From 2606dfa9a42d19c971f6c04e4030af51b57484bc Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 26 Aug 2010 19:21:53 +1000
Subject: security.idl Update Windows privileges list to Win2008R2

Signed-off-by: Andrew Tridgell <tridge@samba.org>
---
 librpc/idl/security.idl | 65 ++++++++++++++++++++++++++-----------------------
 1 file changed, 35 insertions(+), 30 deletions(-)

(limited to 'librpc')

diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 59d3f5c143..f412ce3fac 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -316,39 +316,44 @@ interface security
 	const int BUILTIN_RID_TS_LICENSE_SERVERS	= 561;
 
 /********************************************************************
- This is a list of privileges reported by a WIndows 2000 SP4 AD DC
+ This is a list of privileges reported by a WIndows 2008 R2 DC
  just for reference purposes (and I know the LUID is not guaranteed
  across reboots):
 
-            SeCreateTokenPrivilege  Create a token object ( 0x0, 0x2 )
-     SeAssignPrimaryTokenPrivilege  Replace a process level token ( 0x0, 0x3 )
-             SeLockMemoryPrivilege  Lock pages in memory ( 0x0, 0x4 )
-          SeIncreaseQuotaPrivilege  Increase quotas ( 0x0, 0x5 )
-         SeMachineAccountPrivilege  Add workstations to domain ( 0x0, 0x6 )
-                    SeTcbPrivilege  Act as part of the operating system ( 0x0, 0x7 )
-               SeSecurityPrivilege  Manage auditing and security log ( 0x0, 0x8 )
-          SeTakeOwnershipPrivilege  Take ownership of files or other objects ( 0x0, 0x9 )
-             SeLoadDriverPrivilege  Load and unload device drivers ( 0x0, 0xa )
-          SeSystemProfilePrivilege  Profile system performance ( 0x0, 0xb )
-             SeSystemtimePrivilege  Change the system time ( 0x0, 0xc )
-   SeProfileSingleProcessPrivilege  Profile single process ( 0x0, 0xd )
-   SeIncreaseBasePriorityPrivilege  Increase scheduling priority ( 0x0, 0xe )
-         SeCreatePagefilePrivilege  Create a pagefile ( 0x0, 0xf )
-        SeCreatePermanentPrivilege  Create permanent shared objects ( 0x0, 0x10 )
-                 SeBackupPrivilege  Back up files and directories ( 0x0, 0x11 )
-                SeRestorePrivilege  Restore files and directories ( 0x0, 0x12 )
-               SeShutdownPrivilege  Shut down the system ( 0x0, 0x13 )
-                  SeDebugPrivilege  Debug programs ( 0x0, 0x14 )
-                  SeAuditPrivilege  Generate security audits ( 0x0, 0x15 )
-      SeSystemEnvironmentPrivilege  Modify firmware environment values ( 0x0, 0x16 )
-           SeChangeNotifyPrivilege  Bypass traverse checking ( 0x0, 0x17 )
-         SeRemoteShutdownPrivilege  Force shutdown from a remote system ( 0x0, 0x18 )
-                 SeUndockPrivilege  Remove computer from docking station ( 0x0, 0x19 )
-              SeSyncAgentPrivilege  Synchronize directory service data ( 0x0, 0x1a )
-       SeEnableDelegationPrivilege  Enable computer and user accounts to be trusted for delegation ( 0x0, 0x1b )
-           SeManageVolumePrivilege  Perform volume maintenance tasks ( 0x0, 0x1c )
-            SeImpersonatePrivilege  Impersonate a client after authentication ( 0x0, 0x1d )
-           SeCreateGlobalPrivilege  Create global objects ( 0x0, 0x1e )
+0x00000002          SeCreateTokenPrivilege "Create a token object"
+0x00000003   SeAssignPrimaryTokenPrivilege "Replace a process level token"
+0x00000004           SeLockMemoryPrivilege "Lock pages in memory"
+0x00000005        SeIncreaseQuotaPrivilege "Adjust memory quotas for a process"
+0x00000006       SeMachineAccountPrivilege "Add workstations to domain"
+0x00000007                  SeTcbPrivilege "Act as part of the operating system"
+0x00000008             SeSecurityPrivilege "Manage auditing and security log"
+0x00000009        SeTakeOwnershipPrivilege "Take ownership of files or other objects"
+0x0000000a           SeLoadDriverPrivilege "Load and unload device drivers"
+0x0000000b        SeSystemProfilePrivilege "Profile system performance"
+0x0000000c           SeSystemtimePrivilege "Change the system time"
+0x0000000d SeProfileSingleProcessPrivilege "Profile single process"
+0x0000000e SeIncreaseBasePriorityPrivilege "Increase scheduling priority"
+0x0000000f       SeCreatePagefilePrivilege "Create a pagefile"
+0x00000010      SeCreatePermanentPrivilege "Create permanent shared objects"
+0x00000011               SeBackupPrivilege "Back up files and directories"
+0x00000012              SeRestorePrivilege "Restore files and directories"
+0x00000013             SeShutdownPrivilege "Shut down the system"
+0x00000014                SeDebugPrivilege "Debug programs"
+0x00000015                SeAuditPrivilege "Generate security audits"
+0x00000016    SeSystemEnvironmentPrivilege "Modify firmware environment values"
+0x00000017         SeChangeNotifyPrivilege "Bypass traverse checking"
+0x00000018       SeRemoteShutdownPrivilege "Force shutdown from a remote system"
+0x00000019               SeUndockPrivilege "Remove computer from docking station"
+0x0000001a            SeSyncAgentPrivilege "Synchronize directory service data"
+0x0000001b     SeEnableDelegationPrivilege "Enable computer and user accounts to be trusted for delegation"
+0x0000001c         SeManageVolumePrivilege "Perform volume maintenance tasks"
+0x0000001d          SeImpersonatePrivilege "Impersonate a client after authentication"
+0x0000001e         SeCreateGlobalPrivilege "Create global objects"
+0x0000001f SeTrustedCredManAccessPrivilege "Access Credential Manager as a trusted caller"
+0x00000020              SeRelabelPrivilege "Modify an object label"
+0x00000021   SeIncreaseWorkingSetPrivilege "Increase a process working set"
+0x00000022             SeTimeZonePrivilege "Change the time zone"
+0x00000023   SeCreateSymbolicLinkPrivilege "Create symbolic links"
 
  ********************************************************************/
 
-- 
cgit