From fac01bda8bb4f52b930496c362f55aca5b112240 Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Thu, 29 Nov 2001 16:05:05 +0000 Subject: Changed again how the privilege list is handled in the group mapping code. This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP struct as some privilege showing in USRMGR.EXE are not real privs but a bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT 3.1 box to verify, but I'm too lazy (yes I still have my CDs). Added 3 more LSA calls: SetSystemAccount, AddPrivileges and RemovePrivileges, we can manage all this privilege from UserManager. Time to change the NT_USER_TOKEN struct and add checks in all the rpc functions. Fun, fun, fun. J.F. (This used to be commit 3f0a9ef2b8c626cfa2878394bb7b642342342bf3) --- source3/include/mapping.h | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'source3/include/mapping.h') diff --git a/source3/include/mapping.h b/source3/include/mapping.h index 9a64eefa563..4a7db6360d1 100644 --- a/source3/include/mapping.h +++ b/source3/include/mapping.h @@ -33,13 +33,21 @@ #define ENUM_ONLY_MAPPED True #define ENUM_ALL_MAPPED False +#define PR_NONE 0x0000 +#define PR_LOG_ON_LOCALLY 0x0001 +#define PR_ACCESS_FROM_NETWORK 0x0002 +#define PR_LOG_ON_BATCH_JOB 0x0004 +#define PR_LOG_ON_SERVICE 0x0010 + + typedef struct _GROUP_MAP { gid_t gid; DOM_SID sid; enum SID_NAME_USE sid_name_use; fstring nt_name; fstring comment; - uint32 privileges[PRIV_ALL_INDEX]; + uint32 systemaccount; + PRIVILEGE_SET priv_set; } GROUP_MAP; typedef struct _PRIVS { -- cgit