xref: /titanic_41/usr/src/uts/common/smbsrv/ndl/samrpc.ndl (revision bbb1277b6ec1b0daad4e3ed1a2b891d3e2ece2eb) 
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef _MLSVC_SAM_NDL_
27#define _MLSVC_SAM_NDL_
28
29/*
30 * Security Accounts Manager RPC (SAMR) interface definition.
31 */
32
33#include "ndrtypes.ndl"
34
35/* Windows NT */
36#define SAMR_OPNUM_ConnectAnon			0x00	/* SamrConnect */
37#define SAMR_OPNUM_CloseHandle			0x01
38#define SAMR_OPNUM_SetSecObject			0x02
39#define SAMR_OPNUM_QuerySecObject		0x03
40#define SAMR_OPNUM_ShutdownSamServer		0x04	/* NotUsedOnWire */
41#define SAMR_OPNUM_LookupDomain			0x05
42#define SAMR_OPNUM_EnumLocalDomains		0x06
43#define SAMR_OPNUM_OpenDomain			0x07
44#define SAMR_OPNUM_QueryDomainInfo		0x08
45#define SAMR_OPNUM_SetDomainInfo		0x09
46#define SAMR_OPNUM_CreateDomainGroup		0x0a
47#define SAMR_OPNUM_QueryDomainGroups		0x0b
48#define SAMR_OPNUM_CreateDomainUser		0x0c
49#define SAMR_OPNUM_EnumDomainUsers		0x0d
50#define SAMR_OPNUM_CreateDomainAlias		0x0e
51#define SAMR_OPNUM_EnumDomainAliases		0x0f
52#define SAMR_OPNUM_LookupIds			0x10	/* GetAliasMembership */
53#define SAMR_OPNUM_LookupNames			0x11
54#define SAMR_OPNUM_LookupDomainIds		0x12
55#define SAMR_OPNUM_OpenGroup			0x13
56#define SAMR_OPNUM_QueryGroupInfo		0x14
57#define SAMR_OPNUM_StoreGroupInfo		0x15
58#define SAMR_OPNUM_AddGroupMember		0x16
59#define SAMR_OPNUM_DeleteDomainGroup		0x17
60#define SAMR_OPNUM_DeleteGroupMember		0x18
61#define SAMR_OPNUM_ListGroupMembers		0x19
62#define SAMR_OPNUM_SetGroupMemberAttributes	0x1a
63#define SAMR_OPNUM_OpenAlias			0x1b
64#define SAMR_OPNUM_QueryAliasInfo		0x1c
65#define SAMR_OPNUM_SetAliasInfo			0x1d
66#define SAMR_OPNUM_DeleteDomainAlias		0x1e
67#define SAMR_OPNUM_AddAliasMember		0x1f
68#define SAMR_OPNUM_DeleteAliasMember		0x20
69#define SAMR_OPNUM_QueryAliasMember		0x21
70#define SAMR_OPNUM_OpenUser			0x22
71#define SAMR_OPNUM_DeleteUser			0x23
72#define SAMR_OPNUM_QueryUserInfo		0x24
73#define SAMR_OPNUM_SetUserInfo0			0x25	/* SetUserInfo */
74#define SAMR_OPNUM_ChangeUserPassword0		0x26	/* ChangeUserPassword */
75#define SAMR_OPNUM_QueryUserGroups		0x27
76#define SAMR_OPNUM_QueryDispInfo		0x28	/* QueryDispInfo1 */
77#define	SAMR_OPNUM_GetDisplayEnumIndex		0x29
78#define	SAMR_OPNUM_TestPrivateDomainFunctions	0x2a	/* NotUsedOnWire */
79#define	SAMR_OPNUM_TestPrivateUserFunctions	0x2b	/* NotUsedOnWire */
80#define SAMR_OPNUM_GetUserPwInfo		0x2c
81
82/* Windows 2000 */
83#define	SAMR_OPNUM_RemoveMemberFromForeignDomain        0x2d
84#define	SAMR_OPNUM_QueryInfoDomain2		0x2e
85#define	SAMR_OPNUM_QueryInfoUser2		0x2f
86#define	SAMR_OPNUM_EnumDomainGroups		0x30    /* QueryDispInfo2 */
87#define	SAMR_OPNUM_GetDisplayEnumIndex2		0x31
88#define	SAMR_OPNUM_CreateUser			0x32
89#define	SAMR_OPNUM_QueryDispInfo4		0x33
90#define	SAMR_OPNUM_AddMultipleAliasMembers	0x34
91#define	SAMR_OPNUM_RemoveMultipleAliasMembers	0x35
92#define	SAMR_OPNUM_ChangeUserOemPassword	0x36
93#define SAMR_OPNUM_ChangeUserPasswd		0x37	/* UnicodePasswd */
94#define SAMR_OPNUM_GetDomainPwInfo		0x38
95#define SAMR_OPNUM_Connect			0x39	/* SamrConnect2 */
96#define SAMR_OPNUM_SetUserInfo			0x3a
97#define	SAMR_OPNUM_SetBootKeyInformation	0x3b
98#define	SAMR_OPNUM_GetBootKeyInformation	0x3c
99#define	SAMR_OPNUM_Connect2			0x3d	/* SamrConnect3 */
100#define	SAMR_OPNUM_Connect3			0x3e	/* SamrConnect4 */
101#define	SAMR_OPNUM_ChangeUserUnicodePassword3	0x3f
102
103/* Windows XP and Windows Server 2003 */
104#define	SAMR_OPNUM_Connect4			0x40	/* SamrConnect5 */
105#define	SAMR_OPNUM_RidToSid                     0x41
106#define	SAMR_OPNUM_SetDSRMPassword              0x42
107#define	SAMR_OPNUM_ValidatePassword             0x43
108
109/* Windows Vista */
110#define SAMR_OPNUM_QueryLocalizableAccountsInDomain     0x44
111#define SAMR_OPNUM_PerformGenericOperation              0x45
112
113
114/*
115 * UNION_INFO_ENT is intended to simplify adding new entries to a union.
116 * If the entry structures are named using the form samr_QueryUserInfoX,
117 * where X is the sitch_value, you can just add a single line. Note
118 * that you must also update the fixup function in mlsvc_sam.c.
119 */
120#define UNION_INFO_ENT(N,NAME) CASE(N) struct NAME##N info##N
121
122
123/*
124 * Sam account flags used when creating an account. These flags seem
125 * to be very similar to the USER_INFO_X flags (UF_XXX) in lmaccess.h
126 * but the values are different.
127 */
128#define SAMR_AF_ACCOUNTDISABLE			0x0001
129#define SAMR_AF_HOMEDIR_REQUIRED		0x0002
130#define SAMR_AF_PASSWD_NOTREQD			0x0004
131#define SAMR_AF_TEMP_DUPLICATE_ACCOUNT		0x0008
132#define SAMR_AF_NORMAL_ACCOUNT			0x0010
133#define SAMR_AF_MNS_LOGON_ACCOUNT		0x0020
134#define SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT	0x0040
135#define SAMR_AF_WORKSTATION_TRUST_ACCOUNT	0x0080
136#define SAMR_AF_SERVER_TRUST_ACCOUNT		0x0100
137#define SAMR_AF_DONT_EXPIRE_PASSWD		0x0200
138#define SAMR_AF_ACCOUNT_AUTOLOCK		0x0400
139
140
141#define SAMR_AF_MACHINE_ACCOUNT_MASK	( \
142				SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT \
143				| SAMR_AF_WORKSTATION_TRUST_ACCOUNT \
144				| SAMR_AF_SERVER_TRUST_ACCOUNT)
145
146#define SAMR_AF_ACCOUNT_TYPE_MASK	( \
147				SAMR_AF_TEMP_DUPLICATE_ACCOUNT \
148				| SAMR_AF_NORMAL_ACCOUNT \
149				| SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT \
150				| SAMR_AF_WORKSTATION_TRUST_ACCOUNT \
151				| SAMR_AF_SERVER_TRUST_ACCOUNT)
152
153/*
154 * QueryUserInfo UserAllInformation WhichFields
155 */
156#define	SAMR_USER_ALL_USERNAME			0x00000001
157#define	SAMR_USER_ALL_FULLNAME			0x00000002
158#define	SAMR_USER_ALL_USERID			0x00000004
159#define	SAMR_USER_ALL_PRIMARYGROUPID		0x00000008
160#define	SAMR_USER_ALL_ADMINCOMMENT		0x00000010
161#define	SAMR_USER_ALL_USERCOMMENT		0x00000020
162#define	SAMR_USER_ALL_HOMEDIRECTORY		0x00000040
163#define	SAMR_USER_ALL_HOMEDIRECTORYDRIVE	0x00000080
164#define	SAMR_USER_ALL_SCRIPTPATH		0x00000100
165#define	SAMR_USER_ALL_PROFILEPATH		0x00000200
166#define	SAMR_USER_ALL_WORKSTATIONS		0x00000400
167#define	SAMR_USER_ALL_LASTLOGON			0x00000800
168#define	SAMR_USER_ALL_LASTLOGOFF		0x00001000
169#define	SAMR_USER_ALL_LOGONHOURS		0x00002000
170#define	SAMR_USER_ALL_BADPASSWORDCOUNT		0x00004000
171#define	SAMR_USER_ALL_LOGONCOUNT		0x00008000
172#define	SAMR_USER_ALL_PASSWORDCANCHANGE		0x00010000
173#define	SAMR_USER_ALL_PASSWORDMUSTCHANGE	0x00020000
174#define	SAMR_USER_ALL_PASSWORDLASTSET		0x00040000
175#define	SAMR_USER_ALL_ACCOUNTEXPIRES		0x00080000
176#define	SAMR_USER_ALL_USERACCOUNTCONTROL	0x00100000
177#define	SAMR_USER_ALL_PARAMETERS		0x00200000
178#define	SAMR_USER_ALL_COUNTRYCODE		0x00400000
179#define	SAMR_USER_ALL_CODEPAGE			0x00800000
180#define	SAMR_USER_ALL_NTPASSWORDPRESENT		0x01000000
181#define	SAMR_USER_ALL_LMPASSWORDPRESENT		0x02000000
182#define	SAMR_USER_ALL_PRIVATEDATA		0x04000000
183#define	SAMR_USER_ALL_PASSWORDEXPIRED		0x08000000
184#define	SAMR_USER_ALL_SECURITYDESCRIPTOR	0x10000000
185#define	SAMR_USER_ALL_UNDEFINED_MASK		0xC0000000
186
187/*
188 * specific access rights which can be used in OpenAlias.
189 * extracted from Ethereal network analyzer
190 */
191#define SAMR_ALIAS_ACCESS_SET_INFO		0x00000010
192#define SAMR_ALIAS_ACCESS_GET_INFO		0x00000008
193#define SAMR_ALIAS_ACCESS_GET_MEMBERS		0x00000004
194#define SAMR_ALIAS_ACCESS_DEL_MEMBER		0x00000002
195#define SAMR_ALIAS_ACCESS_ADD_MEMBER		0x00000001
196
197#define	SAMR_REVISION_1			1	/* Pre Windows 2000 */
198#define	SAMR_REVISION_2			2	/* Windows 2000 */
199#define	SAMR_REVISION_3			3	/* Post Windows 2000 */
200
201/*
202 * Definition for a SID. The ndl compiler does not allow a typedef of
203 * a structure containing variable size members.
204 */
205struct samr_sid {
206	BYTE		Revision;
207	BYTE		SubAuthCount;
208	BYTE		Authority[6];
209  SIZE_IS(SubAuthCount)
210	DWORD		SubAuthority[ANY_SIZE_ARRAY];
211};
212
213
214/*
215 * SAMR definition of a security_descriptor.
216 */
217struct samr_sec_desc {
218	BYTE Revision;
219	BYTE Sbz1;
220	WORD Control;
221	struct samr_sid *owner;
222	struct samr_sid *group;
223	struct samr_sid *sacl;
224	struct samr_sid *dacl;
225};
226
227struct samr_sd {
228	DWORD length;
229  SIZE_IS(length)
230	BYTE *data;
231};
232typedef struct samr_sd samr_sd_t;
233
234/*
235 * Definition for a string. The length and allosize should be set to
236 * twice the string length (i.e. strlen(str) * 2). The runtime code
237 * will perform the appropriate string to a wide-char conversions,
238 * so str should point to a regular char * string.
239 */
240struct samr_string {
241	WORD		length;
242	WORD		allosize;
243	LPTSTR		str;
244};
245typedef struct samr_string samr_string_t;
246
247
248/*
249 * Alternative varying/conformant string definition - for
250 * non-null terminated strings. This definition must match
251 * ndr_vcbuf_t.
252 */
253struct samr_vcb {
254	/*
255	 * size_is (actually a copy of length_is) will
256	 * be inserted here by the marshalling library.
257	 */
258	DWORD vc_first_is;
259	DWORD vc_length_is;
260  SIZE_IS(vc_length_is)
261	WORD buffer[ANY_SIZE_ARRAY];
262};
263
264struct samr_vcbuf {
265	WORD wclen;
266	WORD wcsize;
267	struct samr_vcb *vcb;
268};
269typedef struct samr_vcbuf samr_vcbuf_t;
270
271CONTEXT_HANDLE(samr_handle) samr_handle_t;
272
273/*
274 * OLD_LARGE_INTEGER: a 64-bit value.
275 */
276struct samr_quad {
277	DWORD low;
278	DWORD high;
279};
280typedef struct samr_quad samr_quad_t;
281
282/*
283 * Blob used for the NT and LM OWF passwords.
284 * The length and maxlen should be 16.
285 */
286struct samr_short_blob {
287	WORD	length;
288	WORD	maxlen;
289  SIZE_IS(length / 2)
290	WORD	*buf;
291};
292
293#define	DOMAIN_PASSWORD_COMPLEX			0x00000001
294#define	DOMAIN_PASSWORD_NO_ANON_CHANGE		0x00000002
295#define	DOMAIN_PASSWORD_NO_CLEAR_CHANGE		0x00000004
296#define	DOMAIN_LOCKOUT_ADMINS			0x00000008
297#define	DOMAIN_PASSWORD_STORE_CLEARTEXT		0x00000010
298#define	DOMAIN_REFUSE_PASSWORD_CHANGE		0x00000020
299
300struct samr_password_info {
301	WORD	min_length;
302	DWORD	properties;
303};
304typedef struct samr_password_info samr_password_info_t;
305
306/*
307 * There is some sort of logon bitmap structure in here, which I
308 * think is a varying and conformant array, i.e.
309 *
310 *	struct samr_logon_hours {
311 *      DWORD size_is;		(1260)
312 *      DWORD first_is;		(zero)
313 *      DWORD length_is;	(168)
314 *      BYTE bitmap[21];
315 *  };
316 *
317 *	struct samr_logon_info {
318 *		DWORD length;
319 *	SIZE_IS(length / 8)
320 *		struct samr_logon_hours *hours;
321 *	};
322 *
323 * There are 10080 minutes/week => 10080/8 = 1260 (0x04EC).
324 * So size_is is set as some sort of maximum.
325 *
326 * There are 168 hours/week => 168/8 = 21 (0xA8). Since there are 21
327 * bytes (all set to 0xFF), this is is probably the default setting.
328 */
329
330#define SAMR_MINS_PER_WEEK		10080
331#define SAMR_HOURS_PER_WEEK		168
332
333#define SAMR_HOURS_MAX_SIZE		(SAMR_MINS_PER_WEEK / 8)
334#define SAMR_HOURS_SET_LEN(LEN)		((LEN) / 8)
335#define SAMR_SET_USER_HOURS_SZ		21
336
337struct samr_logon_hours {
338	DWORD size;
339	DWORD first;
340	DWORD length;
341	BYTE bitmap[SAMR_SET_USER_HOURS_SZ];
342};
343
344struct samr_logon_info {
345	DWORD units;
346	DWORD hours;
347};
348
349struct samr_logon_hours_all {
350	WORD	units_per_week;
351  SIZE_IS(units_per_week / 8)
352	BYTE	*hours;
353};
354
355struct samr_oem_password {
356	BYTE password[512];
357	DWORD length;
358};
359
360/*
361 ***********************************************************************
362 * ConnectAnon. It looks like the SAM handle is identical to an LSA
363 * handle. See Connect.
364 ***********************************************************************
365 */
366OPERATION(SAMR_OPNUM_ConnectAnon)
367struct samr_ConnectAnon {
368	IN	DWORD *servername;
369	IN	DWORD access_mask;
370	OUT	samr_handle_t handle;
371	OUT	DWORD status;
372};
373
374
375/*
376 ***********************************************************************
377 * Connect. I'm not sure what the difference is between Connect and
378 * ConnectAnon but this call seems to work better than ConnectAnon.
379 ***********************************************************************
380 */
381OPERATION(SAMR_OPNUM_Connect)
382struct samr_Connect {
383	IN	LPTSTR servername;
384	IN	DWORD access_mask;
385	OUT	samr_handle_t handle;
386	OUT	DWORD status;
387};
388
389
390/*
391 ***********************************************************************
392 * SamrConnect3. A new form of connect first seen with Windows 2000.
393 * A new field has been added to the input request. Value: 0x00000002.
394 * I haven't looked at the Win2K response yet to see if it differs
395 * from SAMR_OPNUM_Connect.
396 ***********************************************************************
397 */
398OPERATION(SAMR_OPNUM_Connect3)
399struct samr_Connect3 {
400	IN	LPTSTR servername;
401	IN	DWORD revision;
402	IN	DWORD access_mask;
403	OUT	samr_handle_t handle;
404	OUT	DWORD status;
405};
406
407
408/*
409 ***********************************************************************
410 * SamrConnect4. A new form of connect first seen with Windows XP.
411 * The server name is the fully qualified domain name, i.e.
412 *	\\server.sun.com.
413 *
414 * [in]  DWORD	 InVersion,
415 * [in]  [switch_is(InVersion)]    samr_revision_info *InRevisionInfo
416 * [out] DWORD	 *OutVersion
417 * [out] [switch_is(*OutVersion)] *samr_revision_info *OutRevisionInfo
418 *
419 * SupportedFeatures (see notes in [MS-SAMR]
420 *	0x00000001	RID values returned from the server must not be
421 *			concatenated with the domain SID.
422 *	0x00000002	Reserved
423 *	0x00000004	Reserved
424 ***********************************************************************
425 */
426struct samr_revision_info1 {
427	DWORD revision;
428	DWORD supported_features;
429};
430typedef struct samr_revision_info1 samr_revision_info1_t;
431
432union samr_revision_info {
433	UNION_INFO_ENT(1,samr_revision_info);
434	DEFAULT	char *nullptr;
435};
436
437OPERATION(SAMR_OPNUM_Connect4)
438struct samr_Connect4 {
439	IN		LPTSTR servername;
440	IN		DWORD access_mask;
441	INOUT	DWORD unknown2_00000001;
442	INOUT	DWORD unknown3_00000001;
443	INOUT	DWORD unknown4_00000003;
444	INOUT	DWORD unknown5_00000000;
445	OUT		samr_handle_t handle;
446	OUT		DWORD status;
447};
448
449
450/*
451 ***********************************************************************
452 * CloseHandle closes an association with the SAM. Using the same
453 * structure as the LSA seems to work.
454 ***********************************************************************
455 */
456OPERATION(SAMR_OPNUM_CloseHandle)
457struct samr_CloseHandle {
458	IN	samr_handle_t handle;
459	OUT	samr_handle_t result_handle;
460	OUT	DWORD status;
461};
462
463
464/*
465 ***********************************************************************
466 * LookupDomain: lookup up the domain SID.
467 ***********************************************************************
468 */
469OPERATION(SAMR_OPNUM_LookupDomain)
470struct samr_LookupDomain {
471	IN	samr_handle_t handle;
472	IN	samr_string_t domain_name;
473	OUT struct samr_sid *sid;
474	OUT	DWORD status;
475};
476
477
478/*
479 ***********************************************************************
480 * EnumLocalDomain
481 *
482 * This looks like a request to get the local domains supported by a
483 * remote server. NT always seems to return 2 domains: the local
484 * domain (hostname) and the Builtin domain.
485 *
486 * The max_length field is set to 0x2000.
487 * Enum_context is set to 0 in the request and set to entries_read in
488 * the reply. Like most of these enums, total_entries is the same as
489 * entries_read.
490 ***********************************************************************
491 */
492struct samr_LocalDomainEntry {
493	DWORD unknown;
494	samr_string_t name;
495};
496
497struct samr_LocalDomainInfo {
498	DWORD entries_read;
499  SIZE_IS(entries_read)
500	struct samr_LocalDomainEntry *entry;
501};
502
503
504OPERATION(SAMR_OPNUM_EnumLocalDomains)
505struct samr_EnumLocalDomain {
506	IN		samr_handle_t handle;
507	INOUT	DWORD enum_context;
508	IN		DWORD max_length;
509	OUT		struct samr_LocalDomainInfo *info;
510	OUT		DWORD total_entries;
511	OUT		DWORD status;
512};
513
514
515/*
516 ***********************************************************************
517 * OpenDomain
518 *
519 * Open a specific domain within the SAM. From this I assume that each
520 * SAM can handle multiple domains so you need to identify the one with
521 * which you want to work. Working with a domain handle does appear to
522 * offer the benefit that you can then use RIDs instead of full SIDs,
523 * which simplifies things a bit. The domain handle can be used to get
524 * user and group handles.
525 ***********************************************************************
526 */
527OPERATION(SAMR_OPNUM_OpenDomain)
528struct samr_OpenDomain {
529	IN	samr_handle_t handle;
530	IN	DWORD access_mask;
531	IN REFERENCE struct samr_sid *sid;
532	OUT	samr_handle_t domain_handle;
533	OUT	DWORD status;
534};
535
536
537/*
538 ***********************************************************************
539 * QueryDomainInfo
540 *
541 * Windows 95 Server Manager sends requests for levels 6 and 7 when
542 * the services menu item is selected.
543 ***********************************************************************
544 */
545#define SAMR_QUERY_DOMAIN_INFO_2		2
546#define SAMR_QUERY_DOMAIN_INFO_6		6
547#define SAMR_QUERY_DOMAIN_INFO_7		7
548
549
550struct samr_QueryDomainInfo2 {
551	DWORD unknown1;			/* 00 00 00 00 */
552	DWORD unknown2;			/* 00 00 00 80 */
553	samr_string_t s1;
554	samr_string_t domain;
555	samr_string_t s2;
556	DWORD sequence_num;		/* 2B 00 00 00 */
557	DWORD unknown3;			/* 00 00 00 00 */
558	DWORD unknown4;			/* 01 00 00 00 */
559	DWORD unknown5;			/* 03 00 00 00 */
560	DWORD unknown6;			/* 01 */
561	DWORD num_users;
562	DWORD num_groups;
563	DWORD num_aliases;
564};
565
566
567struct samr_QueryDomainInfo6 {
568	DWORD unknown1;			/* 00 00 00 00 */
569	DWORD unknown2;			/* B0 7F 14 00 */
570	DWORD unknown3;			/* 00 00 00 00 */
571	DWORD unknown4;			/* 00 00 00 00 */
572	DWORD unknown5;			/* 00 00 00 00 */
573};
574
575
576struct samr_QueryDomainInfo7 {
577	DWORD unknown1;			/* 03 00 00 00 */
578};
579
580
581union samr_QueryDomainInfo_ru {
582	UNION_INFO_ENT(2,samr_QueryDomainInfo);
583	UNION_INFO_ENT(6,samr_QueryDomainInfo);
584	UNION_INFO_ENT(7,samr_QueryDomainInfo);
585	DEFAULT	char *nullptr;
586};
587
588struct samr_QueryDomainInfoRes {
589	WORD switch_value;
590	SWITCH(switch_value)
591		union samr_QueryDomainInfo_ru ru;
592};
593
594OPERATION(SAMR_OPNUM_QueryDomainInfo)
595struct samr_QueryDomainInfo {
596	IN	samr_handle_t domain_handle;
597	IN	WORD info_level;
598	OUT	struct samr_QueryDomainInfoRes *info;
599	OUT	DWORD status;
600};
601
602/*
603 * Identical to SAMR_OPNUM_QueryDomainInfo.
604 */
605OPERATION(SAMR_OPNUM_QueryInfoDomain2)
606struct samr_QueryInfoDomain2 {
607	IN	samr_handle_t	domain_handle;
608	IN	WORD		info_level;
609	OUT	struct samr_QueryDomainInfoRes *info;
610	OUT	DWORD		status;
611};
612
613#define SAMR_QUERY_ALIAS_INFO_1			1
614#define SAMR_QUERY_ALIAS_INFO_3			3
615
616
617struct samr_QueryAliasInfo1 {
618	WORD level;
619	samr_string_t name;
620	DWORD unknown;
621	samr_string_t desc;
622};
623
624struct samr_QueryAliasInfo3 {
625	WORD level;
626	samr_string_t desc;
627};
628
629union samr_QueryAliasInfo_ru {
630	UNION_INFO_ENT(1,samr_QueryAliasInfo);
631	UNION_INFO_ENT(3,samr_QueryAliasInfo);
632	DEFAULT	char *nullptr;
633};
634
635struct samr_QueryAliasInfoRes {
636	DWORD address;
637	WORD switch_value;
638	SWITCH(switch_value)
639		union samr_QueryAliasInfo_ru ru;
640};
641
642OPERATION(SAMR_OPNUM_QueryAliasInfo)
643struct samr_QueryAliasInfo {
644	IN	samr_handle_t alias_handle;
645	IN	WORD level;
646	OUT DWORD address;
647  SWITCH (level)
648	OUT	union samr_QueryAliasInfo_ru ru;
649	OUT	DWORD status;
650};
651
652OPERATION(SAMR_OPNUM_CreateDomainAlias)
653struct samr_CreateDomainAlias {
654	IN	samr_handle_t domain_handle;
655	IN	samr_string_t alias_name;
656	IN	DWORD access_mask;
657	OUT samr_handle_t alias_handle;
658	OUT	DWORD rid;
659	OUT	DWORD status;
660};
661
662OPERATION(SAMR_OPNUM_SetAliasInfo)
663struct samr_SetAliasInfo {
664	IN	samr_handle_t alias_handle;
665	IN	WORD level;
666	/* TBD */
667	OUT	DWORD status;
668};
669
670OPERATION(SAMR_OPNUM_DeleteDomainAlias)
671struct samr_DeleteDomainAlias {
672	IN	samr_handle_t alias_handle;
673	OUT	DWORD status;
674};
675
676OPERATION(SAMR_OPNUM_OpenAlias)
677struct samr_OpenAlias {
678	IN	samr_handle_t domain_handle;
679	IN	DWORD access_mask;
680	IN	DWORD rid;
681	OUT samr_handle_t alias_handle;
682	OUT	DWORD status;
683};
684
685struct name_rid {
686	DWORD rid;
687	samr_string_t name;
688};
689
690struct aliases_info {
691	DWORD count;
692	DWORD address;
693	SIZE_IS(count)
694	struct name_rid info[ANY_SIZE_ARRAY];
695};
696
697OPERATION(SAMR_OPNUM_EnumDomainAliases)
698struct samr_EnumDomainAliases {
699	IN	samr_handle_t domain_handle;
700	IN	DWORD resume_handle;
701	IN	DWORD mask;
702	OUT	DWORD out_resume;
703	OUT struct aliases_info *aliases;
704	OUT DWORD entries;
705	OUT	DWORD status;
706};
707
708struct user_acct_info {
709	DWORD index;
710	DWORD rid;
711	DWORD ctrl;
712	samr_string_t name;
713	samr_string_t fullname;
714	samr_string_t desc;
715};
716
717struct user_disp_info {
718	OUT DWORD total_size;
719	OUT DWORD returned_size;
720	OUT WORD switch_value;
721	DWORD count;
722	SIZE_IS(count)
723	struct user_acct_info *acct;
724};
725
726OPERATION(SAMR_OPNUM_QueryDispInfo)
727struct samr_QueryDispInfo {
728	IN	samr_handle_t domain_handle;
729	IN	WORD level;
730	IN	DWORD start_idx;
731	IN	DWORD max_entries;
732	IN	DWORD pref_maxsize;
733	OUT struct user_disp_info users;
734	OUT	DWORD status;
735};
736
737struct group_acct_info {
738	DWORD index;
739	DWORD rid;
740	DWORD ctrl;
741	samr_string_t name;
742	samr_string_t desc;
743};
744
745struct group_disp_info {
746	DWORD count;
747	/* right now we just need one entry */
748	struct group_acct_info acct[1];
749};
750
751OPERATION(SAMR_OPNUM_EnumDomainGroups)
752struct samr_EnumDomainGroups {
753	IN	samr_handle_t domain_handle;
754	IN	WORD level;
755	IN	DWORD start_idx;
756	IN	DWORD max_entries;
757	IN	DWORD pref_maxsize;
758	OUT DWORD total_size;
759	OUT DWORD returned_size;
760	OUT WORD switch_value;
761	OUT DWORD count;
762	OUT struct group_disp_info *groups;
763	OUT	DWORD status;
764};
765
766/*
767 ***********************************************************************
768 * OpenUser
769 *
770 * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain,
771 * an access mask and the appropriate user rid. The output will be a
772 * handle for use with the specified user.
773 ***********************************************************************
774 */
775OPERATION(SAMR_OPNUM_OpenUser)
776struct samr_OpenUser {
777	IN	samr_handle_t handle;
778	IN	DWORD access_mask;
779	IN	DWORD rid;
780	OUT	samr_handle_t user_handle;
781	OUT	DWORD status;
782};
783
784
785/*
786 ***********************************************************************
787 * DeleteUser
788 ***********************************************************************
789 */
790OPERATION(SAMR_OPNUM_DeleteUser)
791struct samr_DeleteUser {
792	INOUT	samr_handle_t user_handle;
793	OUT	DWORD status;
794};
795
796
797/*
798 ***********************************************************************
799 * QueryUserInfo
800 *
801 * Provides various pieces of information on a specific user (see
802 * SAM_Q_QUERY_USERINFO and SAM_R_QUERY_USERINFO). The handle must
803 * be a valid SAM user handle.
804 *
805 * QueryUserInfo (
806 *	IN samr_handle_t user_handle,
807 *	IN WORD switch_value,
808 *	OUT union switch(switch_value) {
809 *		case 1: struct QueryUserInfo1 *info1;
810 *	} bufptr,
811 *	OUT DWORD status
812 * )
813 *
814 * typedef enum _USER_INFORMATION_CLASS {
815 *	UserGeneralInformation		= 1,
816 *	UserPreferencesInformation	= 2,
817 *	UserLogonInformation		= 3,
818 *	UserLogonHoursInformation	= 4,
819 *	UserAccountInformation		= 5,
820 *	UserNameInformation		= 6,
821 *	UserAccountNameInformation	= 7,
822 *	UserFullNameInformation		= 8,
823 *	UserPrimaryGroupInformation	= 9,
824 *	UserHomeInformation		= 10,
825 *	UserScriptInformation		= 11,
826 *	UserProfileInformation		= 12,
827 *	UserAdminCommentInformation	= 13,
828 *	UserWorkStationsInformation	= 14,
829 *	UserControlInformation		= 16,
830 *	UserExpiresInformation		= 17,
831 *	UserInternal1Information	= 18,
832 *	UserParametersInformation	= 20,
833 *	UserAllInformation		= 21,
834 *	UserInternal4Information	= 23,
835 *	UserInternal5Information	= 24,
836 *	UserInternal4InformationNew	= 25,
837 *	UserInternal5InformationNew	= 26,
838 * } USER_INFORMATION_CLASS;
839 *
840 * 1 = username, fullname, description and some other stuff.
841 * 3 = large structure containing user rid, group rid, username
842 *     and fullname.
843 * 5 = large structure (like 3) containing user rid, group rid,
844 *     username, fullname and description.
845 * 6 = username and fullname
846 * 7 = username
847 * 8 = fullname
848 * 9 = group rid
849 * 16 = used after creating a new account
850 *
851 * Due to an ndrgen bug, a function must be provided to to patch the
852 * offsets used by the unmarshalling code at runtime.  In order to
853 * simplify things it is useful to use a naming convention that
854 * indicates the switch value for each structure.
855 *
856 ***********************************************************************
857 */
858
859
860#define SAMR_QUERY_USER_INFO_1			1
861#define SAMR_QUERY_USER_UNAME_AND_FNAME		6
862#define SAMR_QUERY_USER_USERNAME		7
863#define SAMR_QUERY_USER_FULLNAME		8
864#define SAMR_QUERY_USER_GROUPRID		9
865#define SAMR_QUERY_USER_CONTROL_INFO		16
866#define SAMR_QUERY_USER_ALL_INFO		21
867
868
869struct samr_QueryUserInfo1 {
870	samr_string_t username;
871	samr_string_t fullname;
872	DWORD group_rid;
873	samr_string_t description;
874	samr_string_t unknown;
875};
876
877
878struct samr_QueryUserInfo6 {
879	samr_string_t username;
880	samr_string_t fullname;
881};
882
883struct samr_QueryUserInfo7 {
884	samr_string_t username;
885};
886
887
888struct samr_QueryUserInfo8 {
889	samr_string_t fullname;
890};
891
892
893struct samr_QueryUserInfo9 {
894	DWORD group_rid;
895};
896
897
898struct samr_QueryUserInfo16 {
899	DWORD unknown;
900};
901
902/*
903 * SAMR_USER_ALL_INFORMATION
904 */
905struct samr_QueryUserInfo21 {
906	samr_quad_t		LastLogon;
907	samr_quad_t		LastLogoff;
908	samr_quad_t		PasswordLastSet;
909	samr_quad_t		AccountExpires;
910	samr_quad_t		PasswordCanChange;
911	samr_quad_t		PasswordMustChange;
912	samr_string_t		UserName;
913	samr_string_t		FullName;
914	samr_string_t		HomeDirectory;
915	samr_string_t		HomeDirectoryDrive;
916	samr_string_t		ScriptPath;
917	samr_string_t		ProfilePath;
918	samr_string_t		AdminComment;
919	samr_string_t		WorkStations;
920	samr_string_t		UserComment;
921	samr_string_t		Parameters;
922	struct samr_short_blob	LmOwfPassword;
923	struct samr_short_blob	NtOwfPassword;
924	samr_string_t		PrivateData;
925	samr_sd_t		SecurityDescriptor;
926	DWORD			UserId;
927	DWORD			PrimaryGroupId;
928	DWORD			UserAccountControl;
929	DWORD			WhichFields;
930	struct samr_logon_hours_all	LogonHours;
931	WORD			BadPasswordCount;
932	WORD			LogonCount;
933	WORD			CountryCode;
934	WORD			CodePage;
935	BYTE			LmPasswordPresent;
936	BYTE			NtPasswordPresent;
937	BYTE			PasswordExpired;
938	BYTE			PrivateDataSensitive;
939};
940
941union QueryUserInfo_result_u {
942	UNION_INFO_ENT(1,samr_QueryUserInfo);
943	UNION_INFO_ENT(6,samr_QueryUserInfo);
944	UNION_INFO_ENT(7,samr_QueryUserInfo);
945	UNION_INFO_ENT(8,samr_QueryUserInfo);
946	UNION_INFO_ENT(9,samr_QueryUserInfo);
947	UNION_INFO_ENT(16,samr_QueryUserInfo);
948	UNION_INFO_ENT(21,samr_QueryUserInfo);
949	DEFAULT	char *nullptr;
950};
951
952
953/*
954 * This structure needs to be declared, even though it can't be used in
955 * samr_QueryUserInfo, in order to get the appropriate size to calculate
956 * the correct fixup offsets.  If ndrgen did the right thing,
957 * QueryUserInfo_result would be one of the out parameters.  However, if
958 * we do it that way, the switch_value isn't known early enough to do
959 * the fixup calculation.  So it all has to go in samr_QueryUserInfo.
960 */
961struct QueryUserInfo_result {
962	DWORD address;
963	WORD switch_value;
964	SWITCH(switch_value)
965		union QueryUserInfo_result_u ru;
966};
967
968
969OPERATION(SAMR_OPNUM_QueryUserInfo)
970struct samr_QueryUserInfo {
971	IN	samr_handle_t user_handle;
972	IN	WORD switch_value;
973	/*
974	 * Can't use this form because we need to include members explicitly.
975	 * OUT	struct QueryUserInfo_result result;
976	 */
977	OUT	DWORD address;
978	OUT	WORD switch_index;
979  SWITCH(switch_value)
980	OUT	union QueryUserInfo_result_u ru;
981	OUT	DWORD status;
982};
983
984
985/*
986 ***********************************************************************
987 * QueryUserGroups
988 ***********************************************************************
989 */
990struct samr_UserGroups {
991	DWORD rid;
992	DWORD attr;
993};
994
995
996struct samr_UserGroupInfo {
997	DWORD n_entry;
998  SIZE_IS(n_entry)
999	struct samr_UserGroups *groups;
1000};
1001
1002
1003OPERATION(SAMR_OPNUM_QueryUserGroups)
1004struct samr_QueryUserGroups {
1005	IN	samr_handle_t user_handle;
1006	OUT struct samr_UserGroupInfo *info;
1007	OUT	DWORD status;
1008};
1009
1010
1011/*
1012 ***********************************************************************
1013 * LookupName
1014 ***********************************************************************
1015 */
1016struct samr_LookupNameTable {
1017	DWORD n_entry;
1018  SIZE_IS(n_entry)
1019	samr_string_t names[ANY_SIZE_ARRAY];
1020};
1021
1022
1023struct samr_LookupRidTable {
1024	DWORD n_entry;
1025  SIZE_IS(n_entry)
1026	DWORD *rid;
1027};
1028
1029struct samr_RidType {
1030	DWORD n_entry;
1031  SIZE_IS(n_entry)
1032	DWORD *rid_type;
1033};
1034
1035
1036OPERATION(SAMR_OPNUM_LookupNames)
1037struct samr_LookupNames {
1038	IN	samr_handle_t handle;
1039	IN	DWORD n_entry;
1040	IN	DWORD max_n_entry;
1041	IN	DWORD index;
1042	IN	DWORD total;
1043	IN	samr_string_t name;
1044	OUT	struct samr_LookupRidTable rids;
1045	OUT	struct samr_RidType rid_types;
1046	OUT	DWORD status;
1047};
1048
1049
1050/*
1051 ***********************************************************************
1052 * OpenGroup
1053 *
1054 * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain,
1055 * an access mask and the appropriate group rid. The output will be a
1056 * handle for use with the specified group.
1057 ***********************************************************************
1058 */
1059OPERATION(SAMR_OPNUM_OpenGroup)
1060struct samr_OpenGroup {
1061	IN	samr_handle_t handle;
1062	IN	DWORD access_mask;
1063	IN	DWORD rid;
1064	OUT	samr_handle_t group_handle;
1065	OUT	DWORD status;
1066};
1067
1068
1069/*
1070 ***********************************************************************
1071 * QueryGroupInfo
1072 *
1073 * Input must be a group handle obtained via SAMR_OPNUM_OpenGroup,
1074 * an access mask and the appropriate group rid. The output will
1075 * be a handle for use with the specified group.
1076 ***********************************************************************
1077 */
1078struct samr_QueryGroupInfo1 {
1079	samr_string_t groupname;
1080};
1081
1082
1083union samr_QueryGroupInfo_result_u {
1084	UNION_INFO_ENT(1,samr_QueryGroupInfo);
1085	DEFAULT	char *nullptr;
1086};
1087
1088
1089struct samr_QueryGroupInfo_result {
1090	DWORD address;
1091	WORD switch_index;
1092  SWITCH(switch_index)
1093	union samr_QueryGroupInfo_result_u ru;
1094};
1095
1096
1097OPERATION(SAMR_OPNUM_QueryGroupInfo)
1098struct samr_QueryGroupInfo {
1099	IN	samr_handle_t group_handle;
1100	IN	DWORD switch_value;
1101	OUT	DWORD address;
1102	OUT	WORD switch_index;
1103  SWITCH(switch_index)
1104	OUT	union samr_QueryGroupInfo_result_u ru;
1105	OUT	DWORD status;
1106};
1107
1108
1109/*
1110 ***********************************************************************
1111 * StoreGroupInfo
1112 *
1113 * This definition is mostly just a place holder in case this is useful
1114 * in the future. Note that it may not be correct. The information is
1115 * from a netmon trace captured when I added a group description. I
1116 * haven't implemented it because we don't have to update anything on
1117 * the PDC. The description should almost certainly be in a separate
1118 * structure.
1119 ***********************************************************************
1120 */
1121OPERATION(SAMR_OPNUM_StoreGroupInfo)
1122struct samr_StoreGroupInfo {
1123	IN	samr_handle_t group_handle;
1124	IN	DWORD switch_value;
1125	IN	samr_string_t group_description;
1126	OUT	DWORD status;
1127};
1128
1129
1130/*
1131 ***********************************************************************
1132 * GetUserDomainPasswordInformation
1133 ***********************************************************************
1134 */
1135OPERATION(SAMR_OPNUM_GetUserPwInfo)
1136struct samr_GetUserPwInfo {
1137	IN		samr_handle_t		user_handle;
1138	OUT REFERENCE	samr_password_info_t	*pwinfo;
1139	OUT		DWORD			status;
1140};
1141
1142
1143/*
1144 ***********************************************************************
1145 * CreateUser
1146 *
1147 * Create a user in the domain specified by the domain handle. The
1148 * domain handle is obtained obtained via SAMR_OPNUM_OpenDomain.
1149 * DesiredAccess: 0xe00500b0.
1150 * The output will be a handle for use with the specified user and the
1151 * user's RID. I think the RID may be a unique pointer (it can be null).
1152 ***********************************************************************
1153 */
1154OPERATION(SAMR_OPNUM_CreateUser)
1155struct samr_CreateUser {
1156	IN	samr_handle_t handle;
1157	IN	samr_vcbuf_t username;
1158	IN	DWORD account_flags;
1159	IN	DWORD desired_access;
1160	OUT	samr_handle_t user_handle;
1161	OUT	DWORD maybe_ptr;
1162	OUT	DWORD rid;
1163	OUT	DWORD status;
1164};
1165
1166
1167/*
1168 ***********************************************************************
1169 * ChangeUserPasswd
1170 ***********************************************************************
1171 */
1172struct samr_newpasswd {
1173	BYTE data[516];
1174};
1175
1176
1177struct samr_oldpasswd {
1178	BYTE data[16];
1179};
1180
1181
1182OPERATION(SAMR_OPNUM_ChangeUserPasswd)
1183struct samr_ChangeUserPasswd {
1184	IN	LPTSTR servername;
1185	IN	LPTSTR username;
1186	IN	struct samr_newpasswd *nt_newpasswd;
1187	IN	struct samr_oldpasswd *nt_oldpasswd;
1188	IN	struct samr_newpasswd *lm_newpasswd;
1189	IN	struct samr_oldpasswd *lm_oldpasswd;
1190	OUT	DWORD status;
1191};
1192
1193
1194/*
1195 ***********************************************************************
1196 * GetDomainPwInfo
1197 ***********************************************************************
1198 */
1199OPERATION(SAMR_OPNUM_GetDomainPwInfo)
1200struct samr_GetDomainPwInfo {
1201	IN		DWORD			unused;
1202	OUT REFERENCE	samr_password_info_t	*pwinfo;
1203	OUT		DWORD			status;
1204};
1205
1206
1207/*
1208 ***********************************************************************
1209 * SetUserInfo
1210 *
1211 *	+++ 20 byte user handle and the union switch_value +++
1212 *	00 00 00 00 77 F2 DD D5 66 48 D4 11 AD 5F D1 CD
1213 *	18 43 7A DF 17 00 17 00
1214 *
1215 *	+++ 14 dwords (56 bytes) of zeros +++
1216 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1217 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1218 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1219 *	00 00 00 00 00 00 00 00
1220 *
1221 *	+++ 9 sets of something - 72 bytes +++
1222 *	00 00 02 00 D0 04 8A 77
1223 *	00 00 02 00 D0 04 8A 77
1224 *	00 00 02 00 D0 04 8A 77
1225 *	00 00 02 00 D0 04 8A 77
1226 *	00 00 02 00 D0 04 8A 77
1227 *	00 00 02 00 D0 04 8A 77
1228 *	00 00 02 00 D0 04 8A 77
1229 *	00 00 02 00 D0 04 8A 77
1230 *	00 00 02 00 D0 04 8A 77
1231 *
1232 *	+++ 9 DWORD zeros +++
1233 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1234 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1235 *	00 00 00 00
1236 *
1237 *	+++ miscellaneous +++
1238 *	01 02 00 00
1239 *	80 00 00 00
1240 *	FA 27 F8 09
1241 *	A8 00 00 00 70 F1 14 00
1242 *	00 00 00 00 00 00 00 00 00 00 00 00
1243 *
1244 *	+++ encrypted password buffer - 512 bytes +++
1245 *	76 68 E8 AA 23 4F 62 C4 81 4E 30 B8 92 29 66 B9
1246 *	12 FF 3A 84 82 3A 55 0F C7 18 EA 56 86 50 D7 C5
1247 *	43 BA 9C F8 32 D4 E0 15 74 A1 6F E1 59 C2 F2 95
1248 *	53 A9 F2 68 9F 7F 29 B9 88 4C 65 A5 C1 DC 0B 44
1249 *	B8 3C ED 74 D1 6A F7 09 66 97 94 6B 2C 3A A5 88
1250 *	39 34 C6 FE 24 59 30 2D CF 6D 7F D5 EC B1 9A 84
1251 *	E6 57 96 29 40 32 FB 62 9D 93 E2 BE D8 A3 74 88
1252 *	8B 85 BC A0 76 D6 C9 DB 8C AF 81 BD 8A F0 08 8D
1253 *	23 B0 52 FD 69 DE EF A1 36 E5 30 19 BD DA 67 A3
1254 *	81 BD 3F D0 2A A2 8F 60 62 B0 8D 34 9E A4 4F 20
1255 *	4E 79 93 82 58 A8 E5 6F 7A DC 12 13 33 E6 74 02
1256 *	4C 32 F9 FC 1A E1 C5 0D E2 CC 36 8D FC 72 87 DD
1257 *	6C 44 E3 6F 4B FD 46 10 08 89 E5 64 B8 27 14 83
1258 *	E7 08 DE CF 69 C7 E1 40 63 DF CB 67 95 73 03 1B
1259 *	CA 99 E1 1B 53 2A 89 6B 30 39 CD 5C DF A0 8A 1C
1260 *	4E 50 74 7C 6D 3D E7 EA E9 B2 97 DD 38 7B DA EC
1261 *	1A AD DA CE C4 58 9B 29 F3 6D 30 70 4E 63 6D 84
1262 *	DB DC 5B CD 9A 4E 57 9C E4 65 5D 4F 76 E3 C7 52
1263 *	8B 3B 20 0A 3B 4C 4B B1 2E 5B 4D AB BA 2F 45 6A
1264 *	CA 17 AD 9F C0 B2 07 FB 56 7F E4 3F 9F D4 C6 8C
1265 *	A1 05 BF 53 42 1E 67 F4 57 54 E3 2C 38 CF E1 94
1266 *	75 69 F7 4E 5C 74 CC B3 FD EF 73 3F D5 28 22 EC
1267 *	9B 40 E1 1D 65 44 7C BB 69 88 57 10 05 3A C5 48
1268 *	8E 4F 77 DB 1A 5C 49 9C D5 06 00 AC 79 BC 7E 89
1269 *	B0 01 66 70 88 A2 E5 DF 96 DC 75 98 10 12 45 02
1270 *	33 35 6C DF 74 8B 14 2F 26 C6 FD 7A B4 D0 A6 7D
1271 *	DE 2B 13 44 EF 34 46 4D 9D 3E C3 75 BC 11 B4 41
1272 *	27 58 25 1E AF AA F0 BB DA 27 7A 1E AE 81 1A 78
1273 *	44 19 DE FC C4 7C 4E 32 44 F7 57 2A 41 A2 85 DC
1274 *	C0 AD 5D 6B 58 FD 2E 75 25 B9 F2 B6 19 82 E5 0E
1275 *	B6 69 0D C1 27 A9 B6 40 A6 50 49 E5 CB 17 98 65
1276 *	88 18 CA E4 1D 2E 20 F7 DE 8E 7D F2 9D A5 6B CD
1277 *
1278 *	D6 79 45 71
1279 *
1280 *	+++ table of 9 things +++
1281 *	01 00 00 00 00 00 00 00 00 00 00 00
1282 *	01 00 00 00 00 00 00 00 00 00 00 00
1283 *	01 00 00 00 00 00 00 00 00 00 00 00
1284 *	01 00 00 00 00 00 00 00 00 00 00 00
1285 *	01 00 00 00 00 00 00 00 00 00 00 00
1286 *	01 00 00 00 00 00 00 00 00 00 00 00
1287 *	01 00 00 00 00 00 00 00 00 00 00 00
1288 *	01 00 00 00 00 00 00 00 00 00 00 00
1289 *	01 00 00 00 00 00 00 00 00 00 00 00
1290 *
1291 *	+++ miscellaneous +++
1292 *	EC 04 00 00 00 00 00 00 15 00 00 00
1293 *	FF FF FF FF FF FF FF FF FF FF FF FF
1294 *	FF FF FF FF FF FF FF FF FF
1295 *
1296 ***********************************************************************
1297 */
1298
1299#define SAMR_SET_USER_INFO_23		23
1300#define SAMR_SET_USER_DATA_SZ		516
1301
1302struct samr_SetUserInfo23 {
1303	samr_quad_t logon_time;			/* 00 00 00 00 00 00 00 00 */
1304	samr_quad_t logoff_time;		/* 00 00 00 00 00 00 00 00 */
1305	samr_quad_t kickoff_time;		/* 00 00 00 00 00 00 00 00 */
1306	samr_quad_t passwd_last_set_time;	/* 00 00 00 00 00 00 00 00 */
1307	samr_quad_t passwd_can_change_time;	/* 00 00 00 00 00 00 00 00 */
1308	samr_quad_t passwd_must_change_time;	/* 00 00 00 00 00 00 00 00 */
1309
1310	samr_vcbuf_t user_name;			/* 00 00 00 00 00 00 00 00 */
1311	samr_vcbuf_t full_name;			/* 00 00 02 00 D0 04 8A 77 */
1312	samr_vcbuf_t home_dir;			/* 00 00 02 00 D0 04 8A 77 */
1313	samr_vcbuf_t home_drive;		/* 00 00 02 00 D0 04 8A 77 */
1314	samr_vcbuf_t logon_script;		/* 00 00 02 00 D0 04 8A 77 */
1315	samr_vcbuf_t profile_path;		/* 00 00 02 00 D0 04 8A 77 */
1316	samr_vcbuf_t acct_desc;			/* 00 00 02 00 D0 04 8A 77 */
1317	samr_vcbuf_t workstations;		/* 00 00 02 00 D0 04 8A 77 */
1318	samr_vcbuf_t unknown1;			/* 00 00 02 00 D0 04 8A 77 */
1319	samr_vcbuf_t unknown2;			/* 00 00 02 00 D0 04 8A 77 */
1320	samr_vcbuf_t lm_password;		/* 00 00 00 00 00 00 00 00 */
1321	samr_vcbuf_t nt_password;		/* 00 00 00 00 00 00 00 00 */
1322	samr_vcbuf_t unknown3;			/* 00 00 00 00 00 00 00 00 */
1323
1324	struct samr_sd sd;			/* 00 00 00 00 00 00 00 00 */
1325	DWORD user_rid;				/* 00 00 00 00 */
1326	DWORD group_rid;			/* 01 02 00 00 */
1327	DWORD acct_info;			/* 80 00 00 00 */
1328	DWORD flags;				/* FA 27 F8 09 */
1329	struct samr_logon_info logon_info;  /* A8 00 00 00 70 F1 14 00->0xFF */
1330	/*
1331	 * The following 12 bytes are encoded in Ethereal as:
1332	 *
1333	 *	WORD bad_pwd_count;
1334	 *	WORD logon_count;
1335	 *
1336	 *	WORD country;			(default 0)
1337	 *	WORD codepage;
1338	 *
1339	 *	BYTE nt_pwd_set;
1340	 *	BYTE lm_pwd_set;
1341	 *	BYTE expired_flag;
1342	 *	BYTE unknown_char;
1343	 */
1344	DWORD unknown4_zero;			/* 00 00 00 00 */
1345	DWORD unknown5_zero;			/* 00 00 00 00 */
1346	DWORD unknown6_zero;			/* 00 00 00 00 */
1347	BYTE password[SAMR_SET_USER_DATA_SZ];
1348};
1349
1350
1351union samr_SetUserInfo_u {
1352	UNION_INFO_ENT(23,samr_SetUserInfo);
1353	DEFAULT	char *nullptr;
1354};
1355
1356
1357struct samr_SetUserInfo_s {
1358	WORD index;
1359	WORD switch_value;
1360  SWITCH(switch_value)
1361	union samr_SetUserInfo_u ru;
1362};
1363
1364
1365/*
1366	IN	DWORD unknown_04EC;
1367	IN	DWORD unknown_zero;
1368	IN	DWORD logon_bitmap_size;
1369	IN	BYTE logon_bitmap[SAMR_SET_USER_HOURS_SZ];
1370*/
1371OPERATION(SAMR_OPNUM_SetUserInfo)
1372struct samr_SetUserInfo {
1373	IN	samr_handle_t user_handle;
1374	IN	struct samr_SetUserInfo_s info;
1375	IN	struct samr_logon_hours logon_hours;
1376	OUT	DWORD status;
1377};
1378
1379
1380/*
1381 ***********************************************************************
1382 * The SAMR interface definition.
1383 ***********************************************************************
1384 */
1385INTERFACE(0)
1386union samr_interface {
1387	CASE(SAMR_OPNUM_ConnectAnon)
1388		struct samr_ConnectAnon		ConnectAnon;
1389	CASE(SAMR_OPNUM_CloseHandle)
1390		struct samr_CloseHandle		CloseHandle;
1391	CASE(SAMR_OPNUM_LookupDomain)
1392		struct samr_LookupDomain	LookupDomain;
1393	CASE(SAMR_OPNUM_EnumLocalDomains)
1394		struct samr_EnumLocalDomain	EnumLocalDomain;
1395	CASE(SAMR_OPNUM_OpenDomain)
1396		struct samr_OpenDomain		OpenDomain;
1397	CASE(SAMR_OPNUM_QueryDomainInfo)
1398		struct samr_QueryDomainInfo	QueryDomainInfo;
1399	CASE(SAMR_OPNUM_QueryInfoDomain2)
1400		struct samr_QueryInfoDomain2	QueryInfoDomain2;
1401	CASE(SAMR_OPNUM_LookupNames)
1402		struct samr_LookupNames		LookupNames;
1403	CASE(SAMR_OPNUM_OpenUser)
1404		struct samr_OpenUser		OpenUser;
1405	CASE(SAMR_OPNUM_DeleteUser)
1406		struct samr_DeleteUser		DeleteUser;
1407	CASE(SAMR_OPNUM_QueryUserInfo)
1408		struct samr_QueryUserInfo	QueryUserInfo;
1409	CASE(SAMR_OPNUM_QueryUserGroups)
1410		struct samr_QueryUserGroups	QueryUserGroups;
1411	CASE(SAMR_OPNUM_OpenGroup)
1412		struct samr_OpenGroup		OpenGroup;
1413	CASE(SAMR_OPNUM_GetUserPwInfo)
1414		struct samr_GetUserPwInfo	GetUserPwInfo;
1415	CASE(SAMR_OPNUM_CreateUser)
1416		struct samr_CreateUser		CreateUser;
1417	CASE(SAMR_OPNUM_ChangeUserPasswd)
1418		struct samr_ChangeUserPasswd	ChangeUserPasswd;
1419	CASE(SAMR_OPNUM_GetDomainPwInfo)
1420		struct samr_GetDomainPwInfo	GetDomainPwInfo;
1421	CASE(SAMR_OPNUM_Connect)
1422		struct samr_Connect		Connect;
1423	CASE(SAMR_OPNUM_SetUserInfo)
1424		struct samr_SetUserInfo		SetUserInfo;
1425	CASE(SAMR_OPNUM_Connect3)
1426		struct samr_Connect3		Connect3;
1427	CASE(SAMR_OPNUM_Connect4)
1428		struct samr_Connect4		Connect4;
1429	CASE(SAMR_OPNUM_QueryDispInfo)
1430		struct samr_QueryDispInfo	QueryDispInfo;
1431	CASE(SAMR_OPNUM_OpenAlias)
1432		struct samr_OpenAlias		OpenAlias;
1433	CASE(SAMR_OPNUM_CreateDomainAlias)
1434		struct samr_CreateDomainAlias	CreateDomainAlias;
1435	CASE(SAMR_OPNUM_SetAliasInfo)
1436		struct samr_SetAliasInfo	SetAliasInfo;
1437	CASE(SAMR_OPNUM_QueryAliasInfo)
1438		struct samr_QueryAliasInfo	QueryAliasInfo;
1439	CASE(SAMR_OPNUM_DeleteDomainAlias)
1440		struct samr_DeleteDomainAlias	DeleteDomainAlias;
1441	CASE(SAMR_OPNUM_EnumDomainAliases)
1442		struct samr_EnumDomainAliases	EnumDomainAliases;
1443	CASE(SAMR_OPNUM_EnumDomainGroups)
1444		struct samr_EnumDomainGroups	EnumDomainGroups;
1445};
1446typedef union samr_interface	samr_interface_t;
1447EXTERNTYPEINFO(samr_interface)
1448
1449#endif /* _MLSVC_SAM_NDL_ */
1450