diff options
| author | Nadezhda Ivanova <nadezhda.ivanova@postpath.com> | 2010-03-16 13:06:08 +0200 |
|---|---|---|
| committer | Nadezhda Ivanova <nadezhda.ivanova@postpath.com> | 2010-03-16 13:37:48 +0200 |
| commit | a212c1dedb749b98d17c67db4278d1f1bb66d468 (patch) | |
| tree | ff76fd7e68c2f91c4a3de65318512095c61147c8 /librpc | |
| parent | 4379b082b80e4976120860310259248eea09f863 (diff) | |
| download | samba-a212c1dedb749b98d17c67db4278d1f1bb66d468.tar.gz samba-a212c1dedb749b98d17c67db4278d1f1bb66d468.tar.bz2 samba-a212c1dedb749b98d17c67db4278d1f1bb66d468.zip | |
Added a net acl ds command for modification of ACLs on directory objects
At present the command supports only addition of control access rigts, done
so DRS access checks can be tested. It will be expanded to deal with most
ways to modify and view a DS ACL.
Shifted commands a bit. What used to be net acl is now "net acl nt" as apposed
to this, which is "net acl ds"
./bin/net acl ds set --help
Usage: set --objectdn=objectdn --car=control right --action=[deny|allow] --trusteedn=trustee-dn
Options:
-h, --help show this help message and exit
--host=HOST LDB URL for database or target server
--car=CAR The access control right to allow or deny
--action=ACTION Deny or allow access
--objectdn=OBJECTDN DN of the object whose SD to modify
--trusteedn=TRUSTEEDN
DN of the entity that gets access
Samba Common Options:
-s FILE, --configfile=FILE
Configuration file
Credentials Options:
--simple-bind-dn=DN
DN to use for a simple bind
--password=PASSWORD
Password
-U USERNAME, --username=USERNAME
Username
-W WORKGROUP, --workgroup=WORKGROUP
Workgroup
-N, --no-pass Don't ask for a password
-k KERBEROS, --kerberos=KERBEROS
Use Kerberos
Diffstat (limited to 'librpc')
| -rw-r--r-- | librpc/idl/security.idl | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl index 186c2bcb6a..e7ae8541cc 100644 --- a/librpc/idl/security.idl +++ b/librpc/idl/security.idl @@ -479,4 +479,21 @@ interface security SEC_OWNER_FROM_PARENT = 0x00000008, SEC_GROUP_FROM_PARENT = 0x00000010 } security_autoinherit; -} + + /***************************************************************/ + /* Extended right guids */ + + const string GUID_DRS_ALLOCATE_RIDS = "1abd7cf8-0a99-11d1-adbb-00c04fd8d5cd"; + const string GUID_DRS_CHANGE_DOMAIN_MASTER = "014bf69c-7b3b-11d1-85f6-08002be74fab"; + const string GUID_DRS_CHANGE_INFR_MASTER = "cc17b1fb-33d9-11d2-97d4-00c04fd8d5cd"; + const string GUID_DRS_CHANGE_PDC = "bae50096-4752-11d1-9052-00c04fc2d4cf"; + const string GUID_DRS_CHANGE_RID_MASTER = "d58d5f36-0a98-11d1-adbb-00c04fd8d5cd"; + const string GUID_DRS_CHANGE_SCHEMA_MASTER = "e12b56b6-0a95-11d1-adbb-00c04fd8d5cd"; + const string GUID_DRS_GET_CHANGES = "1131f6aa-9c07-11d1-f79f-00c04fc2dcd2"; + const string GUID_DRS_GET_ALL_CHANGES = "1131f6ad-9c07-11d1-f79f-00c04fc2dcd2"; + const string GUID_DRS_GET_FILTERED_ATTRIBUTES = "89e95b76-444d-4c62-991a-0facbeda640c"; + const string GUID_DRS_MANAGE_TOPOLOGY = "1131f6ac-9c07-11d1-f79f-00c04fc2dcd2"; + const string GUID_DRS_MONITOR_TOPOLOGY = "f98340fb-7c5b-4cdb-a00b-2ebdfa115a96"; + const string GUID_DRS_REPL_SYNCRONIZE = "1131f6ab-9c07-11d1-f79f-00c04fc2dcd2"; + const string GUID_DRS_RO_REPL_SECRET_SYNC = "1131f6ae-9c07-11d1-f79f-00c04fc2dcd2"; +}
\ No newline at end of file |