search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
preparing for release of 2.2.3a
[Samba.git] / source / include / rpc_lsa.h
bloba9a28a63ac311e9b9b19f95cc74e4c8d4a092366
1 /*
2 Unix SMB/Netbios implementation.
3 Version 1.9.
4 SMB parameters and setup
5 Copyright (C) Andrew Tridgell 1992-1997
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
7 Copyright (C) Paul Ashton 1997
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24 #ifndef _RPC_LSA_H /* _RPC_LSA_H */
25 #define _RPC_LSA_H
26
27 #include "rpc_misc.h"
28
29 enum SID_NAME_USE
30 {
31 SID_NAME_USE_NONE = 0,/* NOTUSED */
32 SID_NAME_USER = 1, /* user */
33 SID_NAME_DOM_GRP = 2, /* domain group */
34 SID_NAME_DOMAIN = 3, /* domain: don't know what this is */
35 SID_NAME_ALIAS = 4, /* local group */
36 SID_NAME_WKN_GRP = 5, /* well-known group */
37 SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
38 SID_NAME_INVALID = 7, /* invalid account */
39 SID_NAME_UNKNOWN = 8 /* oops. */
40 };
41
42 /* Opcodes available on this pipe */
43
44 #define LSA_CLOSE 0x00
45 #define LSA_DELETE 0x01
46 #define LSA_ENUM_PRIVS 0x02
47 #define LSA_QUERYSECOBJ 0x03
48 #define LSA_SETSECOBJ 0x04
49 #define LSA_CHANGEPASSWORD 0x05
50 #define LSA_OPENPOLICY 0x06
51 #define LSA_QUERYINFOPOLICY 0x07
52 #define LSA_SETINFOPOLICY 0x08
53 #define LSA_CLEARAUDITLOG 0x09
54 #define LSA_CREATEACCOUNT 0x0a
55 #define LSA_ENUM_ACCOUNTS 0x0b
56 #define LSA_CREATETRUSTDOM 0x0c
57 #define LSA_ENUMTRUSTDOM 0x0d
58 #define LSA_LOOKUPNAMES 0x0e
59 #define LSA_LOOKUPSIDS 0x0f
60 #define LSA_CREATESECRET 0x10
61 #define LSA_OPENACCOUNT 0x11
62 #define LSA_ENUMPRIVSACCOUNT 0x12
63 #define LSA_ADDPRIVS 0x13
64 #define LSA_REMOVEPRIVS 0x14
65 #define LSA_GETQUOTAS 0x15
66 #define LSA_SETQUOTAS 0x16
67 #define LSA_GETSYSTEMACCOUNT 0x17
68 #define LSA_SETSYSTEMACCOUNT 0x18
69 #define LSA_OPENTRUSTDOM 0x19
70 #define LSA_QUERYTRUSTDOM 0x1a
71 #define LSA_SETINFOTRUSTDOM 0x1b
72 #define LSA_OPENSECRET 0x1c
73 #define LSA_SETSECRET 0x1d
74 #define LSA_QUERYSECRET 0x1e
75 #define LSA_LOOKUPPRIVVALUE 0x1f
76 #define LSA_LOOKUPPRIVNAME 0x20
77 #define LSA_PRIV_GET_DISPNAME 0x21
78 #define LSA_DELETEOBJECT 0x22
79 #define LSA_ENUMACCTWITHRIGHT 0x23
80 #define LSA_ENUMACCTRIGHTS 0x24
81 #define LSA_ADDACCTRIGHTS 0x25
82 #define LSA_REMOVEACCTRIGHTS 0x26
83 #define LSA_QUERYTRUSTDOMINFO 0x27
84 #define LSA_SETTRUSTDOMINFO 0x28
85 #define LSA_DELETETRUSTDOM 0x29
86 #define LSA_STOREPRIVDATA 0x2a
87 #define LSA_RETRPRIVDATA 0x2b
88 #define LSA_OPENPOLICY2 0x2c
89 #define LSA_UNK_GET_CONNUSER 0x2d /* LsaGetConnectedCredentials ? */
90
91 /* XXXX these are here to get a compile! */
92 #define LSA_LOOKUPRIDS 0xFD
93
94 #define LSA_MAX_GROUPS 96
95 #define LSA_MAX_SIDS 128
96
97 /* DOM_QUERY - info class 3 and 5 LSA Query response */
98 typedef struct dom_query_info
99 {
100 uint16 uni_dom_max_len; /* domain name string length * 2 */
101 uint16 uni_dom_str_len; /* domain name string length * 2 */
102 uint32 buffer_dom_name; /* undocumented domain name string buffer pointer */
103 uint32 buffer_dom_sid; /* undocumented domain SID string buffer pointer */
104 UNISTR2 uni_domain_name; /* domain name (unicode string) */
105 DOM_SID2 dom_sid; /* domain SID */
106
107 } DOM_QUERY;
108
109 /* level 5 is same as level 3. we hope. */
110 typedef DOM_QUERY DOM_QUERY_3;
111 typedef DOM_QUERY DOM_QUERY_5;
112
113 /* level 2 is auditing settings */
114 typedef struct dom_query_2
115 {
116 uint32 auditing_enabled;
117 uint32 count1; /* usualy 7, at least on nt4sp4 */
118 uint32 count2; /* the same */
119 uint32 *auditsettings;
120 } DOM_QUERY_2;
121
122 /* level 6 is server role information */
123 typedef struct dom_query_6
124 {
125 uint16 server_role; /* 2=backup, 3=primary */
126 } DOM_QUERY_6;
127
128 typedef struct seq_qos_info
129 {
130 uint32 len; /* 12 */
131 uint16 sec_imp_level; /* 0x02 - impersonation level */
132 uint8 sec_ctxt_mode; /* 0x01 - context tracking mode */
133 uint8 effective_only; /* 0x00 - effective only */
134 uint32 unknown; /* 0x2000 0000 - not known */
135
136 } LSA_SEC_QOS;
137
138 typedef struct obj_attr_info
139 {
140 uint32 len; /* 0x18 - length (in bytes) inc. the length field. */
141 uint32 ptr_root_dir; /* 0 - root directory (pointer) */
142 uint32 ptr_obj_name; /* 0 - object name (pointer) */
143 uint32 attributes; /* 0 - attributes (undocumented) */
144 uint32 ptr_sec_desc; /* 0 - security descriptior (pointer) */
145 uint32 ptr_sec_qos; /* security quality of service */
146 LSA_SEC_QOS *sec_qos;
147
148 } LSA_OBJ_ATTR;
149
150 /* LSA_Q_OPEN_POL - LSA Query Open Policy */
151 typedef struct lsa_q_open_pol_info
152 {
153 uint32 ptr; /* undocumented buffer pointer */
154 uint16 system_name; /* 0x5c - system name */
155 LSA_OBJ_ATTR attr ; /* object attributes */
156
157 uint32 des_access; /* desired access attributes */
158
159 } LSA_Q_OPEN_POL;
160
161 /* LSA_R_OPEN_POL - response to LSA Open Policy */
162 typedef struct lsa_r_open_pol_info
163 {
164 POLICY_HND pol; /* policy handle */
165 NTSTATUS status; /* return code */
166
167 } LSA_R_OPEN_POL;
168
169 /* LSA_Q_OPEN_POL2 - LSA Query Open Policy */
170 typedef struct lsa_q_open_pol2_info
171 {
172 uint32 ptr; /* undocumented buffer pointer */
173 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
174 LSA_OBJ_ATTR attr ; /* object attributes */
175
176 uint32 des_access; /* desired access attributes */
177
178 } LSA_Q_OPEN_POL2;
179
180 /* LSA_R_OPEN_POL2 - response to LSA Open Policy */
181 typedef struct lsa_r_open_pol2_info
182 {
183 POLICY_HND pol; /* policy handle */
184 NTSTATUS status; /* return code */
185
186 } LSA_R_OPEN_POL2;
187
188 /* LSA_Q_QUERY_SEC_OBJ - LSA query security */
189 typedef struct lsa_query_sec_obj_info
190 {
191 POLICY_HND pol; /* policy handle */
192 uint32 sec_info;
193
194 } LSA_Q_QUERY_SEC_OBJ;
195
196 /* LSA_R_QUERY_SEC_OBJ - probably an open */
197 typedef struct r_lsa_query_sec_obj_info
198 {
199 uint32 ptr;
200 SEC_DESC_BUF *buf;
201
202 NTSTATUS status; /* return status */
203
204 } LSA_R_QUERY_SEC_OBJ;
205
206 /* LSA_Q_QUERY_INFO - LSA query info policy */
207 typedef struct lsa_query_info
208 {
209 POLICY_HND pol; /* policy handle */
210 uint16 info_class; /* info class */
211
212 } LSA_Q_QUERY_INFO;
213
214 /* LSA_INFO_UNION */
215 typedef union lsa_info_union
216 {
217 DOM_QUERY_2 id2;
218 DOM_QUERY_3 id3;
219 DOM_QUERY_5 id5;
220 DOM_QUERY_6 id6;
221 } LSA_INFO_UNION;
222
223 /* LSA_R_QUERY_INFO - response to LSA query info policy */
224 typedef struct lsa_r_query_info
225 {
226 uint32 undoc_buffer; /* undocumented buffer pointer */
227 uint16 info_class; /* info class (same as info class in request) */
228
229 LSA_INFO_UNION dom;
230
231 NTSTATUS status; /* return code */
232
233 } LSA_R_QUERY_INFO;
234
235 /* LSA_Q_ENUM_TRUST_DOM - LSA enumerate trusted domains */
236 typedef struct lsa_enum_trust_dom_info
237 {
238 POLICY_HND pol; /* policy handle */
239 uint32 enum_context; /* enumeration context handle */
240 uint32 preferred_len; /* preferred maximum length */
241
242 } LSA_Q_ENUM_TRUST_DOM;
243
244 /* LSA_R_ENUM_TRUST_DOM - response to LSA enumerate trusted domains */
245 typedef struct lsa_r_enum_trust_dom_info
246 {
247 uint32 enum_context; /* enumeration context handle */
248 uint32 num_domains; /* number of domains */
249 uint32 ptr_enum_domains; /* buffer pointer to num domains */
250
251 /* this lot is only added if ptr_enum_domains is non-NULL */
252 uint32 num_domains2; /* number of domains */
253 UNIHDR2 *hdr_domain_name;
254 UNISTR2 *uni_domain_name;
255 DOM_SID2 *domain_sid;
256
257 NTSTATUS status; /* return code */
258
259 } LSA_R_ENUM_TRUST_DOM;
260
261 /* LSA_Q_CLOSE */
262 typedef struct lsa_q_close_info
263 {
264 POLICY_HND pol; /* policy handle */
265
266 } LSA_Q_CLOSE;
267
268 /* LSA_R_CLOSE */
269 typedef struct lsa_r_close_info
270 {
271 POLICY_HND pol; /* policy handle. should be all zeros. */
272
273 NTSTATUS status; /* return code */
274
275 } LSA_R_CLOSE;
276
277
278 #define MAX_REF_DOMAINS 32
279
280 /* DOM_TRUST_HDR */
281 typedef struct dom_trust_hdr
282 {
283 UNIHDR hdr_dom_name; /* referenced domain unicode string headers */
284 uint32 ptr_dom_sid;
285
286 } DOM_TRUST_HDR;
287
288 /* DOM_TRUST_INFO */
289 typedef struct dom_trust_info
290 {
291 UNISTR2 uni_dom_name; /* domain name unicode string */
292 DOM_SID2 ref_dom ; /* referenced domain SID */
293
294 } DOM_TRUST_INFO;
295
296 /* DOM_R_REF */
297 typedef struct dom_ref_info
298 {
299 uint32 num_ref_doms_1; /* num referenced domains */
300 uint32 ptr_ref_dom; /* pointer to referenced domains */
301 uint32 max_entries; /* 32 - max number of entries */
302 uint32 num_ref_doms_2; /* num referenced domains */
303
304 DOM_TRUST_HDR hdr_ref_dom[MAX_REF_DOMAINS]; /* referenced domains */
305 DOM_TRUST_INFO ref_dom [MAX_REF_DOMAINS]; /* referenced domains */
306
307 } DOM_R_REF;
308
309 /* the domain_idx points to a SID associated with the name */
310
311 /* LSA_TRANS_NAME - translated name */
312 typedef struct lsa_trans_name_info
313 {
314 uint16 sid_name_use; /* value is 5 for a well-known group; 2 for a domain group; 1 for a user... */
315 UNIHDR hdr_name;
316 uint32 domain_idx; /* index into DOM_R_REF array of SIDs */
317
318 } LSA_TRANS_NAME;
319
320 #define MAX_LOOKUP_SIDS 30
321
322 /* LSA_TRANS_NAME_ENUM - LSA Translated Name Enumeration container */
323 typedef struct lsa_trans_name_enum_info
324 {
325 uint32 num_entries;
326 uint32 ptr_trans_names;
327 uint32 num_entries2;
328
329 LSA_TRANS_NAME *name; /* translated names */
330 UNISTR2 *uni_name;
331
332 } LSA_TRANS_NAME_ENUM;
333
334 /* LSA_SID_ENUM - LSA SID enumeration container */
335 typedef struct lsa_sid_enum_info
336 {
337 uint32 num_entries;
338 uint32 ptr_sid_enum;
339 uint32 num_entries2;
340
341 uint32 *ptr_sid; /* domain SID pointers to be looked up. */
342 DOM_SID2 *sid; /* domain SIDs to be looked up. */
343
344 } LSA_SID_ENUM;
345
346 /* LSA_Q_LOOKUP_SIDS - LSA Lookup SIDs */
347 typedef struct lsa_q_lookup_sids
348 {
349 POLICY_HND pol; /* policy handle */
350 LSA_SID_ENUM sids;
351 LSA_TRANS_NAME_ENUM names;
352 LOOKUP_LEVEL level;
353 uint32 mapped_count;
354
355 } LSA_Q_LOOKUP_SIDS;
356
357 /* LSA_R_LOOKUP_SIDS - response to LSA Lookup SIDs */
358 typedef struct lsa_r_lookup_sids
359 {
360 uint32 ptr_dom_ref;
361 DOM_R_REF *dom_ref; /* domain reference info */
362
363 LSA_TRANS_NAME_ENUM *names;
364 uint32 mapped_count;
365
366 NTSTATUS status; /* return code */
367
368 } LSA_R_LOOKUP_SIDS;
369
370 /* LSA_Q_LOOKUP_NAMES - LSA Lookup NAMEs */
371 typedef struct lsa_q_lookup_names
372 {
373 POLICY_HND pol; /* policy handle */
374 uint32 num_entries;
375 uint32 num_entries2;
376 UNIHDR *hdr_name; /* name buffer pointers */
377 UNISTR2 *uni_name; /* names to be looked up */
378
379 uint32 num_trans_entries;
380 uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */
381 uint32 lookup_level;
382 uint32 mapped_count;
383
384 } LSA_Q_LOOKUP_NAMES;
385
386 /* LSA_R_LOOKUP_NAMES - response to LSA Lookup NAMEs by name */
387 typedef struct lsa_r_lookup_names
388 {
389 uint32 ptr_dom_ref;
390 DOM_R_REF *dom_ref; /* domain reference info */
391
392 uint32 num_entries;
393 uint32 ptr_entries;
394 uint32 num_entries2;
395 DOM_RID2 *dom_rid; /* domain RIDs being looked up */
396
397 uint32 mapped_count;
398
399 NTSTATUS status; /* return code */
400 } LSA_R_LOOKUP_NAMES;
401
402 /* This is probably a policy handle but at the moment we
403 never read it - so use a dummy struct. */
404
405 typedef struct lsa_q_open_secret
406 {
407 uint32 dummy;
408 } LSA_Q_OPEN_SECRET;
409
410 /* We always return "not found" at present - so just marshal the minimum. */
411
412 typedef struct lsa_r_open_secret
413 {
414 uint32 dummy1;
415 uint32 dummy2;
416 uint32 dummy3;
417 uint32 dummy4;
418 NTSTATUS status;
419 } LSA_R_OPEN_SECRET;
420
421 typedef struct lsa_enum_priv_entry
422 {
423 UNIHDR hdr_name;
424 uint32 luid_low;
425 uint32 luid_high;
426 UNISTR2 name;
427
428 } LSA_PRIV_ENTRY;
429
430 /* LSA_Q_ENUM_PRIVS - LSA enum privileges */
431 typedef struct lsa_q_enum_privs
432 {
433 POLICY_HND pol; /* policy handle */
434 uint32 enum_context;
435 uint32 pref_max_length;
436 } LSA_Q_ENUM_PRIVS;
437
438 typedef struct lsa_r_enum_privs
439 {
440 uint32 enum_context;
441 uint32 count;
442 uint32 ptr;
443 uint32 count1;
444
445 LSA_PRIV_ENTRY *privs;
446
447 NTSTATUS status;
448 } LSA_R_ENUM_PRIVS;
449
450 /* LSA_Q_PRIV_GET_DISPNAME - LSA get privilege display name */
451 typedef struct lsa_q_priv_get_dispname
452 {
453 POLICY_HND pol; /* policy handle */
454 UNIHDR hdr_name;
455 UNISTR2 name;
456 uint16 lang_id;
457 uint16 lang_id_sys;
458 } LSA_Q_PRIV_GET_DISPNAME;
459
460 typedef struct lsa_r_priv_get_dispname
461 {
462 uint32 ptr_info;
463 UNIHDR hdr_desc;
464 UNISTR2 desc;
465 /* Don't align ! */
466 uint16 lang_id;
467 /* align */
468 NTSTATUS status;
469 } LSA_R_PRIV_GET_DISPNAME;
470
471 /* LSA_Q_ENUM_ACCOUNTS */
472 typedef struct lsa_q_enum_accounts
473 {
474 POLICY_HND pol; /* policy handle */
475 uint32 enum_context;
476 uint32 pref_max_length;
477 } LSA_Q_ENUM_ACCOUNTS;
478
479 /* LSA_R_ENUM_ACCOUNTS */
480 typedef struct lsa_r_enum_accounts
481 {
482 uint32 enum_context;
483 LSA_SID_ENUM sids;
484 NTSTATUS status;
485 } LSA_R_ENUM_ACCOUNTS;
486
487 /* LSA_Q_UNK_GET_CONNUSER - gets username\domain of connected user
488 called when "Take Ownership" is clicked -SK */
489 typedef struct lsa_q_unk_get_connuser
490 {
491 uint32 ptr_srvname;
492 UNISTR2 uni2_srvname;
493 uint32 unk1; /* 3 unknown uint32's are seen right after uni2_srvname */
494 uint32 unk2; /* unk2 appears to be a ptr, unk1 = unk3 = 0 usually */
495 uint32 unk3;
496 } LSA_Q_UNK_GET_CONNUSER;
497
498 /* LSA_R_UNK_GET_CONNUSER */
499 typedef struct lsa_r_unk_get_connuser
500 {
501 uint32 ptr_user_name;
502 UNIHDR hdr_user_name;
503 UNISTR2 uni2_user_name;
504
505 uint32 unk1;
506
507 uint32 ptr_dom_name;
508 UNIHDR hdr_dom_name;
509 UNISTR2 uni2_dom_name;
510
511 NTSTATUS status;
512 } LSA_R_UNK_GET_CONNUSER;
513
514
515 typedef struct lsa_q_openaccount
516 {
517 POLICY_HND pol; /* policy handle */
518 DOM_SID2 sid;
519 uint32 access; /* desired access */
520 } LSA_Q_OPENACCOUNT;
521
522 typedef struct lsa_r_openaccount
523 {
524 POLICY_HND pol; /* policy handle */
525 NTSTATUS status;
526 } LSA_R_OPENACCOUNT;
527
528 typedef struct lsa_q_enumprivsaccount
529 {
530 POLICY_HND pol; /* policy handle */
531 } LSA_Q_ENUMPRIVSACCOUNT;
532
533
534 typedef struct LUID
535 {
536 uint32 low;
537 uint32 high;
538 } LUID;
539
540 typedef struct LUID_ATTR
541 {
542 LUID luid;
543 uint32 attr;
544 } LUID_ATTR ;
545
546 typedef struct privilege_set
547 {
548 uint32 count;
549 uint32 control;
550 LUID_ATTR *set;
551 } PRIVILEGE_SET;
552
553 typedef struct lsa_r_enumprivsaccount
554 {
555 uint32 ptr;
556 uint32 count;
557 PRIVILEGE_SET set;
558 NTSTATUS status;
559 } LSA_R_ENUMPRIVSACCOUNT;
560
561 typedef struct lsa_q_getsystemaccount
562 {
563 POLICY_HND pol; /* policy handle */
564 } LSA_Q_GETSYSTEMACCOUNT;
565
566 typedef struct lsa_r_getsystemaccount
567 {
568 uint32 access;
569 NTSTATUS status;
570 } LSA_R_GETSYSTEMACCOUNT;
571
572
573 #endif /* _RPC_LSA_H */
574 /*
575
576 opnum 11: opensid: query: handle du domaine, sid du user
577 reply: handle, status
578
579 opnum 12: getlistofprivs: query: handle du user
580 reply: ptr, nombre, nombre, tableau de 3 uint32: flag+priv.low+priv.high
581 uint32 0, status
582
583 opnum 17: ?? query: handle
584 reply: uint32 + status
585
586
587 */
588
589
590
Samba GIT mirror