in reply to NetUserEnum using Win32::API

This is a slightly updated version of the program from check for DISABLED account on win32. With very minor changes, it will get you your user list.

Run it like this:
perl <Prog-name> <Computer-name> <Computer-name>

The first <Computer-name> replaces the domain name, and the second is for the domain controller name. This program works for NT/2000 style domain accounts as well. 

#####################################################
##                                                 ##
##         USERLIST.PL                             ##
##           written by Vijay Anand                ##
##           January 2004                          ##
##                                                 ##
#####################################################


use strict;
use Win32API::Net qw(:User :Get);

my @users;
my $domain = shift || 'WONDERWARE_HQ';
my $domain_controller = shift;
#my $filterNormalAccounts = Win32API::Net::FILTER_NORMAL_ACCOUNT();
#my $dontexpirepassword = UF_DONT_EXPIRE_PASSWD();
my %UF;

# Convert Subroutine calls into a simple hash for these names ..
foreach (qw [UF_ACCOUNTDISABLE UF_ACCOUNT_TYPE_MASK UF_DONT_EXPIRE_PAS
+SWD
        UF_HOMEDIR_REQUIRED UF_INTERDOMAIN_TRUST_ACCOUNT UF_LOCKOUT
        UF_MACHINE_ACCOUNT_MASK UF_NORMAL_ACCOUNT UF_PASSWD_CANT_CHANG
+E
        UF_PASSWD_NOTREQD UF_SCRIPT UF_SERVER_TRUST_ACCOUNT UF_SETTABL
+E_BITS
        UF_TEMP_DUPLICATE_ACCOUNT UF_WORKSTATION_TRUST_ACCOUNT ]){
     no strict; # Since we are calling subroutine name stored in $_
   $UF{substr($_,3)} = &$_();  # eg, $UF{PASSWD_NOTREQD) = UF_PASSWD_N
+OTREQD();
   ##print "$_ = " .   $UF{substr($_,3)} . "\n";
}

if (not $domain_controller){ # Unspecified, so find it ..
  GetDCName('', $domain, $domain_controller)
     or die "Could not get Domain controller name for $domain\n";
}

print "DC for $domain = $domain_controller\n";

Win32API::Net::UserEnum($domain_controller, \@users, FILTER_NORMAL_ACC
+OUNT())
  or die "Could not enum user accounts \n";

print "Got " . scalar @users . " user names\n";

##UserGetInfo(server, user, level, hash)
#Level 2
#  name, password, passwordAge, priv, homeDir, comment, flags, scriptP
+ath,
#  authFlags, fullName, usrComment, parms, workstations, lastLogon, la
+stLogoff,
#  acctExpires, maxStorage, unitsPerWeek, logonHours, badPwCount, numL
+ogons, logonServer,
#  countryCode, codePage
#
#  Level 20 = name, fullName, comment, flags, userId


my %info;
my $user;    #  = 'vijay';
my $level = 2;

#UserGetInfo($domain_controller, $user, $level, \%info)
#             or die "Could not get level 20 info for $user\n";

#while (my ($k,$v) = each %info){
#   print "$user  $k=$v\n";
#}

foreach $user (sort @users){
  UserGetInfo($domain_controller, $user, $level, \%info)
             or die "Could not get level $level info for $user\n";

  #List User's whose password does not expire
  if ($info{flags} & $UF{DONT_EXPIRE_PASSWD}){
    print "$user,Priv=$info{priv},$info{fullName},Flags=$info{flags}\n
+";
  }
}

[download]

"When you are faced with a dilemma, might as well make dilemmanade. "

In Section Seekers of Perl Wisdom