xref: /illumos-gate/usr/src/uts/common/smbsrv/ndl/netlogon.ndl (revision 051aabe6136ff13e81542a427e9693ffe1503525) 
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef _MLSVC_NETR_NDL_
27#define _MLSVC_NETR_NDL_
28
29#pragma ident	"%Z%%M%	%I%	%E% SMI"
30
31/*
32 ***********************************************************************
33 *
34 * NetLogon RPC (NETR) interface definition.
35 *
36 ***********************************************************************
37 */
38
39#include "ndrtypes.ndl"
40
41
42#define NETR_OPNUM_UasLogon			0x00
43#define NETR_OPNUM_UasLogoff			0x01
44#define NETR_OPNUM_SamLogon			0x02
45#define NETR_OPNUM_SamLogoff			0x03
46#define NETR_OPNUM_ServerReqChallenge		0x04
47#define NETR_OPNUM_ServerAuthenticate		0x05
48#define NETR_OPNUM_ServerPasswordSet		0x06
49#define NETR_OPNUM_DatabaseDeltas		0x07
50#define NETR_OPNUM_DatabaseSync			0x08
51#define NETR_OPNUM_AccountDeltas		0x09
52#define NETR_OPNUM_AccountSync			0x0a
53#define NETR_OPNUM_GetDCName			0x0b
54#define NETR_OPNUM_LogonControl			0x0c
55#define NETR_OPNUM_GetAnyDCName			0x0d
56#define NETR_OPNUM_LogonControl2		0x0E
57#define NETR_OPNUM_ServerAuthenticate2		0x0F
58#define NETR_OPNUM_DatabaseSync2		0x10
59#define NETR_OPNUM_DatabaseRedo			0x11
60#define NETR_OPNUM_LogonControl2Ex		0x12
61#define NETR_OPNUM_TrustDomainList		0x13
62
63
64struct netr_sid {
65	BYTE		Revision;
66	BYTE		SubAuthCount;
67	BYTE		Authority[6];
68  SIZE_IS(SubAuthCount)
69	DWORD		SubAuthority[ANY_SIZE_ARRAY];
70};
71
72
73struct netr_string {
74	WORD		length;
75	WORD		allosize;
76	LPTSTR		str;
77};
78typedef struct netr_string netr_string_t;
79
80
81/*
82 * Alternative varying/conformant string definition - for
83 * non-null terminated strings. This definition must match
84 * mlrpc_vcbuf_t.
85 */
86struct netr_vcb {
87	/*
88	 * size_is (actually a copy of length_is) will
89	 * be inserted here by the marshalling library.
90	 */
91	DWORD vc_first_is;
92	DWORD vc_length_is;
93  SIZE_IS(vc_length_is)
94	WORD buffer[ANY_SIZE_ARRAY];
95};
96
97struct netr_vcbuf {
98	WORD wclen;
99	WORD wcsize;
100	struct netr_vcb *vcb;
101};
102typedef struct netr_vcbuf netr_vcbuf_t;
103
104
105struct netr_credential {
106	BYTE data[8];
107};
108
109
110struct netr_authenticator {
111	struct netr_credential credential;
112	DWORD timestamp;
113};
114typedef struct netr_authenticator netr_auth_t;
115
116
117struct OLD_LARGE_INTEGER {
118	DWORD LowPart;
119	DWORD HighPart;
120};
121typedef struct OLD_LARGE_INTEGER netr_int64_t;
122
123
124struct OWF_PASSWORD {
125	BYTE data[16];
126};
127typedef struct OWF_PASSWORD netr_owf_password_t;
128
129
130struct CYPHER_BLOCK {
131	BYTE data[8];
132};
133
134
135struct USER_SESSION_KEY {
136	struct CYPHER_BLOCK data[2];
137};
138
139
140
141
142/*
143 ***********************************************************************
144 * ServerReqChallenge
145 ***********************************************************************
146 */
147ALIGN(2)
148OPERATION(NETR_OPNUM_ServerReqChallenge)
149struct netr_ServerReqChallenge {
150	IN		LPTSTR servername;
151	IN REFERENCE	LPTSTR hostname;
152	IN		struct netr_credential client_challenge;
153	OUT		struct netr_credential server_challenge;
154	OUT		DWORD status;
155};
156
157
158/*
159 ***********************************************************************
160 * ServerAuthenticate2
161 ***********************************************************************
162 */
163ALIGN(2)
164OPERATION(NETR_OPNUM_ServerAuthenticate2)
165struct netr_ServerAuthenticate2 {
166	IN		LPTSTR servername;
167	IN REFERENCE	LPTSTR account_name;
168	IN		WORD account_type;
169	IN REFERENCE	LPTSTR hostname;
170	IN		struct netr_credential client_credential;
171	OUT		struct netr_credential server_credential;
172	INOUT	DWORD negotiate_flags;
173	OUT		DWORD status;
174};
175
176
177/*
178 ***********************************************************************
179 * ServerPasswordSet
180 ***********************************************************************
181 */
182ALIGN(2)
183OPERATION(NETR_OPNUM_ServerPasswordSet)
184struct netr_PasswordSet {
185	IN		LPTSTR servername;
186	IN REFERENCE	LPTSTR account_name;
187	IN		WORD account_type;
188	IN REFERENCE	LPTSTR hostname;
189	INOUT	struct netr_authenticator auth;
190	IN		netr_owf_password_t uas_new_password;
191	OUT		DWORD status;
192};
193
194
195/*
196 ***********************************************************************
197 * SamLogon
198 ***********************************************************************
199 */
200
201/*
202 * The challenge-response data should always be 24 bytes.
203 */
204#define NETR_CR_PASSWORD_SIZE			24
205
206
207struct lm_challenge {
208	BYTE data[8];
209};
210typedef struct lm_challenge lm_challenge_t;
211
212
213struct netr_response {
214	DWORD 	length;
215	DWORD	start;
216	DWORD 	max_length;
217	BYTE	data[NETR_CR_PASSWORD_SIZE];
218};
219typedef struct netr_response netr_response_t;
220
221
222struct netr_response_desc {
223	WORD 	length;
224	WORD	max_length;
225	netr_response_t *data;
226};
227typedef struct netr_response_desc netr_response_desc_t;
228
229/*
230 * Input data
231 */
232struct netr_logon_identity_info {
233	netr_vcbuf_t domain_name;
234	DWORD parameter_control;
235	struct OLD_LARGE_INTEGER logon_id;
236	netr_vcbuf_t username;
237	netr_vcbuf_t workstation;
238};
239typedef struct netr_logon_identity_info netr_logon_id_t;
240
241
242/*
243 * Level 1: interactive logon
244 */
245struct netr_logon_info1 {
246	netr_logon_id_t identity;
247	netr_owf_password_t lm_owf_password;
248	netr_owf_password_t nt_owf_password;
249};
250
251
252/*
253 * Level 2: network logon.
254 */
255struct netr_logon_info2 {
256	netr_logon_id_t identity;
257	lm_challenge_t lm_challenge;
258	netr_response_desc_t nt_response;
259	netr_response_desc_t lm_response;
260};
261
262
263union netr_logon_info_u {
264	UNION_INFO_PTR(1,netr_logon_info);
265	UNION_INFO_PTR(2,netr_logon_info);
266	DEFAULT	DWORD nothing;
267};
268
269
270struct netr_login_info {
271	WORD logon_level;
272	WORD switch_value;
273  SWITCH(switch_value)
274	union netr_logon_info_u ru;
275};
276
277
278/*
279 * Output data
280 */
281struct netr_group_membership {
282	DWORD rid;
283	DWORD attributes;
284};
285
286
287struct netr_sid_and_attributes {
288	struct netr_sid *sid;
289	DWORD attributes;
290};
291
292
293struct netr_validation_info3 {
294	struct OLD_LARGE_INTEGER LogonTime;
295	struct OLD_LARGE_INTEGER LogoffTime;
296	struct OLD_LARGE_INTEGER KickOffTime;
297	struct OLD_LARGE_INTEGER PasswordLastSet;
298	struct OLD_LARGE_INTEGER PasswordCanChange;
299	struct OLD_LARGE_INTEGER PasswordMustChange;
300	netr_string_t EffectiveName;
301	netr_string_t FullName;
302	netr_string_t LogonScript;
303	netr_string_t ProfilePath;
304	netr_string_t HomeDirectory;
305	netr_string_t HomeDirectoryDrive;
306	WORD LogonCount;
307	WORD BadPasswordCount;
308	DWORD UserId;
309	DWORD PrimaryGroupId;
310	DWORD GroupCount;
311  SIZE_IS(GroupCount)
312	struct netr_group_membership *GroupIds;
313	DWORD UserFlags;
314	struct USER_SESSION_KEY UserSessionKey;
315	netr_string_t LogonServer;
316	netr_string_t LogonDomainName;
317	struct netr_sid *LogonDomainId;
318	DWORD ExpansionRoom[10];
319	DWORD SidCount;
320  SIZE_IS(SidCount)
321	struct netr_sid_and_attributes *ExtraSids;
322};
323
324
325union netr_validation_u {
326	CASE(3) struct netr_validation_info3 *info3;
327	DEFAULT	DWORD nothing;
328};
329
330
331/*
332 * This structure needs to be declared, even though it can't be used
333 * in netr_SamLogon, in order to get the appropriate size to calculate
334 * the correct fixup offsets.  If ndrgen did the right thing,
335 * netr_validation_info would be one of the out parameters. However,
336 * if we do it that way, the switch_value isn't known early enough to
337 * do the fixup calculation. So it all has to go in netr_SamLogon.
338 */
339struct netr_validation_info {
340	WORD validation_level;
341  SWITCH(validation_level)
342	union netr_validation_u ru;
343};
344
345
346/*
347 * WARNING
348 *
349 * Validation_level is really a WORD and authoritative is really a
350 * BYTE. They are declared as DWORD here due to the way things are
351 * unmarshalled. NT does not clear out the unused bytes in the
352 * DWORD so they must be cast to get the correct value.
353 */
354OPERATION(NETR_OPNUM_SamLogon)
355struct netr_SamLogon {
356	IN		LPTSTR servername;
357	IN		LPTSTR hostname;
358	IN		struct netr_authenticator *auth;
359	INOUT	struct netr_authenticator *ret_auth;
360	IN		struct netr_login_info logon_info;
361	INOUT	WORD validation_level;
362  SWITCH(validation_level)
363	OUT		union netr_validation_u ru;
364	OUT		DWORD authoritative;
365	OUT		DWORD status;
366};
367
368
369/*
370 ***********************************************************************
371 * SamLogoff
372 ***********************************************************************
373 */
374OPERATION(NETR_OPNUM_SamLogoff)
375struct netr_SamLogoff {
376	IN		LPTSTR servername;
377	IN REFERENCE	LPTSTR hostname;
378	IN		struct netr_authenticator auth;
379	INOUT	struct netr_authenticator ret_auth;
380	IN		DWORD logon_level;
381  SWITCH(logon_level)
382	IN		union netr_logon_info_u ru;
383	OUT		DWORD status;
384};
385
386
387/*
388 ***********************************************************************
389 * The NETR interface definition.
390 ***********************************************************************
391 */
392INTERFACE(0)
393union netr_interface {
394	CASE(NETR_OPNUM_ServerReqChallenge)
395		struct netr_ServerReqChallenge		ServerReqChallenge;
396	CASE(NETR_OPNUM_ServerAuthenticate2)
397		struct netr_ServerAuthenticate2		ServerAuthenticate2;
398	CASE(NETR_OPNUM_SamLogon)
399		struct netr_SamLogon			SamLogon;
400	CASE(NETR_OPNUM_SamLogoff)
401		struct netr_SamLogoff			SamLogoff;
402	CASE(NETR_OPNUM_ServerPasswordSet)
403		struct netr_PasswordSet			PasswordSet;
404};
405typedef union netr_interface netr_interface_t;
406EXTERNTYPEINFO(netr_interface)
407
408#endif /* _MLSVC_NETR_NDL_ */
409