s3-samr-idl: add User Object specific access rights.

author Günther Deschner <gd@samba.org>

Thu, 23 Oct 2008 17:23:43 +0000 (19:23 +0200)

committer Günther Deschner <gd@samba.org>

Fri, 31 Oct 2008 20:14:26 +0000 (21:14 +0100)
author Günther Deschner <gd@samba.org>
Thu, 23 Oct 2008 17:23:43 +0000 (19:23 +0200)
committer Günther Deschner <gd@samba.org>
Fri, 31 Oct 2008 20:14:26 +0000 (21:14 +0100)
diff --git a/source3/librpc/idl/samr.idl b/source3/librpc/idl/samr.idl

index 96b9fb289d8d7c5c9f8f32b513fa34e071525f10..ade700956f8eebaaa7305dcd43bfda42a6127b60 100644 (file)
--- a/source3/librpc/idl/samr.idl
+++ b/source3/librpc/idl/samr.idl
@@ -72,6 +72,8 @@ import "misc.idl", "lsa.idl", "security.idl";
                  SAMR_ACCESS_OPEN_DOMAIN                |
                  SAMR_ACCESS_CONNECT_TO_SERVER);
  
                  SAMR_ACCESS_OPEN_DOMAIN                |
                  SAMR_ACCESS_CONNECT_TO_SERVER);
  
+       /* User Object specific access rights */
+
         typedef [bitmap32bit] bitmap {
                 SAMR_USER_ACCESS_GET_NAME_ETC             = 0x00000001,
                 SAMR_USER_ACCESS_GET_LOCALE               = 0x00000002,
         typedef [bitmap32bit] bitmap {
                 SAMR_USER_ACCESS_GET_NAME_ETC             = 0x00000001,
                 SAMR_USER_ACCESS_GET_LOCALE               = 0x00000002,
@@ -86,6 +88,33 @@ import "misc.idl", "lsa.idl", "security.idl";
                 SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP  = 0x00000400
         } samr_UserAccessMask;
  
                 SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP  = 0x00000400
         } samr_UserAccessMask;
  
+       const int SAMR_USER_ACCESS_ALL_ACCESS = 0x000007FF;
+
+       const int GENERIC_RIGHTS_USER_ALL_ACCESS =
+               (STANDARD_RIGHTS_REQUIRED_ACCESS        |
+                SAMR_USER_ACCESS_ALL_ACCESS);  /* 0x000f07ff */
+
+       const int GENERIC_RIGHTS_USER_READ =
+               (STANDARD_RIGHTS_READ_ACCESS            |
+                SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP  |
+                SAMR_USER_ACCESS_GET_GROUPS            |
+                SAMR_USER_ACCESS_GET_ATTRIBUTES        |
+                SAMR_USER_ACCESS_GET_LOGONINFO         |
+                SAMR_USER_ACCESS_GET_LOCALE);  /* 0x0002031a */
+
+       const int GENERIC_RIGHTS_USER_WRITE =
+               (STANDARD_RIGHTS_WRITE_ACCESS           |
+                SAMR_USER_ACCESS_CHANGE_PASSWORD       |
+                SAMR_USER_ACCESS_SET_LOC_COM           |
+                SAMR_USER_ACCESS_SET_ATTRIBUTES        |
+                SAMR_USER_ACCESS_SET_PASSWORD          |
+                SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP);     /* 0x000204e4 */
+
+       const int GENERIC_RIGHTS_USER_EXECUTE =
+               (STANDARD_RIGHTS_EXECUTE_ACCESS         |
+                SAMR_USER_ACCESS_CHANGE_PASSWORD       |
+                SAMR_USER_ACCESS_GET_NAME_ETC);        /* 0x00020041 */
+
         typedef [bitmap32bit] bitmap {
                 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1  = 0x00000001,
                 SAMR_DOMAIN_ACCESS_SET_INFO_1     = 0x00000002,
         typedef [bitmap32bit] bitmap {
                 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1  = 0x00000001,
                 SAMR_DOMAIN_ACCESS_SET_INFO_1     = 0x00000002,
author	Günther Deschner <gd@samba.org>
	Thu, 23 Oct 2008 17:23:43 +0000 (19:23 +0200)
committer	Günther Deschner <gd@samba.org>
	Fri, 31 Oct 2008 20:14:26 +0000 (21:14 +0100)