search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix IDL for lsa_LookupPrivDisplayName (based on samba3 code).
[Samba.git] / source / librpc / idl / lsa.idl
blob7cacd644d7a8d166d0d9839ecc1c08b77c78f30a
1 #include "idl_types.h"
2
3 /*
4 lsa interface definition
5 */
6
7 import "security.idl";
8
9 [ uuid("12345778-1234-abcd-ef00-0123456789ab"),
10 version(0.0),
11 endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\netlogon]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"),
12 pointer_default(unique),
13 helpstring("Local Security Authority")
14 ] interface lsarpc
15 {
16 typedef bitmap security_secinfo security_secinfo;
17
18 typedef [public,noejs] struct {
19 [value(2*strlen_m(string))] uint16 length;
20 [value(2*strlen_m(string))] uint16 size;
21 [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string;
22 } lsa_String;
23
24 typedef [public] struct {
25 [value(2*strlen_m(string))] uint16 length;
26 [value(2*(strlen_m(string)+1))] uint16 size;
27 [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string;
28 } lsa_StringLarge;
29
30 typedef [public] struct {
31 uint32 count;
32 [size_is(count)] lsa_String *names;
33 } lsa_Strings;
34
35 typedef [public] struct {
36 [value(strlen_m(string))] uint16 length;
37 [value(strlen_m(string))] uint16 size;
38 ascstr_noterm *string;
39 } lsa_AsciiString;
40
41 /******************/
42 /* Function: 0x00 */
43 NTSTATUS lsa_Close (
44 [in,out] policy_handle *handle
45 );
46
47
48 /******************/
49 /* Function: 0x01 */
50 [public] NTSTATUS lsa_Delete (
51 [in] policy_handle *handle
52 );
53
54
55 /******************/
56 /* Function: 0x02 */
57 typedef struct {
58 uint32 low;
59 uint32 high;
60 } lsa_LUID;
61
62 typedef struct {
63 lsa_StringLarge name;
64 lsa_LUID luid;
65 } lsa_PrivEntry;
66
67 typedef struct {
68 uint32 count;
69 [size_is(count)] lsa_PrivEntry *privs;
70 } lsa_PrivArray;
71
72 [public] NTSTATUS lsa_EnumPrivs (
73 [in] policy_handle *handle,
74 [in,out,ref] uint32 *resume_handle,
75 [out,ref] lsa_PrivArray *privs,
76 [in] uint32 max_count
77 );
78
79 /******************/
80 /* Function: 0x03 */
81
82 NTSTATUS lsa_QuerySecurity (
83 [in] policy_handle *handle,
84 [in] security_secinfo sec_info,
85 [out,ref] sec_desc_buf **sdbuf
86 );
87
88
89 /******************/
90 /* Function: 0x04 */
91 NTSTATUS lsa_SetSecObj(
92 [in] policy_handle *handle,
93 [in] security_secinfo sec_info,
94 [in,ref] sec_desc_buf *sdbuf
95 );
96
97 /******************/
98 /* Function: 0x05 */
99 NTSTATUS lsa_ChangePassword ();
100
101
102 /******************/
103 /* Function: 0x06 */
104 typedef struct {
105 uint32 len; /* ignored */
106 uint16 impersonation_level;
107 uint8 context_mode;
108 uint8 effective_only;
109 } lsa_QosInfo;
110
111 typedef struct {
112 uint32 len; /* ignored */
113 uint8 *root_dir;
114 [string,charset(UTF16)] uint16 *object_name;
115 uint32 attributes;
116 security_descriptor *sec_desc;
117 lsa_QosInfo *sec_qos;
118 } lsa_ObjectAttribute;
119
120 /* notice the screwup with the system_name - thats why MS created
121 OpenPolicy2 */
122 [public] NTSTATUS lsa_OpenPolicy (
123 [in,unique] uint16 *system_name,
124 [in] lsa_ObjectAttribute *attr,
125 [in] uint32 access_mask,
126 [out] policy_handle *handle
127 );
128
129
130
131 /******************/
132 /* Function: 0x07 */
133
134 typedef struct {
135 uint32 percent_full;
136 uint32 log_size;
137 NTTIME retention_time;
138 uint8 shutdown_in_progress;
139 NTTIME time_to_shutdown;
140 uint32 next_audit_record;
141 uint32 unknown;
142 } lsa_AuditLogInfo;
143
144 typedef [v1_enum] enum {
145 LSA_AUDIT_POLICY_NONE=0,
146 LSA_AUDIT_POLICY_SUCCESS=1,
147 LSA_AUDIT_POLICY_FAILURE=2,
148 LSA_AUDIT_POLICY_ALL=(LSA_AUDIT_POLICY_SUCCESS|LSA_AUDIT_POLICY_FAILURE),
149 LSA_AUDIT_POLICY_CLEAR=4
150 } lsa_PolicyAuditPolicy;
151
152 typedef enum {
153 LSA_AUDIT_CATEGORY_SYSTEM = 0,
154 LSA_AUDIT_CATEGORY_LOGON = 1,
155 LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS = 2,
156 LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS = 3,
157 LSA_AUDIT_CATEGORY_PROCCESS_TRACKING = 4,
158 LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES = 5,
159 LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT = 6,
160 LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS = 7, /* only in win2k/2k3 */
161 LSA_AUDIT_CATEGORY_ACCOUNT_LOGON = 8 /* only in win2k/2k3 */
162 } lsa_PolicyAuditEventType;
163
164 typedef struct {
165 uint32 auditing_mode;
166 [size_is(count)] lsa_PolicyAuditPolicy *settings;
167 uint32 count;
168 } lsa_AuditEventsInfo;
169
170 typedef struct {
171 lsa_StringLarge name;
172 dom_sid2 *sid;
173 } lsa_DomainInfo;
174
175 typedef struct {
176 lsa_String name;
177 } lsa_PDAccountInfo;
178
179 typedef struct {
180 uint16 unknown; /* an midl padding bug? */
181 uint16 role;
182 } lsa_ServerRole;
183
184 typedef struct {
185 lsa_String source;
186 lsa_String account;
187 } lsa_ReplicaSourceInfo;
188
189 typedef struct {
190 uint32 paged_pool;
191 uint32 non_paged_pool;
192 uint32 min_wss;
193 uint32 max_wss;
194 uint32 pagefile;
195 hyper unknown;
196 } lsa_DefaultQuotaInfo;
197
198 typedef struct {
199 hyper modified_id;
200 NTTIME db_create_time;
201 } lsa_ModificationInfo;
202
203 typedef struct {
204 uint8 shutdown_on_full;
205 } lsa_AuditFullSetInfo;
206
207 typedef struct {
208 uint16 unknown; /* an midl padding bug? */
209 uint8 shutdown_on_full;
210 uint8 log_is_full;
211 } lsa_AuditFullQueryInfo;
212
213 typedef struct {
214 /* it's important that we use the lsa_StringLarge here,
215 * because otherwise windows clients result with such dns hostnames
216 * e.g. w2k3-client.samba4.samba.orgsamba4.samba.org
217 * where it should be
218 * w2k3-client.samba4.samba.org
219 */
220 lsa_StringLarge name;
221 lsa_StringLarge dns_domain;
222 lsa_StringLarge dns_forest;
223 GUID domain_guid;
224 dom_sid2 *sid;
225 } lsa_DnsDomainInfo;
226
227 typedef enum {
228 LSA_POLICY_INFO_AUDIT_LOG=1,
229 LSA_POLICY_INFO_AUDIT_EVENTS=2,
230 LSA_POLICY_INFO_DOMAIN=3,
231 LSA_POLICY_INFO_PD=4,
232 LSA_POLICY_INFO_ACCOUNT_DOMAIN=5,
233 LSA_POLICY_INFO_ROLE=6,
234 LSA_POLICY_INFO_REPLICA=7,
235 LSA_POLICY_INFO_QUOTA=8,
236 LSA_POLICY_INFO_DB=9,
237 LSA_POLICY_INFO_AUDIT_FULL_SET=10,
238 LSA_POLICY_INFO_AUDIT_FULL_QUERY=11,
239 LSA_POLICY_INFO_DNS=12
240 } lsa_PolicyInfo;
241
242 typedef [switch_type(uint16)] union {
243 [case(LSA_POLICY_INFO_AUDIT_LOG)] lsa_AuditLogInfo audit_log;
244 [case(LSA_POLICY_INFO_AUDIT_EVENTS)] lsa_AuditEventsInfo audit_events;
245 [case(LSA_POLICY_INFO_DOMAIN)] lsa_DomainInfo domain;
246 [case(LSA_POLICY_INFO_PD)] lsa_PDAccountInfo pd;
247 [case(LSA_POLICY_INFO_ACCOUNT_DOMAIN)] lsa_DomainInfo account_domain;
248 [case(LSA_POLICY_INFO_ROLE)] lsa_ServerRole role;
249 [case(LSA_POLICY_INFO_REPLICA)] lsa_ReplicaSourceInfo replica;
250 [case(LSA_POLICY_INFO_QUOTA)] lsa_DefaultQuotaInfo quota;
251 [case(LSA_POLICY_INFO_DB)] lsa_ModificationInfo db;
252 [case(LSA_POLICY_INFO_AUDIT_FULL_SET)] lsa_AuditFullSetInfo auditfullset;
253 [case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery;
254 [case(LSA_POLICY_INFO_DNS)] lsa_DnsDomainInfo dns;
255 } lsa_PolicyInformation;
256
257 NTSTATUS lsa_QueryInfoPolicy(
258 [in] policy_handle *handle,
259 [in] lsa_PolicyInfo level,
260 [out,ref,switch_is(level)] lsa_PolicyInformation **info
261 );
262
263 /******************/
264 /* Function: 0x08 */
265 NTSTATUS lsa_SetInfoPolicy (
266 [in] policy_handle *handle,
267 [in] lsa_PolicyInfo level,
268 [in,switch_is(level)] lsa_PolicyInformation *info
269 );
270
271 /******************/
272 /* Function: 0x09 */
273 NTSTATUS lsa_ClearAuditLog ();
274
275 /******************/
276 /* Function: 0x0a */
277 [public] NTSTATUS lsa_CreateAccount (
278 [in] policy_handle *handle,
279 [in,ref] dom_sid2 *sid,
280 [in] uint32 access_mask,
281 [out] policy_handle *acct_handle
282 );
283
284 /******************/
285 /* NOTE: This only returns accounts that have at least
286 one privilege set
287 */
288 /* Function: 0x0b */
289 typedef struct {
290 dom_sid2 *sid;
291 } lsa_SidPtr;
292
293 typedef [public] struct {
294 [range(0,1000)] uint32 num_sids;
295 [size_is(num_sids)] lsa_SidPtr *sids;
296 } lsa_SidArray;
297
298 [public] NTSTATUS lsa_EnumAccounts (
299 [in] policy_handle *handle,
300 [in,out] uint32 *resume_handle,
301 [in,range(0,8192)] uint32 num_entries,
302 [out] lsa_SidArray *sids
303 );
304
305
306 /*************************************************/
307 /* Function: 0x0c */
308
309 [public] NTSTATUS lsa_CreateTrustedDomain(
310 [in] policy_handle *handle,
311 [in] lsa_DomainInfo *info,
312 [in] uint32 access_mask,
313 [out] policy_handle *trustdom_handle
314 );
315
316
317 /******************/
318 /* Function: 0x0d */
319
320 /* w2k3 treats max_size as max_domains*60 */
321 const int LSA_ENUM_TRUST_DOMAIN_MULTIPLIER = 60;
322
323 typedef struct {
324 uint32 count;
325 [size_is(count)] lsa_DomainInfo *domains;
326 } lsa_DomainList;
327
328 NTSTATUS lsa_EnumTrustDom (
329 [in] policy_handle *handle,
330 [in,out] uint32 *resume_handle,
331 [in] uint32 max_size,
332 [out] lsa_DomainList *domains
333 );
334
335
336 /******************/
337 /* Function: 0x0e */
338 typedef enum {
339 SID_NAME_USE_NONE = 0,/* NOTUSED */
340 SID_NAME_USER = 1, /* user */
341 SID_NAME_DOM_GRP = 2, /* domain group */
342 SID_NAME_DOMAIN = 3, /* domain: don't know what this is */
343 SID_NAME_ALIAS = 4, /* local group */
344 SID_NAME_WKN_GRP = 5, /* well-known group */
345 SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
346 SID_NAME_INVALID = 7, /* invalid account */
347 SID_NAME_UNKNOWN = 8, /* oops. */
348 SID_NAME_COMPUTER = 9 /* machine */
349 } lsa_SidType;
350
351 typedef struct {
352 lsa_SidType sid_type;
353 uint32 rid;
354 uint32 sid_index;
355 } lsa_TranslatedSid;
356
357 typedef struct {
358 [range(0,1000)] uint32 count;
359 [size_is(count)] lsa_TranslatedSid *sids;
360 } lsa_TransSidArray;
361
362 const int LSA_REF_DOMAIN_LIST_MULTIPLIER = 32;
363 typedef struct {
364 [range(0,1000)] uint32 count;
365 [size_is(count)] lsa_DomainInfo *domains;
366 uint32 max_size;
367 } lsa_RefDomainList;
368
369 /* Level 1: Ask everywhere
370 * Level 2: Ask domain and trusted domains, no builtin and wkn
371 * Level 3: Only ask domain
372 * Level 4: W2k3ad: Only ask AD trusts
373 * Level 5: Only ask transitive forest trusts
374 * Level 6: Like 4
375 */
376
377 typedef enum {
378 LSA_LOOKUP_NAMES_ALL = 1,
379 LSA_LOOKUP_NAMES_DOMAINS_ONLY = 2,
380 LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY = 3,
381 LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY = 4,
382 LSA_LOOKUP_NAMES_FOREST_TRUSTS_ONLY = 5,
383 LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6
384 } lsa_LookupNamesLevel;
385
386 [public] NTSTATUS lsa_LookupNames (
387 [in] policy_handle *handle,
388 [in,range(0,1000)] uint32 num_names,
389 [in,size_is(num_names)] lsa_String names[],
390 [out,unique] lsa_RefDomainList *domains,
391 [in,out] lsa_TransSidArray *sids,
392 [in] lsa_LookupNamesLevel level,
393 [in,out] uint32 *count
394 );
395
396
397 /******************/
398 /* Function: 0x0f */
399
400 typedef struct {
401 lsa_SidType sid_type;
402 lsa_String name;
403 uint32 sid_index;
404 } lsa_TranslatedName;
405
406 typedef struct {
407 [range(0,1000)] uint32 count;
408 [size_is(count)] lsa_TranslatedName *names;
409 } lsa_TransNameArray;
410
411 [public] NTSTATUS lsa_LookupSids (
412 [in] policy_handle *handle,
413 [in] lsa_SidArray *sids,
414 [out,unique] lsa_RefDomainList *domains,
415 [in,out] lsa_TransNameArray *names,
416 [in] uint16 level,
417 [in,out] uint32 *count
418 );
419
420
421 /* Function: 0x10 */
422 [public] NTSTATUS lsa_CreateSecret(
423 [in] policy_handle *handle,
424 [in] lsa_String name,
425 [in] uint32 access_mask,
426 [out] policy_handle *sec_handle
427 );
428
429
430 /*****************************************/
431 /* Function: 0x11 */
432 NTSTATUS lsa_OpenAccount(
433 [in] policy_handle *handle,
434 [in,ref] dom_sid2 *sid,
435 [in] uint32 access_mask,
436 [out] policy_handle *acct_handle
437 );
438
439
440 /****************************************/
441 /* Function: 0x12 */
442
443 typedef struct {
444 lsa_LUID luid;
445 uint32 attribute;
446 } lsa_LUIDAttribute;
447
448 typedef struct {
449 [range(0,1000)] uint32 count;
450 uint32 unknown;
451 [size_is(count)] lsa_LUIDAttribute set[*];
452 } lsa_PrivilegeSet;
453
454 NTSTATUS lsa_EnumPrivsAccount (
455 [in] policy_handle *handle,
456 [out,unique] lsa_PrivilegeSet *privs
457 );
458
459
460 /****************************************/
461 /* Function: 0x13 */
462 NTSTATUS lsa_AddPrivilegesToAccount(
463 [in] policy_handle *handle,
464 [in] lsa_PrivilegeSet *privs
465 );
466
467
468 /****************************************/
469 /* Function: 0x14 */
470 NTSTATUS lsa_RemovePrivilegesFromAccount(
471 [in] policy_handle *handle,
472 [in] uint8 remove_all,
473 [in,unique] lsa_PrivilegeSet *privs
474 );
475
476 /* Function: 0x15 */
477 NTSTATUS lsa_GetQuotasForAccount();
478
479 /* Function: 0x16 */
480 NTSTATUS lsa_SetQuotasForAccount();
481
482 /* Function: 0x17 */
483 NTSTATUS lsa_GetSystemAccessAccount(
484 [in] policy_handle *handle,
485 [out,ref] uint32 *access_mask
486 );
487
488 /* Function: 0x18 */
489 NTSTATUS lsa_SetSystemAccessAccount(
490 [in] policy_handle *handle,
491 [in] uint32 access_mask
492 );
493
494 /* Function: 0x19 */
495 NTSTATUS lsa_OpenTrustedDomain(
496 [in] policy_handle *handle,
497 [in] dom_sid2 *sid,
498 [in] uint32 access_mask,
499 [out] policy_handle *trustdom_handle
500 );
501
502 typedef [flag(NDR_PAHEX)] struct {
503 uint32 length;
504 uint32 size;
505 [size_is(size),length_is(length)] uint8 *data;
506 } lsa_DATA_BUF;
507
508 typedef [flag(NDR_PAHEX)] struct {
509 [range(0,65536)] uint32 size;
510 [size_is(size)] uint8 *data;
511 } lsa_DATA_BUF2;
512
513 typedef enum {
514 LSA_TRUSTED_DOMAIN_INFO_NAME = 1,
515 LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO = 2,
516 LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3,
517 LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4,
518 LSA_TRUSTED_DOMAIN_INFO_BASIC = 5,
519 LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6,
520 LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7,
521 LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8,
522 LSA_TRUSTED_DOMAIN_INFO_11 = 11,
523 LSA_TRUSTED_DOMAIN_INFO_INFO_ALL = 12
524 } lsa_TrustDomInfoEnum;
525
526 typedef struct {
527 lsa_StringLarge netbios_name;
528 } lsa_TrustDomainInfoName;
529
530 typedef struct {
531 uint32 posix_offset;
532 } lsa_TrustDomainInfoPosixOffset;
533
534 typedef struct {
535 lsa_DATA_BUF *password;
536 lsa_DATA_BUF *old_password;
537 } lsa_TrustDomainInfoPassword;
538
539 typedef struct {
540 lsa_String netbios_name;
541 dom_sid2 *sid;
542 } lsa_TrustDomainInfoBasic;
543
544 typedef struct {
545 lsa_StringLarge domain_name;
546 lsa_StringLarge netbios_name;
547 dom_sid2 *sid;
548 uint32 trust_direction;
549 uint32 trust_type;
550 uint32 trust_attributes;
551 } lsa_TrustDomainInfoInfoEx;
552
553 typedef struct {
554 NTTIME_hyper last_update_time;
555 uint32 secret_type;
556 lsa_DATA_BUF2 data;
557 } lsa_TrustDomainInfoBuffer;
558
559 typedef struct {
560 uint32 incoming_count;
561 lsa_TrustDomainInfoBuffer *incoming_current_auth_info;
562 lsa_TrustDomainInfoBuffer *incoming_previous_auth_info;
563 uint32 outgoing_count;
564 lsa_TrustDomainInfoBuffer *outgoing_current_auth_info;
565 lsa_TrustDomainInfoBuffer *outgoing_previous_auth_info;
566 } lsa_TrustDomainInfoAuthInfo;
567
568 typedef struct {
569 lsa_TrustDomainInfoInfoEx info_ex;
570 lsa_TrustDomainInfoPosixOffset posix_offset;
571 lsa_TrustDomainInfoAuthInfo auth_info;
572 } lsa_TrustDomainInfoFullInfo;
573
574 typedef struct {
575 lsa_TrustDomainInfoInfoEx info_ex;
576 lsa_DATA_BUF2 data1;
577 } lsa_TrustDomainInfo11;
578
579 typedef struct {
580 lsa_TrustDomainInfoInfoEx info_ex;
581 lsa_DATA_BUF2 data1;
582 lsa_TrustDomainInfoPosixOffset posix_offset;
583 lsa_TrustDomainInfoAuthInfo auth_info;
584 } lsa_TrustDomainInfoInfoAll;
585
586 typedef [switch_type(lsa_TrustDomInfoEnum)] union {
587 [case(LSA_TRUSTED_DOMAIN_INFO_NAME)] lsa_TrustDomainInfoName name;
588 [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] lsa_TrustDomainInfoPosixOffset posix_offset;
589 [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)] lsa_TrustDomainInfoPassword password;
590 [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)] lsa_TrustDomainInfoBasic info_basic;
591 [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)] lsa_TrustDomainInfoInfoEx info_ex;
592 [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)] lsa_TrustDomainInfoAuthInfo auth_info;
593 [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)] lsa_TrustDomainInfoFullInfo full_info;
594 [case(LSA_TRUSTED_DOMAIN_INFO_11)] lsa_TrustDomainInfo11 info11;
595 [case(LSA_TRUSTED_DOMAIN_INFO_INFO_ALL)] lsa_TrustDomainInfoInfoAll info_all;
596 } lsa_TrustedDomainInfo;
597
598 /* Function: 0x1a */
599 NTSTATUS lsa_QueryTrustedDomainInfo(
600 [in] policy_handle *trustdom_handle,
601 [in] lsa_TrustDomInfoEnum level,
602 [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
603 );
604
605 /* Function: 0x1b */
606 NTSTATUS lsa_SetInformationTrustedDomain();
607
608 /* Function: 0x1c */
609 [public] NTSTATUS lsa_OpenSecret(
610 [in] policy_handle *handle,
611 [in] lsa_String name,
612 [in] uint32 access_mask,
613 [out] policy_handle *sec_handle
614 );
615
616 /* Function: 0x1d */
617
618 [public] NTSTATUS lsa_SetSecret(
619 [in] policy_handle *sec_handle,
620 [in,unique] lsa_DATA_BUF *new_val,
621 [in,unique] lsa_DATA_BUF *old_val
622 );
623
624 typedef struct {
625 lsa_DATA_BUF *buf;
626 } lsa_DATA_BUF_PTR;
627
628 /* Function: 0x1e */
629 [public] NTSTATUS lsa_QuerySecret (
630 [in] policy_handle *sec_handle,
631 [in,out,unique] lsa_DATA_BUF_PTR *new_val,
632 [in,out,unique] NTTIME_hyper *new_mtime,
633 [in,out,unique] lsa_DATA_BUF_PTR *old_val,
634 [in,out,unique] NTTIME_hyper *old_mtime
635 );
636
637 /* Function: 0x1f */
638 NTSTATUS lsa_LookupPrivValue(
639 [in] policy_handle *handle,
640 [in] lsa_String *name,
641 [out] lsa_LUID *luid
642 );
643
644
645 /* Function: 0x20 */
646 NTSTATUS lsa_LookupPrivName (
647 [in] policy_handle *handle,
648 [in] lsa_LUID *luid,
649 [out,unique] lsa_StringLarge *name
650 );
651
652
653 /*******************/
654 /* Function: 0x21 */
655 NTSTATUS lsa_LookupPrivDisplayName (
656 [in] policy_handle *handle,
657 [in,ref] lsa_String *name,
658 [in] uint16 language_id,
659 [in] uint16 language_id_sys,
660 [out,ref] lsa_StringLarge **disp_name,
661 /* see http://www.microsoft.com/globaldev/nlsweb/ for
662 language definitions */
663 [out,ref] uint16 *returned_language_id
664 );
665
666 /* Function: 0x22 */
667 NTSTATUS lsa_DeleteObject(
668 [in,out] policy_handle *handle
669 );
670
671 /*******************/
672 /* Function: 0x23 */
673 NTSTATUS lsa_EnumAccountsWithUserRight (
674 [in] policy_handle *handle,
675 [in,unique] lsa_String *name,
676 [out] lsa_SidArray *sids
677 );
678
679 /* Function: 0x24 */
680 typedef struct {
681 [string,charset(UTF16)] uint16 *name;
682 } lsa_RightAttribute;
683
684 typedef struct {
685 uint32 count;
686 [size_is(count)] lsa_StringLarge *names;
687 } lsa_RightSet;
688
689 NTSTATUS lsa_EnumAccountRights (
690 [in] policy_handle *handle,
691 [in] dom_sid2 *sid,
692 [out] lsa_RightSet *rights
693 );
694
695
696 /**********************/
697 /* Function: 0x25 */
698 NTSTATUS lsa_AddAccountRights (
699 [in] policy_handle *handle,
700 [in] dom_sid2 *sid,
701 [in] lsa_RightSet *rights
702 );
703
704 /**********************/
705 /* Function: 0x26 */
706 NTSTATUS lsa_RemoveAccountRights (
707 [in] policy_handle *handle,
708 [in] dom_sid2 *sid,
709 [in] uint32 unknown,
710 [in] lsa_RightSet *rights
711 );
712
713 /* Function: 0x27 */
714 NTSTATUS lsa_QueryTrustedDomainInfoBySid(
715 [in] policy_handle *handle,
716 [in] dom_sid2 *dom_sid,
717 [in] lsa_TrustDomInfoEnum level,
718 [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
719 );
720
721 /* Function: 0x28 */
722 NTSTATUS lsa_SetTrustedDomainInfo();
723 /* Function: 0x29 */
724 NTSTATUS lsa_DeleteTrustedDomain(
725 [in] policy_handle *handle,
726 [in] dom_sid2 *dom_sid
727 );
728
729 /* Function: 0x2a */
730 NTSTATUS lsa_StorePrivateData();
731 /* Function: 0x2b */
732 NTSTATUS lsa_RetrievePrivateData();
733
734
735 /**********************/
736 /* Function: 0x2c */
737 [public] NTSTATUS lsa_OpenPolicy2 (
738 [in,unique] [string,charset(UTF16)] uint16 *system_name,
739 [in] lsa_ObjectAttribute *attr,
740 [in] uint32 access_mask,
741 [out] policy_handle *handle
742 );
743
744 /**********************/
745 /* Function: 0x2d */
746 typedef struct {
747 lsa_String *string;
748 } lsa_StringPointer;
749
750 NTSTATUS lsa_GetUserName(
751 [in,unique] [string,charset(UTF16)] uint16 *system_name,
752 [in,out,unique] lsa_String *account_name,
753 [in,out,unique] lsa_StringPointer *authority_name
754 );
755
756 /**********************/
757 /* Function: 0x2e */
758
759 NTSTATUS lsa_QueryInfoPolicy2(
760 [in] policy_handle *handle,
761 [in] lsa_PolicyInfo level,
762 [out,ref,switch_is(level)] lsa_PolicyInformation **info
763 );
764
765 /* Function 0x2f */
766 NTSTATUS lsa_SetInfoPolicy2(
767 [in] policy_handle *handle,
768 [in] lsa_PolicyInfo level,
769 [in,switch_is(level)] lsa_PolicyInformation *info
770 );
771
772 /**********************/
773 /* Function 0x30 */
774 NTSTATUS lsa_QueryTrustedDomainInfoByName(
775 [in] policy_handle *handle,
776 [in,ref] lsa_String *trusted_domain,
777 [in] lsa_TrustDomInfoEnum level,
778 [out,ref,switch_is(level)] lsa_TrustedDomainInfo *info
779 );
780
781 /**********************/
782 /* Function 0x31 */
783 NTSTATUS lsa_SetTrustedDomainInfoByName(
784 [in] policy_handle *handle,
785 [in] lsa_String trusted_domain,
786 [in] lsa_TrustDomInfoEnum level,
787 [in,unique,switch_is(level)] lsa_TrustedDomainInfo *info
788 );
789
790 /* Function 0x32 */
791
792 /* w2k3 treats max_size as max_domains*82 */
793 const int LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER = 82;
794
795 typedef struct {
796 uint32 count;
797 [size_is(count)] lsa_TrustDomainInfoInfoEx *domains;
798 } lsa_DomainListEx;
799
800 NTSTATUS lsa_EnumTrustedDomainsEx (
801 [in] policy_handle *handle,
802 [in,out] uint32 *resume_handle,
803 [out] lsa_DomainListEx *domains,
804 [in] uint32 max_size
805 );
806
807
808 /* Function 0x33 */
809 NTSTATUS lsa_CreateTrustedDomainEx();
810
811 /* Function 0x34 */
812 NTSTATUS lsa_CloseTrustedDomainEx(
813 [in,out] policy_handle *handle
814 );
815
816 /* Function 0x35 */
817
818 /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000
819 for unknown6 - gd */
820 typedef struct {
821 uint32 enforce_restrictions;
822 hyper service_tkt_lifetime;
823 hyper user_tkt_lifetime;
824 hyper user_tkt_renewaltime;
825 hyper clock_skew;
826 hyper unknown6;
827 } lsa_DomainInfoKerberos;
828
829 typedef struct {
830 uint32 blob_size;
831 [size_is(blob_size)] uint8 *efs_blob;
832 } lsa_DomainInfoEfs;
833
834 typedef enum {
835 LSA_DOMAIN_INFO_POLICY_EFS=2,
836 LSA_DOMAIN_INFO_POLICY_KERBEROS=3
837 } lsa_DomainInfoEnum;
838
839 typedef [switch_type(uint16)] union {
840 [case(LSA_DOMAIN_INFO_POLICY_EFS)] lsa_DomainInfoEfs efs_info;
841 [case(LSA_DOMAIN_INFO_POLICY_KERBEROS)] lsa_DomainInfoKerberos kerberos_info;
842 } lsa_DomainInformationPolicy;
843
844 NTSTATUS lsa_QueryDomainInformationPolicy(
845 [in] policy_handle *handle,
846 [in] uint16 level,
847 [out,unique,switch_is(level)] lsa_DomainInformationPolicy *info
848 );
849
850 /* Function 0x36 */
851 NTSTATUS lsa_SetDomainInformationPolicy(
852 [in] policy_handle *handle,
853 [in] uint16 level,
854 [in,unique,switch_is(level)] lsa_DomainInformationPolicy *info
855 );
856
857 /**********************/
858 /* Function 0x37 */
859 NTSTATUS lsa_OpenTrustedDomainByName(
860 [in] policy_handle *handle,
861 [in] lsa_String name,
862 [in] uint32 access_mask,
863 [out] policy_handle *trustdom_handle
864 );
865
866 /* Function 0x38 */
867 NTSTATUS lsa_TestCall();
868
869 /**********************/
870 /* Function 0x39 */
871
872 typedef struct {
873 lsa_SidType sid_type;
874 lsa_String name;
875 uint32 sid_index;
876 uint32 unknown;
877 } lsa_TranslatedName2;
878
879 typedef struct {
880 [range(0,1000)] uint32 count;
881 [size_is(count)] lsa_TranslatedName2 *names;
882 } lsa_TransNameArray2;
883
884 [public] NTSTATUS lsa_LookupSids2(
885 [in] policy_handle *handle,
886 [in] lsa_SidArray *sids,
887 [out,unique] lsa_RefDomainList *domains,
888 [in,out] lsa_TransNameArray2 *names,
889 [in] uint16 level,
890 [in,out] uint32 *count,
891 [in] uint32 unknown1,
892 [in] uint32 unknown2
893 );
894
895 /**********************/
896 /* Function 0x3a */
897
898 typedef struct {
899 lsa_SidType sid_type;
900 uint32 rid;
901 uint32 sid_index;
902 uint32 unknown;
903 } lsa_TranslatedSid2;
904
905 typedef struct {
906 [range(0,1000)] uint32 count;
907 [size_is(count)] lsa_TranslatedSid2 *sids;
908 } lsa_TransSidArray2;
909
910 [public] NTSTATUS lsa_LookupNames2 (
911 [in] policy_handle *handle,
912 [in,range(0,1000)] uint32 num_names,
913 [in,size_is(num_names)] lsa_String names[],
914 [out,unique] lsa_RefDomainList *domains,
915 [in,out] lsa_TransSidArray2 *sids,
916 [in] lsa_LookupNamesLevel level,
917 [in,out] uint32 *count,
918 [in] uint32 unknown1,
919 [in] uint32 unknown2
920 );
921
922 /* Function 0x3b */
923 NTSTATUS lsa_CreateTrustedDomainEx2();
924
925 /* Function 0x3c */
926 NTSTATUS lsa_CREDRWRITE();
927
928 /* Function 0x3d */
929 NTSTATUS lsa_CREDRREAD();
930
931 /* Function 0x3e */
932 NTSTATUS lsa_CREDRENUMERATE();
933
934 /* Function 0x3f */
935 NTSTATUS lsa_CREDRWRITEDOMAINCREDENTIALS();
936
937 /* Function 0x40 */
938 NTSTATUS lsa_CREDRREADDOMAINCREDENTIALS();
939
940 /* Function 0x41 */
941 NTSTATUS lsa_CREDRDELETE();
942
943 /* Function 0x42 */
944 NTSTATUS lsa_CREDRGETTARGETINFO();
945
946 /* Function 0x43 */
947 NTSTATUS lsa_CREDRPROFILELOADED();
948
949 /**********************/
950 /* Function 0x44 */
951 typedef struct {
952 lsa_SidType sid_type;
953 dom_sid2 *sid;
954 uint32 sid_index;
955 uint32 unknown;
956 } lsa_TranslatedSid3;
957
958 typedef struct {
959 [range(0,1000)] uint32 count;
960 [size_is(count)] lsa_TranslatedSid3 *sids;
961 } lsa_TransSidArray3;
962
963 [public] NTSTATUS lsa_LookupNames3 (
964 [in] policy_handle *handle,
965 [in,range(0,1000)] uint32 num_names,
966 [in,size_is(num_names)] lsa_String names[],
967 [out,unique] lsa_RefDomainList *domains,
968 [in,out] lsa_TransSidArray3 *sids,
969 [in] lsa_LookupNamesLevel level,
970 [in,out] uint32 *count,
971 [in] uint32 unknown1,
972 [in] uint32 unknown2
973 );
974
975 /* Function 0x45 */
976 NTSTATUS lsa_CREDRGETSESSIONTYPES();
977
978 /* Function 0x46 */
979 NTSTATUS lsa_LSARREGISTERAUDITEVENT();
980
981 /* Function 0x47 */
982 NTSTATUS lsa_LSARGENAUDITEVENT();
983
984 /* Function 0x48 */
985 NTSTATUS lsa_LSARUNREGISTERAUDITEVENT();
986
987 /* Function 0x49 */
988 typedef struct {
989 [range(0,131072)] uint32 length;
990 [size_is(length)] uint8 *data;
991 } lsa_ForestTrustBinaryData;
992
993 typedef struct {
994 dom_sid2 *domain_sid;
995 lsa_StringLarge dns_domain_name;
996 lsa_StringLarge netbios_domain_name;
997 } lsa_ForestTrustDomainInfo;
998
999 typedef [switch_type(uint32)] union {
1000 [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_String top_level_name;
1001 [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex;
1002 [case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info;
1003 [default] lsa_ForestTrustBinaryData data;
1004 } lsa_ForestTrustData;
1005
1006 typedef [v1_enum] enum {
1007 LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0,
1008 LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1,
1009 LSA_FOREST_TRUST_DOMAIN_INFO = 2,
1010 LSA_FOREST_TRUST_RECORD_TYPE_LAST = 3
1011 } lsa_ForestTrustRecordType;
1012
1013 typedef struct {
1014 uint32 flags;
1015 lsa_ForestTrustRecordType level;
1016 hyper unknown;
1017 [switch_is(level)] lsa_ForestTrustData forest_trust_data;
1018 } lsa_ForestTrustRecord;
1019
1020 typedef [public] struct {
1021 [range(0,4000)] uint32 count;
1022 [size_is(count)] lsa_ForestTrustRecord **entries;
1023 } lsa_ForestTrustInformation;
1024
1025 NTSTATUS lsa_lsaRQueryForestTrustInformation(
1026 [in] policy_handle *handle,
1027 [in,ref] lsa_String *trusted_domain_name,
1028 [in] uint16 unknown, /* level ? */
1029 [out,ref] lsa_ForestTrustInformation **forest_trust_info
1030 );
1031
1032 /* Function 0x4a */
1033 NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION();
1034
1035 /* Function 0x4b */
1036 NTSTATUS lsa_CREDRRENAME();
1037
1038 /*****************/
1039 /* Function 0x4c */
1040
1041 [public] NTSTATUS lsa_LookupSids3(
1042 [in] lsa_SidArray *sids,
1043 [out,unique] lsa_RefDomainList *domains,
1044 [in,out] lsa_TransNameArray2 *names,
1045 [in] uint16 level,
1046 [in,out] uint32 *count,
1047 [in] uint32 unknown1,
1048 [in] uint32 unknown2
1049 );
1050
1051 /* Function 0x4d */
1052 NTSTATUS lsa_LookupNames4(
1053 [in,range(0,1000)] uint32 num_names,
1054 [in,size_is(num_names)] lsa_String names[],
1055 [out,unique] lsa_RefDomainList *domains,
1056 [in,out] lsa_TransSidArray3 *sids,
1057 [in] lsa_LookupNamesLevel level,
1058 [in,out] uint32 *count,
1059 [in] uint32 unknown1,
1060 [in] uint32 unknown2
1061 );
1062
1063 /* Function 0x4e */
1064 NTSTATUS lsa_LSAROPENPOLICYSCE();
1065
1066 /* Function 0x4f */
1067 NTSTATUS lsa_LSARADTREGISTERSECURITYEVENTSOURCE();
1068
1069 /* Function 0x50 */
1070 NTSTATUS lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE();
1071
1072 /* Function 0x51 */
1073 NTSTATUS lsa_LSARADTREPORTSECURITYEVENT();
1074
1075 }
Samba GIT mirror