how to get the user accounts and buit in security principles in windows_问答_开发者

how to get the user accounts and buit in security principles in windows

开发者 https://www.devze.com 2022-12-31 23:09 出处：网络

alt text http://www.freeimagehosting.net/uploads/b350914deb.png i want to retrieve the list of 开发者_运维知识库user and local service and network serviceWMI has a Win32_UserAccount class, but enumer

alt text http://www.freeimagehosting.net/uploads/b350914deb.png

i want to retrieve the list of 开发者_运维知识库user and local service and network service

WMI has a Win32_UserAccount class, but enumerating it looks like it produces the same list as NetEnumUsers, which only produces (more or less) "Normal" accounts, not the built in security principals like "Local Service" and "Network Service".

You can retrieve everything with NetLocalGroupEnum and NetLocalGroupGetMembers, but you'd have to do it from something that lets you work with the Win32 API directly, not (at least AFAIK) via WMI. In case that's still useful, here's a bit of sample code that lists groups and members:

#define UNICODE 
#include <windows.h>
#include <lmaccess.h>
#include <lmapibuf.h>

#include <iostream>

int main() {

    LOCALGROUP_INFO_0 *l_info;
    DWORD read;
    DWORD total;

    NetLocalGroupEnum(NULL, 
                    0, 
                    (unsigned char **)&l_info,
                    MAX_PREFERRED_LENGTH,
                    &read,
                    &total,
                    NULL);

    std::wcout << L"Local Groups\n";

    for (int i=0; i<read; i++) {
        std::wcout << l_info[i].lgrpi0_name << std::endl;

        LOCALGROUP_MEMBERS_INFO_1 *members;
        DWORD entries, total_entries;

        NetLocalGroupGetMembers(NULL, 
                                l_info[i].lgrpi0_name, 
                                1,
                                reinterpret_cast<BYTE **>(&members),
                                MAX_PREFERRED_LENGTH,
                                &entries, 
                                &total_entries,
                                NULL);

        for (int mem_num = 0; mem_num<entries; mem_num++)
            std::wcout << L"\t" << members[mem_num].lgrmi1_name << L"\n";
        NetApiBufferFree(members);
    }


    NetApiBufferFree(l_info);

    GROUP_INFO_0 *g_info;

    NetGroupEnum(NULL, 
                0, 
                (unsigned char **)&g_info,
                MAX_PREFERRED_LENGTH,
                &read,
                &total,
                NULL);

    std::wcout << L"\nGlobal Groups\n";

    for (i=0; i<read; i++)
        std::wcout << g_info[i].grpi0_name << std::endl;

    NetApiBufferFree(g_info);
    return 0;
}

You can do this via WSH. Here is an example in JavaScript: http://www.winscripter.com/WSH/ADSI/56.aspx

and a sample in C#: http://www.geekzone.co.nz/chakkaradeep/3938

I found several answers on BING by searching win32 list user accounts

And finally a sample from Microsoft: http://gallery.technet.microsoft.com/ScriptCenter/en-us/827623f5-eb55-4035-8f57-25c4afb444cd