security.idl: extend security token with device SIDs

A device has SIDs too, and a modern security token needs to know
them in order to interpret conditional expressions like
"Device_member_of".

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 20ff02f0074a270f0c08bed4dc940d02cffceb59..454042571794b4dbb5b75b79db0054c4c8054a1c 100644 (file)
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -761,9 +761,11 @@ interface security
                uint32 num_local_claims;
                uint32 num_user_claims;
                uint32 num_device_claims;
+               uint32 num_device_sids;
                [size_is(num_local_claims)] CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 local_claims[*];
                [size_is(num_user_claims)] CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 user_claims[*];
                [size_is(num_device_claims)] CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 device_claims[*];
+               [size_is(num_device_sids)] dom_sid device_sids[*];
        } security_token;
 
         typedef [public] struct {