Below is some code on how to create an SID for "Everyone". I am unsure
about how this could be modified to create an SID for Administrator.
The whole topic itself is rather muddled with security articles and
vague references to S-1-5-domain-500. Any help out there?

- Richard

HKEY hKey;
ACE_HEADER *pAce;
PSID psidWorldSid;
LONG nResult;

BOOL bSuccess;
DWORD dwAclSize;
PACL pDacl;
SECURITY_DESCRIPTOR SecDesc;

hKey = NULL;

//open up the key we are going to change as writable
nResult = ::RegOpenKeyEx( hKeyBase, keyName, 0, WRITE_DAC, &hKey );
if( nResult != ERROR_SUCCESS ) {
return FALSE;
}

//we are going to work on world authority (there is a macro here)
SID_IDENTIFIER_AUTHORITY siaWorldSidAuthority
= SECURITY_WORLD_SID_AUTHORITY;

//initialized our SID for EVERYONE
psidWorldSid = (PSID)LocalAlloc(LPTR,GetSidLengthRequired( 1 ));
InitializeSid( psidWorldSid, &siaWorldSidAuthority, 1);
*(GetSidSubAuthority( psidWorldSid, 0)) = SECURITY_WORLD_RID;

Hi,

Use the following API's to create and check a SID:

GetCurrentProcess()
OpenProcessToken()
GlobalAlloc()
GetTokenInformation()
AllocateAndInitializeSid()
EqualSid()
LookupAccountSid()
CheckTokenMembership()
FreeSid()
GlobalFree()
CloseHandle()

http://msdn.microsoft.com/library/de...entprocess.asp

http://msdn.microsoft.com/library/de...ocesstoken.asp

http://msdn.microsoft.com/library/de...lobalalloc.asp

http://msdn.microsoft.com/library/de...nformation.asp

http://msdn.microsoft.com/library/de...tializesid.asp

http://msdn.microsoft.com/library/de...y/equalsid.asp

http://msdn.microsoft.com/library/de...accountsid.asp

http://msdn.microsoft.com/library/de...membership.asp

http://msdn.microsoft.com/library/de...ty/freesid.asp

http://msdn.microsoft.com/library/de...globalfree.asp

http://msdn.microsoft.com/library/de...losehandle.asp

Hope these information helps,

Kellie.

richard.Anaya@gmail.com wrote:

See this:
http://groups.google.com/group/micro...be610af79c67f6