private static IdentityReferenceCollection TranslateToNTAccounts(IdentityReferenceCollection sourceSids, out bool someFailed) { if (sourceSids == null) { throw new ArgumentNullException("sourceSids"); } if (sourceSids.Count == 0) { throw new ArgumentException(Environment.GetResourceString("Arg_EmptyCollection"), "sourceSids"); } IntPtr[] sids = new IntPtr[sourceSids.Count]; GCHandle[] gcHandleArray = new GCHandle[sourceSids.Count]; SafeLsaPolicyHandle handle = SafeLsaPolicyHandle.InvalidHandle; SafeLsaMemoryHandle invalidHandle1 = SafeLsaMemoryHandle.InvalidHandle; SafeLsaMemoryHandle invalidHandle2 = SafeLsaMemoryHandle.InvalidHandle; try { int index1 = 0; foreach (IdentityReference sourceSid in sourceSids) { SecurityIdentifier securityIdentifier = sourceSid as SecurityIdentifier; if (securityIdentifier == (SecurityIdentifier)null) { throw new ArgumentException(Environment.GetResourceString("Argument_ImproperType"), "sourceSids"); } gcHandleArray[index1] = GCHandle.Alloc((object)securityIdentifier.BinaryForm, GCHandleType.Pinned); sids[index1] = gcHandleArray[index1].AddrOfPinnedObject(); ++index1; } handle = System.Security.Principal.Win32.LsaOpenPolicy((string)null, PolicyRights.POLICY_LOOKUP_NAMES); someFailed = false; uint num = Win32Native.LsaLookupSids(handle, sourceSids.Count, sids, ref invalidHandle1, ref invalidHandle2); switch (num) { case 3221225495: case 3221225626: throw new OutOfMemoryException(); case 3221225506: throw new UnauthorizedAccessException(); case 3221225587: case 263: someFailed = true; goto case 0; case 0: invalidHandle2.Initialize((uint)sourceSids.Count, (uint)Marshal.SizeOf(typeof(Win32Native.LSA_TRANSLATED_NAME))); System.Security.Principal.Win32.InitializeReferencedDomainsPointer(invalidHandle1); IdentityReferenceCollection referenceCollection = new IdentityReferenceCollection(sourceSids.Count); if ((int)num == 0 || (int)num == 263) { Win32Native.LSA_REFERENCED_DOMAIN_LIST referencedDomainList = invalidHandle1.Read <Win32Native.LSA_REFERENCED_DOMAIN_LIST>(0UL); string[] strArray = new string[referencedDomainList.Entries]; for (int index2 = 0; index2 < referencedDomainList.Entries; ++index2) { Win32Native.LSA_TRUST_INFORMATION trustInformation = (Win32Native.LSA_TRUST_INFORMATION)Marshal.PtrToStructure(new IntPtr((long)referencedDomainList.Domains + (long)(index2 * Marshal.SizeOf(typeof(Win32Native.LSA_TRUST_INFORMATION)))), typeof(Win32Native.LSA_TRUST_INFORMATION)); strArray[index2] = Marshal.PtrToStringUni(trustInformation.Name.Buffer, (int)trustInformation.Name.Length / 2); } Win32Native.LSA_TRANSLATED_NAME[] array = new Win32Native.LSA_TRANSLATED_NAME[sourceSids.Count]; invalidHandle2.ReadArray <Win32Native.LSA_TRANSLATED_NAME>(0UL, array, 0, array.Length); for (int index2 = 0; index2 < sourceSids.Count; ++index2) { Win32Native.LSA_TRANSLATED_NAME lsaTranslatedName = array[index2]; switch (lsaTranslatedName.Use) { case 1: case 2: case 4: case 5: case 9: string stringUni = Marshal.PtrToStringUni(lsaTranslatedName.Name.Buffer, (int)lsaTranslatedName.Name.Length / 2); string domainName = strArray[lsaTranslatedName.DomainIndex]; referenceCollection.Add((IdentityReference) new NTAccount(domainName, stringUni)); break; default: someFailed = true; referenceCollection.Add(sourceSids[index2]); break; } } } else { for (int index2 = 0; index2 < sourceSids.Count; ++index2) { referenceCollection.Add(sourceSids[index2]); } } return(referenceCollection); default: throw new SystemException(Win32Native.GetMessage(Win32Native.LsaNtStatusToWinError((int)num))); } } finally { for (int index = 0; index < sourceSids.Count; ++index) { if (gcHandleArray[index].IsAllocated) { gcHandleArray[index].Free(); } } handle.Dispose(); invalidHandle1.Dispose(); invalidHandle2.Dispose(); } }
private static IdentityReferenceCollection TranslateToNTAccounts(IdentityReferenceCollection sourceSids, out bool someFailed) { IdentityReferenceCollection references2; if (sourceSids == null) { throw new ArgumentNullException("sourceSids"); } if (sourceSids.Count == 0) { throw new ArgumentException(Environment.GetResourceString("Arg_EmptyCollection"), "sourceSids"); } IntPtr[] sids = new IntPtr[sourceSids.Count]; GCHandle[] handleArray = new GCHandle[sourceSids.Count]; SafeLsaPolicyHandle invalidHandle = SafeLsaPolicyHandle.InvalidHandle; SafeLsaMemoryHandle referencedDomains = SafeLsaMemoryHandle.InvalidHandle; SafeLsaMemoryHandle names = SafeLsaMemoryHandle.InvalidHandle; try { int index = 0; foreach (IdentityReference reference in sourceSids) { SecurityIdentifier identifier = reference as SecurityIdentifier; if (identifier == null) { throw new ArgumentException(Environment.GetResourceString("Argument_ImproperType"), "sourceSids"); } handleArray[index] = GCHandle.Alloc(identifier.BinaryForm, GCHandleType.Pinned); sids[index] = handleArray[index].AddrOfPinnedObject(); index++; } invalidHandle = Win32.LsaOpenPolicy(null, PolicyRights.POLICY_LOOKUP_NAMES); someFailed = false; uint num2 = Win32Native.LsaLookupSids(invalidHandle, sourceSids.Count, sids, ref referencedDomains, ref names); switch (num2) { case 0xc0000017: case 0xc000009a: throw new OutOfMemoryException(); case 0xc0000022: throw new UnauthorizedAccessException(); } if ((num2 == 0xc0000073) || (num2 == 0x107)) { someFailed = true; } else if (num2 != 0) { throw new SystemException(Win32Native.GetMessage(Win32Native.LsaNtStatusToWinError((int)num2))); } names.Initialize((uint)sourceSids.Count, (uint)Marshal.SizeOf(typeof(Win32Native.LSA_TRANSLATED_NAME))); Win32.InitializeReferencedDomainsPointer(referencedDomains); IdentityReferenceCollection references = new IdentityReferenceCollection(sourceSids.Count); if ((num2 == 0) || (num2 == 0x107)) { Win32Native.LSA_REFERENCED_DOMAIN_LIST lsa_referenced_domain_list = referencedDomains.Read <Win32Native.LSA_REFERENCED_DOMAIN_LIST>(0L); string[] strArray = new string[lsa_referenced_domain_list.Entries]; for (int i = 0; i < lsa_referenced_domain_list.Entries; i++) { Win32Native.LSA_TRUST_INFORMATION lsa_trust_information = (Win32Native.LSA_TRUST_INFORMATION)Marshal.PtrToStructure(new IntPtr(((long)lsa_referenced_domain_list.Domains) + (i * Marshal.SizeOf(typeof(Win32Native.LSA_TRUST_INFORMATION)))), typeof(Win32Native.LSA_TRUST_INFORMATION)); strArray[i] = Marshal.PtrToStringUni(lsa_trust_information.Name.Buffer, lsa_trust_information.Name.Length / 2); } Win32Native.LSA_TRANSLATED_NAME[] array = new Win32Native.LSA_TRANSLATED_NAME[sourceSids.Count]; names.ReadArray <Win32Native.LSA_TRANSLATED_NAME>(0L, array, 0, array.Length); for (int j = 0; j < sourceSids.Count; j++) { Win32Native.LSA_TRANSLATED_NAME lsa_translated_name = array[j]; switch (lsa_translated_name.Use) { case 1: case 2: case 4: case 5: case 9: { string accountName = Marshal.PtrToStringUni(lsa_translated_name.Name.Buffer, lsa_translated_name.Name.Length / 2); string domainName = strArray[lsa_translated_name.DomainIndex]; references.Add(new NTAccount(domainName, accountName)); continue; } } someFailed = true; references.Add(sourceSids[j]); } } else { for (int k = 0; k < sourceSids.Count; k++) { references.Add(sourceSids[k]); } } references2 = references; } finally { for (int m = 0; m < sourceSids.Count; m++) { if (handleArray[m].IsAllocated) { handleArray[m].Free(); } } invalidHandle.Dispose(); referencedDomains.Dispose(); names.Dispose(); } return(references2); }
[System.Security.SecurityCritical] // auto-generated private static IdentityReferenceCollection TranslateToNTAccounts(IdentityReferenceCollection sourceSids, out bool someFailed) { if (sourceSids == null) { throw new ArgumentNullException("sourceSids"); } if (sourceSids.Count == 0) { throw new ArgumentException(Environment.GetResourceString("Arg_EmptyCollection"), "sourceSids"); } Contract.EndContractBlock(); IntPtr[] SidArrayPtr = new IntPtr[sourceSids.Count]; GCHandle[] HandleArray = new GCHandle[sourceSids.Count]; SafeLsaPolicyHandle LsaHandle = SafeLsaPolicyHandle.InvalidHandle; SafeLsaMemoryHandle ReferencedDomainsPtr = SafeLsaMemoryHandle.InvalidHandle; SafeLsaMemoryHandle NamesPtr = SafeLsaMemoryHandle.InvalidHandle; try { // // Pin all elements in the array of SIDs // int currentSid = 0; foreach (IdentityReference id in sourceSids) { SecurityIdentifier sid = id as SecurityIdentifier; if (sid == null) { throw new ArgumentException(Environment.GetResourceString("Argument_ImproperType"), "sourceSids"); } HandleArray[currentSid] = GCHandle.Alloc(sid.BinaryForm, GCHandleType.Pinned); SidArrayPtr[currentSid] = HandleArray[currentSid].AddrOfPinnedObject(); currentSid++; } // // Open LSA policy (for lookup requires it) // LsaHandle = Win32.LsaOpenPolicy(null, PolicyRights.POLICY_LOOKUP_NAMES); // // Perform the actual lookup // someFailed = false; uint ReturnCode; ReturnCode = Win32Native.LsaLookupSids(LsaHandle, sourceSids.Count, SidArrayPtr, ref ReferencedDomainsPtr, ref NamesPtr); // // Make a decision regarding whether it makes sense to proceed // based on the return code and the value of the forceSuccess argument // if (ReturnCode == Win32Native.STATUS_NO_MEMORY || ReturnCode == Win32Native.STATUS_INSUFFICIENT_RESOURCES) { throw new OutOfMemoryException(); } else if (ReturnCode == Win32Native.STATUS_ACCESS_DENIED) { throw new UnauthorizedAccessException(); } else if (ReturnCode == Win32Native.STATUS_NONE_MAPPED || ReturnCode == Win32Native.STATUS_SOME_NOT_MAPPED) { someFailed = true; } else if (ReturnCode != 0) { int win32ErrorCode = Win32Native.LsaNtStatusToWinError(unchecked ((int)ReturnCode)); Contract.Assert(false, string.Format(CultureInfo.InvariantCulture, "Win32Native.LsaLookupSids returned {0}", win32ErrorCode)); throw new SystemException(Win32Native.GetMessage(win32ErrorCode)); } NamesPtr.Initialize((uint)sourceSids.Count, (uint)Marshal.SizeOf(typeof(Win32Native.LSA_TRANSLATED_NAME))); Win32.InitializeReferencedDomainsPointer(ReferencedDomainsPtr); // // Interpret the results and generate NTAccount objects // IdentityReferenceCollection Result = new IdentityReferenceCollection(sourceSids.Count); if (ReturnCode == 0 || ReturnCode == Win32Native.STATUS_SOME_NOT_MAPPED) { // // Interpret the results and generate NT Account objects // Win32Native.LSA_REFERENCED_DOMAIN_LIST rdl = ReferencedDomainsPtr.Read <Win32Native.LSA_REFERENCED_DOMAIN_LIST>(0); string[] ReferencedDomains = new string[rdl.Entries]; for (int i = 0; i < rdl.Entries; i++) { Win32Native.LSA_TRUST_INFORMATION ti = (Win32Native.LSA_TRUST_INFORMATION)Marshal.PtrToStructure(new IntPtr(( long )rdl.Domains + i * Marshal.SizeOf(typeof(Win32Native.LSA_TRUST_INFORMATION))), typeof(Win32Native.LSA_TRUST_INFORMATION)); ReferencedDomains[i] = Marshal.PtrToStringUni(ti.Name.Buffer, ti.Name.Length / sizeof(char)); } Win32Native.LSA_TRANSLATED_NAME[] translatedNames = new Win32Native.LSA_TRANSLATED_NAME[sourceSids.Count]; NamesPtr.ReadArray(0, translatedNames, 0, translatedNames.Length); for (int i = 0; i < sourceSids.Count; i++) { Win32Native.LSA_TRANSLATED_NAME Ltn = translatedNames[i]; switch ((SidNameUse)Ltn.Use) { case SidNameUse.User: case SidNameUse.Group: case SidNameUse.Alias: case SidNameUse.Computer: case SidNameUse.WellKnownGroup: string account = Marshal.PtrToStringUni(Ltn.Name.Buffer, Ltn.Name.Length / sizeof(char));; string domain = ReferencedDomains[Ltn.DomainIndex]; Result.Add(new NTAccount(domain, account)); break; default: someFailed = true; Result.Add(sourceSids[i]); break; } } } else { for (int i = 0; i < sourceSids.Count; i++) { Result.Add(sourceSids[i]); } } return(Result); } finally { for (int i = 0; i < sourceSids.Count; i++) { if (HandleArray[i].IsAllocated) { HandleArray[i].Free(); } } LsaHandle.Dispose(); ReferencedDomainsPtr.Dispose(); NamesPtr.Dispose(); } }
private static IdentityReferenceCollection TranslateToNTAccounts(IdentityReferenceCollection sourceSids, out bool someFailed) { if (sourceSids == null) { throw new ArgumentNullException("sourceSids"); } if (sourceSids.Count == 0) { throw new ArgumentException(Environment.GetResourceString("Arg_EmptyCollection"), "sourceSids"); } IntPtr[] array = new IntPtr[sourceSids.Count]; GCHandle[] array2 = new GCHandle[sourceSids.Count]; SafeLsaPolicyHandle safeLsaPolicyHandle = SafeLsaPolicyHandle.InvalidHandle; SafeLsaMemoryHandle invalidHandle = SafeLsaMemoryHandle.InvalidHandle; SafeLsaMemoryHandle invalidHandle2 = SafeLsaMemoryHandle.InvalidHandle; IdentityReferenceCollection result; try { int num = 0; foreach (IdentityReference identityReference in sourceSids) { SecurityIdentifier securityIdentifier = identityReference as SecurityIdentifier; if (securityIdentifier == null) { throw new ArgumentException(Environment.GetResourceString("Argument_ImproperType"), "sourceSids"); } array2[num] = GCHandle.Alloc(securityIdentifier.BinaryForm, GCHandleType.Pinned); array[num] = array2[num].AddrOfPinnedObject(); num++; } safeLsaPolicyHandle = Win32.LsaOpenPolicy(null, PolicyRights.POLICY_LOOKUP_NAMES); someFailed = false; uint num2 = Win32Native.LsaLookupSids(safeLsaPolicyHandle, sourceSids.Count, array, ref invalidHandle, ref invalidHandle2); if (num2 == 3221225495U || num2 == 3221225626U) { throw new OutOfMemoryException(); } if (num2 == 3221225506U) { throw new UnauthorizedAccessException(); } if (num2 == 3221225587U || num2 == 263U) { someFailed = true; } else if (num2 != 0U) { int errorCode = Win32Native.LsaNtStatusToWinError((int)num2); throw new SystemException(Win32Native.GetMessage(errorCode)); } invalidHandle2.Initialize((uint)sourceSids.Count, (uint)Marshal.SizeOf(typeof(Win32Native.LSA_TRANSLATED_NAME))); Win32.InitializeReferencedDomainsPointer(invalidHandle); IdentityReferenceCollection identityReferenceCollection = new IdentityReferenceCollection(sourceSids.Count); if (num2 == 0U || num2 == 263U) { Win32Native.LSA_REFERENCED_DOMAIN_LIST lsa_REFERENCED_DOMAIN_LIST = invalidHandle.Read <Win32Native.LSA_REFERENCED_DOMAIN_LIST>(0UL); string[] array3 = new string[lsa_REFERENCED_DOMAIN_LIST.Entries]; for (int i = 0; i < lsa_REFERENCED_DOMAIN_LIST.Entries; i++) { Win32Native.LSA_TRUST_INFORMATION lsa_TRUST_INFORMATION = (Win32Native.LSA_TRUST_INFORMATION)Marshal.PtrToStructure(new IntPtr((long)lsa_REFERENCED_DOMAIN_LIST.Domains + (long)(i * Marshal.SizeOf(typeof(Win32Native.LSA_TRUST_INFORMATION)))), typeof(Win32Native.LSA_TRUST_INFORMATION)); array3[i] = Marshal.PtrToStringUni(lsa_TRUST_INFORMATION.Name.Buffer, (int)(lsa_TRUST_INFORMATION.Name.Length / 2)); } Win32Native.LSA_TRANSLATED_NAME[] array4 = new Win32Native.LSA_TRANSLATED_NAME[sourceSids.Count]; invalidHandle2.ReadArray <Win32Native.LSA_TRANSLATED_NAME>(0UL, array4, 0, array4.Length); int j = 0; while (j < sourceSids.Count) { Win32Native.LSA_TRANSLATED_NAME lsa_TRANSLATED_NAME = array4[j]; switch (lsa_TRANSLATED_NAME.Use) { case 1: case 2: case 4: case 5: case 9: { string accountName = Marshal.PtrToStringUni(lsa_TRANSLATED_NAME.Name.Buffer, (int)(lsa_TRANSLATED_NAME.Name.Length / 2)); string domainName = array3[lsa_TRANSLATED_NAME.DomainIndex]; identityReferenceCollection.Add(new NTAccount(domainName, accountName)); break; } case 3: case 6: case 7: case 8: goto IL_2C4; default: goto IL_2C4; } IL_2D6: j++; continue; IL_2C4: someFailed = true; identityReferenceCollection.Add(sourceSids[j]); goto IL_2D6; } } else { for (int k = 0; k < sourceSids.Count; k++) { identityReferenceCollection.Add(sourceSids[k]); } } result = identityReferenceCollection; } finally { for (int l = 0; l < sourceSids.Count; l++) { if (array2[l].IsAllocated) { array2[l].Free(); } } safeLsaPolicyHandle.Dispose(); invalidHandle.Dispose(); invalidHandle2.Dispose(); } return(result); }