diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 17:47:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 17:47:29 +0000 |
commit | 4f5791ebd03eaec1c7da0865a383175b05102712 (patch) | |
tree | 8ce7b00f7a76baa386372422adebbe64510812d4 /librpc/idl/netlogon.idl | |
parent | Initial commit. (diff) | |
download | samba-4f5791ebd03eaec1c7da0865a383175b05102712.tar.xz samba-4f5791ebd03eaec1c7da0865a383175b05102712.zip |
Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'librpc/idl/netlogon.idl')
-rw-r--r-- | librpc/idl/netlogon.idl | 1825 |
1 files changed, 1825 insertions, 0 deletions
diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl new file mode 100644 index 0000000..c77151a --- /dev/null +++ b/librpc/idl/netlogon.idl @@ -0,0 +1,1825 @@ +/* + netlogon interface + much of this was derived from the ethereal sources - thanks to everyone + who contributed! +*/ + +import "misc.idl", "lsa.idl", "samr.idl", "security.idl"; + +#include "idl_types.h" + +cpp_quote("#define netr_DeltaEnum8Bit netr_DeltaEnum") +cpp_quote("#define netr_SamDatabaseID8Bit netr_SamDatabaseID") + +cpp_quote("#define ENC_CRC32 KERB_ENCTYPE_DES_CBC_CRC") +cpp_quote("#define ENC_RSA_MD5 KERB_ENCTYPE_DES_CBC_MD5") +cpp_quote("#define ENC_RC4_HMAC_MD5 KERB_ENCTYPE_RC4_HMAC_MD5") +cpp_quote("#define ENC_HMAC_SHA1_96_AES128 KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96") +cpp_quote("#define ENC_HMAC_SHA1_96_AES256 KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96") +cpp_quote("#define ENC_HMAC_SHA1_96_AES256_SK KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96_SK") +cpp_quote("#define ENC_FAST_SUPPORTED KERB_ENCTYPE_FAST_SUPPORTED") +cpp_quote("#define ENC_COMPOUND_IDENTITY_SUPPORTED KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED") +cpp_quote("#define ENC_CLAIMS_SUPPORTED KERB_ENCTYPE_CLAIMS_SUPPORTED") +cpp_quote("#define NETLOGON_SERVER_PIPE_STATE_MAGIC 0x4f555358") + +[ + uuid("12345678-1234-abcd-ef00-01234567cffb"), + version(1.0), + endpoint("ncacn_np:[\\pipe\\netlogon]","ncacn_ip_tcp:","ncalrpc:"), + helper("../librpc/ndr/ndr_netlogon.h"), + ms_union, + pointer_default(unique) +] + +interface netlogon +{ + typedef bitmap samr_AcctFlags samr_AcctFlags; + typedef bitmap security_GroupAttrs security_GroupAttrs; + typedef enum netr_DeltaEnum8Bit netr_DeltaEnum8Bit; + typedef enum netr_SamDatabaseID8Bit netr_SamDatabaseID8Bit; + + /*****************/ + /* Function 0x00 */ + + typedef struct { + [string,charset(UTF16)] uint16 *account_name; + uint32 priv; + uint32 auth_flags; + uint32 logon_count; + uint32 bad_pw_count; + time_t last_logon; + time_t last_logoff; + time_t logoff_time; + time_t kickoff_time; + uint32 password_age; + time_t pw_can_change; + time_t pw_must_change; + [string,charset(UTF16)] uint16 *computer; + [string,charset(UTF16)] uint16 *domain; + [string,charset(UTF16)] uint16 *script_path; + uint32 unknown; + } netr_UasInfo; + + WERROR netr_LogonUasLogon( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 *account_name, + [in] [string,charset(UTF16)] uint16 *workstation, + [out,ref] netr_UasInfo **info + ); + + + /*****************/ + /* Function 0x01 */ + + typedef struct { + uint32 duration; + uint16 logon_count; + } netr_UasLogoffInfo; + + WERROR netr_LogonUasLogoff( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 *account_name, + [in] [string,charset(UTF16)] uint16 *workstation, + [out,ref] netr_UasLogoffInfo *info + ); + + + /*****************/ + /* Function 0x02 */ + + /* in netr_AcctLockStr size seems to be be 24, and rrenard thinks + that the structure of the bindata looks like this: + + dlong lockout_duration; + udlong reset_count; + uint32 bad_attempt_lockout; + uint32 dummy; + + but it doesn't look as though this structure is reflected at the + NDR level. Maybe it is left to the application to decode the bindata array. + */ + typedef [public] struct { + dlong lockout_duration; + udlong reset_count; + uint32 bad_attempt_lockout; + uint32 dummy; + } netr_AcctLockStr; + + /* - MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT + * sets the NETLOGON_SERVER_TRUST_ACCOUNT user_flag + * - MSV1_0_UPDATE_LOGON_STATISTICS + * sets the logon time on network logon + * - MSV1_0_RETURN_USER_PARAMETERS + * sets the user parameters in the driveletter + * - MSV1_0_RETURN_PROFILE_PATH + * returns the profilepath in the driveletter and + * sets LOGON_PROFILE_PATH_RETURNED user_flag + */ + + typedef [public,bitmap32bit] bitmap { + MSV1_0_CLEARTEXT_PASSWORD_ALLOWED = 0x00000002, + MSV1_0_UPDATE_LOGON_STATISTICS = 0x00000004, + MSV1_0_RETURN_USER_PARAMETERS = 0x00000008, + MSV1_0_DONT_TRY_GUEST_ACCOUNT = 0x00000010, + MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT = 0x00000020, + MSV1_0_RETURN_PASSWORD_EXPIRY = 0x00000040, + MSV1_0_USE_CLIENT_CHALLENGE = 0x00000080, + MSV1_0_TRY_GUEST_ACCOUNT_ONLY = 0x00000100, + MSV1_0_RETURN_PROFILE_PATH = 0x00000200, + MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY = 0x00000400, + MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT = 0x00000800, + MSV1_0_DISABLE_PERSONAL_FALLBACK = 0x00001000, + MSV1_0_ALLOW_FORCE_GUEST = 0x00002000, + MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED = 0x00004000, + MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY = 0x00008000, + MSV1_0_ALLOW_MSVCHAPV2 = 0x00010000, + MSV1_0_S4U2SELF = 0x00020000, + MSV1_0_CHECK_LOGONHOURS_FOR_S4U = 0x00040000, + MSV1_0_SUBAUTHENTICATION_DLL_EX = 0x00100000 + } netr_LogonParameterControl; + + /* Summary of the of the Query and Response from Microsoft on + * the usage of logon_id in netr_IdendityInfo + * + * [REG:119013019612095] [MS-NRPC]: NETLOGON_LOGON_IDENTITY_INFO: Does + * the Reserved field have LogonId meaning? + * + * Questions: + * In NetrLogonSamLogonEx does the Reserved field + * (of NETLOGON_LOGON_IDENTITY_INFO) have LogonId meaning? + * + * What is a valid LogonID, and does have any audit usage? + * + * Samba is sending a constant "deadbeef" in hex and would like to + * understand any usage of this field. + * + * Response: + * The NRPC spec is accurate in defining the field as Reserved, and + * without protocol significance. In the header file in our source + * code, it is defined as LogonId and commented as such, but it’s + * effectively not used. This is probably why the API structure has + * that field name. It may have been intended as such but it’s not + * used. + * + * Samba now sends a random value in this field. + */ + typedef struct { + lsa_String domain_name; + netr_LogonParameterControl parameter_control; /* see MSV1_0_* */ + udlong logon_id; + lsa_String account_name; + lsa_String workstation; + } netr_IdentityInfo; + + typedef struct { + netr_IdentityInfo identity_info; + samr_Password lmpassword; + samr_Password ntpassword; + } netr_PasswordInfo; + + typedef [flag(NDR_PAHEX)] struct { + uint16 length; + [value(length)] uint16 size; + [size_is(length),length_is(length)] uint8 *data; + } netr_ChallengeResponse; + + typedef [flag(NDR_PAHEX)] struct { + netr_IdentityInfo identity_info; + uint8 challenge[8]; + netr_ChallengeResponse nt; + netr_ChallengeResponse lm; + } netr_NetworkInfo; + + typedef [flag(NDR_PAHEX)] struct { + netr_IdentityInfo identity_info; + lsa_String package_name; + uint32 length; + [size_is(length)] uint8 *data; + } netr_GenericInfo; + + typedef [public] enum { + NetlogonInteractiveInformation = 1, + NetlogonNetworkInformation = 2, + NetlogonServiceInformation = 3, + NetlogonGenericInformation = 4, + NetlogonInteractiveTransitiveInformation = 5, + NetlogonNetworkTransitiveInformation = 6, + NetlogonServiceTransitiveInformation = 7 + } netr_LogonInfoClass; + + typedef [public,switch_type(netr_LogonInfoClass)] union { + [case(NetlogonInteractiveInformation)] netr_PasswordInfo *password; + [case(NetlogonNetworkInformation)] netr_NetworkInfo *network; + [case(NetlogonServiceInformation)] netr_PasswordInfo *password; + [case(NetlogonGenericInformation)] netr_GenericInfo *generic; + [case(NetlogonInteractiveTransitiveInformation)] netr_PasswordInfo *password; + [case(NetlogonNetworkTransitiveInformation)] netr_NetworkInfo *network; + [case(NetlogonServiceTransitiveInformation)] netr_PasswordInfo *password; + [default]; + } netr_LogonLevel; + + typedef [public,flag(NDR_PAHEX)] struct { + uint8 key[16]; + } netr_UserSessionKey; + + typedef [public,flag(NDR_PAHEX)] struct { + uint8 key[8]; + } netr_LMSessionKey; + + /* Flags for user_flags below */ + typedef [public,bitmap32bit] bitmap { + NETLOGON_GUEST = 0x00000001, + NETLOGON_NOENCRYPTION = 0x00000002, + NETLOGON_CACHED_ACCOUNT = 0x00000004, + NETLOGON_USED_LM_PASSWORD = 0x00000008, + NETLOGON_EXTRA_SIDS = 0x00000020, + NETLOGON_SUBAUTH_SESSION_KEY = 0x00000040, + NETLOGON_SERVER_TRUST_ACCOUNT = 0x00000080, + NETLOGON_NTLMV2_ENABLED = 0x00000100, + NETLOGON_RESOURCE_GROUPS = 0x00000200, + NETLOGON_PROFILE_PATH_RETURNED = 0x00000400, + NETLOGON_GRACE_LOGON = 0x01000000 + } netr_UserFlags; + + typedef struct { + NTTIME logon_time; + NTTIME logoff_time; + NTTIME kickoff_time; + NTTIME last_password_change; + NTTIME allow_password_change; + NTTIME force_password_change; + lsa_String account_name; + lsa_String full_name; + lsa_String logon_script; + lsa_String profile_path; + lsa_String home_directory; + lsa_String home_drive; + uint16 logon_count; + uint16 bad_password_count; + uint32 rid; + uint32 primary_gid; + samr_RidWithAttributeArray groups; + netr_UserFlags user_flags; + [flag(NDR_SECRET)] netr_UserSessionKey key; + lsa_StringLarge logon_server; + lsa_StringLarge logon_domain; + dom_sid2 *domain_sid; + [flag(NDR_SECRET)] netr_LMSessionKey LMSessKey; + samr_AcctFlags acct_flags; + uint32 sub_auth_status; + NTTIME last_successful_logon; + NTTIME last_failed_logon; + uint32 failed_logon_count; + uint32 reserved; + } netr_SamBaseInfo; + + typedef struct { + netr_SamBaseInfo base; + } netr_SamInfo2; + + typedef [public] struct { + dom_sid2 *sid; + security_GroupAttrs attributes; + } netr_SidAttr; + + typedef [public] struct { + netr_SamBaseInfo base; + uint32 sidcount; + [size_is(sidcount)] netr_SidAttr *sids; + } netr_SamInfo3; + + typedef struct { + netr_SamBaseInfo base; + uint32 sidcount; + [size_is(sidcount)] netr_SidAttr *sids; + /* + * On ndr_push: + * Should pointer values be allocated + * of sids[*].sid before the following ones? + * + * That's at least the case for + * PAC_LOGON_INFO. + */ + lsa_String dns_domainname; + lsa_String principal_name; + uint32 unknown4[20]; + } netr_SamInfo6; + + typedef struct { + uint32 pac_size; + [size_is(pac_size)] uint8 *pac; + lsa_String logon_domain; + lsa_String logon_server; + lsa_String principal_name; + uint32 auth_size; + [size_is(auth_size)] uint8 *auth; + netr_UserSessionKey user_session_key; + uint32 expansionroom[10]; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + } netr_PacInfo; + + typedef [flag(NDR_PAHEX)] struct { + uint32 length; + [size_is(length)] uint8 *data; + } netr_GenericInfo2; + + typedef enum { + NetlogonValidationUasInfo = 1, + NetlogonValidationSamInfo = 2, + NetlogonValidationSamInfo2 = 3, + NetlogonValidationGenericInfo2 = 5, + NetlogonValidationSamInfo4 = 6 + } netr_ValidationInfoClass; + + typedef [public,switch_type(uint16)] union { + [case(NetlogonValidationSamInfo)] netr_SamInfo2 *sam2; + [case(NetlogonValidationSamInfo2)] netr_SamInfo3 *sam3; + [case(4)] netr_PacInfo *pac; + [case(NetlogonValidationGenericInfo2)] netr_GenericInfo2 *generic; + [case(NetlogonValidationSamInfo4)] netr_SamInfo6 *sam6; + [default]; + } netr_Validation; + + typedef [public, flag(NDR_PAHEX)] struct { + uint8 data[8]; + } netr_Credential; + + typedef [public] struct { + netr_Credential client_challenge; + netr_Credential server_challenge; + } netlogon_server_pipe_state; + + typedef [public] struct { + netr_Credential cred; + time_t timestamp; + } netr_Authenticator; + + [public] NTSTATUS netr_LogonSamLogon( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] netr_Authenticator *credential, + [in,out,unique] netr_Authenticator *return_authenticator, + [in] netr_LogonInfoClass logon_level, + [in,ref] [switch_is(logon_level)] netr_LogonLevel *logon, + [in] uint16 validation_level, + [out,ref] [switch_is(validation_level)] netr_Validation *validation, + [out,ref] uint8 *authoritative + ); + + + /*****************/ + /* Function 0x03 */ + + NTSTATUS netr_LogonSamLogoff( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] netr_Authenticator *credential, + [in,out,unique] netr_Authenticator *return_authenticator, + [in] netr_LogonInfoClass logon_level, + [in] [switch_is(logon_level)] netr_LogonLevel logon + ); + + + + /*****************/ + /* Function 0x04 */ + + [public] NTSTATUS netr_ServerReqChallenge( + [in,unique,string,charset(UTF16)] uint16 *server_name, + [in,string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Credential *credentials, + [out,ref] netr_Credential *return_credentials + ); + + + /*****************/ + /* Function 0x05 */ + + typedef enum netr_SchannelType netr_SchannelType; + + NTSTATUS netr_ServerAuthenticate( + [in,unique,string,charset(UTF16)] uint16 *server_name, + [in,string,charset(UTF16)] uint16 *account_name, + [in] netr_SchannelType secure_channel_type, + [in,string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Credential *credentials, + [out,ref] netr_Credential *return_credentials + ); + + + /*****************/ + /* Function 0x06 */ + + NTSTATUS netr_ServerPasswordSet( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 *account_name, + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [in,ref] samr_Password *new_password + ); + + + /*****************/ + /* Function 0x07 */ + + typedef enum netr_SamDatabaseID netr_SamDatabaseID; + + typedef struct { + [string,charset(UTF16)] uint16 *account_name; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_DELETE_USER; + + typedef struct { + uint16 length; + [value(length)] uint16 size; + uint32 flags; + samr_Password pwd; + } netr_USER_KEY16; + + typedef struct { + uint16 nt_length; + [value(nt_length)] uint16 nt_size; + uint32 nt_flags; + uint16 lm_length; + [value(lm_length)] uint16 lm_size; + uint32 lm_flags; + uint8 nt_history[nt_length]; + uint8 lm_history[lm_length]; + } netr_PasswordHistory; + + typedef struct { + netr_USER_KEY16 lmpassword; + netr_USER_KEY16 ntpassword; + netr_PasswordHistory history; + } netr_USER_KEYS2; + + typedef struct { /* TODO: make this a union! */ + netr_USER_KEYS2 keys2; + } netr_USER_KEY_UNION; + + typedef [public] struct { + uint32 version; + netr_USER_KEY_UNION keys; + } netr_USER_KEYS; + + typedef struct { + boolean8 SensitiveDataFlag; + uint32 DataLength; + + /* netr_USER_KEYS encrypted with the session key */ + [size_is(DataLength)][flag(NDR_PAHEX)] uint8 *SensitiveData; + } netr_USER_PRIVATE_INFO; + + typedef struct { + lsa_String account_name; + lsa_String full_name; + uint32 rid; + uint32 primary_gid; + lsa_String home_directory; + lsa_String home_drive; + lsa_String logon_script; + lsa_String description; + lsa_String workstations; + NTTIME last_logon; + NTTIME last_logoff; + samr_LogonHours logon_hours; + uint16 bad_password_count; + uint16 logon_count; + NTTIME last_password_change; + NTTIME acct_expiry; + samr_AcctFlags acct_flags; + samr_Password lmpassword; + samr_Password ntpassword; + boolean8 nt_password_present; + boolean8 lm_password_present; + boolean8 password_expired; + lsa_String comment; + lsa_BinaryString parameters; + uint16 country_code; + uint16 code_page; + netr_USER_PRIVATE_INFO user_private_info; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String profile_path; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_USER; + + typedef struct { + lsa_String domain_name; + lsa_String oem_information; /* comment */ + dlong force_logoff_time; + uint16 min_password_length; + uint16 password_history_length; + /* yes, these are signed. They are in negative 100ns */ + dlong max_password_age; + dlong min_password_age; + udlong sequence_num; + NTTIME domain_create_time; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_BinaryString account_lockout; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 logon_to_chgpass; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_DOMAIN; + + typedef struct { + lsa_String group_name; + uint32 rid; + uint32 attributes; + lsa_String description; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_GROUP; + + typedef struct { + lsa_String OldName; + lsa_String NewName; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_RENAME; + + typedef struct { + [size_is(num_rids)] uint32 *rids; + [size_is(num_rids)] uint32 *attribs; + uint32 num_rids; + uint32 unknown1; + uint32 unknown2; + uint32 unknown3; + uint32 unknown4; + } netr_DELTA_GROUP_MEMBER; + + typedef struct { + lsa_String alias_name; + uint32 rid; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String description; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_ALIAS; + + typedef struct { + lsa_SidArray sids; + uint32 unknown1; + uint32 unknown2; + uint32 unknown3; + uint32 unknown4; + } netr_DELTA_ALIAS_MEMBER; + + typedef struct { + uint32 pagedpoollimit; + uint32 nonpagedpoollimit; + uint32 minimumworkingsetsize; + uint32 maximumworkingsetsize; + uint32 pagefilelimit; + NTTIME timelimit; + } netr_QUOTA_LIMITS; + + typedef struct { + uint32 maxlogsize; + NTTIME auditretentionperiod; + boolean8 auditingmode; + uint32 maxauditeventcount; + [size_is(maxauditeventcount+1)] uint32 *eventauditoptions; + lsa_String primary_domain_name; + dom_sid2 *sid; + netr_QUOTA_LIMITS quota_limits; + udlong sequence_num; + NTTIME db_create_time; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_POLICY; + + typedef struct { + lsa_String domain_name; + uint32 num_controllers; + [size_is(num_controllers)] lsa_String *controller_names; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 posix_offset; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_TRUSTED_DOMAIN; + + typedef struct { + uint32 privilege_entries; + uint32 privilege_control; + [size_is(privilege_entries)] uint32 *privilege_attrib; + [size_is(privilege_entries)] lsa_String *privilege_name; + netr_QUOTA_LIMITS quotalimits; + uint32 system_flags; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_ACCOUNT; + + typedef struct { + uint32 len; + uint32 maxlen; + [size_is(maxlen)][length_is(len)] uint8 *cipher_data; + } netr_CIPHER_VALUE; + + typedef struct { + netr_CIPHER_VALUE current_cipher; + NTTIME current_cipher_set_time; + netr_CIPHER_VALUE old_cipher; + NTTIME old_cipher_set_time; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_SECRET; + + typedef enum { + NETR_DELTA_DOMAIN = 1, + NETR_DELTA_GROUP = 2, + NETR_DELTA_DELETE_GROUP = 3, + NETR_DELTA_RENAME_GROUP = 4, + NETR_DELTA_USER = 5, + NETR_DELTA_DELETE_USER = 6, + NETR_DELTA_RENAME_USER = 7, + NETR_DELTA_GROUP_MEMBER = 8, + NETR_DELTA_ALIAS = 9, + NETR_DELTA_DELETE_ALIAS = 10, + NETR_DELTA_RENAME_ALIAS = 11, + NETR_DELTA_ALIAS_MEMBER = 12, + NETR_DELTA_POLICY = 13, + NETR_DELTA_TRUSTED_DOMAIN = 14, + NETR_DELTA_DELETE_TRUST = 15, + NETR_DELTA_ACCOUNT = 16, + NETR_DELTA_DELETE_ACCOUNT = 17, + NETR_DELTA_SECRET = 18, + NETR_DELTA_DELETE_SECRET = 19, + NETR_DELTA_DELETE_GROUP2 = 20, + NETR_DELTA_DELETE_USER2 = 21, + NETR_DELTA_MODIFY_COUNT = 22 + } netr_DeltaEnum; + + typedef [switch_type(netr_DeltaEnum)] union { + [case(NETR_DELTA_DOMAIN)] netr_DELTA_DOMAIN *domain; + [case(NETR_DELTA_GROUP)] netr_DELTA_GROUP *group; + [case(NETR_DELTA_DELETE_GROUP)] ; /* rid only */ + [case(NETR_DELTA_RENAME_GROUP)] netr_DELTA_RENAME *rename_group; + [case(NETR_DELTA_USER)] netr_DELTA_USER *user; + [case(NETR_DELTA_DELETE_USER)] ; /* rid only */ + [case(NETR_DELTA_RENAME_USER)] netr_DELTA_RENAME *rename_user; + [case(NETR_DELTA_GROUP_MEMBER)] netr_DELTA_GROUP_MEMBER *group_member; + [case(NETR_DELTA_ALIAS)] netr_DELTA_ALIAS *alias; + [case(NETR_DELTA_DELETE_ALIAS)] ; /* rid only */ + [case(NETR_DELTA_RENAME_ALIAS)] netr_DELTA_RENAME *rename_alias; + [case(NETR_DELTA_ALIAS_MEMBER)] netr_DELTA_ALIAS_MEMBER *alias_member; + [case(NETR_DELTA_POLICY)] netr_DELTA_POLICY *policy; + [case(NETR_DELTA_TRUSTED_DOMAIN)] netr_DELTA_TRUSTED_DOMAIN *trusted_domain; + [case(NETR_DELTA_DELETE_TRUST)] ; /* sid only */ + [case(NETR_DELTA_ACCOUNT)] netr_DELTA_ACCOUNT *account; + [case(NETR_DELTA_DELETE_ACCOUNT)] ; /* sid only */ + [case(NETR_DELTA_SECRET)] netr_DELTA_SECRET *secret; + [case(NETR_DELTA_DELETE_SECRET)] ; /* name only */ + [case(NETR_DELTA_DELETE_GROUP2)] netr_DELTA_DELETE_USER *delete_group; + [case(NETR_DELTA_DELETE_USER2)] netr_DELTA_DELETE_USER *delete_user; + [case(NETR_DELTA_MODIFY_COUNT)] udlong *modified_count; + [default]; + } netr_DELTA_UNION; + + typedef [switch_type(netr_DeltaEnum)] union { + [case(NETR_DELTA_DOMAIN)] uint32 rid; + [case(NETR_DELTA_GROUP)] uint32 rid; + [case(NETR_DELTA_DELETE_GROUP)] uint32 rid; + [case(NETR_DELTA_RENAME_GROUP)] uint32 rid; + [case(NETR_DELTA_USER)] uint32 rid; + [case(NETR_DELTA_DELETE_USER)] uint32 rid; + [case(NETR_DELTA_RENAME_USER)] uint32 rid; + [case(NETR_DELTA_GROUP_MEMBER)] uint32 rid; + [case(NETR_DELTA_ALIAS)] uint32 rid; + [case(NETR_DELTA_DELETE_ALIAS)] uint32 rid; + [case(NETR_DELTA_RENAME_ALIAS)] uint32 rid; + [case(NETR_DELTA_ALIAS_MEMBER)] uint32 rid; + [case(NETR_DELTA_POLICY)] dom_sid2 *sid; + [case(NETR_DELTA_TRUSTED_DOMAIN)] dom_sid2 *sid; + [case(NETR_DELTA_DELETE_TRUST)] dom_sid2 *sid; + [case(NETR_DELTA_ACCOUNT)] dom_sid2 *sid; + [case(NETR_DELTA_DELETE_ACCOUNT)] dom_sid2 *sid; + [case(NETR_DELTA_SECRET)] [string,charset(UTF16)] uint16 *name; + [case(NETR_DELTA_DELETE_SECRET)] [string,charset(UTF16)] uint16 *name; + [case(NETR_DELTA_DELETE_GROUP2)] uint32 rid; + [case(NETR_DELTA_DELETE_USER2)] uint32 rid; + [case(NETR_DELTA_MODIFY_COUNT)] ; + [default]; + } netr_DELTA_ID_UNION; + + typedef struct { + netr_DeltaEnum delta_type; + [switch_is(delta_type)] netr_DELTA_ID_UNION delta_id_union; + [switch_is(delta_type)] netr_DELTA_UNION delta_union; + } netr_DELTA_ENUM; + + typedef struct { + uint32 num_deltas; + [size_is(num_deltas)] netr_DELTA_ENUM *delta_enum; + } netr_DELTA_ENUM_ARRAY; + + NTSTATUS netr_DatabaseDeltas( + [in] [string,charset(UTF16)] uint16 *logon_server, + [in] [string,charset(UTF16)] uint16 *computername, + [in,ref] netr_Authenticator *credential, + [in,out,ref] netr_Authenticator *return_authenticator, + [in] netr_SamDatabaseID database_id, + [in,out,ref] udlong *sequence_num, + [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array, + [in] uint32 preferredmaximumlength + ); + + + /*****************/ + /* Function 0x08 */ + + NTSTATUS netr_DatabaseSync( + [in] [string,charset(UTF16)] uint16 *logon_server, + [in] [string,charset(UTF16)] uint16 *computername, + [in,ref] netr_Authenticator *credential, + [in,out,ref] netr_Authenticator *return_authenticator, + [in] netr_SamDatabaseID database_id, + [in,out,ref] uint32 *sync_context, + [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array, + [in] uint32 preferredmaximumlength + ); + + + /*****************/ + /* Function 0x09 */ + + /* w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this call */ + + typedef [flag(NDR_PAHEX)] struct { + uint8 computer_name[16]; + uint32 timecreated; + uint32 serial_number; + } netr_UAS_INFO_0; + + typedef struct { + [flag(NDR_REMAINING)] DATA_BLOB blob; + } netr_AccountBuffer; + + NTSTATUS netr_AccountDeltas( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in] [string,charset(UTF16)] uint16 *computername, + [in] netr_Authenticator credential, + [in,out,ref] netr_Authenticator *return_authenticator, + [in] netr_UAS_INFO_0 uas, + [in] uint32 count, + [in] uint32 level, + [in] uint32 buffersize, + [out,ref,subcontext(4)] netr_AccountBuffer *buffer, + [out,ref] uint32 *count_returned, + [out,ref] uint32 *total_entries, + [out,ref] netr_UAS_INFO_0 *recordid + ); + + + /*****************/ + /* Function 0x0A */ + + NTSTATUS netr_AccountSync( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in] [string,charset(UTF16)] uint16 *computername, + [in] netr_Authenticator credential, + [in,out,ref] netr_Authenticator *return_authenticator, + [in] uint32 reference, + [in] uint32 level, + [in] uint32 buffersize, + [out,ref,subcontext(4)] netr_AccountBuffer *buffer, + [out,ref] uint32 *count_returned, + [out,ref] uint32 *total_entries, + [out,ref] uint32 *next_reference, + [in,out,ref] netr_UAS_INFO_0 *recordid + ); + + + /*****************/ + /* Function 0x0B */ + + WERROR netr_GetDcName( + [in] [string,charset(UTF16)] uint16 *logon_server, + [in,unique] [string,charset(UTF16)] uint16 *domainname, + [out,ref] [string,charset(UTF16)] uint16 **dcname + ); + + /*****************/ + /* Function 0x0C */ + + typedef [bitmap32bit] bitmap { + NETLOGON_REPLICATION_NEEDED = 0x00000001, + NETLOGON_REPLICATION_IN_PROGRESS = 0x00000002, + NETLOGON_FULL_SYNC_REPLICATION = 0x00000004, + NETLOGON_REDO_NEEDED = 0x00000008, + NETLOGON_HAS_IP = 0x00000010, + NETLOGON_HAS_TIMESERV = 0x00000020, + NETLOGON_DNS_UPDATE_FAILURE = 0x00000040, + NETLOGON_VERIFY_STATUS_RETURNED = 0x00000080 + } netr_InfoFlags; + + typedef struct { + netr_InfoFlags flags; + WERROR pdc_connection_status; + } netr_NETLOGON_INFO_1; + + typedef struct { + netr_InfoFlags flags; + WERROR pdc_connection_status; + [string,charset(UTF16)] uint16 *trusted_dc_name; + WERROR tc_connection_status; + } netr_NETLOGON_INFO_2; + + typedef struct { + netr_InfoFlags flags; + uint32 logon_attempts; + uint32 unknown1; + uint32 unknown2; + uint32 unknown3; + uint32 unknown4; + uint32 unknown5; + } netr_NETLOGON_INFO_3; + + typedef struct { + [string,charset(UTF16)] uint16 *trusted_dc_name; + [string,charset(UTF16)] uint16 *trusted_domain_name; + } netr_NETLOGON_INFO_4; + + typedef [public] union { + [case(1)] netr_NETLOGON_INFO_1 *info1; + [case(2)] netr_NETLOGON_INFO_2 *info2; + [case(3)] netr_NETLOGON_INFO_3 *info3; + [case(4)] netr_NETLOGON_INFO_4 *info4; + [default] ; + } netr_CONTROL_QUERY_INFORMATION; + + /* function_code values */ + typedef [v1_enum,public] enum { + NETLOGON_CONTROL_QUERY = 0x00000001, + NETLOGON_CONTROL_REPLICATE = 0x00000002, + NETLOGON_CONTROL_SYNCHRONIZE = 0x00000003, + NETLOGON_CONTROL_PDC_REPLICATE = 0x00000004, + NETLOGON_CONTROL_REDISCOVER = 0x00000005, + NETLOGON_CONTROL_TC_QUERY = 0x00000006, + NETLOGON_CONTROL_TRANSPORT_NOTIFY = 0x00000007, + NETLOGON_CONTROL_FIND_USER = 0x00000008, + NETLOGON_CONTROL_CHANGE_PASSWORD = 0x00000009, + NETLOGON_CONTROL_TC_VERIFY = 0x0000000A, + NETLOGON_CONTROL_FORCE_DNS_REG = 0x0000000B, + NETLOGON_CONTROL_QUERY_DNS_REG = 0x0000000C, + NETLOGON_CONTROL_BACKUP_CHANGE_LOG = 0x0000FFFC, + NETLOGON_CONTROL_TRUNCATE_LOG = 0x0000FFFD, + NETLOGON_CONTROL_SET_DBFLAG = 0x0000FFFE, + NETLOGON_CONTROL_BREAKPOINT = 0x0000FFFF + } netr_LogonControlCode; + + WERROR netr_LogonControl( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in] netr_LogonControlCode function_code, + [in] uint32 level, + [out,ref,switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query + ); + + + /*****************/ + /* Function 0x0D */ + + WERROR netr_GetAnyDCName( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in,unique] [string,charset(UTF16)] uint16 *domainname, + [out,ref] [string,charset(UTF16)] uint16 **dcname + ); + + + /*****************/ + /* Function 0x0E */ + + typedef [public,switch_type(netr_LogonControlCode)] union { + [case(NETLOGON_CONTROL_REDISCOVER)] [string,charset(UTF16)] uint16 *domain; + [case(NETLOGON_CONTROL_TC_QUERY)] [string,charset(UTF16)] uint16 *domain; + [case(NETLOGON_CONTROL_TRANSPORT_NOTIFY)] [string,charset(UTF16)] uint16 *domain; + [case(NETLOGON_CONTROL_CHANGE_PASSWORD)] [string,charset(UTF16)] uint16 *domain; + [case(NETLOGON_CONTROL_TC_VERIFY)] [string,charset(UTF16)] uint16 *domain; + [case(NETLOGON_CONTROL_FIND_USER)] [string,charset(UTF16)] uint16 *user; + [case(NETLOGON_CONTROL_SET_DBFLAG)] uint32 debug_level; + [default] ; + } netr_CONTROL_DATA_INFORMATION; + + WERROR netr_LogonControl2( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in] netr_LogonControlCode function_code, + [in] uint32 level, + [in,ref][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION *data, + [out,ref][switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query + ); + + + /* If NETLOGON_NEG_ARCFOUR flag is not set, then the passwords and LM + * session keys are encrypted with DES calls. (And the user session key + * is unencrypted) */ + + /*****************/ + /* Function 0x0F */ + + typedef [public,bitmap32bit] bitmap { + NETLOGON_NEG_ACCOUNT_LOCKOUT = 0x00000001, + NETLOGON_NEG_PERSISTENT_SAMREPL = 0x00000002, + NETLOGON_NEG_ARCFOUR = 0x00000004, + NETLOGON_NEG_PROMOTION_COUNT = 0x00000008, + NETLOGON_NEG_CHANGELOG_BDC = 0x00000010, + NETLOGON_NEG_FULL_SYNC_REPL = 0x00000020, + NETLOGON_NEG_MULTIPLE_SIDS = 0x00000040, + NETLOGON_NEG_REDO = 0x00000080, + NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL = 0x00000100, + NETLOGON_NEG_SEND_PASSWORD_INFO_PDC = 0x00000200, + NETLOGON_NEG_GENERIC_PASSTHROUGH = 0x00000400, + NETLOGON_NEG_CONCURRENT_RPC = 0x00000800, + NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL = 0x00001000, + NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL = 0x00002000, + NETLOGON_NEG_STRONG_KEYS = 0x00004000, + NETLOGON_NEG_TRANSITIVE_TRUSTS = 0x00008000, + NETLOGON_NEG_DNS_DOMAIN_TRUSTS = 0x00010000, + NETLOGON_NEG_PASSWORD_SET2 = 0x00020000, + NETLOGON_NEG_GETDOMAININFO = 0x00040000, + NETLOGON_NEG_CROSS_FOREST_TRUSTS = 0x00080000, + NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION = 0x00100000, + NETLOGON_NEG_RODC_PASSTHROUGH = 0x00200000, + NETLOGON_NEG_SUPPORTS_AES_SHA2 = 0x00400000, + NETLOGON_NEG_SUPPORTS_AES = 0x01000000, + NETLOGON_NEG_AUTHENTICATED_RPC_LSASS = 0x20000000, + NETLOGON_NEG_AUTHENTICATED_RPC = 0x40000000 + } netr_NegotiateFlags; + + const uint32 NETLOGON_NEG_128BIT = NETLOGON_NEG_STRONG_KEYS; + const uint32 NETLOGON_NEG_SCHANNEL = NETLOGON_NEG_AUTHENTICATED_RPC; + + NTSTATUS netr_ServerAuthenticate2( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 *account_name, + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Credential *credentials, + [out,ref] netr_Credential *return_credentials, + [in,out,ref] netr_NegotiateFlags *negotiate_flags + ); + + + /*****************/ + /* Function 0x10 */ + + typedef enum { + SYNCSTATE_NORMAL_STATE = 0, + SYNCSTATE_DOMAIN_STATE = 1, + SYNCSTATE_GROUP_STATE = 2, + SYNCSTATE_UAS_BUILT_IN_GROUP_STATE = 3, + SYNCSTATE_USER_STATE = 4, + SYNCSTATE_GROUP_MEMBER_STATE = 5, + SYNCSTATE_ALIAS_STATE = 6, + SYNCSTATE_ALIAS_MEMBER_STATE = 7, + SYNCSTATE_SAM_DONE_STATE = 8 + } SyncStateEnum; + + NTSTATUS netr_DatabaseSync2( + [in] [string,charset(UTF16)] uint16 *logon_server, + [in] [string,charset(UTF16)] uint16 *computername, + [in,ref] netr_Authenticator *credential, + [in,out,ref] netr_Authenticator *return_authenticator, + [in] netr_SamDatabaseID database_id, + [in] SyncStateEnum restart_state, + [in,out,ref] uint32 *sync_context, + [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array, + [in] uint32 preferredmaximumlength + ); + + + /*****************/ + /* Function 0x11 */ + + /* i'm not at all sure how this call works */ + + typedef [bitmap16bit] bitmap { + NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED = 0x0001, + NETR_CHANGELOG_CHANGED_PASSWORD = 0x0002, + NETR_CHANGELOG_SID_INCLUDED = 0x0004, + NETR_CHANGELOG_NAME_INCLUDED = 0x0008, + NETR_CHANGELOG_FIRST_PROMOTION_OBJ = 0x0010 + } netr_ChangeLogFlags; + + typedef [nodiscriminant] union { + [case(NETR_CHANGELOG_SID_INCLUDED)] dom_sid object_sid; + [case(NETR_CHANGELOG_NAME_INCLUDED)] nstring object_name; + [default]; + } netr_ChangeLogObject; + + typedef [public,gensize] struct { + uint32 serial_number1; + uint32 serial_number2; + uint32 object_rid; + netr_ChangeLogFlags flags; + netr_SamDatabaseID8Bit db_index; + netr_DeltaEnum8Bit delta_type; + [switch_is(flags & (NETR_CHANGELOG_SID_INCLUDED|NETR_CHANGELOG_NAME_INCLUDED))] netr_ChangeLogObject object; + } netr_ChangeLogEntry; + + NTSTATUS netr_DatabaseRedo( + [in] [string,charset(UTF16)] uint16 *logon_server, + [in] [string,charset(UTF16)] uint16 *computername, + [in] netr_Authenticator *credential, + [in,out,ref] netr_Authenticator *return_authenticator, + /* + * we cannot use subcontext_size() here, as + * change_log_entry_size is encoded after the subcontext + */ + [in] [subcontext(4)/*,subcontext_size(change_log_entry_size)*/] + netr_ChangeLogEntry change_log_entry, + [in] [value(ndr_size_netr_ChangeLogEntry(&change_log_entry, + ndr->flags))] + uint32 change_log_entry_size, + [out,ref] netr_DELTA_ENUM_ARRAY **delta_enum_array + ); + + + /*****************/ + /* Function 0x12 */ + + WERROR netr_LogonControl2Ex( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in] netr_LogonControlCode function_code, + [in] uint32 level, + [in,ref][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION *data, + [out,ref][switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query + ); + + /*****************/ + /* Function 0x13 */ + typedef struct { + uint32 length; + [size_is(length)] uint8 *data; + } netr_Blob; + + NTSTATUS netr_NetrEnumerateTrustedDomains( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [out,ref] netr_Blob *trusted_domains_blob + ); + + /*****************/ + /* Function 0x14 */ + + /* one unknown bit still: DS_IP_VERSION_AGNOSTIC - gd*/ + + const int DSGETDC_VALID_FLAGS = (DS_FORCE_REDISCOVERY | + DS_DIRECTORY_SERVICE_REQUIRED | + DS_DIRECTORY_SERVICE_PREFERRED | + DS_GC_SERVER_REQUIRED | + DS_PDC_REQUIRED | + DS_BACKGROUND_ONLY | + DS_IP_REQUIRED | + DS_KDC_REQUIRED | + DS_TIMESERV_REQUIRED | + DS_WRITABLE_REQUIRED | + DS_GOOD_TIMESERV_PREFERRED | + DS_AVOID_SELF | + DS_ONLY_LDAP_NEEDED | + DS_IS_FLAT_NAME | + DS_IS_DNS_NAME | + DS_TRY_NEXTCLOSEST_SITE | + DS_DIRECTORY_SERVICE_6_REQUIRED | + DS_WEB_SERVICE_REQUIRED | + /* + * For now we skip these until + * we have test for them: + * DS_DIRECTORY_SERVICE_8_REQUIRED | + * DS_DIRECTORY_SERVICE_9_REQUIRED | + * DS_DIRECTORY_SERVICE_10_REQUIRED | + */ + DS_RETURN_FLAT_NAME | + DS_RETURN_DNS_NAME); + + typedef [bitmap32bit] bitmap { + DS_FORCE_REDISCOVERY = 0x00000001, + DS_DIRECTORY_SERVICE_REQUIRED = 0x00000010, + DS_DIRECTORY_SERVICE_PREFERRED = 0x00000020, + DS_GC_SERVER_REQUIRED = 0x00000040, + DS_PDC_REQUIRED = 0x00000080, + DS_BACKGROUND_ONLY = 0x00000100, + DS_IP_REQUIRED = 0x00000200, + DS_KDC_REQUIRED = 0x00000400, + DS_TIMESERV_REQUIRED = 0x00000800, + DS_WRITABLE_REQUIRED = 0x00001000, + DS_GOOD_TIMESERV_PREFERRED = 0x00002000, + DS_AVOID_SELF = 0x00004000, + DS_ONLY_LDAP_NEEDED = 0x00008000, + DS_IS_FLAT_NAME = 0x00010000, + DS_IS_DNS_NAME = 0x00020000, + DS_TRY_NEXTCLOSEST_SITE = 0x00040000, + DS_DIRECTORY_SERVICE_6_REQUIRED = 0x00080000, /* 2008 */ + DS_WEB_SERVICE_REQUIRED = 0x00100000, + DS_DIRECTORY_SERVICE_8_REQUIRED = 0x00200000, /* 2012 */ + DS_DIRECTORY_SERVICE_9_REQUIRED = 0x00400000, /* 2012R2 */ + DS_DIRECTORY_SERVICE_10_REQUIRED= 0x00800000, /* 2016 */ + DS_RETURN_DNS_NAME = 0x40000000, + DS_RETURN_FLAT_NAME = 0x80000000 + } netr_DsRGetDCName_flags; + + typedef [v1_enum] enum { + DS_ADDRESS_TYPE_INET = 1, + DS_ADDRESS_TYPE_NETBIOS = 2 + } netr_DsRGetDCNameInfo_AddressType; + + typedef [bitmap32bit] bitmap { + DS_SERVER_PDC = 0x00000001, + DS_SERVER_GC = 0x00000004, + DS_SERVER_LDAP = 0x00000008, + DS_SERVER_DS = 0x00000010, + DS_SERVER_KDC = 0x00000020, + DS_SERVER_TIMESERV = 0x00000040, + DS_SERVER_CLOSEST = 0x00000080, + DS_SERVER_WRITABLE = 0x00000100, + DS_SERVER_GOOD_TIMESERV = 0x00000200, + DS_SERVER_NDNC = 0x00000400, + DS_SERVER_SELECT_SECRET_DOMAIN_6 = 0x00000800, /* 2008 / RODC */ + DS_SERVER_FULL_SECRET_DOMAIN_6 = 0x00001000, /* 2008 / RWDC */ + DS_SERVER_WEBSERV = 0x00002000, + DS_SERVER_DS_8 = 0x00004000, /* 2012 */ + DS_SERVER_DS_9 = 0x00008000, /* 2012R2 */ + DS_SERVER_DS_10 = 0x00010000, /* 2016 */ + DS_DNS_CONTROLLER = 0x20000000, + DS_DNS_DOMAIN = 0x40000000, + DS_DNS_FOREST_ROOT = 0x80000000 + } netr_DsR_DcFlags; + + typedef [public] struct { + [string,charset(UTF16)] uint16 *dc_unc; + [string,charset(UTF16)] uint16 *dc_address; + netr_DsRGetDCNameInfo_AddressType dc_address_type; + GUID domain_guid; + [string,charset(UTF16)] uint16 *domain_name; + [string,charset(UTF16)] uint16 *forest_name; + netr_DsR_DcFlags dc_flags; + [string,charset(UTF16)] uint16 *dc_site_name; + [string,charset(UTF16)] uint16 *client_site_name; + } netr_DsRGetDCNameInfo; + + WERROR netr_DsRGetDCName( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] GUID *domain_guid, + [in,unique] GUID *site_guid, + [in] netr_DsRGetDCName_flags flags, + [out,ref] netr_DsRGetDCNameInfo **info + ); + + /*****************/ + /* Function 0x15 */ + typedef [switch_type(uint32)] union { + [case(1)] netr_NegotiateFlags server_capabilities; + [case(2)] netr_NegotiateFlags server_capabilities; + } netr_Capabilities; + + NTSTATUS netr_LogonGetCapabilities( + [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [in,out,ref] netr_Authenticator *return_authenticator, + [in] uint32 query_level, + [out,ref,switch_is(query_level)] netr_Capabilities *capabilities + ); + + /****************/ + /* Function 0x16 */ + [todo] WERROR netr_NETRLOGONSETSERVICEBITS(); + + /****************/ + /* Function 0x17 */ + WERROR netr_LogonGetTrustRid( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [out,ref] uint32 *rid + ); + + /****************/ + /* Function 0x18 */ + [todo] WERROR netr_NETRLOGONCOMPUTESERVERDIGEST(); + + /****************/ + /* Function 0x19 */ + [todo] WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST(); + + /****************/ + /* Function 0x1a */ + [public] NTSTATUS netr_ServerAuthenticate3( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 *account_name, + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Credential *credentials, + [out,ref] netr_Credential *return_credentials, + [in,out,ref] netr_NegotiateFlags *negotiate_flags, + [out,ref] uint32 *rid + ); + + /****************/ + /* Function 0x1b */ + + WERROR netr_DsRGetDCNameEx( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] GUID *domain_guid, + [in,unique] [string,charset(UTF16)] uint16 *site_name, + [in] netr_DsRGetDCName_flags flags, + [out,ref] netr_DsRGetDCNameInfo **info + ); + + + /****************/ + /* Function 0x1c */ + WERROR netr_DsRGetSiteName( + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [out,ref] [string,charset(UTF16)] uint16 **site + ); + + /****************/ + /* Function 0x1d */ + typedef [public,bitmap32bit] bitmap { + NETR_TRUST_FLAG_IN_FOREST = 0x00000001, + NETR_TRUST_FLAG_OUTBOUND = 0x00000002, + NETR_TRUST_FLAG_TREEROOT = 0x00000004, + NETR_TRUST_FLAG_PRIMARY = 0x00000008, + NETR_TRUST_FLAG_NATIVE = 0x00000010, + NETR_TRUST_FLAG_INBOUND = 0x00000020, + NETR_TRUST_FLAG_MIT_KRB5 = 0x00000080, + NETR_TRUST_FLAG_AES = 0x00000100 + } netr_TrustFlags; + + typedef [bitmap32bit] bitmap { + NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS = 0x00000001, + NETR_WS_FLAG_HANDLES_SPN_UPDATE = 0x00000002 + } netr_WorkstationFlags; + + typedef [bitmap16bit] bitmap { + NETR_VER_SUITE_BACKOFFICE = 0x0004, + NETR_VER_SUITE_BLADE = 0x0400, + NETR_VER_SUITE_COMPUTE_SERVER = 0x4000, + NETR_VER_SUITE_DATACENTER = 0x0080, + NETR_VER_SUITE_ENTERPRISE = 0x0002, + NETR_VER_SUITE_EMBEDDEDNT = 0x0040, + NETR_VER_SUITE_PERSONAL = 0x0200, + NETR_VER_SUITE_SINGLEUSERTS = 0x0100, + NETR_VER_SUITE_SMALLBUSINESS = 0x0001, + NETR_VER_SUITE_SMALLBUSINESS_RESTRICTED = 0x0020, + NETR_VER_SUITE_STORAGE_SERVER = 0x2000, + NETR_VER_SUITE_TERMINAL = 0x0010, + NETR_VER_SUITE_WH_SERVER = 0x8000 + } netr_SuiteMask; + + typedef [bitmap8bit] bitmap { + NETR_VER_NT_DOMAIN_CONTROLLER = 0x02, + NETR_VER_NT_SERVER = 0x03, + NETR_VER_NT_WORKSTATION = 0x01 + } netr_ProductType; + + typedef struct { + uint32 policy_size; + [size_is(policy_size)] uint8 *policy; + } netr_LsaPolicyInformation; + + typedef struct { + [value(284)] uint32 OSVersionInfoSize; + uint32 MajorVersion; + uint32 MinorVersion; + uint32 BuildNumber; + uint32 PlatformId; + [subcontext(0),subcontext_size(256)] nstring CSDVersion; + uint16 ServicePackMajor; + uint16 ServicePackMinor; + netr_SuiteMask SuiteMask; + netr_ProductType ProductType; + uint8 Reserved; + } netr_OsVersionInfoEx; + + typedef struct { + /* these first 3 values come from the fact windows + actually encodes this structure as a UNICODE_STRING + - see MS-NRPC section 2.2.1.3.9 */ + /* 142 * 2 = 284 (length of structure "netr_OsVersionInfoEx") */ + [value(142)] uint3264 length; + [value(0)] uint3264 dummy; + [value(142)] uint3264 size; + [subcontext(0),subcontext_size(size*2)] + netr_OsVersionInfoEx os; + } netr_OsVersion; + + typedef struct { + /* value is 284 when info != os, otherwise 0 (for length and + size) */ + [value(os == NULL ? 0 : 284)] uint16 length; + [value(os == NULL ? 0 : 284)] uint16 size; + netr_OsVersion *os; + } netr_OsVersionContainer; + + typedef struct { + netr_LsaPolicyInformation lsa_policy; + [string,charset(UTF16)] uint16 *dns_hostname; + [string,charset(UTF16)] uint16 *sitename; + [string,charset(UTF16)] uint16 *dummy1; + [string,charset(UTF16)] uint16 *dummy2; + [string,charset(UTF16)] uint16 *dummy3; + [string,charset(UTF16)] uint16 *dummy4; + netr_OsVersionContainer os_version; + lsa_String os_name; + lsa_String dummy_string3; + lsa_String dummy_string4; + netr_WorkstationFlags workstation_flags; + kerb_EncTypes supported_enc_types; + uint32 dummy_long3; + uint32 dummy_long4; + } netr_WorkstationInformation; + + typedef union { + [case(1)] netr_WorkstationInformation *workstation_info; + [case(2)] netr_WorkstationInformation *lsa_policy_info; + } netr_WorkstationInfo; + + typedef struct { + netr_TrustFlags flags; + uint32 parent_index; + lsa_TrustType trust_type; + lsa_TrustAttributes trust_attributes; + } netr_trust_extension_info; + + typedef struct { + /* these first 3 values come from the fact windows + actually encodes this structure as a UNICODE_STRING + - see MS-NRPC section 2.2.1.3.9 */ + [value(8)] uint3264 length; + [value(0)] uint3264 dummy; + [value(8)] uint3264 size; + [subcontext(0),subcontext_size(size*2)] + netr_trust_extension_info info; + } netr_trust_extension; + + typedef struct { + /* value is 16 when info != NULL, otherwise 0 */ + [value(info == NULL ? 0 : 16)] uint16 length; + [value(info == NULL ? 0 : 16)] uint16 size; + netr_trust_extension *info; + } netr_trust_extension_container; + + typedef struct { + lsa_StringLarge domainname; + lsa_StringLarge dns_domainname; + lsa_StringLarge dns_forestname; + GUID domain_guid; + dom_sid2 *domain_sid; + netr_trust_extension_container trust_extension; + lsa_StringLarge dummy_string2; + lsa_StringLarge dummy_string3; + lsa_StringLarge dummy_string4; + uint32 dummy_long1; + uint32 dummy_long2; + uint32 dummy_long3; + uint32 dummy_long4; + } netr_OneDomainInfo; + + typedef struct { + netr_OneDomainInfo primary_domain; + uint32 trusted_domain_count; + [size_is(trusted_domain_count)] netr_OneDomainInfo *trusted_domains; + netr_LsaPolicyInformation lsa_policy; + lsa_StringLarge dns_hostname; + lsa_StringLarge dummy_string2; + lsa_StringLarge dummy_string3; + lsa_StringLarge dummy_string4; + netr_WorkstationFlags workstation_flags; + kerb_EncTypes supported_enc_types; + uint32 dummy_long3; + uint32 dummy_long4; + } netr_DomainInformation; + + typedef union { + [case(1)] netr_DomainInformation *domain_info; + [case(2)] netr_LsaPolicyInformation *lsa_policy_info; + } netr_DomainInfo; + + [public] NTSTATUS netr_LogonGetDomainInfo( + [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [in,out,ref] netr_Authenticator *return_authenticator, + [in] uint32 level, + [in,ref,switch_is(level)] netr_WorkstationInfo *query, + [out,ref,switch_is(level)] netr_DomainInfo *info + ); + + /*****************/ + /* Function 0x1e */ + + /* [MS-NRPC] 2.2.1.3.8 NL_PASSWORD_VERSION */ + + /* someone's birthday ? */ + const int NETLOGON_PASSWORD_VERSION_NUMBER_PRESENT = 0x02231968; + + typedef struct { + uint32 ReservedField; + uint32 PasswordVersionNumber; + uint32 PasswordVersionPresent; + } NL_PASSWORD_VERSION; + + typedef [flag(NDR_PAHEX)] struct { + uint8 data[512]; + uint32 length; + } netr_CryptPassword; + + NTSTATUS netr_ServerPasswordSet2( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 *account_name, + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [in,ref] netr_CryptPassword *new_password + ); + + /****************/ + /* Function 0x1f */ + NTSTATUS netr_ServerPasswordGet( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 *account_name, + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [out,ref] samr_Password *password + ); + + typedef [public] enum { + SendToSamUpdatePassword = 0, + SendToSamResetBadPasswordCount = 1, + SendToSamUpdatePasswordForward = 2, + SendToSamUpdateLastLogonTimestamp = 3, + SendToSamResetSmartCardPassword = 4 + } netr_SendToSamType; + + typedef struct { + GUID guid; + } netr_SendToSamResetBadPasswordCount; + + typedef [nodiscriminant, public,switch_type(netr_SendToSamType)] union { + /* TODO Implement other SendToSam message types + * [case(SendToSamUpdatePassword)] netr_SendToSamUpdatePassword ...; */ + [case(SendToSamResetBadPasswordCount)] netr_SendToSamResetBadPasswordCount reset_bad_password; + /* + * [case(SendToSamUpdatePasswordForward)] netrSendToSamUpdatePasswordForward ...; + * [case(SendToSamUpdateLastLogonTimestamp)] netrSendToSamUpdateLastLogonTimestamp ...; + * [case(SendToSamResetSmartCardPassword)] netrSendToSamResetSmartCardPassword ...; + */ + [default]; + } netr_SendToSamMessage; + + typedef [public] struct { + netr_SendToSamType message_type; + uint32 message_size; + [switch_is(message_type), subcontext(0), subcontext_size(message_size)] netr_SendToSamMessage message; + } netr_SendToSamBase; + + /****************/ + /* Function 0x20 */ + NTSTATUS netr_NetrLogonSendToSam( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [in,ref] [size_is(buffer_len)] uint8 *opaque_buffer, + [in] uint32 buffer_len + ); + + /****************/ + /* Function 0x21 */ + typedef struct { + uint32 count; + [size_is(count)] lsa_String *sitename; + } netr_DsRAddressToSitenamesWCtr; + + typedef struct { + [size_is(size)] uint8 *buffer; + uint32 size; + } netr_DsRAddress; + + WERROR netr_DsRAddressToSitenamesW( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [range(0,32000)] uint32 count, + [in] [size_is(count)] [ref] netr_DsRAddress *addresses, + [out] [ref] netr_DsRAddressToSitenamesWCtr **ctr + ); + + /****************/ + /* Function 0x22 */ + WERROR netr_DsRGetDCNameEx2( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *client_account, + [in] samr_AcctFlags mask, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] GUID *domain_guid, + [in,unique] [string,charset(UTF16)] uint16 *site_name, + [in] netr_DsRGetDCName_flags flags, + [out,ref] netr_DsRGetDCNameInfo **info + ); + + /****************/ + /* Function 0x23 */ + [todo] WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(); + + /****************/ + /* Function 0x24 */ + + typedef [public] struct { + [string,charset(UTF16)] uint16 *netbios_name; + [string,charset(UTF16)] uint16 *dns_name; + netr_TrustFlags trust_flags; + uint32 parent_index; + lsa_TrustType trust_type; + lsa_TrustAttributes trust_attributes; + dom_sid2 *sid; + GUID guid; + } netr_DomainTrust; + + typedef [public] struct { + uint32 count; + [size_is(count)] netr_DomainTrust *array; + } netr_DomainTrustList; + + WERROR netr_NetrEnumerateTrustedDomainsEx( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [out,ref] netr_DomainTrustList *dom_trust_list + ); + + /****************/ + /* Function 0x25 */ + typedef struct { + uint32 count; + [size_is(count)] lsa_String *sitename; + [size_is(count)] lsa_String *subnetname; + } netr_DsRAddressToSitenamesExWCtr; + + WERROR netr_DsRAddressToSitenamesExW( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [range(0,32000)] uint32 count, + [in] [size_is(count)] [ref] netr_DsRAddress *addresses, + [out] [ref] netr_DsRAddressToSitenamesExWCtr **ctr + ); + + /****************/ + /* Function 0x26 */ + + typedef struct { + uint32 num_sites; + [size_is(num_sites)] [unique] lsa_String *sites; + } DcSitesCtr; + + WERROR netr_DsrGetDcSiteCoverageW( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [out,ref] DcSitesCtr **ctr + ); + + /****************/ + /* Function 0x27 */ + typedef [public,bitmap32bit] bitmap { + /* Request MUST be passed to the domain controller at the root of the forest. */ + NETLOGON_SAMLOGON_FLAG_PASS_TO_FOREST_ROOT = 0x00000001, + /* Request MUST be passed to the DC at the end of the first hop over a cross-forest trust. */ + NETLOGON_SAMLOGON_FLAG_PASS_CROSS_FOREST_HOP = 0x00000002, + /* Request was passed by an RODC to a DC in a different domain. */ + NETLOGON_SAMLOGON_FLAG_RODC_TO_OTHER_DOMAIN = 0x00000004, + /* Request is an NTLM authentication package request passed by an RODC. */ + NETLOGON_SAMLOGON_FLAG_RODC_NTLM_REQUEST = 0x00000008 + } netr_LogonSamLogon_flags; + + NTSTATUS netr_LogonSamLogonEx( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in] netr_LogonInfoClass logon_level, + [in,ref] [switch_is(logon_level)] netr_LogonLevel *logon, + [in] uint16 validation_level, + [out,ref] [switch_is(validation_level)] netr_Validation *validation, + [out,ref] uint8 *authoritative, + [in,out,ref] netr_LogonSamLogon_flags *flags + ); + + /****************/ + /* Function 0x28 */ + + WERROR netr_DsrEnumerateDomainTrusts( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] netr_TrustFlags trust_flags, + [out,ref] netr_DomainTrustList *trusts + ); + + + /****************/ + /* Function 0x29 */ + WERROR netr_DsrDeregisterDNSHostRecords( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *domain, + [in,unique] GUID *domain_guid, + [in,unique] GUID *dsa_guid, + [in,ref] [string,charset(UTF16)] uint16 *dns_host + ); + + /****************/ + /* Function 0x2a */ + NTSTATUS netr_ServerTrustPasswordsGet( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 *account_name, + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [out,ref] samr_Password *new_owf_password, + [out,ref] samr_Password *old_owf_password + ); + + /****************/ + /* Function 0x2b */ + + const int DS_GFTI_UPDATE_TDO = 0x1; + + WERROR netr_DsRGetForestTrustInformation( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *trusted_domain_name, + [in] uint32 flags, + [out,ref] lsa_ForestTrustInformation **forest_trust_info + ); + + /****************/ + /* Function 0x2c */ + NTSTATUS netr_GetForestTrustInformation( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [in] uint32 flags, + [out,ref] lsa_ForestTrustInformation **forest_trust_info + ); + + /****************/ + /* Function 0x2d */ + + /* this is the ADS varient. I don't yet know what the "flags" are for */ + NTSTATUS netr_LogonSamLogonWithFlags( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] netr_Authenticator *credential, + [in,out,unique] netr_Authenticator *return_authenticator, + [in] netr_LogonInfoClass logon_level, + [in,ref] [switch_is(logon_level)] netr_LogonLevel *logon, + [in] uint16 validation_level, + [out,ref] [switch_is(validation_level)] netr_Validation *validation, + [out,ref] uint8 *authoritative, + [in,out,ref] netr_LogonSamLogon_flags *flags + ); + + /****************/ + /* Function 0x2e */ + + typedef struct { + uint32 count; + [size_is(count)] uint32 *data; + uint32 entry_count; + [size_is(count)] lsa_String *entries; + } netr_TrustInfo; + + NTSTATUS netr_ServerGetTrustInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *account_name, + [in] netr_SchannelType secure_channel_type, + [in,ref] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [out,ref] samr_Password *new_owf_password, + [out,ref] samr_Password *old_owf_password, + [out,ref] netr_TrustInfo **trust_info + ); + + /****************/ + /* Function 0x2f */ + + NTSTATUS netr_Unused47(void); + + + /****************/ + /* Function 0x30 */ + + typedef enum { + NlDnsLdapAtSite = 22, + NlDnsGcAtSite = 25, + NlDnsDsaCname = 28, + NlDnsKdcAtSite = 30, + NlDnsDcAtSite = 32, + NlDnsRfc1510KdcAtSite = 34, + NlDnsGenericGcAtSite = 36 + } netr_DnsType; + + typedef enum { + NlDnsInfoTypeNone = 0, + NlDnsDomainName = 1, + NlDnsDomainNameAlias = 2, + NlDnsForestName = 3, + NlDnsForestNameAlias = 4, + NlDnsNdncDomainName = 5, + NlDnsRecordName = 6 + } netr_DnsDomainInfoType; + + typedef struct { + netr_DnsType type; + [string,charset(UTF16)] uint16 *dns_domain_info; + netr_DnsDomainInfoType dns_domain_info_type; + uint32 priority; + uint32 weight; + uint32 port; + boolean32 dns_register; + uint32 status; + } NL_DNS_NAME_INFO; + + typedef [public] struct { + uint32 count; + [size_is(count)] NL_DNS_NAME_INFO *names; + } NL_DNS_NAME_INFO_ARRAY; + + NTSTATUS netr_DsrUpdateReadOnlyServerDnsRecords( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *computer_name, + [in, ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [in,unique] [string,charset(UTF16)] uint16 *site_name, + [in] uint32 dns_ttl, + [in,out,ref] NL_DNS_NAME_INFO_ARRAY *dns_names + ); +} |