search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r3804: Add more comparison tests in RPC-SAMSYNC.
[Samba/gebeck_regimport.git] / source4 / librpc / idl / samr.idl
blob80295bb252ebd2929b9d1326a6264f06ba215a55
1 #include "idl_types.h"
2
3 /*
4 samr interface definition
5 */
6
7 /*
8 Thanks to Todd Sabin for some information from his samr.idl in acltools
9 */
10
11 [ uuid("12345778-1234-abcd-ef00-0123456789ac"),
12 version(1.0),
13 endpoint("ncacn_np:[\\pipe\\samr]","ncacn_ip_tcp:", "ncalrpc:"),
14 pointer_default(unique),
15 depends(lsa)
16 ] interface samr
17 {
18 /* account control (acct_flags) bits */
19 const int ACB_DISABLED = 0x0001; /* 1 = User account disabled */
20 const int ACB_HOMDIRREQ = 0x0002; /* 1 = Home directory required */
21 const int ACB_PWNOTREQ = 0x0004; /* 1 = User password not required */
22 const int ACB_TEMPDUP = 0x0008; /* 1 = Temporary duplicate account */
23 const int ACB_NORMAL = 0x0010; /* 1 = Normal user account */
24 const int ACB_MNS = 0x0020; /* 1 = MNS logon user account */
25 const int ACB_DOMTRUST = 0x0040; /* 1 = Interdomain trust account */
26 const int ACB_WSTRUST = 0x0080; /* 1 = Workstation trust account */
27 const int ACB_SVRTRUST = 0x0100; /* 1 = Server trust account */
28 const int ACB_PWNOEXP = 0x0200; /* 1 = User password does not expire */
29 const int ACB_AUTOLOCK = 0x0400; /* 1 = Account auto locked */
30
31
32 /******************/
33 /* Function: 0x00 */
34 NTSTATUS samr_Connect (
35 /* notice the lack of [string] */
36 [in] uint16 *system_name,
37 [in] uint32 access_mask,
38 [out,ref] policy_handle *connect_handle
39 );
40
41
42 /******************/
43 /* Function: 0x01 */
44 NTSTATUS samr_Close (
45 [in,out,ref] policy_handle *handle
46 );
47
48 /******************/
49 /* Function: 0x02 */
50
51 typedef struct {
52 [range(0,0x40000),value(ndr_size_security_descriptor(r->sd))] uint32 sd_size;
53 [subcontext(4)] security_descriptor *sd;
54 } samr_SdBuf;
55
56 NTSTATUS samr_SetSecurity (
57 [in,ref] policy_handle *handle,
58 [in] uint32 sec_info,
59 [in,ref] samr_SdBuf *sdbuf
60 );
61
62 /******************/
63 /* Function: 0x03 */
64
65 NTSTATUS samr_QuerySecurity (
66 [in,ref] policy_handle *handle,
67 [in] uint32 sec_info,
68 [out] samr_SdBuf *sdbuf
69 );
70
71 /******************/
72 /* Function: 0x04 */
73
74 /*
75 shutdown the SAM - once you call this the SAM will be dead
76 */
77 NTSTATUS samr_Shutdown (
78 [in,ref] policy_handle *connect_handle
79 );
80
81 /******************/
82 /* Function: 0x05 */
83 typedef struct {
84 [value(2*strlen_m(r->string))] uint16 length;
85 [value(r->length)] uint16 size;
86 unistr_noterm *string;
87 } samr_String;
88
89 NTSTATUS samr_LookupDomain (
90 [in,ref] policy_handle *connect_handle,
91 [in,ref] samr_String *domain,
92 [out] dom_sid2 *sid
93 );
94
95
96 /******************/
97 /* Function: 0x06 */
98
99 typedef struct {
100 uint32 idx;
101 samr_String name;
102 } samr_SamEntry;
103
104 typedef struct {
105 uint32 count;
106 [size_is(count)] samr_SamEntry *entries;
107 } samr_SamArray;
108
109 NTSTATUS samr_EnumDomains (
110 [in,ref] policy_handle *connect_handle,
111 [in,out,ref] uint32 *resume_handle,
112 [in] uint32 buf_size,
113 [out] samr_SamArray *sam,
114 [out] uint32 num_entries
115 );
116
117
118 /************************/
119 /* Function 0x07 */
120 NTSTATUS samr_OpenDomain(
121 [in,ref] policy_handle *connect_handle,
122 [in] uint32 access_mask,
123 [in,ref] dom_sid2 *sid,
124 [out,ref] policy_handle *domain_handle
125 );
126
127 /************************/
128 /* Function 0x08 */
129
130 typedef struct {
131 uint16 min_password_length;
132 uint16 password_history_length;
133 uint32 password_properties;
134 /* yes, these are signed. They are in negative 100ns */
135 int64 max_password_age;
136 int64 min_password_age;
137 } samr_DomInfo1;
138
139 typedef struct {
140 NTTIME force_logoff_time;
141 samr_String comment;
142 samr_String domain; /* domain name */
143 samr_String primary; /* PDC name if this is a BDC */
144 uint64 sequence_num;
145 uint32 unknown2;
146 uint32 role;
147 uint32 unknown3;
148 uint32 num_users;
149 uint32 num_groups;
150 uint32 num_aliases;
151 } samr_DomInfo2;
152
153 typedef struct {
154 NTTIME force_logoff_time;
155 } samr_DomInfo3;
156
157 typedef struct {
158 samr_String comment;
159 } samr_DomInfo4;
160
161 typedef struct {
162 samr_String domain_name;
163 } samr_DomInfo5;
164
165 typedef struct {
166 samr_String primary;
167 } samr_DomInfo6;
168
169 typedef struct {
170 uint32 role;
171 } samr_DomInfo7;
172
173 typedef struct {
174 HYPER_T sequence_num;
175 NTTIME domain_create_time;
176 } samr_DomInfo8;
177
178 typedef struct {
179 uint32 unknown; /* w2k3 returns 1 */
180 } samr_DomInfo9;
181
182 typedef struct {
183 samr_DomInfo2 info2;
184 HYPER_T lockout_duration;
185 HYPER_T lockout_window;
186 uint16 lockout_threshold;
187 } samr_DomInfo11;
188
189 typedef struct {
190 HYPER_T lockout_duration;
191 HYPER_T lockout_window;
192 uint16 lockout_threshold;
193 } samr_DomInfo12;
194
195 typedef struct {
196 HYPER_T sequence_num;
197 NTTIME domain_create_time;
198 uint32 unknown1;
199 uint32 unknown2;
200 } samr_DomInfo13;
201
202 typedef union {
203 [case(1)] samr_DomInfo1 info1;
204 [case(2)] samr_DomInfo2 info2;
205 [case(3)] samr_DomInfo3 info3;
206 [case(4)] samr_DomInfo4 info4;
207 [case(5)] samr_DomInfo5 info5;
208 [case(6)] samr_DomInfo6 info6;
209 [case(7)] samr_DomInfo7 info7;
210 [case(8)] samr_DomInfo8 info8;
211 [case(9)] samr_DomInfo9 info9;
212 [case(11)] samr_DomInfo11 info11;
213 [case(12)] samr_DomInfo12 info12;
214 [case(13)] samr_DomInfo13 info13;
215 } samr_DomainInfo;
216
217 NTSTATUS samr_QueryDomainInfo(
218 [in,ref] policy_handle *domain_handle,
219 [in] uint16 level,
220 [out,switch_is(level)] samr_DomainInfo *info
221 );
222
223 /************************/
224 /* Function 0x09 */
225 /*
226 only levels 1, 3, 4, 6, 7, 9, 12 are valid for this
227 call in w2k3
228 */
229 NTSTATUS samr_SetDomainInfo(
230 [in,ref] policy_handle *domain_handle,
231 [in] uint16 level,
232 [in,switch_is(level),ref] samr_DomainInfo *info
233 );
234
235
236 /************************/
237 /* Function 0x0a */
238 NTSTATUS samr_CreateDomainGroup(
239 [in,ref] policy_handle *domain_handle,
240 [in,ref] samr_String *name,
241 [in] uint32 access_mask,
242 [out,ref] policy_handle *group_handle,
243 [out,ref] uint32 *rid
244 );
245
246
247 /************************/
248 /* Function 0x0b */
249 NTSTATUS samr_EnumDomainGroups(
250 [in,ref] policy_handle *domain_handle,
251 [in,out,ref] uint32 *resume_handle,
252 [in] uint32 max_size,
253 [out] samr_SamArray *sam,
254 [out] uint32 num_entries
255 );
256
257 /************************/
258 /* Function 0x0c */
259 NTSTATUS samr_CreateUser(
260 [in,ref] policy_handle *domain_handle,
261 [in,ref] samr_String *account_name,
262 [in] uint32 access_mask,
263 [out,ref] policy_handle *user_handle,
264 [out,ref] uint32 *rid
265 );
266
267 /************************/
268 /* Function 0x0d */
269
270
271 /* w2k3 treats max_size as max_users*54 and sets the
272 resume_handle as the rid of the last user sent
273 */
274 const int SAMR_ENUM_USERS_MULTIPLIER = 54;
275
276 NTSTATUS samr_EnumDomainUsers(
277 [in,ref] policy_handle *domain_handle,
278 [in,out,ref] uint32 *resume_handle,
279 [in] uint32 acct_flags,
280 [in] uint32 max_size,
281 [out] samr_SamArray *sam,
282 [out] uint32 num_entries
283 );
284
285 /************************/
286 /* Function 0x0e */
287 NTSTATUS samr_CreateDomAlias(
288 [in,ref] policy_handle *domain_handle,
289 [in,ref] samr_String *aliasname,
290 [in] uint32 access_mask,
291 [out,ref] policy_handle *alias_handle,
292 [out,ref] uint32 *rid
293 );
294
295 /************************/
296 /* Function 0x0f */
297 NTSTATUS samr_EnumDomainAliases(
298 [in,ref] policy_handle *domain_handle,
299 [in,out,ref] uint32 *resume_handle,
300 [in] uint32 acct_flags,
301 [out] samr_SamArray *sam,
302 [out] uint32 num_entries
303 );
304
305 /************************/
306 /* Function 0x10 */
307
308 typedef enum {
309 SID_NAME_USE_NONE = 0,/* NOTUSED */
310 SID_NAME_USER = 1, /* user */
311 SID_NAME_DOM_GRP = 2, /* domain group */
312 SID_NAME_DOMAIN = 3, /* domain: don't know what this is */
313 SID_NAME_ALIAS = 4, /* local group */
314 SID_NAME_WKN_GRP = 5, /* well-known group */
315 SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
316 SID_NAME_INVALID = 7, /* invalid account */
317 SID_NAME_UNKNOWN = 8 /* oops. */
318 } samr_SidType;
319
320 typedef struct {
321 [range(0,1024)] uint32 count;
322 [size_is(count)] uint32 *ids;
323 } samr_Ids;
324
325 NTSTATUS samr_GetAliasMembership(
326 [in,ref] policy_handle *alias_handle,
327 [in,ref] lsa_SidArray *sids,
328 [out] samr_Ids *rids
329 );
330
331 /************************/
332 /* Function 0x11 */
333
334 NTSTATUS samr_LookupNames(
335 [in,ref] policy_handle *domain_handle,
336 [in,range(0,1000)] uint32 num_names,
337 [in,ref,size_is(1000),length_is(num_names)] samr_String *names,
338 [out] samr_Ids rids,
339 [out] samr_Ids types
340 );
341
342
343 /************************/
344 /* Function 0x12 */
345
346 typedef struct {
347 uint32 count;
348 [size_is(count)] samr_String *names;
349 } samr_Strings;
350
351 NTSTATUS samr_LookupRids(
352 [in,ref] policy_handle *domain_handle,
353 [in,range(0,1000)] uint32 num_rids,
354 [in,ref,size_is(1000),length_is(num_rids)] uint32 *rids,
355 [out] samr_Strings names,
356 [out] samr_Ids types
357 );
358
359 /************************/
360 /* Function 0x13 */
361 NTSTATUS samr_OpenGroup(
362 [in,ref] policy_handle *domain_handle,
363 [in] uint32 access_mask,
364 [in] uint32 rid,
365 [out,ref] policy_handle *group_handle
366 );
367
368
369 /************************/
370 /* Function 0x14 */
371
372 typedef struct {
373 samr_String name;
374 uint32 unknown;
375 uint32 num_members;
376 samr_String description;
377 } samr_GroupInfoAll;
378
379 typedef struct {
380 uint32 unknown;
381 } samr_GroupInfoX;
382
383 typedef struct {
384 samr_String description;
385 } samr_GroupInfoDesciption;
386
387 typedef enum {
388 GroupInfoAll = 1,
389 GroupInfoName = 2,
390 GroupInfoX = 3,
391 GroupInfoDescription = 4,
392 GroupInfoAll2 = 5
393 } GroupInfo;
394
395 typedef union {
396 [case(GroupInfoAll)] samr_GroupInfoAll all;
397 [case(GroupInfoName)] samr_String name;
398 [case(GroupInfoX)] samr_GroupInfoX unknown;
399 [case(GroupInfoDescription)] samr_String description;
400 [case(GroupInfoAll2)] samr_GroupInfoAll all2;
401 } samr_GroupInfo;
402
403 NTSTATUS samr_QueryGroupInfo(
404 [in,ref] policy_handle *group_handle,
405 [in] uint16 level,
406 [out,switch_is(level)] samr_GroupInfo *info
407 );
408
409 /************************/
410 /* Function 0x15 */
411 NTSTATUS samr_SetGroupInfo(
412 [in,ref] policy_handle *group_handle,
413 [in] uint16 level,
414 [in,switch_is(level),ref] samr_GroupInfo *info
415 );
416
417 /************************/
418 /* Function 0x16 */
419 NTSTATUS samr_AddGroupMember(
420 [in,ref] policy_handle *group_handle,
421 [in] uint32 rid,
422 [in] uint32 flags
423 );
424
425 /************************/
426 /* Function 0x17 */
427 NTSTATUS samr_DeleteDomainGroup(
428 [in,out,ref] policy_handle *group_handle
429 );
430
431 /************************/
432 /* Function 0x18 */
433 NTSTATUS samr_DeleteGroupMember(
434 [in,ref] policy_handle *group_handle,
435 [in] uint32 rid
436 );
437
438
439 /************************/
440 /* Function 0x19 */
441 typedef struct {
442 uint32 count;
443 [size_is(count)] uint32 *rids;
444 [size_is(count)] uint32 *unknown;
445 } samr_ridArray;
446
447 NTSTATUS samr_QueryGroupMember(
448 [in,ref] policy_handle *group_handle,
449 [out] samr_ridArray *rids
450 );
451
452
453 /************************/
454 /* Function 0x1a */
455
456 /*
457 win2003 seems to accept any data at all for the two integers
458 below, and doesn't seem to do anything with them that I can
459 see. Weird. I really expected the first integer to be a rid
460 and the second to be the attributes for that rid member.
461 */
462 NTSTATUS samr_SetMemberAttributesOfGroup(
463 [in,ref] policy_handle *group_handle,
464 [in] uint32 unknown1,
465 [in] uint32 unknown2
466 );
467
468
469 /************************/
470 /* Function 0x1b */
471 NTSTATUS samr_OpenAlias (
472 [in,ref] policy_handle *domain_handle,
473 [in] uint32 access_mask,
474 [in] uint32 rid,
475 [out,ref] policy_handle *alias_handle
476 );
477
478
479 /************************/
480 /* Function 0x1c */
481
482 typedef struct {
483 samr_String name;
484 uint32 num_members;
485 samr_String description;
486 } samr_AliasInfoAll;
487
488 typedef union {
489 [case(1)] samr_AliasInfoAll all;
490 [case(2)] samr_String name;
491 [case(3)] samr_String description;
492 } samr_AliasInfo;
493
494 NTSTATUS samr_QueryAliasInfo(
495 [in,ref] policy_handle *alias_handle,
496 [in] uint16 level,
497 [out,switch_is(level)] samr_AliasInfo *info
498 );
499
500 /************************/
501 /* Function 0x1d */
502 NTSTATUS samr_SetAliasInfo(
503 [in,ref] policy_handle *alias_handle,
504 [in] uint16 level,
505 [in,switch_is(level)] samr_AliasInfo info
506 );
507
508 /************************/
509 /* Function 0x1e */
510 NTSTATUS samr_DeleteDomAlias(
511 [in,out,ref] policy_handle *alias_handle
512 );
513
514 /************************/
515 /* Function 0x1f */
516 NTSTATUS samr_AddAliasMember(
517 [in,ref] policy_handle *alias_handle,
518 [in,ref] dom_sid2 *sid
519 );
520
521 /************************/
522 /* Function 0x20 */
523 NTSTATUS samr_DeleteAliasMember(
524 [in,ref] policy_handle *alias_handle,
525 [in,ref] dom_sid2 *sid
526 );
527
528 /************************/
529 /* Function 0x21 */
530 NTSTATUS samr_GetMembersInAlias(
531 [in,ref] policy_handle *alias_handle,
532 [out,ref] lsa_SidArray *sids
533 );
534
535 /************************/
536 /* Function 0x22 */
537 NTSTATUS samr_OpenUser(
538 [in,ref] policy_handle *domain_handle,
539 [in] uint32 access_mask,
540 [in] uint32 rid,
541 [out,ref] policy_handle *user_handle
542 );
543
544 /************************/
545 /* Function 0x23 */
546 NTSTATUS samr_DeleteUser(
547 [in,out,ref] policy_handle *user_handle
548 );
549
550 /************************/
551 /* Function 0x24 */
552 typedef struct {
553 samr_String account_name;
554 samr_String full_name;
555 uint32 primary_gid;
556 samr_String description;
557 samr_String comment;
558 } samr_UserInfo1;
559
560 typedef struct {
561 samr_String comment;
562 samr_String unknown; /* settable, but doesn't stick. probably obsolete */
563 uint16 country_code;
564 uint16 code_page;
565 } samr_UserInfo2;
566
567 /* this is also used in samr and netlogon */
568 typedef [public, flag(NDR_PAHEX)] struct {
569 uint16 units_per_week;
570 [size_is(1260), length_is(units_per_week/8)] uint8 *bitmap;
571 } samr_LogonHours;
572
573 typedef struct {
574 samr_String account_name;
575 samr_String full_name;
576 uint32 rid;
577 uint32 primary_gid;
578 samr_String home_directory;
579 samr_String home_drive;
580 samr_String logon_script;
581 samr_String profile_path;
582 samr_String workstations;
583 NTTIME last_logon;
584 NTTIME last_logoff;
585 NTTIME last_password_change;
586 NTTIME allow_password_change;
587 NTTIME force_password_change;
588 samr_LogonHours logon_hours;
589 uint16 bad_password_count;
590 uint16 logon_count;
591 uint32 acct_flags;
592 } samr_UserInfo3;
593
594 typedef struct {
595 samr_LogonHours logon_hours;
596 } samr_UserInfo4;
597
598 typedef struct {
599 samr_String account_name;
600 samr_String full_name;
601 uint32 rid;
602 uint32 primary_gid;
603 samr_String home_directory;
604 samr_String home_drive;
605 samr_String logon_script;
606 samr_String profile_path;
607 samr_String description;
608 samr_String workstations;
609 NTTIME last_logon;
610 NTTIME last_logoff;
611 samr_LogonHours logon_hours;
612 uint16 bad_password_count;
613 uint16 logon_count;
614 NTTIME last_password_change;
615 NTTIME acct_expiry;
616 uint32 acct_flags;
617 } samr_UserInfo5;
618
619 typedef struct {
620 samr_String account_name;
621 samr_String full_name;
622 } samr_UserInfo6;
623
624 typedef struct {
625 samr_String account_name;
626 } samr_UserInfo7;
627
628 typedef struct {
629 samr_String full_name;
630 } samr_UserInfo8;
631
632 typedef struct {
633 uint32 primary_gid;
634 } samr_UserInfo9;
635
636 typedef struct {
637 samr_String home_directory;
638 samr_String home_drive;
639 } samr_UserInfo10;
640
641 typedef struct {
642 samr_String logon_script;
643 } samr_UserInfo11;
644
645 typedef struct {
646 samr_String profile_path;
647 } samr_UserInfo12;
648
649 typedef struct {
650 samr_String description;
651 } samr_UserInfo13;
652
653 typedef struct {
654 samr_String workstations;
655 } samr_UserInfo14;
656
657 typedef struct {
658 uint32 acct_flags;
659 } samr_UserInfo16;
660
661 typedef struct {
662 NTTIME acct_expiry;
663 } samr_UserInfo17;
664
665 typedef struct {
666 samr_String parameters;
667 } samr_UserInfo20;
668
669 /* this defines the bits used for fields_present in info21 */
670 const int SAMR_FIELD_NAME = 0x00000002;
671 const int SAMR_FIELD_DESCRIPTION = 0x00000010;
672 const int SAMR_FIELD_COMMENT = 0x00000020;
673 const int SAMR_FIELD_LOGON_SCRIPT = 0x00000100;
674 const int SAMR_FIELD_PROFILE_PATH = 0x00000200;
675 const int SAMR_FIELD_WORKSTATION = 0x00000400;
676 const int SAMR_FIELD_LOGON_HOURS = 0x00002000;
677 const int SAMR_FIELD_ACCT_FLAGS = 0x00100000;
678 const int SAMR_FIELD_PARAMETERS = 0x00200000;
679 const int SAMR_FIELD_COUNTRY_CODE = 0x00400000;
680 const int SAMR_FIELD_CODE_PAGE = 0x00800000;
681 const int SAMR_FIELD_PASSWORD = 0x01000000; /* either of these */
682 const int SAMR_FIELD_PASSWORD2 = 0x02000000; /* two bits seems to work */
683
684 typedef struct {
685 NTTIME last_logon;
686 NTTIME last_logoff;
687 NTTIME last_password_change;
688 NTTIME acct_expiry;
689 NTTIME allow_password_change;
690 NTTIME force_password_change;
691 samr_String account_name;
692 samr_String full_name;
693 samr_String home_directory;
694 samr_String home_drive;
695 samr_String logon_script;
696 samr_String profile_path;
697 samr_String description;
698 samr_String workstations;
699 samr_String comment;
700 samr_String parameters;
701 samr_String unknown1;
702 samr_String unknown2;
703 samr_String unknown3;
704 uint32 buf_count;
705 [size_is(buf_count)] uint8 *buffer;
706 uint32 rid;
707 uint32 primary_gid;
708 uint32 acct_flags;
709 uint32 fields_present;
710 samr_LogonHours logon_hours;
711 uint16 bad_password_count;
712 uint16 logon_count;
713 uint16 country_code;
714 uint16 code_page;
715 uint8 nt_password_set;
716 uint8 lm_password_set;
717 uint8 password_expired;
718 uint8 unknown4;
719 } samr_UserInfo21;
720
721 typedef [flag(NDR_PAHEX)] struct {
722 uint8 data[516];
723 } samr_CryptPassword;
724
725 typedef struct {
726 samr_UserInfo21 info;
727 samr_CryptPassword password;
728 } samr_UserInfo23;
729
730 typedef struct {
731 samr_CryptPassword password;
732 uint16 pw_len;
733 } samr_UserInfo24;
734
735 typedef [flag(NDR_PAHEX)] struct {
736 uint8 data[532];
737 } samr_CryptPasswordEx;
738
739 typedef struct {
740 samr_UserInfo21 info;
741 samr_CryptPasswordEx password;
742 } samr_UserInfo25;
743
744 typedef struct {
745 samr_CryptPasswordEx password;
746 uint8 pw_len;
747 } samr_UserInfo26;
748
749 typedef union {
750 [case(1)] samr_UserInfo1 info1;
751 [case(2)] samr_UserInfo2 info2;
752 [case(3)] samr_UserInfo3 info3;
753 [case(4)] samr_UserInfo4 info4;
754 [case(5)] samr_UserInfo5 info5;
755 [case(6)] samr_UserInfo6 info6;
756 [case(7)] samr_UserInfo7 info7;
757 [case(8)] samr_UserInfo8 info8;
758 [case(9)] samr_UserInfo9 info9;
759 [case(10)] samr_UserInfo10 info10;
760 [case(11)] samr_UserInfo11 info11;
761 [case(12)] samr_UserInfo12 info12;
762 [case(13)] samr_UserInfo13 info13;
763 [case(14)] samr_UserInfo14 info14;
764 [case(16)] samr_UserInfo16 info16;
765 [case(17)] samr_UserInfo17 info17;
766 [case(20)] samr_UserInfo20 info20;
767 [case(21)] samr_UserInfo21 info21;
768 [case(23)] samr_UserInfo23 info23;
769 [case(24)] samr_UserInfo24 info24;
770 [case(25)] samr_UserInfo25 info25;
771 [case(26)] samr_UserInfo26 info26;
772 } samr_UserInfo;
773
774 NTSTATUS samr_QueryUserInfo(
775 [in,ref] policy_handle *user_handle,
776 [in] uint16 level,
777 [out,switch_is(level)] samr_UserInfo *info
778 );
779
780
781 /************************/
782 /* Function 0x25 */
783 NTSTATUS samr_SetUserInfo(
784 [in,ref] policy_handle *user_handle,
785 [in] uint16 level,
786 [in,ref,switch_is(level)] samr_UserInfo *info
787 );
788
789 /************************/
790 /* Function 0x26 */
791
792 /*
793 this is a password change interface that doesn't give
794 the server the plaintext password. Depricated.
795 */
796 NTSTATUS samr_ChangePasswordUser(
797 [in,ref] policy_handle *user_handle,
798 [in] bool8 lm_present,
799 [in] samr_Password *old_lm_crypted,
800 [in] samr_Password *new_lm_crypted,
801 [in] bool8 nt_present,
802 [in] samr_Password *old_nt_crypted,
803 [in] samr_Password *new_nt_crypted,
804 [in] bool8 cross1_present,
805 [in] samr_Password *nt_cross,
806 [in] bool8 cross2_present,
807 [in] samr_Password *lm_cross
808 );
809
810 /************************/
811 /* Function 0x27 */
812
813 typedef struct {
814 uint32 rid;
815 uint32 type;
816 } samr_RidType;
817
818 typedef struct {
819 uint32 count;
820 [size_is(count)] samr_RidType *rid;
821 } samr_RidArray;
822
823 NTSTATUS samr_GetGroupsForUser(
824 [in,ref] policy_handle *user_handle,
825 [out] samr_RidArray *rids
826 );
827
828 /************************/
829 /* Function 0x28 */
830
831 typedef struct {
832 uint32 idx;
833 uint32 rid;
834 uint32 acct_flags;
835 samr_String account_name;
836 samr_String full_name;
837 samr_String description;
838 } samr_DispEntryGeneral;
839
840 typedef struct {
841 uint32 count;
842 [size_is(count)] samr_DispEntryGeneral *entries;
843 } samr_DispInfoGeneral;
844
845 typedef struct {
846 uint32 idx;
847 uint32 rid;
848 uint32 acct_flags;
849 samr_String account_name;
850 samr_String description;
851 } samr_DispEntryFull;
852
853 typedef struct {
854 uint32 count;
855 [size_is(count)] samr_DispEntryFull *entries;
856 } samr_DispInfoFull;
857
858 typedef struct {
859 [value(strlen_m(r->string))] uint16 length;
860 [value(strlen_m(r->string))] uint16 size;
861 ascstr_noterm *string;
862 } samr_AsciiName;
863
864 typedef struct {
865 uint32 idx;
866 samr_AsciiName account_name;
867 } samr_DispEntryAscii;
868
869 typedef struct {
870 uint32 count;
871 [size_is(count)] samr_DispEntryAscii *entries;
872 } samr_DispInfoAscii;
873
874 typedef union {
875 [case(1)] samr_DispInfoGeneral info1;/* users */
876 [case(2)] samr_DispInfoFull info2; /* trust accounts? */
877 [case(3)] samr_DispInfoFull info3; /* groups */
878 [case(4)] samr_DispInfoAscii info4; /* users */
879 [case(5)] samr_DispInfoAscii info5; /* groups */
880 } samr_DispInfo;
881
882 NTSTATUS samr_QueryDisplayInfo(
883 [in,ref] policy_handle *domain_handle,
884 [in] uint16 level,
885 [in] uint32 start_idx,
886 [in] uint32 max_entries,
887 [in] uint32 buf_size,
888 [out] uint32 total_size,
889 [out] uint32 returned_size,
890 [out,switch_is(level)] samr_DispInfo info
891 );
892
893
894 /************************/
895 /* Function 0x29 */
896
897 /*
898 this seems to be an alphabetic search function. The returned index
899 is the index for samr_QueryDisplayInfo needed to get names occurring
900 after the specified name. The supplied name does not need to exist
901 in the database (for example you can supply just a first letter for
902 searching starting at that letter)
903
904 The level corresponds to the samr_QueryDisplayInfo level
905 */
906 NTSTATUS samr_GetDisplayEnumerationIndex(
907 [in,ref] policy_handle *domain_handle,
908 [in] uint16 level,
909 [in] samr_String name,
910 [out] uint32 idx
911 );
912
913
914
915 /************************/
916 /* Function 0x2a */
917
918 /*
919 w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
920 */
921 NTSTATUS samr_TestPrivateFunctionsDomain(
922 [in,ref] policy_handle *domain_handle
923 );
924
925
926 /************************/
927 /* Function 0x2b */
928
929 /*
930 w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
931 */
932 NTSTATUS samr_TestPrivateFunctionsUser(
933 [in,ref] policy_handle *user_handle
934 );
935
936
937 /************************/
938 /* Function 0x2c */
939
940 /* password properties flags */
941 const uint32 DOMAIN_PASSWORD_COMPLEX = 0x00000001;
942 const uint32 DOMAIN_PASSWORD_NO_ANON_CHANGE = 0x00000002;
943 const uint32 DOMAIN_PASSWORD_NO_CLEAR_CHANGE = 0x00000004;
944 const uint32 DOMAIN_PASSWORD_STORE_CLEARTEXT = 0x00000010;
945 const uint32 DOMAIN_REFUSE_PASSWORD_CHANGE = 0x00000020;
946
947 typedef struct {
948 uint16 min_password_length;
949 uint32 password_properties;
950 } samr_PwInfo;
951
952 NTSTATUS samr_GetUserPwInfo(
953 [in,ref] policy_handle *user_handle,
954 [out] samr_PwInfo info
955 );
956
957 /************************/
958 /* Function 0x2d */
959 NTSTATUS samr_RemoveMemberFromForeignDomain(
960 [in,ref] policy_handle *domain_handle,
961 [in,ref] dom_sid2 *sid
962 );
963
964 /************************/
965 /* Function 0x2e */
966
967 /*
968 how is this different from QueryDomainInfo ??
969 */
970 NTSTATUS samr_QueryDomainInfo2(
971 [in,ref] policy_handle *domain_handle,
972 [in] uint16 level,
973 [out,switch_is(level)] samr_DomainInfo *info
974 );
975
976 /************************/
977 /* Function 0x2f */
978
979 /*
980 how is this different from QueryUserInfo ??
981 */
982 NTSTATUS samr_QueryUserInfo2(
983 [in,ref] policy_handle *user_handle,
984 [in] uint16 level,
985 [out,switch_is(level)] samr_UserInfo *info
986 );
987
988 /************************/
989 /* Function 0x30 */
990
991 /*
992 how is this different from QueryDisplayInfo??
993 */
994 NTSTATUS samr_QueryDisplayInfo2(
995 [in,ref] policy_handle *domain_handle,
996 [in] uint16 level,
997 [in] uint32 start_idx,
998 [in] uint32 max_entries,
999 [in] uint32 buf_size,
1000 [out] uint32 total_size,
1001 [out] uint32 returned_size,
1002 [out,switch_is(level)] samr_DispInfo info
1003 );
1004
1005 /************************/
1006 /* Function 0x31 */
1007
1008 /*
1009 how is this different from GetDisplayEnumerationIndex ??
1010 */
1011 NTSTATUS samr_GetDisplayEnumerationIndex2(
1012 [in,ref] policy_handle *domain_handle,
1013 [in] uint16 level,
1014 [in] samr_String name,
1015 [out] uint32 idx
1016 );
1017
1018
1019 /************************/
1020 /* Function 0x32 */
1021 NTSTATUS samr_CreateUser2(
1022 [in,ref] policy_handle *domain_handle,
1023 [in,ref] samr_String *account_name,
1024 [in] uint32 acct_flags,
1025 [in] uint32 access_mask,
1026 [out,ref] policy_handle *user_handle,
1027 [out,ref] uint32 *access_granted,
1028 [out,ref] uint32 *rid
1029 );
1030
1031
1032 /************************/
1033 /* Function 0x33 */
1034
1035 /*
1036 another duplicate. There must be a reason ....
1037 */
1038 NTSTATUS samr_QueryDisplayInfo3(
1039 [in,ref] policy_handle *domain_handle,
1040 [in] uint16 level,
1041 [in] uint32 start_idx,
1042 [in] uint32 max_entries,
1043 [in] uint32 buf_size,
1044 [out] uint32 total_size,
1045 [out] uint32 returned_size,
1046 [out,switch_is(level)] samr_DispInfo info
1047 );
1048
1049 /************************/
1050 /* Function 0x34 */
1051 NTSTATUS samr_AddMultipleMembersToAlias(
1052 [in,ref] policy_handle *alias_handle,
1053 [in,ref] lsa_SidArray *sids
1054 );
1055
1056 /************************/
1057 /* Function 0x35 */
1058 NTSTATUS samr_RemoveMultipleMembersFromAlias(
1059 [in,ref] policy_handle *alias_handle,
1060 [in,ref] lsa_SidArray *sids
1061 );
1062
1063 /************************/
1064 /* Function 0x36 */
1065
1066 NTSTATUS samr_OemChangePasswordUser2(
1067 [in] samr_AsciiName *server,
1068 [in,ref] samr_AsciiName *account,
1069 [in] samr_CryptPassword *password,
1070 [in] samr_Password *hash
1071 );
1072
1073 /************************/
1074 /* Function 0x37 */
1075 NTSTATUS samr_ChangePasswordUser2(
1076 [in] samr_String *server,
1077 [in,ref] samr_String *account,
1078 [in] samr_CryptPassword *nt_password,
1079 [in] samr_Password *nt_verifier,
1080 [in] bool8 lm_change,
1081 [in] samr_CryptPassword *lm_password,
1082 [in] samr_Password *lm_verifier
1083 );
1084
1085 /************************/
1086 /* Function 0x38 */
1087 NTSTATUS samr_GetDomPwInfo(
1088 [in] samr_String *name,
1089 [out] samr_PwInfo info
1090 );
1091
1092 /************************/
1093 /* Function 0x39 */
1094 NTSTATUS samr_Connect2(
1095 [in] unistr *system_name,
1096 [in] uint32 access_mask,
1097 [out,ref] policy_handle *connect_handle
1098 );
1099
1100 /************************/
1101 /* Function 0x3a */
1102 /*
1103 seems to be an exact alias for samr_SetUserInfo()
1104 */
1105 NTSTATUS samr_SetUserInfo2(
1106 [in,ref] policy_handle *user_handle,
1107 [in] uint16 level,
1108 [in,ref,switch_is(level)] samr_UserInfo *info
1109 );
1110
1111 /************************/
1112 /* Function 0x3b */
1113 /*
1114 this one is mysterious. I have a few guesses, but nothing working yet
1115 */
1116 NTSTATUS samr_SetBootKeyInformation(
1117 [in,ref] policy_handle *connect_handle,
1118 [in] uint32 unknown1,
1119 [in] uint32 unknown2,
1120 [in] uint32 unknown3
1121 );
1122
1123 /************************/
1124 /* Function 0x3c */
1125 NTSTATUS samr_GetBootKeyInformation(
1126 [in,ref] policy_handle *domain_handle,
1127 [out] uint32 unknown
1128 );
1129
1130 /************************/
1131 /* Function 0x3d */
1132 NTSTATUS samr_Connect3(
1133 [in] unistr *system_name,
1134 /* this unknown value seems to be completely ignored by w2k3 */
1135 [in] uint32 unknown,
1136 [in] uint32 access_mask,
1137 [out,ref] policy_handle *connect_handle
1138 );
1139
1140 /************************/
1141 /* Function 0x3e */
1142 NTSTATUS samr_Connect4(
1143 [in] unistr *system_name,
1144 [in] uint32 unknown,
1145 [in] uint32 access_mask,
1146 [out,ref] policy_handle *connect_handle
1147 );
1148
1149 /************************/
1150 /* Function 0x3f */
1151
1152 const int SAMR_REJECT_OTHER = 0;
1153 const int SAMR_REJECT_TOO_SHORT = 1;
1154 const int SAMR_REJECT_COMPLEXITY = 2;
1155
1156 typedef struct {
1157 uint32 reason;
1158 uint32 unknown1;
1159 uint32 unknown2;
1160 } samr_ChangeReject;
1161
1162 NTSTATUS samr_ChangePasswordUser3(
1163 [in] samr_String *server,
1164 [in,ref] samr_String *account,
1165 [in] samr_CryptPassword *nt_password,
1166 [in] samr_Password *nt_verifier,
1167 [in] bool8 lm_change,
1168 [in] samr_CryptPassword *lm_password,
1169 [in] samr_Password *lm_verifier,
1170 [in] samr_CryptPassword *password3,
1171 [out] samr_DomInfo1 *dominfo,
1172 [out] samr_ChangeReject *reject
1173 );
1174
1175 /************************/
1176 /* Function 0x40 */
1177
1178 typedef struct {
1179 uint32 unknown1; /* w2k3 gives 3 */
1180 uint32 unknown2; /* w2k3 gives 0 */
1181 } samr_ConnectInfo1;
1182
1183 typedef union {
1184 [case(1)] samr_ConnectInfo1 info1;
1185 } samr_ConnectInfo;
1186
1187 NTSTATUS samr_Connect5(
1188 [in] unistr *system_name,
1189 [in] uint32 access_mask,
1190 [in,out] uint32 level,
1191 [in,out,switch_is(level),ref] samr_ConnectInfo *info,
1192 [out,ref] policy_handle *connect_handle
1193 );
1194
1195 /************************/
1196 /* Function 0x41 */
1197 NTSTATUS samr_RidToSid(
1198 [in,ref] policy_handle *domain_handle,
1199 [in] uint32 rid,
1200 [out] dom_sid2 *sid
1201 );
1202
1203
1204 /************************/
1205 /* Function 0x42 */
1206
1207 /*
1208 this should set the DSRM password for the server, which is used
1209 when booting into Directory Services Recovery Mode on a DC. Win2003
1210 gives me NT_STATUS_NOT_SUPPORTED
1211 */
1212
1213 NTSTATUS samr_SetDsrmPassword(
1214 [in] samr_String *name,
1215 [in] uint32 unknown,
1216 [in] samr_Password *hash
1217 );
1218
1219
1220 /************************/
1221 /* Function 0x43 */
1222 /*
1223 I haven't been able to work out the format of this one yet.
1224 Seems to start with a switch level for a union?
1225 */
1226 NTSTATUS samr_ValidatePassword();
1227 }
reg import