{
typedef bitmap security_secinfo security_secinfo;
+ /* SAM database types */
+ typedef [public,v1_enum] enum {
+ SAM_DATABASE_DOMAIN = 0, /* Domain users and groups */
+ SAM_DATABASE_BUILTIN = 1, /* BUILTIN users and groups */
+ SAM_DATABASE_PRIVS = 2 /* Privileges */
+ } netr_SamDatabaseID;
+
+ typedef [public,v1_enum] enum {
+ SAMR_REJECT_OTHER = 0,
+ SAMR_REJECT_TOO_SHORT = 1,
+ SAMR_REJECT_IN_HISTORY = 2,
+ SAMR_REJECT_COMPLEXITY = 5
+ } samr_RejectReason;
+
+
+
/* account control (acct_flags) bits */
typedef [public,bitmap32bit] bitmap {
ACB_DISABLED = 0x00000001, /* 1 = User account disabled */
DOMAIN_REFUSE_PASSWORD_CHANGE = 0x00000020
} samr_PasswordProperties;
+ typedef [v1_enum] enum {
+ DOMAIN_SERVER_ENABLED = 1,
+ DOMAIN_SERVER_DISABLED = 2
+ } samr_DomainServerState;
+
typedef struct {
uint16 min_password_length;
uint16 password_history_length;
lsa_String domain_name;
lsa_String primary; /* PDC name if this is a BDC */
udlong sequence_num;
- uint32 unknown2;
+ samr_DomainServerState domain_server_state;
samr_Role role;
uint32 unknown3;
uint32 num_users;
} samr_DomInfo8;
typedef struct {
- uint32 unknown; /* w2k3 returns 1 */
+ samr_DomainServerState domain_server_state;
} samr_DomInfo9;
typedef struct {
typedef struct {
hyper sequence_num;
NTTIME domain_create_time;
- uint32 unknown1;
- uint32 unknown2;
+ hyper modified_count_at_last_promotion;
} samr_DomInfo13;
typedef [switch_type(uint16)] union {
/************************/
/* Function 0x09 */
/*
- only levels 1, 3, 4, 6, 7, 9, 12 are valid for this
+ only levels 1, 3, 4, 6, 7, 9, 12 are valid for this
call in w2k3
*/
NTSTATUS samr_SetDomainInfo(
[out,ref] policy_handle *group_handle,
[out,ref] uint32 *rid
);
-
+
/************************/
/* Function 0x0b */
-
- const int MAX_SAM_ENTRIES_W2K = 0x400; /* 1024 */
- const int MAX_SAM_ENTRIES_W95 = 50;
-
NTSTATUS samr_EnumDomainGroups(
[in] policy_handle *domain_handle,
[in,out,ref] uint32 *resume_handle,
typedef struct {
samr_AcctFlags acct_flags;
} samr_UserInfo16;
-
+
typedef struct {
NTTIME acct_expiry;
} samr_UserInfo17;
} samr_Password;
typedef struct {
- samr_Password lm_pwd;
samr_Password nt_pwd;
- boolean8 lm_pwd_active;
+ samr_Password lm_pwd;
boolean8 nt_pwd_active;
+ boolean8 lm_pwd_active;
+ uint8 password_expired;
} samr_UserInfo18;
typedef struct {
SAMR_FIELD_PARAMETERS = 0x00200000,
SAMR_FIELD_COUNTRY_CODE = 0x00400000,
SAMR_FIELD_CODE_PAGE = 0x00800000,
- SAMR_FIELD_PASSWORD = 0x01000000, /* either of these */
- SAMR_FIELD_PASSWORD2 = 0x02000000, /* two bits seems to work */
+ SAMR_FIELD_NT_PASSWORD_PRESENT = 0x01000000, /* either of these */
+ SAMR_FIELD_LM_PASSWORD_PRESENT = 0x02000000, /* two bits seems to work */
SAMR_FIELD_PRIVATE_DATA = 0x04000000,
SAMR_FIELD_EXPIRED_FLAG = 0x08000000,
SAMR_FIELD_SEC_DESC = 0x10000000,
lsa_String workstations;
lsa_String comment;
lsa_BinaryString parameters;
- lsa_String unknown1;
- lsa_String unknown2;
+ lsa_BinaryString lm_owf_password;
+ lsa_BinaryString nt_owf_password;
lsa_String unknown3;
uint32 buf_count;
[size_is(buf_count)] uint8 *buffer;
uint16 logon_count;
uint16 country_code;
uint16 code_page;
- uint8 nt_password_set;
uint8 lm_password_set;
+ uint8 nt_password_set;
uint8 password_expired;
uint8 unknown4;
} samr_UserInfo21;
typedef struct {
samr_CryptPassword password;
- uint8 pw_len;
+ uint8 password_expired;
} samr_UserInfo24;
typedef [flag(NDR_PAHEX)] struct {
typedef struct {
samr_CryptPasswordEx password;
- uint8 pw_len;
+ uint8 password_expired;
} samr_UserInfo26;
typedef [switch_type(uint16)] union {
this seems to be an alphabetic search function. The returned index
is the index for samr_QueryDisplayInfo needed to get names occurring
after the specified name. The supplied name does not need to exist
- in the database (for example you can supply just a first letter for
+ in the database (for example you can supply just a first letter for
searching starting at that letter)
The level corresponds to the samr_QueryDisplayInfo level
/************************/
/* Function 0x3a */
/*
- seems to be an exact alias for samr_SetUserInfo()
+ seems to be an exact alias for samr_SetUserInfo()
*/
[public] NTSTATUS samr_SetUserInfo2(
[in,ref] policy_handle *user_handle,
NTSTATUS samr_RidToSid(
[in,ref] policy_handle *domain_handle,
[in] uint32 rid,
- [out,ref] dom_sid2 *sid
+ [out,ref] dom_sid2 **sid
);
-
/************************/
/* Function 0x42 */