[SCM] Samba Shared Repository - branch v3-4-test updated -
release-4-0-0alpha7-803-gb0c4be0
Günther Deschner
gd at samba.org
Tue Apr 21 16:38:19 GMT 2009
The branch, v3-4-test has been updated
via b0c4be0e2b856326e5790f4aef54e6b792f8f089 (commit)
via 904bc5011fc7df40111f493ff28972640b95c0d1 (commit)
via 3e9ee3fa54b514987f40a477b3049b18e87390e9 (commit)
via 2f691302b3fe6b5b710b228ae149e0807ef5d5dc (commit)
via c7d5e0a19057b6ad7301a390fc766bb438967eb2 (commit)
from e39255311a61897c53e00cc27df65790f83e132b (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test
- Log -----------------------------------------------------------------
commit b0c4be0e2b856326e5790f4aef54e6b792f8f089
Author: Günther Deschner <gd at samba.org>
Date: Tue Apr 21 13:01:29 2009 +0200
s3-secdesc: remove SEC_RIGHT_MAXIMUM_ALLOWED and SEC_RIGHT_SYSTEM_SECURITY.
We had up to three incarnations of these flags in Samba3.
Guenther
(cherry picked from commit d94bbb3167f3a18d6b8a311557f228e2977249ea)
commit 904bc5011fc7df40111f493ff28972640b95c0d1
Author: Günther Deschner <gd at samba.org>
Date: Wed Apr 15 01:30:12 2009 +0200
s3-secdesc: move all winreg access bits to IDL.
Guenther
(cherry picked from commit 38264bb3b86a3c9da941070f29ec08227c471d2b)
commit 3e9ee3fa54b514987f40a477b3049b18e87390e9
Author: Günther Deschner <gd at samba.org>
Date: Wed Apr 15 01:19:30 2009 +0200
s3-secdesc: use SEC_FLAG_SYSTEM_SECURITY instead of SEC_RIGHT_SYSTEM_SECURITY.
Guenther
(cherry picked from commit da92e54236293460e307edd52ca7f1e20c6f23ef)
commit 2f691302b3fe6b5b710b228ae149e0807ef5d5dc
Author: Günther Deschner <gd at samba.org>
Date: Wed Apr 15 01:16:41 2009 +0200
s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHT_MAXIMUM_ALLOWED.
Guenther
(cherry picked from commit 1bb093aea9a4c5996514b10adc39a130cc6859ba)
commit c7d5e0a19057b6ad7301a390fc766bb438967eb2
Author: Günther Deschner <gd at samba.org>
Date: Wed Apr 15 01:12:13 2009 +0200
s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHTS_MAXIMUM_ALLOWED.
Guenther
(cherry picked from commit b5bec1a6d73f5939b306e157937d027a7286163c)
-----------------------------------------------------------------------
Summary of changes:
librpc/gen_ndr/winreg.h | 4 +++
librpc/idl/winreg.idl | 20 +++++++++++++++
source3/include/rpc_secdes.h | 38 -----------------------------
source3/lib/smbconf/smbconf_reg.c | 2 +-
source3/libnet/libnet_join.c | 10 ++++----
source3/libsmb/libsmb_server.c | 2 +-
source3/registry/reg_api.c | 28 ++++++++++----------
source3/rpcclient/cmd_lsarpc.c | 48 ++++++++++++++++++------------------
source3/rpcclient/cmd_samr.c | 4 +-
source3/rpcclient/cmd_test.c | 2 +-
source3/rpcclient/rpcclient.c | 2 +-
source3/smbd/open.c | 8 +++---
source3/utils/net_registry.c | 6 ++--
source3/utils/net_rpc.c | 14 +++++-----
source3/utils/net_rpc_audit.c | 8 +++---
source3/utils/net_rpc_join.c | 4 +-
source3/utils/net_rpc_registry.c | 14 +++++-----
source3/utils/net_rpc_rights.c | 10 ++++----
source3/utils/net_util.c | 2 +-
source3/utils/netlookup.c | 2 +-
source3/utils/smbcquotas.c | 2 +-
source3/winbindd/winbindd_cm.c | 18 +++++++-------
source3/winbindd/winbindd_rpc.c | 6 ++--
23 files changed, 120 insertions(+), 134 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/gen_ndr/winreg.h b/librpc/gen_ndr/winreg.h
index e0300fd..103817c 100644
--- a/librpc/gen_ndr/winreg.h
+++ b/librpc/gen_ndr/winreg.h
@@ -9,6 +9,10 @@
#ifndef _HEADER_winreg
#define _HEADER_winreg
+#define REG_KEY_READ ( (STANDARD_RIGHTS_READ_ACCESS|KEY_QUERY_VALUE|KEY_ENUMERATE_SUB_KEYS|KEY_NOTIFY) )
+#define REG_KEY_EXECUTE ( REG_KEY_READ )
+#define REG_KEY_WRITE ( (STANDARD_RIGHTS_WRITE_ACCESS|KEY_SET_VALUE|KEY_CREATE_SUB_KEY) )
+#define REG_KEY_ALL ( (STANDARD_RIGHTS_REQUIRED_ACCESS|REG_KEY_READ|REG_KEY_WRITE|KEY_CREATE_LINK) )
/* bitmap winreg_AccessMask */
#define KEY_QUERY_VALUE ( 0x00001 )
#define KEY_SET_VALUE ( 0x00002 )
diff --git a/librpc/idl/winreg.idl b/librpc/idl/winreg.idl
index b905bde..18b5edc 100644
--- a/librpc/idl/winreg.idl
+++ b/librpc/idl/winreg.idl
@@ -14,6 +14,10 @@ import "lsa.idl", "security.idl";
{
typedef bitmap security_secinfo security_secinfo;
+ /*
+ * Access Bits for registry ACLS
+ */
+
typedef [bitmap32bit] bitmap {
KEY_QUERY_VALUE = 0x00001,
KEY_SET_VALUE = 0x00002,
@@ -25,6 +29,22 @@ import "lsa.idl", "security.idl";
KEY_WOW64_32KEY = 0x00200
} winreg_AccessMask;
+ const int REG_KEY_READ = ( STANDARD_RIGHTS_READ_ACCESS |
+ KEY_QUERY_VALUE |
+ KEY_ENUMERATE_SUB_KEYS |
+ KEY_NOTIFY);
+
+ const int REG_KEY_EXECUTE = REG_KEY_READ;
+
+ const int REG_KEY_WRITE = ( STANDARD_RIGHTS_WRITE_ACCESS |
+ KEY_SET_VALUE |
+ KEY_CREATE_SUB_KEY);
+
+ const int REG_KEY_ALL = ( STANDARD_RIGHTS_REQUIRED_ACCESS |
+ REG_KEY_READ |
+ REG_KEY_WRITE |
+ KEY_CREATE_LINK);
+
typedef [public,v1_enum] enum {
REG_NONE = 0,
REG_SZ = 1,
diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h
index c74d621..6db3f2d 100644
--- a/source3/include/rpc_secdes.h
+++ b/source3/include/rpc_secdes.h
@@ -121,9 +121,6 @@ struct standard_mapping {
#define STANDARD_RIGHTS_MASK 0x00FF0000
#define GENERIC_RIGHTS_MASK 0xF0000000
-#define SEC_RIGHT_SYSTEM_SECURITY 0x01000000
-#define SEC_RIGHT_MAXIMUM_ALLOWED 0x02000000
-
/* Generic access rights */
#define GENERIC_RIGHT_ALL_ACCESS 0x10000000
@@ -194,39 +191,4 @@ struct standard_mapping {
SA_RIGHT_FILE_WRITE_DATA | \
SA_RIGHT_FILE_READ_DATA)
-/*
- * Access Bits for registry ACLS
- */
-
-/* used by registry ACLs */
-
-#define SEC_RIGHTS_QUERY_VALUE 0x00000001
-#define SEC_RIGHTS_SET_VALUE 0x00000002
-#define SEC_RIGHTS_CREATE_SUBKEY 0x00000004
-#define SEC_RIGHTS_ENUM_SUBKEYS 0x00000008
-#define SEC_RIGHTS_NOTIFY 0x00000010
-#define SEC_RIGHTS_CREATE_LINK 0x00000020
-#define SEC_RIGHTS_MAXIMUM_ALLOWED 0x02000000
-
-
-#define REG_KEY_READ \
- ( STANDARD_RIGHTS_READ_ACCESS |\
- SEC_RIGHTS_QUERY_VALUE |\
- SEC_RIGHTS_ENUM_SUBKEYS |\
- SEC_RIGHTS_NOTIFY )
-
-#define REG_KEY_EXECUTE REG_KEY_READ
-
-#define REG_KEY_WRITE \
- ( STANDARD_RIGHTS_WRITE_ACCESS |\
- SEC_RIGHTS_SET_VALUE |\
- SEC_RIGHTS_CREATE_SUBKEY )
-
-#define REG_KEY_ALL \
- ( STANDARD_RIGHTS_REQUIRED_ACCESS |\
- REG_KEY_READ |\
- REG_KEY_WRITE |\
- SEC_RIGHTS_CREATE_LINK )
-
-
#endif /* _RPC_SECDES_H */
diff --git a/source3/lib/smbconf/smbconf_reg.c b/source3/lib/smbconf/smbconf_reg.c
index 0ecac97..54ce534 100644
--- a/source3/lib/smbconf/smbconf_reg.c
+++ b/source3/lib/smbconf/smbconf_reg.c
@@ -567,7 +567,7 @@ static WERROR smbconf_reg_init(struct smbconf_ctx *ctx, const char *path)
}
werr = reg_open_path(ctx, ctx->path,
- SEC_RIGHTS_ENUM_SUBKEYS | REG_KEY_WRITE,
+ KEY_ENUMERATE_SUB_KEYS | REG_KEY_WRITE,
token, &rpd(ctx)->base_key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 6b0604b..376befe 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -702,7 +702,7 @@ static NTSTATUS libnet_join_lookup_dc_rpc(TALLOC_CTX *mem_ctx,
}
status = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
- SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol);
+ SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
@@ -887,7 +887,7 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
status = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
user_rid,
&user_pol);
if (!NT_STATUS_IS_OK(status)) {
@@ -1166,7 +1166,7 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->desthost,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&sam_pol);
if (!NT_STATUS_IS_OK(status)) {
goto done;
@@ -1174,7 +1174,7 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&sam_pol,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
r->in.domain_sid,
&domain_pol);
if (!NT_STATUS_IS_OK(status)) {
@@ -1212,7 +1212,7 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
status = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
user_rid,
&user_pol);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c
index eda37f2..60849c8 100644
--- a/source3/libsmb/libsmb_server.c
+++ b/source3/libsmb/libsmb_server.c
@@ -740,7 +740,7 @@ SMBC_attr_server(TALLOC_CTX *ctx,
/*
* Some systems don't support
- * SEC_RIGHTS_MAXIMUM_ALLOWED, but NT sends 0x2000000
+ * SEC_FLAG_MAXIMUM_ALLOWED, but NT sends 0x2000000
* so we might as well do it too.
*/
diff --git a/source3/registry/reg_api.c b/source3/registry/reg_api.c
index c1a78c1..817d43b 100644
--- a/source3/registry/reg_api.c
+++ b/source3/registry/reg_api.c
@@ -272,7 +272,7 @@ WERROR reg_openkey(TALLOC_CTX *mem_ctx, struct registry_key *parent,
err = regkey_open_onelevel(mem_ctx, direct_parent,
name_component, parent->token,
- SEC_RIGHTS_ENUM_SUBKEYS, &tmp);
+ KEY_ENUMERATE_SUB_KEYS, &tmp);
SAFE_FREE(name_component);
if (!W_ERROR_IS_OK(err)) {
@@ -301,7 +301,7 @@ WERROR reg_enumkey(TALLOC_CTX *mem_ctx, struct registry_key *key,
{
WERROR err;
- if (!(key->key->access_granted & SEC_RIGHTS_ENUM_SUBKEYS)) {
+ if (!(key->key->access_granted & KEY_ENUMERATE_SUB_KEYS)) {
return WERR_ACCESS_DENIED;
}
@@ -332,7 +332,7 @@ WERROR reg_enumvalue(TALLOC_CTX *mem_ctx, struct registry_key *key,
struct registry_value *val;
WERROR err;
- if (!(key->key->access_granted & SEC_RIGHTS_QUERY_VALUE)) {
+ if (!(key->key->access_granted & KEY_QUERY_VALUE)) {
return WERR_ACCESS_DENIED;
}
@@ -370,7 +370,7 @@ WERROR reg_queryvalue(TALLOC_CTX *mem_ctx, struct registry_key *key,
WERROR err;
uint32 i;
- if (!(key->key->access_granted & SEC_RIGHTS_QUERY_VALUE)) {
+ if (!(key->key->access_granted & KEY_QUERY_VALUE)) {
return WERR_ACCESS_DENIED;
}
@@ -399,7 +399,7 @@ WERROR reg_queryinfokey(struct registry_key *key, uint32_t *num_subkeys,
WERROR err;
struct security_descriptor *secdesc;
- if (!(key->key->access_granted & SEC_RIGHTS_QUERY_VALUE)) {
+ if (!(key->key->access_granted & KEY_QUERY_VALUE)) {
return WERR_ACCESS_DENIED;
}
@@ -483,7 +483,7 @@ WERROR reg_createkey(TALLOC_CTX *ctx, struct registry_key *parent,
*end = '\0';
err = reg_createkey(mem_ctx, key, path,
- SEC_RIGHTS_ENUM_SUBKEYS, &tmp, &action);
+ KEY_ENUMERATE_SUB_KEYS, &tmp, &action);
if (!W_ERROR_IS_OK(err)) {
goto done;
}
@@ -521,7 +521,7 @@ WERROR reg_createkey(TALLOC_CTX *ctx, struct registry_key *parent,
* with ENUM_SUBKEY access.
*/
- err = reg_openkey(mem_ctx, key, "", SEC_RIGHTS_CREATE_SUBKEY,
+ err = reg_openkey(mem_ctx, key, "", KEY_CREATE_SUB_KEY,
&create_parent);
if (!W_ERROR_IS_OK(err)) {
goto done;
@@ -582,7 +582,7 @@ WERROR reg_deletekey(struct registry_key *parent, const char *path)
*end = '\0';
err = reg_openkey(mem_ctx, parent, name,
- SEC_RIGHTS_CREATE_SUBKEY, &tmp_key);
+ KEY_CREATE_SUB_KEY, &tmp_key);
W_ERROR_NOT_OK_GOTO_DONE(err);
parent = tmp_key;
@@ -608,7 +608,7 @@ WERROR reg_setvalue(struct registry_key *key, const char *name,
DATA_BLOB value_data;
int res;
- if (!(key->key->access_granted & SEC_RIGHTS_SET_VALUE)) {
+ if (!(key->key->access_granted & KEY_SET_VALUE)) {
return WERR_ACCESS_DENIED;
}
@@ -655,7 +655,7 @@ WERROR reg_deletevalue(struct registry_key *key, const char *name)
{
WERROR err;
- if (!(key->key->access_granted & SEC_RIGHTS_SET_VALUE)) {
+ if (!(key->key->access_granted & KEY_SET_VALUE)) {
return WERR_ACCESS_DENIED;
}
@@ -982,7 +982,7 @@ WERROR reg_deleteallvalues(struct registry_key *key)
WERROR err;
int i;
- if (!(key->key->access_granted & SEC_RIGHTS_SET_VALUE)) {
+ if (!(key->key->access_granted & KEY_SET_VALUE)) {
return WERR_ACCESS_DENIED;
}
@@ -1038,7 +1038,7 @@ WERROR reg_open_path(TALLOC_CTX *mem_ctx, const char *orig_path,
*p = '\0';
- err = reg_openhive(mem_ctx, path, SEC_RIGHTS_ENUM_SUBKEYS, token,
+ err = reg_openhive(mem_ctx, path, KEY_ENUMERATE_SUB_KEYS, token,
&hive);
if (!W_ERROR_IS_OK(err)) {
SAFE_FREE(path);
@@ -1209,7 +1209,7 @@ WERROR reg_create_path(TALLOC_CTX *mem_ctx, const char *orig_path,
err = reg_openhive(mem_ctx, path,
(strchr(p+1, '\\') != NULL) ?
- SEC_RIGHTS_ENUM_SUBKEYS : SEC_RIGHTS_CREATE_SUBKEY,
+ KEY_ENUMERATE_SUB_KEYS : KEY_CREATE_SUB_KEY,
token, &hive);
if (!W_ERROR_IS_OK(err)) {
SAFE_FREE(path);
@@ -1249,7 +1249,7 @@ WERROR reg_delete_path(const struct nt_user_token *token,
err = reg_openhive(NULL, path,
(strchr(p+1, '\\') != NULL) ?
- SEC_RIGHTS_ENUM_SUBKEYS : SEC_RIGHTS_CREATE_SUBKEY,
+ KEY_ENUMERATE_SUB_KEYS : KEY_CREATE_SUB_KEY,
token, &hive);
if (!W_ERROR_IS_OK(err)) {
SAFE_FREE(path);
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index 722a0a3..daf6871 100644
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -41,7 +41,7 @@ static NTSTATUS name_to_sid(struct rpc_pipe_client *cli,
}
result = rpccli_lsa_open_policy(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
goto done;
@@ -166,7 +166,7 @@ static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli,
switch (info_class) {
case 12:
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
@@ -179,7 +179,7 @@ static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli,
break;
default:
result = rpccli_lsa_open_policy(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
@@ -219,7 +219,7 @@ static NTSTATUS cmd_lsa_lookup_names(struct rpc_pipe_client *cli,
}
result = rpccli_lsa_open_policy(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
@@ -267,7 +267,7 @@ static NTSTATUS cmd_lsa_lookup_names_level(struct rpc_pipe_client *cli,
}
result = rpccli_lsa_open_policy(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
@@ -319,7 +319,7 @@ static NTSTATUS cmd_lsa_lookup_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem
}
result = rpccli_lsa_open_policy(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
@@ -459,7 +459,7 @@ static NTSTATUS cmd_lsa_enum_privilege(struct rpc_pipe_client *cli,
pref_max_length=atoi(argv[2]);
result = rpccli_lsa_open_policy(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
@@ -511,7 +511,7 @@ static NTSTATUS cmd_lsa_get_dispname(struct rpc_pipe_client *cli,
}
result = rpccli_lsa_open_policy(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
@@ -564,7 +564,7 @@ static NTSTATUS cmd_lsa_enum_sids(struct rpc_pipe_client *cli,
pref_max_length=atoi(argv[2]);
result = rpccli_lsa_open_policy(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
@@ -617,7 +617,7 @@ static NTSTATUS cmd_lsa_create_account(struct rpc_pipe_client *cli,
goto done;
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&dom_pol);
if (!NT_STATUS_IS_OK(result))
@@ -665,7 +665,7 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct rpc_pipe_client *cli,
goto done;
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&dom_pol);
if (!NT_STATUS_IS_OK(result))
@@ -727,7 +727,7 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli,
goto done;
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&dom_pol);
if (!NT_STATUS_IS_OK(result))
@@ -776,7 +776,7 @@ static NTSTATUS cmd_lsa_add_acct_rights(struct rpc_pipe_client *cli,
goto done;
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&dom_pol);
if (!NT_STATUS_IS_OK(result))
@@ -829,7 +829,7 @@ static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli,
goto done;
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&dom_pol);
if (!NT_STATUS_IS_OK(result))
@@ -879,7 +879,7 @@ static NTSTATUS cmd_lsa_lookup_priv_value(struct rpc_pipe_client *cli,
}
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
@@ -921,7 +921,7 @@ static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
}
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (argc == 2)
@@ -999,7 +999,7 @@ static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli,
struct policy_handle pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
DOM_SID dom_sid;
- uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
union lsa_TrustedDomainInfo *info = NULL;
enum lsa_TrustDomInfoEnum info_class = 1;
uint8_t nt_hash[16];
@@ -1047,7 +1047,7 @@ static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli,
{
struct policy_handle pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
union lsa_TrustedDomainInfo *info = NULL;
enum lsa_TrustDomInfoEnum info_class = 1;
struct lsa_String trusted_domain;
@@ -1095,7 +1095,7 @@ static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli,
{
struct policy_handle pol, trustdom_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
union lsa_TrustedDomainInfo *info = NULL;
DOM_SID dom_sid;
enum lsa_TrustDomInfoEnum info_class = 1;
@@ -1164,7 +1164,7 @@ static NTSTATUS cmd_lsa_get_username(struct rpc_pipe_client *cli,
}
result = rpccli_lsa_open_policy(cli, mem_ctx, true,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result)) {
@@ -1214,7 +1214,7 @@ static NTSTATUS cmd_lsa_add_priv(struct rpc_pipe_client *cli,
}
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
--
Samba Shared Repository
More information about the samba-cvs
mailing list