Edit

Win32_NetworkLoginProfile class

  • Article

The Win32_NetworkLoginProfileWMI class represents the network login information of a specific user on a computer system running Windows. This includes, but is not limited to password status, access privileges, disk quotas, and logon directory paths.

The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties.

Syntax

[Dynamic, Provider("CIMWin32"), Privileges("SeRestorePrivilege"), UUID("{8502C4E7-5FBB-11D2-AAC1-006008C78BC7}"), AMENDMENT]
class Win32_NetworkLoginProfile : CIM_Setting
{
  string   Caption;
  string   Description;
  string   SettingID;
  datetime AccountExpires;
  uint32   AuthorizationFlags;
  uint32   BadPasswordCount;
  uint32   CodePage;
  string   Comment;
  uint32   CountryCode;
  uint32   Flags;
  string   FullName;
  string   HomeDirectory;
  string   HomeDirectoryDrive;
  datetime LastLogoff;
  datetime LastLogon;
  string   LogonHours;
  string   LogonServer;
  uint64   MaximumStorage;
  string   Name;
  uint32   NumberOfLogons;
  string   Parameters;
  datetime PasswordAge;
  datetime PasswordExpires;
  uint32   PrimaryGroupId;
  uint32   Privileges;
  string   Profile;
  string   ScriptPath;
  uint32   UnitsPerWeek;
  string   UserComment;
  uint32   UserId;
  string   UserType;
  string   Workstations;
};

Members

The Win32_NetworkLoginProfile class has these types of members:

Properties

The Win32_NetworkLoginProfile class has these properties.

AccountExpires

Data type: datetime

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_acct_expires")

Account will expire. This value is calculated from the number of seconds elapsed since 00:00:00, January 1, 1970, and is set in this format: yyyymmddhhmmss.mmmmmm sutc.

Example: 20521201000230.000000 000

AuthorizationFlags

Data type: uint32

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_auth_flags"), BitValues ("Printer", "Communication", "Server", "Accounts")

Set of flags that specify the resources a user is authorized to use or modify.

1 (0x1)

Printer

2 (0x2)

Communication

4 (0x4)

Server

8 (0x8)

Accounts

BadPasswordCount

Data type: uint32

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Functions|NetUserEnum")

Number of times the user enters a bad password when logging on to a computer system running Windows.

Example: 0

Caption

Data type: string

Access type: Read-only

Qualifiers: MaxLen (64)

Short textual description of the current object.

This property is inherited from CIM_Setting.

CodePage

Data type: uint32

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_code_page")

Code page for the user's language of choice. A code page is the character set used.

Comment

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_comment")

Comment or description for this logon profile.

CountryCode

Data type: uint32

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_country_code")

Country/region code for the user's language of choice.

Description

Data type: string

Access type: Read-only

Textual description of the current object.

This property is inherited from CIM_Setting.

Flags

Data type: uint32

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_flags"), BitMap ("0", "1", "3", "4", "5", "6", "7", "8", "9", "11", "12", "13", "16", "17", "18", "19", "20", "21", "22", "23"), BitValues ("Script", "Account Disabled", "Home Dir Required", "Lockout", "Password Not Required", "Paswword Can't Change", "Encrypted Test Password Allowed", "Temp Duplicate Account", "Normal Account", "InterDomain Trust Account", "WorkStation Trust Account", "Server Trust Account", "Don't Expire Password", "MNS Logon Account", "Smartcard Required", "Trusted For Delegation", "Not Delegated", "Use DES Key Only", "Don't Require Preauthorization", "Password Expired")

The properties available to this network profile.

Properties that can be set include:

1 (0x1)

Script

A logon script executed. This value must be set for LAN Manager 2.0.

2 (0x2)

Account Disabled

The user's account is disabled.

8 (0x8)

Home Directory Required

A home directory is required.

16 (0x10)

Lockout

The account is currently locked out. For NetUserSetInfo, this value can be cleared to unlock a previously locked account. This value cannot be used to lock a previously unlocked account.

32 (0x20)

Password Not Required

No password is required.

64 (0x40)

Password Cannot Change

The user cannot change the password.

128 (0x80)

Encrypted Test Password Allowed

256 (0x100)

Temp Duplicate Account

An account for users whose primary account is in another domain. This account provides user access to this domain, but not to any domain that trusts this domain. The User Manager refers to this account type as a local user account.

512 (0x200)

Normal Account

Default account type that represents a typical user.

2048 (0x800)

Interdomain Trust Account

A permit to a trust account for a domain that trusts other domains.

4096 (0x1000)

Workstation Trust Account

A computer account for a Windows workstation or server that is a member of this domain.

8192 (0x2000)

Server Trust Account

A computer account for a backup domain controller that is a member of this domain.

65536 (0x10000)

Do Not Expire Password

131072 (0x20000)

MNS Logon Account

Majority Node Set (MNS) logon account type that represents an MNS user.

262144 (0x40000)

Smartcard Required

524288 (0x80000)

Trusted for Delegation

1048576 (0x100000)

Not Delegated

2097152 (0x200000)

Use DES Key Only

4194304 (0x400000)

Do Not Require Preauthorization

8388608 (0x800000)

Password Expired

Indicates that the password has expired.

The following properties describe the account type. Only one value can be set:

  • UF_NORMAL_ACCOUNT
  • UF_TEMP_DUPLICATE_ACCOUNT
  • UF_WORKSTATION_TRUST_ACCOUNT
  • UF_SERVER_TRUST_ACCOUNT
  • UF_INTERDOMAIN_TRUST_ACCOUNT

FullName

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_full_name")

Full name of the user belonging to the network login profile. This string can be empty if the user chooses not to associate a full name with a user name.

HomeDirectory

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_home_dir")

Path to the home directory of the user. This string may be empty if the user chooses not to specify a home directory.

Example:"\HOMEDIR"

HomeDirectoryDrive

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_home_dir_drive")

Drive letter assigned to the user's home directory for log on purposes.

Example: "C:"

LastLogoff

Data type: datetime

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_last_logoff")

User last logged off the system. This value is calculated from the number of seconds elapsed since 00:00:00, January 1, 1970. A value of " **************.******+*** " means that the last logoff time is unknown. The format of this value is yyyymmddhhmmss.mmmmmm sutc. For information about translating this property into your local time, see WMI Tasks: Dates and Times.

Example: 19521201000230.000000 000

LastLogon

Data type: datetime

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_last_logon")

User last logged on to the system. This value is calculated from the number of seconds elapsed since 00:00:00, January 1, 1970. The format of this value is yyyymmddhhmmss.mmmmmm sutc. For information about translating this property into your local time, see WMI Tasks: Dates and Times.

Example: 19521201000230.000000 000

LogonHours

Data type: string

Access type: Read-only

Qualifiers: MaxLen (147), MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_logon_hours")

Times during the week when the user can log on. Each bit represents a unit of time specified by the UnitsPerWeek property. For instance, if the unit of time is hourly, the first bit (bit 0, word 0) is Sunday, 0:00 to 0:59, the second bit (bit 1, word 0) is Sunday, 1:00 to 1:59, and so on. If this member is set to NULL, then there is no time restriction. The time is set to GMT and must be adjusted for other time zones (for example, GMT minus 8 hours for PST).

LogonServer

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_logon_server")

Name of the server to which logon requests are sent. Server names should be preceded by two backslashes (\\). A server name with an asterisk (\\*) indicates that the logon request can be handled by any logon server. A null string indicates that requests are sent to the domain controller.

Example: "\\MyServer"

MaximumStorage

Data type: uint64

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_max_storage"), Units ("bytes")

Maximum amount of disk space available to the user. If MaximumStorage is set to USER_MAXSTORAGE_UNLIMITED, the user is allowed to use all of the available disk space.

Example: 10000000

For more information about using uint64 values in scripts, see Scripting in WMI.

Name

Data type: string

Access type: Read-only

Qualifiers: key, MaxLen (256), MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_name")

User account on a particular domain or computer. The number of characters in the name cannot exceed the value of UNLEN.

Example: "somedomain\johndoe"

NumberOfLogons

Data type: uint32

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_num_logons")

Number of successful times the user tried to log on to this account. A value of 0xFFFFFFFF indicates that the value is unknown. This property is maintained separately on each backup domain controller (BDC) in the domain. To get an accurate value, only the largest value from all BDCs should be used.

Example: 4

Parameters

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_parms")

Space set aside for use by applications. This string can be null, or it can have any number of characters before the terminating null character. Microsoft products use this member to store user configuration information. Do not modify this information, because this value is specific to an application.

PasswordAge

Data type: datetime

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_password_age")

Length of time a password has been in effect. This value is measured from the number of seconds elapsed since the password was last changed.

Example: 00001201000230.000000 000

PasswordExpires

Data type: datetime

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_MODALS_INFO_0|usrmod0_max_passwd_age")

Date and time the password expires. The value is set in this format: yyyymmddhhmmss.mmmmmm sutc

Example: 19521201000230.000000 000

PrimaryGroupId

Data type: uint32

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_primary_group_id")

Relative identifier (RID) of the Primary Global Group for this user. The identifier verifies the primary group to which the user's profile belongs.

Privileges

Data type: uint32

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_priv")

Level of privilege assigned to the usri3_name property.

Guest (0)

User (1)

Administrator (2)

Profile

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_profile")

Path to the user's profile. This value can be a null string, a local absolute path, or a UNC path. A user profile contains settings that are customizable for each user such as the desktop colors.

Example: "C:\Windows"

ScriptPath

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_script_path")

Directory path to the user's logon script. A logon script automatically executes a set of commands each time a user logs on to a system.

Example: "C:\win\profiles\ThomasSteven"

SettingID

Data type: string

Access type: Read-only

Qualifiers: MaxLen (256)

Identifier by which the current object is known.

This property is inherited from CIM_Setting.

UnitsPerWeek

Data type: uint32

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_units_per_week")

Number of time units the week is divided into. It is used with the LogonHours property to limit user access to the computer.

Example: 168 (hours per week)

UserComment

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_usr_comment")

User-defined comment or description for this profile.

UserId

Data type: uint32

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_user_id")

RID of the user. The identifier verifies that the user exists and is unique to this domain.

UserType

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_flags")

Type of account to which the user has privileges.

The values are:

  • "Normal Account"
  • "Duplicate Account"
  • "Workstation Trust Account"
  • "Server Trust Account"
  • "Interdomain Trust Account"
  • "Unknown"

Normal Account ("Normal Account")

Duplicate Account ("Duplicate Account")

Workstation Trust Account ("Workstation Trust Account")

Server Trust Account ("Server Trust Account")

Interdomain Trust Account ("Interdomain Trust Account")

Unknown ("Unknown")

Workstations

Data type: string

Access type: Read-only

Qualifiers: MappingStrings ("Win32API|Network Management Structures|USER_INFO_3|usri3_workstations")

Names of workstations from which the user can log on. Up to eight workstations can be specified; the names must be separated by commas (,). A null string indicates no restrictions. To disable logons from all workstations to this account, set the UF_ACCOUNTDISABLE in the Flags property of this class.

Remarks

The Win32_NetworkLoginProfile class is derived from CIM_Setting.

The calling process that uses this class must have the SE_RESTORE_NAME privilege on the computer in which the registry resides. For more information, see Executing Privileged Operations.

Examples

The following VBScript sample returns network login information.

On Error Resume Next 
 
strComputer = "." 
Set objWMIService = GetObject("winmgmts:" _ 
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") 
 
Set colItems = objWMIService.ExecQuery _ 
    ("Select * from Win32_NetworkLoginProfile") 
 
For Each objItem in colItems 
    dtmWMIDate = objItem.AccountExpires 
    strReturn = WMIDateStringToDate(dtmWMIDate) 
    Wscript.Echo "Account Expires: " & strReturn 
    Wscript.Echo "Authorization Flags: " & objItem.AuthorizationFlags 
    Wscript.Echo "Bad Password Count: " & objItem.BadPasswordCount 
    Wscript.Echo "Caption: " & objItem.Caption 
    Wscript.Echo "CodePage: " & objItem.CodePage 
    Wscript.Echo "Comment: " & objItem.Comment 
    Wscript.Echo "Country Code: " & objItem.CountryCode 
    Wscript.Echo "Description: " & objItem.Description 
    Wscript.Echo "Flags: " & objItem.Flags 
    Wscript.Echo "Full Name: " & objItem.FullName 
    Wscript.Echo "Home Directory: " & objItem.HomeDirectory 
    Wscript.Echo "Home Directory Drive: " & objItem.HomeDirectoryDrive 
    dtmWMIDate = objItem.LastLogoff 
    strReturn = WMIDateStringToDate(dtmWMIDate) 
    Wscript.Echo "Last Logoff: " & strReturn 
    dtmWMIDate = objItem.LastLogon 
    strReturn = WMIDateStringToDate(dtmWMIDate) 
    Wscript.Echo "Last Logon: " & strReturn 
    Wscript.Echo "Logon Hours: " & objItem.LogonHours 
    Wscript.Echo "Logon Server: " & objItem.LogonServer 
    Wscript.Echo "Maximum Storage: " & objItem.MaximumStorage 
    Wscript.Echo "Name: " & objItem.Name 
    Wscript.Echo "Number Of Logons: " & objItem.NumberOfLogons 
    Wscript.Echo "Password Age: " & objItem.PasswordAge 
    dtmWMIDate = objItem.PasswordExpires 
    strReturn = WMIDateStringToDate(dtmWMIDate) 
    Wscript.Echo "Password Expires: " & strReturn 
    Wscript.Echo "Primary Group ID: " & objItem.PrimaryGroupId 
    Wscript.Echo "Privileges: " & objItem.Privileges 
    Wscript.Echo "Profile: " & objItem.Profile 
    Wscript.Echo "Script Path: " & objItem.ScriptPath 
    Wscript.Echo "Setting ID: " & objItem.SettingID 
    Wscript.Echo "Units Per Week: " & objItem.UnitsPerWeek 
    Wscript.Echo "User Comment: " & objItem.UserComment 
    Wscript.Echo "User Id: " & objItem.UserId 
    Wscript.Echo "User Type: " & objItem.UserType 
    Wscript.Echo "Workstations: " & objItem.Workstations 
    Wscript.Echo 
Next 
  
Function WMIDateStringToDate(dtmWMIDate) 
    If Not IsNull(dtmWMIDate) Then 
    WMIDateStringToDate = CDate(Mid(dtmWMIDate, 5, 2) & "/" & _ 
         Mid(dtmWMIDate, 7, 2) & "/" & Left(dtmWMIDate, 4) _ 
             & " " & Mid (dtmWMIDate, 9, 2) & ":" & _ 
                 Mid(dtmWMIDate, 11, 2) & ":" & Mid(dtmWMIDate, 13, 2)) 
    End If 
End Function

Requirements

Requirement Value
Minimum supported client
 Windows Vista
Minimum supported server
 Windows Server 2008
Namespace
 Root\CIMV2
MOF
CIMWin32.mof
DLL
CIMWin32.dll

See also

CIM_Setting

Operating System Classes