xref: /illumos-gate/usr/src/uts/common/smbsrv/ndl/lsarpc.ndl (revision 3299f39fdcbdab4be7a9c70daa3873f2b78a398d) 
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2013 Nexenta Systems, Inc.  All rights reserved.
24 */
25
26#ifndef _MLSVC_LSA_NDL_
27#define _MLSVC_LSA_NDL_
28
29/*
30 * Local Security Authority RPC (LSARPC) interface definition.
31 *
32 * Names containing a backslash ('\') are known as qualified or composite
33 * names.  The string preceding the backslash is assumed to be the domain
34 * name and the string following the slash is assumed to be name to be
35 * resolved within that domain.
36 *
37 * Names that do not contain a backslash are known as isolated names.
38 * An isolated name may be a single label, such as john, or may be in
39 * user principal name (UPN) form, such as john@example.com.
40 */
41
42#include <libmlrpc/ndrtypes.ndl>
43
44
45#define	LSARPC_OPNUM_CloseHandle			0x00
46#define	LSARPC_OPNUM_Delete				0x01
47#define	LSARPC_OPNUM_EnumPrivileges			0x02
48#define	LSARPC_OPNUM_QuerySecurityObject		0x03
49#define	LSARPC_OPNUM_SetSecurityObject			0x04
50#define	LSARPC_OPNUM_ChangePassword			0x05
51#define	LSARPC_OPNUM_OpenPolicy				0x06
52#define	LSARPC_OPNUM_QueryInfoPolicy			0x07
53#define	LSARPC_OPNUM_SetInfoPolicy			0x08
54#define	LSARPC_OPNUM_ClearAuditLog			0x09
55#define	LSARPC_OPNUM_CreateAccount			0x0a
56#define	LSARPC_OPNUM_EnumerateAccounts			0x0b
57#define	LSARPC_OPNUM_CreateTrustedDomain		0x0c
58#define	LSARPC_OPNUM_EnumTrustedDomain			0x0d
59#define	LSARPC_OPNUM_LookupNames			0x0e
60#define	LSARPC_OPNUM_LookupSids				0x0f
61#define	LSARPC_OPNUM_CreateSecret			0x10
62#define	LSARPC_OPNUM_OpenAccount			0x11
63#define	LSARPC_OPNUM_EnumPrivsAccount			0x12
64#define	LSARPC_OPNUM_AddAccountPrivs			0x13
65#define	LSARPC_OPNUM_RemoveAccountPrivs			0x14
66#define	LSARPC_OPNUM_GetAccountQuota			0x15
67#define	LSARPC_OPNUM_SetAccountQuota			0x16
68#define	LSARPC_OPNUM_GetSystemAccessAccount		0x17
69#define	LSARPC_OPNUM_SetSystemAccessAccount		0x18
70#define	LSARPC_OPNUM_OpenTrustedDomain			0x19
71#define	LSARPC_OPNUM_QueryInfoTrustedDomain		0x1a
72#define	LSARPC_OPNUM_SetinfoTrustedDomain		0x1b
73#define	LSARPC_OPNUM_OpenSecret				0x1c
74#define	LSARPC_OPNUM_SetSecret				0x1d
75#define	LSARPC_OPNUM_QuerySecret			0x1e
76#define	LSARPC_OPNUM_LookupPrivValue			0x1f
77#define	LSARPC_OPNUM_LookupPrivName			0x20
78#define	LSARPC_OPNUM_LookupPrivDisplayName		0x21
79#define	LSARPC_OPNUM_DeleteObject			0x22
80#define	LSARPC_OPNUM_EnumAccountsWithUserRight		0x23
81#define	LSARPC_OPNUM_EnumAccountRights			0x24
82#define	LSARPC_OPNUM_AddAccountRights			0x25
83#define	LSARPC_OPNUM_RemoveAccountRights		0x26
84#define	LSARPC_OPNUM_QueryTrustedDomainInfo		0x27
85#define	LSARPC_OPNUM_SetTrustedDomainInfo		0x28
86
87/* Windows 2000 */
88#define	LSARPC_OPNUM_DeleteTrustedDomain		0x29
89#define	LSARPC_OPNUM_StorePrivateData			0x2a
90#define	LSARPC_OPNUM_RetrievePrivateData		0x2b
91#define	LSARPC_OPNUM_OpenPolicy2			0x2c
92#define	LSARPC_OPNUM_GetConnectedUser			0x2d
93#define	LSARPC_OPNUM_QueryInfoPolicy2			0x2e
94#define	LSARPC_OPNUM_SetInfoPolicy2			0x2f
95#define	LSARPC_OPNUM_QueryTrustedDomainInfoByName	0x30
96#define	LSARPC_OPNUM_SetTrustedDomainInfoByName		0x31
97#define	LSARPC_OPNUM_EnumTrustedDomainsEx		0x32
98#define	LSARPC_OPNUM_CreateTrustedDomainEx		0x33
99#define	LSARPC_OPNUM_CloseTrustedDomainEx		0x34
100#define	LSARPC_OPNUM_QueryDomainInfoPolicy		0x35
101#define	LSARPC_OPNUM_SetDomainInfoPolicy		0x36
102#define	LSARPC_OPNUM_OpenTrustedDomainByName		0x37
103#define	LSARPC_OPNUM_TestCall				0x38
104#define	LSARPC_OPNUM_LookupSids2			0x39
105#define	LSARPC_OPNUM_LookupNames2			0x3a
106#define	LSARPC_OPNUM_CreateTrustedDomainEx2		0x3b
107
108/* Windows 2000 SP3 */
109#define	LSARPC_OPNUM_CredWrite				0x3c
110#define	LSARPC_OPNUM_CredRead				0x3d
111#define	LSARPC_OPNUM_CredEnumerate			0x3e
112#define	LSARPC_OPNUM_CredWriteDomainCreds		0x3f
113#define	LSARPC_OPNUM_CredReadDomainCreds		0x40
114#define	LSARPC_OPNUM_CredDelete				0x41
115#define	LSARPC_OPNUM_CredGetTargetInfo			0x42
116#define	LSARPC_OPNUM_CredProfileLoaded			0x43
117#define	LSARPC_OPNUM_LookupNames3			0x44
118#define	LSARPC_OPNUM_CredGetSessionTypes		0x45
119#define	LSARPC_OPNUM_RegisterAuditEvent			0x46
120#define	LSARPC_OPNUM_GenAuditEvent			0x47
121#define	LSARPC_OPNUM_UnregisterAuditEvent		0x48
122#define	LSARPC_OPNUM_QueryForestTrustInfo		0x49
123#define	LSARPC_OPNUM_SetForestTrustInfo			0x4a
124#define	LSARPC_OPNUM_CredRename				0x4b
125#define	LSARPC_OPNUM_LookupSids3			0x4c
126#define	LSARPC_OPNUM_LookupNames4			0x4d
127#define	LSARPC_OPNUM_OpenPolicySce			0x4e
128
129/* Windows Server 2003 */
130#define	LSARPC_OPNUM_AdtRegisterSecurityEventSource	0x4f
131#define	LSARPC_OPNUM_AdtUnregisterSecurityEventSource	0x50
132#define	LSARPC_OPNUM_AdtReportSecurityEvent		0x51
133
134/* Windows Vista */
135#define	LSARPC_OPNUM_CredFindBestCredential		0x52
136#define	LSARPC_OPNUM_SetAuditPolicy			0x53
137#define	LSARPC_OPNUM_QueryAuditPolicy			0x54
138#define	LSARPC_OPNUM_EnumerateAuditPolicy		0x55
139#define	LSARPC_OPNUM_EnumerateAuditCategories		0x56
140#define	LSARPC_OPNUM_EnumerateAuditSubCategories	0x57
141#define	LSARPC_OPNUM_LookupAuditCategoryName		0x58
142#define	LSARPC_OPNUM_LookupAuditSubCategoryName		0x59
143#define	LSARPC_OPNUM_SetAuditSecurity			0x5a
144#define	LSARPC_OPNUM_QueryAuditSecurity			0x5b
145#define	LSARPC_OPNUM_CredReadByTokenHandle		0x5c
146#define	LSARPC_OPNUM_CredRestoreCredentials		0x5d
147#define	LSARPC_OPNUM_CredBackupCredentials		0x5e
148
149/*
150 * Lookup levels.  Level 1 appears to mean only look on the local host and
151 * level 2 means forward the request to the PDC.  On the PDC it probably
152 * doesn't matter which level you use but on a BDC a level 1 lookup will
153 * fail if the BDC doesn't have the info whereas a level 2 lookup will also
154 * check with the PDC.
155 */
156#define	LSA_LOOKUP_WKSTA			1	/* Windows NT 3.1 */
157#define	LSA_LOOKUP_PDC				2
158#define	LSA_LOOKUP_TDL				3
159#define	LSA_LOOKUP_GC				4	/* Windows 2000 */
160#define	LSA_LOOKUP_XFORESTREFERRAL		5	/* Windows XP */
161#define	LSA_LOOKUP_XFORESTRESOLVE		6
162#define	LSA_LOOKUP_RODCREFERRALTOFULLDC		7	/* Windows Vista */
163
164/*
165 * Name/SID lookup flags
166 */
167#define	LSA_LOOKUP_NAME_NOT_SPN			0x00000001
168#define	LSA_LOOKUP_NAME_MAYBE_XFOREST		0x00000002
169#define	LSA_LOOKUP_NAME_IN_DBVIEW		0x00000004
170
171/*
172 * Name/SID lookup options
173 *
174 * 0x00000000	Lookup isolated names both locally and in domains/forests.
175 * 0x80000000	Lookup isolated names (except for UPNs) only in the local
176 *		account database.  Do not lookup UPNs.
177 */
178#define	LSA_LOOKUP_OPT_ALL			0x00000000
179#define	LSA_LOOKUP_OPT_LOCAL			0x80000000
180
181/*
182 * Client revision
183 *
184 * 0x00000001	Client does not understand DNS names or forests.
185 * 0x00000002	Client understands DNS names and forests.
186 *
187 * Notes:
188 *	0 means the same as 1
189 *	Anything greater than 2 means the same as 2
190 */
191#define	LSA_CLIENT_REVISION_NT			0x00000001
192#define	LSA_CLIENT_REVISION_AD			0x00000002
193
194/*
195 * Definition for a SID. The ndl compiler won't allow a typedef of
196 * a structure containing variable size members.
197 */
198struct mslsa_sid {
199	BYTE		Revision;
200	BYTE		SubAuthCount;
201	BYTE		Authority[6];
202  SIZE_IS(SubAuthCount)
203	DWORD		SubAuthority[ANY_SIZE_ARRAY];
204};
205
206struct mslsa_string_desc {
207	WORD		length;
208	WORD		allosize;
209	LPTSTR		str;
210};
211typedef struct mslsa_string_desc mslsa_string_t;
212
213CONTEXT_HANDLE(mslsa_handle) mslsa_handle_t;
214
215struct mslsa_luid {
216	DWORD low_part;
217	DWORD high_part;
218};
219typedef struct mslsa_luid mslsa_luid_t;
220
221struct mslsa_guid {
222	DWORD	data1;
223	WORD	data2;
224	WORD	data3;
225	BYTE	data4[8];
226};
227typedef struct mslsa_guid mslsa_guid_t;
228
229/*
230 ***********************************************************************
231 * OpenPolicy2 obtains a handle for a remote LSA. This handle is
232 * required for all subsequent LSA requests.
233 *
234 * The server name should be the name of the target PDC or BDC, with
235 * the double backslash prefix.
236 *
237 * As far as I can tell, the mslsa_object_attributes structure can be
238 * all zero except for the length, which should be set to sizeof(struct
239 * mslsa_object_attributes).
240 *
241 * For read access, the desired access mask should contain the
242 * READ_CONTROL standard right and whatever policy rights are required.
243 * I haven't tried any update operations but if you get the access mask
244 * wrong you can crash the domain controller.
245 ***********************************************************************
246 */
247
248
249/*
250 * From netmon:
251 *	length = 12
252 *	impersonation_level = 2
253 *	context_tracking_mode = 1
254 *	effective_only = 0
255 */
256struct mslsa_quality_of_service {
257	DWORD length;
258	WORD impersonation_level;
259	BYTE context_tracking_mode;
260	BYTE effective_only;
261};
262
263
264struct mslsa_object_attributes {
265	DWORD length;
266	DWORD rootDirectory;
267	DWORD objectName;
268	DWORD attributes;
269	DWORD securityDescriptor;
270	struct mslsa_quality_of_service *qualityOfService;
271};
272
273
274OPERATION(LSARPC_OPNUM_OpenPolicy)
275struct mslsa_OpenPolicy {
276	IN	DWORD	*servername;
277	IN	struct mslsa_object_attributes attributes;
278	IN	DWORD desiredAccess;
279	OUT	mslsa_handle_t domain_handle;
280	OUT	DWORD status;
281};
282
283OPERATION(LSARPC_OPNUM_OpenPolicy2)
284struct mslsa_OpenPolicy2 {
285	IN	LPTSTR servername;
286	IN	struct mslsa_object_attributes attributes;
287	IN	DWORD desiredAccess;
288	OUT	mslsa_handle_t domain_handle;
289	OUT	DWORD status;
290};
291
292
293/*
294 ***********************************************************************
295 * CloseHandle closes an association with the LSA. The returned handle
296 * will be all zero.
297 ***********************************************************************
298 */
299OPERATION(LSARPC_OPNUM_CloseHandle)
300struct mslsa_CloseHandle {
301	IN	mslsa_handle_t handle;
302	OUT	mslsa_handle_t result_handle;
303	OUT	DWORD status;
304};
305
306
307/*
308 ***********************************************************************
309 * EnumPrivileges
310 *
311 * Obtain a list of privilege names. This interface is not implemented
312 * yet The definition below has not been tested. This is a guess based
313 * on data available from netmon.
314 ***********************************************************************
315 */
316struct mslsa_PrivDef {
317	mslsa_string_t name;
318	mslsa_luid_t luid;
319};
320
321
322struct mslsa_PrivEnumBuf {
323	DWORD entries_read;
324  SIZE_IS(entries_read)
325	struct mslsa_PrivDef *def;
326};
327
328
329OPERATION(LSARPC_OPNUM_EnumPrivileges)
330struct mslsa_EnumPrivileges {
331	IN	mslsa_handle_t handle;
332	INOUT	DWORD enum_context;
333	IN	DWORD max_length;
334	OUT	REFERENCE struct mslsa_PrivEnumBuf *enum_buf;
335	OUT	DWORD status;
336};
337
338
339/*
340 ***********************************************************************
341 * QuerySecurityObject. I'm not entirely sure how to set this up yet.
342 * I used the discovery RPC to scope it out. The structures are set up
343 * according to netmon and the assumption that a security descriptor
344 * on the wire looks like the regular user level security descriptor.
345 ***********************************************************************
346 */
347struct mslsa_SecurityDescriptor {
348	BYTE revision;
349	BYTE sbz1;
350	WORD control;
351	DWORD owner;
352	DWORD group;
353	DWORD sacl;
354	DWORD dacl;
355};
356
357
358struct mslsa_SecurityDescInfo {
359	DWORD length;
360  SIZE_IS(length)
361  	BYTE *desc; /* temporary */
362	/* struct mslsa_SecurityDescriptor *desc; */
363};
364
365
366OPERATION(LSARPC_OPNUM_QuerySecurityObject)
367struct mslsa_QuerySecurityObject {
368	IN	mslsa_handle_t handle;
369	IN	DWORD security_info;
370	OUT	struct mslsa_SecurityDescInfo *desc_info;
371	OUT	DWORD status;
372};
373
374
375/*
376 ***********************************************************************
377 * EnumerateAccounts and EnumerateTrustedDomain.
378 ***********************************************************************
379 */
380struct mslsa_AccountInfo {
381	struct mslsa_sid *sid;
382};
383
384
385struct mslsa_EnumAccountBuf {
386	DWORD entries_read;
387  SIZE_IS(entries_read)
388	struct mslsa_AccountInfo *info;
389};
390
391
392OPERATION(LSARPC_OPNUM_EnumerateAccounts)
393struct mslsa_EnumerateAccounts {
394	IN	mslsa_handle_t handle;
395	INOUT	DWORD enum_context;
396	IN	DWORD max_length;
397	OUT	REFERENCE struct mslsa_EnumAccountBuf *enum_buf;
398	OUT	DWORD status;
399};
400
401
402struct mslsa_TrustedDomainInfo {
403	mslsa_string_t name;
404	struct mslsa_sid *sid;
405};
406
407
408struct mslsa_EnumTrustedDomainBuf {
409	DWORD entries_read;
410  SIZE_IS(entries_read)
411	struct mslsa_TrustedDomainInfo *info;
412};
413
414
415OPERATION(LSARPC_OPNUM_EnumTrustedDomain)
416struct mslsa_EnumTrustedDomain {
417	IN	mslsa_handle_t handle;
418	INOUT	DWORD enum_context;
419	IN	DWORD max_length;
420	OUT REFERENCE	struct mslsa_EnumTrustedDomainBuf *enum_buf;
421	OUT	DWORD status;
422};
423
424struct mslsa_TrustedDomainInfoEx {
425	mslsa_string_t		dns_name;
426	mslsa_string_t		nb_name;
427	struct mslsa_sid	*sid;
428	DWORD			trust_direction;
429	DWORD			trust_type;
430	DWORD			trust_attrs;
431};
432
433struct mslsa_EnumTrustedDomainBufEx {
434	DWORD entries_read;
435  SIZE_IS(entries_read)
436	struct mslsa_TrustedDomainInfoEx *info;
437};
438
439OPERATION(LSARPC_OPNUM_EnumTrustedDomainsEx)
440struct mslsa_EnumTrustedDomainEx {
441	IN	mslsa_handle_t handle;
442	INOUT	DWORD enum_context;
443	IN	DWORD max_length;
444	OUT REFERENCE	struct mslsa_EnumTrustedDomainBufEx *enum_buf;
445	OUT	DWORD status;
446};
447
448/*
449 ***********************************************************************
450 * Definitions common to both LookupSids and LookupNames. Both return
451 * an mslsa_domain_table[]. Each interface also returns a specific
452 * table with entries which index the mslsa_domain_table[].
453 ***********************************************************************
454 */
455struct mslsa_domain_entry {
456	mslsa_string_t domain_name;
457	struct mslsa_sid *domain_sid;
458};
459typedef struct mslsa_domain_entry mslsa_domain_entry_t;
460
461
462struct mslsa_domain_table {
463	DWORD		n_entry;
464  SIZE_IS(n_entry)
465  	mslsa_domain_entry_t *entries;
466	DWORD		max_n_entry;
467};
468
469
470/*
471 ***********************************************************************
472 * Definitions for LookupSids.
473 *
474 * The input parameters are:
475 *
476 *	A valid LSA handle obtained from an LsarOpenPolicy.
477 *	The table of SIDs to be looked up.
478 *	A table of names (probably empty).
479 *	The lookup level (local=1 or PDC=2).
480 *	An enumeration counter (used for continuation operations).
481 *
482 * The output results are:
483 *
484 *	A table of referenced domains.
485 *	A table of usernames.
486 *	The updated value of the enumeration counter.
487 *	The result status.
488 ***********************************************************************
489 */
490
491struct mslsa_lup_sid_entry {
492	struct mslsa_sid *psid;
493};
494
495struct mslsa_lup_sid_table {
496	DWORD		n_entry;
497    SIZE_IS(n_entry)
498	struct mslsa_lup_sid_entry *entries;
499};
500
501struct mslsa_name_entry {
502	WORD		sid_name_use;
503	WORD		unknown_flags;
504	mslsa_string_t	name;
505	DWORD		domain_ix;		/* -1 means none */
506};
507
508struct mslsa_name_table {
509	DWORD		n_entry;
510    SIZE_IS(n_entry)
511	struct mslsa_name_entry *entries;
512};
513
514OPERATION(LSARPC_OPNUM_LookupSids)
515struct mslsa_LookupSids {
516	IN	mslsa_handle_t	handle;
517	IN	struct mslsa_lup_sid_table lup_sid_table;
518
519	OUT	struct mslsa_domain_table *domain_table;
520	INOUT	struct mslsa_name_table name_table;
521
522	IN	WORD lookup_level;
523	INOUT	DWORD mapped_count;
524 	OUT	DWORD status;
525};
526
527OPERATION(LSARPC_OPNUM_CreateSecret)
528struct mslsa_CreateSecret {
529	IN	mslsa_handle_t handle;
530	IN	mslsa_string_t name;
531	IN	DWORD access_mask;
532	OUT	mslsa_handle_t secret_handle;
533	OUT	DWORD status;
534};
535
536/*
537 ***********************************************************************
538 * Definitions for LookupNames.
539 *
540 * LookupNames requires the following input parameters.
541 *
542 *	A valid LSA handle obtained from an LsarOpenPolicy.
543 *	The table of names to be looked up.
544 *	A table of translated sids (probably empty).
545 *	The lookup level (local=1 or PDC=2).
546 *	An enumeration counter (used for continuation operations).
547 *
548 * The outputs are as follows.
549 *
550 *	A table of referenced domains.
551 *	A table of translated sids (actually rids).
552 *	The updated value of the enumeration counter.
553 *	The result status.
554 ***********************************************************************
555 */
556struct mslsa_lup_name_table {
557	DWORD n_entry;
558  SIZE_IS(n_entry)
559	mslsa_string_t names[ANY_SIZE_ARRAY];
560};
561
562
563struct mslsa_rid_entry {
564	WORD sid_name_use;
565	WORD pad;
566	DWORD rid;
567	DWORD domain_index;
568};
569
570
571struct mslsa_rid_table {
572	DWORD n_entry;
573  SIZE_IS(n_entry)
574	struct mslsa_rid_entry *rids;
575};
576
577
578OPERATION(LSARPC_OPNUM_LookupNames)
579struct mslsa_LookupNames {
580	IN	mslsa_handle_t handle;
581	IN	REFERENCE	struct mslsa_lup_name_table *name_table;
582
583	OUT	struct mslsa_domain_table *domain_table;
584	INOUT	struct mslsa_rid_table translated_sids;
585
586	IN	WORD lookup_level;
587	INOUT	DWORD mapped_count;
588	OUT	DWORD status;
589};
590
591
592/*
593 ***********************************************************************
594 * QueryInfoPolicy returns various pieces of policy information. The
595 * desired information is specified using a class value, as defined
596 * below.
597 ***********************************************************************
598 */
599#define MSLSA_POLICY_AUDIT_LOG_INFO		1
600#define MSLSA_POLICY_AUDIT_EVENTS_INFO		2
601#define MSLSA_POLICY_PRIMARY_DOMAIN_INFO	3
602#define MSLSA_POLICY_UNKNOWN_4_INFO		4
603#define MSLSA_POLICY_ACCOUNT_DOMAIN_INFO	5
604#define MSLSA_POLICY_SERVER_ROLE_INFO		6
605#define MSLSA_POLICY_REPLICA_SOURCE_INFO	7
606#define MSLSA_POLICY_DEFAULT_QUOTA_INFO		8
607#define MSLSA_POLICY_DB_INFO			9
608#define MSLSA_POLICY_AUDIT_SET_INFO		10
609#define MSLSA_POLICY_AUDIT_QUERY_INFO		11
610#define MSLSA_POLICY_DNS_DOMAIN_INFO		12
611
612#define	LSA_ROLE_STANDALONE_WORKSTATION		0
613#define	LSA_ROLE_MEMBER_WORKSTATION		1
614#define	LSA_ROLE_STANDALONE_SERVER		2
615#define	LSA_ROLE_MEMBER_SERVER			3
616#define	LSA_ROLE_BACKUP_DC			4
617#define	LSA_ROLE_PRIMARY_DC			5
618
619/*
620 * MSLSA_POLICY_AUDIT_EVENTS_INFO
621 */
622struct mslsa_AuditEventsInfo {
623	DWORD enabled;
624    SIZE_IS (count)
625	DWORD *settings;
626	DWORD count;
627};
628
629/*
630 * MSLSA_POLICY_PRIMARY_DOMAIN_INFO
631 */
632struct mslsa_PrimaryDomainInfo {
633	struct mslsa_string_desc name;
634	struct mslsa_sid *sid;
635};
636
637/*
638 * MSLSA_POLICY_ACCOUNT_DOMAIN_INFO
639 */
640struct mslsa_AccountDomainInfo {
641	struct mslsa_string_desc name;
642	struct mslsa_sid *sid;
643};
644
645/*
646 * MSLSA_POLICY_SERVER_ROLE_INFO
647 */
648struct mslsa_ServerRoleInfo {
649	DWORD role;
650	DWORD pad;
651};
652
653struct mslsa_DnsDomainInfo {
654	struct mslsa_string_desc nb_domain;
655	struct mslsa_string_desc dns_domain;
656	struct mslsa_string_desc forest;
657	struct mslsa_guid guid;
658	struct mslsa_sid *sid;
659};
660
661union mslsa_PolicyInfoResUnion {
662	CASE(2) struct mslsa_AuditEventsInfo audit_events;
663	CASE(3) struct mslsa_PrimaryDomainInfo pd_info;
664	CASE(5) struct mslsa_AccountDomainInfo ad_info;
665	CASE(6) struct mslsa_ServerRoleInfo server_role;
666	CASE(12) struct mslsa_DnsDomainInfo dns_info;
667	DEFAULT	char *nullptr;
668};
669
670/*
671 * This structure needs to be declared, even though it can't be used in
672 * mslsa_QueryInfoPolicy, in order to get the appropriate size to calculate
673 * the correct fixup offsets.  If ndrgen did the right thing,
674 * mslsa_PolicyInfoRes would be one of the out parameters.  However, if
675 * we do it that way, the switch_value isn't known early enough to do
676 * the fixup calculation.  So it all has to go in mslsa_QueryInfoPolicy.
677 */
678struct mslsa_PolicyInfoRes {
679	DWORD address;
680	WORD switch_value;
681    SWITCH(switch_value)
682	union mslsa_PolicyInfoResUnion ru;
683};
684
685OPERATION(LSARPC_OPNUM_QueryInfoPolicy)
686struct mslsa_QueryInfoPolicy {
687	IN	mslsa_handle_t handle;
688	IN	WORD info_class;
689	/*
690	 * Can't use this form because we need to include members explicitly.
691	 * OUT	struct mslsa_PolicyInfoRes result;
692	 */
693	OUT	DWORD address;
694	OUT	WORD switch_value;
695    SWITCH(switch_value)
696	OUT	union mslsa_PolicyInfoResUnion ru;
697	OUT	DWORD status;
698};
699
700
701
702/*
703 ***********************************************************************
704 * OpenAccount.
705 *
706 * Returns a handle that can be used to access the account specified
707 * by a SID. This handle can be used to enumerate account privileges.
708 ***********************************************************************
709 */
710OPERATION(LSARPC_OPNUM_OpenAccount)
711struct mslsa_OpenAccount {
712	IN  mslsa_handle_t handle;
713	IN REFERENCE	struct mslsa_sid *sid;
714	IN	DWORD access_mask;
715	OUT mslsa_handle_t account_handle;
716	OUT DWORD status;
717};
718
719
720
721 /*
722 ***********************************************************************
723 * EnumPrivilegesAccount.
724 *
725 * Enumerate the list of privileges held by the specified account. The
726 * handle must be a valid account handle obtained via OpenAccount. The
727 * luid values returned will be probably only be relevant on the domain
728 * controller so we'll need to find a way to convert them to the
729 * actual privilege names.
730 ***********************************************************************
731 */
732struct mslsa_LuidAndAttributes {
733	struct mslsa_luid luid;
734	DWORD attributes;
735};
736
737
738struct mslsa_PrivilegeSet {
739	DWORD privilege_count;
740	DWORD control;
741  SIZE_IS(privilege_count)
742	struct mslsa_LuidAndAttributes privilege[ANY_SIZE_ARRAY];
743};
744
745
746OPERATION(LSARPC_OPNUM_EnumPrivsAccount)
747	struct mslsa_EnumPrivsAccount {
748	IN	mslsa_handle_t account_handle;
749	OUT	struct mslsa_PrivilegeSet *privileges;
750	OUT	DWORD status;
751};
752
753OPERATION(LSARPC_OPNUM_OpenSecret)
754struct mslsa_OpenSecret {
755	IN	mslsa_handle_t handle;
756	IN	mslsa_string_t name;
757	IN	DWORD access_mask;
758	OUT	mslsa_handle_t secret_handle;
759	OUT	DWORD status;
760};
761
762
763/*
764 ***********************************************************************
765 * LookupPrivValue
766 *
767 * Map a privilege name to a local unique id (LUID). Privilege names
768 * are consistent across the network. LUIDs are machine specific.
769 * The privilege list is provided as a set of LUIDs so the privilege
770 * lookup functions must be used to identify which the privilege to
771 * which each LUID refers. The handle here is a policy handle.
772 ***********************************************************************
773 */
774OPERATION(LSARPC_OPNUM_LookupPrivValue)
775struct mslsa_LookupPrivValue {
776	IN	mslsa_handle_t handle;
777	IN	mslsa_string_t name;
778	OUT	struct mslsa_luid luid;
779	OUT	DWORD status;
780};
781
782
783/*
784 ***********************************************************************
785 * LookupPrivName
786 *
787 * Map a privilege value (LUID) to a privilege name. Privilege names
788 * are consistent across the network. LUIDs are machine specific.
789 * The privilege list is provided as a set of LUIDs so the privilege
790 * lookup functions must be used to identify which the privilege to
791 * which each LUID refers. The handle here is a policy handle.
792 ***********************************************************************
793 */
794OPERATION(LSARPC_OPNUM_LookupPrivName)
795struct mslsa_LookupPrivName {
796	IN	mslsa_handle_t handle;
797	IN	struct mslsa_luid luid;
798	OUT	mslsa_string_t *name;
799	OUT	DWORD status;
800};
801
802
803/*
804 ***********************************************************************
805 * LookupPrivDisplayName
806 *
807 * Map a privilege name to a local unique id (LUID). Privilege names
808 * are consistent across the network. LUIDs are machine specific.
809 * The privilege list is provided as a set of LUIDs so the privilege
810 * lookup functions must be used to identify which the privilege to
811 * which each LUID refers. The handle here is a policy handle.
812 ***********************************************************************
813 */
814OPERATION(LSARPC_OPNUM_LookupPrivDisplayName)
815struct mslsa_LookupPrivDisplayName {
816	IN	mslsa_handle_t handle;
817	IN	mslsa_string_t name;
818	IN	WORD client_language;
819	IN	WORD default_language;
820	OUT	mslsa_string_t *display_name;
821	OUT	WORD language_ret;
822	OUT	DWORD status;
823};
824
825
826/*
827 ***********************************************************************
828 * GetConnectedUser
829 *
830 * Return the account name and NetBIOS domain name for the user making
831 * the request.  All input fields should be ignored by the server.
832 ***********************************************************************
833 */
834struct mslsa_DomainName {
835	struct mslsa_string_desc *name;
836};
837
838
839OPERATION(LSARPC_OPNUM_GetConnectedUser)
840struct mslsa_GetConnectedUser {
841	IN	LPTSTR hostname;
842	IN	BYTE *owner_in;
843	IN	BYTE *domain_in;
844	OUT	struct mslsa_string_desc *owner;
845	OUT	struct mslsa_DomainName *domain;
846	OUT	DWORD status;
847};
848
849
850/*
851 ***********************************************************************
852 * LSARPC_OPNUM_LookupSids2
853 *
854 * SID lookup function that appeared in Windows 2000. It appears to be
855 * very similar to the original SID lookup RPC. There are two extra IN
856 * parameters, which we don't care about. The OUT name structure has
857 * an extra field, in which zero seems to be okay.
858 ***********************************************************************
859 */
860struct lsar_name_entry2 {
861	WORD sid_name_use;
862	WORD padding;
863	mslsa_string_t name;
864	DWORD domain_ix;	/* -1 means none */
865	DWORD flags;
866};
867typedef struct lsar_name_entry2 lsar_translated_name_ex_t;
868
869struct lsar_name_table2 {
870	DWORD n_entry;
871  SIZE_IS(n_entry)
872	struct lsar_name_entry2 *entries;
873};
874typedef struct lsar_name_table2 lsar_translated_names_ex_t;
875
876OPERATION(LSARPC_OPNUM_LookupSids2)
877struct lsar_lookup_sids2 {
878	IN		mslsa_handle_t policy_handle;
879	IN		struct mslsa_lup_sid_table lup_sid_table;
880	OUT		struct mslsa_domain_table *domain_table;
881	INOUT	struct lsar_name_table2 name_table;
882	IN		WORD lookup_level;
883	INOUT	DWORD mapped_count;
884	IN		DWORD lookup_options;
885	IN		DWORD client_revision;
886 	OUT		DWORD status;
887};
888
889OPERATION(LSARPC_OPNUM_LookupSids3)
890struct lsar_lookup_sids3 {
891	IN		struct mslsa_lup_sid_table	lup_sid_table;
892	OUT		struct mslsa_domain_table	*domain_table;
893	INOUT		lsar_translated_names_ex_t	name_table;
894	IN		WORD				lookup_level;
895	INOUT		DWORD				mapped_count;
896	IN		DWORD				lookup_options;
897	IN		DWORD				client_revision;
898 	OUT		DWORD				status;
899};
900
901/*
902 ***********************************************************************
903 * LSARPC_OPNUM_LookupNames2
904 *
905 * Name lookup function that appeared in Windows 2000. It appears to be
906 * very similar to the original name lookup RPC. There are two extra IN
907 * parameters, which we don't care about. The lsar_rid_entry2 structure
908 * has an extra field, in which zero seems to be okay.
909 ***********************************************************************
910 */
911struct lsar_rid_entry2 {
912	WORD sid_name_use;
913	WORD pad;
914	DWORD rid;
915	DWORD domain_index;	/* -1 means none */
916	DWORD flags;
917};
918
919
920struct lsar_rid_table2 {
921	DWORD n_entry;
922  SIZE_IS(n_entry)
923	struct lsar_rid_entry2 *rids;
924};
925
926
927OPERATION(LSARPC_OPNUM_LookupNames2)
928struct lsar_LookupNames2 {
929	IN		mslsa_handle_t policy_handle;
930	IN	REFERENCE	struct mslsa_lup_name_table *name_table;
931	OUT		struct mslsa_domain_table *domain_table;
932	INOUT	struct lsar_rid_table2 translated_sids;
933	IN		WORD lookup_level;
934	INOUT	DWORD mapped_count;
935	IN		DWORD lookup_options;
936	IN		DWORD client_revision;
937	OUT		DWORD status;
938};
939
940struct lsar_translated_sid_ex2 {
941	WORD			sid_name_use;
942	WORD			pad;
943	struct mslsa_sid	*sid;
944	DWORD			domain_index;	/* -1 means none */
945	DWORD			flags;
946};
947typedef struct lsar_translated_sid_ex2 lsar_translated_sid_ex2_t;
948
949struct lsar_sid_ex2_table {
950	DWORD			n_entry;
951  SIZE_IS(n_entry)
952	struct lsar_translated_sid_ex2	*sids;
953};
954typedef struct lsar_sid_ex2_table lsar_sid_ex2_table_t;
955
956OPERATION(LSARPC_OPNUM_LookupNames3)
957struct lsar_LookupNames3 {
958	IN		mslsa_handle_t			policy_handle;
959	IN REFERENCE	struct mslsa_lup_name_table	*name_table;
960	OUT		struct mslsa_domain_table	*domain_table;
961	INOUT		struct lsar_sid_ex2_table	translated_sids;
962	IN		WORD				lookup_level;
963	INOUT		DWORD				mapped_count;
964	IN		DWORD				lookup_options;
965	IN		DWORD				client_revision;
966	OUT		DWORD				status;
967};
968
969OPERATION(LSARPC_OPNUM_LookupNames4)
970struct lsar_LookupNames4 {
971	IN REFERENCE	struct mslsa_lup_name_table	*name_table;
972	OUT		struct mslsa_domain_table	*domain_table;
973	INOUT		struct lsar_sid_ex2_table	translated_sids;
974	IN		WORD				lookup_level;
975	INOUT		DWORD				mapped_count;
976	IN		DWORD				lookup_options;
977	IN		DWORD				client_revision;
978	OUT		DWORD				status;
979};
980
981/*
982 ***********************************************************************
983 * The LSARPC interface definition.
984 ***********************************************************************
985 */
986INTERFACE(0)
987union lsarpc_interface {
988	CASE(LSARPC_OPNUM_CloseHandle)
989		struct mslsa_CloseHandle		CloseHandle;
990	CASE(LSARPC_OPNUM_QuerySecurityObject)
991		struct mslsa_QuerySecurityObject	QuerySecurityObj;
992	CASE(LSARPC_OPNUM_EnumerateAccounts)
993		struct mslsa_EnumerateAccounts		EnumAccounts;
994	CASE(LSARPC_OPNUM_EnumTrustedDomainsEx)
995		struct mslsa_EnumTrustedDomainEx	EnumTrustedDomainEx;
996	CASE(LSARPC_OPNUM_EnumTrustedDomain)
997		struct mslsa_EnumTrustedDomain		EnumTrustedDomain;
998	CASE(LSARPC_OPNUM_OpenAccount)
999		struct mslsa_OpenAccount		OpenAccount;
1000	CASE(LSARPC_OPNUM_EnumPrivsAccount)
1001		struct mslsa_EnumPrivsAccount		EnumPrivsAccount;
1002	CASE(LSARPC_OPNUM_LookupPrivValue)
1003		struct mslsa_LookupPrivValue		LookupPrivValue;
1004	CASE(LSARPC_OPNUM_LookupPrivName)
1005		struct mslsa_LookupPrivName		LookupPrivName;
1006	CASE(LSARPC_OPNUM_LookupPrivDisplayName)
1007		struct mslsa_LookupPrivDisplayName	LookupPrivDisplayName;
1008	CASE(LSARPC_OPNUM_CreateSecret)
1009		struct mslsa_CreateSecret		CreateSecret;
1010	CASE(LSARPC_OPNUM_OpenSecret)
1011		struct mslsa_OpenSecret			OpenSecret;
1012	CASE(LSARPC_OPNUM_QueryInfoPolicy)
1013		struct mslsa_QueryInfoPolicy		QueryInfoPolicy;
1014	CASE(LSARPC_OPNUM_OpenPolicy)
1015		struct mslsa_OpenPolicy			OpenPolicy;
1016	CASE(LSARPC_OPNUM_OpenPolicy2)
1017		struct mslsa_OpenPolicy2		OpenPolicy2;
1018	CASE(LSARPC_OPNUM_LookupSids)
1019		struct mslsa_LookupSids			LookupSids;
1020	CASE(LSARPC_OPNUM_LookupNames)
1021		struct mslsa_LookupNames		LookupNames;
1022	CASE(LSARPC_OPNUM_GetConnectedUser)
1023		struct mslsa_GetConnectedUser		GetConnectedUser;
1024	CASE(LSARPC_OPNUM_LookupSids2)
1025		struct lsar_lookup_sids2		LookupSids2;
1026	CASE(LSARPC_OPNUM_LookupSids3)
1027		struct lsar_lookup_sids3		LookupSids3;
1028	CASE(LSARPC_OPNUM_LookupNames2)
1029		struct lsar_LookupNames2		LookupNames2;
1030	CASE(LSARPC_OPNUM_LookupNames3)
1031		struct lsar_LookupNames3		LookupNames3;
1032	CASE(LSARPC_OPNUM_LookupNames4)
1033		struct lsar_LookupNames4		LookupNames4;
1034};
1035typedef union lsarpc_interface	lsarpc_interface_t;
1036EXTERNTYPEINFO(lsarpc_interface)
1037
1038#endif /* _MLSVC_LSA_NDL_ */
1039