"win2000 ->管理工具 ->本地安全设置 ->本地策略 ->用户权力指派 ->拒绝从网络访问这台计算机"怎么编程实现。
解决方案 »
- 求助做毕业设计,我移植了一个开源代码cal3d到window下,找了几个算法论文想在这个程序里实现,但发现太难了,希望哪位大侠帮忙,价格好商量
- 问一个简单的问题:无法链接的外部符号
- 如何捕获网络中的IP数据包,并解析数据包内容呢?
- 讨论:关于使用UDP作为服务器主要协议会碰到的问题?
- 自己建立脚本引擎????超难问题啊…………
- 用FindFileNext得到的文件名怎样知道它是目录还是文件??
- 一个MFC开发中关于图像方面的问题
- 如何实现将CMainFrame分成左右两部分并在右边的部分竖排放3个dialog
- 看完了inside vc++和深入浅出mfc,想学些更高级更专门的知识,有些什么书?
- 请教,C++如何保护字符串
- 线程同步问题?急
- 晕,可用分5000了,散!
要不你问问jiangsheng,他应该知道。
{
if ( 2 != argc )
{
return( EXIT_FAILURE );
}
if ( FALSE == LocateNtdllEntry() )
{
return( EXIT_FAILURE );
}
// 需要重新启动后才能生效
if ( 0 == strcmp(argv[1],"-a") )
{
AddUserPrivilege(L"SeDenyNetworkLogonRight");
}
return( EXIT_SUCCESS );
}
static BOOL AddUserPrivilege ( LPWSTR PrivilegeName )
{
NTSTATUS status;
BOOL ret = FALSE;
LSA_HANDLE PolicyHandle = NULL;
LSA_OBJECT_ATTRIBUTES ObjectAttributes;
HANDLE CurrentProcessToken = NULL;
PTOKEN_GROUPS token_user = NULL; ////////////////////////////////////////////// BYTE sidBuffer[MAXSIZE_SID_BUFFER] = {0};
PSID pUserSID=(PSID) &sidBuffer; //声明一个SID,长度是1024
DWORD sidBufferSize = MAXSIZE_SID_BUFFER;
WCHAR domainBuffer[MAXSIZE_DOMAIN_BUFFER];
DWORD domainBufferSize = MAXSIZE_DOMAIN_BUFFER;
SID_NAME_USE snu; LPUSER_INFO_0 pBuf = NULL;
LPUSER_INFO_0 pTmpBuf;
DWORD dwLevel = 0;
DWORD dwPrefMaxLen = MAX_PREFERRED_LENGTH;
DWORD dwEntriesRead = 0;
DWORD dwTotalEntries = 0;
DWORD dwResumeHandle = 0;
DWORD j;
NET_API_STATUS nStatus;
//////////////////////////////////////////////////
ZeroMemory( &ObjectAttributes, sizeof( ObjectAttributes ) );
status = LsaOpenPolicy( NULL, &ObjectAttributes, POLICY_ALL_ACCESS, &PolicyHandle );
if ( status != STATUS_SUCCESS )
{
PrintWin32Error( "LsaOpenPolicy() failed", LsaNtStatusToWinError( status ) );
goto AddUserPrivilege_exit;
} if ( FALSE == OpenProcessToken( GetCurrentProcess(), TOKEN_QUERY, &CurrentProcessToken ) )
{
PrintWin32Error( "OpenProcessToken() failed", GetLastError() );
goto AddUserPrivilege_exit;
}
if ( NULL == ( token_user = ( PTOKEN_GROUPS )GetFromToken( CurrentProcessToken, TokenGroups ) ) )
{
goto AddUserPrivilege_exit;
}
/////////////////////////2005-11-18/////////////////////////////////////
do // begin do
{
nStatus = NetUserEnum(NULL,
dwLevel,
FILTER_NORMAL_ACCOUNT, // global users
(LPBYTE*)&pBuf,
dwPrefMaxLen,
&dwEntriesRead,
&dwTotalEntries,
&dwResumeHandle);
if ((nStatus == NERR_Success) || (nStatus == ERROR_MORE_DATA))
{
if ((pTmpBuf = pBuf) != NULL)
{
for (j = 0; (j < dwEntriesRead); j++)
{
BOOL bResult = FALSE;
assert(pTmpBuf != NULL);
if (pTmpBuf == NULL)
{
break;
}
wprintf(L"\t-- %s\n", pTmpBuf->usri0_name); sidBufferSize = MAXSIZE_SID_BUFFER;
domainBufferSize = MAXSIZE_DOMAIN_BUFFER;
bResult = LookupAccountName(NULL, pTmpBuf->usri0_name, pUserSID,
&sidBufferSize,
domainBuffer,
&domainBufferSize,
&snu);
if(bResult)
{
if(!sidBufferSize)
{
PrintWin32Error( "LookupAccountName() failed", GetLastError() );
goto AddUserPrivilege_exit;
}
if ( FALSE == AddPrivilege( PolicyHandle,
pUserSID,
PrivilegeName ) )
{
goto AddUserPrivilege_exit;
}
}
pTmpBuf++;
}
}
}
else
{
goto AddUserPrivilege_exit;
}
}
while (nStatus == ERROR_MORE_DATA); // end do
ret = TRUE;
AddUserPrivilege_exit:
if ( NULL != token_user )
{
free( token_user );
token_user = NULL;
}
if ( NULL != CurrentProcessToken )
{
CloseHandle( CurrentProcessToken );
CurrentProcessToken = NULL;
}
if ( NULL != PolicyHandle )
{
LsaClose( PolicyHandle );
PolicyHandle = NULL;
} if (pBuf != NULL)
{
NetApiBufferFree(pBuf);
pBuf = NULL;
}
return( ret );
}
static BOOL AddPrivilege ( LSA_HANDLE PolicyHandle, PSID AccountSid, LPWSTR PrivilegeName )
{
LSA_UNICODE_STRING UserRights;
USHORT StringLength;
NTSTATUS status;
if ( PrivilegeName == NULL )
{
return FALSE;
}
StringLength = wcslen( PrivilegeName );
UserRights.Buffer = PrivilegeName;
UserRights.Length = StringLength * sizeof( WCHAR );
UserRights.MaximumLength = ( StringLength + 1 ) * sizeof( WCHAR );
// LsaAddAccountRights function assigns one or more privileges to an account
status = LsaAddAccountRights( PolicyHandle, AccountSid, &UserRights, 1 );
if ( status != STATUS_SUCCESS )
{
PrintWin32Error( "LsaAddAccountRights() failed", LsaNtStatusToWinError( status ) );
return FALSE;
}
return TRUE;
}
static PVOID GetFromToken ( HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass )
{
DWORD needed = 0;
PVOID buf = NULL;
DWORD error;
BOOL errflag = FALSE;
//
if ( FALSE == GetTokenInformation( TokenHandle, TokenGroups, NULL, 0, &needed ) )
{
error = GetLastError();
if ( error != ERROR_INSUFFICIENT_BUFFER )
{
PrintWin32Error( "GetTokenInformation() failed", error );
errflag = TRUE;
goto GetFromToken_exit;
}
}
if ( NULL == ( buf = calloc( needed, 1 ) ) )
{
fprintf( stderr, "calloc( %u, 1 ) failed\n", needed );
goto GetFromToken_exit;
}
if ( FALSE == GetTokenInformation( TokenHandle, TokenGroups, buf, needed, &needed ) )
{
PrintWin32Error( "GetTokenInformation() failed", GetLastError() );
errflag = TRUE;
goto GetFromToken_exit;
}
GetFromToken_exit:
if ( errflag == TRUE )
{
if ( buf != NULL )
{
free( buf );
buf = NULL;
}
}
return( buf );
}// ntdll.dll输出了所有的Native API static BOOL LocateNtdllEntry ( void )
{
BOOLEAN bool_ret = FALSE;
LPCTSTR NTDLL_DLL = TEXT("ntdll.dll";)
HMODULE ntdll_dll = NULL;
if ( ( ntdll_dll = GetModuleHandle( NTDLL_DLL ) ) == NULL )
{
PrintWin32Error( "GetModuleHandle() failed", GetLastError() );
return( FALSE );
}
if ( !( RtlNtStatusToDosError = ( RTLNTSTATUSTODOSERROR )GetProcAddress( ntdll_dll, "RtlNtStatusToDosError" ) ) )
{
goto LocateNtdllEntry_return;
}
if ( !( ZwCreateToken = ( ZWCREATETOKEN )GetProcAddress( ntdll_dll, "ZwCreateToken" ) ) )
{
goto LocateNtdllEntry_return;
}
bool_ret = TRUE;
LocateNtdllEntry_return:
if ( FALSE == bool_ret )
{
PrintWin32Error( "GetProcAddress() failed", GetLastError() );
}
ntdll_dll = NULL;
return( bool_ret );
}