Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / Principal / SID.cs / 1305376 / SID.cs
// ==++== // // Copyright (c) Microsoft Corporation. All rights reserved. // // ==--== //[....] // using System; using System.Globalization; using System.Runtime.CompilerServices; using System.Runtime.InteropServices; using System.Security.Permissions; using System.Text; using Microsoft.Win32; using Microsoft.Win32.SafeHandles; using System.Diagnostics.Contracts; namespace System.Security.Principal { // // Identifier authorities // internal enum IdentifierAuthority : long { NullAuthority = 0, WorldAuthority = 1, LocalAuthority = 2, CreatorAuthority = 3, NonUniqueAuthority = 4, NTAuthority = 5, SiteServerAuthority = 6, InternetSiteAuthority = 7, ExchangeAuthority = 8, ResourceManagerAuthority = 9, } // // SID name usage // internal enum SidNameUse { User = 1, Group = 2, Domain = 3, Alias = 4, WellKnownGroup = 5, DeletedAccount = 6, Invalid = 7, Unknown = 8, Computer = 9, } // // Well-known SID types // [System.Runtime.InteropServices.ComVisible(false)] public enum WellKnownSidType { NullSid = 0, WorldSid = 1, LocalSid = 2, CreatorOwnerSid = 3, CreatorGroupSid = 4, CreatorOwnerServerSid = 5, CreatorGroupServerSid = 6, NTAuthoritySid = 7, DialupSid = 8, NetworkSid = 9, BatchSid = 10, InteractiveSid = 11, ServiceSid = 12, AnonymousSid = 13, ProxySid = 14, EnterpriseControllersSid = 15, SelfSid = 16, AuthenticatedUserSid = 17, RestrictedCodeSid = 18, TerminalServerSid = 19, RemoteLogonIdSid = 20, LogonIdsSid = 21, LocalSystemSid = 22, LocalServiceSid = 23, NetworkServiceSid = 24, BuiltinDomainSid = 25, BuiltinAdministratorsSid = 26, BuiltinUsersSid = 27, BuiltinGuestsSid = 28, BuiltinPowerUsersSid = 29, BuiltinAccountOperatorsSid = 30, BuiltinSystemOperatorsSid = 31, BuiltinPrintOperatorsSid = 32, BuiltinBackupOperatorsSid = 33, BuiltinReplicatorSid = 34, BuiltinPreWindows2000CompatibleAccessSid = 35, BuiltinRemoteDesktopUsersSid = 36, BuiltinNetworkConfigurationOperatorsSid = 37, AccountAdministratorSid = 38, AccountGuestSid = 39, AccountKrbtgtSid = 40, AccountDomainAdminsSid = 41, AccountDomainUsersSid = 42, AccountDomainGuestsSid = 43, AccountComputersSid = 44, AccountControllersSid = 45, AccountCertAdminsSid = 46, AccountSchemaAdminsSid = 47, AccountEnterpriseAdminsSid = 48, AccountPolicyAdminsSid = 49, AccountRasAndIasServersSid = 50, NtlmAuthenticationSid = 51, DigestAuthenticationSid = 52, SChannelAuthenticationSid = 53, ThisOrganizationSid = 54, OtherOrganizationSid = 55, BuiltinIncomingForestTrustBuildersSid = 56, BuiltinPerformanceMonitoringUsersSid = 57, BuiltinPerformanceLoggingUsersSid = 58, BuiltinAuthorizationAccessSid = 59, WinBuiltinTerminalServerLicenseServersSid= 60, MaxDefined = WinBuiltinTerminalServerLicenseServersSid, } // // This class implements revision 1 SIDs // NOTE: The SecurityIdentifier class is immutable and must remain this way // [System.Runtime.InteropServices.ComVisible(false)] public sealed class SecurityIdentifier : IdentityReference, IComparable{ #region Public Constants // // Identifier authority must be at most six bytes long // internal static readonly long MaxIdentifierAuthority = 0xFFFFFFFFFFFF; // // Maximum number of subauthorities in a SID // internal static readonly byte MaxSubAuthorities = 15; // // Minimum length of a binary representation of a SID // public static readonly int MinBinaryLength = 1 + 1 + 6; // Revision (1) + subauth count (1) + identifier authority (6) // // Maximum length of a binary representation of a SID // public static readonly int MaxBinaryLength = 1 + 1 + 6 + MaxSubAuthorities * 4; // 4 bytes for each subauth #endregion #region Private Members // // Immutable properties of a SID // private IdentifierAuthority _IdentifierAuthority; private int[] _SubAuthorities; private byte[] _BinaryForm; private SecurityIdentifier _AccountDomainSid; bool _AccountDomainSidInitialized = false; // // Computed attributes of a SID // private string _SddlForm = null; #endregion #region Constructors // // Shared constructor logic // NOTE: subauthorities are really unsigned integers, but due to CLS // lack of support for unsigned integers the caller must perform // the typecast // private void CreateFromParts( IdentifierAuthority identifierAuthority, int[] subAuthorities ) { if ( subAuthorities == null ) { throw new ArgumentNullException( "subAuthorities" ); } Contract.EndContractBlock(); // // Check the number of subauthorities passed in // if ( subAuthorities.Length > MaxSubAuthorities ) { throw new ArgumentOutOfRangeException( "subAuthorities.Length", subAuthorities.Length, Environment.GetResourceString( "IdentityReference_InvalidNumberOfSubauthorities", MaxSubAuthorities)); } // // Identifier authority is atmost 6 bytes long // if ( identifierAuthority < 0 || (long) identifierAuthority > MaxIdentifierAuthority ) { throw new ArgumentOutOfRangeException( "identifierAuthority", identifierAuthority, Environment.GetResourceString( "IdentityReference_IdentifierAuthorityTooLarge" )); } // // Create a local copy of the data passed in // _IdentifierAuthority = identifierAuthority; _SubAuthorities = new int[ subAuthorities.Length ]; subAuthorities.CopyTo( _SubAuthorities, 0 ); // // Compute and store the binary form // // typedef struct _SID { // UCHAR Revision; // UCHAR SubAuthorityCount; // SID_IDENTIFIER_AUTHORITY IdentifierAuthority; // ULONG SubAuthority[ANYSIZE_ARRAY] // } SID, *PISID; // byte i; _BinaryForm = new byte[1 + 1 + 6 + 4 * this.SubAuthorityCount]; // // First two bytes contain revision and subauthority count // _BinaryForm[0] = Revision; _BinaryForm[1] = ( byte )this.SubAuthorityCount; // // Identifier authority takes up 6 bytes // for ( i = 0; i < 6; i++ ) { _BinaryForm[2+i] = ( byte )(((( ulong )this._IdentifierAuthority ) >> (( 5 - i ) * 8 )) & 0xFF ) ; } // // Subauthorities go last, preserving big-endian representation // for ( i = 0; i < this.SubAuthorityCount; i++ ) { byte shift; for ( shift = 0; shift < 4; shift += 1 ) { _BinaryForm[8 + 4*i + shift] = ( byte )((( ulong )_SubAuthorities[i] ) >> ( shift * 8 )); } } } private void CreateFromBinaryForm( byte[] binaryForm, int offset ) { // // Give us something to work with // if ( binaryForm == null ) { throw new ArgumentNullException( "binaryForm" ); } // // Negative offsets are not allowed // if ( offset < 0 ) { throw new ArgumentOutOfRangeException( "offset", offset, Environment.GetResourceString( "ArgumentOutOfRange_NeedNonNegNum" )); } // // At least a minimum-size SID should fit in the buffer // if ( binaryForm.Length - offset < SecurityIdentifier.MinBinaryLength ) { throw new ArgumentOutOfRangeException( "binaryForm", Environment.GetResourceString( "ArgumentOutOfRange_ArrayTooSmall" )); } Contract.EndContractBlock(); IdentifierAuthority Authority; int[] SubAuthorities; // // Extract the elements of a SID // if ( binaryForm[offset] != Revision ) { // // Revision is incorrect // throw new ArgumentException( Environment.GetResourceString( "IdentityReference_InvalidSidRevision" ), "binaryForm" ); } // // Insist on the correct number of subauthorities // if ( binaryForm[offset + 1] > MaxSubAuthorities ) { throw new ArgumentException( Environment.GetResourceString( "IdentityReference_InvalidNumberOfSubauthorities", MaxSubAuthorities ), "binaryForm" ); } // // Make sure the buffer is big enough // int Length = 1 + 1 + 6 + 4 * binaryForm[offset + 1]; if ( binaryForm.Length - offset < Length ) { throw new ArgumentException( Environment.GetResourceString( "ArgumentOutOfRange_ArrayTooSmall" ), "binaryForm" ); } Authority = ( IdentifierAuthority )( ((( long )binaryForm[offset + 2]) << 40 ) + ((( long )binaryForm[offset + 3]) << 32 ) + ((( long )binaryForm[offset + 4]) << 24 ) + ((( long )binaryForm[offset + 5]) << 16 ) + ((( long )binaryForm[offset + 6]) << 8 ) + ((( long )binaryForm[offset + 7]) )); SubAuthorities = new int[binaryForm[offset + 1]]; // // Subauthorities are represented in big-endian format // for ( byte i = 0; i < binaryForm[offset + 1]; i++ ) { SubAuthorities[i] = ( int )( ((( uint )binaryForm[offset + 8 + 4*i + 0]) << 0 ) + ((( uint )binaryForm[offset + 8 + 4*i + 1]) << 8 ) + ((( uint )binaryForm[offset + 8 + 4*i + 2]) << 16 ) + ((( uint )binaryForm[offset + 8 + 4*i + 3]) << 24 )); } CreateFromParts( Authority, SubAuthorities ); return; } // // Constructs a SecurityIdentifier object from its string representation // Returns 'null' if string passed in is not a valid SID // NOTE: although there is a P/Invoke call involved in the implementation of this method, // there is no security risk involved, so no security demand is being made. // [System.Security.SecuritySafeCritical] // auto-generated public SecurityIdentifier( string sddlForm ) { byte[] resultSid; // // Give us something to work with // if ( sddlForm == null ) { throw new ArgumentNullException( "sddlForm" ); } Contract.EndContractBlock(); // // Call into the underlying O/S conversion routine // int Error = Win32.CreateSidFromString( sddlForm, out resultSid ); if ( Error == Win32Native.ERROR_INVALID_SID ) { throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidValue" ), "sddlForm" ); } else if ( Error == Win32Native.ERROR_NOT_ENOUGH_MEMORY ) { throw new OutOfMemoryException(); } else if ( Error != Win32Native.ERROR_SUCCESS ) { Contract.Assert( false, string.Format( CultureInfo.InvariantCulture, "Win32.CreateSidFromString returned unrecognized error {0}", Error )); throw new SystemException(Win32Native.GetMessage(Error)); } CreateFromBinaryForm( resultSid, 0 ); } // // Constructs a SecurityIdentifier object from its binary representation // public SecurityIdentifier( byte[] binaryForm, int offset ) { CreateFromBinaryForm( binaryForm, offset ); } // // Constructs a SecurityIdentifier object from an IntPtr // [System.Security.SecuritySafeCritical] // auto-generated [SecurityPermission(SecurityAction.Demand, UnmanagedCode=true)] public SecurityIdentifier( IntPtr binaryForm ) : this( binaryForm, true ) { } [System.Security.SecurityCritical] // auto-generated internal SecurityIdentifier( IntPtr binaryForm, bool noDemand ) : this( Win32.ConvertIntPtrSidToByteArraySid( binaryForm ), 0 ) { } // // Constructs a well-known SID // The 'domainSid' parameter is optional and only used // by the well-known types that require it // NOTE: although there is a P/Invoke call involved in the implementation of this constructor, // there is no security risk involved, so no security demand is being made. // [System.Security.SecuritySafeCritical] // auto-generated public SecurityIdentifier( WellKnownSidType sidType, SecurityIdentifier domainSid ) { // // sidType must not be equal to LogonIdsSid // if (sidType == WellKnownSidType.LogonIdsSid) { throw new ArgumentException(Environment.GetResourceString("IdentityReference_CannotCreateLogonIdsSid"), "sidType"); } Contract.EndContractBlock(); byte[] resultSid; int Error; // // Check if well known sids are supported on this platform // if (!Win32.WellKnownSidApisSupported) { throw new PlatformNotSupportedException( Environment.GetResourceString( "PlatformNotSupported_RequiresW2kSP3" )); } // // sidType should not exceed the max defined value // if ((sidType < WellKnownSidType.NullSid) || (sidType > WellKnownSidType.MaxDefined)) { throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidValue" ), "sidType" ); } // // for sidType between 38 to 50, the domainSid parameter must be specified // if ((sidType >= WellKnownSidType.AccountAdministratorSid) && (sidType <= WellKnownSidType.AccountRasAndIasServersSid)) { if (domainSid == null) { throw new ArgumentNullException( "domainSid", Environment.GetResourceString( "IdentityReference_DomainSidRequired", sidType) ); } // // verify that the domain sid is a valid windows domain sid // to do that we call GetAccountDomainSid and the return value should be the same as the domainSid // SecurityIdentifier resultDomainSid; int ErrorCode; ErrorCode = Win32.GetWindowsAccountDomainSid( domainSid, out resultDomainSid ); if ( ErrorCode == Win32Native.ERROR_INSUFFICIENT_BUFFER ) { throw new OutOfMemoryException(); } else if ( ErrorCode == Win32Native.ERROR_NON_ACCOUNT_SID ) { // this means that the domain sid is not valid throw new ArgumentException( Environment.GetResourceString( "IdentityReference_NotAWindowsDomain" ), "domainSid" ); } else if ( ErrorCode != Win32Native.ERROR_SUCCESS ) { Contract.Assert( false, string.Format( CultureInfo.InvariantCulture, "Win32.GetWindowsAccountDomainSid returned unrecognized error {0}", ErrorCode) ); throw new SystemException(Win32Native.GetMessage(ErrorCode)); } // // if domainSid is passed in as S-1-5-21-3-4-5-6, the above api will return S-1-5-21-3-4-5 as the domainSid // Since these do not match S-1-5-21-3-4-5-6 is not a valid domainSid (wrong number of subauthorities) // if (resultDomainSid != domainSid) { throw new ArgumentException( Environment.GetResourceString( "IdentityReference_NotAWindowsDomain" ), "domainSid" ); } } Error = Win32.CreateWellKnownSid( sidType, domainSid, out resultSid ); if ( Error == Win32Native.ERROR_INVALID_PARAMETER ) { throw new ArgumentException( Win32Native.GetMessage(Error), "sidType/domainSid" ); } else if ( Error != Win32Native.ERROR_SUCCESS ) { Contract.Assert( false, string.Format( CultureInfo.InvariantCulture, "Win32.CreateWellKnownSid returned unrecognized error {0}", Error )); throw new SystemException( Win32Native.GetMessage( Error )); } CreateFromBinaryForm( resultSid, 0 ); } internal SecurityIdentifier( SecurityIdentifier domainSid, uint rid ) { int i; int[] SubAuthorities = new int[ domainSid.SubAuthorityCount + 1 ]; for ( i = 0; i < domainSid.SubAuthorityCount; i++ ) { SubAuthorities[i] = domainSid.GetSubAuthority( i ); } SubAuthorities[i] = ( int )rid; CreateFromParts( domainSid.IdentifierAuthority, SubAuthorities ); } internal SecurityIdentifier( IdentifierAuthority identifierAuthority, int[] subAuthorities ) { CreateFromParts( identifierAuthority, subAuthorities ); } #endregion #region Static Properties // // Revision is always '1' // internal static byte Revision { get { return 1; } } #endregion #region Non-static Properties // // This is for internal consumption only, hence it is marked 'internal' // Making this call public would require a deep copy of the data to // prevent the caller from messing with the internal representation. // internal byte[] BinaryForm { get { return _BinaryForm; } } internal IdentifierAuthority IdentifierAuthority { get { return _IdentifierAuthority; } } internal int SubAuthorityCount { get { return _SubAuthorities.Length; } } public int BinaryLength { get { return _BinaryForm.Length; } } // // Returns the domain portion of a SID or null if the specified // SID is not an account SID // NOTE: although there is a P/Invoke call involved in the implementation of this method, // there is no security risk involved, so no security demand is being made. // public SecurityIdentifier AccountDomainSid { [System.Security.SecuritySafeCritical] // auto-generated get { if ( !_AccountDomainSidInitialized ) { _AccountDomainSid = GetAccountDomainSid(); _AccountDomainSidInitialized = true; } return _AccountDomainSid; } } #endregion #region Inherited properties and methods public override bool Equals( object o ) { if ( o == null ) { return false; } SecurityIdentifier sid = o as SecurityIdentifier; if ( sid == null ) { return false; } return ( this == sid ); // invokes operator== } public bool Equals( SecurityIdentifier sid ) { if ( sid == null ) { return false; } return ( this == sid ); // invokes operator== } public override int GetHashCode() { int hashCode = ((long)this.IdentifierAuthority).GetHashCode(); for(int i = 0; i < SubAuthorityCount; i++) { hashCode ^= this.GetSubAuthority(i); } return hashCode; } public override string ToString() { if ( _SddlForm == null ) { StringBuilder result = new StringBuilder(); // // Typecasting of _IdentifierAuthority to a long below is important, since // otherwise you would see this: "S-1-NTAuthority-32-544" // result.AppendFormat( "S-1-{0}", ( long )_IdentifierAuthority ); for ( int i = 0; i < SubAuthorityCount; i++ ) { result.AppendFormat( "-{0}", ( uint )( _SubAuthorities[i] )); } _SddlForm = result.ToString(); } return _SddlForm; } #if false public override string Scheme { get { return "ms-sid"; } } #endif public override string Value { get { return ToString().ToUpper(CultureInfo.InvariantCulture); } } internal static bool IsValidTargetTypeStatic( Type targetType ) { if ( targetType == typeof( NTAccount )) { return true; } else if ( targetType == typeof( SecurityIdentifier )) { return true; } else { return false; } } public override bool IsValidTargetType( Type targetType ) { return IsValidTargetTypeStatic( targetType ); } [System.Security.SecurityCritical] // auto-generated internal SecurityIdentifier GetAccountDomainSid() { SecurityIdentifier ResultSid; int Error; Error = Win32.GetWindowsAccountDomainSid( this, out ResultSid ); if ( Error == Win32Native.ERROR_INSUFFICIENT_BUFFER ) { throw new OutOfMemoryException(); } else if ( Error == Win32Native.ERROR_NON_ACCOUNT_SID ) { ResultSid = null; } else if ( Error != Win32Native.ERROR_SUCCESS ) { Contract.Assert( false, string.Format( CultureInfo.InvariantCulture, "Win32.GetWindowsAccountDomainSid returned unrecognized error {0}", Error) ); throw new SystemException(Win32Native.GetMessage(Error)); } return ResultSid; } [System.Security.SecuritySafeCritical] // auto-generated public bool IsAccountSid() { if ( !_AccountDomainSidInitialized ) { _AccountDomainSid = GetAccountDomainSid(); _AccountDomainSidInitialized = true; } if (_AccountDomainSid == null) { return false; } return true; } [SecurityPermission(SecurityAction.Demand, ControlPrincipal = true)] [SecuritySafeCritical] public override IdentityReference Translate( Type targetType ) { if ( targetType == null ) { throw new ArgumentNullException( "targetType" ); } Contract.EndContractBlock(); if ( targetType == typeof( SecurityIdentifier )) { return this; // assumes SecurityIdentifier objects are immutable } else if ( targetType == typeof( NTAccount )) { IdentityReferenceCollection irSource = new IdentityReferenceCollection( 1 ); irSource.Add( this ); IdentityReferenceCollection irTarget; irTarget = SecurityIdentifier.Translate( irSource, targetType, true ); return irTarget[0]; } else { throw new ArgumentException( Environment.GetResourceString( "IdentityReference_MustBeIdentityReference" ), "targetType" ); } } #endregion #region Operators public static bool operator== ( SecurityIdentifier left, SecurityIdentifier right ) { object l = left; object r = right; if ( l == null && r == null ) { return true; } else if ( l == null || r == null ) { return false; } else { return ( left.CompareTo( right ) == 0 ); } } public static bool operator!= ( SecurityIdentifier left, SecurityIdentifier right ) { return !( left == right ); } #endregion #region IComparable implementation public int CompareTo( SecurityIdentifier sid ) { if ( sid == null ) { throw new ArgumentNullException( "sid" ); } Contract.EndContractBlock(); if ( this.IdentifierAuthority < sid.IdentifierAuthority ) { return -1; } if ( this.IdentifierAuthority > sid.IdentifierAuthority ) { return 1; } if ( this.SubAuthorityCount < sid.SubAuthorityCount ) { return -1; } if ( this.SubAuthorityCount > sid.SubAuthorityCount ) { return 1; } for ( int i = 0; i < this.SubAuthorityCount; i++ ) { int diff = this.GetSubAuthority( i ) - sid.GetSubAuthority( i ); if ( diff != 0 ) { return diff; } } return 0; } #endregion #region Public Methods internal int GetSubAuthority( int index ) { return this._SubAuthorities[ index ]; } // // Determines whether this SID is a well known SID of the specified type // // NOTE: although there is a P/Invoke call involved in the implementation of this method, // there is no security risk involved, so no security demand is being made. // [System.Security.SecuritySafeCritical] // auto-generated public bool IsWellKnown( WellKnownSidType type ) { return Win32.IsWellKnownSid( this, type ); } public void GetBinaryForm( byte[] binaryForm, int offset ) { _BinaryForm.CopyTo( binaryForm, offset ); } // // NOTE: although there is a P/Invoke call involved in the implementation of this method, // there is no security risk involved, so no security demand is being made. // [System.Security.SecuritySafeCritical] // auto-generated public bool IsEqualDomainSid( SecurityIdentifier sid ) { return Win32.IsEqualDomainSid( this, sid ); } [System.Security.SecurityCritical] // auto-generated private static IdentityReferenceCollection TranslateToNTAccounts( IdentityReferenceCollection sourceSids, out bool someFailed ) { if (sourceSids == null) { throw new ArgumentNullException("sourceSids"); } if (sourceSids.Count == 0) { throw new ArgumentException(Environment.GetResourceString("Arg_EmptyCollection"), "sourceSids"); } Contract.EndContractBlock(); IntPtr[] SidArrayPtr = new IntPtr[sourceSids.Count]; GCHandle[] HandleArray = new GCHandle[ sourceSids.Count ]; SafeLsaPolicyHandle LsaHandle = SafeLsaPolicyHandle.InvalidHandle; SafeLsaMemoryHandle ReferencedDomainsPtr = SafeLsaMemoryHandle.InvalidHandle; SafeLsaMemoryHandle NamesPtr = SafeLsaMemoryHandle.InvalidHandle; try { // // Pin all elements in the array of SIDs // int currentSid = 0; foreach ( IdentityReference id in sourceSids ) { SecurityIdentifier sid = id as SecurityIdentifier; if ( sid == null ) { throw new ArgumentException( Environment.GetResourceString( "Argument_ImproperType" ), "sourceSids" ); } HandleArray[currentSid] = GCHandle.Alloc(sid.BinaryForm, GCHandleType.Pinned); SidArrayPtr[currentSid] = HandleArray[currentSid].AddrOfPinnedObject(); currentSid++; } // // Open LSA policy (for lookup requires it) // LsaHandle = Win32.LsaOpenPolicy( null, PolicyRights.POLICY_LOOKUP_NAMES ); // // Perform the actual lookup // someFailed = false; uint ReturnCode; ReturnCode = Win32Native.LsaLookupSids( LsaHandle, sourceSids.Count, SidArrayPtr, ref ReferencedDomainsPtr, ref NamesPtr ); // // Make a decision regarding whether it makes sense to proceed // based on the return code and the value of the forceSuccess argument // if ( ReturnCode == Win32Native.STATUS_NO_MEMORY || ReturnCode == Win32Native.STATUS_INSUFFICIENT_RESOURCES ) { throw new OutOfMemoryException(); } else if ( ReturnCode == Win32Native.STATUS_ACCESS_DENIED ) { throw new UnauthorizedAccessException(); } else if ( ReturnCode == Win32Native.STATUS_NONE_MAPPED || ReturnCode == Win32Native.STATUS_SOME_NOT_MAPPED ) { someFailed = true; } else if ( ReturnCode != 0 ) { int win32ErrorCode = Win32Native.LsaNtStatusToWinError(unchecked((int)ReturnCode)); Contract.Assert( false, string.Format( CultureInfo.InvariantCulture, "Win32Native.LsaLookupSids returned {0}", win32ErrorCode)); throw new SystemException(Win32Native.GetMessage(win32ErrorCode)); } NamesPtr.Initialize((uint)sourceSids.Count, (uint)Marshal.SizeOf(typeof(Win32Native.LSA_TRANSLATED_NAME))); Win32.InitializeReferencedDomainsPointer(ReferencedDomainsPtr); // // Interpret the results and generate NTAccount objects // IdentityReferenceCollection Result = new IdentityReferenceCollection( sourceSids.Count ); if ( ReturnCode == 0 || ReturnCode == Win32Native.STATUS_SOME_NOT_MAPPED ) { // // Interpret the results and generate NT Account objects // Win32Native.LSA_REFERENCED_DOMAIN_LIST rdl = ReferencedDomainsPtr.Read (0); string[] ReferencedDomains = new string[ rdl.Entries ]; for (int i = 0; i < rdl.Entries; i++) { Win32Native.LSA_TRUST_INFORMATION ti = ( Win32Native.LSA_TRUST_INFORMATION )Marshal.PtrToStructure( new IntPtr(( long )rdl.Domains + i * Marshal.SizeOf( typeof( Win32Native.LSA_TRUST_INFORMATION ))), typeof( Win32Native.LSA_TRUST_INFORMATION )); ReferencedDomains[i] = Marshal.PtrToStringUni(ti.Name.Buffer, ti.Name.Length / sizeof(char)); } Win32Native.LSA_TRANSLATED_NAME[] translatedNames = new Win32Native.LSA_TRANSLATED_NAME[sourceSids.Count]; NamesPtr.ReadArray(0, translatedNames, 0, translatedNames.Length); for (int i = 0; i < sourceSids.Count; i++) { Win32Native.LSA_TRANSLATED_NAME Ltn = translatedNames[i]; switch ((SidNameUse)Ltn.Use) { case SidNameUse.User: case SidNameUse.Group: case SidNameUse.Alias: case SidNameUse.Computer: case SidNameUse.WellKnownGroup: string account = Marshal.PtrToStringUni(Ltn.Name.Buffer, Ltn.Name.Length / sizeof(char)); ; string domain = ReferencedDomains[Ltn.DomainIndex]; Result.Add( new NTAccount( domain, account )); break; default: someFailed = true; Result.Add( sourceSids[i] ); break; } } } else { for (int i = 0; i < sourceSids.Count; i++) { Result.Add( sourceSids[i] ); } } return Result; } finally { for (int i = 0; i < sourceSids.Count; i++) { if ( HandleArray[i].IsAllocated ) { HandleArray[i].Free(); } } LsaHandle.Dispose(); ReferencedDomainsPtr.Dispose(); NamesPtr.Dispose(); } } [System.Security.SecurityCritical] // auto-generated internal static IdentityReferenceCollection Translate( IdentityReferenceCollection sourceSids, Type targetType, bool forceSuccess) { bool SomeFailed = false; IdentityReferenceCollection Result; Result = Translate( sourceSids, targetType, out SomeFailed ); if (forceSuccess && SomeFailed) { IdentityReferenceCollection UnmappedIdentities = new IdentityReferenceCollection(); foreach (IdentityReference id in Result) { if (id.GetType() != targetType) { UnmappedIdentities.Add(id); } } throw new IdentityNotMappedException(Environment.GetResourceString("IdentityReference_IdentityNotMapped"), UnmappedIdentities); } return Result; } [System.Security.SecurityCritical] // auto-generated internal static IdentityReferenceCollection Translate( IdentityReferenceCollection sourceSids, Type targetType, out bool someFailed ) { if ( sourceSids == null ) { throw new ArgumentNullException( "sourceSids" ); } Contract.EndContractBlock(); if ( targetType == typeof( NTAccount )) { return TranslateToNTAccounts( sourceSids, out someFailed ); } throw new ArgumentException( Environment.GetResourceString( "IdentityReference_MustBeIdentityReference" ), "targetType" ); } #endregion } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- MediaEntryAttribute.cs
- SegmentInfo.cs
- ColorTypeConverter.cs
- CodeSnippetStatement.cs
- FixedTextSelectionProcessor.cs
- LoginName.cs
- SmiXetterAccessMap.cs
- RectangleHotSpot.cs
- CollectionType.cs
- MsmqAppDomainProtocolHandler.cs
- TransactionProxy.cs
- SafeFileMappingHandle.cs
- TemplateApplicationHelper.cs
- EmptyElement.cs
- LoginName.cs
- Semaphore.cs
- CompilationUnit.cs
- SemaphoreSecurity.cs
- SecUtil.cs
- ProfileManager.cs
- DefaultParameterValueAttribute.cs
- ChtmlTextWriter.cs
- MessageDesigner.cs
- DateTimeOffset.cs
- MoveSizeWinEventHandler.cs
- GradientStop.cs
- RadioButtonPopupAdapter.cs
- cookiecontainer.cs
- DbConnectionPoolIdentity.cs
- ReadOnlyPermissionSet.cs
- RegionIterator.cs
- WSHttpBindingBase.cs
- UserControlCodeDomTreeGenerator.cs
- DecoderFallback.cs
- CompilationUtil.cs
- Button.cs
- XamlTreeBuilderBamlRecordWriter.cs
- XmlSchemaSimpleContent.cs
- COM2ICategorizePropertiesHandler.cs
- PathFigure.cs
- PerformanceCountersElement.cs
- ProcessThread.cs
- FontWeights.cs
- MemberHolder.cs
- AncillaryOps.cs
- XmlArrayItemAttribute.cs
- SizeAnimationClockResource.cs
- ComMethodElementCollection.cs
- RepeatButton.cs
- BulletChrome.cs
- ForceCopyBuildProvider.cs
- DataGridViewRowsRemovedEventArgs.cs
- OleDbSchemaGuid.cs
- XmlLinkedNode.cs
- ValidationEventArgs.cs
- ServicesSection.cs
- BaseResourcesBuildProvider.cs
- FieldBuilder.cs
- DbDataReader.cs
- PartBasedPackageProperties.cs
- SevenBitStream.cs
- XamlFilter.cs
- ColumnWidthChangingEvent.cs
- WhereQueryOperator.cs
- OleDbMetaDataFactory.cs
- HttpCapabilitiesEvaluator.cs
- RectConverter.cs
- ListViewItemMouseHoverEvent.cs
- Rules.cs
- CustomDictionarySources.cs
- RepeaterItem.cs
- FontResourceCache.cs
- StringUtil.cs
- PagerSettings.cs
- mactripleDES.cs
- WorkflowRuntimeElement.cs
- UriParserTemplates.cs
- FastEncoderWindow.cs
- PointConverter.cs
- Token.cs
- TrustManager.cs
- InheritanceRules.cs
- SafeLibraryHandle.cs
- SecuritySessionSecurityTokenProvider.cs
- PrintPreviewDialog.cs
- MimeObjectFactory.cs
- MemberRelationshipService.cs
- WebBrowserUriTypeConverter.cs
- AssemblyBuilderData.cs
- Internal.cs
- ItemPager.cs
- ApplicationFileParser.cs
- GroupDescription.cs
- UrlAuthorizationModule.cs
- UserPreferenceChangingEventArgs.cs
- HGlobalSafeHandle.cs
- DateTimeValueSerializerContext.cs
- EdmToObjectNamespaceMap.cs
- WebExceptionStatus.cs
- HttpListenerContext.cs