1da6c28aaSamw/* 2da6c28aaSamw * CDDL HEADER START 3da6c28aaSamw * 4da6c28aaSamw * The contents of this file are subject to the terms of the 5da6c28aaSamw * Common Development and Distribution License (the "License"). 6da6c28aaSamw * You may not use this file except in compliance with the License. 7da6c28aaSamw * 8da6c28aaSamw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9da6c28aaSamw * or http://www.opensolaris.org/os/licensing. 10da6c28aaSamw * See the License for the specific language governing permissions 11da6c28aaSamw * and limitations under the License. 12da6c28aaSamw * 13da6c28aaSamw * When distributing Covered Code, include this CDDL HEADER in each 14da6c28aaSamw * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15da6c28aaSamw * If applicable, add the following below this CDDL HEADER, with the 16da6c28aaSamw * fields enclosed by brackets "[]" replaced with your own identifying 17da6c28aaSamw * information: Portions Copyright [yyyy] [name of copyright owner] 18da6c28aaSamw * 19da6c28aaSamw * CDDL HEADER END 20da6c28aaSamw */ 211ed6b69aSGordon Ross 22da6c28aaSamw/* 23c5866007SKeyur Desai * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 24*9242c919SMatt Barden * Copyright 2017 Nexenta Systems, Inc. All rights reserved. 25da6c28aaSamw */ 26da6c28aaSamw 27da6c28aaSamw#ifndef _MLSVC_SAM_NDL_ 28da6c28aaSamw#define _MLSVC_SAM_NDL_ 29da6c28aaSamw 30da6c28aaSamw/* 31da6c28aaSamw * Security Accounts Manager RPC (SAMR) interface definition. 32da6c28aaSamw */ 33da6c28aaSamw 343299f39fSGordon Ross#include <libmlrpc/ndrtypes.ndl> 35da6c28aaSamw 36a0aa776eSAlan Wright/* Windows NT */ 37cb174861Sjoyce mcintosh#define SAMR_OPNUM_Connect 0x00 /* SamrConnect */ 38da6c28aaSamw#define SAMR_OPNUM_CloseHandle 0x01 39a0aa776eSAlan Wright#define SAMR_OPNUM_SetSecObject 0x02 40da6c28aaSamw#define SAMR_OPNUM_QuerySecObject 0x03 41a0aa776eSAlan Wright#define SAMR_OPNUM_ShutdownSamServer 0x04 /* NotUsedOnWire */ 42da6c28aaSamw#define SAMR_OPNUM_LookupDomain 0x05 43da6c28aaSamw#define SAMR_OPNUM_EnumLocalDomains 0x06 44da6c28aaSamw#define SAMR_OPNUM_OpenDomain 0x07 45da6c28aaSamw#define SAMR_OPNUM_QueryDomainInfo 0x08 46a0aa776eSAlan Wright#define SAMR_OPNUM_SetDomainInfo 0x09 47da6c28aaSamw#define SAMR_OPNUM_CreateDomainGroup 0x0a 48da6c28aaSamw#define SAMR_OPNUM_QueryDomainGroups 0x0b 49a0aa776eSAlan Wright#define SAMR_OPNUM_CreateDomainUser 0x0c 50da6c28aaSamw#define SAMR_OPNUM_EnumDomainUsers 0x0d 51da6c28aaSamw#define SAMR_OPNUM_CreateDomainAlias 0x0e 52da6c28aaSamw#define SAMR_OPNUM_EnumDomainAliases 0x0f 53a0aa776eSAlan Wright#define SAMR_OPNUM_LookupIds 0x10 /* GetAliasMembership */ 54da6c28aaSamw#define SAMR_OPNUM_LookupNames 0x11 55da6c28aaSamw#define SAMR_OPNUM_LookupDomainIds 0x12 56da6c28aaSamw#define SAMR_OPNUM_OpenGroup 0x13 57da6c28aaSamw#define SAMR_OPNUM_QueryGroupInfo 0x14 58da6c28aaSamw#define SAMR_OPNUM_StoreGroupInfo 0x15 59da6c28aaSamw#define SAMR_OPNUM_AddGroupMember 0x16 60da6c28aaSamw#define SAMR_OPNUM_DeleteDomainGroup 0x17 61da6c28aaSamw#define SAMR_OPNUM_DeleteGroupMember 0x18 62da6c28aaSamw#define SAMR_OPNUM_ListGroupMembers 0x19 63a0aa776eSAlan Wright#define SAMR_OPNUM_SetGroupMemberAttributes 0x1a 64da6c28aaSamw#define SAMR_OPNUM_OpenAlias 0x1b 65da6c28aaSamw#define SAMR_OPNUM_QueryAliasInfo 0x1c 66da6c28aaSamw#define SAMR_OPNUM_SetAliasInfo 0x1d 67da6c28aaSamw#define SAMR_OPNUM_DeleteDomainAlias 0x1e 68da6c28aaSamw#define SAMR_OPNUM_AddAliasMember 0x1f 69da6c28aaSamw#define SAMR_OPNUM_DeleteAliasMember 0x20 70c5866007SKeyur Desai#define SAMR_OPNUM_ListAliasMembers 0x21 71da6c28aaSamw#define SAMR_OPNUM_OpenUser 0x22 72da6c28aaSamw#define SAMR_OPNUM_DeleteUser 0x23 73da6c28aaSamw#define SAMR_OPNUM_QueryUserInfo 0x24 74a0aa776eSAlan Wright#define SAMR_OPNUM_SetUserInfo0 0x25 /* SetUserInfo */ 75a0aa776eSAlan Wright#define SAMR_OPNUM_ChangeUserPassword0 0x26 /* ChangeUserPassword */ 76da6c28aaSamw#define SAMR_OPNUM_QueryUserGroups 0x27 77da6c28aaSamw#define SAMR_OPNUM_QueryDispInfo 0x28 /* QueryDispInfo1 */ 78a0aa776eSAlan Wright#define SAMR_OPNUM_GetDisplayEnumIndex 0x29 79a0aa776eSAlan Wright#define SAMR_OPNUM_TestPrivateDomainFunctions 0x2a /* NotUsedOnWire */ 80a0aa776eSAlan Wright#define SAMR_OPNUM_TestPrivateUserFunctions 0x2b /* NotUsedOnWire */ 81da6c28aaSamw#define SAMR_OPNUM_GetUserPwInfo 0x2c 82a0aa776eSAlan Wright 83a0aa776eSAlan Wright/* Windows 2000 */ 84a0aa776eSAlan Wright#define SAMR_OPNUM_RemoveMemberFromForeignDomain 0x2d 85a0aa776eSAlan Wright#define SAMR_OPNUM_QueryInfoDomain2 0x2e 86a0aa776eSAlan Wright#define SAMR_OPNUM_QueryInfoUser2 0x2f 87a0aa776eSAlan Wright#define SAMR_OPNUM_EnumDomainGroups 0x30 /* QueryDispInfo2 */ 88a0aa776eSAlan Wright#define SAMR_OPNUM_GetDisplayEnumIndex2 0x31 89a0aa776eSAlan Wright#define SAMR_OPNUM_CreateUser 0x32 90a0aa776eSAlan Wright#define SAMR_OPNUM_QueryDispInfo4 0x33 91a0aa776eSAlan Wright#define SAMR_OPNUM_AddMultipleAliasMembers 0x34 92a0aa776eSAlan Wright#define SAMR_OPNUM_RemoveMultipleAliasMembers 0x35 93a0aa776eSAlan Wright#define SAMR_OPNUM_ChangeUserOemPassword 0x36 941ed6b69aSGordon Ross#define SAMR_OPNUM_ChangePasswordUser2 0x37 /* UnicodePasswd */ 95da6c28aaSamw#define SAMR_OPNUM_GetDomainPwInfo 0x38 96cb174861Sjoyce mcintosh#define SAMR_OPNUM_Connect2 0x39 /* SamrConnect2 */ 971ed6b69aSGordon Ross#define SAMR_OPNUM_SetUserInfo 0x3a /* SetInfoUser2 */ 98a0aa776eSAlan Wright#define SAMR_OPNUM_SetBootKeyInformation 0x3b 99a0aa776eSAlan Wright#define SAMR_OPNUM_GetBootKeyInformation 0x3c 100cb174861Sjoyce mcintosh#define SAMR_OPNUM_Connect3 0x3d /* NotUsedOnWire */ 101cb174861Sjoyce mcintosh#define SAMR_OPNUM_Connect4 0x3e /* SamrConnect4 */ 102a0aa776eSAlan Wright#define SAMR_OPNUM_ChangeUserUnicodePassword3 0x3f 103a0aa776eSAlan Wright 104a0aa776eSAlan Wright/* Windows XP and Windows Server 2003 */ 105cb174861Sjoyce mcintosh#define SAMR_OPNUM_Connect5 0x40 /* SamrConnect5 */ 106a0aa776eSAlan Wright#define SAMR_OPNUM_RidToSid 0x41 107a0aa776eSAlan Wright#define SAMR_OPNUM_SetDSRMPassword 0x42 108a0aa776eSAlan Wright#define SAMR_OPNUM_ValidatePassword 0x43 109a0aa776eSAlan Wright 110a0aa776eSAlan Wright/* Windows Vista */ 111a0aa776eSAlan Wright#define SAMR_OPNUM_QueryLocalizableAccountsInDomain 0x44 112a0aa776eSAlan Wright#define SAMR_OPNUM_PerformGenericOperation 0x45 113da6c28aaSamw 114da6c28aaSamw 115da6c28aaSamw/* 116da6c28aaSamw * Sam account flags used when creating an account. These flags seem 117da6c28aaSamw * to be very similar to the USER_INFO_X flags (UF_XXX) in lmaccess.h 118da6c28aaSamw * but the values are different. 119da6c28aaSamw */ 120da6c28aaSamw#define SAMR_AF_ACCOUNTDISABLE 0x0001 121da6c28aaSamw#define SAMR_AF_HOMEDIR_REQUIRED 0x0002 122da6c28aaSamw#define SAMR_AF_PASSWD_NOTREQD 0x0004 123da6c28aaSamw#define SAMR_AF_TEMP_DUPLICATE_ACCOUNT 0x0008 124da6c28aaSamw#define SAMR_AF_NORMAL_ACCOUNT 0x0010 125da6c28aaSamw#define SAMR_AF_MNS_LOGON_ACCOUNT 0x0020 126da6c28aaSamw#define SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT 0x0040 127da6c28aaSamw#define SAMR_AF_WORKSTATION_TRUST_ACCOUNT 0x0080 128da6c28aaSamw#define SAMR_AF_SERVER_TRUST_ACCOUNT 0x0100 129da6c28aaSamw#define SAMR_AF_DONT_EXPIRE_PASSWD 0x0200 130da6c28aaSamw#define SAMR_AF_ACCOUNT_AUTOLOCK 0x0400 131da6c28aaSamw 132da6c28aaSamw 133da6c28aaSamw#define SAMR_AF_MACHINE_ACCOUNT_MASK ( \ 134da6c28aaSamw SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT \ 135da6c28aaSamw | SAMR_AF_WORKSTATION_TRUST_ACCOUNT \ 136da6c28aaSamw | SAMR_AF_SERVER_TRUST_ACCOUNT) 137da6c28aaSamw 138da6c28aaSamw#define SAMR_AF_ACCOUNT_TYPE_MASK ( \ 139da6c28aaSamw SAMR_AF_TEMP_DUPLICATE_ACCOUNT \ 140da6c28aaSamw | SAMR_AF_NORMAL_ACCOUNT \ 141da6c28aaSamw | SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT \ 142da6c28aaSamw | SAMR_AF_WORKSTATION_TRUST_ACCOUNT \ 143da6c28aaSamw | SAMR_AF_SERVER_TRUST_ACCOUNT) 144da6c28aaSamw 145fe1c642dSBill Krier/* 146fe1c642dSBill Krier * QueryUserInfo UserAllInformation WhichFields 147fe1c642dSBill Krier */ 148fe1c642dSBill Krier#define SAMR_USER_ALL_USERNAME 0x00000001 149fe1c642dSBill Krier#define SAMR_USER_ALL_FULLNAME 0x00000002 150fe1c642dSBill Krier#define SAMR_USER_ALL_USERID 0x00000004 151fe1c642dSBill Krier#define SAMR_USER_ALL_PRIMARYGROUPID 0x00000008 152fe1c642dSBill Krier#define SAMR_USER_ALL_ADMINCOMMENT 0x00000010 153fe1c642dSBill Krier#define SAMR_USER_ALL_USERCOMMENT 0x00000020 154fe1c642dSBill Krier#define SAMR_USER_ALL_HOMEDIRECTORY 0x00000040 155fe1c642dSBill Krier#define SAMR_USER_ALL_HOMEDIRECTORYDRIVE 0x00000080 156fe1c642dSBill Krier#define SAMR_USER_ALL_SCRIPTPATH 0x00000100 157fe1c642dSBill Krier#define SAMR_USER_ALL_PROFILEPATH 0x00000200 158fe1c642dSBill Krier#define SAMR_USER_ALL_WORKSTATIONS 0x00000400 159fe1c642dSBill Krier#define SAMR_USER_ALL_LASTLOGON 0x00000800 160fe1c642dSBill Krier#define SAMR_USER_ALL_LASTLOGOFF 0x00001000 161fe1c642dSBill Krier#define SAMR_USER_ALL_LOGONHOURS 0x00002000 162fe1c642dSBill Krier#define SAMR_USER_ALL_BADPASSWORDCOUNT 0x00004000 163fe1c642dSBill Krier#define SAMR_USER_ALL_LOGONCOUNT 0x00008000 164fe1c642dSBill Krier#define SAMR_USER_ALL_PASSWORDCANCHANGE 0x00010000 165fe1c642dSBill Krier#define SAMR_USER_ALL_PASSWORDMUSTCHANGE 0x00020000 166fe1c642dSBill Krier#define SAMR_USER_ALL_PASSWORDLASTSET 0x00040000 167fe1c642dSBill Krier#define SAMR_USER_ALL_ACCOUNTEXPIRES 0x00080000 168fe1c642dSBill Krier#define SAMR_USER_ALL_USERACCOUNTCONTROL 0x00100000 169fe1c642dSBill Krier#define SAMR_USER_ALL_PARAMETERS 0x00200000 170fe1c642dSBill Krier#define SAMR_USER_ALL_COUNTRYCODE 0x00400000 171fe1c642dSBill Krier#define SAMR_USER_ALL_CODEPAGE 0x00800000 172fe1c642dSBill Krier#define SAMR_USER_ALL_NTPASSWORDPRESENT 0x01000000 173fe1c642dSBill Krier#define SAMR_USER_ALL_LMPASSWORDPRESENT 0x02000000 174fe1c642dSBill Krier#define SAMR_USER_ALL_PRIVATEDATA 0x04000000 175fe1c642dSBill Krier#define SAMR_USER_ALL_PASSWORDEXPIRED 0x08000000 176fe1c642dSBill Krier#define SAMR_USER_ALL_SECURITYDESCRIPTOR 0x10000000 1771ed6b69aSGordon Ross#define SAMR_USER_ALL_OWF_PASSWORD 0x20000000 178fe1c642dSBill Krier#define SAMR_USER_ALL_UNDEFINED_MASK 0xC0000000 179da6c28aaSamw 180da6c28aaSamw/* 181c5866007SKeyur Desai * Alias Access Mask values for SAMR 182c5866007SKeyur Desai * Section 2.2.1.6 of MS-SAMR 183da6c28aaSamw */ 184c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_EXECUTE 0x00020008 185c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_WRITE 0x00020013 186c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_READ 0x00020004 187c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_ALL_ACCESS 0x000F001F 188c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_WRITE_ACCOUNT 0x00000010 189c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_READ_INFO 0x00000008 190c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_LIST_MEMBERS 0x00000004 191c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_REMOVE_MEMBER 0x00000002 192da6c28aaSamw#define SAMR_ALIAS_ACCESS_ADD_MEMBER 0x00000001 193da6c28aaSamw 194a0aa776eSAlan Wright#define SAMR_REVISION_1 1 /* Pre Windows 2000 */ 195a0aa776eSAlan Wright#define SAMR_REVISION_2 2 /* Windows 2000 */ 196a0aa776eSAlan Wright#define SAMR_REVISION_3 3 /* Post Windows 2000 */ 197a0aa776eSAlan Wright 198da6c28aaSamw/* 199da6c28aaSamw * Definition for a SID. The ndl compiler does not allow a typedef of 200da6c28aaSamw * a structure containing variable size members. 2011ed6b69aSGordon Ross * Note: cast compatible with smb_sid_t, and code depends on that. 202da6c28aaSamw */ 203da6c28aaSamwstruct samr_sid { 204da6c28aaSamw BYTE Revision; 205da6c28aaSamw BYTE SubAuthCount; 206da6c28aaSamw BYTE Authority[6]; 207da6c28aaSamw SIZE_IS(SubAuthCount) 208da6c28aaSamw DWORD SubAuthority[ANY_SIZE_ARRAY]; 209da6c28aaSamw}; 210da6c28aaSamw 211da6c28aaSamw 212da6c28aaSamw/* 213da6c28aaSamw * SAMR definition of a security_descriptor. 214da6c28aaSamw */ 215da6c28aaSamwstruct samr_sec_desc { 216da6c28aaSamw BYTE Revision; 217da6c28aaSamw BYTE Sbz1; 218da6c28aaSamw WORD Control; 219da6c28aaSamw struct samr_sid *owner; 220da6c28aaSamw struct samr_sid *group; 221da6c28aaSamw struct samr_sid *sacl; 222da6c28aaSamw struct samr_sid *dacl; 223da6c28aaSamw}; 224da6c28aaSamw 225fe1c642dSBill Krierstruct samr_sd { 226fe1c642dSBill Krier DWORD length; 227fe1c642dSBill Krier SIZE_IS(length) 228fe1c642dSBill Krier BYTE *data; 229fe1c642dSBill Krier}; 230fe1c642dSBill Kriertypedef struct samr_sd samr_sd_t; 231da6c28aaSamw 232da6c28aaSamw/* 2331ed6b69aSGordon Ross * See RPC_STRING in the MS IDL. 234da6c28aaSamw * Definition for a string. The length and allosize should be set to 235da6c28aaSamw * twice the string length (i.e. strlen(str) * 2). The runtime code 236da6c28aaSamw * will perform the appropriate string to a wide-char conversions, 237da6c28aaSamw * so str should point to a regular char * string. 238da6c28aaSamw */ 239da6c28aaSamwstruct samr_string { 240da6c28aaSamw WORD length; 241da6c28aaSamw WORD allosize; 242da6c28aaSamw LPTSTR str; 243da6c28aaSamw}; 244da6c28aaSamwtypedef struct samr_string samr_string_t; 245da6c28aaSamw 246da6c28aaSamw 247da6c28aaSamw/* 248da6c28aaSamw * Alternative varying/conformant string definition - for 249da6c28aaSamw * non-null terminated strings. This definition must match 2508d7e4166Sjose borrego * ndr_vcbuf_t. 251da6c28aaSamw */ 252da6c28aaSamwstruct samr_vcb { 253da6c28aaSamw /* 254da6c28aaSamw * size_is (actually a copy of length_is) will 255da6c28aaSamw * be inserted here by the marshalling library. 256da6c28aaSamw */ 257da6c28aaSamw DWORD vc_first_is; 258da6c28aaSamw DWORD vc_length_is; 259da6c28aaSamw SIZE_IS(vc_length_is) 260da6c28aaSamw WORD buffer[ANY_SIZE_ARRAY]; 261da6c28aaSamw}; 262da6c28aaSamw 263da6c28aaSamwstruct samr_vcbuf { 264da6c28aaSamw WORD wclen; 265da6c28aaSamw WORD wcsize; 266da6c28aaSamw struct samr_vcb *vcb; 267da6c28aaSamw}; 268da6c28aaSamwtypedef struct samr_vcbuf samr_vcbuf_t; 269da6c28aaSamw 2708d7e4166Sjose borregoCONTEXT_HANDLE(samr_handle) samr_handle_t; 271da6c28aaSamw 272da6c28aaSamw/* 273fe1c642dSBill Krier * OLD_LARGE_INTEGER: a 64-bit value. 274da6c28aaSamw */ 275da6c28aaSamwstruct samr_quad { 276da6c28aaSamw DWORD low; 277da6c28aaSamw DWORD high; 278da6c28aaSamw}; 279da6c28aaSamwtypedef struct samr_quad samr_quad_t; 280da6c28aaSamw 281fe1c642dSBill Krier/* 282fe1c642dSBill Krier * Blob used for the NT and LM OWF passwords. 283fe1c642dSBill Krier * The length and maxlen should be 16. 284fe1c642dSBill Krier */ 285fe1c642dSBill Krierstruct samr_short_blob { 286fe1c642dSBill Krier WORD length; 287fe1c642dSBill Krier WORD maxlen; 288fe1c642dSBill Krier SIZE_IS(length / 2) 289fe1c642dSBill Krier WORD *buf; 290fe1c642dSBill Krier}; 291fe1c642dSBill Krier 292f96bd5c8SAlan Wright#define DOMAIN_PASSWORD_COMPLEX 0x00000001 293f96bd5c8SAlan Wright#define DOMAIN_PASSWORD_NO_ANON_CHANGE 0x00000002 294f96bd5c8SAlan Wright#define DOMAIN_PASSWORD_NO_CLEAR_CHANGE 0x00000004 295f96bd5c8SAlan Wright#define DOMAIN_LOCKOUT_ADMINS 0x00000008 296f96bd5c8SAlan Wright#define DOMAIN_PASSWORD_STORE_CLEARTEXT 0x00000010 297f96bd5c8SAlan Wright#define DOMAIN_REFUSE_PASSWORD_CHANGE 0x00000020 298f96bd5c8SAlan Wright 299f96bd5c8SAlan Wrightstruct samr_password_info { 300f96bd5c8SAlan Wright WORD min_length; 301f96bd5c8SAlan Wright DWORD properties; 302f96bd5c8SAlan Wright}; 303f96bd5c8SAlan Wrighttypedef struct samr_password_info samr_password_info_t; 304f96bd5c8SAlan Wright 305fe1c642dSBill Krier/* 306fe1c642dSBill Krier * There is some sort of logon bitmap structure in here, which I 307fe1c642dSBill Krier * think is a varying and conformant array, i.e. 308fe1c642dSBill Krier * 309fe1c642dSBill Krier * struct samr_logon_hours { 310fe1c642dSBill Krier * DWORD size_is; (1260) 311fe1c642dSBill Krier * DWORD first_is; (zero) 312fe1c642dSBill Krier * DWORD length_is; (168) 313fe1c642dSBill Krier * BYTE bitmap[21]; 314fe1c642dSBill Krier * }; 315fe1c642dSBill Krier * 316fe1c642dSBill Krier * struct samr_logon_info { 317fe1c642dSBill Krier * DWORD length; 318fe1c642dSBill Krier * SIZE_IS(length / 8) 319fe1c642dSBill Krier * struct samr_logon_hours *hours; 320fe1c642dSBill Krier * }; 321fe1c642dSBill Krier * 322fe1c642dSBill Krier * There are 10080 minutes/week => 10080/8 = 1260 (0x04EC). 323fe1c642dSBill Krier * So size_is is set as some sort of maximum. 324fe1c642dSBill Krier * 325fe1c642dSBill Krier * There are 168 hours/week => 168/8 = 21 (0xA8). Since there are 21 326fe1c642dSBill Krier * bytes (all set to 0xFF), this is is probably the default setting. 327fe1c642dSBill Krier */ 328fe1c642dSBill Krier 329fe1c642dSBill Krier#define SAMR_MINS_PER_WEEK 10080 330fe1c642dSBill Krier#define SAMR_HOURS_PER_WEEK 168 331fe1c642dSBill Krier 332fe1c642dSBill Krier#define SAMR_HOURS_MAX_SIZE (SAMR_MINS_PER_WEEK / 8) 333fe1c642dSBill Krier#define SAMR_HOURS_SET_LEN(LEN) ((LEN) / 8) 334fe1c642dSBill Krier#define SAMR_SET_USER_HOURS_SZ 21 335fe1c642dSBill Krier 336fe1c642dSBill Krierstruct samr_logon_hours { 337fe1c642dSBill Krier DWORD size; 338fe1c642dSBill Krier DWORD first; 339fe1c642dSBill Krier DWORD length; 340fe1c642dSBill Krier BYTE bitmap[SAMR_SET_USER_HOURS_SZ]; 341fe1c642dSBill Krier}; 342fe1c642dSBill Krier 343fe1c642dSBill Krierstruct samr_logon_info { 344fe1c642dSBill Krier DWORD units; 345fe1c642dSBill Krier DWORD hours; 346fe1c642dSBill Krier}; 347fe1c642dSBill Krier 348fe1c642dSBill Krierstruct samr_logon_hours_all { 349fe1c642dSBill Krier WORD units_per_week; 350fe1c642dSBill Krier SIZE_IS(units_per_week / 8) 351fe1c642dSBill Krier BYTE *hours; 352fe1c642dSBill Krier}; 353fe1c642dSBill Krier 3541ed6b69aSGordon Ross/* 3551ed6b69aSGordon Ross * SAMPR_USER_PASSWORD (in the MS Net API) or 3561ed6b69aSGordon Ross * struct samr_user_password (internal use) is 3571ed6b69aSGordon Ross * the "clear" form of struct samr_encr_passwd 3581ed6b69aSGordon Ross * (SAMPR_ENCRYPTED_USER_PASSWORD in MS Net). 3591ed6b69aSGordon Ross * It's not used by ndrgen, but is declared here 3601ed6b69aSGordon Ross * to help clarify the relationship between these, 3611ed6b69aSGordon Ross * and for the benefit of our client-side code. 3621ed6b69aSGordon Ross */ 3631ed6b69aSGordon Ross#ifndef NDRGEN 3641ed6b69aSGordon Ross#define SAMR_USER_PWLEN 256 3651ed6b69aSGordon Rossstruct samr_user_password { 3663299f39fSGordon Ross ndr_wchar_t Buffer[SAMR_USER_PWLEN]; 3671ed6b69aSGordon Ross DWORD Length; 3681ed6b69aSGordon Ross}; 3691ed6b69aSGordon Ross#endif /* NDRGEN */ 3701ed6b69aSGordon Ross 3711ed6b69aSGordon Ross/* SAMPR_ENCRYPTED_USER_PASSWORD */ 3721ed6b69aSGordon Ross#define SAMR_ENCR_PWLEN 516 /* sizeof samr_user_password */ 3731ed6b69aSGordon Rossstruct samr_encr_passwd { 3741ed6b69aSGordon Ross BYTE data[SAMR_ENCR_PWLEN]; 3751ed6b69aSGordon Ross}; 3761ed6b69aSGordon Ross 3771ed6b69aSGordon Ross/* ENCRYPTED_NT_OWF_PASSWORD */ 3781ed6b69aSGordon Ross#define SAMR_PWHASH_LEN 16 3791ed6b69aSGordon Rossstruct samr_encr_hash { 3801ed6b69aSGordon Ross BYTE data[SAMR_PWHASH_LEN]; 381fe1c642dSBill Krier}; 382da6c28aaSamw 383da6c28aaSamw/* 384da6c28aaSamw *********************************************************************** 385cb174861Sjoyce mcintosh * SamrConnect. 386da6c28aaSamw *********************************************************************** 387da6c28aaSamw */ 388cb174861Sjoyce mcintoshOPERATION(SAMR_OPNUM_Connect) 389cb174861Sjoyce mcintoshstruct samr_Connect { 390da6c28aaSamw IN DWORD *servername; 391da6c28aaSamw IN DWORD access_mask; 392da6c28aaSamw OUT samr_handle_t handle; 393da6c28aaSamw OUT DWORD status; 394da6c28aaSamw}; 395da6c28aaSamw 396da6c28aaSamw 397da6c28aaSamw/* 398da6c28aaSamw *********************************************************************** 399cb174861Sjoyce mcintosh * SamrConnect2. 400da6c28aaSamw *********************************************************************** 401da6c28aaSamw */ 402cb174861Sjoyce mcintoshOPERATION(SAMR_OPNUM_Connect2) 403cb174861Sjoyce mcintoshstruct samr_Connect2 { 404da6c28aaSamw IN LPTSTR servername; 405da6c28aaSamw IN DWORD access_mask; 406da6c28aaSamw OUT samr_handle_t handle; 407da6c28aaSamw OUT DWORD status; 408da6c28aaSamw}; 409da6c28aaSamw 410da6c28aaSamw 411da6c28aaSamw/* 412da6c28aaSamw *********************************************************************** 413cb174861Sjoyce mcintosh * SamrConnect4. A new form of connect first seen with Windows 2000. 414da6c28aaSamw * A new field has been added to the input request. Value: 0x00000002. 415da6c28aaSamw *********************************************************************** 416da6c28aaSamw */ 417cb174861Sjoyce mcintoshOPERATION(SAMR_OPNUM_Connect4) 418cb174861Sjoyce mcintoshstruct samr_Connect4 { 419da6c28aaSamw IN LPTSTR servername; 420a0aa776eSAlan Wright IN DWORD revision; 421da6c28aaSamw IN DWORD access_mask; 422da6c28aaSamw OUT samr_handle_t handle; 423da6c28aaSamw OUT DWORD status; 424da6c28aaSamw}; 425da6c28aaSamw 426da6c28aaSamw 427da6c28aaSamw/* 428da6c28aaSamw *********************************************************************** 429cb174861Sjoyce mcintosh * SamrConnect5. A new form of connect first seen with Windows XP. 430da6c28aaSamw * The server name is the fully qualified domain name, i.e. 431a0aa776eSAlan Wright * \\server.sun.com. 432a0aa776eSAlan Wright * 433a0aa776eSAlan Wright * [in] DWORD InVersion, 434a0aa776eSAlan Wright * [in] [switch_is(InVersion)] samr_revision_info *InRevisionInfo 435a0aa776eSAlan Wright * [out] DWORD *OutVersion 436a0aa776eSAlan Wright * [out] [switch_is(*OutVersion)] *samr_revision_info *OutRevisionInfo 437a0aa776eSAlan Wright * 438a0aa776eSAlan Wright * SupportedFeatures (see notes in [MS-SAMR] 439a0aa776eSAlan Wright * 0x00000001 RID values returned from the server must not be 440a0aa776eSAlan Wright * concatenated with the domain SID. 441a0aa776eSAlan Wright * 0x00000002 Reserved 442a0aa776eSAlan Wright * 0x00000004 Reserved 443da6c28aaSamw *********************************************************************** 444da6c28aaSamw */ 445a0aa776eSAlan Wrightstruct samr_revision_info1 { 446a0aa776eSAlan Wright DWORD revision; 447a0aa776eSAlan Wright DWORD supported_features; 448a0aa776eSAlan Wright}; 449a0aa776eSAlan Wrighttypedef struct samr_revision_info1 samr_revision_info1_t; 450a0aa776eSAlan Wright 451a0aa776eSAlan Wrightunion samr_revision_info { 452a0aa776eSAlan Wright UNION_INFO_ENT(1,samr_revision_info); 453a0aa776eSAlan Wright DEFAULT char *nullptr; 454a0aa776eSAlan Wright}; 455a0aa776eSAlan Wright 456cb174861Sjoyce mcintoshOPERATION(SAMR_OPNUM_Connect5) 457cb174861Sjoyce mcintoshstruct samr_Connect5 { 458da6c28aaSamw IN LPTSTR servername; 459da6c28aaSamw IN DWORD access_mask; 4601ed6b69aSGordon Ross /* 4611ed6b69aSGordon Ross * This should be a union, but instead this is 4621ed6b69aSGordon Ross * done this way because unions are hard to 4631ed6b69aSGordon Ross * express in this RPC implementation. 4641ed6b69aSGordon Ross */ 4651ed6b69aSGordon Ross INOUT DWORD unknown2_00000001; /* V1 */ 4661ed6b69aSGordon Ross INOUT DWORD unknown3_00000001; /* V1 */ 4671ed6b69aSGordon Ross /* SAMPR_REVISION_INFO_V1 */ 4681ed6b69aSGordon Ross INOUT DWORD unknown4_00000003; /* Revision */ 4691ed6b69aSGordon Ross INOUT DWORD unknown5_00000000; /* SupportedFeatures */ 470da6c28aaSamw OUT samr_handle_t handle; 471da6c28aaSamw OUT DWORD status; 472da6c28aaSamw}; 473da6c28aaSamw 474da6c28aaSamw 475da6c28aaSamw/* 476da6c28aaSamw *********************************************************************** 477da6c28aaSamw * CloseHandle closes an association with the SAM. Using the same 478da6c28aaSamw * structure as the LSA seems to work. 479da6c28aaSamw *********************************************************************** 480da6c28aaSamw */ 481da6c28aaSamwOPERATION(SAMR_OPNUM_CloseHandle) 482da6c28aaSamwstruct samr_CloseHandle { 483da6c28aaSamw IN samr_handle_t handle; 484da6c28aaSamw OUT samr_handle_t result_handle; 485da6c28aaSamw OUT DWORD status; 486da6c28aaSamw}; 487da6c28aaSamw 488da6c28aaSamw 489*9242c919SMatt Barden/* 490*9242c919SMatt Barden *********************************************************************** 491*9242c919SMatt Barden * QuerySecObject 492*9242c919SMatt Barden * 493*9242c919SMatt Barden * Returns the SecurityDescriptor of the object. Support not complete. 494*9242c919SMatt Barden * 495*9242c919SMatt Barden * QuerySecObject ( 496*9242c919SMatt Barden * IN samr_handle_t obj_handle, 497*9242c919SMatt Barden * IN SECURITY_INFO secinfo, 498*9242c919SMatt Barden * OUT samr_sd_t *sd, 499*9242c919SMatt Barden * OUT DWORD status 500*9242c919SMatt Barden * ) 501*9242c919SMatt Barden * 502*9242c919SMatt Barden *********************************************************************** 503*9242c919SMatt Barden */ 504*9242c919SMatt Barden 505*9242c919SMatt Bardentypedef DWORD SECURITY_INFO; 506*9242c919SMatt Barden 507*9242c919SMatt BardenOPERATION(SAMR_OPNUM_QuerySecObject) 508*9242c919SMatt Bardenstruct samr_QuerySecObject { 509*9242c919SMatt Barden IN samr_handle_t obj_handle; 510*9242c919SMatt Barden IN SECURITY_INFO secinfo; 511*9242c919SMatt Barden OUT samr_sd_t *sd; 512*9242c919SMatt Barden OUT DWORD status; 513*9242c919SMatt Barden}; 514*9242c919SMatt Barden 515*9242c919SMatt Barden 516da6c28aaSamw/* 517da6c28aaSamw *********************************************************************** 518da6c28aaSamw * LookupDomain: lookup up the domain SID. 519da6c28aaSamw *********************************************************************** 520da6c28aaSamw */ 521da6c28aaSamwOPERATION(SAMR_OPNUM_LookupDomain) 522da6c28aaSamwstruct samr_LookupDomain { 523da6c28aaSamw IN samr_handle_t handle; 524da6c28aaSamw IN samr_string_t domain_name; 525da6c28aaSamw OUT struct samr_sid *sid; 526da6c28aaSamw OUT DWORD status; 527da6c28aaSamw}; 528da6c28aaSamw 529da6c28aaSamw 530da6c28aaSamw/* 531da6c28aaSamw *********************************************************************** 532da6c28aaSamw * EnumLocalDomain 533da6c28aaSamw * 534da6c28aaSamw * This looks like a request to get the local domains supported by a 535da6c28aaSamw * remote server. NT always seems to return 2 domains: the local 536da6c28aaSamw * domain (hostname) and the Builtin domain. 537da6c28aaSamw * 538da6c28aaSamw * The max_length field is set to 0x2000. 539da6c28aaSamw * Enum_context is set to 0 in the request and set to entries_read in 540da6c28aaSamw * the reply. Like most of these enums, total_entries is the same as 541da6c28aaSamw * entries_read. 542da6c28aaSamw *********************************************************************** 543da6c28aaSamw */ 544da6c28aaSamwstruct samr_LocalDomainEntry { 545da6c28aaSamw DWORD unknown; 546da6c28aaSamw samr_string_t name; 547da6c28aaSamw}; 548da6c28aaSamw 549da6c28aaSamwstruct samr_LocalDomainInfo { 550da6c28aaSamw DWORD entries_read; 551da6c28aaSamw SIZE_IS(entries_read) 552da6c28aaSamw struct samr_LocalDomainEntry *entry; 553da6c28aaSamw}; 554da6c28aaSamw 555da6c28aaSamw 556da6c28aaSamwOPERATION(SAMR_OPNUM_EnumLocalDomains) 557da6c28aaSamwstruct samr_EnumLocalDomain { 558da6c28aaSamw IN samr_handle_t handle; 559da6c28aaSamw INOUT DWORD enum_context; 560da6c28aaSamw IN DWORD max_length; 561da6c28aaSamw OUT struct samr_LocalDomainInfo *info; 562da6c28aaSamw OUT DWORD total_entries; 563da6c28aaSamw OUT DWORD status; 564da6c28aaSamw}; 565da6c28aaSamw 566da6c28aaSamw 567da6c28aaSamw/* 568da6c28aaSamw *********************************************************************** 569da6c28aaSamw * OpenDomain 570*9242c919SMatt Barden * 571da6c28aaSamw * Open a specific domain within the SAM. From this I assume that each 572da6c28aaSamw * SAM can handle multiple domains so you need to identify the one with 573da6c28aaSamw * which you want to work. Working with a domain handle does appear to 574da6c28aaSamw * offer the benefit that you can then use RIDs instead of full SIDs, 575da6c28aaSamw * which simplifies things a bit. The domain handle can be used to get 576da6c28aaSamw * user and group handles. 577da6c28aaSamw *********************************************************************** 578da6c28aaSamw */ 579da6c28aaSamwOPERATION(SAMR_OPNUM_OpenDomain) 580da6c28aaSamwstruct samr_OpenDomain { 581da6c28aaSamw IN samr_handle_t handle; 582da6c28aaSamw IN DWORD access_mask; 583da6c28aaSamw IN REFERENCE struct samr_sid *sid; 584da6c28aaSamw OUT samr_handle_t domain_handle; 585da6c28aaSamw OUT DWORD status; 586da6c28aaSamw}; 587da6c28aaSamw 588da6c28aaSamw 589da6c28aaSamw/* 590da6c28aaSamw *********************************************************************** 591da6c28aaSamw * QueryDomainInfo 592da6c28aaSamw * 593da6c28aaSamw * Windows 95 Server Manager sends requests for levels 6 and 7 when 594da6c28aaSamw * the services menu item is selected. 595da6c28aaSamw *********************************************************************** 596da6c28aaSamw */ 597da6c28aaSamw#define SAMR_QUERY_DOMAIN_INFO_2 2 598da6c28aaSamw#define SAMR_QUERY_DOMAIN_INFO_6 6 599da6c28aaSamw#define SAMR_QUERY_DOMAIN_INFO_7 7 600da6c28aaSamw 601da6c28aaSamw 602da6c28aaSamwstruct samr_QueryDomainInfo2 { 603da6c28aaSamw DWORD unknown1; /* 00 00 00 00 */ 604da6c28aaSamw DWORD unknown2; /* 00 00 00 80 */ 605da6c28aaSamw samr_string_t s1; 606da6c28aaSamw samr_string_t domain; 607da6c28aaSamw samr_string_t s2; 608da6c28aaSamw DWORD sequence_num; /* 2B 00 00 00 */ 609da6c28aaSamw DWORD unknown3; /* 00 00 00 00 */ 610da6c28aaSamw DWORD unknown4; /* 01 00 00 00 */ 611da6c28aaSamw DWORD unknown5; /* 03 00 00 00 */ 612da6c28aaSamw DWORD unknown6; /* 01 */ 613da6c28aaSamw DWORD num_users; 614da6c28aaSamw DWORD num_groups; 615da6c28aaSamw DWORD num_aliases; 616da6c28aaSamw}; 617da6c28aaSamw 618da6c28aaSamw 619da6c28aaSamwstruct samr_QueryDomainInfo6 { 620da6c28aaSamw DWORD unknown1; /* 00 00 00 00 */ 621da6c28aaSamw DWORD unknown2; /* B0 7F 14 00 */ 622da6c28aaSamw DWORD unknown3; /* 00 00 00 00 */ 623da6c28aaSamw DWORD unknown4; /* 00 00 00 00 */ 624da6c28aaSamw DWORD unknown5; /* 00 00 00 00 */ 625da6c28aaSamw}; 626da6c28aaSamw 627da6c28aaSamw 628da6c28aaSamwstruct samr_QueryDomainInfo7 { 629da6c28aaSamw DWORD unknown1; /* 03 00 00 00 */ 630da6c28aaSamw}; 631da6c28aaSamw 632da6c28aaSamw 633da6c28aaSamwunion samr_QueryDomainInfo_ru { 634da6c28aaSamw UNION_INFO_ENT(2,samr_QueryDomainInfo); 635da6c28aaSamw UNION_INFO_ENT(6,samr_QueryDomainInfo); 636da6c28aaSamw UNION_INFO_ENT(7,samr_QueryDomainInfo); 637da6c28aaSamw DEFAULT char *nullptr; 638da6c28aaSamw}; 639da6c28aaSamw 640da6c28aaSamwstruct samr_QueryDomainInfoRes { 641da6c28aaSamw WORD switch_value; 642da6c28aaSamw SWITCH(switch_value) 643da6c28aaSamw union samr_QueryDomainInfo_ru ru; 644da6c28aaSamw}; 645da6c28aaSamw 646da6c28aaSamwOPERATION(SAMR_OPNUM_QueryDomainInfo) 647da6c28aaSamwstruct samr_QueryDomainInfo { 648da6c28aaSamw IN samr_handle_t domain_handle; 649da6c28aaSamw IN WORD info_level; 650faa1795aSjb OUT struct samr_QueryDomainInfoRes *info; 651da6c28aaSamw OUT DWORD status; 652da6c28aaSamw}; 653da6c28aaSamw 654f96bd5c8SAlan Wright/* 655f96bd5c8SAlan Wright * Identical to SAMR_OPNUM_QueryDomainInfo. 656f96bd5c8SAlan Wright */ 657f96bd5c8SAlan WrightOPERATION(SAMR_OPNUM_QueryInfoDomain2) 658f96bd5c8SAlan Wrightstruct samr_QueryInfoDomain2 { 659f96bd5c8SAlan Wright IN samr_handle_t domain_handle; 660f96bd5c8SAlan Wright IN WORD info_level; 661f96bd5c8SAlan Wright OUT struct samr_QueryDomainInfoRes *info; 662f96bd5c8SAlan Wright OUT DWORD status; 663f96bd5c8SAlan Wright}; 664f96bd5c8SAlan Wright 665eef90b86SGordon Ross#define SAMR_QUERY_ALIAS_INFO_GENERAL 1 666eef90b86SGordon Ross#define SAMR_QUERY_ALIAS_INFO_NAME 2 667eef90b86SGordon Ross#define SAMR_QUERY_ALIAS_INFO_COMMENT 3 668da6c28aaSamw 669eef90b86SGordon Rossstruct samr_QueryAliasInfoGeneral { 670da6c28aaSamw WORD level; 671da6c28aaSamw samr_string_t name; 672eef90b86SGordon Ross DWORD member_count; 673da6c28aaSamw samr_string_t desc; 674da6c28aaSamw}; 675da6c28aaSamw 676eef90b86SGordon Rossstruct samr_QueryAliasInfoName { 677eef90b86SGordon Ross WORD level; 678eef90b86SGordon Ross samr_string_t name; 679eef90b86SGordon Ross}; 680eef90b86SGordon Ross 681eef90b86SGordon Rossstruct samr_QueryAliasInfoComment { 682da6c28aaSamw WORD level; 683da6c28aaSamw samr_string_t desc; 684da6c28aaSamw}; 685da6c28aaSamw 686da6c28aaSamwunion samr_QueryAliasInfo_ru { 687eef90b86SGordon Ross CASE(1) struct samr_QueryAliasInfoGeneral info1; 688eef90b86SGordon Ross CASE(2) struct samr_QueryAliasInfoName info2; 689eef90b86SGordon Ross CASE(3) struct samr_QueryAliasInfoComment info3; 690da6c28aaSamw DEFAULT char *nullptr; 691da6c28aaSamw}; 692da6c28aaSamw 693da6c28aaSamwstruct samr_QueryAliasInfoRes { 694da6c28aaSamw DWORD address; 695da6c28aaSamw WORD switch_value; 696da6c28aaSamw SWITCH(switch_value) 697da6c28aaSamw union samr_QueryAliasInfo_ru ru; 698da6c28aaSamw}; 699da6c28aaSamw 700da6c28aaSamwOPERATION(SAMR_OPNUM_QueryAliasInfo) 701da6c28aaSamwstruct samr_QueryAliasInfo { 702da6c28aaSamw IN samr_handle_t alias_handle; 703da6c28aaSamw IN WORD level; 704da6c28aaSamw OUT DWORD address; 705da6c28aaSamw SWITCH (level) 706da6c28aaSamw OUT union samr_QueryAliasInfo_ru ru; 707da6c28aaSamw OUT DWORD status; 708da6c28aaSamw}; 709da6c28aaSamw 710da6c28aaSamwOPERATION(SAMR_OPNUM_CreateDomainAlias) 711da6c28aaSamwstruct samr_CreateDomainAlias { 712da6c28aaSamw IN samr_handle_t domain_handle; 713da6c28aaSamw IN samr_string_t alias_name; 714da6c28aaSamw IN DWORD access_mask; 715da6c28aaSamw OUT samr_handle_t alias_handle; 716da6c28aaSamw OUT DWORD rid; 717da6c28aaSamw OUT DWORD status; 718da6c28aaSamw}; 719da6c28aaSamw 720da6c28aaSamwOPERATION(SAMR_OPNUM_SetAliasInfo) 721da6c28aaSamwstruct samr_SetAliasInfo { 722da6c28aaSamw IN samr_handle_t alias_handle; 723da6c28aaSamw IN WORD level; 724da6c28aaSamw /* TBD */ 725da6c28aaSamw OUT DWORD status; 726da6c28aaSamw}; 727da6c28aaSamw 728da6c28aaSamwOPERATION(SAMR_OPNUM_DeleteDomainAlias) 729da6c28aaSamwstruct samr_DeleteDomainAlias { 730c5866007SKeyur Desai INOUT samr_handle_t alias_handle; 731da6c28aaSamw OUT DWORD status; 732da6c28aaSamw}; 733da6c28aaSamw 734da6c28aaSamwOPERATION(SAMR_OPNUM_OpenAlias) 735da6c28aaSamwstruct samr_OpenAlias { 736da6c28aaSamw IN samr_handle_t domain_handle; 737da6c28aaSamw IN DWORD access_mask; 738da6c28aaSamw IN DWORD rid; 739da6c28aaSamw OUT samr_handle_t alias_handle; 740da6c28aaSamw OUT DWORD status; 741da6c28aaSamw}; 742da6c28aaSamw 743da6c28aaSamwstruct name_rid { 744da6c28aaSamw DWORD rid; 745da6c28aaSamw samr_string_t name; 746da6c28aaSamw}; 747da6c28aaSamw 748da6c28aaSamwstruct aliases_info { 749da6c28aaSamw DWORD count; 750da6c28aaSamw DWORD address; 751da6c28aaSamw SIZE_IS(count) 752da6c28aaSamw struct name_rid info[ANY_SIZE_ARRAY]; 753da6c28aaSamw}; 754da6c28aaSamw 755da6c28aaSamwOPERATION(SAMR_OPNUM_EnumDomainAliases) 756da6c28aaSamwstruct samr_EnumDomainAliases { 757da6c28aaSamw IN samr_handle_t domain_handle; 758da6c28aaSamw IN DWORD resume_handle; 759da6c28aaSamw IN DWORD mask; 760da6c28aaSamw OUT DWORD out_resume; 761da6c28aaSamw OUT struct aliases_info *aliases; 762da6c28aaSamw OUT DWORD entries; 763da6c28aaSamw OUT DWORD status; 764da6c28aaSamw}; 765da6c28aaSamw 766da6c28aaSamwstruct user_acct_info { 767da6c28aaSamw DWORD index; 768da6c28aaSamw DWORD rid; 769da6c28aaSamw DWORD ctrl; 770da6c28aaSamw samr_string_t name; 771da6c28aaSamw samr_string_t fullname; 772da6c28aaSamw samr_string_t desc; 773da6c28aaSamw}; 774da6c28aaSamw 775da6c28aaSamwstruct user_disp_info { 7763db3f65cSamw OUT DWORD total_size; 7773db3f65cSamw OUT DWORD returned_size; 7783db3f65cSamw OUT WORD switch_value; 779da6c28aaSamw DWORD count; 7803db3f65cSamw SIZE_IS(count) 7813db3f65cSamw struct user_acct_info *acct; 782da6c28aaSamw}; 783da6c28aaSamw 784da6c28aaSamwOPERATION(SAMR_OPNUM_QueryDispInfo) 785da6c28aaSamwstruct samr_QueryDispInfo { 786da6c28aaSamw IN samr_handle_t domain_handle; 787da6c28aaSamw IN WORD level; 788da6c28aaSamw IN DWORD start_idx; 789da6c28aaSamw IN DWORD max_entries; 790da6c28aaSamw IN DWORD pref_maxsize; 7913db3f65cSamw OUT struct user_disp_info users; 792da6c28aaSamw OUT DWORD status; 793da6c28aaSamw}; 794da6c28aaSamw 795da6c28aaSamwstruct group_acct_info { 796da6c28aaSamw DWORD index; 797da6c28aaSamw DWORD rid; 798da6c28aaSamw DWORD ctrl; 799da6c28aaSamw samr_string_t name; 800da6c28aaSamw samr_string_t desc; 801da6c28aaSamw}; 802da6c28aaSamw 803da6c28aaSamwstruct group_disp_info { 804da6c28aaSamw DWORD count; 805da6c28aaSamw /* right now we just need one entry */ 806da6c28aaSamw struct group_acct_info acct[1]; 807da6c28aaSamw}; 808da6c28aaSamw 809da6c28aaSamwOPERATION(SAMR_OPNUM_EnumDomainGroups) 810da6c28aaSamwstruct samr_EnumDomainGroups { 811da6c28aaSamw IN samr_handle_t domain_handle; 812da6c28aaSamw IN WORD level; 813da6c28aaSamw IN DWORD start_idx; 814da6c28aaSamw IN DWORD max_entries; 815da6c28aaSamw IN DWORD pref_maxsize; 816da6c28aaSamw OUT DWORD total_size; 817da6c28aaSamw OUT DWORD returned_size; 818da6c28aaSamw OUT WORD switch_value; 819da6c28aaSamw OUT DWORD count; 820da6c28aaSamw OUT struct group_disp_info *groups; 821da6c28aaSamw OUT DWORD status; 822da6c28aaSamw}; 823da6c28aaSamw 824da6c28aaSamw/* 825da6c28aaSamw *********************************************************************** 826da6c28aaSamw * OpenUser 827da6c28aaSamw * 828da6c28aaSamw * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain, 829da6c28aaSamw * an access mask and the appropriate user rid. The output will be a 830da6c28aaSamw * handle for use with the specified user. 831da6c28aaSamw *********************************************************************** 832da6c28aaSamw */ 833da6c28aaSamwOPERATION(SAMR_OPNUM_OpenUser) 834da6c28aaSamwstruct samr_OpenUser { 835da6c28aaSamw IN samr_handle_t handle; 836da6c28aaSamw IN DWORD access_mask; 837da6c28aaSamw IN DWORD rid; 838da6c28aaSamw OUT samr_handle_t user_handle; 839da6c28aaSamw OUT DWORD status; 840da6c28aaSamw}; 841da6c28aaSamw 842da6c28aaSamw 843da6c28aaSamw/* 844da6c28aaSamw *********************************************************************** 845da6c28aaSamw * DeleteUser 846da6c28aaSamw *********************************************************************** 847da6c28aaSamw */ 848da6c28aaSamwOPERATION(SAMR_OPNUM_DeleteUser) 849da6c28aaSamwstruct samr_DeleteUser { 850da6c28aaSamw INOUT samr_handle_t user_handle; 851da6c28aaSamw OUT DWORD status; 852da6c28aaSamw}; 853da6c28aaSamw 854da6c28aaSamw 855da6c28aaSamw/* 856da6c28aaSamw *********************************************************************** 857da6c28aaSamw * QueryUserInfo 858da6c28aaSamw * 859da6c28aaSamw * Provides various pieces of information on a specific user (see 860da6c28aaSamw * SAM_Q_QUERY_USERINFO and SAM_R_QUERY_USERINFO). The handle must 861da6c28aaSamw * be a valid SAM user handle. 862da6c28aaSamw * 863da6c28aaSamw * QueryUserInfo ( 864da6c28aaSamw * IN samr_handle_t user_handle, 865da6c28aaSamw * IN WORD switch_value, 866da6c28aaSamw * OUT union switch(switch_value) { 867da6c28aaSamw * case 1: struct QueryUserInfo1 *info1; 868da6c28aaSamw * } bufptr, 869da6c28aaSamw * OUT DWORD status 870da6c28aaSamw * ) 871da6c28aaSamw * 872fe1c642dSBill Krier * typedef enum _USER_INFORMATION_CLASS { 873fe1c642dSBill Krier * UserGeneralInformation = 1, 874fe1c642dSBill Krier * UserPreferencesInformation = 2, 875fe1c642dSBill Krier * UserLogonInformation = 3, 876fe1c642dSBill Krier * UserLogonHoursInformation = 4, 877fe1c642dSBill Krier * UserAccountInformation = 5, 878fe1c642dSBill Krier * UserNameInformation = 6, 879fe1c642dSBill Krier * UserAccountNameInformation = 7, 880fe1c642dSBill Krier * UserFullNameInformation = 8, 881fe1c642dSBill Krier * UserPrimaryGroupInformation = 9, 882fe1c642dSBill Krier * UserHomeInformation = 10, 883fe1c642dSBill Krier * UserScriptInformation = 11, 884fe1c642dSBill Krier * UserProfileInformation = 12, 885fe1c642dSBill Krier * UserAdminCommentInformation = 13, 886fe1c642dSBill Krier * UserWorkStationsInformation = 14, 887fe1c642dSBill Krier * UserControlInformation = 16, 888fe1c642dSBill Krier * UserExpiresInformation = 17, 889fe1c642dSBill Krier * UserInternal1Information = 18, 890fe1c642dSBill Krier * UserParametersInformation = 20, 891fe1c642dSBill Krier * UserAllInformation = 21, 892fe1c642dSBill Krier * UserInternal4Information = 23, 893fe1c642dSBill Krier * UserInternal5Information = 24, 894fe1c642dSBill Krier * UserInternal4InformationNew = 25, 895fe1c642dSBill Krier * UserInternal5InformationNew = 26, 896fe1c642dSBill Krier * } USER_INFORMATION_CLASS; 897da6c28aaSamw * 898da6c28aaSamw * 1 = username, fullname, description and some other stuff. 899da6c28aaSamw * 3 = large structure containing user rid, group rid, username 900da6c28aaSamw * and fullname. 901da6c28aaSamw * 5 = large structure (like 3) containing user rid, group rid, 902da6c28aaSamw * username, fullname and description. 903da6c28aaSamw * 6 = username and fullname 904da6c28aaSamw * 7 = username 905da6c28aaSamw * 8 = fullname 906da6c28aaSamw * 9 = group rid 907da6c28aaSamw * 16 = used after creating a new account 908da6c28aaSamw * 909da6c28aaSamw * Due to an ndrgen bug, a function must be provided to to patch the 910da6c28aaSamw * offsets used by the unmarshalling code at runtime. In order to 911da6c28aaSamw * simplify things it is useful to use a naming convention that 912da6c28aaSamw * indicates the switch value for each structure. 913*9242c919SMatt Barden * 914da6c28aaSamw *********************************************************************** 915da6c28aaSamw */ 916da6c28aaSamw 917da6c28aaSamw 918da6c28aaSamw#define SAMR_QUERY_USER_INFO_1 1 919da6c28aaSamw#define SAMR_QUERY_USER_UNAME_AND_FNAME 6 920da6c28aaSamw#define SAMR_QUERY_USER_USERNAME 7 921da6c28aaSamw#define SAMR_QUERY_USER_FULLNAME 8 922da6c28aaSamw#define SAMR_QUERY_USER_GROUPRID 9 923fe1c642dSBill Krier#define SAMR_QUERY_USER_CONTROL_INFO 16 924fe1c642dSBill Krier#define SAMR_QUERY_USER_ALL_INFO 21 925da6c28aaSamw 926da6c28aaSamw 927da6c28aaSamwstruct samr_QueryUserInfo1 { 928da6c28aaSamw samr_string_t username; 929da6c28aaSamw samr_string_t fullname; 930da6c28aaSamw DWORD group_rid; 931da6c28aaSamw samr_string_t description; 932da6c28aaSamw samr_string_t unknown; 933da6c28aaSamw}; 934da6c28aaSamw 935da6c28aaSamw 936da6c28aaSamwstruct samr_QueryUserInfo6 { 937da6c28aaSamw samr_string_t username; 938da6c28aaSamw samr_string_t fullname; 939da6c28aaSamw}; 940da6c28aaSamw 941da6c28aaSamwstruct samr_QueryUserInfo7 { 942da6c28aaSamw samr_string_t username; 943da6c28aaSamw}; 944da6c28aaSamw 945da6c28aaSamw 946da6c28aaSamwstruct samr_QueryUserInfo8 { 947da6c28aaSamw samr_string_t fullname; 948da6c28aaSamw}; 949da6c28aaSamw 950da6c28aaSamw 951da6c28aaSamwstruct samr_QueryUserInfo9 { 952da6c28aaSamw DWORD group_rid; 953da6c28aaSamw}; 954da6c28aaSamw 955da6c28aaSamw 956da6c28aaSamwstruct samr_QueryUserInfo16 { 9571ed6b69aSGordon Ross DWORD UserAccountControl; 958da6c28aaSamw}; 959da6c28aaSamw 960fe1c642dSBill Krier/* 961fe1c642dSBill Krier * SAMR_USER_ALL_INFORMATION 962fe1c642dSBill Krier */ 963fe1c642dSBill Krierstruct samr_QueryUserInfo21 { 964fe1c642dSBill Krier samr_quad_t LastLogon; 965fe1c642dSBill Krier samr_quad_t LastLogoff; 966fe1c642dSBill Krier samr_quad_t PasswordLastSet; 967fe1c642dSBill Krier samr_quad_t AccountExpires; 968fe1c642dSBill Krier samr_quad_t PasswordCanChange; 969fe1c642dSBill Krier samr_quad_t PasswordMustChange; 970fe1c642dSBill Krier samr_string_t UserName; 971fe1c642dSBill Krier samr_string_t FullName; 972fe1c642dSBill Krier samr_string_t HomeDirectory; 973fe1c642dSBill Krier samr_string_t HomeDirectoryDrive; 974fe1c642dSBill Krier samr_string_t ScriptPath; 975fe1c642dSBill Krier samr_string_t ProfilePath; 976fe1c642dSBill Krier samr_string_t AdminComment; 977fe1c642dSBill Krier samr_string_t WorkStations; 978fe1c642dSBill Krier samr_string_t UserComment; 979fe1c642dSBill Krier samr_string_t Parameters; 980fe1c642dSBill Krier struct samr_short_blob LmOwfPassword; 981fe1c642dSBill Krier struct samr_short_blob NtOwfPassword; 982fe1c642dSBill Krier samr_string_t PrivateData; 983fe1c642dSBill Krier samr_sd_t SecurityDescriptor; 984fe1c642dSBill Krier DWORD UserId; 985fe1c642dSBill Krier DWORD PrimaryGroupId; 986fe1c642dSBill Krier DWORD UserAccountControl; 987fe1c642dSBill Krier DWORD WhichFields; 988fe1c642dSBill Krier struct samr_logon_hours_all LogonHours; 989fe1c642dSBill Krier WORD BadPasswordCount; 990fe1c642dSBill Krier WORD LogonCount; 991fe1c642dSBill Krier WORD CountryCode; 992fe1c642dSBill Krier WORD CodePage; 993fe1c642dSBill Krier BYTE LmPasswordPresent; 994fe1c642dSBill Krier BYTE NtPasswordPresent; 995fe1c642dSBill Krier BYTE PasswordExpired; 996fe1c642dSBill Krier BYTE PrivateDataSensitive; 997fe1c642dSBill Krier}; 998da6c28aaSamw 9991ed6b69aSGordon Ross/* See also: fixup_samr_QueryUserInfo() */ 1000da6c28aaSamwunion QueryUserInfo_result_u { 1001da6c28aaSamw UNION_INFO_ENT(1,samr_QueryUserInfo); 1002da6c28aaSamw UNION_INFO_ENT(6,samr_QueryUserInfo); 1003da6c28aaSamw UNION_INFO_ENT(7,samr_QueryUserInfo); 1004da6c28aaSamw UNION_INFO_ENT(8,samr_QueryUserInfo); 1005da6c28aaSamw UNION_INFO_ENT(9,samr_QueryUserInfo); 1006da6c28aaSamw UNION_INFO_ENT(16,samr_QueryUserInfo); 1007fe1c642dSBill Krier UNION_INFO_ENT(21,samr_QueryUserInfo); 1008da6c28aaSamw DEFAULT char *nullptr; 1009da6c28aaSamw}; 1010da6c28aaSamw 1011da6c28aaSamw 1012da6c28aaSamw/* 1013da6c28aaSamw * This structure needs to be declared, even though it can't be used in 1014da6c28aaSamw * samr_QueryUserInfo, in order to get the appropriate size to calculate 1015da6c28aaSamw * the correct fixup offsets. If ndrgen did the right thing, 1016da6c28aaSamw * QueryUserInfo_result would be one of the out parameters. However, if 1017da6c28aaSamw * we do it that way, the switch_value isn't known early enough to do 1018da6c28aaSamw * the fixup calculation. So it all has to go in samr_QueryUserInfo. 1019da6c28aaSamw */ 1020da6c28aaSamwstruct QueryUserInfo_result { 1021da6c28aaSamw DWORD address; 1022da6c28aaSamw WORD switch_value; 1023da6c28aaSamw SWITCH(switch_value) 1024da6c28aaSamw union QueryUserInfo_result_u ru; 1025da6c28aaSamw}; 1026da6c28aaSamw 1027da6c28aaSamw 1028da6c28aaSamwOPERATION(SAMR_OPNUM_QueryUserInfo) 1029da6c28aaSamwstruct samr_QueryUserInfo { 1030da6c28aaSamw IN samr_handle_t user_handle; 1031da6c28aaSamw IN WORD switch_value; 1032da6c28aaSamw /* 1033da6c28aaSamw * Can't use this form because we need to include members explicitly. 1034da6c28aaSamw * OUT struct QueryUserInfo_result result; 1035da6c28aaSamw */ 1036da6c28aaSamw OUT DWORD address; 1037da6c28aaSamw OUT WORD switch_index; 1038da6c28aaSamw SWITCH(switch_value) 1039da6c28aaSamw OUT union QueryUserInfo_result_u ru; 1040da6c28aaSamw OUT DWORD status; 1041da6c28aaSamw}; 1042da6c28aaSamw 1043da6c28aaSamw 1044da6c28aaSamw/* 1045da6c28aaSamw *********************************************************************** 1046da6c28aaSamw * QueryUserGroups 1047da6c28aaSamw *********************************************************************** 1048da6c28aaSamw */ 1049da6c28aaSamwstruct samr_UserGroups { 1050da6c28aaSamw DWORD rid; 1051da6c28aaSamw DWORD attr; 1052da6c28aaSamw}; 1053da6c28aaSamw 1054da6c28aaSamw 1055da6c28aaSamwstruct samr_UserGroupInfo { 1056da6c28aaSamw DWORD n_entry; 1057da6c28aaSamw SIZE_IS(n_entry) 1058da6c28aaSamw struct samr_UserGroups *groups; 1059da6c28aaSamw}; 1060da6c28aaSamw 1061da6c28aaSamw 1062da6c28aaSamwOPERATION(SAMR_OPNUM_QueryUserGroups) 1063da6c28aaSamwstruct samr_QueryUserGroups { 1064da6c28aaSamw IN samr_handle_t user_handle; 1065da6c28aaSamw OUT struct samr_UserGroupInfo *info; 1066da6c28aaSamw OUT DWORD status; 1067da6c28aaSamw}; 1068da6c28aaSamw 1069da6c28aaSamw 1070da6c28aaSamw/* 1071da6c28aaSamw *********************************************************************** 1072da6c28aaSamw * LookupName 1073da6c28aaSamw *********************************************************************** 1074da6c28aaSamw */ 1075da6c28aaSamwstruct samr_LookupNameTable { 1076da6c28aaSamw DWORD n_entry; 1077da6c28aaSamw SIZE_IS(n_entry) 1078da6c28aaSamw samr_string_t names[ANY_SIZE_ARRAY]; 1079da6c28aaSamw}; 1080da6c28aaSamw 1081da6c28aaSamw 1082da6c28aaSamwstruct samr_LookupRidTable { 1083da6c28aaSamw DWORD n_entry; 1084da6c28aaSamw SIZE_IS(n_entry) 1085da6c28aaSamw DWORD *rid; 1086da6c28aaSamw}; 1087da6c28aaSamw 1088da6c28aaSamwstruct samr_RidType { 1089da6c28aaSamw DWORD n_entry; 1090da6c28aaSamw SIZE_IS(n_entry) 1091da6c28aaSamw DWORD *rid_type; 1092da6c28aaSamw}; 1093da6c28aaSamw 1094da6c28aaSamw 1095da6c28aaSamwOPERATION(SAMR_OPNUM_LookupNames) 1096da6c28aaSamwstruct samr_LookupNames { 1097da6c28aaSamw IN samr_handle_t handle; 1098da6c28aaSamw IN DWORD n_entry; 1099da6c28aaSamw IN DWORD max_n_entry; 1100da6c28aaSamw IN DWORD index; 1101da6c28aaSamw IN DWORD total; 1102da6c28aaSamw IN samr_string_t name; 1103da6c28aaSamw OUT struct samr_LookupRidTable rids; 1104da6c28aaSamw OUT struct samr_RidType rid_types; 1105da6c28aaSamw OUT DWORD status; 1106da6c28aaSamw}; 1107da6c28aaSamw 1108da6c28aaSamw 1109da6c28aaSamw/* 1110da6c28aaSamw *********************************************************************** 1111da6c28aaSamw * OpenGroup 1112da6c28aaSamw * 1113da6c28aaSamw * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain, 1114da6c28aaSamw * an access mask and the appropriate group rid. The output will be a 1115da6c28aaSamw * handle for use with the specified group. 1116da6c28aaSamw *********************************************************************** 1117da6c28aaSamw */ 1118da6c28aaSamwOPERATION(SAMR_OPNUM_OpenGroup) 1119da6c28aaSamwstruct samr_OpenGroup { 1120da6c28aaSamw IN samr_handle_t handle; 1121da6c28aaSamw IN DWORD access_mask; 1122da6c28aaSamw IN DWORD rid; 1123da6c28aaSamw OUT samr_handle_t group_handle; 1124da6c28aaSamw OUT DWORD status; 1125da6c28aaSamw}; 1126da6c28aaSamw 1127da6c28aaSamw 1128da6c28aaSamw/* 1129da6c28aaSamw *********************************************************************** 1130da6c28aaSamw * QueryGroupInfo 1131da6c28aaSamw * 1132da6c28aaSamw * Input must be a group handle obtained via SAMR_OPNUM_OpenGroup, 1133da6c28aaSamw * an access mask and the appropriate group rid. The output will 1134da6c28aaSamw * be a handle for use with the specified group. 1135da6c28aaSamw *********************************************************************** 1136da6c28aaSamw */ 1137da6c28aaSamwstruct samr_QueryGroupInfo1 { 1138da6c28aaSamw samr_string_t groupname; 1139da6c28aaSamw}; 1140da6c28aaSamw 1141da6c28aaSamw 1142da6c28aaSamwunion samr_QueryGroupInfo_result_u { 1143da6c28aaSamw UNION_INFO_ENT(1,samr_QueryGroupInfo); 1144da6c28aaSamw DEFAULT char *nullptr; 1145da6c28aaSamw}; 1146da6c28aaSamw 1147da6c28aaSamw 1148da6c28aaSamwstruct samr_QueryGroupInfo_result { 1149da6c28aaSamw DWORD address; 1150da6c28aaSamw WORD switch_index; 1151da6c28aaSamw SWITCH(switch_index) 1152da6c28aaSamw union samr_QueryGroupInfo_result_u ru; 1153da6c28aaSamw}; 1154da6c28aaSamw 1155da6c28aaSamw 1156da6c28aaSamwOPERATION(SAMR_OPNUM_QueryGroupInfo) 1157da6c28aaSamwstruct samr_QueryGroupInfo { 1158da6c28aaSamw IN samr_handle_t group_handle; 1159da6c28aaSamw IN DWORD switch_value; 1160da6c28aaSamw OUT DWORD address; 1161da6c28aaSamw OUT WORD switch_index; 1162da6c28aaSamw SWITCH(switch_index) 1163da6c28aaSamw OUT union samr_QueryGroupInfo_result_u ru; 1164da6c28aaSamw OUT DWORD status; 1165da6c28aaSamw}; 1166da6c28aaSamw 1167da6c28aaSamw 1168da6c28aaSamw/* 1169da6c28aaSamw *********************************************************************** 1170da6c28aaSamw * StoreGroupInfo 1171da6c28aaSamw * 1172da6c28aaSamw * This definition is mostly just a place holder in case this is useful 1173da6c28aaSamw * in the future. Note that it may not be correct. The information is 1174da6c28aaSamw * from a netmon trace captured when I added a group description. I 1175da6c28aaSamw * haven't implemented it because we don't have to update anything on 1176da6c28aaSamw * the PDC. The description should almost certainly be in a separate 1177da6c28aaSamw * structure. 1178da6c28aaSamw *********************************************************************** 1179da6c28aaSamw */ 1180da6c28aaSamwOPERATION(SAMR_OPNUM_StoreGroupInfo) 1181da6c28aaSamwstruct samr_StoreGroupInfo { 1182da6c28aaSamw IN samr_handle_t group_handle; 1183da6c28aaSamw IN DWORD switch_value; 1184da6c28aaSamw IN samr_string_t group_description; 1185da6c28aaSamw OUT DWORD status; 1186da6c28aaSamw}; 1187da6c28aaSamw 1188c5866007SKeyur Desai/* 1189c5866007SKeyur Desai * AddAliasMember 1190c5866007SKeyur Desai */ 1191c5866007SKeyur DesaiOPERATION(SAMR_OPNUM_AddAliasMember) 1192c5866007SKeyur Desaistruct samr_AddAliasMember { 1193c5866007SKeyur Desai IN samr_handle_t alias_handle; 1194c5866007SKeyur Desai IN REFERENCE struct samr_sid *sid; 1195c5866007SKeyur Desai OUT DWORD status; 1196c5866007SKeyur Desai}; 1197c5866007SKeyur Desai 1198c5866007SKeyur Desai/* 1199c5866007SKeyur Desai * DeleteAliasMember 1200c5866007SKeyur Desai */ 1201c5866007SKeyur DesaiOPERATION(SAMR_OPNUM_DeleteAliasMember) 1202c5866007SKeyur Desaistruct samr_DeleteAliasMember { 1203c5866007SKeyur Desai IN samr_handle_t alias_handle; 1204c5866007SKeyur Desai IN REFERENCE struct samr_sid *sid; 1205c5866007SKeyur Desai OUT DWORD status; 1206c5866007SKeyur Desai}; 1207c5866007SKeyur Desai 1208c5866007SKeyur Desaistruct samr_SidList { 1209c5866007SKeyur Desai struct samr_sid *sid; 1210c5866007SKeyur Desai}; 1211c5866007SKeyur Desai 1212c5866007SKeyur Desaistruct samr_SidInfo { 1213c5866007SKeyur Desai DWORD n_entry; 1214c5866007SKeyur Desai SIZE_IS(n_entry) 1215c5866007SKeyur Desai struct samr_SidList *sidlist; 1216c5866007SKeyur Desai}; 1217c5866007SKeyur Desai 1218c5866007SKeyur Desai/* 1219c5866007SKeyur Desai * ListAliasMembers 1220c5866007SKeyur Desai */ 1221c5866007SKeyur DesaiOPERATION(SAMR_OPNUM_ListAliasMembers) 1222c5866007SKeyur Desaistruct samr_ListAliasMembers { 1223c5866007SKeyur Desai IN samr_handle_t alias_handle; 1224c5866007SKeyur Desai OUT struct samr_SidInfo info; 1225c5866007SKeyur Desai OUT DWORD status; 1226c5866007SKeyur Desai}; 1227da6c28aaSamw 1228da6c28aaSamw/* 1229da6c28aaSamw *********************************************************************** 1230f96bd5c8SAlan Wright * GetUserDomainPasswordInformation 1231da6c28aaSamw *********************************************************************** 1232da6c28aaSamw */ 1233da6c28aaSamwOPERATION(SAMR_OPNUM_GetUserPwInfo) 1234da6c28aaSamwstruct samr_GetUserPwInfo { 1235f96bd5c8SAlan Wright IN samr_handle_t user_handle; 1236f96bd5c8SAlan Wright OUT REFERENCE samr_password_info_t *pwinfo; 1237f96bd5c8SAlan Wright OUT DWORD status; 1238da6c28aaSamw}; 1239da6c28aaSamw 1240da6c28aaSamw 1241da6c28aaSamw/* 1242da6c28aaSamw *********************************************************************** 1243da6c28aaSamw * CreateUser 1244da6c28aaSamw * 1245da6c28aaSamw * Create a user in the domain specified by the domain handle. The 1246a0aa776eSAlan Wright * domain handle is obtained obtained via SAMR_OPNUM_OpenDomain. 1247a0aa776eSAlan Wright * DesiredAccess: 0xe00500b0. 1248da6c28aaSamw * The output will be a handle for use with the specified user and the 1249a0aa776eSAlan Wright * user's RID. I think the RID may be a unique pointer (it can be null). 1250da6c28aaSamw *********************************************************************** 1251da6c28aaSamw */ 1252da6c28aaSamwOPERATION(SAMR_OPNUM_CreateUser) 1253da6c28aaSamwstruct samr_CreateUser { 1254da6c28aaSamw IN samr_handle_t handle; 1255da6c28aaSamw IN samr_vcbuf_t username; 1256da6c28aaSamw IN DWORD account_flags; 1257a0aa776eSAlan Wright IN DWORD desired_access; 1258da6c28aaSamw OUT samr_handle_t user_handle; 1259da6c28aaSamw OUT DWORD maybe_ptr; 1260da6c28aaSamw OUT DWORD rid; 1261da6c28aaSamw OUT DWORD status; 1262da6c28aaSamw}; 1263da6c28aaSamw 1264da6c28aaSamw 1265da6c28aaSamw/* 1266da6c28aaSamw *********************************************************************** 12671ed6b69aSGordon Ross * ChangePasswordUser2 - See: 12681ed6b69aSGordon Ross * SamrUnicodeChangePasswordUser2 [MS-SAMR 3.1.5.10.3] 1269da6c28aaSamw *********************************************************************** 1270da6c28aaSamw */ 1271da6c28aaSamw 12721ed6b69aSGordon RossOPERATION(SAMR_OPNUM_ChangePasswordUser2) 12731ed6b69aSGordon Rossstruct samr_ChangePasswordUser2 { 12741ed6b69aSGordon Ross IN samr_string_t *servername; 12751ed6b69aSGordon Ross IN REF samr_string_t *username; 12761ed6b69aSGordon Ross IN struct samr_encr_passwd *nt_newpw; 12771ed6b69aSGordon Ross IN struct samr_encr_hash *nt_oldpw; 12781ed6b69aSGordon Ross IN BYTE lm_present; 12791ed6b69aSGordon Ross IN struct samr_encr_passwd *lm_newpw; 12801ed6b69aSGordon Ross IN struct samr_encr_hash *lm_oldpw; 1281da6c28aaSamw OUT DWORD status; 1282da6c28aaSamw}; 1283da6c28aaSamw 1284da6c28aaSamw 1285da6c28aaSamw/* 1286da6c28aaSamw *********************************************************************** 1287da6c28aaSamw * GetDomainPwInfo 1288da6c28aaSamw *********************************************************************** 1289da6c28aaSamw */ 1290da6c28aaSamwOPERATION(SAMR_OPNUM_GetDomainPwInfo) 1291da6c28aaSamwstruct samr_GetDomainPwInfo { 1292f96bd5c8SAlan Wright IN DWORD unused; 1293f96bd5c8SAlan Wright OUT REFERENCE samr_password_info_t *pwinfo; 1294f96bd5c8SAlan Wright OUT DWORD status; 1295da6c28aaSamw}; 1296da6c28aaSamw 1297da6c28aaSamw 1298da6c28aaSamw/* 1299da6c28aaSamw *********************************************************************** 1300da6c28aaSamw * SetUserInfo 13011ed6b69aSGordon Ross * [MS-SAMR] SamrSetInformationUser2 1302da6c28aaSamw *********************************************************************** 1303da6c28aaSamw */ 1304da6c28aaSamw 13051ed6b69aSGordon Ross/* USER_CONTROL_INFORMATION */ 13061ed6b69aSGordon Rossstruct samr_SetUserInfo16 { 13071ed6b69aSGordon Ross DWORD UserAccountControl; 13081ed6b69aSGordon Ross}; 13091ed6b69aSGordon Ross 13101ed6b69aSGordon Ross 13111ed6b69aSGordon Ross/* 13121ed6b69aSGordon Ross * samr_SetUserInfo21, a.k.a 13131ed6b69aSGordon Ross * SAMR_USER_ALL_INFORMATION 13141ed6b69aSGordon Ross * 13151ed6b69aSGordon Ross * We now know this is the same as samr_QueryUserInfo21 13161ed6b69aSGordon Ross * Could merge, except for the samr_vcbuf_t mess. 13171ed6b69aSGordon Ross */ 13181ed6b69aSGordon Ross 13191ed6b69aSGordon Ross#define SAMR_SET_USER_INFO_21 21 13201ed6b69aSGordon Ross 13211ed6b69aSGordon Rossstruct samr_SetUserInfo21 { 13221ed6b69aSGordon Ross samr_quad_t LastLogon; 13231ed6b69aSGordon Ross samr_quad_t LastLogoff; 13241ed6b69aSGordon Ross samr_quad_t PasswordLastSet; 13251ed6b69aSGordon Ross samr_quad_t AccountExpires; 13261ed6b69aSGordon Ross samr_quad_t PasswordCanChange; 13271ed6b69aSGordon Ross samr_quad_t PasswordMustChange; 13281ed6b69aSGordon Ross 13291ed6b69aSGordon Ross samr_vcbuf_t UserName; 13301ed6b69aSGordon Ross samr_vcbuf_t FullName; 13311ed6b69aSGordon Ross samr_vcbuf_t HomeDirectory; 13321ed6b69aSGordon Ross samr_vcbuf_t HomeDirectoryDrive; 13331ed6b69aSGordon Ross samr_vcbuf_t ScriptPath; 13341ed6b69aSGordon Ross samr_vcbuf_t ProfilePath; 13351ed6b69aSGordon Ross samr_vcbuf_t AdminComment; 13361ed6b69aSGordon Ross samr_vcbuf_t WorkStations; 13371ed6b69aSGordon Ross samr_vcbuf_t UserComment; 13381ed6b69aSGordon Ross samr_vcbuf_t Parameters; 13391ed6b69aSGordon Ross 13401ed6b69aSGordon Ross struct samr_short_blob LmOwfPassword; 13411ed6b69aSGordon Ross struct samr_short_blob NtOwfPassword; 13421ed6b69aSGordon Ross samr_vcbuf_t PrivateData; 13431ed6b69aSGordon Ross samr_sd_t SecurityDescriptor; 13441ed6b69aSGordon Ross 13451ed6b69aSGordon Ross DWORD UserId; /* RID */ 13461ed6b69aSGordon Ross DWORD PrimaryGroupId; 13471ed6b69aSGordon Ross DWORD UserAccountControl; 13481ed6b69aSGordon Ross DWORD WhichFields; 1349da6c28aaSamw 1350da6c28aaSamw /* 13511ed6b69aSGordon Ross * This should be samr_logon_hours_all, but apparently 13521ed6b69aSGordon Ross * ndrgen doesn't get that quite right, so instead, the 13531ed6b69aSGordon Ross * client-side code patches this up. 1354da6c28aaSamw */ 13551ed6b69aSGordon Ross struct samr_logon_info LogonHours; 13561ed6b69aSGordon Ross 13571ed6b69aSGordon Ross WORD BadPasswordCount; 13581ed6b69aSGordon Ross WORD LogonCount; 13591ed6b69aSGordon Ross WORD CountryCode; 13601ed6b69aSGordon Ross WORD CodePage; 13611ed6b69aSGordon Ross BYTE LmPasswordPresent; 13621ed6b69aSGordon Ross BYTE NtPasswordPresent; 13631ed6b69aSGordon Ross BYTE PasswordExpired; 13641ed6b69aSGordon Ross BYTE PrivateDataSensitive; 13651ed6b69aSGordon Ross}; 13661ed6b69aSGordon Ross 13671ed6b69aSGordon Ross/* 13681ed6b69aSGordon Ross * SAMPR_USER_INTERNAL4_INFORMATION 13691ed6b69aSGordon Ross * UserInternal4Information (23) 13701ed6b69aSGordon Ross */ 13711ed6b69aSGordon Ross#define SAMR_SET_USER_INFO_23 23 13721ed6b69aSGordon Rossstruct samr_SetUserInfo23 { 13731ed6b69aSGordon Ross struct samr_SetUserInfo21 info21; 13741ed6b69aSGordon Ross struct samr_encr_passwd encr_pw; 13751ed6b69aSGordon Ross}; 13761ed6b69aSGordon Ross 13771ed6b69aSGordon Ross/* 13781ed6b69aSGordon Ross * SAMPR_USER_INTERNAL5_INFORMATION 13791ed6b69aSGordon Ross * UserInternal5Information (24) 13801ed6b69aSGordon Ross */ 13811ed6b69aSGordon Ross#define SAMR_SET_USER_INFO_24 24 13821ed6b69aSGordon Rossstruct samr_SetUserInfo24 { 13831ed6b69aSGordon Ross struct samr_encr_passwd encr_pw; 13841ed6b69aSGordon Ross BYTE password_expired; 1385da6c28aaSamw}; 1386da6c28aaSamw 1387da6c28aaSamw 1388da6c28aaSamwunion samr_SetUserInfo_u { 13891ed6b69aSGordon Ross UNION_INFO_ENT(16,samr_SetUserInfo); 13901ed6b69aSGordon Ross UNION_INFO_ENT(21,samr_SetUserInfo); 1391da6c28aaSamw UNION_INFO_ENT(23,samr_SetUserInfo); 13921ed6b69aSGordon Ross UNION_INFO_ENT(24,samr_SetUserInfo); 13931ed6b69aSGordon Ross DEFAULT DWORD nothing; 1394da6c28aaSamw}; 1395da6c28aaSamw 1396da6c28aaSamwstruct samr_SetUserInfo_s { 13971ed6b69aSGordon Ross WORD info_level; 1398da6c28aaSamw WORD switch_value; 1399da6c28aaSamw SWITCH(switch_value) 1400da6c28aaSamw union samr_SetUserInfo_u ru; 1401da6c28aaSamw}; 1402da6c28aaSamw 1403da6c28aaSamwOPERATION(SAMR_OPNUM_SetUserInfo) 1404da6c28aaSamwstruct samr_SetUserInfo { 1405da6c28aaSamw IN samr_handle_t user_handle; 1406da6c28aaSamw IN struct samr_SetUserInfo_s info; 1407da6c28aaSamw OUT DWORD status; 1408da6c28aaSamw}; 1409da6c28aaSamw 1410da6c28aaSamw 1411da6c28aaSamw/* 1412da6c28aaSamw *********************************************************************** 1413da6c28aaSamw * The SAMR interface definition. 1414da6c28aaSamw *********************************************************************** 1415da6c28aaSamw */ 1416da6c28aaSamwINTERFACE(0) 1417da6c28aaSamwunion samr_interface { 1418cb174861Sjoyce mcintosh CASE(SAMR_OPNUM_Connect) 1419cb174861Sjoyce mcintosh struct samr_Connect Connect; 1420da6c28aaSamw CASE(SAMR_OPNUM_CloseHandle) 1421da6c28aaSamw struct samr_CloseHandle CloseHandle; 1422*9242c919SMatt Barden CASE(SAMR_OPNUM_QuerySecObject) 1423*9242c919SMatt Barden struct samr_QuerySecObject QuerySecObject; 1424da6c28aaSamw CASE(SAMR_OPNUM_LookupDomain) 1425da6c28aaSamw struct samr_LookupDomain LookupDomain; 1426da6c28aaSamw CASE(SAMR_OPNUM_EnumLocalDomains) 1427da6c28aaSamw struct samr_EnumLocalDomain EnumLocalDomain; 1428da6c28aaSamw CASE(SAMR_OPNUM_OpenDomain) 1429da6c28aaSamw struct samr_OpenDomain OpenDomain; 1430da6c28aaSamw CASE(SAMR_OPNUM_QueryDomainInfo) 1431da6c28aaSamw struct samr_QueryDomainInfo QueryDomainInfo; 1432f96bd5c8SAlan Wright CASE(SAMR_OPNUM_QueryInfoDomain2) 1433f96bd5c8SAlan Wright struct samr_QueryInfoDomain2 QueryInfoDomain2; 1434da6c28aaSamw CASE(SAMR_OPNUM_LookupNames) 1435da6c28aaSamw struct samr_LookupNames LookupNames; 1436da6c28aaSamw CASE(SAMR_OPNUM_OpenUser) 1437da6c28aaSamw struct samr_OpenUser OpenUser; 1438da6c28aaSamw CASE(SAMR_OPNUM_DeleteUser) 1439da6c28aaSamw struct samr_DeleteUser DeleteUser; 1440da6c28aaSamw CASE(SAMR_OPNUM_QueryUserInfo) 1441da6c28aaSamw struct samr_QueryUserInfo QueryUserInfo; 1442da6c28aaSamw CASE(SAMR_OPNUM_QueryUserGroups) 1443da6c28aaSamw struct samr_QueryUserGroups QueryUserGroups; 1444da6c28aaSamw CASE(SAMR_OPNUM_OpenGroup) 1445da6c28aaSamw struct samr_OpenGroup OpenGroup; 1446c5866007SKeyur Desai CASE(SAMR_OPNUM_AddAliasMember) 1447c5866007SKeyur Desai struct samr_AddAliasMember AddAliasMember; 1448c5866007SKeyur Desai CASE(SAMR_OPNUM_DeleteAliasMember) 1449c5866007SKeyur Desai struct samr_DeleteAliasMember DeleteAliasMember; 1450c5866007SKeyur Desai CASE(SAMR_OPNUM_ListAliasMembers) 1451c5866007SKeyur Desai struct samr_ListAliasMembers ListAliasMembers; 1452da6c28aaSamw CASE(SAMR_OPNUM_GetUserPwInfo) 1453da6c28aaSamw struct samr_GetUserPwInfo GetUserPwInfo; 1454da6c28aaSamw CASE(SAMR_OPNUM_CreateUser) 1455da6c28aaSamw struct samr_CreateUser CreateUser; 14561ed6b69aSGordon Ross CASE(SAMR_OPNUM_ChangePasswordUser2) 14571ed6b69aSGordon Ross struct samr_ChangePasswordUser2 ChangePasswordUser2; 1458da6c28aaSamw CASE(SAMR_OPNUM_GetDomainPwInfo) 1459da6c28aaSamw struct samr_GetDomainPwInfo GetDomainPwInfo; 1460cb174861Sjoyce mcintosh CASE(SAMR_OPNUM_Connect2) 1461cb174861Sjoyce mcintosh struct samr_Connect2 Connect2; 1462da6c28aaSamw CASE(SAMR_OPNUM_SetUserInfo) 1463da6c28aaSamw struct samr_SetUserInfo SetUserInfo; 1464da6c28aaSamw CASE(SAMR_OPNUM_Connect4) 1465da6c28aaSamw struct samr_Connect4 Connect4; 1466cb174861Sjoyce mcintosh CASE(SAMR_OPNUM_Connect5) 1467cb174861Sjoyce mcintosh struct samr_Connect5 Connect5; 1468da6c28aaSamw CASE(SAMR_OPNUM_QueryDispInfo) 1469da6c28aaSamw struct samr_QueryDispInfo QueryDispInfo; 1470da6c28aaSamw CASE(SAMR_OPNUM_OpenAlias) 1471da6c28aaSamw struct samr_OpenAlias OpenAlias; 1472da6c28aaSamw CASE(SAMR_OPNUM_CreateDomainAlias) 1473da6c28aaSamw struct samr_CreateDomainAlias CreateDomainAlias; 1474da6c28aaSamw CASE(SAMR_OPNUM_SetAliasInfo) 1475da6c28aaSamw struct samr_SetAliasInfo SetAliasInfo; 1476da6c28aaSamw CASE(SAMR_OPNUM_QueryAliasInfo) 1477da6c28aaSamw struct samr_QueryAliasInfo QueryAliasInfo; 1478da6c28aaSamw CASE(SAMR_OPNUM_DeleteDomainAlias) 1479da6c28aaSamw struct samr_DeleteDomainAlias DeleteDomainAlias; 1480da6c28aaSamw CASE(SAMR_OPNUM_EnumDomainAliases) 1481da6c28aaSamw struct samr_EnumDomainAliases EnumDomainAliases; 1482da6c28aaSamw CASE(SAMR_OPNUM_EnumDomainGroups) 1483da6c28aaSamw struct samr_EnumDomainGroups EnumDomainGroups; 1484da6c28aaSamw}; 1485da6c28aaSamwtypedef union samr_interface samr_interface_t; 1486da6c28aaSamwEXTERNTYPEINFO(samr_interface) 1487da6c28aaSamw 1488da6c28aaSamw#endif /* _MLSVC_SAM_NDL_ */ 1489