2 Unix SMB/CIFS implementation.
3 SMB parameters and setup
4 Copyright (C) Andrew Tridgell 1992-1997
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
6 Copyright (C) Paul Ashton 1997
7 Copyright (C) Jean François Micouleau 2002
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #ifndef _RPC_NETLOGON_H /* _RPC_NETLOGON_H */
25 #define _RPC_NETLOGON_H
29 #define NET_SAMLOGON 0x02
30 #define NET_SAMLOGOFF 0x03
31 #define NET_REQCHAL 0x04
33 #define NET_SRVPWSET 0x06
34 #define NET_SAM_DELTAS 0x07
35 #define NET_LOGON_CTRL 0x0c
36 #define NET_AUTH2 0x0f
37 #define NET_LOGON_CTRL2 0x0e
38 #define NET_SAM_SYNC 0x10
39 #define NET_TRUST_DOM_LIST 0x13
40 #define NET_AUTH3 0x1a
42 /* Secure Channel types. used in NetrServerAuthenticate negotiation */
43 #define SEC_CHAN_WKSTA 2
44 #define SEC_CHAN_DOMAIN 4
45 #define SEC_CHAN_BDC 6
47 /* Returned delta types */
48 #define SAM_DELTA_DOMAIN_INFO 0x01 /* Domain */
49 #define SAM_DELTA_GROUP_INFO 0x02 /* Domain groups */
50 #define SAM_DELTA_ACCOUNT_INFO 0x05 /* Users */
51 #define SAM_DELTA_GROUP_MEM 0x08 /* Group membership */
52 #define SAM_DELTA_ALIAS_INFO 0x09 /* Local groups */
53 #define SAM_DELTA_ALIAS_MEM 0x0C /* Local group membership */
54 #define SAM_DELTA_DOM_INFO 0x0D /* Privilege stuff */
55 #define SAM_DELTA_UNK0E_INFO 0x0e /* Privilege stuff */
56 #define SAM_DELTA_PRIVS_INFO 0x10 /* Privilege stuff */
57 #define SAM_DELTA_UNK12_INFO 0x12 /* Privilege stuff */
58 #define SAM_DELTA_SAM_STAMP 0x16 /* Some kind of journal record? */
60 /* SAM database types */
61 #define SAM_DATABASE_DOMAIN 0x00 /* Domain users and groups */
62 #define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and groups */
63 #define SAM_DATABASE_PRIVS 0x02 /* Privileges */
66 /* I think this is correct - it's what gets parsed on the wire. JRA. */
68 typedef struct net_user_info_2
72 NTTIME logon_time; /* logon time */
73 NTTIME logoff_time; /* logoff time */
74 NTTIME kickoff_time; /* kickoff time */
75 NTTIME pass_last_set_time; /* password last set time */
76 NTTIME pass_can_change_time; /* password can change time */
77 NTTIME pass_must_change_time; /* password must change time */
79 UNIHDR hdr_user_name; /* username unicode string header */
80 UNIHDR hdr_full_name; /* user's full name unicode string header */
81 UNIHDR hdr_logon_script; /* logon script unicode string header */
82 UNIHDR hdr_profile_path; /* profile path unicode string header */
83 UNIHDR hdr_home_dir; /* home directory unicode string header */
84 UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
86 uint16 logon_count; /* logon count */
87 uint16 bad_pw_count; /* bad password count */
89 uint32 user_id; /* User ID */
90 uint32 group_id; /* Group ID */
91 uint32 num_groups; /* num groups */
92 uint32 buffer_groups; /* undocumented buffer pointer to groups. */
93 uint32 user_flgs; /* user flags */
95 uint8 user_sess_key[16]; /* unused user session key */
97 UNIHDR hdr_logon_srv; /* logon server unicode string header */
98 UNIHDR hdr_logon_dom; /* logon domain unicode string header */
100 uint32 buffer_dom_id; /* undocumented logon domain id pointer */
101 uint8 padding[40]; /* unused padding bytes. expansion room */
103 UNISTR2 uni_user_name; /* username unicode string */
104 UNISTR2 uni_full_name; /* user's full name unicode string */
105 UNISTR2 uni_logon_script; /* logon script unicode string */
106 UNISTR2 uni_profile_path; /* profile path unicode string */
107 UNISTR2 uni_home_dir; /* home directory unicode string */
108 UNISTR2 uni_dir_drive; /* home directory drive unicode string */
110 uint32 num_groups2; /* num groups */
111 DOM_GID *gids; /* group info */
113 UNISTR2 uni_logon_srv; /* logon server unicode string */
114 UNISTR2 uni_logon_dom; /* logon domain unicode string */
116 DOM_SID2 dom_sid; /* domain SID */
118 uint32 num_other_groups; /* other groups */
119 DOM_GID *other_gids; /* group info */
120 DOM_SID2 *other_sids; /* undocumented - domain SIDs */
125 /* NET_USER_INFO_3 */
126 typedef struct net_user_info_3
128 uint32 ptr_user_info;
130 NTTIME logon_time; /* logon time */
131 NTTIME logoff_time; /* logoff time */
132 NTTIME kickoff_time; /* kickoff time */
133 NTTIME pass_last_set_time; /* password last set time */
134 NTTIME pass_can_change_time; /* password can change time */
135 NTTIME pass_must_change_time; /* password must change time */
137 UNIHDR hdr_user_name; /* username unicode string header */
138 UNIHDR hdr_full_name; /* user's full name unicode string header */
139 UNIHDR hdr_logon_script; /* logon script unicode string header */
140 UNIHDR hdr_profile_path; /* profile path unicode string header */
141 UNIHDR hdr_home_dir; /* home directory unicode string header */
142 UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
144 uint16 logon_count; /* logon count */
145 uint16 bad_pw_count; /* bad password count */
147 uint32 user_rid; /* User RID */
148 uint32 group_rid; /* Group RID */
150 uint32 num_groups; /* num groups */
151 uint32 buffer_groups; /* undocumented buffer pointer to groups. */
152 uint32 user_flgs; /* user flags */
154 uint8 user_sess_key[16]; /* unused user session key */
156 UNIHDR hdr_logon_srv; /* logon server unicode string header */
157 UNIHDR hdr_logon_dom; /* logon domain unicode string header */
159 uint32 buffer_dom_id; /* undocumented logon domain id pointer */
160 uint8 padding[40]; /* unused padding bytes. expansion room */
162 uint32 num_other_sids; /* 0 - num_sids */
163 uint32 buffer_other_sids; /* NULL - undocumented pointer to SIDs. */
165 UNISTR2 uni_user_name; /* username unicode string */
166 UNISTR2 uni_full_name; /* user's full name unicode string */
167 UNISTR2 uni_logon_script; /* logon script unicode string */
168 UNISTR2 uni_profile_path; /* profile path unicode string */
169 UNISTR2 uni_home_dir; /* home directory unicode string */
170 UNISTR2 uni_dir_drive; /* home directory drive unicode string */
172 uint32 num_groups2; /* num groups */
173 DOM_GID *gids; /* group info */
175 UNISTR2 uni_logon_srv; /* logon server unicode string */
176 UNISTR2 uni_logon_dom; /* logon domain unicode string */
178 DOM_SID2 dom_sid; /* domain SID */
180 uint32 num_other_groups; /* other groups */
181 DOM_GID *other_gids; /* group info */
182 DOM_SID2 *other_sids; /* undocumented - domain SIDs */
187 /* NETLOGON_INFO_1 - pdc status info, i presume */
188 typedef struct netlogon_1_info
190 uint32 flags; /* 0x0 - undocumented */
191 uint32 pdc_status; /* 0x0 - undocumented */
195 /* NETLOGON_INFO_2 - pdc status info, plus trusted domain info */
196 typedef struct netlogon_2_info
198 uint32 flags; /* 0x0 - undocumented */
199 uint32 pdc_status; /* 0x0 - undocumented */
200 uint32 ptr_trusted_dc_name; /* pointer to trusted domain controller name */
201 uint32 tc_status; /* 0x051f - ERROR_NO_LOGON_SERVERS */
202 UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */
206 /* NETLOGON_INFO_3 - logon status info, i presume */
207 typedef struct netlogon_3_info
209 uint32 flags; /* 0x0 - undocumented */
210 uint32 logon_attempts; /* number of logon attempts */
211 uint32 reserved_1; /* 0x0 - undocumented */
212 uint32 reserved_2; /* 0x0 - undocumented */
213 uint32 reserved_3; /* 0x0 - undocumented */
214 uint32 reserved_4; /* 0x0 - undocumented */
215 uint32 reserved_5; /* 0x0 - undocumented */
219 /********************************************************
222 This is generated by a nltest /bdc_query:DOMAIN
224 query_level 0x1, function_code 0x1
226 ********************************************************/
228 /* NET_Q_LOGON_CTRL - LSA Netr Logon Control */
230 typedef struct net_q_logon_ctrl_info
233 UNISTR2 uni_server_name;
234 uint32 function_code;
238 /* NET_R_LOGON_CTRL - LSA Netr Logon Control */
240 typedef struct net_r_logon_ctrl_info
246 NETLOGON_INFO_1 info1;
252 /********************************************************
255 query_level 0x1 - pdc status
256 query_level 0x3 - number of logon attempts.
258 ********************************************************/
260 /* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2 */
261 typedef struct net_q_logon_ctrl2_info
263 uint32 ptr; /* undocumented buffer pointer */
264 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
266 uint32 function_code; /* 0x1 */
267 uint32 query_level; /* 0x1, 0x3 */
268 uint32 switch_value; /* 0x1 */
272 /*******************************************************
273 Logon Control Response
275 switch_value is same as query_level in request
276 *******************************************************/
278 /* NET_R_LOGON_CTRL2 - response to LSA Logon Control2 */
279 typedef struct net_r_logon_ctrl2_info
281 uint32 switch_value; /* 0x1, 0x3 */
286 NETLOGON_INFO_1 info1;
287 NETLOGON_INFO_2 info2;
288 NETLOGON_INFO_3 info3;
292 NTSTATUS status; /* return code */
296 /* NET_Q_TRUST_DOM_LIST - LSA Query Trusted Domains */
297 typedef struct net_q_trust_dom_info
299 uint32 ptr; /* undocumented buffer pointer */
300 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
302 } NET_Q_TRUST_DOM_LIST;
304 #define MAX_TRUST_DOMS 1
306 /* NET_R_TRUST_DOM_LIST - response to LSA Trusted Domains */
307 typedef struct net_r_trust_dom_info
309 UNISTR2 uni_trust_dom_name[MAX_TRUST_DOMS];
311 NTSTATUS status; /* return code */
313 } NET_R_TRUST_DOM_LIST;
317 typedef struct neg_flags_info
319 uint32 neg_flags; /* negotiated flags */
325 typedef struct net_q_req_chal_info
327 uint32 undoc_buffer; /* undocumented buffer pointer */
328 UNISTR2 uni_logon_srv; /* logon server unicode string */
329 UNISTR2 uni_logon_clnt; /* logon client unicode string */
330 DOM_CHAL clnt_chal; /* client challenge */
336 typedef struct net_r_req_chal_info
338 DOM_CHAL srv_chal; /* server challenge */
339 NTSTATUS status; /* return code */
343 typedef struct net_q_auth_info
345 DOM_LOG_INFO clnt_id; /* client identification info */
346 DOM_CHAL clnt_chal; /* client-calculated credentials */
350 typedef struct net_r_auth_info
352 DOM_CHAL srv_chal; /* server-calculated credentials */
353 NTSTATUS status; /* return code */
357 typedef struct net_q_auth2_info
359 DOM_LOG_INFO clnt_id; /* client identification info */
360 DOM_CHAL clnt_chal; /* client-calculated credentials */
362 NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
368 typedef struct net_r_auth2_info
370 DOM_CHAL srv_chal; /* server-calculated credentials */
371 NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
372 NTSTATUS status; /* return code */
376 typedef struct net_q_auth3_info
378 DOM_LOG_INFO clnt_id; /* client identification info */
379 DOM_CHAL clnt_chal; /* client-calculated credentials */
380 NEG_FLAGS clnt_flgs; /* usually 0x6007 ffff */
384 typedef struct net_r_auth3_info
386 DOM_CHAL srv_chal; /* server-calculated credentials */
387 NEG_FLAGS srv_flgs; /* usually 0x6007 ffff */
388 uint32 unknown; /* 0x0000045b */
389 NTSTATUS status; /* return code */
393 /* NET_Q_SRV_PWSET */
394 typedef struct net_q_srv_pwset_info
396 DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
397 uint8 pwd[16]; /* new password - undocumented. */
401 /* NET_R_SRV_PWSET */
402 typedef struct net_r_srv_pwset_info
404 DOM_CRED srv_cred; /* server-calculated credentials */
406 NTSTATUS status; /* return code */
411 typedef struct net_network_info_2
413 uint32 ptr_id_info2; /* pointer to id_info_2 */
414 UNIHDR hdr_domain_name; /* domain name unicode header */
415 uint32 param_ctrl; /* param control (0x2) */
416 DOM_LOGON_ID logon_id; /* logon ID */
417 UNIHDR hdr_user_name; /* user name unicode header */
418 UNIHDR hdr_wksta_name; /* workstation name unicode header */
419 uint8 lm_chal[8]; /* lan manager 8 byte challenge */
420 STRHDR hdr_nt_chal_resp; /* nt challenge response */
421 STRHDR hdr_lm_chal_resp; /* lm challenge response */
423 UNISTR2 uni_domain_name; /* domain name unicode string */
424 UNISTR2 uni_user_name; /* user name unicode string */
425 UNISTR2 uni_wksta_name; /* workgroup name unicode string */
426 STRING2 nt_chal_resp; /* nt challenge response */
427 STRING2 lm_chal_resp; /* lm challenge response */
432 typedef struct id_info_1
434 uint32 ptr_id_info1; /* pointer to id_info_1 */
435 UNIHDR hdr_domain_name; /* domain name unicode header */
436 uint32 param_ctrl; /* param control */
437 DOM_LOGON_ID logon_id; /* logon ID */
438 UNIHDR hdr_user_name; /* user name unicode header */
439 UNIHDR hdr_wksta_name; /* workstation name unicode header */
440 OWF_INFO lm_owf; /* LM OWF Password */
441 OWF_INFO nt_owf; /* NT OWF Password */
442 UNISTR2 uni_domain_name; /* domain name unicode string */
443 UNISTR2 uni_user_name; /* user name unicode string */
444 UNISTR2 uni_wksta_name; /* workgroup name unicode string */
448 #define INTERACTIVE_LOGON_TYPE 1
449 #define NET_LOGON_TYPE 2
451 /* NET_ID_INFO_CTR */
452 typedef struct net_id_info_ctr_info
458 NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
459 NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
465 /* SAM_INFO - sam logon/off id structure */
466 typedef struct sam_info
468 DOM_CLNT_INFO2 client;
469 uint32 ptr_rtn_cred; /* pointer to return credentials */
470 DOM_CRED rtn_cred; /* return credentials */
472 NET_ID_INFO_CTR *ctr;
476 /* NET_Q_SAM_LOGON */
477 typedef struct net_q_sam_logon_info
480 uint16 validation_level;
484 /* NET_R_SAM_LOGON */
485 typedef struct net_r_sam_logon_info
487 uint32 buffer_creds; /* undocumented buffer pointer */
488 DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
490 uint16 switch_value; /* 3 - indicates type of USER INFO */
491 NET_USER_INFO_3 *user;
493 uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
495 NTSTATUS status; /* return code */
500 /* NET_Q_SAM_LOGOFF */
501 typedef struct net_q_sam_logoff_info
507 /* NET_R_SAM_LOGOFF */
508 typedef struct net_r_sam_logoff_info
510 uint32 buffer_creds; /* undocumented buffer pointer */
511 DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
513 NTSTATUS status; /* return code */
518 typedef struct net_q_sam_sync_info
520 UNISTR2 uni_srv_name; /* \\PDC */
521 UNISTR2 uni_cli_name; /* BDC */
526 uint32 restart_state;
529 uint32 max_size; /* preferred maximum length */
534 typedef struct sam_delta_hdr_info
536 uint16 type; /* type of structure attached */
545 /* SAM_DOMAIN_INFO (0x1) */
546 typedef struct sam_domain_info_info
551 UINT64_S force_logoff;
553 uint16 pwd_history_len;
554 UINT64_S max_pwd_age;
555 UINT64_S min_pwd_age;
556 UINT64_S dom_mod_count;
557 NTTIME creation_time;
559 BUFHDR2 hdr_sec_desc; /* security descriptor */
563 UNISTR2 uni_dom_name;
564 UNISTR2 buf_oem_info; /* never seen */
566 BUFFER4 buf_sec_desc;
571 /* SAM_GROUP_INFO (0x2) */
572 typedef struct sam_group_info_info
577 BUFHDR2 hdr_sec_desc; /* security descriptor */
580 UNISTR2 uni_grp_name;
581 UNISTR2 uni_grp_desc;
582 BUFFER4 buf_sec_desc;
587 typedef struct sam_passwd_info
589 /* this structure probably contains password history */
590 /* this is probably a count of lm/nt pairs */
591 uint32 unk_0; /* 0x0000 0002 */
594 uint8 buf_lm_pwd[16];
597 uint8 buf_nt_pwd[16];
604 /* SAM_ACCOUNT_INFO (0x5) */
605 typedef struct sam_account_info_info
607 UNIHDR hdr_acct_name;
608 UNIHDR hdr_full_name;
614 UNIHDR hdr_dir_drive;
615 UNIHDR hdr_logon_script;
616 UNIHDR hdr_acct_desc;
617 UNIHDR hdr_workstations;
622 uint32 logon_divs; /* 0xA8 */
623 uint32 ptr_logon_hrs;
625 uint16 bad_pwd_count;
627 NTTIME pwd_last_set_time;
628 NTTIME acct_expiry_time;
633 uint8 nt_pwd_present;
634 uint8 lm_pwd_present;
638 UNIHDR hdr_parameters;
642 BUFHDR2 hdr_sec_desc; /* security descriptor */
645 UNIHDR hdr_reserved[3]; /* space for more strings */
646 uint32 dw_reserved[4]; /* space for more data - first two seem to
649 UNISTR2 uni_acct_name;
650 UNISTR2 uni_full_name;
651 UNISTR2 uni_home_dir;
652 UNISTR2 uni_dir_drive;
653 UNISTR2 uni_logon_script;
654 UNISTR2 uni_acct_desc;
655 UNISTR2 uni_workstations;
657 uint32 unknown1; /* 0x4EC */
658 uint32 unknown2; /* 0 */
660 BUFFER4 buf_logon_hrs;
662 UNISTR2 uni_parameters;
664 BUFFER4 buf_sec_desc;
669 /* SAM_GROUP_MEM_INFO (0x8) */
670 typedef struct sam_group_mem_info_info
683 } SAM_GROUP_MEM_INFO;
685 /* SAM_ALIAS_INFO (0x9) */
686 typedef struct sam_alias_info_info
690 BUFHDR2 hdr_sec_desc; /* security descriptor */
694 UNISTR2 uni_als_name;
695 BUFFER4 buf_sec_desc;
696 UNISTR2 uni_als_desc;
700 /* SAM_ALIAS_MEM_INFO (0xC) */
701 typedef struct sam_alias_mem_info_info
711 } SAM_ALIAS_MEM_INFO;
714 /* SAM_DELTA_DOM (0x0D) */
717 uint32 unknown1; /* 0x5000 */
718 uint32 unknown2; /* 0 */
719 uint32 unknown3; /* 0 */
720 uint32 unknown4; /* 0 */
728 uint32 unknown4b; /* 0x02000000 */
729 uint32 unknown5; /* 0x00100000 */
730 uint32 unknown6; /* 0x00010000 */
731 uint32 unknown7; /* 0x0f000000 */
732 uint32 unknown8; /* 0 */
733 uint32 unknown9; /* 0 */
734 uint32 unknown10; /* 0 */
735 uint32 unknown11; /* 0x3c*/
736 uint32 unknown12; /* 0*/
738 uint32 unknown13; /* a7080110 */
739 uint32 unknown14; /* 01bfb0dd */
740 uint32 unknown15; /* 0f */
741 uint32 unknown16; /* 68 */
742 uint32 unknown17; /* 00169000 */
745 uint32 unknown18; /* 0 times count4 */
747 uint32 unknown19; /* 8 */
749 uint32 unknown20; /* 0x04 times count1 */
758 /* SAM_DELTA_UNK0E (0x0e) */
778 /* SAM_DELTA_PRIVS (0x10) */
786 uint32 reserved1; /* 0x0 */
803 uint32 unknown10; /* 48 bytes 0x0*/
805 uint32 attribute_count;
808 uint32 privlist_count;
809 UNIHDR *hdr_privslist;
810 UNISTR2 *uni_privslist;
815 /* SAM_DELTA_UNK12 (0x12) */
834 uint32 unknow2; /* 0x0 12 times */
837 uint32 reserved1; /* 0 */
842 uint32 reserved2; /* 0 */
851 /* SAM_DELTA_STAMP (0x16) */
855 uint32 dom_mod_count_ptr;
856 UINT64_S dom_mod_count; /* domain mod count at last sync */
859 typedef union sam_delta_ctr_info
861 SAM_DOMAIN_INFO domain_info ;
862 SAM_GROUP_INFO group_info ;
863 SAM_ACCOUNT_INFO account_info;
864 SAM_GROUP_MEM_INFO grp_mem_info;
865 SAM_ALIAS_INFO alias_info ;
866 SAM_ALIAS_MEM_INFO als_mem_info;
867 SAM_DELTA_DOM dom_info;
868 SAM_DELTA_PRIVS privs_info;
869 SAM_DELTA_STAMP stamp;
870 SAM_DELTA_UNK0E unk0e_info;
871 SAM_DELTA_UNK12 unk12_info;
875 typedef struct net_r_sam_sync_info
886 SAM_DELTA_HDR *hdr_deltas;
887 SAM_DELTA_CTR *deltas;
892 /* NET_Q_SAM_DELTAS */
893 typedef struct net_q_sam_deltas_info
895 UNISTR2 uni_srv_name;
896 UNISTR2 uni_cli_name;
901 UINT64_S dom_mod_count; /* domain mod count at last sync */
903 uint32 max_size; /* preferred maximum length */
907 /* NET_R_SAM_DELTAS */
908 typedef struct net_r_sam_deltas_info
912 UINT64_S dom_mod_count; /* new domain mod count */
918 SAM_DELTA_HDR *hdr_deltas;
919 SAM_DELTA_CTR *deltas;
924 #endif /* _RPC_NETLOGON_H */