xref: /titanic_44/usr/src/uts/common/smbsrv/ndl/samrpc.ndl (revision 2fd415f4d49063706ad7fbc8b867ebe4a580b7fd)
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef _MLSVC_SAM_NDL_
27#define _MLSVC_SAM_NDL_
28
29/*
30 * Security Accounts Manager RPC (SAMR) interface definition.
31 */
32
33#include "ndrtypes.ndl"
34
35/* Windows NT */
36#define SAMR_OPNUM_ConnectAnon			0x00	/* SamrConnect */
37#define SAMR_OPNUM_CloseHandle			0x01
38#define SAMR_OPNUM_SetSecObject			0x02
39#define SAMR_OPNUM_QuerySecObject		0x03
40#define SAMR_OPNUM_ShutdownSamServer		0x04	/* NotUsedOnWire */
41#define SAMR_OPNUM_LookupDomain			0x05
42#define SAMR_OPNUM_EnumLocalDomains		0x06
43#define SAMR_OPNUM_OpenDomain			0x07
44#define SAMR_OPNUM_QueryDomainInfo		0x08
45#define SAMR_OPNUM_SetDomainInfo		0x09
46#define SAMR_OPNUM_CreateDomainGroup		0x0a
47#define SAMR_OPNUM_QueryDomainGroups		0x0b
48#define SAMR_OPNUM_CreateDomainUser		0x0c
49#define SAMR_OPNUM_EnumDomainUsers		0x0d
50#define SAMR_OPNUM_CreateDomainAlias		0x0e
51#define SAMR_OPNUM_EnumDomainAliases		0x0f
52#define SAMR_OPNUM_LookupIds			0x10	/* GetAliasMembership */
53#define SAMR_OPNUM_LookupNames			0x11
54#define SAMR_OPNUM_LookupDomainIds		0x12
55#define SAMR_OPNUM_OpenGroup			0x13
56#define SAMR_OPNUM_QueryGroupInfo		0x14
57#define SAMR_OPNUM_StoreGroupInfo		0x15
58#define SAMR_OPNUM_AddGroupMember		0x16
59#define SAMR_OPNUM_DeleteDomainGroup		0x17
60#define SAMR_OPNUM_DeleteGroupMember		0x18
61#define SAMR_OPNUM_ListGroupMembers		0x19
62#define SAMR_OPNUM_SetGroupMemberAttributes	0x1a
63#define SAMR_OPNUM_OpenAlias			0x1b
64#define SAMR_OPNUM_QueryAliasInfo		0x1c
65#define SAMR_OPNUM_SetAliasInfo			0x1d
66#define SAMR_OPNUM_DeleteDomainAlias		0x1e
67#define SAMR_OPNUM_AddAliasMember		0x1f
68#define SAMR_OPNUM_DeleteAliasMember		0x20
69#define SAMR_OPNUM_QueryAliasMember		0x21
70#define SAMR_OPNUM_OpenUser			0x22
71#define SAMR_OPNUM_DeleteUser			0x23
72#define SAMR_OPNUM_QueryUserInfo		0x24
73#define SAMR_OPNUM_SetUserInfo0			0x25	/* SetUserInfo */
74#define SAMR_OPNUM_ChangeUserPassword0		0x26	/* ChangeUserPassword */
75#define SAMR_OPNUM_QueryUserGroups		0x27
76#define SAMR_OPNUM_QueryDispInfo		0x28	/* QueryDispInfo1 */
77#define	SAMR_OPNUM_GetDisplayEnumIndex		0x29
78#define	SAMR_OPNUM_TestPrivateDomainFunctions	0x2a	/* NotUsedOnWire */
79#define	SAMR_OPNUM_TestPrivateUserFunctions	0x2b	/* NotUsedOnWire */
80#define SAMR_OPNUM_GetUserPwInfo		0x2c
81
82/* Windows 2000 */
83#define	SAMR_OPNUM_RemoveMemberFromForeignDomain        0x2d
84#define	SAMR_OPNUM_QueryInfoDomain2		0x2e
85#define	SAMR_OPNUM_QueryInfoUser2		0x2f
86#define	SAMR_OPNUM_EnumDomainGroups		0x30    /* QueryDispInfo2 */
87#define	SAMR_OPNUM_GetDisplayEnumIndex2		0x31
88#define	SAMR_OPNUM_CreateUser			0x32
89#define	SAMR_OPNUM_QueryDispInfo4		0x33
90#define	SAMR_OPNUM_AddMultipleAliasMembers	0x34
91#define	SAMR_OPNUM_RemoveMultipleAliasMembers	0x35
92#define	SAMR_OPNUM_ChangeUserOemPassword	0x36
93#define SAMR_OPNUM_ChangeUserPasswd		0x37	/* UnicodePasswd */
94#define SAMR_OPNUM_GetDomainPwInfo		0x38
95#define SAMR_OPNUM_Connect			0x39	/* SamrConnect2 */
96#define SAMR_OPNUM_SetUserInfo			0x3a
97#define	SAMR_OPNUM_SetBootKeyInformation	0x3b
98#define	SAMR_OPNUM_GetBootKeyInformation	0x3c
99#define	SAMR_OPNUM_Connect2			0x3d	/* SamrConnect3 */
100#define	SAMR_OPNUM_Connect3			0x3e	/* SamrConnect4 */
101#define	SAMR_OPNUM_ChangeUserUnicodePassword3	0x3f
102
103/* Windows XP and Windows Server 2003 */
104#define	SAMR_OPNUM_Connect4			0x40	/* SamrConnect5 */
105#define	SAMR_OPNUM_RidToSid                     0x41
106#define	SAMR_OPNUM_SetDSRMPassword              0x42
107#define	SAMR_OPNUM_ValidatePassword             0x43
108
109/* Windows Vista */
110#define SAMR_OPNUM_QueryLocalizableAccountsInDomain     0x44
111#define SAMR_OPNUM_PerformGenericOperation              0x45
112
113
114/*
115 * UNION_INFO_ENT is intended to simplify adding new entries to a union.
116 * If the entry structures are named using the form samr_QueryUserInfoX,
117 * where X is the sitch_value, you can just add a single line. Note
118 * that you must also update the fixup function in mlsvc_sam.c.
119 */
120#define UNION_INFO_ENT(N,NAME) CASE(N) struct NAME##N info##N
121
122
123/*
124 * Sam account flags used when creating an account. These flags seem
125 * to be very similar to the USER_INFO_X flags (UF_XXX) in lmaccess.h
126 * but the values are different.
127 */
128#define SAMR_AF_ACCOUNTDISABLE			0x0001
129#define SAMR_AF_HOMEDIR_REQUIRED		0x0002
130#define SAMR_AF_PASSWD_NOTREQD			0x0004
131#define SAMR_AF_TEMP_DUPLICATE_ACCOUNT		0x0008
132#define SAMR_AF_NORMAL_ACCOUNT			0x0010
133#define SAMR_AF_MNS_LOGON_ACCOUNT		0x0020
134#define SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT	0x0040
135#define SAMR_AF_WORKSTATION_TRUST_ACCOUNT	0x0080
136#define SAMR_AF_SERVER_TRUST_ACCOUNT		0x0100
137#define SAMR_AF_DONT_EXPIRE_PASSWD		0x0200
138#define SAMR_AF_ACCOUNT_AUTOLOCK		0x0400
139
140
141#define SAMR_AF_MACHINE_ACCOUNT_MASK	( \
142				SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT \
143				| SAMR_AF_WORKSTATION_TRUST_ACCOUNT \
144				| SAMR_AF_SERVER_TRUST_ACCOUNT)
145
146#define SAMR_AF_ACCOUNT_TYPE_MASK	( \
147				SAMR_AF_TEMP_DUPLICATE_ACCOUNT \
148				| SAMR_AF_NORMAL_ACCOUNT \
149				| SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT \
150				| SAMR_AF_WORKSTATION_TRUST_ACCOUNT \
151				| SAMR_AF_SERVER_TRUST_ACCOUNT)
152
153/*
154 * QueryUserInfo UserAllInformation WhichFields
155 */
156#define	SAMR_USER_ALL_USERNAME			0x00000001
157#define	SAMR_USER_ALL_FULLNAME			0x00000002
158#define	SAMR_USER_ALL_USERID			0x00000004
159#define	SAMR_USER_ALL_PRIMARYGROUPID		0x00000008
160#define	SAMR_USER_ALL_ADMINCOMMENT		0x00000010
161#define	SAMR_USER_ALL_USERCOMMENT		0x00000020
162#define	SAMR_USER_ALL_HOMEDIRECTORY		0x00000040
163#define	SAMR_USER_ALL_HOMEDIRECTORYDRIVE	0x00000080
164#define	SAMR_USER_ALL_SCRIPTPATH		0x00000100
165#define	SAMR_USER_ALL_PROFILEPATH		0x00000200
166#define	SAMR_USER_ALL_WORKSTATIONS		0x00000400
167#define	SAMR_USER_ALL_LASTLOGON			0x00000800
168#define	SAMR_USER_ALL_LASTLOGOFF		0x00001000
169#define	SAMR_USER_ALL_LOGONHOURS		0x00002000
170#define	SAMR_USER_ALL_BADPASSWORDCOUNT		0x00004000
171#define	SAMR_USER_ALL_LOGONCOUNT		0x00008000
172#define	SAMR_USER_ALL_PASSWORDCANCHANGE		0x00010000
173#define	SAMR_USER_ALL_PASSWORDMUSTCHANGE	0x00020000
174#define	SAMR_USER_ALL_PASSWORDLASTSET		0x00040000
175#define	SAMR_USER_ALL_ACCOUNTEXPIRES		0x00080000
176#define	SAMR_USER_ALL_USERACCOUNTCONTROL	0x00100000
177#define	SAMR_USER_ALL_PARAMETERS		0x00200000
178#define	SAMR_USER_ALL_COUNTRYCODE		0x00400000
179#define	SAMR_USER_ALL_CODEPAGE			0x00800000
180#define	SAMR_USER_ALL_NTPASSWORDPRESENT		0x01000000
181#define	SAMR_USER_ALL_LMPASSWORDPRESENT		0x02000000
182#define	SAMR_USER_ALL_PRIVATEDATA		0x04000000
183#define	SAMR_USER_ALL_PASSWORDEXPIRED		0x08000000
184#define	SAMR_USER_ALL_SECURITYDESCRIPTOR	0x10000000
185#define	SAMR_USER_ALL_UNDEFINED_MASK		0xC0000000
186
187/*
188 * specific access rights which can be used in OpenAlias.
189 * extracted from Ethereal network analyzer
190 */
191#define SAMR_ALIAS_ACCESS_SET_INFO		0x00000010
192#define SAMR_ALIAS_ACCESS_GET_INFO		0x00000008
193#define SAMR_ALIAS_ACCESS_GET_MEMBERS		0x00000004
194#define SAMR_ALIAS_ACCESS_DEL_MEMBER		0x00000002
195#define SAMR_ALIAS_ACCESS_ADD_MEMBER		0x00000001
196
197#define	SAMR_REVISION_1			1	/* Pre Windows 2000 */
198#define	SAMR_REVISION_2			2	/* Windows 2000 */
199#define	SAMR_REVISION_3			3	/* Post Windows 2000 */
200
201/*
202 * Definition for a SID. The ndl compiler does not allow a typedef of
203 * a structure containing variable size members.
204 */
205struct samr_sid {
206	BYTE		Revision;
207	BYTE		SubAuthCount;
208	BYTE		Authority[6];
209  SIZE_IS(SubAuthCount)
210	DWORD		SubAuthority[ANY_SIZE_ARRAY];
211};
212
213
214/*
215 * SAMR definition of a security_descriptor.
216 */
217struct samr_sec_desc {
218	BYTE Revision;
219	BYTE Sbz1;
220	WORD Control;
221	struct samr_sid *owner;
222	struct samr_sid *group;
223	struct samr_sid *sacl;
224	struct samr_sid *dacl;
225};
226
227struct samr_sd {
228	DWORD length;
229  SIZE_IS(length)
230	BYTE *data;
231};
232typedef struct samr_sd samr_sd_t;
233
234/*
235 * Definition for a string. The length and allosize should be set to
236 * twice the string length (i.e. strlen(str) * 2). The runtime code
237 * will perform the appropriate string to a wide-char conversions,
238 * so str should point to a regular char * string.
239 */
240struct samr_string {
241	WORD		length;
242	WORD		allosize;
243	LPTSTR		str;
244};
245typedef struct samr_string samr_string_t;
246
247
248/*
249 * Alternative varying/conformant string definition - for
250 * non-null terminated strings. This definition must match
251 * ndr_vcbuf_t.
252 */
253struct samr_vcb {
254	/*
255	 * size_is (actually a copy of length_is) will
256	 * be inserted here by the marshalling library.
257	 */
258	DWORD vc_first_is;
259	DWORD vc_length_is;
260  SIZE_IS(vc_length_is)
261	WORD buffer[ANY_SIZE_ARRAY];
262};
263
264struct samr_vcbuf {
265	WORD wclen;
266	WORD wcsize;
267	struct samr_vcb *vcb;
268};
269typedef struct samr_vcbuf samr_vcbuf_t;
270
271CONTEXT_HANDLE(samr_handle) samr_handle_t;
272
273/*
274 * OLD_LARGE_INTEGER: a 64-bit value.
275 */
276struct samr_quad {
277	DWORD low;
278	DWORD high;
279};
280typedef struct samr_quad samr_quad_t;
281
282/*
283 * Blob used for the NT and LM OWF passwords.
284 * The length and maxlen should be 16.
285 */
286struct samr_short_blob {
287	WORD	length;
288	WORD	maxlen;
289  SIZE_IS(length / 2)
290	WORD	*buf;
291};
292
293/*
294 * There is some sort of logon bitmap structure in here, which I
295 * think is a varying and conformant array, i.e.
296 *
297 *	struct samr_logon_hours {
298 *      DWORD size_is;		(1260)
299 *      DWORD first_is;		(zero)
300 *      DWORD length_is;	(168)
301 *      BYTE bitmap[21];
302 *  };
303 *
304 *	struct samr_logon_info {
305 *		DWORD length;
306 *	SIZE_IS(length / 8)
307 *		struct samr_logon_hours *hours;
308 *	};
309 *
310 * There are 10080 minutes/week => 10080/8 = 1260 (0x04EC).
311 * So size_is is set as some sort of maximum.
312 *
313 * There are 168 hours/week => 168/8 = 21 (0xA8). Since there are 21
314 * bytes (all set to 0xFF), this is is probably the default setting.
315 */
316
317#define SAMR_MINS_PER_WEEK		10080
318#define SAMR_HOURS_PER_WEEK		168
319
320#define SAMR_HOURS_MAX_SIZE		(SAMR_MINS_PER_WEEK / 8)
321#define SAMR_HOURS_SET_LEN(LEN)		((LEN) / 8)
322#define SAMR_SET_USER_HOURS_SZ		21
323
324struct samr_logon_hours {
325	DWORD size;
326	DWORD first;
327	DWORD length;
328	BYTE bitmap[SAMR_SET_USER_HOURS_SZ];
329};
330
331struct samr_logon_info {
332	DWORD units;
333	DWORD hours;
334};
335
336struct samr_logon_hours_all {
337	WORD	units_per_week;
338  SIZE_IS(units_per_week / 8)
339	BYTE	*hours;
340};
341
342struct samr_oem_password {
343	BYTE password[512];
344	DWORD length;
345};
346
347/*
348 ***********************************************************************
349 * ConnectAnon. It looks like the SAM handle is identical to an LSA
350 * handle. See Connect.
351 ***********************************************************************
352 */
353OPERATION(SAMR_OPNUM_ConnectAnon)
354struct samr_ConnectAnon {
355	IN	DWORD *servername;
356	IN	DWORD access_mask;
357	OUT	samr_handle_t handle;
358	OUT	DWORD status;
359};
360
361
362/*
363 ***********************************************************************
364 * Connect. I'm not sure what the difference is between Connect and
365 * ConnectAnon but this call seems to work better than ConnectAnon.
366 ***********************************************************************
367 */
368OPERATION(SAMR_OPNUM_Connect)
369struct samr_Connect {
370	IN	LPTSTR servername;
371	IN	DWORD access_mask;
372	OUT	samr_handle_t handle;
373	OUT	DWORD status;
374};
375
376
377/*
378 ***********************************************************************
379 * SamrConnect3. A new form of connect first seen with Windows 2000.
380 * A new field has been added to the input request. Value: 0x00000002.
381 * I haven't looked at the Win2K response yet to see if it differs
382 * from SAMR_OPNUM_Connect.
383 ***********************************************************************
384 */
385OPERATION(SAMR_OPNUM_Connect3)
386struct samr_Connect3 {
387	IN	LPTSTR servername;
388	IN	DWORD revision;
389	IN	DWORD access_mask;
390	OUT	samr_handle_t handle;
391	OUT	DWORD status;
392};
393
394
395/*
396 ***********************************************************************
397 * SamrConnect4. A new form of connect first seen with Windows XP.
398 * The server name is the fully qualified domain name, i.e.
399 *	\\server.sun.com.
400 *
401 * [in]  DWORD	 InVersion,
402 * [in]  [switch_is(InVersion)]    samr_revision_info *InRevisionInfo
403 * [out] DWORD	 *OutVersion
404 * [out] [switch_is(*OutVersion)] *samr_revision_info *OutRevisionInfo
405 *
406 * SupportedFeatures (see notes in [MS-SAMR]
407 *	0x00000001	RID values returned from the server must not be
408 *			concatenated with the domain SID.
409 *	0x00000002	Reserved
410 *	0x00000004	Reserved
411 ***********************************************************************
412 */
413struct samr_revision_info1 {
414	DWORD revision;
415	DWORD supported_features;
416};
417typedef struct samr_revision_info1 samr_revision_info1_t;
418
419union samr_revision_info {
420	UNION_INFO_ENT(1,samr_revision_info);
421	DEFAULT	char *nullptr;
422};
423
424OPERATION(SAMR_OPNUM_Connect4)
425struct samr_Connect4 {
426	IN		LPTSTR servername;
427	IN		DWORD access_mask;
428	INOUT	DWORD unknown2_00000001;
429	INOUT	DWORD unknown3_00000001;
430	INOUT	DWORD unknown4_00000003;
431	INOUT	DWORD unknown5_00000000;
432	OUT		samr_handle_t handle;
433	OUT		DWORD status;
434};
435
436
437/*
438 ***********************************************************************
439 * CloseHandle closes an association with the SAM. Using the same
440 * structure as the LSA seems to work.
441 ***********************************************************************
442 */
443OPERATION(SAMR_OPNUM_CloseHandle)
444struct samr_CloseHandle {
445	IN	samr_handle_t handle;
446	OUT	samr_handle_t result_handle;
447	OUT	DWORD status;
448};
449
450
451/*
452 ***********************************************************************
453 * LookupDomain: lookup up the domain SID.
454 ***********************************************************************
455 */
456OPERATION(SAMR_OPNUM_LookupDomain)
457struct samr_LookupDomain {
458	IN	samr_handle_t handle;
459	IN	samr_string_t domain_name;
460	OUT struct samr_sid *sid;
461	OUT	DWORD status;
462};
463
464
465/*
466 ***********************************************************************
467 * EnumLocalDomain
468 *
469 * This looks like a request to get the local domains supported by a
470 * remote server. NT always seems to return 2 domains: the local
471 * domain (hostname) and the Builtin domain.
472 *
473 * The max_length field is set to 0x2000.
474 * Enum_context is set to 0 in the request and set to entries_read in
475 * the reply. Like most of these enums, total_entries is the same as
476 * entries_read.
477 ***********************************************************************
478 */
479struct samr_LocalDomainEntry {
480	DWORD unknown;
481	samr_string_t name;
482};
483
484struct samr_LocalDomainInfo {
485	DWORD entries_read;
486  SIZE_IS(entries_read)
487	struct samr_LocalDomainEntry *entry;
488};
489
490
491OPERATION(SAMR_OPNUM_EnumLocalDomains)
492struct samr_EnumLocalDomain {
493	IN		samr_handle_t handle;
494	INOUT	DWORD enum_context;
495	IN		DWORD max_length;
496	OUT		struct samr_LocalDomainInfo *info;
497	OUT		DWORD total_entries;
498	OUT		DWORD status;
499};
500
501
502/*
503 ***********************************************************************
504 * OpenDomain
505 *
506 * Open a specific domain within the SAM. From this I assume that each
507 * SAM can handle multiple domains so you need to identify the one with
508 * which you want to work. Working with a domain handle does appear to
509 * offer the benefit that you can then use RIDs instead of full SIDs,
510 * which simplifies things a bit. The domain handle can be used to get
511 * user and group handles.
512 ***********************************************************************
513 */
514OPERATION(SAMR_OPNUM_OpenDomain)
515struct samr_OpenDomain {
516	IN	samr_handle_t handle;
517	IN	DWORD access_mask;
518	IN REFERENCE struct samr_sid *sid;
519	OUT	samr_handle_t domain_handle;
520	OUT	DWORD status;
521};
522
523
524/*
525 ***********************************************************************
526 * QueryDomainInfo
527 *
528 * Windows 95 Server Manager sends requests for levels 6 and 7 when
529 * the services menu item is selected.
530 ***********************************************************************
531 */
532#define SAMR_QUERY_DOMAIN_INFO_2		2
533#define SAMR_QUERY_DOMAIN_INFO_6		6
534#define SAMR_QUERY_DOMAIN_INFO_7		7
535
536
537struct samr_QueryDomainInfo2 {
538	DWORD unknown1;			/* 00 00 00 00 */
539	DWORD unknown2;			/* 00 00 00 80 */
540	samr_string_t s1;
541	samr_string_t domain;
542	samr_string_t s2;
543	DWORD sequence_num;		/* 2B 00 00 00 */
544	DWORD unknown3;			/* 00 00 00 00 */
545	DWORD unknown4;			/* 01 00 00 00 */
546	DWORD unknown5;			/* 03 00 00 00 */
547	DWORD unknown6;			/* 01 */
548	DWORD num_users;
549	DWORD num_groups;
550	DWORD num_aliases;
551};
552
553
554struct samr_QueryDomainInfo6 {
555	DWORD unknown1;			/* 00 00 00 00 */
556	DWORD unknown2;			/* B0 7F 14 00 */
557	DWORD unknown3;			/* 00 00 00 00 */
558	DWORD unknown4;			/* 00 00 00 00 */
559	DWORD unknown5;			/* 00 00 00 00 */
560};
561
562
563struct samr_QueryDomainInfo7 {
564	DWORD unknown1;			/* 03 00 00 00 */
565};
566
567
568union samr_QueryDomainInfo_ru {
569	UNION_INFO_ENT(2,samr_QueryDomainInfo);
570	UNION_INFO_ENT(6,samr_QueryDomainInfo);
571	UNION_INFO_ENT(7,samr_QueryDomainInfo);
572	DEFAULT	char *nullptr;
573};
574
575struct samr_QueryDomainInfoRes {
576	WORD switch_value;
577	SWITCH(switch_value)
578		union samr_QueryDomainInfo_ru ru;
579};
580
581OPERATION(SAMR_OPNUM_QueryDomainInfo)
582struct samr_QueryDomainInfo {
583	IN	samr_handle_t domain_handle;
584	IN	WORD info_level;
585	OUT	struct samr_QueryDomainInfoRes *info;
586	OUT	DWORD status;
587};
588
589#define SAMR_QUERY_ALIAS_INFO_1			1
590#define SAMR_QUERY_ALIAS_INFO_3			3
591
592
593struct samr_QueryAliasInfo1 {
594	WORD level;
595	samr_string_t name;
596	DWORD unknown;
597	samr_string_t desc;
598};
599
600struct samr_QueryAliasInfo3 {
601	WORD level;
602	samr_string_t desc;
603};
604
605union samr_QueryAliasInfo_ru {
606	UNION_INFO_ENT(1,samr_QueryAliasInfo);
607	UNION_INFO_ENT(3,samr_QueryAliasInfo);
608	DEFAULT	char *nullptr;
609};
610
611struct samr_QueryAliasInfoRes {
612	DWORD address;
613	WORD switch_value;
614	SWITCH(switch_value)
615		union samr_QueryAliasInfo_ru ru;
616};
617
618OPERATION(SAMR_OPNUM_QueryAliasInfo)
619struct samr_QueryAliasInfo {
620	IN	samr_handle_t alias_handle;
621	IN	WORD level;
622	OUT DWORD address;
623  SWITCH (level)
624	OUT	union samr_QueryAliasInfo_ru ru;
625	OUT	DWORD status;
626};
627
628OPERATION(SAMR_OPNUM_CreateDomainAlias)
629struct samr_CreateDomainAlias {
630	IN	samr_handle_t domain_handle;
631	IN	samr_string_t alias_name;
632	IN	DWORD access_mask;
633	OUT samr_handle_t alias_handle;
634	OUT	DWORD rid;
635	OUT	DWORD status;
636};
637
638OPERATION(SAMR_OPNUM_SetAliasInfo)
639struct samr_SetAliasInfo {
640	IN	samr_handle_t alias_handle;
641	IN	WORD level;
642	/* TBD */
643	OUT	DWORD status;
644};
645
646OPERATION(SAMR_OPNUM_DeleteDomainAlias)
647struct samr_DeleteDomainAlias {
648	IN	samr_handle_t alias_handle;
649	OUT	DWORD status;
650};
651
652OPERATION(SAMR_OPNUM_OpenAlias)
653struct samr_OpenAlias {
654	IN	samr_handle_t domain_handle;
655	IN	DWORD access_mask;
656	IN	DWORD rid;
657	OUT samr_handle_t alias_handle;
658	OUT	DWORD status;
659};
660
661struct name_rid {
662	DWORD rid;
663	samr_string_t name;
664};
665
666struct aliases_info {
667	DWORD count;
668	DWORD address;
669	SIZE_IS(count)
670	struct name_rid info[ANY_SIZE_ARRAY];
671};
672
673OPERATION(SAMR_OPNUM_EnumDomainAliases)
674struct samr_EnumDomainAliases {
675	IN	samr_handle_t domain_handle;
676	IN	DWORD resume_handle;
677	IN	DWORD mask;
678	OUT	DWORD out_resume;
679	OUT struct aliases_info *aliases;
680	OUT DWORD entries;
681	OUT	DWORD status;
682};
683
684struct user_acct_info {
685	DWORD index;
686	DWORD rid;
687	DWORD ctrl;
688	samr_string_t name;
689	samr_string_t fullname;
690	samr_string_t desc;
691};
692
693struct user_disp_info {
694	OUT DWORD total_size;
695	OUT DWORD returned_size;
696	OUT WORD switch_value;
697	DWORD count;
698	SIZE_IS(count)
699	struct user_acct_info *acct;
700};
701
702OPERATION(SAMR_OPNUM_QueryDispInfo)
703struct samr_QueryDispInfo {
704	IN	samr_handle_t domain_handle;
705	IN	WORD level;
706	IN	DWORD start_idx;
707	IN	DWORD max_entries;
708	IN	DWORD pref_maxsize;
709	OUT struct user_disp_info users;
710	OUT	DWORD status;
711};
712
713struct group_acct_info {
714	DWORD index;
715	DWORD rid;
716	DWORD ctrl;
717	samr_string_t name;
718	samr_string_t desc;
719};
720
721struct group_disp_info {
722	DWORD count;
723	/* right now we just need one entry */
724	struct group_acct_info acct[1];
725};
726
727OPERATION(SAMR_OPNUM_EnumDomainGroups)
728struct samr_EnumDomainGroups {
729	IN	samr_handle_t domain_handle;
730	IN	WORD level;
731	IN	DWORD start_idx;
732	IN	DWORD max_entries;
733	IN	DWORD pref_maxsize;
734	OUT DWORD total_size;
735	OUT DWORD returned_size;
736	OUT WORD switch_value;
737	OUT DWORD count;
738	OUT struct group_disp_info *groups;
739	OUT	DWORD status;
740};
741
742/*
743 ***********************************************************************
744 * OpenUser
745 *
746 * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain,
747 * an access mask and the appropriate user rid. The output will be a
748 * handle for use with the specified user.
749 ***********************************************************************
750 */
751OPERATION(SAMR_OPNUM_OpenUser)
752struct samr_OpenUser {
753	IN	samr_handle_t handle;
754	IN	DWORD access_mask;
755	IN	DWORD rid;
756	OUT	samr_handle_t user_handle;
757	OUT	DWORD status;
758};
759
760
761/*
762 ***********************************************************************
763 * DeleteUser
764 ***********************************************************************
765 */
766OPERATION(SAMR_OPNUM_DeleteUser)
767struct samr_DeleteUser {
768	INOUT	samr_handle_t user_handle;
769	OUT	DWORD status;
770};
771
772
773/*
774 ***********************************************************************
775 * QueryUserInfo
776 *
777 * Provides various pieces of information on a specific user (see
778 * SAM_Q_QUERY_USERINFO and SAM_R_QUERY_USERINFO). The handle must
779 * be a valid SAM user handle.
780 *
781 * QueryUserInfo (
782 *	IN samr_handle_t user_handle,
783 *	IN WORD switch_value,
784 *	OUT union switch(switch_value) {
785 *		case 1: struct QueryUserInfo1 *info1;
786 *	} bufptr,
787 *	OUT DWORD status
788 * )
789 *
790 * typedef enum _USER_INFORMATION_CLASS {
791 *	UserGeneralInformation		= 1,
792 *	UserPreferencesInformation	= 2,
793 *	UserLogonInformation		= 3,
794 *	UserLogonHoursInformation	= 4,
795 *	UserAccountInformation		= 5,
796 *	UserNameInformation		= 6,
797 *	UserAccountNameInformation	= 7,
798 *	UserFullNameInformation		= 8,
799 *	UserPrimaryGroupInformation	= 9,
800 *	UserHomeInformation		= 10,
801 *	UserScriptInformation		= 11,
802 *	UserProfileInformation		= 12,
803 *	UserAdminCommentInformation	= 13,
804 *	UserWorkStationsInformation	= 14,
805 *	UserControlInformation		= 16,
806 *	UserExpiresInformation		= 17,
807 *	UserInternal1Information	= 18,
808 *	UserParametersInformation	= 20,
809 *	UserAllInformation		= 21,
810 *	UserInternal4Information	= 23,
811 *	UserInternal5Information	= 24,
812 *	UserInternal4InformationNew	= 25,
813 *	UserInternal5InformationNew	= 26,
814 * } USER_INFORMATION_CLASS;
815 *
816 * 1 = username, fullname, description and some other stuff.
817 * 3 = large structure containing user rid, group rid, username
818 *     and fullname.
819 * 5 = large structure (like 3) containing user rid, group rid,
820 *     username, fullname and description.
821 * 6 = username and fullname
822 * 7 = username
823 * 8 = fullname
824 * 9 = group rid
825 * 16 = used after creating a new account
826 *
827 * Due to an ndrgen bug, a function must be provided to to patch the
828 * offsets used by the unmarshalling code at runtime.  In order to
829 * simplify things it is useful to use a naming convention that
830 * indicates the switch value for each structure.
831 *
832 ***********************************************************************
833 */
834
835
836#define SAMR_QUERY_USER_INFO_1			1
837#define SAMR_QUERY_USER_UNAME_AND_FNAME		6
838#define SAMR_QUERY_USER_USERNAME		7
839#define SAMR_QUERY_USER_FULLNAME		8
840#define SAMR_QUERY_USER_GROUPRID		9
841#define SAMR_QUERY_USER_CONTROL_INFO		16
842#define SAMR_QUERY_USER_ALL_INFO		21
843
844
845struct samr_QueryUserInfo1 {
846	samr_string_t username;
847	samr_string_t fullname;
848	DWORD group_rid;
849	samr_string_t description;
850	samr_string_t unknown;
851};
852
853
854struct samr_QueryUserInfo6 {
855	samr_string_t username;
856	samr_string_t fullname;
857};
858
859struct samr_QueryUserInfo7 {
860	samr_string_t username;
861};
862
863
864struct samr_QueryUserInfo8 {
865	samr_string_t fullname;
866};
867
868
869struct samr_QueryUserInfo9 {
870	DWORD group_rid;
871};
872
873
874struct samr_QueryUserInfo16 {
875	DWORD unknown;
876};
877
878/*
879 * SAMR_USER_ALL_INFORMATION
880 */
881struct samr_QueryUserInfo21 {
882	samr_quad_t		LastLogon;
883	samr_quad_t		LastLogoff;
884	samr_quad_t		PasswordLastSet;
885	samr_quad_t		AccountExpires;
886	samr_quad_t		PasswordCanChange;
887	samr_quad_t		PasswordMustChange;
888	samr_string_t		UserName;
889	samr_string_t		FullName;
890	samr_string_t		HomeDirectory;
891	samr_string_t		HomeDirectoryDrive;
892	samr_string_t		ScriptPath;
893	samr_string_t		ProfilePath;
894	samr_string_t		AdminComment;
895	samr_string_t		WorkStations;
896	samr_string_t		UserComment;
897	samr_string_t		Parameters;
898	struct samr_short_blob	LmOwfPassword;
899	struct samr_short_blob	NtOwfPassword;
900	samr_string_t		PrivateData;
901	samr_sd_t		SecurityDescriptor;
902	DWORD			UserId;
903	DWORD			PrimaryGroupId;
904	DWORD			UserAccountControl;
905	DWORD			WhichFields;
906	struct samr_logon_hours_all	LogonHours;
907	WORD			BadPasswordCount;
908	WORD			LogonCount;
909	WORD			CountryCode;
910	WORD			CodePage;
911	BYTE			LmPasswordPresent;
912	BYTE			NtPasswordPresent;
913	BYTE			PasswordExpired;
914	BYTE			PrivateDataSensitive;
915};
916
917union QueryUserInfo_result_u {
918	UNION_INFO_ENT(1,samr_QueryUserInfo);
919	UNION_INFO_ENT(6,samr_QueryUserInfo);
920	UNION_INFO_ENT(7,samr_QueryUserInfo);
921	UNION_INFO_ENT(8,samr_QueryUserInfo);
922	UNION_INFO_ENT(9,samr_QueryUserInfo);
923	UNION_INFO_ENT(16,samr_QueryUserInfo);
924	UNION_INFO_ENT(21,samr_QueryUserInfo);
925	DEFAULT	char *nullptr;
926};
927
928
929/*
930 * This structure needs to be declared, even though it can't be used in
931 * samr_QueryUserInfo, in order to get the appropriate size to calculate
932 * the correct fixup offsets.  If ndrgen did the right thing,
933 * QueryUserInfo_result would be one of the out parameters.  However, if
934 * we do it that way, the switch_value isn't known early enough to do
935 * the fixup calculation.  So it all has to go in samr_QueryUserInfo.
936 */
937struct QueryUserInfo_result {
938	DWORD address;
939	WORD switch_value;
940	SWITCH(switch_value)
941		union QueryUserInfo_result_u ru;
942};
943
944
945OPERATION(SAMR_OPNUM_QueryUserInfo)
946struct samr_QueryUserInfo {
947	IN	samr_handle_t user_handle;
948	IN	WORD switch_value;
949	/*
950	 * Can't use this form because we need to include members explicitly.
951	 * OUT	struct QueryUserInfo_result result;
952	 */
953	OUT	DWORD address;
954	OUT	WORD switch_index;
955  SWITCH(switch_value)
956	OUT	union QueryUserInfo_result_u ru;
957	OUT	DWORD status;
958};
959
960
961/*
962 ***********************************************************************
963 * QueryUserGroups
964 ***********************************************************************
965 */
966struct samr_UserGroups {
967	DWORD rid;
968	DWORD attr;
969};
970
971
972struct samr_UserGroupInfo {
973	DWORD n_entry;
974  SIZE_IS(n_entry)
975	struct samr_UserGroups *groups;
976};
977
978
979OPERATION(SAMR_OPNUM_QueryUserGroups)
980struct samr_QueryUserGroups {
981	IN	samr_handle_t user_handle;
982	OUT struct samr_UserGroupInfo *info;
983	OUT	DWORD status;
984};
985
986
987/*
988 ***********************************************************************
989 * LookupName
990 ***********************************************************************
991 */
992struct samr_LookupNameTable {
993	DWORD n_entry;
994  SIZE_IS(n_entry)
995	samr_string_t names[ANY_SIZE_ARRAY];
996};
997
998
999struct samr_LookupRidTable {
1000	DWORD n_entry;
1001  SIZE_IS(n_entry)
1002	DWORD *rid;
1003};
1004
1005struct samr_RidType {
1006	DWORD n_entry;
1007  SIZE_IS(n_entry)
1008	DWORD *rid_type;
1009};
1010
1011
1012OPERATION(SAMR_OPNUM_LookupNames)
1013struct samr_LookupNames {
1014	IN	samr_handle_t handle;
1015	IN	DWORD n_entry;
1016	IN	DWORD max_n_entry;
1017	IN	DWORD index;
1018	IN	DWORD total;
1019	IN	samr_string_t name;
1020	OUT	struct samr_LookupRidTable rids;
1021	OUT	struct samr_RidType rid_types;
1022	OUT	DWORD status;
1023};
1024
1025
1026/*
1027 ***********************************************************************
1028 * OpenGroup
1029 *
1030 * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain,
1031 * an access mask and the appropriate group rid. The output will be a
1032 * handle for use with the specified group.
1033 ***********************************************************************
1034 */
1035OPERATION(SAMR_OPNUM_OpenGroup)
1036struct samr_OpenGroup {
1037	IN	samr_handle_t handle;
1038	IN	DWORD access_mask;
1039	IN	DWORD rid;
1040	OUT	samr_handle_t group_handle;
1041	OUT	DWORD status;
1042};
1043
1044
1045/*
1046 ***********************************************************************
1047 * QueryGroupInfo
1048 *
1049 * Input must be a group handle obtained via SAMR_OPNUM_OpenGroup,
1050 * an access mask and the appropriate group rid. The output will
1051 * be a handle for use with the specified group.
1052 ***********************************************************************
1053 */
1054struct samr_QueryGroupInfo1 {
1055	samr_string_t groupname;
1056};
1057
1058
1059union samr_QueryGroupInfo_result_u {
1060	UNION_INFO_ENT(1,samr_QueryGroupInfo);
1061	DEFAULT	char *nullptr;
1062};
1063
1064
1065struct samr_QueryGroupInfo_result {
1066	DWORD address;
1067	WORD switch_index;
1068  SWITCH(switch_index)
1069	union samr_QueryGroupInfo_result_u ru;
1070};
1071
1072
1073OPERATION(SAMR_OPNUM_QueryGroupInfo)
1074struct samr_QueryGroupInfo {
1075	IN	samr_handle_t group_handle;
1076	IN	DWORD switch_value;
1077	OUT	DWORD address;
1078	OUT	WORD switch_index;
1079  SWITCH(switch_index)
1080	OUT	union samr_QueryGroupInfo_result_u ru;
1081	OUT	DWORD status;
1082};
1083
1084
1085/*
1086 ***********************************************************************
1087 * StoreGroupInfo
1088 *
1089 * This definition is mostly just a place holder in case this is useful
1090 * in the future. Note that it may not be correct. The information is
1091 * from a netmon trace captured when I added a group description. I
1092 * haven't implemented it because we don't have to update anything on
1093 * the PDC. The description should almost certainly be in a separate
1094 * structure.
1095 ***********************************************************************
1096 */
1097OPERATION(SAMR_OPNUM_StoreGroupInfo)
1098struct samr_StoreGroupInfo {
1099	IN	samr_handle_t group_handle;
1100	IN	DWORD switch_value;
1101	IN	samr_string_t group_description;
1102	OUT	DWORD status;
1103};
1104
1105
1106/*
1107 ***********************************************************************
1108 * Request 0x2c is a user request. The only parameter is a user handle.
1109 * The response is 12 bytes of the form:
1110 *		unknown: 00 00 BB 01 (443)
1111 *		unknown: 00 00 00 00
1112 *		status:  00 00 00 00
1113 * RPC book lists this as GetUsrDomPwInfo.
1114 ***********************************************************************
1115 */
1116struct samr_UserPwInfo {
1117	WORD	unknown1;
1118	WORD	unknown2;
1119	DWORD	unknown3;
1120};
1121
1122
1123OPERATION(SAMR_OPNUM_GetUserPwInfo)
1124struct samr_GetUserPwInfo {
1125	IN	samr_handle_t user_handle;
1126	OUT struct samr_UserPwInfo pw_info;
1127	OUT	DWORD status;
1128};
1129
1130
1131/*
1132 ***********************************************************************
1133 * CreateUser
1134 *
1135 * Create a user in the domain specified by the domain handle. The
1136 * domain handle is obtained obtained via SAMR_OPNUM_OpenDomain.
1137 * DesiredAccess: 0xe00500b0.
1138 * The output will be a handle for use with the specified user and the
1139 * user's RID. I think the RID may be a unique pointer (it can be null).
1140 ***********************************************************************
1141 */
1142OPERATION(SAMR_OPNUM_CreateUser)
1143struct samr_CreateUser {
1144	IN	samr_handle_t handle;
1145	IN	samr_vcbuf_t username;
1146	IN	DWORD account_flags;
1147	IN	DWORD desired_access;
1148	OUT	samr_handle_t user_handle;
1149	OUT	DWORD maybe_ptr;
1150	OUT	DWORD rid;
1151	OUT	DWORD status;
1152};
1153
1154
1155/*
1156 ***********************************************************************
1157 * ChangeUserPasswd
1158 ***********************************************************************
1159 */
1160struct samr_newpasswd {
1161	BYTE data[516];
1162};
1163
1164
1165struct samr_oldpasswd {
1166	BYTE data[16];
1167};
1168
1169
1170OPERATION(SAMR_OPNUM_ChangeUserPasswd)
1171struct samr_ChangeUserPasswd {
1172	IN	LPTSTR servername;
1173	IN	LPTSTR username;
1174	IN	struct samr_newpasswd *nt_newpasswd;
1175	IN	struct samr_oldpasswd *nt_oldpasswd;
1176	IN	struct samr_newpasswd *lm_newpasswd;
1177	IN	struct samr_oldpasswd *lm_oldpasswd;
1178	OUT	DWORD status;
1179};
1180
1181
1182/*
1183 ***********************************************************************
1184 * GetDomainPwInfo
1185 ***********************************************************************
1186 */
1187OPERATION(SAMR_OPNUM_GetDomainPwInfo)
1188struct samr_GetDomainPwInfo {
1189	IN	LPTSTR servername;
1190	OUT	WORD unknown0;
1191	OUT	WORD unknown1;
1192	OUT	WORD unknown2;
1193	OUT	DWORD status;
1194};
1195
1196
1197/*
1198 ***********************************************************************
1199 * SetUserInfo
1200 *
1201 *	+++ 20 byte user handle and the union switch_value +++
1202 *	00 00 00 00 77 F2 DD D5 66 48 D4 11 AD 5F D1 CD
1203 *	18 43 7A DF 17 00 17 00
1204 *
1205 *	+++ 14 dwords (56 bytes) of zeros +++
1206 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1207 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1208 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1209 *	00 00 00 00 00 00 00 00
1210 *
1211 *	+++ 9 sets of something - 72 bytes +++
1212 *	00 00 02 00 D0 04 8A 77
1213 *	00 00 02 00 D0 04 8A 77
1214 *	00 00 02 00 D0 04 8A 77
1215 *	00 00 02 00 D0 04 8A 77
1216 *	00 00 02 00 D0 04 8A 77
1217 *	00 00 02 00 D0 04 8A 77
1218 *	00 00 02 00 D0 04 8A 77
1219 *	00 00 02 00 D0 04 8A 77
1220 *	00 00 02 00 D0 04 8A 77
1221 *
1222 *	+++ 9 DWORD zeros +++
1223 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1224 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1225 *	00 00 00 00
1226 *
1227 *	+++ miscellaneous +++
1228 *	01 02 00 00
1229 *	80 00 00 00
1230 *	FA 27 F8 09
1231 *	A8 00 00 00 70 F1 14 00
1232 *	00 00 00 00 00 00 00 00 00 00 00 00
1233 *
1234 *	+++ encrypted password buffer - 512 bytes +++
1235 *	76 68 E8 AA 23 4F 62 C4 81 4E 30 B8 92 29 66 B9
1236 *	12 FF 3A 84 82 3A 55 0F C7 18 EA 56 86 50 D7 C5
1237 *	43 BA 9C F8 32 D4 E0 15 74 A1 6F E1 59 C2 F2 95
1238 *	53 A9 F2 68 9F 7F 29 B9 88 4C 65 A5 C1 DC 0B 44
1239 *	B8 3C ED 74 D1 6A F7 09 66 97 94 6B 2C 3A A5 88
1240 *	39 34 C6 FE 24 59 30 2D CF 6D 7F D5 EC B1 9A 84
1241 *	E6 57 96 29 40 32 FB 62 9D 93 E2 BE D8 A3 74 88
1242 *	8B 85 BC A0 76 D6 C9 DB 8C AF 81 BD 8A F0 08 8D
1243 *	23 B0 52 FD 69 DE EF A1 36 E5 30 19 BD DA 67 A3
1244 *	81 BD 3F D0 2A A2 8F 60 62 B0 8D 34 9E A4 4F 20
1245 *	4E 79 93 82 58 A8 E5 6F 7A DC 12 13 33 E6 74 02
1246 *	4C 32 F9 FC 1A E1 C5 0D E2 CC 36 8D FC 72 87 DD
1247 *	6C 44 E3 6F 4B FD 46 10 08 89 E5 64 B8 27 14 83
1248 *	E7 08 DE CF 69 C7 E1 40 63 DF CB 67 95 73 03 1B
1249 *	CA 99 E1 1B 53 2A 89 6B 30 39 CD 5C DF A0 8A 1C
1250 *	4E 50 74 7C 6D 3D E7 EA E9 B2 97 DD 38 7B DA EC
1251 *	1A AD DA CE C4 58 9B 29 F3 6D 30 70 4E 63 6D 84
1252 *	DB DC 5B CD 9A 4E 57 9C E4 65 5D 4F 76 E3 C7 52
1253 *	8B 3B 20 0A 3B 4C 4B B1 2E 5B 4D AB BA 2F 45 6A
1254 *	CA 17 AD 9F C0 B2 07 FB 56 7F E4 3F 9F D4 C6 8C
1255 *	A1 05 BF 53 42 1E 67 F4 57 54 E3 2C 38 CF E1 94
1256 *	75 69 F7 4E 5C 74 CC B3 FD EF 73 3F D5 28 22 EC
1257 *	9B 40 E1 1D 65 44 7C BB 69 88 57 10 05 3A C5 48
1258 *	8E 4F 77 DB 1A 5C 49 9C D5 06 00 AC 79 BC 7E 89
1259 *	B0 01 66 70 88 A2 E5 DF 96 DC 75 98 10 12 45 02
1260 *	33 35 6C DF 74 8B 14 2F 26 C6 FD 7A B4 D0 A6 7D
1261 *	DE 2B 13 44 EF 34 46 4D 9D 3E C3 75 BC 11 B4 41
1262 *	27 58 25 1E AF AA F0 BB DA 27 7A 1E AE 81 1A 78
1263 *	44 19 DE FC C4 7C 4E 32 44 F7 57 2A 41 A2 85 DC
1264 *	C0 AD 5D 6B 58 FD 2E 75 25 B9 F2 B6 19 82 E5 0E
1265 *	B6 69 0D C1 27 A9 B6 40 A6 50 49 E5 CB 17 98 65
1266 *	88 18 CA E4 1D 2E 20 F7 DE 8E 7D F2 9D A5 6B CD
1267 *
1268 *	D6 79 45 71
1269 *
1270 *	+++ table of 9 things +++
1271 *	01 00 00 00 00 00 00 00 00 00 00 00
1272 *	01 00 00 00 00 00 00 00 00 00 00 00
1273 *	01 00 00 00 00 00 00 00 00 00 00 00
1274 *	01 00 00 00 00 00 00 00 00 00 00 00
1275 *	01 00 00 00 00 00 00 00 00 00 00 00
1276 *	01 00 00 00 00 00 00 00 00 00 00 00
1277 *	01 00 00 00 00 00 00 00 00 00 00 00
1278 *	01 00 00 00 00 00 00 00 00 00 00 00
1279 *	01 00 00 00 00 00 00 00 00 00 00 00
1280 *
1281 *	+++ miscellaneous +++
1282 *	EC 04 00 00 00 00 00 00 15 00 00 00
1283 *	FF FF FF FF FF FF FF FF FF FF FF FF
1284 *	FF FF FF FF FF FF FF FF FF
1285 *
1286 ***********************************************************************
1287 */
1288
1289#define SAMR_SET_USER_INFO_23		23
1290#define SAMR_SET_USER_DATA_SZ		516
1291
1292struct samr_SetUserInfo23 {
1293	samr_quad_t logon_time;			/* 00 00 00 00 00 00 00 00 */
1294	samr_quad_t logoff_time;		/* 00 00 00 00 00 00 00 00 */
1295	samr_quad_t kickoff_time;		/* 00 00 00 00 00 00 00 00 */
1296	samr_quad_t passwd_last_set_time;	/* 00 00 00 00 00 00 00 00 */
1297	samr_quad_t passwd_can_change_time;	/* 00 00 00 00 00 00 00 00 */
1298	samr_quad_t passwd_must_change_time;	/* 00 00 00 00 00 00 00 00 */
1299
1300	samr_vcbuf_t user_name;			/* 00 00 00 00 00 00 00 00 */
1301	samr_vcbuf_t full_name;			/* 00 00 02 00 D0 04 8A 77 */
1302	samr_vcbuf_t home_dir;			/* 00 00 02 00 D0 04 8A 77 */
1303	samr_vcbuf_t home_drive;		/* 00 00 02 00 D0 04 8A 77 */
1304	samr_vcbuf_t logon_script;		/* 00 00 02 00 D0 04 8A 77 */
1305	samr_vcbuf_t profile_path;		/* 00 00 02 00 D0 04 8A 77 */
1306	samr_vcbuf_t acct_desc;			/* 00 00 02 00 D0 04 8A 77 */
1307	samr_vcbuf_t workstations;		/* 00 00 02 00 D0 04 8A 77 */
1308	samr_vcbuf_t unknown1;			/* 00 00 02 00 D0 04 8A 77 */
1309	samr_vcbuf_t unknown2;			/* 00 00 02 00 D0 04 8A 77 */
1310	samr_vcbuf_t lm_password;		/* 00 00 00 00 00 00 00 00 */
1311	samr_vcbuf_t nt_password;		/* 00 00 00 00 00 00 00 00 */
1312	samr_vcbuf_t unknown3;			/* 00 00 00 00 00 00 00 00 */
1313
1314	struct samr_sd sd;			/* 00 00 00 00 00 00 00 00 */
1315	DWORD user_rid;				/* 00 00 00 00 */
1316	DWORD group_rid;			/* 01 02 00 00 */
1317	DWORD acct_info;			/* 80 00 00 00 */
1318	DWORD flags;				/* FA 27 F8 09 */
1319	struct samr_logon_info logon_info;  /* A8 00 00 00 70 F1 14 00->0xFF */
1320	/*
1321	 * The following 12 bytes are encoded in Ethereal as:
1322	 *
1323	 *	WORD bad_pwd_count;
1324	 *	WORD logon_count;
1325	 *
1326	 *	WORD country;			(default 0)
1327	 *	WORD codepage;
1328	 *
1329	 *	BYTE nt_pwd_set;
1330	 *	BYTE lm_pwd_set;
1331	 *	BYTE expired_flag;
1332	 *	BYTE unknown_char;
1333	 */
1334	DWORD unknown4_zero;			/* 00 00 00 00 */
1335	DWORD unknown5_zero;			/* 00 00 00 00 */
1336	DWORD unknown6_zero;			/* 00 00 00 00 */
1337	BYTE password[SAMR_SET_USER_DATA_SZ];
1338};
1339
1340
1341union samr_SetUserInfo_u {
1342	UNION_INFO_ENT(23,samr_SetUserInfo);
1343	DEFAULT	char *nullptr;
1344};
1345
1346
1347struct samr_SetUserInfo_s {
1348	WORD index;
1349	WORD switch_value;
1350  SWITCH(switch_value)
1351	union samr_SetUserInfo_u ru;
1352};
1353
1354
1355/*
1356	IN	DWORD unknown_04EC;
1357	IN	DWORD unknown_zero;
1358	IN	DWORD logon_bitmap_size;
1359	IN	BYTE logon_bitmap[SAMR_SET_USER_HOURS_SZ];
1360*/
1361OPERATION(SAMR_OPNUM_SetUserInfo)
1362struct samr_SetUserInfo {
1363	IN	samr_handle_t user_handle;
1364	IN	struct samr_SetUserInfo_s info;
1365	IN	struct samr_logon_hours logon_hours;
1366	OUT	DWORD status;
1367};
1368
1369
1370/*
1371 ***********************************************************************
1372 * The SAMR interface definition.
1373 ***********************************************************************
1374 */
1375INTERFACE(0)
1376union samr_interface {
1377	CASE(SAMR_OPNUM_ConnectAnon)
1378		struct samr_ConnectAnon		ConnectAnon;
1379	CASE(SAMR_OPNUM_CloseHandle)
1380		struct samr_CloseHandle		CloseHandle;
1381	CASE(SAMR_OPNUM_LookupDomain)
1382		struct samr_LookupDomain	LookupDomain;
1383	CASE(SAMR_OPNUM_EnumLocalDomains)
1384		struct samr_EnumLocalDomain	EnumLocalDomain;
1385	CASE(SAMR_OPNUM_OpenDomain)
1386		struct samr_OpenDomain		OpenDomain;
1387	CASE(SAMR_OPNUM_QueryDomainInfo)
1388		struct samr_QueryDomainInfo	QueryDomainInfo;
1389	CASE(SAMR_OPNUM_LookupNames)
1390		struct samr_LookupNames		LookupNames;
1391	CASE(SAMR_OPNUM_OpenUser)
1392		struct samr_OpenUser		OpenUser;
1393	CASE(SAMR_OPNUM_DeleteUser)
1394		struct samr_DeleteUser		DeleteUser;
1395	CASE(SAMR_OPNUM_QueryUserInfo)
1396		struct samr_QueryUserInfo	QueryUserInfo;
1397	CASE(SAMR_OPNUM_QueryUserGroups)
1398		struct samr_QueryUserGroups	QueryUserGroups;
1399	CASE(SAMR_OPNUM_OpenGroup)
1400		struct samr_OpenGroup		OpenGroup;
1401	CASE(SAMR_OPNUM_GetUserPwInfo)
1402		struct samr_GetUserPwInfo	GetUserPwInfo;
1403	CASE(SAMR_OPNUM_CreateUser)
1404		struct samr_CreateUser		CreateUser;
1405	CASE(SAMR_OPNUM_ChangeUserPasswd)
1406		struct samr_ChangeUserPasswd	ChangeUserPasswd;
1407	CASE(SAMR_OPNUM_GetDomainPwInfo)
1408		struct samr_GetDomainPwInfo	GetDomainPwInfo;
1409	CASE(SAMR_OPNUM_Connect)
1410		struct samr_Connect		Connect;
1411	CASE(SAMR_OPNUM_SetUserInfo)
1412		struct samr_SetUserInfo		SetUserInfo;
1413	CASE(SAMR_OPNUM_Connect3)
1414		struct samr_Connect3		Connect3;
1415	CASE(SAMR_OPNUM_Connect4)
1416		struct samr_Connect4		Connect4;
1417	CASE(SAMR_OPNUM_QueryDispInfo)
1418		struct samr_QueryDispInfo	QueryDispInfo;
1419	CASE(SAMR_OPNUM_OpenAlias)
1420		struct samr_OpenAlias		OpenAlias;
1421	CASE(SAMR_OPNUM_CreateDomainAlias)
1422		struct samr_CreateDomainAlias	CreateDomainAlias;
1423	CASE(SAMR_OPNUM_SetAliasInfo)
1424		struct samr_SetAliasInfo	SetAliasInfo;
1425	CASE(SAMR_OPNUM_QueryAliasInfo)
1426		struct samr_QueryAliasInfo	QueryAliasInfo;
1427	CASE(SAMR_OPNUM_DeleteDomainAlias)
1428		struct samr_DeleteDomainAlias	DeleteDomainAlias;
1429	CASE(SAMR_OPNUM_EnumDomainAliases)
1430		struct samr_EnumDomainAliases	EnumDomainAliases;
1431	CASE(SAMR_OPNUM_EnumDomainGroups)
1432		struct samr_EnumDomainGroups	EnumDomainGroups;
1433};
1434typedef union samr_interface	samr_interface_t;
1435EXTERNTYPEINFO(samr_interface)
1436
1437#endif /* _MLSVC_SAM_NDL_ */
1438