///<summary>Get all rights for a specific principal</summary> public UserRight[] EnumerateAccountRights(IdentityReference principal) { IntPtr userRights = IntPtr.Zero; ulong count = 0; List <UserRight> assignedUserRights = new List <UserRight>(); try { uint ntStatus = 0; using (Win32SecurityIdentifier securityIdentifier = new Win32SecurityIdentifier(principal)) { ntStatus = UnsafeNativeMethods.LsaEnumerateAccountRights( lsaHandle, securityIdentifier.address, out userRights, out count ); } if (ntStatus == STATUS_OBJECT_NAME_NOT_FOUND) { return(assignedUserRights.ToArray()); } TestNtStatus(ntStatus); } catch { throw; } for (int i = 0; i < (int)count; i++) { LSA_UNICODE_STRING userRight = (LSA_UNICODE_STRING)Marshal.PtrToStructure( IntPtr.Add(userRights, i * Marshal.SizeOf(typeof(LSA_UNICODE_STRING))), typeof(LSA_UNICODE_STRING) ); assignedUserRights.Add((UserRight)Enum.Parse(typeof(UserRight), userRight.Buffer)); } UnsafeNativeMethods.LsaFreeMemory(userRights); return(assignedUserRights.ToArray()); }
///<summary>Creates an instance of LSA_UNICODE_STRING</summary> private static LSA_UNICODE_STRING ConvertToLsaUnicodeString(string value) { // Unicode strings max. 32KB if (value.Length > 0x7ffe) { throw new ArgumentException("String value must not exceed 32KB"); } LSA_UNICODE_STRING unicodeString = new LSA_UNICODE_STRING(); if (String.IsNullOrWhiteSpace(value)) { return(unicodeString); } unicodeString.Buffer = value; unicodeString.Length = (ushort)(value.Length * sizeof(char)); unicodeString.MaximumLength = (ushort)(unicodeString.Length + sizeof(char)); return(unicodeString); }
///<summary>Creates an instance of the Lsa class for the specified computerName.</summary> public Lsa(string computerName) { try { LSA_OBJECT_ATTRIBUTES lsaAttr = new LSA_OBJECT_ATTRIBUTES(); lsaAttr.Length = Marshal.SizeOf(typeof(LSA_OBJECT_ATTRIBUTES)); LSA_UNICODE_STRING computer = ConvertToLsaUnicodeString(computerName); uint ntStatus = UnsafeNativeMethods.LsaOpenPolicy( computer, ref lsaAttr, (int)LsaPolicyAccess.POLICY_ALL_ACCESS, out lsaHandle ); TestNtStatus(ntStatus); } catch { throw; } }
internal static extern uint LsaOpenPolicy( LSA_UNICODE_STRING SystemName, ref LSA_OBJECT_ATTRIBUTES ObjectAttributes, int AccessMask, out IntPtr PolicyHandle );
internal static extern uint LsaEnumerateAccountsWithUserRight( IntPtr PolicyHandle, LSA_UNICODE_STRING UserRights, out IntPtr EnumerationBuffer, out ulong CountReturned );