| |
|
|
LsaOpenPolicy opens the lever the Policy Objektes on the local System or one Hintergrundcomputer. the Policy Objekt lever is quasi ?the golden Key? to the Sicherheitseinstellungen The over The LSA-API getätigt go can. These function there only NT-based Windowssystemen.
P:B1 Structure or 8 byte large Memory-Variable, The indicated over the Zielsystem contains, which Policy Objekt lever opened go should. => byte 0-1 = The long the Strings in Bytes, on the byte 4-7 verweist. byte 2-3 = The length the Bereichs in Bytes, on the byte 4-7 verweist. byte 4-7 = discretionary, but enough large Memory-Variable with a String in the Unicode stature, the whom names the Zielsystems contains. P:B2 Structure or 28 byte large Memory-Variable for indicated of Verbindungsattributen. this Parameter becomes to Time not used. any Bytes the Structure or the Memory-Variables must therefore on 0 staid go. P:L3 ? Happen?, The whom desired Access to the lever indicate. ? Happen? can with | add go. If the Zielsystem the aufrufenden Process not any Zugriffsrechte granted, proposes The function missing. one ought to itself therefore very consider, which Zugriffsrechte very for action necessary are, for to the lever needed. => #Generic Zugriffsrechte#: $80000000 = Lesezugriff (GENERIC_READ). $40000000 = Schreibzugriff (GENERIC_WRITE). $20000000 = right to that Perform (GENERIC_EXECUTE). $10000000 = right to that Perform, Schreibzugriff and Lesezugriff (GENERIC_ALL). #standard Zugriffsrechte#: $01000000 = circa Access to The SACL to obtain (ACCESS_SYSTEM_SECURITY). $00020000 = circa Lesezugriff on the Security Descriptor (without whom SACL) to obtain (READ_CONTROL = STANDARD_RIGHTS_READ = STANDARD_RIGHTS_WRITE = STANDARD_RIGHTS_EXECUTE). $00010000 = right to that delete (_DELETE). $00040000 = Write right on the ACL (WRITE_DAC). $00080000 = Write right on the proprietor (WRITE_OWNER). $00100000 = allows one Process the Objekt To Waiting (SYNCHRONIZE). gives not for all Objekttypen. $000F0000 = $00010000+$00020000+$00080000+$00040000 (STANDARD_RIGHTS_REQUIRED). $001F0000 = $00010000+$00020000+$00100000+$00080000+$00040000 (STANDARD_RIGHTS_ALL). #specific Zugriffsrechte#: $0001 = (POLICY_VIEW_LOCAL_INFORMATION). $0002 = (POLICY_VIEW_AUDIT_INFORMATION) $0004 = (POLICY_GET_PRIVATE_INFORMATION). $0008 = (POLICY_TRUST_ADMIN). $0010 = (POLICY_CREATE_ACCOUNT). $0020 = (POLICY_CREATE_SECRET). $0040 = (POLICY_CREATE_PRIVILEGE). $0080 = (POLICY_SET_DEFAULT_QUOTA_LIMITS). $0100 = (POLICY_SET_AUDIT_REQUIREMENTS). $0200 = (POLICY_AUDIT_LOG_ADMIN). $0400 = (POLICY_SERVER_ADMIN). $0800 = (POLICY_LOOKUP_NAMES). $FFFF = any specific rights (SPECIFIC_RIGHTS_ALL).
$02000000 = any allowed Zugriffsrechte for anfragenden Process (MAXIMUM_ALLOWED). P:L4 address of/ one LongInt variables or P:B5 4 byte large Memory-Variable, The the lever the Policy Objektes aufnimmt.
|
|
|
| |
|
|