3 much of this was derived from the ethereal sources - thanks to everyone
7 import
"lsa.idl", "samr.idl", "security.idl", "nbt.idl";
12 uuid("12345678-1234-abcd-ef00-01234567cffb"),
14 endpoint("ncacn_np:[\\pipe\\netlogon]","ncacn_ip_tcp:","ncalrpc:"),
15 pointer_default(unique)
20 typedef bitmap samr_AcctFlags samr_AcctFlags
;
21 typedef bitmap samr_GroupAttrs samr_GroupAttrs
;
27 [string,charset
(UTF16
)] uint16
*account_name
;
38 time_t pw_must_change
;
39 [string,charset
(UTF16
)] uint16
*computer
;
40 [string,charset
(UTF16
)] uint16
*domain
;
41 [string,charset
(UTF16
)] uint16
*script_path
;
45 WERROR netr_LogonUasLogon
(
46 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
47 [in] [string,charset
(UTF16
)] uint16 account_name
[],
48 [in] [string,charset
(UTF16
)] uint16 workstation
[],
49 [out,ref] netr_UasInfo
*info
61 WERROR netr_LogonUasLogoff
(
62 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
63 [in] [string,charset
(UTF16
)] uint16 account_name
[],
64 [in] [string,charset
(UTF16
)] uint16 workstation
[],
65 [out,ref] netr_UasLogoffInfo
*info
72 /* in netr_AcctLockStr size seems to be be 24, and rrenard thinks
73 that the structure of the bindata looks like this:
75 dlong lockout_duration;
77 uint32 bad_attempt_lockout;
80 but it doesn't look as though this structure is reflected at the
81 NDR level. Maybe it is left to the application to decode the bindata array.
83 typedef [public] struct {
84 dlong lockout_duration
;
86 uint32 bad_attempt_lockout
;
90 /* - MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
91 * sets the NETLOGON_SERVER_TRUST_ACCOUNT user_flag
92 * - MSV1_0_UPDATE_LOGON_STATISTICS
93 * sets the logon time on network logon
94 * - MSV1_0_RETURN_USER_PARAMETERS
95 * sets the user parameters in the driveletter
96 * - MSV1_0_RETURN_PROFILE_PATH
97 * returns the profilepath in the driveletter and
98 * sets LOGON_PROFILE_PATH_RETURNED user_flag
101 typedef [public,bitmap32bit
] bitmap
{
102 MSV1_0_CLEARTEXT_PASSWORD_ALLOWED
= 0x00000002,
103 MSV1_0_UPDATE_LOGON_STATISTICS
= 0x00000004,
104 MSV1_0_RETURN_USER_PARAMETERS
= 0x00000008,
105 MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
= 0x00000020,
106 MSV1_0_RETURN_PROFILE_PATH
= 0x00000200,
107 MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT
= 0x00000800
108 } netr_LogonParameterControl
;
111 lsa_String domain_name
;
112 netr_LogonParameterControl parameter_control
; /* see MSV1_0_* */
114 uint32 logon_id_high
;
115 lsa_String account_name
;
116 lsa_String workstation
;
120 netr_IdentityInfo identity_info
;
121 samr_Password lmpassword
;
122 samr_Password ntpassword
;
125 typedef [flag
(NDR_PAHEX
)] struct {
127 [value
(length
)] uint16 size
;
128 [size_is(length
),length_is(length
)] uint8
*data
;
129 } netr_ChallengeResponse
;
131 typedef [flag
(NDR_PAHEX
)] struct {
132 netr_IdentityInfo identity_info
;
134 netr_ChallengeResponse nt
;
135 netr_ChallengeResponse lm
;
138 typedef [public,switch_type(uint16
)] union {
139 [case(1)] netr_PasswordInfo
*password
;
140 [case(2)] netr_NetworkInfo
*network
;
141 [case(3)] netr_PasswordInfo
*password
;
142 [case(5)] netr_PasswordInfo
*password
;
143 [case(6)] netr_NetworkInfo
*network
;
146 typedef [public,flag
(NDR_PAHEX
)] struct {
148 } netr_UserSessionKey
;
150 typedef [public,flag
(NDR_PAHEX
)] struct {
154 /* Flags for user_flags below */
155 typedef [public,bitmap32bit
] bitmap
{
156 NETLOGON_GUEST
= 0x00000001,
157 NETLOGON_NOENCRYPTION
= 0x00000002,
158 NETLOGON_CACHED_ACCOUNT
= 0x00000004,
159 NETLOGON_USED_LM_PASSWORD
= 0x00000008,
160 NETLOGON_EXTRA_SIDS
= 0x00000020,
161 NETLOGON_SUBAUTH_SESSION_KEY
= 0x00000040,
162 NETLOGON_SERVER_TRUST_ACCOUNT
= 0x00000080,
163 NETLOGON_NTLMV2_ENABLED
= 0x00000100,
164 NETLOGON_RESOURCE_GROUPS
= 0x00000200,
165 NETLOGON_PROFILE_PATH_RETURNED
= 0x00000400,
166 NETLOGON_GRACE_LOGON
= 0x01000000
173 NTTIME last_password_change
;
174 NTTIME allow_password_change
;
175 NTTIME force_password_change
;
176 lsa_String account_name
;
177 lsa_String full_name
;
178 lsa_String logon_script
;
179 lsa_String profile_path
;
180 lsa_String home_directory
;
181 lsa_String home_drive
;
183 uint16 bad_password_count
;
186 samr_RidWithAttributeArray groups
;
187 netr_UserFlags user_flags
;
188 netr_UserSessionKey key
;
189 lsa_StringLarge logon_server
;
190 lsa_StringLarge domain
;
191 dom_sid2
*domain_sid
;
192 netr_LMSessionKey LMSessKey
;
193 samr_AcctFlags acct_flags
;
198 netr_SamBaseInfo base
;
203 samr_GroupAttrs attributes
;
206 typedef [public] struct {
207 netr_SamBaseInfo base
;
209 [size_is(sidcount
)] netr_SidAttr
*sids
;
213 netr_SamBaseInfo base
;
215 [size_is(sidcount
)] netr_SidAttr
*sids
;
217 lsa_String principle
;
223 [size_is(pac_size
)] uint8
*pac
;
224 lsa_String logon_domain
;
225 lsa_String logon_server
;
226 lsa_String principal_name
;
228 [size_is(auth_size
)] uint8
*auth
;
229 netr_UserSessionKey user_session_key
;
230 uint32 expansionroom
[10];
237 typedef [public,switch_type(uint16
)] union {
238 [case(2)] netr_SamInfo2
*sam2
;
239 [case(3)] netr_SamInfo3
*sam3
;
240 [case(4)] netr_PacInfo
*pac
;
241 [case(5)] netr_PacInfo
*pac
;
242 [case(6)] netr_SamInfo6
*sam6
;
245 typedef [public, flag
(NDR_PAHEX
)] struct {
249 typedef [public] struct {
250 netr_Credential cred
;
252 } netr_Authenticator
;
255 INTERACTIVE_LOGON_TYPE
= 1,
259 NTSTATUS netr_LogonSamLogon
(
260 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
261 [in,unique] [string,charset
(UTF16
)] uint16
*computer_name
,
262 [in,unique] netr_Authenticator
*credential
,
263 [in,out,unique] netr_Authenticator
*return_authenticator
,
264 [in] netr_LogonLevel logon_level
,
265 [in,ref] [switch_is(logon_level
)] netr_LogonInfo
*logon
,
266 [in] uint16 validation_level
,
267 [out,ref] [switch_is(validation_level
)] netr_Validation
*validation
,
268 [out,ref] uint8
*authoritative
275 NTSTATUS netr_LogonSamLogoff
(
276 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
277 [in,unique] [string,charset
(UTF16
)] uint16
*computer_name
,
278 [in,unique] netr_Authenticator
*credential
,
279 [in,out,unique] netr_Authenticator
*return_authenticator
,
280 [in] netr_LogonLevel logon_level
,
281 [in] [switch_is(logon_level
)] netr_LogonInfo logon
289 NTSTATUS netr_ServerReqChallenge
(
290 [in,unique,string,charset
(UTF16
)] uint16
*server_name
,
291 [in,string,charset
(UTF16
)] uint16 computer_name
[],
292 [in,ref] netr_Credential
*credentials
,
293 [out,ref] netr_Credential
*return_credentials
300 typedef enum netr_SchannelType netr_SchannelType
;
302 NTSTATUS netr_ServerAuthenticate
(
303 [in,unique,string,charset
(UTF16
)] uint16
*server_name
,
304 [in,string,charset
(UTF16
)] uint16 account_name
[],
305 [in] netr_SchannelType secure_channel_type
,
306 [in,string,charset
(UTF16
)] uint16 computer_name
[],
307 [in,ref] netr_Credential
*credentials
,
308 [out,ref] netr_Credential
*return_credentials
315 NTSTATUS netr_ServerPasswordSet
(
316 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
317 [in] [string,charset
(UTF16
)] uint16 account_name
[],
318 [in] netr_SchannelType secure_channel_type
,
319 [in] [string,charset
(UTF16
)] uint16 computer_name
[],
320 [in,ref] netr_Authenticator
*credential
,
321 [out,ref] netr_Authenticator
*return_authenticator
,
322 [in,ref] samr_Password
*new_password
329 typedef enum netr_SamDatabaseID netr_SamDatabaseID
;
332 [string,charset
(UTF16
)] uint16
*account_name
;
341 } netr_DELTA_DELETE_USER
;
345 [value
(length
)] uint16 size
;
352 [value
(nt_length
)] uint16 nt_size
;
355 [value
(lm_length
)] uint16 lm_size
;
357 uint8 nt_history
[nt_length
];
358 uint8 lm_history
[lm_length
];
359 } netr_PasswordHistory
;
362 netr_USER_KEY16 lmpassword
;
363 netr_USER_KEY16 ntpassword
;
364 netr_PasswordHistory history
;
367 typedef struct { /* TODO: make this a union! */
368 netr_USER_KEYS2 keys2
;
369 } netr_USER_KEY_UNION
;
371 typedef [public] struct {
373 netr_USER_KEY_UNION keys
;
377 boolean8 SensitiveDataFlag
;
380 /* netr_USER_KEYS encrypted with the session key */
381 [size_is(DataLength
)][flag
(NDR_PAHEX
)] uint8
*SensitiveData
;
382 } netr_USER_PRIVATE_INFO
;
385 lsa_String account_name
;
386 lsa_String full_name
;
389 lsa_String home_directory
;
390 lsa_String home_drive
;
391 lsa_String logon_script
;
392 lsa_String description
;
393 lsa_String workstations
;
396 samr_LogonHours logon_hours
;
397 uint16 bad_password_count
;
399 NTTIME last_password_change
;
401 samr_AcctFlags acct_flags
;
402 samr_Password lmpassword
;
403 samr_Password ntpassword
;
404 boolean8 nt_password_present
;
405 boolean8 lm_password_present
;
406 boolean8 password_expired
;
408 lsa_String parameters
;
411 netr_USER_PRIVATE_INFO user_private_info
;
412 uint32 SecurityInformation
;
414 lsa_String profile_path
;
425 lsa_String domain_name
;
427 dlong force_logoff_time
;
428 uint16 min_password_length
;
429 uint16 password_history_length
;
430 /* yes, these are signed. They are in negative 100ns */
431 dlong max_password_age
;
432 dlong min_password_age
;
434 NTTIME domain_create_time
;
435 uint32 SecurityInformation
;
437 lsa_BinaryString account_lockout
;
441 uint32 logon_to_chgpass
;
448 lsa_String group_name
;
451 lsa_String description
;
452 uint32 SecurityInformation
;
478 [size_is(num_rids
)] uint32
*rids
;
479 [size_is(num_rids
)] uint32
*attribs
;
485 } netr_DELTA_GROUP_MEMBER
;
488 lsa_String alias_name
;
490 uint32 SecurityInformation
;
492 lsa_String description
;
508 } netr_DELTA_ALIAS_MEMBER
;
511 uint32 pagedpoollimit
;
512 uint32 nonpagedpoollimit
;
513 uint32 minimumworkingsetsize
;
514 uint32 maximumworkingsetsize
;
515 uint32 pagefilelimit
;
521 NTTIME auditretentionperiod
;
522 boolean8 auditingmode
;
523 uint32 maxauditeventcount
;
524 [size_is(maxauditeventcount
+1)] uint32
*eventauditoptions
;
525 lsa_String primary_domain_name
;
527 netr_QUOTA_LIMITS quota_limits
;
529 NTTIME db_create_time
;
530 uint32 SecurityInformation
;
543 lsa_String domain_name
;
544 uint32 num_controllers
;
545 [size_is(num_controllers
)] lsa_String
*controller_names
;
546 uint32 SecurityInformation
;
556 } netr_DELTA_TRUSTED_DOMAIN
;
560 } netr_DELTA_DELETE_TRUST
;
563 uint32 privilege_entries
;
564 uint32 privilege_control
;
565 [size_is(privilege_entries
)] uint32
*privilege_attrib
;
566 [size_is(privilege_entries
)] lsa_String
*privilege_name
;
567 netr_QUOTA_LIMITS quotalimits
;
569 uint32 SecurityInformation
;
579 } netr_DELTA_ACCOUNT
;
583 } netr_DELTA_DELETE_ACCOUNT
;
587 } netr_DELTA_DELETE_SECRET
;
592 [size_is(maxlen
)][length_is(len
)] uint8
*cipher_data
;
596 netr_CIPHER_VALUE current_cipher
;
597 NTTIME current_cipher_set_time
;
598 netr_CIPHER_VALUE old_cipher
;
599 NTTIME old_cipher_set_time
;
600 uint32 SecurityInformation
;
613 NETR_DELTA_DOMAIN
= 1,
614 NETR_DELTA_GROUP
= 2,
615 NETR_DELTA_DELETE_GROUP
= 3,
616 NETR_DELTA_RENAME_GROUP
= 4,
618 NETR_DELTA_DELETE_USER
= 6,
619 NETR_DELTA_RENAME_USER
= 7,
620 NETR_DELTA_GROUP_MEMBER
= 8,
621 NETR_DELTA_ALIAS
= 9,
622 NETR_DELTA_DELETE_ALIAS
= 10,
623 NETR_DELTA_RENAME_ALIAS
= 11,
624 NETR_DELTA_ALIAS_MEMBER
= 12,
625 NETR_DELTA_POLICY
= 13,
626 NETR_DELTA_TRUSTED_DOMAIN
= 14,
627 NETR_DELTA_DELETE_TRUST
= 15,
628 NETR_DELTA_ACCOUNT
= 16,
629 NETR_DELTA_DELETE_ACCOUNT
= 17,
630 NETR_DELTA_SECRET
= 18,
631 NETR_DELTA_DELETE_SECRET
= 19,
632 NETR_DELTA_DELETE_GROUP2
= 20,
633 NETR_DELTA_DELETE_USER2
= 21,
634 NETR_DELTA_MODIFY_COUNT
= 22
637 typedef [switch_type(netr_DeltaEnum
)] union {
638 [case(NETR_DELTA_DOMAIN
)] netr_DELTA_DOMAIN
*domain
;
639 [case(NETR_DELTA_GROUP
)] netr_DELTA_GROUP
*group
;
640 [case(NETR_DELTA_DELETE_GROUP
)] ; /* rid only */
641 [case(NETR_DELTA_RENAME_GROUP
)] netr_DELTA_RENAME
*rename_group
;
642 [case(NETR_DELTA_USER
)] netr_DELTA_USER
*user
;
643 [case(NETR_DELTA_DELETE_USER
)] ; /* rid only */
644 [case(NETR_DELTA_RENAME_USER
)] netr_DELTA_RENAME
*rename_user
;
645 [case(NETR_DELTA_GROUP_MEMBER
)] netr_DELTA_GROUP_MEMBER
*group_member
;
646 [case(NETR_DELTA_ALIAS
)] netr_DELTA_ALIAS
*alias
;
647 [case(NETR_DELTA_DELETE_ALIAS
)] ; /* rid only */
648 [case(NETR_DELTA_RENAME_ALIAS
)] netr_DELTA_RENAME
*rename_alias
;
649 [case(NETR_DELTA_ALIAS_MEMBER
)] netr_DELTA_ALIAS_MEMBER
*alias_member
;
650 [case(NETR_DELTA_POLICY
)] netr_DELTA_POLICY
*policy
;
651 [case(NETR_DELTA_TRUSTED_DOMAIN
)] netr_DELTA_TRUSTED_DOMAIN
*trusted_domain
;
652 [case(NETR_DELTA_DELETE_TRUST
)] netr_DELTA_DELETE_TRUST delete_trust
;
653 [case(NETR_DELTA_ACCOUNT
)] netr_DELTA_ACCOUNT
*account
;
654 [case(NETR_DELTA_DELETE_ACCOUNT
)] netr_DELTA_DELETE_ACCOUNT delete_account
;
655 [case(NETR_DELTA_SECRET
)] netr_DELTA_SECRET
*secret
;
656 [case(NETR_DELTA_DELETE_SECRET
)] netr_DELTA_DELETE_SECRET delete_secret
;
657 [case(NETR_DELTA_DELETE_GROUP2
)] netr_DELTA_DELETE_USER
*delete_group
;
658 [case(NETR_DELTA_DELETE_USER2
)] netr_DELTA_DELETE_USER
*delete_user
;
659 [case(NETR_DELTA_MODIFY_COUNT
)] udlong
*modified_count
;
662 typedef [switch_type(netr_DeltaEnum
)] union {
663 [case(NETR_DELTA_DOMAIN
)] uint32 rid
;
664 [case(NETR_DELTA_GROUP
)] uint32 rid
;
665 [case(NETR_DELTA_DELETE_GROUP
)] uint32 rid
;
666 [case(NETR_DELTA_RENAME_GROUP
)] uint32 rid
;
667 [case(NETR_DELTA_USER
)] uint32 rid
;
668 [case(NETR_DELTA_DELETE_USER
)] uint32 rid
;
669 [case(NETR_DELTA_RENAME_USER
)] uint32 rid
;
670 [case(NETR_DELTA_GROUP_MEMBER
)] uint32 rid
;
671 [case(NETR_DELTA_ALIAS
)] uint32 rid
;
672 [case(NETR_DELTA_DELETE_ALIAS
)] uint32 rid
;
673 [case(NETR_DELTA_RENAME_ALIAS
)] uint32 rid
;
674 [case(NETR_DELTA_ALIAS_MEMBER
)] uint32 rid
;
675 [case(NETR_DELTA_POLICY
)] dom_sid2
*sid
;
676 [case(NETR_DELTA_TRUSTED_DOMAIN
)] dom_sid2
*sid
;
677 [case(NETR_DELTA_DELETE_TRUST
)] dom_sid2
*sid
;
678 [case(NETR_DELTA_ACCOUNT
)] dom_sid2
*sid
;
679 [case(NETR_DELTA_DELETE_ACCOUNT
)] dom_sid2
*sid
;
680 [case(NETR_DELTA_SECRET
)] [string,charset
(UTF16
)] uint16
*name
;
681 [case(NETR_DELTA_DELETE_SECRET
)] [string,charset
(UTF16
)] uint16
*name
;
682 [case(NETR_DELTA_DELETE_GROUP2
)] uint32 rid
;
683 [case(NETR_DELTA_DELETE_USER2
)] uint32 rid
;
684 [case(NETR_DELTA_MODIFY_COUNT
)] ;
685 } netr_DELTA_ID_UNION
;
688 netr_DeltaEnum delta_type
;
689 [switch_is(delta_type
)] netr_DELTA_ID_UNION delta_id_union
;
690 [switch_is(delta_type
)] netr_DELTA_UNION delta_union
;
695 [size_is(num_deltas
)] netr_DELTA_ENUM
*delta_enum
;
696 } netr_DELTA_ENUM_ARRAY
;
699 NTSTATUS netr_DatabaseDeltas
(
700 [in] [string,charset
(UTF16
)] uint16 logon_server
[],
701 [in] [string,charset
(UTF16
)] uint16 computername
[],
702 [in,ref] netr_Authenticator
*credential
,
703 [in,out,ref] netr_Authenticator
*return_authenticator
,
704 [in] netr_SamDatabaseID database_id
,
705 [in,out,ref] udlong
*sequence_num
,
706 [out,ref] netr_DELTA_ENUM_ARRAY
**delta_enum_array
,
707 [in] uint32 preferredmaximumlength
714 NTSTATUS netr_DatabaseSync
(
715 [in] [string,charset
(UTF16
)] uint16 logon_server
[],
716 [in] [string,charset
(UTF16
)] uint16 computername
[],
717 [in] netr_Authenticator credential
,
718 [in,out,ref] netr_Authenticator
*return_authenticator
,
719 [in] netr_SamDatabaseID database_id
,
720 [in,out,ref] uint32
*sync_context
,
721 [in] uint32 preferredmaximumlength
,
722 [out,ref] netr_DELTA_ENUM_ARRAY
*delta_enum_array
729 /* w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this call */
731 typedef [flag
(NDR_PAHEX
)] struct {
732 uint8 computer_name
[16];
734 uint32 serial_number
;
738 [flag
(NDR_REMAINING
)] DATA_BLOB blob
;
739 } netr_AccountBuffer
;
741 NTSTATUS netr_AccountDeltas
(
742 [in,unique] [string,charset
(UTF16
)] uint16
*logon_server
,
743 [in] [string,charset
(UTF16
)] uint16 computername
[],
744 [in] netr_Authenticator credential
,
745 [in,out,ref] netr_Authenticator
*return_authenticator
,
746 [in] netr_UAS_INFO_0 uas
,
749 [in] uint32 buffersize
,
750 [out,ref,subcontext
(4)] netr_AccountBuffer
*buffer
,
751 [out,ref] uint32
*count_returned
,
752 [out,ref] uint32
*total_entries
,
753 [out,ref] netr_UAS_INFO_0
*recordid
760 NTSTATUS netr_AccountSync
(
761 [in,unique] [string,charset
(UTF16
)] uint16
*logon_server
,
762 [in] [string,charset
(UTF16
)] uint16 computername
[],
763 [in] netr_Authenticator credential
,
764 [in,out,ref] netr_Authenticator
*return_authenticator
,
765 [in] uint32 reference
,
767 [in] uint32 buffersize
,
768 [out,ref,subcontext
(4)] netr_AccountBuffer
*buffer
,
769 [out,ref] uint32
*count_returned
,
770 [out,ref] uint32
*total_entries
,
771 [out,ref] uint32
*next_reference
,
772 [in,out,ref] netr_UAS_INFO_0
*recordid
779 WERROR netr_GetDcName
(
780 [in] [string,charset
(UTF16
)] uint16 logon_server
[],
781 [in,unique] [string,charset
(UTF16
)] uint16
*domainname
,
782 [out,ref] [string,charset
(UTF16
)] uint16
**dcname
788 typedef [bitmap32bit
] bitmap
{
789 NETLOGON_CTRL_REPL_NEEDED
= 0x0001,
790 NETLOGON_CTRL_REPL_IN_PROGRESS
= 0x0002,
791 NETLOGON_CTRL_REPL_FULL_SYNC
= 0x0004
795 netr_InfoFlags flags
;
796 uint32 pdc_connection_status
;
797 } netr_NETLOGON_INFO_1
;
800 netr_InfoFlags flags
;
801 uint32 pdc_connection_status
;
802 [string,charset
(UTF16
)] uint16
*trusted_dc_name
;
803 uint32 tc_connection_status
;
804 } netr_NETLOGON_INFO_2
;
807 netr_InfoFlags flags
;
808 uint32 logon_attempts
;
814 } netr_NETLOGON_INFO_3
;
817 [case(1)] netr_NETLOGON_INFO_1
*info1
;
818 [case(2)] netr_NETLOGON_INFO_2
*info2
;
819 [case(3)] netr_NETLOGON_INFO_3
*info3
;
820 } netr_CONTROL_QUERY_INFORMATION
;
822 /* function_code values */
823 typedef [v1_enum] enum {
824 NETLOGON_CONTROL_SYNC
= 2,
825 NETLOGON_CONTROL_REDISCOVER
= 5,
826 NETLOGON_CONTROL_TC_QUERY
= 6,
827 NETLOGON_CONTROL_TRANSPORT_NOTIFY
= 7,
828 NETLOGON_CONTROL_SET_DBFLAG
= 65534
829 } netr_LogonControlCode
;
831 WERROR netr_LogonControl
(
832 [in,unique] [string,charset
(UTF16
)] uint16
*logon_server
,
833 [in] netr_LogonControlCode function_code
,
835 [out,ref,switch_is(level
)] netr_CONTROL_QUERY_INFORMATION
*info
842 WERROR netr_GetAnyDCName
(
843 [in,unique] [string,charset
(UTF16
)] uint16
*logon_server
,
844 [in,unique] [string,charset
(UTF16
)] uint16
*domainname
,
845 [out,ref] [string,charset
(UTF16
)] uint16
**dcname
853 [case(NETLOGON_CONTROL_REDISCOVER
)] [string,charset
(UTF16
)] uint16
*domain
;
854 [case(NETLOGON_CONTROL_TC_QUERY
)] [string,charset
(UTF16
)] uint16
*domain
;
855 [case(NETLOGON_CONTROL_TRANSPORT_NOTIFY
)] [string,charset
(UTF16
)] uint16
*domain
;
856 [case(NETLOGON_CONTROL_SET_DBFLAG
)] uint32 debug_level
;
857 } netr_CONTROL_DATA_INFORMATION
;
859 WERROR netr_LogonControl2
(
860 [in,unique] [string,charset
(UTF16
)] uint16
*logon_server
,
861 [in] netr_LogonControlCode function_code
,
863 [in,ref][switch_is(function_code
)] netr_CONTROL_DATA_INFORMATION
*data
,
864 [out,ref][switch_is(level
)] netr_CONTROL_QUERY_INFORMATION
*query
868 /* If NETLOGON_NEG_ARCFOUR flag is not set, then the passwords and LM
869 * session keys are encrypted with DES calls. (And the user session key
875 typedef [bitmap32bit
] bitmap
{
876 NETLOGON_NEG_ACCOUNT_LOCKOUT
= 0x00000001,
877 NETLOGON_NEG_PERSISTENT_SAMREPL
= 0x00000002,
878 NETLOGON_NEG_ARCFOUR
= 0x00000004,
879 NETLOGON_NEG_PROMOTION_COUNT
= 0x00000008,
880 NETLOGON_NEG_CHANGELOG_BDC
= 0x00000010,
881 NETLOGON_NEG_FULL_SYNC_REPL
= 0x00000020,
882 NETLOGON_NEG_MULTIPLE_SIDS
= 0x00000040,
883 NETLOGON_NEG_REDO
= 0x00000080,
884 NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL
= 0x00000100,
885 NETLOGON_NEG_SEND_PASSWORD_INFO_PDC
= 0x00000200,
886 NETLOGON_NEG_GENERIC_PASSTHROUGH
= 0x00000400,
887 NETLOGON_NEG_CONCURRENT_RPC
= 0x00000800,
888 NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL
= 0x00001000,
889 NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL
= 0x00002000,
890 NETLOGON_NEG_128BIT
= 0x00004000, /* STRONG_KEYS */
891 NETLOGON_NEG_TRANSITIVE_TRUSTS
= 0x00008000,
892 NETLOGON_NEG_DNS_DOMAIN_TRUSTS
= 0x00010000,
893 NETLOGON_NEG_PASSWORD_SET2
= 0x00020000,
894 NETLOGON_NEG_GETDOMAININFO
= 0x00040000,
895 NETLOGON_NEG_CROSS_FOREST_TRUSTS
= 0x00080000,
896 NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION
= 0x00100000,
897 NETLOGON_NEG_RODC_PASSTHROUGH
= 0x00200000,
898 NETLOGON_NEG_AUTHENTICATED_RPC_LSASS
= 0x20000000,
899 NETLOGON_NEG_SCHANNEL
= 0x40000000 /* AUTHENTICATED_RPC */
900 } netr_NegotiateFlags
;
902 NTSTATUS netr_ServerAuthenticate2
(
903 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
904 [in] [string,charset
(UTF16
)] uint16 account_name
[],
905 [in] netr_SchannelType secure_channel_type
,
906 [in] [string,charset
(UTF16
)] uint16 computer_name
[],
907 [in,ref] netr_Credential
*credentials
,
908 [out,ref] netr_Credential
*return_credentials
,
909 [in,out,ref] netr_NegotiateFlags
*negotiate_flags
916 NTSTATUS netr_DatabaseSync2
(
917 [in] [string,charset
(UTF16
)] uint16 logon_server
[],
918 [in] [string,charset
(UTF16
)] uint16 computername
[],
919 [in] netr_Authenticator
*credential
,
920 [in,out,ref] netr_Authenticator
*return_authenticator
,
921 [in] netr_SamDatabaseID database_id
,
922 [in] uint16 restart_state
,
923 [in,out,ref] uint32
*sync_context
,
924 [out,ref] netr_DELTA_ENUM_ARRAY
**delta_enum_array
,
925 [in] uint32 preferredmaximumlength
932 /* i'm not at all sure how this call works */
934 NTSTATUS netr_DatabaseRedo
(
935 [in] [string,charset
(UTF16
)] uint16 logon_server
[],
936 [in] [string,charset
(UTF16
)] uint16 computername
[],
937 [in] netr_Authenticator credential
,
938 [in,out,ref] netr_Authenticator
*return_authenticator
,
939 [in,unique][size_is(change_log_entry_size
)] uint8
*change_log_entry
,
940 [in] uint32 change_log_entry_size
,
941 [out,ref] netr_DELTA_ENUM_ARRAY
*delta_enum_array
948 WERROR netr_LogonControl2Ex
(
949 [in,unique] [string,charset
(UTF16
)] uint16
*logon_server
,
950 [in] uint32 function_code
,
952 [in][switch_is(function_code
)] netr_CONTROL_DATA_INFORMATION data
,
953 [out,ref][switch_is(level
)] netr_CONTROL_QUERY_INFORMATION
*query
960 [size_is(length
)] uint8
*data
;
963 WERROR netr_NetrEnumerateTrustedDomains
(
964 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
965 [out,ref] netr_Blob
*trusted_domains_blob
971 /* one unkown bit still: DS_IP_VERSION_AGNOSTIC - gd*/
973 const int DSGETDC_VALID_FLAGS
= (DS_FORCE_REDISCOVERY |
974 DS_DIRECTORY_SERVICE_REQUIRED |
975 DS_DIRECTORY_SERVICE_PREFERRED |
976 DS_GC_SERVER_REQUIRED |
981 DS_TIMESERV_REQUIRED |
982 DS_WRITABLE_REQUIRED |
983 DS_GOOD_TIMESERV_PREFERRED |
985 DS_ONLY_LDAP_NEEDED |
988 DS_RETURN_FLAT_NAME |
991 typedef [bitmap32bit
] bitmap
{
992 DS_FORCE_REDISCOVERY
= 0x00000001,
993 DS_DIRECTORY_SERVICE_REQUIRED
= 0x00000010,
994 DS_DIRECTORY_SERVICE_PREFERRED
= 0x00000020,
995 DS_GC_SERVER_REQUIRED
= 0x00000040,
996 DS_PDC_REQUIRED
= 0x00000080,
997 DS_BACKGROUND_ONLY
= 0x00000100,
998 DS_IP_REQUIRED
= 0x00000200,
999 DS_KDC_REQUIRED
= 0x00000400,
1000 DS_TIMESERV_REQUIRED
= 0x00000800,
1001 DS_WRITABLE_REQUIRED
= 0x00001000,
1002 DS_GOOD_TIMESERV_PREFERRED
= 0x00002000,
1003 DS_AVOID_SELF
= 0x00004000,
1004 DS_ONLY_LDAP_NEEDED
= 0x00008000,
1005 DS_IS_FLAT_NAME
= 0x00010000,
1006 DS_IS_DNS_NAME
= 0x00020000,
1007 DS_TRY_NEXTCLOSEST_SITE
= 0x00040000,
1008 DS_DIRECTORY_SERVICE_6_REQUIRED
= 0x00080000,
1009 DS_RETURN_DNS_NAME
= 0x40000000,
1010 DS_RETURN_FLAT_NAME
= 0x80000000
1011 } netr_DsRGetDCName_flags
;
1013 typedef [v1_enum] enum {
1014 DS_ADDRESS_TYPE_INET
= 1,
1015 DS_ADDRESS_TYPE_NETBIOS
= 2
1016 } netr_DsRGetDCNameInfo_AddressType
;
1018 typedef [bitmap32bit
] bitmap
{
1019 DS_SERVER_PDC
= NBT_SERVER_PDC
,
1020 DS_SERVER_GC
= NBT_SERVER_GC
,
1021 DS_SERVER_LDAP
= NBT_SERVER_LDAP
,
1022 DS_SERVER_DS
= NBT_SERVER_DS
,
1023 DS_SERVER_KDC
= NBT_SERVER_KDC
,
1024 DS_SERVER_TIMESERV
= NBT_SERVER_TIMESERV
,
1025 DS_SERVER_CLOSEST
= NBT_SERVER_CLOSEST
,
1026 DS_SERVER_WRITABLE
= NBT_SERVER_WRITABLE
,
1027 DS_SERVER_GOOD_TIMESERV
= NBT_SERVER_GOOD_TIMESERV
,
1028 DS_SERVER_NDNC
= NBT_SERVER_NDNC
,
1029 DS_SERVER_SELECT_SECRET_DOMAIN_6
= NBT_SERVER_SELECT_SECRET_DOMAIN_6
,
1030 DS_SERVER_FULL_SECRET_DOMAIN_6
= NBT_SERVER_FULL_SECRET_DOMAIN_6
,
1031 DS_DNS_CONTROLLER
= 0x20000000,
1032 DS_DNS_DOMAIN
= 0x40000000,
1033 DS_DNS_FOREST
= 0x80000000
1036 typedef [public] struct {
1037 [string,charset
(UTF16
)] uint16
*dc_unc
;
1038 [string,charset
(UTF16
)] uint16
*dc_address
;
1039 netr_DsRGetDCNameInfo_AddressType dc_address_type
;
1041 [string,charset
(UTF16
)] uint16
*domain_name
;
1042 [string,charset
(UTF16
)] uint16
*forest_name
;
1043 netr_DsR_DcFlags dc_flags
;
1044 [string,charset
(UTF16
)] uint16
*dc_site_name
;
1045 [string,charset
(UTF16
)] uint16
*client_site_name
;
1046 } netr_DsRGetDCNameInfo
;
1048 WERROR netr_DsRGetDCName
(
1049 [in,unique] [string,charset
(UTF16
)] uint16
*server_unc
,
1050 [in,unique] [string,charset
(UTF16
)] uint16
*domain_name
,
1051 [in,unique] GUID
*domain_guid
,
1052 [in,unique] GUID
*site_guid
,
1053 [in] netr_DsRGetDCName_flags flags
,
1054 [out,ref] netr_DsRGetDCNameInfo
**info
1059 WERROR netr_NETRLOGONDUMMYROUTINE1
();
1063 WERROR netr_NETRLOGONSETSERVICEBITS
();
1067 WERROR netr_LogonGetTrustRid
(
1068 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1069 [in,unique] [string,charset
(UTF16
)] uint16
*domain_name
,
1070 [out,ref] uint32
*rid
1075 WERROR netr_NETRLOGONCOMPUTESERVERDIGEST
();
1079 WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST
();
1083 NTSTATUS netr_ServerAuthenticate3
(
1084 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1085 [in] [string,charset
(UTF16
)] uint16 account_name
[],
1086 [in] netr_SchannelType secure_channel_type
,
1087 [in] [string,charset
(UTF16
)] uint16 computer_name
[],
1088 [in,out,ref] netr_Credential
*credentials
,
1089 [in,out,ref] netr_NegotiateFlags
*negotiate_flags
,
1090 [out,ref] uint32
*rid
1096 WERROR netr_DsRGetDCNameEx
(
1097 [in,unique] [string,charset
(UTF16
)] uint16
*server_unc
,
1098 [in,unique] [string,charset
(UTF16
)] uint16
*domain_name
,
1099 [in,unique] GUID
*domain_guid
,
1100 [in,unique] [string,charset
(UTF16
)] uint16
*site_name
,
1101 [in] netr_DsRGetDCName_flags flags
,
1102 [out,ref] netr_DsRGetDCNameInfo
**info
1107 WERROR netr_DsRGetSiteName
(
1108 [in,unique] [string,charset
(UTF16
)] uint16
*computer_name
,
1109 [out,ref] [string,charset
(UTF16
)] uint16
**site
1115 typedef [flag
(NDR_PAHEX
)] struct {
1118 [size_is(size
/2),length_is(length
/2)] uint16
*data
;
1119 } netr_BinaryString
;
1123 [string,charset
(UTF16
)] uint16
*workstation_domain
;
1124 [string,charset
(UTF16
)] uint16
*workstation_site
;
1125 [string,charset
(UTF16
)] uint16
*unknown1
;
1126 [string,charset
(UTF16
)] uint16
*unknown2
;
1127 [string,charset
(UTF16
)] uint16
*unknown3
;
1128 [string,charset
(UTF16
)] uint16
*unknown4
;
1129 netr_BinaryString blob2
;
1131 lsa_String unknown5
;
1132 lsa_String unknown6
;
1134 } netr_DomainQuery1
;
1137 [case(1)] netr_DomainQuery1
*query1
;
1138 [case(2)] netr_DomainQuery1
*query1
;
1142 lsa_String domainname
;
1143 lsa_String fulldomainname
;
1147 netr_BinaryString unknown1
[4];
1149 } netr_DomainTrustInfo
;
1152 netr_DomainTrustInfo domaininfo
;
1154 [size_is(num_trusts
)] netr_DomainTrustInfo
*trusts
;
1155 uint32 unknown
[14]; /* room for expansion? */
1159 [case(1)] netr_DomainInfo1
*info1
;
1160 [case(2)] netr_DomainInfo1
*info1
;
1163 NTSTATUS netr_LogonGetDomainInfo
(
1164 [in] [string,charset
(UTF16
)] uint16 server_name
[],
1165 [in,unique] [string,charset
(UTF16
)] uint16
*computer_name
,
1166 [in,ref] netr_Authenticator
*credential
,
1167 [in,out,ref] netr_Authenticator
*return_authenticator
,
1169 [in,switch_is(level
)] netr_DomainQuery query
,
1170 [out,ref,switch_is(level
)] netr_DomainInfo
*info
1173 typedef [flag
(NDR_PAHEX
)] struct {
1176 } netr_CryptPassword
;
1180 NTSTATUS netr_ServerPasswordSet2
(
1181 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1182 [in] [string,charset
(UTF16
)] uint16 account_name
[],
1183 [in] netr_SchannelType secure_channel_type
,
1184 [in] [string,charset
(UTF16
)] uint16 computer_name
[],
1185 [in] netr_Authenticator credential
,
1186 [in] netr_CryptPassword new_password
,
1187 [out,ref] netr_Authenticator
*return_authenticator
1192 WERROR netr_ServerPasswordGet
(
1193 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1194 [in] [string,charset
(UTF16
)] uint16 account_name
[],
1195 [in] netr_SchannelType secure_channel_type
,
1196 [in] [string,charset
(UTF16
)] uint16 computer_name
[],
1197 [in,ref] netr_Authenticator
*credential
,
1198 [out,ref] netr_Authenticator
*return_authenticator
,
1199 [out,ref] samr_Password
*password
1204 WERROR netr_NETRLOGONSENDTOSAM
();
1210 [size_is(count
)] lsa_String
*sitename
;
1211 } netr_DsRAddressToSitenamesWCtr
;
1214 [size_is(size
)] uint8
*buffer
;
1218 WERROR netr_DsRAddressToSitenamesW
(
1219 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1220 [in] [range(0,32000)] uint32 count
,
1221 [in] [size_is(count
)] [ref] netr_DsRAddress
*addresses
,
1222 [out] [ref] netr_DsRAddressToSitenamesWCtr
**ctr
1227 WERROR netr_DsRGetDCNameEx2
(
1228 [in,unique] [string,charset
(UTF16
)] uint16
*server_unc
,
1229 [in,unique] [string,charset
(UTF16
)] uint16
*client_account
,
1230 [in] samr_AcctFlags mask
,
1231 [in,unique] [string,charset
(UTF16
)] uint16
*domain_name
,
1232 [in,unique] GUID
*domain_guid
,
1233 [in,unique] [string,charset
(UTF16
)] uint16
*site_name
,
1234 [in] netr_DsRGetDCName_flags flags
,
1235 [out,ref] netr_DsRGetDCNameInfo
**info
1240 WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN
();
1244 typedef [bitmap32bit
] bitmap
{
1245 NETR_TRUST_FLAG_IN_FOREST
= 0x00000001,
1246 NETR_TRUST_FLAG_OUTBOUND
= 0x00000002,
1247 NETR_TRUST_FLAG_TREEROOT
= 0x00000004,
1248 NETR_TRUST_FLAG_PRIMARY
= 0x00000008,
1249 NETR_TRUST_FLAG_NATIVE
= 0x00000010,
1250 NETR_TRUST_FLAG_INBOUND
= 0x00000020
1253 typedef [v1_enum] enum {
1254 NETR_TRUST_TYPE_DOWNLEVEL
= 1,
1255 NETR_TRUST_TYPE_UPLEVEL
= 2,
1256 NETR_TRUST_TYPE_MIT
= 3,
1257 NETR_TRUST_TYPE_DCE
= 4
1260 typedef [bitmap32bit
] bitmap
{
1261 NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE
= 0x00000001,
1262 NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY
= 0x00000002,
1263 NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
= 0x00000004,
1264 NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
= 0x00000008,
1265 NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
= 0x00000010,
1266 NETR_TRUST_ATTRIBUTE_WITHIN_FOREST
= 0x00000020,
1267 NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
= 0x00000040
1268 } netr_TrustAttributes
;
1271 [string,charset
(UTF16
)] uint16
*netbios_name
;
1272 [string,charset
(UTF16
)] uint16
*dns_name
;
1273 netr_TrustFlags trust_flags
;
1274 uint32 parent_index
;
1275 netr_TrustType trust_type
;
1276 netr_TrustAttributes trust_attributes
;
1283 [size_is(count
)] netr_DomainTrust
*array
;
1284 } netr_DomainTrustList
;
1286 WERROR netr_NetrEnumerateTrustedDomainsEx
(
1287 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1288 [out,ref] netr_DomainTrustList
*dom_trust_list
1295 [size_is(count
)] lsa_String
*sitename
;
1296 [size_is(count
)] lsa_String
*subnetname
;
1297 } netr_DsRAddressToSitenamesExWCtr
;
1299 WERROR netr_DsRAddressToSitenamesExW
(
1300 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1301 [in] [range(0,32000)] uint32 count
,
1302 [in] [size_is(count
)] [ref] netr_DsRAddress
*addresses
,
1303 [out] [ref] netr_DsRAddressToSitenamesExWCtr
**ctr
1311 [size_is(num_sites
)] [unique] lsa_String
*sites
;
1314 WERROR netr_DsrGetDcSiteCoverageW
(
1315 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1316 [out,ref] DcSitesCtr
*ctr
1321 NTSTATUS netr_LogonSamLogonEx
(
1322 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1323 [in,unique] [string,charset
(UTF16
)] uint16
*computer_name
,
1324 [in] netr_LogonLevel logon_level
,
1325 [in,ref] [switch_is(logon_level
)] netr_LogonInfo
*logon
,
1326 [in] uint16 validation_level
,
1327 [out,ref] [switch_is(validation_level
)] netr_Validation
*validation
,
1328 [out,ref] uint8
*authoritative
,
1329 [in,out,ref] uint32
*flags
1335 WERROR netr_DsrEnumerateDomainTrusts
(
1336 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1337 [in] netr_TrustFlags trust_flags
,
1338 [out,ref] netr_DomainTrustList
*trusts
1344 WERROR netr_DsrDeregisterDNSHostRecords
(
1345 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1346 [in,unique] [string,charset
(UTF16
)] uint16
*domain
,
1347 [in,unique] GUID
*domain_guid
,
1348 [in,unique] GUID
*dsa_guid
,
1349 [in,ref] [string,charset
(UTF16
)] uint16
*dns_host
1354 NTSTATUS netr_ServerTrustPasswordsGet
(
1355 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1356 [in] [string,charset
(UTF16
)] uint16 account_name
[],
1357 [in] netr_SchannelType secure_channel_type
,
1358 [in] [string,charset
(UTF16
)] uint16 computer_name
[],
1359 [in,ref] netr_Authenticator
*credential
,
1360 [out,ref] netr_Authenticator
*return_authenticator
,
1361 [out,ref] samr_Password
*password
,
1362 [out,ref] samr_Password
*password2
1368 const int DS_GFTI_UPDATE_TDO
= 0x1;
1370 WERROR netr_DsRGetForestTrustInformation
(
1371 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1372 [in,unique] [string,charset
(UTF16
)] uint16
*trusted_domain_name
,
1374 [out,ref] lsa_ForestTrustInformation
**forest_trust_info
1379 WERROR netr_GetForestTrustInformation
(
1380 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1381 [in,ref] [string,charset
(UTF16
)] uint16
*trusted_domain_name
,
1382 [in,ref] netr_Authenticator
*credential
,
1383 [out,ref] netr_Authenticator
*return_authenticator
,
1385 [out,ref] lsa_ForestTrustInformation
**forest_trust_info
1391 /* this is the ADS varient. I don't yet know what the "flags" are for */
1392 NTSTATUS netr_LogonSamLogonWithFlags
(
1393 [in,unique] [string,charset
(UTF16
)] uint16
*server_name
,
1394 [in,unique] [string,charset
(UTF16
)] uint16
*computer_name
,
1395 [in,unique] netr_Authenticator
*credential
,
1396 [in,out,unique] netr_Authenticator
*return_authenticator
,
1397 [in] netr_LogonLevel logon_level
,
1398 [in] [switch_is(logon_level
)] netr_LogonInfo logon
,
1399 [in] uint16 validation_level
,
1400 [out,ref] [switch_is(validation_level
)] netr_Validation
*validation
,
1401 [out,ref] uint8
*authoritative
,
1402 [in,out,ref] uint32
*flags
1407 WERROR netr_NETRSERVERGETTRUSTINFO
();