![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to lmaudit.h CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / h|
Return to lmaudit.h CVS log | Up to [WindowsNT SDKs] / mstools / h |
1.1 root 1: /*++ BUILD Version: 0003 // Increment this if a change has global effects
2:
3: Copyright (c) 1991-1993 Microsoft Corporation
4:
5: Module Name:
6:
7: lmaudit.h
8:
9: Abstract:
10:
11: This module defines the API function prototypes and data structures
12: for the following groups of NT API functions:
13: NetAudit
14:
15: Author:
16:
17: Dan Lafferty (danl) 29-Mar-1991
18:
19: Environment:
20:
21: User Mode - Win32
22:
23: Notes:
24:
25: You must include NETCONS.H before this file, since this file depends
26: on values defined in NETCONS.H.
27:
28: Revision History:
29:
30: 28-Mar-1991 Danl
31: Ported from LM2.0 and the LMNETAPI spec.
32: 25-Apr-1991 DanHi
33: Added define for HLOG used by both audit and error logs, surrounded
34: by a protective ifdef. Changed ae_ss_status to ae_sv_status to match
35: LanMan
36: 12-Nov-1991 JohnRo
37: AUDIT_ENTRY structure needs changes to prevent alignment/padding bugs.
38: Added OPTIONAL keyword as applicable. Work toward UNICODE.
39: 26-Oct-1992 JohnRo
40: Correct typedef name for pointer to AE_SRVSTATUS.
41: Added AE_LOCKOUT structure and typedef.
42:
43: --*/
44:
45: #ifndef _LMAUDIT_
46: #define _LMAUDIT_
47:
48: #ifdef __cplusplus
49: extern "C" {
50: #endif
51:
52: #ifndef _LMHLOGDEFINED_
53: #define _LMHLOGDEFINED_
54:
55: typedef struct _HLOG {
56: DWORD time;
57: DWORD last_flags;
58: DWORD offset;
59: DWORD rec_offset;
60: } HLOG, *PHLOG, *LPHLOG;
61:
62: #define LOGFLAGS_FORWARD 0
63: #define LOGFLAGS_BACKWARD 0x1
64: #define LOGFLAGS_SEEK 0x2
65:
66: #endif
67:
68: //
69: // Function Prototypes - Audit
70: //
71:
72: NET_API_STATUS NET_API_FUNCTION
73: NetAuditClear (
74: IN LPTSTR server OPTIONAL,
75: IN LPTSTR backupfile OPTIONAL,
76: IN LPTSTR service OPTIONAL // WARNING: buggy support before LM 2.0C!!
77: );
78:
79: NET_API_STATUS NET_API_FUNCTION
80: NetAuditRead (
81: IN LPTSTR server OPTIONAL,
82: IN LPTSTR service OPTIONAL, // WARNING: buggy support before LM 2.0C!!
83: IN LPHLOG auditloghandle,
84: IN DWORD offset,
85: IN LPDWORD reserved1 OPTIONAL,
86: IN DWORD reserved2,
87: IN DWORD offsetflag,
88: OUT LPBYTE *bufptr,
89: IN DWORD prefmaxlen,
90: OUT LPDWORD bytesread,
91: OUT LPDWORD totalavailable
92: );
93:
94: NET_API_STATUS NET_API_FUNCTION
95: NetAuditWrite (
96: IN DWORD type,
97: IN LPBYTE buf,
98: IN DWORD numbytes,
99: IN LPTSTR service OPTIONAL,
100: IN LPBYTE reserved OPTIONAL
101: );
102:
103:
104: //
105: // Data Structures - Audit
106: //
107:
108: typedef struct _AUDIT_ENTRY {
109: DWORD ae_len;
110: DWORD ae_reserved;
111: DWORD ae_time;
112: DWORD ae_type;
113: DWORD ae_data_offset; /* Offset from beginning
114: address of audit_entry */
115: DWORD ae_data_size; // byte count of ae_data area (not incl pad).
116: } AUDIT_ENTRY, *PAUDIT_ENTRY, *LPAUDIT_ENTRY;
117:
118: // BUGBUG: Temporary to let users ifdef on this struct layout.
119: #define REVISED_AUDIT_ENTRY_STRUCT
120:
121:
122: typedef struct _AE_SRVSTATUS {
123: DWORD ae_sv_status;
124: } AE_SRVSTATUS, *PAE_SRVSTATUS, *LPAE_SRVSTATUS;
125:
126: typedef struct _AE_SESSLOGON {
127: DWORD ae_so_compname;
128: DWORD ae_so_username;
129: DWORD ae_so_privilege;
130: } AE_SESSLOGON, *PAE_SESSLOGON, *LPAE_SESSLOGON;
131:
132: typedef struct _AE_SESSLOGOFF {
133: DWORD ae_sf_compname;
134: DWORD ae_sf_username;
135: DWORD ae_sf_reason;
136: } AE_SESSLOGOFF, *PAE_SESSLOGOFF, *LPAE_SESSLOGOFF;
137:
138: typedef struct _AE_SESSPWERR {
139: DWORD ae_sp_compname;
140: DWORD ae_sp_username;
141: } AE_SESSPWERR, *PAE_SESSPWERR, *LPAE_SESSPWERR;
142:
143: typedef struct _AE_CONNSTART {
144: DWORD ae_ct_compname;
145: DWORD ae_ct_username;
146: DWORD ae_ct_netname;
147: DWORD ae_ct_connid;
148: } AE_CONNSTART, *PAE_CONNSTART, *LPAE_CONNSTART;
149:
150: typedef struct _AE_CONNSTOP {
151: DWORD ae_cp_compname;
152: DWORD ae_cp_username;
153: DWORD ae_cp_netname;
154: DWORD ae_cp_connid;
155: DWORD ae_cp_reason;
156: } AE_CONNSTOP, *PAE_CONNSTOP, *LPAE_CONNSTOP;
157:
158: typedef struct _AE_CONNREJ {
159: DWORD ae_cr_compname;
160: DWORD ae_cr_username;
161: DWORD ae_cr_netname;
162: DWORD ae_cr_reason;
163: } AE_CONNREJ, *PAE_CONNREJ, *LPAE_CONNREJ;
164:
165: typedef struct _AE_RESACCESS {
166: DWORD ae_ra_compname;
167: DWORD ae_ra_username;
168: DWORD ae_ra_resname;
169: DWORD ae_ra_operation;
170: DWORD ae_ra_returncode;
171: DWORD ae_ra_restype;
172: DWORD ae_ra_fileid;
173: } AE_RESACCESS, *PAE_RESACCESS, *LPAE_RESACCESS;
174:
175: typedef struct _AE_RESACCESSREJ {
176: DWORD ae_rr_compname;
177: DWORD ae_rr_username;
178: DWORD ae_rr_resname;
179: DWORD ae_rr_operation;
180: } AE_RESACCESSREJ, *PAE_RESACCESSREJ, *LPAE_RESACCESSREJ;
181:
182: typedef struct _AE_CLOSEFILE {
183: DWORD ae_cf_compname;
184: DWORD ae_cf_username;
185: DWORD ae_cf_resname;
186: DWORD ae_cf_fileid;
187: DWORD ae_cf_duration;
188: DWORD ae_cf_reason;
189: } AE_CLOSEFILE, *PAE_CLOSEFILE, *LPAE_CLOSEFILE;
190:
191: typedef struct _AE_SERVICESTAT {
192: DWORD ae_ss_compname;
193: DWORD ae_ss_username;
194: DWORD ae_ss_svcname;
195: DWORD ae_ss_status;
196: DWORD ae_ss_code;
197: DWORD ae_ss_text;
198: DWORD ae_ss_returnval;
199: } AE_SERVICESTAT, *PAE_SERVICESTAT, *LPAE_SERVICESTAT;
200:
201: typedef struct _AE_ACLMOD {
202: DWORD ae_am_compname;
203: DWORD ae_am_username;
204: DWORD ae_am_resname;
205: DWORD ae_am_action;
206: DWORD ae_am_datalen;
207: } AE_ACLMOD, *PAE_ACLMOD, *LPAE_ACLMOD;
208:
209: typedef struct _AE_UASMOD {
210: DWORD ae_um_compname;
211: DWORD ae_um_username;
212: DWORD ae_um_resname;
213: DWORD ae_um_rectype;
214: DWORD ae_um_action;
215: DWORD ae_um_datalen;
216: } AE_UASMOD, *PAE_UASMOD, *LPAE_UASMOD;
217:
218: typedef struct _AE_NETLOGON {
219: DWORD ae_no_compname;
220: DWORD ae_no_username;
221: DWORD ae_no_privilege;
222: DWORD ae_no_authflags;
223: } AE_NETLOGON, *PAE_NETLOGON, *LPAE_NETLOGON;
224:
225: typedef struct _AE_NETLOGOFF {
226: DWORD ae_nf_compname;
227: DWORD ae_nf_username;
228: DWORD ae_nf_reserved1;
229: DWORD ae_nf_reserved2;
230: } AE_NETLOGOFF, *PAE_NETLOGOFF, *LPAE_NETLOGOFF;
231:
232: typedef struct _AE_ACCLIM {
233: DWORD ae_al_compname;
234: DWORD ae_al_username;
235: DWORD ae_al_resname;
236: DWORD ae_al_limit;
237: } AE_ACCLIM, *PAE_ACCLIM, *LPAE_ACCLIM;
238:
239: #define ACTION_LOCKOUT 00
240: #define ACTION_ADMINUNLOCK 01
241:
242: typedef struct _AE_LOCKOUT {
243: DWORD ae_lk_compname; // Ptr to computername of client.
244: DWORD ae_lk_username; // Ptr to username of client (NULL
245: // if same as computername).
246: DWORD ae_lk_action; // Action taken on account:
247: // 0 means locked out, 1 means not.
248: DWORD ae_lk_bad_pw_count; // Bad password count at the time
249: // of lockout.
250: } AE_LOCKOUT, *PAE_LOCKOUT, *LPAE_LOCKOUT;
251:
252: typedef struct _AE_GENERIC {
253: DWORD ae_ge_msgfile;
254: DWORD ae_ge_msgnum;
255: DWORD ae_ge_params;
256: DWORD ae_ge_param1;
257: DWORD ae_ge_param2;
258: DWORD ae_ge_param3;
259: DWORD ae_ge_param4;
260: DWORD ae_ge_param5;
261: DWORD ae_ge_param6;
262: DWORD ae_ge_param7;
263: DWORD ae_ge_param8;
264: DWORD ae_ge_param9;
265: } AE_GENERIC, *PAE_GENERIC, *LPAE_GENERIC;
266:
267: //
268: // Special Values and Constants - Audit
269: //
270:
271: //
272: // Audit entry types (field ae_type in audit_entry).
273: //
274:
275: #define AE_SRVSTATUS 0
276: #define AE_SESSLOGON 1
277: #define AE_SESSLOGOFF 2
278: #define AE_SESSPWERR 3
279: #define AE_CONNSTART 4
280: #define AE_CONNSTOP 5
281: #define AE_CONNREJ 6
282: #define AE_RESACCESS 7
283: #define AE_RESACCESSREJ 8
284: #define AE_CLOSEFILE 9
285: #define AE_SERVICESTAT 11
286: #define AE_ACLMOD 12
287: #define AE_UASMOD 13
288: #define AE_NETLOGON 14
289: #define AE_NETLOGOFF 15
290: #define AE_NETLOGDENIED 16
291: #define AE_ACCLIMITEXCD 17
292: #define AE_RESACCESS2 18
293: #define AE_ACLMODFAIL 19
294: #define AE_LOCKOUT 20
295: #define AE_GENERIC_TYPE 21
296: //
297: // Values for ae_ss_status field of ae_srvstatus.
298: //
299:
300: #define AE_SRVSTART 0
301: #define AE_SRVPAUSED 1
302: #define AE_SRVCONT 2
303: #define AE_SRVSTOP 3
304:
305: //
306: // Values for ae_so_privilege field of ae_sesslogon.
307: //
308:
309: #define AE_GUEST 0
310: #define AE_USER 1
311: #define AE_ADMIN 2
312:
313: //
314: // Values for various ae_XX_reason fields.
315: //
316:
317: #define AE_NORMAL 0
318: #define AE_USERLIMIT 0
319: #define AE_GENERAL 0
320: #define AE_ERROR 1
321: #define AE_SESSDIS 1
322: #define AE_BADPW 1
323: #define AE_AUTODIS 2
324: #define AE_UNSHARE 2
325: #define AE_ADMINPRIVREQD 2
326: #define AE_ADMINDIS 3
327: #define AE_NOACCESSPERM 3
328: #define AE_ACCRESTRICT 4
329:
330: #define AE_NORMAL_CLOSE 0
331: #define AE_SES_CLOSE 1
332: #define AE_ADMIN_CLOSE 2
333:
334: //
335: // Values for xx_subreason fields.
336: //
337:
338: #define AE_LIM_UNKNOWN 0
339: #define AE_LIM_LOGONHOURS 1
340: #define AE_LIM_EXPIRED 2
341: #define AE_LIM_INVAL_WKSTA 3
342: #define AE_LIM_DISABLED 4
343: #define AE_LIM_DELETED 5
344:
345: //
346: // Values for xx_action fields
347: //
348:
349: #define AE_MOD 0
350: #define AE_DELETE 1
351: #define AE_ADD 2
352:
353: //
354: // Types of UAS record for um_rectype field
355: //
356:
357: #define AE_UAS_USER 0
358: #define AE_UAS_GROUP 1
359: #define AE_UAS_MODALS 2
360:
361: //
362: // Bitmasks for auditing events
363: //
364: // The parentheses around the hex constants broke h_to_inc
365: // and have been purged from the face of the earth.
366: //
367:
368: #define SVAUD_SERVICE 0x1
369: #define SVAUD_GOODSESSLOGON 0x6
370: #define SVAUD_BADSESSLOGON 0x18
371: #define SVAUD_SESSLOGON (SVAUD_GOODSESSLOGON | SVAUD_BADSESSLOGON)
372: #define SVAUD_GOODNETLOGON 0x60
373: #define SVAUD_BADNETLOGON 0x180
374: #define SVAUD_NETLOGON (SVAUD_GOODNETLOGON | SVAUD_BADNETLOGON)
375: #define SVAUD_LOGON (SVAUD_NETLOGON | SVAUD_SESSLOGON)
376: #define SVAUD_GOODUSE 0x600
377: #define SVAUD_BADUSE 0x1800
378: #define SVAUD_USE (SVAUD_GOODUSE | SVAUD_BADUSE)
379: #define SVAUD_USERLIST 0x2000
380: #define SVAUD_PERMISSIONS 0x4000
381: #define SVAUD_RESOURCE 0x8000
382: #define SVAUD_LOGONLIM 0x00010000
383:
384: //
385: // Resource access audit bitmasks.
386: //
387:
388: #define AA_AUDIT_ALL 0x0001
389: #define AA_A_OWNER 0x0004
390: #define AA_CLOSE 0x0008
391: #define AA_S_OPEN 0x0010
392: #define AA_S_WRITE 0x0020
393: #define AA_S_CREATE 0x0020
394: #define AA_S_DELETE 0x0040
395: #define AA_S_ACL 0x0080
396: #define AA_S_ALL ( AA_S_OPEN | AA_S_WRITE | AA_S_DELETE | AA_S_ACL)
397: #define AA_F_OPEN 0x0100
398: #define AA_F_WRITE 0x0200
399: #define AA_F_CREATE 0x0200
400: #define AA_F_DELETE 0x0400
401: #define AA_F_ACL 0x0800
402: #define AA_F_ALL ( AA_F_OPEN | AA_F_WRITE | AA_F_DELETE | AA_F_ACL)
403:
404: // Pinball-specific
405: #define AA_A_OPEN 0x1000
406: #define AA_A_WRITE 0x2000
407: #define AA_A_CREATE 0x2000
408: #define AA_A_DELETE 0x4000
409: #define AA_A_ACL 0x8000
410: #define AA_A_ALL ( AA_F_OPEN | AA_F_WRITE | AA_F_DELETE | AA_F_ACL)
411:
412:
413: #ifdef __cplusplus
414: }
415: #endif
416:
417: #endif // _LMAUDIT_
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.