Using WMI to enumerate local user accounts

Le Thanh Cong

Rate me:

3.77/5 (4 votes)

5 May 2006CPOL

46.7K

1.2K

How to use WMI to enumerate local user accounts.

Introduction

Sometimes, you want to get information about user accounts in your computer. This article will help you get that information using WMI.

Supported Platforms

Windows Server 2003	Yes
Windows XP	Yes
Windows 2000	Yes, except for the property `LocalAccount`
Windows NT 4.0	Yes, except for the property `LocalAccount`, and with WMI installed.
Windows 98	Yes, except for the property `LocalAccount`, and with WMI installed

How to use it?

Step 1: Initialize COM:

CoInitialize(NULL);

Step 2: Set COM security levels:

 //Security needs to be initialized in XP first
 // and this was the major problem
 //why it was not working in XP.
 if(CoInitializeSecurity( NULL,
   -1,
   NULL,
   NULL,
   RPC_C_AUTHN_LEVEL_PKT,
   RPC_C_IMP_LEVEL_IMPERSONATE,
   NULL,
   EOAC_NONE,
   0
  ) != S_OK)
  return;

Step 3: Obtain the initial locator to WMI:

 IWbemLocator * pIWbemLocator = NULL;
 IWbemServices * pWbemServices = NULL;
 IEnumWbemClassObject * pEnumObject  = NULL;

 BSTR bstrNamespace = (L"root\\cimv2");


 if(CoCreateInstance (
    CLSID_WbemAdministrativeLocator,
    NULL ,
    CLSCTX_INPROC_SERVER | CLSCTX_LOCAL_SERVER , 
    IID_IUnknown ,
    ( void ** ) & pIWbemLocator
            ) != S_OK)
    return;

Step 4: Connect to WMI through the IWbemLocator::ConnectServer method:

 if(pIWbemLocator->ConnectServer(
     bstrNamespace,  // Namespace
     NULL,          // Userid
     NULL,           // PW
     NULL,           // Locale
     0,              // flags
     NULL,           // Authority
     NULL,           // Context
     &pWbemServices
                ) != S_OK)
    return;

Step 5: Use the IWbemServices pointer to make requests of WMI:

 HRESULT hRes;
 BSTR strQuery = (L"Select * from Win32_UserAccount") + 
                 (L" Where LocalAccount = True");
 BSTR strQL = (L"WQL");
 hRes = pWbemServices->ExecQuery(strQL, strQuery, 
        WBEM_FLAG_RETURN_IMMEDIATELY, NULL, &pEnumObject);
 
 if(hRes != S_OK)
 {
  MessageBox("Could not execute Query");
  return;
 }

Step 6: Get data from the query in step 5.

 ULONG uCount = 1, uReturned;
 IWbemClassObject * pClassObject = NULL;


 hRes = pEnumObject->Reset();

 if(hRes != S_OK)
 {
  MessageBox("Could not Enumerate");
  return;
 }

 int nItemIndex = 0;
 while (1)
 {
  hRes = pEnumObject->Next(WBEM_INFINITE, uCount, 
         &pClassObject, &uReturned);
  if(hRes != S_OK)
  {
   break;
  }

  for (int i = enmAccountType; i < enmTotal; i ++)
  {
   VARIANT v;
   BSTR strClassProp = SysAllocString(arrStrFields[i]);
   hRes = pClassObject->Get(strClassProp, 0, &v, 0, 0);

   SysFreeString(strClassProp);
   _bstr_t bstrPath = &v;  //Just to convert BSTR to ANSI
   char* strPath=(char*)bstrPath;

   if (SUCCEEDED(hRes))
   {
    if (i == enmAccountType)
    {
     m_lstUsers.InsertItem(nItemIndex, strPath);
    }
    else
    {
     m_lstUsers.SetItemText(nItemIndex, i, strPath);
    }
   }

   VariantClear( &v );
  }
  nItemIndex ++;
 }

Step 7: Free memory.

 pIWbemLocator->Release();
 pWbemServices->Release();
 pEnumObject->Release();
 pClassObject->Release();
 CoUninitialize();

Note

For more information about the Win32_UserAccount class used in this script, click here.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Written By

Le Thanh Cong

Software Developer (Senior)

Vietnam

Study at Hanoi University of Technology 2001-2006

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.