interface netlogon
{
+ declare bitmap samr_AcctFlags;
+
typedef [public] struct {
[value(strlen_m(r->string)*2)] uint16 size;
[value(r->size)] uint16 length;
/* in netr_AcctLockStr size seems to be be 24, and rrenard thinks
that the structure of the bindata looks like this:
- uint64 lockout_duration;
- uint64 reset_count;
+ dlong lockout_duration;
+ udlong reset_count;
uint32 bad_attempt_lockout;
uint32 dummy;
typedef struct {
uint16 size;
uint16 length;
- [size_is(size/2),length_is(length/2)] uint16 *bindata;
+ [size_is(size/2),length_is(length/2)] uint16 *bindata[];
} netr_AcctLockStr;
typedef struct {
typedef [flag(NDR_PAHEX)] struct {
uint16 length;
[value(r->length)] uint16 size;
- [size_is(size),length_is(length)] uint8 *data;
+ [size_is(size),length_is(length)] uint8 *data[];
} netr_ChallengeResponse;
typedef [flag(NDR_PAHEX)] struct {
netr_ChallengeResponse lm;
} netr_NetworkInfo;
- typedef union {
+ typedef [switch_type(uint16)] union {
[case(1)] netr_PasswordInfo *password;
[case(2)] netr_NetworkInfo *network;
[case(3)] netr_PasswordInfo *password;
uint32 rid;
uint32 primary_gid;
uint32 group_count;
- [size_is(group_count)] netr_GroupMembership *groupids;
+ [size_is(group_count)] netr_GroupMembership *groupids[];
uint32 user_flags;
netr_UserSessionKey key;
netr_String logon_server;
netr_String domain;
dom_sid2 *domain_sid;
netr_LMSessionKey LMSessKey;
- uint32 acct_flags;
+ samr_AcctFlags acct_flags;
uint32 unknown[7];
} netr_SamBaseInfo;
typedef [public] struct {
netr_SamBaseInfo base;
uint32 sidcount;
- [size_is(sidcount)] netr_SidAttr *sids;
+ [size_is(sidcount)] netr_SidAttr *sids[];
} netr_SamInfo3;
typedef struct {
netr_SamBaseInfo base;
uint32 sidcount;
- [size_is(sidcount)] netr_SidAttr *sids;
+ [size_is(sidcount)] netr_SidAttr *sids[];
netr_String forest;
netr_String principle;
uint32 unknown4[20];
typedef struct {
uint32 pac_size;
- [size_is(pac_size)] uint8 *pac;
+ [size_is(pac_size)] uint8 *pac[];
netr_String logon_domain;
netr_String logon_server;
netr_String principal_name;
uint32 auth_size;
- [size_is(auth_size)] uint8 *auth;
+ [size_is(auth_size)] uint8 *auth[];
netr_UserSessionKey user_session_key;
uint32 expansionroom[10];
netr_String unknown1;
netr_String unknown4;
} netr_PacInfo;
- typedef union {
+ typedef [switch_type(uint16)] union {
[case(2)] netr_SamInfo2 *sam2;
[case(3)] netr_SamInfo3 *sam3;
[case(4)] netr_PacInfo *pac;
[case(6)] netr_SamInfo6 *sam6;
} netr_Validation;
+ typedef [public, flag(NDR_PAHEX)] struct {
+ uint8 data[8];
+ } netr_Credential;
+
+ typedef [public] struct {
+ netr_Credential cred;
+ time_t timestamp;
+ } netr_Authenticator;
+
NTSTATUS netr_LogonSamLogon(
[in] unistr *server_name,
[in] unistr *workstation,
[in] [switch_is(logon_level)] netr_LogonLevel logon,
[in] uint16 validation_level,
[out] [switch_is(validation_level)] netr_Validation validation,
- [out] uint32 authoritative
+ [out] uint8 authoritative
);
/* secure channel types */
/* Only SEC_CHAN_WKSTA can forward requests to other domains. */
- const int SEC_CHAN_WKSTA = 2;
- const int SEC_CHAN_DOMAIN = 4;
- const int SEC_CHAN_BDC = 6;
+ typedef enum {
+ SEC_CHAN_WKSTA = 2,
+ SEC_CHAN_DOMAIN = 4,
+ SEC_CHAN_BDC = 6
+ } netr_SchannelType;
NTSTATUS netr_ServerAuthenticate(
[in] unistr *server_name,
[in] unistr account_name,
- [in] uint16 secure_channel_type,
+ [in] netr_SchannelType secure_channel_type,
[in] unistr computer_name,
[in,out,ref] netr_Credential *credentials
);
NTSTATUS netr_ServerPasswordSet(
[in] unistr *server_name,
[in] unistr account_name,
- [in] uint16 secure_channel_type,
+ [in] netr_SchannelType secure_channel_type,
[in] unistr computer_name,
[in] netr_Authenticator credential,
[in] samr_Password new_password,
/* Function 0x07 */
/* SAM database types */
- const int SAM_DATABASE_DOMAIN = 0x00; /* Domain users and groups */
- const int SAM_DATABASE_BUILTIN = 0x01; /* BUILTIN users and groups */
- const int SAM_DATABASE_PRIVS = 0x02; /* Privileges */
+ typedef [v1_enum] enum {
+ SAM_DATABASE_DOMAIN = 0, /* Domain users and groups */
+ SAM_DATABASE_BUILTIN = 1, /* BUILTIN users and groups */
+ SAM_DATABASE_PRIVS = 2 /* Privileges */
+ } netr_SamDatabaseID;
typedef struct {
unistr *account_name;
samr_Password pwd;
} netr_USER_KEY16;
+ typedef struct {
+ uint16 nt_length;
+ uint16 nt_size;
+ uint32 nt_flags;
+ uint16 lm_length;
+ uint16 lm_size;
+ uint32 lm_flags;
+ uint8 nt_history[nt_length];
+ uint8 lm_history[lm_length];
+ } netr_PasswordHistory;
+
typedef struct {
netr_USER_KEY16 lmpassword;
netr_USER_KEY16 ntpassword;
-
+ netr_PasswordHistory lmhistory;
} netr_USER_KEYS2;
typedef struct {
uint32 DataLength;
/* netr_USER_KEYS encrypted with the session key */
- [size_is(DataLength)][flag(NDR_PAHEX)] uint8 *SensitiveData;
+ [size_is(DataLength)][flag(NDR_PAHEX)] uint8 *SensitiveData[];
} netr_USER_PRIVATE_INFO;
typedef struct {
uint16 logon_count;
NTTIME last_password_change;
NTTIME acct_expiry;
- uint32 acct_flags;
+ samr_AcctFlags acct_flags;
samr_Password lmpassword;
samr_Password ntpassword;
bool8 nt_password_present;
uint16 min_password_length;
uint16 password_history_length;
/* yes, these are signed. They are in negative 100ns */
- int64 max_password_age;
- int64 min_password_age;
- uint64 sequence_num;
+ dlong max_password_age;
+ dlong min_password_age;
+ udlong sequence_num;
NTTIME domain_create_time;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
netr_String unknown2;
netr_String unknown3;
netr_String unknown4;
- uint32 unknown5;
+ uint32 logon_to_chgpass;
uint32 unknown6;
uint32 unknown7;
uint32 unknown8;
} netr_DELTA_RENAME;
typedef struct {
- [size_is(num_rids)] uint32 *rids;
- [size_is(num_rids)] uint32 *attribs;
+ [size_is(num_rids)] uint32 *rids[];
+ [size_is(num_rids)] uint32 *attribs[];
uint32 num_rids;
uint32 unknown1;
uint32 unknown2;
NTTIME auditretentionperiod;
bool8 auditingmode;
uint32 maxauditeventcount;
- [size_is(maxauditeventcount+1)] uint32 *eventauditoptions;
+ [size_is(maxauditeventcount+1)] uint32 *eventauditoptions[];
netr_String primary_domain_name;
dom_sid2 *sid;
netr_QUOTA_LIMITS quota_limits;
- uint64 sequence_num;
+ udlong sequence_num;
NTTIME db_create_time;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
typedef struct {
netr_String domain_name;
uint32 num_controllers;
- [size_is(num_controllers)] netr_String *controller_names;
+ [size_is(num_controllers)] netr_String *controller_names[];
uint32 SecurityInformation;
sec_desc_buf sdbuf;
netr_String unknown1;
netr_String unknown2;
netr_String unknown3;
netr_String unknown4;
- uint32 unknown5;
+ uint32 posix_offset;
uint32 unknown6;
uint32 unknown7;
uint32 unknown8;
typedef struct {
uint32 privilege_entries;
uint32 privilege_control;
- [size_is(privilege_entries)] uint32 *privilege_attrib;
- [size_is(privilege_entries)] netr_String *privilege_name;
+ [size_is(privilege_entries)] uint32 *privilege_attrib[];
+ [size_is(privilege_entries)] netr_String *privilege_name[];
netr_QUOTA_LIMITS quotalimits;
uint32 system_flags;
uint32 SecurityInformation;
typedef struct {
uint32 len;
uint32 maxlen;
- [size_is(maxlen)][length_is(len)] uint8 *cipher_data;
+ [size_is(maxlen)][length_is(len)] uint8 *cipher_data[];
} netr_CIPHER_VALUE;
typedef struct {
NETR_DELTA_MODIFY_COUNT = 22
} netr_DeltaEnum;
- typedef union {
+ typedef [switch_type(netr_DeltaEnum)] union {
[case(NETR_DELTA_DOMAIN)] netr_DELTA_DOMAIN *domain;
[case(NETR_DELTA_GROUP)] netr_DELTA_GROUP *group;
[case(NETR_DELTA_DELETE_GROUP)] ; /* rid only */
[case(NETR_DELTA_DELETE_SECRET)] netr_DELTA_DELETE_SECRET delete_secret;
[case(NETR_DELTA_DELETE_GROUP2)] netr_DELTA_DELETE_USER *delete_group;
[case(NETR_DELTA_DELETE_USER2)] netr_DELTA_DELETE_USER *delete_user;
- [case(NETR_DELTA_MODIFY_COUNT)] uint64 *modified_count;
+ [case(NETR_DELTA_MODIFY_COUNT)] udlong *modified_count;
} netr_DELTA_UNION;
- typedef union {
+ typedef [switch_type(netr_DeltaEnum)] union {
[case(NETR_DELTA_DOMAIN)] uint32 rid;
[case(NETR_DELTA_GROUP)] uint32 rid;
[case(NETR_DELTA_DELETE_GROUP)] uint32 rid;
} netr_DELTA_ID_UNION;
typedef struct {
- uint16 delta_type;
+ netr_DeltaEnum delta_type;
[switch_is(delta_type)] netr_DELTA_ID_UNION delta_id_union;
[switch_is(delta_type)] netr_DELTA_UNION delta_union;
} netr_DELTA_ENUM;
typedef struct {
uint32 num_deltas;
- [size_is(num_deltas)] netr_DELTA_ENUM *delta_enum;
+ [size_is(num_deltas)] netr_DELTA_ENUM *delta_enum[];
} netr_DELTA_ENUM_ARRAY;
[in] unistr computername,
[in] netr_Authenticator credential,
[in,out] netr_Authenticator return_authenticator,
- [in] uint32 database_id,
- [in,out] uint64 sequence_num,
+ [in] netr_SamDatabaseID database_id,
+ [in,out] udlong sequence_num,
[in] uint32 preferredmaximumlength,
[out] netr_DELTA_ENUM_ARRAY *delta_enum_array
);
[in] unistr computername,
[in] netr_Authenticator credential,
[in,out] netr_Authenticator return_authenticator,
- [in] uint32 database_id,
+ [in] netr_SamDatabaseID database_id,
[in,out] uint32 sync_context,
[in] uint32 preferredmaximumlength,
[out] netr_DELTA_ENUM_ARRAY *delta_enum_array
[out] unistr *dcname
);
-
-
/*****************/
/* Function 0x0C */
} netr_CONTROL_QUERY_INFORMATION;
/* function_code values */
- const int NETLOGON_CONTROL_REDISCOVER = 5;
- const int NETLOGON_CONTROL_TC_QUERY = 6;
- const int NETLOGON_CONTROL_TRANSPORT_NOTIFY = 7;
- const int NETLOGON_CONTROL_SET_DBFLAG = 65534;
+ typedef [v1_enum] enum {
+ NETLOGON_CONTROL_REDISCOVER = 5,
+ NETLOGON_CONTROL_TC_QUERY = 6,
+ NETLOGON_CONTROL_TRANSPORT_NOTIFY = 7,
+ NETLOGON_CONTROL_SET_DBFLAG = 65534
+ } netr_LogonControlCode;
WERROR netr_LogonControl(
[in] unistr *logon_server,
- [in] uint32 function_code,
+ [in] netr_LogonControlCode function_code,
[in] uint32 level,
[out,switch_is(level)] netr_CONTROL_QUERY_INFORMATION info
);
NTSTATUS netr_ServerAuthenticate2(
[in] unistr *server_name,
[in] unistr account_name,
- [in] uint16 secure_channel_type,
+ [in] netr_SchannelType secure_channel_type,
[in] unistr computer_name,
[in,out,ref] netr_Credential *credentials,
[in,out,ref] uint32 *negotiate_flags
[in] unistr computername,
[in] netr_Authenticator credential,
[in,out] netr_Authenticator return_authenticator,
- [in] uint32 database_id,
+ [in] netr_SamDatabaseID database_id,
[in] uint16 restart_state,
[in,out] uint32 sync_context,
[in] uint32 preferredmaximumlength,
[in] unistr computername,
[in] netr_Authenticator credential,
[in,out] netr_Authenticator return_authenticator,
- [in][size_is(change_log_entry_size)] uint8 *change_log_entry,
+ [in][size_is(change_log_entry_size)] uint8 *change_log_entry[],
[in] uint32 change_log_entry_size,
[out] netr_DELTA_ENUM_ARRAY *delta_enum_array
);
NTSTATUS netr_ServerAuthenticate3(
[in] unistr *server_name,
[in] unistr account_name,
- [in] uint16 secure_channel_type,
+ [in] netr_SchannelType secure_channel_type,
[in] unistr computer_name,
[in,out,ref] netr_Credential *credentials,
[in,out,ref] uint32 *negotiate_flags,
typedef struct {
uint32 length;
- [size_is(length)] uint8 *data;
+ [size_is(length)] uint8 *data[];
} netr_Blob;
typedef [flag(NDR_PAHEX)] struct {
uint16 length;
uint16 size;
- [size_is(size/2),length_is(length/2)] uint16 *data;
+ [size_is(size/2),length_is(length/2)] uint16 *data[];
} netr_BinaryString;
typedef struct {
unistr *unknown4;
netr_BinaryString blob2;
netr_String product;
- uint32 unknown5;
- unistr *unknown6;
- uint32 unknown7[6];
+ netr_String unknown5;
+ netr_String unknown6;
+ uint32 unknown7[4];
} netr_DomainQuery1;
typedef union {
typedef struct {
netr_DomainTrustInfo domaininfo;
uint32 num_trusts;
- [size_is(num_trusts)] netr_DomainTrustInfo *trusts;
+ [size_is(num_trusts)] netr_DomainTrustInfo *trusts[];
uint32 unknown[14]; /* room for expansion? */
} netr_DomainInfo1;
NTSTATUS netr_LogonGetDomainInfo(
[in] unistr server_name,
[in] unistr *computer_name,
- [in,out,ref] netr_Authenticator *credential,
- [in] uint32 unknown1,
- [in] uint32 i1[2],
+ [in,ref] netr_Authenticator *credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
[in] uint32 level,
[in,switch_is(level)] netr_DomainQuery query,
[out,switch_is(level)] netr_DomainInfo info
);
- /****************/
+ /*****************/
/* Function 0x1e */
- WERROR netr_NETRSERVERPASSWORDSET2();
+ NTSTATUS netr_ServerPasswordSet2(
+ [in] unistr *server_name,
+ [in] unistr account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] unistr computer_name,
+ [in] netr_Authenticator credential,
+ [in] samr_CryptPassword new_password,
+ [out] netr_Authenticator return_authenticator
+ );
/****************/
/* Function 0x1f */
/****************/
/* Function 0x22 */
- WERROR netr_DSRGETDCNAMEEX2();
+ typedef struct {
+ unistr *dc_unc;
+ unistr *dc_address;
+ int32 dc_address_type;
+ GUID domain_guid;
+ unistr *domain_name;
+ unistr *forest_name;
+ uint32 dc_flags;
+ unistr *dc_site_name;
+ unistr *client_site_name;
+ } netr_DrsGetDCNameEx2Info;
+
+ WERROR netr_DrsGetDCNameEx2(
+ [in] unistr *server_unc,
+ [in] unistr *client_account,
+ [in] uint32 mask,
+ [in] unistr *domain_name,
+ [in] GUID *domain_guid,
+ [in] unistr *site_name,
+ [in] uint32 flags,
+ [out] netr_DrsGetDCNameEx2Info *info
+ );
/****************/
/* Function 0x23 */
/****************/
/* Function 0x27 */
- WERROR netr_NETRLOGONSAMLOGONEX();
+ NTSTATUS netr_LogonSamLogonEx(
+ [in] unistr *server_name,
+ [in] unistr *workstation,
+ [in] uint16 logon_level,
+ [in] [switch_is(logon_level)] netr_LogonLevel logon,
+ [in] uint16 validation_level,
+ [out] [switch_is(validation_level)] netr_Validation validation,
+ [out] uint8 authoritative,
+ [in,out] uint32 flags
+ );
/****************/
/* Function 0x28 */
- const int NETR_TRUST_FLAG_IN_FOREST = 0x01;
- const int NETR_TRUST_FLAG_OUTBOUND = 0x02;
- const int NETR_TRUST_FLAG_TREEROOT = 0x04;
- const int NETR_TRUST_FLAG_PRIMARY = 0x08;
- const int NETR_TRUST_FLAG_NATIVE = 0x10;
- const int NETR_TRUST_FLAG_INBOUND = 0x20;
+ typedef [bitmap32bit] bitmap {
+ NETR_TRUST_FLAG_IN_FOREST = 0x00000001,
+ NETR_TRUST_FLAG_OUTBOUND = 0x00000002,
+ NETR_TRUST_FLAG_TREEROOT = 0x00000004,
+ NETR_TRUST_FLAG_PRIMARY = 0x00000008,
+ NETR_TRUST_FLAG_NATIVE = 0x00000010,
+ NETR_TRUST_FLAG_INBOUND = 0x00000020
+ } netr_TrustFlags;
+
+ typedef [v1_enum] enum {
+ NETR_TRUST_TYPE_DOWNLEVEL = 1,
+ NETR_TRUST_TYPE_UPLEVEL = 2,
+ NETR_TRUST_TYPE_MIT = 3,
+ NETR_TRUST_TYPE_DCE = 4
+ } netr_TrustType;
+
+ typedef [bitmap32bit] bitmap {
+ NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE = 0x00000001,
+ NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY = 0x00000002,
+ NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004,
+ NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE = 0x00000008,
+ NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010,
+ NETR_TRUST_ATTRIBUTE_WITHIN_FOREST = 0x00000020,
+ NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL = 0x00000040
+ } netr_TrustAttributes;
typedef struct {
- unistr *netbios_name;
- unistr *dns_name;
- uint32 trust_flags;
- uint32 parent_index;
- uint32 trust_type;
- uint32 trust_attributes;
- dom_sid2 *sid;
- GUID guid;
+ unistr *netbios_name;
+ unistr *dns_name;
+ netr_TrustFlags trust_flags;
+ uint32 parent_index;
+ netr_TrustType trust_type;
+ netr_TrustAttributes trust_attributes;
+ dom_sid2 *sid;
+ GUID guid;
} netr_DomainTrust;
WERROR netr_DsrEnumerateDomainTrusts(
[in] unistr *server_name,
- [in] uint32 trust_flags,
+ [in] netr_TrustFlags trust_flags,
[out] uint32 count,
- [out,size_is(count)] netr_DomainTrust *trusts
+ [out,size_is(count)] netr_DomainTrust *trusts[]
);
[in] [switch_is(logon_level)] netr_LogonLevel logon,
[in] uint16 validation_level,
[out] [switch_is(validation_level)] netr_Validation validation,
- [out] uint32 authoritative,
+ [out] uint8 authoritative,
[in,out] uint32 flags
);