Re: Urgent: Adding users to log on locally list programmatically using C#

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

On May 9, 10:06 am, abhishek.gi...@xxxxxxxxx wrote:
On May 8, 3:29 pm, abhishek.gi...@xxxxxxxxx wrote:





On May 8, 6:29 am, "Willy Denoyette [MVP]"

<willy.denoye...@xxxxxxxxxx> wrote:
<abhishek.gi...@xxxxxxxxx> wrote in message

news:1178544642.175729.8560@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Oh and I had testusersin mind, so basically - "testuser1" for
example.

Well, actually there is nothing in the Framework that helps you with this.
So you will have to call into some WIn32 LSA API's using PInvoke.
Basically what you need to do is:
1. Get a LSA Policy handle for the target system, by calling LsaOpenPolicy.
2. Get the SID of the user account, by calling LsaLookupNames2
3. Add the "SeInteractiveLogonRight" for the account, by means of a call to
LsaAddAccountRights.
Note that LSA_UNICODE_STRING type as used in these API's is not a CLR
string, it's a structure you need to initialize correctly before you call
the API's, watch out!.

But again, before you can grant this privilege to an account, the account
MUST exist, why not simply create the account and make it a member of the
"users" group or a group which already has the "Allow Logon Locally"
privilege"?

Willy.

I did that and it says -- "specified privilege does not exist" for
"SeInteractiveLogonRight"- Hide quoted text -

- Show quoted text -

whoops pressed the wrong button. Sorry about that- Hide quoted text -

- Show quoted text -

Thanks for all the help. Never mind replying to my previous message.
It was a really stupid mistake. Its all working.

Thanks again!

.

Quantcast