2 Unix SMB/CIFS implementation.
3 SMB parameters and setup
4 Copyright (C) Andrew Tridgell 1992-1997
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
6 Copyright (C) Paul Ashton 1997
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 #ifndef _RPC_NETLOGON_H /* _RPC_NETLOGON_H */
24 #define _RPC_NETLOGON_H
28 #define NET_SAMLOGON 0x02
29 #define NET_SAMLOGOFF 0x03
30 #define NET_REQCHAL 0x04
32 #define NET_SRVPWSET 0x06
33 #define NET_SAM_DELTAS 0x07
34 #define NET_LOGON_CTRL 0x0c
35 #define NET_AUTH2 0x0f
36 #define NET_LOGON_CTRL2 0x0e
37 #define NET_SAM_SYNC 0x10
38 #define NET_TRUST_DOM_LIST 0x13
40 /* Secure Channel types. used in NetrServerAuthenticate negotiation */
41 #define SEC_CHAN_WKSTA 2
42 #define SEC_CHAN_DOMAIN 4
43 #define SEC_CHAN_BDC 6
45 /* Returned delta types */
46 #define SAM_DELTA_DOMAIN_INFO 0x01 /* Domain */
47 #define SAM_DELTA_GROUP_INFO 0x02 /* Domain groups */
48 #define SAM_DELTA_ACCOUNT_INFO 0x05 /* Users */
49 #define SAM_DELTA_GROUP_MEM 0x08 /* Group membership */
50 #define SAM_DELTA_ALIAS_INFO 0x09 /* Local groups */
51 #define SAM_DELTA_ALIAS_MEM 0x0C /* Local group membership */
52 #define SAM_DELTA_DOM_INFO 0x0D /* Privilige stuff */
53 #define SAM_DELTA_UNK0E_INFO 0x0e /* Privilige stuff */
54 #define SAM_DELTA_PRIVS_INFO 0x10 /* Privilige stuff */
55 #define SAM_DELTA_UNK12_INFO 0x12 /* Privilige stuff */
56 #define SAM_DELTA_SAM_STAMP 0x16 /* Some kind of journal record? */
58 /* SAM database types */
59 #define SAM_DATABASE_DOMAIN 0x00 /* Domain users and groups */
60 #define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and groups */
61 #define SAM_DATABASE_PRIVS 0x02 /* Priviliges? */
64 /* I think this is correct - it's what gets parsed on the wire. JRA. */
66 typedef struct net_user_info_2
70 NTTIME logon_time; /* logon time */
71 NTTIME logoff_time; /* logoff time */
72 NTTIME kickoff_time; /* kickoff time */
73 NTTIME pass_last_set_time; /* password last set time */
74 NTTIME pass_can_change_time; /* password can change time */
75 NTTIME pass_must_change_time; /* password must change time */
77 UNIHDR hdr_user_name; /* username unicode string header */
78 UNIHDR hdr_full_name; /* user's full name unicode string header */
79 UNIHDR hdr_logon_script; /* logon script unicode string header */
80 UNIHDR hdr_profile_path; /* profile path unicode string header */
81 UNIHDR hdr_home_dir; /* home directory unicode string header */
82 UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
84 uint16 logon_count; /* logon count */
85 uint16 bad_pw_count; /* bad password count */
87 uint32 user_id; /* User ID */
88 uint32 group_id; /* Group ID */
89 uint32 num_groups; /* num groups */
90 uint32 buffer_groups; /* undocumented buffer pointer to groups. */
91 uint32 user_flgs; /* user flags */
93 uint8 user_sess_key[16]; /* unused user session key */
95 UNIHDR hdr_logon_srv; /* logon server unicode string header */
96 UNIHDR hdr_logon_dom; /* logon domain unicode string header */
98 uint32 buffer_dom_id; /* undocumented logon domain id pointer */
99 uint8 padding[40]; /* unused padding bytes. expansion room */
101 UNISTR2 uni_user_name; /* username unicode string */
102 UNISTR2 uni_full_name; /* user's full name unicode string */
103 UNISTR2 uni_logon_script; /* logon script unicode string */
104 UNISTR2 uni_profile_path; /* profile path unicode string */
105 UNISTR2 uni_home_dir; /* home directory unicode string */
106 UNISTR2 uni_dir_drive; /* home directory drive unicode string */
108 uint32 num_groups2; /* num groups */
109 DOM_GID *gids; /* group info */
111 UNISTR2 uni_logon_srv; /* logon server unicode string */
112 UNISTR2 uni_logon_dom; /* logon domain unicode string */
114 DOM_SID2 dom_sid; /* domain SID */
116 uint32 num_other_groups; /* other groups */
117 DOM_GID *other_gids; /* group info */
118 DOM_SID2 *other_sids; /* undocumented - domain SIDs */
123 /* NET_USER_INFO_3 */
124 typedef struct net_user_info_3
126 uint32 ptr_user_info;
128 NTTIME logon_time; /* logon time */
129 NTTIME logoff_time; /* logoff time */
130 NTTIME kickoff_time; /* kickoff time */
131 NTTIME pass_last_set_time; /* password last set time */
132 NTTIME pass_can_change_time; /* password can change time */
133 NTTIME pass_must_change_time; /* password must change time */
135 UNIHDR hdr_user_name; /* username unicode string header */
136 UNIHDR hdr_full_name; /* user's full name unicode string header */
137 UNIHDR hdr_logon_script; /* logon script unicode string header */
138 UNIHDR hdr_profile_path; /* profile path unicode string header */
139 UNIHDR hdr_home_dir; /* home directory unicode string header */
140 UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
142 uint16 logon_count; /* logon count */
143 uint16 bad_pw_count; /* bad password count */
145 uint32 user_rid; /* User RID */
146 uint32 group_rid; /* Group RID */
148 uint32 num_groups; /* num groups */
149 uint32 buffer_groups; /* undocumented buffer pointer to groups. */
150 uint32 user_flgs; /* user flags */
152 uint8 user_sess_key[16]; /* unused user session key */
154 UNIHDR hdr_logon_srv; /* logon server unicode string header */
155 UNIHDR hdr_logon_dom; /* logon domain unicode string header */
157 uint32 buffer_dom_id; /* undocumented logon domain id pointer */
158 uint8 padding[40]; /* unused padding bytes. expansion room */
160 uint32 num_other_sids; /* 0 - num_sids */
161 uint32 buffer_other_sids; /* NULL - undocumented pointer to SIDs. */
163 UNISTR2 uni_user_name; /* username unicode string */
164 UNISTR2 uni_full_name; /* user's full name unicode string */
165 UNISTR2 uni_logon_script; /* logon script unicode string */
166 UNISTR2 uni_profile_path; /* profile path unicode string */
167 UNISTR2 uni_home_dir; /* home directory unicode string */
168 UNISTR2 uni_dir_drive; /* home directory drive unicode string */
170 uint32 num_groups2; /* num groups */
171 DOM_GID *gids; /* group info */
173 UNISTR2 uni_logon_srv; /* logon server unicode string */
174 UNISTR2 uni_logon_dom; /* logon domain unicode string */
176 DOM_SID2 dom_sid; /* domain SID */
178 uint32 num_other_groups; /* other groups */
179 DOM_GID *other_gids; /* group info */
180 DOM_SID2 *other_sids; /* undocumented - domain SIDs */
185 /* NETLOGON_INFO_1 - pdc status info, i presume */
186 typedef struct netlogon_1_info
188 uint32 flags; /* 0x0 - undocumented */
189 uint32 pdc_status; /* 0x0 - undocumented */
193 /* NETLOGON_INFO_2 - pdc status info, plus trusted domain info */
194 typedef struct netlogon_2_info
196 uint32 flags; /* 0x0 - undocumented */
197 uint32 pdc_status; /* 0x0 - undocumented */
198 uint32 ptr_trusted_dc_name; /* pointer to trusted domain controller name */
199 uint32 tc_status; /* 0x051f - ERROR_NO_LOGON_SERVERS */
200 UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */
204 /* NETLOGON_INFO_3 - logon status info, i presume */
205 typedef struct netlogon_3_info
207 uint32 flags; /* 0x0 - undocumented */
208 uint32 logon_attempts; /* number of logon attempts */
209 uint32 reserved_1; /* 0x0 - undocumented */
210 uint32 reserved_2; /* 0x0 - undocumented */
211 uint32 reserved_3; /* 0x0 - undocumented */
212 uint32 reserved_4; /* 0x0 - undocumented */
213 uint32 reserved_5; /* 0x0 - undocumented */
217 /********************************************************
220 This is generated by a nltest /bdc_query:DOMAIN
222 query_level 0x1, function_code 0x1
224 ********************************************************/
226 /* NET_Q_LOGON_CTRL - LSA Netr Logon Control */
228 typedef struct net_q_logon_ctrl_info
231 UNISTR2 uni_server_name;
232 uint32 function_code;
236 /* NET_R_LOGON_CTRL - LSA Netr Logon Control */
238 typedef struct net_r_logon_ctrl_info
244 NETLOGON_INFO_1 info1;
250 /********************************************************
253 query_level 0x1 - pdc status
254 query_level 0x3 - number of logon attempts.
256 ********************************************************/
258 /* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2 */
259 typedef struct net_q_logon_ctrl2_info
261 uint32 ptr; /* undocumented buffer pointer */
262 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
264 uint32 function_code; /* 0x1 */
265 uint32 query_level; /* 0x1, 0x3 */
266 uint32 switch_value; /* 0x1 */
270 /*******************************************************
271 Logon Control Response
273 switch_value is same as query_level in request
274 *******************************************************/
276 /* NET_R_LOGON_CTRL2 - response to LSA Logon Control2 */
277 typedef struct net_r_logon_ctrl2_info
279 uint32 switch_value; /* 0x1, 0x3 */
284 NETLOGON_INFO_1 info1;
285 NETLOGON_INFO_2 info2;
286 NETLOGON_INFO_3 info3;
290 NTSTATUS status; /* return code */
294 /* NET_Q_TRUST_DOM_LIST - LSA Query Trusted Domains */
295 typedef struct net_q_trust_dom_info
297 uint32 ptr; /* undocumented buffer pointer */
298 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
300 } NET_Q_TRUST_DOM_LIST;
302 #define MAX_TRUST_DOMS 1
304 /* NET_R_TRUST_DOM_LIST - response to LSA Trusted Domains */
305 typedef struct net_r_trust_dom_info
307 UNISTR2 uni_trust_dom_name[MAX_TRUST_DOMS];
309 NTSTATUS status; /* return code */
311 } NET_R_TRUST_DOM_LIST;
315 typedef struct neg_flags_info
317 uint32 neg_flags; /* negotiated flags */
323 typedef struct net_q_req_chal_info
325 uint32 undoc_buffer; /* undocumented buffer pointer */
326 UNISTR2 uni_logon_srv; /* logon server unicode string */
327 UNISTR2 uni_logon_clnt; /* logon client unicode string */
328 DOM_CHAL clnt_chal; /* client challenge */
334 typedef struct net_r_req_chal_info
336 DOM_CHAL srv_chal; /* server challenge */
337 NTSTATUS status; /* return code */
341 typedef struct net_q_auth_info
343 DOM_LOG_INFO clnt_id; /* client identification info */
344 DOM_CHAL clnt_chal; /* client-calculated credentials */
348 typedef struct net_r_auth_info
350 DOM_CHAL srv_chal; /* server-calculated credentials */
351 NTSTATUS status; /* return code */
355 typedef struct net_q_auth2_info
357 DOM_LOG_INFO clnt_id; /* client identification info */
358 DOM_CHAL clnt_chal; /* client-calculated credentials */
360 NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
366 typedef struct net_r_auth2_info
368 DOM_CHAL srv_chal; /* server-calculated credentials */
369 NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
370 NTSTATUS status; /* return code */
374 /* NET_Q_SRV_PWSET */
375 typedef struct net_q_srv_pwset_info
377 DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
378 uint8 pwd[16]; /* new password - undocumented. */
382 /* NET_R_SRV_PWSET */
383 typedef struct net_r_srv_pwset_info
385 DOM_CRED srv_cred; /* server-calculated credentials */
387 NTSTATUS status; /* return code */
392 typedef struct net_network_info_2
394 uint32 ptr_id_info2; /* pointer to id_info_2 */
395 UNIHDR hdr_domain_name; /* domain name unicode header */
396 uint32 param_ctrl; /* param control (0x2) */
397 DOM_LOGON_ID logon_id; /* logon ID */
398 UNIHDR hdr_user_name; /* user name unicode header */
399 UNIHDR hdr_wksta_name; /* workstation name unicode header */
400 uint8 lm_chal[8]; /* lan manager 8 byte challenge */
401 STRHDR hdr_nt_chal_resp; /* nt challenge response */
402 STRHDR hdr_lm_chal_resp; /* lm challenge response */
404 UNISTR2 uni_domain_name; /* domain name unicode string */
405 UNISTR2 uni_user_name; /* user name unicode string */
406 UNISTR2 uni_wksta_name; /* workgroup name unicode string */
407 STRING2 nt_chal_resp; /* nt challenge response */
408 STRING2 lm_chal_resp; /* lm challenge response */
413 typedef struct id_info_1
415 uint32 ptr_id_info1; /* pointer to id_info_1 */
416 UNIHDR hdr_domain_name; /* domain name unicode header */
417 uint32 param_ctrl; /* param control */
418 DOM_LOGON_ID logon_id; /* logon ID */
419 UNIHDR hdr_user_name; /* user name unicode header */
420 UNIHDR hdr_wksta_name; /* workstation name unicode header */
421 OWF_INFO lm_owf; /* LM OWF Password */
422 OWF_INFO nt_owf; /* NT OWF Password */
423 UNISTR2 uni_domain_name; /* domain name unicode string */
424 UNISTR2 uni_user_name; /* user name unicode string */
425 UNISTR2 uni_wksta_name; /* workgroup name unicode string */
429 #define INTERACTIVE_LOGON_TYPE 1
430 #define NET_LOGON_TYPE 2
432 /* NET_ID_INFO_CTR */
433 typedef struct net_id_info_ctr_info
439 NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
440 NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
446 /* SAM_INFO - sam logon/off id structure */
447 typedef struct sam_info
449 DOM_CLNT_INFO2 client;
450 uint32 ptr_rtn_cred; /* pointer to return credentials */
451 DOM_CRED rtn_cred; /* return credentials */
453 NET_ID_INFO_CTR *ctr;
457 /* NET_Q_SAM_LOGON */
458 typedef struct net_q_sam_logon_info
461 uint16 validation_level;
465 /* NET_R_SAM_LOGON */
466 typedef struct net_r_sam_logon_info
468 uint32 buffer_creds; /* undocumented buffer pointer */
469 DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
471 uint16 switch_value; /* 3 - indicates type of USER INFO */
472 NET_USER_INFO_3 *user;
474 uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
476 NTSTATUS status; /* return code */
481 /* NET_Q_SAM_LOGOFF */
482 typedef struct net_q_sam_logoff_info
488 /* NET_R_SAM_LOGOFF */
489 typedef struct net_r_sam_logoff_info
491 uint32 buffer_creds; /* undocumented buffer pointer */
492 DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
494 NTSTATUS status; /* return code */
499 typedef struct net_q_sam_sync_info
501 UNISTR2 uni_srv_name; /* \\PDC */
502 UNISTR2 uni_cli_name; /* BDC */
507 uint32 restart_state;
510 uint32 max_size; /* preferred maximum length */
515 typedef struct sam_delta_hdr_info
517 uint16 type; /* type of structure attached */
526 /* SAM_DOMAIN_INFO (0x1) */
527 typedef struct sam_domain_info_info
532 UINT64_S force_logoff;
534 uint16 pwd_history_len;
535 UINT64_S max_pwd_age;
536 UINT64_S min_pwd_age;
537 UINT64_S dom_mod_count;
538 NTTIME creation_time;
540 BUFHDR2 hdr_sec_desc; /* security descriptor */
544 UNISTR2 uni_dom_name;
545 UNISTR2 buf_oem_info; /* never seen */
547 BUFFER4 buf_sec_desc;
552 /* SAM_GROUP_INFO (0x2) */
553 typedef struct sam_group_info_info
558 BUFHDR2 hdr_sec_desc; /* security descriptor */
561 UNISTR2 uni_grp_name;
562 UNISTR2 uni_grp_desc;
563 BUFFER4 buf_sec_desc;
568 typedef struct sam_passwd_info
570 /* this structure probably contains password history */
571 /* this is probably a count of lm/nt pairs */
572 uint32 unk_0; /* 0x0000 0002 */
575 uint8 buf_lm_pwd[16];
578 uint8 buf_nt_pwd[16];
585 /* SAM_ACCOUNT_INFO (0x5) */
586 typedef struct sam_account_info_info
588 UNIHDR hdr_acct_name;
589 UNIHDR hdr_full_name;
595 UNIHDR hdr_dir_drive;
596 UNIHDR hdr_logon_script;
597 UNIHDR hdr_acct_desc;
598 UNIHDR hdr_workstations;
603 uint32 logon_divs; /* 0xA8 */
604 uint32 ptr_logon_hrs;
606 uint16 bad_pwd_count;
608 NTTIME pwd_last_set_time;
609 NTTIME acct_expiry_time;
614 uint8 nt_pwd_present;
615 uint8 lm_pwd_present;
619 UNIHDR hdr_parameters;
623 BUFHDR2 hdr_sec_desc; /* security descriptor */
626 UNIHDR hdr_reserved[3]; /* space for more strings */
627 uint32 dw_reserved[4]; /* space for more data - first two seem to
630 UNISTR2 uni_acct_name;
631 UNISTR2 uni_full_name;
632 UNISTR2 uni_home_dir;
633 UNISTR2 uni_dir_drive;
634 UNISTR2 uni_logon_script;
635 UNISTR2 uni_acct_desc;
636 UNISTR2 uni_workstations;
638 uint32 unknown1; /* 0x4EC */
639 uint32 unknown2; /* 0 */
641 BUFFER4 buf_logon_hrs;
643 UNISTR2 uni_parameters;
645 BUFFER4 buf_sec_desc;
650 /* SAM_GROUP_MEM_INFO (0x8) */
651 typedef struct sam_group_mem_info_info
664 } SAM_GROUP_MEM_INFO;
666 /* SAM_ALIAS_INFO (0x9) */
667 typedef struct sam_alias_info_info
671 BUFHDR2 hdr_sec_desc; /* security descriptor */
675 UNISTR2 uni_als_name;
676 BUFFER4 buf_sec_desc;
677 UNISTR2 uni_als_desc;
681 /* SAM_ALIAS_MEM_INFO (0xC) */
682 typedef struct sam_alias_mem_info_info
692 } SAM_ALIAS_MEM_INFO;
695 /* SAM_DELTA_DOM (0x0D) */
698 uint32 unknown1; /* 0x5000 */
699 uint32 unknown2; /* 0 */
700 uint32 unknown3; /* 0 */
701 uint32 unknown4; /* 0 */
709 uint32 unknown4b; /* 0x02000000 */
710 uint32 unknown5; /* 0x00100000 */
711 uint32 unknown6; /* 0x00010000 */
712 uint32 unknown7; /* 0x0f000000 */
713 uint32 unknown8; /* 0 */
714 uint32 unknown9; /* 0 */
715 uint32 unknown10; /* 0 */
716 uint32 unknown11; /* 0x3c*/
717 uint32 unknown12; /* 0*/
719 uint32 unknown13; /* a7080110 */
720 uint32 unknown14; /* 01bfb0dd */
721 uint32 unknown15; /* 0f */
722 uint32 unknown16; /* 68 */
723 uint32 unknown17; /* 00169000 */
726 uint32 unknown18; /* 0 times count4 */
728 uint32 unknown19; /* 8 */
730 uint32 unknown20; /* 0x04 times count1 */
739 /* SAM_DELTA_UNK0E (0x0e) */
759 /* SAM_DELTA_PRIVS (0x10) */
767 uint32 reserved1; /* 0x0 */
784 uint32 unknown10; /* 48 bytes 0x0*/
786 uint32 attribute_count;
789 uint32 privlist_count;
790 UNIHDR *hdr_privslist;
791 UNISTR2 *uni_privslist;
796 /* SAM_DELTA_UNK12 (0x12) */
815 uint32 unknow2; /* 0x0 12 times */
818 uint32 reserved1; /* 0 */
823 uint32 reserved2; /* 0 */
832 /* SAM_DELTA_STAMP (0x16) */
836 uint32 dom_mod_count_ptr;
837 UINT64_S dom_mod_count; /* domain mod count at last sync */
840 typedef union sam_delta_ctr_info
842 SAM_DOMAIN_INFO domain_info ;
843 SAM_GROUP_INFO group_info ;
844 SAM_ACCOUNT_INFO account_info;
845 SAM_GROUP_MEM_INFO grp_mem_info;
846 SAM_ALIAS_INFO alias_info ;
847 SAM_ALIAS_MEM_INFO als_mem_info;
848 SAM_DELTA_DOM dom_info;
849 SAM_DELTA_PRIVS privs_info;
850 SAM_DELTA_STAMP stamp;
851 SAM_DELTA_UNK0E unk0e_info;
852 SAM_DELTA_UNK12 unk12_info;
856 typedef struct net_r_sam_sync_info
867 SAM_DELTA_HDR *hdr_deltas;
868 SAM_DELTA_CTR *deltas;
873 /* NET_Q_SAM_DELTAS */
874 typedef struct net_q_sam_deltas_info
876 UNISTR2 uni_srv_name;
877 UNISTR2 uni_cli_name;
882 UINT64_S dom_mod_count; /* domain mod count at last sync */
884 uint32 max_size; /* preferred maximum length */
888 /* NET_R_SAM_DELTAS */
889 typedef struct net_r_sam_deltas_info
893 UINT64_S dom_mod_count; /* new domain mod count */
899 SAM_DELTA_HDR *hdr_deltas;
900 SAM_DELTA_CTR *deltas;
905 #endif /* _RPC_NETLOGON_H */