internal static void UpdateTrustDirection(DirectoryContext context, string sourceName, string targetName, string password, bool isForest, TrustDirection newTrustDirection)
{
PolicySafeHandle handle = null;
IntPtr zero = IntPtr.Zero;
LSA_UNICODE_STRING result = null;
IntPtr ptr = IntPtr.Zero;
bool flag = false;
LSA_AUTH_INFORMATION structure = null;
IntPtr fileTime = IntPtr.Zero;
IntPtr hglobal = IntPtr.Zero;
IntPtr ptr5 = IntPtr.Zero;
TRUSTED_DOMAIN_AUTH_INFORMATION trusted_domain_auth_information = null;
IntPtr s = IntPtr.Zero;
string serverName = null;
serverName = System.DirectoryServices.ActiveDirectory.Utils.GetPolicyServerName(context, isForest, false, sourceName);
flag = System.DirectoryServices.ActiveDirectory.Utils.Impersonate(context);
try
{
try
{
handle = new PolicySafeHandle(System.DirectoryServices.ActiveDirectory.Utils.GetPolicyHandle(serverName));
result = new LSA_UNICODE_STRING();
s = Marshal.StringToHGlobalUni(targetName);
UnsafeNativeMethods.RtlInitUnicodeString(result, s);
int status = UnsafeNativeMethods.LsaQueryTrustedDomainInfoByName(handle, result, TRUSTED_INFORMATION_CLASS.TrustedDomainFullInformation, ref zero);
if (status != 0)
{
int errorCode = UnsafeNativeMethods.LsaNtStatusToWinError(status);
if (errorCode != STATUS_OBJECT_NAME_NOT_FOUND)
{
throw ExceptionHelper.GetExceptionFromErrorCode(errorCode, serverName);
}
if (isForest)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("ForestTrustDoesNotExist", new object[] { sourceName, targetName }), typeof(ForestTrustRelationshipInformation), null);
}
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("DomainTrustDoesNotExist", new object[] { sourceName, targetName }), typeof(TrustRelationshipInformation), null);
}
TRUSTED_DOMAIN_FULL_INFORMATION trusted_domain_full_information = new TRUSTED_DOMAIN_FULL_INFORMATION();
Marshal.PtrToStructure(zero, trusted_domain_full_information);
ValidateTrustAttribute(trusted_domain_full_information.Information, isForest, sourceName, targetName);
structure = new LSA_AUTH_INFORMATION();
fileTime = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(FileTime)));
UnsafeNativeMethods.GetSystemTimeAsFileTime(fileTime);
FileTime time = new FileTime();
Marshal.PtrToStructure(fileTime, time);
structure.LastUpdateTime = new LARGE_INTEGER();
structure.LastUpdateTime.lowPart = time.lower;
structure.LastUpdateTime.highPart = time.higher;
structure.AuthType = TRUST_AUTH_TYPE_CLEAR;
hglobal = Marshal.StringToHGlobalUni(password);
structure.AuthInfo = hglobal;
structure.AuthInfoLength = password.Length * 2;
ptr5 = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(LSA_AUTH_INFORMATION)));
Marshal.StructureToPtr(structure, ptr5, false);
trusted_domain_auth_information = new TRUSTED_DOMAIN_AUTH_INFORMATION();
if ((newTrustDirection & TrustDirection.Inbound) != ((TrustDirection) 0))
{
trusted_domain_auth_information.IncomingAuthInfos = 1;
trusted_domain_auth_information.IncomingAuthenticationInformation = ptr5;
trusted_domain_auth_information.IncomingPreviousAuthenticationInformation = IntPtr.Zero;
}
else
{
trusted_domain_auth_information.IncomingAuthInfos = 0;
trusted_domain_auth_information.IncomingAuthenticationInformation = IntPtr.Zero;
trusted_domain_auth_information.IncomingPreviousAuthenticationInformation = IntPtr.Zero;
}
if ((newTrustDirection & TrustDirection.Outbound) != ((TrustDirection) 0))
{
trusted_domain_auth_information.OutgoingAuthInfos = 1;
trusted_domain_auth_information.OutgoingAuthenticationInformation = ptr5;
trusted_domain_auth_information.OutgoingPreviousAuthenticationInformation = IntPtr.Zero;
}
else
{
trusted_domain_auth_information.OutgoingAuthInfos = 0;
trusted_domain_auth_information.OutgoingAuthenticationInformation = IntPtr.Zero;
trusted_domain_auth_information.OutgoingPreviousAuthenticationInformation = IntPtr.Zero;
}
trusted_domain_full_information.AuthInformation = trusted_domain_auth_information;
trusted_domain_full_information.Information.TrustDirection = (int) newTrustDirection;
ptr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(TRUSTED_DOMAIN_FULL_INFORMATION)));
Marshal.StructureToPtr(trusted_domain_full_information, ptr, false);
status = UnsafeNativeMethods.LsaSetTrustedDomainInfoByName(handle, result, TRUSTED_INFORMATION_CLASS.TrustedDomainFullInformation, ptr);
if (status != 0)
{
throw ExceptionHelper.GetExceptionFromErrorCode(UnsafeNativeMethods.LsaNtStatusToWinError(status), serverName);
}
}
finally
{
if (flag)
{
System.DirectoryServices.ActiveDirectory.Utils.Revert();
}
if (s != IntPtr.Zero)
{
Marshal.FreeHGlobal(s);
}
if (zero != IntPtr.Zero)
{
UnsafeNativeMethods.LsaFreeMemory(zero);
}
if (ptr != IntPtr.Zero)
{
Marshal.FreeHGlobal(ptr);
}
if (fileTime != IntPtr.Zero)
{
Marshal.FreeHGlobal(fileTime);
}
if (hglobal != IntPtr.Zero)
{
Marshal.FreeHGlobal(hglobal);
}
if (ptr5 != IntPtr.Zero)
{
Marshal.FreeHGlobal(ptr5);
}
}
}
catch
{
throw;
}
}
internal static void UpdateTrustDirection(DirectoryContext context, string sourceName, string targetName, string password, bool isForest, TrustDirection newTrustDirection)
{
PolicySafeHandle handle = null;
IntPtr buffer = (IntPtr)0;
LSA_UNICODE_STRING trustedDomainName = null;
IntPtr newBuffer = (IntPtr)0;
bool impersonated = false;
LSA_AUTH_INFORMATION AuthData = null;
IntPtr fileTime = (IntPtr)0;
IntPtr unmanagedPassword = (IntPtr)0;
IntPtr unmanagedAuthData = (IntPtr)0;
TRUSTED_DOMAIN_AUTH_INFORMATION AuthInfoEx = null;
IntPtr target = (IntPtr)0;
string serverName = null;
serverName = Utils.GetPolicyServerName(context, isForest, false, sourceName);
impersonated = Utils.Impersonate(context);
try
{
try
{
// get the policy handle first
handle = new PolicySafeHandle(Utils.GetPolicyHandle(serverName));
// get the target name
trustedDomainName = new LSA_UNICODE_STRING();
target = Marshal.StringToHGlobalUni(targetName);
UnsafeNativeMethods.RtlInitUnicodeString(trustedDomainName, target);
// get the trusted domain information
int result = UnsafeNativeMethods.LsaQueryTrustedDomainInfoByName(handle, trustedDomainName, TRUSTED_INFORMATION_CLASS.TrustedDomainFullInformation, ref buffer);
if (result != 0)
{
int win32Error = UnsafeNativeMethods.LsaNtStatusToWinError(result);
// 2 ERROR_FILE_NOT_FOUND <--> 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND
if (win32Error == s_STATUS_OBJECT_NAME_NOT_FOUND)
{
if (isForest)
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.ForestTrustDoesNotExist, sourceName, targetName), typeof(ForestTrustRelationshipInformation), null);
else
throw new ActiveDirectoryObjectNotFoundException(Res.GetString(Res.DomainTrustDoesNotExist, sourceName, targetName), typeof(TrustRelationshipInformation), null);
}
else
throw ExceptionHelper.GetExceptionFromErrorCode(win32Error, serverName);
}
// get the managed structre representation
TRUSTED_DOMAIN_FULL_INFORMATION domainInfo = new TRUSTED_DOMAIN_FULL_INFORMATION();
Marshal.PtrToStructure(buffer, domainInfo);
// validate the trust attribute first
ValidateTrustAttribute(domainInfo.Information, isForest, sourceName, targetName);
// change the attribute value properly
AuthData = new LSA_AUTH_INFORMATION();
fileTime = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(FileTime)));
UnsafeNativeMethods.GetSystemTimeAsFileTime(fileTime);
// set the time
FileTime tmp = new FileTime();
Marshal.PtrToStructure(fileTime, tmp);
AuthData.LastUpdateTime = new LARGE_INTEGER();
AuthData.LastUpdateTime.lowPart = tmp.lower;
AuthData.LastUpdateTime.highPart = tmp.higher;
AuthData.AuthType = s_TRUST_AUTH_TYPE_CLEAR;
unmanagedPassword = Marshal.StringToHGlobalUni(password);
AuthData.AuthInfo = unmanagedPassword;
AuthData.AuthInfoLength = password.Length * 2;
unmanagedAuthData = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(LSA_AUTH_INFORMATION)));
Marshal.StructureToPtr(AuthData, unmanagedAuthData, false);
AuthInfoEx = new TRUSTED_DOMAIN_AUTH_INFORMATION();
if ((newTrustDirection & TrustDirection.Inbound) != 0)
{
AuthInfoEx.IncomingAuthInfos = 1;
AuthInfoEx.IncomingAuthenticationInformation = unmanagedAuthData;
AuthInfoEx.IncomingPreviousAuthenticationInformation = (IntPtr)0;
}
else
{
AuthInfoEx.IncomingAuthInfos = 0;
AuthInfoEx.IncomingAuthenticationInformation = (IntPtr)0;
AuthInfoEx.IncomingPreviousAuthenticationInformation = (IntPtr)0;
}
if ((newTrustDirection & TrustDirection.Outbound) != 0)
{
AuthInfoEx.OutgoingAuthInfos = 1;
AuthInfoEx.OutgoingAuthenticationInformation = unmanagedAuthData;
AuthInfoEx.OutgoingPreviousAuthenticationInformation = (IntPtr)0;
}
else
{
AuthInfoEx.OutgoingAuthInfos = 0;
AuthInfoEx.OutgoingAuthenticationInformation = (IntPtr)0;
AuthInfoEx.OutgoingPreviousAuthenticationInformation = (IntPtr)0;
}
// reconstruct the unmanaged structure to set it back
domainInfo.AuthInformation = AuthInfoEx;
// reset the trust direction
domainInfo.Information.TrustDirection = (int)newTrustDirection;
newBuffer = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(TRUSTED_DOMAIN_FULL_INFORMATION)));
Marshal.StructureToPtr(domainInfo, newBuffer, false);
result = UnsafeNativeMethods.LsaSetTrustedDomainInfoByName(handle, trustedDomainName, TRUSTED_INFORMATION_CLASS.TrustedDomainFullInformation, newBuffer);
if (result != 0)
{
throw ExceptionHelper.GetExceptionFromErrorCode(UnsafeNativeMethods.LsaNtStatusToWinError(result), serverName);
}
return;
}
finally
{
if (impersonated)
Utils.Revert();
if (target != (IntPtr)0)
Marshal.FreeHGlobal(target);
if (buffer != (IntPtr)0)
UnsafeNativeMethods.LsaFreeMemory(buffer);
if (newBuffer != (IntPtr)0)
Marshal.FreeHGlobal(newBuffer);
if (fileTime != (IntPtr)0)
Marshal.FreeHGlobal(fileTime);
if (unmanagedPassword != (IntPtr)0)
Marshal.FreeHGlobal(unmanagedPassword);
if (unmanagedAuthData != (IntPtr)0)
Marshal.FreeHGlobal(unmanagedAuthData);
}
}
catch { throw; }
}
internal static void UpdateTrustDirection(DirectoryContext context, string sourceName, string targetName, string password, bool isForest, TrustDirection newTrustDirection)
{
PolicySafeHandle handle = null;
IntPtr zero = IntPtr.Zero;
LSA_UNICODE_STRING result = null;
IntPtr ptr = IntPtr.Zero;
bool flag = false;
LSA_AUTH_INFORMATION structure = null;
IntPtr fileTime = IntPtr.Zero;
IntPtr hglobal = IntPtr.Zero;
IntPtr ptr5 = IntPtr.Zero;
TRUSTED_DOMAIN_AUTH_INFORMATION trusted_domain_auth_information = null;
IntPtr s = IntPtr.Zero;
string serverName = null;
serverName = System.DirectoryServices.ActiveDirectory.Utils.GetPolicyServerName(context, isForest, false, sourceName);
flag = System.DirectoryServices.ActiveDirectory.Utils.Impersonate(context);
try
{
try
{
handle = new PolicySafeHandle(System.DirectoryServices.ActiveDirectory.Utils.GetPolicyHandle(serverName));
result = new LSA_UNICODE_STRING();
s = Marshal.StringToHGlobalUni(targetName);
UnsafeNativeMethods.RtlInitUnicodeString(result, s);
int status = UnsafeNativeMethods.LsaQueryTrustedDomainInfoByName(handle, result, TRUSTED_INFORMATION_CLASS.TrustedDomainFullInformation, ref zero);
if (status != 0)
{
int errorCode = UnsafeNativeMethods.LsaNtStatusToWinError(status);
if (errorCode != STATUS_OBJECT_NAME_NOT_FOUND)
{
throw ExceptionHelper.GetExceptionFromErrorCode(errorCode, serverName);
}
if (isForest)
{
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("ForestTrustDoesNotExist", new object[] { sourceName, targetName }), typeof(ForestTrustRelationshipInformation), null);
}
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("DomainTrustDoesNotExist", new object[] { sourceName, targetName }), typeof(TrustRelationshipInformation), null);
}
TRUSTED_DOMAIN_FULL_INFORMATION trusted_domain_full_information = new TRUSTED_DOMAIN_FULL_INFORMATION();
Marshal.PtrToStructure(zero, trusted_domain_full_information);
ValidateTrustAttribute(trusted_domain_full_information.Information, isForest, sourceName, targetName);
structure = new LSA_AUTH_INFORMATION();
fileTime = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(FileTime)));
UnsafeNativeMethods.GetSystemTimeAsFileTime(fileTime);
FileTime time = new FileTime();
Marshal.PtrToStructure(fileTime, time);
structure.LastUpdateTime = new LARGE_INTEGER();
structure.LastUpdateTime.lowPart = time.lower;
structure.LastUpdateTime.highPart = time.higher;
structure.AuthType = TRUST_AUTH_TYPE_CLEAR;
hglobal = Marshal.StringToHGlobalUni(password);
structure.AuthInfo = hglobal;
structure.AuthInfoLength = password.Length * 2;
ptr5 = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(LSA_AUTH_INFORMATION)));
Marshal.StructureToPtr(structure, ptr5, false);
trusted_domain_auth_information = new TRUSTED_DOMAIN_AUTH_INFORMATION();
if ((newTrustDirection & TrustDirection.Inbound) != ((TrustDirection)0))
{
trusted_domain_auth_information.IncomingAuthInfos = 1;
trusted_domain_auth_information.IncomingAuthenticationInformation = ptr5;
trusted_domain_auth_information.IncomingPreviousAuthenticationInformation = IntPtr.Zero;
}
else
{
trusted_domain_auth_information.IncomingAuthInfos = 0;
trusted_domain_auth_information.IncomingAuthenticationInformation = IntPtr.Zero;
trusted_domain_auth_information.IncomingPreviousAuthenticationInformation = IntPtr.Zero;
}
if ((newTrustDirection & TrustDirection.Outbound) != ((TrustDirection)0))
{
trusted_domain_auth_information.OutgoingAuthInfos = 1;
trusted_domain_auth_information.OutgoingAuthenticationInformation = ptr5;
trusted_domain_auth_information.OutgoingPreviousAuthenticationInformation = IntPtr.Zero;
}
else
{
trusted_domain_auth_information.OutgoingAuthInfos = 0;
trusted_domain_auth_information.OutgoingAuthenticationInformation = IntPtr.Zero;
trusted_domain_auth_information.OutgoingPreviousAuthenticationInformation = IntPtr.Zero;
}
trusted_domain_full_information.AuthInformation = trusted_domain_auth_information;
trusted_domain_full_information.Information.TrustDirection = (int)newTrustDirection;
ptr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(TRUSTED_DOMAIN_FULL_INFORMATION)));
Marshal.StructureToPtr(trusted_domain_full_information, ptr, false);
status = UnsafeNativeMethods.LsaSetTrustedDomainInfoByName(handle, result, TRUSTED_INFORMATION_CLASS.TrustedDomainFullInformation, ptr);
if (status != 0)
{
throw ExceptionHelper.GetExceptionFromErrorCode(UnsafeNativeMethods.LsaNtStatusToWinError(status), serverName);
}
}
finally
{
if (flag)
{
System.DirectoryServices.ActiveDirectory.Utils.Revert();
}
if (s != IntPtr.Zero)
{
Marshal.FreeHGlobal(s);
}
if (zero != IntPtr.Zero)
{
UnsafeNativeMethods.LsaFreeMemory(zero);
}
if (ptr != IntPtr.Zero)
{
Marshal.FreeHGlobal(ptr);
}
if (fileTime != IntPtr.Zero)
{
Marshal.FreeHGlobal(fileTime);
}
if (hglobal != IntPtr.Zero)
{
Marshal.FreeHGlobal(hglobal);
}
if (ptr5 != IntPtr.Zero)
{
Marshal.FreeHGlobal(ptr5);
}
}
}
catch
{
throw;
}
}
internal static void UpdateTrustDirection(DirectoryContext context, string sourceName, string targetName, string password, bool isForest, TrustDirection newTrustDirection)
{
IntPtr intPtr = (IntPtr)0;
IntPtr intPtr1 = (IntPtr)0;
IntPtr intPtr2 = (IntPtr)0;
IntPtr hGlobalUni = (IntPtr)0;
IntPtr intPtr3 = (IntPtr)0;
IntPtr hGlobalUni1 = (IntPtr)0;
string policyServerName = Utils.GetPolicyServerName(context, isForest, false, sourceName);
bool flag = Utils.Impersonate(context);
try
{
try
{
PolicySafeHandle policySafeHandle = new PolicySafeHandle(Utils.GetPolicyHandle(policyServerName));
LSA_UNICODE_STRING lSAUNICODESTRING = new LSA_UNICODE_STRING();
hGlobalUni1 = Marshal.StringToHGlobalUni(targetName);
UnsafeNativeMethods.RtlInitUnicodeString(lSAUNICODESTRING, hGlobalUni1);
int num = UnsafeNativeMethods.LsaQueryTrustedDomainInfoByName(policySafeHandle, lSAUNICODESTRING, TRUSTED_INFORMATION_CLASS.TrustedDomainFullInformation, ref intPtr);
if (num == 0)
{
TRUSTED_DOMAIN_FULL_INFORMATION tRUSTEDDOMAINFULLINFORMATION = new TRUSTED_DOMAIN_FULL_INFORMATION();
Marshal.PtrToStructure(intPtr, tRUSTEDDOMAINFULLINFORMATION);
TrustHelper.ValidateTrustAttribute(tRUSTEDDOMAINFULLINFORMATION.Information, isForest, sourceName, targetName);
LSA_AUTH_INFORMATION lSAAUTHINFORMATION = new LSA_AUTH_INFORMATION();
intPtr2 = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(FileTime)));
UnsafeNativeMethods.GetSystemTimeAsFileTime(intPtr2);
FileTime fileTime = new FileTime();
Marshal.PtrToStructure(intPtr2, fileTime);
lSAAUTHINFORMATION.LastUpdateTime = new LARGE_INTEGER();
lSAAUTHINFORMATION.LastUpdateTime.lowPart = fileTime.lower;
lSAAUTHINFORMATION.LastUpdateTime.highPart = fileTime.higher;
lSAAUTHINFORMATION.AuthType = TrustHelper.TRUST_AUTH_TYPE_CLEAR;
hGlobalUni = Marshal.StringToHGlobalUni(password);
lSAAUTHINFORMATION.AuthInfo = hGlobalUni;
lSAAUTHINFORMATION.AuthInfoLength = password.Length * 2;
intPtr3 = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(LSA_AUTH_INFORMATION)));
Marshal.StructureToPtr(lSAAUTHINFORMATION, intPtr3, false);
TRUSTED_DOMAIN_AUTH_INFORMATION tRUSTEDDOMAINAUTHINFORMATION = new TRUSTED_DOMAIN_AUTH_INFORMATION();
if ((newTrustDirection & TrustDirection.Inbound) == 0)
{
tRUSTEDDOMAINAUTHINFORMATION.IncomingAuthInfos = 0;
tRUSTEDDOMAINAUTHINFORMATION.IncomingAuthenticationInformation = (IntPtr)0;
tRUSTEDDOMAINAUTHINFORMATION.IncomingPreviousAuthenticationInformation = (IntPtr)0;
}
else
{
tRUSTEDDOMAINAUTHINFORMATION.IncomingAuthInfos = 1;
tRUSTEDDOMAINAUTHINFORMATION.IncomingAuthenticationInformation = intPtr3;
tRUSTEDDOMAINAUTHINFORMATION.IncomingPreviousAuthenticationInformation = (IntPtr)0;
}
if ((newTrustDirection & TrustDirection.Outbound) == 0)
{
tRUSTEDDOMAINAUTHINFORMATION.OutgoingAuthInfos = 0;
tRUSTEDDOMAINAUTHINFORMATION.OutgoingAuthenticationInformation = (IntPtr)0;
tRUSTEDDOMAINAUTHINFORMATION.OutgoingPreviousAuthenticationInformation = (IntPtr)0;
}
else
{
tRUSTEDDOMAINAUTHINFORMATION.OutgoingAuthInfos = 1;
tRUSTEDDOMAINAUTHINFORMATION.OutgoingAuthenticationInformation = intPtr3;
tRUSTEDDOMAINAUTHINFORMATION.OutgoingPreviousAuthenticationInformation = (IntPtr)0;
}
tRUSTEDDOMAINFULLINFORMATION.AuthInformation = tRUSTEDDOMAINAUTHINFORMATION;
tRUSTEDDOMAINFULLINFORMATION.Information.TrustDirection = (int)newTrustDirection;
intPtr1 = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(TRUSTED_DOMAIN_FULL_INFORMATION)));
Marshal.StructureToPtr(tRUSTEDDOMAINFULLINFORMATION, intPtr1, false);
num = UnsafeNativeMethods.LsaSetTrustedDomainInfoByName(policySafeHandle, lSAUNICODESTRING, TRUSTED_INFORMATION_CLASS.TrustedDomainFullInformation, intPtr1);
if (num != 0)
{
throw ExceptionHelper.GetExceptionFromErrorCode(UnsafeNativeMethods.LsaNtStatusToWinError(num), policyServerName);
}
}
else
{
int winError = UnsafeNativeMethods.LsaNtStatusToWinError(num);
if (winError != TrustHelper.STATUS_OBJECT_NAME_NOT_FOUND)
{
throw ExceptionHelper.GetExceptionFromErrorCode(winError, policyServerName);
}
else
{
if (!isForest)
{
object[] objArray = new object[2];
objArray[0] = sourceName;
objArray[1] = targetName;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("DomainTrustDoesNotExist", objArray), typeof(TrustRelationshipInformation), null);
}
else
{
object[] objArray1 = new object[2];
objArray1[0] = sourceName;
objArray1[1] = targetName;
throw new ActiveDirectoryObjectNotFoundException(Res.GetString("ForestTrustDoesNotExist", objArray1), typeof(ForestTrustRelationshipInformation), null);
}
}
}
}
finally
{
if (flag)
{
Utils.Revert();
}
if (hGlobalUni1 != (IntPtr)0)
{
Marshal.FreeHGlobal(hGlobalUni1);
}
if (intPtr != (IntPtr)0)
{
UnsafeNativeMethods.LsaFreeMemory(intPtr);
}
if (intPtr1 != (IntPtr)0)
{
Marshal.FreeHGlobal(intPtr1);
}
if (intPtr2 != (IntPtr)0)
{
Marshal.FreeHGlobal(intPtr2);
}
if (hGlobalUni != (IntPtr)0)
{
Marshal.FreeHGlobal(hGlobalUni);
}
if (intPtr3 != (IntPtr)0)
{
Marshal.FreeHGlobal(intPtr3);
}
}
}
catch
{
throw;
}
}
internal static void UpdateTrustDirection(DirectoryContext context, string? sourceName, string? targetName, string password, bool isForest, TrustDirection newTrustDirection)
{
PolicySafeHandle? handle = null;
IntPtr buffer = (IntPtr)0;
LSA_UNICODE_STRING? trustedDomainName = null;
IntPtr newBuffer = (IntPtr)0;
bool impersonated = false;
LSA_AUTH_INFORMATION? AuthData = null;
IntPtr fileTime = (IntPtr)0;
IntPtr unmanagedPassword = (IntPtr)0;
IntPtr unmanagedAuthData = (IntPtr)0;
TRUSTED_DOMAIN_AUTH_INFORMATION? AuthInfoEx = null;
IntPtr target = (IntPtr)0;
string? serverName = null;
serverName = Utils.GetPolicyServerName(context, isForest, false, sourceName);
impersonated = Utils.Impersonate(context);
try
{
try
{
// get the policy handle first
handle = new PolicySafeHandle(Utils.GetPolicyHandle(serverName));
// get the target name
trustedDomainName = new LSA_UNICODE_STRING();
target = Marshal.StringToHGlobalUni(targetName);
UnsafeNativeMethods.RtlInitUnicodeString(trustedDomainName, target);
// get the trusted domain information
int result = UnsafeNativeMethods.LsaQueryTrustedDomainInfoByName(handle, trustedDomainName, TRUSTED_INFORMATION_CLASS.TrustedDomainFullInformation, ref buffer);
if (result != 0)
{
int win32Error = UnsafeNativeMethods.LsaNtStatusToWinError(result);
// 2 ERROR_FILE_NOT_FOUND <--> 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND
if (win32Error == STATUS_OBJECT_NAME_NOT_FOUND)
{
if (isForest)
throw new ActiveDirectoryObjectNotFoundException(SR.Format(SR.ForestTrustDoesNotExist, sourceName, targetName), typeof(ForestTrustRelationshipInformation), null);
else
throw new ActiveDirectoryObjectNotFoundException(SR.Format(SR.DomainTrustDoesNotExist, sourceName, targetName), typeof(TrustRelationshipInformation), null);
}
else
throw ExceptionHelper.GetExceptionFromErrorCode(win32Error, serverName);
}
// get the managed structre representation
TRUSTED_DOMAIN_FULL_INFORMATION domainInfo = new TRUSTED_DOMAIN_FULL_INFORMATION();
Marshal.PtrToStructure(buffer, domainInfo);
// validate the trust attribute first
ValidateTrustAttribute(domainInfo.Information!, isForest, sourceName, targetName);
// change the attribute value properly
AuthData = new LSA_AUTH_INFORMATION();
fileTime = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(FileTime)));
UnsafeNativeMethods.GetSystemTimeAsFileTime(fileTime);
// set the time
FileTime tmp = new FileTime();
Marshal.PtrToStructure(fileTime, tmp);
AuthData.LastUpdateTime = new LARGE_INTEGER();
AuthData.LastUpdateTime.lowPart = tmp.lower;
AuthData.LastUpdateTime.highPart = tmp.higher;
AuthData.AuthType = TRUST_AUTH_TYPE_CLEAR;
unmanagedPassword = Marshal.StringToHGlobalUni(password);
AuthData.AuthInfo = unmanagedPassword;
AuthData.AuthInfoLength = password.Length * 2;
unmanagedAuthData = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(LSA_AUTH_INFORMATION)));
Marshal.StructureToPtr(AuthData, unmanagedAuthData, false);
AuthInfoEx = new TRUSTED_DOMAIN_AUTH_INFORMATION();
if ((newTrustDirection & TrustDirection.Inbound) != 0)
{
AuthInfoEx.IncomingAuthInfos = 1;
AuthInfoEx.IncomingAuthenticationInformation = unmanagedAuthData;
AuthInfoEx.IncomingPreviousAuthenticationInformation = (IntPtr)0;
}
else
{
AuthInfoEx.IncomingAuthInfos = 0;
AuthInfoEx.IncomingAuthenticationInformation = (IntPtr)0;
AuthInfoEx.IncomingPreviousAuthenticationInformation = (IntPtr)0;
}
if ((newTrustDirection & TrustDirection.Outbound) != 0)
{
AuthInfoEx.OutgoingAuthInfos = 1;
AuthInfoEx.OutgoingAuthenticationInformation = unmanagedAuthData;
AuthInfoEx.OutgoingPreviousAuthenticationInformation = (IntPtr)0;
}
else
{
AuthInfoEx.OutgoingAuthInfos = 0;
AuthInfoEx.OutgoingAuthenticationInformation = (IntPtr)0;
AuthInfoEx.OutgoingPreviousAuthenticationInformation = (IntPtr)0;
}
// reconstruct the unmanaged structure to set it back
domainInfo.AuthInformation = AuthInfoEx;
// reset the trust direction
domainInfo.Information!.TrustDirection = (int)newTrustDirection;
newBuffer = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(TRUSTED_DOMAIN_FULL_INFORMATION)));
Marshal.StructureToPtr(domainInfo, newBuffer, false);
result = UnsafeNativeMethods.LsaSetTrustedDomainInfoByName(handle, trustedDomainName, TRUSTED_INFORMATION_CLASS.TrustedDomainFullInformation, newBuffer);
if (result != 0)
{
throw ExceptionHelper.GetExceptionFromErrorCode(UnsafeNativeMethods.LsaNtStatusToWinError(result), serverName);
}
return;
}
finally
{
if (impersonated)
Utils.Revert();
if (target != (IntPtr)0)
Marshal.FreeHGlobal(target);
if (buffer != (IntPtr)0)
UnsafeNativeMethods.LsaFreeMemory(buffer);
if (newBuffer != (IntPtr)0)
Marshal.FreeHGlobal(newBuffer);
if (fileTime != (IntPtr)0)
Marshal.FreeHGlobal(fileTime);
if (unmanagedPassword != (IntPtr)0)
Marshal.FreeHGlobal(unmanagedPassword);
if (unmanagedAuthData != (IntPtr)0)
Marshal.FreeHGlobal(unmanagedAuthData);
}
}
catch { throw; }
}
