本文整理汇总了C++中LSA_DISPATCH_TABLE::AllocateLsaHeap方法的典型用法代码示例。如果您正苦于以下问题:C++ LSA_DISPATCH_TABLE::AllocateLsaHeap方法的具体用法?C++ LSA_DISPATCH_TABLE::AllocateLsaHeap怎么用?C++ LSA_DISPATCH_TABLE::AllocateLsaHeap使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类LSA_DISPATCH_TABLE的用法示例。
在下文中一共展示了LSA_DISPATCH_TABLE::AllocateLsaHeap方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: TRACE
/*
* @unimplemented
*/
NTSTATUS
NTAPI
LsaApInitializePackage(IN ULONG AuthenticationPackageId,
IN PLSA_DISPATCH_TABLE LsaDispatchTable,
IN PLSA_STRING Database OPTIONAL,
IN PLSA_STRING Confidentiality OPTIONAL,
OUT PLSA_STRING *AuthenticationPackageName)
{
PANSI_STRING NameString;
PCHAR NameBuffer;
TRACE("(%lu %p %p %p %p)\n",
AuthenticationPackageId, LsaDispatchTable, Database,
Confidentiality, AuthenticationPackageName);
/* Get the dispatch table entries */
DispatchTable.CreateLogonSession = LsaDispatchTable->CreateLogonSession;
DispatchTable.DeleteLogonSession = LsaDispatchTable->DeleteLogonSession;
DispatchTable.AddCredential = LsaDispatchTable->AddCredential;
DispatchTable.GetCredentials = LsaDispatchTable->GetCredentials;
DispatchTable.DeleteCredential = LsaDispatchTable->DeleteCredential;
DispatchTable.AllocateLsaHeap = LsaDispatchTable->AllocateLsaHeap;
DispatchTable.FreeLsaHeap = LsaDispatchTable->FreeLsaHeap;
DispatchTable.AllocateClientBuffer = LsaDispatchTable->AllocateClientBuffer;
DispatchTable.FreeClientBuffer = LsaDispatchTable->FreeClientBuffer;
DispatchTable.CopyToClientBuffer = LsaDispatchTable->CopyToClientBuffer;
DispatchTable.CopyFromClientBuffer = LsaDispatchTable->CopyFromClientBuffer;
/* Return the package name */
NameString = DispatchTable.AllocateLsaHeap(sizeof(LSA_STRING));
if (NameString == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
NameBuffer = DispatchTable.AllocateLsaHeap(sizeof(MSV1_0_PACKAGE_NAME));
if (NameBuffer == NULL)
{
DispatchTable.FreeLsaHeap(NameString);
return STATUS_INSUFFICIENT_RESOURCES;
}
strcpy(NameBuffer, MSV1_0_PACKAGE_NAME);
RtlInitAnsiString(NameString, NameBuffer);
*AuthenticationPackageName = (PLSA_STRING)NameString;
return STATUS_SUCCESS;
}示例2: RtlCopyMemory
static
PSID
AppendRidToSid(PSID SrcSid,
ULONG Rid)
{
PSID DstSid = NULL;
UCHAR RidCount;
RidCount = *RtlSubAuthorityCountSid(SrcSid);
if (RidCount >= 8)
return NULL;
DstSid = DispatchTable.AllocateLsaHeap(RtlLengthRequiredSid(RidCount + 1));
if (DstSid == NULL)
return NULL;
RtlCopyMemory(DstSid,
SrcSid,
RtlLengthRequiredSid(RidCount));
*RtlSubAuthorityCountSid(DstSid) = RidCount + 1;
*RtlSubAuthoritySid(DstSid, RidCount) = Rid;
return DstSid;
}示例3: RtlAllocateAndInitializeSid
static
NTSTATUS
BuildTokenDefaultDacl(PTOKEN_DEFAULT_DACL DefaultDacl,
PSID OwnerSid)
{
SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
PSID LocalSystemSid = NULL;
PACL Dacl = NULL;
NTSTATUS Status = STATUS_SUCCESS;
RtlAllocateAndInitializeSid(&SystemAuthority,
1,
SECURITY_LOCAL_SYSTEM_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
&LocalSystemSid);
Dacl = DispatchTable.AllocateLsaHeap(1024);
if (Dacl == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
Status = RtlCreateAcl(Dacl, 1024, ACL_REVISION);
if (!NT_SUCCESS(Status))
goto done;
RtlAddAccessAllowedAce(Dacl,
ACL_REVISION,
GENERIC_ALL,
OwnerSid);
/* SID: S-1-5-18 */
RtlAddAccessAllowedAce(Dacl,
ACL_REVISION,
GENERIC_ALL,
LocalSystemSid);
DefaultDacl->DefaultDacl = Dacl;
done:
if (!NT_SUCCESS(Status))
{
if (Dacl != NULL)
DispatchTable.FreeLsaHeap(Dacl);
}
if (LocalSystemSid != NULL)
RtlFreeSid(LocalSystemSid);
return Status;
}示例4: sizeof
static
NTSTATUS
BuildTokenGroups(OUT PTOKEN_GROUPS *Groups,
IN PSID AccountDomainSid)
{
SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
PTOKEN_GROUPS TokenGroups;
#define MAX_GROUPS 2
DWORD GroupCount = 0;
PSID Sid;
NTSTATUS Status = STATUS_SUCCESS;
TokenGroups = DispatchTable.AllocateLsaHeap(sizeof(TOKEN_GROUPS) +
MAX_GROUPS * sizeof(SID_AND_ATTRIBUTES));
if (TokenGroups == NULL)
{
return STATUS_INSUFFICIENT_RESOURCES;
}
Sid = AppendRidToSid(AccountDomainSid, DOMAIN_GROUP_RID_USERS);
if (Sid == NULL)
{
}
/* Member of the domain */
TokenGroups->Groups[GroupCount].Sid = Sid;
TokenGroups->Groups[GroupCount].Attributes =
SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
GroupCount++;
/* Member of 'Authenticated users' */
RtlAllocateAndInitializeSid(&SystemAuthority,
1,
SECURITY_AUTHENTICATED_USER_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
&Sid);
TokenGroups->Groups[GroupCount].Sid = Sid;
TokenGroups->Groups[GroupCount].Attributes =
SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
GroupCount++;
TokenGroups->GroupCount = GroupCount;
ASSERT(TokenGroups->GroupCount <= MAX_GROUPS);
*Groups = TokenGroups;
return Status;
}示例5: RtlLengthRequiredSid
static
NTSTATUS
BuildTokenOwner(PTOKEN_OWNER Owner,
PSID OwnerSid)
{
ULONG RidCount;
ULONG Size;
RidCount = *RtlSubAuthorityCountSid(OwnerSid);
Size = RtlLengthRequiredSid(RidCount);
Owner->Owner = DispatchTable.AllocateLsaHeap(Size);
if (Owner->Owner == NULL)
{
return STATUS_INSUFFICIENT_RESOURCES;
}
RtlCopyMemory(Owner->Owner,
OwnerSid,
Size);
return STATUS_SUCCESS;
}示例6: sizeof
static
NTSTATUS
BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest,
IN PSAMPR_USER_INFO_BUFFER UserInfo,
IN PUNICODE_STRING LogonServer,
OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer,
OUT PULONG ProfileBufferLength)
{
PMSV1_0_INTERACTIVE_PROFILE LocalBuffer = NULL;
PVOID ClientBaseAddress = NULL;
LPWSTR Ptr;
ULONG BufferLength;
NTSTATUS Status = STATUS_SUCCESS;
*ProfileBuffer = NULL;
*ProfileBufferLength = 0;
BufferLength = sizeof(MSV1_0_INTERACTIVE_PROFILE) +
UserInfo->All.FullName.Length + sizeof(WCHAR) +
UserInfo->All.HomeDirectory.Length + sizeof(WCHAR) +
UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR) +
UserInfo->All.ScriptPath.Length + sizeof(WCHAR) +
UserInfo->All.ProfilePath.Length + sizeof(WCHAR) +
LogonServer->Length + sizeof(WCHAR);
LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
if (LocalBuffer == NULL)
{
TRACE("Failed to allocate the local buffer!\n");
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
Status = DispatchTable.AllocateClientBuffer(ClientRequest,
BufferLength,
&ClientBaseAddress);
if (!NT_SUCCESS(Status))
{
TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
goto done;
}
TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
Ptr = (LPWSTR)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_INTERACTIVE_PROFILE));
LocalBuffer->MessageType = MsV1_0InteractiveProfile;
LocalBuffer->LogonCount = UserInfo->All.LogonCount;
LocalBuffer->BadPasswordCount = UserInfo->All.BadPasswordCount;
LocalBuffer->LogonTime.LowPart = UserInfo->All.LastLogon.LowPart;
LocalBuffer->LogonTime.HighPart = UserInfo->All.LastLogon.HighPart;
// LocalBuffer->LogoffTime.LowPart =
// LocalBuffer->LogoffTime.HighPart =
// LocalBuffer->KickOffTime.LowPart =
// LocalBuffer->KickOffTime.HighPart =
LocalBuffer->PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
LocalBuffer->PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;
LocalBuffer->PasswordCanChange.LowPart = UserInfo->All.PasswordCanChange.LowPart;
LocalBuffer->PasswordCanChange.HighPart = UserInfo->All.PasswordCanChange.HighPart;
LocalBuffer->PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
LocalBuffer->PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;
LocalBuffer->LogonScript.Length = UserInfo->All.ScriptPath.Length;
LocalBuffer->LogonScript.MaximumLength = UserInfo->All.ScriptPath.Length + sizeof(WCHAR);
LocalBuffer->LogonScript.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
memcpy(Ptr,
UserInfo->All.ScriptPath.Buffer,
UserInfo->All.ScriptPath.Length);
Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->LogonScript.MaximumLength);
LocalBuffer->HomeDirectory.Length = UserInfo->All.HomeDirectory.Length;
LocalBuffer->HomeDirectory.MaximumLength = UserInfo->All.HomeDirectory.Length + sizeof(WCHAR);
LocalBuffer->HomeDirectory.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
memcpy(Ptr,
UserInfo->All.HomeDirectory.Buffer,
UserInfo->All.HomeDirectory.Length);
Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectory.MaximumLength);
LocalBuffer->FullName.Length = UserInfo->All.FullName.Length;
LocalBuffer->FullName.MaximumLength = UserInfo->All.FullName.Length + sizeof(WCHAR);
LocalBuffer->FullName.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
memcpy(Ptr,
UserInfo->All.FullName.Buffer,
UserInfo->All.FullName.Length);
TRACE("FullName.Buffer: %p\n", LocalBuffer->FullName.Buffer);
Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->FullName.MaximumLength);
LocalBuffer->ProfilePath.Length = UserInfo->All.ProfilePath.Length;
LocalBuffer->ProfilePath.MaximumLength = UserInfo->All.ProfilePath.Length + sizeof(WCHAR);
LocalBuffer->ProfilePath.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
memcpy(Ptr,
//.........这里部分代码省略.........
示例7: if
//.........这里部分代码省略.........
/* Create and return a new logon id */
Status = NtAllocateLocallyUniqueId(LogonId);
if (!NT_SUCCESS(Status))
{
TRACE("NtAllocateLocallyUniqueId failed (Status %08lx)\n", Status);
goto done;
}
/* Create the logon session */
Status = DispatchTable.CreateLogonSession(LogonId);
if (!NT_SUCCESS(Status))
{
TRACE("CreateLogonSession failed (Status %08lx)\n", Status);
goto done;
}
SessionCreated = TRUE;
/* Build and fill the interactive profile buffer */
Status = BuildInteractiveProfileBuffer(ClientRequest,
UserInfo,
&LogonServer,
(PMSV1_0_INTERACTIVE_PROFILE*)ProfileBuffer,
ProfileBufferLength);
if (!NT_SUCCESS(Status))
{
TRACE("BuildInteractiveProfileBuffer failed (Status %08lx)\n", Status);
goto done;
}
/* Return the token information type */
*TokenInformationType = LsaTokenInformationV1;
/* Build and fill the token information buffer */
Status = BuildTokenInformationBuffer((PLSA_TOKEN_INFORMATION_V1*)TokenInformation,
AccountDomainSid,
UserInfo,
SpecialAccount);
if (!NT_SUCCESS(Status))
{
TRACE("BuildTokenInformationBuffer failed (Status %08lx)\n", Status);
goto done;
}
done:
/* Return the account name */
*AccountName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
if (*AccountName != NULL)
{
(*AccountName)->Buffer = DispatchTable.AllocateLsaHeap(LogonInfo->UserName.Length +
sizeof(UNICODE_NULL));
if ((*AccountName)->Buffer != NULL)
{
(*AccountName)->MaximumLength = LogonInfo->UserName.Length +
sizeof(UNICODE_NULL);
RtlCopyUnicodeString(*AccountName, &LogonInfo->UserName);
}
}
if (!NT_SUCCESS(Status))
{
if (SessionCreated != FALSE)
DispatchTable.DeleteLogonSession(LogonId);
if (*ProfileBuffer != NULL)
{
DispatchTable.FreeClientBuffer(ClientRequest,
*ProfileBuffer);
*ProfileBuffer = NULL;
}
}
if (UserHandle != NULL)
SamrCloseHandle(&UserHandle);
SamIFree_SAMPR_USER_INFO_BUFFER(UserInfo,
UserAllInformation);
SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
SamIFree_SAMPR_ULONG_ARRAY(&Use);
if (DomainHandle != NULL)
SamrCloseHandle(&DomainHandle);
if (ServerHandle != NULL)
SamrCloseHandle(&ServerHandle);
if (AccountDomainSid != NULL)
RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
if (Status == STATUS_NO_SUCH_USER ||
Status == STATUS_WRONG_PASSWORD)
{
*SubStatus = Status;
Status = STATUS_LOGON_FAILURE;
}
TRACE("LsaApLogonUser done (Status 0x%08lx SubStatus 0x%08lx)\n", Status, *SubStatus);
return Status;
}示例8: TRACE
//.........这里部分代码省略.........
TRACE("SamrQueryInformationUser failed (Status %08lx)\n", Status);
goto done;
}
TRACE("UserName: %S\n", UserInfo->All.UserName.Buffer);
/* FIXME: Check restrictions */
/* FIXME: Check the password */
if ((UserInfo->All.UserAccountControl & USER_PASSWORD_NOT_REQUIRED) == 0)
{
FIXME("Must check the password!\n");
}
/* Return logon information */
/* Create and return a new logon id */
Status = NtAllocateLocallyUniqueId(LogonId);
if (!NT_SUCCESS(Status))
{
TRACE("NtAllocateLocallyUniqueId failed (Status %08lx)\n", Status);
goto done;
}
/* Build and fill the interactve profile buffer */
Status = BuildInteractiveProfileBuffer(ClientRequest,
UserInfo,
&LogonServer,
(PMSV1_0_INTERACTIVE_PROFILE*)ProfileBuffer,
ProfileBufferLength);
if (!NT_SUCCESS(Status))
{
TRACE("BuildInteractiveProfileBuffer failed (Status %08lx)\n", Status);
goto done;
}
/* Return the token information type */
*TokenInformationType = LsaTokenInformationV1;
/* Build and fill the token information buffer */
Status = BuildTokenInformationBuffer((PLSA_TOKEN_INFORMATION_V1*)TokenInformation,
AccountDomainSid,
RelativeIds.Element[0],
LogonId);
if (!NT_SUCCESS(Status))
{
TRACE("BuildTokenInformationBuffer failed (Status %08lx)\n", Status);
goto done;
}
*SubStatus = STATUS_SUCCESS;
done:
/* Return the account name */
*AccountName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
if (*AccountName != NULL)
{
(*AccountName)->Buffer = DispatchTable.AllocateLsaHeap(LogonInfo->UserName.Length +
sizeof(UNICODE_NULL));
if ((*AccountName)->Buffer != NULL)
{
(*AccountName)->MaximumLength = LogonInfo->UserName.Length +
sizeof(UNICODE_NULL);
RtlCopyUnicodeString(*AccountName, &LogonInfo->UserName);
}
}
if (!NT_SUCCESS(Status))
{
if (*ProfileBuffer != NULL)
{
DispatchTable.FreeClientBuffer(ClientRequest,
*ProfileBuffer);
*ProfileBuffer = NULL;
}
}
if (UserHandle != NULL)
SamrCloseHandle(&UserHandle);
SamIFree_SAMPR_USER_INFO_BUFFER(UserInfo,
UserAllInformation);
SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
SamIFree_SAMPR_ULONG_ARRAY(&Use);
if (DomainHandle != NULL)
SamrCloseHandle(&DomainHandle);
if (ServerHandle != NULL)
SamrCloseHandle(&ServerHandle);
if (AccountDomainSid != NULL)
RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
TRACE("LsaApLogonUser done (Status %08lx)\n", Status);
return Status;
}示例9: LsaIOpenPolicyTrusted
static
NTSTATUS
BuildTokenPrivileges(PTOKEN_PRIVILEGES *TokenPrivileges)
{
/* FIXME shouldn't use hard-coded list of privileges */
static struct
{
LPCWSTR PrivName;
DWORD Attributes;
}
DefaultPrivs[] =
{
{ L"SeMachineAccountPrivilege", 0 },
{ L"SeSecurityPrivilege", 0 },
{ L"SeTakeOwnershipPrivilege", 0 },
{ L"SeLoadDriverPrivilege", 0 },
{ L"SeSystemProfilePrivilege", 0 },
{ L"SeSystemtimePrivilege", 0 },
{ L"SeProfileSingleProcessPrivilege", 0 },
{ L"SeIncreaseBasePriorityPrivilege", 0 },
{ L"SeCreatePagefilePrivilege", 0 },
{ L"SeBackupPrivilege", 0 },
{ L"SeRestorePrivilege", 0 },
{ L"SeShutdownPrivilege", 0 },
{ L"SeDebugPrivilege", 0 },
{ L"SeSystemEnvironmentPrivilege", 0 },
{ L"SeChangeNotifyPrivilege", SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_ENABLED_BY_DEFAULT },
{ L"SeRemoteShutdownPrivilege", 0 },
{ L"SeUndockPrivilege", 0 },
{ L"SeEnableDelegationPrivilege", 0 },
{ L"SeImpersonatePrivilege", SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_ENABLED_BY_DEFAULT },
{ L"SeCreateGlobalPrivilege", SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_ENABLED_BY_DEFAULT }
};
PTOKEN_PRIVILEGES Privileges = NULL;
ULONG i;
RPC_UNICODE_STRING PrivilegeName;
LSAPR_HANDLE PolicyHandle = NULL;
NTSTATUS Status = STATUS_SUCCESS;
Status = LsaIOpenPolicyTrusted(&PolicyHandle);
if (!NT_SUCCESS(Status))
{
goto done;
}
/* Allocate and initialize token privileges */
Privileges = DispatchTable.AllocateLsaHeap(sizeof(TOKEN_PRIVILEGES) +
sizeof(DefaultPrivs) / sizeof(DefaultPrivs[0]) *
sizeof(LUID_AND_ATTRIBUTES));
if (Privileges == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
Privileges->PrivilegeCount = 0;
for (i = 0; i < sizeof(DefaultPrivs) / sizeof(DefaultPrivs[0]); i++)
{
PrivilegeName.Length = wcslen(DefaultPrivs[i].PrivName) * sizeof(WCHAR);
PrivilegeName.MaximumLength = PrivilegeName.Length + sizeof(WCHAR);
PrivilegeName.Buffer = (LPWSTR)DefaultPrivs[i].PrivName;
Status = LsarLookupPrivilegeValue(PolicyHandle,
&PrivilegeName,
&Privileges->Privileges[Privileges->PrivilegeCount].Luid);
if (!NT_SUCCESS(Status))
{
WARN("Can't set privilege %S\n", DefaultPrivs[i].PrivName);
}
else
{
Privileges->Privileges[Privileges->PrivilegeCount].Attributes = DefaultPrivs[i].Attributes;
Privileges->PrivilegeCount++;
}
}
*TokenPrivileges = Privileges;
done:
if (PolicyHandle != NULL)
LsarClose(PolicyHandle);
return Status;
}示例10: sizeof
static
NTSTATUS
BuildTokenGroups(IN PSID AccountDomainSid,
IN PLUID LogonId,
OUT PTOKEN_GROUPS *Groups,
OUT PSID *PrimaryGroupSid,
OUT PSID *OwnerSid)
{
SID_IDENTIFIER_AUTHORITY WorldAuthority = {SECURITY_WORLD_SID_AUTHORITY};
SID_IDENTIFIER_AUTHORITY LocalAuthority = {SECURITY_LOCAL_SID_AUTHORITY};
SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
PTOKEN_GROUPS TokenGroups;
#define MAX_GROUPS 8
DWORD GroupCount = 0;
PSID Sid;
NTSTATUS Status = STATUS_SUCCESS;
TokenGroups = DispatchTable.AllocateLsaHeap(sizeof(TOKEN_GROUPS) +
MAX_GROUPS * sizeof(SID_AND_ATTRIBUTES));
if (TokenGroups == NULL)
{
return STATUS_INSUFFICIENT_RESOURCES;
}
Sid = AppendRidToSid(AccountDomainSid, DOMAIN_GROUP_RID_USERS);
if (Sid == NULL)
{
}
/* Member of the domain */
TokenGroups->Groups[GroupCount].Sid = Sid;
TokenGroups->Groups[GroupCount].Attributes =
SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
*PrimaryGroupSid = Sid;
GroupCount++;
/* Member of 'Everyone' */
RtlAllocateAndInitializeSid(&WorldAuthority,
1,
SECURITY_WORLD_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
&Sid);
TokenGroups->Groups[GroupCount].Sid = Sid;
TokenGroups->Groups[GroupCount].Attributes =
SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
GroupCount++;
#if 1
/* Member of 'Administrators' */
RtlAllocateAndInitializeSid(&SystemAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
&Sid);
TokenGroups->Groups[GroupCount].Sid = Sid;
TokenGroups->Groups[GroupCount].Attributes =
SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
GroupCount++;
#else
TRACE("Not adding user to Administrators group\n");
#endif
/* Member of 'Users' */
RtlAllocateAndInitializeSid(&SystemAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_USERS,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
&Sid);
TokenGroups->Groups[GroupCount].Sid = Sid;
TokenGroups->Groups[GroupCount].Attributes =
SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
GroupCount++;
/* Logon SID */
RtlAllocateAndInitializeSid(&SystemAuthority,
SECURITY_LOGON_IDS_RID_COUNT,
SECURITY_LOGON_IDS_RID,
LogonId->HighPart,
LogonId->LowPart,
SECURITY_NULL_RID,
SECURITY_NULL_RID,
//.........这里部分代码省略.........