SUBAUTH.H

/*++ BUILD Version: 0005     Increment this if a change has global effects 

Copyright (c) 1990-1997 Microsoft Corporation

Module Name:

subauth.h

Abstract:

This module defines types and macros for Subauthentication Packages.

Revision History:

--*/

#ifndef _NTSUBAUTH_
#define _NTSUBAUTH_

#ifdef __cplusplus
extern "C" {
#endif

#ifndef _NTDEF_
typedef LONG NTSTATUS, *PNTSTATUS;

typedef struct _UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
} UNICODE_STRING, *PUNICODE_STRING;

typedef struct _STRING {
USHORT Length;
USHORT MaximumLength;
PCHAR Buffer;
} STRING, *PSTRING;

typedef LARGE_INTEGER OLD_LARGE_INTEGER;
typedef LARGE_INTEGER POLD_LARGE_INTEGER;

#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)

#endif

typedef PVOID SAM_HANDLE, *PSAM_HANDLE;

//
// User account control flags...
//

#define USER_ACCOUNT_DISABLED (0x00000001)
#define USER_HOME_DIRECTORY_REQUIRED (0x00000002)
#define USER_PASSWORD_NOT_REQUIRED (0x00000004)
#define USER_TEMP_DUPLICATE_ACCOUNT (0x00000008)
#define USER_NORMAL_ACCOUNT (0x00000010)
#define USER_MNS_LOGON_ACCOUNT (0x00000020)
#define USER_INTERDOMAIN_TRUST_ACCOUNT (0x00000040)
#define USER_WORKSTATION_TRUST_ACCOUNT (0x00000080)
#define USER_SERVER_TRUST_ACCOUNT (0x00000100)
#define USER_DONT_EXPIRE_PASSWORD (0x00000200)
#define USER_ACCOUNT_AUTO_LOCKED (0x00000400)


#define USER_MACHINE_ACCOUNT_MASK \
( USER_INTERDOMAIN_TRUST_ACCOUNT |\
USER_WORKSTATION_TRUST_ACCOUNT |\
USER_SERVER_TRUST_ACCOUNT)

#define USER_ACCOUNT_TYPE_MASK \
( USER_TEMP_DUPLICATE_ACCOUNT |\
USER_NORMAL_ACCOUNT |\
USER_MACHINE_ACCOUNT_MASK )


//
// Logon times may be expressed in day, hour, or minute granularity.
//
// Days per week = 7
// Hours per week = 168
// Minutes per week = 10080
//

#define SAM_DAYS_PER_WEEK (7)
#define SAM_HOURS_PER_WEEK (24 * SAM_DAYS_PER_WEEK)
#define SAM_MINUTES_PER_WEEK (60 * SAM_HOURS_PER_WEEK)

typedef struct _LOGON_HOURS {

USHORT UnitsPerWeek;

//
// UnitsPerWeek is the number of equal length time units the week is
// divided into. This value is used to compute the length of the bit
// string in logon_hours. Must be less than or equal to
// SAM_UNITS_PER_WEEK (10080) for this release.
//
// LogonHours is a bit map of valid logon times. Each bit represents
// a unique division in a week. The largest bit map supported is 1260
// bytes (10080 bits), which represents minutes per week. In this case
// the first bit (bit 0, byte 0) is Sunday, 00:00:00 - 00-00:59; bit 1,
// byte 0 is Sunday, 00:01:00 - 00:01:59, etc. A NULL pointer means
// DONT_CHANGE for SamSetInformationUser() calls.
//

PUCHAR LogonHours;

} LOGON_HOURS, *PLOGON_HOURS;

typedef struct _SR_SECURITY_DESCRIPTOR {
ULONG Length;
PUCHAR SecurityDescriptor;
} SR_SECURITY_DESCRIPTOR, *PSR_SECURITY_DESCRIPTOR;

#include "pshpack4.h"
typedef struct _USER_ALL_INFORMATION {
LARGE_INTEGER LastLogon;
LARGE_INTEGER LastLogoff;
LARGE_INTEGER PasswordLastSet;
LARGE_INTEGER AccountExpires;
LARGE_INTEGER PasswordCanChange;
LARGE_INTEGER PasswordMustChange;
UNICODE_STRING UserName;
UNICODE_STRING FullName;
UNICODE_STRING HomeDirectory;
UNICODE_STRING HomeDirectoryDrive;
UNICODE_STRING ScriptPath;
UNICODE_STRING ProfilePath;
UNICODE_STRING AdminComment;
UNICODE_STRING WorkStations;
UNICODE_STRING UserComment;
UNICODE_STRING Parameters;
UNICODE_STRING LmPassword;
UNICODE_STRING NtPassword;
UNICODE_STRING PrivateData;
SR_SECURITY_DESCRIPTOR SecurityDescriptor;
ULONG UserId;
ULONG PrimaryGroupId;
ULONG UserAccountControl;
ULONG WhichFields;
LOGON_HOURS LogonHours;
USHORT BadPasswordCount;
USHORT LogonCount;
USHORT CountryCode;
USHORT CodePage;
BOOLEAN LmPasswordPresent;
BOOLEAN NtPasswordPresent;
BOOLEAN PasswordExpired;
BOOLEAN PrivateDataSensitive;
} USER_ALL_INFORMATION, *PUSER_ALL_INFORMATION;
#include "poppack.h"
#define USER_ALL_PARAMETERS 0x00200000

#define CLEAR_BLOCK_LENGTH 8

typedef struct _CLEAR_BLOCK {
CHAR data[CLEAR_BLOCK_LENGTH];
} CLEAR_BLOCK;
typedef CLEAR_BLOCK * PCLEAR_BLOCK;

#define CYPHER_BLOCK_LENGTH 8

typedef struct _CYPHER_BLOCK {
CHAR data[CYPHER_BLOCK_LENGTH];
} CYPHER_BLOCK;
typedef CYPHER_BLOCK * PCYPHER_BLOCK;
typedef struct _LM_OWF_PASSWORD {
CYPHER_BLOCK data[2];
} LM_OWF_PASSWORD;
typedef LM_OWF_PASSWORD * PLM_OWF_PASSWORD;
typedef CLEAR_BLOCK LM_CHALLENGE;
typedef LM_CHALLENGE * PLM_CHALLENGE;
typedef LM_OWF_PASSWORD NT_OWF_PASSWORD;
typedef NT_OWF_PASSWORD * PNT_OWF_PASSWORD;
typedef LM_CHALLENGE NT_CHALLENGE;
typedef NT_CHALLENGE * PNT_CHALLENGE;
#define USER_SESSION_KEY_LENGTH (CYPHER_BLOCK_LENGTH * 2)

typedef struct _USER_SESSION_KEY {
CYPHER_BLOCK data[2];
} USER_SESSION_KEY;
typedef USER_SESSION_KEY * PUSER_SESSION_KEY;

typedef enum _NETLOGON_LOGON_INFO_CLASS {
NetlogonInteractiveInformation = 1,
NetlogonNetworkInformation,
NetlogonServiceInformation,
NetlogonGenericInformation
} NETLOGON_LOGON_INFO_CLASS;

#pragma pack(4)
typedef struct _NETLOGON_LOGON_IDENTITY_INFO {
UNICODE_STRING LogonDomainName;
ULONG ParameterControl;
OLD_LARGE_INTEGER LogonId;
UNICODE_STRING UserName;
UNICODE_STRING Workstation;
} NETLOGON_LOGON_IDENTITY_INFO,
*PNETLOGON_LOGON_IDENTITY_INFO;
#pragma pack()

#pragma pack(4)
typedef struct _NETLOGON_INTERACTIVE_INFO {
NETLOGON_LOGON_IDENTITY_INFO Identity;
LM_OWF_PASSWORD LmOwfPassword;
NT_OWF_PASSWORD NtOwfPassword;
} NETLOGON_INTERACTIVE_INFO,
*PNETLOGON_INTERACTIVE_INFO;
#pragma pack()

#pragma pack(4)
typedef struct _NETLOGON_SERVICE_INFO {
NETLOGON_LOGON_IDENTITY_INFO Identity;
LM_OWF_PASSWORD LmOwfPassword;
NT_OWF_PASSWORD NtOwfPassword;
} NETLOGON_SERVICE_INFO, *PNETLOGON_SERVICE_INFO;
#pragma pack()

#pragma pack(4)
typedef struct _NETLOGON_NETWORK_INFO {
NETLOGON_LOGON_IDENTITY_INFO Identity;
LM_CHALLENGE LmChallenge;
STRING NtChallengeResponse;
STRING LmChallengeResponse;
} NETLOGON_NETWORK_INFO, *PNETLOGON_NETWORK_INFO;
#pragma pack()

#pragma pack(4)
typedef struct _NETLOGON_GENERIC_INFO {
NETLOGON_LOGON_IDENTITY_INFO Identity;
UNICODE_STRING PackageName;
ULONG DataLength;
#ifdef MIDL_PASS
[size_is(DataLength)]
#endif
PUCHAR LogonData;
} NETLOGON_GENERIC_INFO, *PNETLOGON_GENERIC_INFO;
#pragma pack()


// Values for Flags
#define MSV1_0_PASSTHRU 0x01
#define MSV1_0_GUEST_LOGON 0x02

NTSTATUS NTAPI
Msv1_0SubAuthenticationRoutine(
IN NETLOGON_LOGON_INFO_CLASS LogonLevel,
IN PVOID LogonInformation,
IN ULONG Flags,
IN PUSER_ALL_INFORMATION UserAll,
OUT PULONG WhichFields,
OUT PULONG UserFlags,
OUT PBOOLEAN Authoritative,
OUT PLARGE_INTEGER LogoffTime,
OUT PLARGE_INTEGER KickoffTime
);

typedef struct _MSV1_0_VALIDATION_INFO {
LARGE_INTEGER LogoffTime;
LARGE_INTEGER KickoffTime;
UNICODE_STRING LogonServer;
UNICODE_STRING LogonDomainName;
USER_SESSION_KEY SessionKey;
BOOLEAN Authoritative;
ULONG UserFlags;
ULONG WhichFields;
ULONG UserId;
} MSV1_0_VALIDATION_INFO, *PMSV1_0_VALIDATION_INFO;

// values for WhichFields

#define MSV1_0_VALIDATION_LOGOFF_TIME 0x00000001
#define MSV1_0_VALIDATION_KICKOFF_TIME 0x00000002
#define MSV1_0_VALIDATION_LOGON_SERVER 0x00000004
#define MSV1_0_VALIDATION_LOGON_DOMAIN 0x00000008
#define MSV1_0_VALIDATION_SESSION_KEY 0x00000010
#define MSV1_0_VALIDATION_USER_FLAGS 0x00000020
#define MSV1_0_VALIDATION_USER_ID 0x00000040

// legal values for ActionsPerformed
#define MSV1_0_SUBAUTH_ACCOUNT_DISABLED 0x00000001
#define MSV1_0_SUBAUTH_PASSWORD 0x00000002
#define MSV1_0_SUBAUTH_WORKSTATIONS 0x00000004
#define MSV1_0_SUBAUTH_LOGON_HOURS 0x00000008
#define MSV1_0_SUBAUTH_ACCOUNT_EXPIRY 0x00000010
#define MSV1_0_SUBAUTH_PASSWORD_EXPIRY 0x00000020
#define MSV1_0_SUBAUTH_ACCOUNT_TYPE 0x00000040
#define MSV1_0_SUBAUTH_LOCKOUT 0x00000080

NTSTATUS NTAPI
Msv1_0SubAuthenticationRoutineEx(
IN NETLOGON_LOGON_INFO_CLASS LogonLevel,
IN PVOID LogonInformation,
IN ULONG Flags,
IN PUSER_ALL_INFORMATION UserAll,
IN SAM_HANDLE UserHandle,
IN OUT PMSV1_0_VALIDATION_INFO ValidationInfo,
OUT PULONG ActionsPerformed
);

NTSTATUS NTAPI
Msv1_0SubAuthenticationRoutineGeneric(
IN PVOID SubmitBuffer,
IN ULONG SubmitBufferLength,
OUT PULONG ReturnBufferLength,
OUT PVOID *ReturnBuffer
);

NTSTATUS NTAPI
Msv1_0SubAuthenticationFilter(
IN NETLOGON_LOGON_INFO_CLASS LogonLevel,
IN PVOID LogonInformation,
IN ULONG Flags,
IN PUSER_ALL_INFORMATION UserAll,
OUT PULONG WhichFields,
OUT PULONG UserFlags,
OUT PBOOLEAN Authoritative,
OUT PLARGE_INTEGER LogoffTime,
OUT PLARGE_INTEGER KickoffTime
);

#define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
#define STATUS_INVALID_INFO_CLASS ((NTSTATUS)0xC0000003L)
#define STATUS_ACCESS_VIOLATION ((NTSTATUS)0xC0000005L)
#define STATUS_NO_SUCH_USER ((NTSTATUS)0xC0000064L)
#define STATUS_WRONG_PASSWORD ((NTSTATUS)0xC000006AL)
#define STATUS_PASSWORD_RESTRICTION ((NTSTATUS)0xC000006CL)
#define STATUS_LOGON_FAILURE ((NTSTATUS)0xC000006DL)
#define STATUS_ACCOUNT_RESTRICTION ((NTSTATUS)0xC000006EL)
#define STATUS_INVALID_LOGON_HOURS ((NTSTATUS)0xC000006FL)
#define STATUS_INVALID_WORKSTATION ((NTSTATUS)0xC0000070L)
#define STATUS_PASSWORD_EXPIRED ((NTSTATUS)0xC0000071L)
#define STATUS_ACCOUNT_DISABLED ((NTSTATUS)0xC0000072L)
#define STATUS_INSUFFICIENT_RESOURCES ((NTSTATUS)0xC000009AL)
#define STATUS_ACCOUNT_EXPIRED ((NTSTATUS)0xC0000193L)
#define STATUS_PASSWORD_MUST_CHANGE ((NTSTATUS)0xC0000224L)
#define STATUS_ACCOUNT_LOCKED_OUT ((NTSTATUS)0xC0000234L)
#ifdef __cplusplus
}
#endif

#endif /* _NTSUBAUTH_ */