internal LsaTrustedDomain(SafeLsaHandle handle, LsaTrustedDomainAccessRights granted_access, string name, Sid sid, LsaTrustedDomainInformation domain_info, string system_name)
: base(handle, granted_access, LsaPolicyUtils.LSA_TRUSTED_DOMAIN_NT_TYPE_NAME, $"LSA Trusted Domain ({(name ?? domain_info.Name)})", system_name)
{
_domain_info = domain_info;
Sid = sid ?? domain_info.Sid;
Name = name ?? domain_info.Name;
}
/// <summary>
/// Open trusted domain object.
/// </summary>
/// <param name="name">The name of the trusted domain.</param>
/// <param name="desired_access">The desired access for the object.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The trusted domain object.</returns>
public NtResult <LsaTrustedDomain> OpenTrustedDomain(string name, LsaTrustedDomainAccessRights desired_access, bool throw_on_error)
{
if (string.IsNullOrEmpty(name))
{
throw new ArgumentException($"'{nameof(name)}' cannot be null or empty.", nameof(name));
}
return(OpenTrustedDomain(name, null, desired_access, throw_on_error));
}
/// <summary>
/// Open trusted domain object.
/// </summary>
/// <param name="sid">The SID of the trusted domain.</param>
/// <param name="desired_access">The desired access for the object.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The trusted domain object.</returns>
public NtResult <LsaTrustedDomain> OpenTrustedDomain(Sid sid, LsaTrustedDomainAccessRights desired_access, bool throw_on_error)
{
if (sid is null)
{
throw new ArgumentNullException(nameof(sid));
}
using (var sid_buffer = sid.ToSafeBuffer())
{
return(SecurityNativeMethods.LsaOpenTrustedDomain(Handle, sid_buffer,
desired_access, out SafeLsaHandle handle).CreateResult(throw_on_error,
() => new LsaTrustedDomain(handle, desired_access, null, sid, QueryDomainInfo(sid_buffer), SystemName)));
}
}
internal static extern NtStatus LsaOpenTrustedDomainByName(
SafeLsaHandle PolicyHandle,
UnicodeString TrustedDomainName,
LsaTrustedDomainAccessRights DesiredAccess,
out SafeLsaHandle TrustedDomainHandle
);
internal static extern NtStatus LsaOpenTrustedDomain(
SafeLsaHandle PolicyHandle,
SafeSidBufferHandle TrustedDomainSid,
LsaTrustedDomainAccessRights DesiredAccess,
out SafeLsaHandle TrustedDomainHandle
);
/// <summary>
/// Enumerate and open accessible trusted domain objects in policy.
/// </summary>
/// <param name="desired_access">The desired access for the opened trusted domains.</param>
/// <returns>The list of accessible trusted domains.</returns>
public IReadOnlyList <LsaTrustedDomain> OpenAccessibleTrustedDomains(LsaTrustedDomainAccessRights desired_access)
{
return(OpenAccessibleTrustedDomains(desired_access, true).Result);
}
/// <summary>
/// Enumerate and open accessible trusted domain objects in policy.
/// </summary>
/// <param name="desired_access">The desired access for the opened trusted domains.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The list of accessible trusted domains.</returns>
public NtResult <IReadOnlyList <LsaTrustedDomain> > OpenAccessibleTrustedDomains(LsaTrustedDomainAccessRights desired_access, bool throw_on_error)
{
return(EnumerateTrustedDomains(throw_on_error).Map <IReadOnlyList <LsaTrustedDomain> >(e => e.Select(
s => OpenTrustedDomain(s.Name, s, desired_access, false).GetResultOrDefault()).Where(a => a != null).ToList().AsReadOnly()));
}
/// <summary>
/// Open trusted domain object.
/// </summary>
/// <param name="name">The name of the trusted domain.</param>
/// <param name="desired_access">The desired access for the object.</param>
/// <returns>The trusted domain object.</returns>
public LsaTrustedDomain OpenTrustedDomain(string name, LsaTrustedDomainAccessRights desired_access)
{
return(OpenTrustedDomain(name, desired_access, true).Result);
}
/// <summary>
/// Open trusted domain object.
/// </summary>
/// <param name="sid">The SID of the trusted domain.</param>
/// <param name="desired_access">The desired access for the object.</param>
/// <returns>The trusted domain object.</returns>
public LsaTrustedDomain OpenTrustedDomain(Sid sid, LsaTrustedDomainAccessRights desired_access)
{
return(OpenTrustedDomain(sid, desired_access, true).Result);
}
private NtResult <LsaTrustedDomain> OpenTrustedDomain(string name, LsaTrustedDomainInformation?domain_info, LsaTrustedDomainAccessRights desired_access, bool throw_on_error)
{
return(SecurityNativeMethods.LsaOpenTrustedDomainByName(Handle, new UnicodeString(name),
desired_access, out SafeLsaHandle handle).CreateResult(throw_on_error,
() => new LsaTrustedDomain(handle, desired_access, name, null, domain_info ?? QueryDomainInfo(name), SystemName)));
}
