I am trying to validate whether given username/domain name entered by the user is a valid user on the machine, i.e. If a local user account exists for that user on the given machine. (I do not require all Active Directory users. I just want the users who have at least logged into the machine once.)
LogonUser API helps me in validating username/domain name and password combination, but it does not tell me if username/domain name is valid if I do not have access to the password.
BOOL IsValidUser(LPCWSTR username)
{
LPUSER_INFO_0 info = NULL;
NET_API_STATUS result = NetUserGetInfo(NULL, username, 0, reinterpret_cast<LPBYTE>(&info));
NetApiBufferFree(info);
return result == NERR_Success;
}
Though, note that if this function returns false, it does not mean that the username is invalid. There could be other reasons NetUserGetInfo does not succeed.
(Terribly ugly API.)