mirror of https://github.com/lianthony/NT4.0
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
258 lines
6.8 KiB
258 lines
6.8 KiB
/*++
|
|
|
|
Copyright (c) 1987-1991 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
ssi.h
|
|
|
|
Abstract:
|
|
|
|
Definition of Netlogon service APIs and structures used for SAM database
|
|
replication.
|
|
|
|
This file is shared by the Netlogon service and the XACT server.
|
|
|
|
Author:
|
|
|
|
Cliff Van Dyke (cliffv) 27-Jun-1991
|
|
|
|
Environment:
|
|
|
|
User mode only.
|
|
Contains NT-specific code.
|
|
Requires ANSI C extensions: slash-slash comments, long external names.
|
|
|
|
Revision History:
|
|
|
|
27-Jun-1991 (cliffv)
|
|
Ported from LanMan 2.1.
|
|
|
|
04-Apr-1992 (madana)
|
|
Added support for LSA replication.
|
|
|
|
--*/
|
|
|
|
//**************************************************************
|
|
//
|
|
// Data structure template - AUTHENTICATION
|
|
//
|
|
// ***************************************************************//
|
|
|
|
typedef struct _NETLOGON_VALIDATION_UAS_INFO {
|
|
#ifdef MIDL_PASS
|
|
[string] wchar_t * usrlog1_eff_name;
|
|
#else // MIDL_PASS
|
|
LPWSTR usrlog1_eff_name;
|
|
#endif // MIDL_PASS
|
|
DWORD usrlog1_priv;
|
|
DWORD usrlog1_auth_flags;
|
|
DWORD usrlog1_num_logons;
|
|
DWORD usrlog1_bad_pw_count;
|
|
DWORD usrlog1_last_logon;
|
|
DWORD usrlog1_last_logoff;
|
|
DWORD usrlog1_logoff_time;
|
|
DWORD usrlog1_kickoff_time;
|
|
DWORD usrlog1_password_age;
|
|
DWORD usrlog1_pw_can_change;
|
|
DWORD usrlog1_pw_must_change;
|
|
#ifdef MIDL_PASS
|
|
[string] wchar_t * usrlog1_computer;
|
|
[string] wchar_t * usrlog1_domain;
|
|
[string] wchar_t * usrlog1_script_path;
|
|
#else // MIDL_PASS
|
|
LPWSTR usrlog1_computer;
|
|
LPWSTR usrlog1_domain;
|
|
LPWSTR usrlog1_script_path;
|
|
#endif // MIDL_PASS
|
|
DWORD usrlog1_reserved1;
|
|
} NETLOGON_VALIDATION_UAS_INFO, *PNETLOGON_VALIDATION_UAS_INFO ;
|
|
|
|
typedef struct _NETLOGON_LOGOFF_UAS_INFO {
|
|
DWORD Duration;
|
|
USHORT LogonCount;
|
|
} NETLOGON_LOGOFF_UAS_INFORMATION, *PNETLOGON_LOGOFF_UAS_INFO;
|
|
|
|
// ***************************************************************
|
|
//
|
|
// Function prototypes - AUTHENTICATION
|
|
//
|
|
// ***************************************************************
|
|
|
|
NTSTATUS
|
|
I_NetServerReqChallenge(
|
|
IN LPWSTR PrimaryName OPTIONAL,
|
|
IN LPWSTR ComputerName,
|
|
IN PNETLOGON_CREDENTIAL ClientChallenge,
|
|
OUT PNETLOGON_CREDENTIAL ServerChallenge
|
|
);
|
|
|
|
NTSTATUS
|
|
I_NetServerAuthenticate(
|
|
IN LPWSTR PrimaryName OPTIONAL,
|
|
IN LPWSTR AccountName,
|
|
IN NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
IN LPWSTR ComputerName,
|
|
IN PNETLOGON_CREDENTIAL ClientCredential,
|
|
OUT PNETLOGON_CREDENTIAL ServerCredential
|
|
);
|
|
|
|
NTSTATUS
|
|
I_NetServerAuthenticate2(
|
|
IN LPWSTR PrimaryName OPTIONAL,
|
|
IN LPWSTR AccountName,
|
|
IN NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
IN LPWSTR ComputerName,
|
|
IN PNETLOGON_CREDENTIAL ClientCredential,
|
|
OUT PNETLOGON_CREDENTIAL ServerCredential,
|
|
IN OUT PULONG NegotiatedFlags
|
|
);
|
|
|
|
//
|
|
// Values of I_NetServerAuthenticate2 NegotiatedFlags
|
|
//
|
|
|
|
#define NETLOGON_SUPPORTS_ACCOUNT_LOCKOUT 0x01
|
|
#define NETLOGON_SUPPORTS_PERSISTENT_BDC 0x02
|
|
#define NETLOGON_SUPPORTS_RC4_ENCRYPTION 0x04
|
|
#define NETLOGON_SUPPORTS_PROMOTION_COUNT 0x08
|
|
#define NETLOGON_SUPPORTS_BDC_CHANGELOG 0x10
|
|
#define NETLOGON_SUPPORTS_FULL_SYNC_RESTART 0x20
|
|
#define NETLOGON_SUPPORTS_MULTIPLE_SIDS 0x40
|
|
#define NETLOGON_SUPPORTS_REDO 0x80
|
|
#define NETLOGON_SUPPORTS_REFUSE_CHANGE_PWD 0x100
|
|
|
|
#define NETLOGON_SUPPORTS_MASK ( \
|
|
NETLOGON_SUPPORTS_ACCOUNT_LOCKOUT | \
|
|
NETLOGON_SUPPORTS_PERSISTENT_BDC | \
|
|
NETLOGON_SUPPORTS_RC4_ENCRYPTION | \
|
|
NETLOGON_SUPPORTS_PROMOTION_COUNT | \
|
|
NETLOGON_SUPPORTS_BDC_CHANGELOG | \
|
|
NETLOGON_SUPPORTS_FULL_SYNC_RESTART | \
|
|
NETLOGON_SUPPORTS_MULTIPLE_SIDS | \
|
|
NETLOGON_SUPPORTS_REDO | \
|
|
NETLOGON_SUPPORTS_REFUSE_CHANGE_PWD )
|
|
|
|
|
|
NTSTATUS
|
|
I_NetServerPasswordSet(
|
|
IN LPWSTR PrimaryName OPTIONAL,
|
|
IN LPWSTR AccountName,
|
|
IN NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
IN LPWSTR ComputerName,
|
|
IN PNETLOGON_AUTHENTICATOR Authenticator,
|
|
OUT PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
IN PENCRYPTED_LM_OWF_PASSWORD UasNewPassword
|
|
);
|
|
|
|
|
|
|
|
NET_API_STATUS NET_API_FUNCTION
|
|
I_NetLogonUasLogon (
|
|
IN LPWSTR UserName,
|
|
IN LPWSTR Workstation,
|
|
OUT PNETLOGON_VALIDATION_UAS_INFO *ValidationInformation
|
|
);
|
|
|
|
NET_API_STATUS
|
|
I_NetLogonUasLogoff (
|
|
IN LPWSTR UserName,
|
|
IN LPWSTR Workstation,
|
|
OUT PNETLOGON_LOGOFF_UAS_INFO LogoffInformation
|
|
);
|
|
|
|
// **************************************************************
|
|
//
|
|
// Special values and constants - AUTHENTICATION
|
|
//
|
|
// **************************************************************
|
|
|
|
// **************************************************************
|
|
//
|
|
// Data structure template - UAS/SAM REPLICATION
|
|
//
|
|
// **************************************************************
|
|
|
|
typedef struct _UAS_INFO_0 {
|
|
CHAR ComputerName[LM20_CNLEN+1];
|
|
ULONG TimeCreated;
|
|
ULONG SerialNumber;
|
|
} UAS_INFO_0, *PUAS_INFO_0 ;
|
|
|
|
// **************************************************************
|
|
//
|
|
// Function prototypes - UAS/SAM REPLICATION
|
|
//
|
|
// **************************************************************
|
|
|
|
NET_API_STATUS NET_API_FUNCTION
|
|
I_NetAccountDeltas (
|
|
IN LPWSTR primaryname,
|
|
IN LPWSTR computername,
|
|
IN PNETLOGON_AUTHENTICATOR authenticator,
|
|
OUT PNETLOGON_AUTHENTICATOR ret_auth,
|
|
IN PUAS_INFO_0 record_id,
|
|
IN DWORD count,
|
|
IN DWORD level,
|
|
OUT LPBYTE buffer,
|
|
IN DWORD buffer_len,
|
|
OUT PULONG entries_read,
|
|
OUT PULONG total_entries,
|
|
OUT PUAS_INFO_0 next_record_id
|
|
);
|
|
|
|
NET_API_STATUS NET_API_FUNCTION
|
|
I_NetAccountSync (
|
|
IN LPWSTR primaryname,
|
|
IN LPWSTR computername,
|
|
IN PNETLOGON_AUTHENTICATOR authenticator,
|
|
OUT PNETLOGON_AUTHENTICATOR ret_auth,
|
|
IN DWORD reference,
|
|
IN DWORD level,
|
|
OUT LPBYTE buffer,
|
|
IN DWORD buffer_len,
|
|
OUT PULONG entries_read,
|
|
OUT PULONG total_entries,
|
|
OUT PULONG next_reference,
|
|
OUT PUAS_INFO_0 last_record_id
|
|
);
|
|
|
|
typedef enum _NETLOGON_DELTA_TYPE {
|
|
AddOrChangeDomain = 1,
|
|
AddOrChangeGroup,
|
|
DeleteGroup,
|
|
RenameGroup,
|
|
AddOrChangeUser,
|
|
DeleteUser,
|
|
RenameUser,
|
|
ChangeGroupMembership,
|
|
AddOrChangeAlias,
|
|
DeleteAlias,
|
|
RenameAlias,
|
|
ChangeAliasMembership,
|
|
AddOrChangeLsaPolicy,
|
|
AddOrChangeLsaTDomain,
|
|
DeleteLsaTDomain,
|
|
AddOrChangeLsaAccount,
|
|
DeleteLsaAccount,
|
|
AddOrChangeLsaSecret,
|
|
DeleteLsaSecret,
|
|
// The following deltas require NETLOGON_SUPPORTS_BDC_CHANGELOG to be
|
|
// negotiated.
|
|
DeleteGroupByName,
|
|
DeleteUserByName,
|
|
SerialNumberSkip,
|
|
DummyChangeLogEntry
|
|
} NETLOGON_DELTA_TYPE;
|
|
|
|
|
|
//
|
|
// Group and User account used for SSI.
|
|
//
|
|
|
|
#define SSI_ACCOUNT_NAME_POSTFIX L"$"
|
|
#define SSI_ACCOUNT_NAME_POSTFIX_CHAR L'$'
|
|
#define SSI_ACCOUNT_NAME_POSTFIX_LENGTH 1
|
|
#define SSI_ACCOUNT_NAME_LENGTH (CNLEN + SSI_ACCOUNT_NAME_POSTFIX_LENGTH)
|
|
|
|
#define SSI_SERVER_GROUP_W L"SERVERS"
|