public static bool LookupAccountName( string strServer, string strAccountName, out SecurityIdentifier accountSid, out string strDomainName, out WinAPI.ADVAPI32.SidNameUse sidNameUse, out string error) { error = string.Empty; int win32Error; var retval = _LookupAccountName( strServer, strAccountName, out accountSid, out strDomainName, out sidNameUse, out win32Error ); if (win32Error != 0) { error = WindowsException.ErrorCodeToDescription(win32Error); } return(retval); }
public NTObject(string host, string name, SecurityIdentifier sid, WinAPI.ADVAPI32.SidNameUse sidNameUsage) { Host = host; Name = name; SID = sid; SidNameUsage = sidNameUsage; }
//public static bool LookupAccountName( // string strServer, // string strAccountName, // out SecurityIdentifier accountSid, // out string strDomainName, // out SidNameUse sidNameUse) { // string error; // return LookupAccountName( // strServer, // strAccountName, // out accountSid, // out strDomainName, // out sidNameUse, // out error // ); //} public bool TryReverseResolve( string accountName, out SecurityIdentifier resolvedSid, out string resolvedDomain, out WinAPI.ADVAPI32.SidNameUse sidNameUse, out string error) { error = string.Empty; bool retval = false; sidNameUse = WinAPI.ADVAPI32.SidNameUse.Invalid; resolvedSid = null; resolvedDomain = null; if (_resolvedNames.Keys.Contains(accountName)) { resolvedSid = _resolvedNames[accountName].Item1; resolvedDomain = _resolvedNames[accountName].Item2; sidNameUse = _resolvedNames[accountName].Item3; retval = true; } else { // go through each host and try to lookup the account name foreach (string host in _remoteHosts) { retval = LookupAccountName( host, accountName, out resolvedSid, out resolvedDomain, out sidNameUse, out error ); if (retval) { _resolvedNames[accountName] = new Tuple <SecurityIdentifier, string, WinAPI.ADVAPI32.SidNameUse>( resolvedSid, resolvedDomain, sidNameUse ); } } } return(retval); }
public static bool LookupAccountSid( string host, string sid, out string name, out string domain, out WinAPI.ADVAPI32.SidNameUse sidNameUse ) { name = null; domain = null; sidNameUse = WinAPI.ADVAPI32.SidNameUse.Invalid; var retval = false; var sidPtr = IntPtr.Zero; try { if (WinAPI.ADVAPI32.ConvertStringSidToSid(sid, out sidPtr)) { var nameBuilder = new StringBuilder(1024); var domainBuilder = new StringBuilder(1024); var nameCapacity = (uint)nameBuilder.Capacity; var domainCapacity = (uint)domainBuilder.Capacity; retval = WinAPI.ADVAPI32.LookupAccountSid( host, sidPtr, nameBuilder, ref nameCapacity, domainBuilder, ref domainCapacity, out sidNameUse ); name = nameBuilder.ToString(); domain = domainBuilder.ToString(); } } finally { if (sidPtr != IntPtr.Zero) { WinAPI.NETAPI32.NetApiBufferFree(sidPtr); } } return(retval); }
public bool TryTranslate( string remoteHost, string remoteName, WinAPI.ADVAPI32.SidNameUse remoteNameUse, out string translatedAccountName ) { ActionObserver.NotifyAction("Translating", remoteNameUse.ToString(), remoteName, string.Empty); bool retval = false; translatedAccountName = string.Empty; string key = string.Format("{0}\\{1}", remoteHost, remoteName); if (_translations.ContainsKey(key)) { translatedAccountName = _translations[key]; retval = true; } else { // attempt to resolve with local user/group of same name if (AccountExistsLocally(remoteName)) { _translations[key] = remoteName; translatedAccountName = _translations[key]; retval = true; ActionObserver.NotifyInformation("Translated remote account '{0}\\{1}' to already existing local account '{2}'", remoteHost, remoteName, translatedAccountName); } else if (_importObject) { #region Import remote object NTHost host = new NTHost(remoteHost); NTLocalObject obj; if (host.TryGetLocalObject(remoteName, out obj)) { if (obj is NTLocalUser) { NTLocalUser remoteUser = (NTLocalUser)obj; UserCopier userCopier = new UserCopier( true, false, _defaultPassword, false, ActionObserver ); NTLocalUser localUser = userCopier.CopyRemoteUserToLocalMachine(remoteUser); translatedAccountName = localUser.Name; ActionObserver.NotifyInformation("Copied and translated remote user '{0}\\{1}' to local group '{2}'", remoteHost, remoteName, translatedAccountName); } else if (obj is NTLocalGroup) { NTLocalGroup remoteGroup = (NTLocalGroup)obj; GroupCopier groupCopier = new GroupCopier( true, false, true, _defaultPassword, false, ActionObserver ); NTLocalGroup localGroup = groupCopier.CopyRemoteGroupToLocalMachine(remoteGroup); translatedAccountName = remoteGroup.Name; ActionObserver.NotifyInformation("Copied and translated remote group '{0}\\{1}' to local group '{2}'", remoteHost, remoteName, translatedAccountName); } } #endregion _translations[key] = translatedAccountName; retval = true; } } if (!retval) { ActionObserver.NotifyWarning("Failed to translate '{0}\\{1}' into a local object.", remoteHost, remoteName); } return(retval); }
/// <summary> /// Attempt to resolve a SID string into a symbolic name. /// </summary> /// <param name="sid">The string representation of the SID</param> /// <param name="remoteHost">The host which the name is defined at.</param> /// <param name="resolvedName">The name the SID resolves to on the host.</param> /// <param name="sidNameUse">What the host uses the name for.</param> /// <returns></returns> public bool TryResolve(string sid, out string remoteHost, out string resolvedName, out WinAPI.ADVAPI32.SidNameUse sidNameUse) { var retval = false; remoteHost = string.Empty; resolvedName = string.Empty; sidNameUse = WinAPI.ADVAPI32.SidNameUse.Alias; if (_resolvedSIDs.ContainsKey(sid)) { remoteHost = _resolvedSIDs[sid].Item1; resolvedName = _resolvedSIDs[sid].Item2; sidNameUse = _resolvedSIDs[sid].Item3; retval = true; } else { foreach (var host in _remoteHosts) { if (LookupAccountSid(host, sid, out resolvedName, out remoteHost, out sidNameUse)) { _resolvedSIDs[sid] = new Tuple <string, string, WinAPI.ADVAPI32.SidNameUse>( remoteHost, resolvedName, sidNameUse ); remoteHost = _resolvedSIDs[sid].Item1; resolvedName = _resolvedSIDs[sid].Item2; sidNameUse = _resolvedSIDs[sid].Item3; retval = true; break; } } } return(retval); }
private static bool _LookupAccountName( string strServer, string strAccountName, out SecurityIdentifier accountSid, out string strDomainName, out WinAPI.ADVAPI32.SidNameUse sidNameUse, out int win32Error) { win32Error = 0; var bRet = false; uint lDomainNameSize = 256; accountSid = null; strDomainName = ""; sidNameUse = 0; uint lSidSize = 0; var sid = IntPtr.Zero; // First get the required buffer sizes for SID and domain name. try { bRet = WinAPI.ADVAPI32.LookupAccountName( strServer, strAccountName, sid, ref lSidSize, null, ref lDomainNameSize, out sidNameUse ); if (!bRet) { var nErr = Marshal.GetLastWin32Error(); if (122 == nErr) // Buffer too small // Allocate the buffers with actual sizes that are required // for SID and domain name. { var strName = new StringBuilder((int)lDomainNameSize); sid = Marshal.AllocHGlobal((int)lSidSize); bRet = WinAPI.ADVAPI32.LookupAccountName( strServer, strAccountName, sid, ref lSidSize, strName, ref lDomainNameSize, out sidNameUse); if (bRet) { strDomainName = strName.ToString(); accountSid = new SecurityIdentifier(sid); } else { win32Error = Marshal.GetLastWin32Error(); } } else { win32Error = nErr; } } } finally { if (sid != IntPtr.Zero) { Marshal.FreeHGlobal(sid); } } return(bRet); }
/// <summary> /// Contructor. /// </summary> /// <param name="host">The name of the host this object was encountered in</param> /// <param name="domain">The name of the domain this object is defined in (should be different than host)</param> /// <param name="name">The name of this object</param> /// <param name="sid">The security identifier of ths object</param> /// <param name="sidNameUse">What the object actually is as it is defined in the domain</param> public NTRemoteObject(string host, string domain, string name, SecurityIdentifier sid, WinAPI.ADVAPI32.SidNameUse sidNameUse) : base(host, name, sid, sidNameUse) { Domain = domain; }
/// <summary> /// Contructor. /// </summary> /// <param name="host">The name of the host this object was encountered in</param> /// <param name="sid">The security identifier of ths object</param> /// <param name="sidNameUse">What the object actually is as it is defined in the domain</param> public NTDanglingObject(string host, SecurityIdentifier sid, WinAPI.ADVAPI32.SidNameUse sidNameUse) : base(host, string.Empty, sid, WinAPI.ADVAPI32.SidNameUse.Invalid) { NameUse = sidNameUse; }