Monday, June 25, 2007

User Management through Win32 call

Check out the JCL (JediVCL) it has a routine from lanmanager(JcLanMan.pas)

function CreateAccount(const Server, Username, Fullname, Password,
Homedir, Script: string; const PasswordNeverExpires: Boolean):
wServer, wUsername, wFullname,
wPassword, wDescription, wHomedir, wScript: WideString;
Details: USER_INFO_2;
ParmErr: DWORD;
wServer := Server;
wUsername := Username;
wFullname := Fullname;
wPassword := Password;
wDescription := Description;
wScript := Script;
wHomedir := Homedir;

FillChar (Details, SizeOf(Details), 0);
with Details do
usri2_name := PWideChar(wUsername);
usri2_full_name := PWideChar(wFullname);
usri2_password := PWideChar(wPassword);
usri2_comment := PWideChar(wDescription);
usri2_priv := USER_PRIV_USER;
usri2_flags := UF_SCRIPT;
if PassWordNeverExpires then
usri2_flags := usri2_flags or UF_DONT_EXPIRE_PASSWD;
usri2_script_path := PWideChar(wScript);
usri2_home_dir := PWideChar(wHomedir);
usri2_acct_expires := TIMEQ_FOREVER;

Err := NetUserAdd(PWideChar(wServer), 2, @Details, @ParmErr);
Result := (Err = NERR_SUCCESS);

C:\>cacls /?
Displays or modifies access control lists (ACLs) of files

CACLS filename [/T] [/E] [/C] [/G user:perm] [/R user [...]]
[/P user:perm [...]] [/D user [...]]
filename Displays ACLs.
/T Changes ACLs of specified files in
the current directory and all subdirectories.
/E Edit ACL instead of replacing it.
/C Continue on access denied errors.
/G user:perm Grant specified user access rights.
Perm can be: R Read
C Change (write)
F Full control
/R user Revoke specified user's access rights (only valid with /E).
/P user:perm Replace specified user's access rights.
Perm can be: N None
R Read
C Change (write)
F Full control
/D user Deny specified user access.
Wildcards can be used to specify more that one file in a command.
You can specify more than one user in a command.

No comments: