]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9f167b9)
netcmd: models: add default SDDL to group_msa_membership
authorRob van der Linde <rob@catalyst.net.nz>
Mon, 19 Feb 2024 01:47:57 +0000 (14:47 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Fri, 1 Mar 2024 04:45:36 +0000 (04:45 +0000)
LA can be used for the administrator and Windows will expand that on save, making the group_sddl method redundant.

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
python/samba/netcmd/domain/models/user.py patch | blob | blame | history

diff --git a/python/samba/netcmd/domain/models/user.py b/python/samba/netcmd/domain/models/user.py
index 1af9576f6430bde47adbb622794d3035e300b86d..95b300e297043780116c5418f1d30e62695af143 100644 (file)
--- a/python/samba/netcmd/domain/models/user.py
+++ b/python/samba/netcmd/domain/models/user.py
@@ -99,7 +99,8 @@ class GroupManagedServiceAccount(User):
     """A GroupManagedServiceAccount is a type of User with additional fields."""
     managed_password_interval = IntegerField("msDS-ManagedPasswordInterval")
     dns_host_name = StringField("dNSHostName")
-    group_msa_membership = SDDLField("msDS-GroupMSAMembership")
+    group_msa_membership = SDDLField("msDS-GroupMSAMembership",
+                                     default="O:BAD:(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;LA)")
     managed_password_id = BinaryField("msDS-ManagedPasswordId",
                                       readonly=True, hidden=True)
     managed_password_previous_id = BinaryField("msDS-ManagedPasswordPreviousId",
Mirror of https://github.com/samba-team/samba.git