The Win32 Network Management APIs 17






Creating a New Computer Account Program Example


The following code sample demonstrates how to create a new computer account using the NetUserAdd() function. The following are considerations for managing computer accounts:


  1. The computer account name should be all uppercase for consistency with account management utilities.
  2. A computer account name always has a trailing dollar sign ($). Any functions used to manage computer accounts must build the computer name such that the last character of the computer account name is a dollar sign ($). For interdomain trust, the account name is TrustingDomainName$.
  3. The maximum computer name length is MAX_COMPUTERNAME_LENGTH (15). This length does not include the trailing dollar sign ($).
  4. The password for a new computer account should be the lowercase representation of the computer account name, without the trailing dollar sign ($). For interdomain trust, the password can be an arbitrary value that matches the value specified on the trust side of the relationship.
  5. The maximum password length is LM20_PWLEN (14). The password should be truncated to this length if the computer account name exceeds this length.
  6. The password provided at computer-account-creation time is valid only until the computer account becomes active on the domain. A new password is established during trust relationship activation.


Create a new empty Win32 console application project. Give the project name and change the project location is needed.


Setting the User Comment (Description) Field, Level 1007 Code Snippet Example: Creating new C++ Win32 console project in Visual C++ .NET


Then, add the source file and give it a suitable name.


Setting the User Comment (Description) Field, Level 1007 Code Snippet Example: Adding new C++ source file


Then, add the following source code.


#include <windows.h>

#include <stdio.h>

#include <lm.h>

// Optionally include the needed library using #pragma

// instead of including it through Visual Studio project's setting

#pragma comment(lib, "netapi32.lib")


BOOL AddMachineAccount(LPWSTR wTargetComputer, LPWSTR MachineAccount, DWORD AccountType)


    LPWSTR wAccount;

    LPWSTR wPassword;

    USER_INFO_1 ui;

    DWORD cbAccount;

    DWORD cbLength;

    DWORD dwError;


    // Ensure a valid computer account type was passed.




        wprintf(L"Account type is not valid!\n");


        return FALSE;



            wprintf(L"Account type is valid!\n");


    // Obtain number of chars in computer account name.

    cbLength = cbAccount = lstrlenW(MachineAccount);


    // Ensure computer name doesn't exceed maximum length.



        wprintf(L"Computer name length is OK!\n");


        return FALSE;



            wprintf(L"Computer name length exceeded the max number!\n");


    // Allocate storage to contain Unicode representation of

    // computer account name + trailing $ + NULL.

    wAccount=(LPWSTR)HeapAlloc(GetProcessHeap(), 0,

        (cbAccount + 1 + 1) * sizeof(WCHAR)  // Account + '$' + NULL



    if(wAccount == NULL) return FALSE;


    // Password is the computer account name converted to lowercase;

    //  you will convert the passed MachineAccount in place.

    wPassword = MachineAccount;


    // Copy MachineAccount to the wAccount buffer allocated while

    //  converting computer account name to uppercase. Convert password (in place) to lowercase.



        wAccount[cbAccount] = towupper(MachineAccount[cbAccount] );

        wPassword[cbAccount] = towlower(wPassword[cbAccount] );



    // Computer account names have a trailing Unicode '$'.

    wAccount[cbLength] = L'$';

    wAccount[cbLength + 1] = L'\0'; // terminate the string


    // If the password is greater than the max allowed, truncate.

    if(cbLength > LM20_PWLEN) wPassword[LM20_PWLEN] = L'\0';


    // Initialize the USER_INFO_1 structure.

    ZeroMemory(&ui, sizeof(ui));


    ui.usri1_name = wAccount;

    ui.usri1_password = wPassword;

    ui.usri1_flags = AccountType | UF_SCRIPT;

    ui.usri1_priv = USER_PRIV_USER;


    // Param 1 - specifies the DNS or NetBIOS name of the remote server on which  the function is to execute

    // Param 2 - information level of the data (1- 4)

    // Param 3 - buffer

    // Param 4 - error


                wTargetComputer,    // target computer name

                1,                                 // info level

                (LPBYTE) &ui,           // buffer



    // Indicate whether the function was successful.

    if(dwError == NO_ERROR)


        wprintf(L"NetUserAdd() works perfectly!\n");

        return TRUE;




        wprintf(L"NetUserAdd() failed, return error %d\n", dwError);


        return FALSE;



    // Free allocated memory.


            HeapFree(GetProcessHeap(), 0, wAccount);



int wmain(int argc, WCHAR **argv)


    // Should run against DNS/NetBIOS remote Windows server...

    LPWSTR wTargetComputer = L"melur";

    LPWSTR MachineAccount = L"MIKEGEDIK";

    DWORD AccountType = NULL;

    BOOL retVal;


    retVal = AddMachineAccount(wTargetComputer, MachineAccount, AccountType);

    wprintf(L"AddMachineAccount() return value is %d\n", retVal);


      return 0;



Build and run the project. The following screenshot is a sample output. This program should be run against the DNS/NetBIOS named server (wTargetComputer).


Setting the User Comment (Description) Field, Level 1007 Code Snippet Example: A sample program output


The user that calls the account management functions must have Administrator privilege on the target computer. In the case of existing computer accounts, the creator of the account can manage the account, regardless of administrative membership. The SeMachineAccountPrivilege() can be granted on the target computer to give specified users the ability to create computer accounts. This gives non-administrators the ability to create computer accounts. The caller needs to enable this privilege prior to adding the computer account.





< Win32 Network Management APIs 16 | Win32 Network Management APIs | Win32 Programming | Win32 Network Management APIs 18 >