diff options
author | Nadezhda Ivanova <nadezhda.ivanova@postpath.com> | 2010-03-16 13:06:08 +0200 |
---|---|---|
committer | Nadezhda Ivanova <nadezhda.ivanova@postpath.com> | 2010-03-16 13:37:48 +0200 |
commit | a212c1dedb749b98d17c67db4278d1f1bb66d468 (patch) | |
tree | ff76fd7e68c2f91c4a3de65318512095c61147c8 /source4/scripting/python/pyglue.c | |
parent | 4379b082b80e4976120860310259248eea09f863 (diff) | |
download | samba-a212c1dedb749b98d17c67db4278d1f1bb66d468.tar.gz samba-a212c1dedb749b98d17c67db4278d1f1bb66d468.tar.bz2 samba-a212c1dedb749b98d17c67db4278d1f1bb66d468.zip |
Added a net acl ds command for modification of ACLs on directory objects
At present the command supports only addition of control access rigts, done
so DRS access checks can be tested. It will be expanded to deal with most
ways to modify and view a DS ACL.
Shifted commands a bit. What used to be net acl is now "net acl nt" as apposed
to this, which is "net acl ds"
./bin/net acl ds set --help
Usage: set --objectdn=objectdn --car=control right --action=[deny|allow] --trusteedn=trustee-dn
Options:
-h, --help show this help message and exit
--host=HOST LDB URL for database or target server
--car=CAR The access control right to allow or deny
--action=ACTION Deny or allow access
--objectdn=OBJECTDN DN of the object whose SD to modify
--trusteedn=TRUSTEEDN
DN of the entity that gets access
Samba Common Options:
-s FILE, --configfile=FILE
Configuration file
Credentials Options:
--simple-bind-dn=DN
DN to use for a simple bind
--password=PASSWORD
Password
-U USERNAME, --username=USERNAME
Username
-W WORKGROUP, --workgroup=WORKGROUP
Workgroup
-N, --no-pass Don't ask for a password
-k KERBEROS, --kerberos=KERBEROS
Use Kerberos
Diffstat (limited to 'source4/scripting/python/pyglue.c')
-rw-r--r-- | source4/scripting/python/pyglue.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c index c64f08e13e..e28406a0d6 100644 --- a/source4/scripting/python/pyglue.c +++ b/source4/scripting/python/pyglue.c @@ -772,6 +772,21 @@ void initglue(void) PyModule_AddObject(m, "SECINFO_DACL", PyInt_FromLong(SECINFO_DACL)); PyModule_AddObject(m, "SECINFO_SACL", PyInt_FromLong(SECINFO_SACL)); + /* control access rights guids */ + PyModule_AddObject(m, "GUID_DRS_ALLOCATE_RIDS", PyString_FromString(GUID_DRS_ALLOCATE_RIDS)); + PyModule_AddObject(m, "GUID_DRS_CHANGE_DOMAIN_MASTER", PyString_FromString(GUID_DRS_CHANGE_DOMAIN_MASTER)); + PyModule_AddObject(m, "GUID_DRS_CHANGE_INFR_MASTER", PyString_FromString(GUID_DRS_CHANGE_INFR_MASTER)); + PyModule_AddObject(m, "GUID_DRS_CHANGE_PDC", PyString_FromString(GUID_DRS_CHANGE_PDC)); + PyModule_AddObject(m, "GUID_DRS_CHANGE_RID_MASTER", PyString_FromString(GUID_DRS_CHANGE_RID_MASTER)); + PyModule_AddObject(m, "GUID_DRS_CHANGE_SCHEMA_MASTER", PyString_FromString(GUID_DRS_CHANGE_SCHEMA_MASTER)); + PyModule_AddObject(m, "GUID_DRS_GET_CHANGES", PyString_FromString(GUID_DRS_GET_CHANGES)); + PyModule_AddObject(m, "GUID_DRS_GET_ALL_CHANGES", PyString_FromString(GUID_DRS_GET_ALL_CHANGES)); + PyModule_AddObject(m, "GUID_DRS_GET_FILTERED_ATTRIBUTES", PyString_FromString(GUID_DRS_GET_FILTERED_ATTRIBUTES)); + PyModule_AddObject(m, "GUID_DRS_MANAGE_TOPOLOGY", PyString_FromString(GUID_DRS_MANAGE_TOPOLOGY)); + PyModule_AddObject(m, "GUID_DRS_MONITOR_TOPOLOGY", PyString_FromString(GUID_DRS_MONITOR_TOPOLOGY)); + PyModule_AddObject(m, "GUID_DRS_REPL_SYNCRONIZE", PyString_FromString(GUID_DRS_REPL_SYNCRONIZE)); + PyModule_AddObject(m, "GUID_DRS_RO_REPL_SECRET_SYNC", PyString_FromString(GUID_DRS_RO_REPL_SECRET_SYNC)); + /* one of the most annoying things about python scripts is that they don't die when you hit control-C. This fixes that sillyness. As we do all database operations using |