summaryrefslogtreecommitdiff
path: root/librpc/idl/security.idl
AgeCommit message (Collapse)AuthorFilesLines
2010-08-23s4:security Change struct security_token->sids from struct dom_sid * to ↵Andrew Bartlett1-1/+1
struct dom_sid This makes the structure much more like NT_USER_TOKEN in the source3/ code. (The remaining changes are that privilages still need to be merged) Andrew Bartlett
2010-08-20idl: added the RODC allow/deny secrets RIDsAndrew Tridgell1-0/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-18s4:security Remove use of user_sid and group_sid from struct security_tokenAndrew Bartlett1-2/+0
This makes the structure more like Samba3's NT_USER_TOKEN
2010-07-05s4-dsdb: Implementation of User-Change-Password and User-Force-Password-ChangeNadezhda Ivanova1-0/+2
These CARs need to be checked on password change and password reset operations. Apparently the password attributes are not influenced by Write Property. Single detele operations and modifications of dBCSPwd are let through to the password_hash module. This is determined experimentally.
2010-06-09Added guids for the validated writes.Nadezhda Ivanova1-0/+7
2010-06-03security: move generic_mapping and standard_mapping to security.idl.Günther Deschner1-0/+18
Guenther
2010-05-18Finish removal of iconv_convenience in public API's.Jelmer Vernooij1-3/+3
2010-05-18security: merge builtin rid tables.Günther Deschner1-0/+19
Guenther
2010-03-23security.idl: Add missing builtin groups.Karolin Seeger1-0/+4
Karolin
2010-03-16security.idl - push generated code diffMatthias Dieter Wallnöfer1-1/+1
2010-03-16Added a net acl ds command for modification of ACLs on directory objectsNadezhda Ivanova1-1/+18
At present the command supports only addition of control access rigts, done so DRS access checks can be tested. It will be expanded to deal with most ways to modify and view a DS ACL. Shifted commands a bit. What used to be net acl is now "net acl nt" as apposed to this, which is "net acl ds" ./bin/net acl ds set --help Usage: set --objectdn=objectdn --car=control right --action=[deny|allow] --trusteedn=trustee-dn Options: -h, --help show this help message and exit --host=HOST LDB URL for database or target server --car=CAR The access control right to allow or deny --action=ACTION Deny or allow access --objectdn=OBJECTDN DN of the object whose SD to modify --trusteedn=TRUSTEEDN DN of the entity that gets access Samba Common Options: -s FILE, --configfile=FILE Configuration file Credentials Options: --simple-bind-dn=DN DN to use for a simple bind --password=PASSWORD Password -U USERNAME, --username=USERNAME Username -W WORKGROUP, --workgroup=WORKGROUP Workgroup -N, --no-pass Don't ask for a password -k KERBEROS, --kerberos=KERBEROS Use Kerberos
2010-02-18security: make two bitmaps public.Günther Deschner1-2/+2
Guenther
2010-01-29security.idl: add wellknown TrustedInstaller SIDStefan Metzmacher1-0/+7
metze
2009-11-27security.idl - Add some more wellknown SIDs/RIDsMatthias Dieter Wallnöfer1-14/+17
2009-11-17Fixed incorrect SID for RAS Servers.Nadezhda Ivanova1-0/+1
2009-11-03Removed the default DACL from token, as we will not be using it.Nadezhda Ivanova1-1/+0
2009-10-16idl: added bit definition for privilege masksAndrew Tridgell1-0/+15
When you have backup or restore privileges, you automatically get extra access bits in ACL interpretation. This adds definitions for the bits you get.
2009-09-16Owner and group defaulting.Nadezhda Ivanova1-0/+34
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-05-29s4: Add additional well-known SID's/RID's.Andrew Kroeger1-0/+4
Information was found at http://support.microsoft.com/kb/243330 Not all well-known identifiers were included - only those necessary for enhancing the 2-letter mappings used in SDDL strings were added.
2009-05-29Fix incorrect RID for KRBTGT. (was incorectly 514, should be 502)Andrew Bartlett1-1/+1
Requires recompile of source4/kdc/* Found by Andrew Kroeger <andrew@id10ts.net> Andrew Bartlett
2009-05-27Add DOMAIN_RID_KRBTGT define to security.idlAndrew Bartlett1-0/+1
2009-05-20s4: try to fix privileges implementation in order to pass the ↵Günther Deschner1-1/+2
RPC-SAMR-USERS-PRIVILEGES test. Guenther
2009-01-01Add iconv_convenience argument to size functions.Jelmer Vernooij1-3/+3
2008-12-16Rename dom_sid.idl -> server_id.idl (since it no longer actually contains ↵Jelmer Vernooij1-2/+0
the dom_sid). No longer include it from security.idl.
2008-12-16Add python extensions for dom_sid.Jelmer Vernooij1-2/+1
2008-12-12Move dom_sid to the Samba 3 IDL file, remove the old definition.Jelmer Vernooij1-0/+29
2008-11-08s3: make idlStefan Metzmacher1-3/+3
metze
2008-11-08security.idl: sometimes ACEs have some padding at the endStefan Metzmacher1-1/+1
metze
2008-11-08s3: security.idl: split of dom_sid stuff into dom_sid.idlStefan Metzmacher1-19/+2
And use the toplevel ndr_sec_helper.c metze
2008-11-01security-idl: fix typo.Günther Deschner1-3/+3
Guenther
2008-10-31security-idl: add STANDARD_RIGHTS_X bits.Günther Deschner1-0/+14
Guenther
2008-10-15Share security.idl.Jelmer Vernooij1-0/+394