summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2008-10-23 19:38:21 +0200
committerGünther Deschner <gd@samba.org>2008-10-31 21:14:26 +0100
commit04c2204e46b8b5e7c7048c058a06f4f63cb6a826 (patch)
treef7e3f1bb0687bd72f9ab32b38bcd1126ba2d9d2d
parent29d27297d0f77cb9d8a03f011e14f0569dc88225 (diff)
downloadsamba-04c2204e46b8b5e7c7048c058a06f4f63cb6a826.tar.gz
samba-04c2204e46b8b5e7c7048c058a06f4f63cb6a826.tar.bz2
samba-04c2204e46b8b5e7c7048c058a06f4f63cb6a826.zip
s3-samr-idl: add Domain Object specific access rights.
Guenther
-rw-r--r--source3/librpc/idl/samr.idl28
1 files changed, 28 insertions, 0 deletions
diff --git a/source3/librpc/idl/samr.idl b/source3/librpc/idl/samr.idl
index ade700956f..c852c81acc 100644
--- a/source3/librpc/idl/samr.idl
+++ b/source3/librpc/idl/samr.idl
@@ -115,6 +115,8 @@ import "misc.idl", "lsa.idl", "security.idl";
SAMR_USER_ACCESS_CHANGE_PASSWORD |
SAMR_USER_ACCESS_GET_NAME_ETC); /* 0x00020041 */
+ /* Domain Object specific access rights */
+
typedef [bitmap32bit] bitmap {
SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 = 0x00000001,
SAMR_DOMAIN_ACCESS_SET_INFO_1 = 0x00000002,
@@ -129,6 +131,32 @@ import "misc.idl", "lsa.idl", "security.idl";
SAMR_DOMAIN_ACCESS_SET_INFO_3 = 0x00000400
} samr_DomainAccessMask;
+ const int SAMR_DOMAIN_ACCESS_ALL_ACCESS = 0x000007FF;
+
+ const int GENERIC_RIGHTS_DOMAIN_ALL_ACCESS =
+ (STANDARD_RIGHTS_REQUIRED_ACCESS |
+ SAMR_DOMAIN_ACCESS_ALL_ACCESS);
+
+ const int GENERIC_RIGHTS_DOMAIN_READ =
+ (STANDARD_RIGHTS_READ_ACCESS |
+ SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS |
+ SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2);
+
+ const int GENERIC_RIGHTS_DOMAIN_WRITE =
+ (STANDARD_RIGHTS_WRITE_ACCESS |
+ SAMR_DOMAIN_ACCESS_SET_INFO_3 |
+ SAMR_DOMAIN_ACCESS_CREATE_ALIAS |
+ SAMR_DOMAIN_ACCESS_CREATE_GROUP |
+ SAMR_DOMAIN_ACCESS_CREATE_USER |
+ SAMR_DOMAIN_ACCESS_SET_INFO_2 |
+ SAMR_DOMAIN_ACCESS_SET_INFO_1);
+
+ const int GENERIC_RIGHTS_DOMAIN_EXECUTE =
+ (STANDARD_RIGHTS_EXECUTE_ACCESS |
+ SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
+ SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
+ SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1);
+
typedef [bitmap32bit] bitmap {
SAMR_GROUP_ACCESS_LOOKUP_INFO = 0x00000001,
SAMR_GROUP_ACCESS_SET_INFO = 0x00000002,