source/librpc/idl/lsa.idl

   1 #include "idl_types.h"
   2
   3 /*
   4   lsa interface definition
   5 */
   6
   7 [ uuid("12345778-1234-abcd-ef00-0123456789ab"),
   8   version(0.0),
   9   endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"),
  10   pointer_default(unique),
  11   helpstring("Local Security Authority"),
  12   depends(security)
  13 ] interface lsarpc
  14 {
  15         declare bitmap security_secinfo;
  16
  17         typedef [public,noejs] struct {
  18                 [value(2*strlen_m(string))] uint16 length;
  19                 [value(2*strlen_m(string))] uint16 size;
  20                 unistr_noterm *string;
  21         } lsa_String;
  22
  23         typedef [public] struct {
  24                 [value(2*strlen_m(string))] uint16 length;
  25                 [value(2*(strlen_m(string)+1))] uint16 size;
  26                 [flag(STR_SIZE4|STR_LEN4|STR_NOTERM|STR_LARGE_SIZE)] string *string;
  27         } lsa_StringLarge;
  28
  29         typedef [public] struct {
  30                 uint32 count;
  31                 [size_is(count)] lsa_String *names;
  32         } lsa_Strings;
  33
  34         typedef [public] struct {
  35                 [value(strlen_m(string))] uint16 length;
  36                 [value(strlen_m(string))] uint16 size;
  37                 ascstr_noterm *string;
  38         } lsa_AsciiString;
  39
  40         /******************/
  41         /* Function: 0x00 */
  42         NTSTATUS lsa_Close (
  43                 [in,out]     policy_handle *handle
  44                 );
  45
  46
  47         /******************/
  48         /* Function: 0x01 */
  49         NTSTATUS lsa_Delete (
  50                 [in]     policy_handle *handle
  51                 );
  52
  53
  54         /******************/
  55         /* Function: 0x02 */
  56         typedef struct {
  57                 uint32 low;
  58                 uint32 high;
  59         } lsa_LUID;
  60
  61         typedef struct {
  62                 lsa_String name;
  63                 lsa_LUID luid;
  64         } lsa_PrivEntry;
  65
  66         typedef struct {
  67                 uint32 count;
  68                 [size_is(count)] lsa_PrivEntry *privs;
  69         } lsa_PrivArray;
  70
  71         NTSTATUS lsa_EnumPrivs (
  72                 [in]     policy_handle *handle,
  73                 [in,out] uint32 *resume_handle,
  74                 [in]         uint32 max_count,
  75                 [out]    lsa_PrivArray *privs
  76                 );
  77
  78         /******************/
  79         /* Function: 0x03 */
  80
  81         NTSTATUS lsa_QuerySecurity (
  82                 [in]     policy_handle *handle,
  83                 [in]         security_secinfo sec_info,
  84                 [out,unique]        sec_desc_buf *sdbuf
  85                 );
  86
  87
  88         /******************/
  89         /* Function: 0x04 */
  90         NTSTATUS lsa_SetSecObj ();
  91
  92
  93         /******************/
  94         /* Function: 0x05 */
  95         NTSTATUS lsa_ChangePassword ();
  96
  97
  98         /******************/
  99         /* Function: 0x06 */
 100         typedef struct {
 101                 uint32  len; /* ignored */
 102                 uint16  impersonation_level;
 103                 uint8   context_mode;
 104                 uint8   effective_only;
 105         } lsa_QosInfo;
 106
 107         typedef struct {
 108                 uint32 len; /* ignored */
 109                 uint8 *root_dir;
 110                 unistr *object_name;
 111                 uint32 attributes;
 112                 security_descriptor *sec_desc;
 113                 lsa_QosInfo *sec_qos;
 114         } lsa_ObjectAttribute;
 115
 116         /* notice the screwup with the system_name - thats why MS created
 117            OpenPolicy2 */
 118         NTSTATUS lsa_OpenPolicy (
 119                 [in,unique]       uint16 *system_name,
 120                 [in]   lsa_ObjectAttribute *attr,
 121                 [in]       uint32 access_mask,
 122                 [out]  policy_handle *handle
 123                 );
 124
 125
 126
 127         /******************/
 128         /* Function: 0x07 */
 129
 130         typedef struct {
 131                 uint32 percent_full;
 132                 uint32 log_size;
 133                 NTTIME retention_time;
 134                 uint8  shutdown_in_progress;
 135                 NTTIME time_to_shutdown;
 136                 uint32 next_audit_record;
 137                 uint32 unknown;
 138         } lsa_AuditLogInfo;
 139
 140         typedef struct {
 141                 uint32 auditing_mode;
 142                 [size_is(count)] uint32 *settings;
 143                 uint32 count;
 144         } lsa_AuditEventsInfo;
 145
 146         typedef struct {
 147                 lsa_String name;
 148                 dom_sid2 *sid;
 149         } lsa_DomainInfo;
 150
 151         typedef struct {
 152                 lsa_String name;
 153         } lsa_PDAccountInfo;
 154
 155         typedef struct {
 156                 uint16 unknown; /* an midl padding bug? */
 157                 uint16 role;
 158         } lsa_ServerRole;
 159
 160         typedef struct {
 161                 lsa_String source;
 162                 lsa_String account;
 163         } lsa_ReplicaSourceInfo;
 164
 165         typedef struct {
 166                 uint32 paged_pool;
 167                 uint32 non_paged_pool;
 168                 uint32 min_wss;
 169                 uint32 max_wss;
 170                 uint32 pagefile;
 171                 hyper unknown;
 172         } lsa_DefaultQuotaInfo;
 173
 174         typedef struct {
 175                 hyper modified_id;
 176                 NTTIME db_create_time;
 177         } lsa_ModificationInfo;
 178
 179         typedef struct {
 180                 uint8 shutdown_on_full;
 181         } lsa_AuditFullSetInfo;
 182
 183         typedef struct {
 184                 uint16 unknown; /* an midl padding bug? */
 185                 uint8 shutdown_on_full;
 186                 uint8 log_is_full;
 187         } lsa_AuditFullQueryInfo;
 188
 189         typedef struct {
 190                 /* it's important that we use the lsa_StringLarge here,
 191                  * because otherwise windows clients result with such dns hostnames
 192                  * e.g. w2k3-client.samba4.samba.orgsamba4.samba.org
 193                  * where it should be
 194                  *      w2k3-client.samba4.samba.org
 195                  */
 196                 lsa_StringLarge name;
 197                 lsa_StringLarge dns_domain;
 198                 lsa_StringLarge dns_forest;
 199                 GUID domain_guid;
 200                 dom_sid2 *sid;
 201         } lsa_DnsDomainInfo;
 202
 203         typedef enum {
 204                 LSA_POLICY_INFO_AUDIT_LOG=1,
 205                 LSA_POLICY_INFO_AUDIT_EVENTS=2,
 206                 LSA_POLICY_INFO_DOMAIN=3,
 207                 LSA_POLICY_INFO_PD=4,
 208                 LSA_POLICY_INFO_ACCOUNT_DOMAIN=5,
 209                 LSA_POLICY_INFO_ROLE=6,
 210                 LSA_POLICY_INFO_REPLICA=7,
 211                 LSA_POLICY_INFO_QUOTA=8,
 212                 LSA_POLICY_INFO_DB=9,
 213                 LSA_POLICY_INFO_AUDIT_FULL_SET=10,
 214                 LSA_POLICY_INFO_AUDIT_FULL_QUERY=11,
 215                 LSA_POLICY_INFO_DNS=12
 216         } lsaPolicyInfo;
 217
 218         typedef [switch_type(uint16)] union {
 219                 [case(LSA_POLICY_INFO_AUDIT_LOG)]        lsa_AuditLogInfo       audit_log;
 220                 [case(LSA_POLICY_INFO_AUDIT_EVENTS)]     lsa_AuditEventsInfo    audit_events;
 221                 [case(LSA_POLICY_INFO_DOMAIN)]           lsa_DomainInfo         domain;
 222                 [case(LSA_POLICY_INFO_PD)]               lsa_PDAccountInfo      pd;
 223                 [case(LSA_POLICY_INFO_ACCOUNT_DOMAIN)]   lsa_DomainInfo         account_domain;
 224                 [case(LSA_POLICY_INFO_ROLE)]             lsa_ServerRole         role;
 225                 [case(LSA_POLICY_INFO_REPLICA)]          lsa_ReplicaSourceInfo  replica;
 226                 [case(LSA_POLICY_INFO_QUOTA)]            lsa_DefaultQuotaInfo   quota;
 227                 [case(LSA_POLICY_INFO_DB)]               lsa_ModificationInfo   db;
 228                 [case(LSA_POLICY_INFO_AUDIT_FULL_SET)]   lsa_AuditFullSetInfo   auditfullset;
 229                 [case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery;
 230                 [case(LSA_POLICY_INFO_DNS)]              lsa_DnsDomainInfo      dns;
 231         } lsa_PolicyInformation;
 232
 233         NTSTATUS lsa_QueryInfoPolicy (
 234                 [in]                            policy_handle *handle,
 235                 [in]                            uint16 level,
 236                 [out,unique,switch_is(level)]   lsa_PolicyInformation *info
 237                 );
 238
 239         /******************/
 240         /* Function:       0x08 */
 241         NTSTATUS lsa_SetInfoPolicy ();
 242
 243         /******************/
 244         /* Function:       0x09 */
 245         NTSTATUS lsa_ClearAuditLog ();
 246
 247         /******************/
 248         /* Function: 0x0a */
 249         NTSTATUS lsa_CreateAccount (
 250                 [in]    policy_handle *handle,
 251                 [in]    dom_sid2 *sid,
 252                 [in]    uint32 access_mask,
 253                 [out]   policy_handle *acct_handle
 254                 );
 255
 256         /******************/
 257         /* NOTE: This only returns accounts that have at least
 258            one privilege set
 259         */
 260         /* Function: 0x0b */
 261         typedef struct {
 262                 dom_sid2 *sid;
 263         } lsa_SidPtr;
 264
 265         typedef [public] struct {
 266                 [range(0,1000)] uint32 num_sids;
 267                 [size_is(num_sids)] lsa_SidPtr *sids;
 268         } lsa_SidArray;
 269
 270         NTSTATUS lsa_EnumAccounts (
 271                 [in]         policy_handle *handle,
 272                 [in,out]     uint32 *resume_handle,
 273                 [in,range(0,8192)] uint32 num_entries,
 274                 [out]        lsa_SidArray *sids
 275                 );
 276
 277
 278         /*************************************************/
 279         /* Function: 0x0c                                */
 280
 281         typedef struct {
 282                 lsa_String name;
 283                 dom_sid2  *sid;
 284         } lsa_TrustInformation;
 285
 286         NTSTATUS lsa_CreateTrustedDomain(
 287                 [in]         policy_handle *handle,
 288                 [in]         lsa_TrustInformation *info,
 289                 [in]         uint32 access_mask,
 290                 [out]        policy_handle *trustdom_handle
 291                 );
 292
 293
 294         /******************/
 295         /* Function: 0x0d */
 296
 297         /* w2k3 treats max_size as max_domains*60       */
 298         const int LSA_ENUM_TRUST_DOMAIN_MULTIPLIER = 60;
 299
 300         typedef struct {
 301                 lsa_String name;
 302                 dom_sid2 *sid;
 303         } lsa_DomainInformation;
 304
 305         typedef struct {
 306                 uint32 count;
 307                 [size_is(count)] lsa_DomainInformation *domains;
 308         } lsa_DomainList;
 309
 310         NTSTATUS lsa_EnumTrustDom (
 311                 [in]               policy_handle *handle,
 312                 [in,out]           uint32 *resume_handle,
 313                 [in,range(0,1000)] uint32 max_size,
 314                 [out]              lsa_DomainList *domains
 315                 );
 316
 317
 318         /******************/
 319         /* Function: 0x0e */
 320         typedef enum {
 321                 SID_NAME_USE_NONE = 0,/* NOTUSED */
 322                 SID_NAME_USER     = 1, /* user */
 323                 SID_NAME_DOM_GRP  = 2, /* domain group */
 324                 SID_NAME_DOMAIN   = 3, /* domain: don't know what this is */
 325                 SID_NAME_ALIAS    = 4, /* local group */
 326                 SID_NAME_WKN_GRP  = 5, /* well-known group */
 327                 SID_NAME_DELETED  = 6, /* deleted account: needed for c2 rating */
 328                 SID_NAME_INVALID  = 7, /* invalid account */
 329                 SID_NAME_UNKNOWN  = 8  /* oops. */
 330         } lsa_SidType;
 331
 332         typedef struct {
 333                 lsa_SidType sid_type;
 334                 uint32 rid;
 335                 uint32 sid_index;
 336         } lsa_TranslatedSid;
 337
 338         typedef struct {
 339                 [range(0,1000)] uint32 count;
 340                 [size_is(count)] lsa_TranslatedSid *sids;
 341         } lsa_TransSidArray;
 342
 343         typedef struct {
 344                 [range(0,1000)] uint32 count;
 345                 [size_is(count)] lsa_TrustInformation *domains;
 346                 uint32 max_count;
 347         } lsa_RefDomainList;
 348
 349         NTSTATUS lsa_LookupNames (
 350                 [in]         policy_handle *handle,
 351                 [in,range(0,1000)] uint32 num_names,
 352                 [in,size_is(num_names)]  lsa_String names[],
 353                 [out,unique] lsa_RefDomainList *domains,
 354                 [in,out]     lsa_TransSidArray *sids,
 355                 [in]         uint16 level,
 356                 [in,out]     uint32 *count
 357                 );
 358
 359
 360         /******************/
 361         /* Function: 0x0f */
 362
 363         typedef struct {
 364                 lsa_SidType sid_type;
 365                 lsa_String name;
 366                 uint32 sid_index;
 367         } lsa_TranslatedName;
 368
 369         typedef struct {
 370                 [range(0,1000)] uint32 count;
 371                 [size_is(count)] lsa_TranslatedName *names;
 372         } lsa_TransNameArray;
 373
 374         NTSTATUS lsa_LookupSids (
 375                 [in]         policy_handle *handle,
 376                 [in]         lsa_SidArray *sids,
 377                 [out,unique]        lsa_RefDomainList *domains,
 378                 [in,out]     lsa_TransNameArray *names,
 379                 [in]         uint16 level,
 380                 [in,out] uint32 *count
 381                 );
 382
 383
 384         /* Function:        0x10 */
 385         NTSTATUS lsa_CreateSecret(
 386                 [in]         policy_handle *handle,
 387                 [in]         lsa_String       name,
 388                 [in]         uint32         access_mask,
 389                 [out]        policy_handle *sec_handle
 390                 );
 391
 392
 393         /*****************************************/
 394         /* Function:     0x11                    */
 395         NTSTATUS lsa_OpenAccount (
 396                 [in]         policy_handle *handle,
 397                 [in]         dom_sid2 *sid,
 398                 [in]         uint32 access_mask,
 399                 [out]        policy_handle *acct_handle
 400                 );
 401
 402
 403         /****************************************/
 404         /* Function:    0x12                    */
 405
 406         typedef struct {
 407                 lsa_LUID luid;
 408                 uint32 attribute;
 409         } lsa_LUIDAttribute;
 410
 411         typedef struct {
 412                 [range(0,1000)] uint32 count;
 413                 uint32 unknown;
 414                 [size_is(count)] lsa_LUIDAttribute set[*];
 415         } lsa_PrivilegeSet;
 416
 417         NTSTATUS lsa_EnumPrivsAccount (
 418                 [in]         policy_handle *handle,
 419                 [out,unique] lsa_PrivilegeSet *privs
 420                 );
 421
 422
 423         /****************************************/
 424         /* Function:            0x13 */
 425         NTSTATUS lsa_AddPrivilegesToAccount(
 426                 [in]         policy_handle *handle,
 427                 [in]         lsa_PrivilegeSet *privs
 428                 );
 429
 430
 431         /****************************************/
 432         /* Function:         0x14 */
 433         NTSTATUS lsa_RemovePrivilegesFromAccount(
 434                 [in]         policy_handle *handle,
 435                 [in]         uint8 remove_all,
 436                 [in,unique]  lsa_PrivilegeSet *privs
 437                 );
 438
 439         /* Function:           0x15 */
 440         NTSTATUS lsa_GetQuotasForAccount();
 441
 442         /* Function:           0x16 */
 443         NTSTATUS lsa_SetQuotasForAccount();
 444
 445         /* Function:    0x17 */
 446         NTSTATUS lsa_GetSystemAccessAccount();
 447         /* Function:    0x18 */
 448         NTSTATUS lsa_SetSystemAccessAccount();
 449
 450         /* Function:        0x19 */
 451         NTSTATUS lsa_OpenTrustedDomain(
 452                 [in]     policy_handle *handle,
 453                 [in]     dom_sid2      *sid,
 454                 [in]         uint32         access_mask,
 455                 [out]    policy_handle *trustdom_handle
 456                 );
 457
 458         typedef [flag(NDR_PAHEX)] struct {
 459                 uint32 length;
 460                 uint32 size;
 461                 [size_is(size),length_is(length)] uint8 *data;
 462         } lsa_DATA_BUF;
 463
 464         typedef [flag(NDR_PAHEX)] struct {
 465                 [range(0,65536)] uint32 size;
 466                 [size_is(size)] uint8 *data;
 467         } lsa_DATA_BUF2;
 468
 469         typedef enum {
 470                 LSA_TRUSTED_DOMAIN_INFO_NAME             = 1,
 471                 LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO = 2,
 472                 LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET     = 3,
 473                 LSA_TRUSTED_DOMAIN_INFO_PASSWORD         = 4,
 474                 LSA_TRUSTED_DOMAIN_INFO_BASIC            = 5,
 475                 LSA_TRUSTED_DOMAIN_INFO_INFO_EX          = 6,
 476                 LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO        = 7,
 477                 LSA_TRUSTED_DOMAIN_INFO_FULL_INFO        = 8,
 478                 LSA_TRUSTED_DOMAIN_INFO_11               = 11,
 479                 LSA_TRUSTED_DOMAIN_INFO_INFO_ALL         = 12
 480         } lsa_TrustDomInfoEnum;
 481
 482         typedef struct {
 483                 lsa_String     netbios_name;
 484         } lsa_TrustDomainInfoName;
 485
 486         typedef struct {
 487                 uint32         posix_offset;
 488         } lsa_TrustDomainInfoPosixOffset;
 489
 490         typedef struct {
 491                 lsa_DATA_BUF  *password;
 492                 lsa_DATA_BUF  *old_password;
 493         } lsa_TrustDomainInfoPassword;
 494
 495         typedef struct {
 496                 lsa_String     netbios_name;
 497                 dom_sid2      *sid;
 498         } lsa_TrustDomainInfoBasic;
 499
 500         typedef struct {
 501                 lsa_String     domain_name;
 502                 lsa_String     netbios_name;
 503                 dom_sid2      *sid;
 504                 uint32         trust_direction;
 505                 uint32         trust_type;
 506                 uint32         trust_attributes;
 507         } lsa_TrustDomainInfoInfoEx;
 508
 509         typedef struct {
 510                 NTTIME_hyper   last_update_time;
 511                 uint32         secret_type;
 512                 lsa_DATA_BUF2  data;
 513         } lsa_TrustDomainInfoBuffer;
 514
 515         typedef struct {
 516                 uint32 incoming_count;
 517                 lsa_TrustDomainInfoBuffer *incoming_current_auth_info;
 518                 lsa_TrustDomainInfoBuffer *incoming_previous_auth_info;
 519                 uint32 outgoing_count;
 520                 lsa_TrustDomainInfoBuffer *outgoing_current_auth_info;
 521                 lsa_TrustDomainInfoBuffer *outgoing_previous_auth_info;
 522         } lsa_TrustDomainInfoAuthInfo;
 523
 524         typedef struct {
 525                 lsa_TrustDomainInfoInfoEx      info_ex;
 526                 lsa_TrustDomainInfoPosixOffset posix_offset;
 527                 lsa_TrustDomainInfoAuthInfo    auth_info;
 528         } lsa_TrustDomainInfoFullInfo;
 529
 530         typedef struct {
 531                 lsa_TrustDomainInfoInfoEx      info_ex;
 532                 lsa_DATA_BUF2                  data1;
 533         } lsa_TrustDomainInfo11;
 534
 535         typedef struct {
 536                 lsa_TrustDomainInfoInfoEx      info_ex;
 537                 lsa_DATA_BUF2                  data1;
 538                 lsa_TrustDomainInfoPosixOffset posix_offset;
 539                 lsa_TrustDomainInfoAuthInfo    auth_info;
 540         } lsa_TrustDomainInfoInfoAll;
 541
 542         typedef [switch_type(lsa_TrustDomInfoEnum)] union {
 543                 [case(LSA_TRUSTED_DOMAIN_INFO_NAME)]         lsa_TrustDomainInfoName        name;
 544                 [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] lsa_TrustDomainInfoPosixOffset posix_offset;
 545                 [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)]     lsa_TrustDomainInfoPassword    password;
 546                 [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)]        lsa_TrustDomainInfoBasic       info_basic;
 547                 [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)]      lsa_TrustDomainInfoInfoEx      info_ex;
 548                 [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)]    lsa_TrustDomainInfoAuthInfo    auth_info;
 549                 [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)]    lsa_TrustDomainInfoFullInfo    full_info;
 550                 [case(LSA_TRUSTED_DOMAIN_INFO_11)]           lsa_TrustDomainInfo11          info11;
 551                 [case(LSA_TRUSTED_DOMAIN_INFO_INFO_ALL)]     lsa_TrustDomainInfoInfoAll     info_all;
 552         } lsa_TrustedDomainInfo;
 553
 554         /* Function:       0x1a */
 555         NTSTATUS lsa_QueryTrustedDomainInfo(
 556                 [in]     policy_handle                   *trustdom_handle,
 557                 [in]     lsa_TrustDomInfoEnum             level,
 558                 [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
 559                 );
 560
 561         /* Function:     0x1b */
 562         NTSTATUS lsa_SetInformationTrustedDomain();
 563
 564         /* Function:          0x1c */
 565         NTSTATUS lsa_OpenSecret(
 566                 [in]     policy_handle    *handle,
 567                 [in]         lsa_String        name,
 568                 [in]         uint32            access_mask,
 569                 [out]    policy_handle    *sec_handle
 570                 );
 571
 572         /* Function:           0x1d */
 573
 574         NTSTATUS lsa_SetSecret(
 575                 [in]     policy_handle    *sec_handle,
 576                 [in,unique]         lsa_DATA_BUF     *new_val,
 577                 [in,unique]         lsa_DATA_BUF     *old_val
 578                 );
 579
 580         typedef struct {
 581                 lsa_DATA_BUF *buf;
 582         } lsa_DATA_BUF_PTR;
 583
 584         /* Function:         0x1e */
 585         NTSTATUS lsa_QuerySecret (
 586                 [in]     policy_handle     *sec_handle,
 587                 [in,out,unique]     lsa_DATA_BUF_PTR  *new_val,
 588                 [in,out,unique]     NTTIME_hyper      *new_mtime,
 589                 [in,out,unique]     lsa_DATA_BUF_PTR  *old_val,
 590                 [in,out,unique]     NTTIME_hyper      *old_mtime
 591                 );
 592
 593         /* Function:     0x1f */
 594         NTSTATUS lsa_LookupPrivValue(
 595                 [in]     policy_handle *handle,
 596                 [in]     lsa_String *name,
 597                 [out]    lsa_LUID *luid
 598                 );
 599
 600
 601         /* Function:      0x20 */
 602         NTSTATUS lsa_LookupPrivName (
 603                 [in]     policy_handle *handle,
 604                 [in]     lsa_LUID *luid,
 605                 [out,unique]        lsa_String *name
 606                 );
 607
 608
 609         /*******************/
 610         /* Function:  0x21 */
 611         NTSTATUS lsa_LookupPrivDisplayName (
 612                 [in]     policy_handle *handle,
 613                 [in]     lsa_String *name,
 614                 [out,unique]        lsa_String *disp_name,
 615                 /* see http://www.microsoft.com/globaldev/nlsweb/ for
 616                    language definitions */
 617                 [in,out] uint16 *language_id,
 618                 [in]         uint16 unknown
 619                 );
 620
 621         /* Function:        0x22 */
 622         NTSTATUS lsa_DeleteObject();
 623
 624
 625         /*******************/
 626         /* Function:      0x23 */
 627         NTSTATUS lsa_EnumAccountsWithUserRight (
 628                 [in]     policy_handle *handle,
 629                 [in,unique]         lsa_String *name,
 630                 [out]    lsa_SidArray *sids
 631                 );
 632
 633         /* Function:      0x24 */
 634         typedef struct {
 635                 unistr *name;
 636         } lsa_RightAttribute;
 637
 638         typedef struct {
 639                 uint32 count;
 640                 [size_is(count)] lsa_String *names;
 641         } lsa_RightSet;
 642
 643         NTSTATUS lsa_EnumAccountRights (
 644                 [in]     policy_handle *handle,
 645                 [in]     dom_sid2 *sid,
 646                 [out]    lsa_RightSet *rights
 647                 );
 648
 649
 650         /**********************/
 651         /* Function:       0x25 */
 652         NTSTATUS lsa_AddAccountRights (
 653                 [in]     policy_handle *handle,
 654                 [in]     dom_sid2 *sid,
 655                 [in]     lsa_RightSet *rights
 656                 );
 657
 658         /**********************/
 659         /* Function:       0x26 */
 660         NTSTATUS lsa_RemoveAccountRights (
 661                 [in]     policy_handle *handle,
 662                 [in]     dom_sid2 *sid,
 663                 [in]         uint32 unknown,
 664                 [in]     lsa_RightSet *rights
 665                 );
 666
 667         /* Function:   0x27 */
 668         NTSTATUS lsa_QueryTrustedDomainInfoBySid(
 669                 [in]               policy_handle         *handle,
 670                 [in]               dom_sid2              *dom_sid,
 671                 [in]                   lsa_TrustDomInfoEnum  level,
 672                 [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
 673         );
 674
 675         /* Function:     0x28 */
 676         NTSTATUS lsa_SetTrustDomainInfo();
 677         /* Function:      0x29 */
 678         NTSTATUS lsa_DeleteTrustDomain();
 679         /* Function:       0x2a */
 680         NTSTATUS lsa_StorePrivateData();
 681         /* Function:        0x2b */
 682         NTSTATUS lsa_RetrievePrivateData();
 683
 684
 685         /**********************/
 686         /* Function:     0x2c */
 687         NTSTATUS lsa_OpenPolicy2 (
 688                 [in,unique]      unistr *system_name,
 689                 [in]  lsa_ObjectAttribute *attr,
 690                 [in]      uint32 access_mask,
 691                 [out] policy_handle *handle
 692                 );
 693
 694         /**********************/
 695         /* Function:     0x2d */
 696         typedef struct {
 697                 lsa_String *string;
 698         } lsa_StringPointer;
 699
 700         NTSTATUS lsa_GetUserName(
 701                 [in,unique] unistr *system_name,
 702                 [in,out,unique] lsa_String *account_name,
 703                 [in,out,unique] lsa_StringPointer *authority_name
 704                 );
 705
 706         /**********************/
 707         /* Function:          0x2e */
 708
 709         NTSTATUS lsa_QueryInfoPolicy2(
 710                 [in]                 policy_handle *handle,
 711                 [in]                     uint16 level,
 712                 [out,unique,switch_is(level)]   lsa_PolicyInformation *info
 713                 );
 714
 715         /* Function 0x2f */
 716         NTSTATUS lsa_SetInfoPolicy2();
 717
 718         /**********************/
 719         /* Function 0x30 */
 720         NTSTATUS lsa_QueryTrustedDomainInfoByName(
 721                 [in]                   policy_handle         *handle,
 722                 [in]                   lsa_String             trusted_domain,
 723                 [in]                   lsa_TrustDomInfoEnum   level,
 724                 [out,unique,switch_is(level)] lsa_TrustedDomainInfo *info
 725                 );
 726
 727         /* Function 0x31 */
 728         NTSTATUS lsa_SetTrustedDomainInfoByName();
 729
 730         /* Function 0x32 */
 731         NTSTATUS lsa_EnumTrustedDomainsEx();
 732
 733         /* Function 0x33 */
 734         NTSTATUS lsa_CreateTrustedDomainEx();
 735
 736         /* Function 0x34 */
 737         NTSTATUS lsa_CloseTrustedDomainEx();
 738
 739         /* Function 0x35 */
 740
 741         /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000
 742            for unknown6 - gd */
 743         typedef struct {
 744                 uint32 enforce_restrictions;
 745                 hyper service_tkt_lifetime;
 746                 hyper user_tkt_lifetime;
 747                 hyper user_tkt_renewaltime;
 748                 hyper clock_skew;
 749                 hyper unknown6;
 750         } lsa_DomainInfoKerberos;
 751
 752         typedef struct {
 753                 uint32 blob_size;
 754                 [size_is(blob_size)] uint8 *efs_blob;
 755         } lsa_DomainInfoEfs;
 756
 757         typedef enum {
 758                 LSA_DOMAIN_INFO_POLICY_EFS=2,
 759                 LSA_DOMAIN_INFO_POLICY_KERBEROS=3
 760         } lsa_DomainInfoEnum;
 761
 762         typedef [switch_type(uint16)] union {
 763                 [case(LSA_DOMAIN_INFO_POLICY_EFS)]      lsa_DomainInfoEfs       efs_info;
 764                 [case(LSA_DOMAIN_INFO_POLICY_KERBEROS)] lsa_DomainInfoKerberos  kerberos_info;
 765         } lsa_DomainInformationPolicy;
 766
 767         NTSTATUS lsa_QueryDomainInformationPolicy(
 768                 [in]            policy_handle *handle,
 769                 [in]                    uint16 level,
 770                 [out,unique,switch_is(level)]   lsa_DomainInformationPolicy *info
 771                 );
 772
 773         /* Function 0x36 */
 774         NTSTATUS lsa_SetDomainInformationPolicy(
 775                 [in]            policy_handle *handle,
 776                 [in]                    uint16 level,
 777                 [in,unique,switch_is(level)]    lsa_DomainInformationPolicy *info
 778                 );
 779
 780         /**********************/
 781         /* Function 0x37 */
 782         NTSTATUS lsa_OpenTrustedDomainByName(
 783                 [in]     policy_handle *handle,
 784                 [in]         lsa_String     name,
 785                 [in]         uint32         access_mask,
 786                 [out]    policy_handle *trustdom_handle
 787                 );
 788
 789         /* Function 0x38 */
 790         NTSTATUS lsa_TestCall();
 791
 792         /**********************/
 793         /* Function 0x39 */
 794
 795         typedef struct {
 796                 lsa_SidType sid_type;
 797                 lsa_String name;
 798                 uint32 sid_index;
 799                 uint32 unknown;
 800         } lsa_TranslatedName2;
 801
 802         typedef struct {
 803                 [range(0,1000)] uint32 count;
 804                 [size_is(count)] lsa_TranslatedName2 *names;
 805         } lsa_TransNameArray2;
 806
 807         NTSTATUS lsa_LookupSids2(
 808                 [in]     policy_handle *handle,
 809                 [in]     lsa_SidArray *sids,
 810                 [out,unique]        lsa_RefDomainList *domains,
 811                 [in,out] lsa_TransNameArray2 *names,
 812                 [in]         uint16 level,
 813                 [in,out] uint32 *count,
 814                 [in]         uint32 unknown1,
 815                 [in]         uint32 unknown2
 816                 );
 817
 818         /**********************/
 819         /* Function 0x3a */
 820
 821         typedef struct {
 822                 lsa_SidType sid_type;
 823                 uint32 rid;
 824                 uint32 sid_index;
 825                 uint32 unknown;
 826         } lsa_TranslatedSid2;
 827
 828         typedef struct {
 829                 [range(0,1000)] uint32 count;
 830                 [size_is(count)] lsa_TranslatedSid2 *sids;
 831         } lsa_TransSidArray2;
 832
 833         NTSTATUS lsa_LookupNames2 (
 834                 [in]     policy_handle *handle,
 835                 [in,range(0,1000)] uint32 num_names,
 836                 [in,size_is(num_names)]  lsa_String names[],
 837                 [out,unique]        lsa_RefDomainList *domains,
 838                 [in,out] lsa_TransSidArray2 *sids,
 839                 [in]         uint16 level,
 840                 [in,out] uint32 *count,
 841                 [in]         uint32 unknown1,
 842                 [in]         uint32 unknown2
 843                 );
 844
 845         /* Function 0x3b */
 846         NTSTATUS lsa_CreateTrustedDomainEx2();
 847
 848         /* Function 0x3c */
 849         NTSTATUS lsa_CREDRWRITE();
 850
 851         /* Function 0x3d */
 852         NTSTATUS lsa_CREDRREAD();
 853
 854         /* Function 0x3e */
 855         NTSTATUS lsa_CREDRENUMERATE();
 856
 857         /* Function 0x3f */
 858         NTSTATUS lsa_CREDRWRITEDOMAINCREDENTIALS();
 859
 860         /* Function 0x40 */
 861         NTSTATUS lsa_CREDRREADDOMAINCREDENTIALS();
 862
 863         /* Function 0x41 */
 864         NTSTATUS lsa_CREDRDELETE();
 865
 866         /* Function 0x42 */
 867         NTSTATUS lsa_CREDRGETTARGETINFO();
 868
 869         /* Function 0x43 */
 870         NTSTATUS lsa_CREDRPROFILELOADED();
 871
 872         /**********************/
 873         /* Function 0x44 */
 874         typedef struct {
 875                 lsa_SidType sid_type;
 876                 dom_sid2 *sid;
 877                 uint32 sid_index;
 878                 uint32 unknown;
 879         } lsa_TranslatedSid3;
 880
 881         typedef struct {
 882                 [range(0,1000)] uint32 count;
 883                 [size_is(count)] lsa_TranslatedSid3 *sids;
 884         } lsa_TransSidArray3;
 885
 886         NTSTATUS lsa_LookupNames3 (
 887                 [in]     policy_handle *handle,
 888                 [in,range(0,1000)] uint32 num_names,
 889                 [in,size_is(num_names)]  lsa_String names[],
 890                 [out,unique]        lsa_RefDomainList *domains,
 891                 [in,out] lsa_TransSidArray3 *sids,
 892                 [in]         uint16 level,
 893                 [in,out] uint32 *count,
 894                 [in]         uint32 unknown1,
 895                 [in]         uint32 unknown2
 896                 );
 897
 898         /* Function 0x45 */
 899         NTSTATUS lsa_CREDRGETSESSIONTYPES();
 900
 901         /* Function 0x46 */
 902         NTSTATUS lsa_LSARREGISTERAUDITEVENT();
 903
 904         /* Function 0x47 */
 905         NTSTATUS lsa_LSARGENAUDITEVENT();
 906
 907         /* Function 0x48 */
 908         NTSTATUS lsa_LSARUNREGISTERAUDITEVENT();
 909
 910         /* Function 0x49 */
 911         NTSTATUS lsa_LSARQUERYFORESTTRUSTINFORMATION();
 912
 913         /* Function 0x4a */
 914         NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION();
 915
 916         /* Function 0x4b */
 917         NTSTATUS lsa_CREDRRENAME();
 918
 919         /*****************/
 920         /* Function 0x4c */
 921
 922         NTSTATUS lsa_LookupSids3(
 923                 [in]         lsa_SidArray *sids,
 924                 [out,unique] lsa_RefDomainList *domains,
 925                 [in,out]     lsa_TransNameArray2 *names,
 926                 [in]         uint16 level,
 927                 [in,out]     uint32 *count,
 928                 [in]         uint32 unknown1,
 929                 [in]         uint32 unknown2
 930                 );
 931
 932         /* Function 0x4d */
 933         NTSTATUS lsa_LSARLOOKUPNAMES4();
 934
 935         /* Function 0x4e */
 936         NTSTATUS lsa_LSAROPENPOLICYSCE();
 937
 938         /* Function 0x4f */
 939         NTSTATUS lsa_LSARADTREGISTERSECURITYEVENTSOURCE();
 940
 941         /* Function 0x50 */
 942         NTSTATUS lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE();
 943
 944         /* Function 0x51 */
 945         NTSTATUS lsa_LSARADTREPORTSECURITYEVENT();
 946
 947 }