/// <summary>
/// Open an LSA policy.
/// </summary>
/// <param name="system_name">The system name for the LSA.</param>
/// <param name="desired_access">The desired access on the policy.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The opened policy.</returns>
public static NtResult <LsaPolicy> Open(string system_name, LsaPolicyAccessRights desired_access, bool throw_on_error)
{
UnicodeString str = !string.IsNullOrEmpty(system_name) ? new UnicodeString(system_name) : null;
return(SecurityNativeMethods.LsaOpenPolicy(str, new ObjectAttributes(),
desired_access, out SafeLsaHandle policy).CreateResult(throw_on_error, () => new LsaPolicy(policy, desired_access, system_name)));
}
internal static NtResult <SafeLsaHandle> OpenPolicy(string system_name, LsaPolicyAccessRights desired_access, bool throw_on_error)
{
UnicodeString str = system_name != null ? new UnicodeString(system_name) : null;
return(SecurityNativeMethods.LsaOpenPolicy(str, new ObjectAttributes(),
desired_access, out SafeLsaHandle policy).CreateResult(throw_on_error, () => policy));
}
/// <summary>Initializes a new instance of the <see cref="LocalSecurity"/> class.</summary>
/// <param name="server">The server. Use <c>null</c> for the local server.</param>
/// <param name="accessRights">The access rights mask for the actions to be taken.</param>
/// <exception cref="System.ComponentModel.Win32Exception"></exception>
public LocalSecurity(string server = null, LsaPolicyAccessRights accessRights = LsaPolicyAccessRights.AllAccess)
{
LSA_UNICODE_STRING systemName = server;
LSA_OBJECT_ATTRIBUTES objectAttributes = LSA_OBJECT_ATTRIBUTES.Empty;
ThrowIfLsaError(LsaOpenPolicy(systemName, ref objectAttributes, 0x000F0000 | (int)accessRights, out handle)); // Add in STANDARD_RIGHTS_REQUIRED
svr = server;
}
internal static extern NtStatus LsaOpenPolicy(
UnicodeString SystemName,
ObjectAttributes ObjectAttributes,
LsaPolicyAccessRights DesiredAccess,
out SafeLsaHandle PolicyHandle
);
/// <summary>
/// Open an LSA policy.
/// </summary>
/// <param name="desired_access">The desired access on the policy.</param>
/// <returns>The opened policy.</returns>
public static LsaPolicy Open(LsaPolicyAccessRights desired_access)
{
return(Open(null, desired_access));
}
/// <summary>
/// Open an LSA policy.
/// </summary>
/// <param name="system_name">The system name for the LSA.</param>
/// <param name="desired_access">The desired access on the policy.</param>
/// <returns>The opened policy.</returns>
public static LsaPolicy Open(string system_name, LsaPolicyAccessRights desired_access)
{
return(Open(system_name, desired_access, true).Result);
}
/// <summary>
/// Open an LSA policy.
/// </summary>
/// <param name="desired_access">The desired access on the policy.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The opened policy.</returns>
public static NtResult <LsaPolicy> Open(LsaPolicyAccessRights desired_access, bool throw_on_error)
{
return(Open(null, desired_access, throw_on_error));
}
private LsaPolicy(SafeLsaHandle handle, LsaPolicyAccessRights granted_access, string system_name)
: base(handle, granted_access, LsaPolicyUtils.LSA_POLICY_NT_TYPE_NAME,
string.IsNullOrEmpty(system_name) ? "LSA Policy" : $@"LSA Policy (\\{system_name}")
{
_system_name = system_name;
}
