private NtResult <SamDomain> OpenDomain(string domain_name, Sid domain_id, SamDomainAccessRights desired_access, bool throw_on_error)
{
using (var buffer = domain_id.ToSafeBuffer())
{
return(SecurityNativeMethods.SamOpenDomain(Handle, desired_access, buffer,
out SafeSamHandle domain_handle).CreateResult(throw_on_error,
() => new SamDomain(domain_handle, desired_access, ServerName, domain_name, domain_id)));
}
}
/// <summary>
/// Open a SAM domain object.
/// </summary>
/// <param name="name">The name of the domain.</param>
/// <param name="desired_access">The desired access for the object.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The SAM domain object.</returns>
public NtResult <SamDomain> OpenDomain(string name, SamDomainAccessRights desired_access, bool throw_on_error)
{
var domain_id = LookupDomain(name, throw_on_error);
if (!domain_id.IsSuccess)
{
return(domain_id.Cast <SamDomain>());
}
return(OpenDomain(name.ToUpper(), domain_id.Result, desired_access, throw_on_error));
}
internal SamDomain(SafeSamHandle handle, SamDomainAccessRights granted_access, string server_name, string domain_name, Sid domain_sid)
: base(handle, granted_access, SamUtils.SAM_DOMAIN_NT_TYPE_NAME, $"SAM Domain ({domain_name ?? domain_sid.ToString()})", server_name)
{
DomainId = domain_sid;
if (domain_name != null)
{
_name = new Lazy <string>(() => domain_name);
}
else
{
_name = new Lazy <string>(() => string.Empty);
}
}
/// <summary>
/// Opens the user domain on the server.
/// </summary>
/// <param name="desired_access">The desired access for the object.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The SAM domain object.</returns>
public NtResult <SamDomain> OpenUserDomain(SamDomainAccessRights desired_access, bool throw_on_error)
{
var domains = EnumerateDomains(throw_on_error);
if (!domains.IsSuccess)
{
return(domains.Cast <SamDomain>());
}
foreach (var domain in domains.Result)
{
var domain_id = LookupDomain(domain.Name, false).GetResultOrDefault();
if (domain_id is null || domain_id == KnownSids.Builtin)
{
continue;
}
return(OpenDomain(domain.Name, domain_id, desired_access, throw_on_error));
}
return(NtStatus.STATUS_OBJECT_NAME_NOT_FOUND.CreateResultFromError <SamDomain>(throw_on_error));
}
internal static extern NtStatus SamOpenDomain(
SafeSamHandle ServerHandle,
SamDomainAccessRights DesiredAccess,
SafeSidBufferHandle DomainId,
out SafeSamHandle DomainHandle
);
/// <summary>
/// Opens the user domain on the server.
/// </summary>
/// <param name="desired_access">The desired access for the object.</param>
/// <returns>The SAM domain object.</returns>
public SamDomain OpenUserDomain(SamDomainAccessRights desired_access)
{
return(OpenUserDomain(desired_access, true).Result);
}
/// <summary>
/// Opens the builtin domain on the server.
/// </summary>
/// <param name="desired_access">The desired access for the object.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The SAM domain object.</returns>
public NtResult <SamDomain> OpenBuiltinDomain(SamDomainAccessRights desired_access, bool throw_on_error)
{
return(OpenDomain("Builtin", KnownSids.Builtin, desired_access, throw_on_error));
}
/// <summary>
/// Enumerate and open accessible domain objects.
/// </summary>
/// <param name="desired_access">The desired access for the opened domains.</param>
/// <returns>The list of accessible domains.</returns>
public IReadOnlyList <SamDomain> OpenAccessibleDomains(SamDomainAccessRights desired_access)
{
return(OpenAccessibleDomains(desired_access, true).Result);
}
/// <summary>
/// Enumerate and open accessible domain objects.
/// </summary>
/// <param name="desired_access">The desired access for the opened domains.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The list of accessible domains.</returns>
public NtResult <IReadOnlyList <SamDomain> > OpenAccessibleDomains(SamDomainAccessRights desired_access, bool throw_on_error)
{
return(EnumerateDomains(throw_on_error).Map <IReadOnlyList <SamDomain> >(e => e.Select(
s => OpenDomain(s.Name, desired_access, false).GetResultOrDefault()).Where(a => a != null).ToList().AsReadOnly()));
}
/// <summary>
/// Open a SAM domain object.
/// </summary>
/// <param name="name">The name of the domain.</param>
/// <param name="desired_access">The desired access for the object.</param>
/// <returns>The SAM domain object.</returns>
public SamDomain OpenDomain(string name, SamDomainAccessRights desired_access)
{
return(OpenDomain(name, desired_access, true).Result);
}
/// <summary>
/// Open a SAM domain object.
/// </summary>
/// <param name="domain_id">The domain SID.</param>
/// <param name="desired_access">The desired access for the object.</param>
/// <returns>The SAM domain object.</returns>
public SamDomain OpenDomain(Sid domain_id, SamDomainAccessRights desired_access)
{
return(OpenDomain(domain_id, desired_access, true).Result);
}
/// <summary>
/// Open a SAM domain object.
/// </summary>
/// <param name="domain_id">The domain SID.</param>
/// <param name="desired_access">The desired access for the object.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The SAM domain object.</returns>
public NtResult <SamDomain> OpenDomain(Sid domain_id, SamDomainAccessRights desired_access, bool throw_on_error)
{
return(OpenDomain(null, domain_id, desired_access, throw_on_error));
}
internal SamDomain(SafeSamHandle handle, SamDomainAccessRights granted_access, string server_name, string domain_name, Sid domain_sid)
: base(handle, granted_access, SamUtils.SAM_DOMAIN_NT_TYPE_NAME, $"SAM Domain ({domain_name ?? domain_sid.ToString()})", server_name)
{
DomainId = domain_sid;
Name = domain_name ?? string.Empty;
}
