12 out of 15 rated this helpful - Rate this topic

Win32_UserAccount class

The Win32_UserAccount WMI class contains information about a user account on a computer system running Windows.

Note  Because both the Name and Domain are key properties, enumerating Win32_UserAccount on a large network can negatively affect performance. Calling GetObject or querying for a specific instance has less impact.

The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties. Properties and methods are in alphabetic order, not MOF order.

Syntax

Copy 
class Win32_UserAccount : Win32_Account
{
  uint32   AccountType;
  string   Caption;
  string   Description;
  boolean  Disabled;
  string   Domain;
  string   FullName;
  datetime InstallDate;
  boolean  LocalAccount;
  boolean  Lockout;
  string   Name;
  boolean  PasswordChangeable;
  boolean  PasswordExpires;
  boolean  PasswordRequired;
  string   SID;
  uint8    SIDType;
  string   Status;
};

Members

The Win32_UserAccount class has these types of members:

Methods

The Win32_UserAccount class has these methods.

MethodDescription
Rename

Allows for the renaming of the user account.

 

Properties

The Win32_UserAccount class has these properties.

AccountType
Data type: uint32
Access type: Read-only

Flags that describe the characteristics of a Windows user account.

Value (Dec/Hex)Meaning
256 (0x100)

UF_TEMP_DUPLICATE_ACCOUNT

Local user account for users who have a primary account in another domain. This account provides user access to this domain only—not to any domain that trusts this domain.

512 (0x200)

UF_NORMAL_ACCOUNT

Default account type that represents a typical user.

2048 (0x800)

UF_INTERDOMAIN_TRUST_ACCOUNT

Account for a system domain that trusts other domains.

4096 (0x1000)

UF_WORKSTATION_TRUST_ACCOUNT

Computer account for a computer system running Windows 2000 or Windows NT that is a member of this domain.

8192 (0x2000)

UF_SERVER_TRUST_ACCOUNT

Account for a system backup domain controller that is a member of this domain.

 

Caption
Data type: string
Access type: Read-only
Qualifiers: MaxLen (64)

Domain and username of the account. This property is inherited from CIM_ManagedSystemElement.

Description
Data type: string
Access type: Read-only

Description of the account. This property is inherited from CIM_ManagedSystemElement.

Disabled
Data type: boolean
Access type: Read/write

Windows user account is disabled.

Domain
Data type: string
Access type: Read-only
Qualifiers: Key

Name of the Windows domain to which a user account belongs, for example: "NA-SALES".

FullName
Data type: string
Access type: Read/write

Full name of a local user, for example: "Dan Wilson".

InstallDate
Data type: datetime
Access type: Read-only

Date the object is installed. This property does not need a value to indicate that the object is installed. This property is inherited from CIM_ManagedSystemElement.

LocalAccount
Data type: boolean
Access type: Read-only

If true, the account is defined on the local computer. This property is inherited from Win32_Account.

Lockout
Data type: boolean
Access type: Read/write

If true, the user account is locked out of the Windows operating system.

Name
Data type: string
Access type: Read-only
Qualifiers: Key

Name of the Windows user account on the domain that the Domain property of this class specifies.

Example: "danwilson".

This property is inherited from CIM_ManagedSystemElement.

PasswordChangeable
Data type: boolean
Access type: Read/write

If true, the password on this user account can be changed.

PasswordExpires
Data type: boolean
Access type: Read/write

If true, the password on this user account expires.

PasswordRequired
Data type: boolean
Access type: Read/write

If true, a password is required on a Windows user account. If false, this account does not require a password.

SID
Data type: string
Access type: Read-only

Security identifier (SID) for this account. A SID is a string value of variable length that is used to identify a trustee. Each account has a unique SID that an authority, such as a Windows domain, issues. The SID is stored in the security database. When a user logs on, the system retrieves the user SID from the database, places the SID in the user access token, and then uses the SID in the user access token to identify the user in all subsequent interactions with Windows security. Each SID is a unique identifier for a user or group, and a different user or group cannot have the same SID. This property is inherited from Win32_Account.

SIDType
Data type: uint8
Access type: Read-only

Enumerated value that specifies the type of SID. This property is inherited from Win32_Account.

ValueMeaning
1

SidTypeUser

2

SidTypeGroup

3

SidTypeDomain

4

SidTypeAlias

5

SidTypeWellKnownGroup

6

SidTypeDeletedAccount

7

SidTypeInvalid

8

SidTypeUnknown

9

SidTypeComputer

 

Status
Data type: string
Access type: Read-only
Qualifiers: MaxLen (10)

Current status of an object. Various operational and nonoperational statuses can be defined. Operational statuses include: "OK", "Degraded", and "Pred Fail", which is an element such as a SMART-enabled hard disk drive that may be functioning properly, but predicts a failure in the near future. Nonoperational statuses include: "Error", "Starting", "Stopping", and "Service", which can apply during mirror resilvering of a disk, reloading a user permissions list, or other administrative work. This property is inherited from CIM_ManagedSystemElement.

The values are:

"OK"
"Error"
"Degraded"
"Unknown"
"Pred Fail"
"Starting"
"Stopping"
"Service"
"Stressed"
"NonRecover"
"No Contact"
"Lost Comm"

Remarks

The Win32_UserAccount class is derived from Win32_Account.

Note  An error is not returned for an attempt to write to a read-only property, and the value of the property remains unchanged.

Examples

The following VBScript code example shows you how to get the full name of a user on a local computer. The full name is the human language name, for example, a person may have the user name of "kensanchez" and the full name may be "Ken Sanchez", so you substitute the real domain name and user name for "MyDomainName" and "MyUserName". For an efficient query, you must specify both the domain and user name properties.

If you are an administrator on a remote computer, you can assign the name of the remote computer for strComputer (instead of "."), and then use the following type of script to get the full name of a user account on a local computer—from a remote computer.

VB
Copy 
On Error Resume Next
strComputer = "."

Set objUserAccount = GetObject("winmgmts" _
    & "{impersonationLevel=impersonate}!\\" _
    & strComputer & _
    "\root\cimv2:Win32_UserAccount." _
    & "Domain='MyDomainName',Name='MyUserName' ")

If Err = 0 Then
    WScript.Echo objUserAccount.FullName
Else
    WScript.Echo "No object found" & Err.Number
End If

Requirements

Minimum supported client

Windows 2000 Professional [desktop apps only]

Minimum supported server

Windows 2000 Server [desktop apps only]

Namespace

\root\CIMV2

MOF
Cimwin32.mof

DLL
Cimwin32.dll

See also

Operating System Classes

 

 

Send comments about this topic to Microsoft

Build date: 11/19/2012

Community Additions

ADD
© 2013 Microsoft. All rights reserved.