s4-netlogon: merge netr_DatabaseSync2 from s3 idl.
[ira/wip.git] / source3 / librpc / idl / netlogon.idl
1 /*
2   netlogon interface
3   much of this was derived from the ethereal sources - thanks to everyone 
4   who contributed!
5 */
6
7 import "misc.idl", "lsa.idl", "samr.idl", "security.idl", "nbt.idl";
8
9 #include "idl_types.h"
10
11 [
12   uuid("12345678-1234-abcd-ef00-01234567cffb"),
13   version(1.0),
14   endpoint("ncacn_np:[\\pipe\\netlogon]","ncacn_ip_tcp:","ncalrpc:"),
15   pointer_default(unique)
16 ]
17
18 interface netlogon
19 {
20         typedef bitmap samr_AcctFlags samr_AcctFlags;
21         typedef bitmap samr_GroupAttrs samr_GroupAttrs;
22
23         /*****************/
24         /* Function 0x00 */
25
26         typedef struct {
27                 [string,charset(UTF16)] uint16 *account_name;
28                 uint32 priv;
29                 uint32 auth_flags;
30                 uint32 logon_count;
31                 uint32 bad_pw_count;
32                 time_t last_logon;
33                 time_t last_logoff;
34                 time_t logoff_time;
35                 time_t kickoff_time;
36                 uint32 password_age;
37                 time_t pw_can_change;
38                 time_t pw_must_change;
39                 [string,charset(UTF16)] uint16 *computer;
40                 [string,charset(UTF16)] uint16 *domain;
41                 [string,charset(UTF16)] uint16 *script_path;
42                 uint32 unknown;
43         } netr_UasInfo;
44
45         WERROR netr_LogonUasLogon(
46                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
47                 [in]   [string,charset(UTF16)] uint16 account_name[],
48                 [in]   [string,charset(UTF16)] uint16 workstation[],
49                 [out,ref]  netr_UasInfo **info
50                 );
51
52
53         /*****************/
54         /* Function 0x01 */
55
56         typedef struct {
57                 uint32 duration;
58                 uint16 logon_count;
59         } netr_UasLogoffInfo;
60
61         WERROR netr_LogonUasLogoff(
62                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
63                 [in] [string,charset(UTF16)] uint16 account_name[],
64                 [in] [string,charset(UTF16)] uint16 workstation[],
65                 [out,ref] netr_UasLogoffInfo *info
66                 );
67
68
69         /*****************/
70         /* Function 0x02 */
71
72         /* in netr_AcctLockStr size seems to be be 24, and rrenard thinks 
73            that the structure of the bindata looks like this:
74
75                 dlong  lockout_duration;
76                 udlong reset_count;
77                 uint32 bad_attempt_lockout;
78                 uint32 dummy;   
79
80            but it doesn't look as though this structure is reflected at the
81            NDR level. Maybe it is left to the application to decode the bindata array.
82         */
83         typedef [public] struct {
84                 dlong lockout_duration;
85                 udlong reset_count;
86                 uint32 bad_attempt_lockout;
87                 uint32 dummy;
88         } netr_AcctLockStr;
89
90         /* - MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
91          *   sets the NETLOGON_SERVER_TRUST_ACCOUNT user_flag
92          * - MSV1_0_UPDATE_LOGON_STATISTICS
93          *   sets the logon time on network logon
94          * - MSV1_0_RETURN_USER_PARAMETERS
95          *   sets the user parameters in the driveletter
96          * - MSV1_0_RETURN_PROFILE_PATH
97          *   returns the profilepath in the driveletter and
98          *   sets LOGON_PROFILE_PATH_RETURNED user_flag
99          */
100
101         typedef [public,bitmap32bit] bitmap {
102                 MSV1_0_CLEARTEXT_PASSWORD_ALLOWED       = 0x00000002,
103                 MSV1_0_UPDATE_LOGON_STATISTICS          = 0x00000004,
104                 MSV1_0_RETURN_USER_PARAMETERS           = 0x00000008,
105                 MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT       = 0x00000020,
106                 MSV1_0_RETURN_PROFILE_PATH              = 0x00000200,
107                 MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT  = 0x00000800
108         } netr_LogonParameterControl;
109
110         typedef struct {
111                 lsa_String  domain_name;
112                 netr_LogonParameterControl parameter_control; /* see MSV1_0_* */
113                 uint32      logon_id_low;
114                 uint32      logon_id_high;
115                 lsa_String  account_name;
116                 lsa_String  workstation;
117         } netr_IdentityInfo;
118
119         typedef struct {
120                 netr_IdentityInfo identity_info;
121                 samr_Password lmpassword;
122                 samr_Password ntpassword;
123         } netr_PasswordInfo;
124
125         typedef [flag(NDR_PAHEX)] struct {
126                 uint16 length;
127                 [value(length)] uint16 size;
128                 [size_is(length),length_is(length)] uint8 *data;
129         } netr_ChallengeResponse;
130
131         typedef [flag(NDR_PAHEX)] struct {
132                 netr_IdentityInfo identity_info;
133                 uint8 challenge[8];
134                 netr_ChallengeResponse nt;
135                 netr_ChallengeResponse lm;
136         } netr_NetworkInfo;
137
138         typedef [flag(NDR_PAHEX)] struct {
139                 netr_IdentityInfo identity_info;
140                 lsa_String  package_name;
141                 uint32 length;
142                 [size_is(length)] uint8 *data;
143         } netr_GenericInfo;
144
145         typedef enum {
146                 NetlogonInteractiveInformation = 1,
147                 NetlogonNetworkInformation = 2,
148                 NetlogonServiceInformation = 3,
149                 NetlogonGenericInformation = 4,
150                 NetlogonInteractiveTransitiveInformation = 5,
151                 NetlogonNetworkTransitiveInformation = 6,
152                 NetlogonServiceTransitiveInformation = 7
153         } netr_LogonInfoClass;
154
155         typedef [public,switch_type(netr_LogonInfoClass)] union {
156                 [case(NetlogonInteractiveInformation)]           netr_PasswordInfo *password;
157                 [case(NetlogonNetworkInformation)]               netr_NetworkInfo  *network;
158                 [case(NetlogonServiceInformation)]               netr_PasswordInfo *password;
159                 [case(NetlogonGenericInformation)]               netr_GenericInfo  *generic;
160                 [case(NetlogonInteractiveTransitiveInformation)] netr_PasswordInfo *password;
161                 [case(NetlogonNetworkTransitiveInformation)]     netr_NetworkInfo  *network;
162                 [case(NetlogonServiceTransitiveInformation)]     netr_PasswordInfo *password;
163         } netr_LogonLevel;
164
165         typedef [public,flag(NDR_PAHEX)] struct {
166                 uint8 key[16];
167         } netr_UserSessionKey;
168
169         typedef [public,flag(NDR_PAHEX)] struct {
170                 uint8 key[8];
171         } netr_LMSessionKey;
172
173         /* Flags for user_flags below */
174         typedef [public,bitmap32bit] bitmap {
175                 NETLOGON_GUEST                  = 0x00000001,
176                 NETLOGON_NOENCRYPTION           = 0x00000002,
177                 NETLOGON_CACHED_ACCOUNT         = 0x00000004,
178                 NETLOGON_USED_LM_PASSWORD       = 0x00000008,
179                 NETLOGON_EXTRA_SIDS             = 0x00000020,
180                 NETLOGON_SUBAUTH_SESSION_KEY    = 0x00000040,
181                 NETLOGON_SERVER_TRUST_ACCOUNT   = 0x00000080,
182                 NETLOGON_NTLMV2_ENABLED         = 0x00000100,
183                 NETLOGON_RESOURCE_GROUPS        = 0x00000200,
184                 NETLOGON_PROFILE_PATH_RETURNED  = 0x00000400,
185                 NETLOGON_GRACE_LOGON            = 0x01000000
186         } netr_UserFlags;
187
188         typedef struct {
189                 NTTIME last_logon;
190                 NTTIME last_logoff;
191                 NTTIME acct_expiry;
192                 NTTIME last_password_change;
193                 NTTIME allow_password_change;
194                 NTTIME force_password_change;
195                 lsa_String account_name;
196                 lsa_String full_name;
197                 lsa_String logon_script;
198                 lsa_String profile_path;
199                 lsa_String home_directory;
200                 lsa_String home_drive;
201                 uint16 logon_count;
202                 uint16 bad_password_count;
203                 uint32 rid;
204                 uint32 primary_gid;
205                 samr_RidWithAttributeArray groups;
206                 netr_UserFlags user_flags;
207                 netr_UserSessionKey key;
208                 lsa_StringLarge logon_server;
209                 lsa_StringLarge domain;
210                 dom_sid2 *domain_sid;
211                 netr_LMSessionKey LMSessKey;
212                 samr_AcctFlags acct_flags;
213                 uint32 unknown[7];
214         } netr_SamBaseInfo;
215
216         typedef struct {
217                 netr_SamBaseInfo base;
218         } netr_SamInfo2;
219
220         typedef struct {
221                 dom_sid2 *sid;
222                 samr_GroupAttrs attributes;
223         } netr_SidAttr;
224
225         typedef [public] struct {
226                 netr_SamBaseInfo base;
227                 uint32 sidcount;
228                 [size_is(sidcount)] netr_SidAttr *sids;
229         } netr_SamInfo3;
230
231         typedef struct {
232                 netr_SamBaseInfo base;
233                 uint32 sidcount;
234                 [size_is(sidcount)] netr_SidAttr *sids;
235                 lsa_String forest;
236                 lsa_String principle;
237                 uint32 unknown4[20];
238         } netr_SamInfo6;
239
240         typedef struct {
241                 uint32 pac_size;
242                 [size_is(pac_size)] uint8 *pac;
243                 lsa_String logon_domain;
244                 lsa_String logon_server;
245                 lsa_String principal_name;
246                 uint32 auth_size;
247                 [size_is(auth_size)] uint8 *auth;
248                 netr_UserSessionKey user_session_key;
249                 uint32 expansionroom[10];
250                 lsa_String unknown1;
251                 lsa_String unknown2;
252                 lsa_String unknown3;
253                 lsa_String unknown4;
254         } netr_PacInfo;
255
256         typedef [flag(NDR_PAHEX)] struct {
257                 uint32 length;
258                 [size_is(length)] uint8 *data;
259         } netr_GenericInfo2;
260
261         typedef enum {
262                 NetlogonValidationUasInfo = 1,
263                 NetlogonValidationSamInfo = 2,
264                 NetlogonValidationSamInfo2 = 3,
265                 NetlogonValidationGenericInfo2 = 5,
266                 NetlogonValidationSamInfo4 = 6
267         } netr_ValidationInfoClass;
268
269         typedef [public,switch_type(uint16)] union {
270                 [case(NetlogonValidationSamInfo)] netr_SamInfo2 *sam2;
271                 [case(NetlogonValidationSamInfo2)] netr_SamInfo3 *sam3;
272                 [case(4)] netr_PacInfo  *pac;
273                 [case(NetlogonValidationGenericInfo2)] netr_GenericInfo2  *generic;
274                 [case(NetlogonValidationSamInfo4)] netr_SamInfo6 *sam6;
275         } netr_Validation;
276
277         typedef [public, flag(NDR_PAHEX)] struct {
278                 uint8 data[8];
279         } netr_Credential;
280
281         typedef [public] struct {
282                 netr_Credential cred;
283                 time_t timestamp;
284         } netr_Authenticator;
285
286         NTSTATUS netr_LogonSamLogon(
287                 [in,unique] [string,charset(UTF16)] uint16         *server_name,
288                 [in,unique] [string,charset(UTF16)] uint16         *computer_name,
289                 [in,unique] netr_Authenticator                     *credential,
290                 [in,out,unique] netr_Authenticator                 *return_authenticator,
291                 [in]  netr_LogonInfoClass                           logon_level,
292                 [in,ref]  [switch_is(logon_level)] netr_LogonLevel *logon,
293                 [in]  uint16                                        validation_level,
294                 [out,ref] [switch_is(validation_level)] netr_Validation *validation,
295                 [out,ref] uint8                                    *authoritative
296                 );
297
298
299         /*****************/
300         /* Function 0x03 */
301
302         NTSTATUS netr_LogonSamLogoff(
303                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
304                 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
305                 [in,unique] netr_Authenticator *credential,
306                 [in,out,unique] netr_Authenticator *return_authenticator,
307                 [in] netr_LogonInfoClass logon_level,
308                 [in] [switch_is(logon_level)] netr_LogonLevel logon
309                 );
310         
311
312
313         /*****************/
314         /* Function 0x04 */
315
316         [public] NTSTATUS netr_ServerReqChallenge(
317                 [in,unique,string,charset(UTF16)] uint16 *server_name,
318                 [in,string,charset(UTF16)] uint16 computer_name[],
319                 [in,ref] netr_Credential *credentials,
320                 [out,ref] netr_Credential *return_credentials
321                 );
322
323
324         /*****************/
325         /* Function 0x05 */
326
327         typedef enum netr_SchannelType netr_SchannelType;
328
329         NTSTATUS netr_ServerAuthenticate(
330                 [in,unique,string,charset(UTF16)] uint16 *server_name,
331                 [in,string,charset(UTF16)] uint16 account_name[],
332                 [in]                       netr_SchannelType secure_channel_type,
333                 [in,string,charset(UTF16)] uint16 computer_name[],
334                 [in,ref] netr_Credential *credentials,
335                 [out,ref] netr_Credential *return_credentials
336                 );
337
338
339         /*****************/
340         /* Function 0x06 */
341
342         NTSTATUS netr_ServerPasswordSet(
343                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
344                 [in]  [string,charset(UTF16)] uint16 account_name[],
345                 [in]  netr_SchannelType secure_channel_type,
346                 [in]  [string,charset(UTF16)] uint16 computer_name[],
347                 [in,ref]  netr_Authenticator *credential,
348                 [out,ref] netr_Authenticator *return_authenticator,
349                 [in,ref] samr_Password *new_password
350                 );
351
352
353         /*****************/
354         /* Function 0x07 */
355
356         typedef enum netr_SamDatabaseID netr_SamDatabaseID;
357
358         typedef struct {
359                 [string,charset(UTF16)] uint16 *account_name;
360                 lsa_String unknown1;
361                 lsa_String unknown2;
362                 lsa_String unknown3;
363                 lsa_String unknown4;
364                 uint32 unknown5;
365                 uint32 unknown6;
366                 uint32 unknown7;
367                 uint32 unknown8;
368         } netr_DELTA_DELETE_USER;
369
370         typedef struct {
371                 uint16 length;
372                 [value(length)] uint16 size;
373                 uint32 flags;
374                 samr_Password pwd;
375         } netr_USER_KEY16;
376
377         typedef struct {
378                 uint16 nt_length;
379                 [value(nt_length)] uint16 nt_size;
380                 uint32 nt_flags;
381                 uint16 lm_length;
382                 [value(lm_length)] uint16 lm_size;
383                 uint32 lm_flags;
384                 uint8 nt_history[nt_length];
385                 uint8 lm_history[lm_length];
386         } netr_PasswordHistory;
387
388         typedef struct {
389                 netr_USER_KEY16 lmpassword;
390                 netr_USER_KEY16 ntpassword;
391                 netr_PasswordHistory history;
392         } netr_USER_KEYS2;
393
394         typedef struct { /* TODO: make this a union! */
395                 netr_USER_KEYS2 keys2;
396         } netr_USER_KEY_UNION;
397
398         typedef [public] struct {
399                 uint32 version;
400                 netr_USER_KEY_UNION keys;
401         } netr_USER_KEYS;
402
403         typedef struct {
404                 boolean8  SensitiveDataFlag;
405                 uint32 DataLength;
406
407                 /* netr_USER_KEYS encrypted with the session key */
408                 [size_is(DataLength)][flag(NDR_PAHEX)] uint8 *SensitiveData;
409         } netr_USER_PRIVATE_INFO;
410
411         typedef struct {
412                 lsa_String account_name;
413                 lsa_String full_name;
414                 uint32 rid;
415                 uint32 primary_gid;
416                 lsa_String home_directory;
417                 lsa_String home_drive;
418                 lsa_String logon_script;
419                 lsa_String description;
420                 lsa_String workstations;
421                 NTTIME last_logon;
422                 NTTIME last_logoff;
423                 samr_LogonHours logon_hours;
424                 uint16 bad_password_count;
425                 uint16 logon_count;
426                 NTTIME last_password_change;
427                 NTTIME acct_expiry;
428                 samr_AcctFlags acct_flags;
429                 samr_Password lmpassword;
430                 samr_Password ntpassword;
431                 boolean8 nt_password_present;
432                 boolean8 lm_password_present;
433                 boolean8 password_expired;
434                 lsa_String comment;
435                 lsa_String parameters;
436                 uint16 country_code;
437                 uint16 code_page;
438                 netr_USER_PRIVATE_INFO user_private_info;
439                 uint32 SecurityInformation;
440                 sec_desc_buf sdbuf;
441                 lsa_String profile_path;
442                 lsa_String unknown2;
443                 lsa_String unknown3;
444                 lsa_String unknown4;
445                 uint32 unknown5;
446                 uint32 unknown6;
447                 uint32 unknown7;
448                 uint32 unknown8;
449         } netr_DELTA_USER;
450
451         typedef struct {
452                 lsa_String domain_name;
453                 lsa_String oem_information; /* comment */
454                 dlong force_logoff_time;
455                 uint16 min_password_length;
456                 uint16 password_history_length;
457                 /* yes, these are signed. They are in negative 100ns */
458                 dlong  max_password_age;
459                 dlong  min_password_age;
460                 udlong sequence_num;
461                 NTTIME domain_create_time;
462                 uint32 SecurityInformation;
463                 sec_desc_buf sdbuf;
464                 lsa_BinaryString account_lockout;
465                 lsa_String unknown2;
466                 lsa_String unknown3;
467                 lsa_String unknown4;
468                 uint32 logon_to_chgpass;
469                 uint32 unknown6;
470                 uint32 unknown7;
471                 uint32 unknown8;
472         } netr_DELTA_DOMAIN;
473
474         typedef struct {
475                 lsa_String group_name;
476                 uint32 rid;
477                 uint32 attributes;
478                 lsa_String description;
479                 uint32 SecurityInformation;
480                 sec_desc_buf sdbuf;
481                 lsa_String unknown1;
482                 lsa_String unknown2;
483                 lsa_String unknown3;
484                 lsa_String unknown4;
485                 uint32 unknown5;
486                 uint32 unknown6;
487                 uint32 unknown7;
488                 uint32 unknown8;
489         } netr_DELTA_GROUP;
490
491         typedef struct {
492                 lsa_String OldName;
493                 lsa_String NewName;
494                 lsa_String unknown1;
495                 lsa_String unknown2;
496                 lsa_String unknown3;
497                 lsa_String unknown4;
498                 uint32 unknown5;
499                 uint32 unknown6;
500                 uint32 unknown7;
501                 uint32 unknown8;
502         } netr_DELTA_RENAME;
503
504         typedef struct {
505                 [size_is(num_rids)] uint32 *rids;
506                 [size_is(num_rids)] uint32 *attribs;
507                 uint32 num_rids;
508                 uint32 unknown1;
509                 uint32 unknown2;
510                 uint32 unknown3;
511                 uint32 unknown4;
512         } netr_DELTA_GROUP_MEMBER;
513
514         typedef struct {
515                 lsa_String alias_name;
516                 uint32 rid;
517                 uint32 SecurityInformation;
518                 sec_desc_buf sdbuf;
519                 lsa_String description;
520                 lsa_String unknown2;
521                 lsa_String unknown3;
522                 lsa_String unknown4;
523                 uint32 unknown5;
524                 uint32 unknown6;
525                 uint32 unknown7;
526                 uint32 unknown8;
527         } netr_DELTA_ALIAS;
528
529         typedef struct {
530                 lsa_SidArray sids;
531                 uint32 unknown1;
532                 uint32 unknown2;
533                 uint32 unknown3;
534                 uint32 unknown4;
535         } netr_DELTA_ALIAS_MEMBER;
536
537         typedef struct {
538                 uint32 pagedpoollimit;
539                 uint32 nonpagedpoollimit;
540                 uint32 minimumworkingsetsize;
541                 uint32 maximumworkingsetsize;
542                 uint32 pagefilelimit;
543                 NTTIME timelimit;
544         } netr_QUOTA_LIMITS;
545
546         typedef struct {
547                 uint32 maxlogsize;
548                 NTTIME auditretentionperiod;
549                 boolean8 auditingmode;
550                 uint32 maxauditeventcount;
551                 [size_is(maxauditeventcount+1)] uint32 *eventauditoptions;
552                 lsa_String primary_domain_name;
553                 dom_sid2 *sid;
554                 netr_QUOTA_LIMITS quota_limits;
555                 udlong sequence_num;
556                 NTTIME db_create_time;
557                 uint32 SecurityInformation;
558                 sec_desc_buf sdbuf;
559                 lsa_String unknown1;
560                 lsa_String unknown2;
561                 lsa_String unknown3;
562                 lsa_String unknown4;
563                 uint32 unknown5;
564                 uint32 unknown6;
565                 uint32 unknown7;
566                 uint32 unknown8;
567         } netr_DELTA_POLICY;
568
569         typedef struct {
570                 lsa_String domain_name;
571                 uint32 num_controllers;
572                 [size_is(num_controllers)] lsa_String *controller_names;
573                 uint32 SecurityInformation;
574                 sec_desc_buf sdbuf;
575                 lsa_String unknown1;
576                 lsa_String unknown2;
577                 lsa_String unknown3;
578                 lsa_String unknown4;
579                 uint32 posix_offset;
580                 uint32 unknown6;
581                 uint32 unknown7;
582                 uint32 unknown8;
583         } netr_DELTA_TRUSTED_DOMAIN;
584
585         typedef struct {
586                 uint16 unknown;
587         } netr_DELTA_DELETE_TRUST;
588
589         typedef struct {
590                 uint32 privilege_entries;
591                 uint32 privilege_control;
592                 [size_is(privilege_entries)] uint32 *privilege_attrib;
593                 [size_is(privilege_entries)] lsa_String *privilege_name;
594                 netr_QUOTA_LIMITS quotalimits;
595                 uint32 system_flags;
596                 uint32 SecurityInformation;
597                 sec_desc_buf sdbuf;
598                 lsa_String unknown1;
599                 lsa_String unknown2;
600                 lsa_String unknown3;
601                 lsa_String unknown4;
602                 uint32 unknown5;
603                 uint32 unknown6;
604                 uint32 unknown7;
605                 uint32 unknown8;
606         } netr_DELTA_ACCOUNT;
607
608         typedef struct {
609                 uint16 unknown;
610         } netr_DELTA_DELETE_ACCOUNT;
611
612         typedef struct {
613                 uint16 unknown;
614         } netr_DELTA_DELETE_SECRET;
615
616         typedef struct {
617                 uint32 len;
618                 uint32 maxlen;
619                 [size_is(maxlen)][length_is(len)] uint8 *cipher_data;
620         } netr_CIPHER_VALUE;
621
622         typedef struct {
623                 netr_CIPHER_VALUE current_cipher;
624                 NTTIME current_cipher_set_time;
625                 netr_CIPHER_VALUE old_cipher;
626                 NTTIME old_cipher_set_time;
627                 uint32 SecurityInformation;
628                 sec_desc_buf sdbuf;
629                 lsa_String unknown1;
630                 lsa_String unknown2;
631                 lsa_String unknown3;
632                 lsa_String unknown4;
633                 uint32 unknown5;
634                 uint32 unknown6;
635                 uint32 unknown7;
636                 uint32 unknown8;
637         } netr_DELTA_SECRET;
638
639         typedef enum {
640                 NETR_DELTA_DOMAIN           = 1,
641                 NETR_DELTA_GROUP            = 2,
642                 NETR_DELTA_DELETE_GROUP     = 3,
643                 NETR_DELTA_RENAME_GROUP     = 4,
644                 NETR_DELTA_USER             = 5,
645                 NETR_DELTA_DELETE_USER      = 6,
646                 NETR_DELTA_RENAME_USER      = 7,
647                 NETR_DELTA_GROUP_MEMBER     = 8,
648                 NETR_DELTA_ALIAS            = 9,
649                 NETR_DELTA_DELETE_ALIAS     = 10,
650                 NETR_DELTA_RENAME_ALIAS     = 11,
651                 NETR_DELTA_ALIAS_MEMBER     = 12,
652                 NETR_DELTA_POLICY           = 13,
653                 NETR_DELTA_TRUSTED_DOMAIN   = 14,
654                 NETR_DELTA_DELETE_TRUST     = 15,
655                 NETR_DELTA_ACCOUNT          = 16,
656                 NETR_DELTA_DELETE_ACCOUNT   = 17,
657                 NETR_DELTA_SECRET           = 18,
658                 NETR_DELTA_DELETE_SECRET    = 19,
659                 NETR_DELTA_DELETE_GROUP2    = 20,
660                 NETR_DELTA_DELETE_USER2     = 21,
661                 NETR_DELTA_MODIFY_COUNT     = 22
662         } netr_DeltaEnum;
663
664         typedef [switch_type(netr_DeltaEnum)] union {
665                 [case(NETR_DELTA_DOMAIN)]          netr_DELTA_DOMAIN          *domain;
666                 [case(NETR_DELTA_GROUP)]           netr_DELTA_GROUP           *group;
667                 [case(NETR_DELTA_DELETE_GROUP)]    ; /* rid only */
668                 [case(NETR_DELTA_RENAME_GROUP)]    netr_DELTA_RENAME          *rename_group;
669                 [case(NETR_DELTA_USER)]            netr_DELTA_USER            *user;
670                 [case(NETR_DELTA_DELETE_USER)]     ; /* rid only */
671                 [case(NETR_DELTA_RENAME_USER)]     netr_DELTA_RENAME          *rename_user;
672                 [case(NETR_DELTA_GROUP_MEMBER)]    netr_DELTA_GROUP_MEMBER    *group_member;
673                 [case(NETR_DELTA_ALIAS)]           netr_DELTA_ALIAS           *alias;
674                 [case(NETR_DELTA_DELETE_ALIAS)]    ; /* rid only */
675                 [case(NETR_DELTA_RENAME_ALIAS)]    netr_DELTA_RENAME          *rename_alias;
676                 [case(NETR_DELTA_ALIAS_MEMBER)]    netr_DELTA_ALIAS_MEMBER    *alias_member;
677                 [case(NETR_DELTA_POLICY)]          netr_DELTA_POLICY          *policy;
678                 [case(NETR_DELTA_TRUSTED_DOMAIN)]  netr_DELTA_TRUSTED_DOMAIN   *trusted_domain;
679                 [case(NETR_DELTA_DELETE_TRUST)]    netr_DELTA_DELETE_TRUST     delete_trust;
680                 [case(NETR_DELTA_ACCOUNT)]         netr_DELTA_ACCOUNT         *account;
681                 [case(NETR_DELTA_DELETE_ACCOUNT)]  netr_DELTA_DELETE_ACCOUNT   delete_account;
682                 [case(NETR_DELTA_SECRET)]          netr_DELTA_SECRET          *secret;
683                 [case(NETR_DELTA_DELETE_SECRET)]   netr_DELTA_DELETE_SECRET    delete_secret;
684                 [case(NETR_DELTA_DELETE_GROUP2)]   netr_DELTA_DELETE_USER     *delete_group;
685                 [case(NETR_DELTA_DELETE_USER2)]    netr_DELTA_DELETE_USER     *delete_user;
686                 [case(NETR_DELTA_MODIFY_COUNT)]    udlong                     *modified_count;
687         } netr_DELTA_UNION;
688
689         typedef [switch_type(netr_DeltaEnum)] union {
690                 [case(NETR_DELTA_DOMAIN)]          uint32 rid;
691                 [case(NETR_DELTA_GROUP)]           uint32 rid;
692                 [case(NETR_DELTA_DELETE_GROUP)]    uint32 rid;
693                 [case(NETR_DELTA_RENAME_GROUP)]    uint32 rid;
694                 [case(NETR_DELTA_USER)]            uint32 rid;
695                 [case(NETR_DELTA_DELETE_USER)]     uint32 rid;
696                 [case(NETR_DELTA_RENAME_USER)]     uint32 rid;
697                 [case(NETR_DELTA_GROUP_MEMBER)]    uint32 rid;
698                 [case(NETR_DELTA_ALIAS)]           uint32 rid;
699                 [case(NETR_DELTA_DELETE_ALIAS)]    uint32 rid;
700                 [case(NETR_DELTA_RENAME_ALIAS)]    uint32 rid;
701                 [case(NETR_DELTA_ALIAS_MEMBER)]    uint32 rid;
702                 [case(NETR_DELTA_POLICY)]          dom_sid2 *sid;
703                 [case(NETR_DELTA_TRUSTED_DOMAIN)]  dom_sid2 *sid;
704                 [case(NETR_DELTA_DELETE_TRUST)]    dom_sid2 *sid;
705                 [case(NETR_DELTA_ACCOUNT)]         dom_sid2 *sid;
706                 [case(NETR_DELTA_DELETE_ACCOUNT)]  dom_sid2 *sid;
707                 [case(NETR_DELTA_SECRET)]          [string,charset(UTF16)] uint16 *name;
708                 [case(NETR_DELTA_DELETE_SECRET)]   [string,charset(UTF16)] uint16 *name;
709                 [case(NETR_DELTA_DELETE_GROUP2)]   uint32 rid;
710                 [case(NETR_DELTA_DELETE_USER2)]    uint32 rid;
711                 [case(NETR_DELTA_MODIFY_COUNT)]    ;
712         } netr_DELTA_ID_UNION;
713
714         typedef struct {
715                 netr_DeltaEnum delta_type;
716                 [switch_is(delta_type)] netr_DELTA_ID_UNION delta_id_union;
717                 [switch_is(delta_type)] netr_DELTA_UNION delta_union;
718         } netr_DELTA_ENUM;
719
720         typedef struct {
721                 uint32 num_deltas;
722                 [size_is(num_deltas)] netr_DELTA_ENUM *delta_enum;
723         } netr_DELTA_ENUM_ARRAY;
724
725
726         NTSTATUS netr_DatabaseDeltas(
727                 [in]      [string,charset(UTF16)] uint16 logon_server[],
728                 [in]      [string,charset(UTF16)] uint16 computername[],
729                 [in,ref]  netr_Authenticator *credential,
730                 [in,out,ref]  netr_Authenticator *return_authenticator,
731                 [in]      netr_SamDatabaseID database_id,
732                 [in,out,ref]  udlong *sequence_num,
733                 [out,ref]     netr_DELTA_ENUM_ARRAY **delta_enum_array,
734                 [in]      uint32 preferredmaximumlength
735                 );
736
737
738         /*****************/
739         /* Function 0x08 */
740
741         NTSTATUS netr_DatabaseSync(
742                 [in]     [string,charset(UTF16)] uint16 logon_server[],
743                 [in]     [string,charset(UTF16)] uint16 computername[],
744                 [in,ref] netr_Authenticator *credential,
745                 [in,out,ref] netr_Authenticator *return_authenticator,
746                 [in]     netr_SamDatabaseID database_id,
747                 [in,out,ref] uint32 *sync_context,
748                 [out,ref]    netr_DELTA_ENUM_ARRAY **delta_enum_array,
749                 [in]     uint32 preferredmaximumlength
750                 );
751
752
753         /*****************/
754         /* Function 0x09 */
755
756         /* w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this call */
757
758         typedef [flag(NDR_PAHEX)] struct {
759                 uint8 computer_name[16];
760                 uint32 timecreated;
761                 uint32 serial_number;
762         } netr_UAS_INFO_0;
763
764         typedef struct {
765                 [flag(NDR_REMAINING)] DATA_BLOB blob;
766         } netr_AccountBuffer;
767
768         NTSTATUS netr_AccountDeltas(
769                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
770                 [in]     [string,charset(UTF16)] uint16 computername[],
771                 [in]     netr_Authenticator credential,
772                 [in,out,ref] netr_Authenticator *return_authenticator,
773                 [in]     netr_UAS_INFO_0 uas,
774                 [in]     uint32 count,
775                 [in]     uint32 level,
776                 [in]     uint32 buffersize,
777                 [out,ref,subcontext(4)] netr_AccountBuffer *buffer,
778                 [out,ref]    uint32 *count_returned,
779                 [out,ref]    uint32 *total_entries,
780                 [out,ref]    netr_UAS_INFO_0 *recordid
781                 );
782
783
784         /*****************/
785         /* Function 0x0A */
786
787         NTSTATUS netr_AccountSync(
788                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
789                 [in]      [string,charset(UTF16)] uint16 computername[],
790                 [in]      netr_Authenticator credential,
791                 [in,out,ref]  netr_Authenticator *return_authenticator,
792                 [in]      uint32 reference,
793                 [in]      uint32 level,
794                 [in]      uint32 buffersize,
795                 [out,ref,subcontext(4)] netr_AccountBuffer *buffer,
796                 [out,ref]     uint32 *count_returned,
797                 [out,ref]     uint32 *total_entries,
798                 [out,ref]     uint32 *next_reference,
799                 [in,out,ref]  netr_UAS_INFO_0 *recordid
800                 );
801
802
803         /*****************/
804         /* Function 0x0B */
805
806         WERROR netr_GetDcName(
807                 [in]  [string,charset(UTF16)] uint16 logon_server[],
808                 [in,unique] [string,charset(UTF16)] uint16 *domainname,
809                 [out,ref] [string,charset(UTF16)] uint16 **dcname
810                 );
811
812         /*****************/
813         /* Function 0x0C */
814
815         typedef [bitmap32bit] bitmap {
816                 NETLOGON_CTRL_REPL_NEEDED       = 0x0001,
817                 NETLOGON_CTRL_REPL_IN_PROGRESS  = 0x0002,
818                 NETLOGON_CTRL_REPL_FULL_SYNC    = 0x0004
819         } netr_InfoFlags;
820
821         typedef struct {
822                 netr_InfoFlags flags;
823                 uint32 pdc_connection_status;
824         } netr_NETLOGON_INFO_1;
825
826         typedef struct {
827                 netr_InfoFlags flags;
828                 uint32 pdc_connection_status;
829                 [string,charset(UTF16)] uint16 *trusted_dc_name;
830                 uint32 tc_connection_status;
831         } netr_NETLOGON_INFO_2;
832
833         typedef struct {
834                 netr_InfoFlags flags;
835                 uint32 logon_attempts;
836                 uint32 unknown1;
837                 uint32 unknown2;
838                 uint32 unknown3;
839                 uint32 unknown4;
840                 uint32 unknown5;
841         } netr_NETLOGON_INFO_3;
842
843         typedef union {
844                 [case(1)]  netr_NETLOGON_INFO_1 *info1;
845                 [case(2)]  netr_NETLOGON_INFO_2 *info2;
846                 [case(3)]  netr_NETLOGON_INFO_3 *info3;
847         } netr_CONTROL_QUERY_INFORMATION;
848
849         /* function_code values */
850         typedef [v1_enum] enum {
851                 NETLOGON_CONTROL_SYNC             = 2,
852                 NETLOGON_CONTROL_REDISCOVER       = 5,
853                 NETLOGON_CONTROL_TC_QUERY         = 6,
854                 NETLOGON_CONTROL_TRANSPORT_NOTIFY = 7,
855                 NETLOGON_CONTROL_SET_DBFLAG       = 65534
856         } netr_LogonControlCode;
857
858         WERROR netr_LogonControl(
859                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
860                 [in]   netr_LogonControlCode function_code,
861                 [in]   uint32 level,
862                 [out,ref,switch_is(level)]  netr_CONTROL_QUERY_INFORMATION *info
863                 );
864
865
866         /*****************/
867         /* Function 0x0D */
868
869         WERROR netr_GetAnyDCName(
870                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
871                 [in,unique] [string,charset(UTF16)] uint16 *domainname,
872                 [out,ref] [string,charset(UTF16)] uint16 **dcname
873                 );
874
875
876         /*****************/
877         /* Function 0x0E */
878
879         typedef union {
880                 [case(NETLOGON_CONTROL_REDISCOVER)]        [string,charset(UTF16)] uint16 *domain;
881                 [case(NETLOGON_CONTROL_TC_QUERY)]          [string,charset(UTF16)] uint16 *domain;
882                 [case(NETLOGON_CONTROL_TRANSPORT_NOTIFY)]  [string,charset(UTF16)] uint16 *domain;
883                 [case(NETLOGON_CONTROL_SET_DBFLAG)]        uint32 debug_level;
884         } netr_CONTROL_DATA_INFORMATION;
885
886         WERROR netr_LogonControl2(
887                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
888                 [in]    netr_LogonControlCode function_code,
889                 [in]    uint32 level,
890                 [in,ref][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION  *data,
891                 [out,ref][switch_is(level)]        netr_CONTROL_QUERY_INFORMATION *query
892                 );
893
894
895         /* If NETLOGON_NEG_ARCFOUR flag is not set, then the passwords and LM
896          * session keys are encrypted with DES calls.  (And the user session key
897          * is unencrypted) */
898
899         /*****************/
900         /* Function 0x0F */
901
902         typedef [bitmap32bit] bitmap {
903                 NETLOGON_NEG_ACCOUNT_LOCKOUT            = 0x00000001,
904                 NETLOGON_NEG_PERSISTENT_SAMREPL         = 0x00000002,
905                 NETLOGON_NEG_ARCFOUR                    = 0x00000004,
906                 NETLOGON_NEG_PROMOTION_COUNT            = 0x00000008,
907                 NETLOGON_NEG_CHANGELOG_BDC              = 0x00000010,
908                 NETLOGON_NEG_FULL_SYNC_REPL             = 0x00000020,
909                 NETLOGON_NEG_MULTIPLE_SIDS              = 0x00000040,
910                 NETLOGON_NEG_REDO                       = 0x00000080,
911                 NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL    = 0x00000100,
912                 NETLOGON_NEG_SEND_PASSWORD_INFO_PDC     = 0x00000200,
913                 NETLOGON_NEG_GENERIC_PASSTHROUGH        = 0x00000400,
914                 NETLOGON_NEG_CONCURRENT_RPC             = 0x00000800,
915                 NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL      = 0x00001000,
916                 NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL = 0x00002000,
917                 NETLOGON_NEG_128BIT                     = 0x00004000, /* STRONG_KEYS */
918                 NETLOGON_NEG_TRANSITIVE_TRUSTS          = 0x00008000,
919                 NETLOGON_NEG_DNS_DOMAIN_TRUSTS          = 0x00010000,
920                 NETLOGON_NEG_PASSWORD_SET2              = 0x00020000,
921                 NETLOGON_NEG_GETDOMAININFO              = 0x00040000,
922                 NETLOGON_NEG_CROSS_FOREST_TRUSTS        = 0x00080000,
923                 NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION   = 0x00100000,
924                 NETLOGON_NEG_RODC_PASSTHROUGH           = 0x00200000,
925                 NETLOGON_NEG_AUTHENTICATED_RPC_LSASS    = 0x20000000,
926                 NETLOGON_NEG_SCHANNEL                   = 0x40000000 /* AUTHENTICATED_RPC */
927         } netr_NegotiateFlags;
928
929         NTSTATUS netr_ServerAuthenticate2(
930                 [in,unique]  [string,charset(UTF16)] uint16 *server_name,
931                 [in]         [string,charset(UTF16)] uint16 account_name[],
932                 [in]         netr_SchannelType secure_channel_type,
933                 [in]         [string,charset(UTF16)] uint16 computer_name[],
934                 [in,ref]     netr_Credential *credentials,
935                 [out,ref]    netr_Credential *return_credentials,
936                 [in,out,ref] netr_NegotiateFlags *negotiate_flags
937                 );
938
939
940         /*****************/
941         /* Function 0x10 */
942
943         NTSTATUS netr_DatabaseSync2(
944                 [in]     [string,charset(UTF16)] uint16 logon_server[],
945                 [in]     [string,charset(UTF16)] uint16 computername[],
946                 [in,ref] netr_Authenticator *credential,
947                 [in,out,ref] netr_Authenticator *return_authenticator,
948                 [in]     netr_SamDatabaseID database_id,
949                 [in]     uint16 restart_state,
950                 [in,out,ref] uint32 *sync_context,
951                 [out,ref]    netr_DELTA_ENUM_ARRAY **delta_enum_array,
952                 [in]     uint32 preferredmaximumlength
953                 );
954
955
956         /*****************/
957         /* Function 0x11 */
958
959         /* i'm not at all sure how this call works */
960
961         NTSTATUS netr_DatabaseRedo(
962                 [in]     [string,charset(UTF16)] uint16 logon_server[],
963                 [in]     [string,charset(UTF16)] uint16 computername[],
964                 [in]     netr_Authenticator credential,
965                 [in,out,ref] netr_Authenticator *return_authenticator,
966                 [in,unique][size_is(change_log_entry_size)] uint8 *change_log_entry,
967                 [in]     uint32 change_log_entry_size,
968                 [out,ref]    netr_DELTA_ENUM_ARRAY *delta_enum_array
969                 );
970
971
972         /*****************/
973         /* Function 0x12 */
974
975         WERROR netr_LogonControl2Ex(
976                 [in,unique] [string,charset(UTF16)] uint16 *logon_server,
977                 [in]   uint32 function_code,
978                 [in]   uint32 level,
979                 [in][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION  data,
980                 [out,ref][switch_is(level)]     netr_CONTROL_QUERY_INFORMATION *query
981                 );
982
983         /*****************/
984         /* Function 0x13 */
985         typedef struct {
986                 uint32 length;
987                 [size_is(length)] uint8 *data;
988         } netr_Blob;
989
990         WERROR netr_NetrEnumerateTrustedDomains(
991                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
992                 [out,ref] netr_Blob *trusted_domains_blob
993                 );
994
995         /*****************/
996         /* Function 0x14 */
997
998         /* one unkown bit still: DS_IP_VERSION_AGNOSTIC - gd*/
999
1000         const int DSGETDC_VALID_FLAGS = (DS_FORCE_REDISCOVERY |
1001                                          DS_DIRECTORY_SERVICE_REQUIRED |
1002                                          DS_DIRECTORY_SERVICE_PREFERRED |
1003                                          DS_GC_SERVER_REQUIRED |
1004                                          DS_PDC_REQUIRED |
1005                                          DS_BACKGROUND_ONLY |
1006                                          DS_IP_REQUIRED |
1007                                          DS_KDC_REQUIRED |
1008                                          DS_TIMESERV_REQUIRED |
1009                                          DS_WRITABLE_REQUIRED |
1010                                          DS_GOOD_TIMESERV_PREFERRED |
1011                                          DS_AVOID_SELF |
1012                                          DS_ONLY_LDAP_NEEDED |
1013                                          DS_IS_FLAT_NAME |
1014                                          DS_IS_DNS_NAME |
1015                                          DS_RETURN_FLAT_NAME |
1016                                          DS_RETURN_DNS_NAME);
1017
1018         typedef [bitmap32bit] bitmap {
1019                 DS_FORCE_REDISCOVERY            = 0x00000001,
1020                 DS_DIRECTORY_SERVICE_REQUIRED   = 0x00000010,
1021                 DS_DIRECTORY_SERVICE_PREFERRED  = 0x00000020,
1022                 DS_GC_SERVER_REQUIRED           = 0x00000040,
1023                 DS_PDC_REQUIRED                 = 0x00000080,
1024                 DS_BACKGROUND_ONLY              = 0x00000100,
1025                 DS_IP_REQUIRED                  = 0x00000200,
1026                 DS_KDC_REQUIRED                 = 0x00000400,
1027                 DS_TIMESERV_REQUIRED            = 0x00000800,
1028                 DS_WRITABLE_REQUIRED            = 0x00001000,
1029                 DS_GOOD_TIMESERV_PREFERRED      = 0x00002000,
1030                 DS_AVOID_SELF                   = 0x00004000,
1031                 DS_ONLY_LDAP_NEEDED             = 0x00008000,
1032                 DS_IS_FLAT_NAME                 = 0x00010000,
1033                 DS_IS_DNS_NAME                  = 0x00020000,
1034                 DS_TRY_NEXTCLOSEST_SITE         = 0x00040000,
1035                 DS_DIRECTORY_SERVICE_6_REQUIRED = 0x00080000,
1036                 DS_RETURN_DNS_NAME              = 0x40000000,
1037                 DS_RETURN_FLAT_NAME             = 0x80000000
1038         } netr_DsRGetDCName_flags;
1039
1040         typedef [v1_enum] enum {
1041                 DS_ADDRESS_TYPE_INET            = 1,
1042                 DS_ADDRESS_TYPE_NETBIOS         = 2
1043         } netr_DsRGetDCNameInfo_AddressType;
1044
1045         typedef [bitmap32bit] bitmap {
1046                 DS_SERVER_PDC                    = NBT_SERVER_PDC,
1047                 DS_SERVER_GC                     = NBT_SERVER_GC,
1048                 DS_SERVER_LDAP                   = NBT_SERVER_LDAP,
1049                 DS_SERVER_DS                     = NBT_SERVER_DS,
1050                 DS_SERVER_KDC                    = NBT_SERVER_KDC,
1051                 DS_SERVER_TIMESERV               = NBT_SERVER_TIMESERV,
1052                 DS_SERVER_CLOSEST                = NBT_SERVER_CLOSEST,
1053                 DS_SERVER_WRITABLE               = NBT_SERVER_WRITABLE,
1054                 DS_SERVER_GOOD_TIMESERV          = NBT_SERVER_GOOD_TIMESERV,
1055                 DS_SERVER_NDNC                   = NBT_SERVER_NDNC,
1056                 DS_SERVER_SELECT_SECRET_DOMAIN_6 = NBT_SERVER_SELECT_SECRET_DOMAIN_6,
1057                 DS_SERVER_FULL_SECRET_DOMAIN_6   = NBT_SERVER_FULL_SECRET_DOMAIN_6,
1058                 DS_DNS_CONTROLLER                = 0x20000000,
1059                 DS_DNS_DOMAIN                    = 0x40000000,
1060                 DS_DNS_FOREST                    = 0x80000000
1061         } netr_DsR_DcFlags;
1062
1063         typedef [public] struct {
1064                 [string,charset(UTF16)] uint16 *dc_unc;
1065                 [string,charset(UTF16)] uint16 *dc_address;
1066                 netr_DsRGetDCNameInfo_AddressType dc_address_type;
1067                 GUID domain_guid;
1068                 [string,charset(UTF16)] uint16 *domain_name;
1069                 [string,charset(UTF16)] uint16 *forest_name;
1070                 netr_DsR_DcFlags dc_flags;
1071                 [string,charset(UTF16)] uint16 *dc_site_name;
1072                 [string,charset(UTF16)] uint16 *client_site_name;
1073         } netr_DsRGetDCNameInfo;
1074
1075         WERROR netr_DsRGetDCName(
1076                 [in,unique] [string,charset(UTF16)] uint16 *server_unc,
1077                 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1078                 [in,unique] GUID *domain_guid,
1079                 [in,unique] GUID *site_guid,
1080                 [in] netr_DsRGetDCName_flags flags,
1081                 [out,ref] netr_DsRGetDCNameInfo **info
1082                 );
1083
1084         /*****************/
1085         /* Function 0x15 */
1086         [todo] WERROR netr_NETRLOGONDUMMYROUTINE1();
1087
1088         /****************/
1089         /* Function 0x16 */
1090         [todo] WERROR netr_NETRLOGONSETSERVICEBITS();
1091
1092         /****************/
1093         /* Function 0x17 */
1094         WERROR netr_LogonGetTrustRid(
1095                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1096                 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1097                 [out,ref] uint32 *rid
1098         );
1099
1100         /****************/
1101         /* Function 0x18 */
1102         [todo] WERROR netr_NETRLOGONCOMPUTESERVERDIGEST();
1103
1104         /****************/
1105         /* Function 0x19 */
1106         [todo] WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST();
1107
1108         /****************/
1109         /* Function 0x1a */
1110         [public] NTSTATUS netr_ServerAuthenticate3(
1111                 [in,unique]  [string,charset(UTF16)] uint16 *server_name,
1112                 [in]         [string,charset(UTF16)] uint16 account_name[],
1113                 [in]         netr_SchannelType secure_channel_type,
1114                 [in]         [string,charset(UTF16)] uint16 computer_name[],
1115                 [in,out,ref] netr_Credential *credentials,
1116                 [in,out,ref] netr_NegotiateFlags *negotiate_flags,
1117                 [out,ref]    uint32 *rid
1118                 );
1119
1120         /****************/
1121         /* Function 0x1b */
1122
1123         WERROR netr_DsRGetDCNameEx(
1124                 [in,unique] [string,charset(UTF16)] uint16 *server_unc,
1125                 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1126                 [in,unique] GUID *domain_guid,
1127                 [in,unique] [string,charset(UTF16)] uint16 *site_name,
1128                 [in] netr_DsRGetDCName_flags flags,
1129                 [out,ref] netr_DsRGetDCNameInfo **info
1130                 );
1131
1132
1133         /****************/
1134         /* Function 0x1c */
1135         WERROR netr_DsRGetSiteName(
1136                 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1137                 [out,ref] [string,charset(UTF16)] uint16 **site
1138                 );
1139
1140         /****************/
1141         /* Function 0x1d */
1142         typedef [bitmap32bit] bitmap {
1143                 NETR_TRUST_FLAG_IN_FOREST = 0x00000001,
1144                 NETR_TRUST_FLAG_OUTBOUND  = 0x00000002,
1145                 NETR_TRUST_FLAG_TREEROOT  = 0x00000004,
1146                 NETR_TRUST_FLAG_PRIMARY   = 0x00000008,
1147                 NETR_TRUST_FLAG_NATIVE    = 0x00000010,
1148                 NETR_TRUST_FLAG_INBOUND   = 0x00000020,
1149                 NETR_TRUST_FLAG_MIT_KRB5  = 0x00000080,
1150                 NETR_TRUST_FLAG_AES       = 0x00000100
1151         } netr_TrustFlags;
1152
1153         typedef [flag(NDR_PAHEX)] struct {
1154                 uint16 length;
1155                 uint16 size;
1156                 [size_is(size/2),length_is(length/2)] uint16 *data;
1157         } netr_BinaryString;
1158
1159         typedef struct {
1160                 netr_Blob blob;
1161                 [string,charset(UTF16)] uint16 *workstation_domain;
1162                 [string,charset(UTF16)] uint16 *workstation_site;
1163                 [string,charset(UTF16)] uint16 *unknown1;
1164                 [string,charset(UTF16)] uint16 *unknown2;
1165                 [string,charset(UTF16)] uint16 *unknown3;
1166                 [string,charset(UTF16)] uint16 *unknown4;
1167                 netr_BinaryString blob2;
1168                 lsa_String product;
1169                 lsa_String unknown5;
1170                 lsa_String unknown6;
1171                 uint32 unknown7[4];
1172         } netr_DomainQuery1;
1173
1174         typedef union {
1175                 [case(1)] netr_DomainQuery1 *query1;
1176                 [case(2)] netr_DomainQuery1 *query1;
1177         } netr_DomainQuery;
1178
1179         typedef struct {
1180                 /* these first 3 values come from the fact windows
1181                    actually encodes this structure as a UNICODE_STRING
1182                    - see MS-NRPC section 2.2.1.3.9 */
1183                 [value(8)] uint32 length;
1184                 [value(0)] uint32 dummy;
1185                 [value(8)] uint32 size;
1186                 netr_TrustFlags flags;
1187                 uint32 parent_index;
1188                 uint32 trust_type;
1189                 uint32 trust_attributes;
1190         } netr_trust_extension;
1191
1192         typedef struct {
1193                 uint16 length; /* value is 16 when info != NULL, otherwise 0 */
1194                 [value(length)] uint16 size;   /* value is 16 when info != NULL, otherwise 0 */
1195                 netr_trust_extension *info;
1196         } netr_trust_extension_container;
1197
1198         typedef struct {
1199                 lsa_String domainname;
1200                 lsa_String fulldomainname;
1201                 lsa_String forest;
1202                 GUID        guid;
1203                 dom_sid2    *sid;
1204                 netr_trust_extension_container trust_extension;
1205                 lsa_String dummystring[3];
1206                 uint32     dummy[4];
1207         } netr_DomainTrustInfo;
1208
1209         typedef struct {
1210                 uint32 policy_size;
1211                 [size_is(policy_size)] uint8 *policy;
1212         } netr_LsaPolicyInfo;
1213
1214         typedef [public,bitmap32bit] bitmap {
1215                 NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS = 0x00000001,
1216                 NETR_WS_FLAG_HANDLES_SPN_UPDATE     = 0x00000002
1217         } netr_WorkstationFlags;
1218
1219         typedef struct {
1220                 netr_DomainTrustInfo domaininfo;
1221                 uint32 num_trusts;
1222                 [size_is(num_trusts)] netr_DomainTrustInfo *trusts;
1223                 netr_LsaPolicyInfo lsa_policy;
1224                 lsa_String dns_hostname;
1225                 lsa_String dummystring[3];
1226                 netr_WorkstationFlags workstation_flags;
1227                 uint32 supported_enc_types;
1228                 uint32 dummy[2];
1229         } netr_DomainInfo1;
1230
1231         typedef union {
1232                 [case(1)] netr_DomainInfo1 *info1;
1233                 [case(2)] netr_DomainInfo1 *info2;
1234         } netr_DomainInfo;
1235         
1236         NTSTATUS netr_LogonGetDomainInfo(
1237                 [in]         [string,charset(UTF16)] uint16 server_name[],
1238                 [in,unique]  [string,charset(UTF16)] uint16 *computer_name,
1239                 [in,ref]     netr_Authenticator *credential,
1240                 [in,out,ref] netr_Authenticator *return_authenticator,
1241                 [in]         uint32 level,
1242                 [in,switch_is(level)] netr_DomainQuery query,
1243                 [out,ref,switch_is(level)] netr_DomainInfo *info
1244                 );
1245
1246         typedef [flag(NDR_PAHEX)] struct {
1247                 uint8 data[512];
1248                 uint32 length;
1249         } netr_CryptPassword;
1250
1251         /*****************/
1252         /* Function 0x1e */
1253         NTSTATUS netr_ServerPasswordSet2(
1254                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1255                 [in]  [string,charset(UTF16)] uint16 account_name[],
1256                 [in]  netr_SchannelType secure_channel_type,
1257                 [in]  [string,charset(UTF16)] uint16 computer_name[],
1258                 [in,ref] netr_Authenticator *credential,
1259                 [out,ref] netr_Authenticator *return_authenticator,
1260                 [in,ref] netr_CryptPassword *new_password
1261                 );
1262
1263         /****************/
1264         /* Function 0x1f */
1265         WERROR netr_ServerPasswordGet(
1266                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1267                 [in]  [string,charset(UTF16)] uint16 account_name[],
1268                 [in]  netr_SchannelType secure_channel_type,
1269                 [in]  [string,charset(UTF16)] uint16 computer_name[],
1270                 [in,ref] netr_Authenticator *credential,
1271                 [out,ref] netr_Authenticator *return_authenticator,
1272                 [out,ref] samr_Password *password
1273                 );
1274
1275         /****************/
1276         /* Function 0x20 */
1277         [todo] WERROR netr_NETRLOGONSENDTOSAM();
1278
1279         /****************/
1280         /* Function 0x21 */
1281         typedef struct {
1282                 uint32 count;
1283                 [size_is(count)] lsa_String *sitename;
1284         } netr_DsRAddressToSitenamesWCtr;
1285
1286         typedef struct {
1287                 [size_is(size)] uint8 *buffer;
1288                 uint32 size;
1289         } netr_DsRAddress;
1290
1291         WERROR netr_DsRAddressToSitenamesW(
1292                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1293                 [in] [range(0,32000)] uint32 count,
1294                 [in] [size_is(count)] [ref] netr_DsRAddress *addresses,
1295                 [out] [ref] netr_DsRAddressToSitenamesWCtr **ctr
1296                 );
1297
1298         /****************/
1299         /* Function 0x22 */
1300         WERROR netr_DsRGetDCNameEx2(
1301                 [in,unique] [string,charset(UTF16)] uint16 *server_unc,
1302                 [in,unique] [string,charset(UTF16)] uint16 *client_account,
1303                 [in] samr_AcctFlags mask,
1304                 [in,unique] [string,charset(UTF16)] uint16 *domain_name,
1305                 [in,unique] GUID *domain_guid,
1306                 [in,unique] [string,charset(UTF16)] uint16 *site_name,
1307                 [in] netr_DsRGetDCName_flags flags,
1308                 [out,ref] netr_DsRGetDCNameInfo **info
1309                 );
1310
1311         /****************/
1312         /* Function 0x23 */
1313         [todo] WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN();
1314
1315         /****************/
1316         /* Function 0x24 */
1317
1318         typedef [v1_enum] enum {
1319                 NETR_TRUST_TYPE_DOWNLEVEL       = 1,
1320                 NETR_TRUST_TYPE_UPLEVEL         = 2,
1321                 NETR_TRUST_TYPE_MIT             = 3,
1322                 NETR_TRUST_TYPE_DCE             = 4
1323         } netr_TrustType;
1324
1325         typedef [bitmap32bit] bitmap {
1326                 NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE     = 0x00000001,
1327                 NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY       = 0x00000002,
1328                 NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004,
1329                 NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE  = 0x00000008,
1330                 NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010,
1331                 NETR_TRUST_ATTRIBUTE_WITHIN_FOREST      = 0x00000020,
1332                 NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL  = 0x00000040
1333         } netr_TrustAttributes;
1334
1335         typedef struct {
1336                 [string,charset(UTF16)] uint16                  *netbios_name;
1337                 [string,charset(UTF16)] uint16                  *dns_name;
1338                 netr_TrustFlags         trust_flags;
1339                 uint32                  parent_index;
1340                 netr_TrustType          trust_type;
1341                 netr_TrustAttributes    trust_attributes;
1342                 dom_sid2                *sid;
1343                 GUID                    guid;
1344         } netr_DomainTrust;
1345
1346         typedef struct {
1347                 uint32 count;
1348                 [size_is(count)] netr_DomainTrust *array;
1349         } netr_DomainTrustList;
1350
1351         WERROR netr_NetrEnumerateTrustedDomainsEx(
1352                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1353                 [out,ref] netr_DomainTrustList *dom_trust_list
1354         );
1355
1356         /****************/
1357         /* Function 0x25 */
1358         typedef struct {
1359                 uint32 count;
1360                 [size_is(count)] lsa_String *sitename;
1361                 [size_is(count)] lsa_String *subnetname;
1362         } netr_DsRAddressToSitenamesExWCtr;
1363
1364         WERROR netr_DsRAddressToSitenamesExW(
1365                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1366                 [in] [range(0,32000)] uint32 count,
1367                 [in] [size_is(count)] [ref] netr_DsRAddress *addresses,
1368                 [out] [ref] netr_DsRAddressToSitenamesExWCtr **ctr
1369                 );
1370
1371         /****************/
1372         /* Function 0x26 */
1373
1374         typedef struct {
1375                 uint32 num_sites;
1376                 [size_is(num_sites)] [unique] lsa_String *sites;
1377         } DcSitesCtr;
1378
1379         WERROR netr_DsrGetDcSiteCoverageW(
1380                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1381                 [out,ref] DcSitesCtr **ctr
1382                 );
1383
1384         /****************/
1385         /* Function 0x27 */
1386         NTSTATUS netr_LogonSamLogonEx(
1387                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1388                 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1389                 [in]  netr_LogonInfoClass logon_level,
1390                 [in,ref]  [switch_is(logon_level)] netr_LogonLevel *logon,
1391                 [in]  uint16 validation_level,
1392                 [out,ref] [switch_is(validation_level)] netr_Validation *validation,
1393                 [out,ref] uint8 *authoritative,
1394                 [in,out,ref] uint32 *flags
1395                 );
1396
1397         /****************/
1398         /* Function 0x28 */
1399
1400         WERROR netr_DsrEnumerateDomainTrusts(
1401                 [in,unique]          [string,charset(UTF16)] uint16           *server_name,
1402                 [in]                 netr_TrustFlags  trust_flags,
1403                 [out,ref]            netr_DomainTrustList *trusts
1404                 );
1405
1406
1407         /****************/
1408         /* Function 0x29 */
1409         WERROR netr_DsrDeregisterDNSHostRecords(
1410                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1411                 [in,unique] [string,charset(UTF16)] uint16 *domain,
1412                 [in,unique] GUID *domain_guid,
1413                 [in,unique] GUID *dsa_guid,
1414                 [in,ref] [string,charset(UTF16)] uint16 *dns_host
1415                 );
1416
1417         /****************/
1418         /* Function 0x2a */
1419         NTSTATUS netr_ServerTrustPasswordsGet(
1420                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1421                 [in]  [string,charset(UTF16)] uint16 account_name[],
1422                 [in]  netr_SchannelType secure_channel_type,
1423                 [in]  [string,charset(UTF16)] uint16 computer_name[],
1424                 [in,ref] netr_Authenticator *credential,
1425                 [out,ref] netr_Authenticator *return_authenticator,
1426                 [out,ref] samr_Password *password,
1427                 [out,ref] samr_Password *password2
1428         );
1429
1430         /****************/
1431         /* Function 0x2b */
1432
1433         const int DS_GFTI_UPDATE_TDO = 0x1;
1434
1435         WERROR netr_DsRGetForestTrustInformation(
1436                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1437                 [in,unique] [string,charset(UTF16)] uint16 *trusted_domain_name,
1438                 [in] uint32 flags,
1439                 [out,ref] lsa_ForestTrustInformation **forest_trust_info
1440                 );
1441
1442         /****************/
1443         /* Function 0x2c */
1444         WERROR netr_GetForestTrustInformation(
1445                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1446                 [in,ref] [string,charset(UTF16)] uint16 *trusted_domain_name,
1447                 [in,ref] netr_Authenticator *credential,
1448                 [out,ref] netr_Authenticator *return_authenticator,
1449                 [in] uint32 flags,
1450                 [out,ref] lsa_ForestTrustInformation **forest_trust_info
1451                 );
1452
1453         /****************/
1454         /* Function 0x2d */
1455
1456         /* this is the ADS varient. I don't yet know what the "flags" are for */
1457         NTSTATUS netr_LogonSamLogonWithFlags(
1458                 [in,unique] [string,charset(UTF16)] uint16 *server_name,
1459                 [in,unique] [string,charset(UTF16)] uint16 *computer_name,
1460                 [in,unique] netr_Authenticator *credential,
1461                 [in,out,unique] netr_Authenticator *return_authenticator,
1462                 [in]  netr_LogonInfoClass logon_level,
1463                 [in,ref]  [switch_is(logon_level)] netr_LogonLevel *logon,
1464                 [in]  uint16 validation_level,
1465                 [out,ref] [switch_is(validation_level)] netr_Validation *validation,
1466                 [out,ref] uint8 *authoritative,
1467                 [in,out,ref] uint32 *flags
1468                 );
1469
1470         /****************/
1471         /* Function 0x2e */
1472         [todo] WERROR netr_NETRSERVERGETTRUSTINFO();
1473 }