summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2008-10-24 15:17:49 +0200
committerGünther Deschner <gd@samba.org>2008-10-27 19:33:23 +0100
commitd04131c8ec9d327f7376ad85d8d1dba0f2bccea6 (patch)
tree7cd31e8a5e81306498c59c140777223eadecda38 /source3
parent95231eae39d3373dbb2003d6c01f0c46c40cdc04 (diff)
downloadsamba-d04131c8ec9d327f7376ad85d8d1dba0f2bccea6.tar.gz
samba-d04131c8ec9d327f7376ad85d8d1dba0f2bccea6.tar.bz2
samba-d04131c8ec9d327f7376ad85d8d1dba0f2bccea6.zip
idl: share lsa.idl between s3 and s4.
Guenther
Diffstat (limited to 'source3')
-rw-r--r--source3/Makefile.in2
-rw-r--r--source3/librpc/idl/lsa.idl1216
2 files changed, 1 insertions, 1217 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 60832c8391..babd4f901d 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -1214,7 +1214,7 @@ modules:: SHOWFLAGS $(MODULES)
## Perl IDL Compiler
samba3-idl::
@PIDL_ARGS="$(PIDL_ARGS)" CPP="$(CPP)" PIDL="../pidl/pidl" \
- srcdir="$(srcdir)" $(srcdir)/script/build_idl.sh librpc/idl/lsa.idl \
+ srcdir="$(srcdir)" $(srcdir)/script/build_idl.sh ../librpc/idl/lsa.idl \
../librpc/idl/dfs.idl ../librpc/idl/echo.idl ../librpc/idl/winreg.idl \
../librpc/idl/initshutdown.idl librpc/idl/srvsvc.idl ../librpc/idl/svcctl.idl \
../librpc/idl/eventlog.idl ../librpc/idl/wkssvc.idl librpc/idl/netlogon.idl \
diff --git a/source3/librpc/idl/lsa.idl b/source3/librpc/idl/lsa.idl
deleted file mode 100644
index 2ed267789d..0000000000
--- a/source3/librpc/idl/lsa.idl
+++ /dev/null
@@ -1,1216 +0,0 @@
-#include "idl_types.h"
-
-/*
- lsa interface definition
-*/
-
-import "misc.idl", "security.idl";
-
-[ uuid("12345778-1234-abcd-ef00-0123456789ab"),
- version(0.0),
- endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\netlogon]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"),
- pointer_default(unique),
- helpstring("Local Security Authority")
-] interface lsarpc
-{
- typedef bitmap security_secinfo security_secinfo;
- typedef bitmap kerb_EncTypes kerb_EncTypes;
-
- typedef [public,noejs] struct {
- [value(2*strlen_m(string))] uint16 length;
- [value(2*strlen_m(string))] uint16 size;
- [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string;
- } lsa_String;
-
- typedef [public] struct {
- [value(2*strlen_m(string))] uint16 length;
- [value(2*strlen_m_term(string))] uint16 size;
- [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string;
- } lsa_StringLarge;
-
- typedef [public] struct {
- uint32 count;
- [size_is(count)] lsa_String *names;
- } lsa_Strings;
-
- typedef [public] struct {
- [value(strlen_m(string))] uint16 length;
- [value(strlen_m(string))] uint16 size;
- [charset(DOS),size_is(size),length_is(length)] uint8 *string;
- } lsa_AsciiString;
-
- typedef [public] struct {
- [value(strlen_m(string))] uint16 length;
- [value(strlen_m_term(string))] uint16 size;
- [charset(DOS),size_is(size),length_is(length)] uint8 *string;
- } lsa_AsciiStringLarge;
-
- typedef [public] struct {
- uint16 length;
- uint16 size;
- [size_is(size/2),length_is(length/2)] uint16 *array;
- } lsa_BinaryString;
-
- /******************/
- /* Function: 0x00 */
- NTSTATUS lsa_Close (
- [in,out] policy_handle *handle
- );
-
-
- /******************/
- /* Function: 0x01 */
- [public] NTSTATUS lsa_Delete (
- [in] policy_handle *handle
- );
-
-
- /******************/
- /* Function: 0x02 */
- typedef struct {
- uint32 low;
- uint32 high;
- } lsa_LUID;
-
- typedef struct {
- lsa_StringLarge name;
- lsa_LUID luid;
- } lsa_PrivEntry;
-
- typedef struct {
- uint32 count;
- [size_is(count)] lsa_PrivEntry *privs;
- } lsa_PrivArray;
-
- [public] NTSTATUS lsa_EnumPrivs (
- [in] policy_handle *handle,
- [in,out,ref] uint32 *resume_handle,
- [out,ref] lsa_PrivArray *privs,
- [in] uint32 max_count
- );
-
- /******************/
- /* Function: 0x03 */
- NTSTATUS lsa_QuerySecurity (
- [in] policy_handle *handle,
- [in] security_secinfo sec_info,
- [out,ref] sec_desc_buf **sdbuf
- );
-
- /******************/
- /* Function: 0x04 */
- NTSTATUS lsa_SetSecObj(
- [in] policy_handle *handle,
- [in] security_secinfo sec_info,
- [in,ref] sec_desc_buf *sdbuf
- );
-
- /******************/
- /* Function: 0x05 */
- [todo] NTSTATUS lsa_ChangePassword ();
-
-
- /******************/
- /* Function: 0x06 */
- typedef struct {
- uint32 len; /* ignored */
- uint16 impersonation_level;
- uint8 context_mode;
- uint8 effective_only;
- } lsa_QosInfo;
-
- typedef struct {
- uint32 len; /* ignored */
- uint8 *root_dir;
- [string,charset(UTF16)] uint16 *object_name;
- uint32 attributes;
- security_descriptor *sec_desc;
- lsa_QosInfo *sec_qos;
- } lsa_ObjectAttribute;
-
- typedef [public,bitmap32bit] bitmap {
- LSA_POLICY_VIEW_LOCAL_INFORMATION = 0x00000001,
- LSA_POLICY_VIEW_AUDIT_INFORMATION = 0x00000002,
- LSA_POLICY_GET_PRIVATE_INFORMATION = 0x00000004,
- LSA_POLICY_TRUST_ADMIN = 0x00000008,
- LSA_POLICY_CREATE_ACCOUNT = 0x00000010,
- LSA_POLICY_CREATE_SECRET = 0x00000020,
- LSA_POLICY_CREATE_PRIVILEGE = 0x00000040,
- LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080,
- LSA_POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100,
- LSA_POLICY_AUDIT_LOG_ADMIN = 0x00000200,
- LSA_POLICY_SERVER_ADMIN = 0x00000400,
- LSA_POLICY_LOOKUP_NAMES = 0x00000800
- } lsa_PolicyAccessMask;
-
- /* notice the screwup with the system_name - thats why MS created
- OpenPolicy2 */
- [public] NTSTATUS lsa_OpenPolicy (
- [in,unique] uint16 *system_name,
- [in] lsa_ObjectAttribute *attr,
- [in] lsa_PolicyAccessMask access_mask,
- [out] policy_handle *handle
- );
-
-
-
- /******************/
- /* Function: 0x07 */
-
- typedef struct {
- uint32 percent_full;
- uint32 maximum_log_size;
- hyper retention_time;
- uint8 shutdown_in_progress;
- hyper time_to_shutdown;
- uint32 next_audit_record;
- } lsa_AuditLogInfo;
-
- typedef [v1_enum] enum {
- LSA_AUDIT_POLICY_NONE=0,
- LSA_AUDIT_POLICY_SUCCESS=1,
- LSA_AUDIT_POLICY_FAILURE=2,
- LSA_AUDIT_POLICY_ALL=(LSA_AUDIT_POLICY_SUCCESS|LSA_AUDIT_POLICY_FAILURE),
- LSA_AUDIT_POLICY_CLEAR=4
- } lsa_PolicyAuditPolicy;
-
- typedef enum {
- LSA_AUDIT_CATEGORY_SYSTEM = 0,
- LSA_AUDIT_CATEGORY_LOGON = 1,
- LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS = 2,
- LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS = 3,
- LSA_AUDIT_CATEGORY_PROCCESS_TRACKING = 4,
- LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES = 5,
- LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT = 6,
- LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS = 7, /* only in win2k/2k3 */
- LSA_AUDIT_CATEGORY_ACCOUNT_LOGON = 8 /* only in win2k/2k3 */
- } lsa_PolicyAuditEventType;
-
- typedef struct {
- uint32 auditing_mode;
- [size_is(count)] lsa_PolicyAuditPolicy *settings;
- uint32 count;
- } lsa_AuditEventsInfo;
-
- typedef struct {
- lsa_StringLarge name;
- dom_sid2 *sid;
- } lsa_DomainInfo;
-
- typedef struct {
- lsa_String name;
- } lsa_PDAccountInfo;
-
- typedef [v1_enum] enum {
- LSA_ROLE_BACKUP=2,
- LSA_ROLE_PRIMARY=3
- } lsa_Role;
-
- typedef struct {
- lsa_Role role;
- } lsa_ServerRole;
-
- typedef struct {
- lsa_String source;
- lsa_String account;
- } lsa_ReplicaSourceInfo;
-
- typedef struct {
- uint32 paged_pool;
- uint32 non_paged_pool;
- uint32 min_wss;
- uint32 max_wss;
- uint32 pagefile;
- hyper unknown;
- } lsa_DefaultQuotaInfo;
-
- typedef struct {
- hyper modified_id;
- NTTIME_hyper db_create_time;
- } lsa_ModificationInfo;
-
- typedef struct {
- uint8 shutdown_on_full;
- } lsa_AuditFullSetInfo;
-
- typedef struct {
- uint8 shutdown_on_full;
- uint8 log_is_full;
- } lsa_AuditFullQueryInfo;
-
- typedef struct {
- /* it's important that we use the lsa_StringLarge here,
- * because otherwise windows clients result with such dns hostnames
- * e.g. w2k3-client.samba4.samba.orgsamba4.samba.org
- * where it should be
- * w2k3-client.samba4.samba.org
- */
- lsa_StringLarge name;
- lsa_StringLarge dns_domain;
- lsa_StringLarge dns_forest;
- GUID domain_guid;
- dom_sid2 *sid;
- } lsa_DnsDomainInfo;
-
- typedef enum {
- LSA_POLICY_INFO_AUDIT_LOG=1,
- LSA_POLICY_INFO_AUDIT_EVENTS=2,
- LSA_POLICY_INFO_DOMAIN=3,
- LSA_POLICY_INFO_PD=4,
- LSA_POLICY_INFO_ACCOUNT_DOMAIN=5,
- LSA_POLICY_INFO_ROLE=6,
- LSA_POLICY_INFO_REPLICA=7,
- LSA_POLICY_INFO_QUOTA=8,
- LSA_POLICY_INFO_MOD=9,
- LSA_POLICY_INFO_AUDIT_FULL_SET=10,
- LSA_POLICY_INFO_AUDIT_FULL_QUERY=11,
- LSA_POLICY_INFO_DNS=12,
- LSA_POLICY_INFO_DNS_INT=13,
- LSA_POLICY_INFO_L_ACCOUNT_DOMAIN=14
- } lsa_PolicyInfo;
-
- typedef [switch_type(uint16)] union {
- [case(LSA_POLICY_INFO_AUDIT_LOG)] lsa_AuditLogInfo audit_log;
- [case(LSA_POLICY_INFO_AUDIT_EVENTS)] lsa_AuditEventsInfo audit_events;
- [case(LSA_POLICY_INFO_DOMAIN)] lsa_DomainInfo domain;
- [case(LSA_POLICY_INFO_PD)] lsa_PDAccountInfo pd;
- [case(LSA_POLICY_INFO_ACCOUNT_DOMAIN)] lsa_DomainInfo account_domain;
- [case(LSA_POLICY_INFO_ROLE)] lsa_ServerRole role;
- [case(LSA_POLICY_INFO_REPLICA)] lsa_ReplicaSourceInfo replica;
- [case(LSA_POLICY_INFO_QUOTA)] lsa_DefaultQuotaInfo quota;
- [case(LSA_POLICY_INFO_MOD)] lsa_ModificationInfo mod;
- [case(LSA_POLICY_INFO_AUDIT_FULL_SET)] lsa_AuditFullSetInfo auditfullset;
- [case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery;
- [case(LSA_POLICY_INFO_DNS)] lsa_DnsDomainInfo dns;
- [case(LSA_POLICY_INFO_DNS_INT)] lsa_DnsDomainInfo dns;
- [case(LSA_POLICY_INFO_L_ACCOUNT_DOMAIN)] lsa_DomainInfo l_account_domain;
- } lsa_PolicyInformation;
-
- NTSTATUS lsa_QueryInfoPolicy(
- [in] policy_handle *handle,
- [in] lsa_PolicyInfo level,
- [out,ref,switch_is(level)] lsa_PolicyInformation **info
- );
-
- /******************/
- /* Function: 0x08 */
- NTSTATUS lsa_SetInfoPolicy (
- [in] policy_handle *handle,
- [in] lsa_PolicyInfo level,
- [in,switch_is(level)] lsa_PolicyInformation *info
- );
-
- /******************/
- /* Function: 0x09 */
- [todo] NTSTATUS lsa_ClearAuditLog ();
-
- /******************/
- /* Function: 0x0a */
- [public] NTSTATUS lsa_CreateAccount (
- [in] policy_handle *handle,
- [in,ref] dom_sid2 *sid,
- [in] uint32 access_mask,
- [out] policy_handle *acct_handle
- );
-
- /******************/
- /* NOTE: This only returns accounts that have at least
- one privilege set
- */
- /* Function: 0x0b */
- typedef struct {
- dom_sid2 *sid;
- } lsa_SidPtr;
-
- typedef [public] struct {
- [range(0,1000)] uint32 num_sids;
- [size_is(num_sids)] lsa_SidPtr *sids;
- } lsa_SidArray;
-
- [public] NTSTATUS lsa_EnumAccounts(
- [in] policy_handle *handle,
- [in,out,ref] uint32 *resume_handle,
- [out,ref] lsa_SidArray *sids,
- [in,range(0,8192)] uint32 num_entries
- );
-
- /*************************************************/
- /* Function: 0x0c */
-
- [public] NTSTATUS lsa_CreateTrustedDomain(
- [in] policy_handle *policy_handle,
- [in] lsa_DomainInfo *info,
- [in] uint32 access_mask,
- [out] policy_handle *trustdom_handle
- );
-
-
- /******************/
- /* Function: 0x0d */
-
- /* w2k3 treats max_size as max_domains*60 */
- const int LSA_ENUM_TRUST_DOMAIN_MULTIPLIER = 60;
-
- typedef struct {
- uint32 count;
- [size_is(count)] lsa_DomainInfo *domains;
- } lsa_DomainList;
-
- NTSTATUS lsa_EnumTrustDom(
- [in] policy_handle *handle,
- [in,out,ref] uint32 *resume_handle,
- [out,ref] lsa_DomainList *domains,
- [in] uint32 max_size
- );
-
-
- /******************/
- /* Function: 0x0e */
- typedef [public] enum {
- SID_NAME_USE_NONE = 0,/* NOTUSED */
- SID_NAME_USER = 1, /* user */
- SID_NAME_DOM_GRP = 2, /* domain group */
- SID_NAME_DOMAIN = 3, /* domain: don't know what this is */
- SID_NAME_ALIAS = 4, /* local group */
- SID_NAME_WKN_GRP = 5, /* well-known group */
- SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
- SID_NAME_INVALID = 7, /* invalid account */
- SID_NAME_UNKNOWN = 8, /* oops. */
- SID_NAME_COMPUTER = 9 /* machine */
- } lsa_SidType;
-
- typedef struct {
- lsa_SidType sid_type;
- uint32 rid;
- uint32 sid_index;
- } lsa_TranslatedSid;
-
- typedef struct {
- [range(0,1000)] uint32 count;
- [size_is(count)] lsa_TranslatedSid *sids;
- } lsa_TransSidArray;
-
- const int LSA_REF_DOMAIN_LIST_MULTIPLIER = 32;
- typedef struct {
- [range(0,1000)] uint32 count;
- [size_is(count)] lsa_DomainInfo *domains;
- uint32 max_size;
- } lsa_RefDomainList;
-
- /* Level 1: Ask everywhere
- * Level 2: Ask domain and trusted domains, no builtin and wkn
- * Level 3: Only ask domain
- * Level 4: W2k3ad: Only ask AD trusts
- * Level 5: Only ask transitive forest trusts
- * Level 6: Like 4
- */
-
- typedef enum {
- LSA_LOOKUP_NAMES_ALL = 1,
- LSA_LOOKUP_NAMES_DOMAINS_ONLY = 2,
- LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY = 3,
- LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY = 4,
- LSA_LOOKUP_NAMES_FOREST_TRUSTS_ONLY = 5,
- LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6,
- LSA_LOOKUP_NAMES_RODC_REFERRAL_TO_FULL_DC = 7
- } lsa_LookupNamesLevel;
-
- [public] NTSTATUS lsa_LookupNames (
- [in] policy_handle *handle,
- [in,range(0,1000)] uint32 num_names,
- [in,size_is(num_names)] lsa_String names[],
- [out,ref] lsa_RefDomainList **domains,
- [in,out,ref] lsa_TransSidArray *sids,
- [in] lsa_LookupNamesLevel level,
- [in,out,ref] uint32 *count
- );
-
-
- /******************/
- /* Function: 0x0f */
-
- typedef struct {
- lsa_SidType sid_type;
- lsa_String name;
- uint32 sid_index;
- } lsa_TranslatedName;
-
- typedef struct {
- [range(0,1000)] uint32 count;
- [size_is(count)] lsa_TranslatedName *names;
- } lsa_TransNameArray;
-
- [public] NTSTATUS lsa_LookupSids(
- [in] policy_handle *handle,
- [in,ref] lsa_SidArray *sids,
- [out,ref] lsa_RefDomainList **domains,
- [in,out,ref] lsa_TransNameArray *names,
- [in] uint16 level,
- [in,out,ref] uint32 *count
- );
-
-
- /* Function: 0x10 */
- [public] NTSTATUS lsa_CreateSecret(
- [in] policy_handle *handle,
- [in] lsa_String name,
- [in] uint32 access_mask,
- [out] policy_handle *sec_handle
- );
-
-
- /*****************************************/
- /* Function: 0x11 */
- NTSTATUS lsa_OpenAccount(
- [in] policy_handle *handle,
- [in,ref] dom_sid2 *sid,
- [in] uint32 access_mask,
- [out] policy_handle *acct_handle
- );
-
-
- /****************************************/
- /* Function: 0x12 */
-
- typedef struct {
- lsa_LUID luid;
- uint32 attribute;
- } lsa_LUIDAttribute;
-
- typedef struct {
- [range(0,1000)] uint32 count;
- uint32 unknown;
- [size_is(count)] lsa_LUIDAttribute set[*];
- } lsa_PrivilegeSet;
-
- NTSTATUS lsa_EnumPrivsAccount(
- [in] policy_handle *handle,
- [out,ref] lsa_PrivilegeSet **privs
- );
-
-
- /****************************************/
- /* Function: 0x13 */
- NTSTATUS lsa_AddPrivilegesToAccount(
- [in] policy_handle *handle,
- [in,ref] lsa_PrivilegeSet *privs
- );
-
-
- /****************************************/
- /* Function: 0x14 */
- NTSTATUS lsa_RemovePrivilegesFromAccount(
- [in] policy_handle *handle,
- [in] uint8 remove_all,
- [in,unique] lsa_PrivilegeSet *privs
- );
-
- /* Function: 0x15 */
- [todo] NTSTATUS lsa_GetQuotasForAccount();
-
- /* Function: 0x16 */
- [todo] NTSTATUS lsa_SetQuotasForAccount();
-
- typedef [bitmap32bit] bitmap {
- LSA_POLICY_MODE_INTERACTIVE = 0x00000001,
- LSA_POLICY_MODE_NETWORK = 0x00000002,
- LSA_POLICY_MODE_BATCH = 0x00000004,
- LSA_POLICY_MODE_SERVICE = 0x00000010,
- LSA_POLICY_MODE_PROXY = 0x00000020,
- LSA_POLICY_MODE_DENY_INTERACTIVE = 0x00000040,
- LSA_POLICY_MODE_DENY_NETWORK = 0x00000080,
- LSA_POLICY_MODE_DENY_BATCH = 0x00000100,
- LSA_POLICY_MODE_DENY_SERVICE = 0x00000200,
- LSA_POLICY_MODE_REMOTE_INTERACTIVE = 0x00000400,
- LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE = 0x00000800,
- LSA_POLICY_MODE_ALL = 0x00000FF7,
- LSA_POLICY_MODE_ALL_NT4 = 0x00000037
- } lsa_SystemAccessModeFlags;
-
- /* Function: 0x17 */
- NTSTATUS lsa_GetSystemAccessAccount(
- [in] policy_handle *handle,
- [out,ref] uint32 *access_mask
- );
-
- /* Function: 0x18 */
- NTSTATUS lsa_SetSystemAccessAccount(
- [in] policy_handle *handle,
- [in] uint32 access_mask
- );
-
- /* Function: 0x19 */
- NTSTATUS lsa_OpenTrustedDomain(
- [in] policy_handle *handle,
- [in] dom_sid2 *sid,
- [in] uint32 access_mask,
- [out] policy_handle *trustdom_handle
- );
-
- typedef [flag(NDR_PAHEX)] struct {
- uint32 length;
- uint32 size;
- [size_is(size),length_is(length)] uint8 *data;
- } lsa_DATA_BUF;
-
- typedef [flag(NDR_PAHEX)] struct {
- [range(0,65536)] uint32 size;
- [size_is(size)] uint8 *data;
- } lsa_DATA_BUF2;
-
- typedef enum {
- LSA_TRUSTED_DOMAIN_INFO_NAME = 1,
- LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS = 2,
- LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3,
- LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4,
- LSA_TRUSTED_DOMAIN_INFO_BASIC = 5,
- LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6,
- LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7,
- LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8,
- LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL = 9,
- LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL = 10,
- LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL = 11,
- LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL = 12,
- LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES = 13
- } lsa_TrustDomInfoEnum;
-
- typedef [public,bitmap32bit] bitmap {
- LSA_TRUST_DIRECTION_INBOUND = 0x00000001,
- LSA_TRUST_DIRECTION_OUTBOUND = 0x00000002
- } lsa_TrustDirection;
-
- typedef [v1_enum] enum {
- LSA_TRUST_TYPE_DOWNLEVEL = 0x00000001,
- LSA_TRUST_TYPE_UPLEVEL = 0x00000002,
- LSA_TRUST_TYPE_MIT = 0x00000003
- } lsa_TrustType;
-
- typedef [public,bitmap32bit] bitmap {
- LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE = 0x00000001,
- LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY = 0x00000002,
- LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004,
- LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE = 0x00000008,
- LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010,
- LSA_TRUST_ATTRIBUTE_WITHIN_FOREST = 0x00000020,
- LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL = 0x00000040,
- LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION = 0x00000080
- } lsa_TrustAttributes;
-
- typedef struct {
- lsa_StringLarge netbios_name;
- } lsa_TrustDomainInfoName;
-
-
- typedef struct {
- uint32 entries;
- [size_is(entries)] lsa_StringLarge *netbios_names;
- } lsa_TrustDomainInfoControllers;
-
- typedef struct {
- uint32 posix_offset;
- } lsa_TrustDomainInfoPosixOffset;
-
- typedef struct {
- lsa_DATA_BUF *password;
- lsa_DATA_BUF *old_password;
- } lsa_TrustDomainInfoPassword;
-
- typedef struct {
- lsa_String netbios_name;
- dom_sid2 *sid;
- } lsa_TrustDomainInfoBasic;
-
- typedef struct {
- lsa_StringLarge domain_name;
- lsa_StringLarge netbios_name;
- dom_sid2 *sid;
- lsa_TrustDirection trust_direction;
- lsa_TrustType trust_type;
- lsa_TrustAttributes trust_attributes;
- } lsa_TrustDomainInfoInfoEx;
-
- typedef [public,v1_enum] enum {
- TRUST_AUTH_TYPE_NONE = 0,
- TRUST_AUTH_TYPE_NT4OWF = 1,
- TRUST_AUTH_TYPE_CLEAR = 2,
- TRUST_AUTH_TYPE_VERSION = 3
- } lsa_TrustAuthType;
-
- typedef struct {
- NTTIME_hyper last_update_time;
- lsa_TrustAuthType AuthType;
- lsa_DATA_BUF2 data;
- } lsa_TrustDomainInfoBuffer;
-
- typedef struct {
- uint32 incoming_count;
- lsa_TrustDomainInfoBuffer *incoming_current_auth_info;
- lsa_TrustDomainInfoBuffer *incoming_previous_auth_info;
- uint32 outgoing_count;
- lsa_TrustDomainInfoBuffer *outgoing_current_auth_info;
- lsa_TrustDomainInfoBuffer *outgoing_previous_auth_info;
- } lsa_TrustDomainInfoAuthInfo;
-
- typedef struct {
- lsa_TrustDomainInfoInfoEx info_ex;
- lsa_TrustDomainInfoPosixOffset posix_offset;
- lsa_TrustDomainInfoAuthInfo auth_info;
- } lsa_TrustDomainInfoFullInfo;
-
- typedef struct {
- lsa_DATA_BUF2 auth_blob;
- } lsa_TrustDomainInfoAuthInfoInternal;
-
- typedef struct {
- lsa_TrustDomainInfoInfoEx info_ex;
- lsa_TrustDomainInfoPosixOffset posix_offset;
- lsa_TrustDomainInfoAuthInfoInternal auth_info;
- } lsa_TrustDomainInfoFullInfoInternal;
-
- typedef struct {
- lsa_TrustDomainInfoInfoEx info_ex;
- uint32 forest_trust_length;
- [size_is(forest_trust_length)] uint8 *forest_trust_data;
- } lsa_TrustDomainInfoInfoEx2Internal;
-
- typedef struct {
- lsa_TrustDomainInfoInfoEx2Internal info;
- lsa_TrustDomainInfoPosixOffset posix_offset;
- lsa_TrustDomainInfoAuthInfo auth_info;
- } lsa_TrustDomainInfoFullInfo2Internal;
-
- typedef struct {
- kerb_EncTypes enc_types;
- } lsa_TrustDomainInfoSupportedEncTypes;
-
- typedef [switch_type(lsa_TrustDomInfoEnum)] union {
- [case(LSA_TRUSTED_DOMAIN_INFO_NAME)]
- lsa_TrustDomainInfoName name;
- [case(LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS)]
- lsa_TrustDomainInfoControllers controllers;
- [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)]
- lsa_TrustDomainInfoPosixOffset posix_offset;
- [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)]
- lsa_TrustDomainInfoPassword password;
- [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)]
- lsa_TrustDomainInfoBasic info_basic;
- [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)]
- lsa_TrustDomainInfoInfoEx info_ex;
- [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)]
- lsa_TrustDomainInfoAuthInfo auth_info;
- [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)]
- lsa_TrustDomainInfoFullInfo full_info;
- [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL)]
- lsa_TrustDomainInfoAuthInfoInternal auth_info_internal;
- [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL)]
- lsa_TrustDomainInfoFullInfoInternal full_info_internal;
- [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL)]
- lsa_TrustDomainInfoInfoEx2Internal info_ex2_internal;
- [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL)]
- lsa_TrustDomainInfoFullInfo2Internal full_info2_internal;
- [case(LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES)]
- lsa_TrustDomainInfoSupportedEncTypes enc_types;
- } lsa_TrustedDomainInfo;
-
- /* Function: 0x1a */
- NTSTATUS lsa_QueryTrustedDomainInfo(
- [in] policy_handle *trustdom_handle,
- [in] lsa_TrustDomInfoEnum level,
- [out,switch_is(level),ref] lsa_TrustedDomainInfo **info
- );
-
- /* Function: 0x1b */
- NTSTATUS lsa_SetInformationTrustedDomain(
- [in] policy_handle *trustdom_handle,
- [in] lsa_TrustDomInfoEnum level,
- [in,switch_is(level)] lsa_TrustedDomainInfo *info
- );
-
- /* Function: 0x1c */
- [public] NTSTATUS lsa_OpenSecret(
- [in] policy_handle *handle,
- [in] lsa_String name,
- [in] uint32 access_mask,
- [out] policy_handle *sec_handle
- );
-
- /* Function: 0x1d */
-
- [public] NTSTATUS lsa_SetSecret(
- [in] policy_handle *sec_handle,
- [in,unique] lsa_DATA_BUF *new_val,
- [in,unique] lsa_DATA_BUF *old_val
- );
-
- typedef struct {
- lsa_DATA_BUF *buf;
- } lsa_DATA_BUF_PTR;
-
- /* Function: 0x1e */
- [public] NTSTATUS lsa_QuerySecret (
- [in] policy_handle *sec_handle,
- [in,out,unique] lsa_DATA_BUF_PTR *new_val,
- [in,out,unique] NTTIME_hyper *new_mtime,
- [in,out,unique] lsa_DATA_BUF_PTR *old_val,
- [in,out,unique] NTTIME_hyper *old_mtime
- );
-
- /* Function: 0x1f */
- NTSTATUS lsa_LookupPrivValue(
- [in] policy_handle *handle,
- [in,ref] lsa_String *name,
- [out,ref] lsa_LUID *luid
- );
-
-
- /* Function: 0x20 */
- NTSTATUS lsa_LookupPrivName(
- [in] policy_handle *handle,
- [in,ref] lsa_LUID *luid,
- [out,ref] lsa_StringLarge **name
- );
-
-
- /*******************/
- /* Function: 0x21 */
- NTSTATUS lsa_LookupPrivDisplayName(
- [in] policy_handle *handle,
- [in,ref] lsa_String *name,
- [in] uint16 language_id,
- [in] uint16 language_id_sys,
- [out,ref] lsa_StringLarge **disp_name,
- /* see http://www.microsoft.com/globaldev/nlsweb/ for
- language definitions */
- [out,ref] uint16 *returned_language_id
- );
-
- /*******************/
- /* Function: 0x22 */
- NTSTATUS lsa_DeleteObject (
- [in,out] policy_handle *handle
- );
-
- /*******************/
- /* Function: 0x23 */
- NTSTATUS lsa_EnumAccountsWithUserRight (
- [in] policy_handle *handle,
- [in,unique] lsa_String *name,
- [out] lsa_SidArray *sids
- );
-
- /* Function: 0x24 */
- typedef struct {
- [string,charset(UTF16)] uint16 *name;
- } lsa_RightAttribute;
-
- typedef struct {
- [range(0,256)] uint32 count;
- [size_is(count)] lsa_StringLarge *names;
- } lsa_RightSet;
-
- NTSTATUS lsa_EnumAccountRights (
- [in] policy_handle *handle,
- [in,ref] dom_sid2 *sid,
- [out,ref] lsa_RightSet *rights
- );
-
-
- /**********************/
- /* Function: 0x25 */
- NTSTATUS lsa_AddAccountRights (
- [in] policy_handle *handle,
- [in,ref] dom_sid2 *sid,
- [in,ref] lsa_RightSet *rights
- );
-
- /**********************/
- /* Function: 0x26 */
- NTSTATUS lsa_RemoveAccountRights (
- [in] policy_handle *handle,
- [in,ref] dom_sid2 *sid,
- [in] uint8 remove_all,
- [in,ref] lsa_RightSet *rights
- );
-
- /* Function: 0x27 */
- NTSTATUS lsa_QueryTrustedDomainInfoBySid(
- [in] policy_handle *handle,
- [in,ref] dom_sid2 *dom_sid,
- [in] lsa_TrustDomInfoEnum level,
- [out,switch_is(level),ref] lsa_TrustedDomainInfo **info
- );
-
- /* Function: 0x28 */
- NTSTATUS lsa_SetTrustedDomainInfo(
- [in] policy_handle *handle,
- [in] dom_sid2 *dom_sid,
- [in] lsa_TrustDomInfoEnum level,
- [in,switch_is(level)] lsa_TrustedDomainInfo *info
- );
-
- /* Function: 0x29 */
- NTSTATUS lsa_DeleteTrustedDomain(
- [in] policy_handle *handle,
- [in] dom_sid2 *dom_sid
- );
-
- /* Function: 0x2a */
- [todo] NTSTATUS lsa_StorePrivateData();
- /* Function: 0x2b */
- [todo] NTSTATUS lsa_RetrievePrivateData();
-
-
- /**********************/
- /* Function: 0x2c */
- [public] NTSTATUS lsa_OpenPolicy2 (
- [in,unique] [string,charset(UTF16)] uint16 *system_name,
- [in] lsa_ObjectAttribute *attr,
- [in] lsa_PolicyAccessMask access_mask,
- [out] policy_handle *handle
- );
-
- /**********************/
- /* Function: 0x2d */
- NTSTATUS lsa_GetUserName(
- [in,unique] [string,charset(UTF16)] uint16 *system_name,
- [in,out,ref] lsa_String **account_name,
- [in,out,unique] lsa_String **authority_name
- );
-
- /**********************/
- /* Function: 0x2e */
-
- NTSTATUS lsa_QueryInfoPolicy2(
- [in] policy_handle *handle,
- [in] lsa_PolicyInfo level,
- [out,ref,switch_is(level)] lsa_PolicyInformation **info
- );
-
- /* Function 0x2f */
- NTSTATUS lsa_SetInfoPolicy2(
- [in] policy_handle *handle,
- [in] lsa_PolicyInfo level,
- [in,switch_is(level)] lsa_PolicyInformation *info
- );
-
- /**********************/
- /* Function 0x30 */
- NTSTATUS lsa_QueryTrustedDomainInfoByName(
- [in] policy_handle *handle,
- [in,ref] lsa_String *trusted_domain,
- [in] lsa_TrustDomInfoEnum level,
- [out,ref,switch_is(level)] lsa_TrustedDomainInfo **info
- );
-
- /**********************/
- /* Function 0x31 */
- NTSTATUS lsa_SetTrustedDomainInfoByName(
- [in] policy_handle *handle,
- [in] lsa_String trusted_domain,
- [in] lsa_TrustDomInfoEnum level,
- [in,unique,switch_is(level)] lsa_TrustedDomainInfo *info
- );
-
- /* Function 0x32 */
-
- /* w2k3 treats max_size as max_domains*82 */
- const int LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER = 82;
-
- typedef struct {
- uint32 count;
- [size_is(count)] lsa_TrustDomainInfoInfoEx *domains;
- } lsa_DomainListEx;
-
- NTSTATUS lsa_EnumTrustedDomainsEx (
- [in] policy_handle *handle,
- [in,out] uint32 *resume_handle,
- [out] lsa_DomainListEx *domains,
- [in] uint32 max_size
- );
-
- /* Function 0x33 */
- NTSTATUS lsa_CreateTrustedDomainEx(
- [in] policy_handle *policy_handle,
- [in] lsa_TrustDomainInfoInfoEx *info,
- [in] lsa_TrustDomainInfoAuthInfoInternal *auth_info,
- [in] uint32 access_mask,
- [out] policy_handle *trustdom_handle
- );
-
-
- /* Function 0x34 */
- NTSTATUS lsa_CloseTrustedDomainEx(
- [in,out] policy_handle *handle
- );
-
- /* Function 0x35 */
-
- /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000
- for unknown6 - gd */
- typedef struct {
- uint32 enforce_restrictions;
- hyper service_tkt_lifetime;
- hyper user_tkt_lifetime;
- hyper user_tkt_renewaltime;
- hyper clock_skew;
- hyper unknown6;
- } lsa_DomainInfoKerberos;
-
- typedef struct {
- uint32 blob_size;
- [size_is(blob_size)] uint8 *efs_blob;
- } lsa_DomainInfoEfs;
-
- typedef enum {
- LSA_DOMAIN_INFO_POLICY_EFS=2,
- LSA_DOMAIN_INFO_POLICY_KERBEROS=3
- } lsa_DomainInfoEnum;
-
- typedef [switch_type(uint16)] union {
- [case(LSA_DOMAIN_INFO_POLICY_EFS)] lsa_DomainInfoEfs efs_info;
- [case(LSA_DOMAIN_INFO_POLICY_KERBEROS)] lsa_DomainInfoKerberos kerberos_info;
- } lsa_DomainInformationPolicy;
-
- NTSTATUS lsa_QueryDomainInformationPolicy(
- [in] policy_handle *handle,
- [in] uint16 level,
- [out,ref,switch_is(level)] lsa_DomainInformationPolicy **info
- );
-
- /* Function 0x36 */
- NTSTATUS lsa_SetDomainInformationPolicy(
- [in] policy_handle *handle,
- [in] uint16 level,
- [in,unique,switch_is(level)] lsa_DomainInformationPolicy *info
- );
-
- /**********************/
- /* Function 0x37 */
- NTSTATUS lsa_OpenTrustedDomainByName(
- [in] policy_handle *handle,
- [in] lsa_String name,
- [in] uint32 access_mask,
- [out] policy_handle *trustdom_handle
- );
-
- /* Function 0x38 */
- [todo] NTSTATUS lsa_TestCall();
-
- /**********************/
- /* Function 0x39 */
-
- typedef struct {
- lsa_SidType sid_type;
- lsa_String name;
- uint32 sid_index;
- uint32 unknown;
- } lsa_TranslatedName2;
-
- typedef struct {
- [range(0,1000)] uint32 count;
- [size_is(count)] lsa_TranslatedName2 *names;
- } lsa_TransNameArray2;
-
- [public] NTSTATUS lsa_LookupSids2(
- [in] policy_handle *handle,
- [in,ref] lsa_SidArray *sids,
- [out,ref] lsa_RefDomainList **domains,
- [in,out,ref] lsa_TransNameArray2 *names,
- [in] uint16 level,
- [in,out,ref] uint32 *count,
- [in] uint32 unknown1,
- [in] uint32 unknown2
- );
-
- /**********************/
- /* Function 0x3a */
-
- typedef struct {
- lsa_SidType sid_type;
- uint32 rid;
- uint32 sid_index;
- uint32 unknown;
- } lsa_TranslatedSid2;
-
- typedef struct {
- [range(0,1000)] uint32 count;
- [size_is(count)] lsa_TranslatedSid2 *sids;
- } lsa_TransSidArray2;
-
- [public] NTSTATUS lsa_LookupNames2 (
- [in] policy_handle *handle,
- [in,range(0,1000)] uint32 num_names,
- [in,size_is(num_names)] lsa_String names[],
- [out,ref] lsa_RefDomainList **domains,
- [in,out,ref] lsa_TransSidArray2 *sids,
- [in] lsa_LookupNamesLevel level,
- [in,out,ref] uint32 *count,
- [in] uint32 lookup_options,
- [in] uint32 client_revision /* LSA_CLIENT_REVISION* */
- );
-
- /* Function 0x3b */
- NTSTATUS lsa_CreateTrustedDomainEx2(
- [in] policy_handle *policy_handle,
- [in] lsa_TrustDomainInfoInfoEx *info,
- [in] lsa_TrustDomainInfoAuthInfoInternal *auth_info,
- [in] uint32 access_mask,
- [out] policy_handle *trustdom_handle
- );
-
- /* Function 0x3c */
- [todo] NTSTATUS lsa_CREDRWRITE();
-
- /* Function 0x3d */
- [todo] NTSTATUS lsa_CREDRREAD();
-
- /* Function 0x3e */
- [todo] NTSTATUS lsa_CREDRENUMERATE();
-
- /* Function 0x3f */
- [todo] NTSTATUS lsa_CREDRWRITEDOMAINCREDENTIALS();
-
- /* Function 0x40 */
- [todo] NTSTATUS lsa_CREDRREADDOMAINCREDENTIALS();
-
- /* Function 0x41 */
- [todo] NTSTATUS lsa_CREDRDELETE();
-
- /* Function 0x42 */
- [todo] NTSTATUS lsa_CREDRGETTARGETINFO();
-
- /* Function 0x43 */
- [todo] NTSTATUS lsa_CREDRPROFILELOADED();
-
- /**********************/
- /* Function 0x44 */
- typedef struct {
- lsa_SidType sid_type;
- dom_sid2 *sid;
- uint32 sid_index;
- uint32 flags;
- } lsa_TranslatedSid3;
-
- typedef struct {
- [range(0,1000)] uint32 count;
- [size_is(count)] lsa_TranslatedSid3 *sids;
- } lsa_TransSidArray3;
-
- [public] NTSTATUS lsa_LookupNames3 (
- [in] policy_handle *handle,
- [in,range(0,1000)] uint32 num_names,
- [in,size_is(num_names)] lsa_String names[],
- [out,ref] lsa_RefDomainList **domains,
- [in,out,ref] lsa_TransSidArray3 *sids,
- [in] lsa_LookupNamesLevel level,
- [in,out,ref] uint32 *count,
- [in] uint32 lookup_options,
- [in] uint32 client_revision /* LSA_CLIENT_REVISION* */
- );
-
- /* Function 0x45 */
- [todo] NTSTATUS lsa_CREDRGETSESSIONTYPES();
-
- /* Function 0x46 */
- [todo] NTSTATUS lsa_LSARREGISTERAUDITEVENT();
-
- /* Function 0x47 */
- [todo] NTSTATUS lsa_LSARGENAUDITEVENT();
-
- /* Function 0x48 */
- [todo] NTSTATUS lsa_LSARUNREGISTERAUDITEVENT();
-
- /* Function 0x49 */
- typedef struct {
- [range(0,131072)] uint32 length;
- [size_is(length)] uint8 *data;
- } lsa_ForestTrustBinaryData;
-
- typedef struct {
- dom_sid2 *domain_sid;
- lsa_StringLarge dns_domain_name;
- lsa_StringLarge netbios_domain_name;
- } lsa_ForestTrustDomainInfo;
-
- typedef [switch_type(uint32)] union {
- [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_String top_level_name;
- [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex;
- [case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info;
- [default] lsa_ForestTrustBinaryData data;
- } lsa_ForestTrustData;
-
- typedef [v1_enum] enum {
- LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0,
- LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1,
- LSA_FOREST_TRUST_DOMAIN_INFO = 2,
- LSA_FOREST_TRUST_RECORD_TYPE_LAST = 3
- } lsa_ForestTrustRecordType;
-
- typedef struct {
- uint32 flags;
- lsa_ForestTrustRecordType level;
- hyper unknown;
- [switch_is(level)] lsa_ForestTrustData forest_trust_data;
- } lsa_ForestTrustRecord;
-
- typedef [public] struct {
- [range(0,4000)] uint32 count;
- [size_is(count)] lsa_ForestTrustRecord **entries;
- } lsa_ForestTrustInformation;
-
- NTSTATUS lsa_lsaRQueryForestTrustInformation(
- [in] policy_handle *handle,
- [in,ref] lsa_String *trusted_domain_name,
- [in] uint16 unknown, /* level ? */
- [out,ref] lsa_ForestTrustInformation **forest_trust_info
- );
-
- /* Function 0x4a */
- [todo] NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION();
-
- /* Function 0x4b */
- [todo] NTSTATUS lsa_CREDRRENAME();
-
- /*****************/
- /* Function 0x4c */
-
- [public] NTSTATUS lsa_LookupSids3(
- [in,ref] lsa_SidArray *sids,
- [out,ref] lsa_RefDomainList **domains,
- [in,out,ref] lsa_TransNameArray2 *names,
- [in] uint16 level,
- [in,out,ref] uint32 *count,
- [in] uint32 unknown1,
- [in] uint32 unknown2
- );
-
- const int LSA_CLIENT_REVISION_NO_DNS = 0x00000001;
- const int LSA_CLIENT_REVISION_DNS = 0x00000002;
-
- const int LSA_LOOKUP_OPTIONS_NO_ISOLATED = 0x80000000;
-
- /* Function 0x4d */
- NTSTATUS lsa_LookupNames4(
- [in,range(0,1000)] uint32 num_names,
- [in,size_is(num_names)] lsa_String names[],
- [out,ref] lsa_RefDomainList **domains,
- [in,out,ref] lsa_TransSidArray3 *sids,
- [in] lsa_LookupNamesLevel level,
- [in,out,ref] uint32 *count,
- [in] uint32 lookup_options,
- [in] uint32 client_revision /* LSA_CLIENT_REVISION* */
- );
-
- /* Function 0x4e */
- [todo] NTSTATUS lsa_LSAROPENPOLICYSCE();
-
- /* Function 0x4f */
- [todo] NTSTATUS lsa_LSARADTREGISTERSECURITYEVENTSOURCE();
-
- /* Function 0x50 */
- [todo] NTSTATUS lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE();
-
- /* Function 0x51 */
- [todo] NTSTATUS lsa_LSARADTREPORTSECURITYEVENT();
-
-}