/// <summary> /// sets user profile quota /// </summary> /// <param name="where">ROOTKEY hklm or hku</param> /// <param name="name">SubKey name</param> /// <param name="quota">if 0 means the profile quota GPO it will be deleted</param> /// <returns>false on error</returns> public static Boolean SetQuota(Abstractions.WindowsApi.pInvokes.structenums.RegistryLocation where, string name, uint quota) { LibraryLogging.Info("set Quota for {0}", name); try { using (RegistryKey key = Abstractions.WindowsApi.pInvokes.GetRegistryLocation(where).CreateSubKey(name + @"\Software\Microsoft\Windows\CurrentVersion\Policies\System")) { if (quota > 0) { key.SetValue("EnableProfileQuota", 1, RegistryValueKind.DWord); //key.SetValue("ProfileQuotaMessage", "You have exceeded your profile storage space. Before you can log off, you need to move some items from your profile to network or local storage.", RegistryValueKind.String); key.SetValue("MaxProfileSize", quota, RegistryValueKind.DWord); key.SetValue("IncludeRegInProQuota", 1, RegistryValueKind.DWord); key.SetValue("WarnUser", 1, RegistryValueKind.DWord); key.SetValue("WarnUserTimeout", 5, RegistryValueKind.DWord); } else { key.DeleteValue("EnableProfileQuota", false); key.DeleteValue("ProfileQuotaMessage", false); key.DeleteValue("MaxProfileSize", false); key.DeleteValue("IncludeRegInProQuota", false); key.DeleteValue("WarnUser", false); key.DeleteValue("WarnUserTimeout", false); } } } catch (Exception ex) { LibraryLogging.Error("Can't set profile quota for {0} Error:{1}", name, ex.Message); return(false); } return(true); }
/// <summary> /// apply registry security settings to user profiles /// </summary> public static bool RegSec(Abstractions.WindowsApi.pInvokes.structenums.RegistryLocation where, string keyname, SecurityIdentifier userSid) { try { using (RegistryKey key = Abstractions.WindowsApi.pInvokes.GetRegistryLocation(where).OpenSubKey(keyname, true)) { RegistrySecurity keySecurity = key.GetAccessControl(AccessControlSections.Access); string sddl = keySecurity.GetSecurityDescriptorSddlForm(AccessControlSections.All); foreach (RegistryAccessRule user in keySecurity.GetAccessRules(true, true, typeof(SecurityIdentifier))) { if (user.IdentityReference.Value.StartsWith("S-1-5-21-") && !user.IdentityReference.Value.Equals(userSid.Value)) { sddl = sddl.Replace(user.IdentityReference.Value, userSid.Value); keySecurity.SetSecurityDescriptorSddlForm(sddl); key.SetAccessControl(keySecurity); break; } } foreach (string subkey in key.GetSubKeyNames()) { if (!RegSec(where, keyname + "\\" + subkey, userSid)) { return(false); } } } } catch (SystemException ex) { Log.WarnFormat("RegSec:{0} Warning {1}", keyname, ex.Message); } catch (Exception ex) { Log.ErrorFormat("RegSec:{0} Error:{1}", keyname, ex.Message); return(false); } return(true); }
/// <summary> /// query for already set user profile quota /// </summary> /// <param name="where"></param> /// <param name="name"></param> /// <returns>true on already set</returns> public static Boolean QueryQuota(Abstractions.WindowsApi.pInvokes.structenums.RegistryLocation where, string name) { LibraryLogging.Info("query Quota for {0}", name); try { using (RegistryKey key = Abstractions.WindowsApi.pInvokes.GetRegistryLocation(where).OpenSubKey(name + @"\Software\Microsoft\Windows\CurrentVersion\Policies\System")) { if (key.GetValue("EnableProfileQuota") == null) { return(false); } } } catch (Exception ex) { LibraryLogging.Error("Can't get profile quota for {0} Error:{1}", name, ex.Message); return(false); } return(true); }