Getting the list of users in a host. Followup to a previous quest
From: Sudhakar Govindavajhala (sudhakarg79_re_move_me_at_hotmail.com)
Date: 05/18/05
- Previous message: Nick: "Dialog in Gina"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 17 May 2005 18:09:36 -0700
Hi there,
[ I asked a related question in March. Thanks to OShah and Raghu Malpani
for posting their thoughts.
http://msdn.microsoft.com/newsgroups/default.aspx?dg=microsoft.public.platformsdk.security&tid=20aa3f28-a8a4-4c6c-94fb-542db5342eab&cat=en-us-msdn-windev-winsdk&lang=en&cr=US&sloc=en-us&m=1&p=1]
Now, I have a followup question. Given a user, I know how to get the
groups to which a user belongs. I am trying to generate a list of local
users on my host. (No active directory.) Can someone tell me how to do it?
A solution I am able to think of is to use LsaEnumerateAccountsWithUserRight
and see who has SE_INTERACTIVE_LOGON_NAME and SE_NETWORK_LOGON_NAME rights.
Can someone tell me a better way to do it? Is there an enumerate API that
will list all the SIDs that are mentioned in the LSA?
Another thing I want to do is to get an idea of what the process token looks
like after the user logs in. Is there a way I can do this easily? Can
someone tell me the detailed steps involved in logging in a user. After the
GINA/LSA authenticates the user, how does one go about constructing the
process token for the first process? (explorer.exe??) Given a process
token, my program knows if the process can access resource X. Now I am
trying to see if a user Y who logs in has access to resource X.
Thanks for being patient with my questions. I am newbie trying to become an
expert on these stuff.
regards,
Sudhakar
- Previous message: Nick: "Dialog in Gina"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
