Documentation ¶
Index ¶
- Variables
- func AccessAllowedObjectFlagsToFullStr(flags AccessAllowedObjectFlags) string
- func AccessAllowedObjectFlagsToStr(flags AccessAllowedObjectFlags) string
- func AceFlagsToFullStr(flags AceFlags) string
- func AceFlagsToStr(flags AceFlags) string
- func AceMaskToFullStr(mask AceMask) string
- func AceMaskToStr(mask AceMask) string
- func AceTypeToFullStr(aceType AceType) string
- func AceTypeToStr(aceType AceType) string
- func AllowedOrDenied(aceType AceType) string
- func GUIDToFullStr(guid string) string
- func GetInheritanceFlags(flags AceFlags) string
- func GetPropagationFlags(flags AceFlags) string
- func IsInherit(flag AccessAllowedObjectFlags) bool
- func MarshalGUID(objectGUID []byte) (string, error)
- func MarshalSid(objectSid []byte) (string, error)
- func RegisterAce(aceType AceType, constructor AceConstructor)
- func SDDLControlToFullStr(control SDDLControl) string
- func SDDLControlToStr(control SDDLControl) string
- type AccessAllowedObjectFlags
- type Ace
- type AceConstructor
- type AceFlags
- type AceHeader
- type AceMask
- type AceType
- type Acl
- type AclRevision
- type DefaultAce
- type Guid
- type NtSecurityDescriptor
- type SDDLControl
- type Sid
Constants ¶
This section is empty.
Variables ¶
View Source
var AccessAllowedObjectFlagsMap = map[AccessAllowedObjectFlags]string{ ACE_OBJECT_TYPE_PRESENT: "ACE_OBJECT_TYPE_PRESENT", ACE_INHERITED_OBJECT_TYPE_PRESENT: "ACE_INHERITED_OBJECT_TYPE_PRESENT", }
View Source
var AceFlagsFullMap = map[AceFlags]string{ OBJECT_INHERIT_ACE: "OBJECT INHERIT", CONTAINER_INHERIT_ACE: "CONTAINER INHERIT", NO_PROPAGATE_INHERIT_ACE: "NO PROPAGATE INHERIT", INHERIT_ONLY_ACE: "INHERIT ONLY", INHERITED_ACE: "INHERITED", SUCCESSFUL_ACCESS_ACE_FLAG: "SUCCESSFUL ACCESS ACE FLAG", FAILED_ACCESS_ACE_FLAG: "FAILED ACCESS ACE FLAG", }
View Source
var AceFlagsMap = map[AceFlags]string{ OBJECT_INHERIT_ACE: "OI", CONTAINER_INHERIT_ACE: "CI", NO_PROPAGATE_INHERIT_ACE: "NP", INHERIT_ONLY_ACE: "IO", INHERITED_ACE: "ID", SUCCESSFUL_ACCESS_ACE_FLAG: "SA", FAILED_ACCESS_ACE_FLAG: "FA", }
View Source
var AceMasksFullMap = map[AceMask]string{ ADS_RIGHT_GENERIC_READ: "GENERIC_READ(bit)", ADS_RIGHT_GENERIC_WRITE: "GENERIC_WRITE(bit)", ADS_RIGHT_GENERIC_EXECUTE: "GENERIC_EXECUTE(bit)", ADS_RIGHT_GENERIC_ALL: "GENERIC_ALL(bit)", GENERIC_READ: "GENERIC_READ(mask)", GENERIC_WRITE: "GENERIC_WRITE(mask)", GENERIC_EXECUTE: "GENERIC_EXECUTE(mask)", GENERIC_ALL: "GENERIC_ALL(mask)", ADS_RIGHT_MAXIMUM_ALLOWED: "MAXIMUM_ALLOWED", ADS_RIGHT_ACCESS_SYSTEM_SECURITY: "ACCESS_SYSTEM_SECURITY", ADS_RIGHT_SYNCHRONIZE: "SYNCHRONIZE", ADS_RIGHT_WRITE_OWNER: "WRITE_OWNER", ADS_RIGHT_WRITE_DAC: "WRITE_DAC", ADS_RIGHT_READ_CONTROL: "READ_CONTROL", ADS_RIGHT_DELETE: "DELETE", ADS_RIGHT_DS_CREATE_CHILD: "DS_CREATE_CHILD", ADS_RIGHT_DS_DELETE_CHILD: "DS_DELETE_CHILD", ADS_RIGHT_ACTRL_DS_LIST: "ACTRL_DS_LIST", ADS_RIGHT_DS_SELF: "DS_SELF", ADS_RIGHT_DS_READ_PROP: "DS_READ_PROP", ADS_RIGHT_DS_WRITE_PROP: "DS_WRITE_PROP", ADS_RIGHT_DS_DELETE_TREE: "DS_DELETE_TREE", ADS_RIGHT_DS_LIST_OBJECT: "DS_LIST_OBJECT", ADS_RIGHT_DS_CONTROL_ACCESS: "DS_CONTROL_ACCESS", }
View Source
var AceMasksMap = map[AceMask]string{ ADS_RIGHT_GENERIC_READ: "GR", ADS_RIGHT_GENERIC_WRITE: "GW", ADS_RIGHT_GENERIC_EXECUTE: "GX", ADS_RIGHT_GENERIC_ALL: "GA", ADS_RIGHT_MAXIMUM_ALLOWED: "MA", ADS_RIGHT_ACCESS_SYSTEM_SECURITY: "AS", ADS_RIGHT_SYNCHRONIZE: "SY", ADS_RIGHT_WRITE_OWNER: "WO", ADS_RIGHT_WRITE_DAC: "WD", ADS_RIGHT_READ_CONTROL: "RC", ADS_RIGHT_DELETE: "DE", ADS_RIGHT_DS_CREATE_CHILD: "CC", ADS_RIGHT_DS_DELETE_CHILD: "DC", ADS_RIGHT_ACTRL_DS_LIST: "LC", ADS_RIGHT_DS_SELF: "SW", ADS_RIGHT_DS_READ_PROP: "RP", ADS_RIGHT_DS_WRITE_PROP: "WP", ADS_RIGHT_DS_DELETE_TREE: "DT", ADS_RIGHT_DS_LIST_OBJECT: "LO", ADS_RIGHT_DS_CONTROL_ACCESS: "CR", }
View Source
var AceTypeFullMap = map[AceType]string{ ACCESS_ALLOWED_ACE_TYPE: "Access Allowed", ACCESS_DENIED_ACE_TYPE: "Access Denied", SYSTEM_AUDIT_ACE_TYPE: "System Audit", SYSTEM_ALARM_ACE_TYPE: "System Alarm", ACCESS_ALLOWED_COMPOUND_ACE_TYPE: "Access Allowed Compound", ACCESS_ALLOWED_OBJECT_ACE_TYPE: "Access Allowed Object", ACCESS_DENIED_OBJECT_ACE_TYPE: "Access Denied Object", SYSTEM_AUDIT_OBJECT_ACE_TYPE: "System Audit Object", SYSTEM_ALARM_OBJECT_ACE_TYPE: "System Alarm Object", ACCESS_ALLOWED_CALLBACK_ACE_TYPE: "Access Allowed Callback", ACCESS_DENIED_CALLBACK_ACE_TYPE: "Access Denied Callback", ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE: "Access Allowed Callback Object", ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE: "Access Denied Callback Object", SYSTEM_AUDIT_CALLBACK_ACE_TYPE: "System Audit Callback", SYSTEM_ALARM_CALLBACK_ACE_TYPE: "System Alarm Callback", SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE: "System Audit Callback Object", SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE: "Ststem Alarm Callback Object", SYSTEM_MANDATORY_LABEL_ACE_TYPE: "System Mandatory Label", SYSTEM_RESOURCE_ATTRIBUTE_ACE_TYPE: "System Resource Attribute", SYSTEM_SCOPED_POLICY_ID_ACE_TYPE: "System Scoped Polidy ID", }
View Source
var AceTypeMap = map[AceType]string{ ACCESS_ALLOWED_ACE_TYPE: "A", ACCESS_DENIED_ACE_TYPE: "D", SYSTEM_AUDIT_ACE_TYPE: "AU", SYSTEM_ALARM_ACE_TYPE: "AL", ACCESS_ALLOWED_COMPOUND_ACE_TYPE: "", ACCESS_ALLOWED_OBJECT_ACE_TYPE: "OA", ACCESS_DENIED_OBJECT_ACE_TYPE: "OD", SYSTEM_AUDIT_OBJECT_ACE_TYPE: "OU", SYSTEM_ALARM_OBJECT_ACE_TYPE: "OL", ACCESS_ALLOWED_CALLBACK_ACE_TYPE: "XA", ACCESS_DENIED_CALLBACK_ACE_TYPE: "XD", ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE: "ZA", ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE: "OD", SYSTEM_AUDIT_CALLBACK_ACE_TYPE: "XU", SYSTEM_ALARM_CALLBACK_ACE_TYPE: "", SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE: "OU", SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE: "", SYSTEM_MANDATORY_LABEL_ACE_TYPE: "ML", SYSTEM_RESOURCE_ATTRIBUTE_ACE_TYPE: "RA", SYSTEM_SCOPED_POLICY_ID_ACE_TYPE: "SP", }
View Source
var ExtendedRights = map[string]string{
"ab721a52-1e2f-11d0-9819-00aa0040529b": "Domain-Administer-Server",
"ab721a53-1e2f-11d0-9819-00aa0040529b": "User-Change-Password",
"00299570-246d-11d0-a768-00aa006e0529": "User-Force-Change-Password",
"ab721a55-1e2f-11d0-9819-00aa0040529b": "Send-To",
"c7407360-20bf-11d0-a768-00aa006e0529": "Domain-Password",
"59ba2f42-79a2-11d0-9020-00c04fc2d3cf": "General-Information",
"4c164200-20c0-11d0-a768-00aa006e0529": "User-Account-Restrictions",
"5f202010-79a5-11d0-9020-00c04fc2d4cf": "User-Logon",
"bc0ac240-79a9-11d0-9020-00c04fc2d4cf": "Membership",
"a1990816-4298-11d1-ade2-00c04fd8d5cd": "Open-Address-Book",
"e45795b2-9455-11d1-aebd-0000f80367c1": "Email-Information",
"e45795b3-9455-11d1-aebd-0000f80367c1": "Web-Information",
"1131f6aa-9c07-11d1-f79f-00c04fc2dcd2": "DS-Replication-Get-Changes",
"1131f6ab-9c07-11d1-f79f-00c04fc2dcd2": "DS-Replication-Synchronize",
"1131f6ac-9c07-11d1-f79f-00c04fc2dcd2": "DS-Replication-Manage-Topology",
"e12b56b6-0a95-11d1-adbb-00c04fd8d5cd": "Change-Schema-Master",
"d58d5f36-0a98-11d1-adbb-00c04fd8d5cd": "Change-Rid-Master",
"fec364e0-0a98-11d1-adbb-00c04fd8d5cd": "Do-Garbage-Collection",
"0bc1554e-0a99-11d1-adbb-00c04fd8d5cd": "Recalculate-Hierarchy",
"1abd7cf8-0a99-11d1-adbb-00c04fd8d5cd": "Allocate-Rids",
"bae50096-4752-11d1-9052-00c04fc2d4cf": "Change-PDC",
"440820ad-65b4-11d1-a3da-0000f875ae0d": "Add-GUID",
"014bf69c-7b3b-11d1-85f6-08002be74fab": "Change-Domain-Master",
"4b6e08c0-df3c-11d1-9c86-006008764d0e": "msmq-Receive-Dead-Letter",
"4b6e08c1-df3c-11d1-9c86-006008764d0e": "msmq-Peek-Dead-Letter",
"4b6e08c2-df3c-11d1-9c86-006008764d0e": "msmq-Receive-computer-Journal",
"4b6e08c3-df3c-11d1-9c86-006008764d0e": "msmq-Peek-computer-Journal",
"06bd3200-df3e-11d1-9c86-006008764d0e": "msmq-Receive",
"06bd3201-df3e-11d1-9c86-006008764d0e": "msmq-Peek",
"06bd3202-df3e-11d1-9c86-006008764d0e": "msmq-Send",
"06bd3203-df3e-11d1-9c86-006008764d0e": "msmq-Receive-journal",
"b4e60130-df3f-11d1-9c86-006008764d0e": "msmq-Open-Connector",
"edacfd8f-ffb3-11d1-b41d-00a0c968f939": "Apply-Group-Policy",
"037088f8-0ae1-11d2-b422-00a0c968f939": "RAS-Information",
"9923a32a-3607-11d2-b9be-0000f87a36b2": "DS-Install-Replica",
"cc17b1fb-33d9-11d2-97d4-00c04fd8d5cd": "Change-Infrastructure-Master",
"be2bb760-7f46-11d2-b9ad-00c04f79f805": "Update-Schema-Cache",
"62dd28a8-7f46-11d2-b9ad-00c04f79f805": "Recalculate-Security-Inheritance",
"69ae6200-7f46-11d2-b9ad-00c04f79f805": "DS-Check-Stale-Phantoms",
"0e10c968-78fb-11d2-90d4-00c04f79dc55": "Certificate-Enrollment",
"bf9679c0-0de6-11d0-a285-00aa003049e2": "Self-Membership",
"72e39547-7b18-11d1-adef-00c04fd8d5cd": "Validated-DNS-Host-Name",
"b7b1b3dd-ab09-4242-9e30-9980e5d322f7": "Generate-RSoP-Planning",
"9432c620-033c-4db7-8b58-14ef6d0bf477": "Refresh-Group-Cache",
"91d67418-0135-4acc-8d79-c08e857cfbec": "SAM-Enumerate-Entire-Domain",
"b7b1b3de-ab09-4242-9e30-9980e5d322f7": "Generate-RSoP-Logging",
"b8119fd0-04f6-4762-ab7a-4986c76b3f9a": "Domain-Other-Parameters",
"e2a36dc9-ae17-47c3-b58b-be34c55ba633": "Create-Inbound-Forest-Trust",
"1131f6ad-9c07-11d1-f79f-00c04fc2dcd2": "DS-Replication-Get-Changes-All",
"ba33815a-4f93-4c76-87f3-57574bff8109": "Migrate-SID-History",
"45ec5156-db7e-47bb-b53f-dbeb2d03c40f": "Reanimate-Tombstones",
"2f16c4a5-b98e-432c-952a-cb388ba33f2e": "DS-Execute-Intentions-Script",
"f98340fb-7c5b-4cdb-a00b-2ebdfa115a96": "DS-Replication-Monitor-Topology",
"280f369c-67c7-438e-ae98-1d46f3c6f541": "Update-Password-Not-Required-Bit",
"ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501": "Unexpire-Password",
"05c74c5e-4deb-43b4-bd9f-86664c2a7fd5": "Enable-Per-User-Reversibly-Encrypted-Password",
"4ecc03fe-ffc0-4947-b630-eb672a8a9dbc": "DS-Query-Self-Quota",
"91e647de-d96f-4b70-9557-d63ff4f3ccd8": "Private-Information",
"1131f6ae-9c07-11d1-f79f-00c04fc2dcd2": "Read-Only-Replication-Secret-Synchronization",
"5805bc62-bdc9-4428-a5e2-856a0f4c185e": "Terminal-Server-License-Server",
"1a60ea8d-58a6-4b20-bcdc-fb71eb8a9ff8": "Reload-SSL-Certificate",
"89e95b76-444d-4c62-991a-0facbeda640c": "DS-Replication-Get-Changes-In-Filtered-Set",
"7726b9d5-a4b4-4288-a6b2-dce952e80a7f": "Run-Protect-Admin-Groups-Task",
"7c0e2a7c-a419-48e4-a995-10180aad54dd": "Manage-Optional-Features",
"3e0f7e18-2c7a-4c10-ba82-4d926db99a3e": "DS-Clone-Domain-Controller",
"d31a8757-2447-4545-8081-3bb610cacbf2": "Validated-MS-DS-Behavior-Version",
"80863791-dbe9-4eb8-837e-7f0ab55d9ac7": "Validated-MS-DS-Additional-DNS-Host-Name",
"a05b8cc2-17bc-4802-a710-e7c15ab866a2": "Certificate-AutoEnrollment",
"4125c71f-7fac-4ff0-bcb7-f09a41325286": "DS-Set-Owner",
"88a9933e-e5c8-4f2a-9dd7-2527416b8092": "DS-Bypass-Quota",
"084c93a2-620d-4879-a836-f0ae47de0e89": "DS-Read-Partition-Secrets",
"94825a8d-b171-4116-8146-1e34d8f54401": "DS-Write-Partition-Secrets",
"9b026da6-0d3c-465c-8bee-5199d7165cba": "DS-Validated-Write-Computer",
"ab721a54-1e2f-11d0-9819-00aa0040529b": "Send-As",
"ab721a56-1e2f-11d0-9819-00aa0040529b": "Receive-As",
"77b5b886-944a-11d1-aebd-0000f80367c1": "Personal-Information",
"e48d0154-bcf8-11d1-8702-00c04fb96050": "Public-Information",
"f3a64788-5306-11d1-a9c5-0000f80367c1": "Validated-SPN",
"68b1d179-0d15-4d4f-ab71-46152e79a7bc": "Allowed-To-Authenticate",
"ffa6f046-ca4b-4feb-b40d-04dfee722543": "MS-TS-GatewayAccess",
}
View Source
var SDDLControlFullMap = map[SDDLControl]string{ SE_SELF_RELATIVE: "SELF_RELATIVE", SE_RM_CONTROL_VALID: "RM_CONTROL_VALID", SE_SACL_PROTECTED: "SACL_PROTECTED", SE_DACL_PROTECTED: "DACL_PROTECTED", SE_SACL_AUTO_INHERITED: "SACL_AUTO_INHERITED", SE_DACL_AUTO_INHERITED: "DACL_AUTO_INHERITED", SE_SACL_AUTO_INHERIT_REQ: "SACL_COMPUTED_INHERITANCE_REQUIRED", SE_DACL_AUTO_INHERIT_REQ: "DACL_COMPUTED_INHERITANCE_REQUIRED", SE_SERVER_SECURITY: "SERVER_SECURITY", SE_DACL_TRUSTED: "DACL_TRUSTED", SE_SACL_DEFAULTED: "SACL_DEFAULTED", SE_SACL_PRESENT: "SACL_PRESENT", SE_DACL_DEFAULTED: "DACL_DEFAULTED", SE_DACL_PRESENT: "DACL_PRESENT", SE_GROUP_DEFAULTED: "GROUP_DEFAULTED", SE_OWNER_DEFAULTED: "OWNER_DEFAULTED", }
View Source
var SDDLControlMap = map[SDDLControl]string{ SE_SELF_RELATIVE: "SR", SE_RM_CONTROL_VALID: "RM", SE_SACL_PROTECTED: "PS", SE_DACL_PROTECTED: "PD", SE_SACL_AUTO_INHERITED: "SI", SE_DACL_AUTO_INHERITED: "DI", SE_SACL_AUTO_INHERIT_REQ: "SC", SE_DACL_AUTO_INHERIT_REQ: "DC", SE_SERVER_SECURITY: "SS", SE_DACL_TRUSTED: "DT", SE_SACL_DEFAULTED: "SD", SE_SACL_PRESENT: "SP", SE_DACL_DEFAULTED: "DD", SE_DACL_PRESENT: "DP", SE_GROUP_DEFAULTED: "GD", SE_OWNER_DEFAULTED: "OD", }
View Source
var SchemaObjects = map[string]string{}/* 1769 elements not displayed */
View Source
var WellKnownSids = map[string]string{
"S-1-0": "BUILTIN\\Null Authority",
"S-1-0-0": "BUILTIN\\Nobody",
"S-1-1": "BUILTIN\\World Authority",
"S-1-1-0": "BUILTIN\\Everyone",
"S-1-2": "BUILTIN\\Local Authority",
"S-1-2-0": "BUILTIN\\Local",
"S-1-2-1": "BUILTIN\\Console Logon",
"S-1-3": "BUILTIN\\Creator Authority",
"S-1-3-0": "BUILTIN\\Creator Owner",
"S-1-3-1": "BUILTIN\\Creator Group",
"S-1-3-2": "BUILTIN\\Creator Owner Server",
"S-1-3-3": "BUILTIN\\Creator Group Server",
"S-1-3-4": "BUILTIN\\Owner Rights",
"S-1-4": "BUILTIN\\Non-unique Authority",
"S-1-5": "BUILTIN\\NT Authority",
"S-1-5-1": "BUILTIN\\Dialup",
"S-1-5-2": "BUILTIN\\Network",
"S-1-5-3": "BUILTIN\\Batch",
"S-1-5-4": "BUILTIN\\Interactive",
"S-1-5-6": "BUILTIN\\Service",
"S-1-5-7": "BUILTIN\\Anonymous",
"S-1-5-8": "BUILTIN\\Proxy",
"S-1-5-9": "BUILTIN\\Enterprise Domain Controllers",
"S-1-5-10": "BUILTIN\\Principal Self",
"S-1-5-11": "BUILTIN\\Authenticated Users",
"S-1-5-12": "BUILTIN\\Restricted Code",
"S-1-5-13": "BUILTIN\\Terminal Server Users",
"S-1-5-14": "BUILTIN\\Remote Interactive Logon",
"S-1-5-15": "BUILTIN\\This Organization",
"S-1-5-17": "BUILTIN\\This Organization",
"S-1-5-18": "BUILTIN\\Local System",
"S-1-5-19": "BUILTIN\\NT Authority",
"S-1-5-20": "BUILTIN\\NT Authority",
"S-1-5-80": "BUILTIN\\NT Service",
"S-1-5-80-0": "BUILTIN\\All Services",
"S-1-5-83-0": "NT VIRTUAL MACHINE\\Virtual Machines",
"S-1-16-0": "BUILTIN\\Untrusted Mandatory Level",
"S-1-5-32-544": "BUILTIN\\Administrators",
"S-1-5-32-545": "BUILTIN\\Users",
"S-1-5-32-546": "BUILTIN\\Guests",
"S-1-5-32-547": "BUILTIN\\Power Users",
"S-1-5-32-548": "BUILTIN\\Account Operators",
"S-1-5-32-549": "BUILTIN\\Server Operators",
"S-1-5-32-550": "BUILTIN\\Print Operators",
"S-1-5-32-551": "BUILTIN\\Backup Operators",
"S-1-5-32-552": "BUILTIN\\Replicators",
"S-1-5-64-10": "BUILTIN\\NTLM Authentication",
"S-1-5-64-14": "BUILTIN\\SChannel Authentication",
"S-1-5-64-21": "BUILTIN\\Digest Authentication",
"S-1-16-4096": "BUILTIN\\Low Mandatory Level",
"S-1-16-8192": "BUILTIN\\Medium Mandatory Level",
"S-1-16-8448": "BUILTIN\\Medium Plus Mandatory Level",
"S-1-16-12288": "BUILTIN\\High Mandatory Level",
"S-1-16-16384": "BUILTIN\\System Mandatory Level",
"S-1-16-20480": "BUILTIN\\Protected Process Mandatory Level",
"S-1-16-28672": "BUILTIN\\Secure Process Mandatory Level",
"S-1-5-32-554": "BUILTIN\\Pre-Windows 2000 Compatible Access",
"S-1-5-32-555": "BUILTIN\\Remote Desktop Users",
"S-1-5-32-556": "BUILTIN\\Network Configuration Operators",
"S-1-5-32-557": "BUILTIN\\Incoming Forest Trust Builders",
"S-1-5-32-558": "BUILTIN\\Performance Monitor Users",
"S-1-5-32-559": "BUILTIN\\Performance Log Users",
"S-1-5-32-560": "BUILTIN\\Windows Authorization Access Group",
"S-1-5-32-561": "BUILTIN\\Terminal Server License Servers",
"S-1-5-32-562": "BUILTIN\\Distributed COM Users",
"S-1-5-32-568": "BUILTIN\\IIS_IUSRS",
"S-1-5-32-569": "BUILTIN\\Cryptographic Operators",
"S-1-5-32-573": "BUILTIN\\Event Log Readers",
"S-1-5-32-574": "BUILTIN\\Certificate Service DCOM Access",
"S-1-5-32-575": "BUILTIN\\RDS Remote Access Servers",
"S-1-5-32-576": "BUILTIN\\RDS Endpoint Servers",
"S-1-5-32-577": "BUILTIN\\RDS Management Servers",
"S-1-5-32-578": "BUILTIN\\Hyper-V Administrators",
"S-1-5-32-579": "BUILTIN\\Access Control Assistance Operators",
"S-1-5-32-580": "BUILTIN\\Remote Management Users",
}
Functions ¶
func AccessAllowedObjectFlagsToFullStr ¶ added in v1.11.0
func AccessAllowedObjectFlagsToFullStr(flags AccessAllowedObjectFlags) string
func AccessAllowedObjectFlagsToStr ¶ added in v1.11.0
func AccessAllowedObjectFlagsToStr(flags AccessAllowedObjectFlags) string
func AceFlagsToFullStr ¶ added in v1.11.0
func AceFlagsToStr ¶ added in v1.11.0
func AceMaskToFullStr ¶ added in v1.11.0
func AceMaskToStr ¶ added in v1.11.0
func AceTypeToFullStr ¶ added in v1.11.0
func AceTypeToStr ¶ added in v1.11.0
func AllowedOrDenied ¶ added in v1.11.0
func GUIDToFullStr ¶ added in v1.11.6
func GetInheritanceFlags ¶ added in v1.13.2
func GetPropagationFlags ¶ added in v1.13.2
func IsInherit ¶ added in v1.11.0
func IsInherit(flag AccessAllowedObjectFlags) bool
func MarshalGUID ¶
MarshalGUID 把 []byte 的 objectGUID 转换成可读字符串
生成 guid 时,前三部分字节反转 [0:4]-[4:6]-[6:8]-[8:10]-[10:16]
func MarshalSid ¶
MarshalSid 把 []byte 的 objectSid 转换成可读字符串
子授权机构数量(不在字符串中显示)Sub-Authority Count:1 S-版本号-授权标识符-子授权机构标识符... S-{Revision:0}-{Identifier-Authority:2-8}-{Sub-Authority:8-end/4}
func RegisterAce ¶ added in v1.11.0
func RegisterAce(aceType AceType, constructor AceConstructor)
RegisterAce 注册 Ace 解析构造函数
func SDDLControlToFullStr ¶ added in v1.11.0
func SDDLControlToFullStr(control SDDLControl) string
func SDDLControlToStr ¶ added in v1.11.0
func SDDLControlToStr(control SDDLControl) string
Types ¶
type AccessAllowedObjectFlags ¶ added in v1.11.0
type AccessAllowedObjectFlags uint32
ACCESS_ALLOWED_OBJECT_ACE, ACCESS_DENIED_OBJECT_ACE 的 flags
const ( Null AccessAllowedObjectFlags = 0x00000000 ACE_OBJECT_TYPE_PRESENT AccessAllowedObjectFlags = 0x00000001 ACE_INHERITED_OBJECT_TYPE_PRESENT AccessAllowedObjectFlags = 0x00000002 )
type Ace ¶ added in v1.11.0
func NewDefaultAce ¶ added in v1.11.0
type AceConstructor ¶ added in v1.11.0
AceConstructor Ace 构造函数签名
type AceHeader ¶ added in v1.11.0
type AceHeader struct { AceType byte `json:"aceType"` AceFlags byte `json:"aceFlags"` AceSize uint16 `json:"-"` // LittleEndian }
AceHeader Ace 头部信息,定义 Ace 类型和 Ace flags,4个字节
----------------------------------------------- | 0x00-0x07 | 0x08-0x0F | 0x10-0x17 | 0x18-0x1F | | AceType | AceFlags | AceSize | -----------------------------------------------
type AceMask ¶ added in v1.11.0
type AceMask uint32
const ( // generic rights 是抽象的权限,会根据不同的对象类型,映射不同的权限 ADS_RIGHT_GENERIC_READ AceMask = 0x80000000 // 读 ADS_RIGHT_GENERIC_WRITE AceMask = 0x40000000 // 写 ADS_RIGHT_GENERIC_EXECUTE AceMask = 0x20000000 // 列出容器内容的权限 ADS_RIGHT_GENERIC_ALL AceMask = 0x10000000 // 所有权限 GENERIC_READ AceMask = 131220 // 实际 GENERIC_READ 的掩码 GENERIC_WRITE AceMask = 131112 // 实际 GENERIC_WRITE 的掩码 GENERIC_EXECUTE AceMask = 131076 // 实际 GENERIC_EXECUTE 的掩码 GENERIC_ALL AceMask = 983551 // 实际 GENERIC_ALL 的掩码 ADS_RIGHT_MAXIMUM_ALLOWED AceMask = 0x02000000 ADS_RIGHT_ACCESS_SYSTEM_SECURITY AceMask = 0x01000000 // 读写SACL权限 ADS_RIGHT_SYNCHRONIZE AceMask = 0x00100000 // 同步的权限 // std rights ADS_RIGHT_WRITE_OWNER AceMask = 0x00080000 // 所有者的权限 ADS_RIGHT_WRITE_DAC AceMask = 0x00040000 // 修改DACL权限 ADS_RIGHT_READ_CONTROL AceMask = 0x00020000 // 读ntSecurityDescriptor权限(不含SACL) ADS_RIGHT_DELETE AceMask = 0x00010000 // 删除权限 // ds right ADS_RIGHT_DS_CREATE_CHILD AceMask = 0x00000001 // 新建子对象的权限 ADS_RIGHT_DS_DELETE_CHILD AceMask = 0x00000002 // 删除子对象的权限 ADS_RIGHT_ACTRL_DS_LIST AceMask = 0x00000004 // 列出自对象的权限 ADS_RIGHT_DS_SELF AceMask = 0x00000008 ADS_RIGHT_DS_READ_PROP AceMask = 0x00000010 // 读属性 ADS_RIGHT_DS_WRITE_PROP AceMask = 0x00000020 // 写属性 ADS_RIGHT_DS_DELETE_TREE AceMask = 0x00000040 // 删除子对象 ADS_RIGHT_DS_LIST_OBJECT AceMask = 0x00000080 // 列出对象权限 ADS_RIGHT_DS_CONTROL_ACCESS AceMask = 0x00000100 )
type AceType ¶ added in v1.11.0
type AceType byte
AceType Ace类型
const ( ACCESS_ALLOWED_ACE_TYPE AceType = 0x00 ACCESS_DENIED_ACE_TYPE AceType = 0x01 SYSTEM_AUDIT_ACE_TYPE AceType = 0x02 SYSTEM_ALARM_ACE_TYPE AceType = 0x03 ACCESS_ALLOWED_COMPOUND_ACE_TYPE AceType = 0x04 ACCESS_ALLOWED_OBJECT_ACE_TYPE AceType = 0x05 ACCESS_DENIED_OBJECT_ACE_TYPE AceType = 0x06 SYSTEM_AUDIT_OBJECT_ACE_TYPE AceType = 0x07 SYSTEM_ALARM_OBJECT_ACE_TYPE AceType = 0x08 ACCESS_ALLOWED_CALLBACK_ACE_TYPE AceType = 0x09 ACCESS_DENIED_CALLBACK_ACE_TYPE AceType = 0x0a ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE AceType = 0x0b ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE AceType = 0x0c SYSTEM_AUDIT_CALLBACK_ACE_TYPE AceType = 0x0d SYSTEM_ALARM_CALLBACK_ACE_TYPE AceType = 0x0e SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE AceType = 0x0f SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE AceType = 0x10 SYSTEM_MANDATORY_LABEL_ACE_TYPE AceType = 0x11 SYSTEM_RESOURCE_ATTRIBUTE_ACE_TYPE AceType = 0x12 SYSTEM_SCOPED_POLICY_ID_ACE_TYPE AceType = 0x13 )
type Acl ¶ added in v1.11.0
type Acl struct { AclRevision byte `json:"-"` Sbz1 byte `json:"-"` AclSize uint16 `json:"-"` // LittleEndian AceCount uint16 `json:"aceCount"` // LittleEndian Sbz2 uint16 `json:"-"` // LittleEndian AceList []Ace `json:"aceList"` }
Acl
----------------------------------------------- | 0x00-0x07 | 0x08-0x0F | 0x10-0x17 | 0x18-0x1F | | Revision | Sbz1 | AclSize | | AceCount | Sbz2 | | AceList(variable) | -----------------------------------------------
type AclRevision ¶ added in v1.11.0
type AclRevision byte
const ( ACL_REVISION AclRevision = 0x02 // AceTypes 仅允许 0x00, 0x01, 0x02, 0x03, 0x11, 0x12, 0x13 ACL_REVISION_DS AclRevision = 0x04 // AceTypes 仅允许 0x05, 0x06, 0x07, 0x08, 0x11 )
type DefaultAce ¶ added in v1.11.0
DefaultAce 默认 Ace 结构体,只解析 AceHeader
func (*DefaultAce) NtString ¶ added in v1.11.0
func (a *DefaultAce) NtString() string
func (*DefaultAce) Size ¶ added in v1.11.0
func (a *DefaultAce) Size() int
func (*DefaultAce) String ¶ added in v1.11.0
func (a *DefaultAce) String() string
type Guid ¶ added in v1.11.0
type Guid struct { Data1 uint32 // LittleEndian Data2 uint16 // LittleEndian Data3 uint16 // LittleEndian Data4 [8]byte }
Guid
struct: ------------------------------------------------------------------------------- | 0x00-0x07 | 0x08-0x0F | 0x10-0x17 | 0x18-0x1F | | Data1(4 bytes) | | Data2(2 bytes) | Data3(2 bytes) | | Data4(8 bytes) | ------------------------------------------------------------------------------- string: Data1, Data2, Data3 前三部分字节反转 [0:4]-[4:6]-[6:8]-[8:10]-[10:16]
func (Guid) MarshalJSON ¶ added in v1.11.0
type NtSecurityDescriptor ¶ added in v1.11.0
type NtSecurityDescriptor struct { Revision byte `json:"-"` Sbz1 byte `json:"-"` Control uint16 `json:"control"` // LittleEndian OffsetOwner uint32 `json:"-"` // LittleEndian OffsetGroup uint32 `json:"-"` // LittleEndian OffsetSacl uint32 `json:"-"` // LittleEndian OffsetDacl uint32 `json:"-"` // LittleEndian OwnerSid *Sid `json:"ownerSid"` GroupSid *Sid `json:"groupSid"` Sacl *Acl `json:"sacl"` Dacl *Acl `json:"dacl"` }
NtSecurityDescriptor
----------------------------------------------- | 0x00-0x07 | 0x08-0x0F | 0x10-0x17 | 0x18-0x1F | | Revision | Sbz1 | Control | | OffsetOwner | | OffsetGroup | | OffsetSacl | | OffsetDacl | | OwnerSid(variable) | | GroupSid(variable) | | Sacl(variable) | | Dacl(variable) | -----------------------------------------------
func NewNtSecurityDescriptor ¶ added in v1.11.0
func NewNtSecurityDescriptor(descBytes []byte) (descriptor *NtSecurityDescriptor, err error)
func (*NtSecurityDescriptor) NtString ¶ added in v1.11.0
func (d *NtSecurityDescriptor) NtString() string
func (*NtSecurityDescriptor) String ¶ added in v1.11.0
func (d *NtSecurityDescriptor) String() string
type SDDLControl ¶ added in v1.11.0
type SDDLControl uint16
const ( SE_SELF_RELATIVE SDDLControl = 0x8000 // SR SE_RM_CONTROL_VALID SDDLControl = 0x4000 // RM SE_SACL_PROTECTED SDDLControl = 0x2000 // PS SE_DACL_PROTECTED SDDLControl = 0x1000 // PD SE_SACL_AUTO_INHERITED SDDLControl = 0x0800 // SI SE_DACL_AUTO_INHERITED SDDLControl = 0x0400 // DI SE_SACL_AUTO_INHERIT_REQ SDDLControl = 0x0200 // SC SE_DACL_AUTO_INHERIT_REQ SDDLControl = 0x0100 // DC SE_SERVER_SECURITY SDDLControl = 0x0080 // SS SE_DACL_TRUSTED SDDLControl = 0x0040 // DT SE_SACL_DEFAULTED SDDLControl = 0x0020 // SD SE_SACL_PRESENT SDDLControl = 0x0010 // SP SE_DACL_DEFAULTED SDDLControl = 0x0008 // DD SE_DACL_PRESENT SDDLControl = 0x0004 // DP SE_GROUP_DEFAULTED SDDLControl = 0x0002 // GD SE_OWNER_DEFAULTED SDDLControl = 0x0001 // OD )
type Sid ¶ added in v1.11.0
type Sid struct { Revision byte SubAuthorityCount byte // maximum number is 15 IdentifierAuthority [6]byte // BigEndian SubAuthority []uint32 // size is SubAuthorityCount }
Sid
struct: ------------------------------------------------------------------------------- | 0x00-0x07 | 0x08-0x0F | 0x10-0x17 | 0x18-0x1F | | Revision(0x01) | SubAuthorityCount | IdentifierAuthority(6 bytes) | | SubAuthority(variable) | ------------------------------------------------------------------------------- string: 子授权机构数量(不在字符串中显示)SubAuthorityCount S-版本号-授权标识符-子授权机构标识符... S-{Revision}-{IdentifierAUthority}-{SubAuthority...}
func (Sid) MarshalJSON ¶ added in v1.11.0
Click to show internal directories.
Click to hide internal directories.