[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1653-gd4a9e46

Günther Deschner gd at samba.org
Fri Jan 25 00:13:52 GMT 2008


The branch, v3-2-test has been updated
       via  d4a9e46edf7336f673c001c559af96eb0ecf9f6f (commit)
      from  c0bf3af692bee5bc5a3405feb405e67d35d77a16 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit d4a9e46edf7336f673c001c559af96eb0ecf9f6f
Author: Günther Deschner <gd at samba.org>
Date:   Fri Jan 25 01:00:51 2008 +0100

    Trying to avoid defining new SAMR acct creation flags when we already have them with different
    names. Matt, Jeremy, please check.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source/include/rpc_samr.h   |   25 -------------------------
 source/libnet/libnet_join.c |   10 ++++++----
 source/rpcclient/cmd_samr.c |    9 +++++----
 source/utils/net_domain.c   |   10 ++++++----
 source/utils/net_rpc.c      |   20 +++++++++++---------
 source/utils/net_rpc_join.c |   11 +++++++----
 6 files changed, 35 insertions(+), 50 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/include/rpc_samr.h b/source/include/rpc_samr.h
index 5ddb877..9f4645b 100644
--- a/source/include/rpc_samr.h
+++ b/source/include/rpc_samr.h
@@ -145,31 +145,6 @@ SamrTestPrivateFunctionsUser
 #define SAMR_CHGPASSWD_USER3   0x3F
 #define SAMR_CONNECT5          0x40
 
-/* SAMR account creation flags/permissions */
-#define SAMR_USER_GETNAME               0x1
-#define SAMR_USER_GETLOCALE             0x2
-#define SAMR_USER_GETLOCCOM             0x4
-#define SAMR_USER_GETLOGONINFO          0x8
-#define SAMR_USER_GETATTR               0x10
-#define SAMR_USER_SETATTR               0x20
-#define SAMR_USER_CHPASS                0x40
-#define SAMR_USER_SETPASS               0x80
-#define SAMR_USER_GETGROUPS             0x100
-#define SAMR_USER_GETMEMBERSHIP         0x200
-#define SAMR_USER_CHMEMBERSHIP          0x400
-#define SAMR_STANDARD_DELETE            0x10000
-#define SAMR_STANDARD_READCTRL          0x20000
-#define SAMR_STANDARD_WRITEDAC          0x40000
-#define SAMR_STANDARD_WRITEOWNER        0x80000
-#define SAMR_STANDARD_SYNC              0x100000
-#define SAMR_GENERIC_ACCESSSACL         0x800000
-#define SAMR_GENERIC_MAXALLOWED         0x2000000
-#define SAMR_GENERIC_ALL                0x10000000
-#define SAMR_GENERIC_EXECUTE            0x20000000
-#define SAMR_GENERIC_WRITE              0x40000000
-#define SAMR_GENERIC_READ               0x80000000
-
-
 typedef struct logon_hours_info
 {
 	uint32 max_len; /* normally 1260 bytes */
diff --git a/source/libnet/libnet_join.c b/source/libnet/libnet_join.c
index 538cca7..f83e0fb 100644
--- a/source/libnet/libnet_join.c
+++ b/source/libnet/libnet_join.c
@@ -684,10 +684,12 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
 	const_acct_name = acct_name;
 
 	if (r->in.join_flags & WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE) {
-		uint32 acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
-			SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
-			SAMR_STANDARD_DELETE | SAMR_USER_SETPASS |
-			SAMR_USER_GETATTR | SAMR_USER_SETATTR;
+		uint32_t acct_flags =
+			SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+			SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+			SAMR_USER_ACCESS_SET_PASSWORD |
+			SAMR_USER_ACCESS_GET_ATTRIBUTES |
+			SAMR_USER_ACCESS_SET_ATTRIBUTES;
 
 		status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx,
 						     &domain_pol,
diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c
index 5b42c6b..1bb13f3 100644
--- a/source/rpcclient/cmd_samr.c
+++ b/source/rpcclient/cmd_samr.c
@@ -1483,10 +1483,11 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
 	/* Create domain user */
 
 	acb_info = ACB_NORMAL;
-	acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
-			SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
-			SAMR_STANDARD_DELETE | SAMR_USER_SETPASS |
-			SAMR_USER_GETATTR | SAMR_USER_SETATTR;
+	acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+		     SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+		     SAMR_USER_ACCESS_SET_PASSWORD |
+		     SAMR_USER_ACCESS_GET_ATTRIBUTES |
+		     SAMR_USER_ACCESS_SET_ATTRIBUTES;
 
 	result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
 					  acct_name, acb_info, acct_flags,
diff --git a/source/utils/net_domain.c b/source/utils/net_domain.c
index a98f090..1c34a3b 100644
--- a/source/utils/net_domain.c
+++ b/source/utils/net_domain.c
@@ -245,12 +245,14 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli,
 	const_acct_name = acct_name;
 
 	/* Don't try to set any acb_info flags other than ACB_WSTRUST */
+	acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+		     SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+		     SAMR_USER_ACCESS_SET_PASSWORD |
+		     SAMR_USER_ACCESS_GET_ATTRIBUTES |
+		     SAMR_USER_ACCESS_SET_ATTRIBUTES;
 
-        acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
-                SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
-                SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
-                SAMR_USER_SETATTR;
 	DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
+
 	status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
 			acct_name, acb_info, acct_flags, &user_pol, &user_rid);
 
diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c
index b08a936..46fbcfb 100644
--- a/source/utils/net_rpc.c
+++ b/source/utils/net_rpc.c
@@ -618,10 +618,11 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
 	/* Create domain user */
 
 	acb_info = ACB_NORMAL;
-	acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
-		SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
-		SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
-		SAMR_USER_SETATTR;
+	acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+		     SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+		     SAMR_USER_ACCESS_SET_PASSWORD |
+		     SAMR_USER_ACCESS_GET_ATTRIBUTES |
+		     SAMR_USER_ACCESS_SET_ATTRIBUTES;
 
 	result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
 					  acct_name, acb_info, acct_flags,
@@ -5378,11 +5379,12 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
 	}
 
 	/* Create trusting domain's account */
-	acb_info = ACB_NORMAL; 
-        acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
-                SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
-                SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
-                SAMR_USER_SETATTR;
+	acb_info = ACB_NORMAL;
+	acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+		     SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+		     SAMR_USER_ACCESS_SET_PASSWORD |
+		     SAMR_USER_ACCESS_GET_ATTRIBUTES |
+		     SAMR_USER_ACCESS_SET_ATTRIBUTES;
 
 	result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
 					  acct_name, acb_info, acct_flags,
diff --git a/source/utils/net_rpc_join.c b/source/utils/net_rpc_join.c
index 5c3fb2b..2712199 100644
--- a/source/utils/net_rpc_join.c
+++ b/source/utils/net_rpc_join.c
@@ -250,11 +250,14 @@ int net_rpc_join_newstyle(int argc, const char **argv)
 	strlower_m(acct_name);
 	const_acct_name = acct_name;
 
-        acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
-                SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
-                SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
-                SAMR_USER_SETATTR;
+	acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
+		     SEC_STD_WRITE_DAC | SEC_STD_DELETE |
+		     SAMR_USER_ACCESS_SET_PASSWORD |
+		     SAMR_USER_ACCESS_GET_ATTRIBUTES |
+		     SAMR_USER_ACCESS_SET_ATTRIBUTES;
+
 	DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
+
 	result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
 					  acct_name, acb_info,
 					  acct_flags, &user_pol, 


-- 
Samba Shared Repository


More information about the samba-cvs mailing list