search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r4532: - rename bitmap -> bits
[Samba/gebeck_regimport.git] / source4 / librpc / idl / samr.idl
blob95f5fdbd0e25b792008edb34f69127a8dfaf63ac
1 #include "idl_types.h"
2
3 /*
4 samr interface definition
5 */
6
7 /*
8 Thanks to Todd Sabin for some information from his samr.idl in acltools
9 */
10
11 [ uuid("12345778-1234-abcd-ef00-0123456789ac"),
12 version(1.0),
13 endpoint("ncacn_np:[\\pipe\\samr]","ncacn_ip_tcp:", "ncalrpc:"),
14 pointer_default(unique),
15 depends(lsa,security)
16 ] interface samr
17 {
18 /* account control (acct_flags) bits */
19 const int ACB_DISABLED = 0x0001; /* 1 = User account disabled */
20 const int ACB_HOMDIRREQ = 0x0002; /* 1 = Home directory required */
21 const int ACB_PWNOTREQ = 0x0004; /* 1 = User password not required */
22 const int ACB_TEMPDUP = 0x0008; /* 1 = Temporary duplicate account */
23 const int ACB_NORMAL = 0x0010; /* 1 = Normal user account */
24 const int ACB_MNS = 0x0020; /* 1 = MNS logon user account */
25 const int ACB_DOMTRUST = 0x0040; /* 1 = Interdomain trust account */
26 const int ACB_WSTRUST = 0x0080; /* 1 = Workstation trust account */
27 const int ACB_SVRTRUST = 0x0100; /* 1 = Server trust account */
28 const int ACB_PWNOEXP = 0x0200; /* 1 = User password does not expire */
29 const int ACB_AUTOLOCK = 0x0400; /* 1 = Account auto locked */
30
31
32 /******************/
33 /* Function: 0x00 */
34 NTSTATUS samr_Connect (
35 /* notice the lack of [string] */
36 [in] uint16 *system_name,
37 [in] uint32 access_mask,
38 [out,ref] policy_handle *connect_handle
39 );
40
41
42 /******************/
43 /* Function: 0x01 */
44 NTSTATUS samr_Close (
45 [in,out,ref] policy_handle *handle
46 );
47
48 /******************/
49 /* Function: 0x02 */
50
51 NTSTATUS samr_SetSecurity (
52 [in,ref] policy_handle *handle,
53 [in] uint32 sec_info,
54 [in,ref] sec_desc_buf *sdbuf
55 );
56
57 /******************/
58 /* Function: 0x03 */
59
60 NTSTATUS samr_QuerySecurity (
61 [in,ref] policy_handle *handle,
62 [in] uint32 sec_info,
63 [out] sec_desc_buf *sdbuf
64 );
65
66 /******************/
67 /* Function: 0x04 */
68
69 /*
70 shutdown the SAM - once you call this the SAM will be dead
71 */
72 NTSTATUS samr_Shutdown (
73 [in,ref] policy_handle *connect_handle
74 );
75
76 /******************/
77 /* Function: 0x05 */
78 typedef struct {
79 [value(2*strlen_m(r->string))] uint16 length;
80 [value(r->length)] uint16 size;
81 unistr_noterm *string;
82 } samr_String;
83
84 NTSTATUS samr_LookupDomain (
85 [in,ref] policy_handle *connect_handle,
86 [in,ref] samr_String *domain,
87 [out] dom_sid2 *sid
88 );
89
90
91 /******************/
92 /* Function: 0x06 */
93
94 typedef struct {
95 uint32 idx;
96 samr_String name;
97 } samr_SamEntry;
98
99 typedef struct {
100 uint32 count;
101 [size_is(count)] samr_SamEntry *entries;
102 } samr_SamArray;
103
104 NTSTATUS samr_EnumDomains (
105 [in,ref] policy_handle *connect_handle,
106 [in,out,ref] uint32 *resume_handle,
107 [in] uint32 buf_size,
108 [out] samr_SamArray *sam,
109 [out] uint32 num_entries
110 );
111
112
113 /************************/
114 /* Function 0x07 */
115 NTSTATUS samr_OpenDomain(
116 [in,ref] policy_handle *connect_handle,
117 [in] uint32 access_mask,
118 [in,ref] dom_sid2 *sid,
119 [out,ref] policy_handle *domain_handle
120 );
121
122 /************************/
123 /* Function 0x08 */
124
125 typedef struct {
126 uint16 min_password_length;
127 uint16 password_history_length;
128 uint32 password_properties;
129 /* yes, these are signed. They are in negative 100ns */
130 int64 max_password_age;
131 int64 min_password_age;
132 } samr_DomInfo1;
133
134 typedef struct {
135 NTTIME force_logoff_time;
136 samr_String comment;
137 samr_String domain; /* domain name */
138 samr_String primary; /* PDC name if this is a BDC */
139 uint64 sequence_num;
140 uint32 unknown2;
141 uint32 role;
142 uint32 unknown3;
143 uint32 num_users;
144 uint32 num_groups;
145 uint32 num_aliases;
146 } samr_DomInfo2;
147
148 typedef struct {
149 NTTIME force_logoff_time;
150 } samr_DomInfo3;
151
152 typedef struct {
153 samr_String comment;
154 } samr_DomInfo4;
155
156 typedef struct {
157 samr_String domain_name;
158 } samr_DomInfo5;
159
160 typedef struct {
161 samr_String primary;
162 } samr_DomInfo6;
163
164 typedef struct {
165 uint32 role;
166 } samr_DomInfo7;
167
168 typedef struct {
169 HYPER_T sequence_num;
170 NTTIME domain_create_time;
171 } samr_DomInfo8;
172
173 typedef struct {
174 uint32 unknown; /* w2k3 returns 1 */
175 } samr_DomInfo9;
176
177 typedef struct {
178 samr_DomInfo2 info2;
179 HYPER_T lockout_duration;
180 HYPER_T lockout_window;
181 uint16 lockout_threshold;
182 } samr_DomInfo11;
183
184 typedef struct {
185 HYPER_T lockout_duration;
186 HYPER_T lockout_window;
187 uint16 lockout_threshold;
188 } samr_DomInfo12;
189
190 typedef struct {
191 HYPER_T sequence_num;
192 NTTIME domain_create_time;
193 uint32 unknown1;
194 uint32 unknown2;
195 } samr_DomInfo13;
196
197 typedef union {
198 [case(1)] samr_DomInfo1 info1;
199 [case(2)] samr_DomInfo2 info2;
200 [case(3)] samr_DomInfo3 info3;
201 [case(4)] samr_DomInfo4 info4;
202 [case(5)] samr_DomInfo5 info5;
203 [case(6)] samr_DomInfo6 info6;
204 [case(7)] samr_DomInfo7 info7;
205 [case(8)] samr_DomInfo8 info8;
206 [case(9)] samr_DomInfo9 info9;
207 [case(11)] samr_DomInfo11 info11;
208 [case(12)] samr_DomInfo12 info12;
209 [case(13)] samr_DomInfo13 info13;
210 } samr_DomainInfo;
211
212 NTSTATUS samr_QueryDomainInfo(
213 [in,ref] policy_handle *domain_handle,
214 [in] uint16 level,
215 [out,switch_is(level)] samr_DomainInfo *info
216 );
217
218 /************************/
219 /* Function 0x09 */
220 /*
221 only levels 1, 3, 4, 6, 7, 9, 12 are valid for this
222 call in w2k3
223 */
224 NTSTATUS samr_SetDomainInfo(
225 [in,ref] policy_handle *domain_handle,
226 [in] uint16 level,
227 [in,switch_is(level),ref] samr_DomainInfo *info
228 );
229
230
231 /************************/
232 /* Function 0x0a */
233 NTSTATUS samr_CreateDomainGroup(
234 [in,ref] policy_handle *domain_handle,
235 [in,ref] samr_String *name,
236 [in] uint32 access_mask,
237 [out,ref] policy_handle *group_handle,
238 [out,ref] uint32 *rid
239 );
240
241
242 /************************/
243 /* Function 0x0b */
244 NTSTATUS samr_EnumDomainGroups(
245 [in,ref] policy_handle *domain_handle,
246 [in,out,ref] uint32 *resume_handle,
247 [in] uint32 max_size,
248 [out] samr_SamArray *sam,
249 [out] uint32 num_entries
250 );
251
252 /************************/
253 /* Function 0x0c */
254 NTSTATUS samr_CreateUser(
255 [in,ref] policy_handle *domain_handle,
256 [in,ref] samr_String *account_name,
257 [in] uint32 access_mask,
258 [out,ref] policy_handle *user_handle,
259 [out,ref] uint32 *rid
260 );
261
262 /************************/
263 /* Function 0x0d */
264
265
266 /* w2k3 treats max_size as max_users*54 and sets the
267 resume_handle as the rid of the last user sent
268 */
269 const int SAMR_ENUM_USERS_MULTIPLIER = 54;
270
271 NTSTATUS samr_EnumDomainUsers(
272 [in,ref] policy_handle *domain_handle,
273 [in,out,ref] uint32 *resume_handle,
274 [in] uint32 acct_flags,
275 [in] uint32 max_size,
276 [out] samr_SamArray *sam,
277 [out] uint32 num_entries
278 );
279
280 /************************/
281 /* Function 0x0e */
282 NTSTATUS samr_CreateDomAlias(
283 [in,ref] policy_handle *domain_handle,
284 [in,ref] samr_String *aliasname,
285 [in] uint32 access_mask,
286 [out,ref] policy_handle *alias_handle,
287 [out,ref] uint32 *rid
288 );
289
290 /************************/
291 /* Function 0x0f */
292 NTSTATUS samr_EnumDomainAliases(
293 [in,ref] policy_handle *domain_handle,
294 [in,out,ref] uint32 *resume_handle,
295 [in] uint32 acct_flags,
296 [out] samr_SamArray *sam,
297 [out] uint32 num_entries
298 );
299
300 /************************/
301 /* Function 0x10 */
302
303 typedef enum {
304 SID_NAME_USE_NONE = 0,/* NOTUSED */
305 SID_NAME_USER = 1, /* user */
306 SID_NAME_DOM_GRP = 2, /* domain group */
307 SID_NAME_DOMAIN = 3, /* domain: don't know what this is */
308 SID_NAME_ALIAS = 4, /* local group */
309 SID_NAME_WKN_GRP = 5, /* well-known group */
310 SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
311 SID_NAME_INVALID = 7, /* invalid account */
312 SID_NAME_UNKNOWN = 8 /* oops. */
313 } samr_SidType;
314
315 typedef struct {
316 [range(0,1024)] uint32 count;
317 [size_is(count)] uint32 *ids;
318 } samr_Ids;
319
320 NTSTATUS samr_GetAliasMembership(
321 [in,ref] policy_handle *domain_handle,
322 [in,ref] lsa_SidArray *sids,
323 [out,ref] samr_Ids *rids
324 );
325
326 /************************/
327 /* Function 0x11 */
328
329 NTSTATUS samr_LookupNames(
330 [in,ref] policy_handle *domain_handle,
331 [in,range(0,1000)] uint32 num_names,
332 [in,ref,size_is(1000),length_is(num_names)] samr_String *names,
333 [out] samr_Ids rids,
334 [out] samr_Ids types
335 );
336
337
338 /************************/
339 /* Function 0x12 */
340
341 typedef struct {
342 uint32 count;
343 [size_is(count)] samr_String *names;
344 } samr_Strings;
345
346 NTSTATUS samr_LookupRids(
347 [in,ref] policy_handle *domain_handle,
348 [in,range(0,1000)] uint32 num_rids,
349 [in,ref,size_is(1000),length_is(num_rids)] uint32 *rids,
350 [out] samr_Strings names,
351 [out] samr_Ids types
352 );
353
354 /************************/
355 /* Function 0x13 */
356 NTSTATUS samr_OpenGroup(
357 [in,ref] policy_handle *domain_handle,
358 [in] uint32 access_mask,
359 [in] uint32 rid,
360 [out,ref] policy_handle *group_handle
361 );
362
363
364 /************************/
365 /* Function 0x14 */
366
367 typedef struct {
368 samr_String name;
369 uint32 attributes;
370 uint32 num_members;
371 samr_String description;
372 } samr_GroupInfoAll;
373
374 typedef struct {
375 uint32 unknown;
376 } samr_GroupInfoX;
377
378 typedef struct {
379 samr_String description;
380 } samr_GroupInfoDesciption;
381
382 typedef enum {
383 GroupInfoAll = 1,
384 GroupInfoName = 2,
385 GroupInfoX = 3,
386 GroupInfoDescription = 4,
387 GroupInfoAll2 = 5
388 } GroupInfo;
389
390 typedef union {
391 [case(GroupInfoAll)] samr_GroupInfoAll all;
392 [case(GroupInfoName)] samr_String name;
393 [case(GroupInfoX)] samr_GroupInfoX unknown;
394 [case(GroupInfoDescription)] samr_String description;
395 [case(GroupInfoAll2)] samr_GroupInfoAll all2;
396 } samr_GroupInfo;
397
398 NTSTATUS samr_QueryGroupInfo(
399 [in,ref] policy_handle *group_handle,
400 [in] GroupInfo level,
401 [out,switch_is(level)] samr_GroupInfo *info
402 );
403
404 /************************/
405 /* Function 0x15 */
406 NTSTATUS samr_SetGroupInfo(
407 [in,ref] policy_handle *group_handle,
408 [in] GroupInfo level,
409 [in,switch_is(level),ref] samr_GroupInfo *info
410 );
411
412 /************************/
413 /* Function 0x16 */
414 NTSTATUS samr_AddGroupMember(
415 [in,ref] policy_handle *group_handle,
416 [in] uint32 rid,
417 [in] uint32 flags
418 );
419
420 /************************/
421 /* Function 0x17 */
422 NTSTATUS samr_DeleteDomainGroup(
423 [in,out,ref] policy_handle *group_handle
424 );
425
426 /************************/
427 /* Function 0x18 */
428 NTSTATUS samr_DeleteGroupMember(
429 [in,ref] policy_handle *group_handle,
430 [in] uint32 rid
431 );
432
433
434 /************************/
435 /* Function 0x19 */
436 typedef struct {
437 uint32 count;
438 [size_is(count)] uint32 *rids;
439 [size_is(count)] uint32 *unknown;
440 } samr_ridArray;
441
442 NTSTATUS samr_QueryGroupMember(
443 [in,ref] policy_handle *group_handle,
444 [out] samr_ridArray *rids
445 );
446
447
448 /************************/
449 /* Function 0x1a */
450
451 /*
452 win2003 seems to accept any data at all for the two integers
453 below, and doesn't seem to do anything with them that I can
454 see. Weird. I really expected the first integer to be a rid
455 and the second to be the attributes for that rid member.
456 */
457 NTSTATUS samr_SetMemberAttributesOfGroup(
458 [in,ref] policy_handle *group_handle,
459 [in] uint32 unknown1,
460 [in] uint32 unknown2
461 );
462
463
464 /************************/
465 /* Function 0x1b */
466 NTSTATUS samr_OpenAlias (
467 [in,ref] policy_handle *domain_handle,
468 [in] uint32 access_mask,
469 [in] uint32 rid,
470 [out,ref] policy_handle *alias_handle
471 );
472
473
474 /************************/
475 /* Function 0x1c */
476
477 typedef struct {
478 samr_String name;
479 uint32 num_members;
480 samr_String description;
481 } samr_AliasInfoAll;
482
483 typedef enum {
484 AliasInfoAll = 1,
485 AliasInfoName = 2,
486 AliasInfoDescription = 3
487 } AliasInfo;
488
489 typedef union {
490 [case(AliasInfoAll)] samr_AliasInfoAll all;
491 [case(AliasInfoName)] samr_String name;
492 [case(AliasInfoDescription)] samr_String description;
493 } samr_AliasInfo;
494
495 NTSTATUS samr_QueryAliasInfo(
496 [in,ref] policy_handle *alias_handle,
497 [in] AliasInfo level,
498 [out,switch_is(level)] samr_AliasInfo *info
499 );
500
501 /************************/
502 /* Function 0x1d */
503 NTSTATUS samr_SetAliasInfo(
504 [in,ref] policy_handle *alias_handle,
505 [in] AliasInfo level,
506 [in,switch_is(level),ref] samr_AliasInfo *info
507 );
508
509 /************************/
510 /* Function 0x1e */
511 NTSTATUS samr_DeleteDomAlias(
512 [in,out,ref] policy_handle *alias_handle
513 );
514
515 /************************/
516 /* Function 0x1f */
517 NTSTATUS samr_AddAliasMember(
518 [in,ref] policy_handle *alias_handle,
519 [in,ref] dom_sid2 *sid
520 );
521
522 /************************/
523 /* Function 0x20 */
524 NTSTATUS samr_DeleteAliasMember(
525 [in,ref] policy_handle *alias_handle,
526 [in,ref] dom_sid2 *sid
527 );
528
529 /************************/
530 /* Function 0x21 */
531 NTSTATUS samr_GetMembersInAlias(
532 [in,ref] policy_handle *alias_handle,
533 [out,ref] lsa_SidArray *sids
534 );
535
536 /************************/
537 /* Function 0x22 */
538 NTSTATUS samr_OpenUser(
539 [in,ref] policy_handle *domain_handle,
540 [in] uint32 access_mask,
541 [in] uint32 rid,
542 [out,ref] policy_handle *user_handle
543 );
544
545 /************************/
546 /* Function 0x23 */
547 NTSTATUS samr_DeleteUser(
548 [in,out,ref] policy_handle *user_handle
549 );
550
551 /************************/
552 /* Function 0x24 */
553 typedef struct {
554 samr_String account_name;
555 samr_String full_name;
556 uint32 primary_gid;
557 samr_String description;
558 samr_String comment;
559 } samr_UserInfo1;
560
561 typedef struct {
562 samr_String comment;
563 samr_String unknown; /* settable, but doesn't stick. probably obsolete */
564 uint16 country_code;
565 uint16 code_page;
566 } samr_UserInfo2;
567
568 /* this is also used in samr and netlogon */
569 typedef [public, flag(NDR_PAHEX)] struct {
570 uint16 units_per_week;
571 [size_is(1260), length_is(units_per_week/8)] uint8 *bits;
572 } samr_LogonHours;
573
574 typedef struct {
575 samr_String account_name;
576 samr_String full_name;
577 uint32 rid;
578 uint32 primary_gid;
579 samr_String home_directory;
580 samr_String home_drive;
581 samr_String logon_script;
582 samr_String profile_path;
583 samr_String workstations;
584 NTTIME last_logon;
585 NTTIME last_logoff;
586 NTTIME last_password_change;
587 NTTIME allow_password_change;
588 NTTIME force_password_change;
589 samr_LogonHours logon_hours;
590 uint16 bad_password_count;
591 uint16 logon_count;
592 uint32 acct_flags;
593 } samr_UserInfo3;
594
595 typedef struct {
596 samr_LogonHours logon_hours;
597 } samr_UserInfo4;
598
599 typedef struct {
600 samr_String account_name;
601 samr_String full_name;
602 uint32 rid;
603 uint32 primary_gid;
604 samr_String home_directory;
605 samr_String home_drive;
606 samr_String logon_script;
607 samr_String profile_path;
608 samr_String description;
609 samr_String workstations;
610 NTTIME last_logon;
611 NTTIME last_logoff;
612 samr_LogonHours logon_hours;
613 uint16 bad_password_count;
614 uint16 logon_count;
615 NTTIME last_password_change;
616 NTTIME acct_expiry;
617 uint32 acct_flags;
618 } samr_UserInfo5;
619
620 typedef struct {
621 samr_String account_name;
622 samr_String full_name;
623 } samr_UserInfo6;
624
625 typedef struct {
626 samr_String account_name;
627 } samr_UserInfo7;
628
629 typedef struct {
630 samr_String full_name;
631 } samr_UserInfo8;
632
633 typedef struct {
634 uint32 primary_gid;
635 } samr_UserInfo9;
636
637 typedef struct {
638 samr_String home_directory;
639 samr_String home_drive;
640 } samr_UserInfo10;
641
642 typedef struct {
643 samr_String logon_script;
644 } samr_UserInfo11;
645
646 typedef struct {
647 samr_String profile_path;
648 } samr_UserInfo12;
649
650 typedef struct {
651 samr_String description;
652 } samr_UserInfo13;
653
654 typedef struct {
655 samr_String workstations;
656 } samr_UserInfo14;
657
658 typedef struct {
659 uint32 acct_flags;
660 } samr_UserInfo16;
661
662 typedef struct {
663 NTTIME acct_expiry;
664 } samr_UserInfo17;
665
666 typedef struct {
667 samr_String parameters;
668 } samr_UserInfo20;
669
670 /* this defines the bits used for fields_present in info21 */
671 const int SAMR_FIELD_NAME = 0x00000002;
672 const int SAMR_FIELD_DESCRIPTION = 0x00000010;
673 const int SAMR_FIELD_COMMENT = 0x00000020;
674 const int SAMR_FIELD_LOGON_SCRIPT = 0x00000100;
675 const int SAMR_FIELD_PROFILE_PATH = 0x00000200;
676 const int SAMR_FIELD_WORKSTATION = 0x00000400;
677 const int SAMR_FIELD_LOGON_HOURS = 0x00002000;
678 const int SAMR_FIELD_ACCT_FLAGS = 0x00100000;
679 const int SAMR_FIELD_PARAMETERS = 0x00200000;
680 const int SAMR_FIELD_COUNTRY_CODE = 0x00400000;
681 const int SAMR_FIELD_CODE_PAGE = 0x00800000;
682 const int SAMR_FIELD_PASSWORD = 0x01000000; /* either of these */
683 const int SAMR_FIELD_PASSWORD2 = 0x02000000; /* two bits seems to work */
684
685 typedef struct {
686 NTTIME last_logon;
687 NTTIME last_logoff;
688 NTTIME last_password_change;
689 NTTIME acct_expiry;
690 NTTIME allow_password_change;
691 NTTIME force_password_change;
692 samr_String account_name;
693 samr_String full_name;
694 samr_String home_directory;
695 samr_String home_drive;
696 samr_String logon_script;
697 samr_String profile_path;
698 samr_String description;
699 samr_String workstations;
700 samr_String comment;
701 samr_String parameters;
702 samr_String unknown1;
703 samr_String unknown2;
704 samr_String unknown3;
705 uint32 buf_count;
706 [size_is(buf_count)] uint8 *buffer;
707 uint32 rid;
708 uint32 primary_gid;
709 uint32 acct_flags;
710 uint32 fields_present;
711 samr_LogonHours logon_hours;
712 uint16 bad_password_count;
713 uint16 logon_count;
714 uint16 country_code;
715 uint16 code_page;
716 uint8 nt_password_set;
717 uint8 lm_password_set;
718 uint8 password_expired;
719 uint8 unknown4;
720 } samr_UserInfo21;
721
722 typedef [flag(NDR_PAHEX)] struct {
723 uint8 data[516];
724 } samr_CryptPassword;
725
726 typedef struct {
727 samr_UserInfo21 info;
728 samr_CryptPassword password;
729 } samr_UserInfo23;
730
731 typedef struct {
732 samr_CryptPassword password;
733 uint16 pw_len;
734 } samr_UserInfo24;
735
736 typedef [flag(NDR_PAHEX)] struct {
737 uint8 data[532];
738 } samr_CryptPasswordEx;
739
740 typedef struct {
741 samr_UserInfo21 info;
742 samr_CryptPasswordEx password;
743 } samr_UserInfo25;
744
745 typedef struct {
746 samr_CryptPasswordEx password;
747 uint8 pw_len;
748 } samr_UserInfo26;
749
750 typedef union {
751 [case(1)] samr_UserInfo1 info1;
752 [case(2)] samr_UserInfo2 info2;
753 [case(3)] samr_UserInfo3 info3;
754 [case(4)] samr_UserInfo4 info4;
755 [case(5)] samr_UserInfo5 info5;
756 [case(6)] samr_UserInfo6 info6;
757 [case(7)] samr_UserInfo7 info7;
758 [case(8)] samr_UserInfo8 info8;
759 [case(9)] samr_UserInfo9 info9;
760 [case(10)] samr_UserInfo10 info10;
761 [case(11)] samr_UserInfo11 info11;
762 [case(12)] samr_UserInfo12 info12;
763 [case(13)] samr_UserInfo13 info13;
764 [case(14)] samr_UserInfo14 info14;
765 [case(16)] samr_UserInfo16 info16;
766 [case(17)] samr_UserInfo17 info17;
767 [case(20)] samr_UserInfo20 info20;
768 [case(21)] samr_UserInfo21 info21;
769 [case(23)] samr_UserInfo23 info23;
770 [case(24)] samr_UserInfo24 info24;
771 [case(25)] samr_UserInfo25 info25;
772 [case(26)] samr_UserInfo26 info26;
773 } samr_UserInfo;
774
775 NTSTATUS samr_QueryUserInfo(
776 [in,ref] policy_handle *user_handle,
777 [in] uint16 level,
778 [out,switch_is(level)] samr_UserInfo *info
779 );
780
781
782 /************************/
783 /* Function 0x25 */
784 NTSTATUS samr_SetUserInfo(
785 [in,ref] policy_handle *user_handle,
786 [in] uint16 level,
787 [in,ref,switch_is(level)] samr_UserInfo *info
788 );
789
790 /************************/
791 /* Function 0x26 */
792
793 /*
794 this is a password change interface that doesn't give
795 the server the plaintext password. Depricated.
796 */
797 NTSTATUS samr_ChangePasswordUser(
798 [in,ref] policy_handle *user_handle,
799 [in] bool8 lm_present,
800 [in] samr_Password *old_lm_crypted,
801 [in] samr_Password *new_lm_crypted,
802 [in] bool8 nt_present,
803 [in] samr_Password *old_nt_crypted,
804 [in] samr_Password *new_nt_crypted,
805 [in] bool8 cross1_present,
806 [in] samr_Password *nt_cross,
807 [in] bool8 cross2_present,
808 [in] samr_Password *lm_cross
809 );
810
811 /************************/
812 /* Function 0x27 */
813
814 typedef struct {
815 uint32 rid;
816 uint32 type;
817 } samr_RidType;
818
819 typedef struct {
820 uint32 count;
821 [size_is(count)] samr_RidType *rid;
822 } samr_RidArray;
823
824 NTSTATUS samr_GetGroupsForUser(
825 [in,ref] policy_handle *user_handle,
826 [out] samr_RidArray *rids
827 );
828
829 /************************/
830 /* Function 0x28 */
831
832 typedef struct {
833 uint32 idx;
834 uint32 rid;
835 uint32 acct_flags;
836 samr_String account_name;
837 samr_String full_name;
838 samr_String description;
839 } samr_DispEntryGeneral;
840
841 typedef struct {
842 uint32 count;
843 [size_is(count)] samr_DispEntryGeneral *entries;
844 } samr_DispInfoGeneral;
845
846 typedef struct {
847 uint32 idx;
848 uint32 rid;
849 uint32 acct_flags;
850 samr_String account_name;
851 samr_String description;
852 } samr_DispEntryFull;
853
854 typedef struct {
855 uint32 count;
856 [size_is(count)] samr_DispEntryFull *entries;
857 } samr_DispInfoFull;
858
859 typedef struct {
860 [value(strlen_m(r->string))] uint16 length;
861 [value(strlen_m(r->string))] uint16 size;
862 ascstr_noterm *string;
863 } samr_AsciiName;
864
865 typedef struct {
866 uint32 idx;
867 samr_AsciiName account_name;
868 } samr_DispEntryAscii;
869
870 typedef struct {
871 uint32 count;
872 [size_is(count)] samr_DispEntryAscii *entries;
873 } samr_DispInfoAscii;
874
875 typedef union {
876 [case(1)] samr_DispInfoGeneral info1;/* users */
877 [case(2)] samr_DispInfoFull info2; /* trust accounts? */
878 [case(3)] samr_DispInfoFull info3; /* groups */
879 [case(4)] samr_DispInfoAscii info4; /* users */
880 [case(5)] samr_DispInfoAscii info5; /* groups */
881 } samr_DispInfo;
882
883 NTSTATUS samr_QueryDisplayInfo(
884 [in,ref] policy_handle *domain_handle,
885 [in] uint16 level,
886 [in] uint32 start_idx,
887 [in] uint32 max_entries,
888 [in] uint32 buf_size,
889 [out] uint32 total_size,
890 [out] uint32 returned_size,
891 [out,switch_is(level)] samr_DispInfo info
892 );
893
894
895 /************************/
896 /* Function 0x29 */
897
898 /*
899 this seems to be an alphabetic search function. The returned index
900 is the index for samr_QueryDisplayInfo needed to get names occurring
901 after the specified name. The supplied name does not need to exist
902 in the database (for example you can supply just a first letter for
903 searching starting at that letter)
904
905 The level corresponds to the samr_QueryDisplayInfo level
906 */
907 NTSTATUS samr_GetDisplayEnumerationIndex(
908 [in,ref] policy_handle *domain_handle,
909 [in] uint16 level,
910 [in] samr_String name,
911 [out] uint32 idx
912 );
913
914
915
916 /************************/
917 /* Function 0x2a */
918
919 /*
920 w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
921 */
922 NTSTATUS samr_TestPrivateFunctionsDomain(
923 [in,ref] policy_handle *domain_handle
924 );
925
926
927 /************************/
928 /* Function 0x2b */
929
930 /*
931 w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this
932 */
933 NTSTATUS samr_TestPrivateFunctionsUser(
934 [in,ref] policy_handle *user_handle
935 );
936
937
938 /************************/
939 /* Function 0x2c */
940
941 /* password properties flags */
942 const uint32 DOMAIN_PASSWORD_COMPLEX = 0x00000001;
943 const uint32 DOMAIN_PASSWORD_NO_ANON_CHANGE = 0x00000002;
944 const uint32 DOMAIN_PASSWORD_NO_CLEAR_CHANGE = 0x00000004;
945 const uint32 DOMAIN_PASSWORD_STORE_CLEARTEXT = 0x00000010;
946 const uint32 DOMAIN_REFUSE_PASSWORD_CHANGE = 0x00000020;
947
948 typedef struct {
949 uint16 min_password_length;
950 uint32 password_properties;
951 } samr_PwInfo;
952
953 NTSTATUS samr_GetUserPwInfo(
954 [in,ref] policy_handle *user_handle,
955 [out] samr_PwInfo info
956 );
957
958 /************************/
959 /* Function 0x2d */
960 NTSTATUS samr_RemoveMemberFromForeignDomain(
961 [in,ref] policy_handle *domain_handle,
962 [in,ref] dom_sid2 *sid
963 );
964
965 /************************/
966 /* Function 0x2e */
967
968 /*
969 how is this different from QueryDomainInfo ??
970 */
971 NTSTATUS samr_QueryDomainInfo2(
972 [in,ref] policy_handle *domain_handle,
973 [in] uint16 level,
974 [out,switch_is(level)] samr_DomainInfo *info
975 );
976
977 /************************/
978 /* Function 0x2f */
979
980 /*
981 how is this different from QueryUserInfo ??
982 */
983 NTSTATUS samr_QueryUserInfo2(
984 [in,ref] policy_handle *user_handle,
985 [in] uint16 level,
986 [out,switch_is(level)] samr_UserInfo *info
987 );
988
989 /************************/
990 /* Function 0x30 */
991
992 /*
993 how is this different from QueryDisplayInfo??
994 */
995 NTSTATUS samr_QueryDisplayInfo2(
996 [in,ref] policy_handle *domain_handle,
997 [in] uint16 level,
998 [in] uint32 start_idx,
999 [in] uint32 max_entries,
1000 [in] uint32 buf_size,
1001 [out] uint32 total_size,
1002 [out] uint32 returned_size,
1003 [out,switch_is(level)] samr_DispInfo info
1004 );
1005
1006 /************************/
1007 /* Function 0x31 */
1008
1009 /*
1010 how is this different from GetDisplayEnumerationIndex ??
1011 */
1012 NTSTATUS samr_GetDisplayEnumerationIndex2(
1013 [in,ref] policy_handle *domain_handle,
1014 [in] uint16 level,
1015 [in] samr_String name,
1016 [out] uint32 idx
1017 );
1018
1019
1020 /************************/
1021 /* Function 0x32 */
1022 NTSTATUS samr_CreateUser2(
1023 [in,ref] policy_handle *domain_handle,
1024 [in,ref] samr_String *account_name,
1025 [in] uint32 acct_flags,
1026 [in] uint32 access_mask,
1027 [out,ref] policy_handle *user_handle,
1028 [out,ref] uint32 *access_granted,
1029 [out,ref] uint32 *rid
1030 );
1031
1032
1033 /************************/
1034 /* Function 0x33 */
1035
1036 /*
1037 another duplicate. There must be a reason ....
1038 */
1039 NTSTATUS samr_QueryDisplayInfo3(
1040 [in,ref] policy_handle *domain_handle,
1041 [in] uint16 level,
1042 [in] uint32 start_idx,
1043 [in] uint32 max_entries,
1044 [in] uint32 buf_size,
1045 [out] uint32 total_size,
1046 [out] uint32 returned_size,
1047 [out,switch_is(level)] samr_DispInfo info
1048 );
1049
1050 /************************/
1051 /* Function 0x34 */
1052 NTSTATUS samr_AddMultipleMembersToAlias(
1053 [in,ref] policy_handle *alias_handle,
1054 [in,ref] lsa_SidArray *sids
1055 );
1056
1057 /************************/
1058 /* Function 0x35 */
1059 NTSTATUS samr_RemoveMultipleMembersFromAlias(
1060 [in,ref] policy_handle *alias_handle,
1061 [in,ref] lsa_SidArray *sids
1062 );
1063
1064 /************************/
1065 /* Function 0x36 */
1066
1067 NTSTATUS samr_OemChangePasswordUser2(
1068 [in] samr_AsciiName *server,
1069 [in,ref] samr_AsciiName *account,
1070 [in] samr_CryptPassword *password,
1071 [in] samr_Password *hash
1072 );
1073
1074 /************************/
1075 /* Function 0x37 */
1076 NTSTATUS samr_ChangePasswordUser2(
1077 [in] samr_String *server,
1078 [in,ref] samr_String *account,
1079 [in] samr_CryptPassword *nt_password,
1080 [in] samr_Password *nt_verifier,
1081 [in] bool8 lm_change,
1082 [in] samr_CryptPassword *lm_password,
1083 [in] samr_Password *lm_verifier
1084 );
1085
1086 /************************/
1087 /* Function 0x38 */
1088 NTSTATUS samr_GetDomPwInfo(
1089 [in] samr_String *name,
1090 [out] samr_PwInfo info
1091 );
1092
1093 /************************/
1094 /* Function 0x39 */
1095 NTSTATUS samr_Connect2(
1096 [in] unistr *system_name,
1097 [in] uint32 access_mask,
1098 [out,ref] policy_handle *connect_handle
1099 );
1100
1101 /************************/
1102 /* Function 0x3a */
1103 /*
1104 seems to be an exact alias for samr_SetUserInfo()
1105 */
1106 NTSTATUS samr_SetUserInfo2(
1107 [in,ref] policy_handle *user_handle,
1108 [in] uint16 level,
1109 [in,ref,switch_is(level)] samr_UserInfo *info
1110 );
1111
1112 /************************/
1113 /* Function 0x3b */
1114 /*
1115 this one is mysterious. I have a few guesses, but nothing working yet
1116 */
1117 NTSTATUS samr_SetBootKeyInformation(
1118 [in,ref] policy_handle *connect_handle,
1119 [in] uint32 unknown1,
1120 [in] uint32 unknown2,
1121 [in] uint32 unknown3
1122 );
1123
1124 /************************/
1125 /* Function 0x3c */
1126 NTSTATUS samr_GetBootKeyInformation(
1127 [in,ref] policy_handle *domain_handle,
1128 [out] uint32 unknown
1129 );
1130
1131 /************************/
1132 /* Function 0x3d */
1133 NTSTATUS samr_Connect3(
1134 [in] unistr *system_name,
1135 /* this unknown value seems to be completely ignored by w2k3 */
1136 [in] uint32 unknown,
1137 [in] uint32 access_mask,
1138 [out,ref] policy_handle *connect_handle
1139 );
1140
1141 /************************/
1142 /* Function 0x3e */
1143 NTSTATUS samr_Connect4(
1144 [in] unistr *system_name,
1145 [in] uint32 unknown,
1146 [in] uint32 access_mask,
1147 [out,ref] policy_handle *connect_handle
1148 );
1149
1150 /************************/
1151 /* Function 0x3f */
1152
1153 const int SAMR_REJECT_OTHER = 0;
1154 const int SAMR_REJECT_TOO_SHORT = 1;
1155 const int SAMR_REJECT_COMPLEXITY = 2;
1156
1157 typedef struct {
1158 uint32 reason;
1159 uint32 unknown1;
1160 uint32 unknown2;
1161 } samr_ChangeReject;
1162
1163 NTSTATUS samr_ChangePasswordUser3(
1164 [in] samr_String *server,
1165 [in,ref] samr_String *account,
1166 [in] samr_CryptPassword *nt_password,
1167 [in] samr_Password *nt_verifier,
1168 [in] bool8 lm_change,
1169 [in] samr_CryptPassword *lm_password,
1170 [in] samr_Password *lm_verifier,
1171 [in] samr_CryptPassword *password3,
1172 [out] samr_DomInfo1 *dominfo,
1173 [out] samr_ChangeReject *reject
1174 );
1175
1176 /************************/
1177 /* Function 0x40 */
1178
1179 typedef struct {
1180 uint32 unknown1; /* w2k3 gives 3 */
1181 uint32 unknown2; /* w2k3 gives 0 */
1182 } samr_ConnectInfo1;
1183
1184 typedef union {
1185 [case(1)] samr_ConnectInfo1 info1;
1186 } samr_ConnectInfo;
1187
1188 NTSTATUS samr_Connect5(
1189 [in] unistr *system_name,
1190 [in] uint32 access_mask,
1191 [in,out] uint32 level,
1192 [in,out,switch_is(level),ref] samr_ConnectInfo *info,
1193 [out,ref] policy_handle *connect_handle
1194 );
1195
1196 /************************/
1197 /* Function 0x41 */
1198 NTSTATUS samr_RidToSid(
1199 [in,ref] policy_handle *domain_handle,
1200 [in] uint32 rid,
1201 [out] dom_sid2 *sid
1202 );
1203
1204
1205 /************************/
1206 /* Function 0x42 */
1207
1208 /*
1209 this should set the DSRM password for the server, which is used
1210 when booting into Directory Services Recovery Mode on a DC. Win2003
1211 gives me NT_STATUS_NOT_SUPPORTED
1212 */
1213
1214 NTSTATUS samr_SetDsrmPassword(
1215 [in] samr_String *name,
1216 [in] uint32 unknown,
1217 [in] samr_Password *hash
1218 );
1219
1220
1221 /************************/
1222 /* Function 0x43 */
1223 /*
1224 I haven't been able to work out the format of this one yet.
1225 Seems to start with a switch level for a union?
1226 */
1227 NTSTATUS samr_ValidatePassword();
1228 }
reg import