Difference between revisions of "Unit Security"
(2 intermediate revisions by the same user not shown) | |||
Line 5: | Line 5: | ||
---- | ---- | ||
− | '''Ultibo Security | + | '''Ultibo Security Interface unit''' |
This unit implements the security support for Ultibo. | This unit implements the security support for Ultibo. | ||
Line 559: | Line 559: | ||
| | | | ||
|- | |- | ||
− | + | |colspan="2"| | |
− | | | + | |
|- | |- | ||
| <code>DOMAIN_ALIAS_RID_REPLICATOR = $00000228;</code> | | <code>DOMAIN_ALIAS_RID_REPLICATOR = $00000228;</code> | ||
Line 1,562: | Line 1,561: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,574: | Line 1,573: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,586: | Line 1,585: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,598: | Line 1,597: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,610: | Line 1,609: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,622: | Line 1,621: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,634: | Line 1,633: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,646: | Line 1,645: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,658: | Line 1,657: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,670: | Line 1,669: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,682: | Line 1,681: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,694: | Line 1,693: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,706: | Line 1,705: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,718: | Line 1,717: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,730: | Line 1,729: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,742: | Line 1,741: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,754: | Line 1,753: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,766: | Line 1,765: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,778: | Line 1,777: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,790: | Line 1,789: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,802: | Line 1,801: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,814: | Line 1,813: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,826: | Line 1,825: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,838: | Line 1,837: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,850: | Line 1,849: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,862: | Line 1,861: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,874: | Line 1,873: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,886: | Line 1,885: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,898: | Line 1,897: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,910: | Line 1,909: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,922: | Line 1,921: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,934: | Line 1,933: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,946: | Line 1,945: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,958: | Line 1,957: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,970: | Line 1,969: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,982: | Line 1,981: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 1,994: | Line 1,993: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,006: | Line 2,005: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,018: | Line 2,017: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,030: | Line 2,029: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,042: | Line 2,041: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,054: | Line 2,053: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,066: | Line 2,065: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,078: | Line 2,077: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,090: | Line 2,089: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,102: | Line 2,101: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,114: | Line 2,113: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,126: | Line 2,125: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,138: | Line 2,137: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,153: | Line 2,152: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,165: | Line 2,164: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,177: | Line 2,176: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,189: | Line 2,188: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,201: | Line 2,200: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,213: | Line 2,212: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,225: | Line 2,224: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,237: | Line 2,236: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,249: | Line 2,248: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- | ||
Line 2,261: | Line 2,260: | ||
{| class="wikitable" style="font-size: 14px; background: white;" | {| class="wikitable" style="font-size: 14px; background: white;" | ||
|- | |- | ||
− | ! | + | ! Note |
| None documented | | None documented | ||
|- | |- |
Latest revision as of 04:43, 31 August 2021
Return to Unit Reference
Description
Ultibo Security Interface unit
This unit implements the security support for Ultibo.
Constants
ANYSIZE_*
ANYSIZE_ARRAY = 1;
|
SID_*
SID_REVISION = 1;
|
Current revision level |
SID_MAX_SUB_AUTHORITIES = 15;
|
|
SID_RECOMMENDED_SUB_AUTHORITIES = 1;
|
Will change to around 6 in a future release |
SECURITY_MIN_SID_SIZE = SizeOf(SID) - SizeOf(DWORD);
|
Account for SubAuthority[0] |
SECURITY_MAX_SID_SIZE = SizeOf(SID) - SizeOf(DWORD) + (SID_MAX_SUB_AUTHORITIES * SizeOf(DWORD));
|
Account for SubAuthority[0] |
SidTypeUser = 1;
|
|
SidTypeGroup = 2;
|
|
SidTypeDomain = 3;
|
|
SidTypeAlias = 4;
|
|
SidTypeWellKnownGroup = 5;
|
|
SidTypeDeletedAccount = 6;
|
|
SidTypeInvalid = 7;
|
|
SidTypeUnknown = 8;
|
|
SidTypeComputer = 9;
|
ACL_*
ACL_REVISION = 2;
|
|
ACL_REVISION_DS = 4;
|
|
ACL_REVISION1 = 1;
|
|
ACL_REVISION2 = 2;
|
|
MIN_ACL_REVISION = ACL_REVISION2;
|
|
ACL_REVISION3 = 3;
|
|
ACL_REVISION4 = 4;
|
|
MAX_ACL_REVISION = ACL_REVISION4;
|
|
AclRevisionInformation = 1;
|
|
AclSizeInformation = 2;
|
ACE_*
The following are the predefined ace types that go into the AceType field of an Ace header | |
ACCESS_MIN_MS_ACE_TYPE = $0;
|
|
ACCESS_ALLOWED_ACE_TYPE = $0;
|
|
ACCESS_DENIED_ACE_TYPE = $1;
|
|
SYSTEM_AUDIT_ACE_TYPE = $2;
|
|
SYSTEM_ALARM_ACE_TYPE = $3;
|
|
ACCESS_MAX_MS_V2_ACE_TYPE = $3;
|
|
ACCESS_ALLOWED_COMPOUND_ACE_TYPE = $4;
|
|
ACCESS_MAX_MS_V3_ACE_TYPE = $4;
|
|
ACCESS_MIN_MS_OBJECT_ACE_TYPE = $5;
|
|
ACCESS_ALLOWED_OBJECT_ACE_TYPE = $5;
|
|
ACCESS_DENIED_OBJECT_ACE_TYPE = $6;
|
|
SYSTEM_AUDIT_OBJECT_ACE_TYPE = $7;
|
|
SYSTEM_ALARM_OBJECT_ACE_TYPE = $8;
|
|
ACCESS_MAX_MS_OBJECT_ACE_TYPE = $8;
|
|
ACCESS_MAX_MS_V4_ACE_TYPE = $8;
|
|
ACCESS_MAX_MS_ACE_TYPE = $8;
|
|
ACCESS_ALLOWED_CALLBACK_ACE_TYPE = $9;
|
|
ACCESS_DENIED_CALLBACK_ACE_TYPE = $A;
|
|
ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE = $B;
|
|
ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE = $C;
|
|
SYSTEM_AUDIT_CALLBACK_ACE_TYPE = $D;
|
|
SYSTEM_ALARM_CALLBACK_ACE_TYPE = $E;
|
|
SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE = $F;
|
|
SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE = $10;
|
|
ACCESS_MAX_MS_V5_ACE_TYPE = $10;
|
|
The following are the inherit flags that go into the AceFlags field of an Ace header | |
OBJECT_INHERIT_ACE = $1;
|
|
CONTAINER_INHERIT_ACE = $2;
|
|
NO_PROPAGATE_INHERIT_ACE = $4;
|
|
INHERIT_ONLY_ACE = $8;
|
|
INHERITED_ACE = $10;
|
|
VALID_INHERIT_FLAGS = $1F;
|
|
The following are the currently defined ACE flags that go into the AceFlags field of an ACE header. Each ACE type has its own set of AceFlags. | |
SYSTEM_AUDIT and SYSTEM_ALARM AceFlags | |
SUCCESSFUL_ACCESS_ACE_FLAG = $40;
|
|
FAILED_ACCESS_ACE_FLAG = $80;
|
|
Currently defined Flags for "OBJECT" ACE types | |
ACE_OBJECT_TYPE_PRESENT = $1;
|
|
ACE_INHERITED_OBJECT_TYPE_PRESENT = $2;
|
SECURITY_DESCRIPTOR_*
SECURITY_DESCRIPTOR_REVISION = 1;
|
Current security descriptor revision value |
SECURITY_DESCRIPTOR_REVISION1 = 1;
|
|
SE_OWNER_DEFAULTED = $0001;
|
|
SE_GROUP_DEFAULTED = $0002;
|
|
SE_DACL_PRESENT = $0004;
|
|
SE_DACL_DEFAULTED = $0008;
|
|
SE_SACL_PRESENT = $0010;
|
|
SE_SACL_DEFAULTED = $0020;
|
|
SE_DACL_AUTO_INHERIT_REQ = $0100;
|
|
SE_SACL_AUTO_INHERIT_REQ = $0200;
|
|
SE_DACL_AUTO_INHERITED = $0400;
|
|
SE_SACL_AUTO_INHERITED = $0800;
|
|
SE_DACL_PROTECTED = $1000;
|
|
SE_SACL_PROTECTED = $2000;
|
|
SE_RM_CONTROL_VALID = $4000;
|
|
SE_SELF_RELATIVE = $8000;
|
SECURITY_NULL_SID_*
SECURITY_NULL_SID_IDENTIFIER = 0;
|
|
SECURITY_WORLD_SID_IDENTIFIER = 1;
|
|
SECURITY_LOCAL_SID_IDENTIFIER = 2;
|
|
SECURITY_CREATOR_SID_IDENTIFIER = 3;
|
|
SECURITY_NON_UNIQUE_IDENTIFIER = 4;
|
|
SECURITY_RESOURCE_MANAGER_IDENTIFIER = 9;
|
|
SECURITY_NULL_SID_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 0));
|
|
SECURITY_WORLD_SID_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 1));
|
|
SECURITY_LOCAL_SID_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 2));
|
|
SECURITY_CREATOR_SID_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 3));
|
|
SECURITY_NON_UNIQUE_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 4));
|
|
SECURITY_RESOURCE_MANAGER_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 9));
|
|
SECURITY_NULL_RID = $00000000;
|
|
SECURITY_WORLD_RID = $00000000;
|
|
SECURITY_LOCAL_RID = $00000000;
|
|
SECURITY_CREATOR_OWNER_RID = $00000000;
|
|
SECURITY_CREATOR_GROUP_RID = $00000001;
|
|
SECURITY_CREATOR_OWNER_SERVER_RID = $00000002;
|
|
SECURITY_CREATOR_GROUP_SERVER_RID = $00000003;
|
SECURITY_NT_IDENTIFIER*
SECURITY_NT_IDENTIFIER = 5;
|
|
SECURITY_NT_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 5));
|
|
SECURITY_DIALUP_RID = $00000001;
|
|
SECURITY_NETWORK_RID = $00000002;
|
|
SECURITY_BATCH_RID = $00000003;
|
|
SECURITY_INTERACTIVE_RID = $00000004;
|
|
SECURITY_SERVICE_RID = $00000006;
|
|
SECURITY_ANONYMOUS_LOGON_RID = $00000007;
|
|
SECURITY_PROXY_RID = $00000008;
|
|
SECURITY_ENTERPRISE_CONTROLLERS_RID = $00000009;
|
|
SECURITY_SERVER_LOGON_RID = SECURITY_ENTERPRISE_CONTROLLERS_RID;
|
|
SECURITY_PRINCIPAL_SELF_RID = $0000000A;
|
|
SECURITY_AUTHENTICATED_USER_RID = $0000000B;
|
|
SECURITY_RESTRICTED_CODE_RID = $0000000C;
|
|
SECURITY_TERMINAL_SERVER_RID = $0000000D;
|
|
SECURITY_REMOTE_LOGON_RID = $0000000E;
|
|
SECURITY_LOGON_IDS_RID = $00000005;
|
|
SECURITY_LOGON_IDS_RID_COUNT = 3;
|
|
SECURITY_LOCAL_SYSTEM_RID = $00000012;
|
|
SECURITY_LOCAL_SERVICE_RID = $00000013;
|
|
SECURITY_NETWORK_SERVICE_RID = $00000014;
|
|
SECURITY_NT_NON_UNIQUE = $00000015;
|
|
SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT = 3;
|
|
SECURITY_BUILTIN_DOMAIN_RID = $00000020;
|
_USER_RID_*
DOMAIN_USER_RID_ADMIN = $000001F4;
|
|
DOMAIN_USER_RID_GUEST = $000001F5;
|
|
DOMAIN_USER_RID_KRBTGT = $000001F6;
|
_GROUP_RID_*
DOMAIN_GROUP_RID_ADMINS = $00000200;
|
|
DOMAIN_GROUP_RID_USERS = $00000201;
|
|
DOMAIN_GROUP_RID_GUESTS = $00000202;
|
|
DOMAIN_GROUP_RID_COMPUTERS = $00000203;
|
|
DOMAIN_GROUP_RID_CONTROLLERS = $00000204;
|
|
DOMAIN_GROUP_RID_CERT_ADMINS = $00000205;
|
|
DOMAIN_GROUP_RID_SCHEMA_ADMINS = $00000206;
|
|
DOMAIN_GROUP_RID_ENTERPRISE_ADMINS = $00000207;
|
|
DOMAIN_GROUP_RID_POLICY_ADMINS = $00000208;
|
_ALIAS_RID_*
DOMAIN_ALIAS_RID_ADMINS = $00000220;
|
|
DOMAIN_ALIAS_RID_USERS = $00000221;
|
|
DOMAIN_ALIAS_RID_GUESTS = $00000222;
|
|
DOMAIN_ALIAS_RID_POWER_USERS = $00000223;
|
|
DOMAIN_ALIAS_RID_ACCOUNT_OPS = $00000224;
|
|
DOMAIN_ALIAS_RID_SYSTEM_OPS = $00000225;
|
|
DOMAIN_ALIAS_RID_PRINT_OPS = $00000226;
|
|
DOMAIN_ALIAS_RID_BACKUP_OPS = $00000227;
|
|
DOMAIN_ALIAS_RID_REPLICATOR = $00000228;
|
|
DOMAIN_ALIAS_RID_RAS_SERVERS = $00000229;
|
|
DOMAIN_ALIAS_RID_PREW2KCOMPACCESS = $0000022A;
|
|
DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS = $0000022B;
|
|
DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS = $0000022C;
|
_GROUP_*
SE_GROUP_MANDATORY = $00000001;
|
|
SE_GROUP_ENABLED_BY_DEFAULT = $00000002;
|
|
SE_GROUP_ENABLED = $00000004;
|
|
SE_GROUP_OWNER = $00000008;
|
|
SE_GROUP_USE_FOR_DENY_ONLY = $00000010;
|
|
SE_GROUP_LOGON_ID = $C0000000;
|
|
SE_GROUP_RESOURCE = $20000000;
|
Type definitions
SID identifier authority
SID_IDENTIFIER_AUTHORITY = _SID_IDENTIFIER_AUTHORITY;
TSidIdentifierAuthority = SID_IDENTIFIER_AUTHORITY;
PSidIdentifierAuthority = PSID_IDENTIFIER_AUTHORITY;
PSID_IDENTIFIER_AUTHORITY = ^SID_IDENTIFIER_AUTHORITY;
_SID_IDENTIFIER_AUTHORITY = record
Value: array [0..5] of Byte;
|
SID types
SID = _SID;
PPSID = ^PSID;
TSid = SID;
PSid = ^SID;
_SID = record
Revision: Byte;
|
|
SubAuthorityCount: Byte;
|
|
IdentifierAuthority: SID_IDENTIFIER_AUTHORITY;
|
|
SubAuthority: array [0..ANYSIZE_ARRAY - 1] of DWORD;
|
Signed types
BOOL = LongBool;
|
Unsigned types
UCHAR = Byte;
|
Pointer types
PUCHAR = ^Byte;
|
GUID types
GUID = TGUID;
|
SID name use
_SID_NAME_USE = DWORD;
|
|
SID_NAME_USE = _SID_NAME_USE;
|
|
PSID_NAME_USE = ^SID_NAME_USE;
|
|
TSidNameUse = SID_NAME_USE;
|
|
PSidNameUse = PSID_NAME_USE;
|
SID and attributes
SID_AND_ATTRIBUTES = _SID_AND_ATTRIBUTES;
TSidAndAttributes = SID_AND_ATTRIBUTES;
PSidAndAttributes = PSID_AND_ATTRIBUTES;
PSID_AND_ATTRIBUTES = ^SID_AND_ATTRIBUTES;
_SID_AND_ATTRIBUTES = record
Sid: PSID;
|
|
Attributes: DWORD;
|
SID and attributes array
SID_AND_ATTRIBUTES_ARRAY = array [0..ANYSIZE_ARRAY - 1] of SID_AND_ATTRIBUTES;
|
|
PSID_AND_ATTRIBUTES_ARRAY = ^SID_AND_ATTRIBUTES_ARRAY;
|
|
PSidAndAttributesArray = ^TSidAndAttributesArray;
|
|
TSidAndAttributesArray = SID_AND_ATTRIBUTES_ARRAY;
|
ACL
ACL = _ACL;
TAcl = ACL;
PPACL = ^PACL;
PACL = ^ACL;
_ACL = record
AclRevision: Byte;
|
|
Sbz1: Byte;
|
|
AclSize: Word;
|
|
AceCount: Word;
|
|
Sbz2: Word;
|
ACL information class
_ACL_INFORMATION_CLASS = DWORD;
|
|
ACL_INFORMATION_CLASS = _ACL_INFORMATION_CLASS;
|
|
TAclInformationClass = ACL_INFORMATION_CLASS;
|
ACL revision information
ACL_REVISION_INFORMATION = _ACL_REVISION_INFORMATION;
TAclRevisionInformation = ACL_REVISION_INFORMATION;
PAclRevisionInformation = PACL_REVISION_INFORMATION;
PACL_REVISION_INFORMATION = ^ACL_REVISION_INFORMATION;
_ACL_REVISION_INFORMATION = record
Note: This record is returned/sent if the user is requesting/setting the AclRevisionInformation | |
AclRevision: DWORD;
|
ACL size information
ACL_SIZE_INFORMATION = _ACL_SIZE_INFORMATION;
TAclSizeInformation = ACL_SIZE_INFORMATION;
PAclSizeInformation = PACL_SIZE_INFORMATION;
PACL_SIZE_INFORMATION = ^ACL_SIZE_INFORMATION;
_ACL_SIZE_INFORMATION = record
Note: This record is returned if the user is requesting AclSizeInformation | |
AceCount: DWORD;
|
|
AclBytesInUse: DWORD;
|
|
AclBytesFree: DWORD;
|
Access mask
ACCESS_MASK = DWORD;
|
|
PACCESS_MASK = ^ACCESS_MASK;
|
|
TAccessMask = ACCESS_MASK;
|
|
PAccessMask = PACCESS_MASK;
|
ACE header
ACE_HEADER = _ACE_HEADER;
TAceHeader = ACE_HEADER;
PAceHeader = PACE_HEADER;
PACE_HEADER = ^ACE_HEADER;
_ACE_HEADER = record
AceType: Byte;
|
|
AceFlags: Byte;
|
|
AceSize: Word;
|
Access allowed
ACCESS_ALLOWED_ACE = _ACCESS_ALLOWED_ACE;
TAccessAllowedAce = ACCESS_ALLOWED_ACE;
PAccessAllowedAce = PACCESS_ALLOWED_ACE;
PACCESS_ALLOWED_ACE = ^ACCESS_ALLOWED_ACE;
_ACCESS_ALLOWED_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
SidStart: DWORD;
|
Access denied
ACCESS_DENIED_ACE = _ACCESS_DENIED_ACE;
TAccessDeniedAce = ACCESS_DENIED_ACE;
PAccessDeniedAce = PACCESS_DENIED_ACE;
PACCESS_DENIED_ACE = ^ACCESS_DENIED_ACE;
_ACCESS_DENIED_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
SidStart: DWORD;
|
System audit
SYSTEM_AUDIT_ACE = _SYSTEM_AUDIT_ACE;
TSystemAuditAce = SYSTEM_AUDIT_ACE;
PSystemAuditAce = PSYSTEM_AUDIT_ACE;
PSYSTEM_AUDIT_ACE = ^SYSTEM_AUDIT_ACE;
_SYSTEM_AUDIT_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
SidStart: DWORD;
|
System alarm
SYSTEM_ALARM_ACE = _SYSTEM_ALARM_ACE;
TSystemAlarmAce = SYSTEM_ALARM_ACE;
PSystemAlarmAce = PSYSTEM_ALARM_ACE;
PSYSTEM_ALARM_ACE = ^SYSTEM_ALARM_ACE;
_SYSTEM_ALARM_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
SidStart: DWORD;
|
Access allowed object
ACCESS_ALLOWED_OBJECT_ACE = _ACCESS_ALLOWED_OBJECT_ACE;
TAccessAllowedObjectAce = ACCESS_ALLOWED_OBJECT_ACE;
PAccessAllowedObjectAce = PACCESS_ALLOWED_OBJECT_ACE;
PACCESS_ALLOWED_OBJECT_ACE = ^ACCESS_ALLOWED_OBJECT_ACE;
_ACCESS_ALLOWED_OBJECT_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
Flags: DWORD;
|
|
ObjectType: GUID;
|
|
InheritedObjectType: GUID;
|
|
SidStart: DWORD;
|
Access denied object
ACCESS_DENIED_OBJECT_ACE = _ACCESS_DENIED_OBJECT_ACE;
TAccessDeniedObjectAce = ACCESS_DENIED_OBJECT_ACE;
PAccessDeniedObjectAce = PACCESS_DENIED_OBJECT_ACE;
PACCESS_DENIED_OBJECT_ACE = ^ACCESS_DENIED_OBJECT_ACE;
_ACCESS_DENIED_OBJECT_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
Flags: DWORD;
|
|
ObjectType: GUID;
|
|
InheritedObjectType: GUID;
|
|
SidStart: DWORD;
|
System audit object
SYSTEM_AUDIT_OBJECT_ACE = _SYSTEM_AUDIT_OBJECT_ACE;
TSystemAuditObjectAce = SYSTEM_AUDIT_OBJECT_ACE;
PSystemAuditObjectAce = PSYSTEM_AUDIT_OBJECT_ACE;
PSYSTEM_AUDIT_OBJECT_ACE = ^SYSTEM_AUDIT_OBJECT_ACE;
_SYSTEM_AUDIT_OBJECT_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
Flags: DWORD;
|
|
ObjectType: GUID;
|
|
InheritedObjectType: GUID;
|
|
SidStart: DWORD;
|
System alarm object
SYSTEM_ALARM_OBJECT_ACE = _SYSTEM_ALARM_OBJECT_ACE;
TSystemAlarmObjectAce = SYSTEM_ALARM_OBJECT_ACE;
PSystemAlarmObjectAce = PSYSTEM_ALARM_OBJECT_ACE;
PSYSTEM_ALARM_OBJECT_ACE = ^SYSTEM_ALARM_OBJECT_ACE;
_SYSTEM_ALARM_OBJECT_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
Flags: DWORD;
|
|
ObjectType: GUID;
|
|
InheritedObjectType: GUID;
|
|
SidStart: DWORD;
|
Security descriptor control
SECURITY_DESCRIPTOR_CONTROL = WORD;
|
|
PSECURITY_DESCRIPTOR_CONTROL = ^SECURITY_DESCRIPTOR_CONTROL;
|
|
TSecurityDescriptorControl = SECURITY_DESCRIPTOR_CONTROL;
|
|
PSecurityDescriptorControl = PSECURITY_DESCRIPTOR_CONTROL;
|
Security descriptor relative
SECURITY_DESCRIPTOR_RELATIVE = _SECURITY_DESCRIPTOR_RELATIVE;
TSecurityDescriptorRelative = SECURITY_DESCRIPTOR_RELATIVE;
PSecurityDescriptorRelative = PSECURITY_DESCRIPTOR_RELATIVE;
PSECURITY_DESCRIPTOR_RELATIVE = ^SECURITY_DESCRIPTOR_RELATIVE;
_SECURITY_DESCRIPTOR_RELATIVE = record
Revision: Byte;
|
|
Sbz1: Byte;
|
|
Control: SECURITY_DESCRIPTOR_CONTROL;
|
|
Owner: DWORD;
|
|
Group: DWORD;
|
|
Sacl: DWORD;
|
|
Dacl: DWORD;
|
Security descriptor
SECURITY_DESCRIPTOR = _SECURITY_DESCRIPTOR;
TSecurityDescriptor = SECURITY_DESCRIPTOR;
PSecurityDescriptor = PSECURITY_DESCRIPTOR;
PPSECURITY_DESCRIPTOR = ^PSECURITY_DESCRIPTOR;
PSECURITY_DESCRIPTOR = ^SECURITY_DESCRIPTOR;
_SECURITY_DESCRIPTOR = record
Revision: Byte;
|
|
Sbz1: Byte;
|
|
Control: SECURITY_DESCRIPTOR_CONTROL;
|
|
Owner: PSID;
|
|
Group: PSID;
|
|
Sacl: PACL;
|
|
Dacl: PACL;
|
Well known SID type
WELL_KNOWN_SID_TYPE = (
WinNullSid,
|
|
WinWorldSid,
|
|
WinLocalSid,
|
|
WinCreatorOwnerSid,
|
|
WinCreatorGroupSid,
|
|
WinCreatorOwnerServerSid,
|
|
WinCreatorGroupServerSid,
|
|
WinNtAuthoritySid,
|
|
WinDialupSid,
|
|
WinNetworkSid,
|
|
WinBatchSid,
|
|
WinInteractiveSid,
|
|
WinServiceSid,
|
|
WinAnonymousSid,
|
|
WinProxySid,
|
|
WinEnterpriseControllersSid,
|
|
WinSelfSid,
|
|
WinAuthenticatedUserSid,
|
|
WinRestrictedCodeSid,
|
|
WinTerminalServerSid,
|
|
WinRemoteLogonIdSid,
|
|
WinLogonIdsSid,
|
|
WinLocalSystemSid,
|
|
WinLocalServiceSid,
|
|
WinNetworkServiceSid,
|
|
WinBuiltinDomainSid,
|
|
WinBuiltinAdministratorsSid,
|
|
WinBuiltinUsersSid,
|
|
WinBuiltinGuestsSid,
|
|
WinBuiltinPowerUsersSid,
|
|
WinBuiltinAccountOperatorsSid,
|
|
WinBuiltinSystemOperatorsSid,
|
|
WinBuiltinPrintOperatorsSid,
|
|
WinBuiltinBackupOperatorsSid,
|
|
WinBuiltinReplicatorSid,
|
|
WinBuiltinPreWindows2000CompatibleAccessSid,
|
|
WinBuiltinRemoteDesktopUsersSid,
|
|
WinBuiltinNetworkConfigurationOperatorsSid,
|
|
WinAccountAdministratorSid,
|
|
WinAccountGuestSid,
|
|
WinAccountKrbtgtSid,
|
|
WinAccountDomainAdminsSid,
|
|
WinAccountDomainUsersSid,
|
|
WinAccountDomainGuestsSid,
|
|
WinAccountComputersSid,
|
|
WinAccountControllersSid,
|
|
WinAccountCertAdminsSid,
|
|
WinAccountSchemaAdminsSid,
|
|
WinAccountEnterpriseAdminsSid,
|
|
WinAccountPolicyAdminsSid,
|
|
WinAccountRasAndIasServersSid);
|
|
TWellKnownSidType = WELL_KNOWN_SID_TYPE;
|
Well known SID
PWellKnownSid = ^TWellKnownSid;
TWellKnownSid = record
SidHeader:TSID;
|
|
SubAuthorities:array[0..5] of DWORD;
|
Well known ACE
TWellKnownAce = record
Note: Not Packed (Descriptor Ace defaults) | |
AceType:Byte;
|
|
AceFlags:Byte;
|
|
AceSize:Word;
|
|
Mask:LongWord;
|
|
Sid:TWellKnownSidType;
|
Well known ACL
TWellKnownAcl = record
Note: Not Packed (Descriptor Acl defaults) | |
AclRevision:Byte;
|
|
AclSize:Word;
|
|
AceCount:Word;
|
|
Aces:array[0..7] of TWellKnownAce;
|
Well known descriptor
PWellKnownDescriptor = ^TWellKnownDescriptor;
TWellKnownDescriptor = record
Note: Not Packed (Descriptor defaults) | |
Size:LongWord;
|
|
Revision:Byte;
|
Revision |
Control:Word;
|
Control Flags |
OwnerOffset:LongWord;
|
Offset to Owner SID |
GroupOffset:LongWord;
|
Offset to Group SID |
SaclOffset:LongWord;
|
Offset to SACL |
DaclOffset:LongWord;
|
Offset to DACL |
Owner:TWellKnownSidType;
|
|
Group:TWellKnownSidType;
|
|
Sacl:TWellKnownAcl;
|
|
Dacl:TWellKnownAcl;
|
Public variables
None defined
Function declarations
Security functions
function IsWellKnownSid(Sid: PSID; WellKnownSidType: WELL_KNOWN_SID_TYPE): BOOL;
Note | None documented |
---|
function CreateWellKnownSid(WellKnownSidType: WELL_KNOWN_SID_TYPE; DomainSid: PSID; Sid: PSID; var cbSid: DWORD): BOOL;
Note | None documented |
---|
function IsValidSid(Sid: PSID): BOOL;
Note | None documented |
---|
function EqualSid(Sid1, Sid2: PSID): BOOL;
Note | None documented |
---|
function EqualPrefixSid(Sid1, Sid2: PSID): BOOL;
Note | None documented |
---|
function GetSidLengthRequired(nSubAuthorityCount: UCHAR): DWORD;
Note | None documented |
---|
function AllocateAndInitializeSid(const pIdentifierAuthority: TSIDIdentifierAuthority; nSubAuthorityCount: Byte; nSubAuthority0, nSubAuthority1: DWORD; nSubAuthority2, nSubAuthority3, nSubAuthority4: DWORD; nSubAuthority5, nSubAuthority6, nSubAuthority7: DWORD; var Sid: PSID): BOOL;
Note | None documented |
---|
function FreeSid(Sid: PSID): Pointer;
Note | None documented |
---|
function InitializeSid(Sid: PSID; const pIdentifierAuthority: TSIDIdentifierAuthority; nSubAuthorityCount: Byte): BOOL;
Note | None documented |
---|
function GetSidIdentifierAuthority(Sid: PSID): PSIDIdentifierAuthority;
Note | None documented |
---|
function GetSidSubAuthority(Sid: PSID; nSubAuthority: DWORD): PDWORD;
Note | None documented |
---|
function GetSidSubAuthorityCount(Sid: PSID): PUCHAR;
Note | None documented |
---|
function GetLengthSid(Sid: PSID): DWORD;
Note | None documented |
---|
function CopySid(nDestinationSidLength: DWORD; pDestinationSid, pSourceSid: PSID): BOOL;
Note | None documented |
---|
function ConvertSidToStringSid(Sid: PSID; var StringSid: PChar): BOOL;
Note | None documented |
---|
function ConvertStringSidToSid(StringSid: PChar; var Sid: PSID): BOOL;
Note | None documented |
---|
function IsValidAcl(const pAcl: TACL): BOOL;
Note | None documented |
---|
function InitializeAcl(var pAcl: TACL; nAclLength, dwAclRevision: DWORD): BOOL;
Note | None documented |
---|
function GetAclInformation(const pAcl: TACL; pAclInformation: Pointer; nAclInformationLength: DWORD; dwAclInformationClass: TAclInformationClass): BOOL;
Note | None documented |
---|
function SetAclInformation(var pAcl: TACL; pAclInformation: Pointer; nAclInformationLength: DWORD; dwAclInformationClass: TAclInformationClass): BOOL;
Note | None documented |
---|
function AddAce(var pAcl: TACL; dwAceRevision, dwStartingAceIndex: DWORD; pAceList: Pointer; nAceListLength: DWORD): BOOL;
Note | None documented |
---|
function DeleteAce(var pAcl: TACL; dwAceIndex: DWORD): BOOL;
Note | None documented |
---|
function GetAce(const pAcl: TACL; dwAceIndex: DWORD; var pAce: Pointer): BOOL;
Note | None documented |
---|
function AddAccessAllowedAce(var pAcl: TACL; dwAceRevision: DWORD; AccessMask: DWORD; Sid: PSID): BOOL;
Note | None documented |
---|
function AddAccessAllowedAceEx(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; AccessMask: DWORD; Sid: PSID): BOOL;
Note | None documented |
---|
function AddAccessDeniedAce(var pAcl: TACL; dwAceRevision: DWORD; AccessMask: DWORD; Sid: PSID): BOOL;
Note | None documented |
---|
function AddAccessDeniedAceEx(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; AccessMask: DWORD; Sid: PSID): BOOL;
Note | None documented |
---|
function AddAuditAccessAce(var pAcl: TACL; dwAceRevision: DWORD; dwAccessMask: DWORD; Sid: PSID; bAuditSuccess, bAuditFailure: BOOL): BOOL;
Note | None documented |
---|
function AddAuditAccessAceEx(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; dwAccessMask: DWORD; Sid: PSID; bAuditSuccess, bAuditFailure: BOOL): BOOL;
Note | None documented |
---|
function AddAccessAllowedObjectAce(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; AccessMask: DWORD; ObjectTypeGuid, InheritedObjectTypeGuid: PGUID; Sid: PSID): BOOL;
Note | None documented |
---|
function AddAccessDeniedObjectAce(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; AccessMask: DWORD; ObjectTypeGuid, InheritedObjectTypeGuid: PGUID; Sid: PSID): BOOL;
Note | None documented |
---|
function AddAuditAccessObjectAce(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; AccessMask: DWORD; ObjectTypeGuid, InheritedObjectTypeGuid: PGUID; Sid: PSID; bAuditSuccess, bAuditFailure: BOOL): BOOL;
Note | None documented |
---|
function FindFirstFreeAce(var pAcl: TACL; var pAce: Pointer): BOOL;
Note | None documented |
---|
function InitializeSecurityDescriptor(pSecurityDescriptor: PSecurityDescriptor; dwRevision: DWORD): BOOL;
Note | None documented |
---|
function IsValidSecurityDescriptor(pSecurityDescriptor: PSecurityDescriptor): BOOL;
Note | None documented |
---|
function GetSecurityDescriptorLength(pSecurityDescriptor: PSecurityDescriptor): DWORD;
Note | None documented |
---|
function GetSecurityDescriptorControl(pSecurityDescriptor: PSecurityDescriptor; var pControl: SECURITY_DESCRIPTOR_CONTROL; var lpdwRevision: DWORD): BOOL;
Note | None documented |
---|
function SetSecurityDescriptorControl(pSecurityDescriptor: PSecurityDescriptor; ControlBitsOfInterest, ControlBitsToSet: SECURITY_DESCRIPTOR_CONTROL): BOOL;
Note | None documented |
---|
function GetSecurityDescriptorDacl(pSecurityDescriptor: PSecurityDescriptor; var lpbDaclPresent: BOOL; var pDacl: PACL; var lpbDaclDefaulted: BOOL): BOOL;
Note | None documented |
---|
function SetSecurityDescriptorDacl(pSecurityDescriptor: PSecurityDescriptor; bDaclPresent: BOOL; pDacl: PACL; bDaclDefaulted: BOOL): BOOL;
Note | None documented |
---|
function GetSecurityDescriptorSacl(pSecurityDescriptor: PSecurityDescriptor; var lpbSaclPresent: BOOL; var pSacl: PACL; var lpbSaclDefaulted: BOOL): BOOL;
Note | None documented |
---|
function SetSecurityDescriptorSacl(pSecurityDescriptor: PSecurityDescriptor; bSaclPresent: BOOL; pSacl: PACL; bSaclDefaulted: BOOL): BOOL;
Note | None documented |
---|
function GetSecurityDescriptorOwner(pSecurityDescriptor: PSecurityDescriptor; var pOwner: PSID; var lpbOwnerDefaulted: BOOL): BOOL;
Note | None documented |
---|
function SetSecurityDescriptorOwner(pSecurityDescriptor: PSecurityDescriptor; pOwner: PSID; bOwnerDefaulted: BOOL): BOOL;
Note | None documented |
---|
function GetSecurityDescriptorGroup(pSecurityDescriptor: PSecurityDescriptor; var pGroup: PSID; var lpbGroupDefaulted: BOOL): BOOL;
Note | None documented |
---|
function SetSecurityDescriptorGroup(pSecurityDescriptor: PSecurityDescriptor; pGroup: PSID; bGroupDefaulted: BOOL): BOOL;
Note | None documented |
---|
function MakeSelfRelativeSD(pAbsoluteSecurityDescriptor: PSecurityDescriptor; pSelfRelativeSecurityDescriptor: PSecurityDescriptor; var lpdwBufferLength: DWORD): BOOL;
Note | None documented |
---|
function MakeAbsoluteSD(pSelfRelativeSecurityDescriptor: PSecurityDescriptor; pAbsoluteSecurityDescriptor: PSecurityDescriptor; var lpdwAbsoluteSecurityDescriptorSi: DWORD; var pDacl: TACL; var lpdwDaclSize: DWORD; var pSacl: TACL; var lpdwSaclSize: DWORD; pOwner: PSID; var lpdwOwnerSize: DWORD; pPrimaryGroup: PSID; var lpdwPrimaryGroupSize: DWORD): BOOL;
Note | None documented |
---|
function MakeAbsoluteSD2(pSelfRelativeSecurityDescriptor: PSecurityDescriptor; var lpdwBufferSize: DWORD): BOOL;
Note | None documented |
---|
Security helper functions
function SplitStringSid(const StringSid:String):TStringList;
Note | None documented |
---|
function CreateDefaultSid(var pCreatedSid: PSID): BOOL;
Note | None documented |
---|
function DestroyDefaultSid(pDefaultSid: PSID): BOOL;
Note | None documented |
---|
function CreateDefaultSecurityDescriptor(var pCreatedSecurityDescriptor: PSecurityDescriptor; bFolder: BOOL): BOOL;
Note | None documented |
---|
function DestroyDefaultSecurityDescriptor(pDefaultSecurityDescriptor: PSecurityDescriptor): BOOL;
Note | None documented |
---|
function CreateInheritedSecurityDescriptorNT(pParentSecurityDescriptor: PSecurityDescriptor; var pCreatedSecurityDescriptor: PSecurityDescriptor): BOOL;
Note | None documented |
---|
function CreateInheritedSecurityDescriptor2K(pParentSecurityDescriptor: PSecurityDescriptor; var pCreatedSecurityDescriptor: PSecurityDescriptor): BOOL;
Note | None documented |
---|
function CreateMergedSecurityDescriptor2K(pParentSecurityDescriptor, pChildSecurityDescriptor: PSecurityDescriptor; var pCreatedSecurityDescriptor: PSecurityDescriptor): BOOL;
Note | None documented |
---|
function DestroyInheritedSecurityDescriptor(pInheritedSecurityDescriptor: PSecurityDescriptor): BOOL;
Note | None documented |
---|
function DestroyMergedSecurityDescriptor(pMergedSecurityDescriptor: PSecurityDescriptor): BOOL;
Note | None documented |
---|
Return to Unit Reference