![]() The Allow/Deny log in policies found in User Rights Assignments within Local Security Policy can be accessed by using the LsaOpenPolicy method and keeping track of the handle that it returns so you can use it for subsequent operations. Luckily PowerShell allows compiling C# code directly by using Add-Type with the -TypeDefinition parameter.įirst I'll list the individual pieces so those that know programming can write their own way of working it out but it'll still require some effort. ![]() Normally you can only reach it with actual programming languages like C# and C++ by doing what is known as Platform Invoke ( has plenty of examples). The functionality exists in Windows's Win32 API. I'll preface this by saying as others already pointed out that you may be better off looking at your problem in a different way, but if you REALLY have a technical reason to check for deny batch logins specifically then short answer is: Yes you can check it with PowerShell, but it's not a simple task.
0 Comments
Leave a Reply. |