Solved

Windows NT?

Posted on 1998-09-14
4
201 Views
Last Modified: 2010-04-02
I am trying to write a C++ program that will somehow add users to a windows NT domain.  I would like this program to add users however I want.  I have read little about a thing called Active Directory Design could someone tell me if this is the path I should persue, if it is tell me more, give me code, whatever, and if it isn't then tell me what I should do, and give me code or whatever.  I am sure this question is an easy one, but I am desperate, that is the reason for the 200 points.
0
Comment
Question by:TAMC
  • 2
  • 2
4 Comments
 
LVL 1

Author Comment

by:TAMC
ID: 1172678
Edited text of question
0
 
LVL 11

Accepted Solution

by:
alexo earned 200 total points
ID: 1172679
No active directory is needed.

Use the NetUserAdd() function (only available on NT) to add users.

Also see http://support.microsoft.com/support/kb/articles/q140/1/65.asp

0
 
LVL 11

Expert Comment

by:alexo
ID: 1172680
Also see:
    http://support.microsoft.com/support/kb/articles/q119/6/71.asp
    http://support.microsoft.com/support/kb/articles/q136/8/67.asp
    and the NETAPI sample (comes with MSVC++)

Here's some more info from the docs:

This section demonstrates how to create a new computer account in Windows NT.

The following are considerations for managing computer accounts:

* The computer account name should be all uppercase for consistency with Windows NT account management utilities.

* A computer account name always has a trailing dollar sign ($). Any functions used to manage computer accounts must build the computer name such that the last character of the computer account name is a dollar sign ($). For interdomain trust, the account name is TrustingDomainName$.

* The maximum computer name length is MAX_COMPUTERNAME_LENGTH (15). This length does not include the trailing dollar sign ($).

* The password for a new computer account should be the lowercase representation of the computer account name, without the trailing dollar sign ($). For interdomain trust, the password can be an arbitrary value that matches the value specified on the trust side of the relationship.

* The maximum password length is LM20_PWLEN (14). The password should be truncated to this length if the computer account name exceeds this length.

* The password provided at computer-account-creation time is valid only until the computer account becomes active on the domain. A new pasword is established during trust relationship activation.
 
#include <windows.h>
#include <lm.h>
 
BOOL AddMachineAccount(
    LPWSTR wTargetComputer,
    LPWSTR MachineAccount,
    DWORD AccountType)
{
    LPWSTR wAccount;
    LPWSTR wPassword;
    USER_INFO_1 ui;
    DWORD cbAccount;
    DWORD cbLength;
    DWORD dwError;

    // Ensure a valid computer account type was passed.
    if (AccountType != UF_WORKSTATION_TRUST_ACCOUNT &&
        AccountType != UF_SERVER_TRUST_ACCOUNT &&
        AccountType != UF_INTERDOMAIN_TRUST_ACCOUNT)
    {
        SetLastError(ERROR_INVALID_PARAMETER);
        return FALSE;
    }

    // Obtain number of chars in computer account name.
    cbLength = cbAccount = lstrlenW(MachineAccount);

    // Ensure computer name doesn't exceed maximum length.
    if(cbLength > MAX_COMPUTERNAME_LENGTH)
    {
        SetLastError(ERROR_INVALID_ACCOUNT_NAME);
        return FALSE;
    }

    // Allocate storage to contain Unicode representation of
    // computer account name + trailing $ + NULL.
    wAccount=(LPWSTR)HeapAlloc(GetProcessHeap(), 0,
        (cbAccount + 1 + 1) * sizeof(WCHAR)  // Account + '$' + NULL);

    if(wAccount == NULL)
        return FALSE;

    // Password is the computer account name converted to lowercase
    // you will convert the passed MachineAccount in place.
    wPassword = MachineAccount;

    // Copy MachineAccount to the wAccount buffer allocated while
    // converting computer account name to uppercase.
    // convert password (inplace) to lowercase.
    while(cbAccount--)
    {
        wAccount[cbAccount] = towupper( MachineAccount[cbAccount] );
        wPassword[cbAccount] = towlower( wPassword[cbAccount] );
    }

    // Computer account names have a trailing Unicode '$'.
    wAccount[cbLength] = L'$';
    wAccount[cbLength + 1] = L'\0'; // terminate the string

    // If the password is greater than the max allowed, truncate.
    if(cbLength > LM20_PWLEN)
        wPassword[LM20_PWLEN] = L'\0';

    // Initialize USER_INFO_x structure.
    ZeroMemory(&ui, sizeof(ui));
    ui.usri1_name = wAccount;
    ui.usri1_password = wPassword;
    ui.usri1_flags = AccountType | UF_SCRIPT;
    ui.usri1_priv = USER_PRIV_USER;

    dwError=NetUserAdd(
                wTargetComputer,    // target computer name
                1,                  // info level
                (LPBYTE) &ui,       // buffer
                NULL);

    // Free allocated memory.
    if(wAccount)
        HeapFree(GetProcessHeap(), 0, wAccount);

    // Indicate whether the function was successful.
    if(dwError == NO_ERROR)
        return TRUE;
    else
    {
        SetLastError(dwError);
        return FALSE;
    }
}

The user that calls the account management functions must have Administrator privilege on the target computer. In the case of existing computer accounts, the creator of the account can manage the account, regardless of administrative membership.

The SeMachineAccountPrivilege can be granted on the target computer to give specified users the ability to create computer accounts. This gives non-administrators the ability to create computer accounts. The caller needs to enable this privilege prior to adding the computer account.

0
 
LVL 1

Author Comment

by:TAMC
ID: 1172681
Thanks, probably the easiest 200 points you've ever made.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Written by John Humphreys C++ Threading and the POSIX Library This article will cover the basic information that you need to know in order to make use of the POSIX threading library available for C and C++ on UNIX and most Linux systems.   [s…
Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now