Getting a User's Drive Mappings on a Remote Machine

Posted on 2004-04-22
Last Modified: 2007-12-19
I just finished writing an application that our LAN Managers use to back up certain data and features from a user's machine. It works quite well (many thanks to those here who helped me to recursively search for files), but one feature that the LMs have requested is to grab a users drive mappings and write them out to the log file I'm using.

My first thought was to see if I could use the WNet functions to access a remote machine, but I couldn't find any documentation that would lead me to pursue that approach. I'm already using the registry on the remote machine to provide me with printer information, so that was my next thought for drive mappings. I knew this could be tricky because in the past, I have written services that load a user's profile, but in this case I won't be executing on the remote machine, only accessing it. So, knowing that the drive info is stored within the HKEY_USERS hive I thought I could leverage that. All the subkeys under that are SID's, and I figured that SID would correspond to the SID I could grab from calling LookupAccountName. So, I made the call, converted the SID to a string, but the SID I receive from the conversion does not match any of the SID subkey names under HKEY_USERS.

Does anyone know an easier way to pull a particular users drive mappings, or barring that, what I'm doing wrong?

Below is my function to lookup the SID and convert it to a string. It is incomplete at this point because I wanted to do a proof of concept to be reasonably sure I was getting a SID string I could then pass to RegOpenKey.

BOOL CFileBackupDlg::getMappings(CString strComputer, CString strUser)
      const unsigned int      MAX_NAME = 17;
      char            ch = '\0';
      char            szUser[MAX_PATH];
      char            szDomain[MAX_PATH];
      char            lpBuf[MAX_PATH];
      LPTSTR            strSid;
      BYTE            SidBuffer[1024];
      PSID            psid = (PSID)SidBuffer;
      SID_NAME_USE      sidUse;
      DWORD            cbSidBuff = 1024;
      DWORD            cbDomainName = sizeof (szDomain);

      ch = strUser[0];
      if ((ch == 'b') || (ch == 'B') || (ch == 'd') || (ch == 'D'))
            lstrcpy (szDomain, "bell-atl-n");
      if ((ch == 'v') || (ch == 'V') || (ch == 'z') || (ch == 'Z'))
            lstrcpy (szDomain, "us1");

      lstrcpy (szUser, szDomain);
      lstrcat (szUser, "\\");
      lstrcat (szUser, strUser);

      if (!LookupAccountName (strComputer,
            wsprintf (lpBuf, "SID lookup failed for user: %s in domain: %s\n", strUser, szDomain);
            MessageBox (lpBuf, "Error in LookupAccountName", MB_OK |MB_ICONSTOP);
            return FALSE;
            BOOL bRes = ConvertSidToStringSid (psid, &strSid);
            MessageBox (strSid, "User SID", MB_OK);
            return TRUE;
Question by:jpetter
LVL 86

Expert Comment

ID: 10892151
>>what I'm doing wrong?

The subkeys under HKEY_USERS are only loaded when a user is logged on to that machine, this is the problem.

Author Comment

ID: 10892205
Ah, I thought that HKEY_CURRENT_USER was loaded when a user logged on, and HKEY_USERS stored the hives of other users, but those not logged on.

Man, so does this mean I have to go the LogonUser route and work with that token? I hope not since I would probably need to do it as a service then to ensure I had the necessary credentials.

LVL 86

Expert Comment

ID: 10892237
>>Man, so does this mean I have to go the LogonUser route and work with that token?

How would you do that remotely? The easiest way to collect that information is to grab it via a logon script and sent it to the collecting program.
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

LVL 14

Assisted Solution

wayside earned 150 total points
ID: 10893976
If using WMI is an option, you can use the Win32_LogicalDisk class to get all of the logical drives on a machine, including mapped ones. You can then use the ProviderName field to filter out mapped drives.

WMI is easy from VB, a pain in the a** from C++, though.

Here's a link to a VB script that does this. You can find sample C++ WMI code on CodeGuru.

Author Comment

ID: 10894123

You're right! Duh, I wasn't thinking. Of course LogonUser would not work as it would not be executing on the remote PC. We don't use logon scripts; all the drives are mapped persistently on the user's machine.


Thanks, I may end up checking that out. I've played around a little with WMI using C++ and to me it doesn't flow that well. It worked well with C# and VB, but it seems like the documentation and support for C++ and WMI is lagging far behind.

LVL 86

Accepted Solution

jkr earned 200 total points
ID: 10895361
>>If using WMI is an option

The problem that the user has to be logged on to obtain the file mappings persists, though.

Assisted Solution

rendaduiyan earned 150 total points
ID: 10895467
if you want to print out user information of remote machine, you can use
NetUserEnum, and must handle with wide char.
see MSDN for helps

Author Comment

ID: 10898017

Thanks for the help. However, according to the documentation in the Platform SDK, there is no user info structure that will return the drive mappings, nor does the function return all system users and their data. It only returns information for those users that were created with a call to NetUserAdd. But I appreciate the help.


Good point about the WMI issue. If I was going to be dependant upon the user being logged on, then I could use the registry with relative ease compared to WMI (but then I don't really know WMI).

Since there doesn't seem to be a solution to this, I'll split up the points. If anyone has any ideas though, I would be eager to hear them.


Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is the first in a series of articles about the C/C++ Visual Studio Express debugger.  It provides a quick start guide in using the debugger. Part 2 focuses on additional topics in breakpoints.  Lastly, Part 3 focuses on th…
Many modern programming languages support the concept of a property -- a class member that combines characteristics of both a data member and a method.  These are sometimes called "smart fields" because you can add logic that is applied automaticall…
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question