4 samr interface definition
8 Thanks to Todd Sabin for some information from his samr.idl in acltools
11 [ uuid(12345778-1234-abcd-ef00-0123456789ac),
13 pointer_default(unique)
18 NTSTATUS samr_Connect (
19 /* notice the lack of [string] */
20 [in] uint16 *system_name,
21 [in] uint32 access_mask,
22 [out,ref] policy_handle *handle
29 [in,out,ref] policy_handle *handle
36 [value(ndr_size_security_descriptor(r->sd))] uint32 sd_size;
37 [subcontext(4)] security_descriptor *sd;
40 NTSTATUS samr_SetSecurity (
41 [in,ref] policy_handle *handle,
43 [in,ref] samr_SdBuf *sdbuf
49 NTSTATUS samr_QuerySecurity (
50 [in,ref] policy_handle *handle,
52 [out] samr_SdBuf *sdbuf
59 shutdown the SAM - once you call this the SAM will be dead
61 NTSTATUS samr_Shutdown (
62 [in,ref] policy_handle *handle
68 [value(2*strlen_m(r->name))] uint16 name_len;
69 [value(r->name_len)] uint16 name_size;
73 NTSTATUS samr_LookupDomain (
74 [in,ref] policy_handle *handle,
75 [in,ref] samr_Name *domain,
90 [size_is(count)] samr_SamEntry *entries;
93 NTSTATUS samr_EnumDomains (
94 [in,ref] policy_handle *handle,
95 [in,out,ref] uint32 *resume_handle,
97 [out] samr_SamArray *sam,
98 [out] uint32 num_entries
102 /************************/
104 NTSTATUS samr_OpenDomain(
105 [in,ref] policy_handle *handle,
106 [in] uint32 access_mask,
107 [in,ref] dom_sid2 *sid,
108 [out,ref] policy_handle *domain_handle
111 /************************/
116 uint16 password_history;
117 uint32 password_properties;
118 ULONG8 max_password_age;
119 ULONG8 min_password_age;
123 ULONG8 force_logoff_time;
125 samr_Name domain; /* domain name */
126 samr_Name primary; /* PDC name if this is a BDC */
127 HYPER_T sequence_num;
137 ULONG8 force_logoff_time;
141 /* I'm not entirely sure this is a comment. win2003
142 allows it to be set, and it seems harmless (like a
143 comment) but I haven't seen it show up anywhere */
160 HYPER_T sequence_num;
161 NTTIME last_xxx_time;
165 uint32 unknown; /* w2k3 returns 1 */
169 ULONG8 force_logoff_time;
173 HYPER_T sequence_num;
174 uint32 unknown2; /* w2k3 returns 1 */
176 uint32 unknown3; /* w2k3 returns 1 */
180 HYPER_T lockout_duration;
181 HYPER_T lockout_window;
182 uint16 lockout_threshold;
186 HYPER_T lockout_duration;
187 HYPER_T lockout_window;
188 uint16 lockout_threshold;
192 HYPER_T sequence_num;
193 NTTIME last_xxx_time;
199 [case(1)] samr_DomInfo1 info1;
200 [case(2)] samr_DomInfo2 info2;
201 [case(3)] samr_DomInfo3 info3;
202 [case(4)] samr_DomInfo4 info4;
203 [case(5)] samr_DomInfo5 info5;
204 [case(6)] samr_DomInfo6 info6;
205 [case(7)] samr_DomInfo7 info7;
206 [case(8)] samr_DomInfo8 info8;
207 [case(9)] samr_DomInfo9 info9;
208 [case(11)] samr_DomInfo11 info11;
209 [case(12)] samr_DomInfo12 info12;
210 [case(13)] samr_DomInfo13 info13;
213 NTSTATUS samr_QueryDomainInfo(
214 [in,ref] policy_handle *handle,
216 [out,switch_is(level)] samr_DomainInfo *info
219 /************************/
222 only levels 1, 3, 4, 6, 7, 9, 12 are valid for this
225 NTSTATUS samr_SetDomainInfo(
226 [in,ref] policy_handle *handle,
228 [in,switch_is(level),ref] samr_DomainInfo *info
232 /************************/
234 NTSTATUS samr_CreateDomainGroup(
235 [in,ref] policy_handle *handle,
236 [in,ref] samr_Name *name,
237 [in] uint32 access_mask,
238 [out,ref] policy_handle *group_handle,
239 [out,ref] uint32 *rid
243 /************************/
245 NTSTATUS samr_EnumDomainGroups(
246 [in,ref] policy_handle *handle,
247 [in,out,ref] uint32 *resume_handle,
248 [in] uint32 max_size,
249 [out] samr_SamArray *sam,
250 [out] uint32 num_entries
253 /************************/
255 NTSTATUS samr_CreateUser(
256 [in,ref] policy_handle *handle,
257 [in,ref] samr_Name *username,
258 [in] uint32 access_mask,
259 [out,ref] policy_handle *acct_handle,
260 [out,ref] uint32 *rid
263 /************************/
266 /* w2k3 treats max_size as max_users*54 and sets the
267 resume_handle as the rid of the last user sent
269 NTSTATUS samr_EnumDomainUsers(
270 [in,ref] policy_handle *handle,
271 [in,out,ref] uint32 *resume_handle,
272 [in] uint32 acct_flags,
273 [in] uint32 max_size,
274 [out] samr_SamArray *sam,
275 [out] uint32 num_entries
278 /************************/
280 NTSTATUS samr_CreateDomAlias(
281 [in,ref] policy_handle *handle,
282 [in,ref] samr_Name *aliasname,
283 [in] uint32 access_mask,
284 [out,ref] policy_handle *acct_handle,
285 [out,ref] uint32 *rid
288 /************************/
290 NTSTATUS samr_EnumDomainAliases(
291 [in,ref] policy_handle *handle,
292 [in,out,ref] uint32 *resume_handle,
293 [in] uint32 max_size,
294 [out] samr_SamArray *sam,
295 [out] uint32 num_entries
298 /************************/
302 SID_NAME_USE_NONE = 0,/* NOTUSED */
303 SID_NAME_USER = 1, /* user */
304 SID_NAME_DOM_GRP = 2, /* domain group */
305 SID_NAME_DOMAIN = 3, /* domain: don't know what this is */
306 SID_NAME_ALIAS = 4, /* local group */
307 SID_NAME_WKN_GRP = 5, /* well-known group */
308 SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
309 SID_NAME_INVALID = 7, /* invalid account */
310 SID_NAME_UNKNOWN = 8 /* oops. */
315 [size_is(count)] uint32 *ids;
318 NTSTATUS samr_GetAliasMembership(
319 [in,ref] policy_handle *handle,
320 [in,ref] lsa_SidArray *sids,
324 /************************/
327 NTSTATUS samr_LookupNames(
328 [in,ref] policy_handle *handle,
329 [in] uint32 num_names,
330 [in,ref,size_is(1000),length_is(num_names)] samr_Name *names,
336 /************************/
341 [size_is(count)] samr_Name *names;
344 NTSTATUS samr_LookupRids(
345 [in,ref] policy_handle *handle,
346 [in] uint32 num_rids,
347 [in,ref,size_is(1000),length_is(num_rids)] uint32 *rids,
348 [out] samr_Names names,
352 /************************/
354 NTSTATUS samr_OpenGroup(
355 [in,ref] policy_handle *handle,
356 [in] uint32 access_mask,
358 [out,ref] policy_handle *acct_handle
362 /************************/
369 samr_Name description;
377 samr_Name description;
378 } samr_GroupInfoDesciption;
388 [case(GroupInfoAll)] samr_GroupInfoAll all;
389 [case(GroupInfoName)] samr_Name name;
390 [case(GroupInfoX)] samr_GroupInfoX unknown;
391 [case(GroupInfoDescription)] samr_Name description;
394 NTSTATUS samr_QueryGroupInfo(
395 [in,ref] policy_handle *handle,
397 [out,switch_is(level)] samr_GroupInfo *info
400 /************************/
402 NTSTATUS samr_SetGroupInfo(
403 [in,ref] policy_handle *handle,
405 [in,switch_is(level),ref] samr_GroupInfo *info
408 /************************/
410 NTSTATUS samr_AddGroupMember(
411 [in,ref] policy_handle *handle,
416 /************************/
418 NTSTATUS samr_DeleteDomainGroup(
419 [in,out,ref] policy_handle *handle
422 /************************/
424 NTSTATUS samr_DeleteGroupMember(
425 [in,ref] policy_handle *handle,
430 /************************/
433 this isn't really valid IDL, but it does work. I suspect
434 I need to do some more pidl work to get this really right
443 samr_intArray *unknown7;
446 NTSTATUS samr_QueryGroupMember(
447 [in,ref] policy_handle *handle,
449 [out] samr_ridArray rids
453 /************************/
457 win2003 seems to accept any data at all for the two integers
458 below, and doesn't seem to do anything with them that I can
459 see. Weird. I really expected the first integer to be a rid
460 and the second to be the attributes for that rid member.
462 NTSTATUS samr_SetMemberAttributesOfGroup(
463 [in,ref] policy_handle *handle,
464 [in] uint32 unknown1,
469 /************************/
471 NTSTATUS samr_OpenAlias (
472 [in,ref] policy_handle *handle,
473 [in] uint32 access_mask,
475 [out,ref] policy_handle *acct_handle
479 /************************/
485 samr_Name description;
489 [case(1)] samr_AliasInfoAll all;
490 [case(2)] samr_Name name;
491 [case(3)] samr_Name description;
494 NTSTATUS samr_QueryAliasInfo(
495 [in,ref] policy_handle *handle,
497 [out,switch_is(level)] samr_AliasInfo *info
500 /************************/
502 NTSTATUS samr_SetAliasInfo(
503 [in,ref] policy_handle *handle,
505 [in,switch_is(level)] samr_AliasInfo info
508 /************************/
510 NTSTATUS samr_DeleteDomAlias(
511 [in,out,ref] policy_handle *handle
514 /************************/
516 NTSTATUS samr_AddAliasMember(
517 [in,ref] policy_handle *handle,
518 [in,ref] dom_sid2 *sid
521 /************************/
523 NTSTATUS samr_DeleteAliasMember(
524 [in,ref] policy_handle *handle,
525 [in,ref] dom_sid2 *sid
528 /************************/
530 NTSTATUS samr_GetMembersInAlias(
531 [in,ref] policy_handle *handle,
532 [out,ref] lsa_SidArray *sids
535 /************************/
537 NTSTATUS samr_OpenUser(
538 [in,ref] policy_handle *handle,
539 [in] uint32 access_mask,
541 [out,ref] policy_handle *acct_handle
544 /************************/
546 NTSTATUS samr_DeleteUser(
547 [in,out,ref] policy_handle *handle
550 /************************/
556 samr_Name description;
562 samr_Name unknown; /* settable, but doesn't stick. probably obsolete */
572 samr_Name home_directory;
573 samr_Name home_drive;
574 samr_Name logon_script;
576 samr_Name workstations;
579 NTTIME last_pwd_change;
580 NTTIME allow_pwd_change;
581 NTTIME force_pwd_change;
582 samr_LogonHours logon_hours;
583 uint16 bad_pwd_count;
589 samr_LogonHours logon_hours;
597 samr_Name home_directory;
598 samr_Name home_drive;
599 samr_Name logon_script;
601 samr_Name description;
602 samr_Name workstations;
605 samr_LogonHours logon_hours;
606 uint16 bad_pwd_count;
608 NTTIME last_pwd_change;
632 samr_Name home_drive;
636 samr_Name logon_script;
644 samr_Name description;
648 samr_Name workstations;
663 /* this defines the bits used for fields_present in info21 */
664 const int SAMR_FIELD_NAME = 0x00000002;
665 const int SAMR_FIELD_DESCRIPTION = 0x00000010;
666 const int SAMR_FIELD_COMMENT = 0x00000020;
667 const int SAMR_FIELD_LOGON_SCRIPT = 0x00000100;
668 const int SAMR_FIELD_PROFILE = 0x00000200;
669 const int SAMR_FIELD_WORKSTATION = 0x00000400;
670 const int SAMR_FIELD_LOGON_HOURS = 0x00002000;
671 const int SAMR_FIELD_CALLBACK = 0x00200000;
672 const int SAMR_FIELD_COUNTRY_CODE = 0x00400000;
673 const int SAMR_FIELD_CODE_PAGE = 0x00800000;
674 const int SAMR_FIELD_PASSWORD = 0x03000000; /* 2 bits!? */
679 NTTIME last_pwd_change;
681 NTTIME allow_pwd_change;
682 NTTIME force_pwd_change;
686 samr_Name home_drive;
687 samr_Name logon_script;
689 samr_Name description;
690 samr_Name workstations;
697 [size_is(buf_count)] uint8 *buffer;
701 uint32 fields_present;
702 samr_LogonHours logon_hours;
703 uint16 bad_pwd_count;
713 typedef [flag(NDR_PAHEX)] struct {
715 } samr_CryptPassword;
718 samr_UserInfo21 info;
719 samr_CryptPassword password;
723 samr_CryptPassword password;
727 typedef [flag(NDR_PAHEX)] struct {
729 } samr_CryptPasswordEx;
732 samr_UserInfo21 info;
733 samr_CryptPasswordEx password;
737 samr_CryptPasswordEx password;
742 [case(1)] samr_UserInfo1 info1;
743 [case(2)] samr_UserInfo2 info2;
744 [case(3)] samr_UserInfo3 info3;
745 [case(4)] samr_UserInfo4 info4;
746 [case(5)] samr_UserInfo5 info5;
747 [case(6)] samr_UserInfo6 info6;
748 [case(7)] samr_UserInfo7 info7;
749 [case(8)] samr_UserInfo8 info8;
750 [case(9)] samr_UserInfo9 info9;
751 [case(10)] samr_UserInfo10 info10;
752 [case(11)] samr_UserInfo11 info11;
753 [case(12)] samr_UserInfo12 info12;
754 [case(13)] samr_UserInfo13 info13;
755 [case(14)] samr_UserInfo14 info14;
756 [case(16)] samr_UserInfo16 info16;
757 [case(17)] samr_UserInfo17 info17;
758 [case(20)] samr_UserInfo20 info20;
759 [case(21)] samr_UserInfo21 info21;
760 [case(23)] samr_UserInfo23 info23;
761 [case(24)] samr_UserInfo24 info24;
762 [case(25)] samr_UserInfo25 info25;
763 [case(26)] samr_UserInfo26 info26;
766 NTSTATUS samr_QueryUserInfo(
767 [in,ref] policy_handle *handle,
769 [out,switch_is(level)] samr_UserInfo *info
773 /************************/
775 NTSTATUS samr_SetUserInfo(
776 [in,ref] policy_handle *handle,
778 [in,ref,switch_is(level)] samr_UserInfo *info
781 /************************/
784 typedef [flag(NDR_PAHEX)] struct {
789 this is a password change interface that doesn't give
790 the server the plaintext password. Depricated.
792 NTSTATUS samr_ChangePasswordUser(
793 [in,ref] policy_handle *handle,
794 [in] bool8 lm_present,
795 [in] samr_Hash *old_lm_crypted,
796 [in] samr_Hash *new_lm_crypted,
797 [in] bool8 nt_present,
798 [in] samr_Hash *old_nt_crypted,
799 [in] samr_Hash *new_nt_crypted,
800 [in] bool8 cross1_present,
801 [in] samr_Hash *nt_cross,
802 [in] bool8 cross2_present,
803 [in] samr_Hash *lm_cross
806 /************************/
816 [size_is(count)] samr_RidType *rid;
819 NTSTATUS samr_GetGroupsForUser(
820 [in,ref] policy_handle *handle,
821 [out] samr_RidArray *rids
824 /************************/
831 samr_Name account_name;
833 samr_Name description;
834 } samr_DispEntryGeneral;
838 [size_is(count)] samr_DispEntryGeneral *entries;
839 } samr_DispInfoGeneral;
845 samr_Name account_name;
846 samr_Name description;
847 } samr_DispEntryFull;
851 [size_is(count)] samr_DispEntryFull *entries;
855 [value(strlen_m(r->name))] uint16 name_len;
856 [value(strlen_m(r->name))] uint16 name_size;
862 samr_AsciiName account_name;
863 } samr_DispEntryAscii;
867 [size_is(count)] samr_DispEntryAscii *entries;
868 } samr_DispInfoAscii;
871 [case(1)] samr_DispInfoGeneral info1;/* users */
872 [case(2)] samr_DispInfoFull info2; /* trust accounts? */
873 [case(3)] samr_DispInfoFull info3; /* groups */
874 [case(4)] samr_DispInfoAscii info4; /* users */
875 [case(5)] samr_DispInfoAscii info5; /* groups */
878 NTSTATUS samr_QueryDisplayInfo(
879 [in,ref] policy_handle *handle,
881 [in] uint32 start_idx,
882 [in] uint32 max_entries,
883 [in] uint32 buf_size,
884 [out] uint32 total_size,
885 [out] uint32 returned_size,
886 [out,switch_is(level)] samr_DispInfo info
890 /************************/
894 this seems to be an alphabetic search function. The returned index
895 is the index for samr_QueryDisplayInfo needed to get names occurring
896 after the specified name. The supplied name does not need to exist
897 in the database (for example you can supply just a first letter for
898 searching starting at that letter)
900 The level corresponds to the samr_QueryDisplayInfo level
902 NTSTATUS samr_GetDisplayEnumerationIndex(
903 [in,ref] policy_handle *handle,
911 /************************/
915 w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
917 NTSTATUS samr_TestPrivateFunctionsDomain(
918 [in,ref] policy_handle *handle
922 /************************/
926 w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
928 NTSTATUS samr_TestPrivateFunctionsUser(
929 [in,ref] policy_handle *handle
933 /************************/
936 /* password properties flags */
937 const uint32 DOMAIN_PASSWORD_COMPLEX = 0x00000001;
938 const uint32 DOMAIN_PASSWORD_NO_ANON_CHANGE = 0x00000002;
939 const uint32 DOMAIN_PASSWORD_NO_CLEAR_CHANGE = 0x00000004;
940 const uint32 DOMAIN_PASSWORD_STORE_CLEARTEXT = 0x00000010;
941 const uint32 DOMAIN_REFUSE_PASSWORD_CHANGE = 0x00000020;
945 uint32 password_properties;
948 NTSTATUS samr_GetUserPwInfo(
949 [in,ref] policy_handle *handle,
950 [out] samr_PwInfo info
953 /************************/
955 NTSTATUS samr_RemoveMemberFromForeignDomain(
956 [in,ref] policy_handle *handle,
957 [in,ref] dom_sid2 *sid
960 /************************/
964 how is this different from QueryDomainInfo ??
966 NTSTATUS samr_QueryDomainInfo2(
967 [in,ref] policy_handle *handle,
969 [out,switch_is(level)] samr_DomainInfo *info
972 /************************/
976 how is this different from QueryUserInfo ??
978 NTSTATUS samr_QueryUserInfo2(
979 [in,ref] policy_handle *handle,
981 [out,switch_is(level)] samr_UserInfo *info
984 /************************/
988 how is this different from QueryDisplayInfo??
990 NTSTATUS samr_QueryDisplayInfo2(
991 [in,ref] policy_handle *handle,
993 [in] uint32 start_idx,
994 [in] uint32 max_entries,
995 [in] uint32 buf_size,
996 [out] uint32 total_size,
997 [out] uint32 returned_size,
998 [out,switch_is(level)] samr_DispInfo info
1001 /************************/
1005 how is this different from GetDisplayEnumerationIndex ??
1007 NTSTATUS samr_GetDisplayEnumerationIndex2(
1008 [in,ref] policy_handle *handle,
1010 [in] samr_Name name,
1015 /************************/
1017 NTSTATUS samr_CreateUser2(
1018 [in,ref] policy_handle *handle,
1019 [in,ref] samr_Name *username,
1020 [in] uint32 acct_flags,
1021 [in] uint32 access_mask,
1022 [out,ref] policy_handle *acct_handle,
1023 [out,ref] uint32 *access_granted,
1024 [out,ref] uint32 *rid
1028 /************************/
1032 another duplicate. There must be a reason ....
1034 NTSTATUS samr_QueryDisplayInfo3(
1035 [in,ref] policy_handle *handle,
1037 [in] uint32 start_idx,
1038 [in] uint32 max_entries,
1039 [in] uint32 buf_size,
1040 [out] uint32 total_size,
1041 [out] uint32 returned_size,
1042 [out,switch_is(level)] samr_DispInfo info
1045 /************************/
1047 NTSTATUS samr_AddMultipleMembersToAlias(
1048 [in,ref] policy_handle *handle,
1049 [in,ref] lsa_SidArray *sids
1052 /************************/
1054 NTSTATUS samr_RemoveMultipleMembersFromAlias(
1055 [in,ref] policy_handle *handle,
1056 [in,ref] lsa_SidArray *sids
1059 /************************/
1062 NTSTATUS samr_OemChangePasswordUser2(
1063 [in] samr_AsciiName *server,
1064 [in,ref] samr_AsciiName *account,
1065 [in] samr_CryptPassword *password,
1066 [in] samr_Hash *hash
1069 /************************/
1071 NTSTATUS samr_ChangePasswordUser2(
1072 [in] samr_Name *server,
1073 [in,ref] samr_Name *account,
1074 [in] samr_CryptPassword *nt_password,
1075 [in] samr_Hash *nt_verifier,
1076 [in] bool8 lm_change,
1077 [in] samr_CryptPassword *lm_password,
1078 [in] samr_Hash *lm_verifier
1081 /************************/
1083 NTSTATUS samr_GetDomPwInfo(
1084 [in] samr_Name *name,
1085 [out] samr_PwInfo info
1088 /************************/
1090 NTSTATUS samr_Connect2(
1091 [in] unistr *system_name,
1092 [in] uint32 access_mask,
1093 [out,ref] policy_handle *handle
1096 /************************/
1099 seems to be an exact alias for samr_SetUserInfo()
1101 NTSTATUS samr_SetUserInfo2(
1102 [in,ref] policy_handle *handle,
1104 [in,ref,switch_is(level)] samr_UserInfo *info
1107 /************************/
1110 this one is mysterious. I have a few guesses, but nothing working yet
1112 NTSTATUS samr_SetBootKeyInformation(
1113 [in,ref] policy_handle *handle,
1114 [in] uint32 unknown1,
1115 [in] uint32 unknown2,
1116 [in] uint32 unknown3
1119 /************************/
1121 NTSTATUS samr_GetBootKeyInformation(
1122 [in,ref] policy_handle *handle,
1123 [out] uint32 unknown
1126 /************************/
1128 NTSTATUS samr_Connect3(
1129 [in] unistr *system_name,
1130 /* this unknown value seems to be completely ignored by w2k3 */
1131 [in] uint32 unknown,
1132 [in] uint32 access_mask,
1133 [out,ref] policy_handle *handle
1136 /************************/
1138 NTSTATUS samr_Connect4(
1139 [in] unistr *system_name,
1140 [in] uint32 unknown,
1141 [in] uint32 access_mask,
1142 [out,ref] policy_handle *handle
1145 /************************/
1152 } samr_ChangeReject;
1154 NTSTATUS samr_ChangePasswordUser3(
1155 [in] samr_Name *server,
1156 [in,ref] samr_Name *account,
1157 [in] samr_CryptPassword *nt_password,
1158 [in] samr_Hash *nt_verifier,
1159 [in] bool8 lm_change,
1160 [in] samr_CryptPassword *lm_password,
1161 [in] samr_Hash *lm_verifier,
1162 [in] samr_CryptPassword *password3,
1163 [out] samr_DomInfo1 *dominfo,
1164 [out] samr_ChangeReject *reject
1167 /************************/
1171 uint32 unknown1; /* w2k3 gives 3 */
1172 uint32 unknown2; /* w2k3 gives 0 */
1173 } samr_ConnectInfo1;
1176 [case(1)] samr_ConnectInfo1 info1;
1179 NTSTATUS samr_Connect5(
1180 [in] unistr *system_name,
1181 [in] uint32 access_mask,
1182 [in,out] uint32 level,
1183 [in,out,switch_is(level),ref] samr_ConnectInfo *info,
1184 [out,ref] policy_handle *handle
1187 /************************/
1189 NTSTATUS samr_RidToSid(
1190 [in,ref] policy_handle *handle,
1196 /************************/
1200 this should set the DSRM password for the server, which is used
1201 when booting into Directory Services Recovery Mode on a DC. Win2003
1202 gives me NT_STATUS_NOT_SUPPORTED
1205 NTSTATUS samr_SetDsrmPassword(
1206 [in] samr_Name *name,
1207 [in] uint32 unknown,
1208 [in] samr_Hash *hash
1212 /************************/
1215 I haven't been able to work out the format of this one yet.
1216 Seems to start with a switch level for a union?
1218 NTSTATUS samr_ValidatePassword();