1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

lsa: add LSA_TRUSTED_DOMAIN access masks.

Guenther
This commit is contained in:
Günther Deschner 2009-10-27 15:28:06 +01:00
parent bda047afbc
commit 1f9d06a1b0
2 changed files with 33 additions and 0 deletions

View File

@ -21,6 +21,10 @@
#define LSA_SECRET_READ ( (LSA_SECRET_QUERY_VALUE|STANDARD_RIGHTS_READ_ACCESS) )
#define LSA_SECRET_WRITE ( (LSA_SECRET_SET_VALUE|STANDARD_RIGHTS_READ_ACCESS) )
#define LSA_SECRET_EXECUTE ( (STANDARD_RIGHTS_READ_ACCESS) )
#define LSA_TRUSTED_DOMAIN_ALL_ACCESS ( (LSA_TRUSTED_QUERY_DOMAIN_NAME|LSA_TRUSTED_QUERY_CONTROLLERS|LSA_TRUSTED_SET_CONTROLLERS|LSA_TRUSTED_QUERY_POSIX|LSA_TRUSTED_SET_POSIX|LSA_TRUSTED_SET_AUTH|LSA_TRUSTED_QUERY_AUTH|SEC_STD_DELETE|STANDARD_RIGHTS_READ_ACCESS|SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER) )
#define LSA_TRUSTED_DOMAIN_READ ( (LSA_TRUSTED_QUERY_DOMAIN_NAME|STANDARD_RIGHTS_READ_ACCESS) )
#define LSA_TRUSTED_DOMAIN_WRITE ( (LSA_TRUSTED_SET_CONTROLLERS|LSA_TRUSTED_SET_POSIX|LSA_TRUSTED_SET_AUTH|STANDARD_RIGHTS_READ_ACCESS) )
#define LSA_TRUSTED_DOMAIN_EXECUTE ( (LSA_TRUSTED_QUERY_DOMAIN_NAME|LSA_TRUSTED_QUERY_POSIX|STANDARD_RIGHTS_READ_ACCESS) )
#define LSA_ENUM_TRUST_DOMAIN_MULTIPLIER ( 60 )
#define LSA_REF_DOMAIN_LIST_MULTIPLIER ( 32 )
#define LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER ( 82 )

View File

@ -242,6 +242,35 @@ import "misc.idl", "security.idl";
LSA_TRUSTED_QUERY_AUTH = 0x00000040
} lsa_TrustedAccessMask;
const int LSA_TRUSTED_DOMAIN_ALL_ACCESS =
(LSA_TRUSTED_QUERY_DOMAIN_NAME |
LSA_TRUSTED_QUERY_CONTROLLERS |
LSA_TRUSTED_SET_CONTROLLERS |
LSA_TRUSTED_QUERY_POSIX |
LSA_TRUSTED_SET_POSIX |
LSA_TRUSTED_SET_AUTH |
LSA_TRUSTED_QUERY_AUTH |
SEC_STD_DELETE |
STANDARD_RIGHTS_READ_ACCESS |
SEC_STD_WRITE_DAC |
SEC_STD_WRITE_OWNER); /* 0x000F007F */
const int LSA_TRUSTED_DOMAIN_READ =
(LSA_TRUSTED_QUERY_DOMAIN_NAME |
STANDARD_RIGHTS_READ_ACCESS); /* 0x00020001 */
const int LSA_TRUSTED_DOMAIN_WRITE =
(LSA_TRUSTED_SET_CONTROLLERS |
LSA_TRUSTED_SET_POSIX |
LSA_TRUSTED_SET_AUTH |
STANDARD_RIGHTS_READ_ACCESS); /* 0x00020034 */
const int LSA_TRUSTED_DOMAIN_EXECUTE =
(LSA_TRUSTED_QUERY_DOMAIN_NAME |
LSA_TRUSTED_QUERY_POSIX |
STANDARD_RIGHTS_READ_ACCESS); /* 0x0002000C */
/* notice the screwup with the system_name - thats why MS created
OpenPolicy2 */
[public] NTSTATUS lsa_OpenPolicy (