Ejemplo n.º 1
0
        // // local system if systemName is null
        public LsaWrapper(string systemName)
        {
            LSA_OBJECT_ATTRIBUTES lsaAttr;
            lsaAttr.RootDirectory = IntPtr.Zero;
            lsaAttr.ObjectName = IntPtr.Zero;
            lsaAttr.Attributes = 0;
            lsaAttr.SecurityDescriptor = IntPtr.Zero;
            lsaAttr.SecurityQualityOfService = IntPtr.Zero;
            lsaAttr.Length = Marshal.SizeOf(typeof(LSA_OBJECT_ATTRIBUTES));
            lsaHandle = IntPtr.Zero;
            LSA_UNICODE_STRING[] system = null;
            if (systemName != null)
            {
                system = new LSA_UNICODE_STRING[1];
                system[0] = InitLsaString(systemName);
            }

            uint ret = Win32Sec.LsaOpenPolicy(system, ref lsaAttr,
            (int)Access.POLICY_ALL_ACCESS, out lsaHandle);
            if (ret == 0)
                return;
            if (ret == STATUS_ACCESS_DENIED)
            {
                throw new UnauthorizedAccessException();
            }
            if ((ret == STATUS_INSUFFICIENT_RESOURCES) || (ret == STATUS_NO_MEMORY))
            {
                throw new OutOfMemoryException();
            }
            throw new Win32Exception(Win32Sec.LsaNtStatusToWinError((int)ret));
        }
Ejemplo n.º 2
0
 internal static extern uint LsaOpenPolicy(
     LSA_UNICODE_STRING[] SystemName,
     ref LSA_OBJECT_ATTRIBUTES ObjectAttributes,
     int AccessMask,
     out IntPtr PolicyHandle
     );
Ejemplo n.º 3
0
 internal static extern int LsaLookupNames2(
     LSA_HANDLE PolicyHandle,
     uint Flags,
     uint Count,
     LSA_UNICODE_STRING[] Names,
     ref IntPtr ReferencedDomains,
     ref IntPtr Sids
     );
Ejemplo n.º 4
0
 internal static extern uint LsaAddAccountRights(
     LSA_HANDLE PolicyHandle,
     IntPtr pSID,
     LSA_UNICODE_STRING[] UserRights,
     int CountOfRights
     );
Ejemplo n.º 5
0
 // helper functions
 IntPtr GetSIDInformation(string account)
 {
     LSA_UNICODE_STRING[] names = new LSA_UNICODE_STRING[1];
     LSA_TRANSLATED_SID2 lts;
     IntPtr tsids = IntPtr.Zero;
     IntPtr tdom = IntPtr.Zero;
     names[0] = InitLsaString(account);
     lts.Sid = IntPtr.Zero;
     Console.WriteLine("String account: {0}", names[0].Length);
     int ret = Win32Sec.LsaLookupNames2(lsaHandle, 0, 1, names, ref tdom, ref tsids);
     if (ret != 0)
         throw new Win32Exception(Win32Sec.LsaNtStatusToWinError(ret));
     lts = (LSA_TRANSLATED_SID2)Marshal.PtrToStructure(tsids,
     typeof(LSA_TRANSLATED_SID2));
     Win32Sec.LsaFreeMemory(tsids);
     Win32Sec.LsaFreeMemory(tdom);
     return lts.Sid;
 }
Ejemplo n.º 6
0
 static LSA_UNICODE_STRING InitLsaString(string s)
 {
     // Unicode strings max. 32KB
     if (s.Length > 0x7ffe)
         throw new ArgumentException("String too long");
     LSA_UNICODE_STRING lus = new LSA_UNICODE_STRING();
     lus.Buffer = s;
     lus.Length = (ushort)(s.Length * sizeof(char));
     lus.MaximumLength = (ushort)(lus.Length + sizeof(char));
     return lus;
 }
Ejemplo n.º 7
0
 public void AddPrivileges(string account, string privilege)
 {
     IntPtr pSid = GetSIDInformation(account);
     LSA_UNICODE_STRING[] privileges = new LSA_UNICODE_STRING[1];
     privileges[0] = InitLsaString(privilege);
     uint ret = Win32Sec.LsaAddAccountRights(lsaHandle, pSid, privileges, 1);
     if (ret == 0)
         return;
     if (ret == STATUS_ACCESS_DENIED)
     {
         throw new UnauthorizedAccessException();
     }
     if ((ret == STATUS_INSUFFICIENT_RESOURCES) || (ret == STATUS_NO_MEMORY))
     {
         throw new OutOfMemoryException();
     }
     throw new Win32Exception(Win32Sec.LsaNtStatusToWinError((int)ret));
 }