Microsoft/NT4
Microsoft/NT4
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
ce47f986d8
NT4/private/newsam/server/regnames.txt

261 lines
11 KiB
Plaintext
Raw Normal View History

First commit
2001-01-01 00:00:00 +01:00
/*++
Copyright (c) 1990 Microsoft Corporation
Module Name:
regnames.txt
Abstract:
This file describes the registry namespace used to back-store the SAM
database.
Author:
Jim Kelly (JimK) 3-June-1991
Revision History:
1.0 - Initial implementation
1.1 - Conversion to FlexAdmin model
--*/
/*
The following notation is used:
Xxx is the unicode name of a registry key.
For example, "PasswordExpires".
(Xxx) is a description of a registry key's name.
For example, "(UserName)" might indicate that the key name
is a user's name.
[kvt,Value] kvt is the key value type, and Value describes the
value of a registry key. If no specific key value type is used,
then [,Value] references just the value. If the key has a
key value type, but no key value, then [kvt,] notation is used.
Individual keys or key values may be referenced in the description
as follows:
SAM/Domains/(DomainName)/Users/(UserName)
- references a particular user name in a particular domain.
SAM/Domains/(DomainName)/Users/(UserName)[,Rid]
- references a value of a named key.
.../(UserName) or
.../(UserName)[Rid] may also be used as a shorthand notation when
I get tired of typing out the whole name.
NOTE: In several instances, and RID is used as a key name. In this
case an ASCII conversion of the ULONG value is used. The name
is printable and contains no zero bytes.
///////////////////////////////////////////////////////////////////////////////
The structure of the registry namespace used to back-store the SAM
database is as follows:
SAM [Revision,SecurityDescriptor]
--+-
+-- Domains
----+--
+-- (DomainName1) [,SecurityDescriptor]
| (...)
+-- (DomainNameN) [,SecurityDescriptor]
The structure under each named domain is as follows:
(DomainName) [Revision, SecurityDescriptor]
----+-------
+-- V1_Fixed [, SAMP_V1_FIXED_LENGTH_DOMAIN]
+-- DomainSid [,SidValue]
+-- OemInformation [,unicode string]
+-- ReplicaSourceNodeName [,unicode string]
|
+-- Users [Count,]
| ---+-
| +-- Names
| | --+---
| | +-- (UserName1) [UserRid,]
| | | (...)
| | +-- (UserNameL) [UserRid,]
| |
| +-- (UserRid1) [Revision,SecurityDescriptor]
| | (...)
| +-- (UserRidL) [Revision,SecurityDescriptor]
|
+-- Groups [Count,]
| ---+--
| +-- Names
| | --+---
| | +-- (GroupName1) [GroupRid,]
| | | (...)
| | +-- (GroupNameM) [GroupRid,]
| |
| +-- (GroupRid1) [Revision,SecurityDescriptor]
| | (...)
| +-- (GroupRidM) [Revision,SecurityDescriptor]
|
|
+-- Aliases [Count,]
---+---
+-- Names
| --+---
| +-- (AliasName1) [AliasRid,]
| | (...)
| +-- (AliasNameN) [AliasRid,]
|
+-- (AliasRid1) [Revision,SecurityDescriptor]
| (...)
+-- (AliasRidN) [Revision,SecurityDescriptor]
|
|
+-- Members [DomainCount,]
--+----
+-- (DomainSid1) [RidCount,]
| -------+----
| +-- (AccountRid0) [AliasCount,(Alias0Rid, (...), AliasX-1Rid)]
| | (...)
| +-- (AccountRidY) [AliasCount,(Alias0Rid, (...), AliasX-1Rid)]
|
+-- (DomainSid2) [RidCount,]
| ------------
| +-- (AccountRid0) [AliasCount,(Alias0Rid, (...), AliasX-1Rid)]
| | (...)
| +-- (AccountRidZ) [AliasCount,(Alias0Rid, (...), AliasX-1Rid)]
.
.
.
The structure under each (UserRid) is as follows:
(UserRid) [Revision,SecurityDescriptor]
+-- V1_Fixed [,SAMP_V1_FIXED_LENGTH_USER]
+-- AccountName [,unicode string]
+-- FullName [,unicode string]
+-- AdminComment [,unicode string]
+-- UserComment [,unicode string]
+-- Parameters [,unicode string]
+-- HomeDirectory [,unicode string]
+-- HomeDirectoryDrive [,unicode string]
+-- ScriptPath [,unicode string]
+-- Workstations [,unicode string]
+-- CaseInsensitiveDbcs [,dbcs string]
+-- CaseSensitiveUnicode [,unicode string]
+-- LmPasswordHistory [,unicode string]
+-- NtPasswordHistory [,unicode string]
+-- LogonHours [See Note On Logon Hours]
+-- ProfilePath [,unicode string]
+-- Groups [Count,(Group0Rid/Attributes, (...), GroupY-1Rid/Attributes)]
The structure under each (GroupRid) is as follows:
(GroupRid) [Revision,SecurityDescriptor]
---+-----
+-- V1_Fixed [,SAM_V1_FIXED_LENGTH_GROUP]
+-- Name [,Name]
+-- AdminComment [,unicode string]
+-- Members [Count,(Member0Rid, (...), MemberX-1Rid)]
The structure under each (AliasRid) is as follows:
(AliasRid) [Revision,SecurityDescriptor]
---+-----
+-- V1_Fixed [,SAM_V1_FIXED_LENGTH_ADMIN]
+-- Name [,Name]
+-- AdminComment [,unicode string]
+-- Members [Count,(Member0Sid, (...), MemberX-1Sid)]
The structure under the Alias\Members key is used for looking up the aliases
an SID is a member of (at logon time). These keys have the following
description:
- keyValueType of Alias\Members - This field contains a count of
domains whose accounts are included as alias members. For
example, if there are three aliases, and these aliases collectively
have the following members:
\MS\SYS\NTDEV\JIMK
\MS\SYS\NTDEV\DAVEC
\MS\SYS\NTDEV\CHADS
\MS\SYS\NTPGM\BOBMU
\MS\EXEC\BILLG
\MS\EXEC\PAULMA
\MS\EXEC\STEVEB
then this represents accounts from 3 domains ("\MS\SYS\NTDEV",
"\MS\SYS\NTPGM", and "\MS\EXEC"). So, the DomainCount would
be three.
- Each Alias\Members\(DomainSid) key - These each have a name representing
the SID of the domains counted in the DomainCount.
- Under each Alias\Members\(DomainSid) key - There is a single key for each
account in that domain that is a member of an alias. The name of these
keys are printable representations of their RIDs. The KeyValueType
field of these keys contains a count of the aliases the SID is a member
of. The KeyValue field contains an array of RIDs of the Aliases that
the SID is a member of.
===============================================================================
Logon Hours are stored as follows:
The KeyValueType is used to store the UnitsPerWeek value.
This value may not exceed SAM_MINUTES_PER_WEEK (10080).
The actual bitmask of legitimate logon times is stored as
the key value. The number of bytes stored is
((KeyValueType + 1) / 8).
If there are no logon time restrictions, the key will have
a KeyValueType of zero and there will be no KeyValue.
REVISION HISTORY
----------------
Revision 1.0, 3-June-1991, Jim Kelly (JimK)
- Initial implementation
Revision 1.1, 4-Jan-1992, Jim Kelly (JimK)
- Conversion to FlexAdmin model.
- Added all Alias fields. Notice that the members of aliases
are SIDs, not RIDs. This makes alias membership marshalling
much more difficult than for Group objects.
- Drop the following fields:
(UserRid)/LogonServer
- Added the following fields:
(UserRid)/ProfilePath
Reference in New Issue Copy Permalink