From 3913366c9a2f8fe7f9be7462145c1bc5315aeb45 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 23 Oct 2008 19:23:43 +0200 Subject: s3-samr-idl: add User Object specific access rights. Guenther --- source3/librpc/idl/samr.idl | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/source3/librpc/idl/samr.idl b/source3/librpc/idl/samr.idl index 96b9fb289d..ade700956f 100644 --- a/source3/librpc/idl/samr.idl +++ b/source3/librpc/idl/samr.idl @@ -72,6 +72,8 @@ import "misc.idl", "lsa.idl", "security.idl"; SAMR_ACCESS_OPEN_DOMAIN | SAMR_ACCESS_CONNECT_TO_SERVER); + /* User Object specific access rights */ + typedef [bitmap32bit] bitmap { SAMR_USER_ACCESS_GET_NAME_ETC = 0x00000001, SAMR_USER_ACCESS_GET_LOCALE = 0x00000002, @@ -86,6 +88,33 @@ import "misc.idl", "lsa.idl", "security.idl"; SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP = 0x00000400 } samr_UserAccessMask; + const int SAMR_USER_ACCESS_ALL_ACCESS = 0x000007FF; + + const int GENERIC_RIGHTS_USER_ALL_ACCESS = + (STANDARD_RIGHTS_REQUIRED_ACCESS | + SAMR_USER_ACCESS_ALL_ACCESS); /* 0x000f07ff */ + + const int GENERIC_RIGHTS_USER_READ = + (STANDARD_RIGHTS_READ_ACCESS | + SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP | + SAMR_USER_ACCESS_GET_GROUPS | + SAMR_USER_ACCESS_GET_ATTRIBUTES | + SAMR_USER_ACCESS_GET_LOGONINFO | + SAMR_USER_ACCESS_GET_LOCALE); /* 0x0002031a */ + + const int GENERIC_RIGHTS_USER_WRITE = + (STANDARD_RIGHTS_WRITE_ACCESS | + SAMR_USER_ACCESS_CHANGE_PASSWORD | + SAMR_USER_ACCESS_SET_LOC_COM | + SAMR_USER_ACCESS_SET_ATTRIBUTES | + SAMR_USER_ACCESS_SET_PASSWORD | + SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP); /* 0x000204e4 */ + + const int GENERIC_RIGHTS_USER_EXECUTE = + (STANDARD_RIGHTS_EXECUTE_ACCESS | + SAMR_USER_ACCESS_CHANGE_PASSWORD | + SAMR_USER_ACCESS_GET_NAME_ETC); /* 0x00020041 */ + typedef [bitmap32bit] bitmap { SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 = 0x00000001, SAMR_DOMAIN_ACCESS_SET_INFO_1 = 0x00000002, -- cgit