archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/tools/kerbpol/kerbpol.c

332 lines
8.2 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Managing user privileges can be achieved programmatically using the
  4. following steps:
  6. 1. Open the policy on the target machine with LsaOpenPolicy(). To grant
  7. privileges, open the policy with POLICY_CREATE_ACCOUNT and
  8. POLICY_LOOKUP_NAMES access. To revoke privileges, open the policy with
  9. POLICY_LOOKUP_NAMES access.
  11. 2. Obtain a SID (security identifier) representing the user/group of
  12. interest. The LookupAccountName() and LsaLookupNames() APIs can obtain a
  13. SID from an account name.
  15. 3. Call LsaAddAccountRights() to grant privileges to the user(s)
  16. represented by the supplied SID.
  18. 4. Call LsaRemoveAccountRights() to revoke privileges from the user(s)
  19. represented by the supplied SID.
  21. 5. Close the policy with LsaClose().
  23. To successfully grant and revoke privileges, the caller needs to be an
  24. administrator on the target system.
  26. The LSA API LsaEnumerateAccountRights() can be used to determine which
  27. privileges have been granted to an account.
  29. The LSA API LsaEnumerateAccountsWithUserRight() can be used to determine
  30. which accounts have been granted a specified privilege.
  32. Documentation and header files for these LSA APIs is provided in the
  33. Windows 32 SDK in the MSTOOLS\SECURITY directory.
  35. NOTE: These LSA APIs are currently implemented as Unicode only.
  37. This sample will grant the privilege SeServiceLogonRight to the account
  38. specified on argv[1].
  40. This sample is dependant on these import libs
  42. advapi32.lib (for LsaXxx)
  43. user32.lib (for wsprintf)
  45. This sample will work properly compiled ANSI or Unicode.
  49. You can use domain\account as argv[1]. For instance, mydomain\scott will
  50. grant the privilege to the mydomain domain account scott.
  52. The optional target machine is specified as argv[2], otherwise, the
  53. account database is updated on the local machine.
  55. The LSA APIs used by this sample are Unicode only.
  57. Use LsaRemoveAccountRights() to remove account rights.
  59. Scott Field (sfield) 12-Jul-95
  61. --*/
  63. #ifndef UNICODE
  64. #define UNICODE
  65. #endif // UNICODE
  67. #include <windows.h>
  68. #include <stdio.h>
  70. #include "ntsecapi.h"
  72. NTSTATUS
  73. OpenPolicy(
  74. LPWSTR ServerName, // machine to open policy on (Unicode)
  75. DWORD DesiredAccess, // desired access to policy
  76. PLSA_HANDLE PolicyHandle // resultant policy handle
  77. );
  79. LPTSTR
  80. ConvertTimeToString(
  81. LARGE_INTEGER time // Kerberos time value
  82. );
  84. void
  85. InitLsaString(
  86. PLSA_UNICODE_STRING LsaString, // destination
  87. LPWSTR String // source (Unicode)
  88. );
  90. void
  91. DisplayNtStatus(
  92. LPSTR szAPI, // pointer to function name (ANSI)
  93. NTSTATUS Status // NTSTATUS error value
  94. );
  96. void
  97. DisplayWinError(
  98. LPSTR szAPI, // pointer to function name (ANSI)
  99. DWORD WinError // DWORD WinError
  100. );
  102. #define RTN_OK 0
  103. #define RTN_USAGE 1
  104. #define RTN_ERROR 13
  106. //
  107. // If you have the ddk, include ntstatus.h.
  108. //
  109. #ifndef STATUS_SUCCESS
  110. #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
  111. #endif
  113. static LPCTSTR dt_output_dhms = TEXT("%d %s %02d:%02d:%02d");
  114. static LPCTSTR dt_day_plural = TEXT("days");
  115. static LPCTSTR dt_day_singular = TEXT("day");
  116. static LPCTSTR dt_output_donly = TEXT("%d %s");
  117. static LPCTSTR dt_output_hms = TEXT("%d:%02d:%02d");
  119. LPTSTR
  120. ConvertTimeToString(LARGE_INTEGER time)
  121. {
  122. int days, hours, minutes, seconds;
  123. DWORD tt;
  124. static TCHAR buf2[40];
  125. #define TPS (10*1000*1000)
  126. DWORD dt = (long)(time.QuadPart / TPS);
  128. days = (int) (dt / (24*3600l));
  129. tt = dt % (24*3600l);
  130. hours = (int) (tt / 3600);
  131. tt %= 3600;
  132. minutes = (int) (tt / 60);
  133. seconds = (int) (tt % 60);
  135. if (days) {
  136. if (hours || minutes || seconds) {
  137. wsprintf(buf2, dt_output_dhms, days,
  138. (days > 1) ? dt_day_plural : dt_day_singular,
  139. hours, minutes, seconds);
  140. }
  141. else {
  142. wsprintf(buf2, dt_output_donly, days,
  143. (days > 1) ? dt_day_plural : dt_day_singular);
  144. }
  145. }
  146. else {
  147. wsprintf(buf2, dt_output_hms, hours, minutes, seconds);
  148. }
  149. return(buf2);
  150. }
  152. int _cdecl
  153. main(int argc, char *argv[])
  154. {
  155. LSA_HANDLE PolicyHandle;
  156. WCHAR wComputerName[256]=L""; // static machine name buffer
  157. NTSTATUS Status;
  158. int iRetVal=RTN_ERROR; // assume error from main
  159. PPOLICY_DOMAIN_KERBEROS_TICKET_INFO KerbInfo;
  161. if(argc > 2)
  162. {
  163. fprintf(stderr,"Usage: %s [TargetMachine]\n",
  164. argv[0]);
  165. return RTN_USAGE;
  166. }
  168. //
  169. // Pick up machine name on argv[2], if appropriate
  170. // assumes source is ANSI. Resultant string is Unicode.
  171. //
  172. if(argc == 2) wsprintfW(wComputerName, L"%hS", argv[1]);
  174. //
  175. // Open the policy on the target machine.
  176. //
  177. if((Status=OpenPolicy(
  178. wComputerName, // target machine
  179. MAXIMUM_ALLOWED,
  180. &PolicyHandle // resultant policy handle
  181. )) != STATUS_SUCCESS) {
  182. DisplayNtStatus("OpenPolicy", Status);
  183. return RTN_ERROR;
  184. }
  186. //
  187. // Get the Kerberos policy
  188. //
  189. if ((Status=LsaQueryDomainInformationPolicy(
  190. PolicyHandle,
  191. PolicyDomainKerberosTicketInformation,
  192. &KerbInfo)) != STATUS_SUCCESS)
  193. {
  194. DisplayNtStatus("LsaQueryDomainInformationPolicy", Status);
  195. return RTN_ERROR;
  196. }
  198. //
  199. // Print out the Kerberos information
  200. //
  201. printf("Authentication options: 0x%x\n", KerbInfo->AuthenticationOptions);
  202. printf("MaxServiceTicketAge: %S\n",
  203. ConvertTimeToString(KerbInfo->MaxServiceTicketAge));
  204. printf("MaxTicketAge: %S\n", ConvertTimeToString(KerbInfo->MaxTicketAge));
  205. printf("MaxRenewAge: %S\n", ConvertTimeToString(KerbInfo->MaxRenewAge));
  206. printf("MaxClockSkew: %S\n", ConvertTimeToString(KerbInfo->MaxClockSkew));
  208. //
  209. // Free buffer
  210. //
  211. LsaFreeMemory(KerbInfo);
  213. //
  214. // Close the policy handle.
  215. //
  216. LsaClose(PolicyHandle);
  218. return iRetVal;
  219. }
  221. void
  222. InitLsaString(
  223. PLSA_UNICODE_STRING LsaString,
  224. LPWSTR String
  225. )
  226. {
  227. DWORD StringLength;
  229. if (String == NULL) {
  230. LsaString->Buffer = NULL;
  231. LsaString->Length = 0;
  232. LsaString->MaximumLength = 0;
  233. return;
  234. }
  236. StringLength = wcslen(String);
  237. LsaString->Buffer = String;
  238. LsaString->Length = (USHORT) StringLength * sizeof(WCHAR);
  239. LsaString->MaximumLength=(USHORT)(StringLength+1) * sizeof(WCHAR);
  240. }
  242. NTSTATUS
  243. OpenPolicy(
  244. LPWSTR ServerName,
  245. DWORD DesiredAccess,
  246. PLSA_HANDLE PolicyHandle
  247. )
  248. {
  249. LSA_OBJECT_ATTRIBUTES ObjectAttributes;
  250. LSA_UNICODE_STRING ServerString;
  251. PLSA_UNICODE_STRING Server = NULL;
  253. //
  254. // Always initialize the object attributes to all zeroes.
  255. //
  256. ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes));
  258. if (ServerName != NULL) {
  259. //
  260. // Make a LSA_UNICODE_STRING out of the LPWSTR passed in
  261. //
  262. InitLsaString(&ServerString, ServerName);
  263. Server = &ServerString;
  264. }
  266. //
  267. // Attempt to open the policy.
  268. //
  269. return LsaOpenPolicy(
  270. Server,
  271. &ObjectAttributes,
  272. DesiredAccess,
  273. PolicyHandle
  274. );
  275. }
  277. void
  278. DisplayNtStatus(
  279. LPSTR szAPI,
  280. NTSTATUS Status
  281. )
  282. {
  283. //
  284. // Convert the NTSTATUS to Winerror. Then call DisplayWinError().
  285. //
  286. DisplayWinError(szAPI, LsaNtStatusToWinError(Status));
  287. }
  289. void
  290. DisplayWinError(
  291. LPSTR szAPI,
  292. DWORD WinError
  293. )
  294. {
  295. LPSTR MessageBuffer;
  296. DWORD dwBufferLength;
  298. //
  299. // TODO: Get this fprintf out of here!
  300. //
  301. fprintf(stderr,"%s error! (0x%x)\n", szAPI, WinError);
  303. if(dwBufferLength=FormatMessageA(
  304. FORMAT_MESSAGE_ALLOCATE_BUFFER |
  305. FORMAT_MESSAGE_FROM_SYSTEM,
  306. NULL,
  307. WinError,
  308. GetUserDefaultLangID(),
  309. (LPSTR) &MessageBuffer,
  310. 0,
  311. NULL
  312. ))
  313. {
  314. DWORD dwBytesWritten; // unused
  316. //
  317. // Output message string on stderr.
  318. //
  319. WriteFile(
  320. GetStdHandle(STD_ERROR_HANDLE),
  321. MessageBuffer,
  322. dwBufferLength,
  323. &dwBytesWritten,
  324. NULL
  325. );
  327. //
  328. // Free the buffer allocated by the system.
  329. //
  330. LocalFree(MessageBuffer);
  331. }
  332. }