On Aug 2 12:54, rm...@aboutgolf.com wrote: > [I'm so sorry I'm messing up the mailing list by not replying to the proper > email.... I only just got it through my thick skull now to subscribe to the > mailing list. I think my brain is on vacation already....] > > > Unfortunately your prediction was correct - RunAs Administrator CMD gives > this:
Thanks! In the meantime I prepared my test application. Can you please fetch the attached source and store it as, e.g., azure-check.c. Then build and run it like this: $ gcc -g -o azure-check azure-check.c -lnetapi32 $ ./azure-check Then run it and paste the complete output into your reply. I have an idea for an extension of this testcase, but I think I have to see the output of this one first. Thanks in advance, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
#include <stdio.h> #define _WIN32_WINNT 0x0a00 #define WINVER 0x0a00 #include <windows.h> #include <winternl.h> #include <ntsecapi.h> #include <dsgetdc.h> #include <sddl.h> int main () { HANDLE lsa; NTSTATUS status; ULONG ret; PPOLICY_DNS_DOMAIN_INFO pdom; PPOLICY_ACCOUNT_DOMAIN_INFO adom; PDS_DOMAIN_TRUSTSW td; ULONG tdom_cnt; static LSA_OBJECT_ATTRIBUTES oa = { 0, 0, 0, 0, 0, 0 }; LPSTR str; BOOL has_dom; HANDLE tok; WCHAR name[256]; WCHAR dom[256]; DWORD nlen, dlen; SID_NAME_USE type; status = LsaOpenPolicy (NULL, &oa, POLICY_VIEW_LOCAL_INFORMATION, &lsa); if (!NT_SUCCESS (status)) { printf ("LsaOpenPolicy: 0x%08x\n", status); return 1; } status = LsaQueryInformationPolicy (lsa, PolicyDnsDomainInformation, (PVOID *) &pdom); if (NT_SUCCESS (status)) { if (pdom->Name.Length) printf ("PDom.Name: %ls\n", pdom->Name.Buffer); if (pdom->DnsDomainName.Length) printf ("PDom.DnsDomainName: %ls\n", pdom->DnsDomainName.Buffer); if (pdom->DnsForestName.Length) printf ("PDom.DnsForestName: %ls\n", pdom->DnsForestName.Buffer); has_dom = !!pdom->Sid; if (has_dom) { ConvertSidToStringSidA (pdom->Sid, &str); printf ("PDom.Sid: %s\n", str); LocalFree (str); } LsaFreeMemory (pdom); } else printf ("LsaQueryInformationPolicy (PDOM): 0x%08x\n", status); status = LsaQueryInformationPolicy (lsa, PolicyAccountDomainInformation, (PVOID *) &adom); if (NT_SUCCESS (status)) { if (adom->DomainName.Length) printf ("ADom.DomainName: %ls\n", adom->DomainName.Buffer); ConvertSidToStringSidA (adom->DomainSid, &str); printf ("ADom.DomainSid: %s\n", str); LocalFree (str); LsaFreeMemory (adom); } else printf ("LsaQueryInformationPolicy (ADOM): 0x%08x\n", status); if (dom) { ret = DsEnumerateDomainTrustsW (NULL, DS_DOMAIN_DIRECT_INBOUND | DS_DOMAIN_DIRECT_OUTBOUND | DS_DOMAIN_IN_FOREST, &td, &tdom_cnt); if (ret == ERROR_SUCCESS) for (ULONG idx = 0; idx < tdom_cnt; ++idx) { printf ("Trusted Domain %u:\n", idx); printf (" NetbiosDomainName: %ls\n", td[idx].NetbiosDomainName); if (td[idx].DnsDomainName) printf (" DnsDomainName: %ls\n", td[idx].DnsDomainName); printf (" Flags: 0x%08x\n", td[idx].Flags); printf (" TrustType: 0x%08x\n", td[idx].TrustType); printf (" TrustAttributes: 0x%08x\n", td[idx].TrustAttributes); if (td[idx].DomainSid) { ConvertSidToStringSidA (td[idx].DomainSid, &str); printf ("DomainSid: %s\n", str); LocalFree (str); } } else printf ("DsEnumerateDomainTrustsW: %u\n", ret); } LsaClose (lsa); if (OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &tok)) { PTOKEN_USER tp = (PTOKEN_USER) malloc (65536); if (GetTokenInformation (tok, TokenUser, tp, 65536, &ret)) { printf ("User:\n"); ConvertSidToStringSidA (tp->User.Sid, &str); printf (" Sid: %s\n", str); LocalFree (str); nlen = dlen = 256; if (LookupAccountSidW (NULL, tp->User.Sid, name, &nlen, dom, &dlen, &type)) printf (" Dom\\Name: %ls\\%ls\n", dom, name); else printf (" LookupAccountSidW: %u\n", GetLastError ()); printf (" Attributes: 0x%08x\n", tp->User.Attributes); } else printf ("GetTokenInformation(user): %u\n", GetLastError ()); free (tp); PTOKEN_GROUPS tg = (PTOKEN_GROUPS) malloc (65536); if (GetTokenInformation (tok, TokenGroups, tg, 65536, &ret)) for (ULONG idx = 0; idx < tg->GroupCount; ++idx) { printf ("Group %u\n", idx); ConvertSidToStringSidA (tg->Groups[idx].Sid, &str); printf (" Sid: %s\n", str); LocalFree (str); nlen = dlen = 256; if (LookupAccountSidW (NULL, tg->Groups[idx].Sid, name, &nlen, dom, &dlen, &type)) printf (" Dom\\Name: %ls\\%ls\n", dom, name); else printf (" LookupAccountSidW: %u\n", GetLastError ()); printf (" Attributes: 0x%08x\n", tg->Groups[idx].Attributes); } else printf ("GetTokenInformation(groups): %u\n", GetLastError ()); free (tg); } else printf ("OpenProcessToken: %u\n", GetLastError ()); return 0; }
signature.asc
Description: PGP signature