|
private LsaEnumerateAccountsWithUserRight ( |
||
| PolicyHandle | ||
| UserRights | LSA_UNICODE_STRING, | |
| EnumerationBuffer | IntPtr | |
| CountReturned | ulong | |
| return | uint | |
IEnumerable <string> FetchSchedulerGroups()
{
var privileges = new LSA_UNICODE_STRING[1];
privileges[0] = InitLsaString("SeBatchLogonRight");
var ret = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out LSA_HANDLE buffer, out ulong count);
var accounts = new List <String>();
if (ret == 0)
{
var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
var myLsaus = new LSA_ENUMERATION_INFORMATION();
for (ulong i = 0; i < count; i++)
{
var itemAddr = new IntPtr(buffer.ToInt64() + (long)(i * (ulong)Marshal.SizeOf(myLsaus)));
LsaInfo[i] =
(LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
var SID = new SecurityIdentifier(LsaInfo[i].PSid);
accounts.Add(ResolveAccountName(SID));
}
}
return(accounts);
}
private IEnumerable <string> FetchSchedulerGroups()
{
var privileges = new LSA_UNICODE_STRING[1];
privileges[0] = InitLsaString("SeBatchLogonRight");
IntPtr buffer;
int count;
uint ret = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out buffer, out count);
var accounts = new List <String>();
if (ret == 0)
{
var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
for (int i = 0, elemOffs = (int)buffer; i < count; i++)
{
LsaInfo[i] =
(LSA_ENUMERATION_INFORMATION)
Marshal.PtrToStructure((IntPtr)elemOffs, typeof(LSA_ENUMERATION_INFORMATION));
elemOffs += Marshal.SizeOf(typeof(LSA_ENUMERATION_INFORMATION));
var SID = new SecurityIdentifier(LsaInfo[i].PSid);
accounts.Add(ResolveAccountName(SID));
}
}
return(accounts);
}
public bool IsWindowsAuthorised(string privilege, string userName)
{
bool windowsAuthorised = false;
userName = CleanUser(userName);
var privileges = new LSA_UNICODE_STRING[1];
privileges[0] = InitLsaString(privilege);
IntPtr buffer;
ulong count;
uint ret = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out buffer, out count);
var Accounts = new List <String>();
if (ret == 0)
{
var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
LSA_ENUMERATION_INFORMATION myLsaus = new LSA_ENUMERATION_INFORMATION();
for (ulong i = 0; i < count; i++)
{
IntPtr itemAddr = new IntPtr(buffer.ToInt64() + (long)(i * (ulong)Marshal.SizeOf(myLsaus)));
LsaInfo[i] =
(LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
var SID = new SecurityIdentifier(LsaInfo[i].PSid);
Accounts.Add(ResolveAccountName(SID));
}
try
{
var wp = new WindowsPrincipal(new WindowsIdentity(userName));
foreach (string account in Accounts)
{
if (wp.IsInRole(account))
{
windowsAuthorised = true;
}
}
return(windowsAuthorised);
}
catch (Exception)
{
var localGroups = GetLocalUserGroupsForTaskSchedule(userName);
var intersection = localGroups.Intersect(Accounts);
return(intersection.Any());
}
}
return(false);
}
private List <string> GetAccountsWithPrivilege(string privilege)
{
var privileges = new LSA_UNICODE_STRING[1];
privileges[0] = InitLsaString(privilege);
var gotAccounts = Win32Sec.LsaEnumerateAccountsWithUserRight(_lsaHandle, privileges, out LSA_HANDLE buffer, out ulong count) == 0;
var accountNames = new List <string>();
if (gotAccounts)
{
var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
var myLsaus = new LSA_ENUMERATION_INFORMATION();
for (ulong i = 0; i < count; i++)
{
var itemAddr = new IntPtr(buffer.ToInt64() + (long)(i * (ulong)Marshal.SizeOf(myLsaus)));
LsaInfo[i] = (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
var sid = new SecurityIdentifier(LsaInfo[i].PSid);
accountNames.Add(ResolveAccountName(sid));
}
}
return(accountNames);
}
public bool IsWindowsAuthorised(string privilege, string userName)
{
var windowsAuthorised = false;
var username = CleanUser(userName);
var privileges = new LSA_UNICODE_STRING[1];
privileges[0] = InitLsaString(privilege);
var ret = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out LSA_HANDLE buffer, out ulong count);
var Accounts = new List <String>();
if (ret == 0)
{
var LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
var myLsaus = new LSA_ENUMERATION_INFORMATION();
for (ulong i = 0; i < count; i++)
{
var itemAddr = new IntPtr(buffer.ToInt64() + (long)(i * (ulong)Marshal.SizeOf(myLsaus)));
LsaInfo[i] =
(LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
var SID = new SecurityIdentifier(LsaInfo[i].PSid);
Accounts.Add(ResolveAccountName(SID));
}
try
{
return(IsWindowsAuthorised(username, ref windowsAuthorised, Accounts));
}
catch (Exception)
{
var localGroups = GetLocalUserGroupsForTaskSchedule(username);
var intersection = localGroups.Intersect(Accounts);
return(intersection.Any(s => !s.Equals(Environment.MachineName + "\\" + username, StringComparison.InvariantCultureIgnoreCase)));
}
}
return(false);
}
/// <summary>
/// Reads the user accounts which have the specific privilege
/// </summary>
/// <param name="Privilege">The name of the privilege for which the accounts with this right should be enumerated</param>
public List <String> ReadPrivilege(string Privilege)
{
LSA_UNICODE_STRING[] privileges = new LSA_UNICODE_STRING[1];
privileges[0] = InitLsaString(Privilege);
IntPtr buffer;
int count = 0;
uint ret = Win32Sec.LsaEnumerateAccountsWithUserRight(lsaHandle, privileges, out buffer, out count);
List <String> Accounts = new List <String>();
if (ret == 0)
{
LSA_ENUMERATION_INFORMATION[] LsaInfo = new LSA_ENUMERATION_INFORMATION[count];
for (int i = 0, elemOffs = (int)buffer; i < count; i++)
{
LsaInfo[i] = (LSA_ENUMERATION_INFORMATION)Marshal.PtrToStructure((IntPtr)elemOffs, typeof(LSA_ENUMERATION_INFORMATION));
elemOffs += Marshal.SizeOf(typeof(LSA_ENUMERATION_INFORMATION));
SecurityIdentifier SID = new SecurityIdentifier(LsaInfo[i].PSid);
Accounts.Add(SID.ToString());
}
return(Accounts);
}
TestReturnValue(ret);
return(Accounts);
}
