SAM_DATABASE_PRIVS = 2 /* Privileges */
} netr_SamDatabaseID;
- typedef [public,v1_enum] enum {
- SAMR_REJECT_OTHER = 0,
- SAMR_REJECT_TOO_SHORT = 1,
- SAMR_REJECT_IN_HISTORY = 2,
- SAMR_REJECT_COMPLEXITY = 5
- } samr_RejectReason;
-
-
-
/* account control (acct_flags) bits */
typedef [public,bitmap32bit] bitmap {
ACB_DISABLED = 0x00000001, /* 1 = User account disabled */
ACB_USE_DES_KEY_ONLY = 0x00008000, /* 1 = Use DES key only */
ACB_DONT_REQUIRE_PREAUTH = 0x00010000, /* 1 = Preauth not required */
ACB_PW_EXPIRED = 0x00020000, /* 1 = Password Expired */
- ACB_NO_AUTH_DATA_REQD = 0x00080000 /* 1 = No authorization data required */
+ ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0x00040000,
+ ACB_NO_AUTH_DATA_REQD = 0x00080000, /* 1 = No authorization data required */
+ ACB_PARTIAL_SECRETS_ACCOUNT = 0x00100000,
+ ACB_USE_AES_KEYS = 0x00200000
} samr_AcctFlags;
/* SAM server specific access rights */
/************************/
/* Function 0x08 */
+
+ typedef enum {
+ DomainPasswordInformation = 1,
+ DomainGeneralInformation = 2,
+ DomainLogoffInformation = 3,
+ DomainOemInformation = 4,
+ DomainNameInformation = 5,
+ DomainReplicationInformation = 6,
+ DomainServerRoleInformation = 7,
+ DomainModifiedInformation = 8,
+ DomainStateInformation = 9,
+ DomainUasInformation = 10,
+ DomainGeneralInformation2 = 11,
+ DomainLockoutInformation = 12,
+ DomainModifiedInformation2 = 13
+ } samr_DomainInfoClass;
+
/* server roles */
typedef [v1_enum] enum {
SAMR_ROLE_STANDALONE = 0,
NTSTATUS samr_QueryDomainInfo(
[in,ref] policy_handle *domain_handle,
- [in] uint16 level,
+ [in] samr_DomainInfoClass level,
[out,ref,switch_is(level)] samr_DomainInfo **info
);
*/
NTSTATUS samr_SetDomainInfo(
[in,ref] policy_handle *domain_handle,
- [in] uint16 level,
+ [in] samr_DomainInfoClass level,
[in,switch_is(level),ref] samr_DomainInfo *info
);
typedef struct {
uint32 count;
[size_is(count)] uint32 *rids;
- [size_is(count)] uint32 *types;
- } samr_RidTypeArray;
+ [size_is(count)] samr_GroupAttrs *attributes;
+ } samr_RidAttrArray;
NTSTATUS samr_QueryGroupMember(
[in,ref] policy_handle *group_handle,
- [out,ref] samr_RidTypeArray **rids
+ [out,ref] samr_RidAttrArray **rids
);
/************************/
/* Function 0x24 */
+
+ typedef enum {
+ UserGeneralInformation = 1,
+ UserPreferencesInformation = 2,
+ UserLogonInformation = 3,
+ UserLogonHoursInformation = 4,
+ UserAccountInformation = 5,
+ UserNameInformation = 6,
+ UserAccountNameInformation = 7,
+ UserFullNameInformation = 8,
+ UserPrimaryGroupInformation = 9,
+ UserHomeInformation = 10,
+ UserScriptInformation = 11,
+ UserProfileInformation = 12,
+ UserAdminCommentInformation = 13,
+ UserWorkStationsInformation = 14,
+ UserControlInformation = 16,
+ UserExpiresInformation = 17,
+ UserInternal1Information = 18,
+ UserParametersInformation = 20,
+ UserAllInformation = 21,
+ UserInternal4Information = 23,
+ UserInternal5Information = 24,
+ UserInternal4InformationNew = 25,
+ UserInternal5InformationNew = 26
+ } samr_UserInfoLevel;
+
typedef struct {
lsa_String account_name;
lsa_String full_name;
typedef struct {
lsa_String comment;
- lsa_String unknown; /* settable, but doesn't stick. probably obsolete */
+ lsa_String reserved; /* settable, but doesn't stick. probably obsolete */
uint16 country_code;
uint16 code_page;
} samr_UserInfo2;
lsa_BinaryString parameters;
lsa_BinaryString lm_owf_password;
lsa_BinaryString nt_owf_password;
- lsa_String unknown3;
+ lsa_String private_data;
uint32 buf_count;
[size_is(buf_count)] uint8 *buffer;
uint32 rid;
uint8 lm_password_set;
uint8 nt_password_set;
uint8 password_expired;
- uint8 unknown4;
+ uint8 private_data_sensitive;
} samr_UserInfo21;
typedef [public, flag(NDR_PAHEX)] struct {
[public] NTSTATUS samr_QueryUserInfo(
[in,ref] policy_handle *user_handle,
- [in] uint16 level,
+ [in] samr_UserInfoLevel level,
[out,ref,switch_is(level)] samr_UserInfo **info
);
/* Function 0x25 */
[public] NTSTATUS samr_SetUserInfo(
[in,ref] policy_handle *user_handle,
- [in] uint16 level,
+ [in] samr_UserInfoLevel level,
[in,ref,switch_is(level)] samr_UserInfo *info
);
*/
NTSTATUS samr_QueryDomainInfo2(
[in,ref] policy_handle *domain_handle,
- [in] uint16 level,
+ [in] samr_DomainInfoClass level,
[out,ref,switch_is(level)] samr_DomainInfo **info
);
*/
NTSTATUS samr_QueryUserInfo2(
[in,ref] policy_handle *user_handle,
- [in] uint16 level,
+ [in] samr_UserInfoLevel level,
[out,ref,switch_is(level)] samr_UserInfo **info
);
*/
[public] NTSTATUS samr_SetUserInfo2(
[in,ref] policy_handle *user_handle,
- [in] uint16 level,
+ [in] samr_UserInfoLevel level,
[in,ref,switch_is(level)] samr_UserInfo *info
);
/************************/
/* Function 0x3e */
- typedef enum {
+ typedef [v1_enum] enum {
SAMR_CONNECT_PRE_W2K = 1,
SAMR_CONNECT_W2K = 2,
SAMR_CONNECT_AFTER_W2K = 3
/************************/
/* Function 0x3f */
- typedef enum samr_RejectReason samr_RejectReason;
+ typedef [public,v1_enum] enum {
+ SAM_PWD_CHANGE_NO_ERROR = 0,
+ SAM_PWD_CHANGE_PASSWORD_TOO_SHORT = 1,
+ SAM_PWD_CHANGE_PWD_IN_HISTORY = 2,
+ SAM_PWD_CHANGE_USERNAME_IN_PASSWORD = 3,
+ SAM_PWD_CHANGE_FULLNAME_IN_PASSWORD = 4,
+ SAM_PWD_CHANGE_NOT_COMPLEX = 5,
+ SAM_PWD_CHANGE_MACHINE_NOT_DEFAULT = 6,
+ SAM_PWD_CHANGE_FAILED_BY_FILTER = 7,
+ SAM_PWD_CHANGE_PASSWORD_TOO_LONG = 8
+ } samPwdChangeReason;
typedef struct {
- samr_RejectReason reason;
- uint32 unknown1;
- uint32 unknown2;
- } samr_ChangeReject;
+ samPwdChangeReason extendedFailureReason;
+ [string,charset(UTF16)] uint16 *filterModuleName;
+ } userPwdChangeFailureInformation;
NTSTATUS samr_ChangePasswordUser3(
[in,unique] lsa_String *server,
[in,unique] samr_Password *lm_verifier,
[in,unique] samr_CryptPassword *password3,
[out,ref] samr_DomInfo1 **dominfo,
- [out,ref] samr_ChangeReject **reject
+ [out,ref] userPwdChangeFailureInformation **reject
);
/************************/
SAMR_VALIDATION_STATUS_SUCCESS = 0,
SAMR_VALIDATION_STATUS_PASSWORD_MUST_CHANGE = 1,
SAMR_VALIDATION_STATUS_ACCOUNT_LOCKED_OUT = 2,
+ SAMR_VALIDATION_STATUS_PASSWORD_EXPIRED = 3,
SAMR_VALIDATION_STATUS_BAD_PASSWORD = 4,
SAMR_VALIDATION_STATUS_PWD_HISTORY_CONFLICT = 5,
SAMR_VALIDATION_STATUS_PWD_TOO_SHORT = 6,
SAMR_VALIDATION_STATUS_PWD_TOO_LONG = 7,
SAMR_VALIDATION_STATUS_NOT_COMPLEX_ENOUGH = 8,
- SAMR_VALIDATION_STATUS_PASSWORD_TOO_RECENT = 9
+ SAMR_VALIDATION_STATUS_PASSWORD_TOO_RECENT = 9,
+ SAMR_VALIDATION_STATUS_PASSWORD_FILTER_ERROR = 10
} samr_ValidationStatus;
typedef struct {