|
|
|
|
|
|
|
|
|
|
|
 |
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Visual Basic Network Services LookupAccountName: Verify a User's Account |
||
| Posted: | Monday January 21, 2002 | |
| Updated: | Monday December 26, 2011 | |
| Applies to: | VB4-32, VB5, VB6 | |
| Developed with: | VB6, Windows XP | |
| OS restrictions: | Windows NT3.1, Windows NT4, Windows 2000, Windows XP | |
| Author: | VBnet - Randy Birch | |
|
Related: |
InitializeSecurityContext: Authenticate User via the NT Challenge Process IsUserAnAdmin: Determine if the Current User is an Administrator LookupAccountSid: Determine if the Current Process is Running Under Admin Account OpenUserBrowser: Add Selection of Users and Groups |
|
| Prerequisites |
| One of the operating systems listed under OS Restrictions above. |
|
|
 The LookupAccountName function accepts the name of a system and user account as input. It retrieves a security identifier (SID) for the account and the name of the domain on which the account was found. The SID is a structure of variable length that uniquely identifies a user or group on all Windows NT implementations. This makes the method below equally suitable to determine whether a specific group exists by specifying a group name in place of a user name. Note that the method does not validate that a specific user is part of a specific group. |
| BAS Module Code |
| None. |
|
|
| Form Code |
|
| To a form add a command button (Command1), a text box (Text1), and two labels (Label1, Label2) for the status and domain return values. Other labels are optional. Add the following to the form: |
|
|
Option Explicit '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' Copyright ©1996-2011 VBnet/Randy Birch, All Rights Reserved. ' Some pages may also contain other copyrights by the author. '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' Distribution: You can freely use this code in your own ' applications, but you may not reproduce ' or publish this code on any web site, ' online service, or distribute as source ' on any media without express permission. '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' Option Explicit
Private Declare Function LookupAccountName Lib "advapi32" _
Alias "LookupAccountNameA" _
(ByVal lpSystemName As String, _
ByVal lpAccountName As String, _
Sid As Byte, _
cbSid As Long, _
ByVal DomainName As String, _
cbDomainName As Long, _
peUse As Long) As Long
Private Sub Command1_Click()
Dim sAccount As String 'account name of interest
Dim sSystem As String 'specifying the system
Dim sDomain As String 'domain validating user
Dim sValid As String
'The account name is a null-terminated
'string specifying the account name of
'interest.
sAccount = Text1.Text
'The system name is a null-terminated
'string specifying the system - this
'string can be the name of a remote computer.
'If this string is null, the account name
'is looked up on the local system.
sSystem = ""
'The domain name is a buffer where the
'call returns the name of the domain where
'the account name is found. It is not for
'specifying the domain that you want the
'lookup made on. If this parameter is passed,
'the function returns the required buffer size.
sDomain = ""
Label1.Caption = "working ..."
Label1.Refresh
Select Case ValidateUser(sAccount, sDomain, sSystem)
Case True: sValid = "User has been validated."
Case False: sValid = "User not found."
End Select
Label1.Caption = sValid
Label2.Caption = sDomain
End Sub
Public Function ValidateUser(ByRef sAccountName As String, _
Optional ByRef sDomainName As String, _
Optional ByVal sSystemName As String) As Boolean
Dim success As Long
Dim cbSid As Long
Dim cbDomainName As Long
Dim peUse As Long
Dim bSID() As Byte
sDomainName = vbNullString
cbDomainName = 0
If Len(sSystemName) = 0 Then
'If the system name (machine name)
'not specified, pass a null string
'to have the account lookup on
'the local machine
sSystemName = vbNullString
End If
'First call passes null as the SID.
'The call returns a success of 0 and
'the required buffer size in cbSid.
'In addition, because sDomainName is
'passed as null, cbDomainName returns
'the required buffer size for the lookup
'domain.
success = LookupAccountName(sSystemName, _
sAccountName, _
0&, _
cbSid, _
sDomainName, _
cbDomainName, _
peUse)
'prevent errors
If (success = 0) And (cbSid > 0) Then
'Prepare a buffer into which
'the domain where the account
'name is found will be returned
sDomainName = Space$(cbDomainName)
'create a buffer for the SID and
'call again.
ReDim bSID(0 To cbSid - 1)
'The function attempts to find a SID
'for the specified name by first
'checking a list of well-known SIDs.
'If the name does not correspond to a
'well-known SID, the function checks
'built-in and administratively-defined
'local accounts. Next, the function
'checks the primary domain. If the name
'is not found there, trusted domains
'are checked.
'On Windows 2000/XP, in addition to
'lookup local accounts, local domain
'accounts, and explicitly trusted
'domain accounts, LookupAccountName
'can look up the name for any account
'in any domain in the Windows 2000 forest.
'
'The further 'out' the search has to go,
'the longer it will take to return.
'
'peUse returns a pointer to a SID_NAME_USE
'enumerated type indicating the type of
'the account when the function returns.
'
'A (SID) is a value that uniquely identifies
'a user or group on all Windows NT implementations.
success = LookupAccountName(sSystemName, _
sAccountName, _
bSID(0), _
cbSid, _
sDomainName, _
cbDomainName, _
peUse)
If success > 0 Then
'obtain the domain name
'returned
If cbDomainName > 0 Then
sDomainName = Left$(sDomainName, cbDomainName)
End If
End If
End If
'the call succeeded if success is greater than 0
ValidateUser = success
End Function |
| Comments |
|
|
|
|
|
|||||
|
|||||
|
|
|||||
|
Copyright ©1996-2011 VBnet and Randy Birch. All Rights Reserved. |
 |
