#include "idl_types.h" import "lsa.idl", "netlogon.idl", "samr.idl", "misc.idl", "security.idl", "idmap.idl"; [ uuid("bf09192c-ed60-4928-9dff-d0d7bcb03ed8"), endpoint("ncalrpc:"), pointer_default(unique), version(1.0), helpstring("winbind parent-child protocol"), no_srv_register ] interface winbind { /* Private methods */ NTSTATUS wbint_Ping( [in] uint32 in_data, [out] uint32 *out_data ); NTSTATUS wbint_LookupSid( [in] dom_sid *sid, [out] lsa_SidType *type, [out,string,charset(UTF8)] char **domain, [out,string,charset(UTF8)] char **name ); NTSTATUS wbint_LookupSids( [in] lsa_SidArray *sids, [out,ref] lsa_RefDomainList *domains, [out,ref] lsa_TransNameArray *names ); NTSTATUS wbint_LookupName( [in,string,charset(UTF8)] char *domain, [in,string,charset(UTF8)] char *name, [in] uint32 flags, [out] lsa_SidType *type, [out] dom_sid *sid ); typedef struct { id_type type_hint; uint32 domain_index; uint32 rid; unixid xid; } wbint_TransID; typedef struct { uint32 num_ids; [size_is(num_ids)] wbint_TransID ids[]; } wbint_TransIDArray; NTSTATUS wbint_Sids2UnixIDs( [in] lsa_RefDomainList *domains, [in,out] wbint_TransIDArray *ids ); NTSTATUS wbint_UnixIDs2Sids( [in,string,charset(UTF8)] char *domain_name, [in] dom_sid domain_sid, [in] uint32 num_ids, [in,out] unixid xids[num_ids], [out] dom_sid sids[num_ids] ); NTSTATUS wbint_AllocateUid( [out] hyper *uid ); NTSTATUS wbint_AllocateGid( [out] hyper *gid ); typedef [public] struct { [string,charset(UTF8)] char *domain_name; [string,charset(UTF8)] char *acct_name; [string,charset(UTF8)] char *full_name; [string,charset(UTF8)] char *homedir; [string,charset(UTF8)] char *shell; hyper uid; hyper primary_gid; [string,charset(UTF8)] char *primary_group_name; dom_sid user_sid; dom_sid group_sid; } wbint_userinfo; NTSTATUS wbint_GetNssInfo( [in,out] wbint_userinfo *info ); typedef [public] struct { uint32 num_sids; [size_is(num_sids)] dom_sid sids[]; } wbint_SidArray; typedef [public] struct { uint32 num_rids; [size_is(num_rids)] uint32 rids[]; } wbint_RidArray; NTSTATUS wbint_LookupUserAliases( [in] wbint_SidArray *sids, [out] wbint_RidArray *rids ); NTSTATUS wbint_LookupUserGroups( [in] dom_sid *sid, [out] wbint_SidArray *sids ); NTSTATUS wbint_QuerySequenceNumber( [out] uint32 *sequence ); typedef [public] struct { dom_sid sid; lsa_SidType type; [string,charset(UTF8)] char *name; } wbint_Principal; typedef [public] struct { uint32 num_principals; [size_is(num_principals)] wbint_Principal principals[]; } wbint_Principals; NTSTATUS wbint_LookupGroupMembers( [in] dom_sid *sid, [in] lsa_SidType type, [out] wbint_Principals *members ); NTSTATUS wbint_LookupAliasMembers( [in] dom_sid *sid, [in] lsa_SidType type, [out] wbint_SidArray *sids ); typedef [public] struct { uint32 num_userinfos; [size_is(num_userinfos)] wbint_userinfo userinfos[]; } wbint_userinfos; NTSTATUS wbint_QueryGroupList( [out] wbint_Principals *groups ); NTSTATUS wbint_QueryUserRidList( [out] wbint_RidArray *rids ); NTSTATUS wbint_DsGetDcName( [in,string,charset(UTF8)] char *domain_name, [in,unique] GUID *domain_guid, [in,string,unique,charset(UTF8)] char *site_name, [in] uint32 flags, [out] netr_DsRGetDCNameInfo **dc_info ); NTSTATUS wbint_LookupRids( [in] dom_sid *domain_sid, [in] wbint_RidArray *rids, [out,string,charset(UTF8)] char **domain_name, [out] wbint_Principals *names ); NTSTATUS wbint_CheckMachineAccount( ); NTSTATUS wbint_ChangeMachineAccount( [in,unique,string,charset(UTF8)] char *dcname ); NTSTATUS wbint_PingDc( [out,string,charset(UTF8)] char **dcname ); NTSTATUS wbint_ListTrustedDomains( [in,string,charset(UTF8)] char *client_name, [in] hyper client_pid, [out,ref] netr_DomainTrustList *domains ); typedef [public] struct { uint16 level; [switch_is(level)] netr_Validation *validation; [string,charset(UTF8)] char *krb5ccname; } wbint_Validation; typedef [public] struct { [string,charset(UTF8)] char *username; [string,charset(UTF8),flag(NDR_SECRET)] char *password; [string,charset(UTF8)] char *krb5_cc_type; hyper uid; } wbint_AuthUserInfo; NTSTATUS wbint_PamAuth( [in,string,charset(UTF8)] char *client_name, [in] hyper client_pid, [in] uint32 flags, [in] wbint_AuthUserInfo *info, [in] wbint_SidArray *require_membership_of_sid, [out,ref] wbint_Validation *validation ); typedef [public] struct { uint16 level; [switch_is(level)] netr_Validation *validation; } wbint_PamAuthCrapValidation; NTSTATUS wbint_PamAuthCrap( [in,string,charset(UTF8)] char *client_name, [in] hyper client_pid, [in] uint32 flags, [in, string,charset(UTF8)] char *user, [in, string,charset(UTF8)] char *domain, [in, string,charset(UTF8)] char *workstation, [in,flag(NDR_SECRET)] DATA_BLOB lm_resp, [in,flag(NDR_SECRET)] DATA_BLOB nt_resp, [in,flag(NDR_SECRET)] DATA_BLOB chal, [in] uint32 logon_parameters, [in] wbint_SidArray *require_membership_of_sid, [out,ref] uint8 *authoritative, [out,ref] wbint_PamAuthCrapValidation *validation ); NTSTATUS wbint_PamLogOff( [in,string,charset(UTF8)] char *client_name, [in] hyper client_pid, [in] uint32 flags, [in,string,charset(UTF8)] char *user, [in,string,charset(UTF8)] char *krb5ccname, [in] hyper uid ); NTSTATUS wbint_PamAuthCrapChangePassword( [in,string,charset(UTF8)] char *client_name, [in] hyper client_pid, [in,string,charset(UTF8)] char *user, [in,string,charset(UTF8)] char *domain, [in,flag(NDR_SECRET)] DATA_BLOB new_nt_pswd, [in,flag(NDR_SECRET)] DATA_BLOB old_nt_hash_enc, [in,flag(NDR_SECRET)] DATA_BLOB new_lm_pswd, [in,flag(NDR_SECRET)] DATA_BLOB old_lm_hash_enc ); NTSTATUS wbint_PamAuthChangePassword( [in,string,charset(UTF8)] char *client_name, [in] hyper client_pid, [in] uint32 flags, [in,string,charset(UTF8)] char *user, [in,string,charset(UTF8),flag(NDR_SECRET)] char *old_password, [in,string,charset(UTF8),flag(NDR_SECRET)] char *new_password, [out,ref] samr_DomInfo1 **dominfo, [out,ref] samPwdChangeReason *reject_reason ); typedef [enum16bit] enum { WB_DOMINFO_DOMAIN_UNKNOWN = 0x0000, WB_DOMINFO_DOMAIN_NATIVE = 0x0001, WB_DOMINFO_DOMAIN_AD = 0x0002, WB_DOMINFO_DOMAIN_PRIMARY = 0x0004, WB_DOMINFO_DOMAIN_OFFLINE = 0x0008 } DomainInfoFlags; NTSTATUS wbint_InitConnection( [in,string,charset(UTF8)] char *dcname, [out,string,charset(UTF8)] char **name, [out,string,charset(UTF8)] char **alt_name, [out,ref] dom_sid *sid, [out,ref] DomainInfoFlags *flags ); /* Public methods available via IRPC */ typedef [switch_type(uint16)] union netr_LogonLevel netr_LogonLevel; typedef [switch_type(uint16)] union netr_Validation netr_Validation; /* * do a netr_LogonSamLogon() against the right DC */ NTSTATUS winbind_SamLogon( [in] uint16 logon_level, [in] [switch_is(logon_level)] netr_LogonLevel logon, [in] uint16 validation_level, [out] [switch_is(validation_level)] netr_Validation validation, [out] uint8 authoritative ); NTSTATUS winbind_DsrUpdateReadOnlyServerDnsRecords( [in,unique] [string,charset(UTF16)] uint16 *site_name, [in] uint32 dns_ttl, [in,out,ref] NL_DNS_NAME_INFO_ARRAY *dns_names ); /* * do a netr_LogonControl2Ex() against the right DC */ typedef [v1_enum] enum netr_LogonControlCode netr_LogonControlCode; typedef [switch_type(netr_LogonControlCode)] union netr_CONTROL_DATA_INFORMATION netr_CONTROL_DATA_INFORMATION; typedef [switch_type(uint32)] union netr_CONTROL_QUERY_INFORMATION netr_CONTROL_QUERY_INFORMATION; WERROR winbind_LogonControl( [in] netr_LogonControlCode function_code, [in] uint32 level, [in,ref][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION *data, [out,ref][switch_is(level)] netr_CONTROL_QUERY_INFORMATION *query ); /* * do a netr_GetForestTrustInformation() against the right DC */ WERROR winbind_GetForestTrustInformation( [in,unique] [string,charset(UTF16)] uint16 *trusted_domain_name, [in] uint32 flags, [out,ref] lsa_ForestTrustInformation **forest_trust_info ); NTSTATUS winbind_SendToSam( [in] netr_SendToSamBase message ); }