da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER START
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The contents of this file are subject to the terms of the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Common Development and Distribution License (the "License").
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You may not use this file except in compliance with the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * See the License for the specific language governing permissions
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and limitations under the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * When distributing Covered Code, include this CDDL HEADER in each
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * If applicable, add the following below this CDDL HEADER, with the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * fields enclosed by brackets "[]" replaced with your own identifying
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * information: Portions Copyright [yyyy] [name of copyright owner]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER END
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
eef90b8611c0908d0d8deb269e914563046e39ddGordon Ross * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Security Accounts Manager RPC (SAMR) interface definition.
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright/* Windows NT */
cb174861876aea6950a7ab4ce944aff84b1914cdjoyce mcintosh#define SAMR_OPNUM_Connect 0x00 /* SamrConnect */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_ShutdownSamServer 0x04 /* NotUsedOnWire */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_LookupIds 0x10 /* GetAliasMembership */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_SetUserInfo0 0x25 /* SetUserInfo */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_ChangeUserPassword0 0x26 /* ChangeUserPassword */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw#define SAMR_OPNUM_QueryDispInfo 0x28 /* QueryDispInfo1 */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_TestPrivateDomainFunctions 0x2a /* NotUsedOnWire */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_TestPrivateUserFunctions 0x2b /* NotUsedOnWire */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright/* Windows 2000 */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_RemoveMemberFromForeignDomain 0x2d
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_EnumDomainGroups 0x30 /* QueryDispInfo2 */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_RemoveMultipleAliasMembers 0x35
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross#define SAMR_OPNUM_ChangePasswordUser2 0x37 /* UnicodePasswd */
cb174861876aea6950a7ab4ce944aff84b1914cdjoyce mcintosh#define SAMR_OPNUM_Connect2 0x39 /* SamrConnect2 */
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross#define SAMR_OPNUM_SetUserInfo 0x3a /* SetInfoUser2 */
cb174861876aea6950a7ab4ce944aff84b1914cdjoyce mcintosh#define SAMR_OPNUM_Connect3 0x3d /* NotUsedOnWire */
cb174861876aea6950a7ab4ce944aff84b1914cdjoyce mcintosh#define SAMR_OPNUM_Connect4 0x3e /* SamrConnect4 */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_ChangeUserUnicodePassword3 0x3f
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright/* Windows XP and Windows Server 2003 */
cb174861876aea6950a7ab4ce944aff84b1914cdjoyce mcintosh#define SAMR_OPNUM_Connect5 0x40 /* SamrConnect5 */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright/* Windows Vista */
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_OPNUM_QueryLocalizableAccountsInDomain 0x44
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Sam account flags used when creating an account. These flags seem
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * to be very similar to the USER_INFO_X flags (UF_XXX) in lmaccess.h
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * but the values are different.
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * QueryUserInfo UserAllInformation WhichFields
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier#define SAMR_USER_ALL_HOMEDIRECTORYDRIVE 0x00000080
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier#define SAMR_USER_ALL_PASSWORDCANCHANGE 0x00010000
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier#define SAMR_USER_ALL_PASSWORDMUSTCHANGE 0x00020000
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier#define SAMR_USER_ALL_USERACCOUNTCONTROL 0x00100000
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier#define SAMR_USER_ALL_NTPASSWORDPRESENT 0x01000000
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier#define SAMR_USER_ALL_LMPASSWORDPRESENT 0x02000000
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier#define SAMR_USER_ALL_SECURITYDESCRIPTOR 0x10000000
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai * Alias Access Mask values for SAMR
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai * Section 2.2.1.6 of MS-SAMR
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai#define SAMR_ALIAS_ACCESS_WRITE_ACCOUNT 0x00000010
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai#define SAMR_ALIAS_ACCESS_LIST_MEMBERS 0x00000004
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai#define SAMR_ALIAS_ACCESS_REMOVE_MEMBER 0x00000002
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright#define SAMR_REVISION_3 3 /* Post Windows 2000 */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Definition for a SID. The ndl compiler does not allow a typedef of
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * a structure containing variable size members.
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * Note: cast compatible with smb_sid_t, and code depends on that.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * SAMR definition of a security_descriptor.
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * See RPC_STRING in the MS IDL.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Definition for a string. The length and allosize should be set to
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * twice the string length (i.e. strlen(str) * 2). The runtime code
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * will perform the appropriate string to a wide-char conversions,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * so str should point to a regular char * string.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Alternative varying/conformant string definition - for
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * non-null terminated strings. This definition must match
8d7e41661dc4633488e93b13363137523ce59977jose borrego * ndr_vcbuf_t.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * size_is (actually a copy of length_is) will
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * be inserted here by the marshalling library.
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * OLD_LARGE_INTEGER: a 64-bit value.
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * Blob used for the NT and LM OWF passwords.
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * The length and maxlen should be 16.
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright#define DOMAIN_PASSWORD_NO_ANON_CHANGE 0x00000002
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright#define DOMAIN_PASSWORD_NO_CLEAR_CHANGE 0x00000004
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright#define DOMAIN_PASSWORD_STORE_CLEARTEXT 0x00000010
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wrighttypedef struct samr_password_info samr_password_info_t;
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * There is some sort of logon bitmap structure in here, which I
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * think is a varying and conformant array, i.e.
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * struct samr_logon_hours {
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * DWORD size_is; (1260)
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * DWORD first_is; (zero)
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * DWORD length_is; (168)
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * BYTE bitmap[21];
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * struct samr_logon_info {
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * DWORD length;
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * SIZE_IS(length / 8)
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * struct samr_logon_hours *hours;
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * There are 10080 minutes/week => 10080/8 = 1260 (0x04EC).
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * So size_is is set as some sort of maximum.
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * There are 168 hours/week => 168/8 = 21 (0xA8). Since there are 21
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * bytes (all set to 0xFF), this is is probably the default setting.
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier#define SAMR_HOURS_MAX_SIZE (SAMR_MINS_PER_WEEK / 8)
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * SAMPR_USER_PASSWORD (in the MS Net API) or
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * struct samr_user_password (internal use) is
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * the "clear" form of struct samr_encr_passwd
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * (SAMPR_ENCRYPTED_USER_PASSWORD in MS Net).
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * It's not used by ndrgen, but is declared here
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * to help clarify the relationship between these,
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * and for the benefit of our client-side code.
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross/* SAMPR_ENCRYPTED_USER_PASSWORD */
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross#define SAMR_ENCR_PWLEN 516 /* sizeof samr_user_password */
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross/* ENCRYPTED_NT_OWF_PASSWORD */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
cb174861876aea6950a7ab4ce944aff84b1914cdjoyce mcintosh * SamrConnect.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
cb174861876aea6950a7ab4ce944aff84b1914cdjoyce mcintosh * SamrConnect2.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
cb174861876aea6950a7ab4ce944aff84b1914cdjoyce mcintosh * SamrConnect4. A new form of connect first seen with Windows 2000.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * A new field has been added to the input request. Value: 0x00000002.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
cb174861876aea6950a7ab4ce944aff84b1914cdjoyce mcintosh * SamrConnect5. A new form of connect first seen with Windows XP.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The server name is the fully qualified domain name, i.e.
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * \\server.sun.com.
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * [in] DWORD InVersion,
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * [in] [switch_is(InVersion)] samr_revision_info *InRevisionInfo
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * [out] DWORD *OutVersion
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * [out] [switch_is(*OutVersion)] *samr_revision_info *OutRevisionInfo
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * SupportedFeatures (see notes in [MS-SAMR]
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * 0x00000001 RID values returned from the server must not be
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * concatenated with the domain SID.
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * 0x00000002 Reserved
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * 0x00000004 Reserved
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wrighttypedef struct samr_revision_info1 samr_revision_info1_t;
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * This should be a union, but instead this is
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * done this way because unions are hard to
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * express in this RPC implementation.
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross /* SAMPR_REVISION_INFO_V1 */
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross INOUT DWORD unknown5_00000000; /* SupportedFeatures */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CloseHandle closes an association with the SAM. Using the same
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * structure as the LSA seems to work.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * LookupDomain: lookup up the domain SID.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * EnumLocalDomain
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This looks like a request to get the local domains supported by a
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * remote server. NT always seems to return 2 domains: the local
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * domain (hostname) and the Builtin domain.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The max_length field is set to 0x2000.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Enum_context is set to 0 in the request and set to entries_read in
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the reply. Like most of these enums, total_entries is the same as
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * entries_read.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * OpenDomain
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Open a specific domain within the SAM. From this I assume that each
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * SAM can handle multiple domains so you need to identify the one with
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * which you want to work. Working with a domain handle does appear to
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * offer the benefit that you can then use RIDs instead of full SIDs,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * which simplifies things a bit. The domain handle can be used to get
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * user and group handles.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * QueryDomainInfo
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Windows 95 Server Manager sends requests for levels 6 and 7 when
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the services menu item is selected.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright * Identical to SAMR_OPNUM_QueryDomainInfo.
eef90b8611c0908d0d8deb269e914563046e39ddGordon Ross CASE(1) struct samr_QueryAliasInfoGeneral info1;
eef90b8611c0908d0d8deb269e914563046e39ddGordon Ross CASE(3) struct samr_QueryAliasInfoComment info3;
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw /* right now we just need one entry */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * OpenUser
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * an access mask and the appropriate user rid. The output will be a
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * handle for use with the specified user.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * DeleteUser
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * QueryUserInfo
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Provides various pieces of information on a specific user (see
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * SAM_Q_QUERY_USERINFO and SAM_R_QUERY_USERINFO). The handle must
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * be a valid SAM user handle.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * QueryUserInfo (
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * IN samr_handle_t user_handle,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * IN WORD switch_value,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * OUT union switch(switch_value) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * case 1: struct QueryUserInfo1 *info1;
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * } bufptr,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * OUT DWORD status
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * typedef enum _USER_INFORMATION_CLASS {
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserGeneralInformation = 1,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserPreferencesInformation = 2,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserLogonInformation = 3,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserLogonHoursInformation = 4,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserAccountInformation = 5,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserNameInformation = 6,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserAccountNameInformation = 7,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserFullNameInformation = 8,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserPrimaryGroupInformation = 9,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserHomeInformation = 10,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserScriptInformation = 11,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserProfileInformation = 12,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserAdminCommentInformation = 13,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserWorkStationsInformation = 14,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserControlInformation = 16,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserExpiresInformation = 17,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserInternal1Information = 18,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserParametersInformation = 20,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserAllInformation = 21,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserInternal4Information = 23,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserInternal5Information = 24,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserInternal4InformationNew = 25,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * UserInternal5InformationNew = 26,
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * } USER_INFORMATION_CLASS;
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 1 = username, fullname, description and some other stuff.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 3 = large structure containing user rid, group rid, username
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and fullname.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 5 = large structure (like 3) containing user rid, group rid,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * username, fullname and description.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 6 = username and fullname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 7 = username
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 8 = fullname
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 9 = group rid
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * 16 = used after creating a new account
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Due to an ndrgen bug, a function must be provided to to patch the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * offsets used by the unmarshalling code at runtime. In order to
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * simplify things it is useful to use a naming convention that
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * indicates the switch value for each structure.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * SAMR_USER_ALL_INFORMATION
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross/* See also: fixup_samr_QueryUserInfo() */
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This structure needs to be declared, even though it can't be used in
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * samr_QueryUserInfo, in order to get the appropriate size to calculate
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the correct fixup offsets. If ndrgen did the right thing,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * QueryUserInfo_result would be one of the out parameters. However, if
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * we do it that way, the switch_value isn't known early enough to do
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the fixup calculation. So it all has to go in samr_QueryUserInfo.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Can't use this form because we need to include members explicitly.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * OUT struct QueryUserInfo_result result;
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * QueryUserGroups
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * LookupName
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * OpenGroup
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Input must be a domain handle obtained via SAMR_OPNUM_OpenDomain,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * an access mask and the appropriate group rid. The output will be a
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * handle for use with the specified group.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * QueryGroupInfo
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Input must be a group handle obtained via SAMR_OPNUM_OpenGroup,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * an access mask and the appropriate group rid. The output will
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * be a handle for use with the specified group.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * StoreGroupInfo
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This definition is mostly just a place holder in case this is useful
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * in the future. Note that it may not be correct. The information is
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * from a netmon trace captured when I added a group description. I
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * haven't implemented it because we don't have to update anything on
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the PDC. The description should almost certainly be in a separate
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * structure.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai * AddAliasMember
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai * DeleteAliasMember
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai * ListAliasMembers
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright * GetUserDomainPasswordInformation
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CreateUser
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Create a user in the domain specified by the domain handle. The
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * domain handle is obtained obtained via SAMR_OPNUM_OpenDomain.
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * DesiredAccess: 0xe00500b0.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The output will be a handle for use with the specified user and the
a0aa776e20803c84edd153d9cb584fd67163aef3Alan Wright * user's RID. I think the RID may be a unique pointer (it can be null).
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * ChangePasswordUser2 - See:
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * SamrUnicodeChangePasswordUser2 [MS-SAMR 3.1.5.10.3]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * GetDomainPwInfo
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * SetUserInfo
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * [MS-SAMR] SamrSetInformationUser2
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross/* USER_CONTROL_INFORMATION */
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * samr_SetUserInfo21, a.k.a
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * SAMR_USER_ALL_INFORMATION
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * We now know this is the same as samr_QueryUserInfo21
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * Could merge, except for the samr_vcbuf_t mess.
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * This should be samr_logon_hours_all, but apparently
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * ndrgen doesn't get that quite right, so instead, the
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * client-side code patches this up.
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * SAMPR_USER_INTERNAL4_INFORMATION
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * UserInternal4Information (23)
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * SAMPR_USER_INTERNAL5_INFORMATION
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross * UserInternal5Information (24)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The SAMR interface definition.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw ***********************************************************************
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai struct samr_DeleteAliasMember DeleteAliasMember;