osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Re-run pidl after upstream samba samr.idl changes 

Guenther

Change-Id: I5a1275299a94b6f20b9b0693bf13b78b8fe53c20
Signed-off-by: Guenther Deschner <gd@samba.org>
This commit is contained in:
Günther Deschner 2022-07-28 16:42:32 +02:00 committed by AndersBroman
parent 4ee9d4ee15
commit fa5f0a1264
5 changed files with 946 additions and 192 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

831
epan/dissectors/packet-dcerpc-samr.c
View File

File diff suppressed because it is too large Load Diff

73
epan/dissectors/packet-dcerpc-samr.h
View File

@ -8,6 +8,9 @@
found at https://gitlab.com/wireshark/wireshark/-/wikis/Pidl
*/
#include "packet-dcerpc-misc.h"
#include "packet-dcerpc-lsa.h"
#ifndef __PACKET_DCERPC_SAMR_H
#define __PACKET_DCERPC_SAMR_H
@ -21,15 +24,45 @@
#define GENERIC_RIGHTS_SAM_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_ACCESS_LOOKUP_DOMAIN|SAMR_ACCESS_CONNECT_TO_SERVER) )
#define SAMR_GROUP_ACCESS_MASK_INVALID ( 0x0000ffe0 )
#define SAMR_USER_ACCESS_ALL_ACCESS ( 0x000007FF )
#define SAMR_GROUP_ACCESS_ALL_ACCESS ( 0x000f001f )
#define GENERIC_RIGHTS_USER_ALL_ACCESS ( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_USER_ACCESS_ALL_ACCESS) )
#define SAMR_GROUP_ACCESS_ALL_READ ( 0x00020010 )
#define GENERIC_RIGHTS_USER_READ ( (STANDARD_RIGHTS_READ_ACCESS|SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP|SAMR_USER_ACCESS_GET_GROUPS|SAMR_USER_ACCESS_GET_ATTRIBUTES|SAMR_USER_ACCESS_GET_LOGONINFO|SAMR_USER_ACCESS_GET_LOCALE) )
#define SAMR_GROUP_ACCESS_ALL_WRITE ( 0x0002000e )
#define GENERIC_RIGHTS_USER_WRITE ( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_USER_ACCESS_CHANGE_PASSWORD|SAMR_USER_ACCESS_SET_LOC_COM|SAMR_USER_ACCESS_SET_ATTRIBUTES|SAMR_USER_ACCESS_SET_PASSWORD|SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP) )
#define SAMR_GROUP_ACCESS_ALL_EXECUTE ( 0x00020001 )
#define GENERIC_RIGHTS_USER_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_USER_ACCESS_CHANGE_PASSWORD|SAMR_USER_ACCESS_GET_NAME_ETC) )
#define SAMR_DOMAIN_ACCESS_ALL_ACCESS ( 0x000007FF )
#define GENERIC_RIGHTS_DOMAIN_ALL_ACCESS ( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_DOMAIN_ACCESS_ALL_ACCESS) )
#define GENERIC_RIGHTS_DOMAIN_READ ( (STANDARD_RIGHTS_READ_ACCESS|SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS|SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2) )
#define GENERIC_RIGHTS_DOMAIN_WRITE ( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_DOMAIN_ACCESS_SET_INFO_3|SAMR_DOMAIN_ACCESS_CREATE_ALIAS|SAMR_DOMAIN_ACCESS_CREATE_GROUP|SAMR_DOMAIN_ACCESS_CREATE_USER|SAMR_DOMAIN_ACCESS_SET_INFO_2|SAMR_DOMAIN_ACCESS_SET_INFO_1) )
#define GENERIC_RIGHTS_DOMAIN_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT|SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS|SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1) )
#define SAMR_GROUP_ACCESS_ALL_ACCESS ( 0x0000001F )
#define GENERIC_RIGHTS_GROUP_ALL_ACCESS ( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_GROUP_ACCESS_ALL_ACCESS) )
#define GENERIC_RIGHTS_GROUP_READ ( (STANDARD_RIGHTS_READ_ACCESS|SAMR_GROUP_ACCESS_GET_MEMBERS) )
#define GENERIC_RIGHTS_GROUP_WRITE ( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_GROUP_ACCESS_REMOVE_MEMBER|SAMR_GROUP_ACCESS_ADD_MEMBER|SAMR_GROUP_ACCESS_SET_INFO) )
#define GENERIC_RIGHTS_GROUP_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_GROUP_ACCESS_LOOKUP_INFO) )
#define SAMR_ALIAS_ACCESS_ALL_ACCESS ( 0x0000001F )
#define GENERIC_RIGHTS_ALIAS_ALL_ACCESS ( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_ALIAS_ACCESS_ALL_ACCESS) )
#define GENERIC_RIGHTS_ALIAS_READ ( (STANDARD_RIGHTS_READ_ACCESS|SAMR_ALIAS_ACCESS_GET_MEMBERS) )
#define GENERIC_RIGHTS_ALIAS_WRITE ( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_ALIAS_ACCESS_REMOVE_MEMBER|SAMR_ALIAS_ACCESS_ADD_MEMBER|SAMR_ALIAS_ACCESS_SET_INFO) )
#define GENERIC_RIGHTS_ALIAS_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_ALIAS_ACCESS_LOOKUP_INFO) )
#define SAMR_ENUM_USERS_MULTIPLIER ( 54 )
@ -50,12 +83,6 @@ int samr_dissect_struct_lsa_Strings(tvbuff_t *tvb _U_, int offset _U_, packet_in
#define SID_NAME_COMPUTER (9)
extern const value_string samr_lsa_SidType_vals[];
int samr_dissect_enum_lsa_SidType(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 *param _U_);
#define SAMR_REJECT_OTHER (0)
#define SAMR_REJECT_TOO_SHORT (1)
#define SAMR_REJECT_IN_HISTORY (2)
#define SAMR_REJECT_COMPLEXITY (5)
extern const value_string samr_samr_RejectReason_vals[];
int samr_dissect_enum_RejectReason(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 *param _U_);
int samr_dissect_bitmap_AcctFlags(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_bitmap_ConnectAccessMask(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_bitmap_UserAccessMask(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
@ -144,6 +171,8 @@ int samr_dissect_enum_AliasInfoEnum(tvbuff_t *tvb _U_, int offset _U_, packet_in
#define UserInternal5Information (24)
#define UserInternal4InformationNew (25)
#define UserInternal5InformationNew (26)
#define UserInternal7InformationNew (31)
#define UserInternal8InformationNew (32)
extern const value_string samr_samr_UserInfoLevel_vals[];
int samr_dissect_enum_UserInfoLevel(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint1632 *param _U_);
int samr_dissect_struct_UserInfo1(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
@ -174,6 +203,9 @@ int samr_dissect_struct_UserInfo24(tvbuff_t *tvb _U_, int offset _U_, packet_inf
int samr_dissect_struct_CryptPasswordEx(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_struct_UserInfo25(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_struct_UserInfo26(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_struct_EncryptedPasswordAES(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_struct_UserInfo31(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_struct_UserInfo32(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_struct_RidWithAttribute(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_struct_RidWithAttributeArray(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_struct_DispEntryGeneral(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
@ -197,7 +229,24 @@ int samr_dissect_struct_PwInfo(tvbuff_t *tvb _U_, int offset _U_, packet_info *p
#define SAMR_CONNECT_AFTER_W2K (3)
extern const value_string samr_samr_ConnectVersion_vals[];
int samr_dissect_enum_ConnectVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 *param _U_);
int samr_dissect_struct_ChangeReject(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
#define SAM_PWD_CHANGE_NO_ERROR (0)
#define SAM_PWD_CHANGE_PASSWORD_TOO_SHORT (1)
#define SAM_PWD_CHANGE_PWD_IN_HISTORY (2)
#define SAM_PWD_CHANGE_USERNAME_IN_PASSWORD (3)
#define SAM_PWD_CHANGE_FULLNAME_IN_PASSWORD (4)
#define SAM_PWD_CHANGE_NOT_COMPLEX (5)
#define SAM_PWD_CHANGE_MACHINE_NOT_DEFAULT (6)
#define SAM_PWD_CHANGE_FAILED_BY_FILTER (7)
#define SAM_PWD_CHANGE_PASSWORD_TOO_LONG (8)
extern const value_string samr_samPwdChangeReason_vals[];
int samr_dissect_enum_samPwdChangeReason(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 *param _U_);
int samr_dissect_struct_userPwdChangeFailureInformation(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
#define SAMR_CONNECT_FEATURE_RID_ONLY (0x00000001)
#define SAMR_CONNECT_FEATURE_RESRVED1 (0x00000002)
#define SAMR_CONNECT_FEATURE_RESRVED2 (0x00000004)
#define SAMR_CONNECT_FEATURE_USE_AES (0x00000010)
extern const value_string samr_samr_SupportedFeatures_vals[];
int samr_dissect_enum_SupportedFeatures(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 *param _U_);
int samr_dissect_struct_ConnectInfo1(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
int samr_dissect_bitmap_ValidateFieldsPresent(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
#define NetValidateAuthentication (1)

1
epan/dissectors/pidl/CMakeLists.txt
View File

@ -101,6 +101,7 @@ set(PIDL_DISSECTOR_rfr_EXTRA_DEPS
)
set(PIDL_DISSECTOR_samr_EXTRA_DEPS
idl_types.h
lsa/lsa.idl
)
set(PIDL_DISSECTOR_srvsvc_EXTRA_DEPS
idl_types.h

1
epan/dissectors/pidl/samr/samr.cnf
View File

@ -154,6 +154,7 @@ TYPE lsa_String "offset=dissect_ndr_lsa_String(tvb, offset, pinfo, tree, di, dre
TYPE lsa_AsciiString "offset=cnf_dissect_lsa_AsciiString(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_STRING BASE_NONE 0 NULL 5
TYPE lsa_StringLarge "offset=dissect_ndr_lsa_String(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_STRING BASE_NONE 0 NULL 5
TYPE lsa_AsciiStringLarge "offset=cnf_dissect_lsa_AsciiString(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_STRING BASE_NONE 0 NULL 5
TYPE lsa_BinaryString "offset=lsarpc_dissect_struct_lsa_BinaryString(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_STRING BASE_NONE 0 NULL 5
TYPE hyper "offset=cnf_dissect_hyper(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_UINT64 BASE_DEC 0 NULL 8

232
epan/dissectors/pidl/samr/samr.idl
View File

@ -4,6 +4,7 @@
samr interface definition
*/
/* import "misc.idl", "lsa.idl", "security.idl";*/
import "misc.idl", "lsa.idl";
/*
Thanks to Todd Sabin for some information from his samr.idl in acltools
@ -35,15 +36,6 @@
SID_NAME_COMPUTER = 9 /* machine */
} lsa_SidType;
typedef [public,v1_enum] enum {
SAMR_REJECT_OTHER = 0,
SAMR_REJECT_TOO_SHORT = 1,
SAMR_REJECT_IN_HISTORY = 2,
SAMR_REJECT_COMPLEXITY = 5
} samr_RejectReason;
/* account control (acct_flags) bits */
typedef [public,bitmap32bit] bitmap {
ACB_DISABLED = 0x00000001, /* 1 = User account disabled */
@ -64,8 +56,10 @@
ACB_USE_DES_KEY_ONLY = 0x00008000, /* 1 = Use DES key only */
ACB_DONT_REQUIRE_PREAUTH = 0x00010000, /* 1 = Preauth not required */
ACB_PW_EXPIRED = 0x00020000, /* 1 = Password Expired */
ACB_TRUST_AUTH_DELEGAT = 0x00040000, /* 1 = Trusted to authenticate for delegation */
ACB_NO_AUTH_DATA_REQD = 0x00080000 /* 1 = No authorization data required */
ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0x00040000,
ACB_NO_AUTH_DATA_REQD = 0x00080000, /* 1 = No authorization data required */
ACB_PARTIAL_SECRETS_ACCOUNT = 0x00100000,
ACB_USE_AES_KEYS = 0x00200000
} samr_AcctFlags;
/* SAM server specific access rights */
@ -116,6 +110,35 @@
SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP = 0x00000400
} samr_UserAccessMask;
const int SAMR_USER_ACCESS_ALL_ACCESS = 0x000007FF;
const int GENERIC_RIGHTS_USER_ALL_ACCESS =
(STANDARD_RIGHTS_REQUIRED_ACCESS |
SAMR_USER_ACCESS_ALL_ACCESS); /* 0x000f07ff */
const int GENERIC_RIGHTS_USER_READ =
(STANDARD_RIGHTS_READ_ACCESS |
SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP |
SAMR_USER_ACCESS_GET_GROUPS |
SAMR_USER_ACCESS_GET_ATTRIBUTES |
SAMR_USER_ACCESS_GET_LOGONINFO |
SAMR_USER_ACCESS_GET_LOCALE); /* 0x0002031a */
const int GENERIC_RIGHTS_USER_WRITE =
(STANDARD_RIGHTS_WRITE_ACCESS |
SAMR_USER_ACCESS_CHANGE_PASSWORD |
SAMR_USER_ACCESS_SET_LOC_COM |
SAMR_USER_ACCESS_SET_ATTRIBUTES |
SAMR_USER_ACCESS_SET_PASSWORD |
SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP); /* 0x000204e4 */
const int GENERIC_RIGHTS_USER_EXECUTE =
(STANDARD_RIGHTS_EXECUTE_ACCESS |
SAMR_USER_ACCESS_CHANGE_PASSWORD |
SAMR_USER_ACCESS_GET_NAME_ETC); /* 0x00020041 */
/* Domain Object specific access rights */
typedef [bitmap32bit] bitmap {
SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 = 0x00000001,
SAMR_DOMAIN_ACCESS_SET_INFO_1 = 0x00000002,
@ -130,6 +153,34 @@
SAMR_DOMAIN_ACCESS_SET_INFO_3 = 0x00000400
} samr_DomainAccessMask;
const int SAMR_DOMAIN_ACCESS_ALL_ACCESS = 0x000007FF;
const int GENERIC_RIGHTS_DOMAIN_ALL_ACCESS =
(STANDARD_RIGHTS_REQUIRED_ACCESS |
SAMR_DOMAIN_ACCESS_ALL_ACCESS);
const int GENERIC_RIGHTS_DOMAIN_READ =
(STANDARD_RIGHTS_READ_ACCESS |
SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS |
SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2);
const int GENERIC_RIGHTS_DOMAIN_WRITE =
(STANDARD_RIGHTS_WRITE_ACCESS |
SAMR_DOMAIN_ACCESS_SET_INFO_3 |
SAMR_DOMAIN_ACCESS_CREATE_ALIAS |
SAMR_DOMAIN_ACCESS_CREATE_GROUP |
SAMR_DOMAIN_ACCESS_CREATE_USER |
SAMR_DOMAIN_ACCESS_SET_INFO_2 |
SAMR_DOMAIN_ACCESS_SET_INFO_1);
const int GENERIC_RIGHTS_DOMAIN_EXECUTE =
(STANDARD_RIGHTS_EXECUTE_ACCESS |
SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1);
/* Group Object specific access rights */
typedef [bitmap32bit] bitmap {
SAMR_GROUP_ACCESS_LOOKUP_INFO = 0x00000001,
SAMR_GROUP_ACCESS_SET_INFO = 0x00000002,
@ -137,13 +188,28 @@
SAMR_GROUP_ACCESS_REMOVE_MEMBER = 0x00000008,
SAMR_GROUP_ACCESS_GET_MEMBERS = 0x00000010
} samr_GroupAccessMask;
/* these bits are invalid and return ACCESS_DENIED */
const int SAMR_GROUP_ACCESS_MASK_INVALID = 0x0000ffe0;
/* generic access */
const int SAMR_GROUP_ACCESS_ALL_ACCESS = 0x000f001f;
const int SAMR_GROUP_ACCESS_ALL_READ = 0x00020010;
const int SAMR_GROUP_ACCESS_ALL_WRITE = 0x0002000e;
const int SAMR_GROUP_ACCESS_ALL_EXECUTE = 0x00020001;
const int SAMR_GROUP_ACCESS_ALL_ACCESS = 0x0000001F;
const int GENERIC_RIGHTS_GROUP_ALL_ACCESS =
(STANDARD_RIGHTS_REQUIRED_ACCESS |
SAMR_GROUP_ACCESS_ALL_ACCESS); /* 0x000f001f */
const int GENERIC_RIGHTS_GROUP_READ =
(STANDARD_RIGHTS_READ_ACCESS |
SAMR_GROUP_ACCESS_GET_MEMBERS); /* 0x00020010 */
const int GENERIC_RIGHTS_GROUP_WRITE =
(STANDARD_RIGHTS_WRITE_ACCESS |
SAMR_GROUP_ACCESS_REMOVE_MEMBER |
SAMR_GROUP_ACCESS_ADD_MEMBER |
SAMR_GROUP_ACCESS_SET_INFO); /* 0x0002000e */
const int GENERIC_RIGHTS_GROUP_EXECUTE =
(STANDARD_RIGHTS_EXECUTE_ACCESS |
SAMR_GROUP_ACCESS_LOOKUP_INFO); /* 0x00020001 */
/* Alias Object specific access rights */
typedef [bitmap32bit] bitmap {
SAMR_ALIAS_ACCESS_ADD_MEMBER = 0x00000001,
@ -153,6 +219,26 @@
SAMR_ALIAS_ACCESS_SET_INFO = 0x00000010
} samr_AliasAccessMask;
const int SAMR_ALIAS_ACCESS_ALL_ACCESS = 0x0000001F;
const int GENERIC_RIGHTS_ALIAS_ALL_ACCESS =
(STANDARD_RIGHTS_REQUIRED_ACCESS |
SAMR_ALIAS_ACCESS_ALL_ACCESS); /* 0x000f001f */
const int GENERIC_RIGHTS_ALIAS_READ =
(STANDARD_RIGHTS_READ_ACCESS |
SAMR_ALIAS_ACCESS_GET_MEMBERS); /* 0x00020004 */
const int GENERIC_RIGHTS_ALIAS_WRITE =
(STANDARD_RIGHTS_WRITE_ACCESS |
SAMR_ALIAS_ACCESS_REMOVE_MEMBER |
SAMR_ALIAS_ACCESS_ADD_MEMBER |
SAMR_ALIAS_ACCESS_SET_INFO); /* 0x00020013 */
const int GENERIC_RIGHTS_ALIAS_EXECUTE =
(STANDARD_RIGHTS_EXECUTE_ACCESS |
SAMR_ALIAS_ACCESS_LOOKUP_INFO); /* 0x00020008 */
/******************/
/* Function: 0x00 */
NTSTATUS samr_Connect (
@ -279,7 +365,7 @@
DOMAIN_SERVER_DISABLED = 2
} samr_DomainServerState;
typedef struct {
typedef [public] struct {
uint16 min_password_length;
uint16 password_history_length;
samr_PasswordProperties password_properties;
@ -473,7 +559,7 @@
[public] NTSTATUS samr_LookupNames(
[in,ref] policy_handle *domain_handle,
[in,range(0,1000)] uint32 num_names,
[in,size_is(1000),length_is(num_names),ref] lsa_String *names,
[in,size_is(1000),length_is(num_names)] lsa_String names[],
[out,ref] samr_Ids *rids,
[out,ref] samr_Ids *types
);
@ -722,7 +808,9 @@
UserInternal4Information = 23,
UserInternal5Information = 24,
UserInternal4InformationNew = 25,
UserInternal5InformationNew = 26
UserInternal5InformationNew = 26,
UserInternal7InformationNew = 31,
UserInternal8InformationNew = 32
} samr_UserInfoLevel;
typedef struct {
@ -735,7 +823,7 @@
typedef struct {
lsa_String comment;
lsa_String unknown; /* settable, but doesn't stick. probably obsolete */
lsa_String reserved; /* settable, but doesn't stick. probably obsolete */
uint16 country_code;
uint16 code_page;
} samr_UserInfo2;
@ -851,7 +939,7 @@
} samr_UserInfo18;
typedef struct {
lsa_String parameters;
lsa_BinaryString parameters;
} samr_UserInfo20;
/* this defines the bits used for fields_present in info21 */
@ -908,10 +996,10 @@
lsa_String description;
lsa_String workstations;
lsa_String comment;
lsa_String parameters;
lsa_String lm_password;
lsa_String nt_password;
lsa_String private;
lsa_BinaryString parameters;
lsa_BinaryString lm_owf_password;
lsa_BinaryString nt_owf_password;
lsa_String private_data;
uint32 buf_count;
[size_is(buf_count)] uint8 *buffer;
uint32 rid;
@ -926,7 +1014,7 @@
uint8 lm_password_set;
uint8 nt_password_set;
uint8 password_expired;
uint8 unknown4;
uint8 private_data_sensitive;
} samr_UserInfo21;
typedef [public, flag(NDR_PAHEX)] struct {
@ -957,6 +1045,24 @@
uint8 password_expired;
} samr_UserInfo26;
typedef struct {
uint8 auth_data[64];
uint8 salt[16];
uint32 cipher_len;
[size_is(cipher_len)] uint8 *cipher;
hyper PBKDF2Iterations;
} samr_EncryptedPasswordAES;
typedef struct {
samr_EncryptedPasswordAES password;
uint8 password_expired;
} samr_UserInfo31;
typedef struct {
samr_UserInfo21 info;
samr_EncryptedPasswordAES password;
} samr_UserInfo32;
typedef [switch_type(uint16)] union {
[case(1)] samr_UserInfo1 info1;
[case(2)] samr_UserInfo2 info2;
@ -981,6 +1087,8 @@
[case(24)] samr_UserInfo24 info24;
[case(25)] samr_UserInfo25 info25;
[case(26)] samr_UserInfo26 info26;
[case(31)] samr_UserInfo31 info31;
[case(32)] samr_UserInfo32 info32;
} samr_UserInfo;
[public] NTSTATUS samr_QueryUserInfo(
@ -1375,13 +1483,24 @@
/************************/
/* Function 0x3f */
typedef struct {
samr_RejectReason reason;
uint32 unknown1;
uint32 unknown2;
} samr_ChangeReject;
typedef [public,v1_enum] enum {
SAM_PWD_CHANGE_NO_ERROR = 0,
SAM_PWD_CHANGE_PASSWORD_TOO_SHORT = 1,
SAM_PWD_CHANGE_PWD_IN_HISTORY = 2,
SAM_PWD_CHANGE_USERNAME_IN_PASSWORD = 3,
SAM_PWD_CHANGE_FULLNAME_IN_PASSWORD = 4,
SAM_PWD_CHANGE_NOT_COMPLEX = 5,
SAM_PWD_CHANGE_MACHINE_NOT_DEFAULT = 6,
SAM_PWD_CHANGE_FAILED_BY_FILTER = 7,
SAM_PWD_CHANGE_PASSWORD_TOO_LONG = 8
} samPwdChangeReason;
NTSTATUS samr_ChangePasswordUser3(
typedef struct {
samPwdChangeReason extendedFailureReason;
lsa_String filterModuleName;
} userPwdChangeFailureInformation;
[public] NTSTATUS samr_ChangePasswordUser3(
[in,unique] lsa_String *server,
[in,ref] lsa_String *account,
[in,unique] samr_CryptPassword *nt_password,
@ -1391,15 +1510,22 @@
[in,unique] samr_Password *lm_verifier,
[in,unique] samr_CryptPassword *password3,
[out,ref] samr_DomInfo1 **dominfo,
[out,ref] samr_ChangeReject **reject
[out,ref] userPwdChangeFailureInformation **reject
);
/************************/
/* Function 0x40 */
typedef [v1_enum] enum {
SAMR_CONNECT_FEATURE_RID_ONLY = 0x00000001,
SAMR_CONNECT_FEATURE_RESRVED1 = 0x00000002,
SAMR_CONNECT_FEATURE_RESRVED2 = 0x00000004,
SAMR_CONNECT_FEATURE_USE_AES = 0x00000010
} samr_SupportedFeatures;
typedef struct {
samr_ConnectVersion client_version; /* w2k3 gives 3 */
uint32 unknown2; /* w2k3 gives 0 */
samr_SupportedFeatures supported_features;
} samr_ConnectInfo1;
typedef union {
@ -1539,4 +1665,38 @@
[in,switch_is(level)] samr_ValidatePasswordReq *req,
[out,ref,switch_is(level)] samr_ValidatePasswordRep **rep
);
/************************/
/* Function 0x44 */
/************************/
[todo] void samr_Opnum68NotUsedOnWire(void);
/************************/
/* Function 0x45 */
/************************/
[todo] void samr_Opnum69NotUsedOnWire(void);
/************************/
/* Function 0x46 */
/************************/
[todo] void samr_Opnum70NotUsedOnWire(void);
/************************/
/* Function 0x47 */
/************************/
[todo] void samr_Opnum71NotUsedOnWire(void);
/************************/
/* Function 0x48 */
/************************/
[todo] void samr_Opnum72NotUsedOnWire(void);
/************************/
/* Function 0x49 */
/************************/
[public] NTSTATUS samr_ChangePasswordUser4(
[in,unique] lsa_String *server,
[in,ref] lsa_String *account,
[in,ref] samr_EncryptedPasswordAES *password
);
}