3 much of this was derived from the ethereal sources - thanks to everyone
7 import "misc.idl", "lsa.idl", "samr.idl", "security.idl";
11 cpp_quote("#define netr_DeltaEnum8Bit netr_DeltaEnum")
12 cpp_quote("#define netr_SamDatabaseID8Bit netr_SamDatabaseID")
14 cpp_quote("#define ENC_CRC32 KERB_ENCTYPE_DES_CBC_CRC")
15 cpp_quote("#define ENC_RSA_MD5 KERB_ENCTYPE_DES_CBC_MD5")
16 cpp_quote("#define ENC_RC4_HMAC_MD5 KERB_ENCTYPE_RC4_HMAC_MD5")
17 cpp_quote("#define ENC_HMAC_SHA1_96_AES128 KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96")
18 cpp_quote("#define ENC_HMAC_SHA1_96_AES256 KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96")
21 uuid("12345678-1234-abcd-ef00-01234567cffb"),
23 endpoint("ncacn_np:[\\pipe\\netlogon]","ncacn_ip_tcp:","ncalrpc:"),
24 helper("../librpc/ndr/ndr_netlogon.h"),
26 pointer_default(unique)
31 typedef bitmap samr_AcctFlags samr_AcctFlags;
32 typedef bitmap security_GroupAttrs security_GroupAttrs;
33 typedef enum netr_DeltaEnum8Bit netr_DeltaEnum8Bit;
34 typedef enum netr_SamDatabaseID8Bit netr_SamDatabaseID8Bit;
40 [string,charset(UTF16)] uint16 *account_name;
51 time_t pw_must_change;
52 [string,charset(UTF16)] uint16 *computer;
53 [string,charset(UTF16)] uint16 *domain;
54 [string,charset(UTF16)] uint16 *script_path;
58 WERROR netr_LogonUasLogon(
59 [in,unique] [string,charset(UTF16)] uint16 *server_name,
60 [in] [string,charset(UTF16)] uint16 *account_name,
61 [in] [string,charset(UTF16)] uint16 *workstation,
62 [out,ref] netr_UasInfo **info
74 WERROR netr_LogonUasLogoff(
75 [in,unique] [string,charset(UTF16)] uint16 *server_name,
76 [in] [string,charset(UTF16)] uint16 *account_name,
77 [in] [string,charset(UTF16)] uint16 *workstation,
78 [out,ref] netr_UasLogoffInfo *info
85 /* in netr_AcctLockStr size seems to be be 24, and rrenard thinks
86 that the structure of the bindata looks like this:
88 dlong lockout_duration;
90 uint32 bad_attempt_lockout;
93 but it doesn't look as though this structure is reflected at the
94 NDR level. Maybe it is left to the application to decode the bindata array.
96 typedef [public] struct {
97 dlong lockout_duration;
99 uint32 bad_attempt_lockout;
103 /* - MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
104 * sets the NETLOGON_SERVER_TRUST_ACCOUNT user_flag
105 * - MSV1_0_UPDATE_LOGON_STATISTICS
106 * sets the logon time on network logon
107 * - MSV1_0_RETURN_USER_PARAMETERS
108 * sets the user parameters in the driveletter
109 * - MSV1_0_RETURN_PROFILE_PATH
110 * returns the profilepath in the driveletter and
111 * sets LOGON_PROFILE_PATH_RETURNED user_flag
114 typedef [public,bitmap32bit] bitmap {
115 MSV1_0_CLEARTEXT_PASSWORD_ALLOWED = 0x00000002,
116 MSV1_0_UPDATE_LOGON_STATISTICS = 0x00000004,
117 MSV1_0_RETURN_USER_PARAMETERS = 0x00000008,
118 MSV1_0_DONT_TRY_GUEST_ACCOUNT = 0x00000010,
119 MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT = 0x00000020,
120 MSV1_0_RETURN_PASSWORD_EXPIRY = 0x00000040,
121 MSV1_0_USE_CLIENT_CHALLENGE = 0x00000080,
122 MSV1_0_TRY_GUEST_ACCOUNT_ONLY = 0x00000100,
123 MSV1_0_RETURN_PROFILE_PATH = 0x00000200,
124 MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY = 0x00000400,
125 MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT = 0x00000800,
126 MSV1_0_DISABLE_PERSONAL_FALLBACK = 0x00001000,
127 MSV1_0_ALLOW_FORCE_GUEST = 0x00002000,
128 MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED = 0x00004000,
129 MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY = 0x00008000,
130 MSV1_0_ALLOW_MSVCHAPV2 = 0x00010000,
131 MSV1_0_S4U2SELF = 0x00020000,
132 MSV1_0_CHECK_LOGONHOURS_FOR_S4U = 0x00040000,
133 MSV1_0_SUBAUTHENTICATION_DLL_EX = 0x00100000
134 } netr_LogonParameterControl;
136 /* Summary of the of the Query and Response from Microsoft on
137 * the usage of logon_id in netr_IdendityInfo
139 * [REG:119013019612095] [MS-NRPC]: NETLOGON_LOGON_IDENTITY_INFO: Does
140 * the Reserved field have LogonId meaning?
143 * In NetrLogonSamLogonEx does the Reserved field
144 * (of NETLOGON_LOGON_IDENTITY_INFO) have LogonId meaning?
146 * What is a valid LogonID, and does have any audit usage?
148 * Samba is sending a constant "deadbeef" in hex and would like to
149 * understand any usage of this field.
152 * The NRPC spec is accurate in defining the field as Reserved, and
153 * without protocol significance. In the header file in our source
154 * code, it is defined as LogonId and commented as such, but it’s
155 * effectively not used. This is probably why the API structure has
156 * that field name. It may have been intended as such but it’s not
159 * Samba now sends a random value in this field.
162 lsa_String domain_name;
163 netr_LogonParameterControl parameter_control; /* see MSV1_0_* */
165 lsa_String account_name;
166 lsa_String workstation;
170 netr_IdentityInfo identity_info;
171 samr_Password lmpassword;
172 samr_Password ntpassword;
175 typedef [flag(NDR_PAHEX)] struct {
177 [value(length)] uint16 size;
178 [size_is(length),length_is(length)] uint8 *data;
179 } netr_ChallengeResponse;
181 typedef [flag(NDR_PAHEX)] struct {
182 netr_IdentityInfo identity_info;
184 netr_ChallengeResponse nt;
185 netr_ChallengeResponse lm;
188 typedef [flag(NDR_PAHEX)] struct {
189 netr_IdentityInfo identity_info;
190 lsa_String package_name;
192 [size_is(length)] uint8 *data;
195 typedef [public] enum {
196 NetlogonInteractiveInformation = 1,
197 NetlogonNetworkInformation = 2,
198 NetlogonServiceInformation = 3,
199 NetlogonGenericInformation = 4,
200 NetlogonInteractiveTransitiveInformation = 5,
201 NetlogonNetworkTransitiveInformation = 6,
202 NetlogonServiceTransitiveInformation = 7
203 } netr_LogonInfoClass;
205 typedef [public,switch_type(netr_LogonInfoClass)] union {
206 [case(NetlogonInteractiveInformation)] netr_PasswordInfo *password;
207 [case(NetlogonNetworkInformation)] netr_NetworkInfo *network;
208 [case(NetlogonServiceInformation)] netr_PasswordInfo *password;
209 [case(NetlogonGenericInformation)] netr_GenericInfo *generic;
210 [case(NetlogonInteractiveTransitiveInformation)] netr_PasswordInfo *password;
211 [case(NetlogonNetworkTransitiveInformation)] netr_NetworkInfo *network;
212 [case(NetlogonServiceTransitiveInformation)] netr_PasswordInfo *password;
216 typedef [public,flag(NDR_PAHEX)] struct {
218 } netr_UserSessionKey;
220 typedef [public,flag(NDR_PAHEX)] struct {
224 /* Flags for user_flags below */
225 typedef [public,bitmap32bit] bitmap {
226 NETLOGON_GUEST = 0x00000001,
227 NETLOGON_NOENCRYPTION = 0x00000002,
228 NETLOGON_CACHED_ACCOUNT = 0x00000004,
229 NETLOGON_USED_LM_PASSWORD = 0x00000008,
230 NETLOGON_EXTRA_SIDS = 0x00000020,
231 NETLOGON_SUBAUTH_SESSION_KEY = 0x00000040,
232 NETLOGON_SERVER_TRUST_ACCOUNT = 0x00000080,
233 NETLOGON_NTLMV2_ENABLED = 0x00000100,
234 NETLOGON_RESOURCE_GROUPS = 0x00000200,
235 NETLOGON_PROFILE_PATH_RETURNED = 0x00000400,
236 NETLOGON_GRACE_LOGON = 0x01000000
243 NTTIME last_password_change;
244 NTTIME allow_password_change;
245 NTTIME force_password_change;
246 lsa_String account_name;
247 lsa_String full_name;
248 lsa_String logon_script;
249 lsa_String profile_path;
250 lsa_String home_directory;
251 lsa_String home_drive;
253 uint16 bad_password_count;
256 samr_RidWithAttributeArray groups;
257 netr_UserFlags user_flags;
258 [flag(NDR_SECRET)] netr_UserSessionKey key;
259 lsa_StringLarge logon_server;
260 lsa_StringLarge logon_domain;
261 dom_sid2 *domain_sid;
262 [flag(NDR_SECRET)] netr_LMSessionKey LMSessKey;
263 samr_AcctFlags acct_flags;
264 uint32 sub_auth_status;
265 NTTIME last_successful_logon;
266 NTTIME last_failed_logon;
267 uint32 failed_logon_count;
272 netr_SamBaseInfo base;
275 typedef [public] struct {
277 security_GroupAttrs attributes;
280 typedef [public] struct {
281 netr_SamBaseInfo base;
283 [size_is(sidcount)] netr_SidAttr *sids;
287 netr_SamBaseInfo base;
289 [size_is(sidcount)] netr_SidAttr *sids;
292 * Should pointer values be allocated
293 * of sids[*].sid before the following ones?
295 * That's at least the case for
298 lsa_String dns_domainname;
299 lsa_String principal_name;
305 [size_is(pac_size)] uint8 *pac;
306 lsa_String logon_domain;
307 lsa_String logon_server;
308 lsa_String principal_name;
310 [size_is(auth_size)] uint8 *auth;
311 netr_UserSessionKey user_session_key;
312 uint32 expansionroom[10];
319 typedef [flag(NDR_PAHEX)] struct {
321 [size_is(length)] uint8 *data;
325 NetlogonValidationUasInfo = 1,
326 NetlogonValidationSamInfo = 2,
327 NetlogonValidationSamInfo2 = 3,
328 NetlogonValidationGenericInfo2 = 5,
329 NetlogonValidationSamInfo4 = 6
330 } netr_ValidationInfoClass;
332 typedef [public,switch_type(uint16)] union {
333 [case(NetlogonValidationSamInfo)] netr_SamInfo2 *sam2;
334 [case(NetlogonValidationSamInfo2)] netr_SamInfo3 *sam3;
335 [case(4)] netr_PacInfo *pac;
336 [case(NetlogonValidationGenericInfo2)] netr_GenericInfo2 *generic;
337 [case(NetlogonValidationSamInfo4)] netr_SamInfo6 *sam6;
341 typedef [public, flag(NDR_PAHEX)] struct {
345 typedef [public] struct {
346 netr_Credential cred;
348 } netr_Authenticator;
350 [public] NTSTATUS netr_LogonSamLogon(
351 [in,unique] [string,charset(UTF16)] uint16 *server_name,
352 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
353 [in,unique] netr_Authenticator *credential,
354 [in,out,unique] netr_Authenticator *return_authenticator,
355 [in] netr_LogonInfoClass logon_level,
356 [in,ref] [switch_is(logon_level)] netr_LogonLevel *logon,
357 [in] uint16 validation_level,
358 [out,ref] [switch_is(validation_level)] netr_Validation *validation,
359 [out,ref] uint8 *authoritative
366 NTSTATUS netr_LogonSamLogoff(
367 [in,unique] [string,charset(UTF16)] uint16 *server_name,
368 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
369 [in,unique] netr_Authenticator *credential,
370 [in,out,unique] netr_Authenticator *return_authenticator,
371 [in] netr_LogonInfoClass logon_level,
372 [in] [switch_is(logon_level)] netr_LogonLevel logon
380 [public] NTSTATUS netr_ServerReqChallenge(
381 [in,unique,string,charset(UTF16)] uint16 *server_name,
382 [in,string,charset(UTF16)] uint16 *computer_name,
383 [in,ref] netr_Credential *credentials,
384 [out,ref] netr_Credential *return_credentials
391 typedef enum netr_SchannelType netr_SchannelType;
393 NTSTATUS netr_ServerAuthenticate(
394 [in,unique,string,charset(UTF16)] uint16 *server_name,
395 [in,string,charset(UTF16)] uint16 *account_name,
396 [in] netr_SchannelType secure_channel_type,
397 [in,string,charset(UTF16)] uint16 *computer_name,
398 [in,ref] netr_Credential *credentials,
399 [out,ref] netr_Credential *return_credentials
406 NTSTATUS netr_ServerPasswordSet(
407 [in,unique] [string,charset(UTF16)] uint16 *server_name,
408 [in] [string,charset(UTF16)] uint16 *account_name,
409 [in] netr_SchannelType secure_channel_type,
410 [in] [string,charset(UTF16)] uint16 *computer_name,
411 [in,ref] netr_Authenticator *credential,
412 [out,ref] netr_Authenticator *return_authenticator,
413 [in,ref] samr_Password *new_password
420 typedef enum netr_SamDatabaseID netr_SamDatabaseID;
423 [string,charset(UTF16)] uint16 *account_name;
432 } netr_DELTA_DELETE_USER;
436 [value(length)] uint16 size;
443 [value(nt_length)] uint16 nt_size;
446 [value(lm_length)] uint16 lm_size;
448 uint8 nt_history[nt_length];
449 uint8 lm_history[lm_length];
450 } netr_PasswordHistory;
453 netr_USER_KEY16 lmpassword;
454 netr_USER_KEY16 ntpassword;
455 netr_PasswordHistory history;
458 typedef struct { /* TODO: make this a union! */
459 netr_USER_KEYS2 keys2;
460 } netr_USER_KEY_UNION;
462 typedef [public] struct {
464 netr_USER_KEY_UNION keys;
468 boolean8 SensitiveDataFlag;
471 /* netr_USER_KEYS encrypted with the session key */
472 [size_is(DataLength)][flag(NDR_PAHEX)] uint8 *SensitiveData;
473 } netr_USER_PRIVATE_INFO;
476 lsa_String account_name;
477 lsa_String full_name;
480 lsa_String home_directory;
481 lsa_String home_drive;
482 lsa_String logon_script;
483 lsa_String description;
484 lsa_String workstations;
487 samr_LogonHours logon_hours;
488 uint16 bad_password_count;
490 NTTIME last_password_change;
492 samr_AcctFlags acct_flags;
493 samr_Password lmpassword;
494 samr_Password ntpassword;
495 boolean8 nt_password_present;
496 boolean8 lm_password_present;
497 boolean8 password_expired;
499 lsa_BinaryString parameters;
502 netr_USER_PRIVATE_INFO user_private_info;
503 uint32 SecurityInformation;
505 lsa_String profile_path;
516 lsa_String domain_name;
517 lsa_String oem_information; /* comment */
518 dlong force_logoff_time;
519 uint16 min_password_length;
520 uint16 password_history_length;
521 /* yes, these are signed. They are in negative 100ns */
522 dlong max_password_age;
523 dlong min_password_age;
525 NTTIME domain_create_time;
526 uint32 SecurityInformation;
528 lsa_BinaryString account_lockout;
532 uint32 logon_to_chgpass;
539 lsa_String group_name;
542 lsa_String description;
543 uint32 SecurityInformation;
569 [size_is(num_rids)] uint32 *rids;
570 [size_is(num_rids)] uint32 *attribs;
576 } netr_DELTA_GROUP_MEMBER;
579 lsa_String alias_name;
581 uint32 SecurityInformation;
583 lsa_String description;
599 } netr_DELTA_ALIAS_MEMBER;
602 uint32 pagedpoollimit;
603 uint32 nonpagedpoollimit;
604 uint32 minimumworkingsetsize;
605 uint32 maximumworkingsetsize;
606 uint32 pagefilelimit;
612 NTTIME auditretentionperiod;
613 boolean8 auditingmode;
614 uint32 maxauditeventcount;
615 [size_is(maxauditeventcount+1)] uint32 *eventauditoptions;
616 lsa_String primary_domain_name;
618 netr_QUOTA_LIMITS quota_limits;
620 NTTIME db_create_time;
621 uint32 SecurityInformation;
634 lsa_String domain_name;
635 uint32 num_controllers;
636 [size_is(num_controllers)] lsa_String *controller_names;
637 uint32 SecurityInformation;
647 } netr_DELTA_TRUSTED_DOMAIN;
650 uint32 privilege_entries;
651 uint32 privilege_control;
652 [size_is(privilege_entries)] uint32 *privilege_attrib;
653 [size_is(privilege_entries)] lsa_String *privilege_name;
654 netr_QUOTA_LIMITS quotalimits;
656 uint32 SecurityInformation;
666 } netr_DELTA_ACCOUNT;
671 [size_is(maxlen)][length_is(len)] uint8 *cipher_data;
675 netr_CIPHER_VALUE current_cipher;
676 NTTIME current_cipher_set_time;
677 netr_CIPHER_VALUE old_cipher;
678 NTTIME old_cipher_set_time;
679 uint32 SecurityInformation;
692 NETR_DELTA_DOMAIN = 1,
693 NETR_DELTA_GROUP = 2,
694 NETR_DELTA_DELETE_GROUP = 3,
695 NETR_DELTA_RENAME_GROUP = 4,
697 NETR_DELTA_DELETE_USER = 6,
698 NETR_DELTA_RENAME_USER = 7,
699 NETR_DELTA_GROUP_MEMBER = 8,
700 NETR_DELTA_ALIAS = 9,
701 NETR_DELTA_DELETE_ALIAS = 10,
702 NETR_DELTA_RENAME_ALIAS = 11,
703 NETR_DELTA_ALIAS_MEMBER = 12,
704 NETR_DELTA_POLICY = 13,
705 NETR_DELTA_TRUSTED_DOMAIN = 14,
706 NETR_DELTA_DELETE_TRUST = 15,
707 NETR_DELTA_ACCOUNT = 16,
708 NETR_DELTA_DELETE_ACCOUNT = 17,
709 NETR_DELTA_SECRET = 18,
710 NETR_DELTA_DELETE_SECRET = 19,
711 NETR_DELTA_DELETE_GROUP2 = 20,
712 NETR_DELTA_DELETE_USER2 = 21,
713 NETR_DELTA_MODIFY_COUNT = 22
716 typedef [switch_type(netr_DeltaEnum)] union {
717 [case(NETR_DELTA_DOMAIN)] netr_DELTA_DOMAIN *domain;
718 [case(NETR_DELTA_GROUP)] netr_DELTA_GROUP *group;
719 [case(NETR_DELTA_DELETE_GROUP)] ; /* rid only */
720 [case(NETR_DELTA_RENAME_GROUP)] netr_DELTA_RENAME *rename_group;
721 [case(NETR_DELTA_USER)] netr_DELTA_USER *user;
722 [case(NETR_DELTA_DELETE_USER)] ; /* rid only */
723 [case(NETR_DELTA_RENAME_USER)] netr_DELTA_RENAME *rename_user;
724 [case(NETR_DELTA_GROUP_MEMBER)] netr_DELTA_GROUP_MEMBER *group_member;
725 [case(NETR_DELTA_ALIAS)] netr_DELTA_ALIAS *alias;
726 [case(NETR_DELTA_DELETE_ALIAS)] ; /* rid only */
727 [case(NETR_DELTA_RENAME_ALIAS)] netr_DELTA_RENAME *rename_alias;
728 [case(NETR_DELTA_ALIAS_MEMBER)] netr_DELTA_ALIAS_MEMBER *alias_member;
729 [case(NETR_DELTA_POLICY)] netr_DELTA_POLICY *policy;
730 [case(NETR_DELTA_TRUSTED_DOMAIN)] netr_DELTA_TRUSTED_DOMAIN *trusted_domain;
731 [case(NETR_DELTA_DELETE_TRUST)] ; /* sid only */
732 [case(NETR_DELTA_ACCOUNT)] netr_DELTA_ACCOUNT *account;
733 [case(NETR_DELTA_DELETE_ACCOUNT)] ; /* sid only */
734 [case(NETR_DELTA_SECRET)] netr_DELTA_SECRET *secret;
735 [case(NETR_DELTA_DELETE_SECRET)] ; /* name only */
736 [case(NETR_DELTA_DELETE_GROUP2)] netr_DELTA_DELETE_USER *delete_group;
737 [case(NETR_DELTA_DELETE_USER2)] netr_DELTA_DELETE_USER *delete_user;
738 [case(NETR_DELTA_MODIFY_COUNT)] udlong *modified_count;
742 typedef [switch_type(netr_DeltaEnum)] union {
743 [case(NETR_DELTA_DOMAIN)] uint32 rid;
744 [case(NETR_DELTA_GROUP)] uint32 rid;
745 [case(NETR_DELTA_DELETE_GROUP)] uint32 rid;
746 [case(NETR_DELTA_RENAME_GROUP)] uint32 rid;
747 [case(NETR_DELTA_USER)] uint32 rid;
748 [case(NETR_DELTA_DELETE_USER)] uint32 rid;
749 [case(NETR_DELTA_RENAME_USER)] uint32 rid;
750 [case(NETR_DELTA_GROUP_MEMBER)] uint32 rid;
751 [case(NETR_DELTA_ALIAS)] uint32 rid;
752 [case(NETR_DELTA_DELETE_ALIAS)] uint32 rid;
753 [case(NETR_DELTA_RENAME_ALIAS)] uint32 rid;
754 [case(NETR_DELTA_ALIAS_MEMBER)] uint32 rid;
755 [case(NETR_DELTA_POLICY)] dom_sid2 *sid;
756 [case(NETR_DELTA_TRUSTED_DOMAIN)] dom_sid2 *sid;
757 [case(NETR_DELTA_DELETE_TRUST)] dom_sid2 *sid;
758 [case(NETR_DELTA_ACCOUNT)] dom_sid2 *sid;
759 [case(NETR_DELTA_DELETE_ACCOUNT)] dom_sid2 *sid;
760 [case(NETR_DELTA_SECRET)] [string,charset(UTF16)] uint16 *name;
761 [case(NETR_DELTA_DELETE_SECRET)] [string,charset(UTF16)] uint16 *name;
762 [case(NETR_DELTA_DELETE_GROUP2)] uint32 rid;
763 [case(NETR_DELTA_DELETE_USER2)] uint32 rid;
764 [case(NETR_DELTA_MODIFY_COUNT)] ;
766 } netr_DELTA_ID_UNION;
769 netr_DeltaEnum delta_type;
770 [switch_is(delta_type)] netr_DELTA_ID_UNION delta_id_union;
771 [switch_is(delta_type)] netr_DELTA_UNION delta_union;
776 [size_is(num_deltas)] netr_DELTA_ENUM *delta_enum;
777 } netr_DELTA_ENUM_ARRAY;
779 NTSTATUS netr_DatabaseDeltas(
780 [in] [string,charset(UTF16)] uint16 *logon_server,
781 [in] [string,charset(UTF16)] uint16 *computername,
782 [in,ref] netr_Authenticator *credential,
783 [in,out,ref] netr_Authenticator *return_authenticator,
784 [in] netr_SamDatabaseID database_id,
785 [in,out,ref] udlong *sequence_num,
786 [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array,
787 [in] uint32 preferredmaximumlength
794 NTSTATUS netr_DatabaseSync(
795 [in] [string,charset(UTF16)] uint16 *logon_server,
796 [in] [string,charset(UTF16)] uint16 *computername,
797 [in,ref] netr_Authenticator *credential,
798 [in,out,ref] netr_Authenticator *return_authenticator,
799 [in] netr_SamDatabaseID database_id,
800 [in,out,ref] uint32 *sync_context,
801 [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array,
802 [in] uint32 preferredmaximumlength
809 /* w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this call */
811 typedef [flag(NDR_PAHEX)] struct {
812 uint8 computer_name[16];
814 uint32 serial_number;
818 [flag(NDR_REMAINING)] DATA_BLOB blob;
819 } netr_AccountBuffer;
821 NTSTATUS netr_AccountDeltas(
822 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
823 [in] [string,charset(UTF16)] uint16 *computername,
824 [in] netr_Authenticator credential,
825 [in,out,ref] netr_Authenticator *return_authenticator,
826 [in] netr_UAS_INFO_0 uas,
829 [in] uint32 buffersize,
830 [out,ref,subcontext(4)] netr_AccountBuffer *buffer,
831 [out,ref] uint32 *count_returned,
832 [out,ref] uint32 *total_entries,
833 [out,ref] netr_UAS_INFO_0 *recordid
840 NTSTATUS netr_AccountSync(
841 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
842 [in] [string,charset(UTF16)] uint16 *computername,
843 [in] netr_Authenticator credential,
844 [in,out,ref] netr_Authenticator *return_authenticator,
845 [in] uint32 reference,
847 [in] uint32 buffersize,
848 [out,ref,subcontext(4)] netr_AccountBuffer *buffer,
849 [out,ref] uint32 *count_returned,
850 [out,ref] uint32 *total_entries,
851 [out,ref] uint32 *next_reference,
852 [in,out,ref] netr_UAS_INFO_0 *recordid
859 WERROR netr_GetDcName(
860 [in] [string,charset(UTF16)] uint16 *logon_server,
861 [in,unique] [string,charset(UTF16)] uint16 *domainname,
862 [out,ref] [string,charset(UTF16)] uint16 **dcname
868 typedef [bitmap32bit] bitmap {
869 NETLOGON_REPLICATION_NEEDED = 0x00000001,
870 NETLOGON_REPLICATION_IN_PROGRESS = 0x00000002,
871 NETLOGON_FULL_SYNC_REPLICATION = 0x00000004,
872 NETLOGON_REDO_NEEDED = 0x00000008,
873 NETLOGON_HAS_IP = 0x00000010,
874 NETLOGON_HAS_TIMESERV = 0x00000020,
875 NETLOGON_DNS_UPDATE_FAILURE = 0x00000040,
876 NETLOGON_VERIFY_STATUS_RETURNED = 0x00000080
880 netr_InfoFlags flags;
881 WERROR pdc_connection_status;
882 } netr_NETLOGON_INFO_1;
885 netr_InfoFlags flags;
886 WERROR pdc_connection_status;
887 [string,charset(UTF16)] uint16 *trusted_dc_name;
888 WERROR tc_connection_status;
889 } netr_NETLOGON_INFO_2;
892 netr_InfoFlags flags;
893 uint32 logon_attempts;
899 } netr_NETLOGON_INFO_3;
902 [string,charset(UTF16)] uint16 *trusted_dc_name;
903 [string,charset(UTF16)] uint16 *trusted_domain_name;
904 } netr_NETLOGON_INFO_4;
906 typedef [public] union {
907 [case(1)] netr_NETLOGON_INFO_1 *info1;
908 [case(2)] netr_NETLOGON_INFO_2 *info2;
909 [case(3)] netr_NETLOGON_INFO_3 *info3;
910 [case(4)] netr_NETLOGON_INFO_4 *info4;
912 } netr_CONTROL_QUERY_INFORMATION;
914 /* function_code values */
915 typedef [v1_enum,public] enum {
916 NETLOGON_CONTROL_QUERY = 0x00000001,
917 NETLOGON_CONTROL_REPLICATE = 0x00000002,
918 NETLOGON_CONTROL_SYNCHRONIZE = 0x00000003,
919 NETLOGON_CONTROL_PDC_REPLICATE = 0x00000004,
920 NETLOGON_CONTROL_REDISCOVER = 0x00000005,
921 NETLOGON_CONTROL_TC_QUERY = 0x00000006,
922 NETLOGON_CONTROL_TRANSPORT_NOTIFY = 0x00000007,
923 NETLOGON_CONTROL_FIND_USER = 0x00000008,
924 NETLOGON_CONTROL_CHANGE_PASSWORD = 0x00000009,
925 NETLOGON_CONTROL_TC_VERIFY = 0x0000000A,
926 NETLOGON_CONTROL_FORCE_DNS_REG = 0x0000000B,
927 NETLOGON_CONTROL_QUERY_DNS_REG = 0x0000000C,
928 NETLOGON_CONTROL_BACKUP_CHANGE_LOG = 0x0000FFFC,
929 NETLOGON_CONTROL_TRUNCATE_LOG = 0x0000FFFD,
930 NETLOGON_CONTROL_SET_DBFLAG = 0x0000FFFE,
931 NETLOGON_CONTROL_BREAKPOINT = 0x0000FFFF
932 } netr_LogonControlCode;
934 WERROR netr_LogonControl(
935 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
936 [in] netr_LogonControlCode function_code,
938 [out,ref,switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query
945 WERROR netr_GetAnyDCName(
946 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
947 [in,unique] [string,charset(UTF16)] uint16 *domainname,
948 [out,ref] [string,charset(UTF16)] uint16 **dcname
955 typedef [public,switch_type(netr_LogonControlCode)] union {
956 [case(NETLOGON_CONTROL_REDISCOVER)] [string,charset(UTF16)] uint16 *domain;
957 [case(NETLOGON_CONTROL_TC_QUERY)] [string,charset(UTF16)] uint16 *domain;
958 [case(NETLOGON_CONTROL_TRANSPORT_NOTIFY)] [string,charset(UTF16)] uint16 *domain;
959 [case(NETLOGON_CONTROL_CHANGE_PASSWORD)] [string,charset(UTF16)] uint16 *domain;
960 [case(NETLOGON_CONTROL_TC_VERIFY)] [string,charset(UTF16)] uint16 *domain;
961 [case(NETLOGON_CONTROL_FIND_USER)] [string,charset(UTF16)] uint16 *user;
962 [case(NETLOGON_CONTROL_SET_DBFLAG)] uint32 debug_level;
964 } netr_CONTROL_DATA_INFORMATION;
966 WERROR netr_LogonControl2(
967 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
968 [in] netr_LogonControlCode function_code,
970 [in,ref][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION *data,
971 [out,ref][switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query
975 /* If NETLOGON_NEG_ARCFOUR flag is not set, then the passwords and LM
976 * session keys are encrypted with DES calls. (And the user session key
982 typedef [public,bitmap32bit] bitmap {
983 NETLOGON_NEG_ACCOUNT_LOCKOUT = 0x00000001,
984 NETLOGON_NEG_PERSISTENT_SAMREPL = 0x00000002,
985 NETLOGON_NEG_ARCFOUR = 0x00000004,
986 NETLOGON_NEG_PROMOTION_COUNT = 0x00000008,
987 NETLOGON_NEG_CHANGELOG_BDC = 0x00000010,
988 NETLOGON_NEG_FULL_SYNC_REPL = 0x00000020,
989 NETLOGON_NEG_MULTIPLE_SIDS = 0x00000040,
990 NETLOGON_NEG_REDO = 0x00000080,
991 NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL = 0x00000100,
992 NETLOGON_NEG_SEND_PASSWORD_INFO_PDC = 0x00000200,
993 NETLOGON_NEG_GENERIC_PASSTHROUGH = 0x00000400,
994 NETLOGON_NEG_CONCURRENT_RPC = 0x00000800,
995 NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL = 0x00001000,
996 NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL = 0x00002000,
997 NETLOGON_NEG_STRONG_KEYS = 0x00004000,
998 NETLOGON_NEG_TRANSITIVE_TRUSTS = 0x00008000,
999 NETLOGON_NEG_DNS_DOMAIN_TRUSTS = 0x00010000,
1000 NETLOGON_NEG_PASSWORD_SET2 = 0x00020000,
1001 NETLOGON_NEG_GETDOMAININFO = 0x00040000,
1002 NETLOGON_NEG_CROSS_FOREST_TRUSTS = 0x00080000,
1003 NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION = 0x00100000,
1004 NETLOGON_NEG_RODC_PASSTHROUGH = 0x00200000,
1005 NETLOGON_NEG_SUPPORTS_AES_SHA2 = 0x00400000,
1006 NETLOGON_NEG_SUPPORTS_AES = 0x01000000,
1007 NETLOGON_NEG_AUTHENTICATED_RPC_LSASS = 0x20000000,
1008 NETLOGON_NEG_AUTHENTICATED_RPC = 0x40000000
1009 } netr_NegotiateFlags;
1011 const uint32 NETLOGON_NEG_128BIT = NETLOGON_NEG_STRONG_KEYS;
1012 const uint32 NETLOGON_NEG_SCHANNEL = NETLOGON_NEG_AUTHENTICATED_RPC;
1014 NTSTATUS netr_ServerAuthenticate2(
1015 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1016 [in] [string,charset(UTF16)] uint16 *account_name,
1017 [in] netr_SchannelType secure_channel_type,
1018 [in] [string,charset(UTF16)] uint16 *computer_name,
1019 [in,ref] netr_Credential *credentials,
1020 [out,ref] netr_Credential *return_credentials,
1021 [in,out,ref] netr_NegotiateFlags *negotiate_flags
1029 SYNCSTATE_NORMAL_STATE = 0,
1030 SYNCSTATE_DOMAIN_STATE = 1,
1031 SYNCSTATE_GROUP_STATE = 2,
1032 SYNCSTATE_UAS_BUILT_IN_GROUP_STATE = 3,
1033 SYNCSTATE_USER_STATE = 4,
1034 SYNCSTATE_GROUP_MEMBER_STATE = 5,
1035 SYNCSTATE_ALIAS_STATE = 6,
1036 SYNCSTATE_ALIAS_MEMBER_STATE = 7,
1037 SYNCSTATE_SAM_DONE_STATE = 8
1040 NTSTATUS netr_DatabaseSync2(
1041 [in] [string,charset(UTF16)] uint16 *logon_server,
1042 [in] [string,charset(UTF16)] uint16 *computername,
1043 [in,ref] netr_Authenticator *credential,
1044 [in,out,ref] netr_Authenticator *return_authenticator,
1045 [in] netr_SamDatabaseID database_id,
1046 [in] SyncStateEnum restart_state,
1047 [in,out,ref] uint32 *sync_context,
1048 [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array,
1049 [in] uint32 preferredmaximumlength
1056 /* i'm not at all sure how this call works */
1058 typedef [bitmap16bit] bitmap {
1059 NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED = 0x0001,
1060 NETR_CHANGELOG_CHANGED_PASSWORD = 0x0002,
1061 NETR_CHANGELOG_SID_INCLUDED = 0x0004,
1062 NETR_CHANGELOG_NAME_INCLUDED = 0x0008,
1063 NETR_CHANGELOG_FIRST_PROMOTION_OBJ = 0x0010
1064 } netr_ChangeLogFlags;
1066 typedef [nodiscriminant] union {
1067 [case(NETR_CHANGELOG_SID_INCLUDED)] dom_sid object_sid;
1068 [case(NETR_CHANGELOG_NAME_INCLUDED)] nstring object_name;
1070 } netr_ChangeLogObject;
1072 typedef [public,gensize] struct {
1073 uint32 serial_number1;
1074 uint32 serial_number2;
1076 netr_ChangeLogFlags flags;
1077 netr_SamDatabaseID8Bit db_index;
1078 netr_DeltaEnum8Bit delta_type;
1079 [switch_is(flags & (NETR_CHANGELOG_SID_INCLUDED|NETR_CHANGELOG_NAME_INCLUDED))] netr_ChangeLogObject object;
1080 } netr_ChangeLogEntry;
1082 NTSTATUS netr_DatabaseRedo(
1083 [in] [string,charset(UTF16)] uint16 *logon_server,
1084 [in] [string,charset(UTF16)] uint16 *computername,
1085 [in] netr_Authenticator *credential,
1086 [in,out,ref] netr_Authenticator *return_authenticator,
1088 * we cannot use subcontext_size() here, as
1089 * change_log_entry_size is encoded after the subcontext
1091 [in] [subcontext(4)/*,subcontext_size(change_log_entry_size)*/]
1092 netr_ChangeLogEntry change_log_entry,
1093 [in] [value(ndr_size_netr_ChangeLogEntry(&change_log_entry,
1095 uint32 change_log_entry_size,
1096 [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array
1103 WERROR netr_LogonControl2Ex(
1104 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
1105 [in] netr_LogonControlCode function_code,
1107 [in,ref][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION *data,
1108 [out,ref][switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query
1115 [size_is(length)] uint8 *data;
1118 NTSTATUS netr_NetrEnumerateTrustedDomains(
1119 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1120 [out,ref] netr_Blob *trusted_domains_blob
1126 /* one unkown bit still: DS_IP_VERSION_AGNOSTIC - gd*/
1128 const int DSGETDC_VALID_FLAGS = (DS_FORCE_REDISCOVERY |
1129 DS_DIRECTORY_SERVICE_REQUIRED |
1130 DS_DIRECTORY_SERVICE_PREFERRED |
1131 DS_GC_SERVER_REQUIRED |
1133 DS_BACKGROUND_ONLY |
1136 DS_TIMESERV_REQUIRED |
1137 DS_WRITABLE_REQUIRED |
1138 DS_GOOD_TIMESERV_PREFERRED |
1140 DS_ONLY_LDAP_NEEDED |
1143 DS_TRY_NEXTCLOSEST_SITE |
1144 DS_DIRECTORY_SERVICE_6_REQUIRED |
1145 DS_WEB_SERVICE_REQUIRED |
1146 DS_RETURN_FLAT_NAME |
1147 DS_RETURN_DNS_NAME);
1149 typedef [bitmap32bit] bitmap {
1150 DS_FORCE_REDISCOVERY = 0x00000001,
1151 DS_DIRECTORY_SERVICE_REQUIRED = 0x00000010,
1152 DS_DIRECTORY_SERVICE_PREFERRED = 0x00000020,
1153 DS_GC_SERVER_REQUIRED = 0x00000040,
1154 DS_PDC_REQUIRED = 0x00000080,
1155 DS_BACKGROUND_ONLY = 0x00000100,
1156 DS_IP_REQUIRED = 0x00000200,
1157 DS_KDC_REQUIRED = 0x00000400,
1158 DS_TIMESERV_REQUIRED = 0x00000800,
1159 DS_WRITABLE_REQUIRED = 0x00001000,
1160 DS_GOOD_TIMESERV_PREFERRED = 0x00002000,
1161 DS_AVOID_SELF = 0x00004000,
1162 DS_ONLY_LDAP_NEEDED = 0x00008000,
1163 DS_IS_FLAT_NAME = 0x00010000,
1164 DS_IS_DNS_NAME = 0x00020000,
1165 DS_TRY_NEXTCLOSEST_SITE = 0x00040000,
1166 DS_DIRECTORY_SERVICE_6_REQUIRED = 0x00080000,
1167 DS_WEB_SERVICE_REQUIRED = 0x00100000,
1168 DS_RETURN_DNS_NAME = 0x40000000,
1169 DS_RETURN_FLAT_NAME = 0x80000000
1170 } netr_DsRGetDCName_flags;
1172 typedef [v1_enum] enum {
1173 DS_ADDRESS_TYPE_INET = 1,
1174 DS_ADDRESS_TYPE_NETBIOS = 2
1175 } netr_DsRGetDCNameInfo_AddressType;
1177 typedef [bitmap32bit] bitmap {
1178 DS_SERVER_PDC = 0x00000001,
1179 DS_SERVER_GC = 0x00000004,
1180 DS_SERVER_LDAP = 0x00000008,
1181 DS_SERVER_DS = 0x00000010,
1182 DS_SERVER_KDC = 0x00000020,
1183 DS_SERVER_TIMESERV = 0x00000040,
1184 DS_SERVER_CLOSEST = 0x00000080,
1185 DS_SERVER_WRITABLE = 0x00000100,
1186 DS_SERVER_GOOD_TIMESERV = 0x00000200,
1187 DS_SERVER_NDNC = 0x00000400,
1188 DS_SERVER_SELECT_SECRET_DOMAIN_6 = 0x00000800,
1189 DS_SERVER_FULL_SECRET_DOMAIN_6 = 0x00001000,
1190 DS_SERVER_WEBSERV = 0x00002000,
1191 DS_SERVER_DS_8 = 0x00004000,
1192 DS_DNS_CONTROLLER = 0x20000000,
1193 DS_DNS_DOMAIN = 0x40000000,
1194 DS_DNS_FOREST_ROOT = 0x80000000
1197 typedef [public] struct {
1198 [string,charset(UTF16)] uint16 *dc_unc;
1199 [string,charset(UTF16)] uint16 *dc_address;
1200 netr_DsRGetDCNameInfo_AddressType dc_address_type;
1202 [string,charset(UTF16)] uint16 *domain_name;
1203 [string,charset(UTF16)] uint16 *forest_name;
1204 netr_DsR_DcFlags dc_flags;
1205 [string,charset(UTF16)] uint16 *dc_site_name;
1206 [string,charset(UTF16)] uint16 *client_site_name;
1207 } netr_DsRGetDCNameInfo;
1209 WERROR netr_DsRGetDCName(
1210 [in,unique] [string,charset(UTF16)] uint16 *server_unc,
1211 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1212 [in,unique] GUID *domain_guid,
1213 [in,unique] GUID *site_guid,
1214 [in] netr_DsRGetDCName_flags flags,
1215 [out,ref] netr_DsRGetDCNameInfo **info
1220 typedef [switch_type(uint32)] union {
1221 [case(1)] netr_NegotiateFlags server_capabilities;
1222 } netr_Capabilities;
1224 NTSTATUS netr_LogonGetCapabilities(
1225 [in] [string,charset(UTF16)] uint16 *server_name,
1226 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1227 [in,ref] netr_Authenticator *credential,
1228 [in,out,ref] netr_Authenticator *return_authenticator,
1229 [in] uint32 query_level,
1230 [out,ref,switch_is(query_level)] netr_Capabilities *capabilities
1235 [todo] WERROR netr_NETRLOGONSETSERVICEBITS();
1239 WERROR netr_LogonGetTrustRid(
1240 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1241 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1242 [out,ref] uint32 *rid
1247 [todo] WERROR netr_NETRLOGONCOMPUTESERVERDIGEST();
1251 [todo] WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST();
1255 [public] NTSTATUS netr_ServerAuthenticate3(
1256 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1257 [in] [string,charset(UTF16)] uint16 *account_name,
1258 [in] netr_SchannelType secure_channel_type,
1259 [in] [string,charset(UTF16)] uint16 *computer_name,
1260 [in,ref] netr_Credential *credentials,
1261 [out,ref] netr_Credential *return_credentials,
1262 [in,out,ref] netr_NegotiateFlags *negotiate_flags,
1263 [out,ref] uint32 *rid
1269 WERROR netr_DsRGetDCNameEx(
1270 [in,unique] [string,charset(UTF16)] uint16 *server_unc,
1271 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1272 [in,unique] GUID *domain_guid,
1273 [in,unique] [string,charset(UTF16)] uint16 *site_name,
1274 [in] netr_DsRGetDCName_flags flags,
1275 [out,ref] netr_DsRGetDCNameInfo **info
1281 WERROR netr_DsRGetSiteName(
1282 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1283 [out,ref] [string,charset(UTF16)] uint16 **site
1288 typedef [public,bitmap32bit] bitmap {
1289 NETR_TRUST_FLAG_IN_FOREST = 0x00000001,
1290 NETR_TRUST_FLAG_OUTBOUND = 0x00000002,
1291 NETR_TRUST_FLAG_TREEROOT = 0x00000004,
1292 NETR_TRUST_FLAG_PRIMARY = 0x00000008,
1293 NETR_TRUST_FLAG_NATIVE = 0x00000010,
1294 NETR_TRUST_FLAG_INBOUND = 0x00000020,
1295 NETR_TRUST_FLAG_MIT_KRB5 = 0x00000080,
1296 NETR_TRUST_FLAG_AES = 0x00000100
1299 typedef [bitmap32bit] bitmap {
1300 NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS = 0x00000001,
1301 NETR_WS_FLAG_HANDLES_SPN_UPDATE = 0x00000002
1302 } netr_WorkstationFlags;
1304 typedef [bitmap16bit] bitmap {
1305 NETR_VER_SUITE_BACKOFFICE = 0x0004,
1306 NETR_VER_SUITE_BLADE = 0x0400,
1307 NETR_VER_SUITE_COMPUTE_SERVER = 0x4000,
1308 NETR_VER_SUITE_DATACENTER = 0x0080,
1309 NETR_VER_SUITE_ENTERPRISE = 0x0002,
1310 NETR_VER_SUITE_EMBEDDEDNT = 0x0040,
1311 NETR_VER_SUITE_PERSONAL = 0x0200,
1312 NETR_VER_SUITE_SINGLEUSERTS = 0x0100,
1313 NETR_VER_SUITE_SMALLBUSINESS = 0x0001,
1314 NETR_VER_SUITE_SMALLBUSINESS_RESTRICTED = 0x0020,
1315 NETR_VER_SUITE_STORAGE_SERVER = 0x2000,
1316 NETR_VER_SUITE_TERMINAL = 0x0010,
1317 NETR_VER_SUITE_WH_SERVER = 0x8000
1320 typedef [bitmap8bit] bitmap {
1321 NETR_VER_NT_DOMAIN_CONTROLLER = 0x02,
1322 NETR_VER_NT_SERVER = 0x03,
1323 NETR_VER_NT_WORKSTATION = 0x01
1328 [size_is(policy_size)] uint8 *policy;
1329 } netr_LsaPolicyInformation;
1332 [value(284)] uint32 OSVersionInfoSize;
1333 uint32 MajorVersion;
1334 uint32 MinorVersion;
1337 [subcontext(0),subcontext_size(256)] nstring CSDVersion;
1338 uint16 ServicePackMajor;
1339 uint16 ServicePackMinor;
1340 netr_SuiteMask SuiteMask;
1341 netr_ProductType ProductType;
1343 } netr_OsVersionInfoEx;
1346 /* these first 3 values come from the fact windows
1347 actually encodes this structure as a UNICODE_STRING
1348 - see MS-NRPC section 2.2.1.3.9 */
1349 /* 142 * 2 = 284 (length of structure "netr_OsVersionInfoEx") */
1350 [value(142)] uint3264 length;
1351 [value(0)] uint3264 dummy;
1352 [value(142)] uint3264 size;
1353 [subcontext(0),subcontext_size(size*2)]
1354 netr_OsVersionInfoEx os;
1358 /* value is 284 when info != os, otherwise 0 (for length and
1360 [value(os == NULL ? 0 : 284)] uint16 length;
1361 [value(os == NULL ? 0 : 284)] uint16 size;
1363 } netr_OsVersionContainer;
1366 netr_LsaPolicyInformation lsa_policy;
1367 [string,charset(UTF16)] uint16 *dns_hostname;
1368 [string,charset(UTF16)] uint16 *sitename;
1369 [string,charset(UTF16)] uint16 *dummy1;
1370 [string,charset(UTF16)] uint16 *dummy2;
1371 [string,charset(UTF16)] uint16 *dummy3;
1372 [string,charset(UTF16)] uint16 *dummy4;
1373 netr_OsVersionContainer os_version;
1375 lsa_String dummy_string3;
1376 lsa_String dummy_string4;
1377 netr_WorkstationFlags workstation_flags;
1378 kerb_EncTypes supported_enc_types;
1381 } netr_WorkstationInformation;
1384 [case(1)] netr_WorkstationInformation *workstation_info;
1385 [case(2)] netr_WorkstationInformation *lsa_policy_info;
1386 } netr_WorkstationInfo;
1389 netr_TrustFlags flags;
1390 uint32 parent_index;
1391 lsa_TrustType trust_type;
1392 lsa_TrustAttributes trust_attributes;
1393 } netr_trust_extension_info;
1396 /* these first 3 values come from the fact windows
1397 actually encodes this structure as a UNICODE_STRING
1398 - see MS-NRPC section 2.2.1.3.9 */
1399 [value(8)] uint3264 length;
1400 [value(0)] uint3264 dummy;
1401 [value(8)] uint3264 size;
1402 [subcontext(0),subcontext_size(size*2)]
1403 netr_trust_extension_info info;
1404 } netr_trust_extension;
1407 /* value is 16 when info != NULL, otherwise 0 */
1408 [value(info == NULL ? 0 : 16)] uint16 length;
1409 [value(info == NULL ? 0 : 16)] uint16 size;
1410 netr_trust_extension *info;
1411 } netr_trust_extension_container;
1414 lsa_StringLarge domainname;
1415 lsa_StringLarge dns_domainname;
1416 lsa_StringLarge dns_forestname;
1418 dom_sid2 *domain_sid;
1419 netr_trust_extension_container trust_extension;
1420 lsa_StringLarge dummy_string2;
1421 lsa_StringLarge dummy_string3;
1422 lsa_StringLarge dummy_string4;
1427 } netr_OneDomainInfo;
1430 netr_OneDomainInfo primary_domain;
1431 uint32 trusted_domain_count;
1432 [size_is(trusted_domain_count)] netr_OneDomainInfo *trusted_domains;
1433 netr_LsaPolicyInformation lsa_policy;
1434 lsa_StringLarge dns_hostname;
1435 lsa_StringLarge dummy_string2;
1436 lsa_StringLarge dummy_string3;
1437 lsa_StringLarge dummy_string4;
1438 netr_WorkstationFlags workstation_flags;
1439 kerb_EncTypes supported_enc_types;
1442 } netr_DomainInformation;
1445 [case(1)] netr_DomainInformation *domain_info;
1446 [case(2)] netr_LsaPolicyInformation *lsa_policy_info;
1449 [public] NTSTATUS netr_LogonGetDomainInfo(
1450 [in] [string,charset(UTF16)] uint16 *server_name,
1451 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1452 [in,ref] netr_Authenticator *credential,
1453 [in,out,ref] netr_Authenticator *return_authenticator,
1455 [in,ref,switch_is(level)] netr_WorkstationInfo *query,
1456 [out,ref,switch_is(level)] netr_DomainInfo *info
1462 /* [MS-NRPC] 2.2.1.3.8 NL_PASSWORD_VERSION */
1464 /* someone's birthday ? */
1465 const int NETLOGON_PASSWORD_VERSION_NUMBER_PRESENT = 0x02231968;
1468 uint32 ReservedField;
1469 uint32 PasswordVersionNumber;
1470 uint32 PasswordVersionPresent;
1471 } NL_PASSWORD_VERSION;
1473 typedef [flag(NDR_PAHEX)] struct {
1476 } netr_CryptPassword;
1478 NTSTATUS netr_ServerPasswordSet2(
1479 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1480 [in] [string,charset(UTF16)] uint16 *account_name,
1481 [in] netr_SchannelType secure_channel_type,
1482 [in] [string,charset(UTF16)] uint16 *computer_name,
1483 [in,ref] netr_Authenticator *credential,
1484 [out,ref] netr_Authenticator *return_authenticator,
1485 [in,ref] netr_CryptPassword *new_password
1490 NTSTATUS netr_ServerPasswordGet(
1491 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1492 [in] [string,charset(UTF16)] uint16 *account_name,
1493 [in] netr_SchannelType secure_channel_type,
1494 [in] [string,charset(UTF16)] uint16 *computer_name,
1495 [in,ref] netr_Authenticator *credential,
1496 [out,ref] netr_Authenticator *return_authenticator,
1497 [out,ref] samr_Password *password
1500 typedef [public] enum {
1501 SendToSamUpdatePassword = 0,
1502 SendToSamResetBadPasswordCount = 1,
1503 SendToSamUpdatePasswordForward = 2,
1504 SendToSamUpdateLastLogonTimestamp = 3,
1505 SendToSamResetSmartCardPassword = 4
1506 } netr_SendToSamType;
1510 } netr_SendToSamResetBadPasswordCount;
1512 typedef [nodiscriminant, public,switch_type(netr_SendToSamType)] union {
1513 /* TODO Implement other SendToSam message types
1514 * [case(SendToSamUpdatePassword)] netr_SendToSamUpdatePassword ...; */
1515 [case(SendToSamResetBadPasswordCount)] netr_SendToSamResetBadPasswordCount reset_bad_password;
1517 * [case(SendToSamUpdatePasswordForward)] netrSendToSamUpdatePasswordForward ...;
1518 * [case(SendToSamUpdateLastLogonTimestamp)] netrSendToSamUpdateLastLogonTimestamp ...;
1519 * [case(SendToSamResetSmartCardPassword)] netrSendToSamResetSmartCardPassword ...;
1522 } netr_SendToSamMessage;
1524 typedef [public] struct {
1525 netr_SendToSamType message_type;
1526 uint32 message_size;
1527 [switch_is(message_type), subcontext(0), subcontext_size(message_size)] netr_SendToSamMessage message;
1528 } netr_SendToSamBase;
1532 NTSTATUS netr_NetrLogonSendToSam(
1533 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1534 [in] [string,charset(UTF16)] uint16 *computer_name,
1535 [in,ref] netr_Authenticator *credential,
1536 [out,ref] netr_Authenticator *return_authenticator,
1537 [in,ref] [size_is(buffer_len)] uint8 *opaque_buffer,
1538 [in] uint32 buffer_len
1545 [size_is(count)] lsa_String *sitename;
1546 } netr_DsRAddressToSitenamesWCtr;
1549 [size_is(size)] uint8 *buffer;
1553 WERROR netr_DsRAddressToSitenamesW(
1554 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1555 [in] [range(0,32000)] uint32 count,
1556 [in] [size_is(count)] [ref] netr_DsRAddress *addresses,
1557 [out] [ref] netr_DsRAddressToSitenamesWCtr **ctr
1562 WERROR netr_DsRGetDCNameEx2(
1563 [in,unique] [string,charset(UTF16)] uint16 *server_unc,
1564 [in,unique] [string,charset(UTF16)] uint16 *client_account,
1565 [in] samr_AcctFlags mask,
1566 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1567 [in,unique] GUID *domain_guid,
1568 [in,unique] [string,charset(UTF16)] uint16 *site_name,
1569 [in] netr_DsRGetDCName_flags flags,
1570 [out,ref] netr_DsRGetDCNameInfo **info
1575 [todo] WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN();
1581 [string,charset(UTF16)] uint16 *netbios_name;
1582 [string,charset(UTF16)] uint16 *dns_name;
1583 netr_TrustFlags trust_flags;
1584 uint32 parent_index;
1585 lsa_TrustType trust_type;
1586 lsa_TrustAttributes trust_attributes;
1593 [size_is(count)] netr_DomainTrust *array;
1594 } netr_DomainTrustList;
1596 WERROR netr_NetrEnumerateTrustedDomainsEx(
1597 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1598 [out,ref] netr_DomainTrustList *dom_trust_list
1605 [size_is(count)] lsa_String *sitename;
1606 [size_is(count)] lsa_String *subnetname;
1607 } netr_DsRAddressToSitenamesExWCtr;
1609 WERROR netr_DsRAddressToSitenamesExW(
1610 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1611 [in] [range(0,32000)] uint32 count,
1612 [in] [size_is(count)] [ref] netr_DsRAddress *addresses,
1613 [out] [ref] netr_DsRAddressToSitenamesExWCtr **ctr
1621 [size_is(num_sites)] [unique] lsa_String *sites;
1624 WERROR netr_DsrGetDcSiteCoverageW(
1625 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1626 [out,ref] DcSitesCtr **ctr
1631 typedef [public,bitmap32bit] bitmap {
1632 /* Request MUST be passed to the domain controller at the root of the forest. */
1633 NETLOGON_SAMLOGON_FLAG_PASS_TO_FOREST_ROOT = 0x00000001,
1634 /* Request MUST be passed to the DC at the end of the first hop over a cross-forest trust. */
1635 NETLOGON_SAMLOGON_FLAG_PASS_CROSS_FOREST_HOP = 0x00000002,
1636 /* Request was passed by an RODC to a DC in a different domain. */
1637 NETLOGON_SAMLOGON_FLAG_RODC_TO_OTHER_DOMAIN = 0x00000004,
1638 /* Request is an NTLM authentication package request passed by an RODC. */
1639 NETLOGON_SAMLOGON_FLAG_RODC_NTLM_REQUEST = 0x00000008
1640 } netr_LogonSamLogon_flags;
1642 NTSTATUS netr_LogonSamLogonEx(
1643 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1644 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1645 [in] netr_LogonInfoClass logon_level,
1646 [in,ref] [switch_is(logon_level)] netr_LogonLevel *logon,
1647 [in] uint16 validation_level,
1648 [out,ref] [switch_is(validation_level)] netr_Validation *validation,
1649 [out,ref] uint8 *authoritative,
1650 [in,out,ref] netr_LogonSamLogon_flags *flags
1656 WERROR netr_DsrEnumerateDomainTrusts(
1657 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1658 [in] netr_TrustFlags trust_flags,
1659 [out,ref] netr_DomainTrustList *trusts
1665 WERROR netr_DsrDeregisterDNSHostRecords(
1666 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1667 [in,unique] [string,charset(UTF16)] uint16 *domain,
1668 [in,unique] GUID *domain_guid,
1669 [in,unique] GUID *dsa_guid,
1670 [in,ref] [string,charset(UTF16)] uint16 *dns_host
1675 NTSTATUS netr_ServerTrustPasswordsGet(
1676 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1677 [in] [string,charset(UTF16)] uint16 *account_name,
1678 [in] netr_SchannelType secure_channel_type,
1679 [in] [string,charset(UTF16)] uint16 *computer_name,
1680 [in,ref] netr_Authenticator *credential,
1681 [out,ref] netr_Authenticator *return_authenticator,
1682 [out,ref] samr_Password *new_owf_password,
1683 [out,ref] samr_Password *old_owf_password
1689 const int DS_GFTI_UPDATE_TDO = 0x1;
1691 WERROR netr_DsRGetForestTrustInformation(
1692 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1693 [in,unique] [string,charset(UTF16)] uint16 *trusted_domain_name,
1695 [out,ref] lsa_ForestTrustInformation **forest_trust_info
1700 NTSTATUS netr_GetForestTrustInformation(
1701 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1702 [in,ref] [string,charset(UTF16)] uint16 *computer_name,
1703 [in,ref] netr_Authenticator *credential,
1704 [out,ref] netr_Authenticator *return_authenticator,
1706 [out,ref] lsa_ForestTrustInformation **forest_trust_info
1712 /* this is the ADS varient. I don't yet know what the "flags" are for */
1713 NTSTATUS netr_LogonSamLogonWithFlags(
1714 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1715 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1716 [in,unique] netr_Authenticator *credential,
1717 [in,out,unique] netr_Authenticator *return_authenticator,
1718 [in] netr_LogonInfoClass logon_level,
1719 [in,ref] [switch_is(logon_level)] netr_LogonLevel *logon,
1720 [in] uint16 validation_level,
1721 [out,ref] [switch_is(validation_level)] netr_Validation *validation,
1722 [out,ref] uint8 *authoritative,
1723 [in,out,ref] netr_LogonSamLogon_flags *flags
1731 [size_is(count)] uint32 *data;
1733 [size_is(count)] lsa_String *entries;
1736 NTSTATUS netr_ServerGetTrustInfo(
1737 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1738 [in,ref] [string,charset(UTF16)] uint16 *account_name,
1739 [in] netr_SchannelType secure_channel_type,
1740 [in,ref] [string,charset(UTF16)] uint16 *computer_name,
1741 [in,ref] netr_Authenticator *credential,
1742 [out,ref] netr_Authenticator *return_authenticator,
1743 [out,ref] samr_Password *new_owf_password,
1744 [out,ref] samr_Password *old_owf_password,
1745 [out,ref] netr_TrustInfo **trust_info
1751 NTSTATUS netr_Unused47(void);
1758 NlDnsLdapAtSite = 22,
1761 NlDnsKdcAtSite = 30,
1763 NlDnsRfc1510KdcAtSite = 34,
1764 NlDnsGenericGcAtSite = 36
1768 NlDnsInfoTypeNone = 0,
1769 NlDnsDomainName = 1,
1770 NlDnsDomainNameAlias = 2,
1771 NlDnsForestName = 3,
1772 NlDnsForestNameAlias = 4,
1773 NlDnsNdncDomainName = 5,
1775 } netr_DnsDomainInfoType;
1779 [string,charset(UTF16)] uint16 *dns_domain_info;
1780 netr_DnsDomainInfoType dns_domain_info_type;
1784 boolean32 dns_register;
1788 typedef [public] struct {
1790 [size_is(count)] NL_DNS_NAME_INFO *names;
1791 } NL_DNS_NAME_INFO_ARRAY;
1793 NTSTATUS netr_DsrUpdateReadOnlyServerDnsRecords(
1794 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1795 [in,ref] [string,charset(UTF16)] uint16 *computer_name,
1796 [in, ref] netr_Authenticator *credential,
1797 [out,ref] netr_Authenticator *return_authenticator,
1798 [in,unique] [string,charset(UTF16)] uint16 *site_name,
1799 [in] uint32 dns_ttl,
1800 [in,out,ref] NL_DNS_NAME_INFO_ARRAY *dns_names