wf icon indicating copy to clipboard operation
wf copied to clipboard
verified publisher icon tailscale

SECURITY_DESCRIPTOR

Open y-shevchenko opened this issue 1 year ago • 0 comments

I can't create a rule with the FieldALEUserID field

sd, err := windows.SecurityDescriptorFromString("O:S-1-5-21-4178385778-218860893-2165782238-1001")
		if err != nil {
			fmt.Println("SecurityDescriptorFromString")
			return err
		}

err = session.AddRule(&wf.Rule{
			ID:         wf.RuleID(convert.StringToGUID(DNSID)),
			Name:       "Kodi sid",
			Layer:      wf.LayerALEAuthConnectV4,
			Provider:   wf.ProviderID(pID),
			Sublayer:   wf.SublayerID(subID),
			Weight:     101,
			Persistent: true,
			Conditions: []*wf.Match{
				{
					Field: wf.FieldALEUserID,
					Op:    wf.MatchTypeEqual,
					Value: sd,
				},
			},
			Action: wf.ActionPermit,
		})

I get an error

invalid match ALE_USER_ID == O:S-1-5-21-4178385778-218860893-2165782238-1001 (*windows.SECURITY_DESCRIPTOR): The parameter is incorrect.

y-shevchenko avatar Jan 16 '25 11:01 y-shevchenko