How to give the Group Sid..?

OSR_Community_User · December 3, 2002, 8:07pm

Dear All;

I gived the UserSid(ex.500=admin), but I give not GroupSid…!!
So I want give the GroupSid…

How to gived the Group Sid Number in the Driver…?

OSR_Community_User · December 3, 2002, 9:07pm

Use ZwQueryInformationToken(TokenGroups) on the token handle, it will
fill the PTOKEN_GROUPS buffer.

To obtain the token handle from the CREATE IRP, use the following:

*Token =
SecurityContext->AccessState->SubjectSecurityContext.ClientToken;
if( *Token == NULL )
*Token =
SecurityContext->AccessState->SubjectSecurityContext.PrimaryToken;
// Now create the handle
return ObOpenObjectByPointer(*Token, OBJ_CASE_INSENSITIVE, NULL,
TOKEN_QUERY,
NULL,
KernelMode, hToken);

SecuriryContext is Parameters.Create.SecurityContext.

If you do any security checks in CREATE path - then use only the
security context from the IRP, and not the current thread’s token -
they are not so OK for this.

Max

----- Original Message -----
From: “Kim DJ”
To: “NT Developers Interest List”
Sent: Wednesday, December 04, 2002 4:14 AM
Subject: [ntdev] How to give the Group Sid…?

> Dear All;
>
> I gived the UserSid(ex.500=admin), but I give not GroupSid…!!
> So I want give the GroupSid…
>
> How to gived the Group Sid Number in the Driver…?
>
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to %%email.unsub%%
>