You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1313 lines
40 KiB
1313 lines
40 KiB
/*++
|
|
|
|
Copyright (c) 1990 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
LOGON.IDL
|
|
|
|
Abstract:
|
|
|
|
Contains the Netr (Net Remote) RPC interface specification for the
|
|
API associated with the Netlogon Service.
|
|
|
|
Also contains the RPC specific data structures for these API.
|
|
|
|
Author:
|
|
|
|
Cliff Van Dyke (CliffV) 25-Jun-1991
|
|
|
|
Environment:
|
|
|
|
User Mode - Win32
|
|
|
|
Revision History:
|
|
|
|
25-Jun-1991 CliffV
|
|
created
|
|
|
|
04-Apr-1992 MadanA
|
|
Added support for LSA replication.
|
|
|
|
--*/
|
|
|
|
//
|
|
// Interface Attributes
|
|
//
|
|
|
|
[
|
|
uuid(12345678-1234-ABCD-EF00-01234567CFFB),
|
|
version(1.0),
|
|
#ifdef __midl
|
|
ms_union,
|
|
#endif // __midl
|
|
pointer_default(unique)
|
|
]
|
|
|
|
//
|
|
// Interface Keyword
|
|
//
|
|
|
|
interface logon
|
|
|
|
//
|
|
// Interface Body
|
|
//
|
|
|
|
{
|
|
|
|
#define _RPC_
|
|
|
|
import "imports.idl"; // import all the include files
|
|
#include <lmcons.h> // Needed for prototype below
|
|
|
|
#define NL_MAX_RPC_ENTRY_COUNT 32000 // max number of entries that the server should allocate memory for
|
|
|
|
//
|
|
// FunctionCode values for I_NetLogonControl.
|
|
//
|
|
|
|
#define NETLOGON_CONTROL_QUERY 1 // No-op: just query
|
|
#define NETLOGON_CONTROL_REPLICATE 2 // Force replicate on BDC
|
|
#define NETLOGON_CONTROL_SYNCHRONIZE 3 // Force synchronize on BDC
|
|
#define NETLOGON_CONTROL_PDC_REPLICATE 4 // Force PDC to broadcast change
|
|
#define NETLOGON_CONTROL_REDISCOVER 5 // Force to re-discover trusted domain DCs
|
|
#define NETLOGON_CONTROL_TC_QUERY 6 // Query status of specified trusted channel status
|
|
#define NETLOGON_CONTROL_TRANSPORT_NOTIFY 7 // Notify netlogon that a new transport has come online
|
|
#define NETLOGON_CONTROL_FIND_USER 8 // Find named user in a trusted domain
|
|
#define NETLOGON_CONTROL_CHANGE_PASSWORD 9 // Change machine password on a secure channel to a trusted domain
|
|
#define NETLOGON_CONTROL_TC_VERIFY 10 // Verify status of specified trusted channel
|
|
#define NETLOGON_CONTROL_FORCE_DNS_REG 11 // Force DNS re-registration of all registered records
|
|
#define NETLOGON_CONTROL_QUERY_DNS_REG 12 // Query the status of DNS updates
|
|
|
|
// Debug function codes
|
|
|
|
#define NETLOGON_CONTROL_BACKUP_CHANGE_LOG 0xFFFC
|
|
#define NETLOGON_CONTROL_TRUNCATE_LOG 0xFFFD
|
|
#define NETLOGON_CONTROL_SET_DBFLAG 0xFFFE
|
|
#define NETLOGON_CONTROL_BREAKPOINT 0xFFFF
|
|
|
|
typedef [handle] wchar_t * LOGONSRV_HANDLE;
|
|
|
|
//
|
|
// Data types for rpc stubs.
|
|
//
|
|
|
|
// ?? the following data types should come from LSA or SAM idl definitions
|
|
|
|
//
|
|
// We must hide the PSID in a structure to avoid too many *'s in a
|
|
// field that uses size_is - otherwise MIDL has a fit.
|
|
//
|
|
|
|
typedef struct _NLPR_SID_INFORMATION {
|
|
|
|
PISID SidPointer;
|
|
|
|
} NLPR_SID_INFORMATION, *PNLPR_SID_INFORMATION;
|
|
|
|
|
|
//
|
|
// Define an array of pointers to SIDs
|
|
//
|
|
|
|
typedef struct _NLPR_SID_ARRAY {
|
|
|
|
//
|
|
// Indicates the number of Elements in the array.
|
|
//
|
|
|
|
ULONG Count;
|
|
|
|
//
|
|
// Points to the array of sid-pointers
|
|
//
|
|
|
|
[size_is(Count)] PNLPR_SID_INFORMATION Sids;
|
|
|
|
} NLPR_SID_ARRAY, *PNLPR_SID_ARRAY;
|
|
|
|
|
|
//
|
|
// Two-way encrypted value structure in Self-relative form. This
|
|
// is just like a String.
|
|
//
|
|
|
|
typedef struct _NLPR_CR_CIPHER_VALUE {
|
|
|
|
ULONG Length;
|
|
ULONG MaximumLength;
|
|
[size_is(MaximumLength), length_is(Length)] PUCHAR Buffer;
|
|
|
|
} NLPR_CR_CIPHER_VALUE, *PNLPR_CR_CIPHER_VALUE;
|
|
|
|
|
|
typedef struct _NLPR_LOGON_HOURS {
|
|
|
|
USHORT UnitsPerWeek;
|
|
|
|
//
|
|
// Points to an array of bitmask. The bits represent either days,
|
|
// hours or minutes in the week depending upon the value of
|
|
// UnitsPerWeek. (Technically, they could represent any division of
|
|
// time not finer than minute granularity).
|
|
|
|
// Day granularity is specified by specifying SAM_DAYS_PER_WEEK.
|
|
// Hours granularity is specified by specifying SAM_HOURS_PER_WEEK.
|
|
// Minute granularity is specified by specifying
|
|
// SAM_MINUTES_PER_WEEK. The number of bytes pointed to by this
|
|
// field is ((UnitsPerWeek + 7) / 8) and may not exceed
|
|
// ((SAM_MINUTES_PER_WEEK+7)/8 == 1260).
|
|
//
|
|
|
|
[size_is(1260), length_is((UnitsPerWeek+7)/8)] PUCHAR LogonHours;
|
|
|
|
} NLPR_LOGON_HOURS, *PNLPR_LOGON_HOURS;
|
|
|
|
|
|
typedef struct _NLPR_USER_PRIVATE_INFO {
|
|
|
|
BOOLEAN SensitiveData;
|
|
|
|
//
|
|
// If SesitiveData is TRUE then the data is encrypted using
|
|
// sessionkey across wire.
|
|
//
|
|
|
|
ULONG DataLength;
|
|
[size_is(DataLength)] PUCHAR Data;
|
|
|
|
} NLPR_USER_PRIVATE_INFO, *PNLPR_USER_PRIVATE_INFO;
|
|
|
|
typedef struct _NLPR_MODIFIED_COUNT {
|
|
|
|
OLD_LARGE_INTEGER ModifiedCount;
|
|
|
|
} NLPR_MODIFIED_COUNT, *PNLPR_MODIFIED_COUNT;
|
|
|
|
typedef struct _NLPR_QUOTA_LIMITS {
|
|
ULONG PagedPoolLimit;
|
|
ULONG NonPagedPoolLimit;
|
|
ULONG MinimumWorkingSetSize;
|
|
ULONG MaximumWorkingSetSize;
|
|
ULONG PagefileLimit;
|
|
OLD_LARGE_INTEGER TimeLimit;
|
|
} NLPR_QUOTA_LIMITS, *PNLPR_QUOTA_LIMITS;
|
|
|
|
//
|
|
// Enumeration structure returned from I_NetSamDeltas and I_NetSamSync
|
|
//
|
|
|
|
//
|
|
// Structure to completely describe a user.
|
|
//
|
|
|
|
typedef struct _NETLOGON_DELTA_USER {
|
|
UNICODE_STRING UserName;
|
|
UNICODE_STRING FullName;
|
|
ULONG UserId;
|
|
ULONG PrimaryGroupId;
|
|
UNICODE_STRING HomeDirectory;
|
|
UNICODE_STRING HomeDirectoryDrive;
|
|
UNICODE_STRING ScriptPath;
|
|
UNICODE_STRING AdminComment;
|
|
UNICODE_STRING WorkStations;
|
|
OLD_LARGE_INTEGER LastLogon;
|
|
OLD_LARGE_INTEGER LastLogoff;
|
|
NLPR_LOGON_HOURS LogonHours;
|
|
USHORT BadPasswordCount;
|
|
USHORT LogonCount;
|
|
OLD_LARGE_INTEGER PasswordLastSet;
|
|
OLD_LARGE_INTEGER AccountExpires;
|
|
ULONG UserAccountControl;
|
|
|
|
//
|
|
// The following fields are duplicates of information already in
|
|
// the Private data. Starting in NT 3.51, these fields are zeroed.
|
|
//
|
|
ENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword;
|
|
ENCRYPTED_LM_OWF_PASSWORD EncryptedLmOwfPassword;
|
|
BOOLEAN NtPasswordPresent;
|
|
BOOLEAN LmPasswordPresent;
|
|
BOOLEAN PasswordExpired;
|
|
|
|
UNICODE_STRING UserComment;
|
|
UNICODE_STRING Parameters;
|
|
USHORT CountryCode;
|
|
USHORT CodePage;
|
|
|
|
NLPR_USER_PRIVATE_INFO PrivateData; // password history
|
|
|
|
SECURITY_INFORMATION SecurityInformation;
|
|
ULONG SecuritySize;
|
|
[size_is(SecuritySize)] PUCHAR SecurityDescriptor;
|
|
|
|
UNICODE_STRING DummyString1; // used for profile path.
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1; // used for LastBadPasswordTime.HighPart
|
|
ULONG DummyLong2; // used for LastBadPasswordTime.LowPart
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
|
|
} NETLOGON_DELTA_USER, *PNETLOGON_DELTA_USER;
|
|
|
|
//
|
|
// Structure to completely describe a group.
|
|
//
|
|
typedef struct _NETLOGON_DELTA_GROUP {
|
|
UNICODE_STRING Name;
|
|
ULONG RelativeId;
|
|
ULONG Attributes;
|
|
UNICODE_STRING AdminComment;
|
|
|
|
SECURITY_INFORMATION SecurityInformation;
|
|
ULONG SecuritySize;
|
|
[size_is(SecuritySize)] PUCHAR SecurityDescriptor;
|
|
|
|
UNICODE_STRING DummyString1;
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_DELTA_GROUP, *PNETLOGON_DELTA_GROUP;
|
|
|
|
|
|
//
|
|
// Structure to completely describe all the members of a group.
|
|
//
|
|
typedef struct _NETLOGON_DELTA_GROUP_MEMBER {
|
|
[size_is(MemberCount)] PULONG MemberIds;
|
|
[size_is(MemberCount)] PULONG Attributes;
|
|
ULONG MemberCount;
|
|
|
|
ULONG DummyLong1;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_DELTA_GROUP_MEMBER, *PNETLOGON_DELTA_GROUP_MEMBER;
|
|
|
|
//
|
|
// Structure to completely describe a alias.
|
|
//
|
|
typedef struct _NETLOGON_DELTA_ALIAS {
|
|
UNICODE_STRING Name;
|
|
ULONG RelativeId;
|
|
// UNICODE_STRING AdminComment;
|
|
|
|
SECURITY_INFORMATION SecurityInformation;
|
|
ULONG SecuritySize;
|
|
[size_is(SecuritySize)] PUCHAR SecurityDescriptor;
|
|
|
|
UNICODE_STRING DummyString1; // used for admin comment
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_DELTA_ALIAS, *PNETLOGON_DELTA_ALIAS;
|
|
|
|
|
|
//
|
|
// Structure to completely describe all the members of a alias.
|
|
//
|
|
typedef struct _NETLOGON_DELTA_ALIAS_MEMBER {
|
|
NLPR_SID_ARRAY Members;
|
|
|
|
ULONG DummyLong1;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_DELTA_ALIAS_MEMBER, *PNETLOGON_DELTA_ALIAS_MEMBER;
|
|
|
|
//
|
|
// Structure to completely describe a domain.
|
|
//
|
|
typedef struct _NETLOGON_DELTA_DOMAIN {
|
|
UNICODE_STRING DomainName;
|
|
UNICODE_STRING OemInformation;
|
|
OLD_LARGE_INTEGER ForceLogoff;
|
|
USHORT MinPasswordLength;
|
|
USHORT PasswordHistoryLength;
|
|
OLD_LARGE_INTEGER MaxPasswordAge;
|
|
OLD_LARGE_INTEGER MinPasswordAge;
|
|
|
|
OLD_LARGE_INTEGER DomainModifiedCount;
|
|
OLD_LARGE_INTEGER DomainCreationTime;
|
|
|
|
// All this information is maintained separately on each system.
|
|
#ifdef notdef
|
|
UNICODE_STRING ReplicaSourceNodeName;
|
|
DOMAIN_SERVER_ENABLE_STATE DomainServerState;
|
|
DOMAIN_SERVER_ROLE DomainServerRole;
|
|
#endif // notdef
|
|
|
|
SECURITY_INFORMATION SecurityInformation;
|
|
ULONG SecuritySize;
|
|
[size_is(SecuritySize)] PUCHAR SecurityDescriptor;
|
|
|
|
UNICODE_STRING DummyString1; // used to replicate DOMAIN_LOCKOUT_INFORMATION
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1; // used to replicate PasswordProperties
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_DELTA_DOMAIN, *PNETLOGON_DELTA_DOMAIN;
|
|
|
|
typedef struct _NETLOGON_DELTA_RENAME {
|
|
UNICODE_STRING OldName;
|
|
UNICODE_STRING NewName;
|
|
|
|
UNICODE_STRING DummyString1;
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_RENAME_GROUP, *PNETLOGON_DELTA_RENAME_GROUP,
|
|
NETLOGON_RENAME_USER, *PNETLOGON_DELTA_RENAME_USER,
|
|
NETLOGON_RENAME_ALIAS, *PNETLOGON_DELTA_RENAME_ALIAS;
|
|
|
|
typedef struct _NETLOGON_DELTA_POLICY {
|
|
ULONG MaximumLogSize;
|
|
OLD_LARGE_INTEGER AuditRetentionPeriod;
|
|
|
|
BOOLEAN AuditingMode;
|
|
ULONG MaximumAuditEventCount;
|
|
[size_is(MaximumAuditEventCount + 1)] PULONG EventAuditingOptions;
|
|
|
|
UNICODE_STRING PrimaryDomainName;
|
|
PISID PrimaryDomainSid;
|
|
|
|
NLPR_QUOTA_LIMITS QuotaLimits;
|
|
|
|
OLD_LARGE_INTEGER ModifiedId;
|
|
OLD_LARGE_INTEGER DatabaseCreationTime;
|
|
|
|
SECURITY_INFORMATION SecurityInformation;
|
|
ULONG SecuritySize;
|
|
[size_is(SecuritySize)] PUCHAR SecurityDescriptor;
|
|
|
|
UNICODE_STRING DummyString1;
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_DELTA_POLICY, *PNETLOGON_DELTA_POLICY;
|
|
|
|
typedef struct _NETLOGON_DELTA_TRUSTED_DOMAINS {
|
|
UNICODE_STRING DomainName;
|
|
ULONG NumControllerEntries;
|
|
[size_is(NumControllerEntries)] PUNICODE_STRING ControllerNames;
|
|
|
|
SECURITY_INFORMATION SecurityInformation;
|
|
ULONG SecuritySize;
|
|
[size_is(SecuritySize)] PUCHAR SecurityDescriptor;
|
|
|
|
UNICODE_STRING DummyString1;
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1; // used for posix offset.
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_DELTA_TRUSTED_DOMAINS, *PNETLOGON_DELTA_TRUSTED_DOMAINS;
|
|
|
|
typedef struct _NETLOGON_DELTA_ACCOUNTS {
|
|
ULONG PrivilegeEntries;
|
|
ULONG PrivilegeControl;
|
|
[size_is(PrivilegeEntries)] PULONG PrivilegeAttributes;
|
|
[size_is(PrivilegeEntries)] PUNICODE_STRING PrivilegeNames;
|
|
|
|
NLPR_QUOTA_LIMITS QuotaLimits;
|
|
ULONG SystemAccessFlags;
|
|
|
|
SECURITY_INFORMATION SecurityInformation;
|
|
ULONG SecuritySize;
|
|
[size_is(SecuritySize)] PUCHAR SecurityDescriptor;
|
|
|
|
UNICODE_STRING DummyString1;
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_DELTA_ACCOUNTS, *PNETLOGON_DELTA_ACCOUNTS;
|
|
|
|
typedef struct _NETLOGON_DELTA_SECRET {
|
|
NLPR_CR_CIPHER_VALUE CurrentValue;
|
|
OLD_LARGE_INTEGER CurrentValueSetTime;
|
|
NLPR_CR_CIPHER_VALUE OldValue;
|
|
OLD_LARGE_INTEGER OldValueSetTime;
|
|
|
|
SECURITY_INFORMATION SecurityInformation;
|
|
ULONG SecuritySize;
|
|
[size_is(SecuritySize)] PUCHAR SecurityDescriptor;
|
|
|
|
UNICODE_STRING DummyString1;
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_DELTA_SECRET, *PNETLOGON_DELTA_SECRET;
|
|
|
|
typedef struct _NETLOGON_DELTA_DELETE {
|
|
[string] wchar_t * AccountName;
|
|
|
|
UNICODE_STRING DummyString1;
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_DELTA_DELETE_GROUP, *PNETLOGON_DELTA_DELETE_GROUP,
|
|
NETLOGON_DELTA_DELETE_USER, *PNETLOGON_DELTA_DELETE_USER;
|
|
|
|
//
|
|
// A Union of each of the above types.
|
|
//
|
|
typedef [switch_type(NETLOGON_DELTA_TYPE)] union _NETLOGON_DELTA_UNION {
|
|
[case(AddOrChangeDomain)] PNETLOGON_DELTA_DOMAIN DeltaDomain;
|
|
[case(AddOrChangeGroup)] PNETLOGON_DELTA_GROUP DeltaGroup;
|
|
[case(RenameGroup)] PNETLOGON_DELTA_RENAME_GROUP DeltaRenameGroup;
|
|
[case(AddOrChangeUser)] PNETLOGON_DELTA_USER DeltaUser;
|
|
[case(RenameUser)] PNETLOGON_DELTA_RENAME_USER DeltaRenameUser;
|
|
[case(ChangeGroupMembership)] PNETLOGON_DELTA_GROUP_MEMBER DeltaGroupMember;
|
|
[case(AddOrChangeAlias)] PNETLOGON_DELTA_ALIAS DeltaAlias;
|
|
[case(RenameAlias)] PNETLOGON_DELTA_RENAME_ALIAS DeltaRenameAlias;
|
|
[case(ChangeAliasMembership)] PNETLOGON_DELTA_ALIAS_MEMBER DeltaAliasMember;
|
|
[case(AddOrChangeLsaPolicy)] PNETLOGON_DELTA_POLICY DeltaPolicy;
|
|
[case(AddOrChangeLsaTDomain)] PNETLOGON_DELTA_TRUSTED_DOMAINS DeltaTDomains;
|
|
[case(AddOrChangeLsaAccount)] PNETLOGON_DELTA_ACCOUNTS DeltaAccounts;
|
|
[case(AddOrChangeLsaSecret)] PNETLOGON_DELTA_SECRET DeltaSecret;
|
|
[case(DeleteGroupByName)] PNETLOGON_DELTA_DELETE_GROUP DeltaDeleteGroup;
|
|
[case(DeleteUserByName)] PNETLOGON_DELTA_DELETE_USER DeltaDeleteUser;
|
|
[case(SerialNumberSkip)] PNLPR_MODIFIED_COUNT DeltaSerialNumberSkip;
|
|
[default] ; // Ship nothing for Delete Cases
|
|
} NETLOGON_DELTA_UNION, *PNETLOGON_DELTA_UNION;
|
|
|
|
typedef [switch_type(NETLOGON_DELTA_TYPE)] union _NETLOGON_DELTA_ID_UNION {
|
|
[case(AddOrChangeDomain,
|
|
AddOrChangeGroup,
|
|
DeleteGroup,
|
|
RenameGroup,
|
|
AddOrChangeUser,
|
|
DeleteUser,
|
|
RenameUser,
|
|
ChangeGroupMembership,
|
|
AddOrChangeAlias,
|
|
DeleteAlias,
|
|
RenameAlias,
|
|
ChangeAliasMembership,
|
|
DeleteGroupByName,
|
|
DeleteUserByName )] ULONG Rid;
|
|
|
|
[case(AddOrChangeLsaPolicy,
|
|
AddOrChangeLsaTDomain,
|
|
DeleteLsaTDomain,
|
|
AddOrChangeLsaAccount,
|
|
DeleteLsaAccount)] PISID Sid;
|
|
[case(AddOrChangeLsaSecret,
|
|
DeleteLsaSecret)] [string] wchar_t * Name;
|
|
[default] ;
|
|
} NETLOGON_DELTA_ID_UNION, *PNETLOGON_DELTA_ID_UNION;
|
|
|
|
|
|
//
|
|
// A common structure to describe a single enumerated object.
|
|
//
|
|
typedef struct _NETLOGON_DELTA_ENUM {
|
|
NETLOGON_DELTA_TYPE DeltaType;
|
|
[switch_is(DeltaType)] NETLOGON_DELTA_ID_UNION DeltaID;
|
|
[switch_is(DeltaType)] NETLOGON_DELTA_UNION DeltaUnion;
|
|
} NETLOGON_DELTA_ENUM, *PNETLOGON_DELTA_ENUM;
|
|
|
|
//
|
|
// Structure that defines the array of enumerated objects.
|
|
//
|
|
|
|
typedef struct _NETLOGON_DELTA_ENUM_ARRAY {
|
|
DWORD CountReturned;
|
|
[size_is(CountReturned)] PNETLOGON_DELTA_ENUM Deltas;
|
|
} NETLOGON_DELTA_ENUM_ARRAY, *PNETLOGON_DELTA_ENUM_ARRAY;
|
|
|
|
//
|
|
// Function Prototypes - Logon Service
|
|
//
|
|
|
|
|
|
NET_API_STATUS
|
|
NetrLogonUasLogon (
|
|
[in,unique,string] LOGONSRV_HANDLE ServerName,
|
|
[in, string] wchar_t * UserName,
|
|
[in, string] wchar_t * Workstation,
|
|
[out] PNETLOGON_VALIDATION_UAS_INFO *ValidationInformation
|
|
);
|
|
|
|
NET_API_STATUS
|
|
NetrLogonUasLogoff (
|
|
[in,unique,string] LOGONSRV_HANDLE ServerName,
|
|
[in, string] wchar_t * UserName,
|
|
[in, string] wchar_t * Workstation,
|
|
[out] PNETLOGON_LOGOFF_UAS_INFO LogoffInformation
|
|
);
|
|
|
|
//
|
|
// NetrLogonSam routines
|
|
//
|
|
typedef [switch_type(enum _NETLOGON_LOGON_INFO_CLASS)]
|
|
union _NETLOGON_LEVEL {
|
|
[case(NetlogonInteractiveInformation)]
|
|
PNETLOGON_INTERACTIVE_INFO LogonInteractive;
|
|
[case(NetlogonInteractiveTransitiveInformation)]
|
|
PNETLOGON_INTERACTIVE_INFO LogonInteractiveTransitive;
|
|
[case(NetlogonServiceInformation)]
|
|
PNETLOGON_SERVICE_INFO LogonService;
|
|
[case(NetlogonServiceTransitiveInformation)]
|
|
PNETLOGON_SERVICE_INFO LogonServiceTransitive;
|
|
[case(NetlogonNetworkInformation)]
|
|
PNETLOGON_NETWORK_INFO LogonNetwork;
|
|
[case(NetlogonNetworkTransitiveInformation)]
|
|
PNETLOGON_NETWORK_INFO LogonNetworkTransitive;
|
|
[case(NetlogonGenericInformation)]
|
|
PNETLOGON_GENERIC_INFO LogonGeneric;
|
|
[default]
|
|
;
|
|
} NETLOGON_LEVEL, * PNETLOGON_LEVEL;
|
|
|
|
typedef [switch_type(enum _NETLOGON_VALIDATION_INFO_CLASS)]
|
|
union _NETLOGON_VALIDATION {
|
|
[case(NetlogonValidationSamInfo)]
|
|
PNETLOGON_VALIDATION_SAM_INFO ValidationSam;
|
|
[case(NetlogonValidationSamInfo2)]
|
|
PNETLOGON_VALIDATION_SAM_INFO2 ValidationSam2;
|
|
[case(NetlogonValidationGenericInfo)]
|
|
PNETLOGON_VALIDATION_GENERIC_INFO ValidationGeneric;
|
|
[case(NetlogonValidationGenericInfo2)]
|
|
PNETLOGON_VALIDATION_GENERIC_INFO2 ValidationGeneric2;
|
|
[case(NetlogonValidationSamInfo4)]
|
|
PNETLOGON_VALIDATION_SAM_INFO4 ValidationSam4;
|
|
[default]
|
|
;
|
|
} NETLOGON_VALIDATION, * PNETLOGON_VALIDATION;
|
|
|
|
NTSTATUS
|
|
NetrLogonSamLogon (
|
|
[in,unique,string] LOGONSRV_HANDLE LogonServer,
|
|
[in,string,unique] wchar_t * ComputerName,
|
|
[in,unique] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[in,out,unique] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] NETLOGON_LOGON_INFO_CLASS LogonLevel,
|
|
[in,switch_is(LogonLevel)] PNETLOGON_LEVEL LogonInformation,
|
|
[in] NETLOGON_VALIDATION_INFO_CLASS ValidationLevel,
|
|
[out,switch_is(ValidationLevel)] PNETLOGON_VALIDATION ValidationInformation,
|
|
[out] PBOOLEAN Authoritative
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrLogonSamLogoff (
|
|
[in,unique,string] LOGONSRV_HANDLE LogonServer,
|
|
[in,string,unique] wchar_t * ComputerName,
|
|
[in,unique] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[in,out,unique] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] NETLOGON_LOGON_INFO_CLASS LogonLevel,
|
|
[in,switch_is(LogonLevel)] PNETLOGON_LEVEL LogonInformation
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrServerReqChallenge (
|
|
[in,unique,string] LOGONSRV_HANDLE PrimaryName,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_CREDENTIAL ClientChallenge,
|
|
[out] PNETLOGON_CREDENTIAL ServerChallenge
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrServerAuthenticate (
|
|
[in,unique,string] LOGONSRV_HANDLE PrimaryName,
|
|
[in,string] wchar_t * AccountName,
|
|
[in] NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_CREDENTIAL ClientCredential,
|
|
[out] PNETLOGON_CREDENTIAL ServerCredential
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrServerPasswordSet (
|
|
[in,unique,string] LOGONSRV_HANDLE PrimaryName,
|
|
[in,string] wchar_t * AccountName,
|
|
[in] NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] PENCRYPTED_LM_OWF_PASSWORD UasNewPassword
|
|
);
|
|
|
|
//
|
|
// Replication Routines
|
|
//
|
|
|
|
|
|
NTSTATUS
|
|
NetrDatabaseDeltas (
|
|
[in, string] LOGONSRV_HANDLE primaryname,
|
|
[in, string] wchar_t * computername,
|
|
[in] PNETLOGON_AUTHENTICATOR authenticator,
|
|
[in,out] PNETLOGON_AUTHENTICATOR ret_auth,
|
|
[in] DWORD DatabaseID,
|
|
[in, out] PNLPR_MODIFIED_COUNT DomainModifiedCount,
|
|
[out] PNETLOGON_DELTA_ENUM_ARRAY *DeltaArray,
|
|
[in] DWORD PreferredMaximumLength
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrDatabaseSync (
|
|
[in, string] LOGONSRV_HANDLE PrimaryName,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] DWORD DatabaseID,
|
|
[in, out] PULONG SyncContext,
|
|
[out] PNETLOGON_DELTA_ENUM_ARRAY *DeltaArray,
|
|
[in] DWORD PreferredMaximumLength
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrAccountDeltas (
|
|
[in, unique, string] LOGONSRV_HANDLE PrimaryName,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] PUAS_INFO_0 RecordId,
|
|
[in] DWORD Count,
|
|
[in] DWORD Level,
|
|
[out, size_is(BufferSize)] LPBYTE Buffer,
|
|
[in] DWORD BufferSize,
|
|
[out] PULONG CountReturned,
|
|
[out] PULONG TotalEntries,
|
|
[out] PUAS_INFO_0 NextRecordId
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrAccountSync (
|
|
[in, unique, string] LOGONSRV_HANDLE PrimaryName,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] DWORD Reference,
|
|
[in] DWORD Level,
|
|
[out, size_is(BufferSize) ] LPBYTE Buffer,
|
|
[in] DWORD BufferSize,
|
|
[out] PULONG CountReturned,
|
|
[out] PULONG TotalEntries,
|
|
[out] PULONG NextReference,
|
|
[out] PUAS_INFO_0 LastRecordId
|
|
);
|
|
|
|
|
|
NET_API_STATUS
|
|
NetrGetDCName (
|
|
[in, string] LOGONSRV_HANDLE ServerName,
|
|
[in, unique, string] wchar_t *DomainName,
|
|
[out, string] wchar_t **Buffer
|
|
);
|
|
|
|
//
|
|
// I_NetLogonControl
|
|
//
|
|
|
|
typedef [switch_type(DWORD)] union _NETLOGON_CONTROL_DATA_INFORMATION {
|
|
[case(NETLOGON_CONTROL_REDISCOVER,
|
|
NETLOGON_CONTROL_TC_QUERY,
|
|
NETLOGON_CONTROL_CHANGE_PASSWORD,
|
|
NETLOGON_CONTROL_TC_VERIFY)] [string] wchar_t * TrustedDomainName;
|
|
[case(NETLOGON_CONTROL_SET_DBFLAG)] DWORD DebugFlag;
|
|
[case(NETLOGON_CONTROL_FIND_USER)] [string] wchar_t * UserName;
|
|
[default]
|
|
;
|
|
} NETLOGON_CONTROL_DATA_INFORMATION, * PNETLOGON_CONTROL_DATA_INFORMATION;
|
|
|
|
typedef [switch_type(DWORD)] union _NETLOGON_CONTROL_QUERY_INFORMATION {
|
|
[case(1)] PNETLOGON_INFO_1 NetlogonInfo1;
|
|
[case(2)] PNETLOGON_INFO_2 NetlogonInfo2;
|
|
[case(3)] PNETLOGON_INFO_3 NetlogonInfo3;
|
|
[case(4)] PNETLOGON_INFO_4 NetlogonInfo4;
|
|
[default] ;
|
|
} NETLOGON_CONTROL_QUERY_INFORMATION, * PNETLOGON_CONTROL_QUERY_INFORMATION;
|
|
|
|
NET_API_STATUS
|
|
NetrLogonControl(
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in] DWORD FunctionCode,
|
|
[in] DWORD QueryLevel,
|
|
[out,switch_is(QueryLevel)] PNETLOGON_CONTROL_QUERY_INFORMATION Buffer
|
|
);
|
|
|
|
NET_API_STATUS
|
|
NetrGetAnyDCName (
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in, unique, string] wchar_t *DomainName,
|
|
[out, string] wchar_t **Buffer
|
|
);
|
|
|
|
NET_API_STATUS
|
|
NetrLogonControl2(
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in] DWORD FunctionCode,
|
|
[in] DWORD QueryLevel,
|
|
[in,switch_is(FunctionCode)] PNETLOGON_CONTROL_DATA_INFORMATION Data,
|
|
[out,switch_is(QueryLevel)] PNETLOGON_CONTROL_QUERY_INFORMATION Buffer
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrServerAuthenticate2 (
|
|
[in,unique,string] LOGONSRV_HANDLE PrimaryName,
|
|
[in,string] wchar_t * AccountName,
|
|
[in] NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_CREDENTIAL ClientCredential,
|
|
[out] PNETLOGON_CREDENTIAL ServerCredential,
|
|
[in,out] PULONG NegotiateFlags
|
|
);
|
|
|
|
//
|
|
// The Sync state indicates tracks the progression of the sync.
|
|
// NlSynchronize() depends on these being in order.
|
|
//
|
|
|
|
typedef enum _SYNC_STATE {
|
|
NormalState,
|
|
DomainState,
|
|
GroupState,
|
|
UasBuiltinGroupState,
|
|
UserState,
|
|
GroupMemberState,
|
|
AliasState,
|
|
AliasMemberState,
|
|
SamDoneState
|
|
} SYNC_STATE, *PSYNC_STATE;
|
|
|
|
NTSTATUS
|
|
NetrDatabaseSync2 (
|
|
[in, string] LOGONSRV_HANDLE PrimaryName,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] DWORD DatabaseID,
|
|
[in] SYNC_STATE RestartState,
|
|
[in, out] PULONG SyncContext,
|
|
[out] PNETLOGON_DELTA_ENUM_ARRAY *DeltaArray,
|
|
[in] DWORD PreferredMaximumLength
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrDatabaseRedo(
|
|
[in, string] LOGONSRV_HANDLE PrimaryName,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in, size_is(ChangeLogEntrySize)] PUCHAR ChangeLogEntry,
|
|
[in] DWORD ChangeLogEntrySize,
|
|
[out] PNETLOGON_DELTA_ENUM_ARRAY *DeltaArray
|
|
);
|
|
|
|
// Same as NetrLogonControl2, but support QueryLevel of 4
|
|
// and function code of NETLOGON_CONTROL_FIND_USER
|
|
NET_API_STATUS
|
|
NetrLogonControl2Ex(
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in] DWORD FunctionCode,
|
|
[in] DWORD QueryLevel,
|
|
[in,switch_is(FunctionCode)] PNETLOGON_CONTROL_DATA_INFORMATION Data,
|
|
[out,switch_is(QueryLevel)] PNETLOGON_CONTROL_QUERY_INFORMATION Buffer
|
|
);
|
|
|
|
//
|
|
// Routine to enumerate trusted domains.
|
|
//
|
|
|
|
typedef struct _DOMAIN_NAME_BUFFER {
|
|
ULONG DomainNameByteCount;
|
|
[unique, size_is(DomainNameByteCount)] PUCHAR DomainNames;
|
|
} DOMAIN_NAME_BUFFER, *PDOMAIN_NAME_BUFFER;
|
|
|
|
NTSTATUS
|
|
NetrEnumerateTrustedDomains (
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[out] PDOMAIN_NAME_BUFFER DomainNameBuffer
|
|
);
|
|
|
|
//
|
|
// Routine to find a DC.
|
|
//
|
|
|
|
NET_API_STATUS
|
|
DsrGetDcName(
|
|
[in, unique, string ] LOGONSRV_HANDLE ComputerName,
|
|
[in, unique, string] wchar_t * DomainName,
|
|
[in, unique] GUID *DomainGuid,
|
|
[in, unique] GUID *SiteGuid,
|
|
[in] ULONG Flags,
|
|
[out] PDOMAIN_CONTROLLER_INFOW *DomainControllerInfo
|
|
);
|
|
|
|
//
|
|
// Routine used between NT 4.0 and NT 5.0 beta 1
|
|
//
|
|
|
|
typedef [switch_type(DWORD)] union _NETLOGON_DUMMY1 {
|
|
[case(1)] ULONG Dummy;
|
|
} NETLOGON_DUMMY1, *PNETLOGON_DUMMY1;
|
|
|
|
NTSTATUS
|
|
NetrLogonDummyRoutine1(
|
|
[in, string] LOGONSRV_HANDLE ServerName,
|
|
[in,string,unique] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] DWORD QueryLevel,
|
|
[out,switch_is(QueryLevel)] PNETLOGON_DUMMY1 Buffer
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrLogonSetServiceBits(
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in] DWORD ServiceBitsOfInterest,
|
|
[in] DWORD ServiceBits
|
|
);
|
|
|
|
//
|
|
// Routines to compute a digest for a specified message using the machine trust account.
|
|
//
|
|
|
|
NET_API_STATUS
|
|
NetrLogonGetTrustRid(
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in,string,unique] wchar_t * DomainName,
|
|
[out] PULONG Rid
|
|
);
|
|
|
|
#define NL_DIGEST_SIZE 16
|
|
|
|
NET_API_STATUS
|
|
NetrLogonComputeServerDigest(
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in] ULONG Rid,
|
|
[in, size_is(MessageSize)] LPBYTE Message,
|
|
[in] ULONG MessageSize,
|
|
[out] CHAR NewMessageDigest[NL_DIGEST_SIZE],
|
|
[out] CHAR OldMessageDigest[NL_DIGEST_SIZE]
|
|
);
|
|
|
|
NET_API_STATUS
|
|
NetrLogonComputeClientDigest(
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in,string,unique] wchar_t * DomainName,
|
|
[in, size_is(MessageSize)] LPBYTE Message,
|
|
[in] ULONG MessageSize,
|
|
[out] CHAR NewMessageDigest[NL_DIGEST_SIZE],
|
|
[out] CHAR OldMessageDigest[NL_DIGEST_SIZE]
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrServerAuthenticate3 (
|
|
[in,unique,string] LOGONSRV_HANDLE PrimaryName,
|
|
[in,string] wchar_t * AccountName,
|
|
[in] NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_CREDENTIAL ClientCredential,
|
|
[out] PNETLOGON_CREDENTIAL ServerCredential,
|
|
[in,out] PULONG NegotiateFlags,
|
|
[out] PULONG AccountRid
|
|
);
|
|
|
|
//
|
|
// Routine to find a DC.
|
|
//
|
|
|
|
NET_API_STATUS
|
|
DsrGetDcNameEx(
|
|
[in, unique, string ] LOGONSRV_HANDLE ComputerName,
|
|
[in, unique, string] wchar_t * DomainName,
|
|
[in, unique] GUID *DomainGuid,
|
|
[in, unique, string] wchar_t * SiteName,
|
|
[in] ULONG Flags,
|
|
[out] PDOMAIN_CONTROLLER_INFOW *DomainControllerInfo
|
|
);
|
|
|
|
NET_API_STATUS
|
|
DsrGetSiteName(
|
|
[in, unique, string ] LOGONSRV_HANDLE ComputerName,
|
|
[out, string] wchar_t **SiteName
|
|
);
|
|
|
|
//
|
|
// Routine to return information about the domain to a workstaion.
|
|
//
|
|
|
|
//
|
|
// Values of QueryLevel
|
|
#define NETLOGON_QUERY_DOMAIN_INFO 1
|
|
#define NETLOGON_QUERY_LSA_POLICY_INFO 2
|
|
|
|
typedef struct _NETLOGON_LSA_POLICY_INFO {
|
|
|
|
//
|
|
// LSA Policy
|
|
//
|
|
|
|
ULONG LsaPolicySize;
|
|
[size_is(LsaPolicySize)] PUCHAR LsaPolicy;
|
|
|
|
} NETLOGON_LSA_POLICY_INFO, *PNETLOGON_LSA_POLICY_INFO;
|
|
|
|
typedef struct _NETLOGON_ONE_DOMAIN_INFO {
|
|
UNICODE_STRING DomainName;
|
|
UNICODE_STRING DnsDomainName;
|
|
UNICODE_STRING DnsForestName;
|
|
GUID DomainGuid;
|
|
PISID DomainSid;
|
|
|
|
// Passes NL_TRUST_EXTENSION structure starting after NT 5 beta 2
|
|
UNICODE_STRING TrustExtension;
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG DummyLong1;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
} NETLOGON_ONE_DOMAIN_INFO, *PNETLOGON_ONE_DOMAIN_INFO;
|
|
|
|
typedef struct _NETLOGON_DOMAIN_INFO {
|
|
|
|
//
|
|
// Information about the domain we're a member of.
|
|
//
|
|
|
|
NETLOGON_ONE_DOMAIN_INFO PrimaryDomain;
|
|
|
|
//
|
|
// Information about the domains trusted by the domain we're a member of.
|
|
//
|
|
|
|
ULONG TrustedDomainCount;
|
|
[size_is(TrustedDomainCount)] PNETLOGON_ONE_DOMAIN_INFO TrustedDomains;
|
|
|
|
//
|
|
// LSA Policy
|
|
//
|
|
|
|
NETLOGON_LSA_POLICY_INFO LsaPolicy;
|
|
|
|
//
|
|
// Room for expansion.
|
|
//
|
|
UNICODE_STRING DnsHostNameInDs;
|
|
UNICODE_STRING DummyString2;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG WorkstationFlags;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
|
|
} NETLOGON_DOMAIN_INFO, *PNETLOGON_DOMAIN_INFO;
|
|
|
|
typedef [switch_type(DWORD)] union _NETLOGON_DOMAIN_INFORMATION {
|
|
[case(NETLOGON_QUERY_DOMAIN_INFO)] PNETLOGON_DOMAIN_INFO DomainInfo;
|
|
[case(NETLOGON_QUERY_LSA_POLICY_INFO)] PNETLOGON_LSA_POLICY_INFO LsaPolicyInfo;
|
|
} NETLOGON_DOMAIN_INFORMATION, *PNETLOGON_DOMAIN_INFORMATION;
|
|
|
|
typedef struct _NETLOGON_WORKSTATION_INFO {
|
|
|
|
//
|
|
// LSA Policy
|
|
//
|
|
|
|
NETLOGON_LSA_POLICY_INFO LsaPolicy;
|
|
|
|
//
|
|
// Information describing the workstation.
|
|
//
|
|
[string] wchar_t * DnsHostName;
|
|
[string] wchar_t * SiteName;
|
|
[string] wchar_t * Dummy1;
|
|
[string] wchar_t * Dummy2;
|
|
[string] wchar_t * Dummy3;
|
|
[string] wchar_t * Dummy4;
|
|
|
|
UNICODE_STRING OsVersion;
|
|
UNICODE_STRING OsName;
|
|
UNICODE_STRING DummyString3;
|
|
UNICODE_STRING DummyString4;
|
|
ULONG WorkstationFlags;
|
|
ULONG DummyLong2;
|
|
ULONG DummyLong3;
|
|
ULONG DummyLong4;
|
|
|
|
} NETLOGON_WORKSTATION_INFO, *PNETLOGON_WORKSTATION_INFO;
|
|
|
|
typedef [switch_type(DWORD)] union _NETLOGON_WORKSTATION_INFORMATION {
|
|
[case(NETLOGON_QUERY_DOMAIN_INFO)] PNETLOGON_WORKSTATION_INFO WorkstationInfo;
|
|
[case(NETLOGON_QUERY_LSA_POLICY_INFO)] PNETLOGON_WORKSTATION_INFO LsaPolicyInfo;
|
|
} NETLOGON_WORKSTATION_INFORMATION, *PNETLOGON_WORKSTATION_INFORMATION;
|
|
|
|
NTSTATUS
|
|
NetrLogonGetDomainInfo(
|
|
[in, string] LOGONSRV_HANDLE ServerName,
|
|
[in,string,unique] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[in,out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] DWORD Level,
|
|
[in,switch_is(Level)] PNETLOGON_WORKSTATION_INFORMATION WkstaBuffer,
|
|
[out,switch_is(Level)] PNETLOGON_DOMAIN_INFORMATION DomBuffer
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrServerPasswordSet2 (
|
|
[in,unique,string] LOGONSRV_HANDLE PrimaryName,
|
|
[in,string] wchar_t * AccountName,
|
|
[in] NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] PNL_TRUST_PASSWORD ClearNewPassword
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrServerPasswordGet (
|
|
[in,unique,string] LOGONSRV_HANDLE PrimaryName,
|
|
[in,string] wchar_t * AccountName,
|
|
[in] NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[out] PENCRYPTED_NT_OWF_PASSWORD EncryptedNtOwfPassword
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrLogonSendToSam (
|
|
[in,unique,string] LOGONSRV_HANDLE PrimaryName,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in,size_is(OpaqueBufferSize)] PUCHAR OpaqueBuffer,
|
|
[in] ULONG OpaqueBufferSize
|
|
);
|
|
|
|
typedef struct _NL_SOCKET_ADDRESS {
|
|
[size_is(iSockaddrLength)] PUCHAR lpSockaddr;
|
|
ULONG iSockaddrLength;
|
|
} NL_SOCKET_ADDRESS, *PNL_SOCKET_ADDRESS;
|
|
|
|
typedef struct _NL_SITE_NAME_ARRAY {
|
|
ULONG EntryCount;
|
|
[size_is(EntryCount)] PUNICODE_STRING SiteNames;
|
|
} NL_SITE_NAME_ARRAY, *PNL_SITE_NAME_ARRAY;
|
|
|
|
NET_API_STATUS
|
|
DsrAddressToSiteNamesW(
|
|
[in,unique,string] LOGONSRV_HANDLE ComputerName,
|
|
[in, range(0,NL_MAX_RPC_ENTRY_COUNT)] DWORD EntryCount,
|
|
[in,size_is(EntryCount)] PNL_SOCKET_ADDRESS SocketAddresses,
|
|
[out] PNL_SITE_NAME_ARRAY *SiteNames
|
|
);
|
|
|
|
NET_API_STATUS
|
|
DsrGetDcNameEx2(
|
|
[in, unique, string ] LOGONSRV_HANDLE ComputerName,
|
|
[in, unique, string] wchar_t * AccountName,
|
|
[in] ULONG AllowableAccountControlBits,
|
|
[in, unique, string] wchar_t * DomainName,
|
|
[in, unique] GUID *DomainGuid,
|
|
[in, unique, string] wchar_t * SiteName,
|
|
[in] ULONG Flags,
|
|
[out] PDOMAIN_CONTROLLER_INFOW *DomainControllerInfo
|
|
);
|
|
|
|
NET_API_STATUS
|
|
NetrLogonGetTimeServiceParentDomain(
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[out, string] wchar_t **DomainName,
|
|
[out] PBOOL PdcSameSite
|
|
);
|
|
|
|
typedef struct _NETLOGON_TRUSTED_DOMAIN_ARRAY {
|
|
DWORD DomainCount;
|
|
[size_is(DomainCount)] PDS_DOMAIN_TRUSTSW Domains;
|
|
} NETLOGON_TRUSTED_DOMAIN_ARRAY, *PNETLOGON_TRUSTED_DOMAIN_ARRAY;
|
|
|
|
NET_API_STATUS
|
|
NetrEnumerateTrustedDomainsEx (
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[out] PNETLOGON_TRUSTED_DOMAIN_ARRAY Domains
|
|
);
|
|
|
|
typedef struct _NL_SITE_NAME_EX_ARRAY {
|
|
ULONG EntryCount;
|
|
[size_is(EntryCount)] PUNICODE_STRING SiteNames;
|
|
[size_is(EntryCount)] PUNICODE_STRING SubnetNames;
|
|
} NL_SITE_NAME_EX_ARRAY, *PNL_SITE_NAME_EX_ARRAY;
|
|
|
|
NET_API_STATUS
|
|
DsrAddressToSiteNamesExW(
|
|
[in,unique,string] LOGONSRV_HANDLE ComputerName,
|
|
[in, range(0,NL_MAX_RPC_ENTRY_COUNT)] DWORD EntryCount,
|
|
[in,size_is(EntryCount)] PNL_SOCKET_ADDRESS SocketAddresses,
|
|
[out] PNL_SITE_NAME_EX_ARRAY *SiteNames
|
|
);
|
|
|
|
NET_API_STATUS
|
|
DsrGetDcSiteCoverageW(
|
|
[in,unique,string] LOGONSRV_HANDLE ServerName,
|
|
[out] PNL_SITE_NAME_ARRAY *SiteNames
|
|
);
|
|
|
|
|
|
//
|
|
// Define a logon routine that uses a passed in RPC handle.
|
|
// This will allow us to do multiple simultaneous RPCs over a secure channel.
|
|
//
|
|
|
|
NTSTATUS
|
|
NetrLogonSamLogonEx (
|
|
[in] handle_t ContextHandle,
|
|
[in,unique,string] wchar_t * LogonServer,
|
|
[in,unique,string] wchar_t * ComputerName,
|
|
[in] NETLOGON_LOGON_INFO_CLASS LogonLevel,
|
|
[in,switch_is(LogonLevel)] PNETLOGON_LEVEL LogonInformation,
|
|
[in] NETLOGON_VALIDATION_INFO_CLASS ValidationLevel,
|
|
[out,switch_is(ValidationLevel)] PNETLOGON_VALIDATION ValidationInformation,
|
|
[out] PBOOLEAN Authoritative,
|
|
[in,out] PULONG ExtraFlags
|
|
);
|
|
|
|
NET_API_STATUS
|
|
DsrEnumerateDomainTrusts (
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in] ULONG Flags,
|
|
[out] PNETLOGON_TRUSTED_DOMAIN_ARRAY Domains
|
|
);
|
|
|
|
NET_API_STATUS
|
|
DsrDeregisterDnsHostRecords (
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in, unique, string] wchar_t * DnsDomainName,
|
|
[in, unique] GUID *DomainGuid,
|
|
[in, unique] GUID *DsaGuid,
|
|
[in, string] wchar_t * DnsHostName
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrServerTrustPasswordsGet (
|
|
[in,unique,string] LOGONSRV_HANDLE TrustedDcName,
|
|
[in,string] wchar_t * AccountName,
|
|
[in] NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[out] PENCRYPTED_NT_OWF_PASSWORD EncryptedNewOwfPassword,
|
|
[out] PENCRYPTED_NT_OWF_PASSWORD EncryptedOldOwfPassword
|
|
);
|
|
|
|
NET_API_STATUS
|
|
DsrGetForestTrustInformation (
|
|
[in, unique, string] LOGONSRV_HANDLE ServerName,
|
|
[in, unique, string] wchar_t * TrustedDomainName,
|
|
[in] DWORD Flags,
|
|
[out] PLSA_FOREST_TRUST_INFORMATION * ForestTrustInfo
|
|
);
|
|
|
|
NTSTATUS
|
|
NetrGetForestTrustInformation (
|
|
[in,unique,string] LOGONSRV_HANDLE ServerName,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] DWORD Flags,
|
|
[out] PLSA_FOREST_TRUST_INFORMATION * ForestTrustInfo
|
|
);
|
|
|
|
// This is the non-Ex version but with Flags
|
|
NTSTATUS
|
|
NetrLogonSamLogonWithFlags (
|
|
[in,unique,string] LOGONSRV_HANDLE LogonServer,
|
|
[in,string,unique] wchar_t * ComputerName,
|
|
[in,unique] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[in,out,unique] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[in] NETLOGON_LOGON_INFO_CLASS LogonLevel,
|
|
[in,switch_is(LogonLevel)] PNETLOGON_LEVEL LogonInformation,
|
|
[in] NETLOGON_VALIDATION_INFO_CLASS ValidationLevel,
|
|
[out,switch_is(ValidationLevel)] PNETLOGON_VALIDATION ValidationInformation,
|
|
[out] PBOOLEAN Authoritative,
|
|
[in,out] PULONG ExtraFlags
|
|
);
|
|
|
|
//
|
|
// Generic data sent over netlogon RPC interfaces.
|
|
//
|
|
// The following data structure can be used to send generic data
|
|
// from the server to teh client. Suppose the client requests
|
|
// an info about some property from the server over an RPC interface.
|
|
// Suppose that property has several attributes (which can be
|
|
// generically represented as ULONGs and/or UNICODE_STRINGS) and
|
|
// suppose that the property has several versions where older versions
|
|
// have more attributes. Using this generic data structure, the server
|
|
// will send all N attributes for the version the server supports. Here
|
|
// N is the number of attributes for the version teh server supports.
|
|
// If the client is older than the server, the client will be able to
|
|
// understand the first M attributes and the client will ignore the rest
|
|
// of attributes. Here M is the number of attributes the client version
|
|
// supports. If the client is newer than the server, the client will be
|
|
// able to understand all N attributes from the server and the client
|
|
// will realize that the server supports an old version of the property.
|
|
// This scheme works provided the attributes are ordered by their creation
|
|
// time. This technique avoids new RPC interfaces as property gets new
|
|
// attributes and avoids special case coding.
|
|
//
|
|
|
|
typedef struct _NL_GENERIC_RPC_DATA {
|
|
|
|
ULONG UlongEntryCount;
|
|
[size_is(UlongEntryCount)] PULONG UlongData;
|
|
|
|
ULONG UnicodeStringEntryCount;
|
|
[size_is(UnicodeStringEntryCount)] PUNICODE_STRING UnicodeStringData;
|
|
|
|
} NL_GENERIC_RPC_DATA, *PNL_GENERIC_RPC_DATA;
|
|
|
|
NTSTATUS
|
|
NetrServerGetTrustInfo (
|
|
[in,unique,string] LOGONSRV_HANDLE TrustedDcName,
|
|
[in,string] wchar_t * AccountName,
|
|
[in] NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
[in, string] wchar_t * ComputerName,
|
|
[in] PNETLOGON_AUTHENTICATOR Authenticator,
|
|
[out] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
|
|
[out] PENCRYPTED_NT_OWF_PASSWORD EncryptedNewOwfPassword,
|
|
[out] PENCRYPTED_NT_OWF_PASSWORD EncryptedOldOwfPassword,
|
|
[out] PNL_GENERIC_RPC_DATA *TrustInfo
|
|
);
|
|
}
|