2.2.1.11.2 User Inner Element

  • Article

This element refers to a user object that is local to the client computer.

The Local Users element maintains local users and in general delivers the same functionality as the NetUserAdd API. For more information on NetUserAdd, see [MSDN-NETUSERADD].

Attribute name

Description

action

(optional) If specified, the value MUST be C, D, R, or U, corresponding to Create, Delete, Replace, and Update. If unspecified, the default value is U.

  • Create: This action MUST be used to create a new local user on the local computer. If the local user exists, then it MUST NOT be modified, and an error MUST NOT be returned.

  • Delete: This action MUST be used to remove a local user from the local computer. If the user does not exist, then the client MUST NOT perform an action, and an error MUST NOT be returned.

  • Replace: This action MUST be used to delete and re-create a local user for the local computer. The net result of the Replace action MUST be to overwrite all existing settings associated with the local user. If the local user does not exist, then the Replace action MUST create a new local user.<10>

  • Update: This action MUST be used to rename or modify settings of an existing user. This action differs from Replace in that it MUST update the settings defined within the preference item. All other settings MUST remain as previously configured. If the local user does not exist, then a new local user MUST be created.

    Note The Update action MUST NOT change the SID of the user.

userName

MUST be set to the name of the targeted local user. If the user exists, the user with this name MUST be used as the target of the requested action. A new user with this name MUST be created if the user does not exist.

newName

 MUST be set to the new name of the local user. The user with the name that matches userName MUST be renamed to the name provided in newName.

Note This option is only applicable when using the Update action.

fullName

MUST be text used to display the full name of the local user.

description

(optional) MUST be text used to describe the purpose or use of the local user.

cpassword

 (optional) MUST be the password used to connect to the indicated data provider. The password is encrypted using an AES-derived encryption key when the preference is created and decrypted in the client during client processing.

changeLogon

(optional) MUST be set to 1 to force the newly created or updated local user to change his or her password at the next logon.

acctDisabled

(optional) MUST be set to 1 to disable the newly created or updated local user.

neverExpires

(optional) MUST be set to 0 to force the newly created or updated local user account to expire. MUST be set to 1 if the newly created or updated local user account will never expire.

Note If set to 1, this value supersedes expires.

expires

(optional) MUST be the expiration date of the account in the format YYYY-MM-DD local time. The time is assumed to be 23:59 on the assigned date.

nochange

(optional) If 1, then the client MUST block the newly created or updated local user account from changing its password.