s3: Allow up to 20480 entries in LookupSids, as mandated by the official IDL

[samba.git] / librpc / idl / lsa.idl
diff --git a/librpc/idl/lsa.idl b/librpc/idl/lsa.idl

index ea787b2c7d0acac4f3508dde814437b99d282aa7..4ca8d6f0a7fe576dd34dd057b6c14d36b6899548 100644 (file)
--- a/librpc/idl/lsa.idl
+++ b/librpc/idl/lsa.idl
@@ -140,7 +140,8 @@ import "misc.idl", "security.idl";
                 LSA_POLICY_SET_AUDIT_REQUIREMENTS       = 0x00000100,
                 LSA_POLICY_AUDIT_LOG_ADMIN              = 0x00000200,
                 LSA_POLICY_SERVER_ADMIN                 = 0x00000400,
-               LSA_POLICY_LOOKUP_NAMES                 = 0x00000800
+               LSA_POLICY_LOOKUP_NAMES                 = 0x00000800,
+               LSA_POLICY_NOTIFICATION                 = 0x00001000
         } lsa_PolicyAccessMask;
  
         const int LSA_POLICY_ALL_ACCESS =
@@ -180,6 +181,96 @@ import "misc.idl", "security.idl";
                 LSA_POLICY_VIEW_LOCAL_INFORMATION       |
                 LSA_POLICY_LOOKUP_NAMES);
  
+       typedef [public,bitmap32bit] bitmap {
+               LSA_ACCOUNT_VIEW                        = 0x00000001,
+               LSA_ACCOUNT_ADJUST_PRIVILEGES           = 0x00000002,
+               LSA_ACCOUNT_ADJUST_QUOTAS               = 0x00000004,
+               LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS        = 0x00000008
+       } lsa_AccountAccessMask;
+
+       const int LSA_ACCOUNT_ALL_ACCESS =
+               (STANDARD_RIGHTS_REQUIRED_ACCESS        |
+               LSA_ACCOUNT_VIEW                        |
+               LSA_ACCOUNT_ADJUST_PRIVILEGES           |
+               LSA_ACCOUNT_ADJUST_QUOTAS               |
+               LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS);
+
+       const int LSA_ACCOUNT_READ =
+               (STANDARD_RIGHTS_READ_ACCESS            |
+               LSA_ACCOUNT_VIEW);
+
+       const int LSA_ACCOUNT_WRITE =
+               (STANDARD_RIGHTS_READ_ACCESS            |
+               LSA_ACCOUNT_ADJUST_PRIVILEGES           |
+               LSA_ACCOUNT_ADJUST_QUOTAS               |
+               LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS);
+
+       const int LSA_ACCOUNT_EXECUTE =
+               (STANDARD_RIGHTS_EXECUTE_ACCESS);
+
+       typedef [public,bitmap32bit] bitmap {
+               LSA_SECRET_SET_VALUE                    = 0x00000001,
+               LSA_SECRET_QUERY_VALUE                  = 0x00000002
+       } lsa_SecretAccessMask;
+
+       const int LSA_SECRET_ALL_ACCESS =
+               (LSA_SECRET_QUERY_VALUE |
+                LSA_SECRET_SET_VALUE |
+                SEC_STD_DELETE |
+                STANDARD_RIGHTS_READ_ACCESS |
+                SEC_STD_WRITE_DAC |
+                SEC_STD_WRITE_OWNER); /* 0x000F0003 */
+
+       const int LSA_SECRET_READ =
+               (LSA_SECRET_QUERY_VALUE |
+               STANDARD_RIGHTS_READ_ACCESS); /* 0x00020002 */
+
+       const int LSA_SECRET_WRITE =
+               (LSA_SECRET_SET_VALUE |
+               STANDARD_RIGHTS_READ_ACCESS); /* 0x00020001 */
+
+       const int LSA_SECRET_EXECUTE =
+               (STANDARD_RIGHTS_READ_ACCESS); /* 0x00020000 */
+
+       typedef [public,bitmap32bit] bitmap {
+               LSA_TRUSTED_QUERY_DOMAIN_NAME           = 0x00000001,
+               LSA_TRUSTED_QUERY_CONTROLLERS           = 0x00000002,
+               LSA_TRUSTED_SET_CONTROLLERS             = 0x00000004,
+               LSA_TRUSTED_QUERY_POSIX                 = 0x00000008,
+               LSA_TRUSTED_SET_POSIX                   = 0x00000010,
+               LSA_TRUSTED_SET_AUTH                    = 0x00000020,
+               LSA_TRUSTED_QUERY_AUTH                  = 0x00000040
+       } lsa_TrustedAccessMask;
+
+       const int LSA_TRUSTED_DOMAIN_ALL_ACCESS =
+               (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+                LSA_TRUSTED_QUERY_CONTROLLERS |
+                LSA_TRUSTED_SET_CONTROLLERS |
+                LSA_TRUSTED_QUERY_POSIX |
+                LSA_TRUSTED_SET_POSIX |
+                LSA_TRUSTED_SET_AUTH |
+                LSA_TRUSTED_QUERY_AUTH |
+                SEC_STD_DELETE |
+                STANDARD_RIGHTS_READ_ACCESS |
+                SEC_STD_WRITE_DAC |
+                SEC_STD_WRITE_OWNER); /* 0x000F007F */
+
+       const int LSA_TRUSTED_DOMAIN_READ =
+               (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+                STANDARD_RIGHTS_READ_ACCESS); /* 0x00020001 */
+
+       const int LSA_TRUSTED_DOMAIN_WRITE =
+               (LSA_TRUSTED_SET_CONTROLLERS |
+                LSA_TRUSTED_SET_POSIX |
+                LSA_TRUSTED_SET_AUTH |
+                STANDARD_RIGHTS_READ_ACCESS); /* 0x00020034 */
+
+       const int LSA_TRUSTED_DOMAIN_EXECUTE =
+               (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+                LSA_TRUSTED_QUERY_POSIX |
+                STANDARD_RIGHTS_READ_ACCESS); /* 0x0002000C */
+
+
         /* notice the screwup with the system_name - thats why MS created
            OpenPolicy2 */
         [public] NTSTATUS lsa_OpenPolicy (
@@ -346,7 +437,7 @@ import "misc.idl", "security.idl";
         [public] NTSTATUS lsa_CreateAccount (
                 [in]    policy_handle *handle,
                 [in,ref] dom_sid2 *sid,
-               [in]    uint32 access_mask,
+               [in]    lsa_AccountAccessMask access_mask,
                 [out]   policy_handle *acct_handle
                 );
  
@@ -360,7 +451,7 @@ import "misc.idl", "security.idl";
         } lsa_SidPtr;
  
         typedef [public] struct {
-               [range(0,1000)] uint32 num_sids;
+               [range(0,20480)] uint32 num_sids;
                 [size_is(num_sids)] lsa_SidPtr *sids;
         } lsa_SidArray;
  
@@ -377,7 +468,7 @@ import "misc.idl", "security.idl";
         [public] NTSTATUS lsa_CreateTrustedDomain(
                 [in]         policy_handle *policy_handle,
                 [in]         lsa_DomainInfo *info,
-               [in]         uint32 access_mask,
+               [in]         lsa_TrustedAccessMask access_mask,
                 [out]        policy_handle *trustdom_handle
                 );
  
@@ -473,7 +564,7 @@ import "misc.idl", "security.idl";
         } lsa_TranslatedName;
  
         typedef struct {
-               [range(0,1000)] uint32 count;
+               [range(0,20480)] uint32 count;
                 [size_is(count)] lsa_TranslatedName *names;
         } lsa_TransNameArray;
  
@@ -482,7 +573,7 @@ import "misc.idl", "security.idl";
                 [in,ref]     lsa_SidArray *sids,
                 [out,ref]    lsa_RefDomainList **domains,
                 [in,out,ref] lsa_TransNameArray *names,
-               [in]         uint16 level,
+               [in]         lsa_LookupNamesLevel level,
                 [in,out,ref] uint32 *count
                 );
  
@@ -491,7 +582,7 @@ import "misc.idl", "security.idl";
         [public] NTSTATUS lsa_CreateSecret(
                 [in]         policy_handle *handle,
                 [in]         lsa_String       name,
-               [in]         uint32         access_mask,
+               [in]         lsa_SecretAccessMask access_mask,
                 [out]        policy_handle *sec_handle
                 );
  
@@ -501,7 +592,7 @@ import "misc.idl", "security.idl";
         NTSTATUS lsa_OpenAccount(
                 [in]         policy_handle *handle,
                 [in,ref]     dom_sid2 *sid,
-               [in]         uint32 access_mask,
+               [in]         lsa_AccountAccessMask access_mask,
                 [out]        policy_handle *acct_handle
                 );
  
@@ -567,20 +658,20 @@ import "misc.idl", "security.idl";
         /* Function:    0x17 */
         NTSTATUS lsa_GetSystemAccessAccount(
                 [in]      policy_handle *handle,
-               [out,ref] uint32 *access_mask
+               [out,ref] lsa_AccountAccessMask *access_mask
                 );
  
         /* Function:    0x18 */
         NTSTATUS lsa_SetSystemAccessAccount(
                 [in] policy_handle *handle,
-               [in] uint32 access_mask
+               [in] lsa_AccountAccessMask access_mask
                 );
  
         /* Function:        0x19 */
         NTSTATUS lsa_OpenTrustedDomain(
                 [in]     policy_handle *handle,
                 [in]     dom_sid2      *sid,
-               [in]     uint32         access_mask,
+               [in]     lsa_TrustedAccessMask access_mask,
                 [out]    policy_handle *trustdom_handle
                 );
  
@@ -608,7 +699,7 @@ import "misc.idl", "security.idl";
                 LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL    = 10,
                 LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL     = 11,
                 LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL  = 12,
-               LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES = 13
+               LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES = 13
         } lsa_TrustDomInfoEnum;
  
         typedef [public,bitmap32bit] bitmap {
@@ -745,7 +836,7 @@ import "misc.idl", "security.idl";
                         lsa_TrustDomainInfoInfoEx2Internal   info_ex2_internal;
                 [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL)]
                         lsa_TrustDomainInfoFullInfo2Internal     full_info2_internal;
-               [case(LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES)]
+               [case(LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES)]
                         lsa_TrustDomainInfoSupportedEncTypes enc_types;
         } lsa_TrustedDomainInfo;
  
@@ -767,7 +858,7 @@ import "misc.idl", "security.idl";
         [public] NTSTATUS lsa_OpenSecret(
                 [in]     policy_handle    *handle,
                 [in]         lsa_String        name,
-               [in]         uint32            access_mask,
+               [in]     lsa_SecretAccessMask access_mask,
                 [out]    policy_handle    *sec_handle
                 );
  
@@ -892,10 +983,18 @@ import "misc.idl", "security.idl";
         );
  
         /* Function:       0x2a */
-       [todo] NTSTATUS lsa_StorePrivateData();
-       /* Function:        0x2b */
-       [todo] NTSTATUS lsa_RetrievePrivateData();
+       NTSTATUS lsa_StorePrivateData(
+               [in]            policy_handle   *handle,
+               [in,ref]        lsa_String      *name,
+               [in,unique]     lsa_DATA_BUF    *val
+       );
  
+       /* Function:        0x2b */
+       NTSTATUS lsa_RetrievePrivateData(
+               [in]            policy_handle   *handle,
+               [in,ref]        lsa_String      *name,
+               [in,out,ref]    lsa_DATA_BUF    **val
+       );
  
         /**********************/
         /* Function:     0x2c */
@@ -1048,15 +1147,25 @@ import "misc.idl", "security.idl";
                 [size_is(count)] lsa_TranslatedName2 *names;
         } lsa_TransNameArray2;
  
+       typedef [v1_enum] enum {
+               LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES         = 0x00000000,
+               LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES_LOCAL   = 0x80000000
+       } lsa_LookupOptions;
+
+       typedef [v1_enum] enum {
+               LSA_CLIENT_REVISION_1   = 0x00000001,
+               LSA_CLIENT_REVISION_2   = 0x00000002
+       } lsa_ClientRevision;
+
         [public] NTSTATUS lsa_LookupSids2(
                 [in]     policy_handle *handle,
                 [in,ref] lsa_SidArray *sids,
                 [out,ref]    lsa_RefDomainList **domains,
                 [in,out,ref] lsa_TransNameArray2 *names,
-               [in]         uint16 level,
+               [in]         lsa_LookupNamesLevel level,
                 [in,out,ref] uint32 *count,
-               [in]         uint32 unknown1,
-               [in]         uint32 unknown2
+               [in]         lsa_LookupOptions lookup_options,
+               [in]         lsa_ClientRevision client_revision
                 );
  
         /**********************/
@@ -1082,8 +1191,8 @@ import "misc.idl", "security.idl";
                 [in,out,ref] lsa_TransSidArray2 *sids,
                 [in]         lsa_LookupNamesLevel level,
                 [in,out,ref] uint32 *count,
-               [in]         uint32 lookup_options,
-               [in]         uint32 client_revision /* LSA_CLIENT_REVISION* */
+               [in]         lsa_LookupOptions lookup_options,
+               [in]         lsa_ClientRevision client_revision
                 );
  
         /* Function 0x3b */
@@ -1141,8 +1250,8 @@ import "misc.idl", "security.idl";
                 [in,out,ref] lsa_TransSidArray3 *sids,
                 [in]         lsa_LookupNamesLevel level,
                 [in,out,ref] uint32 *count,
-               [in]         uint32 lookup_options,
-               [in]         uint32 client_revision /* LSA_CLIENT_REVISION* */
+               [in]         lsa_LookupOptions lookup_options,
+               [in]         lsa_ClientRevision client_revision
                 );
  
         /* Function 0x45 */
@@ -1215,10 +1324,10 @@ import "misc.idl", "security.idl";
                 [in,ref]     lsa_SidArray *sids,
                 [out,ref]    lsa_RefDomainList **domains,
                 [in,out,ref] lsa_TransNameArray2 *names,
-               [in]         uint16 level,
+               [in]         lsa_LookupNamesLevel level,
                 [in,out,ref] uint32 *count,
-               [in]         uint32 unknown1,
-               [in]         uint32 unknown2
+               [in]         lsa_LookupOptions lookup_options,
+               [in]         lsa_ClientRevision client_revision
                 );
  
         const int LSA_CLIENT_REVISION_NO_DNS     = 0x00000001;
@@ -1234,8 +1343,8 @@ import "misc.idl", "security.idl";
                 [in,out,ref] lsa_TransSidArray3 *sids,
                 [in]         lsa_LookupNamesLevel level,
                 [in,out,ref] uint32 *count,
-               [in]         uint32 lookup_options,
-               [in]         uint32 client_revision /* LSA_CLIENT_REVISION* */
+               [in]         lsa_LookupOptions lookup_options,
+               [in]         lsa_ClientRevision client_revision
                 );
  
         /* Function 0x4e */