The functions in the User category control a user’s account in the user account database.
|
Function |
Description |
|
Adds a security database for the specified user. |
|
|
This function is the same as NetUserAdd except that it uses 32-bit data structures, is RPC-based, and supports additional information levels. |
|
|
Removes a user’s account from a server, thereby preventing the user from accessing the server’s resources. |
|
|
This function is the same as NetUserDel except that it is RPC-based. |
|
|
Returns information about all user accounts on a server. |
|
|
This function is the same as NetUserEnum except that it uses 32-bit data structures, is RPC-based, supports additional information levels, and is resumable. |
|
|
Lists all global groups on a server to which a specified user belongs. |
|
|
This function is the same as NetUserGetGroups except that it uses 32-bit data structures, is RPC-based, and supports additional information levels. |
|
|
Retrieves information about a specified user account on a server. |
|
|
This function is the same as NetUserGetInfo except that it uses 32-bit data structures, is RPC-based, and supports additional information levels. |
|
|
Retrieves a list of the local groups to which a specified user belongs. |
|
|
Examines the modals settings for accounts in the user account database. |
|
|
This function is the same as NetUserModalsGet except that it uses 32-bit data structures, is RPC-based, and supports additional information levels. |
|
|
Modifies the modals settings for accounts in the user account database. |
|
|
This function is the same as NetUserModalsSet except that it uses 32-bit data structures, is RPC-based, and supports additional information levels. |
|
|
Changes the password in a user’s account on a server. |
|
|
Sets the global groups to which a user belongs. |
|
|
This function is the same as NetUserSetGroups except that it uses 32-bit data structures, is RPC-based, and supports additional information levels. |
|
|
Modifies permission information about a specified username on a server. |
|
|
This function is the same as NetUserSetInfo except that it uses 32-bit data structures, is RPC-based, and supports additional information levels. |
|
|
Verifies that there is an account with a specified username and password on a server. |
Each user or application that accesses resources must have an account in the security database. This user account verifies that the user or application has permission to connect to a resource. To set up a user account, call NetUserAdd or NetUserAdd32.
When a user or an application requests access to a shared resource on a server, Advanced Server checks for an appropriate account. NetUserValidate2 checks for a valid account with a particular user name and password combination. NetUserGetInfo and NetUserGetInfo32 retrieve full account details.
NetUserEnum and NetUserEnum32 can be used to list all user accounts on a server.
When a user account is no longer needed, use NetUserDel or NetUserDel32 to delete the account from the server. Once the account is removed, the user can no longer access the server, except by using the guest account.
Because the user’s password is confidential, it is not returned by NetUserEnum, NetUserEnum32, NetUserGetInfo, or NetUserGetInfo32; instead, a string of space characters (blanks) or a NULL pointer is substituted for any password requested. The password is initially assigned when NetUserAdd or NetUserAdd32 are called. NetUserSetInfo and NetUserSetInfo32 set the password and other elements of a user account. Users or applications can use NetUserPasswordSet to change a password (they must supply the current password).
NetUserModalsGet, NetUserModalsGet32, NetUserModalsSet32, and NetUserModalsSet examine and modify the modal settings for accounts in the security database (modal settings are global parameters that affect every account in the database, for example, the minimum allowable password length). All modal settings can be altered by calling NetUserModalsSet or NetUserModalsSet32. Most of the modals can also be altered by using the net accounts command.
Note
The Advanced Server user account subsystem is more powerful than LAN Manager-style user account systems. Some of these APIs are LAN Manager-style. Advanced Server performs the best possible exchange to and from LAN Manager-style data structures, when needed.
The data structures described here represent the levels of detail available for the functions that define or return individual user accounts.
The user_info_0 data structure that can be returned by NetUserEnum, NetUserGetInfo, or NetUserSetInfo has the following format.
struct user_info_0 {
char usri0_name[LM20_UNLEN+1];
};
Within this structure, usri0_name specifies the name of the user whose account will be accessed.
The USER_INFO_0 data structure that can be used by NetUserEnum32, NetUserGetInfo32 or NetUserSetInfo32 has the following format:
typedef struct _USER_INFO_0 {
LPTSTR usri0_name;
} USER_INFO_0, *PUSER_INFO_0, *LPUSER_INFO_0;
Within this structure, all of the parameters are defined in the same way as in the user_info_0 data structure.
The user_info_1 data structure that can be returned by NetUserEnum, NetUserGetInfo, NetUserSetInfo, or NetUserAdd has the following format:
struct user_info_1 {
char usri1_name[LM20_UNLEN+1];
char usri1_name_pad_1;
char usri1_password[ENCRYPTED_PWLEN];
long usri1_password_age;
unsigned short usri1_priv;
char * usri1_home_dir;
char * usri1_comment;
unsigned short usri1_flags;
char * usri1_script_path;
};
Within this structure, the following parameters have been defined:
usri1_name specifies the name of the user whose account will be accessed.
usri1_password is usri1_name’s password. usri1_password length cannot exceed PWLEN bytes, as defined in the netcons.h file.
Note that PWLEN is less than the field length ENCRYPTED_PWLEN to allow the user password to be encrypted.
The NetUserEnum and NetUserGetInfo functions return a string of spaces to maintain password security.
usri1_password_age tells how many seconds have passed since usri1_password last changed.
usri1_priv is one of three values specifying the level of privilege assigned usri1_name .
usri1_home_dir points to an ASCIIZ string containing the path name of user_name’s home directory. If a relative path is specified, it will be considered relative to the value of the UserPath keyword in the Advanced Server Registry. The string can be NULL.
usri1_comment points to an ASCIIZ string describing the user’s privileges and other account information. The string can be NULL.
usri1_flags contains bits that determine several features. It is defined in the access.h file, as follows:
|
Manifest |
Bit Mask |
Meaning |
|
UF_SCRIPT |
0 |
If 1, logon script executed. |
|
UF_ACCOUNTDISABLE |
1 |
If 1, user’s account disabled. |
|
UF_DELETE_PROHIBITED |
2 |
If 1, deleting is prohibited. |
|
UF_HOMEDIR_REQUIRED |
3 |
If 1, the home directory is required. |
|
4 |
Reserved; must be 0. |
|
|
UF_PASSWD_NOTREQD |
5 |
If 1, no password is required. |
|
UF_PASSWD_CANT_CHANGE |
6 |
If 1, the user cannot change the password. |
|
7-15 |
Reserved; must be 0. |
usri1_script_path points to an ASCIIZ string specifying the path name of the user’s logon script (.cmd, .exe, .bat, or .pro file). The string can be NULL.
The USER_INFO_1 data structure that can be used by NetUserEnum32, NetUserGetInfo32, NetUserSetInfo32, or NetUserAdd32 has the following format:
typedef struct _USER_INFO_1 {
LPTSTR usri1_name;
LPTSTR usri1_password;
DWORD usri1_password_age;
DWORD usri1_priv;
LPTSTR usri1_home_dir;
LPTSTR usri1_comment;
DWORD usri1_flags;
LPTSTR usri1_script_path;
} USER_INFO_1, *PUSER_INFO_1, *LPUSER_INFO_1;
Within this structure, all parameters are defined in the same way as in user_info_1 data structure.
The user_info_2 data structure that can be returned by NetUserEnum, NetUserGetInfo, NetUserSetInfo, or NetUserAdd has the following format:
struct user_info_2 {
char usri2_name[LM20_UNLEN+1];
char usri2_pad_1;
char usri2_password[ENCRYPTED_PWLEN];
long usri2_password_age;
unsigned short usri2_priv;
char * usri2_home_dir;
char * usri2_comment;
unsigned short usri2_flags;
char * usri2_script_path;
unsigned long usri2_auth_flags;
char * usri2_full_name;
char * usri2_usr_comment;
char * usri2_parms;
char * usri2_workstations;
long usri2_last_logon;
long usri2_last_logoff;
long usri2_acct_expires;
unsigned long usri2_max_storage;
unsigned short usri2_units_per_week;
unsigned char * usri2_logon_hours;
unsigned short usri2_bad_pw_count;
unsigned short usri2_num_logons;
char * usri2_logon_server;
unsigned short usri2_country_code;
unsigned short usri2_code_page;
};
Within this structure, the following parameters are defined:
usri2_name through usri2_script_path are the same as the corresponding elements of the user_info_1 data structure. For a complete description, see Share Information (level 1).
usri2_full_name points to an ASCIIZ string that contains the full name of the user. This value can be a null string, or it can have as many as LM20_MAXCOMMENTSZ characters before the terminating NULL. The constant LM20_MAXCOMMENTSZ is defined in the netcons.h header file.
usri2_usr_comment points to an ASCIIZ string that contains a user comment. This value can be a null string, or it can have as many as LM20_MAXCOMMENTSZ characters before the terminating NULL. The constant LM20_MAXCOMMENTSZ is defined in the netcons.h header file.
usri2_parms points to an ASCIIZ string that is set aside for use by applications. It can have as many as LM20_MAXCOMMENTSZ characters before the terminating NULL. The constant LM20_MAXCOMMENTSZ is defined in the netcons.h header file. Advanced Server does not use this element.
usri2_workstations points to an ASCIIZ string that contains the names of workstations from which the user can log on. As many as eight workstations can be specified; the names must be separated by commas (,). A null string indicates that there is no restriction. To disable logons from all workstations to this account, set the UF_ACCOUNTDISABLE bit in the usriX_flags element.
usri2_last_logon specifies when the last logon occurred. This value is stored as the number of seconds elapsed since 00:00:00, January 1, 1970. This element is ignored in NetUserAdd and NetUserSetInfo calls.
usri2_last_logoff specifies when the last logoff occurred. This value is stored as the number of seconds elapsed since 00:00:00, January 1, 1970. A value of 0 means that the last logoff time is unknown. This element is ignored in NetUserAdd and NetUserSetInfo calls.
usri2_acct_expires specifies when the account will expire. This value is stored as the number of seconds elapsed since 00:00:00, January 1, 1970. A value of TIMEQ_FOREVER,as defined in the access.h header file, indicates that the account never expires.
usri2_max_storage specifies the maximum amount of disk space the user can use. A value of USER_MAXSTORAGE_UNLIMITED, as defined in the access.h header file, indicates that there is no restriction.
usri2_units_per_week specifies the number of equal-length time units into which the week is divided in order to compute the length of the bit string in usri2_logon_hours. This value must be UNITS_PER_WEEK for Advanced Server. This element is ignored in NetUserAdd and NetUserSetInfo calls.
usri2_logon_hours points to a 21-byte (168 bits) bit string that specifies the times during which the user can log on. Each bit represents a unique hour in the week. The first bit (bit 0, word 0) is Sunday, 0:00 to 0:59; the second bit (bit 1, word 0) is Sunday, 1:00 to 1:59; and so on. A null pointer in this element for NetUserAdd calls means that there is no time restriction. A null pointer in this element for NetUserSetInfo calls means that no change is to be made.
usri2_bad_pw_count specifies the number of attempts to log on to this account using an incorrect password. A value of 0xFFFFFFFF indicates that the value is unknown. This element is ignored in NetUserAdd and NetUserSetInfo calls.
usri2_num_logons counts the number of successful attempts to log on to this account. A value of 0xFFFFFFFF indicates that the value is unknown. This element is ignored in NetUserAdd and NetUserSetInfo calls.
usri2_logon_server points to an ASCIIZ string that contains the name of the server to which logon requests are sent. Server names should be preceded by two backslashes ( ). A server name of an asterisk ( *) indicates that the logon request can be handled by any logon server. A null string indicates that requests are sent to the domain controller.
usri2_country_code specifies the country code for the user’s language of choice.
usri2_code_page specifies the code page for the user’s language of choice.
The USER_INFO_2 data structure that can be used by NetUserEnum32, NetUserGetInfo32, NetUserSetInfo32, or NetUserAdd32 has the following format:
typedef struct _USER_INFO_2 {
LPTSTR usri2_name;
LPTSTR usri2_password;
DWORD usri2_password_age;
DWORD usri2_priv;
LPTSTR usri2_home_dir;
LPTSTR usri2_comment;
DWORD usri2_flags;
LPTSTR usri2_script_path;
DWORD usri2_auth_flags;
LPTSTR usri2_full_name;
LPTSTR usri2_usr_comment;
LPTSTR usri2_parms;
LPTSTR usri2_workstations;
DWORD usri2_last_logon;
DWORD usri2_last_logoff;
DWORD usri2_acct_expires;
DWORD usri2_max_storage;
DWORD usri2_units_per_week;
LPBYTE usri2_logon_hours;
DWORD usri2_bad_pw_count;
DWORD usri2_num_logons;
LPTSTR usri2_logon_server;
DWORD usri2_country_code;
DWORD usri2_code_page;
} USER_INFO_2, *PUSER_INFO_2, *LPUSER_INFO_2;
Within this structure, all of the parameters are defined in the same way as in the user_info_2 data structure.
The USER_INFO_3 data structure that can be used by NetUserEnum32, NetUserGetInfo32, NetUserSetInfo32 or NetUserAdd32 has the following format:
typedef struct _USER_INFO_3 {
LPTSTR usri3_name;
LPTSTR usri3_password;
DWORD usri3_password_age;
DWORD usri3_priv;
LPTSTR usri3_home_dir;
LPTSTR usri3_comment;
DWORD usri3_flags;
LPTSTR usri3_script_path;
DWORD usri3_auth_flags;
LPTSTR usri3_full_name;
LPTSTR usri3_usr_comment;
LPTSTR usri3_parms;
LPTSTR usri3_workstations;
DWORD usri3_last_logon;
DWORD usri3_last_logoff;
DWORD usri3_acct_expires;
DWORD usri3_max_storage;
DWORD usri3_units_per_week;
PBYTE usri3_logon_hours;
DWORD usri3_bad_pw_count;
DWORD usri3_num_logons;
LPTSTR usri3_logon_server;
DWORD usri3_country_code;
DWORD usri3_code_page;
DWORD usri3_user_id;
DWORD usri3_primary_group_id;
LPTSTR usri3_profile;
LPTSTR usri3_home_dir_drive;
DWORD usri3_password_expired;
}USER_INFO_3, *PUSER_INFO_3, *LPUSER_INFO_3;
Within this structure, the following parameters are defined:
usri3_name through usri3_code_page are the same as the corresponding elements of the USER_INFO_2 data structure described in User Account Information (level 2).
usri3_user_id specifies the relative id of the user in the security database.
usri3_primary_group_id specifies the relative id of the user’s primary group in the security database.
usri3_profile specifies the path of the user’s profile.
usri3_home_dir_drive specifies the drive on which the user’s home directory is located.
usri3_password_expired specifies whether user’s password has expired.
The user_info_10 data structure that can be used by NetUserEnum or NetUserGetInfo has the following format:
struct user_info_10 {
char usri10_name[LM20_UNLEN+1];
char usri10_pad_1;
char * usri10_comment;
char * usri10_usr_comment;
char * usri10_full_name;
};
Within this structure, the following parameters are defined:
usri10_name through usri10_full_name are the same as the corresponding elements of the user_info_2 data structure. For a complete description, see User Account Information (level 2).
The USER_INFO_10 data structure that can be used by NetUserEnum32 or NetUserGetInfo32 has the following format:
typedef struct _USER_INFO_10 {
LPTSTR usri10_name;
LPTSTR usri10_comment;
LPTSTR usri10_usr_comment;
LPTSTR usri10_full_name;
} USER_INFO_10, *PUSER_INFO_10, *LPUSER_INFO_10;
Within this structure, all of the parameters are defined the same way as in the user_info_10 data structure.
The user_info_11 data structure that can be used by NetUserEnum or NetUserGetInfo has the following format:
struct user_info_11 {
char usri11_name[LM20_UNLEN+1];
char usri11_pad_1;
char * usri11_comment;
char * usri11_usr_comment;
char * usri11_full_name;
unsigned short usri11_priv;
unsigned long usri11_auth_flags;
long usri11_password_age;
char * usri11_home_dir;
char * usri11_parms;
long usri11_last_logon;
long usri11_last_logoff;
unsigned short usri11_bad_pw_count;
unsigned short usri11_num_logons;
char * usri11_logon_server;
unsigned short sri11_country_code;
char * usri11_workstations;
unsigned long usri11_max_storage;
unsigned short usri11_units_per_week;
unsigned char * usri11_logon_hours;
unsigned short usri11_code_page;
};
Within this structure, the following parameters are 0 defined:
usri11_name through usri11_code_page are the same as the corresponding elements of the user_info_2 and user_info_10 data structures.
For a complete description, see User Account Information (level 2).
The USER_INFO_11 data structure that can be used by NetUserEnum32 or NetUserGetInfo32 has the following format:
typedef struct _USER_INFO_11 {
LPTSTR usri11_name;
LPTSTR usri11_comment;
LPTSTR usri11_usr_comment;
LPTSTR usri11_full_name;
DWORD usri11_priv;
DWORD usri11_auth_flags;
DWORD usri11_password_age;
LPTSTR usri11_home_dir;
LPTSTR usri11_parms;
DWORD usri11_last_logon;
DWORD usri11_last_logoff;
DWORD usri11_bad_pw_count;
DWORD usri11_num_logons;
LPTSTR usri11_logon_server;
DWORD usri11_country_code;
LPTSTR usri11_workstations;
DWORD usri11_max_storage;
DWORD usri11_units_per_week;
LPBYTE usri11_logon_hours;
DWORD usri11_code_page;
} USER_INFO_11, *PUSER_INFO_11, *LPUSER_INFO_11;
Within this structure, all of the parameters are defined in the same way as in the user_info_11 data structure.
The USER_INFO_20 data structure that can be used by NetUserEnum32, NetUserGetInfo32, or NetUserSetInfo32 has the following format:
typedef struct _USER_INFO_20 {
LPTSTR usri20_name;
LPTSTR usri20_full_name;
LPTSTR usri20_comment;
DWORD usri20_flags;
DWORD usri20_user_id;
}USER_INFO_20, *PUSER_INFO_20, *LPUSER_INFO_20;
Within this structure, all of the parameters are the same as the corresponding parameters in the USER_INFO_3 data structure.
The USER_INFO_21 data structure that can be used by NetUserSetInfo32 has the following format:
typedef struct _USER_INFO_21 {
BYTE usri21_password[ENCRYPTED_PWLEN];
}USER_INFO_21, *PUSER_INFO_21, *LPUSER_INFO_21;
Within this structure, usri21_password specifies user password encrypted with LM one-way function.
The USER_INFO_22 data structure that can be used by NetUserSetInfo32 or NetUserAdd32 has the following format:
typedef struct _USER_INFO_22 {
LPTSTR usri22_name;
BYTE usri22_password[ENCRYPTED_PWLEN];
DWORD usri22_password_age;
DWORD usri22_priv;
LPTSTR usri22_home_dir;
LPTSTR usri22_comment;
DWORD usri22_flags;
LPTSTR usri22_script_path;
DWORD usri22_auth_flags;
LPTSTR usri22_full_name;
LPTSTR usri22_usr_comment;
LPTSTR usri22_parms;
LPTSTR usri22_workstations;
DWORD usri22_last_logon;
DWORD usri22_last_logoff;
DWORD usri22_acct_expires;
DWORD usri22_max_storage;
DWORD usri22_units_per_week;
PBYTE usri22_logon_hours;
DWORD usri22_bad_pw_count;
DWORD usri22_num_logons;
LPTSTR usri22_logon_server;
DWORD usri22_country_code;
DWORD usri22_code_page;
}USER_INFO_22, *PUSER_INFO_22, *LPUSER_INFO_22;
Within this structure, the following parameters are defined:
usri22_password specifies user password encrypted with LM one-way function.
All other elements of the structure are the same as the corresponding elements in USER_INFO_2 data structure.
The following info levels are valid only for NetUserSetInfo32 and replace the older way of passing in a Parmnum to set a specific field.
The following data structures also are supported on down-level systems such as LAN Manager 2.x:
The USER_INFO_1003 data structure has the following format:
typedef struct _USER_INFO_1003 {
LPTSTR usri1003_password;
} USER_INFO_1003, *PUSER_INFO_1003, *LPUSER_INFO_1003;
Within this structure, usri1003_password specifies the password for the user account.
The USER_INFO_1005 data structure has the following format:
typedef struct _USER_INFO_1005 {
DWORD usri1005_priv;
} USER_INFO_1005, *PUSER_INFO_1005, *LPUSER_INFO_1005;
Within this structure, usri1005_priv specifies the level of privilege assigned to the user.
The USER_INFO_1006 data structure has the following format:
typedef struct _USER_INFO_1006 {
LPTSTR usri1006_home_dir;
} USER_INFO_1006, *PUSER_INFO_1006, *LPUSER_INFO_1006;
Within this structure, usri1006_home_dir specifies the path name of user’s home directory.
The USER_INFO_1007 data structure has the following format:
typedef struct _USER_INFO_1007 {
LPTSTR usri1007_comment;
} USER_INFO_1007, *PUSER_INFO_1007, *LPUSER_INFO_1007;
Within this structure, usri1007_comment specifies the comment describing the user privileges and other account information.
The USER_INFO_1008 data structure has the following format:
typedef struct _USER_INFO_1008 {
DWORD usri1008_flags;
} USER_INFO_1008, *PUSER_INFO_1008, *LPUSER_INFO_1008;
Within this structure, usri1008_flags specifies the user account features. Its values can be found in the description for usri1_flags in the user_info_1 data structure.
The USER_INFO_1009 data structure has the following format:
typedef struct _USER_INFO_1009 {
LPTSTR usri1009_script_path;
} USER_INFO_1009, *PUSER_INFO_1009, *LPUSER_INFO_1009;
Within this structure, usro1009_script_path specifies the path name of the user’s logon script.
The USER_INFO_1010 data structure has the following format:
typedef struct _USER_INFO_1010 {
DWORD usri1010_auth_flags;
} USER_INFO_1010, *PUSER_INFO_1010, *LPUSER_INFO_1010;
Within this structure, usri1010_auth_flags specifies the authorization flags for the user.
The USER_INFO_1011 data structure has the following format:
typedef struct _USER_INFO_1011 {
LPTSTR usri1011_full_name;
} USER_INFO_1011, *PUSER_INFO_1011, *LPUSER_INFO_1011;
Within this structure, usri1011_full_name specifies the full name of the user.
The USER_INFO_1012 data structure has the following format:
typedef struct _USER_INFO_1012 {
LPTSTR usri1012_usr_comment;
} USER_INFO_1012, *PUSER_INFO_1012, *LPUSER_INFO_1012;
Within this structure, usri1012_usr_comment specifies a user comment.
The USER_INFO_1013 data structure has the following format:
typedef struct _USER_INFO_1013 {
LPTSTR usri1013_parms;
} USER_INFO_1013, *PUSER_INFO_1013, *LPUSER_INFO_1013;
Within this structure, usri1013_parms is used for application-specific parameters.
The USER_INFO_1014 data structure has the following format:
typedef struct _USER_INFO_1014 {
LPTSTR usri1014_workstations;
} USER_INFO_1014, *PUSER_INFO_1014, *LPUSER_INFO_1014;
Within this structure, usri1014_workstations contains a list of names of workstations from which a user can log on.
The USER_INFO_1017 data structure has the following format:
typedef struct _USER_INFO_1017 {
DWORD usri1017_acct_expires;
} USER_INFO_1017, *PUSER_INFO_1017, *LPUSER_INFO_1017;
Within this structure, usri1017_acct_expires specifies when the user account will expire.
The USER_INFO_1018 data structure has the following format:
typedef struct _USER_INFO_1018 {
DWORD usri1018_max_storage;
} USER_INFO_1018, *PUSER_INFO_1018, *LPUSER_INFO_1018;
Within this structure, usri1018_max_storage specifies the maximum amount of disk space the user can use.
The USER_INFO_1020 data structure has the following format
typedef struct _USER_INFO_1020 {
DWORD usri1020_units_per_week;
LPBYTE usri1020_logon_hours;
} USER_INFO_1020, *PUSER_INFO_1020, *LPUSER_INFO_1020;
Within this structure, all of the parameters are the same as the corresponding parameters in user_info_2 data structure.
The USER_INFO_1023 data structure has the following format:
typedef struct _USER_INFO_1023 {
LPTSTR usri1023_logon_server;
} USER_INFO_1023, *PUSER_INFO_1023, *LPUSER_INFO_1023;
Within this structure, usri1023_logon_server parameter is the same as the corresponding parameter in user_info_2 data structure.
The USER_INFO_1024 data structure has the following format:
typedef struct _USER_INFO_1024 {
DWORD usri1024_country_code;
} USER_INFO_1024, *PUSER_INFO_1024, *LPUSER_INFO_1024;
Within this structure, usri1024_country_code specifies the country code for the user’s language of choice.
The USER_INFO_1025 data structure has the following format:
typedef struct _USER_INFO_1025 {
DWORD usri1025_code_page;
} USER_INFO_1025, *PUSER_INFO_1025, *LPUSER_INFO_1025;
Within this structure, usri1025_code_page specifies the code page for the user’s language of choice.
The USER_INFO_1051 data structure has the following format:
typedef struct _USER_INFO_1051 {
DWORD usri1051_primary_group_id;
} USER_INFO_1051, *PUSER_INFO_1051, *LPUSER_INFO_1051;
Within this structure, usri1051_primary_group_id specifies the relative ID of the user’s primary group in the security database.
The USER_INFO_1052 data structure has the following format:
typedef struct _USER_INFO_1052 {
LPTSTR usri1052_profile;
} USER_INFO_1052, *PUSER_INFO_1052, *LPUSER_INFO_1052;
Within this structure, usri1052_profile specifies the path of the user’s profile.
The USER_INFO_1053 data structure has the following format:
typedef struct _USER_INFO_1053 {
LPTSTR usri1053_home_dir_drive;
} USER_INFO_1053, *PUSER_INFO_1053, *LPUSER_INFO_1053;
Within this structure, usri1053_home_dir_drive specifies the drive on which the user’s home directory is located.
The user_modals_info_0 data structure that can be used by NetUserModalsGet and NetUserModalsSet has the following format:
struct user_modals_info_0 {
unsigned short usrmod0_min_passwd_len;
unsigned long usrmod0_max_passwd_age;
unsigned long usrmod0_min_passwd_age;
unsigned long usrmod0_force_logoff;
unsigned short usrmod0_password_hist_len;
unsigned short usrmod0_reserved1;
};
Within this structure, the following parameters are defined:
usrmod0_min_passwd_len specifies the minimum allowable password length. Valid values for this element are 0 through LM20_PWLEN, as defined in the netcons.h header file.
usrmod0_max_passwd_age specifies the maximum allowable password age (in seconds). A value of TIMEQ_FOREVER, as defined in the access.h header file, indicates that the password never expires. The minimum valid value for this element is ONE_DAY, as defined in the access.h header file. The value specified must be greater than or equal to the value for usrmod0_min_passwd_age.
usrmod0_min_passwd_age specifies the minimum elapsed time (in seconds) between when the password was last changed and when it can be changed again. A value of 0 indicates that no delay is required between password updates. The value specified must be less than or equal to the value for usrmod0_max_passwd_age.
usrmod0_force_logoff specifies the amount of time (in seconds) between the end of the valid logon time and the time when the user is forced off the network. A value of TIMEQ_FOREVER, as defined in the access.h header file, indicates that the user is never forced off. A value of 0 indicates that the user will be forced off immediately when the valid logon time expires.
usrmod0_password_hist_len specifies the length of password history maintained. A new password cannot match any of the previous usrmod0_password_hist_len passwords. Valid values for this element are 0 through DEF_MAX_PWHIST, as defined in the access.h header file.
usrmod0_reserved1 reserved; must be 0.
The USER_MODALS_INFO_0 structure that can be used by UserModalsGet32 or UserModalsSet32 has the following format:
typedef struct _USER_MODALS_INFO_0 {
DWORD usrmod0_min_passwd_len;
DWORD usrmod0_max_passwd_age;
DWORD usrmod0_min_passwd_age;
DWORD usrmod0_force_logoff;
DWORD usrmod0_password_hist_len;
} USER_MODALS_INFO_0, *PUSER_MODALS_INFO_0, LPUSER_MODALS_INFO_0;
Within this structure, all of the parameters are defined in the same way as in the user_modals_0 data structure.
The user_modals_info_1 data structure that can be used by NetUserModalsGet and NetUserModalsSet has the following format:
struct user_modals_info_1 {
unsigned short usrmod1_role;
char * usrmod1_primary;
};
Within this structure, the following parameters are defined:
usrmod1_role specifies the role of the logon server. The access.h header file defines these possible values:
|
Code |
Value |
Meaning |
|
UAS_ROLE_BACKUP |
2 |
Logon server is a backup. |
|
UAS_ROLE_PRIMARY |
3 |
Logon server is a domain controller. |
usrmod1_primary specifies the name of the domain controller where the primary copy of the security database file is stored.
The USER_MODALS_INFO_1 structure that can be used by UserModalsGet32 or UserModalsSet32 has the following format:
typedef struct _USER_MODALS_INFO_1 {
DWORD usrmod1_role;
LPTSTR usrmod1_primary;
} USER_MODALS_INFO_1, *PUSER_MODALS_INFO_1, *LPUSER_MODALS_INFO_1;
Within this structure, all of the parameters are defined in the same way as in the user_modals_1 data structure.
The USER_MODALS_INFO_2 structure that can be used by UserModalsGet32 or UserModalsSet32 has the following format:
typedef struct _USER_MODALS_INFO_2 {
LPTSTR usrmod2_domain_name;
PSID usrmod2_domain_id;
}USER_MODALS_INFO_2, *PUSER_MODALS_INFO_2, *LPUSER_MODALS_INFO_2;
Within this structure, usrmod2_domain_name specifies the domain name of a security database.
usrmod2_domain_id specifies the Security Identifier of the domain in usrmod2_domain_name.
The USER_MODALS_INFO_3 structure that can be used by UserModalsGet32 or UserModalsSet32 has the following format:
typedef struct _USER_MODALS_INFO_3 {
DWORD usrmod3_lockout_duration;
DWORD usrmod3_lockout_observation_window;
DWORD usrmod3_lockout_threshold;
} USER_MODALS_INFO_3, *PUSER_MODALS_INFO_3, *LPUSER_MODALS_INFO_3;
Within this structure, usrmod3_lockout_duration specifies a number of minutes for locked accounts to remain locked before automatically becoming unlocked. The range is from 1 to 99999. The value of TIMEQ_FOREVER specifies that the locked accounts remain locked until an administrator unlocks them.
usrmod3_lockout_observation_window specifies the maximum number of minutes that can occur between any two failed logon attempts for lockout to occur. The range is from 1 to 99999.
usrmod3_lockout_threshold specifies the number of failed logon attempts that will cause an account to be locked. The range is from 1 to 999.
The following info levels are valid only for NetUserModalsSet32 and replace the older way of passing in a Parmnum to set a specific field.
The USER_MODALS_INFO_1001 data structure has the following format:
typedef struct _USER_MODALS_INFO_1001 {
DWORD usrmod1001_min_passwd_len;
} USER_MODALS_INFO_1001, *PUSER_MODALS_INFO_1001,
*LPUSER_MODALS_INFO_1001;
Within this structure, the parameter usrmod1001_min_passwd_len is defined in the same way as the corresponding parameter in the user_modals_info_0 data structure.
The USER_MODALS_INFO_1002 data structure has the following format:
typedef struct _USER_MODALS_INFO_1002 {
DWORD usrmod1002_max_passwd_age;
} USER_MODALS_INFO_1002, *PUSER_MODALS_INFO_1002, *LPUSER_MODALS_INFO_1002;
Within this structure, the parameter usrmod1002_max_passwd_len is defined in the same way as the corresponding parameter in the user_modals_info_0 data structure.
The USER_MODALS_INFO_1003 data structure has the following format:
typedef struct _USER_MODALS_INFO_1003 {
DWORD usrmod1003_min_passwd_age;
} USER_MODALS_INFO_1003, *PUSER_MODALS_INFO_1003, *LPUSER_MODALS_INFO_1003;
Within this structure, the parameter usrmod1003_min_passwd_age is defined in the same way as the corresponding parameter in the user_modals_info_0 data structure.
The USER_MODALS_INFO_1004 data structure has the following format:
typedef struct _USER_MODALS_INFO_1004 {
DWORD usrmod1004_force_logoff;
} USER_MODALS_INFO_1004, *PUSER_MODALS_INFO_1004, *LPUSER_MODALS_INFO_1004;
Within this structure, the parameter usrmod1004_force_logoff is defined in the same way as the corresponding parameter in the user_modals_info_0 data structure.
The USER_MODALS_INFO_1005 data structure has the following format:
typedef struct _USER_MODALS_INFO_1005 {
DWORD usrmod1005_password_hist_len;
} USER_MODALS_INFO_1005, *PUSER_MODALS_INFO_1005, *LPUSER_MODALS_INFO_1005;
Within this structure, the parameter usrmod1005_password_hist_len is defined in the same way as the corresponding parameter in the user_modals_info_0 data structure.
The USER_MODALS_INFO_1006 data structure has the following format:
typedef struct _USER_MODALS_INFO_1006 {
DWORD usrmod1006_role;
} USER_MODALS_INFO_1006, *PUSER_MODALS_INFO_1006, *LPUSER_MODALS_INFO_1006;
Within this structure, the parameter usrmod1006_role is defined in the same way as the corresponding parameter in the user_modals_info_1 data structure.
The USER_MODALS_INFO_1007 data structure has the following format:
typedef struct _USER_MODALS_INFO_1007 {
LPTSTR usrmod1007_primary;
} USER_MODALS_INFO_1007, *PUSER_MODALS_INFO_1007, *LPUSER_MODALS_INFO_1007;
Within this structure, the parameter usrmod1007_primary is defined in the same way as the corresponding parameter in the user_modals_info_1 data structure.
The group_info_0 data structure that can be used by NetUserGetGroups and NetUserSetGroups has the following format:
struct group_info_0 {
char grpi0_name[LM20_GNLEN+1];
};
Within this structure, grpi0_name specifies the group to which a user belongs. The constant LM20_GNLEN is defined in the netcons.h header file.
The GROUP_USERS_INFO_0 data structure that can be used by NetUserGetGroups32 and NetUserSetGroups32 has the following format:
typedef struct _GROUP_USERS_INFO_0 {
LPTSTR grpui0_name;
} GROUP_USERS_INFO_0, *PGROUP_USERS_INFO_0, *LPGROUP_USERS_INFO_0;
Within this structure, grpui0_name specifies a group to which a user belongs.
The GROUP_USERS_INFO_1 data structure that can be used by NetUserGetGroups32 and NetUserSetGroups32 has the following format:
typedef struct _GROUP_USERS_INFO_1 {
LPTSTR grpui1_name;
LPTSTR grpui1_attributes;
} GROUP_USERS_INFO_1, *PGROUP_USERS_INFO_1, *LPGROUP_USERS_INFO_1;
Within this structure, grpui1_name specifies a group to which a user belongs.
grpi1_attributes specifies the set of flags describing the group’s characteristics.
NetUserGetLocalGroups returns the following data structure:
typedef struct _LOCALGROUP_USERS_INFO_0 {
LPTSTR lgrui0_name;
} LOCALGROUP_USERS_INFO_0,*PLOCALGROUP_INFO_0,
*LPLOCALGROUP_USERS_INFO_0;
Within this structure, lgrui0_name specifies the local group to which a user belongs.
A pointer to a user_logon_req_1 data structure is passed to NetUserValidate2. The user_logon_req_1 data structure has the following format:
struct user_logon_req_1 {
char usrreq1_name[LM20_UNLEN+1];
char usrreq1_pad_1;
char usrreq1_password[SESSION_PWLEN];
char * usrreq1_workstation;
};
Within this structure, the following parameters are defined:
usrreq1_name specifies the name of the user whose account is queried. The constant UNLEN is defined in the netcons.h header file.
usrreq1_pad_1 aligns the next data structure element on a word boundary.
usrreq1_password specifies the password of the user specified by usrreq1_name. The password can have as many as LM20_PWLEN non-NULL bytes, and must be followed by a terminating NULL character. The array is SESSION_PWLEN bytes long to allow for password encryption. The constants LM20_PWLEN and SESSION_PWLEN are defined in the netcons.h header file.
usrreq1_workstation points to an ASCIIZ string that contains the name of the workstation for which the user is requesting validation. A null string indicates the local workstation; a null pointer indicates to ignore the workstation.
NetUserValidate2 returns a user_logon_info_1 structure. The user_logon_info_1 data structure has the following format:
struct user_logon_info_1 {
unsigned short usrlog1_code;
char usrlog1_eff_name[LM20_UNLEN+1];
char usrlog1_pad_1;
unsigned short usrlog1_priv;
unsigned long usrlog1_auth_flags;
unsigned short usrlog1_num_logons;
unsigned short usrlog1_bad_pw_count;
unsigned long usrlog1_last_logon;
unsigned long usrlog1_last_logoff;
unsigned long usrlog1_logoff_time;
unsigned long usrlog1_kickoff_time;
long usrlog1_password_age;
unsigned long usrlog1_pw_can_change;
unsigned long usrlog1_pw_must_change;
char * usrlog1_computer;
char * usrlog1_domain;
char * usrlog1_script_path;
unsigned long usrlog1_reserved1;
};
Within this structure, the following parameters are defined:
usrlog1_code specifies the logon code used in conjunction with the code returned by the API function. For a list of the specific values, see the Return Codes section of the NetUserValidate2 description.
usrlog1_eff_name specifies the name of the account to which the user was logged on. The constant LM20_UNLEN is defined in the netcons.h header file.
usrlog1_pad_1 aligns the next data structure element on a word boundary.
usrlog1_num_logons specifies the number of times this user is logged on. A value of 1 means the number of logons is unknown.
usrlog1_bad_pw_count specifies the number of attempts to log on to this account using an incorrect password since the last successful logon.
usrlog1_last_logon specifies the time the user last logged on. This value is stored as the number of seconds elapsed since 00:00:00, January 1, 1970.
usrlog1_last_logoff specifies the time the user last logged off. This value is stored as the number of seconds elapsed since 00:00:00, January 1, 1970. A value of 0 means that the last logoff time is unknown.
usrlog1_logoff_time specifies the time the user should log off. This value is stored as the number of seconds elapsed since 00:00:00, January 1, 1970. A value of USER_NO_LOGOFF means the user never has to log off. The constant USER_NO_LOGOFF is defined in the access.h header file.
usrlog1_kickoff_time specifies the time the user will be logged off by the system. This value is stored as the number of seconds elapsed since 00:00:00, January 1, 1970. A value of USER_NO_LOGOFF means the user will not be logged off by the system. The constant USER_NO_LOGOFF is defined in the access.h file.
usrlog1_password_age specifies how many seconds have elapsed since the user password was last changed.
usrlog1_pw_can_change specifies the time when the user is allowed to change the password. This value is stored as the number of seconds elapsed since 00:00:00, January 1, 1970. A value of TIMEQ_FOREVER means the user can never change the password. The constant TIMEQ_FOREVER is defined in the access.h header file.
usrlog1_pw_must_change specifies the time when the user must change the password. This value is stored as the number of seconds elapsed since 00:00:00, January 1, 1970.
usrlog1_computer specifies which server validated the user’s logon.
usrlog1_domain specifies in which domain the user is logged on.
usrlog1_script_path specifies the relative path to the user logon script.
usrlog1_reserved1 reserved; the value is undefined. This element should not be used.
For NetUserSetInfo32, parmnum values refer to the fields in the USER_INFO structure as follows. These values are used when indicating an error in a specific parameter via parm_err.
|
parmnum value |
Field in user_info struct |
|
USER_NAME_PARMNUM |
usri_name |
|
USER_PASSWORD_PARMNUM |
usri_password |
|
USER_PASSWORD_AGE_PARMNUM |
usri_password_age |
|
USER_PRIV_PARMNUM |
usri_priv |
|
USER_HOME_DIR_PARMNUM |
usri_home_dir |
|
USER_COMMENT_PARMNUM |
usri_comment |
|
USER_FLAGS_PARMNUM |
usri_flags |
|
USER_SCRIPT_PATH_PARMNUM |
usri_script_path |
|
USER_AUTH_FLAGS_PARMNUM |
usri_auth_flags |
|
USER_FULL_NAME_PARMNUM |
usri_full_name |
|
USER_USR_COMMENT_PARMNUM |
usri_usr_comment |
|
USER_PARMS_PARMNUM |
usri_parms |
|
USER_WORKSTATIONS_PARMNUM |
usri_workstations |
|
USER_LAST_LOGON_PARMNUM |
usri_last_logon |
|
USER_LAST_LOGOFF_PARMNUM |
usri_last_logoff |
|
USER_ACCT_EXPIRES_PARMNUM |
usri_acct_expires |
|
USER_MAX_STORAGE_PARMNUM |
usri_max_storage |
|
USER_UNITS_PER_WEEK_PARMNUM |
usri_units_per_week |
|
USER_LOGON_HOURS_PARMNUM |
usri_logon_hours |
|
USER_PAD_PW_COUNT_PARMNUM |
usri_bad_pw_count |
|
USER_NUM_LOGONS_PARMNUM |
usri_num_logons |
|
USER_LOGON_SERVER_PARMNUM |
usri_logon_server |
|
USER_COUNTRY_CODE_PARMNUM |
usri_country_code |
|
USER_CODE_PAGE_PARMNUM |
usri_code_page |
|
USER_PRIMARY_GROUP_PARMNUM |
usri_primary_group_id |
|
USER_PROFILE |
usri_profile |
|
USER_HOME_DIR_DRIVE_PARMNUM |
usri_home_dir_drive |
For NetUserModalsSet32, parmnum values refer to the fields in the modals_info structure as follows. These values are used when indicating an error in a specific parameter via parm_err.
|
parmnum value |
Field in modals_info struct |
|
MODALS_MIN_PASSWD_LEN_PARMNUM |
usrmod_min_passwd_len |
|
MODALS_MAX_PASSWD_AGE_PARMNUM |
usrmod_max_passwd_age |
|
MODALS_MIN_PASSWD_AGE_PARMNUM |
usrmod_min_passwd_age |
|
MODALS_FORCE_LOGOFF_PARMNUM |
usrmod_force_logoff |
|
MODALS_PASSWD_HIST_LIST_PARMNUM |
usrmod_passwd_hist_list |
|
MODALS_ROLE_PARMNUM |
usrmod_role |
|
MODALS_PRIMARY_PARMNUM |
usrmod_primary |
|
MODALS_DOMAIN_NAME_PARMNUM |
usrmod_domain_name |
|
MODALS_DOMAIN_ID_PARMNUM |
usrmod_domain_id |
|
MODALS_LOCKOUT_DURATION_PARMNUM |
usrmod_lockout_duration |
|
MODALS_LOCKOUT_OBSERVATION _WINDOW_PARMNUM |
usrmod_lockout_observation_window |
|
MODALS_LOCKOUT_THRESHOLD _PARMNUM |
usrmod_lockout_threshold |
