public static IEnumerable <string> GetUserRights(string userName)
{
//initialize an empty unicode-string
LSA_UNICODE_STRING aSystemName = new LSA_UNICODE_STRING();
//combine all policies
uint aAccess = (uint)(
LSA_AccessPolicies.POLICY_AUDIT_LOG_ADMIN |
LSA_AccessPolicies.POLICY_CREATE_ACCOUNT |
LSA_AccessPolicies.POLICY_CREATE_PRIVILEGE |
LSA_AccessPolicies.POLICY_CREATE_SECRET |
LSA_AccessPolicies.POLICY_GET_PRIVATE_INFORMATION |
LSA_AccessPolicies.POLICY_LOOKUP_NAMES |
LSA_AccessPolicies.POLICY_NOTIFICATION |
LSA_AccessPolicies.POLICY_SERVER_ADMIN |
LSA_AccessPolicies.POLICY_SET_AUDIT_REQUIREMENTS |
LSA_AccessPolicies.POLICY_SET_DEFAULT_QUOTA_LIMITS |
LSA_AccessPolicies.POLICY_TRUST_ADMIN |
LSA_AccessPolicies.POLICY_VIEW_AUDIT_INFORMATION |
LSA_AccessPolicies.POLICY_VIEW_LOCAL_INFORMATION
);
//initialize a pointer for the policy handle
IntPtr aPolicyHandle = IntPtr.Zero;
//these attributes are not used, but LsaOpenPolicy wants them to exists
LSA_OBJECT_ATTRIBUTES aObjectAttributes = new LSA_OBJECT_ATTRIBUTES
{
Length = 0,
RootDirectory = IntPtr.Zero,
Attributes = 0,
SecurityDescriptor = IntPtr.Zero,
SecurityQualityOfService = IntPtr.Zero
};
//get a policy handle
uint aOpenPolicyResult = NativeMethods.LsaOpenPolicy(ref aSystemName, ref aObjectAttributes, aAccess, out aPolicyHandle);
aWinErrorCode = NativeMethods.LsaNtStatusToWinError(aOpenPolicyResult);
if (aWinErrorCode == Win32Constants.ERROR_SUCCESS) // We opened Policy with success
{
// Get principal SID
byte[] sid = GetSID(userName);
if (sid != null) // If we got SID
{
// Call LsaEnumerateAccountRights
_ = NativeMethods.LsaEnumerateAccountRights(aPolicyHandle, sid, out IntPtr rightsPtr, out uint countOfRights);
try
{
IntPtr ptr = rightsPtr;
for (Int32 i = 0; i < countOfRights; i++)
{
// Get Result
//LSA_UNICODE_STRING structure = new LSA_UNICODE_STRING();
LSA_UNICODE_STRING structure = (LSA_UNICODE_STRING)Marshal.PtrToStructure(ptr, typeof(LSA_UNICODE_STRING));
char[] destination = new char[structure.Length / sizeof(char)];
Marshal.Copy(structure.Buffer, destination, 0, destination.Length);
string userRightStr = new string(destination, 0, destination.Length);
yield return(userRightStr);
// Move pointer to the next string
ptr = (IntPtr)(((long)ptr) + Marshal.SizeOf(typeof(LSA_UNICODE_STRING)));
}
}
finally
{
_ = NativeMethods.LsaFreeMemory(rightsPtr);
}
}
}
}
internal static extern uint LsaOpenPolicy(
ref LSA_UNICODE_STRING SystemName,
ref LSA_OBJECT_ATTRIBUTES ObjectAttributes,
uint DesiredAccess,
out IntPtr PolicyHandle
);
