public bool UserSessionIsInList(int sessionID)
{
SecurityIdentifier sid = LsaLogonSessions.LogonSessions.GetSidForSessionId(sessionID);
if (sid != null)
{
EncryptedSettings encryptedSettings = new EncryptedSettings(EncryptedSettings.SettingsFilePath);
return(encryptedSettings.ContainsSID(sid));
}
else
{
return(false);
}
}
/// <summary>
/// Returns a value indicating whether a user is in the
/// list of added users.
/// </summary>
/// <returns>
/// Returns true if the given user is already in the list of added
/// users. Otherwise, false is returned.
/// </returns>
public bool UserIsInList()
{
WindowsIdentity userIdentity = null;
if (ServiceSecurityContext.Current != null)
{
userIdentity = ServiceSecurityContext.Current.WindowsIdentity;
}
if (userIdentity != null)
{
EncryptedSettings encryptedSettings = new EncryptedSettings(EncryptedSettings.SettingsFilePath);
return(encryptedSettings.ContainsSID(userIdentity.User));
}
else
{
return(false);
}
}
/// <summary>
/// Executes when a change event is received from a Terminal Server session.
/// </summary>
/// <param name="changeDescription">
/// Identifies the type of session change and the session to which it applies.
/// </param>
protected override void OnSessionChange(SessionChangeDescription changeDescription)
{
switch (changeDescription.Reason)
{
// The user has logged off from a session, either locally or remotely.
case SessionChangeReason.SessionLogoff:
EncryptedSettings encryptedSettings = new EncryptedSettings(EncryptedSettings.SettingsFilePath);
System.Collections.Generic.List <SecurityIdentifier> sidsToRemove = new System.Collections.Generic.List <SecurityIdentifier>(encryptedSettings.AddedUserSIDs);
int[] sessionIds = LsaLogonSessions.LogonSessions.GetLoggedOnUserSessionIds();
// For any user that is still logged on, remove their SID from the list of
// SIDs to be removed from Administrators. That is, let the users who are still
// logged on stay in the Administrators group.
foreach (int id in sessionIds)
{
SecurityIdentifier sid = LsaLogonSessions.LogonSessions.GetSidForSessionId(id);
if (sid != null)
{
if (sidsToRemove.Contains(sid))
{
sidsToRemove.Remove(sid);
}
}
}
// Process the list of SIDs to be removed from Administrators.
for (int i = 0; i < sidsToRemove.Count; i++)
{
if (
// If the user is not remote.
(!(encryptedSettings.ContainsSID(sidsToRemove[i]) && encryptedSettings.IsRemote(sidsToRemove[i])))
&&
// If admin rights are to be removed on logoff, or the user's rights do not expire.
(Settings.RemoveAdminRightsOnLogout || !encryptedSettings.GetExpirationTime(sidsToRemove[i]).HasValue)
)
{
LocalAdministratorGroup.RemoveUser(sidsToRemove[i], RemovalReason.UserLogoff);
}
}
/*
* In theory, this code should remove the user associated with the logoff, but it doesn't work.
* SecurityIdentifier sid = LsaLogonSessions.LogonSessions.GetSidForSessionId(changeDescription.SessionId);
* if (!(UserList.ContainsSID(sid) && UserList.IsRemote(sid)))
* {
* LocalAdministratorGroup.RemoveUser(sid, RemovalReason.UserLogoff);
* }
*/
break;
// The user has logged on to a session, either locally or remotely.
case SessionChangeReason.SessionLogon:
WindowsIdentity userIdentity = LsaLogonSessions.LogonSessions.GetWindowsIdentityForSessionId(changeDescription.SessionId);
if (userIdentity != null)
{
NetNamedPipeBinding binding = new NetNamedPipeBinding(NetNamedPipeSecurityMode.Transport);
ChannelFactory <IAdminGroup> namedPipeFactory = new ChannelFactory <IAdminGroup>(binding, Settings.NamedPipeServiceBaseAddress);
IAdminGroup channel = namedPipeFactory.CreateChannel();
bool userIsAuthorizedForAutoAdd = channel.UserIsAuthorized(Settings.AutomaticAddAllowed, Settings.AutomaticAddDenied);
namedPipeFactory.Close();
// If the user is in the automatic add list, then add them to the Administrators group.
if (
(Settings.AutomaticAddAllowed != null) &&
(Settings.AutomaticAddAllowed.Length > 0) &&
(userIsAuthorizedForAutoAdd /*UserIsAuthorized(userIdentity, Settings.AutomaticAddAllowed, Settings.AutomaticAddDenied)*/)
)
{
LocalAdministratorGroup.AddUser(userIdentity, null, null);
}
}
else
{
ApplicationLog.WriteEvent(Properties.Resources.UserIdentifyIsNull, EventID.DebugMessage, System.Diagnostics.EventLogEntryType.Warning);
}
break;
/*
* // The user has reconnected or logged on to a remote session.
* case SessionChangeReason.RemoteConnect:
* ApplicationLog.WriteInformationEvent(string.Format("Remote connect. Session ID: {0}", changeDescription.SessionId), EventID.SessionChangeEvent);
* break;
*/
/*
* // The user has disconnected or logged off from a remote session.
* case SessionChangeReason.RemoteDisconnect:
* ApplicationLog.WriteInformationEvent(string.Format("Remote disconnect. Session ID: {0}", changeDescription.SessionId), EventID.SessionChangeEvent);
* break;
*/
/*
* // The user has locked their session.
* case SessionChangeReason.SessionLock:
* ApplicationLog.WriteInformationEvent(string.Format("Session lock. Session ID: {0}", changeDescription.SessionId), EventID.SessionChangeEvent);
* break;
*/
/*
* // The user has unlocked their session.
* case SessionChangeReason.SessionUnlock:
* ApplicationLog.WriteInformationEvent(string.Format("Session unlock. Session ID: {0}", changeDescription.SessionId), EventID.SessionChangeEvent);
* break;
*/
}
base.OnSessionChange(changeDescription);
}