4 samr interface definition
8 Thanks to Todd Sabin for some information from his samr.idl in acltools
11 [ uuid(12345778-1234-abcd-ef00-0123456789ac),
13 pointer_default(unique)
18 NTSTATUS samr_Connect (
19 /* notice the lack of [string] */
20 [in] uint16 *system_name,
21 [in] uint32 access_mask,
22 [out,ref] policy_handle *handle
29 [in,out,ref] policy_handle *handle
36 [value(ndr_size_security_descriptor(r->sd))] uint32 sd_size;
37 [subcontext(4)] security_descriptor *sd;
40 NTSTATUS samr_SetSecurity (
41 [in,ref] policy_handle *handle,
43 [in,ref] samr_SdBuf *sdbuf
49 NTSTATUS samr_QuerySecurity (
50 [in,ref] policy_handle *handle,
52 [out] samr_SdBuf *sdbuf
59 shutdown the SAM - once you call this the SAM will be dead
61 NTSTATUS samr_Shutdown (
62 [in,ref] policy_handle *handle
68 [value(2*strlen_m(r->name))] uint16 name_len;
69 [value(r->name_len)] uint16 name_size;
73 NTSTATUS samr_LookupDomain (
74 [in,ref] policy_handle *handle,
75 [in,ref] samr_Name *domain,
90 [size_is(count)] samr_SamEntry *entries;
93 NTSTATUS samr_EnumDomains (
94 [in,ref] policy_handle *handle,
95 [in,out,ref] uint32 *resume_handle,
97 [out] samr_SamArray *sam,
98 [out] uint32 num_entries
102 /************************/
104 NTSTATUS samr_OpenDomain(
105 [in,ref] policy_handle *handle,
106 [in] uint32 access_mask,
107 [in,ref] dom_sid2 *sid,
108 [out,ref] policy_handle *domain_handle
111 /************************/
115 uint16 min_length_password;
116 uint16 password_history;
119 NTTIME min_passwordage;
123 ULONG8 force_logoff_time;
125 samr_Name domain; /* domain name */
126 samr_Name primary; /* PDC name if this is a BDC */
127 HYPER_T sequence_num;
137 ULONG8 force_logoff_time;
141 /* I'm not entirely sure this is a comment. win2003
142 allows it to be set, and it seems harmless (like a
143 comment) but I haven't seen it show up anywhere */
160 HYPER_T sequence_num;
161 NTTIME last_xxx_time;
165 uint32 unknown; /* w2k3 returns 1 */
169 ULONG8 force_logoff_time;
173 HYPER_T sequence_num;
174 uint32 unknown2; /* w2k3 returns 1 */
176 uint32 unknown3; /* w2k3 returns 1 */
180 HYPER_T lockout_duration;
181 HYPER_T lockout_window;
182 uint16 lockout_threshold;
186 HYPER_T lockout_duration;
187 HYPER_T lockout_window;
188 uint16 lockout_threshold;
192 HYPER_T sequence_num;
193 NTTIME last_xxx_time;
199 [case(1)] samr_DomInfo1 info1;
200 [case(2)] samr_DomInfo2 info2;
201 [case(3)] samr_DomInfo3 info3;
202 [case(4)] samr_DomInfo4 info4;
203 [case(5)] samr_DomInfo5 info5;
204 [case(6)] samr_DomInfo6 info6;
205 [case(7)] samr_DomInfo7 info7;
206 [case(8)] samr_DomInfo8 info8;
207 [case(9)] samr_DomInfo9 info9;
208 [case(11)] samr_DomInfo11 info11;
209 [case(12)] samr_DomInfo12 info12;
210 [case(13)] samr_DomInfo13 info13;
213 NTSTATUS samr_QueryDomainInfo(
214 [in,ref] policy_handle *handle,
216 [out,switch_is(level)] samr_DomainInfo *info
219 /************************/
222 only levels 1, 3, 4, 6, 7, 9, 12 are valid for this
225 NTSTATUS samr_SetDomainInfo(
226 [in,ref] policy_handle *handle,
228 [in,switch_is(level),ref] samr_DomainInfo *info
232 /************************/
234 NTSTATUS samr_CreateDomainGroup(
235 [in,ref] policy_handle *handle,
236 [in,ref] samr_Name *name,
237 [in] uint32 access_mask,
238 [out,ref] policy_handle *group_handle,
239 [out,ref] uint32 *rid
243 /************************/
245 NTSTATUS samr_EnumDomainGroups(
246 [in,ref] policy_handle *handle,
247 [in,out,ref] uint32 *resume_handle,
248 [in] uint32 max_size,
249 [out] samr_SamArray *sam,
250 [out] uint32 num_entries
253 /************************/
255 NTSTATUS samr_CreateUser(
256 [in,ref] policy_handle *handle,
257 [in,ref] samr_Name *username,
258 [in] uint32 access_mask,
259 [out,ref] policy_handle *acct_handle,
260 [out,ref] uint32 *rid
263 /************************/
265 NTSTATUS samr_EnumDomainUsers(
266 [in,ref] policy_handle *handle,
267 [in,out,ref] uint32 *resume_handle,
268 [in] uint32 acct_flags,
269 [in] uint32 max_size,
270 [out] samr_SamArray *sam,
271 [out] uint32 num_entries
274 /************************/
276 NTSTATUS samr_CreateDomAlias(
277 [in,ref] policy_handle *handle,
278 [in,ref] samr_Name *aliasname,
279 [in] uint32 access_mask,
280 [out,ref] policy_handle *acct_handle,
281 [out,ref] uint32 *rid
284 /************************/
286 NTSTATUS samr_EnumDomainAliases(
287 [in,ref] policy_handle *handle,
288 [in,out,ref] uint32 *resume_handle,
289 [in] uint32 max_size,
290 [out] samr_SamArray *sam,
291 [out] uint32 num_entries
294 /************************/
299 [size_is(count)] uint32 *ids;
302 NTSTATUS samr_GetAliasMembership(
303 [in,ref] policy_handle *handle,
304 [in,ref] lsa_SidArray *sids,
308 /************************/
311 NTSTATUS samr_LookupNames(
312 [in,ref] policy_handle *handle,
313 [in] uint32 num_names,
314 [in,ref,size_is(1000),length_is(num_names)] samr_Name *names,
320 /************************/
325 [size_is(count)] samr_Name *names;
328 NTSTATUS samr_LookupRids(
329 [in,ref] policy_handle *handle,
330 [in] uint32 num_rids,
331 [in,ref,size_is(1000),length_is(num_rids)] uint32 *rids,
332 [out] samr_Names names,
336 /************************/
338 NTSTATUS samr_OpenGroup(
339 [in,ref] policy_handle *handle,
340 [in] uint32 access_mask,
342 [out,ref] policy_handle *acct_handle
346 /************************/
353 samr_Name description;
361 samr_Name description;
362 } samr_GroupInfoDesciption;
372 [case(GroupInfoAll)] samr_GroupInfoAll all;
373 [case(GroupInfoName)] samr_Name name;
374 [case(GroupInfoX)] samr_GroupInfoX unknown;
375 [case(GroupInfoDescription)] samr_Name description;
378 NTSTATUS samr_QueryGroupInfo(
379 [in,ref] policy_handle *handle,
381 [out,switch_is(level)] samr_GroupInfo *info
384 /************************/
386 NTSTATUS samr_SetGroupInfo(
387 [in,ref] policy_handle *handle,
389 [in,switch_is(level),ref] samr_GroupInfo *info
392 /************************/
394 NTSTATUS samr_AddGroupMember(
395 [in,ref] policy_handle *handle,
400 /************************/
402 NTSTATUS samr_DeleteDomainGroup(
403 [in,out,ref] policy_handle *handle
406 /************************/
408 NTSTATUS samr_DeleteGroupMember(
409 [in,ref] policy_handle *handle,
414 /************************/
417 this isn't really valid IDL, but it does work. I suspect
418 I need to do some more pidl work to get this really right
427 samr_intArray *unknown7;
430 NTSTATUS samr_QueryGroupMember(
431 [in,ref] policy_handle *handle,
433 [out] samr_ridArray rids
437 /************************/
441 win2003 seems to accept any data at all for the two integers
442 below, and doesn't seem to do anything with them that I can
443 see. Weird. I really expected the first integer to be a rid
444 and the second to be the attributes for that rid member.
446 NTSTATUS samr_SetMemberAttributesOfGroup(
447 [in,ref] policy_handle *handle,
448 [in] uint32 unknown1,
453 /************************/
455 NTSTATUS samr_OpenAlias (
456 [in,ref] policy_handle *handle,
457 [in] uint32 access_mask,
459 [out,ref] policy_handle *acct_handle
463 /************************/
469 samr_Name description;
473 [case(1)] samr_AliasInfoAll all;
474 [case(2)] samr_Name name;
475 [case(3)] samr_Name description;
478 NTSTATUS samr_QueryAliasInfo(
479 [in,ref] policy_handle *handle,
481 [out,switch_is(level)] samr_AliasInfo *info
484 /************************/
486 NTSTATUS samr_SetAliasInfo(
487 [in,ref] policy_handle *handle,
489 [in,switch_is(level)] samr_AliasInfo info
492 /************************/
494 NTSTATUS samr_DeleteDomAlias(
495 [in,out,ref] policy_handle *handle
498 /************************/
500 NTSTATUS samr_AddAliasMember(
501 [in,ref] policy_handle *handle,
502 [in,ref] dom_sid2 *sid
505 /************************/
507 NTSTATUS samr_DeleteAliasMember(
508 [in,ref] policy_handle *handle,
509 [in,ref] dom_sid2 *sid
512 /************************/
514 NTSTATUS samr_GetMembersInAlias(
515 [in,ref] policy_handle *handle,
516 [out,ref] lsa_SidArray *sids
519 /************************/
521 NTSTATUS samr_OpenUser(
522 [in,ref] policy_handle *handle,
523 [in] uint32 access_mask,
525 [out,ref] policy_handle *acct_handle
528 /************************/
530 NTSTATUS samr_DeleteUser(
531 [in,out,ref] policy_handle *handle
534 /************************/
540 samr_Name description;
546 samr_Name unknown; /* settable, but doesn't stick. probably obsolete */
556 samr_Name home_directory;
557 samr_Name home_drive;
558 samr_Name logon_script;
560 samr_Name workstations;
563 NTTIME last_pwd_change;
564 NTTIME allow_pwd_change;
565 NTTIME force_pwd_change;
566 samr_LogonHours logon_hours;
567 uint16 bad_pwd_count;
573 samr_LogonHours logon_hours;
581 samr_Name home_directory;
582 samr_Name home_drive;
583 samr_Name logon_script;
585 samr_Name description;
586 samr_Name workstations;
589 samr_LogonHours logon_hours;
590 uint16 bad_pwd_count;
592 NTTIME last_pwd_change;
616 samr_Name home_drive;
620 samr_Name logon_script;
628 samr_Name description;
632 samr_Name workstations;
650 NTTIME last_pwd_change;
652 NTTIME allow_pwd_change;
653 NTTIME force_pwd_change;
657 samr_Name home_drive;
658 samr_Name logon_script;
660 samr_Name description;
661 samr_Name workstations;
668 [size_is(buf_count)] uint8 *buffer;
672 uint32 fields_present;
673 samr_LogonHours logon_hours;
674 uint16 bad_pwd_count;
684 typedef [flag(NDR_PAHEX)] struct {
686 } samr_CryptPassword;
689 samr_CryptPassword password;
694 [case(1)] samr_UserInfo1 info1;
695 [case(2)] samr_UserInfo2 info2;
696 [case(3)] samr_UserInfo3 info3;
697 [case(4)] samr_UserInfo4 info4;
698 [case(5)] samr_UserInfo5 info5;
699 [case(6)] samr_UserInfo6 info6;
700 [case(7)] samr_UserInfo7 info7;
701 [case(8)] samr_UserInfo8 info8;
702 [case(9)] samr_UserInfo9 info9;
703 [case(10)] samr_UserInfo10 info10;
704 [case(11)] samr_UserInfo11 info11;
705 [case(12)] samr_UserInfo12 info12;
706 [case(13)] samr_UserInfo13 info13;
707 [case(14)] samr_UserInfo14 info14;
708 [case(16)] samr_UserInfo16 info16;
709 [case(17)] samr_UserInfo17 info17;
710 [case(20)] samr_UserInfo20 info20;
711 [case(21)] samr_UserInfo21 info21;
712 [case(24)] samr_UserInfo24 info24;
715 NTSTATUS samr_QueryUserInfo(
716 [in,ref] policy_handle *handle,
718 [out,switch_is(level)] samr_UserInfo *info
722 /************************/
724 NTSTATUS samr_SetUserInfo(
725 [in,ref] policy_handle *handle,
727 [in,ref,switch_is(level)] samr_UserInfo *info
730 /************************/
733 typedef [flag(NDR_PAHEX)] struct {
738 this interface is quite mysterious. I can make w2k3 give me
739 NT_STATUS_PASSWORD_RESTRICTION and NT_STATUS_WRONG_PASSWORD
740 with various options, but so far I haven't managed a successful
741 password change. Perhaps this interface is disabled now?
742 Needs testing against NT4
744 NTSTATUS samr_ChangePasswordUser(
745 [in,ref] policy_handle *handle,
747 [in] samr_Hash *hash1,
748 [in] samr_Hash *hash2,
750 [in] samr_Hash *hash3,
751 [in] samr_Hash *hash4,
753 [in] samr_Hash *hash5,
755 [in] samr_Hash *hash6
758 /************************/
768 [size_is(count)] samr_RidType *rid;
771 NTSTATUS samr_GetGroupsForUser(
772 [in,ref] policy_handle *handle,
773 [out] samr_RidArray *rids
776 /************************/
783 samr_Name account_name;
785 samr_Name description;
786 } samr_DispEntryGeneral;
790 [size_is(count)] samr_DispEntryGeneral *entries;
791 } samr_DispInfoGeneral;
797 samr_Name account_name;
798 samr_Name description;
799 } samr_DispEntryFull;
803 [size_is(count)] samr_DispEntryFull *entries;
807 [value(strlen_m(r->name))] uint16 name_len;
808 [value(strlen_m(r->name))] uint16 name_size;
814 samr_AsciiName account_name;
815 } samr_DispEntryAscii;
819 [size_is(count)] samr_DispEntryAscii *entries;
820 } samr_DispInfoAscii;
823 [case(1)] samr_DispInfoGeneral info1;/* users */
824 [case(2)] samr_DispInfoFull info2; /* trust accounts? */
825 [case(3)] samr_DispInfoFull info3; /* groups */
826 [case(4)] samr_DispInfoAscii info4; /* users */
827 [case(5)] samr_DispInfoAscii info5; /* groups */
830 NTSTATUS samr_QueryDisplayInfo(
831 [in,ref] policy_handle *handle,
833 [in] uint32 start_idx,
834 [in] uint32 max_entries,
835 [in] uint32 buf_size,
836 [out] uint32 total_size,
837 [out] uint32 returned_size,
838 [out,switch_is(level)] samr_DispInfo info
842 /************************/
846 this seems to be an alphabetic search function. The returned index
847 is the index for samr_QueryDisplayInfo needed to get names occurring
848 after the specified name. The supplied name does not need to exist
849 in the database (for example you can supply just a first letter for
850 searching starting at that letter)
852 The level corresponds to the samr_QueryDisplayInfo level
854 NTSTATUS samr_GetDisplayEnumerationIndex(
855 [in,ref] policy_handle *handle,
863 /************************/
867 w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
869 NTSTATUS samr_TestPrivateFunctionsDomain(
870 [in,ref] policy_handle *handle
874 /************************/
878 w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
880 NTSTATUS samr_TestPrivateFunctionsUser(
881 [in,ref] policy_handle *handle
885 /************************/
888 /* password properties flags */
889 const uint32 DOMAIN_PASSWORD_COMPLEX = 0x00000001;
890 const uint32 DOMAIN_PASSWORD_NO_ANON_CHANGE = 0x00000002;
891 const uint32 DOMAIN_PASSWORD_NO_CLEAR_CHANGE = 0x00000004;
892 const uint32 DOMAIN_PASSWORD_STORE_CLEARTEXT = 0x00000010;
893 const uint32 DOMAIN_REFUSE_PASSWORD_CHANGE = 0x00000020;
897 uint32 password_properties;
900 NTSTATUS samr_GetUserPwInfo(
901 [in,ref] policy_handle *handle,
902 [out] samr_PwInfo info
905 /************************/
907 NTSTATUS samr_RemoveMemberFromForeignDomain(
908 [in,ref] policy_handle *handle,
909 [in,ref] dom_sid2 *sid
912 /************************/
916 how is this different from QueryDomainInfo ??
918 NTSTATUS samr_QueryDomainInfo2(
919 [in,ref] policy_handle *handle,
921 [out,switch_is(level)] samr_DomainInfo *info
924 /************************/
928 how is this different from QueryUserInfo ??
930 NTSTATUS samr_QueryUserInfo2(
931 [in,ref] policy_handle *handle,
933 [out,switch_is(level)] samr_UserInfo *info
936 /************************/
940 how is this different from QueryDisplayInfo??
942 NTSTATUS samr_QueryDisplayInfo2(
943 [in,ref] policy_handle *handle,
945 [in] uint32 start_idx,
946 [in] uint32 max_entries,
947 [in] uint32 buf_size,
948 [out] uint32 total_size,
949 [out] uint32 returned_size,
950 [out,switch_is(level)] samr_DispInfo info
953 /************************/
957 how is this different from GetDisplayEnumerationIndex ??
959 NTSTATUS samr_GetDisplayEnumerationIndex2(
960 [in,ref] policy_handle *handle,
967 /************************/
969 NTSTATUS samr_CreateUser2(
970 /************************/
971 [in,ref] policy_handle *handle,
972 [in,ref] samr_Name *username,
973 [in] uint32 acct_flags,
974 [in] uint32 access_mask,
975 [out,ref] policy_handle *acct_handle,
976 [out,ref] uint32 *access_granted,
977 [out,ref] uint32 *rid
981 /************************/
985 another duplicate. There must be a reason ....
987 NTSTATUS samr_QueryDisplayInfo3(
988 [in,ref] policy_handle *handle,
990 [in] uint32 start_idx,
991 [in] uint32 max_entries,
992 [in] uint32 buf_size,
993 [out] uint32 total_size,
994 [out] uint32 returned_size,
995 [out,switch_is(level)] samr_DispInfo info
998 /************************/
1000 NTSTATUS samr_AddMultipleMembersToAlias(
1001 [in,ref] policy_handle *handle,
1002 [in,ref] lsa_SidArray *sids
1005 /************************/
1007 NTSTATUS samr_RemoveMultipleMembersFromAlias(
1008 [in,ref] policy_handle *handle,
1009 [in,ref] lsa_SidArray *sids
1012 /************************/
1015 NTSTATUS samr_OemChangePasswordUser2(
1016 [in] samr_AsciiName *server,
1017 [in,ref] samr_AsciiName *account,
1018 [in] samr_CryptPassword *password,
1019 [in] samr_Hash *hash
1022 /************************/
1024 NTSTATUS samr_ChangePasswordUser2(
1025 [in] samr_Name *server,
1026 [in,ref] samr_Name *account,
1027 [in] samr_CryptPassword *nt_password,
1028 [in] samr_Hash *nt_verifier,
1029 [in] bool8 lm_change,
1030 [in] samr_CryptPassword *lm_password,
1031 [in] samr_Hash *lm_verifier
1034 /************************/
1036 NTSTATUS samr_GetDomPwInfo(
1037 [in] samr_Name *name,
1038 [out] samr_PwInfo info
1041 /************************/
1043 NTSTATUS samr_Connect2(
1044 [in] unistr *system_name,
1045 [in] uint32 access_mask,
1046 [out,ref] policy_handle *handle
1049 /************************/
1052 seems to be an exact alias for samr_SetUserInfo()
1054 NTSTATUS samr_SetUserInfo2(
1055 [in,ref] policy_handle *handle,
1057 [in,ref,switch_is(level)] samr_UserInfo *info
1060 /************************/
1063 this one is mysterious. I have a few guesses, but nothing working yet
1065 NTSTATUS samr_SetBootKeyInformation(
1066 [in,ref] policy_handle *handle,
1067 [in] uint32 unknown1,
1068 [in] uint32 unknown2,
1069 [in] uint32 unknown3
1072 /************************/
1074 NTSTATUS samr_GetBootKeyInformation(
1075 [in,ref] policy_handle *handle,
1076 [out] uint32 unknown
1079 /************************/
1081 NTSTATUS samr_Connect3(
1082 [in] unistr *system_name,
1083 [in] uint32 unknown,
1084 [in] uint32 access_mask,
1085 [out,ref] policy_handle *handle
1088 /************************/
1090 NTSTATUS samr_Connect4(
1091 [in] unistr *system_name,
1092 [in] uint32 unknown,
1093 [in] uint32 access_mask,
1094 [out,ref] policy_handle *handle
1097 /************************/
1099 NTSTATUS samr_ChangePasswordUser3(
1100 [in] samr_Name *server,
1101 [in,ref] samr_Name *account,
1102 [in] samr_CryptPassword *nt_password,
1103 [in] samr_Hash *nt_verifier,
1104 [in] bool8 lm_change,
1105 [in] samr_CryptPassword *lm_password,
1106 [in] samr_Hash *lm_verifier,
1107 [in] samr_CryptPassword *password3,
1108 [out] uint32 unknown1,
1109 [out] uint32 unknown2
1112 /************************/
1114 NTSTATUS samr_Connect5(
1115 [in] unistr *system_name,
1116 [in] uint32 access_mask,
1117 [in] uint32 unknown0,
1118 [in] uint32 unknown1,
1119 [in] uint32 unknown2,
1120 [in] uint32 unknown3,
1121 [out] uint32 unknown4,
1122 [out] uint32 unknown5,
1123 [out] uint32 unknown6,
1124 [out] uint32 unknown7,
1125 [out,ref] policy_handle *handle
1128 /************************/
1130 NTSTATUS samr_RidToSid(
1131 [in,ref] policy_handle *handle,
1137 /************************/
1141 this should set the DSRM password for the server, which is used
1142 when booting into Directory Services Recovery Mode on a DC. Win2003
1143 gives me NT_STATUS_NOT_SUPPORTED
1146 NTSTATUS samr_SetDsrmPassword(
1147 [in] samr_Name *name,
1148 [in] uint32 unknown,
1149 [in] samr_Hash *hash
1153 /************************/
1156 I haven't been able to work out the format of this one yet.
1157 Seems to start with a switch level for a union?
1159 NTSTATUS samr_ValidatePassword();