/dev/ptmx fails with Azure accounts

Corinna Vinschen corinna-cygwin@cygwin.com
Wed Aug 3 18:00:00 GMT 2016 

On Aug  2 12:54, rmora@aboutgolf.com wrote:
> [I'm so sorry I'm messing up the mailing list by not replying to the proper email.... I only just got it through my thick skull now to subscribe to the mailing list. I think my brain is on vacation already....]
> 
> 
> Unfortunately your prediction was correct - RunAs Administrator CMD gives this:

Thanks!

In the meantime I prepared my test application.  Can you please fetch
the attached source and store it as, e.g., azure-check.c.  Then build
and run it like this:

  $ gcc -g -o azure-check azure-check.c -lnetapi32
  $ ./azure-check

Then run it and paste the complete output into your reply.

I have an idea for an extension of this testcase, but I think I have
to see the output of this one first.


Thanks in advance,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
#include <stdio.h>
#define _WIN32_WINNT 0x0a00
#define WINVER 0x0a00
#include <windows.h>
#include <winternl.h>
#include <ntsecapi.h>
#include <dsgetdc.h>
#include <sddl.h>

int
main ()
{
  HANDLE lsa;
  NTSTATUS status;
  ULONG ret;
  PPOLICY_DNS_DOMAIN_INFO pdom;
  PPOLICY_ACCOUNT_DOMAIN_INFO adom;
  PDS_DOMAIN_TRUSTSW td;
  ULONG tdom_cnt;
  static LSA_OBJECT_ATTRIBUTES oa = { 0, 0, 0, 0, 0, 0 };
  LPSTR str;
  BOOL has_dom;
  HANDLE tok;
  WCHAR name[256];
  WCHAR dom[256];
  DWORD nlen, dlen;
  SID_NAME_USE type;

  status = LsaOpenPolicy (NULL, &oa, POLICY_VIEW_LOCAL_INFORMATION, &lsa);
  if (!NT_SUCCESS (status))
    {
      printf ("LsaOpenPolicy: 0x%08x\n", status);
      return 1;
    }
  status = LsaQueryInformationPolicy (lsa, PolicyDnsDomainInformation,
				      (PVOID *) &pdom);
  if (NT_SUCCESS (status))
    {
      if (pdom->Name.Length)
	printf ("PDom.Name: %ls\n", pdom->Name.Buffer);
      if (pdom->DnsDomainName.Length)
	printf ("PDom.DnsDomainName: %ls\n", pdom->DnsDomainName.Buffer);
      if (pdom->DnsForestName.Length)
	printf ("PDom.DnsForestName: %ls\n", pdom->DnsForestName.Buffer);
      has_dom = !!pdom->Sid;
      if (has_dom)
      	{
	  ConvertSidToStringSidA (pdom->Sid, &str);
	  printf ("PDom.Sid: %s\n", str);
	  LocalFree (str);
	}
      LsaFreeMemory (pdom);
    }
  else
    printf ("LsaQueryInformationPolicy (PDOM): 0x%08x\n", status);
    
  status = LsaQueryInformationPolicy (lsa, PolicyAccountDomainInformation,
				      (PVOID *) &adom);
  if (NT_SUCCESS (status))
    {
      if (adom->DomainName.Length)
	  printf ("ADom.DomainName: %ls\n", adom->DomainName.Buffer);
      ConvertSidToStringSidA (adom->DomainSid, &str);
      printf ("ADom.DomainSid: %s\n", str);
      LocalFree (str);
      LsaFreeMemory (adom);
    }
  else
    printf ("LsaQueryInformationPolicy (ADOM): 0x%08x\n", status);
  if (dom)
    {
      ret = DsEnumerateDomainTrustsW (NULL, DS_DOMAIN_DIRECT_INBOUND
					    | DS_DOMAIN_DIRECT_OUTBOUND
					    | DS_DOMAIN_IN_FOREST,
				       &td, &tdom_cnt);
      if (ret == ERROR_SUCCESS)
	for (ULONG idx = 0; idx < tdom_cnt; ++idx)
	  {
	    printf ("Trusted Domain %u:\n", idx);
	    printf ("  NetbiosDomainName: %ls\n", td[idx].NetbiosDomainName);
	    if (td[idx].DnsDomainName)
	      printf ("  DnsDomainName: %ls\n", td[idx].DnsDomainName);
	    printf ("  Flags: 0x%08x\n", td[idx].Flags);
	    printf ("  TrustType: 0x%08x\n", td[idx].TrustType);
	    printf ("  TrustAttributes: 0x%08x\n", td[idx].TrustAttributes);
	    if (td[idx].DomainSid)
	      {
		ConvertSidToStringSidA (td[idx].DomainSid, &str);
		printf ("DomainSid: %s\n", str);
		LocalFree (str);
	      }
	  }
      else
	printf ("DsEnumerateDomainTrustsW: %u\n", ret);
    }
  LsaClose (lsa);
  if (OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &tok))
    {
      PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
      if (GetTokenInformation (tok, TokenUser, tp, 65536, &ret))
      	{
	  printf ("User:\n");
	  ConvertSidToStringSidA (tp->User.Sid, &str);
	  printf ("  Sid: %s\n", str);
	  LocalFree (str);

	  nlen = dlen = 256;
	  if (LookupAccountSidW (NULL, tp->User.Sid, name, &nlen, 
				 dom, &dlen, &type))
	    printf ("  Dom\\Name: %ls\\%ls\n", dom, name);
	  else
	    printf ("  LookupAccountSidW: %u\n", GetLastError ());
	  printf ("  Attributes: 0x%08x\n", tp->User.Attributes);
	}
      else
	printf ("GetTokenInformation(user): %u\n", GetLastError ());
      free (tp);

      PTOKEN_GROUPS tg = (PTOKEN_GROUPS) malloc (65536);
      if (GetTokenInformation (tok, TokenGroups, tg, 65536, &ret))
	for (ULONG idx = 0; idx < tg->GroupCount; ++idx)
	  {
	    printf ("Group %u\n", idx);
	    ConvertSidToStringSidA (tg->Groups[idx].Sid, &str);
	    printf ("  Sid: %s\n", str);
	    LocalFree (str);

	    nlen = dlen = 256;
	    if (LookupAccountSidW (NULL, tg->Groups[idx].Sid, name, &nlen, 
				   dom, &dlen, &type))
	      printf ("  Dom\\Name: %ls\\%ls\n", dom, name);
	    else
	      printf ("  LookupAccountSidW: %u\n", GetLastError ());
	    printf ("  Attributes: 0x%08x\n", tg->Groups[idx].Attributes);
	  }
      else
	printf ("GetTokenInformation(groups): %u\n", GetLastError ());
      free (tg);
    }
  else
    printf ("OpenProcessToken: %u\n", GetLastError ());
  return 0;
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20160803/ec5585c0/attachment.sig>

More information about the Cygwin mailing list