Thanks to Todd Sabin for some information from his samr.idl in acltools
*/
-[ uuid(12345778-1234-abcd-ef00-0123456789ac),
+[ uuid("12345778-1234-abcd-ef00-0123456789ac"),
version(1.0),
- pointer_default(unique)
+ endpoint("ncacn_np:[\\pipe\\samr]","ncacn_ip_tcp:", "ncalrpc:"),
+ pointer_default(unique),
+ depends(lsa,security)
] interface samr
{
+ /* account control (acct_flags) bits */
+ typedef [public] bitmap {
+ ACB_DISABLED = 0x00000001, /* 1 = User account disabled */
+ ACB_HOMDIRREQ = 0x00000002, /* 1 = Home directory required */
+ ACB_PWNOTREQ = 0x00000004, /* 1 = User password not required */
+ ACB_TEMPDUP = 0x00000008, /* 1 = Temporary duplicate account */
+ ACB_NORMAL = 0x00000010, /* 1 = Normal user account */
+ ACB_MNS = 0x00000020, /* 1 = MNS logon user account */
+ ACB_DOMTRUST = 0x00000040, /* 1 = Interdomain trust account */
+ ACB_WSTRUST = 0x00000080, /* 1 = Workstation trust account */
+ ACB_SVRTRUST = 0x00000100, /* 1 = Server trust account */
+ ACB_PWNOEXP = 0x00000200, /* 1 = User password does not expire */
+ ACB_AUTOLOCK = 0x00000400 /* 1 = Account auto locked */
+ } samr_AcctFlags;
+
/******************/
/* Function: 0x00 */
NTSTATUS samr_Connect (
/* notice the lack of [string] */
[in] uint16 *system_name,
[in] uint32 access_mask,
- [out,ref] policy_handle *handle
+ [out,ref] policy_handle *connect_handle
);
/******************/
/* Function: 0x02 */
- typedef struct {
- [value(ndr_size_security_descriptor(r->sd))] uint32 sd_size;
- [subcontext(4)] security_descriptor *sd;
- } samr_SdBuf;
-
NTSTATUS samr_SetSecurity (
[in,ref] policy_handle *handle,
[in] uint32 sec_info,
- [in,ref] samr_SdBuf *sdbuf
+ [in,ref] sec_desc_buf *sdbuf
);
/******************/
NTSTATUS samr_QuerySecurity (
[in,ref] policy_handle *handle,
[in] uint32 sec_info,
- [out] samr_SdBuf *sdbuf
+ [out] sec_desc_buf *sdbuf
);
/******************/
/* Function: 0x04 */
- NTSTATUS samr_Shutdown ();
+
+ /*
+ shutdown the SAM - once you call this the SAM will be dead
+ */
+ NTSTATUS samr_Shutdown (
+ [in,ref] policy_handle *connect_handle
+ );
/******************/
/* Function: 0x05 */
typedef struct {
- [value(2*strlen_m(r->name))] uint16 name_len;
- [value(r->name_len)] uint16 name_size;
- unistr_noterm *name;
- } samr_Name;
+ [value(2*strlen_m(r->string))] uint16 length;
+ [value(r->length)] uint16 size;
+ unistr_noterm *string;
+ } samr_String;
NTSTATUS samr_LookupDomain (
- [in,ref] policy_handle *handle,
- [in,ref] samr_Name *domain,
+ [in,ref] policy_handle *connect_handle,
+ [in,ref] samr_String *domain,
[out] dom_sid2 *sid
);
typedef struct {
uint32 idx;
- samr_Name name;
+ samr_String name;
} samr_SamEntry;
typedef struct {
} samr_SamArray;
NTSTATUS samr_EnumDomains (
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *connect_handle,
[in,out,ref] uint32 *resume_handle,
[in] uint32 buf_size,
[out] samr_SamArray *sam,
/************************/
/* Function 0x07 */
NTSTATUS samr_OpenDomain(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *connect_handle,
[in] uint32 access_mask,
[in,ref] dom_sid2 *sid,
[out,ref] policy_handle *domain_handle
/************************/
/* Function 0x08 */
+ /* server roles */
+ typedef [v1_enum] enum {
+ ROLE_STANDALONE = 0,
+ ROLE_DOMAIN_MEMBER = 1,
+ ROLE_DOMAIN_BDC = 2,
+ ROLE_DOMAIN_PDC = 3
+ } samr_Role;
typedef struct {
- uint16 min_length_password;
- uint16 password_history;
- uint32 flag;
- NTTIME expire;
- NTTIME min_passwordage;
+ uint16 min_password_length;
+ uint16 password_history_length;
+ uint32 password_properties;
+ /* yes, these are signed. They are in negative 100ns */
+ int64 max_password_age;
+ int64 min_password_age;
} samr_DomInfo1;
typedef struct {
- ULONG8 force_logoff_time;
- samr_Name unknown1;
- samr_Name domain; /* domain name */
- samr_Name primary; /* PDC name if this is a BDC */
- HYPER_T sequence_num;
+ NTTIME force_logoff_time;
+ samr_String comment;
+ samr_String domain; /* domain name */
+ samr_String primary; /* PDC name if this is a BDC */
+ uint64 sequence_num;
uint32 unknown2;
- uint32 role;
+ samr_Role role;
uint32 unknown3;
uint32 num_users;
uint32 num_groups;
} samr_DomInfo2;
typedef struct {
- ULONG8 force_logoff_time;
+ NTTIME force_logoff_time;
} samr_DomInfo3;
typedef struct {
- samr_Name unknown;
+ samr_String comment;
} samr_DomInfo4;
typedef struct {
- samr_Name domain;
+ samr_String domain_name;
} samr_DomInfo5;
typedef struct {
- samr_Name primary;
+ samr_String primary;
} samr_DomInfo6;
typedef struct {
- uint32 role;
+ samr_Role role;
} samr_DomInfo7;
typedef struct {
HYPER_T sequence_num;
- NTTIME last_xxx_time;
+ NTTIME domain_create_time;
} samr_DomInfo8;
typedef struct {
- uint32 unknown;
+ uint32 unknown; /* w2k3 returns 1 */
} samr_DomInfo9;
typedef struct {
- ULONG8 force_logoff_time;
- samr_Name unknown1;
- samr_Name domain;
- samr_Name primary;
- HYPER_T sequence_num;
- uint32 unknown2;
- uint32 role;
- uint32 unknown3;
- uint32 num_users;
- uint32 num_groups;
- uint32 num_aliases;
+ samr_DomInfo2 info2;
HYPER_T lockout_duration;
HYPER_T lockout_window;
uint16 lockout_threshold;
typedef struct {
HYPER_T sequence_num;
- NTTIME last_xxx_time;
+ NTTIME domain_create_time;
uint32 unknown1;
uint32 unknown2;
} samr_DomInfo13;
} samr_DomainInfo;
NTSTATUS samr_QueryDomainInfo(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *domain_handle,
[in] uint16 level,
[out,switch_is(level)] samr_DomainInfo *info
);
/************************/
/* Function 0x09 */
- NTSTATUS samr_SET_DOMAIN_INFO();
+ /*
+ only levels 1, 3, 4, 6, 7, 9, 12 are valid for this
+ call in w2k3
+ */
+ NTSTATUS samr_SetDomainInfo(
+ [in,ref] policy_handle *domain_handle,
+ [in] uint16 level,
+ [in,switch_is(level),ref] samr_DomainInfo *info
+ );
+
/************************/
/* Function 0x0a */
- NTSTATUS samr_CREATE_DOM_GROUP();
+ NTSTATUS samr_CreateDomainGroup(
+ [in,ref] policy_handle *domain_handle,
+ [in,ref] samr_String *name,
+ [in] uint32 access_mask,
+ [out,ref] policy_handle *group_handle,
+ [out,ref] uint32 *rid
+ );
+
/************************/
/* Function 0x0b */
NTSTATUS samr_EnumDomainGroups(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *domain_handle,
[in,out,ref] uint32 *resume_handle,
[in] uint32 max_size,
[out] samr_SamArray *sam,
/************************/
/* Function 0x0c */
NTSTATUS samr_CreateUser(
- [in,ref] policy_handle *handle,
- [in,ref] samr_Name *username,
+ [in,ref] policy_handle *domain_handle,
+ [in,ref] samr_String *account_name,
[in] uint32 access_mask,
- [out,ref] policy_handle *acct_handle,
+ [out,ref] policy_handle *user_handle,
[out,ref] uint32 *rid
);
/************************/
/* Function 0x0d */
+
+
+ /* w2k3 treats max_size as max_users*54 and sets the
+ resume_handle as the rid of the last user sent
+ */
+ const int SAMR_ENUM_USERS_MULTIPLIER = 54;
+
NTSTATUS samr_EnumDomainUsers(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *domain_handle,
[in,out,ref] uint32 *resume_handle,
- [in] uint32 acct_flags,
+ [in] samr_AcctFlags acct_flags,
[in] uint32 max_size,
[out] samr_SamArray *sam,
[out] uint32 num_entries
/************************/
/* Function 0x0e */
NTSTATUS samr_CreateDomAlias(
- [in,ref] policy_handle *handle,
- [in,ref] samr_Name *aliasname,
+ [in,ref] policy_handle *domain_handle,
+ [in,ref] samr_String *aliasname,
[in] uint32 access_mask,
- [out,ref] policy_handle *acct_handle,
+ [out,ref] policy_handle *alias_handle,
[out,ref] uint32 *rid
);
/************************/
/* Function 0x0f */
NTSTATUS samr_EnumDomainAliases(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *domain_handle,
[in,out,ref] uint32 *resume_handle,
- [in] uint32 max_size,
+ [in] samr_AcctFlags acct_flags,
[out] samr_SamArray *sam,
[out] uint32 num_entries
);
/* Function 0x10 */
typedef struct {
- uint32 count;
+ [range(0,1024)] uint32 count;
[size_is(count)] uint32 *ids;
} samr_Ids;
NTSTATUS samr_GetAliasMembership(
- [in,ref] policy_handle *handle,
- [in,ref] lsa_SidArray *sids,
- [out] samr_Ids *rids
+ [in,ref] policy_handle *domain_handle,
+ [in,ref] lsa_SidArray *sids,
+ [out,ref] samr_Ids *rids
);
/************************/
/* Function 0x11 */
NTSTATUS samr_LookupNames(
- [in,ref] policy_handle *handle,
- [in] uint32 num_names,
- [in,ref,size_is(1000),length_is(num_names)] samr_Name *names,
+ [in,ref] policy_handle *domain_handle,
+ [in,range(0,1000)] uint32 num_names,
+ [in,ref,size_is(1000),length_is(num_names)] samr_String *names,
[out] samr_Ids rids,
[out] samr_Ids types
);
typedef struct {
uint32 count;
- [size_is(count)] samr_Name *names;
- } samr_Names;
+ [size_is(count)] samr_String *names;
+ } samr_Strings;
NTSTATUS samr_LookupRids(
- [in,ref] policy_handle *handle,
- [in] uint32 num_rids,
+ [in,ref] policy_handle *domain_handle,
+ [in,range(0,1000)] uint32 num_rids,
[in,ref,size_is(1000),length_is(num_rids)] uint32 *rids,
- [out] samr_Names names,
+ [out] samr_Strings names,
[out] samr_Ids types
);
/************************/
/* Function 0x13 */
NTSTATUS samr_OpenGroup(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *domain_handle,
[in] uint32 access_mask,
[in] uint32 rid,
- [out,ref] policy_handle *acct_handle
+ [out,ref] policy_handle *group_handle
);
/* Function 0x14 */
typedef struct {
- samr_Name name;
- uint32 unknown;
+ samr_String name;
+ uint32 attributes;
uint32 num_members;
- samr_Name description;
+ samr_String description;
} samr_GroupInfoAll;
typedef struct {
} samr_GroupInfoX;
typedef struct {
- samr_Name description;
+ samr_String description;
} samr_GroupInfoDesciption;
typedef enum {
- GroupInfoAll = 1,
- GroupInfoName,
- GroupInfoX,
- GroupInfoDescription
+ GroupInfoAll = 1,
+ GroupInfoName = 2,
+ GroupInfoX = 3,
+ GroupInfoDescription = 4,
+ GroupInfoAll2 = 5
} GroupInfo;
typedef union {
[case(GroupInfoAll)] samr_GroupInfoAll all;
- [case(GroupInfoName)] samr_Name name;
+ [case(GroupInfoName)] samr_String name;
[case(GroupInfoX)] samr_GroupInfoX unknown;
- [case(GroupInfoDescription)] samr_Name description;
+ [case(GroupInfoDescription)] samr_String description;
+ [case(GroupInfoAll2)] samr_GroupInfoAll all2;
} samr_GroupInfo;
NTSTATUS samr_QueryGroupInfo(
- [in,ref] policy_handle *handle,
- [in] uint16 level,
+ [in,ref] policy_handle *group_handle,
+ [in] GroupInfo level,
[out,switch_is(level)] samr_GroupInfo *info
);
/************************/
/* Function 0x15 */
- NTSTATUS samr_SET_GROUPINFO();
+ NTSTATUS samr_SetGroupInfo(
+ [in,ref] policy_handle *group_handle,
+ [in] GroupInfo level,
+ [in,switch_is(level),ref] samr_GroupInfo *info
+ );
/************************/
/* Function 0x16 */
- NTSTATUS samr_ADD_GROUPMEM();
+ NTSTATUS samr_AddGroupMember(
+ [in,ref] policy_handle *group_handle,
+ [in] uint32 rid,
+ [in] uint32 flags
+ );
/************************/
/* Function 0x17 */
- NTSTATUS samr_DELETE_DOM_GROUP();
+ NTSTATUS samr_DeleteDomainGroup(
+ [in,out,ref] policy_handle *group_handle
+ );
/************************/
/* Function 0x18 */
- NTSTATUS samr_DEL_GROUPMEM();
+ NTSTATUS samr_DeleteGroupMember(
+ [in,ref] policy_handle *group_handle,
+ [in] uint32 rid
+ );
+
/************************/
/* Function 0x19 */
- NTSTATUS samr_QUERY_GROUPMEM();
+ typedef struct {
+ uint32 count;
+ [size_is(count)] uint32 *rids;
+ [size_is(count)] uint32 *unknown;
+ } samr_ridArray;
+
+ NTSTATUS samr_QueryGroupMember(
+ [in,ref] policy_handle *group_handle,
+ [out] samr_ridArray *rids
+ );
+
/************************/
/* Function 0x1a */
- NTSTATUS samr_SET_MEMBER_ATTRIBUTES_OF_GROUP();
+
+ /*
+ win2003 seems to accept any data at all for the two integers
+ below, and doesn't seem to do anything with them that I can
+ see. Weird. I really expected the first integer to be a rid
+ and the second to be the attributes for that rid member.
+ */
+ NTSTATUS samr_SetMemberAttributesOfGroup(
+ [in,ref] policy_handle *group_handle,
+ [in] uint32 unknown1,
+ [in] uint32 unknown2
+ );
/************************/
/* Function 0x1b */
NTSTATUS samr_OpenAlias (
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *domain_handle,
[in] uint32 access_mask,
[in] uint32 rid,
- [out,ref] policy_handle *acct_handle
+ [out,ref] policy_handle *alias_handle
);
/* Function 0x1c */
typedef struct {
- samr_Name name;
+ samr_String name;
uint32 num_members;
- samr_Name description;
+ samr_String description;
} samr_AliasInfoAll;
+ typedef enum {
+ AliasInfoAll = 1,
+ AliasInfoName = 2,
+ AliasInfoDescription = 3
+ } AliasInfo;
+
typedef union {
- [case(1)] samr_AliasInfoAll all;
- [case(2)] samr_Name name;
- [case(3)] samr_Name description;
+ [case(AliasInfoAll)] samr_AliasInfoAll all;
+ [case(AliasInfoName)] samr_String name;
+ [case(AliasInfoDescription)] samr_String description;
} samr_AliasInfo;
NTSTATUS samr_QueryAliasInfo(
- [in,ref] policy_handle *handle,
- [in] uint16 level,
+ [in,ref] policy_handle *alias_handle,
+ [in] AliasInfo level,
[out,switch_is(level)] samr_AliasInfo *info
);
/************************/
/* Function 0x1d */
NTSTATUS samr_SetAliasInfo(
- [in,ref] policy_handle *handle,
- [in] uint16 level,
- [in,switch_is(level)] samr_AliasInfo info
+ [in,ref] policy_handle *alias_handle,
+ [in] AliasInfo level,
+ [in,switch_is(level),ref] samr_AliasInfo *info
);
/************************/
/* Function 0x1e */
NTSTATUS samr_DeleteDomAlias(
- [in,out,ref] policy_handle *handle
+ [in,out,ref] policy_handle *alias_handle
);
/************************/
/* Function 0x1f */
- NTSTATUS samr_AddAliasMem(
- [in,ref] policy_handle *handle,
+ NTSTATUS samr_AddAliasMember(
+ [in,ref] policy_handle *alias_handle,
[in,ref] dom_sid2 *sid
);
/************************/
/* Function 0x20 */
- NTSTATUS samr_DelAliasMem(
- [in,ref] policy_handle *handle,
+ NTSTATUS samr_DeleteAliasMember(
+ [in,ref] policy_handle *alias_handle,
[in,ref] dom_sid2 *sid
);
/************************/
/* Function 0x21 */
NTSTATUS samr_GetMembersInAlias(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *alias_handle,
[out,ref] lsa_SidArray *sids
);
/************************/
/* Function 0x22 */
NTSTATUS samr_OpenUser(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *domain_handle,
[in] uint32 access_mask,
[in] uint32 rid,
- [out,ref] policy_handle *acct_handle
+ [out,ref] policy_handle *user_handle
);
/************************/
/* Function 0x23 */
NTSTATUS samr_DeleteUser(
- [in,out,ref] policy_handle *handle
+ [in,out,ref] policy_handle *user_handle
);
/************************/
/* Function 0x24 */
typedef struct {
- samr_Name username;
- samr_Name full_name;
+ samr_String account_name;
+ samr_String full_name;
uint32 primary_gid;
- samr_Name description;
- samr_Name comment;
+ samr_String description;
+ samr_String comment;
} samr_UserInfo1;
typedef struct {
- samr_Name comment;
- samr_Name unknown; /* settable, but doesn't stick. probably obsolete */
+ samr_String comment;
+ samr_String unknown; /* settable, but doesn't stick. probably obsolete */
uint16 country_code;
uint16 code_page;
} samr_UserInfo2;
+ /* this is also used in samr and netlogon */
+ typedef [public, flag(NDR_PAHEX)] struct {
+ uint16 units_per_week;
+ [size_is(1260), length_is(units_per_week/8)] uint8 *bits;
+ } samr_LogonHours;
+
typedef struct {
- samr_Name username;
- samr_Name full_name;
- uint32 Rid;
+ samr_String account_name;
+ samr_String full_name;
+ uint32 rid;
uint32 primary_gid;
- samr_Name home_directory;
- samr_Name home_drive;
- samr_Name logon_script;
- samr_Name profile;
- samr_Name workstations;
+ samr_String home_directory;
+ samr_String home_drive;
+ samr_String logon_script;
+ samr_String profile_path;
+ samr_String workstations;
NTTIME last_logon;
NTTIME last_logoff;
- NTTIME last_pwd_change;
- NTTIME allow_pwd_change;
- NTTIME force_pwd_change;
+ NTTIME last_password_change;
+ NTTIME allow_password_change;
+ NTTIME force_password_change;
samr_LogonHours logon_hours;
- uint16 bad_pwd_count;
- uint16 num_logons;
- uint32 acct_flags;
+ uint16 bad_password_count;
+ uint16 logon_count;
+ samr_AcctFlags acct_flags;
} samr_UserInfo3;
typedef struct {
} samr_UserInfo4;
typedef struct {
- samr_Name username;
- samr_Name full_name;
+ samr_String account_name;
+ samr_String full_name;
uint32 rid;
uint32 primary_gid;
- samr_Name home_directory;
- samr_Name home_drive;
- samr_Name logon_script;
- samr_Name profile;
- samr_Name description;
- samr_Name workstations;
+ samr_String home_directory;
+ samr_String home_drive;
+ samr_String logon_script;
+ samr_String profile_path;
+ samr_String description;
+ samr_String workstations;
NTTIME last_logon;
NTTIME last_logoff;
samr_LogonHours logon_hours;
- uint16 bad_pwd_count;
- uint16 num_logons;
- NTTIME last_pwd_change;
+ uint16 bad_password_count;
+ uint16 logon_count;
+ NTTIME last_password_change;
NTTIME acct_expiry;
- uint32 acct_flags;
+ samr_AcctFlags acct_flags;
} samr_UserInfo5;
typedef struct {
- samr_Name username;
- samr_Name full_name;
+ samr_String account_name;
+ samr_String full_name;
} samr_UserInfo6;
typedef struct {
- samr_Name username;
+ samr_String account_name;
} samr_UserInfo7;
typedef struct {
- samr_Name full_name;
+ samr_String full_name;
} samr_UserInfo8;
typedef struct {
} samr_UserInfo9;
typedef struct {
- samr_Name home_dir;
- samr_Name home_drive;
+ samr_String home_directory;
+ samr_String home_drive;
} samr_UserInfo10;
typedef struct {
- samr_Name logon_script;
+ samr_String logon_script;
} samr_UserInfo11;
typedef struct {
- samr_Name profile;
+ samr_String profile_path;
} samr_UserInfo12;
typedef struct {
- samr_Name description;
+ samr_String description;
} samr_UserInfo13;
typedef struct {
- samr_Name workstations;
+ samr_String workstations;
} samr_UserInfo14;
typedef struct {
- uint32 acct_flags;
+ samr_AcctFlags acct_flags;
} samr_UserInfo16;
typedef struct {
} samr_UserInfo17;
typedef struct {
- samr_Name callback;
+ samr_String parameters;
} samr_UserInfo20;
+ /* this defines the bits used for fields_present in info21 */
+ typedef bitmap {
+ SAMR_FIELD_NAME = 0x00000002,
+ SAMR_FIELD_DESCRIPTION = 0x00000010,
+ SAMR_FIELD_COMMENT = 0x00000020,
+ SAMR_FIELD_LOGON_SCRIPT = 0x00000100,
+ SAMR_FIELD_PROFILE_PATH = 0x00000200,
+ SAMR_FIELD_WORKSTATION = 0x00000400,
+ SAMR_FIELD_LOGON_HOURS = 0x00002000,
+ SAMR_FIELD_ACCT_FLAGS = 0x00100000,
+ SAMR_FIELD_PARAMETERS = 0x00200000,
+ SAMR_FIELD_COUNTRY_CODE = 0x00400000,
+ SAMR_FIELD_CODE_PAGE = 0x00800000,
+ SAMR_FIELD_PASSWORD = 0x01000000, /* either of these */
+ SAMR_FIELD_PASSWORD2 = 0x02000000 /* two bits seems to work */
+ } samr_FieldsPresent;
+
typedef struct {
NTTIME last_logon;
NTTIME last_logoff;
- NTTIME last_pwd_change;
+ NTTIME last_password_change;
NTTIME acct_expiry;
- NTTIME allow_pwd_change;
- NTTIME force_pwd_change;
- samr_Name username;
- samr_Name full_name;
- samr_Name home_dir;
- samr_Name home_drive;
- samr_Name logon_script;
- samr_Name profile;
- samr_Name description;
- samr_Name workstations;
- samr_Name comment;
- samr_Name callback;
- samr_Name unknown1;
- samr_Name unknown2;
- samr_Name unknown3;
+ NTTIME allow_password_change;
+ NTTIME force_password_change;
+ samr_String account_name;
+ samr_String full_name;
+ samr_String home_directory;
+ samr_String home_drive;
+ samr_String logon_script;
+ samr_String profile_path;
+ samr_String description;
+ samr_String workstations;
+ samr_String comment;
+ samr_String parameters;
+ samr_String unknown1;
+ samr_String unknown2;
+ samr_String unknown3;
uint32 buf_count;
[size_is(buf_count)] uint8 *buffer;
uint32 rid;
uint32 primary_gid;
- uint32 acct_flags;
- uint32 fields_present;
+ samr_AcctFlags acct_flags;
+ samr_FieldsPresent fields_present;
samr_LogonHours logon_hours;
- uint16 bad_pwd_count;
- uint16 num_logons;
+ uint16 bad_password_count;
+ uint16 logon_count;
uint16 country_code;
uint16 code_page;
- uint8 nt_pwd_set;
- uint8 lm_pwd_set;
- uint8 expired_flag;
+ uint8 nt_password_set;
+ uint8 lm_password_set;
+ uint8 password_expired;
uint8 unknown4;
} samr_UserInfo21;
+ typedef [public, flag(NDR_PAHEX)] struct {
+ uint8 data[516];
+ } samr_CryptPassword;
+
+ typedef struct {
+ samr_UserInfo21 info;
+ samr_CryptPassword password;
+ } samr_UserInfo23;
+
+ typedef struct {
+ samr_CryptPassword password;
+ uint16 pw_len;
+ } samr_UserInfo24;
+
+ typedef [flag(NDR_PAHEX)] struct {
+ uint8 data[532];
+ } samr_CryptPasswordEx;
+
+ typedef struct {
+ samr_UserInfo21 info;
+ samr_CryptPasswordEx password;
+ } samr_UserInfo25;
+
+ typedef struct {
+ samr_CryptPasswordEx password;
+ uint8 pw_len;
+ } samr_UserInfo26;
+
typedef union {
[case(1)] samr_UserInfo1 info1;
[case(2)] samr_UserInfo2 info2;
[case(17)] samr_UserInfo17 info17;
[case(20)] samr_UserInfo20 info20;
[case(21)] samr_UserInfo21 info21;
+ [case(23)] samr_UserInfo23 info23;
+ [case(24)] samr_UserInfo24 info24;
+ [case(25)] samr_UserInfo25 info25;
+ [case(26)] samr_UserInfo26 info26;
} samr_UserInfo;
NTSTATUS samr_QueryUserInfo(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *user_handle,
[in] uint16 level,
[out,switch_is(level)] samr_UserInfo *info
);
/************************/
/* Function 0x25 */
NTSTATUS samr_SetUserInfo(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *user_handle,
[in] uint16 level,
[in,ref,switch_is(level)] samr_UserInfo *info
);
/************************/
/* Function 0x26 */
- NTSTATUS samr_CHANGE_PASSWORD_USER();
+ typedef [public, flag(NDR_PAHEX)] struct {
+ uint8 hash[16];
+ } samr_Password;
+
+ /*
+ this is a password change interface that doesn't give
+ the server the plaintext password. Depricated.
+ */
+ NTSTATUS samr_ChangePasswordUser(
+ [in,ref] policy_handle *user_handle,
+ [in] bool8 lm_present,
+ [in] samr_Password *old_lm_crypted,
+ [in] samr_Password *new_lm_crypted,
+ [in] bool8 nt_present,
+ [in] samr_Password *old_nt_crypted,
+ [in] samr_Password *new_nt_crypted,
+ [in] bool8 cross1_present,
+ [in] samr_Password *nt_cross,
+ [in] bool8 cross2_present,
+ [in] samr_Password *lm_cross
+ );
/************************/
/* Function 0x27 */
} samr_RidArray;
NTSTATUS samr_GetGroupsForUser(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *user_handle,
[out] samr_RidArray *rids
);
typedef struct {
uint32 idx;
uint32 rid;
- uint32 acct_flags;
- samr_Name account_name;
- samr_Name full_name;
- samr_Name description;
+ samr_AcctFlags acct_flags;
+ samr_String account_name;
+ samr_String full_name;
+ samr_String description;
} samr_DispEntryGeneral;
typedef struct {
typedef struct {
uint32 idx;
uint32 rid;
- uint32 acct_flags;
- samr_Name account_name;
- samr_Name description;
+ samr_AcctFlags acct_flags;
+ samr_String account_name;
+ samr_String description;
} samr_DispEntryFull;
typedef struct {
} samr_DispInfoFull;
typedef struct {
- [value(strlen_m(r->name))] uint16 name_len;
- [value(strlen_m(r->name))] uint16 name_size;
- ascstr *name;
+ [value(strlen_m(r->string))] uint16 length;
+ [value(strlen_m(r->string))] uint16 size;
+ ascstr_noterm *string;
} samr_AsciiName;
typedef struct {
} samr_DispInfo;
NTSTATUS samr_QueryDisplayInfo(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *domain_handle,
[in] uint16 level,
[in] uint32 start_idx,
[in] uint32 max_entries,
[out,switch_is(level)] samr_DispInfo info
);
+
/************************/
/* Function 0x29 */
- NTSTATUS samr_GET_DISPLAY_ENUMERATION_INDEX();
+
+ /*
+ this seems to be an alphabetic search function. The returned index
+ is the index for samr_QueryDisplayInfo needed to get names occurring
+ after the specified name. The supplied name does not need to exist
+ in the database (for example you can supply just a first letter for
+ searching starting at that letter)
+
+ The level corresponds to the samr_QueryDisplayInfo level
+ */
+ NTSTATUS samr_GetDisplayEnumerationIndex(
+ [in,ref] policy_handle *domain_handle,
+ [in] uint16 level,
+ [in] samr_String name,
+ [out] uint32 idx
+ );
+
+
/************************/
/* Function 0x2a */
- NTSTATUS samr_TEST_PRIVATE_FUNCTIONS_DOMAIN();
+
+ /*
+ w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
+ */
+ NTSTATUS samr_TestPrivateFunctionsDomain(
+ [in,ref] policy_handle *domain_handle
+ );
+
/************************/
/* Function 0x2b */
- NTSTATUS samr_TEST_PRIVATE_FUNCTIONS_USER();
+
+ /*
+ w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
+ */
+ NTSTATUS samr_TestPrivateFunctionsUser(
+ [in,ref] policy_handle *user_handle
+ );
/************************/
const uint32 DOMAIN_REFUSE_PASSWORD_CHANGE = 0x00000020;
typedef struct {
- uint16 min_pwd_len;
+ uint16 min_password_length;
uint32 password_properties;
} samr_PwInfo;
NTSTATUS samr_GetUserPwInfo(
- [in,ref] policy_handle *handle,
+ [in,ref] policy_handle *user_handle,
[out] samr_PwInfo info
);
/************************/
/* Function 0x2d */
- NTSTATUS samr_REMOVE_MEMBER_FROM_FOREIGN_DOMAIN();
+ NTSTATUS samr_RemoveMemberFromForeignDomain(
+ [in,ref] policy_handle *domain_handle,
+ [in,ref] dom_sid2 *sid
+ );
/************************/
/* Function 0x2e */
- NTSTATUS samr_QUERY_INFORMATION_DOMAIN2();
+
+ /*
+ how is this different from QueryDomainInfo ??
+ */
+ NTSTATUS samr_QueryDomainInfo2(
+ [in,ref] policy_handle *domain_handle,
+ [in] uint16 level,
+ [out,switch_is(level)] samr_DomainInfo *info
+ );
/************************/
/* Function 0x2f */
- NTSTATUS samr_QUERY_INFORMATION_USER2();
+
+ /*
+ how is this different from QueryUserInfo ??
+ */
+ NTSTATUS samr_QueryUserInfo2(
+ [in,ref] policy_handle *user_handle,
+ [in] uint16 level,
+ [out,switch_is(level)] samr_UserInfo *info
+ );
/************************/
/* Function 0x30 */
- NTSTATUS samr_QUERY_DISPINFO2();
+
+ /*
+ how is this different from QueryDisplayInfo??
+ */
+ NTSTATUS samr_QueryDisplayInfo2(
+ [in,ref] policy_handle *domain_handle,
+ [in] uint16 level,
+ [in] uint32 start_idx,
+ [in] uint32 max_entries,
+ [in] uint32 buf_size,
+ [out] uint32 total_size,
+ [out] uint32 returned_size,
+ [out,switch_is(level)] samr_DispInfo info
+ );
/************************/
/* Function 0x31 */
- NTSTATUS samr_GET_DISPLAY_ENUMERATION_INDEX2();
+
+ /*
+ how is this different from GetDisplayEnumerationIndex ??
+ */
+ NTSTATUS samr_GetDisplayEnumerationIndex2(
+ [in,ref] policy_handle *domain_handle,
+ [in] uint16 level,
+ [in] samr_String name,
+ [out] uint32 idx
+ );
+
/************************/
/* Function 0x32 */
NTSTATUS samr_CreateUser2(
- /************************/
- [in,ref] policy_handle *handle,
- [in,ref] samr_Name *username,
- [in] uint32 acct_flags,
+ [in,ref] policy_handle *domain_handle,
+ [in,ref] samr_String *account_name,
+ [in] samr_AcctFlags acct_flags,
[in] uint32 access_mask,
- [out,ref] policy_handle *acct_handle,
+ [out,ref] policy_handle *user_handle,
[out,ref] uint32 *access_granted,
[out,ref] uint32 *rid
);
/************************/
/* Function 0x33 */
- NTSTATUS samr_QUERY_DISPINFO3();
+
+ /*
+ another duplicate. There must be a reason ....
+ */
+ NTSTATUS samr_QueryDisplayInfo3(
+ [in,ref] policy_handle *domain_handle,
+ [in] uint16 level,
+ [in] uint32 start_idx,
+ [in] uint32 max_entries,
+ [in] uint32 buf_size,
+ [out] uint32 total_size,
+ [out] uint32 returned_size,
+ [out,switch_is(level)] samr_DispInfo info
+ );
/************************/
/* Function 0x34 */
- NTSTATUS samr_ADD_MULTIPLE_MEMBERS_TO_ALIAS();
+ NTSTATUS samr_AddMultipleMembersToAlias(
+ [in,ref] policy_handle *alias_handle,
+ [in,ref] lsa_SidArray *sids
+ );
/************************/
/* Function 0x35 */
- NTSTATUS samr_REMOVE_MULTIPLE_MEMBERS_FROM_ALIAS();
+ NTSTATUS samr_RemoveMultipleMembersFromAlias(
+ [in,ref] policy_handle *alias_handle,
+ [in,ref] lsa_SidArray *sids
+ );
/************************/
/* Function 0x36 */
- NTSTATUS samr_OEM_CHANGE_PASSWORD_USER2();
+
+ NTSTATUS samr_OemChangePasswordUser2(
+ [in] samr_AsciiName *server,
+ [in,ref] samr_AsciiName *account,
+ [in] samr_CryptPassword *password,
+ [in] samr_Password *hash
+ );
/************************/
/* Function 0x37 */
- NTSTATUS samr_UNICODE_CHANGE_PASSWORD_USER2();
+ NTSTATUS samr_ChangePasswordUser2(
+ [in] samr_String *server,
+ [in,ref] samr_String *account,
+ [in] samr_CryptPassword *nt_password,
+ [in] samr_Password *nt_verifier,
+ [in] bool8 lm_change,
+ [in] samr_CryptPassword *lm_password,
+ [in] samr_Password *lm_verifier
+ );
/************************/
/* Function 0x38 */
- NTSTATUS samr_GET_DOM_PWINFO();
+ NTSTATUS samr_GetDomPwInfo(
+ [in] samr_String *name,
+ [out] samr_PwInfo info
+ );
/************************/
/* Function 0x39 */
NTSTATUS samr_Connect2(
[in] unistr *system_name,
[in] uint32 access_mask,
- [out,ref] policy_handle *handle
+ [out,ref] policy_handle *connect_handle
);
/************************/
/* Function 0x3a */
- NTSTATUS samr_SET_USERINFO2();
+ /*
+ seems to be an exact alias for samr_SetUserInfo()
+ */
+ NTSTATUS samr_SetUserInfo2(
+ [in,ref] policy_handle *user_handle,
+ [in] uint16 level,
+ [in,ref,switch_is(level)] samr_UserInfo *info
+ );
/************************/
/* Function 0x3b */
- NTSTATUS samr_SET_BOOT_KEY_INFORMATION();
+ /*
+ this one is mysterious. I have a few guesses, but nothing working yet
+ */
+ NTSTATUS samr_SetBootKeyInformation(
+ [in,ref] policy_handle *connect_handle,
+ [in] uint32 unknown1,
+ [in] uint32 unknown2,
+ [in] uint32 unknown3
+ );
/************************/
/* Function 0x3c */
- NTSTATUS samr_GET_BOOT_KEY_INFORMATION();
+ NTSTATUS samr_GetBootKeyInformation(
+ [in,ref] policy_handle *domain_handle,
+ [out] uint32 unknown
+ );
/************************/
/* Function 0x3d */
- NTSTATUS samr_CONNECT3();
+ NTSTATUS samr_Connect3(
+ [in] unistr *system_name,
+ /* this unknown value seems to be completely ignored by w2k3 */
+ [in] uint32 unknown,
+ [in] uint32 access_mask,
+ [out,ref] policy_handle *connect_handle
+ );
/************************/
/* Function 0x3e */
[in] unistr *system_name,
[in] uint32 unknown,
[in] uint32 access_mask,
- [out,ref] policy_handle *handle
+ [out,ref] policy_handle *connect_handle
);
/************************/
/* Function 0x3f */
- NTSTATUS samr_UNICODE_CHANGE_PASSWORD_USER3();
+
+ typedef [v1_enum] enum {
+ SAMR_REJECT_OTHER = 0,
+ SAMR_REJECT_TOO_SHORT = 1,
+ SAMR_REJECT_COMPLEXITY = 2
+ } samr_RejectReason;
+
+ typedef struct {
+ samr_RejectReason reason;
+ uint32 unknown1;
+ uint32 unknown2;
+ } samr_ChangeReject;
+
+ NTSTATUS samr_ChangePasswordUser3(
+ [in] samr_String *server,
+ [in,ref] samr_String *account,
+ [in] samr_CryptPassword *nt_password,
+ [in] samr_Password *nt_verifier,
+ [in] bool8 lm_change,
+ [in] samr_CryptPassword *lm_password,
+ [in] samr_Password *lm_verifier,
+ [in] samr_CryptPassword *password3,
+ [out] samr_DomInfo1 *dominfo,
+ [out] samr_ChangeReject *reject
+ );
/************************/
/* Function 0x40 */
+
+ typedef struct {
+ uint32 unknown1; /* w2k3 gives 3 */
+ uint32 unknown2; /* w2k3 gives 0 */
+ } samr_ConnectInfo1;
+
+ typedef union {
+ [case(1)] samr_ConnectInfo1 info1;
+ } samr_ConnectInfo;
+
NTSTATUS samr_Connect5(
- [in] unistr *system_name,
- [in] uint32 access_mask,
- [in] uint32 unknown0,
- [in] uint32 unknown1,
- [in] uint32 unknown2,
- [in] uint32 unknown3,
- [out] uint32 unknown4,
- [out] uint32 unknown5,
- [out] uint32 unknown6,
- [out] uint32 unknown7,
- [out,ref] policy_handle *handle
+ [in] unistr *system_name,
+ [in] uint32 access_mask,
+ [in,out] uint32 level,
+ [in,out,switch_is(level),ref] samr_ConnectInfo *info,
+ [out,ref] policy_handle *connect_handle
);
/************************/
/* Function 0x41 */
- NTSTATUS samr_RID_TO_SID();
+ NTSTATUS samr_RidToSid(
+ [in,ref] policy_handle *domain_handle,
+ [in] uint32 rid,
+ [out] dom_sid2 *sid
+ );
+
/************************/
/* Function 0x42 */
- NTSTATUS samr_SET_DSRM_PASSWORD();
+
+ /*
+ this should set the DSRM password for the server, which is used
+ when booting into Directory Services Recovery Mode on a DC. Win2003
+ gives me NT_STATUS_NOT_SUPPORTED
+ */
+
+ NTSTATUS samr_SetDsrmPassword(
+ [in] samr_String *name,
+ [in] uint32 unknown,
+ [in] samr_Password *hash
+ );
+
/************************/
/* Function 0x43 */
- NTSTATUS samr_VALIDATE_PASSWORD();
-
+ /*
+ I haven't been able to work out the format of this one yet.
+ Seems to start with a switch level for a union?
+ */
+ NTSTATUS samr_ValidatePassword();
}