/*
- Unix SMB/Netbios implementation.
- Version 1.9.
+ Unix SMB/CIFS implementation.
SMB parameters and setup
Copyright (C) Andrew Tridgell 1992-1997
Copyright (C) Luke Kenneth Casson Leighton 1996-1997
Copyright (C) Paul Ashton 1997
+ Copyright (C) Jean François Micouleau 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _RPC_NETLOGON_H /* _RPC_NETLOGON_H */
/* NETLOGON pipe */
-#define NET_SAMLOGON 0x02
-#define NET_SAMLOGOFF 0x03
-#define NET_REQCHAL 0x04
-#define NET_AUTH 0x05
-#define NET_SRVPWSET 0x06
-#define NET_SAM_DELTAS 0x07
-#define NET_LOGON_CTRL 0x0c
-#define NET_AUTH2 0x0f
-#define NET_LOGON_CTRL2 0x0e
-#define NET_SAM_SYNC 0x10
-#define NET_TRUST_DOM_LIST 0x13
+#define NET_SAMLOGON 0x02
+#define NET_SAMLOGOFF 0x03
+#define NET_REQCHAL 0x04
+#define NET_AUTH 0x05
+#define NET_SRVPWSET 0x06
+#define NET_SAM_DELTAS 0x07
+#define NET_GETDCNAME 0x0b
+#define NET_LOGON_CTRL 0x0c
+#define NET_GETANYDCNAME 0x0d
+#define NET_AUTH2 0x0f
+#define NET_LOGON_CTRL2 0x0e
+#define NET_SAM_SYNC 0x10
+#define NET_TRUST_DOM_LIST 0x13
+#define NET_DSR_GETDCNAME 0x14
+#define NET_AUTH3 0x1a
+#define NET_DSR_GETDCNAMEEX 0x1b
+#define NET_DSR_GETSITENAME 0x1c
+#define NET_DSR_GETDCNAMEEX2 0x22
+#define NET_SAMLOGON_EX 0x27
/* Secure Channel types. used in NetrServerAuthenticate negotiation */
#define SEC_CHAN_WKSTA 2
#define SEC_CHAN_BDC 6
/* Returned delta types */
-#define SAM_DELTA_DOMAIN_INFO 0x01 /* Domain */
-#define SAM_DELTA_GROUP_INFO 0x02 /* Domain groups */
-#define SAM_DELTA_ACCOUNT_INFO 0x05 /* Users */
-#define SAM_DELTA_GROUP_MEM 0x08 /* Group membership */
-#define SAM_DELTA_ALIAS_INFO 0x09 /* Local groups */
-#define SAM_DELTA_ALIAS_MEM 0x0C /* Local group membership */
-#define SAM_DELTA_DOM_INFO 0x0D /* Privilige stuff */
-#define SAM_DELTA_UNK0E_INFO 0x0e /* Privilige stuff */
-#define SAM_DELTA_PRIVS_INFO 0x10 /* Privilige stuff */
-#define SAM_DELTA_UNK12_INFO 0x12 /* Privilige stuff */
-#define SAM_DELTA_SAM_STAMP 0x16 /* Some kind of journal record? */
+#define SAM_DELTA_DOMAIN_INFO 0x01
+#define SAM_DELTA_GROUP_INFO 0x02
+#define SAM_DELTA_RENAME_GROUP 0x04
+#define SAM_DELTA_ACCOUNT_INFO 0x05
+#define SAM_DELTA_RENAME_USER 0x07
+#define SAM_DELTA_GROUP_MEM 0x08
+#define SAM_DELTA_ALIAS_INFO 0x09
+#define SAM_DELTA_RENAME_ALIAS 0x0b
+#define SAM_DELTA_ALIAS_MEM 0x0c
+#define SAM_DELTA_POLICY_INFO 0x0d
+#define SAM_DELTA_TRUST_DOMS 0x0e
+#define SAM_DELTA_PRIVS_INFO 0x10 /* DT_DELTA_ACCOUNTS */
+#define SAM_DELTA_SECRET_INFO 0x12
+#define SAM_DELTA_DELETE_GROUP 0x14
+#define SAM_DELTA_DELETE_USER 0x15
+#define SAM_DELTA_MODIFIED_COUNT 0x16
/* SAM database types */
#define SAM_DATABASE_DOMAIN 0x00 /* Domain users and groups */
#define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and groups */
-#define SAM_DATABASE_PRIVS 0x02 /* Priviliges? */
+#define SAM_DATABASE_PRIVS 0x02 /* Privileges */
+
+/* flags use when sending a NETLOGON_CONTROL request */
+
+#define NETLOGON_CONTROL_SYNC 0x2
+#define NETLOGON_CONTROL_REDISCOVER 0x5
+#define NETLOGON_CONTROL_TC_QUERY 0x6
+#define NETLOGON_CONTROL_TRANSPORT_NOTIFY 0x7
+#define NETLOGON_CONTROL_SET_DBFLAG 0xfffe
+
+/* Some flag values reverse engineered from NLTEST.EXE */
+/* used in the NETLOGON_CONTROL[2] reply */
+
+#define NL_CTRL_IN_SYNC 0x0000
+#define NL_CTRL_REPL_NEEDED 0x0001
+#define NL_CTRL_REPL_IN_PROGRESS 0x0002
+#define NL_CTRL_FULL_SYNC 0x0004
+
+#define LOGON_GUEST 0x00000001
+#define LOGON_NOENCRYPTION 0x00000002
+#define LOGON_CACHED_ACCOUNT 0x00000004
+#define LOGON_USED_LM_PASSWORD 0x00000008
+#define LOGON_EXTRA_SIDS 0x00000020
+#define LOGON_SUBAUTH_SESSION_KEY 0x00000040
+#define LOGON_SERVER_TRUST_ACCOUNT 0x00000080
+#define LOGON_NTLMV2_ENABLED 0x00000100
+#define LOGON_RESOURCE_GROUPS 0x00000200
+#define LOGON_PROFILE_PATH_RETURNED 0x00000400
+#define LOGON_GRACE_LOGON 0x01000000
+#define LOGON_KRB5_FAIL_CLOCK_SKEW 0x02000000
+
+#define SE_GROUP_MANDATORY 0x00000001
+#define SE_GROUP_ENABLED_BY_DEFAULT 0x00000002
+#define SE_GROUP_ENABLED 0x00000004
+#define SE_GROUP_OWNER 0x00000008
+#define SE_GROUP_USE_FOR_DENY_ONLY 0x00000010
+#define SE_GROUP_LOGON_ID 0xC0000000
+#define SE_GROUP_RESOURCE 0x20000000 /* Domain Local Group */
+
+/* Flags for controlling the behaviour of a particular logon */
+
+/* sets LOGON_SERVER_TRUST_ACCOUNT user_flag */
+#define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x00000020
+#define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x00000800
+
+/* updates the "logon time" on network logon */
+#define MSV1_0_UPDATE_LOGON_STATISTICS 0x00000004
+
+/* returns the user parameters in the driveletter */
+#define MSV1_0_RETURN_USER_PARAMETERS 0x00000008
+
+/* returns the profilepath in the driveletter and
+ * sets LOGON_PROFILE_PATH_RETURNED user_flag */
+#define MSV1_0_RETURN_PROFILE_PATH 0x00000200
#if 0
/* I think this is correct - it's what gets parsed on the wire. JRA. */
/* NET_USER_INFO_2 */
-typedef struct net_user_info_2
-{
+typedef struct net_user_info_2 {
uint32 ptr_user_info;
NTTIME logon_time; /* logon time */
} NET_USER_INFO_2;
#endif
+/* NET_USER_INFO_2 */
+typedef struct net_user_info_2 {
+ uint32 ptr_user_info;
+
+ NTTIME logon_time; /* logon time */
+ NTTIME logoff_time; /* logoff time */
+ NTTIME kickoff_time; /* kickoff time */
+ NTTIME pass_last_set_time; /* password last set time */
+ NTTIME pass_can_change_time; /* password can change time */
+ NTTIME pass_must_change_time; /* password must change time */
+
+ UNIHDR hdr_user_name; /* username unicode string header */
+ UNIHDR hdr_full_name; /* user's full name unicode string header */
+ UNIHDR hdr_logon_script; /* logon script unicode string header */
+ UNIHDR hdr_profile_path; /* profile path unicode string header */
+ UNIHDR hdr_home_dir; /* home directory unicode string header */
+ UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
+
+ uint16 logon_count; /* logon count */
+ uint16 bad_pw_count; /* bad password count */
+
+ uint32 user_rid; /* User RID */
+ uint32 group_rid; /* Group RID */
+
+ uint32 num_groups; /* num groups */
+ uint32 buffer_groups; /* undocumented buffer pointer to groups. */
+ uint32 user_flgs; /* user flags */
+
+ uint8 user_sess_key[16]; /* user session key */
+
+ UNIHDR hdr_logon_srv; /* logon server unicode string header */
+ UNIHDR hdr_logon_dom; /* logon domain unicode string header */
+
+ uint32 buffer_dom_id; /* undocumented logon domain id pointer */
+ uint8 lm_sess_key[8]; /* lm session key */
+ uint32 acct_flags; /* account flags */
+ uint32 unknown[7]; /* unknown */
+
+ UNISTR2 uni_user_name; /* username unicode string */
+ UNISTR2 uni_full_name; /* user's full name unicode string */
+ UNISTR2 uni_logon_script; /* logon script unicode string */
+ UNISTR2 uni_profile_path; /* profile path unicode string */
+ UNISTR2 uni_home_dir; /* home directory unicode string */
+ UNISTR2 uni_dir_drive; /* home directory drive unicode string */
+
+ UNISTR2 uni_logon_srv; /* logon server unicode string */
+ UNISTR2 uni_logon_dom; /* logon domain unicode string */
+
+ DOM_SID2 dom_sid; /* domain SID */
+} NET_USER_INFO_2;
+
/* NET_USER_INFO_3 */
-typedef struct net_user_info_3
-{
+typedef struct net_user_info_3 {
uint32 ptr_user_info;
NTTIME logon_time; /* logon time */
uint32 buffer_groups; /* undocumented buffer pointer to groups. */
uint32 user_flgs; /* user flags */
- uint8 user_sess_key[16]; /* unused user session key */
+ uint8 user_sess_key[16]; /* user session key */
UNIHDR hdr_logon_srv; /* logon server unicode string header */
UNIHDR hdr_logon_dom; /* logon domain unicode string header */
uint32 buffer_dom_id; /* undocumented logon domain id pointer */
- uint8 padding[40]; /* unused padding bytes. expansion room */
+ uint8 lm_sess_key[8]; /* lm session key */
+ uint32 acct_flags; /* account flags */
+ uint32 unknown[7]; /* unknown */
- uint32 num_other_sids; /* 0 - num_sids */
- uint32 buffer_other_sids; /* NULL - undocumented pointer to SIDs. */
+ uint32 num_other_sids; /* number of foreign/trusted domain sids */
+ uint32 buffer_other_sids;
+ /* The next three uint32 are not really part of user_info_3 but here
+ * for parsing convenience. They are only valid in Kerberos PAC
+ * parsing - Guenther */
+ uint32 ptr_res_group_dom_sid;
+ uint32 res_group_count;
+ uint32 ptr_res_groups;
+
UNISTR2 uni_user_name; /* username unicode string */
UNISTR2 uni_full_name; /* user's full name unicode string */
UNISTR2 uni_logon_script; /* logon script unicode string */
DOM_SID2 dom_sid; /* domain SID */
- uint32 num_other_groups; /* other groups */
- DOM_GID *other_gids; /* group info */
- DOM_SID2 *other_sids; /* undocumented - domain SIDs */
-
+ DOM_SID2 *other_sids; /* foreign/trusted domain SIDs */
+ uint32 *other_sids_attrib;
} NET_USER_INFO_3;
/* NETLOGON_INFO_1 - pdc status info, i presume */
-typedef struct netlogon_1_info
-{
+typedef struct netlogon_1_info {
uint32 flags; /* 0x0 - undocumented */
uint32 pdc_status; /* 0x0 - undocumented */
-
} NETLOGON_INFO_1;
/* NETLOGON_INFO_2 - pdc status info, plus trusted domain info */
-typedef struct netlogon_2_info
-{
+typedef struct netlogon_2_info {
uint32 flags; /* 0x0 - undocumented */
uint32 pdc_status; /* 0x0 - undocumented */
uint32 ptr_trusted_dc_name; /* pointer to trusted domain controller name */
- uint32 tc_status; /* 0x051f - ERROR_NO_LOGON_SERVERS */
+ uint32 tc_status;
UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */
-
} NETLOGON_INFO_2;
/* NETLOGON_INFO_3 - logon status info, i presume */
-typedef struct netlogon_3_info
-{
+typedef struct netlogon_3_info {
uint32 flags; /* 0x0 - undocumented */
uint32 logon_attempts; /* number of logon attempts */
uint32 reserved_1; /* 0x0 - undocumented */
uint32 reserved_3; /* 0x0 - undocumented */
uint32 reserved_4; /* 0x0 - undocumented */
uint32 reserved_5; /* 0x0 - undocumented */
-
} NETLOGON_INFO_3;
/********************************************************
/* NET_Q_LOGON_CTRL - LSA Netr Logon Control */
-typedef struct net_q_logon_ctrl_info
-{
+typedef struct net_q_logon_ctrl_info {
uint32 ptr;
UNISTR2 uni_server_name;
uint32 function_code;
/* NET_R_LOGON_CTRL - LSA Netr Logon Control */
-typedef struct net_r_logon_ctrl_info
-{
+typedef struct net_r_logon_ctrl_info {
uint32 switch_value;
uint32 ptr;
NTSTATUS status;
} NET_R_LOGON_CTRL;
+
+typedef struct ctrl_data_info_5 {
+ uint32 function_code;
+
+ uint32 ptr_domain;
+ UNISTR2 domain;
+} CTRL_DATA_INFO_5;
+
+typedef struct ctrl_data_info_6 {
+ uint32 function_code;
+
+ uint32 ptr_domain;
+ UNISTR2 domain;
+} CTRL_DATA_INFO_6;
+
+
/********************************************************
Logon Control2 Query
********************************************************/
/* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2 */
-typedef struct net_q_logon_ctrl2_info
-{
- uint32 ptr; /* undocumented buffer pointer */
- UNISTR2 uni_server_name; /* server name, starting with two '\'s */
+typedef struct net_q_logon_ctrl2_info {
+ uint32 ptr; /* undocumented buffer pointer */
+ UNISTR2 uni_server_name; /* server name, starting with two '\'s */
- uint32 function_code; /* 0x1 */
- uint32 query_level; /* 0x1, 0x3 */
- uint32 switch_value; /* 0x1 */
-
+ uint32 function_code;
+ uint32 query_level;
+ union {
+ CTRL_DATA_INFO_5 info5;
+ CTRL_DATA_INFO_6 info6;
+ } info;
} NET_Q_LOGON_CTRL2;
/*******************************************************
*******************************************************/
/* NET_R_LOGON_CTRL2 - response to LSA Logon Control2 */
-typedef struct net_r_logon_ctrl2_info
-{
+typedef struct net_r_logon_ctrl2_info {
uint32 switch_value; /* 0x1, 0x3 */
uint32 ptr;
} logon;
NTSTATUS status; /* return code */
-
} NET_R_LOGON_CTRL2;
+/* NET_Q_GETANYDCNAME - Ask a DC for a trusted DC name */
+
+typedef struct net_q_getanydcname {
+ uint32 ptr_logon_server;
+ UNISTR2 uni_logon_server;
+ uint32 ptr_domainname;
+ UNISTR2 uni_domainname;
+} NET_Q_GETANYDCNAME;
+
+/* NET_R_GETANYDCNAME - Ask a DC for a trusted DC name */
+
+typedef struct net_r_getanydcname {
+ uint32 ptr_dcname;
+ UNISTR2 uni_dcname;
+ WERROR status;
+} NET_R_GETANYDCNAME;
+
+
+/* NET_Q_GETDCNAME - Ask a DC for a trusted DC name */
+
+typedef struct net_q_getdcname {
+ UNISTR2 uni_logon_server;
+ uint32 ptr_domainname;
+ UNISTR2 uni_domainname;
+} NET_Q_GETDCNAME;
+
+/* NET_R_GETDCNAME - Ask a DC for a trusted DC name */
+
+typedef struct net_r_getdcname {
+ uint32 ptr_dcname;
+ UNISTR2 uni_dcname;
+ WERROR status;
+} NET_R_GETDCNAME;
+
/* NET_Q_TRUST_DOM_LIST - LSA Query Trusted Domains */
-typedef struct net_q_trust_dom_info
-{
+typedef struct net_q_trust_dom_info {
uint32 ptr; /* undocumented buffer pointer */
UNISTR2 uni_server_name; /* server name, starting with two '\'s */
-
} NET_Q_TRUST_DOM_LIST;
#define MAX_TRUST_DOMS 1
/* NET_R_TRUST_DOM_LIST - response to LSA Trusted Domains */
-typedef struct net_r_trust_dom_info
-{
+typedef struct net_r_trust_dom_info {
UNISTR2 uni_trust_dom_name[MAX_TRUST_DOMS];
NTSTATUS status; /* return code */
-
} NET_R_TRUST_DOM_LIST;
/* NEG_FLAGS */
-typedef struct neg_flags_info
-{
- uint32 neg_flags; /* negotiated flags */
-
+typedef struct neg_flags_info {
+ uint32 neg_flags; /* negotiated flags */
} NEG_FLAGS;
/* NET_Q_REQ_CHAL */
-typedef struct net_q_req_chal_info
-{
- uint32 undoc_buffer; /* undocumented buffer pointer */
- UNISTR2 uni_logon_srv; /* logon server unicode string */
- UNISTR2 uni_logon_clnt; /* logon client unicode string */
- DOM_CHAL clnt_chal; /* client challenge */
-
+typedef struct net_q_req_chal_info {
+ uint32 undoc_buffer; /* undocumented buffer pointer */
+ UNISTR2 uni_logon_srv; /* logon server unicode string */
+ UNISTR2 uni_logon_clnt; /* logon client unicode string */
+ DOM_CHAL clnt_chal; /* client challenge */
} NET_Q_REQ_CHAL;
/* NET_R_REQ_CHAL */
-typedef struct net_r_req_chal_info
-{
+typedef struct net_r_req_chal_info {
DOM_CHAL srv_chal; /* server challenge */
NTSTATUS status; /* return code */
} NET_R_REQ_CHAL;
/* NET_Q_AUTH */
-typedef struct net_q_auth_info
-{
+typedef struct net_q_auth_info {
DOM_LOG_INFO clnt_id; /* client identification info */
DOM_CHAL clnt_chal; /* client-calculated credentials */
} NET_Q_AUTH;
/* NET_R_AUTH */
-typedef struct net_r_auth_info
-{
+typedef struct net_r_auth_info {
DOM_CHAL srv_chal; /* server-calculated credentials */
NTSTATUS status; /* return code */
} NET_R_AUTH;
/* NET_Q_AUTH_2 */
-typedef struct net_q_auth2_info
-{
- DOM_LOG_INFO clnt_id; /* client identification info */
- DOM_CHAL clnt_chal; /* client-calculated credentials */
-
- NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
+typedef struct net_q_auth2_info {
+ DOM_LOG_INFO clnt_id; /* client identification info */
+ DOM_CHAL clnt_chal; /* client-calculated credentials */
+ NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
} NET_Q_AUTH_2;
/* NET_R_AUTH_2 */
-typedef struct net_r_auth2_info
-{
+typedef struct net_r_auth2_info {
DOM_CHAL srv_chal; /* server-calculated credentials */
NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
NTSTATUS status; /* return code */
} NET_R_AUTH_2;
+/* NET_Q_AUTH_3 */
+typedef struct net_q_auth3_info {
+ DOM_LOG_INFO clnt_id; /* client identification info */
+ DOM_CHAL clnt_chal; /* client-calculated credentials */
+ NEG_FLAGS clnt_flgs; /* usually 0x6007 ffff */
+} NET_Q_AUTH_3;
+
+/* NET_R_AUTH_3 */
+typedef struct net_r_auth3_info {
+ DOM_CHAL srv_chal; /* server-calculated credentials */
+ NEG_FLAGS srv_flgs; /* usually 0x6007 ffff */
+ uint32 unknown; /* 0x0000045b */
+ NTSTATUS status; /* return code */
+} NET_R_AUTH_3;
-/* NET_Q_SRV_PWSET */
-typedef struct net_q_srv_pwset_info
-{
- DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
- uint8 pwd[16]; /* new password - undocumented. */
+/* NET_Q_SRV_PWSET */
+typedef struct net_q_srv_pwset_info {
+ DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
+ uint8 pwd[16]; /* new password - undocumented. */
} NET_Q_SRV_PWSET;
/* NET_R_SRV_PWSET */
-typedef struct net_r_srv_pwset_info
-{
- DOM_CRED srv_cred; /* server-calculated credentials */
-
- NTSTATUS status; /* return code */
+typedef struct net_r_srv_pwset_info {
+ DOM_CRED srv_cred; /* server-calculated credentials */
+ NTSTATUS status; /* return code */
} NET_R_SRV_PWSET;
/* NET_ID_INFO_2 */
-typedef struct net_network_info_2
-{
+typedef struct net_network_info_2 {
uint32 ptr_id_info2; /* pointer to id_info_2 */
UNIHDR hdr_domain_name; /* domain name unicode header */
uint32 param_ctrl; /* param control (0x2) */
UNISTR2 uni_wksta_name; /* workgroup name unicode string */
STRING2 nt_chal_resp; /* nt challenge response */
STRING2 lm_chal_resp; /* lm challenge response */
-
} NET_ID_INFO_2;
/* NET_ID_INFO_1 */
-typedef struct id_info_1
-{
+typedef struct id_info_1 {
uint32 ptr_id_info1; /* pointer to id_info_1 */
UNIHDR hdr_domain_name; /* domain name unicode header */
uint32 param_ctrl; /* param control */
UNISTR2 uni_domain_name; /* domain name unicode string */
UNISTR2 uni_user_name; /* user name unicode string */
UNISTR2 uni_wksta_name; /* workgroup name unicode string */
-
} NET_ID_INFO_1;
#define INTERACTIVE_LOGON_TYPE 1
#define NET_LOGON_TYPE 2
/* NET_ID_INFO_CTR */
-typedef struct net_id_info_ctr_info
-{
- uint16 switch_value;
-
- union
- {
- NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
- NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
-
- } auth;
+typedef struct net_id_info_ctr_info {
+ uint16 switch_value;
+ union {
+ NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
+ NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
+ } auth;
} NET_ID_INFO_CTR;
/* SAM_INFO - sam logon/off id structure */
-typedef struct sam_info
-{
- DOM_CLNT_INFO2 client;
- uint32 ptr_rtn_cred; /* pointer to return credentials */
- DOM_CRED rtn_cred; /* return credentials */
- uint16 logon_level;
- NET_ID_INFO_CTR *ctr;
-
+typedef struct sam_info {
+ DOM_CLNT_INFO2 client;
+ uint32 ptr_rtn_cred; /* pointer to return credentials */
+ DOM_CRED rtn_cred; /* return credentials */
+ uint16 logon_level;
+ NET_ID_INFO_CTR *ctr;
} DOM_SAM_INFO;
+/* SAM_INFO - sam logon/off id structure - no creds */
+typedef struct sam_info_ex {
+ DOM_CLNT_SRV client;
+ uint16 logon_level;
+ NET_ID_INFO_CTR *ctr;
+} DOM_SAM_INFO_EX;
+
/* NET_Q_SAM_LOGON */
-typedef struct net_q_sam_logon_info
-{
- DOM_SAM_INFO sam_id;
+typedef struct net_q_sam_logon_info {
+ DOM_SAM_INFO sam_id;
uint16 validation_level;
-
} NET_Q_SAM_LOGON;
+/* NET_Q_SAM_LOGON_EX */
+typedef struct net_q_sam_logon_info_ex {
+ DOM_SAM_INFO_EX sam_id;
+ uint16 validation_level;
+ uint32 flags;
+} NET_Q_SAM_LOGON_EX;
+
/* NET_R_SAM_LOGON */
-typedef struct net_r_sam_logon_info
-{
- uint32 buffer_creds; /* undocumented buffer pointer */
- DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
+typedef struct net_r_sam_logon_info {
+ uint32 buffer_creds; /* undocumented buffer pointer */
+ DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
uint16 switch_value; /* 3 - indicates type of USER INFO */
- NET_USER_INFO_3 *user;
+ NET_USER_INFO_3 *user;
- uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
-
- NTSTATUS status; /* return code */
+ uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
+ NTSTATUS status; /* return code */
} NET_R_SAM_LOGON;
+/* NET_R_SAM_LOGON_EX */
+typedef struct net_r_sam_logon_info_ex {
+ uint16 switch_value; /* 3 - indicates type of USER INFO */
+ NET_USER_INFO_3 *user;
+
+ uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
+ uint32 flags;
+
+ NTSTATUS status; /* return code */
+} NET_R_SAM_LOGON_EX;
-/* NET_Q_SAM_LOGOFF */
-typedef struct net_q_sam_logoff_info
-{
- DOM_SAM_INFO sam_id;
+/* NET_Q_SAM_LOGOFF */
+typedef struct net_q_sam_logoff_info {
+ DOM_SAM_INFO sam_id;
} NET_Q_SAM_LOGOFF;
/* NET_R_SAM_LOGOFF */
-typedef struct net_r_sam_logoff_info
-{
- uint32 buffer_creds; /* undocumented buffer pointer */
- DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
-
- NTSTATUS status; /* return code */
-
+typedef struct net_r_sam_logoff_info {
+ uint32 buffer_creds; /* undocumented buffer pointer */
+ DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
+ NTSTATUS status; /* return code */
} NET_R_SAM_LOGOFF;
/* NET_Q_SAM_SYNC */
-typedef struct net_q_sam_sync_info
-{
+typedef struct net_q_sam_sync_info {
UNISTR2 uni_srv_name; /* \\PDC */
UNISTR2 uni_cli_name; /* BDC */
DOM_CRED cli_creds;
uint32 sync_context;
uint32 max_size; /* preferred maximum length */
-
} NET_Q_SAM_SYNC;
/* SAM_DELTA_HDR */
-typedef struct sam_delta_hdr_info
-{
+typedef struct sam_delta_hdr_info {
uint16 type; /* type of structure attached */
uint16 type2;
uint32 target_rid;
uint32 type3;
uint32 ptr_delta;
-
} SAM_DELTA_HDR;
+/* LOCKOUT_STRING */
+typedef struct account_lockout_string {
+ uint32 array_size;
+ uint32 offset;
+ uint32 length;
+/* uint16 *bindata; */
+ uint64 lockout_duration;
+ uint64 reset_count;
+ uint32 bad_attempt_lockout;
+ uint32 dummy;
+} LOCKOUT_STRING;
+
+/* HDR_LOCKOUT_STRING */
+typedef struct hdr_account_lockout_string {
+ uint16 size;
+ uint16 length;
+ uint32 buffer;
+} HDR_LOCKOUT_STRING;
+
/* SAM_DOMAIN_INFO (0x1) */
-typedef struct sam_domain_info_info
-{
+typedef struct sam_domain_info_info {
UNIHDR hdr_dom_name;
UNIHDR hdr_oem_info;
- UINT64_S force_logoff;
+ uint64 force_logoff;
uint16 min_pwd_len;
uint16 pwd_history_len;
- UINT64_S max_pwd_age;
- UINT64_S min_pwd_age;
- UINT64_S dom_mod_count;
+ uint64 max_pwd_age;
+ uint64 min_pwd_age;
+ uint64 dom_mod_count;
NTTIME creation_time;
+ uint32 security_information;
- BUFHDR2 hdr_sec_desc; /* security descriptor */
- UNIHDR hdr_unknown;
- uint8 reserved[40];
+ BUFHDR4 hdr_sec_desc; /* security descriptor */
+
+ HDR_LOCKOUT_STRING hdr_account_lockout;
+
+ UNIHDR hdr_unknown2;
+ UNIHDR hdr_unknown3;
+ UNIHDR hdr_unknown4;
UNISTR2 uni_dom_name;
- UNISTR2 buf_oem_info; /* never seen */
+ UNISTR2 buf_oem_info;
+
+ RPC_DATA_BLOB buf_sec_desc;
+
+ LOCKOUT_STRING account_lockout;
- BUFFER4 buf_sec_desc;
- UNISTR2 buf_unknown;
+ UNISTR2 buf_unknown2;
+ UNISTR2 buf_unknown3;
+ UNISTR2 buf_unknown4;
+ uint32 logon_chgpass;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
} SAM_DOMAIN_INFO;
/* SAM_GROUP_INFO (0x2) */
-typedef struct sam_group_info_info
-{
+typedef struct sam_group_info_info {
UNIHDR hdr_grp_name;
DOM_GID gid;
UNIHDR hdr_grp_desc;
UNISTR2 uni_grp_name;
UNISTR2 uni_grp_desc;
- BUFFER4 buf_sec_desc;
-
+ RPC_DATA_BLOB buf_sec_desc;
} SAM_GROUP_INFO;
/* SAM_PWD */
-typedef struct sam_passwd_info
-{
+typedef struct sam_passwd_info {
/* this structure probably contains password history */
/* this is probably a count of lm/nt pairs */
uint32 unk_0; /* 0x0000 0002 */
UNIHDR hdr_empty_lm;
UNIHDR hdr_empty_nt;
-
} SAM_PWD;
/* SAM_ACCOUNT_INFO (0x5) */
-typedef struct sam_account_info_info
-{
+typedef struct sam_account_info_info {
UNIHDR hdr_acct_name;
UNIHDR hdr_full_name;
uint32 unknown1; /* 0x4EC */
uint32 unknown2; /* 0 */
- BUFFER4 buf_logon_hrs;
+ RPC_DATA_BLOB buf_logon_hrs;
UNISTR2 uni_comment;
UNISTR2 uni_parameters;
SAM_PWD pass;
- BUFFER4 buf_sec_desc;
+ RPC_DATA_BLOB buf_sec_desc;
UNISTR2 uni_profile;
-
} SAM_ACCOUNT_INFO;
/* SAM_GROUP_MEM_INFO (0x8) */
-typedef struct sam_group_mem_info_info
-{
+typedef struct sam_group_mem_info_info {
uint32 ptr_rids;
uint32 ptr_attribs;
uint32 num_members;
} SAM_GROUP_MEM_INFO;
/* SAM_ALIAS_INFO (0x9) */
-typedef struct sam_alias_info_info
-{
+typedef struct sam_alias_info_info {
UNIHDR hdr_als_name;
uint32 als_rid;
BUFHDR2 hdr_sec_desc; /* security descriptor */
uint8 reserved[40];
UNISTR2 uni_als_name;
- BUFFER4 buf_sec_desc;
+ RPC_DATA_BLOB buf_sec_desc;
UNISTR2 uni_als_desc;
-
} SAM_ALIAS_INFO;
/* SAM_ALIAS_MEM_INFO (0xC) */
-typedef struct sam_alias_mem_info_info
-{
+typedef struct sam_alias_mem_info_info {
uint32 num_members;
uint32 ptr_members;
uint8 unknown[16];
uint32 num_sids;
uint32 *ptr_sids;
DOM_SID2 *sids;
-
} SAM_ALIAS_MEM_INFO;
-/* SAM_DELTA_DOM (0x0D) */
-typedef struct
-{
- uint32 unknown1; /* 0x5000 */
- uint32 unknown2; /* 0 */
- uint32 unknown3; /* 0 */
- uint32 unknown4; /* 0 */
- uint32 count1;
- uint32 ptr1;
- uint16 count2;
- uint16 count3;
- uint32 ptr2;
- uint32 ptr3;
-
- uint32 unknown4b; /* 0x02000000 */
- uint32 unknown5; /* 0x00100000 */
- uint32 unknown6; /* 0x00010000 */
- uint32 unknown7; /* 0x0f000000 */
- uint32 unknown8; /* 0 */
- uint32 unknown9; /* 0 */
- uint32 unknown10; /* 0 */
- uint32 unknown11; /* 0x3c*/
- uint32 unknown12; /* 0*/
-
- uint32 unknown13; /* a7080110 */
- uint32 unknown14; /* 01bfb0dd */
- uint32 unknown15; /* 0f */
- uint32 unknown16; /* 68 */
- uint32 unknown17; /* 00169000 */
-
- uint32 count4;
- uint32 unknown18; /* 0 times count4 */
-
- uint32 unknown19; /* 8 */
-
- uint32 unknown20; /* 0x04 times count1 */
-
- uint32 ptr4;
-
- UNISTR2 domain_name;
+/* SAM_DELTA_POLICY (0x0D) */
+typedef struct {
+ uint32 max_log_size; /* 0x5000 */
+ uint64 audit_retention_period; /* 0 */
+ uint32 auditing_mode; /* 0 */
+ uint32 num_events;
+ uint32 ptr_events;
+ UNIHDR hdr_dom_name;
+ uint32 sid_ptr;
+
+ uint32 paged_pool_limit; /* 0x02000000 */
+ uint32 non_paged_pool_limit; /* 0x00100000 */
+ uint32 min_workset_size; /* 0x00010000 */
+ uint32 max_workset_size; /* 0x0f000000 */
+ uint32 page_file_limit; /* 0 */
+ uint64 time_limit; /* 0 */
+ NTTIME modify_time; /* 0x3c*/
+ NTTIME create_time; /* a7080110 */
+ BUFHDR2 hdr_sec_desc;
+
+ uint32 num_event_audit_options;
+ uint32 event_audit_option;
+
+ UNISTR2 domain_name;
DOM_SID2 domain_sid;
-} SAM_DELTA_DOM;
+ RPC_DATA_BLOB buf_sec_desc;
+} SAM_DELTA_POLICY;
-/* SAM_DELTA_UNK0E (0x0e) */
-typedef struct
-{
+/* SAM_DELTA_TRUST_DOMS */
+typedef struct {
uint32 buf_size;
SEC_DESC *sec_desc;
DOM_SID2 sid;
uint32 unknown3;
UNISTR2 domain;
-
-} SAM_DELTA_UNK0E;
+} SAM_DELTA_TRUSTDOMS;
/* SAM_DELTA_PRIVS (0x10) */
-typedef struct
-{
- uint32 buf_size;
- SEC_DESC *sec_desc;
+typedef struct {
DOM_SID2 sid;
uint32 priv_count;
- uint32 reserved1; /* 0x0 */
-
- uint32 ptr1;
- uint32 ptr2;
-
- uint32 unknown1;
- uint32 unknown2;
- uint32 unknown3;
- uint32 unknown4;
- uint32 unknown5;
- uint32 unknown6;
- uint32 unknown7;
- uint32 unknown8;
- uint32 unknown9;
+ uint32 priv_control;
+
+ uint32 priv_attr_ptr;
+ uint32 priv_name_ptr;
+
+ uint32 paged_pool_limit; /* 0x02000000 */
+ uint32 non_paged_pool_limit; /* 0x00100000 */
+ uint32 min_workset_size; /* 0x00010000 */
+ uint32 max_workset_size; /* 0x0f000000 */
+ uint32 page_file_limit; /* 0 */
+ uint64 time_limit; /* 0 */
+ uint32 system_flags; /* 1 */
+ BUFHDR2 hdr_sec_desc;
uint32 buf_size2;
- uint32 ptr3;
- uint32 unknown10; /* 48 bytes 0x0*/
uint32 attribute_count;
uint32 *attributes;
UNIHDR *hdr_privslist;
UNISTR2 *uni_privslist;
-
+ RPC_DATA_BLOB buf_sec_desc;
} SAM_DELTA_PRIVS;
-/* SAM_DELTA_UNK12 (0x12) */
-typedef struct
-{
+/* SAM_DELTA_SECRET */
+typedef struct {
uint32 buf_size;
SEC_DESC *sec_desc;
UNISTR2 secret;
uint32 buf_size3;
SEC_DESC *sec_desc2;
+} SAM_DELTA_SECRET;
-} SAM_DELTA_UNK12;
-
-/* SAM_DELTA_STAMP (0x16) */
-typedef struct
-{
+/* SAM_DELTA_MOD_COUNT (0x16) */
+typedef struct {
uint32 seqnum;
uint32 dom_mod_count_ptr;
- UINT64_S dom_mod_count; /* domain mod count at last sync */
-} SAM_DELTA_STAMP;
+ uint64 dom_mod_count; /* domain mod count at last sync */
+} SAM_DELTA_MOD_COUNT;
-typedef union sam_delta_ctr_info
-{
+typedef union sam_delta_ctr_info {
SAM_DOMAIN_INFO domain_info ;
SAM_GROUP_INFO group_info ;
SAM_ACCOUNT_INFO account_info;
SAM_GROUP_MEM_INFO grp_mem_info;
SAM_ALIAS_INFO alias_info ;
SAM_ALIAS_MEM_INFO als_mem_info;
- SAM_DELTA_DOM dom_info;
+ SAM_DELTA_POLICY policy_info;
SAM_DELTA_PRIVS privs_info;
- SAM_DELTA_STAMP stamp;
- SAM_DELTA_UNK0E unk0e_info;
- SAM_DELTA_UNK12 unk12_info;
+ SAM_DELTA_MOD_COUNT mod_count;
+ SAM_DELTA_TRUSTDOMS trustdoms_info;
+ SAM_DELTA_SECRET secret_info;
} SAM_DELTA_CTR;
/* NET_R_SAM_SYNC */
-typedef struct net_r_sam_sync_info
-{
+typedef struct net_r_sam_sync_info {
DOM_CRED srv_creds;
uint32 sync_context;
} NET_R_SAM_SYNC;
/* NET_Q_SAM_DELTAS */
-typedef struct net_q_sam_deltas_info
-{
+typedef struct net_q_sam_deltas_info {
UNISTR2 uni_srv_name;
UNISTR2 uni_cli_name;
DOM_CRED cli_creds;
DOM_CRED ret_creds;
uint32 database_id;
- UINT64_S dom_mod_count; /* domain mod count at last sync */
+ uint64 dom_mod_count; /* domain mod count at last sync */
uint32 max_size; /* preferred maximum length */
-
} NET_Q_SAM_DELTAS;
/* NET_R_SAM_DELTAS */
-typedef struct net_r_sam_deltas_info
-{
+typedef struct net_r_sam_deltas_info {
DOM_CRED srv_creds;
- UINT64_S dom_mod_count; /* new domain mod count */
+ uint64 dom_mod_count; /* new domain mod count */
uint32 ptr_deltas;
uint32 num_deltas;
NTSTATUS status;
} NET_R_SAM_DELTAS;
+#define DS_FORCE_REDISCOVERY 0x00000001
+#define DS_DIRECTORY_SERVICE_REQUIRED 0x00000010
+#define DS_DIRECTORY_SERVICE_PREFERRED 0x00000020
+#define DS_GC_SERVER_REQUIRED 0x00000040
+#define DS_PDC_REQUIRED 0x00000080
+#define DS_BACKGROUND_ONLY 0x00000100
+#define DS_IP_REQUIRED 0x00000200
+#define DS_KDC_REQUIRED 0x00000400
+#define DS_TIMESERV_REQUIRED 0x00000800
+#define DS_WRITABLE_REQUIRED 0x00001000
+#define DS_GOOD_TIMESERV_PREFERRED 0x00002000
+#define DS_AVOID_SELF 0x00004000
+#define DS_ONLY_LDAP_NEEDED 0x00008000
+
+#define DS_IS_FLAT_NAME 0x00010000
+#define DS_IS_DNS_NAME 0x00020000
+
+#define DS_RETURN_DNS_NAME 0x40000000
+#define DS_RETURN_FLAT_NAME 0x80000000
+
+#if 0 /* unknown yet */
+#define DS_IP_VERSION_AGNOSTIC
+#define DS_TRY_NEXTCLOSEST_SITE
+#endif
+
+#define DSGETDC_VALID_FLAGS ( \
+ DS_FORCE_REDISCOVERY | \
+ DS_DIRECTORY_SERVICE_REQUIRED | \
+ DS_DIRECTORY_SERVICE_PREFERRED | \
+ DS_GC_SERVER_REQUIRED | \
+ DS_PDC_REQUIRED | \
+ DS_BACKGROUND_ONLY | \
+ DS_IP_REQUIRED | \
+ DS_KDC_REQUIRED | \
+ DS_TIMESERV_REQUIRED | \
+ DS_WRITABLE_REQUIRED | \
+ DS_GOOD_TIMESERV_PREFERRED | \
+ DS_AVOID_SELF | \
+ DS_ONLY_LDAP_NEEDED | \
+ DS_IS_FLAT_NAME | \
+ DS_IS_DNS_NAME | \
+ DS_RETURN_FLAT_NAME | \
+ DS_RETURN_DNS_NAME )
+
+struct DS_DOMAIN_CONTROLLER_INFO {
+ const char *domain_controller_name;
+ const char *domain_controller_address;
+ int32 domain_controller_address_type;
+ struct GUID *domain_guid;
+ const char *domain_name;
+ const char *dns_forest_name;
+ uint32 flags;
+ const char *dc_site_name;
+ const char *client_site_name;
+};
+
+/* NET_Q_DSR_GETDCNAME */
+typedef struct net_q_dsr_getdcname {
+ uint32 ptr_server_unc;
+ UNISTR2 uni_server_unc;
+ uint32 ptr_domain_name;
+ UNISTR2 uni_domain_name;
+ uint32 ptr_domain_guid;
+ struct GUID *domain_guid;
+ uint32 ptr_site_guid;
+ struct GUID *site_guid;
+ uint32 flags;
+} NET_Q_DSR_GETDCNAME;
+
+/* NET_R_DSR_GETDCNAME */
+typedef struct net_r_dsr_getdcname {
+ uint32 ptr_dc_unc;
+ UNISTR2 uni_dc_unc;
+ uint32 ptr_dc_address;
+ UNISTR2 uni_dc_address;
+ int32 dc_address_type;
+ struct GUID domain_guid;
+ uint32 ptr_domain_name;
+ UNISTR2 uni_domain_name;
+ uint32 ptr_forest_name;
+ UNISTR2 uni_forest_name;
+ uint32 dc_flags;
+ uint32 ptr_dc_site_name;
+ UNISTR2 uni_dc_site_name;
+ uint32 ptr_client_site_name;
+ UNISTR2 uni_client_site_name;
+ WERROR result;
+} NET_R_DSR_GETDCNAME;
+
+/* NET_Q_DSR_GETDCNAMEEX */
+typedef struct net_q_dsr_getdcnameex {
+ uint32 ptr_server_unc;
+ UNISTR2 uni_server_unc;
+ uint32 ptr_domain_name;
+ UNISTR2 uni_domain_name;
+ uint32 ptr_domain_guid;
+ struct GUID *domain_guid;
+ uint32 ptr_site_name;
+ UNISTR2 uni_site_name;
+ uint32 flags;
+} NET_Q_DSR_GETDCNAMEEX;
+
+/* NET_R_DSR_GETDCNAMEEX */
+typedef struct net_r_dsr_getdcnameex NET_R_DSR_GETDCNAMEEX;
+
+/* NET_Q_DSR_GETDCNAMEEX2 */
+typedef struct net_q_dsr_getdcnameex2 {
+ uint32 ptr_server_unc;
+ UNISTR2 uni_server_unc;
+ uint32 ptr_client_account;
+ UNISTR2 uni_client_account;
+ uint32 mask;
+ uint32 ptr_domain_name;
+ UNISTR2 uni_domain_name;
+ uint32 ptr_domain_guid;
+ struct GUID *domain_guid;
+ uint32 ptr_site_name;
+ UNISTR2 uni_site_name;
+ uint32 flags;
+} NET_Q_DSR_GETDCNAMEEX2;
+
+/* NET_R_DSR_GETDCNAMEEX2 */
+typedef struct net_r_dsr_getdcnameex2 NET_R_DSR_GETDCNAMEEX2;
+
+/* NET_Q_DSR_GESITENAME */
+typedef struct net_q_dsr_getsitename {
+ uint32 ptr_computer_name;
+ UNISTR2 uni_computer_name;
+} NET_Q_DSR_GETSITENAME;
+
+/* NET_R_DSR_GETSITENAME */
+typedef struct net_r_dsr_getsitename {
+ uint32 ptr_site_name;
+ UNISTR2 uni_site_name;
+ WERROR result;
+} NET_R_DSR_GETSITENAME;
+
+
#endif /* _RPC_NETLOGON_H */
git.samba.org / samba.git / blobdiff