sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-07-06 08:59:08 +03:00
Code Activity

Added a net acl ds command for modification of ACLs on directory objects

Browse Source 
At present the command supports only addition of control access rigts, done
so DRS access checks can be tested. It will be expanded to deal with most
ways to modify and view a DS ACL.
Shifted commands a bit. What used to be net acl is now "net acl nt" as apposed
to this, which is "net acl ds"

./bin/net acl ds set --help
Usage: set --objectdn=objectdn --car=control right --action=[deny|allow] --trusteedn=trustee-dn

Options:
  -h, --help            show this help message and exit
  --host=HOST           LDB URL for database or target server
  --car=CAR              The access control right to allow or deny
  --action=ACTION       Deny or allow access
  --objectdn=OBJECTDN   DN of the object whose SD to modify
  --trusteedn=TRUSTEEDN
                        DN of the entity that gets access

  Samba Common Options:
    -s FILE, --configfile=FILE
                        Configuration file

  Credentials Options:
    --simple-bind-dn=DN
                        DN to use for a simple bind
    --password=PASSWORD
                        Password
    -U USERNAME, --username=USERNAME
                        Username
    -W WORKGROUP, --workgroup=WORKGROUP
                        Workgroup
    -N, --no-pass       Don't ask for a password
    -k KERBEROS, --kerberos=KERBEROS
                        Use Kerberos
This commit is contained in:
Nadezhda Ivanova
2010-03-16 13:06:08 +02:00
parent 4379b082b8
commit a212c1dedb
7 changed files with 260 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
source4/scripting/python/pyglue.c
View File

@ -772,6 +772,21 @@ void initglue(void)
PyModule_AddObject(m, "SECINFO_DACL", PyInt_FromLong(SECINFO_DACL));
PyModule_AddObject(m, "SECINFO_SACL", PyInt_FromLong(SECINFO_SACL));
/* control access rights guids */
PyModule_AddObject(m, "GUID_DRS_ALLOCATE_RIDS", PyString_FromString(GUID_DRS_ALLOCATE_RIDS));
PyModule_AddObject(m, "GUID_DRS_CHANGE_DOMAIN_MASTER", PyString_FromString(GUID_DRS_CHANGE_DOMAIN_MASTER));
PyModule_AddObject(m, "GUID_DRS_CHANGE_INFR_MASTER", PyString_FromString(GUID_DRS_CHANGE_INFR_MASTER));
PyModule_AddObject(m, "GUID_DRS_CHANGE_PDC", PyString_FromString(GUID_DRS_CHANGE_PDC));
PyModule_AddObject(m, "GUID_DRS_CHANGE_RID_MASTER", PyString_FromString(GUID_DRS_CHANGE_RID_MASTER));
PyModule_AddObject(m, "GUID_DRS_CHANGE_SCHEMA_MASTER", PyString_FromString(GUID_DRS_CHANGE_SCHEMA_MASTER));
PyModule_AddObject(m, "GUID_DRS_GET_CHANGES", PyString_FromString(GUID_DRS_GET_CHANGES));
PyModule_AddObject(m, "GUID_DRS_GET_ALL_CHANGES", PyString_FromString(GUID_DRS_GET_ALL_CHANGES));
PyModule_AddObject(m, "GUID_DRS_GET_FILTERED_ATTRIBUTES", PyString_FromString(GUID_DRS_GET_FILTERED_ATTRIBUTES));
PyModule_AddObject(m, "GUID_DRS_MANAGE_TOPOLOGY", PyString_FromString(GUID_DRS_MANAGE_TOPOLOGY));
PyModule_AddObject(m, "GUID_DRS_MONITOR_TOPOLOGY", PyString_FromString(GUID_DRS_MONITOR_TOPOLOGY));
PyModule_AddObject(m, "GUID_DRS_REPL_SYNCRONIZE", PyString_FromString(GUID_DRS_REPL_SYNCRONIZE));
PyModule_AddObject(m, "GUID_DRS_RO_REPL_SECRET_SYNC", PyString_FromString(GUID_DRS_RO_REPL_SECRET_SYNC));
/* one of the most annoying things about python scripts is
that they don't die when you hit control-C. This fixes that
sillyness. As we do all database operations using