Solved

Failure of AllocateAndInitializeSid(...) on Windows 2000 Server

Posted on 2006-07-06
2
473 Views
Last Modified: 2011-10-03
Greetings!

I have written a service in C++ (Microsoft Visual Studio 6.0 SP5) that must coordinate access to a shared set of resources with another application that I've written.  The service normally runs as a Windows system account while the other application is run manually (in user-mode) by whoever is logged in to the system.

To accomplish the needed coordination of resource use, I use a mutex object that is created by the service and shared between the service and the other application.  At the time the service creates the mutex object, I need to ensure that anyone logged into the system isn't blocked from accessing the mutex object for security reasons.

To ensure access by others, I've been giving the necessary rights to the well known group "Everyone."  This worked well on all of my Windows XP systems.  Then, I noticed my application wasn't behaving properly on a Windows 2000 Server system.  After some research, I found the culprit to be the following section of code:
---------------
PSID pEveryoneSID = NULL;
SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;

if((!AllocateAndInitializeSid(&SIDAuthWorld, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &pEveryoneSID))
  || (!pEveryoneSID))
  return ERROR;
---------------
The call to AllocateAndInitializeSid was returning a success indicator, but the variable pEveryoneSID was still null.  I've not tested on other Windows 2000 Servers to know if this common to all Win2k systems or not.  Either way, I know for sure that this function properly assigns the value to pEveryoneSID on my Windows XP systems but does NOT on the Windows 2000 Server where I need it to work.

Does anyone have any insight about what might cause this?
0
Comment
Question by:dshockey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Expert Comment

by:Mikeh926
ID: 17057285
Well, if AllocateAndInitalizeSid is returning TRUE then it should be settings pEveryoneSID to something. Try calling SetLastError() to clear the error code first and then call GetLastError() to see if there is any error code returned. This might give you a hint (especially if you get "access denied").

As for why it works on XP and not on 2000 Server, what user account is the server running in, and are the account permissions the same?
0
 
LVL 41

Accepted Solution

by:
graye earned 125 total points
ID: 17058402
Hummm... I can't offer and explaination, but how about an alternative?

Why not use CreateWellKnownSid instead...

    //BOOL CreateWellKnownSid(
    //  WELL_KNOWN_SID_TYPE WellKnownSidType,
    //  PSID DomainSid,
    // PSID pSid,
    // DWORD* cbSid
    //);
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
Computer science students often experience many of the same frustrations when going through their engineering courses. This article presents seven tips I found useful when completing a bachelors and masters degree in computing which I believe may he…
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…
Progress

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question