/// <summary>
/// Enumerates the accounts in the policy with the specified privilege.
/// This requires LookupNames, ViewLocalInformation and usually
/// administrator access.
/// </summary>
/// <param name="privilegeName">The name of the required privilege.</param>
/// <param name="callback">The callback for the enumeration.</param>
public void EnumAccountsWithPrivilege(string privilegeName, EnumAccountsDelegate callback)
{
NtStatus status;
UnicodeString privilegeNameStr;
IntPtr buffer;
int count;
privilegeNameStr = new UnicodeString(privilegeName);
try
{
if ((status = Win32.LsaEnumerateAccountsWithUserRight(
this,
ref privilegeNameStr,
out buffer,
out count
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
privilegeNameStr.Dispose();
}
Sid[] sids = new Sid[count];
using (var bufferAlloc = new LsaMemoryAlloc(buffer))
{
for (int i = 0; i < count; i++)
{
if (!callback(new Sid(bufferAlloc.ReadIntPtr(0, i))))
{
break;
}
}
}
}
/// <summary>
/// Enumerates the accounts in the policy. This requires
/// ViewLocalInformation access.
/// </summary>
/// <param name="callback">The callback for the enumeration.</param>
public void EnumAccounts(EnumAccountsDelegate callback)
{
NtStatus status;
int enumerationContext = 0;
IntPtr buffer;
int count;
while (true)
{
status = Win32.LsaEnumerateAccounts(
this,
ref enumerationContext,
out buffer,
0x100,
out count
);
if (status == NtStatus.NoMoreEntries)
{
break;
}
if (status >= NtStatus.Error)
{
Win32.Throw(status);
}
using (var bufferAlloc = new LsaMemoryAlloc(buffer))
{
for (int i = 0; i < count; i++)
{
if (!callback(new Sid(bufferAlloc.ReadIntPtr(0, i))))
{
return;
}
}
}
}
}
