ahmd0
ahmd0

Reputation: 17313

WinAPI NetUserGetInfo() fails with NERR_UserNotFound error code on Active Directory domain

I'm running the following piece of code from a local service application. The purpose is to obtain the path to a user's profile before calling LoadUserProfile() to load that user's profile before calling CreateProcessAsUser() to run a user-mode process on behalf of that user.

Note that this question is not about LoadUserProfile(), or CreateProcessAsUser().

What happens is this. When the code below is run on Windows XP w/SP3 that is a part of the Active Directory domain, with a single user logged in via a local console (that user's session ID is used below) the NetUserGetInfo() API fails. Also note that it works fine in any other circumstance:

//'dwSessID' = session ID of the user to retrieve a user profile path for
LPTSTR pUserName = NULL;
DWORD dwcbSzUserName = 0;
if(!WTSQuerySessionInformation(WTS_CURRENT_SERVER_HANDLE, dwSessID, WTSUserName, &pUserName, &dwcbSzUserName))
{
    //Error
    return false;
}

USER_INFO_4* pUI4 = NULL;
DWORD dwNetStatus;
if((dwNetStatus = NetUserGetInfo(NULL, pUserName, 4, (BYTE**)&pUI4)) == NERR_Success)
{
    PROFILEINFO pfi = {0};
    pfi.dwSize = sizeof(pfi);
    pfi.lpUserName = pUserName;
    pfi.dwFlags = PI_NOUI;
    pfi.lpProfilePath = pUI4->usri4_profile;

    LoadUserProfile(hToken, &pfi);

    //And so on
}
else
{
    //On that specific machine I get here with 'dwNetStatus' = 2221, 
    //or NERR_UserNotFound, that according to MSDN is 
    //"The user name could not be found."
    //Also note that GetLastError is not used for this API.
}

Can some suggest why can NetUserGetInfo() fail on that particular machine, and how to fix this code?

PS. I know that MSDN for NetUserGetInfo states that there might be issues with a ACL on Active Directory domain, but it doesn't specify how to set one...

Upvotes: 0

Views: 3218

Answers (3)

Lauren Ottawa
Lauren Ottawa

Reputation: 3

Noticed you are calling NetUserGetInfo with pUserName the type of LPTSTR. Sometimes it won't work (if you will compile your project to use ANSII strings by default).

Consider changing you string types to LPWSTR.

Upvotes: 0

Werner Henze
Werner Henze

Reputation: 16781

As JPBlanc stated NetUserGetInfo with level 4 is valid only on servers.

Another problem is that you retrieve the name of the logged on user, but not the domain the user belongs to.

Upvotes: 0

JPBlanc
JPBlanc

Reputation: 72680

If I read the documentation for NetUserGetInfo, for the information level of the data you code 4 . It's written Level 4 Return detailed information and additional attributes about the user account. This level is valid only on servers. As far as I understand it's not your case. Do you verify the value of pUserName returned by WTSQuerySessionInformation.

Upvotes: 1

Related Questions