On Aug 2 12:54, rm...@aboutgolf.com wrote: > [I'm so sorry I'm messing up the mailing list by not replying to the proper > email.... I only just got it through my thick skull now to subscribe to the > mailing list. I think my brain is on vacation already....] > > > Unfortunately your prediction was correct - RunAs Administrator CMD gives > this:
Thanks! In the meantime I prepared my test application. Can you please fetch the attached source and store it as, e.g., azure-check.c. Then build and run it like this: $ gcc -g -o azure-check azure-check.c -lnetapi32 $ ./azure-check Then run it and paste the complete output into your reply. I have an idea for an extension of this testcase, but I think I have to see the output of this one first. Thanks in advance, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
#include <stdio.h>
#define _WIN32_WINNT 0x0a00
#define WINVER 0x0a00
#include <windows.h>
#include <winternl.h>
#include <ntsecapi.h>
#include <dsgetdc.h>
#include <sddl.h>
int
main ()
{
HANDLE lsa;
NTSTATUS status;
ULONG ret;
PPOLICY_DNS_DOMAIN_INFO pdom;
PPOLICY_ACCOUNT_DOMAIN_INFO adom;
PDS_DOMAIN_TRUSTSW td;
ULONG tdom_cnt;
static LSA_OBJECT_ATTRIBUTES oa = { 0, 0, 0, 0, 0, 0 };
LPSTR str;
BOOL has_dom;
HANDLE tok;
WCHAR name[256];
WCHAR dom[256];
DWORD nlen, dlen;
SID_NAME_USE type;
status = LsaOpenPolicy (NULL, &oa, POLICY_VIEW_LOCAL_INFORMATION, &lsa);
if (!NT_SUCCESS (status))
{
printf ("LsaOpenPolicy: 0x%08x\n", status);
return 1;
}
status = LsaQueryInformationPolicy (lsa, PolicyDnsDomainInformation,
(PVOID *) &pdom);
if (NT_SUCCESS (status))
{
if (pdom->Name.Length)
printf ("PDom.Name: %ls\n", pdom->Name.Buffer);
if (pdom->DnsDomainName.Length)
printf ("PDom.DnsDomainName: %ls\n", pdom->DnsDomainName.Buffer);
if (pdom->DnsForestName.Length)
printf ("PDom.DnsForestName: %ls\n", pdom->DnsForestName.Buffer);
has_dom = !!pdom->Sid;
if (has_dom)
{
ConvertSidToStringSidA (pdom->Sid, &str);
printf ("PDom.Sid: %s\n", str);
LocalFree (str);
}
LsaFreeMemory (pdom);
}
else
printf ("LsaQueryInformationPolicy (PDOM): 0x%08x\n", status);
status = LsaQueryInformationPolicy (lsa, PolicyAccountDomainInformation,
(PVOID *) &adom);
if (NT_SUCCESS (status))
{
if (adom->DomainName.Length)
printf ("ADom.DomainName: %ls\n", adom->DomainName.Buffer);
ConvertSidToStringSidA (adom->DomainSid, &str);
printf ("ADom.DomainSid: %s\n", str);
LocalFree (str);
LsaFreeMemory (adom);
}
else
printf ("LsaQueryInformationPolicy (ADOM): 0x%08x\n", status);
if (dom)
{
ret = DsEnumerateDomainTrustsW (NULL, DS_DOMAIN_DIRECT_INBOUND
| DS_DOMAIN_DIRECT_OUTBOUND
| DS_DOMAIN_IN_FOREST,
&td, &tdom_cnt);
if (ret == ERROR_SUCCESS)
for (ULONG idx = 0; idx < tdom_cnt; ++idx)
{
printf ("Trusted Domain %u:\n", idx);
printf (" NetbiosDomainName: %ls\n", td[idx].NetbiosDomainName);
if (td[idx].DnsDomainName)
printf (" DnsDomainName: %ls\n", td[idx].DnsDomainName);
printf (" Flags: 0x%08x\n", td[idx].Flags);
printf (" TrustType: 0x%08x\n", td[idx].TrustType);
printf (" TrustAttributes: 0x%08x\n", td[idx].TrustAttributes);
if (td[idx].DomainSid)
{
ConvertSidToStringSidA (td[idx].DomainSid, &str);
printf ("DomainSid: %s\n", str);
LocalFree (str);
}
}
else
printf ("DsEnumerateDomainTrustsW: %u\n", ret);
}
LsaClose (lsa);
if (OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &tok))
{
PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
if (GetTokenInformation (tok, TokenUser, tp, 65536, &ret))
{
printf ("User:\n");
ConvertSidToStringSidA (tp->User.Sid, &str);
printf (" Sid: %s\n", str);
LocalFree (str);
nlen = dlen = 256;
if (LookupAccountSidW (NULL, tp->User.Sid, name, &nlen,
dom, &dlen, &type))
printf (" Dom\\Name: %ls\\%ls\n", dom, name);
else
printf (" LookupAccountSidW: %u\n", GetLastError ());
printf (" Attributes: 0x%08x\n", tp->User.Attributes);
}
else
printf ("GetTokenInformation(user): %u\n", GetLastError ());
free (tp);
PTOKEN_GROUPS tg = (PTOKEN_GROUPS) malloc (65536);
if (GetTokenInformation (tok, TokenGroups, tg, 65536, &ret))
for (ULONG idx = 0; idx < tg->GroupCount; ++idx)
{
printf ("Group %u\n", idx);
ConvertSidToStringSidA (tg->Groups[idx].Sid, &str);
printf (" Sid: %s\n", str);
LocalFree (str);
nlen = dlen = 256;
if (LookupAccountSidW (NULL, tg->Groups[idx].Sid, name, &nlen,
dom, &dlen, &type))
printf (" Dom\\Name: %ls\\%ls\n", dom, name);
else
printf (" LookupAccountSidW: %u\n", GetLastError ());
printf (" Attributes: 0x%08x\n", tg->Groups[idx].Attributes);
}
else
printf ("GetTokenInformation(groups): %u\n", GetLastError ());
free (tg);
}
else
printf ("OpenProcessToken: %u\n", GetLastError ());
return 0;
}
signature.asc
Description: PGP signature
