2 Unix SMB/Netbios implementation.
4 SMB parameters and setup
5 Copyright (C) Andrew Tridgell 1992-1997
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
7 Copyright (C) Paul Ashton 1997
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #ifndef _RPC_NETLOGON_H /* _RPC_NETLOGON_H */
25 #define _RPC_NETLOGON_H
29 #define NET_SAMLOGON 0x02
30 #define NET_SAMLOGOFF 0x03
31 #define NET_REQCHAL 0x04
33 #define NET_SRVPWSET 0x06
34 #define NET_SAM_DELTAS 0x07
35 #define NET_LOGON_CTRL 0x0c
36 #define NET_AUTH2 0x0f
37 #define NET_LOGON_CTRL2 0x0e
38 #define NET_SAM_SYNC 0x10
39 #define NET_TRUST_DOM_LIST 0x13
41 /* Secure Channel types. used in NetrServerAuthenticate negotiation */
42 #define SEC_CHAN_WKSTA 2
43 #define SEC_CHAN_DOMAIN 4
44 #define SEC_CHAN_BDC 6
46 /* Returned delta types */
47 #define SAM_DELTA_DOMAIN_INFO 0x01 /* Domain */
48 #define SAM_DELTA_GROUP_INFO 0x02 /* Domain groups */
49 #define SAM_DELTA_ACCOUNT_INFO 0x05 /* Users */
50 #define SAM_DELTA_GROUP_MEM 0x08 /* Group membership */
51 #define SAM_DELTA_ALIAS_INFO 0x09 /* Local groups */
52 #define SAM_DELTA_ALIAS_MEM 0x0C /* Local group membership */
53 #define SAM_DELTA_UNKNOWN 0x0D /* Privilige stuff */
54 #define SAM_DELTA_UNKNOWN2 0x10 /* Privilige stuff */
55 #define SAM_DELTA_SAM_STAMP 0x16 /* Some kind of journal record? */
57 /* SAM database types */
58 #define SAM_DATABASE_DOMAIN 0x00 /* Domain users and groups */
59 #define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and groups */
60 #define SAM_DATABASE_PRIVS 0x02 /* Priviliges? */
63 /* I think this is correct - it's what gets parsed on the wire. JRA. */
65 typedef struct net_user_info_2
69 NTTIME logon_time; /* logon time */
70 NTTIME logoff_time; /* logoff time */
71 NTTIME kickoff_time; /* kickoff time */
72 NTTIME pass_last_set_time; /* password last set time */
73 NTTIME pass_can_change_time; /* password can change time */
74 NTTIME pass_must_change_time; /* password must change time */
76 UNIHDR hdr_user_name; /* username unicode string header */
77 UNIHDR hdr_full_name; /* user's full name unicode string header */
78 UNIHDR hdr_logon_script; /* logon script unicode string header */
79 UNIHDR hdr_profile_path; /* profile path unicode string header */
80 UNIHDR hdr_home_dir; /* home directory unicode string header */
81 UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
83 uint16 logon_count; /* logon count */
84 uint16 bad_pw_count; /* bad password count */
86 uint32 user_id; /* User ID */
87 uint32 group_id; /* Group ID */
88 uint32 num_groups; /* num groups */
89 uint32 buffer_groups; /* undocumented buffer pointer to groups. */
90 uint32 user_flgs; /* user flags */
92 uint8 user_sess_key[16]; /* unused user session key */
94 UNIHDR hdr_logon_srv; /* logon server unicode string header */
95 UNIHDR hdr_logon_dom; /* logon domain unicode string header */
97 uint32 buffer_dom_id; /* undocumented logon domain id pointer */
98 uint8 padding[40]; /* unused padding bytes. expansion room */
100 UNISTR2 uni_user_name; /* username unicode string */
101 UNISTR2 uni_full_name; /* user's full name unicode string */
102 UNISTR2 uni_logon_script; /* logon script unicode string */
103 UNISTR2 uni_profile_path; /* profile path unicode string */
104 UNISTR2 uni_home_dir; /* home directory unicode string */
105 UNISTR2 uni_dir_drive; /* home directory drive unicode string */
107 uint32 num_groups2; /* num groups */
108 DOM_GID *gids; /* group info */
110 UNISTR2 uni_logon_srv; /* logon server unicode string */
111 UNISTR2 uni_logon_dom; /* logon domain unicode string */
113 DOM_SID2 dom_sid; /* domain SID */
115 uint32 num_other_groups; /* other groups */
116 DOM_GID *other_gids; /* group info */
117 DOM_SID2 *other_sids; /* undocumented - domain SIDs */
122 /* NET_USER_INFO_3 */
123 typedef struct net_user_info_3
125 uint32 ptr_user_info;
127 NTTIME logon_time; /* logon time */
128 NTTIME logoff_time; /* logoff time */
129 NTTIME kickoff_time; /* kickoff time */
130 NTTIME pass_last_set_time; /* password last set time */
131 NTTIME pass_can_change_time; /* password can change time */
132 NTTIME pass_must_change_time; /* password must change time */
134 UNIHDR hdr_user_name; /* username unicode string header */
135 UNIHDR hdr_full_name; /* user's full name unicode string header */
136 UNIHDR hdr_logon_script; /* logon script unicode string header */
137 UNIHDR hdr_profile_path; /* profile path unicode string header */
138 UNIHDR hdr_home_dir; /* home directory unicode string header */
139 UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
141 uint16 logon_count; /* logon count */
142 uint16 bad_pw_count; /* bad password count */
144 uint32 user_rid; /* User RID */
145 uint32 group_rid; /* Group RID */
147 uint32 num_groups; /* num groups */
148 uint32 buffer_groups; /* undocumented buffer pointer to groups. */
149 uint32 user_flgs; /* user flags */
151 uint8 user_sess_key[16]; /* unused user session key */
153 UNIHDR hdr_logon_srv; /* logon server unicode string header */
154 UNIHDR hdr_logon_dom; /* logon domain unicode string header */
156 uint32 buffer_dom_id; /* undocumented logon domain id pointer */
157 uint8 padding[40]; /* unused padding bytes. expansion room */
159 uint32 num_other_sids; /* 0 - num_sids */
160 uint32 buffer_other_sids; /* NULL - undocumented pointer to SIDs. */
162 UNISTR2 uni_user_name; /* username unicode string */
163 UNISTR2 uni_full_name; /* user's full name unicode string */
164 UNISTR2 uni_logon_script; /* logon script unicode string */
165 UNISTR2 uni_profile_path; /* profile path unicode string */
166 UNISTR2 uni_home_dir; /* home directory unicode string */
167 UNISTR2 uni_dir_drive; /* home directory drive unicode string */
169 uint32 num_groups2; /* num groups */
170 DOM_GID *gids; /* group info */
172 UNISTR2 uni_logon_srv; /* logon server unicode string */
173 UNISTR2 uni_logon_dom; /* logon domain unicode string */
175 DOM_SID2 dom_sid; /* domain SID */
177 uint32 num_other_groups; /* other groups */
178 DOM_GID *other_gids; /* group info */
179 DOM_SID2 *other_sids; /* undocumented - domain SIDs */
184 /* NETLOGON_INFO_1 - pdc status info, i presume */
185 typedef struct netlogon_1_info
187 uint32 flags; /* 0x0 - undocumented */
188 uint32 pdc_status; /* 0x0 - undocumented */
192 /* NETLOGON_INFO_2 - pdc status info, plus trusted domain info */
193 typedef struct netlogon_2_info
195 uint32 flags; /* 0x0 - undocumented */
196 uint32 pdc_status; /* 0x0 - undocumented */
197 uint32 ptr_trusted_dc_name; /* pointer to trusted domain controller name */
198 uint32 tc_status; /* 0x051f - ERROR_NO_LOGON_SERVERS */
199 UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */
203 /* NETLOGON_INFO_3 - logon status info, i presume */
204 typedef struct netlogon_3_info
206 uint32 flags; /* 0x0 - undocumented */
207 uint32 logon_attempts; /* number of logon attempts */
208 uint32 reserved_1; /* 0x0 - undocumented */
209 uint32 reserved_2; /* 0x0 - undocumented */
210 uint32 reserved_3; /* 0x0 - undocumented */
211 uint32 reserved_4; /* 0x0 - undocumented */
212 uint32 reserved_5; /* 0x0 - undocumented */
216 /********************************************************
219 This is generated by a nltest /bdc_query:DOMAIN
221 query_level 0x1, function_code 0x1
223 ********************************************************/
225 /* NET_Q_LOGON_CTRL - LSA Netr Logon Control */
227 typedef struct net_q_logon_ctrl_info
230 UNISTR2 uni_server_name;
231 uint32 function_code;
235 /* NET_R_LOGON_CTRL - LSA Netr Logon Control */
237 typedef struct net_r_logon_ctrl_info
243 NETLOGON_INFO_1 info1;
249 /********************************************************
252 query_level 0x1 - pdc status
253 query_level 0x3 - number of logon attempts.
255 ********************************************************/
257 /* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2 */
258 typedef struct net_q_logon_ctrl2_info
260 uint32 ptr; /* undocumented buffer pointer */
261 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
263 uint32 function_code; /* 0x1 */
264 uint32 query_level; /* 0x1, 0x3 */
265 uint32 switch_value; /* 0x1 */
269 /*******************************************************
270 Logon Control Response
272 switch_value is same as query_level in request
273 *******************************************************/
275 /* NET_R_LOGON_CTRL2 - response to LSA Logon Control2 */
276 typedef struct net_r_logon_ctrl2_info
278 uint32 switch_value; /* 0x1, 0x3 */
283 NETLOGON_INFO_1 info1;
284 NETLOGON_INFO_2 info2;
285 NETLOGON_INFO_3 info3;
289 NTSTATUS status; /* return code */
293 /* NET_Q_TRUST_DOM_LIST - LSA Query Trusted Domains */
294 typedef struct net_q_trust_dom_info
296 uint32 ptr; /* undocumented buffer pointer */
297 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
299 } NET_Q_TRUST_DOM_LIST;
301 #define MAX_TRUST_DOMS 1
303 /* NET_R_TRUST_DOM_LIST - response to LSA Trusted Domains */
304 typedef struct net_r_trust_dom_info
306 UNISTR2 uni_trust_dom_name[MAX_TRUST_DOMS];
308 NTSTATUS status; /* return code */
310 } NET_R_TRUST_DOM_LIST;
314 typedef struct neg_flags_info
316 uint32 neg_flags; /* negotiated flags */
322 typedef struct net_q_req_chal_info
324 uint32 undoc_buffer; /* undocumented buffer pointer */
325 UNISTR2 uni_logon_srv; /* logon server unicode string */
326 UNISTR2 uni_logon_clnt; /* logon client unicode string */
327 DOM_CHAL clnt_chal; /* client challenge */
333 typedef struct net_r_req_chal_info
335 DOM_CHAL srv_chal; /* server challenge */
336 NTSTATUS status; /* return code */
340 typedef struct net_q_auth_info
342 DOM_LOG_INFO clnt_id; /* client identification info */
343 DOM_CHAL clnt_chal; /* client-calculated credentials */
347 typedef struct net_r_auth_info
349 DOM_CHAL srv_chal; /* server-calculated credentials */
350 NTSTATUS status; /* return code */
354 typedef struct net_q_auth2_info
356 DOM_LOG_INFO clnt_id; /* client identification info */
357 DOM_CHAL clnt_chal; /* client-calculated credentials */
359 NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
365 typedef struct net_r_auth2_info
367 DOM_CHAL srv_chal; /* server-calculated credentials */
368 NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
369 NTSTATUS status; /* return code */
373 /* NET_Q_SRV_PWSET */
374 typedef struct net_q_srv_pwset_info
376 DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
377 uint8 pwd[16]; /* new password - undocumented. */
381 /* NET_R_SRV_PWSET */
382 typedef struct net_r_srv_pwset_info
384 DOM_CRED srv_cred; /* server-calculated credentials */
386 NTSTATUS status; /* return code */
391 typedef struct net_network_info_2
393 uint32 ptr_id_info2; /* pointer to id_info_2 */
394 UNIHDR hdr_domain_name; /* domain name unicode header */
395 uint32 param_ctrl; /* param control (0x2) */
396 DOM_LOGON_ID logon_id; /* logon ID */
397 UNIHDR hdr_user_name; /* user name unicode header */
398 UNIHDR hdr_wksta_name; /* workstation name unicode header */
399 uint8 lm_chal[8]; /* lan manager 8 byte challenge */
400 STRHDR hdr_nt_chal_resp; /* nt challenge response */
401 STRHDR hdr_lm_chal_resp; /* lm challenge response */
403 UNISTR2 uni_domain_name; /* domain name unicode string */
404 UNISTR2 uni_user_name; /* user name unicode string */
405 UNISTR2 uni_wksta_name; /* workgroup name unicode string */
406 STRING2 nt_chal_resp; /* nt challenge response */
407 STRING2 lm_chal_resp; /* lm challenge response */
412 typedef struct id_info_1
414 uint32 ptr_id_info1; /* pointer to id_info_1 */
415 UNIHDR hdr_domain_name; /* domain name unicode header */
416 uint32 param_ctrl; /* param control */
417 DOM_LOGON_ID logon_id; /* logon ID */
418 UNIHDR hdr_user_name; /* user name unicode header */
419 UNIHDR hdr_wksta_name; /* workstation name unicode header */
420 OWF_INFO lm_owf; /* LM OWF Password */
421 OWF_INFO nt_owf; /* NT OWF Password */
422 UNISTR2 uni_domain_name; /* domain name unicode string */
423 UNISTR2 uni_user_name; /* user name unicode string */
424 UNISTR2 uni_wksta_name; /* workgroup name unicode string */
428 #define INTERACTIVE_LOGON_TYPE 1
429 #define NET_LOGON_TYPE 2
431 /* NET_ID_INFO_CTR */
432 typedef struct net_id_info_ctr_info
438 NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
439 NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
445 /* SAM_INFO - sam logon/off id structure */
446 typedef struct sam_info
448 DOM_CLNT_INFO2 client;
449 uint32 ptr_rtn_cred; /* pointer to return credentials */
450 DOM_CRED rtn_cred; /* return credentials */
452 NET_ID_INFO_CTR *ctr;
456 /* NET_Q_SAM_LOGON */
457 typedef struct net_q_sam_logon_info
460 uint16 validation_level;
464 /* NET_R_SAM_LOGON */
465 typedef struct net_r_sam_logon_info
467 uint32 buffer_creds; /* undocumented buffer pointer */
468 DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
470 uint16 switch_value; /* 3 - indicates type of USER INFO */
471 NET_USER_INFO_3 *user;
473 uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
475 NTSTATUS status; /* return code */
480 /* NET_Q_SAM_LOGOFF */
481 typedef struct net_q_sam_logoff_info
487 /* NET_R_SAM_LOGOFF */
488 typedef struct net_r_sam_logoff_info
490 uint32 buffer_creds; /* undocumented buffer pointer */
491 DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
493 NTSTATUS status; /* return code */
498 typedef struct net_q_sam_sync_info
500 UNISTR2 uni_srv_name; /* \\PDC */
501 UNISTR2 uni_cli_name; /* BDC */
506 uint32 restart_state;
509 uint32 max_size; /* preferred maximum length */
514 typedef struct sam_delta_hdr_info
516 uint16 type; /* type of structure attached */
525 /* SAM_DOMAIN_INFO (0x1) */
526 typedef struct sam_domain_info_info
531 UINT64_S force_logoff;
533 uint16 pwd_history_len;
534 UINT64_S max_pwd_age;
535 UINT64_S min_pwd_age;
536 UINT64_S dom_mod_count;
537 NTTIME creation_time;
539 BUFHDR2 hdr_sec_desc; /* security descriptor */
543 UNISTR2 uni_dom_name;
544 UNISTR2 buf_oem_info; /* never seen */
546 BUFFER4 buf_sec_desc;
551 /* SAM_GROUP_INFO (0x2) */
552 typedef struct sam_group_info_info
557 BUFHDR2 hdr_sec_desc; /* security descriptor */
560 UNISTR2 uni_grp_name;
561 UNISTR2 uni_grp_desc;
562 BUFFER4 buf_sec_desc;
567 typedef struct sam_passwd_info
569 /* this structure probably contains password history */
570 /* this is probably a count of lm/nt pairs */
571 uint32 unk_0; /* 0x0000 0002 */
574 uint8 buf_lm_pwd[16];
577 uint8 buf_nt_pwd[16];
584 /* SAM_ACCOUNT_INFO (0x5) */
585 typedef struct sam_account_info_info
587 UNIHDR hdr_acct_name;
588 UNIHDR hdr_full_name;
594 UNIHDR hdr_dir_drive;
595 UNIHDR hdr_logon_script;
596 UNIHDR hdr_acct_desc;
597 UNIHDR hdr_workstations;
602 uint32 logon_divs; /* 0xA8 */
603 uint32 ptr_logon_hrs;
605 uint16 bad_pwd_count;
607 NTTIME pwd_last_set_time;
608 NTTIME acct_expiry_time;
613 uint8 nt_pwd_present;
614 uint8 lm_pwd_present;
618 UNIHDR hdr_parameters;
622 BUFHDR2 hdr_sec_desc; /* security descriptor */
625 UNIHDR hdr_reserved[3]; /* space for more strings */
626 uint32 dw_reserved[4]; /* space for more data - first two seem to
629 UNISTR2 uni_acct_name;
630 UNISTR2 uni_full_name;
631 UNISTR2 uni_home_dir;
632 UNISTR2 uni_dir_drive;
633 UNISTR2 uni_logon_script;
634 UNISTR2 uni_acct_desc;
635 UNISTR2 uni_workstations;
637 uint32 unknown1; /* 0x4EC */
638 uint32 unknown2; /* 0 */
640 BUFFER4 buf_logon_hrs;
642 UNISTR2 uni_parameters;
644 BUFFER4 buf_sec_desc;
649 /* SAM_GROUP_MEM_INFO (0x8) */
650 typedef struct sam_group_mem_info_info
663 } SAM_GROUP_MEM_INFO;
665 /* SAM_ALIAS_INFO (0x9) */
666 typedef struct sam_alias_info_info
670 BUFHDR2 hdr_sec_desc; /* security descriptor */
674 UNISTR2 uni_als_name;
675 BUFFER4 buf_sec_desc;
676 UNISTR2 uni_als_desc;
680 /* SAM_ALIAS_MEM_INFO (0xC) */
681 typedef struct sam_alias_mem_info_info
691 } SAM_ALIAS_MEM_INFO;
693 /* SAM_DELTA_STAMP (0x16) */
697 uint32 dom_mod_count_ptr;
698 UINT64_S dom_mod_count; /* domain mod count at last sync */
701 typedef union sam_delta_ctr_info
703 SAM_DOMAIN_INFO domain_info ;
704 SAM_GROUP_INFO group_info ;
705 SAM_ACCOUNT_INFO account_info;
706 SAM_GROUP_MEM_INFO grp_mem_info;
707 SAM_ALIAS_INFO alias_info ;
708 SAM_ALIAS_MEM_INFO als_mem_info;
709 SAM_DELTA_STAMP stamp;
713 typedef struct net_r_sam_sync_info
724 SAM_DELTA_HDR *hdr_deltas;
725 SAM_DELTA_CTR *deltas;
730 /* NET_Q_SAM_DELTAS */
731 typedef struct net_q_sam_deltas_info
733 UNISTR2 uni_srv_name;
734 UNISTR2 uni_cli_name;
739 UINT64_S dom_mod_count; /* domain mod count at last sync */
741 uint32 max_size; /* preferred maximum length */
745 /* NET_R_SAM_DELTAS */
746 typedef struct net_r_sam_deltas_info
750 UINT64_S dom_mod_count; /* new domain mod count */
756 SAM_DELTA_HDR *hdr_deltas;
757 SAM_DELTA_CTR *deltas;
762 #endif /* _RPC_NETLOGON_H */