search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add explicit buf arg to cli_check_sign_mac
[Samba/gbeck.git] / source3 / librpc / idl / lsa.idl
blob68dc0497dad75f474f9a945f8a2b654eae93ab9b
1 #include "idl_types.h"
2
3 /*
4 lsa interface definition
5 */
6
7 import "security.idl";
8
9 [ uuid("12345778-1234-abcd-ef00-0123456789ab"),
10 version(0.0),
11 endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\netlogon]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"),
12 pointer_default(unique),
13 helpstring("Local Security Authority")
14 ] interface lsarpc
15 {
16 typedef bitmap security_secinfo security_secinfo;
17
18 typedef [public,noejs] struct {
19 [value(2*strlen_m(string))] uint16 length;
20 [value(2*strlen_m(string))] uint16 size;
21 [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string;
22 } lsa_String;
23
24 typedef [public] struct {
25 [value(2*strlen_m(string))] uint16 length;
26 [value(2*(strlen_m(string)+1))] uint16 size;
27 [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string;
28 } lsa_StringLarge;
29
30 typedef [public] struct {
31 uint32 count;
32 [size_is(count)] lsa_String *names;
33 } lsa_Strings;
34
35 typedef [public] struct {
36 [value(strlen_m(string))] uint16 length;
37 [value(strlen_m(string))] uint16 size;
38 ascstr_noterm *string;
39 } lsa_AsciiString;
40
41 /******************/
42 /* Function: 0x00 */
43 NTSTATUS lsa_Close (
44 [in,out] policy_handle *handle
45 );
46
47
48 /******************/
49 /* Function: 0x01 */
50 [public] NTSTATUS lsa_Delete (
51 [in] policy_handle *handle
52 );
53
54
55 /******************/
56 /* Function: 0x02 */
57 typedef struct {
58 uint32 low;
59 uint32 high;
60 } lsa_LUID;
61
62 typedef struct {
63 lsa_StringLarge name;
64 lsa_LUID luid;
65 } lsa_PrivEntry;
66
67 typedef struct {
68 uint32 count;
69 [size_is(count)] lsa_PrivEntry *privs;
70 } lsa_PrivArray;
71
72 [public] NTSTATUS lsa_EnumPrivs (
73 [in] policy_handle *handle,
74 [in,out,ref] uint32 *resume_handle,
75 [out,ref] lsa_PrivArray *privs,
76 [in] uint32 max_count
77 );
78
79 /******************/
80 /* Function: 0x03 */
81
82 NTSTATUS lsa_QuerySecurity (
83 [in] policy_handle *handle,
84 [in] security_secinfo sec_info,
85 [out,ref] sec_desc_buf **sdbuf
86 );
87
88
89 /******************/
90 /* Function: 0x04 */
91 NTSTATUS lsa_SetSecObj(
92 [in] policy_handle *handle,
93 [in] security_secinfo sec_info,
94 [in,ref] sec_desc_buf *sdbuf
95 );
96
97 /******************/
98 /* Function: 0x05 */
99 NTSTATUS lsa_ChangePassword ();
100
101
102 /******************/
103 /* Function: 0x06 */
104 typedef struct {
105 uint32 len; /* ignored */
106 uint16 impersonation_level;
107 uint8 context_mode;
108 uint8 effective_only;
109 } lsa_QosInfo;
110
111 typedef struct {
112 uint32 len; /* ignored */
113 uint8 *root_dir;
114 [string,charset(UTF16)] uint16 *object_name;
115 uint32 attributes;
116 security_descriptor *sec_desc;
117 lsa_QosInfo *sec_qos;
118 } lsa_ObjectAttribute;
119
120 typedef [public,bitmap32bit] bitmap {
121 LSA_POLICY_VIEW_LOCAL_INFORMATION = 0x00000001,
122 LSA_POLICY_VIEW_AUDIT_INFORMATION = 0x00000002,
123 LSA_POLICY_GET_PRIVATE_INFORMATION = 0x00000004,
124 LSA_POLICY_TRUST_ADMIN = 0x00000008,
125 LSA_POLICY_CREATE_ACCOUNT = 0x00000010,
126 LSA_POLICY_CREATE_SECRET = 0x00000020,
127 LSA_POLICY_CREATE_PRIVILEGE = 0x00000040,
128 LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080,
129 LSA_POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100,
130 LSA_POLICY_AUDIT_LOG_ADMIN = 0x00000200,
131 LSA_POLICY_SERVER_ADMIN = 0x00000400,
132 LSA_POLICY_LOOKUP_NAMES = 0x00000800
133 } lsa_PolicyAccessMask;
134
135 /* notice the screwup with the system_name - thats why MS created
136 OpenPolicy2 */
137 [public] NTSTATUS lsa_OpenPolicy (
138 [in,unique] uint16 *system_name,
139 [in] lsa_ObjectAttribute *attr,
140 [in] lsa_PolicyAccessMask access_mask,
141 [out] policy_handle *handle
142 );
143
144
145
146 /******************/
147 /* Function: 0x07 */
148
149 typedef struct {
150 uint32 percent_full;
151 uint32 log_size;
152 NTTIME retention_time;
153 uint8 shutdown_in_progress;
154 NTTIME time_to_shutdown;
155 uint32 next_audit_record;
156 uint32 unknown;
157 } lsa_AuditLogInfo;
158
159 typedef [v1_enum] enum {
160 LSA_AUDIT_POLICY_NONE=0,
161 LSA_AUDIT_POLICY_SUCCESS=1,
162 LSA_AUDIT_POLICY_FAILURE=2,
163 LSA_AUDIT_POLICY_ALL=(LSA_AUDIT_POLICY_SUCCESS|LSA_AUDIT_POLICY_FAILURE),
164 LSA_AUDIT_POLICY_CLEAR=4
165 } lsa_PolicyAuditPolicy;
166
167 typedef enum {
168 LSA_AUDIT_CATEGORY_SYSTEM = 0,
169 LSA_AUDIT_CATEGORY_LOGON = 1,
170 LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS = 2,
171 LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS = 3,
172 LSA_AUDIT_CATEGORY_PROCCESS_TRACKING = 4,
173 LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES = 5,
174 LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT = 6,
175 LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS = 7, /* only in win2k/2k3 */
176 LSA_AUDIT_CATEGORY_ACCOUNT_LOGON = 8 /* only in win2k/2k3 */
177 } lsa_PolicyAuditEventType;
178
179 typedef struct {
180 uint32 auditing_mode;
181 [size_is(count)] lsa_PolicyAuditPolicy *settings;
182 uint32 count;
183 } lsa_AuditEventsInfo;
184
185 typedef struct {
186 lsa_StringLarge name;
187 dom_sid2 *sid;
188 } lsa_DomainInfo;
189
190 typedef struct {
191 lsa_String name;
192 } lsa_PDAccountInfo;
193
194 typedef struct {
195 uint16 unknown; /* an midl padding bug? */
196 uint16 role;
197 } lsa_ServerRole;
198
199 typedef struct {
200 lsa_String source;
201 lsa_String account;
202 } lsa_ReplicaSourceInfo;
203
204 typedef struct {
205 uint32 paged_pool;
206 uint32 non_paged_pool;
207 uint32 min_wss;
208 uint32 max_wss;
209 uint32 pagefile;
210 hyper unknown;
211 } lsa_DefaultQuotaInfo;
212
213 typedef struct {
214 hyper modified_id;
215 NTTIME db_create_time;
216 } lsa_ModificationInfo;
217
218 typedef struct {
219 uint8 shutdown_on_full;
220 } lsa_AuditFullSetInfo;
221
222 typedef struct {
223 uint16 unknown; /* an midl padding bug? */
224 uint8 shutdown_on_full;
225 uint8 log_is_full;
226 } lsa_AuditFullQueryInfo;
227
228 typedef struct {
229 /* it's important that we use the lsa_StringLarge here,
230 * because otherwise windows clients result with such dns hostnames
231 * e.g. w2k3-client.samba4.samba.orgsamba4.samba.org
232 * where it should be
233 * w2k3-client.samba4.samba.org
234 */
235 lsa_StringLarge name;
236 lsa_StringLarge dns_domain;
237 lsa_StringLarge dns_forest;
238 GUID domain_guid;
239 dom_sid2 *sid;
240 } lsa_DnsDomainInfo;
241
242 typedef enum {
243 LSA_POLICY_INFO_AUDIT_LOG=1,
244 LSA_POLICY_INFO_AUDIT_EVENTS=2,
245 LSA_POLICY_INFO_DOMAIN=3,
246 LSA_POLICY_INFO_PD=4,
247 LSA_POLICY_INFO_ACCOUNT_DOMAIN=5,
248 LSA_POLICY_INFO_ROLE=6,
249 LSA_POLICY_INFO_REPLICA=7,
250 LSA_POLICY_INFO_QUOTA=8,
251 LSA_POLICY_INFO_DB=9,
252 LSA_POLICY_INFO_AUDIT_FULL_SET=10,
253 LSA_POLICY_INFO_AUDIT_FULL_QUERY=11,
254 LSA_POLICY_INFO_DNS=12
255 } lsa_PolicyInfo;
256
257 typedef [switch_type(uint16)] union {
258 [case(LSA_POLICY_INFO_AUDIT_LOG)] lsa_AuditLogInfo audit_log;
259 [case(LSA_POLICY_INFO_AUDIT_EVENTS)] lsa_AuditEventsInfo audit_events;
260 [case(LSA_POLICY_INFO_DOMAIN)] lsa_DomainInfo domain;
261 [case(LSA_POLICY_INFO_PD)] lsa_PDAccountInfo pd;
262 [case(LSA_POLICY_INFO_ACCOUNT_DOMAIN)] lsa_DomainInfo account_domain;
263 [case(LSA_POLICY_INFO_ROLE)] lsa_ServerRole role;
264 [case(LSA_POLICY_INFO_REPLICA)] lsa_ReplicaSourceInfo replica;
265 [case(LSA_POLICY_INFO_QUOTA)] lsa_DefaultQuotaInfo quota;
266 [case(LSA_POLICY_INFO_DB)] lsa_ModificationInfo db;
267 [case(LSA_POLICY_INFO_AUDIT_FULL_SET)] lsa_AuditFullSetInfo auditfullset;
268 [case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery;
269 [case(LSA_POLICY_INFO_DNS)] lsa_DnsDomainInfo dns;
270 } lsa_PolicyInformation;
271
272 NTSTATUS lsa_QueryInfoPolicy(
273 [in] policy_handle *handle,
274 [in] lsa_PolicyInfo level,
275 [out,ref,switch_is(level)] lsa_PolicyInformation **info
276 );
277
278 /******************/
279 /* Function: 0x08 */
280 NTSTATUS lsa_SetInfoPolicy (
281 [in] policy_handle *handle,
282 [in] lsa_PolicyInfo level,
283 [in,switch_is(level)] lsa_PolicyInformation *info
284 );
285
286 /******************/
287 /* Function: 0x09 */
288 NTSTATUS lsa_ClearAuditLog ();
289
290 /******************/
291 /* Function: 0x0a */
292 [public] NTSTATUS lsa_CreateAccount (
293 [in] policy_handle *handle,
294 [in,ref] dom_sid2 *sid,
295 [in] uint32 access_mask,
296 [out] policy_handle *acct_handle
297 );
298
299 /******************/
300 /* NOTE: This only returns accounts that have at least
301 one privilege set
302 */
303 /* Function: 0x0b */
304 typedef struct {
305 dom_sid2 *sid;
306 } lsa_SidPtr;
307
308 typedef [public] struct {
309 [range(0,1000)] uint32 num_sids;
310 [size_is(num_sids)] lsa_SidPtr *sids;
311 } lsa_SidArray;
312
313 [public] NTSTATUS lsa_EnumAccounts (
314 [in] policy_handle *handle,
315 [in,out,ref] uint32 *resume_handle,
316 [out,ref] lsa_SidArray *sids,
317 [in,range(0,8192)] uint32 num_entries
318 );
319
320
321 /*************************************************/
322 /* Function: 0x0c */
323
324 [public] NTSTATUS lsa_CreateTrustedDomain(
325 [in] policy_handle *handle,
326 [in] lsa_DomainInfo *info,
327 [in] uint32 access_mask,
328 [out] policy_handle *trustdom_handle
329 );
330
331
332 /******************/
333 /* Function: 0x0d */
334
335 /* w2k3 treats max_size as max_domains*60 */
336 const int LSA_ENUM_TRUST_DOMAIN_MULTIPLIER = 60;
337
338 typedef struct {
339 uint32 count;
340 [size_is(count)] lsa_DomainInfo *domains;
341 } lsa_DomainList;
342
343 NTSTATUS lsa_EnumTrustDom (
344 [in] policy_handle *handle,
345 [in,out,ref] uint32 *resume_handle,
346 [out,ref] lsa_DomainList *domains,
347 [in] uint32 max_size
348 );
349
350
351 /******************/
352 /* Function: 0x0e */
353 typedef enum {
354 SID_NAME_USE_NONE = 0,/* NOTUSED */
355 SID_NAME_USER = 1, /* user */
356 SID_NAME_DOM_GRP = 2, /* domain group */
357 SID_NAME_DOMAIN = 3, /* domain: don't know what this is */
358 SID_NAME_ALIAS = 4, /* local group */
359 SID_NAME_WKN_GRP = 5, /* well-known group */
360 SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
361 SID_NAME_INVALID = 7, /* invalid account */
362 SID_NAME_UNKNOWN = 8, /* oops. */
363 SID_NAME_COMPUTER = 9 /* machine */
364 } lsa_SidType;
365
366 typedef struct {
367 lsa_SidType sid_type;
368 uint32 rid;
369 uint32 sid_index;
370 } lsa_TranslatedSid;
371
372 typedef struct {
373 [range(0,1000)] uint32 count;
374 [size_is(count)] lsa_TranslatedSid *sids;
375 } lsa_TransSidArray;
376
377 const int LSA_REF_DOMAIN_LIST_MULTIPLIER = 32;
378 const int MAX_REF_DOMAINS = LSA_REF_DOMAIN_LIST_MULTIPLIER;
379
380 typedef struct {
381 [range(0,1000)] uint32 count;
382 [size_is(count)] lsa_DomainInfo *domains;
383 uint32 max_size;
384 } lsa_RefDomainList;
385
386 /* Level 1: Ask everywhere
387 * Level 2: Ask domain and trusted domains, no builtin and wkn
388 * Level 3: Only ask domain
389 * Level 4: W2k3ad: Only ask AD trusts
390 * Level 5: Only ask transitive forest trusts
391 * Level 6: Like 4
392 */
393
394 typedef enum {
395 LSA_LOOKUP_NAMES_ALL = 1,
396 LSA_LOOKUP_NAMES_DOMAINS_ONLY = 2,
397 LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY = 3,
398 LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY = 4,
399 LSA_LOOKUP_NAMES_FOREST_TRUSTS_ONLY = 5,
400 LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6
401 } lsa_LookupNamesLevel;
402
403 [public] NTSTATUS lsa_LookupNames (
404 [in] policy_handle *handle,
405 [in,range(0,1000)] uint32 num_names,
406 [in,size_is(num_names)] lsa_String names[],
407 [out,ref] lsa_RefDomainList **domains,
408 [in,out,ref] lsa_TransSidArray *sids,
409 [in] lsa_LookupNamesLevel level,
410 [in,out,ref] uint32 *count
411 );
412
413
414 /******************/
415 /* Function: 0x0f */
416
417 typedef struct {
418 lsa_SidType sid_type;
419 lsa_String name;
420 uint32 sid_index;
421 } lsa_TranslatedName;
422
423 typedef struct {
424 [range(0,1000)] uint32 count;
425 [size_is(count)] lsa_TranslatedName *names;
426 } lsa_TransNameArray;
427
428 /* This number is based on Win2k and later maximum response allowed */
429 const int MAX_LOOKUP_SIDS = 0x5000; /* 20480 */
430
431 [public] NTSTATUS lsa_LookupSids (
432 [in] policy_handle *handle,
433 [in,ref] lsa_SidArray *sids,
434 [out,ref] lsa_RefDomainList **domains,
435 [in,out,ref] lsa_TransNameArray *names,
436 [in] uint16 level,
437 [in,out,ref] uint32 *count
438 );
439
440
441 /* Function: 0x10 */
442 [public] NTSTATUS lsa_CreateSecret(
443 [in] policy_handle *handle,
444 [in] lsa_String name,
445 [in] uint32 access_mask,
446 [out] policy_handle *sec_handle
447 );
448
449
450 /*****************************************/
451 /* Function: 0x11 */
452 NTSTATUS lsa_OpenAccount(
453 [in] policy_handle *handle,
454 [in,ref] dom_sid2 *sid,
455 [in] uint32 access_mask,
456 [out] policy_handle *acct_handle
457 );
458
459
460 /****************************************/
461 /* Function: 0x12 */
462
463 typedef struct {
464 lsa_LUID luid;
465 uint32 attribute;
466 } lsa_LUIDAttribute;
467
468 typedef struct {
469 [range(0,1000)] uint32 count;
470 uint32 unknown;
471 [size_is(count)] lsa_LUIDAttribute set[*];
472 } lsa_PrivilegeSet;
473
474 NTSTATUS lsa_EnumPrivsAccount (
475 [in] policy_handle *handle,
476 [out,ref] lsa_PrivilegeSet **privs
477 );
478
479
480 /****************************************/
481 /* Function: 0x13 */
482 NTSTATUS lsa_AddPrivilegesToAccount(
483 [in] policy_handle *handle,
484 [in,ref] lsa_PrivilegeSet *privs
485 );
486
487
488 /****************************************/
489 /* Function: 0x14 */
490 NTSTATUS lsa_RemovePrivilegesFromAccount(
491 [in] policy_handle *handle,
492 [in] uint8 remove_all,
493 [in,unique] lsa_PrivilegeSet *privs
494 );
495
496 /* Function: 0x15 */
497 NTSTATUS lsa_GetQuotasForAccount();
498
499 /* Function: 0x16 */
500 NTSTATUS lsa_SetQuotasForAccount();
501
502 /* Function: 0x17 */
503 NTSTATUS lsa_GetSystemAccessAccount(
504 [in] policy_handle *handle,
505 [out,ref] uint32 *access_mask
506 );
507
508 /* Function: 0x18 */
509 NTSTATUS lsa_SetSystemAccessAccount(
510 [in] policy_handle *handle,
511 [in] uint32 access_mask
512 );
513
514 /* Function: 0x19 */
515 NTSTATUS lsa_OpenTrustedDomain(
516 [in] policy_handle *handle,
517 [in] dom_sid2 *sid,
518 [in] uint32 access_mask,
519 [out] policy_handle *trustdom_handle
520 );
521
522 typedef [flag(NDR_PAHEX)] struct {
523 uint32 length;
524 uint32 size;
525 [size_is(size),length_is(length)] uint8 *data;
526 } lsa_DATA_BUF;
527
528 typedef [flag(NDR_PAHEX)] struct {
529 [range(0,65536)] uint32 size;
530 [size_is(size)] uint8 *data;
531 } lsa_DATA_BUF2;
532
533 typedef enum {
534 LSA_TRUSTED_DOMAIN_INFO_NAME = 1,
535 LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO = 2,
536 LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3,
537 LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4,
538 LSA_TRUSTED_DOMAIN_INFO_BASIC = 5,
539 LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6,
540 LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7,
541 LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8,
542 LSA_TRUSTED_DOMAIN_INFO_11 = 11,
543 LSA_TRUSTED_DOMAIN_INFO_INFO_ALL = 12
544 } lsa_TrustDomInfoEnum;
545
546 typedef struct {
547 lsa_StringLarge netbios_name;
548 } lsa_TrustDomainInfoName;
549
550 typedef struct {
551 uint32 posix_offset;
552 } lsa_TrustDomainInfoPosixOffset;
553
554 typedef struct {
555 lsa_DATA_BUF *password;
556 lsa_DATA_BUF *old_password;
557 } lsa_TrustDomainInfoPassword;
558
559 typedef struct {
560 lsa_String netbios_name;
561 dom_sid2 *sid;
562 } lsa_TrustDomainInfoBasic;
563
564 typedef struct {
565 lsa_StringLarge domain_name;
566 lsa_StringLarge netbios_name;
567 dom_sid2 *sid;
568 uint32 trust_direction;
569 uint32 trust_type;
570 uint32 trust_attributes;
571 } lsa_TrustDomainInfoInfoEx;
572
573 typedef struct {
574 NTTIME_hyper last_update_time;
575 uint32 secret_type;
576 lsa_DATA_BUF2 data;
577 } lsa_TrustDomainInfoBuffer;
578
579 typedef struct {
580 uint32 incoming_count;
581 lsa_TrustDomainInfoBuffer *incoming_current_auth_info;
582 lsa_TrustDomainInfoBuffer *incoming_previous_auth_info;
583 uint32 outgoing_count;
584 lsa_TrustDomainInfoBuffer *outgoing_current_auth_info;
585 lsa_TrustDomainInfoBuffer *outgoing_previous_auth_info;
586 } lsa_TrustDomainInfoAuthInfo;
587
588 typedef struct {
589 lsa_TrustDomainInfoInfoEx info_ex;
590 lsa_TrustDomainInfoPosixOffset posix_offset;
591 lsa_TrustDomainInfoAuthInfo auth_info;
592 } lsa_TrustDomainInfoFullInfo;
593
594 typedef struct {
595 lsa_TrustDomainInfoInfoEx info_ex;
596 lsa_DATA_BUF2 data1;
597 } lsa_TrustDomainInfo11;
598
599 typedef struct {
600 lsa_TrustDomainInfoInfoEx info_ex;
601 lsa_DATA_BUF2 data1;
602 lsa_TrustDomainInfoPosixOffset posix_offset;
603 lsa_TrustDomainInfoAuthInfo auth_info;
604 } lsa_TrustDomainInfoInfoAll;
605
606 typedef [switch_type(lsa_TrustDomInfoEnum)] union {
607 [case(LSA_TRUSTED_DOMAIN_INFO_NAME)] lsa_TrustDomainInfoName name;
608 [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] lsa_TrustDomainInfoPosixOffset posix_offset;
609 [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)] lsa_TrustDomainInfoPassword password;
610 [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)] lsa_TrustDomainInfoBasic info_basic;
611 [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)] lsa_TrustDomainInfoInfoEx info_ex;
612 [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)] lsa_TrustDomainInfoAuthInfo auth_info;
613 [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)] lsa_TrustDomainInfoFullInfo full_info;
614 [case(LSA_TRUSTED_DOMAIN_INFO_11)] lsa_TrustDomainInfo11 info11;
615 [case(LSA_TRUSTED_DOMAIN_INFO_INFO_ALL)] lsa_TrustDomainInfoInfoAll info_all;
616 } lsa_TrustedDomainInfo;
617
618 /* Function: 0x1a */
619 NTSTATUS lsa_QueryTrustedDomainInfo(
620 [in] policy_handle *trustdom_handle,
621 [in] lsa_TrustDomInfoEnum level,
622 [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
623 );
624
625 /* Function: 0x1b */
626 NTSTATUS lsa_SetInformationTrustedDomain();
627
628 /* Function: 0x1c */
629 [public] NTSTATUS lsa_OpenSecret(
630 [in] policy_handle *handle,
631 [in] lsa_String name,
632 [in] uint32 access_mask,
633 [out] policy_handle *sec_handle
634 );
635
636 /* Function: 0x1d */
637
638 [public] NTSTATUS lsa_SetSecret(
639 [in] policy_handle *sec_handle,
640 [in,unique] lsa_DATA_BUF *new_val,
641 [in,unique] lsa_DATA_BUF *old_val
642 );
643
644 typedef struct {
645 lsa_DATA_BUF *buf;
646 } lsa_DATA_BUF_PTR;
647
648 /* Function: 0x1e */
649 [public] NTSTATUS lsa_QuerySecret (
650 [in] policy_handle *sec_handle,
651 [in,out,unique] lsa_DATA_BUF_PTR *new_val,
652 [in,out,unique] NTTIME_hyper *new_mtime,
653 [in,out,unique] lsa_DATA_BUF_PTR *old_val,
654 [in,out,unique] NTTIME_hyper *old_mtime
655 );
656
657 /* Function: 0x1f */
658 NTSTATUS lsa_LookupPrivValue(
659 [in] policy_handle *handle,
660 [in,ref] lsa_String *name,
661 [out,ref] lsa_LUID *luid
662 );
663
664
665 /* Function: 0x20 */
666 NTSTATUS lsa_LookupPrivName (
667 [in] policy_handle *handle,
668 [in] lsa_LUID *luid,
669 [out,unique] lsa_StringLarge *name
670 );
671
672
673 /*******************/
674 /* Function: 0x21 */
675 NTSTATUS lsa_LookupPrivDisplayName (
676 [in] policy_handle *handle,
677 [in,ref] lsa_String *name,
678 [in] uint16 language_id,
679 [in] uint16 language_id_sys,
680 [out,ref] lsa_StringLarge **disp_name,
681 /* see http://www.microsoft.com/globaldev/nlsweb/ for
682 language definitions */
683 [out,ref] uint16 *returned_language_id
684 );
685
686 /* Function: 0x22 */
687 NTSTATUS lsa_DeleteObject(
688 [in,out] policy_handle *handle
689 );
690
691 /*******************/
692 /* Function: 0x23 */
693 NTSTATUS lsa_EnumAccountsWithUserRight (
694 [in] policy_handle *handle,
695 [in,unique] lsa_String *name,
696 [out] lsa_SidArray *sids
697 );
698
699 /* Function: 0x24 */
700 typedef struct {
701 [string,charset(UTF16)] uint16 *name;
702 } lsa_RightAttribute;
703
704 typedef struct {
705 [range(0,256)] uint32 count;
706 [size_is(count)] lsa_StringLarge *names;
707 } lsa_RightSet;
708
709 NTSTATUS lsa_EnumAccountRights (
710 [in] policy_handle *handle,
711 [in,ref] dom_sid2 *sid,
712 [out,ref] lsa_RightSet *rights
713 );
714
715
716 /**********************/
717 /* Function: 0x25 */
718 NTSTATUS lsa_AddAccountRights (
719 [in] policy_handle *handle,
720 [in,ref] dom_sid2 *sid,
721 [in,ref] lsa_RightSet *rights
722 );
723
724 /**********************/
725 /* Function: 0x26 */
726 NTSTATUS lsa_RemoveAccountRights (
727 [in] policy_handle *handle,
728 [in,ref] dom_sid2 *sid,
729 [in] uint8 remove_all,
730 [in,ref] lsa_RightSet *rights
731 );
732
733 /* Function: 0x27 */
734 NTSTATUS lsa_QueryTrustedDomainInfoBySid(
735 [in] policy_handle *handle,
736 [in] dom_sid2 *dom_sid,
737 [in] lsa_TrustDomInfoEnum level,
738 [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
739 );
740
741 /* Function: 0x28 */
742 NTSTATUS lsa_SetTrustedDomainInfo();
743 /* Function: 0x29 */
744 NTSTATUS lsa_DeleteTrustedDomain(
745 [in] policy_handle *handle,
746 [in] dom_sid2 *dom_sid
747 );
748
749 /* Function: 0x2a */
750 NTSTATUS lsa_StorePrivateData();
751 /* Function: 0x2b */
752 NTSTATUS lsa_RetrievePrivateData();
753
754
755 /**********************/
756 /* Function: 0x2c */
757 [public] NTSTATUS lsa_OpenPolicy2 (
758 [in,unique] [string,charset(UTF16)] uint16 *system_name,
759 [in] lsa_ObjectAttribute *attr,
760 [in] lsa_PolicyAccessMask access_mask,
761 [out] policy_handle *handle
762 );
763
764 /**********************/
765 /* Function: 0x2d */
766 NTSTATUS lsa_GetUserName(
767 [in,unique] [string,charset(UTF16)] uint16 *system_name,
768 [in,out,ref] lsa_String **account_name,
769 [in,out,unique] lsa_String **authority_name
770 );
771
772 /**********************/
773 /* Function: 0x2e */
774
775 NTSTATUS lsa_QueryInfoPolicy2(
776 [in] policy_handle *handle,
777 [in] lsa_PolicyInfo level,
778 [out,ref,switch_is(level)] lsa_PolicyInformation **info
779 );
780
781 /* Function 0x2f */
782 NTSTATUS lsa_SetInfoPolicy2(
783 [in] policy_handle *handle,
784 [in] lsa_PolicyInfo level,
785 [in,switch_is(level)] lsa_PolicyInformation *info
786 );
787
788 /**********************/
789 /* Function 0x30 */
790 NTSTATUS lsa_QueryTrustedDomainInfoByName(
791 [in] policy_handle *handle,
792 [in,ref] lsa_String *trusted_domain,
793 [in] lsa_TrustDomInfoEnum level,
794 [out,ref,switch_is(level)] lsa_TrustedDomainInfo *info
795 );
796
797 /**********************/
798 /* Function 0x31 */
799 NTSTATUS lsa_SetTrustedDomainInfoByName(
800 [in] policy_handle *handle,
801 [in] lsa_String trusted_domain,
802 [in] lsa_TrustDomInfoEnum level,
803 [in,unique,switch_is(level)] lsa_TrustedDomainInfo *info
804 );
805
806 /* Function 0x32 */
807
808 /* w2k3 treats max_size as max_domains*82 */
809 const int LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER = 82;
810
811 typedef struct {
812 uint32 count;
813 [size_is(count)] lsa_TrustDomainInfoInfoEx *domains;
814 } lsa_DomainListEx;
815
816 NTSTATUS lsa_EnumTrustedDomainsEx (
817 [in] policy_handle *handle,
818 [in,out] uint32 *resume_handle,
819 [out] lsa_DomainListEx *domains,
820 [in] uint32 max_size
821 );
822
823
824 /* Function 0x33 */
825 NTSTATUS lsa_CreateTrustedDomainEx();
826
827 /* Function 0x34 */
828 NTSTATUS lsa_CloseTrustedDomainEx(
829 [in,out] policy_handle *handle
830 );
831
832 /* Function 0x35 */
833
834 /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000
835 for unknown6 - gd */
836 typedef struct {
837 uint32 enforce_restrictions;
838 hyper service_tkt_lifetime;
839 hyper user_tkt_lifetime;
840 hyper user_tkt_renewaltime;
841 hyper clock_skew;
842 hyper unknown6;
843 } lsa_DomainInfoKerberos;
844
845 typedef struct {
846 uint32 blob_size;
847 [size_is(blob_size)] uint8 *efs_blob;
848 } lsa_DomainInfoEfs;
849
850 typedef enum {
851 LSA_DOMAIN_INFO_POLICY_EFS=2,
852 LSA_DOMAIN_INFO_POLICY_KERBEROS=3
853 } lsa_DomainInfoEnum;
854
855 typedef [switch_type(uint16)] union {
856 [case(LSA_DOMAIN_INFO_POLICY_EFS)] lsa_DomainInfoEfs efs_info;
857 [case(LSA_DOMAIN_INFO_POLICY_KERBEROS)] lsa_DomainInfoKerberos kerberos_info;
858 } lsa_DomainInformationPolicy;
859
860 NTSTATUS lsa_QueryDomainInformationPolicy(
861 [in] policy_handle *handle,
862 [in] uint16 level,
863 [out,unique,switch_is(level)] lsa_DomainInformationPolicy *info
864 );
865
866 /* Function 0x36 */
867 NTSTATUS lsa_SetDomainInformationPolicy(
868 [in] policy_handle *handle,
869 [in] uint16 level,
870 [in,unique,switch_is(level)] lsa_DomainInformationPolicy *info
871 );
872
873 /**********************/
874 /* Function 0x37 */
875 NTSTATUS lsa_OpenTrustedDomainByName(
876 [in] policy_handle *handle,
877 [in] lsa_String name,
878 [in] uint32 access_mask,
879 [out] policy_handle *trustdom_handle
880 );
881
882 /* Function 0x38 */
883 NTSTATUS lsa_TestCall();
884
885 /**********************/
886 /* Function 0x39 */
887
888 typedef struct {
889 lsa_SidType sid_type;
890 lsa_String name;
891 uint32 sid_index;
892 uint32 unknown;
893 } lsa_TranslatedName2;
894
895 typedef struct {
896 [range(0,1000)] uint32 count;
897 [size_is(count)] lsa_TranslatedName2 *names;
898 } lsa_TransNameArray2;
899
900 [public] NTSTATUS lsa_LookupSids2(
901 [in] policy_handle *handle,
902 [in,ref] lsa_SidArray *sids,
903 [out,ref] lsa_RefDomainList **domains,
904 [in,out,ref] lsa_TransNameArray2 *names,
905 [in] uint16 level,
906 [in,out,ref] uint32 *count,
907 [in] uint32 unknown1,
908 [in] uint32 unknown2
909 );
910
911 /**********************/
912 /* Function 0x3a */
913
914 typedef struct {
915 lsa_SidType sid_type;
916 uint32 rid;
917 uint32 sid_index;
918 uint32 unknown;
919 } lsa_TranslatedSid2;
920
921 typedef struct {
922 [range(0,1000)] uint32 count;
923 [size_is(count)] lsa_TranslatedSid2 *sids;
924 } lsa_TransSidArray2;
925
926 [public] NTSTATUS lsa_LookupNames2 (
927 [in] policy_handle *handle,
928 [in,range(0,1000)] uint32 num_names,
929 [in,size_is(num_names)] lsa_String names[],
930 [out,ref] lsa_RefDomainList **domains,
931 [in,out,ref] lsa_TransSidArray2 *sids,
932 [in] lsa_LookupNamesLevel level,
933 [in,out,ref] uint32 *count,
934 [in] uint32 unknown1,
935 [in] uint32 unknown2
936 );
937
938 /* Function 0x3b */
939 NTSTATUS lsa_CreateTrustedDomainEx2();
940
941 /* Function 0x3c */
942 NTSTATUS lsa_CREDRWRITE();
943
944 /* Function 0x3d */
945 NTSTATUS lsa_CREDRREAD();
946
947 /* Function 0x3e */
948 NTSTATUS lsa_CREDRENUMERATE();
949
950 /* Function 0x3f */
951 NTSTATUS lsa_CREDRWRITEDOMAINCREDENTIALS();
952
953 /* Function 0x40 */
954 NTSTATUS lsa_CREDRREADDOMAINCREDENTIALS();
955
956 /* Function 0x41 */
957 NTSTATUS lsa_CREDRDELETE();
958
959 /* Function 0x42 */
960 NTSTATUS lsa_CREDRGETTARGETINFO();
961
962 /* Function 0x43 */
963 NTSTATUS lsa_CREDRPROFILELOADED();
964
965 /**********************/
966 /* Function 0x44 */
967 typedef struct {
968 lsa_SidType sid_type;
969 dom_sid2 *sid;
970 uint32 sid_index;
971 uint32 unknown;
972 } lsa_TranslatedSid3;
973
974 typedef struct {
975 [range(0,1000)] uint32 count;
976 [size_is(count)] lsa_TranslatedSid3 *sids;
977 } lsa_TransSidArray3;
978
979 [public] NTSTATUS lsa_LookupNames3 (
980 [in] policy_handle *handle,
981 [in,range(0,1000)] uint32 num_names,
982 [in,size_is(num_names)] lsa_String names[],
983 [out,ref] lsa_RefDomainList **domains,
984 [in,out,ref] lsa_TransSidArray3 *sids,
985 [in] lsa_LookupNamesLevel level,
986 [in,out,ref] uint32 *count,
987 [in] uint32 unknown1,
988 [in] uint32 unknown2
989 );
990
991 /* Function 0x45 */
992 NTSTATUS lsa_CREDRGETSESSIONTYPES();
993
994 /* Function 0x46 */
995 NTSTATUS lsa_LSARREGISTERAUDITEVENT();
996
997 /* Function 0x47 */
998 NTSTATUS lsa_LSARGENAUDITEVENT();
999
1000 /* Function 0x48 */
1001 NTSTATUS lsa_LSARUNREGISTERAUDITEVENT();
1002
1003 /* Function 0x49 */
1004 typedef struct {
1005 [range(0,131072)] uint32 length;
1006 [size_is(length)] uint8 *data;
1007 } lsa_ForestTrustBinaryData;
1008
1009 typedef struct {
1010 dom_sid2 *domain_sid;
1011 lsa_StringLarge dns_domain_name;
1012 lsa_StringLarge netbios_domain_name;
1013 } lsa_ForestTrustDomainInfo;
1014
1015 typedef [switch_type(uint32)] union {
1016 [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_String top_level_name;
1017 [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex;
1018 [case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info;
1019 [default] lsa_ForestTrustBinaryData data;
1020 } lsa_ForestTrustData;
1021
1022 typedef [v1_enum] enum {
1023 LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0,
1024 LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1,
1025 LSA_FOREST_TRUST_DOMAIN_INFO = 2,
1026 LSA_FOREST_TRUST_RECORD_TYPE_LAST = 3
1027 } lsa_ForestTrustRecordType;
1028
1029 typedef struct {
1030 uint32 flags;
1031 lsa_ForestTrustRecordType level;
1032 hyper unknown;
1033 [switch_is(level)] lsa_ForestTrustData forest_trust_data;
1034 } lsa_ForestTrustRecord;
1035
1036 typedef [public] struct {
1037 [range(0,4000)] uint32 count;
1038 [size_is(count)] lsa_ForestTrustRecord **entries;
1039 } lsa_ForestTrustInformation;
1040
1041 NTSTATUS lsa_lsaRQueryForestTrustInformation(
1042 [in] policy_handle *handle,
1043 [in,ref] lsa_String *trusted_domain_name,
1044 [in] uint16 unknown, /* level ? */
1045 [out,ref] lsa_ForestTrustInformation **forest_trust_info
1046 );
1047
1048 /* Function 0x4a */
1049 NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION();
1050
1051 /* Function 0x4b */
1052 NTSTATUS lsa_CREDRRENAME();
1053
1054 /*****************/
1055 /* Function 0x4c */
1056
1057 [public] NTSTATUS lsa_LookupSids3(
1058 [in,ref] lsa_SidArray *sids,
1059 [out,ref] lsa_RefDomainList **domains,
1060 [in,out,ref] lsa_TransNameArray2 *names,
1061 [in] uint16 level,
1062 [in,out,ref] uint32 *count,
1063 [in] uint32 unknown1,
1064 [in] uint32 unknown2
1065 );
1066
1067 /* Function 0x4d */
1068 NTSTATUS lsa_LookupNames4(
1069 [in,range(0,1000)] uint32 num_names,
1070 [in,size_is(num_names)] lsa_String names[],
1071 [out,ref] lsa_RefDomainList **domains,
1072 [in,out,ref] lsa_TransSidArray3 *sids,
1073 [in] lsa_LookupNamesLevel level,
1074 [in,out,ref] uint32 *count,
1075 [in] uint32 unknown1,
1076 [in] uint32 unknown2
1077 );
1078
1079 /* Function 0x4e */
1080 NTSTATUS lsa_LSAROPENPOLICYSCE();
1081
1082 /* Function 0x4f */
1083 NTSTATUS lsa_LSARADTREGISTERSECURITYEVENTSOURCE();
1084
1085 /* Function 0x50 */
1086 NTSTATUS lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE();
1087
1088 /* Function 0x51 */
1089 NTSTATUS lsa_LSARADTREPORTSECURITYEVENT();
1090
1091 }
WIP