adts

package
v1.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 13, 2025 License: MIT Imports: 10 Imported by: 0

Documentation

Overview

The adts package implements the ADTS client protocol.

Introduction

This is the primary specification for Active Directory, both Active Directory Domain Services (AD DS) and Active Directory Lightweight Directory Services (AD LDS). When the specification does not refer specifically to AD DS or AD LDS, it applies to both. The state model for this specification is prerequisite to the other specifications for Active Directory: [MS-DRSR] and [MS-SRPL].

When no operating system version information is specified, information in this document applies to all relevant versions of Windows. Similarly, when no DC functional level is specified, information in this document applies to all DC functional levels.

The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include released service packs.

Overview

This is the primary specification for Active Directory. The state model for this specification is prerequisite to the other specifications for Active Directory: [MS-DRSR] and [MS-SRPL].

Active Directory is either deployed as AD DS or as AD LDS. This document describes both forms. When the specification does not refer specifically to AD DS or AD LDS, it applies to both.

The remainder of this section describes the structure of this document.

The basic state model is specified in section 3.1.1.1. The basic state model is prerequisite to the remainder of the document. Section 3.1.1.1 also includes descriptive content to introduce key concepts and refer to places in the document where the full specification is given.

The schema completes the state model and is specified in section 3.1.1.2. The schema is prerequisite to the remainder of the document.

Active Directory is a server for LDAP. Section 3.1.1.3 specifies the extensions and variations of LDAP that are supported by Active Directory.

LDAP is an access protocol that determines very little about the behavior of the data being accessed. Section 3.1.1.4 specifies read (LDAP Search) behaviors, and section 3.1.1.5 specifies update (LDAP Add, Modify, Modify DN, Delete) behaviors. Section 3.1.1.6 specifies background tasks required due to write operations, to the extent that those tasks are exposed by protocols.

One of the update behaviors is the maintenance of the change log for use by Windows NT 4.0 operating system backup domain controller (BDC) replication [MS-NRPC] section 3.6. The maintenance of this change log is specified in section 3.1.1.7.

The security services that Active Directory offers clients of LDAP are specified in section 5.1.

Active Directory contains a number of objects, visible through LDAP, that have special significance to the system. Section 6.1 specifies these objects.

A server running Active Directory is part of a distributed system that performs replication. The Knowledge Consistency Checker (KCC) is a component that is used to create spanning trees for DC-to-DC replication and is specified in section 6.2.

A server running Active Directory is responsible for publishing the services that it offers, in order to eliminate the administrative burden of configuring clients to use particular servers running Active Directory. A server running Active Directory also implements the server side of the LDAP ping and mailslot ping protocols to aid clients in selecting among all the servers offering the same service. Section 6.3 specifies how a server running Active Directory publishes its services, and how a client needing some service can use this publication plus the LDAP ping or mailslot ping to locate a suitable server.

Computers in a network with Active Directory can be put into a state called "domain joined"; when in this state, the computer can authenticate itself. Section 6.4 specifies both the state in Active Directory and the state on a computer required for the domain joined state.

Each type of data stored in Active Directory has an associated function that compares two values to determine if they are equal and, if not, which is greater. Section 3.1.1.2 specifies all but one of these functions; the methodology for comparing two Unicode strings is specified in section 6.5.

Index

Constants

This section is empty.

Variables

View Source
var (
	// import guard
	GoPackage = "adts"
)

Functions

This section is empty.

Types

type CypherBlock

type CypherBlock struct {
	Data []byte `idl:"name:data" json:"data"`
}

CypherBlock structure represents CYPHER_BLOCK RPC structure.

func (*CypherBlock) MarshalNDR

func (o *CypherBlock) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*CypherBlock) UnmarshalNDR

func (o *CypherBlock) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type DomainGroupMembership

type DomainGroupMembership struct {
	DomainID   *dtyp.SID          `idl:"name:DomainId" json:"domain_id"`
	GroupCount uint32             `idl:"name:GroupCount" json:"group_count"`
	GroupIDs   []*GroupMembership `idl:"name:GroupIds;size_is:(GroupCount)" json:"group_ids"`
}

DomainGroupMembership structure represents DOMAIN_GROUP_MEMBERSHIP RPC structure.

func (*DomainGroupMembership) MarshalNDR

func (o *DomainGroupMembership) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*DomainGroupMembership) UnmarshalNDR

func (o *DomainGroupMembership) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type GroupMembership

type GroupMembership struct {
	RelativeID uint32 `idl:"name:RelativeId" json:"relative_id"`
	Attributes uint32 `idl:"name:Attributes" json:"attributes"`
}

GroupMembership structure represents GROUP_MEMBERSHIP RPC structure.

func (*GroupMembership) MarshalNDR

func (o *GroupMembership) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*GroupMembership) UnmarshalNDR

func (o *GroupMembership) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type KerberosSIDAndAttributes

type KerberosSIDAndAttributes struct {
	SID        *dtyp.SID `idl:"name:Sid" json:"sid"`
	Attributes uint32    `idl:"name:Attributes" json:"attributes"`
}

KerberosSIDAndAttributes structure represents KERB_SID_AND_ATTRIBUTES RPC structure.

func (*KerberosSIDAndAttributes) MarshalNDR

func (o *KerberosSIDAndAttributes) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*KerberosSIDAndAttributes) UnmarshalNDR

func (o *KerberosSIDAndAttributes) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type KerberosValidationInfo

type KerberosValidationInfo struct {
	LogonTime          *dtyp.Filetime      `idl:"name:LogonTime" json:"logon_time"`
	LogoffTime         *dtyp.Filetime      `idl:"name:LogoffTime" json:"logoff_time"`
	KickOffTime        *dtyp.Filetime      `idl:"name:KickOffTime" json:"kick_off_time"`
	PasswordLastSet    *dtyp.Filetime      `idl:"name:PasswordLastSet" json:"password_last_set"`
	PasswordCanChange  *dtyp.Filetime      `idl:"name:PasswordCanChange" json:"password_can_change"`
	PasswordMustChange *dtyp.Filetime      `idl:"name:PasswordMustChange" json:"password_must_change"`
	EffectiveName      *dtyp.UnicodeString `idl:"name:EffectiveName" json:"effective_name"`
	FullName           *dtyp.UnicodeString `idl:"name:FullName" json:"full_name"`
	LogonScript        *dtyp.UnicodeString `idl:"name:LogonScript" json:"logon_script"`
	ProfilePath        *dtyp.UnicodeString `idl:"name:ProfilePath" json:"profile_path"`
	HomeDirectory      *dtyp.UnicodeString `idl:"name:HomeDirectory" json:"home_directory"`
	HomeDirectoryDrive *dtyp.UnicodeString `idl:"name:HomeDirectoryDrive" json:"home_directory_drive"`
	LogonCount         uint16              `idl:"name:LogonCount" json:"logon_count"`
	BadPasswordCount   uint16              `idl:"name:BadPasswordCount" json:"bad_password_count"`
	UserID             uint32              `idl:"name:UserId" json:"user_id"`
	PrimaryGroupID     uint32              `idl:"name:PrimaryGroupId" json:"primary_group_id"`
	GroupCount         uint32              `idl:"name:GroupCount" json:"group_count"`
	GroupIDs           []*GroupMembership  `idl:"name:GroupIds;size_is:(GroupCount)" json:"group_ids"`
	UserFlags          uint32              `idl:"name:UserFlags" json:"user_flags"`
	UserSessionKey     *UserSessionKey     `idl:"name:UserSessionKey" json:"user_session_key"`
	LogonServer        *dtyp.UnicodeString `idl:"name:LogonServer" json:"logon_server"`
	LogonDomainName    *dtyp.UnicodeString `idl:"name:LogonDomainName" json:"logon_domain_name"`
	LogonDomainID      *dtyp.SID           `idl:"name:LogonDomainId" json:"logon_domain_id"`

	UserAccountControl uint32 `idl:"name:UserAccountControl" json:"user_account_control"`

	SIDCount               uint32                      `idl:"name:SidCount" json:"sid_count"`
	ExtraSIDs              []*KerberosSIDAndAttributes `idl:"name:ExtraSids;size_is:(SidCount)" json:"extra_sids"`
	ResourceGroupDomainSID *dtyp.SID                   `idl:"name:ResourceGroupDomainSid" json:"resource_group_domain_sid"`
	ResourceGroupCount     uint32                      `idl:"name:ResourceGroupCount" json:"resource_group_count"`
	ResourceGroupIDs       []*GroupMembership          `idl:"name:ResourceGroupIds;size_is:(ResourceGroupCount)" json:"resource_group_ids"`
	// contains filtered or unexported fields
}

KerberosValidationInfo structure represents KERB_VALIDATION_INFO RPC structure.

func (*KerberosValidationInfo) MarshalNDR

func (o *KerberosValidationInfo) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*KerberosValidationInfo) UnmarshalNDR

func (o *KerberosValidationInfo) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type NTLMSupplementalCredential

type NTLMSupplementalCredential struct {
	Version    uint32 `idl:"name:Version" json:"version"`
	Flags      uint32 `idl:"name:Flags" json:"flags"`
	LMPassword []byte `idl:"name:LmPassword" json:"lm_password"`
	NTPassword []byte `idl:"name:NtPassword" json:"nt_password"`
}

NTLMSupplementalCredential structure represents NTLM_SUPPLEMENTAL_CREDENTIAL RPC structure.

func (*NTLMSupplementalCredential) MarshalNDR

func (o *NTLMSupplementalCredential) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*NTLMSupplementalCredential) UnmarshalNDR

func (o *NTLMSupplementalCredential) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type PACClientClaimsInfo

type PACClientClaimsInfo struct {
	Claims *claims.ClaimsSetMetadata `idl:"name:Claims" json:"claims"`
}

PACClientClaimsInfo structure represents PAC_CLIENT_CLAIMS_INFO RPC structure.

func (*PACClientClaimsInfo) MarshalNDR

func (o *PACClientClaimsInfo) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*PACClientClaimsInfo) UnmarshalNDR

func (o *PACClientClaimsInfo) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type PACClientInfo

type PACClientInfo struct {
	ClientID   *dtyp.Filetime `idl:"name:ClientId" json:"client_id"`
	NameLength uint16         `idl:"name:NameLength" json:"name_length"`
	Name       []uint16       `idl:"name:Name" json:"name"`
}

PACClientInfo structure represents PAC_CLIENT_INFO RPC structure.

func (*PACClientInfo) MarshalNDR

func (o *PACClientInfo) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*PACClientInfo) UnmarshalNDR

func (o *PACClientInfo) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type PACCredentialData

type PACCredentialData struct {
	CredentialCount uint32                             `idl:"name:CredentialCount" json:"credential_count"`
	Credentials     []*SecurityPackageSupplementalCred `idl:"name:Credentials;size_is:(CredentialCount)" json:"credentials"`
}

PACCredentialData structure represents PAC_CREDENTIAL_DATA RPC structure.

func (*PACCredentialData) MarshalNDR

func (o *PACCredentialData) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*PACCredentialData) NDRSizeInfo

func (o *PACCredentialData) NDRSizeInfo() []uint64

func (*PACCredentialData) UnmarshalNDR

func (o *PACCredentialData) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type PACCredentialInfo

type PACCredentialInfo struct {
	Version        uint32 `idl:"name:Version" json:"version"`
	EncryptionType uint32 `idl:"name:EncryptionType" json:"encryption_type"`
	SerializedData []byte `idl:"name:SerializedData" json:"serialized_data"`
}

PACCredentialInfo structure represents PAC_CREDENTIAL_INFO RPC structure.

func (*PACCredentialInfo) MarshalNDR

func (o *PACCredentialInfo) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*PACCredentialInfo) UnmarshalNDR

func (o *PACCredentialInfo) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type PACDeviceClaimsInfo

type PACDeviceClaimsInfo struct {
	Claims *claims.ClaimsSetMetadata `idl:"name:Claims" json:"claims"`
}

PACDeviceClaimsInfo structure represents PAC_DEVICE_CLAIMS_INFO RPC structure.

func (*PACDeviceClaimsInfo) MarshalNDR

func (o *PACDeviceClaimsInfo) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*PACDeviceClaimsInfo) UnmarshalNDR

func (o *PACDeviceClaimsInfo) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type PACDeviceInfo

type PACDeviceInfo struct {
	UserID            uint32                      `idl:"name:UserId" json:"user_id"`
	PrimaryGroupID    uint32                      `idl:"name:PrimaryGroupId" json:"primary_group_id"`
	AccountDomainID   *dtyp.SID                   `idl:"name:AccountDomainId" json:"account_domain_id"`
	AccountGroupCount uint32                      `idl:"name:AccountGroupCount" json:"account_group_count"`
	AccountGroupIDs   []*GroupMembership          `idl:"name:AccountGroupIds;size_is:(AccountGroupCount)" json:"account_group_ids"`
	SIDCount          uint32                      `idl:"name:SidCount" json:"sid_count"`
	ExtraSIDs         []*KerberosSIDAndAttributes `idl:"name:ExtraSids;size_is:(SidCount)" json:"extra_sids"`
	DomainGroupCount  uint32                      `idl:"name:DomainGroupCount" json:"domain_group_count"`
	DomainGroup       []*DomainGroupMembership    `idl:"name:DomainGroup;size_is:(DomainGroupCount)" json:"domain_group"`
}

PACDeviceInfo structure represents PAC_DEVICE_INFO RPC structure.

func (*PACDeviceInfo) MarshalNDR

func (o *PACDeviceInfo) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*PACDeviceInfo) UnmarshalNDR

func (o *PACDeviceInfo) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type PACInfoBuffer

type PACInfoBuffer struct {
	Type         uint32 `idl:"name:ulType" json:"type"`
	BufferLength uint32 `idl:"name:cbBufferSize" json:"buffer_length"`
	Offset       uint64 `idl:"name:Offset" json:"offset"`
}

PACInfoBuffer structure represents PAC_INFO_BUFFER RPC structure.

func (*PACInfoBuffer) MarshalNDR

func (o *PACInfoBuffer) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*PACInfoBuffer) UnmarshalNDR

func (o *PACInfoBuffer) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type PACType

type PACType struct {
	BuffersCount uint32           `idl:"name:cBuffers" json:"buffers_count"`
	Version      uint32           `idl:"name:Version" json:"version"`
	Buffers      []*PACInfoBuffer `idl:"name:Buffers" json:"buffers"`
}

PACType structure represents PACTYPE RPC structure.

func (*PACType) MarshalNDR

func (o *PACType) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*PACType) UnmarshalNDR

func (o *PACType) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type S4UDelegationInfo

type S4UDelegationInfo struct {
	S4u2proxyTarget      *dtyp.UnicodeString   `idl:"name:S4U2proxyTarget" json:"s4u2proxy_target"`
	TransitedListSize    uint32                `idl:"name:TransitedListSize" json:"transited_list_size"`
	S4UTransitedServices []*dtyp.UnicodeString `idl:"name:S4UTransitedServices;size_is:(TransitedListSize)" json:"s4u_transited_services"`
}

S4UDelegationInfo structure represents S4U_DELEGATION_INFO RPC structure.

func (*S4UDelegationInfo) MarshalNDR

func (o *S4UDelegationInfo) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*S4UDelegationInfo) UnmarshalNDR

func (o *S4UDelegationInfo) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type SecurityPackageSupplementalCred

type SecurityPackageSupplementalCred struct {
	PackageName    *dtyp.UnicodeString `idl:"name:PackageName" json:"package_name"`
	CredentialSize uint32              `idl:"name:CredentialSize" json:"credential_size"`
	Credentials    []byte              `idl:"name:Credentials;size_is:(CredentialSize)" json:"credentials"`
}

SecurityPackageSupplementalCred structure represents SECPKG_SUPPLEMENTAL_CRED RPC structure.

func (*SecurityPackageSupplementalCred) MarshalNDR

func (*SecurityPackageSupplementalCred) UnmarshalNDR

type UPNDNSInfo

type UPNDNSInfo struct {
	UPNLength           uint16 `idl:"name:UpnLength" json:"upn_length"`
	UPNOffset           uint16 `idl:"name:UpnOffset" json:"upn_offset"`
	DNSDomainNameLength uint16 `idl:"name:DnsDomainNameLength" json:"dns_domain_name_length"`
	DNSDomainNameOffset uint16 `idl:"name:DnsDomainNameOffset" json:"dns_domain_name_offset"`
	Flags               uint32 `idl:"name:Flags" json:"flags"`
}

UPNDNSInfo structure represents UPN_DNS_INFO RPC structure.

func (*UPNDNSInfo) MarshalNDR

func (o *UPNDNSInfo) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*UPNDNSInfo) UnmarshalNDR

func (o *UPNDNSInfo) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

type UserSessionKey

type UserSessionKey struct {
	Data []*CypherBlock `idl:"name:data" json:"data"`
}

UserSessionKey structure represents USER_SESSION_KEY RPC structure.

func (*UserSessionKey) MarshalNDR

func (o *UserSessionKey) MarshalNDR(ctx context.Context, w ndr.Writer) error

func (*UserSessionKey) UnmarshalNDR

func (o *UserSessionKey) UnmarshalNDR(ctx context.Context, w ndr.Reader) error

Directories

Path Synopsis
The claims package implements the CLAIMS client protocol.
The claims package implements the CLAIMS client protocol.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL