Hi @Cmp Sowmya ,
After discussing with the engineer today, confirm that there is currently no API or method that can meet your needs.
Thank you.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
In general, the user must have admin access or group access for using Windows Active Directory. From customer log, we confirmed that they do not have such access.
Since the user do not have the privileges, it fails in the NetUSerGetInfo API call and returned the nStatus as 5.
NetUserGetinfo failed with nStatus: 5
Return codeDescriptionERROR_ACCESS_DENIEDThe user does not have access to the requested information.
Below is the document we referred from Microsoft for Error_Access_Denied.
Our code was implemented according to Requirements for Network Management Functions on Active Directory Domain Controllers.
If we call the Windows API which is listed in the below document either it should allow the access or denied based on the Access control list.
Below is the document / link from Microsoft for this:https://learn.microsoft.com/en-us/windows/win32/netmgmt/requirements-for-network-management-functions-on-active-directory-domain-controllers
The default security policy restricts anonymous local access to having no rights. A local access group exists for applications with the same access rights as Everyone. Administrators can then appropriately increase or decrease the number of users in that group, named the Pre-Windows 2000-Compatible Access Group.
Due to security policy in customer end they can't give this privileges to all. So that NetUserGetInfo API fail to admit the User.
Our Query is :-
Is there any other Microsoft API call to fix this issue that allow normal user to access the Windows active directory without any privileges?
Hi @Cmp Sowmya ,
After discussing with the engineer today, confirm that there is currently no API or method that can meet your needs.
Thank you.