source/include/rpc_netlogon.h

   1 /*
   2    Unix SMB/CIFS implementation.
   3    SMB parameters and setup
   4    Copyright (C) Andrew Tridgell 1992-1997
   5    Copyright (C) Luke Kenneth Casson Leighton 1996-1997
   6    Copyright (C) Paul Ashton 1997
   7    Copyright (C) Jean François Micouleau 2002
   8
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 2 of the License, or
  12    (at your option) any later version.
  13
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18
  19    You should have received a copy of the GNU General Public License
  20    along with this program; if not, write to the Free Software
  21    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  22 */
  23
  24 #ifndef _RPC_NETLOGON_H /* _RPC_NETLOGON_H */
  25 #define _RPC_NETLOGON_H
  26
  27
  28 /* NETLOGON pipe */
  29 #define NET_SAMLOGON            0x02
  30 #define NET_SAMLOGOFF           0x03
  31 #define NET_REQCHAL             0x04
  32 #define NET_AUTH                0x05
  33 #define NET_SRVPWSET            0x06
  34 #define NET_SAM_DELTAS          0x07
  35 #define NET_LOGON_CTRL          0x0c
  36 #define NET_GETDCNAME           0x0d
  37 #define NET_AUTH2               0x0f
  38 #define NET_LOGON_CTRL2         0x0e
  39 #define NET_SAM_SYNC            0x10
  40 #define NET_TRUST_DOM_LIST      0x13
  41 #define NET_AUTH3               0x1a
  42
  43 /* Secure Channel types.  used in NetrServerAuthenticate negotiation */
  44 #define SEC_CHAN_WKSTA   2
  45 #define SEC_CHAN_DOMAIN  4
  46 #define SEC_CHAN_BDC     6
  47
  48 /* Returned delta types */
  49 #define SAM_DELTA_DOMAIN_INFO    0x01
  50 #define SAM_DELTA_GROUP_INFO     0x02
  51 #define SAM_DELTA_RENAME_GROUP   0x04
  52 #define SAM_DELTA_ACCOUNT_INFO   0x05
  53 #define SAM_DELTA_RENAME_USER    0x07
  54 #define SAM_DELTA_GROUP_MEM      0x08
  55 #define SAM_DELTA_ALIAS_INFO     0x09
  56 #define SAM_DELTA_RENAME_ALIAS   0x0b
  57 #define SAM_DELTA_ALIAS_MEM      0x0c
  58 #define SAM_DELTA_POLICY_INFO    0x0d
  59 #define SAM_DELTA_TRUST_DOMS     0x0e
  60 #define SAM_DELTA_PRIVS_INFO     0x10 /* DT_DELTA_ACCOUNTS */
  61 #define SAM_DELTA_SECRET_INFO    0x12
  62 #define SAM_DELTA_DELETE_GROUP   0x14
  63 #define SAM_DELTA_DELETE_USER    0x15
  64 #define SAM_DELTA_MODIFIED_COUNT 0x16
  65
  66 /* SAM database types */
  67 #define SAM_DATABASE_DOMAIN    0x00 /* Domain users and groups */
  68 #define SAM_DATABASE_BUILTIN   0x01 /* BUILTIN users and groups */
  69 #define SAM_DATABASE_PRIVS     0x02 /* Privileges */
  70
  71 /* flags use when sending a NETLOGON_CONTROL request */
  72
  73 #define NETLOGON_CONTROL_SYNC                   0x2
  74 #define NETLOGON_CONTROL_REDISCOVER             0x5
  75 #define NETLOGON_CONTROL_TC_QUERY               0x6
  76 #define NETLOGON_CONTROL_TRANSPORT_NOTIFY       0x7
  77 #define NETLOGON_CONTROL_SET_DBFLAG             0xfffe
  78
  79 /* Some flag values reverse engineered from NLTEST.EXE */
  80 /* used in the NETLOGON_CONTROL[2] reply */
  81
  82 #define NL_CTRL_IN_SYNC          0x0000
  83 #define NL_CTRL_REPL_NEEDED      0x0001
  84 #define NL_CTRL_REPL_IN_PROGRESS 0x0002
  85 #define NL_CTRL_FULL_SYNC        0x0004
  86
  87 #if 0
  88 /* I think this is correct - it's what gets parsed on the wire. JRA. */
  89 /* NET_USER_INFO_2 */
  90 typedef struct net_user_info_2
  91 {
  92         uint32 ptr_user_info;
  93
  94         NTTIME logon_time;            /* logon time */
  95         NTTIME logoff_time;           /* logoff time */
  96         NTTIME kickoff_time;          /* kickoff time */
  97         NTTIME pass_last_set_time;    /* password last set time */
  98         NTTIME pass_can_change_time;  /* password can change time */
  99         NTTIME pass_must_change_time; /* password must change time */
 100
 101         UNIHDR hdr_user_name;    /* username unicode string header */
 102         UNIHDR hdr_full_name;    /* user's full name unicode string header */
 103         UNIHDR hdr_logon_script; /* logon script unicode string header */
 104         UNIHDR hdr_profile_path; /* profile path unicode string header */
 105         UNIHDR hdr_home_dir;     /* home directory unicode string header */
 106         UNIHDR hdr_dir_drive;    /* home directory drive unicode string header */
 107
 108         uint16 logon_count;  /* logon count */
 109         uint16 bad_pw_count; /* bad password count */
 110
 111         uint32 user_id;       /* User ID */
 112         uint32 group_id;      /* Group ID */
 113         uint32 num_groups;    /* num groups */
 114         uint32 buffer_groups; /* undocumented buffer pointer to groups. */
 115         uint32 user_flgs;     /* user flags */
 116
 117         uint8 user_sess_key[16]; /* unused user session key */
 118
 119         UNIHDR hdr_logon_srv; /* logon server unicode string header */
 120         UNIHDR hdr_logon_dom; /* logon domain unicode string header */
 121
 122         uint32 buffer_dom_id; /* undocumented logon domain id pointer */
 123         uint8 padding[40];    /* unused padding bytes.  expansion room */
 124
 125         UNISTR2 uni_user_name;    /* username unicode string */
 126         UNISTR2 uni_full_name;    /* user's full name unicode string */
 127         UNISTR2 uni_logon_script; /* logon script unicode string */
 128         UNISTR2 uni_profile_path; /* profile path unicode string */
 129         UNISTR2 uni_home_dir;     /* home directory unicode string */
 130         UNISTR2 uni_dir_drive;    /* home directory drive unicode string */
 131
 132         uint32 num_groups2;        /* num groups */
 133         DOM_GID *gids; /* group info */
 134
 135         UNISTR2 uni_logon_srv; /* logon server unicode string */
 136         UNISTR2 uni_logon_dom; /* logon domain unicode string */
 137
 138         DOM_SID2 dom_sid;           /* domain SID */
 139
 140         uint32 num_other_groups;        /* other groups */
 141         DOM_GID *other_gids; /* group info */
 142         DOM_SID2 *other_sids; /* undocumented - domain SIDs */
 143
 144 } NET_USER_INFO_2;
 145 #endif
 146
 147 /* NET_USER_INFO_3 */
 148 typedef struct net_user_info_3
 149 {
 150         uint32 ptr_user_info;
 151
 152         NTTIME logon_time;            /* logon time */
 153         NTTIME logoff_time;           /* logoff time */
 154         NTTIME kickoff_time;          /* kickoff time */
 155         NTTIME pass_last_set_time;    /* password last set time */
 156         NTTIME pass_can_change_time;  /* password can change time */
 157         NTTIME pass_must_change_time; /* password must change time */
 158
 159         UNIHDR hdr_user_name;    /* username unicode string header */
 160         UNIHDR hdr_full_name;    /* user's full name unicode string header */
 161         UNIHDR hdr_logon_script; /* logon script unicode string header */
 162         UNIHDR hdr_profile_path; /* profile path unicode string header */
 163         UNIHDR hdr_home_dir;     /* home directory unicode string header */
 164         UNIHDR hdr_dir_drive;    /* home directory drive unicode string header */
 165
 166         uint16 logon_count;  /* logon count */
 167         uint16 bad_pw_count; /* bad password count */
 168
 169         uint32 user_rid;       /* User RID */
 170         uint32 group_rid;      /* Group RID */
 171
 172         uint32 num_groups;    /* num groups */
 173         uint32 buffer_groups; /* undocumented buffer pointer to groups. */
 174         uint32 user_flgs;     /* user flags */
 175
 176         uint8 user_sess_key[16]; /* user session key */
 177
 178         UNIHDR hdr_logon_srv; /* logon server unicode string header */
 179         UNIHDR hdr_logon_dom; /* logon domain unicode string header */
 180
 181         uint32 buffer_dom_id; /* undocumented logon domain id pointer */
 182         uint8 lm_sess_key[8];   /* lm session key */
 183         uint32 acct_flags;      /* account flags */
 184         uint32 unknown[7];      /* unknown */
 185
 186         uint32 num_other_sids; /* number of foreign/trusted domain sids */
 187         uint32 buffer_other_sids;
 188
 189         UNISTR2 uni_user_name;    /* username unicode string */
 190         UNISTR2 uni_full_name;    /* user's full name unicode string */
 191         UNISTR2 uni_logon_script; /* logon script unicode string */
 192         UNISTR2 uni_profile_path; /* profile path unicode string */
 193         UNISTR2 uni_home_dir;     /* home directory unicode string */
 194         UNISTR2 uni_dir_drive;    /* home directory drive unicode string */
 195
 196         uint32 num_groups2;        /* num groups */
 197         DOM_GID *gids; /* group info */
 198
 199         UNISTR2 uni_logon_srv; /* logon server unicode string */
 200         UNISTR2 uni_logon_dom; /* logon domain unicode string */
 201
 202         DOM_SID2 dom_sid;           /* domain SID */
 203
 204         DOM_SID2 *other_sids; /* foreign/trusted domain SIDs */
 205         uint32 *other_sids_attrib;
 206
 207 } NET_USER_INFO_3;
 208
 209
 210 /* NETLOGON_INFO_1 - pdc status info, i presume */
 211 typedef struct netlogon_1_info
 212 {
 213         uint32 flags;            /* 0x0 - undocumented */
 214         uint32 pdc_status;       /* 0x0 - undocumented */
 215
 216 } NETLOGON_INFO_1;
 217
 218 /* NETLOGON_INFO_2 - pdc status info, plus trusted domain info */
 219 typedef struct netlogon_2_info
 220 {
 221         uint32  flags;            /* 0x0 - undocumented */
 222         uint32  pdc_status;       /* 0x0 - undocumented */
 223         uint32  ptr_trusted_dc_name; /* pointer to trusted domain controller name */
 224         uint32  tc_status;
 225         UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */
 226
 227 } NETLOGON_INFO_2;
 228
 229 /* NETLOGON_INFO_3 - logon status info, i presume */
 230 typedef struct netlogon_3_info
 231 {
 232         uint32 flags;            /* 0x0 - undocumented */
 233         uint32 logon_attempts;   /* number of logon attempts */
 234         uint32 reserved_1;       /* 0x0 - undocumented */
 235         uint32 reserved_2;       /* 0x0 - undocumented */
 236         uint32 reserved_3;       /* 0x0 - undocumented */
 237         uint32 reserved_4;       /* 0x0 - undocumented */
 238         uint32 reserved_5;       /* 0x0 - undocumented */
 239
 240 } NETLOGON_INFO_3;
 241
 242 /********************************************************
 243  Logon Control Query
 244
 245  This is generated by a nltest /bdc_query:DOMAIN
 246
 247  query_level 0x1, function_code 0x1
 248
 249  ********************************************************/
 250
 251 /* NET_Q_LOGON_CTRL - LSA Netr Logon Control */
 252
 253 typedef struct net_q_logon_ctrl_info
 254 {
 255         uint32 ptr;
 256         UNISTR2 uni_server_name;
 257         uint32 function_code;
 258         uint32 query_level;
 259 } NET_Q_LOGON_CTRL;
 260
 261 /* NET_R_LOGON_CTRL - LSA Netr Logon Control */
 262
 263 typedef struct net_r_logon_ctrl_info
 264 {
 265         uint32 switch_value;
 266         uint32 ptr;
 267
 268         union {
 269                 NETLOGON_INFO_1 info1;
 270         } logon;
 271
 272         NTSTATUS status;
 273 } NET_R_LOGON_CTRL;
 274
 275
 276 typedef struct ctrl_data_info_5
 277 {
 278         uint32          function_code;
 279
 280         uint32          ptr_domain;
 281         UNISTR2         domain;
 282
 283 } CTRL_DATA_INFO_5;
 284
 285 typedef struct ctrl_data_info_6
 286 {
 287         uint32          function_code;
 288
 289         uint32          ptr_domain;
 290         UNISTR2         domain;
 291
 292 } CTRL_DATA_INFO_6;
 293
 294
 295 /********************************************************
 296  Logon Control2 Query
 297
 298  query_level 0x1 - pdc status
 299  query_level 0x3 - number of logon attempts.
 300
 301  ********************************************************/
 302
 303 /* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2 */
 304 typedef struct net_q_logon_ctrl2_info
 305 {
 306         uint32          ptr;             /* undocumented buffer pointer */
 307         UNISTR2         uni_server_name; /* server name, starting with two '\'s */
 308
 309         uint32          function_code;
 310         uint32          query_level;
 311         union {
 312                 CTRL_DATA_INFO_5 info5;
 313                 CTRL_DATA_INFO_6 info6;
 314         } info;
 315
 316 } NET_Q_LOGON_CTRL2;
 317
 318 /*******************************************************
 319  Logon Control Response
 320
 321  switch_value is same as query_level in request
 322  *******************************************************/
 323
 324 /* NET_R_LOGON_CTRL2 - response to LSA Logon Control2 */
 325 typedef struct net_r_logon_ctrl2_info
 326 {
 327         uint32       switch_value;  /* 0x1, 0x3 */
 328         uint32       ptr;
 329
 330         union
 331         {
 332                 NETLOGON_INFO_1 info1;
 333                 NETLOGON_INFO_2 info2;
 334                 NETLOGON_INFO_3 info3;
 335
 336         } logon;
 337
 338         NTSTATUS status; /* return code */
 339
 340 } NET_R_LOGON_CTRL2;
 341
 342 /* NET_Q_GETDCNAME - Ask a DC for a trusted DC name */
 343
 344 typedef struct net_q_getdcname
 345 {
 346         uint32  ptr_logon_server;
 347         UNISTR2 uni_logon_server;
 348         uint32  ptr_domainname;
 349         UNISTR2 uni_domainname;
 350 } NET_Q_GETDCNAME;
 351
 352 /* NET_R_GETDCNAME - Ask a DC for a trusted DC name */
 353
 354 typedef struct net_r_getdcname
 355 {
 356         uint32  ptr_dcname;
 357         UNISTR2 uni_dcname;
 358         NTSTATUS status;
 359 } NET_R_GETDCNAME;
 360
 361 /* NET_Q_TRUST_DOM_LIST - LSA Query Trusted Domains */
 362 typedef struct net_q_trust_dom_info
 363 {
 364         uint32       ptr;             /* undocumented buffer pointer */
 365         UNISTR2      uni_server_name; /* server name, starting with two '\'s */
 366
 367 } NET_Q_TRUST_DOM_LIST;
 368
 369 #define MAX_TRUST_DOMS 1
 370
 371 /* NET_R_TRUST_DOM_LIST - response to LSA Trusted Domains */
 372 typedef struct net_r_trust_dom_info
 373 {
 374         UNISTR2 uni_trust_dom_name[MAX_TRUST_DOMS];
 375
 376         NTSTATUS status; /* return code */
 377
 378 } NET_R_TRUST_DOM_LIST;
 379
 380
 381 /* NEG_FLAGS */
 382 typedef struct neg_flags_info
 383 {
 384     uint32 neg_flags; /* negotiated flags */
 385
 386 } NEG_FLAGS;
 387
 388
 389 /* NET_Q_REQ_CHAL */
 390 typedef struct net_q_req_chal_info
 391 {
 392     uint32  undoc_buffer; /* undocumented buffer pointer */
 393     UNISTR2 uni_logon_srv; /* logon server unicode string */
 394     UNISTR2 uni_logon_clnt; /* logon client unicode string */
 395     DOM_CHAL clnt_chal; /* client challenge */
 396
 397 } NET_Q_REQ_CHAL;
 398
 399
 400 /* NET_R_REQ_CHAL */
 401 typedef struct net_r_req_chal_info
 402 {
 403         DOM_CHAL srv_chal; /* server challenge */
 404         NTSTATUS status; /* return code */
 405 } NET_R_REQ_CHAL;
 406
 407 /* NET_Q_AUTH */
 408 typedef struct net_q_auth_info
 409 {
 410         DOM_LOG_INFO clnt_id; /* client identification info */
 411         DOM_CHAL clnt_chal;     /* client-calculated credentials */
 412 } NET_Q_AUTH;
 413
 414 /* NET_R_AUTH */
 415 typedef struct net_r_auth_info
 416 {
 417         DOM_CHAL srv_chal;     /* server-calculated credentials */
 418         NTSTATUS status; /* return code */
 419 } NET_R_AUTH;
 420
 421 /* NET_Q_AUTH_2 */
 422 typedef struct net_q_auth2_info
 423 {
 424     DOM_LOG_INFO clnt_id; /* client identification info */
 425     DOM_CHAL clnt_chal;     /* client-calculated credentials */
 426
 427     NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
 428
 429 } NET_Q_AUTH_2;
 430
 431
 432 /* NET_R_AUTH_2 */
 433 typedef struct net_r_auth2_info
 434 {
 435         DOM_CHAL srv_chal;     /* server-calculated credentials */
 436         NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
 437         NTSTATUS status; /* return code */
 438 } NET_R_AUTH_2;
 439
 440 /* NET_Q_AUTH_3 */
 441 typedef struct net_q_auth3_info
 442 {
 443     DOM_LOG_INFO clnt_id;       /* client identification info */
 444     DOM_CHAL clnt_chal;         /* client-calculated credentials */
 445     NEG_FLAGS clnt_flgs;        /* usually 0x6007 ffff */
 446 } NET_Q_AUTH_3;
 447
 448 /* NET_R_AUTH_3 */
 449 typedef struct net_r_auth3_info
 450 {
 451         DOM_CHAL srv_chal;      /* server-calculated credentials */
 452         NEG_FLAGS srv_flgs;     /* usually 0x6007 ffff */
 453         uint32 unknown;         /* 0x0000045b */
 454         NTSTATUS status;        /* return code */
 455 } NET_R_AUTH_3;
 456
 457
 458 /* NET_Q_SRV_PWSET */
 459 typedef struct net_q_srv_pwset_info
 460 {
 461     DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
 462     uint8 pwd[16]; /* new password - undocumented. */
 463
 464 } NET_Q_SRV_PWSET;
 465
 466 /* NET_R_SRV_PWSET */
 467 typedef struct net_r_srv_pwset_info
 468 {
 469     DOM_CRED srv_cred;     /* server-calculated credentials */
 470
 471   NTSTATUS status; /* return code */
 472
 473 } NET_R_SRV_PWSET;
 474
 475 /* NET_ID_INFO_2 */
 476 typedef struct net_network_info_2
 477 {
 478         uint32            ptr_id_info2;        /* pointer to id_info_2 */
 479         UNIHDR            hdr_domain_name;     /* domain name unicode header */
 480         uint32            param_ctrl;          /* param control (0x2) */
 481         DOM_LOGON_ID      logon_id;            /* logon ID */
 482         UNIHDR            hdr_user_name;       /* user name unicode header */
 483         UNIHDR            hdr_wksta_name;      /* workstation name unicode header */
 484         uint8             lm_chal[8];          /* lan manager 8 byte challenge */
 485         STRHDR            hdr_nt_chal_resp;    /* nt challenge response */
 486         STRHDR            hdr_lm_chal_resp;    /* lm challenge response */
 487
 488         UNISTR2           uni_domain_name;     /* domain name unicode string */
 489         UNISTR2           uni_user_name;       /* user name unicode string */
 490         UNISTR2           uni_wksta_name;      /* workgroup name unicode string */
 491         STRING2           nt_chal_resp;        /* nt challenge response */
 492         STRING2           lm_chal_resp;        /* lm challenge response */
 493
 494 } NET_ID_INFO_2;
 495
 496 /* NET_ID_INFO_1 */
 497 typedef struct id_info_1
 498 {
 499         uint32            ptr_id_info1;        /* pointer to id_info_1 */
 500         UNIHDR            hdr_domain_name;     /* domain name unicode header */
 501         uint32            param_ctrl;          /* param control */
 502         DOM_LOGON_ID      logon_id;            /* logon ID */
 503         UNIHDR            hdr_user_name;       /* user name unicode header */
 504         UNIHDR            hdr_wksta_name;      /* workstation name unicode header */
 505         OWF_INFO          lm_owf;              /* LM OWF Password */
 506         OWF_INFO          nt_owf;              /* NT OWF Password */
 507         UNISTR2           uni_domain_name;     /* domain name unicode string */
 508         UNISTR2           uni_user_name;       /* user name unicode string */
 509         UNISTR2           uni_wksta_name;      /* workgroup name unicode string */
 510
 511 } NET_ID_INFO_1;
 512
 513 #define INTERACTIVE_LOGON_TYPE 1
 514 #define NET_LOGON_TYPE 2
 515
 516 /* NET_ID_INFO_CTR */
 517 typedef struct net_id_info_ctr_info
 518 {
 519   uint16         switch_value;
 520
 521   union
 522   {
 523     NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
 524     NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
 525
 526   } auth;
 527
 528 } NET_ID_INFO_CTR;
 529
 530 /* SAM_INFO - sam logon/off id structure */
 531 typedef struct sam_info
 532 {
 533   DOM_CLNT_INFO2  client;
 534   uint32          ptr_rtn_cred; /* pointer to return credentials */
 535   DOM_CRED        rtn_cred; /* return credentials */
 536   uint16          logon_level;
 537   NET_ID_INFO_CTR *ctr;
 538
 539 } DOM_SAM_INFO;
 540
 541 /* NET_Q_SAM_LOGON */
 542 typedef struct net_q_sam_logon_info
 543 {
 544     DOM_SAM_INFO sam_id;
 545         uint16          validation_level;
 546
 547 } NET_Q_SAM_LOGON;
 548
 549 /* NET_R_SAM_LOGON */
 550 typedef struct net_r_sam_logon_info
 551 {
 552     uint32 buffer_creds; /* undocumented buffer pointer */
 553     DOM_CRED srv_creds; /* server credentials.  server time stamp appears to be ignored. */
 554
 555         uint16 switch_value; /* 3 - indicates type of USER INFO */
 556     NET_USER_INFO_3 *user;
 557
 558     uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
 559
 560   NTSTATUS status; /* return code */
 561
 562 } NET_R_SAM_LOGON;
 563
 564
 565 /* NET_Q_SAM_LOGOFF */
 566 typedef struct net_q_sam_logoff_info
 567 {
 568     DOM_SAM_INFO sam_id;
 569
 570 } NET_Q_SAM_LOGOFF;
 571
 572 /* NET_R_SAM_LOGOFF */
 573 typedef struct net_r_sam_logoff_info
 574 {
 575     uint32 buffer_creds; /* undocumented buffer pointer */
 576     DOM_CRED srv_creds; /* server credentials.  server time stamp appears to be ignored. */
 577
 578   NTSTATUS status; /* return code */
 579
 580 } NET_R_SAM_LOGOFF;
 581
 582 /* NET_Q_SAM_SYNC */
 583 typedef struct net_q_sam_sync_info
 584 {
 585         UNISTR2 uni_srv_name; /* \\PDC */
 586         UNISTR2 uni_cli_name; /* BDC */
 587         DOM_CRED cli_creds;
 588         DOM_CRED ret_creds;
 589
 590         uint32 database_id;
 591         uint32 restart_state;
 592         uint32 sync_context;
 593
 594         uint32 max_size;       /* preferred maximum length */
 595
 596 } NET_Q_SAM_SYNC;
 597
 598 /* SAM_DELTA_HDR */
 599 typedef struct sam_delta_hdr_info
 600 {
 601         uint16 type;  /* type of structure attached */
 602         uint16 type2;
 603         uint32 target_rid;
 604
 605         uint32 type3;
 606         uint32 ptr_delta;
 607
 608 } SAM_DELTA_HDR;
 609
 610 /* LOCKOUT_STRING */
 611 typedef struct account_lockout_string {
 612         uint32 array_size;
 613         uint32 offset;
 614         uint32 length;
 615 /*      uint16 *bindata;        */
 616         UINT64_S lockout_duration;
 617         UINT64_S reset_count;
 618         uint32 bad_attempt_lockout;
 619         uint32 dummy;
 620
 621 } LOCKOUT_STRING;
 622
 623 /* HDR_LOCKOUT_STRING */
 624 typedef struct hdr_account_lockout_string {
 625         uint16 size;
 626         uint16 length;
 627         uint32 buffer;
 628
 629 } HDR_LOCKOUT_STRING;
 630
 631 /* SAM_DOMAIN_INFO (0x1) */
 632 typedef struct sam_domain_info_info
 633 {
 634         UNIHDR hdr_dom_name;
 635         UNIHDR hdr_oem_info;
 636
 637         UINT64_S force_logoff;
 638         uint16   min_pwd_len;
 639         uint16   pwd_history_len;
 640         UINT64_S max_pwd_age;
 641         UINT64_S min_pwd_age;
 642         UINT64_S dom_mod_count;
 643         NTTIME   creation_time;
 644         uint32   security_information;
 645
 646         BUFHDR4 hdr_sec_desc; /* security descriptor */
 647
 648         HDR_LOCKOUT_STRING hdr_account_lockout;
 649
 650         UNIHDR hdr_unknown2;
 651         UNIHDR hdr_unknown3;
 652         UNIHDR hdr_unknown4;
 653
 654         UNISTR2 uni_dom_name;
 655         UNISTR2 buf_oem_info;
 656
 657         RPC_DATA_BLOB buf_sec_desc;
 658
 659         LOCKOUT_STRING account_lockout;
 660
 661         UNISTR2 buf_unknown2;
 662         UNISTR2 buf_unknown3;
 663         UNISTR2 buf_unknown4;
 664
 665         uint32 logon_chgpass;
 666         uint32 unknown6;
 667         uint32 unknown7;
 668         uint32 unknown8;
 669
 670
 671 } SAM_DOMAIN_INFO;
 672
 673 /* SAM_GROUP_INFO (0x2) */
 674 typedef struct sam_group_info_info
 675 {
 676         UNIHDR hdr_grp_name;
 677         DOM_GID gid;
 678         UNIHDR hdr_grp_desc;
 679         BUFHDR2 hdr_sec_desc;  /* security descriptor */
 680         uint8 reserved[48];
 681
 682         UNISTR2 uni_grp_name;
 683         UNISTR2 uni_grp_desc;
 684         RPC_DATA_BLOB buf_sec_desc;
 685
 686 } SAM_GROUP_INFO;
 687
 688 /* SAM_PWD */
 689 typedef struct sam_passwd_info
 690 {
 691         /* this structure probably contains password history */
 692         /* this is probably a count of lm/nt pairs */
 693         uint32 unk_0; /* 0x0000 0002 */
 694
 695         UNIHDR hdr_lm_pwd;
 696         uint8  buf_lm_pwd[16];
 697
 698         UNIHDR hdr_nt_pwd;
 699         uint8  buf_nt_pwd[16];
 700
 701         UNIHDR hdr_empty_lm;
 702         UNIHDR hdr_empty_nt;
 703
 704 } SAM_PWD;
 705
 706 /* SAM_ACCOUNT_INFO (0x5) */
 707 typedef struct sam_account_info_info
 708 {
 709         UNIHDR hdr_acct_name;
 710         UNIHDR hdr_full_name;
 711
 712         uint32 user_rid;
 713         uint32 group_rid;
 714
 715         UNIHDR hdr_home_dir;
 716         UNIHDR hdr_dir_drive;
 717         UNIHDR hdr_logon_script;
 718         UNIHDR hdr_acct_desc;
 719         UNIHDR hdr_workstations;
 720
 721         NTTIME logon_time;
 722         NTTIME logoff_time;
 723
 724         uint32 logon_divs; /* 0xA8 */
 725         uint32 ptr_logon_hrs;
 726
 727         uint16 bad_pwd_count;
 728         uint16 logon_count;
 729         NTTIME pwd_last_set_time;
 730         NTTIME acct_expiry_time;
 731
 732         uint32 acb_info;
 733         uint8 nt_pwd[16];
 734         uint8 lm_pwd[16];
 735         uint8 nt_pwd_present;
 736         uint8 lm_pwd_present;
 737         uint8 pwd_expired;
 738
 739         UNIHDR hdr_comment;
 740         UNIHDR hdr_parameters;
 741         uint16 country;
 742         uint16 codepage;
 743
 744         BUFHDR2 hdr_sec_desc;  /* security descriptor */
 745
 746         UNIHDR  hdr_profile;
 747         UNIHDR  hdr_reserved[3];  /* space for more strings */
 748         uint32  dw_reserved[4];   /* space for more data - first two seem to
 749                                      be an NTTIME */
 750
 751         UNISTR2 uni_acct_name;
 752         UNISTR2 uni_full_name;
 753         UNISTR2 uni_home_dir;
 754         UNISTR2 uni_dir_drive;
 755         UNISTR2 uni_logon_script;
 756         UNISTR2 uni_acct_desc;
 757         UNISTR2 uni_workstations;
 758
 759         uint32 unknown1; /* 0x4EC */
 760         uint32 unknown2; /* 0 */
 761
 762         RPC_DATA_BLOB buf_logon_hrs;
 763         UNISTR2 uni_comment;
 764         UNISTR2 uni_parameters;
 765         SAM_PWD pass;
 766         RPC_DATA_BLOB buf_sec_desc;
 767         UNISTR2 uni_profile;
 768
 769 } SAM_ACCOUNT_INFO;
 770
 771 /* SAM_GROUP_MEM_INFO (0x8) */
 772 typedef struct sam_group_mem_info_info
 773 {
 774         uint32 ptr_rids;
 775         uint32 ptr_attribs;
 776         uint32 num_members;
 777         uint8 unknown[16];
 778
 779         uint32 num_members2;
 780         uint32 *rids;
 781
 782         uint32 num_members3;
 783         uint32 *attribs;
 784
 785 } SAM_GROUP_MEM_INFO;
 786
 787 /* SAM_ALIAS_INFO (0x9) */
 788 typedef struct sam_alias_info_info
 789 {
 790         UNIHDR hdr_als_name;
 791         uint32 als_rid;
 792         BUFHDR2 hdr_sec_desc;  /* security descriptor */
 793         UNIHDR hdr_als_desc;
 794         uint8 reserved[40];
 795
 796         UNISTR2 uni_als_name;
 797         RPC_DATA_BLOB buf_sec_desc;
 798         UNISTR2 uni_als_desc;
 799
 800 } SAM_ALIAS_INFO;
 801
 802 /* SAM_ALIAS_MEM_INFO (0xC) */
 803 typedef struct sam_alias_mem_info_info
 804 {
 805         uint32 num_members;
 806         uint32 ptr_members;
 807         uint8 unknown[16];
 808
 809         uint32 num_sids;
 810         uint32 *ptr_sids;
 811         DOM_SID2 *sids;
 812
 813 } SAM_ALIAS_MEM_INFO;
 814
 815
 816 /* SAM_DELTA_POLICY (0x0D) */
 817 typedef struct
 818 {
 819         uint32   max_log_size; /* 0x5000 */
 820         UINT64_S audit_retention_period; /* 0 */
 821         uint32   auditing_mode; /* 0 */
 822         uint32   num_events;
 823         uint32   ptr_events;
 824         UNIHDR   hdr_dom_name;
 825         uint32   sid_ptr;
 826
 827         uint32   paged_pool_limit; /* 0x02000000 */
 828         uint32   non_paged_pool_limit; /* 0x00100000 */
 829         uint32   min_workset_size; /* 0x00010000 */
 830         uint32   max_workset_size; /* 0x0f000000 */
 831         uint32   page_file_limit; /* 0 */
 832         UINT64_S time_limit; /* 0 */
 833         NTTIME   modify_time; /* 0x3c*/
 834         NTTIME   create_time; /* a7080110 */
 835         BUFHDR2  hdr_sec_desc;
 836
 837         uint32   num_event_audit_options;
 838         uint32   event_audit_option;
 839
 840         UNISTR2  domain_name;
 841         DOM_SID2 domain_sid;
 842
 843         RPC_DATA_BLOB  buf_sec_desc;
 844 } SAM_DELTA_POLICY;
 845
 846 /* SAM_DELTA_TRUST_DOMS */
 847 typedef struct
 848 {
 849         uint32 buf_size;
 850         SEC_DESC *sec_desc;
 851         DOM_SID2 sid;
 852         UNIHDR hdr_domain;
 853
 854         uint32 unknown0;
 855         uint32 unknown1;
 856         uint32 unknown2;
 857
 858         uint32 buf_size2;
 859         uint32 ptr;
 860
 861         uint32 unknown3;
 862         UNISTR2 domain;
 863
 864 } SAM_DELTA_TRUSTDOMS;
 865
 866 /* SAM_DELTA_PRIVS (0x10) */
 867 typedef struct
 868 {
 869         DOM_SID2 sid;
 870
 871         uint32 priv_count;
 872         uint32 priv_control;
 873
 874         uint32 priv_attr_ptr;
 875         uint32 priv_name_ptr;
 876
 877         uint32   paged_pool_limit; /* 0x02000000 */
 878         uint32   non_paged_pool_limit; /* 0x00100000 */
 879         uint32   min_workset_size; /* 0x00010000 */
 880         uint32   max_workset_size; /* 0x0f000000 */
 881         uint32   page_file_limit; /* 0 */
 882         UINT64_S time_limit; /* 0 */
 883         uint32   system_flags; /* 1 */
 884         BUFHDR2  hdr_sec_desc;
 885
 886         uint32 buf_size2;
 887
 888         uint32 attribute_count;
 889         uint32 *attributes;
 890
 891         uint32 privlist_count;
 892         UNIHDR *hdr_privslist;
 893         UNISTR2 *uni_privslist;
 894
 895         RPC_DATA_BLOB buf_sec_desc;
 896 } SAM_DELTA_PRIVS;
 897
 898 /* SAM_DELTA_SECRET */
 899 typedef struct
 900 {
 901         uint32 buf_size;
 902         SEC_DESC *sec_desc;
 903         UNISTR2 secret;
 904
 905         uint32 count1;
 906         uint32 count2;
 907         uint32 ptr;
 908         NTTIME time1;
 909         uint32 count3;
 910         uint32 count4;
 911         uint32 ptr2;
 912         NTTIME time2;
 913         uint32 unknow1;
 914
 915         uint32 buf_size2;
 916         uint32 ptr3;
 917         uint32 unknow2; /* 0x0 12 times */
 918
 919         uint32 chal_len;
 920         uint32 reserved1; /* 0 */
 921         uint32 chal_len2;
 922         uint8 chal[16];
 923
 924         uint32 key_len;
 925         uint32 reserved2; /* 0 */
 926         uint32 key_len2;
 927         uint8 key[8];
 928
 929         uint32 buf_size3;
 930         SEC_DESC *sec_desc2;
 931
 932 } SAM_DELTA_SECRET;
 933
 934 /* SAM_DELTA_MOD_COUNT (0x16) */
 935 typedef struct
 936 {
 937         uint32 seqnum;
 938         uint32 dom_mod_count_ptr;
 939         UINT64_S dom_mod_count;  /* domain mod count at last sync */
 940 } SAM_DELTA_MOD_COUNT;
 941
 942 typedef union sam_delta_ctr_info
 943 {
 944         SAM_DOMAIN_INFO    domain_info ;
 945         SAM_GROUP_INFO     group_info  ;
 946         SAM_ACCOUNT_INFO   account_info;
 947         SAM_GROUP_MEM_INFO grp_mem_info;
 948         SAM_ALIAS_INFO     alias_info  ;
 949         SAM_ALIAS_MEM_INFO als_mem_info;
 950         SAM_DELTA_POLICY   policy_info;
 951         SAM_DELTA_PRIVS    privs_info;
 952         SAM_DELTA_MOD_COUNT mod_count;
 953         SAM_DELTA_TRUSTDOMS trustdoms_info;
 954         SAM_DELTA_SECRET   secret_info;
 955 } SAM_DELTA_CTR;
 956
 957 /* NET_R_SAM_SYNC */
 958 typedef struct net_r_sam_sync_info
 959 {
 960         DOM_CRED srv_creds;
 961
 962         uint32 sync_context;
 963
 964         uint32 ptr_deltas;
 965         uint32 num_deltas;
 966         uint32 ptr_deltas2;
 967         uint32 num_deltas2;
 968
 969         SAM_DELTA_HDR *hdr_deltas;
 970         SAM_DELTA_CTR *deltas;
 971
 972         NTSTATUS status;
 973 } NET_R_SAM_SYNC;
 974
 975 /* NET_Q_SAM_DELTAS */
 976 typedef struct net_q_sam_deltas_info
 977 {
 978         UNISTR2 uni_srv_name;
 979         UNISTR2 uni_cli_name;
 980         DOM_CRED cli_creds;
 981         DOM_CRED ret_creds;
 982
 983         uint32 database_id;
 984         UINT64_S dom_mod_count;  /* domain mod count at last sync */
 985
 986         uint32 max_size;       /* preferred maximum length */
 987
 988 } NET_Q_SAM_DELTAS;
 989
 990 /* NET_R_SAM_DELTAS */
 991 typedef struct net_r_sam_deltas_info
 992 {
 993         DOM_CRED srv_creds;
 994
 995         UINT64_S dom_mod_count;   /* new domain mod count */
 996
 997         uint32 ptr_deltas;
 998         uint32 num_deltas;
 999         uint32 num_deltas2;
1000
1001         SAM_DELTA_HDR *hdr_deltas;
1002         SAM_DELTA_CTR *deltas;
1003
1004         NTSTATUS status;
1005 } NET_R_SAM_DELTAS;
1006
1007 #endif /* _RPC_NETLOGON_H */