LSA_POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100,
LSA_POLICY_AUDIT_LOG_ADMIN = 0x00000200,
LSA_POLICY_SERVER_ADMIN = 0x00000400,
- LSA_POLICY_LOOKUP_NAMES = 0x00000800
+ LSA_POLICY_LOOKUP_NAMES = 0x00000800,
+ LSA_POLICY_NOTIFICATION = 0x00001000
} lsa_PolicyAccessMask;
+ const int LSA_POLICY_ALL_ACCESS =
+ (STANDARD_RIGHTS_REQUIRED_ACCESS |
+ LSA_POLICY_VIEW_LOCAL_INFORMATION |
+ LSA_POLICY_VIEW_AUDIT_INFORMATION |
+ LSA_POLICY_GET_PRIVATE_INFORMATION |
+ LSA_POLICY_TRUST_ADMIN |
+ LSA_POLICY_CREATE_ACCOUNT |
+ LSA_POLICY_CREATE_SECRET |
+ LSA_POLICY_CREATE_PRIVILEGE |
+ LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS |
+ LSA_POLICY_SET_AUDIT_REQUIREMENTS |
+ LSA_POLICY_AUDIT_LOG_ADMIN |
+ LSA_POLICY_SERVER_ADMIN |
+ LSA_POLICY_LOOKUP_NAMES);
+
+ const int LSA_POLICY_READ =
+ (STANDARD_RIGHTS_READ_ACCESS |
+ LSA_POLICY_VIEW_LOCAL_INFORMATION |
+ LSA_POLICY_VIEW_AUDIT_INFORMATION |
+ LSA_POLICY_GET_PRIVATE_INFORMATION);
+
+ const int LSA_POLICY_WRITE =
+ (STANDARD_RIGHTS_READ_ACCESS |
+ LSA_POLICY_TRUST_ADMIN |
+ LSA_POLICY_CREATE_ACCOUNT |
+ LSA_POLICY_CREATE_SECRET |
+ LSA_POLICY_CREATE_PRIVILEGE |
+ LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS |
+ LSA_POLICY_SET_AUDIT_REQUIREMENTS |
+ LSA_POLICY_AUDIT_LOG_ADMIN |
+ LSA_POLICY_SERVER_ADMIN);
+
+ const int LSA_POLICY_EXECUTE =
+ (STANDARD_RIGHTS_EXECUTE_ACCESS |
+ LSA_POLICY_VIEW_LOCAL_INFORMATION |
+ LSA_POLICY_LOOKUP_NAMES);
+
+ typedef [public,bitmap32bit] bitmap {
+ LSA_ACCOUNT_VIEW = 0x00000001,
+ LSA_ACCOUNT_ADJUST_PRIVILEGES = 0x00000002,
+ LSA_ACCOUNT_ADJUST_QUOTAS = 0x00000004,
+ LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS = 0x00000008
+ } lsa_AccountAccessMask;
+
+ const int LSA_ACCOUNT_ALL_ACCESS =
+ (STANDARD_RIGHTS_REQUIRED_ACCESS |
+ LSA_ACCOUNT_VIEW |
+ LSA_ACCOUNT_ADJUST_PRIVILEGES |
+ LSA_ACCOUNT_ADJUST_QUOTAS |
+ LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS);
+
+ const int LSA_ACCOUNT_READ =
+ (STANDARD_RIGHTS_READ_ACCESS |
+ LSA_ACCOUNT_VIEW);
+
+ const int LSA_ACCOUNT_WRITE =
+ (STANDARD_RIGHTS_READ_ACCESS |
+ LSA_ACCOUNT_ADJUST_PRIVILEGES |
+ LSA_ACCOUNT_ADJUST_QUOTAS |
+ LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS);
+
+ const int LSA_ACCOUNT_EXECUTE =
+ (STANDARD_RIGHTS_EXECUTE_ACCESS);
+
+ typedef [public,bitmap32bit] bitmap {
+ LSA_SECRET_SET_VALUE = 0x00000001,
+ LSA_SECRET_QUERY_VALUE = 0x00000002
+ } lsa_SecretAccessMask;
+
+ typedef [public,bitmap32bit] bitmap {
+ LSA_TRUSTED_QUERY_DOMAIN_NAME = 0x00000001,
+ LSA_TRUSTED_QUERY_CONTROLLERS = 0x00000002,
+ LSA_TRUSTED_SET_CONTROLLERS = 0x00000004,
+ LSA_TRUSTED_QUERY_POSIX = 0x00000008,
+ LSA_TRUSTED_SET_POSIX = 0x00000010,
+ LSA_TRUSTED_SET_AUTH = 0x00000020,
+ LSA_TRUSTED_QUERY_AUTH = 0x00000040
+ } lsa_TrustedAccessMask;
+
/* notice the screwup with the system_name - thats why MS created
OpenPolicy2 */
[public] NTSTATUS lsa_OpenPolicy (