search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
HACK: pinfo->private_data points to smb_info again
[wireshark-wip.git] / epan / dissectors / pidl / lsa.idl
blob116441545f72abf397c7d32a80d05602c34f824b
1 #include "idl_types.h"
2
3 /*
4 lsa interface definition
5 */
6
7 /*import "misc.idl", "security.idl";*/
8
9 [ uuid("12345778-1234-abcd-ef00-0123456789ab"),
10 version(0.0),
11 endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\netlogon]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"),
12 pointer_default(unique),
13 helpstring("Local Security Authority")
14 ] interface lsarpc
15 {
16 typedef [bitmap32bit] bitmap {
17 LSA_POLICY_NOTIFICATION = 0x00001000,
18 LSA_POLICY_LOOKUP_NAMES = 0x00000800,
19 LSA_POLICY_SERVER_ADMIN = 0x00000400,
20 LSA_POLICY_AUDIT_LOG_ADMIN = 0x00000200,
21 LSA_POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100,
22 LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080,
23 LSA_POLICY_CREATE_PRIVILEGE = 0x00000040,
24 LSA_POLICY_CREATE_SECRET = 0x00000020,
25 LSA_POLICY_CREATE_ACCOUNT = 0x00000010,
26 LSA_POLICY_TRUST_ADMIN = 0x00000008,
27 LSA_POLICY_GET_PRIVATE_INFORMATION = 0x00000004,
28 LSA_POLICY_VIEW_AUDIT_INFORMATION = 0x00000002,
29 LSA_POLICY_VIEW_LOCAL_INFORMATION = 0x00000001
30 } lsa_PolicyAccessMask;
31
32 typedef [bitmap32bit] bitmap {
33 LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS = 0x00000008,
34 LSA_ACCOUNT_ADJUST_QUOTAS = 0x00000004,
35 LSA_ACCOUNT_ADJUST_PRIVILEGES = 0x00000002,
36 LSA_ACCOUNT_VIEW = 0x00000001
37 } lsa_AccountAccessMask;
38
39 typedef [bitmap32bit] bitmap {
40 LSA_DOMAIN_QUERY_AUTH = 0x00000040,
41 LSA_DOMAIN_SET_AUTH = 0x00000020,
42 LSA_DOMAIN_SET_POSIX = 0x00000010,
43 LSA_DOMAIN_QUERY_POSIX = 0x00000008,
44 LSA_DOMAIN_SET_CONTROLLERS = 0x00000004,
45 LSA_DOMAIN_QUERY_CONTROLLERS = 0x00000002,
46 LSA_DOMAIN_QUERY_DOMAIN_NAME = 0x00000001
47 } lsa_DomainAccessMask;
48
49 typedef [bitmap32bit] bitmap {
50 LSA_SECRET_QUERY_VALUE = 0x00000002,
51 LSA_SECRET_SET_VALUE = 0x00000001
52 } lsa_SecretAccessMask;
53
54 typedef bitmap security_secinfo security_secinfo;
55
56 typedef [public] struct {
57 [value(2*strlen_m(string))] uint16 length;
58 [value(2*strlen_m(string))] uint16 size;
59 [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string;
60 } lsa_String;
61
62 typedef [public] struct {
63 [value(2*strlen_m(string))] uint16 length;
64 [value(2*strlen_m_term(string))] uint16 size;
65 [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string;
66 } lsa_StringLarge;
67
68 typedef [public] struct {
69 uint32 count;
70 [size_is(count)] lsa_String *names;
71 } lsa_Strings;
72
73 typedef [public] struct {
74 [value(strlen_m(string))] uint16 length;
75 [value(strlen_m(string))] uint16 size;
76 [charset(DOS),size_is(size),length_is(length)] uint8 *string;
77 } lsa_AsciiString;
78
79 typedef [public] struct {
80 [value(strlen_m(string))] uint16 length;
81 [value(strlen_m_term(string))] uint16 size;
82 [charset(DOS),size_is(size),length_is(length)] uint8 *string;
83 } lsa_AsciiStringLarge;
84
85 /******************/
86 /* Function: 0x00 */
87 NTSTATUS lsa_Close (
88 [in,out] policy_handle *handle
89 );
90
91
92 /******************/
93 /* Function: 0x01 */
94 [public] NTSTATUS lsa_Delete (
95 [in] policy_handle *handle
96 );
97
98
99 /******************/
100 /* Function: 0x02 */
101 typedef struct {
102 uint32 low;
103 uint32 high;
104 } lsa_LUID;
105
106 typedef struct {
107 lsa_StringLarge name;
108 lsa_LUID luid;
109 } lsa_PrivEntry;
110
111 typedef struct {
112 uint32 count;
113 [size_is(count)] lsa_PrivEntry *privs;
114 } lsa_PrivArray;
115
116 [public] NTSTATUS lsa_EnumPrivs (
117 [in] policy_handle *handle,
118 [in,out] uint32 *resume_handle,
119 [in] uint32 max_count,
120 [out] lsa_PrivArray *privs
121 );
122
123 /******************/
124 /* Function: 0x03 */
125
126 NTSTATUS lsa_QuerySecurity (
127 [in] policy_handle *handle,
128 [in] security_secinfo sec_info,
129 [out,unique] sec_desc_buf *sdbuf
130 );
131
132
133 /******************/
134 /* Function: 0x04 */
135 [todo] NTSTATUS lsa_SetSecObj ();
136
137
138 /******************/
139 /* Function: 0x05 */
140 [todo] NTSTATUS lsa_ChangePassword ();
141
142
143 /******************/
144 /* Function: 0x06 */
145
146 typedef enum {
147 LSA_SECURITY_ANONYMOUS = 0,
148 LSA_SECURITY_IDENTIFICATION = 1,
149 LSA_SECURITY_IMPERSONATION = 2,
150 LSA_SECURITY_DELEGATION = 3
151 } lsa_SecurityImpersonationLevel;
152
153 typedef struct {
154 uint32 len; /* ignored */
155 lsa_SecurityImpersonationLevel impersonation_level;
156 uint8 context_mode;
157 uint8 effective_only;
158 } lsa_QosInfo;
159
160 typedef struct {
161 uint32 len; /* ignored */
162 uint8 *root_dir;
163 [string,charset(UTF16)] uint16 *object_name;
164 uint32 attributes;
165 security_descriptor *sec_desc;
166 lsa_QosInfo *sec_qos;
167 } lsa_ObjectAttribute;
168
169 /* notice the screwup with the system_name - thats why MS created
170 OpenPolicy2 */
171 [public] NTSTATUS lsa_OpenPolicy (
172 [in,unique] uint16 *system_name,
173 [in] lsa_ObjectAttribute *attr,
174 [in] lsa_PolicyAccessMask access_mask,
175 [out] policy_handle *handle
176 );
177
178
179
180 /******************/
181 /* Function: 0x07 */
182
183 typedef struct {
184 uint32 percent_full;
185 uint32 log_size;
186 NTTIME retention_time;
187 uint8 shutdown_in_progress;
188 NTTIME time_to_shutdown;
189 uint32 next_audit_record;
190 uint32 unknown;
191 } lsa_AuditLogInfo;
192
193 typedef [v1_enum] enum {
194 LSA_AUDIT_POLICY_NONE=0,
195 LSA_AUDIT_POLICY_SUCCESS=1,
196 LSA_AUDIT_POLICY_FAILURE=2,
197 LSA_AUDIT_POLICY_ALL=(LSA_AUDIT_POLICY_SUCCESS|LSA_AUDIT_POLICY_FAILURE),
198 LSA_AUDIT_POLICY_CLEAR=4
199 } lsa_PolicyAuditPolicy;
200
201 typedef enum {
202 LSA_AUDIT_CATEGORY_SYSTEM = 0,
203 LSA_AUDIT_CATEGORY_LOGON = 1,
204 LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS = 2,
205 LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS = 3,
206 LSA_AUDIT_CATEGORY_PROCCESS_TRACKING = 4,
207 LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES = 5,
208 LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT = 6,
209 LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS = 7, /* only in win2k/2k3 */
210 LSA_AUDIT_CATEGORY_ACCOUNT_LOGON = 8 /* only in win2k/2k3 */
211 } lsa_PolicyAuditEventType;
212
213 typedef struct {
214 uint32 auditing_mode;
215 [size_is(count)] lsa_PolicyAuditPolicy *settings;
216 uint32 count;
217 } lsa_AuditEventsInfo;
218
219 typedef struct {
220 lsa_StringLarge name;
221 dom_sid2 *sid;
222 } lsa_DomainInfo;
223
224 typedef struct {
225 lsa_String name;
226 } lsa_PDAccountInfo;
227
228 typedef enum {
229 LSA_POLICY_ROLE_BACKUP = 2,
230 LSA_POLICY_ROLE_PRIMARY = 3
231 } lsa_PolicyServerRole;
232
233 typedef struct {
234 lsa_PolicyServerRole role;
235 } lsa_ServerRole;
236
237 typedef struct {
238 lsa_String source;
239 lsa_String account;
240 } lsa_ReplicaSourceInfo;
241
242 typedef struct {
243 uint32 paged_pool;
244 uint32 non_paged_pool;
245 uint32 min_wss;
246 uint32 max_wss;
247 uint32 pagefile;
248 hyper unknown;
249 } lsa_DefaultQuotaInfo;
250
251 typedef struct {
252 hyper modified_id;
253 NTTIME db_create_time;
254 } lsa_ModificationInfo;
255
256 typedef struct {
257 uint8 shutdown_on_full;
258 } lsa_AuditFullSetInfo;
259
260 typedef struct {
261 uint16 unknown; /* an midl padding bug? */
262 uint8 shutdown_on_full;
263 uint8 log_is_full;
264 } lsa_AuditFullQueryInfo;
265
266 typedef struct {
267 /* it's important that we use the lsa_StringLarge here,
268 * because otherwise windows clients result with such dns hostnames
269 * e.g. w2k3-client.samba4.samba.orgsamba4.samba.org
270 * where it should be
271 * w2k3-client.samba4.samba.org
272 */
273 lsa_StringLarge name;
274 lsa_StringLarge dns_domain;
275 lsa_StringLarge dns_forest;
276 GUID domain_guid;
277 dom_sid2 *sid;
278 } lsa_DnsDomainInfo;
279
280 typedef enum {
281 LSA_POLICY_INFO_AUDIT_LOG=1,
282 LSA_POLICY_INFO_AUDIT_EVENTS=2,
283 LSA_POLICY_INFO_DOMAIN=3,
284 LSA_POLICY_INFO_PD=4,
285 LSA_POLICY_INFO_ACCOUNT_DOMAIN=5,
286 LSA_POLICY_INFO_ROLE=6,
287 LSA_POLICY_INFO_REPLICA=7,
288 LSA_POLICY_INFO_QUOTA=8,
289 LSA_POLICY_INFO_DB=9,
290 LSA_POLICY_INFO_AUDIT_FULL_SET=10,
291 LSA_POLICY_INFO_AUDIT_FULL_QUERY=11,
292 LSA_POLICY_INFO_DNS=12,
293 LSA_POLICY_INFO_DNS_INT=13,
294 LSA_POLICY_INFO_LOCAL_ACCOUNT_DOMAIN=14
295 } lsa_PolicyInfo;
296
297 typedef [switch_type(uint16)] union {
298 [case(LSA_POLICY_INFO_AUDIT_LOG)] lsa_AuditLogInfo audit_log;
299 [case(LSA_POLICY_INFO_AUDIT_EVENTS)] lsa_AuditEventsInfo audit_events;
300 [case(LSA_POLICY_INFO_DOMAIN)] lsa_DomainInfo domain;
301 [case(LSA_POLICY_INFO_PD)] lsa_PDAccountInfo pd;
302 [case(LSA_POLICY_INFO_ACCOUNT_DOMAIN)] lsa_DomainInfo account_domain;
303 [case(LSA_POLICY_INFO_ROLE)] lsa_ServerRole role;
304 [case(LSA_POLICY_INFO_REPLICA)] lsa_ReplicaSourceInfo replica;
305 [case(LSA_POLICY_INFO_QUOTA)] lsa_DefaultQuotaInfo quota;
306 [case(LSA_POLICY_INFO_DB)] lsa_ModificationInfo db;
307 [case(LSA_POLICY_INFO_AUDIT_FULL_SET)] lsa_AuditFullSetInfo auditfullset;
308 [case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery;
309 [case(LSA_POLICY_INFO_DNS)] lsa_DnsDomainInfo dns;
310 } lsa_PolicyInformation;
311
312 NTSTATUS lsa_QueryInfoPolicy (
313 [in] policy_handle *handle,
314 [in] lsa_PolicyInfo level,
315 [out,unique,switch_is(level)] lsa_PolicyInformation *info
316 );
317
318 /******************/
319 /* Function: 0x08 */
320 NTSTATUS lsa_SetInfoPolicy (
321 [in] policy_handle *handle,
322 [in] lsa_PolicyInfo level,
323 [in,switch_is(level)] lsa_PolicyInformation *info
324 );
325
326 /******************/
327 /* Function: 0x09 */
328 [todo] NTSTATUS lsa_ClearAuditLog ();
329
330 /******************/
331 /* Function: 0x0a */
332 [public] NTSTATUS lsa_CreateAccount (
333 [in] policy_handle *handle,
334 [in] dom_sid2 *sid,
335 [in] lsa_AccountAccessMask access_mask,
336 [out] policy_handle *acct_handle
337 );
338
339 /******************/
340 /* NOTE: This only returns accounts that have at least
341 one privilege set
342 */
343 /* Function: 0x0b */
344 typedef struct {
345 dom_sid2 *sid;
346 } lsa_SidPtr;
347
348 typedef [public] struct {
349 [range(0,1000)] uint32 num_sids;
350 [size_is(num_sids)] lsa_SidPtr *sids;
351 } lsa_SidArray;
352
353 [public] NTSTATUS lsa_EnumAccounts (
354 [in] policy_handle *handle,
355 [in,out] uint32 *resume_handle,
356 [in,range(0,8192)] uint32 num_entries,
357 [out] lsa_SidArray *sids
358 );
359
360
361 /*************************************************/
362 /* Function: 0x0c */
363
364 [public] NTSTATUS lsa_CreateTrustedDomain(
365 [in] policy_handle *handle,
366 [in] lsa_DomainInfo *info,
367 [in] lsa_DomainAccessMask access_mask,
368 [out] policy_handle *trustdom_handle
369 );
370
371
372 /******************/
373 /* Function: 0x0d */
374
375 /* w2k3 treats max_size as max_domains*60 */
376 const int LSA_ENUM_TRUST_DOMAIN_MULTIPLIER = 60;
377
378 typedef struct {
379 uint32 count;
380 [size_is(count)] lsa_DomainInfo *domains;
381 } lsa_DomainList;
382
383 NTSTATUS lsa_EnumTrustDom (
384 [in] policy_handle *handle,
385 [in,out] uint32 *resume_handle,
386 [in] uint32 max_size,
387 [out] lsa_DomainList *domains
388 );
389
390
391 /******************/
392 /* Function: 0x0e */
393 typedef [public] enum {
394 SID_NAME_USE_NONE = 0,/* NOTUSED */
395 SID_NAME_USER = 1, /* user */
396 SID_NAME_DOM_GRP = 2, /* domain group */
397 SID_NAME_DOMAIN = 3, /* domain: don't know what this is */
398 SID_NAME_ALIAS = 4, /* local group */
399 SID_NAME_WKN_GRP = 5, /* well-known group */
400 SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
401 SID_NAME_INVALID = 7, /* invalid account */
402 SID_NAME_UNKNOWN = 8, /* oops. */
403 SID_NAME_COMPUTER = 9 /* machine */
404 } lsa_SidType;
405
406 typedef struct {
407 lsa_SidType sid_type;
408 uint32 rid;
409 uint32 sid_index;
410 } lsa_TranslatedSid;
411
412 typedef struct {
413 [range(0,1000)] uint32 count;
414 [size_is(count)] lsa_TranslatedSid *sids;
415 } lsa_TransSidArray;
416
417 const int LSA_REF_DOMAIN_LIST_MULTIPLIER = 32;
418 typedef struct {
419 [range(0,1000)] uint32 count;
420 [size_is(count)] lsa_DomainInfo *domains;
421 uint32 max_size;
422 } lsa_RefDomainList;
423
424 /* Level 1: Ask everywhere
425 * Level 2: Ask domain and trusted domains, no builtin and wkn
426 * Level 3: Only ask domain
427 * Level 4: W2k3ad: Only ask AD trusts
428 * Level 5: Only ask transitive forest trusts
429 * Level 6: Like 4
430 */
431
432 typedef enum {
433 LSA_LOOKUP_NAMES_ALL = 1,
434 LSA_LOOKUP_NAMES_DOMAINS_ONLY = 2,
435 LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY = 3,
436 LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY = 4,
437 LSA_LOOKUP_NAMES_FOREST_TRUSTS_ONLY = 5,
438 LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6
439 } lsa_LookupNamesLevel;
440
441 [public] NTSTATUS lsa_LookupNames (
442 [in] policy_handle *handle,
443 [in,range(0,1000)] uint32 num_names,
444 [in,size_is(num_names)] lsa_String names[],
445 [out,unique] lsa_RefDomainList *domains,
446 [in,out] lsa_TransSidArray *sids,
447 [in] lsa_LookupNamesLevel level,
448 [in,out] uint32 *count
449 );
450
451
452 /******************/
453 /* Function: 0x0f */
454
455 typedef struct {
456 lsa_SidType sid_type;
457 lsa_String name;
458 uint32 sid_index;
459 } lsa_TranslatedName;
460
461 typedef struct {
462 [range(0,1000)] uint32 count;
463 [size_is(count)] lsa_TranslatedName *names;
464 } lsa_TransNameArray;
465
466 [public] NTSTATUS lsa_LookupSids (
467 [in] policy_handle *handle,
468 [in] lsa_SidArray *sids,
469 [out,unique] lsa_RefDomainList *domains,
470 [in,out] lsa_TransNameArray *names,
471 [in] uint16 level,
472 [in,out] uint32 *count
473 );
474
475
476 /* Function: 0x10 */
477 [public] NTSTATUS lsa_CreateSecret(
478 [in] policy_handle *handle,
479 [in] lsa_String name,
480 [in] lsa_SecretAccessMask access_mask,
481 [out] policy_handle *sec_handle
482 );
483
484
485 /*****************************************/
486 /* Function: 0x11 */
487 NTSTATUS lsa_OpenAccount (
488 [in] policy_handle *handle,
489 [in] dom_sid2 *sid,
490 [in] lsa_AccountAccessMask access_mask,
491 [out] policy_handle *acct_handle
492 );
493
494
495 /****************************************/
496 /* Function: 0x12 */
497
498 typedef struct {
499 lsa_LUID luid;
500 uint32 attribute;
501 } lsa_LUIDAttribute;
502
503 typedef struct {
504 [range(0,1000)] uint32 count;
505 uint32 unknown;
506 [size_is(count)] lsa_LUIDAttribute set[*];
507 } lsa_PrivilegeSet;
508
509 NTSTATUS lsa_EnumPrivsAccount (
510 [in] policy_handle *handle,
511 [out,unique] lsa_PrivilegeSet *privs
512 );
513
514
515 /****************************************/
516 /* Function: 0x13 */
517 NTSTATUS lsa_AddPrivilegesToAccount(
518 [in] policy_handle *handle,
519 [in] lsa_PrivilegeSet *privs
520 );
521
522
523 /****************************************/
524 /* Function: 0x14 */
525 NTSTATUS lsa_RemovePrivilegesFromAccount(
526 [in] policy_handle *handle,
527 [in] uint8 remove_all,
528 [in,unique] lsa_PrivilegeSet *privs
529 );
530
531 /* Function: 0x15 */
532 [todo] NTSTATUS lsa_GetQuotasForAccount();
533
534 /* Function: 0x16 */
535 [todo] NTSTATUS lsa_SetQuotasForAccount();
536
537 /* Function: 0x17 */
538 [todo] NTSTATUS lsa_GetSystemAccessAccount();
539 /* Function: 0x18 */
540 [todo] NTSTATUS lsa_SetSystemAccessAccount();
541
542 /* Function: 0x19 */
543 NTSTATUS lsa_OpenTrustedDomain(
544 [in] policy_handle *handle,
545 [in] dom_sid2 *sid,
546 [in] lsa_DomainAccessMask access_mask,
547 [out] policy_handle *trustdom_handle
548 );
549
550 typedef [flag(NDR_PAHEX)] struct {
551 uint32 length;
552 uint32 size;
553 [size_is(size),length_is(length)] uint8 *data;
554 } lsa_DATA_BUF;
555
556 typedef [flag(NDR_PAHEX)] struct {
557 [range(0,65536)] uint32 size;
558 [size_is(size)] uint8 *data;
559 } lsa_DATA_BUF2;
560
561 typedef enum {
562 LSA_TRUSTED_DOMAIN_INFO_NAME = 1,
563 LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO = 2,
564 LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3,
565 LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4,
566 LSA_TRUSTED_DOMAIN_INFO_BASIC = 5,
567 LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6,
568 LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7,
569 LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8,
570 LSA_TRUSTED_DOMAIN_INFO_11 = 11,
571 LSA_TRUSTED_DOMAIN_INFO_INFO_ALL = 12
572 } lsa_TrustDomInfoEnum;
573
574 typedef struct {
575 lsa_StringLarge netbios_name;
576 } lsa_TrustDomainInfoName;
577
578 typedef struct {
579 uint32 posix_offset;
580 } lsa_TrustDomainInfoPosixOffset;
581
582 typedef struct {
583 lsa_DATA_BUF *password;
584 lsa_DATA_BUF *old_password;
585 } lsa_TrustDomainInfoPassword;
586
587 typedef struct {
588 lsa_String netbios_name;
589 dom_sid2 *sid;
590 } lsa_TrustDomainInfoBasic;
591
592 typedef struct {
593 lsa_StringLarge domain_name;
594 lsa_StringLarge netbios_name;
595 dom_sid2 *sid;
596 uint32 trust_direction;
597 uint32 trust_type;
598 uint32 trust_attributes;
599 } lsa_TrustDomainInfoInfoEx;
600
601 typedef struct {
602 NTTIME_hyper last_update_time;
603 uint32 secret_type;
604 lsa_DATA_BUF2 data;
605 } lsa_TrustDomainInfoBuffer;
606
607 typedef struct {
608 uint32 incoming_count;
609 lsa_TrustDomainInfoBuffer *incoming_current_auth_info;
610 lsa_TrustDomainInfoBuffer *incoming_previous_auth_info;
611 uint32 outgoing_count;
612 lsa_TrustDomainInfoBuffer *outgoing_current_auth_info;
613 lsa_TrustDomainInfoBuffer *outgoing_previous_auth_info;
614 } lsa_TrustDomainInfoAuthInfo;
615
616 typedef struct {
617 lsa_TrustDomainInfoInfoEx info_ex;
618 lsa_TrustDomainInfoPosixOffset posix_offset;
619 lsa_TrustDomainInfoAuthInfo auth_info;
620 } lsa_TrustDomainInfoFullInfo;
621
622 typedef struct {
623 lsa_TrustDomainInfoInfoEx info_ex;
624 lsa_DATA_BUF2 data1;
625 } lsa_TrustDomainInfo11;
626
627 typedef struct {
628 lsa_TrustDomainInfoInfoEx info_ex;
629 lsa_DATA_BUF2 data1;
630 lsa_TrustDomainInfoPosixOffset posix_offset;
631 lsa_TrustDomainInfoAuthInfo auth_info;
632 } lsa_TrustDomainInfoInfoAll;
633
634 typedef [switch_type(lsa_TrustDomInfoEnum)] union {
635 [case(LSA_TRUSTED_DOMAIN_INFO_NAME)] lsa_TrustDomainInfoName name;
636 [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] lsa_TrustDomainInfoPosixOffset posix_offset;
637 [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)] lsa_TrustDomainInfoPassword password;
638 [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)] lsa_TrustDomainInfoBasic info_basic;
639 [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)] lsa_TrustDomainInfoInfoEx info_ex;
640 [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)] lsa_TrustDomainInfoAuthInfo auth_info;
641 [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)] lsa_TrustDomainInfoFullInfo full_info;
642 [case(LSA_TRUSTED_DOMAIN_INFO_11)] lsa_TrustDomainInfo11 info11;
643 [case(LSA_TRUSTED_DOMAIN_INFO_INFO_ALL)] lsa_TrustDomainInfoInfoAll info_all;
644 } lsa_TrustedDomainInfo;
645
646 /* Function: 0x1a */
647 NTSTATUS lsa_QueryTrustedDomainInfo(
648 [in] policy_handle *trustdom_handle,
649 [in] lsa_TrustDomInfoEnum level,
650 [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
651 );
652
653 /* Function: 0x1b */
654 [todo] NTSTATUS lsa_SetInformationTrustedDomain();
655
656 /* Function: 0x1c */
657 [public] NTSTATUS lsa_OpenSecret(
658 [in] policy_handle *handle,
659 [in] lsa_String name,
660 [in] lsa_SecretAccessMask access_mask,
661 [out] policy_handle *sec_handle
662 );
663
664 /* Function: 0x1d */
665
666 [public] NTSTATUS lsa_SetSecret(
667 [in] policy_handle *sec_handle,
668 [in,unique] lsa_DATA_BUF *new_val,
669 [in,unique] lsa_DATA_BUF *old_val
670 );
671
672 typedef struct {
673 lsa_DATA_BUF *buf;
674 } lsa_DATA_BUF_PTR;
675
676 /* Function: 0x1e */
677 [public] NTSTATUS lsa_QuerySecret (
678 [in] policy_handle *sec_handle,
679 [in,out,unique] lsa_DATA_BUF_PTR *new_val,
680 [in,out,unique] NTTIME_hyper *new_mtime,
681 [in,out,unique] lsa_DATA_BUF_PTR *old_val,
682 [in,out,unique] NTTIME_hyper *old_mtime
683 );
684
685 /* Function: 0x1f */
686 NTSTATUS lsa_LookupPrivValue(
687 [in] policy_handle *handle,
688 [in] lsa_String *name,
689 [out] lsa_LUID *luid
690 );
691
692
693 /* Function: 0x20 */
694 NTSTATUS lsa_LookupPrivName (
695 [in] policy_handle *handle,
696 [in] lsa_LUID *luid,
697 [out,unique] lsa_StringLarge *name
698 );
699
700
701 /*******************/
702 /* Function: 0x21 */
703 NTSTATUS lsa_LookupPrivDisplayName (
704 [in] policy_handle *handle,
705 [in] lsa_String *name,
706 [out,unique] lsa_StringLarge *disp_name,
707 /* see http://www.microsoft.com/globaldev/nlsweb/ for
708 language definitions */
709 [in,out] uint16 *language_id,
710 [in] uint16 unknown
711 );
712
713 /* Function: 0x22 */
714 [todo] NTSTATUS lsa_DeleteObject();
715
716
717 /*******************/
718 /* Function: 0x23 */
719 NTSTATUS lsa_EnumAccountsWithUserRight (
720 [in] policy_handle *handle,
721 [in,unique] lsa_String *name,
722 [out] lsa_SidArray *sids
723 );
724
725 /* Function: 0x24 */
726 typedef struct {
727 [string,charset(UTF16)] uint16 *name;
728 } lsa_RightAttribute;
729
730 typedef struct {
731 uint32 count;
732 [size_is(count)] lsa_StringLarge *names;
733 } lsa_RightSet;
734
735 NTSTATUS lsa_EnumAccountRights (
736 [in] policy_handle *handle,
737 [in] dom_sid2 *sid,
738 [out] lsa_RightSet *rights
739 );
740
741
742 /**********************/
743 /* Function: 0x25 */
744 NTSTATUS lsa_AddAccountRights (
745 [in] policy_handle *handle,
746 [in] dom_sid2 *sid,
747 [in] lsa_RightSet *rights
748 );
749
750 /**********************/
751 /* Function: 0x26 */
752 NTSTATUS lsa_RemoveAccountRights (
753 [in] policy_handle *handle,
754 [in] dom_sid2 *sid,
755 [in] uint32 unknown,
756 [in] lsa_RightSet *rights
757 );
758
759 /* Function: 0x27 */
760 NTSTATUS lsa_QueryTrustedDomainInfoBySid(
761 [in] policy_handle *handle,
762 [in] dom_sid2 *dom_sid,
763 [in] lsa_TrustDomInfoEnum level,
764 [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
765 );
766
767 /* Function: 0x28 */
768 [todo] NTSTATUS lsa_SetTrustedDomainInfo();
769 /* Function: 0x29 */
770 NTSTATUS lsa_DeleteTrustedDomain(
771 [in] policy_handle *handle,
772 [in] dom_sid2 *dom_sid
773 );
774
775 /* Function: 0x2a */
776 [todo] NTSTATUS lsa_StorePrivateData();
777 /* Function: 0x2b */
778 [todo] NTSTATUS lsa_RetrievePrivateData();
779
780
781 /**********************/
782 /* Function: 0x2c */
783 [public] NTSTATUS lsa_OpenPolicy2 (
784 [in,unique] [string,charset(UTF16)] uint16 *system_name,
785 [in] lsa_ObjectAttribute *attr,
786 [in] lsa_PolicyAccessMask access_mask,
787 [out] policy_handle *handle
788 );
789
790 /**********************/
791 /* Function: 0x2d */
792 typedef struct {
793 lsa_String *string;
794 } lsa_StringPointer;
795
796 NTSTATUS lsa_GetUserName(
797 [in,unique] [string,charset(UTF16)] uint16 *system_name,
798 [in,out,unique] lsa_String *account_name,
799 [in,out,unique] lsa_StringPointer *authority_name
800 );
801
802 /**********************/
803 /* Function: 0x2e */
804
805 NTSTATUS lsa_QueryInfoPolicy2(
806 [in] policy_handle *handle,
807 [in] lsa_PolicyInfo level,
808 [out,unique,switch_is(level)] lsa_PolicyInformation *info
809 );
810
811 /* Function 0x2f */
812 NTSTATUS lsa_SetInfoPolicy2(
813 [in] policy_handle *handle,
814 [in] lsa_PolicyInfo level,
815 [in,switch_is(level)] lsa_PolicyInformation *info
816 );
817
818 /**********************/
819 /* Function 0x30 */
820 NTSTATUS lsa_QueryTrustedDomainInfoByName(
821 [in] policy_handle *handle,
822 [in] lsa_String trusted_domain,
823 [in] lsa_TrustDomInfoEnum level,
824 [out,unique,switch_is(level)] lsa_TrustedDomainInfo *info
825 );
826
827 /**********************/
828 /* Function 0x31 */
829 NTSTATUS lsa_SetTrustedDomainInfoByName(
830 [in] policy_handle *handle,
831 [in] lsa_String trusted_domain,
832 [in] lsa_TrustDomInfoEnum level,
833 [in,unique,switch_is(level)] lsa_TrustedDomainInfo *info
834 );
835
836 /* Function 0x32 */
837
838 /* w2k3 treats max_size as max_domains*82 */
839 const int LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER = 82;
840
841 typedef struct {
842 uint32 count;
843 [size_is(count)] lsa_TrustDomainInfoInfoEx *domains;
844 } lsa_DomainListEx;
845
846 NTSTATUS lsa_EnumTrustedDomainsEx (
847 [in] policy_handle *handle,
848 [in,out] uint32 *resume_handle,
849 [out] lsa_DomainListEx *domains,
850 [in] uint32 max_size
851 );
852
853
854 /* Function 0x33 */
855 [todo] NTSTATUS lsa_CreateTrustedDomainEx();
856
857 /* Function 0x34 */
858 NTSTATUS lsa_CloseTrustedDomainEx(
859 [in,out] policy_handle *handle
860 );
861
862 /* Function 0x35 */
863
864 /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000
865 for unknown6 - gd */
866 typedef struct {
867 uint32 enforce_restrictions;
868 hyper service_tkt_lifetime;
869 hyper user_tkt_lifetime;
870 hyper user_tkt_renewaltime;
871 hyper clock_skew;
872 hyper unknown6;
873 } lsa_DomainInfoKerberos;
874
875 typedef struct {
876 uint32 blob_size;
877 [size_is(blob_size)] uint8 *efs_blob;
878 } lsa_DomainInfoEfs;
879
880 typedef enum {
881 LSA_DOMAIN_INFO_POLICY_QOS=1,
882 LSA_DOMAIN_INFO_POLICY_EFS=2,
883 LSA_DOMAIN_INFO_POLICY_KERBEROS=3
884 } lsa_DomainInfoEnum;
885
886 typedef [switch_type(uint16)] union {
887 [case(LSA_DOMAIN_INFO_POLICY_EFS)] lsa_DomainInfoEfs efs_info;
888 [case(LSA_DOMAIN_INFO_POLICY_KERBEROS)] lsa_DomainInfoKerberos kerberos_info;
889 } lsa_DomainInformationPolicy;
890
891 NTSTATUS lsa_QueryDomainInformationPolicy(
892 [in] policy_handle *handle,
893 [in] lsa_DomainInfoEnum level,
894 [out,unique,switch_is(level)] lsa_DomainInformationPolicy *info
895 );
896
897 /* Function 0x36 */
898 NTSTATUS lsa_SetDomainInformationPolicy(
899 [in] policy_handle *handle,
900 [in] lsa_DomainInfoEnum level,
901 [in,unique,switch_is(level)] lsa_DomainInformationPolicy *info
902 );
903
904 /**********************/
905 /* Function 0x37 */
906 NTSTATUS lsa_OpenTrustedDomainByName(
907 [in] policy_handle *handle,
908 [in] lsa_String name,
909 [in] lsa_DomainAccessMask access_mask,
910 [out] policy_handle *trustdom_handle
911 );
912
913 /* Function 0x38 */
914 [todo] NTSTATUS lsa_TestCall();
915
916 /**********************/
917 /* Function 0x39 */
918
919 typedef struct {
920 lsa_SidType sid_type;
921 lsa_String name;
922 uint32 sid_index;
923 uint32 unknown;
924 } lsa_TranslatedName2;
925
926 typedef struct {
927 [range(0,1000)] uint32 count;
928 [size_is(count)] lsa_TranslatedName2 *names;
929 } lsa_TransNameArray2;
930
931 [public] NTSTATUS lsa_LookupSids2(
932 [in] policy_handle *handle,
933 [in] lsa_SidArray *sids,
934 [out,unique] lsa_RefDomainList *domains,
935 [in,out] lsa_TransNameArray2 *names,
936 [in] uint16 level,
937 [in,out] uint32 *count,
938 [in] uint32 unknown1,
939 [in] uint32 unknown2
940 );
941
942 /**********************/
943 /* Function 0x3a */
944
945 typedef struct {
946 lsa_SidType sid_type;
947 uint32 rid;
948 uint32 sid_index;
949 uint32 unknown;
950 } lsa_TranslatedSid2;
951
952 typedef struct {
953 [range(0,1000)] uint32 count;
954 [size_is(count)] lsa_TranslatedSid2 *sids;
955 } lsa_TransSidArray2;
956
957 [public] NTSTATUS lsa_LookupNames2 (
958 [in] policy_handle *handle,
959 [in,range(0,1000)] uint32 num_names,
960 [in,size_is(num_names)] lsa_String names[],
961 [out,unique] lsa_RefDomainList *domains,
962 [in,out] lsa_TransSidArray2 *sids,
963 [in] lsa_LookupNamesLevel level,
964 [in,out] uint32 *count,
965 [in] uint32 unknown1,
966 [in] uint32 unknown2
967 );
968
969 /* Function 0x3b */
970 [todo] NTSTATUS lsa_CreateTrustedDomainEx2();
971
972 /* Function 0x3c */
973 [todo] NTSTATUS lsa_CREDRWRITE();
974
975 /* Function 0x3d */
976 [todo] NTSTATUS lsa_CREDRREAD();
977
978 /* Function 0x3e */
979 [todo] NTSTATUS lsa_CREDRENUMERATE();
980
981 /* Function 0x3f */
982 [todo] NTSTATUS lsa_CREDRWRITEDOMAINCREDENTIALS();
983
984 /* Function 0x40 */
985 [todo] NTSTATUS lsa_CREDRREADDOMAINCREDENTIALS();
986
987 /* Function 0x41 */
988 [todo] NTSTATUS lsa_CREDRDELETE();
989
990 /* Function 0x42 */
991 [todo] NTSTATUS lsa_CREDRGETTARGETINFO();
992
993 /* Function 0x43 */
994 [todo] NTSTATUS lsa_CREDRPROFILELOADED();
995
996 /**********************/
997 /* Function 0x44 */
998 typedef struct {
999 lsa_SidType sid_type;
1000 dom_sid2 *sid;
1001 uint32 sid_index;
1002 uint32 unknown;
1003 } lsa_TranslatedSid3;
1004
1005 typedef struct {
1006 [range(0,1000)] uint32 count;
1007 [size_is(count)] lsa_TranslatedSid3 *sids;
1008 } lsa_TransSidArray3;
1009
1010 [public] NTSTATUS lsa_LookupNames3 (
1011 [in] policy_handle *handle,
1012 [in,range(0,1000)] uint32 num_names,
1013 [in,size_is(num_names)] lsa_String names[],
1014 [out,unique] lsa_RefDomainList *domains,
1015 [in,out] lsa_TransSidArray3 *sids,
1016 [in] lsa_LookupNamesLevel level,
1017 [in,out] uint32 *count,
1018 [in] uint32 unknown1,
1019 [in] uint32 unknown2
1020 );
1021
1022 /* Function 0x45 */
1023 [todo] NTSTATUS lsa_CREDRGETSESSIONTYPES();
1024
1025 /* Function 0x46 */
1026 [todo] NTSTATUS lsa_LSARREGISTERAUDITEVENT();
1027
1028 /* Function 0x47 */
1029 [todo] NTSTATUS lsa_LSARGENAUDITEVENT();
1030
1031 /* Function 0x48 */
1032 [todo] NTSTATUS lsa_LSARUNREGISTERAUDITEVENT();
1033
1034 /* Function 0x49 */
1035 typedef struct {
1036 [range(0,131072)] uint32 length;
1037 [size_is(length)] uint8 *data;
1038 } lsa_ForestTrustBinaryData;
1039
1040 typedef struct {
1041 dom_sid2 *domain_sid;
1042 lsa_StringLarge dns_domain_name;
1043 lsa_StringLarge netbios_domain_name;
1044 } lsa_ForestTrustDomainInfo;
1045
1046 typedef [switch_type(uint32)] union {
1047 [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_String top_level_name;
1048 [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex;
1049 [case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info;
1050 [default] lsa_ForestTrustBinaryData data;
1051 } lsa_ForestTrustData;
1052
1053 typedef [v1_enum] enum {
1054 LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0,
1055 LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1,
1056 LSA_FOREST_TRUST_DOMAIN_INFO = 2,
1057 LSA_FOREST_TRUST_RECORD_TYPE_LAST = 3
1058 } lsa_ForestTrustRecordType;
1059
1060 typedef struct {
1061 uint32 flags;
1062 lsa_ForestTrustRecordType level;
1063 hyper unknown;
1064 [switch_is(level)] lsa_ForestTrustData forest_trust_data;
1065 } lsa_ForestTrustRecord;
1066
1067 typedef [public] struct {
1068 [range(0,4000)] uint32 count;
1069 [size_is(count)] lsa_ForestTrustRecord **entries;
1070 } lsa_ForestTrustInformation;
1071
1072 NTSTATUS lsa_lsaRQueryForestTrustInformation(
1073 [in] policy_handle *handle,
1074 [in,ref] lsa_String *trusted_domain_name,
1075 [in] uint16 unknown, /* level ? */
1076 [out,ref] lsa_ForestTrustInformation **forest_trust_info
1077 );
1078
1079 /* Function 0x4a */
1080 [todo] NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION();
1081
1082 /* Function 0x4b */
1083 [todo] NTSTATUS lsa_CREDRRENAME();
1084
1085 /*****************/
1086 /* Function 0x4c */
1087
1088 [public] NTSTATUS lsa_LookupSids3(
1089 [in] lsa_SidArray *sids,
1090 [out,unique] lsa_RefDomainList *domains,
1091 [in,out] lsa_TransNameArray2 *names,
1092 [in] uint16 level,
1093 [in,out] uint32 *count,
1094 [in] uint32 unknown1,
1095 [in] uint32 unknown2
1096 );
1097
1098 /* Function 0x4d */
1099 NTSTATUS lsa_LookupNames4(
1100 [in,range(0,1000)] uint32 num_names,
1101 [in,size_is(num_names)] lsa_String names[],
1102 [out,unique] lsa_RefDomainList *domains,
1103 [in,out] lsa_TransSidArray3 *sids,
1104 [in] lsa_LookupNamesLevel level,
1105 [in,out] uint32 *count,
1106 [in] uint32 unknown1,
1107 [in] uint32 unknown2
1108 );
1109
1110 /* Function 0x4e */
1111 [todo] NTSTATUS lsa_LSAROPENPOLICYSCE();
1112
1113 /* Function 0x4f */
1114 [todo] NTSTATUS lsa_LSARADTREGISTERSECURITYEVENTSOURCE();
1115
1116 /* Function 0x50 */
1117 [todo] NTSTATUS lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE();
1118
1119 /* Function 0x51 */
1120 [todo] NTSTATUS lsa_LSARADTREPORTSECURITYEVENT();
1121
1122 }