tags:

views:

82

answers:

1
Q: 

How do you add user account policies programmatically?

I was using the APIs NetUserAdd and NetUserSetGroups to add a user account and associate it with a group to a computer. Not much later I found an example capable of doing the same thing (adding a user, associating him with a group) using System.DirectoryServices namespace and DirectoryEntry object.

Now I need to add policies to that new account and am faced with a similar problem. I can use the LsaOpenPolicy and LsaAddAccountRights APIs to add a policy to and account, but I'd prefer to use .NET objects and methods.

My question, is/are there object methods in the .NET framework to add and/or modify user account policy settings, and if so what are the names of those objects or methods?

Also an example of usage would be appreciated.

Specifically, I am looking to add the "SeServiceLogonRight", otherwise known as the log in as a service right, to a new user account.

A: 

No, I do not believe any of the current .net Assemblies implement those methods. These are the only methods I found in the Fx 2.0, 3.0, and 3.5 assemblies with a DllImportAttribute, and a name /Lsa.+/

[mscorlib] Microsoft.Win32.Win32Native.LsaNtStatusToWinError Microsoft.Win32.Win32Native.LsaDeregisterLogonProcess Microsoft.Win32.Win32Native.LsaClose Microsoft.Win32.Win32Native.LsaFreeReturnBuffer Microsoft.Win32.Win32Native.LsaLookupSids Microsoft.Win32.Win32Native.LsaFreeMemory Microsoft.Win32.Win32Native.LsaLookupNames Microsoft.Win32.Win32Native.LsaOpenPolicy Microsoft.Win32.Win32Native.LsaLogonUser Microsoft.Win32.Win32Native.LsaLookupAuthenticationPackage Microsoft.Win32.Win32Native.LsaRegisterLogonProcess Microsoft.Win32.Win32Native.LsaLookupNames2 Microsoft.Win32.Win32Native.LsaConnectUntrusted
Microsoft.Win32.Win32Native.LsaGetLogonSessionData

That said, someone wrote a managed wrapper on these functions. http://www.hightechtalks.com/csharp/lsa-functions-276626.html

There is also a great article on Codeproject, LSA Functions - Privileges and Impersonation http://www.codeproject.com/KB/cs/lsadotnet.aspx

JJS  2010-04-21 17:07:26

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?