VOID DisplayAccountSid( PSID Sid ) { UCHAR i; ULONG Tmp; PSID_IDENTIFIER_AUTHORITY IdentifierAuthority; UCHAR SubAuthorityCount; IdentifierAuthority = RtlIdentifierAuthoritySid(Sid); // // HACK! HACK! // The next line prints the revision of the SID. Since there is no // rtl routine which gives us the SID revision, we must make due. // luckily, the revision field is the first field in the SID, so we // can just cast the pointer. // printf("S-%u-", (USHORT) *((PUCHAR) Sid) ); if ( (IdentifierAuthority->Value[0] != 0) || (IdentifierAuthority->Value[1] != 0) ){ printf("0x%02hx%02hx%02hx%02hx%02hx%02hx", IdentifierAuthority->Value[0], IdentifierAuthority->Value[1], IdentifierAuthority->Value[2], IdentifierAuthority->Value[3], IdentifierAuthority->Value[4], IdentifierAuthority->Value[5] ); } else { Tmp = IdentifierAuthority->Value[5] + (IdentifierAuthority->Value[4] << 8) + (IdentifierAuthority->Value[3] << 16) + (IdentifierAuthority->Value[2] << 24); printf("%lu", Tmp); } SubAuthorityCount = *RtlSubAuthorityCountSid(Sid); for (i=0;i<SubAuthorityCount ;i++ ) { printf("-%lu", (*RtlSubAuthoritySid(Sid, i))); } printf("\n"); }
/****************************************************************************** * GetSidIdentifierAuthority [ADVAPI32.@] * * PARAMS * pSid [] */ PSID_IDENTIFIER_AUTHORITY WINAPI GetSidIdentifierAuthority( PSID pSid ) { return RtlIdentifierAuthoritySid(pSid); }
BOOLEAN SampMatchDomainPrefix( IN PSID AccountSid, IN PSID DomainSid ) /*++ Routine Description: This function compares the domain sid to the domain prefix of an account sid. Arguments: AccountSid - Specifies the account Sid to be compared. The Sid is assumed to be syntactically valid. DomainSid - Specifies the domain Sid to compare against. Return Value: TRUE - The account Sid is from the Domain specified by the domain Sid FALSE - The domain prefix of the account Sid did not match the domain. --*/ { // // Check if the account Sid has one more subauthority than the // domain Sid. // if (*RtlSubAuthorityCountSid(DomainSid) + 1 != *RtlSubAuthorityCountSid(AccountSid)) { return(FALSE); } if (memcmp( RtlIdentifierAuthoritySid(DomainSid), RtlIdentifierAuthoritySid(AccountSid), sizeof(SID_IDENTIFIER_AUTHORITY) ) ) { return(FALSE); } // // Compare the sub authorities // if (memcmp( RtlSubAuthoritySid(DomainSid, 0) , RtlSubAuthoritySid(AccountSid, 0) , *RtlSubAuthorityCountSid(DomainSid) )) { return(FALSE); } return(TRUE); }