4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
25 */
26
27 #ifndef _MLSVC_SAM_NDL_
28 #define _MLSVC_SAM_NDL_
29
30 /*
31 * Security Accounts Manager RPC (SAMR) interface definition.
32 */
33
34 #include "ndrtypes.ndl"
35
36 /* Windows NT */
37 #define SAMR_OPNUM_Connect 0x00 /* SamrConnect */
38 #define SAMR_OPNUM_CloseHandle 0x01
39 #define SAMR_OPNUM_SetSecObject 0x02
40 #define SAMR_OPNUM_QuerySecObject 0x03
41 #define SAMR_OPNUM_ShutdownSamServer 0x04 /* NotUsedOnWire */
42 #define SAMR_OPNUM_LookupDomain 0x05
43 #define SAMR_OPNUM_EnumLocalDomains 0x06
44 #define SAMR_OPNUM_OpenDomain 0x07
45 #define SAMR_OPNUM_QueryDomainInfo 0x08
46 #define SAMR_OPNUM_SetDomainInfo 0x09
47 #define SAMR_OPNUM_CreateDomainGroup 0x0a
48 #define SAMR_OPNUM_QueryDomainGroups 0x0b
49 #define SAMR_OPNUM_CreateDomainUser 0x0c
50 #define SAMR_OPNUM_EnumDomainUsers 0x0d
51 #define SAMR_OPNUM_CreateDomainAlias 0x0e
52 #define SAMR_OPNUM_EnumDomainAliases 0x0f
53 #define SAMR_OPNUM_LookupIds 0x10 /* GetAliasMembership */
54 #define SAMR_OPNUM_LookupNames 0x11
346 };
347
348 struct samr_logon_hours_all {
349 WORD units_per_week;
350 SIZE_IS(units_per_week / 8)
351 BYTE *hours;
352 };
353
354 /*
355 * SAMPR_USER_PASSWORD (in the MS Net API) or
356 * struct samr_user_password (internal use) is
357 * the "clear" form of struct samr_encr_passwd
358 * (SAMPR_ENCRYPTED_USER_PASSWORD in MS Net).
359 * It's not used by ndrgen, but is declared here
360 * to help clarify the relationship between these,
361 * and for the benefit of our client-side code.
362 */
363 #ifndef NDRGEN
364 #define SAMR_USER_PWLEN 256
365 struct samr_user_password {
366 smb_wchar_t Buffer[SAMR_USER_PWLEN];
367 DWORD Length;
368 };
369 #endif /* NDRGEN */
370
371 /* SAMPR_ENCRYPTED_USER_PASSWORD */
372 #define SAMR_ENCR_PWLEN 516 /* sizeof samr_user_password */
373 struct samr_encr_passwd {
374 BYTE data[SAMR_ENCR_PWLEN];
375 };
376
377 /* ENCRYPTED_NT_OWF_PASSWORD */
378 #define SAMR_PWHASH_LEN 16
379 struct samr_encr_hash {
380 BYTE data[SAMR_PWHASH_LEN];
381 };
382
383 /*
384 ***********************************************************************
385 * SamrConnect.
386 ***********************************************************************
471 OUT DWORD status;
472 };
473
474
475 /*
476 ***********************************************************************
477 * CloseHandle closes an association with the SAM. Using the same
478 * structure as the LSA seems to work.
479 ***********************************************************************
480 */
481 OPERATION(SAMR_OPNUM_CloseHandle)
482 struct samr_CloseHandle {
483 IN samr_handle_t handle;
484 OUT samr_handle_t result_handle;
485 OUT DWORD status;
486 };
487
488
489 /*
490 ***********************************************************************
491 * LookupDomain: lookup up the domain SID.
492 ***********************************************************************
493 */
494 OPERATION(SAMR_OPNUM_LookupDomain)
495 struct samr_LookupDomain {
496 IN samr_handle_t handle;
497 IN samr_string_t domain_name;
498 OUT struct samr_sid *sid;
499 OUT DWORD status;
500 };
501
502
503 /*
504 ***********************************************************************
505 * EnumLocalDomain
506 *
507 * This looks like a request to get the local domains supported by a
508 * remote server. NT always seems to return 2 domains: the local
509 * domain (hostname) and the Builtin domain.
510 *
1375
1376 OPERATION(SAMR_OPNUM_SetUserInfo)
1377 struct samr_SetUserInfo {
1378 IN samr_handle_t user_handle;
1379 IN struct samr_SetUserInfo_s info;
1380 OUT DWORD status;
1381 };
1382
1383
1384 /*
1385 ***********************************************************************
1386 * The SAMR interface definition.
1387 ***********************************************************************
1388 */
1389 INTERFACE(0)
1390 union samr_interface {
1391 CASE(SAMR_OPNUM_Connect)
1392 struct samr_Connect Connect;
1393 CASE(SAMR_OPNUM_CloseHandle)
1394 struct samr_CloseHandle CloseHandle;
1395 CASE(SAMR_OPNUM_LookupDomain)
1396 struct samr_LookupDomain LookupDomain;
1397 CASE(SAMR_OPNUM_EnumLocalDomains)
1398 struct samr_EnumLocalDomain EnumLocalDomain;
1399 CASE(SAMR_OPNUM_OpenDomain)
1400 struct samr_OpenDomain OpenDomain;
1401 CASE(SAMR_OPNUM_QueryDomainInfo)
1402 struct samr_QueryDomainInfo QueryDomainInfo;
1403 CASE(SAMR_OPNUM_QueryInfoDomain2)
1404 struct samr_QueryInfoDomain2 QueryInfoDomain2;
1405 CASE(SAMR_OPNUM_LookupNames)
1406 struct samr_LookupNames LookupNames;
1407 CASE(SAMR_OPNUM_OpenUser)
1408 struct samr_OpenUser OpenUser;
1409 CASE(SAMR_OPNUM_DeleteUser)
1410 struct samr_DeleteUser DeleteUser;
1411 CASE(SAMR_OPNUM_QueryUserInfo)
1412 struct samr_QueryUserInfo QueryUserInfo;
1413 CASE(SAMR_OPNUM_QueryUserGroups)
1414 struct samr_QueryUserGroups QueryUserGroups;
|
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2017 Nexenta Systems, Inc. All rights reserved.
25 */
26
27 #ifndef _MLSVC_SAM_NDL_
28 #define _MLSVC_SAM_NDL_
29
30 /*
31 * Security Accounts Manager RPC (SAMR) interface definition.
32 */
33
34 #include <libmlrpc/ndrtypes.ndl>
35
36 /* Windows NT */
37 #define SAMR_OPNUM_Connect 0x00 /* SamrConnect */
38 #define SAMR_OPNUM_CloseHandle 0x01
39 #define SAMR_OPNUM_SetSecObject 0x02
40 #define SAMR_OPNUM_QuerySecObject 0x03
41 #define SAMR_OPNUM_ShutdownSamServer 0x04 /* NotUsedOnWire */
42 #define SAMR_OPNUM_LookupDomain 0x05
43 #define SAMR_OPNUM_EnumLocalDomains 0x06
44 #define SAMR_OPNUM_OpenDomain 0x07
45 #define SAMR_OPNUM_QueryDomainInfo 0x08
46 #define SAMR_OPNUM_SetDomainInfo 0x09
47 #define SAMR_OPNUM_CreateDomainGroup 0x0a
48 #define SAMR_OPNUM_QueryDomainGroups 0x0b
49 #define SAMR_OPNUM_CreateDomainUser 0x0c
50 #define SAMR_OPNUM_EnumDomainUsers 0x0d
51 #define SAMR_OPNUM_CreateDomainAlias 0x0e
52 #define SAMR_OPNUM_EnumDomainAliases 0x0f
53 #define SAMR_OPNUM_LookupIds 0x10 /* GetAliasMembership */
54 #define SAMR_OPNUM_LookupNames 0x11
346 };
347
348 struct samr_logon_hours_all {
349 WORD units_per_week;
350 SIZE_IS(units_per_week / 8)
351 BYTE *hours;
352 };
353
354 /*
355 * SAMPR_USER_PASSWORD (in the MS Net API) or
356 * struct samr_user_password (internal use) is
357 * the "clear" form of struct samr_encr_passwd
358 * (SAMPR_ENCRYPTED_USER_PASSWORD in MS Net).
359 * It's not used by ndrgen, but is declared here
360 * to help clarify the relationship between these,
361 * and for the benefit of our client-side code.
362 */
363 #ifndef NDRGEN
364 #define SAMR_USER_PWLEN 256
365 struct samr_user_password {
366 ndr_wchar_t Buffer[SAMR_USER_PWLEN];
367 DWORD Length;
368 };
369 #endif /* NDRGEN */
370
371 /* SAMPR_ENCRYPTED_USER_PASSWORD */
372 #define SAMR_ENCR_PWLEN 516 /* sizeof samr_user_password */
373 struct samr_encr_passwd {
374 BYTE data[SAMR_ENCR_PWLEN];
375 };
376
377 /* ENCRYPTED_NT_OWF_PASSWORD */
378 #define SAMR_PWHASH_LEN 16
379 struct samr_encr_hash {
380 BYTE data[SAMR_PWHASH_LEN];
381 };
382
383 /*
384 ***********************************************************************
385 * SamrConnect.
386 ***********************************************************************
471 OUT DWORD status;
472 };
473
474
475 /*
476 ***********************************************************************
477 * CloseHandle closes an association with the SAM. Using the same
478 * structure as the LSA seems to work.
479 ***********************************************************************
480 */
481 OPERATION(SAMR_OPNUM_CloseHandle)
482 struct samr_CloseHandle {
483 IN samr_handle_t handle;
484 OUT samr_handle_t result_handle;
485 OUT DWORD status;
486 };
487
488
489 /*
490 ***********************************************************************
491 * QuerySecObject
492 *
493 * Returns the SecurityDescriptor of the object. Support not complete.
494 *
495 * QuerySecObject (
496 * IN samr_handle_t obj_handle,
497 * IN SECURITY_INFO secinfo,
498 * OUT samr_sd_t *sd,
499 * OUT DWORD status
500 * )
501 *
502 ***********************************************************************
503 */
504
505 typedef DWORD SECURITY_INFO;
506
507 OPERATION(SAMR_OPNUM_QuerySecObject)
508 struct samr_QuerySecObject {
509 IN samr_handle_t obj_handle;
510 IN SECURITY_INFO secinfo;
511 OUT samr_sd_t *sd;
512 OUT DWORD status;
513 };
514
515
516 /*
517 ***********************************************************************
518 * LookupDomain: lookup up the domain SID.
519 ***********************************************************************
520 */
521 OPERATION(SAMR_OPNUM_LookupDomain)
522 struct samr_LookupDomain {
523 IN samr_handle_t handle;
524 IN samr_string_t domain_name;
525 OUT struct samr_sid *sid;
526 OUT DWORD status;
527 };
528
529
530 /*
531 ***********************************************************************
532 * EnumLocalDomain
533 *
534 * This looks like a request to get the local domains supported by a
535 * remote server. NT always seems to return 2 domains: the local
536 * domain (hostname) and the Builtin domain.
537 *
1402
1403 OPERATION(SAMR_OPNUM_SetUserInfo)
1404 struct samr_SetUserInfo {
1405 IN samr_handle_t user_handle;
1406 IN struct samr_SetUserInfo_s info;
1407 OUT DWORD status;
1408 };
1409
1410
1411 /*
1412 ***********************************************************************
1413 * The SAMR interface definition.
1414 ***********************************************************************
1415 */
1416 INTERFACE(0)
1417 union samr_interface {
1418 CASE(SAMR_OPNUM_Connect)
1419 struct samr_Connect Connect;
1420 CASE(SAMR_OPNUM_CloseHandle)
1421 struct samr_CloseHandle CloseHandle;
1422 CASE(SAMR_OPNUM_QuerySecObject)
1423 struct samr_QuerySecObject QuerySecObject;
1424 CASE(SAMR_OPNUM_LookupDomain)
1425 struct samr_LookupDomain LookupDomain;
1426 CASE(SAMR_OPNUM_EnumLocalDomains)
1427 struct samr_EnumLocalDomain EnumLocalDomain;
1428 CASE(SAMR_OPNUM_OpenDomain)
1429 struct samr_OpenDomain OpenDomain;
1430 CASE(SAMR_OPNUM_QueryDomainInfo)
1431 struct samr_QueryDomainInfo QueryDomainInfo;
1432 CASE(SAMR_OPNUM_QueryInfoDomain2)
1433 struct samr_QueryInfoDomain2 QueryInfoDomain2;
1434 CASE(SAMR_OPNUM_LookupNames)
1435 struct samr_LookupNames LookupNames;
1436 CASE(SAMR_OPNUM_OpenUser)
1437 struct samr_OpenUser OpenUser;
1438 CASE(SAMR_OPNUM_DeleteUser)
1439 struct samr_DeleteUser DeleteUser;
1440 CASE(SAMR_OPNUM_QueryUserInfo)
1441 struct samr_QueryUserInfo QueryUserInfo;
1442 CASE(SAMR_OPNUM_QueryUserGroups)
1443 struct samr_QueryUserGroups QueryUserGroups;
|