private string ConvertToNTAccount(SecurityIdentifier securityIdentifier)
{
try
{
return(securityIdentifier?.Translate(typeof(NTAccount)).Value);
}
catch
{
return(null);
}
}
private static void OpenPort()
{
InformationManager.ShowInquiry(
new ("BLT Overlay",
$"For the BLT Overlay Browser Source to work it needs to reserve " +
$"port {Port}, and allow it via the Windows Firewall.\nThis requires administrator privileges, " +
$"which will be requested after you press Ok.\nIf successful, you won't see this popup again.",
true, false, "Okay", null,
() =>
{
// To remove them again:
// netsh http delete urlacl url={UrlBinding}
// netsh advfirewall firewall delete rule name=BLTOverlay
// netsh http delete urlacl url=http://*:8087/ & netsh advfirewall firewall delete rule name=BLTOverlay
try
{
// Get the translated version of the "everyone" user account
var sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
var account = (NTAccount)sid?.Translate(typeof(NTAccount));
var proc = Process.Start(new ProcessStartInfo("cmd.exe")
{
Arguments =
$"/c netsh http add urlacl url={UrlBinding} user={account?.Value ?? "everyone"} " +
$"& netsh advfirewall firewall add rule name=BLTOverlay dir=in action=allow protocol=TCP localport={Port}",
UseShellExecute = true,
Verb = "runas"
});
proc?.WaitForExit(5000);
InformationManager.ShowInquiry(
new ("BLT Overlay",
$"Configuration Successful!\nYou can now access the overlay at {UrlRoot}.\nYou can find this link again on the Authorize tab in the BLT Configure window.",
true, false, "Okay", null,
Start, () => {}), true);
}
catch (Exception e)
{
InformationManager.ShowInquiry(
new ("BLT Overlay",
$"Configuration FAILED:\n \"{e.Message}\"\nYou may not be able to access the overlay.\nReport this problem in the discord.",
true, false, "Okay", null,
() => {}, () => {}), true);
Log.Exception($"{nameof(BLTOverlay)}.{nameof(OpenPort)}", e, noRethrow: true);
}
}, () => {}), true);
}
public CustomPrincipal(WindowsIdentity winIdentity)
{
this.identity = winIdentity;
/// define list of roles based on Windows groups (roles)
foreach (IdentityReference group in this.identity.Groups)
{
SecurityIdentifier sid = (SecurityIdentifier)group.Translate(typeof(SecurityIdentifier));
var name = sid.Translate(typeof(NTAccount));
string groupName = Formatter.ParseName(name.ToString()); /// return name of the Windows group
if (!roles.ContainsKey(groupName))
{
roles.Add(groupName, RolesConfig.GetPermissions(groupName));
}
}
}
/// <summary>
/// Opens up file access for Everyone at FullAccess.
/// </summary>
public static void UpdateFileSecurity(string filePath)
{
if (!IsReallyVista() || !IsElevated())
{
return;
}
SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
NTAccount act = (NTAccount)sid.Translate(typeof(NTAccount));
FileSecurity sec = File.GetAccessControl(filePath);
FileSystemAccessRule fsar = new FileSystemAccessRule(act, FileSystemRights.FullControl, AccessControlType.Allow);
sec.AddAccessRule(fsar);
File.SetAccessControl(filePath, sec);
}
////////////////////////////////////////////////////////////////////////////////
// Elevates current process to SYSTEM
////////////////////////////////////////////////////////////////////////////////
public Boolean GetSystem()
{
SecurityIdentifier securityIdentifier = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null);
NTAccount systemAccount = (NTAccount)securityIdentifier.Translate(typeof(NTAccount));
Console.WriteLine("[*] Searching for {0}", systemAccount.ToString());
processes = Enumeration.EnumerateUserProcesses(false, systemAccount.ToString());
foreach (UInt32 process in processes.Keys)
{
if (ImpersonateUser((Int32)process))
{
return(true);
}
}
return(false);
}
public PipeRemotingServer(string channelName, string serviceUri, int port, object remotingObject)
{
IDictionary props = new Hashtable();
SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);
string usersGroup = sid.Translate(typeof(NTAccount)).ToString();
props["pipe"] = serviceUri;
this.remotingObject = remotingObject;
SecureServerChannelSinkProvider sSink = GetSecureServerSink();
pipeChannel = new PipeServerChannel(props, sSink);
RemotingConfiguration.CustomErrorsMode = CustomErrorsModes.Off;
RemotingConfiguration.RegisterWellKnownServiceType(remotingObject.GetType(), serviceUri, WellKnownObjectMode.Singleton);
}
public MyPrincipal(WindowsIdentity identity)
{
Identity = identity;
foreach (IdentityReference group in identity.Groups)
{
SecurityIdentifier sid = (SecurityIdentifier)group.Translate(typeof(SecurityIdentifier));
var name = sid.Translate(typeof(NTAccount));
if (name.Value.Contains("Admin"))
{
if (!Prms.Contains("ExchangeSessionKey"))
{
Prms.Add("ExchangeSessionKey");
}
if (!Prms.Contains("RunService"))
{
Prms.Add("RunService");
}
Groups.Add("Admin");
Prms.Add("ModifyBlackList");
}
else if (name.Value.Contains("Client"))
{
if (!Prms.Contains("ExchangeSessionKey"))
{
Prms.Add("ExchangeSessionKey");
}
Groups.Add("Client");
}
else if (name.Value.Contains("Executor"))
{
if (!Prms.Contains("ExchangeSessionKey"))
{
Prms.Add("ExchangeSessionKey");
}
if (!Prms.Contains("RunService"))
{
Prms.Add("RunService");
}
Groups.Add("Executor");
}
}
}
/// <summary>
/// retrieve the local machine network service account name
/// </summary>
/// <returns>account name</returns>
public static string GetNetworkServiceAccountName()
{
var accountName = "NT AUTHORITY\\NETWORK SERVICE";
try
{
var sid = new SecurityIdentifier(WellKnownSidType.NetworkServiceSid, null);
var account = sid.Translate(typeof(NTAccount)) as NTAccount;
accountName = account.Value;
}
catch (Exception exc)
{
Trace.TraceWarning("Failed to retrieve network service account ({0})", exc);
}
return(accountName);
}
/// <summary>
/// retrieve the local machine administrators group name
/// </summary>
/// <returns>group name</returns>
public static string GetAdministratorsGroupName()
{
var groupName = "Administrators";
try
{
var sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
var account = sid.Translate(typeof(NTAccount)) as NTAccount;
groupName = account.ToString().Substring(account.ToString().LastIndexOf("\\") + 1, account.ToString().Length - account.ToString().LastIndexOf("\\") - 1);
}
catch (Exception exc)
{
Trace.TraceWarning("Failed to retrieve administrators group ({0})", exc);
}
return(groupName);
}
/// <summary>
/// retrieve the local machine users group name
/// </summary>
/// <returns>group name</returns>
public static string GetUsersGroupName()
{
var groupName = "Users";
try
{
var sid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);
var account = sid.Translate(typeof(NTAccount)) as NTAccount;
groupName = account.ToString();
}
catch (Exception exc)
{
Trace.TraceWarning("Failed to retrieve users group ({0})", exc);
}
return(groupName);
}
public IdentityReference2(string value)
{
if (string.IsNullOrEmpty(value))
{
throw new ArgumentException("The value cannot be empty");
}
var sidMatch = sidValidation.Match(value);
if (!string.IsNullOrEmpty(sidMatch.Value))
{
//creating a SecurityIdentifier should always work if the string is in the right format
try
{
sid = new SecurityIdentifier(sidMatch.Value);
}
catch (Exception ex)
{
throw new InvalidCastException("Could not create an IdentityReference2 with the given SID", ex);
}
//this is only going to work if the SID can be resolved
try
{
ntAccount = (NTAccount)sid.Translate(typeof(NTAccount));
}
catch (Exception ex)
{
lastError = ex.Message;
}
}
else
{
try
{
//creating an NTAccount always works, the OS does not verify the name
ntAccount = new NTAccount(value);
//verification si done by translating the name into a SecurityIdentifier (SID)
sid = (SecurityIdentifier)ntAccount.Translate(typeof(SecurityIdentifier));
}
catch (IdentityNotMappedException ex)
{
throw ex;
}
}
}
public CustomPrincipal(WindowsIdentity winIndentity)
{
this.identity = winIndentity;
foreach (IdentityReference group in this.identity.Groups)
{
SecurityIdentifier sid = (SecurityIdentifier)group.Translate(typeof(SecurityIdentifier));
var name = sid.Translate(typeof(NTAccount));
string groupName = Formatter.ParseName(name.ToString());
if (groupName == "Reader" || groupName == "AlarmGenerator" || groupName == "AlarmAdmin")
{
roles.Add(groupName, RolesConfig.GetPermissions(groupName));
}
}
}
/// <summary>
/// Takes ownership of a file or folder.
/// </summary>
/// <param name="fileOrFolder">The file/folder you wish to take ownership of</param>
/// <returns></returns>
public static bool TakeOwnership(string fileOrFolder)
{
try
{
var sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
var account = (NTAccount)sid.Translate(typeof(NTAccount));
if (File.Exists(fileOrFolder))
{
var fInfo = new FileInfo(fileOrFolder);
var nAccRule = new FileSystemAccessRule(account.Value, FileSystemRights.FullControl,
AccessControlType.Allow);
var fSecurity = fInfo.GetAccessControl(AccessControlSections.Owner);
fSecurity.SetOwner(new NTAccount(account.Value));
fInfo.SetAccessControl(fSecurity);
fSecurity.AddAccessRule(nAccRule);
fInfo.SetAccessControl(fSecurity);
return(true);
}
if (Directory.Exists(fileOrFolder))
{
var dInfo = new DirectoryInfo(fileOrFolder);
var fSecurity = dInfo.GetAccessControl(AccessControlSections.All);
fSecurity.SetOwner(account);
dInfo.SetAccessControl(fSecurity);
fSecurity.AddAccessRule(new FileSystemAccessRule(account, FileSystemRights.FullControl,
InheritanceFlags.ContainerInherit |
InheritanceFlags.ObjectInherit,
PropagationFlags.None, AccessControlType.Allow));
dInfo.SetAccessControl(fSecurity);
return(true);
}
}
catch (Exception ex)
{
}
return(false);
}
private void IdentifyCallback(PVOID IdentifyCallbackContext, HRESULT OperationStatus,
WINBIO_UNIT_ID UnitId, WINBIO_IDENTITY Identity, WINBIO_BIOMETRIC_SUBTYPE SubFactor,
WINBIO_REJECT_DETAIL RejectDetail)
{
switch (OperationStatus)
{
case S_OK:
{
var accountSid = Identity.Value.AccountSid[0];
var sid = new SecurityIdentifier(accountSid.Data.ToArray(accountSid.Size), 0);
IdentityReference user = sid.Translate(typeof(NTAccount));
if (user != null)
{
IdentifySuccess(this, new AuthenticationSuccessEventArgs(user, (WinBioFinger)(int)SubFactor));
}
else
{
IdentifyFailed(this, new AuthenticationFailedEventArgs(WinBioError.NoAccount, WinBioRejectDetail.None));
}
break;
}
case WINBIO_E_UNKNOWN_ID:
{
IdentifyFailed(this, new AuthenticationFailedEventArgs(WinBioError.UnknownId, (WinBioRejectDetail)(int)RejectDetail));
break;
}
case WINBIO_E_BAD_CAPTURE:
{
IdentifyFailed(this, new AuthenticationFailedEventArgs(WinBioError.BadCapture, (WinBioRejectDetail)(int)RejectDetail));
break;
}
case WINBIO_E_CANCELED: break;
default:
{
IdentifyFailed(this, new AuthenticationFailedEventArgs(WinBioError.Failed, (WinBioRejectDetail)(int)RejectDetail));
break;
}
}
}
private void SetIpcChannel()
{
// Get SID code for the Built in Administrators group
SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null);
// Get the NT account related to the SID
NTAccount account = sid.Translate(typeof(NTAccount)) as NTAccount;
IDictionary sProperties = new Hashtable();
sProperties["portName"] = SvcConfiguration.IpcUriHost;
sProperties["authorizedGroup"] = account.Value;
BinaryServerFormatterSinkProvider serverProvider = new BinaryServerFormatterSinkProvider();
IpcServerChannel channel = new IpcServerChannel(sProperties, serverProvider);
ChannelServices.RegisterChannel(channel, true);
}
static bool ConvertSidToUserNameAndStringSid(IntPtr sidBuffer, out string userName, out string userSid)
{
bool ret = true;
IntPtr sidStringPtr = IntPtr.Zero;
string sidString = string.Empty;
userName = string.Empty;
userSid = string.Empty;
try
{
if (FilterAPI.ConvertSidToStringSid(sidBuffer, out sidStringPtr))
{
sidString = Marshal.PtrToStringAuto(sidStringPtr);
SecurityIdentifier secIdentifier = new SecurityIdentifier(sidString);
IdentityReference reference = secIdentifier.Translate(typeof(NTAccount));
userName = reference.Value;
userSid = secIdentifier.ToString();
}
else
{
string errorMessage = "Convert sid to sid string failed, error code:" + Marshal.GetLastWin32Error();
Console.WriteLine(errorMessage);
}
}
catch (Exception ex)
{
string errorMessage = string.Format("Convert sid to user name got exception:{0}", ex.Message);
Console.WriteLine(errorMessage);
userName = errorMessage;
ret = false;
}
finally
{
if (sidStringPtr != null && sidStringPtr != IntPtr.Zero)
{
IntPtr res = FilterAPI.LocalFree(sidStringPtr);
}
}
return(ret);
}
public IpcRemotingServer(string channelName, string serviceUri, int port, object remotingObject)
{
IDictionary props = new Hashtable();
SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);
string usersGroup = sid.Translate(typeof(NTAccount)).ToString();
props["authorizedGroup"] = usersGroup;
//props["channelName"] = channelName;
props["portName"] = port.ToString();
props["exclusiveAddressUse"] = false;
this.remotingObject = remotingObject;
SecureServerChannelSinkProvider sSink = GetSecureServerSink();
ipcChannel = new IpcServerChannel(props, sSink);
RemotingConfiguration.CustomErrorsMode = CustomErrorsModes.Off;
RemotingConfiguration.RegisterWellKnownServiceType(remotingObject.GetType(), serviceUri, WellKnownObjectMode.Singleton);
}
internal static DirectoryEntry GetLocalAdminGroup(string serverName)
{
SecurityIdentifier securityIdentifier = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
NTAccount ntaccount = (NTAccount)securityIdentifier.Translate(typeof(NTAccount));
string[] array = ntaccount.Value.Split(new char[]
{
'\\'
}, 2);
string name = array[1];
DirectoryEntry result;
using (DirectoryEntry directoryEntry = new DirectoryEntry("WinNT://" + serverName + ",computer"))
{
DirectoryEntry directoryEntry2 = directoryEntry.Children.Find(name, "group");
result = directoryEntry2;
}
return(result);
}
/// <summary>
/// Registeres server side Ipc remoting channel for all users.
/// </summary>
public static void RegisterServer()
{
SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
NTAccount account = (NTAccount)sid.Translate(typeof(NTAccount));
System.Collections.IDictionary properties = new System.Collections.Hashtable();
properties["portName"] = ChannelName;
properties["authorizedGroup"] = account.ToString();
properties["typeFilterLevel"] = System.Runtime.Serialization.Formatters.TypeFilterLevel.Full;
BinaryClientFormatterSinkProvider clientProvider = new BinaryClientFormatterSinkProvider();
BinaryServerFormatterSinkProvider serverProvider = new BinaryServerFormatterSinkProvider();
serverProvider.TypeFilterLevel = System.Runtime.Serialization.Formatters.TypeFilterLevel.Full;
ChannelServices.RegisterChannel(new IpcChannel(properties, clientProvider, serverProvider), true);
RemotingConfiguration.RegisterWellKnownServiceType(typeof(HE853.Device), InterfaceName, WellKnownObjectMode.Singleton);
}
private string GetSidDisplayName(SecurityIdentifier sid)
{
try
{
NTAccount adminGroup = (NTAccount)sid.Translate(typeof(NTAccount));
return(adminGroup.Value);
}
catch
{
try
{
return(this.directory.TranslateName(sid.ToString(), AccessManager.Interop.DsNameFormat.SecurityIdentifier, AccessManager.Interop.DsNameFormat.Nt4Name));
}
catch
{
return(sid.ToString());;
}
}
}
private void SetFullControl(string filename)
{
if (File.Exists(filename))
{
try
{
FileSecurity secur = File.GetAccessControl(filename);
SecurityIdentifier networkService = new SecurityIdentifier("S-1-1-0"); // Tout le monde
IdentityReference networkServiceIdentity = networkService.Translate(typeof(NTAccount));
secur.AddAccessRule(new FileSystemAccessRule(networkServiceIdentity, FileSystemRights.FullControl, AccessControlType.Allow));
File.SetAccessControl(filename, secur);
}
catch { }
}
}
/// <summary>
/// Gets the domain information from the specified SID
/// </summary>
/// <param name="sid">The binary representation of the SID</param>
/// <returns>The domain information, in the format requested by the <see cref="Format">format</see> parameter</returns>
private object GetDomainSid(byte[] sid)
{
SecurityIdentifier sidObject = new SecurityIdentifier(sid, 0);
SecurityIdentifier domainSid = sidObject.AccountDomainSid;
switch (this.Format)
{
case DomainFormat.DomainSidString:
return(domainSid.Value);
case DomainFormat.DomainSidBinary:
byte[] domainSidBytes = new byte[domainSid.BinaryLength];
domainSid.GetBinaryForm(domainSidBytes, 0);
return(domainSidBytes);
case DomainFormat.DomainName:
if (!SidToDomainTransform.resolvedNames.ContainsKey(domainSid))
{
string name;
try
{
NTAccount account = (NTAccount)sidObject.Translate(typeof(NTAccount));
name = account.ToString().Split('\\')[0];
}
catch
{
name = null;
}
SidToDomainTransform.resolvedNames.Add(domainSid, name);
return(name);
}
else
{
return(SidToDomainTransform.resolvedNames[domainSid]);
}
default:
throw new NotSupportedException();
}
}
private List <string> GetUserMembership()
{
List <string> SIDs = new List <string>();
IntPtr accountToken = WindowsIdentity.GetCurrent().Token;
WindowsIdentity windowsIdentity = new WindowsIdentity(accountToken);
SecurityIdentifier SIDGroup;
string groupName;
//User SID
SIDs.Add(windowsIdentity.Owner.ToString());
IdentityReferenceCollection irc = windowsIdentity.Groups;
foreach (IdentityReference ir in irc)
{
groupName = "";
SIDGroup = new SecurityIdentifier(ir.Value);
SIDs.Add(ir.Value);
try
{
groupName = SIDGroup.Translate(typeof(NTAccount)).Value;
AppLogger.WriteLine("User is member of " + groupName);
} catch
{
AppLogger.WriteLine("Error translating SID/GroupName");
continue;
}
if (groupName == Environment.MachineName + @"\" + Constants.LOCAL_SECURITYGROUP_NAME)
{
AppLogger.WriteLine("Enabling Composition for User");
_isMemberOfDesignatedGroup = true;
}
SIDGroup = null;
}
windowsIdentity.Dispose();
return(SIDs);
}
/// <summary>
/// Gets the member info.
/// </summary>
/// <param name="sid">The sid.</param>
/// <param name="memberName">Name of the member.</param>
/// <param name="isLocal">if set to <c>true</c> [is local].</param>
public static void GetMemberInfo(string sid, out string memberName, out bool isLocal)
{
try
{
SecurityIdentifier SID = new SecurityIdentifier(sid);
//SearchResult sr = null;
NTAccount nta = ((NTAccount)SID.Translate(typeof(NTAccount)));
isLocal = (nta.Value.StartsWith(Environment.MachineName));
memberName = nta.Value;
//if (SID.AccountDomainSid.Equals(SID)) //!=null
//{
// DirectoryEntry root = DirectoryServicesUtils.newDirectoryEntry("LDAP://" + SqlAzManStorage.RootDSEPath);
// DirectorySearcher ds = new DirectorySearcher(root, String.Format("(&(objectSid={0}))", sid));
// sr = ds.FindOne();
//}
//if (sr != null)
//{
// DirectoryEntry de = sr.GetDirectoryEntry();
// isLocal = false;
// memberName = (string)de.Properties["samaccountname"].Value;
// if (String.IsNullOrEmpty(memberName))
// {
// isLocal = false;
// //NTAccount nta = (NTAccount)SID.Translate(typeof(NTAccount));
// memberName = nta.Value;
// }
//}
//else
//{
// isLocal = true;
// //NTAccount nta = (NTAccount)SID.Translate(typeof(NTAccount));
// memberName = nta.Value;
//}
}
catch (Exception ex)
{
memberName = sid;
isLocal = false;
new NetSqlAzMan.Logging.LoggingUtility().WriteWarning(null, ex.Message + "\r\nSid: " + sid);
}
}
public CustomPrincipal(WindowsIdentity windowsIdentity)
{
this.windowsIdentity = windowsIdentity;
_permisions = new HashSet <permisions>();
var _groups = this.windowsIdentity.Groups;
foreach (var item in _groups)
{
SecurityIdentifier sid = (SecurityIdentifier)item.Translate(typeof(SecurityIdentifier));
var name = sid.Translate(typeof(NTAccount));
var temp = name.ToString();
if (name.Value.Contains("\\"))
{
temp = name.ToString().Split('\\')[1];
}
if (temp == "Admiri")
{
if (!_permisions.Contains(permisions.Admiri))
{
_permisions.Add(permisions.Admiri);
}
}
else if (temp == "Radnik")
{
if (!_permisions.Contains(permisions.Radnik))
{
_permisions.Add(permisions.Radnik);
}
}
else if (temp == "Korisnik")
{
if (!_permisions.Contains(permisions.Korisnik))
{
_permisions.Add(permisions.Korisnik);
}
}
}
}
// Wichtig: Die rückgabe hier muss die gleiche sein wie bei GetCommiterUniqueName(Changset) damit ein Changset mapping für eine TeamFoundationIdentity funktioniert
public static string GetUniqueName(this TeamFoundationIdentity identity)
{
PropertyInfo propertyInfo = identity.GetType().GetProperty("UniqueName");
if (propertyInfo != null)
{
return(ExposedObject.From(identity).UniqueName);
}
try
{
var identifier = new SecurityIdentifier(identity.Descriptor.Identifier);
var ntAccount = (NTAccount)(identifier.Translate(typeof(NTAccount)));
return(ntAccount.ToString());
}
catch (Exception)
{
return(identity.DisplayName);
}
}
// Token: 0x0600005D RID: 93 RVA: 0x00006194 File Offset: 0x00004394
public static object KillKeys(RegistryKey wat)
{
try
{
SecurityIdentifier securityIdentifier = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
NTAccount ntaccount = securityIdentifier.Translate(typeof(NTAccount)) as NTAccount;
string identity = ntaccount.ToString();
RegistrySecurity registrySecurity = new RegistrySecurity();
registrySecurity.AddAccessRule(new RegistryAccessRule(identity, RegistryRights.ExecuteKey, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Deny));
registrySecurity.AddAccessRule(new RegistryAccessRule(identity, RegistryRights.Delete | RegistryRights.ChangePermissions | RegistryRights.TakeOwnership, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Deny));
wat.SetAccessControl(registrySecurity);
wat.Close();
}
catch (Exception ex)
{
}
object result;
return(result);
}
/// <summary>
/// Whether or not given SID can be resolved to a symbolic name within connected
/// domains and local machine.
/// </summary>
/// <param name="sid"></param>
/// <returns></returns>
public bool IsSIDResolvableWithoutLookup(SecurityIdentifier sid)
{
bool retval = false;
string sidString = sid.ToString();
try {
if (_resolvedWithoutLookup.ContainsKey(sidString))
{
retval = _resolvedWithoutLookup[sidString];
}
else if (sid.Translate(typeof(NTAccount)) is NTAccount)
{
retval = true;
}
} catch {
}
// could not translate SID to nt account, thus it belongs to a remote host or domain
_resolvedWithoutLookup[sidString] = retval;
return(retval);
}
private Task CreateHelperTask(string toExecute, string fullPath)
{
var sid = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, WindowsIdentity.GetCurrent().User.AccountDomainSid);
var account = sid.Translate(typeof(NTAccount));
var username = account.Value;
return(TaskService.Instance.AddTask(
_wu10TaskPath,
new TimeTrigger()
{
StartBoundary = DateTime.Now, Enabled = false
},
new ExecAction(
@"powershell",
$" -command \"& {{ {toExecute} -TaskName '{fullPath}' }}\"",
Environment.CurrentDirectory),
userId: username,
logonType: TaskLogonType.ServiceAccount,
description: "Task used by Wu10Man to enable other tasks"));
}
private static string TryGetUsername(SecurityIdentifier securityIdentifier)
{
string username;
try
{
username = ((NTAccount)securityIdentifier.Translate(typeof(NTAccount))).Value;
}
catch (IdentityNotMappedException)
{
return(null);
}
if (username.StartsWith(MachineNamePrefix, StringComparison.OrdinalIgnoreCase))
{
return(username.Substring(MachineNamePrefix.Length));
}
return(username);
}