s4:samba-tool/gpo: set the same security.descriptor type as the Windows GUI

author Stefan Metzmacher <metze@samba.org>

Thu, 29 Nov 2012 08:57:44 +0000 (09:57 +0100)

committer Stefan Metzmacher <metze@samba.org>

Mon, 18 Feb 2019 10:31:19 +0000 (11:31 +0100)
author Stefan Metzmacher <metze@samba.org>
Thu, 29 Nov 2012 08:57:44 +0000 (09:57 +0100)
committer Stefan Metzmacher <metze@samba.org>
Mon, 18 Feb 2019 10:31:19 +0000 (11:31 +0100)
diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py

index 95fe5d6d439b9b5b167a543c22cc4812ad2cdfc5..277c5725a1ed1c273c06465542a7eed91b44733d 100644 (file)
--- a/python/samba/netcmd/gpo.py
+++ b/python/samba/netcmd/gpo.py
@@ -1234,8 +1234,12 @@ class cmd_create(GPOCommand):
  
              # Create a file system security descriptor
              domain_sid = security.dom_sid(self.samdb.get_domain_sid())
-            sddl = dsacl2fsacl(ds_sd, domain_sid)
-            fs_sd = security.descriptor.from_sddl(sddl, domain_sid)
+            fs_sd = dsacl2fsacl(ds_sd, domain_sid, as_sddl=False)
+            fs_sd.type = security.SEC_DESC_SELF_RELATIVE
+            fs_sd.type |= security.SEC_DESC_DACL_PROTECTED
+            fs_sd.type |= security.SEC_DESC_DACL_AUTO_INHERITED
+            fs_sd.type |= security.SEC_DESC_DACL_AUTO_INHERIT_REQ
+            fs_sd.type |= security.SEC_DESC_SACL_AUTO_INHERITED
  
              # Copy GPO directory
              create_directory_hier(conn, sharepath)
author	Stefan Metzmacher <metze@samba.org>
	Thu, 29 Nov 2012 08:57:44 +0000 (09:57 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Mon, 18 Feb 2019 10:31:19 +0000 (11:31 +0100)