From 95bc08e9545850ba57cdcf79bf9f62872b2946c0 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 11 May 2007 12:41:11 +0000 Subject: r22796: Add security descriptor to GROUP_POLICY_OBJECT structure (in preparation of adding GPO security filtering for libgpo). Guenther (This used to be commit b376a39fbf42a6a541fd311418c4a980b9fd4b9e) --- source3/include/gpo.h | 1 + source3/include/includes.h | 2 +- source3/libgpo/gpo_ldap.c | 5 ++++- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/source3/include/gpo.h b/source3/include/gpo.h index c3ae20dd20..a13c81b554 100644 --- a/source3/include/gpo.h +++ b/source3/include/gpo.h @@ -49,6 +49,7 @@ struct GROUP_POLICY_OBJECT { uint32 link_type; /* GPO_LINK_TYPE */ const char *user_extensions; const char *machine_extensions; + SEC_DESC *security_descriptor; struct GROUP_POLICY_OBJECT *next, *prev; }; diff --git a/source3/include/includes.h b/source3/include/includes.h index 5acd7abc36..1fa3aae8f7 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -643,7 +643,6 @@ typedef int BOOL; #include "nt_status.h" #include "ads.h" -#include "gpo.h" #include "ads_dns.h" #include "interfaces.h" #include "trans2.h" @@ -668,6 +667,7 @@ typedef int BOOL; #include "mapping.h" #include "passdb.h" #include "rpc_secdes.h" +#include "gpo.h" #include "authdata.h" #include "msdfs.h" #include "rap.h" diff --git a/source3/libgpo/gpo_ldap.c b/source3/libgpo/gpo_ldap.c index 6c1079832d..112d2bb1f9 100644 --- a/source3/libgpo/gpo_ldap.c +++ b/source3/libgpo/gpo_ldap.c @@ -434,6 +434,9 @@ ADS_STATUS ads_delete_gpo_link(ADS_STRUCT *ads, gpo->machine_extensions = ads_pull_string(ads, mem_ctx, res, "gPCMachineExtensionNames"); gpo->user_extensions = ads_pull_string(ads, mem_ctx, res, "gPCUserExtensionNames"); + ads_pull_sd(ads, mem_ctx, res, "ntSecurityDescriptor", &gpo->security_descriptor); + ADS_ERROR_HAVE_NO_MEMORY(gpo->security_descriptor); + return ADS_ERROR(LDAP_SUCCESS); } @@ -455,7 +458,7 @@ ADS_STATUS ads_get_gpo(ADS_STRUCT *ads, const char *attrs[] = { "cn", "displayName", "flags", "gPCFileSysPath", "gPCFunctionalityVersion", "gPCMachineExtensionNames", "gPCUserExtensionNames", "gPCWQLFilter", "name", - "versionNumber", NULL}; + "versionNumber", "ntSecurityDescriptor", NULL}; ZERO_STRUCTP(gpo); -- cgit