public void RestoreAccess()
{
Trace.TraceInformation("RestoreAccess");
if (AccessEnabled)
{
Trace.TraceError("Can not restore access - it is already enabled");
return;
}
var originalValue = Settings.OriginalSeInteractiveLogonRight.ToArray();
if (originalValue.Any())
{
using (var policy = new LSAPolicy())
{
foreach (var item in policy.EnumerateAllowLogonLocalSids().ToArray())
{
policy.LsaRemoveAccountRights(item);
}
foreach (var item in originalValue)
{
policy.LsaAddAccountRights(item);
}
}
if (!AccessEnabled)
{
Trace.TraceError("Failed enabling access: looks like it is still disabled");
}
}
else
{
Trace.TraceError("Can not restore access: no backup");
}
}
void DisableAccess()
{
Trace.TraceInformation("DisableAccess");
if (!AccessEnabled)
{
Trace.TraceError("Can not disable access - it is already disabled");
return;
}
BackupAccess();
var value = Settings.OriginalSeInteractiveLogonRight.ToArray();
if (value.Any())
{
using (var policy = new LSAPolicy())
{
foreach (var item in value)
{
policy.LsaRemoveAccountRights(item);
}
var reservedValues = Settings.ReservedLogonRight.ToArray();
if (reservedValues.Any())
{
foreach (var item in reservedValues)
{
policy.LsaAddAccountRights(item);
}
}
}
if (AccessEnabled)
{
Trace.TraceError("Failed disabling access: looks like it is still enabled");
}
}
else
{
Trace.TraceError("Can not disable access - looks like it is not backed up");
}
}