--- /dev/null
+/*
+ * Winbind (NDR-based) Protocol
+ */
+
+import "security.idl";
+
+[ uuid("b6608c99-0407-401b-96d3-7bcda67232af"),
+ version(1.0),
+ pointer_default(unique)
+] interface winbind_protocol
+{
+ const uint32 WINBIND_MAX_LENGTH_PRIVILEGED = 0x0FFFFFFF;
+ const uint32 WINBIND_MAX_LENGTH_UNPRIVILEGED = 0x00020000;
+
+ typedef [public,v1_enum] enum {
+ WINBIND_STATUS_OK = 0x00000000,
+ WINBIND_STATUS_UNKNOWN_ERROR = 0x57420001,
+ WINBIND_STATUS_NOT_IMPLEMENTED = 0x57420002,
+ WINBIND_STATUS_NOT_SUPPORTED = 0x57420003,
+ WINBIND_STATUS_NO_MEMORY = 0x57420004,
+ WINBIND_STATUS_INVALID_PARAMETER = 0x57420005,
+ WINBIND_STATUS_INVALID_LEVEL = 0x57420006,
+ WINBIND_STATUS_UNKNOWN_LEVEL = 0x57420007,
+ WINBIND_STATUS_DOMAIN_OFFLINE = 0x57420008
+ } winbind_status;
+
+ const uint32 WINBIND_STATUS_FOOBAR = WINBIND_STATUS_UNKNOWN_ERROR;
+
+ typedef [bitmap16bit] bitmap {
+ WINBIND_HEADER_VERSION = 0x0001
+ } winbind_header_version;
+
+ typedef [bitmap32bit] bitmap {
+ WINBIND_HEADER_FLAGS_RESPONSE = 0x00000001,
+ WINBIND_HEADER_FLAGS_ERROR = 0x00000002
+ } winbind_header_flags;
+
+ const uint32 WINBIND_HEADER_SIZE = 0x10;
+ [public] struct winbind_header {
+ uint32 length;
+ [charset(DOS),value("WBPT")] uint8 magic[4];
+ [value(WINBIND_HEADER_VERSION)] winbind_header_version version;
+ uint16 opnum;
+ winbind_header_flags flags;
+ };
+
+ /*
+ * Just tell me winbindd is running
+ */
+ winbind_status winbind_ping();
+
+ /*
+ * - Get the interface version
+ * - Find the location of the privileged pipe
+ */
+ winbind_status winbind_interface_details(/*TODO*/);
+
+ /*
+ * Get users and groups
+ */
+ winbind_status winbind_getpwnam(/*TODO*/);
+ winbind_status winbind_getpwuid(/*TODO*/);
+
+ winbind_status winbind_getgrnam(/*TODO*/);
+ winbind_status winbind_getgrgid(/*TODO*/);
+
+ winbind_status winbind_getgroups(/*TODO*/);
+
+ /*
+ * Enumerate users and groups
+ */
+ winbind_status winbind_setpwent(/*TODO*/);
+ winbind_status winbind_endpwent(/*TODO*/);
+ winbind_status winbind_getpwent(/*TODO*/);
+
+ winbind_status winbind_setgrent(/*TODO*/);
+ winbind_status winbind_endgrent(/*TODO*/);
+ winbind_status winbind_getgrent(/*TODO*/);
+
+ /*
+ * PAM authenticate and password change
+ */
+ winbind_status winbind_pam_auth(/*TODO*/);
+ winbind_status winbind_pam_auth_crap(/*TODO*/);
+ winbind_status winbind_pam_chauthtok(/*TODO*/);
+ winbind_status winbind_pam_logoff(/*TODO*/);
+ winbind_status winbind_pam_chng_paswd_auth_crap(/*TODO*/);
+
+ /*
+ * List various things
+ */
+
+ /* List w/o rid->id mapping */
+ winbind_status winbind_list_users(/*TODO*/);
+
+ /* List w/o rid->id mapping */
+ winbind_status winbind_list_groups(/*TODO*/);
+
+ winbind_status winbind_list_trustdom(/*TODO*/);
+
+ /*
+ * Lookup functions
+ */
+
+ winbind_status winbind_lookup_sid(/*TODO*/);
+ winbind_status winbind_lookup_name(/*TODO*/);
+ winbind_status winbind_lookup_rids(/*TODO*/);
+
+ /*
+ * SID conversion
+ */
+
+ winbind_status winbind_sid_to_uid(/*TODO*/);
+ winbind_status winbind_sid_to_gid(/*TODO*/);
+ winbind_status winbind_uid_to_sid(/*TODO*/);
+ winbind_status winbind_gid_to_sid(/*TODO*/);
+
+ winbind_status winbind_allocate_uid(/*TODO*/);
+ winbind_status winbind_allocate_gid(/*TODO*/);
+ winbind_status winbind_set_mapping(/*TODO*/);
+ winbind_status winbind_set_hwm(/*TODO*/);
+
+ /*
+ * Miscellaneous other stuff
+ */
+
+ /* Check machine account pw works */
+ winbind_status winbind_check_machcc(/*TODO*/);
+ /* Various bit of info. Currently just tidbits */
+ winbind_status winbind_info_fixname(/*TODO*/);
+ /* The domain this winbind server is a member of (lp_workgroup()) */
+ winbind_status winbind_domain_name(/*TODO*/);
+
+ /* Most of what we know from struct winbind_domain */
+ winbind_status winbind_get_domain_info(/*TODO*/);
+
+ /* Issue a GetDCName or DsGetDCName Request */
+ winbind_status winbind_get_dc_info(/*TODO*/);
+
+ /* display sequence numbers of domains */
+ winbind_status winbind_show_sequence(/*TODO*/);
+
+ /*
+ * WINS commands
+ */
+
+ winbind_status winbind_wins_byip(/*TODO*/);
+ winbind_status winbind_wins_byname(/*TODO*/);
+
+ /* this is like GETGRENT but gives an empty group list */
+ winbind_status winbind_getgrlist(/*TODO*/);
+
+ /* The netbios name of the server */
+ winbind_status winbind_netbios_name(/*TODO*/);
+
+
+ /* return a list of group sids for a user sid */
+ winbind_status winbind_getusersids(/*TODO*/);
+
+ /* Various group queries */
+ winbind_status winbind_getuserdomgroups(/*TODO*/);
+
+ /*
+ * Blocking calls that are not allowed on the main winbind pipe, only
+ * between parent and children
+ */
+ winbind_status winbind_dual_sid2gid(/*TODO*/);
+ winbind_status winbind_dual_sid2uid(/*TODO*/);
+ winbind_status winbind_dual_uid2sid(/*TODO*/);
+ winbind_status winbind_dual_gid2sid(/*TODO*/);
+ winbind_status winbind_dual_set_mapping(/*TODO*/);
+ winbind_status winbind_dual_set_hwm(/*TODO*/);
+
+ /*
+ * Wrapper around possibly blocking unix nss calls
+ */
+
+ winbind_status winbind_dual_userinfo(/*TODO*/);
+ winbind_status winbind_dual_getsidaliases(/*TODO*/);
+
+ /*
+ * Complete the challenge phase of the NTLM authentication
+ * protocol using cached password.
+ */
+ winbind_status winbind_ccache_ntlmauth(/*TODO*/);
+}