2020-09-30 16:53:55 +02:00

90 lines
2.4 KiB
C

/*++
Copyright (c) 1991-1996 Microsoft Corporation
Module Name:
nlsecure.h
Abstract:
Private header file to be included by Netlogon service modules that
need to enforce security.
Author:
Cliff Van Dyke (CliffV) 22-Aug-1991
Revision History:
--*/
//
// nlsecure.c will #include this file with NLSECURE_ALLOCATE defined.
// That will cause each of these variables to be allocated.
//
#ifdef NLSECURE_ALLOCATE
#define EXTERN
#else
#define EXTERN extern
#endif
//-------------------------------------------------------------------//
// //
// Object specific access masks //
// //
//-------------------------------------------------------------------//
//
// ConfigurationInfo specific access masks
//
#define NETLOGON_UAS_LOGON_ACCESS 0x0001
#define NETLOGON_UAS_LOGOFF_ACCESS 0x0002
#define NETLOGON_CONTROL_ACCESS 0x0004
#define NETLOGON_QUERY_ACCESS 0x0008
#define NETLOGON_SERVICE_ACCESS 0x0010
#define NETLOGON_FTINFO_ACCESS 0x0020
#define NETLOGON_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
NETLOGON_UAS_LOGON_ACCESS | \
NETLOGON_UAS_LOGOFF_ACCESS | \
NETLOGON_CONTROL_ACCESS | \
NETLOGON_SERVICE_ACCESS | \
NETLOGON_FTINFO_ACCESS | \
NETLOGON_QUERY_ACCESS )
//
// Object type names for audit alarm tracking
//
#define NETLOGON_SERVICE_OBJECT TEXT("NetlogonService")
//
// Security descriptors of Netlogon Service objects to control user accesses.
//
EXTERN PSECURITY_DESCRIPTOR NlGlobalNetlogonSecurityDescriptor;
//
// Generic mapping for each Netlogon Service object object
//
EXTERN GENERIC_MAPPING NlGlobalNetlogonInfoMapping
#ifdef NLSECURE_ALLOCATE
= {
STANDARD_RIGHTS_READ, // Generic read
STANDARD_RIGHTS_WRITE, // Generic write
STANDARD_RIGHTS_EXECUTE, // Generic execute
NETLOGON_ALL_ACCESS // Generic all
}
#endif // NLSECURE_ALLOCATE
;
NTSTATUS
NlCreateNetlogonObjects(
VOID
);
#undef EXTERN