I would like to list Windows user accounts but ONLY those that are visible at login screen, one that is displayed after windows boots.
I googled and all I found boils down to this method: http://www.mydigitallife.info/how-to-create-hidden-user-account-hide-user-account-from-welcome-screen-in-windows/
However, on my computer there are no registry keys that are mentioned in the above article - I don't want to create them, I want to check something that already exists.
I use the following query:
List<string> list = new List<string>();
SelectQuery query = new SelectQuery("Win32_UserAccount");
ManagementObjectSearcher searcher = new ManagementObjectSearcher(query);
foreach (ManagementObject obj in searcher.Get())
{
if (isInteresting(obj))
{
list.Add(obj.GetPropertyValue("Name").ToString());
}
}
With properties of objects that are returned by the above query I managed to filter some accounts (full list of those properties: http://msdn.microsoft.com/en-us/library/windows/desktop/aa394507(v=vs.85).aspx#properties), but there is still some junk from the point of view of everyday user (like accounts used for updates by driver vendors).
That registry key isn't the only reason why an account might not be displayed on the logon screen. Here are a few others:
Usually SeInteractiveLogonRight is granted to the Guest user, plus members of the Administrators, Users, and Backup Operators groups. Any account (other than Guest) that isn't a member of one of these groups will probably not be shown on the logon screen. (I'm not sure what happens if SeInteractiveLogonRight has been removed from one of these groups, I wouldn't be surprised if the logon screen showed the accounts anyway.)
You can use LsaEnumerateAccountRights to check whether an account has SeDenyInteractiveLogonRight applied, or LsaEnumerateAccountsWithUserRight to get a list of affected accounts. Usually individual accounts, rather than groups, are granted this right, so it is likely that the logon screen checks accounts in this way.