none
How to access local security policy of computer using C# ? RRS feed

  • Question

  • Hi all,
    i want to access Local Security policies of computer using C# code?
    Please tell me how to access?
    TIA

    sumitk

    Tuesday, October 10, 2017 3:44 AM

All replies


  • Hi Sumitk.cdac,

    >>i want to access Local Security policies of computer using C# code?

    According to the information I am currently looking for, and did not find a clear document to access Local Security policies of computer using C# code.

    I found the following article may helpful for you.

    LSA Functions - Privileges and Impersonation:
    https://www.codeproject.com/Articles/4863/LSA-Functions-Privileges-and-Impersonation

    Also, As far as I know, you can modify local security Policy programmatically using Powershell.

    Modify Local Security Policy using Powershell
    https://stackoverflow.com/questions/23260656/modify-local-security-policy-using-powershell


    Best Regards,

    Yohann Lu


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Tuesday, October 10, 2017 7:05 AM
    Moderator
  • For example, to read the Primary Domain =>

    uint ntstatus;
    IntPtr hPolicy;
    LSA_OBJECT_ATTRIBUTES Loa;
    IntPtr PrimaryDomainInfoPtr;
    
    Loa.Length = Marshal.SizeOf(typeof(LSA_OBJECT_ATTRIBUTES));
    Loa.RootDirectory = IntPtr.Zero;
    Loa.ObjectName = IntPtr.Zero;
    Loa.Attributes = 0;
    Loa.SecurityDescriptor = IntPtr.Zero;
    Loa.SecurityQualityOfService = IntPtr.Zero;
    
    if (0 == (ntstatus = LsaOpenPolicy(null, ref Loa, (int)POLICY_RIGHTS.POLICY_VIEW_LOCAL_INFORMATION, out hPolicy)))
    {
        if (0 == (ntstatus = LsaQueryInformationPolicy(hPolicy, POLICY_INFORMATION_CLASS.PolicyPrimaryDomainInformation, out PrimaryDomainInfoPtr)))
        {
            POLICY_ACCOUNT_DOMAIN_INFO PrimaryDomainInfo = new POLICY_ACCOUNT_DOMAIN_INFO();
            Marshal.PtrToStructure(PrimaryDomainInfoPtr, PrimaryDomainInfo);
            string sDomainName = Marshal.PtrToStringUni(PrimaryDomainInfo.DomainName.Buffer);                
        }
        LsaClose(hPolicy);
    }

    Declarations :

    [StructLayoutAttribute(LayoutKind.Sequential)]
    internal struct LSA_OBJECT_ATTRIBUTES
    {
        internal  int Length;
        internal IntPtr RootDirectory;
        internal IntPtr ObjectName;
        internal int Attributes;
        internal IntPtr SecurityDescriptor;
        internal IntPtr SecurityQualityOfService;
    }
    
    [Flags]
    internal enum POLICY_RIGHTS
    {
        POLICY_VIEW_LOCAL_INFORMATION = 0x00000001,
        POLICY_VIEW_AUDIT_INFORMATION = 0x00000002,
        POLICY_GET_PRIVATE_INFORMATION = 0x00000004,
        POLICY_TRUST_ADMIN = 0x00000008,
        POLICY_CREATE_ACCOUNT = 0x00000010,
        POLICY_CREATE_SECRET = 0x00000020,
        POLICY_CREATE_PRIVILEGE = 0x00000040,
        POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080,
        POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100,
        POLICY_AUDIT_LOG_ADMIN = 0x00000200,
        POLICY_SERVER_ADMIN = 0x00000400,
        POLICY_LOOKUP_NAMES = 0x00000800,
        POLICY_NOTIFICATION = 0x00001000,
    }
    
    [DllImport("Advapi32.dll", SetLastError = true, ExactSpelling = true, CharSet = CharSet.Unicode)]
    internal static extern uint LsaOpenPolicy(string SystemName,  ref LSA_OBJECT_ATTRIBUTES ObjectAttributes, int DesiredAccess, out IntPtr PolicyHandle);
    
    internal enum POLICY_INFORMATION_CLASS
    {
        PolicyAuditLogInformation = 1,
        PolicyAuditEventsInformation,
        PolicyPrimaryDomainInformation,
        PolicyPdAccountInformation,
        PolicyAccountDomainInformation,
        PolicyLsaServerRoleInformation,
        PolicyReplicaSourceInformation,
        PolicyDefaultQuotaInformation,
        PolicyModificationInformation,
        PolicyAuditFullSetInformation,
        PolicyAuditFullQueryInformation,
        PolicyDnsDomainInformation,
        PolicyDnsDomainInformationInt,
        PolicyLocalAccountDomainInformation,
        PolicyLastEntry
    }
    
    [StructLayout(LayoutKind.Sequential)]
    internal struct LSA_UNICODE_STRING
    {
        internal LSA_UNICODE_STRING(IntPtr pBuffer, ushort length)
        {
            Length = length;
            MaximumLength = length;
            Buffer = pBuffer;
        }
    
        /// <summary>
        /// Specifies the length, in bytes, of the string in Buffer. This value does not include the terminating null character, if any.
        /// </summary>
        internal ushort Length;
    
        /// <summary>
        /// Specifies the total size, in bytes, of Buffer. Up to MaximumLength bytes may be written into the buffer without trampling memory.
        /// </summary>
        internal ushort MaximumLength;
    
        /// <summary>
        /// Pointer to a wide character string. Note that strings returned by the LSA may not be null-terminated.
        /// </summary>
        internal IntPtr Buffer;
    }
    
    [StructLayout(LayoutKind.Sequential)]
    internal sealed class POLICY_ACCOUNT_DOMAIN_INFO
    {
        public LSA_UNICODE_STRING DomainName;
        public IntPtr DomainSid;
    }
    
    [DllImport("Advapi32.dll", SetLastError = true, ExactSpelling = true, CharSet = CharSet.Unicode)]
    internal static extern uint LsaQueryInformationPolicy(IntPtr PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, out IntPtr Buffer);
    
    
    [DllImport("Advapi32.dll", SetLastError = true, ExactSpelling = true, CharSet = CharSet.Unicode)]
    internal static extern uint LsaClose(IntPtr ObjectHandle);


    • Edited by Castorix31 Tuesday, October 10, 2017 9:17 AM
    • Proposed as answer by Fei HuModerator Wednesday, October 11, 2017 11:52 AM
    Tuesday, October 10, 2017 9:16 AM