|
|
/*++
Copyright (c) 1990 Microsoft Corporation
Module Name:
LOGON.IDL
Abstract:
Contains the Netr (Net Remote) RPC interface specification for the API associated with the Netlogon Service.
Also contains the RPC specific data structures for these API.
Author:
Cliff Van Dyke (CliffV) 25-Jun-1991
Environment:
User Mode - Win32
Revision History:
25-Jun-1991 CliffV created
04-Apr-1992 MadanA Added support for LSA replication.
--*/
//// Interface Attributes//
[ uuid(12345678-1234-ABCD-EF00-01234567CFFB), version(1.0),#ifdef __midl ms_union,#endif // __midl pointer_default(unique)]
//// Interface Keyword//
interface logon
//// Interface Body//
{
#define _RPC_
import "imports.idl"; // import all the include files#include <lmcons.h> // Needed for prototype below
#define NL_MAX_RPC_ENTRY_COUNT 32000 // max number of entries that the server should allocate memory for
//// FunctionCode values for I_NetLogonControl.//
#define NETLOGON_CONTROL_QUERY 1 // No-op: just query#define NETLOGON_CONTROL_REPLICATE 2 // Force replicate on BDC#define NETLOGON_CONTROL_SYNCHRONIZE 3 // Force synchronize on BDC#define NETLOGON_CONTROL_PDC_REPLICATE 4 // Force PDC to broadcast change#define NETLOGON_CONTROL_REDISCOVER 5 // Force to re-discover trusted domain DCs#define NETLOGON_CONTROL_TC_QUERY 6 // Query status of specified trusted channel status#define NETLOGON_CONTROL_TRANSPORT_NOTIFY 7 // Notify netlogon that a new transport has come online#define NETLOGON_CONTROL_FIND_USER 8 // Find named user in a trusted domain#define NETLOGON_CONTROL_CHANGE_PASSWORD 9 // Change machine password on a secure channel to a trusted domain#define NETLOGON_CONTROL_TC_VERIFY 10 // Verify status of specified trusted channel#define NETLOGON_CONTROL_FORCE_DNS_REG 11 // Force DNS re-registration of all registered records#define NETLOGON_CONTROL_QUERY_DNS_REG 12 // Query the status of DNS updates
// Debug function codes
#define NETLOGON_CONTROL_BACKUP_CHANGE_LOG 0xFFFC#define NETLOGON_CONTROL_TRUNCATE_LOG 0xFFFD#define NETLOGON_CONTROL_SET_DBFLAG 0xFFFE#define NETLOGON_CONTROL_BREAKPOINT 0xFFFF
typedef [handle] wchar_t * LOGONSRV_HANDLE;
//// Data types for rpc stubs.//
// ?? the following data types should come from LSA or SAM idl definitions
//// We must hide the PSID in a structure to avoid too many *'s in a// field that uses size_is - otherwise MIDL has a fit.//
typedef struct _NLPR_SID_INFORMATION {
PISID SidPointer;
} NLPR_SID_INFORMATION, *PNLPR_SID_INFORMATION;
//// Define an array of pointers to SIDs//
typedef struct _NLPR_SID_ARRAY {
// // Indicates the number of Elements in the array. //
ULONG Count;
// // Points to the array of sid-pointers //
[size_is(Count)] PNLPR_SID_INFORMATION Sids;
} NLPR_SID_ARRAY, *PNLPR_SID_ARRAY;
//// Two-way encrypted value structure in Self-relative form. This// is just like a String.//
typedef struct _NLPR_CR_CIPHER_VALUE {
ULONG Length; ULONG MaximumLength; [size_is(MaximumLength), length_is(Length)] PUCHAR Buffer;
} NLPR_CR_CIPHER_VALUE, *PNLPR_CR_CIPHER_VALUE;
typedef struct _NLPR_LOGON_HOURS {
USHORT UnitsPerWeek;
// // Points to an array of bitmask. The bits represent either days, // hours or minutes in the week depending upon the value of // UnitsPerWeek. (Technically, they could represent any division of // time not finer than minute granularity).
// Day granularity is specified by specifying SAM_DAYS_PER_WEEK. // Hours granularity is specified by specifying SAM_HOURS_PER_WEEK. // Minute granularity is specified by specifying // SAM_MINUTES_PER_WEEK. The number of bytes pointed to by this // field is ((UnitsPerWeek + 7) / 8) and may not exceed // ((SAM_MINUTES_PER_WEEK+7)/8 == 1260). //
[size_is(1260), length_is((UnitsPerWeek+7)/8)] PUCHAR LogonHours;
} NLPR_LOGON_HOURS, *PNLPR_LOGON_HOURS;
typedef struct _NLPR_USER_PRIVATE_INFO {
BOOLEAN SensitiveData;
// // If SesitiveData is TRUE then the data is encrypted using // sessionkey across wire. //
ULONG DataLength; [size_is(DataLength)] PUCHAR Data;
} NLPR_USER_PRIVATE_INFO, *PNLPR_USER_PRIVATE_INFO;
typedef struct _NLPR_MODIFIED_COUNT {
OLD_LARGE_INTEGER ModifiedCount;
} NLPR_MODIFIED_COUNT, *PNLPR_MODIFIED_COUNT;
typedef struct _NLPR_QUOTA_LIMITS { ULONG PagedPoolLimit; ULONG NonPagedPoolLimit; ULONG MinimumWorkingSetSize; ULONG MaximumWorkingSetSize; ULONG PagefileLimit; OLD_LARGE_INTEGER TimeLimit;} NLPR_QUOTA_LIMITS, *PNLPR_QUOTA_LIMITS;
//// Enumeration structure returned from I_NetSamDeltas and I_NetSamSync//
//// Structure to completely describe a user.//
typedef struct _NETLOGON_DELTA_USER { UNICODE_STRING UserName; UNICODE_STRING FullName; ULONG UserId; ULONG PrimaryGroupId; UNICODE_STRING HomeDirectory; UNICODE_STRING HomeDirectoryDrive; UNICODE_STRING ScriptPath; UNICODE_STRING AdminComment; UNICODE_STRING WorkStations; OLD_LARGE_INTEGER LastLogon; OLD_LARGE_INTEGER LastLogoff; NLPR_LOGON_HOURS LogonHours; USHORT BadPasswordCount; USHORT LogonCount; OLD_LARGE_INTEGER PasswordLastSet; OLD_LARGE_INTEGER AccountExpires; ULONG UserAccountControl;
// // The following fields are duplicates of information already in // the Private data. Starting in NT 3.51, these fields are zeroed. // ENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword; ENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword; BOOLEAN NtPasswordPresent; BOOLEAN LmPasswordPresent; BOOLEAN PasswordExpired;
UNICODE_STRING UserComment; UNICODE_STRING Parameters; USHORT CountryCode; USHORT CodePage;
NLPR_USER_PRIVATE_INFO PrivateData; // password history
SECURITY_INFORMATION SecurityInformation; ULONG SecuritySize; [size_is(SecuritySize)] PUCHAR SecurityDescriptor;
UNICODE_STRING DummyString1; // used for profile path. UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; // used for LastBadPasswordTime.HighPart ULONG DummyLong2; // used for LastBadPasswordTime.LowPart ULONG DummyLong3; ULONG DummyLong4;
} NETLOGON_DELTA_USER, *PNETLOGON_DELTA_USER;
//// Structure to completely describe a group.//typedef struct _NETLOGON_DELTA_GROUP { UNICODE_STRING Name; ULONG RelativeId; ULONG Attributes; UNICODE_STRING AdminComment;
SECURITY_INFORMATION SecurityInformation; ULONG SecuritySize; [size_is(SecuritySize)] PUCHAR SecurityDescriptor;
UNICODE_STRING DummyString1; UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_DELTA_GROUP, *PNETLOGON_DELTA_GROUP;
//// Structure to completely describe all the members of a group.//typedef struct _NETLOGON_DELTA_GROUP_MEMBER { [size_is(MemberCount)] PULONG MemberIds; [size_is(MemberCount)] PULONG Attributes; ULONG MemberCount;
ULONG DummyLong1; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_DELTA_GROUP_MEMBER, *PNETLOGON_DELTA_GROUP_MEMBER;
//// Structure to completely describe a alias.//typedef struct _NETLOGON_DELTA_ALIAS { UNICODE_STRING Name; ULONG RelativeId;// UNICODE_STRING AdminComment;
SECURITY_INFORMATION SecurityInformation; ULONG SecuritySize; [size_is(SecuritySize)] PUCHAR SecurityDescriptor;
UNICODE_STRING DummyString1; // used for admin comment UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_DELTA_ALIAS, *PNETLOGON_DELTA_ALIAS;
//// Structure to completely describe all the members of a alias.//typedef struct _NETLOGON_DELTA_ALIAS_MEMBER { NLPR_SID_ARRAY Members;
ULONG DummyLong1; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_DELTA_ALIAS_MEMBER, *PNETLOGON_DELTA_ALIAS_MEMBER;
//// Structure to completely describe a domain.//typedef struct _NETLOGON_DELTA_DOMAIN { UNICODE_STRING DomainName; UNICODE_STRING OemInformation; OLD_LARGE_INTEGER ForceLogoff; USHORT MinPasswordLength; USHORT PasswordHistoryLength; OLD_LARGE_INTEGER MaxPasswordAge; OLD_LARGE_INTEGER MinPasswordAge;
OLD_LARGE_INTEGER DomainModifiedCount; OLD_LARGE_INTEGER DomainCreationTime;
// All this information is maintained separately on each system.#ifdef notdef UNICODE_STRING ReplicaSourceNodeName; DOMAIN_SERVER_ENABLE_STATE DomainServerState; DOMAIN_SERVER_ROLE DomainServerRole;#endif // notdef
SECURITY_INFORMATION SecurityInformation; ULONG SecuritySize; [size_is(SecuritySize)] PUCHAR SecurityDescriptor;
UNICODE_STRING DummyString1; // used to replicate DOMAIN_LOCKOUT_INFORMATION UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; // used to replicate PasswordProperties ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_DELTA_DOMAIN, *PNETLOGON_DELTA_DOMAIN;
typedef struct _NETLOGON_DELTA_RENAME { UNICODE_STRING OldName; UNICODE_STRING NewName;
UNICODE_STRING DummyString1; UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_RENAME_GROUP, *PNETLOGON_DELTA_RENAME_GROUP, NETLOGON_RENAME_USER, *PNETLOGON_DELTA_RENAME_USER, NETLOGON_RENAME_ALIAS, *PNETLOGON_DELTA_RENAME_ALIAS;
typedef struct _NETLOGON_DELTA_POLICY { ULONG MaximumLogSize; OLD_LARGE_INTEGER AuditRetentionPeriod;
BOOLEAN AuditingMode; ULONG MaximumAuditEventCount; [size_is(MaximumAuditEventCount + 1)] PULONG EventAuditingOptions;
UNICODE_STRING PrimaryDomainName; PISID PrimaryDomainSid;
NLPR_QUOTA_LIMITS QuotaLimits;
OLD_LARGE_INTEGER ModifiedId; OLD_LARGE_INTEGER DatabaseCreationTime;
SECURITY_INFORMATION SecurityInformation; ULONG SecuritySize; [size_is(SecuritySize)] PUCHAR SecurityDescriptor;
UNICODE_STRING DummyString1; UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_DELTA_POLICY, *PNETLOGON_DELTA_POLICY;
typedef struct _NETLOGON_DELTA_TRUSTED_DOMAINS { UNICODE_STRING DomainName; ULONG NumControllerEntries; [size_is(NumControllerEntries)] PUNICODE_STRING ControllerNames;
SECURITY_INFORMATION SecurityInformation; ULONG SecuritySize; [size_is(SecuritySize)] PUCHAR SecurityDescriptor;
UNICODE_STRING DummyString1; UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; // used for posix offset. ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_DELTA_TRUSTED_DOMAINS, *PNETLOGON_DELTA_TRUSTED_DOMAINS;
typedef struct _NETLOGON_DELTA_ACCOUNTS { ULONG PrivilegeEntries; ULONG PrivilegeControl; [size_is(PrivilegeEntries)] PULONG PrivilegeAttributes; [size_is(PrivilegeEntries)] PUNICODE_STRING PrivilegeNames;
NLPR_QUOTA_LIMITS QuotaLimits; ULONG SystemAccessFlags;
SECURITY_INFORMATION SecurityInformation; ULONG SecuritySize; [size_is(SecuritySize)] PUCHAR SecurityDescriptor;
UNICODE_STRING DummyString1; UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_DELTA_ACCOUNTS, *PNETLOGON_DELTA_ACCOUNTS;
typedef struct _NETLOGON_DELTA_SECRET { NLPR_CR_CIPHER_VALUE CurrentValue; OLD_LARGE_INTEGER CurrentValueSetTime; NLPR_CR_CIPHER_VALUE OldValue; OLD_LARGE_INTEGER OldValueSetTime;
SECURITY_INFORMATION SecurityInformation; ULONG SecuritySize; [size_is(SecuritySize)] PUCHAR SecurityDescriptor;
UNICODE_STRING DummyString1; UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_DELTA_SECRET, *PNETLOGON_DELTA_SECRET;
typedef struct _NETLOGON_DELTA_DELETE { [string] wchar_t * AccountName;
UNICODE_STRING DummyString1; UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_DELTA_DELETE_GROUP, *PNETLOGON_DELTA_DELETE_GROUP, NETLOGON_DELTA_DELETE_USER, *PNETLOGON_DELTA_DELETE_USER;
//// A Union of each of the above types.//typedef [switch_type(NETLOGON_DELTA_TYPE)] union _NETLOGON_DELTA_UNION { [case(AddOrChangeDomain)] PNETLOGON_DELTA_DOMAIN DeltaDomain; [case(AddOrChangeGroup)] PNETLOGON_DELTA_GROUP DeltaGroup; [case(RenameGroup)] PNETLOGON_DELTA_RENAME_GROUP DeltaRenameGroup; [case(AddOrChangeUser)] PNETLOGON_DELTA_USER DeltaUser; [case(RenameUser)] PNETLOGON_DELTA_RENAME_USER DeltaRenameUser; [case(ChangeGroupMembership)] PNETLOGON_DELTA_GROUP_MEMBER DeltaGroupMember; [case(AddOrChangeAlias)] PNETLOGON_DELTA_ALIAS DeltaAlias; [case(RenameAlias)] PNETLOGON_DELTA_RENAME_ALIAS DeltaRenameAlias; [case(ChangeAliasMembership)] PNETLOGON_DELTA_ALIAS_MEMBER DeltaAliasMember; [case(AddOrChangeLsaPolicy)] PNETLOGON_DELTA_POLICY DeltaPolicy; [case(AddOrChangeLsaTDomain)] PNETLOGON_DELTA_TRUSTED_DOMAINS DeltaTDomains; [case(AddOrChangeLsaAccount)] PNETLOGON_DELTA_ACCOUNTS DeltaAccounts; [case(AddOrChangeLsaSecret)] PNETLOGON_DELTA_SECRET DeltaSecret; [case(DeleteGroupByName)] PNETLOGON_DELTA_DELETE_GROUP DeltaDeleteGroup; [case(DeleteUserByName)] PNETLOGON_DELTA_DELETE_USER DeltaDeleteUser; [case(SerialNumberSkip)] PNLPR_MODIFIED_COUNT DeltaSerialNumberSkip; [default] ; // Ship nothing for Delete Cases} NETLOGON_DELTA_UNION, *PNETLOGON_DELTA_UNION;
typedef [switch_type(NETLOGON_DELTA_TYPE)] union _NETLOGON_DELTA_ID_UNION { [case(AddOrChangeDomain, AddOrChangeGroup, DeleteGroup, RenameGroup, AddOrChangeUser, DeleteUser, RenameUser, ChangeGroupMembership, AddOrChangeAlias, DeleteAlias, RenameAlias, ChangeAliasMembership, DeleteGroupByName, DeleteUserByName )] ULONG Rid;
[case(AddOrChangeLsaPolicy, AddOrChangeLsaTDomain, DeleteLsaTDomain, AddOrChangeLsaAccount, DeleteLsaAccount)] PISID Sid; [case(AddOrChangeLsaSecret, DeleteLsaSecret)] [string] wchar_t * Name; [default] ;} NETLOGON_DELTA_ID_UNION, *PNETLOGON_DELTA_ID_UNION;
//// A common structure to describe a single enumerated object.//typedef struct _NETLOGON_DELTA_ENUM { NETLOGON_DELTA_TYPE DeltaType; [switch_is(DeltaType)] NETLOGON_DELTA_ID_UNION DeltaID; [switch_is(DeltaType)] NETLOGON_DELTA_UNION DeltaUnion;} NETLOGON_DELTA_ENUM, *PNETLOGON_DELTA_ENUM;
//// Structure that defines the array of enumerated objects.//
typedef struct _NETLOGON_DELTA_ENUM_ARRAY { DWORD CountReturned; [size_is(CountReturned)] PNETLOGON_DELTA_ENUM Deltas;} NETLOGON_DELTA_ENUM_ARRAY, *PNETLOGON_DELTA_ENUM_ARRAY;
//// Function Prototypes - Logon Service//
NET_API_STATUSNetrLogonUasLogon ( [in,unique,string] LOGONSRV_HANDLE ServerName, [in, string] wchar_t * UserName, [in, string] wchar_t * Workstation, [out] PNETLOGON_VALIDATION_UAS_INFO *ValidationInformation );
NET_API_STATUSNetrLogonUasLogoff ( [in,unique,string] LOGONSRV_HANDLE ServerName, [in, string] wchar_t * UserName, [in, string] wchar_t * Workstation, [out] PNETLOGON_LOGOFF_UAS_INFO LogoffInformation );
//// NetrLogonSam routines//typedef [switch_type(enum _NETLOGON_LOGON_INFO_CLASS)] union _NETLOGON_LEVEL { [case(NetlogonInteractiveInformation)] PNETLOGON_INTERACTIVE_INFO LogonInteractive; [case(NetlogonInteractiveTransitiveInformation)] PNETLOGON_INTERACTIVE_INFO LogonInteractiveTransitive; [case(NetlogonServiceInformation)] PNETLOGON_SERVICE_INFO LogonService; [case(NetlogonServiceTransitiveInformation)] PNETLOGON_SERVICE_INFO LogonServiceTransitive; [case(NetlogonNetworkInformation)] PNETLOGON_NETWORK_INFO LogonNetwork; [case(NetlogonNetworkTransitiveInformation)] PNETLOGON_NETWORK_INFO LogonNetworkTransitive; [case(NetlogonGenericInformation)] PNETLOGON_GENERIC_INFO LogonGeneric; [default] ;} NETLOGON_LEVEL, * PNETLOGON_LEVEL;
typedef [switch_type(enum _NETLOGON_VALIDATION_INFO_CLASS)] union _NETLOGON_VALIDATION { [case(NetlogonValidationSamInfo)] PNETLOGON_VALIDATION_SAM_INFO ValidationSam; [case(NetlogonValidationSamInfo2)] PNETLOGON_VALIDATION_SAM_INFO2 ValidationSam2; [case(NetlogonValidationGenericInfo)] PNETLOGON_VALIDATION_GENERIC_INFO ValidationGeneric; [case(NetlogonValidationGenericInfo2)] PNETLOGON_VALIDATION_GENERIC_INFO2 ValidationGeneric2; [case(NetlogonValidationSamInfo4)] PNETLOGON_VALIDATION_SAM_INFO4 ValidationSam4; [default] ;} NETLOGON_VALIDATION, * PNETLOGON_VALIDATION;
NTSTATUSNetrLogonSamLogon ( [in,unique,string] LOGONSRV_HANDLE LogonServer, [in,string,unique] wchar_t * ComputerName, [in,unique] PNETLOGON_AUTHENTICATOR Authenticator, [in,out,unique] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] NETLOGON_LOGON_INFO_CLASS LogonLevel, [in,switch_is(LogonLevel)] PNETLOGON_LEVEL LogonInformation, [in] NETLOGON_VALIDATION_INFO_CLASS ValidationLevel, [out,switch_is(ValidationLevel)] PNETLOGON_VALIDATION ValidationInformation, [out] PBOOLEAN Authoritative );
NTSTATUSNetrLogonSamLogoff ( [in,unique,string] LOGONSRV_HANDLE LogonServer, [in,string,unique] wchar_t * ComputerName, [in,unique] PNETLOGON_AUTHENTICATOR Authenticator, [in,out,unique] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] NETLOGON_LOGON_INFO_CLASS LogonLevel, [in,switch_is(LogonLevel)] PNETLOGON_LEVEL LogonInformation);
NTSTATUSNetrServerReqChallenge ( [in,unique,string] LOGONSRV_HANDLE PrimaryName, [in, string] wchar_t * ComputerName, [in] PNETLOGON_CREDENTIAL ClientChallenge, [out] PNETLOGON_CREDENTIAL ServerChallenge );
NTSTATUSNetrServerAuthenticate ( [in,unique,string] LOGONSRV_HANDLE PrimaryName, [in,string] wchar_t * AccountName, [in] NETLOGON_SECURE_CHANNEL_TYPE AccountType, [in, string] wchar_t * ComputerName, [in] PNETLOGON_CREDENTIAL ClientCredential, [out] PNETLOGON_CREDENTIAL ServerCredential );
NTSTATUSNetrServerPasswordSet ( [in,unique,string] LOGONSRV_HANDLE PrimaryName, [in,string] wchar_t * AccountName, [in] NETLOGON_SECURE_CHANNEL_TYPE AccountType, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] PENCRYPTED_LM_OWF_PASSWORD UasNewPassword );
//// Replication Routines//
NTSTATUSNetrDatabaseDeltas ( [in, string] LOGONSRV_HANDLE primaryname, [in, string] wchar_t * computername, [in] PNETLOGON_AUTHENTICATOR authenticator, [in,out] PNETLOGON_AUTHENTICATOR ret_auth, [in] DWORD DatabaseID, [in, out] PNLPR_MODIFIED_COUNT DomainModifiedCount, [out] PNETLOGON_DELTA_ENUM_ARRAY *DeltaArray, [in] DWORD PreferredMaximumLength );
NTSTATUSNetrDatabaseSync ( [in, string] LOGONSRV_HANDLE PrimaryName, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] DWORD DatabaseID, [in, out] PULONG SyncContext, [out] PNETLOGON_DELTA_ENUM_ARRAY *DeltaArray, [in] DWORD PreferredMaximumLength );
NTSTATUSNetrAccountDeltas ( [in, unique, string] LOGONSRV_HANDLE PrimaryName, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] PUAS_INFO_0 RecordId, [in] DWORD Count, [in] DWORD Level, [out, size_is(BufferSize)] LPBYTE Buffer, [in] DWORD BufferSize, [out] PULONG CountReturned, [out] PULONG TotalEntries, [out] PUAS_INFO_0 NextRecordId );
NTSTATUSNetrAccountSync ( [in, unique, string] LOGONSRV_HANDLE PrimaryName, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] DWORD Reference, [in] DWORD Level, [out, size_is(BufferSize) ] LPBYTE Buffer, [in] DWORD BufferSize, [out] PULONG CountReturned, [out] PULONG TotalEntries, [out] PULONG NextReference, [out] PUAS_INFO_0 LastRecordId );
NET_API_STATUSNetrGetDCName ( [in, string] LOGONSRV_HANDLE ServerName, [in, unique, string] wchar_t *DomainName, [out, string] wchar_t **Buffer );
//// I_NetLogonControl//
typedef [switch_type(DWORD)] union _NETLOGON_CONTROL_DATA_INFORMATION { [case(NETLOGON_CONTROL_REDISCOVER, NETLOGON_CONTROL_TC_QUERY, NETLOGON_CONTROL_CHANGE_PASSWORD, NETLOGON_CONTROL_TC_VERIFY)] [string] wchar_t * TrustedDomainName; [case(NETLOGON_CONTROL_SET_DBFLAG)] DWORD DebugFlag; [case(NETLOGON_CONTROL_FIND_USER)] [string] wchar_t * UserName; [default] ;} NETLOGON_CONTROL_DATA_INFORMATION, * PNETLOGON_CONTROL_DATA_INFORMATION;
typedef [switch_type(DWORD)] union _NETLOGON_CONTROL_QUERY_INFORMATION { [case(1)] PNETLOGON_INFO_1 NetlogonInfo1; [case(2)] PNETLOGON_INFO_2 NetlogonInfo2; [case(3)] PNETLOGON_INFO_3 NetlogonInfo3; [case(4)] PNETLOGON_INFO_4 NetlogonInfo4; [default] ;} NETLOGON_CONTROL_QUERY_INFORMATION, * PNETLOGON_CONTROL_QUERY_INFORMATION;
NET_API_STATUSNetrLogonControl( [in, unique, string] LOGONSRV_HANDLE ServerName, [in] DWORD FunctionCode, [in] DWORD QueryLevel, [out,switch_is(QueryLevel)] PNETLOGON_CONTROL_QUERY_INFORMATION Buffer );
NET_API_STATUSNetrGetAnyDCName ( [in, unique, string] LOGONSRV_HANDLE ServerName, [in, unique, string] wchar_t *DomainName, [out, string] wchar_t **Buffer );
NET_API_STATUSNetrLogonControl2( [in, unique, string] LOGONSRV_HANDLE ServerName, [in] DWORD FunctionCode, [in] DWORD QueryLevel, [in,switch_is(FunctionCode)] PNETLOGON_CONTROL_DATA_INFORMATION Data, [out,switch_is(QueryLevel)] PNETLOGON_CONTROL_QUERY_INFORMATION Buffer );
NTSTATUSNetrServerAuthenticate2 ( [in,unique,string] LOGONSRV_HANDLE PrimaryName, [in,string] wchar_t * AccountName, [in] NETLOGON_SECURE_CHANNEL_TYPE AccountType, [in, string] wchar_t * ComputerName, [in] PNETLOGON_CREDENTIAL ClientCredential, [out] PNETLOGON_CREDENTIAL ServerCredential, [in,out] PULONG NegotiateFlags );
//// The Sync state indicates tracks the progression of the sync.// NlSynchronize() depends on these being in order.//
typedef enum _SYNC_STATE { NormalState, DomainState, GroupState, UasBuiltinGroupState, UserState, GroupMemberState, AliasState, AliasMemberState, SamDoneState} SYNC_STATE, *PSYNC_STATE;
NTSTATUSNetrDatabaseSync2 ( [in, string] LOGONSRV_HANDLE PrimaryName, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] DWORD DatabaseID, [in] SYNC_STATE RestartState, [in, out] PULONG SyncContext, [out] PNETLOGON_DELTA_ENUM_ARRAY *DeltaArray, [in] DWORD PreferredMaximumLength );
NTSTATUSNetrDatabaseRedo( [in, string] LOGONSRV_HANDLE PrimaryName, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in, size_is(ChangeLogEntrySize)] PUCHAR ChangeLogEntry, [in] DWORD ChangeLogEntrySize, [out] PNETLOGON_DELTA_ENUM_ARRAY *DeltaArray );
// Same as NetrLogonControl2, but support QueryLevel of 4// and function code of NETLOGON_CONTROL_FIND_USERNET_API_STATUSNetrLogonControl2Ex( [in, unique, string] LOGONSRV_HANDLE ServerName, [in] DWORD FunctionCode, [in] DWORD QueryLevel, [in,switch_is(FunctionCode)] PNETLOGON_CONTROL_DATA_INFORMATION Data, [out,switch_is(QueryLevel)] PNETLOGON_CONTROL_QUERY_INFORMATION Buffer );
//// Routine to enumerate trusted domains.//
typedef struct _DOMAIN_NAME_BUFFER { ULONG DomainNameByteCount; [unique, size_is(DomainNameByteCount)] PUCHAR DomainNames;} DOMAIN_NAME_BUFFER, *PDOMAIN_NAME_BUFFER;
NTSTATUSNetrEnumerateTrustedDomains ( [in, unique, string] LOGONSRV_HANDLE ServerName, [out] PDOMAIN_NAME_BUFFER DomainNameBuffer );
//// Routine to find a DC.//
NET_API_STATUSDsrGetDcName( [in, unique, string ] LOGONSRV_HANDLE ComputerName, [in, unique, string] wchar_t * DomainName, [in, unique] GUID *DomainGuid, [in, unique] GUID *SiteGuid, [in] ULONG Flags, [out] PDOMAIN_CONTROLLER_INFOW *DomainControllerInfo);
//// Routine used between NT 4.0 and NT 5.0 beta 1//
typedef [switch_type(DWORD)] union _NETLOGON_DUMMY1 { [case(1)] ULONG Dummy;} NETLOGON_DUMMY1, *PNETLOGON_DUMMY1;
NTSTATUSNetrLogonDummyRoutine1( [in, string] LOGONSRV_HANDLE ServerName, [in,string,unique] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] DWORD QueryLevel, [out,switch_is(QueryLevel)] PNETLOGON_DUMMY1 Buffer );
NTSTATUSNetrLogonSetServiceBits( [in, unique, string] LOGONSRV_HANDLE ServerName, [in] DWORD ServiceBitsOfInterest, [in] DWORD ServiceBits );
//// Routines to compute a digest for a specified message using the machine trust account.//
NET_API_STATUSNetrLogonGetTrustRid( [in, unique, string] LOGONSRV_HANDLE ServerName, [in,string,unique] wchar_t * DomainName, [out] PULONG Rid );
#define NL_DIGEST_SIZE 16
NET_API_STATUSNetrLogonComputeServerDigest( [in, unique, string] LOGONSRV_HANDLE ServerName, [in] ULONG Rid, [in, size_is(MessageSize)] LPBYTE Message, [in] ULONG MessageSize, [out] CHAR NewMessageDigest[NL_DIGEST_SIZE], [out] CHAR OldMessageDigest[NL_DIGEST_SIZE] );
NET_API_STATUSNetrLogonComputeClientDigest( [in, unique, string] LOGONSRV_HANDLE ServerName, [in,string,unique] wchar_t * DomainName, [in, size_is(MessageSize)] LPBYTE Message, [in] ULONG MessageSize, [out] CHAR NewMessageDigest[NL_DIGEST_SIZE], [out] CHAR OldMessageDigest[NL_DIGEST_SIZE] );
NTSTATUSNetrServerAuthenticate3 ( [in,unique,string] LOGONSRV_HANDLE PrimaryName, [in,string] wchar_t * AccountName, [in] NETLOGON_SECURE_CHANNEL_TYPE AccountType, [in, string] wchar_t * ComputerName, [in] PNETLOGON_CREDENTIAL ClientCredential, [out] PNETLOGON_CREDENTIAL ServerCredential, [in,out] PULONG NegotiateFlags, [out] PULONG AccountRid );
//// Routine to find a DC.//
NET_API_STATUSDsrGetDcNameEx( [in, unique, string ] LOGONSRV_HANDLE ComputerName, [in, unique, string] wchar_t * DomainName, [in, unique] GUID *DomainGuid, [in, unique, string] wchar_t * SiteName, [in] ULONG Flags, [out] PDOMAIN_CONTROLLER_INFOW *DomainControllerInfo );
NET_API_STATUSDsrGetSiteName( [in, unique, string ] LOGONSRV_HANDLE ComputerName, [out, string] wchar_t **SiteName );
//// Routine to return information about the domain to a workstaion.//
//// Values of QueryLevel#define NETLOGON_QUERY_DOMAIN_INFO 1#define NETLOGON_QUERY_LSA_POLICY_INFO 2
typedef struct _NETLOGON_LSA_POLICY_INFO {
// // LSA Policy //
ULONG LsaPolicySize; [size_is(LsaPolicySize)] PUCHAR LsaPolicy;
} NETLOGON_LSA_POLICY_INFO, *PNETLOGON_LSA_POLICY_INFO;
typedef struct _NETLOGON_ONE_DOMAIN_INFO { UNICODE_STRING DomainName; UNICODE_STRING DnsDomainName; UNICODE_STRING DnsForestName; GUID DomainGuid; PISID DomainSid;
// Passes NL_TRUST_EXTENSION structure starting after NT 5 beta 2 UNICODE_STRING TrustExtension; UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG DummyLong1; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;} NETLOGON_ONE_DOMAIN_INFO, *PNETLOGON_ONE_DOMAIN_INFO;
typedef struct _NETLOGON_DOMAIN_INFO {
// // Information about the domain we're a member of. //
NETLOGON_ONE_DOMAIN_INFO PrimaryDomain;
// // Information about the domains trusted by the domain we're a member of. //
ULONG TrustedDomainCount; [size_is(TrustedDomainCount)] PNETLOGON_ONE_DOMAIN_INFO TrustedDomains;
// // LSA Policy //
NETLOGON_LSA_POLICY_INFO LsaPolicy;
// // Room for expansion. // UNICODE_STRING DnsHostNameInDs; UNICODE_STRING DummyString2; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG WorkstationFlags; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;
} NETLOGON_DOMAIN_INFO, *PNETLOGON_DOMAIN_INFO;
typedef [switch_type(DWORD)] union _NETLOGON_DOMAIN_INFORMATION { [case(NETLOGON_QUERY_DOMAIN_INFO)] PNETLOGON_DOMAIN_INFO DomainInfo; [case(NETLOGON_QUERY_LSA_POLICY_INFO)] PNETLOGON_LSA_POLICY_INFO LsaPolicyInfo;} NETLOGON_DOMAIN_INFORMATION, *PNETLOGON_DOMAIN_INFORMATION;
typedef struct _NETLOGON_WORKSTATION_INFO {
// // LSA Policy //
NETLOGON_LSA_POLICY_INFO LsaPolicy;
// // Information describing the workstation. // [string] wchar_t * DnsHostName; [string] wchar_t * SiteName; [string] wchar_t * Dummy1; [string] wchar_t * Dummy2; [string] wchar_t * Dummy3; [string] wchar_t * Dummy4;
UNICODE_STRING OsVersion; UNICODE_STRING OsName; UNICODE_STRING DummyString3; UNICODE_STRING DummyString4; ULONG WorkstationFlags; ULONG DummyLong2; ULONG DummyLong3; ULONG DummyLong4;
} NETLOGON_WORKSTATION_INFO, *PNETLOGON_WORKSTATION_INFO;
typedef [switch_type(DWORD)] union _NETLOGON_WORKSTATION_INFORMATION { [case(NETLOGON_QUERY_DOMAIN_INFO)] PNETLOGON_WORKSTATION_INFO WorkstationInfo; [case(NETLOGON_QUERY_LSA_POLICY_INFO)] PNETLOGON_WORKSTATION_INFO LsaPolicyInfo;} NETLOGON_WORKSTATION_INFORMATION, *PNETLOGON_WORKSTATION_INFORMATION;
NTSTATUSNetrLogonGetDomainInfo( [in, string] LOGONSRV_HANDLE ServerName, [in,string,unique] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] DWORD Level, [in,switch_is(Level)] PNETLOGON_WORKSTATION_INFORMATION WkstaBuffer, [out,switch_is(Level)] PNETLOGON_DOMAIN_INFORMATION DomBuffer );
NTSTATUSNetrServerPasswordSet2 ( [in,unique,string] LOGONSRV_HANDLE PrimaryName, [in,string] wchar_t * AccountName, [in] NETLOGON_SECURE_CHANNEL_TYPE AccountType, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] PNL_TRUST_PASSWORD ClearNewPassword );
NTSTATUSNetrServerPasswordGet ( [in,unique,string] LOGONSRV_HANDLE PrimaryName, [in,string] wchar_t * AccountName, [in] NETLOGON_SECURE_CHANNEL_TYPE AccountType, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [out] PENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword );
NTSTATUSNetrLogonSendToSam ( [in,unique,string] LOGONSRV_HANDLE PrimaryName, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in,size_is(OpaqueBufferSize)] PUCHAR OpaqueBuffer, [in] ULONG OpaqueBufferSize );
typedef struct _NL_SOCKET_ADDRESS { [size_is(iSockaddrLength)] PUCHAR lpSockaddr; ULONG iSockaddrLength;} NL_SOCKET_ADDRESS, *PNL_SOCKET_ADDRESS;
typedef struct _NL_SITE_NAME_ARRAY { ULONG EntryCount; [size_is(EntryCount)] PUNICODE_STRING SiteNames;} NL_SITE_NAME_ARRAY, *PNL_SITE_NAME_ARRAY;
NET_API_STATUSDsrAddressToSiteNamesW( [in,unique,string] LOGONSRV_HANDLE ComputerName, [in, range(0,NL_MAX_RPC_ENTRY_COUNT)] DWORD EntryCount, [in,size_is(EntryCount)] PNL_SOCKET_ADDRESS SocketAddresses, [out] PNL_SITE_NAME_ARRAY *SiteNames );
NET_API_STATUSDsrGetDcNameEx2( [in, unique, string ] LOGONSRV_HANDLE ComputerName, [in, unique, string] wchar_t * AccountName, [in] ULONG AllowableAccountControlBits, [in, unique, string] wchar_t * DomainName, [in, unique] GUID *DomainGuid, [in, unique, string] wchar_t * SiteName, [in] ULONG Flags, [out] PDOMAIN_CONTROLLER_INFOW *DomainControllerInfo );
NET_API_STATUSNetrLogonGetTimeServiceParentDomain( [in, unique, string] LOGONSRV_HANDLE ServerName, [out, string] wchar_t **DomainName, [out] PBOOL PdcSameSite );
typedef struct _NETLOGON_TRUSTED_DOMAIN_ARRAY { DWORD DomainCount; [size_is(DomainCount)] PDS_DOMAIN_TRUSTSW Domains;} NETLOGON_TRUSTED_DOMAIN_ARRAY, *PNETLOGON_TRUSTED_DOMAIN_ARRAY;
NET_API_STATUSNetrEnumerateTrustedDomainsEx ( [in, unique, string] LOGONSRV_HANDLE ServerName, [out] PNETLOGON_TRUSTED_DOMAIN_ARRAY Domains );
typedef struct _NL_SITE_NAME_EX_ARRAY { ULONG EntryCount; [size_is(EntryCount)] PUNICODE_STRING SiteNames; [size_is(EntryCount)] PUNICODE_STRING SubnetNames;} NL_SITE_NAME_EX_ARRAY, *PNL_SITE_NAME_EX_ARRAY;
NET_API_STATUSDsrAddressToSiteNamesExW( [in,unique,string] LOGONSRV_HANDLE ComputerName, [in, range(0,NL_MAX_RPC_ENTRY_COUNT)] DWORD EntryCount, [in,size_is(EntryCount)] PNL_SOCKET_ADDRESS SocketAddresses, [out] PNL_SITE_NAME_EX_ARRAY *SiteNames );
NET_API_STATUSDsrGetDcSiteCoverageW( [in,unique,string] LOGONSRV_HANDLE ServerName, [out] PNL_SITE_NAME_ARRAY *SiteNames );
//// Define a logon routine that uses a passed in RPC handle.// This will allow us to do multiple simultaneous RPCs over a secure channel.//
NTSTATUSNetrLogonSamLogonEx ( [in] handle_t ContextHandle, [in,unique,string] wchar_t * LogonServer, [in,unique,string] wchar_t * ComputerName, [in] NETLOGON_LOGON_INFO_CLASS LogonLevel, [in,switch_is(LogonLevel)] PNETLOGON_LEVEL LogonInformation, [in] NETLOGON_VALIDATION_INFO_CLASS ValidationLevel, [out,switch_is(ValidationLevel)] PNETLOGON_VALIDATION ValidationInformation, [out] PBOOLEAN Authoritative, [in,out] PULONG ExtraFlags );
NET_API_STATUSDsrEnumerateDomainTrusts ( [in, unique, string] LOGONSRV_HANDLE ServerName, [in] ULONG Flags, [out] PNETLOGON_TRUSTED_DOMAIN_ARRAY Domains );
NET_API_STATUSDsrDeregisterDnsHostRecords ( [in, unique, string] LOGONSRV_HANDLE ServerName, [in, unique, string] wchar_t * DnsDomainName, [in, unique] GUID *DomainGuid, [in, unique] GUID *DsaGuid, [in, string] wchar_t * DnsHostName );
NTSTATUSNetrServerTrustPasswordsGet ( [in,unique,string] LOGONSRV_HANDLE TrustedDcName, [in,string] wchar_t * AccountName, [in] NETLOGON_SECURE_CHANNEL_TYPE AccountType, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [out] PENCRYPTED_NT_OWF_PASSWORD EncryptedNewOwfPassword, [out] PENCRYPTED_NT_OWF_PASSWORD EncryptedOldOwfPassword );
NET_API_STATUSDsrGetForestTrustInformation ( [in, unique, string] LOGONSRV_HANDLE ServerName, [in, unique, string] wchar_t * TrustedDomainName, [in] DWORD Flags, [out] PLSA_FOREST_TRUST_INFORMATION * ForestTrustInfo );
NTSTATUSNetrGetForestTrustInformation ( [in,unique,string] LOGONSRV_HANDLE ServerName, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] DWORD Flags, [out] PLSA_FOREST_TRUST_INFORMATION * ForestTrustInfo );
// This is the non-Ex version but with FlagsNTSTATUSNetrLogonSamLogonWithFlags ( [in,unique,string] LOGONSRV_HANDLE LogonServer, [in,string,unique] wchar_t * ComputerName, [in,unique] PNETLOGON_AUTHENTICATOR Authenticator, [in,out,unique] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [in] NETLOGON_LOGON_INFO_CLASS LogonLevel, [in,switch_is(LogonLevel)] PNETLOGON_LEVEL LogonInformation, [in] NETLOGON_VALIDATION_INFO_CLASS ValidationLevel, [out,switch_is(ValidationLevel)] PNETLOGON_VALIDATION ValidationInformation, [out] PBOOLEAN Authoritative, [in,out] PULONG ExtraFlags );
//// Generic data sent over netlogon RPC interfaces.//// The following data structure can be used to send generic data// from the server to teh client. Suppose the client requests// an info about some property from the server over an RPC interface.// Suppose that property has several attributes (which can be// generically represented as ULONGs and/or UNICODE_STRINGS) and// suppose that the property has several versions where older versions// have more attributes. Using this generic data structure, the server// will send all N attributes for the version the server supports. Here// N is the number of attributes for the version teh server supports.// If the client is older than the server, the client will be able to// understand the first M attributes and the client will ignore the rest// of attributes. Here M is the number of attributes the client version// supports. If the client is newer than the server, the client will be// able to understand all N attributes from the server and the client// will realize that the server supports an old version of the property.// This scheme works provided the attributes are ordered by their creation// time. This technique avoids new RPC interfaces as property gets new// attributes and avoids special case coding.//
typedef struct _NL_GENERIC_RPC_DATA {
ULONG UlongEntryCount; [size_is(UlongEntryCount)] PULONG UlongData;
ULONG UnicodeStringEntryCount; [size_is(UnicodeStringEntryCount)] PUNICODE_STRING UnicodeStringData;
} NL_GENERIC_RPC_DATA, *PNL_GENERIC_RPC_DATA;
NTSTATUSNetrServerGetTrustInfo ( [in,unique,string] LOGONSRV_HANDLE TrustedDcName, [in,string] wchar_t * AccountName, [in] NETLOGON_SECURE_CHANNEL_TYPE AccountType, [in, string] wchar_t * ComputerName, [in] PNETLOGON_AUTHENTICATOR Authenticator, [out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator, [out] PENCRYPTED_NT_OWF_PASSWORD EncryptedNewOwfPassword, [out] PENCRYPTED_NT_OWF_PASSWORD EncryptedOldOwfPassword, [out] PNL_GENERIC_RPC_DATA *TrustInfo );}
|
