search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r21662: More samr tests
[Samba.git] / source / librpc / idl / samr.idl
blobd731b3d9d1983d79ce796329f144f09e281c9dd0
1 #include "idl_types.h"
2
3 /*
4 samr interface definition
5 */
6 import "misc.idl", "lsa.idl", "security.idl";
7
8 /*
9 Thanks to Todd Sabin for some information from his samr.idl in acltools
10 */
11
12 [ uuid("12345778-1234-abcd-ef00-0123456789ac"),
13 version(1.0),
14 endpoint("ncacn_np:[\\pipe\\samr]","ncacn_ip_tcp:", "ncalrpc:"),
15 pointer_default(unique),
16 pointer_default_top(unique)
17 ] interface samr
18 {
19 declare bitmap security_secinfo;
20
21 /* account control (acct_flags) bits */
22 typedef [public,bitmap32bit] bitmap {
23 ACB_DISABLED = 0x00000001, /* 1 = User account disabled */
24 ACB_HOMDIRREQ = 0x00000002, /* 1 = Home directory required */
25 ACB_PWNOTREQ = 0x00000004, /* 1 = User password not required */
26 ACB_TEMPDUP = 0x00000008, /* 1 = Temporary duplicate account */
27 ACB_NORMAL = 0x00000010, /* 1 = Normal user account */
28 ACB_MNS = 0x00000020, /* 1 = MNS logon user account */
29 ACB_DOMTRUST = 0x00000040, /* 1 = Interdomain trust account */
30 ACB_WSTRUST = 0x00000080, /* 1 = Workstation trust account */
31 ACB_SVRTRUST = 0x00000100, /* 1 = Server trust account */
32 ACB_PWNOEXP = 0x00000200, /* 1 = User password does not expire */
33 ACB_AUTOLOCK = 0x00000400, /* 1 = Account auto locked */
34 ACB_ENC_TXT_PWD_ALLOWED = 0x00000800, /* 1 = Encryped text password is allowed */
35 ACB_SMARTCARD_REQUIRED = 0x00001000, /* 1 = Smart Card required */
36 ACB_TRUSTED_FOR_DELEGATION = 0x00002000, /* 1 = Trusted for Delegation */
37 ACB_NOT_DELEGATED = 0x00004000, /* 1 = Not delegated */
38 ACB_USE_DES_KEY_ONLY = 0x00008000, /* 1 = Use DES key only */
39 ACB_DONT_REQUIRE_PREAUTH = 0x00010000, /* 1 = Preauth not required */
40 ACB_PW_EXPIRED = 0x00020000, /* 1 = Password Expired */
41 ACB_NO_AUTH_DATA_REQD = 0x00080000 /* 1 = No authorization data required */
42 } samr_AcctFlags;
43
44 /******************/
45 /* Function: 0x00 */
46 NTSTATUS samr_Connect (
47 /* notice the lack of [string] */
48 [in] uint16 *system_name,
49 [in] uint32 access_mask,
50 [out,ref] policy_handle *connect_handle
51 );
52
53
54 /******************/
55 /* Function: 0x01 */
56 [public] NTSTATUS samr_Close (
57 [in,out,ref] policy_handle *handle
58 );
59
60 /******************/
61 /* Function: 0x02 */
62
63 NTSTATUS samr_SetSecurity (
64 [in,ref] policy_handle *handle,
65 [in] security_secinfo sec_info,
66 [in,ref] sec_desc_buf *sdbuf
67 );
68
69 /******************/
70 /* Function: 0x03 */
71
72 NTSTATUS samr_QuerySecurity (
73 [in,ref] policy_handle *handle,
74 [in] security_secinfo sec_info,
75 [out] sec_desc_buf *sdbuf
76 );
77
78 /******************/
79 /* Function: 0x04 */
80
81 /*
82 shutdown the SAM - once you call this the SAM will be dead
83 */
84 NTSTATUS samr_Shutdown (
85 [in,ref] policy_handle *connect_handle
86 );
87
88 /******************/
89 /* Function: 0x05 */
90 NTSTATUS samr_LookupDomain (
91 [in,ref] policy_handle *connect_handle,
92 [in,ref] lsa_String *domain_name,
93 [out] dom_sid2 *sid
94 );
95
96
97 /******************/
98 /* Function: 0x06 */
99
100 typedef struct {
101 uint32 idx;
102 lsa_String name;
103 } samr_SamEntry;
104
105 typedef struct {
106 uint32 count;
107 [size_is(count)] samr_SamEntry *entries;
108 } samr_SamArray;
109
110 NTSTATUS samr_EnumDomains (
111 [in,ref] policy_handle *connect_handle,
112 [in,out,ref] uint32 *resume_handle,
113 [in] uint32 buf_size,
114 [out] samr_SamArray *sam,
115 [out] uint32 num_entries
116 );
117
118
119 /************************/
120 /* Function 0x07 */
121 [public] NTSTATUS samr_OpenDomain(
122 [in,ref] policy_handle *connect_handle,
123 [in] uint32 access_mask,
124 [in,ref] dom_sid2 *sid,
125 [out,ref] policy_handle *domain_handle
126 );
127
128 /************************/
129 /* Function 0x08 */
130 /* server roles */
131 typedef [v1_enum] enum {
132 SAMR_ROLE_STANDALONE = 0,
133 SAMR_ROLE_DOMAIN_MEMBER = 1,
134 SAMR_ROLE_DOMAIN_BDC = 2,
135 SAMR_ROLE_DOMAIN_PDC = 3
136 } samr_Role;
137
138 /* password properties flags */
139 typedef [public,bitmap32bit] bitmap {
140 DOMAIN_PASSWORD_COMPLEX = 0x00000001,
141 DOMAIN_PASSWORD_NO_ANON_CHANGE = 0x00000002,
142 DOMAIN_PASSWORD_NO_CLEAR_CHANGE = 0x00000004,
143 DOMAIN_PASSWORD_LOCKOUT_ADMINS = 0x00000008,
144 DOMAIN_PASSWORD_STORE_CLEARTEXT = 0x00000010,
145 DOMAIN_REFUSE_PASSWORD_CHANGE = 0x00000020
146 } samr_PasswordProperties;
147
148 typedef struct {
149 uint16 min_password_length;
150 uint16 password_history_length;
151 samr_PasswordProperties password_properties;
152 /* yes, these are signed. They are in negative 100ns */
153 dlong max_password_age;
154 dlong min_password_age;
155 } samr_DomInfo1;
156
157 typedef struct {
158 NTTIME force_logoff_time;
159 lsa_String comment;
160 lsa_String domain_name;
161 lsa_String primary; /* PDC name if this is a BDC */
162 udlong sequence_num;
163 uint32 unknown2;
164 samr_Role role;
165 uint32 unknown3;
166 uint32 num_users;
167 uint32 num_groups;
168 uint32 num_aliases;
169 } samr_DomInfo2;
170
171 typedef struct {
172 NTTIME force_logoff_time;
173 } samr_DomInfo3;
174
175 typedef struct {
176 lsa_String comment;
177 } samr_DomInfo4;
178
179 typedef struct {
180 lsa_String domain_name;
181 } samr_DomInfo5;
182
183 typedef struct {
184 lsa_String primary;
185 } samr_DomInfo6;
186
187 typedef struct {
188 samr_Role role;
189 } samr_DomInfo7;
190
191 typedef struct {
192 hyper sequence_num;
193 NTTIME domain_create_time;
194 } samr_DomInfo8;
195
196 typedef struct {
197 uint32 unknown; /* w2k3 returns 1 */
198 } samr_DomInfo9;
199
200 typedef struct {
201 samr_DomInfo2 info2;
202 hyper lockout_duration;
203 hyper lockout_window;
204 uint16 lockout_threshold;
205 } samr_DomInfo11;
206
207 typedef struct {
208 hyper lockout_duration;
209 hyper lockout_window;
210 uint16 lockout_threshold;
211 } samr_DomInfo12;
212
213 typedef struct {
214 hyper sequence_num;
215 NTTIME domain_create_time;
216 uint32 unknown1;
217 uint32 unknown2;
218 } samr_DomInfo13;
219
220 typedef [switch_type(uint16)] union {
221 [case(1)] samr_DomInfo1 info1;
222 [case(2)] samr_DomInfo2 info2;
223 [case(3)] samr_DomInfo3 info3;
224 [case(4)] samr_DomInfo4 info4;
225 [case(5)] samr_DomInfo5 info5;
226 [case(6)] samr_DomInfo6 info6;
227 [case(7)] samr_DomInfo7 info7;
228 [case(8)] samr_DomInfo8 info8;
229 [case(9)] samr_DomInfo9 info9;
230 [case(11)] samr_DomInfo11 info11;
231 [case(12)] samr_DomInfo12 info12;
232 [case(13)] samr_DomInfo13 info13;
233 } samr_DomainInfo;
234
235 NTSTATUS samr_QueryDomainInfo(
236 [in,ref] policy_handle *domain_handle,
237 [in] uint16 level,
238 [out,switch_is(level)] samr_DomainInfo *info
239 );
240
241 /************************/
242 /* Function 0x09 */
243 /*
244 only levels 1, 3, 4, 6, 7, 9, 12 are valid for this
245 call in w2k3
246 */
247 NTSTATUS samr_SetDomainInfo(
248 [in,ref] policy_handle *domain_handle,
249 [in] uint16 level,
250 [in,switch_is(level),ref] samr_DomainInfo *info
251 );
252
253
254 /************************/
255 /* Function 0x0a */
256 NTSTATUS samr_CreateDomainGroup(
257 [in,ref] policy_handle *domain_handle,
258 [in,ref] lsa_String *name,
259 [in] uint32 access_mask,
260 [out,ref] policy_handle *group_handle,
261 [out,ref] uint32 *rid
262 );
263
264
265 /************************/
266 /* Function 0x0b */
267 NTSTATUS samr_EnumDomainGroups(
268 [in,ref] policy_handle *domain_handle,
269 [in,out,ref] uint32 *resume_handle,
270 [in] uint32 max_size,
271 [out] samr_SamArray *sam,
272 [out] uint32 num_entries
273 );
274
275 /************************/
276 /* Function 0x0c */
277 NTSTATUS samr_CreateUser(
278 [in,ref] policy_handle *domain_handle,
279 [in,ref] lsa_String *account_name,
280 [in] uint32 access_mask,
281 [out,ref] policy_handle *user_handle,
282 [out,ref] uint32 *rid
283 );
284
285 /************************/
286 /* Function 0x0d */
287
288
289 /* w2k3 treats max_size as max_users*54 and sets the
290 resume_handle as the rid of the last user sent
291 */
292 const int SAMR_ENUM_USERS_MULTIPLIER = 54;
293
294 NTSTATUS samr_EnumDomainUsers(
295 [in,ref] policy_handle *domain_handle,
296 [in,out,ref] uint32 *resume_handle,
297 [in] samr_AcctFlags acct_flags,
298 [in] uint32 max_size,
299 [out] samr_SamArray *sam,
300 [out] uint32 num_entries
301 );
302
303 /************************/
304 /* Function 0x0e */
305 NTSTATUS samr_CreateDomAlias(
306 [in,ref] policy_handle *domain_handle,
307 [in,ref] lsa_String *alias_name,
308 [in] uint32 access_mask,
309 [out,ref] policy_handle *alias_handle,
310 [out,ref] uint32 *rid
311 );
312
313 /************************/
314 /* Function 0x0f */
315 NTSTATUS samr_EnumDomainAliases(
316 [in,ref] policy_handle *domain_handle,
317 [in,out,ref] uint32 *resume_handle,
318 [in] samr_AcctFlags acct_flags,
319 [out] samr_SamArray *sam,
320 [out] uint32 num_entries
321 );
322
323 /************************/
324 /* Function 0x10 */
325
326 typedef struct {
327 [range(0,1024)] uint32 count;
328 [size_is(count)] uint32 *ids;
329 } samr_Ids;
330
331 NTSTATUS samr_GetAliasMembership(
332 [in,ref] policy_handle *domain_handle,
333 [in,ref] lsa_SidArray *sids,
334 [out,ref] samr_Ids *rids
335 );
336
337 /************************/
338 /* Function 0x11 */
339
340 [public] NTSTATUS samr_LookupNames(
341 [in,ref] policy_handle *domain_handle,
342 [in,range(0,1000)] uint32 num_names,
343 [in,size_is(1000),length_is(num_names)] lsa_String names[],
344 [out] samr_Ids rids,
345 [out] samr_Ids types
346 );
347
348
349 /************************/
350 /* Function 0x12 */
351 NTSTATUS samr_LookupRids(
352 [in,ref] policy_handle *domain_handle,
353 [in,range(0,1000)] uint32 num_rids,
354 [in,size_is(1000),length_is(num_rids)] uint32 rids[],
355 [out] lsa_Strings names,
356 [out] samr_Ids types
357 );
358
359 /************************/
360 /* Function 0x13 */
361 NTSTATUS samr_OpenGroup(
362 [in,ref] policy_handle *domain_handle,
363 [in] uint32 access_mask,
364 [in] uint32 rid,
365 [out,ref] policy_handle *group_handle
366 );
367
368 /* Group attributes */
369 typedef [public,bitmap32bit] bitmap {
370 SE_GROUP_MANDATORY = 0x00000001,
371 SE_GROUP_ENABLED_BY_DEFAULT = 0x00000002,
372 SE_GROUP_ENABLED = 0x00000004,
373 SE_GROUP_OWNER = 0x00000008,
374 SE_GROUP_USE_FOR_DENY_ONLY = 0x00000010,
375 SE_GROUP_RESOURCE = 0x20000000,
376 SE_GROUP_LOGON_ID = 0xC0000000
377 } samr_GroupAttrs;
378
379 /************************/
380 /* Function 0x14 */
381
382 typedef struct {
383 lsa_String name;
384 samr_GroupAttrs attributes;
385 uint32 num_members;
386 lsa_String description;
387 } samr_GroupInfoAll;
388
389 typedef struct {
390 samr_GroupAttrs attributes;
391 } samr_GroupInfoAttributes;
392
393 typedef struct {
394 lsa_String description;
395 } samr_GroupInfoDescription;
396
397 typedef enum {
398 GROUPINFOALL = 1,
399 GROUPINFONAME = 2,
400 GROUPINFOATTRIBUTES = 3,
401 GROUPINFODESCRIPTION = 4,
402 GROUPINFOALL2 = 5
403 } samr_GroupInfoEnum;
404
405 typedef [switch_type(samr_GroupInfoEnum)] union {
406 [case(GROUPINFOALL)] samr_GroupInfoAll all;
407 [case(GROUPINFONAME)] lsa_String name;
408 [case(GROUPINFOATTRIBUTES)] samr_GroupInfoAttributes attributes;
409 [case(GROUPINFODESCRIPTION)] lsa_String description;
410 [case(GROUPINFOALL2)] samr_GroupInfoAll all2;
411 } samr_GroupInfo;
412
413 NTSTATUS samr_QueryGroupInfo(
414 [in,ref] policy_handle *group_handle,
415 [in] samr_GroupInfoEnum level,
416 [out,switch_is(level)] samr_GroupInfo *info
417 );
418
419 /************************/
420 /* Function 0x15 */
421 NTSTATUS samr_SetGroupInfo(
422 [in,ref] policy_handle *group_handle,
423 [in] samr_GroupInfoEnum level,
424 [in,switch_is(level),ref] samr_GroupInfo *info
425 );
426
427 /************************/
428 /* Function 0x16 */
429 NTSTATUS samr_AddGroupMember(
430 [in,ref] policy_handle *group_handle,
431 [in] uint32 rid,
432 [in] uint32 flags
433 );
434
435 /************************/
436 /* Function 0x17 */
437 NTSTATUS samr_DeleteDomainGroup(
438 [in,out,ref] policy_handle *group_handle
439 );
440
441 /************************/
442 /* Function 0x18 */
443 NTSTATUS samr_DeleteGroupMember(
444 [in,ref] policy_handle *group_handle,
445 [in] uint32 rid
446 );
447
448
449 /************************/
450 /* Function 0x19 */
451 typedef struct {
452 uint32 count;
453 [size_is(count)] uint32 *rids;
454 [size_is(count)] uint32 *types;
455 } samr_RidTypeArray;
456
457 NTSTATUS samr_QueryGroupMember(
458 [in,ref] policy_handle *group_handle,
459 [out] samr_RidTypeArray *rids
460 );
461
462
463 /************************/
464 /* Function 0x1a */
465
466 /*
467 win2003 seems to accept any data at all for the two integers
468 below, and doesn't seem to do anything with them that I can
469 see. Weird. I really expected the first integer to be a rid
470 and the second to be the attributes for that rid member.
471 */
472 NTSTATUS samr_SetMemberAttributesOfGroup(
473 [in,ref] policy_handle *group_handle,
474 [in] uint32 unknown1,
475 [in] uint32 unknown2
476 );
477
478
479 /************************/
480 /* Function 0x1b */
481 NTSTATUS samr_OpenAlias (
482 [in,ref] policy_handle *domain_handle,
483 [in] uint32 access_mask,
484 [in] uint32 rid,
485 [out,ref] policy_handle *alias_handle
486 );
487
488
489 /************************/
490 /* Function 0x1c */
491
492 typedef struct {
493 lsa_String name;
494 uint32 num_members;
495 lsa_String description;
496 } samr_AliasInfoAll;
497
498 typedef enum {
499 ALIASINFOALL = 1,
500 ALIASINFONAME = 2,
501 ALIASINFODESCRIPTION = 3
502 } samr_AliasInfoEnum;
503
504 typedef [switch_type(samr_AliasInfoEnum)] union {
505 [case(ALIASINFOALL)] samr_AliasInfoAll all;
506 [case(ALIASINFONAME)] lsa_String name;
507 [case(ALIASINFODESCRIPTION)] lsa_String description;
508 } samr_AliasInfo;
509
510 NTSTATUS samr_QueryAliasInfo(
511 [in,ref] policy_handle *alias_handle,
512 [in] samr_AliasInfoEnum level,
513 [out,switch_is(level)] samr_AliasInfo *info
514 );
515
516 /************************/
517 /* Function 0x1d */
518 NTSTATUS samr_SetAliasInfo(
519 [in,ref] policy_handle *alias_handle,
520 [in] samr_AliasInfoEnum level,
521 [in,switch_is(level),ref] samr_AliasInfo *info
522 );
523
524 /************************/
525 /* Function 0x1e */
526 NTSTATUS samr_DeleteDomAlias(
527 [in,out,ref] policy_handle *alias_handle
528 );
529
530 /************************/
531 /* Function 0x1f */
532 NTSTATUS samr_AddAliasMember(
533 [in,ref] policy_handle *alias_handle,
534 [in,ref] dom_sid2 *sid
535 );
536
537 /************************/
538 /* Function 0x20 */
539 NTSTATUS samr_DeleteAliasMember(
540 [in,ref] policy_handle *alias_handle,
541 [in,ref] dom_sid2 *sid
542 );
543
544 /************************/
545 /* Function 0x21 */
546 NTSTATUS samr_GetMembersInAlias(
547 [in,ref] policy_handle *alias_handle,
548 [out,ref] lsa_SidArray *sids
549 );
550
551 /************************/
552 /* Function 0x22 */
553 [public] NTSTATUS samr_OpenUser(
554 [in,ref] policy_handle *domain_handle,
555 [in] uint32 access_mask,
556 [in] uint32 rid,
557 [out,ref] policy_handle *user_handle
558 );
559
560 /************************/
561 /* Function 0x23 */
562 NTSTATUS samr_DeleteUser(
563 [in,out,ref] policy_handle *user_handle
564 );
565
566 /************************/
567 /* Function 0x24 */
568 typedef struct {
569 lsa_String account_name;
570 lsa_String full_name;
571 uint32 primary_gid;
572 lsa_String description;
573 lsa_String comment;
574 } samr_UserInfo1;
575
576 typedef struct {
577 lsa_String comment;
578 lsa_String unknown; /* settable, but doesn't stick. probably obsolete */
579 uint16 country_code;
580 uint16 code_page;
581 } samr_UserInfo2;
582
583 /* this is also used in samr and netlogon */
584 typedef [public, flag(NDR_PAHEX)] struct {
585 uint16 units_per_week;
586 [size_is(1260), length_is(units_per_week/8)] uint8 *bits;
587 } samr_LogonHours;
588
589 typedef struct {
590 lsa_String account_name;
591 lsa_String full_name;
592 uint32 rid;
593 uint32 primary_gid;
594 lsa_String home_directory;
595 lsa_String home_drive;
596 lsa_String logon_script;
597 lsa_String profile_path;
598 lsa_String workstations;
599 NTTIME last_logon;
600 NTTIME last_logoff;
601 NTTIME last_password_change;
602 NTTIME allow_password_change;
603 NTTIME force_password_change;
604 samr_LogonHours logon_hours;
605 uint16 bad_password_count;
606 uint16 logon_count;
607 samr_AcctFlags acct_flags;
608 } samr_UserInfo3;
609
610 typedef struct {
611 samr_LogonHours logon_hours;
612 } samr_UserInfo4;
613
614 typedef struct {
615 lsa_String account_name;
616 lsa_String full_name;
617 uint32 rid;
618 uint32 primary_gid;
619 lsa_String home_directory;
620 lsa_String home_drive;
621 lsa_String logon_script;
622 lsa_String profile_path;
623 lsa_String description;
624 lsa_String workstations;
625 NTTIME last_logon;
626 NTTIME last_logoff;
627 samr_LogonHours logon_hours;
628 uint16 bad_password_count;
629 uint16 logon_count;
630 NTTIME last_password_change;
631 NTTIME acct_expiry;
632 samr_AcctFlags acct_flags;
633 } samr_UserInfo5;
634
635 typedef struct {
636 lsa_String account_name;
637 lsa_String full_name;
638 } samr_UserInfo6;
639
640 typedef struct {
641 lsa_String account_name;
642 } samr_UserInfo7;
643
644 typedef struct {
645 lsa_String full_name;
646 } samr_UserInfo8;
647
648 typedef struct {
649 uint32 primary_gid;
650 } samr_UserInfo9;
651
652 typedef struct {
653 lsa_String home_directory;
654 lsa_String home_drive;
655 } samr_UserInfo10;
656
657 typedef struct {
658 lsa_String logon_script;
659 } samr_UserInfo11;
660
661 typedef struct {
662 lsa_String profile_path;
663 } samr_UserInfo12;
664
665 typedef struct {
666 lsa_String description;
667 } samr_UserInfo13;
668
669 typedef struct {
670 lsa_String workstations;
671 } samr_UserInfo14;
672
673 typedef struct {
674 samr_AcctFlags acct_flags;
675 } samr_UserInfo16;
676
677 typedef struct {
678 NTTIME acct_expiry;
679 } samr_UserInfo17;
680
681 typedef struct {
682 lsa_String parameters;
683 } samr_UserInfo20;
684
685 /* this defines the bits used for fields_present in info21 */
686 typedef [bitmap32bit] bitmap {
687 SAMR_FIELD_ACCOUNT_NAME = 0x00000001,
688 SAMR_FIELD_FULL_NAME = 0x00000002,
689 SAMR_FIELD_PRIMARY_GID = 0x00000008,
690 SAMR_FIELD_DESCRIPTION = 0x00000010,
691 SAMR_FIELD_COMMENT = 0x00000020,
692 SAMR_FIELD_HOME_DIRECTORY = 0x00000040,
693 SAMR_FIELD_HOME_DRIVE = 0x00000080,
694 SAMR_FIELD_LOGON_SCRIPT = 0x00000100,
695 SAMR_FIELD_PROFILE_PATH = 0x00000200,
696 SAMR_FIELD_WORKSTATIONS = 0x00000400,
697 SAMR_FIELD_LOGON_HOURS = 0x00002000,
698 SAMR_FIELD_ACCT_FLAGS = 0x00100000,
699 SAMR_FIELD_PARAMETERS = 0x00200000,
700 SAMR_FIELD_COUNTRY_CODE = 0x00400000,
701 SAMR_FIELD_CODE_PAGE = 0x00800000,
702 SAMR_FIELD_PASSWORD = 0x01000000, /* either of these */
703 SAMR_FIELD_PASSWORD2 = 0x02000000 /* two bits seems to work */
704 } samr_FieldsPresent;
705
706 typedef struct {
707 NTTIME last_logon;
708 NTTIME last_logoff;
709 NTTIME last_password_change;
710 NTTIME acct_expiry;
711 NTTIME allow_password_change;
712 NTTIME force_password_change;
713 lsa_String account_name;
714 lsa_String full_name;
715 lsa_String home_directory;
716 lsa_String home_drive;
717 lsa_String logon_script;
718 lsa_String profile_path;
719 lsa_String description;
720 lsa_String workstations;
721 lsa_String comment;
722 lsa_String parameters;
723 lsa_String unknown1;
724 lsa_String unknown2;
725 lsa_String unknown3;
726 uint32 buf_count;
727 [size_is(buf_count)] uint8 *buffer;
728 uint32 rid;
729 uint32 primary_gid;
730 samr_AcctFlags acct_flags;
731 samr_FieldsPresent fields_present;
732 samr_LogonHours logon_hours;
733 uint16 bad_password_count;
734 uint16 logon_count;
735 uint16 country_code;
736 uint16 code_page;
737 uint8 nt_password_set;
738 uint8 lm_password_set;
739 uint8 password_expired;
740 uint8 unknown4;
741 } samr_UserInfo21;
742
743 typedef [public, flag(NDR_PAHEX)] struct {
744 uint8 data[516];
745 } samr_CryptPassword;
746
747 typedef struct {
748 samr_UserInfo21 info;
749 samr_CryptPassword password;
750 } samr_UserInfo23;
751
752 typedef struct {
753 samr_CryptPassword password;
754 uint8 pw_len;
755 } samr_UserInfo24;
756
757 typedef [flag(NDR_PAHEX)] struct {
758 uint8 data[532];
759 } samr_CryptPasswordEx;
760
761 typedef struct {
762 samr_UserInfo21 info;
763 samr_CryptPasswordEx password;
764 } samr_UserInfo25;
765
766 typedef struct {
767 samr_CryptPasswordEx password;
768 uint8 pw_len;
769 } samr_UserInfo26;
770
771 typedef [switch_type(uint16)] union {
772 [case(1)] samr_UserInfo1 info1;
773 [case(2)] samr_UserInfo2 info2;
774 [case(3)] samr_UserInfo3 info3;
775 [case(4)] samr_UserInfo4 info4;
776 [case(5)] samr_UserInfo5 info5;
777 [case(6)] samr_UserInfo6 info6;
778 [case(7)] samr_UserInfo7 info7;
779 [case(8)] samr_UserInfo8 info8;
780 [case(9)] samr_UserInfo9 info9;
781 [case(10)] samr_UserInfo10 info10;
782 [case(11)] samr_UserInfo11 info11;
783 [case(12)] samr_UserInfo12 info12;
784 [case(13)] samr_UserInfo13 info13;
785 [case(14)] samr_UserInfo14 info14;
786 [case(16)] samr_UserInfo16 info16;
787 [case(17)] samr_UserInfo17 info17;
788 [case(20)] samr_UserInfo20 info20;
789 [case(21)] samr_UserInfo21 info21;
790 [case(23)] samr_UserInfo23 info23;
791 [case(24)] samr_UserInfo24 info24;
792 [case(25)] samr_UserInfo25 info25;
793 [case(26)] samr_UserInfo26 info26;
794 } samr_UserInfo;
795
796 [public] NTSTATUS samr_QueryUserInfo(
797 [in,ref] policy_handle *user_handle,
798 [in] uint16 level,
799 [out,switch_is(level)] samr_UserInfo *info
800 );
801
802
803 /************************/
804 /* Function 0x25 */
805 [public] NTSTATUS samr_SetUserInfo(
806 [in,ref] policy_handle *user_handle,
807 [in] uint16 level,
808 [in,ref,switch_is(level)] samr_UserInfo *info
809 );
810
811 /************************/
812 /* Function 0x26 */
813 typedef [public, flag(NDR_PAHEX)] struct {
814 uint8 hash[16];
815 } samr_Password;
816
817 /*
818 this is a password change interface that doesn't give
819 the server the plaintext password. Depricated.
820 */
821 NTSTATUS samr_ChangePasswordUser(
822 [in,ref] policy_handle *user_handle,
823 [in] boolean8 lm_present,
824 [in] samr_Password *old_lm_crypted,
825 [in] samr_Password *new_lm_crypted,
826 [in] boolean8 nt_present,
827 [in] samr_Password *old_nt_crypted,
828 [in] samr_Password *new_nt_crypted,
829 [in] boolean8 cross1_present,
830 [in] samr_Password *nt_cross,
831 [in] boolean8 cross2_present,
832 [in] samr_Password *lm_cross
833 );
834
835 /************************/
836 /* Function 0x27 */
837
838 typedef [public] struct {
839 uint32 rid;
840 samr_GroupAttrs attributes;
841 } samr_RidWithAttribute;
842
843 typedef [public] struct {
844 uint32 count;
845 [size_is(count)] samr_RidWithAttribute *rids;
846 } samr_RidWithAttributeArray;
847
848 NTSTATUS samr_GetGroupsForUser(
849 [in,ref] policy_handle *user_handle,
850 [out] samr_RidWithAttributeArray *rids
851 );
852
853 /************************/
854 /* Function 0x28 */
855
856 typedef struct {
857 uint32 idx;
858 uint32 rid;
859 samr_AcctFlags acct_flags;
860 lsa_String account_name;
861 lsa_String full_name;
862 lsa_String description;
863 } samr_DispEntryGeneral;
864
865 typedef struct {
866 uint32 count;
867 [size_is(count)] samr_DispEntryGeneral *entries;
868 } samr_DispInfoGeneral;
869
870 typedef struct {
871 uint32 idx;
872 uint32 rid;
873 samr_AcctFlags acct_flags;
874 lsa_String account_name;
875 lsa_String description;
876 } samr_DispEntryFull;
877
878 typedef struct {
879 uint32 count;
880 [size_is(count)] samr_DispEntryFull *entries;
881 } samr_DispInfoFull;
882
883 typedef struct {
884 uint32 idx;
885 uint32 rid;
886 samr_GroupAttrs acct_flags;
887 lsa_String account_name;
888 lsa_String description;
889 } samr_DispEntryFullGroup;
890
891 typedef struct {
892 uint32 count;
893 [size_is(count)] samr_DispEntryFullGroup *entries;
894 } samr_DispInfoFullGroups;
895
896 typedef struct {
897 uint32 idx;
898 lsa_AsciiString account_name;
899 } samr_DispEntryAscii;
900
901 typedef struct {
902 uint32 count;
903 [size_is(count)] samr_DispEntryAscii *entries;
904 } samr_DispInfoAscii;
905
906 typedef [switch_type(uint16)] union {
907 [case(1)] samr_DispInfoGeneral info1;/* users */
908 [case(2)] samr_DispInfoFull info2; /* trust accounts? */
909 [case(3)] samr_DispInfoFullGroups info3; /* groups */
910 [case(4)] samr_DispInfoAscii info4; /* users */
911 [case(5)] samr_DispInfoAscii info5; /* groups */
912 } samr_DispInfo;
913
914 NTSTATUS samr_QueryDisplayInfo(
915 [in,ref] policy_handle *domain_handle,
916 [in] uint16 level,
917 [in] uint32 start_idx,
918 [in] uint32 max_entries,
919 [in] uint32 buf_size,
920 [out] uint32 total_size,
921 [out] uint32 returned_size,
922 [out,switch_is(level)] samr_DispInfo info
923 );
924
925
926 /************************/
927 /* Function 0x29 */
928
929 /*
930 this seems to be an alphabetic search function. The returned index
931 is the index for samr_QueryDisplayInfo needed to get names occurring
932 after the specified name. The supplied name does not need to exist
933 in the database (for example you can supply just a first letter for
934 searching starting at that letter)
935
936 The level corresponds to the samr_QueryDisplayInfo level
937 */
938 NTSTATUS samr_GetDisplayEnumerationIndex(
939 [in,ref] policy_handle *domain_handle,
940 [in] uint16 level,
941 [in] lsa_String name,
942 [out] uint32 idx
943 );
944
945
946
947 /************************/
948 /* Function 0x2a */
949
950 /*
951 w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
952 */
953 NTSTATUS samr_TestPrivateFunctionsDomain(
954 [in,ref] policy_handle *domain_handle
955 );
956
957
958 /************************/
959 /* Function 0x2b */
960
961 /*
962 w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
963 */
964 NTSTATUS samr_TestPrivateFunctionsUser(
965 [in,ref] policy_handle *user_handle
966 );
967
968
969 /************************/
970 /* Function 0x2c */
971
972 typedef struct {
973 uint16 min_password_length;
974 samr_PasswordProperties password_properties;
975 } samr_PwInfo;
976
977 [public] NTSTATUS samr_GetUserPwInfo(
978 [in,ref] policy_handle *user_handle,
979 [out] samr_PwInfo info
980 );
981
982 /************************/
983 /* Function 0x2d */
984 NTSTATUS samr_RemoveMemberFromForeignDomain(
985 [in,ref] policy_handle *domain_handle,
986 [in,ref] dom_sid2 *sid
987 );
988
989 /************************/
990 /* Function 0x2e */
991
992 /*
993 how is this different from QueryDomainInfo ??
994 */
995 NTSTATUS samr_QueryDomainInfo2(
996 [in,ref] policy_handle *domain_handle,
997 [in] uint16 level,
998 [out,switch_is(level)] samr_DomainInfo *info
999 );
1000
1001 /************************/
1002 /* Function 0x2f */
1003
1004 /*
1005 how is this different from QueryUserInfo ??
1006 */
1007 NTSTATUS samr_QueryUserInfo2(
1008 [in,ref] policy_handle *user_handle,
1009 [in] uint16 level,
1010 [out,switch_is(level)] samr_UserInfo *info
1011 );
1012
1013 /************************/
1014 /* Function 0x30 */
1015
1016 /*
1017 how is this different from QueryDisplayInfo??
1018 */
1019 NTSTATUS samr_QueryDisplayInfo2(
1020 [in,ref] policy_handle *domain_handle,
1021 [in] uint16 level,
1022 [in] uint32 start_idx,
1023 [in] uint32 max_entries,
1024 [in] uint32 buf_size,
1025 [out] uint32 total_size,
1026 [out] uint32 returned_size,
1027 [out,switch_is(level)] samr_DispInfo info
1028 );
1029
1030 /************************/
1031 /* Function 0x31 */
1032
1033 /*
1034 how is this different from GetDisplayEnumerationIndex ??
1035 */
1036 NTSTATUS samr_GetDisplayEnumerationIndex2(
1037 [in,ref] policy_handle *domain_handle,
1038 [in] uint16 level,
1039 [in] lsa_String name,
1040 [out] uint32 idx
1041 );
1042
1043
1044 /************************/
1045 /* Function 0x32 */
1046 NTSTATUS samr_CreateUser2(
1047 [in,ref] policy_handle *domain_handle,
1048 [in,ref] lsa_String *account_name,
1049 [in] samr_AcctFlags acct_flags,
1050 [in] uint32 access_mask,
1051 [out,ref] policy_handle *user_handle,
1052 [out,ref] uint32 *access_granted,
1053 [out,ref] uint32 *rid
1054 );
1055
1056
1057 /************************/
1058 /* Function 0x33 */
1059
1060 /*
1061 another duplicate. There must be a reason ....
1062 */
1063 NTSTATUS samr_QueryDisplayInfo3(
1064 [in,ref] policy_handle *domain_handle,
1065 [in] uint16 level,
1066 [in] uint32 start_idx,
1067 [in] uint32 max_entries,
1068 [in] uint32 buf_size,
1069 [out] uint32 total_size,
1070 [out] uint32 returned_size,
1071 [out,switch_is(level)] samr_DispInfo info
1072 );
1073
1074 /************************/
1075 /* Function 0x34 */
1076 NTSTATUS samr_AddMultipleMembersToAlias(
1077 [in,ref] policy_handle *alias_handle,
1078 [in,ref] lsa_SidArray *sids
1079 );
1080
1081 /************************/
1082 /* Function 0x35 */
1083 NTSTATUS samr_RemoveMultipleMembersFromAlias(
1084 [in,ref] policy_handle *alias_handle,
1085 [in,ref] lsa_SidArray *sids
1086 );
1087
1088 /************************/
1089 /* Function 0x36 */
1090
1091 NTSTATUS samr_OemChangePasswordUser2(
1092 [in] lsa_AsciiString *server,
1093 [in,ref] lsa_AsciiString *account,
1094 [in] samr_CryptPassword *password,
1095 [in] samr_Password *hash
1096 );
1097
1098 /************************/
1099 /* Function 0x37 */
1100 NTSTATUS samr_ChangePasswordUser2(
1101 [in] lsa_String *server,
1102 [in,ref] lsa_String *account,
1103 [in] samr_CryptPassword *nt_password,
1104 [in] samr_Password *nt_verifier,
1105 [in] boolean8 lm_change,
1106 [in] samr_CryptPassword *lm_password,
1107 [in] samr_Password *lm_verifier
1108 );
1109
1110 /************************/
1111 /* Function 0x38 */
1112 NTSTATUS samr_GetDomPwInfo(
1113 [in] lsa_String *domain_name,
1114 [out] samr_PwInfo info
1115 );
1116
1117 /************************/
1118 /* Function 0x39 */
1119 NTSTATUS samr_Connect2(
1120 [in,string,charset(UTF16)] uint16 *system_name,
1121 [in] uint32 access_mask,
1122 [out,ref] policy_handle *connect_handle
1123 );
1124
1125 /************************/
1126 /* Function 0x3a */
1127 /*
1128 seems to be an exact alias for samr_SetUserInfo()
1129 */
1130 [public] NTSTATUS samr_SetUserInfo2(
1131 [in,ref] policy_handle *user_handle,
1132 [in] uint16 level,
1133 [in,ref,switch_is(level)] samr_UserInfo *info
1134 );
1135
1136 /************************/
1137 /* Function 0x3b */
1138 /*
1139 this one is mysterious. I have a few guesses, but nothing working yet
1140 */
1141 NTSTATUS samr_SetBootKeyInformation(
1142 [in,ref] policy_handle *connect_handle,
1143 [in] uint32 unknown1,
1144 [in] uint32 unknown2,
1145 [in] uint32 unknown3
1146 );
1147
1148 /************************/
1149 /* Function 0x3c */
1150 NTSTATUS samr_GetBootKeyInformation(
1151 [in,ref] policy_handle *domain_handle,
1152 [out] uint32 unknown
1153 );
1154
1155 /************************/
1156 /* Function 0x3d */
1157 NTSTATUS samr_Connect3(
1158 [in,string,charset(UTF16)] uint16 *system_name,
1159 /* this unknown value seems to be completely ignored by w2k3 */
1160 [in] uint32 unknown,
1161 [in] uint32 access_mask,
1162 [out,ref] policy_handle *connect_handle
1163 );
1164
1165 /************************/
1166 /* Function 0x3e */
1167 NTSTATUS samr_Connect4(
1168 [in,string,charset(UTF16)] uint16 *system_name,
1169 [in] uint32 unknown,
1170 [in] uint32 access_mask,
1171 [out,ref] policy_handle *connect_handle
1172 );
1173
1174 /************************/
1175 /* Function 0x3f */
1176
1177 declare enum samr_RejectReason;
1178
1179 typedef struct {
1180 samr_RejectReason reason;
1181 uint32 unknown1;
1182 uint32 unknown2;
1183 } samr_ChangeReject;
1184
1185 NTSTATUS samr_ChangePasswordUser3(
1186 [in] lsa_String *server,
1187 [in,ref] lsa_String *account,
1188 [in] samr_CryptPassword *nt_password,
1189 [in] samr_Password *nt_verifier,
1190 [in] boolean8 lm_change,
1191 [in] samr_CryptPassword *lm_password,
1192 [in] samr_Password *lm_verifier,
1193 [in] samr_CryptPassword *password3,
1194 [out] samr_DomInfo1 *dominfo,
1195 [out] samr_ChangeReject *reject
1196 );
1197
1198 /************************/
1199 /* Function 0x40 */
1200
1201 typedef struct {
1202 uint32 unknown1; /* w2k3 gives 3 */
1203 uint32 unknown2; /* w2k3 gives 0 */
1204 } samr_ConnectInfo1;
1205
1206 typedef union {
1207 [case(1)] samr_ConnectInfo1 info1;
1208 } samr_ConnectInfo;
1209
1210 [public] NTSTATUS samr_Connect5(
1211 [in,string,charset(UTF16)] uint16 *system_name,
1212 [in] uint32 access_mask,
1213 [in,out] uint32 level,
1214 [in,out,switch_is(level),ref] samr_ConnectInfo *info,
1215 [out,ref] policy_handle *connect_handle
1216 );
1217
1218 /************************/
1219 /* Function 0x41 */
1220 NTSTATUS samr_RidToSid(
1221 [in,ref] policy_handle *domain_handle,
1222 [in] uint32 rid,
1223 [out] dom_sid2 *sid
1224 );
1225
1226
1227 /************************/
1228 /* Function 0x42 */
1229
1230 /*
1231 this should set the DSRM password for the server, which is used
1232 when booting into Directory Services Recovery Mode on a DC. Win2003
1233 gives me NT_STATUS_NOT_SUPPORTED
1234 */
1235
1236 NTSTATUS samr_SetDsrmPassword(
1237 [in] lsa_String *name,
1238 [in] uint32 unknown,
1239 [in] samr_Password *hash
1240 );
1241
1242
1243 /************************/
1244 /* Function 0x43 */
1245 /*
1246 I haven't been able to work out the format of this one yet.
1247 Seems to start with a switch level for a union?
1248 */
1249 NTSTATUS samr_ValidatePassword();
1250 }
Samba GIT mirror