From b867b3c1470ee260fe2fd14f628728f01f7917ac Mon Sep 17 00:00:00 2001 From: Ronnie Sahlberg Date: Wed, 29 Aug 2007 12:51:46 +0000 Subject: [PATCH] r24779: add 11 specific access rights that applies to accessmasks for User objects on the samr pipe. 8 of these bits : get name etc get locale get loc com set attributes change password set password get groups comes from wireshark/ethereal where they were added Aug 21 2002 http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=5987&r2=6054 3 bits : get attributes get group membership change group membership also come from wireshark/ethereal where they were added Jul 24 2003 http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=8022&r2=8080 (This used to be commit 1c2729228a341a2d063a444e9546e7e09f23c966) --- source4/librpc/idl/samr.idl | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl index d36fe93d04e..24b78bb369f 100644 --- a/source4/librpc/idl/samr.idl +++ b/source4/librpc/idl/samr.idl @@ -50,6 +50,20 @@ import "misc.idl", "lsa.idl", "security.idl"; SAMR_ACCESS_OPEN_DOMAIN = 0x00000020 } samr_ConnectAccessMask; + typedef [bitmap32bit] bitmap { + USER_ACCESS_GET_NAME_ETC = 0x00000001, + USER_ACCESS_GET_LOCALE = 0x00000002, + USER_ACCESS_SET_LOC_COM = 0x00000004, + USER_ACCESS_GET_LOGONINFO = 0x00000008, + USER_ACCESS_GET_ATTRIBUTES = 0x00000010, + USER_ACCESS_SET_ATTRIBUTES = 0x00000020, + USER_ACCESS_CHANGE_PASSWORD = 0x00000040, + USER_ACCESS_SET_PASSWORD = 0x00000080, + USER_ACCESS_GET_GROUPS = 0x00000100, + USER_ACCESS_GET_GROUP_MEMBERSHIP = 0x00000200, + USER_ACCESS_CHANGE_GROUP_MEMBERSHIP = 0x00000400 + } samr_UserAccessMask; + typedef [bitmap32bit] bitmap { DOMAIN_ACCESS_LOOKUP_INFO_1 = 0x00000001, DOMAIN_ACCESS_SET_INFO_1 = 0x00000002, @@ -316,7 +330,7 @@ import "misc.idl", "lsa.idl", "security.idl"; NTSTATUS samr_CreateUser( [in,ref] policy_handle *domain_handle, [in,ref] lsa_String *account_name, - [in] uint32 access_mask, + [in] samr_UserAccessMask access_mask, [out,ref] policy_handle *user_handle, [out,ref] uint32 *rid ); @@ -591,7 +605,7 @@ import "misc.idl", "lsa.idl", "security.idl"; /* Function 0x22 */ [public] NTSTATUS samr_OpenUser( [in,ref] policy_handle *domain_handle, - [in] uint32 access_mask, + [in] samr_UserAccessMask access_mask, [in] uint32 rid, [out,ref] policy_handle *user_handle ); @@ -1099,7 +1113,7 @@ import "misc.idl", "lsa.idl", "security.idl"; [in,ref] policy_handle *domain_handle, [in,ref] lsa_String *account_name, [in] samr_AcctFlags acct_flags, - [in] uint32 access_mask, + [in] samr_UserAccessMask access_mask, [out,ref] policy_handle *user_handle, [out,ref] uint32 *access_granted, [out,ref] uint32 *rid