![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to lmaudit.h CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / h|
Return to lmaudit.h CVS log | Up to [WindowsNT SDKs] / mstools / h |
1.1 ! root 1: /*++ BUILD Version: 0003 // Increment this if a change has global effects ! 2: ! 3: Copyright (c) 1991-1993 Microsoft Corporation ! 4: ! 5: Module Name: ! 6: ! 7: lmaudit.h ! 8: ! 9: Abstract: ! 10: ! 11: This module defines the API function prototypes and data structures ! 12: for the following groups of NT API functions: ! 13: NetAudit ! 14: ! 15: Author: ! 16: ! 17: Dan Lafferty (danl) 29-Mar-1991 ! 18: ! 19: Environment: ! 20: ! 21: User Mode - Win32 ! 22: ! 23: Notes: ! 24: ! 25: You must include NETCONS.H before this file, since this file depends ! 26: on values defined in NETCONS.H. ! 27: ! 28: Revision History: ! 29: ! 30: 28-Mar-1991 Danl ! 31: Ported from LM2.0 and the LMNETAPI spec. ! 32: 25-Apr-1991 DanHi ! 33: Added define for HLOG used by both audit and error logs, surrounded ! 34: by a protective ifdef. Changed ae_ss_status to ae_sv_status to match ! 35: LanMan ! 36: 12-Nov-1991 JohnRo ! 37: AUDIT_ENTRY structure needs changes to prevent alignment/padding bugs. ! 38: Added OPTIONAL keyword as applicable. Work toward UNICODE. ! 39: 26-Oct-1992 JohnRo ! 40: Correct typedef name for pointer to AE_SRVSTATUS. ! 41: Added AE_LOCKOUT structure and typedef. ! 42: ! 43: --*/ ! 44: ! 45: #ifndef _LMAUDIT_ ! 46: #define _LMAUDIT_ ! 47: ! 48: #ifdef __cplusplus ! 49: extern "C" { ! 50: #endif ! 51: ! 52: #ifndef _LMHLOGDEFINED_ ! 53: #define _LMHLOGDEFINED_ ! 54: ! 55: typedef struct _HLOG { ! 56: DWORD time; ! 57: DWORD last_flags; ! 58: DWORD offset; ! 59: DWORD rec_offset; ! 60: } HLOG, *PHLOG, *LPHLOG; ! 61: ! 62: #define LOGFLAGS_FORWARD 0 ! 63: #define LOGFLAGS_BACKWARD 0x1 ! 64: #define LOGFLAGS_SEEK 0x2 ! 65: ! 66: #endif ! 67: ! 68: // ! 69: // Function Prototypes - Audit ! 70: // ! 71: ! 72: NET_API_STATUS NET_API_FUNCTION ! 73: NetAuditClear ( ! 74: IN LPTSTR server OPTIONAL, ! 75: IN LPTSTR backupfile OPTIONAL, ! 76: IN LPTSTR service OPTIONAL // WARNING: buggy support before LM 2.0C!! ! 77: ); ! 78: ! 79: NET_API_STATUS NET_API_FUNCTION ! 80: NetAuditRead ( ! 81: IN LPTSTR server OPTIONAL, ! 82: IN LPTSTR service OPTIONAL, // WARNING: buggy support before LM 2.0C!! ! 83: IN LPHLOG auditloghandle, ! 84: IN DWORD offset, ! 85: IN LPDWORD reserved1 OPTIONAL, ! 86: IN DWORD reserved2, ! 87: IN DWORD offsetflag, ! 88: OUT LPBYTE *bufptr, ! 89: IN DWORD prefmaxlen, ! 90: OUT LPDWORD bytesread, ! 91: OUT LPDWORD totalavailable ! 92: ); ! 93: ! 94: NET_API_STATUS NET_API_FUNCTION ! 95: NetAuditWrite ( ! 96: IN DWORD type, ! 97: IN LPBYTE buf, ! 98: IN DWORD numbytes, ! 99: IN LPTSTR service OPTIONAL, ! 100: IN LPBYTE reserved OPTIONAL ! 101: ); ! 102: ! 103: ! 104: // ! 105: // Data Structures - Audit ! 106: // ! 107: ! 108: typedef struct _AUDIT_ENTRY { ! 109: DWORD ae_len; ! 110: DWORD ae_reserved; ! 111: DWORD ae_time; ! 112: DWORD ae_type; ! 113: DWORD ae_data_offset; /* Offset from beginning ! 114: address of audit_entry */ ! 115: DWORD ae_data_size; // byte count of ae_data area (not incl pad). ! 116: } AUDIT_ENTRY, *PAUDIT_ENTRY, *LPAUDIT_ENTRY; ! 117: ! 118: // BUGBUG: Temporary to let users ifdef on this struct layout. ! 119: #define REVISED_AUDIT_ENTRY_STRUCT ! 120: ! 121: ! 122: typedef struct _AE_SRVSTATUS { ! 123: DWORD ae_sv_status; ! 124: } AE_SRVSTATUS, *PAE_SRVSTATUS, *LPAE_SRVSTATUS; ! 125: ! 126: typedef struct _AE_SESSLOGON { ! 127: DWORD ae_so_compname; ! 128: DWORD ae_so_username; ! 129: DWORD ae_so_privilege; ! 130: } AE_SESSLOGON, *PAE_SESSLOGON, *LPAE_SESSLOGON; ! 131: ! 132: typedef struct _AE_SESSLOGOFF { ! 133: DWORD ae_sf_compname; ! 134: DWORD ae_sf_username; ! 135: DWORD ae_sf_reason; ! 136: } AE_SESSLOGOFF, *PAE_SESSLOGOFF, *LPAE_SESSLOGOFF; ! 137: ! 138: typedef struct _AE_SESSPWERR { ! 139: DWORD ae_sp_compname; ! 140: DWORD ae_sp_username; ! 141: } AE_SESSPWERR, *PAE_SESSPWERR, *LPAE_SESSPWERR; ! 142: ! 143: typedef struct _AE_CONNSTART { ! 144: DWORD ae_ct_compname; ! 145: DWORD ae_ct_username; ! 146: DWORD ae_ct_netname; ! 147: DWORD ae_ct_connid; ! 148: } AE_CONNSTART, *PAE_CONNSTART, *LPAE_CONNSTART; ! 149: ! 150: typedef struct _AE_CONNSTOP { ! 151: DWORD ae_cp_compname; ! 152: DWORD ae_cp_username; ! 153: DWORD ae_cp_netname; ! 154: DWORD ae_cp_connid; ! 155: DWORD ae_cp_reason; ! 156: } AE_CONNSTOP, *PAE_CONNSTOP, *LPAE_CONNSTOP; ! 157: ! 158: typedef struct _AE_CONNREJ { ! 159: DWORD ae_cr_compname; ! 160: DWORD ae_cr_username; ! 161: DWORD ae_cr_netname; ! 162: DWORD ae_cr_reason; ! 163: } AE_CONNREJ, *PAE_CONNREJ, *LPAE_CONNREJ; ! 164: ! 165: typedef struct _AE_RESACCESS { ! 166: DWORD ae_ra_compname; ! 167: DWORD ae_ra_username; ! 168: DWORD ae_ra_resname; ! 169: DWORD ae_ra_operation; ! 170: DWORD ae_ra_returncode; ! 171: DWORD ae_ra_restype; ! 172: DWORD ae_ra_fileid; ! 173: } AE_RESACCESS, *PAE_RESACCESS, *LPAE_RESACCESS; ! 174: ! 175: typedef struct _AE_RESACCESSREJ { ! 176: DWORD ae_rr_compname; ! 177: DWORD ae_rr_username; ! 178: DWORD ae_rr_resname; ! 179: DWORD ae_rr_operation; ! 180: } AE_RESACCESSREJ, *PAE_RESACCESSREJ, *LPAE_RESACCESSREJ; ! 181: ! 182: typedef struct _AE_CLOSEFILE { ! 183: DWORD ae_cf_compname; ! 184: DWORD ae_cf_username; ! 185: DWORD ae_cf_resname; ! 186: DWORD ae_cf_fileid; ! 187: DWORD ae_cf_duration; ! 188: DWORD ae_cf_reason; ! 189: } AE_CLOSEFILE, *PAE_CLOSEFILE, *LPAE_CLOSEFILE; ! 190: ! 191: typedef struct _AE_SERVICESTAT { ! 192: DWORD ae_ss_compname; ! 193: DWORD ae_ss_username; ! 194: DWORD ae_ss_svcname; ! 195: DWORD ae_ss_status; ! 196: DWORD ae_ss_code; ! 197: DWORD ae_ss_text; ! 198: DWORD ae_ss_returnval; ! 199: } AE_SERVICESTAT, *PAE_SERVICESTAT, *LPAE_SERVICESTAT; ! 200: ! 201: typedef struct _AE_ACLMOD { ! 202: DWORD ae_am_compname; ! 203: DWORD ae_am_username; ! 204: DWORD ae_am_resname; ! 205: DWORD ae_am_action; ! 206: DWORD ae_am_datalen; ! 207: } AE_ACLMOD, *PAE_ACLMOD, *LPAE_ACLMOD; ! 208: ! 209: typedef struct _AE_UASMOD { ! 210: DWORD ae_um_compname; ! 211: DWORD ae_um_username; ! 212: DWORD ae_um_resname; ! 213: DWORD ae_um_rectype; ! 214: DWORD ae_um_action; ! 215: DWORD ae_um_datalen; ! 216: } AE_UASMOD, *PAE_UASMOD, *LPAE_UASMOD; ! 217: ! 218: typedef struct _AE_NETLOGON { ! 219: DWORD ae_no_compname; ! 220: DWORD ae_no_username; ! 221: DWORD ae_no_privilege; ! 222: DWORD ae_no_authflags; ! 223: } AE_NETLOGON, *PAE_NETLOGON, *LPAE_NETLOGON; ! 224: ! 225: typedef struct _AE_NETLOGOFF { ! 226: DWORD ae_nf_compname; ! 227: DWORD ae_nf_username; ! 228: DWORD ae_nf_reserved1; ! 229: DWORD ae_nf_reserved2; ! 230: } AE_NETLOGOFF, *PAE_NETLOGOFF, *LPAE_NETLOGOFF; ! 231: ! 232: typedef struct _AE_ACCLIM { ! 233: DWORD ae_al_compname; ! 234: DWORD ae_al_username; ! 235: DWORD ae_al_resname; ! 236: DWORD ae_al_limit; ! 237: } AE_ACCLIM, *PAE_ACCLIM, *LPAE_ACCLIM; ! 238: ! 239: #define ACTION_LOCKOUT 00 ! 240: #define ACTION_ADMINUNLOCK 01 ! 241: ! 242: typedef struct _AE_LOCKOUT { ! 243: DWORD ae_lk_compname; // Ptr to computername of client. ! 244: DWORD ae_lk_username; // Ptr to username of client (NULL ! 245: // if same as computername). ! 246: DWORD ae_lk_action; // Action taken on account: ! 247: // 0 means locked out, 1 means not. ! 248: DWORD ae_lk_bad_pw_count; // Bad password count at the time ! 249: // of lockout. ! 250: } AE_LOCKOUT, *PAE_LOCKOUT, *LPAE_LOCKOUT; ! 251: ! 252: typedef struct _AE_GENERIC { ! 253: DWORD ae_ge_msgfile; ! 254: DWORD ae_ge_msgnum; ! 255: DWORD ae_ge_params; ! 256: DWORD ae_ge_param1; ! 257: DWORD ae_ge_param2; ! 258: DWORD ae_ge_param3; ! 259: DWORD ae_ge_param4; ! 260: DWORD ae_ge_param5; ! 261: DWORD ae_ge_param6; ! 262: DWORD ae_ge_param7; ! 263: DWORD ae_ge_param8; ! 264: DWORD ae_ge_param9; ! 265: } AE_GENERIC, *PAE_GENERIC, *LPAE_GENERIC; ! 266: ! 267: // ! 268: // Special Values and Constants - Audit ! 269: // ! 270: ! 271: // ! 272: // Audit entry types (field ae_type in audit_entry). ! 273: // ! 274: ! 275: #define AE_SRVSTATUS 0 ! 276: #define AE_SESSLOGON 1 ! 277: #define AE_SESSLOGOFF 2 ! 278: #define AE_SESSPWERR 3 ! 279: #define AE_CONNSTART 4 ! 280: #define AE_CONNSTOP 5 ! 281: #define AE_CONNREJ 6 ! 282: #define AE_RESACCESS 7 ! 283: #define AE_RESACCESSREJ 8 ! 284: #define AE_CLOSEFILE 9 ! 285: #define AE_SERVICESTAT 11 ! 286: #define AE_ACLMOD 12 ! 287: #define AE_UASMOD 13 ! 288: #define AE_NETLOGON 14 ! 289: #define AE_NETLOGOFF 15 ! 290: #define AE_NETLOGDENIED 16 ! 291: #define AE_ACCLIMITEXCD 17 ! 292: #define AE_RESACCESS2 18 ! 293: #define AE_ACLMODFAIL 19 ! 294: #define AE_LOCKOUT 20 ! 295: #define AE_GENERIC_TYPE 21 ! 296: // ! 297: // Values for ae_ss_status field of ae_srvstatus. ! 298: // ! 299: ! 300: #define AE_SRVSTART 0 ! 301: #define AE_SRVPAUSED 1 ! 302: #define AE_SRVCONT 2 ! 303: #define AE_SRVSTOP 3 ! 304: ! 305: // ! 306: // Values for ae_so_privilege field of ae_sesslogon. ! 307: // ! 308: ! 309: #define AE_GUEST 0 ! 310: #define AE_USER 1 ! 311: #define AE_ADMIN 2 ! 312: ! 313: // ! 314: // Values for various ae_XX_reason fields. ! 315: // ! 316: ! 317: #define AE_NORMAL 0 ! 318: #define AE_USERLIMIT 0 ! 319: #define AE_GENERAL 0 ! 320: #define AE_ERROR 1 ! 321: #define AE_SESSDIS 1 ! 322: #define AE_BADPW 1 ! 323: #define AE_AUTODIS 2 ! 324: #define AE_UNSHARE 2 ! 325: #define AE_ADMINPRIVREQD 2 ! 326: #define AE_ADMINDIS 3 ! 327: #define AE_NOACCESSPERM 3 ! 328: #define AE_ACCRESTRICT 4 ! 329: ! 330: #define AE_NORMAL_CLOSE 0 ! 331: #define AE_SES_CLOSE 1 ! 332: #define AE_ADMIN_CLOSE 2 ! 333: ! 334: // ! 335: // Values for xx_subreason fields. ! 336: // ! 337: ! 338: #define AE_LIM_UNKNOWN 0 ! 339: #define AE_LIM_LOGONHOURS 1 ! 340: #define AE_LIM_EXPIRED 2 ! 341: #define AE_LIM_INVAL_WKSTA 3 ! 342: #define AE_LIM_DISABLED 4 ! 343: #define AE_LIM_DELETED 5 ! 344: ! 345: // ! 346: // Values for xx_action fields ! 347: // ! 348: ! 349: #define AE_MOD 0 ! 350: #define AE_DELETE 1 ! 351: #define AE_ADD 2 ! 352: ! 353: // ! 354: // Types of UAS record for um_rectype field ! 355: // ! 356: ! 357: #define AE_UAS_USER 0 ! 358: #define AE_UAS_GROUP 1 ! 359: #define AE_UAS_MODALS 2 ! 360: ! 361: // ! 362: // Bitmasks for auditing events ! 363: // ! 364: // The parentheses around the hex constants broke h_to_inc ! 365: // and have been purged from the face of the earth. ! 366: // ! 367: ! 368: #define SVAUD_SERVICE 0x1 ! 369: #define SVAUD_GOODSESSLOGON 0x6 ! 370: #define SVAUD_BADSESSLOGON 0x18 ! 371: #define SVAUD_SESSLOGON (SVAUD_GOODSESSLOGON | SVAUD_BADSESSLOGON) ! 372: #define SVAUD_GOODNETLOGON 0x60 ! 373: #define SVAUD_BADNETLOGON 0x180 ! 374: #define SVAUD_NETLOGON (SVAUD_GOODNETLOGON | SVAUD_BADNETLOGON) ! 375: #define SVAUD_LOGON (SVAUD_NETLOGON | SVAUD_SESSLOGON) ! 376: #define SVAUD_GOODUSE 0x600 ! 377: #define SVAUD_BADUSE 0x1800 ! 378: #define SVAUD_USE (SVAUD_GOODUSE | SVAUD_BADUSE) ! 379: #define SVAUD_USERLIST 0x2000 ! 380: #define SVAUD_PERMISSIONS 0x4000 ! 381: #define SVAUD_RESOURCE 0x8000 ! 382: #define SVAUD_LOGONLIM 0x00010000 ! 383: ! 384: // ! 385: // Resource access audit bitmasks. ! 386: // ! 387: ! 388: #define AA_AUDIT_ALL 0x0001 ! 389: #define AA_A_OWNER 0x0004 ! 390: #define AA_CLOSE 0x0008 ! 391: #define AA_S_OPEN 0x0010 ! 392: #define AA_S_WRITE 0x0020 ! 393: #define AA_S_CREATE 0x0020 ! 394: #define AA_S_DELETE 0x0040 ! 395: #define AA_S_ACL 0x0080 ! 396: #define AA_S_ALL ( AA_S_OPEN | AA_S_WRITE | AA_S_DELETE | AA_S_ACL) ! 397: #define AA_F_OPEN 0x0100 ! 398: #define AA_F_WRITE 0x0200 ! 399: #define AA_F_CREATE 0x0200 ! 400: #define AA_F_DELETE 0x0400 ! 401: #define AA_F_ACL 0x0800 ! 402: #define AA_F_ALL ( AA_F_OPEN | AA_F_WRITE | AA_F_DELETE | AA_F_ACL) ! 403: ! 404: // Pinball-specific ! 405: #define AA_A_OPEN 0x1000 ! 406: #define AA_A_WRITE 0x2000 ! 407: #define AA_A_CREATE 0x2000 ! 408: #define AA_A_DELETE 0x4000 ! 409: #define AA_A_ACL 0x8000 ! 410: #define AA_A_ALL ( AA_F_OPEN | AA_F_WRITE | AA_F_DELETE | AA_F_ACL) ! 411: ! 412: ! 413: #ifdef __cplusplus ! 414: } ! 415: #endif ! 416: ! 417: #endif // _LMAUDIT_
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.