public MsrpcLookupSids(LsaPolicyHandle policyHandle, Sid[] sids) : base(policyHandle , new LsarSidArrayX(sids), new Lsarpc.LsarRefDomainList(), new Lsarpc.LsarTransNameArray (), 1, sids.Length) { this.sids = sids; Ptype = 0; Flags = DcerpcConstants.DcerpcFirstFrag | DcerpcConstants.DcerpcLastFrag; }
/// <exception cref="System.IO.IOException"></exception> internal static void ResolveSids0(string authorityServerName, NtlmPasswordAuthentication auth, Sid[] sids) { DcerpcHandle handle = null; LsaPolicyHandle policyHandle = null; lock (SidCache) { try { handle = DcerpcHandle.GetHandle("ncacn_np:" + authorityServerName + "[\\PIPE\\lsarpc]" , auth); string server = authorityServerName; int dot = server.IndexOf('.'); if (dot > 0 && char.IsDigit(server[0]) == false) { server = Runtime.Substring(server, 0, dot); } policyHandle = new LsaPolicyHandle(handle, "\\\\" + server, unchecked(0x00000800)); ResolveSids(handle, policyHandle, sids); } finally { if (handle != null) { if (policyHandle != null) { policyHandle.Close(); } handle.Close(); } } } }
/// <exception cref="System.IO.IOException"></exception> internal static void ResolveSids(DcerpcHandle handle, LsaPolicyHandle policyHandle , Sid[] sids) { MsrpcLookupSids rpc = new MsrpcLookupSids(policyHandle, sids); handle.Sendrecv(rpc); switch (rpc.Retval) { case 0: case NtStatus.NtStatusNoneMapped: case unchecked(0x00000107): { // NT_STATUS_SOME_NOT_MAPPED break; } default: { throw new SmbException(rpc.Retval, false); } } for (int si = 0; si < sids.Length; si++) { sids[si].Type = rpc.Names.Names[si].SidType; sids[si].DomainName = null; switch (sids[si].Type) { case SidTypeUser: case SidTypeDomGrp: case SidTypeDomain: case SidTypeAlias: case SidTypeWknGrp: { int sidIndex = rpc.Names.Names[si].SidIndex; Rpc.Unicode_string ustr = rpc.Domains.Domains[sidIndex].Name; sids[si].DomainName = (new UnicodeString(ustr, false)).ToString(); break; } } sids[si].AcctName = (new UnicodeString(rpc.Names.Names[si].Name, false)).ToString (); sids[si].OriginServer = null; sids[si].OriginAuth = null; } }
/// <exception cref="System.IO.IOException"></exception> public static Sid GetServerSid(string server, NtlmPasswordAuthentication auth) { DcerpcHandle handle = null; LsaPolicyHandle policyHandle = null; Lsarpc.LsarDomainInfo info = new Lsarpc.LsarDomainInfo(); MsrpcQueryInformationPolicy rpc; lock (SidCache) { try { handle = DcerpcHandle.GetHandle("ncacn_np:" + server + "[\\PIPE\\lsarpc]", auth); // NetApp doesn't like the 'generic' access mask values policyHandle = new LsaPolicyHandle(handle, null, unchecked(0x00000001)); rpc = new MsrpcQueryInformationPolicy(policyHandle, Lsarpc.PolicyInfoAccountDomain , info); handle.Sendrecv(rpc); if (rpc.Retval != 0) { throw new SmbException(rpc.Retval, false); } return new Sid(info.Sid, SidTypeDomain, (new UnicodeString (info.Name, false)).ToString(), null, false); } finally { if (handle != null) { if (policyHandle != null) { policyHandle.Close(); } handle.Close(); } } } }
public MsrpcQueryInformationPolicy(LsaPolicyHandle policyHandle, short level, NdrObject info) : base(policyHandle, level, info) { Ptype = 0; Flags = DcerpcConstants.DcerpcFirstFrag | DcerpcConstants.DcerpcLastFrag; }