473,569 Members | 2,751 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

How to enumerate Windows user accounts?

I'm trying to get a list of user accounts on the local computer - the same
list you see when you are about to log in to Windows XP or Vista. This needs
to work on a home computer (not connected to a domain). It's for a parental
control app where I want the parent to be able to assign rules for each
child's account. I've tried using the Win32 API
LsaEnumerateAcc ountsWithUserRi ght with the SE_INTERACTIVE_ LOGON_NAME
privilege, but it doesn't work. I tried passing in NULL as the UserRights
parameter, which is supposed to return ALL accounts, but I get back a list
which has the built-in accounts and a few others (see below), but not one
single normal user account. I just want the accounts for people who can log
on interactively. I'd prefer if there was a fully .NET C# solution but I'll
do Win32 if I have to. Should I be using LsaLookupNames2 instead?

NT AUTHORITY\SERVI CE
BUILTIN\Remote Desktop Users
BUILTIN\Backup Operators
BUILTIN\Users
BUILTIN\Adminis trators
Justin-Laptop\Guest
Justin-Laptop\SQLServe r2005MSSQLUser$ Justin-Laptop$SQLEXPRE SS
Justin-Laptop\SQLServe r2005SQLBrowser User$Justin-Laptop
NT AUTHORITY\NETWO RK SERVICE
NT AUTHORITY\LOCAL SERVICE
Everyone
Apr 25 '07 #1
2 12620
This code seems to be heading in the right direction. But I really need the
SID for each account. And I'm not sure what groups to enumerate to match what
you see when you log in to Windows XP or Vista. This ActiveDirectory stuff is
new to me.

DirectoryEntry localMachine = new DirectoryEntry( "WinNT://" +
Environment.Mac hineName);
DirectoryEntry admGroup = localMachine.Ch ildren.Find("ad ministrators",
"group");
object members = admGroup.Invoke ("members", null);
foreach (object groupMember in (IEnumerable)me mbers) {
DirectoryEntry member = new DirectoryEntry( groupMember);
Console.WriteLi ne(member.Name) ;
}
"jmagaram" wrote:
I'm trying to get a list of user accounts on the local computer - the same
list you see when you are about to log in to Windows XP or Vista. This needs
to work on a home computer (not connected to a domain). It's for a parental
control app where I want the parent to be able to assign rules for each
child's account. I've tried using the Win32 API
LsaEnumerateAcc ountsWithUserRi ght with the SE_INTERACTIVE_ LOGON_NAME
privilege, but it doesn't work. I tried passing in NULL as the UserRights
parameter, which is supposed to return ALL accounts, but I get back a list
which has the built-in accounts and a few others (see below), but not one
single normal user account. I just want the accounts for people who can log
on interactively. I'd prefer if there was a fully .NET C# solution but I'll
do Win32 if I have to. Should I be using LsaLookupNames2 instead?

NT AUTHORITY\SERVI CE
BUILTIN\Remote Desktop Users
BUILTIN\Backup Operators
BUILTIN\Users
BUILTIN\Adminis trators
Justin-Laptop\Guest
Justin-Laptop\SQLServe r2005MSSQLUser$ Justin-Laptop$SQLEXPRE SS
Justin-Laptop\SQLServe r2005SQLBrowser User$Justin-Laptop
NT AUTHORITY\NETWO RK SERVICE
NT AUTHORITY\LOCAL SERVICE
Everyone
Apr 25 '07 #2
Try this inside the for loop:

string sid = new
SecurityIdentif ier((byte[])member.Propert ies["objectSid"][0], 0).Value;
Console.WriteLi ne (sid);

This works with .NET 2.0 onwards.

"jmagaram" wrote:
This code seems to be heading in the right direction. But I really need the
SID for each account. And I'm not sure what groups to enumerate to match what
you see when you log in to Windows XP or Vista. This ActiveDirectory stuff is
new to me.

DirectoryEntry localMachine = new DirectoryEntry( "WinNT://" +
Environment.Mac hineName);
DirectoryEntry admGroup = localMachine.Ch ildren.Find("ad ministrators",
"group");
object members = admGroup.Invoke ("members", null);
foreach (object groupMember in (IEnumerable)me mbers) {
DirectoryEntry member = new DirectoryEntry( groupMember);
Console.WriteLi ne(member.Name) ;
}
"jmagaram" wrote:
I'm trying to get a list of user accounts on the local computer - the same
list you see when you are about to log in to Windows XP or Vista. This needs
to work on a home computer (not connected to a domain). It's for a parental
control app where I want the parent to be able to assign rules for each
child's account. I've tried using the Win32 API
LsaEnumerateAcc ountsWithUserRi ght with the SE_INTERACTIVE_ LOGON_NAME
privilege, but it doesn't work. I tried passing in NULL as the UserRights
parameter, which is supposed to return ALL accounts, but I get back a list
which has the built-in accounts and a few others (see below), but not one
single normal user account. I just want the accounts for people who can log
on interactively. I'd prefer if there was a fully .NET C# solution but I'll
do Win32 if I have to. Should I be using LsaLookupNames2 instead?

NT AUTHORITY\SERVI CE
BUILTIN\Remote Desktop Users
BUILTIN\Backup Operators
BUILTIN\Users
BUILTIN\Adminis trators
Justin-Laptop\Guest
Justin-Laptop\SQLServe r2005MSSQLUser$ Justin-Laptop$SQLEXPRE SS
Justin-Laptop\SQLServe r2005SQLBrowser User$Justin-Laptop
NT AUTHORITY\NETWO RK SERVICE
NT AUTHORITY\LOCAL SERVICE
Everyone
Apr 26 '07 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
2
1855
Is there any web interface tool that can directly create actual accounts on windows 2003 server?
by: jiing | last post by:
I want to use web interface to do : 1. user accounts management (adminstration side) 2. personal password management (user side) 3. create actual accounts under windows 2003 server( for handling share folder) about 1&2, it can be solved by LDAP, phpldapadmin, phpGeneral, but 3, I do not know how to deal with I want to ask is there any web...
PHP
1
2120
Need to Change Developers Acct to Windows Authentication
by: sherkozmo | last post by:
I have my SQL 7.0 server set for Mixed security. I see now (finally) the advantages of having windows authentication security for windows groups. I do most of my developing in Access Projects which require a login of some type. I have been using my SQL login to develop with SQL and then when I give it to the user, I set the project to use...
Microsoft SQL Server
0
1803
Problem with Creating User Profiles on Windows XP
by: Wayne Gibson | last post by:
Hi all, Please ignore the other post.. The cat jumped on the machine and sent it before I could stop it!! Was wondering if anybody has expericence this problem.. I am writting an application in C# using windows forms, to create windows user profiles and then updating the registry information for the new profiles. I have managed to...
.NET Framework
2
2614
Windows Credentialing Security Problem
by: Joseph Geretz | last post by:
I'm having a credentialing problem in my web application. Actually, I don't think this is an IIS security issue, since I'm able to access the page I'm requesting. However, the executing page itself is not able to access a specific network resource and I just can't figure out why. First of all, let me say this worked fine with IIS running on...
ASP.NET
4
2402
Starting up Windows Program from a webform with current users's authentication
by: Kristof Despiere | last post by:
Suppose you have one domain, filled with a couple of users. What needs to be done now is I need to start a windows application from a webform by pressing a button on the webform (for example). The problem is that the user who "owns" the service is always the ASPNET account. That's not good since you don't see the actual application (because...
ASP.NET
5
2678
Remote control of windows service with windows 2003 server
by: pberna | last post by:
Dear all, I built a Web Form application to start and stop a Windows Service remotely. I successful tested the application on Windows 2000 server + IIS. I must include the ASPNET user to the Administration group (on server side) to have the necessary authorization to start a Windows Service (I don't understand why "Power User" rights are...
ASP.NET
6
2132
Windows Integrated Security - Restricting Users Without Groups
by: Mr Newbie | last post by:
Hi, Im in a situation where I need to restrict users, but I dont have access or wont be allowed access to manage groups in the domain. How can I restrict access is this case ? -- Best Regards
ASP.NET
27
4696
Windows Service - Event Log
by: pisquem | last post by:
I am building an windows service that is to be deployed on a windows server 2003 and I want to have activity written to the event log, I want its own log called ('CustomLog') Below is what I have so far...its builds fine but when I go to start the service i get the following error. --------------------------- Services...
C# / C Sharp
1
3502
How do you authenticate a user and pswd for local accounts from windowsforms?
by: Michael Howes | last post by:
I would think this would be very, very easy but in the 50 searches I've done I haven't found anything. If our application requires login and that user/password be a local windows account or more detailed, a user that has been added to the Power Users group that is either a local account or a active directory account how do I authenticate? ...
C# / C Sharp
0
7694
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
General
0
7609
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
Windows Server
0
7921
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
C / C++
0
8118
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
Online Marketing
1
7666
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
Windows Server
0
6278
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
Career Advice
0
3636
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
2107
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
1
1208
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us