/// <summary> /// Method to convert the Sids into string format. /// </summary> public static void ConvertSidsToString() { WellknownSidStrings = new string[WellknownSecurityPrincipalMaxCount]; StringBuilder sidString = new StringBuilder(); for (int counter = 0; counter < WellknownSecurityPrincipalMaxCount; counter++) { if (LsatAdapter.TranslatedWellknownSids.Value.Sids[counter].DomainIndex != -1) { _RPC_SID counterSid = LsatAdapter.TranslatedWellknownSids.Value.Sids[counter].Sid[0]; sidString.Append("S-"); sidString.Append(counterSid.Revision); sidString.Append("-"); sidString.Append(Convert.ToInt32( counterSid.IdentifierAuthority.Value[IdentifierAuthorityCount - 1])); for (int index = 0; index < counterSid.SubAuthorityCount; index++) { sidString.Append("-"); sidString.Append(counterSid.SubAuthority[index]); } WellknownSidStrings[counter] = Convert.ToString(sidString); sidString.Remove(0, sidString.Length); } } }
public static KERB_SID_AND_ATTRIBUTES[] GetResourceGroupExtraSids(string domainName, NetworkCredential cred, uint resourceGroupCount, Group[] resourceGroups) { LdapConnection connection = new LdapConnection(domainName); connection.Credential = cred; KERB_SID_AND_ATTRIBUTES[] resourceGroupExtraSids = new KERB_SID_AND_ATTRIBUTES[resourceGroupCount]; for (int i = 0; i < resourceGroupCount; i++) { string dn = GetDomainDnFromDomainName(domainName); string targetOu = dn; string filter = "cn=" + resourceGroups[i].GroupName; SearchRequest searchRequest = new SearchRequest(targetOu, filter, SearchScope.Subtree, "objectSid"); SearchResponse searchResponse = (SearchResponse)connection.SendRequest(searchRequest); if (searchResponse.Entries.Count > 1) { throw new Exception("There are more than one entries with the same resourceGroupName."); } SearchResultAttributeCollection groupAttributes = searchResponse.Entries[0].Attributes; string[] tmp = GetobjectSid(groupAttributes).Split('-'); _RPC_SID resourceGroupSid = new _RPC_SID(); resourceGroupSid.Revision = 0x01; resourceGroupSid.IdentifierAuthority = new _RPC_SID_IDENTIFIER_AUTHORITY(); resourceGroupSid.IdentifierAuthority.Value = new byte[] { 0, 0, 0, 0, 0, 5 }; resourceGroupSid.SubAuthorityCount = Convert.ToByte(tmp.Length - 3); resourceGroupSid.SubAuthority = new uint[tmp.Length - 3]; for (int j = 3; j < tmp.Length; j++) { resourceGroupSid.SubAuthority[j - 3] = Convert.ToUInt32(tmp[j]); } resourceGroupExtraSids[i] = new KERB_SID_AND_ATTRIBUTES(); resourceGroupExtraSids[i].Attributes = Attributes_Values.Mandatory | Attributes_Values.EnabledByDefault | Attributes_Values.Enabled | Attributes_Values.Resource; resourceGroupExtraSids[i].SID = new _RPC_SID[1]; resourceGroupExtraSids[i].SID[0] = resourceGroupSid; } return(resourceGroupExtraSids); }
/// <summary> /// Initializes the SID of the Domain. /// </summary> public static _RPC_SID[] GetSid(string sid) { _RPC_SID[] sidToInitialize = new _RPC_SID[1]; int index = 1; string sidString = string.Empty; if ((sid == "TrustObject1") || (sid == "CollisionObject")) { sidString = ValisSid; } else { sidString = TestSid; } char[] delimiter = new char[1]; delimiter[0] = '-'; string[] SubAuthorities = sidString.Split(delimiter); sidToInitialize[0].Revision = Convert.ToByte(SubAuthorities[index++]); sidToInitialize[0].IdentifierAuthority = new _RPC_SID_IDENTIFIER_AUTHORITY(); sidToInitialize[0].IdentifierAuthority.Value = new byte[IDENTIFIER_AUTHORITY_VALUES]; sidToInitialize[0].IdentifierAuthority.Value[0] = (byte)Value_Values.NULL_SID_AUTHORITY; sidToInitialize[0].IdentifierAuthority.Value[1] = (byte)Value_Values.NULL_SID_AUTHORITY; sidToInitialize[0].IdentifierAuthority.Value[2] = (byte)Value_Values.NULL_SID_AUTHORITY; sidToInitialize[0].IdentifierAuthority.Value[3] = (byte)Value_Values.NULL_SID_AUTHORITY; sidToInitialize[0].IdentifierAuthority.Value[4] = (byte)Value_Values.NULL_SID_AUTHORITY; sidToInitialize[0].IdentifierAuthority.Value[5] = Convert.ToByte(SubAuthorities[index++]); sidToInitialize[0].SubAuthorityCount = Convert.ToByte(SubAuthorities.Length - index); sidToInitialize[0].SubAuthority = new uint[sidToInitialize[0].SubAuthorityCount]; for (int i = 0; i < (SubAuthorities.Length - index); i++) { sidToInitialize[0].SubAuthority[i] = Convert.ToUInt32(SubAuthorities[i + index]); } return(sidToInitialize); }