/*++ Copyright (c) 1987-1996 Microsoft Corporation Module Name: logonsrv.h Abstract: Netlogon service internal constants and definitions. Author: Ported from Lan Man 2.0 Revision History: 21-May-1991 (cliffv) Ported to NT. Converted to NT style. --*/ // // Define _DC_NETLOGON if _WKSTA_NETLOGON is not defined. // #ifndef _WKSTA_NETLOGON #define _DC_NETLOGON #endif // _WKSTA_NETLOGON //////////////////////////////////////////////////////////////////////////// // // Common include files needed by ALL netlogon server files // //////////////////////////////////////////////////////////////////////////// #if ( _MSC_VER >= 800 ) #pragma warning ( 3 : 4100 ) // enable "Unreferenced formal parameter" #pragma warning ( 3 : 4219 ) // enable "trailing ',' used for variable argument list" #endif #include // LARGE_INTEGER definition #include // LARGE_INTEGER definition #include // LARGE_INTEGER definition #include // Needed by lsrvdata.h #define NOMINMAX // Avoid redefinition of min and max in stdlib.h #include // Needed by logon_s.h #define INCL_WINSOCK_API_PROTOTYPES 1 #include // Winsock support #include // includes lmcons.h, lmaccess.h, netlogon.h, ssi.h, windef.h #include #include // ALERT_* defines #include // ROUND_UP_COUNT ... #include // net config helpers. #include // SECTION_ equates, NETLOGON_KEYWORD_ equates. #include // FORMAT_* //#define SDK_DNS_RECORD 1 // Needed for dnsapi.h #include // DNS API #include // Dns API #include // NAMETYPE_* defines #include // NetApiBufferFree #include // NERR_ equates. #include // NELOG_* #include // Server API defines and prototypes #include // share API functions and prototypes #include // Needed for NETLOGON service name #include // SERVICE_UIC codes are defined here #include // NetpLogon routines #include // Needed by lsrvdata.h and logonsrv.h #include // LsaI routines #include // CryptoAPI #ifndef NETSETUP_JOIN #define SECURITY_KERBEROS #include // Interface to LSA/Kerberos #include // needed to get Kerberos interfaces. #include // Needed by ssiinit.h // #include // Needed by secpkg.h #include // Needed by sphelp.h #endif #include // NetpIsUserNameValid #include // NetpCopy... #include // NetpNtStatusToApiStatus #include "nlp.h" // Nlp routine #include // Interface to browser driver #include // Rpcp routines #include // Needed by lsrvdata.h and logonsrv.h #include // SamIFree routines #include // NetpAccessCheck #include // offsetof() #include // C library functions (rand, etc) #include // Transitional string routines. #include // Needed by netsetup.h #include // NetpSetDnsComputerNameAsRequired #include // WMI trace #include // TRACEHANDLE #ifndef NETSETUP_JOIN #include #include #include #include #endif // // Netlogon specific header files. // #include // I_Net* #include // DsGetDcName() #include // DsGetDcOpen() #include "worker.h" // Worker routines #include "nlbind.h" // Netlogon RPC binding cache routines #include "nlcommon.h" // Routines shared with logonsrv\common #include "domain.h" // Hosted domain definitions #include "nldns.h" // DNS name registration #include "changelg.h" // Change Log support #include "chutil.h" // Change Log utilities #include "iniparm.h" // DEFAULT_, MIN_, and MAX_ equates. #include "ssiinit.h" // Misc global definitions #include "replutil.h" #include "nldebug.h" // Netlogon debugging #include "nlsecure.h" // Security Descriptor for APIs #include "ismapi.h" #include "nlsite.h" #include "lsrvdata.h" // Globals // // RtlCopyMemory on IA64 is now optimized to do aligned copies inline. // This doesn't work for us as we use RtlCopyMemory to copy data from // unaligned buffers to aligned ones, so we cause unaligment exception. // To avoid this, revert to the old unoptimized version. // #if defined(_M_IA64) #undef RtlCopyMemory NTSYSAPI VOID NTAPI RtlCopyMemory ( VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, SIZE_T Length ); #endif // _M_IA64 #ifdef _DC_NETLOGON #define NETLOGON_SCRIPTS_SHARE L"NETLOGON" #define NETLOGON_SYSVOL_SHARE L"SYSVOL" #endif // _DC_NETLOGON #define MAX_LOGONREQ_COUNT 3 #define NETLOGON_INSTALL_WAIT 60000 // 60 secs // // Exit codes for NlExit // typedef enum { DontLogError, LogError, LogErrorAndNtStatus, LogErrorAndNetStatus } NL_EXIT_CODE; //////////////////////////////////////////////////////////////////////// // // Procedure Forwards // //////////////////////////////////////////////////////////////////////// // // error.c // NET_API_STATUS NlCleanup( VOID ); VOID NlExit( IN DWORD ServiceError, IN DWORD Data, IN NL_EXIT_CODE ExitCode, IN LPWSTR ErrorString ); BOOL GiveInstallHints( IN BOOL Started ); #ifdef _DC_NETLOGON VOID NlControlHandler( IN DWORD opcode ); #endif // _DC_NETLOGON VOID RaiseAlert( IN DWORD alert_no, IN LPWSTR *string_array ); // // Nlparse.c // BOOL Nlparse( IN PNETLOGON_PARAMETERS NlParameters, IN PNETLOGON_PARAMETERS DefaultParameters OPTIONAL, IN BOOLEAN IsChangeNotify ); VOID NlParseFree( IN PNETLOGON_PARAMETERS NlParameters ); VOID NlReparse( VOID ); BOOL NlparseAllSections( IN PNETLOGON_PARAMETERS NlParameters, IN BOOLEAN IsChangeNotify ); // // announce.c // VOID NlRemovePendingBdc( IN PSERVER_SESSION ServerSession ); VOID NlPrimaryAnnouncementFinish( IN PSERVER_SESSION ServerSession, IN DWORD DatabaseId, IN PLARGE_INTEGER SerialNumber ); VOID NlPrimaryAnnouncementTimeout( VOID ); VOID NlPrimaryAnnouncement( IN DWORD AnnounceFlags ); #define ANNOUNCE_FORCE 0x01 #define ANNOUNCE_CONTINUE 0x02 #define ANNOUNCE_IMMEDIATE 0x04 // // lsrvutil.c // NTSTATUS NlGetOutgoingPassword( IN PCLIENT_SESSION ClientSession, OUT PUNICODE_STRING *CurrentValue, OUT PUNICODE_STRING *OldValue, OUT PDWORD CurrentVersionNumber, OUT PLARGE_INTEGER LastSetTime OPTIONAL ); NTSTATUS NlSessionSetup( IN OUT PCLIENT_SESSION ClientSession ); NTSTATUS NlEnsureSessionAuthenticated( IN PCLIENT_SESSION ClientSession, IN DWORD DesiredFlags ); BOOLEAN NlTimeHasElapsedEx( IN PLARGE_INTEGER StartTime, IN PLARGE_INTEGER Period, OUT PULONG RemainingTime OPTIONAL ); BOOLEAN NlTimeToReauthenticate( IN PCLIENT_SESSION ClientSession ); BOOLEAN NlTimeToRediscover( IN PCLIENT_SESSION ClientSession, BOOLEAN WithAccount ); NTSTATUS NlUpdateDomainInfo( IN PCLIENT_SESSION ClientSession ); NET_API_STATUS NlCreateShare( LPWSTR SharePath, LPWSTR ShareName, BOOLEAN AllowAuthenticatedUsers, BOOL UpdateExclusiveShareAccess, BOOL AllowExclusiveShareAccess ); NET_API_STATUS NlCacheJoinDomainControllerInfo( VOID ); NTSTATUS NlSamOpenNamedUser( IN PDOMAIN_INFO DomainInfo, IN LPCWSTR UserName, OUT SAMPR_HANDLE *UserHandle OPTIONAL, OUT PULONG UserId OPTIONAL, PSAMPR_USER_INFO_BUFFER *UserAllInfo OPTIONAL ); NTSTATUS NlSamChangePasswordNamedUser( IN PDOMAIN_INFO DomainInfo, IN LPCWSTR UserName, IN PUNICODE_STRING ClearTextPassword OPTIONAL, IN PNT_OWF_PASSWORD OwfPassword OPTIONAL ); NTSTATUS NlGetIncomingPassword( IN PDOMAIN_INFO DomainInfo, IN LPCWSTR AccountName, IN NETLOGON_SECURE_CHANNEL_TYPE SecureChannelType, IN ULONG AllowableAccountControlBits, IN BOOL CheckAccountDisabled, OUT PNT_OWF_PASSWORD OwfPassword OPTIONAL, OUT PNT_OWF_PASSWORD OwfPreviousPassword OPTIONAL, OUT PULONG AccountRid OPTIONAL, OUT PULONG TrustAttributes OPTIONAL, OUT PBOOL IsDnsDomainTrustAccount OPTIONAL ); NTSTATUS NlSetIncomingPassword( IN PDOMAIN_INFO DomainInfo, IN LPWSTR AccountName, IN NETLOGON_SECURE_CHANNEL_TYPE SecureChannelType, IN PUNICODE_STRING ClearTextPassword OPTIONAL, IN DWORD ClearPasswordVersionNumber, IN PNT_OWF_PASSWORD OwfPassword OPTIONAL ); NTSTATUS NlChangePassword( IN PCLIENT_SESSION ClientSession, IN BOOLEAN ForcePasswordChange, OUT PULONG RetCallAgainPeriod OPTIONAL ); NTSTATUS NlChangePasswordHigher( IN PCLIENT_SESSION ClientSession, IN LPWSTR AccountName, IN NETLOGON_SECURE_CHANNEL_TYPE AccountType, IN PLM_OWF_PASSWORD NewOwfPassword OPTIONAL, IN PUNICODE_STRING NewClearPassword OPTIONAL, IN PDWORD ClearPasswordVersionNumber OPTIONAL ); NTSTATUS NlGetUserPriv( IN PDOMAIN_INFO DomainInfo, IN ULONG GroupCount, IN PGROUP_MEMBERSHIP Groups, IN ULONG UserRelativeId, OUT LPDWORD Priv, OUT LPDWORD AuthFlags ); BOOLEAN NlGenerateRandomBits( PUCHAR pBuffer, ULONG cbBuffer ); // // netlogon.c // #ifdef _DC_NETLOGON BOOL TimerExpired( IN PTIMER Timer, IN PLARGE_INTEGER TimeNow, IN OUT LPDWORD Timeout ); ULONG NlGetDomainFlags( IN PDOMAIN_INFO DomainInfo ); NTSTATUS NlWaitForService( LPWSTR ServiceName, ULONG Timeout, BOOLEAN RequireAutoStart ); int NlNetlogonMain( IN DWORD argc, IN LPWSTR *argv ); NTSTATUS NlInitLsaDBInfo( PDOMAIN_INFO DomainInfo, DWORD DBIndex ); NTSTATUS NlInitSamDBInfo( PDOMAIN_INFO DomainInfo, DWORD DBIndex ); BOOL NlCreateSysvolShares( VOID ); #endif // _DC_NETLOGON // // mailslot.c // NTSTATUS NlpWriteMailslot( IN LPWSTR MailslotName, IN LPVOID Buffer, IN DWORD BufferSize ); #ifdef _DC_NETLOGON HANDLE NlBrowserCreateEvent( VOID ); VOID NlBrowserCloseEvent( IN HANDLE EventHandle ); BOOL NlBrowserOpen( VOID ); VOID NlBrowserClose( VOID ); NTSTATUS NlBrowserSendDatagramA( IN PDOMAIN_INFO DomainInfo, IN ULONG IpAddress, IN LPSTR OemServerName, IN DGRECEIVER_NAME_TYPE NameType, IN LPWSTR TransportName, IN LPSTR OemMailslotName, IN PVOID Buffer, IN ULONG BufferSize ); NET_API_STATUS NlBrowserFixAllNames( IN PDOMAIN_INFO DomainInfo, IN PVOID Context ); VOID NlBrowserAddName( IN PDOMAIN_INFO DomainInfo ); VOID NlBrowserDelName( IN PDOMAIN_INFO DomainInfo ); VOID NlBrowserUpdate( IN PDOMAIN_INFO DomainInfo, IN DWORD Role ); NTSTATUS NlBrowserRenameDomain( IN LPWSTR OldDomainName OPTIONAL, IN LPWSTR NewDomainName ); NET_API_STATUS NlBrowserGetTransportList( OUT PLMDR_TRANSPORT_LIST *TransportList ); VOID NlBrowserSyncHostedDomains( VOID ); VOID NlMailslotPostRead( IN BOOLEAN IgnoreDuplicatesOfPreviousMessage ); BOOL NlMailslotOverlappedResult( OUT LPBYTE *Message, OUT PULONG BytesRead, OUT LPWSTR *TransportName, OUT PNL_TRANSPORT *Transport, OUT PSOCKADDR *ClientSockAddr, OUT LPWSTR *DestinationName, OUT PBOOLEAN IgnoreDuplicatesOfPreviousMessage, OUT PNETLOGON_PNP_OPCODE NlPnpOpcode ); NET_API_STATUS NlServerComputerNameAdd( IN LPWSTR HostedDomainName, IN LPWSTR HostedServerName ); // // oldstub.c // void _fgs__NETLOGON_DELTA_ENUM (NETLOGON_DELTA_ENUM * _source); // Use this to free all memory allocated by SAM. #define SamLsaFreeMemory( _X ) MIDL_user_free(_X) // // ds.c // NET_API_STATUS NlGetRoleInformation( PDOMAIN_INFO DomainInfo, PBOOLEAN IsPdc, PBOOLEAN Nt4MixedDomain ); // // rgroups.c // NTSTATUS NlpExpandResourceGroupMembership( IN NETLOGON_VALIDATION_INFO_CLASS ValidationLevel, IN OUT PNETLOGON_VALIDATION_SAM_INFO4 * UserInfo, IN PDOMAIN_INFO DomainInfo, IN ULONG ComputerAccountId ); NTSTATUS NlpAddResourceGroupsToSamInfo ( IN NETLOGON_VALIDATION_INFO_CLASS ValidationLevel, IN OUT PNETLOGON_VALIDATION_SAM_INFO4 *ValidationInformation, IN PSAMPR_PSID_ARRAY ResourceGroups ); NTSTATUS NlpAddOtherOrganizationSid ( IN NETLOGON_VALIDATION_INFO_CLASS ValidationLevel, IN OUT PNETLOGON_VALIDATION_SAM_INFO4 *ValidationInformation ); #endif // _DC_NETLOGON // // nltrace.c // ULONG _stdcall NlpInitializeTrace(PVOID Param); VOID NlpTraceEvent( IN ULONG WmiEventType, IN ULONG TraceGuid ); VOID NlpTraceServerAuthEvent( IN ULONG WmiEventType, IN LPWSTR ComputerName, IN LPWSTR AccountName, IN NETLOGON_SECURE_CHANNEL_TYPE SecureChannelType, IN PULONG NegotiatedFlags, IN NTSTATUS Status ); // // The following "typedef enum" actually is the index of LPGUID in // the table of NlpTraceGuids[] (defined in nltrace.c). We should // always change NlpTraceGuids[] if we add any other entry // in the following enum type. // typedef enum _NLPTRACE_GUID { NlpGuidServerAuth, NlpGuidSecureChannelSetup } NLPTRACE_GUID; // // parse.c // NET_API_STATUS NlParseOne( IN LPNET_CONFIG_HANDLE SectionHandle, IN BOOL GpSection, IN LPWSTR Keyword, IN ULONG DefaultValue, IN ULONG MinimumValue, IN ULONG MaximumValue, OUT PULONG Value );