3.2.5.13 NetUserGetInfo Command

The Remote Administration Protocol server MUST process NetUserGetInfoRequest as follows:

  1. The server MUST validate that the incoming ParamDesc field of the Remote Administration Protocol request contains the ASCII string "zWrLh"; if it does not, the server SHOULD format a Remote Administration Protocol response with the Win32ErrorCode set to ERROR_INVALID_PARAMETER (0x0057), and then return the response to the client.<84>

  2. If the information level is 0, then the server implementing NetUserGetInfo MUST fill the RAPOutData field of SMB_TRANSACTION response with NetUserInfo0 structure.

  3. If the information level is 1, then the server implementing NetUserGetInfo MUST fill the RAPOutData field of SMB_TRANSACTION response with the NetUserInfo1 structure.

  4. If the information level is 2, then the server implementing NetUserGetInfo MUST fill the RAPOutData field of SMB_TRANSACTION response with the NetUserInfo2 structure.

  5. If the information level is 10, then the server implementing NetUserGetInfo MUST fill the RAPOutData field of SMB_TRANSACTION response with the NetUserInfo10 structure.

  6. If the information level is 11, then the server implementing NetUserGetInfo MUST fill the RAPOutData field of SMB_TRANSACTION response with the NetUserInfo11 structure.

  7. If the information level is any value other than 0, 1, 2, 10 and 11, the server implementing NetUserGetInfo MUST set the Win32ErrorCode value in the Remote Administration Protocol response message to ERROR_INVALID_LEVEL (0x007C).

  8. The Remote Administration Protocol server MUST create a Remote Administration Protocol response message with the RAPOutParams set to the contents of a NetUserGetInfoResponse message. The Remote Administration Protocol server MUST return information about user configuration (as specified in section 2.5.8.3.5). This information SHOULD be obtained using the Security Account Manager (SAM) Remote Protocol [MS-SAMR] as follows:

    • The server MUST issue a SamrConnect request as specified in [MS-SAMR] section 3.1.5.1.4, with the following parameters:

      Parameter

      Value

      ServerName

      The name of the local machine

      DesiredAccess

      0x31

    • If this call succeeds, the server MUST issue a SamrLookupDomainInSamServer request as specified in [MS-SAMR] section 3.1.5.11.1, with the following parameters:

      Parameter

      Value

      ServerHandle

      The serverHandle value returned from the SamrConnect request

      Name

      The name of the local machine

    • If this call succeeds, the server MUST issue a SamrOpenDomain request as specified in [MS-SAMR] section 3.1.5.1.5, with the following parameters:

      Parameter

      Value

      ServerHandle

      The serverHandle value returned from the SamrConnect request

      DesiredAccess

      0x200

      DomainId

      The DomainId value returned from the SamrLookupDomainInSamServer request

    • If this call succeeds, the server MUST issue a SamrLookupNamesInDomain request as specified in [MS-SAMR] section 3.1.5.11.2, with the following parameters:

      Parameter

      Value

      DomainHandle

      The domainHandle value returned from the SamrOpenDomain request

      Count

      1

      Names

      NetUserGetInfoRequest.Name

    • If this call succeeds, the server MUST issue a SamrOpenUser request as specified in [MS-SAMR] section 3.1.5.1.9, with the following parameters:

      Parameter

      Value

      DomainHandle

      The domainHandle value returned from the SamrOpenDomain request

      DesiredAccess

      0x2031A

      UserId

      The RID value returned from the SamrLookupNamesInDomain request

    • If this call succeeds, the server MUST issue a SamrQueryInformationUser2 request as specified in [MS-SAMR] section 3.1.5.5.5, with the following parameters:

      Parameter

      Value

      UserHandle

      The userHandle value returned from the SamrOpenUser request

      UserInformationClass

      UserAllInformation

      If any of the SAM requests fail, the error code MUST be returned to the caller. If the query succeeds, the server MUST construct a NetUserGetInfoResponse message from the information in the SAMPR_USER_ALL_INFORMATION structure according to the following mapping:

      NetUserGetInfoResponse field

      SAMPR_USER_ALL_INFORMATION field

      Name

      UserName

      CommentLow and CommentHigh

      AdminComment

      UserCommentLow and UserCommentHigh

      UserComment

      FullNameLow and FullNameHigh

      FullName

      Priv

      UserAccountControl

      AuthFlags

      UserAccountControl

      PasswordAge

      PasswordLastSet

      HomeDirLow and HomeDirHigh

      HomeDirectory

      ParmsLow and ParmsHigh

      Parameters

      LastLogon

      LastLogon

      LastLogoff

      LastLogoff

      BadPWCount

      BadPasswordCount

      NumLogons

      LogonCount

      LogonServerLow and LogonServerHigh

      "\\*"

      CountryCode

      CountryCode

      WorkstationsLow and WorkstationsHigh

      WorkStations

      MaxStorage

      0xFFFFFFFF

      UnitsPerWeek

      _SAMPR_LOGON_HOURS.UnitsPerWeek

      LogonHoursLow and LogonHoursHigh

      _SAMPR_LOGON_HOURS.LogonHours

      CodePage

      CodePage

  9. If the request ReceiveBuffersSize field is less than the response TotalBytesAvailable field, the Remote Administration Protocol server MUST set the Win32ErrorCode value in the Remote Administration Protocol response message to ERROR_MORE_DATA (0x00EA).

  10. If any other errors occur during the response processing, the Remote Administration Protocol server MUST fill the Win32ErrorCode value in the Remote Administration Protocol response message with the Win32ErrorCode corresponding to the error, as specified in [MS-ERREF]. Otherwise, the Remote Administration Protocol server MUST set Win32ErrorCode to ERROR_SUCCESS (0X0000).