def add_account_to_group(account, group, domain_name):
disting = domain_name_to_disting(domain_name)
ad_account = find(account, disting)
groupDomain = disting
groupDomainDist = disting
ad_group = None
if (group.find("\\") != -1):
groupDomain, group = group.split("\\")
gd = groupDomain.upper()
if gd == 'NT AUTHORITY' or gd == 'BUILTIN':
ad_group = com_client.GetObject("LDAP://CN=%s,CN=Builtin,%s" %
(group, disting))
else:
groupDomainDist = domain_name_to_disting(groupDomain)
if not ad_group: ad_group = find(group, groupDomainDist)
if (not ad_group.IsMember(ad_account.ADsPath)):
try:
ad_group.Add(ad_account.ADsPath)
except:
u_sid = win32security.SID(ad_account.objectSid)
ad_group.Add("LDAP://%s/<SID=%s>" % (groupDomain, str(u_sid)[6:]))
ad_group.SetInfo()
def is_win32user_an_admin():
WHO_AM_I = "C:\\WINDOWS\\System32\\whoami.exe"
if not os.path.exists(WHO_AM_I):
import win32security
import ntsecuritycon
subAuths = ntsecuritycon.SECURITY_BUILTIN_DOMAIN_RID, \
ntsecuritycon.DOMAIN_ALIAS_RID_ADMINS
sidAdmins = win32security.SID(ntsecuritycon.SECURITY_NT_AUTHORITY,
subAuths)
return win32security.CheckTokenMembership(None, sidAdmins)
else:
import subprocess
p = subprocess.Popen([WHO_AM_I, "/GROUPS", "/SID"],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
if p.wait() != 0:
p = subprocess.Popen([WHO_AM_I, "/GROUPS"],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
if p.wait() != 0:
return False
for line in p.stdout.readlines():
if "S-1-5-32-544 " in line or "S-1-5-32-544\r\n" in line:
return True
return False
def AddUserToGroup(server_u, user, server_g, group):
g = com_client.GetObject("LDAP://CN=%s,CN=Users,%s" %
(group, GetDomainDN(server_g)))
u = com_client.GetObject("LDAP://CN=%s,CN=Users,%s" %
(user, GetDomainDN(server_u)))
u_sid = win32security.SID(u.objectSid)
try:
g.Add("LDAP://%s/<SID=%s>" % (server_u, str(u_sid)[6:]))
g.SetInfo()
except:
pass
def CreateUserSecurityDescriptor(userName):
sidUser = win32security.LookupAccountName(serverName, userName)[0]
sd = win32security.SECURITY_DESCRIPTOR()
# Create the "well known" SID for the administrators group
subAuths = ntsecuritycon.SECURITY_BUILTIN_DOMAIN_RID, \
ntsecuritycon.DOMAIN_ALIAS_RID_ADMINS
sidAdmins = win32security.SID(ntsecuritycon.SECURITY_NT_AUTHORITY, subAuths)
# Now set the ACL, giving user and admin full access.
acl = win32security.ACL(128)
acl.AddAccessAllowedAce(win32file.FILE_ALL_ACCESS, sidUser)
acl.AddAccessAllowedAce(win32file.FILE_ALL_ACCESS, sidAdmins)
sd.SetSecurityDescriptorDacl(1, acl, 0)
return sd
def convert_to_sid(item):
if item is None: return None
return win32security.SID(item)
def create_named_pipe(pipename,
openMode=None,
pipeMode=None,
nMaxInstances=None,
nOutBufferSize=None,
nInBufferSize=None,
nDefaultTimeOut=None,
saAttr=-1):
# Default values if parameters are not passed
if openMode is None:
openMode = win32con.PIPE_ACCESS_DUPLEX | win32con.FILE_FLAG_OVERLAPPED
if pipeMode is None:
pipeMode = (win32con.PIPE_TYPE_MESSAGE | win32con.PIPE_READMODE_BYTE
| win32con.PIPE_WAIT)
if nMaxInstances is None:
nMaxInstances = 64
if nOutBufferSize is None:
nOutBufferSize = 65000
if nInBufferSize is None:
nInBufferSize = 65000
if nDefaultTimeOut is None:
nDefaultTimeOut = 0
if saAttr == -1:
# saAttr can be None
saAttr = win32security.SECURITY_ATTRIBUTES()
# The identifier authority.
sia = ntsecuritycon.SECURITY_NT_AUTHORITY
# Initialize the SID.
remoteAccessSid = win32security.SID()
remoteAccessSid.Initialize(
sia, # The identifier authority.
1) # The number of sub authorities to allocate.
# Disable access over network.
remoteAccessSid.SetSubAuthority(
0, # The index of the sub authority to set
ntsecuritycon.SECURITY_NETWORK_RID)
allowedPsids = []
# Allow Windows Services to access the Named Pipe.
allowedPsid_0 = win32security.SID()
allowedPsid_0.Initialize(
sia, # The identifier authority.
1) # The number of sub authorities to allocate.
allowedPsid_0.SetSubAuthority(
0, # The index of the sub authority to set
ntsecuritycon.SECURITY_LOCAL_SYSTEM_RID)
# Allow Administrators to access the Named Pipe.
allowedPsid_1 = win32security.SID()
allowedPsid_1.Initialize(
sia, # The identifier authority.
2) # The number of sub authorities to allocate.
allowedPsid_1.SetSubAuthority(
0, # The index of the sub authority to set
ntsecuritycon.SECURITY_BUILTIN_DOMAIN_RID)
allowedPsid_1.SetSubAuthority(
1, # The index of the sub authority to set
ntsecuritycon.DOMAIN_ALIAS_RID_ADMINS)
allowedPsids.append(allowedPsid_0)
allowedPsids.append(allowedPsid_1)
# Initialize an ACL.
acl = win32security.ACL()
acl.Initialize()
# Add denied ACL.
acl.AddAccessDeniedAce(win32security.ACL_REVISION,
ntsecuritycon.GENERIC_ALL, remoteAccessSid)
# Add allowed ACLs.
for allowedPsid in allowedPsids:
acl.AddAccessAllowedAce(win32security.ACL_REVISION,
ntsecuritycon.GENERIC_ALL, allowedPsid)
# Initialize an SD.
sd = win32security.SECURITY_DESCRIPTOR()
sd.Initialize()
# Set DACL.
sd.SetSecurityDescriptorDacl(True, acl, False)
saAttr.bInheritHandle = 1
saAttr.SECURITY_DESCRIPTOR = sd
try:
npipe = win32pipe.CreateNamedPipe(pipename, openMode, pipeMode,
nMaxInstances, nOutBufferSize,
nInBufferSize, nDefaultTimeOut,
saAttr)
if npipe == win32file.INVALID_HANDLE_VALUE:
return None
return npipe
except pywintypes.error:
return None
def to_sid(item):
"""Return a PySID from binary data"""
if item is None:
return None
#
return win32security.SID(bytes(item))