public static extern BOOL EqualPrefixSid(PSID pSid1, PSID pSid2);
public static extern BOOL IsValidSid(PSID pSid);
public static extern PUCHAR GetSidSubAuthorityCount(PSID pSid);
/// <summary>Returns the length, in bytes, of a valid security identifier (SID).</summary> /// <param name="pSid">A pointer to the SID structure whose length is returned. The structure is assumed to be valid.</param> /// <returns> /// If the SID structure is valid, the return value is the length, in bytes, of the SID structure. If the SID structure is not valid, /// the return value is 0. /// </returns> public static int Length(this PSID pSid) => AdvApi32.IsValidSid(pSid) ? AdvApi32.GetLengthSid(pSid) : 0;
internal static extern DWORD GetSecurityInfo(
SafeFileHandle handle,
ObjectType objectType,
SecurityInformationClass infoClass,
PSID owner,
PSID group,
PACL dacl,
PACL sacl,
out PSECURITY_DESCRIPTOR securityDescriptor);
public static extern BOOL GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor, out PSID pOwner, out BOOL lpbOwnerDefaulted );
/// <summary>Gets the binary form of the SID structure.</summary> /// <param name="pSid">The SID structure pointer.</param> /// <returns>The binary form (byte array) of the SID structure.</returns> public static byte[] GetBinaryForm(this PSID pSid) => pSid.IsValidSid() ? ((IntPtr)pSid).ToArray <byte>(pSid.Length()) : (new byte[0]);
public static extern PSID_IDENTIFIER_AUTHORITY GetSidIdentifierAuthority(PSID pSid);
public static extern BOOL EqualPrefixSid(PSID pSid1, PSID pSid2);
public static extern PDWORD GetSidSubAuthority(PSID pSid, DWORD nSubAuthority);
public static extern PUCHAR GetSidSubAuthorityCount(PSID pSid);
public static extern BOOL IsValidSid(PSID pSid);
public static extern DWORD GetLengthSid(PSID pSid);
public Sid(PSID psid) : this(psid, "")
{
}
public static extern BOOL LookupAccountSid( string lpSystemName, PSID Sid, [Out] char[] Name, ref DWORD cchName, [Out] char [] ReferencedDomainName, ref DWORD cchReferencedDomainName, out SID_NAME_USE peUse);
public static extern BOOL InitializeSid(PSID Sid, [In] ref SID_IDENTIFIER_AUTHORITY pIdentifierAuthority, UCHAR nSubAuthorityCount);
public static extern BOOL ConvertSidToStringSid(PSID Sid, out IntPtr StringSid);
public static extern BOOL ConvertSidToStringSid(PSID Sid, out IntPtr StringSid);
/// <summary>Determines equality of two PSID instances.</summary> /// <param name="psid1">The first PSID.</param> /// <param name="psid2">The second PSID.</param> /// <returns><see langword="true"/> if the SID structures are equal; <see langword="false"/> otherwise.</returns> public static bool Equals(this PSID psid1, PSID psid2) => AdvApi32.EqualSid(psid1, psid2);
public static extern BOOL GetSecurityDescriptorGroup(
PSECURITY_DESCRIPTOR pSecurityDescriptor,
out PSID pGroup,
out BOOL lpbGroupDefaulted
);
/// <summary> /// Validates a security identifier (SID) by verifying that the revision number is within a known range, and that the number of /// subauthorities is less than the maximum. /// </summary> /// <param name="pSid">A pointer to the SID structure to validate. This parameter cannot be NULL.</param> /// <returns> /// If the SID structure is valid, the return value is <see langword="true"/>. If the SID structure is not valid, the return value is <see langword="false"/>. /// </returns> public static bool IsValidSid(this PSID pSid) => AdvApi32.IsValidSid(pSid);
public static extern BOOL GetSecurityDescriptorOwner(
PSECURITY_DESCRIPTOR pSecurityDescriptor,
out PSID pOwner,
out BOOL lpbOwnerDefaulted
);
public Sid(PSID psid, string machineName)
{
_machineName = machineName;
_psid = CopySid(psid);
}
public static extern BOOL CopySid(
DWORD nDestinationSidLength,
PSID pDestinationSid,
PSID pSourceSid
);
public static extern DWORD GetLengthSid(PSID pSid);
public static extern BOOL SetSecurityDescriptorGroup(
PSECURITY_DESCRIPTOR pSecurityDescriptor,
PSID pGroup,
BOOL bGroupDefaulted
);
public static extern PDWORD GetSidSubAuthority(PSID pSid, DWORD nSubAuthority);
public static extern BOOL SetSecurityDescriptorOwner(
PSECURITY_DESCRIPTOR pSecurityDescriptor,
PSID pOwner,
BOOL bOwnerDefaulted
);
public static extern PSID_IDENTIFIER_AUTHORITY GetSidIdentifierAuthority(PSID pSid);
/// <summary>
/// Gets the effective permissions for the provided Sid within the Security Descriptor.
/// </summary>
/// <param name="pUserSid">A pointer to the Sid of the identity to check.</param>
/// <param name="serverName">Name of the server. This can be <c>null</c>.</param>
/// <param name="pSecurityDescriptor">A pointer to the security descriptor.</param>
/// <returns>An array of access masks.</returns>
public virtual ACCESS_MASK[] GetEffectivePermission(PSID pUserSid, string serverName, PSECURITY_DESCRIPTOR pSecurityDescriptor)
{
ACCESS_MASK mask = pUserSid.GetEffectiveRights(pSecurityDescriptor);
return(new[] { mask });
}
public static extern BOOL InitializeSid(PSID Sid, [In]ref SID_IDENTIFIER_AUTHORITY pIdentifierAuthority, UCHAR nSubAuthorityCount);
/// <summary>
/// Gets the effective permissions for the provided Sid within the Security Descriptor.
/// Called only when an object type identifier is specified.
/// </summary>
/// <param name="objTypeId">The object type identifier.</param>
/// <param name="pUserSid">A pointer to the Sid of the identity to check.</param>
/// <param name="serverName">Name of the server. This can be <c>null</c>.</param>
/// <param name="pSecurityDescriptor">A pointer to the security descriptor.</param>
/// <param name="objectTypeList">The object type list.</param>
/// <param name="grantedAccessList">An array of access masks.</param>
/// <returns></returns>
/// <exception cref="System.NotImplementedException"></exception>
public virtual HRESULT GetEffectivePermission(Guid objTypeId, PSID pUserSid, string serverName, PSECURITY_DESCRIPTOR pSecurityDescriptor, out OBJECT_TYPE_LIST[] objectTypeList, out ACCESS_MASK[] grantedAccessList)
{
objectTypeList = null;
grantedAccessList = null;
return(HRESULT.E_NOTIMPL);
}
public static extern BOOL LookupAccountName( string lpSystemName, string lpAccountName, PSID Sid, ref DWORD cbSid, [Out] char[] DomainName, ref DWORD cbDomainName, out SID_NAME_USE peUse );
/// <summary>Indicates whether the current object is equal to another object of the same type.</summary> /// <param name="other">An object to compare with this object.</param> /// <returns>true if the current object is equal to the <paramref name="other"/> parameter; otherwise, false.</returns> public bool Equals(PSID other) => Equals(other.DangerousGetHandle());
public static extern BOOL GetSecurityDescriptorGroup( PSECURITY_DESCRIPTOR pSecurityDescriptor, out PSID pGroup, out BOOL lpbGroupDefaulted );
public static extern bool LogonUserEx(string lpszUserName, string lpszDomain, string lpszPassword, LogonUserType dwLogonType, LogonUserProvider dwLogonProvider,
out SafeHTOKEN phObject, out PSID ppLogonSid, out SafeLsaReturnBufferHandle ppProfileBuffer, out uint pdwProfileLength, out QUOTA_LIMITS pQuotaLimits);
private byte[] CopySid(PSID psid)
{
BOOL rc = Win32.IsValidSid(psid);
Win32.CheckCall(rc);
DWORD cbLength = Win32.GetLengthSid(psid);
byte[] psidBytes = new byte[cbLength];
Marshal.Copy(psid, psidBytes, 0, (int)cbLength);
return psidBytes;
}
/// <summary>
/// Gets the effective permissions for the provided Sid within the Security Descriptor.
/// Called only when an object type identifier is specified.
/// </summary>
/// <param name="objTypeId">The object type identifier.</param>
/// <param name="pUserSid">A pointer to the Sid of the identity to check.</param>
/// <param name="serverName">Name of the server. This can be <c>null</c>.</param>
/// <param name="pSecurityDescriptor">A pointer to the security descriptor.</param>
/// <param name="objectTypeList">The object type list.</param>
/// <returns>An array of access masks.</returns>
/// <exception cref="System.NotImplementedException"></exception>
public virtual uint[] GetEffectivePermission(Guid objTypeId, PSID pUserSid, string serverName, PSECURITY_DESCRIPTOR pSecurityDescriptor, out OBJECT_TYPE_LIST[] objectTypeList)
{
throw new NotImplementedException();
}
public Sid(PSID psid, string machineName)
{
_machineName = machineName;
_psid = CopySid(psid);
}
public Sid(PSID psid) : this(psid, "")
{
}
public static extern DWORD SetSecurityInfo( HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl);
public static extern DWORD GetNamedSecurityInfo( LPCTSTR pObjectName, //REVIEW: Why is it documented as LPTSTR SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, ref PSID ppsidOwner, ref PSID ppsidGroup, ref PACL ppDacl, ref PACL ppSacl, ref PSECURITY_DESCRIPTOR ppSecurityDescriptor);
public static extern DWORD GetSecurityInfo( HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, ref PSID ppsidOwner, ref PSID ppsidGroup, ref PACL ppDacl, ref PACL ppSacl, ref PSECURITY_DESCRIPTOR ppSecurityDescriptor);
public static extern BOOL SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID pOwner, BOOL bOwnerDefaulted );
public static extern BOOL SetSecurityDescriptorGroup( PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID pGroup, BOOL bGroupDefaulted );
public static extern BOOL CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid );
public static extern BOOL MakeAbsoluteSD( PSECURITY_DESCRIPTOR pSelfRelativeSD, PSECURITY_DESCRIPTOR pAbsoluteSD, ref DWORD lpdwAbsoluteSDSize, PACL pDacl, ref DWORD lpdwDaclSize, PACL pSacl, ref DWORD lpdwSaclSize, PSID pOwner, ref DWORD lpdwOwnerSize, PSID pPrimaryGroup, ref DWORD lpdwPrimaryGroupSize );
