diff options
author | Stefan Metzmacher <metze@samba.org> | 2013-01-23 10:51:10 +0100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2013-01-27 20:14:21 +1100 |
commit | 1207cbd123375f0ff1bfc51403af5d611a621091 (patch) | |
tree | 18edcb22ef0c38d07adf7ac457eedc157bf48aad | |
parent | 8880c2d0d356e7208ca859e17caf208952af0e17 (diff) | |
download | samba-1207cbd123375f0ff1bfc51403af5d611a621091.tar.gz samba-1207cbd123375f0ff1bfc51403af5d611a621091.tar.bz2 samba-1207cbd123375f0ff1bfc51403af5d611a621091.zip |
provision: add get_{config,domain}_delete_protected*_descriptor()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r-- | source4/scripting/python/samba/provision/__init__.py | 5 | ||||
-rw-r--r-- | source4/scripting/python/samba/provision/descriptor.py | 35 |
2 files changed, 40 insertions, 0 deletions
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index 169b2d912a..100b841b0d 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -81,12 +81,17 @@ from samba.provision.descriptor import ( get_config_descriptor, get_config_partitions_descriptor, get_config_sites_descriptor, + get_config_delete_protected1_descriptor, + get_config_delete_protected1wd_descriptor, + get_config_delete_protected2_descriptor, get_domain_descriptor, get_domain_infrastructure_descriptor, get_domain_builtin_descriptor, get_domain_computers_descriptor, get_domain_users_descriptor, get_domain_controllers_descriptor, + get_domain_delete_protected1_descriptor, + get_domain_delete_protected2_descriptor, get_dns_partition_descriptor, ) from samba.provision.common import ( diff --git a/source4/scripting/python/samba/provision/descriptor.py b/source4/scripting/python/samba/provision/descriptor.py index ade6e17421..6b03d21ad2 100644 --- a/source4/scripting/python/samba/provision/descriptor.py +++ b/source4/scripting/python/samba/provision/descriptor.py @@ -95,6 +95,27 @@ def get_config_sites_descriptor(domain_sid, name_map={}): "(OU;CIIOSA;WP;3e10944c-c354-11d0-aff8-0000f80367c1;b7b13124-b82e-11d0-afee-0000f80367c1;WD)" return sddl2binary(sddl, domain_sid, name_map) +def get_config_delete_protected1_descriptor(domain_sid, name_map={}): + sddl = "D:AI" \ + "(A;;RPLCLORC;;;AU)" \ + "(A;;RPWPCRCCLCLORCWOWDSW;;;EA)" \ + "(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)" + return sddl2binary(sddl, domain_sid, name_map) + +def get_config_delete_protected1wd_descriptor(domain_sid, name_map={}): + sddl = "D:AI" \ + "(A;;RPLCLORC;;;WD)" \ + "(A;;RPWPCRCCLCLORCWOWDSW;;;EA)" \ + "(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)" + return sddl2binary(sddl, domain_sid, name_map) + +def get_config_delete_protected2_descriptor(domain_sid, name_map={}): + sddl = "D:AI" \ + "(A;;RPLCLORC;;;AU)" \ + "(A;;RPWPCRCCDCLCLORCWOWDSW;;;EA)" \ + "(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)" + return sddl2binary(sddl, domain_sid, name_map) + def get_domain_descriptor(domain_sid, name_map={}): sddl= "O:BAG:BAD:AI(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)" \ "(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;RU)" \ @@ -248,6 +269,20 @@ def get_domain_controllers_descriptor(domain_sid, name_map={}): "(AU;CISA;WP;;;WD)" return sddl2binary(sddl, domain_sid, name_map) +def get_domain_delete_protected1_descriptor(domain_sid, name_map={}): + sddl = "D:AI" \ + "(A;;RPLCLORC;;;AU)" \ + "(A;;RPWPCRCCLCLORCWOWDSW;;;DA)" \ + "(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)" + return sddl2binary(sddl, domain_sid, name_map) + +def get_domain_delete_protected2_descriptor(domain_sid, name_map={}): + sddl = "D:AI" \ + "(A;;RPLCLORC;;;AU)" \ + "(A;;RPWPCRCCDCLCLORCWOWDSW;;;DA)" \ + "(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)" + return sddl2binary(sddl, domain_sid, name_map) + def get_dns_partition_descriptor(domain_sid, name_map={}): sddl = "O:SYG:BAD:AI" \ "(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)" \ |