public static IEnumerable <object> Get_NetLocalGroup(Args_Get_NetLocalGroup args = null)
{
if (args == null)
{
args = new Args_Get_NetLocalGroup();
}
var LogonToken = IntPtr.Zero;
if (args.Credential != null)
{
LogonToken = InvokeUserImpersonation.Invoke_UserImpersonation(new Args_Invoke_UserImpersonation
{
Credential = args.Credential
});
}
var LocalGroups = new List <object>();
foreach (var Computer in args.ComputerName)
{
if (args.Method == MethodType.API)
{
// if we're using the Netapi32 NetLocalGroupEnum API call to get the local group information
// arguments for NetLocalGroupEnum
var QueryLevel = 1;
var PtrInfo = IntPtr.Zero;
var EntriesRead = 0;
var TotalRead = 0;
var ResumeHandle = 0;
// get the local user information
var Result = NativeMethods.NetLocalGroupEnum(Computer, QueryLevel, out PtrInfo, MAX_PREFERRED_LENGTH, out EntriesRead, out TotalRead, ref ResumeHandle);
// locate the offset of the initial intPtr
var Offset = PtrInfo.ToInt64();
// 0 = success
if ((Result == 0) && (Offset > 0))
{
// Work out how much to increment the pointer by finding out the size of the structure
var Increment = Marshal.SizeOf(typeof(LOCALGROUP_INFO_1));
// parse all the result structures
for (var i = 0; (i < EntriesRead); i++)
{
// create a new int ptr at the given offset and cast the pointer as our result structure
var NewIntPtr = new System.IntPtr(Offset);
var Info = (LOCALGROUP_INFO_1)Marshal.PtrToStructure(NewIntPtr, typeof(LOCALGROUP_INFO_1));
LocalGroups.Add(new LocalGroupAPI
{
ComputerName = Computer,
GroupName = Info.lgrpi1_name,
Comment = Info.lgrpi1_comment
});
Offset = NewIntPtr.ToInt64();
Offset += Increment;
}
// free up the result buffer
NativeMethods.NetApiBufferFree(PtrInfo);
}
else
{
Logger.Write_Verbose($@"[Get-NetLocalGroup] Error: {new System.ComponentModel.Win32Exception((int)Result).Message}");
}
}
else
{
// otherwise we're using the WinNT service provider
var ComputerProvider = new System.DirectoryServices.DirectoryEntry($@"WinNT://{Computer},computer");
foreach (System.DirectoryServices.DirectoryEntry LocalGroup in ComputerProvider.Children)
{
if (LocalGroup.SchemaClassName.Equals("group", StringComparison.OrdinalIgnoreCase))
{
var Group = new LocalGroupWinNT
{
ComputerName = Computer,
GroupName = LocalGroup.Name,
SID = new System.Security.Principal.SecurityIdentifier((byte[])LocalGroup.InvokeGet("objectsid"), 0).Value,
Comment = LocalGroup.InvokeGet("Description").ToString()
};
LocalGroups.Add(Group);
}
}
}
}
if (LogonToken != IntPtr.Zero)
{
InvokeRevertToSelf.Invoke_RevertToSelf(LogonToken);
}
return(LocalGroups);
}
public static IEnumerable <object> Get_NetLocalGroup(Args_Get_NetLocalGroup args = null)
{
return(GetNetLocalGroup.Get_NetLocalGroup(args));
}
