3 import "drsuapi.idl", "misc.idl", "samr.idl", "lsa.idl", "security.idl";
6 uuid("12345778-1234-abcd-0001-00000001"),
8 pointer_default(unique),
9 helper("../librpc/ndr/ndr_drsblobs.h"),
10 helpstring("Active Directory Replication LDAP Blobs")
13 typedef bitmap drsuapi_DrsOptions drsuapi_DrsOptions;
14 typedef [v1_enum] enum drsuapi_DsAttributeId drsuapi_DsAttributeId;
15 typedef [v1_enum] enum lsa_TrustAuthType lsa_TrustAuthType;
17 * replPropertyMetaData
22 * MS-DRSR 4.1.10.2.22 PROPERTY_META_DATA
24 typedef [public] struct {
25 drsuapi_DsAttributeId attid;
27 NTTIME_1sec originating_change_time;
28 GUID originating_invocation_id;
29 hyper originating_usn;
31 } replPropertyMetaData1;
33 void decode_replPropertyMetaData1(
34 [in] replPropertyMetaData1 blob
39 [value(0)] uint32 reserved;
40 replPropertyMetaData1 array[count];
41 } replPropertyMetaDataCtr1;
43 typedef [nodiscriminant] union {
44 [case(1)] replPropertyMetaDataCtr1 ctr1;
45 } replPropertyMetaDataCtr;
47 typedef [public] struct {
49 [value(0)] uint32 reserved;
50 [switch_is(version)] replPropertyMetaDataCtr ctr;
51 } replPropertyMetaDataBlob;
53 void decode_replPropertyMetaData(
54 [in] replPropertyMetaDataBlob blob
64 [value(0)] uint32 reserved;
65 drsuapi_DsReplicaCursor cursors[count];
66 } replUpToDateVectorCtr1;
70 [value(0)] uint32 reserved;
71 drsuapi_DsReplicaCursor2 cursors[count];
72 } replUpToDateVectorCtr2;
74 typedef [nodiscriminant] union {
75 [case(1)] replUpToDateVectorCtr1 ctr1;
76 [case(2)] replUpToDateVectorCtr2 ctr2;
77 } replUpToDateVectorCtr;
79 typedef [public] struct {
81 [value(0)] uint32 reserved;
82 [switch_is(version)] replUpToDateVectorCtr ctr;
83 } replUpToDateVectorBlob;
85 void decode_replUpToDateVector(
86 [in] replUpToDateVectorBlob blob
95 typedef [public,gensize] struct {
96 [value(strlen(dns_name)+1)] uint32 __dns_name_size;
97 [charset(DOS)] uint8 dns_name[__dns_name_size];
98 } repsFromTo1OtherInfo;
100 typedef [public,gensize,flag(NDR_PAHEX)] struct {
101 /* this includes the 8 bytes of the repsFromToBlob header */
102 [value(ndr_size_repsFromTo1(this, ndr->flags)+8)] uint32 blobsize;
103 uint32 consecutive_sync_failures;
104 NTTIME_1sec last_success;
105 NTTIME_1sec last_attempt;
106 WERROR result_last_attempt;
107 [relative] repsFromTo1OtherInfo *other_info;
108 [value(ndr_size_repsFromTo1OtherInfo(other_info, ndr->flags))] uint32 other_info_length;
109 drsuapi_DrsOptions replica_flags;
111 [value(0)] uint32 reserved;
112 drsuapi_DsReplicaHighWaterMark highwatermark;
113 GUID source_dsa_obj_guid; /* the 'objectGuid' field of the CN=NTDS Settings object */
114 GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
118 typedef [public,relative_base,gensize] struct {
119 [value(ndr_size_repsFromTo2OtherInfo(this,ndr->flags))]
121 [relative] nstring *dns_name1;
123 [relative] nstring *dns_name2;
125 } repsFromTo2OtherInfo;
127 typedef [public,gensize,flag(NDR_PAHEX)] struct {
128 /* this includes the 8 bytes of the repsFromToBlob header */
129 [value(ndr_size_repsFromTo2(this, ndr->flags)+8)] uint32 blobsize;
130 uint32 consecutive_sync_failures;
131 NTTIME_1sec last_success;
132 NTTIME_1sec last_attempt;
133 WERROR result_last_attempt;
134 [relative] repsFromTo2OtherInfo *other_info;
135 [value(ndr_size_repsFromTo2OtherInfo(other_info, ndr->flags))] uint32 other_info_length;
136 drsuapi_DrsOptions replica_flags;
138 [value(0)] uint32 reserved;
139 drsuapi_DsReplicaHighWaterMark highwatermark;
140 GUID source_dsa_obj_guid; /* the 'objectGuid' field of the CN=NTDS Settings object */
141 GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
146 typedef [nodiscriminant] union {
147 [case(1)] repsFromTo1 ctr1;
148 [case(2)] repsFromTo2 ctr2;
151 typedef [public] struct {
153 [value(0)] uint32 reserved;
154 [switch_is(version)] repsFromTo ctr;
157 void decode_repsFromTo(
158 [in] repsFromToBlob blob
161 /* Replication schedule structures as defined in MS-ADTS 7.1.4.5
162 * Appears as attribute of NTDSConnection object
164 typedef [public] struct {
165 [value(0)] uint32 type; /* always 0 */
169 typedef [public] struct {
173 typedef [public] struct {
175 [value(0)] uint32 bandwidth; /* ignored */
176 [value(1)] uint32 numberOfSchedules; /* always 1 */
177 scheduleHeader headerArray[numberOfSchedules];
178 scheduleSlots dataArray[numberOfSchedules];
182 * partialAttributeSet
184 * w2k3 uses version 1
188 drsuapi_DsAttributeId array[count];
189 } partialAttributeSetCtr1;
191 typedef [nodiscriminant] union {
192 [case(1)] partialAttributeSetCtr1 ctr1;
193 } partialAttributeSetCtr;
195 typedef [public] struct {
197 [value(0)] uint32 reserved;
198 [switch_is(version)] partialAttributeSetCtr ctr;
199 } partialAttributeSetBlob;
201 void decode_partialAttributeSet(
202 [in] partialAttributeSetBlob blob
207 * schemaInfo attribute
209 * Used as an attribute on Schema.
210 * Also during replication as part of
211 * prefixMap to identify what revision
212 * of Schema source DC has
214 typedef [public,flag(NDR_NOALIGN)] struct {
215 [value(0xFF)] uint8 marker;
216 [flag(NDR_BIG_ENDIAN)] uint32 revision;
222 * MS w2k3 and w2k8 prefixMap format
223 * There is no version number. Format is:
224 * uint32 - number of entries in the map
225 * uint32 - total bytes that structure occupies
227 * uint16 - prefix ID (OID's last sub-id encoded. see prefixMap)
228 * uint16 - number of bytes in prefix N
229 * uint8[N] - BER encoded prefix
231 typedef [noprint,flag(NDR_NOALIGN)] struct {
234 uint8 binary_oid[length];
235 } drsuapi_MSPrefixMap_Entry;
237 typedef [public,gensize] struct {
239 [value(ndr_size_drsuapi_MSPrefixMap_Ctr(r, ndr->flags))] uint32 __ndr_size;
240 drsuapi_MSPrefixMap_Entry entries[num_entries];
241 } drsuapi_MSPrefixMap_Ctr;
247 * samba4 uses 0x44534442 'DSDB'
249 * as we windows don't return the prefixMap attribute when you ask for
250 * we don't know the format, but the attribute is not replicated
251 * so that we can choose our own format...
253 typedef [v1_enum] enum {
254 PREFIX_MAP_VERSION_DSDB = 0x44534442
257 typedef [nodiscriminant] union {
258 [case(PREFIX_MAP_VERSION_DSDB)] drsuapi_DsReplicaOIDMapping_Ctr dsdb;
261 typedef [public] struct {
262 prefixMapVersion version;
263 [value(0)] uint32 reserved;
264 [switch_is(version)] prefixMapCtr ctr;
267 void decode_prefixMap(
268 [in] prefixMapBlob blob
273 * the cookie for the LDAP dirsync control
275 typedef [nodiscriminant,gensize] union {
277 [default] replUpToDateVectorBlob uptodateness_vector;
278 } ldapControlDirSyncExtra;
281 [value(3)] uint32 u1;
285 [value(ndr_size_ldapControlDirSyncExtra(&extra, extra.uptodateness_vector.version, 0))]
287 drsuapi_DsReplicaHighWaterMark highwatermark;
289 [switch_is(extra_length)] ldapControlDirSyncExtra extra;
290 } ldapControlDirSyncBlob;
292 typedef [public,relative_base] struct {
293 [charset(DOS),value("MSDS")] uint8 msds[4];
294 [subcontext(0)] ldapControlDirSyncBlob blob;
295 } ldapControlDirSyncCookie;
297 void decode_ldapControlDirSync(
298 [in] ldapControlDirSyncCookie cookie
301 typedef [public] struct {
302 [value(2*strlen_m(name))] uint16 name_len;
303 [value(strlen(data))] uint16 data_len;
304 uint16 reserved; /* 2 for 'Packages', 1 for 'Primary:*', but should be ignored */
305 [charset(UTF16)] uint8 name[name_len];
307 * the data field contains data as HEX strings
310 * data contains the list of packages
311 * as non termiated UTF16 strings with
312 * a UTF16 NULL byte as separator
314 * 'Primary:Kerberos-Newer-Keys':
317 * 'Primary:Kerberos':
323 * 'Primary:CLEARTEXT':
324 * data contains the cleartext password
325 * as UTF16 string encoded as HEX string
327 * 'Primary:userPassword':
330 * 'Primary:SambaGPG':
333 * 'Primary:NTLM-Strong-NTOWF':
334 * ... Not yet implemented.
337 [charset(DOS)] uint8 data[data_len];
338 } supplementalCredentialsPackage;
340 /* this are 0x30 (48) whitespaces (0x20) */
341 const string SUPPLEMENTAL_CREDENTIALS_PREFIX = " ";
343 typedef [flag(NDR_PAHEX),public] enum {
344 SUPPLEMENTAL_CREDENTIALS_SIGNATURE = 0x0050
345 } supplementalCredentialsSignature;
347 typedef [gensize,nopush,nopull] struct {
348 [value(SUPPLEMENTAL_CREDENTIALS_PREFIX),charset(UTF16)] uint16 prefix[0x30];
349 [value(SUPPLEMENTAL_CREDENTIALS_SIGNATURE)] supplementalCredentialsSignature signature;
351 supplementalCredentialsPackage packages[num_packages];
352 } supplementalCredentialsSubBlob;
354 typedef [public] struct {
355 [value(0)] uint32 unknown1;
356 [value(ndr_size_supplementalCredentialsSubBlob(&sub, ndr->flags))] uint32 __ndr_size;
357 [value(0)] uint32 unknown2;
358 [subcontext(0),subcontext_size(__ndr_size)] supplementalCredentialsSubBlob sub;
359 [value(0)] uint8 unknown3;
360 } supplementalCredentialsBlob;
362 void decode_supplementalCredentials(
363 [in] supplementalCredentialsBlob blob
366 typedef [public] struct {
367 [flag(STR_NOTERM|NDR_REMAINING)] string_array names;
368 } package_PackagesBlob;
370 void decode_Packages(
371 [in] package_PackagesBlob blob
375 [value(2*strlen_m(string))] uint16 length;
376 [value(2*strlen_m(string))] uint16 size;
377 [relative,subcontext(0),subcontext_size(size),flag(STR_NOTERM|NDR_REMAINING)] string *string;
378 } package_PrimaryKerberosString;
381 [value(0)] uint16 reserved1;
382 [value(0)] uint16 reserved2;
383 [value(0)] uint32 reserved3;
385 [value((value?value->length:0))] uint32 value_len;
386 [relative,subcontext(0),subcontext_size(value_len),flag(NDR_REMAINING)] DATA_BLOB *value;
387 } package_PrimaryKerberosKey3;
392 package_PrimaryKerberosString salt;
393 package_PrimaryKerberosKey3 keys[num_keys];
394 package_PrimaryKerberosKey3 old_keys[num_old_keys];
395 [value(0)] uint32 padding1;
396 [value(0)] uint32 padding2;
397 [value(0)] uint32 padding3;
398 [value(0)] uint32 padding4;
399 [value(0)] uint32 padding5;
400 } package_PrimaryKerberosCtr3;
403 [value(0)] uint16 reserved1;
404 [value(0)] uint16 reserved2;
405 [value(0)] uint32 reserved3;
406 uint32 iteration_count;
408 [value((value?value->length:0))] uint32 value_len;
409 [relative,subcontext(0),subcontext_size(value_len),flag(NDR_REMAINING)] DATA_BLOB *value;
410 } package_PrimaryKerberosKey4;
414 [value(0)] uint16 num_service_keys;
416 uint16 num_older_keys;
417 package_PrimaryKerberosString salt;
418 uint32 default_iteration_count;
419 package_PrimaryKerberosKey4 keys[num_keys];
420 package_PrimaryKerberosKey4 service_keys[num_service_keys];
421 package_PrimaryKerberosKey4 old_keys[num_old_keys];
422 package_PrimaryKerberosKey4 older_keys[num_older_keys];
423 } package_PrimaryKerberosCtr4;
425 typedef [nodiscriminant] union {
426 [case(3)] package_PrimaryKerberosCtr3 ctr3;
427 [case(4)] package_PrimaryKerberosCtr4 ctr4;
428 } package_PrimaryKerberosCtr;
430 typedef [public] struct {
432 [value(0)] uint16 flags;
433 [switch_is(version)] package_PrimaryKerberosCtr ctr;
434 } package_PrimaryKerberosBlob;
436 void decode_PrimaryKerberos(
437 [in] package_PrimaryKerberosBlob blob
440 typedef [public] struct {
441 [flag(NDR_REMAINING)] DATA_BLOB cleartext;
442 } package_PrimaryCLEARTEXTBlob;
444 void decode_PrimaryCLEARTEXT(
445 [in] package_PrimaryCLEARTEXTBlob blob
448 typedef [flag(NDR_PAHEX)] struct {
450 } package_PrimaryWDigestHash;
452 typedef [public] struct {
453 [value(0x31)] uint16 unknown1;
454 [value(0x01)] uint8 unknown2;
456 [value(0)] uint32 unknown3;
457 [value(0)] udlong uuknown4;
458 package_PrimaryWDigestHash hashes[num_hashes];
459 } package_PrimaryWDigestBlob;
461 void decode_PrimaryWDigest(
462 [in] package_PrimaryWDigestBlob blob
465 typedef [public] struct {
466 [flag(NDR_REMAINING)] DATA_BLOB gpg_blob;
467 } package_PrimarySambaGPGBlob;
469 void decode_PrimarySambaGPG(
470 [in] package_PrimarySambaGPGBlob blob
474 * Password hashes stored in a scheme compatible with
475 * OpenLDAP's userPassword attribute. The Package is named
476 * Primary:userPassword each calculated hash,
477 * which is typically caclulated via crypt(), the scheme is stored.
478 * The scheme name and the {scheme} format is re-used from OpenLDAP's
479 * use for userPassword to aid interopability when exported.
481 * The currently supported scheme so far is {CRYPT}, which may
482 * be specified multiple times if both CryptSHA256 ($5$) and
483 * CryptSHA512 ($6$) are in use.
485 * current_nt_hash is either the unicodePwd or the
486 * NTLM-Strong-NTOWF, to allow us to prove this password is
490 [value(2*strlen_m(scheme))] uint16 scheme_len;
491 [charset(UTF16)] uint8 scheme[scheme_len];
492 [value((value?value->length:0))] uint32 value_len;
493 [relative,subcontext(0),subcontext_size(value_len),
494 flag(NDR_REMAINING)] DATA_BLOB *value;
495 } package_PrimaryUserPasswordValue;
497 typedef [public] struct {
498 samr_Password current_nt_hash;
500 package_PrimaryUserPasswordValue hashes[num_hashes];
501 } package_PrimaryUserPasswordBlob;
503 void decode_PrimaryUserPasswordBlob(
504 [in] package_PrimaryUserPasswordBlob blob
508 [value(0)] uint32 size;
512 [value(16)] uint32 size;
513 samr_Password password;
517 * the secret value is encoded as UTF16 if it's a string
518 * but depending the AuthType, it might also be krb5 trusts have random bytes here, so converting to UTF16
521 * TODO: We should try handle the case of a random buffer in all places
522 * we deal with cleartext passwords from windows
524 * so we don't use this:
527 * [charset(UTF16)] uint8 value[value_len];
532 uint8 password[size];
536 [value(4)] uint32 size;
540 typedef [nodiscriminant] union {
541 [case(TRUST_AUTH_TYPE_NONE)] AuthInfoNone none;
542 [case(TRUST_AUTH_TYPE_NT4OWF)] AuthInfoNT4Owf nt4owf;
543 [case(TRUST_AUTH_TYPE_CLEAR)] AuthInfoClear clear;
544 [case(TRUST_AUTH_TYPE_VERSION)] AuthInfoVersion version;
547 typedef [public] struct {
548 NTTIME LastUpdateTime;
549 lsa_TrustAuthType AuthType;
550 [switch_is(AuthType)] AuthInfo AuthInfo;
551 [flag(NDR_ALIGN4)] DATA_BLOB _pad;
552 } AuthenticationInformation;
554 /* count is not on the wire */
555 typedef [public,nopull,nopush,gensize] struct {
557 AuthenticationInformation array[count];
558 } AuthenticationInformationArray;
560 /* we cannot use [relative] pointers here because Windows expects the
561 * previous_offset to match the total size of the struct in case
562 * the previous array is empty, see MS-LSAD 2.2.7.16 - gd */
563 typedef [public,gensize,nopush] struct {
565 [value((count > 0) ? 12 : 0)] uint32 current_offset;
566 [value((count > 0) ? 12 + ndr_size_AuthenticationInformationArray(¤t, ndr->flags) : 0)] uint32 previous_offset;
567 [subcontext(0),subcontext_size((previous_offset)-(current_offset))] AuthenticationInformationArray current;
568 [subcontext(0)] [flag(NDR_REMAINING)] AuthenticationInformationArray previous;
569 } trustAuthInOutBlob;
571 [nopython] void decode_trustAuthInOut(
572 [in] trustAuthInOutBlob blob
575 typedef [public,nopull] struct {
576 uint8 confounder[512];
577 [subcontext(0),subcontext_size(outgoing_size)] trustAuthInOutBlob outgoing;
578 [subcontext(0),subcontext_size(incoming_size)] trustAuthInOutBlob incoming;
579 [value(ndr_size_trustAuthInOutBlob(&outgoing, ndr->flags))] uint32 outgoing_size;
580 [value(ndr_size_trustAuthInOutBlob(&incoming, ndr->flags))] uint32 incoming_size;
581 } trustDomainPasswords;
583 [nopython] void decode_trustDomainPasswords(
584 [in] trustDomainPasswords blob
587 typedef [public] struct {
594 [size_is(__size),charset(DOS)] uint8 *string;
595 } ExtendedErrorAString;
599 [size_is(__size),charset(UTF16)] uint16 *string;
600 } ExtendedErrorUString;
604 [size_is(length)] uint8 *data;
608 EXTENDED_ERROR_COMPUTER_NAME_PRESENT = 1,
609 EXTENDED_ERROR_COMPUTER_NAME_NOT_PRESENT= 2
610 } ExtendedErrorComputerNamePresent;
612 typedef [switch_type(ExtendedErrorComputerNamePresent)] union {
613 [case(EXTENDED_ERROR_COMPUTER_NAME_PRESENT)] ExtendedErrorUString name;
614 [case(EXTENDED_ERROR_COMPUTER_NAME_NOT_PRESENT)];
615 } ExtendedErrorComputerNameU;
618 ExtendedErrorComputerNamePresent present;
619 [switch_is(present)] ExtendedErrorComputerNameU n;
620 } ExtendedErrorComputerName;
623 EXTENDED_ERROR_PARAM_TYPE_ASCII_STRING = 1,
624 EXTENDED_ERROR_PARAM_TYPE_UNICODE_STRING = 2,
625 EXTENDED_ERROR_PARAM_TYPE_UINT32 = 3,
626 EXTENDED_ERROR_PARAM_TYPE_UINT16 = 4,
627 EXTENDED_ERROR_PARAM_TYPE_UINT64 = 5,
628 EXTENDED_ERROR_PARAM_TYPE_NONE = 6,
629 EXTENDED_ERROR_PARAM_TYPE_BLOB = 7
630 } ExtendedErrorParamType;
632 typedef [switch_type(ExtendedErrorParamType)] union {
633 [case(EXTENDED_ERROR_PARAM_TYPE_ASCII_STRING)] ExtendedErrorAString a_string;
634 [case(EXTENDED_ERROR_PARAM_TYPE_UNICODE_STRING)] ExtendedErrorUString u_string;
635 [case(EXTENDED_ERROR_PARAM_TYPE_UINT32)] uint32 uint32;
636 [case(EXTENDED_ERROR_PARAM_TYPE_UINT16)] uint16 uint16;
637 [case(EXTENDED_ERROR_PARAM_TYPE_UINT64)] hyper uint64;
638 [case(EXTENDED_ERROR_PARAM_TYPE_NONE)];
639 [case(EXTENDED_ERROR_PARAM_TYPE_BLOB)] ExtendedErrorBlob blob;
640 } ExtendedErrorParamU;
643 ExtendedErrorParamType type;
644 [switch_is(type)] ExtendedErrorParamU p;
645 } ExtendedErrorParam;
647 typedef [public] struct {
648 ExtendedErrorInfo *next;
649 ExtendedErrorComputerName computer_name;
652 uint32 generating_component;
654 uint16 detection_location;
657 [size_is(num_params)] ExtendedErrorParam params[];
661 [unique] ExtendedErrorInfo *info;
662 } ExtendedErrorInfoPtr;
664 [nopython] void decode_ExtendedErrorInfo (
665 [in,subcontext(0xFFFFFC01)] ExtendedErrorInfoPtr ptr
668 /* MS-ADTS 7.1.6.9.3 msDS-TrustForestTrustInfo Attribute */
671 [value(strlen_m(string))] uint32 size;
672 [charset(UTF8)] uint8 string[size];
675 typedef [flag(NDR_NOALIGN)] struct {
676 [value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size;
677 [subcontext(0),subcontext_size(sid_size)] dom_sid sid;
678 ForestTrustString dns_name;
679 ForestTrustString netbios_name;
680 } ForestTrustDataDomainInfo;
682 typedef [flag(NDR_NOALIGN)] struct {
685 } ForestTrustDataBinaryData;
687 typedef [nodiscriminant] union {
688 [case(FOREST_TRUST_TOP_LEVEL_NAME)] ForestTrustString name;
689 [case(FOREST_TRUST_TOP_LEVEL_NAME_EX)] ForestTrustString name;
690 [case(FOREST_TRUST_DOMAIN_INFO)] ForestTrustDataDomainInfo info;
691 [default] ForestTrustDataBinaryData data;
694 /* same as lsa_ForestTrustRecordType, but only 8 bit */
695 typedef [enum8bit] enum {
696 FOREST_TRUST_TOP_LEVEL_NAME = LSA_FOREST_TRUST_TOP_LEVEL_NAME,
697 FOREST_TRUST_TOP_LEVEL_NAME_EX = LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX,
698 FOREST_TRUST_DOMAIN_INFO = LSA_FOREST_TRUST_DOMAIN_INFO
699 } ForestTrustInfoRecordType;
701 /* meaning of flags depends on record type and values are
702 the same as in lsa.idl, see collision record types */
703 typedef [public,gensize,flag(NDR_NOALIGN)] struct {
704 lsa_ForestTrustRecordFlags flags;
706 ForestTrustInfoRecordType type;
707 [switch_is(type)] ForestTrustData data;
708 } ForestTrustInfoRecord;
710 typedef [flag(NDR_NOALIGN)] struct {
711 [value(ndr_size_ForestTrustInfoRecord(&record, ndr->flags))] uint32 record_size;
712 ForestTrustInfoRecord record;
713 } ForestTrustInfoRecordArmor;
715 typedef [public,flag(NDR_NOALIGN)] struct {
718 ForestTrustInfoRecordArmor records[count];
721 [nopython] void decode_ForestTrustInfo(
722 [in] ForestTrustInfo blob