65.9K
CodeProject is changing. Read more.
Home

Using WMI to enumerate local user accounts

Le Thanh Cong
starIconstarIconstarIcon
emptyStarIcon
starIcon
emptyStarIcon

3.77/5 (4 votes)

May 5, 2006

CPOL
viewsIcon

47060

downloadIcon

1224

How to use WMI to enumerate local user accounts.

Sample Image - EnumerateLocalUser.jpg

Introduction

Sometimes, you want to get information about user accounts in your computer. This article will help you get that information using WMI.

Supported Platforms

Windows Server 2003

Yes

Windows XP

Yes

Windows 2000

Yes, except for the property LocalAccount

Windows NT 4.0

Yes, except for the property LocalAccount, and with WMI installed.

Windows 98

Yes, except for the property LocalAccount, and with WMI installed

How to use it?

Step 1: Initialize COM:

 CoInitialize(NULL);

Step 2: Set COM security levels:

 //Security needs to be initialized in XP first
 // and this was the major problem
 //why it was not working in XP.
 if(CoInitializeSecurity( NULL,
   -1,
   NULL,
   NULL,
   RPC_C_AUTHN_LEVEL_PKT,
   RPC_C_IMP_LEVEL_IMPERSONATE,
   NULL,
   EOAC_NONE,
   0
  ) != S_OK)
  return;

Step 3: Obtain the initial locator to WMI:

 IWbemLocator * pIWbemLocator = NULL;
 IWbemServices * pWbemServices = NULL;
 IEnumWbemClassObject * pEnumObject  = NULL;

 BSTR bstrNamespace = (L"root\\cimv2");


 if(CoCreateInstance (
    CLSID_WbemAdministrativeLocator,
    NULL ,
    CLSCTX_INPROC_SERVER | CLSCTX_LOCAL_SERVER , 
    IID_IUnknown ,
    ( void ** ) & pIWbemLocator
            ) != S_OK)
    return;

Step 4: Connect to WMI through the IWbemLocator::ConnectServer method:

 if(pIWbemLocator->ConnectServer(
     bstrNamespace,  // Namespace
     NULL,          // Userid
     NULL,           // PW
     NULL,           // Locale
     0,              // flags
     NULL,           // Authority
     NULL,           // Context
     &pWbemServices
                ) != S_OK)
    return;

Step 5: Use the IWbemServices pointer to make requests of WMI:

 HRESULT hRes;
 BSTR strQuery = (L"Select * from Win32_UserAccount") + 
                 (L" Where LocalAccount = True");
 BSTR strQL = (L"WQL");
 hRes = pWbemServices->ExecQuery(strQL, strQuery, 
        WBEM_FLAG_RETURN_IMMEDIATELY, NULL, &pEnumObject);
 
 if(hRes != S_OK)
 {
  MessageBox("Could not execute Query");
  return;
 }

Step 6: Get data from the query in step 5.

 ULONG uCount = 1, uReturned;
 IWbemClassObject * pClassObject = NULL;


 hRes = pEnumObject->Reset();

 if(hRes != S_OK)
 {
  MessageBox("Could not Enumerate");
  return;
 }

 int nItemIndex = 0;
 while (1)
 {
  hRes = pEnumObject->Next(WBEM_INFINITE, uCount, 
         &pClassObject, &uReturned);
  if(hRes != S_OK)
  {
   break;
  }

  for (int i = enmAccountType; i < enmTotal; i ++)
  {
   VARIANT v;
   BSTR strClassProp = SysAllocString(arrStrFields[i]);
   hRes = pClassObject->Get(strClassProp, 0, &v, 0, 0);

   SysFreeString(strClassProp);
   _bstr_t bstrPath = &v;  //Just to convert BSTR to ANSI
   char* strPath=(char*)bstrPath;

   if (SUCCEEDED(hRes))
   {
    if (i == enmAccountType)
    {
     m_lstUsers.InsertItem(nItemIndex, strPath);
    }
    else
    {
     m_lstUsers.SetItemText(nItemIndex, i, strPath);
    }
   }

   VariantClear( &v );
  }
  nItemIndex ++;
 }

Step 7: Free memory.

 pIWbemLocator->Release();
 pWbemServices->Release();
 pEnumObject->Release();
 pClassObject->Release();
 CoUninitialize();

Note

For more information about the Win32_UserAccount class used in this script, click here.