xref: /titanic_50/usr/src/uts/common/smbsrv/ndl/samrpc.ndl (revision eef90b8611c0908d0d8deb269e914563046e39dd) 
1da6c28aaSamw/*
2da6c28aaSamw * CDDL HEADER START
3da6c28aaSamw *
4da6c28aaSamw * The contents of this file are subject to the terms of the
5da6c28aaSamw * Common Development and Distribution License (the "License").
6da6c28aaSamw * You may not use this file except in compliance with the License.
7da6c28aaSamw *
8da6c28aaSamw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9da6c28aaSamw * or http://www.opensolaris.org/os/licensing.
10da6c28aaSamw * See the License for the specific language governing permissions
11da6c28aaSamw * and limitations under the License.
12da6c28aaSamw *
13da6c28aaSamw * When distributing Covered Code, include this CDDL HEADER in each
14da6c28aaSamw * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15da6c28aaSamw * If applicable, add the following below this CDDL HEADER, with the
16da6c28aaSamw * fields enclosed by brackets "[]" replaced with your own identifying
17da6c28aaSamw * information: Portions Copyright [yyyy] [name of copyright owner]
18da6c28aaSamw *
19da6c28aaSamw * CDDL HEADER END
20da6c28aaSamw */
211ed6b69aSGordon Ross
22da6c28aaSamw/*
23c5866007SKeyur Desai * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24*eef90b86SGordon Ross * Copyright 2015 Nexenta Systems, Inc.  All rights reserved.
25da6c28aaSamw */
26da6c28aaSamw
27da6c28aaSamw#ifndef _MLSVC_SAM_NDL_
28da6c28aaSamw#define _MLSVC_SAM_NDL_
29da6c28aaSamw
30da6c28aaSamw/*
31da6c28aaSamw * Security Accounts Manager RPC (SAMR) interface definition.
32da6c28aaSamw */
33da6c28aaSamw
34da6c28aaSamw#include "ndrtypes.ndl"
35da6c28aaSamw
36a0aa776eSAlan Wright/* Windows NT */
37cb174861Sjoyce mcintosh#define SAMR_OPNUM_Connect			0x00	/* SamrConnect */
38da6c28aaSamw#define SAMR_OPNUM_CloseHandle			0x01
39a0aa776eSAlan Wright#define SAMR_OPNUM_SetSecObject			0x02
40da6c28aaSamw#define SAMR_OPNUM_QuerySecObject		0x03
41a0aa776eSAlan Wright#define SAMR_OPNUM_ShutdownSamServer		0x04	/* NotUsedOnWire */
42da6c28aaSamw#define SAMR_OPNUM_LookupDomain			0x05
43da6c28aaSamw#define SAMR_OPNUM_EnumLocalDomains		0x06
44da6c28aaSamw#define SAMR_OPNUM_OpenDomain			0x07
45da6c28aaSamw#define SAMR_OPNUM_QueryDomainInfo		0x08
46a0aa776eSAlan Wright#define SAMR_OPNUM_SetDomainInfo		0x09
47da6c28aaSamw#define SAMR_OPNUM_CreateDomainGroup		0x0a
48da6c28aaSamw#define SAMR_OPNUM_QueryDomainGroups		0x0b
49a0aa776eSAlan Wright#define SAMR_OPNUM_CreateDomainUser		0x0c
50da6c28aaSamw#define SAMR_OPNUM_EnumDomainUsers		0x0d
51da6c28aaSamw#define SAMR_OPNUM_CreateDomainAlias		0x0e
52da6c28aaSamw#define SAMR_OPNUM_EnumDomainAliases		0x0f
53a0aa776eSAlan Wright#define SAMR_OPNUM_LookupIds			0x10	/* GetAliasMembership */
54da6c28aaSamw#define SAMR_OPNUM_LookupNames			0x11
55da6c28aaSamw#define SAMR_OPNUM_LookupDomainIds		0x12
56da6c28aaSamw#define SAMR_OPNUM_OpenGroup			0x13
57da6c28aaSamw#define SAMR_OPNUM_QueryGroupInfo		0x14
58da6c28aaSamw#define SAMR_OPNUM_StoreGroupInfo		0x15
59da6c28aaSamw#define SAMR_OPNUM_AddGroupMember		0x16
60da6c28aaSamw#define SAMR_OPNUM_DeleteDomainGroup		0x17
61da6c28aaSamw#define SAMR_OPNUM_DeleteGroupMember		0x18
62da6c28aaSamw#define SAMR_OPNUM_ListGroupMembers		0x19
63a0aa776eSAlan Wright#define SAMR_OPNUM_SetGroupMemberAttributes	0x1a
64da6c28aaSamw#define SAMR_OPNUM_OpenAlias			0x1b
65da6c28aaSamw#define SAMR_OPNUM_QueryAliasInfo		0x1c
66da6c28aaSamw#define SAMR_OPNUM_SetAliasInfo			0x1d
67da6c28aaSamw#define SAMR_OPNUM_DeleteDomainAlias		0x1e
68da6c28aaSamw#define SAMR_OPNUM_AddAliasMember		0x1f
69da6c28aaSamw#define SAMR_OPNUM_DeleteAliasMember		0x20
70c5866007SKeyur Desai#define SAMR_OPNUM_ListAliasMembers		0x21
71da6c28aaSamw#define SAMR_OPNUM_OpenUser			0x22
72da6c28aaSamw#define SAMR_OPNUM_DeleteUser			0x23
73da6c28aaSamw#define SAMR_OPNUM_QueryUserInfo		0x24
74a0aa776eSAlan Wright#define SAMR_OPNUM_SetUserInfo0			0x25	/* SetUserInfo */
75a0aa776eSAlan Wright#define SAMR_OPNUM_ChangeUserPassword0		0x26	/* ChangeUserPassword */
76da6c28aaSamw#define SAMR_OPNUM_QueryUserGroups		0x27
77da6c28aaSamw#define SAMR_OPNUM_QueryDispInfo		0x28	/* QueryDispInfo1 */
78a0aa776eSAlan Wright#define	SAMR_OPNUM_GetDisplayEnumIndex		0x29
79a0aa776eSAlan Wright#define	SAMR_OPNUM_TestPrivateDomainFunctions	0x2a	/* NotUsedOnWire */
80a0aa776eSAlan Wright#define	SAMR_OPNUM_TestPrivateUserFunctions	0x2b	/* NotUsedOnWire */
81da6c28aaSamw#define SAMR_OPNUM_GetUserPwInfo		0x2c
82a0aa776eSAlan Wright
83a0aa776eSAlan Wright/* Windows 2000 */
84a0aa776eSAlan Wright#define	SAMR_OPNUM_RemoveMemberFromForeignDomain        0x2d
85a0aa776eSAlan Wright#define	SAMR_OPNUM_QueryInfoDomain2		0x2e
86a0aa776eSAlan Wright#define	SAMR_OPNUM_QueryInfoUser2		0x2f
87a0aa776eSAlan Wright#define	SAMR_OPNUM_EnumDomainGroups		0x30    /* QueryDispInfo2 */
88a0aa776eSAlan Wright#define	SAMR_OPNUM_GetDisplayEnumIndex2		0x31
89da6c28aaSamw#define	SAMR_OPNUM_CreateUser			0x32
90da6c28aaSamw#define	SAMR_OPNUM_QueryDispInfo4		0x33
91a0aa776eSAlan Wright#define	SAMR_OPNUM_AddMultipleAliasMembers	0x34
92a0aa776eSAlan Wright#define	SAMR_OPNUM_RemoveMultipleAliasMembers	0x35
93a0aa776eSAlan Wright#define	SAMR_OPNUM_ChangeUserOemPassword	0x36
941ed6b69aSGordon Ross#define SAMR_OPNUM_ChangePasswordUser2		0x37	/* UnicodePasswd */
95da6c28aaSamw#define SAMR_OPNUM_GetDomainPwInfo		0x38
96cb174861Sjoyce mcintosh#define SAMR_OPNUM_Connect2                     0x39    /* SamrConnect2 */
971ed6b69aSGordon Ross#define SAMR_OPNUM_SetUserInfo			0x3a	/* SetInfoUser2 */
98a0aa776eSAlan Wright#define	SAMR_OPNUM_SetBootKeyInformation	0x3b
99a0aa776eSAlan Wright#define	SAMR_OPNUM_GetBootKeyInformation	0x3c
100cb174861Sjoyce mcintosh#define	SAMR_OPNUM_Connect3			0x3d	/* NotUsedOnWire */
101cb174861Sjoyce mcintosh#define	SAMR_OPNUM_Connect4			0x3e	/* SamrConnect4 */
102a0aa776eSAlan Wright#define	SAMR_OPNUM_ChangeUserUnicodePassword3	0x3f
103a0aa776eSAlan Wright
104a0aa776eSAlan Wright/* Windows XP and Windows Server 2003 */
105cb174861Sjoyce mcintosh#define	SAMR_OPNUM_Connect5			0x40	/* SamrConnect5 */
106a0aa776eSAlan Wright#define	SAMR_OPNUM_RidToSid                     0x41
107a0aa776eSAlan Wright#define	SAMR_OPNUM_SetDSRMPassword              0x42
108a0aa776eSAlan Wright#define	SAMR_OPNUM_ValidatePassword             0x43
109a0aa776eSAlan Wright
110a0aa776eSAlan Wright/* Windows Vista */
111a0aa776eSAlan Wright#define SAMR_OPNUM_QueryLocalizableAccountsInDomain     0x44
112a0aa776eSAlan Wright#define SAMR_OPNUM_PerformGenericOperation              0x45
113da6c28aaSamw
114da6c28aaSamw
115da6c28aaSamw/*
116da6c28aaSamw * Sam account flags used when creating an account. These flags seem
117da6c28aaSamw * to be very similar to the USER_INFO_X flags (UF_XXX) in lmaccess.h
118da6c28aaSamw * but the values are different.
119da6c28aaSamw */
120da6c28aaSamw#define SAMR_AF_ACCOUNTDISABLE			0x0001
121da6c28aaSamw#define SAMR_AF_HOMEDIR_REQUIRED		0x0002
122da6c28aaSamw#define SAMR_AF_PASSWD_NOTREQD			0x0004
123da6c28aaSamw#define SAMR_AF_TEMP_DUPLICATE_ACCOUNT		0x0008
124da6c28aaSamw#define SAMR_AF_NORMAL_ACCOUNT			0x0010
125da6c28aaSamw#define SAMR_AF_MNS_LOGON_ACCOUNT		0x0020
126da6c28aaSamw#define SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT	0x0040
127da6c28aaSamw#define SAMR_AF_WORKSTATION_TRUST_ACCOUNT	0x0080
128da6c28aaSamw#define SAMR_AF_SERVER_TRUST_ACCOUNT		0x0100
129da6c28aaSamw#define SAMR_AF_DONT_EXPIRE_PASSWD		0x0200
130da6c28aaSamw#define SAMR_AF_ACCOUNT_AUTOLOCK		0x0400
131da6c28aaSamw
132da6c28aaSamw
133da6c28aaSamw#define SAMR_AF_MACHINE_ACCOUNT_MASK	( \
134da6c28aaSamw				SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT \
135da6c28aaSamw				| SAMR_AF_WORKSTATION_TRUST_ACCOUNT \
136da6c28aaSamw				| SAMR_AF_SERVER_TRUST_ACCOUNT)
137da6c28aaSamw
138da6c28aaSamw#define SAMR_AF_ACCOUNT_TYPE_MASK	( \
139da6c28aaSamw				SAMR_AF_TEMP_DUPLICATE_ACCOUNT \
140da6c28aaSamw				| SAMR_AF_NORMAL_ACCOUNT \
141da6c28aaSamw				| SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT \
142da6c28aaSamw				| SAMR_AF_WORKSTATION_TRUST_ACCOUNT \
143da6c28aaSamw				| SAMR_AF_SERVER_TRUST_ACCOUNT)
144da6c28aaSamw
145fe1c642dSBill Krier/*
146fe1c642dSBill Krier * QueryUserInfo UserAllInformation WhichFields
147fe1c642dSBill Krier */
148fe1c642dSBill Krier#define	SAMR_USER_ALL_USERNAME			0x00000001
149fe1c642dSBill Krier#define	SAMR_USER_ALL_FULLNAME			0x00000002
150fe1c642dSBill Krier#define	SAMR_USER_ALL_USERID			0x00000004
151fe1c642dSBill Krier#define	SAMR_USER_ALL_PRIMARYGROUPID		0x00000008
152fe1c642dSBill Krier#define	SAMR_USER_ALL_ADMINCOMMENT		0x00000010
153fe1c642dSBill Krier#define	SAMR_USER_ALL_USERCOMMENT		0x00000020
154fe1c642dSBill Krier#define	SAMR_USER_ALL_HOMEDIRECTORY		0x00000040
155fe1c642dSBill Krier#define	SAMR_USER_ALL_HOMEDIRECTORYDRIVE	0x00000080
156fe1c642dSBill Krier#define	SAMR_USER_ALL_SCRIPTPATH		0x00000100
157fe1c642dSBill Krier#define	SAMR_USER_ALL_PROFILEPATH		0x00000200
158fe1c642dSBill Krier#define	SAMR_USER_ALL_WORKSTATIONS		0x00000400
159fe1c642dSBill Krier#define	SAMR_USER_ALL_LASTLOGON			0x00000800
160fe1c642dSBill Krier#define	SAMR_USER_ALL_LASTLOGOFF		0x00001000
161fe1c642dSBill Krier#define	SAMR_USER_ALL_LOGONHOURS		0x00002000
162fe1c642dSBill Krier#define	SAMR_USER_ALL_BADPASSWORDCOUNT		0x00004000
163fe1c642dSBill Krier#define	SAMR_USER_ALL_LOGONCOUNT		0x00008000
164fe1c642dSBill Krier#define	SAMR_USER_ALL_PASSWORDCANCHANGE		0x00010000
165fe1c642dSBill Krier#define	SAMR_USER_ALL_PASSWORDMUSTCHANGE	0x00020000
166fe1c642dSBill Krier#define	SAMR_USER_ALL_PASSWORDLASTSET		0x00040000
167fe1c642dSBill Krier#define	SAMR_USER_ALL_ACCOUNTEXPIRES		0x00080000
168fe1c642dSBill Krier#define	SAMR_USER_ALL_USERACCOUNTCONTROL	0x00100000
169fe1c642dSBill Krier#define	SAMR_USER_ALL_PARAMETERS		0x00200000
170fe1c642dSBill Krier#define	SAMR_USER_ALL_COUNTRYCODE		0x00400000
171fe1c642dSBill Krier#define	SAMR_USER_ALL_CODEPAGE			0x00800000
172fe1c642dSBill Krier#define	SAMR_USER_ALL_NTPASSWORDPRESENT		0x01000000
173fe1c642dSBill Krier#define	SAMR_USER_ALL_LMPASSWORDPRESENT		0x02000000
174fe1c642dSBill Krier#define	SAMR_USER_ALL_PRIVATEDATA		0x04000000
175fe1c642dSBill Krier#define	SAMR_USER_ALL_PASSWORDEXPIRED		0x08000000
176fe1c642dSBill Krier#define	SAMR_USER_ALL_SECURITYDESCRIPTOR	0x10000000
1771ed6b69aSGordon Ross#define	SAMR_USER_ALL_OWF_PASSWORD		0x20000000
178fe1c642dSBill Krier#define	SAMR_USER_ALL_UNDEFINED_MASK		0xC0000000
179da6c28aaSamw
180da6c28aaSamw/*
181c5866007SKeyur Desai * Alias Access Mask values for SAMR
182c5866007SKeyur Desai * Section 2.2.1.6 of MS-SAMR
183da6c28aaSamw */
184c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_EXECUTE		0x00020008
185c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_WRITE			0x00020013
186c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_READ			0x00020004
187c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_ALL_ACCESS		0x000F001F
188c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_WRITE_ACCOUNT		0x00000010
189c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_READ_INFO		0x00000008
190c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_LIST_MEMBERS		0x00000004
191c5866007SKeyur Desai#define SAMR_ALIAS_ACCESS_REMOVE_MEMBER		0x00000002
192da6c28aaSamw#define SAMR_ALIAS_ACCESS_ADD_MEMBER		0x00000001
193da6c28aaSamw
194a0aa776eSAlan Wright#define	SAMR_REVISION_1			1	/* Pre Windows 2000 */
195a0aa776eSAlan Wright#define	SAMR_REVISION_2			2	/* Windows 2000 */
196a0aa776eSAlan Wright#define	SAMR_REVISION_3			3	/* Post Windows 2000 */
197a0aa776eSAlan Wright
198da6c28aaSamw/*
199da6c28aaSamw * Definition for a SID. The ndl compiler does not allow a typedef of
200da6c28aaSamw * a structure containing variable size members.
2011ed6b69aSGordon Ross * Note: cast compatible with smb_sid_t, and code depends on that.
202da6c28aaSamw */
203da6c28aaSamwstruct samr_sid {
204da6c28aaSamw	BYTE		Revision;
205da6c28aaSamw	BYTE		SubAuthCount;
206da6c28aaSamw	BYTE		Authority[6];
207da6c28aaSamw  SIZE_IS(SubAuthCount)
208da6c28aaSamw	DWORD		SubAuthority[ANY_SIZE_ARRAY];
209da6c28aaSamw};
210da6c28aaSamw
211da6c28aaSamw
212da6c28aaSamw/*
213da6c28aaSamw * SAMR definition of a security_descriptor.
214da6c28aaSamw */
215da6c28aaSamwstruct samr_sec_desc {
216da6c28aaSamw	BYTE Revision;
217da6c28aaSamw	BYTE Sbz1;
218da6c28aaSamw	WORD Control;
219da6c28aaSamw	struct samr_sid *owner;
220da6c28aaSamw	struct samr_sid *group;
221da6c28aaSamw	struct samr_sid *sacl;
222da6c28aaSamw	struct samr_sid *dacl;
223da6c28aaSamw};
224da6c28aaSamw
225fe1c642dSBill Krierstruct samr_sd {
226fe1c642dSBill Krier	DWORD length;
227fe1c642dSBill Krier  SIZE_IS(length)
228fe1c642dSBill Krier	BYTE *data;
229fe1c642dSBill Krier};
230fe1c642dSBill Kriertypedef struct samr_sd samr_sd_t;
231da6c28aaSamw
232da6c28aaSamw/*
2331ed6b69aSGordon Ross * See RPC_STRING in the MS IDL.
234da6c28aaSamw * Definition for a string. The length and allosize should be set to
235da6c28aaSamw * twice the string length (i.e. strlen(str) * 2). The runtime code
236da6c28aaSamw * will perform the appropriate string to a wide-char conversions,
237da6c28aaSamw * so str should point to a regular char * string.
238da6c28aaSamw */
239da6c28aaSamwstruct samr_string {
240da6c28aaSamw	WORD		length;
241da6c28aaSamw	WORD		allosize;
242da6c28aaSamw	LPTSTR		str;
243da6c28aaSamw};
244da6c28aaSamwtypedef struct samr_string samr_string_t;
245da6c28aaSamw
246da6c28aaSamw
247da6c28aaSamw/*
248da6c28aaSamw * Alternative varying/conformant string definition - for
249da6c28aaSamw * non-null terminated strings. This definition must match
2508d7e4166Sjose borrego * ndr_vcbuf_t.
251da6c28aaSamw */
252da6c28aaSamwstruct samr_vcb {
253da6c28aaSamw	/*
254da6c28aaSamw	 * size_is (actually a copy of length_is) will
255da6c28aaSamw	 * be inserted here by the marshalling library.
256da6c28aaSamw	 */
257da6c28aaSamw	DWORD vc_first_is;
258da6c28aaSamw	DWORD vc_length_is;
259da6c28aaSamw  SIZE_IS(vc_length_is)
260da6c28aaSamw	WORD buffer[ANY_SIZE_ARRAY];
261da6c28aaSamw};
262da6c28aaSamw
263da6c28aaSamwstruct samr_vcbuf {
264da6c28aaSamw	WORD wclen;
265da6c28aaSamw	WORD wcsize;
266da6c28aaSamw	struct samr_vcb *vcb;
267da6c28aaSamw};
268da6c28aaSamwtypedef struct samr_vcbuf samr_vcbuf_t;
269da6c28aaSamw
2708d7e4166Sjose borregoCONTEXT_HANDLE(samr_handle) samr_handle_t;
271da6c28aaSamw
272da6c28aaSamw/*
273fe1c642dSBill Krier * OLD_LARGE_INTEGER: a 64-bit value.
274da6c28aaSamw */
275da6c28aaSamwstruct samr_quad {
276da6c28aaSamw	DWORD low;
277da6c28aaSamw	DWORD high;
278da6c28aaSamw};
279da6c28aaSamwtypedef struct samr_quad samr_quad_t;
280da6c28aaSamw
281fe1c642dSBill Krier/*
282fe1c642dSBill Krier * Blob used for the NT and LM OWF passwords.
283fe1c642dSBill Krier * The length and maxlen should be 16.
284fe1c642dSBill Krier */
285fe1c642dSBill Krierstruct samr_short_blob {
286fe1c642dSBill Krier	WORD	length;
287fe1c642dSBill Krier	WORD	maxlen;
288fe1c642dSBill Krier  SIZE_IS(length / 2)
289fe1c642dSBill Krier	WORD	*buf;
290fe1c642dSBill Krier};
291fe1c642dSBill Krier
292f96bd5c8SAlan Wright#define	DOMAIN_PASSWORD_COMPLEX			0x00000001
293f96bd5c8SAlan Wright#define	DOMAIN_PASSWORD_NO_ANON_CHANGE		0x00000002
294f96bd5c8SAlan Wright#define	DOMAIN_PASSWORD_NO_CLEAR_CHANGE		0x00000004
295f96bd5c8SAlan Wright#define	DOMAIN_LOCKOUT_ADMINS			0x00000008
296f96bd5c8SAlan Wright#define	DOMAIN_PASSWORD_STORE_CLEARTEXT		0x00000010
297f96bd5c8SAlan Wright#define	DOMAIN_REFUSE_PASSWORD_CHANGE		0x00000020
298f96bd5c8SAlan Wright
299f96bd5c8SAlan Wrightstruct samr_password_info {
300f96bd5c8SAlan Wright	WORD	min_length;
301f96bd5c8SAlan Wright	DWORD	properties;
302f96bd5c8SAlan Wright};
303f96bd5c8SAlan Wrighttypedef struct samr_password_info samr_password_info_t;
304f96bd5c8SAlan Wright
305fe1c642dSBill Krier/*
306fe1c642dSBill Krier * There is some sort of logon bitmap structure in here, which I
307fe1c642dSBill Krier * think is a varying and conformant array, i.e.
308fe1c642dSBill Krier *
309fe1c642dSBill Krier *	struct samr_logon_hours {
310fe1c642dSBill Krier *      DWORD size_is;		(1260)
311fe1c642dSBill Krier *      DWORD first_is;		(zero)
312fe1c642dSBill Krier *      DWORD length_is;	(168)
313fe1c642dSBill Krier *      BYTE bitmap[21];
314fe1c642dSBill Krier *  };
315fe1c642dSBill Krier *
316fe1c642dSBill Krier *	struct samr_logon_info {
317fe1c642dSBill Krier *		DWORD length;
318fe1c642dSBill Krier *	SIZE_IS(length / 8)
319fe1c642dSBill Krier *		struct samr_logon_hours *hours;
320fe1c642dSBill Krier *	};
321fe1c642dSBill Krier *
322fe1c642dSBill Krier * There are 10080 minutes/week => 10080/8 = 1260 (0x04EC).
323fe1c642dSBill Krier * So size_is is set as some sort of maximum.
324fe1c642dSBill Krier *
325fe1c642dSBill Krier * There are 168 hours/week => 168/8 = 21 (0xA8). Since there are 21
326fe1c642dSBill Krier * bytes (all set to 0xFF), this is is probably the default setting.
327fe1c642dSBill Krier */
328fe1c642dSBill Krier
329fe1c642dSBill Krier#define SAMR_MINS_PER_WEEK		10080
330fe1c642dSBill Krier#define SAMR_HOURS_PER_WEEK		168
331fe1c642dSBill Krier
332fe1c642dSBill Krier#define SAMR_HOURS_MAX_SIZE		(SAMR_MINS_PER_WEEK / 8)
333fe1c642dSBill Krier#define SAMR_HOURS_SET_LEN(LEN)		((LEN) / 8)
334fe1c642dSBill Krier#define SAMR_SET_USER_HOURS_SZ		21
335fe1c642dSBill Krier
336fe1c642dSBill Krierstruct samr_logon_hours {
337fe1c642dSBill Krier	DWORD size;
338fe1c642dSBill Krier	DWORD first;
339fe1c642dSBill Krier	DWORD length;
340fe1c642dSBill Krier	BYTE bitmap[SAMR_SET_USER_HOURS_SZ];
341fe1c642dSBill Krier};
342fe1c642dSBill Krier
343fe1c642dSBill Krierstruct samr_logon_info {
344fe1c642dSBill Krier	DWORD units;
345fe1c642dSBill Krier	DWORD hours;
346fe1c642dSBill Krier};
347fe1c642dSBill Krier
348fe1c642dSBill Krierstruct samr_logon_hours_all {
349fe1c642dSBill Krier	WORD	units_per_week;
350fe1c642dSBill Krier  SIZE_IS(units_per_week / 8)
351fe1c642dSBill Krier	BYTE	*hours;
352fe1c642dSBill Krier};
353fe1c642dSBill Krier
3541ed6b69aSGordon Ross/*
3551ed6b69aSGordon Ross * SAMPR_USER_PASSWORD (in the MS Net API) or
3561ed6b69aSGordon Ross * struct samr_user_password (internal use) is
3571ed6b69aSGordon Ross * the "clear" form of struct samr_encr_passwd
3581ed6b69aSGordon Ross * (SAMPR_ENCRYPTED_USER_PASSWORD in MS Net).
3591ed6b69aSGordon Ross * It's not used by ndrgen, but is declared here
3601ed6b69aSGordon Ross * to help clarify the relationship between these,
3611ed6b69aSGordon Ross * and for the benefit of our client-side code.
3621ed6b69aSGordon Ross */
3631ed6b69aSGordon Ross#ifndef	NDRGEN
3641ed6b69aSGordon Ross#define SAMR_USER_PWLEN	256
3651ed6b69aSGordon Rossstruct samr_user_password {
3661ed6b69aSGordon Ross	smb_wchar_t	Buffer[SAMR_USER_PWLEN];
3671ed6b69aSGordon Ross	DWORD Length;
3681ed6b69aSGordon Ross};
3691ed6b69aSGordon Ross#endif	/* NDRGEN */
3701ed6b69aSGordon Ross
3711ed6b69aSGordon Ross/* SAMPR_ENCRYPTED_USER_PASSWORD */
3721ed6b69aSGordon Ross#define	SAMR_ENCR_PWLEN 516	/* sizeof samr_user_password */
3731ed6b69aSGordon Rossstruct samr_encr_passwd {
3741ed6b69aSGordon Ross	BYTE data[SAMR_ENCR_PWLEN];
3751ed6b69aSGordon Ross};
3761ed6b69aSGordon Ross
3771ed6b69aSGordon Ross/* ENCRYPTED_NT_OWF_PASSWORD */
3781ed6b69aSGordon Ross#define	SAMR_PWHASH_LEN	16
3791ed6b69aSGordon Rossstruct samr_encr_hash {
3801ed6b69aSGordon Ross	BYTE data[SAMR_PWHASH_LEN];
381fe1c642dSBill Krier};
382da6c28aaSamw
383da6c28aaSamw/*
384da6c28aaSamw ***********************************************************************
385cb174861Sjoyce mcintosh * SamrConnect.
386da6c28aaSamw ***********************************************************************
387da6c28aaSamw */
388cb174861Sjoyce mcintoshOPERATION(SAMR_OPNUM_Connect)
389cb174861Sjoyce mcintoshstruct samr_Connect {
390da6c28aaSamw	IN	DWORD *servername;
391da6c28aaSamw	IN	DWORD access_mask;
392da6c28aaSamw	OUT	samr_handle_t handle;
393da6c28aaSamw	OUT	DWORD status;
394da6c28aaSamw};
395da6c28aaSamw
396da6c28aaSamw
397da6c28aaSamw/*
398da6c28aaSamw ***********************************************************************
399cb174861Sjoyce mcintosh * SamrConnect2.
400da6c28aaSamw ***********************************************************************
401da6c28aaSamw */
402cb174861Sjoyce mcintoshOPERATION(SAMR_OPNUM_Connect2)
403cb174861Sjoyce mcintoshstruct samr_Connect2 {
404da6c28aaSamw	IN	LPTSTR servername;
405da6c28aaSamw	IN	DWORD access_mask;
406da6c28aaSamw	OUT	samr_handle_t handle;
407da6c28aaSamw	OUT	DWORD status;
408da6c28aaSamw};
409da6c28aaSamw
410da6c28aaSamw
411da6c28aaSamw/*
412da6c28aaSamw ***********************************************************************
413cb174861Sjoyce mcintosh * SamrConnect4. A new form of connect first seen with Windows 2000.
414da6c28aaSamw * A new field has been added to the input request. Value: 0x00000002.
415da6c28aaSamw ***********************************************************************
416da6c28aaSamw */
417cb174861Sjoyce mcintoshOPERATION(SAMR_OPNUM_Connect4)
418cb174861Sjoyce mcintoshstruct samr_Connect4 {
419da6c28aaSamw	IN	LPTSTR servername;
420a0aa776eSAlan Wright	IN	DWORD revision;
421da6c28aaSamw	IN	DWORD access_mask;
422da6c28aaSamw	OUT	samr_handle_t handle;
423da6c28aaSamw	OUT	DWORD status;
424da6c28aaSamw};
425da6c28aaSamw
426da6c28aaSamw
427da6c28aaSamw/*
428da6c28aaSamw ***********************************************************************
429cb174861Sjoyce mcintosh * SamrConnect5. A new form of connect first seen with Windows XP.
430da6c28aaSamw * The server name is the fully qualified domain name, i.e.
431a0aa776eSAlan Wright *	\\server.sun.com.
432a0aa776eSAlan Wright *
433a0aa776eSAlan Wright * [in]  DWORD	 InVersion,
434a0aa776eSAlan Wright * [in]  [switch_is(InVersion)]    samr_revision_info *InRevisionInfo
435a0aa776eSAlan Wright * [out] DWORD	 *OutVersion
436a0aa776eSAlan Wright * [out] [switch_is(*OutVersion)] *samr_revision_info *OutRevisionInfo
437a0aa776eSAlan Wright *
438a0aa776eSAlan Wright * SupportedFeatures (see notes in [MS-SAMR]
439a0aa776eSAlan Wright *	0x00000001	RID values returned from the server must not be
440a0aa776eSAlan Wright *			concatenated with the domain SID.
441a0aa776eSAlan Wright *	0x00000002	Reserved
442a0aa776eSAlan Wright *	0x00000004	Reserved
443da6c28aaSamw ***********************************************************************
444da6c28aaSamw */
445a0aa776eSAlan Wrightstruct samr_revision_info1 {
446a0aa776eSAlan Wright	DWORD revision;
447a0aa776eSAlan Wright	DWORD supported_features;
448a0aa776eSAlan Wright};
449a0aa776eSAlan Wrighttypedef struct samr_revision_info1 samr_revision_info1_t;
450a0aa776eSAlan Wright
451a0aa776eSAlan Wrightunion samr_revision_info {
452a0aa776eSAlan Wright	UNION_INFO_ENT(1,samr_revision_info);
453a0aa776eSAlan Wright	DEFAULT	char *nullptr;
454a0aa776eSAlan Wright};
455a0aa776eSAlan Wright
456cb174861Sjoyce mcintoshOPERATION(SAMR_OPNUM_Connect5)
457cb174861Sjoyce mcintoshstruct samr_Connect5 {
458da6c28aaSamw	IN		LPTSTR servername;
459da6c28aaSamw	IN		DWORD access_mask;
4601ed6b69aSGordon Ross	/*
4611ed6b69aSGordon Ross	 * This should be a union, but instead this is
4621ed6b69aSGordon Ross	 * done this way because unions are hard to
4631ed6b69aSGordon Ross	 * express in this RPC implementation.
4641ed6b69aSGordon Ross	 */
4651ed6b69aSGordon Ross	INOUT	DWORD unknown2_00000001;	/* V1 */
4661ed6b69aSGordon Ross	INOUT	DWORD unknown3_00000001;	/* V1 */
4671ed6b69aSGordon Ross	/* SAMPR_REVISION_INFO_V1 */
4681ed6b69aSGordon Ross	INOUT	DWORD unknown4_00000003;	/* Revision */
4691ed6b69aSGordon Ross	INOUT	DWORD unknown5_00000000;	/* SupportedFeatures */
470da6c28aaSamw	OUT		samr_handle_t handle;
471da6c28aaSamw	OUT		DWORD status;
472da6c28aaSamw};
473da6c28aaSamw
474da6c28aaSamw
475da6c28aaSamw/*
476da6c28aaSamw ***********************************************************************
477da6c28aaSamw * CloseHandle closes an association with the SAM. Using the same
478da6c28aaSamw * structure as the LSA seems to work.
479da6c28aaSamw ***********************************************************************
480da6c28aaSamw */
481da6c28aaSamwOPERATION(SAMR_OPNUM_CloseHandle)
482da6c28aaSamwstruct samr_CloseHandle {
483da6c28aaSamw	IN	samr_handle_t handle;
484da6c28aaSamw	OUT	samr_handle_t result_handle;
485da6c28aaSamw	OUT	DWORD status;
486da6c28aaSamw};
487da6c28aaSamw
488da6c28aaSamw
489da6c28aaSamw/*
490da6c28aaSamw ***********************************************************************
491da6c28aaSamw * LookupDomain: lookup up the domain SID.
492da6c28aaSamw ***********************************************************************
493da6c28aaSamw */
494da6c28aaSamwOPERATION(SAMR_OPNUM_LookupDomain)
495da6c28aaSamwstruct samr_LookupDomain {
496da6c28aaSamw	IN	samr_handle_t handle;
497da6c28aaSamw	IN	samr_string_t domain_name;
498da6c28aaSamw	OUT struct samr_sid *sid;
499da6c28aaSamw	OUT	DWORD status;
500da6c28aaSamw};
501da6c28aaSamw
502da6c28aaSamw
503da6c28aaSamw/*
504da6c28aaSamw ***********************************************************************
505da6c28aaSamw * EnumLocalDomain
506da6c28aaSamw *
507da6c28aaSamw * This looks like a request to get the local domains supported by a
508da6c28aaSamw * remote server. NT always seems to return 2 domains: the local
509da6c28aaSamw * domain (hostname) and the Builtin domain.
510da6c28aaSamw *
511da6c28aaSamw * The max_length field is set to 0x2000.
512da6c28aaSamw * Enum_context is set to 0 in the request and set to entries_read in
513da6c28aaSamw * the reply. Like most of these enums, total_entries is the same as
514da6c28aaSamw * entries_read.
515da6c28aaSamw ***********************************************************************
516da6c28aaSamw */
517da6c28aaSamwstruct samr_LocalDomainEntry {
518da6c28aaSamw	DWORD unknown;
519da6c28aaSamw	samr_string_t name;
520da6c28aaSamw};
521da6c28aaSamw
522da6c28aaSamwstruct samr_LocalDomainInfo {
523da6c28aaSamw	DWORD entries_read;
524da6c28aaSamw  SIZE_IS(entries_read)
525da6c28aaSamw	struct samr_LocalDomainEntry *entry;
526da6c28aaSamw};
527da6c28aaSamw
528da6c28aaSamw
529da6c28aaSamwOPERATION(SAMR_OPNUM_EnumLocalDomains)
530da6c28aaSamwstruct samr_EnumLocalDomain {
531da6c28aaSamw	IN		samr_handle_t handle;
532da6c28aaSamw	INOUT	DWORD enum_context;
533da6c28aaSamw	IN		DWORD max_length;
534da6c28aaSamw	OUT		struct samr_LocalDomainInfo *info;
535da6c28aaSamw	OUT		DWORD total_entries;
536da6c28aaSamw	OUT		DWORD status;
537da6c28aaSamw};
538da6c28aaSamw
539da6c28aaSamw
540da6c28aaSamw/*
541da6c28aaSamw ***********************************************************************
542da6c28aaSamw * OpenDomain
543da6c28aaSamw *
544da6c28aaSamw * Open a specific domain within the SAM. From this I assume that each
545da6c28aaSamw * SAM can handle multiple domains so you need to identify the one with
546da6c28aaSamw * which you want to work. Working with a domain handle does appear to
547da6c28aaSamw * offer the benefit that you can then use RIDs instead of full SIDs,
548da6c28aaSamw * which simplifies things a bit. The domain handle can be used to get
549da6c28aaSamw * user and group handles.
550da6c28aaSamw ***********************************************************************
551da6c28aaSamw */
552da6c28aaSamwOPERATION(SAMR_OPNUM_OpenDomain)
553da6c28aaSamwstruct samr_OpenDomain {
554da6c28aaSamw	IN	samr_handle_t handle;
555da6c28aaSamw	IN	DWORD access_mask;
556da6c28aaSamw	IN REFERENCE struct samr_sid *sid;
557da6c28aaSamw	OUT	samr_handle_t domain_handle;
558da6c28aaSamw	OUT	DWORD status;
559da6c28aaSamw};
560da6c28aaSamw
561da6c28aaSamw
562da6c28aaSamw/*
563da6c28aaSamw ***********************************************************************
564da6c28aaSamw * QueryDomainInfo
565da6c28aaSamw *
566da6c28aaSamw * Windows 95 Server Manager sends requests for levels 6 and 7 when
567da6c28aaSamw * the services menu item is selected.
568da6c28aaSamw ***********************************************************************
569da6c28aaSamw */
570da6c28aaSamw#define SAMR_QUERY_DOMAIN_INFO_2		2
571da6c28aaSamw#define SAMR_QUERY_DOMAIN_INFO_6		6
572da6c28aaSamw#define SAMR_QUERY_DOMAIN_INFO_7		7
573da6c28aaSamw
574da6c28aaSamw
575da6c28aaSamwstruct samr_QueryDomainInfo2 {
576da6c28aaSamw	DWORD unknown1;			/* 00 00 00 00 */
577da6c28aaSamw	DWORD unknown2;			/* 00 00 00 80 */
578da6c28aaSamw	samr_string_t s1;
579da6c28aaSamw	samr_string_t domain;
580da6c28aaSamw	samr_string_t s2;
581da6c28aaSamw	DWORD sequence_num;		/* 2B 00 00 00 */
582da6c28aaSamw	DWORD unknown3;			/* 00 00 00 00 */
583da6c28aaSamw	DWORD unknown4;			/* 01 00 00 00 */
584da6c28aaSamw	DWORD unknown5;			/* 03 00 00 00 */
585da6c28aaSamw	DWORD unknown6;			/* 01 */
586da6c28aaSamw	DWORD num_users;
587da6c28aaSamw	DWORD num_groups;
588da6c28aaSamw	DWORD num_aliases;
589da6c28aaSamw};
590da6c28aaSamw
591da6c28aaSamw
592da6c28aaSamwstruct samr_QueryDomainInfo6 {
593da6c28aaSamw	DWORD unknown1;			/* 00 00 00 00 */
594da6c28aaSamw	DWORD unknown2;			/* B0 7F 14 00 */
595da6c28aaSamw	DWORD unknown3;			/* 00 00 00 00 */
596da6c28aaSamw	DWORD unknown4;			/* 00 00 00 00 */
597da6c28aaSamw	DWORD unknown5;			/* 00 00 00 00 */
598da6c28aaSamw};
599da6c28aaSamw
600da6c28aaSamw
601da6c28aaSamwstruct samr_QueryDomainInfo7 {
602da6c28aaSamw	DWORD unknown1;			/* 03 00 00 00 */
603da6c28aaSamw};
604da6c28aaSamw
605da6c28aaSamw
606da6c28aaSamwunion samr_QueryDomainInfo_ru {
607da6c28aaSamw	UNION_INFO_ENT(2,samr_QueryDomainInfo);
608da6c28aaSamw	UNION_INFO_ENT(6,samr_QueryDomainInfo);
609da6c28aaSamw	UNION_INFO_ENT(7,samr_QueryDomainInfo);
610da6c28aaSamw	DEFAULT	char *nullptr;
611da6c28aaSamw};
612da6c28aaSamw
613da6c28aaSamwstruct samr_QueryDomainInfoRes {
614da6c28aaSamw	WORD switch_value;
615da6c28aaSamw	SWITCH(switch_value)
616da6c28aaSamw		union samr_QueryDomainInfo_ru ru;
617da6c28aaSamw};
618da6c28aaSamw
619da6c28aaSamwOPERATION(SAMR_OPNUM_QueryDomainInfo)
620da6c28aaSamwstruct samr_QueryDomainInfo {
621da6c28aaSamw	IN	samr_handle_t domain_handle;
622da6c28aaSamw	IN	WORD info_level;
623faa1795aSjb150015	OUT	struct samr_QueryDomainInfoRes *info;
624da6c28aaSamw	OUT	DWORD status;
625da6c28aaSamw};
626da6c28aaSamw
627f96bd5c8SAlan Wright/*
628f96bd5c8SAlan Wright * Identical to SAMR_OPNUM_QueryDomainInfo.
629f96bd5c8SAlan Wright */
630f96bd5c8SAlan WrightOPERATION(SAMR_OPNUM_QueryInfoDomain2)
631f96bd5c8SAlan Wrightstruct samr_QueryInfoDomain2 {
632f96bd5c8SAlan Wright	IN	samr_handle_t	domain_handle;
633f96bd5c8SAlan Wright	IN	WORD		info_level;
634f96bd5c8SAlan Wright	OUT	struct samr_QueryDomainInfoRes *info;
635f96bd5c8SAlan Wright	OUT	DWORD		status;
636f96bd5c8SAlan Wright};
637f96bd5c8SAlan Wright
638*eef90b86SGordon Ross#define SAMR_QUERY_ALIAS_INFO_GENERAL		1
639*eef90b86SGordon Ross#define SAMR_QUERY_ALIAS_INFO_NAME		2
640*eef90b86SGordon Ross#define SAMR_QUERY_ALIAS_INFO_COMMENT		3
641da6c28aaSamw
642*eef90b86SGordon Rossstruct samr_QueryAliasInfoGeneral {
643da6c28aaSamw	WORD level;
644da6c28aaSamw	samr_string_t name;
645*eef90b86SGordon Ross	DWORD member_count;
646da6c28aaSamw	samr_string_t desc;
647da6c28aaSamw};
648da6c28aaSamw
649*eef90b86SGordon Rossstruct samr_QueryAliasInfoName {
650*eef90b86SGordon Ross	WORD level;
651*eef90b86SGordon Ross	samr_string_t name;
652*eef90b86SGordon Ross};
653*eef90b86SGordon Ross
654*eef90b86SGordon Rossstruct samr_QueryAliasInfoComment {
655da6c28aaSamw	WORD level;
656da6c28aaSamw	samr_string_t desc;
657da6c28aaSamw};
658da6c28aaSamw
659da6c28aaSamwunion samr_QueryAliasInfo_ru {
660*eef90b86SGordon Ross	CASE(1) struct samr_QueryAliasInfoGeneral info1;
661*eef90b86SGordon Ross	CASE(2) struct samr_QueryAliasInfoName    info2;
662*eef90b86SGordon Ross	CASE(3) struct samr_QueryAliasInfoComment info3;
663da6c28aaSamw	DEFAULT	char *nullptr;
664da6c28aaSamw};
665da6c28aaSamw
666da6c28aaSamwstruct samr_QueryAliasInfoRes {
667da6c28aaSamw	DWORD address;
668da6c28aaSamw	WORD switch_value;
669da6c28aaSamw	SWITCH(switch_value)
670da6c28aaSamw		union samr_QueryAliasInfo_ru ru;
671da6c28aaSamw};
672da6c28aaSamw
673da6c28aaSamwOPERATION(SAMR_OPNUM_QueryAliasInfo)
674da6c28aaSamwstruct samr_QueryAliasInfo {
675da6c28aaSamw	IN	samr_handle_t alias_handle;
676da6c28aaSamw	IN	WORD level;
677da6c28aaSamw	OUT DWORD address;
678da6c28aaSamw  SWITCH (level)
679da6c28aaSamw	OUT	union samr_QueryAliasInfo_ru ru;
680da6c28aaSamw	OUT	DWORD status;
681da6c28aaSamw};
682da6c28aaSamw
683da6c28aaSamwOPERATION(SAMR_OPNUM_CreateDomainAlias)
684da6c28aaSamwstruct samr_CreateDomainAlias {
685da6c28aaSamw	IN	samr_handle_t domain_handle;
686da6c28aaSamw	IN	samr_string_t alias_name;
687da6c28aaSamw	IN	DWORD access_mask;
688da6c28aaSamw	OUT samr_handle_t alias_handle;
689da6c28aaSamw	OUT	DWORD rid;
690da6c28aaSamw	OUT	DWORD status;
691da6c28aaSamw};
692da6c28aaSamw
693da6c28aaSamwOPERATION(SAMR_OPNUM_SetAliasInfo)
694da6c28aaSamwstruct samr_SetAliasInfo {
695da6c28aaSamw	IN	samr_handle_t alias_handle;
696da6c28aaSamw	IN	WORD level;
697da6c28aaSamw	/* TBD */
698da6c28aaSamw	OUT	DWORD status;
699da6c28aaSamw};
700da6c28aaSamw
701da6c28aaSamwOPERATION(SAMR_OPNUM_DeleteDomainAlias)
702da6c28aaSamwstruct samr_DeleteDomainAlias {
703c5866007SKeyur Desai	INOUT	samr_handle_t alias_handle;
704da6c28aaSamw	OUT	DWORD status;
705da6c28aaSamw};
706da6c28aaSamw
707da6c28aaSamwOPERATION(SAMR_OPNUM_OpenAlias)
708da6c28aaSamwstruct samr_OpenAlias {
709da6c28aaSamw	IN	samr_handle_t domain_handle;
710da6c28aaSamw	IN	DWORD access_mask;
711da6c28aaSamw	IN	DWORD rid;
712da6c28aaSamw	OUT samr_handle_t alias_handle;
713da6c28aaSamw	OUT	DWORD status;
714da6c28aaSamw};
715da6c28aaSamw
716da6c28aaSamwstruct name_rid {
717da6c28aaSamw	DWORD rid;
718da6c28aaSamw	samr_string_t name;
719da6c28aaSamw};
720da6c28aaSamw
721da6c28aaSamwstruct aliases_info {
722da6c28aaSamw	DWORD count;
723da6c28aaSamw	DWORD address;
724da6c28aaSamw	SIZE_IS(count)
725da6c28aaSamw	struct name_rid info[ANY_SIZE_ARRAY];
726da6c28aaSamw};
727da6c28aaSamw
728da6c28aaSamwOPERATION(SAMR_OPNUM_EnumDomainAliases)
729da6c28aaSamwstruct samr_EnumDomainAliases {
730da6c28aaSamw	IN	samr_handle_t domain_handle;
731da6c28aaSamw	IN	DWORD resume_handle;
732da6c28aaSamw	IN	DWORD mask;
733da6c28aaSamw	OUT	DWORD out_resume;
734da6c28aaSamw	OUT struct aliases_info *aliases;
735da6c28aaSamw	OUT DWORD entries;
736da6c28aaSamw	OUT	DWORD status;
737da6c28aaSamw};
738da6c28aaSamw
739da6c28aaSamwstruct user_acct_info {
740da6c28aaSamw	DWORD index;
741da6c28aaSamw	DWORD rid;
742da6c28aaSamw	DWORD ctrl;
743da6c28aaSamw	samr_string_t name;
744da6c28aaSamw	samr_string_t fullname;
745da6c28aaSamw	samr_string_t desc;
746da6c28aaSamw};
747da6c28aaSamw
748da6c28aaSamwstruct user_disp_info {
7493db3f65cSamw	OUT DWORD total_size;
7503db3f65cSamw	OUT DWORD returned_size;
7513db3f65cSamw	OUT WORD switch_value;
752da6c28aaSamw	DWORD count;
7533db3f65cSamw	SIZE_IS(count)
7543db3f65cSamw	struct user_acct_info *acct;
755da6c28aaSamw};
756da6c28aaSamw
757da6c28aaSamwOPERATION(SAMR_OPNUM_QueryDispInfo)
758da6c28aaSamwstruct samr_QueryDispInfo {
759da6c28aaSamw	IN	samr_handle_t domain_handle;
760da6c28aaSamw	IN	WORD level;
761da6c28aaSamw	IN	DWORD start_idx;
762da6c28aaSamw	IN	DWORD max_entries;
763da6c28aaSamw	IN	DWORD pref_maxsize;
7643db3f65cSamw	OUT struct user_disp_info users;
765da6c28aaSamw	OUT	DWORD status;
766da6c28aaSamw};
767da6c28aaSamw
768da6c28aaSamwstruct group_acct_info {
769da6c28aaSamw	DWORD index;
770da6c28aaSamw	DWORD rid;
771da6c28aaSamw	DWORD ctrl;
772da6c28aaSamw	samr_string_t name;
773da6c28aaSamw	samr_string_t desc;
774da6c28aaSamw};
775da6c28aaSamw
776da6c28aaSamwstruct group_disp_info {
777da6c28aaSamw	DWORD count;
778da6c28aaSamw	/* right now we just need one entry */
779da6c28aaSamw	struct group_acct_info acct[1];
780da6c28aaSamw};
781da6c28aaSamw
782da6c28aaSamwOPERATION(SAMR_OPNUM_EnumDomainGroups)
783da6c28aaSamwstruct samr_EnumDomainGroups {
784da6c28aaSamw	IN	samr_handle_t domain_handle;
785da6c28aaSamw	IN	WORD level;
786da6c28aaSamw	IN	DWORD start_idx;
787da6c28aaSamw	IN	DWORD max_entries;
788da6c28aaSamw	IN	DWORD pref_maxsize;
789da6c28aaSamw	OUT DWORD total_size;
790da6c28aaSamw	OUT DWORD returned_size;
791da6c28aaSamw	OUT WORD switch_value;
792da6c28aaSamw	OUT DWORD count;
793da6c28aaSamw	OUT struct group_disp_info *groups;
794da6c28aaSamw	OUT	DWORD status;
795da6c28aaSamw};
796da6c28aaSamw
797da6c28aaSamw/*
798da6c28aaSamw ***********************************************************************
799da6c28aaSamw * OpenUser
800da6c28aaSamw *
801da6c28aaSamw * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain,
802da6c28aaSamw * an access mask and the appropriate user rid. The output will be a
803da6c28aaSamw * handle for use with the specified user.
804da6c28aaSamw ***********************************************************************
805da6c28aaSamw */
806da6c28aaSamwOPERATION(SAMR_OPNUM_OpenUser)
807da6c28aaSamwstruct samr_OpenUser {
808da6c28aaSamw	IN	samr_handle_t handle;
809da6c28aaSamw	IN	DWORD access_mask;
810da6c28aaSamw	IN	DWORD rid;
811da6c28aaSamw	OUT	samr_handle_t user_handle;
812da6c28aaSamw	OUT	DWORD status;
813da6c28aaSamw};
814da6c28aaSamw
815da6c28aaSamw
816da6c28aaSamw/*
817da6c28aaSamw ***********************************************************************
818da6c28aaSamw * DeleteUser
819da6c28aaSamw ***********************************************************************
820da6c28aaSamw */
821da6c28aaSamwOPERATION(SAMR_OPNUM_DeleteUser)
822da6c28aaSamwstruct samr_DeleteUser {
823da6c28aaSamw	INOUT	samr_handle_t user_handle;
824da6c28aaSamw	OUT	DWORD status;
825da6c28aaSamw};
826da6c28aaSamw
827da6c28aaSamw
828da6c28aaSamw/*
829da6c28aaSamw ***********************************************************************
830da6c28aaSamw * QueryUserInfo
831da6c28aaSamw *
832da6c28aaSamw * Provides various pieces of information on a specific user (see
833da6c28aaSamw * SAM_Q_QUERY_USERINFO and SAM_R_QUERY_USERINFO). The handle must
834da6c28aaSamw * be a valid SAM user handle.
835da6c28aaSamw *
836da6c28aaSamw * QueryUserInfo (
837da6c28aaSamw *	IN samr_handle_t user_handle,
838da6c28aaSamw *	IN WORD switch_value,
839da6c28aaSamw *	OUT union switch(switch_value) {
840da6c28aaSamw *		case 1: struct QueryUserInfo1 *info1;
841da6c28aaSamw *	} bufptr,
842da6c28aaSamw *	OUT DWORD status
843da6c28aaSamw * )
844da6c28aaSamw *
845fe1c642dSBill Krier * typedef enum _USER_INFORMATION_CLASS {
846fe1c642dSBill Krier *	UserGeneralInformation		= 1,
847fe1c642dSBill Krier *	UserPreferencesInformation	= 2,
848fe1c642dSBill Krier *	UserLogonInformation		= 3,
849fe1c642dSBill Krier *	UserLogonHoursInformation	= 4,
850fe1c642dSBill Krier *	UserAccountInformation		= 5,
851fe1c642dSBill Krier *	UserNameInformation		= 6,
852fe1c642dSBill Krier *	UserAccountNameInformation	= 7,
853fe1c642dSBill Krier *	UserFullNameInformation		= 8,
854fe1c642dSBill Krier *	UserPrimaryGroupInformation	= 9,
855fe1c642dSBill Krier *	UserHomeInformation		= 10,
856fe1c642dSBill Krier *	UserScriptInformation		= 11,
857fe1c642dSBill Krier *	UserProfileInformation		= 12,
858fe1c642dSBill Krier *	UserAdminCommentInformation	= 13,
859fe1c642dSBill Krier *	UserWorkStationsInformation	= 14,
860fe1c642dSBill Krier *	UserControlInformation		= 16,
861fe1c642dSBill Krier *	UserExpiresInformation		= 17,
862fe1c642dSBill Krier *	UserInternal1Information	= 18,
863fe1c642dSBill Krier *	UserParametersInformation	= 20,
864fe1c642dSBill Krier *	UserAllInformation		= 21,
865fe1c642dSBill Krier *	UserInternal4Information	= 23,
866fe1c642dSBill Krier *	UserInternal5Information	= 24,
867fe1c642dSBill Krier *	UserInternal4InformationNew	= 25,
868fe1c642dSBill Krier *	UserInternal5InformationNew	= 26,
869fe1c642dSBill Krier * } USER_INFORMATION_CLASS;
870da6c28aaSamw *
871da6c28aaSamw * 1 = username, fullname, description and some other stuff.
872da6c28aaSamw * 3 = large structure containing user rid, group rid, username
873da6c28aaSamw *     and fullname.
874da6c28aaSamw * 5 = large structure (like 3) containing user rid, group rid,
875da6c28aaSamw *     username, fullname and description.
876da6c28aaSamw * 6 = username and fullname
877da6c28aaSamw * 7 = username
878da6c28aaSamw * 8 = fullname
879da6c28aaSamw * 9 = group rid
880da6c28aaSamw * 16 = used after creating a new account
881da6c28aaSamw *
882da6c28aaSamw * Due to an ndrgen bug, a function must be provided to to patch the
883da6c28aaSamw * offsets used by the unmarshalling code at runtime.  In order to
884da6c28aaSamw * simplify things it is useful to use a naming convention that
885da6c28aaSamw * indicates the switch value for each structure.
886da6c28aaSamw *
887da6c28aaSamw ***********************************************************************
888da6c28aaSamw */
889da6c28aaSamw
890da6c28aaSamw
891da6c28aaSamw#define SAMR_QUERY_USER_INFO_1			1
892da6c28aaSamw#define SAMR_QUERY_USER_UNAME_AND_FNAME		6
893da6c28aaSamw#define SAMR_QUERY_USER_USERNAME		7
894da6c28aaSamw#define SAMR_QUERY_USER_FULLNAME		8
895da6c28aaSamw#define SAMR_QUERY_USER_GROUPRID		9
896fe1c642dSBill Krier#define SAMR_QUERY_USER_CONTROL_INFO		16
897fe1c642dSBill Krier#define SAMR_QUERY_USER_ALL_INFO		21
898da6c28aaSamw
899da6c28aaSamw
900da6c28aaSamwstruct samr_QueryUserInfo1 {
901da6c28aaSamw	samr_string_t username;
902da6c28aaSamw	samr_string_t fullname;
903da6c28aaSamw	DWORD group_rid;
904da6c28aaSamw	samr_string_t description;
905da6c28aaSamw	samr_string_t unknown;
906da6c28aaSamw};
907da6c28aaSamw
908da6c28aaSamw
909da6c28aaSamwstruct samr_QueryUserInfo6 {
910da6c28aaSamw	samr_string_t username;
911da6c28aaSamw	samr_string_t fullname;
912da6c28aaSamw};
913da6c28aaSamw
914da6c28aaSamwstruct samr_QueryUserInfo7 {
915da6c28aaSamw	samr_string_t username;
916da6c28aaSamw};
917da6c28aaSamw
918da6c28aaSamw
919da6c28aaSamwstruct samr_QueryUserInfo8 {
920da6c28aaSamw	samr_string_t fullname;
921da6c28aaSamw};
922da6c28aaSamw
923da6c28aaSamw
924da6c28aaSamwstruct samr_QueryUserInfo9 {
925da6c28aaSamw	DWORD group_rid;
926da6c28aaSamw};
927da6c28aaSamw
928da6c28aaSamw
929da6c28aaSamwstruct samr_QueryUserInfo16 {
9301ed6b69aSGordon Ross	DWORD UserAccountControl;
931da6c28aaSamw};
932da6c28aaSamw
933fe1c642dSBill Krier/*
934fe1c642dSBill Krier * SAMR_USER_ALL_INFORMATION
935fe1c642dSBill Krier */
936fe1c642dSBill Krierstruct samr_QueryUserInfo21 {
937fe1c642dSBill Krier	samr_quad_t		LastLogon;
938fe1c642dSBill Krier	samr_quad_t		LastLogoff;
939fe1c642dSBill Krier	samr_quad_t		PasswordLastSet;
940fe1c642dSBill Krier	samr_quad_t		AccountExpires;
941fe1c642dSBill Krier	samr_quad_t		PasswordCanChange;
942fe1c642dSBill Krier	samr_quad_t		PasswordMustChange;
943fe1c642dSBill Krier	samr_string_t		UserName;
944fe1c642dSBill Krier	samr_string_t		FullName;
945fe1c642dSBill Krier	samr_string_t		HomeDirectory;
946fe1c642dSBill Krier	samr_string_t		HomeDirectoryDrive;
947fe1c642dSBill Krier	samr_string_t		ScriptPath;
948fe1c642dSBill Krier	samr_string_t		ProfilePath;
949fe1c642dSBill Krier	samr_string_t		AdminComment;
950fe1c642dSBill Krier	samr_string_t		WorkStations;
951fe1c642dSBill Krier	samr_string_t		UserComment;
952fe1c642dSBill Krier	samr_string_t		Parameters;
953fe1c642dSBill Krier	struct samr_short_blob	LmOwfPassword;
954fe1c642dSBill Krier	struct samr_short_blob	NtOwfPassword;
955fe1c642dSBill Krier	samr_string_t		PrivateData;
956fe1c642dSBill Krier	samr_sd_t		SecurityDescriptor;
957fe1c642dSBill Krier	DWORD			UserId;
958fe1c642dSBill Krier	DWORD			PrimaryGroupId;
959fe1c642dSBill Krier	DWORD			UserAccountControl;
960fe1c642dSBill Krier	DWORD			WhichFields;
961fe1c642dSBill Krier	struct samr_logon_hours_all	LogonHours;
962fe1c642dSBill Krier	WORD			BadPasswordCount;
963fe1c642dSBill Krier	WORD			LogonCount;
964fe1c642dSBill Krier	WORD			CountryCode;
965fe1c642dSBill Krier	WORD			CodePage;
966fe1c642dSBill Krier	BYTE			LmPasswordPresent;
967fe1c642dSBill Krier	BYTE			NtPasswordPresent;
968fe1c642dSBill Krier	BYTE			PasswordExpired;
969fe1c642dSBill Krier	BYTE			PrivateDataSensitive;
970fe1c642dSBill Krier};
971da6c28aaSamw
9721ed6b69aSGordon Ross/* See also: fixup_samr_QueryUserInfo() */
973da6c28aaSamwunion QueryUserInfo_result_u {
974da6c28aaSamw	UNION_INFO_ENT(1,samr_QueryUserInfo);
975da6c28aaSamw	UNION_INFO_ENT(6,samr_QueryUserInfo);
976da6c28aaSamw	UNION_INFO_ENT(7,samr_QueryUserInfo);
977da6c28aaSamw	UNION_INFO_ENT(8,samr_QueryUserInfo);
978da6c28aaSamw	UNION_INFO_ENT(9,samr_QueryUserInfo);
979da6c28aaSamw	UNION_INFO_ENT(16,samr_QueryUserInfo);
980fe1c642dSBill Krier	UNION_INFO_ENT(21,samr_QueryUserInfo);
981da6c28aaSamw	DEFAULT	char *nullptr;
982da6c28aaSamw};
983da6c28aaSamw
984da6c28aaSamw
985da6c28aaSamw/*
986da6c28aaSamw * This structure needs to be declared, even though it can't be used in
987da6c28aaSamw * samr_QueryUserInfo, in order to get the appropriate size to calculate
988da6c28aaSamw * the correct fixup offsets.  If ndrgen did the right thing,
989da6c28aaSamw * QueryUserInfo_result would be one of the out parameters.  However, if
990da6c28aaSamw * we do it that way, the switch_value isn't known early enough to do
991da6c28aaSamw * the fixup calculation.  So it all has to go in samr_QueryUserInfo.
992da6c28aaSamw */
993da6c28aaSamwstruct QueryUserInfo_result {
994da6c28aaSamw	DWORD address;
995da6c28aaSamw	WORD switch_value;
996da6c28aaSamw	SWITCH(switch_value)
997da6c28aaSamw		union QueryUserInfo_result_u ru;
998da6c28aaSamw};
999da6c28aaSamw
1000da6c28aaSamw
1001da6c28aaSamwOPERATION(SAMR_OPNUM_QueryUserInfo)
1002da6c28aaSamwstruct samr_QueryUserInfo {
1003da6c28aaSamw	IN	samr_handle_t user_handle;
1004da6c28aaSamw	IN	WORD switch_value;
1005da6c28aaSamw	/*
1006da6c28aaSamw	 * Can't use this form because we need to include members explicitly.
1007da6c28aaSamw	 * OUT	struct QueryUserInfo_result result;
1008da6c28aaSamw	 */
1009da6c28aaSamw	OUT	DWORD address;
1010da6c28aaSamw	OUT	WORD switch_index;
1011da6c28aaSamw  SWITCH(switch_value)
1012da6c28aaSamw	OUT	union QueryUserInfo_result_u ru;
1013da6c28aaSamw	OUT	DWORD status;
1014da6c28aaSamw};
1015da6c28aaSamw
1016da6c28aaSamw
1017da6c28aaSamw/*
1018da6c28aaSamw ***********************************************************************
1019da6c28aaSamw * QueryUserGroups
1020da6c28aaSamw ***********************************************************************
1021da6c28aaSamw */
1022da6c28aaSamwstruct samr_UserGroups {
1023da6c28aaSamw	DWORD rid;
1024da6c28aaSamw	DWORD attr;
1025da6c28aaSamw};
1026da6c28aaSamw
1027da6c28aaSamw
1028da6c28aaSamwstruct samr_UserGroupInfo {
1029da6c28aaSamw	DWORD n_entry;
1030da6c28aaSamw  SIZE_IS(n_entry)
1031da6c28aaSamw	struct samr_UserGroups *groups;
1032da6c28aaSamw};
1033da6c28aaSamw
1034da6c28aaSamw
1035da6c28aaSamwOPERATION(SAMR_OPNUM_QueryUserGroups)
1036da6c28aaSamwstruct samr_QueryUserGroups {
1037da6c28aaSamw	IN	samr_handle_t user_handle;
1038da6c28aaSamw	OUT struct samr_UserGroupInfo *info;
1039da6c28aaSamw	OUT	DWORD status;
1040da6c28aaSamw};
1041da6c28aaSamw
1042da6c28aaSamw
1043da6c28aaSamw/*
1044da6c28aaSamw ***********************************************************************
1045da6c28aaSamw * LookupName
1046da6c28aaSamw ***********************************************************************
1047da6c28aaSamw */
1048da6c28aaSamwstruct samr_LookupNameTable {
1049da6c28aaSamw	DWORD n_entry;
1050da6c28aaSamw  SIZE_IS(n_entry)
1051da6c28aaSamw	samr_string_t names[ANY_SIZE_ARRAY];
1052da6c28aaSamw};
1053da6c28aaSamw
1054da6c28aaSamw
1055da6c28aaSamwstruct samr_LookupRidTable {
1056da6c28aaSamw	DWORD n_entry;
1057da6c28aaSamw  SIZE_IS(n_entry)
1058da6c28aaSamw	DWORD *rid;
1059da6c28aaSamw};
1060da6c28aaSamw
1061da6c28aaSamwstruct samr_RidType {
1062da6c28aaSamw	DWORD n_entry;
1063da6c28aaSamw  SIZE_IS(n_entry)
1064da6c28aaSamw	DWORD *rid_type;
1065da6c28aaSamw};
1066da6c28aaSamw
1067da6c28aaSamw
1068da6c28aaSamwOPERATION(SAMR_OPNUM_LookupNames)
1069da6c28aaSamwstruct samr_LookupNames {
1070da6c28aaSamw	IN	samr_handle_t handle;
1071da6c28aaSamw	IN	DWORD n_entry;
1072da6c28aaSamw	IN	DWORD max_n_entry;
1073da6c28aaSamw	IN	DWORD index;
1074da6c28aaSamw	IN	DWORD total;
1075da6c28aaSamw	IN	samr_string_t name;
1076da6c28aaSamw	OUT	struct samr_LookupRidTable rids;
1077da6c28aaSamw	OUT	struct samr_RidType rid_types;
1078da6c28aaSamw	OUT	DWORD status;
1079da6c28aaSamw};
1080da6c28aaSamw
1081da6c28aaSamw
1082da6c28aaSamw/*
1083da6c28aaSamw ***********************************************************************
1084da6c28aaSamw * OpenGroup
1085da6c28aaSamw *
1086da6c28aaSamw * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain,
1087da6c28aaSamw * an access mask and the appropriate group rid. The output will be a
1088da6c28aaSamw * handle for use with the specified group.
1089da6c28aaSamw ***********************************************************************
1090da6c28aaSamw */
1091da6c28aaSamwOPERATION(SAMR_OPNUM_OpenGroup)
1092da6c28aaSamwstruct samr_OpenGroup {
1093da6c28aaSamw	IN	samr_handle_t handle;
1094da6c28aaSamw	IN	DWORD access_mask;
1095da6c28aaSamw	IN	DWORD rid;
1096da6c28aaSamw	OUT	samr_handle_t group_handle;
1097da6c28aaSamw	OUT	DWORD status;
1098da6c28aaSamw};
1099da6c28aaSamw
1100da6c28aaSamw
1101da6c28aaSamw/*
1102da6c28aaSamw ***********************************************************************
1103da6c28aaSamw * QueryGroupInfo
1104da6c28aaSamw *
1105da6c28aaSamw * Input must be a group handle obtained via SAMR_OPNUM_OpenGroup,
1106da6c28aaSamw * an access mask and the appropriate group rid. The output will
1107da6c28aaSamw * be a handle for use with the specified group.
1108da6c28aaSamw ***********************************************************************
1109da6c28aaSamw */
1110da6c28aaSamwstruct samr_QueryGroupInfo1 {
1111da6c28aaSamw	samr_string_t groupname;
1112da6c28aaSamw};
1113da6c28aaSamw
1114da6c28aaSamw
1115da6c28aaSamwunion samr_QueryGroupInfo_result_u {
1116da6c28aaSamw	UNION_INFO_ENT(1,samr_QueryGroupInfo);
1117da6c28aaSamw	DEFAULT	char *nullptr;
1118da6c28aaSamw};
1119da6c28aaSamw
1120da6c28aaSamw
1121da6c28aaSamwstruct samr_QueryGroupInfo_result {
1122da6c28aaSamw	DWORD address;
1123da6c28aaSamw	WORD switch_index;
1124da6c28aaSamw  SWITCH(switch_index)
1125da6c28aaSamw	union samr_QueryGroupInfo_result_u ru;
1126da6c28aaSamw};
1127da6c28aaSamw
1128da6c28aaSamw
1129da6c28aaSamwOPERATION(SAMR_OPNUM_QueryGroupInfo)
1130da6c28aaSamwstruct samr_QueryGroupInfo {
1131da6c28aaSamw	IN	samr_handle_t group_handle;
1132da6c28aaSamw	IN	DWORD switch_value;
1133da6c28aaSamw	OUT	DWORD address;
1134da6c28aaSamw	OUT	WORD switch_index;
1135da6c28aaSamw  SWITCH(switch_index)
1136da6c28aaSamw	OUT	union samr_QueryGroupInfo_result_u ru;
1137da6c28aaSamw	OUT	DWORD status;
1138da6c28aaSamw};
1139da6c28aaSamw
1140da6c28aaSamw
1141da6c28aaSamw/*
1142da6c28aaSamw ***********************************************************************
1143da6c28aaSamw * StoreGroupInfo
1144da6c28aaSamw *
1145da6c28aaSamw * This definition is mostly just a place holder in case this is useful
1146da6c28aaSamw * in the future. Note that it may not be correct. The information is
1147da6c28aaSamw * from a netmon trace captured when I added a group description. I
1148da6c28aaSamw * haven't implemented it because we don't have to update anything on
1149da6c28aaSamw * the PDC. The description should almost certainly be in a separate
1150da6c28aaSamw * structure.
1151da6c28aaSamw ***********************************************************************
1152da6c28aaSamw */
1153da6c28aaSamwOPERATION(SAMR_OPNUM_StoreGroupInfo)
1154da6c28aaSamwstruct samr_StoreGroupInfo {
1155da6c28aaSamw	IN	samr_handle_t group_handle;
1156da6c28aaSamw	IN	DWORD switch_value;
1157da6c28aaSamw	IN	samr_string_t group_description;
1158da6c28aaSamw	OUT	DWORD status;
1159da6c28aaSamw};
1160da6c28aaSamw
1161c5866007SKeyur Desai/*
1162c5866007SKeyur Desai * AddAliasMember
1163c5866007SKeyur Desai */
1164c5866007SKeyur DesaiOPERATION(SAMR_OPNUM_AddAliasMember)
1165c5866007SKeyur Desaistruct samr_AddAliasMember {
1166c5866007SKeyur Desai	IN		samr_handle_t alias_handle;
1167c5866007SKeyur Desai	IN REFERENCE	struct samr_sid *sid;
1168c5866007SKeyur Desai	OUT DWORD	status;
1169c5866007SKeyur Desai};
1170c5866007SKeyur Desai
1171c5866007SKeyur Desai/*
1172c5866007SKeyur Desai * DeleteAliasMember
1173c5866007SKeyur Desai */
1174c5866007SKeyur DesaiOPERATION(SAMR_OPNUM_DeleteAliasMember)
1175c5866007SKeyur Desaistruct samr_DeleteAliasMember {
1176c5866007SKeyur Desai	IN		samr_handle_t alias_handle;
1177c5866007SKeyur Desai	IN REFERENCE	struct samr_sid *sid;
1178c5866007SKeyur Desai	OUT DWORD	status;
1179c5866007SKeyur Desai};
1180c5866007SKeyur Desai
1181c5866007SKeyur Desaistruct samr_SidList {
1182c5866007SKeyur Desai	struct samr_sid		*sid;
1183c5866007SKeyur Desai};
1184c5866007SKeyur Desai
1185c5866007SKeyur Desaistruct samr_SidInfo {
1186c5866007SKeyur Desai	DWORD n_entry;
1187c5866007SKeyur Desai  SIZE_IS(n_entry)
1188c5866007SKeyur Desai	struct samr_SidList	*sidlist;
1189c5866007SKeyur Desai};
1190c5866007SKeyur Desai
1191c5866007SKeyur Desai/*
1192c5866007SKeyur Desai * ListAliasMembers
1193c5866007SKeyur Desai */
1194c5866007SKeyur DesaiOPERATION(SAMR_OPNUM_ListAliasMembers)
1195c5866007SKeyur Desaistruct samr_ListAliasMembers {
1196c5866007SKeyur Desai	IN		samr_handle_t alias_handle;
1197c5866007SKeyur Desai	OUT		struct samr_SidInfo info;
1198c5866007SKeyur Desai	OUT DWORD	status;
1199c5866007SKeyur Desai};
1200da6c28aaSamw
1201da6c28aaSamw/*
1202da6c28aaSamw ***********************************************************************
1203f96bd5c8SAlan Wright * GetUserDomainPasswordInformation
1204da6c28aaSamw ***********************************************************************
1205da6c28aaSamw */
1206da6c28aaSamwOPERATION(SAMR_OPNUM_GetUserPwInfo)
1207da6c28aaSamwstruct samr_GetUserPwInfo {
1208da6c28aaSamw	IN		samr_handle_t		user_handle;
1209f96bd5c8SAlan Wright	OUT REFERENCE	samr_password_info_t	*pwinfo;
1210da6c28aaSamw	OUT		DWORD			status;
1211da6c28aaSamw};
1212da6c28aaSamw
1213da6c28aaSamw
1214da6c28aaSamw/*
1215da6c28aaSamw ***********************************************************************
1216da6c28aaSamw * CreateUser
1217da6c28aaSamw *
1218da6c28aaSamw * Create a user in the domain specified by the domain handle. The
1219a0aa776eSAlan Wright * domain handle is obtained obtained via SAMR_OPNUM_OpenDomain.
1220a0aa776eSAlan Wright * DesiredAccess: 0xe00500b0.
1221da6c28aaSamw * The output will be a handle for use with the specified user and the
1222a0aa776eSAlan Wright * user's RID. I think the RID may be a unique pointer (it can be null).
1223da6c28aaSamw ***********************************************************************
1224da6c28aaSamw */
1225da6c28aaSamwOPERATION(SAMR_OPNUM_CreateUser)
1226da6c28aaSamwstruct samr_CreateUser {
1227da6c28aaSamw	IN	samr_handle_t handle;
1228da6c28aaSamw	IN	samr_vcbuf_t username;
1229da6c28aaSamw	IN	DWORD account_flags;
1230a0aa776eSAlan Wright	IN	DWORD desired_access;
1231da6c28aaSamw	OUT	samr_handle_t user_handle;
1232da6c28aaSamw	OUT	DWORD maybe_ptr;
1233da6c28aaSamw	OUT	DWORD rid;
1234da6c28aaSamw	OUT	DWORD status;
1235da6c28aaSamw};
1236da6c28aaSamw
1237da6c28aaSamw
1238da6c28aaSamw/*
1239da6c28aaSamw ***********************************************************************
12401ed6b69aSGordon Ross * ChangePasswordUser2 - See:
12411ed6b69aSGordon Ross * SamrUnicodeChangePasswordUser2 [MS-SAMR 3.1.5.10.3]
1242da6c28aaSamw ***********************************************************************
1243da6c28aaSamw */
1244da6c28aaSamw
12451ed6b69aSGordon RossOPERATION(SAMR_OPNUM_ChangePasswordUser2)
12461ed6b69aSGordon Rossstruct samr_ChangePasswordUser2 {
12471ed6b69aSGordon Ross	IN	samr_string_t *servername;
12481ed6b69aSGordon Ross	IN REF	samr_string_t *username;
12491ed6b69aSGordon Ross	IN	struct samr_encr_passwd *nt_newpw;
12501ed6b69aSGordon Ross	IN	struct samr_encr_hash *nt_oldpw;
12511ed6b69aSGordon Ross	IN	BYTE lm_present;
12521ed6b69aSGordon Ross	IN	struct samr_encr_passwd *lm_newpw;
12531ed6b69aSGordon Ross	IN	struct samr_encr_hash *lm_oldpw;
1254da6c28aaSamw	OUT	DWORD status;
1255da6c28aaSamw};
1256da6c28aaSamw
1257da6c28aaSamw
1258da6c28aaSamw/*
1259da6c28aaSamw ***********************************************************************
1260da6c28aaSamw * GetDomainPwInfo
1261da6c28aaSamw ***********************************************************************
1262da6c28aaSamw */
1263da6c28aaSamwOPERATION(SAMR_OPNUM_GetDomainPwInfo)
1264da6c28aaSamwstruct samr_GetDomainPwInfo {
1265f96bd5c8SAlan Wright	IN		DWORD			unused;
1266f96bd5c8SAlan Wright	OUT REFERENCE	samr_password_info_t	*pwinfo;
1267da6c28aaSamw	OUT		DWORD			status;
1268da6c28aaSamw};
1269da6c28aaSamw
1270da6c28aaSamw
1271da6c28aaSamw/*
1272da6c28aaSamw ***********************************************************************
1273da6c28aaSamw * SetUserInfo
12741ed6b69aSGordon Ross * [MS-SAMR] SamrSetInformationUser2
1275da6c28aaSamw ***********************************************************************
1276da6c28aaSamw */
1277da6c28aaSamw
12781ed6b69aSGordon Ross/* USER_CONTROL_INFORMATION */
12791ed6b69aSGordon Rossstruct samr_SetUserInfo16 {
12801ed6b69aSGordon Ross	DWORD UserAccountControl;
12811ed6b69aSGordon Ross};
1282da6c28aaSamw
1283da6c28aaSamw
1284da6c28aaSamw/*
12851ed6b69aSGordon Ross * samr_SetUserInfo21, a.k.a
12861ed6b69aSGordon Ross * SAMR_USER_ALL_INFORMATION
1287da6c28aaSamw *
12881ed6b69aSGordon Ross * We now know this is the same as samr_QueryUserInfo21
12891ed6b69aSGordon Ross * Could merge, except for the samr_vcbuf_t mess.
1290da6c28aaSamw */
12911ed6b69aSGordon Ross
12921ed6b69aSGordon Ross#define SAMR_SET_USER_INFO_21		21
12931ed6b69aSGordon Ross
12941ed6b69aSGordon Rossstruct samr_SetUserInfo21 {
12951ed6b69aSGordon Ross	samr_quad_t		LastLogon;
12961ed6b69aSGordon Ross	samr_quad_t		LastLogoff;
12971ed6b69aSGordon Ross	samr_quad_t		PasswordLastSet;
12981ed6b69aSGordon Ross	samr_quad_t		AccountExpires;
12991ed6b69aSGordon Ross	samr_quad_t		PasswordCanChange;
13001ed6b69aSGordon Ross	samr_quad_t		PasswordMustChange;
13011ed6b69aSGordon Ross
13021ed6b69aSGordon Ross	samr_vcbuf_t		UserName;
13031ed6b69aSGordon Ross	samr_vcbuf_t		FullName;
13041ed6b69aSGordon Ross	samr_vcbuf_t		HomeDirectory;
13051ed6b69aSGordon Ross	samr_vcbuf_t		HomeDirectoryDrive;
13061ed6b69aSGordon Ross	samr_vcbuf_t		ScriptPath;
13071ed6b69aSGordon Ross	samr_vcbuf_t		ProfilePath;
13081ed6b69aSGordon Ross	samr_vcbuf_t		AdminComment;
13091ed6b69aSGordon Ross	samr_vcbuf_t		WorkStations;
13101ed6b69aSGordon Ross	samr_vcbuf_t		UserComment;
13111ed6b69aSGordon Ross	samr_vcbuf_t		Parameters;
13121ed6b69aSGordon Ross
13131ed6b69aSGordon Ross	struct samr_short_blob	LmOwfPassword;
13141ed6b69aSGordon Ross	struct samr_short_blob	NtOwfPassword;
13151ed6b69aSGordon Ross	samr_vcbuf_t		PrivateData;
13161ed6b69aSGordon Ross	samr_sd_t		SecurityDescriptor;
13171ed6b69aSGordon Ross
13181ed6b69aSGordon Ross	DWORD			UserId;	/* RID */
13191ed6b69aSGordon Ross	DWORD			PrimaryGroupId;
13201ed6b69aSGordon Ross	DWORD			UserAccountControl;
13211ed6b69aSGordon Ross	DWORD			WhichFields;
13221ed6b69aSGordon Ross
13231ed6b69aSGordon Ross	/*
13241ed6b69aSGordon Ross	 * This should be samr_logon_hours_all, but apparently
13251ed6b69aSGordon Ross	 * ndrgen doesn't get that quite right, so instead, the
13261ed6b69aSGordon Ross	 * client-side code patches this up.
13271ed6b69aSGordon Ross	 */
13281ed6b69aSGordon Ross	struct samr_logon_info	LogonHours;
13291ed6b69aSGordon Ross
13301ed6b69aSGordon Ross	WORD			BadPasswordCount;
13311ed6b69aSGordon Ross	WORD			LogonCount;
13321ed6b69aSGordon Ross	WORD			CountryCode;
13331ed6b69aSGordon Ross	WORD			CodePage;
13341ed6b69aSGordon Ross	BYTE			LmPasswordPresent;
13351ed6b69aSGordon Ross	BYTE			NtPasswordPresent;
13361ed6b69aSGordon Ross	BYTE			PasswordExpired;
13371ed6b69aSGordon Ross	BYTE			PrivateDataSensitive;
13381ed6b69aSGordon Ross};
13391ed6b69aSGordon Ross
13401ed6b69aSGordon Ross/*
13411ed6b69aSGordon Ross *	SAMPR_USER_INTERNAL4_INFORMATION
13421ed6b69aSGordon Ross *	UserInternal4Information (23)
13431ed6b69aSGordon Ross */
13441ed6b69aSGordon Ross#define SAMR_SET_USER_INFO_23		23
13451ed6b69aSGordon Rossstruct samr_SetUserInfo23 {
13461ed6b69aSGordon Ross	struct samr_SetUserInfo21 info21;
13471ed6b69aSGordon Ross	struct samr_encr_passwd encr_pw;
13481ed6b69aSGordon Ross};
13491ed6b69aSGordon Ross
13501ed6b69aSGordon Ross/*
13511ed6b69aSGordon Ross *	SAMPR_USER_INTERNAL5_INFORMATION
13521ed6b69aSGordon Ross *	UserInternal5Information (24)
13531ed6b69aSGordon Ross */
13541ed6b69aSGordon Ross#define SAMR_SET_USER_INFO_24		24
13551ed6b69aSGordon Rossstruct samr_SetUserInfo24 {
13561ed6b69aSGordon Ross	struct samr_encr_passwd encr_pw;
13571ed6b69aSGordon Ross	BYTE password_expired;
1358da6c28aaSamw};
1359da6c28aaSamw
1360da6c28aaSamw
1361da6c28aaSamwunion samr_SetUserInfo_u {
13621ed6b69aSGordon Ross	UNION_INFO_ENT(16,samr_SetUserInfo);
13631ed6b69aSGordon Ross	UNION_INFO_ENT(21,samr_SetUserInfo);
1364da6c28aaSamw	UNION_INFO_ENT(23,samr_SetUserInfo);
13651ed6b69aSGordon Ross	UNION_INFO_ENT(24,samr_SetUserInfo);
13661ed6b69aSGordon Ross	DEFAULT  DWORD nothing;
1367da6c28aaSamw};
1368da6c28aaSamw
1369da6c28aaSamwstruct samr_SetUserInfo_s {
13701ed6b69aSGordon Ross	WORD info_level;
1371da6c28aaSamw	WORD switch_value;
1372da6c28aaSamw  SWITCH(switch_value)
1373da6c28aaSamw	union samr_SetUserInfo_u ru;
1374da6c28aaSamw};
1375da6c28aaSamw
1376da6c28aaSamwOPERATION(SAMR_OPNUM_SetUserInfo)
1377da6c28aaSamwstruct samr_SetUserInfo {
1378da6c28aaSamw	IN	samr_handle_t user_handle;
1379da6c28aaSamw	IN	struct samr_SetUserInfo_s info;
1380da6c28aaSamw	OUT	DWORD status;
1381da6c28aaSamw};
1382da6c28aaSamw
1383da6c28aaSamw
1384da6c28aaSamw/*
1385da6c28aaSamw ***********************************************************************
1386da6c28aaSamw * The SAMR interface definition.
1387da6c28aaSamw ***********************************************************************
1388da6c28aaSamw */
1389da6c28aaSamwINTERFACE(0)
1390da6c28aaSamwunion samr_interface {
1391cb174861Sjoyce mcintosh	CASE(SAMR_OPNUM_Connect)
1392cb174861Sjoyce mcintosh		struct samr_Connect		Connect;
1393da6c28aaSamw	CASE(SAMR_OPNUM_CloseHandle)
1394da6c28aaSamw		struct samr_CloseHandle		CloseHandle;
1395da6c28aaSamw	CASE(SAMR_OPNUM_LookupDomain)
1396da6c28aaSamw		struct samr_LookupDomain	LookupDomain;
1397da6c28aaSamw	CASE(SAMR_OPNUM_EnumLocalDomains)
1398da6c28aaSamw		struct samr_EnumLocalDomain	EnumLocalDomain;
1399da6c28aaSamw	CASE(SAMR_OPNUM_OpenDomain)
1400da6c28aaSamw		struct samr_OpenDomain		OpenDomain;
1401da6c28aaSamw	CASE(SAMR_OPNUM_QueryDomainInfo)
1402da6c28aaSamw		struct samr_QueryDomainInfo	QueryDomainInfo;
1403f96bd5c8SAlan Wright	CASE(SAMR_OPNUM_QueryInfoDomain2)
1404f96bd5c8SAlan Wright		struct samr_QueryInfoDomain2	QueryInfoDomain2;
1405da6c28aaSamw	CASE(SAMR_OPNUM_LookupNames)
1406da6c28aaSamw		struct samr_LookupNames		LookupNames;
1407da6c28aaSamw	CASE(SAMR_OPNUM_OpenUser)
1408da6c28aaSamw		struct samr_OpenUser		OpenUser;
1409da6c28aaSamw	CASE(SAMR_OPNUM_DeleteUser)
1410da6c28aaSamw		struct samr_DeleteUser		DeleteUser;
1411da6c28aaSamw	CASE(SAMR_OPNUM_QueryUserInfo)
1412da6c28aaSamw		struct samr_QueryUserInfo	QueryUserInfo;
1413da6c28aaSamw	CASE(SAMR_OPNUM_QueryUserGroups)
1414da6c28aaSamw		struct samr_QueryUserGroups	QueryUserGroups;
1415da6c28aaSamw	CASE(SAMR_OPNUM_OpenGroup)
1416da6c28aaSamw		struct samr_OpenGroup		OpenGroup;
1417c5866007SKeyur Desai	CASE(SAMR_OPNUM_AddAliasMember)
1418c5866007SKeyur Desai		struct samr_AddAliasMember	AddAliasMember;
1419c5866007SKeyur Desai	CASE(SAMR_OPNUM_DeleteAliasMember)
1420c5866007SKeyur Desai		struct samr_DeleteAliasMember	DeleteAliasMember;
1421c5866007SKeyur Desai	CASE(SAMR_OPNUM_ListAliasMembers)
1422c5866007SKeyur Desai		struct samr_ListAliasMembers	ListAliasMembers;
1423da6c28aaSamw	CASE(SAMR_OPNUM_GetUserPwInfo)
1424da6c28aaSamw		struct samr_GetUserPwInfo	GetUserPwInfo;
1425da6c28aaSamw	CASE(SAMR_OPNUM_CreateUser)
1426da6c28aaSamw		struct samr_CreateUser		CreateUser;
14271ed6b69aSGordon Ross	CASE(SAMR_OPNUM_ChangePasswordUser2)
14281ed6b69aSGordon Ross		struct samr_ChangePasswordUser2	ChangePasswordUser2;
1429da6c28aaSamw	CASE(SAMR_OPNUM_GetDomainPwInfo)
1430da6c28aaSamw		struct samr_GetDomainPwInfo	GetDomainPwInfo;
1431cb174861Sjoyce mcintosh	CASE(SAMR_OPNUM_Connect2)
1432cb174861Sjoyce mcintosh		struct samr_Connect2		Connect2;
1433da6c28aaSamw	CASE(SAMR_OPNUM_SetUserInfo)
1434da6c28aaSamw		struct samr_SetUserInfo		SetUserInfo;
1435da6c28aaSamw	CASE(SAMR_OPNUM_Connect4)
1436da6c28aaSamw		struct samr_Connect4		Connect4;
1437cb174861Sjoyce mcintosh	CASE(SAMR_OPNUM_Connect5)
1438cb174861Sjoyce mcintosh		struct samr_Connect5		Connect5;
1439da6c28aaSamw	CASE(SAMR_OPNUM_QueryDispInfo)
1440da6c28aaSamw		struct samr_QueryDispInfo	QueryDispInfo;
1441da6c28aaSamw	CASE(SAMR_OPNUM_OpenAlias)
1442da6c28aaSamw		struct samr_OpenAlias		OpenAlias;
1443da6c28aaSamw	CASE(SAMR_OPNUM_CreateDomainAlias)
1444da6c28aaSamw		struct samr_CreateDomainAlias	CreateDomainAlias;
1445da6c28aaSamw	CASE(SAMR_OPNUM_SetAliasInfo)
1446da6c28aaSamw		struct samr_SetAliasInfo	SetAliasInfo;
1447da6c28aaSamw	CASE(SAMR_OPNUM_QueryAliasInfo)
1448da6c28aaSamw		struct samr_QueryAliasInfo	QueryAliasInfo;
1449da6c28aaSamw	CASE(SAMR_OPNUM_DeleteDomainAlias)
1450da6c28aaSamw		struct samr_DeleteDomainAlias	DeleteDomainAlias;
1451da6c28aaSamw	CASE(SAMR_OPNUM_EnumDomainAliases)
1452da6c28aaSamw		struct samr_EnumDomainAliases	EnumDomainAliases;
1453da6c28aaSamw	CASE(SAMR_OPNUM_EnumDomainGroups)
1454da6c28aaSamw		struct samr_EnumDomainGroups	EnumDomainGroups;
1455da6c28aaSamw};
1456da6c28aaSamwtypedef union samr_interface	samr_interface_t;
1457da6c28aaSamwEXTERNTYPEINFO(samr_interface)
1458da6c28aaSamw
1459da6c28aaSamw#endif /* _MLSVC_SAM_NDL_ */
1460