xref: /titanic_50/usr/src/uts/common/smbsrv/ndl/samrpc.ndl (revision 448bf8594153765bb5fce82a8888e01e3f6c3bad)
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24
25#ifndef _MLSVC_SAM_NDL_
26#define _MLSVC_SAM_NDL_
27
28/*
29 * Security Accounts Manager RPC (SAMR) interface definition.
30 */
31
32#include "ndrtypes.ndl"
33
34/* Windows NT */
35#define SAMR_OPNUM_ConnectAnon			0x00	/* SamrConnect */
36#define SAMR_OPNUM_CloseHandle			0x01
37#define SAMR_OPNUM_SetSecObject			0x02
38#define SAMR_OPNUM_QuerySecObject		0x03
39#define SAMR_OPNUM_ShutdownSamServer		0x04	/* NotUsedOnWire */
40#define SAMR_OPNUM_LookupDomain			0x05
41#define SAMR_OPNUM_EnumLocalDomains		0x06
42#define SAMR_OPNUM_OpenDomain			0x07
43#define SAMR_OPNUM_QueryDomainInfo		0x08
44#define SAMR_OPNUM_SetDomainInfo		0x09
45#define SAMR_OPNUM_CreateDomainGroup		0x0a
46#define SAMR_OPNUM_QueryDomainGroups		0x0b
47#define SAMR_OPNUM_CreateDomainUser		0x0c
48#define SAMR_OPNUM_EnumDomainUsers		0x0d
49#define SAMR_OPNUM_CreateDomainAlias		0x0e
50#define SAMR_OPNUM_EnumDomainAliases		0x0f
51#define SAMR_OPNUM_LookupIds			0x10	/* GetAliasMembership */
52#define SAMR_OPNUM_LookupNames			0x11
53#define SAMR_OPNUM_LookupDomainIds		0x12
54#define SAMR_OPNUM_OpenGroup			0x13
55#define SAMR_OPNUM_QueryGroupInfo		0x14
56#define SAMR_OPNUM_StoreGroupInfo		0x15
57#define SAMR_OPNUM_AddGroupMember		0x16
58#define SAMR_OPNUM_DeleteDomainGroup		0x17
59#define SAMR_OPNUM_DeleteGroupMember		0x18
60#define SAMR_OPNUM_ListGroupMembers		0x19
61#define SAMR_OPNUM_SetGroupMemberAttributes	0x1a
62#define SAMR_OPNUM_OpenAlias			0x1b
63#define SAMR_OPNUM_QueryAliasInfo		0x1c
64#define SAMR_OPNUM_SetAliasInfo			0x1d
65#define SAMR_OPNUM_DeleteDomainAlias		0x1e
66#define SAMR_OPNUM_AddAliasMember		0x1f
67#define SAMR_OPNUM_DeleteAliasMember		0x20
68#define SAMR_OPNUM_ListAliasMembers		0x21
69#define SAMR_OPNUM_OpenUser			0x22
70#define SAMR_OPNUM_DeleteUser			0x23
71#define SAMR_OPNUM_QueryUserInfo		0x24
72#define SAMR_OPNUM_SetUserInfo0			0x25	/* SetUserInfo */
73#define SAMR_OPNUM_ChangeUserPassword0		0x26	/* ChangeUserPassword */
74#define SAMR_OPNUM_QueryUserGroups		0x27
75#define SAMR_OPNUM_QueryDispInfo		0x28	/* QueryDispInfo1 */
76#define	SAMR_OPNUM_GetDisplayEnumIndex		0x29
77#define	SAMR_OPNUM_TestPrivateDomainFunctions	0x2a	/* NotUsedOnWire */
78#define	SAMR_OPNUM_TestPrivateUserFunctions	0x2b	/* NotUsedOnWire */
79#define SAMR_OPNUM_GetUserPwInfo		0x2c
80
81/* Windows 2000 */
82#define	SAMR_OPNUM_RemoveMemberFromForeignDomain        0x2d
83#define	SAMR_OPNUM_QueryInfoDomain2		0x2e
84#define	SAMR_OPNUM_QueryInfoUser2		0x2f
85#define	SAMR_OPNUM_EnumDomainGroups		0x30    /* QueryDispInfo2 */
86#define	SAMR_OPNUM_GetDisplayEnumIndex2		0x31
87#define	SAMR_OPNUM_CreateUser			0x32
88#define	SAMR_OPNUM_QueryDispInfo4		0x33
89#define	SAMR_OPNUM_AddMultipleAliasMembers	0x34
90#define	SAMR_OPNUM_RemoveMultipleAliasMembers	0x35
91#define	SAMR_OPNUM_ChangeUserOemPassword	0x36
92#define SAMR_OPNUM_ChangeUserPasswd		0x37	/* UnicodePasswd */
93#define SAMR_OPNUM_GetDomainPwInfo		0x38
94#define SAMR_OPNUM_Connect			0x39	/* SamrConnect2 */
95#define SAMR_OPNUM_SetUserInfo			0x3a
96#define	SAMR_OPNUM_SetBootKeyInformation	0x3b
97#define	SAMR_OPNUM_GetBootKeyInformation	0x3c
98#define	SAMR_OPNUM_Connect2			0x3d	/* SamrConnect3 */
99#define	SAMR_OPNUM_Connect3			0x3e	/* SamrConnect4 */
100#define	SAMR_OPNUM_ChangeUserUnicodePassword3	0x3f
101
102/* Windows XP and Windows Server 2003 */
103#define	SAMR_OPNUM_Connect4			0x40	/* SamrConnect5 */
104#define	SAMR_OPNUM_RidToSid                     0x41
105#define	SAMR_OPNUM_SetDSRMPassword              0x42
106#define	SAMR_OPNUM_ValidatePassword             0x43
107
108/* Windows Vista */
109#define SAMR_OPNUM_QueryLocalizableAccountsInDomain     0x44
110#define SAMR_OPNUM_PerformGenericOperation              0x45
111
112
113/*
114 * UNION_INFO_ENT is intended to simplify adding new entries to a union.
115 * If the entry structures are named using the form samr_QueryUserInfoX,
116 * where X is the sitch_value, you can just add a single line. Note
117 * that you must also update the fixup function in mlsvc_sam.c.
118 */
119#define UNION_INFO_ENT(N,NAME) CASE(N) struct NAME##N info##N
120
121
122/*
123 * Sam account flags used when creating an account. These flags seem
124 * to be very similar to the USER_INFO_X flags (UF_XXX) in lmaccess.h
125 * but the values are different.
126 */
127#define SAMR_AF_ACCOUNTDISABLE			0x0001
128#define SAMR_AF_HOMEDIR_REQUIRED		0x0002
129#define SAMR_AF_PASSWD_NOTREQD			0x0004
130#define SAMR_AF_TEMP_DUPLICATE_ACCOUNT		0x0008
131#define SAMR_AF_NORMAL_ACCOUNT			0x0010
132#define SAMR_AF_MNS_LOGON_ACCOUNT		0x0020
133#define SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT	0x0040
134#define SAMR_AF_WORKSTATION_TRUST_ACCOUNT	0x0080
135#define SAMR_AF_SERVER_TRUST_ACCOUNT		0x0100
136#define SAMR_AF_DONT_EXPIRE_PASSWD		0x0200
137#define SAMR_AF_ACCOUNT_AUTOLOCK		0x0400
138
139
140#define SAMR_AF_MACHINE_ACCOUNT_MASK	( \
141				SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT \
142				| SAMR_AF_WORKSTATION_TRUST_ACCOUNT \
143				| SAMR_AF_SERVER_TRUST_ACCOUNT)
144
145#define SAMR_AF_ACCOUNT_TYPE_MASK	( \
146				SAMR_AF_TEMP_DUPLICATE_ACCOUNT \
147				| SAMR_AF_NORMAL_ACCOUNT \
148				| SAMR_AF_INTERDOMAIN_TRUST_ACCOUNT \
149				| SAMR_AF_WORKSTATION_TRUST_ACCOUNT \
150				| SAMR_AF_SERVER_TRUST_ACCOUNT)
151
152/*
153 * QueryUserInfo UserAllInformation WhichFields
154 */
155#define	SAMR_USER_ALL_USERNAME			0x00000001
156#define	SAMR_USER_ALL_FULLNAME			0x00000002
157#define	SAMR_USER_ALL_USERID			0x00000004
158#define	SAMR_USER_ALL_PRIMARYGROUPID		0x00000008
159#define	SAMR_USER_ALL_ADMINCOMMENT		0x00000010
160#define	SAMR_USER_ALL_USERCOMMENT		0x00000020
161#define	SAMR_USER_ALL_HOMEDIRECTORY		0x00000040
162#define	SAMR_USER_ALL_HOMEDIRECTORYDRIVE	0x00000080
163#define	SAMR_USER_ALL_SCRIPTPATH		0x00000100
164#define	SAMR_USER_ALL_PROFILEPATH		0x00000200
165#define	SAMR_USER_ALL_WORKSTATIONS		0x00000400
166#define	SAMR_USER_ALL_LASTLOGON			0x00000800
167#define	SAMR_USER_ALL_LASTLOGOFF		0x00001000
168#define	SAMR_USER_ALL_LOGONHOURS		0x00002000
169#define	SAMR_USER_ALL_BADPASSWORDCOUNT		0x00004000
170#define	SAMR_USER_ALL_LOGONCOUNT		0x00008000
171#define	SAMR_USER_ALL_PASSWORDCANCHANGE		0x00010000
172#define	SAMR_USER_ALL_PASSWORDMUSTCHANGE	0x00020000
173#define	SAMR_USER_ALL_PASSWORDLASTSET		0x00040000
174#define	SAMR_USER_ALL_ACCOUNTEXPIRES		0x00080000
175#define	SAMR_USER_ALL_USERACCOUNTCONTROL	0x00100000
176#define	SAMR_USER_ALL_PARAMETERS		0x00200000
177#define	SAMR_USER_ALL_COUNTRYCODE		0x00400000
178#define	SAMR_USER_ALL_CODEPAGE			0x00800000
179#define	SAMR_USER_ALL_NTPASSWORDPRESENT		0x01000000
180#define	SAMR_USER_ALL_LMPASSWORDPRESENT		0x02000000
181#define	SAMR_USER_ALL_PRIVATEDATA		0x04000000
182#define	SAMR_USER_ALL_PASSWORDEXPIRED		0x08000000
183#define	SAMR_USER_ALL_SECURITYDESCRIPTOR	0x10000000
184#define	SAMR_USER_ALL_UNDEFINED_MASK		0xC0000000
185
186/*
187 * Alias Access Mask values for SAMR
188 * Section 2.2.1.6 of MS-SAMR
189 */
190#define SAMR_ALIAS_ACCESS_EXECUTE		0x00020008
191#define SAMR_ALIAS_ACCESS_WRITE			0x00020013
192#define SAMR_ALIAS_ACCESS_READ			0x00020004
193#define SAMR_ALIAS_ACCESS_ALL_ACCESS		0x000F001F
194#define SAMR_ALIAS_ACCESS_WRITE_ACCOUNT		0x00000010
195#define SAMR_ALIAS_ACCESS_READ_INFO		0x00000008
196#define SAMR_ALIAS_ACCESS_LIST_MEMBERS		0x00000004
197#define SAMR_ALIAS_ACCESS_REMOVE_MEMBER		0x00000002
198#define SAMR_ALIAS_ACCESS_ADD_MEMBER		0x00000001
199
200#define	SAMR_REVISION_1			1	/* Pre Windows 2000 */
201#define	SAMR_REVISION_2			2	/* Windows 2000 */
202#define	SAMR_REVISION_3			3	/* Post Windows 2000 */
203
204/*
205 * Definition for a SID. The ndl compiler does not allow a typedef of
206 * a structure containing variable size members.
207 */
208struct samr_sid {
209	BYTE		Revision;
210	BYTE		SubAuthCount;
211	BYTE		Authority[6];
212  SIZE_IS(SubAuthCount)
213	DWORD		SubAuthority[ANY_SIZE_ARRAY];
214};
215
216
217/*
218 * SAMR definition of a security_descriptor.
219 */
220struct samr_sec_desc {
221	BYTE Revision;
222	BYTE Sbz1;
223	WORD Control;
224	struct samr_sid *owner;
225	struct samr_sid *group;
226	struct samr_sid *sacl;
227	struct samr_sid *dacl;
228};
229
230struct samr_sd {
231	DWORD length;
232  SIZE_IS(length)
233	BYTE *data;
234};
235typedef struct samr_sd samr_sd_t;
236
237/*
238 * Definition for a string. The length and allosize should be set to
239 * twice the string length (i.e. strlen(str) * 2). The runtime code
240 * will perform the appropriate string to a wide-char conversions,
241 * so str should point to a regular char * string.
242 */
243struct samr_string {
244	WORD		length;
245	WORD		allosize;
246	LPTSTR		str;
247};
248typedef struct samr_string samr_string_t;
249
250
251/*
252 * Alternative varying/conformant string definition - for
253 * non-null terminated strings. This definition must match
254 * ndr_vcbuf_t.
255 */
256struct samr_vcb {
257	/*
258	 * size_is (actually a copy of length_is) will
259	 * be inserted here by the marshalling library.
260	 */
261	DWORD vc_first_is;
262	DWORD vc_length_is;
263  SIZE_IS(vc_length_is)
264	WORD buffer[ANY_SIZE_ARRAY];
265};
266
267struct samr_vcbuf {
268	WORD wclen;
269	WORD wcsize;
270	struct samr_vcb *vcb;
271};
272typedef struct samr_vcbuf samr_vcbuf_t;
273
274CONTEXT_HANDLE(samr_handle) samr_handle_t;
275
276/*
277 * OLD_LARGE_INTEGER: a 64-bit value.
278 */
279struct samr_quad {
280	DWORD low;
281	DWORD high;
282};
283typedef struct samr_quad samr_quad_t;
284
285/*
286 * Blob used for the NT and LM OWF passwords.
287 * The length and maxlen should be 16.
288 */
289struct samr_short_blob {
290	WORD	length;
291	WORD	maxlen;
292  SIZE_IS(length / 2)
293	WORD	*buf;
294};
295
296#define	DOMAIN_PASSWORD_COMPLEX			0x00000001
297#define	DOMAIN_PASSWORD_NO_ANON_CHANGE		0x00000002
298#define	DOMAIN_PASSWORD_NO_CLEAR_CHANGE		0x00000004
299#define	DOMAIN_LOCKOUT_ADMINS			0x00000008
300#define	DOMAIN_PASSWORD_STORE_CLEARTEXT		0x00000010
301#define	DOMAIN_REFUSE_PASSWORD_CHANGE		0x00000020
302
303struct samr_password_info {
304	WORD	min_length;
305	DWORD	properties;
306};
307typedef struct samr_password_info samr_password_info_t;
308
309/*
310 * There is some sort of logon bitmap structure in here, which I
311 * think is a varying and conformant array, i.e.
312 *
313 *	struct samr_logon_hours {
314 *      DWORD size_is;		(1260)
315 *      DWORD first_is;		(zero)
316 *      DWORD length_is;	(168)
317 *      BYTE bitmap[21];
318 *  };
319 *
320 *	struct samr_logon_info {
321 *		DWORD length;
322 *	SIZE_IS(length / 8)
323 *		struct samr_logon_hours *hours;
324 *	};
325 *
326 * There are 10080 minutes/week => 10080/8 = 1260 (0x04EC).
327 * So size_is is set as some sort of maximum.
328 *
329 * There are 168 hours/week => 168/8 = 21 (0xA8). Since there are 21
330 * bytes (all set to 0xFF), this is is probably the default setting.
331 */
332
333#define SAMR_MINS_PER_WEEK		10080
334#define SAMR_HOURS_PER_WEEK		168
335
336#define SAMR_HOURS_MAX_SIZE		(SAMR_MINS_PER_WEEK / 8)
337#define SAMR_HOURS_SET_LEN(LEN)		((LEN) / 8)
338#define SAMR_SET_USER_HOURS_SZ		21
339
340struct samr_logon_hours {
341	DWORD size;
342	DWORD first;
343	DWORD length;
344	BYTE bitmap[SAMR_SET_USER_HOURS_SZ];
345};
346
347struct samr_logon_info {
348	DWORD units;
349	DWORD hours;
350};
351
352struct samr_logon_hours_all {
353	WORD	units_per_week;
354  SIZE_IS(units_per_week / 8)
355	BYTE	*hours;
356};
357
358struct samr_oem_password {
359	BYTE password[512];
360	DWORD length;
361};
362
363/*
364 ***********************************************************************
365 * ConnectAnon. It looks like the SAM handle is identical to an LSA
366 * handle. See Connect.
367 ***********************************************************************
368 */
369OPERATION(SAMR_OPNUM_ConnectAnon)
370struct samr_ConnectAnon {
371	IN	DWORD *servername;
372	IN	DWORD access_mask;
373	OUT	samr_handle_t handle;
374	OUT	DWORD status;
375};
376
377
378/*
379 ***********************************************************************
380 * Connect. I'm not sure what the difference is between Connect and
381 * ConnectAnon but this call seems to work better than ConnectAnon.
382 ***********************************************************************
383 */
384OPERATION(SAMR_OPNUM_Connect)
385struct samr_Connect {
386	IN	LPTSTR servername;
387	IN	DWORD access_mask;
388	OUT	samr_handle_t handle;
389	OUT	DWORD status;
390};
391
392
393/*
394 ***********************************************************************
395 * SamrConnect3. A new form of connect first seen with Windows 2000.
396 * A new field has been added to the input request. Value: 0x00000002.
397 * I haven't looked at the Win2K response yet to see if it differs
398 * from SAMR_OPNUM_Connect.
399 ***********************************************************************
400 */
401OPERATION(SAMR_OPNUM_Connect3)
402struct samr_Connect3 {
403	IN	LPTSTR servername;
404	IN	DWORD revision;
405	IN	DWORD access_mask;
406	OUT	samr_handle_t handle;
407	OUT	DWORD status;
408};
409
410
411/*
412 ***********************************************************************
413 * SamrConnect4. A new form of connect first seen with Windows XP.
414 * The server name is the fully qualified domain name, i.e.
415 *	\\server.sun.com.
416 *
417 * [in]  DWORD	 InVersion,
418 * [in]  [switch_is(InVersion)]    samr_revision_info *InRevisionInfo
419 * [out] DWORD	 *OutVersion
420 * [out] [switch_is(*OutVersion)] *samr_revision_info *OutRevisionInfo
421 *
422 * SupportedFeatures (see notes in [MS-SAMR]
423 *	0x00000001	RID values returned from the server must not be
424 *			concatenated with the domain SID.
425 *	0x00000002	Reserved
426 *	0x00000004	Reserved
427 ***********************************************************************
428 */
429struct samr_revision_info1 {
430	DWORD revision;
431	DWORD supported_features;
432};
433typedef struct samr_revision_info1 samr_revision_info1_t;
434
435union samr_revision_info {
436	UNION_INFO_ENT(1,samr_revision_info);
437	DEFAULT	char *nullptr;
438};
439
440OPERATION(SAMR_OPNUM_Connect4)
441struct samr_Connect4 {
442	IN		LPTSTR servername;
443	IN		DWORD access_mask;
444	INOUT	DWORD unknown2_00000001;
445	INOUT	DWORD unknown3_00000001;
446	INOUT	DWORD unknown4_00000003;
447	INOUT	DWORD unknown5_00000000;
448	OUT		samr_handle_t handle;
449	OUT		DWORD status;
450};
451
452
453/*
454 ***********************************************************************
455 * CloseHandle closes an association with the SAM. Using the same
456 * structure as the LSA seems to work.
457 ***********************************************************************
458 */
459OPERATION(SAMR_OPNUM_CloseHandle)
460struct samr_CloseHandle {
461	IN	samr_handle_t handle;
462	OUT	samr_handle_t result_handle;
463	OUT	DWORD status;
464};
465
466
467/*
468 ***********************************************************************
469 * LookupDomain: lookup up the domain SID.
470 ***********************************************************************
471 */
472OPERATION(SAMR_OPNUM_LookupDomain)
473struct samr_LookupDomain {
474	IN	samr_handle_t handle;
475	IN	samr_string_t domain_name;
476	OUT struct samr_sid *sid;
477	OUT	DWORD status;
478};
479
480
481/*
482 ***********************************************************************
483 * EnumLocalDomain
484 *
485 * This looks like a request to get the local domains supported by a
486 * remote server. NT always seems to return 2 domains: the local
487 * domain (hostname) and the Builtin domain.
488 *
489 * The max_length field is set to 0x2000.
490 * Enum_context is set to 0 in the request and set to entries_read in
491 * the reply. Like most of these enums, total_entries is the same as
492 * entries_read.
493 ***********************************************************************
494 */
495struct samr_LocalDomainEntry {
496	DWORD unknown;
497	samr_string_t name;
498};
499
500struct samr_LocalDomainInfo {
501	DWORD entries_read;
502  SIZE_IS(entries_read)
503	struct samr_LocalDomainEntry *entry;
504};
505
506
507OPERATION(SAMR_OPNUM_EnumLocalDomains)
508struct samr_EnumLocalDomain {
509	IN		samr_handle_t handle;
510	INOUT	DWORD enum_context;
511	IN		DWORD max_length;
512	OUT		struct samr_LocalDomainInfo *info;
513	OUT		DWORD total_entries;
514	OUT		DWORD status;
515};
516
517
518/*
519 ***********************************************************************
520 * OpenDomain
521 *
522 * Open a specific domain within the SAM. From this I assume that each
523 * SAM can handle multiple domains so you need to identify the one with
524 * which you want to work. Working with a domain handle does appear to
525 * offer the benefit that you can then use RIDs instead of full SIDs,
526 * which simplifies things a bit. The domain handle can be used to get
527 * user and group handles.
528 ***********************************************************************
529 */
530OPERATION(SAMR_OPNUM_OpenDomain)
531struct samr_OpenDomain {
532	IN	samr_handle_t handle;
533	IN	DWORD access_mask;
534	IN REFERENCE struct samr_sid *sid;
535	OUT	samr_handle_t domain_handle;
536	OUT	DWORD status;
537};
538
539
540/*
541 ***********************************************************************
542 * QueryDomainInfo
543 *
544 * Windows 95 Server Manager sends requests for levels 6 and 7 when
545 * the services menu item is selected.
546 ***********************************************************************
547 */
548#define SAMR_QUERY_DOMAIN_INFO_2		2
549#define SAMR_QUERY_DOMAIN_INFO_6		6
550#define SAMR_QUERY_DOMAIN_INFO_7		7
551
552
553struct samr_QueryDomainInfo2 {
554	DWORD unknown1;			/* 00 00 00 00 */
555	DWORD unknown2;			/* 00 00 00 80 */
556	samr_string_t s1;
557	samr_string_t domain;
558	samr_string_t s2;
559	DWORD sequence_num;		/* 2B 00 00 00 */
560	DWORD unknown3;			/* 00 00 00 00 */
561	DWORD unknown4;			/* 01 00 00 00 */
562	DWORD unknown5;			/* 03 00 00 00 */
563	DWORD unknown6;			/* 01 */
564	DWORD num_users;
565	DWORD num_groups;
566	DWORD num_aliases;
567};
568
569
570struct samr_QueryDomainInfo6 {
571	DWORD unknown1;			/* 00 00 00 00 */
572	DWORD unknown2;			/* B0 7F 14 00 */
573	DWORD unknown3;			/* 00 00 00 00 */
574	DWORD unknown4;			/* 00 00 00 00 */
575	DWORD unknown5;			/* 00 00 00 00 */
576};
577
578
579struct samr_QueryDomainInfo7 {
580	DWORD unknown1;			/* 03 00 00 00 */
581};
582
583
584union samr_QueryDomainInfo_ru {
585	UNION_INFO_ENT(2,samr_QueryDomainInfo);
586	UNION_INFO_ENT(6,samr_QueryDomainInfo);
587	UNION_INFO_ENT(7,samr_QueryDomainInfo);
588	DEFAULT	char *nullptr;
589};
590
591struct samr_QueryDomainInfoRes {
592	WORD switch_value;
593	SWITCH(switch_value)
594		union samr_QueryDomainInfo_ru ru;
595};
596
597OPERATION(SAMR_OPNUM_QueryDomainInfo)
598struct samr_QueryDomainInfo {
599	IN	samr_handle_t domain_handle;
600	IN	WORD info_level;
601	OUT	struct samr_QueryDomainInfoRes *info;
602	OUT	DWORD status;
603};
604
605/*
606 * Identical to SAMR_OPNUM_QueryDomainInfo.
607 */
608OPERATION(SAMR_OPNUM_QueryInfoDomain2)
609struct samr_QueryInfoDomain2 {
610	IN	samr_handle_t	domain_handle;
611	IN	WORD		info_level;
612	OUT	struct samr_QueryDomainInfoRes *info;
613	OUT	DWORD		status;
614};
615
616#define SAMR_QUERY_ALIAS_INFO_1			1
617#define SAMR_QUERY_ALIAS_INFO_3			3
618
619
620struct samr_QueryAliasInfo1 {
621	WORD level;
622	samr_string_t name;
623	DWORD unknown;
624	samr_string_t desc;
625};
626
627struct samr_QueryAliasInfo3 {
628	WORD level;
629	samr_string_t desc;
630};
631
632union samr_QueryAliasInfo_ru {
633	UNION_INFO_ENT(1,samr_QueryAliasInfo);
634	UNION_INFO_ENT(3,samr_QueryAliasInfo);
635	DEFAULT	char *nullptr;
636};
637
638struct samr_QueryAliasInfoRes {
639	DWORD address;
640	WORD switch_value;
641	SWITCH(switch_value)
642		union samr_QueryAliasInfo_ru ru;
643};
644
645OPERATION(SAMR_OPNUM_QueryAliasInfo)
646struct samr_QueryAliasInfo {
647	IN	samr_handle_t alias_handle;
648	IN	WORD level;
649	OUT DWORD address;
650  SWITCH (level)
651	OUT	union samr_QueryAliasInfo_ru ru;
652	OUT	DWORD status;
653};
654
655OPERATION(SAMR_OPNUM_CreateDomainAlias)
656struct samr_CreateDomainAlias {
657	IN	samr_handle_t domain_handle;
658	IN	samr_string_t alias_name;
659	IN	DWORD access_mask;
660	OUT samr_handle_t alias_handle;
661	OUT	DWORD rid;
662	OUT	DWORD status;
663};
664
665OPERATION(SAMR_OPNUM_SetAliasInfo)
666struct samr_SetAliasInfo {
667	IN	samr_handle_t alias_handle;
668	IN	WORD level;
669	/* TBD */
670	OUT	DWORD status;
671};
672
673OPERATION(SAMR_OPNUM_DeleteDomainAlias)
674struct samr_DeleteDomainAlias {
675	INOUT	samr_handle_t alias_handle;
676	OUT	DWORD status;
677};
678
679OPERATION(SAMR_OPNUM_OpenAlias)
680struct samr_OpenAlias {
681	IN	samr_handle_t domain_handle;
682	IN	DWORD access_mask;
683	IN	DWORD rid;
684	OUT samr_handle_t alias_handle;
685	OUT	DWORD status;
686};
687
688struct name_rid {
689	DWORD rid;
690	samr_string_t name;
691};
692
693struct aliases_info {
694	DWORD count;
695	DWORD address;
696	SIZE_IS(count)
697	struct name_rid info[ANY_SIZE_ARRAY];
698};
699
700OPERATION(SAMR_OPNUM_EnumDomainAliases)
701struct samr_EnumDomainAliases {
702	IN	samr_handle_t domain_handle;
703	IN	DWORD resume_handle;
704	IN	DWORD mask;
705	OUT	DWORD out_resume;
706	OUT struct aliases_info *aliases;
707	OUT DWORD entries;
708	OUT	DWORD status;
709};
710
711struct user_acct_info {
712	DWORD index;
713	DWORD rid;
714	DWORD ctrl;
715	samr_string_t name;
716	samr_string_t fullname;
717	samr_string_t desc;
718};
719
720struct user_disp_info {
721	OUT DWORD total_size;
722	OUT DWORD returned_size;
723	OUT WORD switch_value;
724	DWORD count;
725	SIZE_IS(count)
726	struct user_acct_info *acct;
727};
728
729OPERATION(SAMR_OPNUM_QueryDispInfo)
730struct samr_QueryDispInfo {
731	IN	samr_handle_t domain_handle;
732	IN	WORD level;
733	IN	DWORD start_idx;
734	IN	DWORD max_entries;
735	IN	DWORD pref_maxsize;
736	OUT struct user_disp_info users;
737	OUT	DWORD status;
738};
739
740struct group_acct_info {
741	DWORD index;
742	DWORD rid;
743	DWORD ctrl;
744	samr_string_t name;
745	samr_string_t desc;
746};
747
748struct group_disp_info {
749	DWORD count;
750	/* right now we just need one entry */
751	struct group_acct_info acct[1];
752};
753
754OPERATION(SAMR_OPNUM_EnumDomainGroups)
755struct samr_EnumDomainGroups {
756	IN	samr_handle_t domain_handle;
757	IN	WORD level;
758	IN	DWORD start_idx;
759	IN	DWORD max_entries;
760	IN	DWORD pref_maxsize;
761	OUT DWORD total_size;
762	OUT DWORD returned_size;
763	OUT WORD switch_value;
764	OUT DWORD count;
765	OUT struct group_disp_info *groups;
766	OUT	DWORD status;
767};
768
769/*
770 ***********************************************************************
771 * OpenUser
772 *
773 * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain,
774 * an access mask and the appropriate user rid. The output will be a
775 * handle for use with the specified user.
776 ***********************************************************************
777 */
778OPERATION(SAMR_OPNUM_OpenUser)
779struct samr_OpenUser {
780	IN	samr_handle_t handle;
781	IN	DWORD access_mask;
782	IN	DWORD rid;
783	OUT	samr_handle_t user_handle;
784	OUT	DWORD status;
785};
786
787
788/*
789 ***********************************************************************
790 * DeleteUser
791 ***********************************************************************
792 */
793OPERATION(SAMR_OPNUM_DeleteUser)
794struct samr_DeleteUser {
795	INOUT	samr_handle_t user_handle;
796	OUT	DWORD status;
797};
798
799
800/*
801 ***********************************************************************
802 * QueryUserInfo
803 *
804 * Provides various pieces of information on a specific user (see
805 * SAM_Q_QUERY_USERINFO and SAM_R_QUERY_USERINFO). The handle must
806 * be a valid SAM user handle.
807 *
808 * QueryUserInfo (
809 *	IN samr_handle_t user_handle,
810 *	IN WORD switch_value,
811 *	OUT union switch(switch_value) {
812 *		case 1: struct QueryUserInfo1 *info1;
813 *	} bufptr,
814 *	OUT DWORD status
815 * )
816 *
817 * typedef enum _USER_INFORMATION_CLASS {
818 *	UserGeneralInformation		= 1,
819 *	UserPreferencesInformation	= 2,
820 *	UserLogonInformation		= 3,
821 *	UserLogonHoursInformation	= 4,
822 *	UserAccountInformation		= 5,
823 *	UserNameInformation		= 6,
824 *	UserAccountNameInformation	= 7,
825 *	UserFullNameInformation		= 8,
826 *	UserPrimaryGroupInformation	= 9,
827 *	UserHomeInformation		= 10,
828 *	UserScriptInformation		= 11,
829 *	UserProfileInformation		= 12,
830 *	UserAdminCommentInformation	= 13,
831 *	UserWorkStationsInformation	= 14,
832 *	UserControlInformation		= 16,
833 *	UserExpiresInformation		= 17,
834 *	UserInternal1Information	= 18,
835 *	UserParametersInformation	= 20,
836 *	UserAllInformation		= 21,
837 *	UserInternal4Information	= 23,
838 *	UserInternal5Information	= 24,
839 *	UserInternal4InformationNew	= 25,
840 *	UserInternal5InformationNew	= 26,
841 * } USER_INFORMATION_CLASS;
842 *
843 * 1 = username, fullname, description and some other stuff.
844 * 3 = large structure containing user rid, group rid, username
845 *     and fullname.
846 * 5 = large structure (like 3) containing user rid, group rid,
847 *     username, fullname and description.
848 * 6 = username and fullname
849 * 7 = username
850 * 8 = fullname
851 * 9 = group rid
852 * 16 = used after creating a new account
853 *
854 * Due to an ndrgen bug, a function must be provided to to patch the
855 * offsets used by the unmarshalling code at runtime.  In order to
856 * simplify things it is useful to use a naming convention that
857 * indicates the switch value for each structure.
858 *
859 ***********************************************************************
860 */
861
862
863#define SAMR_QUERY_USER_INFO_1			1
864#define SAMR_QUERY_USER_UNAME_AND_FNAME		6
865#define SAMR_QUERY_USER_USERNAME		7
866#define SAMR_QUERY_USER_FULLNAME		8
867#define SAMR_QUERY_USER_GROUPRID		9
868#define SAMR_QUERY_USER_CONTROL_INFO		16
869#define SAMR_QUERY_USER_ALL_INFO		21
870
871
872struct samr_QueryUserInfo1 {
873	samr_string_t username;
874	samr_string_t fullname;
875	DWORD group_rid;
876	samr_string_t description;
877	samr_string_t unknown;
878};
879
880
881struct samr_QueryUserInfo6 {
882	samr_string_t username;
883	samr_string_t fullname;
884};
885
886struct samr_QueryUserInfo7 {
887	samr_string_t username;
888};
889
890
891struct samr_QueryUserInfo8 {
892	samr_string_t fullname;
893};
894
895
896struct samr_QueryUserInfo9 {
897	DWORD group_rid;
898};
899
900
901struct samr_QueryUserInfo16 {
902	DWORD unknown;
903};
904
905/*
906 * SAMR_USER_ALL_INFORMATION
907 */
908struct samr_QueryUserInfo21 {
909	samr_quad_t		LastLogon;
910	samr_quad_t		LastLogoff;
911	samr_quad_t		PasswordLastSet;
912	samr_quad_t		AccountExpires;
913	samr_quad_t		PasswordCanChange;
914	samr_quad_t		PasswordMustChange;
915	samr_string_t		UserName;
916	samr_string_t		FullName;
917	samr_string_t		HomeDirectory;
918	samr_string_t		HomeDirectoryDrive;
919	samr_string_t		ScriptPath;
920	samr_string_t		ProfilePath;
921	samr_string_t		AdminComment;
922	samr_string_t		WorkStations;
923	samr_string_t		UserComment;
924	samr_string_t		Parameters;
925	struct samr_short_blob	LmOwfPassword;
926	struct samr_short_blob	NtOwfPassword;
927	samr_string_t		PrivateData;
928	samr_sd_t		SecurityDescriptor;
929	DWORD			UserId;
930	DWORD			PrimaryGroupId;
931	DWORD			UserAccountControl;
932	DWORD			WhichFields;
933	struct samr_logon_hours_all	LogonHours;
934	WORD			BadPasswordCount;
935	WORD			LogonCount;
936	WORD			CountryCode;
937	WORD			CodePage;
938	BYTE			LmPasswordPresent;
939	BYTE			NtPasswordPresent;
940	BYTE			PasswordExpired;
941	BYTE			PrivateDataSensitive;
942};
943
944union QueryUserInfo_result_u {
945	UNION_INFO_ENT(1,samr_QueryUserInfo);
946	UNION_INFO_ENT(6,samr_QueryUserInfo);
947	UNION_INFO_ENT(7,samr_QueryUserInfo);
948	UNION_INFO_ENT(8,samr_QueryUserInfo);
949	UNION_INFO_ENT(9,samr_QueryUserInfo);
950	UNION_INFO_ENT(16,samr_QueryUserInfo);
951	UNION_INFO_ENT(21,samr_QueryUserInfo);
952	DEFAULT	char *nullptr;
953};
954
955
956/*
957 * This structure needs to be declared, even though it can't be used in
958 * samr_QueryUserInfo, in order to get the appropriate size to calculate
959 * the correct fixup offsets.  If ndrgen did the right thing,
960 * QueryUserInfo_result would be one of the out parameters.  However, if
961 * we do it that way, the switch_value isn't known early enough to do
962 * the fixup calculation.  So it all has to go in samr_QueryUserInfo.
963 */
964struct QueryUserInfo_result {
965	DWORD address;
966	WORD switch_value;
967	SWITCH(switch_value)
968		union QueryUserInfo_result_u ru;
969};
970
971
972OPERATION(SAMR_OPNUM_QueryUserInfo)
973struct samr_QueryUserInfo {
974	IN	samr_handle_t user_handle;
975	IN	WORD switch_value;
976	/*
977	 * Can't use this form because we need to include members explicitly.
978	 * OUT	struct QueryUserInfo_result result;
979	 */
980	OUT	DWORD address;
981	OUT	WORD switch_index;
982  SWITCH(switch_value)
983	OUT	union QueryUserInfo_result_u ru;
984	OUT	DWORD status;
985};
986
987
988/*
989 ***********************************************************************
990 * QueryUserGroups
991 ***********************************************************************
992 */
993struct samr_UserGroups {
994	DWORD rid;
995	DWORD attr;
996};
997
998
999struct samr_UserGroupInfo {
1000	DWORD n_entry;
1001  SIZE_IS(n_entry)
1002	struct samr_UserGroups *groups;
1003};
1004
1005
1006OPERATION(SAMR_OPNUM_QueryUserGroups)
1007struct samr_QueryUserGroups {
1008	IN	samr_handle_t user_handle;
1009	OUT struct samr_UserGroupInfo *info;
1010	OUT	DWORD status;
1011};
1012
1013
1014/*
1015 ***********************************************************************
1016 * LookupName
1017 ***********************************************************************
1018 */
1019struct samr_LookupNameTable {
1020	DWORD n_entry;
1021  SIZE_IS(n_entry)
1022	samr_string_t names[ANY_SIZE_ARRAY];
1023};
1024
1025
1026struct samr_LookupRidTable {
1027	DWORD n_entry;
1028  SIZE_IS(n_entry)
1029	DWORD *rid;
1030};
1031
1032struct samr_RidType {
1033	DWORD n_entry;
1034  SIZE_IS(n_entry)
1035	DWORD *rid_type;
1036};
1037
1038
1039OPERATION(SAMR_OPNUM_LookupNames)
1040struct samr_LookupNames {
1041	IN	samr_handle_t handle;
1042	IN	DWORD n_entry;
1043	IN	DWORD max_n_entry;
1044	IN	DWORD index;
1045	IN	DWORD total;
1046	IN	samr_string_t name;
1047	OUT	struct samr_LookupRidTable rids;
1048	OUT	struct samr_RidType rid_types;
1049	OUT	DWORD status;
1050};
1051
1052
1053/*
1054 ***********************************************************************
1055 * OpenGroup
1056 *
1057 * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain,
1058 * an access mask and the appropriate group rid. The output will be a
1059 * handle for use with the specified group.
1060 ***********************************************************************
1061 */
1062OPERATION(SAMR_OPNUM_OpenGroup)
1063struct samr_OpenGroup {
1064	IN	samr_handle_t handle;
1065	IN	DWORD access_mask;
1066	IN	DWORD rid;
1067	OUT	samr_handle_t group_handle;
1068	OUT	DWORD status;
1069};
1070
1071
1072/*
1073 ***********************************************************************
1074 * QueryGroupInfo
1075 *
1076 * Input must be a group handle obtained via SAMR_OPNUM_OpenGroup,
1077 * an access mask and the appropriate group rid. The output will
1078 * be a handle for use with the specified group.
1079 ***********************************************************************
1080 */
1081struct samr_QueryGroupInfo1 {
1082	samr_string_t groupname;
1083};
1084
1085
1086union samr_QueryGroupInfo_result_u {
1087	UNION_INFO_ENT(1,samr_QueryGroupInfo);
1088	DEFAULT	char *nullptr;
1089};
1090
1091
1092struct samr_QueryGroupInfo_result {
1093	DWORD address;
1094	WORD switch_index;
1095  SWITCH(switch_index)
1096	union samr_QueryGroupInfo_result_u ru;
1097};
1098
1099
1100OPERATION(SAMR_OPNUM_QueryGroupInfo)
1101struct samr_QueryGroupInfo {
1102	IN	samr_handle_t group_handle;
1103	IN	DWORD switch_value;
1104	OUT	DWORD address;
1105	OUT	WORD switch_index;
1106  SWITCH(switch_index)
1107	OUT	union samr_QueryGroupInfo_result_u ru;
1108	OUT	DWORD status;
1109};
1110
1111
1112/*
1113 ***********************************************************************
1114 * StoreGroupInfo
1115 *
1116 * This definition is mostly just a place holder in case this is useful
1117 * in the future. Note that it may not be correct. The information is
1118 * from a netmon trace captured when I added a group description. I
1119 * haven't implemented it because we don't have to update anything on
1120 * the PDC. The description should almost certainly be in a separate
1121 * structure.
1122 ***********************************************************************
1123 */
1124OPERATION(SAMR_OPNUM_StoreGroupInfo)
1125struct samr_StoreGroupInfo {
1126	IN	samr_handle_t group_handle;
1127	IN	DWORD switch_value;
1128	IN	samr_string_t group_description;
1129	OUT	DWORD status;
1130};
1131
1132/*
1133 * AddAliasMember
1134 */
1135OPERATION(SAMR_OPNUM_AddAliasMember)
1136struct samr_AddAliasMember {
1137	IN		samr_handle_t alias_handle;
1138	IN REFERENCE	struct samr_sid *sid;
1139	OUT DWORD	status;
1140};
1141
1142/*
1143 * DeleteAliasMember
1144 */
1145OPERATION(SAMR_OPNUM_DeleteAliasMember)
1146struct samr_DeleteAliasMember {
1147	IN		samr_handle_t alias_handle;
1148	IN REFERENCE	struct samr_sid *sid;
1149	OUT DWORD	status;
1150};
1151
1152struct samr_SidList {
1153	struct samr_sid		*sid;
1154};
1155
1156struct samr_SidInfo {
1157	DWORD n_entry;
1158  SIZE_IS(n_entry)
1159	struct samr_SidList	*sidlist;
1160};
1161
1162/*
1163 * ListAliasMembers
1164 */
1165OPERATION(SAMR_OPNUM_ListAliasMembers)
1166struct samr_ListAliasMembers {
1167	IN		samr_handle_t alias_handle;
1168	OUT		struct samr_SidInfo info;
1169	OUT DWORD	status;
1170};
1171
1172/*
1173 ***********************************************************************
1174 * GetUserDomainPasswordInformation
1175 ***********************************************************************
1176 */
1177OPERATION(SAMR_OPNUM_GetUserPwInfo)
1178struct samr_GetUserPwInfo {
1179	IN		samr_handle_t		user_handle;
1180	OUT REFERENCE	samr_password_info_t	*pwinfo;
1181	OUT		DWORD			status;
1182};
1183
1184
1185/*
1186 ***********************************************************************
1187 * CreateUser
1188 *
1189 * Create a user in the domain specified by the domain handle. The
1190 * domain handle is obtained obtained via SAMR_OPNUM_OpenDomain.
1191 * DesiredAccess: 0xe00500b0.
1192 * The output will be a handle for use with the specified user and the
1193 * user's RID. I think the RID may be a unique pointer (it can be null).
1194 ***********************************************************************
1195 */
1196OPERATION(SAMR_OPNUM_CreateUser)
1197struct samr_CreateUser {
1198	IN	samr_handle_t handle;
1199	IN	samr_vcbuf_t username;
1200	IN	DWORD account_flags;
1201	IN	DWORD desired_access;
1202	OUT	samr_handle_t user_handle;
1203	OUT	DWORD maybe_ptr;
1204	OUT	DWORD rid;
1205	OUT	DWORD status;
1206};
1207
1208
1209/*
1210 ***********************************************************************
1211 * ChangeUserPasswd
1212 ***********************************************************************
1213 */
1214struct samr_newpasswd {
1215	BYTE data[516];
1216};
1217
1218
1219struct samr_oldpasswd {
1220	BYTE data[16];
1221};
1222
1223
1224OPERATION(SAMR_OPNUM_ChangeUserPasswd)
1225struct samr_ChangeUserPasswd {
1226	IN	LPTSTR servername;
1227	IN	LPTSTR username;
1228	IN	struct samr_newpasswd *nt_newpasswd;
1229	IN	struct samr_oldpasswd *nt_oldpasswd;
1230	IN	struct samr_newpasswd *lm_newpasswd;
1231	IN	struct samr_oldpasswd *lm_oldpasswd;
1232	OUT	DWORD status;
1233};
1234
1235
1236/*
1237 ***********************************************************************
1238 * GetDomainPwInfo
1239 ***********************************************************************
1240 */
1241OPERATION(SAMR_OPNUM_GetDomainPwInfo)
1242struct samr_GetDomainPwInfo {
1243	IN		DWORD			unused;
1244	OUT REFERENCE	samr_password_info_t	*pwinfo;
1245	OUT		DWORD			status;
1246};
1247
1248
1249/*
1250 ***********************************************************************
1251 * SetUserInfo
1252 *
1253 *	+++ 20 byte user handle and the union switch_value +++
1254 *	00 00 00 00 77 F2 DD D5 66 48 D4 11 AD 5F D1 CD
1255 *	18 43 7A DF 17 00 17 00
1256 *
1257 *	+++ 14 dwords (56 bytes) of zeros +++
1258 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1259 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1260 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1261 *	00 00 00 00 00 00 00 00
1262 *
1263 *	+++ 9 sets of something - 72 bytes +++
1264 *	00 00 02 00 D0 04 8A 77
1265 *	00 00 02 00 D0 04 8A 77
1266 *	00 00 02 00 D0 04 8A 77
1267 *	00 00 02 00 D0 04 8A 77
1268 *	00 00 02 00 D0 04 8A 77
1269 *	00 00 02 00 D0 04 8A 77
1270 *	00 00 02 00 D0 04 8A 77
1271 *	00 00 02 00 D0 04 8A 77
1272 *	00 00 02 00 D0 04 8A 77
1273 *
1274 *	+++ 9 DWORD zeros +++
1275 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1276 *	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1277 *	00 00 00 00
1278 *
1279 *	+++ miscellaneous +++
1280 *	01 02 00 00
1281 *	80 00 00 00
1282 *	FA 27 F8 09
1283 *	A8 00 00 00 70 F1 14 00
1284 *	00 00 00 00 00 00 00 00 00 00 00 00
1285 *
1286 *	+++ encrypted password buffer - 512 bytes +++
1287 *	76 68 E8 AA 23 4F 62 C4 81 4E 30 B8 92 29 66 B9
1288 *	12 FF 3A 84 82 3A 55 0F C7 18 EA 56 86 50 D7 C5
1289 *	43 BA 9C F8 32 D4 E0 15 74 A1 6F E1 59 C2 F2 95
1290 *	53 A9 F2 68 9F 7F 29 B9 88 4C 65 A5 C1 DC 0B 44
1291 *	B8 3C ED 74 D1 6A F7 09 66 97 94 6B 2C 3A A5 88
1292 *	39 34 C6 FE 24 59 30 2D CF 6D 7F D5 EC B1 9A 84
1293 *	E6 57 96 29 40 32 FB 62 9D 93 E2 BE D8 A3 74 88
1294 *	8B 85 BC A0 76 D6 C9 DB 8C AF 81 BD 8A F0 08 8D
1295 *	23 B0 52 FD 69 DE EF A1 36 E5 30 19 BD DA 67 A3
1296 *	81 BD 3F D0 2A A2 8F 60 62 B0 8D 34 9E A4 4F 20
1297 *	4E 79 93 82 58 A8 E5 6F 7A DC 12 13 33 E6 74 02
1298 *	4C 32 F9 FC 1A E1 C5 0D E2 CC 36 8D FC 72 87 DD
1299 *	6C 44 E3 6F 4B FD 46 10 08 89 E5 64 B8 27 14 83
1300 *	E7 08 DE CF 69 C7 E1 40 63 DF CB 67 95 73 03 1B
1301 *	CA 99 E1 1B 53 2A 89 6B 30 39 CD 5C DF A0 8A 1C
1302 *	4E 50 74 7C 6D 3D E7 EA E9 B2 97 DD 38 7B DA EC
1303 *	1A AD DA CE C4 58 9B 29 F3 6D 30 70 4E 63 6D 84
1304 *	DB DC 5B CD 9A 4E 57 9C E4 65 5D 4F 76 E3 C7 52
1305 *	8B 3B 20 0A 3B 4C 4B B1 2E 5B 4D AB BA 2F 45 6A
1306 *	CA 17 AD 9F C0 B2 07 FB 56 7F E4 3F 9F D4 C6 8C
1307 *	A1 05 BF 53 42 1E 67 F4 57 54 E3 2C 38 CF E1 94
1308 *	75 69 F7 4E 5C 74 CC B3 FD EF 73 3F D5 28 22 EC
1309 *	9B 40 E1 1D 65 44 7C BB 69 88 57 10 05 3A C5 48
1310 *	8E 4F 77 DB 1A 5C 49 9C D5 06 00 AC 79 BC 7E 89
1311 *	B0 01 66 70 88 A2 E5 DF 96 DC 75 98 10 12 45 02
1312 *	33 35 6C DF 74 8B 14 2F 26 C6 FD 7A B4 D0 A6 7D
1313 *	DE 2B 13 44 EF 34 46 4D 9D 3E C3 75 BC 11 B4 41
1314 *	27 58 25 1E AF AA F0 BB DA 27 7A 1E AE 81 1A 78
1315 *	44 19 DE FC C4 7C 4E 32 44 F7 57 2A 41 A2 85 DC
1316 *	C0 AD 5D 6B 58 FD 2E 75 25 B9 F2 B6 19 82 E5 0E
1317 *	B6 69 0D C1 27 A9 B6 40 A6 50 49 E5 CB 17 98 65
1318 *	88 18 CA E4 1D 2E 20 F7 DE 8E 7D F2 9D A5 6B CD
1319 *
1320 *	D6 79 45 71
1321 *
1322 *	+++ table of 9 things +++
1323 *	01 00 00 00 00 00 00 00 00 00 00 00
1324 *	01 00 00 00 00 00 00 00 00 00 00 00
1325 *	01 00 00 00 00 00 00 00 00 00 00 00
1326 *	01 00 00 00 00 00 00 00 00 00 00 00
1327 *	01 00 00 00 00 00 00 00 00 00 00 00
1328 *	01 00 00 00 00 00 00 00 00 00 00 00
1329 *	01 00 00 00 00 00 00 00 00 00 00 00
1330 *	01 00 00 00 00 00 00 00 00 00 00 00
1331 *	01 00 00 00 00 00 00 00 00 00 00 00
1332 *
1333 *	+++ miscellaneous +++
1334 *	EC 04 00 00 00 00 00 00 15 00 00 00
1335 *	FF FF FF FF FF FF FF FF FF FF FF FF
1336 *	FF FF FF FF FF FF FF FF FF
1337 *
1338 ***********************************************************************
1339 */
1340
1341#define SAMR_SET_USER_INFO_23		23
1342#define SAMR_SET_USER_DATA_SZ		516
1343
1344struct samr_SetUserInfo23 {
1345	samr_quad_t logon_time;			/* 00 00 00 00 00 00 00 00 */
1346	samr_quad_t logoff_time;		/* 00 00 00 00 00 00 00 00 */
1347	samr_quad_t kickoff_time;		/* 00 00 00 00 00 00 00 00 */
1348	samr_quad_t passwd_last_set_time;	/* 00 00 00 00 00 00 00 00 */
1349	samr_quad_t passwd_can_change_time;	/* 00 00 00 00 00 00 00 00 */
1350	samr_quad_t passwd_must_change_time;	/* 00 00 00 00 00 00 00 00 */
1351
1352	samr_vcbuf_t user_name;			/* 00 00 00 00 00 00 00 00 */
1353	samr_vcbuf_t full_name;			/* 00 00 02 00 D0 04 8A 77 */
1354	samr_vcbuf_t home_dir;			/* 00 00 02 00 D0 04 8A 77 */
1355	samr_vcbuf_t home_drive;		/* 00 00 02 00 D0 04 8A 77 */
1356	samr_vcbuf_t logon_script;		/* 00 00 02 00 D0 04 8A 77 */
1357	samr_vcbuf_t profile_path;		/* 00 00 02 00 D0 04 8A 77 */
1358	samr_vcbuf_t acct_desc;			/* 00 00 02 00 D0 04 8A 77 */
1359	samr_vcbuf_t workstations;		/* 00 00 02 00 D0 04 8A 77 */
1360	samr_vcbuf_t unknown1;			/* 00 00 02 00 D0 04 8A 77 */
1361	samr_vcbuf_t unknown2;			/* 00 00 02 00 D0 04 8A 77 */
1362	samr_vcbuf_t lm_password;		/* 00 00 00 00 00 00 00 00 */
1363	samr_vcbuf_t nt_password;		/* 00 00 00 00 00 00 00 00 */
1364	samr_vcbuf_t unknown3;			/* 00 00 00 00 00 00 00 00 */
1365
1366	struct samr_sd sd;			/* 00 00 00 00 00 00 00 00 */
1367	DWORD user_rid;				/* 00 00 00 00 */
1368	DWORD group_rid;			/* 01 02 00 00 */
1369	DWORD acct_info;			/* 80 00 00 00 */
1370	DWORD flags;				/* FA 27 F8 09 */
1371	struct samr_logon_info logon_info;  /* A8 00 00 00 70 F1 14 00->0xFF */
1372	/*
1373	 * The following 12 bytes are encoded in Ethereal as:
1374	 *
1375	 *	WORD bad_pwd_count;
1376	 *	WORD logon_count;
1377	 *
1378	 *	WORD country;			(default 0)
1379	 *	WORD codepage;
1380	 *
1381	 *	BYTE nt_pwd_set;
1382	 *	BYTE lm_pwd_set;
1383	 *	BYTE expired_flag;
1384	 *	BYTE unknown_char;
1385	 */
1386	DWORD unknown4_zero;			/* 00 00 00 00 */
1387	DWORD unknown5_zero;			/* 00 00 00 00 */
1388	DWORD unknown6_zero;			/* 00 00 00 00 */
1389	BYTE password[SAMR_SET_USER_DATA_SZ];
1390};
1391
1392
1393union samr_SetUserInfo_u {
1394	UNION_INFO_ENT(23,samr_SetUserInfo);
1395	DEFAULT	char *nullptr;
1396};
1397
1398
1399struct samr_SetUserInfo_s {
1400	WORD index;
1401	WORD switch_value;
1402  SWITCH(switch_value)
1403	union samr_SetUserInfo_u ru;
1404};
1405
1406
1407/*
1408	IN	DWORD unknown_04EC;
1409	IN	DWORD unknown_zero;
1410	IN	DWORD logon_bitmap_size;
1411	IN	BYTE logon_bitmap[SAMR_SET_USER_HOURS_SZ];
1412*/
1413OPERATION(SAMR_OPNUM_SetUserInfo)
1414struct samr_SetUserInfo {
1415	IN	samr_handle_t user_handle;
1416	IN	struct samr_SetUserInfo_s info;
1417	IN	struct samr_logon_hours logon_hours;
1418	OUT	DWORD status;
1419};
1420
1421
1422/*
1423 ***********************************************************************
1424 * The SAMR interface definition.
1425 ***********************************************************************
1426 */
1427INTERFACE(0)
1428union samr_interface {
1429	CASE(SAMR_OPNUM_ConnectAnon)
1430		struct samr_ConnectAnon		ConnectAnon;
1431	CASE(SAMR_OPNUM_CloseHandle)
1432		struct samr_CloseHandle		CloseHandle;
1433	CASE(SAMR_OPNUM_LookupDomain)
1434		struct samr_LookupDomain	LookupDomain;
1435	CASE(SAMR_OPNUM_EnumLocalDomains)
1436		struct samr_EnumLocalDomain	EnumLocalDomain;
1437	CASE(SAMR_OPNUM_OpenDomain)
1438		struct samr_OpenDomain		OpenDomain;
1439	CASE(SAMR_OPNUM_QueryDomainInfo)
1440		struct samr_QueryDomainInfo	QueryDomainInfo;
1441	CASE(SAMR_OPNUM_QueryInfoDomain2)
1442		struct samr_QueryInfoDomain2	QueryInfoDomain2;
1443	CASE(SAMR_OPNUM_LookupNames)
1444		struct samr_LookupNames		LookupNames;
1445	CASE(SAMR_OPNUM_OpenUser)
1446		struct samr_OpenUser		OpenUser;
1447	CASE(SAMR_OPNUM_DeleteUser)
1448		struct samr_DeleteUser		DeleteUser;
1449	CASE(SAMR_OPNUM_QueryUserInfo)
1450		struct samr_QueryUserInfo	QueryUserInfo;
1451	CASE(SAMR_OPNUM_QueryUserGroups)
1452		struct samr_QueryUserGroups	QueryUserGroups;
1453	CASE(SAMR_OPNUM_OpenGroup)
1454		struct samr_OpenGroup		OpenGroup;
1455	CASE(SAMR_OPNUM_AddAliasMember)
1456		struct samr_AddAliasMember	AddAliasMember;
1457	CASE(SAMR_OPNUM_DeleteAliasMember)
1458		struct samr_DeleteAliasMember	DeleteAliasMember;
1459	CASE(SAMR_OPNUM_ListAliasMembers)
1460		struct samr_ListAliasMembers	ListAliasMembers;
1461	CASE(SAMR_OPNUM_GetUserPwInfo)
1462		struct samr_GetUserPwInfo	GetUserPwInfo;
1463	CASE(SAMR_OPNUM_CreateUser)
1464		struct samr_CreateUser		CreateUser;
1465	CASE(SAMR_OPNUM_ChangeUserPasswd)
1466		struct samr_ChangeUserPasswd	ChangeUserPasswd;
1467	CASE(SAMR_OPNUM_GetDomainPwInfo)
1468		struct samr_GetDomainPwInfo	GetDomainPwInfo;
1469	CASE(SAMR_OPNUM_Connect)
1470		struct samr_Connect		Connect;
1471	CASE(SAMR_OPNUM_SetUserInfo)
1472		struct samr_SetUserInfo		SetUserInfo;
1473	CASE(SAMR_OPNUM_Connect3)
1474		struct samr_Connect3		Connect3;
1475	CASE(SAMR_OPNUM_Connect4)
1476		struct samr_Connect4		Connect4;
1477	CASE(SAMR_OPNUM_QueryDispInfo)
1478		struct samr_QueryDispInfo	QueryDispInfo;
1479	CASE(SAMR_OPNUM_OpenAlias)
1480		struct samr_OpenAlias		OpenAlias;
1481	CASE(SAMR_OPNUM_CreateDomainAlias)
1482		struct samr_CreateDomainAlias	CreateDomainAlias;
1483	CASE(SAMR_OPNUM_SetAliasInfo)
1484		struct samr_SetAliasInfo	SetAliasInfo;
1485	CASE(SAMR_OPNUM_QueryAliasInfo)
1486		struct samr_QueryAliasInfo	QueryAliasInfo;
1487	CASE(SAMR_OPNUM_DeleteDomainAlias)
1488		struct samr_DeleteDomainAlias	DeleteDomainAlias;
1489	CASE(SAMR_OPNUM_EnumDomainAliases)
1490		struct samr_EnumDomainAliases	EnumDomainAliases;
1491	CASE(SAMR_OPNUM_EnumDomainGroups)
1492		struct samr_EnumDomainGroups	EnumDomainGroups;
1493};
1494typedef union samr_interface	samr_interface_t;
1495EXTERNTYPEINFO(samr_interface)
1496
1497#endif /* _MLSVC_SAM_NDL_ */
1498