Fix IDL for lsa_LookupNames.
[gd/samba/.git] / source / librpc / idl / lsa.idl
1 #include "idl_types.h"
2
3 /*
4   lsa interface definition
5 */
6
7 import "security.idl";
8
9 [ uuid("12345778-1234-abcd-ef00-0123456789ab"),
10   version(0.0),
11   endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\netlogon]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"),
12   pointer_default(unique),
13   helpstring("Local Security Authority")
14 ] interface lsarpc
15 {
16         typedef bitmap security_secinfo security_secinfo;
17
18         typedef [public,noejs] struct {
19                 [value(2*strlen_m(string))] uint16 length;
20                 [value(2*strlen_m(string))] uint16 size;
21                 [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string;
22         } lsa_String;
23
24         typedef [public] struct {
25                 [value(2*strlen_m(string))] uint16 length;
26                 [value(2*(strlen_m(string)+1))] uint16 size;
27                 [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string;
28         } lsa_StringLarge;
29
30         typedef [public] struct {
31                 uint32 count;
32                 [size_is(count)] lsa_String *names;
33         } lsa_Strings;
34
35         typedef [public] struct {
36                 [value(strlen_m(string))] uint16 length;
37                 [value(strlen_m(string))] uint16 size;
38                 ascstr_noterm *string;
39         } lsa_AsciiString;
40
41         /******************/
42         /* Function: 0x00 */
43         NTSTATUS lsa_Close (
44                 [in,out]     policy_handle *handle
45                 );
46         
47
48         /******************/
49         /* Function: 0x01 */
50         [public] NTSTATUS lsa_Delete (
51                 [in]     policy_handle *handle
52                 );
53
54
55         /******************/
56         /* Function: 0x02 */
57         typedef struct {
58                 uint32 low;
59                 uint32 high;
60         } lsa_LUID;
61         
62         typedef struct {
63                 lsa_StringLarge name;
64                 lsa_LUID luid;
65         } lsa_PrivEntry;
66
67         typedef struct {
68                 uint32 count;
69                 [size_is(count)] lsa_PrivEntry *privs;
70         } lsa_PrivArray;
71
72         [public] NTSTATUS lsa_EnumPrivs (
73                 [in]     policy_handle *handle,
74                 [in,out,ref] uint32 *resume_handle,
75                 [out,ref] lsa_PrivArray *privs,
76                 [in]         uint32 max_count
77                 );
78
79         /******************/
80         /* Function: 0x03 */
81
82         NTSTATUS lsa_QuerySecurity (
83                 [in]     policy_handle *handle,
84                 [in]         security_secinfo sec_info,
85                 [out,ref]    sec_desc_buf **sdbuf
86                 );
87
88
89         /******************/
90         /* Function: 0x04 */
91         NTSTATUS lsa_SetSecObj(
92                 [in]            policy_handle *handle,
93                 [in]            security_secinfo sec_info,
94                 [in,ref]        sec_desc_buf *sdbuf
95                 );
96
97         /******************/
98         /* Function: 0x05 */
99         NTSTATUS lsa_ChangePassword ();
100
101
102         /******************/
103         /* Function: 0x06 */
104         typedef struct {
105                 uint32  len; /* ignored */
106                 uint16  impersonation_level;
107                 uint8   context_mode;
108                 uint8   effective_only;
109         } lsa_QosInfo;
110         
111         typedef struct {
112                 uint32 len; /* ignored */
113                 uint8 *root_dir;
114                 [string,charset(UTF16)] uint16 *object_name;
115                 uint32 attributes;
116                 security_descriptor *sec_desc;
117                 lsa_QosInfo *sec_qos;
118         } lsa_ObjectAttribute;
119
120         /* notice the screwup with the system_name - thats why MS created
121            OpenPolicy2 */
122         [public] NTSTATUS lsa_OpenPolicy (
123                 [in,unique]       uint16 *system_name,
124                 [in]   lsa_ObjectAttribute *attr,
125                 [in]       uint32 access_mask,
126                 [out]  policy_handle *handle
127                 );
128         
129
130
131         /******************/
132         /* Function: 0x07 */
133
134         typedef struct {
135                 uint32 percent_full;
136                 uint32 log_size;
137                 NTTIME retention_time;
138                 uint8  shutdown_in_progress;
139                 NTTIME time_to_shutdown;
140                 uint32 next_audit_record;
141                 uint32 unknown;
142         } lsa_AuditLogInfo;
143
144         typedef [v1_enum] enum {
145                 LSA_AUDIT_POLICY_NONE=0,
146                 LSA_AUDIT_POLICY_SUCCESS=1,
147                 LSA_AUDIT_POLICY_FAILURE=2,
148                 LSA_AUDIT_POLICY_ALL=(LSA_AUDIT_POLICY_SUCCESS|LSA_AUDIT_POLICY_FAILURE),
149                 LSA_AUDIT_POLICY_CLEAR=4
150         } lsa_PolicyAuditPolicy;
151
152         typedef enum {
153                 LSA_AUDIT_CATEGORY_SYSTEM = 0,
154                 LSA_AUDIT_CATEGORY_LOGON = 1,
155                 LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS = 2,
156                 LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS = 3,
157                 LSA_AUDIT_CATEGORY_PROCCESS_TRACKING = 4,
158                 LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES = 5,
159                 LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT = 6,
160                 LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS = 7,        /* only in win2k/2k3 */
161                 LSA_AUDIT_CATEGORY_ACCOUNT_LOGON = 8                    /* only in win2k/2k3 */
162         } lsa_PolicyAuditEventType;
163
164         typedef struct {
165                 uint32 auditing_mode;
166                 [size_is(count)] lsa_PolicyAuditPolicy *settings;
167                 uint32 count;
168         } lsa_AuditEventsInfo;
169
170         typedef struct {
171                 lsa_StringLarge name;
172                 dom_sid2 *sid;
173         } lsa_DomainInfo;
174
175         typedef struct {
176                 lsa_String name;
177         } lsa_PDAccountInfo;
178
179         typedef struct {
180                 uint16 unknown; /* an midl padding bug? */
181                 uint16 role;
182         } lsa_ServerRole;
183
184         typedef struct {
185                 lsa_String source;
186                 lsa_String account;
187         } lsa_ReplicaSourceInfo;
188
189         typedef struct {
190                 uint32 paged_pool;
191                 uint32 non_paged_pool;
192                 uint32 min_wss;
193                 uint32 max_wss;
194                 uint32 pagefile;
195                 hyper unknown;
196         } lsa_DefaultQuotaInfo;
197
198         typedef struct {
199                 hyper modified_id;
200                 NTTIME db_create_time;
201         } lsa_ModificationInfo;
202
203         typedef struct {
204                 uint8 shutdown_on_full;
205         } lsa_AuditFullSetInfo;
206
207         typedef struct {
208                 uint16 unknown; /* an midl padding bug? */
209                 uint8 shutdown_on_full;
210                 uint8 log_is_full;
211         } lsa_AuditFullQueryInfo;
212
213         typedef struct {
214                 /* it's important that we use the lsa_StringLarge here,
215                  * because otherwise windows clients result with such dns hostnames
216                  * e.g. w2k3-client.samba4.samba.orgsamba4.samba.org
217                  * where it should be
218                  *      w2k3-client.samba4.samba.org
219                  */
220                 lsa_StringLarge name;
221                 lsa_StringLarge dns_domain;
222                 lsa_StringLarge dns_forest;
223                 GUID domain_guid;
224                 dom_sid2 *sid;
225         } lsa_DnsDomainInfo;
226
227         typedef enum {
228                 LSA_POLICY_INFO_AUDIT_LOG=1,
229                 LSA_POLICY_INFO_AUDIT_EVENTS=2,
230                 LSA_POLICY_INFO_DOMAIN=3,
231                 LSA_POLICY_INFO_PD=4,
232                 LSA_POLICY_INFO_ACCOUNT_DOMAIN=5,
233                 LSA_POLICY_INFO_ROLE=6,
234                 LSA_POLICY_INFO_REPLICA=7,
235                 LSA_POLICY_INFO_QUOTA=8,
236                 LSA_POLICY_INFO_DB=9,
237                 LSA_POLICY_INFO_AUDIT_FULL_SET=10,
238                 LSA_POLICY_INFO_AUDIT_FULL_QUERY=11,
239                 LSA_POLICY_INFO_DNS=12
240         } lsa_PolicyInfo;
241
242         typedef [switch_type(uint16)] union {
243                 [case(LSA_POLICY_INFO_AUDIT_LOG)]        lsa_AuditLogInfo       audit_log;
244                 [case(LSA_POLICY_INFO_AUDIT_EVENTS)]     lsa_AuditEventsInfo    audit_events;
245                 [case(LSA_POLICY_INFO_DOMAIN)]           lsa_DomainInfo         domain;
246                 [case(LSA_POLICY_INFO_PD)]               lsa_PDAccountInfo      pd;
247                 [case(LSA_POLICY_INFO_ACCOUNT_DOMAIN)]   lsa_DomainInfo         account_domain;
248                 [case(LSA_POLICY_INFO_ROLE)]             lsa_ServerRole         role;
249                 [case(LSA_POLICY_INFO_REPLICA)]          lsa_ReplicaSourceInfo  replica;
250                 [case(LSA_POLICY_INFO_QUOTA)]            lsa_DefaultQuotaInfo   quota;
251                 [case(LSA_POLICY_INFO_DB)]               lsa_ModificationInfo   db;
252                 [case(LSA_POLICY_INFO_AUDIT_FULL_SET)]   lsa_AuditFullSetInfo   auditfullset;
253                 [case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery;
254                 [case(LSA_POLICY_INFO_DNS)]              lsa_DnsDomainInfo      dns;
255         } lsa_PolicyInformation;
256
257         NTSTATUS lsa_QueryInfoPolicy(
258                 [in]                            policy_handle *handle,
259                 [in]                            lsa_PolicyInfo level,
260                 [out,ref,switch_is(level)]      lsa_PolicyInformation **info
261                 );
262
263         /******************/
264         /* Function:       0x08 */
265         NTSTATUS lsa_SetInfoPolicy (
266                 [in]                            policy_handle *handle,
267                 [in]                            lsa_PolicyInfo level,
268                 [in,switch_is(level)]           lsa_PolicyInformation *info
269                 );
270
271         /******************/
272         /* Function:       0x09 */
273         NTSTATUS lsa_ClearAuditLog ();
274
275         /******************/
276         /* Function: 0x0a */
277         [public] NTSTATUS lsa_CreateAccount (
278                 [in]    policy_handle *handle,
279                 [in,ref] dom_sid2 *sid,
280                 [in]    uint32 access_mask,
281                 [out]   policy_handle *acct_handle
282                 );
283
284         /******************/
285         /* NOTE: This only returns accounts that have at least
286            one privilege set 
287         */
288         /* Function: 0x0b */
289         typedef struct {
290                 dom_sid2 *sid;
291         } lsa_SidPtr;
292         
293         typedef [public] struct {
294                 [range(0,1000)] uint32 num_sids;
295                 [size_is(num_sids)] lsa_SidPtr *sids;
296         } lsa_SidArray;
297
298         [public] NTSTATUS lsa_EnumAccounts (
299                 [in]         policy_handle *handle,
300                 [in,out,ref] uint32 *resume_handle,
301                 [out,ref]    lsa_SidArray *sids,
302                 [in,range(0,8192)] uint32 num_entries
303                 );
304
305
306         /*************************************************/
307         /* Function: 0x0c                                */
308
309         [public] NTSTATUS lsa_CreateTrustedDomain(
310                 [in]         policy_handle *handle,
311                 [in]         lsa_DomainInfo *info,
312                 [in]         uint32 access_mask,
313                 [out]        policy_handle *trustdom_handle
314                 );
315
316
317         /******************/
318         /* Function: 0x0d */
319
320         /* w2k3 treats max_size as max_domains*60       */
321         const int LSA_ENUM_TRUST_DOMAIN_MULTIPLIER = 60;
322
323         typedef struct {
324                 uint32 count;
325                 [size_is(count)] lsa_DomainInfo *domains;
326         } lsa_DomainList;
327
328         NTSTATUS lsa_EnumTrustDom (
329                 [in]               policy_handle *handle,
330                 [in,out,ref]       uint32 *resume_handle,
331                 [out,ref]          lsa_DomainList *domains,
332                 [in]               uint32 max_size
333                 );
334
335
336         /******************/
337         /* Function: 0x0e */
338         typedef enum {
339                 SID_NAME_USE_NONE = 0,/* NOTUSED */
340                 SID_NAME_USER     = 1, /* user */
341                 SID_NAME_DOM_GRP  = 2, /* domain group */
342                 SID_NAME_DOMAIN   = 3, /* domain: don't know what this is */
343                 SID_NAME_ALIAS    = 4, /* local group */
344                 SID_NAME_WKN_GRP  = 5, /* well-known group */
345                 SID_NAME_DELETED  = 6, /* deleted account: needed for c2 rating */
346                 SID_NAME_INVALID  = 7, /* invalid account */
347                 SID_NAME_UNKNOWN  = 8, /* oops. */
348                 SID_NAME_COMPUTER = 9  /* machine */
349         } lsa_SidType;
350
351         typedef struct {
352                 lsa_SidType sid_type;
353                 uint32 rid;
354                 uint32 sid_index;
355         } lsa_TranslatedSid;
356
357         typedef struct {
358                 [range(0,1000)] uint32 count;
359                 [size_is(count)] lsa_TranslatedSid *sids;
360         } lsa_TransSidArray;
361
362         const int LSA_REF_DOMAIN_LIST_MULTIPLIER = 32;
363         typedef struct {
364                 [range(0,1000)] uint32 count;
365                 [size_is(count)] lsa_DomainInfo *domains;
366                 uint32 max_size;
367         } lsa_RefDomainList;
368
369         /* Level 1: Ask everywhere
370          * Level 2: Ask domain and trusted domains, no builtin and wkn
371          * Level 3: Only ask domain
372          * Level 4: W2k3ad: Only ask AD trusts
373          * Level 5: Only ask transitive forest trusts
374          * Level 6: Like 4
375          */
376
377         typedef enum {
378                 LSA_LOOKUP_NAMES_ALL = 1,
379                 LSA_LOOKUP_NAMES_DOMAINS_ONLY = 2,
380                 LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY = 3,
381                 LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY = 4,
382                 LSA_LOOKUP_NAMES_FOREST_TRUSTS_ONLY = 5,
383                 LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6
384         } lsa_LookupNamesLevel;
385
386         [public] NTSTATUS lsa_LookupNames (
387                 [in]         policy_handle *handle,
388                 [in,range(0,1000)] uint32 num_names,
389                 [in,size_is(num_names)]  lsa_String names[],
390                 [out,ref]    lsa_RefDomainList **domains,
391                 [in,out,ref] lsa_TransSidArray *sids,
392                 [in]         lsa_LookupNamesLevel level,
393                 [in,out,ref] uint32 *count
394                 );
395
396
397         /******************/
398         /* Function: 0x0f */
399
400         typedef struct {
401                 lsa_SidType sid_type;
402                 lsa_String name;
403                 uint32 sid_index;
404         } lsa_TranslatedName;
405
406         typedef struct {
407                 [range(0,1000)] uint32 count;
408                 [size_is(count)] lsa_TranslatedName *names;
409         } lsa_TransNameArray;
410
411         [public] NTSTATUS lsa_LookupSids (
412                 [in]         policy_handle *handle,
413                 [in]         lsa_SidArray *sids,
414                 [out,unique]        lsa_RefDomainList *domains,
415                 [in,out]     lsa_TransNameArray *names,
416                 [in]         uint16 level,
417                 [in,out] uint32 *count
418                 );
419
420
421         /* Function:        0x10 */
422         [public] NTSTATUS lsa_CreateSecret(
423                 [in]         policy_handle *handle,
424                 [in]         lsa_String       name,
425                 [in]         uint32         access_mask,
426                 [out]        policy_handle *sec_handle
427                 );
428
429
430         /*****************************************/
431         /* Function:     0x11                    */
432         NTSTATUS lsa_OpenAccount(
433                 [in]         policy_handle *handle,
434                 [in,ref]     dom_sid2 *sid,
435                 [in]         uint32 access_mask,
436                 [out]        policy_handle *acct_handle
437                 );
438
439
440         /****************************************/
441         /* Function:    0x12                    */
442
443         typedef struct {
444                 lsa_LUID luid;
445                 uint32 attribute;
446         } lsa_LUIDAttribute;
447         
448         typedef struct {
449                 [range(0,1000)] uint32 count;
450                 uint32 unknown;
451                 [size_is(count)] lsa_LUIDAttribute set[*];
452         } lsa_PrivilegeSet;
453         
454         NTSTATUS lsa_EnumPrivsAccount (
455                 [in]         policy_handle *handle,
456                 [out,ref] lsa_PrivilegeSet **privs
457                 );
458
459
460         /****************************************/
461         /* Function:            0x13 */
462         NTSTATUS lsa_AddPrivilegesToAccount(
463                 [in]         policy_handle *handle,
464                 [in,ref]     lsa_PrivilegeSet *privs
465                 );
466         
467
468         /****************************************/
469         /* Function:         0x14 */
470         NTSTATUS lsa_RemovePrivilegesFromAccount(
471                 [in]         policy_handle *handle,
472                 [in]         uint8 remove_all,
473                 [in,unique]  lsa_PrivilegeSet *privs
474                 );
475
476         /* Function:           0x15 */
477         NTSTATUS lsa_GetQuotasForAccount();
478         
479         /* Function:           0x16 */
480         NTSTATUS lsa_SetQuotasForAccount();
481         
482         /* Function:    0x17 */
483         NTSTATUS lsa_GetSystemAccessAccount(
484                 [in]    policy_handle *handle,
485                 [out,ref] uint32 *access_mask
486                 );
487
488         /* Function:    0x18 */
489         NTSTATUS lsa_SetSystemAccessAccount(
490                 [in]    policy_handle *handle,
491                 [in]    uint32 access_mask
492                 );
493
494         /* Function:        0x19 */
495         NTSTATUS lsa_OpenTrustedDomain(
496                 [in]     policy_handle *handle,
497                 [in]     dom_sid2      *sid,
498                 [in]         uint32         access_mask,
499                 [out]    policy_handle *trustdom_handle
500                 );
501
502         typedef [flag(NDR_PAHEX)] struct {
503                 uint32 length;
504                 uint32 size;
505                 [size_is(size),length_is(length)] uint8 *data;
506         } lsa_DATA_BUF;
507
508         typedef [flag(NDR_PAHEX)] struct {
509                 [range(0,65536)] uint32 size;
510                 [size_is(size)] uint8 *data;
511         } lsa_DATA_BUF2;
512
513         typedef enum {
514                 LSA_TRUSTED_DOMAIN_INFO_NAME             = 1,
515                 LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO = 2,
516                 LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET     = 3,
517                 LSA_TRUSTED_DOMAIN_INFO_PASSWORD         = 4,
518                 LSA_TRUSTED_DOMAIN_INFO_BASIC            = 5,
519                 LSA_TRUSTED_DOMAIN_INFO_INFO_EX          = 6,
520                 LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO        = 7,
521                 LSA_TRUSTED_DOMAIN_INFO_FULL_INFO        = 8,
522                 LSA_TRUSTED_DOMAIN_INFO_11               = 11,
523                 LSA_TRUSTED_DOMAIN_INFO_INFO_ALL         = 12
524         } lsa_TrustDomInfoEnum;
525
526         typedef struct {
527                 lsa_StringLarge  netbios_name;
528         } lsa_TrustDomainInfoName;
529
530         typedef struct {
531                 uint32         posix_offset;
532         } lsa_TrustDomainInfoPosixOffset;
533
534         typedef struct {
535                 lsa_DATA_BUF  *password;
536                 lsa_DATA_BUF  *old_password;
537         } lsa_TrustDomainInfoPassword;
538
539         typedef struct {
540                 lsa_String     netbios_name;
541                 dom_sid2      *sid;
542         } lsa_TrustDomainInfoBasic;
543
544         typedef struct {
545                 lsa_StringLarge     domain_name;
546                 lsa_StringLarge     netbios_name;
547                 dom_sid2      *sid;
548                 uint32         trust_direction;
549                 uint32         trust_type;
550                 uint32         trust_attributes;
551         } lsa_TrustDomainInfoInfoEx;
552
553         typedef struct {
554                 NTTIME_hyper   last_update_time;
555                 uint32         secret_type;
556                 lsa_DATA_BUF2  data;
557         } lsa_TrustDomainInfoBuffer;
558
559         typedef struct {
560                 uint32 incoming_count;
561                 lsa_TrustDomainInfoBuffer *incoming_current_auth_info;
562                 lsa_TrustDomainInfoBuffer *incoming_previous_auth_info;
563                 uint32 outgoing_count;
564                 lsa_TrustDomainInfoBuffer *outgoing_current_auth_info;
565                 lsa_TrustDomainInfoBuffer *outgoing_previous_auth_info;
566         } lsa_TrustDomainInfoAuthInfo;
567
568         typedef struct {
569                 lsa_TrustDomainInfoInfoEx      info_ex;
570                 lsa_TrustDomainInfoPosixOffset posix_offset;
571                 lsa_TrustDomainInfoAuthInfo    auth_info;
572         } lsa_TrustDomainInfoFullInfo;
573
574         typedef struct {
575                 lsa_TrustDomainInfoInfoEx      info_ex;
576                 lsa_DATA_BUF2                  data1;
577         } lsa_TrustDomainInfo11;
578
579         typedef struct {
580                 lsa_TrustDomainInfoInfoEx      info_ex;
581                 lsa_DATA_BUF2                  data1;
582                 lsa_TrustDomainInfoPosixOffset posix_offset;
583                 lsa_TrustDomainInfoAuthInfo    auth_info;
584         } lsa_TrustDomainInfoInfoAll;
585
586         typedef [switch_type(lsa_TrustDomInfoEnum)] union {
587                 [case(LSA_TRUSTED_DOMAIN_INFO_NAME)]         lsa_TrustDomainInfoName        name;
588                 [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] lsa_TrustDomainInfoPosixOffset posix_offset;
589                 [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)]     lsa_TrustDomainInfoPassword    password;
590                 [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)]        lsa_TrustDomainInfoBasic       info_basic;
591                 [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)]      lsa_TrustDomainInfoInfoEx      info_ex;
592                 [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)]    lsa_TrustDomainInfoAuthInfo    auth_info;
593                 [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)]    lsa_TrustDomainInfoFullInfo    full_info;
594                 [case(LSA_TRUSTED_DOMAIN_INFO_11)]           lsa_TrustDomainInfo11          info11;
595                 [case(LSA_TRUSTED_DOMAIN_INFO_INFO_ALL)]     lsa_TrustDomainInfoInfoAll     info_all;
596         } lsa_TrustedDomainInfo;
597
598         /* Function:       0x1a */
599         NTSTATUS lsa_QueryTrustedDomainInfo(
600                 [in]     policy_handle                   *trustdom_handle,
601                 [in]     lsa_TrustDomInfoEnum             level, 
602                 [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
603                 );
604
605         /* Function:     0x1b */
606         NTSTATUS lsa_SetInformationTrustedDomain();
607
608         /* Function:          0x1c */
609         [public] NTSTATUS lsa_OpenSecret(
610                 [in]     policy_handle    *handle,
611                 [in]         lsa_String        name,
612                 [in]         uint32            access_mask,
613                 [out]    policy_handle    *sec_handle
614                 );
615
616         /* Function:           0x1d */
617
618         [public] NTSTATUS lsa_SetSecret(
619                 [in]     policy_handle    *sec_handle,
620                 [in,unique]         lsa_DATA_BUF     *new_val,
621                 [in,unique]         lsa_DATA_BUF     *old_val
622                 );
623
624         typedef struct {
625                 lsa_DATA_BUF *buf;
626         } lsa_DATA_BUF_PTR;
627
628         /* Function:         0x1e */
629         [public] NTSTATUS lsa_QuerySecret (
630                 [in]     policy_handle     *sec_handle,
631                 [in,out,unique]     lsa_DATA_BUF_PTR  *new_val,
632                 [in,out,unique]     NTTIME_hyper      *new_mtime,
633                 [in,out,unique]     lsa_DATA_BUF_PTR  *old_val,
634                 [in,out,unique]     NTTIME_hyper      *old_mtime
635                 );
636
637         /* Function:     0x1f */
638         NTSTATUS lsa_LookupPrivValue(
639                 [in]     policy_handle *handle,
640                 [in,ref] lsa_String *name,
641                 [out,ref] lsa_LUID *luid
642                 );
643
644
645         /* Function:      0x20 */
646         NTSTATUS lsa_LookupPrivName (
647                 [in]     policy_handle *handle,
648                 [in]     lsa_LUID *luid,
649                 [out,unique]        lsa_StringLarge *name
650                 );
651
652
653         /*******************/
654         /* Function:  0x21 */
655         NTSTATUS lsa_LookupPrivDisplayName (
656                 [in] policy_handle *handle,
657                 [in,ref] lsa_String *name,
658                 [in] uint16 language_id,
659                 [in] uint16 language_id_sys,
660                 [out,ref] lsa_StringLarge **disp_name,
661                 /* see http://www.microsoft.com/globaldev/nlsweb/ for
662                    language definitions */
663                 [out,ref] uint16 *returned_language_id
664                 );
665
666         /* Function:        0x22 */
667         NTSTATUS lsa_DeleteObject(
668                 [in,out] policy_handle *handle
669                 );
670
671         /*******************/
672         /* Function:      0x23 */
673         NTSTATUS lsa_EnumAccountsWithUserRight (
674                 [in]     policy_handle *handle,
675                 [in,unique]         lsa_String *name,
676                 [out]    lsa_SidArray *sids
677                 );
678
679         /* Function:      0x24 */
680         typedef struct {
681                 [string,charset(UTF16)] uint16 *name;
682         } lsa_RightAttribute;
683         
684         typedef struct {
685                 [range(0,256)] uint32 count;
686                 [size_is(count)] lsa_StringLarge *names;
687         } lsa_RightSet;
688         
689         NTSTATUS lsa_EnumAccountRights (
690                 [in]     policy_handle *handle,
691                 [in,ref] dom_sid2 *sid,
692                 [out,ref] lsa_RightSet *rights
693                 );
694
695
696         /**********************/
697         /* Function:       0x25 */
698         NTSTATUS lsa_AddAccountRights (
699                 [in]     policy_handle *handle,
700                 [in,ref] dom_sid2 *sid,
701                 [in,ref] lsa_RightSet *rights
702                 );
703         
704         /**********************/
705         /* Function:       0x26 */
706         NTSTATUS lsa_RemoveAccountRights (
707                 [in]     policy_handle *handle,
708                 [in,ref] dom_sid2 *sid,
709                 [in]     uint8 remove_all,
710                 [in,ref] lsa_RightSet *rights
711                 );
712
713         /* Function:   0x27 */
714         NTSTATUS lsa_QueryTrustedDomainInfoBySid(
715                 [in]               policy_handle         *handle,
716                 [in]               dom_sid2              *dom_sid,
717                 [in]                   lsa_TrustDomInfoEnum  level, 
718                 [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
719         );
720
721         /* Function:     0x28 */
722         NTSTATUS lsa_SetTrustedDomainInfo();
723         /* Function:      0x29 */
724         NTSTATUS lsa_DeleteTrustedDomain(
725                 [in]               policy_handle         *handle,
726                 [in]               dom_sid2              *dom_sid
727         );
728
729         /* Function:       0x2a */
730         NTSTATUS lsa_StorePrivateData();
731         /* Function:        0x2b */
732         NTSTATUS lsa_RetrievePrivateData();
733
734
735         /**********************/
736         /* Function:     0x2c */
737         [public] NTSTATUS lsa_OpenPolicy2 (
738                 [in,unique]      [string,charset(UTF16)] uint16 *system_name,
739                 [in]  lsa_ObjectAttribute *attr,
740                 [in]      uint32 access_mask,
741                 [out] policy_handle *handle
742                 );
743
744         /**********************/
745         /* Function:     0x2d */
746         NTSTATUS lsa_GetUserName(
747                 [in,unique] [string,charset(UTF16)] uint16 *system_name,
748                 [in,out,ref] lsa_String **account_name,
749                 [in,out,unique] lsa_String **authority_name
750                 );
751
752         /**********************/
753         /* Function:          0x2e */
754
755         NTSTATUS lsa_QueryInfoPolicy2(
756                 [in]                         policy_handle *handle,
757                 [in]                         lsa_PolicyInfo level,
758                 [out,ref,switch_is(level)]   lsa_PolicyInformation **info
759                 );
760
761         /* Function 0x2f */
762         NTSTATUS lsa_SetInfoPolicy2(
763                 [in]                            policy_handle *handle,
764                 [in]                            lsa_PolicyInfo level,
765                 [in,switch_is(level)]           lsa_PolicyInformation *info
766                 );
767
768         /**********************/
769         /* Function 0x30 */
770         NTSTATUS lsa_QueryTrustedDomainInfoByName(
771                 [in]                   policy_handle          *handle,
772                 [in,ref]               lsa_String             *trusted_domain,
773                 [in]                   lsa_TrustDomInfoEnum   level,
774                 [out,ref,switch_is(level)] lsa_TrustedDomainInfo *info
775                 );
776
777         /**********************/
778         /* Function 0x31 */
779         NTSTATUS lsa_SetTrustedDomainInfoByName(
780                 [in]                   policy_handle         *handle,
781                 [in]                   lsa_String             trusted_domain,
782                 [in]                   lsa_TrustDomInfoEnum   level, 
783                 [in,unique,switch_is(level)] lsa_TrustedDomainInfo *info
784                 );
785
786         /* Function 0x32 */
787
788         /* w2k3 treats max_size as max_domains*82       */
789         const int LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER = 82;
790
791         typedef struct {
792                 uint32 count;
793                 [size_is(count)] lsa_TrustDomainInfoInfoEx *domains;
794         } lsa_DomainListEx;
795
796         NTSTATUS lsa_EnumTrustedDomainsEx (
797                 [in]               policy_handle *handle,
798                 [in,out]           uint32 *resume_handle,
799                 [out]              lsa_DomainListEx *domains,
800                 [in]               uint32 max_size
801                 );
802
803
804         /* Function 0x33 */
805         NTSTATUS lsa_CreateTrustedDomainEx();
806
807         /* Function 0x34 */
808         NTSTATUS lsa_CloseTrustedDomainEx(
809                 [in,out]                   policy_handle         *handle
810         );
811
812         /* Function 0x35 */
813
814         /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000 
815            for unknown6 - gd */
816         typedef struct {
817                 uint32 enforce_restrictions;
818                 hyper service_tkt_lifetime;
819                 hyper user_tkt_lifetime;
820                 hyper user_tkt_renewaltime;
821                 hyper clock_skew;
822                 hyper unknown6;
823         } lsa_DomainInfoKerberos;
824
825         typedef struct {
826                 uint32 blob_size;
827                 [size_is(blob_size)] uint8 *efs_blob;
828         } lsa_DomainInfoEfs;
829
830         typedef enum {
831                 LSA_DOMAIN_INFO_POLICY_EFS=2,
832                 LSA_DOMAIN_INFO_POLICY_KERBEROS=3
833         } lsa_DomainInfoEnum;
834
835         typedef [switch_type(uint16)] union {
836                 [case(LSA_DOMAIN_INFO_POLICY_EFS)]      lsa_DomainInfoEfs       efs_info;
837                 [case(LSA_DOMAIN_INFO_POLICY_KERBEROS)] lsa_DomainInfoKerberos  kerberos_info;
838         } lsa_DomainInformationPolicy;
839
840         NTSTATUS lsa_QueryDomainInformationPolicy(
841                 [in]            policy_handle *handle,
842                 [in]                    uint16 level,
843                 [out,unique,switch_is(level)]   lsa_DomainInformationPolicy *info
844                 );
845
846         /* Function 0x36 */
847         NTSTATUS lsa_SetDomainInformationPolicy(
848                 [in]            policy_handle *handle,
849                 [in]                    uint16 level,
850                 [in,unique,switch_is(level)]    lsa_DomainInformationPolicy *info
851                 );
852
853         /**********************/
854         /* Function 0x37 */
855         NTSTATUS lsa_OpenTrustedDomainByName(
856                 [in]     policy_handle *handle,
857                 [in]         lsa_String     name,
858                 [in]         uint32         access_mask,
859                 [out]    policy_handle *trustdom_handle
860                 );
861
862         /* Function 0x38 */
863         NTSTATUS lsa_TestCall();
864
865         /**********************/
866         /* Function 0x39 */
867
868         typedef struct {
869                 lsa_SidType sid_type;
870                 lsa_String name;
871                 uint32 sid_index;
872                 uint32 unknown;
873         } lsa_TranslatedName2;
874
875         typedef struct {
876                 [range(0,1000)] uint32 count;
877                 [size_is(count)] lsa_TranslatedName2 *names;
878         } lsa_TransNameArray2;
879
880         [public] NTSTATUS lsa_LookupSids2(
881                 [in]     policy_handle *handle,
882                 [in]     lsa_SidArray *sids,
883                 [out,unique]        lsa_RefDomainList *domains,
884                 [in,out] lsa_TransNameArray2 *names,
885                 [in]         uint16 level,
886                 [in,out] uint32 *count,
887                 [in]         uint32 unknown1,
888                 [in]         uint32 unknown2
889                 );
890
891         /**********************/
892         /* Function 0x3a */
893
894         typedef struct {
895                 lsa_SidType sid_type;
896                 uint32 rid;
897                 uint32 sid_index;
898                 uint32 unknown;
899         } lsa_TranslatedSid2;
900
901         typedef struct {
902                 [range(0,1000)] uint32 count;
903                 [size_is(count)] lsa_TranslatedSid2 *sids;
904         } lsa_TransSidArray2;
905
906         [public] NTSTATUS lsa_LookupNames2 (
907                 [in]     policy_handle *handle,
908                 [in,range(0,1000)] uint32 num_names,
909                 [in,size_is(num_names)]  lsa_String names[],
910                 [out,unique]        lsa_RefDomainList *domains,
911                 [in,out] lsa_TransSidArray2 *sids,
912                 [in]         lsa_LookupNamesLevel level,
913                 [in,out] uint32 *count,
914                 [in]         uint32 unknown1,
915                 [in]         uint32 unknown2
916                 );
917
918         /* Function 0x3b */
919         NTSTATUS lsa_CreateTrustedDomainEx2();
920
921         /* Function 0x3c */
922         NTSTATUS lsa_CREDRWRITE();
923
924         /* Function 0x3d */
925         NTSTATUS lsa_CREDRREAD();
926
927         /* Function 0x3e */
928         NTSTATUS lsa_CREDRENUMERATE();
929
930         /* Function 0x3f */
931         NTSTATUS lsa_CREDRWRITEDOMAINCREDENTIALS();
932
933         /* Function 0x40 */
934         NTSTATUS lsa_CREDRREADDOMAINCREDENTIALS();
935
936         /* Function 0x41 */
937         NTSTATUS lsa_CREDRDELETE();
938
939         /* Function 0x42 */
940         NTSTATUS lsa_CREDRGETTARGETINFO();
941
942         /* Function 0x43 */
943         NTSTATUS lsa_CREDRPROFILELOADED();
944
945         /**********************/
946         /* Function 0x44 */
947         typedef struct {
948                 lsa_SidType sid_type;
949                 dom_sid2 *sid;
950                 uint32 sid_index;
951                 uint32 unknown;
952         } lsa_TranslatedSid3;
953
954         typedef struct {
955                 [range(0,1000)] uint32 count;
956                 [size_is(count)] lsa_TranslatedSid3 *sids;
957         } lsa_TransSidArray3;
958
959         [public] NTSTATUS lsa_LookupNames3 (
960                 [in]     policy_handle *handle,
961                 [in,range(0,1000)] uint32 num_names,
962                 [in,size_is(num_names)]  lsa_String names[],
963                 [out,unique]        lsa_RefDomainList *domains,
964                 [in,out] lsa_TransSidArray3 *sids,
965                 [in]         lsa_LookupNamesLevel level,
966                 [in,out] uint32 *count,
967                 [in]         uint32 unknown1,
968                 [in]         uint32 unknown2
969                 );
970
971         /* Function 0x45 */
972         NTSTATUS lsa_CREDRGETSESSIONTYPES();
973
974         /* Function 0x46 */
975         NTSTATUS lsa_LSARREGISTERAUDITEVENT();
976
977         /* Function 0x47 */
978         NTSTATUS lsa_LSARGENAUDITEVENT();
979
980         /* Function 0x48 */
981         NTSTATUS lsa_LSARUNREGISTERAUDITEVENT();
982
983         /* Function 0x49 */
984         typedef struct {
985                 [range(0,131072)] uint32 length;
986                 [size_is(length)] uint8 *data;
987         } lsa_ForestTrustBinaryData;
988
989         typedef struct {
990                 dom_sid2 *domain_sid;
991                 lsa_StringLarge dns_domain_name;
992                 lsa_StringLarge netbios_domain_name;
993         } lsa_ForestTrustDomainInfo;
994
995         typedef [switch_type(uint32)] union {
996                 [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_String top_level_name;
997                 [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex;
998                 [case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info;
999                 [default] lsa_ForestTrustBinaryData data;
1000         } lsa_ForestTrustData;
1001
1002         typedef [v1_enum] enum {
1003                 LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0,
1004                 LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1,
1005                 LSA_FOREST_TRUST_DOMAIN_INFO = 2,
1006                 LSA_FOREST_TRUST_RECORD_TYPE_LAST = 3
1007         } lsa_ForestTrustRecordType;
1008
1009         typedef struct {
1010                 uint32 flags;
1011                 lsa_ForestTrustRecordType level;
1012                 hyper unknown;
1013                 [switch_is(level)] lsa_ForestTrustData forest_trust_data;
1014         } lsa_ForestTrustRecord;
1015
1016         typedef [public] struct {
1017                 [range(0,4000)] uint32 count;
1018                 [size_is(count)] lsa_ForestTrustRecord **entries;
1019         } lsa_ForestTrustInformation;
1020
1021         NTSTATUS lsa_lsaRQueryForestTrustInformation(
1022                 [in] policy_handle *handle,
1023                 [in,ref] lsa_String *trusted_domain_name,
1024                 [in] uint16 unknown, /* level ? */
1025                 [out,ref] lsa_ForestTrustInformation **forest_trust_info
1026                 );
1027
1028         /* Function 0x4a */
1029         NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION();
1030
1031         /* Function 0x4b */
1032         NTSTATUS lsa_CREDRRENAME();
1033
1034         /*****************/
1035         /* Function 0x4c */
1036
1037         [public] NTSTATUS lsa_LookupSids3(
1038                 [in]         lsa_SidArray *sids,
1039                 [out,unique] lsa_RefDomainList *domains,
1040                 [in,out]     lsa_TransNameArray2 *names,
1041                 [in]         uint16 level,
1042                 [in,out]     uint32 *count,
1043                 [in]         uint32 unknown1,
1044                 [in]         uint32 unknown2
1045                 );
1046
1047         /* Function 0x4d */
1048         NTSTATUS lsa_LookupNames4(
1049                 [in,range(0,1000)] uint32 num_names,
1050                 [in,size_is(num_names)]  lsa_String names[],
1051                 [out,unique]        lsa_RefDomainList *domains,
1052                 [in,out] lsa_TransSidArray3 *sids,
1053                 [in]         lsa_LookupNamesLevel level,
1054                 [in,out] uint32 *count,
1055                 [in]         uint32 unknown1,
1056                 [in]         uint32 unknown2
1057                 );
1058
1059         /* Function 0x4e */
1060         NTSTATUS lsa_LSAROPENPOLICYSCE();
1061
1062         /* Function 0x4f */
1063         NTSTATUS lsa_LSARADTREGISTERSECURITYEVENTSOURCE();
1064
1065         /* Function 0x50 */
1066         NTSTATUS lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE();
1067
1068         /* Function 0x51 */
1069         NTSTATUS lsa_LSARADTREPORTSECURITYEVENT();
1070
1071 }