#pragma comment(lib,"ActiveDS")
#pragma comment(lib,"adsiid")
int wmain(int argc, wchar_t *argv[])
{
LPUSER_INFO_0 pBuf = NULL;
LPUSER_INFO_0 pTmpBuf;
DWORD dwLevel = 0;
DWORD dwPrefMaxLen = MAX_PREFERRED_LENGTH;
DWORD dwEntriesRead = 0;
DWORD dwTotalEntries = 0;
DWORD dwResumeHandle = 0;
DWORD i;
DWORD dwTotalCount = 0;
NET_API_STATUS nStatus;
LPWSTR pszServerName = NULL;
if (argc > 2)
{
fwprintf(stderr, L"Usage: %s [////ServerName]/n", argv[0]);
return 0;
}
// The server is not the default local computer.
//
if (argc == 2)
pszServerName = argv[1];
wprintf(L"/nUser account on %s: /n", pszServerName);
// 获取关机权限
// HANDLE hToken;
// TOKEN_PRIVILEGES tkp;
// //得到当前进程的令牌
// OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES and TOKEN_QUERY,&hToken);
// //得到关机特权的Luid
// LookupPrivilegeValue(NULL,TEXT("SeShutdownPrivilege"),&tkp.Privileges[0].Luid);
// //指定一次设置的特权属性的个数
// tkp.PrivilegeCount=1;
// //虽然用户可能有关机特权,但其状态缺省是disable的
// tkp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
// AdjustTokenPrivileges(hToken,FALSE,&tkp,0,(PTOKEN_PRIVILEGES)NULL,0);
// 一下DEMO用于验证登陆机制
/* begin
// 域用户根据用户名密码登陆,获取 SE_TCB_NAME权限
HANDLE hdlTokenHandle ;
TOKEN_PRIVILEGES tkp;
HANDLE user;
OpenProcessToken( GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hdlTokenHandle);
LookupPrivilegeValue(NULL, SE_TCB_NAME, &tkp.Privileges[0].Luid);
tkp.PrivilegeCount=1;
tkp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
if(AdjustTokenPrivileges(hdlTokenHandle, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES)NULL, 0))
{
}
//wchar_t USER[256] = L"";
//wchar_t PASS[256] = L"";
LPCSTR USER("");
LPCSTR PASS("");
if (LogonUser( (LPSTR)USER,("a.com.cn"),(LPSTR)PASS,LOGON32_LOGON_INTERACTIVE,LOGON32_PROVIDER_DEFAULT,&user))
{
printf("good");
}
else
{
printf("error");
}
*/ // end
// GET DC NAME
LPBYTE bufptr = (LPBYTE)malloc(100*sizeof(WCHAR));
NET_API_STATUS rt = NetGetDCName(NULL, pszServerName, &bufptr);
int n = GetLastError();
if(rt==NERR_Success)
{
wchar_t cc[512] ;
swprintf((wchar_t *)cc, (L"/thell dc name ---- %s/n"), bufptr);
OutputDebugStringW(cc);
}
else if(rt==NERR_DCNotFound)
{
}
else if(rt==ERROR_INVALID_NAME)
{
}
do // begin do
{
nStatus = NetUserEnum(pszServerName,
dwLevel,
FILTER_NORMAL_ACCOUNT, // global users
(LPBYTE*)&pBuf,
dwPrefMaxLen,
&dwEntriesRead,
&dwTotalEntries,
&dwResumeHandle);
//
// If the call succeeds,
//
if ((nStatus == NERR_Success) || (nStatus == ERROR_MORE_DATA))
{
if ((pTmpBuf = pBuf) != NULL)
{
//
// Loop through the entries.
//
for (i = 0; (i < dwEntriesRead); i++)
{
assert(pTmpBuf != NULL);
if (pTmpBuf == NULL)
{
fprintf(stderr, "An access violation has occurred/n");
break;
}
//
// Print the name of the user account.
//
wprintf(L"/t-- %s/n", pTmpBuf->usri0_name);
wchar_t cc[512] ;
swprintf((wchar_t *)cc, (L"/thell ---- %s/n"), pTmpBuf->usri0_name);
OutputDebugStringW(cc);
pTmpBuf++;
dwTotalCount++;
}
}
}
//
// Otherwise, print the system error.
//
else
fprintf(stderr, "A system error has occurred: %d/n", nStatus);
//
// Free the allocated buffer.
//
if (pBuf != NULL)
{
NetApiBufferFree(pBuf);
pBuf = NULL;
}
}
// Continue to call NetUserEnum while
// there are more entries.
//
while (nStatus == ERROR_MORE_DATA); // end do
//
// Check again for allocated memory.
//
if (pBuf != NULL)
NetApiBufferFree(pBuf);
//
// Print the final count of users enumerated.
//
fprintf(stderr, "/nTotal of %d entries enumerated/n", dwTotalCount);
getchar();
return 0;
}