public static void UpdateLocalUser(string username, WindowsUser user, params string[] groups)
{
Debug.Assert(user.IsLocal && !string.IsNullOrEmpty(user.Name));
int ret = 0;
// rename
if (!string.Equals(username, user.Name, StringComparison.OrdinalIgnoreCase))
{
ret = netapi.NetUserSetInfo(null, username, 0, ref user.Name, 0);
if (ret != 0)
{
throw new Win32Exception(ret);
}
}
// attributes
USER_INFO_4 u = new USER_INFO_4();
{
IntPtr pu = new IntPtr();
ret = netapi.NetUserGetInfo(null, user.Name, 4, out pu);
if (ret != 0)
{
throw new Win32Exception(ret);
}
Marshal.PtrToStructure(pu, u);
netapi.NetApiBufferFree(pu);
}
if (!string.IsNullOrEmpty(user.Password))
{
u.password = user.Password;
u.password_expired = user.PwdExpired;
}
u.full_name = user.FullName;
u.comment = user.Comment;
u.acct_expires = user.ExpireTime.HasValue ? (int)user.ExpireTime.Value.Subtract(util.TIME_MIN).TotalSeconds : util.TIMEQ_FOREVER;
ret = netapi.NetUserSetInfo(null, user.Name, 4, u, 0);
if (ret != 0)
{
throw new Win32Exception(ret);
}
// groups
if (groups != null)
{
Array.ForEach <string>(groups, g => netapi.NetLocalGroupAddMembers(null, g, 3, ref user.Name, 1));
}
}
public static WindowsUser TryGetLocalUser(string username)
{
USER_INFO_4 u = new USER_INFO_4();
{
IntPtr pu = new IntPtr();
int ret = netapi.NetUserGetInfo(null, username, 4, out pu);
if (ret != 0)
{
return(null);
}
Marshal.PtrToStructure(pu, u);
netapi.NetApiBufferFree(pu);
}
return(new WindowsUser()
{
Name = u.name,
FullName = u.full_name,
Comment = u.comment,
PwdExpired = u.password_expired,
ExpireTime = (u.acct_expires == util.TIMEQ_FOREVER) ? (DateTime?)null : util.TIME_MIN.AddSeconds(u.acct_expires)
});
}
public static void SetUserLogonHours(string username, byte[] bsHours)
{
Debug.Assert(bsHours.Length == 21);
int ret = 0;
USER_INFO_4 u = new USER_INFO_4();
{
IntPtr pu = new IntPtr();
ret = netapi.NetUserGetInfo(null, username, 4, out pu);
if (ret != 0)
{
throw new Win32Exception(ret);
}
Marshal.PtrToStructure(pu, u);
netapi.NetApiBufferFree(pu);
}
Marshal.Copy(bsHours, 0, u.logon_hours, 21);
ret = netapi.NetUserSetInfo(null, username, 4, u, 0);
if (ret != 0)
{
throw new Win32Exception(ret);
}
}
/// <summary>
/// retrieve an user documents folder; also validates the user credentials to prevent unauthorized access to this folder
/// </summary>
/// <param name="domain"></param>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns>home directory</returns>
public static string GetUserDocumentsFolder(
string domain,
string userName,
string password)
{
var token = IntPtr.Zero;
try
{
// logon the user, domain (if defined) or local otherwise
// myrtille must be running on a machine which is part of the domain for it to work
if (LogonUser(userName, string.IsNullOrEmpty(domain) ? Environment.MachineName : domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
string serverName = null;
if (!string.IsNullOrEmpty(domain))
{
var context = new DirectoryContext(DirectoryContextType.Domain, domain, userName, password);
var controller = Domain.GetDomain(context).FindDomainController();
serverName = controller.Name;
}
IntPtr bufPtr;
if (NetUserGetInfo(serverName, userName, 4, out bufPtr) == NET_API_STATUS.NERR_Success)
{
var userInfo = new USER_INFO_4();
userInfo = (USER_INFO_4)Marshal.PtrToStructure(bufPtr, typeof(USER_INFO_4));
var profileInfo = new ProfileInfo
{
dwSize = Marshal.SizeOf(typeof(ProfileInfo)),
dwFlags = (int)ProfileInfoFlags.PI_NOUI,
lpServerName = string.IsNullOrEmpty(domain) ? Environment.MachineName : serverName.Split(new[] { "." }, StringSplitOptions.None)[0],
lpUserName = string.IsNullOrEmpty(domain) ? userName : string.Format(@"{0}\{1}", domain, userName),
lpProfilePath = userInfo.usri4_profile
};
// load the user profile (roaming if a domain is defined, local otherwise), in order to have it mounted into the registry hive (HKEY_CURRENT_USER)
// the user must have logged on at least once for windows to create its profile (this is forcibly done as myrtille requires an active remote session for the user to enable file transfer)
if (LoadUserProfile(token, ref profileInfo))
{
if (profileInfo.hProfile != IntPtr.Zero)
{
try
{
// retrieve the user documents folder path, possibly redirected by a GPO to a network share (read/write accessible to domain users)
// ensure the user doesn't have exclusive rights on it (otherwise myrtille won't be able to access it)
IntPtr outPath;
var result = SHGetKnownFolderPath(KNOWNFOLDER_GUID_DOCUMENTS, (uint)KnownFolderFlags.DontVerify, token, out outPath);
if (result == 0)
{
return(Marshal.PtrToStringUni(outPath));
}
}
finally
{
UnloadUserProfile(token, profileInfo.hProfile);
}
}
}
}
}
throw new Win32Exception(Marshal.GetLastWin32Error());
}
catch (Exception exc)
{
Trace.TraceError("Failed to retrieve user {0} documents folder ({1})", userName, exc);
throw;
}
finally
{
if (token != IntPtr.Zero)
{
CloseHandle(token);
}
}
}
public static extern int NetUserSetInfo(string servername, string username, int level, USER_INFO_4 user_info_4, int error);
