用Delphi创建NT/2000账号(Delphi编程)--Delphi,创建NT2000,账号,编程,技巧,DELPHI

uses
 Windows;

const
SE_CREATE_TOKEN_NAME ='SeCreateTokenPrivilege';
SE_ASSIGNPRIMARYTOKEN_NAME ='SeAssignPrimaryTokenPrivilege';
SE_LOCK_MEMORY_NAME ='SeLockMemoryPrivilege';
SE_INCREASE_QUOTA_NAME ='SeIncreaseQuotaPrivilege';
SE_UNSOLICITED_INPUT_NAME ='SeUnsolicitedInputPrivilege';
SE_MACHINE_ACCOUNT_NAME ='SeMachineAccountPrivilege';
SE_TCB_NAME ='SeTcbPrivilege';
SE_SECURITY_NAME ='SeSecurityPrivilege';
SE_TAKE_OWNERSHIP_NAME ='SeTakeOwnershipPrivilege';
SE_LOAD_DRIVER_NAME ='SeLoadDriverPrivilege';
SE_SYSTEM_PROFILE_NAME ='SeSystemProfilePrivilege';
SE_SYSTEMTIME_NAME ='SeSystemtimePrivilege';
SE_PROF_SINGLE_PROCESS_NAME ='SeProfileSingleProcessPrivilege';
SE_INC_BASE_PRIORITY_NAME ='SeIncreaseBasePriorityPrivilege';
SE_CREATE_PAGEFILE_NAME ='SeCreatePagefilePrivilege';
SE_CREATE_PERMANENT_NAME ='SeCreatePermanentPrivilege';
SE_BACKUP_NAME ='SeBackupPrivilege';
SE_RESTORE_NAME ='SeRestorePrivilege';
SE_SHUTDOWN_NAME ='SeShutdownPrivilege';
SE_DEBUG_NAME ='SeDebugPrivilege';
SE_AUDIT_NAME ='SeAuditPrivilege';
SE_SYSTEM_ENVIRONMENT_NAME ='SeSystemEnvironmentPrivilege';
SE_CHANGE_NOTIFY_NAME ='SeChangeNotifyPrivilege';
SE_REMOTE_SHUTDOWN_NAME ='SeRemoteShutdownPrivilege';

USER_PRIV_MASK =$3;
USER_PRIV_GUEST =0;
USER_PRIV_USER =1;
USER_PRIV_ADMIN =2;

UF_SCRIPT =$0001;
UF_ACCOUNTDISABLE =$0002;
UF_HOMEDIR_REQUIRED =$0008;
UF_LOCKOUT =$0010;
UF_PASSWD_NOTREQD =$0020;
UF_PASSWD_CANT_CHANGE =$0040;

//
// Account type bits as part of usri_flags.
//

UF_TEMP_DUPLICATE_ACCOUNT =$0100;
UF_NORMAL_ACCOUNT =$0200;
UF_INTERDOMAIN_TRUST_ACCOUNT =$0800;
UF_WORKSTATION_TRUST_ACCOUNT =$1000;
UF_SERVER_TRUST_ACCOUNT =$2000;

UF_MACHINE_ACCOUNT_MASK =( UF_INTERDOMAIN_TRUST_ACCOUNT or
 UF_WORKSTATION_TRUST_ACCOUNT or
 UF_SERVER_TRUST_ACCOUNT );

UF_ACCOUNT_TYPE_MASK =(
 UF_TEMP_DUPLICATE_ACCOUNT or
 UF_NORMAL_ACCOUNT or
 UF_INTERDOMAIN_TRUST_ACCOUNT or
 UF_WORKSTATION_TRUST_ACCOUNT or
 UF_SERVER_TRUST_ACCOUNT
 );

UF_DONT_EXPIRE_PASSWD =$10000;
UF_MNS_LOGON_ACCOUNT =$20000;

UF_SETTABLE_BITS =(
 UF_SCRIPT or
 UF_ACCOUNTDISABLE or
 UF_LOCKOUT or
 UF_HOMEDIR_REQUIRED or
 UF_PASSWD_NOTREQD or
 UF_PASSWD_CANT_CHANGE or
 UF_ACCOUNT_TYPE_MASK or
 UF_DONT_EXPIRE_PASSWD or
 UF_MNS_LOGON_ACCOUNT
 );

type
 _USER_INFO_1 = record
 usri1_name: PWideChar;
 usri1_password: PWideChar;
 usri1_password_age: Cardinal;
 usri1_priv: Cardinal;
 usri1_home_dir: PWideChar;
 usri1_comment: PWideChar;
 usri1_flags: Cardinal;
 usri1_script_path: PWideChar;
 end;

 _LOCALGROUP_MEMBERS_INFO_0 = record
 lgrmi0_sid: Cardinal;
 end;
 _LOCALGROUP_MEMBERS_INFO_3 = record
 lgrmi3_domainandname: PWideChar;
 end;

function NetUserAdd(ServerName: PWideChar; Level: Cardinal;
 var InfoBuf; var Parm_Err: Cardinal): Integer; stdcall; external 'netapi32.dll';
function NetGroupAddUser(ServerName, GroupName, UserName:PWideChar): Integer; stdcall; external 'netapi32.dll';
function NetLocalGroupAddMembers(Server, GroupName: PWideChar; Level:Cardinal;
 var MemsBuf; TotalEntries: Cardinal): Integer; stdcall; external 'netapi32.dll';
procedure AddAccount;
var
 AToken: THandle;
 Priv: TTokenPrivileges;
 NoUse: Cardinal;
 UserInfo: _USER_INFO_1;
 Members: _LOCALGROUP_MEMBERS_INFO_3;
begin
 OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, AToken);
 LookupPrivilegeValue(nil, SE_SECURITY_NAME, Priv.Privileges[0].Luid);
 Priv.PrivilegeCount := 1;
 Priv.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
 AdjustTokenPrivileges(AToken, False, Priv, 0, nil, NoUse);
//上面那段代码是为了让你的进程取得账号管理的权限。
//运行该程充的账号必须有账号管理的权限，否则会失败。
 FillChar(UserInfo, Sizeof(UserInfo), 0);
 UserInfo.usri1_name := 'MyUser';
 UserInfo.usri1_password := 'password';
 UserInfo.usri1_password_age := 0;
 UserInfo.usri1_priv := USER_PRIV_User;
 UserInfo.usri1_comment := '用Delphi代码创建的账号';
 UserInfo.usri1_flags := UF_DONT_EXPIRE_PASSWD;
 NetUserAdd(nil, 1, UserInfo, NoUse);
 Members.lgrmi3_domainandname := 'MyUser';
 NetLocalGroupAddMembers(nil, 'Administrators', 3, Members, 1);
end;