private static void RemoveAccountRight(IntPtr policyHandle, byte[] accountSid, string rightName) { System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING lsa_unicode_string; lsa_unicode_string = new System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING { buffer = rightName, length = (short)(lsa_unicode_string.buffer.Length * 2), maximumLength = lsa_unicode_string.length }; int ntStatus = System.ServiceProcess.NativeMethods.LsaRemoveAccountRights(policyHandle, accountSid, false, lsa_unicode_string, 1); if (ntStatus != 0) { throw new Win32Exception(SafeNativeMethods.LsaNtStatusToWinError(ntStatus)); } }
public static int LsaRemoveAccountRights(IntPtr policyHandle, byte[] accountSid, bool allRights, System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING userRights, int countOfRights);
public static int LsaOpenPolicy(System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING systemName, IntPtr pointerObjectAttributes, int desiredAccess, out IntPtr pointerPolicyHandle);
private static void RemoveAccountRight(IntPtr policyHandle, byte[] accountSid, string rightName) { System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING lsa_unicode_string; lsa_unicode_string = new System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING { buffer = rightName, length = (short) (lsa_unicode_string.buffer.Length * 2), maximumLength = lsa_unicode_string.length }; int ntStatus = System.ServiceProcess.NativeMethods.LsaRemoveAccountRights(policyHandle, accountSid, false, lsa_unicode_string, 1); if (ntStatus != 0) { throw new Win32Exception(SafeNativeMethods.LsaNtStatusToWinError(ntStatus)); } }