summaryrefslogtreecommitdiff
path: root/librpc/idl/security.idl
diff options
context:
space:
mode:
Diffstat (limited to 'librpc/idl/security.idl')
-rw-r--r--librpc/idl/security.idl35
1 files changed, 22 insertions, 13 deletions
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 4f5245b2e4..13ccb49537 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -32,6 +32,8 @@ cpp_quote("#define dom_sid0 dom_sid")
interface security
{
+ typedef bitmap lsa_SystemAccessModeFlags lsa_SystemAccessModeFlags;
+
typedef [public,gensize,noprint,nosize,nopull,nopush] struct {
uint8 sid_rev_num; /**< SID revision number */
[range(0,15)] int8 num_auths; /**< Number of sub-authorities */
@@ -390,11 +392,7 @@ interface security
/* Samba-specific privs */
SEC_PRIV_PRINT_OPERATOR = 0x1001,
SEC_PRIV_ADD_USERS = 0x1002,
- SEC_PRIV_DISK_OPERATOR = 0x1003,
- /* Windows privs not in the list above */
- SEC_PRIV_INTERACTIVE_LOGON = 0x2022,
- SEC_PRIV_NETWORK_LOGON = 0x2023,
- SEC_PRIV_REMOTE_INTERACTIVE_LOGON = 0x2024
+ SEC_PRIV_DISK_OPERATOR = 0x1003
} sec_privilege;
@@ -403,10 +401,6 @@ interface security
* as a bitmap (privilages.ldb uses the string forms).
*/
typedef [bitmap64bit] bitmap {
- SEC_PRIV_NETWORK_LOGON_BIT = 0x00000001,
- SEC_PRIV_INTERACTIVE_LOGON_BIT = 0x00000002,
- SEC_PRIV_BATCH_LOGON_BIT = 0x00000004,
- SEC_PRIV_SERVICE_LOGON_BIT = 0x00000008,
SEC_PRIV_MACHINE_ACCOUNT_BIT = 0x00000010,
/* Samba-specific privs */
@@ -436,11 +430,25 @@ interface security
SEC_PRIV_ENABLE_DELEGATION_BIT = 0x02000000,
SEC_PRIV_MANAGE_VOLUME_BIT = 0x04000000,
SEC_PRIV_IMPERSONATE_BIT = 0x08000000,
- SEC_PRIV_CREATE_GLOBAL_BIT = 0x10000000,
- /* Windows privs not in the list above */
- SEC_PRIV_REMOTE_INTERACTIVE_LOGON_BIT = 0x20000000
+ SEC_PRIV_CREATE_GLOBAL_BIT = 0x10000000
} se_privilege;
+ typedef [bitmap32bit] bitmap {
+ LSA_POLICY_MODE_INTERACTIVE = 0x00000001,
+ LSA_POLICY_MODE_NETWORK = 0x00000002,
+ LSA_POLICY_MODE_BATCH = 0x00000004,
+ LSA_POLICY_MODE_SERVICE = 0x00000010,
+ LSA_POLICY_MODE_PROXY = 0x00000020,
+ LSA_POLICY_MODE_DENY_INTERACTIVE = 0x00000040,
+ LSA_POLICY_MODE_DENY_NETWORK = 0x00000080,
+ LSA_POLICY_MODE_DENY_BATCH = 0x00000100,
+ LSA_POLICY_MODE_DENY_SERVICE = 0x00000200,
+ LSA_POLICY_MODE_REMOTE_INTERACTIVE = 0x00000400,
+ LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE = 0x00000800,
+ LSA_POLICY_MODE_ALL = 0x00000FF7,
+ LSA_POLICY_MODE_ALL_NT4 = 0x00000037
+ } lsa_SystemAccessModeFlags;
+
typedef [public,bitmap8bit] bitmap {
SEC_ACE_FLAG_OBJECT_INHERIT = 0x01,
SEC_ACE_FLAG_CONTAINER_INHERIT = 0x02,
@@ -564,7 +572,8 @@ interface security
typedef [public] struct {
uint32 num_sids;
[size_is(num_sids)] dom_sid sids[*];
- udlong privilege_mask;
+ se_privilege privilege_mask;
+ lsa_SystemAccessModeFlags rights_mask;
} security_token;
/* bits that determine which parts of a security descriptor