archive
/
windows-nt-4.0
mirror of https://github.com/lianthony/NT4.0
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Windows NT 4.0 source code leak
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
184 MiB
 
 
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-nt-4.0/private/net/ui/admin/user/doc/opright.txt

131 lines
5.0 KiB
Raw Permalink Blame History

/**********************************************************************/
/** Microsoft LAN Manager **/
/** Copyright(c) Microsoft Corp., 1991 **/
/**********************************************************************/
/*
opright.txt
This file describes how the admins/users/guests and
operator right groups will function in the User Tool.
FILE HISTORY:
rustanl 15-Aug-1991 Created based on 13-Aug-1991
discussion with davidtu.
*/
GROUP LISTBOX, MAIN WINDOW
For both down-level and up-level, add the groups returned by
NetGroupEnum.
SET SELECTION DIALOG
Display a list of the very same groups that are displayed
in the group listbox in the main window. Use NetGroupGetUsers
to determine which users are in the group selected.
GROUP MEMBER ROSTER "SET CONTROL", GROUP PROPERTY DIALOG
Note for the BLT-illiterate: The Set Control is the dual
listbox with a set of Add and Remove buttons. It displays
a set of items, and lets the user select a subset of these.
(End of Note for the BLT-illiterate.)
For the set, use the users displayed in the user listbox
in the main window.
For down-level, if the selected group is one of A/U/G (ADMINS,
USERS, or GUESTS), the set control is disabled (made read-only)
(i.e., disable the set control so that group memberships cannot
be modified). Do not call NetGroupSetUsers on these groups.
For up-level, if the selected group is one of A/U/G (DOMAIN_ADMINS,
DOMAIN_USERS, or DOMAIN_GUESTS) or is one of the in NT1 6
special operator right groups, the set control is disabled.
Do not call NetGroupSetUsers on these groups.
USER GROUP MEMBERSHIP "SET CONTROL", USER SUB-PROPERTY DIALOG
Include in the set all groups displayed in the group listbox
in the main window. For down-level, also include four
specially named groups (named below); for up-level, include
no other groups.
The special down-level groups will correspond to the 4 operator
rights that the UAS supports today (account, server, print,
and comm operator rights). The names of these groups will
resemble the names of the equivalent groups in SAM, except
that the names will in some way be extended beyond GNLEN.
This way, it is guaranteed that the current UAS group doesn't
already include these group names.
Parenthesis: It would be nice to simply be able to prepend
some special character to these names. That special character
would then have to be one that wouldn't normally be valid
characters for a group name in the UAS. Unfortunately,
I_NetNameValidate given NAMETYPE_GROUP only checks the length
of the name--not the characters themselves. Therefore,
the only way to make an invalid UAS group name is to break
the length requirement, hence extend the length of the
name beyond GNLEN. For historical reasons, the text below
will refer to a name which begins with a $-sign. This is
used to refer to these special groups, which only occur in
the down-level case. (End of Parenthesis.)
Each of the $-groups will be placed in the right hand listbox
exactly when all selected users are in group USERS and
have the corresponding operator right.
During dialog operation, if one of the A/U/G groups is selected,
or if a group beginning with a $ is selected when the USERS
group does not appear in the left listbox, then the set control
will be disabled. (When none of these groups is selected,
the set control is always enabled.)
To commit the information of each user, non-$ groups are treated
by calling NetUserSetGroups. If the $-groups have changed,
NetUserSetInfo, level 2, is used to set the operator rights.
Implementation note: The internal USER2 objects need to be
updated both for up-level and down-level. However, WriteInfo
is only called on these objects for down-level.
(End of Implementation note.)
Note: The $-groups will only appear in the User Tool when
admining down-level, and then they will only appear in this
dialog. (End of Note.)
ACCOUNT INFORMATION DIALOG, USER SUB-PROPERTY DIALOG
The Account Information dialog will provide a set of
radio buttons, corresponding to the A/U/G groups (or "priv levels",
for those of the readers who remember down-level lingo).
These radio buttons are set according to the "priv" field
retrieved from NetUserGetInfo.
Note: This is *the* place in the User Tool where membership
in these groups can be set. (End of Note.)
This dialog does not feature a set of check boxes used to
select operator rights.
Note: Recall, setting operator rights is available in *one*
other place, viz. the Group Membership, User Sub-Property dialog.
(End of Note.)
Implementation note: The internal USER_MEMB objects need to be
updated both for up-level and down-level.
(End of Implementation note.)
// end of opright.txt