libds: added more UF_ -> ACB_ flags mappings

[ira/wip.git] / libds / common / flags.h
diff --git a/libds/common/flags.h b/libds/common/flags.h

index 67811d06aac5d9cc50d4a4cf0fe4f42ede64b0a3..44a50149f8b851f8bcf9f7e22bebe81d1e13d5d8 100644 (file)
--- a/libds/common/flags.h
+++ b/libds/common/flags.h
@@ -48,9 +48,10 @@
  #define UF_USE_DES_KEY_ONLY                    0x00200000
  #define UF_DONT_REQUIRE_PREAUTH                        0x00400000
  #define UF_PASSWORD_EXPIRED                    0x00800000
-
  #define UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION 0x01000000
  #define UF_NO_AUTH_DATA_REQUIRED               0x02000000
+#define UF_PARTIAL_SECRETS_ACCOUNT             0x04000000
+#define UF_USE_AES_KEYS                         0x08000000
  
  #define UF_MACHINE_ACCOUNT_MASK (\
                 UF_INTERDOMAIN_TRUST_ACCOUNT |\
@@ -110,7 +111,7 @@
                 GROUP_TYPE_SECURITY_ENABLED \
                 )
  #define GTYPE_SECURITY_UNIVERSAL_GROUP ( \
-               /* 0x80000008 -2147483656 */ \
+               /* 0x80000008 -2147483640 */ \
                 GROUP_TYPE_UNIVERSAL_GROUP| \
                 GROUP_TYPE_SECURITY_ENABLED \
                 )
@@ -170,27 +171,20 @@
  #define SEARCH_FLAG_NEVERVALUEAUDIT    0x0000100
  #define SEARCH_FLAG_RODC_ATTRIBUTE     0x0000200
  
-/* "domainFunctionality", "forestFunctionality" in the rootDSE */
+/* "domainFunctionality", "forestFunctionality" and "domainControllerFunctionality" in the rootDSE */
  #define DS_DOMAIN_FUNCTION_2000                0
-#define DS_DOMAIN_FUNCTION_2003_MIXED  1
+#define DS_DOMAIN_FUNCTION_2003_MIXED  1 /* Not a valid/meaningful
+                                          * domainControllerFunctionality
+                                          * Level */
  #define DS_DOMAIN_FUNCTION_2003                2
  #define DS_DOMAIN_FUNCTION_2008                3
  #define DS_DOMAIN_FUNCTION_2008_R2     4 
  
-/* "domainControllerFunctionality" in the rootDSE */
-#define DS_DC_FUNCTION_2000            0
-#define DS_DC_FUNCTION_2003            2
-#define DS_DC_FUNCTION_2008            3
-#define DS_DC_FUNCTION_2008_R2         4
-
  /* sa->systemFlags on attributes */
  #define DS_FLAG_ATTR_NOT_REPLICATED    0x00000001
  #define DS_FLAG_ATTR_REQ_PARTIAL_SET_MEMBER 0x00000002
  #define DS_FLAG_ATTR_IS_CONSTRUCTED    0x00000004
  
-/* sa->systemFlagsEx on attributes */
-#define DS_FLAG_ATTR_IS_CRITICAL    0x00000001
-
  /* 7.1.1.2.2.1.2.1.1           nTDSDSA Object options flags */
  #define DS_NTDSDSA_OPT_IS_GC                    0x00000001
  #define DS_NTDSDSA_OPT_DISABLE_INBOUND_REPL     0x00000002
@@ -213,3 +207,26 @@
  
  /* wellknown GUIDs for optional directory features */
  #define DS_GUID_FEATURE_RECYCLE_BIN                  "766ddcd8-acd0-445e-f3b9-a7f9b6744f2a"
+
+/* dsHeurisrics character indexes see MS-ADTS 7.1.1.2.4.1.2 */
+
+#define DS_HR_SUPFIRSTLASTANR                     0x00000001
+#define DS_HR_SUPLASTFIRSTANR                     0x00000002
+#define DS_HR_DOLISTOBJECT                        0x00000003
+#define DS_HR_DONICKRES                           0x00000004
+#define DS_HR_LDAP_USEPERMMOD                     0x00000005
+#define DS_HR_HIDEDSID                            0x00000006
+#define DS_HR_BLOCK_ANONYMOUS_OPS                 0x00000007
+#define DS_HR_ALLOW_ANON_NSPI                     0x00000008
+#define DS_HR_USER_PASSWORD_SUPPORT               0x00000009
+#define DS_HR_TENTH_CHAR                          0x0000000A
+#define DS_HR_SPECIFY_GUID_ON_ADD                 0x0000000B
+#define DS_HR_NO_STANDARD_SD                      0x0000000C
+#define DS_HR_ALLOW_NONSECURE_PWD_OPS             0x0000000D
+#define DS_HR_NO_PROPAGATE_ON_NOCHANGE            0x0000000E
+#define DS_HR_COMPUTE_ANR_STATS                   0x0000000F
+#define DS_HR_ADMINSDEXMASK                       0x00000010
+#define DS_HR_KVNOEMUW2K                          0x00000011
+#define DS_HR_LDAP_BYPASS_UPPER_LIMIT_BOUNDS      0x00000012
+
+