I need to write a program to add an entry to Local Security Settings -> User Rights Assignment -> Act as part of the operating system.

There is user in the network called \\lol_dev\yapa I need to add it to the computer that I am running the program (\\lol_dev\janaka).

The code that I have written to do it is


VB Code:
  1. #include "winNT.h"

  2. #include "NTSecAPI.h"

  3. #include "lm.h"

  4. #include "assert.h"

  5. #pragma hdrstop

  6. #pragma comment( lib, "netapi32.lib" )

  7.  
  9.  
  10. void CThirdDlg::AddUser() {

  11.  
  12.  
  13.     //char localgroup_name[100];

  14.     char domain_name[100];

  15.     DWORD domname_len = 100;

  16.     char psid_buffer[1024];

  17.     PSID psid = (PSID) psid_buffer;

  18.     DWORD sid_length = 1024;

  19.  
  20.     SID_NAME_USE acc_type;

  21.  
  22.  
  23.     BOOL fRet =  LookupAccountName (NULL, "\\lol_dev\yapa", psid,

  24.                   &sid_length, domain_name, &domname_len,

  25.                   &acc_type);

  26.     

  27.     ASSERT(fRet != 0);

  28.  
  29.     LSA_HANDLE          hPolicy = GetPolicyHandle();

  30.  
  31.     

  32.     LSA_UNICODE_STRING lsastrPrivs[1] = { 0 };

  33.  
  34.     //lsastrPrivs[0].Buffer = (PWSTR)SE_TCB_NAME;

  35.     lsastrPrivs[0].Buffer = (PWSTR)SE_SYSTEMTIME_NAME;

  36.     lsastrPrivs[0].Length = lstrlen((LPCSTR)lsastrPrivs[0].Buffer) * sizeof(WCHAR);

  37.     lsastrPrivs[0].MaximumLength = lsastrPrivs[0].Length + sizeof(WCHAR);

  38.  
  39.     

  40.     // this is the place I get the error

  41. NTSTATUS ntStatus = LsaAddAccountRights(hPolicy, psid, lsastrPrivs, 1);

  42.     ULONG lErr = LsaNtStatusToWinError(ntStatus);

  43.     CString msg = "Success";

  44.     if (lErr >0)

  45.     {

  46.         

  47.         msg.Format("Error %d", lErr);

  48.     }

  49.     AfxMessageBox( msg);

  50.  
  51. }

  52.  
  53. #define TARGET_SYSTEM_NAME L"JANAKA"

  54.  
  55.  
  56. LSA_HANDLE GetPolicyHandle()

  57. {

  58.   LSA_OBJECT_ATTRIBUTES ObjectAttributes;

  59.   WCHAR SystemName[] = TARGET_SYSTEM_NAME;

  60.   USHORT SystemNameLength;

  61.   LSA_UNICODE_STRING lusSystemName;

  62.   NTSTATUS ntsResult;

  63.   LSA_HANDLE lsahPolicyHandle;

  64.  
  65.   // Object attributes are reserved, so initialize to zeroes.

  66.   ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes));

  67.  
  68.   //Initialize an LSA_UNICODE_STRING to the server name.

  69.   SystemNameLength = wcslen(SystemName);

  70.   lusSystemName.Buffer = SystemName;

  71.   lusSystemName.Length = SystemNameLength * sizeof(WCHAR);

  72.   lusSystemName.MaximumLength = (SystemNameLength+1) * sizeof(WCHAR);

  73.  
  74.   // Get a handle to the Policy object.

  75.   ntsResult = LsaOpenPolicy(

  76.         &lusSystemName,    //Name of the target system.

  77.         &ObjectAttributes, //Object attributes.

  78.         POLICY_ALL_ACCESS, //Desired access permissions.

  79.         &lsahPolicyHandle  //Receives the policy handle.

  80.     );

  81.  
  82.   if (ntsResult != 0 )//STATUS_SUCCESS)

  83.   {

  84.     // An error occurred. Display it as a win32 error code.

  85.     wprintf(L"OpenPolicy returned %lu\n",

  86.       LsaNtStatusToWinError(ntsResult));

  87.     return NULL;

  88.   } 

  89.   return lsahPolicyHandle;

  90. }

when I run the program in the line

VB Code:
  1. NTSTATUS ntStatus = LsaAddAccountRights(hPolicy, psid, lsastrPrivs, 1);
I get the error the error code is 1313
How do I fix it?