From b5bec1a6d73f5939b306e157937d027a7286163c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 15 Apr 2009 01:12:13 +0200 Subject: s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHTS_MAXIMUM_ALLOWED. Guenther --- source3/libnet/libnet_join.c | 10 ++++----- source3/libsmb/libsmb_server.c | 2 +- source3/rpcclient/cmd_lsarpc.c | 48 ++++++++++++++++++++-------------------- source3/rpcclient/cmd_samr.c | 4 ++-- source3/rpcclient/rpcclient.c | 2 +- source3/utils/net_rpc.c | 8 +++---- source3/utils/net_rpc_audit.c | 8 +++---- source3/utils/net_rpc_join.c | 4 ++-- source3/utils/net_rpc_registry.c | 10 ++++----- source3/utils/net_rpc_rights.c | 10 ++++----- source3/utils/net_util.c | 2 +- source3/utils/netlookup.c | 2 +- source3/utils/smbcquotas.c | 2 +- source3/winbindd/winbindd_cm.c | 18 +++++++-------- source3/winbindd/winbindd_rpc.c | 6 ++--- 15 files changed, 68 insertions(+), 68 deletions(-) diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 894f5cba32..81990dfd81 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -703,7 +703,7 @@ static NTSTATUS libnet_join_lookup_dc_rpc(TALLOC_CTX *mem_ctx, } status = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol); + SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol); if (!NT_STATUS_IS_OK(status)) { goto done; } @@ -888,7 +888,7 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, status = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, &domain_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, user_rid, &user_pol); if (!NT_STATUS_IS_OK(status)) { @@ -1167,7 +1167,7 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx, status = rpccli_samr_Connect2(pipe_hnd, mem_ctx, pipe_hnd->desthost, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &sam_pol); if (!NT_STATUS_IS_OK(status)) { goto done; @@ -1175,7 +1175,7 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx, status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, &sam_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, r->in.domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(status)) { @@ -1213,7 +1213,7 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx, status = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, &domain_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, user_rid, &user_pol); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c index eda37f2187..60849c812f 100644 --- a/source3/libsmb/libsmb_server.c +++ b/source3/libsmb/libsmb_server.c @@ -740,7 +740,7 @@ SMBC_attr_server(TALLOC_CTX *ctx, /* * Some systems don't support - * SEC_RIGHTS_MAXIMUM_ALLOWED, but NT sends 0x2000000 + * SEC_FLAG_MAXIMUM_ALLOWED, but NT sends 0x2000000 * so we might as well do it too. */ diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index cf2b1ae563..ef3187579a 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -42,7 +42,7 @@ static NTSTATUS name_to_sid(struct rpc_pipe_client *cli, } result = rpccli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -167,7 +167,7 @@ static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli, switch (info_class) { case 12: result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) @@ -180,7 +180,7 @@ static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli, break; default: result = rpccli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) @@ -220,7 +220,7 @@ static NTSTATUS cmd_lsa_lookup_names(struct rpc_pipe_client *cli, } result = rpccli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) @@ -268,7 +268,7 @@ static NTSTATUS cmd_lsa_lookup_names_level(struct rpc_pipe_client *cli, } result = rpccli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) @@ -320,7 +320,7 @@ static NTSTATUS cmd_lsa_lookup_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem } result = rpccli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) @@ -460,7 +460,7 @@ static NTSTATUS cmd_lsa_enum_privilege(struct rpc_pipe_client *cli, pref_max_length=atoi(argv[2]); result = rpccli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) @@ -512,7 +512,7 @@ static NTSTATUS cmd_lsa_get_dispname(struct rpc_pipe_client *cli, } result = rpccli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) @@ -565,7 +565,7 @@ static NTSTATUS cmd_lsa_enum_sids(struct rpc_pipe_client *cli, pref_max_length=atoi(argv[2]); result = rpccli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) @@ -618,7 +618,7 @@ static NTSTATUS cmd_lsa_create_account(struct rpc_pipe_client *cli, goto done; result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) @@ -666,7 +666,7 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct rpc_pipe_client *cli, goto done; result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) @@ -728,7 +728,7 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli, goto done; result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) @@ -777,7 +777,7 @@ static NTSTATUS cmd_lsa_add_acct_rights(struct rpc_pipe_client *cli, goto done; result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) @@ -830,7 +830,7 @@ static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli, goto done; result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) @@ -880,7 +880,7 @@ static NTSTATUS cmd_lsa_lookup_priv_value(struct rpc_pipe_client *cli, } result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) @@ -922,7 +922,7 @@ static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli, } result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (argc == 2) @@ -995,7 +995,7 @@ static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli, struct policy_handle pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; DOM_SID dom_sid; - uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; + uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED; union lsa_TrustedDomainInfo *info = NULL; enum lsa_TrustDomInfoEnum info_class = 1; uint8_t nt_hash[16]; @@ -1043,7 +1043,7 @@ static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli, { struct policy_handle pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; + uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED; union lsa_TrustedDomainInfo *info = NULL; enum lsa_TrustDomInfoEnum info_class = 1; struct lsa_String trusted_domain; @@ -1091,7 +1091,7 @@ static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli, { struct policy_handle pol, trustdom_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; + uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED; union lsa_TrustedDomainInfo *info = NULL; DOM_SID dom_sid; enum lsa_TrustDomInfoEnum info_class = 1; @@ -1160,7 +1160,7 @@ static NTSTATUS cmd_lsa_get_username(struct rpc_pipe_client *cli, } result = rpccli_lsa_open_policy(cli, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { @@ -1210,7 +1210,7 @@ static NTSTATUS cmd_lsa_add_priv(struct rpc_pipe_client *cli, } result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) { @@ -1220,7 +1220,7 @@ static NTSTATUS cmd_lsa_add_priv(struct rpc_pipe_client *cli, result = rpccli_lsa_OpenAccount(cli, mem_ctx, &dom_pol, &sid, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &user_pol); if (!NT_STATUS_IS_OK(result)) { @@ -1294,7 +1294,7 @@ static NTSTATUS cmd_lsa_del_priv(struct rpc_pipe_client *cli, } result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) { @@ -1304,7 +1304,7 @@ static NTSTATUS cmd_lsa_del_priv(struct rpc_pipe_client *cli, result = rpccli_lsa_OpenAccount(cli, mem_ctx, &dom_pol, &sid, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &user_pol); if (!NT_STATUS_IS_OK(result)) { diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 83cec72318..96484f0982 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -2860,7 +2860,7 @@ static NTSTATUS cmd_samr_get_dispinfo_idx(struct rpc_pipe_client *cli, } status = rpccli_try_samr_connects(cli, mem_ctx, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &connect_handle); if (!NT_STATUS_IS_OK(status)) { @@ -2869,7 +2869,7 @@ static NTSTATUS cmd_samr_get_dispinfo_idx(struct rpc_pipe_client *cli, status = rpccli_samr_OpenDomain(cli, mem_ctx, &connect_handle, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &domain_sid, &domain_handle); diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index 6fd6b4f6d9..ceeeae7ea6 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -156,7 +156,7 @@ static void fetch_machine_sid(struct cli_state *cli) } result = rpccli_lsa_open_policy(lsapipe, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { goto error; diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 5dd3df9a69..845ceca573 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -68,7 +68,7 @@ NTSTATUS net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx, } result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, false, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "open_policy failed: %s\n", @@ -1668,7 +1668,7 @@ static NTSTATUS get_sid_from_name(struct cli_state *cli, } result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, false, - SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol); + SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -2485,7 +2485,7 @@ static NTSTATUS rpc_list_alias_members(struct net_context *c, } result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol); + SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Couldn't open LSA policy handle\n"); @@ -3850,7 +3850,7 @@ static NTSTATUS rpc_aliaslist_dump(struct net_context *c, struct policy_handle lsa_pol; result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol); if (!NT_STATUS_IS_OK(result)) return result; diff --git a/source3/utils/net_rpc_audit.c b/source3/utils/net_rpc_audit.c index aa7fc7c394..823fe06f1a 100644 --- a/source3/utils/net_rpc_audit.c +++ b/source3/utils/net_rpc_audit.c @@ -88,7 +88,7 @@ static NTSTATUS rpc_audit_get_internal(struct net_context *c, } result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { @@ -170,7 +170,7 @@ static NTSTATUS rpc_audit_set_internal(struct net_context *c, } result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { @@ -229,7 +229,7 @@ static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, union lsa_PolicyInformation *info = NULL; result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { @@ -314,7 +314,7 @@ static NTSTATUS rpc_audit_list_internal(struct net_context *c, int i; result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index c2e3630641..ed0311317d 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -211,7 +211,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) CHECK_RPC_ERR(rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol), "error opening lsa policy handle"); @@ -326,7 +326,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) CHECK_RPC_ERR_DEBUG( rpccli_samr_OpenUser(pipe_hnd, mem_ctx, &domain_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, user_rid, &user_pol), ("could not re-open existing user %s: %s\n", diff --git a/source3/utils/net_rpc_registry.c b/source3/utils/net_rpc_registry.c index 60274728f3..203a0cc9e3 100644 --- a/source3/utils/net_rpc_registry.c +++ b/source3/utils/net_rpc_registry.c @@ -383,7 +383,7 @@ static NTSTATUS rpc_registry_setvalue_internal(struct net_context *c, struct registry_value value; status = registry_openkey(mem_ctx, pipe_hnd, argv[0], - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &hive_hnd, &key_hnd); if (!NT_STATUS_IS_OK(status)) { d_fprintf(stderr, "registry_openkey failed: %s\n", @@ -455,7 +455,7 @@ static NTSTATUS rpc_registry_deletevalue_internal(struct net_context *c, ZERO_STRUCT(valuename); status = registry_openkey(mem_ctx, pipe_hnd, argv[0], - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &hive_hnd, &key_hnd); if (!NT_STATUS_IS_OK(status)) { d_fprintf(stderr, "registry_openkey failed: %s\n", @@ -516,7 +516,7 @@ static NTSTATUS rpc_registry_getvalue_internal(struct net_context *c, ZERO_STRUCT(valuename); status = registry_openkey(tmp_ctx, pipe_hnd, argv[0], - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &hive_hnd, &key_hnd); if (!NT_STATUS_IS_OK(status)) { d_fprintf(stderr, "registry_openkey failed: %s\n", @@ -657,7 +657,7 @@ static NTSTATUS rpc_registry_createkey_internal(struct net_context *c, } status = rpccli_winreg_Connect(pipe_hnd, mem_ctx, hive, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &hive_hnd); if (!(NT_STATUS_IS_OK(status))) { return status; @@ -727,7 +727,7 @@ static NTSTATUS rpc_registry_deletekey_internal(struct net_context *c, } status = rpccli_winreg_Connect(pipe_hnd, mem_ctx, hive, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &hive_hnd); if (!(NT_STATUS_IS_OK(status))) { return status; diff --git a/source3/utils/net_rpc_rights.c b/source3/utils/net_rpc_rights.c index 10166b6d2b..abf70e7ea2 100644 --- a/source3/utils/net_rpc_rights.c +++ b/source3/utils/net_rpc_rights.c @@ -34,7 +34,7 @@ static NTSTATUS sid_to_name(struct rpc_pipe_client *pipe_hnd, char **domains = NULL, **names = NULL; result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if ( !NT_STATUS_IS_OK(result) ) return result; @@ -70,7 +70,7 @@ static NTSTATUS name_to_sid(struct rpc_pipe_client *pipe_hnd, } result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if ( !NT_STATUS_IS_OK(result) ) return result; @@ -328,7 +328,7 @@ static NTSTATUS rpc_rights_list_internal(struct net_context *c, uint16 lang_id_desc; result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if ( !NT_STATUS_IS_OK(result) ) return result; @@ -456,7 +456,7 @@ static NTSTATUS rpc_rights_grant_internal(struct net_context *c, goto done; result = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) @@ -522,7 +522,7 @@ static NTSTATUS rpc_rights_revoke_internal(struct net_context *c, return result; result = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) diff --git a/source3/utils/net_util.c b/source3/utils/net_util.c index 2915ffb809..8bf9aac6f2 100644 --- a/source3/utils/net_util.c +++ b/source3/utils/net_util.c @@ -45,7 +45,7 @@ NTSTATUS net_rpc_lookup_name(struct net_context *c, } result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, false, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "open_policy failed: %s\n", diff --git a/source3/utils/netlookup.c b/source3/utils/netlookup.c index dd0efa4142..af219eb93c 100644 --- a/source3/utils/netlookup.c +++ b/source3/utils/netlookup.c @@ -131,7 +131,7 @@ static struct con_struct *create_cs(struct net_context *c, } nt_status = rpccli_lsa_open_policy(cs->lsapipe, ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &cs->pol); if (!NT_STATUS_IS_OK(nt_status)) { diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c index 78260acf76..1425d428ec 100644 --- a/source3/utils/smbcquotas.c +++ b/source3/utils/smbcquotas.c @@ -62,7 +62,7 @@ static bool cli_open_policy_hnd(void) if (!got_policy_hnd) { - /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED, + /* Some systems don't support SEC_FLAG_MAXIMUM_ALLOWED, but NT sends 0x2000000 so we might as well do it too. */ if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, talloc_tos(), True, diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 9cf4597595..b59a391029 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -1852,7 +1852,7 @@ no_dssetup: } result = rpccli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (NT_STATUS_IS_OK(result)) { /* This particular query is exactly what Win2k clients use @@ -1894,7 +1894,7 @@ no_dssetup: domain->active_directory = False; result = rpccli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { @@ -2068,7 +2068,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, result = rpccli_samr_Connect2(conn->samr_pipe, mem_ctx, conn->samr_pipe->desthost, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &conn->sam_connect_handle); if (NT_STATUS_IS_OK(result)) { goto open_domain; @@ -2103,7 +2103,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, result = rpccli_samr_Connect2(conn->samr_pipe, mem_ctx, conn->samr_pipe->desthost, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &conn->sam_connect_handle); if (NT_STATUS_IS_OK(result)) { goto open_domain; @@ -2125,7 +2125,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, result = rpccli_samr_Connect2(conn->samr_pipe, mem_ctx, conn->samr_pipe->desthost, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &conn->sam_connect_handle); if (!NT_STATUS_IS_OK(result)) { DEBUG(10,("cm_connect_sam: rpccli_samr_Connect2 failed " @@ -2138,7 +2138,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, result = rpccli_samr_OpenDomain(conn->samr_pipe, mem_ctx, &conn->sam_connect_handle, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &domain->sid, &conn->sam_domain_handle); @@ -2203,7 +2203,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, domain->name, conn->cli->domain, conn->cli->user_name )); result = rpccli_lsa_open_policy(conn->lsa_pipe, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &conn->lsa_policy); if (NT_STATUS_IS_OK(result)) { goto done; @@ -2239,7 +2239,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, "schannel.\n", domain->name )); result = rpccli_lsa_open_policy(conn->lsa_pipe, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &conn->lsa_policy); if (NT_STATUS_IS_OK(result)) { goto done; @@ -2261,7 +2261,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, } result = rpccli_lsa_open_policy(conn->lsa_pipe, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &conn->lsa_policy); done: if (!NT_STATUS_IS_OK(result)) { diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c index 5edb0d98b0..50ccbae6b2 100644 --- a/source3/winbindd/winbindd_rpc.c +++ b/source3/winbindd/winbindd_rpc.c @@ -525,7 +525,7 @@ static NTSTATUS query_user(struct winbindd_domain *domain, /* Get user handle */ result = rpccli_samr_OpenUser(cli, mem_ctx, &dom_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, user_rid, &user_pol); @@ -565,7 +565,7 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; struct policy_handle dom_pol, user_pol; - uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; + uint32 des_access = SEC_FLAG_MAXIMUM_ALLOWED; struct samr_RidWithAttributeArray *rid_array = NULL; unsigned int i; uint32 user_rid; @@ -746,7 +746,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 i, total_names = 0; struct policy_handle dom_pol, group_pol; - uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; + uint32 des_access = SEC_FLAG_MAXIMUM_ALLOWED; uint32 *rid_mem = NULL; uint32 group_rid; unsigned int j, r; -- cgit