How can I get a list of Local Windows Users (Only the Users that appear in the windows Logon Screen)
I have tried many methods using Windows Principle library & WMI Select commands. I keep getting Administrator, Guest & some other bizarre accounts (VUSRNEIL-DELL, $HOMEGROUPUSER, ASPNET...etc.)
Neither of these 3 user accounts appear on the Logon screen. How can I Differentiate between these user types?
I am coding in C#
Just add a reference to System.Management
in a Console Application and try this code:
using System;
using System.Management;
using System.Linq;
namespace ConsoleApplication5
{
class Program
{
static void Main(string[] args)
{
ManagementObjectSearcher usersSearcher = new ManagementObjectSearcher(@"SELECT * FROM Win32_UserAccount");
ManagementObjectCollection users = usersSearcher.Get();
var localUsers = users.Cast<ManagementObject>().Where(
u => (bool)u["LocalAccount"] == true &&
(bool)u["Disabled"] == false &&
(bool)u["Lockout"] == false &&
int.Parse(u["SIDType"].ToString()) == 1 &&
u["Name"].ToString() != "HomeGroupUser$");
foreach (ManagementObject user in localUsers)
{
Console.WriteLine("Account Type: " + user["AccountType"].ToString());
Console.WriteLine("Caption: " + user["Caption"].ToString());
Console.WriteLine("Description: " + user["Description"].ToString());
Console.WriteLine("Disabled: " + user["Disabled"].ToString());
Console.WriteLine("Domain: " + user["Domain"].ToString());
Console.WriteLine("Full Name: " + user["FullName"].ToString());
Console.WriteLine("Local Account: " + user["LocalAccount"].ToString());
Console.WriteLine("Lockout: " + user["Lockout"].ToString());
Console.WriteLine("Name: " + user["Name"].ToString());
Console.WriteLine("Password Changeable: " + user["PasswordChangeable"].ToString());
Console.WriteLine("Password Expires: " + user["PasswordExpires"].ToString());
Console.WriteLine("Password Required: " + user["PasswordRequired"].ToString());
Console.WriteLine("SID: " + user["SID"].ToString());
Console.WriteLine("SID Type: " + user["SIDType"].ToString());
Console.WriteLine("Status: " + user["Status"].ToString());
}
Console.ReadKey();
}
}
}
If you're using WMI to query Win32_UserAccount
you can display only items that meet following conditions:
- Property
AccountType
has the UF_NORMAL_ACCOUNT
flag.
- Property
Disabled
is false
.
- Property
Lockout
is false
.
- Property
LocalAccount
is true
.
- Property
SIDType
is SidTypeUser
.
If you can't use WMI (or you do not want to use it) then you have to do a little bit more work, basically you have to use NetGroupGetUsers function to enumerate all users. See this article on CodeProject for an example.
If you want to use a wrappered solution, NuGet has the "Continuous.Management" package - which is an open source project: https://github.com/jarzynam/continuous
This will give you a list of all user accounts, their domain, full name and SID.
wmic useraccount get domain,name,sid