PSID AccountSid = NULL;
NTSTATUS Status;
LSA_HANDLE PolicyHandle = NULL;
- LSA_UNICODE_STRING RightString;
+ LSA_UNICODE_STRING RightString, AccountName;
+ PLSA_REFERENCED_DOMAIN_LIST ReferencedDomains = NULL;
PLSA_TRANSLATED_SID2 Sids = NULL;
DPRINT("InstallPrivileges()\n");
else
{
DPRINT("Account name: %S\n", szSidString);
- continue;
-
+
+ ReferencedDomains = NULL;
+ Sids = NULL;
+ RtlInitUnicodeString(&AccountName, szSidString);
+ Status = LsaLookupNames2(PolicyHandle,
+ 0,
+ 1,
+ &AccountName,
+ &ReferencedDomains,
+ &Sids);
+ if (ReferencedDomains != NULL)
+ {
+ LsaFreeMemory(ReferencedDomains);
+ }
+
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("LsaLookupNames2() failed (Status 0x%08lx)\n", Status);
+
+ if (Sids != NULL)
+ {
+ LsaFreeMemory(Sids);
+ Sids = NULL;
+ }
+
+ continue;
+ }
}
RtlInitUnicodeString(&RightString, szPrivilegeString);
SeImpersonatePrivilege = *S-1-5-6, *S-1-5-32-544
SeIncreaseBasePriorityPrivilege = *S-1-5-32-544
SeIncreaseQuotaPrivilege = *S-1-5-19, *S-1-5-20, *S-1-5-32-544
-SeInteractiveLogonRight = *S-1-5-32-544, *S-1-5-32-545, *S-1-5-32-547, *S-1-5-32-551
+SeInteractiveLogonRight = *S-1-5-32-544, *S-1-5-32-545, *S-1-5-32-547, *S-1-5-32-551, %SceInfGuest%
SeLoadDriverPrivilege = *S-1-5-32-544
SeLockMemoryPrivilege =
SeMachineAccountPrivilege =
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeCaption = 1, ""
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText = 7, ""
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutdownWithoutLogon = 4, 1
-MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogon = 4, 1
\ No newline at end of file
+MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogon = 4, 1
+
+[Strings]
+SceInfGuest = "Guest"
+
+[Strings.0407]
+SceInfGuest = "Gast"