summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2008-01-25 01:00:51 +0100
committerGünther Deschner <gd@samba.org>2008-01-25 01:04:30 +0100
commit92183450f1eedd2892ed8612ccaf97c65098c636 (patch)
tree6036868abf176579b8bf3b4f1c89e6198258be5b /source3
parented8385a177cf45de2970d70f08857b8aa60c046b (diff)
downloadsamba-92183450f1eedd2892ed8612ccaf97c65098c636.tar.gz
samba-92183450f1eedd2892ed8612ccaf97c65098c636.tar.bz2
samba-92183450f1eedd2892ed8612ccaf97c65098c636.zip
Trying to avoid defining new SAMR acct creation flags when we already have them with different
names. Matt, Jeremy, please check. Guenther (This used to be commit d4a9e46edf7336f673c001c559af96eb0ecf9f6f)
Diffstat (limited to 'source3')
-rw-r--r--source3/include/rpc_samr.h25
-rw-r--r--source3/libnet/libnet_join.c10
-rw-r--r--source3/rpcclient/cmd_samr.c9
-rw-r--r--source3/utils/net_domain.c10
-rw-r--r--source3/utils/net_rpc.c20
-rw-r--r--source3/utils/net_rpc_join.c11
6 files changed, 35 insertions, 50 deletions
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index 5ddb877b90..9f4645b691 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -145,31 +145,6 @@ SamrTestPrivateFunctionsUser
#define SAMR_CHGPASSWD_USER3 0x3F
#define SAMR_CONNECT5 0x40
-/* SAMR account creation flags/permissions */
-#define SAMR_USER_GETNAME 0x1
-#define SAMR_USER_GETLOCALE 0x2
-#define SAMR_USER_GETLOCCOM 0x4
-#define SAMR_USER_GETLOGONINFO 0x8
-#define SAMR_USER_GETATTR 0x10
-#define SAMR_USER_SETATTR 0x20
-#define SAMR_USER_CHPASS 0x40
-#define SAMR_USER_SETPASS 0x80
-#define SAMR_USER_GETGROUPS 0x100
-#define SAMR_USER_GETMEMBERSHIP 0x200
-#define SAMR_USER_CHMEMBERSHIP 0x400
-#define SAMR_STANDARD_DELETE 0x10000
-#define SAMR_STANDARD_READCTRL 0x20000
-#define SAMR_STANDARD_WRITEDAC 0x40000
-#define SAMR_STANDARD_WRITEOWNER 0x80000
-#define SAMR_STANDARD_SYNC 0x100000
-#define SAMR_GENERIC_ACCESSSACL 0x800000
-#define SAMR_GENERIC_MAXALLOWED 0x2000000
-#define SAMR_GENERIC_ALL 0x10000000
-#define SAMR_GENERIC_EXECUTE 0x20000000
-#define SAMR_GENERIC_WRITE 0x40000000
-#define SAMR_GENERIC_READ 0x80000000
-
-
typedef struct logon_hours_info
{
uint32 max_len; /* normally 1260 bytes */
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 538cca7994..f83e0fbb60 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -684,10 +684,12 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
const_acct_name = acct_name;
if (r->in.join_flags & WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE) {
- uint32 acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
- SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
- SAMR_STANDARD_DELETE | SAMR_USER_SETPASS |
- SAMR_USER_GETATTR | SAMR_USER_SETATTR;
+ uint32_t acct_flags =
+ SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+ SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+ SAMR_USER_ACCESS_SET_PASSWORD |
+ SAMR_USER_ACCESS_GET_ATTRIBUTES |
+ SAMR_USER_ACCESS_SET_ATTRIBUTES;
status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx,
&domain_pol,
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 5b42c6bc0e..1bb13f3fe0 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -1483,10 +1483,11 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
/* Create domain user */
acb_info = ACB_NORMAL;
- acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
- SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
- SAMR_STANDARD_DELETE | SAMR_USER_SETPASS |
- SAMR_USER_GETATTR | SAMR_USER_SETATTR;
+ acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+ SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+ SAMR_USER_ACCESS_SET_PASSWORD |
+ SAMR_USER_ACCESS_GET_ATTRIBUTES |
+ SAMR_USER_ACCESS_SET_ATTRIBUTES;
result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
acct_name, acb_info, acct_flags,
diff --git a/source3/utils/net_domain.c b/source3/utils/net_domain.c
index a98f090e62..1c34a3b60e 100644
--- a/source3/utils/net_domain.c
+++ b/source3/utils/net_domain.c
@@ -245,12 +245,14 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli,
const_acct_name = acct_name;
/* Don't try to set any acb_info flags other than ACB_WSTRUST */
+ acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+ SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+ SAMR_USER_ACCESS_SET_PASSWORD |
+ SAMR_USER_ACCESS_GET_ATTRIBUTES |
+ SAMR_USER_ACCESS_SET_ATTRIBUTES;
- acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
- SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
- SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
- SAMR_USER_SETATTR;
DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
+
status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
acct_name, acb_info, acct_flags, &user_pol, &user_rid);
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index b08a93627d..46fbcfb8ca 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -618,10 +618,11 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
/* Create domain user */
acb_info = ACB_NORMAL;
- acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
- SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
- SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
- SAMR_USER_SETATTR;
+ acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+ SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+ SAMR_USER_ACCESS_SET_PASSWORD |
+ SAMR_USER_ACCESS_GET_ATTRIBUTES |
+ SAMR_USER_ACCESS_SET_ATTRIBUTES;
result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
acct_name, acb_info, acct_flags,
@@ -5378,11 +5379,12 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
}
/* Create trusting domain's account */
- acb_info = ACB_NORMAL;
- acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
- SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
- SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
- SAMR_USER_SETATTR;
+ acb_info = ACB_NORMAL;
+ acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+ SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+ SAMR_USER_ACCESS_SET_PASSWORD |
+ SAMR_USER_ACCESS_GET_ATTRIBUTES |
+ SAMR_USER_ACCESS_SET_ATTRIBUTES;
result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
acct_name, acb_info, acct_flags,
diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c
index 5c3fb2b2ff..271219938e 100644
--- a/source3/utils/net_rpc_join.c
+++ b/source3/utils/net_rpc_join.c
@@ -250,11 +250,14 @@ int net_rpc_join_newstyle(int argc, const char **argv)
strlower_m(acct_name);
const_acct_name = acct_name;
- acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
- SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
- SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
- SAMR_USER_SETATTR;
+ acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+ SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+ SAMR_USER_ACCESS_SET_PASSWORD |
+ SAMR_USER_ACCESS_GET_ATTRIBUTES |
+ SAMR_USER_ACCESS_SET_ATTRIBUTES;
+
DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
+
result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
acct_name, acb_info,
acct_flags, &user_pol,