Funktionierender Prototyp des Serious Games zur Vermittlung von Wissen zu Software-Engineering-Arbeitsmodellen.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

ntsecuritycon.py 22KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731
  1. # Hacked from winnt.h
  2. DELETE = 65536
  3. READ_CONTROL = 131072
  4. WRITE_DAC = 262144
  5. WRITE_OWNER = 524288
  6. SYNCHRONIZE = 1048576
  7. STANDARD_RIGHTS_REQUIRED = 983040
  8. STANDARD_RIGHTS_READ = READ_CONTROL
  9. STANDARD_RIGHTS_WRITE = READ_CONTROL
  10. STANDARD_RIGHTS_EXECUTE = READ_CONTROL
  11. STANDARD_RIGHTS_ALL = 2031616
  12. SPECIFIC_RIGHTS_ALL = 65535
  13. ACCESS_SYSTEM_SECURITY = 16777216
  14. MAXIMUM_ALLOWED = 33554432
  15. GENERIC_READ = -2147483648
  16. GENERIC_WRITE = 1073741824
  17. GENERIC_EXECUTE = 536870912
  18. GENERIC_ALL = 268435456
  19. # file security permissions
  20. FILE_READ_DATA = 1
  21. FILE_LIST_DIRECTORY = 1
  22. FILE_WRITE_DATA = 2
  23. FILE_ADD_FILE = 2
  24. FILE_APPEND_DATA = 4
  25. FILE_ADD_SUBDIRECTORY = 4
  26. FILE_CREATE_PIPE_INSTANCE = 4
  27. FILE_READ_EA = 8
  28. FILE_WRITE_EA = 16
  29. FILE_EXECUTE = 32
  30. FILE_TRAVERSE = 32
  31. FILE_DELETE_CHILD = 64
  32. FILE_READ_ATTRIBUTES = 128
  33. FILE_WRITE_ATTRIBUTES = 256
  34. FILE_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 511
  35. FILE_GENERIC_READ = (
  36. STANDARD_RIGHTS_READ
  37. | FILE_READ_DATA
  38. | FILE_READ_ATTRIBUTES
  39. | FILE_READ_EA
  40. | SYNCHRONIZE
  41. )
  42. FILE_GENERIC_WRITE = (
  43. STANDARD_RIGHTS_WRITE
  44. | FILE_WRITE_DATA
  45. | FILE_WRITE_ATTRIBUTES
  46. | FILE_WRITE_EA
  47. | FILE_APPEND_DATA
  48. | SYNCHRONIZE
  49. )
  50. FILE_GENERIC_EXECUTE = (
  51. STANDARD_RIGHTS_EXECUTE | FILE_READ_ATTRIBUTES | FILE_EXECUTE | SYNCHRONIZE
  52. )
  53. SECURITY_NULL_SID_AUTHORITY = (0, 0, 0, 0, 0, 0)
  54. SECURITY_WORLD_SID_AUTHORITY = (0, 0, 0, 0, 0, 1)
  55. SECURITY_LOCAL_SID_AUTHORITY = (0, 0, 0, 0, 0, 2)
  56. SECURITY_CREATOR_SID_AUTHORITY = (0, 0, 0, 0, 0, 3)
  57. SECURITY_NON_UNIQUE_AUTHORITY = (0, 0, 0, 0, 0, 4)
  58. SECURITY_RESOURCE_MANAGER_AUTHORITY = (0, 0, 0, 0, 0, 9)
  59. SECURITY_NULL_RID = 0
  60. SECURITY_WORLD_RID = 0
  61. SECURITY_LOCAL_RID = 0x00000000
  62. SECURITY_CREATOR_OWNER_RID = 0
  63. SECURITY_CREATOR_GROUP_RID = 1
  64. SECURITY_CREATOR_OWNER_SERVER_RID = 2
  65. SECURITY_CREATOR_GROUP_SERVER_RID = 3
  66. SECURITY_CREATOR_OWNER_RIGHTS_RID = 4
  67. # NT well-known SIDs
  68. SECURITY_NT_AUTHORITY = (0, 0, 0, 0, 0, 5)
  69. SECURITY_DIALUP_RID = 1
  70. SECURITY_NETWORK_RID = 2
  71. SECURITY_BATCH_RID = 3
  72. SECURITY_INTERACTIVE_RID = 4
  73. SECURITY_SERVICE_RID = 6
  74. SECURITY_ANONYMOUS_LOGON_RID = 7
  75. SECURITY_PROXY_RID = 8
  76. SECURITY_SERVER_LOGON_RID = 9
  77. SECURITY_LOGON_IDS_RID = 5
  78. SECURITY_LOGON_IDS_RID_COUNT = 3
  79. SECURITY_LOCAL_SYSTEM_RID = 18
  80. SECURITY_NT_NON_UNIQUE = 21
  81. SECURITY_BUILTIN_DOMAIN_RID = 32
  82. # well-known domain relative sub-authority values (RIDs)...
  83. DOMAIN_USER_RID_ADMIN = 500
  84. DOMAIN_USER_RID_GUEST = 501
  85. DOMAIN_USER_RID_KRBTGT = 502
  86. DOMAIN_USER_RID_MAX = 999
  87. # well-known groups ...
  88. DOMAIN_GROUP_RID_ADMINS = 512
  89. DOMAIN_GROUP_RID_USERS = 513
  90. DOMAIN_GROUP_RID_GUESTS = 514
  91. DOMAIN_GROUP_RID_COMPUTERS = 515
  92. DOMAIN_GROUP_RID_CONTROLLERS = 516
  93. DOMAIN_GROUP_RID_CERT_ADMINS = 517
  94. DOMAIN_GROUP_RID_SCHEMA_ADMINS = 518
  95. DOMAIN_GROUP_RID_ENTERPRISE_ADMINS = 519
  96. DOMAIN_GROUP_RID_POLICY_ADMINS = 520
  97. DOMAIN_GROUP_RID_READONLY_CONTROLLERS = 521
  98. # well-known aliases ...
  99. DOMAIN_ALIAS_RID_ADMINS = 544
  100. DOMAIN_ALIAS_RID_USERS = 545
  101. DOMAIN_ALIAS_RID_GUESTS = 546
  102. DOMAIN_ALIAS_RID_POWER_USERS = 547
  103. DOMAIN_ALIAS_RID_ACCOUNT_OPS = 548
  104. DOMAIN_ALIAS_RID_SYSTEM_OPS = 549
  105. DOMAIN_ALIAS_RID_PRINT_OPS = 550
  106. DOMAIN_ALIAS_RID_BACKUP_OPS = 551
  107. DOMAIN_ALIAS_RID_REPLICATOR = 552
  108. DOMAIN_ALIAS_RID_RAS_SERVERS = 553
  109. DOMAIN_ALIAS_RID_PREW2KCOMPACCESS = 554
  110. DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS = 555
  111. DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS = 556
  112. DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS = 557
  113. DOMAIN_ALIAS_RID_MONITORING_USERS = 558
  114. DOMAIN_ALIAS_RID_LOGGING_USERS = 559
  115. DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS = 560
  116. DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS = 561
  117. DOMAIN_ALIAS_RID_DCOM_USERS = 562
  118. DOMAIN_ALIAS_RID_IUSERS = 568
  119. DOMAIN_ALIAS_RID_CRYPTO_OPERATORS = 569
  120. DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP = 571
  121. DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP = 572
  122. DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP = 573
  123. SECURITY_MANDATORY_LABEL_AUTHORITY = (0, 0, 0, 0, 0, 16)
  124. SECURITY_MANDATORY_UNTRUSTED_RID = 0x00000000
  125. SECURITY_MANDATORY_LOW_RID = 0x00001000
  126. SECURITY_MANDATORY_MEDIUM_RID = 0x00002000
  127. SECURITY_MANDATORY_HIGH_RID = 0x00003000
  128. SECURITY_MANDATORY_SYSTEM_RID = 0x00004000
  129. SECURITY_MANDATORY_PROTECTED_PROCESS_RID = 0x00005000
  130. SECURITY_MANDATORY_MAXIMUM_USER_RID = SECURITY_MANDATORY_SYSTEM_RID
  131. SYSTEM_LUID = (999, 0)
  132. ANONYMOUS_LOGON_LUID = (998, 0)
  133. LOCALSERVICE_LUID = (997, 0)
  134. NETWORKSERVICE_LUID = (996, 0)
  135. IUSER_LUID = (995, 0)
  136. # Group attributes
  137. SE_GROUP_MANDATORY = 1
  138. SE_GROUP_ENABLED_BY_DEFAULT = 2
  139. SE_GROUP_ENABLED = 4
  140. SE_GROUP_OWNER = 8
  141. SE_GROUP_USE_FOR_DENY_ONLY = 16
  142. SE_GROUP_INTEGRITY = 32
  143. SE_GROUP_INTEGRITY_ENABLED = 64
  144. SE_GROUP_RESOURCE = 536870912
  145. SE_GROUP_LOGON_ID = -1073741824
  146. # User attributes
  147. # (None yet defined.)
  148. # ACE types
  149. ACCESS_MIN_MS_ACE_TYPE = 0
  150. ACCESS_ALLOWED_ACE_TYPE = 0
  151. ACCESS_DENIED_ACE_TYPE = 1
  152. SYSTEM_AUDIT_ACE_TYPE = 2
  153. SYSTEM_ALARM_ACE_TYPE = 3
  154. ACCESS_MAX_MS_V2_ACE_TYPE = 3
  155. ACCESS_ALLOWED_COMPOUND_ACE_TYPE = 4
  156. ACCESS_MAX_MS_V3_ACE_TYPE = 4
  157. ACCESS_MIN_MS_OBJECT_ACE_TYPE = 5
  158. ACCESS_ALLOWED_OBJECT_ACE_TYPE = 5
  159. ACCESS_DENIED_OBJECT_ACE_TYPE = 6
  160. SYSTEM_AUDIT_OBJECT_ACE_TYPE = 7
  161. SYSTEM_ALARM_OBJECT_ACE_TYPE = 8
  162. ACCESS_MAX_MS_OBJECT_ACE_TYPE = 8
  163. ACCESS_MAX_MS_V4_ACE_TYPE = 8
  164. ACCESS_MAX_MS_ACE_TYPE = 8
  165. ACCESS_ALLOWED_CALLBACK_ACE_TYPE = 9
  166. ACCESS_DENIED_CALLBACK_ACE_TYPE = 10
  167. ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE = 11
  168. ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE = 12
  169. SYSTEM_AUDIT_CALLBACK_ACE_TYPE = 13
  170. SYSTEM_ALARM_CALLBACK_ACE_TYPE = 14
  171. SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE = 15
  172. SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE = 16
  173. SYSTEM_MANDATORY_LABEL_ACE_TYPE = 17
  174. ACCESS_MAX_MS_V5_ACE_TYPE = 17
  175. # The following are the inherit flags that go into the AceFlags field
  176. # of an Ace header.
  177. OBJECT_INHERIT_ACE = 1
  178. CONTAINER_INHERIT_ACE = 2
  179. NO_PROPAGATE_INHERIT_ACE = 4
  180. INHERIT_ONLY_ACE = 8
  181. VALID_INHERIT_FLAGS = 15
  182. SUCCESSFUL_ACCESS_ACE_FLAG = 64
  183. FAILED_ACCESS_ACE_FLAG = 128
  184. SE_OWNER_DEFAULTED = 1
  185. SE_GROUP_DEFAULTED = 2
  186. SE_DACL_PRESENT = 4
  187. SE_DACL_DEFAULTED = 8
  188. SE_SACL_PRESENT = 16
  189. SE_SACL_DEFAULTED = 32
  190. SE_SELF_RELATIVE = 32768
  191. SE_PRIVILEGE_ENABLED_BY_DEFAULT = 1
  192. SE_PRIVILEGE_ENABLED = 2
  193. SE_PRIVILEGE_USED_FOR_ACCESS = -2147483648
  194. PRIVILEGE_SET_ALL_NECESSARY = 1
  195. # NT Defined Privileges
  196. SE_CREATE_TOKEN_NAME = "SeCreateTokenPrivilege"
  197. SE_ASSIGNPRIMARYTOKEN_NAME = "SeAssignPrimaryTokenPrivilege"
  198. SE_LOCK_MEMORY_NAME = "SeLockMemoryPrivilege"
  199. SE_INCREASE_QUOTA_NAME = "SeIncreaseQuotaPrivilege"
  200. SE_UNSOLICITED_INPUT_NAME = "SeUnsolicitedInputPrivilege"
  201. SE_MACHINE_ACCOUNT_NAME = "SeMachineAccountPrivilege"
  202. SE_TCB_NAME = "SeTcbPrivilege"
  203. SE_SECURITY_NAME = "SeSecurityPrivilege"
  204. SE_TAKE_OWNERSHIP_NAME = "SeTakeOwnershipPrivilege"
  205. SE_LOAD_DRIVER_NAME = "SeLoadDriverPrivilege"
  206. SE_SYSTEM_PROFILE_NAME = "SeSystemProfilePrivilege"
  207. SE_SYSTEMTIME_NAME = "SeSystemtimePrivilege"
  208. SE_PROF_SINGLE_PROCESS_NAME = "SeProfileSingleProcessPrivilege"
  209. SE_INC_BASE_PRIORITY_NAME = "SeIncreaseBasePriorityPrivilege"
  210. SE_CREATE_PAGEFILE_NAME = "SeCreatePagefilePrivilege"
  211. SE_CREATE_PERMANENT_NAME = "SeCreatePermanentPrivilege"
  212. SE_BACKUP_NAME = "SeBackupPrivilege"
  213. SE_RESTORE_NAME = "SeRestorePrivilege"
  214. SE_SHUTDOWN_NAME = "SeShutdownPrivilege"
  215. SE_DEBUG_NAME = "SeDebugPrivilege"
  216. SE_AUDIT_NAME = "SeAuditPrivilege"
  217. SE_SYSTEM_ENVIRONMENT_NAME = "SeSystemEnvironmentPrivilege"
  218. SE_CHANGE_NOTIFY_NAME = "SeChangeNotifyPrivilege"
  219. SE_REMOTE_SHUTDOWN_NAME = "SeRemoteShutdownPrivilege"
  220. # Enum SECURITY_IMPERSONATION_LEVEL:
  221. SecurityAnonymous = 0
  222. SecurityIdentification = 1
  223. SecurityImpersonation = 2
  224. SecurityDelegation = 3
  225. SECURITY_MAX_IMPERSONATION_LEVEL = SecurityDelegation
  226. DEFAULT_IMPERSONATION_LEVEL = SecurityImpersonation
  227. TOKEN_ASSIGN_PRIMARY = 1
  228. TOKEN_DUPLICATE = 2
  229. TOKEN_IMPERSONATE = 4
  230. TOKEN_QUERY = 8
  231. TOKEN_QUERY_SOURCE = 16
  232. TOKEN_ADJUST_PRIVILEGES = 32
  233. TOKEN_ADJUST_GROUPS = 64
  234. TOKEN_ADJUST_DEFAULT = 128
  235. TOKEN_ALL_ACCESS = (
  236. STANDARD_RIGHTS_REQUIRED
  237. | TOKEN_ASSIGN_PRIMARY
  238. | TOKEN_DUPLICATE
  239. | TOKEN_IMPERSONATE
  240. | TOKEN_QUERY
  241. | TOKEN_QUERY_SOURCE
  242. | TOKEN_ADJUST_PRIVILEGES
  243. | TOKEN_ADJUST_GROUPS
  244. | TOKEN_ADJUST_DEFAULT
  245. )
  246. TOKEN_READ = STANDARD_RIGHTS_READ | TOKEN_QUERY
  247. TOKEN_WRITE = (
  248. STANDARD_RIGHTS_WRITE
  249. | TOKEN_ADJUST_PRIVILEGES
  250. | TOKEN_ADJUST_GROUPS
  251. | TOKEN_ADJUST_DEFAULT
  252. )
  253. TOKEN_EXECUTE = STANDARD_RIGHTS_EXECUTE
  254. SidTypeUser = 1
  255. SidTypeGroup = 2
  256. SidTypeDomain = 3
  257. SidTypeAlias = 4
  258. SidTypeWellKnownGroup = 5
  259. SidTypeDeletedAccount = 6
  260. SidTypeInvalid = 7
  261. SidTypeUnknown = 8
  262. SidTypeComputer = 9
  263. SidTypeLabel = 10
  264. # Token types
  265. TokenPrimary = 1
  266. TokenImpersonation = 2
  267. # TOKEN_INFORMATION_CLASS, used with Get/SetTokenInformation
  268. TokenUser = 1
  269. TokenGroups = 2
  270. TokenPrivileges = 3
  271. TokenOwner = 4
  272. TokenPrimaryGroup = 5
  273. TokenDefaultDacl = 6
  274. TokenSource = 7
  275. TokenType = 8
  276. TokenImpersonationLevel = 9
  277. TokenStatistics = 10
  278. TokenRestrictedSids = 11
  279. TokenSessionId = 12
  280. TokenGroupsAndPrivileges = 13
  281. TokenSessionReference = 14
  282. TokenSandBoxInert = 15
  283. TokenAuditPolicy = 16
  284. TokenOrigin = 17
  285. TokenElevationType = 18
  286. TokenLinkedToken = 19
  287. TokenElevation = 20
  288. TokenHasRestrictions = 21
  289. TokenAccessInformation = 22
  290. TokenVirtualizationAllowed = 23
  291. TokenVirtualizationEnabled = 24
  292. TokenIntegrityLevel = 25
  293. TokenUIAccess = 26
  294. TokenMandatoryPolicy = 27
  295. TokenLogonSid = 28
  296. # DirectoryService related constants.
  297. # Generated by h2py from NtDsAPI.h
  298. DS_BEHAVIOR_WIN2000 = 0
  299. DS_BEHAVIOR_WIN2003_WITH_MIXED_DOMAINS = 1
  300. DS_BEHAVIOR_WIN2003 = 2
  301. DS_SYNCED_EVENT_NAME = "NTDSInitialSyncsCompleted"
  302. ACTRL_DS_OPEN = 0x00000000
  303. ACTRL_DS_CREATE_CHILD = 0x00000001
  304. ACTRL_DS_DELETE_CHILD = 0x00000002
  305. ACTRL_DS_LIST = 0x00000004
  306. ACTRL_DS_SELF = 0x00000008
  307. ACTRL_DS_READ_PROP = 0x00000010
  308. ACTRL_DS_WRITE_PROP = 0x00000020
  309. ACTRL_DS_DELETE_TREE = 0x00000040
  310. ACTRL_DS_LIST_OBJECT = 0x00000080
  311. ACTRL_DS_CONTROL_ACCESS = 0x00000100
  312. NTDSAPI_BIND_ALLOW_DELEGATION = 0x00000001
  313. DS_REPSYNC_ASYNCHRONOUS_OPERATION = 0x00000001
  314. DS_REPSYNC_WRITEABLE = 0x00000002
  315. DS_REPSYNC_PERIODIC = 0x00000004
  316. DS_REPSYNC_INTERSITE_MESSAGING = 0x00000008
  317. DS_REPSYNC_ALL_SOURCES = 0x00000010
  318. DS_REPSYNC_FULL = 0x00000020
  319. DS_REPSYNC_URGENT = 0x00000040
  320. DS_REPSYNC_NO_DISCARD = 0x00000080
  321. DS_REPSYNC_FORCE = 0x00000100
  322. DS_REPSYNC_ADD_REFERENCE = 0x00000200
  323. DS_REPSYNC_NEVER_COMPLETED = 0x00000400
  324. DS_REPSYNC_TWO_WAY = 0x00000800
  325. DS_REPSYNC_NEVER_NOTIFY = 0x00001000
  326. DS_REPSYNC_INITIAL = 0x00002000
  327. DS_REPSYNC_USE_COMPRESSION = 0x00004000
  328. DS_REPSYNC_ABANDONED = 0x00008000
  329. DS_REPSYNC_INITIAL_IN_PROGRESS = 0x00010000
  330. DS_REPSYNC_PARTIAL_ATTRIBUTE_SET = 0x00020000
  331. DS_REPSYNC_REQUEUE = 0x00040000
  332. DS_REPSYNC_NOTIFICATION = 0x00080000
  333. DS_REPSYNC_ASYNCHRONOUS_REPLICA = 0x00100000
  334. DS_REPSYNC_CRITICAL = 0x00200000
  335. DS_REPSYNC_FULL_IN_PROGRESS = 0x00400000
  336. DS_REPSYNC_PREEMPTED = 0x00800000
  337. DS_REPADD_ASYNCHRONOUS_OPERATION = 0x00000001
  338. DS_REPADD_WRITEABLE = 0x00000002
  339. DS_REPADD_INITIAL = 0x00000004
  340. DS_REPADD_PERIODIC = 0x00000008
  341. DS_REPADD_INTERSITE_MESSAGING = 0x00000010
  342. DS_REPADD_ASYNCHRONOUS_REPLICA = 0x00000020
  343. DS_REPADD_DISABLE_NOTIFICATION = 0x00000040
  344. DS_REPADD_DISABLE_PERIODIC = 0x00000080
  345. DS_REPADD_USE_COMPRESSION = 0x00000100
  346. DS_REPADD_NEVER_NOTIFY = 0x00000200
  347. DS_REPADD_TWO_WAY = 0x00000400
  348. DS_REPADD_CRITICAL = 0x00000800
  349. DS_REPDEL_ASYNCHRONOUS_OPERATION = 0x00000001
  350. DS_REPDEL_WRITEABLE = 0x00000002
  351. DS_REPDEL_INTERSITE_MESSAGING = 0x00000004
  352. DS_REPDEL_IGNORE_ERRORS = 0x00000008
  353. DS_REPDEL_LOCAL_ONLY = 0x00000010
  354. DS_REPDEL_NO_SOURCE = 0x00000020
  355. DS_REPDEL_REF_OK = 0x00000040
  356. DS_REPMOD_ASYNCHRONOUS_OPERATION = 0x00000001
  357. DS_REPMOD_WRITEABLE = 0x00000002
  358. DS_REPMOD_UPDATE_FLAGS = 0x00000001
  359. DS_REPMOD_UPDATE_ADDRESS = 0x00000002
  360. DS_REPMOD_UPDATE_SCHEDULE = 0x00000004
  361. DS_REPMOD_UPDATE_RESULT = 0x00000008
  362. DS_REPMOD_UPDATE_TRANSPORT = 0x00000010
  363. DS_REPUPD_ASYNCHRONOUS_OPERATION = 0x00000001
  364. DS_REPUPD_WRITEABLE = 0x00000002
  365. DS_REPUPD_ADD_REFERENCE = 0x00000004
  366. DS_REPUPD_DELETE_REFERENCE = 0x00000008
  367. DS_INSTANCETYPE_IS_NC_HEAD = 0x00000001
  368. DS_INSTANCETYPE_NC_IS_WRITEABLE = 0x00000004
  369. DS_INSTANCETYPE_NC_COMING = 0x00000010
  370. DS_INSTANCETYPE_NC_GOING = 0x00000020
  371. NTDSDSA_OPT_IS_GC = 1 << 0
  372. NTDSDSA_OPT_DISABLE_INBOUND_REPL = 1 << 1
  373. NTDSDSA_OPT_DISABLE_OUTBOUND_REPL = 1 << 2
  374. NTDSDSA_OPT_DISABLE_NTDSCONN_XLATE = 1 << 3
  375. NTDSCONN_OPT_IS_GENERATED = 1 << 0
  376. NTDSCONN_OPT_TWOWAY_SYNC = 1 << 1
  377. NTDSCONN_OPT_OVERRIDE_NOTIFY_DEFAULT = 1 << 2
  378. NTDSCONN_OPT_USE_NOTIFY = 1 << 3
  379. NTDSCONN_OPT_DISABLE_INTERSITE_COMPRESSION = 1 << 4
  380. NTDSCONN_OPT_USER_OWNED_SCHEDULE = 1 << 5
  381. NTDSCONN_KCC_NO_REASON = 0
  382. NTDSCONN_KCC_GC_TOPOLOGY = 1 << 0
  383. NTDSCONN_KCC_RING_TOPOLOGY = 1 << 1
  384. NTDSCONN_KCC_MINIMIZE_HOPS_TOPOLOGY = 1 << 2
  385. NTDSCONN_KCC_STALE_SERVERS_TOPOLOGY = 1 << 3
  386. NTDSCONN_KCC_OSCILLATING_CONNECTION_TOPOLOGY = 1 << 4
  387. NTDSCONN_KCC_INTERSITE_GC_TOPOLOGY = 1 << 5
  388. NTDSCONN_KCC_INTERSITE_TOPOLOGY = 1 << 6
  389. NTDSCONN_KCC_SERVER_FAILOVER_TOPOLOGY = 1 << 7
  390. NTDSCONN_KCC_SITE_FAILOVER_TOPOLOGY = 1 << 8
  391. NTDSCONN_KCC_REDUNDANT_SERVER_TOPOLOGY = 1 << 9
  392. FRSCONN_PRIORITY_MASK = 0x70000000
  393. FRSCONN_MAX_PRIORITY = 0x8
  394. NTDSCONN_OPT_IGNORE_SCHEDULE_MASK = -2147483648
  395. NTDSSETTINGS_OPT_IS_AUTO_TOPOLOGY_DISABLED = 1 << 0
  396. NTDSSETTINGS_OPT_IS_TOPL_CLEANUP_DISABLED = 1 << 1
  397. NTDSSETTINGS_OPT_IS_TOPL_MIN_HOPS_DISABLED = 1 << 2
  398. NTDSSETTINGS_OPT_IS_TOPL_DETECT_STALE_DISABLED = 1 << 3
  399. NTDSSETTINGS_OPT_IS_INTER_SITE_AUTO_TOPOLOGY_DISABLED = 1 << 4
  400. NTDSSETTINGS_OPT_IS_GROUP_CACHING_ENABLED = 1 << 5
  401. NTDSSETTINGS_OPT_FORCE_KCC_WHISTLER_BEHAVIOR = 1 << 6
  402. NTDSSETTINGS_OPT_FORCE_KCC_W2K_ELECTION = 1 << 7
  403. NTDSSETTINGS_OPT_IS_RAND_BH_SELECTION_DISABLED = 1 << 8
  404. NTDSSETTINGS_OPT_IS_SCHEDULE_HASHING_ENABLED = 1 << 9
  405. NTDSSETTINGS_OPT_IS_REDUNDANT_SERVER_TOPOLOGY_ENABLED = 1 << 10
  406. NTDSSETTINGS_DEFAULT_SERVER_REDUNDANCY = 2
  407. NTDSTRANSPORT_OPT_IGNORE_SCHEDULES = 1 << 0
  408. NTDSTRANSPORT_OPT_BRIDGES_REQUIRED = 1 << 1
  409. NTDSSITECONN_OPT_USE_NOTIFY = 1 << 0
  410. NTDSSITECONN_OPT_TWOWAY_SYNC = 1 << 1
  411. NTDSSITECONN_OPT_DISABLE_COMPRESSION = 1 << 2
  412. NTDSSITELINK_OPT_USE_NOTIFY = 1 << 0
  413. NTDSSITELINK_OPT_TWOWAY_SYNC = 1 << 1
  414. NTDSSITELINK_OPT_DISABLE_COMPRESSION = 1 << 2
  415. GUID_USERS_CONTAINER_A = "a9d1ca15768811d1aded00c04fd8d5cd"
  416. GUID_COMPUTRS_CONTAINER_A = "aa312825768811d1aded00c04fd8d5cd"
  417. GUID_SYSTEMS_CONTAINER_A = "ab1d30f3768811d1aded00c04fd8d5cd"
  418. GUID_DOMAIN_CONTROLLERS_CONTAINER_A = "a361b2ffffd211d1aa4b00c04fd7d83a"
  419. GUID_INFRASTRUCTURE_CONTAINER_A = "2fbac1870ade11d297c400c04fd8d5cd"
  420. GUID_DELETED_OBJECTS_CONTAINER_A = "18e2ea80684f11d2b9aa00c04f79f805"
  421. GUID_LOSTANDFOUND_CONTAINER_A = "ab8153b7768811d1aded00c04fd8d5cd"
  422. GUID_FOREIGNSECURITYPRINCIPALS_CONTAINER_A = "22b70c67d56e4efb91e9300fca3dc1aa"
  423. GUID_PROGRAM_DATA_CONTAINER_A = "09460c08ae1e4a4ea0f64aee7daa1e5a"
  424. GUID_MICROSOFT_PROGRAM_DATA_CONTAINER_A = "f4be92a4c777485e878e9421d53087db"
  425. GUID_NTDS_QUOTAS_CONTAINER_A = "6227f0af1fc2410d8e3bb10615bb5b0f"
  426. GUID_USERS_CONTAINER_BYTE = (
  427. "\xa9\xd1\xca\x15\x76\x88\x11\xd1\xad\xed\x00\xc0\x4f\xd8\xd5\xcd"
  428. )
  429. GUID_COMPUTRS_CONTAINER_BYTE = (
  430. "\xaa\x31\x28\x25\x76\x88\x11\xd1\xad\xed\x00\xc0\x4f\xd8\xd5\xcd"
  431. )
  432. GUID_SYSTEMS_CONTAINER_BYTE = (
  433. "\xab\x1d\x30\xf3\x76\x88\x11\xd1\xad\xed\x00\xc0\x4f\xd8\xd5\xcd"
  434. )
  435. GUID_DOMAIN_CONTROLLERS_CONTAINER_BYTE = (
  436. "\xa3\x61\xb2\xff\xff\xd2\x11\xd1\xaa\x4b\x00\xc0\x4f\xd7\xd8\x3a"
  437. )
  438. GUID_INFRASTRUCTURE_CONTAINER_BYTE = (
  439. "\x2f\xba\xc1\x87\x0a\xde\x11\xd2\x97\xc4\x00\xc0\x4f\xd8\xd5\xcd"
  440. )
  441. GUID_DELETED_OBJECTS_CONTAINER_BYTE = (
  442. "\x18\xe2\xea\x80\x68\x4f\x11\xd2\xb9\xaa\x00\xc0\x4f\x79\xf8\x05"
  443. )
  444. GUID_LOSTANDFOUND_CONTAINER_BYTE = (
  445. "\xab\x81\x53\xb7\x76\x88\x11\xd1\xad\xed\x00\xc0\x4f\xd8\xd5\xcd"
  446. )
  447. GUID_FOREIGNSECURITYPRINCIPALS_CONTAINER_BYTE = (
  448. "\x22\xb7\x0c\x67\xd5\x6e\x4e\xfb\x91\xe9\x30\x0f\xca\x3d\xc1\xaa"
  449. )
  450. GUID_PROGRAM_DATA_CONTAINER_BYTE = (
  451. "\x09\x46\x0c\x08\xae\x1e\x4a\x4e\xa0\xf6\x4a\xee\x7d\xaa\x1e\x5a"
  452. )
  453. GUID_MICROSOFT_PROGRAM_DATA_CONTAINER_BYTE = (
  454. "\xf4\xbe\x92\xa4\xc7\x77\x48\x5e\x87\x8e\x94\x21\xd5\x30\x87\xdb"
  455. )
  456. GUID_NTDS_QUOTAS_CONTAINER_BYTE = (
  457. "\x62\x27\xf0\xaf\x1f\xc2\x41\x0d\x8e\x3b\xb1\x06\x15\xbb\x5b\x0f"
  458. )
  459. DS_REPSYNCALL_NO_OPTIONS = 0x00000000
  460. DS_REPSYNCALL_ABORT_IF_SERVER_UNAVAILABLE = 0x00000001
  461. DS_REPSYNCALL_SYNC_ADJACENT_SERVERS_ONLY = 0x00000002
  462. DS_REPSYNCALL_ID_SERVERS_BY_DN = 0x00000004
  463. DS_REPSYNCALL_DO_NOT_SYNC = 0x00000008
  464. DS_REPSYNCALL_SKIP_INITIAL_CHECK = 0x00000010
  465. DS_REPSYNCALL_PUSH_CHANGES_OUTWARD = 0x00000020
  466. DS_REPSYNCALL_CROSS_SITE_BOUNDARIES = 0x00000040
  467. DS_LIST_DSA_OBJECT_FOR_SERVER = 0
  468. DS_LIST_DNS_HOST_NAME_FOR_SERVER = 1
  469. DS_LIST_ACCOUNT_OBJECT_FOR_SERVER = 2
  470. DS_ROLE_SCHEMA_OWNER = 0
  471. DS_ROLE_DOMAIN_OWNER = 1
  472. DS_ROLE_PDC_OWNER = 2
  473. DS_ROLE_RID_OWNER = 3
  474. DS_ROLE_INFRASTRUCTURE_OWNER = 4
  475. DS_SCHEMA_GUID_NOT_FOUND = 0
  476. DS_SCHEMA_GUID_ATTR = 1
  477. DS_SCHEMA_GUID_ATTR_SET = 2
  478. DS_SCHEMA_GUID_CLASS = 3
  479. DS_SCHEMA_GUID_CONTROL_RIGHT = 4
  480. DS_KCC_FLAG_ASYNC_OP = 1 << 0
  481. DS_KCC_FLAG_DAMPED = 1 << 1
  482. DS_EXIST_ADVISORY_MODE = 0x1
  483. DS_REPL_INFO_FLAG_IMPROVE_LINKED_ATTRS = 0x00000001
  484. DS_REPL_NBR_WRITEABLE = 0x00000010
  485. DS_REPL_NBR_SYNC_ON_STARTUP = 0x00000020
  486. DS_REPL_NBR_DO_SCHEDULED_SYNCS = 0x00000040
  487. DS_REPL_NBR_USE_ASYNC_INTERSITE_TRANSPORT = 0x00000080
  488. DS_REPL_NBR_TWO_WAY_SYNC = 0x00000200
  489. DS_REPL_NBR_RETURN_OBJECT_PARENTS = 0x00000800
  490. DS_REPL_NBR_FULL_SYNC_IN_PROGRESS = 0x00010000
  491. DS_REPL_NBR_FULL_SYNC_NEXT_PACKET = 0x00020000
  492. DS_REPL_NBR_NEVER_SYNCED = 0x00200000
  493. DS_REPL_NBR_PREEMPTED = 0x01000000
  494. DS_REPL_NBR_IGNORE_CHANGE_NOTIFICATIONS = 0x04000000
  495. DS_REPL_NBR_DISABLE_SCHEDULED_SYNC = 0x08000000
  496. DS_REPL_NBR_COMPRESS_CHANGES = 0x10000000
  497. DS_REPL_NBR_NO_CHANGE_NOTIFICATIONS = 0x20000000
  498. DS_REPL_NBR_PARTIAL_ATTRIBUTE_SET = 0x40000000
  499. DS_REPL_NBR_MODIFIABLE_MASK = (
  500. DS_REPL_NBR_SYNC_ON_STARTUP
  501. | DS_REPL_NBR_DO_SCHEDULED_SYNCS
  502. | DS_REPL_NBR_TWO_WAY_SYNC
  503. | DS_REPL_NBR_IGNORE_CHANGE_NOTIFICATIONS
  504. | DS_REPL_NBR_DISABLE_SCHEDULED_SYNC
  505. | DS_REPL_NBR_COMPRESS_CHANGES
  506. | DS_REPL_NBR_NO_CHANGE_NOTIFICATIONS
  507. )
  508. # from enum DS_NAME_FORMAT
  509. DS_UNKNOWN_NAME = 0
  510. DS_FQDN_1779_NAME = 1
  511. DS_NT4_ACCOUNT_NAME = 2
  512. DS_DISPLAY_NAME = 3
  513. DS_UNIQUE_ID_NAME = 6
  514. DS_CANONICAL_NAME = 7
  515. DS_USER_PRINCIPAL_NAME = 8
  516. DS_CANONICAL_NAME_EX = 9
  517. DS_SERVICE_PRINCIPAL_NAME = 10
  518. DS_SID_OR_SID_HISTORY_NAME = 11
  519. DS_DNS_DOMAIN_NAME = 12
  520. DS_DOMAIN_SIMPLE_NAME = DS_USER_PRINCIPAL_NAME
  521. DS_ENTERPRISE_SIMPLE_NAME = DS_USER_PRINCIPAL_NAME
  522. # from enum DS_NAME_FLAGS
  523. DS_NAME_NO_FLAGS = 0x0
  524. DS_NAME_FLAG_SYNTACTICAL_ONLY = 0x1
  525. DS_NAME_FLAG_EVAL_AT_DC = 0x2
  526. DS_NAME_FLAG_GCVERIFY = 0x4
  527. DS_NAME_FLAG_TRUST_REFERRAL = 0x8
  528. # from enum DS_NAME_ERROR
  529. DS_NAME_NO_ERROR = 0
  530. DS_NAME_ERROR_RESOLVING = 1
  531. DS_NAME_ERROR_NOT_FOUND = 2
  532. DS_NAME_ERROR_NOT_UNIQUE = 3
  533. DS_NAME_ERROR_NO_MAPPING = 4
  534. DS_NAME_ERROR_DOMAIN_ONLY = 5
  535. DS_NAME_ERROR_NO_SYNTACTICAL_MAPPING = 6
  536. DS_NAME_ERROR_TRUST_REFERRAL = 7
  537. # from enum DS_SPN_NAME_TYPE
  538. DS_SPN_DNS_HOST = 0
  539. DS_SPN_DN_HOST = 1
  540. DS_SPN_NB_HOST = 2
  541. DS_SPN_DOMAIN = 3
  542. DS_SPN_NB_DOMAIN = 4
  543. DS_SPN_SERVICE = 5
  544. # from enum DS_SPN_WRITE_OP
  545. DS_SPN_ADD_SPN_OP = 0
  546. DS_SPN_REPLACE_SPN_OP = 1
  547. DS_SPN_DELETE_SPN_OP = 2
  548. # Generated by h2py from DsGetDC.h
  549. DS_FORCE_REDISCOVERY = 0x00000001
  550. DS_DIRECTORY_SERVICE_REQUIRED = 0x00000010
  551. DS_DIRECTORY_SERVICE_PREFERRED = 0x00000020
  552. DS_GC_SERVER_REQUIRED = 0x00000040
  553. DS_PDC_REQUIRED = 0x00000080
  554. DS_BACKGROUND_ONLY = 0x00000100
  555. DS_IP_REQUIRED = 0x00000200
  556. DS_KDC_REQUIRED = 0x00000400
  557. DS_TIMESERV_REQUIRED = 0x00000800
  558. DS_WRITABLE_REQUIRED = 0x00001000
  559. DS_GOOD_TIMESERV_PREFERRED = 0x00002000
  560. DS_AVOID_SELF = 0x00004000
  561. DS_ONLY_LDAP_NEEDED = 0x00008000
  562. DS_IS_FLAT_NAME = 0x00010000
  563. DS_IS_DNS_NAME = 0x00020000
  564. DS_RETURN_DNS_NAME = 0x40000000
  565. DS_RETURN_FLAT_NAME = -2147483648
  566. DSGETDC_VALID_FLAGS = (
  567. DS_FORCE_REDISCOVERY
  568. | DS_DIRECTORY_SERVICE_REQUIRED
  569. | DS_DIRECTORY_SERVICE_PREFERRED
  570. | DS_GC_SERVER_REQUIRED
  571. | DS_PDC_REQUIRED
  572. | DS_BACKGROUND_ONLY
  573. | DS_IP_REQUIRED
  574. | DS_KDC_REQUIRED
  575. | DS_TIMESERV_REQUIRED
  576. | DS_WRITABLE_REQUIRED
  577. | DS_GOOD_TIMESERV_PREFERRED
  578. | DS_AVOID_SELF
  579. | DS_ONLY_LDAP_NEEDED
  580. | DS_IS_FLAT_NAME
  581. | DS_IS_DNS_NAME
  582. | DS_RETURN_FLAT_NAME
  583. | DS_RETURN_DNS_NAME
  584. )
  585. DS_INET_ADDRESS = 1
  586. DS_NETBIOS_ADDRESS = 2
  587. DS_PDC_FLAG = 0x00000001
  588. DS_GC_FLAG = 0x00000004
  589. DS_LDAP_FLAG = 0x00000008
  590. DS_DS_FLAG = 0x00000010
  591. DS_KDC_FLAG = 0x00000020
  592. DS_TIMESERV_FLAG = 0x00000040
  593. DS_CLOSEST_FLAG = 0x00000080
  594. DS_WRITABLE_FLAG = 0x00000100
  595. DS_GOOD_TIMESERV_FLAG = 0x00000200
  596. DS_NDNC_FLAG = 0x00000400
  597. DS_PING_FLAGS = 0x0000FFFF
  598. DS_DNS_CONTROLLER_FLAG = 0x20000000
  599. DS_DNS_DOMAIN_FLAG = 0x40000000
  600. DS_DNS_FOREST_FLAG = -2147483648
  601. DS_DOMAIN_IN_FOREST = 0x0001
  602. DS_DOMAIN_DIRECT_OUTBOUND = 0x0002
  603. DS_DOMAIN_TREE_ROOT = 0x0004
  604. DS_DOMAIN_PRIMARY = 0x0008
  605. DS_DOMAIN_NATIVE_MODE = 0x0010
  606. DS_DOMAIN_DIRECT_INBOUND = 0x0020
  607. DS_DOMAIN_VALID_FLAGS = (
  608. DS_DOMAIN_IN_FOREST
  609. | DS_DOMAIN_DIRECT_OUTBOUND
  610. | DS_DOMAIN_TREE_ROOT
  611. | DS_DOMAIN_PRIMARY
  612. | DS_DOMAIN_NATIVE_MODE
  613. | DS_DOMAIN_DIRECT_INBOUND
  614. )
  615. DS_GFTI_UPDATE_TDO = 0x1
  616. DS_GFTI_VALID_FLAGS = 0x1
  617. DS_ONLY_DO_SITE_NAME = 0x01
  618. DS_NOTIFY_AFTER_SITE_RECORDS = 0x02
  619. DS_OPEN_VALID_OPTION_FLAGS = DS_ONLY_DO_SITE_NAME | DS_NOTIFY_AFTER_SITE_RECORDS
  620. DS_OPEN_VALID_FLAGS = (
  621. DS_FORCE_REDISCOVERY
  622. | DS_ONLY_LDAP_NEEDED
  623. | DS_KDC_REQUIRED
  624. | DS_PDC_REQUIRED
  625. | DS_GC_SERVER_REQUIRED
  626. | DS_WRITABLE_REQUIRED
  627. )
  628. ## from aclui.h
  629. # SI_OBJECT_INFO.dwFlags
  630. SI_EDIT_PERMS = 0x00000000
  631. SI_EDIT_OWNER = 0x00000001
  632. SI_EDIT_AUDITS = 0x00000002
  633. SI_CONTAINER = 0x00000004
  634. SI_READONLY = 0x00000008
  635. SI_ADVANCED = 0x00000010
  636. SI_RESET = 0x00000020
  637. SI_OWNER_READONLY = 0x00000040
  638. SI_EDIT_PROPERTIES = 0x00000080
  639. SI_OWNER_RECURSE = 0x00000100
  640. SI_NO_ACL_PROTECT = 0x00000200
  641. SI_NO_TREE_APPLY = 0x00000400
  642. SI_PAGE_TITLE = 0x00000800
  643. SI_SERVER_IS_DC = 0x00001000
  644. SI_RESET_DACL_TREE = 0x00004000
  645. SI_RESET_SACL_TREE = 0x00008000
  646. SI_OBJECT_GUID = 0x00010000
  647. SI_EDIT_EFFECTIVE = 0x00020000
  648. SI_RESET_DACL = 0x00040000
  649. SI_RESET_SACL = 0x00080000
  650. SI_RESET_OWNER = 0x00100000
  651. SI_NO_ADDITIONAL_PERMISSION = 0x00200000
  652. SI_MAY_WRITE = 0x10000000
  653. SI_EDIT_ALL = SI_EDIT_PERMS | SI_EDIT_OWNER | SI_EDIT_AUDITS
  654. SI_AUDITS_ELEVATION_REQUIRED = 0x02000000
  655. SI_VIEW_ONLY = 0x00400000
  656. SI_OWNER_ELEVATION_REQUIRED = 0x04000000
  657. SI_PERMS_ELEVATION_REQUIRED = 0x01000000
  658. # SI_ACCESS.dwFlags
  659. SI_ACCESS_SPECIFIC = 0x00010000
  660. SI_ACCESS_GENERAL = 0x00020000
  661. SI_ACCESS_CONTAINER = 0x00040000
  662. SI_ACCESS_PROPERTY = 0x00080000
  663. # SI_PAGE_TYPE enum
  664. SI_PAGE_PERM = 0
  665. SI_PAGE_ADVPERM = 1
  666. SI_PAGE_AUDIT = 2
  667. SI_PAGE_OWNER = 3
  668. SI_PAGE_EFFECTIVE = 4
  669. CFSTR_ACLUI_SID_INFO_LIST = "CFSTR_ACLUI_SID_INFO_LIST"
  670. PSPCB_SI_INITDIALOG = 1025 ## WM_USER+1