source: branches/samba-3.0/source/include/rpc_lsa.h

Last change on this file was 44, checked in by Paul Smedley, 18 years ago

Update source to 3.0.25b
File size: 32.5 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 SMB parameters and setup
4 Copyright (C) Andrew Tridgell 1992-1997
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
6 Copyright (C) Paul Ashton 1997
7 Copyright (C) Gerald (Jerry) Carter 2005
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22*/
23
24#ifndef _RPC_LSA_H /* _RPC_LSA_H */
25#define _RPC_LSA_H
26
27/* Opcodes available on PIPE_LSARPC */
28
29#define LSA_CLOSE 0x00
30#define LSA_DELETE 0x01
31#define LSA_ENUM_PRIVS 0x02
32#define LSA_QUERYSECOBJ 0x03
33#define LSA_SETSECOBJ 0x04
34#define LSA_CHANGEPASSWORD 0x05
35#define LSA_OPENPOLICY 0x06
36#define LSA_QUERYINFOPOLICY 0x07
37#define LSA_SETINFOPOLICY 0x08
38#define LSA_CLEARAUDITLOG 0x09
39#define LSA_CREATEACCOUNT 0x0a
40#define LSA_ENUM_ACCOUNTS 0x0b
41#define LSA_CREATETRUSTDOM 0x0c /* TODO: implement this one -- jerry */
42#define LSA_ENUMTRUSTDOM 0x0d
43#define LSA_LOOKUPNAMES 0x0e
44#define LSA_LOOKUPSIDS 0x0f
45#define LSA_CREATESECRET 0x10 /* TODO: implement this one -- jerry */
46#define LSA_OPENACCOUNT 0x11
47#define LSA_ENUMPRIVSACCOUNT 0x12
48#define LSA_ADDPRIVS 0x13
49#define LSA_REMOVEPRIVS 0x14
50#define LSA_GETQUOTAS 0x15
51#define LSA_SETQUOTAS 0x16
52#define LSA_GETSYSTEMACCOUNT 0x17
53#define LSA_SETSYSTEMACCOUNT 0x18
54#define LSA_OPENTRUSTDOM 0x19
55#define LSA_QUERYTRUSTDOMINFO 0x1a
56#define LSA_SETINFOTRUSTDOM 0x1b
57#define LSA_OPENSECRET 0x1c /* TODO: implement this one -- jerry */
58#define LSA_SETSECRET 0x1d /* TODO: implement this one -- jerry */
59#define LSA_QUERYSECRET 0x1e
60#define LSA_LOOKUPPRIVVALUE 0x1f
61#define LSA_LOOKUPPRIVNAME 0x20
62#define LSA_PRIV_GET_DISPNAME 0x21
63#define LSA_DELETEOBJECT 0x22 /* TODO: implement this one -- jerry */
64#define LSA_ENUMACCTWITHRIGHT 0x23 /* TODO: implement this one -- jerry */
65#define LSA_ENUMACCTRIGHTS 0x24
66#define LSA_ADDACCTRIGHTS 0x25
67#define LSA_REMOVEACCTRIGHTS 0x26
68#define LSA_QUERYTRUSTDOMINFOBYSID 0x27
69#define LSA_SETTRUSTDOMINFO 0x28
70#define LSA_DELETETRUSTDOM 0x29
71#define LSA_STOREPRIVDATA 0x2a
72#define LSA_RETRPRIVDATA 0x2b
73#define LSA_OPENPOLICY2 0x2c
74#define LSA_UNK_GET_CONNUSER 0x2d /* LsaGetConnectedCredentials ? */
75#define LSA_QUERYINFO2 0x2e
76#define LSA_QUERYTRUSTDOMINFOBYNAME 0x30
77#define LSA_QUERYDOMINFOPOL 0x35
78#define LSA_OPENTRUSTDOMBYNAME 0x37
79
80#define LSA_LOOKUPSIDS2 0x39
81#define LSA_LOOKUPNAMES2 0x3a
82#define LSA_LOOKUPNAMES3 0x44
83#define LSA_LOOKUPSIDS3 0x4c
84#define LSA_LOOKUPNAMES4 0x4d
85
86/* XXXX these are here to get a compile! */
87#define LSA_LOOKUPRIDS 0xFD
88
89#define LSA_AUDIT_NUM_CATEGORIES_NT4 7
90#define LSA_AUDIT_NUM_CATEGORIES_WIN2K 9
91
92#define LSA_AUDIT_NUM_CATEGORIES LSA_AUDIT_NUM_CATEGORIES_NT4
93
94#define LSA_AUDIT_POLICY_NONE 0x00
95#define LSA_AUDIT_POLICY_SUCCESS 0x01
96#define LSA_AUDIT_POLICY_FAILURE 0x02
97#define LSA_AUDIT_POLICY_ALL (LSA_AUDIT_POLICY_SUCCESS|LSA_AUDIT_POLICY_FAILURE)
98#define LSA_AUDIT_POLICY_CLEAR 0x04
99
100enum lsa_audit_categories {
101 LSA_AUDIT_CATEGORY_SYSTEM = 0,
102 LSA_AUDIT_CATEGORY_LOGON = 1,
103 LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS,
104 LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS,
105 LSA_AUDIT_CATEGORY_PROCCESS_TRACKING,
106 LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES,
107 LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT,
108 LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS, /* only in win2k/2k3 */
109 LSA_AUDIT_CATEGORY_ACCOUNT_LOGON /* only in win2k/2k3 */
110};
111
112/* level 1 is auditing settings */
113typedef struct dom_query_1
114{
115 uint32 percent_full;
116 uint32 log_size;
117 NTTIME retention_time;
118 uint8 shutdown_in_progress;
119 NTTIME time_to_shutdown;
120 uint32 next_audit_record;
121 uint32 unknown;
122} DOM_QUERY_1;
123
124
125/* level 2 is auditing settings */
126typedef struct dom_query_2
127{
128 uint32 auditing_enabled;
129 uint32 count1; /* usualy 7, at least on nt4sp4 */
130 uint32 count2; /* the same */
131 uint32 ptr;
132 uint32 *auditsettings;
133} DOM_QUERY_2;
134
135/* DOM_QUERY - info class 3 and 5 LSA Query response */
136typedef struct dom_query_info_3
137{
138 uint16 uni_dom_max_len; /* domain name string length * 2 */
139 uint16 uni_dom_str_len; /* domain name string length * 2 */
140 uint32 buffer_dom_name; /* undocumented domain name string buffer pointer */
141 uint32 buffer_dom_sid; /* undocumented domain SID string buffer pointer */
142 UNISTR2 uni_domain_name; /* domain name (unicode string) */
143 DOM_SID2 dom_sid; /* domain SID */
144
145} DOM_QUERY_3;
146
147/* level 5 is same as level 3. */
148typedef DOM_QUERY_3 DOM_QUERY_5;
149
150/* level 6 is server role information */
151typedef struct dom_query_6
152{
153 uint16 server_role; /* 2=backup, 3=primary */
154} DOM_QUERY_6;
155
156/* level 10 is audit full set info */
157typedef struct dom_query_10
158{
159 uint8 shutdown_on_full;
160} DOM_QUERY_10;
161
162/* level 11 is audit full query info */
163typedef struct dom_query_11
164{
165 uint16 unknown;
166 uint8 shutdown_on_full;
167 uint8 log_is_full;
168} DOM_QUERY_11;
169
170/* level 12 is DNS domain info */
171typedef struct lsa_dns_dom_info
172{
173 UNIHDR hdr_nb_dom_name; /* netbios domain name */
174 UNIHDR hdr_dns_dom_name;
175 UNIHDR hdr_forest_name;
176
177 struct GUID dom_guid; /* domain GUID */
178
179 UNISTR2 uni_nb_dom_name;
180 UNISTR2 uni_dns_dom_name;
181 UNISTR2 uni_forest_name;
182
183 uint32 ptr_dom_sid;
184 DOM_SID2 dom_sid; /* domain SID */
185} DOM_QUERY_12;
186
187typedef struct seq_qos_info
188{
189 uint32 len; /* 12 */
190 uint16 sec_imp_level; /* 0x02 - impersonation level */
191 uint8 sec_ctxt_mode; /* 0x01 - context tracking mode */
192 uint8 effective_only; /* 0x00 - effective only */
193
194} LSA_SEC_QOS;
195
196typedef struct obj_attr_info
197{
198 uint32 len; /* 0x18 - length (in bytes) inc. the length field. */
199 uint32 ptr_root_dir; /* 0 - root directory (pointer) */
200 uint32 ptr_obj_name; /* 0 - object name (pointer) */
201 uint32 attributes; /* 0 - attributes (undocumented) */
202 uint32 ptr_sec_desc; /* 0 - security descriptior (pointer) */
203 uint32 ptr_sec_qos; /* security quality of service */
204 LSA_SEC_QOS *sec_qos;
205
206} LSA_OBJ_ATTR;
207
208/* LSA_Q_OPEN_POL - LSA Query Open Policy */
209typedef struct lsa_q_open_pol_info
210{
211 uint32 ptr; /* undocumented buffer pointer */
212 uint16 system_name; /* 0x5c - system name */
213 LSA_OBJ_ATTR attr ; /* object attributes */
214
215 uint32 des_access; /* desired access attributes */
216
217} LSA_Q_OPEN_POL;
218
219/* LSA_R_OPEN_POL - response to LSA Open Policy */
220typedef struct lsa_r_open_pol_info
221{
222 POLICY_HND pol; /* policy handle */
223 NTSTATUS status; /* return code */
224
225} LSA_R_OPEN_POL;
226
227/* LSA_Q_OPEN_POL2 - LSA Query Open Policy */
228typedef struct lsa_q_open_pol2_info
229{
230 uint32 ptr; /* undocumented buffer pointer */
231 UNISTR2 uni_server_name; /* server name, starting with two '\'s */
232 LSA_OBJ_ATTR attr ; /* object attributes */
233
234 uint32 des_access; /* desired access attributes */
235
236} LSA_Q_OPEN_POL2;
237
238/* LSA_R_OPEN_POL2 - response to LSA Open Policy */
239typedef struct lsa_r_open_pol2_info
240{
241 POLICY_HND pol; /* policy handle */
242 NTSTATUS status; /* return code */
243
244} LSA_R_OPEN_POL2;
245
246
247#define POLICY_VIEW_LOCAL_INFORMATION 0x00000001
248#define POLICY_VIEW_AUDIT_INFORMATION 0x00000002
249#define POLICY_GET_PRIVATE_INFORMATION 0x00000004
250#define POLICY_TRUST_ADMIN 0x00000008
251#define POLICY_CREATE_ACCOUNT 0x00000010
252#define POLICY_CREATE_SECRET 0x00000020
253#define POLICY_CREATE_PRIVILEGE 0x00000040
254#define POLICY_SET_DEFAULT_QUOTA_LIMITS 0x00000080
255#define POLICY_SET_AUDIT_REQUIREMENTS 0x00000100
256#define POLICY_AUDIT_LOG_ADMIN 0x00000200
257#define POLICY_SERVER_ADMIN 0x00000400
258#define POLICY_LOOKUP_NAMES 0x00000800
259
260#define POLICY_ALL_ACCESS ( STANDARD_RIGHTS_REQUIRED_ACCESS |\
261 POLICY_VIEW_LOCAL_INFORMATION |\
262 POLICY_VIEW_AUDIT_INFORMATION |\
263 POLICY_GET_PRIVATE_INFORMATION |\
264 POLICY_TRUST_ADMIN |\
265 POLICY_CREATE_ACCOUNT |\
266 POLICY_CREATE_SECRET |\
267 POLICY_CREATE_PRIVILEGE |\
268 POLICY_SET_DEFAULT_QUOTA_LIMITS |\
269 POLICY_SET_AUDIT_REQUIREMENTS |\
270 POLICY_AUDIT_LOG_ADMIN |\
271 POLICY_SERVER_ADMIN |\
272 POLICY_LOOKUP_NAMES )
273
274
275#define POLICY_READ ( STANDARD_RIGHTS_READ_ACCESS |\
276 POLICY_VIEW_AUDIT_INFORMATION |\
277 POLICY_GET_PRIVATE_INFORMATION)
278
279#define POLICY_WRITE ( STD_RIGHT_READ_CONTROL_ACCESS |\
280 POLICY_TRUST_ADMIN |\
281 POLICY_CREATE_ACCOUNT |\
282 POLICY_CREATE_SECRET |\
283 POLICY_CREATE_PRIVILEGE |\
284 POLICY_SET_DEFAULT_QUOTA_LIMITS |\
285 POLICY_SET_AUDIT_REQUIREMENTS |\
286 POLICY_AUDIT_LOG_ADMIN |\
287 POLICY_SERVER_ADMIN)
288
289#define POLICY_EXECUTE ( STANDARD_RIGHTS_EXECUTE_ACCESS |\
290 POLICY_VIEW_LOCAL_INFORMATION |\
291 POLICY_LOOKUP_NAMES )
292
293/* LSA_Q_QUERY_SEC_OBJ - LSA query security */
294typedef struct lsa_query_sec_obj_info
295{
296 POLICY_HND pol; /* policy handle */
297 uint32 sec_info;
298
299} LSA_Q_QUERY_SEC_OBJ;
300
301/* LSA_R_QUERY_SEC_OBJ - probably an open */
302typedef struct r_lsa_query_sec_obj_info
303{
304 uint32 ptr;
305 SEC_DESC_BUF *buf;
306
307 NTSTATUS status; /* return status */
308
309} LSA_R_QUERY_SEC_OBJ;
310
311/* LSA_Q_QUERY_INFO - LSA query info policy */
312typedef struct lsa_query_info
313{
314 POLICY_HND pol; /* policy handle */
315 uint16 info_class; /* info class */
316
317} LSA_Q_QUERY_INFO;
318
319/* LSA_INFO_CTR */
320typedef struct lsa_info_ctr
321{
322 uint16 info_class;
323 union {
324 DOM_QUERY_1 id1;
325 DOM_QUERY_2 id2;
326 DOM_QUERY_3 id3;
327 DOM_QUERY_5 id5;
328 DOM_QUERY_6 id6;
329 DOM_QUERY_10 id10;
330 DOM_QUERY_11 id11;
331 DOM_QUERY_12 id12;
332 } info;
333
334} LSA_INFO_CTR;
335
336typedef LSA_INFO_CTR LSA_INFO_CTR2;
337
338/* LSA_Q_SET_INFO - LSA set info policy */
339typedef struct lsa_set_info
340{
341 POLICY_HND pol; /* policy handle */
342 uint16 info_class; /* info class */
343 LSA_INFO_CTR ctr;
344
345} LSA_Q_SET_INFO;
346
347/* LSA_R_SET_INFO - response to LSA set info policy */
348typedef struct lsa_r_set_info
349{
350 NTSTATUS status; /* return code */
351
352} LSA_R_SET_INFO;
353
354/* LSA_R_QUERY_INFO - response to LSA query info policy */
355typedef struct lsa_r_query_info
356{
357 uint32 dom_ptr; /* undocumented buffer pointer */
358 LSA_INFO_CTR ctr;
359 NTSTATUS status; /* return code */
360
361} LSA_R_QUERY_INFO;
362
363typedef LSA_Q_QUERY_INFO LSA_Q_QUERY_INFO2;
364typedef LSA_R_QUERY_INFO LSA_R_QUERY_INFO2;
365
366/*******************************************************/
367
368typedef struct {
369 POLICY_HND pol;
370 uint32 enum_context;
371 uint32 preferred_len; /* preferred maximum length */
372} LSA_Q_ENUM_TRUST_DOM;
373
374typedef struct {
375 UNISTR4 name;
376 DOM_SID2 *sid;
377} DOMAIN_INFO;
378
379typedef struct {
380 uint32 count;
381 DOMAIN_INFO *domains;
382} DOMAIN_LIST;
383
384typedef struct {
385 uint32 enum_context;
386 uint32 count;
387 DOMAIN_LIST *domlist;
388 NTSTATUS status;
389} LSA_R_ENUM_TRUST_DOM;
390
391/*******************************************************/
392
393/* LSA_Q_CLOSE */
394typedef struct lsa_q_close_info
395{
396 POLICY_HND pol; /* policy handle */
397
398} LSA_Q_CLOSE;
399
400/* LSA_R_CLOSE */
401typedef struct lsa_r_close_info
402{
403 POLICY_HND pol; /* policy handle. should be all zeros. */
404
405 NTSTATUS status; /* return code */
406
407} LSA_R_CLOSE;
408
409
410#define MAX_REF_DOMAINS 32
411
412/* DOM_TRUST_HDR */
413typedef struct dom_trust_hdr
414{
415 UNIHDR hdr_dom_name; /* referenced domain unicode string headers */
416 uint32 ptr_dom_sid;
417
418} DOM_TRUST_HDR;
419
420/* DOM_TRUST_INFO */
421typedef struct dom_trust_info
422{
423 UNISTR2 uni_dom_name; /* domain name unicode string */
424 DOM_SID2 ref_dom ; /* referenced domain SID */
425
426} DOM_TRUST_INFO;
427
428/* DOM_R_REF */
429typedef struct dom_ref_info
430{
431 uint32 num_ref_doms_1; /* num referenced domains */
432 uint32 ptr_ref_dom; /* pointer to referenced domains */
433 uint32 max_entries; /* 32 - max number of entries */
434 uint32 num_ref_doms_2; /* num referenced domains */
435
436 DOM_TRUST_HDR hdr_ref_dom[MAX_REF_DOMAINS]; /* referenced domains */
437 DOM_TRUST_INFO ref_dom [MAX_REF_DOMAINS]; /* referenced domains */
438
439} DOM_R_REF;
440
441/* the domain_idx points to a SID associated with the name */
442
443/* LSA_TRANS_NAME - translated name */
444typedef struct lsa_trans_name_info
445{
446 uint16 sid_name_use; /* value is 5 for a well-known group; 2 for a domain group; 1 for a user... */
447 UNIHDR hdr_name;
448 uint32 domain_idx; /* index into DOM_R_REF array of SIDs */
449
450} LSA_TRANS_NAME;
451
452/* LSA_TRANS_NAME2 - translated name */
453typedef struct lsa_trans_name_info2
454{
455 uint16 sid_name_use; /* value is 5 for a well-known group; 2 for a domain group; 1 for a user... */
456 UNIHDR hdr_name;
457 uint32 domain_idx; /* index into DOM_R_REF array of SIDs */
458 uint32 unknown;
459
460} LSA_TRANS_NAME2;
461
462/* This number is based on Win2k and later maximum response allowed */
463#define MAX_LOOKUP_SIDS 20480 /* 0x5000 */
464
465/* LSA_TRANS_NAME_ENUM - LSA Translated Name Enumeration container */
466typedef struct lsa_trans_name_enum_info
467{
468 uint32 num_entries;
469 uint32 ptr_trans_names;
470 uint32 num_entries2;
471
472 LSA_TRANS_NAME *name; /* translated names */
473 UNISTR2 *uni_name;
474
475} LSA_TRANS_NAME_ENUM;
476
477/* LSA_TRANS_NAME_ENUM2 - LSA Translated Name Enumeration container 2 */
478typedef struct lsa_trans_name_enum_info2
479{
480 uint32 num_entries;
481 uint32 ptr_trans_names;
482 uint32 num_entries2;
483
484 LSA_TRANS_NAME2 *name; /* translated names */
485 UNISTR2 *uni_name;
486
487} LSA_TRANS_NAME_ENUM2;
488
489/* LSA_SID_ENUM - LSA SID enumeration container */
490typedef struct lsa_sid_enum_info
491{
492 uint32 num_entries;
493 uint32 ptr_sid_enum;
494 uint32 num_entries2;
495
496 uint32 *ptr_sid; /* domain SID pointers to be looked up. */
497 DOM_SID2 *sid; /* domain SIDs to be looked up. */
498
499} LSA_SID_ENUM;
500
501/* LSA_Q_LOOKUP_SIDS - LSA Lookup SIDs */
502typedef struct lsa_q_lookup_sids
503{
504 POLICY_HND pol; /* policy handle */
505 LSA_SID_ENUM sids;
506 LSA_TRANS_NAME_ENUM names;
507 uint16 level;
508 uint32 mapped_count;
509
510} LSA_Q_LOOKUP_SIDS;
511
512/* LSA_R_LOOKUP_SIDS - response to LSA Lookup SIDs */
513typedef struct lsa_r_lookup_sids
514{
515 uint32 ptr_dom_ref;
516 DOM_R_REF *dom_ref; /* domain reference info */
517
518 LSA_TRANS_NAME_ENUM names;
519 uint32 mapped_count;
520
521 NTSTATUS status; /* return code */
522
523} LSA_R_LOOKUP_SIDS;
524
525/* LSA_Q_LOOKUP_SIDS2 - LSA Lookup SIDs 2*/
526typedef struct lsa_q_lookup_sids2
527{
528 POLICY_HND pol; /* policy handle */
529 LSA_SID_ENUM sids;
530 LSA_TRANS_NAME_ENUM2 names;
531 uint16 level;
532 uint32 mapped_count;
533 uint32 unknown1;
534 uint32 unknown2;
535
536} LSA_Q_LOOKUP_SIDS2;
537
538/* LSA_R_LOOKUP_SIDS2 - response to LSA Lookup SIDs 2*/
539typedef struct lsa_r_lookup_sids2
540{
541 uint32 ptr_dom_ref;
542 DOM_R_REF *dom_ref; /* domain reference info */
543
544 LSA_TRANS_NAME_ENUM2 names;
545 uint32 mapped_count;
546
547 NTSTATUS status; /* return code */
548
549} LSA_R_LOOKUP_SIDS2;
550
551/* LSA_Q_LOOKUP_SIDS3 - LSA Lookup SIDs 3 */
552typedef struct lsa_q_lookup_sids3
553{
554 LSA_SID_ENUM sids;
555 LSA_TRANS_NAME_ENUM2 names;
556 uint16 level;
557 uint32 mapped_count;
558 uint32 unknown1;
559 uint32 unknown2;
560
561} LSA_Q_LOOKUP_SIDS3;
562
563/* LSA_R_LOOKUP_SIDS3 - response to LSA Lookup SIDs 3 */
564typedef struct lsa_r_lookup_sids3
565{
566 uint32 ptr_dom_ref;
567 DOM_R_REF *dom_ref; /* domain reference info */
568
569 LSA_TRANS_NAME_ENUM2 names;
570 uint32 mapped_count;
571
572 NTSTATUS status; /* return code */
573
574} LSA_R_LOOKUP_SIDS3;
575
576/* LSA_Q_LOOKUP_NAMES - LSA Lookup NAMEs */
577typedef struct lsa_q_lookup_names
578{
579 POLICY_HND pol; /* policy handle */
580 uint32 num_entries;
581 uint32 num_entries2;
582 UNIHDR *hdr_name; /* name buffer pointers */
583 UNISTR2 *uni_name; /* names to be looked up */
584
585 uint32 num_trans_entries;
586 uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */
587 uint16 lookup_level;
588 uint32 mapped_count;
589
590} LSA_Q_LOOKUP_NAMES;
591
592/* LSA_R_LOOKUP_NAMES - response to LSA Lookup NAMEs by name */
593typedef struct lsa_r_lookup_names
594{
595 uint32 ptr_dom_ref;
596 DOM_R_REF *dom_ref; /* domain reference info */
597
598 uint32 num_entries;
599 uint32 ptr_entries;
600 uint32 num_entries2;
601 DOM_RID *dom_rid; /* domain RIDs being looked up */
602
603 uint32 mapped_count;
604
605 NTSTATUS status; /* return code */
606} LSA_R_LOOKUP_NAMES;
607
608/* LSA_Q_LOOKUP_NAMES2 - LSA Lookup NAMEs 2*/
609typedef struct lsa_q_lookup_names2
610{
611 POLICY_HND pol; /* policy handle */
612 uint32 num_entries;
613 uint32 num_entries2;
614 UNIHDR *hdr_name; /* name buffer pointers */
615 UNISTR2 *uni_name; /* names to be looked up */
616
617 uint32 num_trans_entries;
618 uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */
619 uint16 lookup_level;
620 uint32 mapped_count;
621 uint32 unknown1;
622 uint32 unknown2;
623
624} LSA_Q_LOOKUP_NAMES2;
625
626/* LSA_R_LOOKUP_NAMES2 - response to LSA Lookup NAMEs by name 2 */
627typedef struct lsa_r_lookup_names2
628{
629 uint32 ptr_dom_ref;
630 DOM_R_REF *dom_ref; /* domain reference info */
631
632 uint32 num_entries;
633 uint32 ptr_entries;
634 uint32 num_entries2;
635 DOM_RID2 *dom_rid; /* domain RIDs being looked up */
636
637 uint32 mapped_count;
638
639 NTSTATUS status; /* return code */
640} LSA_R_LOOKUP_NAMES2;
641
642/* LSA_Q_LOOKUP_NAMES3 - LSA Lookup NAMEs 3 */
643typedef struct lsa_q_lookup_names3
644{
645 POLICY_HND pol; /* policy handle */
646 uint32 num_entries;
647 uint32 num_entries2;
648 UNIHDR *hdr_name; /* name buffer pointers */
649 UNISTR2 *uni_name; /* names to be looked up */
650
651 uint32 num_trans_entries;
652 uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */
653 uint16 lookup_level;
654 uint32 mapped_count;
655 uint32 unknown1;
656 uint32 unknown2;
657
658} LSA_Q_LOOKUP_NAMES3;
659
660/* Sid type used in lookupnames3 and lookupnames4. */
661typedef struct lsa_translatedsid3 {
662 uint8 sid_type;
663 DOM_SID2 *sid2;
664 uint32 sid_idx;
665 uint32 unknown;
666} LSA_TRANSLATED_SID3;
667
668/* LSA_R_LOOKUP_NAMES3 - response to LSA Lookup NAMEs by name 3 */
669typedef struct lsa_r_lookup_names3
670{
671 uint32 ptr_dom_ref;
672 DOM_R_REF *dom_ref; /* domain reference info */
673
674 uint32 num_entries;
675 uint32 ptr_entries;
676 uint32 num_entries2;
677 LSA_TRANSLATED_SID3 *trans_sids;
678
679 uint32 mapped_count;
680
681 NTSTATUS status; /* return code */
682} LSA_R_LOOKUP_NAMES3;
683
684/* LSA_Q_LOOKUP_NAMES4 - LSA Lookup NAMEs 4 */
685typedef struct lsa_q_lookup_names4
686{
687 uint32 num_entries;
688 uint32 num_entries2;
689 UNIHDR *hdr_name; /* name buffer pointers */
690 UNISTR2 *uni_name; /* names to be looked up */
691
692 uint32 num_trans_entries;
693 uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */
694 uint16 lookup_level;
695 uint32 mapped_count;
696 uint32 unknown1;
697 uint32 unknown2;
698
699} LSA_Q_LOOKUP_NAMES4;
700
701/* LSA_R_LOOKUP_NAMES3 - response to LSA Lookup NAMEs by name 4 */
702typedef struct lsa_r_lookup_names4
703{
704 uint32 ptr_dom_ref;
705 DOM_R_REF *dom_ref; /* domain reference info */
706
707 uint32 num_entries;
708 uint32 ptr_entries;
709 uint32 num_entries2;
710 LSA_TRANSLATED_SID3 *trans_sids;
711
712 uint32 mapped_count;
713
714 NTSTATUS status; /* return code */
715} LSA_R_LOOKUP_NAMES4;
716
717typedef struct lsa_enum_priv_entry
718{
719 UNIHDR hdr_name;
720 uint32 luid_low;
721 uint32 luid_high;
722 UNISTR2 name;
723
724} LSA_PRIV_ENTRY;
725
726/* LSA_Q_ENUM_PRIVS - LSA enum privileges */
727typedef struct lsa_q_enum_privs
728{
729 POLICY_HND pol; /* policy handle */
730 uint32 enum_context;
731 uint32 pref_max_length;
732} LSA_Q_ENUM_PRIVS;
733
734typedef struct lsa_r_enum_privs
735{
736 uint32 enum_context;
737 uint32 count;
738 uint32 ptr;
739 uint32 count1;
740
741 LSA_PRIV_ENTRY *privs;
742
743 NTSTATUS status;
744} LSA_R_ENUM_PRIVS;
745
746/* LSA_Q_ENUM_ACCT_RIGHTS - LSA enum account rights */
747typedef struct
748{
749 POLICY_HND pol; /* policy handle */
750 DOM_SID2 sid;
751} LSA_Q_ENUM_ACCT_RIGHTS;
752
753/* LSA_R_ENUM_ACCT_RIGHTS - LSA enum account rights */
754typedef struct
755{
756 uint32 count;
757 UNISTR4_ARRAY *rights;
758 NTSTATUS status;
759} LSA_R_ENUM_ACCT_RIGHTS;
760
761
762/* LSA_Q_ADD_ACCT_RIGHTS - LSA add account rights */
763typedef struct
764{
765 POLICY_HND pol; /* policy handle */
766 DOM_SID2 sid;
767 uint32 count;
768 UNISTR4_ARRAY *rights;
769} LSA_Q_ADD_ACCT_RIGHTS;
770
771/* LSA_R_ADD_ACCT_RIGHTS - LSA add account rights */
772typedef struct
773{
774 NTSTATUS status;
775} LSA_R_ADD_ACCT_RIGHTS;
776
777
778/* LSA_Q_REMOVE_ACCT_RIGHTS - LSA remove account rights */
779typedef struct
780{
781 POLICY_HND pol; /* policy handle */
782 DOM_SID2 sid;
783 uint32 removeall;
784 uint32 count;
785 UNISTR4_ARRAY *rights;
786} LSA_Q_REMOVE_ACCT_RIGHTS;
787
788/* LSA_R_REMOVE_ACCT_RIGHTS - LSA remove account rights */
789typedef struct
790{
791 NTSTATUS status;
792} LSA_R_REMOVE_ACCT_RIGHTS;
793
794
795/* LSA_Q_PRIV_GET_DISPNAME - LSA get privilege display name */
796typedef struct lsa_q_priv_get_dispname
797{
798 POLICY_HND pol; /* policy handle */
799 UNIHDR hdr_name;
800 UNISTR2 name;
801 uint16 lang_id;
802 uint16 lang_id_sys;
803} LSA_Q_PRIV_GET_DISPNAME;
804
805typedef struct lsa_r_priv_get_dispname
806{
807 uint32 ptr_info;
808 UNIHDR hdr_desc;
809 UNISTR2 desc;
810 /* Don't align ! */
811 uint16 lang_id;
812 /* align */
813 NTSTATUS status;
814} LSA_R_PRIV_GET_DISPNAME;
815
816/* LSA_Q_ENUM_ACCOUNTS */
817typedef struct lsa_q_enum_accounts
818{
819 POLICY_HND pol; /* policy handle */
820 uint32 enum_context;
821 uint32 pref_max_length;
822} LSA_Q_ENUM_ACCOUNTS;
823
824/* LSA_R_ENUM_ACCOUNTS */
825typedef struct lsa_r_enum_accounts
826{
827 uint32 enum_context;
828 LSA_SID_ENUM sids;
829 NTSTATUS status;
830} LSA_R_ENUM_ACCOUNTS;
831
832/* LSA_Q_UNK_GET_CONNUSER - gets username\domain of connected user
833 called when "Take Ownership" is clicked -SK */
834typedef struct lsa_q_unk_get_connuser
835{
836 uint32 ptr_srvname;
837 UNISTR2 uni2_srvname;
838 uint32 unk1; /* 3 unknown uint32's are seen right after uni2_srvname */
839 uint32 unk2; /* unk2 appears to be a ptr, unk1 = unk3 = 0 usually */
840 uint32 unk3;
841} LSA_Q_UNK_GET_CONNUSER;
842
843/* LSA_R_UNK_GET_CONNUSER */
844typedef struct lsa_r_unk_get_connuser
845{
846 uint32 ptr_user_name;
847 UNIHDR hdr_user_name;
848 UNISTR2 uni2_user_name;
849
850 uint32 unk1;
851
852 uint32 ptr_dom_name;
853 UNIHDR hdr_dom_name;
854 UNISTR2 uni2_dom_name;
855
856 NTSTATUS status;
857} LSA_R_UNK_GET_CONNUSER;
858
859
860typedef struct lsa_q_createaccount
861{
862 POLICY_HND pol; /* policy handle */
863 DOM_SID2 sid;
864 uint32 access; /* access */
865} LSA_Q_CREATEACCOUNT;
866
867typedef struct lsa_r_createaccount
868{
869 POLICY_HND pol; /* policy handle */
870 NTSTATUS status;
871} LSA_R_CREATEACCOUNT;
872
873
874typedef struct lsa_q_openaccount
875{
876 POLICY_HND pol; /* policy handle */
877 DOM_SID2 sid;
878 uint32 access; /* desired access */
879} LSA_Q_OPENACCOUNT;
880
881typedef struct lsa_r_openaccount
882{
883 POLICY_HND pol; /* policy handle */
884 NTSTATUS status;
885} LSA_R_OPENACCOUNT;
886
887typedef struct lsa_q_enumprivsaccount
888{
889 POLICY_HND pol; /* policy handle */
890} LSA_Q_ENUMPRIVSACCOUNT;
891
892typedef struct lsa_r_enumprivsaccount
893{
894 uint32 ptr;
895 uint32 count;
896 PRIVILEGE_SET set;
897 NTSTATUS status;
898} LSA_R_ENUMPRIVSACCOUNT;
899
900typedef struct lsa_q_getsystemaccount
901{
902 POLICY_HND pol; /* policy handle */
903} LSA_Q_GETSYSTEMACCOUNT;
904
905typedef struct lsa_r_getsystemaccount
906{
907 uint32 access;
908 NTSTATUS status;
909} LSA_R_GETSYSTEMACCOUNT;
910
911
912typedef struct lsa_q_setsystemaccount
913{
914 POLICY_HND pol; /* policy handle */
915 uint32 access;
916} LSA_Q_SETSYSTEMACCOUNT;
917
918typedef struct lsa_r_setsystemaccount
919{
920 NTSTATUS status;
921} LSA_R_SETSYSTEMACCOUNT;
922
923typedef struct {
924 UNIHDR hdr;
925 UNISTR2 unistring;
926} LSA_STRING;
927
928typedef struct {
929 POLICY_HND pol; /* policy handle */
930 LSA_STRING privname;
931} LSA_Q_LOOKUP_PRIV_VALUE;
932
933typedef struct {
934 LUID luid;
935 NTSTATUS status;
936} LSA_R_LOOKUP_PRIV_VALUE;
937
938typedef struct lsa_q_addprivs
939{
940 POLICY_HND pol; /* policy handle */
941 uint32 count;
942 PRIVILEGE_SET set;
943} LSA_Q_ADDPRIVS;
944
945typedef struct lsa_r_addprivs
946{
947 NTSTATUS status;
948} LSA_R_ADDPRIVS;
949
950
951typedef struct lsa_q_removeprivs
952{
953 POLICY_HND pol; /* policy handle */
954 uint32 allrights;
955 uint32 ptr;
956 uint32 count;
957 PRIVILEGE_SET set;
958} LSA_Q_REMOVEPRIVS;
959
960typedef struct lsa_r_removeprivs
961{
962 NTSTATUS status;
963} LSA_R_REMOVEPRIVS;
964
965/*******************************************************/
966#if 0 /* jerry, I think this not correct - gd */
967typedef struct {
968 POLICY_HND handle;
969 uint32 count; /* ??? this is what ethereal calls it */
970 DOM_SID sid;
971} LSA_Q_OPEN_TRUSTED_DOMAIN;
972#endif
973
974/* LSA_Q_OPEN_TRUSTED_DOMAIN - LSA Query Open Trusted Domain */
975typedef struct lsa_q_open_trusted_domain
976{
977 POLICY_HND pol; /* policy handle */
978 DOM_SID2 sid; /* domain sid */
979 uint32 access_mask; /* access mask */
980
981} LSA_Q_OPEN_TRUSTED_DOMAIN;
982
983/* LSA_R_OPEN_TRUSTED_DOMAIN - response to LSA Query Open Trusted Domain */
984typedef struct {
985 POLICY_HND handle; /* trustdom policy handle */
986 NTSTATUS status; /* return code */
987} LSA_R_OPEN_TRUSTED_DOMAIN;
988
989
990/*******************************************************/
991
992/* LSA_Q_OPEN_TRUSTED_DOMAIN_BY_NAME - LSA Query Open Trusted Domain by Name*/
993typedef struct lsa_q_open_trusted_domain_by_name
994{
995 POLICY_HND pol; /* policy handle */
996 LSA_STRING name; /* domain name */
997 uint32 access_mask; /* access mask */
998
999} LSA_Q_OPEN_TRUSTED_DOMAIN_BY_NAME;
1000
1001/* LSA_R_OPEN_TRUSTED_DOMAIN_BY_NAME - response to LSA Query Open Trusted Domain by Name */
1002typedef struct {
1003 POLICY_HND handle; /* trustdom policy handle */
1004 NTSTATUS status; /* return code */
1005} LSA_R_OPEN_TRUSTED_DOMAIN_BY_NAME;
1006
1007
1008/*******************************************************/
1009
1010
1011typedef struct {
1012 POLICY_HND handle;
1013 UNISTR4 secretname;
1014 uint32 access;
1015} LSA_Q_OPEN_SECRET;
1016
1017typedef struct {
1018 POLICY_HND handle;
1019 NTSTATUS status;
1020} LSA_R_OPEN_SECRET;
1021
1022
1023/*******************************************************/
1024
1025typedef struct {
1026 POLICY_HND handle;
1027} LSA_Q_DELETE_OBJECT;
1028
1029typedef struct {
1030 NTSTATUS status;
1031} LSA_R_DELETE_OBJECT;
1032
1033
1034/*******************************************************/
1035
1036typedef struct {
1037 POLICY_HND handle;
1038 UNISTR4 secretname;
1039 uint32 access;
1040} LSA_Q_CREATE_SECRET;
1041
1042typedef struct {
1043 POLICY_HND handle;
1044 NTSTATUS status;
1045} LSA_R_CREATE_SECRET;
1046
1047
1048/*******************************************************/
1049
1050typedef struct {
1051 POLICY_HND handle;
1052 UNISTR4 secretname;
1053 uint32 access;
1054} LSA_Q_CREATE_TRUSTED_DOMAIN;
1055
1056typedef struct {
1057 POLICY_HND handle;
1058 NTSTATUS status;
1059} LSA_R_CREATE_TRUSTED_DOMAIN;
1060
1061
1062/*******************************************************/
1063
1064typedef struct {
1065 uint32 size; /* size is written on the wire twice so I
1066 can only assume that one is supposed to
1067 be a max length and one is a size */
1068 UNISTR2 *data; /* not really a UNICODE string but the parsing
1069 is the same */
1070} LSA_DATA_BLOB;
1071
1072typedef struct {
1073 POLICY_HND handle;
1074 LSA_DATA_BLOB *old_value;
1075 LSA_DATA_BLOB *new_value;
1076} LSA_Q_SET_SECRET;
1077
1078typedef struct {
1079 NTSTATUS status;
1080} LSA_R_SET_SECRET;
1081
1082/* LSA_Q_QUERY_TRUSTED_DOMAIN_INFO - LSA query trusted domain info */
1083typedef struct lsa_query_trusted_domain_info
1084{
1085 POLICY_HND pol; /* policy handle */
1086 uint16 info_class; /* info class */
1087
1088} LSA_Q_QUERY_TRUSTED_DOMAIN_INFO;
1089
1090/* LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_SID - LSA query trusted domain info */
1091typedef struct lsa_query_trusted_domain_info_by_sid
1092{
1093 POLICY_HND pol; /* policy handle */
1094 DOM_SID2 dom_sid; /* domain sid */
1095 uint16 info_class; /* info class */
1096
1097} LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_SID;
1098
1099/* LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_NAME - LSA query trusted domain info */
1100typedef struct lsa_query_trusted_domain_info_by_name
1101{
1102 POLICY_HND pol; /* policy handle */
1103 LSA_STRING domain_name; /* domain name */
1104 uint16 info_class; /* info class */
1105
1106} LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_NAME;
1107
1108typedef struct trusted_domain_info_name {
1109 LSA_STRING netbios_name;
1110} TRUSTED_DOMAIN_INFO_NAME;
1111
1112typedef struct trusted_domain_info_posix_offset {
1113 uint32 posix_offset;
1114} TRUSTED_DOMAIN_INFO_POSIX_OFFSET;
1115
1116typedef struct lsa_data_buf {
1117 uint32 size;
1118 uint32 offset;
1119 uint32 length;
1120 uint8 *data;
1121} LSA_DATA_BUF;
1122
1123typedef struct lsa_data_buf_hdr {
1124 uint32 length;
1125 uint32 size;
1126 uint32 data_ptr;
1127} LSA_DATA_BUF_HDR;
1128
1129
1130typedef struct lsa_data_buf2 {
1131 uint32 size;
1132 uint8 *data;
1133} LSA_DATA_BUF2;
1134
1135typedef struct trusted_domain_info_password {
1136 uint32 ptr_password;
1137 uint32 ptr_old_password;
1138 LSA_DATA_BUF_HDR password_hdr;
1139 LSA_DATA_BUF_HDR old_password_hdr;
1140 LSA_DATA_BUF password;
1141 LSA_DATA_BUF old_password;
1142} TRUSTED_DOMAIN_INFO_PASSWORD;
1143
1144typedef struct trusted_domain_info_basic {
1145 LSA_STRING netbios_name;
1146 DOM_SID2 sid;
1147} TRUSTED_DOMAIN_INFO_BASIC;
1148
1149typedef struct trusted_domain_info_ex {
1150 LSA_STRING domain_name;
1151 LSA_STRING netbios_name;
1152 DOM_SID2 sid;
1153 uint32 trust_direction;
1154 uint32 trust_type;
1155 uint32 trust_attributes;
1156} TRUSTED_DOMAIN_INFO_EX;
1157
1158typedef struct trust_domain_info_buffer {
1159 NTTIME last_update_time;
1160 uint32 secret_type;
1161 LSA_DATA_BUF2 data;
1162} LSA_TRUSTED_DOMAIN_INFO_BUFFER;
1163
1164typedef struct trusted_domain_info_auth_info {
1165 uint32 incoming_count;
1166 LSA_TRUSTED_DOMAIN_INFO_BUFFER incoming_current_auth_info;
1167 LSA_TRUSTED_DOMAIN_INFO_BUFFER incoming_previous_auth_info;
1168 uint32 outgoing_count;
1169 LSA_TRUSTED_DOMAIN_INFO_BUFFER outgoing_current_auth_info;
1170 LSA_TRUSTED_DOMAIN_INFO_BUFFER outgoing_previous_auth_info;
1171} TRUSTED_DOMAIN_INFO_AUTH_INFO;
1172
1173typedef struct trusted_domain_info_full_info {
1174 TRUSTED_DOMAIN_INFO_EX info_ex;
1175 TRUSTED_DOMAIN_INFO_POSIX_OFFSET posix_offset;
1176 TRUSTED_DOMAIN_INFO_AUTH_INFO auth_info;
1177} TRUSTED_DOMAIN_INFO_FULL_INFO;
1178
1179typedef struct trusted_domain_info_11 {
1180 TRUSTED_DOMAIN_INFO_EX info_ex;
1181 LSA_DATA_BUF2 data1;
1182} TRUSTED_DOMAIN_INFO_11;
1183
1184typedef struct trusted_domain_info_all {
1185 TRUSTED_DOMAIN_INFO_EX info_ex;
1186 LSA_DATA_BUF2 data1;
1187 TRUSTED_DOMAIN_INFO_POSIX_OFFSET posix_offset;
1188 TRUSTED_DOMAIN_INFO_AUTH_INFO auth_info;
1189} TRUSTED_DOMAIN_INFO_ALL;
1190
1191/* LSA_TRUSTED_DOMAIN_INFO */
1192typedef union lsa_trusted_domain_info
1193{
1194 uint16 info_class;
1195 TRUSTED_DOMAIN_INFO_NAME name;
1196 /* deprecated - gd
1197 TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO controllers; */
1198 TRUSTED_DOMAIN_INFO_POSIX_OFFSET posix_offset;
1199 TRUSTED_DOMAIN_INFO_PASSWORD password;
1200 TRUSTED_DOMAIN_INFO_BASIC basic;
1201 TRUSTED_DOMAIN_INFO_EX info_ex;
1202 TRUSTED_DOMAIN_INFO_AUTH_INFO auth_info;
1203 TRUSTED_DOMAIN_INFO_FULL_INFO full_info;
1204 TRUSTED_DOMAIN_INFO_11 info11;
1205 TRUSTED_DOMAIN_INFO_ALL info_all;
1206
1207} LSA_TRUSTED_DOMAIN_INFO;
1208
1209/* LSA_R_QUERY_TRUSTED_DOMAIN_INFO - LSA query trusted domain info */
1210typedef struct r_lsa_query_trusted_domain_info
1211{
1212 LSA_TRUSTED_DOMAIN_INFO *info;
1213 NTSTATUS status;
1214} LSA_R_QUERY_TRUSTED_DOMAIN_INFO;
1215
1216typedef struct dom_info_kerberos {
1217 uint32 enforce_restrictions;
1218 NTTIME service_tkt_lifetime;
1219 NTTIME user_tkt_lifetime;
1220 NTTIME user_tkt_renewaltime;
1221 NTTIME clock_skew;
1222 NTTIME unknown6;
1223} LSA_DOM_INFO_POLICY_KERBEROS;
1224
1225typedef struct dom_info_efs {
1226 uint32 blob_len;
1227 UNISTR2 efs_blob;
1228} LSA_DOM_INFO_POLICY_EFS;
1229
1230typedef struct lsa_dom_info_union {
1231 uint16 info_class;
1232 LSA_DOM_INFO_POLICY_EFS efs_policy;
1233 LSA_DOM_INFO_POLICY_KERBEROS krb_policy;
1234} LSA_DOM_INFO_UNION;
1235
1236/* LSA_Q_QUERY_DOM_INFO_POLICY - LSA query info */
1237typedef struct lsa_q_query_dom_info_policy
1238{
1239 POLICY_HND pol; /* policy handle */
1240 uint16 info_class; /* info class */
1241} LSA_Q_QUERY_DOM_INFO_POLICY;
1242
1243typedef struct lsa_r_query_dom_info_policy
1244{
1245 LSA_DOM_INFO_UNION *info;
1246 NTSTATUS status;
1247} LSA_R_QUERY_DOM_INFO_POLICY;
1248
1249
1250#endif /* _RPC_LSA_H */
Note: See TracBrowser for help on using the repository browser.