4 Protocol Examples

The following example shows a sample call sequence from a client to a server for a typical use of the RAZA protocol to query the permissions available to a given user with the SID S-1-5-21-3448151421-356457007-600757626-4138921 for a resource protected on the server with a security descriptor where built-in administrators and local system have file all access, everyone has read and execute, and the user has read, write, and execute.

  • Client sends AuthzrInitializeContextFromSid.

    Parameter field

    Parameter value

    Handle_t

    [RPC handle to server]

    Flags

    0x8

    SID

    S-1-5-21-3448151421-356457007-600757626-4138921

    pExpirationTime

    NULL

    LUID

    {0xdead,0xbeef}

  • Client receives AuthzrInitializeContextFromSid.

    Parameter field

    Parameter value

    Status

    0

    ContextHandle

    [context handle](This data is opaque to the client.)

  • Client sends AuthzrAccessCheck.

    Parameter field

    Parameter value

    Handle_t

    [RPC handle to server]

    ContextHandle

    [ContextHandle received from server using AuthzrInitializeContextFromSid]

    Flags

    0x0

    pRequest.DesiredAccess

    0x02000000

    (MAXIMUM_ALLOWED)

    pRequest.PrincipalSelfSid

    NULL

    pRequest.ObjectTypeListLength

    0

    pRequest.ObjectTypeList

    NULL

    SecurityDescriptorCount

    1

    pSecurityDescriptors

    01 00 04 80 14 00 00 00 24 00 00 00 00 00 00 00 30 00 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 02 00 6C 00 04 00 00 00 00 00 18 00 FF 01 1F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 FF 01 1F 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 14 00 A9 00 12 00 01 01 00 00 00 00 00 01 00 00 00 00 00 00 24 00 BF 01 12 00 01 05 00 00 00 00 00 05 15 00 00 00 7D 9D 86 CD 2F 1A 3F 15 7A D5 CE 23 A9 27 3F 00

    This is equivalent to the following string value: O:BAG:SYD:(A;;FA;;;BA)(A;;FA;;;SY)(A;;FRFX;;;WD)(A;;FWFRFX;;;S-1-5-21-3448151421-356457007-600757626-4138921)

  • Client receives AuthzrAccessCheck.

    Parameter field

    Parameter value

    Status

    0

    pReply.ResultListLength

    1

    pReply.GrantedAccessMask

    0x1201BF

    (FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_GENERIC_EXECUTE)

    pReply.Error

    ERROR_SUCCESS

  • Client sends AuthzrFreeContext.

    Parameter field

    Parameter value

    Handle_t

    [RPC handle to server]

    ContextHandle

    [ContextHandle received from server using AuthzrInitializeContextFromSid]

  • Client receives AuthzrFreeContext.

    Parameter field

    Parameter value

    Status

    0

    ContextHandle

    NULL

Show: