git.samba.org / samba.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
s4:kdc: Add resource SID compression
[samba.git] / librpc / idl / netlogon.idl
1 /*
2   netlogon interface
3   much of this was derived from the ethereal sources - thanks to everyone 
4   who contributed!
5 */
6
7 import "misc.idl", "lsa.idl", "samr.idl", "security.idl";
8
9 #include "idl_types.h"
10
11 cpp_quote("#define netr_DeltaEnum8Bit netr_DeltaEnum")
12 cpp_quote("#define netr_SamDatabaseID8Bit netr_SamDatabaseID")
13
14 cpp_quote("#define ENC_CRC32 KERB_ENCTYPE_DES_CBC_CRC")
15 cpp_quote("#define ENC_RSA_MD5 KERB_ENCTYPE_DES_CBC_MD5")
16 cpp_quote("#define ENC_RC4_HMAC_MD5 KERB_ENCTYPE_RC4_HMAC_MD5")
17 cpp_quote("#define ENC_HMAC_SHA1_96_AES128 KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96")
18 cpp_quote("#define ENC_HMAC_SHA1_96_AES256 KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96")
19 cpp_quote("#define ENC_HMAC_SHA1_96_AES256_SK KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96_SK")
20 cpp_quote("#define ENC_FAST_SUPPORTED KERB_ENCTYPE_FAST_SUPPORTED")
21 cpp_quote("#define ENC_COMPOUND_IDENTITY_SUPPORTED KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED")
22 cpp_quote("#define ENC_CLAIMS_SUPPORTED KERB_ENCTYPE_CLAIMS_SUPPORTED")
23 cpp_quote("#define ENC_RESOURCE_SID_COMPRESSION_DISABLED KERB_ENCTYPE_RESOURCE_SID_COMPRESSION_DISABLED")
24 cpp_quote("#define NETLOGON_SERVER_PIPE_STATE_MAGIC 0x4f555358")
25
26 [
27   uuid("12345678-1234-abcd-ef00-01234567cffb"),
28   version(1.0),
29   endpoint("ncacn_np:[\\pipe\\netlogon]","ncacn_ip_tcp:","ncalrpc:"),
30   helper("../librpc/ndr/ndr_netlogon.h"),
31   ms_union,
32   pointer_default(unique)
33 ]
34
35 interface netlogon
36 {
37         typedef bitmap samr_AcctFlags samr_AcctFlags;
38         typedef bitmap security_GroupAttrs security_GroupAttrs;
39         typedef enum netr_DeltaEnum8Bit netr_DeltaEnum8Bit;
40         typedef enum netr_SamDatabaseID8Bit netr_SamDatabaseID8Bit;
41
42         /*****************/
43         /* Function 0x00 */
44
45         typedef struct {
46                 [string,charset(UTF16)] uint16 *account_name;
47                 uint32 priv;
48                 uint32 auth_flags;
49                 uint32 logon_count;
50                 uint32 bad_pw_count;
51                 time_t last_logon;
52                 time_t last_logoff;
53                 time_t logoff_time;
54                 time_t kickoff_time;
55                 uint32 password_age;
56                 time_t pw_can_change;
57                 time_t pw_must_change;
58                 [string,charset(UTF16)] uint16 *computer;
59                 [string,charset(UTF16)] uint16 *domain;
60                 [string,charset(UTF16)] uint16 *script_path;
61                 uint32 unknown;
62         } netr_UasInfo;
63
64         WERROR netr_LogonUasLogon(
65                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
66                 [in]   [string,charset(UTF16)] uint16 *account_name,
67                 [in]   [string,charset(UTF16)] uint16 *workstation,
68                 [out,ref]  netr_UasInfo **info
69                 );
70
71
72         /*****************/
73         /* Function 0x01 */
74
75         typedef struct {
76                 uint32 duration;
77                 uint16 logon_count;
78         } netr_UasLogoffInfo;
79
80         WERROR netr_LogonUasLogoff(
81                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
82                 [in] [string,charset(UTF16)] uint16 *account_name,
83                 [in] [string,charset(UTF16)] uint16 *workstation,
84                 [out,ref] netr_UasLogoffInfo *info
85                 );
86
87
88         /*****************/
89         /* Function 0x02 */
90
91         /* in netr_AcctLockStr size seems to be be 24, and rrenard thinks 
92            that the structure of the bindata looks like this:
93
94                 dlong  lockout_duration;
95                 udlong reset_count;
96                 uint32 bad_attempt_lockout;
97                 uint32 dummy;   
98
99            but it doesn't look as though this structure is reflected at the
100            NDR level. Maybe it is left to the application to decode the bindata array.
101         */
102         typedef [public] struct {
103                 dlong lockout_duration;
104                 udlong reset_count;
105                 uint32 bad_attempt_lockout;
106                 uint32 dummy;
107         } netr_AcctLockStr;
108
109         /* - MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
110          *   sets the NETLOGON_SERVER_TRUST_ACCOUNT user_flag
111          * - MSV1_0_UPDATE_LOGON_STATISTICS
112          *   sets the logon time on network logon
113          * - MSV1_0_RETURN_USER_PARAMETERS
114          *   sets the user parameters in the driveletter
115          * - MSV1_0_RETURN_PROFILE_PATH
116          *   returns the profilepath in the driveletter and
117          *   sets LOGON_PROFILE_PATH_RETURNED user_flag
118          */
119
120         typedef [public,bitmap32bit] bitmap {
121                 MSV1_0_CLEARTEXT_PASSWORD_ALLOWED       = 0x00000002,
122                 MSV1_0_UPDATE_LOGON_STATISTICS          = 0x00000004,
123                 MSV1_0_RETURN_USER_PARAMETERS           = 0x00000008,
124                 MSV1_0_DONT_TRY_GUEST_ACCOUNT           = 0x00000010,
125                 MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT       = 0x00000020,
126                 MSV1_0_RETURN_PASSWORD_EXPIRY           = 0x00000040,
127                 MSV1_0_USE_CLIENT_CHALLENGE             = 0x00000080,
128                 MSV1_0_TRY_GUEST_ACCOUNT_ONLY           = 0x00000100,
129                 MSV1_0_RETURN_PROFILE_PATH              = 0x00000200,
130                 MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY        = 0x00000400,
131                 MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT  = 0x00000800,
132                 MSV1_0_DISABLE_PERSONAL_FALLBACK        = 0x00001000,
133                 MSV1_0_ALLOW_FORCE_GUEST                = 0x00002000,
134                 MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED      = 0x00004000,
135                 MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY      = 0x00008000,
136                 MSV1_0_ALLOW_MSVCHAPV2                  = 0x00010000,
137                 MSV1_0_S4U2SELF                         = 0x00020000,
138                 MSV1_0_CHECK_LOGONHOURS_FOR_S4U         = 0x00040000,
139                 MSV1_0_SUBAUTHENTICATION_DLL_EX         = 0x00100000
140         } netr_LogonParameterControl;
141
142         /* Summary of the of the Query and Response from Microsoft on
143          * the usage of logon_id in netr_IdendityInfo
144          *
145          * [REG:119013019612095] [MS-NRPC]: NETLOGON_LOGON_IDENTITY_INFO: Does
146          * the Reserved field have LogonId meaning?
147          *
148          * Questions:
149          *   In NetrLogonSamLogonEx does the Reserved field
150          *   (of NETLOGON_LOGON_IDENTITY_INFO) have LogonId meaning?
151          *
152          *   What is a valid LogonID, and does have any audit usage?
153          *
154          *   Samba is sending a constant "deadbeef" in hex and would like to
155          *   understand any usage of this field.
156          *
157          * Response:
158          *   The NRPC spec is accurate in defining the field as Reserved, and
159          *   without protocol significance. In the header file in our source
160          *   code, it is defined as LogonId and commented as such, but it’s
161          *   effectively not used. This is probably why the API structure has
162          *   that field name. It may have been intended as such but it’s not
163          *    used.
164          *
165          * Samba now sends a random value in this field.
166          */
167         typedef struct {
168                 lsa_String  domain_name;
169                 netr_LogonParameterControl parameter_control; /* see MSV1_0_* */
170                 udlong logon_id;
171                 lsa_String  account_name;
172                 lsa_String  workstation;
173         } netr_IdentityInfo;
174
175         typedef struct {
176                 netr_IdentityInfo identity_info;
177                 samr_Password lmpassword;
178                 samr_Password ntpassword;
179         } netr_PasswordInfo;
180
181         typedef [flag(NDR_PAHEX)] struct {
182                 uint16 length;
183                 [value(length)] uint16 size;
184                 [size_is(length),length_is(length)] uint8 *data;
185         } netr_ChallengeResponse;
186
187         typedef [flag(NDR_PAHEX)] struct {
188                 netr_IdentityInfo identity_info;
189                 uint8 challenge[8];
190                 netr_ChallengeResponse nt;
191                 netr_ChallengeResponse lm;
192         } netr_NetworkInfo;
193
194         typedef [flag(NDR_PAHEX)] struct {
195                 netr_IdentityInfo identity_info;
196                 lsa_String  package_name;
197                 uint32 length;
198                 [size_is(length)] uint8 *data;
199         } netr_GenericInfo;
200
201         typedef [public] enum {
202                 NetlogonInteractiveInformation = 1,
203                 NetlogonNetworkInformation = 2,
204                 NetlogonServiceInformation = 3,
205                 NetlogonGenericInformation = 4,
206                 NetlogonInteractiveTransitiveInformation = 5,
207                 NetlogonNetworkTransitiveInformation = 6,
208                 NetlogonServiceTransitiveInformation = 7
209         } netr_LogonInfoClass;
210
211         typedef [public,switch_type(netr_LogonInfoClass)] union {
212                 [case(NetlogonInteractiveInformation)]           netr_PasswordInfo *password;
213                 [case(NetlogonNetworkInformation)]               netr_NetworkInfo  *network;
214                 [case(NetlogonServiceInformation)]               netr_PasswordInfo *password;
215                 [case(NetlogonGenericInformation)]               netr_GenericInfo  *generic;
216                 [case(NetlogonInteractiveTransitiveInformation)] netr_PasswordInfo *password;
217                 [case(NetlogonNetworkTransitiveInformation)]     netr_NetworkInfo  *network;
218                 [case(NetlogonServiceTransitiveInformation)]     netr_PasswordInfo *password;
219                 [default];
220         } netr_LogonLevel;
221
222         typedef [public,flag(NDR_PAHEX)] struct {
223                 uint8 key[16];
224         } netr_UserSessionKey;
225
226         typedef [public,flag(NDR_PAHEX)] struct {
227                 uint8 key[8];
228         } netr_LMSessionKey;
229
230         /* Flags for user_flags below */
231         typedef [public,bitmap32bit] bitmap {
232                 NETLOGON_GUEST                  = 0x00000001,
233                 NETLOGON_NOENCRYPTION           = 0x00000002,
234                 NETLOGON_CACHED_ACCOUNT         = 0x00000004,
235                 NETLOGON_USED_LM_PASSWORD       = 0x00000008,
236                 NETLOGON_EXTRA_SIDS             = 0x00000020,
237                 NETLOGON_SUBAUTH_SESSION_KEY    = 0x00000040,
238                 NETLOGON_SERVER_TRUST_ACCOUNT   = 0x00000080,
239                 NETLOGON_NTLMV2_ENABLED         = 0x00000100,
240                 NETLOGON_RESOURCE_GROUPS        = 0x00000200,
241                 NETLOGON_PROFILE_PATH_RETURNED  = 0x00000400,
242                 NETLOGON_GRACE_LOGON            = 0x01000000
243         } netr_UserFlags;
244
245         typedef struct {
246                 NTTIME logon_time;
247                 NTTIME logoff_time;
248                 NTTIME kickoff_time;
249                 NTTIME last_password_change;
250                 NTTIME allow_password_change;
251                 NTTIME force_password_change;
252                 lsa_String account_name;
253                 lsa_String full_name;
254                 lsa_String logon_script;
255                 lsa_String profile_path;
256                 lsa_String home_directory;
257                 lsa_String home_drive;
258                 uint16 logon_count;
259                 uint16 bad_password_count;
260                 uint32 rid;
261                 uint32 primary_gid;
262                 samr_RidWithAttributeArray groups;
263                 netr_UserFlags user_flags;
264                 [flag(NDR_SECRET)] netr_UserSessionKey key;
265                 lsa_StringLarge logon_server;
266                 lsa_StringLarge logon_domain;
267                 dom_sid2 *domain_sid;
268                 [flag(NDR_SECRET)] netr_LMSessionKey LMSessKey;
269                 samr_AcctFlags acct_flags;
270                 uint32 sub_auth_status;
271                 NTTIME last_successful_logon;
272                 NTTIME last_failed_logon;
273                 uint32 failed_logon_count;
274                 uint32 reserved;
275         } netr_SamBaseInfo;
276
277         typedef struct {
278                 netr_SamBaseInfo base;
279         } netr_SamInfo2;
280
281         typedef [public] struct {
282                 dom_sid2 *sid;
283                 security_GroupAttrs attributes;
284         } netr_SidAttr;
285
286         typedef [public] struct {
287                 netr_SamBaseInfo base;
288                 uint32 sidcount;
289                 [size_is(sidcount)] netr_SidAttr *sids;
290         } netr_SamInfo3;
291
292         typedef struct {
293                 netr_SamBaseInfo base;
294                 uint32 sidcount;
295                 [size_is(sidcount)] netr_SidAttr *sids;
296                 /*
297                  * On ndr_push:
298                  * Should pointer values be allocated
299                  * of sids[*].sid before the following ones?
300                  *
301                  * That's at least the case for
302                  * PAC_LOGON_INFO.
303                  */
304                 lsa_String dns_domainname;
305                 lsa_String principal_name;
306                 uint32 unknown4[20];
307         } netr_SamInfo6;
308
309         typedef struct {
310                 uint32 pac_size;
311                 [size_is(pac_size)] uint8 *pac;
312                 lsa_String logon_domain;
313                 lsa_String logon_server;
314                 lsa_String principal_name;
315                 uint32 auth_size;
316                 [size_is(auth_size)] uint8 *auth;
317                 netr_UserSessionKey user_session_key;
318                 uint32 expansionroom[10];
319                 lsa_String unknown1;
320                 lsa_String unknown2;
321                 lsa_String unknown3;
322                 lsa_String unknown4;
323         } netr_PacInfo;
324
325         typedef [flag(NDR_PAHEX)] struct {
326                 uint32 length;
327                 [size_is(length)] uint8 *data;
328         } netr_GenericInfo2;
329
330         typedef enum {
331                 NetlogonValidationUasInfo = 1,
332                 NetlogonValidationSamInfo = 2,
333                 NetlogonValidationSamInfo2 = 3,
334                 NetlogonValidationGenericInfo2 = 5,
335                 NetlogonValidationSamInfo4 = 6
336         } netr_ValidationInfoClass;
337
338         typedef [public,switch_type(uint16)] union {
339                 [case(NetlogonValidationSamInfo)] netr_SamInfo2 *sam2;
340                 [case(NetlogonValidationSamInfo2)] netr_SamInfo3 *sam3;
341                 [case(4)] netr_PacInfo  *pac;
342                 [case(NetlogonValidationGenericInfo2)] netr_GenericInfo2  *generic;
343                 [case(NetlogonValidationSamInfo4)] netr_SamInfo6 *sam6;
344                 [default];
345         } netr_Validation;
346
347         typedef [public, flag(NDR_PAHEX)] struct {
348                 uint8 data[8];
349         } netr_Credential;
350
351         typedef [public] struct {
352                 netr_Credential client_challenge;
353                 netr_Credential server_challenge;
354         } netlogon_server_pipe_state;
355
356         typedef [public] struct {
357                 netr_Credential cred;
358                 time_t timestamp;
359         } netr_Authenticator;
360
361         [public] NTSTATUS netr_LogonSamLogon(
362                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
363                 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
364                 [in,unique] netr_Authenticator *credential,
365                 [in,out,unique] netr_Authenticator *return_authenticator,
366                 [in] netr_LogonInfoClass logon_level,
367                 [in,ref] [switch_is(logon_level)] netr_LogonLevel *logon,
368                 [in] uint16 validation_level,
369                 [out,ref] [switch_is(validation_level)] netr_Validation *validation,
370                 [out,ref] uint8 *authoritative
371                 );
372
373
374         /*****************/
375         /* Function 0x03 */
376
377         NTSTATUS netr_LogonSamLogoff(
378                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
379                 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
380                 [in,unique] netr_Authenticator *credential,
381                 [in,out,unique] netr_Authenticator *return_authenticator,
382                 [in] netr_LogonInfoClass logon_level,
383                 [in] [switch_is(logon_level)] netr_LogonLevel logon
384                 );
385         
386
387
388         /*****************/
389         /* Function 0x04 */
390
391         [public] NTSTATUS netr_ServerReqChallenge(
392                 [in,unique,string,charset(UTF16)] uint16 *server_name,
393                 [in,string,charset(UTF16)] uint16 *computer_name,
394                 [in,ref] netr_Credential *credentials,
395                 [out,ref] netr_Credential *return_credentials
396                 );
397
398
399         /*****************/
400         /* Function 0x05 */
401
402         typedef enum netr_SchannelType netr_SchannelType;
403
404         NTSTATUS netr_ServerAuthenticate(
405                 [in,unique,string,charset(UTF16)] uint16 *server_name,
406                 [in,string,charset(UTF16)] uint16 *account_name,
407                 [in] netr_SchannelType secure_channel_type,
408                 [in,string,charset(UTF16)] uint16 *computer_name,
409                 [in,ref] netr_Credential *credentials,
410                 [out,ref] netr_Credential *return_credentials
411                 );
412
413
414         /*****************/
415         /* Function 0x06 */
416
417         NTSTATUS netr_ServerPasswordSet(
418                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
419                 [in]  [string,charset(UTF16)] uint16 *account_name,
420                 [in]  netr_SchannelType secure_channel_type,
421                 [in]  [string,charset(UTF16)] uint16 *computer_name,
422                 [in,ref]  netr_Authenticator *credential,
423                 [out,ref] netr_Authenticator *return_authenticator,
424                 [in,ref] samr_Password *new_password
425                 );
426
427
428         /*****************/
429         /* Function 0x07 */
430
431         typedef enum netr_SamDatabaseID netr_SamDatabaseID;
432
433         typedef struct {
434                 [string,charset(UTF16)] uint16 *account_name;
435                 lsa_String unknown1;
436                 lsa_String unknown2;
437                 lsa_String unknown3;
438                 lsa_String unknown4;
439                 uint32 unknown5;
440                 uint32 unknown6;
441                 uint32 unknown7;
442                 uint32 unknown8;
443         } netr_DELTA_DELETE_USER;
444
445         typedef struct {
446                 uint16 length;
447                 [value(length)] uint16 size;
448                 uint32 flags;
449                 samr_Password pwd;
450         } netr_USER_KEY16;
451
452         typedef struct {
453                 uint16 nt_length;
454                 [value(nt_length)] uint16 nt_size;
455                 uint32 nt_flags;
456                 uint16 lm_length;
457                 [value(lm_length)] uint16 lm_size;
458                 uint32 lm_flags;
459                 uint8 nt_history[nt_length];
460                 uint8 lm_history[lm_length];
461         } netr_PasswordHistory;
462
463         typedef struct {
464                 netr_USER_KEY16 lmpassword;
465                 netr_USER_KEY16 ntpassword;
466                 netr_PasswordHistory history;
467         } netr_USER_KEYS2;
468
469         typedef struct { /* TODO: make this a union! */
470                 netr_USER_KEYS2 keys2;
471         } netr_USER_KEY_UNION;
472
473         typedef [public] struct {
474                 uint32 version;
475                 netr_USER_KEY_UNION keys;
476         } netr_USER_KEYS;
477
478         typedef struct {
479                 boolean8  SensitiveDataFlag;
480                 uint32 DataLength;
481
482                 /* netr_USER_KEYS encrypted with the session key */
483                 [size_is(DataLength)][flag(NDR_PAHEX)] uint8 *SensitiveData;
484         } netr_USER_PRIVATE_INFO;
485
486         typedef struct {
487                 lsa_String account_name;
488                 lsa_String full_name;
489                 uint32 rid;
490                 uint32 primary_gid;
491                 lsa_String home_directory;
492                 lsa_String home_drive;
493                 lsa_String logon_script;
494                 lsa_String description;
495                 lsa_String workstations;
496                 NTTIME last_logon;
497                 NTTIME last_logoff;
498                 samr_LogonHours logon_hours;
499                 uint16 bad_password_count;
500                 uint16 logon_count;
501                 NTTIME last_password_change;
502                 NTTIME acct_expiry;
503                 samr_AcctFlags acct_flags;
504                 samr_Password lmpassword;
505                 samr_Password ntpassword;
506                 boolean8 nt_password_present;
507                 boolean8 lm_password_present;
508                 boolean8 password_expired;
509                 lsa_String comment;
510                 lsa_BinaryString parameters;
511                 uint16 country_code;
512                 uint16 code_page;
513                 netr_USER_PRIVATE_INFO user_private_info;
514                 uint32 SecurityInformation;
515                 sec_desc_buf sdbuf;
516                 lsa_String profile_path;
517                 lsa_String unknown2;
518                 lsa_String unknown3;
519                 lsa_String unknown4;
520                 uint32 unknown5;
521                 uint32 unknown6;
522                 uint32 unknown7;
523                 uint32 unknown8;
524         } netr_DELTA_USER;
525
526         typedef struct {
527                 lsa_String domain_name;
528                 lsa_String oem_information; /* comment */
529                 dlong force_logoff_time;
530                 uint16 min_password_length;
531                 uint16 password_history_length;
532                 /* yes, these are signed. They are in negative 100ns */
533                 dlong  max_password_age;
534                 dlong  min_password_age;
535                 udlong sequence_num;
536                 NTTIME domain_create_time;
537                 uint32 SecurityInformation;
538                 sec_desc_buf sdbuf;
539                 lsa_BinaryString account_lockout;
540                 lsa_String unknown2;
541                 lsa_String unknown3;
542                 lsa_String unknown4;
543                 uint32 logon_to_chgpass;
544                 uint32 unknown6;
545                 uint32 unknown7;
546                 uint32 unknown8;
547         } netr_DELTA_DOMAIN;
548
549         typedef struct {
550                 lsa_String group_name;
551                 uint32 rid;
552                 uint32 attributes;
553                 lsa_String description;
554                 uint32 SecurityInformation;
555                 sec_desc_buf sdbuf;
556                 lsa_String unknown1;
557                 lsa_String unknown2;
558                 lsa_String unknown3;
559                 lsa_String unknown4;
560                 uint32 unknown5;
561                 uint32 unknown6;
562                 uint32 unknown7;
563                 uint32 unknown8;
564         } netr_DELTA_GROUP;
565
566         typedef struct {
567                 lsa_String OldName;
568                 lsa_String NewName;
569                 lsa_String unknown1;
570                 lsa_String unknown2;
571                 lsa_String unknown3;
572                 lsa_String unknown4;
573                 uint32 unknown5;
574                 uint32 unknown6;
575                 uint32 unknown7;
576                 uint32 unknown8;
577         } netr_DELTA_RENAME;
578
579         typedef struct {
580                 [size_is(num_rids)] uint32 *rids;
581                 [size_is(num_rids)] uint32 *attribs;
582                 uint32 num_rids;
583                 uint32 unknown1;
584                 uint32 unknown2;
585                 uint32 unknown3;
586                 uint32 unknown4;
587         } netr_DELTA_GROUP_MEMBER;
588
589         typedef struct {
590                 lsa_String alias_name;
591                 uint32 rid;
592                 uint32 SecurityInformation;
593                 sec_desc_buf sdbuf;
594                 lsa_String description;
595                 lsa_String unknown2;
596                 lsa_String unknown3;
597                 lsa_String unknown4;
598                 uint32 unknown5;
599                 uint32 unknown6;
600                 uint32 unknown7;
601                 uint32 unknown8;
602         } netr_DELTA_ALIAS;
603
604         typedef struct {
605                 lsa_SidArray sids;
606                 uint32 unknown1;
607                 uint32 unknown2;
608                 uint32 unknown3;
609                 uint32 unknown4;
610         } netr_DELTA_ALIAS_MEMBER;
611
612         typedef struct {
613                 uint32 pagedpoollimit;
614                 uint32 nonpagedpoollimit;
615                 uint32 minimumworkingsetsize;
616                 uint32 maximumworkingsetsize;
617                 uint32 pagefilelimit;
618                 NTTIME timelimit;
619         } netr_QUOTA_LIMITS;
620
621         typedef struct {
622                 uint32 maxlogsize;
623                 NTTIME auditretentionperiod;
624                 boolean8 auditingmode;
625                 uint32 maxauditeventcount;
626                 [size_is(maxauditeventcount+1)] uint32 *eventauditoptions;
627                 lsa_String primary_domain_name;
628                 dom_sid2 *sid;
629                 netr_QUOTA_LIMITS quota_limits;
630                 udlong sequence_num;
631                 NTTIME db_create_time;
632                 uint32 SecurityInformation;
633                 sec_desc_buf sdbuf;
634                 lsa_String unknown1;
635                 lsa_String unknown2;
636                 lsa_String unknown3;
637                 lsa_String unknown4;
638                 uint32 unknown5;
639                 uint32 unknown6;
640                 uint32 unknown7;
641                 uint32 unknown8;
642         } netr_DELTA_POLICY;
643
644         typedef struct {
645                 lsa_String domain_name;
646                 uint32 num_controllers;
647                 [size_is(num_controllers)] lsa_String *controller_names;
648                 uint32 SecurityInformation;
649                 sec_desc_buf sdbuf;
650                 lsa_String unknown1;
651                 lsa_String unknown2;
652                 lsa_String unknown3;
653                 lsa_String unknown4;
654                 uint32 posix_offset;
655                 uint32 unknown6;
656                 uint32 unknown7;
657                 uint32 unknown8;
658         } netr_DELTA_TRUSTED_DOMAIN;
659
660         typedef struct {
661                 uint32 privilege_entries;
662                 uint32 privilege_control;
663                 [size_is(privilege_entries)] uint32 *privilege_attrib;
664                 [size_is(privilege_entries)] lsa_String *privilege_name;
665                 netr_QUOTA_LIMITS quotalimits;
666                 uint32 system_flags;
667                 uint32 SecurityInformation;
668                 sec_desc_buf sdbuf;
669                 lsa_String unknown1;
670                 lsa_String unknown2;
671                 lsa_String unknown3;
672                 lsa_String unknown4;
673                 uint32 unknown5;
674                 uint32 unknown6;
675                 uint32 unknown7;
676                 uint32 unknown8;
677         } netr_DELTA_ACCOUNT;
678
679         typedef struct {
680                 uint32 len;
681                 uint32 maxlen;
682                 [size_is(maxlen)][length_is(len)] uint8 *cipher_data;
683         } netr_CIPHER_VALUE;
684
685         typedef struct {
686                 netr_CIPHER_VALUE current_cipher;
687                 NTTIME current_cipher_set_time;
688                 netr_CIPHER_VALUE old_cipher;
689                 NTTIME old_cipher_set_time;
690                 uint32 SecurityInformation;
691                 sec_desc_buf sdbuf;
692                 lsa_String unknown1;
693                 lsa_String unknown2;
694                 lsa_String unknown3;
695                 lsa_String unknown4;
696                 uint32 unknown5;
697                 uint32 unknown6;
698                 uint32 unknown7;
699                 uint32 unknown8;
700         } netr_DELTA_SECRET;
701
702         typedef enum {
703                 NETR_DELTA_DOMAIN           = 1,
704                 NETR_DELTA_GROUP            = 2,
705                 NETR_DELTA_DELETE_GROUP     = 3,
706                 NETR_DELTA_RENAME_GROUP     = 4,
707                 NETR_DELTA_USER             = 5,
708                 NETR_DELTA_DELETE_USER      = 6,
709                 NETR_DELTA_RENAME_USER      = 7,
710                 NETR_DELTA_GROUP_MEMBER     = 8,
711                 NETR_DELTA_ALIAS            = 9,
712                 NETR_DELTA_DELETE_ALIAS     = 10,
713                 NETR_DELTA_RENAME_ALIAS     = 11,
714                 NETR_DELTA_ALIAS_MEMBER     = 12,
715                 NETR_DELTA_POLICY           = 13,
716                 NETR_DELTA_TRUSTED_DOMAIN   = 14,
717                 NETR_DELTA_DELETE_TRUST     = 15,
718                 NETR_DELTA_ACCOUNT          = 16,
719                 NETR_DELTA_DELETE_ACCOUNT   = 17,
720                 NETR_DELTA_SECRET           = 18,
721                 NETR_DELTA_DELETE_SECRET    = 19,
722                 NETR_DELTA_DELETE_GROUP2    = 20,
723                 NETR_DELTA_DELETE_USER2     = 21,
724                 NETR_DELTA_MODIFY_COUNT     = 22
725         } netr_DeltaEnum;
726
727         typedef [switch_type(netr_DeltaEnum)] union {
728                 [case(NETR_DELTA_DOMAIN)]          netr_DELTA_DOMAIN          *domain;
729                 [case(NETR_DELTA_GROUP)]           netr_DELTA_GROUP           *group;
730                 [case(NETR_DELTA_DELETE_GROUP)]    ; /* rid only */
731                 [case(NETR_DELTA_RENAME_GROUP)]    netr_DELTA_RENAME          *rename_group;
732                 [case(NETR_DELTA_USER)]            netr_DELTA_USER            *user;
733                 [case(NETR_DELTA_DELETE_USER)]     ; /* rid only */
734                 [case(NETR_DELTA_RENAME_USER)]     netr_DELTA_RENAME          *rename_user;
735                 [case(NETR_DELTA_GROUP_MEMBER)]    netr_DELTA_GROUP_MEMBER    *group_member;
736                 [case(NETR_DELTA_ALIAS)]           netr_DELTA_ALIAS           *alias;
737                 [case(NETR_DELTA_DELETE_ALIAS)]    ; /* rid only */
738                 [case(NETR_DELTA_RENAME_ALIAS)]    netr_DELTA_RENAME          *rename_alias;
739                 [case(NETR_DELTA_ALIAS_MEMBER)]    netr_DELTA_ALIAS_MEMBER    *alias_member;
740                 [case(NETR_DELTA_POLICY)]          netr_DELTA_POLICY          *policy;
741                 [case(NETR_DELTA_TRUSTED_DOMAIN)]  netr_DELTA_TRUSTED_DOMAIN  *trusted_domain;
742                 [case(NETR_DELTA_DELETE_TRUST)]    ; /* sid only */
743                 [case(NETR_DELTA_ACCOUNT)]         netr_DELTA_ACCOUNT         *account;
744                 [case(NETR_DELTA_DELETE_ACCOUNT)]  ; /* sid only */
745                 [case(NETR_DELTA_SECRET)]          netr_DELTA_SECRET          *secret;
746                 [case(NETR_DELTA_DELETE_SECRET)]   ; /* name only */
747                 [case(NETR_DELTA_DELETE_GROUP2)]   netr_DELTA_DELETE_USER     *delete_group;
748                 [case(NETR_DELTA_DELETE_USER2)]    netr_DELTA_DELETE_USER     *delete_user;
749                 [case(NETR_DELTA_MODIFY_COUNT)]    udlong                     *modified_count;
750                 [default];
751         } netr_DELTA_UNION;
752
753         typedef [switch_type(netr_DeltaEnum)] union {
754                 [case(NETR_DELTA_DOMAIN)]          uint32 rid;
755                 [case(NETR_DELTA_GROUP)]           uint32 rid;
756                 [case(NETR_DELTA_DELETE_GROUP)]    uint32 rid;
757                 [case(NETR_DELTA_RENAME_GROUP)]    uint32 rid;
758                 [case(NETR_DELTA_USER)]            uint32 rid;
759                 [case(NETR_DELTA_DELETE_USER)]     uint32 rid;
760                 [case(NETR_DELTA_RENAME_USER)]     uint32 rid;
761                 [case(NETR_DELTA_GROUP_MEMBER)]    uint32 rid;
762                 [case(NETR_DELTA_ALIAS)]           uint32 rid;
763                 [case(NETR_DELTA_DELETE_ALIAS)]    uint32 rid;
764                 [case(NETR_DELTA_RENAME_ALIAS)]    uint32 rid;
765                 [case(NETR_DELTA_ALIAS_MEMBER)]    uint32 rid;
766                 [case(NETR_DELTA_POLICY)]          dom_sid2 *sid;
767                 [case(NETR_DELTA_TRUSTED_DOMAIN)]  dom_sid2 *sid;
768                 [case(NETR_DELTA_DELETE_TRUST)]    dom_sid2 *sid;
769                 [case(NETR_DELTA_ACCOUNT)]         dom_sid2 *sid;
770                 [case(NETR_DELTA_DELETE_ACCOUNT)]  dom_sid2 *sid;
771                 [case(NETR_DELTA_SECRET)]          [string,charset(UTF16)] uint16 *name;
772                 [case(NETR_DELTA_DELETE_SECRET)]   [string,charset(UTF16)] uint16 *name;
773                 [case(NETR_DELTA_DELETE_GROUP2)]   uint32 rid;
774                 [case(NETR_DELTA_DELETE_USER2)]    uint32 rid;
775                 [case(NETR_DELTA_MODIFY_COUNT)]    ;
776                 [default];
777         } netr_DELTA_ID_UNION;
778
779         typedef struct {
780                 netr_DeltaEnum delta_type;
781                 [switch_is(delta_type)] netr_DELTA_ID_UNION delta_id_union;
782                 [switch_is(delta_type)] netr_DELTA_UNION delta_union;
783         } netr_DELTA_ENUM;
784
785         typedef struct {
786                 uint32 num_deltas;
787                 [size_is(num_deltas)] netr_DELTA_ENUM *delta_enum;
788         } netr_DELTA_ENUM_ARRAY;
789
790         NTSTATUS netr_DatabaseDeltas(
791                 [in]      [string,charset(UTF16)] uint16 *logon_server,
792                 [in]      [string,charset(UTF16)] uint16 *computername,
793                 [in,ref]  netr_Authenticator *credential,
794                 [in,out,ref]  netr_Authenticator *return_authenticator,
795                 [in]      netr_SamDatabaseID database_id,
796                 [in,out,ref]  udlong *sequence_num,
797                 [out,ref]     netr_DELTA_ENUM_ARRAY **delta_enum_array,
798                 [in]      uint32 preferredmaximumlength
799                 );
800
801
802         /*****************/
803         /* Function 0x08 */
804
805         NTSTATUS netr_DatabaseSync(
806                 [in]     [string,charset(UTF16)] uint16 *logon_server,
807                 [in]     [string,charset(UTF16)] uint16 *computername,
808                 [in,ref] netr_Authenticator *credential,
809                 [in,out,ref] netr_Authenticator *return_authenticator,
810                 [in]     netr_SamDatabaseID database_id,
811                 [in,out,ref] uint32 *sync_context,
812                 [out,ref]    netr_DELTA_ENUM_ARRAY **delta_enum_array,
813                 [in]     uint32 preferredmaximumlength
814                 );
815
816
817         /*****************/
818         /* Function 0x09 */
819
820         /* w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this call */
821
822         typedef [flag(NDR_PAHEX)] struct {
823                 uint8 computer_name[16];
824                 uint32 timecreated;
825                 uint32 serial_number;
826         } netr_UAS_INFO_0;
827
828         typedef struct {
829                 [flag(NDR_REMAINING)] DATA_BLOB blob;
830         } netr_AccountBuffer;
831
832         NTSTATUS netr_AccountDeltas(
833                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
834                 [in]     [string,charset(UTF16)] uint16 *computername,
835                 [in]     netr_Authenticator credential,
836                 [in,out,ref] netr_Authenticator *return_authenticator,
837                 [in]     netr_UAS_INFO_0 uas,
838                 [in]     uint32 count,
839                 [in]     uint32 level,
840                 [in]     uint32 buffersize,
841                 [out,ref,subcontext(4)] netr_AccountBuffer *buffer,
842                 [out,ref]    uint32 *count_returned,
843                 [out,ref]    uint32 *total_entries,
844                 [out,ref]    netr_UAS_INFO_0 *recordid
845                 );
846
847
848         /*****************/
849         /* Function 0x0A */
850
851         NTSTATUS netr_AccountSync(
852                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
853                 [in]      [string,charset(UTF16)] uint16 *computername,
854                 [in]      netr_Authenticator credential,
855                 [in,out,ref]  netr_Authenticator *return_authenticator,
856                 [in]      uint32 reference,
857                 [in]      uint32 level,
858                 [in]      uint32 buffersize,
859                 [out,ref,subcontext(4)] netr_AccountBuffer *buffer,
860                 [out,ref]     uint32 *count_returned,
861                 [out,ref]     uint32 *total_entries,
862                 [out,ref]     uint32 *next_reference,
863                 [in,out,ref]  netr_UAS_INFO_0 *recordid
864                 );
865
866
867         /*****************/
868         /* Function 0x0B */
869
870         WERROR netr_GetDcName(
871                 [in]  [string,charset(UTF16)] uint16 *logon_server,
872                 [in,unique] [string,charset(UTF16)] uint16 *domainname,
873                 [out,ref] [string,charset(UTF16)] uint16 **dcname
874                 );
875
876         /*****************/
877         /* Function 0x0C */
878
879         typedef [bitmap32bit] bitmap {
880                 NETLOGON_REPLICATION_NEEDED             = 0x00000001,
881                 NETLOGON_REPLICATION_IN_PROGRESS        = 0x00000002,
882                 NETLOGON_FULL_SYNC_REPLICATION          = 0x00000004,
883                 NETLOGON_REDO_NEEDED                    = 0x00000008,
884                 NETLOGON_HAS_IP                         = 0x00000010,
885                 NETLOGON_HAS_TIMESERV                   = 0x00000020,
886                 NETLOGON_DNS_UPDATE_FAILURE             = 0x00000040,
887                 NETLOGON_VERIFY_STATUS_RETURNED         = 0x00000080
888         } netr_InfoFlags;
889
890         typedef struct {
891                 netr_InfoFlags flags;
892                 WERROR pdc_connection_status;
893         } netr_NETLOGON_INFO_1;
894
895         typedef struct {
896                 netr_InfoFlags flags;
897                 WERROR pdc_connection_status;
898                 [string,charset(UTF16)] uint16 *trusted_dc_name;
899                 WERROR tc_connection_status;
900         } netr_NETLOGON_INFO_2;
901
902         typedef struct {
903                 netr_InfoFlags flags;
904                 uint32 logon_attempts;
905                 uint32 unknown1;
906                 uint32 unknown2;
907                 uint32 unknown3;
908                 uint32 unknown4;
909                 uint32 unknown5;
910         } netr_NETLOGON_INFO_3;
911
912         typedef struct {
913                 [string,charset(UTF16)] uint16 *trusted_dc_name;
914                 [string,charset(UTF16)] uint16 *trusted_domain_name;
915         } netr_NETLOGON_INFO_4;
916
917         typedef [public] union {
918                 [case(1)]  netr_NETLOGON_INFO_1 *info1;
919                 [case(2)]  netr_NETLOGON_INFO_2 *info2;
920                 [case(3)]  netr_NETLOGON_INFO_3 *info3;
921                 [case(4)]  netr_NETLOGON_INFO_4 *info4;
922                 [default] ;
923         } netr_CONTROL_QUERY_INFORMATION;
924
925         /* function_code values */
926         typedef [v1_enum,public] enum {
927                 NETLOGON_CONTROL_QUERY                  = 0x00000001,
928                 NETLOGON_CONTROL_REPLICATE              = 0x00000002,
929                 NETLOGON_CONTROL_SYNCHRONIZE            = 0x00000003,
930                 NETLOGON_CONTROL_PDC_REPLICATE          = 0x00000004,
931                 NETLOGON_CONTROL_REDISCOVER             = 0x00000005,
932                 NETLOGON_CONTROL_TC_QUERY               = 0x00000006,
933                 NETLOGON_CONTROL_TRANSPORT_NOTIFY       = 0x00000007,
934                 NETLOGON_CONTROL_FIND_USER              = 0x00000008,
935                 NETLOGON_CONTROL_CHANGE_PASSWORD        = 0x00000009,
936                 NETLOGON_CONTROL_TC_VERIFY              = 0x0000000A,
937                 NETLOGON_CONTROL_FORCE_DNS_REG          = 0x0000000B,
938                 NETLOGON_CONTROL_QUERY_DNS_REG          = 0x0000000C,
939                 NETLOGON_CONTROL_BACKUP_CHANGE_LOG      = 0x0000FFFC,
940                 NETLOGON_CONTROL_TRUNCATE_LOG           = 0x0000FFFD,
941                 NETLOGON_CONTROL_SET_DBFLAG             = 0x0000FFFE,
942                 NETLOGON_CONTROL_BREAKPOINT             = 0x0000FFFF
943         } netr_LogonControlCode;
944
945         WERROR netr_LogonControl(
946                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
947                 [in]   netr_LogonControlCode function_code,
948                 [in]   uint32 level,
949                 [out,ref,switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query
950                 );
951
952
953         /*****************/
954         /* Function 0x0D */
955
956         WERROR netr_GetAnyDCName(
957                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
958                 [in,unique] [string,charset(UTF16)] uint16 *domainname,
959                 [out,ref] [string,charset(UTF16)] uint16 **dcname
960                 );
961
962
963         /*****************/
964         /* Function 0x0E */
965
966         typedef [public,switch_type(netr_LogonControlCode)] union {
967                 [case(NETLOGON_CONTROL_REDISCOVER)]        [string,charset(UTF16)] uint16 *domain;
968                 [case(NETLOGON_CONTROL_TC_QUERY)]          [string,charset(UTF16)] uint16 *domain;
969                 [case(NETLOGON_CONTROL_TRANSPORT_NOTIFY)]  [string,charset(UTF16)] uint16 *domain;
970                 [case(NETLOGON_CONTROL_CHANGE_PASSWORD)]   [string,charset(UTF16)] uint16 *domain;
971                 [case(NETLOGON_CONTROL_TC_VERIFY)]         [string,charset(UTF16)] uint16 *domain;
972                 [case(NETLOGON_CONTROL_FIND_USER)]         [string,charset(UTF16)] uint16 *user;
973                 [case(NETLOGON_CONTROL_SET_DBFLAG)]        uint32 debug_level;
974                 [default] ;
975         } netr_CONTROL_DATA_INFORMATION;
976
977         WERROR netr_LogonControl2(
978                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
979                 [in]    netr_LogonControlCode function_code,
980                 [in]    uint32 level,
981                 [in,ref][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION  *data,
982                 [out,ref][switch_is(level)]        netr_CONTROL_QUERY_INFORMATION *query
983                 );
984
985
986         /* If NETLOGON_NEG_ARCFOUR flag is not set, then the passwords and LM
987          * session keys are encrypted with DES calls.  (And the user session key
988          * is unencrypted) */
989
990         /*****************/
991         /* Function 0x0F */
992
993         typedef [public,bitmap32bit] bitmap {
994                 NETLOGON_NEG_ACCOUNT_LOCKOUT            = 0x00000001,
995                 NETLOGON_NEG_PERSISTENT_SAMREPL         = 0x00000002,
996                 NETLOGON_NEG_ARCFOUR                    = 0x00000004,
997                 NETLOGON_NEG_PROMOTION_COUNT            = 0x00000008,
998                 NETLOGON_NEG_CHANGELOG_BDC              = 0x00000010,
999                 NETLOGON_NEG_FULL_SYNC_REPL             = 0x00000020,
1000                 NETLOGON_NEG_MULTIPLE_SIDS              = 0x00000040,
1001                 NETLOGON_NEG_REDO                       = 0x00000080,
1002                 NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL    = 0x00000100,
1003                 NETLOGON_NEG_SEND_PASSWORD_INFO_PDC     = 0x00000200,
1004                 NETLOGON_NEG_GENERIC_PASSTHROUGH        = 0x00000400,
1005                 NETLOGON_NEG_CONCURRENT_RPC             = 0x00000800,
1006                 NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL      = 0x00001000,
1007                 NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL = 0x00002000,
1008                 NETLOGON_NEG_STRONG_KEYS                = 0x00004000,
1009                 NETLOGON_NEG_TRANSITIVE_TRUSTS          = 0x00008000,
1010                 NETLOGON_NEG_DNS_DOMAIN_TRUSTS          = 0x00010000,
1011                 NETLOGON_NEG_PASSWORD_SET2              = 0x00020000,
1012                 NETLOGON_NEG_GETDOMAININFO              = 0x00040000,
1013                 NETLOGON_NEG_CROSS_FOREST_TRUSTS        = 0x00080000,
1014                 NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION   = 0x00100000,
1015                 NETLOGON_NEG_RODC_PASSTHROUGH           = 0x00200000,
1016                 NETLOGON_NEG_SUPPORTS_AES_SHA2          = 0x00400000,
1017                 NETLOGON_NEG_SUPPORTS_AES               = 0x01000000,
1018                 NETLOGON_NEG_AUTHENTICATED_RPC_LSASS    = 0x20000000,
1019                 NETLOGON_NEG_AUTHENTICATED_RPC          = 0x40000000
1020         } netr_NegotiateFlags;
1021
1022         const uint32 NETLOGON_NEG_128BIT = NETLOGON_NEG_STRONG_KEYS;
1023         const uint32 NETLOGON_NEG_SCHANNEL = NETLOGON_NEG_AUTHENTICATED_RPC;
1024
1025         NTSTATUS netr_ServerAuthenticate2(
1026                 [in,unique]  [string,charset(UTF16)] uint16 *server_name,
1027                 [in]         [string,charset(UTF16)] uint16 *account_name,
1028                 [in]         netr_SchannelType secure_channel_type,
1029                 [in]         [string,charset(UTF16)] uint16 *computer_name,
1030                 [in,ref]     netr_Credential *credentials,
1031                 [out,ref]    netr_Credential *return_credentials,
1032                 [in,out,ref] netr_NegotiateFlags *negotiate_flags
1033                 );
1034
1035
1036         /*****************/
1037         /* Function 0x10 */
1038
1039         typedef enum {
1040                 SYNCSTATE_NORMAL_STATE             = 0,
1041                 SYNCSTATE_DOMAIN_STATE             = 1,
1042                 SYNCSTATE_GROUP_STATE              = 2,
1043                 SYNCSTATE_UAS_BUILT_IN_GROUP_STATE = 3,
1044                 SYNCSTATE_USER_STATE               = 4,
1045                 SYNCSTATE_GROUP_MEMBER_STATE       = 5,
1046                 SYNCSTATE_ALIAS_STATE              = 6,
1047                 SYNCSTATE_ALIAS_MEMBER_STATE       = 7,
1048                 SYNCSTATE_SAM_DONE_STATE           = 8
1049         } SyncStateEnum;
1050
1051         NTSTATUS netr_DatabaseSync2(
1052                 [in]     [string,charset(UTF16)] uint16 *logon_server,
1053                 [in]     [string,charset(UTF16)] uint16 *computername,
1054                 [in,ref] netr_Authenticator *credential,
1055                 [in,out,ref] netr_Authenticator *return_authenticator,
1056                 [in]     netr_SamDatabaseID database_id,
1057                 [in]     SyncStateEnum restart_state,
1058                 [in,out,ref] uint32 *sync_context,
1059                 [out,ref]    netr_DELTA_ENUM_ARRAY **delta_enum_array,
1060                 [in]     uint32 preferredmaximumlength
1061                 );
1062
1063
1064         /*****************/
1065         /* Function 0x11 */
1066
1067         /* i'm not at all sure how this call works */
1068
1069         typedef [bitmap16bit] bitmap {
1070                 NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED  = 0x0001,
1071                 NETR_CHANGELOG_CHANGED_PASSWORD         = 0x0002,
1072                 NETR_CHANGELOG_SID_INCLUDED             = 0x0004,
1073                 NETR_CHANGELOG_NAME_INCLUDED            = 0x0008,
1074                 NETR_CHANGELOG_FIRST_PROMOTION_OBJ      = 0x0010
1075         } netr_ChangeLogFlags;
1076
1077         typedef [nodiscriminant] union {
1078                 [case(NETR_CHANGELOG_SID_INCLUDED)] dom_sid object_sid;
1079                 [case(NETR_CHANGELOG_NAME_INCLUDED)] nstring object_name;
1080                 [default];
1081         } netr_ChangeLogObject;
1082
1083         typedef [public,gensize] struct {
1084                 uint32 serial_number1;
1085                 uint32 serial_number2;
1086                 uint32 object_rid;
1087                 netr_ChangeLogFlags flags;
1088                 netr_SamDatabaseID8Bit db_index;
1089                 netr_DeltaEnum8Bit delta_type;
1090                 [switch_is(flags & (NETR_CHANGELOG_SID_INCLUDED|NETR_CHANGELOG_NAME_INCLUDED))] netr_ChangeLogObject object;
1091         } netr_ChangeLogEntry;
1092
1093         NTSTATUS netr_DatabaseRedo(
1094                 [in]     [string,charset(UTF16)] uint16 *logon_server,
1095                 [in]     [string,charset(UTF16)] uint16 *computername,
1096                 [in]     netr_Authenticator *credential,
1097                 [in,out,ref] netr_Authenticator *return_authenticator,
1098                 /*
1099                  * we cannot use subcontext_size() here, as
1100                  * change_log_entry_size is encoded after the subcontext
1101                  */
1102                 [in]     [subcontext(4)/*,subcontext_size(change_log_entry_size)*/]
1103                         netr_ChangeLogEntry change_log_entry,
1104                 [in]     [value(ndr_size_netr_ChangeLogEntry(&change_log_entry,
1105                                 ndr->flags))]
1106                         uint32 change_log_entry_size,
1107                 [out,ref]    netr_DELTA_ENUM_ARRAY **delta_enum_array
1108                 );
1109
1110
1111         /*****************/
1112         /* Function 0x12 */
1113
1114         WERROR netr_LogonControl2Ex(
1115                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
1116                 [in]   netr_LogonControlCode function_code,
1117                 [in]   uint32 level,
1118                 [in,ref][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION  *data,
1119                 [out,ref][switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query
1120                 );
1121
1122         /*****************/
1123         /* Function 0x13 */
1124         typedef struct {
1125                 uint32 length;
1126                 [size_is(length)] uint8 *data;
1127         } netr_Blob;
1128
1129         NTSTATUS netr_NetrEnumerateTrustedDomains(
1130                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1131                 [out,ref] netr_Blob *trusted_domains_blob
1132                 );
1133
1134         /*****************/
1135         /* Function 0x14 */
1136
1137         /* one unknown bit still: DS_IP_VERSION_AGNOSTIC - gd*/
1138
1139         const int DSGETDC_VALID_FLAGS = (DS_FORCE_REDISCOVERY |
1140                                          DS_DIRECTORY_SERVICE_REQUIRED |
1141                                          DS_DIRECTORY_SERVICE_PREFERRED |
1142                                          DS_GC_SERVER_REQUIRED |
1143                                          DS_PDC_REQUIRED |
1144                                          DS_BACKGROUND_ONLY |
1145                                          DS_IP_REQUIRED |
1146                                          DS_KDC_REQUIRED |
1147                                          DS_TIMESERV_REQUIRED |
1148                                          DS_WRITABLE_REQUIRED |
1149                                          DS_GOOD_TIMESERV_PREFERRED |
1150                                          DS_AVOID_SELF |
1151                                          DS_ONLY_LDAP_NEEDED |
1152                                          DS_IS_FLAT_NAME |
1153                                          DS_IS_DNS_NAME |
1154                                          DS_TRY_NEXTCLOSEST_SITE |
1155                                          DS_DIRECTORY_SERVICE_6_REQUIRED |
1156                                          DS_WEB_SERVICE_REQUIRED |
1157                                          /*
1158                                           * For now we skip these until
1159                                           * we have test for them:
1160                                           * DS_DIRECTORY_SERVICE_8_REQUIRED |
1161                                           * DS_DIRECTORY_SERVICE_9_REQUIRED |
1162                                           * DS_DIRECTORY_SERVICE_10_REQUIRED |
1163                                           */
1164                                          DS_RETURN_FLAT_NAME |
1165                                          DS_RETURN_DNS_NAME);
1166
1167         typedef [bitmap32bit] bitmap {
1168                 DS_FORCE_REDISCOVERY            = 0x00000001,
1169                 DS_DIRECTORY_SERVICE_REQUIRED   = 0x00000010,
1170                 DS_DIRECTORY_SERVICE_PREFERRED  = 0x00000020,
1171                 DS_GC_SERVER_REQUIRED           = 0x00000040,
1172                 DS_PDC_REQUIRED                 = 0x00000080,
1173                 DS_BACKGROUND_ONLY              = 0x00000100,
1174                 DS_IP_REQUIRED                  = 0x00000200,
1175                 DS_KDC_REQUIRED                 = 0x00000400,
1176                 DS_TIMESERV_REQUIRED            = 0x00000800,
1177                 DS_WRITABLE_REQUIRED            = 0x00001000,
1178                 DS_GOOD_TIMESERV_PREFERRED      = 0x00002000,
1179                 DS_AVOID_SELF                   = 0x00004000,
1180                 DS_ONLY_LDAP_NEEDED             = 0x00008000,
1181                 DS_IS_FLAT_NAME                 = 0x00010000,
1182                 DS_IS_DNS_NAME                  = 0x00020000,
1183                 DS_TRY_NEXTCLOSEST_SITE         = 0x00040000,
1184                 DS_DIRECTORY_SERVICE_6_REQUIRED = 0x00080000, /* 2008 */
1185                 DS_WEB_SERVICE_REQUIRED         = 0x00100000,
1186                 DS_DIRECTORY_SERVICE_8_REQUIRED = 0x00200000, /* 2012 */
1187                 DS_DIRECTORY_SERVICE_9_REQUIRED = 0x00400000, /* 2012R2 */
1188                 DS_DIRECTORY_SERVICE_10_REQUIRED= 0x00800000, /* 2016 */
1189                 DS_RETURN_DNS_NAME              = 0x40000000,
1190                 DS_RETURN_FLAT_NAME             = 0x80000000
1191         } netr_DsRGetDCName_flags;
1192
1193         typedef [v1_enum] enum {
1194                 DS_ADDRESS_TYPE_INET            = 1,
1195                 DS_ADDRESS_TYPE_NETBIOS         = 2
1196         } netr_DsRGetDCNameInfo_AddressType;
1197
1198         typedef [bitmap32bit] bitmap {
1199                 DS_SERVER_PDC                    = 0x00000001,
1200                 DS_SERVER_GC                     = 0x00000004,
1201                 DS_SERVER_LDAP                   = 0x00000008,
1202                 DS_SERVER_DS                     = 0x00000010,
1203                 DS_SERVER_KDC                    = 0x00000020,
1204                 DS_SERVER_TIMESERV               = 0x00000040,
1205                 DS_SERVER_CLOSEST                = 0x00000080,
1206                 DS_SERVER_WRITABLE               = 0x00000100,
1207                 DS_SERVER_GOOD_TIMESERV          = 0x00000200,
1208                 DS_SERVER_NDNC                   = 0x00000400,
1209                 DS_SERVER_SELECT_SECRET_DOMAIN_6 = 0x00000800, /* 2008 / RODC */
1210                 DS_SERVER_FULL_SECRET_DOMAIN_6   = 0x00001000, /* 2008 / RWDC */
1211                 DS_SERVER_WEBSERV                = 0x00002000,
1212                 DS_SERVER_DS_8                   = 0x00004000, /* 2012 */
1213                 DS_SERVER_DS_9                   = 0x00008000, /* 2012R2 */
1214                 DS_SERVER_DS_10                  = 0x00010000, /* 2016 */
1215                 DS_DNS_CONTROLLER                = 0x20000000,
1216                 DS_DNS_DOMAIN                    = 0x40000000,
1217                 DS_DNS_FOREST_ROOT               = 0x80000000
1218         } netr_DsR_DcFlags;
1219
1220         typedef [public] struct {
1221                 [string,charset(UTF16)] uint16 *dc_unc;
1222                 [string,charset(UTF16)] uint16 *dc_address;
1223                 netr_DsRGetDCNameInfo_AddressType dc_address_type;
1224                 GUID domain_guid;
1225                 [string,charset(UTF16)] uint16 *domain_name;
1226                 [string,charset(UTF16)] uint16 *forest_name;
1227                 netr_DsR_DcFlags dc_flags;
1228                 [string,charset(UTF16)] uint16 *dc_site_name;
1229                 [string,charset(UTF16)] uint16 *client_site_name;
1230         } netr_DsRGetDCNameInfo;
1231
1232         WERROR netr_DsRGetDCName(
1233                 [in,unique] [string,charset(UTF16)] uint16 *server_unc,
1234                 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1235                 [in,unique] GUID *domain_guid,
1236                 [in,unique] GUID *site_guid,
1237                 [in] netr_DsRGetDCName_flags flags,
1238                 [out,ref] netr_DsRGetDCNameInfo **info
1239                 );
1240
1241         /*****************/
1242         /* Function 0x15 */
1243         typedef [switch_type(uint32)] union {
1244                 [case(1)] netr_NegotiateFlags server_capabilities;
1245         } netr_Capabilities;
1246
1247         NTSTATUS netr_LogonGetCapabilities(
1248                 [in]         [string,charset(UTF16)] uint16 *server_name,
1249                 [in,unique]  [string,charset(UTF16)] uint16 *computer_name,
1250                 [in,ref]     netr_Authenticator *credential,
1251                 [in,out,ref] netr_Authenticator *return_authenticator,
1252                 [in]         uint32 query_level,
1253                 [out,ref,switch_is(query_level)] netr_Capabilities *capabilities
1254                 );
1255
1256         /****************/
1257         /* Function 0x16 */
1258         [todo] WERROR netr_NETRLOGONSETSERVICEBITS();
1259
1260         /****************/
1261         /* Function 0x17 */
1262         WERROR netr_LogonGetTrustRid(
1263                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1264                 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1265                 [out,ref] uint32 *rid
1266         );
1267
1268         /****************/
1269         /* Function 0x18 */
1270         [todo] WERROR netr_NETRLOGONCOMPUTESERVERDIGEST();
1271
1272         /****************/
1273         /* Function 0x19 */
1274         [todo] WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST();
1275
1276         /****************/
1277         /* Function 0x1a */
1278         [public] NTSTATUS netr_ServerAuthenticate3(
1279                 [in,unique]  [string,charset(UTF16)] uint16 *server_name,
1280                 [in]         [string,charset(UTF16)] uint16 *account_name,
1281                 [in]         netr_SchannelType secure_channel_type,
1282                 [in]         [string,charset(UTF16)] uint16 *computer_name,
1283                 [in,ref]     netr_Credential *credentials,
1284                 [out,ref]    netr_Credential *return_credentials,
1285                 [in,out,ref] netr_NegotiateFlags *negotiate_flags,
1286                 [out,ref]    uint32 *rid
1287                 );
1288
1289         /****************/
1290         /* Function 0x1b */
1291
1292         WERROR netr_DsRGetDCNameEx(
1293                 [in,unique] [string,charset(UTF16)] uint16 *server_unc,
1294                 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1295                 [in,unique] GUID *domain_guid,
1296                 [in,unique] [string,charset(UTF16)] uint16 *site_name,
1297                 [in] netr_DsRGetDCName_flags flags,
1298                 [out,ref] netr_DsRGetDCNameInfo **info
1299                 );
1300
1301
1302         /****************/
1303         /* Function 0x1c */
1304         WERROR netr_DsRGetSiteName(
1305                 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1306                 [out,ref] [string,charset(UTF16)] uint16 **site
1307                 );
1308
1309         /****************/
1310         /* Function 0x1d */
1311         typedef [public,bitmap32bit] bitmap {
1312                 NETR_TRUST_FLAG_IN_FOREST = 0x00000001,
1313                 NETR_TRUST_FLAG_OUTBOUND  = 0x00000002,
1314                 NETR_TRUST_FLAG_TREEROOT  = 0x00000004,
1315                 NETR_TRUST_FLAG_PRIMARY   = 0x00000008,
1316                 NETR_TRUST_FLAG_NATIVE    = 0x00000010,
1317                 NETR_TRUST_FLAG_INBOUND   = 0x00000020,
1318                 NETR_TRUST_FLAG_MIT_KRB5  = 0x00000080,
1319                 NETR_TRUST_FLAG_AES       = 0x00000100
1320         } netr_TrustFlags;
1321
1322         typedef [bitmap32bit] bitmap {
1323                 NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS = 0x00000001,
1324                 NETR_WS_FLAG_HANDLES_SPN_UPDATE     = 0x00000002
1325         } netr_WorkstationFlags;
1326
1327         typedef [bitmap16bit] bitmap {
1328                 NETR_VER_SUITE_BACKOFFICE               = 0x0004,
1329                 NETR_VER_SUITE_BLADE                    = 0x0400,
1330                 NETR_VER_SUITE_COMPUTE_SERVER           = 0x4000,
1331                 NETR_VER_SUITE_DATACENTER               = 0x0080,
1332                 NETR_VER_SUITE_ENTERPRISE               = 0x0002,
1333                 NETR_VER_SUITE_EMBEDDEDNT               = 0x0040,
1334                 NETR_VER_SUITE_PERSONAL                 = 0x0200,
1335                 NETR_VER_SUITE_SINGLEUSERTS             = 0x0100,
1336                 NETR_VER_SUITE_SMALLBUSINESS            = 0x0001,
1337                 NETR_VER_SUITE_SMALLBUSINESS_RESTRICTED = 0x0020,
1338                 NETR_VER_SUITE_STORAGE_SERVER           = 0x2000,
1339                 NETR_VER_SUITE_TERMINAL                 = 0x0010,
1340                 NETR_VER_SUITE_WH_SERVER                = 0x8000
1341         } netr_SuiteMask;
1342
1343         typedef [bitmap8bit] bitmap {
1344                 NETR_VER_NT_DOMAIN_CONTROLLER   = 0x02,
1345                 NETR_VER_NT_SERVER              = 0x03,
1346                 NETR_VER_NT_WORKSTATION         = 0x01
1347         } netr_ProductType;
1348
1349         typedef struct {
1350                 uint32 policy_size;
1351                 [size_is(policy_size)] uint8 *policy;
1352         } netr_LsaPolicyInformation;
1353
1354         typedef struct {
1355                 [value(284)] uint32 OSVersionInfoSize;
1356                 uint32 MajorVersion;
1357                 uint32 MinorVersion;
1358                 uint32 BuildNumber;
1359                 uint32 PlatformId;
1360                 [subcontext(0),subcontext_size(256)] nstring CSDVersion;
1361                 uint16 ServicePackMajor;
1362                 uint16 ServicePackMinor;
1363                 netr_SuiteMask SuiteMask;
1364                 netr_ProductType ProductType;
1365                 uint8 Reserved;
1366         } netr_OsVersionInfoEx;
1367
1368         typedef struct {
1369                 /* these first 3 values come from the fact windows
1370                    actually encodes this structure as a UNICODE_STRING
1371                    - see MS-NRPC section 2.2.1.3.9 */
1372                 /* 142 * 2 = 284 (length of structure "netr_OsVersionInfoEx") */
1373                 [value(142)] uint3264 length;
1374                 [value(0)] uint3264 dummy;
1375                 [value(142)] uint3264 size;
1376                 [subcontext(0),subcontext_size(size*2)]
1377                 netr_OsVersionInfoEx os;
1378         } netr_OsVersion;
1379
1380         typedef struct {
1381                 /* value is 284 when info != os, otherwise 0 (for length and
1382                    size) */
1383                 [value(os == NULL ? 0 : 284)] uint16 length;
1384                 [value(os == NULL ? 0 : 284)] uint16 size;
1385                 netr_OsVersion *os;
1386         } netr_OsVersionContainer;
1387
1388         typedef struct {
1389                 netr_LsaPolicyInformation lsa_policy;
1390                 [string,charset(UTF16)] uint16 *dns_hostname;
1391                 [string,charset(UTF16)] uint16 *sitename;
1392                 [string,charset(UTF16)] uint16 *dummy1;
1393                 [string,charset(UTF16)] uint16 *dummy2;
1394                 [string,charset(UTF16)] uint16 *dummy3;
1395                 [string,charset(UTF16)] uint16 *dummy4;
1396                 netr_OsVersionContainer os_version;
1397                 lsa_String os_name;
1398                 lsa_String dummy_string3;
1399                 lsa_String dummy_string4;
1400                 netr_WorkstationFlags workstation_flags;
1401                 kerb_EncTypes supported_enc_types;
1402                 uint32 dummy_long3;
1403                 uint32 dummy_long4;
1404         } netr_WorkstationInformation;
1405
1406         typedef union {
1407                 [case(1)] netr_WorkstationInformation *workstation_info;
1408                 [case(2)] netr_WorkstationInformation *lsa_policy_info;
1409         } netr_WorkstationInfo;
1410
1411         typedef struct {
1412                 netr_TrustFlags flags;
1413                 uint32 parent_index;
1414                 lsa_TrustType trust_type;
1415                 lsa_TrustAttributes trust_attributes;
1416         } netr_trust_extension_info;
1417
1418         typedef struct {
1419                 /* these first 3 values come from the fact windows
1420                    actually encodes this structure as a UNICODE_STRING
1421                    - see MS-NRPC section 2.2.1.3.9 */
1422                 [value(8)] uint3264 length;
1423                 [value(0)] uint3264 dummy;
1424                 [value(8)] uint3264 size;
1425                 [subcontext(0),subcontext_size(size*2)]
1426                 netr_trust_extension_info info;
1427         } netr_trust_extension;
1428
1429         typedef struct {
1430                 /* value is 16 when info != NULL, otherwise 0 */
1431                 [value(info == NULL ? 0 : 16)] uint16 length;
1432                 [value(info == NULL ? 0 : 16)] uint16 size;
1433                 netr_trust_extension *info;
1434         } netr_trust_extension_container;
1435
1436         typedef struct {
1437                 lsa_StringLarge domainname;
1438                 lsa_StringLarge dns_domainname;
1439                 lsa_StringLarge dns_forestname;
1440                 GUID domain_guid;
1441                 dom_sid2 *domain_sid;
1442                 netr_trust_extension_container trust_extension;
1443                 lsa_StringLarge dummy_string2;
1444                 lsa_StringLarge dummy_string3;
1445                 lsa_StringLarge dummy_string4;
1446                 uint32 dummy_long1;
1447                 uint32 dummy_long2;
1448                 uint32 dummy_long3;
1449                 uint32 dummy_long4;
1450         } netr_OneDomainInfo;
1451
1452         typedef struct {
1453                 netr_OneDomainInfo primary_domain;
1454                 uint32 trusted_domain_count;
1455                 [size_is(trusted_domain_count)] netr_OneDomainInfo *trusted_domains;
1456                 netr_LsaPolicyInformation lsa_policy;
1457                 lsa_StringLarge dns_hostname;
1458                 lsa_StringLarge dummy_string2;
1459                 lsa_StringLarge dummy_string3;
1460                 lsa_StringLarge dummy_string4;
1461                 netr_WorkstationFlags workstation_flags;
1462                 kerb_EncTypes supported_enc_types;
1463                 uint32 dummy_long3;
1464                 uint32 dummy_long4;
1465         } netr_DomainInformation;
1466
1467         typedef union {
1468                 [case(1)] netr_DomainInformation *domain_info;
1469                 [case(2)] netr_LsaPolicyInformation *lsa_policy_info;
1470         } netr_DomainInfo;
1471         
1472         [public] NTSTATUS netr_LogonGetDomainInfo(
1473                 [in]         [string,charset(UTF16)] uint16 *server_name,
1474                 [in,unique]  [string,charset(UTF16)] uint16 *computer_name,
1475                 [in,ref]     netr_Authenticator *credential,
1476                 [in,out,ref] netr_Authenticator *return_authenticator,
1477                 [in]         uint32 level,
1478                 [in,ref,switch_is(level)] netr_WorkstationInfo *query,
1479                 [out,ref,switch_is(level)] netr_DomainInfo *info
1480                 );
1481
1482         /*****************/
1483         /* Function 0x1e */
1484
1485         /* [MS-NRPC] 2.2.1.3.8 NL_PASSWORD_VERSION */
1486
1487         /* someone's birthday ? */
1488         const int NETLOGON_PASSWORD_VERSION_NUMBER_PRESENT = 0x02231968;
1489
1490         typedef struct {
1491                 uint32 ReservedField;
1492                 uint32 PasswordVersionNumber;
1493                 uint32 PasswordVersionPresent;
1494         } NL_PASSWORD_VERSION;
1495
1496         typedef [flag(NDR_PAHEX)] struct {
1497                 uint8 data[512];
1498                 uint32 length;
1499         } netr_CryptPassword;
1500
1501         NTSTATUS netr_ServerPasswordSet2(
1502                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1503                 [in]  [string,charset(UTF16)] uint16 *account_name,
1504                 [in]  netr_SchannelType secure_channel_type,
1505                 [in]  [string,charset(UTF16)] uint16 *computer_name,
1506                 [in,ref] netr_Authenticator *credential,
1507                 [out,ref] netr_Authenticator *return_authenticator,
1508                 [in,ref] netr_CryptPassword *new_password
1509                 );
1510
1511         /****************/
1512         /* Function 0x1f */
1513         NTSTATUS netr_ServerPasswordGet(
1514                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1515                 [in]  [string,charset(UTF16)] uint16 *account_name,
1516                 [in]  netr_SchannelType secure_channel_type,
1517                 [in]  [string,charset(UTF16)] uint16 *computer_name,
1518                 [in,ref] netr_Authenticator *credential,
1519                 [out,ref] netr_Authenticator *return_authenticator,
1520                 [out,ref] samr_Password *password
1521                 );
1522
1523         typedef [public] enum {
1524                 SendToSamUpdatePassword = 0,
1525                 SendToSamResetBadPasswordCount = 1,
1526                 SendToSamUpdatePasswordForward = 2,
1527                 SendToSamUpdateLastLogonTimestamp = 3,
1528                 SendToSamResetSmartCardPassword = 4
1529         } netr_SendToSamType;
1530
1531         typedef struct {
1532                 GUID guid;
1533         } netr_SendToSamResetBadPasswordCount;
1534
1535         typedef [nodiscriminant, public,switch_type(netr_SendToSamType)] union {
1536                 /* TODO Implement other SendToSam message types
1537                  * [case(SendToSamUpdatePassword)] netr_SendToSamUpdatePassword ...; */
1538                 [case(SendToSamResetBadPasswordCount)] netr_SendToSamResetBadPasswordCount reset_bad_password;
1539                 /*
1540                  * [case(SendToSamUpdatePasswordForward)] netrSendToSamUpdatePasswordForward ...;
1541                  * [case(SendToSamUpdateLastLogonTimestamp)] netrSendToSamUpdateLastLogonTimestamp ...;
1542                  * [case(SendToSamResetSmartCardPassword)]   netrSendToSamResetSmartCardPassword ...;
1543                  */
1544                 [default];
1545         } netr_SendToSamMessage;
1546
1547         typedef [public] struct {
1548                 netr_SendToSamType message_type;
1549                 uint32 message_size;
1550                 [switch_is(message_type), subcontext(0), subcontext_size(message_size)] netr_SendToSamMessage message;
1551         } netr_SendToSamBase;
1552
1553         /****************/
1554         /* Function 0x20 */
1555         NTSTATUS netr_NetrLogonSendToSam(
1556                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1557                 [in]  [string,charset(UTF16)] uint16 *computer_name,
1558                 [in,ref] netr_Authenticator *credential,
1559                 [out,ref] netr_Authenticator *return_authenticator,
1560                 [in,ref]  [size_is(buffer_len)] uint8 *opaque_buffer,
1561                 [in] uint32 buffer_len
1562                 );
1563
1564         /****************/
1565         /* Function 0x21 */
1566         typedef struct {
1567                 uint32 count;
1568                 [size_is(count)] lsa_String *sitename;
1569         } netr_DsRAddressToSitenamesWCtr;
1570
1571         typedef struct {
1572                 [size_is(size)] uint8 *buffer;
1573                 uint32 size;
1574         } netr_DsRAddress;
1575
1576         WERROR netr_DsRAddressToSitenamesW(
1577                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1578                 [in] [range(0,32000)] uint32 count,
1579                 [in] [size_is(count)] [ref] netr_DsRAddress *addresses,
1580                 [out] [ref] netr_DsRAddressToSitenamesWCtr **ctr
1581                 );
1582
1583         /****************/
1584         /* Function 0x22 */
1585         WERROR netr_DsRGetDCNameEx2(
1586                 [in,unique] [string,charset(UTF16)] uint16 *server_unc,
1587                 [in,unique] [string,charset(UTF16)] uint16 *client_account,
1588                 [in] samr_AcctFlags mask,
1589                 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1590                 [in,unique] GUID *domain_guid,
1591                 [in,unique] [string,charset(UTF16)] uint16 *site_name,
1592                 [in] netr_DsRGetDCName_flags flags,
1593                 [out,ref] netr_DsRGetDCNameInfo **info
1594                 );
1595
1596         /****************/
1597         /* Function 0x23 */
1598         [todo] WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN();
1599
1600         /****************/
1601         /* Function 0x24 */
1602
1603         typedef [public] struct {
1604                 [string,charset(UTF16)] uint16                  *netbios_name;
1605                 [string,charset(UTF16)] uint16                  *dns_name;
1606                 netr_TrustFlags         trust_flags;
1607                 uint32                  parent_index;
1608                 lsa_TrustType           trust_type;
1609                 lsa_TrustAttributes     trust_attributes;
1610                 dom_sid2                *sid;
1611                 GUID                    guid;
1612         } netr_DomainTrust;
1613
1614         typedef [public] struct {
1615                 uint32 count;
1616                 [size_is(count)] netr_DomainTrust *array;
1617         } netr_DomainTrustList;
1618
1619         WERROR netr_NetrEnumerateTrustedDomainsEx(
1620                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1621                 [out,ref] netr_DomainTrustList *dom_trust_list
1622         );
1623
1624         /****************/
1625         /* Function 0x25 */
1626         typedef struct {
1627                 uint32 count;
1628                 [size_is(count)] lsa_String *sitename;
1629                 [size_is(count)] lsa_String *subnetname;
1630         } netr_DsRAddressToSitenamesExWCtr;
1631
1632         WERROR netr_DsRAddressToSitenamesExW(
1633                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1634                 [in] [range(0,32000)] uint32 count,
1635                 [in] [size_is(count)] [ref] netr_DsRAddress *addresses,
1636                 [out] [ref] netr_DsRAddressToSitenamesExWCtr **ctr
1637                 );
1638
1639         /****************/
1640         /* Function 0x26 */
1641
1642         typedef struct {
1643                 uint32 num_sites;
1644                 [size_is(num_sites)] [unique] lsa_String *sites;
1645         } DcSitesCtr;
1646
1647         WERROR netr_DsrGetDcSiteCoverageW(
1648                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1649                 [out,ref] DcSitesCtr **ctr
1650                 );
1651
1652         /****************/
1653         /* Function 0x27 */
1654         typedef [public,bitmap32bit] bitmap {
1655                 /* Request MUST be passed to the domain controller at the root of the forest. */
1656                 NETLOGON_SAMLOGON_FLAG_PASS_TO_FOREST_ROOT = 0x00000001,
1657                 /* Request MUST be passed to the DC at the end of the first hop over a cross-forest trust. */
1658                 NETLOGON_SAMLOGON_FLAG_PASS_CROSS_FOREST_HOP = 0x00000002,
1659                 /* Request was passed by an RODC to a DC in a different domain. */
1660                 NETLOGON_SAMLOGON_FLAG_RODC_TO_OTHER_DOMAIN = 0x00000004,
1661                 /* Request is an NTLM authentication package request passed by an RODC. */
1662                 NETLOGON_SAMLOGON_FLAG_RODC_NTLM_REQUEST = 0x00000008
1663         } netr_LogonSamLogon_flags;
1664
1665         NTSTATUS netr_LogonSamLogonEx(
1666                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1667                 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1668                 [in]  netr_LogonInfoClass logon_level,
1669                 [in,ref]  [switch_is(logon_level)] netr_LogonLevel *logon,
1670                 [in]  uint16 validation_level,
1671                 [out,ref] [switch_is(validation_level)] netr_Validation *validation,
1672                 [out,ref] uint8 *authoritative,
1673                 [in,out,ref] netr_LogonSamLogon_flags *flags
1674                 );
1675
1676         /****************/
1677         /* Function 0x28 */
1678
1679         WERROR netr_DsrEnumerateDomainTrusts(
1680                 [in,unique]          [string,charset(UTF16)] uint16           *server_name,
1681                 [in]                 netr_TrustFlags  trust_flags,
1682                 [out,ref]            netr_DomainTrustList *trusts
1683                 );
1684
1685
1686         /****************/
1687         /* Function 0x29 */
1688         WERROR netr_DsrDeregisterDNSHostRecords(
1689                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1690                 [in,unique] [string,charset(UTF16)] uint16 *domain,
1691                 [in,unique] GUID *domain_guid,
1692                 [in,unique] GUID *dsa_guid,
1693                 [in,ref] [string,charset(UTF16)] uint16 *dns_host
1694                 );
1695
1696         /****************/
1697         /* Function 0x2a */
1698         NTSTATUS netr_ServerTrustPasswordsGet(
1699                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1700                 [in]  [string,charset(UTF16)] uint16 *account_name,
1701                 [in]  netr_SchannelType secure_channel_type,
1702                 [in]  [string,charset(UTF16)] uint16 *computer_name,
1703                 [in,ref] netr_Authenticator *credential,
1704                 [out,ref] netr_Authenticator *return_authenticator,
1705                 [out,ref] samr_Password *new_owf_password,
1706                 [out,ref] samr_Password *old_owf_password
1707         );
1708
1709         /****************/
1710         /* Function 0x2b */
1711
1712         const int DS_GFTI_UPDATE_TDO = 0x1;
1713
1714         WERROR netr_DsRGetForestTrustInformation(
1715                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1716                 [in,unique] [string,charset(UTF16)] uint16 *trusted_domain_name,
1717                 [in] uint32 flags,
1718                 [out,ref] lsa_ForestTrustInformation **forest_trust_info
1719                 );
1720
1721         /****************/
1722         /* Function 0x2c */
1723         NTSTATUS netr_GetForestTrustInformation(
1724                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1725                 [in,ref] [string,charset(UTF16)] uint16 *computer_name,
1726                 [in,ref] netr_Authenticator *credential,
1727                 [out,ref] netr_Authenticator *return_authenticator,
1728                 [in] uint32 flags,
1729                 [out,ref] lsa_ForestTrustInformation **forest_trust_info
1730                 );
1731
1732         /****************/
1733         /* Function 0x2d */
1734
1735         /* this is the ADS varient. I don't yet know what the "flags" are for */
1736         NTSTATUS netr_LogonSamLogonWithFlags(
1737                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1738                 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1739                 [in,unique] netr_Authenticator *credential,
1740                 [in,out,unique] netr_Authenticator *return_authenticator,
1741                 [in]  netr_LogonInfoClass logon_level,
1742                 [in,ref]  [switch_is(logon_level)] netr_LogonLevel *logon,
1743                 [in]  uint16 validation_level,
1744                 [out,ref] [switch_is(validation_level)] netr_Validation *validation,
1745                 [out,ref] uint8 *authoritative,
1746                 [in,out,ref] netr_LogonSamLogon_flags *flags
1747                 );
1748
1749         /****************/
1750         /* Function 0x2e */
1751
1752         typedef struct {
1753                 uint32 count;
1754                 [size_is(count)] uint32 *data;
1755                 uint32 entry_count;
1756                 [size_is(count)] lsa_String *entries;
1757         } netr_TrustInfo;
1758
1759         NTSTATUS netr_ServerGetTrustInfo(
1760                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1761                 [in,ref] [string,charset(UTF16)] uint16 *account_name,
1762                 [in] netr_SchannelType secure_channel_type,
1763                 [in,ref] [string,charset(UTF16)] uint16 *computer_name,
1764                 [in,ref] netr_Authenticator *credential,
1765                 [out,ref] netr_Authenticator *return_authenticator,
1766                 [out,ref] samr_Password *new_owf_password,
1767                 [out,ref] samr_Password *old_owf_password,
1768                 [out,ref] netr_TrustInfo **trust_info
1769                 );
1770
1771         /****************/
1772         /* Function 0x2f */
1773
1774         NTSTATUS netr_Unused47(void);
1775
1776
1777         /****************/
1778         /* Function 0x30 */
1779
1780         typedef enum {
1781                 NlDnsLdapAtSite       = 22,
1782                 NlDnsGcAtSite         = 25,
1783                 NlDnsDsaCname         = 28,
1784                 NlDnsKdcAtSite        = 30,
1785                 NlDnsDcAtSite         = 32,
1786                 NlDnsRfc1510KdcAtSite = 34,
1787                 NlDnsGenericGcAtSite  = 36
1788         } netr_DnsType;
1789
1790         typedef enum {
1791                 NlDnsInfoTypeNone    = 0,
1792                 NlDnsDomainName      = 1,
1793                 NlDnsDomainNameAlias = 2,
1794                 NlDnsForestName      = 3,
1795                 NlDnsForestNameAlias = 4,
1796                 NlDnsNdncDomainName  = 5,
1797                 NlDnsRecordName      = 6
1798         } netr_DnsDomainInfoType;
1799
1800         typedef struct {
1801                 netr_DnsType type;
1802                 [string,charset(UTF16)] uint16 *dns_domain_info;
1803                 netr_DnsDomainInfoType dns_domain_info_type;
1804                 uint32 priority;
1805                 uint32 weight;
1806                 uint32 port;
1807                 boolean32 dns_register;
1808                 uint32 status;
1809         } NL_DNS_NAME_INFO;
1810
1811         typedef [public] struct {
1812                 uint32 count;
1813                 [size_is(count)] NL_DNS_NAME_INFO *names;
1814         } NL_DNS_NAME_INFO_ARRAY;
1815
1816         NTSTATUS netr_DsrUpdateReadOnlyServerDnsRecords(
1817                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1818                 [in,ref] [string,charset(UTF16)] uint16 *computer_name,
1819                 [in, ref] netr_Authenticator *credential,
1820                 [out,ref]   netr_Authenticator *return_authenticator,
1821                 [in,unique] [string,charset(UTF16)] uint16 *site_name,
1822                 [in] uint32 dns_ttl,
1823                 [in,out,ref] NL_DNS_NAME_INFO_ARRAY *dns_names
1824                 );
1825 }
Samba Shared Repository