public MsrpcSamrOpenDomain(SamrPolicyHandle handle, int access, Rpc.SidT sid, SamrDomainHandle domainHandle) : base(handle, access, sid, domainHandle) { Ptype = 0; Flags = DcerpcConstants.DcerpcFirstFrag | DcerpcConstants.DcerpcLastFrag; }
/// <exception cref="System.IO.IOException"></exception> public virtual Sid[] GetGroupMemberSids(string authorityServerName, NtlmPasswordAuthentication auth, int flags) { if (Type != SidTypeDomGrp && Type != SidTypeAlias) { return(new Sid[0]); } DcerpcHandle handle = null; SamrPolicyHandle policyHandle = null; SamrDomainHandle domainHandle = null; Sid domsid = GetDomainSid(); lock (SidCache) { try { handle = DcerpcHandle.GetHandle("ncacn_np:" + authorityServerName + "[\\PIPE\\samr]", auth); policyHandle = new SamrPolicyHandle(handle, authorityServerName, unchecked (0x00000030)); domainHandle = new SamrDomainHandle(handle, policyHandle, unchecked (0x00000200), domsid); return(GetGroupMemberSids0(handle, domainHandle, domsid, GetRid(), flags)); } finally { if (handle != null) { if (policyHandle != null) { if (domainHandle != null) { domainHandle.Close(); } policyHandle.Close(); } handle.Close(); } } } }
public MsrpcSamrConnect4(string server, int access, SamrPolicyHandle policyHandle ) : base(server, 2, access, policyHandle) { Ptype = 0; Flags = DcerpcConstants.DcerpcFirstFrag | DcerpcConstants.DcerpcLastFrag; }
public MsrpcSamrConnect4(string server, int access, SamrPolicyHandle policyHandle) : base(server, 2, access, policyHandle) { Ptype = 0; Flags = DcerpcConstants.DcerpcFirstFrag | DcerpcConstants.DcerpcLastFrag; }
/// <summary> /// This specialized method returns a Map of users and local groups for the /// target server where keys are SIDs representing an account and each value /// is an List<object> of SIDs represents the local groups that the account is /// a member of. /// </summary> /// <remarks> /// This specialized method returns a Map of users and local groups for the /// target server where keys are SIDs representing an account and each value /// is an List<object> of SIDs represents the local groups that the account is /// a member of. /// <p/> /// This method is designed to assist with computing access control for a /// given user when the target object's ACL has local groups. Local groups /// are not listed in a user's group membership (e.g. as represented by the /// tokenGroups constructed attribute retrived via LDAP). /// <p/> /// Domain groups nested inside a local group are currently not expanded. In /// this case the key (SID) type will be SID_TYPE_DOM_GRP rather than /// SID_TYPE_USER. /// </remarks> /// <param name="authorityServerName">The server from which the local groups will be queried. /// </param> /// <param name="auth">The credentials required to query groups and group members.</param> /// <param name="flags"> /// Flags that control the behavior of the operation. When all /// name associated with SIDs will be required, the SID_FLAG_RESOLVE_SIDS /// flag should be used which causes all group member SIDs to be resolved /// together in a single more efficient operation. /// </param> /// <exception cref="System.IO.IOException"></exception> internal static Hashtable GetLocalGroupsMap(string authorityServerName, NtlmPasswordAuthentication auth, int flags) { Sid domsid = GetServerSid(authorityServerName, auth); DcerpcHandle handle = null; SamrPolicyHandle policyHandle = null; SamrDomainHandle domainHandle = null; Samr.SamrSamArray sam = new Samr.SamrSamArray(); MsrpcEnumerateAliasesInDomain rpc; lock (SidCache) { try { handle = DcerpcHandle.GetHandle("ncacn_np:" + authorityServerName + "[\\PIPE\\samr]" , auth); policyHandle = new SamrPolicyHandle(handle, authorityServerName, unchecked (0x02000000)); domainHandle = new SamrDomainHandle(handle, policyHandle, unchecked (0x02000000), domsid); rpc = new MsrpcEnumerateAliasesInDomain(domainHandle, unchecked (0xFFFF), sam ); handle.Sendrecv(rpc); if (rpc.Retval != 0) { throw new SmbException(rpc.Retval, false); } Hashtable map = new Hashtable(); for (int ei = 0; ei < rpc.Sam.Count; ei++) { Samr.SamrSamEntry entry = rpc.Sam.Entries[ei]; Sid[] mems = GetGroupMemberSids0(handle, domainHandle, domsid , entry.Idx, flags); Sid groupSid = new Sid(domsid, entry.Idx); groupSid.Type = SidTypeAlias; groupSid.DomainName = domsid.GetDomainName(); groupSid.AcctName = (new UnicodeString(entry.Name, false)).ToString(); for (int mi = 0; mi < mems.Length; mi++) { List <object> groups = (List <object>)map.Get(mems[mi]); if (groups == null) { groups = new List <object>(); map.Put(mems[mi], groups); } if (!groups.Contains(groupSid)) { groups.Add(groupSid); } } } return(map); } finally { if (handle != null) { if (policyHandle != null) { if (domainHandle != null) { domainHandle.Close(); } policyHandle.Close(); } handle.Close(); } } } }