/// <summary> /// Enumerates the accounts in the policy with the specified privilege. /// This requires LookupNames, ViewLocalInformation and usually /// administrator access. /// </summary> /// <param name="privilegeName">The name of the required privilege.</param> /// <param name="callback">The callback for the enumeration.</param> public void EnumAccountsWithPrivilege(string privilegeName, EnumAccountsDelegate callback) { NtStatus status; UnicodeString privilegeNameStr; IntPtr buffer; int count; privilegeNameStr = new UnicodeString(privilegeName); try { if ((status = Win32.LsaEnumerateAccountsWithUserRight( this, ref privilegeNameStr, out buffer, out count )) >= NtStatus.Error) { Win32.Throw(status); } } finally { privilegeNameStr.Dispose(); } Sid[] sids = new Sid[count]; using (var bufferAlloc = new LsaMemoryAlloc(buffer)) { for (int i = 0; i < count; i++) { if (!callback(new Sid(bufferAlloc.ReadIntPtr(0, i)))) { break; } } } }
/// <summary> /// Enumerates the accounts in the policy. This requires /// ViewLocalInformation access. /// </summary> /// <param name="callback">The callback for the enumeration.</param> public void EnumAccounts(EnumAccountsDelegate callback) { NtStatus status; int enumerationContext = 0; IntPtr buffer; int count; while (true) { status = Win32.LsaEnumerateAccounts( this, ref enumerationContext, out buffer, 0x100, out count ); if (status == NtStatus.NoMoreEntries) { break; } if (status >= NtStatus.Error) { Win32.Throw(status); } using (var bufferAlloc = new LsaMemoryAlloc(buffer)) { for (int i = 0; i < count; i++) { if (!callback(new Sid(bufferAlloc.ReadIntPtr(0, i)))) { return; } } } } }