Export (0) Print
Expand All

9 Index

A

Abstract data model

client

server

Access - default

Access checks

Active Directory in DC configuration

standard handle-based

ACCESS_SYSTEM_SECURITY

Accounts - default

ACTRL_DS_CONTROL_ACCESS

ACTRL_DS_DELETE_TREE

ACTRL_DS_LIST

ACTRL_DS_READ_PROP

ACTRL_DS_WRITE_PROP

Algorithms

DES-ECB-LM

Kerberos encryption

Alias

creating

fields

query/set data types

ALIAS_ADD_MEMBER

ALIAS_ALL_ACCESS

ALIAS_EXECUTE

ALIAS_INFORMATION_CLASS enumeration

ALIAS_LIST_MEMBERS

ALIAS_READ

ALIAS_READ_INFORMATION

ALIAS_REMOVE_MEMBER

ALIAS_WRITE

ALIAS_WRITE_ACCOUNT

Applicability

Attributes

constraints

listing

password settings

triggers for originating updates

B

Basic data types

C

Capability negotiation

Change password pattern

Change tracking

Classes - object class list

Client

abstract data model

initialization

local events

message processing

security model

sequencing rules

timer events

timers

Constant value definitions

Constraints - attributes

Create pattern

Creating user account example

Credentials structures - supplemental

D

Data model

abstract

client

server

SamContextHandle

Data types

alias query/set

basic

constant value definitions

domain query/set

group query/set

protocol-specific types

SamrValidatePassword

selective enumerate associated structures

supplemental credentials structures

user query/set

Default access

Default accounts

DELETE

Delete pattern

Directory service schema elements

Domain

fields

query/set data types

DOMAIN_ADMINISTER_SERVER

DOMAIN_ALIAS_RID_ADMINS

DOMAIN_ALL_ACCESS

DOMAIN_CREATE_ALIAS

DOMAIN_CREATE_GROUP

DOMAIN_CREATE_USER

DOMAIN_DISPLAY_INFORMATION enumeration

DOMAIN_EXECUTE

DOMAIN_GET_ALIAS_MEMBERSHIP

DOMAIN_GROUP_RID_COMPUTERS

DOMAIN_GROUP_RID_CONTROLLERS

DOMAIN_GROUP_RID_READONLY_CONTROLLERS

DOMAIN_GROUP_RID_USERS

DOMAIN_INFORMATION_CLASS enumeration

DOMAIN_LIST_ACCOUNTS

DOMAIN_LOGOFF_INFORMATION structure

DOMAIN_LOOKUP

DOMAIN_MODIFIED_INFORMATION structure

DOMAIN_MODIFIED_INFORMATION2 structure

DOMAIN_PASSWORD_INFORMATION structure

DOMAIN_READ

DOMAIN_READ_OTHER_PARAMETERS

DOMAIN_READ_PASSWORD_PARAMETERS

DOMAIN_SERVER_ENABLE_STATE enumeration

DOMAIN_SERVER_ROLE enumeration

DOMAIN_SERVER_ROLE_INFORMATION structure

DOMAIN_STATE_INFORMATION structure

DOMAIN_USER_RID_ADMIN

DOMAIN_USER_RID_GUEST

DOMAIN_USER_RID_KRBTGT

DOMAIN_WRITE

DOMAIN_WRITE_OTHER_PARAMETERS

DOMAIN_WRITE_PASSWORD_PARAMS

E

Elements - directory service schema

Enabling user account example

ENCRYPTED_LM_OWF_PASSWORD structure

ENCRYPTED_NT_OWF_PASSWORD

Encrypting NT or LM hash example

Enumerate pattern

Examples

creating user account example

enabling user account example

encrypting NT or LM hash

F

Fields

alias

domain

group

selective enumerate

user

vendor-extensible

Full IDL

G

GENERIC_ALL

GENERIC_EXECUTE

GENERIC_READ

GENERIC_WRITE

Glossary

Group

creating

fields

query/set data types

GROUP_ADD_MEMBER

GROUP_ALL_ACCESS

GROUP_ATTRIBUTE_INFORMATION structure

GROUP_EXECUTE

GROUP_INFORMATION_CLASS enumeration

GROUP_LIST_MEMBERS

GROUP_MEMBERSHIP structure

GROUP_READ

GROUP_READ_INFORMATION

GROUP_REMOVE_MEMBER

GROUP_TYPE_ACCOUNT_GROUP

GROUP_TYPE_RESOURCE_GROUP

GROUP_TYPE_SECURITY_ACCOUNT

GROUP_TYPE_SECURITY_ENABLED

GROUP_TYPE_SECURITY_RESOURCE

GROUP_TYPE_SECURITY_UNIVERSAL

GROUP_TYPE_UNIVERSAL_GROUP

GROUP_WRITE

GROUP_WRITE_ACCOUNT

H

Handle-based access checks

Handling strings

I

IDL

Implementer - security considerations

Index of security parameters

Information levels - methods

Informative references

Initialization

client

server

Introduction

K

KERB_KEY_DATA packet

KERB_KEY_DATA_NEW packet

KERB_STORED_CREDENTIAL packet

KERB_STORED_CREDENTIAL_NEW packet

Kerberos encryption algorithm identifiers

L

Listing attributes

LM hash - encrypting - example

Local events

client

server

domain join processing

domain unjoin processing

Lookup pattern

M

Matching strings

MAXIMUM_ALLOWED

MD5 usage

Membership pattern

Membership-of pattern

Message processing

client

server

supplemental - server

Messages

data types

transport

Method-based perspective

Methods

information levels

overview

versioning

Miscellaneous patterns

N

Normative references

NT hash - encrypting - example

O

Object class list

Object-based perspective

OLD_LARGE_INTEGER structure

Open pattern

Overview (synopsis)

P

Parameter index - security

Password settings - attributes

PASSWORD_POLICY_VALIDATION_TYPE enumeration

Pattern

change password

create

delete

enumerate

lookup

membership

membership-of

miscellaneous

open

query

security

selective enumerate

set

PDOMAIN_LOGOFF_INFORMATION

PDOMAIN_MODIFIED_INFORMATION

PDOMAIN_MODIFIED_INFORMATION2

PDOMAIN_PASSWORD_INFORMATION

PDOMAIN_SERVER_ROLE_INFORMATION

PDOMAIN_STATE_INFORMATION

PENCRYPTED_LM_OWF_PASSWORD

PENCRYPTED_NT_OWF_PASSWORD

PGROUP_ATTRIBUTE_INFORMATION

PGROUP_MEMBERSHIP

POLD_LARGE_INTEGER

Preconditions

Prerequisites

Processing for group and alias creation

Product behavior

Protocol-specific data types

PRPC_SHORT_BLOB

PRPC_STRING

PSAM_VALIDATE_AUTHENTICATION_INPUT_ARG

PSAM_VALIDATE_PASSWORD_CHANGE_INPUT_ARG

PSAM_VALIDATE_PASSWORD_HASH

PSAM_VALIDATE_PASSWORD_RESET_INPUT_ARG

PSAM_VALIDATE_PERSISTED_FIELDS

PSAM_VALIDATE_STANDARD_OUTPUT_ARG

PSAMPR_ALIAS_ADM_COMMENT_INFORMATION

PSAMPR_ALIAS_GENERAL_INFORMATION

PSAMPR_ALIAS_NAME_INFORMATION

PSAMPR_DOMAIN_DISPLAY_GROUP

PSAMPR_DOMAIN_DISPLAY_GROUP_BUFFER

PSAMPR_DOMAIN_DISPLAY_MACHINE

PSAMPR_DOMAIN_DISPLAY_MACHINE_BUFFER

PSAMPR_DOMAIN_DISPLAY_OEM_GROUP

PSAMPR_DOMAIN_DISPLAY_OEM_GROUP_BUFFER

PSAMPR_DOMAIN_DISPLAY_OEM_USER

PSAMPR_DOMAIN_DISPLAY_OEM_USER_BUFFER

PSAMPR_DOMAIN_DISPLAY_USER

PSAMPR_DOMAIN_DISPLAY_USER_BUFFER

PSAMPR_DOMAIN_GENERAL_INFORMATION

PSAMPR_DOMAIN_GENERAL_INFORMATION2

PSAMPR_DOMAIN_LOCKOUT_INFORMATION

PSAMPR_DOMAIN_NAME_INFORMATION

PSAMPR_DOMAIN_OEM_INFORMATION

PSAMPR_DOMAIN_REPLICATION_INFORMATION

PSAMPR_ENCRYPTED_USER_PASSWORD

PSAMPR_ENCRYPTED_USER_PASSWORD_NEW

PSAMPR_ENUMERATION_BUFFER

PSAMPR_GET_GROUPS_BUFFER

PSAMPR_GET_MEMBERS_BUFFER

PSAMPR_GROUP_ADM_COMMENT_INFORMATION

PSAMPR_GROUP_GENERAL_INFORMATION

PSAMPR_GROUP_NAME_INFORMATION

PSAMPR_LOGON_HOURS

PSAMPR_PSID_ARRAY

PSAMPR_PSID_ARRAY_OUT

PSAMPR_RETURNED_USTRING_ARRAY

PSAMPR_REVISION_INFO_V1

PSAMPR_RID_ENUMERATION

PSAMPR_SID_INFORMATION

PSAMPR_SR_SECURITY_DESCRIPTOR

PSAMPR_ULONG_ARRAY

PSAMPR_USER_A_NAME_INFORMATION

PSAMPR_USER_ACCOUNT_INFORMATION

PSAMPR_USER_ADMIN_COMMENT_INFORMATION

PSAMPR_USER_ALL_INFORMATION

PSAMPR_USER_F_NAME_INFORMATION

PSAMPR_USER_GENERAL_INFORMATION

PSAMPR_USER_HOME_INFORMATION

PSAMPR_USER_INTERNAL1_INFORMATION

PSAMPR_USER_INTERNAL4_INFORMATION

PSAMPR_USER_INTERNAL4_INFORMATION_NEW

PSAMPR_USER_INTERNAL5_INFORMATION

PSAMPR_USER_INTERNAL5_INFORMATION_NEW

PSAMPR_USER_LOGON_HOURS_INFORMATION

PSAMPR_USER_LOGON_INFORMATION

PSAMPR_USER_NAME_INFORMATION

PSAMPR_USER_PARAMETERS_INFORMATION

PSAMPR_USER_PREFERENCES_INFORMATION

PSAMPR_USER_PROFILE_INFORMATION

PSAMPR_USER_SCRIPT_INFORMATION

PSAMPR_USER_WORKSTATIONS_INFORMATION

PUSER_CONTROL_INFORMATION

PUSER_DOMAIN_PASSWORD_INFORMATION

PUSER_EXPIRES_INFORMATION

PUSER_PRIMARY_GROUP_INFORMATION

Q

Query pattern

R

RC4 cipher usage

READ_CONTROL

References

informative

normative

Relationship to other protocols

RPC_S_PROCNUM_OUT_OF_RANGE

RPC_SHORT_BLOB structure

RPC_STRING structure

S

SAM_ALIAS_OBJECT

SAM_APP_BASIC_GROUP

SAM_APP_QUERY_GROUP

SAM_DOMAIN_OBJECT

SAM_GROUP_OBJECT

SAM_MACHINE_ACCOUNT

SAM_NON_SECURITY_ALIAS_OBJECT

SAM_NON_SECURITY_GROUP_OBJECT

SAM_SERVER_ALL_ACCESS

SAM_SERVER_CONNECT

SAM_SERVER_CREATE_DOMAIN

SAM_SERVER_ENUMERATE_DOMAINS

SAM_SERVER_EXECUTE

SAM_SERVER_INITIALIZE

SAM_SERVER_LOOKUP_DOMAIN

SAM_SERVER_READ

SAM_SERVER_SHUTDOWN

SAM_SERVER_WRITE

SAM_TRUST_ACCOUNT

SAM_USER_OBJECT

SAM_VALIDATE_AUTHENTICATION_INPUT_ARG structure

SAM_VALIDATE_PASSWORD_CHANGE_INPUT_ARG structure

SAM_VALIDATE_PASSWORD_HASH structure

SAM_VALIDATE_PASSWORD_RESET_INPUT_ARG structure

SAM_VALIDATE_PERSISTED_FIELDS structure

SAM_VALIDATE_STANDARD_OUTPUT_ARG structure

SAM_VALIDATE_VALIDATION_STATUS enumeration

SamContextHandle data model

SAMPR_ALIAS_ADM_COMMENT_INFORMATION structure

SAMPR_ALIAS_GENERAL_INFORMATION structure

SAMPR_ALIAS_NAME_INFORMATION structure

SAMPR_DOMAIN_DISPLAY_GROUP structure

SAMPR_DOMAIN_DISPLAY_GROUP_BUFFER structure

SAMPR_DOMAIN_DISPLAY_MACHINE structure

SAMPR_DOMAIN_DISPLAY_MACHINE_BUFFER structure

SAMPR_DOMAIN_DISPLAY_OEM_GROUP structure

SAMPR_DOMAIN_DISPLAY_OEM_GROUP_BUFFER structure

SAMPR_DOMAIN_DISPLAY_OEM_USER structure

SAMPR_DOMAIN_DISPLAY_OEM_USER_BUFFER structure

SAMPR_DOMAIN_DISPLAY_USER structure

SAMPR_DOMAIN_DISPLAY_USER_BUFFER structure

SAMPR_DOMAIN_GENERAL_INFORMATION structure

SAMPR_DOMAIN_GENERAL_INFORMATION2 structure

SAMPR_DOMAIN_LOCKOUT_INFORMATION structure

SAMPR_DOMAIN_NAME_INFORMATION structure

SAMPR_DOMAIN_OEM_INFORMATION structure

SAMPR_DOMAIN_REPLICATION_INFORMATION structure

SAMPR_ENCRYPTED_USER_PASSWORD structure

SAMPR_ENCRYPTED_USER_PASSWORD_NEW structure

SAMPR_ENUMERATION_BUFFER structure

SAMPR_GET_GROUPS_BUFFER structure

SAMPR_GET_MEMBERS_BUFFER structure

SAMPR_GROUP_ADM_COMMENT_INFORMATION structure

SAMPR_GROUP_GENERAL_INFORMATION structure

SAMPR_GROUP_NAME_INFORMATION structure

SAMPR_LOGON_HOURS structure

SAMPR_PSID_ARRAY structure

SAMPR_PSID_ARRAY_OUT structure

SAMPR_RETURNED_USTRING_ARRAY structure

SAMPR_REVISION_INFO_V1 structure

SAMPR_RID_ENUMERATION structure

SAMPR_SID_INFORMATION structure

SAMPR_SR_SECURITY_DESCRIPTOR structure

SAMPR_ULONG_ARRAY structure

SAMPR_USER_A_NAME_INFORMATION structure

SAMPR_USER_ACCOUNT_INFORMATION structure

SAMPR_USER_ADMIN_COMMENT_INFORMATION structure

SAMPR_USER_ALL_INFORMATION structure

SAMPR_USER_F_NAME_INFORMATION structure

SAMPR_USER_GENERAL_INFORMATION structure

SAMPR_USER_HOME_INFORMATION structure

SAMPR_USER_INTERNAL1_INFORMATION structure

SAMPR_USER_INTERNAL4_INFORMATION structure

SAMPR_USER_INTERNAL4_INFORMATION_NEW structure

SAMPR_USER_INTERNAL5_INFORMATION structure

SAMPR_USER_INTERNAL5_INFORMATION_NEW structure

SAMPR_USER_LOGON_HOURS_INFORMATION structure

SAMPR_USER_LOGON_INFORMATION structure

SAMPR_USER_NAME_INFORMATION structure

SAMPR_USER_PARAMETERS_INFORMATION structure

SAMPR_USER_PREFERENCES_INFORMATION structure

SAMPR_USER_PROFILE_INFORMATION structure

SAMPR_USER_SCRIPT_INFORMATION structure

SAMPR_USER_WORKSTATIONS_INFORMATION structure

SamrAddMemberToAlias method

SamrAddMemberToGroup method

SamrAddMultipleMembersToAlias method

SamrChangePasswordUser method

SamrCloseHandle method

SamrConnect method

SamrConnect2 method

SamrConnect4 method

SamrConnect5 method

SamrCreateAliasInDomain method

SamrCreateGroupInDomain method

SamrCreateUser2InDomain method

SamrCreateUserInDomain method

SamrDeleteAlias method

SamrDeleteGroup method

SamrDeleteUser method

SamrEnumerateAliasesInDomain method

SamrEnumerateDomainsInSamServer method

SamrEnumerateGroupsInDomain method

SamrEnumerateUsersInDomain method

SamrGetAliasMembership method

SamrGetDisplayEnumerationIndex method

SamrGetDisplayEnumerationIndex2 method

SamrGetDomainPasswordInformation method

SamrGetGroupsForUser method

SamrGetMembersInAlias method

SamrGetMembersInGroup method

SamrGetUserDomainPasswordInformation method

SamrLookupDomainInSamServer method

SamrLookupIdsInDomain method

SamrLookupNamesInDomain method

SamrOemChangePasswordUser2 method

SamrOpenAlias method

SamrOpenDomain method

SamrOpenGroup method

SamrOpenUser method

SamrQueryDisplayInformation method

SamrQueryDisplayInformation2 method

SamrQueryDisplayInformation3 method

SamrQueryInformationAlias method

SamrQueryInformationDomain method

SamrQueryInformationDomain2 method

SamrQueryInformationGroup method

SamrQueryInformationUser method

SamrQueryInformationUser2 method

SamrQuerySecurityObject method

SamrRemoveMemberFromAlias method

SamrRemoveMemberFromForeignDomain method

SamrRemoveMemberFromGroup method

SamrRemoveMultipleMembersFromAlias method

SamrRidToSid method

SamrSetDSRMPassword method

SamrSetInformationAlias method

SamrSetInformationDomain method

SamrSetInformationGroup method

SamrSetInformationUser method

SamrSetInformationUser2 method

SamrSetMemberAttributesOfGroup method

SamrSetSecurityObject method

SamrUnicodeChangePasswordUser2 method

SamrValidatePassword data types

SamrValidatePassword method

Schema elements - directory service

SE_GROUP_ENABLED

SE_GROUP_ENABLED_BY_DEFAULT

SE_GROUP_MANDATORY

Security

implementer considerations

parameter index

Security model

client

server

Security pattern

Selective enumerate associated structures

Selective enumerate fields

Selective enumerate pattern

Sequencing rules

client

server

Server

abstract data model

initialization

local events

domain join processing

domain unjoin processing

message processing

overview

security model

sequencing rules

supplemental message processing

timer events

timers

Set pattern

SID_NAME_USE enumeration

Standards assignments

STATUS_ACCESS_DENIED

STATUS_ACCOUNT_LOCKED_OUT

STATUS_GROUP_EXISTS

STATUS_LM_CROSS_ENCRYPTION_REQUIRED

STATUS_MORE_ENTRIES

STATUS_NO_MORE_ENTRIES

STATUS_NONE_MAPPED

STATUS_NT_CROSS_ENCRYPTION_REQUIRED

STATUS_SOME_NOT_MAPPED

STATUS_USER_EXISTS

STATUS_WRONG_PASSWORD

String

handling

matching

T

Timer events

client

server

Timers

client

server

Tracking changes

Transport

Triggers

attribute - originating updates

referenced from other constraints or triggers

U

UF_ACCOUNTDISABLE

UF_DONT_EXPIRE_PASSWD

UF_DONT_REQUIRE_PREAUTH

UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED

UF_HOMEDIR_REQUIRED

UF_INTERDOMAIN_TRUST_ACCOUNT

UF_LOCKOUT

UF_MNS_LOGON_ACCOUNT

UF_NO_AUTH_DATA_REQUIRED

UF_NORMAL_ACCOUNT

UF_NOT_DELEGATED

UF_PARTIAL_SECRETS_ACCOUNT

UF_PASSWD_CANT_CHANGE

UF_PASSWD_NOTREQD

UF_PASSWORD_EXPIRED

UF_SCRIPT

UF_SERVER_TRUST_ACCOUNT

UF_SMARTCARD_REQUIRED

UF_TEMP_DUPLICATE_ACCOUNT

UF_TRUSTED_FOR_DELEGATION

UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION

UF_USE_AES_KEYS

UF_USE_DES_KEY_ONLY

UF_WORKSTATION_TRUST_ACCOUNT

Update constraints

additional triggers

attribute triggers

attributes (section 3.1.1.5, section 3.1.1.6)

referenced from other constraints or triggers

User

fields

query/set data types

User account

creating - example

enabling - example

USER_ACCOUNT_AUTO_LOCKED

USER_ACCOUNT_DISABLED

USER_ALL_ACCESS

USER_ALL_ACCOUNTEXPIRES

USER_ALL_ADMINCOMMENT

USER_ALL_BADPASSWORDCOUNT

USER_ALL_CODEPAGE

USER_ALL_COUNTRYCODE

USER_ALL_FULLNAME

USER_ALL_HOMEDIRECTORY

USER_ALL_HOMEDIRECTORYDRIVE

USER_ALL_LASTLOGOFF

USER_ALL_LASTLOGON

USER_ALL_LMPASSWORDPRESENT

USER_ALL_LOGONCOUNT

USER_ALL_LOGONHOURS

USER_ALL_NTPASSWORDPRESENT

USER_ALL_PARAMETERS

USER_ALL_PASSWORDCANCHANGE

USER_ALL_PASSWORDEXPIRED

USER_ALL_PASSWORDLASTSET

USER_ALL_PASSWORDMUSTCHANGE

USER_ALL_PRIMARYGROUPID

USER_ALL_PRIVATEDATA

USER_ALL_PROFILEPATH

USER_ALL_SCRIPTPATH

USER_ALL_SECURITYDESCRIPTOR

USER_ALL_UNDEFINED_MASK

USER_ALL_USERACCOUNTCONTROL

USER_ALL_USERCOMMENT

USER_ALL_USERID

USER_ALL_USERNAME

USER_ALL_WORKSTATIONS

USER_CHANGE_PASSWORD

USER_CONTROL_INFORMATION structure

USER_DOMAIN_PASSWORD_INFORMATION structure

USER_DONT_EXPIRE_PASSWORD

USER_DONT_REQUIRE_PREAUTH

USER_ENCRYPTED_TEXT_PASSWORD_ALLOWED

USER_EXECUTE

USER_EXPIRES_INFORMATION structure

USER_FORCE_PASSWORD_CHANGE

USER_HOME_DIRECTORY_REQUIRED

USER_INFORMATION_CLASS enumeration

USER_INTERDOMAIN_TRUST_ACCOUNT

USER_LIST_GROUPS

USER_MNS_LOGON_ACCOUNT

USER_NO_AUTH_DATA_REQUIRED

USER_NORMAL_ACCOUNT

USER_NOT_DELEGATED

USER_PARTIAL_SECRETS_ACCOUNT

USER_PASSWORD_EXPIRED

USER_PASSWORD_NOT_REQUIRED

USER_PRIMARY_GROUP_INFORMATION structure

USER_PROPERTIES packet

USER_PROPERTY packet

USER_READ

USER_READ_ACCOUNT

USER_READ_GENERAL

USER_READ_GROUP_INFORMATION

USER_READ_LOGON

USER_READ_PREFERENCES

USER_SERVER_TRUST_ACCOUNT

USER_SMARTCARD_REQUIRED

USER_TEMP_DUPLICATE_ACCOUNT

USER_TRUSTED_FOR_DELEGATION

USER_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION

USER_USE_AES_KEYS

USER_USE_DES_KEY_ONLY

USER_WORKSTATION_TRUST_ACCOUNT

USER_WRITE

USER_WRITE_ACCOUNT

USER_WRITE_GROUP_INFORMATION

USER_WRITE_PREFERENCES

V

Vendor-extensible fields

Versioning

W

WDIGEST_CREDENTIALS packet

WRITE_DAC

WRITE_OWNER

 
Show:
© 2014 Microsoft