home » fred » hoople » source » lib_src » library » security

nt_security.h

Go to the documentation of this file.
00001 #ifndef NT_SECURITY_CLASS
00002 #define NT_SECURITY_CLASS
00003 
00004 /*****************************************************************************\
00005 *                                                                             *
00006 *  Name   : nt_security                                                       *
00007 *  Author : Sue Richeson                                                      *
00008 *  Author : Chris Koeritz                                                     *
00009 *                                                                             *
00010 *  Purpose:                                                                   *
00011 *                                                                             *
00012 *    Provides a Win32 oracle for security questions.                          *
00013 *                                                                             *
00014 *******************************************************************************
00015 * Copyright (c) 1999-$now By Author.  This program is free software; you can  *
00016 * redistribute it and/or modify it under the terms of the GNU General Public  *
00017 * License as published by the Free Software Foundation; either version 2 of   *
00018 * the License or (at your option) any later version.  This is online at:      *
00019 *     http://www.fsf.org/copyleft/gpl.html                                    *
00020 * Please send any updates to: fred@gruntose.com                               *
00021 \*****************************************************************************/
00022 
00023 #ifdef __WIN32__
00024 
00025 #include "dll_security.h"
00026 
00027 #include <basis/convert_utf.h>
00028 #include <basis/portable.h>
00029 
00030 #include <Ntsecapi.h>
00031 
00032 // Forward class declarations
00033 class istring;
00034 
00035 class SECURITY_CLASS_STYLE nt_security  
00036 {
00037 public:
00038   nt_security();
00039   virtual ~nt_security();
00040 
00041   bool GetUserAndDomainName(istring &UserName, istring &DomainName);
00042     // This function is NT-specific.  It returns the user account name and
00043     // domain name of the currently logged in user on the machine on which
00044     // this class is executing.
00045 
00046   istring DomainBinding(const istring &domain);
00047     // This method will constsruct a distinguished name for the domain received.
00048   istring DomainUserBinding(const istring &domain, const istring &user_name);
00049     // This method will construct a distinguished name based on the domain and 
00050     // user name received.
00051 
00052 
00053   DWORD SetPrivilegeOnUser(const istring &domain, const istring &user,
00054           const istring &privilege, bool bEnable);
00055     // Sets or disables the privilege for the user in the given domain.
00056     // Can also be used to set the privilege on a group in the given domain.
00057     // Returns 0 if successful.  Returns Win32 error code if it fails.
00058     // Domain - can be blank, in which case the local machine is assumed; can be a machine
00059     //   name or a network domain name (although, having privilege to change a 
00060     //   priv in a network domain is highly unlikely and will probably result in 
00061     //   failure, false, return of this method). Ex:  "Legolas",  "Buildotron"
00062     // User - the account name for which to change the privilege.  It can include the 
00063     //   domain also.  Example user names:  "Fred", "Legolas/Bubba", "Buildotron/swbuld"
00064     //   Can also be a group name.  Examples:  "Administrators", "Legolas/Users"
00065     // privilege - name of the privilege to be enable/disabled.
00066     //   For a list of privilges, consult winnt.h, and search for SE_ASSIGNPRIMARYTOKEN_NAME.
00067     //   For a list of logon rights consult ntsecapi.h, and search for SE_BATCH_LOGON_NAME.
00068     // bEnable - true to enable the privilege; false to disable the privilege
00069 
00070 protected:
00071 
00072   PSID GetUserSID(const istring &user_name);
00073     // Retrieves the security descriptor (SID) for "user_name".
00074     // PSID is NULL if the method fails.
00075 
00076   DWORD OpenPolicy(const istring &serverName, DWORD DesiredAccess,
00077           PLSA_HANDLE pPolicyHandle);
00078     // Open the LSA policy on the given machine.
00079     // Returns 0 if successful.  Returns Win32 error code if it fails.
00080 
00081   void ClosePolicy(PLSA_HANDLE policyHandle);
00082     // Close the given LSA policy handle.
00083 
00084   DWORD SetPrivilegeOnAccount(LSA_HANDLE PolicyHandle,    // open policy handle
00085       PSID AccountSid,              // SID to grant privilege to
00086       const istring &PrivilegeName, // privilege to grant
00087       bool bEnable);                // enable or disable
00088     // Enable or disable the stated privilege on the given account.
00089     // Returns 0 if successful.  Returns Win32 error code if it fails.
00090     // PolicyHandle - must already have been opened prior to calling this method.
00091     // AccountSid - must already have been obtained prior to calling this method.
00092     // PrivilegeName - must be a valid security privilege name (case sensitive)
00093     //      For a list of privilges, consult winnt.h, and search for SE_ASSIGNPRIMARYTOKEN_NAME.
00094     //      For a list of logon rights consult ntsecapi.h, and search for SE_BATCH_LOGON_NAME.
00095     // bEnable - true to enable the privilege; false to disable the privilege
00096 
00097 private:
00098   istring *m_sDirServiceProvider;  
00099 };
00100 
00101 #endif
00102 
00103 #endif
00104
Generated on Fri Nov 28 04:29:31 2008 for HOOPLE Libraries by  doxygen 1.5.1