NTSTATUS RtlAllocateUnicodeStringFromSid( OUT PUNICODE_STRING StringSid, IN PSID Sid ) { NTSTATUS status = STATUS_SUCCESS; PWSTR resultBuffer = NULL; UNICODE_STRING result = { 0 }; if (!StringSid) { status = STATUS_INVALID_PARAMETER; GOTO_CLEANUP(); } status = RtlAllocateWC16StringFromSid(&resultBuffer, Sid); GOTO_CLEANUP_ON_STATUS(status); status = RtlUnicodeStringInitEx(&result, resultBuffer); GOTO_CLEANUP_ON_STATUS(status); resultBuffer = NULL; status = STATUS_SUCCESS; cleanup: if (!NT_SUCCESS(status)) { RtlUnicodeStringFree(&result); } RTL_FREE(&resultBuffer); if (StringSid) { *StringSid = result; } return status; }
NTSTATUS SamrSrvDeleteAliasMember( handle_t IDL_handle, ACCOUNT_HANDLE hAlias, PSID pSid ) { const wchar_t wszFilterFmt[] = L"%ws='%ws'"; NTSTATUS ntStatus = STATUS_SUCCESS; DWORD dwError = ERROR_SUCCESS; PACCOUNT_CONTEXT pAcctCtx = NULL; PDOMAIN_CONTEXT pDomCtx = NULL; PCONNECT_CONTEXT pConnCtx = NULL; PWSTR pwszGroupDn = NULL; PWSTR pwszSid = NULL; size_t sSidStrLen = 0; HANDLE hDirectory = NULL; PWSTR pwszBaseDn = NULL; WCHAR wszAttrDn[] = DS_ATTR_DISTINGUISHED_NAME; WCHAR wszAttrObjectClass[] = DS_ATTR_OBJECT_CLASS; WCHAR wszAttrObjectSid[] = DS_ATTR_OBJECT_SID; DWORD dwScope = 0; DWORD dwFilterLen = 0; PWSTR pwszFilter = NULL; PDIRECTORY_ENTRY pEntry = NULL; DWORD dwEntriesNum = 0; PWSTR wszAttributes[] = { wszAttrDn, wszAttrObjectClass, NULL }; pAcctCtx = (PACCOUNT_CONTEXT)hAlias; if (pAcctCtx == NULL || pAcctCtx->Type != SamrContextAccount) { ntStatus = STATUS_INVALID_HANDLE; BAIL_ON_NTSTATUS_ERROR(ntStatus); } if (!(pAcctCtx->dwAccessGranted & ALIAS_ACCESS_REMOVE_MEMBER)) { ntStatus = STATUS_ACCESS_DENIED; BAIL_ON_NTSTATUS_ERROR(ntStatus); } pDomCtx = pAcctCtx->pDomCtx; pConnCtx = pDomCtx->pConnCtx; hDirectory = pConnCtx->hDirectory; pwszGroupDn = pAcctCtx->pwszDn; ntStatus = RtlAllocateWC16StringFromSid(&pwszSid, pSid); BAIL_ON_NTSTATUS_ERROR(ntStatus); dwError = LwWc16sLen(pwszSid, &sSidStrLen); BAIL_ON_LSA_ERROR(dwError); dwFilterLen = ((sizeof(wszAttrObjectClass)/sizeof(WCHAR) - 1)) + sSidStrLen + (sizeof(wszFilterFmt)/sizeof(wszFilterFmt[0])); dwError = LwAllocateMemory(sizeof(WCHAR) * dwFilterLen, OUT_PPVOID(&pwszFilter)); BAIL_ON_LSA_ERROR(dwError); if (sw16printfw(pwszFilter, dwFilterLen, wszFilterFmt, wszAttrObjectSid, pwszSid) < 0) { ntStatus = LwErrnoToNtStatus(errno); BAIL_ON_NTSTATUS_ERROR(ntStatus); } dwError = DirectorySearch(hDirectory, pwszBaseDn, dwScope, pwszFilter, wszAttributes, FALSE, &pEntry, &dwEntriesNum); BAIL_ON_LSA_ERROR(dwError); if (dwEntriesNum > 1) { ntStatus = STATUS_INTERNAL_ERROR; } else if (dwEntriesNum == 0) { ntStatus = STATUS_NO_SUCH_MEMBER; } BAIL_ON_NTSTATUS_ERROR(ntStatus); dwError = DirectoryRemoveFromGroup(hDirectory, pwszGroupDn, pEntry); BAIL_ON_LSA_ERROR(dwError); cleanup: if (pEntry) { DirectoryFreeEntries(pEntry, dwEntriesNum); } LW_SAFE_FREE_MEMORY(pwszFilter); RTL_FREE(&pwszSid); if (ntStatus == STATUS_SUCCESS && dwError != ERROR_SUCCESS) { ntStatus = LwWin32ErrorToNtStatus(dwError); } return ntStatus; error: goto cleanup; }