Solved

Read/Write SAM Database

Posted on 2003-11-27
6
766 Views
Last Modified: 2008-02-01
How do I access information in the SAM database in NT4 Server?
API or Object interface?
Pointers to sample code or articles on this subject would be much apprieciated.
0
Comment
Question by:philjh
  • 3
  • 2
6 Comments
 
LVL 41

Expert Comment

by:graye
ID: 9833008
Microsoft considers the SAM to be a "black box".  It is therefore NOT documented.  There are lots of higher-level access methods (ADSI for example)

What are you trying to do?
0
 

Author Comment

by:philjh
ID: 9835806
I'm trying to read nt group and user information. I may also need to programmatically create user accounts.
0
 

Author Comment

by:philjh
ID: 9837223
I'd also like to mention that we are not using Active Directory Services.
0
 
LVL 41

Accepted Solution

by:
graye earned 100 total points
ID: 9838273
That's ok... the ADSI interface works with standalone servers, mixed domains, and WinNT servers.

As you can imagine, some of the objects in the ADSI interface won't work without Active Directory (but the majority of 'em will)

Here is a simple vb script that uses ADSI to gather that kind of info (and we're not using Active Directory either).  You might find it useful as an example:

dim fso, fso_log
dim DOMAIN, DPW, Accts, acct, first, grp, junk, expired, num
dim DC_LIST, DC, temp, last, dc_acct

DOMAIN = "Domain"
OUTPUT_FILE = "c:\temp_Accts.csv"
DC_LIST = array("DC1", "DC2", "DC3")

' create a log file
set fso = createobject("scripting.filesystemobject")
set fs_log = fso.CreateTextFile(OUTPUT_FILE, true)
fs_log.writeline("Name,Full_Name,Description,Login_Script,Acct_Disabled,Password_Reset,Password_Expires,Last_Login,Groups")

' let's get cranking      
num = 0
Set Accts = GetObject("WinNT://" & DOMAIN)
Accts.Filter = Array("User")

for each acct in Accts
            num = num +1
            fs_log.write(chr(34) & acct.name & chr(34) & ",")
            fs_log.write(chr(34) & acct.fullname & chr(34) & ",")
            fs_log.write(chr(34) & acct.Description & chr(34) & ",")
            fs_log.write(chr(34) & acct.LoginScript & chr(34) & ",")
            fs_log.write(acct.AccountDisabled & ",")
            if acct.passwordExpired > 0 then
                  fs_log.write("True,")
            else
                  fs_log.write("False,")
            end if                  
            fs_log.write(acct.PasswordExpirationDate & ",")
                        
            ' cycle thru each Domain Controller to find lasted LastLogin value
            last = cdate("01/01/1980")
            for each DC in DC_LIST
                  set dc_acct = getobject("WinNT://" & DC & "/" & acct.name & ",user")
                  temp = cdate("01/01/1980")
                  on error resume next
                  temp = dc_acct.lastlogin
                  on error goto 0
                  if datediff("d", last, temp) > 0 then
                        last = temp
                  end if
            next
            fs_log.write(last & ",")
            
            ' get the group membership list
            fs_log.write(chr(34))
            first = true
            for each grp in acct.groups
                  if first = false then
                        fs_log.write(", ")
                  end if
                  first = false
                  fs_log.write(grp.name)
            next
            fs_log.writeline(chr(34))
      'end if
next

fs_log.close
msgbox "Wrote " & num & " entries to " & OUTPUT_FILE, 64, "Done!"
0
 

Author Comment

by:philjh
ID: 10164048
Sorry for the delay - got side-tracked.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have ever used Microsoft Word then you know that it has a good spell checker and it may have occurred to you that the ability to check spelling might be a nice piece of functionality to add to certain applications of yours. Well the code that…
Most everyone who has done any programming in VB6 knows that you can do something in code like Debug.Print MyVar and that when the program runs from the IDE, the value of MyVar will be displayed in the Immediate Window. Less well known is Debug.Asse…
Get people started with the process of using Access VBA to control Excel using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Excel. Using automation, an Access application can laun…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now