blob: 7ddfda87002b282c53f2f33e1c2601dd935df22d [file] [log] [blame]
syntax = "proto2";
option optimize_for = LITE_RUNTIME;
package authpolicy.protos;
// Active directory information entered during domain join.
message ActiveDirectoryConfig {
optional string machine_name = 1;
optional string realm = 3;
}
// Information about a GPO parsed from net ads gpo list. |name| is the 16-byte
// guid (e.g. {12345678-90AB-...}). |basepath| and |directory| are created from
// the first and the last part of the GPO's 'filesyspath' value in the net
// output, e.g. if filesyspath is
// \\example.com\SysVol\example.com\Policies\{12345678-90AB-CDEF-1234-567890ABCDEF},
// then |basepath| is 'example.com/SysVol' and |directory| is
// example.com\Policies\{12345678-90AB-CDEF-1234-567890ABCDEF}.
message GpoEntry {
optional string name = 1;
optional string basepath = 2;
optional string directory = 3;
}
// List of GPOs on server. Agnostic of policy scope (user/machine); GPOs can
// contain both user and machine policy.
message GpoList {
repeated GpoEntry entries = 1;
}
// Local file paths of downloaded GPO files.
message FilePathList {
repeated string entries = 1;
}
// Selected data from net ads info. |dc_name| is the name of the domain
// controller and |kdc_ip| is the IPv4 or IPv6 address of the key distribution
// center.
message RealmInfo {
optional string dc_name = 1;
optional string kdc_ip = 2;
}
// Validity and renewal lifetimes of a Kerberos ticket-granting-ticket.
message TgtLifetime {
// Number of seconds the TGT is still valid and can be used to query service
// tickets.
optional int64 validity_seconds = 1;
// Number of seconds until the TGT cannot be renewed again. Zero in case the
// TGT cannot be renewed. Otherwise, not smaller than |validity_seconds|.
// Note that this is just an upper bound on total validity time. Renewal must
// still happen within the validity lifetime.
optional int64 renewal_seconds = 2;
}