1 files changed, 70 insertions, 0 deletions

diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl
new file mode 100644
index 00000000000..525497df721
--- /dev/null
+++ b/librpc/idl/auth.idl
@@ -0,0 +1,70 @@
+#include "idl_types.h"
+
+/*
+  security IDL structures
+*/
+
+import "misc.idl", "security.idl", "lsa.idl", "krb5pac.idl";
+
+interface auth
+{
+	typedef [public] enum {
+		SEC_AUTH_METHOD_UNAUTHENTICATED = 0,
+		SEC_AUTH_METHOD_NTLM            = 1,
+		SEC_AUTH_METHOD_KERBEROS        = 2
+	} auth_method;
+
+	/* This is the parts of the session_info that don't change
+	 * during local privilage and group manipulations */
+	typedef [public] struct {
+		utf8string account_name;
+		utf8string domain_name;
+
+		utf8string full_name;
+		utf8string logon_script;
+		utf8string profile_path;
+		utf8string home_directory;
+		utf8string home_drive;
+		utf8string logon_server;
+
+		NTTIME last_logon;
+		NTTIME last_logoff;
+		NTTIME acct_expiry;
+		NTTIME last_password_change;
+		NTTIME allow_password_change;
+		NTTIME force_password_change;
+
+		uint16 logon_count;
+		uint16 bad_password_count;
+
+		uint32 acct_flags;
+
+		uint8 authenticated;
+	} auth_user_info;
+
+	/* This information is preserved only to assist torture tests */
+	typedef [public] struct {
+		/* Number SIDs from the DC netlogon validation info */
+		uint32 num_dc_sids;
+		[size_is(num_sids)] dom_sid dc_sids[*];
+		PAC_SIGNATURE_DATA *pac_srv_sig;
+		PAC_SIGNATURE_DATA *pac_kdc_sig;
+	} auth_user_info_torture;
+
+	/* This is the interim product of the auth subsystem, before
+	 * privileges and local groups are handled */
+	typedef [public] struct {
+		uint32 num_sids;
+		[size_is(num_sids)] dom_sid sids[*];
+		auth_user_info *info;
+		DATA_BLOB user_session_key;
+		DATA_BLOB lm_session_key;
+	} auth_user_info_dc;
+
+	typedef [public] struct {
+		security_token *security_token;
+		auth_user_info *info;
+		DATA_BLOB session_key;
+		DATA_BLOB exported_gssapi_credentials;
+	} auth_session_info_transport;
+}