summaryrefslogtreecommitdiffstats
path: root/librpc/idl/netlogon.idl
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:47:29 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:47:29 +0000
commit4f5791ebd03eaec1c7da0865a383175b05102712 (patch)
tree8ce7b00f7a76baa386372422adebbe64510812d4 /librpc/idl/netlogon.idl
parentInitial commit. (diff)
downloadsamba-4f5791ebd03eaec1c7da0865a383175b05102712.tar.xz
samba-4f5791ebd03eaec1c7da0865a383175b05102712.zip
Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'librpc/idl/netlogon.idl')
-rw-r--r--librpc/idl/netlogon.idl1825
1 files changed, 1825 insertions, 0 deletions
diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl
new file mode 100644
index 0000000..c77151a
--- /dev/null
+++ b/librpc/idl/netlogon.idl
@@ -0,0 +1,1825 @@
+/*
+ netlogon interface
+ much of this was derived from the ethereal sources - thanks to everyone
+ who contributed!
+*/
+
+import "misc.idl", "lsa.idl", "samr.idl", "security.idl";
+
+#include "idl_types.h"
+
+cpp_quote("#define netr_DeltaEnum8Bit netr_DeltaEnum")
+cpp_quote("#define netr_SamDatabaseID8Bit netr_SamDatabaseID")
+
+cpp_quote("#define ENC_CRC32 KERB_ENCTYPE_DES_CBC_CRC")
+cpp_quote("#define ENC_RSA_MD5 KERB_ENCTYPE_DES_CBC_MD5")
+cpp_quote("#define ENC_RC4_HMAC_MD5 KERB_ENCTYPE_RC4_HMAC_MD5")
+cpp_quote("#define ENC_HMAC_SHA1_96_AES128 KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96")
+cpp_quote("#define ENC_HMAC_SHA1_96_AES256 KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96")
+cpp_quote("#define ENC_HMAC_SHA1_96_AES256_SK KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96_SK")
+cpp_quote("#define ENC_FAST_SUPPORTED KERB_ENCTYPE_FAST_SUPPORTED")
+cpp_quote("#define ENC_COMPOUND_IDENTITY_SUPPORTED KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED")
+cpp_quote("#define ENC_CLAIMS_SUPPORTED KERB_ENCTYPE_CLAIMS_SUPPORTED")
+cpp_quote("#define NETLOGON_SERVER_PIPE_STATE_MAGIC 0x4f555358")
+
+[
+ uuid("12345678-1234-abcd-ef00-01234567cffb"),
+ version(1.0),
+ endpoint("ncacn_np:[\\pipe\\netlogon]","ncacn_ip_tcp:","ncalrpc:"),
+ helper("../librpc/ndr/ndr_netlogon.h"),
+ ms_union,
+ pointer_default(unique)
+]
+
+interface netlogon
+{
+ typedef bitmap samr_AcctFlags samr_AcctFlags;
+ typedef bitmap security_GroupAttrs security_GroupAttrs;
+ typedef enum netr_DeltaEnum8Bit netr_DeltaEnum8Bit;
+ typedef enum netr_SamDatabaseID8Bit netr_SamDatabaseID8Bit;
+
+ /*****************/
+ /* Function 0x00 */
+
+ typedef struct {
+ [string,charset(UTF16)] uint16 *account_name;
+ uint32 priv;
+ uint32 auth_flags;
+ uint32 logon_count;
+ uint32 bad_pw_count;
+ time_t last_logon;
+ time_t last_logoff;
+ time_t logoff_time;
+ time_t kickoff_time;
+ uint32 password_age;
+ time_t pw_can_change;
+ time_t pw_must_change;
+ [string,charset(UTF16)] uint16 *computer;
+ [string,charset(UTF16)] uint16 *domain;
+ [string,charset(UTF16)] uint16 *script_path;
+ uint32 unknown;
+ } netr_UasInfo;
+
+ WERROR netr_LogonUasLogon(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [string,charset(UTF16)] uint16 *account_name,
+ [in] [string,charset(UTF16)] uint16 *workstation,
+ [out,ref] netr_UasInfo **info
+ );
+
+
+ /*****************/
+ /* Function 0x01 */
+
+ typedef struct {
+ uint32 duration;
+ uint16 logon_count;
+ } netr_UasLogoffInfo;
+
+ WERROR netr_LogonUasLogoff(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [string,charset(UTF16)] uint16 *account_name,
+ [in] [string,charset(UTF16)] uint16 *workstation,
+ [out,ref] netr_UasLogoffInfo *info
+ );
+
+
+ /*****************/
+ /* Function 0x02 */
+
+ /* in netr_AcctLockStr size seems to be be 24, and rrenard thinks
+ that the structure of the bindata looks like this:
+
+ dlong lockout_duration;
+ udlong reset_count;
+ uint32 bad_attempt_lockout;
+ uint32 dummy;
+
+ but it doesn't look as though this structure is reflected at the
+ NDR level. Maybe it is left to the application to decode the bindata array.
+ */
+ typedef [public] struct {
+ dlong lockout_duration;
+ udlong reset_count;
+ uint32 bad_attempt_lockout;
+ uint32 dummy;
+ } netr_AcctLockStr;
+
+ /* - MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
+ * sets the NETLOGON_SERVER_TRUST_ACCOUNT user_flag
+ * - MSV1_0_UPDATE_LOGON_STATISTICS
+ * sets the logon time on network logon
+ * - MSV1_0_RETURN_USER_PARAMETERS
+ * sets the user parameters in the driveletter
+ * - MSV1_0_RETURN_PROFILE_PATH
+ * returns the profilepath in the driveletter and
+ * sets LOGON_PROFILE_PATH_RETURNED user_flag
+ */
+
+ typedef [public,bitmap32bit] bitmap {
+ MSV1_0_CLEARTEXT_PASSWORD_ALLOWED = 0x00000002,
+ MSV1_0_UPDATE_LOGON_STATISTICS = 0x00000004,
+ MSV1_0_RETURN_USER_PARAMETERS = 0x00000008,
+ MSV1_0_DONT_TRY_GUEST_ACCOUNT = 0x00000010,
+ MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT = 0x00000020,
+ MSV1_0_RETURN_PASSWORD_EXPIRY = 0x00000040,
+ MSV1_0_USE_CLIENT_CHALLENGE = 0x00000080,
+ MSV1_0_TRY_GUEST_ACCOUNT_ONLY = 0x00000100,
+ MSV1_0_RETURN_PROFILE_PATH = 0x00000200,
+ MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY = 0x00000400,
+ MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT = 0x00000800,
+ MSV1_0_DISABLE_PERSONAL_FALLBACK = 0x00001000,
+ MSV1_0_ALLOW_FORCE_GUEST = 0x00002000,
+ MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED = 0x00004000,
+ MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY = 0x00008000,
+ MSV1_0_ALLOW_MSVCHAPV2 = 0x00010000,
+ MSV1_0_S4U2SELF = 0x00020000,
+ MSV1_0_CHECK_LOGONHOURS_FOR_S4U = 0x00040000,
+ MSV1_0_SUBAUTHENTICATION_DLL_EX = 0x00100000
+ } netr_LogonParameterControl;
+
+ /* Summary of the of the Query and Response from Microsoft on
+ * the usage of logon_id in netr_IdendityInfo
+ *
+ * [REG:119013019612095] [MS-NRPC]: NETLOGON_LOGON_IDENTITY_INFO: Does
+ * the Reserved field have LogonId meaning?
+ *
+ * Questions:
+ * In NetrLogonSamLogonEx does the Reserved field
+ * (of NETLOGON_LOGON_IDENTITY_INFO) have LogonId meaning?
+ *
+ * What is a valid LogonID, and does have any audit usage?
+ *
+ * Samba is sending a constant "deadbeef" in hex and would like to
+ * understand any usage of this field.
+ *
+ * Response:
+ * The NRPC spec is accurate in defining the field as Reserved, and
+ * without protocol significance. In the header file in our source
+ * code, it is defined as LogonId and commented as such, but it’s
+ * effectively not used. This is probably why the API structure has
+ * that field name. It may have been intended as such but it’s not
+ * used.
+ *
+ * Samba now sends a random value in this field.
+ */
+ typedef struct {
+ lsa_String domain_name;
+ netr_LogonParameterControl parameter_control; /* see MSV1_0_* */
+ udlong logon_id;
+ lsa_String account_name;
+ lsa_String workstation;
+ } netr_IdentityInfo;
+
+ typedef struct {
+ netr_IdentityInfo identity_info;
+ samr_Password lmpassword;
+ samr_Password ntpassword;
+ } netr_PasswordInfo;
+
+ typedef [flag(NDR_PAHEX)] struct {
+ uint16 length;
+ [value(length)] uint16 size;
+ [size_is(length),length_is(length)] uint8 *data;
+ } netr_ChallengeResponse;
+
+ typedef [flag(NDR_PAHEX)] struct {
+ netr_IdentityInfo identity_info;
+ uint8 challenge[8];
+ netr_ChallengeResponse nt;
+ netr_ChallengeResponse lm;
+ } netr_NetworkInfo;
+
+ typedef [flag(NDR_PAHEX)] struct {
+ netr_IdentityInfo identity_info;
+ lsa_String package_name;
+ uint32 length;
+ [size_is(length)] uint8 *data;
+ } netr_GenericInfo;
+
+ typedef [public] enum {
+ NetlogonInteractiveInformation = 1,
+ NetlogonNetworkInformation = 2,
+ NetlogonServiceInformation = 3,
+ NetlogonGenericInformation = 4,
+ NetlogonInteractiveTransitiveInformation = 5,
+ NetlogonNetworkTransitiveInformation = 6,
+ NetlogonServiceTransitiveInformation = 7
+ } netr_LogonInfoClass;
+
+ typedef [public,switch_type(netr_LogonInfoClass)] union {
+ [case(NetlogonInteractiveInformation)] netr_PasswordInfo *password;
+ [case(NetlogonNetworkInformation)] netr_NetworkInfo *network;
+ [case(NetlogonServiceInformation)] netr_PasswordInfo *password;
+ [case(NetlogonGenericInformation)] netr_GenericInfo *generic;
+ [case(NetlogonInteractiveTransitiveInformation)] netr_PasswordInfo *password;
+ [case(NetlogonNetworkTransitiveInformation)] netr_NetworkInfo *network;
+ [case(NetlogonServiceTransitiveInformation)] netr_PasswordInfo *password;
+ [default];
+ } netr_LogonLevel;
+
+ typedef [public,flag(NDR_PAHEX)] struct {
+ uint8 key[16];
+ } netr_UserSessionKey;
+
+ typedef [public,flag(NDR_PAHEX)] struct {
+ uint8 key[8];
+ } netr_LMSessionKey;
+
+ /* Flags for user_flags below */
+ typedef [public,bitmap32bit] bitmap {
+ NETLOGON_GUEST = 0x00000001,
+ NETLOGON_NOENCRYPTION = 0x00000002,
+ NETLOGON_CACHED_ACCOUNT = 0x00000004,
+ NETLOGON_USED_LM_PASSWORD = 0x00000008,
+ NETLOGON_EXTRA_SIDS = 0x00000020,
+ NETLOGON_SUBAUTH_SESSION_KEY = 0x00000040,
+ NETLOGON_SERVER_TRUST_ACCOUNT = 0x00000080,
+ NETLOGON_NTLMV2_ENABLED = 0x00000100,
+ NETLOGON_RESOURCE_GROUPS = 0x00000200,
+ NETLOGON_PROFILE_PATH_RETURNED = 0x00000400,
+ NETLOGON_GRACE_LOGON = 0x01000000
+ } netr_UserFlags;
+
+ typedef struct {
+ NTTIME logon_time;
+ NTTIME logoff_time;
+ NTTIME kickoff_time;
+ NTTIME last_password_change;
+ NTTIME allow_password_change;
+ NTTIME force_password_change;
+ lsa_String account_name;
+ lsa_String full_name;
+ lsa_String logon_script;
+ lsa_String profile_path;
+ lsa_String home_directory;
+ lsa_String home_drive;
+ uint16 logon_count;
+ uint16 bad_password_count;
+ uint32 rid;
+ uint32 primary_gid;
+ samr_RidWithAttributeArray groups;
+ netr_UserFlags user_flags;
+ [flag(NDR_SECRET)] netr_UserSessionKey key;
+ lsa_StringLarge logon_server;
+ lsa_StringLarge logon_domain;
+ dom_sid2 *domain_sid;
+ [flag(NDR_SECRET)] netr_LMSessionKey LMSessKey;
+ samr_AcctFlags acct_flags;
+ uint32 sub_auth_status;
+ NTTIME last_successful_logon;
+ NTTIME last_failed_logon;
+ uint32 failed_logon_count;
+ uint32 reserved;
+ } netr_SamBaseInfo;
+
+ typedef struct {
+ netr_SamBaseInfo base;
+ } netr_SamInfo2;
+
+ typedef [public] struct {
+ dom_sid2 *sid;
+ security_GroupAttrs attributes;
+ } netr_SidAttr;
+
+ typedef [public] struct {
+ netr_SamBaseInfo base;
+ uint32 sidcount;
+ [size_is(sidcount)] netr_SidAttr *sids;
+ } netr_SamInfo3;
+
+ typedef struct {
+ netr_SamBaseInfo base;
+ uint32 sidcount;
+ [size_is(sidcount)] netr_SidAttr *sids;
+ /*
+ * On ndr_push:
+ * Should pointer values be allocated
+ * of sids[*].sid before the following ones?
+ *
+ * That's at least the case for
+ * PAC_LOGON_INFO.
+ */
+ lsa_String dns_domainname;
+ lsa_String principal_name;
+ uint32 unknown4[20];
+ } netr_SamInfo6;
+
+ typedef struct {
+ uint32 pac_size;
+ [size_is(pac_size)] uint8 *pac;
+ lsa_String logon_domain;
+ lsa_String logon_server;
+ lsa_String principal_name;
+ uint32 auth_size;
+ [size_is(auth_size)] uint8 *auth;
+ netr_UserSessionKey user_session_key;
+ uint32 expansionroom[10];
+ lsa_String unknown1;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ } netr_PacInfo;
+
+ typedef [flag(NDR_PAHEX)] struct {
+ uint32 length;
+ [size_is(length)] uint8 *data;
+ } netr_GenericInfo2;
+
+ typedef enum {
+ NetlogonValidationUasInfo = 1,
+ NetlogonValidationSamInfo = 2,
+ NetlogonValidationSamInfo2 = 3,
+ NetlogonValidationGenericInfo2 = 5,
+ NetlogonValidationSamInfo4 = 6
+ } netr_ValidationInfoClass;
+
+ typedef [public,switch_type(uint16)] union {
+ [case(NetlogonValidationSamInfo)] netr_SamInfo2 *sam2;
+ [case(NetlogonValidationSamInfo2)] netr_SamInfo3 *sam3;
+ [case(4)] netr_PacInfo *pac;
+ [case(NetlogonValidationGenericInfo2)] netr_GenericInfo2 *generic;
+ [case(NetlogonValidationSamInfo4)] netr_SamInfo6 *sam6;
+ [default];
+ } netr_Validation;
+
+ typedef [public, flag(NDR_PAHEX)] struct {
+ uint8 data[8];
+ } netr_Credential;
+
+ typedef [public] struct {
+ netr_Credential client_challenge;
+ netr_Credential server_challenge;
+ } netlogon_server_pipe_state;
+
+ typedef [public] struct {
+ netr_Credential cred;
+ time_t timestamp;
+ } netr_Authenticator;
+
+ [public] NTSTATUS netr_LogonSamLogon(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,unique] [string,charset(UTF16)] uint16 *computer_name,
+ [in,unique] netr_Authenticator *credential,
+ [in,out,unique] netr_Authenticator *return_authenticator,
+ [in] netr_LogonInfoClass logon_level,
+ [in,ref] [switch_is(logon_level)] netr_LogonLevel *logon,
+ [in] uint16 validation_level,
+ [out,ref] [switch_is(validation_level)] netr_Validation *validation,
+ [out,ref] uint8 *authoritative
+ );
+
+
+ /*****************/
+ /* Function 0x03 */
+
+ NTSTATUS netr_LogonSamLogoff(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,unique] [string,charset(UTF16)] uint16 *computer_name,
+ [in,unique] netr_Authenticator *credential,
+ [in,out,unique] netr_Authenticator *return_authenticator,
+ [in] netr_LogonInfoClass logon_level,
+ [in] [switch_is(logon_level)] netr_LogonLevel logon
+ );
+
+
+
+ /*****************/
+ /* Function 0x04 */
+
+ [public] NTSTATUS netr_ServerReqChallenge(
+ [in,unique,string,charset(UTF16)] uint16 *server_name,
+ [in,string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Credential *credentials,
+ [out,ref] netr_Credential *return_credentials
+ );
+
+
+ /*****************/
+ /* Function 0x05 */
+
+ typedef enum netr_SchannelType netr_SchannelType;
+
+ NTSTATUS netr_ServerAuthenticate(
+ [in,unique,string,charset(UTF16)] uint16 *server_name,
+ [in,string,charset(UTF16)] uint16 *account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in,string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Credential *credentials,
+ [out,ref] netr_Credential *return_credentials
+ );
+
+
+ /*****************/
+ /* Function 0x06 */
+
+ NTSTATUS netr_ServerPasswordSet(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [string,charset(UTF16)] uint16 *account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Authenticator *credential,
+ [out,ref] netr_Authenticator *return_authenticator,
+ [in,ref] samr_Password *new_password
+ );
+
+
+ /*****************/
+ /* Function 0x07 */
+
+ typedef enum netr_SamDatabaseID netr_SamDatabaseID;
+
+ typedef struct {
+ [string,charset(UTF16)] uint16 *account_name;
+ lsa_String unknown1;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ uint32 unknown5;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
+ } netr_DELTA_DELETE_USER;
+
+ typedef struct {
+ uint16 length;
+ [value(length)] uint16 size;
+ uint32 flags;
+ samr_Password pwd;
+ } netr_USER_KEY16;
+
+ typedef struct {
+ uint16 nt_length;
+ [value(nt_length)] uint16 nt_size;
+ uint32 nt_flags;
+ uint16 lm_length;
+ [value(lm_length)] uint16 lm_size;
+ uint32 lm_flags;
+ uint8 nt_history[nt_length];
+ uint8 lm_history[lm_length];
+ } netr_PasswordHistory;
+
+ typedef struct {
+ netr_USER_KEY16 lmpassword;
+ netr_USER_KEY16 ntpassword;
+ netr_PasswordHistory history;
+ } netr_USER_KEYS2;
+
+ typedef struct { /* TODO: make this a union! */
+ netr_USER_KEYS2 keys2;
+ } netr_USER_KEY_UNION;
+
+ typedef [public] struct {
+ uint32 version;
+ netr_USER_KEY_UNION keys;
+ } netr_USER_KEYS;
+
+ typedef struct {
+ boolean8 SensitiveDataFlag;
+ uint32 DataLength;
+
+ /* netr_USER_KEYS encrypted with the session key */
+ [size_is(DataLength)][flag(NDR_PAHEX)] uint8 *SensitiveData;
+ } netr_USER_PRIVATE_INFO;
+
+ typedef struct {
+ lsa_String account_name;
+ lsa_String full_name;
+ uint32 rid;
+ uint32 primary_gid;
+ lsa_String home_directory;
+ lsa_String home_drive;
+ lsa_String logon_script;
+ lsa_String description;
+ lsa_String workstations;
+ NTTIME last_logon;
+ NTTIME last_logoff;
+ samr_LogonHours logon_hours;
+ uint16 bad_password_count;
+ uint16 logon_count;
+ NTTIME last_password_change;
+ NTTIME acct_expiry;
+ samr_AcctFlags acct_flags;
+ samr_Password lmpassword;
+ samr_Password ntpassword;
+ boolean8 nt_password_present;
+ boolean8 lm_password_present;
+ boolean8 password_expired;
+ lsa_String comment;
+ lsa_BinaryString parameters;
+ uint16 country_code;
+ uint16 code_page;
+ netr_USER_PRIVATE_INFO user_private_info;
+ uint32 SecurityInformation;
+ sec_desc_buf sdbuf;
+ lsa_String profile_path;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ uint32 unknown5;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
+ } netr_DELTA_USER;
+
+ typedef struct {
+ lsa_String domain_name;
+ lsa_String oem_information; /* comment */
+ dlong force_logoff_time;
+ uint16 min_password_length;
+ uint16 password_history_length;
+ /* yes, these are signed. They are in negative 100ns */
+ dlong max_password_age;
+ dlong min_password_age;
+ udlong sequence_num;
+ NTTIME domain_create_time;
+ uint32 SecurityInformation;
+ sec_desc_buf sdbuf;
+ lsa_BinaryString account_lockout;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ uint32 logon_to_chgpass;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
+ } netr_DELTA_DOMAIN;
+
+ typedef struct {
+ lsa_String group_name;
+ uint32 rid;
+ uint32 attributes;
+ lsa_String description;
+ uint32 SecurityInformation;
+ sec_desc_buf sdbuf;
+ lsa_String unknown1;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ uint32 unknown5;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
+ } netr_DELTA_GROUP;
+
+ typedef struct {
+ lsa_String OldName;
+ lsa_String NewName;
+ lsa_String unknown1;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ uint32 unknown5;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
+ } netr_DELTA_RENAME;
+
+ typedef struct {
+ [size_is(num_rids)] uint32 *rids;
+ [size_is(num_rids)] uint32 *attribs;
+ uint32 num_rids;
+ uint32 unknown1;
+ uint32 unknown2;
+ uint32 unknown3;
+ uint32 unknown4;
+ } netr_DELTA_GROUP_MEMBER;
+
+ typedef struct {
+ lsa_String alias_name;
+ uint32 rid;
+ uint32 SecurityInformation;
+ sec_desc_buf sdbuf;
+ lsa_String description;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ uint32 unknown5;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
+ } netr_DELTA_ALIAS;
+
+ typedef struct {
+ lsa_SidArray sids;
+ uint32 unknown1;
+ uint32 unknown2;
+ uint32 unknown3;
+ uint32 unknown4;
+ } netr_DELTA_ALIAS_MEMBER;
+
+ typedef struct {
+ uint32 pagedpoollimit;
+ uint32 nonpagedpoollimit;
+ uint32 minimumworkingsetsize;
+ uint32 maximumworkingsetsize;
+ uint32 pagefilelimit;
+ NTTIME timelimit;
+ } netr_QUOTA_LIMITS;
+
+ typedef struct {
+ uint32 maxlogsize;
+ NTTIME auditretentionperiod;
+ boolean8 auditingmode;
+ uint32 maxauditeventcount;
+ [size_is(maxauditeventcount+1)] uint32 *eventauditoptions;
+ lsa_String primary_domain_name;
+ dom_sid2 *sid;
+ netr_QUOTA_LIMITS quota_limits;
+ udlong sequence_num;
+ NTTIME db_create_time;
+ uint32 SecurityInformation;
+ sec_desc_buf sdbuf;
+ lsa_String unknown1;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ uint32 unknown5;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
+ } netr_DELTA_POLICY;
+
+ typedef struct {
+ lsa_String domain_name;
+ uint32 num_controllers;
+ [size_is(num_controllers)] lsa_String *controller_names;
+ uint32 SecurityInformation;
+ sec_desc_buf sdbuf;
+ lsa_String unknown1;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ uint32 posix_offset;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
+ } netr_DELTA_TRUSTED_DOMAIN;
+
+ typedef struct {
+ uint32 privilege_entries;
+ uint32 privilege_control;
+ [size_is(privilege_entries)] uint32 *privilege_attrib;
+ [size_is(privilege_entries)] lsa_String *privilege_name;
+ netr_QUOTA_LIMITS quotalimits;
+ uint32 system_flags;
+ uint32 SecurityInformation;
+ sec_desc_buf sdbuf;
+ lsa_String unknown1;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ uint32 unknown5;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
+ } netr_DELTA_ACCOUNT;
+
+ typedef struct {
+ uint32 len;
+ uint32 maxlen;
+ [size_is(maxlen)][length_is(len)] uint8 *cipher_data;
+ } netr_CIPHER_VALUE;
+
+ typedef struct {
+ netr_CIPHER_VALUE current_cipher;
+ NTTIME current_cipher_set_time;
+ netr_CIPHER_VALUE old_cipher;
+ NTTIME old_cipher_set_time;
+ uint32 SecurityInformation;
+ sec_desc_buf sdbuf;
+ lsa_String unknown1;
+ lsa_String unknown2;
+ lsa_String unknown3;
+ lsa_String unknown4;
+ uint32 unknown5;
+ uint32 unknown6;
+ uint32 unknown7;
+ uint32 unknown8;
+ } netr_DELTA_SECRET;
+
+ typedef enum {
+ NETR_DELTA_DOMAIN = 1,
+ NETR_DELTA_GROUP = 2,
+ NETR_DELTA_DELETE_GROUP = 3,
+ NETR_DELTA_RENAME_GROUP = 4,
+ NETR_DELTA_USER = 5,
+ NETR_DELTA_DELETE_USER = 6,
+ NETR_DELTA_RENAME_USER = 7,
+ NETR_DELTA_GROUP_MEMBER = 8,
+ NETR_DELTA_ALIAS = 9,
+ NETR_DELTA_DELETE_ALIAS = 10,
+ NETR_DELTA_RENAME_ALIAS = 11,
+ NETR_DELTA_ALIAS_MEMBER = 12,
+ NETR_DELTA_POLICY = 13,
+ NETR_DELTA_TRUSTED_DOMAIN = 14,
+ NETR_DELTA_DELETE_TRUST = 15,
+ NETR_DELTA_ACCOUNT = 16,
+ NETR_DELTA_DELETE_ACCOUNT = 17,
+ NETR_DELTA_SECRET = 18,
+ NETR_DELTA_DELETE_SECRET = 19,
+ NETR_DELTA_DELETE_GROUP2 = 20,
+ NETR_DELTA_DELETE_USER2 = 21,
+ NETR_DELTA_MODIFY_COUNT = 22
+ } netr_DeltaEnum;
+
+ typedef [switch_type(netr_DeltaEnum)] union {
+ [case(NETR_DELTA_DOMAIN)] netr_DELTA_DOMAIN *domain;
+ [case(NETR_DELTA_GROUP)] netr_DELTA_GROUP *group;
+ [case(NETR_DELTA_DELETE_GROUP)] ; /* rid only */
+ [case(NETR_DELTA_RENAME_GROUP)] netr_DELTA_RENAME *rename_group;
+ [case(NETR_DELTA_USER)] netr_DELTA_USER *user;
+ [case(NETR_DELTA_DELETE_USER)] ; /* rid only */
+ [case(NETR_DELTA_RENAME_USER)] netr_DELTA_RENAME *rename_user;
+ [case(NETR_DELTA_GROUP_MEMBER)] netr_DELTA_GROUP_MEMBER *group_member;
+ [case(NETR_DELTA_ALIAS)] netr_DELTA_ALIAS *alias;
+ [case(NETR_DELTA_DELETE_ALIAS)] ; /* rid only */
+ [case(NETR_DELTA_RENAME_ALIAS)] netr_DELTA_RENAME *rename_alias;
+ [case(NETR_DELTA_ALIAS_MEMBER)] netr_DELTA_ALIAS_MEMBER *alias_member;
+ [case(NETR_DELTA_POLICY)] netr_DELTA_POLICY *policy;
+ [case(NETR_DELTA_TRUSTED_DOMAIN)] netr_DELTA_TRUSTED_DOMAIN *trusted_domain;
+ [case(NETR_DELTA_DELETE_TRUST)] ; /* sid only */
+ [case(NETR_DELTA_ACCOUNT)] netr_DELTA_ACCOUNT *account;
+ [case(NETR_DELTA_DELETE_ACCOUNT)] ; /* sid only */
+ [case(NETR_DELTA_SECRET)] netr_DELTA_SECRET *secret;
+ [case(NETR_DELTA_DELETE_SECRET)] ; /* name only */
+ [case(NETR_DELTA_DELETE_GROUP2)] netr_DELTA_DELETE_USER *delete_group;
+ [case(NETR_DELTA_DELETE_USER2)] netr_DELTA_DELETE_USER *delete_user;
+ [case(NETR_DELTA_MODIFY_COUNT)] udlong *modified_count;
+ [default];
+ } netr_DELTA_UNION;
+
+ typedef [switch_type(netr_DeltaEnum)] union {
+ [case(NETR_DELTA_DOMAIN)] uint32 rid;
+ [case(NETR_DELTA_GROUP)] uint32 rid;
+ [case(NETR_DELTA_DELETE_GROUP)] uint32 rid;
+ [case(NETR_DELTA_RENAME_GROUP)] uint32 rid;
+ [case(NETR_DELTA_USER)] uint32 rid;
+ [case(NETR_DELTA_DELETE_USER)] uint32 rid;
+ [case(NETR_DELTA_RENAME_USER)] uint32 rid;
+ [case(NETR_DELTA_GROUP_MEMBER)] uint32 rid;
+ [case(NETR_DELTA_ALIAS)] uint32 rid;
+ [case(NETR_DELTA_DELETE_ALIAS)] uint32 rid;
+ [case(NETR_DELTA_RENAME_ALIAS)] uint32 rid;
+ [case(NETR_DELTA_ALIAS_MEMBER)] uint32 rid;
+ [case(NETR_DELTA_POLICY)] dom_sid2 *sid;
+ [case(NETR_DELTA_TRUSTED_DOMAIN)] dom_sid2 *sid;
+ [case(NETR_DELTA_DELETE_TRUST)] dom_sid2 *sid;
+ [case(NETR_DELTA_ACCOUNT)] dom_sid2 *sid;
+ [case(NETR_DELTA_DELETE_ACCOUNT)] dom_sid2 *sid;
+ [case(NETR_DELTA_SECRET)] [string,charset(UTF16)] uint16 *name;
+ [case(NETR_DELTA_DELETE_SECRET)] [string,charset(UTF16)] uint16 *name;
+ [case(NETR_DELTA_DELETE_GROUP2)] uint32 rid;
+ [case(NETR_DELTA_DELETE_USER2)] uint32 rid;
+ [case(NETR_DELTA_MODIFY_COUNT)] ;
+ [default];
+ } netr_DELTA_ID_UNION;
+
+ typedef struct {
+ netr_DeltaEnum delta_type;
+ [switch_is(delta_type)] netr_DELTA_ID_UNION delta_id_union;
+ [switch_is(delta_type)] netr_DELTA_UNION delta_union;
+ } netr_DELTA_ENUM;
+
+ typedef struct {
+ uint32 num_deltas;
+ [size_is(num_deltas)] netr_DELTA_ENUM *delta_enum;
+ } netr_DELTA_ENUM_ARRAY;
+
+ NTSTATUS netr_DatabaseDeltas(
+ [in] [string,charset(UTF16)] uint16 *logon_server,
+ [in] [string,charset(UTF16)] uint16 *computername,
+ [in,ref] netr_Authenticator *credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
+ [in] netr_SamDatabaseID database_id,
+ [in,out,ref] udlong *sequence_num,
+ [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array,
+ [in] uint32 preferredmaximumlength
+ );
+
+
+ /*****************/
+ /* Function 0x08 */
+
+ NTSTATUS netr_DatabaseSync(
+ [in] [string,charset(UTF16)] uint16 *logon_server,
+ [in] [string,charset(UTF16)] uint16 *computername,
+ [in,ref] netr_Authenticator *credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
+ [in] netr_SamDatabaseID database_id,
+ [in,out,ref] uint32 *sync_context,
+ [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array,
+ [in] uint32 preferredmaximumlength
+ );
+
+
+ /*****************/
+ /* Function 0x09 */
+
+ /* w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this call */
+
+ typedef [flag(NDR_PAHEX)] struct {
+ uint8 computer_name[16];
+ uint32 timecreated;
+ uint32 serial_number;
+ } netr_UAS_INFO_0;
+
+ typedef struct {
+ [flag(NDR_REMAINING)] DATA_BLOB blob;
+ } netr_AccountBuffer;
+
+ NTSTATUS netr_AccountDeltas(
+ [in,unique] [string,charset(UTF16)] uint16 *logon_server,
+ [in] [string,charset(UTF16)] uint16 *computername,
+ [in] netr_Authenticator credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
+ [in] netr_UAS_INFO_0 uas,
+ [in] uint32 count,
+ [in] uint32 level,
+ [in] uint32 buffersize,
+ [out,ref,subcontext(4)] netr_AccountBuffer *buffer,
+ [out,ref] uint32 *count_returned,
+ [out,ref] uint32 *total_entries,
+ [out,ref] netr_UAS_INFO_0 *recordid
+ );
+
+
+ /*****************/
+ /* Function 0x0A */
+
+ NTSTATUS netr_AccountSync(
+ [in,unique] [string,charset(UTF16)] uint16 *logon_server,
+ [in] [string,charset(UTF16)] uint16 *computername,
+ [in] netr_Authenticator credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
+ [in] uint32 reference,
+ [in] uint32 level,
+ [in] uint32 buffersize,
+ [out,ref,subcontext(4)] netr_AccountBuffer *buffer,
+ [out,ref] uint32 *count_returned,
+ [out,ref] uint32 *total_entries,
+ [out,ref] uint32 *next_reference,
+ [in,out,ref] netr_UAS_INFO_0 *recordid
+ );
+
+
+ /*****************/
+ /* Function 0x0B */
+
+ WERROR netr_GetDcName(
+ [in] [string,charset(UTF16)] uint16 *logon_server,
+ [in,unique] [string,charset(UTF16)] uint16 *domainname,
+ [out,ref] [string,charset(UTF16)] uint16 **dcname
+ );
+
+ /*****************/
+ /* Function 0x0C */
+
+ typedef [bitmap32bit] bitmap {
+ NETLOGON_REPLICATION_NEEDED = 0x00000001,
+ NETLOGON_REPLICATION_IN_PROGRESS = 0x00000002,
+ NETLOGON_FULL_SYNC_REPLICATION = 0x00000004,
+ NETLOGON_REDO_NEEDED = 0x00000008,
+ NETLOGON_HAS_IP = 0x00000010,
+ NETLOGON_HAS_TIMESERV = 0x00000020,
+ NETLOGON_DNS_UPDATE_FAILURE = 0x00000040,
+ NETLOGON_VERIFY_STATUS_RETURNED = 0x00000080
+ } netr_InfoFlags;
+
+ typedef struct {
+ netr_InfoFlags flags;
+ WERROR pdc_connection_status;
+ } netr_NETLOGON_INFO_1;
+
+ typedef struct {
+ netr_InfoFlags flags;
+ WERROR pdc_connection_status;
+ [string,charset(UTF16)] uint16 *trusted_dc_name;
+ WERROR tc_connection_status;
+ } netr_NETLOGON_INFO_2;
+
+ typedef struct {
+ netr_InfoFlags flags;
+ uint32 logon_attempts;
+ uint32 unknown1;
+ uint32 unknown2;
+ uint32 unknown3;
+ uint32 unknown4;
+ uint32 unknown5;
+ } netr_NETLOGON_INFO_3;
+
+ typedef struct {
+ [string,charset(UTF16)] uint16 *trusted_dc_name;
+ [string,charset(UTF16)] uint16 *trusted_domain_name;
+ } netr_NETLOGON_INFO_4;
+
+ typedef [public] union {
+ [case(1)] netr_NETLOGON_INFO_1 *info1;
+ [case(2)] netr_NETLOGON_INFO_2 *info2;
+ [case(3)] netr_NETLOGON_INFO_3 *info3;
+ [case(4)] netr_NETLOGON_INFO_4 *info4;
+ [default] ;
+ } netr_CONTROL_QUERY_INFORMATION;
+
+ /* function_code values */
+ typedef [v1_enum,public] enum {
+ NETLOGON_CONTROL_QUERY = 0x00000001,
+ NETLOGON_CONTROL_REPLICATE = 0x00000002,
+ NETLOGON_CONTROL_SYNCHRONIZE = 0x00000003,
+ NETLOGON_CONTROL_PDC_REPLICATE = 0x00000004,
+ NETLOGON_CONTROL_REDISCOVER = 0x00000005,
+ NETLOGON_CONTROL_TC_QUERY = 0x00000006,
+ NETLOGON_CONTROL_TRANSPORT_NOTIFY = 0x00000007,
+ NETLOGON_CONTROL_FIND_USER = 0x00000008,
+ NETLOGON_CONTROL_CHANGE_PASSWORD = 0x00000009,
+ NETLOGON_CONTROL_TC_VERIFY = 0x0000000A,
+ NETLOGON_CONTROL_FORCE_DNS_REG = 0x0000000B,
+ NETLOGON_CONTROL_QUERY_DNS_REG = 0x0000000C,
+ NETLOGON_CONTROL_BACKUP_CHANGE_LOG = 0x0000FFFC,
+ NETLOGON_CONTROL_TRUNCATE_LOG = 0x0000FFFD,
+ NETLOGON_CONTROL_SET_DBFLAG = 0x0000FFFE,
+ NETLOGON_CONTROL_BREAKPOINT = 0x0000FFFF
+ } netr_LogonControlCode;
+
+ WERROR netr_LogonControl(
+ [in,unique] [string,charset(UTF16)] uint16 *logon_server,
+ [in] netr_LogonControlCode function_code,
+ [in] uint32 level,
+ [out,ref,switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query
+ );
+
+
+ /*****************/
+ /* Function 0x0D */
+
+ WERROR netr_GetAnyDCName(
+ [in,unique] [string,charset(UTF16)] uint16 *logon_server,
+ [in,unique] [string,charset(UTF16)] uint16 *domainname,
+ [out,ref] [string,charset(UTF16)] uint16 **dcname
+ );
+
+
+ /*****************/
+ /* Function 0x0E */
+
+ typedef [public,switch_type(netr_LogonControlCode)] union {
+ [case(NETLOGON_CONTROL_REDISCOVER)] [string,charset(UTF16)] uint16 *domain;
+ [case(NETLOGON_CONTROL_TC_QUERY)] [string,charset(UTF16)] uint16 *domain;
+ [case(NETLOGON_CONTROL_TRANSPORT_NOTIFY)] [string,charset(UTF16)] uint16 *domain;
+ [case(NETLOGON_CONTROL_CHANGE_PASSWORD)] [string,charset(UTF16)] uint16 *domain;
+ [case(NETLOGON_CONTROL_TC_VERIFY)] [string,charset(UTF16)] uint16 *domain;
+ [case(NETLOGON_CONTROL_FIND_USER)] [string,charset(UTF16)] uint16 *user;
+ [case(NETLOGON_CONTROL_SET_DBFLAG)] uint32 debug_level;
+ [default] ;
+ } netr_CONTROL_DATA_INFORMATION;
+
+ WERROR netr_LogonControl2(
+ [in,unique] [string,charset(UTF16)] uint16 *logon_server,
+ [in] netr_LogonControlCode function_code,
+ [in] uint32 level,
+ [in,ref][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION *data,
+ [out,ref][switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query
+ );
+
+
+ /* If NETLOGON_NEG_ARCFOUR flag is not set, then the passwords and LM
+ * session keys are encrypted with DES calls. (And the user session key
+ * is unencrypted) */
+
+ /*****************/
+ /* Function 0x0F */
+
+ typedef [public,bitmap32bit] bitmap {
+ NETLOGON_NEG_ACCOUNT_LOCKOUT = 0x00000001,
+ NETLOGON_NEG_PERSISTENT_SAMREPL = 0x00000002,
+ NETLOGON_NEG_ARCFOUR = 0x00000004,
+ NETLOGON_NEG_PROMOTION_COUNT = 0x00000008,
+ NETLOGON_NEG_CHANGELOG_BDC = 0x00000010,
+ NETLOGON_NEG_FULL_SYNC_REPL = 0x00000020,
+ NETLOGON_NEG_MULTIPLE_SIDS = 0x00000040,
+ NETLOGON_NEG_REDO = 0x00000080,
+ NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL = 0x00000100,
+ NETLOGON_NEG_SEND_PASSWORD_INFO_PDC = 0x00000200,
+ NETLOGON_NEG_GENERIC_PASSTHROUGH = 0x00000400,
+ NETLOGON_NEG_CONCURRENT_RPC = 0x00000800,
+ NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL = 0x00001000,
+ NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL = 0x00002000,
+ NETLOGON_NEG_STRONG_KEYS = 0x00004000,
+ NETLOGON_NEG_TRANSITIVE_TRUSTS = 0x00008000,
+ NETLOGON_NEG_DNS_DOMAIN_TRUSTS = 0x00010000,
+ NETLOGON_NEG_PASSWORD_SET2 = 0x00020000,
+ NETLOGON_NEG_GETDOMAININFO = 0x00040000,
+ NETLOGON_NEG_CROSS_FOREST_TRUSTS = 0x00080000,
+ NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION = 0x00100000,
+ NETLOGON_NEG_RODC_PASSTHROUGH = 0x00200000,
+ NETLOGON_NEG_SUPPORTS_AES_SHA2 = 0x00400000,
+ NETLOGON_NEG_SUPPORTS_AES = 0x01000000,
+ NETLOGON_NEG_AUTHENTICATED_RPC_LSASS = 0x20000000,
+ NETLOGON_NEG_AUTHENTICATED_RPC = 0x40000000
+ } netr_NegotiateFlags;
+
+ const uint32 NETLOGON_NEG_128BIT = NETLOGON_NEG_STRONG_KEYS;
+ const uint32 NETLOGON_NEG_SCHANNEL = NETLOGON_NEG_AUTHENTICATED_RPC;
+
+ NTSTATUS netr_ServerAuthenticate2(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [string,charset(UTF16)] uint16 *account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Credential *credentials,
+ [out,ref] netr_Credential *return_credentials,
+ [in,out,ref] netr_NegotiateFlags *negotiate_flags
+ );
+
+
+ /*****************/
+ /* Function 0x10 */
+
+ typedef enum {
+ SYNCSTATE_NORMAL_STATE = 0,
+ SYNCSTATE_DOMAIN_STATE = 1,
+ SYNCSTATE_GROUP_STATE = 2,
+ SYNCSTATE_UAS_BUILT_IN_GROUP_STATE = 3,
+ SYNCSTATE_USER_STATE = 4,
+ SYNCSTATE_GROUP_MEMBER_STATE = 5,
+ SYNCSTATE_ALIAS_STATE = 6,
+ SYNCSTATE_ALIAS_MEMBER_STATE = 7,
+ SYNCSTATE_SAM_DONE_STATE = 8
+ } SyncStateEnum;
+
+ NTSTATUS netr_DatabaseSync2(
+ [in] [string,charset(UTF16)] uint16 *logon_server,
+ [in] [string,charset(UTF16)] uint16 *computername,
+ [in,ref] netr_Authenticator *credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
+ [in] netr_SamDatabaseID database_id,
+ [in] SyncStateEnum restart_state,
+ [in,out,ref] uint32 *sync_context,
+ [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array,
+ [in] uint32 preferredmaximumlength
+ );
+
+
+ /*****************/
+ /* Function 0x11 */
+
+ /* i'm not at all sure how this call works */
+
+ typedef [bitmap16bit] bitmap {
+ NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED = 0x0001,
+ NETR_CHANGELOG_CHANGED_PASSWORD = 0x0002,
+ NETR_CHANGELOG_SID_INCLUDED = 0x0004,
+ NETR_CHANGELOG_NAME_INCLUDED = 0x0008,
+ NETR_CHANGELOG_FIRST_PROMOTION_OBJ = 0x0010
+ } netr_ChangeLogFlags;
+
+ typedef [nodiscriminant] union {
+ [case(NETR_CHANGELOG_SID_INCLUDED)] dom_sid object_sid;
+ [case(NETR_CHANGELOG_NAME_INCLUDED)] nstring object_name;
+ [default];
+ } netr_ChangeLogObject;
+
+ typedef [public,gensize] struct {
+ uint32 serial_number1;
+ uint32 serial_number2;
+ uint32 object_rid;
+ netr_ChangeLogFlags flags;
+ netr_SamDatabaseID8Bit db_index;
+ netr_DeltaEnum8Bit delta_type;
+ [switch_is(flags & (NETR_CHANGELOG_SID_INCLUDED|NETR_CHANGELOG_NAME_INCLUDED))] netr_ChangeLogObject object;
+ } netr_ChangeLogEntry;
+
+ NTSTATUS netr_DatabaseRedo(
+ [in] [string,charset(UTF16)] uint16 *logon_server,
+ [in] [string,charset(UTF16)] uint16 *computername,
+ [in] netr_Authenticator *credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
+ /*
+ * we cannot use subcontext_size() here, as
+ * change_log_entry_size is encoded after the subcontext
+ */
+ [in] [subcontext(4)/*,subcontext_size(change_log_entry_size)*/]
+ netr_ChangeLogEntry change_log_entry,
+ [in] [value(ndr_size_netr_ChangeLogEntry(&change_log_entry,
+ ndr->flags))]
+ uint32 change_log_entry_size,
+ [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array
+ );
+
+
+ /*****************/
+ /* Function 0x12 */
+
+ WERROR netr_LogonControl2Ex(
+ [in,unique] [string,charset(UTF16)] uint16 *logon_server,
+ [in] netr_LogonControlCode function_code,
+ [in] uint32 level,
+ [in,ref][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION *data,
+ [out,ref][switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query
+ );
+
+ /*****************/
+ /* Function 0x13 */
+ typedef struct {
+ uint32 length;
+ [size_is(length)] uint8 *data;
+ } netr_Blob;
+
+ NTSTATUS netr_NetrEnumerateTrustedDomains(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [out,ref] netr_Blob *trusted_domains_blob
+ );
+
+ /*****************/
+ /* Function 0x14 */
+
+ /* one unknown bit still: DS_IP_VERSION_AGNOSTIC - gd*/
+
+ const int DSGETDC_VALID_FLAGS = (DS_FORCE_REDISCOVERY |
+ DS_DIRECTORY_SERVICE_REQUIRED |
+ DS_DIRECTORY_SERVICE_PREFERRED |
+ DS_GC_SERVER_REQUIRED |
+ DS_PDC_REQUIRED |
+ DS_BACKGROUND_ONLY |
+ DS_IP_REQUIRED |
+ DS_KDC_REQUIRED |
+ DS_TIMESERV_REQUIRED |
+ DS_WRITABLE_REQUIRED |
+ DS_GOOD_TIMESERV_PREFERRED |
+ DS_AVOID_SELF |
+ DS_ONLY_LDAP_NEEDED |
+ DS_IS_FLAT_NAME |
+ DS_IS_DNS_NAME |
+ DS_TRY_NEXTCLOSEST_SITE |
+ DS_DIRECTORY_SERVICE_6_REQUIRED |
+ DS_WEB_SERVICE_REQUIRED |
+ /*
+ * For now we skip these until
+ * we have test for them:
+ * DS_DIRECTORY_SERVICE_8_REQUIRED |
+ * DS_DIRECTORY_SERVICE_9_REQUIRED |
+ * DS_DIRECTORY_SERVICE_10_REQUIRED |
+ */
+ DS_RETURN_FLAT_NAME |
+ DS_RETURN_DNS_NAME);
+
+ typedef [bitmap32bit] bitmap {
+ DS_FORCE_REDISCOVERY = 0x00000001,
+ DS_DIRECTORY_SERVICE_REQUIRED = 0x00000010,
+ DS_DIRECTORY_SERVICE_PREFERRED = 0x00000020,
+ DS_GC_SERVER_REQUIRED = 0x00000040,
+ DS_PDC_REQUIRED = 0x00000080,
+ DS_BACKGROUND_ONLY = 0x00000100,
+ DS_IP_REQUIRED = 0x00000200,
+ DS_KDC_REQUIRED = 0x00000400,
+ DS_TIMESERV_REQUIRED = 0x00000800,
+ DS_WRITABLE_REQUIRED = 0x00001000,
+ DS_GOOD_TIMESERV_PREFERRED = 0x00002000,
+ DS_AVOID_SELF = 0x00004000,
+ DS_ONLY_LDAP_NEEDED = 0x00008000,
+ DS_IS_FLAT_NAME = 0x00010000,
+ DS_IS_DNS_NAME = 0x00020000,
+ DS_TRY_NEXTCLOSEST_SITE = 0x00040000,
+ DS_DIRECTORY_SERVICE_6_REQUIRED = 0x00080000, /* 2008 */
+ DS_WEB_SERVICE_REQUIRED = 0x00100000,
+ DS_DIRECTORY_SERVICE_8_REQUIRED = 0x00200000, /* 2012 */
+ DS_DIRECTORY_SERVICE_9_REQUIRED = 0x00400000, /* 2012R2 */
+ DS_DIRECTORY_SERVICE_10_REQUIRED= 0x00800000, /* 2016 */
+ DS_RETURN_DNS_NAME = 0x40000000,
+ DS_RETURN_FLAT_NAME = 0x80000000
+ } netr_DsRGetDCName_flags;
+
+ typedef [v1_enum] enum {
+ DS_ADDRESS_TYPE_INET = 1,
+ DS_ADDRESS_TYPE_NETBIOS = 2
+ } netr_DsRGetDCNameInfo_AddressType;
+
+ typedef [bitmap32bit] bitmap {
+ DS_SERVER_PDC = 0x00000001,
+ DS_SERVER_GC = 0x00000004,
+ DS_SERVER_LDAP = 0x00000008,
+ DS_SERVER_DS = 0x00000010,
+ DS_SERVER_KDC = 0x00000020,
+ DS_SERVER_TIMESERV = 0x00000040,
+ DS_SERVER_CLOSEST = 0x00000080,
+ DS_SERVER_WRITABLE = 0x00000100,
+ DS_SERVER_GOOD_TIMESERV = 0x00000200,
+ DS_SERVER_NDNC = 0x00000400,
+ DS_SERVER_SELECT_SECRET_DOMAIN_6 = 0x00000800, /* 2008 / RODC */
+ DS_SERVER_FULL_SECRET_DOMAIN_6 = 0x00001000, /* 2008 / RWDC */
+ DS_SERVER_WEBSERV = 0x00002000,
+ DS_SERVER_DS_8 = 0x00004000, /* 2012 */
+ DS_SERVER_DS_9 = 0x00008000, /* 2012R2 */
+ DS_SERVER_DS_10 = 0x00010000, /* 2016 */
+ DS_DNS_CONTROLLER = 0x20000000,
+ DS_DNS_DOMAIN = 0x40000000,
+ DS_DNS_FOREST_ROOT = 0x80000000
+ } netr_DsR_DcFlags;
+
+ typedef [public] struct {
+ [string,charset(UTF16)] uint16 *dc_unc;
+ [string,charset(UTF16)] uint16 *dc_address;
+ netr_DsRGetDCNameInfo_AddressType dc_address_type;
+ GUID domain_guid;
+ [string,charset(UTF16)] uint16 *domain_name;
+ [string,charset(UTF16)] uint16 *forest_name;
+ netr_DsR_DcFlags dc_flags;
+ [string,charset(UTF16)] uint16 *dc_site_name;
+ [string,charset(UTF16)] uint16 *client_site_name;
+ } netr_DsRGetDCNameInfo;
+
+ WERROR netr_DsRGetDCName(
+ [in,unique] [string,charset(UTF16)] uint16 *server_unc,
+ [in,unique] [string,charset(UTF16)] uint16 *domain_name,
+ [in,unique] GUID *domain_guid,
+ [in,unique] GUID *site_guid,
+ [in] netr_DsRGetDCName_flags flags,
+ [out,ref] netr_DsRGetDCNameInfo **info
+ );
+
+ /*****************/
+ /* Function 0x15 */
+ typedef [switch_type(uint32)] union {
+ [case(1)] netr_NegotiateFlags server_capabilities;
+ [case(2)] netr_NegotiateFlags server_capabilities;
+ } netr_Capabilities;
+
+ NTSTATUS netr_LogonGetCapabilities(
+ [in] [string,charset(UTF16)] uint16 *server_name,
+ [in,unique] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Authenticator *credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
+ [in] uint32 query_level,
+ [out,ref,switch_is(query_level)] netr_Capabilities *capabilities
+ );
+
+ /****************/
+ /* Function 0x16 */
+ [todo] WERROR netr_NETRLOGONSETSERVICEBITS();
+
+ /****************/
+ /* Function 0x17 */
+ WERROR netr_LogonGetTrustRid(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,unique] [string,charset(UTF16)] uint16 *domain_name,
+ [out,ref] uint32 *rid
+ );
+
+ /****************/
+ /* Function 0x18 */
+ [todo] WERROR netr_NETRLOGONCOMPUTESERVERDIGEST();
+
+ /****************/
+ /* Function 0x19 */
+ [todo] WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST();
+
+ /****************/
+ /* Function 0x1a */
+ [public] NTSTATUS netr_ServerAuthenticate3(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [string,charset(UTF16)] uint16 *account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Credential *credentials,
+ [out,ref] netr_Credential *return_credentials,
+ [in,out,ref] netr_NegotiateFlags *negotiate_flags,
+ [out,ref] uint32 *rid
+ );
+
+ /****************/
+ /* Function 0x1b */
+
+ WERROR netr_DsRGetDCNameEx(
+ [in,unique] [string,charset(UTF16)] uint16 *server_unc,
+ [in,unique] [string,charset(UTF16)] uint16 *domain_name,
+ [in,unique] GUID *domain_guid,
+ [in,unique] [string,charset(UTF16)] uint16 *site_name,
+ [in] netr_DsRGetDCName_flags flags,
+ [out,ref] netr_DsRGetDCNameInfo **info
+ );
+
+
+ /****************/
+ /* Function 0x1c */
+ WERROR netr_DsRGetSiteName(
+ [in,unique] [string,charset(UTF16)] uint16 *computer_name,
+ [out,ref] [string,charset(UTF16)] uint16 **site
+ );
+
+ /****************/
+ /* Function 0x1d */
+ typedef [public,bitmap32bit] bitmap {
+ NETR_TRUST_FLAG_IN_FOREST = 0x00000001,
+ NETR_TRUST_FLAG_OUTBOUND = 0x00000002,
+ NETR_TRUST_FLAG_TREEROOT = 0x00000004,
+ NETR_TRUST_FLAG_PRIMARY = 0x00000008,
+ NETR_TRUST_FLAG_NATIVE = 0x00000010,
+ NETR_TRUST_FLAG_INBOUND = 0x00000020,
+ NETR_TRUST_FLAG_MIT_KRB5 = 0x00000080,
+ NETR_TRUST_FLAG_AES = 0x00000100
+ } netr_TrustFlags;
+
+ typedef [bitmap32bit] bitmap {
+ NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS = 0x00000001,
+ NETR_WS_FLAG_HANDLES_SPN_UPDATE = 0x00000002
+ } netr_WorkstationFlags;
+
+ typedef [bitmap16bit] bitmap {
+ NETR_VER_SUITE_BACKOFFICE = 0x0004,
+ NETR_VER_SUITE_BLADE = 0x0400,
+ NETR_VER_SUITE_COMPUTE_SERVER = 0x4000,
+ NETR_VER_SUITE_DATACENTER = 0x0080,
+ NETR_VER_SUITE_ENTERPRISE = 0x0002,
+ NETR_VER_SUITE_EMBEDDEDNT = 0x0040,
+ NETR_VER_SUITE_PERSONAL = 0x0200,
+ NETR_VER_SUITE_SINGLEUSERTS = 0x0100,
+ NETR_VER_SUITE_SMALLBUSINESS = 0x0001,
+ NETR_VER_SUITE_SMALLBUSINESS_RESTRICTED = 0x0020,
+ NETR_VER_SUITE_STORAGE_SERVER = 0x2000,
+ NETR_VER_SUITE_TERMINAL = 0x0010,
+ NETR_VER_SUITE_WH_SERVER = 0x8000
+ } netr_SuiteMask;
+
+ typedef [bitmap8bit] bitmap {
+ NETR_VER_NT_DOMAIN_CONTROLLER = 0x02,
+ NETR_VER_NT_SERVER = 0x03,
+ NETR_VER_NT_WORKSTATION = 0x01
+ } netr_ProductType;
+
+ typedef struct {
+ uint32 policy_size;
+ [size_is(policy_size)] uint8 *policy;
+ } netr_LsaPolicyInformation;
+
+ typedef struct {
+ [value(284)] uint32 OSVersionInfoSize;
+ uint32 MajorVersion;
+ uint32 MinorVersion;
+ uint32 BuildNumber;
+ uint32 PlatformId;
+ [subcontext(0),subcontext_size(256)] nstring CSDVersion;
+ uint16 ServicePackMajor;
+ uint16 ServicePackMinor;
+ netr_SuiteMask SuiteMask;
+ netr_ProductType ProductType;
+ uint8 Reserved;
+ } netr_OsVersionInfoEx;
+
+ typedef struct {
+ /* these first 3 values come from the fact windows
+ actually encodes this structure as a UNICODE_STRING
+ - see MS-NRPC section 2.2.1.3.9 */
+ /* 142 * 2 = 284 (length of structure "netr_OsVersionInfoEx") */
+ [value(142)] uint3264 length;
+ [value(0)] uint3264 dummy;
+ [value(142)] uint3264 size;
+ [subcontext(0),subcontext_size(size*2)]
+ netr_OsVersionInfoEx os;
+ } netr_OsVersion;
+
+ typedef struct {
+ /* value is 284 when info != os, otherwise 0 (for length and
+ size) */
+ [value(os == NULL ? 0 : 284)] uint16 length;
+ [value(os == NULL ? 0 : 284)] uint16 size;
+ netr_OsVersion *os;
+ } netr_OsVersionContainer;
+
+ typedef struct {
+ netr_LsaPolicyInformation lsa_policy;
+ [string,charset(UTF16)] uint16 *dns_hostname;
+ [string,charset(UTF16)] uint16 *sitename;
+ [string,charset(UTF16)] uint16 *dummy1;
+ [string,charset(UTF16)] uint16 *dummy2;
+ [string,charset(UTF16)] uint16 *dummy3;
+ [string,charset(UTF16)] uint16 *dummy4;
+ netr_OsVersionContainer os_version;
+ lsa_String os_name;
+ lsa_String dummy_string3;
+ lsa_String dummy_string4;
+ netr_WorkstationFlags workstation_flags;
+ kerb_EncTypes supported_enc_types;
+ uint32 dummy_long3;
+ uint32 dummy_long4;
+ } netr_WorkstationInformation;
+
+ typedef union {
+ [case(1)] netr_WorkstationInformation *workstation_info;
+ [case(2)] netr_WorkstationInformation *lsa_policy_info;
+ } netr_WorkstationInfo;
+
+ typedef struct {
+ netr_TrustFlags flags;
+ uint32 parent_index;
+ lsa_TrustType trust_type;
+ lsa_TrustAttributes trust_attributes;
+ } netr_trust_extension_info;
+
+ typedef struct {
+ /* these first 3 values come from the fact windows
+ actually encodes this structure as a UNICODE_STRING
+ - see MS-NRPC section 2.2.1.3.9 */
+ [value(8)] uint3264 length;
+ [value(0)] uint3264 dummy;
+ [value(8)] uint3264 size;
+ [subcontext(0),subcontext_size(size*2)]
+ netr_trust_extension_info info;
+ } netr_trust_extension;
+
+ typedef struct {
+ /* value is 16 when info != NULL, otherwise 0 */
+ [value(info == NULL ? 0 : 16)] uint16 length;
+ [value(info == NULL ? 0 : 16)] uint16 size;
+ netr_trust_extension *info;
+ } netr_trust_extension_container;
+
+ typedef struct {
+ lsa_StringLarge domainname;
+ lsa_StringLarge dns_domainname;
+ lsa_StringLarge dns_forestname;
+ GUID domain_guid;
+ dom_sid2 *domain_sid;
+ netr_trust_extension_container trust_extension;
+ lsa_StringLarge dummy_string2;
+ lsa_StringLarge dummy_string3;
+ lsa_StringLarge dummy_string4;
+ uint32 dummy_long1;
+ uint32 dummy_long2;
+ uint32 dummy_long3;
+ uint32 dummy_long4;
+ } netr_OneDomainInfo;
+
+ typedef struct {
+ netr_OneDomainInfo primary_domain;
+ uint32 trusted_domain_count;
+ [size_is(trusted_domain_count)] netr_OneDomainInfo *trusted_domains;
+ netr_LsaPolicyInformation lsa_policy;
+ lsa_StringLarge dns_hostname;
+ lsa_StringLarge dummy_string2;
+ lsa_StringLarge dummy_string3;
+ lsa_StringLarge dummy_string4;
+ netr_WorkstationFlags workstation_flags;
+ kerb_EncTypes supported_enc_types;
+ uint32 dummy_long3;
+ uint32 dummy_long4;
+ } netr_DomainInformation;
+
+ typedef union {
+ [case(1)] netr_DomainInformation *domain_info;
+ [case(2)] netr_LsaPolicyInformation *lsa_policy_info;
+ } netr_DomainInfo;
+
+ [public] NTSTATUS netr_LogonGetDomainInfo(
+ [in] [string,charset(UTF16)] uint16 *server_name,
+ [in,unique] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Authenticator *credential,
+ [in,out,ref] netr_Authenticator *return_authenticator,
+ [in] uint32 level,
+ [in,ref,switch_is(level)] netr_WorkstationInfo *query,
+ [out,ref,switch_is(level)] netr_DomainInfo *info
+ );
+
+ /*****************/
+ /* Function 0x1e */
+
+ /* [MS-NRPC] 2.2.1.3.8 NL_PASSWORD_VERSION */
+
+ /* someone's birthday ? */
+ const int NETLOGON_PASSWORD_VERSION_NUMBER_PRESENT = 0x02231968;
+
+ typedef struct {
+ uint32 ReservedField;
+ uint32 PasswordVersionNumber;
+ uint32 PasswordVersionPresent;
+ } NL_PASSWORD_VERSION;
+
+ typedef [flag(NDR_PAHEX)] struct {
+ uint8 data[512];
+ uint32 length;
+ } netr_CryptPassword;
+
+ NTSTATUS netr_ServerPasswordSet2(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [string,charset(UTF16)] uint16 *account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Authenticator *credential,
+ [out,ref] netr_Authenticator *return_authenticator,
+ [in,ref] netr_CryptPassword *new_password
+ );
+
+ /****************/
+ /* Function 0x1f */
+ NTSTATUS netr_ServerPasswordGet(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [string,charset(UTF16)] uint16 *account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Authenticator *credential,
+ [out,ref] netr_Authenticator *return_authenticator,
+ [out,ref] samr_Password *password
+ );
+
+ typedef [public] enum {
+ SendToSamUpdatePassword = 0,
+ SendToSamResetBadPasswordCount = 1,
+ SendToSamUpdatePasswordForward = 2,
+ SendToSamUpdateLastLogonTimestamp = 3,
+ SendToSamResetSmartCardPassword = 4
+ } netr_SendToSamType;
+
+ typedef struct {
+ GUID guid;
+ } netr_SendToSamResetBadPasswordCount;
+
+ typedef [nodiscriminant, public,switch_type(netr_SendToSamType)] union {
+ /* TODO Implement other SendToSam message types
+ * [case(SendToSamUpdatePassword)] netr_SendToSamUpdatePassword ...; */
+ [case(SendToSamResetBadPasswordCount)] netr_SendToSamResetBadPasswordCount reset_bad_password;
+ /*
+ * [case(SendToSamUpdatePasswordForward)] netrSendToSamUpdatePasswordForward ...;
+ * [case(SendToSamUpdateLastLogonTimestamp)] netrSendToSamUpdateLastLogonTimestamp ...;
+ * [case(SendToSamResetSmartCardPassword)] netrSendToSamResetSmartCardPassword ...;
+ */
+ [default];
+ } netr_SendToSamMessage;
+
+ typedef [public] struct {
+ netr_SendToSamType message_type;
+ uint32 message_size;
+ [switch_is(message_type), subcontext(0), subcontext_size(message_size)] netr_SendToSamMessage message;
+ } netr_SendToSamBase;
+
+ /****************/
+ /* Function 0x20 */
+ NTSTATUS netr_NetrLogonSendToSam(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Authenticator *credential,
+ [out,ref] netr_Authenticator *return_authenticator,
+ [in,ref] [size_is(buffer_len)] uint8 *opaque_buffer,
+ [in] uint32 buffer_len
+ );
+
+ /****************/
+ /* Function 0x21 */
+ typedef struct {
+ uint32 count;
+ [size_is(count)] lsa_String *sitename;
+ } netr_DsRAddressToSitenamesWCtr;
+
+ typedef struct {
+ [size_is(size)] uint8 *buffer;
+ uint32 size;
+ } netr_DsRAddress;
+
+ WERROR netr_DsRAddressToSitenamesW(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [range(0,32000)] uint32 count,
+ [in] [size_is(count)] [ref] netr_DsRAddress *addresses,
+ [out] [ref] netr_DsRAddressToSitenamesWCtr **ctr
+ );
+
+ /****************/
+ /* Function 0x22 */
+ WERROR netr_DsRGetDCNameEx2(
+ [in,unique] [string,charset(UTF16)] uint16 *server_unc,
+ [in,unique] [string,charset(UTF16)] uint16 *client_account,
+ [in] samr_AcctFlags mask,
+ [in,unique] [string,charset(UTF16)] uint16 *domain_name,
+ [in,unique] GUID *domain_guid,
+ [in,unique] [string,charset(UTF16)] uint16 *site_name,
+ [in] netr_DsRGetDCName_flags flags,
+ [out,ref] netr_DsRGetDCNameInfo **info
+ );
+
+ /****************/
+ /* Function 0x23 */
+ [todo] WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN();
+
+ /****************/
+ /* Function 0x24 */
+
+ typedef [public] struct {
+ [string,charset(UTF16)] uint16 *netbios_name;
+ [string,charset(UTF16)] uint16 *dns_name;
+ netr_TrustFlags trust_flags;
+ uint32 parent_index;
+ lsa_TrustType trust_type;
+ lsa_TrustAttributes trust_attributes;
+ dom_sid2 *sid;
+ GUID guid;
+ } netr_DomainTrust;
+
+ typedef [public] struct {
+ uint32 count;
+ [size_is(count)] netr_DomainTrust *array;
+ } netr_DomainTrustList;
+
+ WERROR netr_NetrEnumerateTrustedDomainsEx(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [out,ref] netr_DomainTrustList *dom_trust_list
+ );
+
+ /****************/
+ /* Function 0x25 */
+ typedef struct {
+ uint32 count;
+ [size_is(count)] lsa_String *sitename;
+ [size_is(count)] lsa_String *subnetname;
+ } netr_DsRAddressToSitenamesExWCtr;
+
+ WERROR netr_DsRAddressToSitenamesExW(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [range(0,32000)] uint32 count,
+ [in] [size_is(count)] [ref] netr_DsRAddress *addresses,
+ [out] [ref] netr_DsRAddressToSitenamesExWCtr **ctr
+ );
+
+ /****************/
+ /* Function 0x26 */
+
+ typedef struct {
+ uint32 num_sites;
+ [size_is(num_sites)] [unique] lsa_String *sites;
+ } DcSitesCtr;
+
+ WERROR netr_DsrGetDcSiteCoverageW(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [out,ref] DcSitesCtr **ctr
+ );
+
+ /****************/
+ /* Function 0x27 */
+ typedef [public,bitmap32bit] bitmap {
+ /* Request MUST be passed to the domain controller at the root of the forest. */
+ NETLOGON_SAMLOGON_FLAG_PASS_TO_FOREST_ROOT = 0x00000001,
+ /* Request MUST be passed to the DC at the end of the first hop over a cross-forest trust. */
+ NETLOGON_SAMLOGON_FLAG_PASS_CROSS_FOREST_HOP = 0x00000002,
+ /* Request was passed by an RODC to a DC in a different domain. */
+ NETLOGON_SAMLOGON_FLAG_RODC_TO_OTHER_DOMAIN = 0x00000004,
+ /* Request is an NTLM authentication package request passed by an RODC. */
+ NETLOGON_SAMLOGON_FLAG_RODC_NTLM_REQUEST = 0x00000008
+ } netr_LogonSamLogon_flags;
+
+ NTSTATUS netr_LogonSamLogonEx(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,unique] [string,charset(UTF16)] uint16 *computer_name,
+ [in] netr_LogonInfoClass logon_level,
+ [in,ref] [switch_is(logon_level)] netr_LogonLevel *logon,
+ [in] uint16 validation_level,
+ [out,ref] [switch_is(validation_level)] netr_Validation *validation,
+ [out,ref] uint8 *authoritative,
+ [in,out,ref] netr_LogonSamLogon_flags *flags
+ );
+
+ /****************/
+ /* Function 0x28 */
+
+ WERROR netr_DsrEnumerateDomainTrusts(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] netr_TrustFlags trust_flags,
+ [out,ref] netr_DomainTrustList *trusts
+ );
+
+
+ /****************/
+ /* Function 0x29 */
+ WERROR netr_DsrDeregisterDNSHostRecords(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,unique] [string,charset(UTF16)] uint16 *domain,
+ [in,unique] GUID *domain_guid,
+ [in,unique] GUID *dsa_guid,
+ [in,ref] [string,charset(UTF16)] uint16 *dns_host
+ );
+
+ /****************/
+ /* Function 0x2a */
+ NTSTATUS netr_ServerTrustPasswordsGet(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in] [string,charset(UTF16)] uint16 *account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Authenticator *credential,
+ [out,ref] netr_Authenticator *return_authenticator,
+ [out,ref] samr_Password *new_owf_password,
+ [out,ref] samr_Password *old_owf_password
+ );
+
+ /****************/
+ /* Function 0x2b */
+
+ const int DS_GFTI_UPDATE_TDO = 0x1;
+
+ WERROR netr_DsRGetForestTrustInformation(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,unique] [string,charset(UTF16)] uint16 *trusted_domain_name,
+ [in] uint32 flags,
+ [out,ref] lsa_ForestTrustInformation **forest_trust_info
+ );
+
+ /****************/
+ /* Function 0x2c */
+ NTSTATUS netr_GetForestTrustInformation(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,ref] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Authenticator *credential,
+ [out,ref] netr_Authenticator *return_authenticator,
+ [in] uint32 flags,
+ [out,ref] lsa_ForestTrustInformation **forest_trust_info
+ );
+
+ /****************/
+ /* Function 0x2d */
+
+ /* this is the ADS varient. I don't yet know what the "flags" are for */
+ NTSTATUS netr_LogonSamLogonWithFlags(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,unique] [string,charset(UTF16)] uint16 *computer_name,
+ [in,unique] netr_Authenticator *credential,
+ [in,out,unique] netr_Authenticator *return_authenticator,
+ [in] netr_LogonInfoClass logon_level,
+ [in,ref] [switch_is(logon_level)] netr_LogonLevel *logon,
+ [in] uint16 validation_level,
+ [out,ref] [switch_is(validation_level)] netr_Validation *validation,
+ [out,ref] uint8 *authoritative,
+ [in,out,ref] netr_LogonSamLogon_flags *flags
+ );
+
+ /****************/
+ /* Function 0x2e */
+
+ typedef struct {
+ uint32 count;
+ [size_is(count)] uint32 *data;
+ uint32 entry_count;
+ [size_is(count)] lsa_String *entries;
+ } netr_TrustInfo;
+
+ NTSTATUS netr_ServerGetTrustInfo(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,ref] [string,charset(UTF16)] uint16 *account_name,
+ [in] netr_SchannelType secure_channel_type,
+ [in,ref] [string,charset(UTF16)] uint16 *computer_name,
+ [in,ref] netr_Authenticator *credential,
+ [out,ref] netr_Authenticator *return_authenticator,
+ [out,ref] samr_Password *new_owf_password,
+ [out,ref] samr_Password *old_owf_password,
+ [out,ref] netr_TrustInfo **trust_info
+ );
+
+ /****************/
+ /* Function 0x2f */
+
+ NTSTATUS netr_Unused47(void);
+
+
+ /****************/
+ /* Function 0x30 */
+
+ typedef enum {
+ NlDnsLdapAtSite = 22,
+ NlDnsGcAtSite = 25,
+ NlDnsDsaCname = 28,
+ NlDnsKdcAtSite = 30,
+ NlDnsDcAtSite = 32,
+ NlDnsRfc1510KdcAtSite = 34,
+ NlDnsGenericGcAtSite = 36
+ } netr_DnsType;
+
+ typedef enum {
+ NlDnsInfoTypeNone = 0,
+ NlDnsDomainName = 1,
+ NlDnsDomainNameAlias = 2,
+ NlDnsForestName = 3,
+ NlDnsForestNameAlias = 4,
+ NlDnsNdncDomainName = 5,
+ NlDnsRecordName = 6
+ } netr_DnsDomainInfoType;
+
+ typedef struct {
+ netr_DnsType type;
+ [string,charset(UTF16)] uint16 *dns_domain_info;
+ netr_DnsDomainInfoType dns_domain_info_type;
+ uint32 priority;
+ uint32 weight;
+ uint32 port;
+ boolean32 dns_register;
+ uint32 status;
+ } NL_DNS_NAME_INFO;
+
+ typedef [public] struct {
+ uint32 count;
+ [size_is(count)] NL_DNS_NAME_INFO *names;
+ } NL_DNS_NAME_INFO_ARRAY;
+
+ NTSTATUS netr_DsrUpdateReadOnlyServerDnsRecords(
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,ref] [string,charset(UTF16)] uint16 *computer_name,
+ [in, ref] netr_Authenticator *credential,
+ [out,ref] netr_Authenticator *return_authenticator,
+ [in,unique] [string,charset(UTF16)] uint16 *site_name,
+ [in] uint32 dns_ttl,
+ [in,out,ref] NL_DNS_NAME_INFO_ARRAY *dns_names
+ );
+}