source/include/rpc_netlogon.h

   1 /*
   2    Unix SMB/Netbios implementation.
   3    Version 1.9.
   4    SMB parameters and setup
   5    Copyright (C) Andrew Tridgell 1992-1997
   6    Copyright (C) Luke Kenneth Casson Leighton 1996-1997
   7    Copyright (C) Paul Ashton 1997
   8
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 2 of the License, or
  12    (at your option) any later version.
  13
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18
  19    You should have received a copy of the GNU General Public License
  20    along with this program; if not, write to the Free Software
  21    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  22 */
  23
  24 #ifndef _RPC_NETLOGON_H /* _RPC_NETLOGON_H */
  25 #define _RPC_NETLOGON_H
  26
  27
  28 /* NETLOGON pipe */
  29 #define NET_REQCHAL            0x04
  30 #define NET_SRVPWSET           0x06
  31 #define NET_SAMLOGON           0x02
  32 #define NET_SAMLOGOFF          0x03
  33 #define NET_AUTH2              0x0f
  34 #define NET_LOGON_CTRL2        0x0e
  35 #define NET_TRUST_DOM_LIST     0x13
  36
  37 #define NET_SAM_SYNC           0x10
  38 #define NET_SAM_DELTAS         0x07
  39
  40 /* Secure Channel types.  used in NetrServerAuthenticate negotiation */
  41 #define SEC_CHAN_WKSTA   2
  42 #define SEC_CHAN_DOMAIN  4
  43 #define SEC_CHAN_BDC     6
  44
  45
  46 /* NET_USER_INFO_3 */
  47 typedef struct net_user_info_3
  48 {
  49         uint32 ptr_user_info;
  50
  51         NTTIME logon_time;            /* logon time */
  52         NTTIME logoff_time;           /* logoff time */
  53         NTTIME kickoff_time;          /* kickoff time */
  54         NTTIME pass_last_set_time;    /* password last set time */
  55         NTTIME pass_can_change_time;  /* password can change time */
  56         NTTIME pass_must_change_time; /* password must change time */
  57
  58         UNIHDR hdr_user_name;    /* username unicode string header */
  59         UNIHDR hdr_full_name;    /* user's full name unicode string header */
  60         UNIHDR hdr_logon_script; /* logon script unicode string header */
  61         UNIHDR hdr_profile_path; /* profile path unicode string header */
  62         UNIHDR hdr_home_dir;     /* home directory unicode string header */
  63         UNIHDR hdr_dir_drive;    /* home directory drive unicode string header */
  64
  65         uint16 logon_count;  /* logon count */
  66         uint16 bad_pw_count; /* bad password count */
  67
  68         uint32 user_id;       /* User ID */
  69         uint32 group_id;      /* Group ID */
  70         uint32 num_groups;    /* num groups */
  71         uint32 buffer_groups; /* undocumented buffer pointer to groups. */
  72         uint32 user_flgs;     /* user flags */
  73
  74         uint8 user_sess_key[16]; /* unused user session key */
  75
  76         UNIHDR hdr_logon_srv; /* logon server unicode string header */
  77         UNIHDR hdr_logon_dom; /* logon domain unicode string header */
  78
  79         uint32 buffer_dom_id; /* undocumented logon domain id pointer */
  80         uint8 padding[40];    /* unused padding bytes.  expansion room */
  81
  82         uint32 num_other_sids; /* 0 - num_sids */
  83         uint32 buffer_other_sids; /* NULL - undocumented pointer to SIDs. */
  84
  85         UNISTR2 uni_user_name;    /* username unicode string */
  86         UNISTR2 uni_full_name;    /* user's full name unicode string */
  87         UNISTR2 uni_logon_script; /* logon script unicode string */
  88         UNISTR2 uni_profile_path; /* profile path unicode string */
  89         UNISTR2 uni_home_dir;     /* home directory unicode string */
  90         UNISTR2 uni_dir_drive;    /* home directory drive unicode string */
  91
  92         uint32 num_groups2;        /* num groups */
  93         DOM_GID gids[LSA_MAX_GROUPS]; /* group info */
  94
  95         UNISTR2 uni_logon_srv; /* logon server unicode string */
  96         UNISTR2 uni_logon_dom; /* logon domain unicode string */
  97
  98         DOM_SID2 dom_sid;           /* domain SID */
  99         DOM_SID2 other_sids[LSA_MAX_SIDS]; /* undocumented - domain SIDs */
 100
 101 } NET_USER_INFO_3;
 102
 103
 104 /********************************************************
 105  Logon Control Query
 106
 107  query_level 0x1 - pdc status
 108  query_level 0x3 - number of logon attempts.
 109
 110  ********************************************************/
 111 /* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2*/
 112 typedef struct net_q_logon_ctrl2_info
 113 {
 114         uint32       ptr;             /* undocumented buffer pointer */
 115         UNISTR2      uni_server_name; /* server name, starting with two '\'s */
 116
 117         uint32       function_code; /* 0x1 */
 118         uint32       query_level;   /* 0x1, 0x3 */
 119         uint32       switch_value;  /* 0x1 */
 120
 121 } NET_Q_LOGON_CTRL2;
 122
 123 /* NETLOGON_INFO_1 - pdc status info, i presume */
 124 typedef struct netlogon_1_info
 125 {
 126         uint32 flags;            /* 0x0 - undocumented */
 127         uint32 pdc_status;       /* 0x0 - undocumented */
 128
 129 } NETLOGON_INFO_1;
 130
 131 /* NETLOGON_INFO_2 - pdc status info, plus trusted domain info */
 132 typedef struct netlogon_2_info
 133 {
 134         uint32  flags;            /* 0x0 - undocumented */
 135         uint32  pdc_status;       /* 0x0 - undocumented */
 136         uint32  ptr_trusted_dc_name; /* pointer to trusted domain controller name */
 137         uint32  tc_status;           /* 0x051f - ERROR_NO_LOGON_SERVERS */
 138         UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */
 139
 140 } NETLOGON_INFO_2;
 141
 142 /* NETLOGON_INFO_3 - logon status info, i presume */
 143 typedef struct netlogon_3_info
 144 {
 145         uint32 flags;            /* 0x0 - undocumented */
 146         uint32 logon_attempts;   /* number of logon attempts */
 147         uint32 reserved_1;       /* 0x0 - undocumented */
 148         uint32 reserved_2;       /* 0x0 - undocumented */
 149         uint32 reserved_3;       /* 0x0 - undocumented */
 150         uint32 reserved_4;       /* 0x0 - undocumented */
 151         uint32 reserved_5;       /* 0x0 - undocumented */
 152
 153 } NETLOGON_INFO_3;
 154
 155 /*******************************************************
 156  Logon Control Response
 157
 158  switch_value is same as query_level in request
 159  *******************************************************/
 160
 161 /* NET_R_LOGON_CTRL2 - response to LSA Logon Control2 */
 162 typedef struct net_r_logon_ctrl2_info
 163 {
 164         uint32       switch_value;  /* 0x1, 0x3 */
 165         uint32       ptr;
 166
 167         union
 168         {
 169                 NETLOGON_INFO_1 info1;
 170                 NETLOGON_INFO_2 info2;
 171                 NETLOGON_INFO_3 info3;
 172
 173         } logon;
 174
 175         uint32 status; /* return code */
 176
 177 } NET_R_LOGON_CTRL2;
 178
 179 /* NET_Q_TRUST_DOM_LIST - LSA Query Trusted Domains */
 180 typedef struct net_q_trust_dom_info
 181 {
 182         uint32       ptr;             /* undocumented buffer pointer */
 183         UNISTR2      uni_server_name; /* server name, starting with two '\'s */
 184
 185         uint32       function_code; /* 0x31 */
 186
 187 } NET_Q_TRUST_DOM_LIST;
 188
 189 #define MAX_TRUST_DOMS 1
 190
 191 /* NET_R_TRUST_DOM_LIST - response to LSA Trusted Domains */
 192 typedef struct net_r_trust_dom_info
 193 {
 194         UNISTR2 uni_trust_dom_name[MAX_TRUST_DOMS];
 195
 196         uint32 status; /* return code */
 197
 198 } NET_R_TRUST_DOM_LIST;
 199
 200
 201 /* NEG_FLAGS */
 202 typedef struct neg_flags_info
 203 {
 204     uint32 neg_flags; /* negotiated flags */
 205
 206 } NEG_FLAGS;
 207
 208
 209 /* NET_Q_REQ_CHAL */
 210 typedef struct net_q_req_chal_info
 211 {
 212     uint32  undoc_buffer; /* undocumented buffer pointer */
 213     UNISTR2 uni_logon_srv; /* logon server unicode string */
 214     UNISTR2 uni_logon_clnt; /* logon client unicode string */
 215     DOM_CHAL clnt_chal; /* client challenge */
 216
 217 } NET_Q_REQ_CHAL;
 218
 219
 220 /* NET_R_REQ_CHAL */
 221 typedef struct net_r_req_chal_info
 222 {
 223     DOM_CHAL srv_chal; /* server challenge */
 224
 225   uint32 status; /* return code */
 226
 227 } NET_R_REQ_CHAL;
 228
 229
 230
 231 /* NET_Q_AUTH_2 */
 232 typedef struct net_q_auth2_info
 233 {
 234     DOM_LOG_INFO clnt_id; /* client identification info */
 235     DOM_CHAL clnt_chal;     /* client-calculated credentials */
 236
 237     NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
 238
 239 } NET_Q_AUTH_2;
 240
 241
 242 /* NET_R_AUTH_2 */
 243 typedef struct net_r_auth2_info
 244 {
 245     DOM_CHAL srv_chal;     /* server-calculated credentials */
 246     NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
 247
 248   uint32 status; /* return code */
 249
 250 } NET_R_AUTH_2;
 251
 252
 253 /* NET_Q_SRV_PWSET */
 254 typedef struct net_q_srv_pwset_info
 255 {
 256     DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
 257     uint8 pwd[16]; /* new password - undocumented. */
 258
 259 } NET_Q_SRV_PWSET;
 260
 261 /* NET_R_SRV_PWSET */
 262 typedef struct net_r_srv_pwset_info
 263 {
 264     DOM_CRED srv_cred;     /* server-calculated credentials */
 265
 266   uint32 status; /* return code */
 267
 268 } NET_R_SRV_PWSET;
 269
 270 /* NET_ID_INFO_2 */
 271 typedef struct net_network_info_2
 272 {
 273         uint32            ptr_id_info2;        /* pointer to id_info_2 */
 274         UNIHDR            hdr_domain_name;     /* domain name unicode header */
 275         uint32            param_ctrl;          /* param control (0x2) */
 276         BIGINT            logon_id;            /* logon ID */
 277         UNIHDR            hdr_user_name;       /* user name unicode header */
 278         UNIHDR            hdr_wksta_name;      /* workstation name unicode header */
 279         uint8             lm_chal[8];          /* lan manager 8 byte challenge */
 280         STRHDR            hdr_nt_chal_resp;    /* nt challenge response */
 281         STRHDR            hdr_lm_chal_resp;    /* lm challenge response */
 282
 283         UNISTR2           uni_domain_name;     /* domain name unicode string */
 284         UNISTR2           uni_user_name;       /* user name unicode string */
 285         UNISTR2           uni_wksta_name;      /* workgroup name unicode string */
 286         STRING2           nt_chal_resp;        /* nt challenge response */
 287         STRING2           lm_chal_resp;        /* lm challenge response */
 288
 289 } NET_ID_INFO_2;
 290
 291 /* NET_ID_INFO_1 */
 292 typedef struct id_info_1
 293 {
 294         uint32            ptr_id_info1;        /* pointer to id_info_1 */
 295         UNIHDR            hdr_domain_name;     /* domain name unicode header */
 296         uint32            param_ctrl;          /* param control */
 297         BIGINT            logon_id;            /* logon ID */
 298         UNIHDR            hdr_user_name;       /* user name unicode header */
 299         UNIHDR            hdr_wksta_name;      /* workstation name unicode header */
 300         OWF_INFO          lm_owf;              /* LM OWF Password */
 301         OWF_INFO          nt_owf;              /* NT OWF Password */
 302         UNISTR2           uni_domain_name;     /* domain name unicode string */
 303         UNISTR2           uni_user_name;       /* user name unicode string */
 304         UNISTR2           uni_wksta_name;      /* workgroup name unicode string */
 305
 306 } NET_ID_INFO_1;
 307
 308 #define INTERACTIVE_LOGON_TYPE 1
 309 #define NET_LOGON_TYPE 2
 310
 311 /* NET_ID_INFO_CTR */
 312 typedef struct net_id_info_ctr_info
 313 {
 314   uint16         switch_value;
 315
 316   union
 317   {
 318     NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
 319     NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
 320
 321   } auth;
 322
 323 } NET_ID_INFO_CTR;
 324
 325 /* SAM_INFO - sam logon/off id structure */
 326 typedef struct sam_info
 327 {
 328   DOM_CLNT_INFO2  client;
 329   uint32          ptr_rtn_cred; /* pointer to return credentials */
 330   DOM_CRED        rtn_cred; /* return credentials */
 331   uint16          logon_level;
 332   NET_ID_INFO_CTR *ctr;
 333   uint16          validation_level;
 334
 335 } DOM_SAM_INFO;
 336
 337 /* NET_Q_SAM_LOGON */
 338 typedef struct net_q_sam_logon_info
 339 {
 340     DOM_SAM_INFO sam_id;
 341
 342 } NET_Q_SAM_LOGON;
 343
 344 /* NET_R_SAM_LOGON */
 345 typedef struct net_r_sam_logon_info
 346 {
 347     uint32 buffer_creds; /* undocumented buffer pointer */
 348     DOM_CRED srv_creds; /* server credentials.  server time stamp appears to be ignored. */
 349
 350         uint16 switch_value; /* 3 - indicates type of USER INFO */
 351     NET_USER_INFO_3 *user;
 352
 353     uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
 354
 355   uint32 status; /* return code */
 356
 357 } NET_R_SAM_LOGON;
 358
 359
 360 /* NET_Q_SAM_LOGOFF */
 361 typedef struct net_q_sam_logoff_info
 362 {
 363     DOM_SAM_INFO sam_id;
 364
 365 } NET_Q_SAM_LOGOFF;
 366
 367 /* NET_R_SAM_LOGOFF */
 368 typedef struct net_r_sam_logoff_info
 369 {
 370     uint32 buffer_creds; /* undocumented buffer pointer */
 371     DOM_CRED srv_creds; /* server credentials.  server time stamp appears to be ignored. */
 372
 373   uint32 status; /* return code */
 374
 375 } NET_R_SAM_LOGOFF;
 376
 377
 378 /* NET_Q_SAM_SYNC */
 379 typedef struct net_q_sam_sync_info
 380 {
 381         UNISTR2 uni_srv_name; /* \\PDC */
 382         UNISTR2 uni_cli_name; /* BDC */
 383         DOM_CRED cli_creds;
 384         DOM_CRED ret_creds;
 385
 386         uint32 database_id;
 387         uint32 restart_state;
 388         uint32 sync_context;
 389
 390         uint32 max_size;       /* preferred maximum length */
 391
 392 } NET_Q_SAM_SYNC;
 393
 394 #define MAX_GROUP_MEM  256
 395 #define MAX_SAM_DELTAS 256
 396
 397 /* SAM_DELTA_HDR */
 398 typedef struct sam_delta_hdr_info
 399 {
 400         uint16 type;  /* type of structure attached, see below */
 401         uint16 type2;
 402         uint32 target_rid;
 403
 404         uint32 type3;
 405         uint32 ptr_delta;
 406
 407 } SAM_DELTA_HDR;
 408
 409 /* SAM_DOMAIN_INFO (0x1) */
 410 typedef struct sam_domain_info_info
 411 {
 412         UNIHDR hdr_dom_name;
 413         UNIHDR hdr_oem_info;
 414
 415         BIGINT force_logoff;
 416         uint16 min_pwd_len;
 417         uint16 pwd_history_len;
 418         BIGINT max_pwd_age;
 419         BIGINT min_pwd_age;
 420         BIGINT dom_mod_count;
 421         NTTIME creation_time;
 422
 423         BUFHDR2 hdr_sec_desc; /* security descriptor */
 424         UNIHDR hdr_unknown;
 425         uint8 reserved[40];
 426
 427         UNISTR2 uni_dom_name;
 428         UNISTR2 buf_oem_info; /* never seen */
 429
 430         BUFFER4 buf_sec_desc;
 431         UNISTR2 buf_unknown;
 432
 433 } SAM_DOMAIN_INFO;
 434
 435 /* SAM_GROUP_INFO (0x2) */
 436 typedef struct sam_group_info_info
 437 {
 438         UNIHDR hdr_grp_name;
 439         DOM_GID gid;
 440         UNIHDR hdr_grp_desc;
 441         BUFHDR2 hdr_sec_desc;  /* security descriptor */
 442         uint8 reserved[48];
 443
 444         UNISTR2 uni_grp_name;
 445         UNISTR2 uni_grp_desc;
 446         BUFFER4 buf_sec_desc;
 447
 448 } SAM_GROUP_INFO;
 449
 450 /* SAM_PWD */
 451 typedef struct sam_passwd_info
 452 {
 453         uint32 unk_0; /* 0x0000 0002 */
 454
 455         UNIHDR hdr_lm_pwd;
 456         uint8  buf_lm_pwd[16];
 457
 458         uint32 ptr_1;
 459
 460         UNIHDR hdr_nt_pwd;
 461         uint8  buf_nt_pwd[16];
 462
 463         uint32 ptr_2;
 464         uint32 ptr_3;
 465         uint32 ptr_4;
 466         uint32 ptr_5;
 467
 468 } SAM_PWD;
 469
 470 /* SAM_ACCOUNT_INFO (0x5) */
 471 typedef struct sam_account_info_info
 472 {
 473         UNIHDR hdr_acct_name;
 474         UNIHDR hdr_full_name;
 475
 476         uint32 user_rid;
 477         uint32 group_rid;
 478
 479         UNIHDR hdr_home_dir;
 480         UNIHDR hdr_dir_drive;
 481         UNIHDR hdr_logon_script;
 482         UNIHDR hdr_acct_desc;
 483         UNIHDR hdr_workstations;
 484
 485         NTTIME logon_time;
 486         NTTIME logoff_time;
 487
 488         uint32 logon_divs; /* 0xA8 */
 489         uint32 ptr_logon_hrs;
 490
 491         uint16 bad_pwd_count;
 492         uint16 logon_count;
 493         NTTIME pwd_last_set_time;
 494         NTTIME acct_expiry_time;
 495
 496         uint32 acb_info;
 497         uint8 nt_pwd[16];
 498         uint8 lm_pwd[16];
 499         uint8 nt_pwd_present;
 500         uint8 lm_pwd_present;
 501         uint8 pwd_expired;
 502
 503         UNIHDR hdr_comment;
 504         UNIHDR hdr_parameters;
 505         uint16 country;
 506         uint16 codepage;
 507
 508         BUFHDR2 hdr_sec_desc;  /* security descriptor */
 509
 510         UNIHDR  hdr_profile;
 511         UNIHDR  hdr_reserved[3];  /* space for more strings */
 512         uint32  dw_reserved[4];   /* space for more data - first two seem to
 513                                      be an NTTIME */
 514
 515         UNISTR2 uni_acct_name;
 516         UNISTR2 uni_full_name;
 517         UNISTR2 uni_home_dir;
 518         UNISTR2 uni_dir_drive;
 519         UNISTR2 uni_logon_script;
 520         UNISTR2 uni_acct_desc;
 521         UNISTR2 uni_workstations;
 522
 523         uint32 unknown1; /* 0x4EC */
 524         uint32 unknown2; /* 0 */
 525
 526         BUFFER4 buf_logon_hrs;
 527         UNISTR2 uni_comment;
 528         UNISTR2 uni_parameters;
 529         SAM_PWD pass;
 530         BUFFER4 buf_sec_desc;
 531         UNISTR2 uni_profile;
 532
 533 } SAM_ACCOUNT_INFO;
 534
 535 /* SAM_GROUP_MEM_INFO (0x8) */
 536 typedef struct sam_group_mem_info_info
 537 {
 538         uint32 ptr_rids;
 539         uint32 ptr_attribs;
 540         uint32 num_members;
 541         uint8 unknown[16];
 542
 543         uint32 num_members2;
 544         uint32 rids[MAX_GROUP_MEM];
 545
 546         uint32 num_members3;
 547         uint32 attribs[MAX_GROUP_MEM];
 548
 549 } SAM_GROUP_MEM_INFO;
 550
 551 /* SAM_ALIAS_INFO (0x9) */
 552 typedef struct sam_alias_info_info
 553 {
 554         UNIHDR hdr_als_name;
 555         uint32 als_rid;
 556         BUFHDR2 hdr_sec_desc;  /* security descriptor */
 557         UNIHDR hdr_als_desc;
 558         uint8 reserved[40];
 559
 560         UNISTR2 uni_als_name;
 561         BUFFER4 buf_sec_desc;
 562         UNISTR2 uni_als_desc;
 563
 564 } SAM_ALIAS_INFO;
 565
 566 /* SAM_ALIAS_MEM_INFO (0xC) */
 567 typedef struct sam_alias_mem_info_info
 568 {
 569         uint32 num_members;
 570         uint32 ptr_members;
 571         uint8 unknown[16];
 572
 573         uint32 num_sids;
 574         uint32 ptr_sids[MAX_GROUP_MEM];
 575         DOM_SID2 sids[MAX_GROUP_MEM];
 576
 577 } SAM_ALIAS_MEM_INFO;
 578
 579 /* SAM_DELTA_CTR */
 580 typedef union sam_delta_ctr_info
 581 {
 582         SAM_DOMAIN_INFO    domain_info ;
 583         SAM_GROUP_INFO     group_info  ;
 584         SAM_ACCOUNT_INFO   account_info;
 585         SAM_GROUP_MEM_INFO grp_mem_info;
 586         SAM_ALIAS_INFO     alias_info  ;
 587         SAM_ALIAS_MEM_INFO als_mem_info;
 588
 589 } SAM_DELTA_CTR;
 590
 591 /* NET_R_SAM_SYNC */
 592 typedef struct net_r_sam_sync_info
 593 {
 594         DOM_CRED srv_creds;
 595
 596         uint32 sync_context;
 597
 598         uint32 ptr_deltas;
 599         uint32 num_deltas;
 600         uint32 ptr_deltas2;
 601         uint32 num_deltas2;
 602
 603         SAM_DELTA_HDR *hdr_deltas;
 604         SAM_DELTA_CTR *deltas;
 605
 606         uint32 status;
 607
 608 } NET_R_SAM_SYNC;
 609
 610
 611 /* NET_Q_SAM_DELTAS */
 612 typedef struct net_q_sam_deltas_info
 613 {
 614         UNISTR2 uni_srv_name;
 615         UNISTR2 uni_cli_name;
 616         DOM_CRED cli_creds;
 617         DOM_CRED ret_creds;
 618
 619         uint32 database_id;
 620         BIGINT dom_mod_count;  /* domain mod count at last sync */
 621
 622         uint32 max_size;       /* preferred maximum length */
 623
 624 } NET_Q_SAM_DELTAS;
 625
 626 /* NET_R_SAM_DELTAS */
 627 typedef struct net_r_sam_deltas_info
 628 {
 629         DOM_CRED srv_creds;
 630
 631         BIGINT dom_mod_count;   /* new domain mod count */
 632
 633         uint32 num_deltas;
 634         uint32 ptr_deltas;
 635         uint32 num_deltas2;
 636
 637         SAM_DELTA_HDR *hdr_deltas;
 638         SAM_DELTA_CTR *deltas;
 639
 640         uint32 status;
 641
 642 } NET_R_SAM_DELTAS;
 643
 644
 645 #endif /* _RPC_NETLOGON_H */
 646