Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 775
  • Last Modified:

Read/Write SAM Database

How do I access information in the SAM database in NT4 Server?
API or Object interface?
Pointers to sample code or articles on this subject would be much apprieciated.
0
philjh
Asked:
philjh
  • 3
  • 2
1 Solution
 
grayeCommented:
Microsoft considers the SAM to be a "black box".  It is therefore NOT documented.  There are lots of higher-level access methods (ADSI for example)

What are you trying to do?
0
 
philjhAuthor Commented:
I'm trying to read nt group and user information. I may also need to programmatically create user accounts.
0
 
philjhAuthor Commented:
I'd also like to mention that we are not using Active Directory Services.
0
 
grayeCommented:
That's ok... the ADSI interface works with standalone servers, mixed domains, and WinNT servers.

As you can imagine, some of the objects in the ADSI interface won't work without Active Directory (but the majority of 'em will)

Here is a simple vb script that uses ADSI to gather that kind of info (and we're not using Active Directory either).  You might find it useful as an example:

dim fso, fso_log
dim DOMAIN, DPW, Accts, acct, first, grp, junk, expired, num
dim DC_LIST, DC, temp, last, dc_acct

DOMAIN = "Domain"
OUTPUT_FILE = "c:\temp_Accts.csv"
DC_LIST = array("DC1", "DC2", "DC3")

' create a log file
set fso = createobject("scripting.filesystemobject")
set fs_log = fso.CreateTextFile(OUTPUT_FILE, true)
fs_log.writeline("Name,Full_Name,Description,Login_Script,Acct_Disabled,Password_Reset,Password_Expires,Last_Login,Groups")

' let's get cranking      
num = 0
Set Accts = GetObject("WinNT://" & DOMAIN)
Accts.Filter = Array("User")

for each acct in Accts
            num = num +1
            fs_log.write(chr(34) & acct.name & chr(34) & ",")
            fs_log.write(chr(34) & acct.fullname & chr(34) & ",")
            fs_log.write(chr(34) & acct.Description & chr(34) & ",")
            fs_log.write(chr(34) & acct.LoginScript & chr(34) & ",")
            fs_log.write(acct.AccountDisabled & ",")
            if acct.passwordExpired > 0 then
                  fs_log.write("True,")
            else
                  fs_log.write("False,")
            end if                  
            fs_log.write(acct.PasswordExpirationDate & ",")
                        
            ' cycle thru each Domain Controller to find lasted LastLogin value
            last = cdate("01/01/1980")
            for each DC in DC_LIST
                  set dc_acct = getobject("WinNT://" & DC & "/" & acct.name & ",user")
                  temp = cdate("01/01/1980")
                  on error resume next
                  temp = dc_acct.lastlogin
                  on error goto 0
                  if datediff("d", last, temp) > 0 then
                        last = temp
                  end if
            next
            fs_log.write(last & ",")
            
            ' get the group membership list
            fs_log.write(chr(34))
            first = true
            for each grp in acct.groups
                  if first = false then
                        fs_log.write(", ")
                  end if
                  first = false
                  fs_log.write(grp.name)
            next
            fs_log.writeline(chr(34))
      'end if
next

fs_log.close
msgbox "Wrote " & num & " entries to " & OUTPUT_FILE, 64, "Done!"
0
 
philjhAuthor Commented:
Sorry for the delay - got side-tracked.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now