Solved

Create NT Accounts in Delphi CGI App

Posted on 2000-04-24
8
663 Views
Last Modified: 2012-06-27
I downloaded the API files for Lan Manager (from delphi-jedi.org) to try to find the calls to create NT Server logins from Delphi ver 4 or 5.  The APIs are very long and confusing.

My goal is simple, build a web based secutity system that uses the NT login.  That way, I can programmatically assign logins to groups of users with certain access rights.

I would need the calls to:
Create Login
Delete Login
Modify Login Password
Assign Group
Get Login Username
Get Login Groups.

Does anyone out there have an idea how to do this?

I will also accept links to point me in the direction of real world security layouts for web-sites that aren't all hype and talk.

Sincery,
TonyT_MTSH
0
Comment
Question by:tonyt_mtsh
8 Comments
 
LVL 3

Expert Comment

by:shenqw
ID: 2746137
listen
0
 

Expert Comment

by:HamidHossain
ID: 2746373
listening ...
0
 
LVL 1

Accepted Solution

by:
mscatena earned 500 total points
ID: 2746999
Here is a unit that does a lot of the things you asked. You can easilly extend it to do the rest.

===================

unit CriaNTUser;

{
Cria usuario de NT
Copyright 1997 por Mauro Sant' Anna
Todos os direitos reservados
}

interface

uses
  Windows;

// Create user
function CriaUsuario(
  const XUsuario, XSenha, XComentario, XServidor: string): integer;

// Add to group
function AdicionaAoGrupo(const XServidor, XUsuario, XGrupo: string): integer;

// Remove from group
function EliminaDoGrupo(const XServidor, XUsuario, XGrupo: string): integer;

function ErrToMsg(const Err: integer): string;

implementation

type
  T_USER_INFO_1 = record
    usri1_name: PWideChar;
    usri1_password: PWideChar;
    usri1_password_age: integer;
    usri1_priv: integer;
    usri1_home_dir: PWideChar;
    usri1_comment: PWideChar;
    usri1_flags: integer;
    usri1_script_path: PWideChar;
  end;
  PInteger = ^Integer;

function NetUserAdd(
    servername: PWideChar;
    level: integer;
    const buf: T_USER_INFO_1;
    parm_err: PInteger
   ): integer; stdcall; external 'netapi32.dll';

function NetGroupAddUser(servername: PWideChar;
                         GroupName: PWideChar;
                         username: PWideChar): integer; stdcall; external 'netapi32.dll';

function NetGroupDelUser(servername: PWideChar;
                         GroupName: PWideChar;
                         username: PWideChar): integer; stdcall; external 'netapi32.dll';

const
  USER_PRIV_USER = 1;
  UF_SCRIPT = 1;
  NERR_BASE = 2100;
  NERR_InvalidComputer = NERR_BASE + 251;
  NERR_NotPrimary = NERR_BASE + 126;
  NERR_GroupExists = NERR_BASE + 123;
  NERR_UserExists = NERR_BASE + 124;
  NERR_PasswordTooShort = NERR_BASE + 145;
  NERR_SpeGroupOp = NERR_BASE+134; // The operation is not allowed on specified special groups, which are user groups, admin groups, local groups, or guest groups.
  NERR_UserNotFound = NERR_BASE+121;// The user name could not be found.
  NERR_GroupNotFound = NERR_BASE+120; // The group name could not be found.
  NERR_UserNotInGroup = NERR_BASE+137; // The user does not belong to this group.
 cTamStr = 256;

procedure StrToMB(const S: string; Buffer: PWideChar);
begin
  fillchar(Buffer^, cTamStr * 2, 0);
  MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, Pointer(S), length(S), Buffer, cTamStr);
end;

function ErrToMsg(const Err: integer): string;
begin
  Result := 'Ok';
  case Err of
    ERROR_ACCESS_DENIED: Result := 'Access Denied';
    NERR_InvalidComputer: Result := 'InvalidComputer';
    NERR_NotPrimary: Result := 'NotPrimary';
    NERR_GroupExists: Result := 'GroupExists';
    NERR_UserExists: Result := 'UserExists';
    NERR_PasswordTooShort: Result := 'PasswordTooShort';
    NERR_SpeGroupOp: Result := 'The operation is not allowed on specified special groups, which are user groups, admin groups, local groups, or guest groups.';
    NERR_UserNotFound: Result := 'The user name could not be found.';
    NERR_GroupNotFound: Result := 'The group name could not be found.';
    NERR_UserNotInGroup: Result := 'The user does not belong to this group.';
  end;
end;

function CriaUsuario(
  const XUsuario, XSenha, XComentario, XServidor: string): integer;
var
  U: T_USER_INFO_1;
  Err, Ret: integer;
  Usuario, Senha, Comentario, Servidor: array[0..cTamStr] of widechar;

procedure Converte;
begin
  StrToMB(XUsuario, Usuario);
  StrToMB(XSenha, Senha);
  StrToMB(XComentario, Comentario);
  StrToMB(XServidor, Servidor);
end;

begin
  Converte;
  with U do
  begin
    usri1_name := Usuario;
    usri1_password := Senha;
    usri1_priv := USER_PRIV_USER;
    usri1_home_dir := nil;
    usri1_comment := 'Teste de cadastramento';
    usri1_flags := UF_SCRIPT;
    usri1_script_path := NIL;
  end;
  Ret := NetUserAdd(Servidor, 1, U, @Err);
  Result := Ret;
end;

function AdicionaAoGrupo(const XServidor, XUsuario, XGrupo: string): integer;
var
  Usuario, Servidor, Grupo: array[0..cTamStr] of widechar;
begin
  StrToMB(XUsuario, Usuario);
  StrToMB(XServidor, Servidor);
  StrToMB(XGrupo, Grupo);
  Result := NetGroupAddUser(Servidor, Grupo, Usuario);
end;

function EliminaDoGrupo(const XServidor, XUsuario, XGrupo: string): integer;
var
  Usuario, Servidor, Grupo: array[0..cTamStr] of widechar;
begin
  StrToMB(XUsuario, Usuario);
  StrToMB(XServidor, Servidor);
  StrToMB(XGrupo, Grupo);
  Result := NetGroupDelUser(Servidor, Grupo, Usuario);
end;

end.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:tonyt_mtsh
ID: 2750002
THANK YOU!!!

I will convert some of the spanish to english to make sure I understand it.  I can probalby do that tomorrow.  If I get it to work (even a little), then you got the points.

Thanks,
TonyT.
0
 

Author Comment

by:tonyt_mtsh
ID: 2756580
Thank you.  I can now add/delete, modify passwords, add users to groups and remove them from groups.

I wrote my own unit (in english) that is very similar to the one above, with the additional function calls and an expanded set of constants.

I now just have to figure out the whole security layout for my appserver.

Thanks again.
TonyT.
0
 
LVL 1

Expert Comment

by:mscatena
ID: 2757629
You are wellcome.

BTW, the names are in Portuguese.

Bye.
0
 

Author Comment

by:tonyt_mtsh
ID: 2757914
I ttok 3 years of Spanish in high school and could only remember some of the stuff the Taco bell dog says.

Once I saw the API calls, I knew where to go.  Now, all I have to do is figure out the Server Part.  (I am getting the "Not Primary" error.)  I didn't want to add the users to our entire domaine.  I was hoping that I could add them to just the one running the Internet Server.  I am not so good on the NT Security Stuff.

I think I have to create a new domain and make that new domain have it's own name service.  My network guy is supposed to figure it out, but he's backed up with a lot of other stuff.

Thanks.
0
 
LVL 1

Expert Comment

by:mscatena
ID: 2758997
Portuguese is quite similar to Spanish. I can understand it perfectly, though I cannot really speak it.

I tested this code creating accounts in the current domain, supplying the server name. I don’t know about creating accounts in a standalone server, though setting up another domain sounds fine to me. I can actually see some advantages in doing it, like if you end up needing more than one web server.

Bye.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The uses clause is one of those things that just tends to grow and grow. Most of the time this is in the main form, as it's from this form that all others are called. If you have a big application (including many forms), the uses clause in the in…
Introduction The parallel port is a very commonly known port, it was widely used to connect a printer to the PC, if you look at the back of your computer, for those who don't have newer computers, there will be a port with 25 pins and a small print…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question