/// <summary>
/// Method to convert the Sids into string format.
/// </summary>
public static void ConvertSidsToString()
{
WellknownSidStrings = new string[WellknownSecurityPrincipalMaxCount];
StringBuilder sidString = new StringBuilder();
for (int counter = 0; counter < WellknownSecurityPrincipalMaxCount; counter++)
{
if (LsatAdapter.TranslatedWellknownSids.Value.Sids[counter].DomainIndex != -1)
{
_RPC_SID counterSid = LsatAdapter.TranslatedWellknownSids.Value.Sids[counter].Sid[0];
sidString.Append("S-");
sidString.Append(counterSid.Revision);
sidString.Append("-");
sidString.Append(Convert.ToInt32(
counterSid.IdentifierAuthority.Value[IdentifierAuthorityCount - 1]));
for (int index = 0; index < counterSid.SubAuthorityCount; index++)
{
sidString.Append("-");
sidString.Append(counterSid.SubAuthority[index]);
}
WellknownSidStrings[counter] = Convert.ToString(sidString);
sidString.Remove(0, sidString.Length);
}
}
}
public static KERB_SID_AND_ATTRIBUTES[] GetResourceGroupExtraSids(string domainName, NetworkCredential cred, uint resourceGroupCount, Group[] resourceGroups)
{
LdapConnection connection = new LdapConnection(domainName);
connection.Credential = cred;
KERB_SID_AND_ATTRIBUTES[] resourceGroupExtraSids = new KERB_SID_AND_ATTRIBUTES[resourceGroupCount];
for (int i = 0; i < resourceGroupCount; i++)
{
string dn = GetDomainDnFromDomainName(domainName);
string targetOu = dn;
string filter = "cn=" + resourceGroups[i].GroupName;
SearchRequest searchRequest = new SearchRequest(targetOu, filter, SearchScope.Subtree, "objectSid");
SearchResponse searchResponse = (SearchResponse)connection.SendRequest(searchRequest);
if (searchResponse.Entries.Count > 1)
{
throw new Exception("There are more than one entries with the same resourceGroupName.");
}
SearchResultAttributeCollection groupAttributes = searchResponse.Entries[0].Attributes;
string[] tmp = GetobjectSid(groupAttributes).Split('-');
_RPC_SID resourceGroupSid = new _RPC_SID();
resourceGroupSid.Revision = 0x01;
resourceGroupSid.IdentifierAuthority = new _RPC_SID_IDENTIFIER_AUTHORITY();
resourceGroupSid.IdentifierAuthority.Value = new byte[] { 0, 0, 0, 0, 0, 5 };
resourceGroupSid.SubAuthorityCount = Convert.ToByte(tmp.Length - 3);
resourceGroupSid.SubAuthority = new uint[tmp.Length - 3];
for (int j = 3; j < tmp.Length; j++)
{
resourceGroupSid.SubAuthority[j - 3] = Convert.ToUInt32(tmp[j]);
}
resourceGroupExtraSids[i] = new KERB_SID_AND_ATTRIBUTES();
resourceGroupExtraSids[i].Attributes = Attributes_Values.Mandatory | Attributes_Values.EnabledByDefault | Attributes_Values.Enabled | Attributes_Values.Resource;
resourceGroupExtraSids[i].SID = new _RPC_SID[1];
resourceGroupExtraSids[i].SID[0] = resourceGroupSid;
}
return(resourceGroupExtraSids);
}
/// <summary>
/// Initializes the SID of the Domain.
/// </summary>
public static _RPC_SID[] GetSid(string sid)
{
_RPC_SID[] sidToInitialize = new _RPC_SID[1];
int index = 1;
string sidString = string.Empty;
if ((sid == "TrustObject1") || (sid == "CollisionObject"))
{
sidString = ValisSid;
}
else
{
sidString = TestSid;
}
char[] delimiter = new char[1];
delimiter[0] = '-';
string[] SubAuthorities = sidString.Split(delimiter);
sidToInitialize[0].Revision = Convert.ToByte(SubAuthorities[index++]);
sidToInitialize[0].IdentifierAuthority = new _RPC_SID_IDENTIFIER_AUTHORITY();
sidToInitialize[0].IdentifierAuthority.Value = new byte[IDENTIFIER_AUTHORITY_VALUES];
sidToInitialize[0].IdentifierAuthority.Value[0] = (byte)Value_Values.NULL_SID_AUTHORITY;
sidToInitialize[0].IdentifierAuthority.Value[1] = (byte)Value_Values.NULL_SID_AUTHORITY;
sidToInitialize[0].IdentifierAuthority.Value[2] = (byte)Value_Values.NULL_SID_AUTHORITY;
sidToInitialize[0].IdentifierAuthority.Value[3] = (byte)Value_Values.NULL_SID_AUTHORITY;
sidToInitialize[0].IdentifierAuthority.Value[4] = (byte)Value_Values.NULL_SID_AUTHORITY;
sidToInitialize[0].IdentifierAuthority.Value[5] = Convert.ToByte(SubAuthorities[index++]);
sidToInitialize[0].SubAuthorityCount = Convert.ToByte(SubAuthorities.Length - index);
sidToInitialize[0].SubAuthority = new uint[sidToInitialize[0].SubAuthorityCount];
for (int i = 0; i < (SubAuthorities.Length - index); i++)
{
sidToInitialize[0].SubAuthority[i] = Convert.ToUInt32(SubAuthorities[i + index]);
}
return(sidToInitialize);
}
