Esempio n. 1
0
        public void RestoreAccess()
        {
            Trace.TraceInformation("RestoreAccess");
            if (AccessEnabled)
            {
                Trace.TraceError("Can not restore access - it is already enabled");
                return;
            }
            var originalValue = Settings.OriginalSeInteractiveLogonRight.ToArray();

            if (originalValue.Any())
            {
                using (var policy = new LSAPolicy())
                {
                    foreach (var item in policy.EnumerateAllowLogonLocalSids().ToArray())
                    {
                        policy.LsaRemoveAccountRights(item);
                    }
                    foreach (var item in originalValue)
                    {
                        policy.LsaAddAccountRights(item);
                    }
                }
                if (!AccessEnabled)
                {
                    Trace.TraceError("Failed enabling access: looks like it is still disabled");
                }
            }
            else
            {
                Trace.TraceError("Can not restore access: no backup");
            }
        }
Esempio n. 2
0
        void DisableAccess()
        {
            Trace.TraceInformation("DisableAccess");
            if (!AccessEnabled)
            {
                Trace.TraceError("Can not disable access - it is already disabled");
                return;
            }
            BackupAccess();
            var value = Settings.OriginalSeInteractiveLogonRight.ToArray();

            if (value.Any())
            {
                using (var policy = new LSAPolicy())
                {
                    foreach (var item in value)
                    {
                        policy.LsaRemoveAccountRights(item);
                    }
                    var reservedValues = Settings.ReservedLogonRight.ToArray();
                    if (reservedValues.Any())
                    {
                        foreach (var item in reservedValues)
                        {
                            policy.LsaAddAccountRights(item);
                        }
                    }
                }
                if (AccessEnabled)
                {
                    Trace.TraceError("Failed disabling access: looks like it is still enabled");
                }
            }
            else
            {
                Trace.TraceError("Can not disable access - looks like it is not backed up");
            }
        }