本文整理汇总了C++中AllocateAndInitializeSid函数的典型用法代码示例。如果您正苦于以下问题:C++ AllocateAndInitializeSid函数的具体用法?C++ AllocateAndInitializeSid怎么用?C++ AllocateAndInitializeSid使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了AllocateAndInitializeSid函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: is_process_limited
static BOOL is_process_limited(void)
{
static BOOL (WINAPI *pCheckTokenMembership)(HANDLE,PSID,PBOOL) = NULL;
static BOOL (WINAPI *pOpenProcessToken)(HANDLE, DWORD, PHANDLE) = NULL;
SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
PSID Group;
BOOL IsInGroup;
HANDLE token;
if (!pOpenProcessToken)
{
HMODULE hadvapi32 = GetModuleHandleA("advapi32.dll");
pOpenProcessToken = (void*)GetProcAddress(hadvapi32, "OpenProcessToken");
pCheckTokenMembership = (void*)GetProcAddress(hadvapi32, "CheckTokenMembership");
if (!pCheckTokenMembership || !pOpenProcessToken)
{
/* Win9x (power to the masses) or NT4 (no way to know) */
trace("missing pOpenProcessToken or CheckTokenMembership\n");
return FALSE;
}
}
if (!AllocateAndInitializeSid(&NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0, &Group) ||
!pCheckTokenMembership(NULL, Group, &IsInGroup))
{
trace("Could not check if the current user is an administrator\n");
return FALSE;
}
if (!IsInGroup)
{
if (!AllocateAndInitializeSid(&NtAuthority, 2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_POWER_USERS,
0, 0, 0, 0, 0, 0, &Group) ||
!pCheckTokenMembership(NULL, Group, &IsInGroup))
{
trace("Could not check if the current user is a power user\n");
return FALSE;
}
if (!IsInGroup)
{
/* Only administrators and power users can be powerful */
return TRUE;
}
}
if (pOpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token))
{
BOOL ret;
TOKEN_ELEVATION_TYPE type = TokenElevationTypeDefault;
DWORD size;
ret = GetTokenInformation(token, TokenElevationType, &type, sizeof(type), &size);
CloseHandle(token);
return (ret && type == TokenElevationTypeLimited);
}
return FALSE;
}
示例2: init
static void
init() {
// create security attributes for the pipe
// http://msdn.microsoft.com/en-us/library/windows/desktop/hh448449(v=vs.85).aspx
// define new Win 8 app related constants
memset(&g_explicitAccesses, 0, sizeof(g_explicitAccesses));
// Create a well-known SID for the Everyone group.
// FIXME: we should limit the access to current user only
// See this article for details: https://msdn.microsoft.com/en-us/library/windows/desktop/hh448493(v=vs.85).aspx
SID_IDENTIFIER_AUTHORITY worldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY};
AllocateAndInitializeSid(&worldSidAuthority, 1,
SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &g_everyoneSID);
// https://services.land.vic.gov.au/ArcGIS10.1/edESRIArcGIS10_01_01_3143/Python/pywin32/PLATLIB/win32/Demos/security/explicit_entries.py
g_explicitAccesses[0].grfAccessPermissions = GENERIC_ALL;
g_explicitAccesses[0].grfAccessMode = SET_ACCESS;
g_explicitAccesses[0].grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT;
g_explicitAccesses[0].Trustee.pMultipleTrustee = NULL;
g_explicitAccesses[0].Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
g_explicitAccesses[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
g_explicitAccesses[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
g_explicitAccesses[0].Trustee.ptstrName = (LPTSTR)g_everyoneSID;
// FIXME: will this work under Windows 7 and Vista?
// create SID for app containers
SID_IDENTIFIER_AUTHORITY appPackageAuthority = {SECURITY_APP_PACKAGE_AUTHORITY};
AllocateAndInitializeSid(&appPackageAuthority,
SECURITY_BUILTIN_APP_PACKAGE_RID_COUNT,
SECURITY_APP_PACKAGE_BASE_RID,
SECURITY_BUILTIN_PACKAGE_ANY_PACKAGE,
0, 0, 0, 0, 0, 0, &g_allAppsSID);
g_explicitAccesses[1].grfAccessPermissions = GENERIC_ALL;
g_explicitAccesses[1].grfAccessMode = SET_ACCESS;
g_explicitAccesses[1].grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT;
g_explicitAccesses[1].Trustee.pMultipleTrustee = NULL;
g_explicitAccesses[1].Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
g_explicitAccesses[1].Trustee.TrusteeForm = TRUSTEE_IS_SID;
g_explicitAccesses[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
g_explicitAccesses[1].Trustee.ptstrName = (LPTSTR)g_allAppsSID;
// create DACL
DWORD err = SetEntriesInAcl(2, g_explicitAccesses, NULL, &g_acl);
if (0 == err) {
// security descriptor
g_securittyDescriptor = (PSECURITY_DESCRIPTOR)LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
InitializeSecurityDescriptor(g_securittyDescriptor, SECURITY_DESCRIPTOR_REVISION);
// Add the ACL to the security descriptor.
SetSecurityDescriptorDacl(g_securittyDescriptor, TRUE, g_acl, FALSE);
}
g_securityAttributes.nLength = sizeof(SECURITY_ATTRIBUTES);
g_securityAttributes.lpSecurityDescriptor = g_securittyDescriptor;
g_securityAttributes.bInheritHandle = TRUE;
}
示例3: SetKeySecurityEx
//设置注册表键读取的权限(KEY_READ||KEY_WRITE||KEY_ALL_ACCESS)
int SetKeySecurityEx(HKEY MainKey,LPCTSTR SubKey,DWORD security)
{
HKEY hKey;
SID_IDENTIFIER_AUTHORITY sia = SECURITY_NT_AUTHORITY;
PSID pSystemSid = NULL;
PSID pUserSid = NULL;
SECURITY_DESCRIPTOR sd;
PACL pDacl = NULL;
DWORD dwAclSize;
int iResult = 0;
__try
{
if(RegOpenKeyEx(MainKey, SubKey, 0, WRITE_DAC, &hKey)!= ERROR_SUCCESS)
__leave;
if(!AllocateAndInitializeSid(&sia,1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &pSystemSid ))
__leave;
if(!AllocateAndInitializeSid( &sia, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS,0, 0, 0, 0, 0, 0, &pUserSid))
__leave;
dwAclSize = sizeof(ACL) + 2 * ( sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) ) + GetLengthSid(pSystemSid) + GetLengthSid(pUserSid) ;
pDacl = (PACL)HeapAlloc(GetProcessHeap(), 0, dwAclSize);
if(pDacl == NULL)
__leave;
if(!InitializeAcl(pDacl, dwAclSize, ACL_REVISION))
__leave;
if(!AddAccessAllowedAce( pDacl, ACL_REVISION, KEY_ALL_ACCESS, pSystemSid ))
__leave;
if(!AddAccessAllowedAce( pDacl, ACL_REVISION, (unsigned long)security, pUserSid ))
__leave;
if(!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION))
__leave;
if(!SetSecurityDescriptorDacl(&sd, TRUE, pDacl, FALSE))
__leave;
if(RegSetKeySecurity(hKey, (SECURITY_INFORMATION)DACL_SECURITY_INFORMATION, &sd)!= ERROR_SUCCESS)
__leave;
iResult =1;
}
__finally
{
RegCloseKey(MainKey);
RegCloseKey(hKey);
if(pDacl !=NULL)
HeapFree(GetProcessHeap(), 0, pDacl);
if(pSystemSid !=NULL)
FreeSid(pSystemSid);
if(pUserSid !=NULL)
FreeSid(pUserSid);
}
return iResult;
}
示例4: AllocateAndInitializeSid
SECURITY_ATTRIBUTES SecurDescr::CreateSID()
{
SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
SID_IDENTIFIER_AUTHORITY SIDAuthNT = SECURITY_NT_AUTHORITY;
AllocateAndInitializeSid(&SIDAuthWorld, 1,
SECURITY_WORLD_RID,
0, 0, 0, 0, 0, 0, 0,
&pEveryoneSID);
ZeroMemory(ea, 2 * sizeof(EXPLICIT_ACCESS));
ea[0].grfAccessPermissions = FILE_GENERIC_READ | FILE_GENERIC_WRITE | SYNCHRONIZE;
ea[0].grfAccessMode = SET_ACCESS;
ea[0].grfInheritance= NO_INHERITANCE;
ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
ea[0].Trustee.ptstrName = (LPTSTR) pEveryoneSID;
AllocateAndInitializeSid(&SIDAuthNT, 2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&pAdminSID);
ea[1].grfAccessPermissions = FILE_GENERIC_READ | FILE_GENERIC_WRITE | SYNCHRONIZE;
ea[1].grfAccessMode = SET_ACCESS;
ea[1].grfInheritance= NO_INHERITANCE;
ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
ea[1].Trustee.ptstrName = (LPTSTR) pAdminSID;
SetEntriesInAcl(2, ea, NULL, &pACL);
pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR,
SECURITY_DESCRIPTOR_MIN_LENGTH);
InitializeSecurityDescriptor(pSD,
SECURITY_DESCRIPTOR_REVISION);
SetSecurityDescriptorDacl(pSD,
TRUE, // bDaclPresent flag
pACL,
FALSE);
sa.nLength = sizeof (SECURITY_ATTRIBUTES);
sa.lpSecurityDescriptor = pSD;
sa.bInheritHandle = FALSE;
return sa;
}
示例5: getsids
bool getsids(char **error)
{
#ifdef __clang__
#pragma clang diagnostic push
#pragma clang diagnostic ignored "-Wmissing-braces"
#endif
SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY;
SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY;
#ifdef __clang__
#pragma clang diagnostic pop
#endif
bool ret = false;
*error = NULL;
if (!usersid) {
if ((usersid = get_user_sid()) == NULL) {
*error = dupprintf("unable to construct SID for current user: %s",
win_strerror(GetLastError()));
goto cleanup;
}
}
if (!worldsid) {
if (!AllocateAndInitializeSid(&world_auth, 1, SECURITY_WORLD_RID,
0, 0, 0, 0, 0, 0, 0, &worldsid)) {
*error = dupprintf("unable to construct SID for world: %s",
win_strerror(GetLastError()));
goto cleanup;
}
}
if (!networksid) {
if (!AllocateAndInitializeSid(&nt_auth, 1, SECURITY_NETWORK_RID,
0, 0, 0, 0, 0, 0, 0, &networksid)) {
*error = dupprintf("unable to construct SID for "
"local same-user access only: %s",
win_strerror(GetLastError()));
goto cleanup;
}
}
ret = true;
cleanup:
return ret;
}
示例6: XL_INFO_FUNCTION
bool RegKeyOwnerAquireRestore::Aquire(HKEY hRootKey, LPCTSTR lpszSubKey)
{
XL_INFO_FUNCTION();
if (!Backup(hRootKey, lpszSubKey))
{
XL_WARNING(_T("Failed to backup, operation will not be restored. Key lpszSubKey."));
}
HKEY hKey = nullptr;
LSTATUS lRes = RegOpenKeyEx(hRootKey,
lpszSubKey,
0,
WRITE_OWNER,
&hKey);
if (lRes != ERROR_SUCCESS || hKey == nullptr)
{
XL_ERROR(_T("Failed to open key with WRITE_OWNER access. Key: %s."), lpszSubKey);
return false;
}
XL_ON_BLOCK_EXIT(RegCloseKey, hKey);
SECURITY_DESCRIPTOR sd = {};
if (!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION))
{
XL_ERROR(_T("Failed to initialize security descriptor."));
return false;
}
PSID pSid = nullptr;
SID_IDENTIFIER_AUTHORITY SIDAuthAdmin = SECURITY_NT_AUTHORITY;
if (!AllocateAndInitializeSid(&SIDAuthAdmin, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pSid))
{
XL_ERROR(_T("Failed to initialize Sid for Administrators."));
return false;
}
XL_ON_BLOCK_EXIT(FreeSid, pSid);
if (!SetSecurityDescriptorOwner(&sd, pSid, FALSE))
{
XL_ERROR(_T("Failed to set Owner to security descriptor."));
return false;
}
lRes = RegSetKeySecurity(hKey, OWNER_SECURITY_INFORMATION, &sd);
if (lRes != ERROR_SUCCESS)
{
XL_ERROR(_T("Failed to set Owner to Key: %s."), lpszSubKey);
return false;
}
return true;
}
示例7: IsUserAdmin
BOOL IsUserAdmin()
/*++
Routine Description: This routine returns TRUE if the caller's
process is a member of the Administrators local group. Caller is NOT
expected to be impersonating anyone and is expected to be able to
open its own process and process token.
Arguments: None.
Return Value:
TRUE - Caller has Administrators local group.
FALSE - Caller does not have Administrators local group. --
from http://msdn.microsoft.com/en-us/library/windows/desktop/aa376389(v=vs.85).aspx
*/
{
BOOL ret;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup;
ret = AllocateAndInitializeSid(
&NtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&AdministratorsGroup);
if (ret) {
if (!CheckTokenMembership(NULL, AdministratorsGroup, &ret)) {
ret = FALSE;
}
FreeSid(AdministratorsGroup);
}
return ret;
}
示例8: IsUserAdmin
bool IsUserAdmin()
{
// No need to show any "Shield" on XP or 2k
_ASSERTE(_WIN32_WINNT_VISTA==0x600);
OSVERSIONINFOEXW osvi = {sizeof(osvi), HIBYTE(_WIN32_WINNT_VISTA), LOBYTE(_WIN32_WINNT_VISTA)};
DWORDLONG const dwlConditionMask = VerSetConditionMask(VerSetConditionMask(0, VER_MAJORVERSION, VER_GREATER_EQUAL), VER_MINORVERSION, VER_GREATER_EQUAL);
if (!VerifyVersionInfoW(&osvi, VER_MAJORVERSION | VER_MINORVERSION, dwlConditionMask))
return false;
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
PSID AdministratorsGroup;
b = AllocateAndInitializeSid(
&NtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&AdministratorsGroup);
if (b)
{
if (!CheckTokenMembership(NULL, AdministratorsGroup, &b))
{
b = FALSE;
}
FreeSid(AdministratorsGroup);
}
return (b ? true : false);
}
示例9: IsUserAdmin
bool IsUserAdmin()
{
// Проверять нужно только для висты и выше
if (gOSVer.dwMajorVersion < 6)
return FALSE;
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
PSID AdministratorsGroup;
b = AllocateAndInitializeSid(
&NtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&AdministratorsGroup);
if (b)
{
if (!CheckTokenMembership(NULL, AdministratorsGroup, &b))
{
b = FALSE;
}
FreeSid(AdministratorsGroup);
}
return (b != 0);
}
示例10: make_relative_sid
BOOL make_relative_sid(PSID* answer, PSID base, ULONG relative_id)
{
int count;
int i;
if (answer == NULL)
return print_error(L"Error in make_relative_sid: answer is NULL.\n");
if (base == NULL)
return print_error(L"Error in make_relative_sid: base is NULL.\n");
if (!IsValidSid(base))
return print_error(L"Error in make_relative_sid: base is not a valid SID.\n");
count = *GetSidSubAuthorityCount(base);
if (count > 7)
return print_error(L"Error in make_relative_sid: base has too many sub-authorities.\n");
if (!AllocateAndInitializeSid( GetSidIdentifierAuthority(base)
, 1 + count
, 0, 0, 0, 0, 0, 0, 0, 0, answer))
return win_error(GetLastError(), L"AllocateAndInitializeSid");
for(i=0; i<count; i++)
{
*GetSidSubAuthority(*answer, i) = *GetSidSubAuthority(base, i);
}
*GetSidSubAuthority(*answer, count) = relative_id;
return TRUE;
}
示例11: AllocateAndInitializeSid
// Returns true if the caller's process is a member of the Administrators local group.
// Caller is NOT expected to be impersonating anyone and is expected to be able to
// open its own process and process token.
// Return Value:
// true - Caller has Administrators local group.
// false - Caller does not have Administrators local group.
// Taken from the MS website:
// http://msdn2.microsoft.com/en-us/library/aa376389.aspx
bool MasterInstaller_t::IsCurrentUserLocalAdministrator()
{
// First check if we are running Windows 98 or earlier. If so, we are an administrator:
if (g_OSVersion < OSVersion_t::Win2k)
return true;
if (!_CheckTokenMembership)
return false;
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup;
b = AllocateAndInitializeSid(&NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &AdministratorsGroup);
if (b)
{
if (!_CheckTokenMembership(NULL, AdministratorsGroup, &b))
{
b = false;
}
FreeSid(AdministratorsGroup);
}
return !!b;
}
示例12: kuhl_m_kernel_addWorldToMimikatz
BOOL kuhl_m_kernel_addWorldToMimikatz(SC_HANDLE monHandle)
{
BOOL status = FALSE;
DWORD dwSizeNeeded;
PSECURITY_DESCRIPTOR oldSd, newSd;
SECURITY_DESCRIPTOR dummySdForXP;
SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
EXPLICIT_ACCESS ForEveryOne = {
SERVICE_QUERY_STATUS | SERVICE_QUERY_CONFIG | SERVICE_INTERROGATE | SERVICE_ENUMERATE_DEPENDENTS | SERVICE_PAUSE_CONTINUE | SERVICE_START | SERVICE_STOP | SERVICE_USER_DEFINED_CONTROL | READ_CONTROL,
SET_ACCESS,
NO_INHERITANCE,
{NULL, NO_MULTIPLE_TRUSTEE, TRUSTEE_IS_SID, TRUSTEE_IS_WELL_KNOWN_GROUP, NULL}
};
if(!QueryServiceObjectSecurity(monHandle, DACL_SECURITY_INFORMATION, &dummySdForXP, 0, &dwSizeNeeded) && (GetLastError() == ERROR_INSUFFICIENT_BUFFER))
{
if(oldSd = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, dwSizeNeeded))
{
if(QueryServiceObjectSecurity(monHandle, DACL_SECURITY_INFORMATION, oldSd, dwSizeNeeded, &dwSizeNeeded))
{
if(AllocateAndInitializeSid(&SIDAuthWorld, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, (PSID *)&ForEveryOne.Trustee.ptstrName))
{
if(BuildSecurityDescriptor(NULL, NULL, 1, &ForEveryOne, 0, NULL, oldSd, &dwSizeNeeded, &newSd) == ERROR_SUCCESS)
{
status = SetServiceObjectSecurity(monHandle, DACL_SECURITY_INFORMATION, newSd);
LocalFree(newSd);
}
FreeSid(ForEveryOne.Trustee.ptstrName);
}
}
LocalFree(oldSd);
}
}
return status;
}
示例13: IsNTAdmin
/***********************************************************************
* IsNTAdmin ([email protected])
*
* Checks if the user has admin privileges.
*
* PARAMS
* reserved [I] Reserved. Must be 0.
* pReserved [I] Reserved. Must be NULL.
*
* RETURNS
* TRUE if user has admin rights, FALSE otherwise.
*/
BOOL WINAPI IsNTAdmin(DWORD reserved, LPDWORD pReserved)
{
SID_IDENTIFIER_AUTHORITY SidAuthority = {SECURITY_NT_AUTHORITY};
PTOKEN_GROUPS pTokenGroups;
BOOL bSidFound = FALSE;
DWORD dwSize, i;
HANDLE hToken;
PSID pSid;
TRACE("(%d, %p)\n", reserved, pReserved);
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
return FALSE;
if (!GetTokenInformation(hToken, TokenGroups, NULL, 0, &dwSize))
{
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
{
CloseHandle(hToken);
return FALSE;
}
}
pTokenGroups = HeapAlloc(GetProcessHeap(), 0, dwSize);
if (!pTokenGroups)
{
CloseHandle(hToken);
return FALSE;
}
if (!GetTokenInformation(hToken, TokenGroups, pTokenGroups, dwSize, &dwSize))
{
HeapFree(GetProcessHeap(), 0, pTokenGroups);
CloseHandle(hToken);
return FALSE;
}
CloseHandle(hToken);
if (!AllocateAndInitializeSid(&SidAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pSid))
{
HeapFree(GetProcessHeap(), 0, pTokenGroups);
return FALSE;
}
for (i = 0; i < pTokenGroups->GroupCount; i++)
{
if (EqualSid(pSid, pTokenGroups->Groups[i].Sid))
{
bSidFound = TRUE;
break;
}
}
HeapFree(GetProcessHeap(), 0, pTokenGroups);
FreeSid(pSid);
return bSidFound;
}
示例14: LookupAliasFromRid
BOOL
LookupAliasFromRid( LPWSTR TargetComputer, DWORD Rid, LPWSTR Name,
PDWORD cchName )
{
SID_IDENTIFIER_AUTHORITY sia = SECURITY_NT_AUTHORITY;
SID_NAME_USE snu;
PSID pSid;
WCHAR DomainName[DNLEN+1];
DWORD cchDomainName = DNLEN;
BOOL bSuccess = FALSE;
//
// Sid is the same regardless of machine, since the well-known
// BUILTIN domain is referenced.
//
if(AllocateAndInitializeSid( &sia, 2, SECURITY_BUILTIN_DOMAIN_RID,
Rid, 0, 0, 0, 0, 0, 0, &pSid )) {
bSuccess = LookupAccountSidW( TargetComputer, pSid, Name, cchName,
DomainName, &cchDomainName, &snu );
FreeSid(pSid);
}
return bSuccess;
}
示例15: IsUserAdmin
BOOL IsUserAdmin(VOID)
{
BOOL b;
PSID AdministratorsGroup;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
HMODULE hModule;
PCheckTokenMembership func;
b = AllocateAndInitializeSid(&NtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&AdministratorsGroup);
hModule = GetModuleHandle(_T("advapi32.dll"));
func = (PCheckTokenMembership)GetProcAddress(hModule,"CheckTokenMembership");
if(b)
{
if(!func( NULL, AdministratorsGroup, &b))
{
b = FALSE;
}
FreeSid(AdministratorsGroup);
}
return(b);
}