diff options
| author | Simo Sorce <idra@samba.org> | 2004-03-01 16:10:28 +0000 |
|---|---|---|
| committer | Simo Sorce <idra@samba.org> | 2004-03-01 16:10:28 +0000 |
| commit | eebc94d84af736bb1fdd8e0c511237b0da978e7a (patch) | |
| tree | 3d39c50ac039a7fc56d677b90e60421f7d6fc878 /source3/include/passdb.h | |
| parent | f986f33aa13f8672e2154f29906f657c023777dc (diff) | |
| download | samba-eebc94d84af736bb1fdd8e0c511237b0da978e7a.tar.gz samba-eebc94d84af736bb1fdd8e0c511237b0da978e7a.tar.bz2 samba-eebc94d84af736bb1fdd8e0c511237b0da978e7a.zip | |
Ok here it is my latest work on privileges
This patch add privilege support for samba
Currently it is implemented only for tdbsam backend but estending it to
other sam backends is straightforward.
I must make a big thank to JFM for his teachings on the matter and the
functions at the base of this work.
At thye moment only samr_create_user honours SeAddUsersPrivilege and
SeMachineAccountPrivilege to permit any user to add machines and/or users to
the server.
The command "net priv" has been provided to manipulate the privileges
database.
There are still many things to do (like support in "net rpc vampire") but
the working core is here.
Feel free to comment/extend on this work.
Of course I will deny that any bug may affect this code :-)
Simo.
This patch adds also my patch about add share command enhancements.
(This used to be commit 7a78c3605e203bd8e0d7ae244605f076a5d0b0bc)
Diffstat (limited to 'source3/include/passdb.h')
| -rw-r--r-- | source3/include/passdb.h | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/source3/include/passdb.h b/source3/include/passdb.h index 668bbcc2de..d471eb53f3 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -362,6 +362,16 @@ typedef struct pdb_context NTSTATUS (*pdb_update_trust_passwd)(struct pdb_context *context, SAM_TRUST_PASSWD* trust); NTSTATUS (*pdb_delete_trust_passwd)(struct pdb_context *context, SAM_TRUST_PASSWD* trust); + + /* privileges functions */ + + NTSTATUS (*pdb_add_sid_to_privilege)(struct pdb_context *context, const char *priv_name, const DOM_SID *sid); + + NTSTATUS (*pdb_remove_sid_from_privilege)(struct pdb_context *context, const char *priv_name, const DOM_SID *sid); + + NTSTATUS (*pdb_get_privilege_set)(struct pdb_context *context, NT_USER_TOKEN *token, PRIVILEGE_SET *privs); + + NTSTATUS (*pdb_get_privilege_entry)(struct pdb_context *context, const char *privname, char **sid_list); void (*free_fn)(struct pdb_context **); @@ -467,6 +477,16 @@ typedef struct pdb_methods NTSTATUS (*delete_trust_passwd)(struct pdb_methods *methods, const SAM_TRUST_PASSWD* trust); + /* privileges functions */ + + NTSTATUS (*add_sid_to_privilege)(struct pdb_methods *methods, const char *priv_name, const DOM_SID *sid); + + NTSTATUS (*remove_sid_from_privilege)(struct pdb_methods *methods, const char *priv_name, const DOM_SID *sid); + + NTSTATUS (*get_privilege_set)(struct pdb_methods *methods, NT_USER_TOKEN *token, PRIVILEGE_SET *privs); + + NTSTATUS (*get_privilege_entry)(struct pdb_methods *methods, const char *privname, char **sid_list); + } PDB_METHODS; typedef NTSTATUS (*pdb_init_function)(struct pdb_context *, |