netcmd: models: add SDDL fields to AuthenticationPolicy model

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/python/samba/netcmd/domain/models/auth_policy.py b/python/samba/netcmd/domain/models/auth_policy.py
index dec8bb2619040f3eb2ff821e7c8da903a3f4b27e..df9f936ffa881f9b944ea39a22f02f940eb331e2 100644 (file)
--- a/python/samba/netcmd/domain/models/auth_policy.py
+++ b/python/samba/netcmd/domain/models/auth_policy.py
@@ -23,7 +23,8 @@
 from enum import IntEnum
 from ldb import Dn
 
-from .fields import BooleanField, EnumField, IntegerField, StringField
+from .fields import (BooleanField, EnumField, IntegerField, SDDLField,
+                     StringField)
 from .model import Model
 
 # Ticket-Granting-Ticket lifetimes.
@@ -56,6 +57,16 @@ class AuthenticationPolicy(Model):
         "msDS-ServiceAllowedNTLMNetworkAuthentication")
     service_tgt_lifetime = IntegerField("msDS-ServiceTGTLifetime")
     computer_tgt_lifetime = IntegerField("msDS-ComputerTGTLifetime")
+    user_allowed_to_authenticate_from = SDDLField(
+        "msDS-UserAllowedToAuthenticateFrom")
+    user_allowed_to_authenticate_to = SDDLField(
+        "msDS-UserAllowedToAuthenticateTo")
+    service_allowed_to_authenticate_from = SDDLField(
+        "msDS-ServiceAllowedToAuthenticateFrom")
+    service_allowed_to_authenticate_to = SDDLField(
+        "msDS-ServiceAllowedToAuthenticateTo")
+    computer_allowed_to_authenticate_to = SDDLField(
+        "msDS-ComputerAllowedToAuthenticateTo")
 
     @staticmethod
     def get_base_dn(ldb):