3.2.5.13 NetUserGetInfo Command
The Remote Administration Protocol server MUST process NetUserGetInfoRequest as follows:
The server MUST validate that the incoming ParamDesc field of the Remote Administration Protocol request contains the ASCII string "zWrLh"; if it does not, the server SHOULD format a Remote Administration Protocol response with the Win32ErrorCode set to ERROR_INVALID_PARAMETER (0x0057), and then return the response to the client.<84>
If the information level is 0, then the server implementing NetUserGetInfo MUST fill the RAPOutData field of SMB_TRANSACTION response with NetUserInfo0 structure.
If the information level is 1, then the server implementing NetUserGetInfo MUST fill the RAPOutData field of SMB_TRANSACTION response with the NetUserInfo1 structure.
If the information level is 2, then the server implementing NetUserGetInfo MUST fill the RAPOutData field of SMB_TRANSACTION response with the NetUserInfo2 structure.
If the information level is 10, then the server implementing NetUserGetInfo MUST fill the RAPOutData field of SMB_TRANSACTION response with the NetUserInfo10 structure.
If the information level is 11, then the server implementing NetUserGetInfo MUST fill the RAPOutData field of SMB_TRANSACTION response with the NetUserInfo11 structure.
If the information level is any value other than 0, 1, 2, 10 and 11, the server implementing NetUserGetInfo MUST set the Win32ErrorCode value in the Remote Administration Protocol response message to ERROR_INVALID_LEVEL (0x007C).
The Remote Administration Protocol server MUST create a Remote Administration Protocol response message with the RAPOutParams set to the contents of a NetUserGetInfoResponse message. The Remote Administration Protocol server MUST return information about user configuration (as specified in section 2.5.8.3.5). This information SHOULD be obtained using the Security Account Manager (SAM) Remote Protocol [MS-SAMR] as follows:
The server MUST issue a SamrConnect request as specified in [MS-SAMR] section 3.1.5.1.4, with the following parameters:
Parameter
Value
ServerName
The name of the local machine
DesiredAccess
0x31
If this call succeeds, the server MUST issue a SamrLookupDomainInSamServer request as specified in [MS-SAMR] section 3.1.5.11.1, with the following parameters:
Parameter
Value
ServerHandle
The serverHandle value returned from the SamrConnect request
Name
The name of the local machine
If this call succeeds, the server MUST issue a SamrOpenDomain request as specified in [MS-SAMR] section 3.1.5.1.5, with the following parameters:
Parameter
Value
ServerHandle
The serverHandle value returned from the SamrConnect request
DesiredAccess
0x200
DomainId
The DomainId value returned from the SamrLookupDomainInSamServer request
If this call succeeds, the server MUST issue a SamrLookupNamesInDomain request as specified in [MS-SAMR] section 3.1.5.11.2, with the following parameters:
Parameter
Value
DomainHandle
The domainHandle value returned from the SamrOpenDomain request
Count
1
Names
NetUserGetInfoRequest.Name
If this call succeeds, the server MUST issue a SamrOpenUser request as specified in [MS-SAMR] section 3.1.5.1.9, with the following parameters:
Parameter
Value
DomainHandle
The domainHandle value returned from the SamrOpenDomain request
DesiredAccess
0x2031A
UserId
The RID value returned from the SamrLookupNamesInDomain request
If this call succeeds, the server MUST issue a SamrQueryInformationUser2 request as specified in [MS-SAMR] section 3.1.5.5.5, with the following parameters:
Parameter
Value
UserHandle
The userHandle value returned from the SamrOpenUser request
UserInformationClass
UserAllInformation
If any of the SAM requests fail, the error code MUST be returned to the caller. If the query succeeds, the server MUST construct a NetUserGetInfoResponse message from the information in the SAMPR_USER_ALL_INFORMATION structure according to the following mapping:
NetUserGetInfoResponse field
SAMPR_USER_ALL_INFORMATION field
Name
UserName
CommentLow and CommentHigh
AdminComment
UserCommentLow and UserCommentHigh
UserComment
FullNameLow and FullNameHigh
FullName
Priv
UserAccountControl
AuthFlags
UserAccountControl
PasswordAge
PasswordLastSet
HomeDirLow and HomeDirHigh
HomeDirectory
ParmsLow and ParmsHigh
Parameters
LastLogon
LastLogon
LastLogoff
LastLogoff
BadPWCount
BadPasswordCount
NumLogons
LogonCount
LogonServerLow and LogonServerHigh
"\\*"
CountryCode
CountryCode
WorkstationsLow and WorkstationsHigh
WorkStations
MaxStorage
0xFFFFFFFF
UnitsPerWeek
_SAMPR_LOGON_HOURS.UnitsPerWeek
LogonHoursLow and LogonHoursHigh
_SAMPR_LOGON_HOURS.LogonHours
CodePage
CodePage
If the request ReceiveBuffersSize field is less than the response TotalBytesAvailable field, the Remote Administration Protocol server MUST set the Win32ErrorCode value in the Remote Administration Protocol response message to ERROR_MORE_DATA (0x00EA).
If any other errors occur during the response processing, the Remote Administration Protocol server MUST fill the Win32ErrorCode value in the Remote Administration Protocol response message with the Win32ErrorCode corresponding to the error, as specified in [MS-ERREF]. Otherwise, the Remote Administration Protocol server MUST set Win32ErrorCode to ERROR_SUCCESS (0X0000).