Skip to content

SECURITY_DESCRIPTOR #28

Open
Open
SECURITY_DESCRIPTOR#28
@y-shevchenko

Description

@y-shevchenko
y-shevchenko
opened on Jan 16, 2025

I can't create a rule with the FieldALEUserID field

sd, err := windows.SecurityDescriptorFromString("O:S-1-5-21-4178385778-218860893-2165782238-1001")
		if err != nil {
			fmt.Println("SecurityDescriptorFromString")
			return err
		}

err = session.AddRule(&wf.Rule{
			ID:         wf.RuleID(convert.StringToGUID(DNSID)),
			Name:       "Kodi sid",
			Layer:      wf.LayerALEAuthConnectV4,
			Provider:   wf.ProviderID(pID),
			Sublayer:   wf.SublayerID(subID),
			Weight:     101,
			Persistent: true,
			Conditions: []*wf.Match{
				{
					Field: wf.FieldALEUserID,
					Op:    wf.MatchTypeEqual,
					Value: sd,
				},
			},
			Action: wf.ActionPermit,
		})

I get an error

invalid match ALE_USER_ID == O:S-1-5-21-4178385778-218860893-2165782238-1001 (*windows.SECURITY_DESCRIPTOR): The parameter is incorrect.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions