Copyright (C) Andrew Tridgell 1992-2000
Copyright (C) Luke Kenneth Casson Leighton 1996-2000
Copyright (C) Paul Ashton 1997-2000
- Copyright (C) Jean François Micouleau 1998-2001.
+ Copyright (C) Jean François Micouleau 1998-2001
+ Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#ifndef _RPC_SAMR_H /* _RPC_SAMR_H */
#define _RPC_SAMR_H
-
-#include "rpc_misc.h"
-
-
/*******************************************************************
the following information comes from a QuickView on samsrv.dll,
and gives an idea of exactly what is needed:
#define SAMR_UNKNOWN_2a 0x2a
#define SAMR_UNKNOWN_2b 0x2b
#define SAMR_GET_USRDOM_PWINFO 0x2c
-#define SAMR_UNKNOWN_2D 0x2d
-#define SAMR_UNKNOWN_2E 0x2e /* looks like an alias for SAMR_QUERY_DOMAIN_INFO */
+#define SAMR_REMOVE_SID_FOREIGN_DOMAIN 0x2d
+#define SAMR_QUERY_DOMAIN_INFO2 0x2e /* looks like an alias for SAMR_QUERY_DOMAIN_INFO */
#define SAMR_UNKNOWN_2f 0x2f
#define SAMR_QUERY_DISPINFO3 0x30 /* Alias for SAMR_QUERY_DISPINFO
with info level 3 */
#define SAMR_GET_DOM_PWINFO 0x38
#define SAMR_CONNECT 0x39
#define SAMR_SET_USERINFO 0x3A
-
-/* Access bits to the SAM-object */
-
-#define SAMR_ACCESS_UNKNOWN_1 0x00000001
-#define SAMR_ACCESS_SHUTDOWN_SERVER 0x00000002
-#define SAMR_ACCESS_UNKNOWN_4 0x00000004
-#define SAMR_ACCESS_UNKNOWN_8 0x00000008
-#define SAMR_ACCESS_ENUM_DOMAINS 0x00000010
-#define SAMR_ACCESS_OPEN_DOMAIN 0x00000020
-
-#define SAMR_ALL_ACCESS ( STANDARD_RIGHTS_REQUIRED_ACCESS | \
- SAMR_ACCESS_OPEN_DOMAIN | \
- SAMR_ACCESS_ENUM_DOMAINS | \
- SAMR_ACCESS_UNKNOWN_8 | \
- SAMR_ACCESS_UNKNOWN_4 | \
- SAMR_ACCESS_SHUTDOWN_SERVER | \
- SAMR_ACCESS_UNKNOWN_1 )
-
-#define SAMR_READ ( STANDARD_RIGHTS_READ_ACCESS | \
- SAMR_ACCESS_ENUM_DOMAINS )
-
-#define SAMR_WRITE ( STANDARD_RIGHTS_WRITE_ACCESS | \
- SAMR_ACCESS_UNKNOWN_8 | \
- SAMR_ACCESS_UNKNOWN_4 | \
- SAMR_ACCESS_SHUTDOWN_SERVER )
-
-#define SAMR_EXECUTE ( STANDARD_RIGHTS_EXECUTE_ACCESS | \
- SAMR_ACCESS_OPEN_DOMAIN | \
- SAMR_ACCESS_UNKNOWN_1 )
-
-/* Access bits to Domain-objects */
-
-#define DOMAIN_ACCESS_LOOKUP_INFO_1 0x000000001
-#define DOMAIN_ACCESS_SET_INFO_1 0x000000002
-#define DOMAIN_ACCESS_LOOKUP_INFO_2 0x000000004
-#define DOMAIN_ACCESS_SET_INFO_2 0x000000008
-#define DOMAIN_ACCESS_CREATE_USER 0x000000010
-#define DOMAIN_ACCESS_CREATE_GROUP 0x000000020
-#define DOMAIN_ACCESS_CREATE_ALIAS 0x000000040
-#define DOMAIN_ACCESS_UNKNOWN_80 0x000000080
-#define DOMAIN_ACCESS_ENUM_ACCOUNTS 0x000000100
-#define DOMAIN_ACCESS_OPEN_ACCOUNT 0x000000200
-#define DOMAIN_ACCESS_SET_INFO_3 0x000000400
-
-#define DOMAIN_ALL_ACCESS ( STANDARD_RIGHTS_REQUIRED_ACCESS | \
- DOMAIN_ACCESS_SET_INFO_3 | \
- DOMAIN_ACCESS_OPEN_ACCOUNT | \
- DOMAIN_ACCESS_ENUM_ACCOUNTS | \
- DOMAIN_ACCESS_UNKNOWN_80 | \
- DOMAIN_ACCESS_CREATE_ALIAS | \
- DOMAIN_ACCESS_CREATE_GROUP | \
- DOMAIN_ACCESS_CREATE_USER | \
- DOMAIN_ACCESS_SET_INFO_2 | \
- DOMAIN_ACCESS_LOOKUP_INFO_2 | \
- DOMAIN_ACCESS_SET_INFO_1 | \
- DOMAIN_ACCESS_LOOKUP_INFO_1 )
-
-#define DOMAIN_READ ( STANDARD_RIGHTS_READ_ACCESS | \
- DOMAIN_ACCESS_UNKNOWN_80 | \
- DOMAIN_ACCESS_LOOKUP_INFO_2 )
-
-#define DOMAIN_WRITE ( STANDARD_RIGHTS_WRITE_ACCESS | \
- DOMAIN_ACCESS_SET_INFO_3 | \
- DOMAIN_ACCESS_CREATE_ALIAS | \
- DOMAIN_ACCESS_CREATE_GROUP | \
- DOMAIN_ACCESS_CREATE_USER | \
- DOMAIN_ACCESS_SET_INFO_2 | \
- DOMAIN_ACCESS_SET_INFO_1 )
-
-#define DOMAIN_EXECUTE ( STANDARD_RIGHTS_EXECUTE_ACCESS | \
- DOMAIN_ACCESS_OPEN_ACCOUNT | \
- DOMAIN_ACCESS_ENUM_ACCOUNTS | \
- DOMAIN_ACCESS_LOOKUP_INFO_1 )
-
-/* Access bits to User-objects */
-
-#define USER_ACCESS_GET_NAME_ETC 0x000000001
-#define USER_ACCESS_GET_LOCALE 0x000000002
-#define USER_ACCESS_SET_LOC_COM 0x000000004
-#define USER_ACCESS_GET_LOGONINFO 0x000000008
-#define USER_ACCESS_UNKNOWN_10 0x000000010
-#define USER_ACCESS_SET_ATTRIBUTES 0x000000020
-#define USER_ACCESS_CHANGE_PASSWORD 0x000000040
-#define USER_ACCESS_SET_PASSWORD 0x000000080
-#define USER_ACCESS_GET_GROUPS 0x000000100
-#define USER_ACCESS_UNKNOWN_200 0x000000200
-#define USER_ACCESS_UNKNOWN_400 0x000000400
-
-#define USER_ALL_ACCESS ( STANDARD_RIGHTS_REQUIRED_ACCESS | \
- USER_ACCESS_UNKNOWN_400 | \
- USER_ACCESS_UNKNOWN_200 | \
- USER_ACCESS_GET_GROUPS | \
- USER_ACCESS_SET_PASSWORD | \
- USER_ACCESS_CHANGE_PASSWORD | \
- USER_ACCESS_SET_ATTRIBUTES | \
- USER_ACCESS_UNKNOWN_10 | \
- USER_ACCESS_GET_LOGONINFO | \
- USER_ACCESS_SET_LOC_COM | \
- USER_ACCESS_GET_LOCALE | \
- USER_ACCESS_GET_NAME_ETC )
-
-#define USER_READ ( STANDARD_RIGHTS_READ_ACCESS | \
- USER_ACCESS_UNKNOWN_200 | \
- USER_ACCESS_GET_GROUPS | \
- USER_ACCESS_UNKNOWN_10 | \
- USER_ACCESS_GET_LOGONINFO | \
- USER_ACCESS_GET_LOCALE )
-
-#define USER_WRITE ( STANDARD_RIGHTS_WRITE_ACCESS | \
- USER_ACCESS_CHANGE_PASSWORD | \
- USER_ACCESS_SET_LOC_COM )
-
-#define USER_EXECUTE ( STANDARD_RIGHTS_EXECUTE_ACCESS | \
- USER_ACCESS_CHANGE_PASSWORD | \
- USER_ACCESS_GET_NAME_ETC )
-
-/* Access bits to Group-objects */
-
-#define GROUP_ACCESS_LOOKUP_INFO 0x00000001
-#define GROUP_ACCESS_SET_INFO 0x00000002
-#define GROUP_ACCESS_ADD_MEMBER 0x00000004
-#define GROUP_ACCESS_REMOVE_MEMBER 0x00000008
-#define GROUP_ACCESS_GET_MEMBERS 0x00000010
-
-#define GROUP_ALL_ACCESS ( STANDARD_RIGHTS_REQUIRED_ACCESS | \
- GROUP_ACCESS_GET_MEMBERS | \
- GROUP_ACCESS_REMOVE_MEMBER | \
- GROUP_ACCESS_ADD_MEMBER | \
- GROUP_ACCESS_SET_INFO | \
- GROUP_ACCESS_LOOKUP_INFO )
-
-#define GROUP_READ ( STANDARD_RIGHTS_READ_ACCESS | \
- GROUP_ACCESS_GET_MEMBERS )
-
-#define GROUP_WRITE ( STANDARD_RIGHTS_WRITE_ACCESS | \
- GROUP_ACCESS_REMOVE_MEMBER | \
- GROUP_ACCESS_ADD_MEMBER | \
- GROUP_ACCESS_SET_INFO )
-
-#define GROUP_EXECUTE ( STANDARD_RIGHTS_EXECUTE_ACCESS | \
- GROUP_ACCESS_LOOKUP_INFO )
-
-/* Access bits to Alias-objects */
-
-#define ALIAS_ACCESS_ADD_MEMBER 0x00000001
-#define ALIAS_ACCESS_REMOVE_MEMBER 0x00000002
-#define ALIAS_ACCESS_GET_MEMBERS 0x00000004
-#define ALIAS_ACCESS_LOOKUP_INFO 0x00000008
-#define ALIAS_ACCESS_SET_INFO 0x00000010
-
-#define ALIAS_ALL_ACCESS ( STANDARD_RIGHTS_REQUIRED_ACCESS | \
- ALIAS_ACCESS_GET_MEMBERS | \
- ALIAS_ACCESS_REMOVE_MEMBER | \
- ALIAS_ACCESS_ADD_MEMBER | \
- ALIAS_ACCESS_SET_INFO | \
- ALIAS_ACCESS_LOOKUP_INFO )
-
-#define ALIAS_READ ( STANDARD_RIGHTS_READ_ACCESS | \
- ALIAS_ACCESS_GET_MEMBERS )
-
-#define ALIAS_WRITE ( STANDARD_RIGHTS_WRITE_ACCESS | \
- ALIAS_ACCESS_REMOVE_MEMBER | \
- ALIAS_ACCESS_ADD_MEMBER | \
- ALIAS_ACCESS_SET_INFO )
-
-#define ALIAS_EXECUTE ( STANDARD_RIGHTS_EXECUTE_ACCESS | \
- ALIAS_ACCESS_LOOKUP_INFO )
-
-
-
-
-typedef struct _DISP_USER_INFO {
- SAM_ACCOUNT *sam;
-} DISP_USER_INFO;
-
-typedef struct _DISP_GROUP_INFO {
- DOMAIN_GRP *grp;
-} DISP_GROUP_INFO;
-
+#define SAMR_CONNECT4 0x3E
+#define SAMR_CHGPASSWD_USER3 0x3F
+#define SAMR_CONNECT5 0x40
typedef struct logon_hours_info
{
+ uint32 max_len; /* normally 1260 bytes */
+ uint32 offset;
uint32 len; /* normally 21 bytes */
uint8 hours[32];
uint32 acb_info; /* account info (ACB_xxxx bit-mask) */
- uint32 unknown_3; /* 0x09f8 27fa */
+ uint32 fields_present; /* 0x09f8 27fa */
uint16 logon_divs; /* 0x0000 00a8 which is 168 which is num hrs in a week */
/* uint8 pad[2] */
uint32 ptr_logon_hrs; /* pointer to logon hours */
- uint8 padding1[8];
+ /* Was unknown_5. */
+ uint16 bad_password_count;
+ uint16 logon_count;
+
+ uint8 padding1[6];
+
+ uint8 passmustchange; /* 0x00 must change = 0x01 */
- uint32 unknown_5; /* 0x0001 0000 */
+ uint8 padding2;
uint8 pass[516];
UNISTR2 uni_unknown_str ; /* don't know what this is, yet. */
UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel no */
- uint32 unknown_6; /* 0x0000 04ec */
- uint32 padding4;
-
LOGON_HRS logon_hrs;
} SAM_USER_INFO_23;
UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel no */
} SAM_USER_INFO_25;
+/* SAM_USER_INFO_26 */
+typedef struct sam_user_info_26
+{
+ uint8 pass[532];
+ uint8 pw_len;
+} SAM_USER_INFO_26;
+
/* SAM_USER_INFO_21 */
typedef struct sam_user_info_21
uint32 acb_info; /* account info (ACB_xxxx bit-mask) */
- uint32 unknown_3; /* 0x00ff ffff */
+ /* Was unknown_3 */
+ uint32 fields_present; /* 0x00ff ffff */
uint16 logon_divs; /* 0x0000 00a8 which is 168 which is num hrs in a week */
/* uint8 pad[2] */
uint32 ptr_logon_hrs; /* unknown pointer */
- uint32 unknown_5; /* 0x0002 0000 */
+ /* Was unknown_5. */
+ uint16 bad_password_count;
+ uint16 logon_count;
- uint8 padding1[8];
+ uint8 padding1[6];
+
+ uint8 passmustchange; /* 0x00 must change = 0x01 */
+
+ uint8 padding2;
UNISTR2 uni_user_name; /* username unicode string */
UNISTR2 uni_full_name; /* user's full name unicode string */
UNISTR2 uni_unknown_str ; /* don't know what this is, yet. */
UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel number */
- uint32 unknown_6; /* 0x0000 04ec */
- uint32 padding4;
-
LOGON_HRS logon_hrs;
} SAM_USER_INFO_21;
+#define PASS_MUST_CHANGE_AT_NEXT_LOGON 0x01
+#define PASS_DONT_CHANGE_AT_NEXT_LOGON 0x00
/* SAM_USER_INFO_20 */
typedef struct sam_user_info_20
} SAM_USER_INFO_20;
-/* SAM_USER_INFO_12 */
-typedef struct sam_user_info_12
+/* SAM_USER_INFO_18 */
+typedef struct sam_user_info_18
{
uint8 lm_pwd[16]; /* lm user passwords */
uint8 nt_pwd[16]; /* nt user passwords */
uint8 lm_pwd_active;
uint8 nt_pwd_active;
-} SAM_USER_INFO_12;
+} SAM_USER_INFO_18;
-/* SAM_USER_INFO_11 */
-typedef struct sam_user_info_11
+/* SAM_USER_INFO_17 */
+typedef struct sam_user_info_17
{
uint8 padding_0[16]; /* 0 - padding 16 bytes */
NTTIME expiry; /* expiry time or something? */
uint8 padding_9[48]; /* 0 - padding 48 bytes */
-} SAM_USER_INFO_11;
+} SAM_USER_INFO_17;
-/* SAM_USER_INFO_10 */
-typedef struct sam_user_info_10
+/* SAM_USER_INFO_16 */
+typedef struct sam_user_info_16
{
uint32 acb_info;
-} SAM_USER_INFO_10;
+} SAM_USER_INFO_16;
+
+/* SAM_USER_INFO_7 */
+typedef struct sam_user_info_7
+{
+ UNIHDR hdr_name; /* unicode header for name */
+ UNISTR2 uni_name; /* unicode string for name */
+
+} SAM_USER_INFO_7;
+
+
+/* SAM_USER_INFO_9 */
+typedef struct sam_user_info_9
+{
+ uint32 rid_group; /* Primary Group RID */
+} SAM_USER_INFO_9;
/* SAMR_Q_CLOSE_HND - probably a policy handle close */
typedef struct sam_unknown_info_7_info
{
- uint16 unknown_0; /* 0x0003 */
+ uint16 server_role;
} SAM_UNK_INFO_7;
+typedef struct sam_unknown_info_8_info
+{
+ UINT64_S seq_num;
+ NTTIME domain_create_time;
+
+} SAM_UNK_INFO_8;
+
typedef struct sam_unknown_info_12_inf
{
NTTIME duration;
typedef struct sam_unknown_info_2_inf
{
- uint32 unknown_0; /* 0x0000 0000 */
- uint32 unknown_1; /* 0x8000 0000 */
- uint32 unknown_2; /* 0x0000 0000 */
-
- uint32 ptr_0; /* pointer to unknown structure */
+ NTTIME logout; /* whether users are forcibly disconnected when logon hours expire */
+ UNIHDR hdr_comment; /* comment according to samba4 idl */
UNIHDR hdr_domain; /* domain name unicode header */
UNIHDR hdr_server; /* server name unicode header */
pointer is referring to
*/
- uint32 seq_num; /* some sort of incrementing sequence number? */
- uint32 unknown_3; /* 0x0000 0000 */
+ UINT64_S seq_num;
uint32 unknown_4; /* 0x0000 0001 */
- uint32 unknown_5; /* 0x0000 0003 */
+ uint32 server_role;
uint32 unknown_6; /* 0x0000 0001 */
uint32 num_domain_usrs; /* number of users in domain */
uint32 num_domain_grps; /* number of domain groups in domain */
uint8 padding[12]; /* 12 bytes zeros */
+ UNISTR2 uni_comment; /* comment unicode string */
UNISTR2 uni_domain; /* domain name unicode string */
UNISTR2 uni_server; /* server name unicode string */
{
uint16 min_length_password;
uint16 password_history;
- uint32 flag;
+ uint32 password_properties;
NTTIME expire;
NTTIME min_passwordage;
SAM_UNK_INFO_5 inf5;
SAM_UNK_INFO_6 inf6;
SAM_UNK_INFO_7 inf7;
+ SAM_UNK_INFO_8 inf8;
SAM_UNK_INFO_12 inf12;
} info;
{
UNIHDR hdr_acct_name;
- uint32 unknown_1; /* 0x0000 0003 - number of group members? */
+ uint32 group_attr; /* 0x0000 0003 - group attribute */
uint32 num_members; /* 0x0000 0001 - number of group members? */
UNIHDR hdr_acct_desc;
} GROUP_INFO1;
+typedef struct samr_group_info2
+{
+ uint16 level;
+ UNIHDR hdr_acct_name;
+ UNISTR2 uni_acct_name;
+
+} GROUP_INFO2;
+
typedef struct samr_group_info3
{
- uint32 unknown_1; /* 0x0000 0003 - number of group members? */
+ uint32 group_attr; /* 0x0000 0003 - group attribute */
} GROUP_INFO3;
typedef struct samr_group_info4
{
+ uint16 level;
UNIHDR hdr_acct_desc;
UNISTR2 uni_acct_desc;
union
{
GROUP_INFO1 info1;
+ GROUP_INFO2 info2;
GROUP_INFO3 info3;
GROUP_INFO4 info4;
} SAMR_R_CREATE_DOM_ALIAS;
-/* SAMR_Q_QUERY_ALIASINFO - SAM Alias Info */
-typedef struct q_samr_query_alias_info
-{
- POLICY_HND pol; /* policy handle */
-
- uint16 switch_level; /* 0x0003 seen */
-} SAMR_Q_QUERY_ALIASINFO;
+/********************************************************/
-typedef struct samr_alias_info1
-{
- UNIHDR hdr_acct_name;
- UNIHDR hdr_acct_desc;
+typedef struct {
+ UNISTR4 name;
+ UNISTR4 description;
uint32 num_member;
- UNISTR2 uni_acct_name;
- UNISTR2 uni_acct_desc;
-
} ALIAS_INFO1;
-typedef struct samr_alias_info3
-{
- UNIHDR hdr_acct_desc;
- UNISTR2 uni_acct_desc;
-
+typedef struct {
+ UNISTR4 description;
} ALIAS_INFO3;
-/* ALIAS_INFO_CTR */
-typedef struct alias_info_ctr
-{
- uint16 switch_value1;
- uint16 switch_value2;
+typedef struct {
+ POLICY_HND pol; /* policy handle */
+ uint16 level; /* 0x0003 seen */
+} SAMR_Q_QUERY_ALIASINFO;
- union
- {
+typedef struct {
+ uint16 level;
+ union {
ALIAS_INFO1 info1;
ALIAS_INFO3 info3;
-
} alias;
-
} ALIAS_INFO_CTR;
-/* SAMR_R_QUERY_ALIASINFO - SAM alias info */
-typedef struct r_samr_query_aliasinfo_info
-{
- uint32 ptr;
- ALIAS_INFO_CTR ctr;
-
+typedef struct {
+ ALIAS_INFO_CTR *ctr;
NTSTATUS status;
-
} SAMR_R_QUERY_ALIASINFO;
-/* SAMR_Q_SET_ALIASINFO - SAM Alias Info */
-typedef struct q_samr_set_alias_info
-{
+/********************************************************/
+
+typedef struct {
POLICY_HND alias_pol; /* policy handle */
ALIAS_INFO_CTR ctr;
-
} SAMR_Q_SET_ALIASINFO;
-/* SAMR_R_SET_ALIASINFO - SAM alias info */
-typedef struct r_samr_set_aliasinfo_info
-{
+typedef struct {
NTSTATUS status;
-
} SAMR_R_SET_ALIASINFO;
+/********************************************************/
+
/* SAMR_Q_QUERY_USERGROUPS - */
typedef struct q_samr_query_usergroup_info
{
union
{
- SAM_USER_INFO_10 *id10; /* auth-level 0x10 */
- SAM_USER_INFO_11 *id11; /* auth-level 0x11 */
- SAM_USER_INFO_12 *id12; /* auth-level 0x12 */
- SAM_USER_INFO_20 *id20; /* auth-level 20 */
- SAM_USER_INFO_21 *id21; /* auth-level 21 */
- SAM_USER_INFO_23 *id23; /* auth-level 0x17 */
- SAM_USER_INFO_24 *id24; /* auth-level 0x18 */
- SAM_USER_INFO_25 *id25; /* auth-level 0x19 */
+ SAM_USER_INFO_7 *id7;
+ SAM_USER_INFO_9 *id9;
+ SAM_USER_INFO_16 *id16;
+ SAM_USER_INFO_17 *id17;
+ SAM_USER_INFO_18 *id18;
+ SAM_USER_INFO_20 *id20;
+ SAM_USER_INFO_21 *id21;
+ SAM_USER_INFO_23 *id23;
+ SAM_USER_INFO_24 *id24;
+ SAM_USER_INFO_25 *id25;
+ SAM_USER_INFO_26 *id26;
void* id; /* to make typecasting easy */
} info;
{
POLICY_HND user_pol; /* policy handle associated with user */
- uint32 unknown_0; /* 0x0007 03ff */
+ uint32 access_granted;
uint32 user_rid; /* user RID */
NTSTATUS status; /* return status */
/* SAMR_Q_CONNECT_ANON - probably an open */
-typedef struct q_samr_connect_anon_info
-{
+typedef struct q_samr_connect_anon_info {
uint32 ptr; /* ptr? */
- uint16 unknown_0; /* 0x005c */
- uint16 unknown_1; /* 0x0001 */
+ uint16 unknown_0; /* Only pushed if ptr is non-zero. */
uint32 access_mask;
-
} SAMR_Q_CONNECT_ANON;
/* SAMR_R_CONNECT_ANON - probably an open */
/* SAMR_R_CONNECT - probably an open */
typedef struct r_samr_connect_info
{
- POLICY_HND connect_pol; /* policy handle */
+ POLICY_HND connect_pol; /* policy handle */
NTSTATUS status; /* return status */
} SAMR_R_CONNECT;
+/* SAMR_Q_CONNECT4 */
+typedef struct q_samr_connect4_info
+{
+ uint32 ptr_srv_name; /* pointer to server name */
+ UNISTR2 uni_srv_name;
+
+ uint32 unk_0; /* possible server name type, 1 for IP num, 2 for name */
+ uint32 access_mask;
+} SAMR_Q_CONNECT4;
+
+/* SAMR_R_CONNECT4 - same format as connect */
+typedef struct r_samr_connect_info SAMR_R_CONNECT4;
+
+/* SAMR_Q_CONNECT5 */
+typedef struct q_samr_connect5_info
+{
+ uint32 ptr_srv_name; /* pointer to server name */
+ UNISTR2 uni_srv_name;
+ uint32 access_mask;
+ uint32 level;
+ /* These following are acutally a level dependent
+ value. Fudge it for now. JRA */
+ uint32 info1_unk1;
+ uint32 info1_unk2;
+} SAMR_Q_CONNECT5;
+
+/* SAMR_R_CONNECT5 */
+typedef struct r_samr_connect_info5
+{
+ uint32 level;
+ uint32 info1_unk1;
+ uint32 info1_unk2;
+ POLICY_HND connect_pol; /* policy handle */
+ NTSTATUS status; /* return status */
+
+} SAMR_R_CONNECT5;
+
+
/* SAMR_Q_GET_DOM_PWINFO */
typedef struct q_samr_get_dom_pwinfo
{
} SAMR_Q_GET_DOM_PWINFO;
+#define DOMAIN_PASSWORD_COMPLEX 0x00000001
+#define DOMAIN_PASSWORD_NO_ANON_CHANGE 0x00000002
+#define DOMAIN_PASSWORD_NO_CLEAR_CHANGE 0x00000004
+#define DOMAIN_LOCKOUT_ADMINS 0x00000008
+#define DOMAIN_PASSWORD_STORE_CLEARTEXT 0x00000010
+#define DOMAIN_REFUSE_PASSWORD_CHANGE 0x00000020
+
/* SAMR_R_GET_DOM_PWINFO */
typedef struct r_samr_get_dom_pwinfo
{
- /*
- * Previously this was 3 uint16's. However, after some tests
- * it appears that the data len for the signing needs to be 16.
- * Not sure how 3 unit16's ever worked since the length always
- * turned out to 12. 3 uint32's + NT_STATUS == 16 bytes. Tested
- * using NT and 2k. --jerry
- */
- uint32 unk_0;
- uint32 unk_1;
- uint32 unk_2;
+ uint16 min_pwd_length;
+ uint32 password_properties;
NTSTATUS status;
} SAMR_R_GET_DOM_PWINFO;
} SAMR_R_CHGPASSWD_USER;
+/* SAMR_Q_CHGPASSWD3 */
+typedef struct q_samr_chgpasswd_user3
+{
+ uint32 ptr_0;
+
+ UNIHDR hdr_dest_host; /* server name unicode header */
+ UNISTR2 uni_dest_host; /* server name unicode string */
+
+ UNIHDR hdr_user_name; /* username unicode string header */
+ UNISTR2 uni_user_name; /* username unicode string */
+
+ SAMR_ENC_PASSWD nt_newpass;
+ SAMR_ENC_HASH nt_oldhash;
+
+ uint32 lm_change; /* 0x0000 0001 */
+
+ SAMR_ENC_PASSWD lm_newpass;
+ SAMR_ENC_HASH lm_oldhash;
+
+ SAMR_ENC_PASSWD password3;
+
+} SAMR_Q_CHGPASSWD_USER3;
+
+#define REJECT_REASON_OTHER 0x00000000
+#define REJECT_REASON_TOO_SHORT 0x00000001
+#define REJECT_REASON_IN_HISTORY 0x00000002
+#define REJECT_REASON_NOT_COMPLEX 0x00000005
+
+/* SAMR_CHANGE_REJECT */
+typedef struct samr_change_reject
+{
+ uint32 reject_reason;
+ uint32 unknown1;
+ uint32 unknown2;
+
+} SAMR_CHANGE_REJECT;
+
+/* SAMR_R_CHGPASSWD3 */
+typedef struct r_samr_chgpasswd_user3
+{
+ uint32 ptr_info;
+ uint32 ptr_reject;
+ SAM_UNK_INFO_1 *info;
+ SAMR_CHANGE_REJECT *reject;
+ NTSTATUS status; /* 0 == OK, C000006A (NT_STATUS_WRONG_PASSWORD) */
+
+} SAMR_R_CHGPASSWD_USER3;
+
-/* SAMR_Q_UNKNOWN_2D */
-typedef struct q_samr_unknown_2d_info
+
+/* SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN */
+typedef struct q_samr_remove_sid_foreign_domain_info
{
POLICY_HND dom_pol; /* policy handle */
DOM_SID2 sid; /* SID */
-} SAMR_Q_UNKNOWN_2D;
+} SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN;
-/* SAMR_R_UNKNOWN_2D - probably an open */
-typedef struct r_samr_unknown_2d_info
+/* SAMR_R_REMOVE_SID_FOREIGN_DOMAIN */
+typedef struct r_samr_remove_sid_foreign_domain_info
{
NTSTATUS status; /* return status */
-} SAMR_R_UNKNOWN_2D;
+} SAMR_R_REMOVE_SID_FOREIGN_DOMAIN;
} DOM_SID3;
-/* SAMR_Q_UNKNOWN_2E */
-typedef struct q_samr_unknown_2e_info
+/* SAMR_Q_QUERY_DOMAIN_INFO2 */
+typedef struct q_samr_query_domain_info2
{
POLICY_HND domain_pol; /* policy handle */
uint16 switch_value;
-} SAMR_Q_UNKNOWN_2E;
+} SAMR_Q_QUERY_DOMAIN_INFO2;
-/* SAMR_R_UNKNOWN_2E */
-typedef struct r_samr_unknown_2e_info
+/* SAMR_R_QUERY_DOMAIN_INFO2 */
+typedef struct r_samr_query_domain_info2
{
uint32 ptr_0;
uint16 switch_value;
SAM_UNK_CTR *ctr;
NTSTATUS status; /* return status */
-} SAMR_R_UNKNOWN_2E;
+} SAMR_R_QUERY_DOMAIN_INFO2;
/* SAMR_Q_SET_DOMAIN_INFO */
typedef struct q_samr_set_domain_info
} SAMR_R_SET_DOMAIN_INFO;
-
#endif /* _RPC_SAMR_H */
-