lsa: add LSA_TRUSTED_DOMAIN access masks.

author Günther Deschner <gd@samba.org>

Tue, 27 Oct 2009 14:28:06 +0000 (15:28 +0100)

committer Günther Deschner <gd@samba.org>

Wed, 28 Oct 2009 11:37:38 +0000 (12:37 +0100)
author Günther Deschner <gd@samba.org>
Tue, 27 Oct 2009 14:28:06 +0000 (15:28 +0100)
committer Günther Deschner <gd@samba.org>
Wed, 28 Oct 2009 11:37:38 +0000 (12:37 +0100)
diff --git a/librpc/gen_ndr/lsa.h b/librpc/gen_ndr/lsa.h

index ccd4e2eca9e138d0a1067a6fc0f6b7b5087bf78d..a0af5712834b7c602c270da1a731c1ebabd5d762 100644 (file)
--- a/librpc/gen_ndr/lsa.h
+++ b/librpc/gen_ndr/lsa.h
@@ -21,6 +21,10 @@
  #define LSA_SECRET_READ        ( (LSA_SECRET_QUERY_VALUE|STANDARD_RIGHTS_READ_ACCESS) )
  #define LSA_SECRET_WRITE       ( (LSA_SECRET_SET_VALUE|STANDARD_RIGHTS_READ_ACCESS) )
  #define LSA_SECRET_EXECUTE     ( (STANDARD_RIGHTS_READ_ACCESS) )
+#define LSA_TRUSTED_DOMAIN_ALL_ACCESS  ( (LSA_TRUSTED_QUERY_DOMAIN_NAME|LSA_TRUSTED_QUERY_CONTROLLERS|LSA_TRUSTED_SET_CONTROLLERS|LSA_TRUSTED_QUERY_POSIX|LSA_TRUSTED_SET_POSIX|LSA_TRUSTED_SET_AUTH|LSA_TRUSTED_QUERY_AUTH|SEC_STD_DELETE|STANDARD_RIGHTS_READ_ACCESS|SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER) )
+#define LSA_TRUSTED_DOMAIN_READ        ( (LSA_TRUSTED_QUERY_DOMAIN_NAME|STANDARD_RIGHTS_READ_ACCESS) )
+#define LSA_TRUSTED_DOMAIN_WRITE       ( (LSA_TRUSTED_SET_CONTROLLERS|LSA_TRUSTED_SET_POSIX|LSA_TRUSTED_SET_AUTH|STANDARD_RIGHTS_READ_ACCESS) )
+#define LSA_TRUSTED_DOMAIN_EXECUTE     ( (LSA_TRUSTED_QUERY_DOMAIN_NAME|LSA_TRUSTED_QUERY_POSIX|STANDARD_RIGHTS_READ_ACCESS) )
  #define LSA_ENUM_TRUST_DOMAIN_MULTIPLIER       ( 60 )
  #define LSA_REF_DOMAIN_LIST_MULTIPLIER ( 32 )
  #define LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER    ( 82 )
diff --git a/librpc/idl/lsa.idl b/librpc/idl/lsa.idl

index ed95b919f92b2a688d75e0e0e9e78f3cd4548b66..a893786afa5ae6f53d354ece091344d4eafd9b29 100644 (file)
--- a/librpc/idl/lsa.idl
+++ b/librpc/idl/lsa.idl
@@ -242,6 +242,35 @@ import "misc.idl", "security.idl";
                 LSA_TRUSTED_QUERY_AUTH                  = 0x00000040
         } lsa_TrustedAccessMask;
  
+       const int LSA_TRUSTED_DOMAIN_ALL_ACCESS =
+               (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+                LSA_TRUSTED_QUERY_CONTROLLERS |
+                LSA_TRUSTED_SET_CONTROLLERS |
+                LSA_TRUSTED_QUERY_POSIX |
+                LSA_TRUSTED_SET_POSIX |
+                LSA_TRUSTED_SET_AUTH |
+                LSA_TRUSTED_QUERY_AUTH |
+                SEC_STD_DELETE |
+                STANDARD_RIGHTS_READ_ACCESS |
+                SEC_STD_WRITE_DAC |
+                SEC_STD_WRITE_OWNER); /* 0x000F007F */
+
+       const int LSA_TRUSTED_DOMAIN_READ =
+               (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+                STANDARD_RIGHTS_READ_ACCESS); /* 0x00020001 */
+
+       const int LSA_TRUSTED_DOMAIN_WRITE =
+               (LSA_TRUSTED_SET_CONTROLLERS |
+                LSA_TRUSTED_SET_POSIX |
+                LSA_TRUSTED_SET_AUTH |
+                STANDARD_RIGHTS_READ_ACCESS); /* 0x00020034 */
+
+       const int LSA_TRUSTED_DOMAIN_EXECUTE =
+               (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+                LSA_TRUSTED_QUERY_POSIX |
+                STANDARD_RIGHTS_READ_ACCESS); /* 0x0002000C */
+
+
         /* notice the screwup with the system_name - thats why MS created
            OpenPolicy2 */
         [public] NTSTATUS lsa_OpenPolicy (
author	Günther Deschner <gd@samba.org>
	Tue, 27 Oct 2009 14:28:06 +0000 (15:28 +0100)
committer	Günther Deschner <gd@samba.org>
	Wed, 28 Oct 2009 11:37:38 +0000 (12:37 +0100)
librpc/gen_ndr/lsa.h		patch \| blob \| history
librpc/idl/lsa.idl		patch \| blob \| history