Пример #1
0
        // // local system if systemName is null
        public LsaWrapper(string systemName)
        {
            LSA_OBJECT_ATTRIBUTES lsaAttr;

            lsaAttr.RootDirectory            = IntPtr.Zero;
            lsaAttr.ObjectName               = IntPtr.Zero;
            lsaAttr.Attributes               = 0;
            lsaAttr.SecurityDescriptor       = IntPtr.Zero;
            lsaAttr.SecurityQualityOfService = IntPtr.Zero;
            lsaAttr.Length = Marshal.SizeOf(typeof(LSA_OBJECT_ATTRIBUTES));
            lsaHandle      = IntPtr.Zero;
            LSA_UNICODE_STRING[] system = null;
            if (systemName != null)
            {
                system    = new LSA_UNICODE_STRING[1];
                system[0] = InitLsaString(systemName);
            }

            uint ret = Win32Sec.LsaOpenPolicy(system, ref lsaAttr,
                                              (int)Access.POLICY_ALL_ACCESS, out lsaHandle);

            if (ret == 0)
            {
                return;
            }
            if (ret == STATUS_ACCESS_DENIED)
            {
                throw new UnauthorizedAccessException();
            }
            if ((ret == STATUS_INSUFFICIENT_RESOURCES) || (ret == STATUS_NO_MEMORY))
            {
                throw new OutOfMemoryException();
            }
            throw new Win32Exception(Win32Sec.LsaNtStatusToWinError((int)ret));
        }
Пример #2
0
 public void Dispose()
 {
     if (lsaHandle != IntPtr.Zero)
     {
         Win32Sec.LsaClose(lsaHandle);
         lsaHandle = IntPtr.Zero;
     }
     GC.SuppressFinalize(this);
 }
Пример #3
0
        // helper functions

        IntPtr GetSIDInformation(string account)
        {
            LSA_UNICODE_STRING[] names = new LSA_UNICODE_STRING[1];
            LSA_TRANSLATED_SID2  lts;
            IntPtr tsids = IntPtr.Zero;
            IntPtr tdom  = IntPtr.Zero;

            names[0] = InitLsaString(account);
            lts.Sid  = IntPtr.Zero;
            Console.WriteLine("String account: {0}", names[0].Length);
            int ret = Win32Sec.LsaLookupNames2(lsaHandle, 0, 1, names, ref tdom, ref tsids);

            if (ret != 0)
            {
                throw new Win32Exception(Win32Sec.LsaNtStatusToWinError(ret));
            }
            lts = (LSA_TRANSLATED_SID2)Marshal.PtrToStructure(tsids,
                                                              typeof(LSA_TRANSLATED_SID2));
            Win32Sec.LsaFreeMemory(tsids);
            Win32Sec.LsaFreeMemory(tdom);
            return(lts.Sid);
        }
Пример #4
0
        public void AddPrivileges(string account, string privilege)
        {
            IntPtr pSid = GetSIDInformation(account);

            LSA_UNICODE_STRING[] privileges = new LSA_UNICODE_STRING[1];
            privileges[0] = InitLsaString(privilege);
            uint ret = Win32Sec.LsaAddAccountRights(lsaHandle, pSid, privileges, 1);

            if (ret == 0)
            {
                return;
            }
            if (ret == STATUS_ACCESS_DENIED)
            {
                throw new UnauthorizedAccessException();
            }
            if ((ret == STATUS_INSUFFICIENT_RESOURCES) || (ret == STATUS_NO_MEMORY))
            {
                throw new OutOfMemoryException();
            }
            throw new Win32Exception(Win32Sec.LsaNtStatusToWinError((int)ret));
        }