s3-samr-idl: add Domain Object specific access rights.
[ira/wip.git] / source3 / librpc / idl / samr.idl
index ade700956f8eebaaa7305dcd43bfda42a6127b60..c852c81acc069eeb99996ee5aff3a30aeefb40a4 100644 (file)
@@ -115,6 +115,8 @@ import "misc.idl", "lsa.idl", "security.idl";
                 SAMR_USER_ACCESS_CHANGE_PASSWORD       |
                 SAMR_USER_ACCESS_GET_NAME_ETC);        /* 0x00020041 */
 
+       /* Domain Object specific access rights */
+
        typedef [bitmap32bit] bitmap {
                SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1  = 0x00000001,
                SAMR_DOMAIN_ACCESS_SET_INFO_1     = 0x00000002,
@@ -129,6 +131,32 @@ import "misc.idl", "lsa.idl", "security.idl";
                SAMR_DOMAIN_ACCESS_SET_INFO_3     = 0x00000400
        } samr_DomainAccessMask;
 
+       const int SAMR_DOMAIN_ACCESS_ALL_ACCESS = 0x000007FF;
+
+       const int GENERIC_RIGHTS_DOMAIN_ALL_ACCESS =
+               (STANDARD_RIGHTS_REQUIRED_ACCESS        |
+                SAMR_DOMAIN_ACCESS_ALL_ACCESS);
+
+       const int GENERIC_RIGHTS_DOMAIN_READ =
+               (STANDARD_RIGHTS_READ_ACCESS            |
+                SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS        |
+                SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2);
+
+       const int GENERIC_RIGHTS_DOMAIN_WRITE =
+               (STANDARD_RIGHTS_WRITE_ACCESS           |
+                SAMR_DOMAIN_ACCESS_SET_INFO_3          |
+                SAMR_DOMAIN_ACCESS_CREATE_ALIAS        |
+                SAMR_DOMAIN_ACCESS_CREATE_GROUP        |
+                SAMR_DOMAIN_ACCESS_CREATE_USER         |
+                SAMR_DOMAIN_ACCESS_SET_INFO_2          |
+                SAMR_DOMAIN_ACCESS_SET_INFO_1);
+
+       const int GENERIC_RIGHTS_DOMAIN_EXECUTE =
+               (STANDARD_RIGHTS_EXECUTE_ACCESS         |
+                SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT        |
+                SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS       |
+                SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1);
+
        typedef [bitmap32bit] bitmap {
                SAMR_GROUP_ACCESS_LOOKUP_INFO     = 0x00000001,
                SAMR_GROUP_ACCESS_SET_INFO        = 0x00000002,