4 #pragma GCC system_header
10 #define REVISED_AUDIT_ENTRY_STRUCT
11 #define LOGFLAGS_FORWARD 0
12 #define LOGFLAGS_BACKWARD 1
13 #define LOGFLAGS_SEEK 2
14 #define ACTION_LOCKOUT 0
15 #define ACTION_ADMINUNLOCK 1
20 #define AE_USERLIMIT 0
27 #define AE_ADMINPRIVREQD 2
29 #define AE_NOACCESSPERM 3
30 #define AE_ACCRESTRICT 4
31 #define AE_NORMAL_CLOSE 0
32 #define AE_SES_CLOSE 1
33 #define AE_ADMIN_CLOSE 2
34 #define AE_LIM_UNKNOWN 0
35 #define AE_LIM_LOGONHOURS 1
36 #define AE_LIM_EXPIRED 2
37 #define AE_LIM_INVAL_WKSTA 3
38 #define AE_LIM_DISABLED 4
39 #define AE_LIM_DELETED 5
44 #define AE_UAS_GROUP 1
45 #define AE_UAS_MODALS 2
46 #define SVAUD_SERVICE 1
47 #define SVAUD_GOODSESSLOGON 6
48 #define SVAUD_BADSESSLOGON 24
49 #define SVAUD_SESSLOGON (SVAUD_GOODSESSLOGON|SVAUD_BADSESSLOGON)
50 #define SVAUD_GOODNETLOGON 96
51 #define SVAUD_BADNETLOGON 384
52 #define SVAUD_NETLOGON (SVAUD_GOODNETLOGON|SVAUD_BADNETLOGON)
53 #define SVAUD_LOGON (SVAUD_NETLOGON|SVAUD_SESSLOGON)
54 #define SVAUD_GOODUSE 0x600
55 #define SVAUD_BADUSE 0x1800
56 #define SVAUD_USE (SVAUD_GOODUSE|SVAUD_BADUSE)
57 #define SVAUD_USERLIST 8192
58 #define SVAUD_PERMISSIONS 16384
59 #define SVAUD_RESOURCE 32768
60 #define SVAUD_LOGONLIM 65536
61 #define AA_AUDIT_ALL 1
66 #define AA_S_CREATE 32
67 #define AA_S_DELETE 64
71 #define AA_F_WRITE 512
72 #define AA_F_CREATE 512
73 #define AA_F_DELETE 1024
75 #define AA_F_ALL (AA_F_OPEN|AA_F_WRITE|AA_F_DELETE|AA_F_ACL)
76 #define AA_A_OPEN 2048
77 #define AA_A_WRITE 4096
78 #define AA_A_CREATE 8192
79 #define AA_A_DELETE 16384
80 #define AA_A_ACL 32768
81 #define AA_A_ALL (AA_F_OPEN|AA_F_WRITE|AA_F_DELETE|AA_F_ACL)
82 typedef struct _AUDIT_ENTRY {
89 } AUDIT_ENTRY,*PAUDIT_ENTRY,*LPAUDIT_ENTRY;
90 typedef struct _HLOG {
95 } HLOG,*PHLOG,*LPHLOG;
96 typedef struct _AE_SRVSTATUS {
98 } AE_SRVSTATUS,*PAE_SRVSTATUS,*LPAE_SRVSTATUS;
99 typedef struct _AE_SESSLOGON {
100 DWORD ae_so_compname;
101 DWORD ae_so_username;
102 DWORD ae_so_privilege;
103 } AE_SESSLOGON,*PAE_SESSLOGON,*LPAE_SESSLOGON;
104 typedef struct _AE_SESSLOGOFF {
105 DWORD ae_sf_compname;
106 DWORD ae_sf_username;
108 } AE_SESSLOGOFF,*PAE_SESSLOGOFF,*LPAE_SESSLOGOFF;
109 typedef struct _AE_SESSPWERR {
110 DWORD ae_sp_compname;
111 DWORD ae_sp_username;
112 } AE_SESSPWERR,*PAE_SESSPWERR,*LPAE_SESSPWERR;
113 typedef struct _AE_CONNSTART {
114 DWORD ae_ct_compname;
115 DWORD ae_ct_username;
118 } AE_CONNSTART,*PAE_CONNSTART,*LPAE_CONNSTART;
119 typedef struct _AE_CONNSTOP {
120 DWORD ae_cp_compname;
121 DWORD ae_cp_username;
125 } AE_CONNSTOP,*PAE_CONNSTOP,*LPAE_CONNSTOP;
126 typedef struct _AE_CONNREJ {
127 DWORD ae_cr_compname;
128 DWORD ae_cr_username;
131 } AE_CONNREJ,*PAE_CONNREJ,*LPAE_CONNREJ;
132 typedef struct _AE_RESACCESS {
133 DWORD ae_ra_compname;
134 DWORD ae_ra_username;
136 DWORD ae_ra_operation;
137 DWORD ae_ra_returncode;
140 } AE_RESACCESS,*PAE_RESACCESS,*LPAE_RESACCESS;
141 typedef struct _AE_RESACCESSREJ {
142 DWORD ae_rr_compname;
143 DWORD ae_rr_username;
145 DWORD ae_rr_operation;
146 } AE_RESACCESSREJ,*PAE_RESACCESSREJ,*LPAE_RESACCESSREJ;
147 typedef struct _AE_CLOSEFILE {
148 DWORD ae_cf_compname;
149 DWORD ae_cf_username;
152 DWORD ae_cf_duration;
154 } AE_CLOSEFILE,*PAE_CLOSEFILE,*LPAE_CLOSEFILE;
155 typedef struct _AE_SERVICESTAT {
156 DWORD ae_ss_compname;
157 DWORD ae_ss_username;
162 DWORD ae_ss_returnval;
163 } AE_SERVICESTAT,*PAE_SERVICESTAT,*LPAE_SERVICESTAT;
164 typedef struct _AE_ACLMOD {
165 DWORD ae_am_compname;
166 DWORD ae_am_username;
170 } AE_ACLMOD,*PAE_ACLMOD,*LPAE_ACLMOD;
171 typedef struct _AE_UASMOD {
172 DWORD ae_um_compname;
173 DWORD ae_um_username;
178 } AE_UASMOD,*PAE_UASMOD,*LPAE_UASMOD;
179 typedef struct _AE_NETLOGON {
180 DWORD ae_no_compname;
181 DWORD ae_no_username;
182 DWORD ae_no_privilege;
183 DWORD ae_no_authflags;
184 } AE_NETLOGON,*PAE_NETLOGON,*LPAE_NETLOGON;
185 typedef struct _AE_NETLOGOFF {
186 DWORD ae_nf_compname;
187 DWORD ae_nf_username;
188 DWORD ae_nf_reserved1;
189 DWORD ae_nf_reserved2;
190 } AE_NETLOGOFF,*PAE_NETLOGOFF,*LPAE_NETLOGOFF;
191 typedef struct _AE_ACCLIM {
192 DWORD ae_al_compname;
193 DWORD ae_al_username;
196 } AE_ACCLIM,*PAE_ACCLIM,*LPAE_ACCLIM;
197 typedef struct _AE_LOCKOUT {
198 DWORD ae_lk_compname;
199 DWORD ae_lk_username;
201 DWORD ae_lk_bad_pw_count;
202 } AE_LOCKOUT,*PAE_LOCKOUT,*LPAE_LOCKOUT;
203 typedef struct _AE_GENERIC {
216 } AE_GENERIC,*PAE_GENERIC,*LPAE_GENERIC;
217 NET_API_STATUS WINAPI NetAuditClear(LPCWSTR,LPCWSTR,LPCWSTR);
218 NET_API_STATUS WINAPI NetAuditRead(LPTSTR,LPTSTR,LPHLOG,DWORD,PDWORD,DWORD,DWORD,PBYTE*,DWORD,PDWORD,PDWORD);
219 NET_API_STATUS WINAPI NetAuditWrite(DWORD,PBYTE,DWORD,LPTSTR,PBYTE);
221 /* These conflict with struct typedefs, why? */
222 #define AE_SRVSTATUS 0
223 #define AE_SESSLOGON 1
224 #define AE_SESSLOGOFF 2
225 #define AE_SESSPWERR 3
226 #define AE_CONNSTART 4
227 #define AE_CONNSTOP 5
229 #define AE_RESACCESS 7
230 #define AE_RESACCESSREJ 8
231 #define AE_CLOSEFILE 9
232 #define AE_SERVICESTAT 11
235 #define AE_NETLOGON 14
236 #define AE_NETLOGOFF 15
237 #define AE_NETLOGDENIED 16
238 #define AE_ACCLIMITEXCD 17
239 #define AE_RESACCESS2 18
240 #define AE_ACLMODFAIL 19
241 #define AE_LOCKOUT 20
242 #define AE_GENERIC_TYPE 21
243 #define AE_SRVSTART 0
244 #define AE_SRVPAUSED 1