Setting domain user account for: User cannot change the password and password never expires
Compiler: Visual C++ Express Edition 2005
Compiled on Platform: Windows 2003 Server (standard Edition)
Target platform: none, just for learning and fun
Header file: Standard and Windows
Additional library: Windows Platform SDK
Additional project setting: Set project to be compiled as C
Project -> your_project_name Properties -> Configuration Properties -> C/C++ -> Advanced -> Compiled As: Compiled as C Code (/TC)
Other info: non-CLR or unmanaged. Need to add netapi32.lib (netapi32.dll) to the project. Click the Project menu->Select the your_project_name Properties... sub menu->Expand the Configuration Properties folder on the left pane->Expand the Linker subfolder->Select the Input subfolder->Select the Additional Dependencies field on the right pane->Click the ... at the end of the field->Type in 'netapi32.lib' in the empty pane->Click the OK button->Click the OK button second time to close the project Properties dialog.
To do: Setting domain user account so that the user cannot change the password and password never expires
To show: Various domain user and group management C functions
//******** cplus.cpp *******
// Tested at the domain server.
// For Win 2003 as a target, change as needed
#define _WIN32_WINNT 0x0502
// Wide character/Unicode based program
#ifndef UNICODE
#define UNICODE
#endif
#include <windows.h>
#include <stdio.h>
#include <lm.h>
// This program accept 2 arguments, a servername and a username
int wmain(int argc, wchar_t *argv[])
{
DWORD dwLevel = 1008;
USER_INFO_1008 ui;
NET_API_STATUS nStatus;
// If not enough arguments supplied.
if(argc != 3)
{
fwprintf(stderr, L"Usage: %s ServerName UserName\n", argv[0]);
fwprintf(stderr, L"Example: %s mypersonal test1\n", argv[0]);
// Just exit, no further processing.
exit(1);
}
// Fill in the USER_INFO_1008 structure member.
// UF_SCRIPT: required for LAN Manager 2.0 and Windows NT and later.
ui.usri1008_flags = (UF_SCRIPT | UF_PASSWD_CANT_CHANGE | UF_DONT_EXPIRE_PASSWD);
// Call the NetUserSetInfo() function to set Password never expires and User cannot change password.
nStatus = NetUserSetInfo(argv[1],
argv[2],
dwLevel,
(LPBYTE)&ui,
NULL);
// Display the result of the call.
if(nStatus == NERR_Success)
{
fwprintf(stderr, L"%s user account has been set for:\n", argv[2]);
fwprintf(stderr, L"-- Password never expires.\n");
fwprintf(stderr, L"-- User cannot change password.\n");
}
else
fprintf(stderr, "A system error has occurred: %d\n", nStatus);
return 0;
}
Output example:
(This program run at the command prompt)
F:\vc2005project\cplus\debug>cplus
Usage: cplus ServerName UserName
Example: cplus mypersonal test1
F:\vc2005project\cplus\debug>cplus mail test1
test1 user account has been set for:
-- Password never expires.
-- User cannot change password.
F:\vc2005project\cplus\debug>cplus mail modadmin
modadmin user account has been set for:
-- Password never expires.
-- User cannot change password.
F:\vc2005project\cplus\debug>
Note: The program was run on Windows 2003 Server (Standard Edition) member server whereas the Domain Controller is mail (another Windows 2003 Server (Standard Edition) in the domain).