public MsrpcEnumerateAliasesInDomain(SamrDomainHandle domainHandle, int acctFlags , Samr.SamrSamArray sam) : base(domainHandle, 0, acctFlags, null, 0) { this.Sam = sam; Ptype = 0; Flags = DcerpcConstants.DcerpcFirstFrag | DcerpcConstants.DcerpcLastFrag; }
public MsrpcSamrOpenDomain(SamrPolicyHandle handle, int access, Rpc.SidT sid, SamrDomainHandle domainHandle) : base(handle, access, sid, domainHandle) { Ptype = 0; Flags = DcerpcConstants.DcerpcFirstFrag | DcerpcConstants.DcerpcLastFrag; }
public MsrpcSamrOpenAlias(SamrDomainHandle handle, int access, int rid, SamrAliasHandle aliasHandle) : base(handle, access, rid, aliasHandle) { Ptype = 0; Flags = DcerpcConstants.DcerpcFirstFrag | DcerpcConstants.DcerpcLastFrag; }
/// <exception cref="System.IO.IOException"></exception> public virtual Sid[] GetGroupMemberSids(string authorityServerName, NtlmPasswordAuthentication auth, int flags) { if (Type != SidTypeDomGrp && Type != SidTypeAlias) { return(new Sid[0]); } DcerpcHandle handle = null; SamrPolicyHandle policyHandle = null; SamrDomainHandle domainHandle = null; Sid domsid = GetDomainSid(); lock (SidCache) { try { handle = DcerpcHandle.GetHandle("ncacn_np:" + authorityServerName + "[\\PIPE\\samr]", auth); policyHandle = new SamrPolicyHandle(handle, authorityServerName, unchecked (0x00000030)); domainHandle = new SamrDomainHandle(handle, policyHandle, unchecked (0x00000200), domsid); return(GetGroupMemberSids0(handle, domainHandle, domsid, GetRid(), flags)); } finally { if (handle != null) { if (policyHandle != null) { if (domainHandle != null) { domainHandle.Close(); } policyHandle.Close(); } handle.Close(); } } } }
/// <exception cref="System.IO.IOException"></exception> internal static Sid[] GetGroupMemberSids0(DcerpcHandle handle, SamrDomainHandle domainHandle, Sid domsid, int rid, int flags) { SamrAliasHandle aliasHandle = null; Lsarpc.LsarSidArray sidarray = new Lsarpc.LsarSidArray(); MsrpcGetMembersInAlias rpc = null; try { aliasHandle = new SamrAliasHandle(handle, domainHandle, unchecked (0x0002000c), rid); rpc = new MsrpcGetMembersInAlias(aliasHandle, sidarray); handle.Sendrecv(rpc); if (rpc.Retval != 0) { throw new SmbException(rpc.Retval, false); } Sid[] sids = new Sid[rpc.Sids.NumSids]; string originServer = handle.GetServer(); NtlmPasswordAuthentication originAuth = (NtlmPasswordAuthentication)handle.GetPrincipal(); for (int i = 0; i < sids.Length; i++) { sids[i] = new Sid(rpc.Sids.Sids[i].Sid, 0, null, null, false); sids[i].OriginServer = originServer; sids[i].OriginAuth = originAuth; } if (sids.Length > 0 && (flags & SidFlagResolveSids) != 0) { ResolveSids(originServer, originAuth, sids); } return(sids); } finally { if (aliasHandle != null) { aliasHandle.Close(); } } }
/// <summary> /// This specialized method returns a Map of users and local groups for the /// target server where keys are SIDs representing an account and each value /// is an List<object> of SIDs represents the local groups that the account is /// a member of. /// </summary> /// <remarks> /// This specialized method returns a Map of users and local groups for the /// target server where keys are SIDs representing an account and each value /// is an List<object> of SIDs represents the local groups that the account is /// a member of. /// <p/> /// This method is designed to assist with computing access control for a /// given user when the target object's ACL has local groups. Local groups /// are not listed in a user's group membership (e.g. as represented by the /// tokenGroups constructed attribute retrived via LDAP). /// <p/> /// Domain groups nested inside a local group are currently not expanded. In /// this case the key (SID) type will be SID_TYPE_DOM_GRP rather than /// SID_TYPE_USER. /// </remarks> /// <param name="authorityServerName">The server from which the local groups will be queried. /// </param> /// <param name="auth">The credentials required to query groups and group members.</param> /// <param name="flags"> /// Flags that control the behavior of the operation. When all /// name associated with SIDs will be required, the SID_FLAG_RESOLVE_SIDS /// flag should be used which causes all group member SIDs to be resolved /// together in a single more efficient operation. /// </param> /// <exception cref="System.IO.IOException"></exception> internal static Hashtable GetLocalGroupsMap(string authorityServerName, NtlmPasswordAuthentication auth, int flags) { Sid domsid = GetServerSid(authorityServerName, auth); DcerpcHandle handle = null; SamrPolicyHandle policyHandle = null; SamrDomainHandle domainHandle = null; Samr.SamrSamArray sam = new Samr.SamrSamArray(); MsrpcEnumerateAliasesInDomain rpc; lock (SidCache) { try { handle = DcerpcHandle.GetHandle("ncacn_np:" + authorityServerName + "[\\PIPE\\samr]" , auth); policyHandle = new SamrPolicyHandle(handle, authorityServerName, unchecked (0x02000000)); domainHandle = new SamrDomainHandle(handle, policyHandle, unchecked (0x02000000), domsid); rpc = new MsrpcEnumerateAliasesInDomain(domainHandle, unchecked (0xFFFF), sam ); handle.Sendrecv(rpc); if (rpc.Retval != 0) { throw new SmbException(rpc.Retval, false); } Hashtable map = new Hashtable(); for (int ei = 0; ei < rpc.Sam.Count; ei++) { Samr.SamrSamEntry entry = rpc.Sam.Entries[ei]; Sid[] mems = GetGroupMemberSids0(handle, domainHandle, domsid , entry.Idx, flags); Sid groupSid = new Sid(domsid, entry.Idx); groupSid.Type = SidTypeAlias; groupSid.DomainName = domsid.GetDomainName(); groupSid.AcctName = (new UnicodeString(entry.Name, false)).ToString(); for (int mi = 0; mi < mems.Length; mi++) { List <object> groups = (List <object>)map.Get(mems[mi]); if (groups == null) { groups = new List <object>(); map.Put(mems[mi], groups); } if (!groups.Contains(groupSid)) { groups.Add(groupSid); } } } return(map); } finally { if (handle != null) { if (policyHandle != null) { if (domainHandle != null) { domainHandle.Close(); } policyHandle.Close(); } handle.Close(); } } } }