summaryrefslogtreecommitdiff
path: root/source4/librpc/idl/misc.idl
blob: ce884b6c5ce8266c7d4bbe0522a684ebd03e5f74 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
#include "idl_types.h"

/*
  miscellaneous IDL structures
*/

interface misc
{
	/* a NULL sid */
	const string SID_NULL = "S-1-0-0";

	/* the world domain */
	const string SID_WORLD_DOMAIN = "S-1-1";
	const string SID_WORLD        = "S-1-1-0";

	/* SECURITY_CREATOR_SID_AUTHORITY */
	const string SID_CREATOR_OWNER_DOMAIN = "S-1-3";
	const string SID_CREATOR_OWNER        = "S-1-3-0";
	const string SID_CREATOR_GROUP        = "S-1-3-1";

	/* SECURITY_NT_AUTHORITY */
	const string SID_NT_AUTHORITY        = "S-1-5";
	const string SID_NETWORK             = "S-1-5-2";
	const string SID_ANONYMOUS           = "S-1-5-7";
	const string SID_AUTHENTICATED_USERS = "S-1-5-11";
	const string SID_SYSTEM              = "S-1-5-18";

	/* SECURITY_BUILTIN_DOMAIN_RID */
	const string SID_BUILTIN                   = "S-1-5-32";
	const string SID_BUILTIN_ADMINISTRATORS    = "S-1-5-32-544";
	const string SID_BUILTIN_USERS             = "S-1-5-32-545";
	const string SID_BUILTIN_GUESTS            = "S-1-5-32-546";
	const string SID_BUILTIN_POWER_USERS       = "S-1-5-32-547";
	const string SID_BUILTIN_ACCOUNT_OPERATORS = "S-1-5-32-548";
	const string SID_BUILTIN_SERVER_OPERATORS  = "S-1-5-32-549";
	const string SID_BUILTIN_PRINT_OPERATORS   = "S-1-5-32-550";
	const string SID_BUILTIN_BACKUP_OPERATORS  = "S-1-5-32-551";
	const string SID_BUILTIN_REPLICATOR        = "S-1-5-32-552";

	/* server roles */
	typedef enum {
		ROLE_STANDALONE    = 0,
		ROLE_DOMAIN_MEMBER = 1,
		ROLE_DOMAIN_BDC    = 2,
		ROLE_DOMAIN_PDC    = 3
	} samr_Role;


	typedef [public,noprint,gensize] struct {
		uint32 time_low;
		uint16 time_mid;
		uint16 time_hi_and_version;
		uint8  clock_seq[2];
		uint8  node[6];
	} GUID;

	/* a domain SID. Note that unlike Samba3 this contains a pointer,
	   so you can't copy them using assignment */
	typedef [public,noprint] struct {
		uint8  sid_rev_num;             /**< SID revision number */
		uint8  num_auths;               /**< Number of sub-authorities */
		uint8  id_auth[6];              /**< Identifier Authority */
		uint32 sub_auths[num_auths];
	} dom_sid;

	typedef [public] struct {
		uint8 type;  /* xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */
		uint8 flags; /* xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */
		[value(ndr_size_security_ace(r))] uint16 size;
		uint32 access_mask;

#if 0
		/* the 'obj' part is present when type is XXXX_TYPE_XXXX_OBJECT */
		struct {
			uint32 flags;
			GUID object_guid;
			GUID inherit_guid;
		} *obj;
#endif

		dom_sid trustee;
	} security_ace;

	typedef [public] struct {
		uint16 revision;
		[value(ndr_size_security_acl(r))] uint16 size;
		uint32 num_aces;
		security_ace aces[num_aces];
	} security_acl;

	/* default revision for new ACLs */
	const int SD_REVISION                    = 1;

	/* security_descriptor->type bits */
	const int SEC_DESC_OWNER_DEFAULTED	 = 0x0001;
	const int SEC_DESC_GROUP_DEFAULTED	 = 0x0002;
	const int SEC_DESC_DACL_PRESENT		 = 0x0004;
	const int SEC_DESC_DACL_DEFAULTED	 = 0x0008;
	const int SEC_DESC_SACL_PRESENT		 = 0x0010;
	const int SEC_DESC_SACL_DEFAULTED	 = 0x0020;
	const int SEC_DESC_DACL_TRUSTED		 = 0x0040;
	const int SEC_DESC_SERVER_SECURITY	 = 0x0080;
	const int SEC_DESC_DACL_AUTO_INHERIT_REQ = 0x0100;
	const int SEC_DESC_SACL_AUTO_INHERIT_REQ = 0x0200;
	const int SEC_DESC_DACL_AUTO_INHERITED	 = 0x0400;
	const int SEC_DESC_SACL_AUTO_INHERITED	 = 0x0800;
	const int SEC_DESC_DACL_PROTECTED	 = 0x1000;
	const int SEC_DESC_SACL_PROTECTED	 = 0x2000;
	const int SEC_DESC_RM_CONTROL_VALID	 = 0x4000;
	const int SEC_DESC_SELF_RELATIVE	 = 0x8000;

	typedef [public,flag(NDR_LITTLE_ENDIAN)] struct {
		uint8 revision;
		uint16 type;     /* SEC_DESC_xxxx flags */
		[relative] dom_sid *owner_sid; 
		[relative] dom_sid *group_sid;
		[relative] security_acl *sacl; /* system ACL */
		[relative] security_acl *dacl; /* user (discretionary) ACL */
	} security_descriptor;

	typedef [public] struct {
		uint32 handle_type;
		GUID   uuid;
	} policy_handle;

	/* this is also used in samr and netlogon */
	typedef [public, flag(NDR_PAHEX)] struct {
		uint16 units_per_week;
		[size_is(1260), length_is(units_per_week/8)] uint8 *bitmap;
	} samr_LogonHours;

	typedef [public, flag(NDR_PAHEX)] struct {
		uint8 hash[16];
	} samr_Password;

	typedef [public,flag(NDR_PAHEX)] struct {
		uint8 key[16];
	} netr_UserSessionKey;

	typedef [public,flag(NDR_PAHEX)] struct {
		uint8 key[8];
	} netr_LMSessionKey;

	typedef [public, flag(NDR_PAHEX)] struct {
		uint8 data[8];
	} netr_Credential;

	typedef [public] struct {
		netr_Credential cred;
		time_t timestamp;
	} netr_Authenticator;

}