git.samba.org / amitay / samba-autobuild / .git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
python: silos: add support for allowed to authenticate from silo shortcut
[amitay/samba-autobuild/.git] / python / samba / netcmd / domain / models / auth_silo.py
diff --git a/python/samba/netcmd/domain/models/auth_silo.py b/python/samba/netcmd/domain/models/auth_silo.py
index 6e624449d315005669ddb3b5d3fa4bff44e6c793..28d94e64fa3571b6a7d71219b26a7b1909c6e580 100644 (file)
--- a/python/samba/netcmd/domain/models/auth_silo.py
+++ b/python/samba/netcmd/domain/models/auth_silo.py
@@ -22,6 +22,8 @@
 
 from ldb import FLAG_MOD_ADD, FLAG_MOD_DELETE, LdbError, Message, MessageElement
 
+from samba.sd_utils import escaped_claim_id
+
 from .exceptions import AddMemberError, RemoveMemberError
 from .fields import DnField, BooleanField, StringField
 from .model import Model
@@ -96,3 +98,7 @@ class AuthenticationSilo(Model):
 
         # If the modify operation was successful refresh members field.
         self.refresh(ldb, fields=["members"])
+
+    def get_authentication_sddl(self):
+        return ("O:SYG:SYD:(XA;OICI;CR;;;WD;(@USER.ad://ext/"
+                f"AuthenticationSilo/{escaped_claim_id(self.name)}))")
Unnamed repository; edit this file 'description' to name the repository.