Solved

Create NT Accounts in Delphi CGI App

Posted on 2000-04-24
8
670 Views
Last Modified: 2012-06-27
I downloaded the API files for Lan Manager (from delphi-jedi.org) to try to find the calls to create NT Server logins from Delphi ver 4 or 5.  The APIs are very long and confusing.

My goal is simple, build a web based secutity system that uses the NT login.  That way, I can programmatically assign logins to groups of users with certain access rights.

I would need the calls to:
Create Login
Delete Login
Modify Login Password
Assign Group
Get Login Username
Get Login Groups.

Does anyone out there have an idea how to do this?

I will also accept links to point me in the direction of real world security layouts for web-sites that aren't all hype and talk.

Sincery,
TonyT_MTSH
0
Comment
Question by:tonyt_mtsh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 3

Expert Comment

by:shenqw
ID: 2746137
listen
0
 

Expert Comment

by:HamidHossain
ID: 2746373
listening ...
0
 
LVL 1

Accepted Solution

by:
mscatena earned 500 total points
ID: 2746999
Here is a unit that does a lot of the things you asked. You can easilly extend it to do the rest.

===================

unit CriaNTUser;

{
Cria usuario de NT
Copyright 1997 por Mauro Sant' Anna
Todos os direitos reservados
}

interface

uses
  Windows;

// Create user
function CriaUsuario(
  const XUsuario, XSenha, XComentario, XServidor: string): integer;

// Add to group
function AdicionaAoGrupo(const XServidor, XUsuario, XGrupo: string): integer;

// Remove from group
function EliminaDoGrupo(const XServidor, XUsuario, XGrupo: string): integer;

function ErrToMsg(const Err: integer): string;

implementation

type
  T_USER_INFO_1 = record
    usri1_name: PWideChar;
    usri1_password: PWideChar;
    usri1_password_age: integer;
    usri1_priv: integer;
    usri1_home_dir: PWideChar;
    usri1_comment: PWideChar;
    usri1_flags: integer;
    usri1_script_path: PWideChar;
  end;
  PInteger = ^Integer;

function NetUserAdd(
    servername: PWideChar;
    level: integer;
    const buf: T_USER_INFO_1;
    parm_err: PInteger
   ): integer; stdcall; external 'netapi32.dll';

function NetGroupAddUser(servername: PWideChar;
                         GroupName: PWideChar;
                         username: PWideChar): integer; stdcall; external 'netapi32.dll';

function NetGroupDelUser(servername: PWideChar;
                         GroupName: PWideChar;
                         username: PWideChar): integer; stdcall; external 'netapi32.dll';

const
  USER_PRIV_USER = 1;
  UF_SCRIPT = 1;
  NERR_BASE = 2100;
  NERR_InvalidComputer = NERR_BASE + 251;
  NERR_NotPrimary = NERR_BASE + 126;
  NERR_GroupExists = NERR_BASE + 123;
  NERR_UserExists = NERR_BASE + 124;
  NERR_PasswordTooShort = NERR_BASE + 145;
  NERR_SpeGroupOp = NERR_BASE+134; // The operation is not allowed on specified special groups, which are user groups, admin groups, local groups, or guest groups.
  NERR_UserNotFound = NERR_BASE+121;// The user name could not be found.
  NERR_GroupNotFound = NERR_BASE+120; // The group name could not be found.
  NERR_UserNotInGroup = NERR_BASE+137; // The user does not belong to this group.
 cTamStr = 256;

procedure StrToMB(const S: string; Buffer: PWideChar);
begin
  fillchar(Buffer^, cTamStr * 2, 0);
  MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, Pointer(S), length(S), Buffer, cTamStr);
end;

function ErrToMsg(const Err: integer): string;
begin
  Result := 'Ok';
  case Err of
    ERROR_ACCESS_DENIED: Result := 'Access Denied';
    NERR_InvalidComputer: Result := 'InvalidComputer';
    NERR_NotPrimary: Result := 'NotPrimary';
    NERR_GroupExists: Result := 'GroupExists';
    NERR_UserExists: Result := 'UserExists';
    NERR_PasswordTooShort: Result := 'PasswordTooShort';
    NERR_SpeGroupOp: Result := 'The operation is not allowed on specified special groups, which are user groups, admin groups, local groups, or guest groups.';
    NERR_UserNotFound: Result := 'The user name could not be found.';
    NERR_GroupNotFound: Result := 'The group name could not be found.';
    NERR_UserNotInGroup: Result := 'The user does not belong to this group.';
  end;
end;

function CriaUsuario(
  const XUsuario, XSenha, XComentario, XServidor: string): integer;
var
  U: T_USER_INFO_1;
  Err, Ret: integer;
  Usuario, Senha, Comentario, Servidor: array[0..cTamStr] of widechar;

procedure Converte;
begin
  StrToMB(XUsuario, Usuario);
  StrToMB(XSenha, Senha);
  StrToMB(XComentario, Comentario);
  StrToMB(XServidor, Servidor);
end;

begin
  Converte;
  with U do
  begin
    usri1_name := Usuario;
    usri1_password := Senha;
    usri1_priv := USER_PRIV_USER;
    usri1_home_dir := nil;
    usri1_comment := 'Teste de cadastramento';
    usri1_flags := UF_SCRIPT;
    usri1_script_path := NIL;
  end;
  Ret := NetUserAdd(Servidor, 1, U, @Err);
  Result := Ret;
end;

function AdicionaAoGrupo(const XServidor, XUsuario, XGrupo: string): integer;
var
  Usuario, Servidor, Grupo: array[0..cTamStr] of widechar;
begin
  StrToMB(XUsuario, Usuario);
  StrToMB(XServidor, Servidor);
  StrToMB(XGrupo, Grupo);
  Result := NetGroupAddUser(Servidor, Grupo, Usuario);
end;

function EliminaDoGrupo(const XServidor, XUsuario, XGrupo: string): integer;
var
  Usuario, Servidor, Grupo: array[0..cTamStr] of widechar;
begin
  StrToMB(XUsuario, Usuario);
  StrToMB(XServidor, Servidor);
  StrToMB(XGrupo, Grupo);
  Result := NetGroupDelUser(Servidor, Grupo, Usuario);
end;

end.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:tonyt_mtsh
ID: 2750002
THANK YOU!!!

I will convert some of the spanish to english to make sure I understand it.  I can probalby do that tomorrow.  If I get it to work (even a little), then you got the points.

Thanks,
TonyT.
0
 

Author Comment

by:tonyt_mtsh
ID: 2756580
Thank you.  I can now add/delete, modify passwords, add users to groups and remove them from groups.

I wrote my own unit (in english) that is very similar to the one above, with the additional function calls and an expanded set of constants.

I now just have to figure out the whole security layout for my appserver.

Thanks again.
TonyT.
0
 
LVL 1

Expert Comment

by:mscatena
ID: 2757629
You are wellcome.

BTW, the names are in Portuguese.

Bye.
0
 

Author Comment

by:tonyt_mtsh
ID: 2757914
I ttok 3 years of Spanish in high school and could only remember some of the stuff the Taco bell dog says.

Once I saw the API calls, I knew where to go.  Now, all I have to do is figure out the Server Part.  (I am getting the "Not Primary" error.)  I didn't want to add the users to our entire domaine.  I was hoping that I could add them to just the one running the Internet Server.  I am not so good on the NT Security Stuff.

I think I have to create a new domain and make that new domain have it's own name service.  My network guy is supposed to figure it out, but he's backed up with a lot of other stuff.

Thanks.
0
 
LVL 1

Expert Comment

by:mscatena
ID: 2758997
Portuguese is quite similar to Spanish. I can understand it perfectly, though I cannot really speak it.

I tested this code creating accounts in the current domain, supplying the server name. I don’t know about creating accounts in a standalone server, though setting up another domain sounds fine to me. I can actually see some advantages in doing it, like if you end up needing more than one web server.

Bye.
0

Featured Post

Want Experts Exchange at your fingertips?

With Experts Exchange’s latest app release, you can now experience our most recent features, updates, and the same community interface while on-the-go. Download our latest app release at the Android or Apple stores today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating an auto free TStringList The TStringList is a basic and frequently used object in Delphi. On many occasions, you may want to create a temporary list, process some items in the list and be done with the list. In such cases, you have to…
In my programming career I have only very rarely run into situations where operator overloading would be of any use in my work.  Normally those situations involved math with either overly large numbers (hundreds of thousands of digits or accuracy re…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Suggested Courses
Course of the Month5 days, 8 hours left to enroll

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question