/// <summary>
/// The NetrDatabaseSync method is a predecessor to the NetrDatabaseSync2 method,
/// as specified in section 3.5.5.5.2. All parameters of this method have the same
/// meanings as the identically named parameters of the NetrDatabaseSync2 method.
/// Opnum: 8
/// </summary>
/// <param name="PrimaryName">
/// The custom RPC binding handle, as specified in section
/// , representing the connection to the PDC.
/// </param>
/// <param name="ComputerName">
/// The null-terminated Unicode string that contains the
/// NetBIOS name of the BDC calling this method.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the client authenticator.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the server return
/// authenticator.
/// </param>
/// <param name="DatabaseID">
/// The identifier for a specific database for which the
/// changes are requested. It MUST be one of the following
/// values.
/// </param>
/// <param name="SyncContext">
/// Specifies context needed to continue the operation.
/// The value MUST be set to zero on the first call. The
/// caller MUST treat this as an opaque value, unless this
/// call is a restart of the series of synchronization
/// calls. The value returned is to be used on input for
/// the next call in the series of synchronization calls. If
/// this call is the restart of the series, the values
/// of the RestartState and the SyncContext parameters
/// are dependent on the DeltaType value received on the
/// last call before the restart and MUST be set as follows.
/// Find the last NETLOGON_DELTA_ENUM structure in the
/// DeltaArray parameter of the call. The DeltaType field
/// of this NETLOGON_DELTA_ENUM structure, as specified
/// in section , is the DeltaType needed for the restart.
/// The values of RestartState and SyncContext are then
/// determined from the following table. DeltaTypeRestartStateSyncContextAddOrChangeGroupGroupStateThe
/// value of the RID field of the last element AddOrChangeUserUserStateThe
/// value of the RID field of the last element ChangeGroupMembershipGroupMemberStateThe
/// value of the RID field of the last element AddOrChangeAliasAliasState0x00000000ChangeAliasMembershipAliasMemberState0x00000000Any
/// other value not previously listedNormalState0x00000000
/// </param>
/// <param name="DeltaArray">
/// A pointer to a NETLOGON_DELTA_ENUM_ARRAY structure,
/// as specified in section , that contains an array of
/// enumerated changes (deltas) to the specified database.
/// </param>
/// <param name="PreferredMaximumLength">
/// The value that specifies the preferred maximum size,
/// in bytes, of data referenced in the DeltaArray parameter.
/// This is not a hard upper limit, but serves as a guide
/// to the server. The server SHOULDwindows stops including
/// elements in the returned DeltaArray once the size of
/// the returned data equals or exceeds the value of the
/// PreferredMaximumLength parameter. The server SHOULD stop including elements
/// in the returned DeltaArray once the size of the returned
/// data equals or exceeds the value of the PreferredMaximumLength
/// parameter. It is up to the client implementation to
/// choose the value for this parameter.
/// </param>
public NtStatus NetrDatabaseSync(
string PrimaryName,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
ref _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
DatabaseID_Values DatabaseID,
ref uint? SyncContext,
out _NETLOGON_DELTA_ENUM_ARRAY? DeltaArray,
uint PreferredMaximumLength)
{
NtStatus status = rpc.NetrDatabaseSync(
PrimaryName,
ComputerName,
Authenticator,
ref ReturnAuthenticator,
DatabaseID,
ref SyncContext,
out DeltaArray,
PreferredMaximumLength);
context.ConnectionStatus = status;
return status;
}
/// <summary>
/// The NetrLogonGetDomainInfo method Supported in windows_2000_server,
/// windows_xp, windows_server_2003, windows_vista, and
/// windows_server_2008, windows_7, and windows_server_7.
/// returns information that describes the current domain
/// to which the specified client belongs. Opnum: 29
/// </summary>
/// <param name="ServerName">
/// The custom RPC binding handle, as specified in section
/// .
/// </param>
/// <param name="ComputerName">
/// The null-terminated Unicode string that contains the
/// name of the client computer issuing the request.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the client authenticator.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the server return
/// authenticator.
/// </param>
/// <param name="Level">
/// The information level requested by the client. The buffer
/// contains one of the following structures, based on
/// the value of this field.
/// </param>
/// <param name="WkstaBuffer">
/// A pointer to a NETLOGON_WORKSTATION_INFORMATION structure,
/// as specified in section , that contains information
/// about the client workstation.
/// </param>
/// <param name="DomBuffer">
/// A pointer to a NETLOGON_DOMAIN_INFORMATION structure,
/// as specified in section , that contains information
/// about the domain or policy information.
/// </param>
public NtStatus NetrLogonGetDomainInfo(
string ServerName,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
ref _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
Level_Values Level,
_NETLOGON_WORKSTATION_INFORMATION? WkstaBuffer,
out _NETLOGON_DOMAIN_INFORMATION? DomBuffer)
{
const ushort opnum = 29;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pServerName = Marshal.StringToHGlobalUni(ServerName);
SafeIntPtr pComputerName = Marshal.StringToHGlobalUni(ComputerName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
SafeIntPtr pReturnAuthenticatorIn = TypeMarshal.ToIntPtr(ReturnAuthenticator);
SafeIntPtr pWkstaBuffer = TypeMarshal.ToIntPtr(WkstaBuffer, Level, null, null);
paramList = new Int3264[] {
pServerName,
pComputerName,
pAuthenticator,
pReturnAuthenticatorIn,
(uint)Level,
pWkstaBuffer,
IntPtr.Zero,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticatorOut = outParamList[3];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticatorOut);
IntPtr pDomBuffer = outParamList[6];
DomBuffer = TypeMarshal.ToNullableStruct<_NETLOGON_DOMAIN_INFORMATION>(
pDomBuffer,
Level,
null,
null);
retVal = outParamList[7].ToInt32();
}
pServerName.Dispose();
pComputerName.Dispose();
pAuthenticator.Dispose();
pReturnAuthenticatorIn.Dispose();
pWkstaBuffer.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// The NetrLogonSendToSamSupported in windows_2000_server,
/// windows_xp, windows_server_2003, and windows_server_2008windows_server_2008,
/// windows_7, and windows_server_7. method allows a BDC
/// to forward user account password changes to the PDC.
/// It is used by the client to deliver an opaque buffer
/// to the SAM database ([MS-SAMR]) on the server side.
/// Opnum: 32
/// </summary>
/// <param name="PrimaryName">
/// The custom RPC binding handle.
/// </param>
/// <param name="ComputerName">
/// A null-terminated Unicode string that contains the NetBIOS
/// name of the client computer making the call.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the client authenticator.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the server return
/// authenticator.
/// </param>
/// <param name="OpaqueBuffer">
/// A buffer to be passed to the Security Account Manager
/// (SAM) service on the PDC. The buffer is encrypted on
/// the wire.
/// </param>
/// <param name="OpaqueBufferSize">
/// The size, in bytes, of the OpaqueBuffer parameter.
/// </param>
public NtStatus NetrLogonSendToSam(
string PrimaryName,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
out _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
byte[] OpaqueBuffer,
uint OpaqueBufferSize)
{
const ushort opnum = 32;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pPrimaryName = Marshal.StringToHGlobalUni(PrimaryName);
SafeIntPtr pComputerName = Marshal.StringToHGlobalUni(ComputerName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
SafeIntPtr pOpaqueBuffer = IntPtrUtility.ArrayToPtr(OpaqueBuffer);
paramList = new Int3264[] {
pPrimaryName,
pComputerName,
pAuthenticator,
IntPtr.Zero,
pOpaqueBuffer,
OpaqueBufferSize,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticator = outParamList[3];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticator);
retVal = outParamList[6].ToInt32();
}
pPrimaryName.Dispose();
pComputerName.Dispose();
pAuthenticator.Dispose();
pOpaqueBuffer.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// The NetrDatabaseRedo method is used by a BDC to request
/// information about a single account from the PDC. Opnum
/// : 17
/// </summary>
/// <param name="PrimaryName">
/// The custom RPC binding handle, as specified in section
/// , representing the connection to the PDC.
/// </param>
/// <param name="ComputerName">
/// The null-terminated Unicode string that contains the
/// NetBIOS name of the BDC calling this method.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the client authenticator.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the server return
/// authenticator.
/// </param>
/// <param name="ChangeLogEntry">
/// A pointer to a buffer that contains a CHANGELOG_ENTRY
/// structure, specified as follows, for the account being
/// queried.
/// </param>
/// <param name="ChangeLogEntrySize">
/// The size, in bytes, of the buffer pointed to by the
/// ChangeLogEntry parameter.
/// </param>
/// <param name="DeltaArray">
/// A pointer to a NETLOGON_DELTA_ENUM_ARRAY structure,
/// as specified in section , that contains an array of
/// enumerated database changes for the account being queried.
/// </param>
public NtStatus NetrDatabaseRedo(
string PrimaryName,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
ref _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
byte[] ChangeLogEntry,
uint ChangeLogEntrySize,
out _NETLOGON_DELTA_ENUM_ARRAY? DeltaArray)
{
const ushort opnum = 17;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pPrimaryName = Marshal.StringToHGlobalUni(PrimaryName);
SafeIntPtr pComputerName = Marshal.StringToHGlobalUni(ComputerName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
SafeIntPtr pReturnAuthenticatorIn = TypeMarshal.ToIntPtr(ReturnAuthenticator);
SafeIntPtr pChangeLogEntry = IntPtrUtility.ArrayToPtr(ChangeLogEntry);
paramList = new Int3264[] {
pPrimaryName,
pComputerName,
pAuthenticator,
pReturnAuthenticatorIn,
pChangeLogEntry,
ChangeLogEntrySize,
IntPtr.Zero,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticatorOut = outParamList[3];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticatorOut);
IntPtr pDeltaArray = outParamList[6];
pDeltaArray = Marshal.ReadIntPtr(pDeltaArray);
DeltaArray = TypeMarshal.ToNullableStruct<_NETLOGON_DELTA_ENUM_ARRAY>(pDeltaArray);
retVal = outParamList[7].ToInt32();
}
pPrimaryName.Dispose();
pComputerName.Dispose();
pAuthenticator.Dispose();
pReturnAuthenticatorIn.Dispose();
pChangeLogEntry.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// The NetrGetForestTrustInformationSupported in windows_2000_server,
/// windows_xp, windows_server_2003, windows_vista, and
/// windows_server_2008, windows_7, and windows_server_7.
/// method retrieves the trust information for the forest
/// of which the member's domain is itself a member. Opnum
/// : 44
/// </summary>
/// <param name="ServerName">
/// The custom RPC binding handle, as specified in section
/// .
/// </param>
/// <param name="ComputerName">
/// The null-terminated Unicode string that contains the
/// client computer NetBIOS name.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the client authenticator.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the server return
/// authenticator.
/// </param>
/// <param name="Flags">
/// MUST be set to zero and MUST be ignored on receipt.
/// </param>
/// <param name="ForestTrustInfo">
/// A pointer to an LSA_FOREST_TRUST_INFORMATION structure,
/// as specified in [MS-LSAD] section , that contains data
/// for each foresttrust.
/// </param>
public NtStatus NetrGetForestTrustInformation(
string ServerName,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
out _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
uint Flags,
out _LSA_FOREST_TRUST_INFORMATION? ForestTrustInfo)
{
const ushort opnum = 44;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pServerName = Marshal.StringToHGlobalUni(ServerName);
SafeIntPtr pComputerName = Marshal.StringToHGlobalUni(ComputerName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
paramList = new Int3264[] {
pServerName,
pComputerName,
pAuthenticator,
IntPtr.Zero,
Flags,
IntPtr.Zero,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticator = outParamList[3];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticator);
IntPtr pForestTrustInfo = outParamList[5];
pForestTrustInfo = Marshal.ReadIntPtr(pForestTrustInfo);
ForestTrustInfo = TypeMarshal.ToNullableStruct<_LSA_FOREST_TRUST_INFORMATION>(pForestTrustInfo);
retVal = outParamList[6].ToInt32();
}
pServerName.Dispose();
pComputerName.Dispose();
pAuthenticator.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// Validates the client Netlogon authenticator by incrementing the Netlogon credential
/// in the Netlogon authenticator by one, performs the computation described in section
/// 3.1.4.4, Netlogon Credential Computation, and stores the new Netlogon credential.
/// The server returns a Netlogon authenticator that contains the new Netlogon credential
/// to the client.
/// </summary>
/// <param name="clientAuthenticator">
/// Authenticator from client to validate.
/// </param>
/// <param name="algorithm">
/// Algorithm to validate the authenticator.
/// </param>
/// <param name="serverStoredCredential">
/// A byte array containing the credential that is maintained by
/// the server and that is used during computation and
/// verification of the Netlogon authenticator.
/// </param>
/// <param name="sessionKey">Session Key</param>
/// <returns>Return true if validate successfully; otherwise, false.</returns>
/// <exception cref="ArgumentNullException">
/// Thrown when serverStoredCredential or sessionKey is null.
/// </exception>
/// <exception cref="ArgumentException">
/// Thrown when Credential.data field of clientAuthenticator is null.
/// Thrown when session key length is incorrect.
/// </exception>
public static bool ValidateClientNetlogonAuthenticator(
_NETLOGON_AUTHENTICATOR clientAuthenticator,
NrpcComputeNetlogonCredentialAlgorithm algorithm,
ref byte[] serverStoredCredential,
byte[] sessionKey)
{
if (serverStoredCredential == null)
{
throw new ArgumentNullException("serverStoredCredential");
}
if (sessionKey == null)
{
throw new ArgumentNullException("sessionKey");
}
if (sessionKey.Length != NETLOGON_SESSION_KEY_LENGTH)
{
throw new ArgumentException("Session key length is incorrect.", "sessionKey");
}
if (clientAuthenticator.Credential.data == null)
{
throw new ArgumentException("clientAuthenticator is invalid.", "clientAuthenticator");
}
//SET ServerStoredCredential = ServerStoredCredential +
// ClientAuthenticator.Timestamp;
//CALL ComputeNetlogonCredential(ServerStoredCredential,
// Session-Key, TempCredential);
//IF TempCredential != ClientAuthenticator.Credential
//THEN return access denied error
//In each of the addition operations previously performed,
//the least-significant 4 bytes of the credential are added
//with the 4-byte time stamp value (or the constant 1),
//and overflow is ignored. This leaves the most-significant
//4 bytes of the credential unmodified.
uint credential = BitConverter.ToUInt32(serverStoredCredential, 0);
credential += clientAuthenticator.Timestamp;
byte[] buf = BitConverter.GetBytes(credential);
Array.Copy(buf, serverStoredCredential, buf.Length);
byte[] tempCredential = ComputeNetlogonCredential(
algorithm,
serverStoredCredential,
sessionKey);
return ArrayUtility.CompareArrays(tempCredential, clientAuthenticator.Credential.data);
}
/// <summary>
/// NetrAccountSync IDL method. Opnum: 10
/// </summary>
/// <param name="PrimaryName">
/// PrimaryName parameter.
/// </param>
/// <param name="ComputerName">
/// ComputerName parameter.
/// </param>
/// <param name="Authenticator">
/// Authenticator parameter.
/// </param>
/// <param name="ReturnAuthenticator">
/// ReturnAuthenticator parameter.
/// </param>
/// <param name="Reference">
/// Reference parameter.
/// </param>
/// <param name="Level">
/// Level parameter.
/// </param>
/// <param name="Buffer">
/// Buffer parameter.
/// </param>
/// <param name="BufferSize">
/// BufferSize parameter.
/// </param>
/// <param name="CountReturned">
/// CountReturned parameter.
/// </param>
/// <param name="TotalEntries">
/// TotalEntries parameter.
/// </param>
/// <param name="NextReference">
/// NextReference parameter.
/// </param>
/// <param name="LastRecordId">
/// LastRecordId parameter.
/// </param>
public NtStatus NetrAccountSync(
string PrimaryName,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
ref _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
uint Reference,
uint Level,
out byte[] Buffer,
uint BufferSize,
out uint? CountReturned,
out uint? TotalEntries,
out uint? NextReference,
out _UAS_INFO_0? LastRecordId)
{
const ushort opnum = 10;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pPrimaryName = Marshal.StringToHGlobalUni(PrimaryName);
SafeIntPtr pComputerName = Marshal.StringToHGlobalUni(ComputerName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
SafeIntPtr pReturnAuthenticatorIn = TypeMarshal.ToIntPtr(ReturnAuthenticator);
paramList = new Int3264[] {
pPrimaryName,
pComputerName,
pAuthenticator,
pReturnAuthenticatorIn,
Reference,
Level,
IntPtr.Zero,
BufferSize,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticatorOut = outParamList[3];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticatorOut);
IntPtr pBuffer = outParamList[6];
Buffer = IntPtrUtility.PtrToArray<byte>(pBuffer, BufferSize);
CountReturned = TypeMarshal.ToNullableStruct<uint>(outParamList[8]);
TotalEntries = TypeMarshal.ToNullableStruct<uint>(outParamList[9]);
NextReference = TypeMarshal.ToNullableStruct<uint>(outParamList[10]);
IntPtr pLastRecordId = outParamList[11];
LastRecordId = TypeMarshal.ToNullableStruct<_UAS_INFO_0>(pLastRecordId);
retVal = outParamList[12].ToInt32();
}
pPrimaryName.Dispose();
pComputerName.Dispose();
pAuthenticator.Dispose();
pReturnAuthenticatorIn.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// The NetrLogonSamLogoff method handles logoff requests
/// for the SAM accounts. Opnum: 3
/// </summary>
/// <param name="logonServer">
/// The custom RPC binding handle.
/// </param>
/// <param name="computerName">
/// The Unicode string that contains the NetBIOS name of
/// the client computer calling this method.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the client authenticator.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the server return
/// authenticator.
/// </param>
/// <param name="logonLevel">
/// A NETLOGON_LOGON_INFO_CLASS structure,
/// that identifies the type of logon information
/// in the LogonInformation union.
/// </param>
/// <param name="logonInformation">
/// A pointer to a NETLOGON_LEVEL structure,
/// that describes the logon information.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrLogonSamLogoff(
string logonServer,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
ref _NETLOGON_AUTHENTICATOR? returnAuthenticator,
_NETLOGON_LOGON_INFO_CLASS logonLevel,
_NETLOGON_LEVEL? logonInformation)
{
NtStatus status = rpc.NetrLogonSamLogoff(
logonServer,
computerName,
authenticator,
ref returnAuthenticator,
logonLevel,
logonInformation);
context.ConnectionStatus = status;
return status;
}
/// <summary>
/// The NetrLogonSamLogon method This method was used in
/// windows_nt_4_0. It was superseded by the NetrLogonSamLogonWithFlags
/// method in windows_2000_server, windows_xp,
/// windows_server_2003, windows_vista, and windows_server_2008,
/// windows_7, and windows_server_7. is a predecessor to
/// the NetrLogonSamLogonWithFlags method. All
/// parameters of this method have the same meanings as
/// the identically named parameters of the NetrLogonSamLogonWithFlags
/// method. Opnum: 2
/// </summary>
/// <param name="logonServer">
/// LogonServer parameter.
/// </param>
/// <param name="computerName">
/// ComputerName parameter.
/// </param>
/// <param name="authenticator">
/// Authenticator parameter.
/// </param>
/// <param name="returnAuthenticator">
/// ReturnAuthenticator parameter.
/// </param>
/// <param name="logonLevel">
/// LogonLevel parameter.
/// </param>
/// <param name="logonInformation">
/// LogonInformation parameter.
/// </param>
/// <param name="validationLevel">
/// ValidationLevel parameter.
/// </param>
/// <param name="validationInformation">
/// ValidationInformation parameter.
/// </param>
/// <param name="authoritative">
/// Authoritative parameter.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrLogonSamLogon(
string logonServer,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
ref _NETLOGON_AUTHENTICATOR? returnAuthenticator,
_NETLOGON_LOGON_INFO_CLASS logonLevel,
_NETLOGON_LEVEL? logonInformation,
_NETLOGON_VALIDATION_INFO_CLASS validationLevel,
out _NETLOGON_VALIDATION? validationInformation,
out byte? authoritative)
{
NtStatus status = rpc.NetrLogonSamLogon(
logonServer,
computerName,
authenticator,
ref returnAuthenticator,
logonLevel,
logonInformation,
validationLevel,
out validationInformation,
out authoritative);
//ConnectionStatus: A 4-byte value that contains the most recent
//connection status return value (section 3.4.5.3.1) last returned
//during secure channel establishment or by a method requiring
//session key establishment (section 3.1.4.6).
context.ConnectionStatus = status;
return status;
}
/// <summary>
/// The NetrLogonGetDomainInfo method Supported in windows_2000_server,
/// windows_xp, windows_server_2003, windows_vista, and
/// windows_server_2008, windows_7, and windows_server_7.
/// returns information that describes the current domain
/// to which the specified client belongs. Opnum: 29
/// </summary>
/// <param name="serverName">
/// The custom RPC binding handle.
/// </param>
/// <param name="computerName">
/// The null-terminated Unicode string that contains the
/// name of the client computer issuing the request.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the client authenticator.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the server return
/// authenticator.
/// </param>
/// <param name="level">
/// The information level requested by the client. The buffer
/// contains one of the following structures, based on
/// the value of this field.
/// </param>
/// <param name="wkstaBuffer">
/// A pointer to a NETLOGON_WORKSTATION_INFORMATION structure,
/// that contains information
/// about the client workstation.
/// </param>
/// <param name="domBuffer">
/// A pointer to a NETLOGON_DOMAIN_INFORMATION structure,
/// that contains information
/// about the domain or policy information.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrLogonGetDomainInfo(
string serverName,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
ref _NETLOGON_AUTHENTICATOR? returnAuthenticator,
Level_Values level,
_NETLOGON_WORKSTATION_INFORMATION? wkstaBuffer,
out _NETLOGON_DOMAIN_INFORMATION? domBuffer)
{
NtStatus status = rpc.NetrLogonGetDomainInfo(
serverName,
computerName,
authenticator,
ref returnAuthenticator,
level,
wkstaBuffer,
out domBuffer);
context.ConnectionStatus = status;
return status;
}
public _NETLOGON_AUTHENTICATOR CreateEmptyNetlogonAuthenticator()
{
_NETLOGON_AUTHENTICATOR authenticator = new _NETLOGON_AUTHENTICATOR();
authenticator.Timestamp = 0;
authenticator.Credential = new _NETLOGON_CREDENTIAL();
authenticator.Credential.data = new byte[NrpcUtility.NL_CREDENTIAL_LENGTH];
return authenticator;
}
/// <summary>
/// The NetrLogonGetCapabilities method is used by clients
/// to confirm the server capabilities after a secure channel
/// has been established. Opnum: 21
/// </summary>
/// <param name="serverName">
/// A LOGONSRV_HANDLE Unicode string handle of the server
/// that is handling the request.
/// </param>
/// <param name="computerName">
/// A string that contains the name of the computer.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure that
/// contains the client authenticator.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure that
/// contains the server return authenticator.
/// </param>
/// <param name="queryLevel">
/// Specifies the level of information to return from the
/// domain controller being queried. A value of 0x00000001
/// causes a NETLOGON_DOMAIN_INFO structure that contains
/// information about the DC to be returned.
/// </param>
/// <param name="serverCapabilities">
/// A pointer to a 32-bit set of bit flags that identify
/// the server's capabilities.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrLogonGetCapabilities(
string serverName,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
ref _NETLOGON_AUTHENTICATOR? returnAuthenticator,
uint queryLevel,
out _NETLOGON_CAPABILITIES? serverCapabilities)
{
context.PrimaryName = serverName;
context.ClientComputerName = computerName;
NtStatus status = rpc.NetrLogonGetCapabilities(
serverName,
computerName,
authenticator,
ref returnAuthenticator,
queryLevel,
out serverCapabilities);
//ConnectionStatus: A 4-byte value that contains the most recent
//connection status return value (section 3.4.5.3.1) last returned
//during secure channel establishment or by a method requiring
//session key establishment (section 3.1.4.6).
context.ConnectionStatus = status;
if (status == NtStatus.STATUS_SUCCESS
&& queryLevel == 1
&& serverCapabilities != null)
{
context.NegotiateFlags = (NrpcNegotiateFlags)serverCapabilities.Value.ServerCapabilities;
}
return status;
}
/// <summary>
/// The NetrGetForestTrustInformationSupported in windows_2000_server,
/// windows_xp, windows_server_2003, windows_vista, and
/// windows_server_2008, windows_7, and windows_server_7.
/// method retrieves the trust information for the forest
/// of which the member's domain is itself a member. Opnum: 44
/// </summary>
/// <param name="serverName">
/// The custom RPC binding handle.
/// </param>
/// <param name="computerName">
/// The null-terminated Unicode string that contains the
/// client computer NetBIOS name.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the client authenticator.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the server return
/// authenticator.
/// </param>
/// <param name="flags">
/// MUST be set to zero and MUST be ignored on receipt.
/// </param>
/// <param name="forestTrustInfo">
/// A pointer to an LSA_FOREST_TRUST_INFORMATION structure,
/// as specified in [MS-LSAD], that contains data
/// for each foresttrust.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrGetForestTrustInformation(
string serverName,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
out _NETLOGON_AUTHENTICATOR? returnAuthenticator,
uint flags,
out _LSA_FOREST_TRUST_INFORMATION? forestTrustInfo)
{
return rpc.NetrGetForestTrustInformation(
serverName,
computerName,
authenticator,
out returnAuthenticator,
flags,
out forestTrustInfo);
}
/// <summary>
/// The NetrDatabaseSync2 method returns a set of all changes
/// applied to the specified database since its creation.
/// It provides an interface for a BDC to fully synchronize
/// its databases to those of the PDC. Because returning
/// all changes in one call might be prohibitively expensive
/// due to a large amount of data being returned, this
/// method supports retrieving portions of the database
/// changes in a series of calls using a continuation context
/// until all changes are received. It is possible for
/// the series of calls to be terminated prematurely due
/// to external events, such as system restarts. For that
/// reason, the method also supports restarting the series
/// of calls at a particular point specified by the caller.
/// The caller MUST keep track of synchronization progress
/// during the series of calls.
/// Opnum: 16
/// </summary>
/// <param name="primaryName">
/// The custom RPC binding handle,
/// that represents the connection to the PDC.
/// </param>
/// <param name="computerName">
/// The null-terminated Unicode string that contains the
/// NetBIOS name of the BDC calling this method.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the client authenticator.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the server return
/// authenticator.
/// </param>
/// <param name="databaseID">
/// The identifier for a specific database for which the
/// changes are requested. It MUST be one of the following
/// values.
/// </param>
/// <param name="restartState">
/// Specifies whether this is a restart of the series of
/// the synchronization calls and how to interpret SyncContext.
/// This value MUST be NormalState unless this is the restart,
/// in which case the value MUST be set as specified in
/// the description of the SyncContext parameter.
/// </param>
/// <param name="syncContext">
/// Specifies context needed to continue the operation.
/// The value MUST be set to zero on the first call. The
/// caller MUST treat this as an opaque value, unless this
/// call is a restart of the series of synchronization
/// calls. The value returned is to be used on input for
/// the next call in the series of synchronization calls. If
/// this call is the restart of the series, the values
/// of the RestartState and the SyncContext parameters
/// are dependent on the DeltaType value received on the
/// last call before the restart and MUST be set as follows.
/// Find the last NETLOGON_DELTA_ENUM structure in the
/// DeltaArray parameter of the call. The DeltaType field
/// of this NETLOGON_DELTA_ENUM structure
/// is the DeltaType needed for the restart.
/// The values of RestartState and SyncContext are then
/// determined from the following table.<para/>
/// DeltaType RestartState SyncContext<para/>
/// AddOrChangeGroup GroupState The value of the RID field of the last element<para/>
/// AddOrChangeUser UserState The value of the RID field of the last element<para/>
/// ChangeGroupMembership GroupMemberState The value of the RID field of the last element<para/>
/// AddOrChangeAlias AliasState 0x00000000<para/>
/// ChangeAliasMembership AliasMemberState 0x00000000<para/>
/// Any other value not previously listed NormalState 0x00000000
/// </param>
/// <param name="deltaArray">
/// A pointer to a NETLOGON_DELTA_ENUM_ARRAY structure,
/// that contains an array of
/// enumerated changes (deltas) to the specified database.
/// </param>
/// <param name="preferredMaximumLength">
/// The value that specifies the preferred maximum size,
/// in bytes, of data referenced in the DeltaArray parameter.
/// This is not a hard upper limit, but serves as a guide
/// to the server. The server SHOULDwindows stops including
/// elements in the returned DeltaArray once the size of
/// the returned data equals or exceeds the value of the
/// PreferredMaximumLength parameter. The server SHOULD stop including elements
/// in the returned DeltaArray once the size of the returned
/// data equals or exceeds the value of the PreferredMaximumLength
/// parameter. It is up to the client implementation to
/// choose the value for this parameter.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrDatabaseSync2(
string primaryName,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
ref _NETLOGON_AUTHENTICATOR? returnAuthenticator,
DatabaseID_Values databaseID,
_SYNC_STATE restartState,
ref uint? syncContext,
out _NETLOGON_DELTA_ENUM_ARRAY? deltaArray,
uint preferredMaximumLength)
{
NtStatus status = rpc.NetrDatabaseSync2(
primaryName,
computerName,
authenticator,
ref returnAuthenticator,
databaseID,
restartState,
ref syncContext,
out deltaArray,
preferredMaximumLength);
context.ConnectionStatus = status;
return status;
}
/// <summary>
/// Compute the Netlogon Authenticator at client-side.
/// </summary>
/// <param name="algorithm">
/// Algorithm to compute the authenticator.
/// </param>
/// <param name="time">
/// Current time on client.
/// </param>
/// <param name="clientStoredCredential">
/// A byte array containing the credential that is created by the client and
/// received by the server and that is used during computation and
/// verification of the Netlogon authenticator.
/// </param>
/// <param name="sessionKey">
/// Session Key.
/// </param>
/// <returns>Netlogon Authenticator</returns>
/// <exception cref="ArgumentNullException">
/// Thrown when clientStoredCredential or sessionKey is null.
/// </exception>
/// <exception cref="ArgumentException">
/// Thrown when session key length is incorrect.
/// </exception>
public static _NETLOGON_AUTHENTICATOR ComputeClientNetlogonAuthenticator(
NrpcComputeNetlogonCredentialAlgorithm algorithm,
DateTime time,
ref byte[] clientStoredCredential,
byte[] sessionKey)
{
if (clientStoredCredential == null)
{
throw new ArgumentNullException("clientStoredCredential");
}
if (sessionKey == null)
{
throw new ArgumentNullException("sessionKey");
}
if (sessionKey.Length != NETLOGON_SESSION_KEY_LENGTH)
{
throw new ArgumentException("Session key length is incorrect.", "sessionKey");
}
//SET TimeNow = current time;
//SET ClientAuthenticator.Timestamp = TimeNow;
//SET ClientStoredCredential = ClientStoredCredential + TimeNow;
//CALL ComputeNetlogonCredential(ClientStoredCredential, Session-Key, ClientAuthenticator.Credential);
//Timestamp is an integer value that contains the time of day at
//which the client constructed this authentication credential,
//represented as the number of elapsed seconds since 00:00:00 of January 1, 1970 (UTC).
DateTime time19700101 = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
_NETLOGON_AUTHENTICATOR authenticator = new _NETLOGON_AUTHENTICATOR();
authenticator.Timestamp = (uint)(
(time.ToUniversalTime() - time19700101).Ticks / TimeSpan.TicksPerSecond);
//In each of the addition operations previously performed,
//the least-significant 4 bytes of the credential are added
//with the 4-byte time stamp value (or the constant 1),
//and overflow is ignored. This leaves the most-significant
//4 bytes of the credential unmodified.
uint credential = BitConverter.ToUInt32(clientStoredCredential, 0);
credential += authenticator.Timestamp;
byte[] buf = BitConverter.GetBytes(credential);
Array.Copy(buf, clientStoredCredential, buf.Length);
authenticator.Credential = new _NETLOGON_CREDENTIAL();
authenticator.Credential.data = ComputeNetlogonCredential(
algorithm,
clientStoredCredential,
sessionKey);
return authenticator;
}
/// <summary>
/// The NetrLogonSamLogonWithFlags method Supported in windows_xpwindows_server_2003,
/// windows_vista, windows_server_2008, windows_7, and
/// windows_server_7. handles logon requests for the SAM
/// accounts. Opnum: 45
/// </summary>
/// <param name="logonServer">
/// The custom RPC binding handle.
/// </param>
/// <param name="computerName">
/// The Unicode string that contains the NetBIOS name of
/// the client computer calling this method.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the client authenticator.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the server return
/// authenticator.
/// </param>
/// <param name="logonLevel">
/// A NETLOGON_LOGON_INFO_CLASS structure,
/// that specifies the type of logon information
/// passed in the LogonInformation parameter.
/// </param>
/// <param name="logonInformation">
/// A pointer to a NETLOGON_LEVEL structure,
/// that describes the logon request information.
/// </param>
/// <param name="validationLevel">
/// A NETLOGON_VALIDATION_INFO_CLASS enumerated type,
/// that contains the validation
/// level requested by the client.
/// </param>
/// <param name="validationInformation">
/// A pointer to a NETLOGON_VALIDATION structure,
/// that describes the user validation information
/// returned to the client. The type of the NETLOGON_VALIDATION
/// used is determined by the value of the ValidationLevel
/// parameter.
/// </param>
/// <param name="authoritative">
/// A pointer to a char value representing a Boolean condition.
/// FALSE is indicated by the value 0x00; TRUE SHOULD be
/// indicated by the value 0x01 and MAY also be indicated
/// by any nonzero value. Windows uses the value of 0x01
/// as the representation of TRUE and 0x00 for FALSE. This
/// Boolean value indicates whether the validation information
/// is final. This field is necessary because the request
/// might be forwarded through multiple servers. A value
/// of TRUE indicates that the validation information is
/// final and MUST remain unchanged.
/// </param>
/// <param name="extraFlags">
/// A pointer to a set of bit flags that specify delivery
/// settings. A flag is TRUE (or set) if its value is equal
/// to 1. The value is constructed from zero or more bit
/// flags from the following table.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrLogonSamLogonWithFlags(
string logonServer,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
ref _NETLOGON_AUTHENTICATOR? returnAuthenticator,
_NETLOGON_LOGON_INFO_CLASS logonLevel,
_NETLOGON_LEVEL? logonInformation,
_NETLOGON_VALIDATION_INFO_CLASS validationLevel,
out _NETLOGON_VALIDATION? validationInformation,
out byte? authoritative,
ref NrpcNetrLogonSamLogonExtraFlags? extraFlags)
{
uint? flags = (uint?)extraFlags;
NtStatus status = rpc.NetrLogonSamLogonWithFlags(
logonServer,
computerName,
authenticator,
ref returnAuthenticator,
logonLevel,
logonInformation,
validationLevel,
out validationInformation,
out authoritative,
ref flags);
context.ConnectionStatus = status;
extraFlags = (NrpcNetrLogonSamLogonExtraFlags?)flags;
return status;
}
/// <summary>
/// Compute the Netlogon Authenticator at server-side.
/// </summary>
/// <param name="algorithm">
/// Algorithm to compute the authenticator.
/// </param>
/// <param name="serverStoredCredential">
/// A byte array containing the credential that is created by the server and
/// received by the client and that is used during computation and
/// verification of the Netlogon authenticator.
/// </param>
/// <param name="sessionKey">
/// Session Key.
/// </param>
/// <returns>Netlogon Authenticator</returns>
/// <exception cref="ArgumentNullException">
/// Thrown when serverStoredCredential or sessionKey is null.
/// </exception>
/// <exception cref="ArgumentException">
/// Thrown when session key length is incorrect.
/// </exception>
public static _NETLOGON_AUTHENTICATOR ComputeServerNetlogonAuthenticator(
NrpcComputeNetlogonCredentialAlgorithm algorithm,
ref byte[] serverStoredCredential,
byte[] sessionKey)
{
if (serverStoredCredential == null)
{
throw new ArgumentNullException("serverStoredCredential");
}
if (sessionKey == null)
{
throw new ArgumentNullException("sessionKey");
}
if (sessionKey.Length != NETLOGON_SESSION_KEY_LENGTH)
{
throw new ArgumentException("Session key length is incorrect.", "sessionKey");
}
//SET ServerStoredCredential = ServerStoredCredential + 1;
//CALL ComputeNetlogonCredential(ServerStoredCredential,
//Session-Key, ServerAuthenticator.Credential);
_NETLOGON_AUTHENTICATOR authenticator = new _NETLOGON_AUTHENTICATOR();
//In each of the addition operations previously performed,
//the least-significant 4 bytes of the credential are added
//with the 4-byte time stamp value (or the constant 1),
//and overflow is ignored. This leaves the most-significant
//4 bytes of the credential unmodified.
uint credential = BitConverter.ToUInt32(serverStoredCredential, 0);
credential += 1;
byte[] buf = BitConverter.GetBytes(credential);
Array.Copy(buf, serverStoredCredential, buf.Length);
authenticator.Credential = new _NETLOGON_CREDENTIAL();
authenticator.Credential.data = ComputeNetlogonCredential(
algorithm,
serverStoredCredential,
sessionKey);
return authenticator;
}
/// <summary>
/// The NetrLogonSendToSamSupported in windows_2000_server,
/// windows_xp, windows_server_2003, and windows_server_2008windows_server_2008,
/// windows_7, and windows_server_7. method allows a BDC
/// to forward user account password changes to the PDC.
/// It is used by the client to deliver an opaque buffer
/// to the SAM database ([MS-SAMR]) on the server side.
/// Opnum: 32
/// </summary>
/// <param name="primaryName">
/// The custom RPC binding handle.
/// </param>
/// <param name="computerName">
/// A null-terminated Unicode string that contains the NetBIOS
/// name of the client computer making the call.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the client authenticator.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the server return
/// authenticator.
/// </param>
/// <param name="opaqueBuffer">
/// A buffer to be passed to the Security Account Manager
/// (SAM) service on the PDC. The buffer is encrypted on
/// the wire.
/// </param>
/// <param name="opaqueBufferSize">
/// The size, in bytes, of the OpaqueBuffer parameter.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrLogonSendToSam(
string primaryName,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
out _NETLOGON_AUTHENTICATOR? returnAuthenticator,
byte[] opaqueBuffer,
uint opaqueBufferSize)
{
NtStatus status = rpc.NetrLogonSendToSam(
primaryName,
computerName,
authenticator,
out returnAuthenticator,
opaqueBuffer,
opaqueBufferSize);
context.ConnectionStatus = status;
return status;
}
/// <summary>
/// The DsrUpdateReadOnlyServerDnsRecords method will allow an RODC to send a control
/// command to a normal (writable) DC for site-specific and CName types of DNS records
/// update. For registration, site-specific records should be for the site in which
/// RODC resides. For the types of DNS records, see [MS-ADTS] section 7.3.2. Opnum: 48
/// </summary>
/// <param name="ServerName">
/// The custom RPC binding handle (as specified in section 3.5.5.1) that represents
/// the connection to the normal (writable) DC.
/// </param>
/// <param name="ComputerName">
/// A null-terminated Unicode string that contains the client computer NetBIOS name.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure (as specified in section 2.2.1.1.5)
/// that contains the client authenticator that will be used to authenticate the client.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure that contains the server return
/// authenticator.
/// </param>
/// <param name="SiteName">
/// A pointer to a null-terminated Unicode string that contains the site name where
/// the RODC resides.
/// </param>
/// <param name="DnsTtl">
/// The Time To Live value, in seconds, for DNS records.
/// </param>
/// <param name="DnsNames">
/// A pointer to an NL_DNS_NAME_INFO_ARRAY (section 2.2.1.2.6) structure that contains
/// an array of NL_DNS_NAME_INFO structures.
/// </param>
public NtStatus DsrUpdateReadOnlyServerDnsRecords(
string ServerName,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
out _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
string SiteName,
uint DnsTtl,
ref _NL_DNS_NAME_INFO_ARRAY? DnsNames)
{
const ushort opnum = 48;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pServerName = Marshal.StringToHGlobalUni(ServerName);
SafeIntPtr pComputerName = Marshal.StringToHGlobalUni(ComputerName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
SafeIntPtr pSiteName = Marshal.StringToHGlobalUni(SiteName);
SafeIntPtr pDnsNamesIn = TypeMarshal.ToIntPtr(DnsNames);
paramList = new Int3264[] {
pServerName,
pComputerName,
pAuthenticator,
IntPtr.Zero,
pSiteName,
DnsTtl,
pDnsNamesIn,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticator = outParamList[3];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticator);
IntPtr pDnsNamesOut = outParamList[6];
DnsNames = TypeMarshal.ToNullableStruct<_NL_DNS_NAME_INFO_ARRAY>(pDnsNamesOut);
retVal = outParamList[7].ToInt32();
}
pServerName.Dispose();
pComputerName.Dispose();
pAuthenticator.Dispose();
pSiteName.Dispose();
pDnsNamesIn.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// The NetrServerPasswordGet method Supported in windows_2000_server,
/// windows_xp, windows_server_2003, windows_vista, windows_server_2008,
/// windows_7, and windows_server_7. allows a domain controller
/// to get a machine account password from the DC with
/// the PDC role in the domain. Opnum: 31
/// </summary>
/// <param name="primaryName">
/// The custom RPC binding handle.
/// </param>
/// <param name="accountName">
/// A null-terminated Unicode string that contains the name
/// of the account to retrieve the password for. For machine
/// accounts, the account name is the machine name appended
/// with a "$" character.
/// </param>
/// <param name="accountType">
/// A NETLOGON_SECURE_CHANNEL_TYPE enumerated value,
/// that describes the secure channel
/// to be used for authentication.
/// </param>
/// <param name="computerName">
/// A null-terminated Unicode string that contains the NetBIOS
/// name of the BDC making the call.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the encrypted
/// logon credential and a time stamp.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the server return
/// authenticator.
/// </param>
/// <param name="encryptedNtOwfPassword">
/// A pointer to an ENCRYPTED_NT_OWF_PASSWORD structure,
/// as specified in [MS-SAMR], that contains the
/// OWF password of the account.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrServerPasswordGet(
string primaryName,
string accountName,
_NETLOGON_SECURE_CHANNEL_TYPE accountType,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
out _NETLOGON_AUTHENTICATOR? returnAuthenticator,
out _NT_OWF_PASSWORD? encryptedNtOwfPassword)
{
NtStatus status = rpc.NetrServerPasswordGet(
primaryName,
accountName,
accountType,
computerName,
authenticator,
out returnAuthenticator,
out encryptedNtOwfPassword);
context.ConnectionStatus = status;
return status;
}
/// <summary>
/// When an RODC receives either the NetrServerAuthenticate3 method or the
/// NetrLogonGetDomainInfo method with updates requested, it invokes this method
/// on a normal (writable) DC to update to a client's computer account object in
/// Active Directory.
/// </summary>
/// <param name="PrimaryName">
/// The custom RPC binding handle, as specified in section 3.5.5.1.
/// </param>
/// <param name="ChainedFromServerName">
/// The null-terminated Unicode string that contains the name of the read-only
/// DC that issues the request.
/// </param>
/// <param name="ChainedForClientName">
/// The null-terminated Unicode string that contains the name of the client
/// computer that called NetrServerAuthenticate3 or NetrLogonGetDomainInfo on
/// the RODC.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure that contains the client
/// authenticator.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure that contains the server
/// return authenticator.
/// </param>
/// <param name="dwInVersion">
/// One of the NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES union types selected based on
/// the value of the pmsgIn field. The value MUST be 1.
/// </param>
/// <param name="pmsgIn">
/// A pointer to an NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES_V1 structure that contains
/// the values to update on the client's computer account object in Active
/// Directory on the normal (writable) DC.
/// </param>
/// <param name="pdwOutVersion">
/// A pointer to one of the NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES union types selected
/// based on the value of the pmsgIn field. The value MUST be 1.
/// </param>
/// <param name="pmsgOut">
/// A pointer to an NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES_V1 structure that contains
/// information on the client workstation and the writable domain controller. For
/// how it is populated by the server, see below.
/// </param>
public NtStatus NetrChainSetClientAttributes(
string PrimaryName,
string ChainedFromServerName,
string ChainedForClientName,
_NETLOGON_AUTHENTICATOR? Authenticator,
ref _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
uint dwInVersion,
NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES? pmsgIn,
ref uint? pdwOutVersion,
ref NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES? pmsgOut)
{
const ushort opnum = 49;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pPrimaryName = Marshal.StringToHGlobalUni(PrimaryName);
SafeIntPtr pChainedFromServerName = Marshal.StringToHGlobalUni(ChainedFromServerName);
SafeIntPtr pChainedForClientName = Marshal.StringToHGlobalUni(ChainedForClientName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
SafeIntPtr pReturnAuthenticatorIn = TypeMarshal.ToIntPtr(ReturnAuthenticator);
SafeIntPtr ppMsgIn = TypeMarshal.ToIntPtr(pmsgIn, dwInVersion, null, null);
SafeIntPtr ppdwOutVersion = TypeMarshal.ToIntPtr(pdwOutVersion);
SafeIntPtr ppMsgOutIn = TypeMarshal.ToIntPtr(pmsgOut, pdwOutVersion.Value, null, null);
paramList = new Int3264[] {
pPrimaryName,
pChainedFromServerName,
pChainedForClientName,
pAuthenticator,
pReturnAuthenticatorIn,
dwInVersion,
ppMsgIn,
ppdwOutVersion,
ppMsgOutIn,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticatorOut = outParamList[4];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticatorOut);
pdwOutVersion = TypeMarshal.ToNullableStruct<uint>(outParamList[7]);
IntPtr ppMsgOutOut = outParamList[8];
pmsgOut = TypeMarshal.ToNullableStruct<NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES>(
ppMsgOutOut,
pdwOutVersion.Value,
null,
null);
retVal = outParamList[9].ToInt32();
}
pPrimaryName.Dispose();
pChainedFromServerName.Dispose();
pChainedForClientName.Dispose();
pAuthenticator.Dispose();
pReturnAuthenticatorIn.Dispose();
ppMsgIn.Dispose();
ppdwOutVersion.Dispose();
ppMsgOutIn.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// The NetrServerPasswordSet2 method Supported in windows_2000_server,
/// windows_xp, windows_server_2003, windows_vista, windows_server_2008,
/// windows_7, and windows_server_7. allows the client
/// to set a new clear text password for an account used
/// by the domain controller
/// for setting up the secure channel from the client. A
/// domain member uses this function to periodically change
/// its machine account password. A PDC uses this function
/// to periodically change the trust password for all directly
/// trusted domains. By default, the period is 30 days
/// in windows_2000_server, windows_xp, windows_server_2003,
/// windows_vista, windows_server_2008, windows_7, and
/// windows_server_7. Opnum: 30
/// </summary>
/// <param name="primaryName">
/// The custom RPC binding handle.
/// </param>
/// <param name="accountName">
/// The null-terminated Unicode string that contains the
/// name of the account whose password is being changed. In
/// windows, all machine account names are the name of
/// the machine with a $ (dollar sign) appended.
/// </param>
/// <param name="secureChannelType">
/// An enumerated value that describes the secure channel
/// to be used for authentication.
/// </param>
/// <param name="computerName">
/// The null-terminated Unicode string that contains the
/// NetBIOS name of the computer making the request.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the encrypted
/// logon credential and a time stamp.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the server return
/// authenticator.
/// </param>
/// <param name="clearNewPassword">
/// A pointer to an NL_TRUST_PASSWORD structure,
/// that contains the new password encrypted
/// as specified in Calling NetrServerPasswordSet2.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrServerPasswordSet2(
string primaryName,
string accountName,
_NETLOGON_SECURE_CHANNEL_TYPE secureChannelType,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
out _NETLOGON_AUTHENTICATOR? returnAuthenticator,
_NL_TRUST_PASSWORD? clearNewPassword)
{
NtStatus status = rpc.NetrServerPasswordSet2(
primaryName,
accountName,
secureChannelType,
computerName,
authenticator,
out returnAuthenticator,
clearNewPassword);
context.ConnectionStatus = status;
return status;
}
/// <summary>
/// The NetrDatabaseSync2 method returns a set of all changes
/// applied to the specified database since its creation.
/// It provides an interface for a BDC to fully synchronize
/// its databases to those of the PDC. Because returning
/// all changes in one call might be prohibitively expensive
/// due to a large amount of data being returned, this
/// method supports retrieving portions of the database
/// changes in a series of calls using a continuation context
/// until all changes are received. It is possible for
/// the series of calls to be terminated prematurely due
/// to external events, such as system restarts. For that
/// reason, the method also supports restarting the series
/// of calls at a particular point specified by the caller.
/// The caller MUST keep track of synchronization progress
/// during the series of calls as detailed in this section.
/// Opnum: 16
/// </summary>
/// <param name="PrimaryName">
/// The custom RPC binding handle, as specified in section
/// , that represents the connection to the PDC.
/// </param>
/// <param name="ComputerName">
/// The null-terminated Unicode string that contains the
/// NetBIOS name of the BDC calling this method.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the client authenticator.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the server return
/// authenticator.
/// </param>
/// <param name="DatabaseID">
/// The identifier for a specific database for which the
/// changes are requested. It MUST be one of the following
/// values.
/// </param>
/// <param name="RestartState">
/// Specifies whether this is a restart of the series of
/// the synchronization calls and how to interpret SyncContext.
/// This value MUST be NormalState unless this is the restart,
/// in which case the value MUST be set as specified in
/// the description of the SyncContext parameter.
/// </param>
/// <param name="SyncContext">
/// Specifies context needed to continue the operation.
/// The value MUST be set to zero on the first call. The
/// caller MUST treat this as an opaque value, unless this
/// call is a restart of the series of synchronization
/// calls. The value returned is to be used on input for
/// the next call in the series of synchronization calls. If
/// this call is the restart of the series, the values
/// of the RestartState and the SyncContext parameters
/// are dependent on the DeltaType value received on the
/// last call before the restart and MUST be set as follows.
/// Find the last NETLOGON_DELTA_ENUM structure in the
/// DeltaArray parameter of the call. The DeltaType field
/// of this NETLOGON_DELTA_ENUM structure, as specified
/// in section , is the DeltaType needed for the restart.
/// The values of RestartState and SyncContext are then
/// determined from the following table. DeltaTypeRestartStateSyncContextAddOrChangeGroupGroupStateThe
/// value of the RID field of the last element AddOrChangeUserUserStateThe
/// value of the RID field of the last element ChangeGroupMembershipGroupMemberStateThe
/// value of the RID field of the last element AddOrChangeAliasAliasState0x00000000ChangeAliasMembershipAliasMemberState0x00000000Any
/// other value not previously listedNormalState0x00000000
/// </param>
/// <param name="DeltaArray">
/// A pointer to a NETLOGON_DELTA_ENUM_ARRAY structure,
/// as specified in section , that contains an array of
/// enumerated changes (deltas) to the specified database.
/// </param>
/// <param name="PreferredMaximumLength">
/// The value that specifies the preferred maximum size,
/// in bytes, of data referenced in the DeltaArray parameter.
/// This is not a hard upper limit, but serves as a guide
/// to the server. The server SHOULDwindows stops including
/// elements in the returned DeltaArray once the size of
/// the returned data equals or exceeds the value of the
/// PreferredMaximumLength parameter. The server SHOULD stop including elements
/// in the returned DeltaArray once the size of the returned
/// data equals or exceeds the value of the PreferredMaximumLength
/// parameter. It is up to the client implementation to
/// choose the value for this parameter.
/// </param>
public NtStatus NetrDatabaseSync2(
string PrimaryName,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
ref _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
DatabaseID_Values DatabaseID,
_SYNC_STATE RestartState,
ref uint? SyncContext,
out _NETLOGON_DELTA_ENUM_ARRAY? DeltaArray,
uint PreferredMaximumLength)
{
const ushort opnum = 16;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pPrimaryName = Marshal.StringToHGlobalUni(PrimaryName);
SafeIntPtr pComputerName = Marshal.StringToHGlobalUni(ComputerName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
SafeIntPtr pReturnAuthenticatorIn = TypeMarshal.ToIntPtr(ReturnAuthenticator);
SafeIntPtr pSyncContext = TypeMarshal.ToIntPtr(SyncContext);
paramList = new Int3264[] {
pPrimaryName,
pComputerName,
pAuthenticator,
pReturnAuthenticatorIn,
(uint)DatabaseID,
(uint)RestartState,
pSyncContext,
IntPtr.Zero,
PreferredMaximumLength,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticatorOut = outParamList[3];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticatorOut);
SyncContext = TypeMarshal.ToNullableStruct<uint>(outParamList[6]);
IntPtr pDeltaArray = outParamList[7];
pDeltaArray = Marshal.ReadIntPtr(pDeltaArray);
DeltaArray = TypeMarshal.ToNullableStruct<_NETLOGON_DELTA_ENUM_ARRAY>(pDeltaArray);
retVal = outParamList[9].ToInt32();
}
pPrimaryName.Dispose();
pComputerName.Dispose();
pAuthenticator.Dispose();
pReturnAuthenticatorIn.Dispose();
pSyncContext.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// The NetrServerTrustPasswordsGet method Supported in windows_2000_server_sp4,
/// windows_xp, and windows_server_2003, windows_vista,
/// windows_server_2008, windows_7, and windows_server_7.
/// returns the encrypted current and previous passwords
/// for an account in the domain. This method is called
/// by a client to retrieve the current and previous account
/// passwords from a domain controller. The account name
/// requested MUST be the name used when the secure channel
/// was created, unless the method is called on a PDC by
/// a DC, in which case it can be any valid account name.
/// Opnum: 42
/// </summary>
/// <param name="trustedDcName">
/// The custom RPC binding handle.
/// </param>
/// <param name="accountName">
/// The null-terminated Unicode string that contains the
/// name of the client account in the domain for which
/// the trust password MUST be returned. In windows, all
/// machine account names are the name of the machine with
/// a $ (dollar sign) appended.
/// </param>
/// <param name="secureChannelType">
/// A NETLOGON_SECURE_CHANNEL_TYPE enumerated value,
/// that indicates the type of the
/// secure channel being established by this call.
/// </param>
/// <param name="computerName">
/// The null-terminated Unicode string that contains the
/// NetBIOS name of the client computer.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the client authenticator.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the server return
/// authenticator.
/// </param>
/// <param name="encryptedNewOwfPassword">
/// A pointer to an ENCRYPTED_NT_OWF_PASSWORD structure,
/// that contains the NTOWFv1
/// (as specified in NTLM v1 Authentication in [MS-NLMP])
/// of the current password, encrypted as specified
/// in [MS-SAMR], Encrypting an NT Hash or LM
/// Hash Value with a Specified Key. The session key is
/// the specified 16-byte key that is used to derive the
/// password's keys. The specified 16-byte key uses the
/// 16-byte value process, as specified in [MS-SAMR].
/// </param>
/// <param name="encryptedOldOwfPassword">
/// A pointer to an ENCRYPTED_NT_OWF_PASSWORD structure,
/// that contains the NTOWFv1
/// (as specified in NTLM v1 Authentication in [MS-NLMP])
/// of the previous password, encrypted as specified
/// in [MS-SAMR], Encrypting an NT Hash or LM
/// Hash Value with a Specified Key. The session key is
/// the specified 16-byte key that is used to derive the
/// password's keys. The specified 16-byte key uses the
/// 16-byte value process, as specified in [MS-SAMR].
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrServerTrustPasswordsGet(
string trustedDcName,
string accountName,
_NETLOGON_SECURE_CHANNEL_TYPE secureChannelType,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
out _NETLOGON_AUTHENTICATOR? returnAuthenticator,
out _NT_OWF_PASSWORD? encryptedNewOwfPassword,
out _NT_OWF_PASSWORD? encryptedOldOwfPassword)
{
NtStatus status = rpc.NetrServerTrustPasswordsGet(
trustedDcName,
accountName,
secureChannelType,
computerName,
authenticator,
out returnAuthenticator,
out encryptedNewOwfPassword,
out encryptedOldOwfPassword);
context.ConnectionStatus = status;
return status;
}
/// <summary>
/// The NetrLogonDummyRoutine1 method is no longer supported.
/// It serves as a placeholder in the IDL file for the
/// RPC opnum value 21.The NetrLogonDummyRoutine1 method
/// is deprecated by NetrLogonGetCapabilities. It serves
/// as a placeholder in the IDL file for the RPC opnum value
/// 21.Supported in windows_nt, windows_2000, windows_xp,
/// windows_server_2003, windows_vista, windows_server_2008,
/// windows_7, and windows_server_7. Opnum: 21
/// </summary>
/// <param name="ServerName">
/// A LOGONSRV_HANDLE Unicode string handle of the server
/// that is handling the request.
/// </param>
/// <param name="ComputerName">
/// A string that contains the name of the computer.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure that
/// contains the client authenticator.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure that
/// contains the server return authenticator.
/// </param>
/// <param name="QueryLevel">
/// Specifies the level of information to return from the
/// domain controller being queried. A value of 0x00000001
/// causes a NETLOGON_DOMAIN_INFO structure that contains
/// information about the DC to be returned.
/// </param>
/// <param name="serverCapabilities">
/// A pointer to a 32-bit set of bit flags that identify
/// the server's capabilities.
/// </param>
public NtStatus NetrLogonGetCapabilities(
string ServerName,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
ref _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
uint QueryLevel,
out _NETLOGON_CAPABILITIES? serverCapabilities)
{
const ushort opnum = 21;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pServerName = Marshal.StringToHGlobalUni(ServerName);
SafeIntPtr pComputerName = Marshal.StringToHGlobalUni(ComputerName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
SafeIntPtr pReturnAuthenticatorIn = TypeMarshal.ToIntPtr(ReturnAuthenticator);
paramList = new Int3264[] {
pServerName,
pComputerName,
pAuthenticator,
pReturnAuthenticatorIn,
QueryLevel,
IntPtr.Zero,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticatorOut = outParamList[3];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticatorOut);
IntPtr pServerCapabilities = outParamList[5];
serverCapabilities = TypeMarshal.ToNullableStruct<_NETLOGON_CAPABILITIES>(
pServerCapabilities,
QueryLevel,
null,
null);
retVal = outParamList[6].ToInt32();
}
pServerName.Dispose();
pComputerName.Dispose();
pAuthenticator.Dispose();
pReturnAuthenticatorIn.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// Validates the returned Netlogon authenticator.
/// </summary>
/// <param name="serverAuthenticator">
/// Netlogon authenticator returned from server.
/// </param>
/// <returns>Return true if validate successfully; otherwise, false.</returns>
/// <exception cref="InvalidOperationException">
/// Thrown when the method is called before establishing a NRPC secure channel.
/// </exception>
public bool ValidateServerNetlogonAuthenticator(
_NETLOGON_AUTHENTICATOR serverAuthenticator)
{
ValidateSecureChannelExists();
byte[] clientStoredCredential;
bool result;
if ((context.NegotiateFlags & NrpcNegotiateFlags.SupportsAESAndSHA2)
== NrpcNegotiateFlags.SupportsAESAndSHA2)
{
clientStoredCredential = context.StoredCredential;
result = NrpcUtility.ValidateServerNetlogonAuthenticator(
serverAuthenticator,
NrpcComputeNetlogonCredentialAlgorithm.AES128,
ref clientStoredCredential,
context.SessionKey);
context.StoredCredential = clientStoredCredential;
}
else
{
clientStoredCredential = context.StoredCredential;
result = NrpcUtility.ValidateServerNetlogonAuthenticator(
serverAuthenticator,
NrpcComputeNetlogonCredentialAlgorithm.DESECB,
ref clientStoredCredential,
context.SessionKey);
context.StoredCredential = clientStoredCredential;
}
return result;
}
/// <summary>
/// The NetrLogonSamLogonWithFlags method Supported in windows_xpwindows_server_2003,
/// windows_vista, windows_server_2008, windows_7, and
/// windows_server_7. handles logon requests for the SAM
/// accounts. Opnum: 45
/// </summary>
/// <param name="LogonServer">
/// The custom RPC binding handle, as specified in section
/// .
/// </param>
/// <param name="ComputerName">
/// The Unicode string that contains the NetBIOS name of
/// the client computer calling this method.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the client authenticator.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the server return
/// authenticator.
/// </param>
/// <param name="LogonLevel">
/// A NETLOGON_LOGON_INFO_CLASS structure, as specified
/// in section , that specifies the type of logon information
/// passed in the LogonInformation parameter.
/// </param>
/// <param name="LogonInformation">
/// A pointer to a NETLOGON_LEVEL structure, as specified
/// in section , that describes the logon request information.
/// </param>
/// <param name="ValidationLevel">
/// A NETLOGON_VALIDATION_INFO_CLASS enumerated type, as
/// specified in section , that contains the validation
/// level requested by the client.
/// </param>
/// <param name="ValidationInformation">
/// A pointer to a NETLOGON_VALIDATION structure, as specified
/// in section , that describes the user validation information
/// returned to the client. The type of the NETLOGON_VALIDATION
/// used is determined by the value of the ValidationLevel
/// parameter.
/// </param>
/// <param name="Authoritative">
/// A pointer to a char value representing a Boolean condition.
/// FALSE is indicated by the value 0x00; TRUE SHOULD be
/// indicated by the value 0x01 and MAY also be indicated
/// by any nonzero value. Windows uses the value of 0x01
/// as the representation of TRUE and 0x00 for FALSE. This
/// Boolean value indicates whether the validation information
/// is final. This field is necessary because the request
/// might be forwarded through multiple servers. A value
/// of TRUE indicates that the validation information is
/// final and MUST remain unchanged.
/// </param>
/// <param name="ExtraFlags">
/// A pointer to a set of bit flags that specify delivery
/// settings. A flag is TRUE (or set) if its value is equal
/// to 1. The value is constructed from zero or more bit
/// flags from the following table.
/// </param>
public NtStatus NetrLogonSamLogonWithFlags(
string LogonServer,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
ref _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
_NETLOGON_LOGON_INFO_CLASS LogonLevel,
_NETLOGON_LEVEL? LogonInformation,
_NETLOGON_VALIDATION_INFO_CLASS ValidationLevel,
out _NETLOGON_VALIDATION? ValidationInformation,
out byte? Authoritative,
ref uint? ExtraFlags)
{
const ushort opnum = 45;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pLogonServer = Marshal.StringToHGlobalUni(LogonServer);
SafeIntPtr pComputerName = Marshal.StringToHGlobalUni(ComputerName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
SafeIntPtr pReturnAuthenticatorIn = TypeMarshal.ToIntPtr(ReturnAuthenticator);
SafeIntPtr pLogonInformation = TypeMarshal.ToIntPtr(LogonInformation, LogonLevel, null, null);
SafeIntPtr pExtraFlags = TypeMarshal.ToIntPtr(ExtraFlags);
paramList = new Int3264[] {
pLogonServer,
pComputerName,
pAuthenticator,
pReturnAuthenticatorIn,
(uint)LogonLevel,
pLogonInformation,
(uint)ValidationLevel,
IntPtr.Zero,
IntPtr.Zero,
pExtraFlags,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticatorOut = outParamList[3];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticatorOut);
IntPtr pValidationInformation = outParamList[7];
ValidationInformation = TypeMarshal.ToNullableStruct<_NETLOGON_VALIDATION>(
pValidationInformation,
ValidationLevel,
null,
null);
Authoritative = TypeMarshal.ToNullableStruct<byte>(outParamList[8]);
ExtraFlags = TypeMarshal.ToNullableStruct<uint>(outParamList[9]);
retVal = outParamList[10].ToInt32();
}
pLogonServer.Dispose();
pComputerName.Dispose();
pAuthenticator.Dispose();
pReturnAuthenticatorIn.Dispose();
pLogonInformation.Dispose();
pExtraFlags.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// Validates the client authenticator
/// </summary>
/// <param name="clientAuthenticator">the client authenticator</param>
private void ValidateNetlogonAuthenticator(_NETLOGON_AUTHENTICATOR? clientAuthenticator)
{
if (SessionKey == null || StoredCredential == null)
{
throw new InvalidOperationException("Unable to validate client authenticator");
}
if (!clientAuthenticator.HasValue)
{
return;
}
NrpcComputeNetlogonCredentialAlgorithm algorithm;
if ((NegotiateFlags & NrpcNegotiateFlags.SupportsAESAndSHA2) != 0)
{
algorithm = NrpcComputeNetlogonCredentialAlgorithm.AES128;
}
else
{
algorithm = NrpcComputeNetlogonCredentialAlgorithm.DESECB;
}
byte[] serverStoredCredential = StoredCredential;
if (!NrpcUtility.ValidateClientNetlogonAuthenticator(
clientAuthenticator.Value, algorithm, ref serverStoredCredential, SessionKey))
{
throw new InvalidOperationException("Client authenticator isn't correct");
}
StoredCredential = serverStoredCredential;
}
/// <summary>
/// The NetrServerTrustPasswordsGet method Supported in windows_2000_server_sp4,
/// windows_xp, and windows_server_2003, windows_vista,
/// windows_server_2008, windows_7, and windows_server_7.
/// returns the encrypted current and previous passwords
/// for an account in the domain. This method is called
/// by a client to retrieve the current and previous account
/// passwords from a domain controller. The account name
/// requested MUST be the name used when the secure channel
/// was created, unless the method is called on a PDC by
/// a DC, in which case it can be any valid account name.
/// Opnum: 42
/// </summary>
/// <param name="TrustedDcName">
/// The custom RPC binding handle, as specified in section
/// .
/// </param>
/// <param name="AccountName">
/// The null-terminated Unicode string that contains the
/// name of the client account in the domain for which
/// the trust password MUST be returned. In windows, all
/// machine account names are the name of the machine with
/// a $ (dollar sign) appended.
/// </param>
/// <param name="SecureChannelType">
/// A NETLOGON_SECURE_CHANNEL_TYPE enumerated value, as
/// specified in section , that indicates the type of the
/// secure channel being established by this call.
/// </param>
/// <param name="ComputerName">
/// The null-terminated Unicode string that contains the
/// NetBIOS name of the client computer.
/// </param>
/// <param name="Authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the client authenticator.
/// </param>
/// <param name="ReturnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure, as
/// specified in section , that contains the server return
/// authenticator.
/// </param>
/// <param name="EncryptedNewOwfPassword">
/// A pointer to an ENCRYPTED_NT_OWF_PASSWORD structure,
/// as specified in section , that contains the NTOWFv1
/// (as specified in NTLM v1 Authentication in [MS-NLMP]
/// section) of the current password, encrypted as specified
/// in [MS-SAMR] section , Encrypting an NT Hash or LM
/// Hash Value with a Specified Key. The session key is
/// the specified 16-byte key that is used to derive the
/// password's keys. The specified 16-byte key uses the
/// 16-byte value process, as specified in [MS-SAMR] section
/// .
/// </param>
/// <param name="EncryptedOldOwfPassword">
/// A pointer to an ENCRYPTED_NT_OWF_PASSWORD structure,
/// as specified in section , that contains the NTOWFv1
/// (as specified in NTLM v1 Authentication in [MS-NLMP]
/// section) of the previous password, encrypted as specified
/// in [MS-SAMR] section , Encrypting an NT Hash or LM
/// Hash Value with a Specified Key. The session key is
/// the specified 16-byte key that is used to derive the
/// password's keys. The specified 16-byte key uses the
/// 16-byte value process, as specified in [MS-SAMR] section
/// .
/// </param>
public NtStatus NetrServerTrustPasswordsGet(
string TrustedDcName,
string AccountName,
_NETLOGON_SECURE_CHANNEL_TYPE SecureChannelType,
string ComputerName,
_NETLOGON_AUTHENTICATOR? Authenticator,
out _NETLOGON_AUTHENTICATOR? ReturnAuthenticator,
out _NT_OWF_PASSWORD? EncryptedNewOwfPassword,
out _NT_OWF_PASSWORD? EncryptedOldOwfPassword)
{
const ushort opnum = 42;
byte[] requestStub;
byte[] responseStub;
Int3264[] paramList;
int retVal;
SafeIntPtr pTrustedDcName = Marshal.StringToHGlobalUni(TrustedDcName);
SafeIntPtr pAccountName = Marshal.StringToHGlobalUni(AccountName);
SafeIntPtr pComputerName = Marshal.StringToHGlobalUni(ComputerName);
SafeIntPtr pAuthenticator = TypeMarshal.ToIntPtr(Authenticator);
paramList = new Int3264[] {
pTrustedDcName,
pAccountName,
(uint)SecureChannelType,
pComputerName,
pAuthenticator,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero,
0 // retVal
};
requestStub = RpceStubEncoder.ToBytes(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
paramList);
rpceClientTransport.Call(opnum, requestStub, rpceTimeout, out responseStub);
using (RpceInt3264Collection outParamList = RpceStubDecoder.ToParamList(
RpceStubHelper.GetPlatform(),
NrpcRpcStubFormatString.TypeFormatString,
new RpceStubExprEval[] { new RpceStubExprEval(logon__NETLOGON_DELTA_USERExprEval_0000) },
NrpcRpcStubFormatString.ProcFormatString,
NrpcRpcStubFormatString.ProcFormatStringOffsetTable[opnum],
true,
responseStub,
paramList))
{
IntPtr pReturnAuthenticator = outParamList[5];
ReturnAuthenticator = TypeMarshal.ToNullableStruct<_NETLOGON_AUTHENTICATOR>(pReturnAuthenticator);
IntPtr pEncryptedNewOwfPassword = outParamList[6];
EncryptedNewOwfPassword = TypeMarshal.ToNullableStruct<_NT_OWF_PASSWORD>(pEncryptedNewOwfPassword);
IntPtr pEncryptedOldOwfPassword = outParamList[7];
EncryptedOldOwfPassword = TypeMarshal.ToNullableStruct<_NT_OWF_PASSWORD>(pEncryptedOldOwfPassword);
retVal = outParamList[8].ToInt32();
}
pTrustedDcName.Dispose();
pAccountName.Dispose();
pComputerName.Dispose();
pAuthenticator.Dispose();
return (NtStatus)retVal;
}
/// <summary>
/// The NetrDatabaseRedo method is used by a BDC to request
/// information about a single account from the PDC. Opnum: 17
/// </summary>
/// <param name="primaryName">
/// The custom RPC binding handle
/// representing the connection to the PDC.
/// </param>
/// <param name="computerName">
/// The null-terminated Unicode string that contains the
/// NetBIOS name of the BDC calling this method.
/// </param>
/// <param name="authenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the client authenticator.
/// </param>
/// <param name="returnAuthenticator">
/// A pointer to a NETLOGON_AUTHENTICATOR structure,
/// that contains the server return
/// authenticator.
/// </param>
/// <param name="changeLogEntry">
/// A pointer to a buffer that contains a CHANGELOG_ENTRY
/// structure, specified as follows, for the account being
/// queried.
/// </param>
/// <param name="changeLogEntrySize">
/// The size, in bytes, of the buffer pointed to by the
/// ChangeLogEntry parameter.
/// </param>
/// <param name="deltaArray">
/// A pointer to a NETLOGON_DELTA_ENUM_ARRAY structure,
/// that contains an array of
/// enumerated database changes for the account being queried.
/// </param>
/// <returns>
/// The method returns 0x00000000 on success;
/// otherwise, it returns a nonzero error code.
/// </returns>
public NtStatus NetrDatabaseRedo(
string primaryName,
string computerName,
_NETLOGON_AUTHENTICATOR? authenticator,
ref _NETLOGON_AUTHENTICATOR? returnAuthenticator,
byte[] changeLogEntry,
uint changeLogEntrySize,
out _NETLOGON_DELTA_ENUM_ARRAY? deltaArray)
{
NtStatus status = rpc.NetrDatabaseRedo(
primaryName,
computerName,
authenticator,
ref returnAuthenticator,
changeLogEntry,
changeLogEntrySize,
out deltaArray);
context.ConnectionStatus = status;
return status;
}
