diff options
Diffstat (limited to 'source3/librpc/idl')
| -rw-r--r-- | source3/librpc/idl/drsuapi.idl | 1503 | ||||
| -rw-r--r-- | source3/librpc/idl/nbt.idl | 699 | ||||
| -rw-r--r-- | source3/librpc/idl/security.idl | 3 |
3 files changed, 2205 insertions, 0 deletions
diff --git a/source3/librpc/idl/drsuapi.idl b/source3/librpc/idl/drsuapi.idl new file mode 100644 index 0000000000..80d800c533 --- /dev/null +++ b/source3/librpc/idl/drsuapi.idl @@ -0,0 +1,1503 @@ +#include "idl_types.h" + +import "security.idl", "misc.idl", "samr.idl"; + +[ + uuid("e3514235-4b06-11d1-ab04-00c04fc2dcd2"), + version(4.0), + endpoint("ncacn_np:[\\pipe\\lsass]","ncacn_np:[\\pipe\\protected_storage]", "ncacn_ip_tcp:", "ncalrpc:"), + authservice("ldap"), + helpstring("Active Directory Replication"), + helper("librpc/ndr/ndr_drsuapi.h"), + pointer_default(unique) +] +interface drsuapi +{ + typedef bitmap samr_GroupAttrs samr_GroupAttrs; + + /*****************/ + /* Function 0x00 */ + typedef [bitmap32bit] bitmap { + DRSUAPI_SUPPORTED_EXTENSION_BASE = 0x00000001, + DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION = 0x00000002, + DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI = 0x00000004, + DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2 = 0x00000008, + DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS = 0x00000010, + DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1 = 0x00000020, + DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION = 0x00000040, + DRSUAPI_SUPPORTED_EXTENSION_00000080 = 0x00000080, + DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE = 0x00000100, + DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2 = 0x00000200, + DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION = 0x00000400, + DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2 = 0x00000800, + DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD= 0x00001000, + DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND = 0x00002000, + DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO = 0x00004000, + DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION = 0x00008000, + DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01 = 0x00010000, + DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP = 0x00020000, + DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY = 0x00040000, + DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3 = 0x00080000, + DRSUAPI_SUPPORTED_EXTENSION_00100000 = 0x00100000, + DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2 = 0x00200000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6 = 0x00400000, + DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS = 0x00800000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8 = 0x01000000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5 = 0x02000000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6 = 0x04000000, + /* + * the following 3 have the same value + * repadmin.exe /bind says that + */ + DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3 = 0x08000000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7 = 0x08000000, + DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT = 0x08000000, + DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS = 0x10000000, + DRSUAPI_SUPPORTED_EXTENSION_20000000 = 0x20000000, + DRSUAPI_SUPPORTED_EXTENSION_40000000 = 0x40000000, + DRSUAPI_SUPPORTED_EXTENSION_80000000 = 0x80000000 + } drsuapi_SupportedExtensions; + + /* this is used by w2k */ + typedef struct { + drsuapi_SupportedExtensions supported_extensions; + GUID site_guid; + uint32 u1; + } drsuapi_DsBindInfo24; + + /* this is used by w2k3 */ + typedef struct { + drsuapi_SupportedExtensions supported_extensions; + GUID site_guid; + uint32 u1; + uint32 repl_epoch; + } drsuapi_DsBindInfo28; + + typedef struct { + [flag(NDR_REMAINING)] DATA_BLOB info; + } drsuapi_DsBindInfoFallBack; + + typedef [nodiscriminant] union { + [case(24)][subcontext(4)] drsuapi_DsBindInfo24 info24; + [case(28)][subcontext(4)] drsuapi_DsBindInfo28 info28; + [default][subcontext(4)] drsuapi_DsBindInfoFallBack FallBack; + } drsuapi_DsBindInfo; + + /* the drsuapi_DsBindInfoCtr was this before + * typedef [flag(NDR_PAHEX)] struct { + * [range(1,10000)] uint32 length; + * [size_is(length)] uint8 data[]; + * } drsuapi_DsBindInfo; + * + * but we don't want the caller to manually decode this blob, + * so we're doing it here + */ + + typedef struct { + [range(1,10000)] uint32 length; + [switch_is(length)] drsuapi_DsBindInfo info; + } drsuapi_DsBindInfoCtr; + + /* this is a magic guid you need to pass to DsBind to make drsuapi_DsWriteAccountSpn() work + * + * maybe the bind_guid could also be the invocation_id see drsuapi_DsReplicaConnection04 + */ + const char *DRSUAPI_DS_BIND_GUID = "e24d201a-4fd6-11d1-a3da-0000f875ae0d"; + /* + * this magic guid are needed to fetch the whole tree with drsuapi_DsGetNCChanges() + * as administrator and this values are also used in the destination_dsa_guid field + * of drsuapi_DsGetNCChangesReq5/8 and the source_dsa_guid is zero. + */ + const char *DRSUAPI_DS_BIND_GUID_W2K = "6abec3d1-3054-41c8-a362-5a0c5b7d5d71"; + const char *DRSUAPI_DS_BIND_GUID_W2K3 = "6afab99c-6e26-464a-975f-f58f105218bc"; + + [public] WERROR drsuapi_DsBind( + [in,unique] GUID *bind_guid, + [in,out,unique] drsuapi_DsBindInfoCtr *bind_info, + [out] policy_handle *bind_handle + ); + + /*****************/ + /* Function 0x01 */ + WERROR drsuapi_DsUnbind( + [in,out] policy_handle *bind_handle + ); + + /*****************/ + /* Function 0x02 */ + typedef [public,gensize] struct { + [value(ndr_size_drsuapi_DsReplicaObjectIdentifier(r, ndr->flags)-4)] uint32 __ndr_size; + [value(ndr_size_dom_sid28(&sid, ndr->flags))] uint32 __ndr_size_sid; + GUID guid; + dom_sid28 sid; + [value(strlen_m(dn))] uint32 __ndr_size_dn; + [charset(UTF16),size_is(__ndr_size_dn+1)] uint16 dn[]; + } drsuapi_DsReplicaObjectIdentifier; + + typedef [public] bitmap { + DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_SYNC_WRITEABLE = 0x00000002, + DRSUAPI_DS_REPLICA_SYNC_PERIODIC = 0x00000004, + DRSUAPI_DS_REPLICA_SYNC_INTERSITE_MESSAGING = 0x00000008, + DRSUAPI_DS_REPLICA_SYNC_ALL_SOURCES = 0x00000010, + DRSUAPI_DS_REPLICA_SYNC_FULL = 0x00000020, + DRSUAPI_DS_REPLICA_SYNC_URGENT = 0x00000040, + DRSUAPI_DS_REPLICA_SYNC_NO_DISCARD = 0x00000080, + DRSUAPI_DS_REPLICA_SYNC_FORCE = 0x00000100, + DRSUAPI_DS_REPLICA_SYNC_ADD_REFERENCE = 0x00000200, + DRSUAPI_DS_REPLICA_SYNC_NEVER_COMPLETED = 0x00000400, + DRSUAPI_DS_REPLICA_SYNC_TWO_WAY = 0x00000800, + DRSUAPI_DS_REPLICA_SYNC_NEVER_NOTIFY = 0x00001000, + DRSUAPI_DS_REPLICA_SYNC_INITIAL = 0x00002000, + DRSUAPI_DS_REPLICA_SYNC_USE_COMPRESSION = 0x00004000, + DRSUAPI_DS_REPLICA_SYNC_ABANDONED = 0x00008000, + DRSUAPI_DS_REPLICA_SYNC_INITIAL_IN_PROGRESS = 0x00010000, + DRSUAPI_DS_REPLICA_SYNC_PARTIAL_ATTRIBUTE_SET = 0x00020000, + DRSUAPI_DS_REPLICA_SYNC_REQUEUE = 0x00040000, + DRSUAPI_DS_REPLICA_SYNC_NOTIFICATION = 0x00080000, + DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_REPLICA = 0x00100000, + DRSUAPI_DS_REPLICA_SYNC_CRITICAL = 0x00200000, + DRSUAPI_DS_REPLICA_SYNC_FULL_IN_PROGRESS = 0x00400000, + DRSUAPI_DS_REPLICA_SYNC_PREEMPTED = 0x00800000 + } drsuapi_DsReplicaSyncOptions; + + typedef struct { + drsuapi_DsReplicaObjectIdentifier *naming_context; + GUID source_dsa_guid; + astring *other_info; /* I assume this is related to the repsFromTo1OtherInfo dns_name */ + drsuapi_DsReplicaSyncOptions options; + } drsuapi_DsReplicaSyncRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsReplicaSyncRequest1 req1; + } drsuapi_DsReplicaSyncRequest; + + WERROR drsuapi_DsReplicaSync( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,switch_is(level)] drsuapi_DsReplicaSyncRequest req + ); + + /*****************/ + /* Function 0x03 */ + typedef [public] struct { + hyper tmp_highest_usn; /* updated after each object update */ + hyper reserved_usn; + hyper highest_usn; /* updated after a full replication cycle */ + } drsuapi_DsReplicaHighWaterMark; + + typedef [public] struct { + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + hyper highest_usn; /* updated after a full replication cycle */ + } drsuapi_DsReplicaCursor; + + typedef struct { + uint32 u1; + uint32 u2; + [range(0,0x100000)] uint32 count; + uint32 u3; + [size_is(count)] drsuapi_DsReplicaCursor cursors[]; + } drsuapi_DsReplicaCursorCtrEx; + + typedef [public] bitmap { + /* the _WRITEABLE flag indicates a replication with all attributes + * + * --metze + */ + DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE = 0x00000010, + DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP = 0x00000020, + DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS = 0x00000040, + DRSUAPI_DS_REPLICA_NEIGHBOUR_USE_ASYNC_INTERSIDE_TRANSPORT = 0x00000080, + DRSUAPI_DS_REPLICA_NEIGHBOUR_TWO_WAY_SYNC = 0x00000200, + DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS = 0x00000800, + DRSUAPI_DS_REPLICA_NEIGHBOUR_FULL_IN_PROGRESS = 0x00001000, /* was 0x00010000, */ + DRSUAPI_DS_REPLICA_NEIGHBOUR_FULL_NEXT_PACKET = 0x00002000, /* was 0x00020000, */ + DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED = 0x00200000, + DRSUAPI_DS_REPLICA_NEIGHBOUR_PREEMPTED = 0x01000000, + DRSUAPI_DS_REPLICA_NEIGHBOUR_IGNORE_CHANGE_NOTIFICATIONS = 0x04000000, + DRSUAPI_DS_REPLICA_NEIGHBOUR_DISABLE_SCHEDULED_SYNC = 0x08000000, + /* + * the following NOTE applies to DsGetNCChangesRequest5: + * - the data is only compressed when 10 or more objects are replicated + * - but there could also be a size limit of 35 KBytes or something like that + * - the reply is DsGetNCChangesCtr2 + * - maybe the same applies to DsGetNCChangesRequest8... + * + * --metze + */ + DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES = 0x10000000, + DRSUAPI_DS_REPLICA_NEIGHBOUR_NO_CHANGE_NOTIFICATIONS = 0x20000000, + DRSUAPI_DS_REPLICA_NEIGHBOUR_PARTIAL_ATTRIBUTE_SET = 0x40000000 + } drsuapi_DsReplicaNeighbourFlags; + + typedef struct { + GUID destination_dsa_guid; + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + [ref] drsuapi_DsReplicaObjectIdentifier *naming_context; + drsuapi_DsReplicaHighWaterMark highwatermark; + drsuapi_DsReplicaCursorCtrEx *uptodateness_vector; + drsuapi_DsReplicaNeighbourFlags replica_flags; + uint32 max_object_count; /* w2k3 uses min(133,max(100,max_object_count)) */ + uint32 max_ndr_size; /* w2k3 seems to ignore this */ + uint32 unknown4; + hyper h1; + } drsuapi_DsGetNCChangesRequest5; + + /* + * In DRSUAPI all attributes with syntax 2.5.5.2 + * are identified by uint32 values + * + * the following table shows the mapping used between the two representations + * e.g. - objectClass 'nTDSDSA' has governsID: 1.2.840.113556.1.5.7000.47 + * and a UINT32-ID of '0x0017002F'. + * - so the OID 1.2.840.113556.1.5.7000.47 is splitted into a + * OID-prefix: 1.2.840.113556.1.5.7000 + * and a value: 47 => 0x2F + * - the mapping table gives a UINT32-prefix: 0x00170000 + * - and the UINT32-ID is 0x0017002F = 0x00170000 | 0x2F + * + * This prefix mapping table is replied in the drsuapi_DsReplicaOIDMapping_Ctr + * array. The following are the default mappings of w2k3 + * + * OID-prefix => UINT32-Id prefix + * + * 2.5.4.* => 0x00000000 (standard attributes RFC2256 core.schema) + * 2.5.6.* => 0x00010000 (standard object classes RFC2256 core.schema) + * 1.2.840.113556.1.2.* => 0x00020000 + * 1.2.840.113556.1.3.* => 0x00030000 + * 2.5.5.* => 0x00080000 (attributeSyntax OID's) + * 1.2.840.113556.1.4.* => 0x00090000 + * 1.2.840.113556.1.5.* => 0x000A0000 + * 2.16.840.1.113730.3.* => 0x00140000 + * 0.9.2342.19200300.100.1.* => 0x00150000 + * 2.16.840.1.113730.3.1.* => 0x00160000 + * 1.2.840.113556.1.5.7000.* => 0x00170000 + * 2.5.21.* => 0x00180000 (attrs for SubSchema) + * 2.5.18.* => 0x00190000 (createTimeStamp,modifyTimeStamp, SubSchema) + * 2.5.20.* => 0x001A0000 + * 1.3.6.1.4.1.1466.101.119.* => 0x001B0000 (dynamicObject, entryTTL) + * 2.16.840.1.113730.3.2.* => 0x001C0000 + * 1.3.6.1.4.1.250.1.* => 0x001D0000 + * 1.2.840.113549.1.9.* => 0x001E0000 (unstructuredAddress,unstructuredName) + * 0.9.2342.19200300.100.4.* => 0x001F0000 + * + * Here's a list of used 'attributeSyntax' OID's + * + * 2.5.5.1 => Object(DS-DN) string + * struct drsuapi_DsObjectIdentifier3 + * + * 2.5.5.2 => OID-string + * => all values are represented as uint32 values in drsuapi + * => governsID, attributeID and attributeSyntax returned as OID-Strings in LDAP + * => mayContain, mustContain and all other attributes with 2.5.5.2 syntax + * are returned as attribute names + * + * 2.5.5.4 => String(Teletex) case-insensitive string with teletex charset + * + * 2.5.5.5 => String(IA5) case-sensitive string + * + * 2.5.5.6 => String(Numeric) + * => eg. internationalISDNNumber + * + * 2.5.5.7 => Object(DN-Binary) B:<byte count>:<bytes>:<object DN> + * => e.g. wellKnownObjects + * + * 2.5.5.8 => BOOL + * + * 2.5.5.9 => int32 + * + * 2.5.5.10 => DATA_BLOB + * => struct GUID + * + * 2.5.5.11 => LDAP timestring + * => NTTIME_1sec + * + * 2.5.5.12 => String(Unicode) case-insensitive string + * => 'standard strings' + * + * 2.5.5.13 => Object(Presentation-Address) string + * => used in objectClass applicationEntity + * + * 2.5.5.14 => Object(DN-String) S:<char count>:<string>:<object DN> + * => not used + * + * 2.5.5.15 => ntSecurityDescriptor + * + * 2.5.5.16 => int64 + * + * 2.5.5.17 => dom_sid + */ + typedef [nopush,nopull] struct { + [range(0,10000),value(ndr_size_drsuapi_DsReplicaOID_oid(oid, 0))] uint32 __ndr_size; + [size_is(__ndr_size),charset(DOS)] uint8 *oid; /* it's encoded with asn1_write_OID_String() */ + } drsuapi_DsReplicaOID; + + typedef struct { + uint32 id_prefix; + drsuapi_DsReplicaOID oid; + } drsuapi_DsReplicaOIDMapping; + + typedef [public] struct { + [range(0,0x100000)] uint32 num_mappings; + [size_is(num_mappings)] drsuapi_DsReplicaOIDMapping *mappings; + } drsuapi_DsReplicaOIDMapping_Ctr; + + typedef [flag(NDR_PAHEX),v1_enum] enum { + DRSUAPI_OBJECTCLASS_top = 0x00010000, + DRSUAPI_OBJECTCLASS_classSchema = 0x0003000d, + DRSUAPI_OBJECTCLASS_attributeSchema = 0x0003000e + } drsuapi_DsObjectClassId; + + typedef [flag(NDR_PAHEX),v1_enum,public] enum { + DRSUAPI_ATTRIBUTE_objectClass = 0x00000000, + DRSUAPI_ATTRIBUTE_description = 0x0000000d, + DRSUAPI_ATTRIBUTE_member = 0x0000001f, + DRSUAPI_ATTRIBUTE_instanceType = 0x00020001, + DRSUAPI_ATTRIBUTE_whenCreated = 0x00020002, + DRSUAPI_ATTRIBUTE_hasMasterNCs = 0x0002000e, + DRSUAPI_ATTRIBUTE_governsID = 0x00020016, + DRSUAPI_ATTRIBUTE_attributeID = 0x0002001e, + DRSUAPI_ATTRIBUTE_attributeSyntax = 0x00020020, + DRSUAPI_ATTRIBUTE_isSingleValued = 0x00020021, + DRSUAPI_ATTRIBUTE_rangeLower = 0x00020022, + DRSUAPI_ATTRIBUTE_rangeUpper = 0x00020023, + DRSUAPI_ATTRIBUTE_dMDLocation = 0x00020024, + DRSUAPI_ATTRIBUTE_objectVersion = 0x0002004c, + DRSUAPI_ATTRIBUTE_invocationId = 0x00020073, + DRSUAPI_ATTRIBUTE_showInAdvancedViewOnly = 0x000200a9, + DRSUAPI_ATTRIBUTE_adminDisplayName = 0x000200c2, + DRSUAPI_ATTRIBUTE_adminDescription = 0x000200e2, + DRSUAPI_ATTRIBUTE_oMSyntax = 0x000200e7, + DRSUAPI_ATTRIBUTE_ntSecurityDescriptor = 0x00020119, + DRSUAPI_ATTRIBUTE_searchFlags = 0x0002014e, + DRSUAPI_ATTRIBUTE_lDAPDisplayName = 0x000201cc, + DRSUAPI_ATTRIBUTE_name = 0x00090001, + DRSUAPI_ATTRIBUTE_currentValue = 0x0009001b, + DRSUAPI_ATTRIBUTE_objectSid = 0x00090092, + DRSUAPI_ATTRIBUTE_schemaIDGUID = 0x00090094, + DRSUAPI_ATTRIBUTE_dBCSPwd = 0x00090037,/* lmPwdHash */ + DRSUAPI_ATTRIBUTE_unicodePwd = 0x0009005a,/* ntPwdHash */ + DRSUAPI_ATTRIBUTE_ntPwdHistory = 0x0009005e, + DRSUAPI_ATTRIBUTE_priorValue = 0x00090064, + DRSUAPI_ATTRIBUTE_supplementalCredentials = 0x0009007d, + DRSUAPI_ATTRIBUTE_trustAuthIncoming = 0x00090081, + DRSUAPI_ATTRIBUTE_trustAuthOutgoing = 0x00090087, + DRSUAPI_ATTRIBUTE_lmPwdHistory = 0x000900a0, + DRSUAPI_ATTRIBUTE_sAMAccountName = 0x000900dd, + DRSUAPI_ATTRIBUTE_fSMORoleOwner = 0x00090171, + DRSUAPI_ATTRIBUTE_systemFlags = 0x00090177, + DRSUAPI_ATTRIBUTE_serverReference = 0x00090203, + DRSUAPI_ATTRIBUTE_serverReferenceBL = 0x00090204, + DRSUAPI_ATTRIBUTE_initialAuthIncoming = 0x0009021b, + DRSUAPI_ATTRIBUTE_initialAuthOutgoing = 0x0009021c, + DRSUAPI_ATTRIBUTE_wellKnownObjects = 0x0009026a, + DRSUAPI_ATTRIBUTE_isMemberOfPartialAttributeSet = 0x0009027f, + DRSUAPI_ATTRIBUTE_objectCategory = 0x0009030e, + DRSUAPI_ATTRIBUTE_gPLink = 0x0009037b, + DRSUAPI_ATTRIBUTE_msDS_Behavior_Version = 0x000905b3, + DRSUAPI_ATTRIBUTE_msDS_KeyVersionNumber = 0x000906f6, + DRSUAPI_ATTRIBUTE_msDS_HasDomainNCs = 0x0009071c, + DRSUAPI_ATTRIBUTE_msDS_hasMasterNCs = 0x0009072c + } drsuapi_DsAttributeId; + + typedef struct { + GUID destination_dsa_guid; + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + [ref] drsuapi_DsReplicaObjectIdentifier *naming_context; + drsuapi_DsReplicaHighWaterMark highwatermark; + drsuapi_DsReplicaCursorCtrEx *uptodateness_vector; + drsuapi_DsReplicaNeighbourFlags replica_flags; + uint32 max_object_count; /* w2k3 uses min(133,max(100,max_object_count)) */ + uint32 max_ndr_size; /* w2k3 seems to ignore this */ + uint32 unknown4; + hyper h1; + uint32 unique_ptr1; + uint32 unique_ptr2; + drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr; + } drsuapi_DsGetNCChangesRequest8; + + typedef [switch_type(int32)] union { + [case(5)] drsuapi_DsGetNCChangesRequest5 req5; + [case(8)] drsuapi_DsGetNCChangesRequest8 req8; + } drsuapi_DsGetNCChangesRequest; + + typedef [public] struct { + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + hyper highest_usn; /* updated after a full replication cycle */ + NTTIME last_sync_success; + } drsuapi_DsReplicaCursor2; + + typedef struct { + uint32 u1; + uint32 u2; + [range(0,0x100000)] uint32 count; + uint32 u3; + [size_is(count)] drsuapi_DsReplicaCursor2 cursors[]; + } drsuapi_DsReplicaCursor2CtrEx; + + /* Generic DATA_BLOB values */ + typedef struct { + [range(0,10485760),value(ndr_size_DATA_BLOB(0,blob,0))] uint32 __ndr_size; + DATA_BLOB *blob; + } drsuapi_DsAttributeValue; + + typedef struct { + [range(0,10485760)] uint32 num_values; + [size_is(num_values)] drsuapi_DsAttributeValue *values; + } drsuapi_DsAttributeValueCtr; + + /* DN String values */ + typedef [public,gensize] struct { + [value(ndr_size_drsuapi_DsReplicaObjectIdentifier3(r, ndr->flags))] uint32 __ndr_size; + [value(ndr_size_dom_sid28(&sid,ndr->flags))] uint32 __ndr_size_sid; + GUID guid; + dom_sid28 sid; + [value(strlen_m(dn))] uint32 __ndr_size_dn; + [charset(UTF16)] uint16 dn[__ndr_size_dn+1]; + } drsuapi_DsReplicaObjectIdentifier3; + + typedef [public,gensize] struct { + [value(ndr_size_drsuapi_DsReplicaObjectIdentifier3Binary(r, ndr->flags))] uint32 __ndr_size; + [value(ndr_size_dom_sid28(&sid,ndr->flags))] uint32 __ndr_size_sid; + GUID guid; + dom_sid28 sid; + [value(strlen_m(dn))] uint32 __ndr_size_dn; + [charset(UTF16)] uint16 dn[__ndr_size_dn+1]; + [value(binary.length + 4)] uint32 __ndr_size_binary; + [flag(NDR_REMAINING)] DATA_BLOB binary; + } drsuapi_DsReplicaObjectIdentifier3Binary; + + typedef [public] struct { + drsuapi_DsAttributeId attid; + drsuapi_DsAttributeValueCtr value_ctr; + } drsuapi_DsReplicaAttribute; + + typedef struct { + [range(0,1048576)] uint32 num_attributes; + [size_is(num_attributes)] drsuapi_DsReplicaAttribute *attributes; + } drsuapi_DsReplicaAttributeCtr; + + typedef [public] struct { + drsuapi_DsReplicaObjectIdentifier *identifier; + uint32 unknown1; + drsuapi_DsReplicaAttributeCtr attribute_ctr; + } drsuapi_DsReplicaObject; + + typedef struct { + uint32 version; + NTTIME_1sec originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + } drsuapi_DsReplicaMetaData; + + typedef [public] struct { + [range(0,1048576)] uint32 count; + [size_is(count)] drsuapi_DsReplicaMetaData meta_data[]; + } drsuapi_DsReplicaMetaDataCtr; + + typedef [public,noprint] struct { + drsuapi_DsReplicaObjectListItemEx *next_object; + drsuapi_DsReplicaObject object; + uint32 unknown1; + GUID *parent_object_guid; + drsuapi_DsReplicaMetaDataCtr *meta_data_ctr; + } drsuapi_DsReplicaObjectListItemEx; + + typedef [public,gensize] struct { + GUID source_dsa_guid; /* the 'objectGUID' field of the CN=NTDS Settings object */ + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + drsuapi_DsReplicaObjectIdentifier *naming_context; + drsuapi_DsReplicaHighWaterMark old_highwatermark; + drsuapi_DsReplicaHighWaterMark new_highwatermark; + drsuapi_DsReplicaCursorCtrEx *uptodateness_vector; + drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr; + uint32 total_object_count; + uint32 object_count; + /* this +55 is sometimes +56, so I don't know where this comes from... --metze */ + [value(ndr_size_drsuapi_DsGetNCChangesCtr1(r,ndr->flags)+55)] uint32 __ndr_size; + drsuapi_DsReplicaObjectListItemEx *first_object; + uint32 unknown4; + } drsuapi_DsGetNCChangesCtr1; + + /* + * if the DRSUAPI_DS_LINKED_ATTRIBUTE_FLAG_ACTIVE flag + * isn't there it means the value is deleted + */ + typedef [public] bitmap { + DRSUAPI_DS_LINKED_ATTRIBUTE_FLAG_ACTIVE = 0x00000001 + } drsuapi_DsLinkedAttributeFlags; + + typedef [public] struct { + drsuapi_DsReplicaObjectIdentifier *identifier; + drsuapi_DsAttributeId attid; + drsuapi_DsAttributeValue value; + drsuapi_DsLinkedAttributeFlags flags; + NTTIME_1sec originating_add_time; + drsuapi_DsReplicaMetaData meta_data; + } drsuapi_DsReplicaLinkedAttribute; + + typedef [public,gensize] struct { + GUID source_dsa_guid; /* the 'objectGUID' field of the CN=NTDS Settings object */ + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + drsuapi_DsReplicaObjectIdentifier *naming_context; + drsuapi_DsReplicaHighWaterMark old_highwatermark; + drsuapi_DsReplicaHighWaterMark new_highwatermark; + drsuapi_DsReplicaCursor2CtrEx *uptodateness_vector; + drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr; + uint32 total_object_count; + uint32 object_count; + /* this +55 is sometimes +56, so I don't know where this comes from... --metze */ + [value(ndr_size_drsuapi_DsGetNCChangesCtr6(r,ndr->flags)+55)] uint32 __ndr_size; + drsuapi_DsReplicaObjectListItemEx *first_object; + uint32 unknown4; + uint32 unknown5; + uint32 unknown6; + [range(0,1048576)] uint32 linked_attributes_count; + [size_is(linked_attributes_count)] drsuapi_DsReplicaLinkedAttribute *linked_attributes; + uint32 unknown7; + } drsuapi_DsGetNCChangesCtr6; + + typedef struct { + uint32 decompressed_length; + uint32 compressed_length; + [subcontext(4),subcontext_size(compressed_length), + compression(NDR_COMPRESSION_MSZIP,compressed_length,decompressed_length)] + drsuapi_DsGetNCChangesCtr1 *ctr1; + } drsuapi_DsGetNCChangesMSZIPCtr1; + + typedef struct { + uint32 decompressed_length; + uint32 compressed_length; + [subcontext(4),subcontext_size(compressed_length), + compression(NDR_COMPRESSION_MSZIP,compressed_length,decompressed_length)] + drsuapi_DsGetNCChangesCtr6 *ctr6; + } drsuapi_DsGetNCChangesMSZIPCtr6; + + typedef struct { + uint32 decompressed_length; + uint32 compressed_length; + [subcontext(4),subcontext_size(compressed_length), + compression(NDR_COMPRESSION_XPRESS,compressed_length,decompressed_length), + flag(NDR_REMAINING)] DATA_BLOB *decompressed; + } drsuapi_DsGetNCChangesXPRESSCtr1; + + typedef struct { + uint32 decompressed_length; + uint32 compressed_length; + [subcontext(4),subcontext_size(compressed_length), + compression(NDR_COMPRESSION_XPRESS,compressed_length,decompressed_length), + flag(NDR_REMAINING)] DATA_BLOB *decompressed; + } drsuapi_DsGetNCChangesXPRESSCtr6; + + typedef [enum16bit] enum { + DRSUAPI_COMPRESSION_TYPE_MSZIP = 2, + DRSUAPI_COMPRESSION_TYPE_XPRESS = 3 + } drsuapi_DsGetNCChangesCompressionType; + + typedef [nodiscriminant,flag(NDR_PAHEX)] union { + [case(1|(DRSUAPI_COMPRESSION_TYPE_MSZIP<<16))] drsuapi_DsGetNCChangesMSZIPCtr1 mszip1; + [case(6|(DRSUAPI_COMPRESSION_TYPE_MSZIP<<16))] drsuapi_DsGetNCChangesMSZIPCtr6 mszip6; + [case(1|(DRSUAPI_COMPRESSION_TYPE_XPRESS<<16))] drsuapi_DsGetNCChangesXPRESSCtr1 xpress1; + [case(6|(DRSUAPI_COMPRESSION_TYPE_XPRESS<<16))] drsuapi_DsGetNCChangesXPRESSCtr6 xpress6; + } drsuapi_DsGetNCChangesCompressedCtr; + + typedef struct { + /* + * this is a bit ugly, as the compression depends on the flags + * in the DsBind(), but only w2k uses DsGetNCChangesReq5 + * and will get DsGetNCChangesCtr2 replies, and w2k only knowns + * about MSZIP and level 1 replies + */ + [switch_is(1|(DRSUAPI_COMPRESSION_TYPE_MSZIP<<16))] drsuapi_DsGetNCChangesCompressedCtr ctr; + } drsuapi_DsGetNCChangesCtr2; + + typedef struct { + [range(0,6)] int32 level; + [range(2,3)] drsuapi_DsGetNCChangesCompressionType type; + [switch_is(level | (type<<16))] drsuapi_DsGetNCChangesCompressedCtr ctr; + } drsuapi_DsGetNCChangesCtr7; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetNCChangesCtr1 ctr1; + [case(2)] drsuapi_DsGetNCChangesCtr2 ctr2; + [case(6)] drsuapi_DsGetNCChangesCtr6 ctr6; + [case(7)] drsuapi_DsGetNCChangesCtr7 ctr7; + } drsuapi_DsGetNCChangesCtr; + + WERROR drsuapi_DsGetNCChanges( + [in] policy_handle *bind_handle, + [in,out,ref] int32 *level, + [in,ref,switch_is(*level)] drsuapi_DsGetNCChangesRequest *req, + [out,ref,switch_is(*level)] drsuapi_DsGetNCChangesCtr *ctr + ); + + /*****************/ + /* Function 0x04 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_UPDATE_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_UPDATE_WRITEABLE = 0x00000002, + DRSUAPI_DS_REPLICA_UPDATE_ADD_REFERENCE = 0x00000004, + DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE = 0x00000008, + DRSUAPI_DS_REPLICA_UPDATE_0x00000010 = 0x00000010 + } drsuapi_DsReplicaUpdateRefsOptions; + + typedef struct { + [ref] drsuapi_DsReplicaObjectIdentifier *naming_context; + [ref,charset(DOS),string] uint8 *dest_dsa_dns_name; + GUID dest_dsa_guid; + drsuapi_DsReplicaUpdateRefsOptions options; + } drsuapi_DsReplicaUpdateRefsRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsReplicaUpdateRefsRequest1 req1; + } drsuapi_DsReplicaUpdateRefsRequest; + + WERROR drsuapi_DsReplicaUpdateRefs( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,switch_is(level)] drsuapi_DsReplicaUpdateRefsRequest req + ); + + /*****************/ + /* Function 0x05 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_ADD_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_ADD_WRITEABLE = 0x00000002 + /* TODO ... */ + } drsuapi_DsReplicaAddOptions; + + WERROR DRSUAPI_REPLICA_ADD(); + + /*****************/ + /* Function 0x06 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_DELETE_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_DELETE_WRITEABLE = 0x00000002 + /* TODO ... */ + } drsuapi_DsReplicaDeleteOptions; + + WERROR DRSUAPI_REPLICA_DEL(); + + /*****************/ + /* Function 0x07 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_MODIFY_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_MODIFY_WRITEABLE = 0x00000002 + } drsuapi_DsReplicaModifyOptions; + + WERROR DRSUAPI_REPLICA_MODIFY(); + + /*****************/ + /* Function 0x08 */ + WERROR DRSUAPI_VERIFY_NAMES(); + + /*****************/ + /* Function 0x09 */ + + /* how are type 4 and 7 different from 2 and 3 ? */ + typedef [v1_enum] enum { + DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_AND_DOMAIN_GROUPS = 1, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS = 2, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS = 3, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS2 = 4, + DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_GROUPS = 5, + DRSUAPI_DS_MEMBERSHIP_TYPE_GROUPMEMBERS = 6, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS2 = 7 + } drsuapi_DsMembershipType; + + typedef struct { + NTSTATUS status; + [range(0,10000)] uint32 num_memberships; + [range(0,10000)] uint32 num_sids; + [size_is(num_memberships)] drsuapi_DsReplicaObjectIdentifier **info_array; + [size_is(num_memberships)] samr_GroupAttrs *group_attrs; + [size_is(num_sids)] dom_sid28 **sids; + } drsuapi_DsGetMembershipsCtr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1; + } drsuapi_DsGetMembershipsCtr; + + const int DRSUAPI_DS_MEMBERSHIP_FLAG_GROUP_ATTR = 0x1; + + typedef struct { + [range(1,10000)] uint32 count; + [size_is(count)] drsuapi_DsReplicaObjectIdentifier **info_array; + uint32 flags; + drsuapi_DsMembershipType type; + drsuapi_DsReplicaObjectIdentifier *domain; + } drsuapi_DsGetMembershipsRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsRequest1 req1; + } drsuapi_DsGetMembershipsRequest; + + WERROR drsuapi_DsGetMemberships( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,ref] [switch_is(level)] drsuapi_DsGetMembershipsRequest *req, + [out,ref] int32 *level_out, + [out,ref] [switch_is(*level_out)] drsuapi_DsGetMembershipsCtr *ctr + ); + + /*****************/ + /* Function 0x0a */ + WERROR DRSUAPI_INTER_DOMAIN_MOVE(); + + /*****************/ + /* Function 0x0b */ + typedef struct { + uint32 unknown1; + uint32 unknown2; + [range(0,0x00A00000)] uint32 length; + [size_is(length)] uint8 *data; + } drsuapi_DsGetNT4ChangeLogRequest1; + + typedef [switch_type(uint32)] union { + [case(1)] drsuapi_DsGetNT4ChangeLogRequest1 req1; + } drsuapi_DsGetNT4ChangeLogRequest; + + typedef struct { + [range(0,0x00A00000)] uint32 length1; + [range(0,0x00A00000)] uint32 length2; + hyper unknown1; + NTTIME time2; + hyper unknown3; + NTTIME time4; + hyper unknown5; + NTTIME time6; + NTSTATUS status; + [size_is(length1)] uint8 *data1; + [size_is(length2)] uint8 *data2; + } drsuapi_DsGetNT4ChangeLogInfo1; + + typedef [switch_type(uint32)] union { + [case(1)] drsuapi_DsGetNT4ChangeLogInfo1 info1; + } drsuapi_DsGetNT4ChangeLogInfo; + + WERROR drsuapi_DsGetNT4ChangeLog( + [in] policy_handle *bind_handle, + [in] uint32 level, + [in,ref] [switch_is(level)] drsuapi_DsGetNT4ChangeLogRequest *req, + [out,ref] uint32 *level_out, + [out,ref] [switch_is(*level_out)] drsuapi_DsGetNT4ChangeLogInfo *info + ); + + /*****************/ + /* Function 0x0c */ + typedef [v1_enum] enum { + DRSUAPI_DS_NAME_STATUS_OK = 0, + DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR = 1, + DRSUAPI_DS_NAME_STATUS_NOT_FOUND = 2, + DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE = 3, + DRSUAPI_DS_NAME_STATUS_NO_MAPPING = 4, + DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY = 5, + DRSUAPI_DS_NAME_STATUS_NO_SYNTACTICAL_MAPPING = 6, + DRSUAPI_DS_NAME_STATUS_TRUST_REFERRAL = 7 + } drsuapi_DsNameStatus; + + typedef [v1_enum] enum { + DRSUAPI_DS_NAME_FLAG_NO_FLAGS = 0x0, + DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY = 0x1, + DRSUAPI_DS_NAME_FLAG_EVAL_AT_DC = 0x2, + DRSUAPI_DS_NAME_FLAG_GCVERIFY = 0x4, + DRSUAPI_DS_NAME_FLAG_TRUST_REFERRAL = 0x8 + } drsuapi_DsNameFlags; + + typedef [v1_enum] enum { + DRSUAPI_DS_NAME_FORMAT_UKNOWN = 0, + DRSUAPI_DS_NAME_FORMAT_FQDN_1779 = 1, + DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT = 2, + DRSUAPI_DS_NAME_FORMAT_DISPLAY = 3, + DRSUAPI_DS_NAME_FORMAT_GUID = 6, + DRSUAPI_DS_NAME_FORMAT_CANONICAL = 7, + DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL = 8, + DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX = 9, + DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL = 10, + DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY = 11, + DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN = 12 + } drsuapi_DsNameFormat; + + typedef struct { + [string,charset(UTF16)] uint16 *str; + } drsuapi_DsNameString; + + typedef struct { + uint32 codepage; /* 0x000004e4 - 1252 is german codepage*/ + uint32 language; /* 0x00000407 - german language ID*/ + drsuapi_DsNameFlags format_flags; + drsuapi_DsNameFormat format_offered; + drsuapi_DsNameFormat format_desired; + [range(1,10000)] uint32 count; + [size_is(count)] drsuapi_DsNameString *names; + } drsuapi_DsNameRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsNameRequest1 req1; + } drsuapi_DsNameRequest; + + typedef struct { + drsuapi_DsNameStatus status; + [charset(UTF16),string] uint16 *dns_domain_name; + [charset(UTF16),string] uint16 *result_name; + } drsuapi_DsNameInfo1; + + typedef struct { + uint32 count; + [size_is(count)] drsuapi_DsNameInfo1 *array; + } drsuapi_DsNameCtr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsNameCtr1 *ctr1; + } drsuapi_DsNameCtr; + + WERROR drsuapi_DsCrackNames( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,ref,switch_is(level)] drsuapi_DsNameRequest *req, + [out,ref] int32 *level_out, + [out,ref,switch_is(*level_out)] drsuapi_DsNameCtr *ctr + ); + + /*****************/ + /* Function 0x0d */ + typedef [v1_enum] enum { + DRSUAPI_DS_SPN_OPERATION_ADD = 0, + DRSUAPI_DS_SPN_OPERATION_REPLACE= 1, + DRSUAPI_DS_SPN_OPERATION_DELETE = 2 + } drsuapi_DsSpnOperation; + + typedef struct { + drsuapi_DsSpnOperation operation; + uint32 unknown1; + [charset(UTF16),string] uint16 *object_dn; + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsNameString *spn_names; + } drsuapi_DsWriteAccountSpnRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsWriteAccountSpnRequest1 req1; + } drsuapi_DsWriteAccountSpnRequest; + + typedef struct { + WERROR status; + } drsuapi_DsWriteAccountSpnResult1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsWriteAccountSpnResult1 res1; + } drsuapi_DsWriteAccountSpnResult; + + WERROR drsuapi_DsWriteAccountSpn( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,ref,switch_is(level)] drsuapi_DsWriteAccountSpnRequest *req, + [out,ref] int32 *level_out, + [out,ref,switch_is(*level_out)] drsuapi_DsWriteAccountSpnResult *res + ); + + /*****************/ + /* Function 0x0e */ + typedef struct { + [charset(UTF16),string] uint16 *server_dn; + [charset(UTF16),string] uint16 *domain_dn; + uint32 unknown; /* 0x000000001 */ + } drsuapi_DsRemoveDSServerRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsRemoveDSServerRequest1 req1; + } drsuapi_DsRemoveDSServerRequest; + + typedef struct { + WERROR status; + } drsuapi_DsRemoveDSServerResult1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsRemoveDSServerResult1 res1; + } drsuapi_DsRemoveDSServerResult; + + WERROR drsuapi_DsRemoveDSServer( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,ref,switch_is(level)] drsuapi_DsRemoveDSServerRequest *req, + [out,ref] int32 *level_out, + [out,ref,switch_is(*level_out)] drsuapi_DsRemoveDSServerResult *res + ); + + /*****************/ + /* Function 0x0f */ + WERROR DRSUAPI_REMOVE_DS_DOMAIN(); + + /*****************/ + /* Function 0x10 */ + typedef struct { + [charset(UTF16),string] uint16 *domain_name; /* netbios or dns */ + int32 level; /* specifies the switch level for the request */ + } drsuapi_DsGetDCInfoRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetDCInfoRequest1 req1; + } drsuapi_DsGetDCInfoRequest; + + typedef struct { + [charset(UTF16),string] uint16 *netbios_name; + [charset(UTF16),string] uint16 *dns_name; + [charset(UTF16),string] uint16 *site_name; + [charset(UTF16),string] uint16 *computer_dn; + [charset(UTF16),string] uint16 *server_dn; + uint32 is_pdc; + uint32 is_enabled; + } drsuapi_DsGetDCInfo1; + + typedef struct { + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsGetDCInfo1 *array; + } drsuapi_DsGetDCInfoCtr1; + + typedef struct { + [charset(UTF16),string] uint16 *netbios_name; + [charset(UTF16),string] uint16 *dns_name; + [charset(UTF16),string] uint16 *site_name; + [charset(UTF16),string] uint16 *site_dn; + [charset(UTF16),string] uint16 *computer_dn; + [charset(UTF16),string] uint16 *server_dn; + [charset(UTF16),string] uint16 *ntds_dn; + uint32 is_pdc; + uint32 is_enabled; + uint32 is_gc; + GUID site_guid; + GUID computer_guid; + GUID server_guid; + GUID ntds_guid; + } drsuapi_DsGetDCInfo2; + + typedef struct { + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsGetDCInfo2 *array; + } drsuapi_DsGetDCInfoCtr2; + + /* + * this represents an active connection to the + * Directory System Agent (DSA) + * this can be via LDAP or DRSUAPI + */ + typedef struct { + [flag(NDR_BIG_ENDIAN)] ipv4address client_ip_address; + uint32 unknown2; + uint32 connection_time; /* in seconds */ + uint32 unknown4; + uint32 unknown5; + uint32 unknown6; + /* + * client_account can be the following: + * "W2K3\Administrator" + * "Administrator@W2K3" + * "cn=Administrator,cn=Users,DC=w2k3,DC=vmnet1,DC=vm,DC=base" + * "" + * or NULL + */ + [charset(UTF16),string] uint16 *client_account; + } drsuapi_DsGetDCConnection01; + + typedef struct { + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsGetDCConnection01 *array; + } drsuapi_DsGetDCConnectionCtr01; + + typedef [v1_enum] enum { + DRSUAPI_DC_INFO_CTR_1 = 1, + DRSUAPI_DC_INFO_CTR_2 = 2, + DRSUAPI_DC_CONNECTION_CTR_01 = -1 + } drsuapi_DsGetDCInfoCtrLevels; + + typedef [switch_type(int32)] union { + [case(DRSUAPI_DC_INFO_CTR_1)] drsuapi_DsGetDCInfoCtr1 ctr1; + [case(DRSUAPI_DC_INFO_CTR_2)] drsuapi_DsGetDCInfoCtr2 ctr2; + [case(DRSUAPI_DC_CONNECTION_CTR_01)] drsuapi_DsGetDCConnectionCtr01 ctr01; + } drsuapi_DsGetDCInfoCtr; + + WERROR drsuapi_DsGetDomainControllerInfo( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,ref,switch_is(level)] drsuapi_DsGetDCInfoRequest *req, + [out,ref] int32 *level_out, + [out,ref,switch_is(*level_out)] drsuapi_DsGetDCInfoCtr *ctr + ); + + /*****************/ + /* Function 0x11 */ + typedef [public,noprint] struct { + drsuapi_DsReplicaObjectListItem *next_object; + drsuapi_DsReplicaObject object; + } drsuapi_DsReplicaObjectListItem; + + /* + * The DsAddEntry() call which creates a nTDSDSA object, + * also adds a servicePrincipalName in the following form + * to the computer account of the new domain controller + * referenced by the "serverReferenece" attribute. + * + * E3514235-4B06-11D1-AB04-00C04FC2DCD2/<new-ntdsdsa-object-guid-as-string>/<domain-dns-name> + * + * also note that the "serverReference" isn't added to the new object! + */ + const char *DRSUAPI_NTDSDSA_KRB5_SERVICE_GUID = "E3514235-4B06-11D1-AB04-00C04FC2DCD2"; + + /* + * please note the the current idl + * for DsAddEntry does only parse + * what I saw between 2 w2k3 boxes + * in my dssync experiments I got some other replies + * so all I want to say is that this is very incomplete yet... + * --metze + */ + typedef struct { + drsuapi_DsReplicaObjectListItem first_object; + } drsuapi_DsAddEntryRequest2; + + typedef [switch_type(int32)] union { + [case(2)] drsuapi_DsAddEntryRequest2 req2; + } drsuapi_DsAddEntryRequest; + + typedef struct { + uint32 unknown1; + WERROR status; + uint32 unknown2; + uint16 unknown3; + } drsuapi_DsAddEntryErrorInfoX; + + typedef struct { + [range(0,10485760)] uint32 size; + [size_is(size)] uint8 *data; + } drsuapi_DsAddEntryExtraErrorBuffer; + + typedef struct { + drsuapi_DsAddEntryErrorInfoX error; + drsuapi_DsAttributeId attid; + uint32 unknown2; + drsuapi_DsAddEntryExtraErrorBuffer buffer; + } drsuapi_DsAddEntryExtraError1; + + typedef /*[noprint]*/ struct { + drsuapi_DsAddEntryErrorListItem1 *next; + drsuapi_DsAddEntryExtraError1 error; + } drsuapi_DsAddEntryErrorListItem1; + + typedef struct { + drsuapi_DsReplicaObjectIdentifier *id; + WERROR status; + drsuapi_DsAddEntryErrorListItem1 first; + } drsuapi_DsAddEntryErrorInfo1; + + typedef [switch_type(uint32)] union { + [case(1)] drsuapi_DsAddEntryErrorInfo1 error1; +/* [case(2)] drsuapi_DsAddEntryErrorInfo2 error2; + [case(3)] drsuapi_DsAddEntryErrorInfo3 error3; +*/ [case(4)] drsuapi_DsAddEntryErrorInfoX errorX; + [case(5)] drsuapi_DsAddEntryErrorInfoX errorX; + [case(6)] drsuapi_DsAddEntryErrorInfoX errorX; + [case(7)] drsuapi_DsAddEntryErrorInfoX errorX; + } drsuapi_DsAddEntryErrorInfo; + + typedef struct { + WERROR status; + uint32 level; + [switch_is(level)] drsuapi_DsAddEntryErrorInfo *info; + } drsuapi_DsAddEntryError1; + + typedef [switch_type(uint32)] union { + [case(1)] drsuapi_DsAddEntryError1 info1; + } drsuapi_DsAddEntryError; + + typedef struct { + GUID guid; + dom_sid28 sid; + } drsuapi_DsReplicaObjectIdentifier2; + + typedef struct { + drsuapi_DsReplicaObjectIdentifier *id; + uint32 unknown1; + drsuapi_DsAddEntryErrorInfoX error; + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsReplicaObjectIdentifier2 *objects; + } drsuapi_DsAddEntryCtr2; + + typedef struct { + drsuapi_DsReplicaObjectIdentifier *id; + uint32 level; + [switch_is(level)] drsuapi_DsAddEntryError *error; + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsReplicaObjectIdentifier2 *objects; + } drsuapi_DsAddEntryCtr3; + + typedef [switch_type(int32)] union { + [case(2)] drsuapi_DsAddEntryCtr2 ctr2; + [case(3)] drsuapi_DsAddEntryCtr3 ctr3; + } drsuapi_DsAddEntryCtr; + + [public] WERROR drsuapi_DsAddEntry( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,ref,switch_is(level)] drsuapi_DsAddEntryRequest *req, + [out,ref] int32 *level_out, + [out,ref,switch_is(*level_out)] drsuapi_DsAddEntryCtr *ctr + ); + + /*****************/ + /* Function 0x12 */ + WERROR DRSUAPI_EXECUTE_KCC(); + + /*****************/ + /* Function 0x13 */ + typedef [v1_enum] enum { + DRSUAPI_DS_REPLICA_GET_INFO = 1, + DRSUAPI_DS_REPLICA_GET_INFO2 = 2 + } drsuapi_DsReplicaGetInfoLevel; + + typedef [v1_enum] enum { + DRSUAPI_DS_REPLICA_INFO_NEIGHBORS = 0, + DRSUAPI_DS_REPLICA_INFO_CURSORS = 1, + DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA = 2, + DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES = 3, + DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES = 4, + DRSUAPI_DS_REPLICA_INFO_PENDING_OPS = 5, + DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA = 6, + DRSUAPI_DS_REPLICA_INFO_CURSORS2 = 7, + DRSUAPI_DS_REPLICA_INFO_CURSORS3 = 8, + DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2 = 9, + DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2 = 10, + DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02 = -2, + DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04 = -4, + DRSUAPI_DS_REPLICA_INFO_CURSORS05 = -5, + DRSUAPI_DS_REPLICA_INFO_06 = -6 + } drsuapi_DsReplicaInfoType; + + typedef struct { + drsuapi_DsReplicaInfoType info_type; + [charset(UTF16),string] uint16 *object_dn; + GUID guid1; + } drsuapi_DsReplicaGetInfoRequest1; + + typedef struct { + drsuapi_DsReplicaInfoType info_type; + [charset(UTF16),string] uint16 *object_dn; + GUID guid1; + uint32 unknown1; + [charset(UTF16),string] uint16 *string1; + [charset(UTF16),string] uint16 *string2; + uint32 unknown2; + } drsuapi_DsReplicaGetInfoRequest2; + + typedef [switch_type(drsuapi_DsReplicaGetInfoLevel)] union { + [case(DRSUAPI_DS_REPLICA_GET_INFO)] drsuapi_DsReplicaGetInfoRequest1 req1; + [case(DRSUAPI_DS_REPLICA_GET_INFO2)] drsuapi_DsReplicaGetInfoRequest2 req2; + } drsuapi_DsReplicaGetInfoRequest; + + typedef struct { + [charset(UTF16),string] uint16 *naming_context_dn; + [charset(UTF16),string] uint16 *source_dsa_obj_dn; + [charset(UTF16),string] uint16 *source_dsa_address; + [charset(UTF16),string] uint16 *transport_obj_dn; + drsuapi_DsReplicaNeighbourFlags replica_flags; + uint32 reserved; + GUID naming_context_obj_guid; + GUID source_dsa_obj_guid; + GUID source_dsa_invocation_id; + GUID transport_obj_guid; + hyper tmp_highest_usn; + hyper highest_usn; + NTTIME last_success; + NTTIME last_attempt; + WERROR result_last_attempt; + uint32 consecutive_sync_failures; + } drsuapi_DsReplicaNeighbour; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaNeighbour array[]; + } drsuapi_DsReplicaNeighbourCtr; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaCursor array[]; + } drsuapi_DsReplicaCursorCtr; + + typedef struct { + [charset(UTF16),string] uint16 *attribute_name; + uint32 version; + NTTIME originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + hyper local_usn; + } drsuapi_DsReplicaObjMetaData; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaObjMetaData array[]; + } drsuapi_DsReplicaObjMetaDataCtr; + + typedef struct { + [charset(UTF16),string] uint16 *dsa_obj_dn; + GUID dsa_obj_guid; + NTTIME first_failure; + uint32 num_failures; + WERROR last_result; + } drsuapi_DsReplicaKccDsaFailure; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaKccDsaFailure array[]; + } drsuapi_DsReplicaKccDsaFailuresCtr; + + typedef enum { + DRSUAPI_DS_REPLICA_OP_TYPE_SYNC = 0, + DRSUAPI_DS_REPLICA_OP_TYPE_ADD = 1, + DRSUAPI_DS_REPLICA_OP_TYPE_DELETE = 2, + DRSUAPI_DS_REPLICA_OP_TYPE_MODIFY = 3, + DRSUAPI_DS_REPLICA_OP_TYPE_UPDATE_REFS = 4 + } drsuapi_DsReplicaOpType; + + typedef [switch_type(drsuapi_DsReplicaOpType)] union { + [case(DRSUAPI_DS_REPLICA_OP_TYPE_SYNC)] drsuapi_DsReplicaSyncOptions sync; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_ADD)] drsuapi_DsReplicaAddOptions add; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_DELETE)] drsuapi_DsReplicaDeleteOptions op_delete; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_MODIFY)] drsuapi_DsReplicaModifyOptions modify; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_UPDATE_REFS)] drsuapi_DsReplicaUpdateRefsOptions update_refs; + [default] uint32 unknown; + } drsuapi_DsRplicaOpOptions; + + typedef struct { + NTTIME operation_start; + uint32 serial_num; /* unique till reboot */ + uint32 priority; + drsuapi_DsReplicaOpType operation_type; + [switch_is(operation_type)] drsuapi_DsRplicaOpOptions options; + [charset(UTF16),string] uint16 *nc_dn; + [charset(UTF16),string] uint16 *remote_dsa_obj_dn; + [charset(UTF16),string] uint16 *remote_dsa_address; + GUID nc_obj_guid; + GUID remote_dsa_obj_guid; + } drsuapi_DsReplicaOp; + + typedef struct { + NTTIME time; + uint32 count; + [size_is(count)] drsuapi_DsReplicaOp array[]; + } drsuapi_DsReplicaOpCtr; + + typedef struct { + [charset(UTF16),string] uint16 *attribute_name; + [charset(UTF16),string] uint16 *object_dn; + [value(ndr_size_DATA_BLOB(0,binary,0))] uint32 __ndr_size_binary; + DATA_BLOB *binary; + NTTIME deleted; + NTTIME created; + uint32 version; + NTTIME originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + hyper local_usn; + } drsuapi_DsReplicaAttrValMetaData; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaAttrValMetaData array[]; + } drsuapi_DsReplicaAttrValMetaDataCtr; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaCursor2 array[]; + } drsuapi_DsReplicaCursor2Ctr; + + typedef struct { + GUID source_dsa_invocation_id; + hyper highest_usn; + NTTIME last_sync_success; + [charset(UTF16),string] uint16 *source_dsa_obj_dn; + } drsuapi_DsReplicaCursor3; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaCursor3 array[]; + } drsuapi_DsReplicaCursor3Ctr; + + typedef struct { + [charset(UTF16),string] uint16 *attribute_name; + uint32 version; + NTTIME originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + hyper local_usn; + [charset(UTF16),string] uint16 *originating_dsa_dn; + } drsuapi_DsReplicaObjMetaData2; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaObjMetaData2 array[]; + } drsuapi_DsReplicaObjMetaData2Ctr; + + typedef struct { + [charset(UTF16),string] uint16 *attribute_name; + [charset(UTF16),string] uint16 *object_dn; + [value(ndr_size_DATA_BLOB(0,binary,0))] uint32 __ndr_size_binary; + DATA_BLOB *binary; + NTTIME deleted; + NTTIME created; + uint32 version; + NTTIME originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + hyper local_usn; + [charset(UTF16),string] uint16 *originating_dsa_dn; + } drsuapi_DsReplicaAttrValMetaData2; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaAttrValMetaData2 array[]; + } drsuapi_DsReplicaAttrValMetaData2Ctr; + + typedef struct { + hyper u1; /* session number? */ + uint32 u2; + uint32 u3; + GUID bind_guid; + NTTIME_1sec bind_time; + [flag(NDR_BIG_ENDIAN)] ipv4address client_ip_address; + uint32 u5; /* this is the same value the client used as u1 in the DsBindInfoX struct */ + } drsuapi_DsReplicaConnection04; + + typedef struct { + [range(0,10000)] uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaConnection04 array[]; + } drsuapi_DsReplicaConnection04Ctr; + + typedef struct { + [charset(UTF16),string] uint16 *str1; + uint32 u1; + uint32 u2; + uint32 u3; + uint32 u4; + uint32 u5; + hyper u6; + uint32 u7; + } drsuapi_DsReplica06; + + typedef struct { + [range(0,256)] uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplica06 array[]; + } drsuapi_DsReplica06Ctr; + + typedef [switch_type(drsuapi_DsReplicaInfoType)] union { + [case(DRSUAPI_DS_REPLICA_INFO_NEIGHBORS)] drsuapi_DsReplicaNeighbourCtr *neighbours; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS)] drsuapi_DsReplicaCursorCtr *cursors; + [case(DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA)] drsuapi_DsReplicaObjMetaDataCtr *objmetadata; + [case(DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES)] drsuapi_DsReplicaKccDsaFailuresCtr *connectfailures; + [case(DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES)] drsuapi_DsReplicaKccDsaFailuresCtr *linkfailures; + [case(DRSUAPI_DS_REPLICA_INFO_PENDING_OPS)] drsuapi_DsReplicaOpCtr *pendingops; + [case(DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA)] drsuapi_DsReplicaAttrValMetaDataCtr *attrvalmetadata; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS2)] drsuapi_DsReplicaCursor2Ctr *cursors2; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS3)] drsuapi_DsReplicaCursor3Ctr *cursors3; + [case(DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2)] drsuapi_DsReplicaObjMetaData2Ctr *objmetadata2; + [case(DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2)] drsuapi_DsReplicaAttrValMetaData2Ctr *attrvalmetadata2; + [case(DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02)] drsuapi_DsReplicaNeighbourCtr *neighbours02; + [case(DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04)] drsuapi_DsReplicaConnection04Ctr *connections04; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS05)] drsuapi_DsReplicaCursorCtrEx *cursors05; + [case(DRSUAPI_DS_REPLICA_INFO_06)] drsuapi_DsReplica06Ctr *i06; + } drsuapi_DsReplicaInfo; + + WERROR drsuapi_DsReplicaGetInfo( + [in] policy_handle *bind_handle, + [in] drsuapi_DsReplicaGetInfoLevel level, + [in,ref,switch_is(level)] drsuapi_DsReplicaGetInfoRequest *req, + [out,ref] drsuapi_DsReplicaInfoType *info_type, + [out,ref,switch_is(*info_type)] drsuapi_DsReplicaInfo *info + ); + + /*****************/ + /* Function 0x14 */ + WERROR DRSUAPI_ADD_SID_HISTORY(); + + /*****************/ + /* Function 0x15 */ + + typedef struct { + [range(0,10000)] uint32 num_entries; + [size_is(num_entries)] drsuapi_DsGetMembershipsCtr1 **ctrl_array; + } drsuapi_DsGetMemberships2Ctr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1; + } drsuapi_DsGetMemberships2Ctr; + + typedef struct { + [range(1,10000)] uint32 num_req; + [size_is(num_req)] drsuapi_DsGetMembershipsRequest1 **req_array; + } drsuapi_DsGetMemberships2Request1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMemberships2Request1 req1; + } drsuapi_DsGetMemberships2Request; + + WERROR drsuapi_DsGetMemberships2( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,ref] [switch_is(level)] drsuapi_DsGetMemberships2Request *req, + [out,ref] int32 *level_out, + [out,ref] [switch_is(*level_out)] drsuapi_DsGetMemberships2Ctr *ctr + ); + + + /*****************/ + /* Function 0x16 */ + WERROR DRSUAPI_REPLICA_VERIFY_OBJECTS(); + + /*****************/ + /* Function 0x17 */ + WERROR DRSUAPI_GET_OBJECT_EXISTENCE(); + + /*****************/ + /* Function 0x18 */ + typedef struct { + WERROR error_code; + uint32 site_cost; + } drsuapi_DsSiteCostInfo; + + typedef struct { + [range(0,10000)] uint32 num_info; + [size_is(num_info)] drsuapi_DsSiteCostInfo *info; + uint32 unknown; + } drsuapi_QuerySitesByCostCtr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_QuerySitesByCostCtr1 ctr1; + } drsuapi_QuerySitesByCostCtr; + + typedef struct { + [charset(UTF16),string] uint16 *site_from; + [range(1,10000)] uint32 num_req; + [size_is(num_req)] [charset(UTF16),string] uint16 **site_to; + uint32 flags; + } drsuapi_QuerySitesByCostRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_QuerySitesByCostRequest1 req1; + } drsuapi_QuerySitesByCostRequest; + + WERROR drsuapi_QuerySitesByCost( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,ref] [switch_is(level)] drsuapi_QuerySitesByCostRequest *req, + [out,ref] int32 *level_out, + [out,ref] [switch_is(*level_out)] drsuapi_QuerySitesByCostCtr *ctr + ); +} diff --git a/source3/librpc/idl/nbt.idl b/source3/librpc/idl/nbt.idl new file mode 100644 index 0000000000..4dc7972e45 --- /dev/null +++ b/source3/librpc/idl/nbt.idl @@ -0,0 +1,699 @@ +#include "idl_types.h" + +/* + IDL structures for NBT operations + + NBT is not traditionally encoded using IDL/NDR. This is a bit of an + experiment, and I may well switch us back to a more traditional + encoding if it doesn't work out +*/ + +import "misc.idl", "security.idl", "svcctl.idl"; +[ +helper("libcli/nbt/libnbt.h") +] +interface nbt +{ + const int NBT_NAME_SERVICE_PORT = 137; + const int NBT_DGRAM_SERVICE_PORT = 138; + + typedef [bitmap16bit] bitmap { + NBT_RCODE = 0x000F, + NBT_FLAG_BROADCAST = 0x0010, + NBT_FLAG_RECURSION_AVAIL = 0x0080, + NBT_FLAG_RECURSION_DESIRED = 0x0100, + NBT_FLAG_TRUNCATION = 0x0200, + NBT_FLAG_AUTHORITIVE = 0x0400, + NBT_OPCODE = 0x7800, + NBT_FLAG_REPLY = 0x8000 + } nbt_operation; + + /* the opcodes are in the operation field, masked with + NBT_OPCODE */ + typedef enum { + NBT_OPCODE_QUERY = (0x0<<11), + NBT_OPCODE_REGISTER = (0x5<<11), + NBT_OPCODE_RELEASE = (0x6<<11), + NBT_OPCODE_WACK = (0x7<<11), + NBT_OPCODE_REFRESH = (0x8<<11), + NBT_OPCODE_REFRESH2 = (0x9<<11), + NBT_OPCODE_MULTI_HOME_REG = (0xf<<11) + } nbt_opcode; + + /* rcode values */ + typedef enum { + NBT_RCODE_OK = 0x0, + NBT_RCODE_FMT = 0x1, + NBT_RCODE_SVR = 0x2, + NBT_RCODE_NAM = 0x3, + NBT_RCODE_IMP = 0x4, + NBT_RCODE_RFS = 0x5, + NBT_RCODE_ACT = 0x6, + NBT_RCODE_CFT = 0x7 + } nbt_rcode; + + /* we support any 8bit name type, but by defining the common + ones here we get better debug displays */ + typedef [enum8bit] enum { + NBT_NAME_CLIENT = 0x00, + NBT_NAME_MS = 0x01, + NBT_NAME_USER = 0x03, + NBT_NAME_SERVER = 0x20, + NBT_NAME_PDC = 0x1B, + NBT_NAME_LOGON = 0x1C, + NBT_NAME_MASTER = 0x1D, + NBT_NAME_BROWSER = 0x1E + } nbt_name_type; + + /* the ndr parser for nbt_name is separately defined in + nbtname.c (along with the parsers for nbt_string) */ + typedef [public,nopull,nopush] struct { + string name; + string scope; + nbt_name_type type; + } nbt_name; + + typedef [enum16bit] enum { + NBT_QCLASS_IP = 0x01 + } nbt_qclass; + + typedef [enum16bit] enum { + NBT_QTYPE_ADDRESS = 0x0001, + NBT_QTYPE_NAMESERVICE = 0x0002, + NBT_QTYPE_NULL = 0x000A, + NBT_QTYPE_NETBIOS = 0x0020, + NBT_QTYPE_STATUS = 0x0021 + } nbt_qtype; + + typedef struct { + nbt_name name; + nbt_qtype question_type; + nbt_qclass question_class; + } nbt_name_question; + + /* these are the possible values of the NBT_NM_OWNER_TYPE + field */ + typedef enum { + NBT_NODE_B = 0x0000, + NBT_NODE_P = 0x2000, + NBT_NODE_M = 0x4000, + NBT_NODE_H = 0x6000 + } nbt_node_type; + + typedef [bitmap16bit] bitmap { + NBT_NM_PERMANENT = 0x0200, + NBT_NM_ACTIVE = 0x0400, + NBT_NM_CONFLICT = 0x0800, + NBT_NM_DEREGISTER = 0x1000, + NBT_NM_OWNER_TYPE = 0x6000, + NBT_NM_GROUP = 0x8000 + } nb_flags; + + typedef struct { + nb_flags nb_flags; + ipv4address ipaddr; + } nbt_rdata_address; + + typedef struct { + uint16 length; + nbt_rdata_address addresses[length/6]; + } nbt_rdata_netbios; + + typedef struct { + uint8 unit_id[6]; + uint8 jumpers; + uint8 test_result; + uint16 version_number; + uint16 period_of_statistics; + uint16 number_of_crcs; + uint16 number_alignment_errors; + uint16 number_of_collisions; + uint16 number_send_aborts; + uint32 number_good_sends; + uint32 number_good_receives; + uint16 number_retransmits; + uint16 number_no_resource_conditions; + uint16 number_free_command_blocks; + uint16 total_number_command_blocks; + uint16 max_total_number_command_blocks; + uint16 number_pending_sessions; + uint16 max_number_pending_sessions; + uint16 max_total_sessions_possible; + uint16 session_data_packet_size; + } nbt_statistics; + + typedef struct { + [charset(DOS)] uint8 name[15]; + nbt_name_type type; + nb_flags nb_flags; + } nbt_status_name; + + typedef struct { + [value(num_names * 18 + 47)] uint16 length; + uint8 num_names; + nbt_status_name names[num_names]; + nbt_statistics statistics; + } nbt_rdata_status; + + typedef struct { + uint16 length; + uint8 data[length]; + } nbt_rdata_data; + + typedef [nodiscriminant] union { + [case(NBT_QTYPE_NETBIOS)] nbt_rdata_netbios netbios; + [case(NBT_QTYPE_STATUS)] nbt_rdata_status status; + [default] nbt_rdata_data data; + } nbt_rdata; + +/* + * this macro works arround the problem + * that we need to use nbt_rdata_data + * together with NBT_QTYPE_NETBIOS + * for WACK replies + */ +#define NBT_RES_REC_LEVEL(rr_type, rdata) (\ + (((rr_type) == NBT_QTYPE_NETBIOS) && \ + talloc_check_name(ndr, "struct ndr_push") && \ + ((rdata).data.length == 2)) \ + ? 0 : rr_type) + + typedef [flag(LIBNDR_PRINT_ARRAY_HEX)] struct { + nbt_name name; + nbt_qtype rr_type; + nbt_qclass rr_class; + uint32 ttl; + [switch_is(NBT_RES_REC_LEVEL(rr_type, rdata))] nbt_rdata rdata; + } nbt_res_rec; + + typedef [flag(NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX),public] struct { + uint16 name_trn_id; + nbt_operation operation; + uint16 qdcount; + uint16 ancount; + uint16 nscount; + uint16 arcount; + nbt_name_question questions[qdcount]; + nbt_res_rec answers[ancount]; + nbt_res_rec nsrecs[nscount]; + nbt_res_rec additional[arcount]; + [flag(NDR_REMAINING)] DATA_BLOB padding; + } nbt_name_packet; + + + /* + NBT DGRAM packets (UDP/138) + */ + + typedef [enum8bit] enum { + DGRAM_DIRECT_UNIQUE = 0x10, + DGRAM_DIRECT_GROUP = 0x11, + DGRAM_BCAST = 0x12, + DGRAM_ERROR = 0x13, + DGRAM_QUERY = 0x14, + DGRAM_QUERY_POSITIVE = 0x15, + DGRAM_QUERY_NEGATIVE = 0x16 + } dgram_msg_type; + + typedef [bitmap8bit] bitmap { + DGRAM_FLAG_MORE = 0x01, + DGRAM_FLAG_FIRST = 0x02, + DGRAM_FLAG_NODE_TYPE = 0x0C + } dgram_flags; + + typedef [enum8bit] enum { + DGRAM_NODE_B = 0x00, + DGRAM_NODE_P = 0x04, + DGRAM_NODE_M = 0x08, + DGRAM_NODE_NBDD = 0x0C + } dgram_node_type; + + /* a dgram_message is the main dgram body in general use */ + + /* the most common datagram type is a SMB_TRANSACTION + operation, where a SMB packet is used in the data section + of a dgram_message to hold a trans request, which in turn + holds a small command structure. It's a very strange beast + indeed. To make the code cleaner we define a basic SMB + packet in IDL here. This is not a general purpose SMB + packet, and won't be used in the core SMB client/server + code, but it does make working with these types of dgrams + easier */ + + const string NBT_MAILSLOT_NETLOGON = "\\MAILSLOT\\NET\\NETLOGON"; + const string NBT_MAILSLOT_NTLOGON = "\\MAILSLOT\\NET\\NTLOGON"; + const string NBT_MAILSLOT_GETDC = "\\MAILSLOT\\NET\\GETDC"; + const string NBT_MAILSLOT_BROWSE = "\\MAILSLOT\\BROWSE"; + + typedef [enum8bit] enum { + SMB_TRANSACTION = 0x25 + } smb_command; + + typedef struct { + [range(17,17),value(17)] uint8 wct; + uint16 total_param_count; + uint16 total_data_count; + uint16 max_param_count; + uint16 max_data_count; + uint8 max_setup_count; + uint8 pad; + uint16 trans_flags; + uint32 timeout; + uint16 reserved; + uint16 param_count; + uint16 param_offset; + uint16 data_count; + uint16 data_offset; + [range(3,3),value(3)] uint8 setup_count; + uint8 pad2; + uint16 opcode; + uint16 priority; + uint16 _class; + [value(strlen(mailslot_name)+1+data.length)] + uint16 byte_count; + astring mailslot_name; + [flag(NDR_REMAINING)] DATA_BLOB data; + } smb_trans_body; + + typedef [nodiscriminant] union { + [case(SMB_TRANSACTION)] smb_trans_body trans; + } smb_body; + + + typedef [flag(NDR_NOALIGN|NDR_LITTLE_ENDIAN|NDR_PAHEX),public] struct { + smb_command smb_command; + uint8 err_class; + uint8 pad; + uint16 err_code; + uint8 flags; + uint16 flags2; + uint16 pid_high; + uint8 signature[8]; + uint16 reserved; + uint16 tid; + uint16 pid; + uint16 vuid; + uint16 mid; + [switch_is(smb_command)] smb_body body; + } dgram_smb_packet; + + const uint32 DGRAM_SMB = 0xff534d42; /* 0xffSMB */ + + typedef [nodiscriminant] union { + [case(DGRAM_SMB)] dgram_smb_packet smb; + } dgram_message_body; + + typedef struct { + uint16 length; + uint16 offset; + nbt_name source_name; + nbt_name dest_name; + uint32 dgram_body_type; + [switch_is(dgram_body_type)] dgram_message_body body; + } dgram_message; + + typedef [enum8bit] enum { + DGRAM_ERROR_NAME_NOT_PRESENT = 0x82, + DGRAM_ERROR_INVALID_SOURCE = 0x83, + DGRAM_ERROR_INVALID_DEST = 0x84 + } dgram_err_code; + + typedef [nodiscriminant] union { + [case(DGRAM_DIRECT_UNIQUE)] dgram_message msg; + [case(DGRAM_DIRECT_GROUP)] dgram_message msg; + [case(DGRAM_BCAST)] dgram_message msg; + [case(DGRAM_ERROR)] dgram_err_code error; + [case(DGRAM_QUERY)] nbt_name dest_name; + [case(DGRAM_QUERY_POSITIVE)] nbt_name dest_name; + [case(DGRAM_QUERY_NEGATIVE)] nbt_name dest_name; + } dgram_data; + + typedef [flag(NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX),public] struct { + dgram_msg_type msg_type; + dgram_flags flags; + uint16 dgram_id; + ipv4address src_addr; + uint16 src_port; + [switch_is(msg_type)] dgram_data data; + } nbt_dgram_packet; + + + /*******************************************/ + /* \MAILSLOT\NET\NETLOGON mailslot requests */ + typedef enum { + NETLOGON_QUERY_FOR_PDC = 0x7, + NETLOGON_ANNOUNCE_UAS = 0xa, + NETLOGON_RESPONSE_FROM_PDC = 0xc, + NETLOGON_QUERY_FOR_PDC2 = 0x12, + NETLOGON_RESPONSE_FROM_PDC2 = 0x17, + NETLOGON_RESPONSE_FROM_PDC_USER = 0x19 + } nbt_netlogon_command; + + /* query for pdc request */ + typedef struct { + astring computer_name; + astring mailslot_name; + [flag(NDR_ALIGN2)] DATA_BLOB _pad; + nstring unicode_name; + uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_netlogon_query_for_pdc; + + /* query for pdc request - new style */ + typedef struct { + uint16 request_count; + nstring computer_name; + nstring user_name; + astring mailslot_name; + uint32 unknown[2]; + uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_netlogon_query_for_pdc2; + + /* response from pdc */ + typedef struct { + astring pdc_name; + [flag(NDR_ALIGN2)] DATA_BLOB _pad; + nstring unicode_pdc_name; + nstring domain_name; + uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_netlogon_response_from_pdc; + + typedef [bitmap32bit] bitmap { + NBT_SERVER_PDC = 0x00000001, + NBT_SERVER_GC = 0x00000004, + NBT_SERVER_LDAP = 0x00000008, + NBT_SERVER_DS = 0x00000010, + NBT_SERVER_KDC = 0x00000020, + NBT_SERVER_TIMESERV = 0x00000040, + NBT_SERVER_CLOSEST = 0x00000080, + NBT_SERVER_WRITABLE = 0x00000100, + NBT_SERVER_GOOD_TIMESERV = 0x00000200 + } nbt_server_type; + + /* response from pdc - type2 */ + typedef struct { + [flag(NDR_ALIGN4)] DATA_BLOB _pad; + nbt_server_type server_type; + GUID domain_uuid; + nbt_string forest; + nbt_string dns_domain; + nbt_string pdc_dns_name; + nbt_string domain; + nbt_string pdc_name; + nbt_string user_name; + nbt_string server_site; + nbt_string client_site; + uint8 unknown; + uint32 unknown2; + [flag(NDR_BIG_ENDIAN)] + ipv4address pdc_ip; + uint32 unknown3[2]; + uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_netlogon_response_from_pdc2; + + typedef enum netr_SamDatabaseID netr_SamDatabaseID; + + /* announce change to UAS or SAM */ + typedef struct { + netr_SamDatabaseID db_index; + hyper serial; + NTTIME timestamp; + } nbt_db_change; + + /* used to announce SAM changes */ + typedef struct { + uint32 serial_lo; + time_t timestamp; + uint32 pulse; + uint32 random; + astring pdc_name; + astring domain; + [flag(NDR_ALIGN2)] DATA_BLOB _pad; + nstring unicode_pdc_name; + nstring unicode_domain; + uint32 db_count; + nbt_db_change dbchange[db_count]; + [value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size; + [subcontext(0),subcontext_size(sid_size)] dom_sid0 sid; + uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_netlogon_announce_uas; + + typedef [nodiscriminant] union { + [case(NETLOGON_QUERY_FOR_PDC)] nbt_netlogon_query_for_pdc pdc; + [case(NETLOGON_QUERY_FOR_PDC2)] nbt_netlogon_query_for_pdc2 pdc2; + [case(NETLOGON_ANNOUNCE_UAS)] nbt_netlogon_announce_uas uas; + [case(NETLOGON_RESPONSE_FROM_PDC)] nbt_netlogon_response_from_pdc response; + [case(NETLOGON_RESPONSE_FROM_PDC2)] nbt_netlogon_response_from_pdc2 response2; + [case(NETLOGON_RESPONSE_FROM_PDC_USER)] nbt_netlogon_response_from_pdc2 response2; + } nbt_netlogon_request; + + typedef [flag(NDR_NOALIGN),public] struct { + nbt_netlogon_command command; + [switch_is(command)] nbt_netlogon_request req; + } nbt_netlogon_packet; + + /*******************************************/ + /* CLDAP netlogon response */ + + /* note that these structures are very similar to, but not + quite identical to, the netlogon structures above */ + + typedef struct { + uint16 type; + nstring pdc_name; + nstring user_name; + nstring domain_name; + [value(1)] uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_cldap_netlogon_1; + + typedef struct { + uint16 type; + nstring pdc_name; + nstring user_name; + nstring domain_name; + GUID domain_uuid; + GUID unknown_uuid; + nbt_string forest; + nbt_string dns_domain; + nbt_string pdc_dns_name; + ipv4address pdc_ip; + nbt_server_type server_type; + [value(3)] uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_cldap_netlogon_3; + + typedef struct { + uint32 type; + nbt_server_type server_type; + GUID domain_uuid; + nbt_string forest; + nbt_string dns_domain; + nbt_string pdc_dns_name; + nbt_string domain; + nbt_string pdc_name; + nbt_string user_name; + nbt_string server_site; + nbt_string client_site; + [value(5)] uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_cldap_netlogon_5; + + typedef struct { + uint32 type; + nbt_server_type server_type; + GUID domain_uuid; + nbt_string forest; + nbt_string dns_domain; + nbt_string pdc_dns_name; + nbt_string domain; + nbt_string pdc_name; + nbt_string user_name; + nbt_string server_site; + nbt_string client_site; + uint8 unknown; + uint32 unknown2; + [flag(NDR_BIG_ENDIAN)] + ipv4address pdc_ip; + uint32 unknown3[2]; + [value(13)] uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_cldap_netlogon_13; + + typedef [flag(NDR_NOALIGN),public,nodiscriminant] union { + [case(0)] nbt_cldap_netlogon_1 logon1; + [case(1)] nbt_cldap_netlogon_1 logon1; + [case(2)] nbt_cldap_netlogon_3 logon3; + [case(3)] nbt_cldap_netlogon_3 logon3; + [case(4)] nbt_cldap_netlogon_5 logon5; + [case(5)] nbt_cldap_netlogon_5 logon5; + [case(6)] nbt_cldap_netlogon_5 logon5; + [case(7)] nbt_cldap_netlogon_5 logon5; + [default] nbt_cldap_netlogon_13 logon13; + } nbt_cldap_netlogon; + + /*******************************************/ + /* \MAILSLOT\NET\NTLOGON mailslot requests */ + typedef enum { + NTLOGON_SAM_LOGON = 0x12, + NTLOGON_SAM_LOGON_REPLY = 0x13, + NTLOGON_SAM_LOGON_REPLY15 = 0x15 + } nbt_ntlogon_command; + + typedef struct { + uint16 request_count; + nstring computer_name; + nstring user_name; + astring mailslot_name; + uint32 acct_control; + [value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size; + [subcontext(0),subcontext_size(sid_size)] dom_sid0 sid; + uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_ntlogon_sam_logon; + + typedef struct { + nstring server; + nstring user_name; + nstring domain; + uint32 nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_ntlogon_sam_logon_reply; + + typedef [nodiscriminant] union { + [case(NTLOGON_SAM_LOGON)] nbt_ntlogon_sam_logon logon; + [case(NTLOGON_SAM_LOGON_REPLY)] nbt_ntlogon_sam_logon_reply reply; + [case(NTLOGON_SAM_LOGON_REPLY15)] nbt_ntlogon_sam_logon_reply reply; + [case(NETLOGON_RESPONSE_FROM_PDC2)] nbt_netlogon_response_from_pdc2 reply2; + } nbt_ntlogon_request; + + typedef [flag(NDR_NOALIGN),public] struct { + nbt_ntlogon_command command; + [switch_is(command)] nbt_ntlogon_request req; + } nbt_ntlogon_packet; + + /********************************************************/ + /* \MAILSLOT\BROWSE mailslot requests */ + /* for details see http://ubiqx.org/cifs/Browsing.html */ + /********************************************************/ + typedef bitmap svcctl_ServerType svcctl_ServerType; + + typedef [enum8bit] enum { + HostAnnouncement = 1, + AnnouncementRequest = 2, + Election = 8, + GetBackupListReq = 9, + GetBackupListResp = 10, + BecomeBackup = 11, + DomainAnnouncement = 12, + MasterAnnouncement = 13, + ResetBrowserState = 14, + LocalMasterAnnouncement = 15 + } nbt_browse_opcode; + + typedef struct { + uint8 UpdateCount; + uint32 Periodicity; + [charset(DOS)] uint8 ServerName[16]; + uint8 OSMajor; + uint8 OSMinor; + svcctl_ServerType ServerType; + uint8 BroMajorVer; + uint8 BroMinorVer; + uint16 Signature; + astring Comment; + } nbt_browse_host_announcement; + + typedef struct { + uint8 Unused; + astring ResponseName; + } nbt_browse_announcement_request; + + typedef struct { + uint8 Version; + uint32 Criteria; + uint32 UpTime; /* In milliseconds */ + uint32 Reserved; /* Must be zero */ + astring ServerName; + } nbt_browse_election_request; + + typedef struct { + uint8 ReqCount; + uint32 Token; + } nbt_browse_backup_list_request; + + typedef struct { + uint8 BackupCount; + uint32 Token; + nbt_name BackupServerList[BackupCount];/* TODO: this is wrong */ + } nbt_browse_backup_list_response; + + typedef struct { + astring BrowserName; + } nbt_browse_become_backup; + + typedef struct { + uint8 UpdateCount; + uint32 Periodicity; + [charset(DOS)] uint8 ServerName[16]; + uint8 OSMajor; + uint8 OSMinor; + svcctl_ServerType ServerType; + uint32 MysteriousField; + astring Comment; + } nbt_browse_domain_announcement; + + typedef struct { + astring ServerName; + } nbt_browse_master_announcement; + + typedef struct { + uint8 Command; + } nbt_browse_reset_state; + + typedef struct { + uint8 UpdateCount; + uint32 Periodicity; + [charset(DOS)] uint8 ServerName[16]; + uint8 OSMajor; + uint8 OSMinor; + svcctl_ServerType ServerType; + uint8 BroMajorVer; + uint8 BroMinorVer; + uint16 Signature; + astring Comment; + } nbt_browse_local_master_announcement; + + typedef [nodiscriminant] union { + [case(HostAnnouncement)] nbt_browse_host_announcement host_annoucement; + [case(AnnouncementRequest)] nbt_browse_announcement_request announcement_request; + [case(Election)] nbt_browse_election_request election_request; + [case(GetBackupListReq)] nbt_browse_backup_list_request backup_list_request; + [case(GetBackupListResp)] nbt_browse_backup_list_response backup_list_response; + [case(BecomeBackup)] nbt_browse_become_backup become_backup; + [case(DomainAnnouncement)] nbt_browse_domain_announcement domain_announcement; + [case(MasterAnnouncement)] nbt_browse_master_announcement master_announcement; + [case(ResetBrowserState)] nbt_browse_reset_state reset_browser_state; + [case(LocalMasterAnnouncement)] nbt_browse_local_master_announcement local_master_announcement; + } nbt_browse_payload; + + typedef [public,flag(NDR_NOALIGN)] struct { + nbt_browse_opcode opcode; + [switch_is(opcode)] nbt_browse_payload payload; + } nbt_browse_packet; +} diff --git a/source3/librpc/idl/security.idl b/source3/librpc/idl/security.idl index c4c30e9b5a..c1dfe272e9 100644 --- a/source3/librpc/idl/security.idl +++ b/source3/librpc/idl/security.idl @@ -22,6 +22,9 @@ cpp_quote("#define dom_sid2 dom_sid") /* same struct as dom_sid but inside a 28 bytes fixed buffer in NDR */ cpp_quote("#define dom_sid28 dom_sid") +/* same struct as dom_sid but in a variable byte buffer, which is maybe empty in NDR */ +cpp_quote("#define dom_sid0 dom_sid") + [ pointer_default(unique) ] |