Windows“真实"列表使用 Win32 API 的用户 [英] List of Windows "real" users using Win32 API
问题描述
我正在尝试获取本地计算机上真实用户的列表.真正的我的意思是用户可以物理登录系统并使用它的,不包括仅远程帐户等.
I'm trying to get a list of the real users on the local machine. By real I mean the users that can physically logon to the system and use it, excluding remote only accounts and the like.
这就是我已经在做的.
使用
FILTER_NORMAL_ACCOUNT调用NetUserEnum().
我得到以下用户:
- __ vmware_user __
- 管理员
- 帮助助理
- ASPNET
- 客人
- SUPPORT_xxxxxx
请注意,这与我从命令行调用 net user 时获得的用户相同,但在登录对话框中我只能选择管理员.这就是我想要的.
Note that this are the same users that I get when calling net user from the command line, but in the logon dialog I can only select Administrator. This is what I want.
从 NetUserEnum() 上的返回列表,我可以知道哪些帐户被禁用.那就离开了:
From the return list on NetUserEnum(), I can tell which accounts are disabled. That leaves:
- __ vmware_user __
- 管理员
- ASPNET
- SUPPORT_xxxxxx
然后我运行 LsaEnumerateAccountRights() 来检查哪些帐户具有 SeInteractiveLogonRight.
Then I run LsaEnumerateAccountRights() to check which accounts have the SeInteractiveLogonRight.
他们都有.除了真正的管理员,管理员.其中一些具有 SeDenyInteractiveLogonRight.这给我留下了:
All of them have it. Except the real one, Administrator. Some of them have SeDenyInteractiveLogonRight. That leaves me with:
- __ vmware_user __
- 管理员(无 SeInteractiveLogonRight)
我发现我应该先检查组权限,因为我的用户帐户可能继承了 SeInteractiveLogonRight.到目前为止,我还没有找到列出给定帐户(SID 或名称)的组的方法.用 NetUserGetGroups() 尝试过,但事实证明这个只返回域组(在我的例子中,无").
I found somewhere that maybe I should be checking group permissions first, as my user account might be inheriting SeInteractiveLogonRight. So far, I haven't found a way to list the groups for a given account (SID or name). Tried with NetUserGetGroups() but it turns out that this one only returns domain groups (in my case, "None").
现在我不知道还能尝试什么.如果我有一个访问令牌",看起来一切都会变得更容易,但除了当前登录的用户之外,似乎没有其他方法可以获取它.大约有 20 个不同的 API 与身份验证相关,这太疯狂了.
Right now I don't know what else to try. Looks like everything will be easier if I had an 'Access Token' but there seems to be no way of getting that for a user other than the currently logged on. There are like 20 different APIs related to authentication and this is crazy.
感谢您的帮助
推荐答案
正如你所说,最后一步可能只是过滤属于管理员或用户组的用户.
As you said, the last step probably is just filter the users which belong to Administrators or Users group.
试试方法 NetUserGetLocalGroups 用于枚举用户所属的组.
Try the method NetUserGetLocalGroups for enumerating the groups an user belongs to.
这篇关于Windows“真实"列表使用 Win32 API 的用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
