git.samba.org / kai / samba-autobuild / .git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
lsa.idl: mark lsa_TrustDomainInfoInfoEx as public
[kai/samba-autobuild/.git] / librpc / idl / lsa.idl
diff --git a/librpc/idl/lsa.idl b/librpc/idl/lsa.idl
index 7f8ed4afe30d057907bab8638e47aa6737c90cfc..4ab7bc2c360410d88d42346f7c0362d9b6d7e260 100644 (file)
--- a/librpc/idl/lsa.idl
+++ b/librpc/idl/lsa.idl
@@ -113,14 +113,14 @@ import "misc.idl", "security.idl";
        /******************/
        /* Function: 0x06 */
        typedef struct {
-               uint32  len; /* ignored */
+               uint3264  len; /* ignored */
                uint16  impersonation_level;
                uint8   context_mode;
                uint8   effective_only;
        } lsa_QosInfo;
 
        typedef struct {
-               uint32 len; /* ignored */
+               uint3264 len; /* ignored */
                uint8 *root_dir;
                [string,charset(UTF16)] uint16 *object_name;
                uint32 attributes;
@@ -157,7 +157,8 @@ import "misc.idl", "security.idl";
                LSA_POLICY_SET_AUDIT_REQUIREMENTS       |
                LSA_POLICY_AUDIT_LOG_ADMIN              |
                LSA_POLICY_SERVER_ADMIN                 |
-               LSA_POLICY_LOOKUP_NAMES);
+               LSA_POLICY_LOOKUP_NAMES                 |
+               LSA_POLICY_NOTIFICATION);
 
        const int LSA_POLICY_READ =
                (STANDARD_RIGHTS_READ_ACCESS            |
@@ -213,6 +214,25 @@ import "misc.idl", "security.idl";
                LSA_SECRET_QUERY_VALUE                  = 0x00000002
        } lsa_SecretAccessMask;
 
+       const int LSA_SECRET_ALL_ACCESS =
+               (LSA_SECRET_QUERY_VALUE |
+                LSA_SECRET_SET_VALUE |
+                SEC_STD_DELETE |
+                STANDARD_RIGHTS_READ_ACCESS |
+                SEC_STD_WRITE_DAC |
+                SEC_STD_WRITE_OWNER); /* 0x000F0003 */
+
+       const int LSA_SECRET_READ =
+               (LSA_SECRET_QUERY_VALUE |
+               STANDARD_RIGHTS_READ_ACCESS); /* 0x00020002 */
+
+       const int LSA_SECRET_WRITE =
+               (LSA_SECRET_SET_VALUE |
+               STANDARD_RIGHTS_READ_ACCESS); /* 0x00020001 */
+
+       const int LSA_SECRET_EXECUTE =
+               (STANDARD_RIGHTS_READ_ACCESS); /* 0x00020000 */
+
        typedef [public,bitmap32bit] bitmap {
                LSA_TRUSTED_QUERY_DOMAIN_NAME           = 0x00000001,
                LSA_TRUSTED_QUERY_CONTROLLERS           = 0x00000002,
@@ -223,6 +243,35 @@ import "misc.idl", "security.idl";
                LSA_TRUSTED_QUERY_AUTH                  = 0x00000040
        } lsa_TrustedAccessMask;
 
+       const int LSA_TRUSTED_DOMAIN_ALL_ACCESS =
+               (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+                LSA_TRUSTED_QUERY_CONTROLLERS |
+                LSA_TRUSTED_SET_CONTROLLERS |
+                LSA_TRUSTED_QUERY_POSIX |
+                LSA_TRUSTED_SET_POSIX |
+                LSA_TRUSTED_SET_AUTH |
+                LSA_TRUSTED_QUERY_AUTH |
+                SEC_STD_DELETE |
+                STANDARD_RIGHTS_READ_ACCESS |
+                SEC_STD_WRITE_DAC |
+                SEC_STD_WRITE_OWNER); /* 0x000F007F */
+
+       const int LSA_TRUSTED_DOMAIN_READ =
+               (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+                STANDARD_RIGHTS_READ_ACCESS); /* 0x00020001 */
+
+       const int LSA_TRUSTED_DOMAIN_WRITE =
+               (LSA_TRUSTED_SET_CONTROLLERS |
+                LSA_TRUSTED_SET_POSIX |
+                LSA_TRUSTED_SET_AUTH |
+                STANDARD_RIGHTS_READ_ACCESS); /* 0x00020034 */
+
+       const int LSA_TRUSTED_DOMAIN_EXECUTE =
+               (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+                LSA_TRUSTED_QUERY_POSIX |
+                STANDARD_RIGHTS_READ_ACCESS); /* 0x0002000C */
+
+
        /* notice the screwup with the system_name - thats why MS created
           OpenPolicy2 */
        [public] NTSTATUS lsa_OpenPolicy (
@@ -403,7 +452,7 @@ import "misc.idl", "security.idl";
        } lsa_SidPtr;
 
        typedef [public] struct {
-               [range(0,1000)] uint32 num_sids;
+               [range(0,20480)] uint32 num_sids;
                [size_is(num_sids)] lsa_SidPtr *sids;
        } lsa_SidArray;
 
@@ -471,7 +520,7 @@ import "misc.idl", "security.idl";
        } lsa_TransSidArray;
 
        const int LSA_REF_DOMAIN_LIST_MULTIPLIER = 32;
-       typedef struct {
+       typedef [public] struct {
                [range(0,1000)] uint32 count;
                [size_is(count)] lsa_DomainInfo *domains;
                uint32 max_size;
@@ -485,7 +534,7 @@ import "misc.idl", "security.idl";
         * Level 6: Like 4
         */
 
-       typedef enum {
+       typedef [public] enum {
                LSA_LOOKUP_NAMES_ALL = 1,
                LSA_LOOKUP_NAMES_DOMAINS_ONLY = 2,
                LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY = 3,
@@ -515,8 +564,8 @@ import "misc.idl", "security.idl";
                uint32 sid_index;
        } lsa_TranslatedName;
 
-       typedef struct {
-               [range(0,1000)] uint32 count;
+       typedef [public] struct {
+               [range(0,20480)] uint32 count;
                [size_is(count)] lsa_TranslatedName *names;
        } lsa_TransNameArray;
 
@@ -525,7 +574,7 @@ import "misc.idl", "security.idl";
                [in,ref]     lsa_SidArray *sids,
                [out,ref]    lsa_RefDomainList **domains,
                [in,out,ref] lsa_TransNameArray *names,
-               [in]         uint16 level,
+               [in]         lsa_LookupNamesLevel level,
                [in,out,ref] uint32 *count
                );
 
@@ -591,22 +640,6 @@ import "misc.idl", "security.idl";
        /* Function:           0x16 */
        [todo] NTSTATUS lsa_SetQuotasForAccount();
 
-       typedef [bitmap32bit] bitmap {
-               LSA_POLICY_MODE_INTERACTIVE             = 0x00000001,
-               LSA_POLICY_MODE_NETWORK                 = 0x00000002,
-               LSA_POLICY_MODE_BATCH                   = 0x00000004,
-               LSA_POLICY_MODE_SERVICE                 = 0x00000010,
-               LSA_POLICY_MODE_PROXY                   = 0x00000020,
-               LSA_POLICY_MODE_DENY_INTERACTIVE        = 0x00000040,
-               LSA_POLICY_MODE_DENY_NETWORK            = 0x00000080,
-               LSA_POLICY_MODE_DENY_BATCH              = 0x00000100,
-               LSA_POLICY_MODE_DENY_SERVICE            = 0x00000200,
-               LSA_POLICY_MODE_REMOTE_INTERACTIVE      = 0x00000400,
-               LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE = 0x00000800,
-               LSA_POLICY_MODE_ALL                     = 0x00000FF7,
-               LSA_POLICY_MODE_ALL_NT4                 = 0x00000037
-       } lsa_SystemAccessModeFlags;
-
        /* Function:    0x17 */
        NTSTATUS lsa_GetSystemAccessAccount(
                [in]      policy_handle *handle,
@@ -628,8 +661,8 @@ import "misc.idl", "security.idl";
                );
 
        typedef [flag(NDR_PAHEX)] struct {
-               uint32 length;
-               uint32 size;
+               uint3264 length;
+               uint3264 size;
                [size_is(size),length_is(length)] uint8 *data;
        } lsa_DATA_BUF;
 
@@ -659,10 +692,11 @@ import "misc.idl", "security.idl";
                LSA_TRUST_DIRECTION_OUTBOUND = 0x00000002
        } lsa_TrustDirection;
 
-       typedef [v1_enum] enum {
+       typedef [public,v1_enum] enum {
                LSA_TRUST_TYPE_DOWNLEVEL  = 0x00000001,
                LSA_TRUST_TYPE_UPLEVEL    = 0x00000002,
-               LSA_TRUST_TYPE_MIT        = 0x00000003
+               LSA_TRUST_TYPE_MIT        = 0x00000003,
+               LSA_TRUST_TYPE_DCE        = 0x00000004
        } lsa_TrustType;
 
        typedef [public,bitmap32bit] bitmap {
@@ -700,7 +734,7 @@ import "misc.idl", "security.idl";
                dom_sid2      *sid;
        } lsa_TrustDomainInfoBasic;
 
-       typedef struct {
+       typedef [public] struct {
                lsa_StringLarge     domain_name;
                lsa_StringLarge     netbios_name;
                dom_sid2           *sid;
@@ -722,7 +756,7 @@ import "misc.idl", "security.idl";
                lsa_DATA_BUF2  data;
        } lsa_TrustDomainInfoBuffer;
 
-       typedef struct {
+       typedef [public] struct {
                uint32 incoming_count;
                lsa_TrustDomainInfoBuffer *incoming_current_auth_info;
                lsa_TrustDomainInfoBuffer *incoming_previous_auth_info;
@@ -992,11 +1026,11 @@ import "misc.idl", "security.idl";
 
        /**********************/
        /* Function 0x31 */
-       NTSTATUS lsa_SetTrustedDomainInfoByName(
+       [public] NTSTATUS lsa_SetTrustedDomainInfoByName(
                [in]                   policy_handle         *handle,
-               [in]                   lsa_String             trusted_domain,
+               [in,ref]               lsa_String             *trusted_domain,
                [in]                   lsa_TrustDomInfoEnum   level,
-               [in,unique,switch_is(level)] lsa_TrustedDomainInfo *info
+               [in,ref,switch_is(level)] lsa_TrustedDomainInfo *info
                );
 
        /* Function 0x32 */
@@ -1020,8 +1054,8 @@ import "misc.idl", "security.idl";
        NTSTATUS lsa_CreateTrustedDomainEx(
                [in]  policy_handle               *policy_handle,
                [in]  lsa_TrustDomainInfoInfoEx   *info,
-               [in]  lsa_TrustDomainInfoAuthInfoInternal *auth_info,
-               [in]  uint32 access_mask,
+               [in]  lsa_TrustDomainInfoAuthInfo *auth_info,
+               [in]  lsa_TrustedAccessMask access_mask,
                [out] policy_handle               *trustdom_handle
                );
 
@@ -1032,16 +1066,19 @@ import "misc.idl", "security.idl";
        );
 
        /* Function 0x35 */
+       typedef [bitmap32bit] bitmap {
+               LSA_POLICY_KERBEROS_VALIDATE_CLIENT = 0x00000080
+       } lsa_krbAuthenticationOptions;
 
        /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000
-          for unknown6 - gd */
+          for reserved - gd */
        typedef struct {
-               uint32 enforce_restrictions;
+               lsa_krbAuthenticationOptions authentication_options;
                hyper service_tkt_lifetime;
                hyper user_tkt_lifetime;
                hyper user_tkt_renewaltime;
                hyper clock_skew;
-               hyper unknown6;
+               hyper reserved;
        } lsa_DomainInfoKerberos;
 
        typedef struct {
@@ -1077,7 +1114,7 @@ import "misc.idl", "security.idl";
        NTSTATUS lsa_OpenTrustedDomainByName(
                [in]     policy_handle *handle,
                [in]         lsa_String     name,
-               [in]         uint32         access_mask,
+               [in]     lsa_TrustedAccessMask access_mask,
                [out]    policy_handle *trustdom_handle
                );
 
@@ -1099,15 +1136,25 @@ import "misc.idl", "security.idl";
                [size_is(count)] lsa_TranslatedName2 *names;
        } lsa_TransNameArray2;
 
+       typedef [v1_enum] enum {
+               LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES         = 0x00000000,
+               LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES_LOCAL   = 0x80000000
+       } lsa_LookupOptions;
+
+       typedef [v1_enum] enum {
+               LSA_CLIENT_REVISION_1   = 0x00000001,
+               LSA_CLIENT_REVISION_2   = 0x00000002
+       } lsa_ClientRevision;
+
        [public] NTSTATUS lsa_LookupSids2(
                [in]     policy_handle *handle,
                [in,ref] lsa_SidArray *sids,
                [out,ref]    lsa_RefDomainList **domains,
                [in,out,ref] lsa_TransNameArray2 *names,
-               [in]         uint16 level,
+               [in]         lsa_LookupNamesLevel level,
                [in,out,ref] uint32 *count,
-               [in]         uint32 unknown1,
-               [in]         uint32 unknown2
+               [in]         lsa_LookupOptions lookup_options,
+               [in]         lsa_ClientRevision client_revision
                );
 
        /**********************/
@@ -1133,16 +1180,16 @@ import "misc.idl", "security.idl";
                [in,out,ref] lsa_TransSidArray2 *sids,
                [in]         lsa_LookupNamesLevel level,
                [in,out,ref] uint32 *count,
-               [in]         uint32 lookup_options,
-               [in]         uint32 client_revision /* LSA_CLIENT_REVISION* */
+               [in]         lsa_LookupOptions lookup_options,
+               [in]         lsa_ClientRevision client_revision
                );
 
        /* Function 0x3b */
        NTSTATUS lsa_CreateTrustedDomainEx2(
                [in]  policy_handle               *policy_handle,
                [in]  lsa_TrustDomainInfoInfoEx   *info,
-               [in]  lsa_TrustDomainInfoAuthInfoInternal *auth_info,
-               [in]  uint32                       access_mask,
+               [in]  lsa_TrustDomainInfoAuthInfoInternal *auth_info_internal,
+               [in]  lsa_TrustedAccessMask access_mask,
                [out] policy_handle               *trustdom_handle
                );
 
@@ -1192,8 +1239,8 @@ import "misc.idl", "security.idl";
                [in,out,ref] lsa_TransSidArray3 *sids,
                [in]         lsa_LookupNamesLevel level,
                [in,out,ref] uint32 *count,
-               [in]         uint32 lookup_options,
-               [in]         uint32 client_revision /* LSA_CLIENT_REVISION* */
+               [in]         lsa_LookupOptions lookup_options,
+               [in]         lsa_ClientRevision client_revision
                );
 
        /* Function 0x45 */
@@ -1209,8 +1256,28 @@ import "misc.idl", "security.idl";
        [todo] NTSTATUS lsa_LSARUNREGISTERAUDITEVENT();
 
        /* Function 0x49 */
+       typedef [bitmap32bit,public] bitmap {
+               /* these apply to LSA_FOREST_TRUST_TOP_LEVEL_NAME */
+               LSA_TLN_DISABLED_NEW            = 0x00000001,
+               LSA_TLN_DISABLED_ADMIN          = 0x00000002,
+               LSA_TLN_DISABLED_CONFLICT       = 0x00000004,
+
+               /* these apply to LSA_FOREST_TRUST_DOMAIN_INFO */
+               LSA_SID_DISABLED_ADMIN          = 0x00000001,
+               LSA_SID_DISABLED_CONFLICT       = 0x00000002,
+               LSA_NB_DISABLED_ADMIN           = 0x00000004,
+               LSA_NB_DISABLED_CONFLICT        = 0x00000008
+       } lsa_ForestTrustRecordFlags;
+
+       typedef enum {
+               LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0,
+               LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1,
+               LSA_FOREST_TRUST_DOMAIN_INFO = 2,
+               LSA_FOREST_TRUST_RECORD_TYPE_LAST = 3
+       } lsa_ForestTrustRecordType;
+
        typedef struct {
-               [range(0,131072)] uint32 length;
+               [range(0,131072)] uint3264 length;
                [size_is(length)] uint8 *data;
        } lsa_ForestTrustBinaryData;
 
@@ -1220,25 +1287,18 @@ import "misc.idl", "security.idl";
                lsa_StringLarge netbios_domain_name;
        } lsa_ForestTrustDomainInfo;
 
-       typedef [switch_type(uint32)] union {
-               [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_String top_level_name;
+       typedef [switch_type(lsa_ForestTrustRecordType)] union {
+               [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_StringLarge top_level_name;
                [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex;
                [case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info;
                [default] lsa_ForestTrustBinaryData data;
        } lsa_ForestTrustData;
 
-       typedef [v1_enum] enum {
-               LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0,
-               LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1,
-               LSA_FOREST_TRUST_DOMAIN_INFO = 2,
-               LSA_FOREST_TRUST_RECORD_TYPE_LAST = 3
-       } lsa_ForestTrustRecordType;
-
        typedef struct {
-               uint32 flags;
-               lsa_ForestTrustRecordType level;
-               hyper unknown;
-               [switch_is(level)] lsa_ForestTrustData forest_trust_data;
+               lsa_ForestTrustRecordFlags flags;
+               lsa_ForestTrustRecordType type;
+               NTTIME_hyper time;
+               [switch_is(type)] lsa_ForestTrustData forest_trust_data;
        } lsa_ForestTrustRecord;
 
        typedef [public] struct {
@@ -1246,15 +1306,42 @@ import "misc.idl", "security.idl";
                [size_is(count)] lsa_ForestTrustRecord **entries;
        } lsa_ForestTrustInformation;
 
-       NTSTATUS lsa_lsaRQueryForestTrustInformation(
+       [public] NTSTATUS lsa_lsaRQueryForestTrustInformation(
                [in] policy_handle *handle,
                [in,ref] lsa_String *trusted_domain_name,
-               [in] uint16 unknown, /* level ? */
+               [in] lsa_ForestTrustRecordType highest_record_type,
                [out,ref] lsa_ForestTrustInformation **forest_trust_info
                );
 
-       /* Function 0x4a */
-       [todo] NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION();
+       /*****************
+        * Function 0x4a */
+
+       typedef [v1_enum] enum {
+               LSA_FOREST_TRUST_COLLISION_TDO = 0,
+               LSA_FOREST_TRUST_COLLISION_XREF = 1,
+               LSA_FOREST_TRUST_COLLISION_OTHER = 2
+       } lsa_ForestTrustCollisionRecordType;
+
+       typedef [public] struct {
+               uint32 index;
+               lsa_ForestTrustCollisionRecordType type;
+               lsa_ForestTrustRecordFlags flags;
+               lsa_String name;
+       } lsa_ForestTrustCollisionRecord;
+
+       typedef [public] struct {
+               uint32 count;
+               [size_is(count)] lsa_ForestTrustCollisionRecord **entries;
+       } lsa_ForestTrustCollisionInfo;
+
+       [public] NTSTATUS lsa_lsaRSetForestTrustInformation(
+               [in]      policy_handle *handle,
+               [in,ref]  lsa_StringLarge *trusted_domain_name,
+               [in]      lsa_ForestTrustRecordType highest_record_type,
+               [in,ref]  lsa_ForestTrustInformation *forest_trust_info,
+               [in]      boolean8 check_only,
+               [out,ref] lsa_ForestTrustCollisionInfo **collision_info
+               );
 
        /* Function 0x4b */
        [todo] NTSTATUS lsa_CREDRRENAME();
@@ -1266,10 +1353,10 @@ import "misc.idl", "security.idl";
                [in,ref]     lsa_SidArray *sids,
                [out,ref]    lsa_RefDomainList **domains,
                [in,out,ref] lsa_TransNameArray2 *names,
-               [in]         uint16 level,
+               [in]         lsa_LookupNamesLevel level,
                [in,out,ref] uint32 *count,
-               [in]         uint32 unknown1,
-               [in]         uint32 unknown2
+               [in]         lsa_LookupOptions lookup_options,
+               [in]         lsa_ClientRevision client_revision
                );
 
        const int LSA_CLIENT_REVISION_NO_DNS     = 0x00000001;
@@ -1285,8 +1372,8 @@ import "misc.idl", "security.idl";
                [in,out,ref] lsa_TransSidArray3 *sids,
                [in]         lsa_LookupNamesLevel level,
                [in,out,ref] uint32 *count,
-               [in]         uint32 lookup_options,
-               [in]         uint32 client_revision /* LSA_CLIENT_REVISION* */
+               [in]         lsa_LookupOptions lookup_options,
+               [in]         lsa_ClientRevision client_revision
                );
 
        /* Function 0x4e */
Unnamed repository; edit this file 'description' to name the repository.