private static void RemoveAccountRight(IntPtr policyHandle, byte[] accountSid, string rightName)
{
System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING lsa_unicode_string;
lsa_unicode_string = new System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING {
buffer = rightName,
length = (short)(lsa_unicode_string.buffer.Length * 2),
maximumLength = lsa_unicode_string.length
};
int ntStatus = System.ServiceProcess.NativeMethods.LsaRemoveAccountRights(policyHandle, accountSid, false, lsa_unicode_string, 1);
if (ntStatus != 0)
{
throw new Win32Exception(SafeNativeMethods.LsaNtStatusToWinError(ntStatus));
}
}
public static int LsaRemoveAccountRights(IntPtr policyHandle, byte[] accountSid, bool allRights, System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING userRights, int countOfRights);
public static int LsaOpenPolicy(System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING systemName, IntPtr pointerObjectAttributes, int desiredAccess, out IntPtr pointerPolicyHandle);
private static void RemoveAccountRight(IntPtr policyHandle, byte[] accountSid, string rightName)
{
System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING lsa_unicode_string;
lsa_unicode_string = new System.ServiceProcess.NativeMethods.LSA_UNICODE_STRING {
buffer = rightName,
length = (short) (lsa_unicode_string.buffer.Length * 2),
maximumLength = lsa_unicode_string.length
};
int ntStatus = System.ServiceProcess.NativeMethods.LsaRemoveAccountRights(policyHandle, accountSid, false, lsa_unicode_string, 1);
if (ntStatus != 0)
{
throw new Win32Exception(SafeNativeMethods.LsaNtStatusToWinError(ntStatus));
}
}
