+ /* Get the default group */
+ if (!GetTokenInformation (token, TokenPrimaryGroup, &gsid, sizeof gsid, &size))
+ {
+ log (LOG_TIMESTAMP) << "GetTokenInformation() failed: " <<
+ GetLastError () << endLog;
+ goto out;
+ }
+
+ /* Get the computer name */
+ if (!GetComputerName (compname, (size = sizeof compname, &size)))
+ {
+ log (LOG_TIMESTAMP) << "GetComputerName() failed: " <<
+ GetLastError () << endLog;
+ goto out;
+ }
+
+ /* Get the local domain SID */
+ SID_NAME_USE use;
+ DWORD sz;
+ if (!LookupAccountName (NULL, compname, lsid, (size = sizeof lsid, &size),
+ domain, (sz = sizeof domain, &sz), &use))
+ {
+ log (LOG_TIMESTAMP) << "LookupAccountName() failed: " <<
+ GetLastError () << endLog;
+ goto out;
+ }
+
+ /* Create the None SID from the domain SID.
+ On NT the last subauthority of a domain is -1 and it is replaced by the RID.
+ On other systems the RID is appended. */
+ sz = *GetSidSubAuthorityCount (lsid);
+ if (*GetSidSubAuthority (lsid, sz -1) != (DWORD) -1)
+ *GetSidSubAuthorityCount (lsid) = ++sz;
+ *GetSidSubAuthority (lsid, sz -1) = DOMAIN_GROUP_RID_USERS;
+
+ /* See if the group is None */
+ if (EqualSid (gsid.psid, lsid))
+ {
+ bool isadmins = false, isusers = false;
+ sid_auth = (SID_IDENTIFIER_AUTHORITY) { SECURITY_NT_AUTHORITY };
+ /* Get the SID for "Administrators" S-1-5-32-544 */
+ if (!AllocateAndInitializeSid (&sid_auth, 2, SECURITY_BUILTIN_DOMAIN_RID,
+ DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &asid))
+ {
+ log (LOG_TIMESTAMP) << "AllocateAndInitializeSid() failed: " <<
+ GetLastError () << endLog;
+ goto out;
+ }
+ /* Get the SID for "Users" S-1-5-32-545 */
+ if (!AllocateAndInitializeSid (&sid_auth, 2, SECURITY_BUILTIN_DOMAIN_RID,
+ DOMAIN_ALIAS_RID_USERS, 0, 0, 0, 0, 0, 0, &usid))
+ {
+ log (LOG_TIMESTAMP) << "AllocateAndInitializeSid() failed: " <<
+ GetLastError () << endLog;
+ goto out;
+ }
+ /* Get the token groups */
+ if (!GetTokenInformation (token, TokenGroups, NULL, 0, &size)
+ && GetLastError () != ERROR_INSUFFICIENT_BUFFER)
+ {
+ log (LOG_TIMESTAMP) << "GetTokenInformation() failed: " <<
+ GetLastError () << endLog;
+ goto out;
+ }
+ else
+ {
+ char buf[size];
+ TOKEN_GROUPS *groups = (TOKEN_GROUPS *) buf;
+
+ if (!GetTokenInformation (token, TokenGroups, buf, size, &size))
+ {
+ log (LOG_TIMESTAMP) << "GetTokenInformation() failed: " <<
+ GetLastError () << endLog;
+ goto out;
+ }
+ else
+ /* See if admins or users is present */
+ for (DWORD pg = 0; pg < groups->GroupCount; ++pg)
+ {
+ isadmins = isadmins || EqualSid(groups->Groups[pg].Sid, asid);
+ isusers = isusers || EqualSid(groups->Groups[pg].Sid, usid);
+ }
+ }
+ /* Set the default group to one of the above computed SID. */
+ PSID nsid = NULL;
+ if (isusers)
+ {
+ nsid = usid;
+ log(LOG_TIMESTAMP) << "Changing gid to Users" << endLog;
+ }
+ else if (isadmins)
+ {
+ nsid = asid;
+ log(LOG_TIMESTAMP) << "Changing gid to Administrators" << endLog;
+ }
+ if (nsid && !SetTokenInformation (token, TokenPrimaryGroup, &nsid, sizeof nsid))
+ log (LOG_TIMESTAMP) << "SetTokenInformation() failed: " <<
+ GetLastError () << endLog;
+ }
+ out:
+ /* Close token handle. */
+ if (token)
+ CloseHandle (token);
+
+ /* Free memory occupied by the SIDs. */
+ if (esid)
+ FreeSid (esid);
+ if (asid)
+ FreeSid (asid);
+ if (usid)
+ FreeSid (usid);