C# Signature:
[DllImport("advapi32.dll", SetLastError=true)]
public static extern uint LsaEnumerateAccountRights(
IntPtr PolicyHandle,
[MarshalAs(UnmanagedType.LPArray)] byte[] AccountSid,
out IntPtr UserRights,
out uint CountOfRights
);
VB Signature:
Declare Function LsaEnumerateAccountRights Lib "advapi32.dll" (TODO) As TODO
User-Defined Types:
None.
Notes:
// NTSTATUS LsaEnumerateAccountRights(
// in LSA_HANDLE PolicyHandle,
// in PSID AccountSid,
// out PLSA_UNICODE_STRING* UserRights,
// out PULONG CountOfRights
//);
NTSTATUS can be converted to a Windows error using LsaNtStatusToWinError
The reason behind using byte[] for a sid is a mystery to me. Has anyone documented this? I've just copied the techniques from other functions here and it seems to work.
Similarly - the sample code below works, but why can't you just use an array of LSA_UNICODE_STRING ???
Tips & Tricks:
Please add some!
Sample Code:
IntPtr rights;
uint cRights = 0;
uint result = LsaEnumerateAccountRights( policyHandle,
sid,
out rights,
out cRights);
privileges = new string[cRights];
for ( int i = 0; i < cRights; i++ )
{
// QUESTION: Why can't we just use an array of LSAInter.LSA_UNICODE_STRING ???
LSA_UNICODE_STRING right = (LSA_UNICODE_STRING)Marshal.PtrToStructure(
(IntPtr)((int)rights + i * Marshal.SizeOf(typeof(LSA_UNICODE_STRING))),
typeof(LSA_UNICODE_STRING)
);
privileges[i] = Marshal.PtrToStringAuto(right.Buffer,(int)right.Length);
}
Alternative Managed API:
Do you know one? Please contribute it!
