2 Unix SMB/Netbios implementation.
4 SMB parameters and setup
5 Copyright (C) Andrew Tridgell 1992-1997
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
7 Copyright (C) Paul Ashton 1997
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #ifndef _RPC_NETLOGON_H /* _RPC_NETLOGON_H */
25 #define _RPC_NETLOGON_H
29 #define NET_SAMLOGON 0x02
30 #define NET_SAMLOGOFF 0x03
31 #define NET_REQCHAL 0x04
33 #define NET_SRVPWSET 0x06
34 #define NET_SAM_DELTAS 0x07
35 #define NET_LOGON_CTRL 0x0c
36 #define NET_AUTH2 0x0f
37 #define NET_LOGON_CTRL2 0x0e
38 #define NET_SAM_SYNC 0x10
39 #define NET_TRUST_DOM_LIST 0x13
41 /* Secure Channel types. used in NetrServerAuthenticate negotiation */
42 #define SEC_CHAN_WKSTA 2
43 #define SEC_CHAN_DOMAIN 4
44 #define SEC_CHAN_BDC 6
46 /* Returned delta types */
47 #define SAM_DELTA_DOMAIN_INFO 0x01 /* Domain */
48 #define SAM_DELTA_GROUP_INFO 0x02 /* Domain groups */
49 #define SAM_DELTA_ACCOUNT_INFO 0x05 /* Users */
50 #define SAM_DELTA_GROUP_MEM 0x08 /* Group membership */
51 #define SAM_DELTA_ALIAS_INFO 0x09 /* Local groups */
52 #define SAM_DELTA_ALIAS_MEM 0x0C /* Local group membership */
53 #define SAM_DELTA_UNKNOWN 0x0D /* Privilige stuff */
54 #define SAM_DELTA_UNKNOWN2 0x10 /* Privilige stuff */
55 #define SAM_DELTA_SAM_STAMP 0x16 /* Some kind of journal record? */
57 /* SAM database types */
58 #define SAM_DATABASE_DOMAIN 0x00 /* Domain users and groups */
59 #define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and groups */
60 #define SAM_DATABASE_PRIVS 0x02 /* Priviliges? */
63 /* I think this is correct - it's what gets parsed on the wire. JRA. */
65 typedef struct net_user_info_2
69 NTTIME logon_time; /* logon time */
70 NTTIME logoff_time; /* logoff time */
71 NTTIME kickoff_time; /* kickoff time */
72 NTTIME pass_last_set_time; /* password last set time */
73 NTTIME pass_can_change_time; /* password can change time */
74 NTTIME pass_must_change_time; /* password must change time */
76 UNIHDR hdr_user_name; /* username unicode string header */
77 UNIHDR hdr_full_name; /* user's full name unicode string header */
78 UNIHDR hdr_logon_script; /* logon script unicode string header */
79 UNIHDR hdr_profile_path; /* profile path unicode string header */
80 UNIHDR hdr_home_dir; /* home directory unicode string header */
81 UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
83 uint16 logon_count; /* logon count */
84 uint16 bad_pw_count; /* bad password count */
86 uint32 user_id; /* User ID */
87 uint32 group_id; /* Group ID */
88 uint32 num_groups; /* num groups */
89 uint32 buffer_groups; /* undocumented buffer pointer to groups. */
90 uint32 user_flgs; /* user flags */
92 uint8 user_sess_key[16]; /* unused user session key */
94 UNIHDR hdr_logon_srv; /* logon server unicode string header */
95 UNIHDR hdr_logon_dom; /* logon domain unicode string header */
97 uint32 buffer_dom_id; /* undocumented logon domain id pointer */
98 uint8 padding[40]; /* unused padding bytes. expansion room */
100 UNISTR2 uni_user_name; /* username unicode string */
101 UNISTR2 uni_full_name; /* user's full name unicode string */
102 UNISTR2 uni_logon_script; /* logon script unicode string */
103 UNISTR2 uni_profile_path; /* profile path unicode string */
104 UNISTR2 uni_home_dir; /* home directory unicode string */
105 UNISTR2 uni_dir_drive; /* home directory drive unicode string */
107 uint32 num_groups2; /* num groups */
108 DOM_GID *gids; /* group info */
110 UNISTR2 uni_logon_srv; /* logon server unicode string */
111 UNISTR2 uni_logon_dom; /* logon domain unicode string */
113 DOM_SID2 dom_sid; /* domain SID */
115 uint32 num_other_groups; /* other groups */
116 DOM_GID *other_gids; /* group info */
117 DOM_SID2 *other_sids; /* undocumented - domain SIDs */
122 /* NET_USER_INFO_3 */
123 typedef struct net_user_info_3
125 uint32 ptr_user_info;
127 NTTIME logon_time; /* logon time */
128 NTTIME logoff_time; /* logoff time */
129 NTTIME kickoff_time; /* kickoff time */
130 NTTIME pass_last_set_time; /* password last set time */
131 NTTIME pass_can_change_time; /* password can change time */
132 NTTIME pass_must_change_time; /* password must change time */
134 UNIHDR hdr_user_name; /* username unicode string header */
135 UNIHDR hdr_full_name; /* user's full name unicode string header */
136 UNIHDR hdr_logon_script; /* logon script unicode string header */
137 UNIHDR hdr_profile_path; /* profile path unicode string header */
138 UNIHDR hdr_home_dir; /* home directory unicode string header */
139 UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
141 uint16 logon_count; /* logon count */
142 uint16 bad_pw_count; /* bad password count */
144 uint32 user_rid; /* User ID */
145 uint32 group_rid; /* Group ID */
146 uint32 num_groups; /* num groups */
147 uint32 buffer_groups; /* undocumented buffer pointer to groups. */
148 uint32 user_flgs; /* user flags */
150 uint8 user_sess_key[16]; /* unused user session key */
152 UNIHDR hdr_logon_srv; /* logon server unicode string header */
153 UNIHDR hdr_logon_dom; /* logon domain unicode string header */
155 uint32 buffer_dom_id; /* undocumented logon domain id pointer */
156 uint8 padding[40]; /* unused padding bytes. expansion room */
158 uint32 num_other_sids; /* 0 - num_sids */
159 uint32 buffer_other_sids; /* NULL - undocumented pointer to SIDs. */
161 UNISTR2 uni_user_name; /* username unicode string */
162 UNISTR2 uni_full_name; /* user's full name unicode string */
163 UNISTR2 uni_logon_script; /* logon script unicode string */
164 UNISTR2 uni_profile_path; /* profile path unicode string */
165 UNISTR2 uni_home_dir; /* home directory unicode string */
166 UNISTR2 uni_dir_drive; /* home directory drive unicode string */
168 uint32 num_groups2; /* num groups */
169 DOM_GID *gids; /* group info */
171 UNISTR2 uni_logon_srv; /* logon server unicode string */
172 UNISTR2 uni_logon_dom; /* logon domain unicode string */
174 DOM_SID2 dom_sid; /* domain SID */
176 uint32 num_other_groups; /* other groups */
177 DOM_GID *other_gids; /* group info */
178 DOM_SID2 *other_sids; /* undocumented - domain SIDs */
183 /* NETLOGON_INFO_1 - pdc status info, i presume */
184 typedef struct netlogon_1_info
186 uint32 flags; /* 0x0 - undocumented */
187 uint32 pdc_status; /* 0x0 - undocumented */
191 /* NETLOGON_INFO_2 - pdc status info, plus trusted domain info */
192 typedef struct netlogon_2_info
194 uint32 flags; /* 0x0 - undocumented */
195 uint32 pdc_status; /* 0x0 - undocumented */
196 uint32 ptr_trusted_dc_name; /* pointer to trusted domain controller name */
197 uint32 tc_status; /* 0x051f - ERROR_NO_LOGON_SERVERS */
198 UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */
202 /* NETLOGON_INFO_3 - logon status info, i presume */
203 typedef struct netlogon_3_info
205 uint32 flags; /* 0x0 - undocumented */
206 uint32 logon_attempts; /* number of logon attempts */
207 uint32 reserved_1; /* 0x0 - undocumented */
208 uint32 reserved_2; /* 0x0 - undocumented */
209 uint32 reserved_3; /* 0x0 - undocumented */
210 uint32 reserved_4; /* 0x0 - undocumented */
211 uint32 reserved_5; /* 0x0 - undocumented */
215 /********************************************************
218 This is generated by a nltest /bdc_query:DOMAIN
220 query_level 0x1, function_code 0x1
222 ********************************************************/
224 /* NET_Q_LOGON_CTRL - LSA Netr Logon Control */
226 typedef struct net_q_logon_ctrl_info
229 UNISTR2 uni_server_name;
230 uint32 function_code;
234 /* NET_R_LOGON_CTRL - LSA Netr Logon Control */
236 typedef struct net_r_logon_ctrl_info
242 NETLOGON_INFO_1 info1;
248 /********************************************************
251 query_level 0x1 - pdc status
252 query_level 0x3 - number of logon attempts.
254 ********************************************************/
256 /* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2 */
257 typedef struct net_q_logon_ctrl2_info
259 uint32 ptr; /* undocumented buffer pointer */
260 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
262 uint32 function_code; /* 0x1 */
263 uint32 query_level; /* 0x1, 0x3 */
264 uint32 switch_value; /* 0x1 */
268 /*******************************************************
269 Logon Control Response
271 switch_value is same as query_level in request
272 *******************************************************/
274 /* NET_R_LOGON_CTRL2 - response to LSA Logon Control2 */
275 typedef struct net_r_logon_ctrl2_info
277 uint32 switch_value; /* 0x1, 0x3 */
282 NETLOGON_INFO_1 info1;
283 NETLOGON_INFO_2 info2;
284 NETLOGON_INFO_3 info3;
288 NTSTATUS status; /* return code */
292 /* NET_Q_TRUST_DOM_LIST - LSA Query Trusted Domains */
293 typedef struct net_q_trust_dom_info
295 uint32 ptr; /* undocumented buffer pointer */
296 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
298 } NET_Q_TRUST_DOM_LIST;
300 #define MAX_TRUST_DOMS 1
302 /* NET_R_TRUST_DOM_LIST - response to LSA Trusted Domains */
303 typedef struct net_r_trust_dom_info
305 UNISTR2 uni_trust_dom_name[MAX_TRUST_DOMS];
307 NTSTATUS status; /* return code */
309 } NET_R_TRUST_DOM_LIST;
313 typedef struct neg_flags_info
315 uint32 neg_flags; /* negotiated flags */
321 typedef struct net_q_req_chal_info
323 uint32 undoc_buffer; /* undocumented buffer pointer */
324 UNISTR2 uni_logon_srv; /* logon server unicode string */
325 UNISTR2 uni_logon_clnt; /* logon client unicode string */
326 DOM_CHAL clnt_chal; /* client challenge */
332 typedef struct net_r_req_chal_info
334 DOM_CHAL srv_chal; /* server challenge */
335 NTSTATUS status; /* return code */
339 typedef struct net_q_auth_info
341 DOM_LOG_INFO clnt_id; /* client identification info */
342 DOM_CHAL clnt_chal; /* client-calculated credentials */
346 typedef struct net_r_auth_info
348 DOM_CHAL srv_chal; /* server-calculated credentials */
349 NTSTATUS status; /* return code */
353 typedef struct net_q_auth2_info
355 DOM_LOG_INFO clnt_id; /* client identification info */
356 DOM_CHAL clnt_chal; /* client-calculated credentials */
358 NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
364 typedef struct net_r_auth2_info
366 DOM_CHAL srv_chal; /* server-calculated credentials */
367 NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
368 NTSTATUS status; /* return code */
372 /* NET_Q_SRV_PWSET */
373 typedef struct net_q_srv_pwset_info
375 DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
376 uint8 pwd[16]; /* new password - undocumented. */
380 /* NET_R_SRV_PWSET */
381 typedef struct net_r_srv_pwset_info
383 DOM_CRED srv_cred; /* server-calculated credentials */
385 NTSTATUS status; /* return code */
390 typedef struct net_network_info_2
392 uint32 ptr_id_info2; /* pointer to id_info_2 */
393 UNIHDR hdr_domain_name; /* domain name unicode header */
394 uint32 param_ctrl; /* param control (0x2) */
395 DOM_LOGON_ID logon_id; /* logon ID */
396 UNIHDR hdr_user_name; /* user name unicode header */
397 UNIHDR hdr_wksta_name; /* workstation name unicode header */
398 uint8 lm_chal[8]; /* lan manager 8 byte challenge */
399 STRHDR hdr_nt_chal_resp; /* nt challenge response */
400 STRHDR hdr_lm_chal_resp; /* lm challenge response */
402 UNISTR2 uni_domain_name; /* domain name unicode string */
403 UNISTR2 uni_user_name; /* user name unicode string */
404 UNISTR2 uni_wksta_name; /* workgroup name unicode string */
405 STRING2 nt_chal_resp; /* nt challenge response */
406 STRING2 lm_chal_resp; /* lm challenge response */
411 typedef struct id_info_1
413 uint32 ptr_id_info1; /* pointer to id_info_1 */
414 UNIHDR hdr_domain_name; /* domain name unicode header */
415 uint32 param_ctrl; /* param control */
416 DOM_LOGON_ID logon_id; /* logon ID */
417 UNIHDR hdr_user_name; /* user name unicode header */
418 UNIHDR hdr_wksta_name; /* workstation name unicode header */
419 OWF_INFO lm_owf; /* LM OWF Password */
420 OWF_INFO nt_owf; /* NT OWF Password */
421 UNISTR2 uni_domain_name; /* domain name unicode string */
422 UNISTR2 uni_user_name; /* user name unicode string */
423 UNISTR2 uni_wksta_name; /* workgroup name unicode string */
427 #define INTERACTIVE_LOGON_TYPE 1
428 #define NET_LOGON_TYPE 2
430 /* NET_ID_INFO_CTR */
431 typedef struct net_id_info_ctr_info
437 NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
438 NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
444 /* SAM_INFO - sam logon/off id structure */
445 typedef struct sam_info
447 DOM_CLNT_INFO2 client;
448 uint32 ptr_rtn_cred; /* pointer to return credentials */
449 DOM_CRED rtn_cred; /* return credentials */
451 NET_ID_INFO_CTR *ctr;
455 /* NET_Q_SAM_LOGON */
456 typedef struct net_q_sam_logon_info
459 uint16 validation_level;
463 /* NET_R_SAM_LOGON */
464 typedef struct net_r_sam_logon_info
466 uint32 buffer_creds; /* undocumented buffer pointer */
467 DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
469 uint16 switch_value; /* 3 - indicates type of USER INFO */
470 NET_USER_INFO_3 *user;
472 uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
474 NTSTATUS status; /* return code */
479 /* NET_Q_SAM_LOGOFF */
480 typedef struct net_q_sam_logoff_info
486 /* NET_R_SAM_LOGOFF */
487 typedef struct net_r_sam_logoff_info
489 uint32 buffer_creds; /* undocumented buffer pointer */
490 DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
492 NTSTATUS status; /* return code */
497 typedef struct net_q_sam_sync_info
499 UNISTR2 uni_srv_name; /* \\PDC */
500 UNISTR2 uni_cli_name; /* BDC */
505 uint32 restart_state;
508 uint32 max_size; /* preferred maximum length */
513 typedef struct sam_delta_hdr_info
515 uint16 type; /* type of structure attached */
524 /* SAM_DOMAIN_INFO (0x1) */
525 typedef struct sam_domain_info_info
530 UINT64_S force_logoff;
532 uint16 pwd_history_len;
533 UINT64_S max_pwd_age;
534 UINT64_S min_pwd_age;
535 UINT64_S dom_mod_count;
536 NTTIME creation_time;
538 BUFHDR2 hdr_sec_desc; /* security descriptor */
542 UNISTR2 uni_dom_name;
543 UNISTR2 buf_oem_info; /* never seen */
545 BUFFER4 buf_sec_desc;
550 /* SAM_GROUP_INFO (0x2) */
551 typedef struct sam_group_info_info
556 BUFHDR2 hdr_sec_desc; /* security descriptor */
559 UNISTR2 uni_grp_name;
560 UNISTR2 uni_grp_desc;
561 BUFFER4 buf_sec_desc;
566 typedef struct sam_passwd_info
568 /* this structure probably contains password history */
569 /* this is probably a count of lm/nt pairs */
570 uint32 unk_0; /* 0x0000 0002 */
573 uint8 buf_lm_pwd[16];
576 uint8 buf_nt_pwd[16];
583 /* SAM_ACCOUNT_INFO (0x5) */
584 typedef struct sam_account_info_info
586 UNIHDR hdr_acct_name;
587 UNIHDR hdr_full_name;
593 UNIHDR hdr_dir_drive;
594 UNIHDR hdr_logon_script;
595 UNIHDR hdr_acct_desc;
596 UNIHDR hdr_workstations;
601 uint32 logon_divs; /* 0xA8 */
602 uint32 ptr_logon_hrs;
604 uint16 bad_pwd_count;
606 NTTIME pwd_last_set_time;
607 NTTIME acct_expiry_time;
612 uint8 nt_pwd_present;
613 uint8 lm_pwd_present;
617 UNIHDR hdr_parameters;
621 BUFHDR2 hdr_sec_desc; /* security descriptor */
624 UNIHDR hdr_reserved[3]; /* space for more strings */
625 uint32 dw_reserved[4]; /* space for more data - first two seem to
628 UNISTR2 uni_acct_name;
629 UNISTR2 uni_full_name;
630 UNISTR2 uni_home_dir;
631 UNISTR2 uni_dir_drive;
632 UNISTR2 uni_logon_script;
633 UNISTR2 uni_acct_desc;
634 UNISTR2 uni_workstations;
636 uint32 unknown1; /* 0x4EC */
637 uint32 unknown2; /* 0 */
639 BUFFER4 buf_logon_hrs;
641 UNISTR2 uni_parameters;
643 BUFFER4 buf_sec_desc;
648 /* SAM_GROUP_MEM_INFO (0x8) */
649 typedef struct sam_group_mem_info_info
662 } SAM_GROUP_MEM_INFO;
664 /* SAM_ALIAS_INFO (0x9) */
665 typedef struct sam_alias_info_info
669 BUFHDR2 hdr_sec_desc; /* security descriptor */
673 UNISTR2 uni_als_name;
674 BUFFER4 buf_sec_desc;
675 UNISTR2 uni_als_desc;
679 /* SAM_ALIAS_MEM_INFO (0xC) */
680 typedef struct sam_alias_mem_info_info
690 } SAM_ALIAS_MEM_INFO;
692 /* SAM_DELTA_STAMP (0x16) */
696 uint32 dom_mod_count_ptr;
697 UINT64_S dom_mod_count; /* domain mod count at last sync */
700 typedef union sam_delta_ctr_info
702 SAM_DOMAIN_INFO domain_info ;
703 SAM_GROUP_INFO group_info ;
704 SAM_ACCOUNT_INFO account_info;
705 SAM_GROUP_MEM_INFO grp_mem_info;
706 SAM_ALIAS_INFO alias_info ;
707 SAM_ALIAS_MEM_INFO als_mem_info;
708 SAM_DELTA_STAMP stamp;
712 typedef struct net_r_sam_sync_info
723 SAM_DELTA_HDR *hdr_deltas;
724 SAM_DELTA_CTR *deltas;
729 /* NET_Q_SAM_DELTAS */
730 typedef struct net_q_sam_deltas_info
732 UNISTR2 uni_srv_name;
733 UNISTR2 uni_cli_name;
738 UINT64_S dom_mod_count; /* domain mod count at last sync */
740 uint32 max_size; /* preferred maximum length */
744 /* NET_R_SAM_DELTAS */
745 typedef struct net_r_sam_deltas_info
749 UINT64_S dom_mod_count; /* new domain mod count */
755 SAM_DELTA_HDR *hdr_deltas;
756 SAM_DELTA_CTR *deltas;
761 #endif /* _RPC_NETLOGON_H */