BOOL lsp_remove(LSA_HANDLE lsa_handle, LPTSTR user, LPTSTR privilegeConstant)
{
LSA_ACCOUNT account;
NTSTATUS nt_status;
LSA_UNICODE_STRING privilege;
PSID sid;
BOOL success = TRUE;
if (!valid_privilege(&privilege, privilegeConstant))
return FALSE;
if (!valid_user(lsa_handle, &sid, user))
return FALSE;
if (!lsa_account_from_sid(lsa_handle, sid, &account))
{
FreeSid(sid);
return FALSE;
}
print_string(L"Removing %s from ", privilegeConstant);
print_account(&account);
print_string(L".\n");
nt_status = LsaRemoveAccountRights(lsa_handle, sid, FALSE, &privilege, 1);
if (nt_status != STATUS_SUCCESS)
{
FreeSid(sid);
return lsa_error(nt_status, L"LsaRemoveAccountRights");
}
FreeSid(sid);
return TRUE;
}
BOOL lsp_list_by_privilege(LSA_HANDLE lsa_handle, LPTSTR privilegeConstant)
{
LSA_ACCOUNT account;
LSA_ENUMERATION_INFORMATION* array;
ULONG count;
ULONG i;
NTSTATUS nt_status;
LSA_UNICODE_STRING privilege;
BOOL success = TRUE;
if (!valid_privilege(&privilege, privilegeConstant))
return FALSE;
print_string(L"Accounts with %s:\n", privilegeConstant);
nt_status = LsaEnumerateAccountsWithUserRight(lsa_handle, &privilege, (void**)&array, &count);
if (nt_status != STATUS_SUCCESS)
return lsa_error(nt_status, L"LsaEnumerateAccountsWithUserRight");
for(i=0; i<count; i++)
{
if (!lsa_account_from_sid(lsa_handle, array[i].Sid, &account))
{
success = FALSE;
break;
}
print_string(L" - ");
print_account(&account);
print_string(L"\n");
}
LsaFreeMemory(array);
return TRUE;
}
BOOL lsp_list_by_user(LSA_HANDLE lsa_handle, LPTSTR user)
{
LSA_ACCOUNT account;
LSA_UNICODE_STRING* array;
ULONG count;
ULONG i;
NTSTATUS nt_status;
PSID sid;
if (!valid_user(lsa_handle, &sid, user))
return FALSE;
if (!lsa_account_from_sid(lsa_handle, sid, &account))
{
FreeSid(sid);
return FALSE;
}
print_string(L"Privileges for ");
print_account(&account);
print_string(L":\n");
nt_status = LsaEnumerateAccountRights(lsa_handle, sid, &array, &count);
if (nt_status != STATUS_SUCCESS)
{
FreeSid(sid);
return lsa_error(nt_status, L"LsaEnumerateAccountRights");
}
for(i=0; i<count; i++)
{
print_string(L" - ");
print_lsa_string(&array[i]);
print_string(L"\n");
}
LsaFreeMemory(array);
FreeSid(sid);
return TRUE;
}
/** prints an array of pointers to ACCOUNT structs
* @param accounts Pointer to array of pointers to ACCOUNT structs
* @param count the number of accounts
*/
void print_accounts(ACCOUNT **accounts, int count){
int i;
for(i = 0; i < count; i++){
print_account(accounts[i]);
}
}
