Results 1 to 4 of 4

Thread: Act as part of the operating system

  1. Jan 12th, 2003, 11:48 PM #1
    Janaka
    Janaka is offline

    Thread Starter
    Hyperactive Member Janaka's Avatar
    Join Date
    Nov 2001
    Posts
    277

    Act as part of the operating system

    I need to write a program to add an entry to Local Security Settings -> User Rights Assignment -> Act as part of the operating system.

    There is user in the network called \\lol_dev\yapa I need to add it to the computer that I am running the program (\\lol_dev\janaka).

    The code that I have written to do it is


    VB Code:
    1. #include "winNT.h"

    2. #include "NTSecAPI.h"

    3. #include "lm.h"

    4. #include "assert.h"

    5. #pragma hdrstop

    6. #pragma comment( lib, "netapi32.lib" )

    7.  
    9.  
    10. void CThirdDlg::AddUser() {

    11.  
    12.  
    13.     //char localgroup_name[100];

    14.     char domain_name[100];

    15.     DWORD domname_len = 100;

    16.     char psid_buffer[1024];

    17.     PSID psid = (PSID) psid_buffer;

    18.     DWORD sid_length = 1024;

    19.  
    20.     SID_NAME_USE acc_type;

    21.  
    22.  
    23.     BOOL fRet =  LookupAccountName (NULL, "\\lol_dev\yapa", psid,

    24.                   &sid_length, domain_name, &domname_len,

    25.                   &acc_type);

    26.     

    27.     ASSERT(fRet != 0);

    28.  
    29.     LSA_HANDLE          hPolicy = GetPolicyHandle();

    30.  
    31.     

    32.     LSA_UNICODE_STRING lsastrPrivs[1] = { 0 };

    33.  
    34.     //lsastrPrivs[0].Buffer = (PWSTR)SE_TCB_NAME;

    35.     lsastrPrivs[0].Buffer = (PWSTR)SE_SYSTEMTIME_NAME;

    36.     lsastrPrivs[0].Length = lstrlen((LPCSTR)lsastrPrivs[0].Buffer) * sizeof(WCHAR);

    37.     lsastrPrivs[0].MaximumLength = lsastrPrivs[0].Length + sizeof(WCHAR);

    38.  
    39.     

    40.     // this is the place I get the error

    41. NTSTATUS ntStatus = LsaAddAccountRights(hPolicy, psid, lsastrPrivs, 1);

    42.     ULONG lErr = LsaNtStatusToWinError(ntStatus);

    43.     CString msg = "Success";

    44.     if (lErr >0)

    45.     {

    46.         

    47.         msg.Format("Error %d", lErr);

    48.     }

    49.     AfxMessageBox( msg);

    50.  
    51. }

    52.  
    53. #define TARGET_SYSTEM_NAME L"JANAKA"

    54.  
    55.  
    56. LSA_HANDLE GetPolicyHandle()

    57. {

    58.   LSA_OBJECT_ATTRIBUTES ObjectAttributes;

    59.   WCHAR SystemName[] = TARGET_SYSTEM_NAME;

    60.   USHORT SystemNameLength;

    61.   LSA_UNICODE_STRING lusSystemName;

    62.   NTSTATUS ntsResult;

    63.   LSA_HANDLE lsahPolicyHandle;

    64.  
    65.   // Object attributes are reserved, so initialize to zeroes.

    66.   ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes));

    67.  
    68.   //Initialize an LSA_UNICODE_STRING to the server name.

    69.   SystemNameLength = wcslen(SystemName);

    70.   lusSystemName.Buffer = SystemName;

    71.   lusSystemName.Length = SystemNameLength * sizeof(WCHAR);

    72.   lusSystemName.MaximumLength = (SystemNameLength+1) * sizeof(WCHAR);

    73.  
    74.   // Get a handle to the Policy object.

    75.   ntsResult = LsaOpenPolicy(

    76.         &lusSystemName,    //Name of the target system.

    77.         &ObjectAttributes, //Object attributes.

    78.         POLICY_ALL_ACCESS, //Desired access permissions.

    79.         &lsahPolicyHandle  //Receives the policy handle.

    80.     );

    81.  
    82.   if (ntsResult != 0 )//STATUS_SUCCESS)

    83.   {

    84.     // An error occurred. Display it as a win32 error code.

    85.     wprintf(L"OpenPolicy returned %lu\n",

    86.       LsaNtStatusToWinError(ntsResult));

    87.     return NULL;

    88.   } 

    89.   return lsahPolicyHandle;

    90. }

    when I run the program in the line

    VB Code:
    1. NTSTATUS ntStatus = LsaAddAccountRights(hPolicy, psid, lsastrPrivs, 1);
    I get the error the error code is 1313
    How do I fix it?
    Reply With Quote Reply With Quote
  2. Jan 13th, 2003, 04:53 AM #2
    parksie
    parksie is offline
    Monday Morning Lunatic parksie's Avatar
    Join Date
    Mar 2000
    Location
    Mashin' on the motorway
    Posts
    8,169
    What does looking up code 1313 give you?
    I refuse to tie my hands behind my back and hear somebody say "Bend Over, Boy, Because You Have It Coming To You".
    -- Linus Torvalds
    Reply With Quote Reply With Quote
  3. Jan 13th, 2003, 06:21 AM #3
    CornedBee
    CornedBee is offline
    Kitten CornedBee's Avatar
    Join Date
    Aug 2001
    Location
    In a microchip!
    Posts
    11,594
    It's a security rights violation.

    Are you sure you're running this app as an admin?
    All the buzzt
    CornedBee

    "Writing specifications is like writing a novel. Writing code is like writing poetry."
    - Anonymous, published by Raymond Chen

    Don't PM me with your problems, I scan most of the forums daily. If you do PM me, I will not answer your question.
    Reply With Quote Reply With Quote
  4. Jan 13th, 2003, 11:06 PM #4
    Janaka
    Janaka is offline

    Thread Starter
    Hyperactive Member Janaka's Avatar
    Join Date
    Nov 2001
    Posts
    277
    yes i have admin rights.

    I need to write a program to add an entry to Local Security Settings -> User Rights Assignment -> Act as part of the operating system.

    I found these settings could be changed using Scripting Hosts too. Any idea about that?
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width