Platform SDK: Network Management

NetUserModalsGet

The NetUserModalsGet function retrieves global information for all users and global groups in the security database.

Security Requirements

Windows NT: Typically, authenticated users can successfully execute the NetUserModalsGet function.

Windows 2000: If you call this function on a Windows 2000 domain controller that is running Active Directory, access is allowed or denied based on the access-control list (ACL) for the securable object. The default ACL permits all authenticated users and members of the "Pre-Windows 2000 compatible access" group to view the information. By default, the "Pre-Windows 2000 compatible access" group includes Everyone as a member. This enables anonymous access to the information if the system allows anonymous access.

If you call this function on a Windows 2000 member server or workstation, all authenticated users can view the information. Anonymous access is also permitted if the RestrictAnonymous policy setting allows anonymous access.

For more information about restricting anonymous access, see Security Requirements for the Network Management Functions.

NET_API_STATUS NetUserModalsGet(
  LPCWSTR servername,  
  DWORD level,        
  LPBYTE *bufptr      
);

Parameters

servername
[in] Pointer to a constant Unicode string specifying the name of the remote server on which the function is to execute. The string must begin with \\. If this parameter is NULL, the local computer is used. For more information, see the following Remarks section.
level
[in] Specifies the information level of the data. This parameter can be one of the following values.
Value Meaning
0 Return global password parameters. The bufptr parameter points to a USER_MODALS_INFO_0 structure.
1 Return logon server and domain controller information. The bufptr parameter points to a USER_MODALS_INFO_1 structure.
2 Return domain name and identifier. The bufptr parameter points to a USER_MODALS_INFO_2 structure. For more information, see the following Remarks section.
3 Return lockout information. The bufptr parameter points to a USER_MODALS_INFO_3 structure.

A null session logon can call NetUserModalsGet anonymously at information levels 0 and 3.

bufptr
[out] Pointer to the buffer that receives the data. The format of this data depends on the value of the level parameter. This buffer is allocated by the system and must be freed using the NetApiBufferFree function.

Return Values

If the function succeeds, the return value is NERR_Success.

If the function fails, the return value can be one of the following error codes.

Value Meaning
ERROR_ACCESS_DENIED The user does not have access to the requested information.
NERR_InvalidComputer The computer name is invalid.

Remarks

To retrieve the SID of the domain to which the computer belongs, call the NetUserModalsGet function specifying a USER_MODALS_INFO_2 structure and NULL in the servername parameter. If the computer isn't a member of a domain, the function returns a NULL pointer.

The following code sample demonstrates how to retrieve global information for all users and global groups with a call to the NetUserModalsGet function. The sample calls NetUserModalsGet, specifying information level 0 (USER_MODALS_INFO_0). If the call succeeds, the sample prints global password information. Finally, the code sample frees the memory allocated for the information buffer.

#ifndef UNICODE
#define UNICODE
#endif

#include <stdio.h>
#include <windows.h> 
#include <lm.h>

int wmain(int argc, wchar_t *argv[])
{
   DWORD dwLevel = 0;
   USER_MODALS_INFO_0 *pBuf = NULL;
   NET_API_STATUS nStatus;
   LPTSTR pszServerName = NULL;

   if (argc > 2)
   {
      fwprintf(stderr, L"Usage: %s [\\\\ServerName]\n", argv[0]);
      exit(1);
   }
   // The server is not the default local computer.
   //
   if (argc == 2)
      pszServerName = argv[1];
   //
   // Call the NetUserModalsGet function; specify level 0.
   //
   nStatus = NetUserModalsGet(pszServerName,
                              dwLevel,
                              (LPBYTE *)&pBuf);
   //
   // If the call succeeds, print the global information.
   //
   if (nStatus == NERR_Success)
   {
      if (pBuf != NULL)
      {
         printf("\tMinimum password length:  %d\n", pBuf->usrmod0_min_passwd_len);
         printf("\tMaximum password age (d): %d\n", pBuf->usrmod0_max_passwd_age/86400);
         printf("\tMinimum password age (d): %d\n", pBuf->usrmod0_min_passwd_age/86400);
         printf("\tForced log off time (s):  %d\n", pBuf->usrmod0_force_logoff);
         printf("\tPassword history length:  %d\n", pBuf->usrmod0_password_hist_len);
      }
   }
   // Otherwise, print the system error.
   //
   else
      fprintf(stderr, "A system error has occurred: %d\n", nStatus);
   //
   // Free the allocated memory.
   //
   if (pBuf != NULL)
      NetApiBufferFree(pBuf);

   return 0;
}

If you are programming for Active Directory, you may be able to call certain Active Directory Service Interface (ADSI) methods to achieve the same functionality you can achieve by calling the network management user modal functions. For more information, see IADsDomain.

Requirements

  Windows NT/2000: Requires Windows NT 3.1 or later.
  Windows 95/98: Unsupported.
  Header: Declared in Lmaccess.h; include Lm.h.
  Library: Use Netapi32.lib.

See Also

Network Management Overview, Network Management Functions, User Modals Functions, NetUserModalsSet, USER_MODALS_INFO_0, USER_MODALS_INFO_1, USER_MODALS_INFO_2, USER_MODALS_INFO_3

Built on Wednesday, February 09, 2000