Visual Basic Network Services
LookupAccountName: Verify a User's Account
     
Posted:   Monday January 21, 2002
Updated:   Monday December 26, 2011
     
Applies to:   VB4-32, VB5, VB6
Developed with:   VB6, Windows XP
OS restrictions:   Windows NT3.1, Windows NT4, Windows 2000, Windows XP
Author:   VBnet - Randy Birch
     

Related:  

InitializeSecurityContext: Authenticate User via the NT Challenge Process
IsUserAnAdmin: Determine if the Current User is an Administrator
LookupAccountSid: Determine if the Current Process is Running Under Admin Account
OpenUserBrowser: Add Selection of Users and Groups
     
 Prerequisites
One of the operating systems listed under OS Restrictions above.

The LookupAccountName function accepts the name of a system and user account as input. It retrieves a security identifier (SID) for the account and the name of the domain on which the account was found.

The SID is a structure of variable length that uniquely identifies a user or group on all Windows NT implementations. This makes the method below equally suitable to determine whether a specific group exists by specifying a group name in place of a user name.  Note that the method does not validate that a specific user is part of a specific group. 

 BAS Module Code
None.

 Form Code
To a form add a command button (Command1), a text box (Text1), and two labels (Label1, Label2) for the status and domain return values. Other labels are optional. Add the following to the form:

Option Explicit
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Copyright 1996-2011 VBnet/Randy Birch, All Rights Reserved.
' Some pages may also contain other copyrights by the author.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Distribution: You can freely use this code in your own
'               applications, but you may not reproduce 
'               or publish this code on any web site,
'               online service, or distribute as source 
'               on any media without express permission.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Option Explicit

Private Declare Function LookupAccountName Lib "advapi32" _
   Alias "LookupAccountNameA" _
  (ByVal lpSystemName As String, _
   ByVal lpAccountName As String, _
   Sid As Byte, _
   cbSid As Long, _
   ByVal DomainName As String, _
   cbDomainName As Long, _
   peUse As Long) As Long


Private Sub Command1_Click()

   Dim sAccount As String  'account name of interest
   Dim sSystem As String   'specifying the system
   Dim sDomain As String   'domain validating user
   Dim sValid As String
   
  'The account name is a null-terminated
  'string specifying the account name of
  'interest.
   sAccount = Text1.Text
     
  'The system name is a null-terminated
  'string specifying the system - this
  'string can be the name of a remote computer.
  'If this string is null, the account name
  'is looked up on the local system.
   sSystem = ""
   
  'The domain name is a buffer where the
  'call returns the name of the domain where
  'the account name is found. It is not for
  'specifying the domain that you want the
  'lookup made on. If this parameter is passed,
  'the function returns the required buffer size.
   sDomain = ""
   
   Label1.Caption = "working ..."
   Label1.Refresh
   
   Select Case ValidateUser(sAccount, sDomain, sSystem)
      Case True:  sValid = "User has been validated."
      Case False: sValid = "User not found."
   End Select

   Label1.Caption = sValid
   Label2.Caption = sDomain
   
End Sub


Public Function ValidateUser(ByRef sAccountName As String, _
                             Optional ByRef sDomainName As String, _
                             Optional ByVal sSystemName As String) As Boolean


   Dim success As Long
   Dim cbSid As Long
   Dim cbDomainName As Long
   Dim peUse As Long
   Dim bSID() As Byte

   sDomainName = vbNullString
   cbDomainName = 0
   
   If Len(sSystemName) = 0 Then
   
     'If the system name (machine name)
     'not specified, pass a null string
     'to have the account lookup on
     'the local machine
      sSystemName = vbNullString

   End If
   
  'First call passes null as the SID.
  'The call returns a success of 0 and
  'the required buffer size in cbSid.
  'In addition, because sDomainName is
  'passed as null, cbDomainName returns
  'the required buffer size for the lookup
  'domain.
   success = LookupAccountName(sSystemName, _
                           sAccountName, _
                           0&, _
                           cbSid, _
                           sDomainName, _
                           cbDomainName, _
                           peUse)
                        
  'prevent errors
   If (success = 0) And (cbSid > 0) Then
   
     'Prepare a buffer into which
     'the domain where the account
     'name is found will be returned
      sDomainName = Space$(cbDomainName)
            
     'create a buffer for the SID and
     'call again.
      ReDim bSID(0 To cbSid - 1)

     'The function attempts to find a SID
     'for the specified name by first
     'checking a list of well-known SIDs.
     'If the name does not correspond to a
     'well-known SID, the function checks
     'built-in and administratively-defined
     'local accounts. Next, the function
     'checks the primary domain. If the name
     'is not found there, trusted domains
     'are checked.
     'On Windows 2000/XP, in addition to
     'lookup local accounts, local domain
     'accounts, and explicitly trusted
     'domain accounts, LookupAccountName
     'can look up the name for any account
     'in any domain in the Windows 2000 forest.
     '
     'The further 'out' the search has to go,
     'the longer it will take to return.
     '
     'peUse returns a pointer to a SID_NAME_USE
     'enumerated type indicating the type of
     'the account when the function returns.
     '
     'A (SID) is a value that uniquely identifies
     'a user or group on all Windows NT implementations.
      success = LookupAccountName(sSystemName, _
                                  sAccountName, _
                                  bSID(0), _
                                  cbSid, _
                                  sDomainName, _
                                  cbDomainName, _
                                  peUse)
      If success > 0 Then
      
        'obtain the domain name
        'returned
         If cbDomainName > 0 Then
            sDomainName = Left$(sDomainName, cbDomainName)
         End If
         
      End If
      
   End If
      
  'the call succeeded if success is greater than 0
   ValidateUser = success
   
End Function
 Comments

 
 

PayPal Link
Make payments with PayPal - it's fast, free and secure!

 
 
 
 

Copyright 1996-2011 VBnet and Randy Birch. All Rights Reserved.
Terms of Use  |  Your Privacy

 

Hit Counter