A device has SIDs too, and a modern security token needs to know
them in order to interpret conditional expressions like
"Device_member_of".
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
uint32 num_local_claims;
uint32 num_user_claims;
uint32 num_device_claims;
+ uint32 num_device_sids;
[size_is(num_local_claims)] CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 local_claims[*];
[size_is(num_user_claims)] CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 user_claims[*];
[size_is(num_device_claims)] CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 device_claims[*];
+ [size_is(num_device_sids)] dom_sid device_sids[*];
} security_token;
typedef [public] struct {