You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
664 lines
14 KiB
664 lines
14 KiB
/*++
|
|
|
|
Copyright (c) 1987-1996 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
logonsrv.h
|
|
|
|
Abstract:
|
|
|
|
Netlogon service internal constants and definitions.
|
|
|
|
Author:
|
|
|
|
Ported from Lan Man 2.0
|
|
|
|
Revision History:
|
|
|
|
21-May-1991 (cliffv)
|
|
Ported to NT. Converted to NT style.
|
|
|
|
--*/
|
|
|
|
//
|
|
// Define _DC_NETLOGON if _WKSTA_NETLOGON is not defined.
|
|
//
|
|
|
|
#ifndef _WKSTA_NETLOGON
|
|
#define _DC_NETLOGON
|
|
#endif // _WKSTA_NETLOGON
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Common include files needed by ALL netlogon server files
|
|
//
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
#if ( _MSC_VER >= 800 )
|
|
#pragma warning ( 3 : 4100 ) // enable "Unreferenced formal parameter"
|
|
#pragma warning ( 3 : 4219 ) // enable "trailing ',' used for variable argument list"
|
|
#endif
|
|
|
|
#include <nt.h> // LARGE_INTEGER definition
|
|
#include <ntrtl.h> // LARGE_INTEGER definition
|
|
#include <nturtl.h> // LARGE_INTEGER definition
|
|
#include <ntlsa.h> // Needed by lsrvdata.h
|
|
|
|
#define NOMINMAX // Avoid redefinition of min and max in stdlib.h
|
|
#include <rpc.h> // Needed by logon_s.h
|
|
#define INCL_WINSOCK_API_PROTOTYPES 1
|
|
#include <winsock2.h> // Winsock support
|
|
#include <logon_s.h> // includes lmcons.h, lmaccess.h, netlogon.h, ssi.h, windef.h
|
|
|
|
#include <windows.h>
|
|
|
|
#include <alertmsg.h> // ALERT_* defines
|
|
#include <align.h> // ROUND_UP_COUNT ...
|
|
#include <config.h> // net config helpers.
|
|
#include <confname.h> // SECTION_ equates, NETLOGON_KEYWORD_ equates.
|
|
#include <debugfmt.h> // FORMAT_*
|
|
//#define SDK_DNS_RECORD 1 // Needed for dnsapi.h
|
|
#include <windns.h> // DNS API
|
|
#include <dnsapi.h> // Dns API
|
|
#include <icanon.h> // NAMETYPE_* defines
|
|
#include <lmapibuf.h> // NetApiBufferFree
|
|
#include <lmerr.h> // NERR_ equates.
|
|
#include <lmerrlog.h> // NELOG_*
|
|
#include <lmserver.h> // Server API defines and prototypes
|
|
#include <lmshare.h> // share API functions and prototypes
|
|
#include <lmsname.h> // Needed for NETLOGON service name
|
|
#include <lmsvc.h> // SERVICE_UIC codes are defined here
|
|
#include <logonp.h> // NetpLogon routines
|
|
#include <lsarpc.h> // Needed by lsrvdata.h and logonsrv.h
|
|
#include <lsaisrv.h> // LsaI routines
|
|
#include <wincrypt.h> // CryptoAPI
|
|
|
|
#ifndef NETSETUP_JOIN
|
|
#define SECURITY_KERBEROS
|
|
#include <security.h> // Interface to LSA/Kerberos
|
|
#include <secint.h> // needed to get Kerberos interfaces.
|
|
#include <sspi.h> // Needed by ssiinit.h
|
|
// #include <secext.h> // Needed by secpkg.h
|
|
#include <secpkg.h> // Needed by sphelp.h
|
|
#endif
|
|
|
|
#include <names.h> // NetpIsUserNameValid
|
|
#include <netlib.h> // NetpCopy...
|
|
#include <netlibnt.h> // NetpNtStatusToApiStatus
|
|
#include "nlp.h" // Nlp routine
|
|
#include <ntddbrow.h> // Interface to browser driver
|
|
#include <ntrpcp.h> // Rpcp routines
|
|
#include <samrpc.h> // Needed by lsrvdata.h and logonsrv.h
|
|
#include <samisrv.h> // SamIFree routines
|
|
#include <secobj.h> // NetpAccessCheck
|
|
#include <stddef.h> // offsetof()
|
|
#include <stdlib.h> // C library functions (rand, etc)
|
|
#include <tstring.h> // Transitional string routines.
|
|
#include <lmjoin.h> // Needed by netsetup.h
|
|
#include <netsetup.h> // NetpSetDnsComputerNameAsRequired
|
|
#include <wmistr.h> // WMI trace
|
|
#include <evntrace.h> // TRACEHANDLE
|
|
|
|
#ifndef NETSETUP_JOIN
|
|
#include <cryptdll.h>
|
|
#include <ntdsa.h>
|
|
#include <ntdsapi.h>
|
|
#include <ntdsapip.h>
|
|
#endif
|
|
|
|
//
|
|
// Netlogon specific header files.
|
|
//
|
|
|
|
#include <nlrepl.h> // I_Net*
|
|
#include <dsgetdc.h> // DsGetDcName()
|
|
#include <dsgetdcp.h> // DsGetDcOpen()
|
|
#include "worker.h" // Worker routines
|
|
#include "nlbind.h" // Netlogon RPC binding cache routines
|
|
#include "nlcommon.h" // Routines shared with logonsrv\common
|
|
#include "domain.h" // Hosted domain definitions
|
|
#include "nldns.h" // DNS name registration
|
|
#include "changelg.h" // Change Log support
|
|
#include "chutil.h" // Change Log utilities
|
|
#include "iniparm.h" // DEFAULT_, MIN_, and MAX_ equates.
|
|
#include "ssiinit.h" // Misc global definitions
|
|
#include "replutil.h"
|
|
#include "nldebug.h" // Netlogon debugging
|
|
#include "nlsecure.h" // Security Descriptor for APIs
|
|
#include "ismapi.h"
|
|
#include "nlsite.h"
|
|
#include "lsrvdata.h" // Globals
|
|
|
|
//
|
|
// RtlCopyMemory on IA64 is now optimized to do aligned copies inline.
|
|
// This doesn't work for us as we use RtlCopyMemory to copy data from
|
|
// unaligned buffers to aligned ones, so we cause unaligment exception.
|
|
// To avoid this, revert to the old unoptimized version.
|
|
//
|
|
|
|
#if defined(_M_IA64)
|
|
#undef RtlCopyMemory
|
|
NTSYSAPI
|
|
VOID
|
|
NTAPI
|
|
RtlCopyMemory (
|
|
VOID UNALIGNED *Destination,
|
|
CONST VOID UNALIGNED *Source,
|
|
SIZE_T Length
|
|
);
|
|
#endif // _M_IA64
|
|
|
|
#ifdef _DC_NETLOGON
|
|
#define NETLOGON_SCRIPTS_SHARE L"NETLOGON"
|
|
#define NETLOGON_SYSVOL_SHARE L"SYSVOL"
|
|
#endif // _DC_NETLOGON
|
|
|
|
#define MAX_LOGONREQ_COUNT 3
|
|
|
|
|
|
#define NETLOGON_INSTALL_WAIT 60000 // 60 secs
|
|
|
|
//
|
|
// Exit codes for NlExit
|
|
//
|
|
|
|
typedef enum {
|
|
DontLogError,
|
|
LogError,
|
|
LogErrorAndNtStatus,
|
|
LogErrorAndNetStatus
|
|
} NL_EXIT_CODE;
|
|
|
|
////////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Procedure Forwards
|
|
//
|
|
////////////////////////////////////////////////////////////////////////
|
|
|
|
//
|
|
// error.c
|
|
//
|
|
|
|
NET_API_STATUS
|
|
NlCleanup(
|
|
VOID
|
|
);
|
|
|
|
VOID
|
|
NlExit(
|
|
IN DWORD ServiceError,
|
|
IN DWORD Data,
|
|
IN NL_EXIT_CODE ExitCode,
|
|
IN LPWSTR ErrorString
|
|
);
|
|
|
|
BOOL
|
|
GiveInstallHints(
|
|
IN BOOL Started
|
|
);
|
|
|
|
#ifdef _DC_NETLOGON
|
|
VOID
|
|
NlControlHandler(
|
|
IN DWORD opcode
|
|
);
|
|
#endif // _DC_NETLOGON
|
|
|
|
VOID
|
|
RaiseAlert(
|
|
IN DWORD alert_no,
|
|
IN LPWSTR *string_array
|
|
);
|
|
|
|
//
|
|
// Nlparse.c
|
|
//
|
|
|
|
BOOL
|
|
Nlparse(
|
|
IN PNETLOGON_PARAMETERS NlParameters,
|
|
IN PNETLOGON_PARAMETERS DefaultParameters OPTIONAL,
|
|
IN BOOLEAN IsChangeNotify
|
|
);
|
|
|
|
VOID
|
|
NlParseFree(
|
|
IN PNETLOGON_PARAMETERS NlParameters
|
|
);
|
|
|
|
VOID
|
|
NlReparse(
|
|
VOID
|
|
);
|
|
|
|
BOOL
|
|
NlparseAllSections(
|
|
IN PNETLOGON_PARAMETERS NlParameters,
|
|
IN BOOLEAN IsChangeNotify
|
|
);
|
|
|
|
//
|
|
// announce.c
|
|
//
|
|
|
|
VOID
|
|
NlRemovePendingBdc(
|
|
IN PSERVER_SESSION ServerSession
|
|
);
|
|
|
|
VOID
|
|
NlPrimaryAnnouncementFinish(
|
|
IN PSERVER_SESSION ServerSession,
|
|
IN DWORD DatabaseId,
|
|
IN PLARGE_INTEGER SerialNumber
|
|
);
|
|
|
|
VOID
|
|
NlPrimaryAnnouncementTimeout(
|
|
VOID
|
|
);
|
|
|
|
VOID
|
|
NlPrimaryAnnouncement(
|
|
IN DWORD AnnounceFlags
|
|
);
|
|
|
|
#define ANNOUNCE_FORCE 0x01
|
|
#define ANNOUNCE_CONTINUE 0x02
|
|
#define ANNOUNCE_IMMEDIATE 0x04
|
|
|
|
|
|
|
|
|
|
//
|
|
// lsrvutil.c
|
|
//
|
|
|
|
NTSTATUS
|
|
NlGetOutgoingPassword(
|
|
IN PCLIENT_SESSION ClientSession,
|
|
OUT PUNICODE_STRING *CurrentValue,
|
|
OUT PUNICODE_STRING *OldValue,
|
|
OUT PDWORD CurrentVersionNumber,
|
|
OUT PLARGE_INTEGER LastSetTime OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
NlSessionSetup(
|
|
IN OUT PCLIENT_SESSION ClientSession
|
|
);
|
|
|
|
NTSTATUS
|
|
NlEnsureSessionAuthenticated(
|
|
IN PCLIENT_SESSION ClientSession,
|
|
IN DWORD DesiredFlags
|
|
);
|
|
|
|
BOOLEAN
|
|
NlTimeHasElapsedEx(
|
|
IN PLARGE_INTEGER StartTime,
|
|
IN PLARGE_INTEGER Period,
|
|
OUT PULONG RemainingTime OPTIONAL
|
|
);
|
|
|
|
BOOLEAN
|
|
NlTimeToReauthenticate(
|
|
IN PCLIENT_SESSION ClientSession
|
|
);
|
|
|
|
BOOLEAN
|
|
NlTimeToRediscover(
|
|
IN PCLIENT_SESSION ClientSession,
|
|
BOOLEAN WithAccount
|
|
);
|
|
|
|
NTSTATUS
|
|
NlUpdateDomainInfo(
|
|
IN PCLIENT_SESSION ClientSession
|
|
);
|
|
|
|
NET_API_STATUS
|
|
NlCreateShare(
|
|
LPWSTR SharePath,
|
|
LPWSTR ShareName,
|
|
BOOLEAN AllowAuthenticatedUsers,
|
|
BOOL UpdateExclusiveShareAccess,
|
|
BOOL AllowExclusiveShareAccess
|
|
);
|
|
|
|
NET_API_STATUS
|
|
NlCacheJoinDomainControllerInfo(
|
|
VOID
|
|
);
|
|
|
|
|
|
NTSTATUS
|
|
NlSamOpenNamedUser(
|
|
IN PDOMAIN_INFO DomainInfo,
|
|
IN LPCWSTR UserName,
|
|
OUT SAMPR_HANDLE *UserHandle OPTIONAL,
|
|
OUT PULONG UserId OPTIONAL,
|
|
PSAMPR_USER_INFO_BUFFER *UserAllInfo OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
NlSamChangePasswordNamedUser(
|
|
IN PDOMAIN_INFO DomainInfo,
|
|
IN LPCWSTR UserName,
|
|
IN PUNICODE_STRING ClearTextPassword OPTIONAL,
|
|
IN PNT_OWF_PASSWORD OwfPassword OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
NlGetIncomingPassword(
|
|
IN PDOMAIN_INFO DomainInfo,
|
|
IN LPCWSTR AccountName,
|
|
IN NETLOGON_SECURE_CHANNEL_TYPE SecureChannelType,
|
|
IN ULONG AllowableAccountControlBits,
|
|
IN BOOL CheckAccountDisabled,
|
|
OUT PNT_OWF_PASSWORD OwfPassword OPTIONAL,
|
|
OUT PNT_OWF_PASSWORD OwfPreviousPassword OPTIONAL,
|
|
OUT PULONG AccountRid OPTIONAL,
|
|
OUT PULONG TrustAttributes OPTIONAL,
|
|
OUT PBOOL IsDnsDomainTrustAccount OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
NlSetIncomingPassword(
|
|
IN PDOMAIN_INFO DomainInfo,
|
|
IN LPWSTR AccountName,
|
|
IN NETLOGON_SECURE_CHANNEL_TYPE SecureChannelType,
|
|
IN PUNICODE_STRING ClearTextPassword OPTIONAL,
|
|
IN DWORD ClearPasswordVersionNumber,
|
|
IN PNT_OWF_PASSWORD OwfPassword OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
NlChangePassword(
|
|
IN PCLIENT_SESSION ClientSession,
|
|
IN BOOLEAN ForcePasswordChange,
|
|
OUT PULONG RetCallAgainPeriod OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
NlChangePasswordHigher(
|
|
IN PCLIENT_SESSION ClientSession,
|
|
IN LPWSTR AccountName,
|
|
IN NETLOGON_SECURE_CHANNEL_TYPE AccountType,
|
|
IN PLM_OWF_PASSWORD NewOwfPassword OPTIONAL,
|
|
IN PUNICODE_STRING NewClearPassword OPTIONAL,
|
|
IN PDWORD ClearPasswordVersionNumber OPTIONAL
|
|
);
|
|
|
|
NTSTATUS
|
|
NlGetUserPriv(
|
|
IN PDOMAIN_INFO DomainInfo,
|
|
IN ULONG GroupCount,
|
|
IN PGROUP_MEMBERSHIP Groups,
|
|
IN ULONG UserRelativeId,
|
|
OUT LPDWORD Priv,
|
|
OUT LPDWORD AuthFlags
|
|
);
|
|
|
|
BOOLEAN
|
|
NlGenerateRandomBits(
|
|
PUCHAR pBuffer,
|
|
ULONG cbBuffer
|
|
);
|
|
|
|
|
|
//
|
|
// netlogon.c
|
|
//
|
|
|
|
|
|
#ifdef _DC_NETLOGON
|
|
BOOL
|
|
TimerExpired(
|
|
IN PTIMER Timer,
|
|
IN PLARGE_INTEGER TimeNow,
|
|
IN OUT LPDWORD Timeout
|
|
);
|
|
|
|
ULONG
|
|
NlGetDomainFlags(
|
|
IN PDOMAIN_INFO DomainInfo
|
|
);
|
|
|
|
NTSTATUS
|
|
NlWaitForService(
|
|
LPWSTR ServiceName,
|
|
ULONG Timeout,
|
|
BOOLEAN RequireAutoStart
|
|
);
|
|
|
|
int
|
|
NlNetlogonMain(
|
|
IN DWORD argc,
|
|
IN LPWSTR *argv
|
|
);
|
|
|
|
NTSTATUS
|
|
NlInitLsaDBInfo(
|
|
PDOMAIN_INFO DomainInfo,
|
|
DWORD DBIndex
|
|
);
|
|
|
|
NTSTATUS
|
|
NlInitSamDBInfo(
|
|
PDOMAIN_INFO DomainInfo,
|
|
DWORD DBIndex
|
|
);
|
|
|
|
BOOL
|
|
NlCreateSysvolShares(
|
|
VOID
|
|
);
|
|
|
|
#endif // _DC_NETLOGON
|
|
|
|
//
|
|
// mailslot.c
|
|
//
|
|
|
|
NTSTATUS
|
|
NlpWriteMailslot(
|
|
IN LPWSTR MailslotName,
|
|
IN LPVOID Buffer,
|
|
IN DWORD BufferSize
|
|
);
|
|
|
|
#ifdef _DC_NETLOGON
|
|
HANDLE
|
|
NlBrowserCreateEvent(
|
|
VOID
|
|
);
|
|
|
|
VOID
|
|
NlBrowserCloseEvent(
|
|
IN HANDLE EventHandle
|
|
);
|
|
|
|
BOOL
|
|
NlBrowserOpen(
|
|
VOID
|
|
);
|
|
|
|
VOID
|
|
NlBrowserClose(
|
|
VOID
|
|
);
|
|
|
|
NTSTATUS
|
|
NlBrowserSendDatagramA(
|
|
IN PDOMAIN_INFO DomainInfo,
|
|
IN ULONG IpAddress,
|
|
IN LPSTR OemServerName,
|
|
IN DGRECEIVER_NAME_TYPE NameType,
|
|
IN LPWSTR TransportName,
|
|
IN LPSTR OemMailslotName,
|
|
IN PVOID Buffer,
|
|
IN ULONG BufferSize
|
|
);
|
|
|
|
NET_API_STATUS
|
|
NlBrowserFixAllNames(
|
|
IN PDOMAIN_INFO DomainInfo,
|
|
IN PVOID Context
|
|
);
|
|
|
|
VOID
|
|
NlBrowserAddName(
|
|
IN PDOMAIN_INFO DomainInfo
|
|
);
|
|
|
|
VOID
|
|
NlBrowserDelName(
|
|
IN PDOMAIN_INFO DomainInfo
|
|
);
|
|
|
|
VOID
|
|
NlBrowserUpdate(
|
|
IN PDOMAIN_INFO DomainInfo,
|
|
IN DWORD Role
|
|
);
|
|
|
|
NTSTATUS
|
|
NlBrowserRenameDomain(
|
|
IN LPWSTR OldDomainName OPTIONAL,
|
|
IN LPWSTR NewDomainName
|
|
);
|
|
|
|
NET_API_STATUS
|
|
NlBrowserGetTransportList(
|
|
OUT PLMDR_TRANSPORT_LIST *TransportList
|
|
);
|
|
|
|
VOID
|
|
NlBrowserSyncHostedDomains(
|
|
VOID
|
|
);
|
|
|
|
VOID
|
|
NlMailslotPostRead(
|
|
IN BOOLEAN IgnoreDuplicatesOfPreviousMessage
|
|
);
|
|
|
|
BOOL
|
|
NlMailslotOverlappedResult(
|
|
OUT LPBYTE *Message,
|
|
OUT PULONG BytesRead,
|
|
OUT LPWSTR *TransportName,
|
|
OUT PNL_TRANSPORT *Transport,
|
|
OUT PSOCKADDR *ClientSockAddr,
|
|
OUT LPWSTR *DestinationName,
|
|
OUT PBOOLEAN IgnoreDuplicatesOfPreviousMessage,
|
|
OUT PNETLOGON_PNP_OPCODE NlPnpOpcode
|
|
);
|
|
|
|
NET_API_STATUS
|
|
NlServerComputerNameAdd(
|
|
IN LPWSTR HostedDomainName,
|
|
IN LPWSTR HostedServerName
|
|
);
|
|
|
|
//
|
|
// oldstub.c
|
|
//
|
|
|
|
void _fgs__NETLOGON_DELTA_ENUM (NETLOGON_DELTA_ENUM * _source);
|
|
|
|
// Use this to free all memory allocated by SAM.
|
|
#define SamLsaFreeMemory( _X ) MIDL_user_free(_X)
|
|
|
|
//
|
|
// ds.c
|
|
//
|
|
|
|
|
|
NET_API_STATUS
|
|
NlGetRoleInformation(
|
|
PDOMAIN_INFO DomainInfo,
|
|
PBOOLEAN IsPdc,
|
|
PBOOLEAN Nt4MixedDomain
|
|
);
|
|
|
|
//
|
|
// rgroups.c
|
|
//
|
|
|
|
NTSTATUS
|
|
NlpExpandResourceGroupMembership(
|
|
IN NETLOGON_VALIDATION_INFO_CLASS ValidationLevel,
|
|
IN OUT PNETLOGON_VALIDATION_SAM_INFO4 * UserInfo,
|
|
IN PDOMAIN_INFO DomainInfo,
|
|
IN ULONG ComputerAccountId
|
|
);
|
|
|
|
NTSTATUS
|
|
NlpAddResourceGroupsToSamInfo (
|
|
IN NETLOGON_VALIDATION_INFO_CLASS ValidationLevel,
|
|
IN OUT PNETLOGON_VALIDATION_SAM_INFO4 *ValidationInformation,
|
|
IN PSAMPR_PSID_ARRAY ResourceGroups
|
|
);
|
|
|
|
NTSTATUS
|
|
NlpAddOtherOrganizationSid (
|
|
IN NETLOGON_VALIDATION_INFO_CLASS ValidationLevel,
|
|
IN OUT PNETLOGON_VALIDATION_SAM_INFO4 *ValidationInformation
|
|
);
|
|
|
|
#endif // _DC_NETLOGON
|
|
|
|
//
|
|
// nltrace.c
|
|
//
|
|
|
|
ULONG
|
|
_stdcall
|
|
NlpInitializeTrace(PVOID Param);
|
|
|
|
VOID
|
|
NlpTraceEvent(
|
|
IN ULONG WmiEventType,
|
|
IN ULONG TraceGuid );
|
|
|
|
VOID
|
|
NlpTraceServerAuthEvent(
|
|
IN ULONG WmiEventType,
|
|
IN LPWSTR ComputerName,
|
|
IN LPWSTR AccountName,
|
|
IN NETLOGON_SECURE_CHANNEL_TYPE SecureChannelType,
|
|
IN PULONG NegotiatedFlags,
|
|
IN NTSTATUS Status
|
|
);
|
|
|
|
//
|
|
// The following "typedef enum" actually is the index of LPGUID in
|
|
// the table of NlpTraceGuids[] (defined in nltrace.c). We should
|
|
// always change NlpTraceGuids[] if we add any other entry
|
|
// in the following enum type.
|
|
//
|
|
typedef enum _NLPTRACE_GUID {
|
|
|
|
NlpGuidServerAuth,
|
|
NlpGuidSecureChannelSetup
|
|
|
|
} NLPTRACE_GUID;
|
|
|
|
//
|
|
// parse.c
|
|
//
|
|
|
|
NET_API_STATUS
|
|
NlParseOne(
|
|
IN LPNET_CONFIG_HANDLE SectionHandle,
|
|
IN BOOL GpSection,
|
|
IN LPWSTR Keyword,
|
|
IN ULONG DefaultValue,
|
|
IN ULONG MinimumValue,
|
|
IN ULONG MaximumValue,
|
|
OUT PULONG Value
|
|
);
|
|
|