2 Unix SMB/CIFS implementation.
3 SMB parameters and setup
4 Copyright (C) Andrew Tridgell 1992-1997
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
6 Copyright (C) Paul Ashton 1997
7 Copyright (C) Jean François Micouleau 2002
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #ifndef _RPC_NETLOGON_H /* _RPC_NETLOGON_H */
25 #define _RPC_NETLOGON_H
29 #define NET_SAMLOGON 0x02
30 #define NET_SAMLOGOFF 0x03
31 #define NET_REQCHAL 0x04
33 #define NET_SRVPWSET 0x06
34 #define NET_SAM_DELTAS 0x07
35 #define NET_LOGON_CTRL 0x0c
36 #define NET_AUTH2 0x0f
37 #define NET_LOGON_CTRL2 0x0e
38 #define NET_SAM_SYNC 0x10
39 #define NET_TRUST_DOM_LIST 0x13
40 #define NET_AUTH3 0x1a
42 /* Secure Channel types. used in NetrServerAuthenticate negotiation */
43 #define SEC_CHAN_WKSTA 2
44 #define SEC_CHAN_DOMAIN 4
45 #define SEC_CHAN_BDC 6
47 /* Returned delta types */
48 #define SAM_DELTA_DOMAIN_INFO 0x01 /* Domain */
49 #define SAM_DELTA_GROUP_INFO 0x02 /* Domain groups */
50 #define SAM_DELTA_ACCOUNT_INFO 0x05 /* Users */
51 #define SAM_DELTA_GROUP_MEM 0x08 /* Group membership */
52 #define SAM_DELTA_ALIAS_INFO 0x09 /* Local groups */
53 #define SAM_DELTA_ALIAS_MEM 0x0C /* Local group membership */
54 #define SAM_DELTA_DOM_INFO 0x0D /* Privilege stuff */
55 #define SAM_DELTA_UNK0E_INFO 0x0e /* Privilege stuff */
56 #define SAM_DELTA_PRIVS_INFO 0x10 /* Privilege stuff */
57 #define SAM_DELTA_UNK12_INFO 0x12 /* Privilege stuff */
58 #define SAM_DELTA_SAM_STAMP 0x16 /* Some kind of journal record? */
60 /* SAM database types */
61 #define SAM_DATABASE_DOMAIN 0x00 /* Domain users and groups */
62 #define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and g/* SAM database types */
63 #define SAM_DATABASE_DOMAIN 0x00 /* Domain users and groups */
64 #define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and groups */
65 #define SAM_DATABASE_PRIVS 0x02 /* Privileges */
68 /* I think this is correct - it's what gets parsed on the wire. JRA. */
70 typedef struct net_user_info_2
74 NTTIME logon_time; /* logon time */
75 NTTIME logoff_time; /* logoff time */
76 NTTIME kickoff_time; /* kickoff time */
77 NTTIME pass_last_set_time; /* password last set time */
78 NTTIME pass_can_change_time; /* password can change time */
79 NTTIME pass_must_change_time; /* password must change time */
81 UNIHDR hdr_user_name; /* username unicode string header */
82 UNIHDR hdr_full_name; /* user's full name unicode string header */
83 UNIHDR hdr_logon_script; /* logon script unicode string header */
84 UNIHDR hdr_profile_path; /* profile path unicode string header */
85 UNIHDR hdr_home_dir; /* home directory unicode string header */
86 UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
88 uint16 logon_count; /* logon count */
89 uint16 bad_pw_count; /* bad password count */
91 uint32 user_id; /* User ID */
92 uint32 group_id; /* Group ID */
93 uint32 num_groups; /* num groups */
94 uint32 buffer_groups; /* undocumented buffer pointer to groups. */
95 uint32 user_flgs; /* user flags */
97 uint8 user_sess_key[16]; /* unused user session key */
99 UNIHDR hdr_logon_srv; /* logon server unicode string header */
100 UNIHDR hdr_logon_dom; /* logon domain unicode string header */
102 uint32 buffer_dom_id; /* undocumented logon domain id pointer */
103 uint8 padding[40]; /* unused padding bytes. expansion room */
105 UNISTR2 uni_user_name; /* username unicode string */
106 UNISTR2 uni_full_name; /* user's full name unicode string */
107 UNISTR2 uni_logon_script; /* logon script unicode string */
108 UNISTR2 uni_profile_path; /* profile path unicode string */
109 UNISTR2 uni_home_dir; /* home directory unicode string */
110 UNISTR2 uni_dir_drive; /* home directory drive unicode string */
112 uint32 num_groups2; /* num groups */
113 DOM_GID *gids; /* group info */
115 UNISTR2 uni_logon_srv; /* logon server unicode string */
116 UNISTR2 uni_logon_dom; /* logon domain unicode string */
118 DOM_SID2 dom_sid; /* domain SID */
120 uint32 num_other_groups; /* other groups */
121 DOM_GID *other_gids; /* group info */
122 DOM_SID2 *other_sids; /* undocumented - domain SIDs */
127 /* NET_USER_INFO_3 */
128 typedef struct net_user_info_3
130 uint32 ptr_user_info;
132 NTTIME logon_time; /* logon time */
133 NTTIME logoff_time; /* logoff time */
134 NTTIME kickoff_time; /* kickoff time */
135 NTTIME pass_last_set_time; /* password last set time */
136 NTTIME pass_can_change_time; /* password can change time */
137 NTTIME pass_must_change_time; /* password must change time */
139 UNIHDR hdr_user_name; /* username unicode string header */
140 UNIHDR hdr_full_name; /* user's full name unicode string header */
141 UNIHDR hdr_logon_script; /* logon script unicode string header */
142 UNIHDR hdr_profile_path; /* profile path unicode string header */
143 UNIHDR hdr_home_dir; /* home directory unicode string header */
144 UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
146 uint16 logon_count; /* logon count */
147 uint16 bad_pw_count; /* bad password count */
149 uint32 user_rid; /* User RID */
150 uint32 group_rid; /* Group RID */
152 uint32 num_groups; /* num groups */
153 uint32 buffer_groups; /* undocumented buffer pointer to groups. */
154 uint32 user_flgs; /* user flags */
156 uint8 user_sess_key[16]; /* unused user session key */
158 UNIHDR hdr_logon_srv; /* logon server unicode string header */
159 UNIHDR hdr_logon_dom; /* logon domain unicode string header */
161 uint32 buffer_dom_id; /* undocumented logon domain id pointer */
162 uint8 padding[40]; /* unused padding bytes. expansion room */
164 uint32 num_other_sids; /* 0 - num_sids */
165 uint32 buffer_other_sids; /* NULL - undocumented pointer to SIDs. */
167 UNISTR2 uni_user_name; /* username unicode string */
168 UNISTR2 uni_full_name; /* user's full name unicode string */
169 UNISTR2 uni_logon_script; /* logon script unicode string */
170 UNISTR2 uni_profile_path; /* profile path unicode string */
171 UNISTR2 uni_home_dir; /* home directory unicode string */
172 UNISTR2 uni_dir_drive; /* home directory drive unicode string */
174 uint32 num_groups2; /* num groups */
175 DOM_GID *gids; /* group info */
177 UNISTR2 uni_logon_srv; /* logon server unicode string */
178 UNISTR2 uni_logon_dom; /* logon domain unicode string */
180 DOM_SID2 dom_sid; /* domain SID */
182 uint32 num_other_groups; /* other groups */
183 DOM_GID *other_gids; /* group info */
184 DOM_SID2 *other_sids; /* undocumented - domain SIDs */
189 /* NETLOGON_INFO_1 - pdc status info, i presume */
190 typedef struct netlogon_1_info
192 uint32 flags; /* 0x0 - undocumented */
193 uint32 pdc_status; /* 0x0 - undocumented */
197 /* NETLOGON_INFO_2 - pdc status info, plus trusted domain info */
198 typedef struct netlogon_2_info
200 uint32 flags; /* 0x0 - undocumented */
201 uint32 pdc_status; /* 0x0 - undocumented */
202 uint32 ptr_trusted_dc_name; /* pointer to trusted domain controller name */
203 uint32 tc_status; /* 0x051f - ERROR_NO_LOGON_SERVERS */
204 UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */
208 /* NETLOGON_INFO_3 - logon status info, i presume */
209 typedef struct netlogon_3_info
211 uint32 flags; /* 0x0 - undocumented */
212 uint32 logon_attempts; /* number of logon attempts */
213 uint32 reserved_1; /* 0x0 - undocumented */
214 uint32 reserved_2; /* 0x0 - undocumented */
215 uint32 reserved_3; /* 0x0 - undocumented */
216 uint32 reserved_4; /* 0x0 - undocumented */
217 uint32 reserved_5; /* 0x0 - undocumented */
221 /********************************************************
224 This is generated by a nltest /bdc_query:DOMAIN
226 query_level 0x1, function_code 0x1
228 ********************************************************/
230 /* NET_Q_LOGON_CTRL - LSA Netr Logon Control */
232 typedef struct net_q_logon_ctrl_info
235 UNISTR2 uni_server_name;
236 uint32 function_code;
240 /* NET_R_LOGON_CTRL - LSA Netr Logon Control */
242 typedef struct net_r_logon_ctrl_info
248 NETLOGON_INFO_1 info1;
254 /********************************************************
257 query_level 0x1 - pdc status
258 query_level 0x3 - number of logon attempts.
260 ********************************************************/
262 /* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2 */
263 typedef struct net_q_logon_ctrl2_info
265 uint32 ptr; /* undocumented buffer pointer */
266 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
268 uint32 function_code; /* 0x1 */
269 uint32 query_level; /* 0x1, 0x3 */
270 uint32 switch_value; /* 0x1 */
274 /*******************************************************
275 Logon Control Response
277 switch_value is same as query_level in request
278 *******************************************************/
280 /* NET_R_LOGON_CTRL2 - response to LSA Logon Control2 */
281 typedef struct net_r_logon_ctrl2_info
283 uint32 switch_value; /* 0x1, 0x3 */
288 NETLOGON_INFO_1 info1;
289 NETLOGON_INFO_2 info2;
290 NETLOGON_INFO_3 info3;
294 NTSTATUS status; /* return code */
298 /* NET_Q_TRUST_DOM_LIST - LSA Query Trusted Domains */
299 typedef struct net_q_trust_dom_info
301 uint32 ptr; /* undocumented buffer pointer */
302 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
304 } NET_Q_TRUST_DOM_LIST;
306 #define MAX_TRUST_DOMS 1
308 /* NET_R_TRUST_DOM_LIST - response to LSA Trusted Domains */
309 typedef struct net_r_trust_dom_info
311 UNISTR2 uni_trust_dom_name[MAX_TRUST_DOMS];
313 NTSTATUS status; /* return code */
315 } NET_R_TRUST_DOM_LIST;
319 typedef struct neg_flags_info
321 uint32 neg_flags; /* negotiated flags */
327 typedef struct net_q_req_chal_info
329 uint32 undoc_buffer; /* undocumented buffer pointer */
330 UNISTR2 uni_logon_srv; /* logon server unicode string */
331 UNISTR2 uni_logon_clnt; /* logon client unicode string */
332 DOM_CHAL clnt_chal; /* client challenge */
338 typedef struct net_r_req_chal_info
340 DOM_CHAL srv_chal; /* server challenge */
341 NTSTATUS status; /* return code */
345 typedef struct net_q_auth_info
347 DOM_LOG_INFO clnt_id; /* client identification info */
348 DOM_CHAL clnt_chal; /* client-calculated credentials */
352 typedef struct net_r_auth_info
354 DOM_CHAL srv_chal; /* server-calculated credentials */
355 NTSTATUS status; /* return code */
359 typedef struct net_q_auth2_info
361 DOM_LOG_INFO clnt_id; /* client identification info */
362 DOM_CHAL clnt_chal; /* client-calculated credentials */
364 NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
370 typedef struct net_r_auth2_info
372 DOM_CHAL srv_chal; /* server-calculated credentials */
373 NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
374 NTSTATUS status; /* return code */
378 typedef struct net_q_auth3_info
380 DOM_LOG_INFO clnt_id; /* client identification info */
381 DOM_CHAL clnt_chal; /* client-calculated credentials */
382 NEG_FLAGS clnt_flgs; /* usually 0x6007 ffff */
386 typedef struct net_r_auth3_info
388 DOM_CHAL srv_chal; /* server-calculated credentials */
389 NEG_FLAGS srv_flgs; /* usually 0x6007 ffff */
390 uint32 unknown; /* 0x0000045b */
391 NTSTATUS status; /* return code */
395 /* NET_Q_SRV_PWSET */
396 typedef struct net_q_srv_pwset_info
398 DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
399 uint8 pwd[16]; /* new password - undocumented. */
403 /* NET_R_SRV_PWSET */
404 typedef struct net_r_srv_pwset_info
406 DOM_CRED srv_cred; /* server-calculated credentials */
408 NTSTATUS status; /* return code */
413 typedef struct net_network_info_2
415 uint32 ptr_id_info2; /* pointer to id_info_2 */
416 UNIHDR hdr_domain_name; /* domain name unicode header */
417 uint32 param_ctrl; /* param control (0x2) */
418 DOM_LOGON_ID logon_id; /* logon ID */
419 UNIHDR hdr_user_name; /* user name unicode header */
420 UNIHDR hdr_wksta_name; /* workstation name unicode header */
421 uint8 lm_chal[8]; /* lan manager 8 byte challenge */
422 STRHDR hdr_nt_chal_resp; /* nt challenge response */
423 STRHDR hdr_lm_chal_resp; /* lm challenge response */
425 UNISTR2 uni_domain_name; /* domain name unicode string */
426 UNISTR2 uni_user_name; /* user name unicode string */
427 UNISTR2 uni_wksta_name; /* workgroup name unicode string */
428 STRING2 nt_chal_resp; /* nt challenge response */
429 STRING2 lm_chal_resp; /* lm challenge response */
434 typedef struct id_info_1
436 uint32 ptr_id_info1; /* pointer to id_info_1 */
437 UNIHDR hdr_domain_name; /* domain name unicode header */
438 uint32 param_ctrl; /* param control */
439 DOM_LOGON_ID logon_id; /* logon ID */
440 UNIHDR hdr_user_name; /* user name unicode header */
441 UNIHDR hdr_wksta_name; /* workstation name unicode header */
442 OWF_INFO lm_owf; /* LM OWF Password */
443 OWF_INFO nt_owf; /* NT OWF Password */
444 UNISTR2 uni_domain_name; /* domain name unicode string */
445 UNISTR2 uni_user_name; /* user name unicode string */
446 UNISTR2 uni_wksta_name; /* workgroup name unicode string */
450 #define INTERACTIVE_LOGON_TYPE 1
451 #define NET_LOGON_TYPE 2
453 /* NET_ID_INFO_CTR */
454 typedef struct net_id_info_ctr_info
460 NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
461 NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
467 /* SAM_INFO - sam logon/off id structure */
468 typedef struct sam_info
470 DOM_CLNT_INFO2 client;
471 uint32 ptr_rtn_cred; /* pointer to return credentials */
472 DOM_CRED rtn_cred; /* return credentials */
474 NET_ID_INFO_CTR *ctr;
478 /* NET_Q_SAM_LOGON */
479 typedef struct net_q_sam_logon_info
482 uint16 validation_level;
486 /* NET_R_SAM_LOGON */
487 typedef struct net_r_sam_logon_info
489 uint32 buffer_creds; /* undocumented buffer pointer */
490 DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
492 uint16 switch_value; /* 3 - indicates type of USER INFO */
493 NET_USER_INFO_3 *user;
495 uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
497 NTSTATUS status; /* return code */
502 /* NET_Q_SAM_LOGOFF */
503 typedef struct net_q_sam_logoff_info
509 /* NET_R_SAM_LOGOFF */
510 typedef struct net_r_sam_logoff_info
512 uint32 buffer_creds; /* undocumented buffer pointer */
513 DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
515 NTSTATUS status; /* return code */
520 typedef struct net_q_sam_sync_info
522 UNISTR2 uni_srv_name; /* \\PDC */
523 UNISTR2 uni_cli_name; /* BDC */
528 uint32 restart_state;
531 uint32 max_size; /* preferred maximum length */
536 typedef struct sam_delta_hdr_info
538 uint16 type; /* type of structure attached */
547 /* SAM_DOMAIN_INFO (0x1) */
548 typedef struct sam_domain_info_info
553 UINT64_S force_logoff;
555 uint16 pwd_history_len;
556 UINT64_S max_pwd_age;
557 UINT64_S min_pwd_age;
558 UINT64_S dom_mod_count;
559 NTTIME creation_time;
561 BUFHDR2 hdr_sec_desc; /* security descriptor */
565 UNISTR2 uni_dom_name;
566 UNISTR2 buf_oem_info; /* never seen */
568 BUFFER4 buf_sec_desc;
573 /* SAM_GROUP_INFO (0x2) */
574 typedef struct sam_group_info_info
579 BUFHDR2 hdr_sec_desc; /* security descriptor */
582 UNISTR2 uni_grp_name;
583 UNISTR2 uni_grp_desc;
584 BUFFER4 buf_sec_desc;
589 typedef struct sam_passwd_info
591 /* this structure probably contains password history */
592 /* this is probably a count of lm/nt pairs */
593 uint32 unk_0; /* 0x0000 0002 */
596 uint8 buf_lm_pwd[16];
599 uint8 buf_nt_pwd[16];
606 /* SAM_ACCOUNT_INFO (0x5) */
607 typedef struct sam_account_info_info
609 UNIHDR hdr_acct_name;
610 UNIHDR hdr_full_name;
616 UNIHDR hdr_dir_drive;
617 UNIHDR hdr_logon_script;
618 UNIHDR hdr_acct_desc;
619 UNIHDR hdr_workstations;
624 uint32 logon_divs; /* 0xA8 */
625 uint32 ptr_logon_hrs;
627 uint16 bad_pwd_count;
629 NTTIME pwd_last_set_time;
630 NTTIME acct_expiry_time;
635 uint8 nt_pwd_present;
636 uint8 lm_pwd_present;
640 UNIHDR hdr_parameters;
644 BUFHDR2 hdr_sec_desc; /* security descriptor */
647 UNIHDR hdr_reserved[3]; /* space for more strings */
648 uint32 dw_reserved[4]; /* space for more data - first two seem to
651 UNISTR2 uni_acct_name;
652 UNISTR2 uni_full_name;
653 UNISTR2 uni_home_dir;
654 UNISTR2 uni_dir_drive;
655 UNISTR2 uni_logon_script;
656 UNISTR2 uni_acct_desc;
657 UNISTR2 uni_workstations;
659 uint32 unknown1; /* 0x4EC */
660 uint32 unknown2; /* 0 */
662 BUFFER4 buf_logon_hrs;
664 UNISTR2 uni_parameters;
666 BUFFER4 buf_sec_desc;
671 /* SAM_GROUP_MEM_INFO (0x8) */
672 typedef struct sam_group_mem_info_info
685 } SAM_GROUP_MEM_INFO;
687 /* SAM_ALIAS_INFO (0x9) */
688 typedef struct sam_alias_info_info
692 BUFHDR2 hdr_sec_desc; /* security descriptor */
696 UNISTR2 uni_als_name;
697 BUFFER4 buf_sec_desc;
698 UNISTR2 uni_als_desc;
702 /* SAM_ALIAS_MEM_INFO (0xC) */
703 typedef struct sam_alias_mem_info_info
713 } SAM_ALIAS_MEM_INFO;
716 /* SAM_DELTA_DOM (0x0D) */
719 uint32 unknown1; /* 0x5000 */
720 uint32 unknown2; /* 0 */
721 uint32 unknown3; /* 0 */
722 uint32 unknown4; /* 0 */
730 uint32 unknown4b; /* 0x02000000 */
731 uint32 unknown5; /* 0x00100000 */
732 uint32 unknown6; /* 0x00010000 */
733 uint32 unknown7; /* 0x0f000000 */
734 uint32 unknown8; /* 0 */
735 uint32 unknown9; /* 0 */
736 uint32 unknown10; /* 0 */
737 uint32 unknown11; /* 0x3c*/
738 uint32 unknown12; /* 0*/
740 uint32 unknown13; /* a7080110 */
741 uint32 unknown14; /* 01bfb0dd */
742 uint32 unknown15; /* 0f */
743 uint32 unknown16; /* 68 */
744 uint32 unknown17; /* 00169000 */
747 uint32 unknown18; /* 0 times count4 */
749 uint32 unknown19; /* 8 */
751 uint32 unknown20; /* 0x04 times count1 */
760 /* SAM_DELTA_UNK0E (0x0e) */
780 /* SAM_DELTA_PRIVS (0x10) */
788 uint32 reserved1; /* 0x0 */
805 uint32 unknown10; /* 48 bytes 0x0*/
807 uint32 attribute_count;
810 uint32 privlist_count;
811 UNIHDR *hdr_privslist;
812 UNISTR2 *uni_privslist;
817 /* SAM_DELTA_UNK12 (0x12) */
836 uint32 unknow2; /* 0x0 12 times */
839 uint32 reserved1; /* 0 */
844 uint32 reserved2; /* 0 */
853 /* SAM_DELTA_STAMP (0x16) */
857 uint32 dom_mod_count_ptr;
858 UINT64_S dom_mod_count; /* domain mod count at last sync */
861 typedef union sam_delta_ctr_info
863 SAM_DOMAIN_INFO domain_info ;
864 SAM_GROUP_INFO group_info ;
865 SAM_ACCOUNT_INFO account_info;
866 SAM_GROUP_MEM_INFO grp_mem_info;
867 SAM_ALIAS_INFO alias_info ;
868 SAM_ALIAS_MEM_INFO als_mem_info;
869 SAM_DELTA_DOM dom_info;
870 SAM_DELTA_PRIVS privs_info;
871 SAM_DELTA_STAMP stamp;
872 SAM_DELTA_UNK0E unk0e_info;
873 SAM_DELTA_UNK12 unk12_info;
877 typedef struct net_r_sam_sync_info
888 SAM_DELTA_HDR *hdr_deltas;
889 SAM_DELTA_CTR *deltas;
894 /* NET_Q_SAM_DELTAS */
895 typedef struct net_q_sam_deltas_info
897 UNISTR2 uni_srv_name;
898 UNISTR2 uni_cli_name;
903 UINT64_S dom_mod_count; /* domain mod count at last sync */
905 uint32 max_size; /* preferred maximum length */
909 /* NET_R_SAM_DELTAS */
910 typedef struct net_r_sam_deltas_info
914 UINT64_S dom_mod_count; /* new domain mod count */
920 SAM_DELTA_HDR *hdr_deltas;
921 SAM_DELTA_CTR *deltas;
926 #endif /* _RPC_NETLOGON_H */