uuid("12345678-1234-abcd-ef00-01234567cffb"),
version(1.0),
endpoint("ncacn_np:[\\pipe\\netlogon]","ncacn_ip_tcp:","ncalrpc:"),
- pointer_default(unique)
+ pointer_default(unique),
+ pointer_default_top(unique),
+ depends(lsa,samr)
]
interface netlogon
{
+ declare bitmap samr_AcctFlags;
+ typedef [public] struct {
+ [value(strlen_m(r->string)*2)] uint16 size;
+ [value(r->size)] uint16 length;
+ unistr_noterm *string;
+ } netr_String;
+
/*****************/
/* Function 0x00 */
/*****************/
/* Function 0x02 */
- typedef [flag(NDR_PAHEX)] struct {
- uint8 data[8];
- } netr_Credential;
-
- typedef struct {
- [value(strlen_m(r->string)*2)] uint16 size;
- [value(r->size)] uint16 length;
- unistr_noterm *string;
- } netr_String;
-
/* in netr_AcctLockStr size seems to be be 24, and rrenard thinks
that the structure of the bindata looks like this:
- uint64 lockout_duration;
- uint64 reset_count;
+ dlong lockout_duration;
+ udlong reset_count;
uint32 bad_attempt_lockout;
uint32 dummy;
netr_ChallengeResponse lm;
} netr_NetworkInfo;
- typedef union {
+ typedef [switch_type(uint16)] union {
[case(1)] netr_PasswordInfo *password;
[case(2)] netr_NetworkInfo *network;
[case(3)] netr_PasswordInfo *password;
[case(6)] netr_NetworkInfo *network;
} netr_LogonLevel;
- typedef struct {
- netr_Credential cred;
- time_t timestamp;
- } netr_Authenticator;
-
- typedef struct {
+ typedef [public] struct {
uint32 rid;
uint32 attributes;
} netr_GroupMembership;
- typedef [flag(NDR_PAHEX)] struct {
+ typedef [public,flag(NDR_PAHEX)] struct {
uint8 key[16];
} netr_UserSessionKey;
- typedef [flag(NDR_PAHEX)] struct {
+ typedef [public,flag(NDR_PAHEX)] struct {
uint8 key[8];
} netr_LMSessionKey;
uint16 bad_password_count;
uint32 rid;
uint32 primary_gid;
- uint32 group_count;
- [size_is(group_count)] netr_GroupMembership *groupids;
+ samr_RidWithTypeArray groups;
uint32 user_flags;
netr_UserSessionKey key;
netr_String logon_server;
netr_String domain;
dom_sid2 *domain_sid;
netr_LMSessionKey LMSessKey;
- uint32 acct_flags;
+ samr_AcctFlags acct_flags;
uint32 unknown[7];
} netr_SamBaseInfo;
netr_String unknown4;
} netr_PacInfo;
- typedef union {
+ typedef [switch_type(uint16)] union {
[case(2)] netr_SamInfo2 *sam2;
[case(3)] netr_SamInfo3 *sam3;
[case(4)] netr_PacInfo *pac;
[case(6)] netr_SamInfo6 *sam6;
} netr_Validation;
+ typedef [public, flag(NDR_PAHEX)] struct {
+ uint8 data[8];
+ } netr_Credential;
+
+ typedef [public] struct {
+ netr_Credential cred;
+ time_t timestamp;
+ } netr_Authenticator;
+
NTSTATUS netr_LogonSamLogon(
[in] unistr *server_name,
[in] unistr *workstation,
[in] [switch_is(logon_level)] netr_LogonLevel logon,
[in] uint16 validation_level,
[out] [switch_is(validation_level)] netr_Validation validation,
- [out] uint32 authoritative
+ [out] uint8 authoritative
);
[in] uint16 logon_level,
[in] [switch_is(logon_level)] netr_LogonLevel logon
);
-
+
/*****************/
/*****************/
/* Function 0x05 */
- /* secure channel types */
- const int SEC_CHAN_WKSTA = 2;
- const int SEC_CHAN_DOMAIN = 4;
- const int SEC_CHAN_BDC = 6;
+ declare enum netr_SchannelType;
NTSTATUS netr_ServerAuthenticate(
[in] unistr *server_name,
[in] unistr account_name,
- [in] uint16 secure_channel_type,
+ [in] netr_SchannelType secure_channel_type,
[in] unistr computer_name,
[in,out,ref] netr_Credential *credentials
);
NTSTATUS netr_ServerPasswordSet(
[in] unistr *server_name,
[in] unistr account_name,
- [in] uint16 secure_channel_type,
+ [in] netr_SchannelType secure_channel_type,
[in] unistr computer_name,
[in] netr_Authenticator credential,
[in] samr_Password new_password,
/*****************/
/* Function 0x07 */
+ /* SAM database types */
+ typedef [v1_enum] enum {
+ SAM_DATABASE_DOMAIN = 0, /* Domain users and groups */
+ SAM_DATABASE_BUILTIN = 1, /* BUILTIN users and groups */
+ SAM_DATABASE_PRIVS = 2 /* Privileges */
+ } netr_SamDatabaseID;
+
typedef struct {
unistr *account_name;
netr_String unknown1;
uint32 unknown8;
} netr_DELTA_DELETE_USER;
+ typedef struct {
+ uint16 length;
+ [value(r->length)] uint16 size;
+ uint32 flags;
+ samr_Password pwd;
+ } netr_USER_KEY16;
+
+ typedef struct {
+ uint16 nt_length;
+ uint16 nt_size;
+ uint32 nt_flags;
+ uint16 lm_length;
+ uint16 lm_size;
+ uint32 lm_flags;
+ uint8 nt_history[nt_length];
+ uint8 lm_history[lm_length];
+ } netr_PasswordHistory;
+
+ typedef struct {
+ netr_USER_KEY16 lmpassword;
+ netr_USER_KEY16 ntpassword;
+ netr_PasswordHistory lmhistory;
+ } netr_USER_KEYS2;
+
+ typedef struct {
+ netr_USER_KEYS2 keys2;
+ } netr_USER_KEY_UNION;
+
+ typedef [public] struct {
+ uint32 version;
+ netr_USER_KEY_UNION keys;
+ } netr_USER_KEYS;
+
typedef struct {
bool8 SensitiveDataFlag;
uint32 DataLength;
- [size_is(DataLength)] uint8 *SensitiveData;
+
+ /* netr_USER_KEYS encrypted with the session key */
+ [size_is(DataLength)][flag(NDR_PAHEX)] uint8 *SensitiveData;
} netr_USER_PRIVATE_INFO;
typedef struct {
netr_String account_name;
netr_String full_name;
uint32 rid;
- uint32 primary_group;
- netr_String home_dir;
+ uint32 primary_gid;
+ netr_String home_directory;
netr_String home_drive;
netr_String logon_script;
netr_String description;
netr_String workstations;
- NTTIME LastLogon;
- NTTIME LastLogoff;
+ NTTIME last_logon;
+ NTTIME last_logoff;
samr_LogonHours logon_hours;
- uint16 bad_pw_count;
+ uint16 bad_password_count;
uint16 logon_count;
- NTTIME PwLastSet;
- NTTIME AccountExpires;
- uint32 AccountControl;
- samr_Password lmpw;
- samr_Password ntpw;
- bool8 NTPwPresent;
- bool8 LMPwPresent;
- bool8 PwExpired;
- netr_String UserComment;
- netr_String Parameters;
- uint16 CountryCode;
- uint16 CodePage;
+ NTTIME last_password_change;
+ NTTIME acct_expiry;
+ samr_AcctFlags acct_flags;
+ samr_Password lmpassword;
+ samr_Password ntpassword;
+ bool8 nt_password_present;
+ bool8 lm_password_present;
+ bool8 password_expired;
+ netr_String comment;
+ netr_String parameters;
+ uint16 country_code;
+ uint16 code_page;
netr_USER_PRIVATE_INFO user_private_info;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
} netr_DELTA_USER;
typedef struct {
- netr_String DomainName;
- netr_String OEMInfo;
- NTTIME forcedlogoff;
- uint16 min_password_len;
- uint16 password_history_len;
- uint64 password_must_change_time;
- uint64 password_can_change_time;
- uint64 sequence_num;
+ netr_String domain_name;
+ netr_String comment;
+ NTTIME force_logoff_time;
+ uint16 min_password_length;
+ uint16 password_history_length;
+ /* yes, these are signed. They are in negative 100ns */
+ dlong max_password_age;
+ dlong min_password_age;
+ udlong sequence_num;
NTTIME domain_create_time;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
netr_String unknown2;
netr_String unknown3;
netr_String unknown4;
- uint32 unknown5;
+ uint32 logon_to_chgpass;
uint32 unknown6;
uint32 unknown7;
uint32 unknown8;
} netr_DELTA_DOMAIN;
typedef struct {
- netr_String groupname;
- netr_GroupMembership group_membership;
- netr_String comment;
+ netr_String group_name;
+ uint32 rid;
+ uint32 attributes;
+ netr_String description;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
netr_String unknown1;
uint32 rid;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
- netr_String unknown1;
+ netr_String description;
netr_String unknown2;
netr_String unknown3;
netr_String unknown4;
bool8 auditingmode;
uint32 maxauditeventcount;
[size_is(maxauditeventcount+1)] uint32 *eventauditoptions;
- netr_String primarydomainname;
+ netr_String primary_domain_name;
dom_sid2 *sid;
netr_QUOTA_LIMITS quota_limits;
- uint64 sequence_num;
+ udlong sequence_num;
NTTIME db_create_time;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
} netr_DELTA_POLICY;
typedef struct {
- netr_String DomainName;
+ netr_String domain_name;
uint32 num_controllers;
[size_is(num_controllers)] netr_String *controller_names;
uint32 SecurityInformation;
netr_String unknown2;
netr_String unknown3;
netr_String unknown4;
- uint32 unknown5;
+ uint32 posix_offset;
uint32 unknown6;
uint32 unknown7;
uint32 unknown8;
- } netr_DELTA_TRUSTED_DOMAINS;
+ } netr_DELTA_TRUSTED_DOMAIN;
typedef struct {
uint16 unknown;
uint32 unknown6;
uint32 unknown7;
uint32 unknown8;
- } netr_DELTA_ACCOUNTS;
+ } netr_DELTA_ACCOUNT;
typedef struct {
uint16 unknown;
NETR_DELTA_RENAME_ALIAS = 11,
NETR_DELTA_ALIAS_MEMBER = 12,
NETR_DELTA_POLICY = 13,
- NETR_DELTA_TRUSTED_DOMAINS = 14,
+ NETR_DELTA_TRUSTED_DOMAIN = 14,
NETR_DELTA_DELETE_TRUST = 15,
- NETR_DELTA_ACCOUNTS = 16,
+ NETR_DELTA_ACCOUNT = 16,
NETR_DELTA_DELETE_ACCOUNT = 17,
NETR_DELTA_SECRET = 18,
NETR_DELTA_DELETE_SECRET = 19,
NETR_DELTA_MODIFY_COUNT = 22
} netr_DeltaEnum;
- typedef union {
+ typedef [switch_type(netr_DeltaEnum)] union {
[case(NETR_DELTA_DOMAIN)] netr_DELTA_DOMAIN *domain;
[case(NETR_DELTA_GROUP)] netr_DELTA_GROUP *group;
[case(NETR_DELTA_DELETE_GROUP)] ; /* rid only */
[case(NETR_DELTA_RENAME_ALIAS)] netr_DELTA_RENAME *rename_alias;
[case(NETR_DELTA_ALIAS_MEMBER)] netr_DELTA_ALIAS_MEMBER *alias_member;
[case(NETR_DELTA_POLICY)] netr_DELTA_POLICY *policy;
- [case(NETR_DELTA_TRUSTED_DOMAINS)] netr_DELTA_TRUSTED_DOMAINS *trusted_domains;
- [case(NETR_DELTA_DELETE_TRUST)] netr_DELTA_DELETE_TRUST delete_trust;
- [case(NETR_DELTA_ACCOUNTS)] netr_DELTA_ACCOUNTS *accounts;
- [case(NETR_DELTA_DELETE_ACCOUNT)] netr_DELTA_DELETE_ACCOUNT delete_account;
+ [case(NETR_DELTA_TRUSTED_DOMAIN)] netr_DELTA_TRUSTED_DOMAIN *trusted_domain;
+ [case(NETR_DELTA_DELETE_TRUST)] netr_DELTA_DELETE_TRUST delete_trust;
+ [case(NETR_DELTA_ACCOUNT)] netr_DELTA_ACCOUNT *account;
+ [case(NETR_DELTA_DELETE_ACCOUNT)] netr_DELTA_DELETE_ACCOUNT delete_account;
[case(NETR_DELTA_SECRET)] netr_DELTA_SECRET *secret;
- [case(NETR_DELTA_DELETE_SECRET)] netr_DELTA_DELETE_SECRET delete_secret;
+ [case(NETR_DELTA_DELETE_SECRET)] netr_DELTA_DELETE_SECRET delete_secret;
[case(NETR_DELTA_DELETE_GROUP2)] netr_DELTA_DELETE_USER *delete_group;
[case(NETR_DELTA_DELETE_USER2)] netr_DELTA_DELETE_USER *delete_user;
- [case(NETR_DELTA_MODIFY_COUNT)] uint64 *modified_count;
+ [case(NETR_DELTA_MODIFY_COUNT)] udlong *modified_count;
} netr_DELTA_UNION;
- typedef union {
+ typedef [switch_type(netr_DeltaEnum)] union {
[case(NETR_DELTA_DOMAIN)] uint32 rid;
[case(NETR_DELTA_GROUP)] uint32 rid;
[case(NETR_DELTA_DELETE_GROUP)] uint32 rid;
[case(NETR_DELTA_RENAME_ALIAS)] uint32 rid;
[case(NETR_DELTA_ALIAS_MEMBER)] uint32 rid;
[case(NETR_DELTA_POLICY)] dom_sid2 *sid;
- [case(NETR_DELTA_TRUSTED_DOMAINS)] dom_sid2 *sid;
+ [case(NETR_DELTA_TRUSTED_DOMAIN)] dom_sid2 *sid;
[case(NETR_DELTA_DELETE_TRUST)] dom_sid2 *sid;
- [case(NETR_DELTA_ACCOUNTS)] dom_sid2 *sid;
+ [case(NETR_DELTA_ACCOUNT)] dom_sid2 *sid;
[case(NETR_DELTA_DELETE_ACCOUNT)] dom_sid2 *sid;
[case(NETR_DELTA_SECRET)] unistr *name;
[case(NETR_DELTA_DELETE_SECRET)] unistr *name;
} netr_DELTA_ID_UNION;
typedef struct {
- uint16 delta_type;
+ netr_DeltaEnum delta_type;
[switch_is(delta_type)] netr_DELTA_ID_UNION delta_id_union;
[switch_is(delta_type)] netr_DELTA_UNION delta_union;
} netr_DELTA_ENUM;
[in] unistr computername,
[in] netr_Authenticator credential,
[in,out] netr_Authenticator return_authenticator,
- [in] uint32 database_id,
- [in,out] uint64 sequence_num,
+ [in] netr_SamDatabaseID database_id,
+ [in,out] udlong sequence_num,
[in] uint32 preferredmaximumlength,
[out] netr_DELTA_ENUM_ARRAY *delta_enum_array
);
[in] unistr computername,
[in] netr_Authenticator credential,
[in,out] netr_Authenticator return_authenticator,
- [in] uint32 database_id,
+ [in] netr_SamDatabaseID database_id,
[in,out] uint32 sync_context,
[in] uint32 preferredmaximumlength,
[out] netr_DELTA_ENUM_ARRAY *delta_enum_array
[out] unistr *dcname
);
-
-
/*****************/
/* Function 0x0C */
} netr_CONTROL_QUERY_INFORMATION;
/* function_code values */
- const int NETLOGON_CONTROL_REDISCOVER = 5;
- const int NETLOGON_CONTROL_TC_QUERY = 6;
- const int NETLOGON_CONTROL_TRANSPORT_NOTIFY = 7;
- const int NETLOGON_CONTROL_SET_DBFLAG = 65534;
+ typedef [v1_enum] enum {
+ NETLOGON_CONTROL_REDISCOVER = 5,
+ NETLOGON_CONTROL_TC_QUERY = 6,
+ NETLOGON_CONTROL_TRANSPORT_NOTIFY = 7,
+ NETLOGON_CONTROL_SET_DBFLAG = 65534
+ } netr_LogonControlCode;
WERROR netr_LogonControl(
[in] unistr *logon_server,
- [in] uint32 function_code,
+ [in] netr_LogonControlCode function_code,
[in] uint32 level,
[out,switch_is(level)] netr_CONTROL_QUERY_INFORMATION info
);
);
+ /* If this flag is not set, then the passwords and LM session keys are
+ * encrypted with DES calls. (And the user session key is
+ * unencrypted) */
+ const int NETLOGON_NEG_ARCFOUR = 0x00000004;
+ const int NETLOGON_NEG_128BIT = 0x00004000;
+ const int NETLOGON_NEG_SCHANNEL = 0x40000000;
+
/*****************/
/* Function 0x0F */
NTSTATUS netr_ServerAuthenticate2(
[in] unistr *server_name,
[in] unistr account_name,
- [in] uint16 secure_channel_type,
+ [in] netr_SchannelType secure_channel_type,
[in] unistr computer_name,
[in,out,ref] netr_Credential *credentials,
[in,out,ref] uint32 *negotiate_flags
[in] unistr computername,
[in] netr_Authenticator credential,
[in,out] netr_Authenticator return_authenticator,
- [in] uint32 database_id,
+ [in] netr_SamDatabaseID database_id,
[in] uint16 restart_state,
[in,out] uint32 sync_context,
[in] uint32 preferredmaximumlength,
NTSTATUS netr_ServerAuthenticate3(
[in] unistr *server_name,
[in] unistr account_name,
- [in] uint16 secure_channel_type,
+ [in] netr_SchannelType secure_channel_type,
[in] unistr computer_name,
[in,out,ref] netr_Credential *credentials,
[in,out,ref] uint32 *negotiate_flags,
unistr *unknown4;
netr_BinaryString blob2;
netr_String product;
- uint32 unknown5;
- unistr *unknown6;
- uint32 unknown7[6];
+ netr_String unknown5;
+ netr_String unknown6;
+ uint32 unknown7[4];
} netr_DomainQuery1;
typedef union {
NTSTATUS netr_LogonGetDomainInfo(
[in] unistr server_name,
[in] unistr *computer_name,
- [in,out,ref] netr_Authenticator *credential,
- [in] uint32 unknown1,
- [in] uint32 i1[2],
+ [in,ref] netr_Authenticator *credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
[in] uint32 level,
[in,switch_is(level)] netr_DomainQuery query,
[out,switch_is(level)] netr_DomainInfo info
);
- /****************/
+ typedef [flag(NDR_PAHEX)] struct {
+ uint16 data[256];
+ uint32 length;
+ } netr_CryptPassword;
+
+ /*****************/
/* Function 0x1e */
- WERROR netr_NETRSERVERPASSWORDSET2();
+ NTSTATUS netr_ServerPasswordSet2(
+ [in] unistr *server_name,
+ [in] unistr account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] unistr computer_name,
+ [in] netr_Authenticator credential,
+ [in] netr_CryptPassword new_password,
+ [out] netr_Authenticator return_authenticator
+ );
/****************/
/* Function 0x1f */
/****************/
/* Function 0x22 */
- WERROR netr_DSRGETDCNAMEEX2();
+ typedef struct {
+ unistr *dc_unc;
+ unistr *dc_address;
+ int32 dc_address_type;
+ GUID domain_guid;
+ unistr *domain_name;
+ unistr *forest_name;
+ uint32 dc_flags;
+ unistr *dc_site_name;
+ unistr *client_site_name;
+ } netr_DrsGetDCNameEx2Info;
+
+ WERROR netr_DrsGetDCNameEx2(
+ [in] unistr *server_unc,
+ [in] unistr *client_account,
+ [in] uint32 mask,
+ [in] unistr *domain_name,
+ [in] GUID *domain_guid,
+ [in] unistr *site_name,
+ [in] uint32 flags,
+ [out] netr_DrsGetDCNameEx2Info *info
+ );
/****************/
/* Function 0x23 */
/****************/
/* Function 0x27 */
- WERROR netr_NETRLOGONSAMLOGONEX();
+ NTSTATUS netr_LogonSamLogonEx(
+ [in] unistr *server_name,
+ [in] unistr *workstation,
+ [in] uint16 logon_level,
+ [in] [switch_is(logon_level)] netr_LogonLevel logon,
+ [in] uint16 validation_level,
+ [out] [switch_is(validation_level)] netr_Validation validation,
+ [out] uint8 authoritative,
+ [in,out] uint32 flags
+ );
/****************/
/* Function 0x28 */
- const int NETR_TRUST_FLAG_IN_FOREST = 0x01;
- const int NETR_TRUST_FLAG_OUTBOUND = 0x02;
- const int NETR_TRUST_FLAG_TREEROOT = 0x04;
- const int NETR_TRUST_FLAG_PRIMARY = 0x08;
- const int NETR_TRUST_FLAG_NATIVE = 0x10;
- const int NETR_TRUST_FLAG_INBOUND = 0x20;
+ typedef [bitmap32bit] bitmap {
+ NETR_TRUST_FLAG_IN_FOREST = 0x00000001,
+ NETR_TRUST_FLAG_OUTBOUND = 0x00000002,
+ NETR_TRUST_FLAG_TREEROOT = 0x00000004,
+ NETR_TRUST_FLAG_PRIMARY = 0x00000008,
+ NETR_TRUST_FLAG_NATIVE = 0x00000010,
+ NETR_TRUST_FLAG_INBOUND = 0x00000020
+ } netr_TrustFlags;
+
+ typedef [v1_enum] enum {
+ NETR_TRUST_TYPE_DOWNLEVEL = 1,
+ NETR_TRUST_TYPE_UPLEVEL = 2,
+ NETR_TRUST_TYPE_MIT = 3,
+ NETR_TRUST_TYPE_DCE = 4
+ } netr_TrustType;
+
+ typedef [bitmap32bit] bitmap {
+ NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE = 0x00000001,
+ NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY = 0x00000002,
+ NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004,
+ NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE = 0x00000008,
+ NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010,
+ NETR_TRUST_ATTRIBUTE_WITHIN_FOREST = 0x00000020,
+ NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL = 0x00000040
+ } netr_TrustAttributes;
typedef struct {
- unistr *netbios_name;
- unistr *dns_name;
- uint32 trust_flags;
- uint32 parent_index;
- uint32 trust_type;
- uint32 trust_attributes;
- dom_sid2 *sid;
- GUID guid;
+ unistr *netbios_name;
+ unistr *dns_name;
+ netr_TrustFlags trust_flags;
+ uint32 parent_index;
+ netr_TrustType trust_type;
+ netr_TrustAttributes trust_attributes;
+ dom_sid2 *sid;
+ GUID guid;
} netr_DomainTrust;
WERROR netr_DsrEnumerateDomainTrusts(
[in] unistr *server_name,
- [in] uint32 trust_flags,
+ [in] netr_TrustFlags trust_flags,
[out] uint32 count,
[out,size_is(count)] netr_DomainTrust *trusts
);
[in] [switch_is(logon_level)] netr_LogonLevel logon,
[in] uint16 validation_level,
[out] [switch_is(validation_level)] netr_Validation validation,
- [out] uint32 authoritative,
+ [out] uint8 authoritative,
[in,out] uint32 flags
);