Hi This patch implements the un-, marshalling of the RPC SetSecObj and returns NT_STATUS_NOT_IMPLEMENTED, so that the function can be implemented more easily later on.
One of the places where the RPC call SetSecObj() is needed, is in usrmgr.exe to set the flag "User cannot change password". This is accomplished by changing the SD of the user to not include the "change password" access bit in the appropriate ace. Currently there is no possibility to store a SD per SAM object and therefore this patch only returns NT_STATUS_NOT_IMPLEMENTED. But with the plans for redesigning the SAM backends this functionality will hopefully be added in some backends, so that the goal of complete NT PDC functionality will come a little bit closer. Kai
samr_set_sec_obj.diff
Description: Binary data
