Documentation
¶
Index ¶
- Variables
- func LsarpcServerHandle(ctx context.Context, o LsarpcServer, opNum int, r ndr.Reader) (dcerpc.Operation, error)
- func NewLsarpcServerHandle(o LsarpcServer) dcerpc.ServerHandle
- func RegisterLsarpcServer(conn dcerpc.Conn, o LsarpcServer, opts ...dcerpc.Option)
- type ACL
- type AccountEnumBuffer
- type AccountInformation
- type AddAccountRightsRequest
- type AddAccountRightsResponse
- type AddPrivilegesToAccountRequest
- type AddPrivilegesToAccountResponse
- type AuthInformation
- type CRCipherValue
- type CloseRequest
- type CloseResponse
- type CreateAccountRequest
- type CreateAccountResponse
- type CreateSecretRequest
- type CreateSecretResponse
- type CreateTrustedDomainEx2Request
- type CreateTrustedDomainEx2Response
- type CreateTrustedDomainExRequest
- type CreateTrustedDomainExResponse
- type CreateTrustedDomainRequest
- type CreateTrustedDomainResponse
- type DeleteObjectRequest
- type DeleteObjectResponse
- type DeleteTrustedDomainRequest
- type DeleteTrustedDomainResponse
- type EnumerateAccountRightsRequest
- type EnumerateAccountRightsResponse
- type EnumerateAccountsRequest
- type EnumerateAccountsResponse
- type EnumerateAccountsWithUserRightRequest
- type EnumerateAccountsWithUserRightResponse
- type EnumeratePrivilegesAccountRequest
- type EnumeratePrivilegesAccountResponse
- type EnumeratePrivilegesRequest
- type EnumeratePrivilegesResponse
- type EnumerateTrustedDomainsExRequest
- type EnumerateTrustedDomainsExResponse
- type EnumerateTrustedDomainsRequest
- type EnumerateTrustedDomainsResponse
- type ForestTrustBinaryData
- type ForestTrustCollisionInformation
- type ForestTrustCollisionRecord
- type ForestTrustCollisionRecordType
- type ForestTrustData_Data
- type ForestTrustData_DomainInfo
- type ForestTrustData_TopLevelName
- type ForestTrustDomainInfo
- type ForestTrustInformation
- type ForestTrustRecord
- type ForestTrustRecordType
- type ForestTrustRecord_ForestTrustData
- func (o *ForestTrustRecord_ForestTrustData) GetValue() any
- func (o *ForestTrustRecord_ForestTrustData) MarshalUnionNDR(ctx context.Context, w ndr.Writer, sw uint16) error
- func (o *ForestTrustRecord_ForestTrustData) NDRSwitchValue(sw uint16) uint16
- func (o *ForestTrustRecord_ForestTrustData) UnmarshalUnionNDR(ctx context.Context, w ndr.Reader, sw uint16) error
- type GetSystemAccessAccountRequest
- type GetSystemAccessAccountResponse
- type Handle
- type LUIDAndAttributes
- type LookupPrivilegeDisplayNameRequest
- type LookupPrivilegeDisplayNameResponse
- type LookupPrivilegeNameRequest
- type LookupPrivilegeNameResponse
- type LookupPrivilegeValueRequest
- type LookupPrivilegeValueResponse
- type LsarpcClient
- type LsarpcServer
- type ObjectAttributes
- type OpenAccountRequest
- type OpenAccountResponse
- type OpenPolicy2Request
- type OpenPolicy2Response
- type OpenPolicyRequest
- type OpenPolicyResponse
- type OpenSecretRequest
- type OpenSecretResponse
- type OpenTrustedDomainByNameRequest
- type OpenTrustedDomainByNameResponse
- type OpenTrustedDomainRequest
- type OpenTrustedDomainResponse
- type PolicyAccountDomInfo
- type PolicyAuditEventType
- type PolicyAuditEventsInfo
- type PolicyAuditFullQueryInfo
- type PolicyAuditFullSetInfo
- type PolicyAuditLogInfo
- type PolicyDNSDomainInfo
- type PolicyDomainEFSInfo
- type PolicyDomainInformation
- func (o *PolicyDomainInformation) GetValue() any
- func (o *PolicyDomainInformation) MarshalUnionNDR(ctx context.Context, w ndr.Writer, sw uint16) error
- func (o *PolicyDomainInformation) NDRSwitchValue(sw uint16) uint16
- func (o *PolicyDomainInformation) UnmarshalUnionNDR(ctx context.Context, w ndr.Reader, sw uint16) error
- type PolicyDomainInformationClass
- type PolicyDomainInformation_PolicyDomainEFSInfo
- type PolicyDomainInformation_PolicyDomainKerberosTicketInfo
- type PolicyDomainInformation_PolicyDomainQualityOfServiceInfo
- type PolicyDomainKerberosTicketInfo
- type PolicyDomainQualityOfServiceInfo
- type PolicyInformation
- type PolicyInformationClass
- type PolicyInformation_PolicyAccountDomainInfo
- type PolicyInformation_PolicyAuditEventsInfo
- type PolicyInformation_PolicyAuditFullQueryInfo
- type PolicyInformation_PolicyAuditFullSetInfo
- type PolicyInformation_PolicyAuditLogInfo
- type PolicyInformation_PolicyDNSDomainInfo
- type PolicyInformation_PolicyDNSDomainInfoInt
- type PolicyInformation_PolicyLocalAccountDomainInfo
- type PolicyInformation_PolicyMachineAccountInfo
- type PolicyInformation_PolicyModificationInfo
- type PolicyInformation_PolicyPDAccountInfo
- type PolicyInformation_PolicyPrimaryDomainInfo
- type PolicyInformation_PolicyReplicaSourceInfo
- type PolicyInformation_PolicyServerRoleInfo
- type PolicyLSAServerRole
- type PolicyLSAServerRoleInfo
- type PolicyMachineAccountInfo
- type PolicyModificationInfo
- type PolicyPDAccountInfo
- type PolicyPrimaryDomInfo
- type PolicyPrivilegeDefinition
- type PolicyReplicaSourceInfo
- type PrivilegeEnumBuffer
- type PrivilegeSet
- type QueryDomainInformationPolicyRequest
- type QueryDomainInformationPolicyResponse
- type QueryForestTrustInformationRequest
- type QueryForestTrustInformationResponse
- type QueryInfoTrustedDomainRequest
- type QueryInfoTrustedDomainResponse
- type QueryInformationPolicy2Request
- type QueryInformationPolicy2Response
- type QueryInformationPolicyRequest
- type QueryInformationPolicyResponse
- type QuerySecretRequest
- type QuerySecretResponse
- type QuerySecurityObjectRequest
- type QuerySecurityObjectResponse
- type QueryTrustedDomainInfoByNameRequest
- type QueryTrustedDomainInfoByNameResponse
- type QueryTrustedDomainInfoRequest
- type QueryTrustedDomainInfoResponse
- type RemoveAccountRightsRequest
- type RemoveAccountRightsResponse
- type RemovePrivilegesFromAccountRequest
- type RemovePrivilegesFromAccountResponse
- type RetrievePrivateDataRequest
- type RetrievePrivateDataResponse
- type SecurityDescriptor
- type SecurityImpersonationLevel
- type SecurityQualityOfService
- type SetDomainInformationPolicyRequest
- type SetDomainInformationPolicyResponse
- type SetForestTrustInformationRequest
- type SetForestTrustInformationResponse
- type SetInformationPolicy2Request
- type SetInformationPolicy2Response
- type SetInformationPolicyRequest
- type SetInformationPolicyResponse
- type SetInformationTrustedDomainRequest
- type SetInformationTrustedDomainResponse
- type SetSecretRequest
- type SetSecretResponse
- type SetSecurityObjectRequest
- type SetSecurityObjectResponse
- type SetSystemAccessAccountRequest
- type SetSystemAccessAccountResponse
- type SetTrustedDomainInfoByNameRequest
- type SetTrustedDomainInfoByNameResponse
- type SetTrustedDomainInfoRequest
- type SetTrustedDomainInfoResponse
- type SrSecurityDescriptor
- type StorePrivateDataRequest
- type StorePrivateDataResponse
- type String
- type TrustInformation
- type TrustedControllersInfo
- type TrustedDomainAuthBlob
- type TrustedDomainAuthInformation
- type TrustedDomainAuthInformationInternal
- type TrustedDomainFullInformation
- type TrustedDomainFullInformation2
- type TrustedDomainFullInformationInternal
- type TrustedDomainInfo
- type TrustedDomainInfo_Basic
- type TrustedDomainInfo_Ex
- type TrustedDomainInfo_Ex2
- type TrustedDomainInfo_TrustedAuthInfo
- type TrustedDomainInfo_TrustedAuthInfoInternal
- type TrustedDomainInfo_TrustedControllersInfo
- type TrustedDomainInfo_TrustedDomainNameInfo
- type TrustedDomainInfo_TrustedDomainSETs
- type TrustedDomainInfo_TrustedFullInfo
- type TrustedDomainInfo_TrustedFullInfo2
- type TrustedDomainInfo_TrustedFullInfoInternal
- type TrustedDomainInfo_TrustedPOSIXOffsetInfo
- type TrustedDomainInfo_TrustedPasswordInfo
- type TrustedDomainInformationBasic
- type TrustedDomainInformationEx
- type TrustedDomainInformationEx2
- type TrustedDomainNameInfo
- type TrustedDomainSupportedEncryptionTypes
- type TrustedEnumBuffer
- type TrustedEnumBufferEx
- type TrustedInformationClass
- type TrustedPOSIXOffsetInfo
- type TrustedPasswordInfo
- type UnicodeString
- type UserRightSet
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // Syntax UUID LsarpcSyntaxUUID = &uuid.UUID{TimeLow: 0x12345778, TimeMid: 0x1234, TimeHiAndVersion: 0xabcd, ClockSeqHiAndReserved: 0xef, ClockSeqLow: 0x0, Node: [6]uint8{0x1, 0x23, 0x45, 0x67, 0x89, 0xab}} // Syntax ID LsarpcSyntaxV0_0 = &dcerpc.SyntaxID{IfUUID: LsarpcSyntaxUUID, IfVersionMajor: 0, IfVersionMinor: 0} )
View Source
var (
// import guard
GoPackage = "lsad"
)
Functions ¶
func LsarpcServerHandle ¶
func NewLsarpcServerHandle ¶
func NewLsarpcServerHandle(o LsarpcServer) dcerpc.ServerHandle
func RegisterLsarpcServer ¶
func RegisterLsarpcServer(conn dcerpc.Conn, o LsarpcServer, opts ...dcerpc.Option)
Types ¶
type ACL ¶
type ACL struct {
// AclRevision: The revision level of the LSAPR_ACL structure. This field MUST be ignored.
// The content is unspecified, and no requirements are placed on its value because it
// is never used.
ACLRevision uint8 `idl:"name:AclRevision" json:"acl_revision"`
// Sbz1: This field is used for alignment. This field MUST be ignored. The content
// is unspecified, and no requirements are placed on its value because it is never used.
SBZ1 uint8 `idl:"name:Sbz1" json:"sbz1"`
// AclSize: The size of this structure in bytes, including the size of the variable
// sized Dummy1 field.
ACLSize uint16 `idl:"name:AclSize" json:"acl_size"`
// contains filtered or unexported fields
}
ACL structure represents LSAPR_ACL RPC structure.
The LSAPR_ACL structure defines the header of an access control list (ACL) that specifies a list of security protections applied to an object.
This structure has no effect on message processing in any environment.
func (*ACL) NDRSizeInfo ¶
type AccountEnumBuffer ¶
type AccountEnumBuffer struct {
// EntriesRead: This field contains the number of security principals.
EntriesRead uint32 `idl:"name:EntriesRead" json:"entries_read"`
// Information: This field contains a set of structures that define the security principal
// SID, as specified in section 2.2.5.1. If the EntriesRead field has a value other
// than 0, this field MUST NOT be NULL.
Information []*AccountInformation `idl:"name:Information;size_is:(EntriesRead)" json:"information"`
}
AccountEnumBuffer structure represents LSAPR_ACCOUNT_ENUM_BUFFER RPC structure.
The LSAPR_ACCOUNT_ENUM_BUFFER structure specifies a collection of security principal SIDs represented in an array of structures of type LSAPR_ACCOUNT_INFORMATION.
func (*AccountEnumBuffer) MarshalNDR ¶
func (*AccountEnumBuffer) UnmarshalNDR ¶
type AccountInformation ¶
type AccountInformation struct {
// Sid: This field contains the SID of the security principal. This field MUST NOT
// be NULL.
SID *dtyp.SID `idl:"name:Sid" json:"sid"`
}
AccountInformation structure represents LSAPR_ACCOUNT_INFORMATION RPC structure.
The LSAPR_ACCOUNT_INFORMATION structure specifies a security principal security identifier (SID).
func (*AccountInformation) MarshalNDR ¶
func (*AccountInformation) UnmarshalNDR ¶
type AddAccountRightsRequest ¶
type AddAccountRightsRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// AccountSid: A security identifier of an account to add the rights to.
AccountSID *dtyp.SID `idl:"name:AccountSid" json:"account_sid"`
// UserRights: A set of right names to add to the account.
UserRights *UserRightSet `idl:"name:UserRights" json:"user_rights"`
}
AddAccountRightsRequest structure represents the LsarAddAccountRights operation request
func (*AddAccountRightsRequest) MarshalNDR ¶
func (*AddAccountRightsRequest) UnmarshalNDR ¶
type AddAccountRightsResponse ¶
type AddAccountRightsResponse struct {
// Return: The LsarAddAccountRights return value.
Return int32 `idl:"name:Return" json:"return"`
}
AddAccountRightsResponse structure represents the LsarAddAccountRights operation response
func (*AddAccountRightsResponse) MarshalNDR ¶
func (*AddAccountRightsResponse) UnmarshalNDR ¶
type AddPrivilegesToAccountRequest ¶
type AddPrivilegesToAccountRequest struct {
// AccountHandle: An open account object handle obtained from either LsarCreateAccount
// (section 3.1.4.5.1) or LsarOpenAccount (section 3.1.4.5.3).
Account *Handle `idl:"name:AccountHandle" json:"account"`
// Privileges: Contains a list of privileges to add to the account.
Privileges *PrivilegeSet `idl:"name:Privileges" json:"privileges"`
}
AddPrivilegesToAccountRequest structure represents the LsarAddPrivilegesToAccount operation request
func (*AddPrivilegesToAccountRequest) MarshalNDR ¶
func (*AddPrivilegesToAccountRequest) UnmarshalNDR ¶
type AddPrivilegesToAccountResponse ¶
type AddPrivilegesToAccountResponse struct {
// Return: The LsarAddPrivilegesToAccount return value.
Return int32 `idl:"name:Return" json:"return"`
}
AddPrivilegesToAccountResponse structure represents the LsarAddPrivilegesToAccount operation response
func (*AddPrivilegesToAccountResponse) MarshalNDR ¶
func (*AddPrivilegesToAccountResponse) UnmarshalNDR ¶
type AuthInformation ¶
type AuthInformation struct {
// LastUpdateTime: The date and time when this authentication information was last
// updated. It is a 64-bit value that represents the number of 100-nanosecond intervals
// since January 1, 1601, UTC.
LastUpdateTime *dtyp.LargeInteger `idl:"name:LastUpdateTime" json:"last_update_time"`
// AuthType: A type for the AuthInfo, as specified in the following table.
//
// +------------+----------------------------------------------------------------------------------+
// | | |
// | VALUE | MEANING |
// | | |
// +------------+----------------------------------------------------------------------------------+
// +------------+----------------------------------------------------------------------------------+
// | 0x00000000 | This type MUST be ignored. |
// +------------+----------------------------------------------------------------------------------+
// | 0x00000001 | Derived RC4HMAC key. For more information, see [RFC4757]. |
// +------------+----------------------------------------------------------------------------------+
// | 0x00000002 | A plaintext password. Indicates that the information stored in the attribute |
// | | is a Unicode plaintext password. If this AuthType is present, Kerberos can then |
// | | use this password to derive additional key types that are needed to encrypt and |
// | | decrypt cross-realm TGTs. |
// +------------+----------------------------------------------------------------------------------+
// | 0x00000003 | A plaintext password version number that is a single, unsigned long integer |
// | | consisting of 32 bits. |
// +------------+----------------------------------------------------------------------------------+
AuthType uint32 `idl:"name:AuthType" json:"auth_type"`
// AuthInfoLength: The count of bytes in AuthInfo buffer.<36>
AuthInfoLength uint32 `idl:"name:AuthInfoLength" json:"auth_info_length"`
// AuthInfo: Authentication data that depends on the AuthType.
//
// The self-relative form of the LSAPR_AUTH_INFORMATION structure is used in LSAPR_TRUSTED_DOMAIN_AUTH_BLOB;
// in that case, the structure memory layout looks like the following.
//
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 1 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 2 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 3 | 1 |
// | | | | | | | | | | | 0 | | | | | | | | | | 0 | | | | | | | | | | 0 | |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | LastUpdateTime |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | AuthType |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | AuthInfoLength |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | AuthInfo [1 ... AuthInfoLength] |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
AuthInfo []byte `idl:"name:AuthInfo;size_is:(AuthInfoLength)" json:"auth_info"`
}
AuthInformation structure represents LSAPR_AUTH_INFORMATION RPC structure.
The LSAPR_AUTH_INFORMATION structure communicates information about authentication between trusted domains. Domain trust authentication is specified in [MS-ADTS] section 6.1.6.9.1.
func (*AuthInformation) MarshalNDR ¶
func (*AuthInformation) UnmarshalNDR ¶
type CRCipherValue ¶
type CRCipherValue struct {
// Length: This field contains the number of valid bytes in the Buffer field.<27>
Length uint32 `idl:"name:Length" json:"length"`
// MaximumLength: This field contains the number of allocated bytes in the Buffer field.<28>
MaximumLength uint32 `idl:"name:MaximumLength" json:"maximum_length"`
// Buffer: This field contains the actual secret data. If the value of the MaximumLength
// field is greater than 0, this field MUST contain a non-NULL value. This field is
// always encrypted using algorithms as specified in section 5.1.2.
Buffer []byte `idl:"name:Buffer;size_is:(MaximumLength);length_is:(Length)" json:"buffer"`
}
CRCipherValue structure represents LSAPR_CR_CIPHER_VALUE RPC structure.
The LSAPR_CR_CIPHER_VALUE structure is a counted buffer of bytes containing a secret object.
func (*CRCipherValue) MarshalNDR ¶
func (*CRCipherValue) UnmarshalNDR ¶
type CloseRequest ¶
type CloseRequest struct {
// ObjectHandle: The context handle to be freed. On response, it MUST be set to 0.
Object *Handle `idl:"name:ObjectHandle" json:"object"`
}
CloseRequest structure represents the LsarClose operation request
func (*CloseRequest) MarshalNDR ¶
func (*CloseRequest) UnmarshalNDR ¶
type CloseResponse ¶
type CloseResponse struct {
// ObjectHandle: The context handle to be freed. On response, it MUST be set to 0.
Object *Handle `idl:"name:ObjectHandle" json:"object"`
// Return: The LsarClose return value.
Return int32 `idl:"name:Return" json:"return"`
}
CloseResponse structure represents the LsarClose operation response
func (*CloseResponse) MarshalNDR ¶
func (*CloseResponse) UnmarshalNDR ¶
type CreateAccountRequest ¶
type CreateAccountRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// AccountSid: The security identifier (SID) of the account to be created.
AccountSID *dtyp.SID `idl:"name:AccountSid" json:"account_sid"`
// DesiredAccess: A bitmask specifying accesses to be granted to the newly created and
// opened account at this time.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
CreateAccountRequest structure represents the LsarCreateAccount operation request
func (*CreateAccountRequest) MarshalNDR ¶
func (*CreateAccountRequest) UnmarshalNDR ¶
type CreateAccountResponse ¶
type CreateAccountResponse struct {
// AccountHandle: Used to return a handle to the newly created account object.
Account *Handle `idl:"name:AccountHandle" json:"account"`
// Return: The LsarCreateAccount return value.
Return int32 `idl:"name:Return" json:"return"`
}
CreateAccountResponse structure represents the LsarCreateAccount operation response
func (*CreateAccountResponse) MarshalNDR ¶
func (*CreateAccountResponse) UnmarshalNDR ¶
type CreateSecretRequest ¶
type CreateSecretRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// SecretName: The name of the secret object to be created.
SecretName *dtyp.UnicodeString `idl:"name:SecretName" json:"secret_name"`
// DesiredAccess: A bitmask that specifies accesses to be granted to the newly created
// and opened secret object at this time.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
CreateSecretRequest structure represents the LsarCreateSecret operation request
func (*CreateSecretRequest) MarshalNDR ¶
func (*CreateSecretRequest) UnmarshalNDR ¶
type CreateSecretResponse ¶
type CreateSecretResponse struct {
// SecretHandle: Used to return a handle to the newly created secret object.
Secret *Handle `idl:"name:SecretHandle" json:"secret"`
// Return: The LsarCreateSecret return value.
Return int32 `idl:"name:Return" json:"return"`
}
CreateSecretResponse structure represents the LsarCreateSecret operation response
func (*CreateSecretResponse) MarshalNDR ¶
func (*CreateSecretResponse) UnmarshalNDR ¶
type CreateTrustedDomainEx2Request ¶
type CreateTrustedDomainEx2Request struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainInformation: Information about the new TDO to be created.
TrustedDomainInformation *TrustedDomainInformationEx `idl:"name:TrustedDomainInformation" json:"trusted_domain_information"`
// AuthenticationInformation: Encrypted authentication information for the new TDO.
AuthenticationInformation *TrustedDomainAuthInformationInternal `idl:"name:AuthenticationInformation" json:"authentication_information"`
// DesiredAccess: An access mask specifying desired access to the TDO handle.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
CreateTrustedDomainEx2Request structure represents the LsarCreateTrustedDomainEx2 operation request
func (*CreateTrustedDomainEx2Request) MarshalNDR ¶
func (*CreateTrustedDomainEx2Request) UnmarshalNDR ¶
type CreateTrustedDomainEx2Response ¶
type CreateTrustedDomainEx2Response struct {
// TrustedDomainHandle: Used to return the handle for the newly created TDO.
TrustedDomain *Handle `idl:"name:TrustedDomainHandle" json:"trusted_domain"`
// Return: The LsarCreateTrustedDomainEx2 return value.
Return int32 `idl:"name:Return" json:"return"`
}
CreateTrustedDomainEx2Response structure represents the LsarCreateTrustedDomainEx2 operation response
func (*CreateTrustedDomainEx2Response) MarshalNDR ¶
func (*CreateTrustedDomainEx2Response) UnmarshalNDR ¶
type CreateTrustedDomainExRequest ¶
type CreateTrustedDomainExRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainInformation: Information about the new TDO to be created.
TrustedDomainInformation *TrustedDomainInformationEx `idl:"name:TrustedDomainInformation" json:"trusted_domain_information"`
// AuthenticationInformation: Encrypted authentication information for the new TDO.
AuthenticationInformation *TrustedDomainAuthInformation `idl:"name:AuthenticationInformation" json:"authentication_information"`
// DesiredAccess: An access mask that specifies desired access to the TDO handle.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
CreateTrustedDomainExRequest structure represents the LsarCreateTrustedDomainEx operation request
func (*CreateTrustedDomainExRequest) MarshalNDR ¶
func (*CreateTrustedDomainExRequest) UnmarshalNDR ¶
type CreateTrustedDomainExResponse ¶
type CreateTrustedDomainExResponse struct {
// TrustedDomainHandle: Used to return the handle for the newly created TDO.
TrustedDomain *Handle `idl:"name:TrustedDomainHandle" json:"trusted_domain"`
// Return: The LsarCreateTrustedDomainEx return value.
Return int32 `idl:"name:Return" json:"return"`
}
CreateTrustedDomainExResponse structure represents the LsarCreateTrustedDomainEx operation response
func (*CreateTrustedDomainExResponse) MarshalNDR ¶
func (*CreateTrustedDomainExResponse) UnmarshalNDR ¶
type CreateTrustedDomainRequest ¶
type CreateTrustedDomainRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainInformation: Information about the new trusted domain object (TDO) to
// be created.
TrustedDomainInformation *TrustInformation `idl:"name:TrustedDomainInformation" json:"trusted_domain_information"`
// DesiredAccess: An access mask that specifies the desired access to the TDO handle.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
CreateTrustedDomainRequest structure represents the LsarCreateTrustedDomain operation request
func (*CreateTrustedDomainRequest) MarshalNDR ¶
func (*CreateTrustedDomainRequest) UnmarshalNDR ¶
type CreateTrustedDomainResponse ¶
type CreateTrustedDomainResponse struct {
// TrustedDomainHandle: Used to return the handle for the newly created TDO.
TrustedDomain *Handle `idl:"name:TrustedDomainHandle" json:"trusted_domain"`
// Return: The LsarCreateTrustedDomain return value.
Return int32 `idl:"name:Return" json:"return"`
}
CreateTrustedDomainResponse structure represents the LsarCreateTrustedDomain operation response
func (*CreateTrustedDomainResponse) MarshalNDR ¶
func (*CreateTrustedDomainResponse) UnmarshalNDR ¶
type DeleteObjectRequest ¶
type DeleteObjectRequest struct {
// ObjectHandle: A handle to an open object of the correct type to be deleted. After
// successful completion of the call, the handle value cannot be reused.
Object *Handle `idl:"name:ObjectHandle" json:"object"`
}
DeleteObjectRequest structure represents the LsarDeleteObject operation request
func (*DeleteObjectRequest) MarshalNDR ¶
func (*DeleteObjectRequest) UnmarshalNDR ¶
type DeleteObjectResponse ¶
type DeleteObjectResponse struct {
// ObjectHandle: A handle to an open object of the correct type to be deleted. After
// successful completion of the call, the handle value cannot be reused.
Object *Handle `idl:"name:ObjectHandle" json:"object"`
// Return: The LsarDeleteObject return value.
Return int32 `idl:"name:Return" json:"return"`
}
DeleteObjectResponse structure represents the LsarDeleteObject operation response
func (*DeleteObjectResponse) MarshalNDR ¶
func (*DeleteObjectResponse) UnmarshalNDR ¶
type DeleteTrustedDomainRequest ¶
type DeleteTrustedDomainRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainSid: A security descriptor of the TDO to be deleted.
TrustedDomainSID *dtyp.SID `idl:"name:TrustedDomainSid" json:"trusted_domain_sid"`
}
DeleteTrustedDomainRequest structure represents the LsarDeleteTrustedDomain operation request
func (*DeleteTrustedDomainRequest) MarshalNDR ¶
func (*DeleteTrustedDomainRequest) UnmarshalNDR ¶
type DeleteTrustedDomainResponse ¶
type DeleteTrustedDomainResponse struct {
// Return: The LsarDeleteTrustedDomain return value.
Return int32 `idl:"name:Return" json:"return"`
}
DeleteTrustedDomainResponse structure represents the LsarDeleteTrustedDomain operation response
func (*DeleteTrustedDomainResponse) MarshalNDR ¶
func (*DeleteTrustedDomainResponse) UnmarshalNDR ¶
type EnumerateAccountRightsRequest ¶
type EnumerateAccountRightsRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// AccountSid: A SID of the account object that the caller is inquiring about.
AccountSID *dtyp.SID `idl:"name:AccountSid" json:"account_sid"`
}
EnumerateAccountRightsRequest structure represents the LsarEnumerateAccountRights operation request
func (*EnumerateAccountRightsRequest) MarshalNDR ¶
func (*EnumerateAccountRightsRequest) UnmarshalNDR ¶
type EnumerateAccountRightsResponse ¶
type EnumerateAccountRightsResponse struct {
// UserRights: Used to return a list of right names associated with the account.
UserRights *UserRightSet `idl:"name:UserRights" json:"user_rights"`
// Return: The LsarEnumerateAccountRights return value.
Return int32 `idl:"name:Return" json:"return"`
}
EnumerateAccountRightsResponse structure represents the LsarEnumerateAccountRights operation response
func (*EnumerateAccountRightsResponse) MarshalNDR ¶
func (*EnumerateAccountRightsResponse) UnmarshalNDR ¶
type EnumerateAccountsRequest ¶
type EnumerateAccountsRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// EnumerationContext: A pointer to a context value that is used to resume enumeration,
// if necessary.
EnumerationContext uint32 `idl:"name:EnumerationContext" json:"enumeration_context"`
// PreferedMaximumLength: A value that indicates the approximate size of the data to
// return.
PreferredMaximumLength uint32 `idl:"name:PreferedMaximumLength" json:"preferred_maximum_length"`
}
EnumerateAccountsRequest structure represents the LsarEnumerateAccounts operation request
func (*EnumerateAccountsRequest) MarshalNDR ¶
func (*EnumerateAccountsRequest) UnmarshalNDR ¶
type EnumerateAccountsResponse ¶
type EnumerateAccountsResponse struct {
// EnumerationContext: A pointer to a context value that is used to resume enumeration,
// if necessary.
EnumerationContext uint32 `idl:"name:EnumerationContext" json:"enumeration_context"`
// EnumerationBuffer: A pointer to a structure that will contain the results of the
// enumeration.
EnumerationBuffer *AccountEnumBuffer `idl:"name:EnumerationBuffer" json:"enumeration_buffer"`
// Return: The LsarEnumerateAccounts return value.
Return int32 `idl:"name:Return" json:"return"`
}
EnumerateAccountsResponse structure represents the LsarEnumerateAccounts operation response
func (*EnumerateAccountsResponse) MarshalNDR ¶
func (*EnumerateAccountsResponse) UnmarshalNDR ¶
type EnumerateAccountsWithUserRightRequest ¶
type EnumerateAccountsWithUserRightRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// UserRight: The name of the right to use in enumeration.
UserRight *dtyp.UnicodeString `idl:"name:UserRight;pointer:unique" json:"user_right"`
}
EnumerateAccountsWithUserRightRequest structure represents the LsarEnumerateAccountsWithUserRight operation request
func (*EnumerateAccountsWithUserRightRequest) MarshalNDR ¶
func (*EnumerateAccountsWithUserRightRequest) UnmarshalNDR ¶
type EnumerateAccountsWithUserRightResponse ¶
type EnumerateAccountsWithUserRightResponse struct {
// EnumerationBuffer: Used to return the list of account objects that have the specified
// right.
EnumerationBuffer *AccountEnumBuffer `idl:"name:EnumerationBuffer" json:"enumeration_buffer"`
// Return: The LsarEnumerateAccountsWithUserRight return value.
Return int32 `idl:"name:Return" json:"return"`
}
EnumerateAccountsWithUserRightResponse structure represents the LsarEnumerateAccountsWithUserRight operation response
func (*EnumerateAccountsWithUserRightResponse) MarshalNDR ¶
func (*EnumerateAccountsWithUserRightResponse) UnmarshalNDR ¶
type EnumeratePrivilegesAccountRequest ¶
type EnumeratePrivilegesAccountRequest struct {
// AccountHandle: An open account object handle obtained from either LsarCreateAccount
// (section 3.1.4.5.1) or LsarOpenAccount (section 3.1.4.5.3).
Account *Handle `idl:"name:AccountHandle" json:"account"`
}
EnumeratePrivilegesAccountRequest structure represents the LsarEnumeratePrivilegesAccount operation request
func (*EnumeratePrivilegesAccountRequest) MarshalNDR ¶
func (*EnumeratePrivilegesAccountRequest) UnmarshalNDR ¶
type EnumeratePrivilegesAccountResponse ¶
type EnumeratePrivilegesAccountResponse struct {
// Privileges: Used to return a list of privileges granted to the account.
Privileges *PrivilegeSet `idl:"name:Privileges" json:"privileges"`
// Return: The LsarEnumeratePrivilegesAccount return value.
Return int32 `idl:"name:Return" json:"return"`
}
EnumeratePrivilegesAccountResponse structure represents the LsarEnumeratePrivilegesAccount operation response
func (*EnumeratePrivilegesAccountResponse) MarshalNDR ¶
func (*EnumeratePrivilegesAccountResponse) UnmarshalNDR ¶
type EnumeratePrivilegesRequest ¶
type EnumeratePrivilegesRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// EnumerationContext: A pointer to a context value that is used to resume enumeration,
// if necessary.
EnumerationContext uint32 `idl:"name:EnumerationContext" json:"enumeration_context"`
// PreferedMaximumLength: A value that indicates the approximate size of the data to
// be returned.
PreferredMaximumLength uint32 `idl:"name:PreferedMaximumLength" json:"preferred_maximum_length"`
}
EnumeratePrivilegesRequest structure represents the LsarEnumeratePrivileges operation request
func (*EnumeratePrivilegesRequest) MarshalNDR ¶
func (*EnumeratePrivilegesRequest) UnmarshalNDR ¶
type EnumeratePrivilegesResponse ¶
type EnumeratePrivilegesResponse struct {
// EnumerationContext: A pointer to a context value that is used to resume enumeration,
// if necessary.
EnumerationContext uint32 `idl:"name:EnumerationContext" json:"enumeration_context"`
// EnumerationBuffer: A pointer to a structure that will contain the results of the
// enumeration.
EnumerationBuffer *PrivilegeEnumBuffer `idl:"name:EnumerationBuffer" json:"enumeration_buffer"`
// Return: The LsarEnumeratePrivileges return value.
Return int32 `idl:"name:Return" json:"return"`
}
EnumeratePrivilegesResponse structure represents the LsarEnumeratePrivileges operation response
func (*EnumeratePrivilegesResponse) MarshalNDR ¶
func (*EnumeratePrivilegesResponse) UnmarshalNDR ¶
type EnumerateTrustedDomainsExRequest ¶
type EnumerateTrustedDomainsExRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// EnumerationContext: Used to keep track of the state of the enumeration in cases where
// the caller obtains its information in several fragments.
EnumerationContext uint32 `idl:"name:EnumerationContext" json:"enumeration_context"`
// PreferedMaximumLength: A value that indicates the approximate size of the data to
// be returned.
PreferredMaximumLength uint32 `idl:"name:PreferedMaximumLength" json:"preferred_maximum_length"`
}
EnumerateTrustedDomainsExRequest structure represents the LsarEnumerateTrustedDomainsEx operation request
func (*EnumerateTrustedDomainsExRequest) MarshalNDR ¶
func (*EnumerateTrustedDomainsExRequest) UnmarshalNDR ¶
type EnumerateTrustedDomainsExResponse ¶
type EnumerateTrustedDomainsExResponse struct {
// EnumerationContext: Used to keep track of the state of the enumeration in cases where
// the caller obtains its information in several fragments.
EnumerationContext uint32 `idl:"name:EnumerationContext" json:"enumeration_context"`
// EnumerationBuffer: Contains a fragment of requested information.
EnumerationBuffer *TrustedEnumBufferEx `idl:"name:EnumerationBuffer" json:"enumeration_buffer"`
// Return: The LsarEnumerateTrustedDomainsEx return value.
Return int32 `idl:"name:Return" json:"return"`
}
EnumerateTrustedDomainsExResponse structure represents the LsarEnumerateTrustedDomainsEx operation response
func (*EnumerateTrustedDomainsExResponse) MarshalNDR ¶
func (*EnumerateTrustedDomainsExResponse) UnmarshalNDR ¶
type EnumerateTrustedDomainsRequest ¶
type EnumerateTrustedDomainsRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// EnumerationContext: A pointer to a context value that is used to resume enumeration,
// if necessary.
EnumerationContext uint32 `idl:"name:EnumerationContext" json:"enumeration_context"`
// PreferedMaximumLength: A value that indicates the approximate size of the data to
// be returned.
PreferredMaximumLength uint32 `idl:"name:PreferedMaximumLength" json:"preferred_maximum_length"`
}
EnumerateTrustedDomainsRequest structure represents the LsarEnumerateTrustedDomains operation request
func (*EnumerateTrustedDomainsRequest) MarshalNDR ¶
func (*EnumerateTrustedDomainsRequest) UnmarshalNDR ¶
type EnumerateTrustedDomainsResponse ¶
type EnumerateTrustedDomainsResponse struct {
// EnumerationContext: A pointer to a context value that is used to resume enumeration,
// if necessary.
EnumerationContext uint32 `idl:"name:EnumerationContext" json:"enumeration_context"`
// EnumerationBuffer: A pointer to a structure that will contain the results of the
// enumeration.
EnumerationBuffer *TrustedEnumBuffer `idl:"name:EnumerationBuffer" json:"enumeration_buffer"`
// Return: The LsarEnumerateTrustedDomains return value.
Return int32 `idl:"name:Return" json:"return"`
}
EnumerateTrustedDomainsResponse structure represents the LsarEnumerateTrustedDomains operation response
func (*EnumerateTrustedDomainsResponse) MarshalNDR ¶
func (*EnumerateTrustedDomainsResponse) UnmarshalNDR ¶
type ForestTrustBinaryData ¶
type ForestTrustBinaryData struct {
// Length: The count of bytes in Buffer.<37>
Length uint32 `idl:"name:Length" json:"length"`
// Buffer: The trust record. If the Length field has a value other than 0, this field
// MUST NOT be NULL.
Buffer []byte `idl:"name:Buffer;size_is:(Length)" json:"buffer"`
}
ForestTrustBinaryData structure represents LSA_FOREST_TRUST_BINARY_DATA RPC structure.
The LSA_FOREST_TRUST_BINARY_DATA structure is used to communicate a forest trust record. This structure is not used in the current version of the protocol.
func (*ForestTrustBinaryData) MarshalNDR ¶
func (*ForestTrustBinaryData) UnmarshalNDR ¶
type ForestTrustCollisionInformation ¶
type ForestTrustCollisionInformation struct {
// RecordCount: The count of elements in the Entries array.
RecordCount uint32 `idl:"name:RecordCount" json:"record_count"`
// Entries: An array of LSA_FOREST_TRUST_COLLISION_RECORD (section 2.2.7.27) structures.
// If the RecordCount field has a value other than zero, this field MUST NOT be NULL.
Entries []*ForestTrustCollisionRecord `idl:"name:Entries;size_is:(RecordCount)" json:"entries"`
}
ForestTrustCollisionInformation structure represents LSA_FOREST_TRUST_COLLISION_INFORMATION RPC structure.
The LSA_FOREST_TRUST_COLLISION_INFORMATION structure is used to communicate a set of LSA_FOREST_TRUST_COLLISION_RECORD structures.
func (*ForestTrustCollisionInformation) MarshalNDR ¶
func (*ForestTrustCollisionInformation) UnmarshalNDR ¶
type ForestTrustCollisionRecord ¶
type ForestTrustCollisionRecord struct {
// Index: An ordinal number of a forest trust record in the forest trust information
// supplied by the caller that suffered a collision. For rules about collisions, see
// sections 3.1.4.7.16 and 3.1.4.7.16.1.
Index uint32 `idl:"name:Index" json:"index"`
// Type: The type of collision record, as specified in section 2.2.7.26.
Type ForestTrustCollisionRecordType `idl:"name:Type" json:"type"`
// Flags: A set of bits specifying the nature of the collision. These flags and the
// rules for generating them are specified in sections 3.1.4.7.16 and 3.1.4.7.16.1.
Flags uint32 `idl:"name:Flags" json:"flags"`
// Name: The name of the existing entity (a top-level name entry, a domain information
// entry, or a top-level name exclusion entry) that caused the collision.
Name *UnicodeString `idl:"name:Name" json:"name"`
}
ForestTrustCollisionRecord structure represents LSA_FOREST_TRUST_COLLISION_RECORD RPC structure.
The LSA_FOREST_TRUST_COLLISION_RECORD structure is used to communicate forest trust collision information. For more information about trusted domain objects, see [MS-ADTS] section 6.1.6.
func (*ForestTrustCollisionRecord) MarshalNDR ¶
func (*ForestTrustCollisionRecord) UnmarshalNDR ¶
type ForestTrustCollisionRecordType ¶
type ForestTrustCollisionRecordType uint16
ForestTrustCollisionRecordType type represents LSA_FOREST_TRUST_COLLISION_RECORD_TYPE RPC enumeration.
The LSA_FOREST_TRUST_COLLISION_RECORD_TYPE type specifies the type of a collision record in the message.
var ( // CollisionTdo: A forest trust record that a caller attempted to set on a trusted domain // object has suffered a collision with another trusted domain object in Active Directory, // as specified in [MS-ADTS], section 6.1.6. ForestTrustCollisionRecordTypeCollisionTDO ForestTrustCollisionRecordType = 0 // CollisionXref: A forest trust record that a caller attempted to set on a trusted // domain object has suffered a collision with a cross-reference object belonging to // the forest to which the server belongs, as specified in [MS-ADTS], section 6.1.6. ForestTrustCollisionRecordTypeCollisionXref ForestTrustCollisionRecordType = 1 // CollisionOther: A forest trust record that a caller attempted to set on a trusted // domain object has suffered a collision for an unknown reason. ForestTrustCollisionRecordTypeCollisionOther ForestTrustCollisionRecordType = 2 )
func (ForestTrustCollisionRecordType) String ¶
func (o ForestTrustCollisionRecordType) String() string
type ForestTrustData_Data ¶
type ForestTrustData_Data struct {
Data *ForestTrustBinaryData `idl:"name:Data" json:"data"`
}
ForestTrustData_Data structure represents ForestTrustRecord_ForestTrustData RPC default union arm.
func (*ForestTrustData_Data) MarshalNDR ¶
func (*ForestTrustData_Data) UnmarshalNDR ¶
type ForestTrustData_DomainInfo ¶
type ForestTrustData_DomainInfo struct {
DomainInfo *ForestTrustDomainInfo `idl:"name:DomainInfo" json:"domain_info"`
}
ForestTrustData_DomainInfo structure represents ForestTrustRecord_ForestTrustData RPC union arm.
It has following labels: 2
func (*ForestTrustData_DomainInfo) MarshalNDR ¶
func (*ForestTrustData_DomainInfo) UnmarshalNDR ¶
type ForestTrustData_TopLevelName ¶
type ForestTrustData_TopLevelName struct {
TopLevelName *UnicodeString `idl:"name:TopLevelName" json:"top_level_name"`
}
ForestTrustData_TopLevelName structure represents ForestTrustRecord_ForestTrustData RPC union arm.
It has following labels: 0, 1
func (*ForestTrustData_TopLevelName) MarshalNDR ¶
func (*ForestTrustData_TopLevelName) UnmarshalNDR ¶
type ForestTrustDomainInfo ¶
type ForestTrustDomainInfo struct {
// Sid: Domain SID for the trusted domain.
SID *dtyp.SID `idl:"name:Sid" json:"sid"`
// DnsName: The DNS name of the trusted domain.
DNSName *UnicodeString `idl:"name:DnsName" json:"dns_name"`
// NetbiosName: The NetBIOS name of the trusted domain, as specified in [RFC1088].
NetBIOSName *UnicodeString `idl:"name:NetbiosName" json:"netbios_name"`
}
ForestTrustDomainInfo structure represents LSA_FOREST_TRUST_DOMAIN_INFO RPC structure.
The LSA_FOREST_TRUST_DOMAIN_INFO structure is used to communicate a forest trust record corresponding to the LSA_FOREST_TRUST_DOMAIN_INFO value of ForestTrustDomainInfo.
func (*ForestTrustDomainInfo) MarshalNDR ¶
func (*ForestTrustDomainInfo) UnmarshalNDR ¶
type ForestTrustInformation ¶
type ForestTrustInformation struct {
// RecordCount: A count of elements in the Entries array.<38>
RecordCount uint32 `idl:"name:RecordCount" json:"record_count"`
// Entries: An array of LSA_FOREST_TRUST_RECORD structures. If the RecordCount field
// has a value other than 0, this field MUST NOT be NULL.
Entries []*ForestTrustRecord `idl:"name:Entries;size_is:(RecordCount)" json:"entries"`
}
ForestTrustInformation structure represents LSA_FOREST_TRUST_INFORMATION RPC structure.
The LSA_FOREST_TRUST_INFORMATION structure is a collection of LSA_FOREST_TRUST_RECORD (section 2.2.7.21) structures.
func (*ForestTrustInformation) MarshalNDR ¶
func (*ForestTrustInformation) UnmarshalNDR ¶
type ForestTrustRecord ¶
type ForestTrustRecord struct {
// Flags: Contains zero or more flags from LSA Trust Record Flags (section 2.2.1.5).
// See the Meaning column in the table of that section for related information.
Flags uint32 `idl:"name:Flags" json:"flags"`
// ForestTrustType: This value is one of LSA_FOREST_TRUST_RECORD_TYPE.
ForestTrustType ForestTrustRecordType `idl:"name:ForestTrustType" json:"forest_trust_type"`
// Time: The date and time when this entry was created. It is a 64-bit value that represents
// the number of 100-nanosecond intervals since January 1, 1601, UTC.
Time *dtyp.LargeInteger `idl:"name:Time" json:"time"`
// ForestTrustData: An LSA_UNICODE_STRING, LSA_FOREST_TRUST_DOMAIN_INFO, or LSA_FOREST_TRUST_SCANNER_INFO
// structure, depending on the value of ForestTrustType as specified in the structure
// definition for LSA_FOREST_TRUST_RECORD.
ForestTrustData *ForestTrustRecord_ForestTrustData `idl:"name:ForestTrustData;switch_is:ForestTrustType" json:"forest_trust_data"`
}
ForestTrustRecord structure represents LSA_FOREST_TRUST_RECORD RPC structure.
The LSA_FOREST_TRUST_RECORD structure is used to communicate the type, creation time, and data for a forest trust record. The data is determined by the trust type as follows in the definition of the contained union.
func (*ForestTrustRecord) MarshalNDR ¶
func (*ForestTrustRecord) UnmarshalNDR ¶
type ForestTrustRecordType ¶
type ForestTrustRecordType uint16
ForestTrustRecordType type represents LSA_FOREST_TRUST_RECORD_TYPE RPC enumeration.
The LSA_FOREST_TRUST_RECORD_TYPE enumeration specifies a type of forest trust record.
var ( // ForestTrustTopLevelName: The DNS name of the trusted forest. The structure used // for this record type is equivalent to LSA_UNICODE_STRING (section 2.2.2.3). ForestTrustRecordTypeTopLevelName ForestTrustRecordType = 0 // ForestTrustTopLevelNameEx: The DNS name of the trusted forest. This is the same // as ForestTrustTopLevelName. The structure used for this record type is equivalent // to LSA_UNICODE_STRING. ForestTrustRecordTypeTopLevelNameEx ForestTrustRecordType = 1 // ForestTrustDomainInfo: This field specifies a record containing identification // and name information. ForestTrustRecordTypeDomainInfo ForestTrustRecordType = 2 // ForestTrustRecordTypeLast: The highest record value for this type is equal to the // ForestTrustScannerInfo enum value (4). ForestTrustRecordTypeLast ForestTrustRecordType = 2 )
func (ForestTrustRecordType) String ¶
func (o ForestTrustRecordType) String() string
type ForestTrustRecord_ForestTrustData ¶
type ForestTrustRecord_ForestTrustData struct {
// Types that are assignable to Value
//
// *ForestTrustData_TopLevelName
// *ForestTrustData_DomainInfo
// *ForestTrustData_Data
Value is_ForestTrustRecord_ForestTrustData `json:"value"`
}
ForestTrustRecord_ForestTrustData structure represents LSA_FOREST_TRUST_RECORD union anonymous member.
The LSA_FOREST_TRUST_RECORD structure is used to communicate the type, creation time, and data for a forest trust record. The data is determined by the trust type as follows in the definition of the contained union.
func (*ForestTrustRecord_ForestTrustData) GetValue ¶
func (o *ForestTrustRecord_ForestTrustData) GetValue() any
func (*ForestTrustRecord_ForestTrustData) MarshalUnionNDR ¶
func (*ForestTrustRecord_ForestTrustData) NDRSwitchValue ¶
func (o *ForestTrustRecord_ForestTrustData) NDRSwitchValue(sw uint16) uint16
func (*ForestTrustRecord_ForestTrustData) UnmarshalUnionNDR ¶
type GetSystemAccessAccountRequest ¶
type GetSystemAccessAccountRequest struct {
// AccountHandle: An open account object handle obtained from either LsarCreateAccount
// (section 3.1.4.5.1) or LsarOpenAccount (section 3.1.4.5.3).
Account *Handle `idl:"name:AccountHandle" json:"account"`
}
GetSystemAccessAccountRequest structure represents the LsarGetSystemAccessAccount operation request
func (*GetSystemAccessAccountRequest) MarshalNDR ¶
func (*GetSystemAccessAccountRequest) UnmarshalNDR ¶
type GetSystemAccessAccountResponse ¶
type GetSystemAccessAccountResponse struct {
// SystemAccess: Used to return a bitmask of access flags associated with the account.
SystemAccess uint32 `idl:"name:SystemAccess" json:"system_access"`
// Return: The LsarGetSystemAccessAccount return value.
Return int32 `idl:"name:Return" json:"return"`
}
GetSystemAccessAccountResponse structure represents the LsarGetSystemAccessAccount operation response
func (*GetSystemAccessAccountResponse) MarshalNDR ¶
func (*GetSystemAccessAccountResponse) UnmarshalNDR ¶
type Handle ¶
type Handle dcetypes.ContextHandle
Handle structure represents LSAPR_HANDLE RPC structure.
func (*Handle) ContextHandle ¶
func (o *Handle) ContextHandle() *dcetypes.ContextHandle
type LUIDAndAttributes ¶
type LUIDAndAttributes struct {
// Luid: The locally unique identifier.
LUID *dtyp.LUID `idl:"name:Luid" json:"luid"`
// Attributes: This field contains bitmapped values that define the properties of the
// privilege set. One or more of the following flags can be set.
//
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 1 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 2 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 3 | 1 |
// | | | | | | | | | | | 0 | | | | | | | | | | 0 | | | | | | | | | | 0 | |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | E | D |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
//
// D: The privilege is enabled by default.
//
// E: The privilege is enabled.
Attributes uint32 `idl:"name:Attributes" json:"attributes"`
}
LUIDAndAttributes structure represents LSAPR_LUID_AND_ATTRIBUTES RPC structure.
The LSAPR_LUID_AND_ATTRIBUTES structure is a tuple defining a locally unique identifier (LUID) and a field defining the attributes of the LUID.
func (*LUIDAndAttributes) MarshalNDR ¶
func (*LUIDAndAttributes) UnmarshalNDR ¶
type LookupPrivilegeDisplayNameRequest ¶
type LookupPrivilegeDisplayNameRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// Name: A string containing the name of a privilege.
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
// ClientLanguage: An identifier of the client's language.
ClientLanguage int16 `idl:"name:ClientLanguage" json:"client_language"`
// ClientSystemDefaultLanguage: An identifier of the default language of the caller's
// machine.
ClientSystemDefaultLanguage int16 `idl:"name:ClientSystemDefaultLanguage" json:"client_system_default_language"`
}
LookupPrivilegeDisplayNameRequest structure represents the LsarLookupPrivilegeDisplayName operation request
func (*LookupPrivilegeDisplayNameRequest) MarshalNDR ¶
func (*LookupPrivilegeDisplayNameRequest) UnmarshalNDR ¶
type LookupPrivilegeDisplayNameResponse ¶
type LookupPrivilegeDisplayNameResponse struct {
// DisplayName: Used to return the display name of the privilege in the language pointed
// to by the LanguageReturned value.
DisplayName *dtyp.UnicodeString `idl:"name:DisplayName" json:"display_name"`
// LanguageReturned: An identifier of the language in which DisplayName was returned.
LanguageReturned uint16 `idl:"name:LanguageReturned" json:"language_returned"`
// Return: The LsarLookupPrivilegeDisplayName return value.
Return int32 `idl:"name:Return" json:"return"`
}
LookupPrivilegeDisplayNameResponse structure represents the LsarLookupPrivilegeDisplayName operation response
func (*LookupPrivilegeDisplayNameResponse) MarshalNDR ¶
func (*LookupPrivilegeDisplayNameResponse) UnmarshalNDR ¶
type LookupPrivilegeNameRequest ¶
type LookupPrivilegeNameRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// Value: A LUID that the caller wishes to map to a string name.
Value *dtyp.LUID `idl:"name:Value" json:"value"`
}
LookupPrivilegeNameRequest structure represents the LsarLookupPrivilegeName operation request
func (*LookupPrivilegeNameRequest) MarshalNDR ¶
func (*LookupPrivilegeNameRequest) UnmarshalNDR ¶
type LookupPrivilegeNameResponse ¶
type LookupPrivilegeNameResponse struct {
// Name: Used to return the string name corresponding to the supplied LUID.
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
// Return: The LsarLookupPrivilegeName return value.
Return int32 `idl:"name:Return" json:"return"`
}
LookupPrivilegeNameResponse structure represents the LsarLookupPrivilegeName operation response
func (*LookupPrivilegeNameResponse) MarshalNDR ¶
func (*LookupPrivilegeNameResponse) UnmarshalNDR ¶
type LookupPrivilegeValueRequest ¶
type LookupPrivilegeValueRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// Name: A string containing the name of a privilege.
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
}
LookupPrivilegeValueRequest structure represents the LsarLookupPrivilegeValue operation request
func (*LookupPrivilegeValueRequest) MarshalNDR ¶
func (*LookupPrivilegeValueRequest) UnmarshalNDR ¶
type LookupPrivilegeValueResponse ¶
type LookupPrivilegeValueResponse struct {
// Value: Used to return a LUID assigned by the server to the privilege by this name.
Value *dtyp.LUID `idl:"name:Value" json:"value"`
// Return: The LsarLookupPrivilegeValue return value.
Return int32 `idl:"name:Return" json:"return"`
}
LookupPrivilegeValueResponse structure represents the LsarLookupPrivilegeValue operation response
func (*LookupPrivilegeValueResponse) MarshalNDR ¶
func (*LookupPrivilegeValueResponse) UnmarshalNDR ¶
type LsarpcClient ¶
type LsarpcClient interface {
// The LsarClose method frees the resources held by a context handle that was opened
// earlier. After response, the context handle will no longer be usable, and any subsequent
// uses of this handle will fail.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------+-----------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------+-----------------------------------------+
// +----------------------------------+-----------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------+-----------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | ObjectHandle is not a valid handle. |
// +----------------------------------+-----------------------------------------+
Close(context.Context, *CloseRequest, ...dcerpc.CallOption) (*CloseResponse, error)
// The LsarEnumeratePrivileges method is invoked to enumerate all privileges known to
// the system. This method can be called multiple times to return its output in fragments.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000105 STATUS_MORE_ENTRIES | More information is available to successive calls. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x8000001A STATUS_NO_MORE_ENTRIES | No more entries are available from the enumeration. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters supplied was invalid. This can happen if EnumerationBuffer |
// | | is NULL or EnumerationContext is NULL. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+----------------------------------------------------------------------------------+
EnumeratePrivileges(context.Context, *EnumeratePrivilegesRequest, ...dcerpc.CallOption) (*EnumeratePrivilegesResponse, error)
// The LsarQuerySecurityObject method is invoked to query security information that
// is assigned to a database object. It returns the security descriptor of the object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------+---------------------------------------------------------------------+
// +----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC00000BB STATUS_NOT_SUPPORTED | The request is not supported. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | ObjectHandle is not a valid handle. |
// +----------------------------------+---------------------------------------------------------------------+
QuerySecurityObject(context.Context, *QuerySecurityObjectRequest, ...dcerpc.CallOption) (*QuerySecurityObjectResponse, error)
// The LsarSetSecurityObject method is invoked to set a security descriptor on an object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +------------------------------------------+----------------------------------------------------------------------------------+
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000009A STATUS_INSUFFICIENT_RESOURCES | There are insufficient resources to complete the request. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000079 STATUS_INVALID_SECURITY_DESCR | The supplied security descriptor is invalid. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters supplied was invalid. For instance, SecurityDescriptor is |
// | | NULL. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000BB STATUS_NOT_SUPPORTED | The operation is not supported for this object. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | ObjectHandle is not a valid handle. |
// +------------------------------------------+----------------------------------------------------------------------------------+
SetSecurityObject(context.Context, *SetSecurityObjectRequest, ...dcerpc.CallOption) (*SetSecurityObjectResponse, error)
// The LsarOpenPolicy method is exactly the same as LsarOpenPolicy2, except that the
// SystemName parameter in this function, because of its syntactic definition, contains
// only one character instead of a full string. This SystemName parameter does not have
// any effect on message processing in any environment. It MUST be ignored.
OpenPolicy(context.Context, *OpenPolicyRequest, ...dcerpc.CallOption) (*OpenPolicyResponse, error)
// The LsarQueryInformationPolicy method is invoked to query values that represent the
// server's information policy.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing below.
//
// +------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +------------------------------------------+----------------------------------------------------------------------------------+
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000009A STATUS_INSUFFICIENT_RESOURCES | There are insufficient resources to complete the request. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform the operation. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters is incorrect. For instance, this can happen if |
// | | InformationClass is out of range or if PolicyInformation is NULL. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +------------------------------------------+----------------------------------------------------------------------------------+
QueryInformationPolicy(context.Context, *QueryInformationPolicyRequest, ...dcerpc.CallOption) (*QueryInformationPolicyResponse, error)
// The LsarSetInformationPolicy method is invoked to set a policy on the server.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters is incorrect. For instance, this can happen if |
// | | InformationClass is not supported or some of the supplied policy data is |
// | | invalid. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000002 STATUS_NOT_IMPLEMENTED | This information class cannot be set. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+----------------------------------------------------------------------------------+
SetInformationPolicy(context.Context, *SetInformationPolicyRequest, ...dcerpc.CallOption) (*SetInformationPolicyResponse, error)
// The LsarCreateAccount method is invoked to create a new account object in the server's
// database.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000035 STATUS_OBJECT_NAME_COLLISION | An account with this SID already exists. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied were invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
CreateAccount(context.Context, *CreateAccountRequest, ...dcerpc.CallOption) (*CreateAccountResponse, error)
// The LsarEnumerateAccounts method is invoked to request a list of account objects
// in the server's database. The method can be called multiple times to return its output
// in fragments.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------+---------------------------------------------------------------------+
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x00000105 STATUS_MORE_ENTRIES | More information is available to successive calls. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x8000001A STATUS_NO_MORE_ENTRIES | No more entries are available from the enumeration. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------+---------------------------------------------------------------------+
EnumerateAccounts(context.Context, *EnumerateAccountsRequest, ...dcerpc.CallOption) (*EnumerateAccountsResponse, error)
// The LsarCreateTrustedDomain method is invoked to create an object of type trusted
// domain in the server's database.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments is invalid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000300 STATUS_NOT_SUPPORTED_ON_SBS | The operation is not supported on a particular product.<101> |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000078 STATUS_INVALID_SID | The security identifier of the trusted domain is not valid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002E9 STATUS_CURRENT_DOMAIN_NOT_ALLOWED | Trust cannot be established with the current domain. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000035 STATUS_OBJECT_NAME_COLLISION | Another TDO already exists that matches some of the identifying information of |
// | | the supplied information. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000401 STATUS_PER_USER_TRUST_QUOTA_EXCEEDED | The caller's quota for the maximum number of TDOs that can be created by control |
// | | access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000402 STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED | The combined users' quota for the maximum number of TDOs that can be created by |
// | | control access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
CreateTrustedDomain(context.Context, *CreateTrustedDomainRequest, ...dcerpc.CallOption) (*CreateTrustedDomainResponse, error)
// The LsarEnumerateTrustedDomains method is invoked to request a list of trusted domain
// objects in the server's database. The method can be called multiple times to return
// its output in fragments.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------+---------------------------------------------------------------------+
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000105 STATUS_MORE_ENTRIES | More information is available to successive calls. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC000001A STATUS_NO_MORE_ENTRIES | No more entries are available from the enumeration. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------+---------------------------------------------------------------------+
EnumerateTrustedDomains(context.Context, *EnumerateTrustedDomainsRequest, ...dcerpc.CallOption) (*EnumerateTrustedDomainsResponse, error)
// The LsarCreateSecret method is invoked to create a new secret object in the server's
// database.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters is invalid. This can happen, for example, if |
// | | SecretHandle is NULL or if SecretName is not a valid name for a secret object. |
// | | Secret naming rules are specified in the processing rules shown below for the |
// | | SecretName parameter. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000035 STATUS_OBJECT_NAME_COLLISION | The secret object by the specified name already exists. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000106 STATUS_NAME_TOO_LONG | The length of specified secret name exceeds the maximum set by the server. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
CreateSecret(context.Context, *CreateSecretRequest, ...dcerpc.CallOption) (*CreateSecretResponse, error)
// The LsarOpenAccount method is invoked to obtain a handle to an account object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied are incorrect. For instance, this can happen |
// | | when AccountSid is NULL. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | An account with this SID does not exist in the server's database. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
OpenAccount(context.Context, *OpenAccountRequest, ...dcerpc.CallOption) (*OpenAccountResponse, error)
// The LsarEnumeratePrivilegesAccount method is invoked to retrieve a list of privileges
// granted to an account on the server.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +------------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +------------------------------------------+---------------------------------------------------------------------+
// +------------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +------------------------------------------+---------------------------------------------------------------------+
// | 0xC000009A STATUS_INSUFFICIENT_RESOURCES | There are insufficient resources to complete the request. |
// +------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | AccountHandle is not a valid handle. |
// +------------------------------------------+---------------------------------------------------------------------+
EnumeratePrivilegesAccount(context.Context, *EnumeratePrivilegesAccountRequest, ...dcerpc.CallOption) (*EnumeratePrivilegesAccountResponse, error)
// The LsarAddPrivilegesToAccount method is invoked to add new privileges to an existing
// account object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+-----------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+-----------------------------------------------------------------+
// +-------------------------------------+-----------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+-----------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have permissions to perform this operation. |
// +-------------------------------------+-----------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied were invalid. |
// +-------------------------------------+-----------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | AccountHandle is not a valid handle. |
// +-------------------------------------+-----------------------------------------------------------------+
AddPrivilegesToAccount(context.Context, *AddPrivilegesToAccountRequest, ...dcerpc.CallOption) (*AddPrivilegesToAccountResponse, error)
// The LsarRemovePrivilegesFromAccount method is invoked to remove privileges from an
// account object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied were invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | AccountHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
RemovePrivilegesFromAccount(context.Context, *RemovePrivilegesFromAccountRequest, ...dcerpc.CallOption) (*RemovePrivilegesFromAccountResponse, error)
// The LsarGetSystemAccessAccount method is invoked to retrieve system access account
// flags for an account object. System access account flags are described as part of
// the account object data model, as specified in section 3.1.1.3.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------+---------------------------------------------------------------------+
// +----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | AccountHandle is not a valid handle. |
// +----------------------------------+---------------------------------------------------------------------+
GetSystemAccessAccount(context.Context, *GetSystemAccessAccountRequest, ...dcerpc.CallOption) (*GetSystemAccessAccountResponse, error)
// The LsarSetSystemAccessAccount method is invoked to set system access account flags
// for an account object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | AccountHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
SetSystemAccessAccount(context.Context, *SetSystemAccessAccountRequest, ...dcerpc.CallOption) (*SetSystemAccessAccountResponse, error)
// The LsarOpenTrustedDomain method is invoked to obtain a handle to a trusted domain
// object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters is invalid. For instance, this can happen if the |
// | | security identifier TrustedDomainSid is not a valid domain security identifier. |
// | | Section 3.1.4.10 specifies data validation rules, including what constitutes a |
// | | valid domain security identifier. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The specified trusted domain object does not exist. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
OpenTrustedDomain(context.Context, *OpenTrustedDomainRequest, ...dcerpc.CallOption) (*OpenTrustedDomainResponse, error)
// The LsarQueryInfoTrustedDomain method is invoked to retrieve information about the
// trusted domain object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +--------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +--------------------------------------+---------------------------------------------------------------------+
// +--------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +--------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +--------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the arguments supplied to the function was invalid. |
// +--------------------------------------+---------------------------------------------------------------------+
// | 0xC0000003 STATUS_INVALID_INFO_CLASS | The InformationClass argument is outside the allowed range. |
// +--------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | TrustedDomainHandle is not a valid handle. |
// +--------------------------------------+---------------------------------------------------------------------+
QueryInfoTrustedDomain(context.Context, *QueryInfoTrustedDomainRequest, ...dcerpc.CallOption) (*QueryInfoTrustedDomainResponse, error)
// The LsarSetInformationTrustedDomain method is invoked to set information on a trusted
// domain object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------+---------------------------------------------------------------------+
// +----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the arguments supplied to the function was invalid. |
// +----------------------------------------+---------------------------------------------------------------------+
// | 0xC00000DD STATUS_INVALID_DOMAIN_STATE | The domain is in the wrong state to perform the stated operation. |
// +----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | TrustedDomainHandle is not a valid handle. |
// +----------------------------------------+---------------------------------------------------------------------+
SetInformationTrustedDomain(context.Context, *SetInformationTrustedDomainRequest, ...dcerpc.CallOption) (*SetInformationTrustedDomainResponse, error)
// The LsarOpenSecret method is invoked to obtain a handle to an existing secret object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | The secret with the specified name was not found. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied were invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
OpenSecret(context.Context, *OpenSecretRequest, ...dcerpc.CallOption) (*OpenSecretResponse, error)
// The LsarSetSecret method is invoked to set the current and old values of the secret
// object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | SecretHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
SetSecret(context.Context, *SetSecretRequest, ...dcerpc.CallOption) (*SetSecretResponse, error)
// The LsarQuerySecret method is invoked to retrieve the current and old (or previous)
// value of the secret object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------+---------------------------------------------------------------------+
// +----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | SecretHandle is not a valid handle. |
// +----------------------------------+---------------------------------------------------------------------+
QuerySecret(context.Context, *QuerySecretRequest, ...dcerpc.CallOption) (*QuerySecretResponse, error)
// The LsarLookupPrivilegeValue method is invoked to map the name of a privilege into
// a locally unique identifier (LUID) by which the privilege is known on the server.
// The locally unique value of the privilege can then be used in subsequent calls to
// other methods, such as LsarAddPrivilegesToAccount.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The privilege name is not recognized by the server. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
LookupPrivilegeValue(context.Context, *LookupPrivilegeValueRequest, ...dcerpc.CallOption) (*LookupPrivilegeValueResponse, error)
// The LsarLookupPrivilegeName method is invoked to map the LUID of a privilege into
// a string name by which the privilege is known on the server.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The supplied LUID is not recognized by the server. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
LookupPrivilegeName(context.Context, *LookupPrivilegeNameRequest, ...dcerpc.CallOption) (*LookupPrivilegeNameResponse, error)
// The LsarLookupPrivilegeDisplayName method is invoked to map the name of a privilege
// into a display text string in the caller's language.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The supplied LUID is not recognized by the server. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
LookupPrivilegeDisplayName(context.Context, *LookupPrivilegeDisplayNameRequest, ...dcerpc.CallOption) (*LookupPrivilegeDisplayNameResponse, error)
// The LsarDeleteObject method is invoked to delete an open account object, secret object,
// or trusted domain object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | ObjectHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
DeleteObject(context.Context, *DeleteObjectRequest, ...dcerpc.CallOption) (*DeleteObjectResponse, error)
// The LsarEnumerateAccountsWithUserRight method is invoked to return a list of account
// objects that have the user right equal to the passed-in value.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The supplied name is not recognized by the server. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments is invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x8000001A STATUS_NO_MORE_ENTRIES | No account was found with the specified privilege. |
// +-------------------------------------+---------------------------------------------------------------------+
EnumerateAccountsWithUserRight(context.Context, *EnumerateAccountsWithUserRightRequest, ...dcerpc.CallOption) (*EnumerateAccountsWithUserRightResponse, error)
// The LsarEnumerateAccountRights method is invoked to retrieve a list of rights associated
// with an existing account.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | The specified account object does not exist. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
EnumerateAccountRights(context.Context, *EnumerateAccountRightsRequest, ...dcerpc.CallOption) (*EnumerateAccountRightsResponse, error)
// The LsarAddAccountRights method is invoked to add new rights to an account object.
// If the account object does not exist, the system will attempt to create one.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The rights supplied were not recognized. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
AddAccountRights(context.Context, *AddAccountRightsRequest, ...dcerpc.CallOption) (*AddAccountRightsResponse, error)
// The LsarRemoveAccountRights method is invoked to remove rights from an account object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The rights supplied were not recognized. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | An account with this SID does not exist. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC00000BB STATUS_NOT_SUPPORTED | The operation is not supported by the server. |
// +-----------------------------------------+---------------------------------------------------------------------+
RemoveAccountRights(context.Context, *RemoveAccountRightsRequest, ...dcerpc.CallOption) (*RemoveAccountRightsResponse, error)
// The LsarQueryTrustedDomainInfo method is invoked to retrieve information on a trusted
// domain object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------------+---------------------------------------------------------------------+
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000002 STATUS_NOT_IMPLEMENTED | The specified information class is not supported. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000003 STATUS_INVALID_INFO_CLASS | The InformationClass argument is outside the allowed range. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The specified trusted domain object does not exist. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +----------------------------------------------+---------------------------------------------------------------------+
QueryTrustedDomainInfo(context.Context, *QueryTrustedDomainInfoRequest, ...dcerpc.CallOption) (*QueryTrustedDomainInfoResponse, error)
// The LsarSetTrustedDomainInfo method is invoked to set information on a trusted domain
// object. In some cases, if the trusted domain object does not exist, it will be created.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------------+---------------------------------------------------------------------+
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The specified trusted domain object does not exist. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +----------------------------------------------+---------------------------------------------------------------------+
SetTrustedDomainInfo(context.Context, *SetTrustedDomainInfoRequest, ...dcerpc.CallOption) (*SetTrustedDomainInfoResponse, error)
// The LsarDeleteTrustedDomain method is invoked to delete a trusted domain object (TDO).
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The specified TDO does not exist. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC0000403 STATUS_USER_DELETE_TRUST_QUOTA_EXCEEDED | The caller's quota for the maximum allowed number of deleted TDOs is exceeded. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
DeleteTrustedDomain(context.Context, *DeleteTrustedDomainRequest, ...dcerpc.CallOption) (*DeleteTrustedDomainResponse, error)
// The LsarStorePrivateData method is invoked to store a secret value.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
StorePrivateData(context.Context, *StorePrivateDataRequest, ...dcerpc.CallOption) (*StorePrivateDataResponse, error)
// The LsarRetrievePrivateData method is invoked to retrieve a secret value.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters was invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | The key with the specified name was not found. |
// +-----------------------------------------+---------------------------------------------------------------------+
RetrievePrivateData(context.Context, *RetrievePrivateDataRequest, ...dcerpc.CallOption) (*RetrievePrivateDataResponse, error)
// The LsarOpenPolicy2 method opens a context handle to the RPC server. This is the
// first function that MUST be called to contact the Local Security Authority (Domain
// Policy) Remote Protocol database.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing below.
//
// +-------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters is incorrect. For example, this can happen when |
// | | ObjectAttributes is NULL or DesiredAccess is zero. |
// +-------------------------------------+----------------------------------------------------------------------------------+
OpenPolicy2(context.Context, *OpenPolicy2Request, ...dcerpc.CallOption) (*OpenPolicy2Response, error)
// The LsarQueryInformationPolicy2 method is invoked to query values that represent
// the server's security policy.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing below.
//
// +------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +------------------------------------------+----------------------------------------------------------------------------------+
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000009A STATUS_INSUFFICIENT_RESOURCES | There are insufficient resources to complete the request. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform the operation. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters is incorrect. For instance, this can happen if |
// | | InformationClass is out of range or if PolicyInformation is NULL. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +------------------------------------------+----------------------------------------------------------------------------------+
QueryInformationPolicy2(context.Context, *QueryInformationPolicy2Request, ...dcerpc.CallOption) (*QueryInformationPolicy2Response, error)
// The LsarSetInformationPolicy2 method is invoked to set a policy on the server.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters is incorrect. For instance, this can happen if |
// | | InformationClass is not supported or some of the supplied policy data is |
// | | invalid. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000002 STATUS_NOT_IMPLEMENTED | This information class cannot be set. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+----------------------------------------------------------------------------------+
SetInformationPolicy2(context.Context, *SetInformationPolicy2Request, ...dcerpc.CallOption) (*SetInformationPolicy2Response, error)
// The LsarQueryTrustedDomainInfoByName method is invoked to retrieve information about
// a trusted domain object by its string name.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+-----------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+-----------------------------------------------------------------------+
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters was invalid. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | The trusted domain object with the specified name could not be found. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+-----------------------------------------------------------------------+
QueryTrustedDomainInfoByName(context.Context, *QueryTrustedDomainInfoByNameRequest, ...dcerpc.CallOption) (*QueryTrustedDomainInfoByNameResponse, error)
// The LsarSetTrustedDomainInfoByName method is invoked to set information about a trusted
// domain object by its string name.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+-----------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+-----------------------------------------------------------------------+
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments is invalid. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | The trusted domain object with the specified name could not be found. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+-----------------------------------------------------------------------+
SetTrustedDomainInfoByName(context.Context, *SetTrustedDomainInfoByNameRequest, ...dcerpc.CallOption) (*SetTrustedDomainInfoByNameResponse, error)
// The LsarEnumerateTrustedDomainsEx method is invoked to enumerate trusted domain objects
// in the server's database. The method is designed to be invoked multiple times to
// retrieve the data in fragments.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------+---------------------------------------------------------------------+
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x8000001A STATUS_NO_MORE_ENTRIES | No more information is available. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x00000105 STATUS_MORE_ENTRIES | More information is available by calling this method again. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------+---------------------------------------------------------------------+
EnumerateTrustedDomainsEx(context.Context, *EnumerateTrustedDomainsExRequest, ...dcerpc.CallOption) (*EnumerateTrustedDomainsExResponse, error)
// The LsarCreateTrustedDomainEx method is invoked to create a new trusted domain object
// (TDO).
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments is invalid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000300 STATUS_NOT_SUPPORTED_ON_SBS | The operation is not supported on a particular product.<100> |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DD STATUS_INVALID_DOMAIN_STATE | The operation cannot complete in the current state of the domain. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000078 STATUS_INVALID_SID | The security identifier of the trusted domain is not valid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002E9 STATUS_CURRENT_DOMAIN_NOT_ALLOWED | Trust cannot be established with the current domain. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000035 STATUS_OBJECT_NAME_COLLISION | Another TDO already exists that matches some of the identifying information of |
// | | the supplied information. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000401 STATUS_PER_USER_TRUST_QUOTA_EXCEEDED | The caller's quota for the maximum number of TDOs that can be created by control |
// | | access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000402 STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED | The combined users' quota for the maximum number of TDOs that can be created by |
// | | control access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
CreateTrustedDomainEx(context.Context, *CreateTrustedDomainExRequest, ...dcerpc.CallOption) (*CreateTrustedDomainExResponse, error)
// The LsarQueryDomainInformationPolicy method is invoked to retrieve policy settings
// in addition to those exposed through LsarQueryInformationPolicy and LsarSetInformationPolicy2.
// Despite the term "Domain" in the name of the method, processing of this message occurs
// with local data, and furthermore, there is no requirement that this data have any
// relationship with the LSA information in the domain to which the machine is joined.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments was invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | No value has been set for this policy. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
QueryDomainInformationPolicy(context.Context, *QueryDomainInformationPolicyRequest, ...dcerpc.CallOption) (*QueryDomainInformationPolicyResponse, error)
// The LsarSetDomainInformationPolicy method is invoked to change policy settings in
// addition to those exposed through LsarQueryInformationPolicy and LsarSetInformationPolicy2.
// Despite the term "Domain" in the name of the method, processing of this message occurs
// with local data. Also, there is no requirement that this data have any relationship
// with the LSA information in the domain in which the machine is joined.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the following message processing.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
SetDomainInformationPolicy(context.Context, *SetDomainInformationPolicyRequest, ...dcerpc.CallOption) (*SetDomainInformationPolicyResponse, error)
// The LsarOpenTrustedDomainByName method is invoked to open a trusted domain object
// handle by supplying the name of the trusted domain.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments was invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | A trusted domain object by this name was not found. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
OpenTrustedDomainByName(context.Context, *OpenTrustedDomainByNameRequest, ...dcerpc.CallOption) (*OpenTrustedDomainByNameResponse, error)
// The LsarCreateTrustedDomainEx2 method is invoked to create a new trusted domain object
// (TDO).<96>
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments is invalid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000300 STATUS_NOT_SUPPORTED_ON_SBS | The operation is not supported on a particular product.<97> |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DD STATUS_INVALID_DOMAIN_STATE | The operation cannot complete in the current state of the domain. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000078 STATUS_INVALID_SID | The security identifier of the trusted domain is not valid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002E9 STATUS_CURRENT_DOMAIN_NOT_ALLOWED | Trust cannot be established with the current domain. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000035 STATUS_OBJECT_NAME_COLLISION | Another TDO already exists that matches some of the identifying information of |
// | | the supplied information. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000401 STATUS_PER_USER_TRUST_QUOTA_EXCEEDED | The caller's quota for maximum number of TDOs that can be created by control |
// | | access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000402 STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED | The combined users' quota for maximum number of TDOs that can be created by |
// | | control access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
CreateTrustedDomainEx2(context.Context, *CreateTrustedDomainEx2Request, ...dcerpc.CallOption) (*CreateTrustedDomainEx2Response, error)
// The LsarQueryForestTrustInformation method is invoked to retrieve information about
// a trust relationship with another forest.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------+-------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------+-------------------------------------------------------------------------+
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments was invalid. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC00000DD STATUS_INVALID_DOMAIN_STATE | The domain is in the wrong state of this operation. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The TrustedDomainName is not a recognized domain name. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC0000225 STATUS_NOT_FOUND | Forest trust information does not exist for this trusted domain object. |
// +----------------------------------------+-------------------------------------------------------------------------+
QueryForestTrustInformation(context.Context, *QueryForestTrustInformationRequest, ...dcerpc.CallOption) (*QueryForestTrustInformationResponse, error)
// The LsarSetForestTrustInformation method is invoked to establish a trust relationship
// with another forest by attaching a set of records called the forest trust information
// to the trusted domain object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------+----------------------------------------------------------------------------------+
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DD STATUS_INVALID_DOMAIN_STATE | The domain is not the root domain of the forest, or the forest is not at |
// | | DS_BEHAVIOR_WIN2003 forest functional level. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DE STATUS_INVALID_DOMAIN_ROLE | The server is not the primary domain controller. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The trusted domain object with the name in the TrustedDomainName parameter does |
// | | not exist. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied were invalid. |
// +----------------------------------------+----------------------------------------------------------------------------------+
SetForestTrustInformation(context.Context, *SetForestTrustInformationRequest, ...dcerpc.CallOption) (*SetForestTrustInformationResponse, error)
// AlterContext alters the client context.
AlterContext(context.Context, ...dcerpc.Option) error
}
lsarpc interface.
func NewLsarpcClient ¶
type LsarpcServer ¶
type LsarpcServer interface {
// The LsarClose method frees the resources held by a context handle that was opened
// earlier. After response, the context handle will no longer be usable, and any subsequent
// uses of this handle will fail.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------+-----------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------+-----------------------------------------+
// +----------------------------------+-----------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------+-----------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | ObjectHandle is not a valid handle. |
// +----------------------------------+-----------------------------------------+
Close(context.Context, *CloseRequest) (*CloseResponse, error)
// The LsarEnumeratePrivileges method is invoked to enumerate all privileges known to
// the system. This method can be called multiple times to return its output in fragments.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000105 STATUS_MORE_ENTRIES | More information is available to successive calls. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x8000001A STATUS_NO_MORE_ENTRIES | No more entries are available from the enumeration. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters supplied was invalid. This can happen if EnumerationBuffer |
// | | is NULL or EnumerationContext is NULL. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+----------------------------------------------------------------------------------+
EnumeratePrivileges(context.Context, *EnumeratePrivilegesRequest) (*EnumeratePrivilegesResponse, error)
// The LsarQuerySecurityObject method is invoked to query security information that
// is assigned to a database object. It returns the security descriptor of the object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------+---------------------------------------------------------------------+
// +----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC00000BB STATUS_NOT_SUPPORTED | The request is not supported. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | ObjectHandle is not a valid handle. |
// +----------------------------------+---------------------------------------------------------------------+
QuerySecurityObject(context.Context, *QuerySecurityObjectRequest) (*QuerySecurityObjectResponse, error)
// The LsarSetSecurityObject method is invoked to set a security descriptor on an object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +------------------------------------------+----------------------------------------------------------------------------------+
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000009A STATUS_INSUFFICIENT_RESOURCES | There are insufficient resources to complete the request. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000079 STATUS_INVALID_SECURITY_DESCR | The supplied security descriptor is invalid. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters supplied was invalid. For instance, SecurityDescriptor is |
// | | NULL. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000BB STATUS_NOT_SUPPORTED | The operation is not supported for this object. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | ObjectHandle is not a valid handle. |
// +------------------------------------------+----------------------------------------------------------------------------------+
SetSecurityObject(context.Context, *SetSecurityObjectRequest) (*SetSecurityObjectResponse, error)
// The LsarOpenPolicy method is exactly the same as LsarOpenPolicy2, except that the
// SystemName parameter in this function, because of its syntactic definition, contains
// only one character instead of a full string. This SystemName parameter does not have
// any effect on message processing in any environment. It MUST be ignored.
OpenPolicy(context.Context, *OpenPolicyRequest) (*OpenPolicyResponse, error)
// The LsarQueryInformationPolicy method is invoked to query values that represent the
// server's information policy.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing below.
//
// +------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +------------------------------------------+----------------------------------------------------------------------------------+
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000009A STATUS_INSUFFICIENT_RESOURCES | There are insufficient resources to complete the request. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform the operation. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters is incorrect. For instance, this can happen if |
// | | InformationClass is out of range or if PolicyInformation is NULL. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +------------------------------------------+----------------------------------------------------------------------------------+
QueryInformationPolicy(context.Context, *QueryInformationPolicyRequest) (*QueryInformationPolicyResponse, error)
// The LsarSetInformationPolicy method is invoked to set a policy on the server.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters is incorrect. For instance, this can happen if |
// | | InformationClass is not supported or some of the supplied policy data is |
// | | invalid. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000002 STATUS_NOT_IMPLEMENTED | This information class cannot be set. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+----------------------------------------------------------------------------------+
SetInformationPolicy(context.Context, *SetInformationPolicyRequest) (*SetInformationPolicyResponse, error)
// The LsarCreateAccount method is invoked to create a new account object in the server's
// database.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000035 STATUS_OBJECT_NAME_COLLISION | An account with this SID already exists. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied were invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
CreateAccount(context.Context, *CreateAccountRequest) (*CreateAccountResponse, error)
// The LsarEnumerateAccounts method is invoked to request a list of account objects
// in the server's database. The method can be called multiple times to return its output
// in fragments.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------+---------------------------------------------------------------------+
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x00000105 STATUS_MORE_ENTRIES | More information is available to successive calls. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x8000001A STATUS_NO_MORE_ENTRIES | No more entries are available from the enumeration. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------+---------------------------------------------------------------------+
EnumerateAccounts(context.Context, *EnumerateAccountsRequest) (*EnumerateAccountsResponse, error)
// The LsarCreateTrustedDomain method is invoked to create an object of type trusted
// domain in the server's database.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments is invalid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000300 STATUS_NOT_SUPPORTED_ON_SBS | The operation is not supported on a particular product.<101> |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000078 STATUS_INVALID_SID | The security identifier of the trusted domain is not valid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002E9 STATUS_CURRENT_DOMAIN_NOT_ALLOWED | Trust cannot be established with the current domain. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000035 STATUS_OBJECT_NAME_COLLISION | Another TDO already exists that matches some of the identifying information of |
// | | the supplied information. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000401 STATUS_PER_USER_TRUST_QUOTA_EXCEEDED | The caller's quota for the maximum number of TDOs that can be created by control |
// | | access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000402 STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED | The combined users' quota for the maximum number of TDOs that can be created by |
// | | control access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
CreateTrustedDomain(context.Context, *CreateTrustedDomainRequest) (*CreateTrustedDomainResponse, error)
// The LsarEnumerateTrustedDomains method is invoked to request a list of trusted domain
// objects in the server's database. The method can be called multiple times to return
// its output in fragments.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------+---------------------------------------------------------------------+
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000105 STATUS_MORE_ENTRIES | More information is available to successive calls. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC000001A STATUS_NO_MORE_ENTRIES | No more entries are available from the enumeration. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------+---------------------------------------------------------------------+
EnumerateTrustedDomains(context.Context, *EnumerateTrustedDomainsRequest) (*EnumerateTrustedDomainsResponse, error)
// The LsarCreateSecret method is invoked to create a new secret object in the server's
// database.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters is invalid. This can happen, for example, if |
// | | SecretHandle is NULL or if SecretName is not a valid name for a secret object. |
// | | Secret naming rules are specified in the processing rules shown below for the |
// | | SecretName parameter. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000035 STATUS_OBJECT_NAME_COLLISION | The secret object by the specified name already exists. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000106 STATUS_NAME_TOO_LONG | The length of specified secret name exceeds the maximum set by the server. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
CreateSecret(context.Context, *CreateSecretRequest) (*CreateSecretResponse, error)
// The LsarOpenAccount method is invoked to obtain a handle to an account object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied are incorrect. For instance, this can happen |
// | | when AccountSid is NULL. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | An account with this SID does not exist in the server's database. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
OpenAccount(context.Context, *OpenAccountRequest) (*OpenAccountResponse, error)
// The LsarEnumeratePrivilegesAccount method is invoked to retrieve a list of privileges
// granted to an account on the server.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +------------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +------------------------------------------+---------------------------------------------------------------------+
// +------------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +------------------------------------------+---------------------------------------------------------------------+
// | 0xC000009A STATUS_INSUFFICIENT_RESOURCES | There are insufficient resources to complete the request. |
// +------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | AccountHandle is not a valid handle. |
// +------------------------------------------+---------------------------------------------------------------------+
EnumeratePrivilegesAccount(context.Context, *EnumeratePrivilegesAccountRequest) (*EnumeratePrivilegesAccountResponse, error)
// The LsarAddPrivilegesToAccount method is invoked to add new privileges to an existing
// account object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+-----------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+-----------------------------------------------------------------+
// +-------------------------------------+-----------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+-----------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have permissions to perform this operation. |
// +-------------------------------------+-----------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied were invalid. |
// +-------------------------------------+-----------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | AccountHandle is not a valid handle. |
// +-------------------------------------+-----------------------------------------------------------------+
AddPrivilegesToAccount(context.Context, *AddPrivilegesToAccountRequest) (*AddPrivilegesToAccountResponse, error)
// The LsarRemovePrivilegesFromAccount method is invoked to remove privileges from an
// account object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied were invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | AccountHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
RemovePrivilegesFromAccount(context.Context, *RemovePrivilegesFromAccountRequest) (*RemovePrivilegesFromAccountResponse, error)
// The LsarGetSystemAccessAccount method is invoked to retrieve system access account
// flags for an account object. System access account flags are described as part of
// the account object data model, as specified in section 3.1.1.3.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------+---------------------------------------------------------------------+
// +----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | AccountHandle is not a valid handle. |
// +----------------------------------+---------------------------------------------------------------------+
GetSystemAccessAccount(context.Context, *GetSystemAccessAccountRequest) (*GetSystemAccessAccountResponse, error)
// The LsarSetSystemAccessAccount method is invoked to set system access account flags
// for an account object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | AccountHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
SetSystemAccessAccount(context.Context, *SetSystemAccessAccountRequest) (*SetSystemAccessAccountResponse, error)
// The LsarOpenTrustedDomain method is invoked to obtain a handle to a trusted domain
// object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters is invalid. For instance, this can happen if the |
// | | security identifier TrustedDomainSid is not a valid domain security identifier. |
// | | Section 3.1.4.10 specifies data validation rules, including what constitutes a |
// | | valid domain security identifier. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The specified trusted domain object does not exist. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +----------------------------------------------+----------------------------------------------------------------------------------+
OpenTrustedDomain(context.Context, *OpenTrustedDomainRequest) (*OpenTrustedDomainResponse, error)
// The LsarQueryInfoTrustedDomain method is invoked to retrieve information about the
// trusted domain object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +--------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +--------------------------------------+---------------------------------------------------------------------+
// +--------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +--------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +--------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the arguments supplied to the function was invalid. |
// +--------------------------------------+---------------------------------------------------------------------+
// | 0xC0000003 STATUS_INVALID_INFO_CLASS | The InformationClass argument is outside the allowed range. |
// +--------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | TrustedDomainHandle is not a valid handle. |
// +--------------------------------------+---------------------------------------------------------------------+
QueryInfoTrustedDomain(context.Context, *QueryInfoTrustedDomainRequest) (*QueryInfoTrustedDomainResponse, error)
// The LsarSetInformationTrustedDomain method is invoked to set information on a trusted
// domain object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------+---------------------------------------------------------------------+
// +----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the arguments supplied to the function was invalid. |
// +----------------------------------------+---------------------------------------------------------------------+
// | 0xC00000DD STATUS_INVALID_DOMAIN_STATE | The domain is in the wrong state to perform the stated operation. |
// +----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | TrustedDomainHandle is not a valid handle. |
// +----------------------------------------+---------------------------------------------------------------------+
SetInformationTrustedDomain(context.Context, *SetInformationTrustedDomainRequest) (*SetInformationTrustedDomainResponse, error)
// The LsarOpenSecret method is invoked to obtain a handle to an existing secret object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | The secret with the specified name was not found. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied were invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
OpenSecret(context.Context, *OpenSecretRequest) (*OpenSecretResponse, error)
// The LsarSetSecret method is invoked to set the current and old values of the secret
// object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | SecretHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
SetSecret(context.Context, *SetSecretRequest) (*SetSecretResponse, error)
// The LsarQuerySecret method is invoked to retrieve the current and old (or previous)
// value of the secret object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------+---------------------------------------------------------------------+
// +----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | SecretHandle is not a valid handle. |
// +----------------------------------+---------------------------------------------------------------------+
QuerySecret(context.Context, *QuerySecretRequest) (*QuerySecretResponse, error)
// The LsarLookupPrivilegeValue method is invoked to map the name of a privilege into
// a locally unique identifier (LUID) by which the privilege is known on the server.
// The locally unique value of the privilege can then be used in subsequent calls to
// other methods, such as LsarAddPrivilegesToAccount.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The privilege name is not recognized by the server. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
LookupPrivilegeValue(context.Context, *LookupPrivilegeValueRequest) (*LookupPrivilegeValueResponse, error)
// The LsarLookupPrivilegeName method is invoked to map the LUID of a privilege into
// a string name by which the privilege is known on the server.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The supplied LUID is not recognized by the server. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
LookupPrivilegeName(context.Context, *LookupPrivilegeNameRequest) (*LookupPrivilegeNameResponse, error)
// The LsarLookupPrivilegeDisplayName method is invoked to map the name of a privilege
// into a display text string in the caller's language.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The supplied LUID is not recognized by the server. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
LookupPrivilegeDisplayName(context.Context, *LookupPrivilegeDisplayNameRequest) (*LookupPrivilegeDisplayNameResponse, error)
// The LsarDeleteObject method is invoked to delete an open account object, secret object,
// or trusted domain object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | ObjectHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
DeleteObject(context.Context, *DeleteObjectRequest) (*DeleteObjectResponse, error)
// The LsarEnumerateAccountsWithUserRight method is invoked to return a list of account
// objects that have the user right equal to the passed-in value.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The supplied name is not recognized by the server. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments is invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x8000001A STATUS_NO_MORE_ENTRIES | No account was found with the specified privilege. |
// +-------------------------------------+---------------------------------------------------------------------+
EnumerateAccountsWithUserRight(context.Context, *EnumerateAccountsWithUserRightRequest) (*EnumerateAccountsWithUserRightResponse, error)
// The LsarEnumerateAccountRights method is invoked to retrieve a list of rights associated
// with an existing account.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | The specified account object does not exist. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
EnumerateAccountRights(context.Context, *EnumerateAccountRightsRequest) (*EnumerateAccountRightsResponse, error)
// The LsarAddAccountRights method is invoked to add new rights to an account object.
// If the account object does not exist, the system will attempt to create one.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The rights supplied were not recognized. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
AddAccountRights(context.Context, *AddAccountRightsRequest) (*AddAccountRightsResponse, error)
// The LsarRemoveAccountRights method is invoked to remove rights from an account object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000060 STATUS_NO_SUCH_PRIVILEGE | The rights supplied were not recognized. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | An account with this SID does not exist. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC00000BB STATUS_NOT_SUPPORTED | The operation is not supported by the server. |
// +-----------------------------------------+---------------------------------------------------------------------+
RemoveAccountRights(context.Context, *RemoveAccountRightsRequest) (*RemoveAccountRightsResponse, error)
// The LsarQueryTrustedDomainInfo method is invoked to retrieve information on a trusted
// domain object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------------+---------------------------------------------------------------------+
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000002 STATUS_NOT_IMPLEMENTED | The specified information class is not supported. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000003 STATUS_INVALID_INFO_CLASS | The InformationClass argument is outside the allowed range. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The specified trusted domain object does not exist. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +----------------------------------------------+---------------------------------------------------------------------+
QueryTrustedDomainInfo(context.Context, *QueryTrustedDomainInfoRequest) (*QueryTrustedDomainInfoResponse, error)
// The LsarSetTrustedDomainInfo method is invoked to set information on a trusted domain
// object. In some cases, if the trusted domain object does not exist, it will be created.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------------+---------------------------------------------------------------------+
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The specified trusted domain object does not exist. |
// +----------------------------------------------+---------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +----------------------------------------------+---------------------------------------------------------------------+
SetTrustedDomainInfo(context.Context, *SetTrustedDomainInfoRequest) (*SetTrustedDomainInfoResponse, error)
// The LsarDeleteTrustedDomain method is invoked to delete a trusted domain object (TDO).
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The specified TDO does not exist. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
// | 0xC0000403 STATUS_USER_DELETE_TRUST_QUOTA_EXCEEDED | The caller's quota for the maximum allowed number of deleted TDOs is exceeded. |
// +----------------------------------------------------+--------------------------------------------------------------------------------+
DeleteTrustedDomain(context.Context, *DeleteTrustedDomainRequest) (*DeleteTrustedDomainResponse, error)
// The LsarStorePrivateData method is invoked to store a secret value.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One or more of the supplied parameters was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
StorePrivateData(context.Context, *StorePrivateDataRequest) (*StorePrivateDataResponse, error)
// The LsarRetrievePrivateData method is invoked to retrieve a secret value.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters was invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | The key with the specified name was not found. |
// +-----------------------------------------+---------------------------------------------------------------------+
RetrievePrivateData(context.Context, *RetrievePrivateDataRequest) (*RetrievePrivateDataResponse, error)
// The LsarOpenPolicy2 method opens a context handle to the RPC server. This is the
// first function that MUST be called to contact the Local Security Authority (Domain
// Policy) Remote Protocol database.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing below.
//
// +-------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters is incorrect. For example, this can happen when |
// | | ObjectAttributes is NULL or DesiredAccess is zero. |
// +-------------------------------------+----------------------------------------------------------------------------------+
OpenPolicy2(context.Context, *OpenPolicy2Request) (*OpenPolicy2Response, error)
// The LsarQueryInformationPolicy2 method is invoked to query values that represent
// the server's security policy.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing below.
//
// +------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +------------------------------------------+----------------------------------------------------------------------------------+
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000009A STATUS_INSUFFICIENT_RESOURCES | There are insufficient resources to complete the request. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform the operation. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters is incorrect. For instance, this can happen if |
// | | InformationClass is out of range or if PolicyInformation is NULL. |
// +------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +------------------------------------------+----------------------------------------------------------------------------------+
QueryInformationPolicy2(context.Context, *QueryInformationPolicy2Request) (*QueryInformationPolicy2Response, error)
// The LsarSetInformationPolicy2 method is invoked to set a policy on the server.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the parameters is incorrect. For instance, this can happen if |
// | | InformationClass is not supported or some of the supplied policy data is |
// | | invalid. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000002 STATUS_NOT_IMPLEMENTED | This information class cannot be set. |
// +-------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+----------------------------------------------------------------------------------+
SetInformationPolicy2(context.Context, *SetInformationPolicy2Request) (*SetInformationPolicy2Response, error)
// The LsarQueryTrustedDomainInfoByName method is invoked to retrieve information about
// a trusted domain object by its string name.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+-----------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+-----------------------------------------------------------------------+
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied parameters was invalid. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | The trusted domain object with the specified name could not be found. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+-----------------------------------------------------------------------+
QueryTrustedDomainInfoByName(context.Context, *QueryTrustedDomainInfoByNameRequest) (*QueryTrustedDomainInfoByNameResponse, error)
// The LsarSetTrustedDomainInfoByName method is invoked to set information about a trusted
// domain object by its string name.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+-----------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+-----------------------------------------------------------------------+
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments is invalid. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | The trusted domain object with the specified name could not be found. |
// +-----------------------------------------+-----------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+-----------------------------------------------------------------------+
SetTrustedDomainInfoByName(context.Context, *SetTrustedDomainInfoByNameRequest) (*SetTrustedDomainInfoByNameResponse, error)
// The LsarEnumerateTrustedDomainsEx method is invoked to enumerate trusted domain objects
// in the server's database. The method is designed to be invoked multiple times to
// retrieve the data in fragments.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------+---------------------------------------------------------------------+
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x8000001A STATUS_NO_MORE_ENTRIES | No more information is available. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0x00000105 STATUS_MORE_ENTRIES | More information is available by calling this method again. |
// +-----------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------+---------------------------------------------------------------------+
EnumerateTrustedDomainsEx(context.Context, *EnumerateTrustedDomainsExRequest) (*EnumerateTrustedDomainsExResponse, error)
// The LsarCreateTrustedDomainEx method is invoked to create a new trusted domain object
// (TDO).
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments is invalid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000300 STATUS_NOT_SUPPORTED_ON_SBS | The operation is not supported on a particular product.<100> |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DD STATUS_INVALID_DOMAIN_STATE | The operation cannot complete in the current state of the domain. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000078 STATUS_INVALID_SID | The security identifier of the trusted domain is not valid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002E9 STATUS_CURRENT_DOMAIN_NOT_ALLOWED | Trust cannot be established with the current domain. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000035 STATUS_OBJECT_NAME_COLLISION | Another TDO already exists that matches some of the identifying information of |
// | | the supplied information. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000401 STATUS_PER_USER_TRUST_QUOTA_EXCEEDED | The caller's quota for the maximum number of TDOs that can be created by control |
// | | access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000402 STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED | The combined users' quota for the maximum number of TDOs that can be created by |
// | | control access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
CreateTrustedDomainEx(context.Context, *CreateTrustedDomainExRequest) (*CreateTrustedDomainExResponse, error)
// The LsarQueryDomainInformationPolicy method is invoked to retrieve policy settings
// in addition to those exposed through LsarQueryInformationPolicy and LsarSetInformationPolicy2.
// Despite the term "Domain" in the name of the method, processing of this message occurs
// with local data, and furthermore, there is no requirement that this data have any
// relationship with the LSA information in the domain to which the machine is joined.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments was invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | No value has been set for this policy. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
QueryDomainInformationPolicy(context.Context, *QueryDomainInformationPolicyRequest) (*QueryDomainInformationPolicyResponse, error)
// The LsarSetDomainInformationPolicy method is invoked to change policy settings in
// addition to those exposed through LsarQueryInformationPolicy and LsarSetInformationPolicy2.
// Despite the term "Domain" in the name of the method, processing of this message occurs
// with local data. Also, there is no requirement that this data have any relationship
// with the LSA information in the domain in which the machine is joined.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the following message processing.
//
// +-------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------+---------------------------------------------------------------------+
// +-------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments was invalid. |
// +-------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------+---------------------------------------------------------------------+
SetDomainInformationPolicy(context.Context, *SetDomainInformationPolicyRequest) (*SetDomainInformationPolicyResponse, error)
// The LsarOpenTrustedDomainByName method is invoked to open a trusted domain object
// handle by supplying the name of the trusted domain.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-----------------------------------------+---------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-----------------------------------------+---------------------------------------------------------------------+
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments was invalid. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000034 STATUS_OBJECT_NAME_NOT_FOUND | A trusted domain object by this name was not found. |
// +-----------------------------------------+---------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-----------------------------------------+---------------------------------------------------------------------+
OpenTrustedDomainByName(context.Context, *OpenTrustedDomainByNameRequest) (*OpenTrustedDomainByNameResponse, error)
// The LsarCreateTrustedDomainEx2 method is invoked to create a new trusted domain object
// (TDO).<96>
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments is invalid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000300 STATUS_NOT_SUPPORTED_ON_SBS | The operation is not supported on a particular product.<97> |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DD STATUS_INVALID_DOMAIN_STATE | The operation cannot complete in the current state of the domain. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002B1 STATUS_DIRECTORY_SERVICE_REQUIRED | The Active Directory service was not available on the server. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000078 STATUS_INVALID_SID | The security identifier of the trusted domain is not valid. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00002E9 STATUS_CURRENT_DOMAIN_NOT_ALLOWED | Trust cannot be established with the current domain. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000035 STATUS_OBJECT_NAME_COLLISION | Another TDO already exists that matches some of the identifying information of |
// | | the supplied information. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000401 STATUS_PER_USER_TRUST_QUOTA_EXCEEDED | The caller's quota for maximum number of TDOs that can be created by control |
// | | access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000402 STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED | The combined users' quota for maximum number of TDOs that can be created by |
// | | control access right Create-Inbound-Trust is exceeded. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
CreateTrustedDomainEx2(context.Context, *CreateTrustedDomainEx2Request) (*CreateTrustedDomainEx2Response, error)
// The LsarQueryForestTrustInformation method is invoked to retrieve information about
// a trust relationship with another forest.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------+-------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------+-------------------------------------------------------------------------+
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | One of the supplied arguments was invalid. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC00000DD STATUS_INVALID_DOMAIN_STATE | The domain is in the wrong state of this operation. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The TrustedDomainName is not a recognized domain name. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------+-------------------------------------------------------------------------+
// | 0xC0000225 STATUS_NOT_FOUND | Forest trust information does not exist for this trusted domain object. |
// +----------------------------------------+-------------------------------------------------------------------------+
QueryForestTrustInformation(context.Context, *QueryForestTrustInformationRequest) (*QueryForestTrustInformationResponse, error)
// The LsarSetForestTrustInformation method is invoked to establish a trust relationship
// with another forest by attaching a set of records called the forest trust information
// to the trusted domain object.
//
// Return Values: The following is a summary of the return values that an implementation
// MUST return, as specified by the message processing that follows.
//
// +----------------------------------------+----------------------------------------------------------------------------------+
// | RETURN | |
// | VALUE/CODE | DESCRIPTION |
// | | |
// +----------------------------------------+----------------------------------------------------------------------------------+
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0x00000000 STATUS_SUCCESS | The request was successfully completed. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000022 STATUS_ACCESS_DENIED | The caller does not have the permissions to perform this operation. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DD STATUS_INVALID_DOMAIN_STATE | The domain is not the root domain of the forest, or the forest is not at |
// | | DS_BEHAVIOR_WIN2003 forest functional level. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DE STATUS_INVALID_DOMAIN_ROLE | The server is not the primary domain controller. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC00000DF STATUS_NO_SUCH_DOMAIN | The trusted domain object with the name in the TrustedDomainName parameter does |
// | | not exist. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC0000008 STATUS_INVALID_HANDLE | PolicyHandle is not a valid handle. |
// +----------------------------------------+----------------------------------------------------------------------------------+
// | 0xC000000D STATUS_INVALID_PARAMETER | Some of the parameters supplied were invalid. |
// +----------------------------------------+----------------------------------------------------------------------------------+
SetForestTrustInformation(context.Context, *SetForestTrustInformationRequest) (*SetForestTrustInformationResponse, error)
}
lsarpc server interface.
type ObjectAttributes ¶
type ObjectAttributes struct {
// Length: The length of the structure, in bytes. This field is not used and MUST be
// ignored.
Length uint32 `idl:"name:Length" json:"length"`
// RootDirectory: This field is not used and MUST be NULL.
RootDirectory []byte `idl:"name:RootDirectory" json:"root_directory"`
// ObjectName: A pointer to a STRING structure that contains the object name. This
// field MUST be ignored. The content is unspecified and no requirements are placed
// on its value because it is never used.
ObjectName *String `idl:"name:ObjectName" json:"object_name"`
// Attributes: This field MUST be ignored. The content is unspecified and no requirements
// are placed on its value because it is never used.
Attributes uint32 `idl:"name:Attributes" json:"attributes"`
// SecurityDescriptor: This field contains the security attributes of the object. This
// field MUST be ignored. The content is unspecified and no requirements are placed
// on its value because it is never used.
SecurityDescriptor *SecurityDescriptor `idl:"name:SecurityDescriptor" json:"security_descriptor"`
// SecurityQualityOfService: This field MUST be ignored. The content is unspecified
// and no requirements are placed on its value because it is never used.
SecurityQualityOfService *SecurityQualityOfService `idl:"name:SecurityQualityOfService" json:"security_quality_of_service"`
}
ObjectAttributes structure represents LSAPR_OBJECT_ATTRIBUTES RPC structure.
The LSAPR_OBJECT_ATTRIBUTES structure specifies an object and its properties. This structure MUST be ignored except for the RootDirectory field, which MUST be NULL.<17>
func (*ObjectAttributes) MarshalNDR ¶
func (*ObjectAttributes) UnmarshalNDR ¶
type OpenAccountRequest ¶
type OpenAccountRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// AccountSid: A SID of the account to be opened.
AccountSID *dtyp.SID `idl:"name:AccountSid" json:"account_sid"`
// DesiredAccess: A bitmask specifying accesses to be granted to the opened account
// at this time.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
OpenAccountRequest structure represents the LsarOpenAccount operation request
func (*OpenAccountRequest) MarshalNDR ¶
func (*OpenAccountRequest) UnmarshalNDR ¶
type OpenAccountResponse ¶
type OpenAccountResponse struct {
// AccountHandle: Used to return a handle to the opened account object.
Account *Handle `idl:"name:AccountHandle" json:"account"`
// Return: The LsarOpenAccount return value.
Return int32 `idl:"name:Return" json:"return"`
}
OpenAccountResponse structure represents the LsarOpenAccount operation response
func (*OpenAccountResponse) MarshalNDR ¶
func (*OpenAccountResponse) UnmarshalNDR ¶
type OpenPolicy2Request ¶
type OpenPolicy2Request struct {
// SystemName: This parameter does not have any effect on message processing in any
// environment. It MUST be ignored on receipt.
SystemName string `idl:"name:SystemName;string;pointer:unique" json:"system_name"`
// ObjectAttributes: This parameter does not have any effect on message processing in
// any environment. All fields MUST<59> be ignored except RootDirectory which MUST be
// NULL.
ObjectAttributes *ObjectAttributes `idl:"name:ObjectAttributes" json:"object_attributes"`
// DesiredAccess: An ACCESS_MASK value that specifies the requested access rights that
// MUST be granted on the returned PolicyHandle if the request is successful.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
OpenPolicy2Request structure represents the LsarOpenPolicy2 operation request
func (*OpenPolicy2Request) MarshalNDR ¶
func (*OpenPolicy2Request) UnmarshalNDR ¶
type OpenPolicy2Response ¶
type OpenPolicy2Response struct {
// PolicyHandle: An RPC context handle (as specified in section 2.2.2.1) that represents
// a reference to the abstract data model of a policy object, as specified in section
// 3.1.1.1.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// Return: The LsarOpenPolicy2 return value.
Return int32 `idl:"name:Return" json:"return"`
}
OpenPolicy2Response structure represents the LsarOpenPolicy2 operation response
func (*OpenPolicy2Response) MarshalNDR ¶
func (*OpenPolicy2Response) UnmarshalNDR ¶
type OpenPolicyRequest ¶
type OpenPolicyRequest struct {
// SystemName: This parameter does not have any effect on message processing in any
// environment. It MUST be ignored on receipt.
SystemName string `idl:"name:SystemName;pointer:unique" json:"system_name"`
// ObjectAttributes: This parameter does not have any effect on message processing in
// any environment. All fields MUST<60> be ignored except RootDirectory, which MUST
// be NULL.
ObjectAttributes *ObjectAttributes `idl:"name:ObjectAttributes" json:"object_attributes"`
// DesiredAccess: An ACCESS_MASK value that specifies the requested access rights that
// MUST be granted on the returned PolicyHandle, if the request is successful.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
OpenPolicyRequest structure represents the LsarOpenPolicy operation request
func (*OpenPolicyRequest) MarshalNDR ¶
func (*OpenPolicyRequest) UnmarshalNDR ¶
type OpenPolicyResponse ¶
type OpenPolicyResponse struct {
// PolicyHandle: An RPC context handle (as specified in section 2.2.2.1) that represents
// a reference to the abstract data model of a policy object, as specified in section
// 3.1.1.1.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// Return: The LsarOpenPolicy return value.
Return int32 `idl:"name:Return" json:"return"`
}
OpenPolicyResponse structure represents the LsarOpenPolicy operation response
func (*OpenPolicyResponse) MarshalNDR ¶
func (*OpenPolicyResponse) UnmarshalNDR ¶
type OpenSecretRequest ¶
type OpenSecretRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// SecretName: The name of the secret object to open.
SecretName *dtyp.UnicodeString `idl:"name:SecretName" json:"secret_name"`
// DesiredAccess: The requested type of access.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
OpenSecretRequest structure represents the LsarOpenSecret operation request
func (*OpenSecretRequest) MarshalNDR ¶
func (*OpenSecretRequest) UnmarshalNDR ¶
type OpenSecretResponse ¶
type OpenSecretResponse struct {
// SecretHandle: Used to return the handle to the opened secret object.
Secret *Handle `idl:"name:SecretHandle" json:"secret"`
// Return: The LsarOpenSecret return value.
Return int32 `idl:"name:Return" json:"return"`
}
OpenSecretResponse structure represents the LsarOpenSecret operation response
func (*OpenSecretResponse) MarshalNDR ¶
func (*OpenSecretResponse) UnmarshalNDR ¶
type OpenTrustedDomainByNameRequest ¶
type OpenTrustedDomainByNameRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainName: The name of the trusted domain object.
TrustedDomainName *dtyp.UnicodeString `idl:"name:TrustedDomainName" json:"trusted_domain_name"`
// DesiredAccess: The type of access requested by the caller.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
OpenTrustedDomainByNameRequest structure represents the LsarOpenTrustedDomainByName operation request
func (*OpenTrustedDomainByNameRequest) MarshalNDR ¶
func (*OpenTrustedDomainByNameRequest) UnmarshalNDR ¶
type OpenTrustedDomainByNameResponse ¶
type OpenTrustedDomainByNameResponse struct {
// TrustedDomainHandle: Used to return the opened trusted domain handle.
TrustedDomain *Handle `idl:"name:TrustedDomainHandle" json:"trusted_domain"`
// Return: The LsarOpenTrustedDomainByName return value.
Return int32 `idl:"name:Return" json:"return"`
}
OpenTrustedDomainByNameResponse structure represents the LsarOpenTrustedDomainByName operation response
func (*OpenTrustedDomainByNameResponse) MarshalNDR ¶
func (*OpenTrustedDomainByNameResponse) UnmarshalNDR ¶
type OpenTrustedDomainRequest ¶
type OpenTrustedDomainRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainSid: A security identifier of the trusted domain that is being opened.
TrustedDomainSID *dtyp.SID `idl:"name:TrustedDomainSid" json:"trusted_domain_sid"`
// DesiredAccess: A bitmask of access rights to open the object with.
DesiredAccess uint32 `idl:"name:DesiredAccess" json:"desired_access"`
}
OpenTrustedDomainRequest structure represents the LsarOpenTrustedDomain operation request
func (*OpenTrustedDomainRequest) MarshalNDR ¶
func (*OpenTrustedDomainRequest) UnmarshalNDR ¶
type OpenTrustedDomainResponse ¶
type OpenTrustedDomainResponse struct {
// TrustedDomainHandle: Used to return the trusted domain object handle.
TrustedDomain *Handle `idl:"name:TrustedDomainHandle" json:"trusted_domain"`
// Return: The LsarOpenTrustedDomain return value.
Return int32 `idl:"name:Return" json:"return"`
}
OpenTrustedDomainResponse structure represents the LsarOpenTrustedDomain operation response
func (*OpenTrustedDomainResponse) MarshalNDR ¶
func (*OpenTrustedDomainResponse) UnmarshalNDR ¶
type PolicyAccountDomInfo ¶
type PolicyAccountDomInfo struct {
// DomainName: This field contains a name for the account domain that is subjected
// to the restrictions of a NetBIOS name, as specified in [RFC1088]. This value SHOULD
// be used (by implementations external to this protocol) to identify the domain via
// the NetBIOS API, as specified in [RFC1088].
DomainName *dtyp.UnicodeString `idl:"name:DomainName" json:"domain_name"`
// DomainSid: The SID of the account domain. This field MUST NOT be NULL.
DomainSID *dtyp.SID `idl:"name:DomainSid" json:"domain_sid"`
}
PolicyAccountDomInfo structure represents LSAPR_POLICY_ACCOUNT_DOM_INFO RPC structure.
The LSAPR_POLICY_ACCOUNT_DOM_INFO structure contains information about the server's account domain. The following structure corresponds to the PolicyAccountDomainInformation and PolicyLocalAccountDomainInformation information classes.
func (*PolicyAccountDomInfo) MarshalNDR ¶
func (*PolicyAccountDomInfo) UnmarshalNDR ¶
type PolicyAuditEventType ¶
type PolicyAuditEventType uint16
PolicyAuditEventType type represents POLICY_AUDIT_EVENT_TYPE RPC enumeration.
var ( // AuditCategorySystem: Manages auditing of system-related events PolicyAuditEventTypeAuditCategorySystem PolicyAuditEventType = 0 // AuditCategoryLogon: Manages auditing of account logon events PolicyAuditEventTypeAuditCategoryLogon PolicyAuditEventType = 1 // AuditCategoryObjectAccess: Manages auditing of object access events PolicyAuditEventTypeAuditCategoryObjectAccess PolicyAuditEventType = 2 // AuditCategoryPrivilegeUse: Manages auditing of privilege use events PolicyAuditEventTypeAuditCategoryPrivilegeUse PolicyAuditEventType = 3 // AuditCategoryDetailedTracking: Manages detailed auditing PolicyAuditEventTypeAuditCategoryDetailedTracking PolicyAuditEventType = 4 // AuditCategoryPolicyChange: Manages auditing of policy change events PolicyAuditEventTypeAuditCategoryPolicyChange PolicyAuditEventType = 5 // AuditCategoryAccountManagement: Manages auditing of account management events PolicyAuditEventTypeAuditCategoryAccountManagement PolicyAuditEventType = 6 // AuditCategoryDirectoryServiceAccess: Manages auditing of Active Directory access // events PolicyAuditEventTypeAuditCategoryDirectoryServiceAccess PolicyAuditEventType = 7 // AuditCategoryAccountLogon: Manages auditing of account logon events // // The values in this enumeration are used as indices into the EventAuditingOptions // field of the LSAPR_POLICY_AUDIT_EVENTS_INFO structure (see section 2.2.4.4). PolicyAuditEventTypeAuditCategoryAccountLogon PolicyAuditEventType = 8 )
func (PolicyAuditEventType) String ¶
func (o PolicyAuditEventType) String() string
type PolicyAuditEventsInfo ¶
type PolicyAuditEventsInfo struct {
// AuditingMode: 0 indicates that auditing is disabled. All other values indicate that
// auditing is enabled.
AuditingMode uint8 `idl:"name:AuditingMode" json:"auditing_mode"`
// EventAuditingOptions: An array of values specifying the auditing options for a particular
// audit type. The auditing type of an element is represented by its index in the array,
// which is identified by the POLICY_AUDIT_EVENT_TYPE enumeration (see section 2.2.4.20).
// Each element MUST contain one or more of the values in the table below.
//
// If the MaximumAuditEventCount field has a value other than 0, this field MUST NOT
// be NULL.
//
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | | |
// | VALUE | MEANING |
// | | |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | POLICY_AUDIT_EVENT_UNCHANGED 0x00000000 | Leave existing auditing options unchanged for events of this type; used only for |
// | | set operations. This value cannot be combined with values in this table. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | POLICY_AUDIT_EVENT_NONE 0x00000004 | Upon updates, this value causes the existing auditing options for events of |
// | | this type to be deleted and replaced with any other new values specified. If |
// | | specified by itself, this value cancels all auditing options for events of this |
// | | type. This value is used only for set operations. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | POLICY_AUDIT_EVENT_SUCCESS 0x00000001 | When auditing is enabled, audit all successful occurrences of events of the |
// | | given type. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
// | POLICY_AUDIT_EVENT_FAILURE 0x00000002 | When auditing is enabled, audit all unsuccessful occurrences of events of the |
// | | given type. |
// +-----------------------------------------+----------------------------------------------------------------------------------+
EventAuditingOptions []uint32 `idl:"name:EventAuditingOptions;size_is:(MaximumAuditEventCount)" json:"event_auditing_options"`
// MaximumAuditEventCount: The number of entries in the EventAuditingOptions array.<21>
MaximumAuditEventCount uint32 `idl:"name:MaximumAuditEventCount" json:"maximum_audit_event_count"`
}
PolicyAuditEventsInfo structure represents LSAPR_POLICY_AUDIT_EVENTS_INFO RPC structure.
The LSAPR_POLICY_AUDIT_EVENTS_INFO structure contains auditing options on the server.
func (*PolicyAuditEventsInfo) MarshalNDR ¶
func (*PolicyAuditEventsInfo) UnmarshalNDR ¶
type PolicyAuditFullQueryInfo ¶
type PolicyAuditFullQueryInfo struct {
// ShutDownOnFull: This field indicates whether the system MUST shut down when the
// event log is full.
ShutDownOnFull uint8 `idl:"name:ShutDownOnFull" json:"shut_down_on_full"`
// LogIsFull: This field indicates whether the event log is full or not.
LogIsFull uint8 `idl:"name:LogIsFull" json:"log_is_full"`
}
PolicyAuditFullQueryInfo structure represents POLICY_AUDIT_FULL_QUERY_INFO RPC structure.
The POLICY_AUDIT_FULL_QUERY_INFO structure is used to query information about the state of the audit log on the server. The following structure corresponds to the PolicyAuditFullQueryInformation information class.
This information class is obsolete and exists for backward compatibility purposes only.
func (*PolicyAuditFullQueryInfo) MarshalNDR ¶
func (*PolicyAuditFullQueryInfo) UnmarshalNDR ¶
type PolicyAuditFullSetInfo ¶
type PolicyAuditFullSetInfo struct {
// ShutDownOnFull: A nonzero value means that the system MUST shut down when the event
// log is full, while zero means that the system MUST NOT shut down when the event log
// is full.
ShutDownOnFull uint8 `idl:"name:ShutDownOnFull" json:"shut_down_on_full"`
}
PolicyAuditFullSetInfo structure represents POLICY_AUDIT_FULL_SET_INFO RPC structure.
The POLICY_AUDIT_FULL_SET_INFO structure contains information to set on the server that is controlling audit log behavior. The following structure corresponds to the PolicyAuditFullSetInformation information class. This information class is not supported.
func (*PolicyAuditFullSetInfo) MarshalNDR ¶
func (*PolicyAuditFullSetInfo) UnmarshalNDR ¶
type PolicyAuditLogInfo ¶
type PolicyAuditLogInfo struct {
// AuditLogPercentFull: A measure of how full the audit log is, as a percentage.
AuditLogPercentFull uint32 `idl:"name:AuditLogPercentFull" json:"audit_log_percent_full"`
// MaximumLogSize: The maximum size of the auditing log, in kilobytes (KB).
MaximumLogSize uint32 `idl:"name:MaximumLogSize" json:"maximum_log_size"`
// AuditRetentionPeriod: The auditing log retention period (64-bit signed integer),
// a 64-bit value that represents the number of 100-nanosecond intervals since January
// 1, 1601, UTC. An audit record can be discarded if its time stamp predates the current
// time minus the retention period.
AuditRetentionPeriod *dtyp.LargeInteger `idl:"name:AuditRetentionPeriod" json:"audit_retention_period"`
// AuditLogFullShutdownInProgress: A Boolean flag; indicates whether or not a system
// shutdown is being initiated due to the security audit log becoming full. This condition
// occurs only if the system is configured to shut down when the log becomes full.
//
// After a shutdown has been initiated, this flag MUST be set to TRUE (nonzero). If
// an administrator can correct the situation before the shutdown becomes irreversible,
// this flag MUST be reset to FALSE (0).
AuditLogFullShutdownInProgress uint8 `idl:"name:AuditLogFullShutdownInProgress" json:"audit_log_full_shutdown_in_progress"`
// TimeToShutdown: A 64-bit value that represents the number of 100-nanosecond intervals
// since January 1, 1601, UTC. If the AuditLogFullShutdownInProgress flag is set, this
// field MUST contain the time left before the shutdown becomes irreversible.
TimeToShutdown *dtyp.LargeInteger `idl:"name:TimeToShutdown" json:"time_to_shutdown"`
// NextAuditRecordId: Not in use. This field SHOULD be set to zero when sent, and MUST
// be ignored on receipt.
NextAuditRecordID uint32 `idl:"name:NextAuditRecordId" json:"next_audit_record_id"`
}
PolicyAuditLogInfo structure represents POLICY_AUDIT_LOG_INFO RPC structure.
The POLICY_AUDIT_LOG_INFO structure contains information about the state of the audit log. The following structure corresponds to the PolicyAuditLogInformation information class.
func (*PolicyAuditLogInfo) MarshalNDR ¶
func (*PolicyAuditLogInfo) UnmarshalNDR ¶
type PolicyDNSDomainInfo ¶
type PolicyDNSDomainInfo struct {
// Name: This field contains a name for the domain that is subject to the restrictions
// of a NetBIOS name, as specified in [RFC1088]. This value SHOULD be used (by implementations
// external to this protocol) to identify the domain via the NetBIOS API, as specified
// in [RFC1088].
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
// DnsDomainName: The fully qualified DNS name of the domain.
DNSDomainName *dtyp.UnicodeString `idl:"name:DnsDomainName" json:"dns_domain_name"`
// DnsForestName: The fully qualified DNS name of the forest containing this domain.
DNSForestName *dtyp.UnicodeString `idl:"name:DnsForestName" json:"dns_forest_name"`
// DomainGuid: The globally unique identifier (GUID), as specified in [MS-DTYP] section
// 2.3.4.1, of the domain.
DomainGUID *dtyp.GUID `idl:"name:DomainGuid" json:"domain_guid"`
// Sid: The SID of the domain.
SID *dtyp.SID `idl:"name:Sid" json:"sid"`
}
PolicyDNSDomainInfo structure represents LSAPR_POLICY_DNS_DOMAIN_INFO RPC structure.
The LSAPR_POLICY_DNS_DOMAIN_INFO structure is used to allow callers to query and set the server's primary domain.<22>
The following structure corresponds to the PolicyDnsDomainInformation and PolicyDnsDomainInformationInt information classes.
func (*PolicyDNSDomainInfo) MarshalNDR ¶
func (*PolicyDNSDomainInfo) UnmarshalNDR ¶
type PolicyDomainEFSInfo ¶
type PolicyDomainEFSInfo struct {
// InfoLength: The count of bytes in the EfsBlob.
InfoLength uint32 `idl:"name:InfoLength" json:"info_length"`
// EfsBlob: An array of bytes, of size InfoLength bytes. If the value of InfoLength
// is other than 0, this field MUST NOT be NULL. The syntax of this blob SHOULD<24>
// conform to the layout specified in [MS-GPEF] section 2.2.1.2.1.
EFSBlob []byte `idl:"name:EfsBlob;size_is:(InfoLength)" json:"efs_blob"`
}
PolicyDomainEFSInfo structure represents LSAPR_POLICY_DOMAIN_EFS_INFO RPC structure.
The LSAPR_POLICY_DOMAIN_EFS_INFO structure communicates a counted binary byte array.
func (*PolicyDomainEFSInfo) MarshalNDR ¶
func (*PolicyDomainEFSInfo) UnmarshalNDR ¶
type PolicyDomainInformation ¶
type PolicyDomainInformation struct {
// Types that are assignable to Value
//
// *PolicyDomainInformation_PolicyDomainQualityOfServiceInfo
// *PolicyDomainInformation_PolicyDomainEFSInfo
// *PolicyDomainInformation_PolicyDomainKerberosTicketInfo
Value is_PolicyDomainInformation `json:"value"`
}
PolicyDomainInformation structure represents LSAPR_POLICY_DOMAIN_INFORMATION RPC union.
func (*PolicyDomainInformation) GetValue ¶
func (o *PolicyDomainInformation) GetValue() any
func (*PolicyDomainInformation) MarshalUnionNDR ¶
func (*PolicyDomainInformation) NDRSwitchValue ¶
func (o *PolicyDomainInformation) NDRSwitchValue(sw uint16) uint16
func (*PolicyDomainInformation) UnmarshalUnionNDR ¶
type PolicyDomainInformationClass ¶
type PolicyDomainInformationClass uint16
PolicyDomainInformationClass type represents POLICY_DOMAIN_INFORMATION_CLASS RPC enumeration.
The POLICY_DOMAIN_INFORMATION_CLASS enumeration type contains values that specify the type of policy being queried or set by the client.
The values in this enumeration are used in defining the contents of the LSAPR_POLICY_DOMAIN_INFORMATION union.
var ( PolicyDomainInformationClassQualityOfServiceInformation PolicyDomainInformationClass = 1 PolicyDomainInformationClassEFSInformation PolicyDomainInformationClass = 2 PolicyDomainInformationClassKerberosTicketInformation PolicyDomainInformationClass = 3 )
func (PolicyDomainInformationClass) String ¶
func (o PolicyDomainInformationClass) String() string
type PolicyDomainInformation_PolicyDomainEFSInfo ¶
type PolicyDomainInformation_PolicyDomainEFSInfo struct {
PolicyDomainEFSInfo *PolicyDomainEFSInfo `idl:"name:PolicyDomainEfsInfo" json:"policy_domain_efs_info"`
}
PolicyDomainInformation_PolicyDomainEFSInfo structure represents LSAPR_POLICY_DOMAIN_INFORMATION RPC union arm.
It has following labels: 2
func (*PolicyDomainInformation_PolicyDomainEFSInfo) MarshalNDR ¶
func (*PolicyDomainInformation_PolicyDomainEFSInfo) UnmarshalNDR ¶
type PolicyDomainInformation_PolicyDomainKerberosTicketInfo ¶
type PolicyDomainInformation_PolicyDomainKerberosTicketInfo struct {
PolicyDomainKerberosTicketInfo *PolicyDomainKerberosTicketInfo `idl:"name:PolicyDomainKerbTicketInfo" json:"policy_domain_kerberos_ticket_info"`
}
PolicyDomainInformation_PolicyDomainKerberosTicketInfo structure represents LSAPR_POLICY_DOMAIN_INFORMATION RPC union arm.
It has following labels: 3
func (*PolicyDomainInformation_PolicyDomainKerberosTicketInfo) MarshalNDR ¶
func (*PolicyDomainInformation_PolicyDomainKerberosTicketInfo) UnmarshalNDR ¶
type PolicyDomainInformation_PolicyDomainQualityOfServiceInfo ¶
type PolicyDomainInformation_PolicyDomainQualityOfServiceInfo struct {
PolicyDomainQualityOfServiceInfo *PolicyDomainQualityOfServiceInfo `idl:"name:PolicyDomainQualityOfServiceInfo" json:"policy_domain_quality_of_service_info"`
}
PolicyDomainInformation_PolicyDomainQualityOfServiceInfo structure represents LSAPR_POLICY_DOMAIN_INFORMATION RPC union arm.
It has following labels: 1
func (*PolicyDomainInformation_PolicyDomainQualityOfServiceInfo) MarshalNDR ¶
func (*PolicyDomainInformation_PolicyDomainQualityOfServiceInfo) UnmarshalNDR ¶
type PolicyDomainKerberosTicketInfo ¶
type PolicyDomainKerberosTicketInfo struct {
// AuthenticationOptions: Optional flags that affect validations performed during authentication.
//
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-----+---+---+---+---+---+---+---+
// | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 1 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 2 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 3 | 1 |
// | | | | | | | | | | | 0 | | | | | | | | | | 0 | | | | | | | | | | 0 | |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-----+---+---+---+---+---+---+---+
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-----+---+---+---+---+---+---+---+
// | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | V C | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-----+---+---+---+---+---+---+---+
//
// Where the bits are defined as:
//
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | | |
// | VALUE | DESCRIPTION |
// | | |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------------------+----------------------------------------------------------------------------------+
// | VC POLICY_KERBEROS_VALIDATE_CLIENT (0x00000080) | This is the only flag that is currently defined. When this bit is set, the |
// | | AuthenticationOptions flag of the Key Distribution Center (KDC) configuration |
// | | setting will be set to POLICY_KERBEROS_VALIDATE_CLIENT (as described in |
// | | [MS-KILE] section 3.3.1). All other bits SHOULD be set to 0 and ignored upon |
// | | receipt. |
// +-------------------------------------------------+----------------------------------------------------------------------------------+
AuthenticationOptions uint32 `idl:"name:AuthenticationOptions" json:"authentication_options"`
// MaxServiceTicketAge: This is in units of 10^(-7) seconds. It corresponds to Maximum
// ticket lifetime (as specified in [RFC4120] section 8.2) for service tickets only.
// The default value of this setting is 10 hours.
MaxServiceTicketAge *dtyp.LargeInteger `idl:"name:MaxServiceTicketAge" json:"max_service_ticket_age"`
// MaxTicketAge: This is in units of 10^(-7) seconds. It corresponds to the Maximum
// ticket lifetime (as specified in [RFC4120] section 8.2) for ticket-granting ticket
// (TGT) only. The default value of this setting is 10 hours.
MaxTicketAge *dtyp.LargeInteger `idl:"name:MaxTicketAge" json:"max_ticket_age"`
// MaxRenewAge: This is in units of 10^(-7) seconds. It corresponds to the Maximum
// renewable lifetime, as specified in [RFC4120] section 8.2. The default value of this
// setting is one week.
MaxRenewAge *dtyp.LargeInteger `idl:"name:MaxRenewAge" json:"max_renew_age"`
// MaxClockSkew: This is in units of 10^(-7) seconds. It corresponds to the Acceptable
// clock skew, as specified in [RFC4120] section 8.2. The default value of this setting
// is five minutes.
MaxClockSkew *dtyp.LargeInteger `idl:"name:MaxClockSkew" json:"max_clock_skew"`
// contains filtered or unexported fields
}
PolicyDomainKerberosTicketInfo structure represents POLICY_DOMAIN_KERBEROS_TICKET_INFO RPC structure.
The POLICY_DOMAIN_KERBEROS_TICKET_INFO structure communicates policy information about the Kerberos security provider.
func (*PolicyDomainKerberosTicketInfo) MarshalNDR ¶
func (*PolicyDomainKerberosTicketInfo) UnmarshalNDR ¶
type PolicyDomainQualityOfServiceInfo ¶
type PolicyDomainQualityOfServiceInfo struct {
// QualityOfService: Quality of service of the responder. MUST be set to zero when
// sent and MUST be ignored on receipt.
QualityOfService uint32 `idl:"name:QualityOfService" json:"quality_of_service"`
}
PolicyDomainQualityOfServiceInfo structure represents POLICY_DOMAIN_QUALITY_OF_SERVICE_INFO RPC structure.
The POLICY_DOMAIN_QUALITY_OF_SERVICE_INFO structure is obsolete and exists for backward compatibility purposes only.
func (*PolicyDomainQualityOfServiceInfo) MarshalNDR ¶
func (*PolicyDomainQualityOfServiceInfo) UnmarshalNDR ¶
type PolicyInformation ¶
type PolicyInformation struct {
// Types that are assignable to Value
//
// *PolicyInformation_PolicyAuditLogInfo
// *PolicyInformation_PolicyAuditEventsInfo
// *PolicyInformation_PolicyPrimaryDomainInfo
// *PolicyInformation_PolicyAccountDomainInfo
// *PolicyInformation_PolicyPDAccountInfo
// *PolicyInformation_PolicyServerRoleInfo
// *PolicyInformation_PolicyReplicaSourceInfo
// *PolicyInformation_PolicyModificationInfo
// *PolicyInformation_PolicyAuditFullSetInfo
// *PolicyInformation_PolicyAuditFullQueryInfo
// *PolicyInformation_PolicyDNSDomainInfo
// *PolicyInformation_PolicyDNSDomainInfoInt
// *PolicyInformation_PolicyLocalAccountDomainInfo
// *PolicyInformation_PolicyMachineAccountInfo
Value is_PolicyInformation `json:"value"`
}
PolicyInformation structure represents LSAPR_POLICY_INFORMATION RPC union.
func (*PolicyInformation) GetValue ¶
func (o *PolicyInformation) GetValue() any
func (*PolicyInformation) MarshalUnionNDR ¶
func (*PolicyInformation) NDRSwitchValue ¶
func (o *PolicyInformation) NDRSwitchValue(sw uint16) uint16
func (*PolicyInformation) UnmarshalUnionNDR ¶
type PolicyInformationClass ¶
type PolicyInformationClass uint16
PolicyInformationClass type represents POLICY_INFORMATION_CLASS RPC enumeration.
The POLICY_INFORMATION_CLASS enumeration type contains values that specify the type of policy being queried or set by the client.
var ( // PolicyAuditLogInformation: Information about audit log. PolicyInformationClassAuditLogInformation PolicyInformationClass = 1 // PolicyAuditEventsInformation: Auditing options. PolicyInformationClassAuditEventsInformation PolicyInformationClass = 2 // PolicyPrimaryDomainInformation: Primary domain information. PolicyInformationClassPrimaryDomainInformation PolicyInformationClass = 3 // PolicyPdAccountInformation: Obsolete information class. PolicyInformationClassPDAccountInformation PolicyInformationClass = 4 // PolicyAccountDomainInformation: Account domain information. PolicyInformationClassAccountDomainInformation PolicyInformationClass = 5 // PolicyLsaServerRoleInformation: Server role information. PolicyInformationClassLSAServerRoleInformation PolicyInformationClass = 6 // PolicyReplicaSourceInformation: Replica source information. PolicyInformationClassReplicaSourceInformation PolicyInformationClass = 7 // PolicyInformationNotUsedOnWire: This enumeration value does not appear on the wire. PolicyInformationClassNotUsedOnWire PolicyInformationClass = 8 // PolicyModificationInformation: Obsolete information class. PolicyInformationClassModificationInformation PolicyInformationClass = 9 // PolicyAuditFullSetInformation: Obsolete information class. PolicyInformationClassAuditFullSetInformation PolicyInformationClass = 10 // PolicyAuditFullQueryInformation: Audit log state. PolicyInformationClassAuditFullQueryInformation PolicyInformationClass = 11 // PolicyDnsDomainInformation: DNS domain information. PolicyInformationClassDNSDomainInformation PolicyInformationClass = 12 // PolicyDnsDomainInformationInt: DNS domain information. PolicyInformationClassDNSDomainInformationInt PolicyInformationClass = 13 // PolicyLocalAccountDomainInformation: Local account domain information. PolicyInformationClassLocalAccountDomainInformation PolicyInformationClass = 14 // PolicyMachineAccountInformation: Machine account information. PolicyInformationClassMachineAccountInformation PolicyInformationClass = 15 // PolicyLastEntry: Not used in this protocol. Present to mark the end of the enumeration. // // The following citation contains a timeline of when each enumeration value was introduced.<20> // // The values in this enumeration are used to define the contents of the LSAPR_POLICY_INFORMATION // (section 2.2.4.2) union, where the structure associated with each enumeration value // is specified. The structure associated with each enumeration value defines the meaning // of that value to this protocol. PolicyInformationClassLastEntry PolicyInformationClass = 16 )
func (PolicyInformationClass) String ¶
func (o PolicyInformationClass) String() string
type PolicyInformation_PolicyAccountDomainInfo ¶
type PolicyInformation_PolicyAccountDomainInfo struct {
PolicyAccountDomainInfo *PolicyAccountDomInfo `idl:"name:PolicyAccountDomainInfo" json:"policy_account_domain_info"`
}
PolicyInformation_PolicyAccountDomainInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 5
func (*PolicyInformation_PolicyAccountDomainInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyAccountDomainInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyAuditEventsInfo ¶
type PolicyInformation_PolicyAuditEventsInfo struct {
PolicyAuditEventsInfo *PolicyAuditEventsInfo `idl:"name:PolicyAuditEventsInfo" json:"policy_audit_events_info"`
}
PolicyInformation_PolicyAuditEventsInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 2
func (*PolicyInformation_PolicyAuditEventsInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyAuditEventsInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyAuditFullQueryInfo ¶
type PolicyInformation_PolicyAuditFullQueryInfo struct {
PolicyAuditFullQueryInfo *PolicyAuditFullQueryInfo `idl:"name:PolicyAuditFullQueryInfo" json:"policy_audit_full_query_info"`
}
PolicyInformation_PolicyAuditFullQueryInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 11
func (*PolicyInformation_PolicyAuditFullQueryInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyAuditFullQueryInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyAuditFullSetInfo ¶
type PolicyInformation_PolicyAuditFullSetInfo struct {
PolicyAuditFullSetInfo *PolicyAuditFullSetInfo `idl:"name:PolicyAuditFullSetInfo" json:"policy_audit_full_set_info"`
}
PolicyInformation_PolicyAuditFullSetInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 10
func (*PolicyInformation_PolicyAuditFullSetInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyAuditFullSetInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyAuditLogInfo ¶
type PolicyInformation_PolicyAuditLogInfo struct {
PolicyAuditLogInfo *PolicyAuditLogInfo `idl:"name:PolicyAuditLogInfo" json:"policy_audit_log_info"`
}
PolicyInformation_PolicyAuditLogInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 1
func (*PolicyInformation_PolicyAuditLogInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyAuditLogInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyDNSDomainInfo ¶
type PolicyInformation_PolicyDNSDomainInfo struct {
PolicyDNSDomainInfo *PolicyDNSDomainInfo `idl:"name:PolicyDnsDomainInfo" json:"policy_dns_domain_info"`
}
PolicyInformation_PolicyDNSDomainInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 12
func (*PolicyInformation_PolicyDNSDomainInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyDNSDomainInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyDNSDomainInfoInt ¶
type PolicyInformation_PolicyDNSDomainInfoInt struct {
PolicyDNSDomainInfoInt *PolicyDNSDomainInfo `idl:"name:PolicyDnsDomainInfoInt" json:"policy_dns_domain_info_int"`
}
PolicyInformation_PolicyDNSDomainInfoInt structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 13
func (*PolicyInformation_PolicyDNSDomainInfoInt) MarshalNDR ¶
func (*PolicyInformation_PolicyDNSDomainInfoInt) UnmarshalNDR ¶
type PolicyInformation_PolicyLocalAccountDomainInfo ¶
type PolicyInformation_PolicyLocalAccountDomainInfo struct {
PolicyLocalAccountDomainInfo *PolicyAccountDomInfo `idl:"name:PolicyLocalAccountDomainInfo" json:"policy_local_account_domain_info"`
}
PolicyInformation_PolicyLocalAccountDomainInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 14
func (*PolicyInformation_PolicyLocalAccountDomainInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyLocalAccountDomainInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyMachineAccountInfo ¶
type PolicyInformation_PolicyMachineAccountInfo struct {
PolicyMachineAccountInfo *PolicyMachineAccountInfo `idl:"name:PolicyMachineAccountInfo" json:"policy_machine_account_info"`
}
PolicyInformation_PolicyMachineAccountInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 15
func (*PolicyInformation_PolicyMachineAccountInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyMachineAccountInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyModificationInfo ¶
type PolicyInformation_PolicyModificationInfo struct {
PolicyModificationInfo *PolicyModificationInfo `idl:"name:PolicyModificationInfo" json:"policy_modification_info"`
}
PolicyInformation_PolicyModificationInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 9
func (*PolicyInformation_PolicyModificationInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyModificationInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyPDAccountInfo ¶
type PolicyInformation_PolicyPDAccountInfo struct {
PolicyPDAccountInfo *PolicyPDAccountInfo `idl:"name:PolicyPdAccountInfo" json:"policy_pd_account_info"`
}
PolicyInformation_PolicyPDAccountInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 4
func (*PolicyInformation_PolicyPDAccountInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyPDAccountInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyPrimaryDomainInfo ¶
type PolicyInformation_PolicyPrimaryDomainInfo struct {
PolicyPrimaryDomainInfo *PolicyPrimaryDomInfo `idl:"name:PolicyPrimaryDomainInfo" json:"policy_primary_domain_info"`
}
PolicyInformation_PolicyPrimaryDomainInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 3
func (*PolicyInformation_PolicyPrimaryDomainInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyPrimaryDomainInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyReplicaSourceInfo ¶
type PolicyInformation_PolicyReplicaSourceInfo struct {
PolicyReplicaSourceInfo *PolicyReplicaSourceInfo `idl:"name:PolicyReplicaSourceInfo" json:"policy_replica_source_info"`
}
PolicyInformation_PolicyReplicaSourceInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 7
func (*PolicyInformation_PolicyReplicaSourceInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyReplicaSourceInfo) UnmarshalNDR ¶
type PolicyInformation_PolicyServerRoleInfo ¶
type PolicyInformation_PolicyServerRoleInfo struct {
PolicyServerRoleInfo *PolicyLSAServerRoleInfo `idl:"name:PolicyServerRoleInfo" json:"policy_server_role_info"`
}
PolicyInformation_PolicyServerRoleInfo structure represents LSAPR_POLICY_INFORMATION RPC union arm.
It has following labels: 6
func (*PolicyInformation_PolicyServerRoleInfo) MarshalNDR ¶
func (*PolicyInformation_PolicyServerRoleInfo) UnmarshalNDR ¶
type PolicyLSAServerRole ¶
type PolicyLSAServerRole uint16
PolicyLSAServerRole type represents POLICY_LSA_SERVER_ROLE RPC enumeration.
The POLICY_LSA_SERVER_ROLE enumeration takes one of two possible values, depending on which capacity the account domain database is in: primary or backup. Certain operations of the protocol are allowed only against a primary account database. On non–domain controller machines, the account domain database is in primary state. On domain controllers, if the machine is the primary domain controller (PDC) role owner, then the account domain database is in primary state; otherwise, it is in backup state.
var ( // PolicyServerRoleBackup: A backup account database. PolicyLSAServerRoleBackup PolicyLSAServerRole = 2 // PolicyServerRolePrimary: A primary account database. PolicyLSAServerRolePrimary PolicyLSAServerRole = 3 )
func (PolicyLSAServerRole) String ¶
func (o PolicyLSAServerRole) String() string
type PolicyLSAServerRoleInfo ¶
type PolicyLSAServerRoleInfo struct {
// LsaServerRole: One of the values of the POLICY_LSA_SERVER_ROLE enumeration on return.
LSAServerRole PolicyLSAServerRole `idl:"name:LsaServerRole" json:"lsa_server_role"`
}
PolicyLSAServerRoleInfo structure represents POLICY_LSA_SERVER_ROLE_INFO RPC structure.
The POLICY_LSA_SERVER_ROLE_INFO structure is used to allow callers to query and set whether the account domain database acts as the primary copy or backup copy. The following structure corresponds to the PolicyLsaServerRoleInformation information class.
func (*PolicyLSAServerRoleInfo) MarshalNDR ¶
func (*PolicyLSAServerRoleInfo) UnmarshalNDR ¶
type PolicyMachineAccountInfo ¶
type PolicyMachineAccountInfo struct {
RID uint32 `idl:"name:Rid" json:"rid"`
SID *dtyp.SID `idl:"name:Sid" json:"sid"`
}
PolicyMachineAccountInfo structure represents LSAPR_POLICY_MACHINE_ACCT_INFO RPC structure.
func (*PolicyMachineAccountInfo) MarshalNDR ¶
func (*PolicyMachineAccountInfo) UnmarshalNDR ¶
type PolicyModificationInfo ¶
type PolicyModificationInfo struct {
// ModifiedId: A 64-bit unsigned integer that is incremented each time anything in
// the Local Security Authority (LSA) database is modified.
ModifiedID *dtyp.LargeInteger `idl:"name:ModifiedId" json:"modified_id"`
// DatabaseCreationTime: The date and time when the LSA database was created. It is
// a 64-bit value that represents the number of 100-nanosecond intervals since January
// 1, 1601, UTC.
DatabaseCreationTime *dtyp.LargeInteger `idl:"name:DatabaseCreationTime" json:"database_creation_time"`
}
PolicyModificationInfo structure represents POLICY_MODIFICATION_INFO RPC structure.
The POLICY_MODIFICATION_INFO structure is obsolete and exists for backward compatibility purposes only. Callers of this protocol MUST NOT be able to set or retrieve this structure.
func (*PolicyModificationInfo) MarshalNDR ¶
func (*PolicyModificationInfo) UnmarshalNDR ¶
type PolicyPDAccountInfo ¶
type PolicyPDAccountInfo struct {
// Name: Represents the name of an account in the domain that is to be used for authentication
// and name/ID lookup requests.
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
}
PolicyPDAccountInfo structure represents LSAPR_POLICY_PD_ACCOUNT_INFO RPC structure.
The LSAPR_POLICY_PD_ACCOUNT_INFO structure is obsolete and exists for backward compatibility purposes only.
func (*PolicyPDAccountInfo) MarshalNDR ¶
func (*PolicyPDAccountInfo) UnmarshalNDR ¶
type PolicyPrimaryDomInfo ¶
type PolicyPrimaryDomInfo struct {
// Name: This field contains a name for the primary domain that is subject to the restrictions
// of a NetBIOS name, as specified in [RFC1088]. The value SHOULD be used (by implementations
// external to this protocol) to identify the domain via the NetBIOS API, as specified
// in [RFC1088].
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
// Sid: The SID of the primary domain.
SID *dtyp.SID `idl:"name:Sid" json:"sid"`
}
PolicyPrimaryDomInfo structure represents LSAPR_POLICY_PRIMARY_DOM_INFO RPC structure.
The LSAPR_POLICY_PRIMARY_DOM_INFO structure defines the server's primary domain.
The following structure corresponds to the PolicyPrimaryDomainInformation information class.
func (*PolicyPrimaryDomInfo) MarshalNDR ¶
func (*PolicyPrimaryDomInfo) UnmarshalNDR ¶
type PolicyPrivilegeDefinition ¶
type PolicyPrivilegeDefinition struct {
// Name: An RPC_UNICODE_STRING that contains the privilege name.
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
// LocalValue: This field contains the LUID value assigned locally for efficient representation
// of the privilege. This value is meaningful only on the system where it was assigned.
LocalValue *dtyp.LUID `idl:"name:LocalValue" json:"local_value"`
}
PolicyPrivilegeDefinition structure represents LSAPR_POLICY_PRIVILEGE_DEF RPC structure.
The LSAPR_POLICY_PRIVILEGE_DEF structure specifies a privilege definition, which consists of a pairing of a human-readable name with a locally unique identifier (LUID).
func (*PolicyPrivilegeDefinition) MarshalNDR ¶
func (*PolicyPrivilegeDefinition) UnmarshalNDR ¶
type PolicyReplicaSourceInfo ¶
type PolicyReplicaSourceInfo struct {
// ReplicaSource: A string.
SourceReplica *dtyp.UnicodeString `idl:"name:ReplicaSource" json:"source_replica"`
// ReplicaAccountName: A string.
AccountNameReplica *dtyp.UnicodeString `idl:"name:ReplicaAccountName" json:"account_name_replica"`
}
PolicyReplicaSourceInfo structure represents LSAPR_POLICY_REPLICA_SRCE_INFO RPC structure.
The LSAPR_POLICY_REPLICA_SRCE_INFO structure corresponds to the PolicyReplicaSourceInformation information class.
func (*PolicyReplicaSourceInfo) MarshalNDR ¶
func (*PolicyReplicaSourceInfo) UnmarshalNDR ¶
type PrivilegeEnumBuffer ¶
type PrivilegeEnumBuffer struct {
// Entries: This field contains the number of privileges in the structure.
Entries uint32 `idl:"name:Entries" json:"entries"`
// Privileges: This field contains a set of structures that define the privileges,
// as specified in section 2.2.8.1. If the Entries field has a value other than 0, this
// field MUST NOT be NULL.
Privileges []*PolicyPrivilegeDefinition `idl:"name:Privileges;size_is:(Entries)" json:"privileges"`
}
PrivilegeEnumBuffer structure represents LSAPR_PRIVILEGE_ENUM_BUFFER RPC structure.
The LSAPR_PRIVILEGE_ENUM_BUFFER structure specifies a collection of privilege definitions of type LSAPR_POLICY_PRIVILEGE_DEF.
func (*PrivilegeEnumBuffer) MarshalNDR ¶
func (*PrivilegeEnumBuffer) UnmarshalNDR ¶
type PrivilegeSet ¶
type PrivilegeSet struct {
// PrivilegeCount: This field contains the number of privileges.<26>
PrivilegeCount uint32 `idl:"name:PrivilegeCount" json:"privilege_count"`
// Control: This field contains bitmapped values that define the properties of the
// privilege set.
//
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 1 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 2 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 3 | 1 |
// | | | | | | | | | | | 0 | | | | | | | | | | 0 | | | | | | | | | | 0 | |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | O |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
//
// O: Valid for a set operation indicating that all specified privileges that are not
// already assigned are to be assigned.
Control uint32 `idl:"name:Control" json:"control"`
// Privilege: An array of LSAPR_LUID_AND_ATTRIBUTES structures. If the PrivilegeCount
// field has a value different than 0, this field MUST NOT be NULL.
Privilege []*LUIDAndAttributes `idl:"name:Privilege;size_is:(PrivilegeCount)" json:"privilege"`
}
PrivilegeSet structure represents LSAPR_PRIVILEGE_SET RPC structure.
The LSAPR_PRIVILEGE_SET structure defines a set of privileges that belong to an account.
func (*PrivilegeSet) MarshalNDR ¶
func (*PrivilegeSet) NDRSizeInfo ¶
func (o *PrivilegeSet) NDRSizeInfo() []uint64
func (*PrivilegeSet) UnmarshalNDR ¶
type QueryDomainInformationPolicyRequest ¶
type QueryDomainInformationPolicyRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// InformationClass: A parameter that specifies what type of information the caller
// is requesting.
InformationClass PolicyDomainInformationClass `idl:"name:InformationClass" json:"information_class"`
}
QueryDomainInformationPolicyRequest structure represents the LsarQueryDomainInformationPolicy operation request
func (*QueryDomainInformationPolicyRequest) MarshalNDR ¶
func (*QueryDomainInformationPolicyRequest) UnmarshalNDR ¶
type QueryDomainInformationPolicyResponse ¶
type QueryDomainInformationPolicyResponse struct {
// PolicyDomainInformation: A parameter that references policy information structure
// on return.
PolicyDomainInformation *PolicyDomainInformation `idl:"name:PolicyDomainInformation;switch_is:InformationClass" json:"policy_domain_information"`
// Return: The LsarQueryDomainInformationPolicy return value.
Return int32 `idl:"name:Return" json:"return"`
}
QueryDomainInformationPolicyResponse structure represents the LsarQueryDomainInformationPolicy operation response
func (*QueryDomainInformationPolicyResponse) MarshalNDR ¶
func (*QueryDomainInformationPolicyResponse) UnmarshalNDR ¶
type QueryForestTrustInformationRequest ¶
type QueryForestTrustInformationRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainName: The name of the trusted domain to query.
TrustedDomainName *UnicodeString `idl:"name:TrustedDomainName" json:"trusted_domain_name"`
// HighestRecordType: The highest ordinal number of forest trust record type that the
// caller understands.
HighestRecordType ForestTrustRecordType `idl:"name:HighestRecordType" json:"highest_record_type"`
}
QueryForestTrustInformationRequest structure represents the LsarQueryForestTrustInformation operation request
func (*QueryForestTrustInformationRequest) MarshalNDR ¶
func (*QueryForestTrustInformationRequest) UnmarshalNDR ¶
type QueryForestTrustInformationResponse ¶
type QueryForestTrustInformationResponse struct {
// ForestTrustInfo: Used to return the forest trust information.
ForestTrustInfo *ForestTrustInformation `idl:"name:ForestTrustInfo" json:"forest_trust_info"`
// Return: The LsarQueryForestTrustInformation return value.
Return int32 `idl:"name:Return" json:"return"`
}
QueryForestTrustInformationResponse structure represents the LsarQueryForestTrustInformation operation response
func (*QueryForestTrustInformationResponse) MarshalNDR ¶
func (*QueryForestTrustInformationResponse) UnmarshalNDR ¶
type QueryInfoTrustedDomainRequest ¶
type QueryInfoTrustedDomainRequest struct {
// TrustedDomainHandle: An open trusted domain object handle.
TrustedDomain *Handle `idl:"name:TrustedDomainHandle" json:"trusted_domain"`
// InformationClass: One of the TRUSTED_INFORMATION_CLASS values indicating the type
// of information the caller is interested in.
InformationClass TrustedInformationClass `idl:"name:InformationClass" json:"information_class"`
}
QueryInfoTrustedDomainRequest structure represents the LsarQueryInfoTrustedDomain operation request
func (*QueryInfoTrustedDomainRequest) MarshalNDR ¶
func (*QueryInfoTrustedDomainRequest) UnmarshalNDR ¶
type QueryInfoTrustedDomainResponse ¶
type QueryInfoTrustedDomainResponse struct {
// TrustedDomainInformation: Used to return requested information about the trusted
// domain object.
TrustedDomainInformation *TrustedDomainInfo `idl:"name:TrustedDomainInformation;switch_is:InformationClass" json:"trusted_domain_information"`
// Return: The LsarQueryInfoTrustedDomain return value.
Return int32 `idl:"name:Return" json:"return"`
}
QueryInfoTrustedDomainResponse structure represents the LsarQueryInfoTrustedDomain operation response
func (*QueryInfoTrustedDomainResponse) MarshalNDR ¶
func (*QueryInfoTrustedDomainResponse) UnmarshalNDR ¶
type QueryInformationPolicy2Request ¶
type QueryInformationPolicy2Request struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// InformationClass: A parameter that specifies what type of information the caller
// is requesting.
InformationClass PolicyInformationClass `idl:"name:InformationClass" json:"information_class"`
}
QueryInformationPolicy2Request structure represents the LsarQueryInformationPolicy2 operation request
func (*QueryInformationPolicy2Request) MarshalNDR ¶
func (*QueryInformationPolicy2Request) UnmarshalNDR ¶
type QueryInformationPolicy2Response ¶
type QueryInformationPolicy2Response struct {
// PolicyInformation: A parameter that references policy information structure on return.
PolicyInformation *PolicyInformation `idl:"name:PolicyInformation;switch_is:InformationClass" json:"policy_information"`
// Return: The LsarQueryInformationPolicy2 return value.
Return int32 `idl:"name:Return" json:"return"`
}
QueryInformationPolicy2Response structure represents the LsarQueryInformationPolicy2 operation response
func (*QueryInformationPolicy2Response) MarshalNDR ¶
func (*QueryInformationPolicy2Response) UnmarshalNDR ¶
type QueryInformationPolicyRequest ¶
type QueryInformationPolicyRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// InformationClass: A parameter that specifies what type of information the caller
// is requesting.
InformationClass PolicyInformationClass `idl:"name:InformationClass" json:"information_class"`
}
QueryInformationPolicyRequest structure represents the LsarQueryInformationPolicy operation request
func (*QueryInformationPolicyRequest) MarshalNDR ¶
func (*QueryInformationPolicyRequest) UnmarshalNDR ¶
type QueryInformationPolicyResponse ¶
type QueryInformationPolicyResponse struct {
// PolicyInformation: A parameter that references policy information structure on return.
PolicyInformation *PolicyInformation `idl:"name:PolicyInformation;switch_is:InformationClass" json:"policy_information"`
// Return: The LsarQueryInformationPolicy return value.
Return int32 `idl:"name:Return" json:"return"`
}
QueryInformationPolicyResponse structure represents the LsarQueryInformationPolicy operation response
func (*QueryInformationPolicyResponse) MarshalNDR ¶
func (*QueryInformationPolicyResponse) UnmarshalNDR ¶
type QuerySecretRequest ¶
type QuerySecretRequest struct {
// SecretHandle: An open secret object handle.
Secret *Handle `idl:"name:SecretHandle" json:"secret"`
// EncryptedCurrentValue: Used to return the encrypted current value of the secret object.
EncryptedCurrentValue *CRCipherValue `idl:"name:EncryptedCurrentValue;pointer:unique" json:"encrypted_current_value"`
// CurrentValueSetTime: Used to return the time when the current value was set.
CurrentValueSetTime *dtyp.LargeInteger `idl:"name:CurrentValueSetTime;pointer:unique" json:"current_value_set_time"`
// EncryptedOldValue: A BLOB representing the encrypted old value. It is valid for this
// parameter to be NULL, in which case the current value in the policy database is copied.
EncryptedOldValue *CRCipherValue `idl:"name:EncryptedOldValue;pointer:unique" json:"encrypted_old_value"`
// OldValueSetTime: The time corresponding to the instant that the old value was last
// changed.
OldValueSetTime *dtyp.LargeInteger `idl:"name:OldValueSetTime;pointer:unique" json:"old_value_set_time"`
}
QuerySecretRequest structure represents the LsarQuerySecret operation request
func (*QuerySecretRequest) MarshalNDR ¶
func (*QuerySecretRequest) UnmarshalNDR ¶
type QuerySecretResponse ¶
type QuerySecretResponse struct {
// EncryptedCurrentValue: Used to return the encrypted current value of the secret object.
EncryptedCurrentValue *CRCipherValue `idl:"name:EncryptedCurrentValue;pointer:unique" json:"encrypted_current_value"`
// CurrentValueSetTime: Used to return the time when the current value was set.
CurrentValueSetTime *dtyp.LargeInteger `idl:"name:CurrentValueSetTime;pointer:unique" json:"current_value_set_time"`
// EncryptedOldValue: A BLOB representing the encrypted old value. It is valid for this
// parameter to be NULL, in which case the current value in the policy database is copied.
EncryptedOldValue *CRCipherValue `idl:"name:EncryptedOldValue;pointer:unique" json:"encrypted_old_value"`
// OldValueSetTime: The time corresponding to the instant that the old value was last
// changed.
OldValueSetTime *dtyp.LargeInteger `idl:"name:OldValueSetTime;pointer:unique" json:"old_value_set_time"`
// Return: The LsarQuerySecret return value.
Return int32 `idl:"name:Return" json:"return"`
}
QuerySecretResponse structure represents the LsarQuerySecret operation response
func (*QuerySecretResponse) MarshalNDR ¶
func (*QuerySecretResponse) UnmarshalNDR ¶
type QuerySecurityObjectRequest ¶
type QuerySecurityObjectRequest struct {
// ObjectHandle: An open object handle of any type.
Object *Handle `idl:"name:ObjectHandle" json:"object"`
// SecurityInformation: A bitmask specifying which portions of the security descriptor
// the caller is interested in.
SecurityInformation uint32 `idl:"name:SecurityInformation" json:"security_information"`
}
QuerySecurityObjectRequest structure represents the LsarQuerySecurityObject operation request
func (*QuerySecurityObjectRequest) MarshalNDR ¶
func (*QuerySecurityObjectRequest) UnmarshalNDR ¶
type QuerySecurityObjectResponse ¶
type QuerySecurityObjectResponse struct {
// SecurityDescriptor: Used to return the security descriptor containing the elements
// requested by the caller.
SecurityDescriptor *SrSecurityDescriptor `idl:"name:SecurityDescriptor" json:"security_descriptor"`
// Return: The LsarQuerySecurityObject return value.
Return int32 `idl:"name:Return" json:"return"`
}
QuerySecurityObjectResponse structure represents the LsarQuerySecurityObject operation response
func (*QuerySecurityObjectResponse) MarshalNDR ¶
func (*QuerySecurityObjectResponse) UnmarshalNDR ¶
type QueryTrustedDomainInfoByNameRequest ¶
type QueryTrustedDomainInfoByNameRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainName: The name of the trusted domain object to query.
TrustedDomainName *dtyp.UnicodeString `idl:"name:TrustedDomainName" json:"trusted_domain_name"`
// InformationClass: One of the TRUSTED_INFORMATION_CLASS values identifying the type
// of information the caller is interested in.
InformationClass TrustedInformationClass `idl:"name:InformationClass" json:"information_class"`
}
QueryTrustedDomainInfoByNameRequest structure represents the LsarQueryTrustedDomainInfoByName operation request
func (*QueryTrustedDomainInfoByNameRequest) MarshalNDR ¶
func (*QueryTrustedDomainInfoByNameRequest) UnmarshalNDR ¶
type QueryTrustedDomainInfoByNameResponse ¶
type QueryTrustedDomainInfoByNameResponse struct {
// TrustedDomainInformation: Used to return the information requested by the caller.
TrustedDomainInformation *TrustedDomainInfo `idl:"name:TrustedDomainInformation;switch_is:InformationClass" json:"trusted_domain_information"`
// Return: The LsarQueryTrustedDomainInfoByName return value.
Return int32 `idl:"name:Return" json:"return"`
}
QueryTrustedDomainInfoByNameResponse structure represents the LsarQueryTrustedDomainInfoByName operation response
func (*QueryTrustedDomainInfoByNameResponse) MarshalNDR ¶
func (*QueryTrustedDomainInfoByNameResponse) UnmarshalNDR ¶
type QueryTrustedDomainInfoRequest ¶
type QueryTrustedDomainInfoRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainSid: A security descriptor of the trusted domain object.
TrustedDomainSID *dtyp.SID `idl:"name:TrustedDomainSid" json:"trusted_domain_sid"`
// InformationClass: Identifies the type of information the caller is interested in.
InformationClass TrustedInformationClass `idl:"name:InformationClass" json:"information_class"`
}
QueryTrustedDomainInfoRequest structure represents the LsarQueryTrustedDomainInfo operation request
func (*QueryTrustedDomainInfoRequest) MarshalNDR ¶
func (*QueryTrustedDomainInfoRequest) UnmarshalNDR ¶
type QueryTrustedDomainInfoResponse ¶
type QueryTrustedDomainInfoResponse struct {
// TrustedDomainInformation: Used to return the information on the trusted domain object
// to the caller.
TrustedDomainInformation *TrustedDomainInfo `idl:"name:TrustedDomainInformation;switch_is:InformationClass" json:"trusted_domain_information"`
// Return: The LsarQueryTrustedDomainInfo return value.
Return int32 `idl:"name:Return" json:"return"`
}
QueryTrustedDomainInfoResponse structure represents the LsarQueryTrustedDomainInfo operation response
func (*QueryTrustedDomainInfoResponse) MarshalNDR ¶
func (*QueryTrustedDomainInfoResponse) UnmarshalNDR ¶
type RemoveAccountRightsRequest ¶
type RemoveAccountRightsRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// AccountSid: A security descriptor of an account object.
AccountSID *dtyp.SID `idl:"name:AccountSid" json:"account_sid"`
// AllRights: If this field is not set to 0, all rights will be removed.
AllRights uint8 `idl:"name:AllRights" json:"all_rights"`
// UserRights: A set of rights to remove from the account.
UserRights *UserRightSet `idl:"name:UserRights" json:"user_rights"`
}
RemoveAccountRightsRequest structure represents the LsarRemoveAccountRights operation request
func (*RemoveAccountRightsRequest) MarshalNDR ¶
func (*RemoveAccountRightsRequest) UnmarshalNDR ¶
type RemoveAccountRightsResponse ¶
type RemoveAccountRightsResponse struct {
// Return: The LsarRemoveAccountRights return value.
Return int32 `idl:"name:Return" json:"return"`
}
RemoveAccountRightsResponse structure represents the LsarRemoveAccountRights operation response
func (*RemoveAccountRightsResponse) MarshalNDR ¶
func (*RemoveAccountRightsResponse) UnmarshalNDR ¶
type RemovePrivilegesFromAccountRequest ¶
type RemovePrivilegesFromAccountRequest struct {
// AccountHandle: An open account object handle obtained from either LsarCreateAccount
// (section 3.1.4.5.1) or LsarOpenAccount (section 3.1.4.5.3).
Account *Handle `idl:"name:AccountHandle" json:"account"`
// AllPrivileges: If this parameter is not FALSE (0), all privileges will be stripped
// from the account object.
AllPrivileges uint8 `idl:"name:AllPrivileges" json:"all_privileges"`
// Privileges: Contains a (possibly empty) list of privileges to remove from the account
// object.
Privileges *PrivilegeSet `idl:"name:Privileges;pointer:unique" json:"privileges"`
}
RemovePrivilegesFromAccountRequest structure represents the LsarRemovePrivilegesFromAccount operation request
func (*RemovePrivilegesFromAccountRequest) MarshalNDR ¶
func (*RemovePrivilegesFromAccountRequest) UnmarshalNDR ¶
type RemovePrivilegesFromAccountResponse ¶
type RemovePrivilegesFromAccountResponse struct {
// Return: The LsarRemovePrivilegesFromAccount return value.
Return int32 `idl:"name:Return" json:"return"`
}
RemovePrivilegesFromAccountResponse structure represents the LsarRemovePrivilegesFromAccount operation response
func (*RemovePrivilegesFromAccountResponse) MarshalNDR ¶
func (*RemovePrivilegesFromAccountResponse) UnmarshalNDR ¶
type RetrievePrivateDataRequest ¶
type RetrievePrivateDataRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// KeyName: The name identifying the secret value to be retrieved.
KeyName *dtyp.UnicodeString `idl:"name:KeyName" json:"key_name"`
// EncryptedData: Receives the encrypted value of the secret object.
EncryptedData *CRCipherValue `idl:"name:EncryptedData" json:"encrypted_data"`
}
RetrievePrivateDataRequest structure represents the LsarRetrievePrivateData operation request
func (*RetrievePrivateDataRequest) MarshalNDR ¶
func (*RetrievePrivateDataRequest) UnmarshalNDR ¶
type RetrievePrivateDataResponse ¶
type RetrievePrivateDataResponse struct {
// EncryptedData: Receives the encrypted value of the secret object.
EncryptedData *CRCipherValue `idl:"name:EncryptedData" json:"encrypted_data"`
// Return: The LsarRetrievePrivateData return value.
Return int32 `idl:"name:Return" json:"return"`
}
RetrievePrivateDataResponse structure represents the LsarRetrievePrivateData operation response
func (*RetrievePrivateDataResponse) MarshalNDR ¶
func (*RetrievePrivateDataResponse) UnmarshalNDR ¶
type SecurityDescriptor ¶
type SecurityDescriptor struct {
// Revision: The security descriptor revision level. This field MUST be ignored. The
// content is unspecified, and no requirements are placed on its value because it is
// never used.
Revision uint8 `idl:"name:Revision" json:"revision"`
// Sbz1: This field is used for alignment. This field MUST be ignored. The content
// is unspecified, and no requirements are placed on its value because it is never used.
SBZ1 uint8 `idl:"name:Sbz1" json:"sbz1"`
// Control: A set of flags (as specified in section 2.2.3.3) that qualify the meaning
// of the security descriptor or its individual fields.
Control uint16 `idl:"name:Control" json:"control"`
// Owner: A pointer to the RPC_SID structure that represents an object's owner as a
// SID.
Owner *dtyp.SID `idl:"name:Owner" json:"owner"`
// Group: A pointer to the RPC_SID structure that represents an object's primary group
// as a SID.
Group *dtyp.SID `idl:"name:Group" json:"group"`
// Sacl: A pointer to an ACL structure (as specified in 2.2.3.2) that contains a system
// access control list (SACL).
SACL *ACL `idl:"name:Sacl" json:"sacl"`
// Dacl: A pointer to an ACL structure that contains a discretionary access control
// list (DACL).
//
// The SECURITY_DESCRIPTOR structure is specified in [MS-DTYP] section 2.4.6.
DACL *ACL `idl:"name:Dacl" json:"dacl"`
}
SecurityDescriptor structure represents LSAPR_SECURITY_DESCRIPTOR RPC structure.
The LSAPR_SECURITY_DESCRIPTOR structure defines an object's security descriptor.
This structure has no effect on message processing in any environment.
func (*SecurityDescriptor) MarshalNDR ¶
func (*SecurityDescriptor) UnmarshalNDR ¶
type SecurityImpersonationLevel ¶
type SecurityImpersonationLevel uint16
SecurityImpersonationLevel type represents SECURITY_IMPERSONATION_LEVEL RPC enumeration.
The SECURITY_IMPERSONATION_LEVEL enumeration defines a set of values that specifies security impersonation levels. These levels govern the degree to which a server process can act on behalf of a client process.
This enumeration has no effect on message processing in any environment.
var ( // SecurityAnonymous: The server cannot obtain information about the client and cannot // impersonate the client. SecurityImpersonationLevelAnonymous SecurityImpersonationLevel = 0 // SecurityIdentification: The server can obtain information such as security identifiers // and privileges, but the server cannot impersonate the client. SecurityImpersonationLevelIdentification SecurityImpersonationLevel = 1 // SecurityImpersonation: The server can impersonate the client's security context // on its local system, but cannot impersonate the client when communicating with services // on remote systems. SecurityImpersonationLevelImpersonation SecurityImpersonationLevel = 2 // SecurityDelegation: The server can impersonate the client's security context when // communicating with services on remote systems. SecurityImpersonationLevelDelegation SecurityImpersonationLevel = 3 )
func (SecurityImpersonationLevel) String ¶
func (o SecurityImpersonationLevel) String() string
type SecurityQualityOfService ¶
type SecurityQualityOfService struct {
// Length: This value MUST be ignored. No requirements are placed on its value because
// it is never used.
Length uint32 `idl:"name:Length" json:"length"`
// ImpersonationLevel: This field contains information (as specified in section 2.2.3.5)
// given to the server about the client that describes how the server can represent,
// or impersonate, the client.
ImpersonationLevel SecurityImpersonationLevel `idl:"name:ImpersonationLevel" json:"impersonation_level"`
// ContextTrackingMode: This field specifies how the server tracks changes to the client's
// security context (as specified in section 2.2.3.6).
ContextTrackingMode uint8 `idl:"name:ContextTrackingMode" json:"context_tracking_mode"`
// EffectiveOnly: This field specifies whether the server can enable or disable privileges
// and groups that the client's security context might include. This value MUST be TRUE
// (nonzero) if the server has this right; otherwise, it MUST be FALSE (0).
EffectiveOnly uint8 `idl:"name:EffectiveOnly" json:"effective_only"`
}
SecurityQualityOfService structure represents SECURITY_QUALITY_OF_SERVICE RPC structure.
The SECURITY_QUALITY_OF_SERVICE structure defines information used to support client impersonation.
This structure has no effect on message processing in any environment.
func (*SecurityQualityOfService) MarshalNDR ¶
func (*SecurityQualityOfService) UnmarshalNDR ¶
type SetDomainInformationPolicyRequest ¶
type SetDomainInformationPolicyRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// InformationClass: A parameter that specifies what type of information the caller
// is setting.
InformationClass PolicyDomainInformationClass `idl:"name:InformationClass" json:"information_class"`
// PolicyDomainInformation: Data representing policy being set.
PolicyDomainInformation *PolicyDomainInformation `idl:"name:PolicyDomainInformation;switch_is:InformationClass;pointer:unique" json:"policy_domain_information"`
}
SetDomainInformationPolicyRequest structure represents the LsarSetDomainInformationPolicy operation request
func (*SetDomainInformationPolicyRequest) MarshalNDR ¶
func (*SetDomainInformationPolicyRequest) UnmarshalNDR ¶
type SetDomainInformationPolicyResponse ¶
type SetDomainInformationPolicyResponse struct {
// Return: The LsarSetDomainInformationPolicy return value.
Return int32 `idl:"name:Return" json:"return"`
}
SetDomainInformationPolicyResponse structure represents the LsarSetDomainInformationPolicy operation response
func (*SetDomainInformationPolicyResponse) MarshalNDR ¶
func (*SetDomainInformationPolicyResponse) UnmarshalNDR ¶
type SetForestTrustInformationRequest ¶
type SetForestTrustInformationRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainName: The name of the trusted domain object on which to set the forest
// trust information.
TrustedDomainName *UnicodeString `idl:"name:TrustedDomainName" json:"trusted_domain_name"`
// HighestRecordType: The highest ordinal forest trust record type that the caller understands.
HighestRecordType ForestTrustRecordType `idl:"name:HighestRecordType" json:"highest_record_type"`
// ForestTrustInfo: The forest trust information that the caller is trying to set on
// the trusted domain object.
ForestTrustInfo *ForestTrustInformation `idl:"name:ForestTrustInfo" json:"forest_trust_info"`
// CheckOnly: If not 0, the operation is read-only and does not alter the state of the
// server's database.
CheckOnly uint8 `idl:"name:CheckOnly" json:"check_only"`
}
SetForestTrustInformationRequest structure represents the LsarSetForestTrustInformation operation request
func (*SetForestTrustInformationRequest) MarshalNDR ¶
func (*SetForestTrustInformationRequest) UnmarshalNDR ¶
type SetForestTrustInformationResponse ¶
type SetForestTrustInformationResponse struct {
// CollisionInfo: Used to return information about collisions between different sets
// of forest trust information in the server's database.
CollisionInfo *ForestTrustCollisionInformation `idl:"name:CollisionInfo" json:"collision_info"`
// Return: The LsarSetForestTrustInformation return value.
Return int32 `idl:"name:Return" json:"return"`
}
SetForestTrustInformationResponse structure represents the LsarSetForestTrustInformation operation response
func (*SetForestTrustInformationResponse) MarshalNDR ¶
func (*SetForestTrustInformationResponse) UnmarshalNDR ¶
type SetInformationPolicy2Request ¶
type SetInformationPolicy2Request struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// InformationClass: A parameter that specifies what type of information the caller
// is setting.
InformationClass PolicyInformationClass `idl:"name:InformationClass" json:"information_class"`
// PolicyInformation: Data that represents policy being set.
PolicyInformation *PolicyInformation `idl:"name:PolicyInformation;switch_is:InformationClass" json:"policy_information"`
}
SetInformationPolicy2Request structure represents the LsarSetInformationPolicy2 operation request
func (*SetInformationPolicy2Request) MarshalNDR ¶
func (*SetInformationPolicy2Request) UnmarshalNDR ¶
type SetInformationPolicy2Response ¶
type SetInformationPolicy2Response struct {
// Return: The LsarSetInformationPolicy2 return value.
Return int32 `idl:"name:Return" json:"return"`
}
SetInformationPolicy2Response structure represents the LsarSetInformationPolicy2 operation response
func (*SetInformationPolicy2Response) MarshalNDR ¶
func (*SetInformationPolicy2Response) UnmarshalNDR ¶
type SetInformationPolicyRequest ¶
type SetInformationPolicyRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// InformationClass: A parameter that specifies what type of information the caller
// is setting.
InformationClass PolicyInformationClass `idl:"name:InformationClass" json:"information_class"`
// PolicyInformation: Data that represents the policy being set.
PolicyInformation *PolicyInformation `idl:"name:PolicyInformation;switch_is:InformationClass" json:"policy_information"`
}
SetInformationPolicyRequest structure represents the LsarSetInformationPolicy operation request
func (*SetInformationPolicyRequest) MarshalNDR ¶
func (*SetInformationPolicyRequest) UnmarshalNDR ¶
type SetInformationPolicyResponse ¶
type SetInformationPolicyResponse struct {
// Return: The LsarSetInformationPolicy return value.
Return int32 `idl:"name:Return" json:"return"`
}
SetInformationPolicyResponse structure represents the LsarSetInformationPolicy operation response
func (*SetInformationPolicyResponse) MarshalNDR ¶
func (*SetInformationPolicyResponse) UnmarshalNDR ¶
type SetInformationTrustedDomainRequest ¶
type SetInformationTrustedDomainRequest struct {
// TrustedDomainHandle: A handle to a trusted domain object.
TrustedDomain *Handle `idl:"name:TrustedDomainHandle" json:"trusted_domain"`
// InformationClass: A value indicating the type of information requested by the caller.
InformationClass TrustedInformationClass `idl:"name:InformationClass" json:"information_class"`
// TrustedDomainInformation: Used to supply the information to be set.
TrustedDomainInformation *TrustedDomainInfo `idl:"name:TrustedDomainInformation;switch_is:InformationClass" json:"trusted_domain_information"`
}
SetInformationTrustedDomainRequest structure represents the LsarSetInformationTrustedDomain operation request
func (*SetInformationTrustedDomainRequest) MarshalNDR ¶
func (*SetInformationTrustedDomainRequest) UnmarshalNDR ¶
type SetInformationTrustedDomainResponse ¶
type SetInformationTrustedDomainResponse struct {
// Return: The LsarSetInformationTrustedDomain return value.
Return int32 `idl:"name:Return" json:"return"`
}
SetInformationTrustedDomainResponse structure represents the LsarSetInformationTrustedDomain operation response
func (*SetInformationTrustedDomainResponse) MarshalNDR ¶
func (*SetInformationTrustedDomainResponse) UnmarshalNDR ¶
type SetSecretRequest ¶
type SetSecretRequest struct {
// SecretHandle: An open secret object handle.
Secret *Handle `idl:"name:SecretHandle" json:"secret"`
// EncryptedCurrentValue: A binary large object (BLOB) representing a new encrypted
// cipher value. It is valid for this parameter to be NULL, in which case the value
// is deleted from the server's policy database.
EncryptedCurrentValue *CRCipherValue `idl:"name:EncryptedCurrentValue;pointer:unique" json:"encrypted_current_value"`
// EncryptedOldValue: A BLOB representing the encrypted old value. It is valid for this
// parameter to be NULL, in which case the current value in the policy database is copied.
EncryptedOldValue *CRCipherValue `idl:"name:EncryptedOldValue;pointer:unique" json:"encrypted_old_value"`
}
SetSecretRequest structure represents the LsarSetSecret operation request
func (*SetSecretRequest) MarshalNDR ¶
func (*SetSecretRequest) UnmarshalNDR ¶
type SetSecretResponse ¶
type SetSecretResponse struct {
// Return: The LsarSetSecret return value.
Return int32 `idl:"name:Return" json:"return"`
}
SetSecretResponse structure represents the LsarSetSecret operation response
func (*SetSecretResponse) MarshalNDR ¶
func (*SetSecretResponse) UnmarshalNDR ¶
type SetSecurityObjectRequest ¶
type SetSecurityObjectRequest struct {
// ObjectHandle: An open handle to an existing object.
Object *Handle `idl:"name:ObjectHandle" json:"object"`
// SecurityInformation: A bitmask specifying which portions of the security descriptor
// are to be set.
SecurityInformation uint32 `idl:"name:SecurityInformation" json:"security_information"`
// SecurityDescriptor: The security descriptor to be set.
SecurityDescriptor *SrSecurityDescriptor `idl:"name:SecurityDescriptor" json:"security_descriptor"`
}
SetSecurityObjectRequest structure represents the LsarSetSecurityObject operation request
func (*SetSecurityObjectRequest) MarshalNDR ¶
func (*SetSecurityObjectRequest) UnmarshalNDR ¶
type SetSecurityObjectResponse ¶
type SetSecurityObjectResponse struct {
// Return: The LsarSetSecurityObject return value.
Return int32 `idl:"name:Return" json:"return"`
}
SetSecurityObjectResponse structure represents the LsarSetSecurityObject operation response
func (*SetSecurityObjectResponse) MarshalNDR ¶
func (*SetSecurityObjectResponse) UnmarshalNDR ¶
type SetSystemAccessAccountRequest ¶
type SetSystemAccessAccountRequest struct {
// AccountHandle: An open account object handle obtained from either LsarCreateAccount
// (section 3.1.4.5.1) or LsarOpenAccount (section 3.1.4.5.3).
Account *Handle `idl:"name:AccountHandle" json:"account"`
// SystemAccess: A bitmask containing the account flags to be set on the account.
SystemAccess uint32 `idl:"name:SystemAccess" json:"system_access"`
}
SetSystemAccessAccountRequest structure represents the LsarSetSystemAccessAccount operation request
func (*SetSystemAccessAccountRequest) MarshalNDR ¶
func (*SetSystemAccessAccountRequest) UnmarshalNDR ¶
type SetSystemAccessAccountResponse ¶
type SetSystemAccessAccountResponse struct {
// Return: The LsarSetSystemAccessAccount return value.
Return int32 `idl:"name:Return" json:"return"`
}
SetSystemAccessAccountResponse structure represents the LsarSetSystemAccessAccount operation response
func (*SetSystemAccessAccountResponse) MarshalNDR ¶
func (*SetSystemAccessAccountResponse) UnmarshalNDR ¶
type SetTrustedDomainInfoByNameRequest ¶
type SetTrustedDomainInfoByNameRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainName: The name of the trusted domain object to set information on.
TrustedDomainName *dtyp.UnicodeString `idl:"name:TrustedDomainName" json:"trusted_domain_name"`
// InformationClass: One of the TRUSTED_INFORMATION_CLASS values indicating the type
// of information the caller is trying to set.
InformationClass TrustedInformationClass `idl:"name:InformationClass" json:"information_class"`
// TrustedDomainInformation: The data being set.
TrustedDomainInformation *TrustedDomainInfo `idl:"name:TrustedDomainInformation;switch_is:InformationClass" json:"trusted_domain_information"`
}
SetTrustedDomainInfoByNameRequest structure represents the LsarSetTrustedDomainInfoByName operation request
func (*SetTrustedDomainInfoByNameRequest) MarshalNDR ¶
func (*SetTrustedDomainInfoByNameRequest) UnmarshalNDR ¶
type SetTrustedDomainInfoByNameResponse ¶
type SetTrustedDomainInfoByNameResponse struct {
// Return: The LsarSetTrustedDomainInfoByName return value.
Return int32 `idl:"name:Return" json:"return"`
}
SetTrustedDomainInfoByNameResponse structure represents the LsarSetTrustedDomainInfoByName operation response
func (*SetTrustedDomainInfoByNameResponse) MarshalNDR ¶
func (*SetTrustedDomainInfoByNameResponse) UnmarshalNDR ¶
type SetTrustedDomainInfoRequest ¶
type SetTrustedDomainInfoRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// TrustedDomainSid: A SID of the trusted domain object to be modified.
TrustedDomainSID *dtyp.SID `idl:"name:TrustedDomainSid" json:"trusted_domain_sid"`
// InformationClass: Identifies the type of information to be set on the trusted domain
// object.
InformationClass TrustedInformationClass `idl:"name:InformationClass" json:"information_class"`
// TrustedDomainInformation: Information to be set on the trusted domain object.
TrustedDomainInformation *TrustedDomainInfo `idl:"name:TrustedDomainInformation;switch_is:InformationClass" json:"trusted_domain_information"`
}
SetTrustedDomainInfoRequest structure represents the LsarSetTrustedDomainInfo operation request
func (*SetTrustedDomainInfoRequest) MarshalNDR ¶
func (*SetTrustedDomainInfoRequest) UnmarshalNDR ¶
type SetTrustedDomainInfoResponse ¶
type SetTrustedDomainInfoResponse struct {
// Return: The LsarSetTrustedDomainInfo return value.
Return int32 `idl:"name:Return" json:"return"`
}
SetTrustedDomainInfoResponse structure represents the LsarSetTrustedDomainInfo operation response
func (*SetTrustedDomainInfoResponse) MarshalNDR ¶
func (*SetTrustedDomainInfoResponse) UnmarshalNDR ¶
type SrSecurityDescriptor ¶
type SrSecurityDescriptor struct {
// Length: The count of bytes in SecurityDescriptor.<18>
Length uint32 `idl:"name:Length" json:"length"`
// SecurityDescriptor: The contiguous buffer containing the self-relative security
// descriptor. This field MUST contain the Length number of bytes. If the Length field
// has a value other than 0, this field MUST NOT be NULL.
SecurityDescriptor []byte `idl:"name:SecurityDescriptor;size_is:(Length)" json:"security_descriptor"`
}
SrSecurityDescriptor structure represents LSAPR_SR_SECURITY_DESCRIPTOR RPC structure.
The LSAPR_SR_SECURITY_DESCRIPTOR structure is used to communicate a self-relative security descriptor, as specified in [MS-DTYP] section 2.4.6.
func (*SrSecurityDescriptor) MarshalNDR ¶
func (*SrSecurityDescriptor) UnmarshalNDR ¶
type StorePrivateDataRequest ¶
type StorePrivateDataRequest struct {
// PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Policy *Handle `idl:"name:PolicyHandle" json:"policy"`
// KeyName: The name under which private data will be stored.
KeyName *dtyp.UnicodeString `idl:"name:KeyName" json:"key_name"`
// EncryptedData: The secret value to be stored.
EncryptedData *CRCipherValue `idl:"name:EncryptedData;pointer:unique" json:"encrypted_data"`
}
StorePrivateDataRequest structure represents the LsarStorePrivateData operation request
func (*StorePrivateDataRequest) MarshalNDR ¶
func (*StorePrivateDataRequest) UnmarshalNDR ¶
type StorePrivateDataResponse ¶
type StorePrivateDataResponse struct {
// Return: The LsarStorePrivateData return value.
Return int32 `idl:"name:Return" json:"return"`
}
StorePrivateDataResponse structure represents the LsarStorePrivateData operation response
func (*StorePrivateDataResponse) MarshalNDR ¶
func (*StorePrivateDataResponse) UnmarshalNDR ¶
type String ¶
type String struct {
// Length: The length, in bytes, of the string pointed to by the Buffer member, not
// including the terminating null character (if any).
Length uint16 `idl:"name:Length" json:"length"`
// MaximumLength: This field contains the total number of bytes in the Buffer field.
MaximumLength uint16 `idl:"name:MaximumLength" json:"maximum_length"`
// Buffer: A pointer to the actual string. If Length is greater than 0, this field
// MUST contain a non-NULL value. If Length is 0, this field MUST be ignored.
Buffer []byte `idl:"name:Buffer;size_is:(MaximumLength);length_is:(Length)" json:"buffer"`
}
String structure represents STRING RPC structure.
The STRING structure holds a counted string encoded in the OEM code page.
This structure has no effect on message processing in any environment.
type TrustInformation ¶
type TrustInformation struct {
// Name: This field contains a name for the domain that is subject to the restrictions
// of a NetBIOS name, as specified in [RFC1088]. This value SHOULD be used (by implementations
// external to this protocol) to identify the domain via the NetBIOS, as specified in
// [RFC1088].
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
// Sid: The SID of the domain. This field MUST NOT be NULL.
SID *dtyp.SID `idl:"name:Sid" json:"sid"`
}
TrustInformation structure represents LSAPR_TRUST_INFORMATION RPC structure.
The LSAPR_TRUST_INFORMATION structure identifies a domain.
func (*TrustInformation) MarshalNDR ¶
func (*TrustInformation) UnmarshalNDR ¶
type TrustedControllersInfo ¶
type TrustedControllersInfo struct {
// Entries: The count of names.<31>
Entries uint32 `idl:"name:Entries" json:"entries"`
// Names: This field contains an array of DC names that are subject to the restrictions
// of a NetBIOS name, as specified in [RFC1088]. This field SHOULD be used (by implementations
// external to this protocol) to identify the DCs via the NetBIOS API, as specified
// in [RFC1088]. If the Entries field has a value other than 0, this field MUST NOT
// be NULL.
Names []*dtyp.UnicodeString `idl:"name:Names;size_is:(Entries)" json:"names"`
}
TrustedControllersInfo structure represents LSAPR_TRUSTED_CONTROLLERS_INFO RPC structure.
The LSAPR_TRUSTED_CONTROLLERS_INFO structure is used to communicate a set of names of domain controllers (DCs) in a trusted domain. The following structure corresponds to the TrustedControllersInformation information class.
func (*TrustedControllersInfo) MarshalNDR ¶
func (*TrustedControllersInfo) UnmarshalNDR ¶
type TrustedDomainAuthBlob ¶
type TrustedDomainAuthBlob struct {
// AuthSize: The count of bytes in AuthBlob.<35>
AuthSize uint32 `idl:"name:AuthSize" json:"auth_size"`
// AuthBlob: An array of bytes containing the authentication material. If the AuthSize
// field has a value other than 0, this field MUST NOT be NULL. Always encrypted using
// algorithms, as specified in section 5.1.1. The plaintext layout is in the following
// format.
//
// The incoming and outgoing authentication information buffer size included at the
// end of the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB can be used to extract the incoming and
// outgoing authentication information buffers from the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB.
// Each of these buffers contains the byte offset to both the current and the previous
// authentication information. This information can be used to extract current and (if
// any) previous authentication information.
//
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 1 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 2 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 3 | 1 |
// | | | | | | | | | | | 0 | | | | | | | | | | 0 | | | | | | | | | | 0 | |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 512 bytes of random data (512 bytes) |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | CountOutgoingAuthInfos |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ByteOffsetCurrentOutgoingAuthInfo |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ByteOffsetPreviousOutgoingAuthInfo |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | CurrentOutgoingAuthInfos (variable) |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | PreviousOutgoingAuthInfos (variable) |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | CountIncomingAuthInfos |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ByteOffsetCurrentIncomingAuthInfo |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ByteOffsetPreviousIncomingAuthInfo |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | CurrentIncomingAuthInfos (variable) |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | PreviousIncomingAuthInfos (variable) |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | ... |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | OutgoingAuthInfoSize |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | IncomingAuthInfoSize |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
//
// CountOutgoingAuthInfos (4 bytes): Specifies the count of entries present in the CurrentOutgoingAuthInfos
// field. If optional field PreviousOutgoingAuthInfos is present, the number of entries
// in PreviousOutgoingAuthInfos is also equal to CountOutgoingAuthInfos.
//
// ByteOffsetCurrentOutgoingAuthInfo (4 bytes): Specifies the byte offset from the beginning
// of CountOutgoingAuthInfos to the start of the CurrentOutgoingAuthInfos field. If
// CountOutgoingAuthInfos is 0, this field MUST be ignored.
//
// ByteOffsetPreviousOutgoingAuthInfo (4 bytes): Specifies the byte offset from the
// beginning of CountOutgoingAuthInfos to the start of the PreviousOutgoingAuthInfos
// field. If the difference between ByteOffsetPreviousOutgoingAuthInfo and OutgoingAuthInfoSize
// is 0, the PreviousOutgoingAuthInfos field has zero entries.
//
// CurrentOutgoingAuthInfos: Contains an array of CountOutgoingAuthInfos of LSAPR_AUTH_INFORMATION
// (section 2.2.7.17) entries in self-relative format. Each LSAPR_AUTH_INFORMATION entry
// in the array MUST be 4-byte aligned. When it is necessary to insert unused padding
// bytes into a buffer for data alignment, such bytes MUST be set to 0.
//
// PreviousOutgoingAuthInfos: Contains an array of CountOutgoingAuthInfos LSAPR_AUTH_INFORMATION
// entries in self-relative format. See the comments for the ByteOffsetPreviousOutgoingAuthInfo
// field to determine when this field is present. Each LSAPR_AUTH_INFORMATION entry
// in the array MUST be 4-byte aligned. When it is necessary to insert unused padding
// bytes into a buffer for data alignment, such bytes MUST be set to 0.
//
// CountIncomingAuthInfos (4 bytes): Specifies the count of entries present in the CurrentIncomingAuthInfos
// field. If optional field PreviousIncomingAuthInfos is present, the number of entries
// in PreviousIncomingAuthInfos is also equal to CountIncomingAuthInfos.
//
// ByteOffsetCurrentIncomingAuthInfo (4 bytes): Specifies the byte offset from the beginning
// of CountIncomingAuthInfos to the start of the CurrentIncomingAuthInfos field. If
// CountIncomingAuthInfos is 0, this field MUST be ignored.
//
// ByteOffsetPreviousIncomingAuthInfo (4 bytes): Specifies the byte offset from the
// beginning of CountIncomingAuthInfos to the start of the PreviousIncomingAuthInfos
// field. If the difference between ByteOffsetPreviousIncomingAuthInfo and IncomingAuthInfoSize
// is 0, the PreviousIncomingAuthInfos field has zero entries.
//
// CurrentIncomingAuthInfos: Contains an array of CountIncomingAuthInfos LSAPR_AUTH_INFORMATION
// entries in self-relative format. Each LSAPR_AUTH_INFORMATION entry in the array MUST
// be 4-byte aligned. When it is necessary to insert unused padding bytes into a buffer
// for data alignment, such bytes MUST be set to 0.
//
// PreviousIncomingAuthInfos: Contains an array of CountIncomingAuthInfos LSAPR_AUTH_INFORMATION
// entries in self-relative format. See the comments for the ByteOffsetPreviousIncomingAuthInfo
// field to determine when this field is present. Each LSAPR_AUTH_INFORMATION entry
// in the array MUST be 4-byte aligned. When it is necessary to insert unused padding
// bytes into a buffer for data alignment, such bytes MUST be set to 0.
//
// OutgoingAuthInfoSize (4 bytes): Specifies the size, in bytes, of the subportion of
// the structure from the beginning of the CountOutgoingAuthInfos field through the
// end of the of the PreviousOutgoingAuthInfos field.
AuthBlob []byte `idl:"name:AuthBlob;size_is:(AuthSize)" json:"auth_blob"`
}
TrustedDomainAuthBlob structure represents LSAPR_TRUSTED_DOMAIN_AUTH_BLOB RPC structure.
The LSAPR_TRUSTED_DOMAIN_AUTH_BLOB structure contains a counted buffer of authentication material. Domain trust authentication is specified in [MS-ADTS] section 6.1.6.9.1.
func (*TrustedDomainAuthBlob) MarshalNDR ¶
func (*TrustedDomainAuthBlob) UnmarshalNDR ¶
type TrustedDomainAuthInformation ¶
type TrustedDomainAuthInformation struct {
// IncomingAuthInfos: The count of LSAPR_AUTH_INFORMATION entries (section 2.2.7.17)
// in the IncomingAuthenticationInformation field.<33>
IncomingAuthInfos uint32 `idl:"name:IncomingAuthInfos" json:"incoming_auth_infos"`
// IncomingAuthenticationInformation: An array of LSAPR_AUTH_INFORMATION structures.
// The values are used to compute keys used in inbound trust validation, as specified
// in [MS-ADTS] section 6.1.6.9.1.
IncomingAuthenticationInformation *AuthInformation `idl:"name:IncomingAuthenticationInformation" json:"incoming_authentication_information"`
// IncomingPreviousAuthenticationInformation: Same as IncomingAuthenticationInformation,
// but the data is the previous version of the authentication information.
IncomingPreviousAuthenticationInformation *AuthInformation `idl:"name:IncomingPreviousAuthenticationInformation" json:"incoming_previous_authentication_information"`
// OutgoingAuthInfos: The count of LSAPR_AUTH_INFORMATION entries in the OutgoingAuthenticationInformation
// field.<34>
OutgoingAuthInfos uint32 `idl:"name:OutgoingAuthInfos" json:"outgoing_auth_infos"`
// OutgoingAuthenticationInformation: An array of LSAPR_AUTH_INFORMATION structures.
// The values are used to compute keys used in outbound trust validation, as specified
// in [MS-ADTS] section 6.1.6.9.1.
OutgoingAuthenticationInformation *AuthInformation `idl:"name:OutgoingAuthenticationInformation" json:"outgoing_authentication_information"`
// OutgoingPreviousAuthenticationInformation: Same as OutgoingAuthenticationInformation,
// but the data is the previous version of the authentication information.
OutgoingPreviousAuthenticationInformation *AuthInformation `idl:"name:OutgoingPreviousAuthenticationInformation" json:"outgoing_previous_authentication_information"`
}
TrustedDomainAuthInformation structure represents LSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION RPC structure.
The LSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION structure communicates authentication material. The following structure corresponds to the TrustedDomainAuthInformation information class. Domain trust authentication is specified in [MS-ADTS] section 6.1.6.9.1. This structure maps to the Incoming and Outgoing Trust Password fields, as specified in section 3.1.1.5.
func (*TrustedDomainAuthInformation) MarshalNDR ¶
func (*TrustedDomainAuthInformation) UnmarshalNDR ¶
type TrustedDomainAuthInformationInternal ¶
type TrustedDomainAuthInformationInternal struct {
// AuthBlob: An LSAPR_TRUSTED_DOMAIN_AUTH_BLOB.
AuthBlob *TrustedDomainAuthBlob `idl:"name:AuthBlob" json:"auth_blob"`
}
TrustedDomainAuthInformationInternal structure represents LSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL RPC structure.
The LSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL structure communicates authentication material. The following structure corresponds to the TrustedDomainAuthInformationInternal information class. For more information about domain trust authentication material, see [MS-ADTS] section 6.1.6.9.1.
func (*TrustedDomainAuthInformationInternal) MarshalNDR ¶
func (*TrustedDomainAuthInformationInternal) UnmarshalNDR ¶
type TrustedDomainFullInformation ¶
type TrustedDomainFullInformation struct {
// Information: A structure containing name, SID, and trust attributes, as specified
// in section 2.2.7.9.
Information *TrustedDomainInformationEx `idl:"name:Information" json:"information"`
// PosixOffset: Any offset required for POSIX compliance, as specified in section 2.2.7.6.
POSIXOffset *TrustedPOSIXOffsetInfo `idl:"name:PosixOffset" json:"posix_offset"`
// AuthInformation: Authentication material, as specified in section 2.2.7.11.
AuthInformation *TrustedDomainAuthInformation `idl:"name:AuthInformation" json:"auth_information"`
}
TrustedDomainFullInformation structure represents LSAPR_TRUSTED_DOMAIN_FULL_INFORMATION RPC structure.
The LSAPR_TRUSTED_DOMAIN_FULL_INFORMATION structure communicates identification, POSIX compatibility, and authentication information for a trusted domain. The following structure corresponds to the TrustedDomainFullInformation information class.
func (*TrustedDomainFullInformation) MarshalNDR ¶
func (*TrustedDomainFullInformation) UnmarshalNDR ¶
type TrustedDomainFullInformation2 ¶
type TrustedDomainFullInformation2 struct {
// Information: A structure containing name, SID, and trust attributes, as specified
// in section 2.2.7.10.
Information *TrustedDomainInformationEx2 `idl:"name:Information" json:"information"`
// PosixOffset: Any offset required for POSIX compliance, as specified in section 2.2.7.6.
POSIXOffset *TrustedPOSIXOffsetInfo `idl:"name:PosixOffset" json:"posix_offset"`
// AuthInformation: Authentication material, as specified in section 2.2.7.11.
AuthInformation *TrustedDomainAuthInformation `idl:"name:AuthInformation" json:"auth_information"`
}
TrustedDomainFullInformation2 structure represents LSAPR_TRUSTED_DOMAIN_FULL_INFORMATION2 RPC structure.
The LSAPR_TRUSTED_DOMAIN_FULL_INFORMATION2 structure is used to communicate identification, POSIX compatibility, and authentication information for a trusted domain. The following structure corresponds to the TrustedDomainFullInformation2Internal information class.
func (*TrustedDomainFullInformation2) MarshalNDR ¶
func (*TrustedDomainFullInformation2) UnmarshalNDR ¶
type TrustedDomainFullInformationInternal ¶
type TrustedDomainFullInformationInternal struct {
// Information: A structure containing name, SID, and trust attributes, as specified
// in section 2.2.7.9.
Information *TrustedDomainInformationEx `idl:"name:Information" json:"information"`
// PosixOffset: Any offset required for POSIX compliance, as specified in section 2.2.7.6.
POSIXOffset *TrustedPOSIXOffsetInfo `idl:"name:PosixOffset" json:"posix_offset"`
// AuthInformation: Authentication material, as specified in section 2.2.7.12.
AuthInformation *TrustedDomainAuthInformationInternal `idl:"name:AuthInformation" json:"auth_information"`
}
TrustedDomainFullInformationInternal structure represents LSAPR_TRUSTED_DOMAIN_FULL_INFORMATION_INTERNAL RPC structure.
The LSAPR_TRUSTED_DOMAIN_FULL_INFORMATION_INTERNAL structure communicates identification and authentication information for a trusted domain. The following structure corresponds to the TrustedDomainFullInformationInternal information class.
func (*TrustedDomainFullInformationInternal) MarshalNDR ¶
func (*TrustedDomainFullInformationInternal) UnmarshalNDR ¶
type TrustedDomainInfo ¶
type TrustedDomainInfo struct {
// Types that are assignable to Value
//
// *TrustedDomainInfo_TrustedDomainNameInfo
// *TrustedDomainInfo_TrustedControllersInfo
// *TrustedDomainInfo_TrustedPOSIXOffsetInfo
// *TrustedDomainInfo_TrustedPasswordInfo
// *TrustedDomainInfo_Basic
// *TrustedDomainInfo_Ex
// *TrustedDomainInfo_TrustedAuthInfo
// *TrustedDomainInfo_TrustedFullInfo
// *TrustedDomainInfo_TrustedAuthInfoInternal
// *TrustedDomainInfo_TrustedFullInfoInternal
// *TrustedDomainInfo_Ex2
// *TrustedDomainInfo_TrustedFullInfo2
// *TrustedDomainInfo_TrustedDomainSETs
Value is_TrustedDomainInfo `json:"value"`
}
TrustedDomainInfo structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union.
func (*TrustedDomainInfo) GetValue ¶
func (o *TrustedDomainInfo) GetValue() any
func (*TrustedDomainInfo) MarshalUnionNDR ¶
func (*TrustedDomainInfo) NDRSwitchValue ¶
func (o *TrustedDomainInfo) NDRSwitchValue(sw uint16) uint16
func (*TrustedDomainInfo) UnmarshalUnionNDR ¶
type TrustedDomainInfo_Basic ¶
type TrustedDomainInfo_Basic struct {
TrustedDomainInfoBasic *TrustedDomainInformationBasic `idl:"name:TrustedDomainInfoBasic" json:"trusted_domain_info_basic"`
}
TrustedDomainInfo_Basic structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 5
func (*TrustedDomainInfo_Basic) MarshalNDR ¶
func (*TrustedDomainInfo_Basic) UnmarshalNDR ¶
type TrustedDomainInfo_Ex ¶
type TrustedDomainInfo_Ex struct {
TrustedDomainInfoEx *TrustedDomainInformationEx `idl:"name:TrustedDomainInfoEx" json:"trusted_domain_info_ex"`
}
TrustedDomainInfo_Ex structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 6
func (*TrustedDomainInfo_Ex) MarshalNDR ¶
func (*TrustedDomainInfo_Ex) UnmarshalNDR ¶
type TrustedDomainInfo_Ex2 ¶
type TrustedDomainInfo_Ex2 struct {
TrustedDomainInfoEx2 *TrustedDomainInformationEx2 `idl:"name:TrustedDomainInfoEx2" json:"trusted_domain_info_ex2"`
}
TrustedDomainInfo_Ex2 structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 11
func (*TrustedDomainInfo_Ex2) MarshalNDR ¶
func (*TrustedDomainInfo_Ex2) UnmarshalNDR ¶
type TrustedDomainInfo_TrustedAuthInfo ¶
type TrustedDomainInfo_TrustedAuthInfo struct {
TrustedAuthInfo *TrustedDomainAuthInformation `idl:"name:TrustedAuthInfo" json:"trusted_auth_info"`
}
TrustedDomainInfo_TrustedAuthInfo structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 7
func (*TrustedDomainInfo_TrustedAuthInfo) MarshalNDR ¶
func (*TrustedDomainInfo_TrustedAuthInfo) UnmarshalNDR ¶
type TrustedDomainInfo_TrustedAuthInfoInternal ¶
type TrustedDomainInfo_TrustedAuthInfoInternal struct {
TrustedAuthInfoInternal *TrustedDomainAuthInformationInternal `idl:"name:TrustedAuthInfoInternal" json:"trusted_auth_info_internal"`
}
TrustedDomainInfo_TrustedAuthInfoInternal structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 9
func (*TrustedDomainInfo_TrustedAuthInfoInternal) MarshalNDR ¶
func (*TrustedDomainInfo_TrustedAuthInfoInternal) UnmarshalNDR ¶
type TrustedDomainInfo_TrustedControllersInfo ¶
type TrustedDomainInfo_TrustedControllersInfo struct {
TrustedControllersInfo *TrustedControllersInfo `idl:"name:TrustedControllersInfo" json:"trusted_controllers_info"`
}
TrustedDomainInfo_TrustedControllersInfo structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 2
func (*TrustedDomainInfo_TrustedControllersInfo) MarshalNDR ¶
func (*TrustedDomainInfo_TrustedControllersInfo) UnmarshalNDR ¶
type TrustedDomainInfo_TrustedDomainNameInfo ¶
type TrustedDomainInfo_TrustedDomainNameInfo struct {
TrustedDomainNameInfo *TrustedDomainNameInfo `idl:"name:TrustedDomainNameInfo" json:"trusted_domain_name_info"`
}
TrustedDomainInfo_TrustedDomainNameInfo structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 1
func (*TrustedDomainInfo_TrustedDomainNameInfo) MarshalNDR ¶
func (*TrustedDomainInfo_TrustedDomainNameInfo) UnmarshalNDR ¶
type TrustedDomainInfo_TrustedDomainSETs ¶
type TrustedDomainInfo_TrustedDomainSETs struct {
TrustedDomainSETs *TrustedDomainSupportedEncryptionTypes `idl:"name:TrustedDomainSETs" json:"trusted_domain_sets"`
}
TrustedDomainInfo_TrustedDomainSETs structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 13
func (*TrustedDomainInfo_TrustedDomainSETs) MarshalNDR ¶
func (*TrustedDomainInfo_TrustedDomainSETs) UnmarshalNDR ¶
type TrustedDomainInfo_TrustedFullInfo ¶
type TrustedDomainInfo_TrustedFullInfo struct {
TrustedFullInfo *TrustedDomainFullInformation `idl:"name:TrustedFullInfo" json:"trusted_full_info"`
}
TrustedDomainInfo_TrustedFullInfo structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 8
func (*TrustedDomainInfo_TrustedFullInfo) MarshalNDR ¶
func (*TrustedDomainInfo_TrustedFullInfo) UnmarshalNDR ¶
type TrustedDomainInfo_TrustedFullInfo2 ¶
type TrustedDomainInfo_TrustedFullInfo2 struct {
TrustedFullInfo2 *TrustedDomainFullInformation2 `idl:"name:TrustedFullInfo2" json:"trusted_full_info2"`
}
TrustedDomainInfo_TrustedFullInfo2 structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 12
func (*TrustedDomainInfo_TrustedFullInfo2) MarshalNDR ¶
func (*TrustedDomainInfo_TrustedFullInfo2) UnmarshalNDR ¶
type TrustedDomainInfo_TrustedFullInfoInternal ¶
type TrustedDomainInfo_TrustedFullInfoInternal struct {
TrustedFullInfoInternal *TrustedDomainFullInformationInternal `idl:"name:TrustedFullInfoInternal" json:"trusted_full_info_internal"`
}
TrustedDomainInfo_TrustedFullInfoInternal structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 10
func (*TrustedDomainInfo_TrustedFullInfoInternal) MarshalNDR ¶
func (*TrustedDomainInfo_TrustedFullInfoInternal) UnmarshalNDR ¶
type TrustedDomainInfo_TrustedPOSIXOffsetInfo ¶
type TrustedDomainInfo_TrustedPOSIXOffsetInfo struct {
TrustedPOSIXOffsetInfo *TrustedPOSIXOffsetInfo `idl:"name:TrustedPosixOffsetInfo" json:"trusted_posix_offset_info"`
}
TrustedDomainInfo_TrustedPOSIXOffsetInfo structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 3
func (*TrustedDomainInfo_TrustedPOSIXOffsetInfo) MarshalNDR ¶
func (*TrustedDomainInfo_TrustedPOSIXOffsetInfo) UnmarshalNDR ¶
type TrustedDomainInfo_TrustedPasswordInfo ¶
type TrustedDomainInfo_TrustedPasswordInfo struct {
TrustedPasswordInfo *TrustedPasswordInfo `idl:"name:TrustedPasswordInfo" json:"trusted_password_info"`
}
TrustedDomainInfo_TrustedPasswordInfo structure represents LSAPR_TRUSTED_DOMAIN_INFO RPC union arm.
It has following labels: 4
func (*TrustedDomainInfo_TrustedPasswordInfo) MarshalNDR ¶
func (*TrustedDomainInfo_TrustedPasswordInfo) UnmarshalNDR ¶
type TrustedDomainInformationBasic ¶
type TrustedDomainInformationBasic TrustInformation
TrustedDomainInformationBasic structure represents LSAPR_TRUSTED_DOMAIN_INFORMATION_BASIC RPC structure.
func (*TrustedDomainInformationBasic) MarshalNDR ¶
func (*TrustedDomainInformationBasic) TrustInformation ¶
func (o *TrustedDomainInformationBasic) TrustInformation() *TrustInformation
func (*TrustedDomainInformationBasic) UnmarshalNDR ¶
type TrustedDomainInformationEx ¶
type TrustedDomainInformationEx struct {
// Name: The DNS name of the domain. Maps to the Name field, as specified in section
// 3.1.1.5.
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
// FlatName: The NetBIOS name of the trusted domain, as specified in [RFC1088]. Maps
// to the Flat Name field, as specified in section 3.1.1.5.
FlatName *dtyp.UnicodeString `idl:"name:FlatName" json:"flat_name"`
// Sid: The domain SID. Maps to the Security Identifier field, as specified in section
// 3.1.1.5.
SID *dtyp.SID `idl:"name:Sid" json:"sid"`
// TrustDirection: This field contains bitmapped values that define the properties
// of the direction of trust between the local domain and the named domain. One or more
// of the valid flags can be set. If all bits are 0, the trust is said to be disabled.
//
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 1 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 2 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 3 | 1 |
// | | | | | | | | | | | 0 | | | | | | | | | | 0 | | | | | | | | | | 0 | |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | I | O |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
//
// I: The trust is inbound.
//
// O: The trust is outbound.
//
// All other bits SHOULD be 0 and ignored upon receipt.
TrustDirection uint32 `idl:"name:TrustDirection" json:"trust_direction"`
// TrustType: This field specifies the type of trust between the local domain and the
// named domain.
//
// +------------+----------------------------------------------------------------------------------+
// | | |
// | VALUE | MEANING |
// | | |
// +------------+----------------------------------------------------------------------------------+
// +------------+----------------------------------------------------------------------------------+
// | 0x00000001 | Trust with a Windows domain that is not running Active Directory. |
// +------------+----------------------------------------------------------------------------------+
// | 0x00000002 | Trust with a Windows domain that is running Active Directory. |
// +------------+----------------------------------------------------------------------------------+
// | 0x00000003 | Trust with a non–Windows-compliant Kerberos distribution, as specified in |
// | | [RFC4120]. |
// +------------+----------------------------------------------------------------------------------+
// | 0x00000004 | Trust with a distributed computing environment (DCE) realm. This is a historical |
// | | reference and is not used. |
// +------------+----------------------------------------------------------------------------------+
//
// Note Other values SHOULD NOT be set.
TrustType uint32 `idl:"name:TrustType" json:"trust_type"`
// TrustAttributes: This field contains bitmapped values that define the attributes
// of the trust.<32>
//
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---------+---------+---+---------+---------+---------+---------+---------+---------+---------+---------+
// | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 1 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 2 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 3 | 1 |
// | | | | | | | | | | | 0 | | | | | | | | | | 0 | | | | | | | | | | 0 | |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---------+---------+---+---------+---------+---------+---------+---------+---------+---------+---------+
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---------+---------+---+---------+---------+---------+---------+---------+---------+---------+---------+
// | R | R | R | R | R | R | R | R | O | O | R | R | R | R | R | R | R | R | R | R | R | T A P T | T A N C | R | T A R C | T A T E | T A W F | T A C O | T A F T | T A Q D | T A U O | T A N T |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---------+---------+---+---------+---------+---------+---------+---------+---------+---------+---------+
//
// TrustAttribute values are described in section 3.1.1.5. The following table shows
// how these values map to the Trust Attributes field in section 3.1.1.5.
//
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | | |
// | VALUE | MAPPING |
// | | |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | TANT (TRUST_ATTRIBUTE_NON_TRANSITIVE) | Trust Attributes: Non-transitive |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | TAUO (TRUST_ATTRIBUTE_UPLEVEL_ONLY) | Trust Attributes: Uplevel only |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | TAQD (TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) | Trust Attributes: Quarantined |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | TAFT (TRUST_ATTRIBUTE_FOREST_TRANSITIVE) | Trust Attributes: Forest trust |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | TACO (TRUST_ATTRIBUTE_CROSS_ORGANIZATION) | Trust Attributes: Cross organization |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | TAWF (TRUST_ATTRIBUTE_WITHIN_FOREST) | Trust Attributes: Within forest |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | TATE (TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL) | Trust Attributes: Treat as external |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | TARC (TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION) | Trust Attributes: Use RC4 Encryption (for more information about RC4, see |
// | | [SCHNEIER] section 17.1). |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | TANC (TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION) | Trust Attributes: Tokens must not be trusted for delegation. |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | TAPT (TRUST_ATTRIBUTE_PIM_TRUST) | Trust Attributes: PrivilegedIdentityManagement (PIM) trust. |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | O | Obsolete. SHOULD be set to 0. |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
// | R | Reserved for future use. SHOULD be set to zero. |
// +-------------------------------------------------------------+----------------------------------------------------------------------------------+
TrustAttributes uint32 `idl:"name:TrustAttributes" json:"trust_attributes"`
}
TrustedDomainInformationEx structure represents LSAPR_TRUSTED_DOMAIN_INFORMATION_EX RPC structure.
The LSAPR_TRUSTED_DOMAIN_INFORMATION_EX structure communicates properties of a trusted domain. The following structure corresponds to the TrustedDomainInformationEx information class. Domain trusts are specified in [MS-ADTS] section 6.1.6.
func (*TrustedDomainInformationEx) MarshalNDR ¶
func (*TrustedDomainInformationEx) UnmarshalNDR ¶
type TrustedDomainInformationEx2 ¶
type TrustedDomainInformationEx2 struct {
// Name: The DNS name of the domain. Maps to the Name field, as specified in section
// 3.1.1.5.
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
// FlatName: The NetBIOS name of the trusted domain, as specified in [RFC1088]. Maps
// to the Flat Name field, as specified in section 3.1.1.5.
FlatName *dtyp.UnicodeString `idl:"name:FlatName" json:"flat_name"`
// Sid: The domain SID. Maps to the Security Identifier field, as specified in section
// 3.1.1.5.
SID *dtyp.SID `idl:"name:Sid" json:"sid"`
// TrustDirection: This field contains bitmapped values that define the properties
// of the direction of trust between the local domain and the named domain. See section
// 2.2.7.9 for valid values and a description of each flag. Maps to the Trusted Direction
// field, as specified in section 3.1.1.5.
TrustDirection uint32 `idl:"name:TrustDirection" json:"trust_direction"`
// TrustType: This field specifies the type of trust between the local domain and the
// named domain. See section 2.2.7.9 for valid values and a description of each value.
// Maps to the Trusted Type field, as specified in section 3.1.1.5.
TrustType uint32 `idl:"name:TrustType" json:"trust_type"`
// TrustAttributes: This field contains bitmapped values that define the attributes
// of the trust. See section 2.2.7.9 for valid values and a description of each flag.
// Maps to the Trusted Attributes field, as specified in section 3.1.1.5.
TrustAttributes uint32 `idl:"name:TrustAttributes" json:"trust_attributes"`
// ForestTrustLength: The count of bytes in ForestTrustInfo.
ForestTrustLength uint32 `idl:"name:ForestTrustLength" json:"forest_trust_length"`
// ForestTrustInfo: Binary data for the forest trust. For more information, see "Trust
// Objects" in [MS-ADTS] section 6.1.6. Maps to the Forest Trust Information field,
// as specified in section 3.1.1.5. Conversion from this binary format to the LSA_FOREST_TRUST_INFORMATION
// format is specified in [MS-ADTS] section 6.1.6.9.3. If the ForestTrustLength field
// has a value other than 0, this field MUST NOT be NULL.
ForestTrustInfo []byte `idl:"name:ForestTrustInfo;size_is:(ForestTrustLength)" json:"forest_trust_info"`
}
TrustedDomainInformationEx2 structure represents LSAPR_TRUSTED_DOMAIN_INFORMATION_EX2 RPC structure.
The LSAPR_TRUSTED_DOMAIN_INFORMATION_EX2 structure communicates properties of a trusted domain. The following structure corresponds to the TrustedDomainInformationEx2Internal information class. Domain trusts are specified in [MS-ADTS] section 6.1.6.
func (*TrustedDomainInformationEx2) MarshalNDR ¶
func (*TrustedDomainInformationEx2) UnmarshalNDR ¶
type TrustedDomainNameInfo ¶
type TrustedDomainNameInfo struct {
// Name: This field contains a name for the domain that is subject to the restrictions
// of a NetBIOS name, as specified in [RFC1088]. This field SHOULD be used (by implementations
// external to this protocol) to identify the domain via the NetBIOS API, as specified
// in [RFC1088].
Name *dtyp.UnicodeString `idl:"name:Name" json:"name"`
}
TrustedDomainNameInfo structure represents LSAPR_TRUSTED_DOMAIN_NAME_INFO RPC structure.
The LSAPR_TRUSTED_DOMAIN_NAME_INFO structure is used to communicate the name of a trusted domain. The following structure corresponds to the TrustedDomainNameInformation information class.
func (*TrustedDomainNameInfo) MarshalNDR ¶
func (*TrustedDomainNameInfo) UnmarshalNDR ¶
type TrustedDomainSupportedEncryptionTypes ¶
type TrustedDomainSupportedEncryptionTypes struct {
// SupportedEncryptionTypes: This field contains bitmapped values that define the encryption
// types supported by this trust relationship. The flags can be set in any combination.
//
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 1 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 2 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 3 | 1 |
// | | | | | | | | | | | 0 | | | | | | | | | | 0 | | | | | | | | | | 0 | |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
// | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | S | A | R | M | C |
// +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
//
// C: Supports CRC32, as specified in [RFC3961] page 31.
//
// M: Supports RSA-MD5, as specified in [RFC3961] page 31.
//
// R: Supports RC4-HMAC-MD5, as specified in [RFC4757].
//
// A: Supports HMAC-SHA1-96-AES128, as specified in [RFC3961] page 31.
//
// S: Supports HMAC-SHA1-96-AES256, as specified in [RFC3961] page 31.
SupportedEncryptionTypes uint32 `idl:"name:SupportedEncryptionTypes" json:"supported_encryption_types"`
}
TrustedDomainSupportedEncryptionTypes structure represents TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES RPC structure.
The TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES structure is used to present the encryption types that are allowed through a trust.
func (*TrustedDomainSupportedEncryptionTypes) MarshalNDR ¶
func (*TrustedDomainSupportedEncryptionTypes) UnmarshalNDR ¶
type TrustedEnumBuffer ¶
type TrustedEnumBuffer struct {
// EntriesRead: This field contains the number of trust information structures.
EntriesRead uint32 `idl:"name:EntriesRead" json:"entries_read"`
// Information: This field contains a set of structures that define the trust information,
// as specified in section 2.2.7.1. If the EntriesRead field has a value other than
// 0, this field MUST NOT be NULL.
Information []*TrustInformation `idl:"name:Information;size_is:(EntriesRead)" json:"information"`
}
TrustedEnumBuffer structure represents LSAPR_TRUSTED_ENUM_BUFFER RPC structure.
The LSAPR_TRUSTED_ENUM_BUFFER structure specifies a collection of trust information structures of type LSAPR_TRUST_INFORMATION.
func (*TrustedEnumBuffer) MarshalNDR ¶
func (*TrustedEnumBuffer) UnmarshalNDR ¶
type TrustedEnumBufferEx ¶
type TrustedEnumBufferEx struct {
// EntriesRead: This field contains the number of trust information structures.
EntriesRead uint32 `idl:"name:EntriesRead" json:"entries_read"`
// EnumerationBuffer: This field contains a set of structures that define the trust
// information, as specified in section 2.2.7.9. If the EntriesRead field has a value
// other than 0, this field MUST NOT be NULL.
EnumerationBuffer []*TrustedDomainInformationEx `idl:"name:EnumerationBuffer;size_is:(EntriesRead)" json:"enumeration_buffer"`
}
TrustedEnumBufferEx structure represents LSAPR_TRUSTED_ENUM_BUFFER_EX RPC structure.
The LSAPR_TRUSTED_ENUM_BUFFER_EX structure specifies a collection of trust information structures of type LSAPR_TRUSTED_DOMAIN_INFORMATION_EX.
func (*TrustedEnumBufferEx) MarshalNDR ¶
func (*TrustedEnumBufferEx) UnmarshalNDR ¶
type TrustedInformationClass ¶
type TrustedInformationClass uint16
TrustedInformationClass type represents TRUSTED_INFORMATION_CLASS RPC enumeration.
The TRUSTED_INFORMATION_CLASS enumeration type contains values that specify the type of trusted domain information queried or set by the client.
var ( // TrustedDomainNameInformation: The trusted domain information contains the LSAPR_TRUSTED_DOMAIN_NAME_INFO // structure specified in section 2.2.7.4. TrustedInformationClassDomainNameInformation TrustedInformationClass = 1 // TrustedControllersInformation: The trusted domain information contains the LSAPR_TRUSTED_CONTROLLERS_INFO // structure specified in section 2.2.7.5. TrustedInformationClassControllersInformation TrustedInformationClass = 2 // TrustedPosixOffsetInformation: The trusted domain information contains the TRUSTED_POSIX_OFFSET_INFO // structure specified in section 2.2.7.6. TrustedInformationClassPOSIXOffsetInformation TrustedInformationClass = 3 // TrustedPasswordInformation: The trusted domain information contains the LSAPR_TRUSTED_PASSWORD_INFO // structure specified in section 2.2.7.7. TrustedInformationClassPasswordInformation TrustedInformationClass = 4 // TrustedDomainInformationBasic: The trusted domain information contains the LSAPR_TRUSTED_DOMAIN_INFORMATION_BASIC // structure specified in section 2.2.7.8. TrustedInformationClassDomainInformationBasic TrustedInformationClass = 5 // TrustedDomainInformationEx: The trusted domain information contains the LSAPR_TRUSTED_ // DOMAIN_INFORMATION_EX structure specified in section 2.2.7.9. TrustedInformationClassDomainInformationEx TrustedInformationClass = 6 // TrustedDomainAuthInformation: The trusted domain information contains the LSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION // structure specified in section 2.2.7.11. TrustedInformationClassDomainAuthInformation TrustedInformationClass = 7 // TrustedDomainFullInformation: The trusted domain information contains the LSAPR_TRUSTED_DOMAIN_FULL_INFORMATION // structure specified in section 2.2.7.13. TrustedInformationClassDomainFullInformation TrustedInformationClass = 8 // TrustedDomainAuthInformationInternal: The trusted domain information contains the // LSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL structure specified in section 2.2.7.12. TrustedInformationClassDomainAuthInformationInternal TrustedInformationClass = 9 // TrustedDomainFullInformationInternal: The trusted domain information contains the // LSAPR_TRUSTED_DOMAIN_FULL_INFORMATION_INTERNAL structure specified in section 2.2.7.14. TrustedInformationClassDomainFullInformationInternal TrustedInformationClass = 10 // TrustedDomainInformationEx2Internal: The trusted domain information contains the // LSAPR_TRUSTED_DOMAIN_INFORMATION_EX2 structure specified in section 2.2.7.10. TrustedInformationClassDomainInformationEx2Internal TrustedInformationClass = 11 // TrustedDomainFullInformation2Internal: The trusted domain information contains the // LSAPR_TRUSTED_DOMAIN_FULL_INFORMATION2 structure specified in section 2.2.7.15. TrustedInformationClassDomainFullInformation2Internal TrustedInformationClass = 12 // TrustedDomainSupportedEncryptionTypes: The trusted domain information contains the // TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES structure specified in section 2.2.7.18. TrustedInformationClassDomainSupportedEncryptionTypes TrustedInformationClass = 13 )
func (TrustedInformationClass) String ¶
func (o TrustedInformationClass) String() string
type TrustedPOSIXOffsetInfo ¶
type TrustedPOSIXOffsetInfo struct {
// Offset: The offset to use for the generation of POSIX IDs for users and groups,
// as specified in "trustPosixOffset" in [MS-ADTS] section 6.1.6.7.14.
Offset uint32 `idl:"name:Offset" json:"offset"`
}
TrustedPOSIXOffsetInfo structure represents TRUSTED_POSIX_OFFSET_INFO RPC structure.
The TRUSTED_POSIX_OFFSET_INFO structure communicates any offset necessary for POSIX compliance. The following structure corresponds to the TrustedPosixOffsetInformation information class.
func (*TrustedPOSIXOffsetInfo) MarshalNDR ¶
func (*TrustedPOSIXOffsetInfo) UnmarshalNDR ¶
type TrustedPasswordInfo ¶
type TrustedPasswordInfo struct {
// Password: The current authentication material. See section 2.2.6.1.
Password *CRCipherValue `idl:"name:Password" json:"password"`
// OldPassword: The version prior to the current version of the authentication material.
// See section 2.2.6.1.
OldPassword *CRCipherValue `idl:"name:OldPassword" json:"old_password"`
}
TrustedPasswordInfo structure represents LSAPR_TRUSTED_PASSWORD_INFO RPC structure.
The LSAPR_TRUSTED_PASSWORD_INFO structure is used to communicate trust-authentication material. The following structure corresponds to the TrustedPasswordInformation information class.
func (*TrustedPasswordInfo) MarshalNDR ¶
func (*TrustedPasswordInfo) UnmarshalNDR ¶
type UnicodeString ¶
type UnicodeString dtyp.UnicodeString
UnicodeString structure represents LSA_UNICODE_STRING RPC structure.
func (*UnicodeString) MarshalNDR ¶
func (*UnicodeString) UnicodeString ¶
func (o *UnicodeString) UnicodeString() *dtyp.UnicodeString
func (*UnicodeString) UnmarshalNDR ¶
type UserRightSet ¶
type UserRightSet struct {
// Entries: This field contains the number of rights.<25>
Entries uint32 `idl:"name:Entries" json:"entries"`
// UserRights: An array of strings specifying the rights. These can be string names
// corresponding to either privilege names or system access names, as specified in section
// 3.1.1.2. If the Entries field has a value other than 0, this field MUST NOT be NULL.
UserRights []*dtyp.UnicodeString `idl:"name:UserRights;size_is:(Entries)" json:"user_rights"`
}
UserRightSet structure represents LSAPR_USER_RIGHT_SET RPC structure.
The LSAPR_USER_RIGHT_SET structure specifies a collection of user rights.
func (*UserRightSet) MarshalNDR ¶
func (*UserRightSet) UnmarshalNDR ¶
Source Files
Click to show internal directories.
Click to hide internal directories.