svn commit: samba r4148 - in branches/SAMBA_4_0/source: .
tridge at samba.org
tridge at samba.org
Sat Dec 11 05:43:04 GMT 2004
Author: tridge
Date: 2004-12-11 05:43:03 +0000 (Sat, 11 Dec 2004)
New Revision: 4148
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=4148
Log:
add a default set of privileges to the core builtin accounts in the
sam. I decided to do it the simple way of making the privileges user
attributes. w2k doesn't expose the privileges via LDAP, so we are free
to store them in any way we like without breaking compatibility.
Modified:
branches/SAMBA_4_0/source/provision.ldif
Changeset:
Modified: branches/SAMBA_4_0/source/provision.ldif
===================================================================
--- branches/SAMBA_4_0/source/provision.ldif 2004-12-11 05:41:19 UTC (rev 4147)
+++ branches/SAMBA_4_0/source/provision.ldif 2004-12-11 05:43:03 UTC (rev 4148)
@@ -258,7 +258,32 @@
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
unixName: ${WHEEL}
+privilege: SeSecurityPrivilege
+privilege: SeBackupPrivilege
+privilege: SeRestorePrivilege
+privilege: SeSystemtimePrivilege
+privilege: SeShutdownPrivilege
+privilege: SeRemoteShutdownPrivilege
+privilege: SeTakeOwnershipPrivilege
+privilege: SeDebugPrivilege
+privilege: SeSystemEnvironmentPrivilege
+privilege: SeSystemProfilePrivilege
+privilege: SeProfileSingleProcessPrivilege
+privilege: SeIncreaseBasePriorityPrivilege
+privilege: SeLoadDriverPrivilege
+privilege: SeCreatePagefilePrivilege
+privilege: SeIncreaseQuotaPrivilege
+privilege: SeChangeNotifyPrivilege
+privilege: SeUndockPrivilege
+privilege: SeManageVolumePrivilege
+privilege: SeImpersonatePrivilege
+privilege: SeCreateGlobalPrivilege
+privilege: SeEnableDelegationPrivilege
+privilege: SeInteractiveLogonRight
+privilege: SeNetworkLogonRight
+privilege: SeRemoteInteractiveLogonRight
+
dn: CN=Users,CN=Builtin,${BASEDN}
objectClass: top
objectClass: group
@@ -323,6 +348,9 @@
groupType: 0x80000005
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
+privilege: SeLoadDriverPrivilege
+privilege: SeShutdownPrivilege
+privilege: SeInteractiveLogonRight
dn: CN=Backup Operators,CN=Builtin,${BASEDN}
objectClass: top
@@ -344,6 +372,10 @@
groupType: 0x80000005
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
+privilege: SeBackupPrivilege
+privilege: SeRestorePrivilege
+privilege: SeShutdownPrivilege
+privilege: SeInteractiveLogonRight
dn: CN=Replicator,CN=Builtin,${BASEDN}
objectClass: top
@@ -750,6 +782,12 @@
groupType: 0x80000005
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
+privilege: SeBackupPrivilege
+privilege: SeSystemtimePrivilege
+privilege: SeRemoteShutdownPrivilege
+privilege: SeRestorePrivilege
+privilege: SeShutdownPrivilege
+privilege: SeInteractiveLogonRight
dn: CN=Account Operators,CN=Builtin,${BASEDN}
objectClass: top
@@ -771,6 +809,7 @@
groupType: 0x80000005
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
+privilege: SeInteractiveLogonRight
dn: CN=Templates,${BASEDN}
objectClass: top
@@ -864,4 +903,3 @@
name: TemplateGroup
instanceType: 4
sAMAccountType: 0x10000000
-
More information about the samba-cvs
mailing list