From d626a26374744849f1bc431e02dd5329594589a1 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 21 Jul 2008 13:42:07 +1000 Subject: Rename structures to better match the names in the WSPP IDL. The 'comment' element in a number of domain structures is called oem_information. This was picked up actually because with OpenLDAP doing the schema checking, it noticed that 'comment' was not a valid attribute. The rename tries to keep this consistant in both the LDB mappings and IDL, so we don't make the same mistake in future. This has no real schema impact, as this value isn't actually used for anything, as 'comment' was not used in the provision. Andrew Bartlett (This used to be commit 65dc0d536590d055a5ee775606ac90ee5fcaee9a) --- source4/librpc/idl/netlogon.idl | 2 +- source4/librpc/idl/samr.idl | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) (limited to 'source4/librpc/idl') diff --git a/source4/librpc/idl/netlogon.idl b/source4/librpc/idl/netlogon.idl index 6da496a486..d8f7d2f7e6 100644 --- a/source4/librpc/idl/netlogon.idl +++ b/source4/librpc/idl/netlogon.idl @@ -403,7 +403,7 @@ interface netlogon typedef struct { lsa_String domain_name; - lsa_String comment; + lsa_String oem_information; /* comment */ dlong force_logoff_time; uint16 min_password_length; uint16 password_history_length; diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl index 3a11ab752c..b6cce38196 100644 --- a/source4/librpc/idl/samr.idl +++ b/source4/librpc/idl/samr.idl @@ -208,7 +208,7 @@ import "misc.idl", "lsa.idl", "security.idl"; typedef struct { NTTIME force_logoff_time; - lsa_String comment; + lsa_String oem_information; /* comment */ lsa_String domain_name; lsa_String primary; /* PDC name if this is a BDC */ udlong sequence_num; @@ -218,15 +218,15 @@ import "misc.idl", "lsa.idl", "security.idl"; uint32 num_users; uint32 num_groups; uint32 num_aliases; - } samr_DomInfo2; + } samr_DomGeneralInformation; typedef struct { NTTIME force_logoff_time; } samr_DomInfo3; typedef struct { - lsa_String comment; - } samr_DomInfo4; + lsa_String oem_information; /* comment */ + } samr_DomOEMInformation; typedef struct { lsa_String domain_name; @@ -250,11 +250,11 @@ import "misc.idl", "lsa.idl", "security.idl"; } samr_DomInfo9; typedef struct { - samr_DomInfo2 info2; + samr_DomGeneralInformation general; hyper lockout_duration; hyper lockout_window; uint16 lockout_threshold; - } samr_DomInfo11; + } samr_DomGeneralInformation2; typedef struct { hyper lockout_duration; @@ -271,15 +271,15 @@ import "misc.idl", "lsa.idl", "security.idl"; typedef [switch_type(uint16)] union { [case(1)] samr_DomInfo1 info1; - [case(2)] samr_DomInfo2 info2; + [case(2)] samr_DomGeneralInformation general; [case(3)] samr_DomInfo3 info3; - [case(4)] samr_DomInfo4 info4; + [case(4)] samr_DomOEMInformation oem; [case(5)] samr_DomInfo5 info5; [case(6)] samr_DomInfo6 info6; [case(7)] samr_DomInfo7 info7; [case(8)] samr_DomInfo8 info8; [case(9)] samr_DomInfo9 info9; - [case(11)] samr_DomInfo11 info11; + [case(11)] samr_DomGeneralInformation2 general2; [case(12)] samr_DomInfo12 info12; [case(13)] samr_DomInfo13 info13; } samr_DomainInfo; -- cgit From 2abe5e9240af3970f0f06a492bb520a569cd77b0 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 22 Jul 2008 11:37:32 +0200 Subject: drsuapi.idl: add drsuapi_DsBindInfo48. This is necessary to make DsGetNcChanges work with win2008. Michael (This used to be commit dd278b069b8683a0e3721ebb7d0de06d2bc1c86f) --- source4/librpc/idl/drsuapi.idl | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'source4/librpc/idl') diff --git a/source4/librpc/idl/drsuapi.idl b/source4/librpc/idl/drsuapi.idl index b9cff5d11d..c0d82babc4 100644 --- a/source4/librpc/idl/drsuapi.idl +++ b/source4/librpc/idl/drsuapi.idl @@ -73,6 +73,15 @@ interface drsuapi uint32 repl_epoch; } drsuapi_DsBindInfo28; + /* this is used by w2k8 */ + typedef struct { + drsuapi_SupportedExtensions supported_extensions; + GUID site_guid; + uint32 u1; + uint32 repl_epoch; + uint32 unknown[5]; + } drsuapi_DsBindInfo48; + typedef struct { [flag(NDR_REMAINING)] DATA_BLOB info; } drsuapi_DsBindInfoFallBack; @@ -80,6 +89,7 @@ interface drsuapi typedef [nodiscriminant] union { [case(24)][subcontext(4)] drsuapi_DsBindInfo24 info24; [case(28)][subcontext(4)] drsuapi_DsBindInfo28 info28; + [case(48)][subcontext(4)] drsuapi_DsBindInfo48 info48; [default][subcontext(4)] drsuapi_DsBindInfoFallBack FallBack; } drsuapi_DsBindInfo; -- cgit From e7785a371a1881eb1ad5ee6cf8d2de2b4537fa39 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 22 Jul 2008 12:46:04 +0200 Subject: drsuapi.idl: the last 16 bytes in DsBindInfo48 ar the GUID of the config dn. This bit seems not to be documented in the WSPP docs. Michael (This used to be commit 705f79bd0a5e93daa0cb11b5dcca36e75c75df93) --- source4/librpc/idl/drsuapi.idl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source4/librpc/idl') diff --git a/source4/librpc/idl/drsuapi.idl b/source4/librpc/idl/drsuapi.idl index c0d82babc4..96cb56ba3d 100644 --- a/source4/librpc/idl/drsuapi.idl +++ b/source4/librpc/idl/drsuapi.idl @@ -79,7 +79,8 @@ interface drsuapi GUID site_guid; uint32 u1; uint32 repl_epoch; - uint32 unknown[5]; + uint32 unknown; + GUID config_dn_guid; } drsuapi_DsBindInfo48; typedef struct { -- cgit From 901e764fa75030c22e4bda37e384dc074bcceb08 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 22 Jul 2008 13:07:55 +0200 Subject: drsuapi.idl: add drsuapi_SupportedExtensionsExt bitfield. This knowledge is obtained from the wspp-docs (section 5.35). Michael (This used to be commit f5afb695045b1a2f3b8c00a4d82d40e8e50726c9) --- source4/librpc/idl/drsuapi.idl | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source4/librpc/idl') diff --git a/source4/librpc/idl/drsuapi.idl b/source4/librpc/idl/drsuapi.idl index 96cb56ba3d..ee1f5c8139 100644 --- a/source4/librpc/idl/drsuapi.idl +++ b/source4/librpc/idl/drsuapi.idl @@ -58,6 +58,11 @@ interface drsuapi DRSUAPI_SUPPORTED_EXTENSION_80000000 = 0x80000000 } drsuapi_SupportedExtensions; + typedef [bitmap32bit] bitmap { + DRSUAPI_SUPPORTED_EXTENSION_ADAM = 0x00000001, + DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2 = 0x00000002 + } drsuapi_SupportedExtensionsExt; + /* this is used by w2k */ typedef struct { drsuapi_SupportedExtensions supported_extensions; @@ -79,7 +84,7 @@ interface drsuapi GUID site_guid; uint32 u1; uint32 repl_epoch; - uint32 unknown; + drsuapi_SupportedExtensionsExt supported_extensions_ext; GUID config_dn_guid; } drsuapi_DsBindInfo48; -- cgit From e184b70768881ed9a4e957de630047ca292bc96e Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 22 Jul 2008 15:33:26 +0200 Subject: drsuapi.idl: change the u1 field in DsBindInfo* to "pid". According to the WSPP docs, section 5.35, this is the "process identifyer" of the client. It is meant for informational and debugging purposes only and its assignment is implementation specific. Michael (This used to be commit 579306eb5b58b6c1142b3c489e4bcf6da50810d6) --- source4/librpc/idl/drsuapi.idl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source4/librpc/idl') diff --git a/source4/librpc/idl/drsuapi.idl b/source4/librpc/idl/drsuapi.idl index ee1f5c8139..c19da4fa19 100644 --- a/source4/librpc/idl/drsuapi.idl +++ b/source4/librpc/idl/drsuapi.idl @@ -67,14 +67,14 @@ interface drsuapi typedef struct { drsuapi_SupportedExtensions supported_extensions; GUID site_guid; - uint32 u1; + uint32 pid; } drsuapi_DsBindInfo24; /* this is used by w2k3 */ typedef struct { drsuapi_SupportedExtensions supported_extensions; GUID site_guid; - uint32 u1; + uint32 pid; uint32 repl_epoch; } drsuapi_DsBindInfo28; @@ -82,7 +82,7 @@ interface drsuapi typedef struct { drsuapi_SupportedExtensions supported_extensions; GUID site_guid; - uint32 u1; + uint32 pid; uint32 repl_epoch; drsuapi_SupportedExtensionsExt supported_extensions_ext; GUID config_dn_guid; @@ -1425,7 +1425,7 @@ interface drsuapi GUID bind_guid; NTTIME_1sec bind_time; [flag(NDR_BIG_ENDIAN)] ipv4address client_ip_address; - uint32 u5; /* this is the same value the client used as u1 in the DsBindInfoX struct */ + uint32 u5; /* this is the same value the client used as pid in the DsBindInfoX struct */ } drsuapi_DsReplicaConnection04; typedef struct { -- cgit From bb12c78d44f005bad9524af86ce9a1b2b98f16ad Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 23 Jul 2008 13:53:03 +0200 Subject: drsblobs.idl: rename unknown1 -> reserved metze (This used to be commit 9a70b2237d4fdd523edfbca0329ad35e71faf998) --- source4/librpc/idl/drsblobs.idl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/librpc/idl') diff --git a/source4/librpc/idl/drsblobs.idl b/source4/librpc/idl/drsblobs.idl index f8cbdac8c5..2f9819a10c 100644 --- a/source4/librpc/idl/drsblobs.idl +++ b/source4/librpc/idl/drsblobs.idl @@ -205,7 +205,7 @@ interface drsblobs { typedef struct { [value(2*strlen_m(name))] uint16 name_len; [value(strlen(data))] uint16 data_len; - uint16 unknown1; /* 2 for name = 'Packages', 1 for name = 'Primary:*' */ + uint16 reserved; /* 2 for 'Packages', 1 for 'Primary:*', but should be ignored */ [charset(UTF16)] uint8 name[name_len]; /* * the data field contains data as HEX strings -- cgit From ecdd13389fd1b262024fe663a57da11f8a84e239 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 23 Jul 2008 13:06:32 +0200 Subject: drsblobs.idl: fix idl for supplementalCredentialsSubBlob metze (This used to be commit 24c5b10136f6e640832193aaf9e6d7e865c288bc) --- source4/librpc/idl/drsblobs.idl | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'source4/librpc/idl') diff --git a/source4/librpc/idl/drsblobs.idl b/source4/librpc/idl/drsblobs.idl index 2f9819a10c..4829952cf8 100644 --- a/source4/librpc/idl/drsblobs.idl +++ b/source4/librpc/idl/drsblobs.idl @@ -228,11 +228,16 @@ interface drsblobs { [charset(DOS)] uint8 data[data_len]; } supplementalCredentialsPackage; - /* this are 0x30 (48) whitespaces (0x20) followed by 'P' (0x50) */ - const string SUPPLEMENTAL_CREDENTIALS_PREFIX = " P"; + /* this are 0x30 (48) whitespaces (0x20) */ + const string SUPPLEMENTAL_CREDENTIALS_PREFIX = " "; + + typedef [flag(NDR_PAHEX)] enum { + SUPPLEMENTAL_CREDENTIALS_SIGNATURE = 0x0050 + } supplementalCredentialsSignature; typedef [gensize] struct { - [value(SUPPLEMENTAL_CREDENTIALS_PREFIX),charset(UTF16)] uint16 prefix[0x31]; + [value(SUPPLEMENTAL_CREDENTIALS_PREFIX),charset(UTF16)] uint16 prefix[0x30]; + [value(SUPPLEMENTAL_CREDENTIALS_SIGNATURE)] supplementalCredentialsSignature signature; uint16 num_packages; supplementalCredentialsPackage packages[num_packages]; } supplementalCredentialsSubBlob; -- cgit From e3434f8995ef834a1b8f452060544862b2a9642b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 23 Jul 2008 08:53:34 +0200 Subject: drsblobs.idl: fix unknowns in package_PrimaryKerberos idl metze (This used to be commit da9ceb2bf17f964334d9317829d40483e2c04b10) --- source4/librpc/idl/drsblobs.idl | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'source4/librpc/idl') diff --git a/source4/librpc/idl/drsblobs.idl b/source4/librpc/idl/drsblobs.idl index 4829952cf8..ec29c2732d 100644 --- a/source4/librpc/idl/drsblobs.idl +++ b/source4/librpc/idl/drsblobs.idl @@ -269,23 +269,25 @@ interface drsblobs { } package_PrimaryKerberosString; typedef struct { + [value(0)] uint16 reserved1; + [value(0)] uint16 reserved2; + [value(0)] uint32 reserved3; uint32 keytype; [value((value?value->length:0))] uint32 value_len; [relative,subcontext(0),subcontext_size(value_len),flag(NDR_REMAINING)] DATA_BLOB *value; - [value(0)] uint32 unknown1; - [value(0)] uint32 unknown2; } package_PrimaryKerberosKey; typedef struct { uint16 num_keys; uint16 num_old_keys; package_PrimaryKerberosString salt; - [value(0)] uint32 unknown1; - [value(0)] uint32 unknown2; package_PrimaryKerberosKey keys[num_keys]; package_PrimaryKerberosKey old_keys[num_old_keys]; - udlong unknown3[num_keys]; - udlong unknown3_old[num_old_keys]; + [value(0)] uint32 padding1; + [value(0)] uint32 padding2; + [value(0)] uint32 padding3; + [value(0)] uint32 padding4; + [value(0)] uint32 padding5; } package_PrimaryKerberosCtr3; typedef [nodiscriminant] union { -- cgit From 28a7e6f125070f288a9ca191ed7110f81891dc09 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 22 Jul 2008 12:28:07 +0200 Subject: drsblobs.idl: add idl for Primary:Kerberos-Newer-Keys blob in supplementalCredentials metze (This used to be commit 97b7901afbccc9647ad2958d4cf12300de2655d1) --- source4/librpc/idl/drsblobs.idl | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) (limited to 'source4/librpc/idl') diff --git a/source4/librpc/idl/drsblobs.idl b/source4/librpc/idl/drsblobs.idl index ec29c2732d..c876ae7fed 100644 --- a/source4/librpc/idl/drsblobs.idl +++ b/source4/librpc/idl/drsblobs.idl @@ -215,6 +215,9 @@ interface drsblobs { * as non termiated UTF16 strings with * a UTF16 NULL byte as separator * + * 'Primary:Kerberos-Newer-Keys': + * ... + * * 'Primary:Kerberos': * ... * @@ -303,6 +306,40 @@ interface drsblobs { [in] package_PrimaryKerberosBlob blob ); + typedef struct { + [value(0)] uint32 unknown1; + [value(0)] uint32 unknown2; + [value(0x00001000)] uint32 unknown3; /* could the the iterator for the AES key creation */ + uint32 keytype; + [value((value?value->length:0))] uint32 value_len; + [relative,subcontext(0),subcontext_size(value_len),flag(NDR_REMAINING)] DATA_BLOB *value; + } package_PrimaryKerberosNewerKey; + + typedef struct { + uint16 num_keys; + [value(0)] uint16 unknown1; + uint16 num_old_keys1; + uint16 num_old_keys2; + package_PrimaryKerberosString salt; + [value(0x00001000)] uint32 unknown2; /* could the the iterator for the AES key creation */ + package_PrimaryKerberosNewerKey keys[num_keys]; + package_PrimaryKerberosNewerKey old_keys1[num_old_keys1]; + package_PrimaryKerberosNewerKey old_keys2[num_old_keys2]; + } package_PrimaryKerberosNewerCtr4; + + typedef [nodiscriminant] union { + [case(4)] package_PrimaryKerberosNewerCtr4 ctr4; + } package_PrimaryKerberosNewerCtr; + + typedef [public] struct { + [value(4)] uint32 version; + [switch_is(version)] package_PrimaryKerberosNewerCtr ctr; + } package_PrimaryKerberosNewerBlob; + + void decode_PrimaryKerberosNewer( + [in] package_PrimaryKerberosNewerBlob blob + ); + typedef [public] struct { [flag(STR_NOTERM|NDR_REMAINING)] string cleartext; } package_PrimaryCLEARTEXTBlob; -- cgit