예제 #1
0
        private string EncodeSid()
        {
            IntPtr pSid       = IntPtr.Zero;
            IntPtr pStringSid = IntPtr.Zero;
            IntPtr pDomain    = IntPtr.Zero;

            try
            {
                int sidLength    = 0;
                int domainLength = 0;

                SecurityApi.SidNameUse use;

                if (!SecurityApi.LookupAccountName(null, _user, pSid, ref sidLength, pDomain, ref domainLength, out use))
                {
                    int error = Marshal.GetLastWin32Error();

                    if (error != (int)SecurityApi.Error.ERROR_INSUFFICIENT_BUFFER)
                    {
                        throw new Exception("LookupAccountName failed.  Error = " + Marshal.GetLastWin32Error().ToString());
                    }
                }

                pSid = Marshal.AllocHGlobal(sidLength);

                pDomain = Marshal.AllocHGlobal(domainLength * 2); // 2-byte unicode...we're using the "W" variety of the funcion

                if (!SecurityApi.LookupAccountName(null, _user, pSid, ref sidLength, pDomain, ref domainLength, out use))
                {
                    throw new Exception("LookupAccountName failed.  Error = " + Marshal.GetLastWin32Error().ToString());
                }

                if (!SecurityApi.ConvertSidToStringSid(pSid, out pStringSid))
                {
                    throw new Exception("ConvertSidToStringSid failed.  Error = " + Marshal.GetLastWin32Error().ToString());
                }

                return(Marshal.PtrToStringUni(pStringSid));
            }
            finally
            {
                if (pSid != IntPtr.Zero)
                {
                    SecurityApi.LocalFree(pSid);
                }

                if (pStringSid != IntPtr.Zero)
                {
                    SecurityApi.LocalFree(pStringSid);
                }

                if (pDomain != IntPtr.Zero)
                {
                    Marshal.FreeHGlobal(pDomain);
                }
            }
        }
예제 #2
0
        private static bool DecodeSid(string stringSid, out string accountName)
        {
            IntPtr pSid     = IntPtr.Zero;
            IntPtr pAccount = IntPtr.Zero;
            IntPtr pDomain  = IntPtr.Zero;

            try
            {
                accountName = stringSid;

                if (!SecurityApi.ConvertStringSidToSid(stringSid, out pSid))
                {
                    throw new Exception("ConvertStringSidToSid failed.  Error = " + Marshal.GetLastWin32Error().ToString());
                }

                int accountLength = 0;
                int domainLength  = 0;

                SecurityApi.SidNameUse use;

                if (!SecurityApi.LookupAccountSid(null, pSid, pAccount, ref accountLength, pDomain, ref domainLength, out use))
                {
                    int error = Marshal.GetLastWin32Error();

                    if (error != (int)SecurityApi.Error.ERROR_INSUFFICIENT_BUFFER)
                    {
                        if ((error == (int)SecurityApi.Error.ERROR_NONE_MAPPED) || (error == (int)SecurityApi.Error.ERROR_TRUSTED_RELATIONSHIP_FAILURE))
                        {
                            return(false);
                        }
                        else
                        {
                            throw new Exception("LookupAccountSid failed.  Error = " + Marshal.GetLastWin32Error().ToString());
                        }
                    }
                }

                pAccount = Marshal.AllocHGlobal(accountLength * 2); // 2-byte unicode...we're using the "W" variety of the funcion

                pDomain = Marshal.AllocHGlobal(domainLength * 2);   // 2-byte unicode...we're using the "W" variety of the funcion

                if (!SecurityApi.LookupAccountSid(null, pSid, pAccount, ref accountLength, pDomain, ref domainLength, out use))
                {
                    int error = Marshal.GetLastWin32Error();

                    if ((error == (int)SecurityApi.Error.ERROR_NONE_MAPPED) || (error == (int)SecurityApi.Error.ERROR_TRUSTED_RELATIONSHIP_FAILURE))
                    {
                        return(false);
                    }
                    else
                    {
                        throw new Exception("LookupAccountSid failed.  Error = " + error.ToString());
                    }
                }

                accountName = Marshal.PtrToStringUni(pDomain) + "\\" + Marshal.PtrToStringUni(pAccount);

                return(true);
            }
            finally
            {
                if (pSid != IntPtr.Zero)
                {
                    SecurityApi.LocalFree(pSid);
                }

                if (pAccount != IntPtr.Zero)
                {
                    Marshal.FreeHGlobal(pAccount);
                }

                if (pDomain != IntPtr.Zero)
                {
                    Marshal.FreeHGlobal(pDomain);
                }
            }
        }