3 import "security.idl", "misc.idl", "lsa.idl", "samr.idl";
6 uuid("e3514235-4b06-11d1-ab04-00c04fc2dcd2"),
8 endpoint("ncacn_np:[\\pipe\\lsass]","ncacn_np:[\\pipe\\protected_storage]", "ncacn_ip_tcp:", "ncalrpc:"),
10 helpstring("Active Directory Replication"),
11 helper("../librpc/ndr/ndr_drsuapi.h"),
12 pointer_default(unique)
16 typedef bitmap security_GroupAttrs security_GroupAttrs;
18 /* see MS-DRSR section 5.39 */
19 typedef [public,bitmap32bit] bitmap {
20 DRSUAPI_DRS_ASYNC_OP = 0x00000001,
21 DRSUAPI_DRS_GETCHG_CHECK = 0x00000002,
22 DRSUAPI_DRS_UPDATE_NOTIFICATION = 0x00000002,
23 DRSUAPI_DRS_ADD_REF = 0x00000004,
24 DRSUAPI_DRS_SYNC_ALL = 0x00000008,
25 DRSUAPI_DRS_DEL_REF = 0x00000008,
26 DRSUAPI_DRS_WRIT_REP = 0x00000010,
27 DRSUAPI_DRS_INIT_SYNC = 0x00000020,
28 DRSUAPI_DRS_PER_SYNC = 0x00000040,
29 DRSUAPI_DRS_MAIL_REP = 0x00000080,
30 DRSUAPI_DRS_ASYNC_REP = 0x00000100,
31 DRSUAPI_DRS_IGNORE_ERROR = 0x00000100,
32 DRSUAPI_DRS_TWOWAY_SYNC = 0x00000200,
33 DRSUAPI_DRS_CRITICAL_ONLY = 0x00000400,
34 DRSUAPI_DRS_GET_ANC = 0x00000800,
35 DRSUAPI_DRS_GET_NC_SIZE = 0x00001000,
36 DRSUAPI_DRS_LOCAL_ONLY = 0x00001000,
37 DRSUAPI_DRS_NONGC_RO_REP = 0x00002000,
38 DRSUAPI_DRS_SYNC_BYNAME = 0x00004000,
39 DRSUAPI_DRS_REF_OK = 0x00004000,
40 DRSUAPI_DRS_FULL_SYNC_NOW = 0x00008000,
41 DRSUAPI_DRS_NO_SOURCE = 0x00008000,
42 DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS = 0x00010000,
43 DRSUAPI_DRS_FULL_SYNC_PACKET = 0x00020000,
44 DRSUAPI_DRS_SYNC_REQUEUE = 0x00040000,
45 DRSUAPI_DRS_SYNC_URGENT = 0x00080000,
46 DRSUAPI_DRS_REF_GCSPN = 0x00100000,
47 DRSUAPI_DRS_NO_DISCARD = 0x00100000,
48 DRSUAPI_DRS_NEVER_SYNCED = 0x00200000,
49 DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING = 0x00400000,
50 DRSUAPI_DRS_INIT_SYNC_NOW = 0x00800000,
51 DRSUAPI_DRS_PREEMPTED = 0x01000000,
52 DRSUAPI_DRS_SYNC_FORCED = 0x02000000,
53 DRSUAPI_DRS_DISABLE_AUTO_SYNC = 0x04000000,
54 DRSUAPI_DRS_DISABLE_PERIODIC_SYNC = 0x08000000,
55 DRSUAPI_DRS_USE_COMPRESSION = 0x10000000,
56 DRSUAPI_DRS_NEVER_NOTIFY = 0x20000000,
57 DRSUAPI_DRS_SYNC_PAS = 0x40000000,
58 DRSUAPI_DRS_GET_ALL_GROUP_MEMBERSHIP = 0x80000000
61 typedef [public,bitmap32bit] bitmap {
62 DRSUAPI_DRS_GET_TGT = 0x00000001
63 } drsuapi_DrsMoreOptions;
65 /* see DRS_MSG_REPMOD_V1 */
66 typedef [public,bitmap32bit] bitmap {
67 DRSUAPI_DRS_UPDATE_FLAGS = 0x00000001,
68 DRSUAPI_DRS_UPDATE_ADDRESS = 0x00000002,
69 DRSUAPI_DRS_UPDATE_SCHEDULE = 0x00000004
73 /* Function 0x00 drsuapi_DsBind() */
75 /* MS-DRSR 5.39 DRS_EXTENSIONS_INT */
76 typedef [bitmap32bit] bitmap {
77 DRSUAPI_SUPPORTED_EXTENSION_BASE = 0x00000001,
78 DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION = 0x00000002,
79 DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI = 0x00000004,
80 DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2 = 0x00000008,
81 DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS = 0x00000010,
82 DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1 = 0x00000020,
83 DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION = 0x00000040,
84 DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY = 0x00000080,
85 DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE = 0x00000100,
86 DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2 = 0x00000200,
87 DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION = 0x00000400,
88 DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2 = 0x00000800,
89 DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD= 0x00001000,
90 DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND = 0x00002000,
91 DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO = 0x00004000,
92 DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION = 0x00008000,
93 DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01 = 0x00010000,
94 DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP = 0x00020000,
95 DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY = 0x00040000,
96 DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3 = 0x00080000,
97 DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V5 = 0x00100000,
98 DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2 = 0x00200000,
99 DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6 = 0x00400000,
100 DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS = 0x00800000,
101 DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8 = 0x01000000,
102 DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5 = 0x02000000,
103 DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6 = 0x04000000,
105 * the following 3 have the same value
106 * repadmin.exe /bind says that
108 DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3 = 0x08000000,
109 DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7 = 0x08000000,
110 DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT = 0x08000000,
111 DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS = 0x10000000,
112 DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10 = 0x20000000,
113 DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART2 = 0x40000000,
114 DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART3 = 0x80000000
115 } drsuapi_SupportedExtensions;
117 typedef [bitmap32bit] bitmap {
118 DRSUAPI_SUPPORTED_EXTENSION_ADAM = 0x00000001,
119 DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2 = 0x00000002,
120 DRSUAPI_SUPPORTED_EXTENSION_RECYCLE_BIN = 0x00000004
121 } drsuapi_SupportedExtensionsExt;
123 /* this is used by w2k */
124 typedef [public] struct {
125 drsuapi_SupportedExtensions supported_extensions;
128 } drsuapi_DsBindInfo24;
130 /* this is used by w2k3 */
131 typedef [public] struct {
132 drsuapi_SupportedExtensions supported_extensions;
136 } drsuapi_DsBindInfo28;
138 typedef [public] struct {
139 drsuapi_SupportedExtensions supported_extensions;
143 drsuapi_SupportedExtensionsExt supported_extensions_ext;
144 } drsuapi_DsBindInfo32;
146 /* this is used by w2k8 */
147 typedef [public] struct {
148 drsuapi_SupportedExtensions supported_extensions;
152 drsuapi_SupportedExtensionsExt supported_extensions_ext;
154 } drsuapi_DsBindInfo48;
156 /* this is used by w2k12 R2 [MS-DRSR] Section 5.39 */
157 typedef [public] struct {
158 drsuapi_SupportedExtensions supported_extensions;
162 drsuapi_SupportedExtensionsExt supported_extensions_ext;
164 drsuapi_SupportedExtensionsExt supported_capabilities_ext;
165 } drsuapi_DsBindInfo52;
167 typedef [public] struct {
168 [flag(NDR_REMAINING)] DATA_BLOB info;
169 } drsuapi_DsBindInfoFallBack;
171 typedef [nopull, nopush, noprint] [nodiscriminant] union {
172 [case(24)][subcontext(0), subcontext_size(24)] drsuapi_DsBindInfo24 info24;
173 [case(28)][subcontext(0), subcontext_size(28)] drsuapi_DsBindInfo28 info28;
174 [case(32)][subcontext(0), subcontext_size(32)] drsuapi_DsBindInfo32 info32;
175 [case(48)][subcontext(0), subcontext_size(48)] drsuapi_DsBindInfo48 info48;
176 [case(52)][subcontext(0), subcontext_size(52)] drsuapi_DsBindInfo52 info52;
178 * The size for the defaut case is a bit arbitrary it in fact the value
179 * of the switch but we can't reference it.
180 * As we hand(un-)marshall this structure it has 0 impact and makes
181 * pidl happy for wireshark too
183 [default][subcontext(0), subcontext_size(48)] drsuapi_DsBindInfoFallBack Fallback;
184 } drsuapi_DsBindInfo;
186 /* the drsuapi_DsBindInfoCtr was this before
187 * typedef [flag(NDR_PAHEX)] struct {
188 * [range(1,10000)] uint32 length;
189 * [size_is(length)] uint8 data[];
190 * } drsuapi_DsBindInfo;
192 * but we don't want the caller to manually decode this blob,
193 * so we're doing it here
197 * MS-DRSR.pdf gives the following definition
199 [range(1,10000)] DWORD cb;
200 [size_is(cb)] BYTE rgb[];
203 But we use a subcontext which has a slighly different signification on how
205 With the MS-DRSR definition we will have
206 size_is_cb cv rgb_array
207 with size_is_cb being a uint3264 and cv being a uint32
211 [range(1,10000)] uint32 length;
212 [switch_is(length)] drsuapi_DsBindInfo info;
213 } drsuapi_DsBindInfoCtr;
215 typedef [nodiscriminant] union {
216 [case(24)][subcontext(4)] drsuapi_DsBindInfo24 info24;
217 [case(28)][subcontext(4)] drsuapi_DsBindInfo28 info28;
218 [case(48)][subcontext(4)] drsuapi_DsBindInfo48 info48;
219 [default][subcontext(4)] drsuapi_DsBindInfoFallBack FallBack;
220 } drsuapi_DsBindInfo;
222 With this definition data is laid out this way:
223 length subcontext_size drsuapi_DsBindInfoxx
224 with length being a uint32 and subcontext_size being a uint3264
226 It has clearly an impact on the way things are aligned when using NDR64
228 typedef [flag(NDR_NOALIGN)] struct {
229 [range(1,10000)] uint3264 length;
230 [value(length)] uint32 __ndr_length;
231 [switch_is(length)] drsuapi_DsBindInfo info;
232 } drsuapi_DsBindInfoCtr;
234 /* this is a magic guid you need to pass to DsBind to make drsuapi_DsWriteAccountSpn() work
236 * maybe the bind_guid could also be the invocation_id see drsuapi_DsReplicaConnection04
238 const char *DRSUAPI_DS_BIND_GUID = "e24d201a-4fd6-11d1-a3da-0000f875ae0d";
240 * this magic guid are needed to fetch the whole tree with drsuapi_DsGetNCChanges()
241 * as administrator and this values are also used in the destination_dsa_guid field
242 * of drsuapi_DsGetNCChangesReq5/8 and the source_dsa_guid is zero.
244 const char *DRSUAPI_DS_BIND_GUID_W2K = "6abec3d1-3054-41c8-a362-5a0c5b7d5d71";
245 const char *DRSUAPI_DS_BIND_GUID_W2K3 = "6afab99c-6e26-464a-975f-f58f105218bc";
247 [public] WERROR drsuapi_DsBind(
248 [in,unique] GUID *bind_guid,
249 [in,out,unique] drsuapi_DsBindInfoCtr *bind_info,
250 [out] policy_handle *bind_handle
255 WERROR drsuapi_DsUnbind(
256 [in,out] policy_handle *bind_handle
261 typedef [public,gensize] struct {
262 [value(ndr_size_drsuapi_DsReplicaObjectIdentifier(r, ndr->flags)-4)] uint32 __ndr_size;
263 [value(ndr_size_dom_sid28(&sid, ndr->flags))] uint32 __ndr_size_sid;
266 [value(strlen_m(dn))] uint32 __ndr_size_dn;
267 [charset(UTF16),size_is(__ndr_size_dn+1)] uint16 dn[];
268 } drsuapi_DsReplicaObjectIdentifier;
271 [ref] drsuapi_DsReplicaObjectIdentifier *naming_context;
272 GUID source_dsa_guid;
273 [charset(DOS),string] char *source_dsa_dns; /* Source DSA dns_name in <guid>._msdcs.<domain_dns> form */
274 drsuapi_DrsOptions options;
275 } drsuapi_DsReplicaSyncRequest1;
277 typedef [switch_type(uint32)] union {
278 [case(1)] drsuapi_DsReplicaSyncRequest1 req1;
279 } drsuapi_DsReplicaSyncRequest;
281 WERROR drsuapi_DsReplicaSync(
282 [in] policy_handle *bind_handle,
284 [in,switch_is(level)] drsuapi_DsReplicaSyncRequest *req
289 typedef [public] struct {
290 hyper tmp_highest_usn; /* updated after each object update */
292 hyper highest_usn; /* updated after a full replication cycle */
293 } drsuapi_DsReplicaHighWaterMark;
295 typedef [public] struct {
296 GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
297 hyper highest_usn; /* updated after a full replication cycle */
298 } drsuapi_DsReplicaCursor;
301 [value(1)] uint32 version;
302 [value(0)] uint32 reserved1;
303 [range(0,0x100000)] uint32 count;
304 [value(0)] uint32 reserved2;
305 [size_is(count)] drsuapi_DsReplicaCursor cursors[];
306 } drsuapi_DsReplicaCursorCtrEx;
308 typedef [flag(NDR_PAHEX),v1_enum] enum {
309 DRSUAPI_EXOP_NONE = 0x00000000,
310 DRSUAPI_EXOP_FSMO_REQ_ROLE = 0x00000001,
311 DRSUAPI_EXOP_FSMO_RID_ALLOC = 0x00000002,
312 DRSUAPI_EXOP_FSMO_RID_REQ_ROLE = 0x00000003,
313 DRSUAPI_EXOP_FSMO_REQ_PDC = 0x00000004,
314 DRSUAPI_EXOP_FSMO_ABANDON_ROLE = 0x00000005,
315 DRSUAPI_EXOP_REPL_OBJ = 0x00000006,
316 DRSUAPI_EXOP_REPL_SECRET = 0x00000007
317 } drsuapi_DsExtendedOperation;
319 typedef [flag(NDR_PAHEX),v1_enum] enum {
320 DRSUAPI_EXOP_ERR_NONE = 0x00000000,
321 DRSUAPI_EXOP_ERR_SUCCESS = 0x00000001,
322 DRSUAPI_EXOP_ERR_UNKNOWN_OP = 0x00000002,
323 DRSUAPI_EXOP_ERR_FSMO_NOT_OWNER = 0x00000003,
324 DRSUAPI_EXOP_ERR_UPDATE_ERR = 0x00000004,
325 DRSUAPI_EXOP_ERR_EXCEPTION = 0x00000005,
326 DRSUAPI_EXOP_ERR_UNKNOWN_CALLER = 0x00000006,
327 DRSUAPI_EXOP_ERR_RID_ALLOC = 0x00000007,
328 DRSUAPI_EXOP_ERR_FSMO_OWNER_DELETED = 0x00000008,
329 DRSUAPI_EXOP_ERR_FMSO_PENDING_OP = 0x00000009,
330 DRSUAPI_EXOP_ERR_MISMATCH = 0x0000000A,
331 DRSUAPI_EXOP_ERR_COULDNT_CONTACT = 0x0000000B,
332 DRSUAPI_EXOP_ERR_FSMO_REFUSING_ROLES = 0x0000000C,
333 DRSUAPI_EXOP_ERR_DIR_ERROR = 0x0000000D,
334 DRSUAPI_EXOP_ERR_FSMO_MISSING_SETTINGS = 0x0000000E,
335 DRSUAPI_EXOP_ERR_ACCESS_DENIED = 0x0000000F,
336 DRSUAPI_EXOP_ERR_PARAM_ERROR = 0x00000010
337 } drsuapi_DsExtendedError;
340 GUID destination_dsa_guid;
341 GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
342 [ref] drsuapi_DsReplicaObjectIdentifier *naming_context;
343 drsuapi_DsReplicaHighWaterMark highwatermark;
344 drsuapi_DsReplicaCursorCtrEx *uptodateness_vector;
345 drsuapi_DrsOptions replica_flags;
346 uint32 max_object_count; /* w2k3 uses min(133,max(100,max_object_count)) */
347 uint32 max_ndr_size; /* w2k3 seems to ignore this */
348 drsuapi_DsExtendedOperation extended_op;
350 } drsuapi_DsGetNCChangesRequest5;
353 * In DRSUAPI all attributes with syntax 2.5.5.2
354 * are identified by uint32 values
356 * the following table shows the mapping used between the two representations
357 * e.g. - objectClass 'nTDSDSA' has governsID: 1.2.840.113556.1.5.7000.47
358 * and a UINT32-ID of '0x0017002F'.
359 * - so the OID 1.2.840.113556.1.5.7000.47 is splitted into a
360 * OID-prefix: 1.2.840.113556.1.5.7000
361 * and a value: 47 => 0x2F
362 * - the mapping table gives a UINT32-prefix: 0x00170000
363 * - and the UINT32-ID is 0x0017002F = 0x00170000 | 0x2F
365 * This prefix mapping table is replied in the drsuapi_DsReplicaOIDMapping_Ctr
366 * array. The following are the default mappings of w2k3
368 * OID-prefix => UINT32-Id prefix
370 * 2.5.4.* => 0x00000000 (standard attributes RFC2256 core.schema)
371 * 2.5.6.* => 0x00010000 (standard object classes RFC2256 core.schema)
372 * 1.2.840.113556.1.2.* => 0x00020000
373 * 1.2.840.113556.1.3.* => 0x00030000
374 * 2.5.5.* => 0x00080000 (attributeSyntax OID's)
375 * 1.2.840.113556.1.4.* => 0x00090000
376 * 1.2.840.113556.1.5.* => 0x000A0000
377 * 2.16.840.1.113730.3.* => 0x00140000
378 * 0.9.2342.19200300.100.1.* => 0x00150000
379 * 2.16.840.1.113730.3.1.* => 0x00160000
380 * 1.2.840.113556.1.5.7000.* => 0x00170000
381 * 2.5.21.* => 0x00180000 (attrs for SubSchema)
382 * 2.5.18.* => 0x00190000 (createTimeStamp,modifyTimeStamp, SubSchema)
383 * 2.5.20.* => 0x001A0000
384 * 1.3.6.1.4.1.1466.101.119.* => 0x001B0000 (dynamicObject, entryTTL)
385 * 2.16.840.1.113730.3.2.* => 0x001C0000
386 * 1.3.6.1.4.1.250.1.* => 0x001D0000
387 * 1.2.840.113549.1.9.* => 0x001E0000 (unstructuredAddress,unstructuredName)
388 * 0.9.2342.19200300.100.4.* => 0x001F0000
390 * Here's a list of used 'attributeSyntax' OID's
392 * 2.5.5.1 => Object(DS-DN) string
393 * struct drsuapi_DsObjectIdentifier3
395 * 2.5.5.2 => OID-string
396 * => all values are represented as uint32 values in drsuapi
397 * => governsID, attributeID and attributeSyntax returned as OID-Strings in LDAP
398 * => mayContain, mustContain and all other attributes with 2.5.5.2 syntax
399 * are returned as attribute names
401 * 2.5.5.4 => String(Teletex) case-insensitive string with teletex charset
403 * 2.5.5.5 => String(IA5) case-sensitive string
405 * 2.5.5.6 => String(Numeric)
406 * => eg. internationalISDNNumber
408 * 2.5.5.7 => Object(DN-Binary) B:<byte count>:<bytes>:<object DN>
409 * => e.g. wellKnownObjects
415 * 2.5.5.10 => DATA_BLOB
418 * 2.5.5.11 => LDAP timestring
421 * 2.5.5.12 => String(Unicode) case-insensitive string
422 * => 'standard strings'
424 * 2.5.5.13 => Object(Presentation-Address) string
425 * => used in objectClass applicationEntity
427 * 2.5.5.14 => Object(DN-String) S:<char count>:<string>:<object DN>
430 * 2.5.5.15 => ntSecurityDescriptor
434 * 2.5.5.17 => dom_sid
436 typedef [noprint] struct {
437 [range(0,10000)] uint32 length;
438 [size_is(length)] uint8 *binary_oid; /* partial-binary-OID encoded with asn1_write_partial_OID_String() */
439 } drsuapi_DsReplicaOID;
443 drsuapi_DsReplicaOID oid;
444 } drsuapi_DsReplicaOIDMapping;
446 typedef [public] struct {
447 [range(0,0x100000)] uint32 num_mappings;
448 [size_is(num_mappings)] drsuapi_DsReplicaOIDMapping *mappings;
449 } drsuapi_DsReplicaOIDMapping_Ctr;
451 typedef [flag(NDR_PAHEX),v1_enum] enum {
452 DRSUAPI_OBJECTCLASS_top = 0x00010000,
453 DRSUAPI_OBJECTCLASS_classSchema = 0x0003000d,
454 DRSUAPI_OBJECTCLASS_attributeSchema = 0x0003000e
455 } drsuapi_DsObjectClassId;
457 typedef [flag(NDR_PAHEX),v1_enum,public] enum {
458 DRSUAPI_ATTID_objectClass = 0x00000000,
459 DRSUAPI_ATTID_cn = 0x00000003,
460 DRSUAPI_ATTID_ou = 0x0000000b,
461 DRSUAPI_ATTID_description = 0x0000000d,
462 DRSUAPI_ATTID_member = 0x0000001f,
463 DRSUAPI_ATTID_distinguishedName = 0x00000031,
464 DRSUAPI_ATTID_instanceType = 0x00020001,
465 DRSUAPI_ATTID_whenCreated = 0x00020002,
466 DRSUAPI_ATTID_possSuperiors = 0x00020008,
467 DRSUAPI_ATTID_displayName = 0x0002000d,
468 DRSUAPI_ATTID_hasMasterNCs = 0x0002000e,
469 DRSUAPI_ATTID_nCName = 0x00020010,
470 DRSUAPI_ATTID_subClassOf = 0x00020015,
471 DRSUAPI_ATTID_governsID = 0x00020016,
472 DRSUAPI_ATTID_mustContain = 0x00020018,
473 DRSUAPI_ATTID_mayContain = 0x00020019,
474 DRSUAPI_ATTID_rDNAttId = 0x0002001A,
475 DRSUAPI_ATTID_attributeID = 0x0002001e,
476 DRSUAPI_ATTID_attributeSyntax = 0x00020020,
477 DRSUAPI_ATTID_isSingleValued = 0x00020021,
478 DRSUAPI_ATTID_rangeLower = 0x00020022,
479 DRSUAPI_ATTID_rangeUpper = 0x00020023,
480 DRSUAPI_ATTID_dMDLocation = 0x00020024,
481 DRSUAPI_ATTID_isDeleted = 0x00020030,
482 DRSUAPI_ATTID_objectVersion = 0x0002004c,
483 DRSUAPI_ATTID_invocationId = 0x00020073,
484 DRSUAPI_ATTID_showInAdvancedViewOnly = 0x000200a9,
485 DRSUAPI_ATTID_adminDisplayName = 0x000200c2,
486 DRSUAPI_ATTID_adminDescription = 0x000200e2,
487 DRSUAPI_ATTID_oMSyntax = 0x000200e7,
488 DRSUAPI_ATTID_ntSecurityDescriptor = 0x00020119,
489 DRSUAPI_ATTID_searchFlags = 0x0002014e,
490 DRSUAPI_ATTID_auxiliaryClass = 0x0002015f,
491 DRSUAPI_ATTID_lDAPDisplayName = 0x000201cc,
492 DRSUAPI_ATTID_name = 0x00090001,
493 DRSUAPI_ATTID_objectGUID = 0x00090002,
494 DRSUAPI_ATTID_replPropertyMetaData = 0x00090003,
495 DRSUAPI_ATTID_userAccountControl = 0x00090008,
496 DRSUAPI_ATTID_badPwdCount = 0x0009000c,
497 DRSUAPI_ATTID_codePage = 0x00090010,
498 DRSUAPI_ATTID_countryCode = 0x00090019,
499 DRSUAPI_ATTID_currentValue = 0x0009001b,
500 DRSUAPI_ATTID_homeDirectory = 0x0009002c,
501 DRSUAPI_ATTID_homeDrive = 0x0009002d,
502 DRSUAPI_ATTID_lastLogoff = 0x00090033,
503 DRSUAPI_ATTID_lastLogon = 0x00090034,
504 DRSUAPI_ATTID_dBCSPwd = 0x00090037,/* lmPwdHash */
505 DRSUAPI_ATTID_scriptPath = 0x0009003e,
506 DRSUAPI_ATTID_logonHours = 0x00090040,
507 DRSUAPI_ATTID_userWorkstations = 0x00090056,
508 DRSUAPI_ATTID_unicodePwd = 0x0009005a,/* ntPwdHash */
509 DRSUAPI_ATTID_ntPwdHistory = 0x0009005e,
510 DRSUAPI_ATTID_pwdLastSet = 0x00090060,
511 DRSUAPI_ATTID_primaryGroupID = 0x00090062,
512 DRSUAPI_ATTID_priorValue = 0x00090064,
513 DRSUAPI_ATTID_supplementalCredentials = 0x0009007d,
514 DRSUAPI_ATTID_trustAuthIncoming = 0x00090081,
515 DRSUAPI_ATTID_trustAuthOutgoing = 0x00090087,
516 DRSUAPI_ATTID_userParameters = 0x0009008a,
517 DRSUAPI_ATTID_profilePath = 0x0009008b,
518 DRSUAPI_ATTID_operatorCount = 0x00090090,
519 DRSUAPI_ATTID_objectSid = 0x00090092,
520 DRSUAPI_ATTID_schemaIDGUID = 0x00090094,
521 DRSUAPI_ATTID_adminCount = 0x00090096,
522 DRSUAPI_ATTID_comment = 0x0009009C,/* User-Comment */
523 DRSUAPI_ATTID_accountExpires = 0x0009009f,
524 DRSUAPI_ATTID_lmPwdHistory = 0x000900a0,
525 DRSUAPI_ATTID_logonCount = 0x000900a9,
526 DRSUAPI_ATTID_systemPossSuperiors = 0x000900c3,
527 DRSUAPI_ATTID_systemMayContain = 0x000900c4,
528 DRSUAPI_ATTID_systemMustContain = 0x000900c5,
529 DRSUAPI_ATTID_systemAuxiliaryClass = 0x000900c6,
530 DRSUAPI_ATTID_sAMAccountName = 0x000900dd,
531 DRSUAPI_ATTID_sAMAccountType = 0x0009012e,
532 DRSUAPI_ATTID_options = 0x00090133,
533 DRSUAPI_ATTID_fSMORoleOwner = 0x00090171,
534 DRSUAPI_ATTID_systemFlags = 0x00090177,
535 DRSUAPI_ATTID_serverReference = 0x00090203,
536 DRSUAPI_ATTID_serverReferenceBL = 0x00090204,
537 DRSUAPI_ATTID_nonSecurityMember = 0x00090212,
538 DRSUAPI_ATTID_initialAuthIncoming = 0x0009021b,
539 DRSUAPI_ATTID_initialAuthOutgoing = 0x0009021c,
540 DRSUAPI_ATTID_wellKnownObjects = 0x0009026a,
541 DRSUAPI_ATTID_dNSHostName = 0x0009026b,
542 DRSUAPI_ATTID_isMemberOfPartialAttributeSet = 0x0009027f,
543 DRSUAPI_ATTID_managedBy = 0x0009028d,
544 DRSUAPI_ATTID_userPrincipalName = 0x00090290,
545 DRSUAPI_ATTID_groupType = 0x000902ee,
546 DRSUAPI_ATTID_servicePrincipalName = 0x00090303,
547 DRSUAPI_ATTID_lastKnownParent = 0x0009030d,
548 DRSUAPI_ATTID_objectCategory = 0x0009030e,
549 DRSUAPI_ATTID_gPLink = 0x0009037b,
550 DRSUAPI_ATTID_transportAddressAttribute = 0x0009037f,
551 DRSUAPI_ATTID_schemaInfo = 0x0009054e,
552 DRSUAPI_ATTID_msDS_Behavior_Version = 0x000905b3,
553 DRSUAPI_ATTID_msDS_KeyVersionNumber = 0x000906f6,
554 DRSUAPI_ATTID_msDS_NonMembers = 0x00090701,
555 DRSUAPI_ATTID_msDS_MembersForAzRole = 0x0009070e,
556 DRSUAPI_ATTID_msDS_HasDomainNCs = 0x0009071c,
557 DRSUAPI_ATTID_msDS_hasMasterNCs = 0x0009072c,
558 DRSUAPI_ATTID_msDS_NeverRevealGroup = 0x00090786,
559 DRSUAPI_ATTID_msDS_RevealOnDemandGroup = 0x00090788,
560 DRSUAPI_ATTID_msDS_HostServiceAccount = 0x00090808,
561 DRSUAPI_ATTID_isRecycled = 0x0009080a,
563 DRSUAPI_ATTID_INVALID = 0xFFFFFFFF
564 } drsuapi_DsAttributeId;
567 [value(1)] uint32 version;
568 [value(0)] uint32 reserved1;
569 [range(1,0x100000)] uint32 num_attids;
570 [size_is(num_attids)] drsuapi_DsAttributeId attids[];
571 } drsuapi_DsPartialAttributeSet;
573 typedef [public] struct {
574 GUID destination_dsa_guid;
575 GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
576 [ref] drsuapi_DsReplicaObjectIdentifier *naming_context;
577 drsuapi_DsReplicaHighWaterMark highwatermark;
578 drsuapi_DsReplicaCursorCtrEx *uptodateness_vector;
579 drsuapi_DrsOptions replica_flags;
580 uint32 max_object_count; /* w2k3 uses min(133,max(100,max_object_count)) */
581 uint32 max_ndr_size; /* w2k3 seems to ignore this */
582 drsuapi_DsExtendedOperation extended_op;
584 drsuapi_DsPartialAttributeSet *partial_attribute_set;
585 drsuapi_DsPartialAttributeSet *partial_attribute_set_ex;
586 drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr;
587 } drsuapi_DsGetNCChangesRequest8;
589 typedef [public] struct {
590 GUID destination_dsa_guid;
591 GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
592 [ref] drsuapi_DsReplicaObjectIdentifier *naming_context;
593 drsuapi_DsReplicaHighWaterMark highwatermark;
594 drsuapi_DsReplicaCursorCtrEx *uptodateness_vector;
595 drsuapi_DrsOptions replica_flags;
596 uint32 max_object_count; /* w2k3 uses min(133,max(100,max_object_count)) */
597 uint32 max_ndr_size; /* w2k3 seems to ignore this */
598 drsuapi_DsExtendedOperation extended_op;
600 drsuapi_DsPartialAttributeSet *partial_attribute_set;
601 drsuapi_DsPartialAttributeSet *partial_attribute_set_ex;
602 drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr;
603 drsuapi_DrsMoreOptions more_flags;
604 } drsuapi_DsGetNCChangesRequest10;
606 typedef [switch_type(uint32)] union {
607 [case(5)] drsuapi_DsGetNCChangesRequest5 req5;
608 [case(8)] drsuapi_DsGetNCChangesRequest8 req8;
609 [case(10)] drsuapi_DsGetNCChangesRequest10 req10;
610 } drsuapi_DsGetNCChangesRequest;
612 typedef [public] struct {
613 GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
614 hyper highest_usn; /* updated after a full replication cycle */
615 NTTIME last_sync_success;
616 } drsuapi_DsReplicaCursor2;
619 [value(2)] uint32 version;
620 [value(0)] uint32 reserved1;
621 [range(0,0x100000)] uint32 count;
622 [value(0)] uint32 reserved2;
623 [size_is(count)] drsuapi_DsReplicaCursor2 cursors[];
624 } drsuapi_DsReplicaCursor2CtrEx;
626 /* Generic DATA_BLOB values */
628 [range(0,26214400),value(ndr_size_DATA_BLOB(0,blob,0))] uint32 __ndr_size;
630 } drsuapi_DsAttributeValue;
633 [range(0,10485760)] uint32 num_values;
634 [size_is(num_values)] drsuapi_DsAttributeValue *values;
635 } drsuapi_DsAttributeValueCtr;
637 /* DN String values */
638 typedef [public,gensize] struct {
639 [value(ndr_size_drsuapi_DsReplicaObjectIdentifier3(r, ndr->flags))] uint32 __ndr_size;
640 [value(ndr_size_dom_sid28(&sid,ndr->flags))] uint32 __ndr_size_sid;
643 [value(strlen_m(dn))] uint32 __ndr_size_dn;
644 [charset(UTF16)] uint16 dn[__ndr_size_dn+1];
645 } drsuapi_DsReplicaObjectIdentifier3;
647 typedef [public] struct {
648 [value(ndr_size_drsuapi_DsReplicaObjectIdentifier3Binary_without_Binary(r, ndr->flags))] uint32 __ndr_size;
649 [value(ndr_size_dom_sid28(&sid,ndr->flags))] uint32 __ndr_size_sid;
652 [value(strlen_m(dn))] uint32 __ndr_size_dn;
653 [charset(UTF16)] uint16 dn[__ndr_size_dn+1];
654 [value(binary.length + 4)] uint32 __ndr_size_binary;
655 [flag(NDR_REMAINING)] DATA_BLOB binary;
656 } drsuapi_DsReplicaObjectIdentifier3Binary;
658 typedef [public,noprint] struct {
659 drsuapi_DsAttributeId attid;
660 drsuapi_DsAttributeValueCtr value_ctr;
661 } drsuapi_DsReplicaAttribute;
664 [range(0,1048576)] uint32 num_attributes;
665 [size_is(num_attributes)] drsuapi_DsReplicaAttribute *attributes;
666 } drsuapi_DsReplicaAttributeCtr;
668 typedef [public] bitmap {
669 DRSUAPI_DS_REPLICA_OBJECT_FROM_MASTER = 0x00000001,
670 DRSUAPI_DS_REPLICA_OBJECT_DYNAMIC = 0x00000002,
671 DRSUAPI_DS_REPLICA_OBJECT_REMOTE_MODIFY = 0x00010000
672 } drsuapi_DsReplicaObjectFlags;
674 typedef [public] struct {
675 drsuapi_DsReplicaObjectIdentifier *identifier;
676 drsuapi_DsReplicaObjectFlags flags;
677 drsuapi_DsReplicaAttributeCtr attribute_ctr;
678 } drsuapi_DsReplicaObject;
682 NTTIME_1sec originating_change_time;
683 GUID originating_invocation_id;
684 hyper originating_usn;
685 } drsuapi_DsReplicaMetaData;
687 typedef [public] struct {
688 [range(0,1048576)] uint32 count;
689 [size_is(count)] drsuapi_DsReplicaMetaData meta_data[];
690 } drsuapi_DsReplicaMetaDataCtr;
692 typedef [public,noprint] struct {
693 drsuapi_DsReplicaObjectListItemEx *next_object;
694 drsuapi_DsReplicaObject object;
695 boolean32 is_nc_prefix;
696 GUID *parent_object_guid;
697 drsuapi_DsReplicaMetaDataCtr *meta_data_ctr;
698 } drsuapi_DsReplicaObjectListItemEx;
700 typedef [public,gensize] struct {
701 GUID source_dsa_guid; /* the 'objectGUID' field of the CN=NTDS Settings object */
702 GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
703 drsuapi_DsReplicaObjectIdentifier *naming_context;
704 drsuapi_DsReplicaHighWaterMark old_highwatermark;
705 drsuapi_DsReplicaHighWaterMark new_highwatermark;
706 drsuapi_DsReplicaCursorCtrEx *uptodateness_vector;
707 drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr;
708 drsuapi_DsExtendedError extended_ret; /* w2k sends the nc_object_count value here */
710 /* this +55 is sometimes +56, so I don't know where this comes from... --metze */
711 [value(ndr_size_drsuapi_DsGetNCChangesCtr1(r,ndr->flags)+55)] uint32 __ndr_size;
712 drsuapi_DsReplicaObjectListItemEx *first_object;
714 } drsuapi_DsGetNCChangesCtr1;
717 * if the DRSUAPI_DS_LINKED_ATTRIBUTE_FLAG_ACTIVE flag
718 * isn't there it means the value is deleted
720 typedef [public] bitmap {
721 DRSUAPI_DS_LINKED_ATTRIBUTE_FLAG_ACTIVE = 0x00000001
722 } drsuapi_DsLinkedAttributeFlags;
724 typedef [public] struct {
725 drsuapi_DsReplicaObjectIdentifier *identifier;
726 drsuapi_DsAttributeId attid;
727 drsuapi_DsAttributeValue value;
728 drsuapi_DsLinkedAttributeFlags flags;
729 NTTIME_1sec originating_add_time;
730 drsuapi_DsReplicaMetaData meta_data;
731 } drsuapi_DsReplicaLinkedAttribute;
733 /* [MS-DRSR] section 4.1.10.2.11 DRS_MSG_GETCHGREPLY_V6 */
734 typedef [public,gensize] struct {
735 GUID source_dsa_guid; /* the 'objectGUID' field of the CN=NTDS Settings object */
736 GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
737 drsuapi_DsReplicaObjectIdentifier *naming_context;
738 drsuapi_DsReplicaHighWaterMark old_highwatermark;
739 drsuapi_DsReplicaHighWaterMark new_highwatermark;
740 drsuapi_DsReplicaCursor2CtrEx *uptodateness_vector;
741 drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr;
742 drsuapi_DsExtendedError extended_ret;
744 /* this +55 is sometimes +56, so I don't know where this comes from... --metze */
745 [value(ndr_size_drsuapi_DsGetNCChangesCtr6(r,ndr->flags)+55)] uint32 __ndr_size;
746 drsuapi_DsReplicaObjectListItemEx *first_object;
748 uint32 nc_object_count; /* estimated amount of objects in the whole NC */
749 uint32 nc_linked_attributes_count; /* estimated amount of linked values in the whole NC */
750 [range(0,1048576)] uint32 linked_attributes_count;
751 [size_is(linked_attributes_count)] drsuapi_DsReplicaLinkedAttribute *linked_attributes;
753 } drsuapi_DsGetNCChangesCtr6;
755 typedef [public] struct {
756 [subcontext(0xFFFFFC01)] drsuapi_DsGetNCChangesCtr1 ctr1;
757 } drsuapi_DsGetNCChangesCtr1TS;
759 typedef [public] struct {
760 [subcontext(0xFFFFFC01)] drsuapi_DsGetNCChangesCtr6 ctr6;
761 } drsuapi_DsGetNCChangesCtr6TS;
763 typedef [nopush] struct {
764 uint32 decompressed_length;
765 uint32 compressed_length;
766 [subcontext(4),subcontext_size(compressed_length),
767 compression(NDR_COMPRESSION_MSZIP,compressed_length,decompressed_length)]
768 drsuapi_DsGetNCChangesCtr1TS *ts;
769 } drsuapi_DsGetNCChangesMSZIPCtr1;
771 typedef [nopush] struct {
772 uint32 decompressed_length;
773 uint32 compressed_length;
774 [subcontext(4),subcontext_size(compressed_length),
775 compression(NDR_COMPRESSION_MSZIP,compressed_length,decompressed_length)]
776 drsuapi_DsGetNCChangesCtr6TS *ts;
777 } drsuapi_DsGetNCChangesMSZIPCtr6;
779 typedef [nopush] struct {
780 uint32 decompressed_length;
781 uint32 compressed_length;
782 [subcontext(4),subcontext_size(compressed_length),
783 compression(NDR_COMPRESSION_XPRESS,compressed_length,decompressed_length)]
784 drsuapi_DsGetNCChangesCtr1TS *ts;
785 } drsuapi_DsGetNCChangesXPRESSCtr1;
787 typedef [nopush] struct {
788 uint32 decompressed_length;
789 uint32 compressed_length;
790 [subcontext(4),subcontext_size(compressed_length),
791 compression(NDR_COMPRESSION_XPRESS,compressed_length,decompressed_length)]
792 drsuapi_DsGetNCChangesCtr6TS *ts;
793 } drsuapi_DsGetNCChangesXPRESSCtr6;
795 typedef [enum16bit] enum {
796 DRSUAPI_COMPRESSION_TYPE_MSZIP = 2,
797 DRSUAPI_COMPRESSION_TYPE_XPRESS = 3
798 } drsuapi_DsGetNCChangesCompressionType;
800 typedef [nodiscriminant,flag(NDR_PAHEX)] union {
801 [case(1|(DRSUAPI_COMPRESSION_TYPE_MSZIP<<16))] drsuapi_DsGetNCChangesMSZIPCtr1 mszip1;
802 [case(6|(DRSUAPI_COMPRESSION_TYPE_MSZIP<<16))] drsuapi_DsGetNCChangesMSZIPCtr6 mszip6;
803 [case(1|(DRSUAPI_COMPRESSION_TYPE_XPRESS<<16))] drsuapi_DsGetNCChangesXPRESSCtr1 xpress1;
804 [case(6|(DRSUAPI_COMPRESSION_TYPE_XPRESS<<16))] drsuapi_DsGetNCChangesXPRESSCtr6 xpress6;
805 } drsuapi_DsGetNCChangesCompressedCtr;
808 drsuapi_DsGetNCChangesMSZIPCtr1 mszip1;
809 } drsuapi_DsGetNCChangesCtr2;
812 [range(0,6)] uint32 level;
813 [range(2,3)] drsuapi_DsGetNCChangesCompressionType type;
814 [switch_is(level | (type<<16))] drsuapi_DsGetNCChangesCompressedCtr ctr;
815 } drsuapi_DsGetNCChangesCtr7;
817 typedef [switch_type(uint32)] union {
818 [case(1)] drsuapi_DsGetNCChangesCtr1 ctr1;
819 [case(2)] drsuapi_DsGetNCChangesCtr2 ctr2;
820 [case(6)] drsuapi_DsGetNCChangesCtr6 ctr6;
821 [case(7)] drsuapi_DsGetNCChangesCtr7 ctr7;
822 } drsuapi_DsGetNCChangesCtr;
824 WERROR drsuapi_DsGetNCChanges(
825 [in] policy_handle *bind_handle,
827 [in,ref,switch_is(level)] drsuapi_DsGetNCChangesRequest *req,
828 [out,ref] uint32 *level_out,
829 [out,ref,switch_is(*level_out)] drsuapi_DsGetNCChangesCtr *ctr
834 /* [MS-DRSR] 4.1.26 */
837 [ref] drsuapi_DsReplicaObjectIdentifier *naming_context;
838 [ref,charset(DOS),string] uint8 *dest_dsa_dns_name;
840 drsuapi_DrsOptions options;
841 } drsuapi_DsReplicaUpdateRefsRequest1;
843 typedef [switch_type(uint32)] union {
844 [case(1)] drsuapi_DsReplicaUpdateRefsRequest1 req1;
845 } drsuapi_DsReplicaUpdateRefsRequest;
847 WERROR drsuapi_DsReplicaUpdateRefs(
848 [in] policy_handle *bind_handle,
850 [in,switch_is(level)] drsuapi_DsReplicaUpdateRefsRequest req
857 [ref] drsuapi_DsReplicaObjectIdentifier *naming_context;
858 [charset(UTF16),string] uint16 *source_dsa_address;
860 drsuapi_DrsOptions options;
861 } drsuapi_DsReplicaAddRequest1;
864 [ref] drsuapi_DsReplicaObjectIdentifier *naming_context;
865 drsuapi_DsReplicaObjectIdentifier *source_dsa_dn;
866 drsuapi_DsReplicaObjectIdentifier *transport_dn;
867 [charset(UTF16),string] uint16 *source_dsa_address;
869 drsuapi_DrsOptions options;
870 } drsuapi_DsReplicaAddRequest2;
872 typedef [switch_type(uint32)] union {
873 [case(1)] drsuapi_DsReplicaAddRequest1 req1;
874 [case(2)] drsuapi_DsReplicaAddRequest2 req2;
875 } drsuapi_DsReplicaAddRequest;
877 WERROR drsuapi_DsReplicaAdd(
878 [in] policy_handle *bind_handle,
880 [in,switch_is(level)] drsuapi_DsReplicaAddRequest req
887 [ref] drsuapi_DsReplicaObjectIdentifier *naming_context;
888 [charset(UTF8), string] uint8 *source_dsa_address;
889 drsuapi_DrsOptions options;
890 } drsuapi_DsReplicaDelRequest1;
892 typedef [switch_type(uint32)] union {
893 [case(1)] drsuapi_DsReplicaDelRequest1 req1;
894 } drsuapi_DsReplicaDelRequest;
896 WERROR drsuapi_DsReplicaDel(
897 [in] policy_handle *bind_handle,
899 [in,switch_is(level)] drsuapi_DsReplicaDelRequest req
906 [ref] drsuapi_DsReplicaObjectIdentifier *naming_context;
908 [charset(UTF16),string] uint16 *source_dra_address;
910 drsuapi_DrsOptions replica_flags;
911 uint32 modify_fields;
912 drsuapi_DrsOptions options;
913 } drsuapi_DsReplicaModRequest1;
915 typedef [switch_type(uint32)] union {
916 [case(1)] drsuapi_DsReplicaModRequest1 req1;
917 } drsuapi_DsReplicaModRequest;
919 WERROR drsuapi_DsReplicaMod(
920 [in] policy_handle *bind_handle,
922 [in,switch_is(level)] drsuapi_DsReplicaModRequest req
927 [todo] WERROR DRSUAPI_VERIFY_NAMES();
932 /* how are type 4 and 7 different from 2 and 3 ? */
933 typedef [v1_enum] enum {
934 DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_AND_DOMAIN_GROUPS = 1,
935 DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS = 2,
936 DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS = 3,
937 DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS2 = 4,
938 DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_GROUPS = 5,
939 DRSUAPI_DS_MEMBERSHIP_TYPE_GROUPMEMBERS = 6,
940 DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS2 = 7
941 } drsuapi_DsMembershipType;
945 [range(0,10000)] uint32 num_memberships;
946 [range(0,10000)] uint32 num_sids;
947 [size_is(num_memberships)] drsuapi_DsReplicaObjectIdentifier **info_array;
948 [size_is(num_memberships)] security_GroupAttrs *group_attrs;
949 [size_is(num_sids)] dom_sid28 **sids;
950 } drsuapi_DsGetMembershipsCtr1;
952 typedef [switch_type(uint32)] union {
953 [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1;
954 } drsuapi_DsGetMembershipsCtr;
956 const int DRSUAPI_DS_MEMBERSHIP_FLAG_GROUP_ATTR = 0x1;
959 [range(1,10000)] uint32 count;
960 [size_is(count)] drsuapi_DsReplicaObjectIdentifier **info_array;
962 [range(1,7)] drsuapi_DsMembershipType type;
963 drsuapi_DsReplicaObjectIdentifier *domain;
964 } drsuapi_DsGetMembershipsRequest1;
966 typedef [switch_type(uint32)] union {
967 [case(1)] drsuapi_DsGetMembershipsRequest1 req1;
968 } drsuapi_DsGetMembershipsRequest;
970 WERROR drsuapi_DsGetMemberships(
971 [in] policy_handle *bind_handle,
973 [in,ref] [switch_is(level)] drsuapi_DsGetMembershipsRequest *req,
974 [out,ref] uint32 *level_out,
975 [out,ref] [switch_is(*level_out)] drsuapi_DsGetMembershipsCtr *ctr
980 [todo] WERROR DRSUAPI_INTER_DOMAIN_MOVE();
984 typedef [bitmap32bit] bitmap {
985 DRSUAPI_NT4_CHANGELOG_GET_CHANGELOG = 0x00000001,
986 DRSUAPI_NT4_CHANGELOG_GET_SERIAL_NUMBERS = 0x00000002
987 } drsuapi_DsGetNT4ChangeLogFlags;
990 drsuapi_DsGetNT4ChangeLogFlags flags;
991 uint32 preferred_maximum_length;
992 [range(0,0x00A00000)] uint32 restart_length;
993 [size_is(restart_length)] uint8 *restart_data;
994 } drsuapi_DsGetNT4ChangeLogRequest1;
996 typedef [switch_type(uint32)] union {
997 [case(1)] drsuapi_DsGetNT4ChangeLogRequest1 req1;
998 } drsuapi_DsGetNT4ChangeLogRequest;
1001 [range(0,0x00A00000)] uint32 restart_length;
1002 [range(0,0x00A00000)] uint32 log_length;
1003 hyper sam_serial_number;
1004 NTTIME sam_creation_time;
1005 hyper builtin_serial_number;
1006 NTTIME builtin_creation_time;
1007 hyper lsa_serial_number;
1008 NTTIME lsa_creation_time;
1010 [size_is(restart_length)] uint8 *restart_data;
1011 [size_is(log_length)] uint8 *log_data;
1012 } drsuapi_DsGetNT4ChangeLogInfo1;
1014 typedef [switch_type(uint32)] union {
1015 [case(1)] drsuapi_DsGetNT4ChangeLogInfo1 info1;
1016 } drsuapi_DsGetNT4ChangeLogInfo;
1018 WERROR drsuapi_DsGetNT4ChangeLog(
1019 [in] policy_handle *bind_handle,
1021 [in,ref] [switch_is(level)] drsuapi_DsGetNT4ChangeLogRequest *req,
1022 [out,ref] uint32 *level_out,
1023 [out,ref] [switch_is(*level_out)] drsuapi_DsGetNT4ChangeLogInfo *info
1028 typedef [v1_enum] enum {
1029 DRSUAPI_DS_NAME_STATUS_OK = 0,
1030 DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR = 1,
1031 DRSUAPI_DS_NAME_STATUS_NOT_FOUND = 2,
1032 DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE = 3,
1033 DRSUAPI_DS_NAME_STATUS_NO_MAPPING = 4,
1034 DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY = 5,
1035 DRSUAPI_DS_NAME_STATUS_NO_SYNTACTICAL_MAPPING = 6,
1036 DRSUAPI_DS_NAME_STATUS_TRUST_REFERRAL = 7
1037 } drsuapi_DsNameStatus;
1039 typedef [v1_enum] enum {
1040 DRSUAPI_DS_NAME_FLAG_NO_FLAGS = 0x0,
1041 DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY = 0x1,
1042 DRSUAPI_DS_NAME_FLAG_EVAL_AT_DC = 0x2,
1043 DRSUAPI_DS_NAME_FLAG_GCVERIFY = 0x4,
1044 DRSUAPI_DS_NAME_FLAG_TRUST_REFERRAL = 0x8
1045 } drsuapi_DsNameFlags;
1047 typedef [v1_enum] enum {
1048 DRSUAPI_DS_NAME_FORMAT_UNKNOWN = 0x00000000,
1049 DRSUAPI_DS_NAME_FORMAT_FQDN_1779 = 0x00000001,
1050 DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT = 0x00000002,
1051 DRSUAPI_DS_NAME_FORMAT_DISPLAY = 0x00000003,
1052 DRSUAPI_DS_NAME_FORMAT_GUID = 0x00000006,
1053 DRSUAPI_DS_NAME_FORMAT_CANONICAL = 0x00000007,
1054 DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL = 0x00000008,
1055 DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX = 0x00000009,
1056 DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL = 0x0000000A,
1057 DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY = 0x0000000B,
1058 DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN = 0x0000000C,
1059 DRSUAPI_DS_NAME_FORMAT_UPN_AND_ALTSECID = 0xFFFFFFEF,
1060 DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT_NAME_SANS_DOMAIN_EX = 0xFFFFFFF0,
1061 DRSUAPI_DS_NAME_FORMAT_LIST_GLOBAL_CATALOG_SERVERS = 0xFFFFFFF1,
1062 DRSUAPI_DS_NAME_FORMAT_UPN_FOR_LOGON = 0xFFFFFFF2,
1063 DRSUAPI_DS_NAME_FORMAT_LIST_SERVERS_WITH_DCS_IN_SITE = 0xFFFFFFF3,
1064 DRSUAPI_DS_NAME_FORMAT_STRING_SID_NAME = 0xFFFFFFF4,
1065 DRSUAPI_DS_NAME_FORMAT_ALT_SECURITY_IDENTITIES_NAME = 0xFFFFFFF5,
1066 DRSUAPI_DS_NAME_FORMAT_LIST_NCS = 0xFFFFFFF6,
1067 DRSUAPI_DS_NAME_FORMAT_LIST_DOMAINS = 0xFFFFFFF7,
1068 DRSUAPI_DS_NAME_FORMAT_MAP_SCHEMA_GUID = 0xFFFFFFF8,
1069 DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT_NAME_SANS_DOMAIN = 0xFFFFFFF9,
1070 DRSUAPI_DS_NAME_FORMAT_LIST_ROLES = 0xFFFFFFFA,
1071 DRSUAPI_DS_NAME_FORMAT_LIST_INFO_FOR_SERVER = 0xFFFFFFFB,
1072 DRSUAPI_DS_NAME_FORMAT_LIST_SERVERS_FOR_DOMAIN_IN_SITE = 0xFFFFFFFC,
1073 DRSUAPI_DS_NAME_FORMAT_LIST_DOMAINS_IN_SITE = 0xFFFFFFFD,
1074 DRSUAPI_DS_NAME_FORMAT_LIST_SERVERS_IN_SITE = 0xFFFFFFFE,
1075 DRSUAPI_DS_NAME_FORMAT_LIST_SITES = 0xFFFFFFFF
1076 } drsuapi_DsNameFormat;
1079 [string,charset(UTF16)] uint16 *str;
1080 } drsuapi_DsNameString;
1083 uint32 codepage; /* 0x000004e4 - 1252 is german codepage*/
1084 uint32 language; /* 0x00000407 - german language ID*/
1085 drsuapi_DsNameFlags format_flags;
1086 drsuapi_DsNameFormat format_offered;
1087 drsuapi_DsNameFormat format_desired;
1088 [range(1,10000)] uint32 count;
1089 [size_is(count)] drsuapi_DsNameString *names;
1090 } drsuapi_DsNameRequest1;
1092 typedef [switch_type(uint32)] union {
1093 [case(1)] drsuapi_DsNameRequest1 req1;
1094 } drsuapi_DsNameRequest;
1097 drsuapi_DsNameStatus status;
1098 [charset(UTF16),string] uint16 *dns_domain_name;
1099 [charset(UTF16),string] uint16 *result_name;
1100 } drsuapi_DsNameInfo1;
1104 [size_is(count)] drsuapi_DsNameInfo1 *array;
1105 } drsuapi_DsNameCtr1;
1107 typedef [switch_type(uint32)] union {
1108 [case(1)] drsuapi_DsNameCtr1 *ctr1;
1109 } drsuapi_DsNameCtr;
1111 WERROR drsuapi_DsCrackNames(
1112 [in] policy_handle *bind_handle,
1114 [in,ref,switch_is(level)] drsuapi_DsNameRequest *req,
1115 [out,ref] uint32 *level_out,
1116 [out,ref,switch_is(*level_out)] drsuapi_DsNameCtr *ctr
1121 typedef [v1_enum] enum {
1122 DRSUAPI_DS_SPN_OPERATION_ADD = 0,
1123 DRSUAPI_DS_SPN_OPERATION_REPLACE= 1,
1124 DRSUAPI_DS_SPN_OPERATION_DELETE = 2
1125 } drsuapi_DsSpnOperation;
1128 drsuapi_DsSpnOperation operation;
1130 [charset(UTF16),string] uint16 *object_dn;
1131 [range(0,10000)] uint32 count;
1132 [size_is(count)] drsuapi_DsNameString *spn_names;
1133 } drsuapi_DsWriteAccountSpnRequest1;
1135 typedef [switch_type(uint32)] union {
1136 [case(1)] drsuapi_DsWriteAccountSpnRequest1 req1;
1137 } drsuapi_DsWriteAccountSpnRequest;
1141 } drsuapi_DsWriteAccountSpnResult1;
1143 typedef [switch_type(uint32)] union {
1144 [case(1)] drsuapi_DsWriteAccountSpnResult1 res1;
1145 } drsuapi_DsWriteAccountSpnResult;
1147 WERROR drsuapi_DsWriteAccountSpn(
1148 [in] policy_handle *bind_handle,
1150 [in,ref,switch_is(level)] drsuapi_DsWriteAccountSpnRequest *req,
1151 [out,ref] uint32 *level_out,
1152 [out,ref,switch_is(*level_out)] drsuapi_DsWriteAccountSpnResult *res
1158 [charset(UTF16),string] uint16 *server_dn;
1159 [charset(UTF16),string] uint16 *domain_dn;
1161 } drsuapi_DsRemoveDSServerRequest1;
1163 typedef [switch_type(uint32)] union {
1164 [case(1)] drsuapi_DsRemoveDSServerRequest1 req1;
1165 } drsuapi_DsRemoveDSServerRequest;
1168 boolean32 last_dc_in_domain;
1169 } drsuapi_DsRemoveDSServerResult1;
1171 typedef [switch_type(uint32)] union {
1172 [case(1)] drsuapi_DsRemoveDSServerResult1 res1;
1173 } drsuapi_DsRemoveDSServerResult;
1175 WERROR drsuapi_DsRemoveDSServer(
1176 [in] policy_handle *bind_handle,
1178 [in,ref,switch_is(level)] drsuapi_DsRemoveDSServerRequest *req,
1179 [out,ref] uint32 *level_out,
1180 [out,ref,switch_is(*level_out)] drsuapi_DsRemoveDSServerResult *res
1185 [todo] WERROR DRSUAPI_REMOVE_DS_DOMAIN();
1189 typedef [v1_enum] enum {
1190 DRSUAPI_DC_INFO_CTR_1 = 1,
1191 DRSUAPI_DC_INFO_CTR_2 = 2,
1192 DRSUAPI_DC_INFO_CTR_3 = 3,
1193 DRSUAPI_DC_CONNECTION_CTR_01 = 0xFFFFFFFF
1194 } drsuapi_DsGetDCInfoCtrLevels;
1197 [charset(UTF16),string] uint16 *domain_name; /* netbios or dns */
1198 drsuapi_DsGetDCInfoCtrLevels level; /* specifies the switch level for the request */
1199 } drsuapi_DsGetDCInfoRequest1;
1201 typedef [switch_type(uint32)] union {
1202 [case(1)] drsuapi_DsGetDCInfoRequest1 req1;
1203 } drsuapi_DsGetDCInfoRequest;
1206 [charset(UTF16),string] uint16 *netbios_name;
1207 [charset(UTF16),string] uint16 *dns_name;
1208 [charset(UTF16),string] uint16 *site_name;
1209 [charset(UTF16),string] uint16 *computer_dn;
1210 [charset(UTF16),string] uint16 *server_dn;
1213 } drsuapi_DsGetDCInfo1;
1216 [range(0,10000)] uint32 count;
1217 [size_is(count)] drsuapi_DsGetDCInfo1 *array;
1218 } drsuapi_DsGetDCInfoCtr1;
1221 [charset(UTF16),string] uint16 *netbios_name;
1222 [charset(UTF16),string] uint16 *dns_name;
1223 [charset(UTF16),string] uint16 *site_name;
1224 [charset(UTF16),string] uint16 *site_dn;
1225 [charset(UTF16),string] uint16 *computer_dn;
1226 [charset(UTF16),string] uint16 *server_dn;
1227 [charset(UTF16),string] uint16 *ntds_dn;
1235 } drsuapi_DsGetDCInfo2;
1238 [range(0,10000)] uint32 count;
1239 [size_is(count)] drsuapi_DsGetDCInfo2 *array;
1240 } drsuapi_DsGetDCInfoCtr2;
1243 [charset(UTF16),string] uint16 *netbios_name;
1244 [charset(UTF16),string] uint16 *dns_name;
1245 [charset(UTF16),string] uint16 *site_name;
1246 [charset(UTF16),string] uint16 *site_dn;
1247 [charset(UTF16),string] uint16 *computer_dn;
1248 [charset(UTF16),string] uint16 *server_dn;
1249 [charset(UTF16),string] uint16 *ntds_dn;
1258 } drsuapi_DsGetDCInfo3;
1261 [range(0,10000)] uint32 count;
1262 [size_is(count)] drsuapi_DsGetDCInfo3 *array;
1263 } drsuapi_DsGetDCInfoCtr3;
1266 * this represents an active connection to the
1267 * Directory System Agent (DSA)
1268 * this can be via LDAP or DRSUAPI
1271 [flag(NDR_BIG_ENDIAN)] ipv4address client_ip_address;
1273 uint32 connection_time; /* in seconds */
1278 * client_account can be the following:
1279 * "W2K3\Administrator"
1280 * "Administrator@W2K3"
1281 * "cn=Administrator,cn=Users,DC=w2k3,DC=vmnet1,DC=vm,DC=base"
1285 [charset(UTF16),string] uint16 *client_account;
1286 } drsuapi_DsGetDCConnection01;
1289 [range(0,10000)] uint32 count;
1290 [size_is(count)] drsuapi_DsGetDCConnection01 *array;
1291 } drsuapi_DsGetDCConnectionCtr01;
1293 typedef [switch_type(drsuapi_DsGetDCInfoCtrLevels)] union {
1294 [case(DRSUAPI_DC_INFO_CTR_1)] drsuapi_DsGetDCInfoCtr1 ctr1;
1295 [case(DRSUAPI_DC_INFO_CTR_2)] drsuapi_DsGetDCInfoCtr2 ctr2;
1296 [case(DRSUAPI_DC_INFO_CTR_3)] drsuapi_DsGetDCInfoCtr3 ctr3;
1297 [case(DRSUAPI_DC_CONNECTION_CTR_01)] drsuapi_DsGetDCConnectionCtr01 ctr01;
1298 } drsuapi_DsGetDCInfoCtr;
1300 WERROR drsuapi_DsGetDomainControllerInfo(
1301 [in] policy_handle *bind_handle,
1303 [in,ref,switch_is(level)] drsuapi_DsGetDCInfoRequest *req,
1304 [out,ref] drsuapi_DsGetDCInfoCtrLevels *level_out,
1305 [out,ref,switch_is(*level_out)] drsuapi_DsGetDCInfoCtr *ctr
1310 typedef [public,noprint] struct {
1311 drsuapi_DsReplicaObjectListItem *next_object;
1312 drsuapi_DsReplicaObject object;
1313 } drsuapi_DsReplicaObjectListItem;
1316 * The DsAddEntry() call which creates a nTDSDSA object,
1317 * also adds a servicePrincipalName in the following form
1318 * to the computer account of the new domain controller
1319 * referenced by the "serverReferenece" attribute.
1321 * E3514235-4B06-11D1-AB04-00C04FC2DCD2/<new-ntdsdsa-object-guid-as-string>/<domain-dns-name>
1323 * also note that the "serverReference" isn't added to the new object!
1325 const char *DRSUAPI_NTDSDSA_KRB5_SERVICE_GUID = "E3514235-4B06-11D1-AB04-00C04FC2DCD2";
1327 /* Error codes to classify an error that occurs
1328 * during a search for, or the update of,
1329 * a directory object */
1330 typedef [v1_enum] enum {
1331 DRSUAPI_DIRERR_OK = 0,
1332 DRSUAPI_DIRERR_ATTRIBUTE = 1,
1333 DRSUAPI_DIRERR_NAME = 2,
1334 DRSUAPI_DIRERR_REFERRAL = 3,
1335 DRSUAPI_DIRERR_SECURITY = 4,
1336 DRSUAPI_DIRERR_SERVICE = 5,
1337 DRSUAPI_DIRERR_UPDATE = 6,
1338 DRSUAPI_DIRERR_SYSTEM = 7
1339 } drsuapi_DsAddEntry_DirErr;
1342 * Ref: DRS_MSG_ADDENTRYREQ_V2, [MS-DRSR]: 4.1.1.1.3
1345 drsuapi_DsReplicaObjectListItem first_object;
1346 } drsuapi_DsAddEntryRequest2;
1348 /* Buffer type is actually more
1350 * Ref: DRS_SecBuffer, [MS-DRSR]: 5.41 */
1351 typedef [v1_enum,noprint] enum {
1352 DRSUAPI_SECBUFFER_EMPTY = 0x00000000,
1353 DRSUAPI_SECBUFFER_DATA = 0x00000001,
1354 DRSUAPI_SECBUFFER_TOKEN = 0x00000002,
1355 DRSUAPI_SECBUFFER_PKG_PARAMS = 0x00000003,
1356 DRSUAPI_SECBUFFER_MISSING = 0x00000004,
1357 DRSUAPI_SECBUFFER_EXTRA = 0x00000005,
1358 DRSUAPI_SECBUFFER_STREAM_TRAILER = 0x00000006,
1359 DRSUAPI_SECBUFFER_STREAM_HEADER = 0x00000007,
1360 DRSUAPI_SECBUFFER_READONLY = 0x80000000
1361 } drsuapi_SecBufferType;
1364 [range(0,10000)] uint32 buf_size;
1365 drsuapi_SecBufferType buf_type;
1366 [size_is(buf_size)] uint8 *buffer;
1367 } drsuapi_SecBuffer;
1370 [value(0)] uint32 version;
1371 [range(0,10000)] uint32 buff_count;
1372 [size_is(buff_count)] drsuapi_SecBuffer *buffers;
1373 } drsuapi_SecBufferDesc;
1376 * Ref: DRS_MSG_ADDENTRYREQ_V3, [MS-DRSR]: 4.1.1.1.4
1379 drsuapi_DsReplicaObjectListItem first_object;
1380 drsuapi_SecBufferDesc *client_creds;
1381 } drsuapi_DsAddEntryRequest3;
1383 typedef [switch_type(uint32)] union {
1384 [case(2)] drsuapi_DsAddEntryRequest2 req2;
1385 [case(3)] drsuapi_DsAddEntryRequest3 req3;
1386 } drsuapi_DsAddEntryRequest;
1388 /* Generic extended error info
1389 * commonly used in most places
1390 * where rich error info is returned */
1392 uint32 dsid; /* implementation-specific diagnostic code */
1393 WERROR extended_err; /* 0, STATUS code, or Windows error code */
1394 uint32 extended_data; /* implementation-specific diagnostic code */
1395 uint16 problem; /* 0 or PROBLEM error code */
1396 } drsuapi_DsAddEntryErrorInfoX;
1399 * Ref: ATRERR_DRS_WIRE_V1, [MS-DRSR]: 4.1.1.1.11 */
1402 WERROR extended_err;
1403 uint32 extended_data;
1405 drsuapi_DsAttributeId attid;
1406 boolean32 is_val_returned;
1407 drsuapi_DsAttributeValue attr_val;
1408 } drsuapi_DsAddEntry_AttrErr_V1;
1410 typedef [noprint] struct {
1411 drsuapi_DsAddEntry_AttrErrListItem_V1 *next;
1412 drsuapi_DsAddEntry_AttrErr_V1 err_data;
1413 } drsuapi_DsAddEntry_AttrErrListItem_V1;
1416 drsuapi_DsReplicaObjectIdentifier *id;
1418 drsuapi_DsAddEntry_AttrErrListItem_V1 first;
1419 } drsuapi_DsAddEntryErrorInfo_Attr_V1;
1421 /* Name resolution error
1422 * Ref: NAMERR_DRS_WIRE_V1, [MS-DRSR]: 4.1.1.1.14 */
1425 WERROR extended_err;
1426 uint32 extended_data;
1428 drsuapi_DsReplicaObjectIdentifier *id_matched; /* The best match for the supplied object identity */
1429 } drsuapi_DsAddEntryErrorInfo_Name_V1;
1432 * Ref: REFERR_DRS_WIRE_V1, [MS-DRSR]: 4.1.1.1.15 */
1434 [value(83)] uint8 name_res; /* Must be 'S' */
1435 [value(0)] uint8 unused_pad;
1436 [value(0)] uint16 next_rdn;
1437 } drsuapi_NameResOp_V1;
1439 typedef [enum16bit] enum {
1440 DRSUAPI_CH_REFTYPE_SUPERIOR = 0x0000, /* referral to a superior DC */
1441 DRSUAPI_CH_REFTYPE_SUBORDINATE = 0x0001, /* referral to a subordinate DC */
1442 DRSUAPI_CH_REFTYPE_NSSR = 0x0002, /* Not used */
1443 DRSUAPI_CH_REFTYPE_CROSS = 0x0003 /* A referral to an external crossRef object */
1444 } drsuapi_DsAddEntry_RefType;
1446 typedef [enum8bit] enum {
1447 DRSUAPI_SE_CHOICE_BASE_ONLY = 0x00,
1448 DRSUAPI_SE_CHOICE_IMMED_CHLDRN = 0x01,
1449 DRSUAPI_SE_CHOICE_WHOLE_SUBTREE = 0x02
1450 } drsuapi_DsAddEntry_ChoiceType;
1452 /* list of network names of the DCs
1453 * to which the referral is directed */
1455 drsuapi_DsaAddressListItem_V1 *next;
1456 lsa_String *address;
1457 } drsuapi_DsaAddressListItem_V1;
1460 drsuapi_DsReplicaObjectIdentifier *id_target; /* object to which the referral is directed */
1461 drsuapi_NameResOp_V1 op_state;
1462 [value(0)] uint16 rdn_alias;
1463 [value(0)] uint16 rdn_internal;
1464 drsuapi_DsAddEntry_RefType ref_type;
1465 uint16 addr_list_count;
1466 drsuapi_DsaAddressListItem_V1 *addr_list;
1467 drsuapi_DsAddEntry_RefErrListItem_V1 *next;
1468 boolean32 is_choice_set;
1469 drsuapi_DsAddEntry_ChoiceType choice;
1470 } drsuapi_DsAddEntry_RefErrListItem_V1;
1474 WERROR extended_err;
1475 uint32 extended_data;
1476 drsuapi_DsAddEntry_RefErrListItem_V1 refer;
1477 } drsuapi_DsAddEntryErrorInfo_Referr_V1;
1479 typedef [switch_type(uint32)] union {
1480 [case(1)] drsuapi_DsAddEntryErrorInfo_Attr_V1 attr_err;
1481 [case(2)] drsuapi_DsAddEntryErrorInfo_Name_V1 name_err;
1482 [case(3)] drsuapi_DsAddEntryErrorInfo_Referr_V1 referral_err;
1483 [case(4)] drsuapi_DsAddEntryErrorInfoX security_err;
1484 [case(5)] drsuapi_DsAddEntryErrorInfoX service_err;
1485 [case(6)] drsuapi_DsAddEntryErrorInfoX update_err;
1486 [case(7)] drsuapi_DsAddEntryErrorInfoX system_err;
1487 } drsuapi_DsAddEntryErrorInfo;
1491 drsuapi_DsAddEntry_DirErr dir_err;
1492 [switch_is(dir_err)] drsuapi_DsAddEntryErrorInfo *info;
1493 } drsuapi_DsAddEntry_ErrData_V1;
1495 typedef [switch_type(uint32)] union {
1496 [case(1)] drsuapi_DsAddEntry_ErrData_V1 v1;
1497 } drsuapi_DsAddEntry_ErrData;
1502 } drsuapi_DsReplicaObjectIdentifier2;
1505 drsuapi_DsReplicaObjectIdentifier *id;
1506 drsuapi_DsAddEntry_DirErr dir_err;
1507 uint32 dsid; /* implementation-specific diagnostic code */
1508 WERROR extended_err; /* 0, STATUS code, or Windows error code */
1509 uint32 extended_data; /* implementation-specific diagnostic code */
1510 uint16 problem; /* 0 or PROBLEM error code */
1511 [range(0,10000)] uint32 count;
1512 [size_is(count)] drsuapi_DsReplicaObjectIdentifier2 *objects;
1513 } drsuapi_DsAddEntryCtr2;
1516 drsuapi_DsReplicaObjectIdentifier *id;
1517 uint32 err_ver; /* Must be 1 */
1518 [switch_is(err_ver)] drsuapi_DsAddEntry_ErrData *err_data;
1519 [range(0,10000)] uint32 count;
1520 [size_is(count)] drsuapi_DsReplicaObjectIdentifier2 *objects;
1521 } drsuapi_DsAddEntryCtr3;
1523 typedef [switch_type(uint32)] union {
1524 [case(2)] drsuapi_DsAddEntryCtr2 ctr2;
1525 [case(3)] drsuapi_DsAddEntryCtr3 ctr3;
1526 } drsuapi_DsAddEntryCtr;
1528 [public] WERROR drsuapi_DsAddEntry(
1529 [in] policy_handle *bind_handle,
1531 [in,ref,switch_is(level)] drsuapi_DsAddEntryRequest *req,
1532 [out,ref] uint32 *level_out,
1533 [out,ref,switch_is(*level_out)] drsuapi_DsAddEntryCtr *ctr
1539 DRSUAPI_DS_EXECUTE_KCC_ASYNCHRONOUS_OPERATION = 0x00000001,
1540 DRSUAPI_DS_EXECUTE_KCC_DAMPED = 0x00000002
1541 } drsuapi_DsExecuteKCCFlags;
1545 drsuapi_DsExecuteKCCFlags flags;
1546 } drsuapi_DsExecuteKCC1;
1548 typedef [switch_type(uint32)] union {
1549 [case(1)] drsuapi_DsExecuteKCC1 ctr1;
1550 } drsuapi_DsExecuteKCCRequest;
1552 WERROR drsuapi_DsExecuteKCC(
1553 [in] policy_handle *bind_handle,
1555 [in, ref, switch_is(level)] drsuapi_DsExecuteKCCRequest *req
1560 typedef [v1_enum] enum {
1561 DRSUAPI_DS_REPLICA_GET_INFO = 1,
1562 DRSUAPI_DS_REPLICA_GET_INFO2 = 2
1563 } drsuapi_DsReplicaGetInfoLevel;
1565 typedef [v1_enum] enum {
1566 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS = 0,
1567 DRSUAPI_DS_REPLICA_INFO_CURSORS = 1,
1568 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA = 2,
1569 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES = 3,
1570 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES = 4,
1571 DRSUAPI_DS_REPLICA_INFO_PENDING_OPS = 5,
1572 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA = 6,
1573 DRSUAPI_DS_REPLICA_INFO_CURSORS2 = 7,
1574 DRSUAPI_DS_REPLICA_INFO_CURSORS3 = 8,
1575 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2 = 9,
1576 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2 = 10,
1577 DRSUAPI_DS_REPLICA_INFO_REPSTO = -2,
1578 DRSUAPI_DS_REPLICA_INFO_CLIENT_CONTEXTS = -4,
1579 DRSUAPI_DS_REPLICA_INFO_UPTODATE_VECTOR_V1 = -5,
1580 DRSUAPI_DS_REPLICA_INFO_SERVER_OUTGOING_CALLS = -6
1581 } drsuapi_DsReplicaInfoType;
1584 drsuapi_DsReplicaInfoType info_type;
1585 [charset(UTF16),string] uint16 *object_dn;
1586 GUID source_dsa_guid;
1587 } drsuapi_DsReplicaGetInfoRequest1;
1590 drsuapi_DsReplicaInfoType info_type;
1591 [charset(UTF16),string] uint16 *object_dn;
1592 GUID source_dsa_guid;
1594 [charset(UTF16),string] uint16 *attribute_name;
1595 [charset(UTF16),string] uint16 *value_dn_str;
1596 uint32 enumeration_context;
1597 } drsuapi_DsReplicaGetInfoRequest2;
1599 typedef [switch_type(drsuapi_DsReplicaGetInfoLevel)] union {
1600 [case(DRSUAPI_DS_REPLICA_GET_INFO)] drsuapi_DsReplicaGetInfoRequest1 req1;
1601 [case(DRSUAPI_DS_REPLICA_GET_INFO2)] drsuapi_DsReplicaGetInfoRequest2 req2;
1602 } drsuapi_DsReplicaGetInfoRequest;
1605 [charset(UTF16),string] uint16 *naming_context_dn;
1606 [charset(UTF16),string] uint16 *source_dsa_obj_dn;
1607 [charset(UTF16),string] uint16 *source_dsa_address;
1608 [charset(UTF16),string] uint16 *transport_obj_dn;
1609 drsuapi_DrsOptions replica_flags;
1611 GUID naming_context_obj_guid;
1612 GUID source_dsa_obj_guid;
1613 GUID source_dsa_invocation_id;
1614 GUID transport_obj_guid;
1615 hyper tmp_highest_usn;
1617 NTTIME last_success;
1618 NTTIME last_attempt;
1619 WERROR result_last_attempt;
1620 uint32 consecutive_sync_failures;
1621 } drsuapi_DsReplicaNeighbour;
1626 [size_is(count)] drsuapi_DsReplicaNeighbour array[];
1627 } drsuapi_DsReplicaNeighbourCtr;
1632 [size_is(count)] drsuapi_DsReplicaCursor array[];
1633 } drsuapi_DsReplicaCursorCtr;
1636 [charset(UTF16),string] uint16 *attribute_name;
1638 NTTIME originating_change_time;
1639 GUID originating_invocation_id;
1640 hyper originating_usn;
1642 } drsuapi_DsReplicaObjMetaData;
1647 [size_is(count)] drsuapi_DsReplicaObjMetaData array[];
1648 } drsuapi_DsReplicaObjMetaDataCtr;
1651 [charset(UTF16),string] uint16 *dsa_obj_dn;
1653 NTTIME first_failure;
1654 uint32 num_failures;
1656 } drsuapi_DsReplicaKccDsaFailure;
1661 [size_is(count)] drsuapi_DsReplicaKccDsaFailure array[];
1662 } drsuapi_DsReplicaKccDsaFailuresCtr;
1665 DRSUAPI_DS_REPLICA_OP_TYPE_SYNC = 0,
1666 DRSUAPI_DS_REPLICA_OP_TYPE_ADD = 1,
1667 DRSUAPI_DS_REPLICA_OP_TYPE_DELETE = 2,
1668 DRSUAPI_DS_REPLICA_OP_TYPE_MODIFY = 3,
1669 DRSUAPI_DS_REPLICA_OP_TYPE_UPDATE_REFS = 4
1670 } drsuapi_DsReplicaOpType;
1673 NTTIME operation_start;
1674 uint32 serial_num; /* unique till reboot */
1676 drsuapi_DsReplicaOpType operation_type;
1677 drsuapi_DrsOptions options;
1678 [charset(UTF16),string] uint16 *nc_dn;
1679 [charset(UTF16),string] uint16 *remote_dsa_obj_dn;
1680 [charset(UTF16),string] uint16 *remote_dsa_address;
1682 GUID remote_dsa_obj_guid;
1683 } drsuapi_DsReplicaOp;
1688 [size_is(count)] drsuapi_DsReplicaOp array[];
1689 } drsuapi_DsReplicaOpCtr;
1692 [charset(UTF16),string] uint16 *attribute_name;
1693 [charset(UTF16),string] uint16 *object_dn;
1694 [value(ndr_size_DATA_BLOB(0,binary,0))] uint32 __ndr_size_binary;
1699 NTTIME originating_change_time;
1700 GUID originating_invocation_id;
1701 hyper originating_usn;
1703 } drsuapi_DsReplicaAttrValMetaData;
1707 uint32 enumeration_context;
1708 [size_is(count)] drsuapi_DsReplicaAttrValMetaData array[];
1709 } drsuapi_DsReplicaAttrValMetaDataCtr;
1713 uint32 enumeration_context;
1714 [size_is(count)] drsuapi_DsReplicaCursor2 array[];
1715 } drsuapi_DsReplicaCursor2Ctr;
1718 GUID source_dsa_invocation_id;
1720 NTTIME last_sync_success;
1721 [charset(UTF16),string] uint16 *source_dsa_obj_dn;
1722 } drsuapi_DsReplicaCursor3;
1726 uint32 enumeration_context;
1727 [size_is(count)] drsuapi_DsReplicaCursor3 array[];
1728 } drsuapi_DsReplicaCursor3Ctr;
1731 [charset(UTF16),string] uint16 *attribute_name;
1733 NTTIME originating_change_time;
1734 GUID originating_invocation_id;
1735 hyper originating_usn;
1737 [charset(UTF16),string] uint16 *originating_dsa_dn;
1738 } drsuapi_DsReplicaObjMetaData2;
1742 uint32 enumeration_context;
1743 [size_is(count)] drsuapi_DsReplicaObjMetaData2 array[];
1744 } drsuapi_DsReplicaObjMetaData2Ctr;
1747 [charset(UTF16),string] uint16 *attribute_name;
1748 [charset(UTF16),string] uint16 *object_dn;
1749 [value(ndr_size_DATA_BLOB(0,binary,0))] uint32 __ndr_size_binary;
1754 NTTIME originating_change_time;
1755 GUID originating_invocation_id;
1756 hyper originating_usn;
1758 [charset(UTF16),string] uint16 *originating_dsa_dn;
1759 } drsuapi_DsReplicaAttrValMetaData2;
1763 uint32 enumeration_context;
1764 [size_is(count)] drsuapi_DsReplicaAttrValMetaData2 array[];
1765 } drsuapi_DsReplicaAttrValMetaData2Ctr;
1768 hyper u1; /* session number? */
1772 NTTIME_1sec bind_time;
1773 [flag(NDR_BIG_ENDIAN)] ipv4address client_ip_address;
1774 uint32 u5; /* this is the same value the client used as pid in the DsBindInfoX struct */
1775 } drsuapi_DsReplicaConnection04;
1778 [range(0,10000)] uint32 count;
1780 [size_is(count)] drsuapi_DsReplicaConnection04 array[];
1781 } drsuapi_DsReplicaConnection04Ctr;
1784 [charset(UTF16),string] uint16 *str1;
1792 } drsuapi_DsReplica06;
1795 [range(0,256)] uint32 count;
1797 [size_is(count)] drsuapi_DsReplica06 array[];
1798 } drsuapi_DsReplica06Ctr;
1800 typedef [switch_type(drsuapi_DsReplicaInfoType)] union {
1801 [case(DRSUAPI_DS_REPLICA_INFO_NEIGHBORS)] drsuapi_DsReplicaNeighbourCtr *neighbours;
1802 [case(DRSUAPI_DS_REPLICA_INFO_CURSORS)] drsuapi_DsReplicaCursorCtr *cursors;
1803 [case(DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA)] drsuapi_DsReplicaObjMetaDataCtr *objmetadata;
1804 [case(DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES)] drsuapi_DsReplicaKccDsaFailuresCtr *connectfailures;
1805 [case(DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES)] drsuapi_DsReplicaKccDsaFailuresCtr *linkfailures;
1806 [case(DRSUAPI_DS_REPLICA_INFO_PENDING_OPS)] drsuapi_DsReplicaOpCtr *pendingops;
1807 [case(DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA)] drsuapi_DsReplicaAttrValMetaDataCtr *attrvalmetadata;
1808 [case(DRSUAPI_DS_REPLICA_INFO_CURSORS2)] drsuapi_DsReplicaCursor2Ctr *cursors2;
1809 [case(DRSUAPI_DS_REPLICA_INFO_CURSORS3)] drsuapi_DsReplicaCursor3Ctr *cursors3;
1810 [case(DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2)] drsuapi_DsReplicaObjMetaData2Ctr *objmetadata2;
1811 [case(DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2)] drsuapi_DsReplicaAttrValMetaData2Ctr *attrvalmetadata2;
1812 [case(DRSUAPI_DS_REPLICA_INFO_REPSTO)] drsuapi_DsReplicaNeighbourCtr *repsto;
1813 [case(DRSUAPI_DS_REPLICA_INFO_CLIENT_CONTEXTS)] drsuapi_DsReplicaConnection04Ctr *clientctx;
1814 [case(DRSUAPI_DS_REPLICA_INFO_UPTODATE_VECTOR_V1)] drsuapi_DsReplicaCursorCtrEx *udv1;
1815 [case(DRSUAPI_DS_REPLICA_INFO_SERVER_OUTGOING_CALLS)] drsuapi_DsReplica06Ctr *srvoutgoingcalls;
1816 } drsuapi_DsReplicaInfo;
1818 WERROR drsuapi_DsReplicaGetInfo(
1819 [in] policy_handle *bind_handle,
1820 [in] drsuapi_DsReplicaGetInfoLevel level,
1821 [in,ref,switch_is(level)] drsuapi_DsReplicaGetInfoRequest *req,
1822 [out,ref] drsuapi_DsReplicaInfoType *info_type,
1823 [out,ref,switch_is(*info_type)] drsuapi_DsReplicaInfo *info
1828 [todo] WERROR DRSUAPI_ADD_SID_HISTORY();
1834 [range(0,10000)] uint32 num_entries;
1835 [size_is(num_entries)] drsuapi_DsGetMembershipsCtr1 **ctrl_array;
1836 } drsuapi_DsGetMemberships2Ctr1;
1838 typedef [switch_type(uint32)] union {
1839 [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1;
1840 } drsuapi_DsGetMemberships2Ctr;
1843 [range(1,10000)] uint32 num_req;
1844 [size_is(num_req)] drsuapi_DsGetMembershipsRequest1 **req_array;
1845 } drsuapi_DsGetMemberships2Request1;
1847 typedef [switch_type(uint32)] union {
1848 [case(1)] drsuapi_DsGetMemberships2Request1 req1;
1849 } drsuapi_DsGetMemberships2Request;
1851 WERROR drsuapi_DsGetMemberships2(
1852 [in] policy_handle *bind_handle,
1854 [in,ref] [switch_is(level)] drsuapi_DsGetMemberships2Request *req,
1855 [out,ref] uint32 *level_out,
1856 [out,ref] [switch_is(*level_out)] drsuapi_DsGetMemberships2Ctr *ctr
1861 [todo] WERROR DRSUAPI_REPLICA_VERIFY_OBJECTS();
1865 [todo] WERROR DRSUAPI_GET_OBJECT_EXISTENCE();
1872 } drsuapi_DsSiteCostInfo;
1875 [range(0,10000)] uint32 num_info;
1876 [size_is(num_info)] drsuapi_DsSiteCostInfo *info;
1877 [value(0)] uint32 flags_reserved;
1878 } drsuapi_QuerySitesByCostCtr1;
1880 typedef [switch_type(uint32)] union {
1881 [case(1)] drsuapi_QuerySitesByCostCtr1 ctr1;
1882 } drsuapi_QuerySitesByCostCtr;
1885 [charset(UTF16),string] uint16 *site_from;
1886 [range(1,10000)] uint32 num_req;
1887 [size_is(num_req)] [charset(UTF16),string] uint16 **site_to;
1889 } drsuapi_QuerySitesByCostRequest1;
1891 typedef [switch_type(uint32)] union {
1892 [case(1)] drsuapi_QuerySitesByCostRequest1 req1;
1893 } drsuapi_QuerySitesByCostRequest;
1895 WERROR drsuapi_QuerySitesByCost(
1896 [in] policy_handle *bind_handle,
1898 [in,ref] [switch_is(level)] drsuapi_QuerySitesByCostRequest *req,
1899 [out,ref] uint32 *level_out,
1900 [out,ref] [switch_is(*level_out)] drsuapi_QuerySitesByCostCtr *ctr