808    AvLen: USHORT,
809}}
810pub type PMSV1_0_AV_PAIR = *mut MSV1_0_AV_PAIR;
811ENUM!{enum MSV1_0_PROTOCOL_MESSAGE_TYPE {
812    MsV1_0Lm20ChallengeRequest = 0,
813    MsV1_0Lm20GetChallengeResponse,
814    MsV1_0EnumerateUsers,
815    MsV1_0GetUserInfo,
816    MsV1_0ReLogonUsers,
817    MsV1_0ChangePassword,
818    MsV1_0ChangeCachedPassword,
819    MsV1_0GenericPassthrough,
820    MsV1_0CacheLogon,
821    MsV1_0SubAuth,
822    MsV1_0DeriveCredential,
823    MsV1_0CacheLookup,
824    MsV1_0SetProcessOption,
825    MsV1_0ConfigLocalAliases,
826    MsV1_0ClearCachedCredentials,
827    MsV1_0LookupToken,
828    MsV1_0ValidateAuth,
829    MsV1_0CacheLookupEx,
830    MsV1_0GetCredentialKey,
831    MsV1_0SetThreadOption,
832}}
833pub type PMSV1_0_PROTOCOL_MESSAGE_TYPE = *mut MSV1_0_PROTOCOL_MESSAGE_TYPE;
834STRUCT!{struct MSV1_0_CHANGEPASSWORD_REQUEST {
835    MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
836    DomainName: UNICODE_STRING,
837    AccountName: UNICODE_STRING,
838    OldPassword: UNICODE_STRING,
839    NewPassword: UNICODE_STRING,
840    Impersonating: BOOLEAN,
841}}
842pub type PMSV1_0_CHANGEPASSWORD_REQUEST = *mut MSV1_0_CHANGEPASSWORD_REQUEST;
843STRUCT!{struct MSV1_0_CHANGEPASSWORD_RESPONSE {
844    MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
845    PasswordInfoValid: BOOLEAN,
846    DomainPasswordInfo: DOMAIN_PASSWORD_INFORMATION,
847}}
848pub type PMSV1_0_CHANGEPASSWORD_RESPONSE = *mut MSV1_0_CHANGEPASSWORD_RESPONSE;
849STRUCT!{struct MSV1_0_PASSTHROUGH_REQUEST {
850    MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
851    DomainName: UNICODE_STRING,
852    PackageName: UNICODE_STRING,
853    DataLength: ULONG,
854    LogonData: PUCHAR,
855    Pad: ULONG,
856}}
857pub type PMSV1_0_PASSTHROUGH_REQUEST = *mut MSV1_0_PASSTHROUGH_REQUEST;
858STRUCT!{struct MSV1_0_PASSTHROUGH_RESPONSE {
859    MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
860    Pad: ULONG,
861    DataLength: ULONG,
862    ValidationData: PUCHAR,
863}}
864pub type PMSV1_0_PASSTHROUGH_RESPONSE = *mut MSV1_0_PASSTHROUGH_RESPONSE;
865STRUCT!{struct MSV1_0_SUBAUTH_REQUEST {
866    MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
867    SubAuthPackageId: ULONG,
868    SubAuthInfoLength: ULONG,
869    SubAuthSubmitBuffer: PUCHAR,
870}}
871pub type PMSV1_0_SUBAUTH_REQUEST = *mut MSV1_0_SUBAUTH_REQUEST;
872STRUCT!{struct MSV1_0_SUBAUTH_RESPONSE {
873    MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
874    SubAuthInfoLength: ULONG,
875    SubAuthReturnBuffer: PUCHAR,
876}}
877pub type PMSV1_0_SUBAUTH_RESPONSE = *mut MSV1_0_SUBAUTH_RESPONSE;
878pub use self::SystemFunction036 as RtlGenRandom;
879pub use self::SystemFunction040 as RtlEncryptMemory;
880pub use self::SystemFunction041 as RtlDecryptMemory;
881extern "system" {
882    pub fn SystemFunction036(
883        RandomBuffer: PVOID,
884        RandomBufferLength: ULONG,
885    ) -> BOOLEAN;
886}
887pub const RTL_ENCRYPT_MEMORY_SIZE: ULONG = 8;
888pub const RTL_ENCRYPT_OPTION_CROSS_PROCESS: ULONG = 0x01;
889pub const RTL_ENCRYPT_OPTION_SAME_LOGON: ULONG = 0x02;
890extern "system" {
891    pub fn SystemFunction040(
892        Memory: PVOID,
893        MemorySize: ULONG,
894        OptionFlags: ULONG,
895    ) -> NTSTATUS;
896    pub fn SystemFunction041(
897        Memory: PVOID,
898        MemorySize: ULONG,
899        OptionFlags: ULONG,
900    ) -> NTSTATUS;
901}
902pub const KERBEROS_VERSION: ULONG = 5;
903pub const KERBEROS_REVISION: ULONG = 6;
904pub const KERB_ETYPE_NULL: LONG = 0;
905pub const KERB_ETYPE_DES_CBC_CRC: LONG = 1;
906pub const KERB_ETYPE_DES_CBC_MD4: LONG = 2;
907pub const KERB_ETYPE_DES_CBC_MD5: LONG = 3;
908pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96: LONG = 17;
909pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96: LONG = 18;
910pub const KERB_ETYPE_RC4_MD4: LONG = -128;
911pub const KERB_ETYPE_RC4_PLAIN2: LONG = -129;
912pub const KERB_ETYPE_RC4_LM: LONG = -130;
913pub const KERB_ETYPE_RC4_SHA: LONG = -131;
914pub const KERB_ETYPE_DES_PLAIN: LONG = -132;
915pub const KERB_ETYPE_RC4_HMAC_OLD: LONG = -133;
916pub const KERB_ETYPE_RC4_PLAIN_OLD: LONG = -134;
917pub const KERB_ETYPE_RC4_HMAC_OLD_EXP: LONG = -135;
918pub const KERB_ETYPE_RC4_PLAIN_OLD_EXP: LONG = -136;
919pub const KERB_ETYPE_RC4_PLAIN: LONG = -140;
920pub const KERB_ETYPE_RC4_PLAIN_EXP: LONG = -141;
921pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN: LONG = -148;
922pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN: LONG = -149;
923pub const KERB_ETYPE_DSA_SHA1_CMS: LONG = 9;
924pub const KERB_ETYPE_RSA_MD5_CMS: LONG = 10;
925pub const KERB_ETYPE_RSA_SHA1_CMS: LONG = 11;
926pub const KERB_ETYPE_RC2_CBC_ENV: LONG = 12;
927pub const KERB_ETYPE_RSA_ENV: LONG = 13;
928pub const KERB_ETYPE_RSA_ES_OEAP_ENV: LONG = 14;
929pub const KERB_ETYPE_DES_EDE3_CBC_ENV: LONG = 15;
930pub const KERB_ETYPE_DSA_SIGN: LONG = 8;
931pub const KERB_ETYPE_RSA_PRIV: LONG = 9;
932pub const KERB_ETYPE_RSA_PUB: LONG = 10;
933pub const KERB_ETYPE_RSA_PUB_MD5: LONG = 11;
934pub const KERB_ETYPE_RSA_PUB_SHA1: LONG = 12;
935pub const KERB_ETYPE_PKCS7_PUB: LONG = 13;
936pub const KERB_ETYPE_DES3_CBC_MD5: LONG = 5;
937pub const KERB_ETYPE_DES3_CBC_SHA1: LONG = 7;
938pub const KERB_ETYPE_DES3_CBC_SHA1_KD: LONG = 16;
939pub const KERB_ETYPE_DES_CBC_MD5_NT: LONG = 20;
940pub const KERB_ETYPE_RC4_HMAC_NT: LONG = 23;
941pub const KERB_ETYPE_RC4_HMAC_NT_EXP: LONG = 24;
942pub const KERB_CHECKSUM_NONE: LONG = 0;
943pub const KERB_CHECKSUM_CRC32: LONG = 1;
944pub const KERB_CHECKSUM_MD4: LONG = 2;
945pub const KERB_CHECKSUM_KRB_DES_MAC: LONG = 4;
946pub const KERB_CHECKSUM_KRB_DES_MAC_K: LONG = 5;
947pub const KERB_CHECKSUM_MD5: LONG = 7;
948pub const KERB_CHECKSUM_MD5_DES: LONG = 8;
949pub const KERB_CHECKSUM_SHA1_NEW: LONG = 14;
950pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128: LONG = 15;
951pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256: LONG = 16;
952pub const KERB_CHECKSUM_LM: LONG = -130;
953pub const KERB_CHECKSUM_SHA1: LONG = -131;
954pub const KERB_CHECKSUM_REAL_CRC32: LONG = -132;
955pub const KERB_CHECKSUM_DES_MAC: LONG = -133;
956pub const KERB_CHECKSUM_DES_MAC_MD5: LONG = -134;
957pub const KERB_CHECKSUM_MD25: LONG = -135;
958pub const KERB_CHECKSUM_RC4_MD5: LONG = -136;
959pub const KERB_CHECKSUM_MD5_HMAC: LONG = -137;
960pub const KERB_CHECKSUM_HMAC_MD5: LONG = -138;
961pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki: LONG = -150;
962pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki: LONG = -151;
963pub const KERB_TICKET_FLAGS_reserved: ULONG = 0x80000000;
964pub const KERB_TICKET_FLAGS_forwardable: ULONG = 0x40000000;
965pub const KERB_TICKET_FLAGS_forwarded: ULONG = 0x20000000;
966pub const KERB_TICKET_FLAGS_proxiable: ULONG = 0x10000000;
967pub const KERB_TICKET_FLAGS_proxy: ULONG = 0x08000000;
968pub const KERB_TICKET_FLAGS_may_postdate: ULONG = 0x04000000;
969pub const KERB_TICKET_FLAGS_postdated: ULONG = 0x02000000;
970pub const KERB_TICKET_FLAGS_invalid: ULONG = 0x01000000;
971pub const KERB_TICKET_FLAGS_renewable: ULONG = 0x00800000;
972pub const KERB_TICKET_FLAGS_initial: ULONG = 0x00400000;
973pub const KERB_TICKET_FLAGS_pre_authent: ULONG = 0x00200000;
974pub const KERB_TICKET_FLAGS_hw_authent: ULONG = 0x00100000;
975pub const KERB_TICKET_FLAGS_ok_as_delegate: ULONG = 0x00040000;
976pub const KERB_TICKET_FLAGS_name_canonicalize: ULONG = 0x00010000;
977pub const KERB_TICKET_FLAGS_cname_in_pa_data: ULONG = 0x00040000;
978pub const KERB_TICKET_FLAGS_enc_pa_rep: ULONG = 0x00010000;
979pub const KERB_TICKET_FLAGS_reserved1: ULONG = 0x00000001;
980pub const KRB_NT_UNKNOWN: LONG = 0;
981pub const KRB_NT_PRINCIPAL: LONG = 1;
982pub const KRB_NT_PRINCIPAL_AND_ID: LONG = -131;
983pub const KRB_NT_SRV_INST: LONG = 2;
984pub const KRB_NT_SRV_INST_AND_ID: LONG = -132;
985pub const KRB_NT_SRV_HST: LONG = 3;
986pub const KRB_NT_SRV_XHST: LONG = 4;
987pub const KRB_NT_UID: LONG = 5;
988pub const KRB_NT_ENTERPRISE_PRINCIPAL: LONG = 10;
989pub const KRB_NT_WELLKNOWN: LONG = 11;
990pub const KRB_NT_ENT_PRINCIPAL_AND_ID: LONG = -130;
991pub const KRB_NT_MS_PRINCIPAL: LONG = -128;
992pub const KRB_NT_MS_PRINCIPAL_AND_ID: LONG = -129;
993pub const KRB_NT_MS_BRANCH_ID: LONG = -133;
994pub const KRB_NT_X500_PRINCIPAL: LONG = 6;
995pub const KERB_WRAP_NO_ENCRYPT: ULONG = 0x80000001;
996ENUM!{enum KERB_LOGON_SUBMIT_TYPE {
997    KerbInteractiveLogon = 2,
998    KerbSmartCardLogon = 6,
999    KerbWorkstationUnlockLogon = 7,
1000    KerbSmartCardUnlockLogon = 8,
1001    KerbProxyLogon = 9,
1002    KerbTicketLogon = 10,
1003    KerbTicketUnlockLogon = 11,
1004    KerbS4ULogon = 12,
1005    KerbCertificateLogon = 13,
1006    KerbCertificateS4ULogon = 14,
1007    KerbCertificateUnlockLogon = 15,
1008    KerbNoElevationLogon = 83,
1009    KerbLuidLogon = 84,
1010}}
1011pub type PKERB_LOGON_SUBMIT_TYPE = *mut KERB_LOGON_SUBMIT_TYPE;
1012STRUCT!{struct KERB_INTERACTIVE_LOGON {
1013    MessageType: KERB_LOGON_SUBMIT_TYPE,
1014    LogonDomainName: UNICODE_STRING,
1015    UserName: UNICODE_STRING,
1016    Password: UNICODE_STRING,
1017}}
1018pub type PKERB_INTERACTIVE_LOGON = *mut KERB_INTERACTIVE_LOGON;
1019STRUCT!{struct KERB_INTERACTIVE_UNLOCK_LOGON {
1020    Logon: KERB_INTERACTIVE_LOGON,
1021    LogonId: LUID,
1022}}
1023pub type PKERB_INTERACTIVE_UNLOCK_LOGON = *mut KERB_INTERACTIVE_UNLOCK_LOGON;
1024STRUCT!{struct KERB_SMART_CARD_LOGON {
1025    MessageType: KERB_LOGON_SUBMIT_TYPE,
1026    Pin: UNICODE_STRING,
1027    CspDataLength: ULONG,
1028    CspData: PUCHAR,
1029}}
1030pub type PKERB_SMART_CARD_LOGON = *mut KERB_SMART_CARD_LOGON;
1031STRUCT!{struct KERB_SMART_CARD_UNLOCK_LOGON {
1032    Logon: KERB_SMART_CARD_LOGON,
1033    LogonId: LUID,
1034}}
1035pub type PKERB_SMART_CARD_UNLOCK_LOGON = *mut KERB_SMART_CARD_UNLOCK_LOGON;
1036pub const KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1;
1037pub const KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO: ULONG = 0x2;
1038STRUCT!{struct KERB_CERTIFICATE_LOGON {
1039    MessageType: KERB_LOGON_SUBMIT_TYPE,
1040    DomainName: UNICODE_STRING,
1041    UserName: UNICODE_STRING,
1042    Pin: UNICODE_STRING,
1043    Flags: ULONG,
1044    CspDataLength: ULONG,
1045    CspData: PUCHAR,
1046}}
1047pub type PKERB_CERTIFICATE_LOGON = *mut KERB_CERTIFICATE_LOGON;
1048STRUCT!{struct KERB_CERTIFICATE_UNLOCK_LOGON {
1049    Logon: KERB_CERTIFICATE_LOGON,
1050    LogonId: LUID,
1051}}
1052pub type PKERB_CERTIFICATE_UNLOCK_LOGON = *mut KERB_CERTIFICATE_UNLOCK_LOGON;
1053pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1;
1054pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2;
1055pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED: ULONG = 0x4;
1056pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8;
1057STRUCT!{struct KERB_CERTIFICATE_S4U_LOGON {
1058    MessageType: KERB_LOGON_SUBMIT_TYPE,
1059    Flags: ULONG,
1060    UserPrincipalName: UNICODE_STRING,
1061    DomainName: UNICODE_STRING,
1062    CertificateLength: ULONG,
1063    Certificate: PUCHAR,
1064}}
1065pub type PKERB_CERTIFICATE_S4U_LOGON = *mut KERB_CERTIFICATE_S4U_LOGON;
1066STRUCT!{struct KERB_TICKET_LOGON {
1067    MessageType: KERB_LOGON_SUBMIT_TYPE,
1068    Flags: ULONG,
1069    ServiceTicketLength: ULONG,
1070    TicketGrantingTicketLength: ULONG,
1071    ServiceTicket: PUCHAR,
1072    TicketGrantingTicket: PUCHAR,
1073}}
1074pub type PKERB_TICKET_LOGON = *mut KERB_TICKET_LOGON;
1075STRUCT!{struct KERB_TICKET_UNLOCK_LOGON {
1076    Logon: KERB_TICKET_LOGON,
1077    LogonId: LUID,
1078}}
1079pub type PKERB_TICKET_UNLOCK_LOGON = *mut KERB_TICKET_UNLOCK_LOGON;
1080pub const KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2;
1081pub const KERB_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8;
1082STRUCT!{struct KERB_S4U_LOGON {
1083    MessageType: KERB_LOGON_SUBMIT_TYPE,
1084    Flags: ULONG,
1085    ClientUpn: UNICODE_STRING,
1086    ClientRealm: UNICODE_STRING,
1087}}
1088pub type PKERB_S4U_LOGON = *mut KERB_S4U_LOGON;
1089ENUM!{enum KERB_PROFILE_BUFFER_TYPE {
1090    KerbInteractiveProfile = 2,
1091    KerbSmartCardProfile = 4,
1092    KerbTicketProfile = 6,
1093}}
1094pub type PKERB_PROFILE_BUFFER_TYPE = *mut KERB_PROFILE_BUFFER_TYPE;
1095STRUCT!{struct KERB_INTERACTIVE_PROFILE {
1096    MessageType: KERB_PROFILE_BUFFER_TYPE,
1097    LogonCount: USHORT,
1098    BadPasswordCount: USHORT,
1099    LogonTime: LARGE_INTEGER,
1100    LogoffTime: LARGE_INTEGER,
1101    KickOffTime: LARGE_INTEGER,
1102    PasswordLastSet: LARGE_INTEGER,
1103    PasswordCanChange: LARGE_INTEGER,
1104    PasswordMustChange: LARGE_INTEGER,
1105    LogonScript: UNICODE_STRING,
1106    HomeDirectory: UNICODE_STRING,
1107    FullName: UNICODE_STRING,
1108    ProfilePath: UNICODE_STRING,
1109    HomeDirectoryDrive: UNICODE_STRING,
1110    LogonServer: UNICODE_STRING,
1111    UserFlags: ULONG,
1112}}
1113pub type PKERB_INTERACTIVE_PROFILE = *mut KERB_INTERACTIVE_PROFILE;
1114STRUCT!{struct KERB_SMART_CARD_PROFILE {
1115    Profile: KERB_INTERACTIVE_PROFILE,
1116    CertificateSize: ULONG,
1117    CertificateData: PUCHAR,
1118}}
1119pub type PKERB_SMART_CARD_PROFILE = *mut KERB_SMART_CARD_PROFILE;
1120STRUCT!{struct KERB_CRYPTO_KEY {
1121    KeyType: LONG,
1122    Length: ULONG,
1123    Value: PUCHAR,
1124}}
1125pub type PKERB_CRYPTO_KEY = *mut KERB_CRYPTO_KEY;
1126STRUCT!{struct KERB_CRYPTO_KEY32 {
1127    KeyType: LONG,
1128    Length: ULONG,
1129    Offset: ULONG,
1130}}
1131pub type PKERB_CRYPTO_KEY32 = *mut KERB_CRYPTO_KEY32;
1132STRUCT!{struct KERB_TICKET_PROFILE {
1133    Profile: KERB_INTERACTIVE_PROFILE,
1134    SessionKey: KERB_CRYPTO_KEY,
1135}}
1136pub type PKERB_TICKET_PROFILE = *mut KERB_TICKET_PROFILE;
1137ENUM!{enum KERB_PROTOCOL_MESSAGE_TYPE {
1138    KerbDebugRequestMessage = 0,
1139    KerbQueryTicketCacheMessage,
1140    KerbChangeMachinePasswordMessage,
1141    KerbVerifyPacMessage,
1142    KerbRetrieveTicketMessage,
1143    KerbUpdateAddressesMessage,
1144    KerbPurgeTicketCacheMessage,
1145    KerbChangePasswordMessage,
1146    KerbRetrieveEncodedTicketMessage,
1147    KerbDecryptDataMessage,
1148    KerbAddBindingCacheEntryMessage,
1149    KerbSetPasswordMessage,
1150    KerbSetPasswordExMessage,
1151    KerbVerifyCredentialsMessage,
1152    KerbQueryTicketCacheExMessage,
1153    KerbPurgeTicketCacheExMessage,
1154    KerbRefreshSmartcardCredentialsMessage,
1155    KerbAddExtraCredentialsMessage,
1156    KerbQuerySupplementalCredentialsMessage,
1157    KerbTransferCredentialsMessage,
1158    KerbQueryTicketCacheEx2Message,
1159    KerbSubmitTicketMessage,
1160    KerbAddExtraCredentialsExMessage,
1161    KerbQueryKdcProxyCacheMessage,
1162    KerbPurgeKdcProxyCacheMessage,
1163    KerbQueryTicketCacheEx3Message,
1164    KerbCleanupMachinePkinitCredsMessage,
1165    KerbAddBindingCacheEntryExMessage,
1166    KerbQueryBindingCacheMessage,
1167    KerbPurgeBindingCacheMessage,
1168    KerbPinKdcMessage,
1169    KerbUnpinAllKdcsMessage,
1170    KerbQueryDomainExtendedPoliciesMessage,
1171    KerbQueryS4U2ProxyCacheMessage,
1172}}
1173pub type PKERB_PROTOCOL_MESSAGE_TYPE = *mut KERB_PROTOCOL_MESSAGE_TYPE;
1174STRUCT!{struct KERB_QUERY_TKT_CACHE_REQUEST {
1175    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1176    LogonId: LUID,
1177}}
1178pub type PKERB_QUERY_TKT_CACHE_REQUEST = *mut KERB_QUERY_TKT_CACHE_REQUEST;
1179STRUCT!{struct KERB_TICKET_CACHE_INFO {
1180    ServerName: UNICODE_STRING,
1181    RealmName: UNICODE_STRING,
1182    StartTime: LARGE_INTEGER,
1183    EndTime: LARGE_INTEGER,
1184    RenewTime: LARGE_INTEGER,
1185    EncryptionType: LONG,
1186    TicketFlags: ULONG,
1187}}
1188pub type PKERB_TICKET_CACHE_INFO = *mut KERB_TICKET_CACHE_INFO;
1189STRUCT!{struct KERB_TICKET_CACHE_INFO_EX {
1190    ClientName: UNICODE_STRING,
1191    ClientRealm: UNICODE_STRING,
1192    ServerName: UNICODE_STRING,
1193    ServerRealm: UNICODE_STRING,
1194    StartTime: LARGE_INTEGER,
1195    EndTime: LARGE_INTEGER,
1196    RenewTime: LARGE_INTEGER,
1197    EncryptionType: LONG,
1198    TicketFlags: ULONG,
1199}}
1200pub type PKERB_TICKET_CACHE_INFO_EX = *mut KERB_TICKET_CACHE_INFO_EX;
1201STRUCT!{struct KERB_TICKET_CACHE_INFO_EX2 {
1202    ClientName: UNICODE_STRING,
1203    ClientRealm: UNICODE_STRING,
1204    ServerName: UNICODE_STRING,
1205    ServerRealm: UNICODE_STRING,
1206    StartTime: LARGE_INTEGER,
1207    EndTime: LARGE_INTEGER,
1208    RenewTime: LARGE_INTEGER,
1209    EncryptionType: LONG,
1210    TicketFlags: ULONG,
1211    SessionKeyType: ULONG,
1212    BranchId: ULONG,
1213}}
1214pub type PKERB_TICKET_CACHE_INFO_EX2 = *mut KERB_TICKET_CACHE_INFO_EX2;
1215STRUCT!{struct KERB_TICKET_CACHE_INFO_EX3 {
1216    ClientName: UNICODE_STRING,
1217    ClientRealm: UNICODE_STRING,
1218    ServerName: UNICODE_STRING,
1219    ServerRealm: UNICODE_STRING,
1220    StartTime: LARGE_INTEGER,
1221    EndTime: LARGE_INTEGER,
1222    RenewTime: LARGE_INTEGER,
1223    EncryptionType: LONG,
1224    TicketFlags: ULONG,
1225    SessionKeyType: ULONG,
1226    BranchId: ULONG,
1227    CacheFlags: ULONG,
1228    KdcCalled: UNICODE_STRING,
1229}}
1230pub type PKERB_TICKET_CACHE_INFO_EX3 = *mut KERB_TICKET_CACHE_INFO_EX3;
1231STRUCT!{struct KERB_QUERY_TKT_CACHE_RESPONSE {
1232    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1233    CountOfTickets: ULONG,
1234    Tickets: [KERB_TICKET_CACHE_INFO; ANYSIZE_ARRAY],
1235}}
1236pub type PKERB_QUERY_TKT_CACHE_RESPONSE = *mut KERB_QUERY_TKT_CACHE_RESPONSE;
1237STRUCT!{struct KERB_QUERY_TKT_CACHE_EX_RESPONSE {
1238    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1239    CountOfTickets: ULONG,
1240    Tickets: [KERB_TICKET_CACHE_INFO_EX; ANYSIZE_ARRAY],
1241}}
1242pub type PKERB_QUERY_TKT_CACHE_EX_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX_RESPONSE;
1243STRUCT!{struct KERB_QUERY_TKT_CACHE_EX2_RESPONSE {
1244    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1245    CountOfTickets: ULONG,
1246    Tickets: [KERB_TICKET_CACHE_INFO_EX2; ANYSIZE_ARRAY],
1247}}
1248pub type PKERB_QUERY_TKT_CACHE_EX2_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX2_RESPONSE;
1249STRUCT!{struct KERB_QUERY_TKT_CACHE_EX3_RESPONSE {
1250    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1251    CountOfTickets: ULONG,
1252    Tickets: [KERB_TICKET_CACHE_INFO_EX3; ANYSIZE_ARRAY],
1253}}
1254pub type PKERB_QUERY_TKT_CACHE_EX3_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX3_RESPONSE;
1255pub const KERB_USE_DEFAULT_TICKET_FLAGS: ULONG = 0x0;
1256pub const KERB_RETRIEVE_TICKET_DEFAULT: ULONG = 0x0;
1257pub const KERB_RETRIEVE_TICKET_DONT_USE_CACHE: ULONG = 0x1;
1258pub const KERB_RETRIEVE_TICKET_USE_CACHE_ONLY: ULONG = 0x2;
1259pub const KERB_RETRIEVE_TICKET_USE_CREDHANDLE: ULONG = 0x4;
1260pub const KERB_RETRIEVE_TICKET_AS_KERB_CRED: ULONG = 0x8;
1261pub const KERB_RETRIEVE_TICKET_WITH_SEC_CRED: ULONG = 0x10;
1262pub const KERB_RETRIEVE_TICKET_CACHE_TICKET: ULONG = 0x20;
1263pub const KERB_RETRIEVE_TICKET_MAX_LIFETIME: ULONG = 0x40;
1264STRUCT!{struct KERB_AUTH_DATA {
1265    Type: ULONG,
1266    Length: ULONG,
1267    Data: PUCHAR,
1268}}
1269pub type PKERB_AUTH_DATA = *mut KERB_AUTH_DATA;
1270STRUCT!{struct KERB_NET_ADDRESS {
1271    Family: ULONG,
1272    Length: ULONG,
1273    Address: PUCHAR,
1274}}
1275pub type PKERB_NET_ADDRESS = *mut KERB_NET_ADDRESS;
1276STRUCT!{struct KERB_NET_ADDRESSES {
1277    Number: ULONG,
1278    Addresses: [KERB_NET_ADDRESS; ANYSIZE_ARRAY],
1279}}
1280pub type PKERB_NET_ADDRESSES = *mut KERB_NET_ADDRESSES;
1281STRUCT!{struct KERB_EXTERNAL_NAME {
1282    NameType: SHORT,
1283    NameCount: USHORT,
1284    Names: [UNICODE_STRING; ANYSIZE_ARRAY],
1285}}
1286pub type PKERB_EXTERNAL_NAME = *mut KERB_EXTERNAL_NAME;
1287STRUCT!{struct KERB_EXTERNAL_TICKET {
1288    ServiceName: PKERB_EXTERNAL_NAME,
1289    TargetName: PKERB_EXTERNAL_NAME,
1290    ClientName: PKERB_EXTERNAL_NAME,
1291    DomainName: UNICODE_STRING,
1292    TargetDomainName: UNICODE_STRING,
1293    AltTargetDomainName: UNICODE_STRING,
1294    SessionKey: KERB_CRYPTO_KEY,
1295    TicketFlags: ULONG,
1296    Flags: ULONG,
1297    KeyExpirationTime: LARGE_INTEGER,
1298    StartTime: LARGE_INTEGER,
1299    EndTime: LARGE_INTEGER,
1300    RenewUntil: LARGE_INTEGER,
1301    TimeSkew: LARGE_INTEGER,
1302    EncodedTicketSize: ULONG,
1303    EncodedTicket: PUCHAR,
1304}}
1305pub type PKERB_EXTERNAL_TICKET = *mut KERB_EXTERNAL_TICKET;
1306STRUCT!{struct KERB_RETRIEVE_TKT_REQUEST {
1307    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1308    LogonId: LUID,
1309    TargetName: UNICODE_STRING,
1310    TicketFlags: ULONG,
1311    CacheOptions: ULONG,
1312    EncryptionType: LONG,
1313    CredentialsHandle: SecHandle,
1314}}
1315pub type PKERB_RETRIEVE_TKT_REQUEST = *mut KERB_RETRIEVE_TKT_REQUEST;
1316STRUCT!{struct KERB_RETRIEVE_TKT_RESPONSE {
1317    Ticket: KERB_EXTERNAL_TICKET,
1318}}
1319pub type PKERB_RETRIEVE_TKT_RESPONSE = *mut KERB_RETRIEVE_TKT_RESPONSE;
1320STRUCT!{struct KERB_PURGE_TKT_CACHE_REQUEST {
1321    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1322    LogonId: LUID,
1323    ServerName: UNICODE_STRING,
1324    RealmName: UNICODE_STRING,
1325}}
1326pub type PKERB_PURGE_TKT_CACHE_REQUEST = *mut KERB_PURGE_TKT_CACHE_REQUEST;
1327pub const KERB_PURGE_ALL_TICKETS: ULONG = 1;
1328STRUCT!{struct KERB_PURGE_TKT_CACHE_EX_REQUEST {
1329    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1330    LogonId: LUID,
1331    Flags: ULONG,
1332    TicketTemplate: KERB_TICKET_CACHE_INFO_EX,
1333}}
1334pub type PKERB_PURGE_TKT_CACHE_EX_REQUEST = *mut KERB_PURGE_TKT_CACHE_EX_REQUEST;
1335STRUCT!{struct KERB_SUBMIT_TKT_REQUEST {
1336    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1337    LogonId: LUID,
1338    Flags: ULONG,
1339    Key: KERB_CRYPTO_KEY32,
1340    KerbCredSize: ULONG,
1341    KerbCredOffset: ULONG,
1342}}
1343pub type PKERB_SUBMIT_TKT_REQUEST = *mut KERB_SUBMIT_TKT_REQUEST;
1344STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_REQUEST {
1345    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1346    Flags: ULONG,
1347    LogonId: LUID,
1348}}
1349pub type PKERB_QUERY_KDC_PROXY_CACHE_REQUEST = *mut KERB_QUERY_KDC_PROXY_CACHE_REQUEST;
1350STRUCT!{struct KDC_PROXY_CACHE_ENTRY_DATA {
1351    SinceLastUsed: ULONG64,
1352    DomainName: UNICODE_STRING,
1353    ProxyServerName: UNICODE_STRING,
1354    ProxyServerVdir: UNICODE_STRING,
1355    ProxyServerPort: USHORT,
1356    LogonId: LUID,
1357    CredUserName: UNICODE_STRING,
1358    CredDomainName: UNICODE_STRING,
1359    GlobalCache: BOOLEAN,
1360}}
1361pub type PKDC_PROXY_CACHE_ENTRY_DATA = *mut KDC_PROXY_CACHE_ENTRY_DATA;
1362STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_RESPONSE {
1363    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1364    CountOfEntries: ULONG,
1365    Entries: PKDC_PROXY_CACHE_ENTRY_DATA,
1366}}
1367pub type PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE = *mut KERB_QUERY_KDC_PROXY_CACHE_RESPONSE;
1368STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_REQUEST {
1369    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1370    Flags: ULONG,
1371    LogonId: LUID,
1372}}
1373pub type PKERB_PURGE_KDC_PROXY_CACHE_REQUEST = *mut KERB_PURGE_KDC_PROXY_CACHE_REQUEST;
1374STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_RESPONSE {
1375    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1376    CountOfPurged: ULONG,
1377}}
1378pub type PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE = *mut KERB_PURGE_KDC_PROXY_CACHE_RESPONSE;
1379pub const KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE: ULONG = 0x1;
1380STRUCT!{struct KERB_S4U2PROXY_CACHE_ENTRY_INFO {
1381    ServerName: UNICODE_STRING,
1382    Flags: ULONG,
1383    LastStatus: NTSTATUS,
1384    Expiry: LARGE_INTEGER,
1385}}
1386pub type PKERB_S4U2PROXY_CACHE_ENTRY_INFO = *mut KERB_S4U2PROXY_CACHE_ENTRY_INFO;
1387pub const KERB_S4U2PROXY_CRED_FLAG_NEGATIVE: ULONG = 0x1;
1388STRUCT!{struct KERB_S4U2PROXY_CRED {
1389    UserName: UNICODE_STRING,
1390    DomainName: UNICODE_STRING,
1391    Flags: ULONG,
1392    LastStatus: NTSTATUS,
1393    Expiry: LARGE_INTEGER,
1394    CountOfEntries: ULONG,
1395    Entries: PKERB_S4U2PROXY_CACHE_ENTRY_INFO,
1396}}
1397pub type PKERB_S4U2PROXY_CRED = *mut KERB_S4U2PROXY_CRED;
1398STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_REQUEST {
1399    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1400    Flags: ULONG,
1401    LogonId: LUID,
1402}}
1403pub type PKERB_QUERY_S4U2PROXY_CACHE_REQUEST = *mut KERB_QUERY_S4U2PROXY_CACHE_REQUEST;
1404STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_RESPONSE {
1405    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1406    CountOfCreds: ULONG,
1407    Creds: PKERB_S4U2PROXY_CRED,
1408}}
1409pub type PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE = *mut KERB_QUERY_S4U2PROXY_CACHE_RESPONSE;
1410STRUCT!{struct KERB_CHANGEPASSWORD_REQUEST {
1411    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1412    DomainName: UNICODE_STRING,
1413    AccountName: UNICODE_STRING,
1414    OldPassword: UNICODE_STRING,
1415    NewPassword: UNICODE_STRING,
1416    Impersonating: BOOLEAN,
1417}}
1418pub type PKERB_CHANGEPASSWORD_REQUEST = *mut KERB_CHANGEPASSWORD_REQUEST;
1419STRUCT!{struct KERB_SETPASSWORD_REQUEST {
1420    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1421    LogonId: LUID,
1422    CredentialsHandle: SecHandle,
1423    Flags: ULONG,
1424    DomainName: UNICODE_STRING,
1425    AccountName: UNICODE_STRING,
1426    Password: UNICODE_STRING,
1427}}
1428pub type PKERB_SETPASSWORD_REQUEST = *mut KERB_SETPASSWORD_REQUEST;
1429STRUCT!{struct KERB_SETPASSWORD_EX_REQUEST {
1430    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1431    LogonId: LUID,
1432    CredentialsHandle: SecHandle,
1433    Flags: ULONG,
1434    AccountRealm: UNICODE_STRING,
1435    AccountName: UNICODE_STRING,
1436    Password: UNICODE_STRING,
1437    ClientRealm: UNICODE_STRING,
1438    ClientName: UNICODE_STRING,
1439    Impersonating: BOOLEAN,
1440    KdcAddress: UNICODE_STRING,
1441    KdcAddressType: ULONG,
1442}}
1443pub type PKERB_SETPASSWORD_EX_REQUEST = *mut KERB_SETPASSWORD_EX_REQUEST;
1444pub const DS_UNKNOWN_ADDRESS_TYPE: ULONG = 0;
1445pub const KERB_SETPASS_USE_LOGONID: ULONG = 1;
1446pub const KERB_SETPASS_USE_CREDHANDLE: ULONG = 2;
1447STRUCT!{struct KERB_DECRYPT_REQUEST {
1448    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1449    LogonId: LUID,
1450    Flags: ULONG,
1451    CryptoType: LONG,
1452    KeyUsage: LONG,
1453    Key: KERB_CRYPTO_KEY,
1454    EncryptedDataSize: ULONG,
1455    InitialVectorSize: ULONG,
1456    InitialVector: PUCHAR,
1457    EncryptedData: PUCHAR,
1458}}
1459pub type PKERB_DECRYPT_REQUEST = *mut KERB_DECRYPT_REQUEST;
1460pub const KERB_DECRYPT_FLAG_DEFAULT_KEY: ULONG = 0x00000001;
1461STRUCT!{struct KERB_DECRYPT_RESPONSE {
1462    DecryptedData: [UCHAR; ANYSIZE_ARRAY],
1463}}
1464pub type PKERB_DECRYPT_RESPONSE = *mut KERB_DECRYPT_RESPONSE;
1465STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_REQUEST {
1466    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1467    RealmName: UNICODE_STRING,
1468    KdcAddress: UNICODE_STRING,
1469    AddressType: ULONG,
1470}}
1471pub type PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_REQUEST;
1472STRUCT!{struct KERB_REFRESH_SCCRED_REQUEST {
1473    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1474    CredentialBlob: UNICODE_STRING,
1475    LogonId: LUID,
1476    Flags: ULONG,
1477}}
1478pub type PKERB_REFRESH_SCCRED_REQUEST = *mut KERB_REFRESH_SCCRED_REQUEST;
1479pub const KERB_REFRESH_SCCRED_RELEASE: ULONG = 0x0;
1480pub const KERB_REFRESH_SCCRED_GETTGT: ULONG = 0x1;
1481STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST {
1482    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1483    UserName: UNICODE_STRING,
1484    DomainName: UNICODE_STRING,
1485    Password: UNICODE_STRING,
1486    LogonId: LUID,
1487    Flags: ULONG,
1488}}
1489pub type PKERB_ADD_CREDENTIALS_REQUEST = *mut KERB_ADD_CREDENTIALS_REQUEST;
1490pub const KERB_REQUEST_ADD_CREDENTIAL: ULONG = 1;
1491pub const KERB_REQUEST_REPLACE_CREDENTIAL: ULONG = 2;
1492pub const KERB_REQUEST_REMOVE_CREDENTIAL: ULONG = 4;
1493STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST_EX {
1494    Credentials: KERB_ADD_CREDENTIALS_REQUEST,
1495    PrincipalNameCount: ULONG,
1496    PrincipalNames: [UNICODE_STRING; ANYSIZE_ARRAY],
1497}}
1498pub type PKERB_ADD_CREDENTIALS_REQUEST_EX = *mut KERB_ADD_CREDENTIALS_REQUEST_EX;
1499STRUCT!{struct KERB_TRANSFER_CRED_REQUEST {
1500    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1501    OriginLogonId: LUID,
1502    DestinationLogonId: LUID,
1503    Flags: ULONG,
1504}}
1505pub type PKERB_TRANSFER_CRED_REQUEST = *mut KERB_TRANSFER_CRED_REQUEST;
1506pub const KERB_TRANSFER_CRED_WITH_TICKETS: ULONG = 0x1;
1507pub const KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS: ULONG = 0x2;
1508STRUCT!{struct KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST {
1509    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1510    LogonId: LUID,
1511}}
1512pub type PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST =
1513    *mut KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST;
1514STRUCT!{struct KERB_BINDING_CACHE_ENTRY_DATA {
1515    DiscoveryTime: ULONG64,
1516    RealmName: UNICODE_STRING,
1517    KdcAddress: UNICODE_STRING,
1518    AddressType: ULONG,
1519    Flags: ULONG,
1520    DcFlags: ULONG,
1521    CacheFlags: ULONG,
1522    KdcName: UNICODE_STRING,
1523}}
1524pub type PKERB_BINDING_CACHE_ENTRY_DATA = *mut KERB_BINDING_CACHE_ENTRY_DATA;
1525STRUCT!{struct KERB_QUERY_BINDING_CACHE_RESPONSE {
1526    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1527    CountOfEntries: ULONG,
1528    Entries: PKERB_BINDING_CACHE_ENTRY_DATA,
1529}}
1530pub type PKERB_QUERY_BINDING_CACHE_RESPONSE = *mut KERB_QUERY_BINDING_CACHE_RESPONSE;
1531STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST {
1532    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1533    RealmName: UNICODE_STRING,
1534    KdcAddress: UNICODE_STRING,
1535    AddressType: ULONG,
1536    DcFlags: ULONG,
1537}}
1538pub type PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST;
1539STRUCT!{struct KERB_QUERY_BINDING_CACHE_REQUEST {
1540    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1541}}
1542pub type PKERB_QUERY_BINDING_CACHE_REQUEST = *mut KERB_QUERY_BINDING_CACHE_REQUEST;
1543STRUCT!{struct KERB_PURGE_BINDING_CACHE_REQUEST {
1544    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1545}}
1546pub type PKERB_PURGE_BINDING_CACHE_REQUEST = *mut KERB_PURGE_BINDING_CACHE_REQUEST;
1547STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST {
1548    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1549    Flags: ULONG,
1550    DomainName: UNICODE_STRING,
1551}}
1552pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST =
1553    *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST;
1554STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE {
1555    MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1556    Flags: ULONG,
1557    ExtendedPolicies: ULONG,
1558    DsFlags: ULONG,
1559}}
1560pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE =
1561    *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE;
1562ENUM!{enum KERB_CERTIFICATE_INFO_TYPE {
1563    CertHashInfo = 1,
1564}}
1565pub type PKERB_CERTIFICATE_INFO_TYPE = *mut KERB_CERTIFICATE_INFO_TYPE;
1566STRUCT!{struct KERB_CERTIFICATE_HASHINFO {
1567    StoreNameLength: USHORT,
1568    HashLength: USHORT,
1569}}
1570pub type PKERB_CERTIFICATE_HASHINFO = *mut KERB_CERTIFICATE_HASHINFO;
1571STRUCT!{struct KERB_CERTIFICATE_INFO {
1572    CertInfoSize: ULONG,
1573    InfoType: ULONG,
1574}}
1575pub type PKERB_CERTIFICATE_INFO = *mut KERB_CERTIFICATE_INFO;
1576STRUCT!{struct POLICY_AUDIT_SID_ARRAY {
1577    UsersCount: ULONG,
1578    UserSidArray: *mut PSID,
1579}}
1580pub type PPOLICY_AUDIT_SID_ARRAY = *mut POLICY_AUDIT_SID_ARRAY;
1581STRUCT!{struct AUDIT_POLICY_INFORMATION {
1582    AuditSubCategoryGuid: GUID,
1583    AuditingInformation: ULONG,
1584    AuditCategoryGuid: GUID,
1585}}
1586pub type PAUDIT_POLICY_INFORMATION = *mut AUDIT_POLICY_INFORMATION;
1587pub type LPAUDIT_POLICY_INFORMATION = PAUDIT_POLICY_INFORMATION;
1588pub type PCAUDIT_POLICY_INFORMATION = *const AUDIT_POLICY_INFORMATION;
1589pub const AUDIT_SET_SYSTEM_POLICY: ULONG = 0x0001;
1590pub const AUDIT_QUERY_SYSTEM_POLICY: ULONG = 0x0002;
1591pub const AUDIT_SET_USER_POLICY: ULONG = 0x0004;
1592pub const AUDIT_QUERY_USER_POLICY: ULONG = 0x0008;
1593pub const AUDIT_ENUMERATE_USERS: ULONG = 0x0010;
1594pub const AUDIT_SET_MISC_POLICY: ULONG = 0x0020;
1595pub const AUDIT_QUERY_MISC_POLICY: ULONG = 0x0040;
1596pub const AUDIT_GENERIC_ALL: ULONG = STANDARD_RIGHTS_REQUIRED | AUDIT_SET_SYSTEM_POLICY
1597    | AUDIT_QUERY_SYSTEM_POLICY | AUDIT_SET_USER_POLICY | AUDIT_QUERY_USER_POLICY
1598    | AUDIT_ENUMERATE_USERS | AUDIT_SET_MISC_POLICY | AUDIT_QUERY_MISC_POLICY;
1599pub const AUDIT_GENERIC_READ: ULONG = STANDARD_RIGHTS_READ | AUDIT_QUERY_SYSTEM_POLICY
1600    | AUDIT_QUERY_USER_POLICY | AUDIT_ENUMERATE_USERS | AUDIT_QUERY_MISC_POLICY;
1601pub const AUDIT_GENERIC_WRITE: ULONG = STANDARD_RIGHTS_WRITE | AUDIT_SET_USER_POLICY
1602    | AUDIT_SET_MISC_POLICY | AUDIT_SET_SYSTEM_POLICY;
1603pub const AUDIT_GENERIC_EXECUTE: ULONG = STANDARD_RIGHTS_EXECUTE;
1604extern "system" {
1605    pub fn AuditSetSystemPolicy(
1606        pAuditPolicy: PCAUDIT_POLICY_INFORMATION,
1607        PolicyCount: ULONG,
1608    ) -> BOOLEAN;
1609    pub fn AuditSetPerUserPolicy(
1610        pSid: *const SID,
1611        pAuditPolicy: PCAUDIT_POLICY_INFORMATION,
1612        PolicyCount: ULONG,
1613    ) -> BOOLEAN;
1614    pub fn AuditQuerySystemPolicy(
1615        pSubCategoryGuids: *const GUID,
1616        PolicyCount: ULONG,
1617        ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1618    ) -> BOOLEAN;
1619    pub fn AuditQueryPerUserPolicy(
1620        pSid: *const SID,
1621        pSubCategoryGuids: *const GUID,
1622        PolicyCount: ULONG,
1623        ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1624    ) -> BOOLEAN;
1625    pub fn AuditEnumeratePerUserPolicy(
1626        ppAuditSidArray: *mut PPOLICY_AUDIT_SID_ARRAY,
1627    ) -> BOOLEAN;
1628    pub fn AuditComputeEffectivePolicyBySid(
1629        pSid: *const SID,
1630        pSubCategoryGuids: *const GUID,
1631        dwPolicyCount: ULONG,
1632        ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1633    ) -> BOOLEAN;
1634    pub fn AuditComputeEffectivePolicyByToken(
1635        hTokenHandle: HANDLE,
1636        pSubCategoryGuids: *const GUID,
1637        dwPolicyCount: ULONG,
1638        ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1639    ) -> BOOLEAN;
1640    pub fn AuditEnumerateCategories(
1641        ppAuditCategoriesArray: *mut *mut GUID,
1642        pdwCountReturned: PULONG,
1643    ) -> BOOLEAN;
1644    pub fn AuditEnumerateSubCategories(
1645        pAuditCategoryGuid: *const GUID,
1646        bRetrieveAllSubCategories: BOOLEAN,
1647        ppAuditSubCategoriesArray: *mut *mut GUID,
1648        pdwCountReturned: PULONG,
1649    ) -> BOOLEAN;
1650    pub fn AuditLookupCategoryNameW(
1651        pAuditCategoryGuid: *const GUID,
1652        ppszCategoryName: *mut PWSTR,
1653    ) -> BOOLEAN;
1654    pub fn AuditLookupCategoryNameA(
1655        pAuditCategoryGuid: *const GUID,
1656        ppszCategoryName: *mut PSTR,
1657    ) -> BOOLEAN;
1658    pub fn AuditLookupSubCategoryNameW(
1659        pAuditSubCategoryGuid: *const GUID,
1660        ppszSubCategoryName: *mut PWSTR,
1661    ) -> BOOLEAN;
1662    pub fn AuditLookupSubCategoryNameA(
1663        pAuditSubCategoryGuid: *const GUID,
1664        ppszSubCategoryName: *mut PSTR,
1665    ) -> BOOLEAN;
1666    pub fn AuditLookupCategoryIdFromCategoryGuid(
1667        pAuditCategoryGuid: *const GUID,
1668        pAuditCategoryId: PPOLICY_AUDIT_EVENT_TYPE,
1669    ) -> BOOLEAN;
1670    pub fn AuditLookupCategoryGuidFromCategoryId(
1671        AuditCategoryId: POLICY_AUDIT_EVENT_TYPE,
1672        pAuditCategoryGuid: *mut GUID,
1673    ) -> BOOLEAN;
1674    pub fn AuditSetSecurity(
1675        SecurityInformation: SECURITY_INFORMATION,
1676        pSecurityDescriptor: PSECURITY_DESCRIPTOR,
1677    ) -> BOOLEAN;
1678    pub fn AuditQuerySecurity(
1679        SecurityInformation: SECURITY_INFORMATION,
1680        ppSecurityDescriptor: *mut PSECURITY_DESCRIPTOR,
1681    ) -> BOOLEAN;
1682    pub fn AuditSetGlobalSaclW(
1683        ObjectTypeName: PCWSTR,
1684        Acl: PACL,
1685    ) -> BOOLEAN;
1686    pub fn AuditSetGlobalSaclA(
1687        ObjectTypeName: PCSTR,
1688        Acl: PACL,
1689    ) -> BOOLEAN;
1690    pub fn AuditQueryGlobalSaclW(
1691        ObjectTypeName: PCWSTR,
1692        Acl: *mut PACL,
1693    ) -> BOOLEAN;
1694    pub fn AuditQueryGlobalSaclA(
1695        ObjectTypeName: PCSTR,
1696        Acl: *mut PACL,
1697    ) -> BOOLEAN;
1698    pub fn AuditFree(
1699        Buffer: PVOID,
1700    );
1701}
1702STRUCT!{struct PKU2U_CERT_BLOB {
1703    CertOffset: ULONG,
1704    CertLength: USHORT,
1705}}
1706pub type PPKU2U_CERT_BLOB = *mut PKU2U_CERT_BLOB;
1707pub const PKU2U_CREDUI_CONTEXT_VERSION: ULONG64 = 0x4154414454524543;
1708STRUCT!{struct PKU2U_CREDUI_CONTEXT {
1709    Version: ULONG64,
1710    cbHeaderLength: USHORT,
1711    cbStructureLength: ULONG,
1712    CertArrayCount: USHORT,
1713    CertArrayOffset: ULONG,
1714}}
1715pub type PPKU2U_CREDUI_CONTEXT = *mut PKU2U_CREDUI_CONTEXT;
1716ENUM!{enum PKU2U_LOGON_SUBMIT_TYPE {
1717    Pku2uCertificateS4ULogon = 14,
1718}}
1719pub type PPKU2U_LOGON_SUBMIT_TYPE = *mut PKU2U_LOGON_SUBMIT_TYPE;
1720STRUCT!{struct PKU2U_CERTIFICATE_S4U_LOGON {
1721    MessageType: PKU2U_LOGON_SUBMIT_TYPE,
1722    Flags: ULONG,
1723    UserPrincipalName: UNICODE_STRING,
1724    DomainName: UNICODE_STRING,
1725    CertificateLength: ULONG,
1726    Certificate: PUCHAR,
1727}}
1728pub type PPKU2U_CERTIFICATE_S4U_LOGON = *mut PKU2U_CERTIFICATE_S4U_LOGON;
winapi_ui_automation/um/ntsecapi.rs

winapi_ui_automation/um/
ntsecapi.rs
