Solved

NT permissions API?

Posted on 1998-01-22
7
258 Views
Last Modified: 2012-05-04
Are there a set of classes/API's that I can use in order
to authenticate users.  I need to be able to
1.  Authenticate users
2.  Determine what groups they belong to.
I'm doing this in c++ using VC 5.0
0
Comment
Question by:imhendri
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 3

Expert Comment

by:os012897
ID: 1178717
Hi there,

- You can use LogonUser (Win32 API function) to authenticate a
  user!
- Use NetUserGetGroups to retrieve a list of global groups a user
  belongs to

Hope that helps,

       os
0
 
LVL 3

Expert Comment

by:os012897
ID: 1178718
If you want to check for local groupmembership, use NetUserGetLocalGroups!

Hope that helps,

       os
0
 

Author Comment

by:imhendri
ID: 1178719
Thanks for the info.  I looked it up and am a little
confused about the structures is uses.  Can you give me
and example of how to use it?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:imhendri
ID: 1178720
More specific, can you give me an example of NetUserGetLocalGroups.
0
 

Author Comment

by:imhendri
ID: 1178721
I'm having difficulties getting it to work.  Please submit
example.  If a sucessfull example is received, then the
question submitted by malitia for same question will be
awarded as well (50 points).
0
 
LVL 3

Expert Comment

by:os012897
ID: 1178722
Hi again,

Unfortunately I cannot provide you with a complete example, as I just do not have the time to write one. I am including the info from the MSVC++ 4.2 documentation.

It should basically work like this:

//Getting the groups a local user belongs to on the LOCAL // computer
LPBYTE *userinfo_array;
DWORD prefmaxlen;      
LPDWORD entriesread, totalentries;

NetUserGetLocalGroups(NULL, "Princess_Leia", 0, 0,
                      userinfo_array, prefmaxlen, entriesread,
                      totalentries)

If it does not work, tell me what your exact problem is!

The NetUserGetLocalGroups function retrieves a list of local groups to which a specified user belongs.
Security Requirements
Only members of the Administrators or Account Operators local group can successfully execute NetUserGetLocalGroups.
NET_API_STATUS NetUserGetLocalGroups(
    LPWSTR servername,      
    LPWSTR username,      
    DWORD level,      
    DWORD flags,      
    LPBYTE *bufptr,      
    DWORD prefmaxlen,      
    LPDWORD entriesread,      
    LPDWORD totalentries      
   );      
 
Parameters
servername
Pointer to a Unicode string containing the name of the remote server on which the function is to execute. A NULL pointer or string specifies the local computer.
username
Pointer to a Unicode string containing the name of the user for which to return global group membership. This parameter can be of the form <UserName>, in which case the username is expected to be found on servername. The user name can also be of the form <DomainName>\<UserName> in which case <DomainName> is associated with servername and <UserName> is expected to be to be found on that domain.
level
Level of information required. Only 0 is valid.
flags
Bitmask of flags. Currently, only LG_INCLUDE_INDIRECT is defined. If this bit is set, the function will also return the local groups of which the user is indirectly a member (that is, by the virtue of being in a global group that itself is a member of one or more local groups).
bufptr
On return a pointer to the return information structure is returned in the address pointed to by bufptr. The returned information is an array of LOCALGROUP_USERS_INFO_0 structures. The returned buffer should be deallocated using the NetApiBufferFree function.
prefmaxlen
Preferred maximum length, in 8-bit bytes of returned data.
entriesread
Pointer to a DWORD that contains the actual enumerated element count.
totalentries
Pointer to a DWORD that contains the total number of entries that could have been enumerated.
 
Return Values
If the function is successful, it returns NERR_SUCCESS.
If the function fails, the return value is one of the following error codes.
Value      Meaning
ERROR_ACCESS_DENIED      The user does not have access to the requested information.
NERR_InvalidComputer      The computer name is invalid.
NERR_UserNotFound      The user name could not be found.

Greetings,

           os

0
 

Accepted Solution

by:
malitia earned 150 total points
ID: 1178723
Here is your example:

include <windows.h>
#include <lm.h>
#include <stdio.h>
#pragma hdrstop

int main( void );

int main( void )
{
        wchar_t *server = L"\\\\BABYA"; // DC name here
        wchar_t *user = L"felixk"; // user to ask for

        DWORD rc, pref, got, total;
        GROUP_USERS_INFO_0 *buf;

        pref = 16; // start low, get more later
        buf = NULL; // important!

        do
        {
                pref *= 2; // bump buffer size
                printf( "Trying with prefmaxlen == %lu bytes\n", pref );
                if ( buf != NULL )
                {
                        NetApiBufferFree( buf );
                        buf = NULL; // important!
                }

                rc = NetUserGetGroups( server, user, 0, (LPBYTE *) &buf,
pref, &got, &total );
        } while ( rc == NERR_BufTooSmall || rc == ERROR_MORE_DATA );

        if ( rc != 0 )
        {
                printf( "Duh! -- error %lu\n", rc );
                return 1;
        }

        for ( rc = 0; buf != NULL && rc < got; rc ++ )
        {
                printf( "%S\n", buf[rc].grui0_name ); // %S: cap-S
toggles Unicode/ANSI
        }

        if ( buf != NULL )
                NetApiBufferFree( buf );

        return 0;
}

0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

  Included as part of the C++ Standard Template Library (STL) is a collection of generic containers. Each of these containers serves a different purpose and has different pros and cons. It is often difficult to decide which container to use and …
This article shows you how to optimize memory allocations in C++ using placement new. Applicable especially to usecases dealing with creation of large number of objects. A brief on problem: Lets take example problem for simplicity: - I have a G…
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question