Question:
I am trying to write an app that can add local groups to the NT security database on an NT workstation. When I use the netlocalgroupadd() function, I get an error saying that I do not have permission.
Answer:
According to the MSDN, “Only members of the Administrators or Account Operators local group can successfully execute NetLocalGroupAdd.” But given than you actually have the correct rights, then the following code should work.
Option ExplicitPrivate Const NERR_Success As Long = 0&Private Const LocalGroupMembersInfo3 As Long = 3&Private Type LOCALGROUP_MEMBERS_INFO_3 DomainAndName As LongEnd TypePrivate Declare Function NetLocalGroupAddMembers _ Lib "netapi32" _ (ByVal psServer As Long, _ ByVal psLocalGroupName As Long, _ ByVal level As Long, _ pPtrBuffer As Long, _ ByVal membercount As Long) As Long Public Sub Main() AddUserToLocal "xxx_group", _ "myuser", _ ""End SubFunction AddUserToLocal(ByVal xi_strGroupName As String, _ ByVal xi_strUserName As String, _ ByVal xi_strServerName As String) As Boolean Dim p_lngPtrGroupName As Long Dim p_lngPtrUserName As Long Dim p_lngPtrServerName As Long Dim p_lngMemberCount As Long Dim p_lngRtn As Long ' Convert the server name to a pointer If Len(Trim$(xi_strServerName)) = 0 Then p_lngPtrServerName = 0& Else p_lngPtrServerName = StrPtr(xi_strServerName) End If ' Convert the group name to a pointer p_lngPtrGroupName = StrPtr(xi_strGroupName) ' Convert the user name to a pointer p_lngPtrUserName = StrPtr(xi_strUserName) ' Add the user p_lngMemberCount = 1 p_lngRtn = NetLocalGroupAddMembers(p_lngPtrServerName, _ p_lngPtrGroupName, _ LocalGroupMembersInfo3, _ p_lngPtrUserName, _ p_lngMemberCount) If p_lngRtn = NERR_Success Then AddUserToLocal = True Else AddUserToLocal = False End If End Function