summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2013-01-23 15:55:31 +0100
committerAndrew Bartlett <abartlet@samba.org>2013-01-27 20:14:21 +1100
commitebb73f1c5d577c1d32c5c0519dcf3fb25c578c45 (patch)
treea0f4bd93152c362ef4633378311bd485ba45ce83
parentd00fb6aff2f54b470304d3d77a53328bcbb16851 (diff)
downloadsamba-ebb73f1c5d577c1d32c5c0519dcf3fb25c578c45.tar.gz
samba-ebb73f1c5d577c1d32c5c0519dcf3fb25c578c45.tar.bz2
samba-ebb73f1c5d577c1d32c5c0519dcf3fb25c578c45.zip
provision: add get_dns_{forest,domain}_microsoft_dns_descriptor()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r--source4/scripting/python/samba/provision/__init__.py2
-rw-r--r--source4/scripting/python/samba/provision/descriptor.py14
2 files changed, 16 insertions, 0 deletions
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py
index 221b580c46..390a092989 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -94,6 +94,8 @@ from samba.provision.descriptor import (
get_domain_delete_protected1_descriptor,
get_domain_delete_protected2_descriptor,
get_dns_partition_descriptor,
+ get_dns_forest_microsoft_dns_descriptor,
+ get_dns_domain_microsoft_dns_descriptor,
)
from samba.provision.common import (
setup_path,
diff --git a/source4/scripting/python/samba/provision/descriptor.py b/source4/scripting/python/samba/provision/descriptor.py
index dfb2a721e6..32e91ed2b5 100644
--- a/source4/scripting/python/samba/provision/descriptor.py
+++ b/source4/scripting/python/samba/provision/descriptor.py
@@ -343,3 +343,17 @@ def get_dns_partition_descriptor(domain_sid, name_map={}):
"(OU;CISA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)" \
"(AU;SA;CR;;;DU)(AU;SA;CR;;;BA)(AU;SA;WPWOWD;;;WD)"
return sddl2binary(sddl, domain_sid, name_map)
+
+def get_dns_forest_microsoft_dns_descriptor(domain_sid, name_map={}):
+ sddl = "O:SYG:SYD:AI" \
+ "(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)" \
+ "(A;CI;RPWPCRCCDCLCRCWOWDSDDTSW;;;ED)"
+ return sddl2binary(sddl, domain_sid, name_map)
+
+def get_dns_domain_microsoft_dns_descriptor(domain_sid, name_map={}):
+ sddl = "O:SYG:SYD:AI" \
+ "(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)" \
+ "(A;CI;RPWPCRCCDCLCRCWOWDSDDTSW;;;DnsAdmins)" \
+ "(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)" \
+ "(A;CI;RPWPCRCCDCLCRCWOWDSDDTSW;;;ED)"
+ return sddl2binary(sddl, domain_sid, name_map)