public void EnumerateAccountRights_NoRightsFails() { LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_READ); SID sid = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinAnyPackageSid); SecurityMethods.LsaEnumerateAccountRights(handle, ref sid).Should().BeEmpty(); }
public void EnumerateAccountRights_BadSidFails() { LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_READ); SID sid = new SID(); Action action = () => SecurityMethods.LsaEnumerateAccountRights(handle, ref sid); action.ShouldThrow <ArgumentException>(); }
public void EnumerateAccountRights_ReadRightsFails() { LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_READ); SID sid = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinUsersSid); Action action = () => SecurityMethods.LsaEnumerateAccountRights(handle, ref sid); action.ShouldThrow <UnauthorizedAccessException>(); }
public void EnumerateAccountRights_UserGroup() { LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_EXECUTE); SID sid = AuthorizationMethods.CreateWellKnownSid(WELL_KNOWN_SID_TYPE.WinBuiltinUsersSid); var rights = SecurityMethods.LsaEnumerateAccountRights(handle, ref sid); rights.Should().NotBeEmpty(); rights.Should().Contain("SeChangeNotifyPrivilege"); }
public void LsaOpenPolicy_GenericRead() { Action action = () => AuthenticationMethods.LsaOpenLocalPolicy((PolicyAccessRights)GenericAccessRights.Read); action.ShouldThrow <UnauthorizedAccessException>(); }
public void LsaOpenPolicy_StandardRead() { LsaHandle handle = AuthenticationMethods.LsaOpenLocalPolicy(PolicyAccessRights.POLICY_READ); handle.IsInvalid.Should().BeFalse(); }