How do I turn Password Protected Sharing on or off programmatically?

后端 未结 6 679
梦毁少年i
梦毁少年i 2020-12-29 16:24

Windows Vista and 7 has this switch in Network and Sharing Center. It\'s on by default, and that prevents unauthenticated access to shares even if they\'re shared with Every

相关标签:
6条回答
  • 2020-12-29 16:41

    Probably too late :) , but hopefully useful for others.

    The following steps worked just fine for me (it worked on W8 consumer preview too).

    to turn it off:

    1 - Enable guest account by running

    net user guest /active:yes

    2 - Obtain guest user SID by running, for example,

    wmic useraccount where name='guest' get sid

    3 - Obtain write access to registry folder HKLM\SECURITY

    4 - Modify the following key, where $SID is the sid obtained in point 2, to:

    [HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\$SID\ActSysAc]
    @=hex(0):41,00,00,00

    5 - restart the machine (until now, I didn't find a better way to make the change effective)

    to turn it on again:

    [HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\$SID\ActSysAc]
    @=hex(0):c1,00,00,00

    then restart

    0 讨论(0)
  • 2020-12-29 16:47

    Export the complete register as 1.reg, turn sharing on (or off, if it was on), export to 2.reg and check for the differences?

    To be able to use the diff utility, export the files in Win9X/NT4 registration files (*.reg) -format

    0 讨论(0)
  • 2020-12-29 16:49

    Take a look at this file (disable_password_protected_sharing.bat)

    @echo off
    echo 12- get sid gust variable
    for /f "delims= " %%a in ('"wmic useraccount where name='guest' get sid"') do (
           if not "%%a"=="SID" (          
              set sid_guest=%%a
              goto :loop_end
           )   
        )
    
    :loop_end
    
    echo 13- create script for regini
    @echo \Registry\Machine\SECURITY [1 5 7 11 17 21]> x
    @echo \Registry\Machine\SECURITY\policy [1 5 7 11 17 21]>> x
    @echo \Registry\Machine\SECURITY\policy\accounts [1 5 7 11 17 21]>> x
    @echo \Registry\Machine\SECURITY\policy\accounts\%sid_guest% [1 5 7 11 17 21]>> x
    @echo \Registry\Machine\SECURITY\policy\accounts\%sid_guest%\ActSysAc [1 5 7 11 17 21]>> x
    
    echo 14- add permission for machine/security
    net user guest /active:yes
    regini x
    del x
    @echo Windows Registry Editor Version 5.00 > y.reg
    @echo [HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\%sid_guest%\ActSysAc] >> y.reg
    @echo @=hex(0):41,00,00,00 >> y.reg
    reg import y.reg
    del y.reg
    
    echo Windows will now reboot.
    Pause
    
    shutdown -r
    

    it works fine in windows7

    0 讨论(0)
  • 2020-12-29 16:52

    Here is a powershell script that implements paolos answer. It is unpolished as it permits everybody write access to the specific registry key (The [7] part specifies this with regini syntax) and uses a file in C:\ root but works flawless:

    # Get guest user id
    $SID = & "wmic" "useraccount" "where" "name='guest'" "get" "sid" "/Value" | Out-String
    $SID = $SID.Trim().Substring(4)
    
    # Generate regini script
    $PATH = "\Registry\Machine\Security\Policy\Accounts\" + $SID + "\ActSysAc"
    $PATH + " [7]`r`n" + $PATH + "`r`n@ = REG_NONE 4 0x41 0x00 0x00 0x00" >> "C:\firstrun.regini"
    
    # Execute regini script
    & "regini" "C:\firstrun.regini"
    
    0 讨论(0)
  • 2020-12-29 16:52

    It is in the registry just not necessarily in the place you are expecting (it is in the SAM). From what I can tell all that setting does is enable or disable the guest account, so, well, just enable or disable the account.

    You didn't say what you programming language you are using, so here is some simple C code to enable an account, if you need anything else I am sure there is plenty around via google.

    #include <LM.h>
    #pragma comment(lib, "Netapi32.lib")
    
    BOOL EnableUser(LPCWSTR lpUserName, BOOL bEnable)
    {
        BOOL bRet = FALSE;
        DWORD dwLevel = 1008;
        LPUSER_INFO_1 ui1;
        USER_INFO_1008 ui1008;
        NET_API_STATUS nStatus;
    
        nStatus = NetUserGetInfo(NULL, lpUserName, 1, (LPBYTE*)&ui1);
        if(nStatus == NERR_Success)
        {
            ui1008.usri1008_flags = ui1->usri1_flags;
            if(bEnable)
            {
                ui1008.usri1008_flags &= ~UF_ACCOUNTDISABLE;
            }
            else
            {
                ui1008.usri1008_flags |= UF_ACCOUNTDISABLE;
            }
    
            nStatus = NetUserSetInfo(NULL, lpUserName,  dwLevel, (LPBYTE)&ui1008, NULL);
            NetApiBufferFree(ui1);
            if(nStatus == NERR_Success)
            {
                bRet = TRUE;
            }   
        }
    
        return bRet;
    }
    
    0 讨论(0)
  • 2020-12-29 17:07

    I tested Paolo's answer on windows 7 Home without success. Comparing the .reg extraction of the registry before and after turning off the password protected sharing, I noticed modifications in 3 values:

    [HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\S-1-5-21-3207962671-1026919178-1165869658-501\ActSysAc] REG_NONE value's first byte changed from c1 to 41 (this SID is the guest account's SID)

    [HKEY_LOCAL_MACHINE\SECURITY\SAM\Domains\Account] REG_BINARY "F" value's 17th byte changed from 3b to 3c

    [HKEY_LOCAL_MACHINE\SECURITY\SAM\Domains\Account\Users\000001F5] REG_BINARY "F" value's 57th byte changed from 15 to 14 (0x1F5 is the type of the guest's Names value)

    I tried changing only the first value as indicated by Paolo. This did not change the password protected sharing even after reboot. But I had success when changing the 57th byte between 14 and 15 only for the third value:

    [HKEY_LOCAL_MACHINE\SECURITY\SAM\Domains\Account\Users\000001F5] REG_BINARY "F".
    

    I tested with success on another windows 7 computer.

    0 讨论(0)
提交回复
热议问题