Exemple #1
0
        /// <summary>
        /// Converts the specified string to an LSA string value
        /// </summary>
        /// <param name="Value"></param>
        static LSA_UNICODE_STRING InitLsaString(string Value)
        {
            if (Value.Length > 0x7ffe)
            {
                throw new ArgumentException("String too long");
            }
            LSA_UNICODE_STRING lus = new LSA_UNICODE_STRING();

            lus.Buffer        = Value;
            lus.Length        = (ushort)(Value.Length * sizeof(char));
            lus.MaximumLength = (ushort)(lus.Length + sizeof(char));
            return(lus);
        }
Exemple #2
0
        /// <summary>
        /// Creates a new LSA wrapper for the specified MachineName
        /// </summary>
        /// <param name="MachineName">The name of the machine that should be connected to</param>
        public LsaWrapper(string MachineName)
        {
            LSA_OBJECT_ATTRIBUTES lsaAttr;

            lsaAttr.RootDirectory            = IntPtr.Zero;
            lsaAttr.ObjectName               = IntPtr.Zero;
            lsaAttr.Attributes               = 0;
            lsaAttr.SecurityDescriptor       = IntPtr.Zero;
            lsaAttr.SecurityQualityOfService = IntPtr.Zero;
            lsaAttr.Length = Marshal.SizeOf(typeof(LSA_OBJECT_ATTRIBUTES));
            lsaHandle      = IntPtr.Zero;
            LSA_UNICODE_STRING[] system = null;
            if (MachineName != null)
            {
                system    = new LSA_UNICODE_STRING[1];
                system[0] = InitLsaString(MachineName);
            }
            uint ret = Win32Sec.LsaOpenPolicy(system, ref lsaAttr, (int)Access.POLICY_ALL_ACCESS, out lsaHandle);

            TestReturnValue(ret);
        }
Exemple #3
0
        /// <summary>
        /// Reads the user accounts which have the specific privilege
        /// </summary>
        /// <param name="Privilege">The name of the privilege for which the accounts with this right should be enumerated</param>
        public List <String> ReadPrivilege(string Privilege)
        {
            LSA_UNICODE_STRING[] privileges = new LSA_UNICODE_STRING[1];
            privileges[0] = InitLsaString(Privilege);
            IntPtr        buffer;
            int           count    = 0;
            uint          ret      = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out buffer, out count);
            List <String> Accounts = new List <String>();

            if (ret == 0)
            {
                LSA_ENUMERATION_INFORMATION[] LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
                for (int i = 0, elemOffs = (int)buffer; i < count; i++)
                {
                    LsaInfo[i] = (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure((IntPtr)elemOffs, typeof(LSA_ENUMERATION_INFORMATION));
                    elemOffs  += Marshal.SizeOf(typeof(LSA_ENUMERATION_INFORMATION));
                    SecurityIdentifier SID = new SecurityIdentifier(LsaInfo[i].PSid);
                    Accounts.Add(ResolveAccountName(SID));
                }
                return(Accounts);
            }
            TestReturnValue(ret);
            return(Accounts);
        }