#include "idl_types.h"
[
- uuid(12345678-1234-abcd-ef00-01234567cffb),
+ uuid("12345678-1234-abcd-ef00-01234567cffb"),
version(1.0),
- pointer_default(unique)
+ endpoint("ncacn_np:[\\pipe\\netlogon]","ncacn_ip_tcp:","ncalrpc:"),
+ pointer_default(unique),
+ depends(lsa,samr)
]
interface netlogon
{
+ declare bitmap samr_AcctFlags;
+ typedef [public] struct {
+ [value(strlen_m(r->string)*2)] uint16 size;
+ [value(r->size)] uint16 length;
+ unistr_noterm *string;
+ } netr_String;
+
/*****************/
/* Function 0x00 */
WERROR netr_LogonUasLogon(
[in] unistr *server_name,
- [in] unistr username,
+ [in] unistr account_name,
[in] unistr workstation,
[out] netr_UasInfo *info
);
WERROR netr_LogonUasLogoff(
[in] unistr *server_name,
- [in] unistr username,
+ [in] unistr account_name,
[in] unistr workstation,
[out] netr_UasLogoffInfo info
);
/*****************/
/* Function 0x02 */
- typedef [flag(NDR_PAHEX)] struct {
- uint8 data[8];
- } netr_Credential;
+ /* in netr_AcctLockStr size seems to be be 24, and rrenard thinks
+ that the structure of the bindata looks like this:
- typedef [flag(NDR_PAHEX)] struct {
- uint8 session_key[8];
- uint32 sequence;
- netr_Credential seed;
- netr_Credential client;
- netr_Credential server;
- } netr_CredentialState;
+ dlong lockout_duration;
+ udlong reset_count;
+ uint32 bad_attempt_lockout;
+ uint32 dummy;
+ but it doesn't look as though this structure is reflected at the
+ NDR level. Maybe it is left to the application to decode the bindata array.
+ */
typedef struct {
- [value(strlen_m(r->string)*2)] uint16 size;
- [value(r->size)] uint16 length;
- unistr_noterm *string;
- } netr_String;
+ uint16 size;
+ uint16 length;
+ [size_is(size/2),length_is(length/2)] uint16 *bindata[];
+ } netr_AcctLockStr;
typedef struct {
netr_String domain_name;
uint32 parameter_control;
uint32 logon_id_low;
uint32 logon_id_high;
- netr_String username;
+ netr_String account_name;
netr_String workstation;
} netr_IdentityInfo;
- typedef [flag(NDR_PAHEX)] struct {
- uint8 data[16];
- } netr_Password;
-
typedef struct {
netr_IdentityInfo identity_info;
- netr_Password lmpassword;
- netr_Password ntpassword;
+ samr_Password lmpassword;
+ samr_Password ntpassword;
} netr_PasswordInfo;
typedef [flag(NDR_PAHEX)] struct {
uint16 length;
[value(r->length)] uint16 size;
- [size_is(size),length_is(length)] uint8 *data;
+ [size_is(size),length_is(length)] uint8 *data[];
} netr_ChallengeResponse;
typedef [flag(NDR_PAHEX)] struct {
- netr_IdentityInfo logon_info;
+ netr_IdentityInfo identity_info;
uint8 challenge[8];
netr_ChallengeResponse nt;
netr_ChallengeResponse lm;
} netr_NetworkInfo;
- typedef union {
- [case(1)] netr_PasswordInfo *interactive;
+ typedef [switch_type(uint16)] union {
+ [case(1)] netr_PasswordInfo *password;
[case(2)] netr_NetworkInfo *network;
- [case(3)] netr_PasswordInfo *service;
+ [case(3)] netr_PasswordInfo *password;
+ [case(5)] netr_PasswordInfo *password;
+ [case(6)] netr_NetworkInfo *network;
} netr_LogonLevel;
- typedef struct {
- netr_Credential cred;
- time_t timestamp;
- } netr_Authenticator;
-
- typedef struct {
- uint32 user_id;
+ typedef [public] struct {
+ uint32 rid;
uint32 attributes;
} netr_GroupMembership;
- typedef [flag(NDR_PAHEX)] struct {
- uint8 user_session_key[16];
+ typedef [public,flag(NDR_PAHEX)] struct {
+ uint8 key[16];
} netr_UserSessionKey;
+ typedef [public,flag(NDR_PAHEX)] struct {
+ uint8 key[8];
+ } netr_LMSessionKey;
+
typedef struct {
- NTTIME logon_time;
- NTTIME logoff_time;
- NTTIME kickoff_time;
- NTTIME passwd_last_set;
- NTTIME passwd_can_change;
- NTTIME passwd_must_change;
+ NTTIME last_logon;
+ NTTIME last_logoff;
+ NTTIME acct_expiry;
+ NTTIME last_password_change;
+ NTTIME allow_password_change;
+ NTTIME force_password_change;
netr_String account_name;
netr_String full_name;
netr_String logon_script;
netr_String profile_path;
- netr_String home_dir;
+ netr_String home_directory;
netr_String home_drive;
uint16 logon_count;
- uint16 bad_passwd_count;
- uint32 userid;
- uint32 primary_group;
+ uint16 bad_password_count;
+ uint32 rid;
+ uint32 primary_gid;
uint32 group_count;
- [size_is(group_count)] netr_GroupMembership *groupids;
+ [size_is(group_count)] netr_GroupMembership *groupids[];
uint32 user_flags;
netr_UserSessionKey key;
netr_String logon_server;
netr_String domain;
dom_sid2 *domain_sid;
- uint32 expansionroom[10];
- } netr_SamInfo;
+ netr_LMSessionKey LMSessKey;
+ samr_AcctFlags acct_flags;
+ uint32 unknown[7];
+ } netr_SamBaseInfo;
+
+ typedef struct {
+ netr_SamBaseInfo base;
+ } netr_SamInfo2;
typedef struct {
dom_sid2 *sid;
uint32 attribute;
} netr_SidAttr;
+ typedef [public] struct {
+ netr_SamBaseInfo base;
+ uint32 sidcount;
+ [size_is(sidcount)] netr_SidAttr *sids[];
+ } netr_SamInfo3;
+
typedef struct {
- NTTIME logon_time;
- NTTIME logoff_time;
- NTTIME kickoff_time;
- NTTIME passwd_last_set;
- NTTIME passwd_can_change;
- NTTIME passwd_must_change;
- netr_String account_name;
- netr_String full_name;
- netr_String logon_script;
- netr_String profile_path;
- netr_String home_dir;
- netr_String home_drive;
- uint16 logon_count;
- uint16 bad_passwd_count;
- uint32 userid;
- uint32 primary_group;
- uint32 group_count;
- [size_is(group_count)] netr_GroupMembership *groupids;
- uint32 user_flags;
- netr_UserSessionKey key;
- netr_String logon_server;
- netr_String domain;
- dom_sid2 *domain_sid;
- uint32 expansionroom[10];
+ netr_SamBaseInfo base;
uint32 sidcount;
- [size_is(sidcount)] netr_SidAttr *sids;
- } netr_SamInfo2;
+ [size_is(sidcount)] netr_SidAttr *sids[];
+ netr_String forest;
+ netr_String principle;
+ uint32 unknown4[20];
+ } netr_SamInfo6;
typedef struct {
uint32 pac_size;
- [size_is(pac_size)] uint8 *pac;
+ [size_is(pac_size)] uint8 *pac[];
netr_String logon_domain;
netr_String logon_server;
netr_String principal_name;
uint32 auth_size;
- [size_is(auth_size)] uint8 *auth;
+ [size_is(auth_size)] uint8 *auth[];
netr_UserSessionKey user_session_key;
uint32 expansionroom[10];
netr_String unknown1;
netr_String unknown4;
} netr_PacInfo;
- typedef union {
- [case(2)] netr_SamInfo *sam;
- [case(3)] netr_SamInfo2 *sam2;
+ typedef [switch_type(uint16)] union {
+ [case(2)] netr_SamInfo2 *sam2;
+ [case(3)] netr_SamInfo3 *sam3;
[case(4)] netr_PacInfo *pac;
- [case(5)] netr_PacInfo *pac2;
+ [case(5)] netr_PacInfo *pac;
+ [case(6)] netr_SamInfo6 *sam6;
} netr_Validation;
+ typedef [public, flag(NDR_PAHEX)] struct {
+ uint8 data[8];
+ } netr_Credential;
+
+ typedef [public] struct {
+ netr_Credential cred;
+ time_t timestamp;
+ } netr_Authenticator;
+
NTSTATUS netr_LogonSamLogon(
[in] unistr *server_name,
[in] unistr *workstation,
[in] netr_Authenticator *credential,
- [in][out] netr_Authenticator *authenticator,
+ [in][out] netr_Authenticator *return_authenticator,
[in] uint16 logon_level,
[in] [switch_is(logon_level)] netr_LogonLevel logon,
[in] uint16 validation_level,
[out] [switch_is(validation_level)] netr_Validation validation,
- [out] uint32 authoritative
+ [out] uint8 authoritative
);
/* Function 0x04 */
NTSTATUS netr_ServerReqChallenge(
- [in] unistr *server_name,
- [in] unistr computer_name,
- [in][out] netr_Credential credentials
+ [in] unistr *server_name,
+ [in] unistr computer_name,
+ [in,out,ref] netr_Credential *credentials
);
/* Function 0x05 */
/* secure channel types */
- const int SEC_CHAN_WKSTA = 2;
- const int SEC_CHAN_DOMAIN = 4;
- const int SEC_CHAN_BDC = 6;
+ /* Only SEC_CHAN_WKSTA can forward requests to other domains. */
+
+ typedef enum {
+ SEC_CHAN_WKSTA = 2,
+ SEC_CHAN_DOMAIN = 4,
+ SEC_CHAN_BDC = 6
+ } netr_SchannelType;
NTSTATUS netr_ServerAuthenticate(
- [in] unistr *server_name,
- [in] unistr username,
- [in] uint16 secure_challenge_type,
- [in] unistr computer_name,
- [in,out] netr_Credential credentials
+ [in] unistr *server_name,
+ [in] unistr account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] unistr computer_name,
+ [in,out,ref] netr_Credential *credentials
);
NTSTATUS netr_ServerPasswordSet(
[in] unistr *server_name,
- [in] unistr username,
- [in] uint16 secure_challenge_type,
+ [in] unistr account_name,
+ [in] netr_SchannelType secure_channel_type,
[in] unistr computer_name,
[in] netr_Authenticator credential,
- [in] netr_Password new_password,
+ [in] samr_Password new_password,
[out] netr_Authenticator return_authenticator
);
/*****************/
/* Function 0x07 */
+ /* SAM database types */
+ typedef [v1_enum] enum {
+ SAM_DATABASE_DOMAIN = 0, /* Domain users and groups */
+ SAM_DATABASE_BUILTIN = 1, /* BUILTIN users and groups */
+ SAM_DATABASE_PRIVS = 2 /* Privileges */
+ } netr_SamDatabaseID;
+
typedef struct {
- unistr *username;
+ unistr *account_name;
netr_String unknown1;
netr_String unknown2;
netr_String unknown3;
uint32 unknown8;
} netr_DELTA_DELETE_USER;
+ typedef struct {
+ uint16 length;
+ [value(r->length)] uint16 size;
+ uint32 flags;
+ samr_Password pwd;
+ } netr_USER_KEY16;
+
+ typedef struct {
+ uint16 nt_length;
+ uint16 nt_size;
+ uint32 nt_flags;
+ uint16 lm_length;
+ uint16 lm_size;
+ uint32 lm_flags;
+ uint8 nt_history[nt_length];
+ uint8 lm_history[lm_length];
+ } netr_PasswordHistory;
+
+ typedef struct {
+ netr_USER_KEY16 lmpassword;
+ netr_USER_KEY16 ntpassword;
+ netr_PasswordHistory lmhistory;
+ } netr_USER_KEYS2;
+
+ typedef struct {
+ netr_USER_KEYS2 keys2;
+ } netr_USER_KEY_UNION;
+
+ typedef [public] struct {
+ uint32 version;
+ netr_USER_KEY_UNION keys;
+ } netr_USER_KEYS;
+
typedef struct {
bool8 SensitiveDataFlag;
uint32 DataLength;
- [size_is(DataLength)] uint8 *SensitiveData;
+
+ /* netr_USER_KEYS encrypted with the session key */
+ [size_is(DataLength)][flag(NDR_PAHEX)] uint8 *SensitiveData[];
} netr_USER_PRIVATE_INFO;
typedef struct {
netr_String account_name;
netr_String full_name;
uint32 rid;
- uint32 primary_group;
- netr_String home_dir;
+ uint32 primary_gid;
+ netr_String home_directory;
netr_String home_drive;
netr_String logon_script;
netr_String description;
netr_String workstations;
- NTTIME LastLogon;
- NTTIME LastLogoff;
+ NTTIME last_logon;
+ NTTIME last_logoff;
samr_LogonHours logon_hours;
- uint16 bad_pw_count;
+ uint16 bad_password_count;
uint16 logon_count;
- NTTIME PwLastSet;
- NTTIME AccountExpires;
- uint32 AccountControl;
- netr_Password lmpw;
- netr_Password ntpw;
- bool8 NTPwPresent;
- bool8 LMPwPresent;
- bool8 PwExpired;
- netr_String UserComment;
- netr_String Parameters;
- uint16 CountryCode;
- uint16 CodePage;
+ NTTIME last_password_change;
+ NTTIME acct_expiry;
+ samr_AcctFlags acct_flags;
+ samr_Password lmpassword;
+ samr_Password ntpassword;
+ bool8 nt_password_present;
+ bool8 lm_password_present;
+ bool8 password_expired;
+ netr_String comment;
+ netr_String parameters;
+ uint16 country_code;
+ uint16 code_page;
netr_USER_PRIVATE_INFO user_private_info;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
} netr_DELTA_USER;
typedef struct {
- netr_String DomainName;
- netr_String OEMInfo;
- NTTIME forcedlogoff;
- uint16 minpasswdlen;
- uint16 passwdhistorylen;
- ULONG8 pwd_must_change_time;
- ULONG8 pwd_can_change_time;
- ULONG8 sequence_num;
+ netr_String domain_name;
+ netr_String comment;
+ NTTIME force_logoff_time;
+ uint16 min_password_length;
+ uint16 password_history_length;
+ /* yes, these are signed. They are in negative 100ns */
+ dlong max_password_age;
+ dlong min_password_age;
+ udlong sequence_num;
NTTIME domain_create_time;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
- netr_String unknown1;
+ netr_AcctLockStr account_lockout;
netr_String unknown2;
netr_String unknown3;
netr_String unknown4;
- uint32 unknown5;
+ uint32 logon_to_chgpass;
uint32 unknown6;
uint32 unknown7;
uint32 unknown8;
} netr_DELTA_DOMAIN;
typedef struct {
- netr_String groupname;
- netr_GroupMembership group_membership;
- netr_String comment;
+ netr_String group_name;
+ uint32 rid;
+ uint32 attributes;
+ netr_String description;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
netr_String unknown1;
} netr_DELTA_RENAME;
typedef struct {
- [size_is(num_rids)] uint32 *rids;
- [size_is(num_rids)] uint32 *attribs;
+ [size_is(num_rids)] uint32 *rids[];
+ [size_is(num_rids)] uint32 *attribs[];
uint32 num_rids;
uint32 unknown1;
uint32 unknown2;
uint32 rid;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
- netr_String unknown1;
+ netr_String description;
netr_String unknown2;
netr_String unknown3;
netr_String unknown4;
NTTIME auditretentionperiod;
bool8 auditingmode;
uint32 maxauditeventcount;
- [size_is(maxauditeventcount+1)] uint32 *eventauditoptions;
- netr_String primarydomainname;
+ [size_is(maxauditeventcount+1)] uint32 *eventauditoptions[];
+ netr_String primary_domain_name;
dom_sid2 *sid;
netr_QUOTA_LIMITS quota_limits;
- NTTIME db_modify_time;
+ udlong sequence_num;
NTTIME db_create_time;
uint32 SecurityInformation;
sec_desc_buf sdbuf;
} netr_DELTA_POLICY;
typedef struct {
- netr_String DomainName;
+ netr_String domain_name;
uint32 num_controllers;
- [size_is(num_controllers)] netr_String *controller_names;
+ [size_is(num_controllers)] netr_String *controller_names[];
uint32 SecurityInformation;
sec_desc_buf sdbuf;
netr_String unknown1;
netr_String unknown2;
netr_String unknown3;
netr_String unknown4;
- uint32 unknown5;
+ uint32 posix_offset;
uint32 unknown6;
uint32 unknown7;
uint32 unknown8;
- } netr_DELTA_TRUSTED_DOMAINS;
+ } netr_DELTA_TRUSTED_DOMAIN;
+
+ typedef struct {
+ uint16 unknown;
+ } netr_DELTA_DELETE_TRUST;
typedef struct {
uint32 privilege_entries;
uint32 privilege_control;
- [size_is(privilege_entries)] uint32 *privilege_attrib;
- [size_is(privilege_entries)] netr_String *privilege_name;
+ [size_is(privilege_entries)] uint32 *privilege_attrib[];
+ [size_is(privilege_entries)] netr_String *privilege_name[];
netr_QUOTA_LIMITS quotalimits;
uint32 system_flags;
uint32 SecurityInformation;
uint32 unknown6;
uint32 unknown7;
uint32 unknown8;
- } netr_DELTA_ACCOUNTS;
+ } netr_DELTA_ACCOUNT;
+
+ typedef struct {
+ uint16 unknown;
+ } netr_DELTA_DELETE_ACCOUNT;
+
+ typedef struct {
+ uint16 unknown;
+ } netr_DELTA_DELETE_SECRET;
typedef struct {
uint32 len;
uint32 maxlen;
- [size_is(maxlen)][length_is(len)] uint8 *cipher_data;
+ [size_is(maxlen)][length_is(len)] uint8 *cipher_data[];
} netr_CIPHER_VALUE;
typedef struct {
uint32 unknown8;
} netr_DELTA_SECRET;
- typedef union {
- [case(1)] netr_DELTA_DOMAIN *domain;
- [case(2)] netr_DELTA_GROUP *group;
- [case(4)] netr_DELTA_RENAME *rename_group;
- [case(5)] netr_DELTA_USER *user;
- [case(7)] netr_DELTA_RENAME *rename_user;
- [case(8)] netr_DELTA_GROUP_MEMBER *group_member;
- [case(9)] netr_DELTA_ALIAS *alias;
- [case(11)] netr_DELTA_RENAME *rename_alias;
- [case(12)] netr_DELTA_ALIAS_MEMBER *alias_member;
- [case(13)] netr_DELTA_POLICY *policy;
- [case(14)] netr_DELTA_TRUSTED_DOMAINS *trusted_domains;
- [case(16)] netr_DELTA_ACCOUNTS *accounts;
- [case(18)] netr_DELTA_SECRET *secret;
- [case(20)] netr_DELTA_DELETE_USER *delete_group;
- [case(21)] netr_DELTA_DELETE_USER *delete_user;
- [case(22)] ULONG8 *modified_count;
+ typedef enum {
+ NETR_DELTA_DOMAIN = 1,
+ NETR_DELTA_GROUP = 2,
+ NETR_DELTA_DELETE_GROUP = 3,
+ NETR_DELTA_RENAME_GROUP = 4,
+ NETR_DELTA_USER = 5,
+ NETR_DELTA_DELETE_USER = 6,
+ NETR_DELTA_RENAME_USER = 7,
+ NETR_DELTA_GROUP_MEMBER = 8,
+ NETR_DELTA_ALIAS = 9,
+ NETR_DELTA_DELETE_ALIAS = 10,
+ NETR_DELTA_RENAME_ALIAS = 11,
+ NETR_DELTA_ALIAS_MEMBER = 12,
+ NETR_DELTA_POLICY = 13,
+ NETR_DELTA_TRUSTED_DOMAIN = 14,
+ NETR_DELTA_DELETE_TRUST = 15,
+ NETR_DELTA_ACCOUNT = 16,
+ NETR_DELTA_DELETE_ACCOUNT = 17,
+ NETR_DELTA_SECRET = 18,
+ NETR_DELTA_DELETE_SECRET = 19,
+ NETR_DELTA_DELETE_GROUP2 = 20,
+ NETR_DELTA_DELETE_USER2 = 21,
+ NETR_DELTA_MODIFY_COUNT = 22
+ } netr_DeltaEnum;
+
+ typedef [switch_type(netr_DeltaEnum)] union {
+ [case(NETR_DELTA_DOMAIN)] netr_DELTA_DOMAIN *domain;
+ [case(NETR_DELTA_GROUP)] netr_DELTA_GROUP *group;
+ [case(NETR_DELTA_DELETE_GROUP)] ; /* rid only */
+ [case(NETR_DELTA_RENAME_GROUP)] netr_DELTA_RENAME *rename_group;
+ [case(NETR_DELTA_USER)] netr_DELTA_USER *user;
+ [case(NETR_DELTA_DELETE_USER)] ; /* rid only */
+ [case(NETR_DELTA_RENAME_USER)] netr_DELTA_RENAME *rename_user;
+ [case(NETR_DELTA_GROUP_MEMBER)] netr_DELTA_GROUP_MEMBER *group_member;
+ [case(NETR_DELTA_ALIAS)] netr_DELTA_ALIAS *alias;
+ [case(NETR_DELTA_DELETE_ALIAS)] ; /* rid only */
+ [case(NETR_DELTA_RENAME_ALIAS)] netr_DELTA_RENAME *rename_alias;
+ [case(NETR_DELTA_ALIAS_MEMBER)] netr_DELTA_ALIAS_MEMBER *alias_member;
+ [case(NETR_DELTA_POLICY)] netr_DELTA_POLICY *policy;
+ [case(NETR_DELTA_TRUSTED_DOMAIN)] netr_DELTA_TRUSTED_DOMAIN *trusted_domain;
+ [case(NETR_DELTA_DELETE_TRUST)] netr_DELTA_DELETE_TRUST delete_trust;
+ [case(NETR_DELTA_ACCOUNT)] netr_DELTA_ACCOUNT *account;
+ [case(NETR_DELTA_DELETE_ACCOUNT)] netr_DELTA_DELETE_ACCOUNT delete_account;
+ [case(NETR_DELTA_SECRET)] netr_DELTA_SECRET *secret;
+ [case(NETR_DELTA_DELETE_SECRET)] netr_DELTA_DELETE_SECRET delete_secret;
+ [case(NETR_DELTA_DELETE_GROUP2)] netr_DELTA_DELETE_USER *delete_group;
+ [case(NETR_DELTA_DELETE_USER2)] netr_DELTA_DELETE_USER *delete_user;
+ [case(NETR_DELTA_MODIFY_COUNT)] udlong *modified_count;
} netr_DELTA_UNION;
- typedef union {
- [case(1)] uint32 rid;
- [case(2)] uint32 rid;
- [case(3)] uint32 rid;
- [case(4)] uint32 rid;
- [case(5)] uint32 rid;
- [case(6)] uint32 rid;
- [case(7)] uint32 rid;
- [case(8)] uint32 rid;
- [case(9)] uint32 rid;
- [case(10)] uint32 rid;
- [case(11)] uint32 rid;
- [case(12)] uint32 rid;
- [case(13)] dom_sid2 *sid;
- [case(14)] dom_sid2 *sid;
- [case(15)] dom_sid2 *sid;
- [case(16)] dom_sid2 *sid;
- [case(17)] dom_sid2 *sid;
- [case(18)] unistr *Name;
- [case(19)] unistr *Name;
- [case(20)] uint32 rid;
- [case(21)] uint32 rid;
+ typedef [switch_type(netr_DeltaEnum)] union {
+ [case(NETR_DELTA_DOMAIN)] uint32 rid;
+ [case(NETR_DELTA_GROUP)] uint32 rid;
+ [case(NETR_DELTA_DELETE_GROUP)] uint32 rid;
+ [case(NETR_DELTA_RENAME_GROUP)] uint32 rid;
+ [case(NETR_DELTA_USER)] uint32 rid;
+ [case(NETR_DELTA_DELETE_USER)] uint32 rid;
+ [case(NETR_DELTA_RENAME_USER)] uint32 rid;
+ [case(NETR_DELTA_GROUP_MEMBER)] uint32 rid;
+ [case(NETR_DELTA_ALIAS)] uint32 rid;
+ [case(NETR_DELTA_DELETE_ALIAS)] uint32 rid;
+ [case(NETR_DELTA_RENAME_ALIAS)] uint32 rid;
+ [case(NETR_DELTA_ALIAS_MEMBER)] uint32 rid;
+ [case(NETR_DELTA_POLICY)] dom_sid2 *sid;
+ [case(NETR_DELTA_TRUSTED_DOMAIN)] dom_sid2 *sid;
+ [case(NETR_DELTA_DELETE_TRUST)] dom_sid2 *sid;
+ [case(NETR_DELTA_ACCOUNT)] dom_sid2 *sid;
+ [case(NETR_DELTA_DELETE_ACCOUNT)] dom_sid2 *sid;
+ [case(NETR_DELTA_SECRET)] unistr *name;
+ [case(NETR_DELTA_DELETE_SECRET)] unistr *name;
+ [case(NETR_DELTA_DELETE_GROUP2)] uint32 rid;
+ [case(NETR_DELTA_DELETE_USER2)] uint32 rid;
+ [case(NETR_DELTA_MODIFY_COUNT)] ;
} netr_DELTA_ID_UNION;
typedef struct {
- uint16 delta_type;
+ netr_DeltaEnum delta_type;
[switch_is(delta_type)] netr_DELTA_ID_UNION delta_id_union;
[switch_is(delta_type)] netr_DELTA_UNION delta_union;
} netr_DELTA_ENUM;
typedef struct {
uint32 num_deltas;
- [size_is(num_deltas)] netr_DELTA_ENUM *delta_enum;
+ [size_is(num_deltas)] netr_DELTA_ENUM *delta_enum[];
} netr_DELTA_ENUM_ARRAY;
[in] unistr computername,
[in] netr_Authenticator credential,
[in,out] netr_Authenticator return_authenticator,
- [in] uint32 database_id,
- [in,out] ULONG8 sequence_num,
+ [in] netr_SamDatabaseID database_id,
+ [in,out] udlong sequence_num,
[in] uint32 preferredmaximumlength,
[out] netr_DELTA_ENUM_ARRAY *delta_enum_array
);
[in] unistr computername,
[in] netr_Authenticator credential,
[in,out] netr_Authenticator return_authenticator,
- [in] uint32 database_id,
+ [in] netr_SamDatabaseID database_id,
[in,out] uint32 sync_context,
[in] uint32 preferredmaximumlength,
[out] netr_DELTA_ENUM_ARRAY *delta_enum_array
[out] unistr *dcname
);
-
-
/*****************/
/* Function 0x0C */
[case(3)] netr_NETLOGON_INFO_3 *info3;
} netr_CONTROL_QUERY_INFORMATION;
+ /* function_code values */
+ typedef [v1_enum] enum {
+ NETLOGON_CONTROL_REDISCOVER = 5,
+ NETLOGON_CONTROL_TC_QUERY = 6,
+ NETLOGON_CONTROL_TRANSPORT_NOTIFY = 7,
+ NETLOGON_CONTROL_SET_DBFLAG = 65534
+ } netr_LogonControlCode;
+
WERROR netr_LogonControl(
[in] unistr *logon_server,
- [in] uint32 function_code,
+ [in] netr_LogonControlCode function_code,
[in] uint32 level,
[out,switch_is(level)] netr_CONTROL_QUERY_INFORMATION info
);
[out] unistr *dcname
);
-#if 0
-
- typedef [switch_type(long)] union {
- [case(5)] unistr *unknown;
- [case(6)] unistr *unknown;
- [case(0xfffe)] uint32 unknown;
- [case(7)] unistry*unknown;
- } CONTROL_DATA_INFORMATION;
-
/*****************/
/* Function 0x0E */
- NTSTATUS netr_LogonControl2(
- [in][string] wchar_t *logon_server,
- [in] uint32 function_code,
- [in] uint32 level,
- [in][ref] CONTROL_DATA_INFORMATION *data,
- [out][ref] CONTROL_QUERY_INFORMATION *query
+ typedef union {
+ [case(NETLOGON_CONTROL_REDISCOVER)] unistr *domain;
+ [case(NETLOGON_CONTROL_TC_QUERY)] unistr *domain;
+ [case(NETLOGON_CONTROL_TRANSPORT_NOTIFY)] unistr *domain;
+ [case(NETLOGON_CONTROL_SET_DBFLAG)] uint32 debug_level;
+ } netr_CONTROL_DATA_INFORMATION;
+
+ WERROR netr_LogonControl2(
+ [in] unistr *logon_server,
+ [in] uint32 function_code,
+ [in] uint32 level,
+ [in][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION data,
+ [out][switch_is(level)] netr_CONTROL_QUERY_INFORMATION query
);
+ /* If this flag is not set, then the passwords and LM session keys are
+ * encrypted with DES calls. (And the user session key is
+ * unencrypted) */
+ const int NETLOGON_NEG_ARCFOUR = 0x00000004;
+ const int NETLOGON_NEG_128BIT = 0x00004000;
+ const int NETLOGON_NEG_SCHANNEL = 0x40000000;
+
/*****************/
/* Function 0x0F */
NTSTATUS netr_ServerAuthenticate2(
- [in][string] wchar_t *logon_server,
- [in] unistr username,
- [in] uint16 secure_channel_type,
- [in] unistr computername,
- [in][ref] CREDENTIAL *client_chal,
- [out][ref] CREDENTIAL *server_chal,
- [in][out][ref] uint32 *negotiate_flags,
+ [in] unistr *server_name,
+ [in] unistr account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] unistr computer_name,
+ [in,out,ref] netr_Credential *credentials,
+ [in,out,ref] uint32 *negotiate_flags
);
/* Function 0x10 */
NTSTATUS netr_DatabaseSync2(
- [in][string][ref] wchar_t *logon_server, # REF!!!
- [in][string][ref] wchar_t *computername,
- [in][ref] AUTHENTICATOR credential,
- [in][out][ref] AUTHENTICATOR return_authenticator,
- [in] uint32 database_id,
- [in] uint16 restart_state,
- [in][out][ref] uint32 *sync_context,
- [in] uint32 preferredmaximumlength,
- [out] netr_DELTA_ENUM_ARRAY *delta_enum_array
+ [in] unistr logon_server,
+ [in] unistr computername,
+ [in] netr_Authenticator credential,
+ [in,out] netr_Authenticator return_authenticator,
+ [in] netr_SamDatabaseID database_id,
+ [in] uint16 restart_state,
+ [in,out] uint32 sync_context,
+ [in] uint32 preferredmaximumlength,
+ [out] netr_DELTA_ENUM_ARRAY *delta_enum_array
);
/*****************/
/* Function 0x11 */
+ /* i'm not at all sure how this call works */
+
NTSTATUS netr_DatabaseRedo(
- [in][string][ref] wchar_t *logon_server, # REF!!!
- [in][string][ref] wchar_t *computername,
- [in][ref] netr_Authenticator credential,
- [in][out][ref] netr_Authenticator return_authenticator,
- [in][ref][size_is(change_log_entry_size)] uint8 *change_log_entry,
- [in] uint32 change_log_entry_size,
- [out] netr_DELTA_ENUM_ARRAY *delta_enum_array
+ [in] unistr logon_server,
+ [in] unistr computername,
+ [in] netr_Authenticator credential,
+ [in,out] netr_Authenticator return_authenticator,
+ [in][size_is(change_log_entry_size)] uint8 *change_log_entry[],
+ [in] uint32 change_log_entry_size,
+ [out] netr_DELTA_ENUM_ARRAY *delta_enum_array
);
/*****************/
/* Function 0x12 */
- NTSTATUS netr_LogonControl2Ex(
- [in][string] wchar_t *logon_server,
- [in] uint32 function_code,
- [in] uint32 level,
- [in][ref] CONTROL_DATA_INFORMATION *data,
- [out][ref] CONTROL_QUERY_INFORMATION *query
+ WERROR netr_LogonControl2Ex(
+ [in] unistr *logon_server,
+ [in] uint32 function_code,
+ [in] uint32 level,
+ [in][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION data,
+ [out][switch_is(level)] netr_CONTROL_QUERY_INFORMATION query
+ );
+
+ /*****************/
+ /* Function 0x13 */
+ WERROR netr_NETRENUMERATETRUSTEDDOMAINS() ;
+
+ /*****************/
+ /* Function 0x14 */
+ WERROR netr_DSRGETDCNAME() ;
+
+ /*****************/
+ /* Function 0x15 */
+ WERROR netr_NETRLOGONDUMMYROUTINE1();
+
+ /****************/
+ /* Function 0x16 */
+ WERROR netr_NETRLOGONSETSERVICEBITS();
+
+ /****************/
+ /* Function 0x17 */
+ WERROR netr_NETRLOGONGETTRUSTRID();
+
+ /****************/
+ /* Function 0x18 */
+ WERROR netr_NETRLOGONCOMPUTESERVERDIGEST();
+
+ /****************/
+ /* Function 0x19 */
+ WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST();
+
+ /****************/
+ /* Function 0x1a */
+ NTSTATUS netr_ServerAuthenticate3(
+ [in] unistr *server_name,
+ [in] unistr account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] unistr computer_name,
+ [in,out,ref] netr_Credential *credentials,
+ [in,out,ref] uint32 *negotiate_flags,
+ [out,ref] uint32 *rid
+ );
+
+ /****************/
+ /* Function 0x1b */
+ WERROR netr_DSRGETDCNAMEX();
+
+ /****************/
+ /* Function 0x1c */
+ WERROR netr_DSRGETSITENAME();
+
+ /****************/
+ /* Function 0x1d */
+
+ typedef struct {
+ uint32 length;
+ [size_is(length)] uint8 *data[];
+ } netr_Blob;
+
+ typedef [flag(NDR_PAHEX)] struct {
+ uint16 length;
+ uint16 size;
+ [size_is(size/2),length_is(length/2)] uint16 *data[];
+ } netr_BinaryString;
+
+ typedef struct {
+ netr_Blob blob;
+ unistr *workstation_domain;
+ unistr *workstation_site;
+ unistr *unknown1;
+ unistr *unknown2;
+ unistr *unknown3;
+ unistr *unknown4;
+ netr_BinaryString blob2;
+ netr_String product;
+ netr_String unknown5;
+ netr_String unknown6;
+ uint32 unknown7[4];
+ } netr_DomainQuery1;
+
+ typedef union {
+ [case(1)] netr_DomainQuery1 *query1;
+ [case(2)] netr_DomainQuery1 *query1;
+ } netr_DomainQuery;
+
+ typedef struct {
+ netr_String domainname;
+ netr_String fulldomainname;
+ netr_String forest;
+ GUID guid;
+ dom_sid2 *sid;
+ netr_BinaryString unknown1[4];
+ uint32 unknown[4];
+ } netr_DomainTrustInfo;
+
+ typedef struct {
+ netr_DomainTrustInfo domaininfo;
+ uint32 num_trusts;
+ [size_is(num_trusts)] netr_DomainTrustInfo *trusts[];
+ uint32 unknown[14]; /* room for expansion? */
+ } netr_DomainInfo1;
+
+ typedef union {
+ [case(1)] netr_DomainInfo1 *info1;
+ [case(2)] netr_DomainInfo1 *info1;
+ } netr_DomainInfo;
+
+ NTSTATUS netr_LogonGetDomainInfo(
+ [in] unistr server_name,
+ [in] unistr *computer_name,
+ [in,ref] netr_Authenticator *credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
+ [in] uint32 level,
+ [in,switch_is(level)] netr_DomainQuery query,
+ [out,switch_is(level)] netr_DomainInfo info
);
-#endif
+
+ /*****************/
+ /* Function 0x1e */
+ NTSTATUS netr_ServerPasswordSet2(
+ [in] unistr *server_name,
+ [in] unistr account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] unistr computer_name,
+ [in] netr_Authenticator credential,
+ [in] samr_CryptPassword new_password,
+ [out] netr_Authenticator return_authenticator
+ );
+
+ /****************/
+ /* Function 0x1f */
+ WERROR netr_NETRSERVERPASSWORDGET();
+
+ /****************/
+ /* Function 0x20 */
+ WERROR netr_NETRLOGONSENDTOSAM();
+
+ /****************/
+ /* Function 0x21 */
+ WERROR netr_DSRADDRESSTOSITENAMESW();
+
+ /****************/
+ /* Function 0x22 */
+ typedef struct {
+ unistr *dc_unc;
+ unistr *dc_address;
+ int32 dc_address_type;
+ GUID domain_guid;
+ unistr *domain_name;
+ unistr *forest_name;
+ uint32 dc_flags;
+ unistr *dc_site_name;
+ unistr *client_site_name;
+ } netr_DrsGetDCNameEx2Info;
+
+ WERROR netr_DrsGetDCNameEx2(
+ [in] unistr *server_unc,
+ [in] unistr *client_account,
+ [in] uint32 mask,
+ [in] unistr *domain_name,
+ [in] GUID *domain_guid,
+ [in] unistr *site_name,
+ [in] uint32 flags,
+ [out] netr_DrsGetDCNameEx2Info *info
+ );
+
+ /****************/
+ /* Function 0x23 */
+ WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN();
+
+ /****************/
+ /* Function 0x24 */
+ WERROR netr_NETRENUMERATETRUSTEDDOMAINSEX();
+
+ /****************/
+ /* Function 0x25 */
+ WERROR netr_DSRADDRESSTOSITENAMESEXW();
+
+ /****************/
+ /* Function 0x26 */
+ WERROR netr_DSRGETDCSITECOVERAGEW();
+
+ /****************/
+ /* Function 0x27 */
+ NTSTATUS netr_LogonSamLogonEx(
+ [in] unistr *server_name,
+ [in] unistr *workstation,
+ [in] uint16 logon_level,
+ [in] [switch_is(logon_level)] netr_LogonLevel logon,
+ [in] uint16 validation_level,
+ [out] [switch_is(validation_level)] netr_Validation validation,
+ [out] uint8 authoritative,
+ [in,out] uint32 flags
+ );
+
+ /****************/
+ /* Function 0x28 */
+
+ typedef [bitmap32bit] bitmap {
+ NETR_TRUST_FLAG_IN_FOREST = 0x00000001,
+ NETR_TRUST_FLAG_OUTBOUND = 0x00000002,
+ NETR_TRUST_FLAG_TREEROOT = 0x00000004,
+ NETR_TRUST_FLAG_PRIMARY = 0x00000008,
+ NETR_TRUST_FLAG_NATIVE = 0x00000010,
+ NETR_TRUST_FLAG_INBOUND = 0x00000020
+ } netr_TrustFlags;
+
+ typedef [v1_enum] enum {
+ NETR_TRUST_TYPE_DOWNLEVEL = 1,
+ NETR_TRUST_TYPE_UPLEVEL = 2,
+ NETR_TRUST_TYPE_MIT = 3,
+ NETR_TRUST_TYPE_DCE = 4
+ } netr_TrustType;
+
+ typedef [bitmap32bit] bitmap {
+ NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE = 0x00000001,
+ NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY = 0x00000002,
+ NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004,
+ NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE = 0x00000008,
+ NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010,
+ NETR_TRUST_ATTRIBUTE_WITHIN_FOREST = 0x00000020,
+ NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL = 0x00000040
+ } netr_TrustAttributes;
+
+ typedef struct {
+ unistr *netbios_name;
+ unistr *dns_name;
+ netr_TrustFlags trust_flags;
+ uint32 parent_index;
+ netr_TrustType trust_type;
+ netr_TrustAttributes trust_attributes;
+ dom_sid2 *sid;
+ GUID guid;
+ } netr_DomainTrust;
+
+ WERROR netr_DsrEnumerateDomainTrusts(
+ [in] unistr *server_name,
+ [in] netr_TrustFlags trust_flags,
+ [out] uint32 count,
+ [out,size_is(count)] netr_DomainTrust *trusts[]
+ );
+
+
+ /****************/
+ /* Function 0x29 */
+ WERROR netr_DSRDEREGISTERDNSHOSTRECORDS();
+
+ /****************/
+ /* Function 0x2a */
+ WERROR netr_NETRSERVERTRUSTPASSWORDSGET();
+
+ /****************/
+ /* Function 0x2b */
+ WERROR netr_DSRGETFORESTTRUSTINFORMATION();
+
+ /****************/
+ /* Function 0x2c */
+ WERROR netr_NETRGETFORESTTRUSTINFORMATION();
+
+ /****************/
+ /* Function 0x2d */
+
+ /* this is the ADS varient. I don't yet know what the "flags" are for */
+ NTSTATUS netr_LogonSamLogonWithFlags(
+ [in] unistr *server_name,
+ [in] unistr *workstation,
+ [in] netr_Authenticator *credential,
+ [in][out] netr_Authenticator *return_authenticator,
+ [in] uint16 logon_level,
+ [in] [switch_is(logon_level)] netr_LogonLevel logon,
+ [in] uint16 validation_level,
+ [out] [switch_is(validation_level)] netr_Validation validation,
+ [out] uint8 authoritative,
+ [in,out] uint32 flags
+ );
+
+ /****************/
+ /* Function 0x2e */
+ WERROR netr_NETRSERVERGETTRUSTINFO();
}