}\r
\r
if (translated_sid->Use != SidTypeUser && translated_sid->Use != SidTypeWellKnownGroup) {\r
- LsaFreeMemory(translated_domains);\r
- LsaFreeMemory(translated_sid);\r
- print_message(stderr, NSSM_GUI_INVALID_USERNAME, username);\r
- return 6;\r
+ if (translated_sid->Use != SidTypeUnknown || _tcsnicmp(NSSM_VIRTUAL_SERVICE_ACCOUNT_DOMAIN _T("\\"), username, _tcslen(NSSM_VIRTUAL_SERVICE_ACCOUNT_DOMAIN) + 1)) {\r
+ LsaFreeMemory(translated_domains);\r
+ LsaFreeMemory(translated_sid);\r
+ print_message(stderr, NSSM_GUI_INVALID_USERNAME, username);\r
+ return 6;\r
+ }\r
}\r
\r
LSA_TRUST_INFORMATION *trust = &translated_domains->Domains[translated_sid->DomainIndex];\r
return ret;\r
}\r
\r
+/* Build the virtual account name. */\r
+TCHAR *virtual_account(const TCHAR *service_name) {\r
+ size_t len = _tcslen(NSSM_VIRTUAL_SERVICE_ACCOUNT_DOMAIN) + _tcslen(service_name) + 2;\r
+ TCHAR *name = (TCHAR *) HeapAlloc(GetProcessHeap(), 0, len * sizeof(TCHAR));\r
+ if (! name) {\r
+ print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("name"), _T("virtual_account"));\r
+ return 0;\r
+ }\r
+\r
+ _sntprintf_s(name, len, _TRUNCATE, _T("%s\\%s"), NSSM_VIRTUAL_SERVICE_ACCOUNT_DOMAIN, service_name);\r
+ return name;\r
+}\r
+\r
+/* Does the username represent a virtual account for the service? */\r
+int is_virtual_account(const TCHAR *service_name, const TCHAR *username) {\r
+ if (! imports.IsWellKnownSid) return 0;\r
+ if (! service_name) return 0;\r
+ if (! username) return 0;\r
+\r
+ TCHAR *canon = virtual_account(service_name);\r
+ int ret = str_equiv(canon, username);\r
+ HeapFree(GetProcessHeap(), 0, canon);\r
+ return ret;\r
+}\r
+\r
/*\r
Get well-known alias for LocalSystem and friends.\r
Returns a pointer to a static string. DO NOT try to free it.\r