internal ForestTrustDomainInformation(int flag, LSA_FOREST_TRUST_DOMAIN_INFO domainInfo, LARGE_INTEGER time)
{
_status = (ForestTrustDomainStatus)flag;
DnsName = Marshal.PtrToStringUni(domainInfo.DNSNameBuffer, domainInfo.DNSNameLength / 2);
NetBiosName = Marshal.PtrToStringUni(domainInfo.NetBIOSNameBuffer, domainInfo.NetBIOSNameLength / 2);
string sidLocal;
global::Interop.BOOL result = global::Interop.Advapi32.ConvertSidToStringSid(domainInfo.sid, out sidLocal);
if (result == global::Interop.BOOL.FALSE)
{
throw ExceptionHelper.GetExceptionFromErrorCode(Marshal.GetLastWin32Error());
}
DomainSid = sidLocal;
this.time = time;
}
public void Save()
{
int count = 0;
IntPtr records = (IntPtr)0;
int currentCount = 0;
IntPtr tmpPtr = (IntPtr)0;
IntPtr forestInfo = (IntPtr)0;
SafeLsaPolicyHandle?handle = null;
IntPtr collisionInfo = (IntPtr)0;
ArrayList ptrList = new ArrayList();
ArrayList sidList = new ArrayList();
bool impersonated = false;
IntPtr target = (IntPtr)0;
string? serverName = null;
IntPtr fileTime = (IntPtr)0;
// first get the count of all the records
int toplevelNamesCount = TopLevelNames.Count;
int excludedNamesCount = ExcludedTopLevelNames.Count;
int trustedDomainCount = TrustedDomainInformation.Count;
int binaryDataCount = _binaryData.Count;
checked
{
count += toplevelNamesCount;
count += excludedNamesCount;
count += trustedDomainCount;
count += binaryDataCount;
// allocate the memory for all the records
records = Marshal.AllocHGlobal(count * IntPtr.Size);
}
try
{
try
{
IntPtr ptr = (IntPtr)0;
fileTime = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(FileTime)));
UnsafeNativeMethods.GetSystemTimeAsFileTime(fileTime);
// set the time
FileTime currentTime = new FileTime();
Marshal.PtrToStructure(fileTime, currentTime);
for (int i = 0; i < toplevelNamesCount; i++)
{
// now begin to construct top leve name record
LSA_FOREST_TRUST_RECORD record = new LSA_FOREST_TRUST_RECORD();
record.Flags = (int)_topLevelNames[i].Status;
record.ForestTrustType = LSA_FOREST_TRUST_RECORD_TYPE.ForestTrustTopLevelName;
TopLevelName TLN = _topLevelNames[i];
record.Time = TLN.time;
ptr = Marshal.StringToHGlobalUni(TLN.Name);
ptrList.Add(ptr);
UnsafeNativeMethods.RtlInitUnicodeString(out record.TopLevelName, ptr);
tmpPtr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(LSA_FOREST_TRUST_RECORD)));
ptrList.Add(tmpPtr);
Marshal.StructureToPtr(record, tmpPtr, false);
Marshal.WriteIntPtr(records, IntPtr.Size * currentCount, tmpPtr);
currentCount++;
}
for (int i = 0; i < excludedNamesCount; i++)
{
// now begin to construct excluded top leve name record
LSA_FOREST_TRUST_RECORD record = new LSA_FOREST_TRUST_RECORD();
record.Flags = 0;
record.ForestTrustType = LSA_FOREST_TRUST_RECORD_TYPE.ForestTrustTopLevelNameEx;
if (_excludedNameTime.Contains(_excludedNames[i] !))
{
record.Time = (LARGE_INTEGER)_excludedNameTime[i] !;
}
else
{
record.Time = new LARGE_INTEGER();
record.Time.lowPart = currentTime.lower;
record.Time.highPart = currentTime.higher;
}
ptr = Marshal.StringToHGlobalUni(_excludedNames[i]);
ptrList.Add(ptr);
UnsafeNativeMethods.RtlInitUnicodeString(out record.TopLevelName, ptr);
tmpPtr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(LSA_FOREST_TRUST_RECORD)));
ptrList.Add(tmpPtr);
Marshal.StructureToPtr(record, tmpPtr, false);
Marshal.WriteIntPtr(records, IntPtr.Size * currentCount, tmpPtr);
currentCount++;
}
for (int i = 0; i < trustedDomainCount; i++)
{
// now begin to construct domain info record
LSA_FOREST_TRUST_RECORD record = new LSA_FOREST_TRUST_RECORD();
record.Flags = (int)_domainInfo[i].Status;
record.ForestTrustType = LSA_FOREST_TRUST_RECORD_TYPE.ForestTrustDomainInfo;
ForestTrustDomainInformation tmp = _domainInfo[i];
record.Time = tmp.time;
IntPtr pSid = (IntPtr)0;
global::Interop.BOOL result = global::Interop.Advapi32.ConvertStringSidToSid(tmp.DomainSid, out pSid);
if (result == global::Interop.BOOL.FALSE)
{
throw ExceptionHelper.GetExceptionFromErrorCode(Marshal.GetLastWin32Error());
}
record.DomainInfo.sid = pSid;
sidList.Add(pSid);
record.DomainInfo.DNSNameBuffer = Marshal.StringToHGlobalUni(tmp.DnsName);
ptrList.Add(record.DomainInfo.DNSNameBuffer);
record.DomainInfo.DNSNameLength = (short)(tmp.DnsName == null ? 0 : tmp.DnsName.Length * 2); // sizeof(WCHAR)
record.DomainInfo.DNSNameMaximumLength = (short)(tmp.DnsName == null ? 0 : tmp.DnsName.Length * 2);
record.DomainInfo.NetBIOSNameBuffer = Marshal.StringToHGlobalUni(tmp.NetBiosName);
ptrList.Add(record.DomainInfo.NetBIOSNameBuffer);
record.DomainInfo.NetBIOSNameLength = (short)(tmp.NetBiosName == null ? 0 : tmp.NetBiosName.Length * 2);
record.DomainInfo.NetBIOSNameMaximumLength = (short)(tmp.NetBiosName == null ? 0 : tmp.NetBiosName.Length * 2);
tmpPtr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(LSA_FOREST_TRUST_RECORD)));
ptrList.Add(tmpPtr);
Marshal.StructureToPtr(record, tmpPtr, false);
Marshal.WriteIntPtr(records, IntPtr.Size * currentCount, tmpPtr);
currentCount++;
}
for (int i = 0; i < binaryDataCount; i++)
{
LSA_FOREST_TRUST_RECORD record = new LSA_FOREST_TRUST_RECORD();
record.Flags = 0;
record.Time = (LARGE_INTEGER)_binaryDataTime[i] !;
record.Data.Length = ((byte[])_binaryData[i] !).Length;
record.ForestTrustType = (LSA_FOREST_TRUST_RECORD_TYPE)_binaryRecordType[i] !;
if (record.Data.Length == 0)
{
record.Data.Buffer = (IntPtr)0;
}
else
{
record.Data.Buffer = Marshal.AllocHGlobal(record.Data.Length);
ptrList.Add(record.Data.Buffer);
Marshal.Copy((byte[])_binaryData[i] !, 0, record.Data.Buffer, record.Data.Length);
}
tmpPtr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(LSA_FOREST_TRUST_RECORD)));
ptrList.Add(tmpPtr);
Marshal.StructureToPtr(record, tmpPtr, false);
Marshal.WriteIntPtr(records, IntPtr.Size * currentCount, tmpPtr);
currentCount++;
}
// finally construct the LSA_FOREST_TRUST_INFORMATION
LSA_FOREST_TRUST_INFORMATION trustInformation = new LSA_FOREST_TRUST_INFORMATION();
trustInformation.RecordCount = count;
trustInformation.Entries = records;
forestInfo = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(LSA_FOREST_TRUST_INFORMATION)));
Marshal.StructureToPtr(trustInformation, forestInfo, false);
// get policy server name
serverName = Utils.GetPolicyServerName(context, true, true, SourceName);
// do impersonation first
impersonated = Utils.Impersonate(context);
// get the policy handle
handle = Utils.GetPolicyHandle(serverName);
// get the target name
global::Interop.UNICODE_STRING trustedDomainName;
target = Marshal.StringToHGlobalUni(TargetName);
UnsafeNativeMethods.RtlInitUnicodeString(out trustedDomainName, target);
// call the unmanaged function
uint error = UnsafeNativeMethods.LsaSetForestTrustInformation(handle, trustedDomainName, forestInfo, 1, out collisionInfo);
if (error != 0)
{
throw ExceptionHelper.GetExceptionFromErrorCode((int)global::Interop.Advapi32.LsaNtStatusToWinError(error), serverName);
}
// there is collision, throw proper exception so user can deal with it
if (collisionInfo != (IntPtr)0)
{
throw ExceptionHelper.CreateForestTrustCollisionException(collisionInfo);
}
// commit the changes
error = UnsafeNativeMethods.LsaSetForestTrustInformation(handle, trustedDomainName, forestInfo, 0, out collisionInfo);
if (error != 0)
{
throw ExceptionHelper.GetExceptionFromErrorCode((int)error, serverName);
}
// now next time property is invoked, we need to go to the server
retrieved = false;
}
