summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/librpc/idl/lsa.idl183
1 files changed, 139 insertions, 44 deletions
diff --git a/source3/librpc/idl/lsa.idl b/source3/librpc/idl/lsa.idl
index 0a6c3b95d4..1e141a9079 100644
--- a/source3/librpc/idl/lsa.idl
+++ b/source3/librpc/idl/lsa.idl
@@ -14,6 +14,7 @@ import "misc.idl", "security.idl";
] interface lsarpc
{
typedef bitmap security_secinfo security_secinfo;
+ typedef bitmap kerb_EncTypes kerb_EncTypes;
typedef [public,noejs] struct {
[value(2*strlen_m(string))] uint16 length;
@@ -224,7 +225,7 @@ import "misc.idl", "security.idl";
typedef struct {
hyper modified_id;
- NTTIME db_create_time;
+ NTTIME_hyper db_create_time;
} lsa_ModificationInfo;
typedef struct {
@@ -263,7 +264,8 @@ import "misc.idl", "security.idl";
LSA_POLICY_INFO_DB=9,
LSA_POLICY_INFO_AUDIT_FULL_SET=10,
LSA_POLICY_INFO_AUDIT_FULL_QUERY=11,
- LSA_POLICY_INFO_DNS=12
+ LSA_POLICY_INFO_DNS=12,
+ LSA_POLICY_INFO_DNS_INT=13
} lsa_PolicyInfo;
typedef [switch_type(uint16)] union {
@@ -279,6 +281,7 @@ import "misc.idl", "security.idl";
[case(LSA_POLICY_INFO_AUDIT_FULL_SET)] lsa_AuditFullSetInfo auditfullset;
[case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery;
[case(LSA_POLICY_INFO_DNS)] lsa_DnsDomainInfo dns;
+ [case(LSA_POLICY_INFO_DNS_INT)] lsa_DnsDomainInfo dns;
} lsa_PolicyInformation;
NTSTATUS lsa_QueryInfoPolicy(
@@ -409,7 +412,8 @@ import "misc.idl", "security.idl";
LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY = 3,
LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY = 4,
LSA_LOOKUP_NAMES_FOREST_TRUSTS_ONLY = 5,
- LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6
+ LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6,
+ LSA_LOOKUP_NAMES_RODC_REFERRAL_TO_FULL_DC = 7
} lsa_LookupNamesLevel;
[public] NTSTATUS lsa_LookupNames (
@@ -543,22 +547,53 @@ import "misc.idl", "security.idl";
} lsa_DATA_BUF2;
typedef enum {
- LSA_TRUSTED_DOMAIN_INFO_NAME = 1,
- LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO = 2,
- LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3,
- LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4,
- LSA_TRUSTED_DOMAIN_INFO_BASIC = 5,
- LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6,
- LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7,
- LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8,
- LSA_TRUSTED_DOMAIN_INFO_11 = 11,
- LSA_TRUSTED_DOMAIN_INFO_INFO_ALL = 12
+ LSA_TRUSTED_DOMAIN_INFO_NAME = 1,
+ LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS = 2,
+ LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3,
+ LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4,
+ LSA_TRUSTED_DOMAIN_INFO_BASIC = 5,
+ LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6,
+ LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7,
+ LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8,
+ LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL = 9,
+ LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL = 10,
+ LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL = 11,
+ LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL = 12,
+ LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES = 13
} lsa_TrustDomInfoEnum;
+ typedef [public,bitmap32bit] bitmap {
+ LSA_TRUST_DIRECTION_INBOUND = 0x00000001,
+ LSA_TRUST_DIRECTION_OUTBOUND = 0x00000002
+ } lsa_TrustDirection;
+
+ typedef [v1_enum] enum {
+ LSA_TRUST_TYPE_DOWNLEVEL = 0x00000001,
+ LSA_TRUST_TYPE_UPLEVEL = 0x00000002,
+ LSA_TRUST_TYPE_MIT = 0x00000003
+ } lsa_TrustType;
+
+ typedef [public,bitmap32bit] bitmap {
+ LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE = 0x00000001,
+ LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY = 0x00000002,
+ LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004,
+ LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE = 0x00000008,
+ LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010,
+ LSA_TRUST_ATTRIBUTE_WITHIN_FOREST = 0x00000020,
+ LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL = 0x00000040,
+ LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION = 0x00000080
+ } lsa_TrustAttributes;
+
typedef struct {
lsa_StringLarge netbios_name;
} lsa_TrustDomainInfoName;
+
+ typedef struct {
+ uint32 entries;
+ [size_is(entries)] lsa_StringLarge *netbios_names;
+ } lsa_TrustDomainInfoControllers;
+
typedef struct {
uint32 posix_offset;
} lsa_TrustDomainInfoPosixOffset;
@@ -576,15 +611,22 @@ import "misc.idl", "security.idl";
typedef struct {
lsa_StringLarge domain_name;
lsa_StringLarge netbios_name;
- dom_sid2 *sid;
- uint32 trust_direction;
- uint32 trust_type;
- uint32 trust_attributes;
+ dom_sid2 *sid;
+ lsa_TrustDirection trust_direction;
+ lsa_TrustType trust_type;
+ lsa_TrustAttributes trust_attributes;
} lsa_TrustDomainInfoInfoEx;
+ typedef [public,v1_enum] enum {
+ TRUST_AUTH_TYPE_NONE = 0,
+ TRUST_AUTH_TYPE_NT4OWF = 1,
+ TRUST_AUTH_TYPE_CLEAR = 2,
+ TRUST_AUTH_TYPE_VERSION = 3
+ } lsa_TrustAuthType;
+
typedef struct {
NTTIME_hyper last_update_time;
- uint32 secret_type;
+ lsa_TrustAuthType AuthType;
lsa_DATA_BUF2 data;
} lsa_TrustDomainInfoBuffer;
@@ -604,27 +646,58 @@ import "misc.idl", "security.idl";
} lsa_TrustDomainInfoFullInfo;
typedef struct {
- lsa_TrustDomainInfoInfoEx info_ex;
- lsa_DATA_BUF2 data1;
- } lsa_TrustDomainInfo11;
+ lsa_DATA_BUF2 auth_blob;
+ } lsa_TrustDomainInfoAuthInfoInternal;
+
+ typedef struct {
+ lsa_TrustDomainInfoInfoEx info_ex;
+ lsa_TrustDomainInfoPosixOffset posix_offset;
+ lsa_TrustDomainInfoAuthInfoInternal auth_info;
+ } lsa_TrustDomainInfoFullInfoInternal;
typedef struct {
lsa_TrustDomainInfoInfoEx info_ex;
- lsa_DATA_BUF2 data1;
+ uint32 forest_trust_length;
+ [size_is(forest_trust_length)] uint8 *forest_trust_data;
+ } lsa_TrustDomainInfoInfoEx2Internal;
+
+ typedef struct {
+ lsa_TrustDomainInfoInfoEx2Internal info;
lsa_TrustDomainInfoPosixOffset posix_offset;
lsa_TrustDomainInfoAuthInfo auth_info;
- } lsa_TrustDomainInfoInfoAll;
+ } lsa_TrustDomainInfoFullInfo2Internal;
+
+ typedef struct {
+ kerb_EncTypes enc_types;
+ } lsa_TrustDomainInfoSupportedEncTypes;
typedef [switch_type(lsa_TrustDomInfoEnum)] union {
- [case(LSA_TRUSTED_DOMAIN_INFO_NAME)] lsa_TrustDomainInfoName name;
- [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] lsa_TrustDomainInfoPosixOffset posix_offset;
- [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)] lsa_TrustDomainInfoPassword password;
- [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)] lsa_TrustDomainInfoBasic info_basic;
- [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)] lsa_TrustDomainInfoInfoEx info_ex;
- [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)] lsa_TrustDomainInfoAuthInfo auth_info;
- [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)] lsa_TrustDomainInfoFullInfo full_info;
- [case(LSA_TRUSTED_DOMAIN_INFO_11)] lsa_TrustDomainInfo11 info11;
- [case(LSA_TRUSTED_DOMAIN_INFO_INFO_ALL)] lsa_TrustDomainInfoInfoAll info_all;
+ [case(LSA_TRUSTED_DOMAIN_INFO_NAME)]
+ lsa_TrustDomainInfoName name;
+ [case(LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS)]
+ lsa_TrustDomainInfoControllers controllers;
+ [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)]
+ lsa_TrustDomainInfoPosixOffset posix_offset;
+ [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)]
+ lsa_TrustDomainInfoPassword password;
+ [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)]
+ lsa_TrustDomainInfoBasic info_basic;
+ [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)]
+ lsa_TrustDomainInfoInfoEx info_ex;
+ [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)]
+ lsa_TrustDomainInfoAuthInfo auth_info;
+ [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)]
+ lsa_TrustDomainInfoFullInfo full_info;
+ [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL)]
+ lsa_TrustDomainInfoAuthInfoInternal auth_info_internal;
+ [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL)]
+ lsa_TrustDomainInfoFullInfoInternal full_info_internal;
+ [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL)]
+ lsa_TrustDomainInfoInfoEx2Internal info_ex2_internal;
+ [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL)]
+ lsa_TrustDomainInfoFullInfo2Internal full_info2_internal;
+ [case(LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES)]
+ lsa_TrustDomainInfoSupportedEncTypes enc_types;
} lsa_TrustedDomainInfo;
/* Function: 0x1a */
@@ -635,7 +708,11 @@ import "misc.idl", "security.idl";
);
/* Function: 0x1b */
- NTSTATUS lsa_SetInformationTrustedDomain();
+ NTSTATUS lsa_SetInformationTrustedDomain(
+ [in] policy_handle *trustdom_handle,
+ [in] lsa_TrustDomInfoEnum level,
+ [in,switch_is(level)] lsa_TrustedDomainInfo *info
+ );
/* Function: 0x1c */
[public] NTSTATUS lsa_OpenSecret(
@@ -752,7 +829,13 @@ import "misc.idl", "security.idl";
);
/* Function: 0x28 */
- NTSTATUS lsa_SetTrustedDomainInfo();
+ NTSTATUS lsa_SetTrustedDomainInfo(
+ [in] policy_handle *handle,
+ [in] dom_sid2 *dom_sid,
+ [in] lsa_TrustDomInfoEnum level,
+ [in,switch_is(level)] lsa_TrustedDomainInfo *info
+ );
+
/* Function: 0x29 */
NTSTATUS lsa_DeleteTrustedDomain(
[in] policy_handle *handle,
@@ -833,9 +916,15 @@ import "misc.idl", "security.idl";
[in] uint32 max_size
);
-
/* Function 0x33 */
- NTSTATUS lsa_CreateTrustedDomainEx();
+ NTSTATUS lsa_CreateTrustedDomainEx(
+ [in] policy_handle *policy_handle,
+ [in] lsa_TrustDomainInfoInfoEx *info,
+ [in] lsa_TrustDomainInfoAuthInfoInternal *auth_info,
+ [in] uint32 access_mask,
+ [out] policy_handle *trustdom_handle
+ );
+
/* Function 0x34 */
NTSTATUS lsa_CloseTrustedDomainEx(
@@ -944,12 +1033,18 @@ import "misc.idl", "security.idl";
[in,out,ref] lsa_TransSidArray2 *sids,
[in] lsa_LookupNamesLevel level,
[in,out,ref] uint32 *count,
- [in] uint32 unknown1,
- [in] uint32 unknown2
+ [in] uint32 lookup_options,
+ [in] uint32 client_revision /* LSA_CLIENT_REVISION* */
);
/* Function 0x3b */
- NTSTATUS lsa_CreateTrustedDomainEx2();
+ NTSTATUS lsa_CreateTrustedDomainEx2(
+ [in] policy_handle *policy_handle,
+ [in] lsa_TrustDomainInfoInfoEx *info,
+ [in] lsa_TrustDomainInfoAuthInfoInternal *auth_info,
+ [in] uint32 access_mask,
+ [out] policy_handle *trustdom_handle
+ );
/* Function 0x3c */
[todo] NTSTATUS lsa_CREDRWRITE();
@@ -981,7 +1076,7 @@ import "misc.idl", "security.idl";
lsa_SidType sid_type;
dom_sid2 *sid;
uint32 sid_index;
- uint32 unknown;
+ uint32 flags;
} lsa_TranslatedSid3;
typedef struct {
@@ -997,8 +1092,8 @@ import "misc.idl", "security.idl";
[in,out,ref] lsa_TransSidArray3 *sids,
[in] lsa_LookupNamesLevel level,
[in,out,ref] uint32 *count,
- [in] uint32 unknown1,
- [in] uint32 unknown2
+ [in] uint32 lookup_options,
+ [in] uint32 client_revision /* LSA_CLIENT_REVISION* */
);
/* Function 0x45 */
@@ -1090,8 +1185,8 @@ import "misc.idl", "security.idl";
[in,out,ref] lsa_TransSidArray3 *sids,
[in] lsa_LookupNamesLevel level,
[in,out,ref] uint32 *count,
- [in] uint32 unknown1,
- [in] uint32 unknown2
+ [in] uint32 lookup_options,
+ [in] uint32 client_revision /* LSA_CLIENT_REVISION* */
);
/* Function 0x4e */